Skip to content
GitLab
Menu
Projects
Groups
Snippets
Help
Projects
Groups
Snippets
Help
Help
Support
Community forum
Keyboard shortcuts
?
Submit feedback
Sign in
Toggle navigation
Menu
Open sidebar
小 白蛋
Bk Ci
Commits
3fc266e6
Unverified
Commit
3fc266e6
authored
3 years ago
by
irwinsun
Committed by
GitHub
3 years ago
Browse files
Options
Download
Plain Diff
Merge pull request #4511 from fitzcao/issues_4510
feat: 质量红线权限补齐 #4510
parents
d04dff7e
eb081206
Changes
7
Hide whitespace changes
Inline
Side-by-side
Showing
7 changed files
src/backend/ci/core/process/biz-process-sample/src/main/kotlin/com/tencent/devops/process/permission/service/impl/V3PipelinePermissionService.kt
+1
-7
...ss/permission/service/impl/V3PipelinePermissionService.kt
src/backend/ci/core/quality/biz-quality-sample/src/main/kotlin/com/tencent/devops/quality/QualityConfiguration.kt
+23
-1
...kotlin/com/tencent/devops/quality/QualityConfiguration.kt
src/backend/ci/core/quality/biz-quality-sample/src/main/kotlin/com/tencent/devops/quality/service/AbsQualityPermissionServiceImpl.kt
+234
-0
...devops/quality/service/AbsQualityPermissionServiceImpl.kt
src/backend/ci/core/quality/biz-quality-sample/src/main/kotlin/com/tencent/devops/quality/service/SampleQualityPermissionServiceImpl.kt
+49
-131
...ops/quality/service/SampleQualityPermissionServiceImpl.kt
src/backend/ci/core/quality/biz-quality-sample/src/main/kotlin/com/tencent/devops/quality/service/V3QualityPermissionServiceImpl.kt
+112
-0
.../devops/quality/service/V3QualityPermissionServiceImpl.kt
src/backend/ci/core/ticket/biz-ticket-sample/src/main/kotlin/com/tencent/devops/ticket/service/V3CertPermissionService.kt
+8
-19
.../tencent/devops/ticket/service/V3CertPermissionService.kt
src/backend/ci/core/ticket/biz-ticket-sample/src/main/kotlin/com/tencent/devops/ticket/service/V3CredentialPermissionService.kt
+1
-12
...nt/devops/ticket/service/V3CredentialPermissionService.kt
with
428 additions
and
170 deletions
+428
-170
src/backend/ci/core/process/biz-process-sample/src/main/kotlin/com/tencent/devops/process/permission/service/impl/V3PipelinePermissionService.kt
+
1
-
7
View file @
3fc266e6
...
...
@@ -139,13 +139,7 @@ class V3PipelinePermissionService constructor(
}
override
fun
supplierForFakePermission
(
projectId
:
String
):
()
->
MutableList
<
String
>
{
return
{
val
fakeList
=
mutableListOf
<
String
>()
pipelineInfoDao
.
listPipelineIdByProject
(
dslContext
,
projectId
).
forEach
{
fakeList
.
add
(
it
)
}
fakeList
}
return
{
mutableListOf
()
}
}
override
fun
getResourceByPermission
(
userId
:
String
,
projectId
:
String
,
permission
:
AuthPermission
):
List
<
String
>
{
...
...
This diff is collapsed.
Click to expand it.
src/backend/ci/core/quality/biz-quality-sample/src/main/kotlin/com/tencent/devops/quality/QualityConfiguration.kt
+
23
-
1
View file @
3fc266e6
...
...
@@ -30,8 +30,12 @@ package com.tencent.devops.quality
import
com.tencent.devops.common.auth.api.AuthPermissionApi
import
com.tencent.devops.common.auth.api.AuthResourceApi
import
com.tencent.devops.common.auth.code.QualityAuthServiceCode
import
com.tencent.devops.quality.dao.QualityNotifyGroupDao
import
com.tencent.devops.quality.dao.v2.QualityRuleDao
import
com.tencent.devops.quality.service.QualityPermissionService
import
com.tencent.devops.quality.service.SampleQualityPermissionServiceImpl
import
com.tencent.devops.quality.service.V3QualityPermissionServiceImpl
import
org.jooq.DSLContext
import
org.springframework.boot.autoconfigure.AutoConfigureOrder
import
org.springframework.boot.autoconfigure.condition.ConditionalOnProperty
import
org.springframework.boot.autoconfigure.condition.ConditionalOnWebApplication
...
...
