diff --git a/api-test/backend/src/main/java/io/metersphere/controller/definition/ApiDefinitionController.java b/api-test/backend/src/main/java/io/metersphere/controller/definition/ApiDefinitionController.java index e9ace1f08b..a7609911aa 100644 --- a/api-test/backend/src/main/java/io/metersphere/controller/definition/ApiDefinitionController.java +++ b/api-test/backend/src/main/java/io/metersphere/controller/definition/ApiDefinitionController.java @@ -69,7 +69,7 @@ public class ApiDefinitionController { } @PostMapping("/list/week/{projectId}/{versionId}/{goPage}/{pageSize}") - @RequiresPermissions(PermissionConstants.PROJECT_API_DEFINITION_READ) + @RequiresPermissions(value= {PermissionConstants.PROJECT_API_DEFINITION_READ, PermissionConstants.PROJECT_API_HOME}, logical = Logical.OR) public Pager> weekList(@PathVariable String projectId, @PathVariable String versionId, @PathVariable int goPage, @PathVariable int pageSize) { if (StringUtils.equalsIgnoreCase(versionId, "default")) { versionId = null; diff --git a/framework/sdk-parent/sdk/src/main/java/io/metersphere/commons/constants/PermissionConstants.java b/framework/sdk-parent/sdk/src/main/java/io/metersphere/commons/constants/PermissionConstants.java index 003fdc20f0..b9244ea1c7 100644 --- a/framework/sdk-parent/sdk/src/main/java/io/metersphere/commons/constants/PermissionConstants.java +++ b/framework/sdk-parent/sdk/src/main/java/io/metersphere/commons/constants/PermissionConstants.java @@ -134,6 +134,7 @@ public class PermissionConstants { public static final String PROJECT_TRACK_REPORT_READ_EDIT = "PROJECT_TRACK_REPORT:READ+EDIT"; public static final String PROJECT_TRACK_REPORT_READ_EXPORT = "PROJECT_TRACK_REPORT:READ+EXPORT"; + public static final String PROJECT_API_HOME = "PROJECT_API_HOME:READ"; public static final String PROJECT_API_DEFINITION_READ = "PROJECT_API_DEFINITION:READ"; public static final String PROJECT_API_DEFINITION_READ_CREATE_API = "PROJECT_API_DEFINITION:READ+CREATE_API"; public static final String PROJECT_API_DEFINITION_READ_EDIT_API = "PROJECT_API_DEFINITION:READ+EDIT_API"; @@ -190,6 +191,7 @@ public class PermissionConstants { public static final String PROJECT_API_REPORT_READ_DELETE = "PROJECT_API_REPORT:READ+DELETE"; public static final String PROJECT_API_REPORT_READ_EXPORT = "PROJECT_API_REPORT:READ+EXPORT"; + public static final String PROJECT_PERFORMANCE_HOME = "PROJECT_PERFORMANCE_HOME:READ"; public static final String PROJECT_PERFORMANCE_TEST_READ = "PROJECT_PERFORMANCE_TEST:READ"; public static final String PROJECT_PERFORMANCE_TEST_READ_CREATE = "PROJECT_PERFORMANCE_TEST:READ+CREATE"; public static final String PROJECT_PERFORMANCE_TEST_READ_EDIT = "PROJECT_PERFORMANCE_TEST:READ+EDIT"; diff --git a/performance-test/backend/src/main/java/io/metersphere/controller/PerformanceTestController.java b/performance-test/backend/src/main/java/io/metersphere/controller/PerformanceTestController.java index 578177ae04..41d317dfc9 100644 --- a/performance-test/backend/src/main/java/io/metersphere/controller/PerformanceTestController.java +++ b/performance-test/backend/src/main/java/io/metersphere/controller/PerformanceTestController.java @@ -23,6 +23,7 @@ import io.metersphere.service.BaseCheckPermissionService; import io.metersphere.service.PerformanceTestService; import io.metersphere.task.dto.TaskRequestDTO; import jakarta.annotation.Resource; +import org.apache.shiro.authz.annotation.Logical; import org.apache.shiro.authz.annotation.RequiresPermissions; import org.springframework.http.HttpHeaders; import org.springframework.http.MediaType; @@ -49,7 +50,7 @@ public class PerformanceTestController { private ApiPerformanceService