test-version22
/
MeterSphere
mirror of https://gitee.com/fit2cloud-feizhiyun/MeterSphere.git
1
0
Fork 0
Code Issues Projects Releases Wiki Activity

refactor: 后台资源检查

This commit is contained in:
shiziyuan9527 2021-05-21 14:59:00 +08:00 committed by 刘瑞斌
parent 6ab68ee48d
commit 9994361a5b
10 changed files with 154 additions and 86 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

3
backend/src/main/java/io/metersphere/base/mapper/ext/ExtUserGroupMapper.java
View File

@ -6,6 +6,7 @@ import io.metersphere.base.domain.User;
import io.metersphere.controller.request.member.QueryMemberRequest;
import io.metersphere.controller.request.organization.QueryOrgMemberRequest;
import io.metersphere.dto.UserGroupDTO;
import io.metersphere.dto.UserGroupHelpDTO;
import org.apache.ibatis.annotations.Param;
import java.util.List;
@ -21,4 +22,6 @@ public interface ExtUserGroupMapper {
List<Group> getWorkspaceMemberGroups(@Param("workspaceId") String workspaceId, @Param("userId") String userId);
List<User> getMemberList(@Param("member") QueryMemberRequest request);
List<UserGroupHelpDTO> getUserRoleHelpList(@Param("userId") String userId);
}

18
backend/src/main/java/io/metersphere/base/mapper/ext/ExtUserGroupMapper.xml
View File

@ -48,4 +48,22 @@
</if>
order by user_group.update_time desc) temp
</select>
<select id="getUserRoleHelpList" resultType="io.metersphere.dto.UserGroupHelpDTO">
SELECT
ug.group_id AS roleId,
g.`name` AS roleName,
ug.source_id AS sourceId,
IF(workspace.id IS NULL,IF(organization.id IS NULL,'',organization.`name`),workspace.name) AS sourceName,
IF(workspace.id IS NULL,NULL,workspace.organization_id) AS parentId
FROM user_group ug LEFT JOIN `group` g ON g.id = ug.group_id
LEFT JOIN workspace ON workspace.id = ug.source_id
LEFT JOIN organization ON organization.id = ug.source_id
WHERE ug.user_id = #{userId}
</select>
</mapper>

4
backend/src/main/java/io/metersphere/controller/UserController.java
View File

@ -230,7 +230,7 @@ public class UserController {
@MsAuditLog(module = "workspace_member", type = OperLogConstants.CREATE, title = "添加工作空间成员")
public void addMember(@RequestBody AddMemberRequest request) {
String wsId = request.getWorkspaceId();
workspaceService.checkWorkspaceOwner(wsId);
// workspaceService.checkWorkspaceOwner(wsId);
userService.addMember(request);
}
@ -241,7 +241,7 @@ public class UserController {
@RequiresRoles(value = {RoleConstants.TEST_MANAGER, RoleConstants.ORG_ADMIN}, logical = Logical.OR)
@MsAuditLog(module = "workspace_member", type = OperLogConstants.DELETE, title = "删除工作空间成员")
public void deleteMember(@PathVariable String workspaceId, @PathVariable String userId) {
workspaceService.checkWorkspaceOwner(workspaceId);
// workspaceService.checkWorkspaceOwner(workspaceId);
String currentUserId = SessionUtils.getUser().getId();
if (StringUtils.equals(userId, currentUserId)) {
MSException.throwException(Translator.get("cannot_remove_current"));

4
backend/src/main/java/io/metersphere/controller/WorkspaceController.java
View File

@ -57,7 +57,7 @@ public class WorkspaceController {
@RequiresRoles(RoleConstants.ORG_ADMIN)
@MsAuditLog(module = "system_workspace", type = OperLogConstants.UPDATE, beforeEvent = "#msClass.getLogDetails(#workspace.id)", content = "#msClass.getLogDetails(#workspace.id)", msClass = WorkspaceService.class)
public Workspace updateWorkspace(@RequestBody Workspace workspace) {
workspaceService.checkWorkspaceOwnerByOrgAdmin(workspace.getId());
// workspaceService.checkWorkspaceOwnerByOrgAdmin(workspace.getId());
return workspaceService.saveWorkspace(workspace);
}
@ -80,7 +80,7 @@ public class WorkspaceController {
@RequiresRoles(RoleConstants.ORG_ADMIN)
@MsAuditLog(module = "system_workspace", type = OperLogConstants.DELETE, beforeEvent = "#msClass.getLogDetails(#workspaceId)", msClass = WorkspaceService.class)
public void deleteWorkspace(@PathVariable String workspaceId) {
workspaceService.checkWorkspaceOwnerByOrgAdmin(workspaceId);
// workspaceService.checkWorkspaceOwnerByOrgAdmin(workspaceId);
userService.refreshSessionUser("workspace", workspaceId);
workspaceService.deleteWorkspace(workspaceId);
}