@@ -50,8 +54,26 @@ class QualityConfiguration {
fun
sampleQualityPermissionService
(
authPermissionApi
:
AuthPermissionApi
,
authResourceApi
:
AuthResourceApi
,
qualityAuthServiceCode
:
QualityAuthServiceCode
qualityAuthServiceCode
:
QualityAuthServiceCode
,
qualityRuleDao
:
QualityRuleDao
,
groupDao
:
QualityNotifyGroupDao
,
dslContext
:
DSLContext
):
QualityPermissionService
=
SampleQualityPermissionServiceImpl
(
authPermissionApi
=
authPermissionApi
,
authResourceApi
=
authResourceApi
,
qualityAuthServiceCode
=
qualityAuthServiceCode
,
qualityRuleDao
=
qualityRuleDao
,
groupDao
=
groupDao
,
dslContext
=
dslContext
)
@Bean
@ConditionalOnProperty
(
prefix
=
"auth"
,
name
=
[
"idProvider"
],
havingValue
=
"v3"
)
fun
v3QualityPermissionServiceImpl
(
authPermissionApi
:
AuthPermissionApi
,
authResourceApi
:
AuthResourceApi
,
qualityAuthServiceCode
:
QualityAuthServiceCode
):
QualityPermissionService
=
V3QualityPermissionServiceImpl
(
authPermissionApi
=
authPermissionApi
,
authResourceApi
=
authResourceApi
,
qualityAuthServiceCode
=
qualityAuthServiceCode
...
...
This diff is collapsed.
Click to expand it.
src/backend/ci/core/quality/biz-quality-sample/src/main/kotlin/com/tencent/devops/quality/service/AbsQualityPermissionServiceImpl.kt
0 → 100644
+
234
-
0
View file @
3fc266e6
/*
* Tencent is pleased to support the open source community by making BK-CI 蓝鲸持续集成平台 available.
*
* Copyright (C) 2019 THL A29 Limited, a Tencent company. All rights reserved.
*
* BK-CI 蓝鲸持续集成平台 is licensed under the MIT license.
*
* A copy of the MIT License is included in this file.
*
*
* Terms of the MIT License:
* ---------------------------------------------------
* Permission is hereby granted, free of charge, to any person obtaining a copy of this software and associated
* documentation files (the "Software"), to deal in the Software without restriction, including without limitation the
* rights to use, copy, modify, merge, publish, distribute, sublicense, and/or sell copies of the Software, and to
* permit persons to whom the Software is furnished to do so, subject to the following conditions:
*
* The above copyright notice and this permission notice shall be included in all copies or substantial portions of
* the Software.
*
* THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR IMPLIED, INCLUDING BUT NOT
* LIMITED TO THE WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN
* NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY,
* WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION WITH THE
* SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.
*/
package
com.tencent.devops.quality.service
import
com.tencent.devops.common.api.constant.CommonMessageCode
import
com.tencent.devops.common.api.exception.PermissionForbiddenException
import
com.tencent.devops.common.api.util.HashUtil
import
com.tencent.devops.common.auth.api.AuthPermission
import
com.tencent.devops.common.auth.api.AuthPermissionApi
import
com.tencent.devops.common.auth.api.AuthResourceApi
import
com.tencent.devops.common.auth.api.AuthResourceType
import
com.tencent.devops.common.auth.code.QualityAuthServiceCode
import
com.tencent.devops.common.service.utils.MessageCodeUtil
@Suppress
(
"ALL"
)
abstract
class
AbsQualityPermissionServiceImpl
constructor
(
open
val
authPermissionApi
:
AuthPermissionApi
,
open
val
authResourceApi
:
AuthResourceApi
,
open
val
qualityAuthServiceCode
:
QualityAuthServiceCode
)
:
QualityPermissionService
{
override
fun
validateGroupPermission
(
userId
:
String
,
projectId
:
String
,
groupId
:
Long
,
authPermission
:
AuthPermission
,
message
:
String
)
{
if
(!
authPermissionApi
.
validateUserResourcePermission
(
user
=
userId
,
serviceCode
=
qualityAuthServiceCode
,
resourceType
=
AuthResourceType
.
