diff --git a/apollo-adminservice/src/main/java/com/ctrip/apollo/adminservice/controller/AppController.java b/apollo-adminservice/src/main/java/com/ctrip/apollo/adminservice/controller/AppController.java index f886c0189879bb15ce8e60d0656d00da9889e541..cb07c50ca95f76daad0ee3973744721da1b5c0ee 100644 --- a/apollo-adminservice/src/main/java/com/ctrip/apollo/adminservice/controller/AppController.java +++ b/apollo-adminservice/src/main/java/com/ctrip/apollo/adminservice/controller/AppController.java @@ -6,6 +6,7 @@ import org.springframework.beans.factory.annotation.Autowired; import org.springframework.data.domain.Pageable; import org.springframework.http.HttpStatus; import org.springframework.http.ResponseEntity; +import org.springframework.security.core.userdetails.UserDetails; import org.springframework.web.bind.annotation.PathVariable; import org.springframework.web.bind.annotation.RequestBody; import org.springframework.web.bind.annotation.RequestMapping; @@ -16,6 +17,7 @@ import org.springframework.web.bind.annotation.RestController; import com.ctrip.apollo.biz.entity.App; import com.ctrip.apollo.biz.service.AdminService; import com.ctrip.apollo.biz.service.AppService; +import com.ctrip.apollo.common.controller.ActiveUser; import com.ctrip.apollo.common.utils.BeanUtils; import com.ctrip.apollo.core.dto.AppDTO; import com.ctrip.apollo.core.exception.NotFoundException; @@ -30,18 +32,19 @@ public class AppController { private AdminService adminService; @RequestMapping(path = "/apps", method = RequestMethod.POST) - public ResponseEntity create(@RequestBody AppDTO dto) { + public ResponseEntity create(@RequestBody AppDTO dto, @ActiveUser UserDetails user) { App entity = BeanUtils.transfrom(App.class, dto); + entity.setDataChangeCreatedBy(user.getUsername()); entity = adminService.createNewApp(entity); dto = BeanUtils.transfrom(AppDTO.class, entity); return ResponseEntity.status(HttpStatus.CREATED).body(dto); } @RequestMapping(path = "/apps/{appId}", method = RequestMethod.DELETE) - public void delete(@PathVariable("appId") String appId) { + public void delete(@PathVariable("appId") String appId, @ActiveUser UserDetails user) { App entity = appService.findOne(appId); if (entity == null) throw new NotFoundException("app not found for appId " + appId); - appService.delete(entity.getId()); + appService.delete(entity.getId(), user.getUsername()); } @RequestMapping("/apps") @@ -64,13 +67,15 @@ public class AppController { } @RequestMapping(path = "/apps/{appId}", method = RequestMethod.PUT) - public AppDTO update(@PathVariable("appId") String appId, @RequestBody AppDTO dto) { + public AppDTO update(@PathVariable("appId") String appId, @RequestBody AppDTO dto, + @ActiveUser UserDetails user) { if (!appId.equals(dto.getAppId())) { throw new IllegalArgumentException(String .format("Path variable %s is not equals to object field %s", appId, dto.getAppId())); } App entity = appService.findOne(appId); if (entity == null) throw new NotFoundException("app not found for appId " + appId); + entity.setDataChangeLastModifiedBy(user.getUsername()); entity = appService.update(BeanUtils.transfrom(App.class, dto)); return BeanUtils.transfrom(AppDTO.class, entity); } diff --git a/apollo-adminservice/src/main/java/com/ctrip/apollo/adminservice/controller/ClusterController.java b/apollo-adminservice/src/main/java/com/ctrip/apollo/adminservice/controller/ClusterController.java index f7342b1919f3f2a1a61901ef439eee4b0c9c2d03..c18ac2c551f504cdb7cdf47cde0310355f08c72c 100644 --- a/apollo-adminservice/src/main/java/com/ctrip/apollo/adminservice/controller/ClusterController.java +++ b/apollo-adminservice/src/main/java/com/ctrip/apollo/adminservice/controller/ClusterController.java @@ -5,6 +5,7 @@ import java.util.List; import org.springframework.beans.factory.annotation.Autowired; import org.springframework.http.HttpStatus; import org.springframework.http.ResponseEntity; +import org.springframework.security.core.userdetails.UserDetails; import org.springframework.web.bind.annotation.PathVariable; import org.springframework.web.bind.annotation.RequestBody; import org.springframework.web.bind.annotation.RequestMapping; @@ -14,6 +15,7 @@ import org.springframework.web.bind.annotation.RestController; import com.ctrip.apollo.biz.entity.Cluster; import com.ctrip.apollo.biz.service.ClusterService; import com.ctrip.apollo.biz.service.ViewService; +import com.ctrip.apollo.common.controller.ActiveUser; import com.ctrip.apollo.common.utils.BeanUtils; import com.ctrip.apollo.core.dto.ClusterDTO; import com.ctrip.apollo.core.exception.NotFoundException; @@ -29,8 +31,9 @@ public class ClusterController { @RequestMapping(path = "/apps/{appId}/clusters", method = RequestMethod.POST) public ResponseEntity create(@PathVariable("appId") String appId, - @RequestBody ClusterDTO dto) { + @RequestBody ClusterDTO dto, @ActiveUser UserDetails user) { Cluster entity = BeanUtils.transfrom(Cluster.class, dto); + entity.setDataChangeCreatedBy(user.getUsername()); entity = clusterService.save(entity); dto = BeanUtils.transfrom(ClusterDTO.class, entity); return ResponseEntity.status(HttpStatus.CREATED).body(dto); @@ -38,11 +41,11 @@ public class ClusterController { @RequestMapping(path = "/apps/{appId}/clusters/{clusterName}", method = RequestMethod.DELETE) public void delete(@PathVariable("appId") String appId, - @PathVariable("clusterName") String clusterName) { + @PathVariable("clusterName") String clusterName, @ActiveUser UserDetails user) { Cluster entity = clusterService.findOne(appId, clusterName); if (entity == null) throw new NotFoundException("cluster not found for clusterName " + clusterName); - clusterService.delete(entity.getId()); + clusterService.delete(entity.getId(), user.getUsername()); } @RequestMapping("/apps/{appId}/clusters") @@ -55,18 +58,21 @@ public class ClusterController { public ClusterDTO get(@PathVariable("appId") String appId, @PathVariable("clusterName") String clusterName) { Cluster cluster = clusterService.findOne(appId, clusterName); + if (cluster == null) throw new NotFoundException("cluster not found for name " + clusterName); return BeanUtils.transfrom(ClusterDTO.class, cluster); } @RequestMapping(path = "/apps/{appId}/clusters/{clusterName}", method = RequestMethod.PUT) public ClusterDTO update(@PathVariable("appId") String appId, - @PathVariable("clusterName") String clusterName, @RequestBody ClusterDTO dto) { + @PathVariable("clusterName") String clusterName, @RequestBody ClusterDTO dto, + @ActiveUser UserDetails user) { if (!clusterName.equals(dto.getName())) { throw new IllegalArgumentException(String .format("Path variable %s is not equals to object field %s", clusterName, dto.getName())); } Cluster entity = clusterService.findOne(appId, clusterName); if (entity == null) throw new NotFoundException("cluster not found for name " + clusterName); + entity.setDataChangeLastModifiedBy(user.getUsername()); entity = clusterService.update(BeanUtils.transfrom(Cluster.class, dto)); return BeanUtils.transfrom(ClusterDTO.class, entity); } diff --git a/apollo-adminservice/src/main/java/com/ctrip/apollo/adminservice/controller/ItemController.java b/apollo-adminservice/src/main/java/com/ctrip/apollo/adminservice/controller/ItemController.java index a6f6e397edf19193c9bbb0f421229c1864f99eaa..d76f477503b910befb14f4333ab30eb51778647a 100644 --- a/apollo-adminservice/src/main/java/com/ctrip/apollo/adminservice/controller/ItemController.java +++ b/apollo-adminservice/src/main/java/com/ctrip/apollo/adminservice/controller/ItemController.java @@ -5,6 +5,7 @@ import java.util.List; import org.springframework.beans.factory.annotation.Autowired; import org.springframework.http.HttpStatus; import org.springframework.http.ResponseEntity; +import org.springframework.security.core.userdetails.UserDetails; import org.springframework.web.bind.annotation.PathVariable; import org.springframework.web.bind.annotation.RequestBody; import org.springframework.web.bind.annotation.RequestMapping; @@ -14,6 +15,7 @@ import org.springframework.web.bind.annotation.RestController; import com.ctrip.apollo.biz.entity.Item; import com.ctrip.apollo.biz.service.ItemService; import com.ctrip.apollo.biz.service.ViewService; +import com.ctrip.apollo.common.controller.ActiveUser; import com.ctrip.apollo.common.utils.BeanUtils; import com.ctrip.apollo.core.dto.ItemDTO; import com.ctrip.apollo.core.exception.NotFoundException; @@ -28,18 +30,19 @@ public class ItemController { private ItemService itemService; @RequestMapping(path = "/items/", method = RequestMethod.POST) - public ResponseEntity create(@RequestBody ItemDTO dto) { + public ResponseEntity create(@RequestBody ItemDTO dto, @ActiveUser UserDetails user) { Item entity = BeanUtils.transfrom(Item.class, dto); + entity.setDataChangeCreatedBy(user.getUsername()); entity = itemService.save(entity); dto = BeanUtils.transfrom(ItemDTO.class, entity); return ResponseEntity.status(HttpStatus.CREATED).body(dto); } @RequestMapping(path = "/items/{itemId}", method = RequestMethod.DELETE) - public void delete(@PathVariable("itemId") long itemId) { + public void delete(@PathVariable("itemId") long itemId, @ActiveUser UserDetails user) { Item entity = itemService.findOne(itemId); if (entity == null) throw new NotFoundException("item not found for itemId " + itemId); - itemService.delete(entity.getId()); + itemService.delete(entity.getId(), user.getUsername()); } @RequestMapping("/apps/{appId}/clusters/{clusterName}/namespaces/{namespaceName}/items") @@ -53,13 +56,16 @@ public class ItemController { @RequestMapping("/items/{itemId}") public ItemDTO get(@PathVariable("itemId") long itemId) { Item item = itemService.findOne(itemId); + if (item == null) throw new NotFoundException("item not found for itemId " + itemId); return BeanUtils.transfrom(ItemDTO.class, item); } @RequestMapping(path = "/item/{itemId}", method = RequestMethod.PUT) - public ItemDTO update(@PathVariable("itemId") long itemId, @RequestBody ItemDTO dto) { + public ItemDTO update(@PathVariable("itemId") long itemId, @RequestBody ItemDTO dto, + @ActiveUser UserDetails user) { Item entity = itemService.findOne(itemId); if (entity == null) throw new NotFoundException("item not found for itemId " + itemId); + entity.setDataChangeLastModifiedBy(user.getUsername()); entity = itemService.update(BeanUtils.transfrom(Item.class, dto)); return BeanUtils.transfrom(ItemDTO.class, entity); } diff --git a/apollo-adminservice/src/main/java/com/ctrip/apollo/adminservice/controller/ItemSetController.java b/apollo-adminservice/src/main/java/com/ctrip/apollo/adminservice/controller/ItemSetController.java index a55eb3d868aab42028184bf7ab95e3b688612cbc..b5bf67efe4790a6aa11a3cc81f20aca5c5ca7e2e 100644 --- a/apollo-adminservice/src/main/java/com/ctrip/apollo/adminservice/controller/ItemSetController.java +++ b/apollo-adminservice/src/main/java/com/ctrip/apollo/adminservice/controller/ItemSetController.java @@ -3,12 +3,14 @@ package com.ctrip.apollo.adminservice.controller; import org.springframework.beans.factory.annotation.Autowired; import org.springframework.http.HttpStatus; import org.springframework.http.ResponseEntity; +import org.springframework.security.core.userdetails.UserDetails; import org.springframework.web.bind.annotation.RequestBody; import org.springframework.web.bind.annotation.RequestMapping; import org.springframework.web.bind.annotation.RequestMethod; import org.springframework.web.bind.annotation.RestController; import com.ctrip.apollo.biz.service.ItemSetService; +import com.ctrip.apollo.common.controller.ActiveUser; import com.ctrip.apollo.core.dto.ItemChangeSets; @RestController @@ -18,8 +20,8 @@ public class ItemSetController { private ItemSetService itemSetService; @RequestMapping(path = "/apps/{appId}/clusters/{clusterName}/namespaces/{namespaceName}/itemset", method = RequestMethod.POST) - public ResponseEntity create(@RequestBody ItemChangeSets changeSet) { - itemSetService.updateSet(changeSet); + public ResponseEntity create(@RequestBody ItemChangeSets changeSet, @ActiveUser UserDetails user) { + itemSetService.updateSet(changeSet, user.getUsername()); return ResponseEntity.status(HttpStatus.OK).build(); } } diff --git a/apollo-adminservice/src/main/java/com/ctrip/apollo/adminservice/controller/NamespaceController.java b/apollo-adminservice/src/main/java/com/ctrip/apollo/adminservice/controller/NamespaceController.java index 0f728f695fa5268446f018d0153847e32e5a61d1..7fc5d0ffd51b051fb27842ea2fd9ab045fe8f569 100644 --- a/apollo-adminservice/src/main/java/com/ctrip/apollo/adminservice/controller/NamespaceController.java +++ b/apollo-adminservice/src/main/java/com/ctrip/apollo/adminservice/controller/NamespaceController.java @@ -5,6 +5,7 @@ import java.util.List; import org.springframework.beans.factory.annotation.Autowired; import org.springframework.http.HttpStatus; import org.springframework.http.ResponseEntity; +import org.springframework.security.core.userdetails.UserDetails; import org.springframework.web.bind.annotation.PathVariable; import org.springframework.web.bind.annotation.RequestBody; import org.springframework.web.bind.annotation.RequestMapping; @@ -14,6 +15,7 @@ import org.springframework.web.bind.annotation.RestController; import com.ctrip.apollo.biz.entity.Namespace; import com.ctrip.apollo.biz.service.NamespaceService; import com.ctrip.apollo.biz.service.ViewService; +import com.ctrip.apollo.common.controller.ActiveUser; import com.ctrip.apollo.common.utils.BeanUtils; import com.ctrip.apollo.core.dto.NamespaceDTO; import com.ctrip.apollo.core.exception.NotFoundException; @@ -29,7 +31,8 @@ public class NamespaceController { @RequestMapping(path = "/apps/{appId}/clusters/{clusterName}/namespaces", method = RequestMethod.POST) public ResponseEntity create(@PathVariable("appId") String appId, - @PathVariable("clusterName") String clusterName, @RequestBody NamespaceDTO dto) { + @PathVariable("clusterName") String clusterName, @RequestBody NamespaceDTO dto, + @ActiveUser UserDetails user) { if (!appId.equals(dto.getAppId())) { throw new IllegalArgumentException(String .format("Path variable %s is not equals to object field %s", appId, dto.getAppId())); @@ -39,6 +42,7 @@ public class NamespaceController { "Path variable %s is not equals to object field %s", clusterName, dto.getClusterName())); } Namespace entity = BeanUtils.transfrom(Namespace.class, dto); + entity.setDataChangeCreatedBy(user.getUsername()); entity = namespaceService.save(entity); dto = BeanUtils.transfrom(NamespaceDTO.class, entity); return ResponseEntity.status(HttpStatus.CREATED).body(dto); @@ -47,11 +51,11 @@ public class NamespaceController { @RequestMapping(path = "/apps/{appId}/clusters/{clusterName}/namespaces/{namespaceName}", method = RequestMethod.DELETE) public void delete(@PathVariable("appId") String appId, @PathVariable("clusterName") String clusterName, - @PathVariable("namespaceName") String