12
backend/src/main/java/io/metersphere/dto/UserGroupHelpDTO.java Normal file
View File

@ -0,0 +1,12 @@
package io.metersphere.dto;
import lombok.Data;
@Data
public class UserGroupHelpDTO {
private String groupId;
private String groupName;
private String sourceId;
private String sourceName;
private String parentId;
}

42
backend/src/main/java/io/metersphere/service/CheckPermissionService.java
View File

@ -1,10 +1,11 @@
package io.metersphere.service;
import io.metersphere.base.domain.Group;
import io.metersphere.base.domain.Project;
import io.metersphere.base.domain.UserRole;
import io.metersphere.base.domain.UserGroup;
import io.metersphere.base.mapper.ProjectMapper;
import io.metersphere.base.mapper.ext.*;
import io.metersphere.commons.constants.RoleConstants;
import io.metersphere.commons.constants.UserGroupType;
import io.metersphere.commons.utils.SessionUtils;
import io.metersphere.i18n.Translator;
import org.apache.commons.collections4.CollectionUtils;
@ -12,6 +13,7 @@ import org.apache.commons.lang3.StringUtils;
import org.springframework.stereotype.Service;
import javax.annotation.Resource;
import java.util.List;
import java.util.Objects;
import java.util.Set;
import java.util.stream.Collectors;
@ -32,18 +34,18 @@ public class CheckPermissionService {
private ExtTestCaseReviewMapper extTestCaseReviewMapper;
public void checkReadOnlyUser() {
String currentWorkspaceId = SessionUtils.getCurrentWorkspaceId();
Set<String> collect = Objects.requireNonNull(SessionUtils.getUser()).getUserRoles().stream()
.filter(ur ->
StringUtils.equals(ur.getRoleId(), RoleConstants.TEST_VIEWER))
.map(UserRole::getSourceId)
.filter(sourceId -> StringUtils.equals(currentWorkspaceId, sourceId))
.collect(Collectors.toSet());
if (CollectionUtils.isNotEmpty(collect)) {
throw new RuntimeException(Translator.get("check_owner_read_only"));
}
}
// public void checkReadOnlyUser() {
// String currentWorkspaceId = SessionUtils.getCurrentWorkspaceId();
// Set<String> collect = Objects.requireNonNull(SessionUtils.getUser()).getUserRoles().stream()
// .filter(ur ->
// StringUtils.equals(ur.getRoleId(), RoleConstants.TEST_VIEWER))
// .map(UserRole::getSourceId)
// .filter(sourceId -> StringUtils.equals(currentWorkspaceId, sourceId))
// .collect(Collectors.toSet());
// if (CollectionUtils.isNotEmpty(collect)) {
// throw new RuntimeException(Translator.get("check_owner_read_only"));
// }
// }
public void checkProjectOwner(String projectId) {
Set<String> workspaceIds = getUserRelatedWorkspaceIds();
@ -60,10 +62,14 @@ public class CheckPermissionService {
}
private Set<String> getUserRelatedWorkspaceIds() {
return Objects.requireNonNull(SessionUtils.getUser()).getUserRoles().stream()
.filter(ur ->
StringUtils.equalsAny(ur.getRoleId(), RoleConstants.TEST_MANAGER, RoleConstants.TEST_USER, RoleConstants.TEST_VIEWER))
.map(UserRole::getSourceId)
List<String> groupIds = Objects.requireNonNull(SessionUtils.getUser()).getGroups()
.stream()
.filter(g -> StringUtils.equals(g.getType(), UserGroupType.WORKSPACE))
.map(Group::getId)
.collect(Collectors.toList());
return Objects.requireNonNull(SessionUtils.getUser()).getUserGroups().stream()
.filter(ur -> groupIds.contains(ur.getGroupId()))
.map(UserGroup::getSourceId)
.collect(Collectors.toSet());
}

