ci: 常量提取,初始化用户组 flyway, 初始化设置prometheus站点
This commit is contained in:
parent
4fb11c1a55
commit
9ff993682d
|
@ -11,15 +11,15 @@ insert into user(id, name, email, password, create_time, update_time, language,
|
||||||
VALUES ('admin', 'Administrator', 'admin@metersphere.io', MD5('metersphere'), UNIX_TIMESTAMP() * 1000, UNIX_TIMESTAMP() * 1000, NULL, NUll, '', 'LOCAL', NULL, 'admin', 'admin',false);
|
VALUES ('admin', 'Administrator', 'admin@metersphere.io', MD5('metersphere'), UNIX_TIMESTAMP() * 1000, UNIX_TIMESTAMP() * 1000, NULL, NUll, '', 'LOCAL', NULL, 'admin', 'admin',false);
|
||||||
|
|
||||||
-- 初始化用户组
|
-- 初始化用户组
|
||||||
INSERT INTO user_role (id, name, description, internal, type, create_time, update_time, create_user, scope_id) VALUES ('admin', '系统管理员', '拥有系统全部组织以及项目的操作权限', 1, 'SYSTEM', 1621224000000, 1621224000000, 'admin', 'GLOBAL');
|
INSERT INTO user_role (id, name, description, internal, type, create_time, update_time, create_user, scope_id) VALUES ('admin', '系统管理员', '拥有系统全部组织以及项目的操作权限', 1, 'SYSTEM', 1621224000000, 1621224000000, 'admin', 'global');
|
||||||
INSERT INTO user_role (id, name, description, internal, type, create_time, update_time, create_user, scope_id) VALUES ('member', '系统成员', '系统内初始化的用户', 1, 'SYSTEM', 1621224000000, 1621224000000, 'admin', 'GLOBAL');
|
INSERT INTO user_role (id, name, description, internal, type, create_time, update_time, create_user, scope_id) VALUES ('member', '系统成员', '系统内初始化的用户', 1, 'SYSTEM', 1621224000000, 1621224000000, 'admin', 'global');
|
||||||
INSERT INTO user_role (id, name, description, internal, type, create_time, update_time, create_user, scope_id) VALUES ('org_admin', '组织管理员', '组织管理员', 1, 'ORGANIZATION', 1620674220007, 1620674220000, 'admin', 'GLOBAL');
|
INSERT INTO user_role (id, name, description, internal, type, create_time, update_time, create_user, scope_id) VALUES ('org_admin', '组织管理员', '组织管理员', 1, 'ORGANIZATION', 1620674220007, 1620674220000, 'admin', 'global');
|
||||||
INSERT INTO user_role (id, name, description, internal, type, create_time, update_time, create_user, scope_id) VALUES ('org_member', '组织成员', '组织成员', 1, 'ORGANIZATION', 1620674220008, 1620674220000, 'admin', 'GLOBAL');
|
INSERT INTO user_role (id, name, description, internal, type, create_time, update_time, create_user, scope_id) VALUES ('org_member', '组织成员', '组织成员', 1, 'ORGANIZATION', 1620674220008, 1620674220000, 'admin', 'global');
|
||||||
INSERT INTO user_role (id, name, description, internal, type, create_time, update_time, create_user, scope_id) VALUES ('project_admin', '项目管理员', '项目管理员', 1, 'PROJECT', 1620674220004, 1620674220000, 'admin', 'GLOBAL');
|
INSERT INTO user_role (id, name, description, internal, type, create_time, update_time, create_user, scope_id) VALUES ('project_admin', '项目管理员', '项目管理员', 1, 'PROJECT', 1620674220004, 1620674220000, 'admin', 'global');
|
||||||
INSERT INTO user_role (id, name, description, internal, type, create_time, update_time, create_user, scope_id) VALUES ('project_member', '项目成员', '项目成员', 1, 'PROJECT', 1620674220005, 1620674220000, 'admin', 'GLOBAL');
|
INSERT INTO user_role (id, name, description, internal, type, create_time, update_time, create_user, scope_id) VALUES ('project_member', '项目成员', '项目成员', 1, 'PROJECT', 1620674220005, 1620674220000, 'admin', 'global');
|
||||||
|
|
||||||
-- 初始化用户和组的关系
|
-- 初始化用户和组的关系
|
||||||
INSERT INTO user_role_relation (id, user_id, role_id, source_id, create_time, create_user) VALUES (uuid(), 'admin', 'admin', 'SYSTEM', 1684747668375, 'admin');
|
INSERT INTO user_role_relation (id, user_id, role_id, source_id, create_time, create_user) VALUES (uuid(), 'admin', 'admin', 'system', 1684747668375, 'admin');
|
||||||
|
|
||||||
-- 初始化用户组权限
|
-- 初始化用户组权限
|
||||||
-- 系统管理员拥有所有的权限,不用初始化
|
-- 系统管理员拥有所有的权限,不用初始化
|
||||||
|
@ -67,6 +67,8 @@ INSERT INTO user_role_permission (id, role_id, permission_id) VALUES (uuid(), 'o
|
||||||
|
|
||||||
-- 初始化当前站点配置
|
-- 初始化当前站点配置
|
||||||
INSERT into system_parameter values('base.url', 'http://127.0.0.1:8081', 'text');
|
INSERT into system_parameter values('base.url', 'http://127.0.0.1:8081', 'text');
|
||||||
|
-- 初始化prometheus站点配置
|
||||||
|
INSERT into system_parameter values('base.prometheus.host', 'http://ms-prometheus:9090', 'text');
|
||||||
|
|
||||||
-- 初始化资源池
|
-- 初始化资源池
|
||||||
INSERT INTO test_resource_pool (id, name, type, description, enable, create_time, update_time, create_user, api_test, load_test, ui_test, all_org, deleted) VALUES ('a6374438-80fc-4a28-8848-96c492830af5', 'LOCAL', 'Node', '系统初始化资源池', true, 1690440108595, 1690440110182, 'admin', true, true, true, true, false);
|
