From eef046300bd12621d87130452d1a079840a18bc6 Mon Sep 17 00:00:00 2001
From: shiziyuan9527 <yuhao.li@fit2cloud.com>
Date: Thu, 22 Dec 2022 10:58:18 +0800
Subject: [PATCH] =?UTF-8?q?refactor(=E7=B3=BB=E7=BB=9F=E8=AE=BE=E7=BD=AE):?=
 =?UTF-8?q?=20=E8=B6=85=E7=BA=A7=E7=94=A8=E6=88=B7=E7=BB=84=E6=9D=83?=
 =?UTF-8?q?=E9=99=90?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

---
 .../frontend/src/utils/constants.js           |  1 +
 .../frontend/src/utils/permission.js          | 20 +++++--------------
 .../commons/utils/SessionUtils.java           | 10 ++++++++++
 .../io/metersphere/service/GroupService.java  |  4 +---
 .../io/metersphere/service/GroupService.java  | 17 ++++++++--------
 .../business/system/group/EditPermission.vue  |  4 ++--
 .../business/system/group/GroupPermission.vue |  4 +++-
 .../src/business/system/group/UserGroup.vue   |  5 ++++-
 8 files changed, 35 insertions(+), 30 deletions(-)

diff --git a/framework/sdk-parent/frontend/src/utils/constants.js b/framework/sdk-parent/frontend/src/utils/constants.js
index 0057a94285..e42f2a3706 100644
--- a/framework/sdk-parent/frontend/src/utils/constants.js
+++ b/framework/sdk-parent/frontend/src/utils/constants.js
@@ -24,6 +24,7 @@ export const ROLE_ORG_ADMIN = 'org_admin';
 export const ROLE_TEST_MANAGER = 'test_manager';
 export const ROLE_TEST_USER = 'test_user';
 export const ROLE_TEST_VIEWER = 'test_viewer';
+export const SUPER_GROUP = 'super_group';
 
 export const ORGANIZATION_ID = 'organization_id';
 export const WORKSPACE_ID = 'workspace_id';
diff --git a/framework/sdk-parent/frontend/src/utils/permission.js b/framework/sdk-parent/frontend/src/utils/permission.js
index a74ac7e255..f0e093b38e 100644
--- a/framework/sdk-parent/frontend/src/utils/permission.js
+++ b/framework/sdk-parent/frontend/src/utils/permission.js
@@ -1,8 +1,12 @@
-import {LicenseKey} from "./constants";
+import {LicenseKey, SUPER_GROUP} from "./constants";
 import {getCurrentProjectID, getCurrentUser, getCurrentWorkspaceId} from "./token";
 
 export function hasPermission(permission) {
   let user = getCurrentUser();
+  let index = user.groups.findIndex(g => g.id === SUPER_GROUP);
+  if (index !== -1) {
+    return true;
+  }
 
   user.userGroups.forEach(ug => {
     user.groupPermissions.forEach(gp => {
@@ -13,20 +17,6 @@ export function hasPermission(permission) {
     });
   });
 
-  let superGroupPermissions = user.userGroups.filter(ug => ug.group && ug.group.id === 'super_group')
-    .flatMap(ug => ug.userGroupPermissions)
-    .map(g => g.permissionId)
-    .reduce((total, current) => {
-      total.add(current);
-      return total;
-    }, new Set);
-
-  for (const p of superGroupPermissions) {
-    if (p === permission) {
-      return true;
-    }
-  }
-
   // todo 权限验证
   let currentProjectPermissions = user.userGroups.filter(ug => ug.group && ug.group.type === 'PROJECT')
     .filter(ug => ug.sourceId === getCurrentProjectID())
diff --git a/framework/sdk-parent/sdk/src/main/java/io/metersphere/commons/utils/SessionUtils.java b/framework/sdk-parent/sdk/src/main/java/io/metersphere/commons/utils/SessionUtils.java
index 4f9a5847d5..aa07badaf2 100644
--- a/framework/sdk-parent/sdk/src/main/java/io/metersphere/commons/utils/SessionUtils.java
+++ b/framework/sdk-parent/sdk/src/main/java/io/metersphere/commons/utils/SessionUtils.java
@@ -2,6 +2,7 @@ package io.metersphere.commons.utils;
 
 import io.metersphere.base.domain.Group;
 import io.metersphere.base.domain.UserGroupPermission;
+import io.metersphere.commons.constants.UserGroupConstants;
 import io.metersphere.commons.user.SessionUser;
 import org.apache.commons.collections4.MapUtils;
 import org.apache.commons.lang3.StringUtils;
@@ -141,6 +142,15 @@ public class SessionUtils {
             }
         }));
 
