fix(接口测试): 修复批量操作没有设置权限的缺陷
--bug=1033911 --user=王孝刚 【接口测试】调用接口/api/api/automation/move-gc-batch可删除无权限项目下接口场景 https://www.tapd.cn/55049933/s/1447523
This commit is contained in:
parent
67bbac5d00
commit
df9cf8cfae
|
@ -138,6 +138,7 @@ public class ApiDefinitionController {
|
||||||
@PostMapping("/del-batch")
|
@PostMapping("/del-batch")
|
||||||
@RequiresPermissions(PermissionConstants.PROJECT_API_DEFINITION_READ_DELETE_API)
|
@RequiresPermissions(PermissionConstants.PROJECT_API_DEFINITION_READ_DELETE_API)
|
||||||
@MsAuditLog(module = OperLogModule.API_DEFINITION, type = OperLogConstants.BATCH_DEL, beforeEvent = "#msClass.getLogDetails(#request.ids)", msClass = ApiDefinitionService.class)
|
@MsAuditLog(module = OperLogModule.API_DEFINITION, type = OperLogConstants.BATCH_DEL, beforeEvent = "#msClass.getLogDetails(#request.ids)", msClass = ApiDefinitionService.class)
|
||||||
|
@CheckOwner(resourceId = "#request.ids", resourceType = "api_definition")
|
||||||
public void deleteBatchByParams(@RequestBody ApiBatchRequest request) {
|
public void deleteBatchByParams(@RequestBody ApiBatchRequest request) {
|
||||||
apiDefinitionService.deleteByParams(request);
|
apiDefinitionService.deleteByParams(request);
|
||||||
}
|
}
|
||||||
|
@ -145,6 +146,7 @@ public class ApiDefinitionController {
|
||||||
@PostMapping("/copy/by/version")
|
@PostMapping("/copy/by/version")
|
||||||
@RequiresPermissions(PermissionConstants.PROJECT_API_DEFINITION_READ_EDIT_API)
|
@RequiresPermissions(PermissionConstants.PROJECT_API_DEFINITION_READ_EDIT_API)
|
||||||
@MsAuditLog(module = OperLogModule.API_DEFINITION, type = OperLogConstants.UPDATE, beforeEvent = "#msClass.getLogDetails(#request.ids)", title = "#request.name", content = "#msClass.getLogDetails(#request.ids)", msClass = ApiDefinitionService.class)
|
@MsAuditLog(module = OperLogModule.API_DEFINITION, type = OperLogConstants.UPDATE, beforeEvent = "#msClass.getLogDetails(#request.ids)", title = "#request.name", content = "#msClass.getLogDetails(#request.ids)", msClass = ApiDefinitionService.class)
|
||||||
|
@CheckOwner(resourceId = "#request.ids", resourceType = "api_definition")
|
||||||
public void copyByVersion(@RequestBody BatchDataCopyRequest request) {
|
public void copyByVersion(@RequestBody BatchDataCopyRequest request) {
|
||||||
apiDefinitionService.copyCaseOrMockByVersion(request);
|
apiDefinitionService.copyCaseOrMockByVersion(request);
|
||||||
}
|
}
|
||||||
|
@ -162,6 +164,7 @@ public class ApiDefinitionController {
|
||||||
@RequiresPermissions(PermissionConstants.PROJECT_API_DEFINITION_READ_DELETE_API)
|
@RequiresPermissions(PermissionConstants.PROJECT_API_DEFINITION_READ_DELETE_API)
|
||||||
@MsAuditLog(module = OperLogModule.API_DEFINITION, type = OperLogConstants.BATCH_GC, beforeEvent = "#msClass.getLogDetails(#request.ids)", msClass = ApiDefinitionService.class)
|
@MsAuditLog(module = OperLogModule.API_DEFINITION, type = OperLogConstants.BATCH_GC, beforeEvent = "#msClass.getLogDetails(#request.ids)", msClass = ApiDefinitionService.class)
|
||||||
@SendNotice(taskType = NoticeConstants.TaskType.API_DEFINITION_TASK, event = NoticeConstants.Event.DELETE, target = "#targetClass.getBLOBs(#request.ids)", targetClass = ApiDefinitionService.class, subject = "接口定义通知")
|
