Merge pull request #1214 from WeBankPartners/query_code_permission

Query code permission
WeBankPartners · Jan 25, 2021 · 44d9354 · 44d9354
2 parents d491190 + e1ab258
commit 44d9354
Show file tree

Hide file tree

Showing 4 changed files with 186 additions and 12 deletions.
diff --git a/cmdb-core/src/main/java/com/webank/cmdb/controller/ui/UIEnumManagementController.java b/cmdb-core/src/main/java/com/webank/cmdb/controller/ui/UIEnumManagementController.java
@@ -1,13 +1,5 @@
 package com.webank.cmdb.controller.ui;
 
-import static com.webank.cmdb.domain.AdmMenu.MENU_CMDB_ADMIN_BASE_DATA_MANAGEMENT;
-import static com.webank.cmdb.domain.AdmMenu.MENU_ADMIN_CMDB_MODEL_MANAGEMENT;
-import static com.webank.cmdb.domain.AdmMenu.MENU_ADMIN_PERMISSION_MANAGEMENT;
-import static com.webank.cmdb.domain.AdmMenu.MENU_APPLICATION_DEPLOYMENT_DESIGN;
-import static com.webank.cmdb.domain.AdmMenu.MENU_DESIGNING_CI_DATA_ENQUIRY;
-import static com.webank.cmdb.domain.AdmMenu.MENU_DESIGNING_CI_DATA_MANAGEMENT;
-import static com.webank.cmdb.domain.AdmMenu.MENU_DESIGNING_CI_INTEGRATED_QUERY_EXECUTION;
-
 import java.util.List;
 import java.util.Map;
 
@@ -32,6 +24,8 @@
 import com.webank.cmdb.dto.QueryRequest;
 import com.webank.cmdb.dto.QueryResponse;
 
+import static com.webank.cmdb.domain.AdmMenu.*;
+
 @RestController
 @RequestMapping("/ui/v2")
 public class UIEnumManagementController {
@@ -126,14 +120,30 @@ public void deleteCiTypeLayer(@PathVariable(value = "layer-id") int layerId) {
         wrapperService.deleteEnumCodes(layerId);
     }
 
-    @RolesAllowed({ MENU_ADMIN_CMDB_MODEL_MANAGEMENT, MENU_CMDB_ADMIN_BASE_DATA_MANAGEMENT })
+    @RolesAllowed({
+            MENU_ADMIN_CMDB_MODEL_MANAGEMENT,
+            MENU_CMDB_ADMIN_BASE_DATA_MANAGEMENT,
+            MENU_IDC_PLANNING_DESIGN,
+            MENU_IDC_RESOURCE_PLANNING,
+            MENU_APPLICATION_ARCHITECTURE_DESIGN,
+            MENU_APPLICATION_ARCHITECTURE_QUERY,
+            MENU_APPLICATION_DEPLOYMENT_DESIGN
+    })
     @PostMapping("/enum/system/codes")
     @ResponseBody
     public Object querySystemEnumCodesWithRefResources(@RequestBody QueryRequest queryObject) {
         return wrapperService.querySystemEnumCodesWithRefResources(queryObject);
     }
 
-    @RolesAllowed({ MENU_ADMIN_CMDB_MODEL_MANAGEMENT, MENU_CMDB_ADMIN_BASE_DATA_MANAGEMENT })
+    @RolesAllowed({
+            MENU_ADMIN_CMDB_MODEL_MANAGEMENT,
+            MENU_CMDB_ADMIN_BASE_DATA_MANAGEMENT,
+            MENU_IDC_PLANNING_DESIGN,
+            MENU_IDC_RESOURCE_PLANNING,
+            MENU_APPLICATION_ARCHITECTURE_DESIGN,
+            MENU_APPLICATION_ARCHITECTURE_QUERY,
+            MENU_APPLICATION_DEPLOYMENT_DESIGN
+    })
     @PostMapping("/enum/non-system/codes")
     @ResponseBody
     public Object queryNonSystemEnumCodesWithRefResources(@RequestBody QueryRequest queryObject) {

diff --git a/cmdb-core/src/main/java/com/webank/cmdb/dto/QueryRequest.java b/cmdb-core/src/main/java/com/webank/cmdb/dto/QueryRequest.java
@@ -85,9 +85,9 @@ public void setSorting(Sorting sorting) {
     }
 
     public List<Sorting> getSortings() {
-        if(!this.sortings.isEmpty()) return this.sortings;
+        if(this.sortings != null && !this.sortings.isEmpty()) return this.sortings;
 