+        long count = user.getGroups()
+                .stream()
+                .filter(g -> StringUtils.equals(g.getId(), UserGroupConstants.SUPER_GROUP))
+                .count();
+
+        if (count > 0) {
+            return true;
+        }
+
 
         Set<String> currentProjectPermissions = getCurrentProjectPermissions(userGroupPermissions, projectId, group, user);
         if (currentProjectPermissions.contains(permission)) {
diff --git a/project-management/backend/src/main/java/io/metersphere/service/GroupService.java b/project-management/backend/src/main/java/io/metersphere/service/GroupService.java
index 0c857795b7..450aa26549 100644
--- a/project-management/backend/src/main/java/io/metersphere/service/GroupService.java
+++ b/project-management/backend/src/main/java/io/metersphere/service/GroupService.java
@@ -70,8 +70,6 @@ public class GroupService {
     @Resource
     private BaseUserService baseUserService;
     private static final String GLOBAL = "global";
-    private static final String SUPER_GROUP = "super_group";
-
 
     // 服务权限拼装顺序
     private static final String[] servicePermissionLoadOrder = {MicroServiceName.PROJECT_MANAGEMENT,
@@ -225,7 +223,7 @@ public class GroupService {
     }
 
     public void editGroupPermission(EditGroupRequest request) {
-        if (StringUtils.equals(request.getUserGroupId(), SUPER_GROUP)) {
+        if (StringUtils.equals(request.getUserGroupId(), UserGroupConstants.SUPER_GROUP)) {
             return;
         }
         List<GroupPermission> permissions = request.getPermissions();
diff --git a/system-setting/backend/src/main/java/io/metersphere/service/GroupService.java b/system-setting/backend/src/main/java/io/metersphere/service/GroupService.java
index d2b5874abe..335a083fec 100644
--- a/system-setting/backend/src/main/java/io/metersphere/service/GroupService.java
+++ b/system-setting/backend/src/main/java/io/metersphere/service/GroupService.java
@@ -68,7 +68,6 @@ public class GroupService {
     private UserMapper userMapper;
 
     private static final String GLOBAL = "global";
-    private static final String SUPER_GROUP = "super_group";
     private static final String PERSONAL_PREFIX = "PERSONAL";
 
