fix(测试跟踪): 用例部分页面权限问题

--bug=1027231 --user=陈建星 【测试跟踪】开启权限评审用例、关联和取消关联用例权限,进入计划任意用例详情中无法进行审批 https://www.tapd.cn/55049933/s/1383921
--bug=1027224 --user=陈建星 【测试跟踪】公共用例库只有查看权限进入详情页后点击复制,页面自动跳转接口403 https://www.tapd.cn/55049933/s/1383811
--bug=1027216 --user=陈建星 【测试跟踪】只开启批量编辑页面403重定向 https://www.tapd.cn/55049933/s/1383807
This commit is contained in:
jianxing 2023-06-20 14:51:44 +08:00 committed by jianxing
parent 2789da2641
commit 8cea318c52
6 changed files with 14 additions and 8 deletions

View File

@ -93,9 +93,12 @@ public class PermissionConstants {
public static final String PROJECT_TRACK_CASE_READ_CREATE = "PROJECT_TRACK_CASE:READ+CREATE";
public static final String PROJECT_TRACK_CASE_READ_EDIT = "PROJECT_TRACK_CASE:READ+EDIT";
public static final String PROJECT_TRACK_CASE_READ_DELETE = "PROJECT_TRACK_CASE:READ+DELETE";
public static final String PROJECT_TRACK_CASE_READ_RECOVER = "PROJECT_TRACK_CASE:READ+RECOVER";
public static final String PROJECT_TRACK_CASE_READ_BATCH_REDUCTION = "PROJECT_TRACK_CASE:READ+BATCH_REDUCTION";
public static final String PROJECT_TRACK_CASE_READ_COPY = "PROJECT_TRACK_CASE:READ+COPY";
public static final String PROJECT_TRACK_CASE_READ_IMPORT = "PROJECT_TRACK_CASE:READ+IMPORT";
public static final String PROJECT_TRACK_CASE_READ_EXPORT = "PROJECT_TRACK_CASE:READ+EXPORT";
public static final String PROJECT_TRACK_CASE_READ_BATCH_EDIT = "PROJECT_TRACK_CASE:READ+BATCH_EDIT";
public static final String PROJECT_TRACK_CASE_READ_BATCH_ADD_PUBLIC = "PROJECT_TRACK_CASE:READ+BATCH_ADD_PUBLIC";
public static final String PROJECT_TRACK_REVIEW_READ = "PROJECT_TRACK_REVIEW:READ";
@ -103,6 +106,7 @@ public class PermissionConstants {
public static final String PROJECT_TRACK_REVIEW_READ_EDIT = "PROJECT_TRACK_REVIEW:READ+EDIT";
public static final String PROJECT_TRACK_REVIEW_READ_DELETE = "PROJECT_TRACK_REVIEW:READ+DELETE";
public static final String PROJECT_TRACK_REVIEW_READ_COMMENT = "PROJECT_TRACK_REVIEW:READ+COMMENT";
public static final String PROJECT_TRACK_REVIEW_READ_REVIEW = "PROJECT_TRACK_REVIEW:READ+REVIEW";
public static final String PROJECT_TRACK_REVIEW_READ_RELEVANCE_OR_CANCEL = "PROJECT_TRACK_REVIEW:READ+RELEVANCE_OR_CANCEL";
public static final String PROJECT_TRACK_PLAN_READ = "PROJECT_TRACK_PLAN:READ";

View File

@ -31,7 +31,6 @@ public class CustomFieldTemplateController {
}
@GetMapping("/{id}")
@RequiresPermissions(PermissionConstants.PROJECT_TEMPLATE_READ_CUSTOM)
public CustomField get(@PathVariable String id) {
return customFieldTemplateService.getCustomField(id);
}