@SendNotice(taskType = NoticeConstants.TaskType.API_DEFINITION_TASK, event = NoticeConstants.Event.DELETE, target = "#targetClass.getBLOBs(#request.ids)", targetClass = ApiDefinitionService.class, subject = "接口定义通知")
|
||||||
|
@CheckOwner(resourceId = "#request.ids", resourceType = "api_definition")
|
||||||
public void removeToGcByParams(@RequestBody ApiBatchRequest request) {
|
public void removeToGcByParams(@RequestBody ApiBatchRequest request) {
|
||||||
apiDefinitionService.removeToGcByParams(request);
|
apiDefinitionService.removeToGcByParams(request);
|
||||||
}
|
}
|
||||||
|
@ -275,6 +278,7 @@ public class ApiDefinitionController {
|
||||||
@PostMapping("/batch/edit")
|
@PostMapping("/batch/edit")
|
||||||
@RequiresPermissions(PermissionConstants.PROJECT_API_DEFINITION_READ_EDIT_API)
|
@RequiresPermissions(PermissionConstants.PROJECT_API_DEFINITION_READ_EDIT_API)
|
||||||
@MsRequestLog(module = OperLogModule.API_DEFINITION)
|
@MsRequestLog(module = OperLogModule.API_DEFINITION)
|
||||||
|
@CheckOwner(resourceId = "#request.ids", resourceType = "api_definition")
|
||||||
public void editApiBath(@RequestBody ApiBatchRequest request) {
|
public void editApiBath(@RequestBody ApiBatchRequest request) {
|
||||||
apiDefinitionService.editApiBath(request);
|
apiDefinitionService.editApiBath(request);
|
||||||
}
|
}
|
||||||
|
@ -283,6 +287,7 @@ public class ApiDefinitionController {
|
||||||
@RequiresPermissions(PermissionConstants.PROJECT_API_DEFINITION_READ_EDIT_API)
|
@RequiresPermissions(PermissionConstants.PROJECT_API_DEFINITION_READ_EDIT_API)
|
||||||
@MsAuditLog(module = OperLogModule.API_DEFINITION, type = OperLogConstants.BATCH_UPDATE, beforeEvent = "#msClass.getLogDetails(#request)", content = "#msClass.getLogDetails(#request)", msClass = ApiDefinitionService.class)
|
@MsAuditLog(module = OperLogModule.API_DEFINITION, type = OperLogConstants.BATCH_UPDATE, beforeEvent = "#msClass.getLogDetails(#request)", content = "#msClass.getLogDetails(#request)", msClass = ApiDefinitionService.class)
|
||||||
@SendNotice(taskType = NoticeConstants.TaskType.API_DEFINITION_TASK, event = NoticeConstants.Event.UPDATE, target = "#targetClass.getBLOBs(#request.ids)", targetClass = ApiDefinitionService.class, subject = "接口定义通知")
|
@SendNotice(taskType = NoticeConstants.TaskType.API_DEFINITION_TASK, event = NoticeConstants.Event.UPDATE, target = "#targetClass.getBLOBs(#request.ids)", targetClass = ApiDefinitionService.class, subject = "接口定义通知")
|
||||||
|
@CheckOwner(resourceId = "#request.ids", resourceType = "api_definition")
|
||||||
public void editByParams(@RequestBody ApiBatchRequest request) {
|
public void editByParams(@RequestBody ApiBatchRequest request) {
|
||||||
apiDefinitionService.editApiByParam(request);
|
apiDefinitionService.editApiByParam(request);
|
||||||
}
|
}
|
||||||
|
@ -290,6 +295,7 @@ public class ApiDefinitionController {
|
||||||
@PostMapping("/copy-batch")
|
@PostMapping("/copy-batch")
|
||||||
@RequiresPermissions(PermissionConstants.PROJECT_API_DEFINITION_READ_COPY_API)
|
@RequiresPermissions(PermissionConstants.PROJECT_API_DEFINITION_READ_COPY_API)
|
||||||
@MsAuditLog(module = OperLogModule.API_DEFINITION, type = OperLogConstants.BATCH_UPDATE, beforeEvent = "#msClass.getLogDetails(#request)", content = "#msClass.getLogDetails(#request)", msClass = ApiDefinitionService.class)
|
