Unverified Commit 3fc266e6 authored by irwinsun's avatar irwinsun Committed by GitHub
Browse files

Merge pull request #4511 from fitzcao/issues_4510

feat: 质量红线权限补齐 #4510
parents d04dff7e eb081206
Showing with 428 additions and 170 deletions
+428 -170
......@@ -139,13 +139,7 @@ class V3PipelinePermissionService constructor(
}
override fun supplierForFakePermission(projectId: String): () -> MutableList<String> {
return {
val fakeList = mutableListOf<String>()
pipelineInfoDao.listPipelineIdByProject(dslContext, projectId).forEach {
fakeList.add(it)
}
fakeList
}
return { mutableListOf() }
}
override fun getResourceByPermission(userId: String, projectId: String, permission: AuthPermission): List<String> {
......
......@@ -30,8 +30,12 @@ package com.tencent.devops.quality
import com.tencent.devops.common.auth.api.AuthPermissionApi
import com.tencent.devops.common.auth.api.AuthResourceApi
import com.tencent.devops.common.auth.code.QualityAuthServiceCode
import com.tencent.devops.quality.dao.QualityNotifyGroupDao
import com.tencent.devops.quality.dao.v2.QualityRuleDao
import com.tencent.devops.quality.service.QualityPermissionService
import com.tencent.devops.quality.service.SampleQualityPermissionServiceImpl
import com.tencent.devops.quality.service.V3QualityPermissionServiceImpl
import org.jooq.DSLContext
import org.springframework.boot.autoconfigure.AutoConfigureOrder
import org.springframework.boot.autoconfigure.condition.ConditionalOnProperty
import org.springframework.boot.autoconfigure.condition.ConditionalOnWebApplication
......@@ -50,8 +54,26 @@ class QualityConfiguration {
fun sampleQualityPermissionService(
authPermissionApi: AuthPermissionApi,
authResourceApi: AuthResourceApi,
qualityAuthServiceCode: QualityAuthServiceCode
qualityAuthServiceCode: QualityAuthServiceCode,
qualityRuleDao: QualityRuleDao,
groupDao: QualityNotifyGroupDao,
dslContext: DSLContext
): QualityPermissionService = SampleQualityPermissionServiceImpl(
authPermissionApi = authPermissionApi,
authResourceApi = authResourceApi,
qualityAuthServiceCode = qualityAuthServiceCode,
qualityRuleDao = qualityRuleDao,
groupDao = groupDao,
dslContext = dslContext
)
@Bean
@ConditionalOnProperty(prefix = "auth", name = ["idProvider"], havingValue = "v3")
fun v3QualityPermissionServiceImpl(
authPermissionApi: AuthPermissionApi,
authResourceApi: AuthResourceApi,
qualityAuthServiceCode: QualityAuthServiceCode
): QualityPermissionService = V3QualityPermissionServiceImpl(
authPermissionApi = authPermissionApi,
authResourceApi = authResourceApi,
qualityAuthServiceCode = qualityAuthServiceCode
......
/*
* Tencent is pleased to support the open source community by making BK-CI 蓝鲸持续集成平台 available.
*
* Copyright (C) 2019 THL A29 Limited, a Tencent company. All rights reserved.
*
* BK-CI 蓝鲸持续集成平台 is licensed under the MIT license.
*
* A copy of the MIT License is included in this file.
*
*
* Terms of the MIT License:
* ---------------------------------------------------
* Permission is hereby granted, free of charge, to any person obtaining a copy of this software and associated
* documentation files (the "Software"), to deal in the Software without restriction, including without limitation the
* rights to use, copy, modify, merge, publish, distribute, sublicense, and/or sell copies of the Software, and to
* permit persons to whom the Software is furnished to do so, subject to the following conditions:
*
* The above copyright notice and this permission notice shall be included in all copies or substantial portions of
* the Software.
*
* THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR IMPLIED, INCLUDING BUT NOT
* LIMITED TO THE WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN
* NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY,
* WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION WITH THE
* SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.