QUALITY_GROUP
,
projectCode
=
projectId
,
resourceCode
=
HashUtil
.
encodeLongId
(
groupId
),
permission
=
authPermission
))
{
val
permissionMsg
=
MessageCodeUtil
.
getCodeLanMessage
(
messageCode
=
"${CommonMessageCode.MSG_CODE_PERMISSION_PREFIX}${authPermission.value}"
,
defaultMessage
=
authPermission
.
alias
)
throw
PermissionForbiddenException
(
message
=
message
,
params
=
arrayOf
(
permissionMsg
))
}
}
override
fun
createGroupResource
(
userId
:
String
,
projectId
:
String
,
groupId
:
Long
,
groupName
:
String
)
{
authResourceApi
.
createResource
(
user
=
userId
,
serviceCode
=
qualityAuthServiceCode
,
resourceType
=
AuthResourceType
.
QUALITY_GROUP
,
projectCode
=
projectId
,
resourceCode
=
HashUtil
.
encodeLongId
(
groupId
),
resourceName
=
groupName
)
}
override
fun
modifyGroupResource
(
projectId
:
String
,
groupId
:
Long
,
groupName
:
String
)
{
authResourceApi
.
modifyResource
(
serviceCode
=
qualityAuthServiceCode
,
resourceType
=
AuthResourceType
.
QUALITY_GROUP
,
projectCode
=
projectId
,
resourceCode
=
HashUtil
.
encodeLongId
(
groupId
),
resourceName
=
groupName
)
}
override
fun
deleteGroupResource
(
projectId
:
String
,
groupId
:
Long
)
{
authResourceApi
.
deleteResource
(
serviceCode
=
qualityAuthServiceCode
,
resourceType
=
AuthResourceType
.
QUALITY_GROUP
,
projectCode
=
projectId
,
resourceCode
=
HashUtil
.
encodeLongId
(
groupId
)
)
}
override
fun
filterGroup
(
user
:
String
,
projectId
:
String
,
authPermissions
:
Set
<
AuthPermission
>
):
Map
<
AuthPermission
,
List
<
Long
>>
{
val
permissionResourceMap
=
authPermissionApi
.
getUserResourcesByPermissions
(
user
=
user
,
serviceCode
=
qualityAuthServiceCode
,
resourceType
=
AuthResourceType
.
QUALITY_GROUP
,
projectCode
=
projectId
,
permissions
=
authPermissions
,
supplier
=
supplierForPermissionRule
(
projectId
)
)
val
map
=
mutableMapOf
<
AuthPermission
,
List
<
Long
>>()
permissionResourceMap
.
forEach
{
(
key
,
value
)
->
map
[
key
]
=
value
.
map
{
HashUtil
.
decodeIdToLong
(
it
)
}
}
return
map
}
override
fun
validateRulePermission
(
userId
:
String
,
projectId
:
String
,
authPermission
:
AuthPermission
):
Boolean
{
return
authPermissionApi
.
validateUserResourcePermission
(
user
=
userId
,
serviceCode
=
qualityAuthServiceCode
,
resourceType
=
AuthResourceType
.
QUALITY_GROUP
,
projectCode
=
projectId
,
permission
=
authPermission
)
}
override
fun
validateRulePermission
(
userId
:
String
,
projectId
:
String
,
authPermission
:
AuthPermission
,
message
:
String
)
{
if
(!
authPermissionApi
.
validateUserResourcePermission
(
user
=
userId
,
serviceCode
=
qualityAuthServiceCode
,
resourceType
=
AuthResourceType
.
QUALITY_GROUP
,
projectCode
=
projectId
,
permission
=
authPermission
))
{
val
permissionMsg
=
MessageCodeUtil
.
getCodeLanMessage
(
messageCode
=
"${CommonMessageCode.MSG_CODE_PERMISSION_PREFIX}${authPermission.value}"
,
defaultMessage
=
authPermission
.
alias
)
throw
PermissionForbiddenException
(
message
=
message
,
params
=
arrayOf
(
permissionMsg
)
)
}
}
override
fun
validateRulePermission
(
userId
:
String
,
projectId
:
String
,
ruleId
:
Long
,
authPermission
:
AuthPermission
,
message
:
String
)
{
if
(!
authPermissionApi
.
validateUserResourcePermission
(
user
=
userId
,
serviceCode
=
qualityAuthServiceCode
,
resourceType
=
AuthResourceType
.
QUALITY_GROUP
,
projectCode
=
projectId
,
resourceCode
=
HashUtil
.
encodeLongId
(
ruleId
),
permission
=
authPermission
))
{
val
permissionMsg
=
MessageCodeUtil
.
getCodeLanMessage
(
messageCode
=
"${CommonMessageCode.MSG_CODE_PERMISSION_PREFIX}${authPermission.value}"
,
defaultMessage
=
authPermission
.
alias
)
throw
PermissionForbiddenException
(
message
=
message
,
params
=
arrayOf
(
permissionMsg
)
)
}
}
override
fun
createRuleResource
(
userId
:
String
,
projectId
:
String
,
ruleId
:
Long
,
ruleName
:
String
)
{
authResourceApi
.
createResource
(
user
=
userId
,
serviceCode
=
qualityAuthServiceCode
,
resourceType
=
AuthResourceType
.