@MsAuditLog(module = OperLogModule.API_DEFINITION, type = OperLogConstants.BATCH_UPDATE, beforeEvent = "#msClass.getLogDetails(#request)", content = "#msClass.getLogDetails(#request)", msClass = ApiDefinitionService.class)
|
||||||
|
@CheckOwner(resourceId = "#request.ids", resourceType = "api_definition")
|
||||||
public void batchCopy(@RequestBody ApiBatchRequest request) {
|
public void batchCopy(@RequestBody ApiBatchRequest request) {
|
||||||
apiDefinitionService.batchCopy(request);
|
apiDefinitionService.batchCopy(request);
|
||||||
}
|
}
|
||||||
|
|
|
@ -164,6 +164,7 @@ public class ApiTestCaseController {
|
||||||
|
|
||||||
@PostMapping("/batch/edit")
|
@PostMapping("/batch/edit")
|
||||||
@RequiresPermissions(PermissionConstants.PROJECT_API_DEFINITION_READ_EDIT_CASE)
|
@RequiresPermissions(PermissionConstants.PROJECT_API_DEFINITION_READ_EDIT_CASE)
|
||||||
|
@CheckOwner(resourceId = "#request.ids", resourceType = "api_test_case")
|
||||||
public void editApiBath(@RequestBody ApiCaseEditRequest request) {
|
public void editApiBath(@RequestBody ApiCaseEditRequest request) {
|
||||||
apiTestCaseService.editApiBath(request);
|
apiTestCaseService.editApiBath(request);
|
||||||
}
|
}
|
||||||
|
@ -172,6 +173,7 @@ public class ApiTestCaseController {
|
||||||
@RequiresPermissions(PermissionConstants.PROJECT_API_DEFINITION_READ_EDIT_CASE)
|
@RequiresPermissions(PermissionConstants.PROJECT_API_DEFINITION_READ_EDIT_CASE)
|
||||||
@MsAuditLog(module = OperLogModule.API_DEFINITION_CASE, type = OperLogConstants.BATCH_UPDATE, beforeEvent = "#msClass.getLogDetails(#request.ids)", content = "#msClass.getLogDetails(#request.ids)", msClass = ApiTestCaseService.class)
|
@MsAuditLog(module = OperLogModule.API_DEFINITION_CASE, type = OperLogConstants.BATCH_UPDATE, beforeEvent = "#msClass.getLogDetails(#request.ids)", content = "#msClass.getLogDetails(#request.ids)", msClass = ApiTestCaseService.class)
|
||||||
@SendNotice(taskType = NoticeConstants.TaskType.API_DEFINITION_TASK, event = NoticeConstants.Event.CASE_UPDATE, target = "#targetClass.getApiCaseByIds(#request.ids)", targetClass = ApiTestCaseService.class, subject = "接口用例通知")
|
@SendNotice(taskType = NoticeConstants.TaskType.API_DEFINITION_TASK, event = NoticeConstants.Event.CASE_UPDATE, target = "#targetClass.getApiCaseByIds(#request.ids)", targetClass = ApiTestCaseService.class, subject = "接口用例通知")
|
||||||
|
@CheckOwner(resourceId = "#request.ids", resourceType = "api_test_case")
|
||||||
public void editApiBathByParam(@RequestBody ApiTestBatchRequest request) {
|
public void editApiBathByParam(@RequestBody ApiTestBatchRequest request) {
|
||||||
apiTestCaseService.editApiBathByParam(request);
|
apiTestCaseService.editApiBathByParam(request);
|
||||||
}
|
}
|
||||||
|
@ -184,6 +186,7 @@ public class ApiTestCaseController {
|
||||||
|
|
||||||
@PostMapping("/reduction")
|
@PostMapping("/reduction")
|
||||||
@MsAuditLog(module = OperLogModule.API_DEFINITION_CASE, type = OperLogConstants.RESTORE, beforeEvent = "#msClass.getLogDetails(#request.ids)", content = "#msClass.getLogDetails(#request.ids)", msClass = ApiTestCaseService.class)
|
@MsAuditLog(module = OperLogModule.API_DEFINITION_CASE, type = OperLogConstants.RESTORE, beforeEvent = "#msClass.getLogDetails(#request.ids)", content = "#msClass.getLogDetails(#request.ids)", msClass = ApiTestCaseService.class)
|
||||||
|
