fix(性能测试): 性能测试增加所属资源校验

This commit is contained in:
song-tianyang 2023-12-13 15:02:49 +08:00 committed by 刘瑞斌
parent b334bdd72d
commit c02aa7d534
3 changed files with 8 additions and 13 deletions

View File

@ -2,7 +2,7 @@
<!DOCTYPE mapper PUBLIC "-//mybatis.org//DTD Mapper 3.0//EN" "http://mybatis.org/dtd/mybatis-3-mapper.dtd"> <!DOCTYPE mapper PUBLIC "-//mybatis.org//DTD Mapper 3.0//EN" "http://mybatis.org/dtd/mybatis-3-mapper.dtd">
<mapper namespace="io.metersphere.base.mapper.ext.ExtCheckOwnerMapper"> <mapper namespace="io.metersphere.base.mapper.ext.ExtCheckOwnerMapper">
<select id="checkoutOwner" resultType="boolean"> <select id="checkoutOwner" resultType="boolean">
SELECT count(id) = #{ids.size()} SELECT count(id) = ${ids.size()}
FROM ${table} FROM ${table}
WHERE project_id = #{projectId} WHERE project_id = #{projectId}
and id in and id in

View File

@ -16,6 +16,7 @@ import io.metersphere.notice.annotation.SendNotice;
import io.metersphere.request.DeleteReportRequest; import io.metersphere.request.DeleteReportRequest;
import io.metersphere.request.RenameReportRequest; import io.metersphere.request.RenameReportRequest;
import io.metersphere.request.ReportRequest; import io.metersphere.request.ReportRequest;
import io.metersphere.security.CheckOwner;
import io.metersphere.service.PerformanceReportService; import io.metersphere.service.PerformanceReportService;
import jakarta.annotation.Resource; import jakarta.annotation.Resource;
import jakarta.servlet.http.HttpServletResponse; import jakarta.servlet.http.HttpServletResponse;
@ -52,6 +53,7 @@ public class PerformanceReportController {
@MsAuditLog(module = OperLogModule.PERFORMANCE_TEST_REPORT, type = OperLogConstants.DELETE, beforeEvent = "#msClass.getLogDetails(#reportId)", msClass = PerformanceReportService.class) @MsAuditLog(module = OperLogModule.PERFORMANCE_TEST_REPORT, type = OperLogConstants.DELETE, beforeEvent = "#msClass.getLogDetails(#reportId)", msClass = PerformanceReportService.class)
@SendNotice(taskType = NoticeConstants.TaskType.PERFORMANCE_REPORT_TASK, event = NoticeConstants.Event.DELETE, @SendNotice(taskType = NoticeConstants.TaskType.PERFORMANCE_REPORT_TASK, event = NoticeConstants.Event.DELETE,
target = "#targetClass.getReport(#reportId)", targetClass = PerformanceReportService.class, subject = "性能测试报告通知") target = "#targetClass.getReport(#reportId)", targetClass = PerformanceReportService.class, subject = "性能测试报告通知")
@CheckOwner(resourceId = "#reportId", resourceType = "load_test_report")
public void deleteReport(@PathVariable String reportId) { public void deleteReport(@PathVariable String reportId) {
performanceReportService.deleteReport(reportId); performanceReportService.deleteReport(reportId);
} }

