mirror of
https://github.com/tencentmusic/supersonic.git
synced 2025-12-12 12:37:55 +00:00
(improvement)(headless) Add integrate test for domain, model, view auth checking (#720)
Co-authored-by: jolunoluo
This commit is contained in:
LXW
@@ -24,6 +24,10 @@ public class User {
|
|||||||
return new User(id, name, displayName, email, isAdmin);
|
return new User(id, name, displayName, email, isAdmin);
|
||||||
}
|
}
|
||||||
|
|
||||||
|
public static User get(Long id, String name) {
|
||||||
|
return new User(id, name, name, name, 0);
|
||||||
|
}
|
||||||
|
|
||||||
public static User getFakeUser() {
|
public static User getFakeUser() {
|
||||||
return new User(1L, "admin", "admin", "admin@email", 1);
|
return new User(1L, "admin", "admin", "admin@email", 1);
|
||||||
}
|
}
|
||||||
|
|||||||
@@ -18,4 +18,8 @@ public interface ViewService {
|
|||||||
List<ViewResp> getViewList(MetaFilter metaFilter);
|
List<ViewResp> getViewList(MetaFilter metaFilter);
|
||||||
|
|
||||||
void delete(Long id, User user);
|
void delete(Long id, User user);
|
||||||
|
|
||||||
|
List<ViewResp> getViews(User user);
|
||||||
|
|
||||||
|
List<ViewResp> getViewsInheritAuth(User user, Long domainId);
|
||||||
}
|
}
|
||||||
|
|||||||
@@ -10,10 +10,12 @@ import com.tencent.supersonic.headless.api.pojo.request.DomainReq;
|
|||||||
import com.tencent.supersonic.headless.api.pojo.request.DomainUpdateReq;
|
import com.tencent.supersonic.headless.api.pojo.request.DomainUpdateReq;
|
||||||
import com.tencent.supersonic.headless.api.pojo.response.DomainResp;
|
import com.tencent.supersonic.headless.api.pojo.response.DomainResp;
|
||||||
import com.tencent.supersonic.headless.api.pojo.response.ModelResp;
|
import com.tencent.supersonic.headless.api.pojo.response.ModelResp;
|
||||||
|
import com.tencent.supersonic.headless.api.pojo.response.ViewResp;
|
||||||
import com.tencent.supersonic.headless.server.persistence.dataobject.DomainDO;
|
import com.tencent.supersonic.headless.server.persistence.dataobject.DomainDO;
|
||||||
import com.tencent.supersonic.headless.server.persistence.repository.DomainRepository;
|
import com.tencent.supersonic.headless.server.persistence.repository.DomainRepository;
|
||||||
import com.tencent.supersonic.headless.server.service.DomainService;
|
import com.tencent.supersonic.headless.server.service.DomainService;
|
||||||
import com.tencent.supersonic.headless.server.service.ModelService;
|
import com.tencent.supersonic.headless.server.service.ModelService;
|
||||||
|
import com.tencent.supersonic.headless.server.service.ViewService;
|
||||||
import com.tencent.supersonic.headless.server.utils.DomainConvert;
|
import com.tencent.supersonic.headless.server.utils.DomainConvert;
|
||||||
import lombok.extern.slf4j.Slf4j;
|
import lombok.extern.slf4j.Slf4j;
|
||||||
import org.assertj.core.util.Sets;
|
import org.assertj.core.util.Sets;
|
||||||
@@ -41,14 +43,17 @@ public class DomainServiceImpl implements DomainService {
|
|||||||
private final DomainRepository domainRepository;
|
private final DomainRepository domainRepository;
|
||||||
private final ModelService modelService;
|
private final ModelService modelService;
|
||||||
private final UserService userService;
|
private final UserService userService;
|