@CheckOwner(resourceId = "#request.ids", resourceType = "api_test_case")
|
||||||
public List<String> reduction(@RequestBody ApiTestBatchRequest request) {
|
public List<String> reduction(@RequestBody ApiTestBatchRequest request) {
|
||||||
List<String> cannotReductionTestCaseApiName = apiTestCaseService.reduction(request);
|
List<String> cannotReductionTestCaseApiName = apiTestCaseService.reduction(request);
|
||||||
return cannotReductionTestCaseApiName;
|
return cannotReductionTestCaseApiName;
|
||||||
|
@ -200,6 +203,7 @@ public class ApiTestCaseController {
|
||||||
@PostMapping("/del-batch")
|
@PostMapping("/del-batch")
|
||||||
@RequiresPermissions(PermissionConstants.PROJECT_API_DEFINITION_READ_DELETE_CASE)
|
@RequiresPermissions(PermissionConstants.PROJECT_API_DEFINITION_READ_DELETE_CASE)
|
||||||
@MsAuditLog(module = OperLogModule.API_DEFINITION_CASE, type = OperLogConstants.BATCH_DEL, beforeEvent = "#msClass.getLogDetails(#request.ids)", msClass = ApiTestCaseService.class)
|
@MsAuditLog(module = OperLogModule.API_DEFINITION_CASE, type = OperLogConstants.BATCH_DEL, beforeEvent = "#msClass.getLogDetails(#request.ids)", msClass = ApiTestCaseService.class)
|
||||||
|
@CheckOwner(resourceId = "#request.ids", resourceType = "api_test_case")
|
||||||
public void deleteBatchByParam(@RequestBody ApiTestBatchRequest request) {
|
public void deleteBatchByParam(@RequestBody ApiTestBatchRequest request) {
|
||||||
apiTestCaseService.deleteBatchByParam(request);
|
apiTestCaseService.deleteBatchByParam(request);
|
||||||
}
|
}
|
||||||
|
@ -208,6 +212,7 @@ public class ApiTestCaseController {
|
||||||
@RequiresPermissions(PermissionConstants.PROJECT_API_DEFINITION_READ_DELETE_CASE)
|
@RequiresPermissions(PermissionConstants.PROJECT_API_DEFINITION_READ_DELETE_CASE)
|
||||||
@MsAuditLog(module = OperLogModule.API_DEFINITION_CASE, type = OperLogConstants.BATCH_DEL, beforeEvent = "#msClass.getLogDetails(#request.ids)", msClass = ApiTestCaseService.class)
|
@MsAuditLog(module = OperLogModule.API_DEFINITION_CASE, type = OperLogConstants.BATCH_DEL, beforeEvent = "#msClass.getLogDetails(#request.ids)", msClass = ApiTestCaseService.class)
|
||||||
@SendNotice(taskType = NoticeConstants.TaskType.API_DEFINITION_TASK, event = NoticeConstants.Event.CASE_DELETE, target = "#targetClass.getApiCaseByIds(#request.ids)", targetClass = ApiTestCaseService.class, subject = "接口用例通知")
|
@SendNotice(taskType = NoticeConstants.TaskType.API_DEFINITION_TASK, event = NoticeConstants.Event.CASE_DELETE, target = "#targetClass.getApiCaseByIds(#request.ids)", targetClass = ApiTestCaseService.class, subject = "接口用例通知")
|
||||||
|
@CheckOwner(resourceId = "#request.ids", resourceType = "api_test_case")
|
||||||
public void deleteToGcByParam(@RequestBody ApiTestBatchRequest request) {
|
public void deleteToGcByParam(@RequestBody ApiTestBatchRequest request) {
|
||||||
apiTestCaseService.deleteToGcByParam(request);
|
apiTestCaseService.deleteToGcByParam(request);
|
||||||
}
|
}
|
||||||
|
|
|
@ -162,6 +162,7 @@ public class ApiScenarioController {
|
||||||
|
|
||||||
@PostMapping("/del-batch")
|
@PostMapping("/del-batch")
|
||||||
@MsAuditLog(module = OperLogModule.API_AUTOMATION, type = OperLogConstants.BATCH_DEL, beforeEvent = "#msClass.getLogDetails(#request.ids)", msClass = ApiScenarioService.class)
|
