mirror of
https://gitee.com/fit2cloud-feizhiyun/MeterSphere.git
synced 2024-12-03 12:39:12 +08:00
fix(接口测试): 修复批量操作没有设置权限的缺陷
--bug=1033911 --user=王孝刚 【接口测试】调用接口/api/api/automation/move-gc-batch可删除无权限项目下接口场景 https://www.tapd.cn/55049933/s/1447523
This commit is contained in:
parent
67bbac5d00
commit
df9cf8cfae
@ -138,6 +138,7 @@ public class ApiDefinitionController {
|
||||
@PostMapping("/del-batch")
|
||||
@RequiresPermissions(PermissionConstants.PROJECT_API_DEFINITION_READ_DELETE_API)
|
||||
@MsAuditLog(module = OperLogModule.API_DEFINITION, type = OperLogConstants.BATCH_DEL, beforeEvent = "#msClass.getLogDetails(#request.ids)", msClass = ApiDefinitionService.class)
|
||||
@CheckOwner(resourceId = "#request.ids", resourceType = "api_definition")
|
||||
public void deleteBatchByParams(@RequestBody ApiBatchRequest request) {
|
||||
apiDefinitionService.deleteByParams(request);
|
||||
}
|
||||
@ -145,6 +146,7 @@ public class ApiDefinitionController {
|
||||
@PostMapping("/copy/by/version")
|
||||
@RequiresPermissions(PermissionConstants.PROJECT_API_DEFINITION_READ_EDIT_API)
|
||||
@MsAuditLog(module = OperLogModule.API_DEFINITION, type = OperLogConstants.UPDATE, beforeEvent = "#msClass.getLogDetails(#request.ids)", title = "#request.name", content = "#msClass.getLogDetails(#request.ids)", msClass = ApiDefinitionService.class)
|
||||
@CheckOwner(resourceId = "#request.ids", resourceType = "api_definition")
|
||||
public void copyByVersion(@RequestBody BatchDataCopyRequest request) {
|
||||
apiDefinitionService.copyCaseOrMockByVersion(request);
|
||||
}
|
||||
@ -162,6 +164,7 @@ public class ApiDefinitionController {
|
||||
@RequiresPermissions(PermissionConstants.PROJECT_API_DEFINITION_READ_DELETE_API)
|
||||
@MsAuditLog(module = OperLogModule.API_DEFINITION, type = OperLogConstants.BATCH_GC, beforeEvent = "#msClass.getLogDetails(#request.ids)", msClass = ApiDefinitionService.class)
|
||||
@SendNotice(taskType = NoticeConstants.TaskType.API_DEFINITION_TASK, event = NoticeConstants.Event.DELETE, target = "#targetClass.getBLOBs(#request.ids)", targetClass = ApiDefinitionService.class, subject = "接口定义通知")
|
||||
@CheckOwner(resourceId = "#request.ids", resourceType = "api_definition")
|
||||
public void removeToGcByParams(@RequestBody ApiBatchRequest request) {
|
||||
apiDefinitionService.removeToGcByParams(request);
|
||||
}
|
||||
@ -275,6 +278,7 @@ public class ApiDefinitionController {
|
||||
@PostMapping("/batch/edit")
|
||||
@RequiresPermissions(PermissionConstants.PROJECT_API_DEFINITION_READ_EDIT_API)
|
||||
@MsRequestLog(module = OperLogModule.API_DEFINITION)
|
||||
@CheckOwner(resourceId = "#request.ids", resourceType = "api_definition")
|
||||
public void editApiBath(@RequestBody ApiBatchRequest request) {
|
||||
apiDefinitionService.editApiBath(request);
|
||||
}
|
||||
@ -283,6 +287,7 @@ public class ApiDefinitionController {
|
||||
@RequiresPermissions(PermissionConstants.PROJECT_API_DEFINITION_READ_EDIT_API)
|
||||
@MsAuditLog(module = OperLogModule.API_DEFINITION, type = OperLogConstants.BATCH_UPDATE, beforeEvent = "#msClass.getLogDetails(#request)", content = "#msClass.getLogDetails(#request)", msClass = ApiDefinitionService.class)
|
||||
@SendNotice(taskType = NoticeConstants.TaskType.API_DEFINITION_TASK, event = NoticeConstants.Event.UPDATE, target = "#targetClass.getBLOBs(#request.ids)", targetClass = ApiDefinitionService.class, subject = "接口定义通知")
|
||||
@CheckOwner(resourceId = "#request.ids", resourceType = "api_definition")
|
||||
public void editByParams(@RequestBody ApiBatchRequest request) {
|
||||
apiDefinitionService.editApiByParam(request);
|
||||
}
|
||||
@ -290,6 +295,7 @@ public class ApiDefinitionController {
|
||||
@PostMapping("/copy-batch")
|
||||
@RequiresPermissions(PermissionConstants.PROJECT_API_DEFINITION_READ_COPY_API)
|
||||
