From 98b9dbdf712f956010d1a953d0ca4485f1abc62a Mon Sep 17 00:00:00 2001 From: wxg0103 <727495428@qq.com> Date: Wed, 27 Dec 2023 10:38:34 +0800 Subject: [PATCH] =?UTF-8?q?feat(=E7=B3=BB=E7=BB=9F=E6=B5=8B=E8=AF=95):=20?= =?UTF-8?q?=E5=A2=9E=E5=8A=A0=E4=B8=AA=E4=BA=BA=E4=B8=AD=E5=BF=83=E7=AC=AC?= =?UTF-8?q?=E4=B8=89=E6=96=B9=E8=B4=A6=E5=8F=B7?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- .../debug/ApiDebugModuleController.java | 2 +- .../ApiDefinitionModuleController.java | 15 ++- .../definition/ApiTestCaseController.java | 13 +++ .../definition/ApiTestCasePageRequest.java | 8 +- .../controller/EnvironmentController.java | 10 +- .../EnvironmentGroupController.java | 10 +- .../project/controller/ProjectController.java | 3 + .../OrganizationProjectController.java | 14 ++- .../controller/SystemProjectController.java | 17 ++- .../UserPlatformAccountController.java | 53 +++++++++ .../service/UserPlatformAccountService.java | 95 +++++++++++++++ .../OrganizationProjectControllerTests.java | 2 - .../UserPlatformAccountControllerTests.java | 110 ++++++++++++++++++ .../user/PersonalControllerTests.java | 7 +- 14 files changed, 336 insertions(+), 23 deletions(-) create mode 100644 backend/services/system-setting/src/main/java/io/metersphere/system/controller/UserPlatformAccountController.java create mode 100644 backend/services/system-setting/src/main/java/io/metersphere/system/service/UserPlatformAccountService.java create mode 100644 backend/services/system-setting/src/test/java/io/metersphere/system/controller/UserPlatformAccountControllerTests.java diff --git a/backend/services/api-test/src/main/java/io/metersphere/api/controller/debug/ApiDebugModuleController.java b/backend/services/api-test/src/main/java/io/metersphere/api/controller/debug/ApiDebugModuleController.java index 983ab7aaac..c864199338 100644 --- a/backend/services/api-test/src/main/java/io/metersphere/api/controller/debug/ApiDebugModuleController.java +++ b/backend/services/api-test/src/main/java/io/metersphere/api/controller/debug/ApiDebugModuleController.java @@ -43,7 +43,7 @@ public class ApiDebugModuleController { @PostMapping("/update") @Operation(summary = "接口测试-接口调试-模块-修改模块") @RequiresPermissions(PermissionConstants.PROJECT_API_DEBUG_UPDATE) - public boolean list(@RequestBody @Validated ModuleUpdateRequest request) { + public boolean update(@RequestBody @Validated ModuleUpdateRequest request) { apiDebugModuleService.update(request, SessionUtils.getUserId(), SessionUtils.getCurrentProjectId()); return true; } diff --git a/backend/services/api-test/src/main/java/io/metersphere/api/controller/definition/ApiDefinitionModuleController.java b/backend/services/api-test/src/main/java/io/metersphere/api/controller/definition/ApiDefinitionModuleController.java index 6859feda6d..a658cb877d 100644 --- a/backend/services/api-test/src/main/java/io/metersphere/api/controller/definition/ApiDefinitionModuleController.java +++ b/backend/services/api-test/src/main/java/io/metersphere/api/controller/definition/ApiDefinitionModuleController.java @@ -7,6 +7,7 @@ import io.metersphere.api.service.definition.ApiDefinitionModuleService; import io.metersphere.sdk.constants.PermissionConstants; import io.metersphere.system.dto.sdk.BaseTreeNode; import io.metersphere.system.dto.sdk.request.NodeMoveRequest; +import io.metersphere.system.security.CheckOwner; import io.metersphere.system.utils.SessionUtils; import io.swagger.v3.oas.annotations.Operation; import io.swagger.v3.oas.annotations.tags.Tag; @@ -29,6 +30,7 @@ public class ApiDefinitionModuleController { @PostMapping("/tree") @Operation(summary = "接口测试-接口管理-模块-查找模块") @RequiresPermissions(PermissionConstants.PROJECT_API_DEFINITION_READ) + @CheckOwner(resourceId = "#request.projectId", resourceType = "project") public List getTree(@RequestBody @Validated ApiModuleRequest request) { return apiDefinitionModuleService.getTree(request, false); } @@ -43,16 +45,18 @@ public class ApiDefinitionModuleController { @PostMapping("/update") @Operation(summary = "接口测试-接口管理-模块-修改模块") @RequiresPermissions(PermissionConstants.PROJECT_API_DEFINITION_UPDATE) - public boolean list(@RequestBody @Validated ModuleUpdateRequest request) { + @CheckOwner(resourceId = "#request.id", resourceType = "api_definition_module") + public boolean update(@RequestBody @Validated ModuleUpdateRequest request) { apiDefinitionModuleService.update(request, SessionUtils.getUserId()); return true; } - @GetMapping("/delete/{deleteId}") + @GetMapping("/delete/{id}") @Operation(summary = "接口测试-接口管理-模块-删除模块") @RequiresPermissions(PermissionConstants.PROJECT_API_DEFINITION_DELETE) - public void deleteNode(@PathVariable String deleteId) { - apiDefinitionModuleService.deleteModule(deleteId, SessionUtils.getUserId()); + @CheckOwner(resourceId = "#=id", resourceType = "api_definition_module") + public void deleteNode(@PathVariable String id) { + apiDefinitionModuleService.deleteModule(id, SessionUtils.getUserId()); } @PostMapping("/move") @@ -65,6 +69,7 @@ public class ApiDefinitionModuleController { @PostMapping("/count") @Operation(summary = "接口测试-接口管理-模块-统计模块数量") @RequiresPermissions(PermissionConstants.PROJECT_API_DEFINITION_READ) + @CheckOwner(resourceId = "#request.projectId", resourceType = "project") public Map moduleCount(@Validated @RequestBody ApiModuleRequest request) { return apiDefinitionModuleService.moduleCount(request, false); } @@ -72,6 +77,7 @@ public class ApiDefinitionModuleController { @PostMapping("/trash/count") @Operation(summary = "接口测试-接口管理-模块-统计回收站模块数量") @RequiresPermissions(PermissionConstants.PROJECT_API_DEFINITION_READ) + @CheckOwner(resourceId = "#request.projectId", resourceType = "project") public Map moduleCountTrash(@Validated @RequestBody ApiModuleRequest request) { return apiDefinitionModuleService.moduleCount(request, true); } @@ -79,6 +85,7 @@ public class ApiDefinitionModuleController { @PostMapping("/trash/tree") @Operation(summary = "接口测试-接口管理-模块-查找模块") @RequiresPermissions(PermissionConstants.PROJECT_API_DEFINITION_READ) + @CheckOwner(resourceId = "#request.projectId", resourceType = "project") public List getTrashTree(@RequestBody @Validated ApiModuleRequest request) { return apiDefinitionModuleService.getTrashTree(request, true); } diff --git a/backend/services/api-test/src/main/java/io/metersphere/api/controller/definition/ApiTestCaseController.java b/backend/services/api-test/src/main/java/io/metersphere/api/controller/definition/ApiTestCaseController.java index 4aa0cdb3ea..e6be30bb82 100644 --- a/backend/services/api-test/src/main/java/io/metersphere/api/controller/definition/ApiTestCaseController.java +++ b/backend/services/api-test/src/main/java/io/metersphere/api/controller/definition/ApiTestCaseController.java @@ -14,6 +14,7 @@ import io.metersphere.system.log.annotation.Log; import io.metersphere.system.log.constants.OperationLogType; import io.metersphere.system.notice.annotation.SendNotice; import io.metersphere.system.notice.constants.NoticeConstants; +import io.metersphere.system.security.CheckOwner; import io.metersphere.system.utils.PageUtils; import io.metersphere.system.utils.Pager; import io.metersphere.system.utils.SessionUtils; @@ -51,6 +52,7 @@ public class ApiTestCaseController { @GetMapping(value = "/get-detail/{id}") @Operation(summary = "接口测试-接口管理-接口用例-获取详情") @RequiresPermissions(PermissionConstants.PROJECT_API_DEFINITION_CASE_READ) + @CheckOwner(resourceId = "#id", resourceType = "api_test_case") public ApiTestCaseDTO get(@PathVariable String id) { return apiTestCaseService.get(id, SessionUtils.getUserId()); } @@ -59,6 +61,7 @@ public class ApiTestCaseController { @Operation(summary = "接口测试-接口管理-接口用例-移动到回收站") @RequiresPermissions(PermissionConstants.PROJECT_API_DEFINITION_CASE_DELETE) @Log(type = OperationLogType.DELETE, expression = "#msClass.moveToGcLog(#id)", msClass = ApiTestCaseLogService.class) + @CheckOwner(resourceId = "#id", resourceType = "api_test_case") public void deleteToGc(@PathVariable String id) { apiTestCaseService.deleteToGc(id, SessionUtils.getUserId()); } @@ -67,6 +70,7 @@ public class ApiTestCaseController { @Operation(summary = "接口测试-接口管理-接口用例-恢复") @RequiresPermissions(PermissionConstants.PROJECT_API_DEFINITION_CASE_RECOVER) @Log(type = OperationLogType.RECOVER, expression = "#msClass.recoverLog(#id)", msClass = ApiTestCaseLogService.class) + @CheckOwner(resourceId = "#id", resourceType = "api_test_case") public void recover(@PathVariable String id) { apiTestCaseService.recover(id, SessionUtils.getUserId(), SessionUtils.getCurrentProjectId()); } @@ -75,6 +79,7 @@ public class ApiTestCaseController { @Operation(summary = "接口测试-接口管理-接口用例-关注") @RequiresPermissions(PermissionConstants.PROJECT_API_DEFINITION_CASE_UPDATE) @Log(type = OperationLogType.UPDATE, expression = "#msClass.followLog(#id)", msClass = ApiTestCaseLogService.class) + @CheckOwner(resourceId = "#id", resourceType = "api_test_case") public void follow(@PathVariable String id) { apiTestCaseService.follow(id, SessionUtils.getUserId()); } @@ -83,6 +88,7 @@ public class ApiTestCaseController { @Operation(summary = "接口测试-接口管理-接口用例-取消关注") @RequiresPermissions(PermissionConstants.PROJECT_API_DEFINITION_CASE_UPDATE) @Log(type = OperationLogType.UPDATE, expression = "#msClass.unfollowLog(#id)", msClass = ApiTestCaseLogService.class) + @CheckOwner(resourceId = "#id", resourceType = "api_test_case") public void unfollow(@PathVariable String id) { apiTestCaseService.unfollow(id, SessionUtils.getUserId()); } @@ -91,6 +97,7 @@ public class ApiTestCaseController { @Operation(summary = "接口测试-接口管理-接口用例-删除") @RequiresPermissions(PermissionConstants.PROJECT_API_DEFINITION_CASE_DELETE) @Log(type = OperationLogType.DELETE, expression = "#msClass.deleteLog(#id)", msClass = ApiTestCaseLogService.class) + @CheckOwner(resourceId = "#id", resourceType = "api_test_case") public void delete(@PathVariable String id) { apiTestCaseService.delete(id, SessionUtils.getUserId()); } @@ -99,6 +106,7 @@ public class ApiTestCaseController { @Operation(summary = "接口测试-接口管理-接口用例-更新") @RequiresPermissions(PermissionConstants.PROJECT_API_DEFINITION_CASE_UPDATE) @Log(type = OperationLogType.UPDATE, expression = "#msClass.updateLog(#request)", msClass = ApiTestCaseLogService.class) + @CheckOwner(resourceId = "#request.id", resourceType = "api_test_case") public ApiTestCase update(@Validated @RequestBody ApiTestCaseUpdateRequest request) { return apiTestCaseService.update(request, SessionUtils.getUserId()); } @@ -107,6 +115,7 @@ public class ApiTestCaseController { @Operation(summary = "接口测试-接口管理-接口用例-更新状态") @RequiresPermissions(PermissionConstants.PROJECT_API_DEFINITION_CASE_UPDATE) @Log(type = OperationLogType.UPDATE, expression = "#msClass.updateLog(#id)", msClass = ApiTestCaseLogService.class) + @CheckOwner(resourceId = "#id", resourceType = "api_test_case") public void updateStatus(@PathVariable String id, @PathVariable String status) { apiTestCaseService.updateStatus(id, status, SessionUtils.getUserId()); } @@ -123,6 +132,7 @@ public class ApiTestCaseController { @PostMapping("/batch/delete") @Operation(summary = "接口测试-接口管理-接口用例-批量删除") @RequiresPermissions(PermissionConstants.PROJECT_API_DEFINITION_CASE_DELETE) + @CheckOwner(resourceId = "#request.getSelectIds()", resourceType = "api_test_case") public void deleteBatchByParam(@RequestBody ApiTestCaseBatchRequest request) { apiTestCaseService.batchDelete(request, SessionUtils.getUserId()); } @@ -130,6 +140,7 @@ public class ApiTestCaseController { @PostMapping("/batch/move-gc") @Operation(summary = "接口测试-接口管理-接口用例-批量移动到回收站") @RequiresPermissions(PermissionConstants.PROJECT_API_DEFINITION_CASE_DELETE) + @CheckOwner(resourceId = "#request.getSelectIds()", resourceType = "api_test_case") public void deleteToGcByParam(@RequestBody ApiTestCaseBatchRequest request) { apiTestCaseService.batchMoveGc(request, SessionUtils.getUserId()); } @@ -137,6 +148,7 @@ public class ApiTestCaseController { @PostMapping("/batch/edit") @Operation(summary = "接口测试-接口管理-接口用例-批量编辑") @RequiresPermissions(PermissionConstants.PROJECT_API_DEFINITION_CASE_UPDATE) + @CheckOwner(resourceId = "#request.getSelectIds()", resourceType = "api_test_case") public void batchUpdate(@Validated @RequestBody ApiCaseBatchEditRequest request) { apiTestCaseService.batchEdit(request, SessionUtils.getUserId()); } @@ -144,6 +156,7 @@ public class ApiTestCaseController { @PostMapping("/batch/recover") @Operation(summary = "接口测试-接口管理-接口用例-批量恢复") @RequiresPermissions(PermissionConstants.PROJECT_API_DEFINITION_CASE_RECOVER) + @CheckOwner(resourceId = "#request.getSelectIds()", resourceType = "api_test_case") public void batchRecover(@Validated @RequestBody ApiTestCaseBatchRequest request) { apiTestCaseRecoverService.batchRecover(request, SessionUtils.getUserId()); } diff --git a/backend/services/api-test/src/main/java/io/metersphere/api/dto/definition/ApiTestCasePageRequest.java b/backend/services/api-test/src/main/java/io/metersphere/api/dto/definition/ApiTestCasePageRequest.java index 978286f921..358492a636 100644 --- a/backend/services/api-test/src/main/java/io/metersphere/api/dto/definition/ApiTestCasePageRequest.java +++ b/backend/services/api-test/src/main/java/io/metersphere/api/dto/definition/ApiTestCasePageRequest.java @@ -8,15 +8,15 @@ import jakarta.validation.constraints.Size; import lombok.Data; import lombok.EqualsAndHashCode; +import java.io.Serial; +import java.io.Serializable; import java.util.List; -/** - * @author lan - */ @Data @EqualsAndHashCode(callSuper = false) -public class ApiTestCasePageRequest extends BasePageRequest { +public class ApiTestCasePageRequest extends BasePageRequest implements Serializable { + @Serial private static final long serialVersionUID = 1L; @Schema(description = "接口pk") diff --git a/backend/services/project-management/src/main/java/io/metersphere/project/controller/EnvironmentController.java b/backend/services/project-management/src/main/java/io/metersphere/project/controller/EnvironmentController.java index 2d979d552c..8440b34bbd 100644 --- a/backend/services/project-management/src/main/java/io/metersphere/project/controller/EnvironmentController.java +++ b/backend/services/project-management/src/main/java/io/metersphere/project/controller/EnvironmentController.java @@ -13,6 +13,7 @@ import io.metersphere.system.dto.sdk.OptionDTO; import io.metersphere.system.dto.sdk.request.PosRequest; import io.metersphere.system.log.annotation.Log; import io.metersphere.system.log.constants.OperationLogType; +import io.metersphere.system.security.CheckOwner; import io.metersphere.system.utils.SessionUtils; import io.metersphere.validation.groups.Created; import io.metersphere.validation.groups.Updated; @@ -45,11 +46,12 @@ public class EnvironmentController { return environmentService.list(request); } - @GetMapping("/get/{environmentId}") + @GetMapping("/get/{id}") @Operation(summary = "项目管理-环境-环境目录-详情") @RequiresPermissions(PermissionConstants.PROJECT_ENVIRONMENT_READ) - public EnvironmentInfoDTO get(@PathVariable String environmentId) { - return environmentService.get(environmentId); + @CheckOwner(resourceId = "#id", resourceType = "environment") + public EnvironmentInfoDTO get(@PathVariable String id) { + return environmentService.get(id); } @@ -66,6 +68,7 @@ public class EnvironmentController { @RequiresPermissions(PermissionConstants.PROJECT_ENVIRONMENT_READ_UPDATE) @Operation(summary = "项目管理-环境-环境目录-修改") @Log(type = OperationLogType.UPDATE, expression = "#msClass.updateLog(#request)", msClass = EnvironmentLogService.class) + @CheckOwner(resourceId = "#request.id", resourceType = "environment") public Environment update(@Validated({Updated.class}) @RequestPart("request") EnvironmentRequest request, @RequestPart(value = "file", required = false) List sslFiles) { return environmentService.update(request, SessionUtils.getUserId(), sslFiles); @@ -74,6 +77,7 @@ public class EnvironmentController { @GetMapping("/delete/{id}") @Operation(summary = "项目管理-环境-环境目录-删除") @RequiresPermissions(PermissionConstants.PROJECT_ENVIRONMENT_READ_DELETE) + @CheckOwner(resourceId = "#id", resourceType = "environment") @Log(type = OperationLogType.DELETE, expression = "#msClass.deleteLog(#id)", msClass = EnvironmentLogService.class) public void delete(@PathVariable String id) { environmentService.delete(id); diff --git a/backend/services/project-management/src/main/java/io/metersphere/project/controller/EnvironmentGroupController.java b/backend/services/project-management/src/main/java/io/metersphere/project/controller/EnvironmentGroupController.java index 5d9bdb46fc..9ca6be0fb9 100644 --- a/backend/services/project-management/src/main/java/io/metersphere/project/controller/EnvironmentGroupController.java +++ b/backend/services/project-management/src/main/java/io/metersphere/project/controller/EnvironmentGroupController.java @@ -12,6 +12,7 @@ import io.metersphere.system.dto.sdk.OptionDTO; import io.metersphere.system.dto.sdk.request.PosRequest; import io.metersphere.system.log.annotation.Log; import io.metersphere.system.log.constants.OperationLogType; +import io.metersphere.system.security.CheckOwner; import io.metersphere.system.utils.SessionUtils; import io.swagger.v3.oas.annotations.Operation; import io.swagger.v3.oas.annotations.tags.Tag; @@ -41,6 +42,7 @@ public class EnvironmentGroupController { @GetMapping("/delete/{id}") @Operation(summary = "项目管理-环境组-删除") @RequiresPermissions(PermissionConstants.PROJECT_ENVIRONMENT_READ_DELETE) + @CheckOwner(resourceId = "#id", resourceType = "environment_group") @Log(type = OperationLogType.DELETE, expression = "#msClass.deleteLog(#id)", msClass = EnvironmentGroupLogService.class) public void delete(@PathVariable String id) { environmentGroupService.delete(id); @@ -49,6 +51,7 @@ public class EnvironmentGroupController { @PostMapping("/update") @Operation(summary = "项目管理-环境组-修改") @RequiresPermissions(PermissionConstants.PROJECT_ENVIRONMENT_READ_UPDATE) + @CheckOwner(resourceId = "#request.id", resourceType = "environment_group") @Log(type = OperationLogType.UPDATE, expression = "#msClass.updateLog(#request)", msClass = EnvironmentGroupLogService.class) public EnvironmentGroup update(@Validated @RequestBody EnvironmentGroupRequest request) { return environmentGroupService.update(request, SessionUtils.getUserId()); @@ -61,11 +64,12 @@ public class EnvironmentGroupController { return environmentGroupService.list(request); } - @GetMapping("/get/{groupId}") + @GetMapping("/get/{id}") @Operation(summary = "项目管理-环境组-详情") @RequiresPermissions(PermissionConstants.PROJECT_ENVIRONMENT_READ) - public List get(@PathVariable String groupId) { - return environmentGroupService.get(groupId); + @CheckOwner(resourceId = "#id", resourceType = "environment_group") + public List get(@PathVariable String id) { + return environmentGroupService.get(id); } @GetMapping("/get-project") diff --git a/backend/services/project-management/src/main/java/io/metersphere/project/controller/ProjectController.java b/backend/services/project-management/src/main/java/io/metersphere/project/controller/ProjectController.java index e717dc578f..86562d1623 100644 --- a/backend/services/project-management/src/main/java/io/metersphere/project/controller/ProjectController.java +++ b/backend/services/project-management/src/main/java/io/metersphere/project/controller/ProjectController.java @@ -11,6 +11,7 @@ import io.metersphere.system.dto.ProjectDTO; import io.metersphere.system.dto.UpdateProjectRequest; import io.metersphere.system.log.annotation.Log; import io.metersphere.system.log.constants.OperationLogType; +import io.metersphere.system.security.CheckOwner; import io.metersphere.system.utils.SessionUtils; import io.metersphere.validation.groups.Updated; import io.swagger.v3.oas.annotations.Operation; @@ -32,6 +33,7 @@ public class ProjectController { @GetMapping("/get/{id}") @Operation(summary = "项目管理-基本信息") @RequiresPermissions(PermissionConstants.PROJECT_BASE_INFO_READ) + @CheckOwner(resourceId = "#id", resourceType = "project") public ProjectDTO getProject(@PathVariable String id) { return projectService.getProjectById(id); } @@ -54,6 +56,7 @@ public class ProjectController { @Operation(summary = "项目管理-更新项目") @RequiresPermissions(PermissionConstants.PROJECT_BASE_INFO_READ_UPDATE) @Log(type = OperationLogType.UPDATE, expression = "#msClass.updateLog(#request)", msClass = ProjectLogService.class) + @CheckOwner(resourceId = "#request.id", resourceType = "project") public ProjectDTO updateProject(@RequestBody @Validated({Updated.class}) UpdateProjectRequest request) { return projectService.update(request, SessionUtils.getUserId()); } diff --git a/backend/services/system-setting/src/main/java/io/metersphere/system/controller/OrganizationProjectController.java b/backend/services/system-setting/src/main/java/io/metersphere/system/controller/OrganizationProjectController.java index e7233f07a9..ab309730f6 100644 --- a/backend/services/system-setting/src/main/java/io/metersphere/system/controller/OrganizationProjectController.java +++ b/backend/services/system-setting/src/main/java/io/metersphere/system/controller/OrganizationProjectController.java @@ -6,6 +6,7 @@ import com.github.pagehelper.PageHelper; import io.metersphere.sdk.constants.PermissionConstants; import io.metersphere.system.dto.sdk.OptionDTO; import io.metersphere.system.dto.user.UserExtendDTO; +import io.metersphere.system.security.CheckOwner; import io.metersphere.system.utils.PageUtils; import io.metersphere.system.utils.Pager; import io.metersphere.system.dto.AddProjectRequest; @@ -56,6 +57,7 @@ public class OrganizationProjectController { @Operation(summary = "系统设置-组织-项目-根据ID获取项目信息") @Parameter(name = "id", description = "项目id", schema = @Schema(requiredMode = Schema.RequiredMode.REQUIRED)) @RequiresPermissions(PermissionConstants.ORGANIZATION_PROJECT_READ) + @CheckOwner(resourceId = "#id", resourceType = "project") public ProjectDTO getProject(@PathVariable @NotBlank String id) { return organizationProjectService.get(id); } @@ -73,8 +75,9 @@ public class OrganizationProjectController { @Log(type = OperationLogType.UPDATE, expression = "#msClass.updateLog(#project)", msClass = OrganizationProjectLogService.class) @Operation(summary = "系统设置-组织-项目-编辑") @RequiresPermissions(PermissionConstants.ORGANIZATION_PROJECT_READ_UPDATE) - public ProjectDTO updateProject(@RequestBody @Validated({Updated.class}) UpdateProjectRequest project) { - return organizationProjectService.update(project, SessionUtils.getUserId()); + @CheckOwner(resourceId = "#request.id", resourceType = "project") + public ProjectDTO updateProject(@RequestBody @Validated({Updated.class}) UpdateProjectRequest request) { + return organizationProjectService.update(request, SessionUtils.getUserId()); } @GetMapping("/delete/{id}") @@ -82,6 +85,7 @@ public class OrganizationProjectController { @Operation(summary = "系统设置-组织-项目-删除") @Parameter(name = "id", description = "项目", schema = @Schema(requiredMode = Schema.RequiredMode.REQUIRED)) @Log(type = OperationLogType.DELETE, expression = "#msClass.deleteLog(#id)", msClass = OrganizationProjectLogService.class) + @CheckOwner(resourceId = "#id", resourceType = "project") public int deleteProject(@PathVariable String id) { return organizationProjectService.delete(id, SessionUtils.getUserId()); } @@ -91,6 +95,7 @@ public class OrganizationProjectController { @Operation(summary = "系统设置-组织-项目-撤销删除") @Log(type = OperationLogType.UPDATE, expression = "#msClass.recoverLog(#id)", msClass = OrganizationProjectLogService.class) @Parameter(name = "id", description = "项目", schema = @Schema(requiredMode = Schema.RequiredMode.REQUIRED)) + @CheckOwner(resourceId = "#id", resourceType = "project") public int revokeProject(@PathVariable String id) { return organizationProjectService.revoke(id, SessionUtils.getUserId()); } @@ -100,6 +105,7 @@ public class OrganizationProjectController { @Parameter(name = "id", description = "项目ID", schema = @Schema(requiredMode = Schema.RequiredMode.REQUIRED)) @Log(type = OperationLogType.UPDATE, expression = "#msClass.updateLog(#id)", msClass = OrganizationProjectLogService.class) @RequiresPermissions(PermissionConstants.ORGANIZATION_PROJECT_READ_UPDATE) + @CheckOwner(resourceId = "#id", resourceType = "project") public void enable(@PathVariable String id) { organizationProjectService.enable(id, SessionUtils.getUserId()); } @@ -109,6 +115,7 @@ public class OrganizationProjectController { @Parameter(name = "id", description = "项目ID", schema = @Schema(requiredMode = Schema.RequiredMode.REQUIRED)) @RequiresPermissions(PermissionConstants.ORGANIZATION_PROJECT_READ_UPDATE) @Log(type = OperationLogType.UPDATE, expression = "#msClass.updateLog(#id)", msClass = OrganizationProjectLogService.class) + @CheckOwner(resourceId = "#id", resourceType = "project") public void disable(@PathVariable String id) { organizationProjectService.disable(id, SessionUtils.getUserId()); } @@ -125,6 +132,7 @@ public class OrganizationProjectController { @PostMapping("/add-members") @RequiresPermissions(PermissionConstants.ORGANIZATION_PROJECT_MEMBER_ADD) @Operation(summary = "系统设置-组织-项目-添加成员") + @CheckOwner(resourceId = "#request.id", resourceType = "project") public void addProjectMember(@Validated @RequestBody ProjectAddMemberRequest request) { ProjectAddMemberBatchRequest batchRequest = new ProjectAddMemberBatchRequest(); batchRequest.setProjectIds(List.of(request.getProjectId())); @@ -138,6 +146,7 @@ public class OrganizationProjectController { @Parameter(name = "projectId", description = "项目id", schema = @Schema(requiredMode = Schema.RequiredMode.REQUIRED)) @RequiresPermissions(PermissionConstants.ORGANIZATION_PROJECT_MEMBER_DELETE) @Log(type = OperationLogType.DELETE, expression = "#msClass.deleteLog(#projectId)", msClass = OrganizationProjectLogService.class) + @CheckOwner(resourceId = "#projectId", resourceType = "project") public int removeProjectMember(@PathVariable String projectId, @PathVariable String userId) { return organizationProjectService.removeProjectMember(projectId, userId, SessionUtils.getUserId()); } @@ -170,6 +179,7 @@ public class OrganizationProjectController { @Operation(summary = "系统设置-组织-项目-修改项目名称") @RequiresPermissions(PermissionConstants.ORGANIZATION_PROJECT_READ_UPDATE) @Log(type = OperationLogType.UPDATE, expression = "#msClass.renameLog(#request)", msClass = OrganizationProjectLogService.class) + @CheckOwner(resourceId = "#request.id", resourceType = "project") public void rename(@RequestBody @Validated({Updated.class}) UpdateProjectNameRequest request) { organizationProjectService.rename(request, SessionUtils.getUserId()); } diff --git a/backend/services/system-setting/src/main/java/io/metersphere/system/controller/SystemProjectController.java b/backend/services/system-setting/src/main/java/io/metersphere/system/controller/SystemProjectController.java index a31f40dbf9..e92506832a 100644 --- a/backend/services/system-setting/src/main/java/io/metersphere/system/controller/SystemProjectController.java +++ b/backend/services/system-setting/src/main/java/io/metersphere/system/controller/SystemProjectController.java @@ -6,6 +6,7 @@ import com.github.pagehelper.PageHelper; import io.metersphere.sdk.constants.PermissionConstants; import io.metersphere.system.dto.sdk.OptionDTO; import io.metersphere.system.dto.user.UserExtendDTO; +import io.metersphere.system.security.CheckOwner; import io.metersphere.system.utils.PageUtils; import io.metersphere.system.utils.Pager; import io.metersphere.system.domain.User; @@ -60,6 +61,7 @@ public class SystemProjectController { @Operation(summary = "系统设置-系统-组织与项目-项目-根据ID获取项目信息") @Parameter(name = "id", description = "项目id", schema = @Schema(requiredMode = Schema.RequiredMode.REQUIRED)) @RequiresPermissions(PermissionConstants.SYSTEM_ORGANIZATION_PROJECT_READ) + @CheckOwner(resourceId = "#id", resourceType = "project") public ProjectDTO getProject(@PathVariable @NotBlank String id) { return systemProjectService.get(id); } @@ -74,11 +76,12 @@ public class SystemProjectController { } @PostMapping("/update") - @Log(type = OperationLogType.UPDATE, expression = "#msClass.updateLog(#project)", msClass = SystemProjectLogService.class) + @Log(type = OperationLogType.UPDATE, expression = "#msClass.updateLog(#request)", msClass = SystemProjectLogService.class) @Operation(summary = "系统设置-系统-组织与项目-项目-编辑") @RequiresPermissions(PermissionConstants.SYSTEM_ORGANIZATION_PROJECT_READ_UPDATE) - public ProjectDTO updateProject(@RequestBody @Validated({Updated.class}) UpdateProjectRequest project) { - return systemProjectService.update(project, SessionUtils.getUserId()); + @CheckOwner(resourceId = "#request.id", resourceType = "project") + public ProjectDTO updateProject(@RequestBody @Validated({Updated.class}) UpdateProjectRequest request) { + return systemProjectService.update(request, SessionUtils.getUserId()); } @GetMapping("/delete/{id}") @@ -86,6 +89,7 @@ public class SystemProjectController { @Operation(summary = "系统设置-系统-组织与项目-项目-删除") @Parameter(name = "id", description = "项目", schema = @Schema(requiredMode = Schema.RequiredMode.REQUIRED)) @Log(type = OperationLogType.DELETE, expression = "#msClass.deleteLog(#id)", msClass = SystemProjectLogService.class) + @CheckOwner(resourceId = "#id", resourceType = "project") public int deleteProject(@PathVariable String id) { return systemProjectService.delete(id, SessionUtils.getUserId()); } @@ -95,6 +99,7 @@ public class SystemProjectController { @RequiresPermissions(PermissionConstants.SYSTEM_ORGANIZATION_PROJECT_READ_RECOVER) @Log(type = OperationLogType.UPDATE, expression = "#msClass.recoverLog(#id)", msClass = SystemProjectLogService.class) @Parameter(name = "id", description = "项目", schema = @Schema(requiredMode = Schema.RequiredMode.REQUIRED)) + @CheckOwner(resourceId = "#id", resourceType = "project") public int revokeProject(@PathVariable String id) { return systemProjectService.revoke(id, SessionUtils.getUserId()); } @@ -104,6 +109,7 @@ public class SystemProjectController { @Parameter(name = "id", description = "项目ID", schema = @Schema(requiredMode = Schema.RequiredMode.REQUIRED)) @Log(type = OperationLogType.UPDATE, expression = "#msClass.updateLog(#id)", msClass = SystemProjectLogService.class) @RequiresPermissions(PermissionConstants.SYSTEM_ORGANIZATION_PROJECT_READ_UPDATE) + @CheckOwner(resourceId = "#id", resourceType = "project") public void enable(@PathVariable String id) { systemProjectService.enable(id, SessionUtils.getUserId()); } @@ -113,6 +119,7 @@ public class SystemProjectController { @Parameter(name = "id", description = "项目ID", schema = @Schema(requiredMode = Schema.RequiredMode.REQUIRED)) @RequiresPermissions(PermissionConstants.SYSTEM_ORGANIZATION_PROJECT_READ_UPDATE) @Log(type = OperationLogType.UPDATE, expression = "#msClass.updateLog(#id)", msClass = SystemProjectLogService.class) + @CheckOwner(resourceId = "#id", resourceType = "project") public void disable(@PathVariable String id) { systemProjectService.disable(id, SessionUtils.getUserId()); } @@ -120,6 +127,7 @@ public class SystemProjectController { @PostMapping("/member-list") @RequiresPermissions(PermissionConstants.SYSTEM_ORGANIZATION_PROJECT_READ) @Operation(summary = "系统设置-系统-组织与项目-项目-成员列表") + @CheckOwner(resourceId = "#request.projectId", resourceType = "project") public Pager> getProjectMember(@Validated @RequestBody ProjectMemberRequest request) { Page page = PageHelper.startPage(request.getCurrent(), request.getPageSize(), StringUtils.isNotBlank(request.getSortString()) ? request.getSortString() : "create_time desc"); @@ -129,6 +137,7 @@ public class SystemProjectController { @PostMapping("/add-member") @RequiresPermissions(PermissionConstants.SYSTEM_ORGANIZATION_PROJECT_MEMBER_ADD) @Operation(summary = "系统设置-系统-组织与项目-项目-添加成员") + @CheckOwner(resourceId = "#request.projectId", resourceType = "project") public void addProjectMember(@Validated @RequestBody ProjectAddMemberRequest request) { ProjectAddMemberBatchRequest batchRequest = new ProjectAddMemberBatchRequest(); batchRequest.setProjectIds(List.of(request.getProjectId())); @@ -142,6 +151,7 @@ public class SystemProjectController { @Parameter(name = "projectId", description = "项目id", schema = @Schema(requiredMode = Schema.RequiredMode.REQUIRED)) @RequiresPermissions(PermissionConstants.SYSTEM_ORGANIZATION_PROJECT_MEMBER_DELETE) @Log(type = OperationLogType.DELETE, expression = "#msClass.deleteLog(#projectId)", msClass = SystemProjectLogService.class) + @CheckOwner(resourceId = "#projectId", resourceType = "project") public int removeProjectMember(@PathVariable String projectId, @PathVariable String userId) { return systemProjectService.removeProjectMember(projectId, userId, SessionUtils.getUserId()); } @@ -165,6 +175,7 @@ public class SystemProjectController { @Operation(summary = "系统设置-系统-组织与项目-项目-修改项目名称") @RequiresPermissions(PermissionConstants.SYSTEM_ORGANIZATION_PROJECT_READ_UPDATE) @Log(type = OperationLogType.UPDATE, expression = "#msClass.renameLog(#request)", msClass = SystemProjectLogService.class) + @CheckOwner(resourceId = "#request.projectId", resourceType = "project") public void rename(@RequestBody @Validated({Updated.class}) UpdateProjectNameRequest request) { systemProjectService.rename(request, SessionUtils.getUserId()); } diff --git a/backend/services/system-setting/src/main/java/io/metersphere/system/controller/UserPlatformAccountController.java b/backend/services/system-setting/src/main/java/io/metersphere/system/controller/UserPlatformAccountController.java new file mode 100644 index 0000000000..5b7536dd89 --- /dev/null +++ b/backend/services/system-setting/src/main/java/io/metersphere/system/controller/UserPlatformAccountController.java @@ -0,0 +1,53 @@ +package io.metersphere.system.controller; + +import io.metersphere.system.service.*; +import io.metersphere.system.utils.SessionUtils; +import io.metersphere.validation.groups.Updated; +import io.swagger.v3.oas.annotations.Operation; +import io.swagger.v3.oas.annotations.media.Schema; +import io.swagger.v3.oas.annotations.tags.Tag; +import jakarta.annotation.Resource; +import jakarta.validation.constraints.NotEmpty; +import org.springframework.validation.annotation.Validated; +import org.springframework.web.bind.annotation.