@MsAuditLog(module = OperLogModule.API_AUTOMATION, type = OperLogConstants.BATCH_DEL, beforeEvent = "#msClass.getLogDetails(#request.ids)", msClass = ApiScenarioService.class)
|
||||||
|
@CheckOwner(resourceId = "#request.ids", resourceType = "api_scenario")
|
||||||
public void deleteBatchByCondition(@RequestBody ApiScenarioBatchRequest request) {
|
public void deleteBatchByCondition(@RequestBody ApiScenarioBatchRequest request) {
|
||||||
apiAutomationService.deleteBatchByCondition(request);
|
apiAutomationService.deleteBatchByCondition(request);
|
||||||
}
|
}
|
||||||
|
@ -179,6 +180,7 @@ public class ApiScenarioController {
|
||||||
@RequiresPermissions(PermissionConstants.PROJECT_API_SCENARIO_READ_DELETE)
|
@RequiresPermissions(PermissionConstants.PROJECT_API_SCENARIO_READ_DELETE)
|
||||||
@MsAuditLog(module = OperLogModule.API_AUTOMATION, type = OperLogConstants.BATCH_GC, beforeEvent = "#msClass.getLogDetails(#request.ids)", msClass = ApiScenarioService.class)
|
@MsAuditLog(module = OperLogModule.API_AUTOMATION, type = OperLogConstants.BATCH_GC, beforeEvent = "#msClass.getLogDetails(#request.ids)", msClass = ApiScenarioService.class)
|
||||||
@SendNotice(taskType = NoticeConstants.TaskType.API_AUTOMATION_TASK, target = "#targetClass.getScenarioCaseByIds(#request.ids)", targetClass = ApiScenarioService.class, event = NoticeConstants.Event.DELETE, subject = "接口自动化通知")
|
@SendNotice(taskType = NoticeConstants.TaskType.API_AUTOMATION_TASK, target = "#targetClass.getScenarioCaseByIds(#request.ids)", targetClass = ApiScenarioService.class, event = NoticeConstants.Event.DELETE, subject = "接口自动化通知")
|
||||||
|
@CheckOwner(resourceId = "#request.ids", resourceType = "api_scenario")
|
||||||
public void removeToGcByBatch(@RequestBody ApiScenarioBatchRequest request) {
|
public void removeToGcByBatch(@RequestBody ApiScenarioBatchRequest request) {
|
||||||
apiAutomationService.removeToGcByBatch(request);
|
apiAutomationService.removeToGcByBatch(request);
|
||||||
}
|
}
|
||||||
|
@ -191,6 +193,7 @@ public class ApiScenarioController {
|
||||||
|
|
||||||
@PostMapping("/reduction")
|
@PostMapping("/reduction")
|
||||||
@MsAuditLog(module = OperLogModule.API_AUTOMATION, type = OperLogConstants.RESTORE, beforeEvent = "#msClass.getLogDetails(#ids)", msClass = ApiScenarioService.class)
|
@MsAuditLog(module = OperLogModule.API_AUTOMATION, type = OperLogConstants.RESTORE, beforeEvent = "#msClass.getLogDetails(#ids)", msClass = ApiScenarioService.class)
|
||||||
|
@CheckOwner(resourceId = "#ids", resourceType = "api_scenario")
|
||||||
public void reduction(@RequestBody List<String> ids) {
|
public void reduction(@RequestBody List<String> ids) {
|
||||||
apiAutomationService.reduction(ids);
|
apiAutomationService.reduction(ids);
|
||||||
}
|
}
|
||||||
|
@ -283,6 +286,7 @@ public class ApiScenarioController {
|
||||||
@RequiresPermissions(PermissionConstants.PROJECT_API_SCENARIO_READ_EDIT)
|
@RequiresPermissions(PermissionConstants.PROJECT_API_SCENARIO_READ_EDIT)
|
||||||
@MsAuditLog(module = OperLogModule.API_AUTOMATION, type = OperLogConstants.BATCH_UPDATE, beforeEvent = "#msClass.getLogDetails(#request.ids)", content = "#msClass.getLogDetails(#request.ids)", msClass = ApiScenarioService.class)
|
@MsAuditLog(module = OperLogModule.API_AUTOMATION, type = OperLogConstants.BATCH_UPDATE, beforeEvent = "#msClass.getLogDetails(#request.ids)", content = "#msClass.getLogDetails(#request.ids)", msClass = ApiScenarioService.class)
