fix(系统设置)：系统设置相关权限问题处理

--bug=1027201 --user=王旭 【系统设置】工作空间管理员-删除项目成员失败 https://www.tapd.cn/55049933/s/1383584

--bug=1027199 --user=王旭 【系统设置】工作空间成员-环境管理-可点击批量添加到环境组 https://www.tapd.cn/55049933/s/1383642

--bug=1027198 --user=王旭 【系统设置】工作空间成员-分配了配额管理和操作日志查询权限-点击均提示无权限 https://www.tapd.cn/55049933/s/1383652

--bug=1027204 --user=王旭 【系统设置】工作空间管理员-环境管理-批量添加到环境组失败 https://www.tapd.cn/55049933/s/1383630

framework/sdk-parent/sdk/src/main/java/io/metersphere/commons/constants/PermissionConstants.java

@@ -52,6 +52,9 @@ public class PermissionConstants {
     public static final String WORKSPACE_PROJECT_MANAGER_READ_CREATE = "WORKSPACE_PROJECT_MANAGER:READ+CREATE";
     public static final String WORKSPACE_PROJECT_MANAGER_READ_EDIT = "WORKSPACE_PROJECT_MANAGER:READ+EDIT";
     public static final String WORKSPACE_PROJECT_MANAGER_READ_DELETE = "WORKSPACE_PROJECT_MANAGER:READ+DELETE";
+    public static final String WORKSPACE_PROJECT_MANAGER_READ_DELETE_USER = "WORKSPACE_PROJECT_MANAGER:READ+DELETE_USER";
+    public static final String WORKSPACE_QUOTA_READ = "WORKSPACE_QUOTA:READ";
+    public static final String WORKSPACE_QUOTA_READ_EDIT = "WORKSPACE_QUOTA:READ+EDIT";
     public static final String WORKSPACE_PROJECT_MANAGER_READ_ADD_USER = "WORKSPACE_PROJECT_MANAGER:READ+ADD_USER";
 
     public static final String WORKSPACE_PROJECT_ENVIRONMENT_READ = "WORKSPACE_PROJECT_ENVIRONMENT:READ";

framework/sdk-parent/sdk/src/main/java/io/metersphere/log/controller/OperatingLogController.java

@@ -31,7 +31,7 @@ public class OperatingLogController {
     }
 
     @GetMapping("/get/{id}")
-    @RequiresPermissions(PermissionConstants.SYSTEM_OPERATING_LOG_READ)
+    @RequiresPermissions(value={PermissionConstants.SYSTEM_OPERATING_LOG_READ, PermissionConstants.WORKSPACE_OPERATING_LOG_READ}, logical = Logical.OR)
     public OperatingLogDTO get(@PathVariable String id) {
         return operatingLogService.get(id);
     }

system-setting/backend/src/main/java/io/metersphere/controller/EnvironmentGroupController.java

@@ -30,7 +30,7 @@ public class EnvironmentGroupController {
     }
 
     @PostMapping("/batch/add")
-    @RequiresPermissions(PermissionConstants.WORKSPACE_PROJECT_ENVIRONMENT_READ_CREATE)
+    @RequiresPermissions(PermissionConstants.WORKSPACE_PROJECT_ENVIRONMENT_GROUP_EDIT)
     public void batchAdd(@RequestBody EnvironmentGroupRequest request) {
         environmentGroupService.batchAdd(request);
     }

system-setting/backend/src/main/java/io/metersphere/controller/TestResourcePoolController.java

@@ -13,6 +13,7 @@ import io.metersphere.dto.UpdatePoolDTO;
 import io.metersphere.log.annotation.MsAuditLog;
 import io.metersphere.request.resourcepool.QueryResourcePoolRequest;
 import io.metersphere.service.TestResourcePoolService;
+import org.apache.shiro.authz.annotation.Logical;
 import org.apache.shiro.authz.annotation.RequiresPermissions;
 import org.springframework.web.bind.annotation.*;
 