*/
package com.tencent.devops.quality.service
import com.tencent.devops.common.api.constant.CommonMessageCode
import com.tencent.devops.common.api.exception.PermissionForbiddenException
import com.tencent.devops.common.api.util.HashUtil
import com.tencent.devops.common.auth.api.AuthPermission
import com.tencent.devops.common.auth.api.AuthPermissionApi
import com.tencent.devops.common.auth.api.AuthResourceApi
import com.tencent.devops.common.auth.api.AuthResourceType
import com.tencent.devops.common.auth.code.QualityAuthServiceCode
import com.tencent.devops.common.service.utils.MessageCodeUtil
@Suppress("ALL")
abstract class AbsQualityPermissionServiceImpl constructor(
open val authPermissionApi: AuthPermissionApi,
open val authResourceApi: AuthResourceApi,
open val qualityAuthServiceCode: QualityAuthServiceCode
) : QualityPermissionService {
override fun validateGroupPermission(
userId: String,
projectId: String,
groupId: Long,
authPermission: AuthPermission,
message: String
) {
if (!authPermissionApi.validateUserResourcePermission(
user = userId,
serviceCode = qualityAuthServiceCode,
resourceType = AuthResourceType.QUALITY_GROUP,
projectCode = projectId,
resourceCode = HashUtil.encodeLongId(groupId),
permission = authPermission
)) {
val permissionMsg = MessageCodeUtil.getCodeLanMessage(
messageCode = "${CommonMessageCode.MSG_CODE_PERMISSION_PREFIX}${authPermission.value}",
defaultMessage = authPermission.alias
)
throw PermissionForbiddenException(
message = message,
params = arrayOf(permissionMsg))
}
}
override fun createGroupResource(userId: String, projectId: String, groupId: Long, groupName: String) {
authResourceApi.createResource(
user = userId,
serviceCode = qualityAuthServiceCode,
resourceType = AuthResourceType.QUALITY_GROUP,
projectCode = projectId,
resourceCode = HashUtil.encodeLongId(groupId),
resourceName = groupName
)
}
override fun modifyGroupResource(projectId: String, groupId: Long, groupName: String) {
authResourceApi.modifyResource(
serviceCode = qualityAuthServiceCode,
resourceType = AuthResourceType.QUALITY_GROUP,
projectCode = projectId,
resourceCode = HashUtil.encodeLongId(groupId),
resourceName = groupName
)
}
override fun deleteGroupResource(projectId: String, groupId: Long) {
authResourceApi.deleteResource(
serviceCode = qualityAuthServiceCode,
resourceType = AuthResourceType.QUALITY_GROUP,
projectCode = projectId,
resourceCode = HashUtil.encodeLongId(groupId)
)
}
override fun filterGroup(
user: String,
projectId: String,
authPermissions: Set<AuthPermission>
): Map<AuthPermission, List<Long>> {
val permissionResourceMap = authPermissionApi.getUserResourcesByPermissions(
user = user,
serviceCode = qualityAuthServiceCode,
resourceType = AuthResourceType.QUALITY_GROUP,
projectCode = projectId,
permissions = authPermissions,
supplier = supplierForPermissionRule(projectId)
)
val map = mutableMapOf<AuthPermission, List<Long>>()
permissionResourceMap.forEach { (key, value) ->
map[key] = value.map { HashUtil.decodeIdToLong(it) }
}
return map
}
override fun validateRulePermission(userId: String, projectId: String, authPermission: AuthPermission): Boolean {
return authPermissionApi.validateUserResourcePermission(
user = userId,
serviceCode = qualityAuthServiceCode,
resourceType = AuthResourceType.QUALITY_GROUP,
projectCode = projectId,
permission = authPermission
)
}
override fun validateRulePermission(
userId: String,
projectId: String,
authPermission: AuthPermission,
message: String
) {
if (!authPermissionApi.validateUserResourcePermission(
user = userId,
serviceCode = qualityAuthServiceCode,
resourceType = AuthResourceType.QUALITY_GROUP,
projectCode = projectId,
permission = authPermission
)) {
val permissionMsg = MessageCodeUtil.getCodeLanMessage(
messageCode = "${CommonMessageCode.MSG_CODE_PERMISSION_PREFIX}${authPermission.value}",
defaultMessage = authPermission.alias
)
throw PermissionForbiddenException(
message = message,
params = arrayOf(permissionMsg)