||||||
|
private final ViewService viewService;
|
||||||
|
|
||||||
|
|
||||||
public DomainServiceImpl(DomainRepository domainRepository,
|
public DomainServiceImpl(DomainRepository domainRepository,
|
||||||
@Lazy ModelService modelService,
|
@Lazy ModelService modelService,
|
||||||
UserService userService) {
|
UserService userService,
|
||||||
|
@Lazy ViewService viewService) {
|
||||||
this.domainRepository = domainRepository;
|
this.domainRepository = domainRepository;
|
||||||
this.modelService = modelService;
|
this.modelService = modelService;
|
||||||
this.userService = userService;
|
this.userService = userService;
|
||||||
|
this.viewService = viewService;
|
||||||
}
|
}
|
||||||
|
|
||||||
@Override
|
@Override
|
||||||
@@ -99,6 +104,11 @@ public class DomainServiceImpl implements DomainService {
|
|||||||
List<Long> domainIds = modelResps.stream().map(ModelResp::getDomainId).collect(Collectors.toList());
|
List<Long> domainIds = modelResps.stream().map(ModelResp::getDomainId).collect(Collectors.toList());
|
||||||
domainWithAuthAll.addAll(getParentDomain(domainIds));
|
domainWithAuthAll.addAll(getParentDomain(domainIds));
|
||||||
}
|
}
|
||||||
|
List<ViewResp> viewResps = viewService.getViews(user);
|
||||||
|
if (!CollectionUtils.isEmpty(viewResps)) {
|
||||||
|
List<Long> domainIds = viewResps.stream().map(ViewResp::getDomainId).collect(Collectors.toList());
|
||||||
|
domainWithAuthAll.addAll(getParentDomain(domainIds));
|
||||||
|
}
|
||||||
return new ArrayList<>(domainWithAuthAll).stream()
|
return new ArrayList<>(domainWithAuthAll).stream()
|
||||||
.sorted(Comparator.comparingLong(DomainResp::getId)).collect(Collectors.toList());
|
.sorted(Comparator.comparingLong(DomainResp::getId)).collect(Collectors.toList());
|
||||||
}
|
}
|
||||||
|
|||||||
@@ -53,7 +53,6 @@ import java.util.Collection;
|
|||||||
import java.util.HashMap;
|
import java.util.HashMap;
|
||||||
import java.util.List;
|
import java.util.List;
|
||||||
import java.util.Map;
|
import java.util.Map;
|
||||||
import java.util.concurrent.ExecutionException;
|
|
||||||
import java.util.concurrent.TimeUnit;
|
import java.util.concurrent.TimeUnit;
|
||||||
import java.util.stream.Collectors;
|
import java.util.stream.Collectors;
|
||||||
|
|
||||||
@@ -336,7 +335,7 @@ public class SchemaServiceImpl implements SchemaService {
|
|||||||
.collect(Collectors.toList());
|
.collect(Collectors.toList());
|
||||||
}
|
}
|
||||||
|
|
||||||
private void fillStaticInfo(List<ViewSchemaResp> viewSchemaResps) throws ExecutionException {
|
private void fillStaticInfo(List<ViewSchemaResp> viewSchemaResps) {
|
||||||
List<Long> viewIds = viewSchemaResps.stream()
|
List<Long> viewIds = viewSchemaResps.stream()
|
||||||
.map(ViewSchemaResp::getId).collect(Collectors.toList());
|
.map(ViewSchemaResp::getId).collect(Collectors.toList());
|
||||||
ItemUseReq itemUseReq = new ItemUseReq();
|
ItemUseReq itemUseReq = new ItemUseReq();
|
||||||
|
|||||||
@@ -5,12 +5,14 @@ import com.baomidou.mybatisplus.core.conditions.query.QueryWrapper;
|
|||||||
import com.baomidou.mybatisplus.extension.service.impl.ServiceImpl;
|
import com.baomidou.mybatisplus.extension.service.impl.ServiceImpl;
|
||||||
import com.google.common.collect.Lists;
|
import com.google.common.collect.Lists;
|
||||||
import com.tencent.supersonic.auth.api.authentication.pojo.User;
|
import com.tencent.supersonic.auth.api.authentication.pojo.User;
|
||||||
|
import com.tencent.supersonic.common.pojo.enums.AuthType;
|
||||||
import com.tencent.supersonic.common.pojo.enums.StatusEnum;
|
import com.tencent.supersonic.common.pojo.enums.StatusEnum;
|
||||||
import com.tencent.supersonic.common.pojo.enums.TypeEnums;
|
import com.tencent.supersonic.common.pojo.enums.TypeEnums;
|
||||||
import com.tencent.supersonic.common.util.BeanMapper;
|
import com.tencent.supersonic.common.util.BeanMapper;
|
||||||
import com.tencent.supersonic.headless.api.pojo.QueryConfig;
|
import com.tencent.supersonic.headless.api.pojo.QueryConfig;
|
||||||
import com.tencent.supersonic.headless.api.pojo.ViewDetail;
|
import com.tencent.supersonic.headless.api.pojo.ViewDetail;
|
||||||
import com.tencent.supersonic.headless.api.pojo.request.ViewReq;
|
import com.tencent.supersonic.headless.api.pojo.request.ViewReq;
|
||||||
|
import com.tencent.supersonic.headless.api.pojo.response.DomainResp;
|
||||||
import com.tencent.supersonic.headless.api.pojo.response.ViewResp;
|
import com.tencent.supersonic.headless.api.pojo.response.ViewResp;
|
||||||
import com.tencent.supersonic.headless.server.persistence.dataobject.ViewDO;
|
import com.tencent.supersonic.headless.server.persistence.dataobject.ViewDO;
|
||||||
import com.tencent.supersonic.headless.server.persistence.mapper.ViewDOMapper;
|
import com.tencent.supersonic.headless.server.persistence.mapper.ViewDOMapper;
|
||||||
@@ -23,8 +25,11 @@ import org.springframework.stereotype.Service;
|
|||||||
import org.springframework.util.CollectionUtils;
|
import org.springframework.util.CollectionUtils;
|
||||||
|
|
||||||
import java.util.Arrays;
|
import java.util.Arrays;
|
||||||
|
import java.util.Comparator;
|
||||||
import java.util.Date;
|
import java.util.Date;
|
||||||
|
import java.util.HashSet;
|
||||||
import java.util.List;
|
import java.util.List;
|
||||||
|
import java.util.Set;
|
||||||
import java.util.stream.Collectors;
|
import java.util.stream.Collectors;
|
||||||
|
|
||||||
@Service
|
@Service
|
||||||
@@ -79,6 +84,43 @@ public class ViewServiceImpl
|
|||||||
updateById(viewDO);
|
updateById(viewDO);
|
||||||
}
|
}
|
||||||
|
|
||||||
|
@Override
|
||||||
|
public List<ViewResp> getViews(User user) {
|
||||||
|
List<ViewResp> viewResps = getViewList(new MetaFilter());
|
||||||
|
return getViewFilterByAuth(viewResps, user);
|
||||||
|
}
|
||||||
|
|
||||||
|
@Override
|
||||||
|
public List<ViewResp> getViewsInheritAuth(User user, Long domainId) {
|
||||||
|
List<ViewResp> viewResps = getViewList(new MetaFilter());
|
||||||
|
List<ViewResp> inheritAuthFormDomain = getViewFilterByDomainAuth(viewResps, user);
|
||||||
|
Set<ViewResp> viewRespSet = new HashSet<>(inheritAuthFormDomain);
|
||||||
|
List<ViewResp> viewFilterByAuth = getViewFilterByAuth(viewResps, user);
|
||||||
|
viewRespSet.addAll(viewFilterByAuth);
|
||||||
|
if (domainId != null && domainId > 0) {
|
||||||
|
viewRespSet = viewRespSet.stream().filter(modelResp ->
|
||||||
|
modelResp.getDomainId().equals(domainId)).collect(Collectors.toSet());
|
||||||
|
}
|
||||||
|
return viewRespSet.stream().sorted(Comparator.comparingLong(ViewResp::getId))
|
||||||
|
.collect(Collectors.toList());
|
||||||
|
}
|
||||||
|
|
||||||
|
private List<ViewResp> getViewFilterByAuth(List<ViewResp> viewResps, User user) {
|
||||||
|
return viewResps.stream()
|
||||||
|
.filter(viewResp -> checkAdminPermission(user, viewResp))
|
||||||
|
.collect(Collectors.toList());
|
||||||
|
}
|
||||||
|
|
||||||
|
private List<ViewResp> getViewFilterByDomainAuth(List<ViewResp> viewResps, User user) {
|
||||||
|
Set<DomainResp> domainResps = domainService.getDomainAuthSet(user, AuthType.ADMIN);
|
||||||
|
if (CollectionUtils.isEmpty(domainResps)) {
|
||||||
|
return Lists.newArrayList();
|
||||||
|
}
|
||||||
|
Set<Long> domainIds = domainResps.stream().map(DomainResp::getId).collect(Collectors.toSet());
|
||||||
|
return viewResps.stream().filter(viewResp ->
|
||||||
|
domainIds.contains(viewResp.getDomainId())).collect(Collectors.toList());
|
||||||
|
}
|
||||||
|
|
||||||
private ViewResp convert(ViewDO viewDO) {
|
private ViewResp convert(ViewDO viewDO) {
|
||||||
ViewResp viewResp = new ViewResp();
|
ViewResp viewResp = new ViewResp();
|
||||||
BeanMapper.mapper(viewDO, viewResp);
|
BeanMapper.mapper(viewDO, viewResp);
|
||||||
@@ -102,4 +144,13 @@ public class ViewServiceImpl
|
|||||||
return viewDO;
|
return viewDO;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
public static boolean checkAdminPermission(User user, ViewResp viewResp) {
|
||||||
|
List<String> admins = viewResp.getAdmins();
|
||||||
|
if (user.isSuperAdmin()) {
|
||||||
|
return true;
|
||||||
|
}
|
||||||
|
String userName = user.getName();
|
||||||
|
return admins.contains(userName) || viewResp.getCreatedBy().equals(userName);
|
||||||
|
}
|
||||||
|
|
||||||
}
|
}
|
||||||
|
|||||||
@@ -138,9 +138,9 @@ public class ModelDemoDataLoader {
|
|||||||
domainReq.setBizName("supersonic");
|
domainReq.setBizName("supersonic");
|
||||||
domainReq.setParentId(0L);
|
domainReq.setParentId(0L);
|
||||||
domainReq.setStatus(StatusEnum.ONLINE.getCode());
|
domainReq.setStatus(StatusEnum.ONLINE.getCode());
|
||||||
domainReq.setViewers(Arrays.asList("admin", "tom", "jack"));
|
domainReq.setViewers(Arrays.asList("admin", "tom"));
|
||||||
domainReq.setViewOrgs(Collections.singletonList("1"));
|
domainReq.setViewOrgs(Collections.singletonList("1"));
|
||||||
domainReq.setAdmins(Collections.singletonList("admin"));
|
domainReq.setAdmins(Arrays.asList("admin", "jack"));
|
||||||
domainReq.setAdminOrgs(Collections.emptyList());
|
domainReq.setAdminOrgs(Collections.emptyList());
|
||||||
domainService.createDomain(domainReq, user);
|
domainService.createDomain(domainReq, user);
|
||||||
}
|
}
|
||||||
@@ -154,7 +154,7 @@ public class ModelDemoDataLoader {
|
|||||||
modelReq.setDomainId(1L);
|
modelReq.setDomainId(1L);
|
||||||
modelReq.setViewers(Arrays.asList("admin", "tom", "jack"));
|
modelReq.setViewers(Arrays.asList("admin", "tom", "jack"));
|
||||||
modelReq.setViewOrgs(Collections.singletonList("1"));
|
modelReq.setViewOrgs(Collections.singletonList("1"));
|
||||||
modelReq.setAdmins(Collections.singletonList("admin"));
|
modelReq.setAdmins(Arrays.asList("admin", "alice"));
|
||||||
modelReq.setAdminOrgs(Collections.emptyList());
|
modelReq.setAdminOrgs(Collections.emptyList());
|
||||||
ModelDetail modelDetail = new ModelDetail();
|
ModelDetail modelDetail = new ModelDetail();
|
||||||
List<Identify> identifiers = new ArrayList<>();
|
List<Identify> identifiers = new ArrayList<>();
|
||||||
@@ -294,7 +294,7 @@ public class ModelDemoDataLoader {
|
|||||||
domainReq.setStatus(StatusEnum.ONLINE.getCode());
|
domainReq.setStatus(StatusEnum.ONLINE.getCode());
|
||||||
domainReq.setViewers(Arrays.asList("admin", "tom", "jack"));
|
domainReq.setViewers(Arrays.asList("admin", "tom", "jack"));
|
||||||
domainReq.setViewOrgs(Collections.singletonList("1"));
|
domainReq.setViewOrgs(Collections.singletonList("1"));
|
||||||
domainReq.setAdmins(Collections.singletonList("admin"));
|
domainReq.setAdmins(Arrays.asList("admin", "alice"));
|
||||||
domainReq.setAdminOrgs(Collections.emptyList());
|
domainReq.setAdminOrgs(Collections.emptyList());
|
||||||
domainService.createDomain(domainReq, user);
|
domainService.createDomain(domainReq, user);
|
||||||
}
|
}
|
||||||
@@ -478,7 +478,7 @@ public class ModelDemoDataLoader {
|
|||||||
viewReq.setBizName("singer");
|
viewReq.setBizName("singer");
|
||||||
viewReq.setDomainId(2L);
|
viewReq.setDomainId(2L);
|
||||||
viewReq.setDescription("包含艺人相关标签和指标信息");
|
viewReq.setDescription("包含艺人相关标签和指标信息");
|
||||||
viewReq.setAdmins(Lists.newArrayList("admin"));
|
viewReq.setAdmins(Lists.newArrayList("admin", "jack"));
|
||||||
List<ViewModelConfig> viewModelConfigs = Lists.newArrayList(
|
List<ViewModelConfig> viewModelConfigs = Lists.newArrayList(
|
||||||
new ViewModelConfig(4L, Lists.newArrayList(4L, 5L, 6L, 7L),
|
new ViewModelConfig(4L, Lists.newArrayList(4L, 5L, 6L, 7L),
|
||||||
Lists.newArrayList(5L, 6L, 7L))
|
Lists.newArrayList(5L, 6L, 7L))
|
||||||
|
|||||||
@@ -0,0 +1,84 @@
|
|||||||
|
package com.tencent.supersonic.headless;
|
||||||
|
|
||||||
|
import com.google.common.collect.Lists;
|
||||||
|
import com.tencent.supersonic.auth.api.authentication.pojo.User;
|
||||||
|
import com.tencent.supersonic.common.pojo.enums.AuthType;
|
||||||
|
import com.tencent.supersonic.headless.api.pojo.response.DomainResp;
|
||||||
|
import com.tencent.supersonic.headless.api.pojo.response.ModelResp;
|
||||||
|
import com.tencent.supersonic.headless.api.pojo.response.ViewResp;
|
||||||
|
import com.tencent.supersonic.headless.server.service.DomainService;
|
||||||
|
import com.tencent.supersonic.headless.server.service.ModelService;
|
||||||
|
import com.tencent.supersonic.headless.server.service.ViewService;
|
||||||
|
import com.tencent.supersonic.util.DataUtils;
|
||||||
|
import org.junit.jupiter.api.Assertions;
|
||||||
|
import org.junit.jupiter.api.Test;
|
||||||
|
import org.springframework.beans.factory.annotation.Autowired;
|
||||||
|
import java.util.List;
|
||||||
|
import java.util.stream.Collectors;
|
||||||
|
|
||||||
|
public class SchemaAuthTest extends BaseTest {
|
||||||
|
|
||||||
|
@Autowired
|
||||||
|
private DomainService domainService;
|
||||||
|
|
||||||
|
@Autowired
|
||||||
|
private ViewService viewService;
|
||||||
|
|
||||||
|
@Autowired
|
||||||
|
private ModelService modelService;
|
||||||
|
|
||||||
|
@Test
|
||||||
|
public void test_getDomainList_alice() {
|
||||||
|
User user = DataUtils.getUserAlice();
|
||||||
|
List<DomainResp> domainResps = domainService.getDomainListWithAdminAuth(user);
|
||||||
|
List<Long> expectedDomainIds = Lists.newArrayList(1L, 2L);
|
||||||
|
Assertions.assertEquals(expectedDomainIds,
|
||||||
|
domainResps.stream().map(DomainResp::getId).collect(Collectors.toList()));
|
||||||
|
}
|
||||||
|
|
||||||
|
@Test
|
||||||
|
public void test_getModelList_alice() {
|
||||||
|
User user = DataUtils.getUserAlice();
|
||||||
|
List<ModelResp> modelResps = modelService.getModelListWithAuth(user, 0L, AuthType.ADMIN);
|
||||||
|
List<Long> expectedModelIds = Lists.newArrayList(1L, 4L);
|
||||||
|
Assertions.assertEquals(expectedModelIds,
|
||||||
|
modelResps.stream().map(ModelResp::getId).collect(Collectors.toList()));
|
||||||
|
}
|
||||||
|
|
||||||
|
@Test
|
||||||
|
public void test_getViewList_alice() {
|
||||||
|
User user = DataUtils.getUserAlice();
|
||||||
|
List<ViewResp> modelResps = viewService.getViewsInheritAuth(user, 0L);
|
||||||
|
List<Long> expectedViewIds = Lists.newArrayList(2L);
|
||||||
|
Assertions.assertEquals(expectedViewIds,
|
||||||
|
modelResps.stream().map(ViewResp::getId).collect(Collectors.toList()));
|
||||||
|
}
|
||||||
|
|
||||||
|
@Test
|
||||||
|
public void test_getDomainList_jack() {
|
||||||
|
User user = DataUtils.getUserJack();
|
||||||
|
List<DomainResp> domainResps = domainService.getDomainListWithAdminAuth(user);
|
||||||
|
List<Long> expectedDomainIds = Lists.newArrayList(1L, 2L);
|
||||||
|
Assertions.assertEquals(expectedDomainIds,
|
||||||
|
domainResps.stream().map(DomainResp::getId).collect(Collectors.toList()));
|
||||||
|
}
|
||||||
|
|
||||||
|
@Test
|
||||||
|
public void test_getModelList_jack() {
|
||||||
|
User user = DataUtils.getUserJack();
|
||||||
|
List<ModelResp> modelResps = modelService.getModelListWithAuth(user, 0L, AuthType.ADMIN);
|
||||||
|
List<Long> expectedModelIds = Lists.newArrayList(1L, 2L, 3L);
|
||||||
|
Assertions.assertEquals(expectedModelIds,
|
||||||
|
modelResps.stream().map(ModelResp::getId).collect(Collectors.toList()));
|
||||||
|
}
|
||||||
|
|
||||||
|
@Test
|
||||||
|
public void test_getViewList_jack() {
|
||||||
|
User user = DataUtils.getUserJack();
|
||||||
|
List<ViewResp> modelResps = viewService.getViewsInheritAuth(user, 0L);
|
||||||
|
List<Long> expectedViewIds = Lists.newArrayList(1L, 2L);
|
||||||
|
Assertions.assertEquals(expectedViewIds,
|
||||||
|
modelResps.stream().map(ViewResp::getId).collect(Collectors.toList()));
|
||||||
|
}
|
||||||
|
|
||||||
|
}
|
||||||
@@ -29,6 +29,14 @@ public class DataUtils {
|
|||||||
return user_test;
|
return user_test;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
public static User getUserAlice() {
|
||||||
|
return User.get(5L, "alice");
|
||||||
|
}
|
||||||
|
|
||||||
|
public static User getUserJack() {
|
||||||
|
return User.get(2L, "jack");
|
||||||
|
}
|
||||||
|
|
||||||
public static QueryReq getQueryContextReq(Integer id, String query) {
|
public static QueryReq getQueryContextReq(Integer id, String query) {
|
||||||
QueryReq queryContextReq = new QueryReq();
|
QueryReq queryContextReq = new QueryReq();
|
||||||
queryContextReq.setQueryText(query);
|
queryContextReq.setQueryText(query);
|
||||||
|
|||||||
Reference in New Issue
Block a user