INSERT INTO test_resource_pool (id, name, type, description, enable, create_time, update_time, create_user, api_test, load_test, ui_test, all_org, deleted) VALUES ('a6374438-80fc-4a28-8848-96c492830af5', 'LOCAL', 'Node', '系统初始化资源池', true, 1690440108595, 1690440110182, 'admin', true, true, true, true, false);
|
||||||
|
|
|
@ -0,0 +1,6 @@
|
||||||
|
package io.metersphere.sdk.constants;
|
||||||
|
|
||||||
|
public interface UserRoleScope {
|
||||||
|
String GLOBAL = "global";
|
||||||
|
String SYSTEM = "system";
|
||||||
|
}
|
|
@ -1,5 +0,0 @@
|
||||||
package io.metersphere.sdk.constants;
|
|
||||||
|
|
||||||
public enum UserSourceEnum {
|
|
||||||
LOCAL, OIDC, CAS, OAUTH2
|
|
||||||
}
|
|
|
@ -29,7 +29,6 @@ import static io.metersphere.sdk.controller.handler.result.CommonResultCode.INTE
|
||||||
@Service
|
@Service
|
||||||
@Transactional(rollbackFor = Exception.class)
|
@Transactional(rollbackFor = Exception.class)
|
||||||
public class BaseUserRoleService {
|
public class BaseUserRoleService {
|
||||||
public static final String SYSTEM_TYPE = "SYSTEM";
|
|
||||||
@Resource
|
@Resource
|
||||||
private PermissionCache permissionCache;
|
private PermissionCache permissionCache;
|
||||||
@Resource
|
@Resource
|
||||||
|
@ -41,6 +40,7 @@ public class BaseUserRoleService {
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* 根据用户组获取对应的权限配置项
|
* 根据用户组获取对应的权限配置项
|
||||||
|
*
|
||||||
* @param userRole
|
* @param userRole
|
||||||
* @return
|
* @return
|
||||||
*/
|
*/
|
||||||
|
@ -193,6 +193,7 @@ public class BaseUserRoleService {
|
||||||
/**
|
/**
|
||||||
* 删除用户组时校验必须要有一个用户组
|
* 删除用户组时校验必须要有一个用户组
|
||||||
* 没有的话,添加系统成员,组织成员,项目成员用户组
|
* 没有的话,添加系统成员,组织成员,项目成员用户组
|
||||||
|
*
|
||||||
* @param defaultRoleId 默认用户组id
|
* @param defaultRoleId 默认用户组id
|
||||||
* @param currentUserId 当前用户id
|
* @param currentUserId 当前用户id
|
||||||
*/
|
*/
|
||||||
|
|
|
@ -1,8 +1,9 @@
|
||||||
package io.metersphere.sdk.util;
|
package io.metersphere.sdk.util;
|
||||||
|
|
||||||
import io.metersphere.sdk.constants.InternalUserRole;
|
import io.metersphere.sdk.constants.InternalUserRole;
|
||||||
|
import io.metersphere.sdk.constants.UserRoleScope;
|
||||||
|
import io.metersphere.sdk.constants.UserRoleType;
|
||||||
import io.metersphere.sdk.dto.SessionUser;
|
import io.metersphere.sdk.dto.SessionUser;
|
||||||
import io.metersphere.sdk.service.BaseUserRoleService;
|
|
||||||
import io.metersphere.system.domain.UserRole;
|
import io.metersphere.system.domain.UserRole;
|
||||||
import io.metersphere.system.domain.UserRolePermission;
|
import io.metersphere.system.domain.UserRolePermission;
|
||||||
import jakarta.servlet.http.HttpServletRequest;
|
import jakarta.servlet.http.HttpServletRequest;
|
||||||
|
@ -16,7 +17,6 @@ import org.springframework.session.data.redis.RedisIndexedSessionRepository;
|
||||||
import org.springframework.web.context.request.RequestContextHolder;
|
import org.springframework.web.context.request.RequestContextHolder;
|
||||||
import org.springframework.web.context.request.ServletRequestAttributes;
|
import org.springframework.web.context.request.ServletRequestAttributes;
|
||||||
|
|
||||||
|
|
||||||
import java.util.*;
|
import java.util.*;
|
||||||
import java.util.stream.Collectors;
|
import java.util.stream.Collectors;
|
||||||
|
|
||||||
|
@ -136,7 +136,7 @@ public class SessionUtils {
|
||||||
Map<String, UserRole> role = new HashMap<>();
|
Map<String, UserRole> role = new HashMap<>();
|
||||||
SessionUser user = Objects.requireNonNull(SessionUtils.getUser());
|
SessionUser user = Objects.requireNonNull(SessionUtils.getUser());
|
||||||
user.getUserRoleRelations().forEach(ug -> user.getUserRolePermissions().forEach(gp -> {
|
user.getUserRoleRelations().forEach(ug -> user.getUserRolePermissions().forEach(gp -> {
|
||||||
if (StringUtils.equals(gp.getUserRole().getId(), ug.getRoleId())) {
|
if (StringUtils.equalsIgnoreCase(gp.getUserRole().getId(), ug.getRoleId())) {
|
||||||
userRolePermissions.put(ug.getId(), gp.getUserRolePermissions());
|
userRolePermissions.put(ug.getId(), gp.getUserRolePermissions());
|
||||||
role.put(ug.getId(), gp.getUserRole());
|
role.put(ug.getId(), gp.getUserRole());
|
||||||
}
|
}
|
||||||
|
@ -144,7 +144,7 @@ public class SessionUtils {
|
||||||
|
|
||||||
long count = user.getUserRoles()
|
long count = user.getUserRoles()
|
||||||
.stream()
|
.stream()
|
||||||
.filter(g -> StringUtils.equals(g.getId(), InternalUserRole.ADMIN.getValue()))
|
.filter(g -> StringUtils.equalsIgnoreCase(g.getId(), InternalUserRole.ADMIN.getValue()))
|
||||||
.count();
|
.count();
|
||||||
|
|
||||||
if (count > 0) {
|
if (count > 0) {
|
||||||
|
@ -168,8 +168,8 @@ public class SessionUtils {
|
||||||
|
|
||||||
private static Set<String> getSystemPermissions(Map<String, List<UserRolePermission>> userRolePermissions, Map<String, UserRole> role, SessionUser user) {