apiPerformanceService; @PostMapping("recent/{count}") - @RequiresPermissions(PermissionConstants.PROJECT_PERFORMANCE_TEST_READ) + @RequiresPermissions(value = {PermissionConstants.PROJECT_PERFORMANCE_TEST_READ, PermissionConstants.PROJECT_PERFORMANCE_HOME}, logical = Logical.OR) public List recentTestPlans(@PathVariable int count, @RequestBody QueryTestPlanRequest request) { PageHelper.startPage(1, count, true); return performanceTestService.recentTestPlans(request); @@ -264,7 +265,7 @@ public class PerformanceTestController { } @PostMapping("/list/schedule") - @RequiresPermissions(PermissionConstants.PROJECT_PERFORMANCE_TEST_READ_SCHEDULE) + @RequiresPermissions(value = {PermissionConstants.PROJECT_PERFORMANCE_TEST_READ_SCHEDULE, PermissionConstants.PROJECT_PERFORMANCE_HOME}, logical = Logical.OR) public List listSchedule(@RequestBody QueryScheduleRequest request) { return performanceTestService.listSchedule(request); } diff --git a/project-management/backend/src/main/java/io/metersphere/controller/CustomFieldTemplateController.java b/project-management/backend/src/main/java/io/metersphere/controller/CustomFieldTemplateController.java index 3bf307f318..ea76b8a1c9 100644 --- a/project-management/backend/src/main/java/io/metersphere/controller/CustomFieldTemplateController.java +++ b/project-management/backend/src/main/java/io/metersphere/controller/CustomFieldTemplateController.java @@ -6,6 +6,7 @@ import io.metersphere.commons.constants.PermissionConstants; import io.metersphere.dto.CustomFieldDao; import io.metersphere.dto.CustomFieldTemplateDao; import io.metersphere.service.CustomFieldTemplateService; +import org.apache.shiro.authz.annotation.Logical; import org.apache.shiro.authz.annotation.RequiresPermissions; import org.springframework.web.bind.annotation.*; @@ -20,7 +21,8 @@ public class CustomFieldTemplateController { CustomFieldTemplateService customFieldTemplateService; @PostMapping("/list") - @RequiresPermissions(PermissionConstants.PROJECT_TEMPLATE_READ_CUSTOM) + @RequiresPermissions(value = {PermissionConstants.PROJECT_TEMPLATE_READ_CUSTOM, PermissionConstants.PROJECT_TEMPLATE_READ_CASE_TEMPLATE, + PermissionConstants.PROJECT_TEMPLATE_READ_ISSUE_TEMPLATE, PermissionConstants.PROJECT_TEMPLATE_READ_API_TEMPLATE}, logical = Logical.OR) public List list(@RequestBody CustomFieldTemplate request) { return customFieldTemplateService.list(request); } diff --git a/test-track/backend/src/main/java/io/metersphere/controller/TestCaseReviewController.java b/test-track/backend/src/main/java/io/metersphere/controller/TestCaseReviewController.java index 0afc16831d..d372b15abf 100644 --- a/test-track/backend/src/main/java/io/metersphere/controller/TestCaseReviewController.java +++ b/test-track/backend/src/main/java/io/metersphere/controller/TestCaseReviewController.java @@ -20,6 +20,7 @@ import io.metersphere.service.*; import io.metersphere.dto.TestCaseReviewDTO; import io.metersphere.dto.TestReviewDTOWithMetric; import io.metersphere.service.wapper.CheckPermissionService; +import org.apache.shiro.authz.annotation.Logical; import org.apache.shiro.authz.annotation.RequiresPermissions; import org.springframework.web.bind.annotation.*; @@ -146,7 +147,7 @@ public class TestCaseReviewController { } @PostMapping("/list/all/relate/{goPage}/{pageSize}") - @RequiresPermissions(PermissionConstants.PROJECT_TRACK_REVIEW_READ) + @RequiresPermissions(value= {PermissionConstants.PROJECT_TRACK_REVIEW_READ, PermissionConstants.PROJECT_TRACK_HOME}, logical = Logical.OR) public Pager> listRelateAll(@PathVariable int goPage, @PathVariable int pageSize, @RequestBody ReviewRelateRequest request) { testCaseReviewService.setReviewIds(request); Page page = PageHelper.startPage(goPage, pageSize, true);