@MsAuditLog(module = OperLogModule.API_DEFINITION, type = OperLogConstants.BATCH_UPDATE, beforeEvent = "#msClass.getLogDetails(#request)", content = "#msClass.getLogDetails(#request)", msClass = ApiDefinitionService.class)
|
||||
@CheckOwner(resourceId = "#request.ids", resourceType = "api_definition")
|
||||
public void batchCopy(@RequestBody ApiBatchRequest request) {
|
||||
apiDefinitionService.batchCopy(request);
|
||||
}
|
||||
|
@ -164,6 +164,7 @@ public class ApiTestCaseController {
|
||||
|
||||
@PostMapping("/batch/edit")
|
||||
@RequiresPermissions(PermissionConstants.PROJECT_API_DEFINITION_READ_EDIT_CASE)
|
||||
@CheckOwner(resourceId = "#request.ids", resourceType = "api_test_case")
|
||||
public void editApiBath(@RequestBody ApiCaseEditRequest request) {
|
||||
apiTestCaseService.editApiBath(request);
|
||||
}
|
||||
@ -172,6 +173,7 @@ public class ApiTestCaseController {
|
||||
@RequiresPermissions(PermissionConstants.PROJECT_API_DEFINITION_READ_EDIT_CASE)
|
||||
@MsAuditLog(module = OperLogModule.API_DEFINITION_CASE, type = OperLogConstants.BATCH_UPDATE, beforeEvent = "#msClass.getLogDetails(#request.ids)", content = "#msClass.getLogDetails(#request.ids)", msClass = ApiTestCaseService.class)
|
||||
@SendNotice(taskType = NoticeConstants.TaskType.API_DEFINITION_TASK, event = NoticeConstants.Event.CASE_UPDATE, target = "#targetClass.getApiCaseByIds(#request.ids)", targetClass = ApiTestCaseService.class, subject = "接口用例通知")
|
||||
@CheckOwner(resourceId = "#request.ids", resourceType = "api_test_case")
|
||||
public void editApiBathByParam(@RequestBody ApiTestBatchRequest request) {
|
||||
apiTestCaseService.editApiBathByParam(request);
|
||||
}
|
||||
@ -184,6 +186,7 @@ public class ApiTestCaseController {
|
||||
|
||||
@PostMapping("/reduction")
|
||||
@MsAuditLog(module = OperLogModule.API_DEFINITION_CASE, type = OperLogConstants.RESTORE, beforeEvent = "#msClass.getLogDetails(#request.ids)", content = "#msClass.getLogDetails(#request.ids)", msClass = ApiTestCaseService.class)
|
||||
@CheckOwner(resourceId = "#request.ids", resourceType = "api_test_case")
|
||||
public List<String> reduction(@RequestBody ApiTestBatchRequest request) {
|
||||
List<String> cannotReductionTestCaseApiName = apiTestCaseService.reduction(request);
|
||||
return cannotReductionTestCaseApiName;
|
||||
@ -200,6 +203,7 @@ public class ApiTestCaseController {
|
||||
@PostMapping("/del-batch")
|
||||
@RequiresPermissions(PermissionConstants.PROJECT_API_DEFINITION_READ_DELETE_CASE)
|
||||
@MsAuditLog(module = OperLogModule.API_DEFINITION_CASE, type = OperLogConstants.BATCH_DEL, beforeEvent = "#msClass.getLogDetails(#request.ids)", msClass = ApiTestCaseService.class)
|
||||
@CheckOwner(resourceId = "#request.ids", resourceType = "api_test_case")
|
||||
public void deleteBatchByParam(@RequestBody ApiTestBatchRequest request) {
|
||||
apiTestCaseService.deleteBatchByParam(request);
|
||||
}
|
||||
@ -208,6 +212,7 @@ public class ApiTestCaseController {
|
||||
@RequiresPermissions(PermissionConstants.PROJECT_API_DEFINITION_READ_DELETE_CASE)
|
||||
@MsAuditLog(module = OperLogModule.API_DEFINITION_CASE, type = OperLogConstants.BATCH_DEL, beforeEvent = "#msClass.getLogDetails(#request.ids)", msClass = ApiTestCaseService.class)
|
||||
@SendNotice(taskType = NoticeConstants.TaskType.API_DEFINITION_TASK, event = NoticeConstants.Event.CASE_DELETE, target = "#targetClass.getApiCaseByIds(#request.ids)", targetClass = ApiTestCaseService.class, subject = "接口用例通知")
|
||||
@CheckOwner(resourceId = "#request.ids", resourceType = "api_test_case")
|
||||
public void deleteToGcByParam(@RequestBody ApiTestBatchRequest request) {
|
||||
apiTestCaseService.deleteToGcByParam(request);
|
||||
}
|
||||
|
@ -162,6 +162,7 @@ public class ApiScenarioController {
|
||||
|
||||
@PostMapping("/del-batch")
|
||||