|
||||||
@SendNotice(taskType = NoticeConstants.TaskType.API_AUTOMATION_TASK, event = NoticeConstants.Event.UPDATE, target = "#targetClass.getScenarioCaseByIds(#request.ids)", targetClass = ApiScenarioService.class, subject = "接口自动化通知")
|
@SendNotice(taskType = NoticeConstants.TaskType.API_AUTOMATION_TASK, event = NoticeConstants.Event.UPDATE, target = "#targetClass.getScenarioCaseByIds(#request.ids)", targetClass = ApiScenarioService.class, subject = "接口自动化通知")
|
||||||
|
@CheckOwner(resourceId = "#request.ids", resourceType = "api_scenario")
|
||||||
public void bathEdit(@RequestBody ApiScenarioBatchRequest request) {
|
public void bathEdit(@RequestBody ApiScenarioBatchRequest request) {
|
||||||
apiAutomationService.bathEdit(request);
|
apiAutomationService.bathEdit(request);
|
||||||
}
|
}
|
||||||
|
@ -290,6 +294,7 @@ public class ApiScenarioController {
|
||||||
@PostMapping("/batch/copy")
|
@PostMapping("/batch/copy")
|
||||||
@RequiresPermissions(value = {PermissionConstants.PROJECT_API_SCENARIO_READ_CREATE, PermissionConstants.PROJECT_API_SCENARIO_READ_BATCH_COPY}, logical = Logical.OR)
|
@RequiresPermissions(value = {PermissionConstants.PROJECT_API_SCENARIO_READ_CREATE, PermissionConstants.PROJECT_API_SCENARIO_READ_BATCH_COPY}, logical = Logical.OR)
|
||||||
@MsAuditLog(module = OperLogModule.API_AUTOMATION, type = OperLogConstants.BATCH_ADD, beforeEvent = "#msClass.getLogDetails(#request.ids)", content = "#msClass.getLogDetails(#request.ids)", msClass = ApiScenarioService.class)
|
@MsAuditLog(module = OperLogModule.API_AUTOMATION, type = OperLogConstants.BATCH_ADD, beforeEvent = "#msClass.getLogDetails(#request.ids)", content = "#msClass.getLogDetails(#request.ids)", msClass = ApiScenarioService.class)
|
||||||
|
@CheckOwner(resourceId = "#request.ids", resourceType = "api_scenario")
|
||||||
public void batchCopy(@RequestBody ApiScenarioBatchRequest request) {
|
public void batchCopy(@RequestBody ApiScenarioBatchRequest request) {
|
||||||
apiAutomationService.batchCopy(request);
|
apiAutomationService.batchCopy(request);
|
||||||
}
|
}
|
||||||
|
@ -297,6 +302,7 @@ public class ApiScenarioController {
|
||||||
@PostMapping("/batch/update/env")
|
@PostMapping("/batch/update/env")
|
||||||
@RequiresPermissions(PermissionConstants.PROJECT_API_SCENARIO_READ_EDIT)
|
@RequiresPermissions(PermissionConstants.PROJECT_API_SCENARIO_READ_EDIT)
|
||||||
@MsAuditLog(module = OperLogModule.API_AUTOMATION, type = OperLogConstants.BATCH_UPDATE, beforeEvent = "#msClass.getLogDetails(#request.ids)", content = "#msClass.getLogDetails(#request.ids)", msClass = ApiScenarioService.class)
|
@MsAuditLog(module = OperLogModule.API_AUTOMATION, type = OperLogConstants.BATCH_UPDATE, beforeEvent = "#msClass.getLogDetails(#request.ids)", content = "#msClass.getLogDetails(#request.ids)", msClass = ApiScenarioService.class)
|
||||||
|
@CheckOwner(resourceId = "#request.ids", resourceType = "api_scenario")
|
||||||
public void batchUpdateEnv(@RequestBody ApiScenarioBatchRequest request) {
|
public void batchUpdateEnv(@RequestBody ApiScenarioBatchRequest request) {
|
||||||
apiAutomationService.batchUpdateEnv(request);
|
apiAutomationService.batchUpdateEnv(request);
|
||||||
}
|
}
|
||||||
|
|
Loading…
Reference in New Issue