View File

@ -20,7 +20,7 @@ import io.metersphere.log.annotation.MsRequestLog;
import io.metersphere.metadata.service.FileMetadataService; import io.metersphere.metadata.service.FileMetadataService;
import io.metersphere.notice.annotation.SendNotice; import io.metersphere.notice.annotation.SendNotice;
import io.metersphere.request.*; import io.metersphere.request.*;
import io.metersphere.service.BaseCheckPermissionService; import io.metersphere.security.CheckOwner;
import io.metersphere.service.PerformanceTestService; import io.metersphere.service.PerformanceTestService;
import io.metersphere.task.dto.TaskRequestDTO; import io.metersphere.task.dto.TaskRequestDTO;
import jakarta.annotation.Resource; import jakarta.annotation.Resource;
@ -46,8 +46,6 @@ public class PerformanceTestController {
@Resource @Resource
private ConsulService consulService; private ConsulService consulService;
@Resource @Resource
private BaseCheckPermissionService baseCheckPermissionService;
@Resource
private ApiPerformanceService apiPerformanceService; private ApiPerformanceService apiPerformanceService;
@PostMapping("recent/{count}") @PostMapping("recent/{count}")
@ -67,7 +65,6 @@ public class PerformanceTestController {
@GetMapping("/list/{projectId}") @GetMapping("/list/{projectId}")
@RequiresPermissions(PermissionConstants.PROJECT_PERFORMANCE_TEST_READ) @RequiresPermissions(PermissionConstants.PROJECT_PERFORMANCE_TEST_READ)
public List<LoadTest> list(@PathVariable String projectId) { public List<LoadTest> list(@PathVariable String projectId) {
// checkPermissionService.checkProjectOwner(projectId);
return performanceTestService.getLoadTestByProjectId(projectId); return performanceTestService.getLoadTestByProjectId(projectId);
} }
@ -83,7 +80,6 @@ public class PerformanceTestController {
@GetMapping("/state/get/{testId}") @GetMapping("/state/get/{testId}")
public LoadTest listByTestId(@PathVariable String testId) { public LoadTest listByTestId(@PathVariable String testId) {
// // checkPermissionService.checkPerformanceTestOwner(testId);
return performanceTestService.getLoadTestBytestId(testId); return performanceTestService.getLoadTestBytestId(testId);
} }
@ -112,6 +108,7 @@ public class PerformanceTestController {
@RequiresPermissions(PermissionConstants.PROJECT_PERFORMANCE_TEST_READ_EDIT) @RequiresPermissions(PermissionConstants.PROJECT_PERFORMANCE_TEST_READ_EDIT)
@CacheNode // 把监控节点缓存起来 @CacheNode // 把监控节点缓存起来
@SendNotice(taskType = NoticeConstants.TaskType.PERFORMANCE_TEST_TASK, event = NoticeConstants.Event.UPDATE, subject = "性能测试通知") @SendNotice(taskType = NoticeConstants.TaskType.PERFORMANCE_TEST_TASK, event = NoticeConstants.Event.UPDATE, subject = "性能测试通知")
@CheckOwner(resourceId = "#request.getId()", resourceType = "load_test")
public LoadTest edit( public LoadTest edit(
@RequestPart("request") EditTestPlanRequest request, @RequestPart("request") EditTestPlanRequest request,
@RequestPart(value = "file", required = false) List<MultipartFile> files @RequestPart(value = "file", required = false) List<MultipartFile> files
@ -133,7 +130,6 @@ public class PerformanceTestController {
@GetMapping("/get/{testId}") @GetMapping("/get/{testId}")
@RequiresPermissions(PermissionConstants.PROJECT_PERFORMANCE_TEST_READ) @RequiresPermissions(PermissionConstants.PROJECT_PERFORMANCE_TEST_READ)
public LoadTestDTO get(@PathVariable String testId) { public LoadTestDTO get(@PathVariable String testId) {
// // checkPermissionService.checkPerformanceTestOwner(testId);
LoadTestDTO loadTestDTO = performanceTestService.get(testId); LoadTestDTO loadTestDTO = performanceTestService.get(testId);
loadTestDTO.setIsNeedUpdate(apiPerformanceService.isNeedUpdate(loadTestDTO.getId())); loadTestDTO.setIsNeedUpdate(apiPerformanceService.isNeedUpdate(loadTestDTO.getId()));
return loadTestDTO; return loadTestDTO;
@ -142,21 +138,18 @@ public class PerformanceTestController {
@GetMapping("/get-advanced-config/{testId}") @GetMapping("/get-advanced-config/{testId}")
@RequiresPermissions(PermissionConstants.PROJECT_PERFORMANCE_TEST_READ) @RequiresPermissions(PermissionConstants.PROJECT_PERFORMANCE_TEST_READ)
public String getAdvancedConfiguration(@PathVariable String testId) { public String getAdvancedConfiguration(@PathVariable String testId) {
// // checkPermissionService.checkPerformanceTestOwner(testId);
return performanceTestService.getAdvancedConfiguration(testId); return performanceTestService.getAdvancedConfiguration(testId);
} }
@GetMapping("/get-load-config/{testId}") @GetMapping("/get-load-config/{testId}")
@RequiresPermissions(PermissionConstants.PROJECT_PERFORMANCE_TEST_READ) @RequiresPermissions(PermissionConstants.PROJECT_PERFORMANCE_TEST_READ)
public String getLoadConfiguration(@PathVariable String testId) { public String getLoadConfiguration(@PathVariable String testId) {
