This is an automated email from the ASF dual-hosted git repository.
xiaoyu pushed a commit to branch master
in repository https://gitbox.apache.org/repos/asf/incubator-shenyu.git
The following commit(s) were added to refs/heads/master by this push:
new 0e826ce fix shenyu-admin: add dashboard user permission (#2357)
0e826ce is described below
commit 0e826ceae97a1258cb15c73a3072118c920e8654
Author: midnight2104 <[email protected]>
AuthorDate: Tue Nov 16 10:35:07 2021 +0800
fix shenyu-admin: add dashboard user permission (#2357)
* refactor shenyu-common: code polish
* refactor shenyu-common: code polish
* refactor shenyu-data-sync-center: code polish
* refactor shenyu-data-sync-center: code polish
* refactor shenyu-admin: code polish
* refactor shenyu-admin: add user permissions.
* refactor shenyu-admin: ignore password in api.
---
.../admin/controller/DashboardUserController.java | 25 +++++++++++++---------
.../shenyu/admin/model/vo/DashboardUserVO.java | 2 ++
.../admin/shiro/config/ShiroConfiguration.java | 13 +++++++++++
.../controller/DashboardUserControllerTest.java | 4 +---
4 files changed, 31 insertions(+), 13 deletions(-)
diff --git
a/shenyu-admin/src/main/java/org/apache/shenyu/admin/controller/DashboardUserController.java
b/shenyu-admin/src/main/java/org/apache/shenyu/admin/controller/DashboardUserController.java
index 049854b..be658d1 100644
---
a/shenyu-admin/src/main/java/org/apache/shenyu/admin/controller/DashboardUserController.java
+++
b/shenyu-admin/src/main/java/org/apache/shenyu/admin/controller/DashboardUserController.java
@@ -29,6 +29,7 @@ import org.apache.shenyu.admin.model.vo.DashboardUserVO;
import org.apache.shenyu.admin.service.DashboardUserService;
import org.apache.shenyu.admin.utils.AesUtils;
import org.apache.shenyu.admin.utils.ShenyuResultMessage;
+import org.apache.shiro.authz.annotation.RequiresPermissions;
import org.springframework.validation.annotation.Validated;
import org.springframework.web.bind.annotation.DeleteMapping;
import org.springframework.web.bind.annotation.GetMapping;
@@ -70,14 +71,15 @@ public class DashboardUserController {
* @param pageSize page size
* @return {@linkplain ShenyuAdminResult}
*/
+ @RequiresPermissions("system:manager:list")
@GetMapping("")
- public ShenyuAdminResult queryDashboardUsers(final String userName, final
Integer currentPage, final Integer pageSize) {
- String key = secretProperties.getKey();
- String iv = secretProperties.getIv();
- CommonPager<DashboardUserVO> commonPager =
dashboardUserService.listByPage(new DashboardUserQuery(userName, new
PageParameter(currentPage, pageSize)));
+ public ShenyuAdminResult queryDashboardUsers(final String userName,
+ final Integer currentPage,
+ final Integer pageSize) {
+ CommonPager<DashboardUserVO> commonPager =
dashboardUserService.listByPage(new DashboardUserQuery(userName,
+ new PageParameter(currentPage, pageSize)));
+
if (CollectionUtils.isNotEmpty(commonPager.getDataList())) {
- commonPager.getDataList()
- .forEach(item ->
item.setPassword(AesUtils.aesDecryption(item.getPassword(), key, iv)));
return
ShenyuAdminResult.success(ShenyuResultMessage.QUERY_SUCCESS, commonPager);
} else {
return
ShenyuAdminResult.error(ShenyuResultMessage.DASHBOARD_QUERY_ERROR);
@@ -90,13 +92,13 @@ public class DashboardUserController {
* @param id dashboard user id.
* @return {@linkplain ShenyuAdminResult}
*/
+ @RequiresPermissions("system:manager:list")
@GetMapping("/{id}")
public ShenyuAdminResult detailDashboardUser(@PathVariable("id") final
String id) {
DashboardUserEditVO dashboardUserEditVO =
dashboardUserService.findById(id);
- return Optional.ofNullable(dashboardUserEditVO).map(item -> {
- item.setPassword("");
- return
ShenyuAdminResult.success(ShenyuResultMessage.DETAIL_SUCCESS, item);
- }).orElseGet(() ->
ShenyuAdminResult.error(ShenyuResultMessage.DASHBOARD_QUERY_ERROR));
+ return Optional.ofNullable(dashboardUserEditVO)
+ .map(item ->
ShenyuAdminResult.success(ShenyuResultMessage.DETAIL_SUCCESS, item))
+ .orElseGet(() ->
ShenyuAdminResult.error(ShenyuResultMessage.DASHBOARD_QUERY_ERROR));
}
/**
@@ -105,6 +107,7 @@ public class DashboardUserController {
* @param dashboardUserDTO dashboard user.
* @return {@linkplain ShenyuAdminResult}
*/
+ @RequiresPermissions("system:manager:add")
@PostMapping("")
public ShenyuAdminResult createDashboardUser(@Valid @RequestBody final
DashboardUserDTO dashboardUserDTO) {
String key = secretProperties.getKey();
@@ -123,6 +126,7 @@ public class DashboardUserController {
* @param dashboardUserDTO dashboard user.