|
private static Set<String> getSystemPermissions(Map<String, List<UserRolePermission>> userRolePermissions, Map<String, UserRole> role, SessionUser user) {
|
||||||
return user.getUserRoleRelations().stream()
|
return user.getUserRoleRelations().stream()
|
||||||
.filter(ug -> role.get(ug.getId()) != null && StringUtils.equals(role.get(ug.getId()).getType(), BaseUserRoleService.SYSTEM_TYPE))
|
.filter(ug -> role.get(ug.getId()) != null && StringUtils.equalsIgnoreCase(role.get(ug.getId()).getType(), UserRoleType.SYSTEM.name()))
|
||||||
.filter(ug -> StringUtils.equals(ug.getSourceId(), BaseUserRoleService.SYSTEM_TYPE) || StringUtils.equals(ug.getSourceId(), "'adminSourceId'"))
|
.filter(ug -> StringUtils.equalsIgnoreCase(ug.getSourceId(), UserRoleScope.SYSTEM))
|
||||||
.flatMap(ug -> userRolePermissions.get(ug.getId()).stream())
|
.flatMap(ug -> userRolePermissions.get(ug.getId()).stream())
|
||||||
.map(UserRolePermission::getPermissionId)
|
.map(UserRolePermission::getPermissionId)
|
||||||
.collect(Collectors.toSet());
|
.collect(Collectors.toSet());
|
||||||
|
@ -177,8 +177,8 @@ public class SessionUtils {
|
||||||
|
|
||||||
private static Set<String> getCurrentOrganizationPermissions(Map<String, List<UserRolePermission>> userRolePermissions, String organizationId, Map<String, UserRole> role, SessionUser user) {
|
private static Set<String> getCurrentOrganizationPermissions(Map<String, List<UserRolePermission>> userRolePermissions, String organizationId, Map<String, UserRole> role, SessionUser user) {
|
||||||
return user.getUserRoleRelations().stream()
|
return user.getUserRoleRelations().stream()
|
||||||
.filter(ug -> role.get(ug.getId()) != null && StringUtils.equals(role.get(ug.getId()).getType(), "ORGANIZATION"))
|
.filter(ug -> role.get(ug.getId()) != null && StringUtils.equalsIgnoreCase(role.get(ug.getId()).getType(), UserRoleType.ORGANIZATION.name()))
|
||||||
.filter(ug -> StringUtils.equals(ug.getSourceId(), organizationId))
|
.filter(ug -> StringUtils.equalsIgnoreCase(ug.getSourceId(), organizationId))
|
||||||
.flatMap(ug -> userRolePermissions.get(ug.getId()).stream())
|
.flatMap(ug -> userRolePermissions.get(ug.getId()).stream())
|
||||||
.map(UserRolePermission::getPermissionId)
|
.map(UserRolePermission::getPermissionId)
|
||||||
.collect(Collectors.toSet());
|
.collect(Collectors.toSet());
|
||||||
|
@ -186,8 +186,8 @@ public class SessionUtils {
|
||||||
|
|
||||||
private static Set<String> getCurrentProjectPermissions(Map<String, List<UserRolePermission>> userRolePermissions, String projectId, Map<String, UserRole> role, SessionUser user) {
|
private static Set<String> getCurrentProjectPermissions(Map<String, List<UserRolePermission>> userRolePermissions, String projectId, Map<String, UserRole> role, SessionUser user) {
|
||||||
return user.getUserRoleRelations().stream()
|
return user.getUserRoleRelations().stream()
|
||||||
.filter(ug -> role.get(ug.getId()) != null && StringUtils.equals(role.get(ug.getId()).getType(), "PROJECT"))
|
.filter(ug -> role.get(ug.getId()) != null && StringUtils.equalsIgnoreCase(role.get(ug.getId()).getType(), UserRoleType.PROJECT.name()))
|
||||||
.filter(ug -> StringUtils.equals(ug.getSourceId(), projectId))
|
.filter(ug -> StringUtils.equalsIgnoreCase(ug.getSourceId(), projectId))
|
||||||
.flatMap(ug -> userRolePermissions.get(ug.getId()).stream())
|
.flatMap(ug -> userRolePermissions.get(ug.getId()).stream())
|
||||||
.map(UserRolePermission::getPermissionId)
|
.map(UserRolePermission::getPermissionId)
|
||||||
.collect(Collectors.toSet());
|
.collect(Collectors.toSet());
|
||||||
|
|
|
@ -278,8 +278,8 @@ public abstract class BaseTest {
|
||||||
OperationLogExample example = new OperationLogExample();
|
OperationLogExample example = new OperationLogExample();
|
||||||
example.createCriteria().andSourceIdEqualTo(resourceId).andTypeEqualTo(operationLogType.name());
|
example.createCriteria().andSourceIdEqualTo(resourceId).andTypeEqualTo(operationLogType.name());
|
||||||
operationLogMapper.selectByExample(example).stream()
|
operationLogMapper.selectByExample(example).stream()
|
||||||
.filter(operationLog -> operationLog.getSourceId().equals(resourceId))
|
.filter(operationLog -> operationLog.getSourceId().equalsIgnoreCase(resourceId))
|
||||||
.filter(operationLog -> operationLog.getType().equals(operationLogType.name()))
|
.filter(operationLog -> operationLog.getType().equalsIgnoreCase(operationLogType.name()))
|
||||||
.filter(operationLog -> StringUtils.isNotBlank(operationLog.getProjectId()))
|
.filter(operationLog -> StringUtils.isNotBlank(operationLog.getProjectId()))
|
||||||
.filter(operationLog -> StringUtils.isNotBlank(operationLog.getModule()))
|
