diff --git a/backend/src/main/java/io/metersphere/track/controller/TestCaseCommentController.java b/backend/src/main/java/io/metersphere/track/controller/TestCaseCommentController.java index 3930055899..59cf6afa0e 100644 --- a/backend/src/main/java/io/metersphere/track/controller/TestCaseCommentController.java +++ b/backend/src/main/java/io/metersphere/track/controller/TestCaseCommentController.java @@ -5,6 +5,7 @@ import io.metersphere.log.annotation.MsAuditLog; import io.metersphere.track.dto.TestCaseCommentDTO; import io.metersphere.track.request.testreview.SaveCommentRequest; import io.metersphere.track.service.TestCaseCommentService; +import org.apache.shiro.authz.annotation.RequiresPermissions; import org.springframework.web.bind.annotation.*; import javax.annotation.Resource; @@ -19,6 +20,7 @@ public class TestCaseCommentController { private TestCaseCommentService testCaseCommentService; @PostMapping("/save") + @RequiresPermissions("PROJECT_TRACK_REVIEW:READ+COMMENT") @MsAuditLog(module = "track_test_case_review", type = OperLogConstants.CREATE, content = "#msClass.getLogDetails(#request.id)", msClass = TestCaseCommentService.class) public void saveComment(@RequestBody SaveCommentRequest request) { request.setId(UUID.randomUUID().toString()); @@ -31,12 +33,14 @@ public class TestCaseCommentController { } @GetMapping("/delete/{commentId}") + @RequiresPermissions("PROJECT_TRACK_REVIEW:READ+COMMENT") @MsAuditLog(module = "track_test_case_review", type = OperLogConstants.DELETE, beforeEvent = "#msClass.getLogDetails(#commentId)", msClass = TestCaseCommentService.class) public void deleteComment(@PathVariable String commentId) { testCaseCommentService.delete(commentId); } @PostMapping("/edit") + @RequiresPermissions("PROJECT_TRACK_REVIEW:READ+COMMENT") @MsAuditLog(module = "track_test_case_review", type = OperLogConstants.UPDATE, beforeEvent = "#msClass.getLogDetails(#request.id)", content = "#msClass.getLogDetails(#request.id)", msClass = TestCaseCommentService.class) public void editComment(@RequestBody SaveCommentRequest request) { testCaseCommentService.edit(request); diff --git a/backend/src/main/java/io/metersphere/track/controller/TestCaseController.java b/backend/src/main/java/io/metersphere/track/controller/TestCaseController.java index 8c91f1e286..61e42a2acf 100644 --- a/backend/src/main/java/io/metersphere/track/controller/TestCaseController.java +++ b/backend/src/main/java/io/metersphere/track/controller/TestCaseController.java @@ -7,7 +7,6 @@ import io.metersphere.base.domain.Project; import io.metersphere.base.domain.TestCase; import io.metersphere.base.domain.TestCaseWithBLOBs; import io.metersphere.commons.constants.OperLogConstants; -import io.metersphere.commons.constants.RoleConstants; import io.metersphere.commons.utils.PageUtils; import io.metersphere.commons.utils.Pager; import io.metersphere.commons.utils.SessionUtils; @@ -22,8 +21,7 @@ import io.metersphere.track.request.testcase.TestCaseBatchRequest; import io.metersphere.track.request.testcase.TestCaseMinderEditRequest; import io.metersphere.track.request.testplan.FileOperationRequest; import io.metersphere.track.service.TestCaseService; -import org.apache.shiro.authz.annotation.Logical; -import org.apache.shiro.authz.annotation.RequiresRoles; +import org.apache.shiro.authz.annotation.RequiresPermissions; import org.springframework.http.HttpHeaders; import org.springframework.http.MediaType; import org.springframework.http.ResponseEntity; @@ -38,7 +36,6 @@ import