QUALITY_RULE
,
projectCode
=
projectId
,
resourceCode
=
HashUtil
.
encodeLongId
(
ruleId
),
resourceName
=
ruleName
)
}
override
fun
modifyRuleResource
(
projectId
:
String
,
ruleId
:
Long
,
ruleName
:
String
)
{
authResourceApi
.
modifyResource
(
serviceCode
=
qualityAuthServiceCode
,
resourceType
=
AuthResourceType
.
QUALITY_RULE
,
projectCode
=
projectId
,
resourceCode
=
HashUtil
.
encodeLongId
(
ruleId
),
resourceName
=
ruleName
)
}
override
fun
deleteRuleResource
(
projectId
:
String
,
ruleId
:
Long
)
{
authResourceApi
.
deleteResource
(
serviceCode
=
qualityAuthServiceCode
,
resourceType
=
AuthResourceType
.
QUALITY_RULE
,
projectCode
=
projectId
,
resourceCode
=
HashUtil
.
encodeLongId
(
ruleId
)
)
}
override
fun
filterRules
(
userId
:
String
,
projectId
:
String
,
bkAuthPermissionSet
:
Set
<
AuthPermission
>
):
Map
<
AuthPermission
,
List
<
Long
>>
{
val
permissionResourceMap
=
authPermissionApi
.
getUserResourcesByPermissions
(
user
=
userId
,
serviceCode
=
qualityAuthServiceCode
,
resourceType
=
AuthResourceType
.
QUALITY_RULE
,
projectCode
=
projectId
,
permissions
=
bkAuthPermissionSet
,
supplier
=
supplierForPermissionGroup
(
projectId
)
)
val
permissionRuleMap
=
mutableMapOf
<
AuthPermission
,
List
<
Long
>>()
permissionResourceMap
.
forEach
{
(
permission
,
list
)
->
permissionRuleMap
[
permission
]
=
list
.
map
{
HashUtil
.
decodeIdToLong
(
it
)
}
}
return
permissionRuleMap
}
abstract
fun
supplierForPermissionGroup
(
projectId
:
String
):
()
->
MutableList
<
String
>
abstract
fun
supplierForPermissionRule
(
projectId
:
String
):
()
->
MutableList
<
String
>
}
This diff is collapsed.
Click to expand it.
src/backend/ci/core/quality/biz-quality-sample/src/main/kotlin/com/tencent/devops/quality/service/SampleQualityPermissionServiceImpl.kt
+
49
-
131
View file @
3fc266e6
...
...
@@ -27,22 +27,23 @@
package
com.tencent.devops.quality.service
import
com.tencent.devops.common.api.constant.CommonMessageCode
import
com.tencent.devops.common.api.exception.PermissionForbiddenException
import
com.tencent.devops.common.api.util.HashUtil
import
com.tencent.devops.common.auth.api.AuthPermission
import
com.tencent.devops.common.auth.api.AuthPermissionApi
import
com.tencent.devops.common.auth.api.AuthResourceApi
import
com.tencent.devops.common.auth.api.AuthResourceType
import
com.tencent.devops.common.auth.code.QualityAuthServiceCode
import
com.tencent.devops.common.service.utils.MessageCodeUtil
import
com.tencent.devops.quality.dao.QualityNotifyGroupDao
import
com.tencent.devops.quality.dao.v2.QualityRuleDao
import
org.jooq.DSLContext
@Suppress
(
"ALL"
)
class
SampleQualityPermissionServiceImpl
constructor
(
val
authPermissionApi
:
AuthPermissionApi
,
val
authResourceApi
:
AuthResourceApi
,
val
qualityAuthServiceCode
:
QualityAuthServiceCode
)
:
QualityPermissionService
{
override
val
authPermissionApi
:
AuthPermissionApi
,
override
val
authResourceApi
:
AuthResourceApi
,
override
val
qualityAuthServiceCode
:
QualityAuthServiceCode
,
val
qualityRuleDao
:
QualityRuleDao
,
val
groupDao
:
QualityNotifyGroupDao
,
val
dslContext
:
DSLContext
)
:
AbsQualityPermissionServiceImpl
(
authPermissionApi
,
authResourceApi
,
qualityAuthServiceCode
)
{
override
fun
validateGroupPermission
(
userId
:
String
,
...