namespaceName) { + @PathVariable("namespaceName") String namespaceName, @ActiveUser UserDetails user) { Namespace entity = namespaceService.findOne(appId, clusterName, namespaceName); if (entity == null) throw new NotFoundException( String.format("namespace not found for %s %s %s", appId, clusterName, namespaceName)); - namespaceService.delete(entity.getId()); + namespaceService.delete(entity.getId(), user.getUsername()); } @RequestMapping("/apps/{appId}/clusters/{clusterName}/namespaces") @@ -82,7 +86,8 @@ public class NamespaceController { @RequestMapping(path = "/apps/{appId}/clusters/{clusterName}/namespaces/{namespaceName}", method = RequestMethod.PUT) public NamespaceDTO update(@PathVariable("appId") String appId, @PathVariable("clusterName") String clusterName, - @PathVariable("namespaceName") String namespaceName, @RequestBody NamespaceDTO dto) { + @PathVariable("namespaceName") String namespaceName, @RequestBody NamespaceDTO dto, + @ActiveUser UserDetails user) { if (!appId.equals(dto.getAppId())) { throw new IllegalArgumentException(String .format("Path variable %s is not equals to object field %s", appId, dto.getAppId())); @@ -99,6 +104,7 @@ public class NamespaceController { Namespace entity = namespaceService.findOne(appId, clusterName, namespaceName); if (entity == null) throw new NotFoundException( String.format("namespace not found for %s %s %s", appId, clusterName, namespaceName)); + entity.setDataChangeLastModifiedBy(user.getUsername()); entity = namespaceService.update(BeanUtils.transfrom(Namespace.class, dto)); return BeanUtils.transfrom(NamespaceDTO.class, entity); } diff --git a/apollo-adminservice/src/main/java/com/ctrip/apollo/adminservice/controller/ReleaseController.java b/apollo-adminservice/src/main/java/com/ctrip/apollo/adminservice/controller/ReleaseController.java index 7de0ddc30f00e09571ca8c941417187e6eb71b01..d72b10b6247c43ac41b46a1ede2e0739e063254f 100644 --- a/apollo-adminservice/src/main/java/com/ctrip/apollo/adminservice/controller/ReleaseController.java +++ b/apollo-adminservice/src/main/java/com/ctrip/apollo/adminservice/controller/ReleaseController.java @@ -3,6 +3,7 @@ package com.ctrip.apollo.adminservice.controller; import java.util.List; import org.springframework.beans.factory.annotation.Autowired; +import org.springframework.security.core.userdetails.UserDetails; import org.springframework.web.bind.annotation.PathVariable; import org.springframework.web.bind.annotation.RequestMapping; import org.springframework.web.bind.annotation.RequestMethod; @@ -13,6 +14,7 @@ import com.ctrip.apollo.biz.entity.Release; import com.ctrip.apollo.biz.service.ConfigService; import com.ctrip.apollo.biz.service.ReleaseService; import com.ctrip.apollo.biz.service.ViewService; +import com.ctrip.apollo.common.controller.ActiveUser; import com.ctrip.apollo.common.utils.BeanUtils; import com.ctrip.apollo.core.dto.ReleaseDTO; import com.ctrip.apollo.core.exception.NotFoundException; @@ -47,12 +49,12 @@ public class ReleaseController { @RequestMapping("/apps/{appId}/clusters/{clusterName}/namespaces/{namespaceName}/releases/latest") public ReleaseDTO getLatest(@PathVariable("appId") String appId, - @PathVariable("clusterName") String clusterName, - @PathVariable("namespaceName") String namespaceName) { + @PathVariable("clusterName") String clusterName, + @PathVariable("namespaceName") String namespaceName) { Release release = configService.findRelease(appId, clusterName, namespaceName); if (release == null) { - throw new NotFoundException( - String.format("latest release not found for %s %s %s", appId, clusterName, namespaceName)); + throw new NotFoundException(String.format("latest release not found for %s %s %s", appId, + clusterName, namespaceName)); } else { return BeanUtils.transfrom(ReleaseDTO.class, release); } @@ -62,8 +64,10 @@ public class ReleaseController { public ReleaseDTO buildRelease(@PathVariable("appId") String appId, @PathVariable("clusterName") String clusterName, @PathVariable("namespaceName") String namespaceName, @RequestParam("name") String name, - @RequestParam(name = "comment", required = false) String comment) { - Release release = releaseService.buildRelease(name, comment, appId, clusterName, namespaceName); + @RequestParam(name = "comment", required = false) String comment, + @ActiveUser UserDetails user) { + Release release = releaseService.buildRelease(name, comment, appId, clusterName, namespaceName, + user.getUsername()); return BeanUtils.transfrom(ReleaseDTO.class, release); } } diff --git a/apollo-adminservice/src/test/java/com/ctrip/apollo/adminservice/controller/AbstractControllerTest.java b/apollo-adminservice/src/test/java/com/ctrip/apollo/adminservice/controller/AbstractControllerTest.java index e5a8e4f312b96729347a6a17f57d5cc9272137e5..42431826030630323574ede13389f1f010175277 100644 --- a/apollo-adminservice/src/test/java/com/ctrip/apollo/adminservice/controller/AbstractControllerTest.java +++ b/apollo-adminservice/src/test/java/com/ctrip/apollo/adminservice/controller/AbstractControllerTest.java @@ -15,7 +15,7 @@ import com.ctrip.apollo.AdminServiceTestConfiguration; @WebIntegrationTest(randomPort = true) public abstract class AbstractControllerTest { - RestTemplate restTemplate = new TestRestTemplate(); + RestTemplate restTemplate = new TestRestTemplate("user", ""); @Value("${local.server.port}") int port; diff --git a/apollo-adminservice/src/test/java/com/ctrip/apollo/adminservice/controller/ItemSetControllerTest.java b/apollo-adminservice/src/test/java/com/ctrip/apollo/adminservice/controller/ItemSetControllerTest.java index 5c3e956ec0c1df408e07fc5ac8f1923eaab548b7..c93cfa225c5e35746d841b441dc0af05180f3a31 100644 --- a/apollo-adminservice/src/test/java/com/ctrip/apollo/adminservice/controller/ItemSetControllerTest.java +++ b/apollo-adminservice/src/test/java/com/ctrip/apollo/adminservice/controller/ItemSetControllerTest.java @@ -5,6 +5,7 @@ import java.util.List; import org.junit.Assert; import org.junit.Test; import org.springframework.beans.factory.annotation.Autowired; +import org.springframework.boot.test.TestRestTemplate; import org.springframework.http.HttpStatus; import org.springframework.http.ResponseEntity; import org.springframework.test.context.jdbc.Sql; @@ -44,7 +45,7 @@ public class ItemSetControllerTest extends AbstractControllerTest { Assert.assertEquals("application", namespace.getNamespaceName()); ItemChangeSets itemSet = new ItemChangeSets(); - itemSet.setModifyBy("created"); + restTemplate = new TestRestTemplate("created", ""); int createdSize = 3; for (int i = 0; i < createdSize; i++) { @@ -91,8 +92,8 @@ public class ItemSetControllerTest extends AbstractControllerTest { Assert.assertEquals("application", namespace.getNamespaceName()); ItemChangeSets createChangeSet = new ItemChangeSets(); - createChangeSet.setModifyBy("created"); - + restTemplate = new TestRestTemplate("created", ""); + int createdSize = 3; for (int i = 0; i < createdSize; i++) { ItemDTO item = new ItemDTO(); @@ -115,8 +116,8 @@ public class ItemSetControllerTest extends AbstractControllerTest { ItemDTO[].class); ItemChangeSets udpateChangeSet = new ItemChangeSets(); - udpateChangeSet.setModifyBy("updated"); - + restTemplate = new TestRestTemplate("updated", ""); + int updatedSize = 2; for (int i = 0; i < updatedSize; i++) { items[i].setValue("updated_value_" + i); @@ -160,8 +161,8 @@ public class ItemSetControllerTest extends AbstractControllerTest { Assert.assertEquals("application", namespace.getNamespaceName()); ItemChangeSets