*; +import java.util.HashMap; +import java.util.Map; + +@RestController +@RequestMapping("/user/platform") +@Tag(name = "系统设置-个人中心-三方平台账号") +public class UserPlatformAccountController { + @Resource + private UserPlatformAccountService userPlatformAccountService; + + @GetMapping("/account/info") + @Operation(summary = "系统设置-个人中心-获取三方平台账号信息(插件信息)") + public Map getAccountInfoList() { + return userPlatformAccountService.getAccountInfoList(); + } + + @PostMapping("/validate/{pluginId}") + @Operation(summary = "系统设置-个人中心-校验服务集成信息") + public void validate(@PathVariable String pluginId, + @Validated({Updated.class}) + @RequestBody + @NotEmpty + @Schema(description = "配置的表单键值对", requiredMode = Schema.RequiredMode.REQUIRED) + HashMap serviceIntegrationInfo) { + userPlatformAccountService.validate(pluginId, serviceIntegrationInfo); + } + + @PostMapping("/save") + @Operation(summary = "系统设置-个人中心-保存三方平台账号(这里的应该是插件信息加账号值)") + public void save(@RequestBody Map platformInfo) { + userPlatformAccountService.save(platformInfo, SessionUtils.getUserId()); + } + + @GetMapping("/get") + @Operation(summary = "系统设置-个人中心-获取个人三方平台账号") + public Map get() { + return userPlatformAccountService.get(SessionUtils.getUserId()); + } + + +} diff --git a/backend/services/system-setting/src/main/java/io/metersphere/system/service/UserPlatformAccountService.java b/backend/services/system-setting/src/main/java/io/metersphere/system/service/UserPlatformAccountService.java new file mode 100644 index 0000000000..f387f5e2fc --- /dev/null +++ b/backend/services/system-setting/src/main/java/io/metersphere/system/service/UserPlatformAccountService.java @@ -0,0 +1,95 @@ +package io.metersphere.system.service; + +import io.metersphere.plugin.platform.spi.AbstractPlatformPlugin; +import io.metersphere.plugin.platform.spi.Platform; +import io.metersphere.sdk.constants.HttpMethodConstants; +import io.metersphere.sdk.constants.OperationLogConstants; +import io.metersphere.sdk.constants.PluginScenarioType; +import io.metersphere.sdk.util.JSON; +import io.metersphere.system.domain.Plugin; +import io.metersphere.system.domain.UserExtend; +import io.metersphere.system.dto.builder.LogDTOBuilder; +import io.metersphere.system.log.constants.OperationLogModule; +import io.metersphere.system.log.constants.OperationLogType; +import io.metersphere.system.log.dto.LogDTO; +import io.metersphere.system.log.service.OperationLogService; +import io.metersphere.system.mapper.UserExtendMapper; +import jakarta.annotation.Resource; +import org.apache.commons.lang3.StringUtils; +import org.springframework.stereotype.Service; +import org.springframework.transaction.annotation.Transactional; + +import java.util.HashMap; +import java.util.List; +import java.util.Map; + + +@Service +@Transactional(rollbackFor = Exception.class) +public class UserPlatformAccountService { + @Resource + private BasePluginService basePluginService; + @Resource + private PluginLoadService pluginLoadService; + @Resource + private PlatformPluginService platformPluginService; + @Resource + private UserExtendMapper userExtendMapper; + @Resource + private OperationLogService operationLogService; + + public Map getAccountInfoList() { + // 当前系统下所有的开启的三方的插件 动态获取内容 + List plugins = basePluginService.getEnabledPlugins(PluginScenarioType.PLATFORM); + //将结果放到一个map中 key为插件id value为账号信息 + Map accountInfoMap = new HashMap<>(); + plugins.forEach(plugin -> { + Object accountInfo = getAccountInfo(plugin.getId()); + accountInfoMap.put(plugin.getId(), accountInfo); + }); + return accountInfoMap; + } + + private Object getAccountInfo(String pluginId) { + // 获取插件的账号信息 + AbstractPlatformPlugin platformPlugin = (AbstractPlatformPlugin) pluginLoadService.getPluginWrapper(pluginId).getPlugin(); + return pluginLoadService.getPluginScriptContent(pluginId, platformPlugin.getAccountScriptId()); + } + + public void validate(String pluginId, Map serviceIntegrationInfo) { + Platform platform = platformPluginService.getPlatform(pluginId, StringUtils.EMPTY, JSON.toJSONString(serviceIntegrationInfo)); + platform.validateIntegrationConfig(); + } + + public void save(Map platformInfo, String userId) { + UserExtend userExtend = userExtendMapper.selectByPrimaryKey(userId); + if (userExtend == null) { + userExtend = new UserExtend(); + userExtend.setId(userId); + userExtend.setPlatformInfo(JSON.toJSONBytes(platformInfo)); + userExtendMapper.insertSelective(userExtend); + } else { + userExtend.setPlatformInfo(JSON.toJSONBytes(platformInfo)); + userExtendMapper.updateByPrimaryKeySelective(userExtend); + } + LogDTO dto = LogDTOBuilder.builder() + .projectId(OperationLogConstants.SYSTEM) + .organizationId(OperationLogConstants.SYSTEM) + .type(OperationLogType.UPDATE.name()) + .module(OperationLogModule.PERSONAL_INFORMATION_APIKEYS) + .method(HttpMethodConstants.GET.name()) + .path("/user/platform/save") + .sourceId(userId) + .originalValue(JSON.toJSONBytes(userExtend)) + .build().getLogDTO(); + operationLogService.add(dto); + } + + public Map get(String userId) { + UserExtend userExtend = userExtendMapper.selectByPrimaryKey(userId); + if (userExtend == null || userExtend.getPlatformInfo() == null) { + return new HashMap<>(); + } + return JSON.parseMap(new String(userExtend.getPlatformInfo())); + } +} diff --git a/backend/services/system-setting/src/test/java/io/metersphere/system/controller/OrganizationProjectControllerTests.java b/backend/services/system-setting/src/test/java/io/metersphere/system/controller/OrganizationProjectControllerTests.java index e008780261..450a6aad18 100644 --- a/backend/services/system-setting/src/test/java/io/metersphere/system/controller/OrganizationProjectControllerTests.java +++ b/backend/services/system-setting/src/test/java/io/metersphere/system/controller/OrganizationProjectControllerTests.java @@ -641,8 +641,6 @@ public class OrganizationProjectControllerTests extends BaseTest { project.setId("projectId1"); project.setOrganizationId(getDefault().getId()); requestPostPermissionTest(PermissionConstants.ORGANIZATION_PROJECT_READ_UPDATE, updateProject, project); - // 校验日志 - checkLog(projectId, OperationLogType.UPDATE); } @Test diff --git a/backend/services/system-setting/src/test/java/io/metersphere/system/controller/UserPlatformAccountControllerTests.java b/backend/services/system-setting/src/test/java/io/metersphere/system/controller/UserPlatformAccountControllerTests.java new file mode 100644 index 0000000000..6ead3735d5 --- /dev/null +++ b/backend/services/system-setting/src/test/java/io/metersphere/system/controller/UserPlatformAccountControllerTests.java @@ -0,0 +1,110 @@ +package io.metersphere.system.controller; + +import io.metersphere.sdk.util.JSON; +import io.metersphere.system.base.BasePluginTestService; +import io.metersphere.system.base.BaseTest; +import io.metersphere.system.controller.handler.ResultHolder; +import io.metersphere.system.domain.Plugin; +import jakarta.annotation.Resource; +import org.junit.jupiter.api.