java.util.UUID; @RequestMapping("/test/case") @RestController - public class TestCaseController { @Resource @@ -49,12 +46,14 @@ public class TestCaseController { private FileService fileService; @PostMapping("/list/{goPage}/{pageSize}") + @RequiresPermissions("PROJECT_TRACK_CASE:READ") public Pager> list(@PathVariable int goPage, @PathVariable int pageSize, @RequestBody QueryTestCaseRequest request) { Page page = PageHelper.startPage(goPage, pageSize, true); return PageUtils.setPageInfo(page, testCaseService.listTestCase(request)); } @GetMapping("/list/{projectId}") + @RequiresPermissions("PROJECT_TRACK_CASE:READ") public List list(@PathVariable String projectId) { checkPermissionService.checkProjectOwner(projectId); QueryTestCaseRequest request = new QueryTestCaseRequest(); @@ -127,7 +126,7 @@ public class TestCaseController { } @PostMapping(value = "/add", consumes = {"multipart/form-data"}) - + @RequiresPermissions("PROJECT_TRACK_CASE:READ+CREATE") @MsAuditLog(module = "track_test_case", type = OperLogConstants.CREATE, title = "#request.name", content = "#msClass.getLogDetails(#request.id)", msClass = TestCaseService.class) public String addTestCase(@RequestPart("request") EditTestCaseRequest request, @RequestPart(value = "file") List files) { request.setId(UUID.randomUUID().toString()); @@ -165,7 +164,7 @@ public class TestCaseController { } @PostMapping("/importIgnoreError/{projectId}/{userId}") - + @RequiresPermissions("PROJECT_TRACK_CASE:READ+IMPORT") @MsAuditLog(module = "track_test_case", type = OperLogConstants.IMPORT, project = "#projectId") public ExcelResponse testCaseImportIgnoreError(MultipartFile file, @PathVariable String projectId, @PathVariable String userId, HttpServletRequest request) { checkPermissionService.checkProjectOwner(projectId); @@ -173,33 +172,33 @@ public class TestCaseController { } @GetMapping("/export/template") - + @RequiresPermissions("PROJECT_TRACK_CASE:READ+EXPORT") public void testCaseTemplateExport(HttpServletResponse response) { testCaseService.testCaseTemplateExport(response); } @GetMapping("/export/xmindTemplate") - + @RequiresPermissions("PROJECT_TRACK_CASE:READ+EXPORT") public void xmindTemplate(HttpServletResponse response) { testCaseService.testCaseXmindTemplateExport(response); } @PostMapping("/export/testcase") - + @RequiresPermissions("PROJECT_TRACK_CASE:READ+EXPORT") @MsAuditLog(module = "track_test_case", type = OperLogConstants.EXPORT, sourceId = "#request.id", title = "#request.name", project = "#request.projectId") public void testCaseExport(HttpServletResponse response, @RequestBody TestCaseBatchRequest request) { testCaseService.testCaseExport(response, request); } @PostMapping("/batch/edit") - + @RequiresPermissions("PROJECT_TRACK_CASE:READ+EDIT") @MsAuditLog(module = "track_test_case", type = OperLogConstants.BATCH_UPDATE, beforeEvent = "#msClass.getLogDetails(#request.ids)", content = "#msClass.getLogDetails(#request.ids)", msClass = TestCaseService.class) public void editTestCaseBath(@RequestBody TestCaseBatchRequest request) { testCaseService.editTestCaseBath(request); } @PostMapping("/batch/delete") - + @RequiresPermissions("PROJECT_TRACK_CASE:READ+DELETE") @MsAuditLog(module = "track_test_case", type = OperLogConstants.BATCH_DEL, beforeEvent = "#msClass.getLogDetails(#request.ids)", msClass = TestCaseService.class) public void deleteTestCaseBath(@RequestBody TestCaseBatchRequest request) { testCaseService.deleteTestCaseBath(request); @@ -236,7 +235,7 @@ public class TestCaseController { } @PostMapping("/minder/edit") - + @RequiresPermissions("PROJECT_TRACK_CASE:READ+EDIT") @MsAuditLog(module = "track_test_case", type = OperLogConstants.BATCH_UPDATE, project = "#request.projectId", beforeEvent = "#msClass.getLogDetails(#request.ids)", content = "#msClass.getLogDetails(#request.ids)", msClass = TestCaseService.class) public void minderEdit(@RequestBody TestCaseMinderEditRequest request) { testCaseService.minderEdit(request); diff --git a/backend/src/main/java/io/metersphere/track/controller/TestCaseReportController.java b/backend/src/main/java/io/metersphere/track/controller/TestCaseReportController.java index 90a37307f2..01db638da6 100644 --- a/backend/src/main/java/io/metersphere/track/controller/TestCaseReportController.java +++ b/backend/src/main/java/io/metersphere/track/controller/TestCaseReportController.java @@ -2,12 +2,9 @@ package io.metersphere.track.controller; import io.metersphere.base.domain.TestCaseReport; import io.metersphere.commons.constants.OperLogConstants; -import io.metersphere.commons.constants.RoleConstants; import io.metersphere.log.annotation.MsAuditLog; import io.metersphere.track.request.testCaseReport.CreateReportRequest; import io.metersphere.track.service.TestCaseReportService; -import org.apache.shiro.authz.annotation.Logical; -import org.apache.shiro.authz.annotation.RequiresRoles; import org.springframework.web.bind.annotation.*; import javax.annotation.Resource; @@ -32,7 +29,6 @@ public class TestCaseReportController { } @PostMapping("/add") - @MsAuditLog(module = "track_test_plan", type = OperLogConstants.CREATE, content = "#msClass.getLogDetails(#request.id)", msClass = TestCaseReportService.class) public String addByTemplateId(@RequestBody CreateReportRequest request) { request.setId(UUID.randomUUID().toString()); @@ -40,14 +36,12 @@ public class TestCaseReportController { } @PostMapping("/edit") - @MsAuditLog(module = "track_test_case_review", type = OperLogConstants.UPDATE, beforeEvent = "#msClass.getLogDetails(#TestCaseReport.id)", content = "#msClass.getLogDetails(#TestCaseReport.id)", msClass = TestCaseReportService.class) public void edit(@RequestBody TestCaseReport TestCaseReport) { testCaseReportService.editTestCaseReport(TestCaseReport); } @PostMapping("/delete/{id}") - @MsAuditLog(module = "track_test_plan", type = OperLogConstants.DELETE, beforeEvent = "#msClass.getLogDetails(#id)", msClass = TestCaseReportService.class) public int delete(@PathVariable String id) { return testCaseReportService.deleteTestCaseReport(id); diff --git a/backend/src/main/java/io/metersphere/track/controller/TestCaseReviewApiCaseController.java b/backend/src/main/java/io/metersphere/track/controller/TestCaseReviewApiCaseController.java index 46616817ec..420ad6b0dd 100644 --- a/backend/src/main/java/io/metersphere/track/controller/TestCaseReviewApiCaseController.java +++ b/backend/src/main/java/io/metersphere/track/controller/TestCaseReviewApiCaseController.java @@ -5,15 +5,13 @@ import com.github.pagehelper.PageHelper; import io.metersphere.api.dto.definition.ApiTestCaseDTO; import io.metersphere.api.dto.definition.ApiTestCaseRequest; import io.metersphere.api.dto.definition.TestPlanApiCaseDTO; -import io.metersphere.commons.constants.RoleConstants; import io.metersphere.commons.utils.PageUtils; import io.metersphere.commons.utils.Pager; import io.metersphere.commons.utils.SessionUtils; import io.metersphere.track.request.testcase.TestPlanApiCaseBatchRequest; import io.metersphere.track.request.testreview.TestReviewApiCaseBatchRequest; import io.metersphere.track.service.TestCaseReviewApiCaseService; -import org.apache.shiro.authz.annotation.Logical; -import org.apache.shiro.authz.annotation.RequiresRoles; +import org.apache.shiro.authz.annotation.RequiresPermissions; import org.springframework.web.bind.annotation.