...
@@ -51,52 +52,19 @@ class SampleQualityPermissionServiceImpl constructor(
authPermission
:
AuthPermission
,
message
:
String
)
{
if
(!
authPermissionApi
.
validateUserResourcePermission
(
user
=
userId
,
serviceCode
=
qualityAuthServiceCode
,
resourceType
=
AuthResourceType
.
QUALITY_GROUP
,
projectCode
=
projectId
,
resourceCode
=
HashUtil
.
encodeLongId
(
groupId
),
permission
=
authPermission
))
{
val
permissionMsg
=
MessageCodeUtil
.
getCodeLanMessage
(
messageCode
=
"${CommonMessageCode.MSG_CODE_PERMISSION_PREFIX}${authPermission.value}"
,
defaultMessage
=
authPermission
.
alias
)
throw
PermissionForbiddenException
(
message
=
message
,
params
=
arrayOf
(
permissionMsg
))
}
super
.
validateGroupPermission
(
userId
,
projectId
,
groupId
,
authPermission
,
message
)
}
override
fun
createGroupResource
(
userId
:
String
,
projectId
:
String
,
groupId
:
Long
,
groupName
:
String
)
{
authResourceApi
.
createResource
(
user
=
userId
,
serviceCode
=
qualityAuthServiceCode
,
resourceType
=
AuthResourceType
.
QUALITY_GROUP
,
projectCode
=
projectId
,
resourceCode
=
HashUtil
.
encodeLongId
(
groupId
),
resourceName
=
groupName
)
super
.
createGroupResource
(
userId
,
projectId
,
groupId
,
groupName
)
}
override
fun
modifyGroupResource
(
projectId
:
String
,
groupId
:
Long
,
groupName
:
String
)
{
authResourceApi
.
modifyResource
(
serviceCode
=
qualityAuthServiceCode
,
resourceType
=
AuthResourceType
.
QUALITY_GROUP
,
projectCode
=
projectId
,
resourceCode
=
HashUtil
.
encodeLongId
(
groupId
),
resourceName
=
groupName
)
super
.
modifyGroupResource
(
projectId
,
groupId
,
groupName
)
}
override
fun
deleteGroupResource
(
projectId
:
String
,
groupId
:
Long
)
{
authResourceApi
.
deleteResource
(
serviceCode
=
qualityAuthServiceCode
,
resourceType
=
AuthResourceType
.
QUALITY_GROUP
,
projectCode
=
projectId
,
resourceCode
=
HashUtil
.
encodeLongId
(
groupId
)
)
super
.
deleteGroupResource
(
projectId
,
groupId
)
}
override
fun
filterGroup
(
...
...
@@ -104,29 +72,11 @@ class SampleQualityPermissionServiceImpl constructor(
projectId
:
String
,
authPermissions
:
Set
<
AuthPermission
>
):
Map
<
AuthPermission
,
List
<
Long
>>
{
val
permissionResourceMap
=
authPermissionApi
.
getUserResourcesByPermissions
(
user
=
user
,
serviceCode
=
qualityAuthServiceCode
,
resourceType
=
AuthResourceType
.
QUALITY_GROUP
,
projectCode
=
projectId
,
permissions
=
authPermissions
,
supplier
=
null
)
val
map
=
mutableMapOf
<
AuthPermission
,
List
<
Long
>>()
permissionResourceMap
.
forEach
{
(
key
,
value
)
->
map
[
key
]
=
value
.
map
{
HashUtil
.
decodeIdToLong
(
it
)
}
}
return
map
return
super
.
filterGroup
(
user
,
projectId
,
authPermissions
)
}
override
fun
validateRulePermission
(
userId
:
String
,
projectId
:
String
,
authPermission
:
AuthPermission
):
Boolean
{
return
authPermissionApi
.
validateUserResourcePermission
(
user
=
userId
,
serviceCode
=
qualityAuthServiceCode
,
resourceType
=
AuthResourceType
.
QUALITY_GROUP
,
projectCode
=
projectId
,
permission
=
authPermission
)
return
super
.
validateRulePermission
(
userId
,
projectId
,
authPermission
)
}
override
fun
validateRulePermission
(
...
...
@@ -135,22 +85,7 @@ class SampleQualityPermissionServiceImpl constructor(
authPermission
:
AuthPermission
,
message
:
String
)
{
if
(!
authPermissionApi
.
validateUserResourcePermission
(
user
=
userId
,
serviceCode
=
qualityAuthServiceCode
,
resourceType
=
AuthResourceType
.