.filter(operationLog -> StringUtils.isNotBlank(operationLog.getModule()))
|
||||||
.findFirst()
|
.findFirst()
|
||||||
|
|
|
@ -5,7 +5,7 @@ import com.github.pagehelper.Page;
|
||||||
import com.github.pagehelper.PageHelper;
|
import com.github.pagehelper.PageHelper;
|
||||||
import io.metersphere.project.domain.Project;
|
import io.metersphere.project.domain.Project;
|
||||||
import io.metersphere.sdk.constants.PermissionConstants;
|
import io.metersphere.sdk.constants.PermissionConstants;
|
||||||
import io.metersphere.sdk.constants.UserSourceEnum;
|
import io.metersphere.sdk.constants.UserSource;
|
||||||
import io.metersphere.sdk.dto.*;
|
import io.metersphere.sdk.dto.*;
|
||||||
import io.metersphere.sdk.log.annotation.Log;
|
import io.metersphere.sdk.log.annotation.Log;
|
||||||
import io.metersphere.sdk.log.constants.OperationLogType;
|
import io.metersphere.sdk.log.constants.OperationLogType;
|
||||||
|
@ -67,7 +67,7 @@ public class UserController {
|
||||||
@Operation(summary = "添加用户")
|
@Operation(summary = "添加用户")
|
||||||
@RequiresPermissions(PermissionConstants.SYSTEM_USER_READ_ADD)
|
@RequiresPermissions(PermissionConstants.SYSTEM_USER_READ_ADD)
|
||||||
public UserBatchCreateDTO addUser(@Validated({Created.class}) @RequestBody UserBatchCreateDTO userCreateDTO) {
|
public UserBatchCreateDTO addUser(@Validated({Created.class}) @RequestBody UserBatchCreateDTO userCreateDTO) {
|
||||||
return userService.addUser(userCreateDTO, UserSourceEnum.LOCAL.name(), SessionUtils.getUserId());
|
return userService.addUser(userCreateDTO, UserSource.LOCAL.name(), SessionUtils.getUserId());
|
||||||
}
|
}
|
||||||
|
|
||||||
@PostMapping("/update")
|
@PostMapping("/update")
|
||||||
|
@ -99,7 +99,7 @@ public class UserController {
|
||||||
@Operation(summary = "导入用户")
|
@Operation(summary = "导入用户")
|
||||||
@RequiresPermissions(PermissionConstants.SYSTEM_USER_READ_IMPORT)
|
@RequiresPermissions(PermissionConstants.SYSTEM_USER_READ_IMPORT)
|
||||||
public UserImportResponse importUser(@RequestPart(value = "file", required = false) MultipartFile excelFile) {
|
public UserImportResponse importUser(@RequestPart(value = "file", required = false) MultipartFile excelFile) {
|
||||||
return userService.importByExcel(excelFile, UserSourceEnum.LOCAL.name(), SessionUtils.getSessionId());
|
return userService.importByExcel(excelFile, UserSource.LOCAL.name(), SessionUtils.getSessionId());
|
||||||
}
|
}
|
||||||
|
|
||||||
@PostMapping("/delete")
|
@PostMapping("/delete")
|
||||||
|
|
|
@ -1,11 +1,11 @@
|
||||||
package io.metersphere.system.service;
|
package io.metersphere.system.service;
|
||||||
|
|
||||||
|
import io.metersphere.sdk.constants.UserRoleScope;
|
||||||
import io.metersphere.sdk.dto.TableBatchProcessResponse;
|
import io.metersphere.sdk.dto.TableBatchProcessResponse;
|
||||||
import io.metersphere.sdk.dto.UserRoleRelationUserDTO;
|
import io.metersphere.sdk.dto.UserRoleRelationUserDTO;
|
||||||
import io.metersphere.sdk.dto.request.GlobalUserRoleRelationUpdateRequest;
|
import io.metersphere.sdk.dto.request.GlobalUserRoleRelationUpdateRequest;
|
||||||
import io.metersphere.sdk.exception.MSException;
|
import io.metersphere.sdk.exception.MSException;
|
||||||
import io.metersphere.sdk.service.BaseUserRoleRelationService;
|
import io.metersphere.sdk.service.BaseUserRoleRelationService;
|
||||||
import io.metersphere.sdk.service.BaseUserRoleService;
|
|
||||||
import io.metersphere.sdk.util.BeanUtils;
|
import io.metersphere.sdk.util.BeanUtils;
|
||||||
import io.metersphere.sdk.util.Translator;
|
import io.metersphere.sdk.util.Translator;
|
||||||
import io.metersphere.system.domain.UserRole;
|
import io.metersphere.system.domain.UserRole;
|
||||||
|
@ -69,7 +69,7 @@ public class GlobalUserRoleRelationService extends BaseUserRoleRelationService {
|
||||||
UserRoleRelation userRoleRelation = new UserRoleRelation();
|
UserRoleRelation userRoleRelation = new UserRoleRelation();
|
||||||
BeanUtils.copyBean(userRoleRelation, request);
|
BeanUtils.copyBean(userRoleRelation, request);
|
||||||
userRoleRelation.setUserId(userId);
|
userRoleRelation.setUserId(userId);
|
||||||
userRoleRelation.setSourceId(GlobalUserRoleService.SYSTEM_TYPE);
|
userRoleRelation.setSourceId(UserRoleScope.SYSTEM);
|
||||||
checkExist(userRoleRelation);
|
checkExist(userRoleRelation);
|
||||||
userRoleRelation.setCreateTime(System.currentTimeMillis());
|
userRoleRelation.setCreateTime(System.currentTimeMillis());
|
||||||
userRoleRelation.setId(UUID.randomUUID().toString());
|
userRoleRelation.setId(UUID.randomUUID().toString());
|
||||||
|
@ -108,7 +108,7 @@ public class GlobalUserRoleRelationService extends BaseUserRoleRelationService {
|
||||||
userRoleRelation.setRoleId(roleId);
|
userRoleRelation.setRoleId(roleId);