// // checkPermissionService.checkPerformanceTestOwner(testId);
return performanceTestService.getLoadConfiguration(testId); return performanceTestService.getLoadConfiguration(testId);
} }
@GetMapping("/get-jmx-content/{testId}") @GetMapping("/get-jmx-content/{testId}")
@RequiresPermissions(PermissionConstants.PROJECT_PERFORMANCE_TEST_READ) @RequiresPermissions(PermissionConstants.PROJECT_PERFORMANCE_TEST_READ)
public List<LoadTestExportJmx> getJmxContent(@PathVariable String testId) { public List<LoadTestExportJmx> getJmxContent(@PathVariable String testId) {
// // checkPermissionService.checkPerformanceTestOwner(testId);
return performanceTestService.getJmxContent(testId); return performanceTestService.getJmxContent(testId);
} }
@ -170,7 +163,6 @@ public class PerformanceTestController {
public Pager<List<FileMetadata>> getProjectFiles(@PathVariable String projectId, @PathVariable String loadType, public Pager<List<FileMetadata>> getProjectFiles(@PathVariable String projectId, @PathVariable String loadType,
@PathVariable int goPage, @PathVariable int pageSize, @PathVariable int goPage, @PathVariable int pageSize,
@RequestBody QueryProjectFileRequest request) { @RequestBody QueryProjectFileRequest request) {
// // checkPermissionService.checkProjectOwner(projectId);
Page<Object> page = PageHelper.startPage(goPage, pageSize, true); Page<Object> page = PageHelper.startPage(goPage, pageSize, true);
return PageUtils.setPageInfo(page, performanceTestService.getProjectFiles(projectId, loadType, request)); return PageUtils.setPageInfo(page, performanceTestService.getProjectFiles(projectId, loadType, request));
} }
@ -181,8 +173,8 @@ public class PerformanceTestController {
@CacheNode // 把监控节点缓存起来 @CacheNode // 把监控节点缓存起来
@SendNotice(taskType = NoticeConstants.TaskType.PERFORMANCE_TEST_TASK, event = NoticeConstants.Event.DELETE, @SendNotice(taskType = NoticeConstants.TaskType.PERFORMANCE_TEST_TASK, event = NoticeConstants.Event.DELETE,
target = "#targetClass.get(#request.id)", targetClass = PerformanceTestService.class, subject = "性能测试通知") target = "#targetClass.get(#request.id)", targetClass = PerformanceTestService.class, subject = "性能测试通知")
@CheckOwner(resourceId = "#request.getId()", resourceType = "load_test")
public void delete(@RequestBody DeleteTestPlanRequest request) { public void delete(@RequestBody DeleteTestPlanRequest request) {
// // checkPermissionService.checkPerformanceTestOwner(request.getId());
performanceTestService.delete(request); performanceTestService.delete(request);
} }
@ -190,6 +182,7 @@ public class PerformanceTestController {
@CacheNode @CacheNode
@MsAuditLog(module = OperLogModule.PERFORMANCE_TEST, type = OperLogConstants.DELETE, beforeEvent = "#msClass.deleteBatchLog(#request)", msClass = PerformanceTestService.class) @MsAuditLog(module = OperLogModule.PERFORMANCE_TEST, type = OperLogConstants.DELETE, beforeEvent = "#msClass.deleteBatchLog(#request)", msClass = PerformanceTestService.class)
@RequiresPermissions(PermissionConstants.PROJECT_PERFORMANCE_TEST_READ_DELETE) @RequiresPermissions(PermissionConstants.PROJECT_PERFORMANCE_TEST_READ_DELETE)
@CheckOwner(resourceId = "#request.getIds()", resourceType = "load_test")
public void deleteBatch(@RequestBody DeletePerformanceRequest request) { public void deleteBatch(@RequestBody DeletePerformanceRequest request) {
performanceTestService.deleteBatch(request); performanceTestService.deleteBatch(request);
} }
@ -197,6 +190,7 @@ public class PerformanceTestController {
@PostMapping("/run") @PostMapping("/run")
@MsAuditLog(module = OperLogModule.PERFORMANCE_TEST, type = OperLogConstants.EXECUTE, beforeEvent = "#msClass.getRunLogDetails(#request.id)", msClass = PerformanceTestService.class) @MsAuditLog(module = OperLogModule.PERFORMANCE_TEST, type = OperLogConstants.EXECUTE, beforeEvent = "#msClass.getRunLogDetails(#request.id)", msClass = PerformanceTestService.class)
@RequiresPermissions(PermissionConstants.PROJECT_PERFORMANCE_TEST_READ_RUN) @RequiresPermissions(PermissionConstants.PROJECT_PERFORMANCE_TEST_READ_RUN)
@CheckOwner(resourceId = "#request.getId()", resourceType = "load_test")
public String run(@RequestBody RunTestPlanRequest request) { public String run(@RequestBody RunTestPlanRequest request) {
return performanceTestService.run(request); return performanceTestService.run(request);
} }
@ -209,7 +203,6 @@ public class PerformanceTestController {
@GetMapping("/file/metadata/{testId}") @GetMapping("/file/metadata/{testId}")
public List<FileMetadata> getFileMetadata(@PathVariable String testId) { public List<FileMetadata> getFileMetadata(@PathVariable String testId) {
// // checkPermissionService.checkPerformanceTestOwner(testId);
return performanceTestService.getFileMetadataByTestId(testId); return performanceTestService.getFileMetadataByTestId(testId);
} }