20
backend/src/main/java/io/metersphere/service/OrganizationService.java
View File

@ -12,10 +12,7 @@ import io.metersphere.commons.exception.MSException;
import io.metersphere.commons.user.SessionUser;
import io.metersphere.commons.utils.SessionUtils;
import io.metersphere.controller.request.OrganizationRequest;
import io.metersphere.dto.OrganizationMemberDTO;
import io.metersphere.dto.OrganizationResource;
import io.metersphere.dto.UserDTO;
import io.metersphere.dto.UserRoleHelpDTO;
import io.metersphere.dto.*;
import io.metersphere.i18n.Translator;
import io.metersphere.log.utils.ReflexObjectUtil;
import io.metersphere.log.vo.DetailColumn;
@ -128,9 +125,9 @@ public class OrganizationService {
}
public List<Organization> getOrganizationListByUserId(String userId) {
List<UserRoleHelpDTO> userRoleHelpList = extUserRoleMapper.getUserRoleHelpList(userId);
List<UserGroupHelpDTO> userGroupHelpDTOList = extUserGroupMapper.getUserRoleHelpList(userId);
List<String> list = new ArrayList<>();
userRoleHelpList.forEach(r -> {
userGroupHelpDTOList.forEach(r -> {
if (StringUtils.isEmpty(r.getParentId())) {
list.add(r.getSourceId());
} else {
@ -181,9 +178,14 @@ public class OrganizationService {
public void checkOrgOwner(String organizationId) {
SessionUser sessionUser = SessionUtils.getUser();
UserDTO user = userService.getUserDTO(sessionUser.getId());
List<String> collect = user.getUserRoles().stream()
.filter(ur -> RoleConstants.ORG_ADMIN.equals(ur.getRoleId()) || RoleConstants.ORG_MEMBER.equals(ur.getRoleId()))
.map(UserRole::getSourceId)
List<String> groupIds = user.getGroups()
.stream()
.filter(g -> StringUtils.equals(g.getType(), UserGroupType.ORGANIZATION))
.map(Group::getId)
.collect(Collectors.toList());
List<String> collect = user.getUserGroups().stream()
.filter(ur -> groupIds.contains(ur.getGroupId()))
.map(UserGroup::getSourceId)
.collect(Collectors.toList());
if (!collect.contains(organizationId)) {
MSException.throwException(Translator.get("organization_does_not_belong_to_user"));

18
backend/src/main/java/io/metersphere/service/UserService.java
View File

@ -717,9 +717,21 @@ public class UserService {
UserDTO user = (UserDTO) subject.getSession().getAttribute(ATTR_USER);
// 自动选中组织工作空间
if (StringUtils.isEmpty(user.getLastOrganizationId())) {
List<UserRole> userRoles = user.getUserRoles();
List<UserRole> test = userRoles.stream().filter(ur -> ur.getRoleId().startsWith("test")).collect(Collectors.toList());
List<UserRole> org = userRoles.stream().filter(ur -> ur.getRoleId().startsWith("org")).collect(Collectors.toList());
List<String> orgIds = user.getGroups()
.stream()
.filter(ug -> StringUtils.equals(ug.getType(), UserGroupType.ORGANIZATION))
.map(Group::getId)
.collect(Collectors.toList());
List<String> testIds = user.getGroups()
.stream()
.filter(ug -> StringUtils.equals(ug.getType(), UserGroupType.WORKSPACE))
.map(Group::getId)
.collect(Collectors.toList());
List<UserGroup> userGroups = user.getUserGroups();
List<UserGroup> org = userGroups.stream().filter(ug -> orgIds.contains(ug.getGroupId()))
.collect(Collectors.toList());
List<UserGroup> test = userGroups.stream().filter(ug -> testIds.contains(ug.getGroupId()))
.collect(Collectors.toList());
if (test.size() > 0) {
String wsId = test.get(0).getSourceId();
switchUserRole("workspace", wsId);