|
||||||
userRoleRelation.setCreateUser(operator);
|
userRoleRelation.setCreateUser(operator);
|
||||||
userRoleRelation.setCreateTime(createTime);
|
userRoleRelation.setCreateTime(createTime);
|
||||||
userRoleRelation.setSourceId(GlobalUserRoleService.SYSTEM_TYPE);
|
userRoleRelation.setSourceId(UserRoleScope.SYSTEM);
|
||||||
userRoleRelation.setId(UUID.randomUUID().toString());
|
userRoleRelation.setId(UUID.randomUUID().toString());
|
||||||
saveList.add(userRoleRelation);
|
saveList.add(userRoleRelation);
|
||||||
}
|
}
|
||||||
|
@ -132,7 +132,7 @@ public class GlobalUserRoleRelationService extends BaseUserRoleRelationService {
|
||||||
UserRoleRelationExample example = new UserRoleRelationExample();
|
UserRoleRelationExample example = new UserRoleRelationExample();
|
||||||
example.createCriteria()
|
example.createCriteria()
|
||||||
.andUserIdEqualTo(userRoleRelation.getUserId())
|
.andUserIdEqualTo(userRoleRelation.getUserId())
|
||||||
.andSourceIdEqualTo(BaseUserRoleService.SYSTEM_TYPE);
|
.andSourceIdEqualTo(UserRoleScope.SYSTEM);
|
||||||
if (CollectionUtils.isEmpty(userRoleRelationMapper.selectByExample(example))) {
|
if (CollectionUtils.isEmpty(userRoleRelationMapper.selectByExample(example))) {
|
||||||
throw new MSException(GLOBAL_USER_ROLE_LIMIT);
|
throw new MSException(GLOBAL_USER_ROLE_LIMIT);
|
||||||
}
|
}
|
||||||
|
|
|
@ -1,5 +1,7 @@
|
||||||
package io.metersphere.system.service;
|
package io.metersphere.system.service;
|
||||||
|
|
||||||
|
import io.metersphere.sdk.constants.UserRoleScope;
|
||||||
|
import io.metersphere.sdk.constants.UserRoleType;
|
||||||
import io.metersphere.sdk.dto.PermissionDefinitionItem;
|
import io.metersphere.sdk.dto.PermissionDefinitionItem;
|
||||||
import io.metersphere.sdk.dto.request.PermissionSettingUpdateRequest;
|
import io.metersphere.sdk.dto.request.PermissionSettingUpdateRequest;
|
||||||
import io.metersphere.sdk.exception.MSException;
|
import io.metersphere.sdk.exception.MSException;
|
||||||
|
@ -33,7 +35,7 @@ import static io.metersphere.system.controller.result.SystemResultCode.*;
|
||||||
@Service
|
@Service
|
||||||
@Transactional(rollbackFor = Exception.class)
|
@Transactional(rollbackFor = Exception.class)
|
||||||
public class GlobalUserRoleService extends BaseUserRoleService {
|
public class GlobalUserRoleService extends BaseUserRoleService {
|
||||||
public static final String GLOBAL_SCOPE = "GLOBAL";
|
|
||||||
@Resource
|
@Resource
|
||||||
private UserRoleMapper userRoleMapper;
|
private UserRoleMapper userRoleMapper;
|
||||||
@Resource
|
@Resource
|
||||||
|
@ -41,7 +43,7 @@ public class GlobalUserRoleService extends BaseUserRoleService {
|
||||||
|
|
||||||
public List<UserRole> list() {
|
public List<UserRole> list() {
|
||||||
UserRoleExample example = new UserRoleExample();
|
UserRoleExample example = new UserRoleExample();
|
||||||
example.createCriteria().andScopeIdEqualTo(GLOBAL_SCOPE);
|
example.createCriteria().andScopeIdEqualTo(UserRoleScope.GLOBAL);
|
||||||
return userRoleMapper.selectByExample(example);
|
return userRoleMapper.selectByExample(example);
|
||||||
}
|
}
|
||||||
|
|
||||||
|
@ -49,7 +51,7 @@ public class GlobalUserRoleService extends BaseUserRoleService {
|
||||||
* 校验是否是全局用户组,非全局抛异常
|
* 校验是否是全局用户组,非全局抛异常
|
||||||
*/
|
*/
|
||||||
public void checkGlobalUserRole(UserRole userRole) {
|
public void checkGlobalUserRole(UserRole userRole) {
|
||||||
if (!StringUtils.equals(userRole.getScopeId(), GLOBAL_SCOPE)) {
|
if (!StringUtils.equals(userRole.getScopeId(), UserRoleScope.GLOBAL)) {
|
||||||
throw new MSException(GLOBAL_USER_ROLE_PERMISSION);
|
throw new MSException(GLOBAL_USER_ROLE_PERMISSION);
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
@ -58,7 +60,7 @@ public class GlobalUserRoleService extends BaseUserRoleService {
|
||||||
* 校验用户是否是系统用户组
|
* 校验用户是否是系统用户组
|
||||||
*/
|
*/
|
||||||
public void checkSystemUserGroup(UserRole userRole) {
|
public void checkSystemUserGroup(UserRole userRole) {
|
||||||
if (!StringUtils.equals(userRole.getType(), GlobalUserRoleService.SYSTEM_TYPE)) {
|
if (!StringUtils.equalsIgnoreCase(userRole.getType(), UserRoleType.SYSTEM.name())) {
|
||||||
throw new MSException(GLOBAL_USER_ROLE_RELATION_SYSTEM_PERMISSION);
|
throw new MSException(GLOBAL_USER_ROLE_RELATION_SYSTEM_PERMISSION);
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
@ -66,7 +68,7 @@ public class GlobalUserRoleService extends BaseUserRoleService {
|
||||||
@Override
|
@Override
|
||||||
public UserRole add(UserRole userRole) {
|
public UserRole add(UserRole userRole) {
|
||||||
userRole.setInternal(false);
|
userRole.setInternal(false);
|
||||||
userRole.setScopeId(GLOBAL_SCOPE);
|
userRole.setScopeId(UserRoleScope.GLOBAL);
|
||||||
checkExist(userRole);
|
checkExist(userRole);
|
||||||
return super.add(userRole);
|
return super.add(userRole);
|
||||||
}
|
}
|
||||||
|
@ -75,7 +77,7 @@ public class GlobalUserRoleService extends BaseUserRoleService {
|
||||||
UserRoleExample example = new UserRoleExample();
|
UserRoleExample example = new UserRoleExample();
|
||||||
UserRoleExample.Criteria criteria = example.createCriteria()
|
UserRoleExample.Criteria criteria = example.createCriteria()
|
||||||
.andNameEqualTo(userRole.getName())
|
.andNameEqualTo(userRole.getName())
|
||||||
.andScopeIdEqualTo(GLOBAL_SCOPE);
|
.andScopeIdEqualTo(UserRoleScope.GLOBAL);
|
||||||
if (StringUtils.isNoneBlank(userRole.getId())) {
|
if (StringUtils.isNoneBlank(userRole.getId())) {
|
||||||
criteria.andIdNotEqualTo(userRole.getId());
|
criteria.andIdNotEqualTo(userRole.getId());
|
||||||
}
|
}
|
||||||
|
@ -111,7 +113,8 @@ public class GlobalUserRoleService extends BaseUserRoleService {
|
||||||
|
|
||||||
public List<UserSelectOption> getGlobalSystemRoleList() {
|
public List<UserSelectOption> getGlobalSystemRoleList() {
|
||||||
UserRoleExample example = new UserRoleExample();
|
UserRoleExample example = new UserRoleExample();
|
||||||
example.createCriteria().andScopeIdEqualTo(GLOBAL_SCOPE).andTypeEqualTo(SYSTEM_TYPE);
|
example.createCriteria().andScopeIdEqualTo(UserRoleScope.GLOBAL)
|
||||||
|
.andTypeEqualTo(UserRoleType.SYSTEM.name());
|
||||||
List<UserSelectOption> returnList = new ArrayList<>();
|
List<UserSelectOption> returnList = new ArrayList<>();
|
||||||
userRoleMapper.selectByExample(example).forEach(userRole -> {
|
userRoleMapper.selectByExample(example).forEach(userRole -> {
|
||||||
UserSelectOption userRoleOption = new UserSelectOption();
|
UserSelectOption userRoleOption = new UserSelectOption();
|
||||||
|
|
|
@ -1,10 +1,7 @@
|
||||||
package io.metersphere.system.controller;
|
package io.metersphere.system.controller;
|
||||||
|
|
||||||
import io.metersphere.sdk.base.BaseTest;
|
import io.metersphere.sdk.base.BaseTest;
|
||||||
import io.metersphere.sdk.constants.InternalUserRole;
|
import io.metersphere.sdk.constants.*;
|
||||||
import io.metersphere.sdk.constants.PermissionConstants;
|
|
||||||
import io.metersphere.sdk.constants.UserRoleType;
|
|
||||||
import io.metersphere.sdk.constants.UserSourceEnum;
|
|
||||||
import io.metersphere.sdk.dto.Permission;
|
import io.metersphere.sdk.dto.Permission;
|
||||||
import io.metersphere.sdk.dto.PermissionDefinitionItem;
|
import io.metersphere.sdk.dto.PermissionDefinitionItem;
|
||||||
import io.metersphere.sdk.dto.request.PermissionSettingUpdateRequest;
|
import io.metersphere.sdk.dto.request.PermissionSettingUpdateRequest;
|
||||||
|
@ -12,7 +9,6 @@ import io.metersphere.sdk.dto.request.UserRoleUpdateRequest;
|
||||||
import io.metersphere.sdk.log.constants.OperationLogType;
|
import io.metersphere.sdk.log.constants.OperationLogType;
|
||||||
import io.metersphere.sdk.service.BaseUserRolePermissionService;
|
import io.metersphere.sdk.service.BaseUserRolePermissionService;
|
||||||
import io.metersphere.sdk.service.BaseUserRoleRelationService;
|
import io.metersphere.sdk.service.BaseUserRoleRelationService;
|
||||||
import io.metersphere.sdk.service.BaseUserRoleService;
|
|
||||||
import io.metersphere.sdk.util.BeanUtils;
|
import io.metersphere.sdk.util.BeanUtils;
|
||||||
import io.metersphere.sdk.util.SessionUtils;
|
import io.metersphere.sdk.util.SessionUtils;
|
||||||
import io.metersphere.system.controller.param.PermissionSettingUpdateRequestDefinition;
|
import io.metersphere.system.controller.param.PermissionSettingUpdateRequestDefinition;
|
||||||
|
@ -35,10 +31,12 @@ import org.testcontainers.shaded.org.apache.commons.lang3.StringUtils;
|
||||||
import java.util.*;
|
import java.util.*;
|
||||||
import java.util.stream.Collectors;
|
import java.util.stream.Collectors;
|
||||||
|
|
||||||
import static io.metersphere.sdk.constants.InternalUserRole.*;
|
import static io.metersphere.sdk.constants.InternalUserRole.ADMIN;
|
||||||
|
import static io.metersphere.sdk.constants.InternalUserRole.MEMBER;
|
||||||
import static io.metersphere.sdk.controller.handler.result.CommonResultCode.INTERNAL_USER_ROLE_PERMISSION;
|
import static io.metersphere.sdk.controller.handler.result.CommonResultCode.INTERNAL_USER_ROLE_PERMISSION;
|
||||||
import static io.metersphere.system.controller.result.SystemResultCode.*;
|
import static io.metersphere.system.controller.result.SystemResultCode.GLOBAL_USER_ROLE_EXIST;
|
||||||
import static io.metersphere.system.service.GlobalUserRoleService.GLOBAL_SCOPE;
|
import static io.metersphere.system.controller.result.SystemResultCode.GLOBAL_USER_ROLE_PERMISSION;
|
||||||
|
|
||||||
|
|
||||||
@SpringBootTest
|
