fix 工作空间环境变量开放给普通用户编辑

2024-12-02 20:08:40 +08:00 · 2023-03-08 14:38:39 +08:00 · 2023-03-08 14:38:39 +08:00 · d7a27d278e
commit d7a27d278e
parent fef50a3e76
8 changed files with 80 additions and 7 deletions
--- a/CHANGELOG.md
+++ b/CHANGELOG.md
@ -14,6 +14,7 @@
   （感谢 [@失落的世界](https://gitee.com/marmotgo) [Gitee issues I6KTLQ](https://gitee.com/dromara/Jpom/issues/I6KTLQ) ）
 2. 【server】优化 项目文件列表支持前端排序（文件大小、修改时间）
 3. 【server】优化 关闭程序时依次关闭线程池
+4. 【server】优化 工作空间环境变量开放给普通用户编辑

 ### ⚠️ 注意

--- a/modules/server/src/main/java/io/jpom/controller/system/WorkspaceEnvVarController.java
+++ b/modules/server/src/main/java/io/jpom/controller/system/WorkspaceEnvVarController.java
@ -40,7 +40,6 @@ import io.jpom.model.data.WorkspaceEnvVarModel;
 import io.jpom.permission.ClassFeature;
 import io.jpom.permission.Feature;
 import io.jpom.permission.MethodFeature;
-import io.jpom.permission.SystemPermission;
 import io.jpom.service.system.WorkspaceEnvVarService;
 import org.springframework.http.MediaType;
 import org.springframework.util.Assert;
@ -50,6 +49,7 @@ import org.springframework.web.bind.annotation.RequestMapping;
 import org.springframework.web.bind.annotation.RestController;
 import top.jpom.model.PageResultDto;

+import javax.servlet.http.HttpServletRequest;
 import java.util.Collection;
 import java.util.List;

@ -61,7 +61,6 @@ import java.util.List;
@RestController
@Feature(cls = ClassFeature.SYSTEM_WORKSPACE)
@RequestMapping(value = "/system/workspace_env/")
-@SystemPermission
 public class WorkspaceEnvVarController extends BaseServerController {

    private final WorkspaceEnvVarService workspaceEnvVarService;
@ -77,8 +76,8 @@ public class WorkspaceEnvVarController extends BaseServerController {
     */
    @PostMapping(value = "/list", produces = MediaType.APPLICATION_JSON_VALUE)
    @Feature(method = MethodFeature.LIST)
-    public JsonMessage<PageResultDto<WorkspaceEnvVarModel>> list() {
-        PageResultDto<WorkspaceEnvVarModel> listPage = workspaceEnvVarService.listPage(getRequest());
+    public JsonMessage<PageResultDto<WorkspaceEnvVarModel>> list(HttpServletRequest request) {
+        PageResultDto<WorkspaceEnvVarModel> listPage = workspaceEnvVarService.listPage(request);
        listPage.each(workspaceEnvVarModel -> {
            Integer privacy = workspaceEnvVarModel.getPrivacy();
            if (privacy != null && privacy == 1) {
@ -106,6 +105,10 @@ public class WorkspaceEnvVarController extends BaseServerController {
                                    @ValidatorItem String description,
                                    String privacy,
                                    String nodeIds) {
+        if (!getUser().isSystemUser()) {
+            Assert.state(!StrUtil.equals(workspaceId, ServerConst.WORKSPACE_GLOBAL), "全局工作空间变量请到系统管理修改");
+        }
+
        workspaceEnvVarService.checkUserWorkspace(workspaceId);

        this.checkInfo(id, name, workspaceId);
@ -137,7 +140,7 @@ public class WorkspaceEnvVarController extends BaseServerController {
        } else {
            WorkspaceEnvVarModel byKey = workspaceEnvVarService.getByKey(id);
            Assert.notNull(byKey, "没有对应的数据");
-            Assert.state(StrUtil.equals(workspaceId, byKey.getWorkspaceId()), "选择工作空间错误");
+            Assert.state(StrUtil.equals(workspaceId, byKey.getWorkspaceId()), "工作空间错误,或者没有权限编辑此数据");
            oldNodeIds = byKey.getNodeIds();
            workspaceModel.setId(id);
            // 不能修改
@ -212,6 +215,9 @@ public class WorkspaceEnvVarController extends BaseServerController {
    @Feature(method = MethodFeature.DEL)
    public JsonMessage<Object> delete(@ValidatorItem(value = ValidatorRule.NOT_BLANK, msg = "数据 id 不能为空") String id,
                                      @ValidatorItem String workspaceId) {
+        if (!getUser().isSystemUser()) {
+            Assert.state(!StrUtil.equals(workspaceId, ServerConst.WORKSPACE_GLOBAL), "全局工作空间变量请到系统管理修改");
+        }
        workspaceEnvVarService.checkUserWorkspace(workspaceId);
        WorkspaceEnvVarModel byKey = workspaceEnvVarService.getByKey(id);
        Assert.notNull(byKey, "没有对应的数据");
--- a/modules/server/src/main/java/io/jpom/service/system/WorkspaceEnvVarService.java
+++ b/modules/server/src/main/java/io/jpom/service/system/WorkspaceEnvVarService.java
@ -26,12 +26,15 @@ import cn.hutool.core.collection.CollStreamUtil;
 import cn.hutool.core.collection.CollUtil;
 import cn.hutool.core.util.StrUtil;
 import cn.hutool.db.Entity;
+import cn.hutool.extra.servlet.ServletUtil;
 import io.jpom.common.ServerConst;
 import io.jpom.model.EnvironmentMapBuilder;
 import io.jpom.model.data.WorkspaceEnvVarModel;
 import io.jpom.service.h2db.BaseWorkspaceService;
 import org.springframework.stereotype.Service;
+import top.jpom.model.PageResultDto;