createChangeSet = new ItemChangeSets(); - createChangeSet.setModifyBy("created"); - + restTemplate = new TestRestTemplate("created", ""); + int createdSize = 3; for (int i = 0; i < createdSize; i++) { ItemDTO item = new ItemDTO(); @@ -184,8 +185,8 @@ public class ItemSetControllerTest extends AbstractControllerTest { ItemDTO[].class); ItemChangeSets deleteChangeSet = new ItemChangeSets(); - deleteChangeSet.setModifyBy("deleted"); - + restTemplate = new TestRestTemplate("deleted", ""); + int deletedSize = 1; for (int i = 0; i < deletedSize; i++) { items[i].setValue("deleted_value_" + i); diff --git a/apollo-adminservice/src/test/java/com/ctrip/apollo/adminservice/controller/TestWebSecurityConfig.java b/apollo-adminservice/src/test/java/com/ctrip/apollo/adminservice/controller/TestWebSecurityConfig.java new file mode 100644 index 0000000000000000000000000000000000000000..7654901cc3ea07d55c86580393940e3cc8390673 --- /dev/null +++ b/apollo-adminservice/src/test/java/com/ctrip/apollo/adminservice/controller/TestWebSecurityConfig.java @@ -0,0 +1,28 @@ +package com.ctrip.apollo.adminservice.controller; + +import org.springframework.beans.factory.annotation.Autowired; +import org.springframework.context.annotation.Configuration; +import org.springframework.core.annotation.Order; +import org.springframework.security.config.annotation.authentication.builders.AuthenticationManagerBuilder; +import org.springframework.security.config.annotation.web.builders.HttpSecurity; +import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter; + +@Configuration +@Order(99) +public class TestWebSecurityConfig extends WebSecurityConfigurerAdapter { + + @Override + protected void configure(HttpSecurity http) throws Exception { + http.httpBasic(); + http.csrf().disable(); + } + + @Autowired + public void configureGlobal(AuthenticationManagerBuilder auth) throws Exception { + auth.inMemoryAuthentication().withUser("user").password("").roles("USER"); + auth.inMemoryAuthentication().withUser("apollo").password("").roles("USER", "ADMIN"); + auth.inMemoryAuthentication().withUser("created").password("").roles("TEST"); + auth.inMemoryAuthentication().withUser("updated").password("").roles("TEST"); + auth.inMemoryAuthentication().withUser("deleted").password("").roles("TEST"); + } +} diff --git a/apollo-biz/src/main/java/com/ctrip/apollo/biz/entity/App.java b/apollo-biz/src/main/java/com/ctrip/apollo/biz/entity/App.java index 99d3cb1f994b1f55bcbe282b0ddf53112bacde3d..f1a02fe28cac2f21f9d856a11f7075307988ee54 100644 --- a/apollo-biz/src/main/java/com/ctrip/apollo/biz/entity/App.java +++ b/apollo-biz/src/main/java/com/ctrip/apollo/biz/entity/App.java @@ -56,4 +56,9 @@ public class App extends BaseEntity { public void setOwnerName(String ownerName) { this.ownerName = ownerName; } + + public String toString() { + return toStringHelper().add("name", name).add("appId", appId).add("ownerName", ownerName) + .add("ownerEmail", ownerEmail).toString(); + } } diff --git a/apollo-biz/src/main/java/com/ctrip/apollo/biz/entity/AppNamespace.java b/apollo-biz/src/main/java/com/ctrip/apollo/biz/entity/AppNamespace.java index cd16509c65d093a512e949ef149f36310564203c..5de3c9bbdd19d7e7b670976c6facb96a2c09cf37 100644 --- a/apollo-biz/src/main/java/com/ctrip/apollo/biz/entity/AppNamespace.java +++ b/apollo-biz/src/main/java/com/ctrip/apollo/biz/entity/AppNamespace.java @@ -46,4 +46,8 @@ public class AppNamespace extends BaseEntity { this.name = name; } + public String toString() { + return toStringHelper().add("name", name).add("appId", appId).add("comment", comment) + .toString(); + } } diff --git a/apollo-biz/src/main/java/com/ctrip/apollo/biz/entity/Audit.java b/apollo-biz/src/main/java/com/ctrip/apollo/biz/entity/Audit.java new file mode 100644 index 0000000000000000000000000000000000000000..e47457f9884c62bbbb86d04fb5a88212a3437ed0 --- /dev/null +++ b/apollo-biz/src/main/java/com/ctrip/apollo/biz/entity/Audit.java @@ -0,0 +1,68 @@ +package com.ctrip.apollo.biz.entity; + +import javax.persistence.Column; +import javax.persistence.Entity; +import javax.persistence.Table; + +import org.hibernate.annotations.SQLDelete; +import org.hibernate.annotations.Where; + +@Entity +@Table(name = "Audit") +@SQLDelete(sql = "Update Audit set isDeleted = 1 where id = ?") +@Where(clause = "isDeleted = 0") +public class Audit extends BaseEntity { + + public enum OP { + INSERT, UPDATE, DELETE + } + + @Column(name = "EntityName", nullable = false) + private String entityName; + + @Column(name = "EntityId") + private Long entityId; + + @Column(name = "OpName", nullable = false) + private String opName; + + @Column(name = "Comment") + private String comment; + + public String getComment() { + return comment; + } + + public Long getEntityId() { + return entityId; + } + + public String getEntityName() { + return entityName; + } + + public String getOpName() { + return opName; + } + + public void setComment(String comment) { + this.comment = comment; + } + + public void setEntityId(Long entityId) { + this.entityId = entityId; + } + + public void setEntityName(String entityName) { + this.entityName = entityName; + } + + public void setOpName(String opName) { + this.opName = opName; + } + + public String toString() { + return toStringHelper().add("entityName", entityName).add("entityId", entityId) + .add("opName", opName).add("comment", comment).toString(); + } +} diff --git a/apollo-biz/src/main/java/com/ctrip/apollo/biz/entity/BaseEntity.java b/apollo-biz/src/main/java/com/ctrip/apollo/biz/entity/BaseEntity.java index 97b0ea268b724e766dce0abe5ef373b5e8efaf0f..1a47b3708ea1276b21e7afc568fb58f1db0905c8 100644 --- a/apollo-biz/src/main/java/com/ctrip/apollo/biz/entity/BaseEntity.java +++ b/apollo-biz/src/main/java/com/ctrip/apollo/biz/entity/BaseEntity.java @@ -12,6 +12,9 @@ import javax.persistence.PrePersist; import javax.persistence.PreRemove; import javax.persistence.PreUpdate; +import com.google.common.base.MoreObjects; +import com.google.common.base.MoreObjects.ToStringHelper; + @MappedSuperclass @Inheritance(strategy = InheritanceType.TABLE_PER_CLASS) public abstract class BaseEntity { @@ -24,10 +27,10 @@ public abstract class BaseEntity { @Column(name = "IsDeleted", columnDefinition = "Bit default '0'") protected boolean isDeleted = false; - @Column(name = "DataChange_CreatedBy") + @Column(name = "DataChange_CreatedBy", nullable = false) private String dataChangeCreatedBy; - @Column(name = "DataChange_CreatedTime") + @Column(name = "DataChange_CreatedTime", nullable = false) private Date dataChangeCreatedTime; @Column(name = "DataChange_LastModifiedBy") @@ -85,18 +88,29 @@ public abstract class BaseEntity { } @PrePersist - private void prePersist() { + protected void prePersist() { if (this.dataChangeCreatedTime == null) dataChangeCreatedTime = new Date(); } @PreUpdate - private void preUpdate() { + protected void preUpdate() { this.dataChangeLastModifiedTime = new Date(); } @PreRemove - private void preRemove() { + protected void preRemove() { this.dataChangeLastModifiedTime = new Date(); } + protected ToStringHelper toStringHelper() { + return MoreObjects.toStringHelper(this).omitNullValues().add("id", id) + .add("dataChangeCreatedBy", dataChangeCreatedBy) + .add("dataChangeCreatedTime", dataChangeCreatedTime) + .add("dataChangeLastModifiedBy", dataChangeLastModifiedBy) + .add("dataChangeLastModifiedTime", dataChangeLastModifiedTime); + } + + public String