*; import javax.annotation.Resource; @@ -24,12 +22,15 @@ import java.util.List; public class TestCaseReviewApiCaseController { @Resource private TestCaseReviewApiCaseService testCaseReviewApiCaseService; + @PostMapping("/list/{goPage}/{pageSize}") public Pager> list(@PathVariable int goPage, @PathVariable int pageSize, @RequestBody ApiTestCaseRequest request) { Page page = PageHelper.startPage(goPage, pageSize, true); return PageUtils.setPageInfo(page, testCaseReviewApiCaseService.list(request)); } + @PostMapping("/relevance/list/{goPage}/{pageSize}") + @RequiresPermissions("PROJECT_TRACK_REVIEW:READ+RELEVANCE_OR_CANCEL") public Pager> relevanceList(@PathVariable int goPage, @PathVariable int pageSize, @RequestBody ApiTestCaseRequest request) { Page page = PageHelper.startPage(goPage, pageSize, true); request.setWorkspaceId(SessionUtils.getCurrentWorkspaceId()); @@ -37,19 +38,19 @@ public class TestCaseReviewApiCaseController { } @GetMapping("/delete/{id}") - + @RequiresPermissions("PROJECT_TRACK_REVIEW:READ+RELEVANCE_OR_CANCEL") public int deleteTestCase(@PathVariable String id) { return testCaseReviewApiCaseService.delete(id); } @PostMapping("/batch/delete") - + @RequiresPermissions("PROJECT_TRACK_REVIEW:READ+RELEVANCE_OR_CANCEL") public void deleteApiCaseBath(@RequestBody TestReviewApiCaseBatchRequest request) { testCaseReviewApiCaseService.deleteApiCaseBath(request); } @PostMapping("/batch/update/env") - + @RequiresPermissions("PROJECT_TRACK_REVIEW:READ+RELEVANCE_OR_CANCEL") public void batchUpdateEnv(@RequestBody TestPlanApiCaseBatchRequest request) { testCaseReviewApiCaseService.batchUpdateEnv(request); } diff --git a/backend/src/main/java/io/metersphere/track/controller/TestCaseReviewController.java b/backend/src/main/java/io/metersphere/track/controller/TestCaseReviewController.java index 5f5035ce99..99c4cb85be 100644 --- a/backend/src/main/java/io/metersphere/track/controller/TestCaseReviewController.java +++ b/backend/src/main/java/io/metersphere/track/controller/TestCaseReviewController.java @@ -21,6 +21,7 @@ import io.metersphere.track.request.testreview.TestReviewRelevanceRequest; import io.metersphere.track.service.TestCaseReviewService; import io.metersphere.track.service.TestReviewProjectService; import org.apache.shiro.authz.annotation.Logical; +import org.apache.shiro.authz.annotation.RequiresPermissions; import org.apache.shiro.authz.annotation.RequiresRoles; import org.springframework.web.bind.annotation.*; @@ -47,7 +48,7 @@ public class TestCaseReviewController { } @PostMapping("/save") - + @RequiresPermissions("PROJECT_TRACK_REVIEW:READ+CREATE") @MsAuditLog(module = "track_test_case_review", type = OperLogConstants.CREATE, title = "#reviewRequest.name", content = "#msClass.getLogDetails(#reviewRequest.id)", msClass = TestCaseReviewService.class) public String saveCaseReview(@RequestBody SaveTestCaseReviewRequest reviewRequest) { reviewRequest.setId(UUID.randomUUID().toString()); @@ -72,14 +73,14 @@ public class TestCaseReviewController { } @PostMapping("/edit") - + @RequiresPermissions("PROJECT_TRACK_REVIEW:READ+EDIT") @MsAuditLog(module = "track_test_case_review", type = OperLogConstants.UPDATE, beforeEvent = "#msClass.getLogDetails(#testCaseReview.id)", title = "#testCaseReview.name", content = "#msClass.getLogDetails(#testCaseReview.id)", msClass = TestCaseReviewService.class) public String editCaseReview(@RequestBody SaveTestCaseReviewRequest testCaseReview) { return testCaseReviewService.editCaseReview(testCaseReview); } @GetMapping("/delete/{reviewId}") - + @RequiresPermissions("PROJECT_TRACK_REVIEW:READ+DELETE") @MsAuditLog(module = "track_test_case_review", type = OperLogConstants.DELETE, beforeEvent = "#msClass.getLogDetails(#reviewId)", msClass = TestCaseReviewService.class) public void deleteCaseReview(@PathVariable String reviewId) { checkPermissionService.checkTestReviewOwner(reviewId); @@ -120,7 +121,7 @@ public class TestCaseReviewController { } @PostMapping("/edit/status/{reviewId}") - + @RequiresPermissions("PROJECT_TRACK_REVIEW:READ+EDIT") public void editTestPlanStatus(@PathVariable String reviewId) { checkPermissionService.checkTestReviewOwner(reviewId); testCaseReviewService.editTestReviewStatus(reviewId); diff --git a/backend/src/main/java/io/metersphere/track/controller/TestPlanApiCaseController.java b/backend/src/main/java/io/metersphere/track/controller/TestPlanApiCaseController.java index c3234f789a..bf4ad74add 100644 --- a/backend/src/main/java/io/metersphere/track/controller/TestPlanApiCaseController.java +++ b/backend/src/main/java/io/metersphere/track/controller/TestPlanApiCaseController.java @@ -13,6 +13,7 @@ import io.metersphere.log.annotation.MsAuditLog; import io.metersphere.track.request.testcase.TestPlanApiCaseBatchRequest; import io.metersphere.track.service.TestPlanApiCaseService; import org.apache.shiro.authz.annotation.Logical; +import org.apache.shiro.authz.annotation.RequiresPermissions; import org.apache.shiro.authz.annotation.RequiresRoles; import org.springframework.web.bind.annotation.*; @@ -44,21 +45,21 @@ public class TestPlanApiCaseController { } @GetMapping("/delete/{id}") - + @RequiresPermissions("PROJECT_TRACK_PLAN:READ+RELEVANCE_OR_CANCEL") @MsAuditLog(module = "track_test_case_review", type = OperLogConstants.UN_ASSOCIATE_CASE, beforeEvent = "#msClass.getLogDetails(#id)", msClass = TestPlanApiCaseService.class) public int deleteTestCase(@PathVariable String id) { return testPlanApiCaseService.delete(id); } @PostMapping("/batch/delete") - + @RequiresPermissions("PROJECT_TRACK_PLAN:READ+RELEVANCE_OR_CANCEL") @MsAuditLog(module = "track_test_plan", type = OperLogConstants.UN_ASSOCIATE_CASE, beforeEvent = "#msClass.getLogDetails(#request.ids)", msClass = TestPlanApiCaseService.class) public void deleteApiCaseBath(@RequestBody TestPlanApiCaseBatchRequest request) { testPlanApiCaseService.deleteApiCaseBath(request); } @PostMapping("/batch/update/env") - + @RequiresPermissions("PROJECT_TRACK_PLAN:READ+RELEVANCE_OR_CANCEL") @MsAuditLog(module = "track_test_plan", type = OperLogConstants.BATCH_UPDATE, beforeEvent = "#msClass.batchLogDetails(#request.ids)", content = "#msClass.getLogDetails(#request.ids)", msClass = TestPlanApiCaseService.class) public void batchUpdateEnv(@RequestBody TestPlanApiCaseBatchRequest request) { testPlanApiCaseService.batchUpdateEnv(request); diff --git a/backend/src/main/java/io/metersphere/track/controller/TestPlanController.java b/backend/src/main/java/io/metersphere/track/controller/TestPlanController.java index 0665724433..c750a50140 100644 --- a/backend/src/main/java/io/metersphere/track/controller/TestPlanController.java +++ b/backend/src/main/java/io/metersphere/track/controller/TestPlanController.java @@ -22,6 +22,7 @@ import io.metersphere.track.request.testplancase.TestCaseRelevanceRequest; import io.metersphere.track.service.TestPlanProjectService; import io.metersphere.track.service.TestPlanService; import org.apache.shiro.authz.annotation.Logical; +import org.apache.shiro.authz.annotation.RequiresPermissions; import org.apache.shiro.authz.annotation.RequiresRoles; import org.springframework.web.bind.annotation.