test-version22
/
MeterSphere
mirror of https://gitee.com/fit2cloud-feizhiyun/MeterSphere.git
1
0
Fork 0
Code Issues Projects Releases Wiki Activity

fix(系统设置): 项目下空用户组导致的切换项目问题 

--bug=1044318 --user=宋昌昌 【系统设置】用户有系统和组织权限,项目是空权限,登录后看不到系统和组织菜单 https://www.tapd.cn/55049933/s/1552677
This commit is contained in:
song-cc-rock 2024-07-23 11:49:26 +08:00 committed by 刘瑞斌
parent c3a981bdf5
commit ee7b31d7e2
3 changed files with 19 additions and 10 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
backend/framework/domain/src/main/resources/migration/3.1.0/dml/V3.1.0_2_1__data.sql
View File

@ -56,5 +56,9 @@ WHERE status != 'ARCHIVED';
INSERT INTO user_role_permission (id, role_id, permission_id) VALUES (UUID_SHORT(), 'org_admin', 'ORGANIZATION_MEMBER:READ+INVITE'); INSERT INTO user_role_permission (id, role_id, permission_id) VALUES (UUID_SHORT(), 'org_admin', 'ORGANIZATION_MEMBER:READ+INVITE');
INSERT INTO user_role_permission (id, role_id, permission_id) VALUES (UUID_SHORT(), 'project_admin', 'PROJECT_USER:READ+INVITE'); INSERT INTO user_role_permission (id, role_id, permission_id) VALUES (UUID_SHORT(), 'project_admin', 'PROJECT_USER:READ+INVITE');
-- 项目用户组内置基本信息权限位
delete from user_role_permission where role_id in (select id from user_role where type = 'PROJECT') and permission_id = 'PROJECT_BASE_INFO:READ';
insert into user_role_permission (id, role_id, permission_id) SELECT UUID_SHORT(), id, 'PROJECT_BASE_INFO:READ' from user_role where type = 'PROJECT';
-- set innodb lock wait timeout to default -- set innodb lock wait timeout to default
SET SESSION innodb_lock_wait_timeout = DEFAULT; SET SESSION innodb_lock_wait_timeout = DEFAULT;

22
backend/services/project-management/src/main/java/io/metersphere/project/service/ProjectUserRoleService.java
View File

@ -12,18 +12,17 @@ import io.metersphere.sdk.constants.InternalUserRole;
import io.metersphere.sdk.constants.UserRoleType; import io.metersphere.sdk.constants.UserRoleType;
import io.metersphere.sdk.exception.MSException; import io.metersphere.sdk.exception.MSException;
import io.metersphere.sdk.util.Translator; import io.metersphere.sdk.util.Translator;
import io.metersphere.system.domain.User; import io.metersphere.system.domain.*;
import io.metersphere.system.domain.UserRole;
import io.metersphere.system.domain.UserRoleRelation;
import io.metersphere.system.domain.UserRoleRelationExample;
import io.metersphere.system.dto.permission.PermissionDefinitionItem; import io.metersphere.system.dto.permission.PermissionDefinitionItem;
import io.metersphere.system.dto.sdk.request.PermissionSettingUpdateRequest; import io.metersphere.system.dto.sdk.request.PermissionSettingUpdateRequest;
import io.metersphere.system.mapper.UserRoleMapper; import io.metersphere.system.mapper.UserRoleMapper;
import io.metersphere.system.mapper.UserRolePermissionMapper;
import io.metersphere.system.mapper.UserRoleRelationMapper; import io.metersphere.system.mapper.UserRoleRelationMapper;
import io.metersphere.system.service.BaseUserRoleService; import io.metersphere.system.service.BaseUserRoleService;
import io.metersphere.system.uid.IDGenerator; import io.metersphere.system.uid.IDGenerator;
import jakarta.annotation.Resource; import jakarta.annotation.Resource;
import org.apache.commons.collections.CollectionUtils; import org.apache.commons.collections.CollectionUtils;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.stereotype.Service; import org.springframework.stereotype.Service;
import org.springframework.transaction.annotation.Transactional; import org.springframework.transaction.annotation.Transactional;
@ -51,6 +50,8 @@ public class ProjectUserRoleService extends BaseUserRoleService {
private UserRoleRelationMapper userRoleRelationMapper; private UserRoleRelationMapper userRoleRelationMapper;
@Resource @Resource
private ExtProjectUserRoleMapper extProjectUserRoleMapper; private ExtProjectUserRoleMapper extProjectUserRoleMapper;
@Autowired
private UserRolePermissionMapper userRolePermissionMapper;
public List<ProjectUserRoleDTO> list(ProjectUserRoleRequest request) { public List<ProjectUserRoleDTO> list(ProjectUserRoleRequest request) {
List<ProjectUserRoleDTO> roles = extProjectUserRoleMapper.list(request); List<ProjectUserRoleDTO> roles = extProjectUserRoleMapper.list(request);
@ -81,7 +82,14 @@ public class ProjectUserRoleService extends BaseUserRoleService {
userRole.setInternal(false); userRole.setInternal(false);
userRole.setType(UserRoleType.PROJECT.name()); userRole.setType(UserRoleType.PROJECT.name());
checkNewRoleExist(userRole); checkNewRoleExist(userRole);
return super.add(userRole); UserRole role = super.add(userRole);
// 初始化项目-基本信息权限
UserRolePermission initPermission = new UserRolePermission();
initPermission.setId(IDGenerator.nextStr());
initPermission.setRoleId(role.getId());
initPermission.setPermissionId("PROJECT_BASE_INFO:READ");
userRolePermissionMapper.insert(initPermission);
return role;
} }
@Override @Override
@ -126,8 +134,8 @@ public class ProjectUserRoleService extends BaseUserRoleService {
public void removeMember(ProjectUserRoleMemberEditRequest request) { public void removeMember(ProjectUserRoleMemberEditRequest request) {
String removeUserId = request.getUserIds().getFirst(); String removeUserId = request.getUserIds().getFirst();
checkMemberParam(removeUserId, request.getUserRoleId()); checkMemberParam(removeUserId, request.getUserRoleId());
//检查移除的是不是管理员 // 检查移除的是不是管理员
if (StringUtils.equals(request.getUserRoleId(),InternalUserRole.PROJECT_ADMIN.getValue())) { if (StringUtils.equals(request.getUserRoleId(), InternalUserRole.PROJECT_ADMIN.getValue())) {
UserRoleRelationExample userRoleRelationExample = new UserRoleRelationExample(); UserRoleRelationExample userRoleRelationExample = new UserRoleRelationExample();
userRoleRelationExample.createCriteria().andUserIdNotEqualTo(removeUserId) userRoleRelationExample.createCriteria().andUserIdNotEqualTo(removeUserId)
.andSourceIdEqualTo(request.getProjectId()) .andSourceIdEqualTo(request.getProjectId())

3
backend/services/project-management/src/main/resources/permission.json
View File

@ -8,9 +8,6 @@
"id": "PROJECT_BASE_INFO", "id": "PROJECT_BASE_INFO",
"name": "permission.project_base_info.name", "name": "permission.project_base_info.name",
"permissions": [ "permissions": [
{
"id": "PROJECT_BASE_INFO:READ"
},
{ {
"id": "PROJECT_BASE_INFO:READ+UPDATE" "id": "PROJECT_BASE_INFO:READ+UPDATE"
} }