QUALITY_GROUP
,
projectCode
=
projectId
,
permission
=
authPermission
))
{
val
permissionMsg
=
MessageCodeUtil
.
getCodeLanMessage
(
messageCode
=
"${CommonMessageCode.MSG_CODE_PERMISSION_PREFIX}${authPermission.value}"
,
defaultMessage
=
authPermission
.
alias
)
throw
PermissionForbiddenException
(
message
=
message
,
params
=
arrayOf
(
permissionMsg
)
)
}
super
.
validateRulePermission
(
userId
,
projectId
,
authPermission
,
message
)
}
override
fun
validateRulePermission
(
...
...
@@ -160,52 +95,19 @@ class SampleQualityPermissionServiceImpl constructor(
authPermission
:
AuthPermission
,
message
:
String
)
{
if
(!
authPermissionApi
.
validateUserResourcePermission
(
user
=
userId
,
serviceCode
=
qualityAuthServiceCode
,
resourceType
=
AuthResourceType
.
QUALITY_GROUP
,
projectCode
=
projectId
,
resourceCode
=
HashUtil
.
encodeLongId
(
ruleId
),
permission
=
authPermission
))
{
val
permissionMsg
=
MessageCodeUtil
.
getCodeLanMessage
(
messageCode
=
"${CommonMessageCode.MSG_CODE_PERMISSION_PREFIX}${authPermission.value}"
,
defaultMessage
=
authPermission
.
alias
)
throw
PermissionForbiddenException
(
message
=
message
,
params
=
arrayOf
(
permissionMsg
)
)
}
super
.
validateRulePermission
(
userId
,
projectId
,
ruleId
,
authPermission
,
message
)
}
override
fun
createRuleResource
(
userId
:
String
,
projectId
:
String
,
ruleId
:
Long
,
ruleName
:
String
)
{
authResourceApi
.
createResource
(
user
=
userId
,
serviceCode
=
qualityAuthServiceCode
,
resourceType
=
AuthResourceType
.
QUALITY_RULE
,
projectCode
=
projectId
,
resourceCode
=
HashUtil
.
encodeLongId
(
ruleId
),
resourceName
=
ruleName
)
super
.
createRuleResource
(
userId
,
projectId
,
ruleId
,
ruleName
)
}
override
fun
modifyRuleResource
(
projectId
:
String
,
ruleId
:
Long
,
ruleName
:
String
)
{
authResourceApi
.
modifyResource
(
serviceCode
=
qualityAuthServiceCode
,
resourceType
=
AuthResourceType
.
QUALITY_RULE
,
projectCode
=
projectId
,
resourceCode
=
HashUtil
.
encodeLongId
(
ruleId
),
resourceName
=
ruleName
)
super
.
modifyRuleResource
(
projectId
,
ruleId
,
ruleName
)
}
override
fun
deleteRuleResource
(
projectId
:
String
,
ruleId
:
Long
)
{
authResourceApi
.
deleteResource
(
serviceCode
=
qualityAuthServiceCode
,
resourceType
=
AuthResourceType
.
QUALITY_RULE
,
projectCode
=
projectId
,
resourceCode
=
HashUtil
.
encodeLongId
(
ruleId
)
)
super
.
deleteRuleResource
(
projectId
,
ruleId
)
}
override
fun
filterRules
(
...
...
@@ -213,18 +115,34 @@ class SampleQualityPermissionServiceImpl constructor(
projectId
:
String
,
bkAuthPermissionSet
:
Set
<
AuthPermission
>
):
Map
<
AuthPermission
,
List
<
Long
>>
{
val
permissionResourceMap
=
authPermissionApi
.
getUserResourcesByPermissions
(
user
=
userId
,
serviceCode
=
qualityAuthServiceCode
,
resourceType
=
AuthResourceType
.