toString(){ + return toStringHelper().toString(); + } } diff --git a/apollo-biz/src/main/java/com/ctrip/apollo/biz/entity/Cluster.java b/apollo-biz/src/main/java/com/ctrip/apollo/biz/entity/Cluster.java index 76e8b6874b721793c3ad2d958c80cac4586484f4..0fd9e79b86a8c35c0d9620fc56eb0e12ecca074a 100644 --- a/apollo-biz/src/main/java/com/ctrip/apollo/biz/entity/Cluster.java +++ b/apollo-biz/src/main/java/com/ctrip/apollo/biz/entity/Cluster.java @@ -38,4 +38,7 @@ public class Cluster extends BaseEntity { this.name = name; } + public String toString() { + return toStringHelper().add("name", name).add("appId", appId).toString(); + } } diff --git a/apollo-biz/src/main/java/com/ctrip/apollo/biz/entity/Item.java b/apollo-biz/src/main/java/com/ctrip/apollo/biz/entity/Item.java index b18367ddcca44177e54fe21f8be34700e9d514fc..64c221f52d75c66be3449840a86582117cbd627a 100644 --- a/apollo-biz/src/main/java/com/ctrip/apollo/biz/entity/Item.java +++ b/apollo-biz/src/main/java/com/ctrip/apollo/biz/entity/Item.java @@ -67,4 +67,9 @@ public class Item extends BaseEntity { public void setLineNum(Integer lineNum) { this.lineNum = lineNum; } + + public String toString() { + return toStringHelper().add("namespaceId", namespaceId).add("key", key).add("value", value) + .add("lineNum", lineNum).add("comment", comment).toString(); + } } diff --git a/apollo-biz/src/main/java/com/ctrip/apollo/biz/entity/Namespace.java b/apollo-biz/src/main/java/com/ctrip/apollo/biz/entity/Namespace.java index 55f313d8fce2edbebffd455a9b360b5ad04b6c56..9dd76edaabd59e0b4c87f0e1d99573eee6fbd066 100644 --- a/apollo-biz/src/main/java/com/ctrip/apollo/biz/entity/Namespace.java +++ b/apollo-biz/src/main/java/com/ctrip/apollo/biz/entity/Namespace.java @@ -46,4 +46,8 @@ public class Namespace extends BaseEntity { this.namespaceName = namespaceName; } + public String toString() { + return toStringHelper().add("appId", appId).add("clusterName", clusterName) + .add("namespaceName", namespaceName).toString(); + } } diff --git a/apollo-biz/src/main/java/com/ctrip/apollo/biz/entity/Privilege.java b/apollo-biz/src/main/java/com/ctrip/apollo/biz/entity/Privilege.java index a323a50ad8aaf92d938702d960bb3383252f2c34..4abba61c162604e931f58ccb3cd21656cdf1a48a 100644 --- a/apollo-biz/src/main/java/com/ctrip/apollo/biz/entity/Privilege.java +++ b/apollo-biz/src/main/java/com/ctrip/apollo/biz/entity/Privilege.java @@ -45,4 +45,9 @@ public class Privilege extends BaseEntity { public void setPrivilType(String privilType) { this.privilType = privilType; } + + public String toString() { + return toStringHelper().add("namespaceId", namespaceId).add("privilType", privilType) + .add("name", name).toString(); + } } diff --git a/apollo-biz/src/main/java/com/ctrip/apollo/biz/entity/Release.java b/apollo-biz/src/main/java/com/ctrip/apollo/biz/entity/Release.java index 38aa0df1d69aef77d8c66c188c685c7fb4fc5bbd..e0ba78ef639e381c5257116daa31632139d07bca 100644 --- a/apollo-biz/src/main/java/com/ctrip/apollo/biz/entity/Release.java +++ b/apollo-biz/src/main/java/com/ctrip/apollo/biz/entity/Release.java @@ -84,4 +84,9 @@ public class Release extends BaseEntity { this.name = name; } + public String toString() { + return toStringHelper().add("name", name).add("appId", appId).add("clusterName", clusterName) + .add("namespaceName", namespaceName).add("configurations", configurations) + .add("comment", comment).toString(); + } } diff --git a/apollo-biz/src/main/java/com/ctrip/apollo/biz/repository/AuditRepository.java b/apollo-biz/src/main/java/com/ctrip/apollo/biz/repository/AuditRepository.java new file mode 100644 index 0000000000000000000000000000000000000000..7e5efc1951ebcaf88401a0c5d91d35fa261cc6f6 --- /dev/null +++ b/apollo-biz/src/main/java/com/ctrip/apollo/biz/repository/AuditRepository.java @@ -0,0 +1,19 @@ +package com.ctrip.apollo.biz.repository; + +import java.util.List; + +import org.springframework.data.jpa.repository.Query; +import org.springframework.data.repository.PagingAndSortingRepository; +import org.springframework.data.repository.query.Param; + +import com.ctrip.apollo.biz.entity.Audit; + +public interface AuditRepository extends PagingAndSortingRepository { + + @Query("SELECT a from Audit a WHERE a.dataChangeCreatedBy = :owner") + List findByOwner(@Param("owner") String owner); + + @Query("SELECT a from Audit a WHERE a.dataChangeCreatedBy = :owner AND a.entityName =:entity AND a.opName = :op") + List findAudits(@Param("owner") String owner, @Param("entity") String entity, + @Param("op") String op); +} diff --git a/apollo-biz/src/main/java/com/ctrip/apollo/biz/service/AdminService.java b/apollo-biz/src/main/java/com/ctrip/apollo/biz/service/AdminService.java index ff4aa2ea6ad12d7245dfdd585ac7db3cc0a6bb0c..a0c85942ffa8e606874c164245d372df2ace7d6b 100644 --- a/apollo-biz/src/main/java/com/ctrip/apollo/biz/service/AdminService.java +++ b/apollo-biz/src/main/java/com/ctrip/apollo/biz/service/AdminService.java @@ -6,6 +6,7 @@ import org.springframework.transaction.annotation.Transactional; import com.ctrip.apollo.biz.entity.App; import com.ctrip.apollo.biz.entity.AppNamespace; +import com.ctrip.apollo.biz.entity.Audit; import com.ctrip.apollo.biz.entity.Cluster; import com.ctrip.apollo.biz.entity.Namespace; import com.ctrip.apollo.biz.repository.AppNamespaceRepository; @@ -14,9 +15,6 @@ import com.ctrip.apollo.biz.repository.ClusterRepository; import com.ctrip.apollo.biz.repository.NamespaceRepository; import com.ctrip.apollo.core.ConfigConsts; -import java.util.Date; - - @Service public class AdminService { @@ -32,10 +30,16 @@ public class AdminService { @Autowired private ClusterRepository clusterRepository; + @Autowired + private AuditService auditService; + @Transactional public App createNewApp(App app) { String createBy = app.getDataChangeCreatedBy(); App createdApp = appRepository.save(app); + + auditService.audit(App.class.getSimpleName(), createdApp.getId(), Audit.OP.INSERT, createBy); + String appId = createdApp.getAppId(); createDefaultAppNamespace(appId, createBy); @@ -47,36 +51,39 @@ public class AdminService { return app; } - private void createDefaultAppNamespace(String appId, String createBy){ + private void createDefaultAppNamespace(String appId, String createBy) { AppNamespace appNs = new AppNamespace(); appNs.setAppId(appId); appNs.setName(ConfigConsts.NAMESPACE_APPLICATION); appNs.setComment("default app namespace"); appNs.setDataChangeCreatedBy(createBy); - appNs.setDataChangeCreatedTime(new Date()); appNs.setDataChangeLastModifiedBy(createBy); appNamespaceRepository.save(appNs); + + auditService.audit(AppNamespace.class.getSimpleName(), appNs.getId(), Audit.OP.INSERT, + createBy); } - private void createDefaultCluster(String appId, String createBy){ + private void createDefaultCluster(String appId, String createBy) { Cluster cluster = new Cluster(); cluster.setName(ConfigConsts.CLUSTER_NAME_DEFAULT); cluster.setAppId(appId); cluster.setDataChangeCreatedBy(createBy); - cluster.setDataChangeCreatedTime(new Date()); cluster.setDataChangeLastModifiedBy(createBy); clusterRepository.save(cluster); + + auditService.audit(Cluster.class.getSimpleName(), cluster.getId(), Audit.OP.INSERT, createBy); } - private void createDefaultNamespace(String appId, String createBy){ + private void createDefaultNamespace(String appId, String createBy) { Namespace ns = new Namespace(); ns.setAppId(appId); ns.setClusterName(ConfigConsts.CLUSTER_NAME_DEFAULT); ns.setNamespaceName(ConfigConsts.NAMESPACE_APPLICATION); ns.setDataChangeCreatedBy(createBy); - ns.setDataChangeCreatedTime(new