@MsAuditLog(module = OperLogModule.API_AUTOMATION, type = OperLogConstants.BATCH_DEL, beforeEvent = "#msClass.getLogDetails(#request.ids)", msClass = ApiScenarioService.class)
|
||||
@CheckOwner(resourceId = "#request.ids", resourceType = "api_scenario")
|
||||
public void deleteBatchByCondition(@RequestBody ApiScenarioBatchRequest request) {
|
||||
apiAutomationService.deleteBatchByCondition(request);
|
||||
}
|
||||
@ -179,6 +180,7 @@ public class ApiScenarioController {
|
||||
@RequiresPermissions(PermissionConstants.PROJECT_API_SCENARIO_READ_DELETE)
|
||||
@MsAuditLog(module = OperLogModule.API_AUTOMATION, type = OperLogConstants.BATCH_GC, beforeEvent = "#msClass.getLogDetails(#request.ids)", msClass = ApiScenarioService.class)
|
||||
@SendNotice(taskType = NoticeConstants.TaskType.API_AUTOMATION_TASK, target = "#targetClass.getScenarioCaseByIds(#request.ids)", targetClass = ApiScenarioService.class, event = NoticeConstants.Event.DELETE, subject = "接口自动化通知")
|
||||
@CheckOwner(resourceId = "#request.ids", resourceType = "api_scenario")
|
||||
public void removeToGcByBatch(@RequestBody ApiScenarioBatchRequest request) {
|
||||
apiAutomationService.removeToGcByBatch(request);
|
||||
}
|
||||
@ -191,6 +193,7 @@ public class ApiScenarioController {
|
||||
|
||||
@PostMapping("/reduction")
|
||||
@MsAuditLog(module = OperLogModule.API_AUTOMATION, type = OperLogConstants.RESTORE, beforeEvent = "#msClass.getLogDetails(#ids)", msClass = ApiScenarioService.class)
|
||||
@CheckOwner(resourceId = "#ids", resourceType = "api_scenario")
|
||||
public void reduction(@RequestBody List<String> ids) {
|
||||
apiAutomationService.reduction(ids);
|
||||
}
|
||||
@ -283,6 +286,7 @@ public class ApiScenarioController {
|
||||
@RequiresPermissions(PermissionConstants.PROJECT_API_SCENARIO_READ_EDIT)
|
||||
@MsAuditLog(module = OperLogModule.API_AUTOMATION, type = OperLogConstants.BATCH_UPDATE, beforeEvent = "#msClass.getLogDetails(#request.ids)", content = "#msClass.getLogDetails(#request.ids)", msClass = ApiScenarioService.class)
|
||||
@SendNotice(taskType = NoticeConstants.TaskType.API_AUTOMATION_TASK, event = NoticeConstants.Event.UPDATE, target = "#targetClass.getScenarioCaseByIds(#request.ids)", targetClass = ApiScenarioService.class, subject = "接口自动化通知")
|
||||
@CheckOwner(resourceId = "#request.ids", resourceType = "api_scenario")
|
||||
public void bathEdit(@RequestBody ApiScenarioBatchRequest request) {
|
||||
apiAutomationService.bathEdit(request);
|
||||
}
|
||||
@ -290,6 +294,7 @@ public class ApiScenarioController {
|
||||
@PostMapping("/batch/copy")
|
||||
@RequiresPermissions(value = {PermissionConstants.PROJECT_API_SCENARIO_READ_CREATE, PermissionConstants.PROJECT_API_SCENARIO_READ_BATCH_COPY}, logical = Logical.OR)
|
||||
@MsAuditLog(module = OperLogModule.API_AUTOMATION, type = OperLogConstants.BATCH_ADD, beforeEvent = "#msClass.getLogDetails(#request.ids)", content = "#msClass.getLogDetails(#request.ids)", msClass = ApiScenarioService.class)
|
||||
@CheckOwner(resourceId = "#request.ids", resourceType = "api_scenario")
|
||||
public void batchCopy(@RequestBody ApiScenarioBatchRequest request) {
|
||||
apiAutomationService.batchCopy(request);
|
||||
}
|
||||
@ -297,6 +302,7 @@ public class ApiScenarioController {
|
||||
@PostMapping("/batch/update/env")
|
||||
@RequiresPermissions(PermissionConstants.PROJECT_API_SCENARIO_READ_EDIT)
|
||||
@MsAuditLog(module = OperLogModule.API_AUTOMATION, type = OperLogConstants.BATCH_UPDATE, beforeEvent = "#msClass.getLogDetails(#request.ids)", content = "#msClass.getLogDetails(#request.ids)", msClass = ApiScenarioService.class)
|
||||
@CheckOwner(resourceId = "#request.ids", resourceType = "api_scenario")
|
||||
public void batchUpdateEnv(@RequestBody ApiScenarioBatchRequest request) {
|
||||
apiAutomationService.batchUpdateEnv(request);
|
||||
}
|
||||
|
Loading…
Reference in New Issue
Block a user