)
}
}
override fun validateRulePermission(
userId: String,
projectId: String,
ruleId: Long,
authPermission: AuthPermission,
message: String
) {
if (!authPermissionApi.validateUserResourcePermission(
user = userId,
serviceCode = qualityAuthServiceCode,
resourceType = AuthResourceType.QUALITY_GROUP,
projectCode = projectId,
resourceCode = HashUtil.encodeLongId(ruleId),
permission = authPermission)) {
val permissionMsg = MessageCodeUtil.getCodeLanMessage(
messageCode = "${CommonMessageCode.MSG_CODE_PERMISSION_PREFIX}${authPermission.value}",
defaultMessage = authPermission.alias
)
throw PermissionForbiddenException(
message = message,
params = arrayOf(permissionMsg)
)
}
}
override fun createRuleResource(userId: String, projectId: String, ruleId: Long, ruleName: String) {
authResourceApi.createResource(
user = userId,
serviceCode = qualityAuthServiceCode,
resourceType = AuthResourceType.QUALITY_RULE,
projectCode = projectId,
resourceCode = HashUtil.encodeLongId(ruleId),
resourceName = ruleName
)
}
override fun modifyRuleResource(projectId: String, ruleId: Long, ruleName: String) {
authResourceApi.modifyResource(
serviceCode = qualityAuthServiceCode,
resourceType = AuthResourceType.QUALITY_RULE,
projectCode = projectId,
resourceCode = HashUtil.encodeLongId(ruleId),
resourceName = ruleName
)
}
override fun deleteRuleResource(projectId: String, ruleId: Long) {
authResourceApi.deleteResource(
serviceCode = qualityAuthServiceCode,
resourceType = AuthResourceType.QUALITY_RULE,
projectCode = projectId,
resourceCode = HashUtil.encodeLongId(ruleId)
)
}
override fun filterRules(
userId: String,
projectId: String,
bkAuthPermissionSet: Set<AuthPermission>
): Map<AuthPermission, List<Long>> {
val permissionResourceMap = authPermissionApi.getUserResourcesByPermissions(
user = userId,
serviceCode = qualityAuthServiceCode,
resourceType = AuthResourceType.QUALITY_RULE,
projectCode = projectId,
permissions = bkAuthPermissionSet,
supplier = supplierForPermissionGroup(projectId)
)
val permissionRuleMap = mutableMapOf<AuthPermission, List<Long>>()
permissionResourceMap.forEach { (permission, list) ->
permissionRuleMap[permission] = list.map { HashUtil.decodeIdToLong(it) }
}
return permissionRuleMap
}
abstract fun supplierForPermissionGroup(projectId: String): () -> MutableList<String>
abstract fun supplierForPermissionRule(projectId: String): () -> MutableList<String>
}
......@@ -27,22 +27,23 @@
package com.tencent.devops.quality.service
import com.tencent.devops.common.api.constant.CommonMessageCode
import com.tencent.devops.common.api.exception.PermissionForbiddenException
import com.tencent.devops.common.api.util.HashUtil
import com.tencent.devops.common.auth.api.AuthPermission
import com.tencent.devops.common.auth.api.AuthPermissionApi
import com.tencent.devops.common.auth.api.AuthResourceApi
import com.tencent.devops.common.auth.api.AuthResourceType
import com.tencent.devops.common.auth.code.QualityAuthServiceCode
import com.tencent.devops.common.service.utils.MessageCodeUtil
import com.tencent.devops.quality.dao.QualityNotifyGroupDao
import com.tencent.devops.quality.dao.v2.QualityRuleDao
import org.jooq.DSLContext
@Suppress("ALL")
class SampleQualityPermissionServiceImpl constructor(
val authPermissionApi: AuthPermissionApi,
val authResourceApi: AuthResourceApi,
val qualityAuthServiceCode: QualityAuthServiceCode
) : QualityPermissionService {
override val authPermissionApi: AuthPermissionApi,
override val authResourceApi: AuthResourceApi,
override val qualityAuthServiceCode: QualityAuthServiceCode,
val qualityRuleDao: QualityRuleDao,
val groupDao: QualityNotifyGroupDao,
val dslContext: DSLContext
) : AbsQualityPermissionServiceImpl(authPermissionApi, authResourceApi, qualityAuthServiceCode) {
override fun validateGroupPermission(
userId: String,
......@@ -51,52 +52,19 @@ class SampleQualityPermissionServiceImpl constructor(
authPermission: AuthPermission,
message: String
) {