86
backend/src/main/java/io/metersphere/service/WorkspaceService.java
View File

@ -126,46 +126,48 @@ public class WorkspaceService {
* ORG_ADMIN需要检查是否有操作此工作空间的权限
*/
public void checkWorkspaceOwnerByOrgAdmin(String workspaceId) {
checkWorkspaceIsExist(workspaceId);
WorkspaceExample example = new WorkspaceExample();
SessionUser sessionUser = SessionUtils.getUser();
UserDTO user = userService.getUserDTO(sessionUser.getId());
List<String> orgIds = user.getUserRoles().stream()
.filter(ur -> RoleConstants.ORG_ADMIN.equals(ur.getRoleId()))
.map(UserRole::getSourceId)
.collect(Collectors.toList());
example.createCriteria()
.andOrganizationIdIn(orgIds)
.andIdEqualTo(workspaceId);
if (workspaceMapper.countByExample(example) == 0) {
MSException.throwException(Translator.get("workspace_does_not_belong_to_user"));
}
// todo
// checkWorkspaceIsExist(workspaceId);
// WorkspaceExample example = new WorkspaceExample();
// SessionUser sessionUser = SessionUtils.getUser();
// UserDTO user = userService.getUserDTO(sessionUser.getId());
// List<String> orgIds = user.getUserRoles().stream()
// .filter(ur -> RoleConstants.ORG_ADMIN.equals(ur.getRoleId()))
// .map(UserRole::getSourceId)
// .collect(Collectors.toList());
// example.createCriteria()
// .andOrganizationIdIn(orgIds)
// .andIdEqualTo(workspaceId);
// if (workspaceMapper.countByExample(example) == 0) {
// MSException.throwException(Translator.get("workspace_does_not_belong_to_user"));
// }
}
public void checkWorkspaceOwner(String workspaceId) {
checkWorkspaceIsExist(workspaceId);
int size = 0;
WorkspaceExample example = new WorkspaceExample();
SessionUser sessionUser = SessionUtils.getUser();
UserDTO user = userService.getUserDTO(sessionUser.getId());
List<String> orgIds = user.getUserRoles().stream()
.filter(ur -> RoleConstants.ORG_ADMIN.equals(ur.getRoleId()))
.map(UserRole::getSourceId)
.collect(Collectors.toList());
if (!CollectionUtils.isEmpty(orgIds)) {
example.createCriteria()
.andOrganizationIdIn(orgIds)
.andIdEqualTo(workspaceId);
size = (int) workspaceMapper.countByExample(example);
}
List<String> wsIds = user.getUserRoles().stream()
.filter(ur -> RoleConstants.TEST_MANAGER.equals(ur.getRoleId()))
.map(UserRole::getSourceId)
.collect(Collectors.toList());
boolean contains = wsIds.contains(workspaceId);
if (size == 0 && !contains) {
MSException.throwException(Translator.get("workspace_does_not_belong_to_user"));
}
// todo
// checkWorkspaceIsExist(workspaceId);
// int size = 0;
// WorkspaceExample example = new WorkspaceExample();
// SessionUser sessionUser = SessionUtils.getUser();
// UserDTO user = userService.getUserDTO(sessionUser.getId());
// List<String> orgIds = user.getUserRoles().stream()
// .filter(ur -> RoleConstants.ORG_ADMIN.equals(ur.getRoleId()))
// .map(UserRole::getSourceId)
// .collect(Collectors.toList());
// if (!CollectionUtils.isEmpty(orgIds)) {
// example.createCriteria()
// .andOrganizationIdIn(orgIds)
// .andIdEqualTo(workspaceId);
// size = (int) workspaceMapper.countByExample(example);
// }
// List<String> wsIds = user.getUserRoles().stream()
// .filter(ur -> RoleConstants.TEST_MANAGER.equals(ur.getRoleId()))
// .map(UserRole::getSourceId)
// .collect(Collectors.toList());
// boolean contains = wsIds.contains(workspaceId);
// if (size == 0 && !contains) {
// MSException.throwException(Translator.get("workspace_does_not_belong_to_user"));
// }
}
public void checkWorkspaceIsExist(String workspaceId) {
@ -194,13 +196,13 @@ public class WorkspaceService {
WorkspaceExample workspaceExample = new WorkspaceExample();
workspaceExample.createCriteria().andOrganizationIdEqualTo(orgId);
List<Workspace> workspaces = workspaceMapper.selectByExample(workspaceExample);
UserRoleExample userRoleExample = new UserRoleExample();
userRoleExample.createCriteria().andUserIdEqualTo(useId);
List<UserRole> userRoles = userRoleMapper.selectByExample(userRoleExample);
UserGroupExample userGroupExample = new UserGroupExample();
userGroupExample.createCriteria().andUserIdEqualTo(useId);
List<UserGroup> userGroups = userGroupMapper.selectByExample(userGroupExample);
List<Workspace> resultWorkspaceList = new ArrayList<>();
userRoles.forEach(userRole -> {
userGroups.forEach(userGroup -> {
workspaces.forEach(workspace -> {
if (StringUtils.equals(userRole.getSourceId(), workspace.getId())) {
if (StringUtils.equals(userGroup.getSourceId(), workspace.getId())) {
if (!resultWorkspaceList.contains(workspace)) {
resultWorkspaceList.add(workspace);
}

