Skip to content
体验新版
项目
组织
正在加载...
登录
切换导航
打开侧边栏
MeterSphere
metersphere
提交
475ea93a
M
metersphere
项目概览
MeterSphere
/
metersphere
上一次同步 大约 3 年
通知
25
Star
1
Fork
1
代码
文件
提交
分支
Tags
贡献者
分支图
Diff
Issue
0
列表
看板
标记
里程碑
合并请求
0
DevOps
流水线
流水线任务
计划
Wiki
0
Wiki
分析
仓库
DevOps
项目成员
Pages
M
metersphere
项目概览
项目概览
详情
发布
仓库
仓库
文件
提交
分支
标签
贡献者
分支图
比较
Issue
0
Issue
0
列表
看板
标记
里程碑
合并请求
0
合并请求
0
Pages
DevOps
DevOps
流水线
流水线任务
计划
分析
分析
仓库分析
DevOps
Wiki
0
Wiki
成员
成员
收起侧边栏
关闭侧边栏
动态
分支图
创建新Issue
流水线任务
提交
Issue看板
体验新版 GitCode,发现更多精彩内容 >>
提交
475ea93a
编写于
3月 09, 2020
作者:
S
shiziyuan9527
浏览文件
操作
浏览文件
下载
电子邮件补丁
差异文件
组织工作空间添加移除用户时做资源所属检查
上级
6ff15af9
变更
8
隐藏空白更改
内联
并排
Showing
8 changed file
with
86 addition
and
23 deletion
+86
-23
backend/src/main/java/io/metersphere/controller/OrganizationController.java
...ava/io/metersphere/controller/OrganizationController.java
+1
-0
backend/src/main/java/io/metersphere/controller/UserController.java
...c/main/java/io/metersphere/controller/UserController.java
+15
-16
backend/src/main/java/io/metersphere/controller/UserRoleController.java
...in/java/io/metersphere/controller/UserRoleController.java
+1
-0
backend/src/main/java/io/metersphere/controller/WorkspaceController.java
...n/java/io/metersphere/controller/WorkspaceController.java
+2
-2
backend/src/main/java/io/metersphere/service/OrganizationService.java
...main/java/io/metersphere/service/OrganizationService.java
+17
-0
backend/src/main/java/io/metersphere/service/WorkspaceService.java
...rc/main/java/io/metersphere/service/WorkspaceService.java
+46
-3
backend/src/main/resources/i18n/en-US.json
backend/src/main/resources/i18n/en-US.json
+2
-1
backend/src/main/resources/i18n/zh-CN.json
backend/src/main/resources/i18n/zh-CN.json
+2
-1
未找到文件。
backend/src/main/java/io/metersphere/controller/OrganizationController.java
浏览文件 @
475ea93a
...
...
@@ -37,6 +37,7 @@ public class OrganizationController {
}
@GetMapping
(
"/delete/{organizationId}"
)
@RequiresRoles
(
RoleConstants
.
ADMIN
)
public
void
deleteOrganization
(
@PathVariable
(
value
=
"organizationId"
)
String
organizationId
)
{
organizationService
.
deleteOrganization
(
organizationId
);
}
@PostMapping
(
"/update"
)
...
...
backend/src/main/java/io/metersphere/controller/UserController.java
浏览文件 @
475ea93a
...
...
@@ -12,7 +12,9 @@ import io.metersphere.controller.request.member.QueryMemberRequest;
import
io.metersphere.controller.request.organization.AddOrgMemberRequest
;
import
io.metersphere.controller.request.organization.QueryOrgMemberRequest
;
import
io.metersphere.dto.UserDTO
;
import
io.metersphere.service.OrganizationService
;
import
io.metersphere.service.UserService
;
import
io.metersphere.service.WorkspaceService
;
import
io.metersphere.user.SessionUser
;
import
io.metersphere.user.SessionUtils
;
import
org.apache.shiro.authz.annotation.Logical
;
...
...
@@ -28,6 +30,10 @@ public class UserController {
@Resource
private
UserService
userService
;
@Resource
private
OrganizationService
organizationService
;
@Resource
private
WorkspaceService
workspaceService
;
// admin api
@PostMapping
(
"/special/add"
)
...