if (!authPermissionApi.validateUserResourcePermission(
user = userId,
serviceCode = qualityAuthServiceCode,
resourceType = AuthResourceType.QUALITY_GROUP,
projectCode = projectId,
resourceCode = HashUtil.encodeLongId(groupId),
permission = authPermission
)) {
val permissionMsg = MessageCodeUtil.getCodeLanMessage(
messageCode = "${CommonMessageCode.MSG_CODE_PERMISSION_PREFIX}${authPermission.value}",
defaultMessage = authPermission.alias
)
throw PermissionForbiddenException(
message = message,
params = arrayOf(permissionMsg))
}
super.validateGroupPermission(userId, projectId, groupId, authPermission, message)
}
override fun createGroupResource(userId: String, projectId: String, groupId: Long, groupName: String) {
authResourceApi.createResource(
user = userId,
serviceCode = qualityAuthServiceCode,
resourceType = AuthResourceType.QUALITY_GROUP,
projectCode = projectId,
resourceCode = HashUtil.encodeLongId(groupId),
resourceName = groupName
)
super.createGroupResource(userId, projectId, groupId, groupName)
}
override fun modifyGroupResource(projectId: String, groupId: Long, groupName: String) {
authResourceApi.modifyResource(
serviceCode = qualityAuthServiceCode,
resourceType = AuthResourceType.QUALITY_GROUP,
projectCode = projectId,
resourceCode = HashUtil.encodeLongId(groupId),
resourceName = groupName
)
super.modifyGroupResource(projectId, groupId, groupName)
}
override fun deleteGroupResource(projectId: String, groupId: Long) {
authResourceApi.deleteResource(
serviceCode = qualityAuthServiceCode,
resourceType = AuthResourceType.QUALITY_GROUP,
projectCode = projectId,
resourceCode = HashUtil.encodeLongId(groupId)
)
super.deleteGroupResource(projectId, groupId)
}
override fun filterGroup(
......@@ -104,29 +72,11 @@ class SampleQualityPermissionServiceImpl constructor(
projectId: String,
authPermissions: Set<AuthPermission>
): Map<AuthPermission, List<Long>> {
val permissionResourceMap = authPermissionApi.getUserResourcesByPermissions(
user = user,
serviceCode = qualityAuthServiceCode,
resourceType = AuthResourceType.QUALITY_GROUP,
projectCode = projectId,
permissions = authPermissions,
supplier = null
)
val map = mutableMapOf<AuthPermission, List<Long>>()
permissionResourceMap.forEach { (key, value) ->
map[key] = value.map { HashUtil.decodeIdToLong(it) }
}
return map
return super.filterGroup(user, projectId, authPermissions)
}
override fun validateRulePermission(userId: String, projectId: String, authPermission: AuthPermission): Boolean {
return authPermissionApi.validateUserResourcePermission(
user = userId,
serviceCode = qualityAuthServiceCode,
resourceType = AuthResourceType.QUALITY_GROUP,
projectCode = projectId,
permission = authPermission
)
return super.validateRulePermission(userId, projectId, authPermission)
}
override fun validateRulePermission(
......@@ -135,22 +85,7 @@ class SampleQualityPermissionServiceImpl constructor(
authPermission: AuthPermission,
message: String
) {
if (!authPermissionApi.validateUserResourcePermission(
user = userId,
serviceCode = qualityAuthServiceCode,
resourceType = AuthResourceType.QUALITY_GROUP,
projectCode = projectId,
permission = authPermission
)) {
val permissionMsg = MessageCodeUtil.getCodeLanMessage(
messageCode = "${CommonMessageCode.MSG_CODE_PERMISSION_PREFIX}${authPermission.value}",
defaultMessage = authPermission.alias
)
throw PermissionForbiddenException(
message = message,
params = arrayOf(permissionMsg)
)
}
super.validateRulePermission(userId, projectId, authPermission, message)
}
override fun validateRulePermission(
......@@ -160,52 +95,19 @@ class SampleQualityPermissionServiceImpl constructor(
authPermission: AuthPermission,
message: String
) {
if (!authPermissionApi.validateUserResourcePermission(
user = userId,
serviceCode = qualityAuthServiceCode,
resourceType = AuthResourceType.QUALITY_GROUP,
projectCode = projectId,
resourceCode = HashUtil.encodeLongId(ruleId),
permission = authPermission)) {
val permissionMsg = MessageCodeUtil.getCodeLanMessage(