* @return {@linkplain ShenyuAdminResult}
*/
+ @RequiresPermissions("system:manager:edit")
@PutMapping("/{id}")
public ShenyuAdminResult updateDashboardUser(@PathVariable("id") final
String id, @Valid @RequestBody final DashboardUserDTO dashboardUserDTO) {
String key = secretProperties.getKey();
@@ -139,6 +143,7 @@ public class DashboardUserController {
* @param ids primary key.
* @return {@linkplain ShenyuAdminResult}
*/
+ @RequiresPermissions("system:manager:delete")
@DeleteMapping("/batch")
public ShenyuAdminResult deleteDashboardUser(@RequestBody @NotEmpty final
List<@NotBlank String> ids) {
Integer deleteCount = dashboardUserService.delete(ids);
diff --git
a/shenyu-admin/src/main/java/org/apache/shenyu/admin/model/vo/DashboardUserVO.java
b/shenyu-admin/src/main/java/org/apache/shenyu/admin/model/vo/DashboardUserVO.java
index f6ce5c6..3bbd118 100644
---
a/shenyu-admin/src/main/java/org/apache/shenyu/admin/model/vo/DashboardUserVO.java
+++
b/shenyu-admin/src/main/java/org/apache/shenyu/admin/model/vo/DashboardUserVO.java
@@ -17,6 +17,7 @@
package org.apache.shenyu.admin.model.vo;
+import com.fasterxml.jackson.annotation.JsonIgnore;
import org.apache.shenyu.admin.model.entity.DashboardUserDO;
import org.apache.shenyu.common.utils.DateUtils;
@@ -44,6 +45,7 @@ public class DashboardUserVO implements Serializable {
/**
* user password.
*/
+ @JsonIgnore
private String password;
/**
diff --git
a/shenyu-admin/src/main/java/org/apache/shenyu/admin/shiro/config/ShiroConfiguration.java
b/shenyu-admin/src/main/java/org/apache/shenyu/admin/shiro/config/ShiroConfiguration.java
index 0484d06..0e2efe3 100644
---
a/shenyu-admin/src/main/java/org/apache/shenyu/admin/shiro/config/ShiroConfiguration.java
+++
b/shenyu-admin/src/main/java/org/apache/shenyu/admin/shiro/config/ShiroConfiguration.java
@@ -24,6 +24,7 @@ import org.apache.shiro.spring.LifecycleBeanPostProcessor;
import
org.apache.shiro.spring.security.interceptor.AuthorizationAttributeSourceAdvisor;
import org.apache.shiro.spring.web.ShiroFilterFactoryBean;
import org.apache.shiro.web.mgt.DefaultWebSecurityManager;
+import
org.springframework.aop.framework.autoproxy.DefaultAdvisorAutoProxyCreator;
import org.springframework.beans.factory.annotation.Qualifier;
import org.springframework.context.annotation.Bean;
import org.springframework.context.annotation.Configuration;
@@ -95,6 +96,18 @@ public class ShiroConfiguration {
}
/**
+ * Support shiro annotation.
+ *
+ * @return DefaultAdvisorAutoProxyCreator.
+ */
+ @Bean
+ public static DefaultAdvisorAutoProxyCreator
getDefaultAdvisorAutoProxyCreator() {
+ DefaultAdvisorAutoProxyCreator defaultAdvisorAutoProxyCreator = new
DefaultAdvisorAutoProxyCreator();
+ defaultAdvisorAutoProxyCreator.setProxyTargetClass(true);
+ return defaultAdvisorAutoProxyCreator;
+ }
+
+ /**
* shiro's lifecycle in spring.
*
* @return {@linkplain LifecycleBeanPostProcessor}
diff --git
a/shenyu-admin/src/test/java/org/apache/shenyu/admin/controller/DashboardUserControllerTest.java
b/shenyu-admin/src/test/java/org/apache/shenyu/admin/controller/DashboardUserControllerTest.java
index ed616f9..4220ef0 100644
---
a/shenyu-admin/src/test/java/org/apache/shenyu/admin/controller/DashboardUserControllerTest.java
+++
b/shenyu-admin/src/test/java/org/apache/shenyu/admin/controller/DashboardUserControllerTest.java
@@ -98,7 +98,6 @@ public final class DashboardUserControllerTest {
mockMvc.perform(get(url))
.andExpect(status().isOk())
.andExpect(jsonPath("$.message",
is(ShenyuResultMessage.QUERY_SUCCESS)))
- .andExpect(jsonPath("$.data.dataList[0].password",
is("123456")))
.andReturn();
final CommonPager<DashboardUserVO> commonPagerError = new
CommonPager<>(new PageParameter(),
@@ -121,8 +120,7 @@ public final class DashboardUserControllerTest {
final String url = "/dashboardUser/1";
mockMvc.perform(get(url))
.andExpect(status().isOk())
- .andExpect(jsonPath("$.message",
is(ShenyuResultMessage.DETAIL_SUCCESS)))
- .andExpect(jsonPath("$.data.password", is("")));
+ .andExpect(jsonPath("$.message",
is(ShenyuResultMessage.DETAIL_SUCCESS)));
given(dashboardUserService.findById(any())).willReturn(null);
mockMvc.perform(get(url))