View File

@ -34,6 +34,7 @@ import io.metersphere.track.request.testplan.FileOperationRequest;
import io.metersphere.track.request.testplan.LoadCaseRequest;
import io.metersphere.track.service.TestCaseService;
import org.apache.commons.lang3.StringUtils;
import org.apache.shiro.authz.annotation.Logical;
import org.apache.shiro.authz.annotation.RequiresPermissions;
import org.springframework.http.HttpHeaders;
import org.springframework.http.MediaType;
@ -334,7 +335,8 @@ public class TestCaseController {
}
@PostMapping("/batch/edit")
@RequiresPermissions(PermissionConstants.PROJECT_TRACK_CASE_READ_EDIT)
@RequiresPermissions(value = {PermissionConstants.PROJECT_TRACK_CASE_READ_EDIT, PermissionConstants.PROJECT_TRACK_CASE_READ_BATCH_EDIT,
PermissionConstants.PROJECT_TRACK_CASE_READ_BATCH_ADD_PUBLIC}, logical = Logical.OR)
@MsAuditLog(module = OperLogModule.TRACK_TEST_CASE, type = OperLogConstants.BATCH_UPDATE, beforeEvent = "#msClass.getLogDetails(#request.ids)", content = "#msClass.getLogDetails(#request.ids)", msClass = TestCaseService.class)
@SendNotice(taskType = NoticeConstants.TaskType.TRACK_TEST_CASE_TASK, target = "#targetClass.findByBatchRequest(#request)", targetClass = TestCaseService.class,
event = NoticeConstants.Event.UPDATE, subject = "测试用例通知")
@ -350,7 +352,7 @@ public class TestCaseController {
}
@PostMapping("/batch/copy/public")
@RequiresPermissions(PermissionConstants.PROJECT_TRACK_CASE_READ_EDIT)
@RequiresPermissions(value = {PermissionConstants.PROJECT_TRACK_CASE_READ_COPY, PermissionConstants.PROJECT_TRACK_CASE_READ_CREATE}, logical = Logical.OR)
@MsAuditLog(module = OperLogModule.TRACK_TEST_CASE, type = OperLogConstants.BATCH_ADD, beforeEvent = "#msClass.getLogDetails(#request.ids)", content = "#msClass.getLogDetails(#request.ids)", msClass = TestCaseService.class)
@SendNotice(taskType = NoticeConstants.TaskType.TRACK_TEST_CASE_TASK, target = "#targetClass.findByBatchRequest(#request)", targetClass = TestCaseService.class,
event = NoticeConstants.Event.CREATE, subject = "测试用例通知")
@ -385,7 +387,7 @@ public class TestCaseController {
}
@PostMapping("/reduction")
@RequiresPermissions(PermissionConstants.PROJECT_TRACK_CASE_READ_DELETE)
@RequiresPermissions(value = {PermissionConstants.PROJECT_TRACK_CASE_READ_RECOVER, PermissionConstants.PROJECT_TRACK_CASE_READ_BATCH_REDUCTION}, logical = Logical.OR)
@MsAuditLog(module = OperLogModule.TRACK_TEST_CASE, type = OperLogConstants.RESTORE, beforeEvent = "#msClass.getLogDetails(#request.ids)", msClass = TestCaseService.class)
public void reduction(@RequestBody TestCaseBatchRequest request) {
testCaseService.reduction(request);

View File

@ -50,14 +50,14 @@ public class TestReviewTestCaseController {
}
@PostMapping("/batch/edit/status")
@RequiresPermissions(PermissionConstants.PROJECT_TRACK_REVIEW_READ_EDIT)
@RequiresPermissions(PermissionConstants.PROJECT_TRACK_REVIEW_READ_REVIEW)
@MsAuditLog(module = OperLogModule.TRACK_TEST_CASE_REVIEW, type = OperLogConstants.BATCH_UPDATE, beforeEvent = "#msClass.batchLogDetails(#request)", content = "#msClass.getLogDetails(#request)", msClass = TestReviewTestCaseService.class)
public void editTestCaseBatch(@RequestBody TestReviewCaseBatchRequest request) {
testReviewTestCaseService.editTestCaseBatchStatus(request);
}
@PostMapping("/minder/edit/{reviewId}")
@RequiresPermissions(PermissionConstants.PROJECT_TRACK_REVIEW_READ_EDIT)
@RequiresPermissions(PermissionConstants.PROJECT_TRACK_REVIEW_READ_REVIEW)
@MsAuditLog(module = OperLogModule.TRACK_TEST_CASE_REVIEW, type = OperLogConstants.ASSOCIATE_CASE, content = "#msClass.getLogDetails(#testCases)", msClass = TestReviewTestCaseService.class)
public void editTestCaseForMinder(@PathVariable("reviewId") String reviewId, @RequestBody List<TestCaseReviewTestCase> testCases) {
testReviewTestCaseService.editTestCaseForMinder(reviewId, testCases);
@ -77,7 +77,7 @@ public class TestReviewTestCaseController {
}
@PostMapping("/edit")
@RequiresPermissions(PermissionConstants.PROJECT_TRACK_REVIEW_READ_EDIT)
@RequiresPermissions(PermissionConstants.PROJECT_TRACK_REVIEW_READ_REVIEW)
@MsAuditLog(module = OperLogModule.TRACK_TEST_CASE_REVIEW, type = OperLogConstants.REVIEW, content = "#msClass.getLogDetails(#testCaseReviewTestCase)", msClass = TestReviewTestCaseService.class)
public void editTestCase(@RequestBody TestCaseReviewTestCase testCaseReviewTestCase) {
testReviewTestCaseService.editTestCase(testCaseReviewTestCase);

View File

@ -27,6 +27,7 @@
:is-read="true"
@compare="compare" @checkout="checkout" @create="create" @del="del"/>
<ms-table-button v-if="this.path!=='/test/case/add'"
v-permission="['PROJECT_TRACK_CASE:READ+COPY']"
id="inputDelay"
type="primary"
:content="$t('commons.copy')"

View File

@ -270,7 +270,7 @@ export default {
{
tip: this.$t('commons.edit'), icon: "el-icon-edit",
exec: this.handleEdit,
permissions: ['PROJECT_TRACK_CASE:READ+EDIT']
permissions: ['PROJECT_TRACK_REVIEW:READ+REVIEW']
},
{
tip: this.$t('test_track.plan_view.cancel_relevance'), icon: "el-icon-unlock", type: "danger",