messageCode = "${CommonMessageCode.MSG_CODE_PERMISSION_PREFIX}${authPermission.value}",
defaultMessage = authPermission.alias
)
throw PermissionForbiddenException(
message = message,
params = arrayOf(permissionMsg)
)
}
super.validateRulePermission(userId, projectId, ruleId, authPermission, message)
}
override fun createRuleResource(userId: String, projectId: String, ruleId: Long, ruleName: String) {
authResourceApi.createResource(
user = userId,
serviceCode = qualityAuthServiceCode,
resourceType = AuthResourceType.QUALITY_RULE,
projectCode = projectId,
resourceCode = HashUtil.encodeLongId(ruleId),
resourceName = ruleName
)
super.createRuleResource(userId, projectId, ruleId, ruleName)
}
override fun modifyRuleResource(projectId: String, ruleId: Long, ruleName: String) {
authResourceApi.modifyResource(
serviceCode = qualityAuthServiceCode,
resourceType = AuthResourceType.QUALITY_RULE,
projectCode = projectId,
resourceCode = HashUtil.encodeLongId(ruleId),
resourceName = ruleName
)
super.modifyRuleResource(projectId, ruleId, ruleName)
}
override fun deleteRuleResource(projectId: String, ruleId: Long) {
authResourceApi.deleteResource(
serviceCode = qualityAuthServiceCode,
resourceType = AuthResourceType.QUALITY_RULE,
projectCode = projectId,
resourceCode = HashUtil.encodeLongId(ruleId)
)
super.deleteRuleResource(projectId, ruleId)
}
override fun filterRules(
......@@ -213,18 +115,34 @@ class SampleQualityPermissionServiceImpl constructor(
projectId: String,
bkAuthPermissionSet: Set<AuthPermission>
): Map<AuthPermission, List<Long>> {
val permissionResourceMap = authPermissionApi.getUserResourcesByPermissions(
user = userId,
serviceCode = qualityAuthServiceCode,
resourceType = AuthResourceType.QUALITY_RULE,
projectCode = projectId,
permissions = bkAuthPermissionSet,
supplier = null
)
val permissionRuleMap = mutableMapOf<AuthPermission, List<Long>>()
permissionResourceMap.forEach { (permission, list) ->
permissionRuleMap[permission] = list.map { HashUtil.decodeIdToLong(it) }
return super.filterRules(userId, projectId, bkAuthPermissionSet)
}
override fun supplierForPermissionGroup(projectId: String): () -> MutableList<String> {
return {
val fakeList = mutableListOf<String>()
groupDao.list(
dslContext = dslContext,
projectId = projectId,
offset = 0,
limit = 500
).forEach {
fakeList.add(it.id.toString())
}
fakeList
}
}
override fun supplierForPermissionRule(projectId: String): () -> MutableList<String> {
return {
val fakeList = mutableListOf<String>()
qualityRuleDao.list(
dslContext = dslContext,
projectId = projectId
)?.forEach {
fakeList.add(it.id.toString())
}
fakeList
}
return permissionRuleMap
}
}
/*
* Tencent is pleased to support the open source community by making BK-CI 蓝鲸持续集成平台 available.
*
* Copyright (C) 2019 THL A29 Limited, a Tencent company. All rights reserved.
*
* BK-CI 蓝鲸持续集成平台 is licensed under the MIT license.
*
* A copy of the MIT License is included in this file.
*
*
* Terms of the MIT License:
* ---------------------------------------------------
* Permission is hereby granted, free of charge, to any person obtaining a copy of this software and associated
* documentation files (the "Software"), to deal in the Software without restriction, including without limitation the
* rights to use, copy, modify, merge, publish, distribute, sublicense, and/or sell copies of the Software, and to
* permit persons to whom the Software is furnished to do so, subject to the following conditions:
*
* The above copyright notice and this permission notice shall be included in all copies or substantial portions of
* the Software.
*
* THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR IMPLIED, INCLUDING BUT NOT
* LIMITED TO THE WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN
* NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY,
* WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION WITH THE
* SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.