*; @@ -46,6 +47,7 @@ public class TestPlanController { } @PostMapping("/list/{goPage}/{pageSize}") + @RequiresPermissions("PROJECT_TRACK_PLAN:READ") public Pager> list(@PathVariable int goPage, @PathVariable int pageSize, @RequestBody QueryTestPlanRequest request) { String currentWorkspaceId = SessionUtils.getCurrentWorkspaceId(); request.setWorkspaceId(currentWorkspaceId); @@ -86,7 +88,7 @@ public class TestPlanController { } @PostMapping("/add") - + @RequiresPermissions("PROJECT_TRACK_PLAN:READ+CREATE") @MsAuditLog(module = "track_test_plan", type = OperLogConstants.CREATE, title = "#testPlan.name", content = "#msClass.getLogDetails(#testPlan.id)", msClass = TestPlanService.class) public String addTestPlan(@RequestBody AddTestPlanRequest testPlan) { testPlan.setId(UUID.randomUUID().toString()); @@ -95,14 +97,14 @@ public class TestPlanController { } @PostMapping("/edit") - + @RequiresPermissions("PROJECT_TRACK_PLAN:READ+EDIT") @MsAuditLog(module = "track_test_plan", type = OperLogConstants.UPDATE, beforeEvent = "#msClass.getLogDetails(#testPlanDTO.id)", content = "#msClass.getLogDetails(#testPlanDTO.id)", msClass = TestPlanService.class) public String editTestPlan(@RequestBody TestPlanDTO testPlanDTO) { return testPlanService.editTestPlan(testPlanDTO, true); } @PostMapping("/edit/status/{planId}") - + @RequiresPermissions("PROJECT_TRACK_PLAN:READ+EDIT") @MsAuditLog(module = "track_test_plan", type = OperLogConstants.UPDATE, beforeEvent = "#msClass.getLogDetails(#planId)", content = "#msClass.getLogDetails(#planId)", msClass = TestPlanService.class) public void editTestPlanStatus(@PathVariable String planId) { checkPermissionService.checkTestPlanOwner(planId); @@ -110,7 +112,7 @@ public class TestPlanController { } @PostMapping("/delete/{testPlanId}") - + @RequiresPermissions("PROJECT_TRACK_PLAN:READ+DELETE") @MsAuditLog(module = "track_test_plan", type = OperLogConstants.DELETE, beforeEvent = "#msClass.getLogDetails(#testPlanId)", msClass = TestPlanService.class) public int deleteTestPlan(@PathVariable String testPlanId) { checkPermissionService.checkTestPlanOwner(testPlanId); diff --git a/frontend/src/business/components/track/review/commom/ReviewComment.vue b/frontend/src/business/components/track/review/commom/ReviewComment.vue index ef4184b8b2..fd25002f8c 100644 --- a/frontend/src/business/components/track/review/commom/ReviewComment.vue +++ b/frontend/src/business/components/track/review/commom/ReviewComment.vue @@ -16,19 +16,21 @@
- + {{ $t('test_track.comment.send') }}
@@ -53,7 +55,7 @@ export default { result: {}, textarea: '', isReadOnly: false - } + }; }, created() { this.isReadOnly = !checkoutTestManagerOrTestUser(); @@ -63,7 +65,7 @@ export default { let comment = {}; comment.caseId = this.caseId; comment.description = this.textarea; - comment.reviewId=this.reviewId; + comment.reviewId = this.reviewId; if (!this.textarea) { this.$warning(this.$t('test_track.comment.description_is_null')); return; @@ -81,7 +83,7 @@ export default { this.$emit('getComments'); }, } -} +};