mirror of
https://github.com/tencentmusic/supersonic.git
synced 2025-12-11 12:07:42 +00:00
(improvement)(headless) Add integrate test for domain, model, view auth checking (#720)
Co-authored-by: jolunoluo
This commit is contained in:
LXW
@@ -18,4 +18,8 @@ public interface ViewService {
|
||||
List<ViewResp> getViewList(MetaFilter metaFilter);
|
||||
|
||||
void delete(Long id, User user);
|
||||
|
||||
List<ViewResp> getViews(User user);
|
||||
|
||||
List<ViewResp> getViewsInheritAuth(User user, Long domainId);
|
||||
}
|
||||
|
||||
@@ -10,10 +10,12 @@ import com.tencent.supersonic.headless.api.pojo.request.DomainReq;
|
||||
import com.tencent.supersonic.headless.api.pojo.request.DomainUpdateReq;
|
||||
import com.tencent.supersonic.headless.api.pojo.response.DomainResp;
|
||||
import com.tencent.supersonic.headless.api.pojo.response.ModelResp;
|
||||
import com.tencent.supersonic.headless.api.pojo.response.ViewResp;
|
||||
import com.tencent.supersonic.headless.server.persistence.dataobject.DomainDO;
|
||||
import com.tencent.supersonic.headless.server.persistence.repository.DomainRepository;
|
||||
import com.tencent.supersonic.headless.server.service.DomainService;
|
||||
import com.tencent.supersonic.headless.server.service.ModelService;
|
||||
import com.tencent.supersonic.headless.server.service.ViewService;
|
||||
import com.tencent.supersonic.headless.server.utils.DomainConvert;
|
||||
import lombok.extern.slf4j.Slf4j;
|
||||
import org.assertj.core.util.Sets;
|
||||
@@ -41,14 +43,17 @@ public class DomainServiceImpl implements DomainService {
|
||||
private final DomainRepository domainRepository;
|
||||
private final ModelService modelService;
|
||||
private final UserService userService;
|
||||
private final ViewService viewService;
|
||||
|
||||
|
||||
public DomainServiceImpl(DomainRepository domainRepository,
|
||||
@Lazy ModelService modelService,
|
||||
UserService userService) {
|
||||
UserService userService,
|
||||
@Lazy ViewService viewService) {
|
||||
this.domainRepository = domainRepository;
|
||||
this.modelService = modelService;
|
||||
this.userService = userService;
|
||||
this.viewService = viewService;
|
||||
}
|
||||
|
||||
@Override
|
||||
@@ -99,6 +104,11 @@ public class DomainServiceImpl implements DomainService {
|
||||
List<Long> domainIds = modelResps.stream().map(ModelResp::getDomainId).collect(Collectors.toList());
|
||||
domainWithAuthAll.addAll(getParentDomain(domainIds));
|
||||
}
|
||||
List<ViewResp> viewResps = viewService.getViews(user);
|
||||
if (!CollectionUtils.isEmpty(viewResps)) {
|
||||
List<Long> domainIds = viewResps.stream().map(ViewResp::getDomainId).collect(Collectors.toList());
|
||||
domainWithAuthAll.addAll(getParentDomain(domainIds));
|
||||
}
|
||||
return new ArrayList<>(domainWithAuthAll).stream()
|
||||
.sorted(Comparator.comparingLong(DomainResp::getId)).collect(Collectors.toList());
|
||||
}
|
||||
|
||||
@@ -53,7 +53,6 @@ import java.util.Collection;
|
||||
import java.util.HashMap;
|
||||
import java.util.List;
|
||||
import java.util.Map;
|
||||
import java.util.concurrent.ExecutionException;
|
||||
import java.util.concurrent.TimeUnit;
|
||||
import java.util.stream.Collectors;
|
||||
|
||||
@@ -336,7 +335,7 @@ public class SchemaServiceImpl implements SchemaService {
|
||||
.collect(Collectors.toList());
|
||||
}
|
||||
|
||||
private void fillStaticInfo(List<ViewSchemaResp> viewSchemaResps) throws ExecutionException {
|
||||
private void fillStaticInfo(List<ViewSchemaResp> viewSchemaResps) {
|
||||
List<Long> viewIds = viewSchemaResps.stream()
|
||||
.map(ViewSchemaResp::getId).collect(Collectors.toList());
|
||||
ItemUseReq itemUseReq = new ItemUseReq();
|
||||
|
||||
@@ -5,12 +5,14 @@ import com.baomidou.mybatisplus.core.conditions.query.QueryWrapper;
|
||||