@SpringBootTest
|
||||||
@AutoConfigureMockMvc
|
@AutoConfigureMockMvc
|
||||||
|
@ -74,7 +72,7 @@ class GlobalUserRoleControllerTests extends BaseTest {
|
||||||
List<UserRole> userRoles = getResultDataArray(mvcResult, UserRole.class);
|
List<UserRole> userRoles = getResultDataArray(mvcResult, UserRole.class);
|
||||||
|
|
||||||
// 校验是否是全局用户组
|
// 校验是否是全局用户组
|
||||||
userRoles.forEach(item -> Assertions.assertTrue(StringUtils.equals(item.getScopeId(), GLOBAL_SCOPE)));
|
userRoles.forEach(item -> Assertions.assertTrue(StringUtils.equalsIgnoreCase(item.getScopeId(), UserRoleScope.GLOBAL)));
|
||||||
|
|
||||||
// 校验是否包含全部的内置用户组
|
// 校验是否包含全部的内置用户组
|
||||||
List<String> userRoleIds = userRoles.stream().map(UserRole::getId).toList();
|
List<String> userRoleIds = userRoles.stream().map(UserRole::getId).toList();
|
||||||
|
@ -277,7 +275,7 @@ class GlobalUserRoleControllerTests extends BaseTest {
|
||||||
example.createCriteria().andUserIdEqualTo(userRoleRelation.getUserId());
|
example.createCriteria().andUserIdEqualTo(userRoleRelation.getUserId());
|
||||||
List<UserRoleRelation> userRoleRelations = userRoleRelationMapper.selectByExample(example);
|
List<UserRoleRelation> userRoleRelations = userRoleRelationMapper.selectByExample(example);
|
||||||
Assertions.assertTrue(userRoleRelations.size() == 1);
|
Assertions.assertTrue(userRoleRelations.size() == 1);
|
||||||
Assertions.assertTrue(StringUtils.equals(userRoleRelations.get(0).getRoleId(), MEMBER.getValue()));
|
Assertions.assertTrue(StringUtils.equalsIgnoreCase(userRoleRelations.get(0).getRoleId(), MEMBER.getValue()));
|
||||||
clearOneLimitTest(userRoleRelation.getUserId());
|
clearOneLimitTest(userRoleRelation.getUserId());
|
||||||
|
|
||||||
// 删除没有关联用户的用户组
|
// 删除没有关联用户的用户组
|
||||||
|
@ -320,7 +318,7 @@ class GlobalUserRoleControllerTests extends BaseTest {
|
||||||
user.setId(UUID.randomUUID().toString());
|
user.setId(UUID.randomUUID().toString());
|
||||||
user.setCreateUser(SessionUtils.getUserId());
|
user.setCreateUser(SessionUtils.getUserId());
|
||||||
user.setName("test one user role");
|
user.setName("test one user role");
|
||||||
user.setSource(UserSourceEnum.LOCAL.name());
|
user.setSource(UserSource.LOCAL.name());
|
||||||
user.setEmail("1111111111@qq.com");
|
user.setEmail("1111111111@qq.com");
|
||||||
user.setCreateTime(System.currentTimeMillis());
|
user.setCreateTime(System.currentTimeMillis());
|
||||||
user.setUpdateTime(System.currentTimeMillis());
|
user.setUpdateTime(System.currentTimeMillis());
|
||||||
|
@ -335,7 +333,7 @@ class GlobalUserRoleControllerTests extends BaseTest {
|
||||||
roleRelation.setRoleId(userRoleId);
|
roleRelation.setRoleId(userRoleId);
|
||||||
roleRelation.setCreateUser(ADMIN.getValue());
|
roleRelation.setCreateUser(ADMIN.getValue());
|
||||||
roleRelation.setUserId(user.getId());
|
roleRelation.setUserId(user.getId());
|
||||||
roleRelation.setSourceId(BaseUserRoleService.SYSTEM_TYPE);
|
roleRelation.setSourceId(UserRoleScope.SYSTEM);
|
||||||
userRoleRelationMapper.insert(roleRelation);
|
userRoleRelationMapper.insert(roleRelation);
|
||||||
return roleRelation;
|
return roleRelation;
|
||||||
}
|
}
|
||||||
|
|
|
@ -2,12 +2,12 @@ package io.metersphere.system.controller;
|
||||||
|
|
||||||
import io.metersphere.sdk.base.BaseTest;
|
import io.metersphere.sdk.base.BaseTest;
|
||||||
import io.metersphere.sdk.constants.PermissionConstants;
|
import io.metersphere.sdk.constants.PermissionConstants;
|
||||||
|
import io.metersphere.sdk.constants.UserRoleScope;
|
||||||
import io.metersphere.sdk.dto.ExcludeOptionDTO;
|
import io.metersphere.sdk.dto.ExcludeOptionDTO;
|
||||||
import io.metersphere.sdk.dto.UserRoleRelationUserDTO;
|
import io.metersphere.sdk.dto.UserRoleRelationUserDTO;
|
||||||
import io.metersphere.sdk.dto.request.GlobalUserRoleRelationUpdateRequest;
|
import io.metersphere.sdk.dto.request.GlobalUserRoleRelationUpdateRequest;
|
||||||
import io.metersphere.sdk.log.constants.OperationLogType;
|
import io.metersphere.sdk.log.constants.OperationLogType;
|
||||||
import io.metersphere.sdk.mapper.BaseUserRoleRelationMapper;
|
import io.metersphere.sdk.mapper.BaseUserRoleRelationMapper;
|
||||||
import io.metersphere.sdk.service.BaseUserRoleService;
|
|
||||||
import io.metersphere.sdk.service.BaseUserService;
|
import io.metersphere.sdk.service.BaseUserService;
|
||||||
import io.metersphere.sdk.util.Pager;
|
import io.metersphere.sdk.util.Pager;
|
||||||
import io.metersphere.system.controller.param.GlobalUserRoleRelationQueryRequestDefinition;
|
import io.metersphere.system.controller.param.GlobalUserRoleRelationQueryRequestDefinition;
|
||||||
|
@ -181,7 +181,7 @@ class GlobalUserRoleRelationControllerTests extends BaseTest {
|
||||||