...
@@ -123,7 +129,6 @@ public class UserController {
@PostMapping
(
"/switch/source/org/{sourceId}"
)
@RequiresRoles
(
RoleConstants
.
ORG_ADMIN
)
public
UserDTO
switchOrganization
(
@PathVariable
(
value
=
"sourceId"
)
String
sourceId
)
{
// todo checkOrganizationOwner()
UserDTO
user
=
SessionUtils
.
getUser
();
userService
.
switchUserRole
(
user
,
"organization"
,
sourceId
);
return
SessionUtils
.
getUser
();
...
...
@@ -132,7 +137,6 @@ public class UserController {
@PostMapping
(
"/switch/source/ws/{sourceId}"
)
@RequiresRoles
(
value
=
{
RoleConstants
.
TEST_MANAGER
,
RoleConstants
.
TEST_VIEWER
,
RoleConstants
.
TEST_USER
},
logical
=
Logical
.
OR
)
public
UserDTO
switchWorkspace
(
@PathVariable
(
value
=
"sourceId"
)
String
sourceId
)
{
// todo checkWorkspaceOwner()
UserDTO
user
=
SessionUtils
.
getUser
();
userService
.
switchUserRole
(
user
,
"workspace"
,
sourceId
);
return
SessionUtils
.
getUser
();
...
...
@@ -150,7 +154,6 @@ public class UserController {
@RequiresRoles
(
value
=
{
RoleConstants
.
ORG_ADMIN
,
RoleConstants
.
TEST_MANAGER
,
RoleConstants
.
TEST_USER
,
RoleConstants
.
TEST_VIEWER
},
logical
=
Logical
.
OR
)
public
Pager
<
List
<
User
>>
getMemberList
(
@PathVariable
int
goPage
,
@PathVariable
int
pageSize
,
@RequestBody
QueryMemberRequest
request
)
{
// todo 检查是否是该工作空间的所有者 或者是 该工作空间的父级组织的所有者
Page
<
Object
>
page
=
PageHelper
.
startPage
(
goPage
,
pageSize
,
true
);
return
PageUtils
.
setPageInfo
(
page
,
userService
.
getMemberList
(
request
));
}
...
...
@@ -162,7 +165,6 @@ public class UserController {
@RequiresRoles
(
value
=
{
RoleConstants
.
ORG_ADMIN
,
RoleConstants
.
TEST_MANAGER
,
RoleConstants
.
TEST_USER
,
RoleConstants
.
TEST_VIEWER
},
logical
=
Logical
.
OR
)
public
List
<
User
>
getMemberList
(
@RequestBody
QueryMemberRequest
request
)
{
// todo 检查是否是该工作空间的所有者 或者是 该工作空间的父级组织的所有者
return
userService
.
getMemberList
(
request
);
}
...
...
@@ -172,7 +174,8 @@ public class UserController {
@PostMapping
(
"/ws/member/add"
)
@RequiresRoles
(
value
=
{
RoleConstants
.
TEST_MANAGER
,
RoleConstants
.
ORG_ADMIN
},
logical
=
Logical
.
OR
)
public
void
addMember
(
@RequestBody
AddMemberRequest
request
)
{
// todo check
String
wsId
=
request
.
getWorkspaceId
();
workspaceService
.
checkWorkspaceOwner
(
wsId
);
userService
.
addMember
(
request
);
}
...
...
@@ -182,7 +185,7 @@ public class UserController {
@GetMapping
(
"/ws/member/delete/{workspaceId}/{userId}"
)
@RequiresRoles
(
value
=
{
RoleConstants
.
TEST_MANAGER
,
RoleConstants
.
ORG_ADMIN
},
logical
=
Logical
.
OR
)
public
void
deleteMember
(
@PathVariable
String
workspaceId
,
@PathVariable
String
userId
)
{
// todo check
workspaceService
.
checkWorkspaceOwner
(
workspaceId
);
userService
.
deleteMember
(
workspaceId
,
userId
);
}
...
...
@@ -190,9 +193,9 @@ public class UserController {
* 添加组织成员
*/
@PostMapping
(
"/org/member/add"
)
@RequiresRoles
(
value
=
{
RoleConstants
.
