This is an automated email from the ASF dual-hosted git repository.
benjobs pushed a commit to branch dev-2.1.4
in repository https://gitbox.apache.org/repos/asf/incubator-streampark.git
The following commit(s) were added to refs/heads/dev-2.1.4 by this push:
new ab93ed1dd [Improve] shiro permission improvement
ab93ed1dd is described below
commit ab93ed1dda8a79eb65cefe1020e4a34244a48a24
Author: benjobs <[email protected]>
AuthorDate: Wed Apr 10 23:57:31 2024 +0800
[Improve] shiro permission improvement
---
.../streampark-console-service/src/main/assembly/plugins/.gitkeep | 0
.../streampark/console/system/controller/MemberController.java | 2 ++
.../apache/streampark/console/system/controller/UserController.java | 6 ++----
3 files changed, 4 insertions(+), 4 deletions(-)
diff --git
a/streampark-console/streampark-console-service/src/main/assembly/plugins/.gitkeep
b/streampark-console/streampark-console-service/src/main/assembly/plugins/.gitkeep
new file mode 100644
index 000000000..e69de29bb
diff --git
a/streampark-console/streampark-console-service/src/main/java/org/apache/streampark/console/system/controller/MemberController.java
b/streampark-console/streampark-console-service/src/main/java/org/apache/streampark/console/system/controller/MemberController.java
index 69f5a9c71..38c584b47 100644
---
a/streampark-console/streampark-console-service/src/main/java/org/apache/streampark/console/system/controller/MemberController.java
+++
b/streampark-console/streampark-console-service/src/main/java/org/apache/streampark/console/system/controller/MemberController.java
@@ -56,6 +56,7 @@ public class MemberController {
@Operation(summary = "List members")
@PostMapping("list")
+ @RequiresPermissions("member:view")
public RestResponse memberList(RestRequest restRequest, Member member) {
IPage<Member> userList = memberService.page(member, restRequest);
return RestResponse.success(userList);
@@ -63,6 +64,7 @@ public class MemberController {
@Operation(summary = "List candidate users")
@PostMapping("candidateUsers")
+ @RequiresPermissions("member:add")
public RestResponse candidateUsers(Long teamId) {
List<User> userList = memberService.findCandidateUsers(teamId);
return RestResponse.success(userList);
diff --git
a/streampark-console/streampark-console-service/src/main/java/org/apache/streampark/console/system/controller/UserController.java
b/streampark-console/streampark-console-service/src/main/java/org/apache/streampark/console/system/controller/UserController.java
index 29113a1f7..618db67cb 100644
---
a/streampark-console/streampark-console-service/src/main/java/org/apache/streampark/console/system/controller/UserController.java
+++
b/streampark-console/streampark-console-service/src/main/java/org/apache/streampark/console/system/controller/UserController.java
@@ -30,7 +30,6 @@ import org.apache.streampark.console.system.entity.User;
import org.apache.streampark.console.system.service.TeamService;
import org.apache.streampark.console.system.service.UserService;
-import org.apache.shiro.authz.annotation.Logical;
import org.apache.shiro.authz.annotation.RequiresPermissions;
import com.baomidou.mybatisplus.core.metadata.IPage;
@@ -66,9 +65,7 @@ public class UserController {
@Operation(summary = "List users")
@PostMapping("list")
- @RequiresPermissions(
- value = {"user:view", "app:view"},
- logical = Logical.OR)
+ @RequiresPermissions("user:view")
public RestResponse userList(RestRequest restRequest, User user) {
IPage<User> userList = userService.page(user, restRequest);
return RestResponse.success(userList);
@@ -101,6 +98,7 @@ public class UserController {
@Operation(summary = "List without token users")
@PostMapping("getNoTokenUser")
+ @RequiresPermissions("token:add")
public RestResponse getNoTokenUser() {
List<User> userList = this.userService.getNoTokenUser();
return RestResponse.success(userList);