import com.baomidou.mybatisplus.extension.service.impl.ServiceImpl;
|
||||
import com.google.common.collect.Lists;
|
||||
import com.tencent.supersonic.auth.api.authentication.pojo.User;
|
||||
import com.tencent.supersonic.common.pojo.enums.AuthType;
|
||||
import com.tencent.supersonic.common.pojo.enums.StatusEnum;
|
||||
import com.tencent.supersonic.common.pojo.enums.TypeEnums;
|
||||
import com.tencent.supersonic.common.util.BeanMapper;
|
||||
import com.tencent.supersonic.headless.api.pojo.QueryConfig;
|
||||
import com.tencent.supersonic.headless.api.pojo.ViewDetail;
|
||||
import com.tencent.supersonic.headless.api.pojo.request.ViewReq;
|
||||
import com.tencent.supersonic.headless.api.pojo.response.DomainResp;
|
||||
import com.tencent.supersonic.headless.api.pojo.response.ViewResp;
|
||||
import com.tencent.supersonic.headless.server.persistence.dataobject.ViewDO;
|
||||
import com.tencent.supersonic.headless.server.persistence.mapper.ViewDOMapper;
|
||||
@@ -23,8 +25,11 @@ import org.springframework.stereotype.Service;
|
||||
import org.springframework.util.CollectionUtils;
|
||||
|
||||
import java.util.Arrays;
|
||||
import java.util.Comparator;
|
||||
import java.util.Date;
|
||||
import java.util.HashSet;
|
||||
import java.util.List;
|
||||
import java.util.Set;
|
||||
import java.util.stream.Collectors;
|
||||
|
||||
@Service
|
||||
@@ -79,6 +84,43 @@ public class ViewServiceImpl
|
||||
updateById(viewDO);
|
||||
}
|
||||
|
||||
@Override
|
||||
public List<ViewResp> getViews(User user) {
|
||||
List<ViewResp> viewResps = getViewList(new MetaFilter());
|
||||
return getViewFilterByAuth(viewResps, user);
|
||||
}
|
||||
|
||||
@Override
|
||||
public List<ViewResp> getViewsInheritAuth(User user, Long domainId) {
|
||||
List<ViewResp> viewResps = getViewList(new MetaFilter());
|
||||
List<ViewResp> inheritAuthFormDomain = getViewFilterByDomainAuth(viewResps, user);
|
||||
Set<ViewResp> viewRespSet = new HashSet<>(inheritAuthFormDomain);
|
||||
List<ViewResp> viewFilterByAuth = getViewFilterByAuth(viewResps, user);
|
||||
viewRespSet.addAll(viewFilterByAuth);
|
||||
if (domainId != null && domainId > 0) {
|
||||
viewRespSet = viewRespSet.stream().filter(modelResp ->
|
||||
modelResp.getDomainId().equals(domainId)).collect(Collectors.toSet());
|
||||
}
|
||||
return viewRespSet.stream().sorted(Comparator.comparingLong(ViewResp::getId))
|
||||
.collect(Collectors.toList());
|
||||
}
|
||||
|
||||
private List<ViewResp> getViewFilterByAuth(List<ViewResp> viewResps, User user) {
|
||||
return viewResps.stream()
|
||||
.filter(viewResp -> checkAdminPermission(user, viewResp))
|
||||
.collect(Collectors.toList());
|
||||
}
|
||||
|
||||
private List<ViewResp> getViewFilterByDomainAuth(List<ViewResp> viewResps, User user) {
|
||||
Set<DomainResp> domainResps = domainService.getDomainAuthSet(user, AuthType.ADMIN);
|
||||
if (CollectionUtils.isEmpty(domainResps)) {
|
||||
return Lists.newArrayList();
|
||||
}
|
||||
Set<Long> domainIds = domainResps.stream().map(DomainResp::getId).collect(Collectors.toSet());
|
||||
return viewResps.stream().filter(viewResp ->
|
||||
domainIds.contains(viewResp.getDomainId())).collect(Collectors.toList());
|
||||
}
|
||||
|
||||
private ViewResp convert(ViewDO viewDO) {
|
||||
ViewResp viewResp = new ViewResp();
|
||||
BeanMapper.mapper(viewDO, viewResp);
|
||||
@@ -102,4 +144,13 @@ public class ViewServiceImpl
|
||||
return viewDO;
|
||||
}
|
||||
|
||||
public static boolean checkAdminPermission(User user, ViewResp viewResp) {
|
||||
List<String> admins = viewResp.getAdmins();
|
||||
if (user.isSuperAdmin()) {
|
||||
return true;
|
||||
}
|
||||
String userName = user.getName();
|
||||
return admins.contains(userName) || viewResp.getCreatedBy().equals(userName);
|
||||
}
|
||||
|
||||
}
|
||||
|
||||
Reference in New Issue
Block a user