fix(系统设置): 项目下空用户组导致的切换项目问题

--bug=1044318 --user=宋昌昌【系统设置】用户有系统和组织权限，项目是空权限，登录后看不到系统和组织菜单 https://www.tapd.cn/55049933/s/1552677
2024-07-23 11:49:26 +08:00 · 2024-07-23 11:49:26 +08:00 · ee7b31d7e2
parent c3a981bdf5
commit ee7b31d7e2
3 changed files with 19 additions and 10 deletions
--- a/backend/framework/domain/src/main/resources/migration/3.1.0/dml/V3.1.0_2_1__data.sql
+++ b/backend/framework/domain/src/main/resources/migration/3.1.0/dml/V3.1.0_2_1__data.sql
@ -56,5 +56,9 @@ WHERE status != 'ARCHIVED';
 INSERT INTO user_role_permission (id, role_id, permission_id) VALUES (UUID_SHORT(), 'org_admin', 'ORGANIZATION_MEMBER:READ+INVITE');
 INSERT INTO user_role_permission (id, role_id, permission_id) VALUES (UUID_SHORT(), 'project_admin', 'PROJECT_USER:READ+INVITE');

+-- 项目用户组内置基本信息权限位
+delete from user_role_permission where role_id in (select id from user_role where type = 'PROJECT') and permission_id = 'PROJECT_BASE_INFO:READ';
+insert into user_role_permission (id, role_id, permission_id) SELECT UUID_SHORT(), id, 'PROJECT_BASE_INFO:READ' from user_role where type = 'PROJECT';
+
 -- set innodb lock wait timeout to default
 SET SESSION innodb_lock_wait_timeout = DEFAULT;
--- a/backend/services/project-management/src/main/java/io/metersphere/project/service/ProjectUserRoleService.java
+++ b/backend/services/project-management/src/main/java/io/metersphere/project/service/ProjectUserRoleService.java
@ -12,18 +12,17 @@ import io.metersphere.sdk.constants.InternalUserRole;
 import io.metersphere.sdk.constants.UserRoleType;
 import io.metersphere.sdk.exception.MSException;
 import io.metersphere.sdk.util.Translator;
-import io.metersphere.system.domain.User;
-import io.metersphere.system.domain.UserRole;
-import io.metersphere.system.domain.UserRoleRelation;
-import io.metersphere.system.domain.UserRoleRelationExample;
+import io.metersphere.system.domain.*;
 import io.metersphere.system.dto.permission.PermissionDefinitionItem;
 import io.metersphere.system.dto.sdk.request.PermissionSettingUpdateRequest;
 import io.metersphere.system.mapper.UserRoleMapper;
+import io.metersphere.system.mapper.UserRolePermissionMapper;
 import io.metersphere.system.mapper.UserRoleRelationMapper;
 import io.metersphere.system.service.BaseUserRoleService;
 import io.metersphere.system.uid.IDGenerator;
 import jakarta.annotation.Resource;
 import org.apache.commons.collections.CollectionUtils;
+import org.springframework.beans.factory.annotation.Autowired;
 import org.springframework.stereotype.Service;
 import org.springframework.transaction.annotation.Transactional;

@ -51,6 +50,8 @@ public class ProjectUserRoleService extends BaseUserRoleService {
    private UserRoleRelationMapper userRoleRelationMapper;
    @Resource
    private ExtProjectUserRoleMapper extProjectUserRoleMapper;
+	@Autowired
+	private UserRolePermissionMapper userRolePermissionMapper;

    public List<ProjectUserRoleDTO> list(ProjectUserRoleRequest request) {
        List<ProjectUserRoleDTO> roles = extProjectUserRoleMapper.list(request);
@ -81,7 +82,14 @@ public class ProjectUserRoleService extends BaseUserRoleService {
        userRole.setInternal(false);
        userRole.setType(UserRoleType.PROJECT.name());
        checkNewRoleExist(userRole);
-        return super.add(userRole);
+        UserRole role = super.add(userRole);
+        // 初始化项目-基本信息权限
+        UserRolePermission initPermission = new UserRolePermission();
+        initPermission.setId(IDGenerator.nextStr());
+        initPermission.setRoleId(role.getId());
+        initPermission.setPermissionId("PROJECT_BASE_INFO:READ");
+        userRolePermissionMapper.insert(initPermission);
+        return role;
    }

    @Override
@ -126,8 +134,8 @@ public class ProjectUserRoleService extends BaseUserRoleService {
    public void removeMember(ProjectUserRoleMemberEditRequest request) {
        String removeUserId = request.getUserIds().getFirst();
        checkMemberParam(removeUserId, request.getUserRoleId());
-        //检查移除的是不是管理员
-        if (StringUtils.equals(request.getUserRoleId(),InternalUserRole.PROJECT_ADMIN.getValue())) {
+        // 检查移除的是不是管理员
+        if (StringUtils.equals(request.getUserRoleId(), InternalUserRole.PROJECT_ADMIN.getValue())) {
            UserRoleRelationExample userRoleRelationExample = new UserRoleRelationExample();
            userRoleRelationExample.createCriteria().andUserIdNotEqualTo(removeUserId)
                    .andSourceIdEqualTo(request.getProjectId())
--- a/backend/services/project-management/src/main/resources/permission.json
+++ b/backend/services/project-management/src/main/resources/permission.json
@ -8,9 +8,6 @@
        "id": "PROJECT_BASE_INFO",
        "name": "permission.project_base_info.name",
        "permissions": [
-          {
-            "id": "PROJECT_BASE_INFO:READ"
-          },
          {
            "id": "PROJECT_BASE_INFO:READ+UPDATE"
          }