+import javax.servlet.http.HttpServletRequest;
 import java.util.List;
 import java.util.Map;

@ -42,6 +45,27 @@ import java.util.Map;
@Service
 public class WorkspaceEnvVarService extends BaseWorkspaceService<WorkspaceEnvVarModel> {

+
+    /**
+     * 获取我所有的空间
+     *
+     * @param request 请求对象
+     * @return page
+     */
+    @Override
+    public PageResultDto<WorkspaceEnvVarModel> listPage(HttpServletRequest request) {
+        // 验证工作空间权限
+        Map<String, String> paramMap = ServletUtil.getParamMap(request);
+        String workspaceIds = BaseWorkspaceService.getWorkspaceId(request);
+        List<String> split = StrUtil.split(workspaceIds, StrUtil.COMMA);
+        for (String workspaceId : split) {
+            checkUserWorkspace(workspaceId);
+        }
+        paramMap.remove("workspaceId");
+        paramMap.put("workspaceId:in", workspaceIds);
+        return super.listPage(paramMap);
+    }
+
    /**
     * 获取工作空间下面的所有环境变量
     *
--- a/modules/server/src/main/resources/menus/index.json
+++ b/modules/server/src/main/resources/menus/index.json
@ -96,6 +96,10 @@
      {
        "title": "脚本执行记录",
        "id": "serverScriptLogList"
+      },
+      {
+        "title": "环境变量",
+        "id": "configWorkspaceEnv"
      }
    ]
  },
--- a/web-vue/src/pages/script/env.vue
+++ b/web-vue/src/pages/script/env.vue
@ -0,0 +1,22 @@
+<template>
+  <div class="full-content">
+    <workspaceEnv ref="workspaceEnv" :workspaceId="this.getWorkspaceId" :global="true" />
+  </div>
+</template>
+<script>
+import workspaceEnv from "@/pages/system/workspace-env.vue";
+import { mapGetters } from "vuex";
+
+export default {
+  components: {
+    workspaceEnv,
+  },
+  data() {
+    return {};
+  },
+  computed: { ...mapGetters(["getWorkspaceId"]) },
+  created() {},
+  methods: {},
+};
+</script>
+<style scoped></style>
--- a/web-vue/src/pages/system/workspace-env.vue
+++ b/web-vue/src/pages/system/workspace-env.vue
@ -30,6 +30,10 @@
      <a-tooltip slot="description" slot-scope="text" placement="topLeft" :title="text">
        <span>{{ text }}</span>
      </a-tooltip>
+      <template slot="workspaceId" slot-scope="text">
+        <span>{{ text === "GLOBAL" ? "全局" : "当前工作空间" }}</span>
+      </template>
+
      <template slot="operation" slot-scope="text, record">
        <a-space>
          <a-button size="small" type="primary" @click="handleEnvEdit(record)">编辑</a-button>
@ -99,6 +103,10 @@ export default {
      type: String,
      default: "",
    },
+    global: {
+      type: Boolean,
+      default: false,
+    },
  },
  data() {
    return {
@ -111,8 +119,10 @@ export default {
      envVarColumns: [
        { title: "名称", dataIndex: "name", ellipsis: true, scopedSlots: { customRender: "name" } },
        { title: "值", dataIndex: "value", ellipsis: true, scopedSlots: { customRender: "value" } },
+
        { title: "描述", dataIndex: "description", ellipsis: true, scopedSlots: { customRender: "description" } },
        { title: "修改人", dataIndex: "modifyUser", ellipsis: true, scopedSlots: { customRender: "modifyUser" }, width: 120 },
+        { title: "作用域", dataIndex: "workspaceId", ellipsis: true, scopedSlots: { customRender: "workspaceId" }, width: "120px" },
        {
          title: "修改时间",
          dataIndex: "modifyTimeMillis",
@ -123,7 +133,7 @@ export default {
            return parseTime(text);
          },
          sorter: true,
-          width: 180,
+          width: "180px",
        },
        { title: "操作", dataIndex: "operation", align: "center", scopedSlots: { customRender: "operation" }, width: 120 },
      ],
@ -147,7 +157,7 @@ export default {
    loadDataEnvVar(pointerEvent) {
      this.envVarLoading = true;

-      this.envVarListQuery.workspaceId = this.workspaceId;
+      this.envVarListQuery.workspaceId = this.workspaceId + (this.global ? ",GLOBAL" : "");
      this.envVarListQuery.page = pointerEvent?.altKey || pointerEvent?.ctrlKey ? 1 : this.envVarListQuery.page;
      getWorkspaceEnvList(this.envVarListQuery).then((res) => {
        if (res.code === 200) {
--- a/web-vue/src/router/index.js
+++ b/web-vue/src/router/index.js
@ -124,6 +124,11 @@ const children = [
    name: "dispatch-white-list",
    component: () => import("../pages/dispatch/white-list"),
  },
+  {
+    path: "/script/env-list",
+    name: "script-env-list",
+    component: () => import("../pages/script/env"),
+  },
 ];

 const management = [
--- a/web-vue/src/router/route-menu.js
+++ b/web-vue/src/router/route-menu.js
@ -45,6 +45,7 @@ const routeMenuMap = {
  machine_node_info: "/system/assets/machine-list",
  machine_ssh_info: "/system/assets/ssh-list",
  machine_docker_info: "/system/assets/docker-list",
+  configWorkspaceEnv: "/script/env-list",
 };

 export default routeMenuMap;