QUALITY_RULE
,
projectCode
=
projectId
,
permissions
=
bkAuthPermissionSet
,
supplier
=
null
)
val
permissionRuleMap
=
mutableMapOf
<
AuthPermission
,
List
<
Long
>>()
permissionResourceMap
.
forEach
{
(
permission
,
list
)
->
permissionRuleMap
[
permission
]
=
list
.
map
{
HashUtil
.
decodeIdToLong
(
it
)
}
return
super
.
filterRules
(
userId
,
projectId
,
bkAuthPermissionSet
)
}
override
fun
supplierForPermissionGroup
(
projectId
:
String
):
()
->
MutableList
<
String
>
{
return
{
val
fakeList
=
mutableListOf
<
String
>()
groupDao
.
list
(
dslContext
=
dslContext
,
projectId
=
projectId
,
offset
=
0
,
limit
=
500
).
forEach
{
fakeList
.
add
(
it
.
id
.
toString
())
}
fakeList
}
}
override
fun
supplierForPermissionRule
(
projectId
:
String
):
()
->
MutableList
<
String
>
{
return
{
val
fakeList
=
mutableListOf
<
String
>()
qualityRuleDao
.
list
(
dslContext
=
dslContext
,
projectId
=
projectId
)
?.
forEach
{
fakeList
.
add
(
it
.
id
.
toString
())
}
fakeList
}
return
permissionRuleMap
}
}
This diff is collapsed.
Click to expand it.
src/backend/ci/core/quality/biz-quality-sample/src/main/kotlin/com/tencent/devops/quality/service/V3QualityPermissionServiceImpl.kt
0 → 100644
+
112
-
0
View file @
3fc266e6
/*
* Tencent is pleased to support the open source community by making BK-CI 蓝鲸持续集成平台 available.
*
* Copyright (C) 2019 THL A29 Limited, a Tencent company. All rights reserved.
*
* BK-CI 蓝鲸持续集成平台 is licensed under the MIT license.
*
* A copy of the MIT License is included in this file.
*
*
* Terms of the MIT License:
* ---------------------------------------------------
* Permission is hereby granted, free of charge, to any person obtaining a copy of this software and associated
* documentation files (the "Software"), to deal in the Software without restriction, including without limitation the
* rights to use, copy, modify, merge, publish, distribute, sublicense, and/or sell copies of the Software, and to
* permit persons to whom the Software is furnished to do so, subject to the following conditions:
*
* The above copyright notice and this permission notice shall be included in all copies or substantial portions of
* the Software.
*
* THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR IMPLIED, INCLUDING BUT NOT
* LIMITED TO THE WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN
* NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY,
* WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION WITH THE
* SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.
*/
package
com.tencent.devops.quality.service
import
com.tencent.devops.common.auth.api.AuthPermission
import
com.tencent.devops.common.auth.api.AuthPermissionApi
import
com.tencent.devops.common.auth.api.AuthResourceApi
import
com.tencent.devops.common.auth.code.QualityAuthServiceCode
@Suppress
(
"ALL"
)
class
V3QualityPermissionServiceImpl
constructor
(
override
val
authPermissionApi
:
AuthPermissionApi
,
override
val
authResourceApi
:
AuthResourceApi
,
override
val
qualityAuthServiceCode
:
QualityAuthServiceCode
)
:
AbsQualityPermissionServiceImpl
(
authPermissionApi
,
authResourceApi
,
qualityAuthServiceCode
)
{
override
fun
validateGroupPermission
(
userId
:
String
,
projectId
:
String
,
groupId
:
Long
,
authPermission
:
AuthPermission
,
message
:
String
)
{
super
.
validateGroupPermission
(
userId
,
projectId
,
groupId
,
authPermission
,
message
)
}
override
fun
createGroupResource
(
userId
:
String
,
projectId
:
String
,
groupId
:
Long
,
groupName
:
String
)
{
super
.
createGroupResource
(
userId
,
projectId
,
groupId
,
groupName
)
}
override
fun
modifyGroupResource
(
projectId
:
String
,
groupId
:
Long
,
groupName
:
String
)
{
super
.
modifyGroupResource
(
projectId
,
groupId
,
groupName
)
}
override
fun
deleteGroupResource
(
projectId
:
String
,
groupId
:
Long
)
{
super
.
deleteGroupResource
(
projectId
,
groupId
)
}
override
fun
filterGroup
(
user
:
String
,
projectId
:
String
,
authPermissions
:
Set
<
AuthPermission
>):
Map
<
AuthPermission
,
List
<
Long
>>
{
return
super
.
filterGroup
(
user
,
projectId
,
authPermissions
)
}
override
fun
validateRulePermission
(
userId
:
String
,
projectId
:
String
,
authPermission
:
AuthPermission
):
Boolean
{
return
super
.
validateRulePermission
(
userId
,
projectId
,
authPermission
)
}
override
fun
validateRulePermission
(
userId
:
String
,
projectId
:
String
,
authPermission
:
AuthPermission
,
message
:
String
)
{
super
.