33
backend/src/main/java/io/metersphere/track/service/TestCaseService.java
View File

@ -11,6 +11,7 @@ import io.metersphere.base.mapper.ext.ExtTestCaseMapper;
import io.metersphere.commons.constants.RoleConstants;
import io.metersphere.commons.constants.TestCaseConstants;
import io.metersphere.commons.constants.TestCaseReviewStatus;
import io.metersphere.commons.constants.UserGroupType;
import io.metersphere.commons.exception.MSException;
import io.metersphere.commons.user.SessionUser;
import io.metersphere.commons.utils.*;
@ -105,6 +106,10 @@ public class TestCaseService {
TestCaseFileMapper testCaseFileMapper;
@Resource
TestCaseTestMapper testCaseTestMapper;
@Resource
private GroupMapper groupMapper;
@Resource
private UserGroupMapper userGroupMapper;
private void setNode(TestCaseWithBLOBs testCase) {
if (StringUtils.isEmpty(testCase.getNodeId()) || "default-module".equals(testCase.getNodeId())) {
@ -450,12 +455,16 @@ public class TestCaseService {
}
} else {
UserRoleExample userRoleExample = new UserRoleExample();
userRoleExample.createCriteria()
.andRoleIdIn(Arrays.asList(RoleConstants.TEST_MANAGER, RoleConstants.TEST_USER))
.andSourceIdEqualTo(currentWorkspaceId);
GroupExample groupExample = new GroupExample();
groupExample.createCriteria().andTypeIn(Arrays.asList(UserGroupType.WORKSPACE, UserGroupType.PROJECT));
List<Group> groups = groupMapper.selectByExample(groupExample);
List<String> groupIds = groups.stream().map(Group::getId).collect(Collectors.toList());
Set<String> userIds = userRoleMapper.selectByExample(userRoleExample).stream().map(UserRole::getUserId).collect(Collectors.toSet());
UserGroupExample userGroupExample = new UserGroupExample();
userGroupExample.createCriteria()
.andGroupIdIn(groupIds)
.andSourceIdEqualTo(currentWorkspaceId);
Set<String> userIds = userGroupMapper.selectByExample(userGroupExample).stream().map(UserGroup::getUserId).collect(Collectors.toSet());
try {
//根据本地语言环境选择用哪种数据对象进行存放读取的数据
@ -1115,12 +1124,16 @@ public class TestCaseService {
MSException.throwException(e.getMessage());
}
} else {
UserRoleExample userRoleExample = new UserRoleExample();
userRoleExample.createCriteria()
.andRoleIdIn(Arrays.asList(RoleConstants.TEST_MANAGER, RoleConstants.TEST_USER))
.andSourceIdEqualTo(currentWorkspaceId);
GroupExample groupExample = new GroupExample();
groupExample.createCriteria().andTypeIn(Arrays.asList(UserGroupType.WORKSPACE, UserGroupType.PROJECT));
List<Group> groups = groupMapper.selectByExample(groupExample);
List<String> groupIds = groups.stream().map(Group::getId).collect(Collectors.toList());
Set<String> userIds = userRoleMapper.selectByExample(userRoleExample).stream().map(UserRole::getUserId).collect(Collectors.toSet());
UserGroupExample userGroupExample = new UserGroupExample();
userGroupExample.createCriteria()
.andGroupIdIn(groupIds)
.andSourceIdEqualTo(currentWorkspaceId);
Set<String> userIds = userGroupMapper.selectByExample(userGroupExample).stream().map(UserGroup::getUserId).collect(Collectors.toSet());
try {
//根据本地语言环境选择用哪种数据对象进行存放读取的数据