@@ -46,7 +47,7 @@ public class TestResourcePoolController {
     @PostMapping("/update")
     @MsAuditLog(module = OperLogModule.SYSTEM_TEST_RESOURCE, type = OperLogConstants.UPDATE, beforeEvent = "#msClass.getLogDetails(#testResourcePoolDTO.id)", content = "#msClass.getLogDetails(#testResourcePoolDTO.id)", msClass = TestResourcePoolService.class)
     @CacheNode // 把监控节点缓存起来
-    @RequiresPermissions(PermissionConstants.SYSTEM_TEST_POOL_READ_EDIT)
+    @RequiresPermissions(value={PermissionConstants.SYSTEM_TEST_POOL_READ, PermissionConstants.WORKSPACE_QUOTA_READ_EDIT}, logical = Logical.OR)
     public void updateTestResourcePool(@RequestBody TestResourcePoolDTO testResourcePoolDTO) {
         testResourcePoolService.updateTestResourcePool(testResourcePoolDTO);
     }
@@ -54,7 +55,7 @@ public class TestResourcePoolController {
     @GetMapping("/update/{poolId}/{status}")
     @MsAuditLog(module = OperLogModule.SYSTEM_TEST_RESOURCE, type = OperLogConstants.UPDATE, beforeEvent = "#msClass.getLogDetails(#poolId)", content = "#msClass.getLogDetails(#poolId)", msClass = TestResourcePoolService.class)
     @CacheNode // 把监控节点缓存起来
-    @RequiresPermissions(PermissionConstants.SYSTEM_TEST_POOL_READ_EDIT)
+    @RequiresPermissions(value={PermissionConstants.SYSTEM_TEST_POOL_READ, PermissionConstants.WORKSPACE_QUOTA_READ_EDIT}, logical = Logical.OR)
     public void updateTestResourcePoolStatus(@PathVariable String poolId, @PathVariable String status) {
         testResourcePoolService.updateTestResourcePoolStatus(poolId, status);
     }
@@ -65,14 +66,14 @@ public class TestResourcePoolController {
     }
 
     @PostMapping("list/{goPage}/{pageSize}")
-    @RequiresPermissions(PermissionConstants.SYSTEM_TEST_POOL_READ)
+    @RequiresPermissions(value={PermissionConstants.SYSTEM_TEST_POOL_READ, PermissionConstants.WORKSPACE_QUOTA_READ}, logical = Logical.OR)
     public Pager<List<TestResourcePoolDTO>> listResourcePools(@PathVariable int goPage, @PathVariable int pageSize, @RequestBody QueryResourcePoolRequest request) {
         Page<Object> page = PageHelper.startPage(goPage, pageSize, true);
         return PageUtils.setPageInfo(page, testResourcePoolService.listResourcePools(request));
     }
 
     @GetMapping("/list/quota/ws/valid/{workspaceId}")
-    @RequiresPermissions(PermissionConstants.SYSTEM_TEST_POOL_READ)
+    @RequiresPermissions(value={PermissionConstants.SYSTEM_TEST_POOL_READ, PermissionConstants.WORKSPACE_QUOTA_READ}, logical = Logical.OR)
     public List<TestResourcePoolDTO> listWsValidQuotaResourcePools(@PathVariable String workspaceId) {
         return testResourcePoolService.listWsValidQuotaResourcePools(workspaceId);
     }

system-setting/backend/src/main/java/io/metersphere/controller/UserController.java

@@ -185,7 +185,7 @@ public class UserController {
     }
 
     @GetMapping("/project/member/delete/{projectId}/{userId}")
-    @RequiresPermissions(value={PermissionConstants.PROJECT_USER_READ_DELETE}, logical = Logical.OR)
+    @RequiresPermissions(value={PermissionConstants.PROJECT_USER_READ_DELETE, PermissionConstants.WORKSPACE_PROJECT_MANAGER_READ_DELETE_USER}, logical = Logical.OR)
     @MsRequestLog(module = OperLogModule.PROJECT_PROJECT_MEMBER)
     public void deleteProjectMember(@PathVariable String projectId, @PathVariable String userId) {
         String currentUserId = SessionUtils.getUser().getId();

system-setting/frontend/src/business/workspace/environment/EnvironmentList.vue

@@ -202,7 +202,8 @@ export default {
       selectDataCounts: 0,
       buttons: [
         {
-          name: this.$t('workspace.env_group.batch_add_to_ws'), handleClick: this.batchAddToGroup
+          name: this.$t('workspace.env_group.batch_add_to_ws'), handleClick: this.batchAddToGroup,
+          permissions: ['WORKSPACE_PROJECT_ENVIRONMENT:READ+EDIT_GROUP'],
         },
       ],
       ifCreate: false, //是否是创建环境
@@ -486,7 +487,7 @@ export default {
         return false;
       }
       let map = new Map();
-      this.selectRow.forEach(row => {
+      this.selectRows.forEach(row => {
         map.set(row.projectId, row.id);
       })
       batchAddEnvGroup({map: strMapToObj(map), groupIds: value}).then(() => {