 
@@ -236,7 +235,7 @@ public class GroupService {
 
     public void editGroupPermission(EditGroupRequest request) {
         // 超级用户组禁止修改权限
-        if (StringUtils.equals(request.getUserGroupId(), SUPER_GROUP)) {
+        if (StringUtils.equals(request.getUserGroupId(), UserGroupConstants.SUPER_GROUP)) {
             return;
         }
         List<GroupPermission> permissions = request.getPermissions();
@@ -331,19 +330,21 @@ public class GroupService {
     private List<GroupResourceDTO> getResourcePermission(List<GroupResource> resources, List<GroupPermission> permissions, Group group, List<String> permissionList) {
         List<GroupResourceDTO> dto = new ArrayList<>();
         List<GroupResource> grs;
-        if (StringUtils.equals(group.getId(), SUPER_GROUP)) {
+        if (StringUtils.equals(group.getId(), UserGroupConstants.SUPER_GROUP)) {
             grs = resources;
+            permissions.forEach(p -> p.setChecked(true));
         } else {
             grs = resources
                     .stream()
                     .filter(g -> g.getId().startsWith(group.getType()) || g.getId().startsWith(PERSONAL_PREFIX))
                     .collect(Collectors.toList());
+            permissions.forEach(p -> {
+                if (permissionList.contains(p.getId())) {
+                    p.setChecked(true);
+                }
+            });
         }
-        permissions.forEach(p -> {
-            if (permissionList.contains(p.getId())) {
-                p.setChecked(true);
-            }
-        });
+
         for (GroupResource r : grs) {
             GroupResourceDTO resourceDTO = new GroupResourceDTO();
             resourceDTO.setResource(r);
diff --git a/system-setting/frontend/src/business/system/group/EditPermission.vue b/system-setting/frontend/src/business/system/group/EditPermission.vue
index 46284076b2..2350686722 100644
--- a/system-setting/frontend/src/business/system/group/EditPermission.vue
+++ b/system-setting/frontend/src/business/system/group/EditPermission.vue
@@ -71,7 +71,7 @@
 import GroupPermission from "./GroupPermission";
 import {PROJECT_GROUP_SCOPE, USER_GROUP_SCOPE} from "metersphere-frontend/src/utils/table-constants";
 import {hasLicense} from "metersphere-frontend/src/utils/permission";
-import {GROUP_TYPE} from 'metersphere-frontend/src/utils/constants'
+import {GROUP_TYPE, SUPER_GROUP} from 'metersphere-frontend/src/utils/constants'
 import {getUserGroupPermission, modifyUserGroupPermission} from "../../../api/user-group";
 
 export default {
@@ -99,7 +99,7 @@ export default {
     },
     isReadOnly() {
       return function (data) {
-        if (this.group.id === 'super_group') {
+        if (this.group.id === SUPER_GROUP) {
           return true;
         }
         const isDefaultSystemGroup = this.group.id === 'admin' && data.resource.id === 'SYSTEM_GROUP';
diff --git a/system-setting/frontend/src/business/system/group/GroupPermission.vue b/system-setting/frontend/src/business/system/group/GroupPermission.vue
index 25340bcffc..d5d5054dcb 100644
--- a/system-setting/frontend/src/business/system/group/GroupPermission.vue
+++ b/system-setting/frontend/src/business/system/group/GroupPermission.vue
@@ -13,6 +13,8 @@
 </template>
 
 <script>
+import {SUPER_GROUP} from 'metersphere-frontend/src/utils/constants';
+
 export default {
   name: "GroupPermission",
   props: {
@@ -45,7 +47,7 @@ export default {
     isReadOnly() {
       return function (permission) {
         // 禁止取消系统管理员用户组权限
-        if (this.group.id === 'super_group') {
+        if (this.group.id === SUPER_GROUP) {
           return true;
         }
         // 禁止取消系统管理员用户组和超级管理员用户组的读取和设置权限
diff --git a/system-setting/frontend/src/business/system/group/UserGroup.vue b/system-setting/frontend/src/business/system/group/UserGroup.vue
index 210723d969..b2bfe9325f 100644
--- a/system-setting/frontend/src/business/system/group/UserGroup.vue
+++ b/system-setting/frontend/src/business/system/group/UserGroup.vue
@@ -46,7 +46,7 @@
         <el-table-column prop="description" :label="$t('group.description')" show-overflow-tooltip/>
         <el-table-column :label="$t('commons.operating')" min-width="120">
           <template v-slot="scope">
-            <div v-if="scope.row.id === 'super_group'">
+            <div v-if="scope.row.id === SUPER_GROUP">
               <ms-table-operator
                 :is-show="true"
                 @editClick="edit(scope.row)" @deleteClick="del(scope.row)">
@@ -101,6 +101,8 @@ import {_sort} from "metersphere-frontend/src/utils/tableUtils";
 import GroupMember from "./GroupMember";
 import {hasPermission} from "metersphere-frontend/src/utils/permission";
 import {delUserGroupById, getUserGroupListByPage} from "../../../api/user-group";
+import {SUPER_GROUP} from 'metersphere-frontend/src/utils/constants'
+
 
 export default {
   name: "UserGroup",
@@ -123,6 +125,7 @@ export default {
       total: 0,
       screenHeight: 'calc(100vh - 160px)',
       groups: [],
+      SUPER_GROUP
     };
   },
   activated() {