assertErrorCode(this.requestGet(DEFAULT_DELETE, getNonGlobalUserRoleRelation().getId()), GLOBAL_USER_ROLE_PERMISSION);
|
assertErrorCode(this.requestGet(DEFAULT_DELETE, getNonGlobalUserRoleRelation().getId()), GLOBAL_USER_ROLE_PERMISSION);
|
||||||
|
|
||||||
// @@校验必须有一个系统用户组
|
// @@校验必须有一个系统用户组
|
||||||
UserRoleRelation permissionUserRoleRelation = userRoleRelationMapper.selectByPrimaryKey(BaseUserRoleService.SYSTEM_TYPE);
|
UserRoleRelation permissionUserRoleRelation = userRoleRelationMapper.selectByPrimaryKey(UserRoleScope.SYSTEM);
|
||||||
assertErrorCode(this.requestGet(DEFAULT_DELETE, permissionUserRoleRelation.getId()), GLOBAL_USER_ROLE_LIMIT);
|
assertErrorCode(this.requestGet(DEFAULT_DELETE, permissionUserRoleRelation.getId()), GLOBAL_USER_ROLE_LIMIT);
|
||||||
|
|
||||||
// @@删除admin系统管理员用户组异常
|
// @@删除admin系统管理员用户组异常
|
||||||
|
|
|
@ -1,5 +1,7 @@
|
||||||
package io.metersphere.system.utils.user;
|
package io.metersphere.system.utils.user;
|
||||||
|
|
||||||
|
import io.metersphere.sdk.constants.UserRoleScope;
|
||||||
|
import io.metersphere.sdk.constants.UserRoleType;
|
||||||
import io.metersphere.sdk.dto.BasePageRequest;
|
import io.metersphere.sdk.dto.BasePageRequest;
|
||||||
import io.metersphere.sdk.dto.UserDTO;
|
import io.metersphere.sdk.dto.UserDTO;
|
||||||
import io.metersphere.sdk.service.BaseUserRoleService;
|
import io.metersphere.sdk.service.BaseUserRoleService;
|
||||||
|
@ -86,8 +88,8 @@ public class UserParamUtils {
|
||||||
//判断系统权限是否一样
|
//判断系统权限是否一样
|
||||||
List<String> selectUserSystemRoleId
|
List<String> selectUserSystemRoleId
|
||||||
= selectUserDTO.getUserRoles().stream()
|
= selectUserDTO.getUserRoles().stream()
|
||||||
.filter(item -> (StringUtils.equals(item.getType(), BaseUserRoleService.SYSTEM_TYPE)
|
.filter(item -> (StringUtils.equalsIgnoreCase(item.getType(), UserRoleType.SYSTEM.name())
|
||||||
&& StringUtils.equals(item.getScopeId(), GlobalUserRoleService.GLOBAL_SCOPE)))
|
&& StringUtils.equalsIgnoreCase(item.getScopeId(), UserRoleScope.GLOBAL)))
|
||||||
.map(UserRole::getId).toList();
|
.map(UserRole::getId).toList();
|
||||||
Assertions.assertTrue(
|
Assertions.assertTrue(
|
||||||
editRequest.getUserRoleIdList().containsAll(selectUserSystemRoleId)
|
editRequest.getUserRoleIdList().containsAll(selectUserSystemRoleId)
|
||||||
|
|
|
@ -7,11 +7,11 @@ VALUES ('SYSTEM', 'SYSTEM', 'SYSTEM@fit2cloud.com', MD5('metersphere'),
|
||||||
|
|
||||||
-- 初始化一个用于权限测试的用户组,这里默认使用 SYSTEM 作为ID,如果是组织和项目级别类似,便于根据权限的前缀找到对应测试的用户组
|
-- 初始化一个用于权限测试的用户组,这里默认使用 SYSTEM 作为ID,如果是组织和项目级别类似,便于根据权限的前缀找到对应测试的用户组
|
||||||
INSERT INTO user_role (id, name, description, internal, type, create_time, update_time, create_user, scope_id)
|
INSERT INTO user_role (id, name, description, internal, type, create_time, update_time, create_user, scope_id)
|
||||||
VALUES ('SYSTEM', '系统级别权限校验', '', 1, 'SYSTEM', 1620674220005, 1620674220000, 'admin', 'GLOBAL');
|
VALUES ('SYSTEM', '系统级别权限校验', '', 1, 'SYSTEM', 1620674220005, 1620674220000, 'admin', 'global');
|
||||||
|
|
||||||
-- 初始化用户和组的关系
|
-- 初始化用户和组的关系
|
||||||
INSERT INTO user_role_relation (id, user_id, role_id, source_id, create_time, create_user)
|
INSERT INTO user_role_relation (id, user_id, role_id, source_id, create_time, create_user)
|
||||||
VALUES ('SYSTEM', 'SYSTEM', 'SYSTEM', 'SYSTEM', 1684747668375, 'admin');
|
VALUES ('SYSTEM', 'SYSTEM', 'SYSTEM', 'system', 1684747668375, 'admin');
|
||||||
|
|
||||||
-- 初始化用于权限测试的组织用户
|
-- 初始化用于权限测试的组织用户
|
||||||
INSERT INTO user(id, name, email, password, create_time, update_time, language, last_organization_id, phone, source,
|
INSERT INTO user(id, name, email, password, create_time, update_time, language, last_organization_id, phone, source,
|
||||||
|
@ -22,7 +22,7 @@ VALUES ('ORGANIZATION', 'ORGANIZATION', 'ORGANIZATION@fit2cloud.com', MD5('meter
|
||||||
|
|
||||||
-- 初始化一个用于权限测试的用户组,这里默认使用 ORGANIZATION 作为ID,如果是组织和项目级别类似,便于根据权限的前缀找到对应测试的用户组
|
-- 初始化一个用于权限测试的用户组,这里默认使用 ORGANIZATION 作为ID,如果是组织和项目级别类似,便于根据权限的前缀找到对应测试的用户组
|
||||||
INSERT INTO user_role (id, name, description, internal, type, create_time, update_time, create_user, scope_id)
|
INSERT INTO user_role (id, name, description, internal, type, create_time, update_time, create_user, scope_id)
|
||||||
VALUES ('ORGANIZATION', '组织级别权限校验', '', 1, 'ORGANIZATION', 1620674220005, 1620674220000, 'admin', 'GLOBAL');
|
VALUES ('ORGANIZATION', '组织级别权限校验', '', 1, 'ORGANIZATION', 1620674220005, 1620674220000, 'admin', 'global');
|
||||||
|
|
||||||
-- 初始化用户和组的关系
|
-- 初始化用户和组的关系
|
||||||
INSERT INTO user_role_relation (id, user_id, role_id, source_id, create_time, create_user)
|
INSERT INTO user_role_relation (id, user_id, role_id, source_id, create_time, create_user)
|
||||||
|
|
Loading…
Reference in New Issue