Date()); ns.setDataChangeLastModifiedBy(createBy); namespaceRepository.save(ns); + auditService.audit(Namespace.class.getSimpleName(), ns.getId(), Audit.OP.INSERT, createBy); } } diff --git a/apollo-biz/src/main/java/com/ctrip/apollo/biz/service/AppService.java b/apollo-biz/src/main/java/com/ctrip/apollo/biz/service/AppService.java index d08f31ae96f384bef41a6badc9cb063733660cdf..247d668a29687643767fcb37e0c61ed6bac0a5ae 100644 --- a/apollo-biz/src/main/java/com/ctrip/apollo/biz/service/AppService.java +++ b/apollo-biz/src/main/java/com/ctrip/apollo/biz/service/AppService.java @@ -9,6 +9,7 @@ import org.springframework.stereotype.Service; import org.springframework.transaction.annotation.Transactional; import com.ctrip.apollo.biz.entity.App; +import com.ctrip.apollo.biz.entity.Audit; import com.ctrip.apollo.biz.repository.AppRepository; import com.ctrip.apollo.common.utils.BeanUtils; @@ -18,9 +19,14 @@ public class AppService { @Autowired private AppRepository appRepository; + @Autowired + private AuditService auditService; + @Transactional - public void delete(long id) { + public void delete(long id, String owner) { appRepository.delete(id); + + auditService.audit(App.class.getSimpleName(), id, Audit.OP.DELETE, owner); } public List findAll(Pageable pageable) { @@ -38,13 +44,23 @@ public class AppService { @Transactional public App save(App entity) { - return appRepository.save(entity); + App app = appRepository.save(entity); + + auditService.audit(App.class.getSimpleName(), app.getId(), Audit.OP.INSERT, + app.getDataChangeCreatedBy()); + + return app; } @Transactional public App update(App app) { App managedApp = appRepository.findByAppId(app.getAppId()); BeanUtils.copyEntityProperties(app, managedApp); - return appRepository.save(managedApp); + managedApp = appRepository.save(managedApp); + + auditService.audit(App.class.getSimpleName(), managedApp.getId(), Audit.OP.UPDATE, + managedApp.getDataChangeLastModifiedBy()); + + return managedApp; } } diff --git a/apollo-biz/src/main/java/com/ctrip/apollo/biz/service/AuditService.java b/apollo-biz/src/main/java/com/ctrip/apollo/biz/service/AuditService.java new file mode 100644 index 0000000000000000000000000000000000000000..353c324cbc2ce58c37f2bb2479d0fe9656002532 --- /dev/null +++ b/apollo-biz/src/main/java/com/ctrip/apollo/biz/service/AuditService.java @@ -0,0 +1,40 @@ +package com.ctrip.apollo.biz.service; + +import java.util.List; + +import org.springframework.beans.factory.annotation.Autowired; +import org.springframework.stereotype.Service; +import org.springframework.transaction.annotation.Transactional; + +import com.ctrip.apollo.biz.entity.Audit; +import com.ctrip.apollo.biz.repository.AuditRepository; + +@Service +public class AuditService { + + @Autowired + private AuditRepository auditRepository; + + List findByOwner(String owner) { + return auditRepository.findByOwner(owner); + } + + List find(String owner, String entity, String op) { + return auditRepository.findAudits(owner, entity, op); + } + + @Transactional + void audit(String entityName, Long entityId, Audit.OP op, String owner) { + Audit audit = new Audit(); + audit.setEntityName(entityName); + audit.setEntityId(entityId); + audit.setOpName(op.name()); + audit.setDataChangeCreatedBy(owner); + auditRepository.save(audit); + } + + @Transactional + void audit(Audit audit){ + auditRepository.save(audit); + } +} diff --git a/apollo-biz/src/main/java/com/ctrip/apollo/biz/service/ClusterService.java b/apollo-biz/src/main/java/com/ctrip/apollo/biz/service/ClusterService.java index 98ce80c55d6c60674db9c33eb3c6623e7d3f29b8..83c2831548c9424a2a7ea55a65b97f20ed27878d 100644 --- a/apollo-biz/src/main/java/com/ctrip/apollo/biz/service/ClusterService.java +++ b/apollo-biz/src/main/java/com/ctrip/apollo/biz/service/ClusterService.java @@ -4,6 +4,7 @@ import org.springframework.beans.factory.annotation.Autowired; import org.springframework.stereotype.Service; import org.springframework.transaction.annotation.Transactional; +import com.ctrip.apollo.biz.entity.Audit; import com.ctrip.apollo.biz.entity.Cluster; import com.ctrip.apollo.biz.repository.ClusterRepository; import com.ctrip.apollo.common.utils.BeanUtils; @@ -14,18 +15,28 @@ public class ClusterService { @Autowired private ClusterRepository clusterRepository; + @Autowired + private AuditService auditService; + public Cluster findOne(String appId, String name) { return clusterRepository.findByAppIdAndName(appId, name); } @Transactional public Cluster save(Cluster entity) { - return clusterRepository.save(entity); + Cluster cluster = clusterRepository.save(entity); + + auditService.audit(Cluster.class.getSimpleName(), cluster.getId(), Audit.OP.INSERT, + cluster.getDataChangeCreatedBy()); + + return cluster; } @Transactional - public void delete(long id) { + public void delete(long id, String owner) { clusterRepository.delete(id); + + auditService.audit(Cluster.class.getSimpleName(), id, Audit.OP.DELETE, owner); } @Transactional @@ -33,6 +44,11 @@ public class ClusterService { Cluster managedCluster = clusterRepository.findByAppIdAndName(cluster.getAppId(), cluster.getName()); BeanUtils.copyEntityProperties(cluster, managedCluster); - return clusterRepository.save(managedCluster); + managedCluster = clusterRepository.save(managedCluster); + + auditService.audit(Cluster.class.getSimpleName(), managedCluster.getId(), Audit.OP.UPDATE, + managedCluster.getDataChangeLastModifiedBy()); + + return managedCluster; } } diff --git a/apollo-biz/src/main/java/com/ctrip/apollo/biz/service/ItemService.java b/apollo-biz/src/main/java/com/ctrip/apollo/biz/service/ItemService.java index 5ef882b27d1f37ee20f2973ab02acf15b79e9f65..8a6e1b3d6e00de7f0ae907a871ba2be9f2313500 100644 --- a/apollo-biz/src/main/java/com/ctrip/apollo/biz/service/ItemService.java +++ b/apollo-biz/src/main/java/com/ctrip/apollo/biz/service/ItemService.java @@ -4,6 +4,7 @@ import org.springframework.beans.factory.annotation.Autowired; import org.springframework.stereotype.Service; import org.springframework.transaction.annotation.Transactional; +import com.ctrip.apollo.biz.entity.Audit; import com.ctrip.apollo.biz.entity.Item; import com.ctrip.apollo.biz.repository.ItemRepository; import com.ctrip.apollo.common.utils.BeanUtils; @@ -14,9 +15,14 @@ public class ItemService { @Autowired private ItemRepository itemRepository; + @Autowired + private AuditService auditService; + @Transactional - public void delete(long id) { + public void delete(long id, String owner) { itemRepository.delete(id); + + auditService.audit(Item.class.getSimpleName(), id, Audit.OP.DELETE, owner); } public Item findOne(long itemId) { @@ -25,15 +31,25 @@ public class ItemService { } @Transactional - public Item save(Item item) { - return itemRepository.save(item); + public Item save(Item entity) { + Item item = itemRepository.save(entity); + + auditService.audit(Item.class.getSimpleName(), item.getId(), Audit.OP.INSERT, + item.getDataChangeCreatedBy()); + + return item; } @Transactional public Item update(Item item) { Item managedItem = itemRepository.findOne(item.getId()); BeanUtils.copyEntityProperties(item, managedItem); - return itemRepository.save(managedItem); + managedItem = itemRepository.save(managedItem); + + auditService.audit(Item.class.getSimpleName(), managedItem.getId(), Audit.OP.UPDATE, + managedItem.getDataChangeLastModifiedBy()); + + return managedItem; } } diff --git a/apollo-biz/src/main/java/com/ctrip/apollo/biz/service/ItemSetService.java b/apollo-biz/src/main/java/com/ctrip/apollo/biz/service/ItemSetService.java index 7ca8c24ad500b5f8a6afd81b2ca88cbdfff85810..ab287be2c1221edd205147c86e155f38383179cf 100644 --- a/apollo-biz/src/main/java/com/ctrip/apollo/biz/service/ItemSetService.java +++ b/apollo-biz/src/main/java/com/ctrip/apollo/biz/service/ItemSetService.java @@ -4,6 +4,7 @@ import org.springframework.beans.factory.annotation.Autowired; import org.springframework.stereotype.Service; import org.springframework.transaction.annotation.Transactional; +import com.ctrip.apollo.biz.entity.Audit; import com.ctrip.apollo.biz.entity.Item; import com.ctrip.apollo.biz.repository.ItemRepository; import com.ctrip.apollo.common.utils.BeanUtils; @@ -16,15 +17,19 @@ public class ItemSetService { @Autowired private ItemRepository itemRepository; + @Autowired + private AuditService auditService; + @Transactional - public void updateSet(ItemChangeSets changeSet) { + public void updateSet(ItemChangeSets changeSet, String owner) { if (changeSet.getCreateItems() != null) { for (ItemDTO item : changeSet.getCreateItems()) { Item entity = BeanUtils.transfrom(Item.class, item); - entity.setDataChangeCreatedBy(changeSet.getModifyBy()); - entity.setDataChangeLastModifiedBy(changeSet.getModifyBy()); + entity.setDataChangeCreatedBy(owner); + entity.setDataChangeLastModifiedBy(owner); itemRepository.save(entity); } + auditService.audit("ItemSet", null, Audit.OP.INSERT, owner); } if (changeSet.getUpdateItems() != null) { @@ -32,18 +37,20 @@ public class ItemSetService { Item entity = BeanUtils.transfrom(Item.class, item); Item managedItem = itemRepository.findOne(entity.getId()); BeanUtils.copyEntityProperties(entity, managedItem); - managedItem.setDataChangeLastModifiedBy(changeSet.getModifyBy()); + managedItem.setDataChangeLastModifiedBy(owner); itemRepository.save(managedItem); } + auditService.audit("ItemSet", null, Audit.OP.UPDATE, owner); } if (changeSet.getDeleteItems() != null) { for (ItemDTO item : changeSet.getDeleteItems()) { Item entity = BeanUtils.transfrom(Item.class, item); - entity.setDataChangeLastModifiedBy(changeSet.getModifyBy()); + entity.setDataChangeLastModifiedBy(owner); itemRepository.save(entity); itemRepository.delete(item.getId()); } + auditService.audit("ItemSet", null, Audit.OP.DELETE, owner); } } } diff --git a/apollo-biz/src/main/java/com/ctrip/apollo/biz/service/NamespaceService.java b/apollo-biz/src/main/java/com/ctrip/apollo/biz/service/NamespaceService.java index 7d30986e58fdf232d4afd863a3192ad82bfd28f1..9a9410aefbef3b032e4824e17c196c6dcb549749 100644 --- a/apollo-biz/src/main/java/com/ctrip/apollo/biz/service/NamespaceService.java +++ b/apollo-biz/src/main/java/com/ctrip/apollo/biz/service/NamespaceService.java @@ -4,6 +4,7 @@ import org.springframework.beans.factory.annotation.Autowired; import org.springframework.stereotype.Service; import org.springframework.transaction.annotation.Transactional; +import com.ctrip.apollo.biz.entity.Audit; import com.ctrip.apollo.biz.entity.Namespace; import com.ctrip.apollo.biz.repository.NamespaceRepository; import com.ctrip.apollo.common.utils.BeanUtils; @@ -14,9 +15,14 @@ public class NamespaceService { @Autowired private NamespaceRepository namespaceRepository; + @Autowired + private AuditService auditService; + @Transactional - public void delete(long id) { + public void delete(long id, String owner) { namespaceRepository.delete(id); + + auditService.audit(Namespace.class.getSimpleName(), id, Audit.OP.DELETE, owner); } public Namespace findOne(Long namespaceId) { @@ -30,7 +36,12 @@ public class NamespaceService { @Transactional public Namespace save(Namespace entity) { - return namespaceRepository.save(entity); + Namespace namespace = namespaceRepository.save(entity); + + auditService.audit(Namespace.class.getSimpleName(), namespace.getId(), Audit.OP.INSERT, + namespace.getDataChangeCreatedBy()); + + return namespace; } @Transactional @@ -38,6 +49,11 @@ public class NamespaceService { Namespace managedNamespace = namespaceRepository.findByAppIdAndClusterNameAndNamespaceName( namespace.getAppId(), namespace.getClusterName(), namespace.getNamespaceName()); BeanUtils.copyEntityProperties(namespace, managedNamespace); - return namespaceRepository.save(managedNamespace); + managedNamespace = namespaceRepository.save(managedNamespace); + + auditService.audit(Namespace.class.getSimpleName(), managedNamespace.getId(), Audit.OP.UPDATE, + managedNamespace.getDataChangeLastModifiedBy()); + + return managedNamespace; } } diff --git a/apollo-biz/src/main/java/com/ctrip/apollo/biz/service/PrivilegeService.java b/apollo-biz/src/main/java/com/ctrip/apollo/biz/service/PrivilegeService.java index c4ec85847a049edecb1e91ec081c39f5ae33ed9c..f8b2efec01f1caa39e82d865459f5fb5c3c1c3ad 100644 --- a/apollo-biz/src/main/java/com/ctrip/apollo/biz/service/PrivilegeService.java +++ b/apollo-biz/src/main/java/com/ctrip/apollo/biz/service/PrivilegeService.java @@ -1,5 +1,6 @@ package com.ctrip.apollo.biz.service; +import com.ctrip.apollo.biz.entity.Audit; import com.ctrip.apollo.biz.entity.Privilege; import com.ctrip.apollo.biz.repository.PrivilegeRepository; @@ -19,6 +20,9 @@ public class PrivilegeService { @Autowired private PrivilegeRepository privilRepo; + @Autowired + private AuditService auditService; + @Transactional public Privilege addPrivilege(long namespaceId, String name, PrivilType privilType) { Privilege privil = @@ -29,6 +33,8 @@ public class PrivilegeService { privil.setPrivilType(privilType.name()); privil.setName(name); privilRepo.save(privil); + + auditService.audit(Privilege.class.getSimpleName(), privil.getId(), Audit.OP.INSERT, name); } return privil; } @@ -47,6 +53,10 @@ public class PrivilegeService { public void removePrivilege(long namespaceId, String name, PrivilType privilType) { Privilege privil = privilRepo.findByNamespaceIdAndNameAndPrivilType(namespaceId, name, privilType.name()); - if (privil != null) privilRepo.delete(privil); + if (privil != null) { + privilRepo.delete(privil); + + auditService.audit(Privilege.class.getSimpleName(), privil.getId(), Audit.OP.DELETE, name); + } } } diff --git a/apollo-biz/src/main/java/com/ctrip/apollo/biz/service/ReleaseService.java b/apollo-biz/src/main/java/com/ctrip/apollo/biz/service/ReleaseService.java index 742e232a5a4385d0195b9da06aa6411239f04268..2cc7d818b47d16f936d523c64c1ceea78b59a8c4 100644 --- a/apollo-biz/src/main/java/com/ctrip/apollo/biz/service/ReleaseService.java +++ b/apollo-biz/src/main/java/com/ctrip/apollo/biz/service/ReleaseService.java @@ -9,6 +9,7 @@ import org.springframework.beans.factory.annotation.Autowired; import org.springframework.stereotype.Service; import org.springframework.transaction.annotation.Transactional; +import com.ctrip.apollo.biz.entity.Audit; import com.ctrip.apollo.biz.entity.Item; import com.ctrip.apollo.biz.entity.Namespace; import com.ctrip.apollo.biz.entity.Release; @@ -34,6 +35,9 @@ public class ReleaseService { @Autowired private ItemRepository itemRepository; + @Autowired + private AuditService auditService; + private Gson gson = new Gson(); public Release findOne(long releaseId) { @@ -43,7 +47,7 @@ public class ReleaseService { @Transactional public Release buildRelease(String name, String comment, String appId, String clusterName, - String namespaceName) { + String namespaceName, String owner) { Namespace namespace = namespaceRepository.findByAppIdAndClusterNameAndNamespaceName(appId, clusterName, namespaceName); if (namespace == null) { @@ -61,15 +65,19 @@ public class ReleaseService { Release release = new Release(); release.setDataChangeCreatedTime(new Date()); - release.setDataChangeCreatedBy(name); - release.setDataChangeLastModifiedBy(name); + release.setDataChangeCreatedBy(owner); release.setName(name); release.setComment(comment); release.setAppId(appId); release.setClusterName(clusterName); release.setNamespaceName(namespaceName); release.setConfigurations(gson.toJson(configurations)); - return releaseRepository.save(release); + release = releaseRepository.save(release); + + auditService.audit(Release.class.getSimpleName(), release.getId(), Audit.OP.INSERT, + release.getDataChangeCreatedBy()); + + return release; } } diff --git a/apollo-biz/src/test/java/com/ctrip/apollo/biz/service/AdminServiceTest.java b/apollo-biz/src/test/java/com/ctrip/apollo/biz/service/AdminServiceTest.java index 5cd2319181780f1df85bbacdb18393ffd04f5aa7..38aa7aa3a4c161e4e934c615c95aef979936e1d1 100644 --- a/apollo-biz/src/test/java/com/ctrip/apollo/biz/service/AdminServiceTest.java +++ b/apollo-biz/src/test/java/com/ctrip/apollo/biz/service/AdminServiceTest.java @@ -14,6 +14,7 @@ import org.springframework.transaction.annotation.Transactional; import com.ctrip.apollo.biz.BizTestConfiguration; import com.ctrip.apollo.biz.entity.App; +import com.ctrip.apollo.biz.entity.Audit; import com.ctrip.apollo.biz.entity.Cluster; import com.ctrip.apollo.biz.entity.Namespace; @@ -29,6 +30,9 @@ public class AdminServiceTest { @Autowired private ViewService viewService; + @Autowired + private AuditService auditService; + @Test public void testCreateNewApp() { String appId = "someAppId"; @@ -52,6 +56,9 @@ public class AdminServiceTest { List namespaces = viewService.findNamespaces(appId, clusters.get(0).getName()); Assert.assertEquals(1, namespaces.size()); Assert.assertEquals("application", namespaces.get(0).getNamespaceName()); + + List audits = auditService.findByOwner(owner); + Assert.assertEquals(4, audits.size()); } - + } diff --git a/apollo-common/pom.xml b/apollo-common/pom.xml index 72de4c65d909dd5cdaac8ebc94f82c70fb9a031b..d87a21214783186406704c256e50c9fb37a2a5db 100644 --- a/apollo-common/pom.xml +++ b/apollo-common/pom.xml @@ -22,6 +22,10 @@ org.springframework.boot spring-boot-starter-web + + org.springframework.boot + spring-boot-starter-security + org.springframework.boot spring-boot-starter-actuator diff --git a/apollo-common/src/main/java/com/ctrip/apollo/common/controller/ActiveUser.java b/apollo-common/src/main/java/com/ctrip/apollo/common/controller/ActiveUser.java new file mode 100644 index 0000000000000000000000000000000000000000..2afeded5e25c5ae6e2b782fe3ff0f842ac46801e --- /dev/null +++ b/apollo-common/src/main/java/com/ctrip/apollo/common/controller/ActiveUser.java @@ -0,0 +1,17 @@ +package com.ctrip.apollo.common.controller; + +import java.lang.annotation.Documented; +import java.lang.annotation.ElementType; +import java.lang.annotation.Retention; +import java.lang.annotation.RetentionPolicy; +import java.lang.annotation.Target; + +import org.springframework.security.core.annotation.AuthenticationPrincipal; + +@Target({ElementType.PARAMETER, ElementType.TYPE}) +@Retention(RetentionPolicy.RUNTIME) +@Documented +@AuthenticationPrincipal +public @interface ActiveUser { + +} diff --git a/apollo-common/src/main/java/com/ctrip/apollo/common/controller/WebMvcConfig.java b/apollo-common/src/main/java/com/ctrip/apollo/common/controller/WebMvcConfig.java index 08cf32339d7b7f77d4a23c186507fa767c7ae095..dbeb437e0cc831e94d0d38fa4c4ae5f2ee24c418 100644 --- a/apollo-common/src/main/java/com/ctrip/apollo/common/controller/WebMvcConfig.java +++ b/apollo-common/src/main/java/com/ctrip/apollo/common/controller/WebMvcConfig.java @@ -15,11 +15,11 @@ public class WebMvcConfig extends WebMvcConfigurerAdapter { @Override public void addArgumentResolvers(List argumentResolvers) { + PageableHandlerMethodArgumentResolver pageResolver = + new PageableHandlerMethodArgumentResolver(); + pageResolver.setFallbackPageable(new PageRequest(0, 10)); - PageableHandlerMethodArgumentResolver resolver = new PageableHandlerMethodArgumentResolver(); - resolver.setFallbackPageable(new PageRequest(0, 10)); - - argumentResolvers.add(resolver); + argumentResolvers.add(pageResolver); } @Override diff --git a/apollo-common/src/main/java/com/ctrip/apollo/common/controller/WebSecurityConfig.java b/apollo-common/src/main/java/com/ctrip/apollo/common/controller/WebSecurityConfig.java new file mode 100644 index 0000000000000000000000000000000000000000..6fa24378805a7543659cfd6e1f225939ebbcf718 --- /dev/null +++ b/apollo-common/src/main/java/com/ctrip/apollo/common/controller/WebSecurityConfig.java @@ -0,0 +1,25 @@ +package com.ctrip.apollo.common.controller; + +import org.springframework.beans.factory.annotation.Autowired; +import org.springframework.context.annotation.Configuration; +import org.springframework.security.config.annotation.authentication.builders.AuthenticationManagerBuilder; +import org.springframework.security.config.annotation.web.builders.HttpSecurity; +import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity; +import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter; + +@Configuration +@EnableWebSecurity +public class WebSecurityConfig extends WebSecurityConfigurerAdapter { + + @Override + protected void configure(HttpSecurity http) throws Exception { + http.httpBasic(); + http.csrf().disable(); + } + + @Autowired + public void configureGlobal(AuthenticationManagerBuilder auth) throws Exception { + auth.inMemoryAuthentication().withUser("user").password("").roles("USER").and() + .withUser("apollo").password("").roles("USER", "ADMIN"); + } +} diff --git a/apollo-core/src/main/java/com/ctrip/apollo/core/dto/ItemChangeSets.java b/apollo-core/src/main/java/com/ctrip/apollo/core/dto/ItemChangeSets.java index ebcbcfd130b553867f0b467514f97da196c8f47a..5935eeab1764d8d80392c2467644aa954a567e1d 100644 --- a/apollo-core/src/main/java/com/ctrip/apollo/core/dto/ItemChangeSets.java +++ b/apollo-core/src/main/java/com/ctrip/apollo/core/dto/ItemChangeSets.java @@ -8,7 +8,6 @@ import java.util.List; */ public class ItemChangeSets { - private String modifyBy; private List createItems = new LinkedList<>(); private List updateItems = new LinkedList<>(); private List deleteItems = new LinkedList<>(); @@ -49,12 +48,4 @@ public class ItemChangeSets { this.deleteItems = deleteItems; } - public String getModifyBy() { - return modifyBy; - } - - public void setModifyBy(String modifyBy) { - this.modifyBy = modifyBy; - } - } diff --git a/apollo-portal/src/main/java/com/ctrip/apollo/portal/service/ConfigService.java b/apollo-portal/src/main/java/com/ctrip/apollo/portal/service/ConfigService.java index 4ebf0ffc542b1f9765de37ac2402334092554e6c..0e1e044a2c606ecdbf62cef6b16c73fe5029061d 100644 --- a/apollo-portal/src/main/java/com/ctrip/apollo/portal/service/ConfigService.java +++ b/apollo-portal/src/main/java/com/ctrip/apollo/portal/service/ConfigService.java @@ -147,7 +147,6 @@ public class ConfigService { ItemChangeSets changeSets = resolver.resolve(namespaceId, configText, itemAPI.findItems(appId, env, clusterName, namespaceName)); try { - changeSets.setModifyBy(model.getModifyBy()); enrichChangeSetBaseInfo(changeSets); itemAPI.updateItems(appId, env, clusterName, namespaceName, changeSets); } catch (Exception e) {