ORG_ADMIN
,
RoleConstants
.
TEST_MANAGER
},
logical
=
Logical
.
OR
)
@RequiresRoles
(
RoleConstants
.
ORG_ADMIN
)
public
void
addOrganizationMember
(
@RequestBody
AddOrgMemberRequest
request
)
{
// todo check
organizationService
.
checkOrgOwner
(
request
.
getOrganizationId
());
userService
.
addOrganizationMember
(
request
);
}
...
...
@@ -200,9 +203,9 @@ public class UserController {
* 删除组织成员
*/
@GetMapping
(
"/org/member/delete/{organizationId}/{userId}"
)
@RequiresRoles
(
value
=
{
RoleConstants
.
ORG_ADMIN
,
RoleConstants
.
TEST_MANAGER
},
logical
=
Logical
.
OR
)
@RequiresRoles
(
RoleConstants
.
ORG_ADMIN
)
public
void
delOrganizationMember
(
@PathVariable
String
organizationId
,
@PathVariable
String
userId
)
{
// todo check
organizationService
.
checkOrgOwner
(
organizationId
);
userService
.
delOrganizationMember
(
organizationId
,
userId
);
}
...
...
@@ -210,10 +213,8 @@ public class UserController {
* 查询组织成员列表
*/
@PostMapping
(
"/org/member/list/{goPage}/{pageSize}"
)
@RequiresRoles
(
value
=
{
RoleConstants
.
ORG_ADMIN
,
RoleConstants
.
TEST_MANAGER
,
RoleConstants
.
TEST_USER
,
RoleConstants
.
TEST_VIEWER
},
logical
=
Logical
.
OR
)
@RequiresRoles
(
value
=
{
RoleConstants
.
ORG_ADMIN
,
RoleConstants
.
TEST_MANAGER
},
logical
=
Logical
.
OR
)
public
Pager
<
List
<
User
>>
getOrgMemberList
(
@PathVariable
int
goPage
,
@PathVariable
int
pageSize
,
@RequestBody
QueryOrgMemberRequest
request
)
{
// todo check
Page
<
Object
>
page
=
PageHelper
.
startPage
(
goPage
,
pageSize
,
true
);
return
PageUtils
.
setPageInfo
(
page
,
userService
.
getOrgMemberList
(
request
));
}
...
...
@@ -222,10 +223,8 @@ public class UserController {
* 组织成员列表不分页
*/
@PostMapping
(
"/org/member/list/all"
)
@RequiresRoles
(
value
=
{
RoleConstants
.
ORG_ADMIN
,
RoleConstants
.
TEST_MANAGER
,
RoleConstants
.
TEST_USER
,
RoleConstants
.
TEST_VIEWER
},
logical
=
Logical
.
OR
)
@RequiresRoles
(
value
=
{
RoleConstants
.
ORG_ADMIN
,
RoleConstants
.
TEST_MANAGER
},
logical
=
Logical
.
OR
)
public
List
<
User
>
getOrgMemberList
(
@RequestBody
QueryOrgMemberRequest
request
)
{
// todo check
return
userService
.
getOrgMemberList
(
request
);
}
...
...
backend/src/main/java/io/metersphere/controller/UserRoleController.java
浏览文件 @
475ea93a
...
...
@@ -26,6 +26,7 @@ public class UserRoleController {
}
@GetMapping
(
"/list/ws/{workspaceId}/{userId}"
)
@RequiresRoles
(
value
=
{
RoleConstants
.
ADMIN
,
RoleConstants
.
ORG_ADMIN
},
logical
=
Logical
.
OR
)
public
List
<
Role
>
getWorkspaceMemberRole
(
@PathVariable
String
workspaceId
,
@PathVariable
String
userId
)
{
return
userRoleService
.
getWorkspaceMemberRoles
(
workspaceId
,
userId
);
}
...
...
backend/src/main/java/io/metersphere/controller/WorkspaceController.java
浏览文件 @
475ea93a
...
...
@@ -40,7 +40,7 @@ public class WorkspaceController {
@PostMapping
(
"update"
)
@RequiresRoles
(
RoleConstants
.