validateRulePermission
(
userId
,
projectId
,
authPermission
,
message
)
}
override
fun
validateRulePermission
(
userId
:
String
,
projectId
:
String
,
ruleId
:
Long
,
authPermission
:
AuthPermission
,
message
:
String
)
{
super
.
validateRulePermission
(
userId
,
projectId
,
ruleId
,
authPermission
,
message
)
}
override
fun
createRuleResource
(
userId
:
String
,
projectId
:
String
,
ruleId
:
Long
,
ruleName
:
String
)
{
super
.
createRuleResource
(
userId
,
projectId
,
ruleId
,
ruleName
)
}
override
fun
modifyRuleResource
(
projectId
:
String
,
ruleId
:
Long
,
ruleName
:
String
)
{
super
.
modifyRuleResource
(
projectId
,
ruleId
,
ruleName
)
}
override
fun
deleteRuleResource
(
projectId
:
String
,
ruleId
:
Long
)
{
super
.
deleteRuleResource
(
projectId
,
ruleId
)
}
override
fun
filterRules
(
userId
:
String
,
projectId
:
String
,
bkAuthPermissionSet
:
Set
<
AuthPermission
>
):
Map
<
AuthPermission
,
List
<
Long
>>
{
return
super
.
filterRules
(
userId
,
projectId
,
bkAuthPermissionSet
)
}
override
fun
supplierForPermissionGroup
(
projectId
:
String
):
()
->
MutableList
<
String
>
{
return
{
mutableListOf
()
}
}
override
fun
supplierForPermissionRule
(
projectId
:
String
):
()
->
MutableList
<
String
>
{
return
{
mutableListOf
()
}
}
}
This diff is collapsed.
Click to expand it.
src/backend/ci/core/ticket/biz-ticket-sample/src/main/kotlin/com/tencent/devops/ticket/service/V3CertPermissionService.kt
+
8
-
19
View file @
3fc266e6
...
...
@@ -57,18 +57,7 @@ class V3CertPermissionService @Autowired constructor(
)
{
override
fun
supplierForPermission
(
projectId
:
String
):
()
->
MutableList
<
String
>
{
return
{
val
fakeList
=
mutableListOf
<
String
>()
certDao
.
listIdByProject
(
dslContext
=
dslContext
,
projectId
=
projectId
,
offset
=
0
,
limit
=
500
).
forEach
{
fakeList
.
add
(
it
)
}
fakeList
}
return
{
mutableListOf
()
}
}
override
fun
validatePermission
(
...
...
@@ -101,13 +90,13 @@ class V3CertPermissionService @Autowired constructor(
return
true
}
return
authPermissionApi
.
validateUserResourcePermission
(
user
=
userId
,
serviceCode
=
ticketAuthServiceCode
,
resourceType
=
AuthResourceType
.
TICKET_CERT
,
projectCode
=
projectId
,
resourceCode
=
projectId
,
permission
=
AuthPermission
.
CREATE
,
relationResourceType
=
AuthResourceType
.
PROJECT
user
=
userId
,
serviceCode
=
ticketAuthServiceCode
,
resourceType
=
AuthResourceType
.
TICKET_CERT
,
projectCode
=
projectId
,
resourceCode
=
projectId
,
permission
=
AuthPermission
.
CREATE
,
relationResourceType
=
AuthResourceType
.
PROJECT
)
}
...
...
This diff is collapsed.
Click to expand it.
src/backend/ci/core/ticket/biz-ticket-sample/src/main/kotlin/com/tencent/devops/ticket/service/V3CredentialPermissionService.kt
+
1
-
12
View file @
3fc266e6
...
...
@@ -58,18 +58,7 @@ class V3CredentialPermissionService @Autowired constructor(
)
{
override
fun
supplierForFakePermission
(
projectId
:
String
):
()
->
MutableList
<
String
>
{
return
{
val
fakeList
=
mutableListOf
<
String
>()
credentialDao
.
listByProject
(
dslContext
=
dslContext
,
projectId
=
projectId
,
offset
=
0
,
limit
=
500
// 一个项目不会有太多凭证
).
forEach
{
fakeList
.
add
(
it
.
credentialId
)
}
fakeList
}
return
{
mutableListOf
()
}
}
override
fun
validatePermission
(
...
...
This diff is collapsed.
Click to expand it.
Write
Preview
Supports
Markdown
0%
Try again
or
attach a new file
.
Attach a file
Cancel
You are about to add
0
people
to the discussion. Proceed with caution.
Finish editing this message first!
Cancel
Please
register
or
sign in
to comment
Menu
Projects
Groups
Snippets
Help