*/
package com.tencent.devops.quality.service
import com.tencent.devops.common.auth.api.AuthPermission
import com.tencent.devops.common.auth.api.AuthPermissionApi
import com.tencent.devops.common.auth.api.AuthResourceApi
import com.tencent.devops.common.auth.code.QualityAuthServiceCode
@Suppress("ALL")
class V3QualityPermissionServiceImpl constructor(
override val authPermissionApi: AuthPermissionApi,
override val authResourceApi: AuthResourceApi,
override val qualityAuthServiceCode: QualityAuthServiceCode
) : AbsQualityPermissionServiceImpl(authPermissionApi, authResourceApi, qualityAuthServiceCode) {
override fun validateGroupPermission(
userId: String,
projectId: String,
groupId: Long,
authPermission: AuthPermission,
message: String
) {
super.validateGroupPermission(userId, projectId, groupId, authPermission, message)
}
override fun createGroupResource(userId: String, projectId: String, groupId: Long, groupName: String) {
super.createGroupResource(userId, projectId, groupId, groupName)
}
override fun modifyGroupResource(projectId: String, groupId: Long, groupName: String) {
super.modifyGroupResource(projectId, groupId, groupName)
}
override fun deleteGroupResource(projectId: String, groupId: Long) {
super.deleteGroupResource(projectId, groupId)
}
override fun filterGroup(user: String, projectId: String, authPermissions: Set<AuthPermission>): Map<AuthPermission, List<Long>> {
return super.filterGroup(user, projectId, authPermissions)
}
override fun validateRulePermission(userId: String, projectId: String, authPermission: AuthPermission): Boolean {
return super.validateRulePermission(userId, projectId, authPermission)
}
override fun validateRulePermission(userId: String, projectId: String, authPermission: AuthPermission, message: String) {
super.validateRulePermission(userId, projectId, authPermission, message)
}
override fun validateRulePermission(
userId: String,
projectId: String,
ruleId: Long,
authPermission: AuthPermission,
message: String
) {
super.validateRulePermission(userId, projectId, ruleId, authPermission, message)
}
override fun createRuleResource(userId: String, projectId: String, ruleId: Long, ruleName: String) {
super.createRuleResource(userId, projectId, ruleId, ruleName)
}
override fun modifyRuleResource(projectId: String, ruleId: Long, ruleName: String) {
super.modifyRuleResource(projectId, ruleId, ruleName)
}
override fun deleteRuleResource(projectId: String, ruleId: Long) {
super.deleteRuleResource(projectId, ruleId)
}
override fun filterRules(
userId: String,
projectId: String,
bkAuthPermissionSet: Set<AuthPermission>
): Map<AuthPermission, List<Long>> {
return super.filterRules(userId, projectId, bkAuthPermissionSet)
}
override fun supplierForPermissionGroup(projectId: String): () -> MutableList<String> {
return { mutableListOf() }
}
override fun supplierForPermissionRule(projectId: String): () -> MutableList<String> {
return { mutableListOf() }
}
}
......@@ -57,18 +57,7 @@ class V3CertPermissionService @Autowired constructor(
) {
override fun supplierForPermission(projectId: String): () -> MutableList<String> {
return {
val fakeList = mutableListOf<String>()
certDao.listIdByProject(
dslContext = dslContext,
projectId = projectId,
offset = 0,
limit = 500
).forEach {
fakeList.add(it)
}
fakeList
}
return { mutableListOf() }
}
override fun validatePermission(
......@@ -101,13 +90,13 @@ class V3CertPermissionService @Autowired constructor(
return true
}
return authPermissionApi.validateUserResourcePermission(
user = userId,
serviceCode = ticketAuthServiceCode,
resourceType = AuthResourceType.TICKET_CERT,
projectCode = projectId,
resourceCode = projectId,
permission = AuthPermission.CREATE,
relationResourceType = AuthResourceType.PROJECT
user = userId,
serviceCode = ticketAuthServiceCode,
resourceType = AuthResourceType.TICKET_CERT,
projectCode = projectId,
resourceCode = projectId,
permission = AuthPermission.CREATE,
relationResourceType = AuthResourceType.PROJECT
)
}
......
......@@ -58,18 +58,7 @@ class V3CredentialPermissionService @Autowired constructor(
) {
override fun supplierForFakePermission(projectId: String): () -> MutableList<String> {
return {
val fakeList = mutableListOf<String>()
credentialDao.listByProject(
dslContext = dslContext,
projectId = projectId,
offset = 0,
limit = 500 // 一个项目不会有太多凭证
).forEach {
fakeList.add(it.credentialId)
}
fakeList
}
return { mutableListOf() }
}
override fun validatePermission(
......
Supports Markdown
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment