diff --git a/src/backend/ci/core/process/biz-process-sample/src/main/kotlin/com/tencent/devops/process/permission/service/impl/V3PipelinePermissionService.kt b/src/backend/ci/core/process/biz-process-sample/src/main/kotlin/com/tencent/devops/process/permission/service/impl/V3PipelinePermissionService.kt index 527ebb01f99..88ea911b8b8 100644 --- a/src/backend/ci/core/process/biz-process-sample/src/main/kotlin/com/tencent/devops/process/permission/service/impl/V3PipelinePermissionService.kt +++ b/src/backend/ci/core/process/biz-process-sample/src/main/kotlin/com/tencent/devops/process/permission/service/impl/V3PipelinePermissionService.kt @@ -139,13 +139,7 @@ class V3PipelinePermissionService constructor( } override fun supplierForFakePermission(projectId: String): () -> MutableList { - return { - val fakeList = mutableListOf() - pipelineInfoDao.listPipelineIdByProject(dslContext, projectId).forEach { - fakeList.add(it) - } - fakeList - } + return { mutableListOf() } } override fun getResourceByPermission(userId: String, projectId: String, permission: AuthPermission): List { diff --git a/src/backend/ci/core/quality/biz-quality-sample/src/main/kotlin/com/tencent/devops/quality/QualityConfiguration.kt b/src/backend/ci/core/quality/biz-quality-sample/src/main/kotlin/com/tencent/devops/quality/QualityConfiguration.kt index bb0ceaec611..1c99b984fd5 100644 --- a/src/backend/ci/core/quality/biz-quality-sample/src/main/kotlin/com/tencent/devops/quality/QualityConfiguration.kt +++ b/src/backend/ci/core/quality/biz-quality-sample/src/main/kotlin/com/tencent/devops/quality/QualityConfiguration.kt @@ -30,8 +30,12 @@ package com.tencent.devops.quality import com.tencent.devops.common.auth.api.AuthPermissionApi import com.tencent.devops.common.auth.api.AuthResourceApi import com.tencent.devops.common.auth.code.QualityAuthServiceCode +import com.tencent.devops.quality.dao.QualityNotifyGroupDao +import com.tencent.devops.quality.dao.v2.QualityRuleDao import com.tencent.devops.quality.service.QualityPermissionService import com.tencent.devops.quality.service.SampleQualityPermissionServiceImpl +import com.tencent.devops.quality.service.V3QualityPermissionServiceImpl +import org.jooq.DSLContext import org.springframework.boot.autoconfigure.AutoConfigureOrder import org.springframework.boot.autoconfigure.condition.ConditionalOnProperty import org.springframework.boot.autoconfigure.condition.ConditionalOnWebApplication @@ -50,8 +54,26 @@ class QualityConfiguration { fun sampleQualityPermissionService( authPermissionApi: AuthPermissionApi, authResourceApi: AuthResourceApi, - qualityAuthServiceCode: QualityAuthServiceCode + qualityAuthServiceCode: QualityAuthServiceCode, + qualityRuleDao: QualityRuleDao, + groupDao: QualityNotifyGroupDao, + dslContext: DSLContext ): QualityPermissionService = SampleQualityPermissionServiceImpl( + authPermissionApi = authPermissionApi, + authResourceApi = authResourceApi, + qualityAuthServiceCode = qualityAuthServiceCode, + qualityRuleDao = qualityRuleDao, + groupDao = groupDao, + dslContext = dslContext + ) + + @Bean + @ConditionalOnProperty(prefix = "auth", name = ["idProvider"], havingValue = "v3") + fun v3QualityPermissionServiceImpl( + authPermissionApi: AuthPermissionApi, + authResourceApi: AuthResourceApi, + qualityAuthServiceCode: QualityAuthServiceCode + ): QualityPermissionService = V3QualityPermissionServiceImpl( authPermissionApi = authPermissionApi, authResourceApi = authResourceApi, qualityAuthServiceCode = qualityAuthServiceCode diff --git a/src/backend/ci/core/quality/biz-quality-sample/src/main/kotlin/com/tencent/devops/quality/service/AbsQualityPermissionServiceImpl.kt b/src/backend/ci/core/quality/biz-quality-sample/src/main/kotlin/com/tencent/devops/quality/service/AbsQualityPermissionServiceImpl.kt new file mode 100644 index 00000000000..9741a4efe7e --- /dev/null +++ b/src/backend/ci/core/quality/biz-quality-sample/src/main/kotlin/com/tencent/devops/quality/service/AbsQualityPermissionServiceImpl.kt @@ -0,0 +1,234 @@ +/* + * Tencent is pleased to support the open source community by making BK-CI 蓝鲸持续集成平台 available. + * + * Copyright (C) 2019 THL A29 Limited, a Tencent company. All rights reserved. + * + * BK-CI 蓝鲸持续集成平台 is licensed under the MIT license. + * + * A copy of the MIT License is included in this file. + * + * + * Terms of the MIT License: + * --------------------------------------------------- + * Permission is hereby granted, free of charge, to any person obtaining a copy of this software and associated + * documentation files (the "Software"), to deal in the Software without restriction, including without limitation the + * rights to use, copy, modify, merge, publish, distribute, sublicense, and/or sell copies of the Software, and to + * permit persons to whom the Software is furnished to do so, subject to the following conditions: + * + * The above copyright notice and this permission notice shall be included in all copies or substantial portions of + * the Software. + * + * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR IMPLIED, INCLUDING BUT NOT + * LIMITED TO THE WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN + * NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, + * WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION WITH THE + * SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE. + */ + +package com.tencent.devops.quality.service + +import com.tencent.devops.common.api.constant.CommonMessageCode +import com.tencent.devops.common.api.exception.PermissionForbiddenException +import com.tencent.devops.common.api.util.HashUtil +import com.tencent.devops.common.auth.api.AuthPermission +import com.tencent.devops.common.auth.api.AuthPermissionApi +import com.tencent.devops.common.auth.api.AuthResourceApi +import com.tencent.devops.common.auth.api.AuthResourceType +import com.tencent.devops.common.auth.code.QualityAuthServiceCode +import com.tencent.devops.common.service.utils.MessageCodeUtil + +@Suppress("ALL") +abstract class AbsQualityPermissionServiceImpl constructor( + open val authPermissionApi: AuthPermissionApi, + open val authResourceApi: AuthResourceApi, + open val qualityAuthServiceCode: QualityAuthServiceCode +) : QualityPermissionService { + + override fun validateGroupPermission( + userId: String, + projectId: String, + groupId: Long, + authPermission: AuthPermission, + message: String + ) { + if (!authPermissionApi.validateUserResourcePermission( + user = userId, + serviceCode = qualityAuthServiceCode, + resourceType = AuthResourceType.QUALITY_GROUP, + projectCode = projectId, + resourceCode = HashUtil.encodeLongId(groupId), + permission = authPermission + )) { + val permissionMsg = MessageCodeUtil.getCodeLanMessage( + messageCode = "${CommonMessageCode.MSG_CODE_PERMISSION_PREFIX}${authPermission.value}", + defaultMessage = authPermission.alias + ) + throw PermissionForbiddenException( + message = message, + params = arrayOf(permissionMsg)) + } + } + + override fun createGroupResource(userId: String, projectId: String, groupId: Long, groupName: String) { + authResourceApi.createResource( + user = userId, + serviceCode = qualityAuthServiceCode, + resourceType = AuthResourceType.QUALITY_GROUP, + projectCode = projectId, + resourceCode = HashUtil.encodeLongId(groupId), + resourceName = groupName + ) + } + + override fun modifyGroupResource(projectId: String, groupId: Long, groupName: String) { + authResourceApi.modifyResource( + serviceCode = qualityAuthServiceCode, + resourceType = AuthResourceType.QUALITY_GROUP, + projectCode = projectId, + resourceCode = HashUtil.encodeLongId(groupId), + resourceName = groupName + ) + } + + override fun deleteGroupResource(projectId: String, groupId: Long) { + authResourceApi.deleteResource( + serviceCode = qualityAuthServiceCode, + resourceType = AuthResourceType.QUALITY_GROUP, + projectCode = projectId, + resourceCode = HashUtil.encodeLongId(groupId) + ) + } + + override fun filterGroup( + user: String, + projectId: String, + authPermissions: Set + ): Map> { + val permissionResourceMap = authPermissionApi.getUserResourcesByPermissions( + user = user, + serviceCode = qualityAuthServiceCode, + resourceType = AuthResourceType.QUALITY_GROUP, + projectCode = projectId, + permissions = authPermissions, + supplier = supplierForPermissionRule(projectId) + ) + val map = mutableMapOf>() + permissionResourceMap.forEach { (key, value) -> + map[key] = value.map { HashUtil.decodeIdToLong(it) } + } + return map + } + + override fun validateRulePermission(userId: String, projectId: String, authPermission: AuthPermission): Boolean { + return authPermissionApi.validateUserResourcePermission( + user = userId, + serviceCode = qualityAuthServiceCode, + resourceType = AuthResourceType.QUALITY_GROUP, + projectCode = projectId, + permission = authPermission + ) + } + + override fun validateRulePermission( + userId: String, + projectId: String, + authPermission: AuthPermission, + message: String + ) { + if (!authPermissionApi.validateUserResourcePermission( + user = userId, + serviceCode = qualityAuthServiceCode, + resourceType = AuthResourceType.QUALITY_GROUP, + projectCode = projectId, + permission = authPermission + )) { + val permissionMsg = MessageCodeUtil.getCodeLanMessage( + messageCode = "${CommonMessageCode.MSG_CODE_PERMISSION_PREFIX}${authPermission.value}", + defaultMessage = authPermission.alias + ) + throw PermissionForbiddenException( + message = message, + params = arrayOf(permissionMsg) + ) + } + } + + override fun validateRulePermission( + userId: String, + projectId: String, + ruleId: Long, + authPermission: AuthPermission, + message: String + ) { + if (!authPermissionApi.validateUserResourcePermission( + user = userId, + serviceCode = qualityAuthServiceCode, + resourceType = AuthResourceType.QUALITY_GROUP, + projectCode = projectId, + resourceCode = HashUtil.encodeLongId(ruleId), + permission = authPermission)) { + val permissionMsg = MessageCodeUtil.getCodeLanMessage( + messageCode = "${CommonMessageCode.MSG_CODE_PERMISSION_PREFIX}${authPermission.value}", + defaultMessage = authPermission.alias + ) + throw PermissionForbiddenException( + message = message, + params = arrayOf(permissionMsg) + ) + } + } + + override fun createRuleResource(userId: String, projectId: String, ruleId: Long, ruleName: String) { + authResourceApi.createResource( + user = userId, + serviceCode = qualityAuthServiceCode, + resourceType = AuthResourceType.QUALITY_RULE, + projectCode = projectId, + resourceCode = HashUtil.encodeLongId(ruleId), + resourceName = ruleName + ) + } + + override fun modifyRuleResource(projectId: String, ruleId: Long, ruleName: String) { + authResourceApi.modifyResource( + serviceCode = qualityAuthServiceCode, + resourceType = AuthResourceType.QUALITY_RULE, + projectCode = projectId, + resourceCode = HashUtil.encodeLongId(ruleId), + resourceName = ruleName + ) + } + + override fun deleteRuleResource(projectId: String, ruleId: Long) { + authResourceApi.deleteResource( + serviceCode = qualityAuthServiceCode, + resourceType = AuthResourceType.QUALITY_RULE, + projectCode = projectId, + resourceCode = HashUtil.encodeLongId(ruleId) + ) + } + + override fun filterRules( + userId: String, + projectId: String, + bkAuthPermissionSet: Set + ): Map> { + val permissionResourceMap = authPermissionApi.getUserResourcesByPermissions( + user = userId, + serviceCode = qualityAuthServiceCode, + resourceType = AuthResourceType.QUALITY_RULE, + projectCode = projectId, + permissions = bkAuthPermissionSet, + supplier = supplierForPermissionGroup(projectId) + ) + val permissionRuleMap = mutableMapOf>() + permissionResourceMap.forEach { (permission, list) -> + permissionRuleMap[permission] = list.map { HashUtil.decodeIdToLong(it) } + } + return permissionRuleMap + } + + abstract fun supplierForPermissionGroup(projectId: String): () -> MutableList + + abstract fun supplierForPermissionRule(projectId: String): () -> MutableList +} diff --git a/src/backend/ci/core/quality/biz-quality-sample/src/main/kotlin/com/tencent/devops/quality/service/SampleQualityPermissionServiceImpl.kt b/src/backend/ci/core/quality/biz-quality-sample/src/main/kotlin/com/tencent/devops/quality/service/SampleQualityPermissionServiceImpl.kt index 6687b0e263f..75145797bab 100644 --- a/src/backend/ci/core/quality/biz-quality-sample/src/main/kotlin/com/tencent/devops/quality/service/SampleQualityPermissionServiceImpl.kt +++ b/src/backend/ci/core/quality/biz-quality-sample/src/main/kotlin/com/tencent/devops/quality/service/SampleQualityPermissionServiceImpl.kt @@ -27,22 +27,23 @@ package com.tencent.devops.quality.service -import com.tencent.devops.common.api.constant.CommonMessageCode -import com.tencent.devops.common.api.exception.PermissionForbiddenException -import com.tencent.devops.common.api.util.HashUtil import com.tencent.devops.common.auth.api.AuthPermission import com.tencent.devops.common.auth.api.AuthPermissionApi import com.tencent.devops.common.auth.api.AuthResourceApi -import com.tencent.devops.common.auth.api.AuthResourceType import com.tencent.devops.common.auth.code.QualityAuthServiceCode -import com.tencent.devops.common.service.utils.MessageCodeUtil +import com.tencent.devops.quality.dao.QualityNotifyGroupDao +import com.tencent.devops.quality.dao.v2.QualityRuleDao +import org.jooq.DSLContext @Suppress("ALL") class SampleQualityPermissionServiceImpl constructor( - val authPermissionApi: AuthPermissionApi, - val authResourceApi: AuthResourceApi, - val qualityAuthServiceCode: QualityAuthServiceCode -) : QualityPermissionService { + override val authPermissionApi: AuthPermissionApi, + override val authResourceApi: AuthResourceApi, + override val qualityAuthServiceCode: QualityAuthServiceCode, + val qualityRuleDao: QualityRuleDao, + val groupDao: QualityNotifyGroupDao, + val dslContext: DSLContext +) : AbsQualityPermissionServiceImpl(authPermissionApi, authResourceApi, qualityAuthServiceCode) { override fun validateGroupPermission( userId: String, @@ -51,52 +52,19 @@ class SampleQualityPermissionServiceImpl constructor( authPermission: AuthPermission, message: String ) { - if (!authPermissionApi.validateUserResourcePermission( - user = userId, - serviceCode = qualityAuthServiceCode, - resourceType = AuthResourceType.QUALITY_GROUP, - projectCode = projectId, - resourceCode = HashUtil.encodeLongId(groupId), - permission = authPermission - )) { - val permissionMsg = MessageCodeUtil.getCodeLanMessage( - messageCode = "${CommonMessageCode.MSG_CODE_PERMISSION_PREFIX}${authPermission.value}", - defaultMessage = authPermission.alias - ) - throw PermissionForbiddenException( - message = message, - params = arrayOf(permissionMsg)) - } + super.validateGroupPermission(userId, projectId, groupId, authPermission, message) } override fun createGroupResource(userId: String, projectId: String, groupId: Long, groupName: String) { - authResourceApi.createResource( - user = userId, - serviceCode = qualityAuthServiceCode, - resourceType = AuthResourceType.QUALITY_GROUP, - projectCode = projectId, - resourceCode = HashUtil.encodeLongId(groupId), - resourceName = groupName - ) + super.createGroupResource(userId, projectId, groupId, groupName) } override fun modifyGroupResource(projectId: String, groupId: Long, groupName: String) { - authResourceApi.modifyResource( - serviceCode = qualityAuthServiceCode, - resourceType = AuthResourceType.QUALITY_GROUP, - projectCode = projectId, - resourceCode = HashUtil.encodeLongId(groupId), - resourceName = groupName - ) + super.modifyGroupResource(projectId, groupId, groupName) } override fun deleteGroupResource(projectId: String, groupId: Long) { - authResourceApi.deleteResource( - serviceCode = qualityAuthServiceCode, - resourceType = AuthResourceType.QUALITY_GROUP, - projectCode = projectId, - resourceCode = HashUtil.encodeLongId(groupId) - ) + super.deleteGroupResource(projectId, groupId) } override fun filterGroup( @@ -104,29 +72,11 @@ class SampleQualityPermissionServiceImpl constructor( projectId: String, authPermissions: Set ): Map> { - val permissionResourceMap = authPermissionApi.getUserResourcesByPermissions( - user = user, - serviceCode = qualityAuthServiceCode, - resourceType = AuthResourceType.QUALITY_GROUP, - projectCode = projectId, - permissions = authPermissions, - supplier = null - ) - val map = mutableMapOf>() - permissionResourceMap.forEach { (key, value) -> - map[key] = value.map { HashUtil.decodeIdToLong(it) } - } - return map + return super.filterGroup(user, projectId, authPermissions) } override fun validateRulePermission(userId: String, projectId: String, authPermission: AuthPermission): Boolean { - return authPermissionApi.validateUserResourcePermission( - user = userId, - serviceCode = qualityAuthServiceCode, - resourceType = AuthResourceType.QUALITY_GROUP, - projectCode = projectId, - permission = authPermission - ) + return super.validateRulePermission(userId, projectId, authPermission) } override fun validateRulePermission( @@ -135,22 +85,7 @@ class SampleQualityPermissionServiceImpl constructor( authPermission: AuthPermission, message: String ) { - if (!authPermissionApi.validateUserResourcePermission( - user = userId, - serviceCode = qualityAuthServiceCode, - resourceType = AuthResourceType.QUALITY_GROUP, - projectCode = projectId, - permission = authPermission - )) { - val permissionMsg = MessageCodeUtil.getCodeLanMessage( - messageCode = "${CommonMessageCode.MSG_CODE_PERMISSION_PREFIX}${authPermission.value}", - defaultMessage = authPermission.alias - ) - throw PermissionForbiddenException( - message = message, - params = arrayOf(permissionMsg) - ) - } + super.validateRulePermission(userId, projectId, authPermission, message) } override fun validateRulePermission( @@ -160,52 +95,19 @@ class SampleQualityPermissionServiceImpl constructor( authPermission: AuthPermission, message: String ) { - if (!authPermissionApi.validateUserResourcePermission( - user = userId, - serviceCode = qualityAuthServiceCode, - resourceType = AuthResourceType.QUALITY_GROUP, - projectCode = projectId, - resourceCode = HashUtil.encodeLongId(ruleId), - permission = authPermission)) { - val permissionMsg = MessageCodeUtil.getCodeLanMessage( - messageCode = "${CommonMessageCode.MSG_CODE_PERMISSION_PREFIX}${authPermission.value}", - defaultMessage = authPermission.alias - ) - throw PermissionForbiddenException( - message = message, - params = arrayOf(permissionMsg) - ) - } + super.validateRulePermission(userId, projectId, ruleId, authPermission, message) } override fun createRuleResource(userId: String, projectId: String, ruleId: Long, ruleName: String) { - authResourceApi.createResource( - user = userId, - serviceCode = qualityAuthServiceCode, - resourceType = AuthResourceType.QUALITY_RULE, - projectCode = projectId, - resourceCode = HashUtil.encodeLongId(ruleId), - resourceName = ruleName - ) + super.createRuleResource(userId, projectId, ruleId, ruleName) } override fun modifyRuleResource(projectId: String, ruleId: Long, ruleName: String) { - authResourceApi.modifyResource( - serviceCode = qualityAuthServiceCode, - resourceType = AuthResourceType.QUALITY_RULE, - projectCode = projectId, - resourceCode = HashUtil.encodeLongId(ruleId), - resourceName = ruleName - ) + super.modifyRuleResource(projectId, ruleId, ruleName) } override fun deleteRuleResource(projectId: String, ruleId: Long) { - authResourceApi.deleteResource( - serviceCode = qualityAuthServiceCode, - resourceType = AuthResourceType.QUALITY_RULE, - projectCode = projectId, - resourceCode = HashUtil.encodeLongId(ruleId) - ) + super.deleteRuleResource(projectId, ruleId) } override fun filterRules( @@ -213,18 +115,34 @@ class SampleQualityPermissionServiceImpl constructor( projectId: String, bkAuthPermissionSet: Set ): Map> { - val permissionResourceMap = authPermissionApi.getUserResourcesByPermissions( - user = userId, - serviceCode = qualityAuthServiceCode, - resourceType = AuthResourceType.QUALITY_RULE, - projectCode = projectId, - permissions = bkAuthPermissionSet, - supplier = null - ) - val permissionRuleMap = mutableMapOf>() - permissionResourceMap.forEach { (permission, list) -> - permissionRuleMap[permission] = list.map { HashUtil.decodeIdToLong(it) } + return super.filterRules(userId, projectId, bkAuthPermissionSet) + } + + override fun supplierForPermissionGroup(projectId: String): () -> MutableList { + return { + val fakeList = mutableListOf() + groupDao.list( + dslContext = dslContext, + projectId = projectId, + offset = 0, + limit = 500 + ).forEach { + fakeList.add(it.id.toString()) + } + fakeList + } + } + + override fun supplierForPermissionRule(projectId: String): () -> MutableList { + return { + val fakeList = mutableListOf() + qualityRuleDao.list( + dslContext = dslContext, + projectId = projectId + )?.forEach { + fakeList.add(it.id.toString()) + } + fakeList } - return permissionRuleMap } } diff --git a/src/backend/ci/core/quality/biz-quality-sample/src/main/kotlin/com/tencent/devops/quality/service/V3QualityPermissionServiceImpl.kt b/src/backend/ci/core/quality/biz-quality-sample/src/main/kotlin/com/tencent/devops/quality/service/V3QualityPermissionServiceImpl.kt new file mode 100644 index 00000000000..3b8f4379737 --- /dev/null +++ b/src/backend/ci/core/quality/biz-quality-sample/src/main/kotlin/com/tencent/devops/quality/service/V3QualityPermissionServiceImpl.kt @@ -0,0 +1,112 @@ +/* + * Tencent is pleased to support the open source community by making BK-CI 蓝鲸持续集成平台 available. + * + * Copyright (C) 2019 THL A29 Limited, a Tencent company. All rights reserved. + * + * BK-CI 蓝鲸持续集成平台 is licensed under the MIT license. + * + * A copy of the MIT License is included in this file. + * + * + * Terms of the MIT License: + * --------------------------------------------------- + * Permission is hereby granted, free of charge, to any person obtaining a copy of this software and associated + * documentation files (the "Software"), to deal in the Software without restriction, including without limitation the + * rights to use, copy, modify, merge, publish, distribute, sublicense, and/or sell copies of the Software, and to + * permit persons to whom the Software is furnished to do so, subject to the following conditions: + * + * The above copyright notice and this permission notice shall be included in all copies or substantial portions of + * the Software. + * + * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR IMPLIED, INCLUDING BUT NOT + * LIMITED TO THE WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN + * NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, + * WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION WITH THE + * SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE. + */ + +package com.tencent.devops.quality.service + +import com.tencent.devops.common.auth.api.AuthPermission +import com.tencent.devops.common.auth.api.AuthPermissionApi +import com.tencent.devops.common.auth.api.AuthResourceApi +import com.tencent.devops.common.auth.code.QualityAuthServiceCode + +@Suppress("ALL") +class V3QualityPermissionServiceImpl constructor( + override val authPermissionApi: AuthPermissionApi, + override val authResourceApi: AuthResourceApi, + override val qualityAuthServiceCode: QualityAuthServiceCode +) : AbsQualityPermissionServiceImpl(authPermissionApi, authResourceApi, qualityAuthServiceCode) { + override fun validateGroupPermission( + userId: String, + projectId: String, + groupId: Long, + authPermission: AuthPermission, + message: String + ) { + super.validateGroupPermission(userId, projectId, groupId, authPermission, message) + } + + override fun createGroupResource(userId: String, projectId: String, groupId: Long, groupName: String) { + super.createGroupResource(userId, projectId, groupId, groupName) + } + + override fun modifyGroupResource(projectId: String, groupId: Long, groupName: String) { + super.modifyGroupResource(projectId, groupId, groupName) + } + + override fun deleteGroupResource(projectId: String, groupId: Long) { + super.deleteGroupResource(projectId, groupId) + } + + override fun filterGroup(user: String, projectId: String, authPermissions: Set): Map> { + return super.filterGroup(user, projectId, authPermissions) + } + + override fun validateRulePermission(userId: String, projectId: String, authPermission: AuthPermission): Boolean { + return super.validateRulePermission(userId, projectId, authPermission) + } + + override fun validateRulePermission(userId: String, projectId: String, authPermission: AuthPermission, message: String) { + super.validateRulePermission(userId, projectId, authPermission, message) + } + + override fun validateRulePermission( + userId: String, + projectId: String, + ruleId: Long, + authPermission: AuthPermission, + message: String + ) { + super.validateRulePermission(userId, projectId, ruleId, authPermission, message) + } + + override fun createRuleResource(userId: String, projectId: String, ruleId: Long, ruleName: String) { + super.createRuleResource(userId, projectId, ruleId, ruleName) + } + + override fun modifyRuleResource(projectId: String, ruleId: Long, ruleName: String) { + super.modifyRuleResource(projectId, ruleId, ruleName) + } + + override fun deleteRuleResource(projectId: String, ruleId: Long) { + super.deleteRuleResource(projectId, ruleId) + } + + override fun filterRules( + userId: String, + projectId: String, + bkAuthPermissionSet: Set + ): Map> { + return super.filterRules(userId, projectId, bkAuthPermissionSet) + } + + override fun supplierForPermissionGroup(projectId: String): () -> MutableList { + return { mutableListOf() } + } + + override fun supplierForPermissionRule(projectId: String): () -> MutableList { + return { mutableListOf() } + } +} diff --git a/src/backend/ci/core/ticket/biz-ticket-sample/src/main/kotlin/com/tencent/devops/ticket/service/V3CertPermissionService.kt b/src/backend/ci/core/ticket/biz-ticket-sample/src/main/kotlin/com/tencent/devops/ticket/service/V3CertPermissionService.kt index fec6a6c09b7..adc192ca860 100644 --- a/src/backend/ci/core/ticket/biz-ticket-sample/src/main/kotlin/com/tencent/devops/ticket/service/V3CertPermissionService.kt +++ b/src/backend/ci/core/ticket/biz-ticket-sample/src/main/kotlin/com/tencent/devops/ticket/service/V3CertPermissionService.kt @@ -57,18 +57,7 @@ class V3CertPermissionService @Autowired constructor( ) { override fun supplierForPermission(projectId: String): () -> MutableList { - return { - val fakeList = mutableListOf() - certDao.listIdByProject( - dslContext = dslContext, - projectId = projectId, - offset = 0, - limit = 500 - ).forEach { - fakeList.add(it) - } - fakeList - } + return { mutableListOf() } } override fun validatePermission( @@ -101,13 +90,13 @@ class V3CertPermissionService @Autowired constructor( return true } return authPermissionApi.validateUserResourcePermission( - user = userId, - serviceCode = ticketAuthServiceCode, - resourceType = AuthResourceType.TICKET_CERT, - projectCode = projectId, - resourceCode = projectId, - permission = AuthPermission.CREATE, - relationResourceType = AuthResourceType.PROJECT + user = userId, + serviceCode = ticketAuthServiceCode, + resourceType = AuthResourceType.TICKET_CERT, + projectCode = projectId, + resourceCode = projectId, + permission = AuthPermission.CREATE, + relationResourceType = AuthResourceType.PROJECT ) } diff --git a/src/backend/ci/core/ticket/biz-ticket-sample/src/main/kotlin/com/tencent/devops/ticket/service/V3CredentialPermissionService.kt b/src/backend/ci/core/ticket/biz-ticket-sample/src/main/kotlin/com/tencent/devops/ticket/service/V3CredentialPermissionService.kt index a3ece320d31..12ae9123915 100644 --- a/src/backend/ci/core/ticket/biz-ticket-sample/src/main/kotlin/com/tencent/devops/ticket/service/V3CredentialPermissionService.kt +++ b/src/backend/ci/core/ticket/biz-ticket-sample/src/main/kotlin/com/tencent/devops/ticket/service/V3CredentialPermissionService.kt @@ -58,18 +58,7 @@ class V3CredentialPermissionService @Autowired constructor( ) { override fun supplierForFakePermission(projectId: String): () -> MutableList { - return { - val fakeList = mutableListOf() - credentialDao.listByProject( - dslContext = dslContext, - projectId = projectId, - offset = 0, - limit = 500 // 一个项目不会有太多凭证 - ).forEach { - fakeList.add(it.credentialId) - } - fakeList - } + return { mutableListOf() } } override fun validatePermission(