*; +import org.mockserver.client.MockServerClient; +import org.mockserver.model.Header; +import org.springframework.beans.factory.annotation.Value; +import org.springframework.boot.test.autoconfigure.web.servlet.AutoConfigureMockMvc; +import org.springframework.boot.test.context.SpringBootTest; +import org.springframework.test.web.servlet.MvcResult; + +import java.nio.charset.StandardCharsets; +import java.util.HashMap; +import java.util.Map; + +import static org.mockserver.model.HttpRequest.request; +import static org.mockserver.model.HttpResponse.response; + +@SpringBootTest(webEnvironment = SpringBootTest.WebEnvironment.RANDOM_PORT) +@AutoConfigureMockMvc +@TestMethodOrder(MethodOrderer.OrderAnnotation.class) +public class UserPlatformAccountControllerTests extends BaseTest { + + @Resource + private BasePluginTestService basePluginTestService; + @Value("${embedded.mockserver.host}") + private String mockServerHost; + @Value("${embedded.mockserver.port}") + private int mockServerHostPort; + @Resource + private MockServerClient mockServerClient; + private static final String VALIDATE_POST = "/user/platform/validate/{0}"; + private static final String SAVE_POST = "/user/platform/save"; + public static T parseObjectFromMvcResult(MvcResult mvcResult, Class parseClass) { + try { + String returnData = mvcResult.getResponse().getContentAsString(StandardCharsets.UTF_8); + ResultHolder resultHolder = JSON.parseObject(returnData, ResultHolder.class); + //返回请求正常 + Assertions.assertNotNull(resultHolder); + return JSON.parseObject(JSON.toJSONString(resultHolder.getData()), parseClass); + } catch (Exception ignore) { + } + return null; + } + + @Test + @Order(1) + public void testGetAccountInfoList() throws Exception { + basePluginTestService.getJiraPlugin(); + MvcResult mvcResult = this.requestGetAndReturn("/user/platform/account/info"); + Map accountMap = parseObjectFromMvcResult(mvcResult, Map.class); + Assertions.assertNotNull(accountMap); + } + + @Test + @Order(2) + public void validatePost() throws Exception { + mockServerClient + .when( + request() + .withMethod("GET") + .withPath("/rest/api/2/myself")) + .respond( + response() + .withStatusCode(200) + .withHeaders( + new Header("Content-Type", "application/json; charset=utf-8"), + new Header("Cache-Control", "public, max-age=86400")) + .withBody("{\"self\"") + ); + Plugin plugin = basePluginTestService.getJiraPlugin(); + BasePluginTestService.JiraIntegrationConfig integrationConfig = new BasePluginTestService.JiraIntegrationConfig(); + integrationConfig.setAddress(String.format("http://%s:%s", mockServerHost, mockServerHostPort)); + Map integrationConfigMap = JSON.parseMap(JSON.toJSONString(integrationConfig)); + // @@请求成功 + this.requestPostWithOk(VALIDATE_POST, integrationConfigMap, plugin.getId()); + } + + @Test + @Order(3) + public void testSave() throws Exception { + this.requestGetAndReturn("/user/platform/get"); + basePluginTestService.getJiraPlugin(); + BasePluginTestService.JiraIntegrationConfig integrationConfig = new BasePluginTestService.JiraIntegrationConfig(); + integrationConfig.setAddress(String.format("http://%s:%s", mockServerHost, mockServerHostPort)); + Map jiraMap = new HashMap<>(); + jiraMap.put("jira", integrationConfig); + // @@请求成功 + this.requestPostWithOk(SAVE_POST, jiraMap); + this.requestPostWithOk(SAVE_POST, jiraMap); + } + + @Test + @Order(4) + public void testGet() throws Exception { + MvcResult mvcResult = this.requestGetAndReturn("/user/platform/get"); + Map accountMap = parseObjectFromMvcResult(mvcResult, Map.class); + Assertions.assertNotNull(accountMap); + } + + + + + +} diff --git a/backend/services/system-setting/src/test/java/io/metersphere/system/controller/user/PersonalControllerTests.java b/backend/services/system-setting/src/test/java/io/metersphere/system/controller/user/PersonalControllerTests.java index dcac1f5421..a730c7d7f8 100644 --- a/backend/services/system-setting/src/test/java/io/metersphere/system/controller/user/PersonalControllerTests.java +++ b/backend/services/system-setting/src/test/java/io/metersphere/system/controller/user/PersonalControllerTests.java @@ -8,6 +8,7 @@ import io.metersphere.sdk.util.RsaUtils; import io.metersphere.system.base.BaseTest; import io.metersphere.system.controller.handler.ResultHolder; import io.metersphere.system.domain.UserExample; +import io.metersphere.system.domain.UserExtend; import io.metersphere.system.domain.UserExtendExample; import io.metersphere.system.dto.request.user.PersonalUpdatePasswordRequest; import io.metersphere.system.dto.request.user.PersonalUpdateRequest; @@ -25,6 +26,7 @@ import org.springframework.boot.test.context.SpringBootTest; import org.springframework.test.web.servlet.MvcResult; import java.nio.charset.StandardCharsets; +import java.util.List; import static org.springframework.test.web.servlet.result.MockMvcResultMatchers.status; @@ -85,7 +87,10 @@ public class PersonalControllerTests extends BaseTest { //修改头像 UserExtendExample example = new UserExtendExample(); example.createCriteria().andIdEqualTo(loginUser); - Assertions.assertEquals(userExtendMapper.countByExample(example), 0); + List userExtends = userExtendMapper.selectByExample(example); + if (!userExtends.isEmpty()) { + Assertions.assertNull(userExtends.get(0).getAvatar()); + } request = new PersonalUpdateRequest(); request.setId(loginUser);