ORG_ADMIN
)
public
Workspace
updateWorkspace
(
@RequestBody
Workspace
workspace
)
{
workspaceService
.
check
Owner
(
workspace
.
getId
());
workspaceService
.
check
WorkspaceOwnerByOrgAdmin
(
workspace
.
getId
());
return
workspaceService
.
saveWorkspace
(
workspace
);
}
...
...
@@ -53,7 +53,7 @@ public class WorkspaceController {
@GetMapping
(
"delete/{workspaceId}"
)
@RequiresRoles
(
RoleConstants
.
ORG_ADMIN
)
public
void
deleteWorkspace
(
@PathVariable
String
workspaceId
)
{
workspaceService
.
check
Owner
(
workspaceId
);
workspaceService
.
check
WorkspaceOwnerByOrgAdmin
(
workspaceId
);
workspaceService
.
deleteWorkspace
(
workspaceId
);
}
...
...
backend/src/main/java/io/metersphere/service/OrganizationService.java
浏览文件 @
475ea93a
...
...
@@ -6,8 +6,13 @@ import io.metersphere.base.mapper.UserMapper;
import
io.metersphere.base.mapper.UserRoleMapper
;
import
io.metersphere.base.mapper.ext.ExtOrganizationMapper
;
import
io.metersphere.base.mapper.ext.ExtUserRoleMapper
;
import
io.metersphere.commons.constants.RoleConstants
;
import
io.metersphere.commons.exception.MSException
;
import
io.metersphere.dto.OrganizationMemberDTO
;
import
io.metersphere.dto.UserRoleHelpDTO
;
import
io.metersphere.i18n.Translator
;
import
io.metersphere.user.SessionUser
;
import
io.metersphere.user.SessionUtils
;
import
org.apache.commons.lang3.StringUtils
;
import
org.springframework.beans.BeanUtils
;
import
org.springframework.stereotype.Service
;
...
...
@@ -109,4 +114,16 @@ public class OrganizationService {
public
Integer
checkSourceRole
(
String
orgId
,
String
userId
,
String
roleId
)
{
return
extOrganizationMapper
.
checkSourceRole
(
orgId
,
userId
,
roleId
);
}
public
void
checkOrgOwner
(
String
organizationId
)
{
SessionUser
user
=
SessionUtils
.
getUser
();
List
<
String
>
collect
=
user
.
getUserRoles
().
stream
()
.
filter
(
ur
->
RoleConstants
.
ORG_ADMIN
.
equals
(
ur
.
getRoleId
()))
.
map
(
UserRole:
:
getSourceId
)
.
collect
(
Collectors
.
toList
());
if
(!
collect
.
contains
(
organizationId
))
{
MSException
.
throwException
(
Translator
.
get
(
"organization_does_not_belong_to_user"
));
}
}
}
backend/src/main/java/io/metersphere/service/WorkspaceService.java
浏览文件 @
475ea93a
...
...
@@ -91,15 +91,16 @@ public class WorkspaceService {
}
/**
* ORG_ADMIN
需要检查是否有操作此工作空间的权限
* ORG_ADMIN需要检查是否有操作此工作空间的权限
*/
public
void
checkOwner
(
String
workspaceId
)
{
public
void
checkWorkspaceOwnerByOrgAdmin
(
String
workspaceId
)
{
checkWorkspaceIsExist
(
workspaceId
);
WorkspaceExample
example
=
new
WorkspaceExample
();
SessionUser
user
=
SessionUtils
.
getUser
();
List
<
String
>
orgIds
=
user
.
getUserRoles
().
stream
()
.
filter
(
ur
->
RoleConstants
.
ORG_ADMIN
.
equals
(
ur
.
getRoleId
()))
.
map
(
UserRole:
:
getSourceId
)
.
collect
(
Collectors
.
toList
());
WorkspaceExample
example
=
new
WorkspaceExample
();
example
.
createCriteria
()
.
andOrganizationIdIn
(
orgIds
)
.
andIdEqualTo
(
workspaceId
);
...
...
@@ -108,6 +109,48 @@ public class WorkspaceService {
}
}
public
void
checkWorkspaceOwnerByTestManager
(
String
workspaceId
)
{
checkWorkspaceIsExist
(
workspaceId
);
SessionUser
user
=
SessionUtils
.
getUser
();
List
<
String
>
wsIds
=
user
.
getUserRoles
().
stream
()
.
filter
(
ur
->
RoleConstants
.
TEST_MANAGER
.
equals
(
ur
.
getRoleId
()))
.
map
(
UserRole:
:
getSourceId
)
.
collect
(
Collectors
.
toList
());
boolean
contains
=
wsIds
.
contains
(
workspaceId
);
if
(!
contains
)
{
MSException
.
throwException
(
Translator
.
get
(
"workspace_does_not_belong_to_user"
));
}
}
public
void
checkWorkspaceOwner
(
String
workspaceId
)
{
checkWorkspaceIsExist
(
workspaceId
);
WorkspaceExample
example
=
new
WorkspaceExample
();
SessionUser
user
=
SessionUtils
.
getUser
();
List
<
String
>
orgIds
=
user
.
getUserRoles
().
stream
()
.
filter
(
ur
->
RoleConstants
.
ORG_ADMIN
.
equals
(
ur
.
getRoleId
()))
.
map
(
UserRole:
:
getSourceId
)
.
collect
(
Collectors
.
toList
());
example
.
createCriteria
()
.
andOrganizationIdIn
(
orgIds
)
.
andIdEqualTo
(
workspaceId
);
List
<
String
>
wsIds
=
user
.
getUserRoles
().
stream
()
.
filter
(
ur
->
RoleConstants
.
TEST_MANAGER
.
equals
(
ur
.
getRoleId
()))
.
map
(
UserRole:
:
getSourceId
)
.
collect
(
Collectors
.
toList
());
boolean
contains
=
wsIds
.
contains
(
workspaceId
);
if
(
workspaceMapper
.
countByExample
(
example
)
==
0
&&
!
contains
)
{
MSException
.
throwException
(
Translator
.
get
(
"workspace_does_not_belong_to_user"
));
}
}
public
void
checkWorkspaceIsExist
(
String
workspaceId
)
{
WorkspaceExample
example
=
new
WorkspaceExample
();
example
.
createCriteria
().
andIdEqualTo
(
workspaceId
);
if
(
workspaceMapper
.
countByExample
(
example
)
==
0
)
{
MSException
.
throwException
(
"workspace_not_exist"
);
}
}
public
List
<
Workspace
>
getWorkspaceListByUserId
(
String
userId
)
{
List
<
UserRoleHelpDTO
>
userRoleHelpList
=
extUserRoleMapper
.
getUserRoleHelpList
(
userId
);
List
<
String
>
workspaceIds
=
new
ArrayList
<>();
...
...
backend/src/main/resources/i18n/en-US.json
浏览文件 @
475ea93a
...
...
@@ -5,5 +5,6 @@
"project_name_already_exists"
:
"The project name already exists"
,
"workspace_name_is_null"
:
"Workspace name cannot be null"
,
"workspace_name_already_exists"
:
"The workspace name already exists"
,
"workspace_does_not_belong_to_user"
:
"The current workspace does not belong to the current user"
"workspace_does_not_belong_to_user"
:
"The current workspace does not belong to the current user"
,
"organization_does_not_belong_to_user"
:
"The current organization does not belong to the current user"
}
\ No newline at end of file
backend/src/main/resources/i18n/zh-CN.json
浏览文件 @
475ea93a
...
...
@@ -5,5 +5,6 @@
"project_name_already_exists"
:
"项目名称已存在"
,
"workspace_name_is_null"
:
"工作空间名不能为空"
,
"workspace_name_already_exists"
:
"工作空间名已存在"
,
"workspace_does_not_belong_to_user"
:
"当前工作空间不属于当前用户"
"workspace_does_not_belong_to_user"
:
"当前工作空间不属于当前用户"
,
"organization_does_not_belong_to_user"
:
"当前组织不属于当前用户"
}
\ No newline at end of file
编辑
预览
Markdown
is supported
0%
请重试
或
添加新附件
.
添加附件
取消
You are about to add
0
people
to the discussion. Proceed with caution.
先完成此消息的编辑!
取消
想要评论请
注册
或
登录