-        if(!StringUtils.isBlank(this.sorting.getField())) return Collections.singletonList(this.sorting);
+        if(this.sorting != null && !StringUtils.isBlank(this.sorting.getField())) return Collections.singletonList(this.sorting);
 
         return Collections.emptyList();
     }

diff --git a/cmdb-core/src/test/java/com/webank/cmdb/controller/ui/UIEnumManagementControllerTest.java b/cmdb-core/src/test/java/com/webank/cmdb/controller/ui/UIEnumManagementControllerTest.java
@@ -0,0 +1,109 @@
+package com.webank.cmdb.controller.ui;
+
+import com.webank.cmdb.controller.AbstractBaseControllerTest;
+import org.junit.Test;
+import org.springframework.http.MediaType;
+import org.springframework.security.test.context.support.WithMockUser;
+
+import static com.webank.cmdb.domain.AdmMenu.*;
+import static org.hamcrest.CoreMatchers.is;
+import static org.hamcrest.Matchers.notNullValue;
+import static org.springframework.test.web.servlet.request.MockMvcRequestBuilders.post;
+import static org.springframework.test.web.servlet.result.MockMvcResultMatchers.jsonPath;
+import static org.springframework.test.web.servlet.result.MockMvcResultMatchers.status;
+
+public class UIEnumManagementControllerTest extends AbstractBaseControllerTest {
+    private static final String QUERY_SYSTEM_CODE_URL = "/ui/v2/enum/system/codes";
+    private static final String QUERY_NON_SYSTEM_CODE_URL = "/ui/v2/enum/non-system/codes";
+
+    @Test
+    @WithMockUser(value = "test")
+    public void querySystemEnum_should_fail_for_user_without_appropriate_menu_permission() throws Exception {
+        shouldApiCallFailForInsufficientPermission(QUERY_SYSTEM_CODE_URL);
+    }
+
+    @Test
+    @WithMockUser(value = "test", authorities = { ROLE_PREFIX + MENU_IDC_PLANNING_DESIGN })
+    public void querySystemEnum_should_success_for_role_IDC_PLANNING_DESIGN() throws Exception {
+        shouldApiCallSucceedSucceed(QUERY_SYSTEM_CODE_URL);
+    }
+
+    @Test
+    @WithMockUser(value = "test", authorities = { ROLE_PREFIX + MENU_IDC_RESOURCE_PLANNING })
+    public void querySystemEnum_should_success_for_role_IDC_RESOURCE_PLANNING() throws Exception {
+        shouldApiCallSucceedSucceed(QUERY_SYSTEM_CODE_URL);
+    }
+
+    @Test
+    @WithMockUser(value = "test", authorities = { ROLE_PREFIX + MENU_APPLICATION_ARCHITECTURE_DESIGN })
+    public void querySystemEnum_should_success_for_role_APPLICATION_ARCHITECTURE_DESIGN() throws Exception {
+        shouldApiCallSucceedSucceed(QUERY_SYSTEM_CODE_URL);
+    }
+
+    @Test
+    @WithMockUser(value = "test", authorities = { ROLE_PREFIX + MENU_APPLICATION_ARCHITECTURE_QUERY })
+    public void querySystemEnum_should_success_for_role_APPLICATION_ARCHITECTURE_QUERY() throws Exception {
+        shouldApiCallSucceedSucceed(QUERY_SYSTEM_CODE_URL);
+    }
+
+    @Test
+    @WithMockUser(value = "test", authorities = { ROLE_PREFIX + MENU_APPLICATION_DEPLOYMENT_DESIGN })
+    public void querySystemEnum_should_success_for_role_APPLICATION_DEPLOYMENT_DESIGN() throws Exception {
+        shouldApiCallSucceedSucceed(QUERY_SYSTEM_CODE_URL);
+    }
+
+
+    @Test
+    @WithMockUser(value = "test")
+    public void queryNonSystemEnum_should_fail_for_user_without_appropriate_menu_permission() throws Exception {
+        shouldApiCallFailForInsufficientPermission(QUERY_NON_SYSTEM_CODE_URL);
+    }
+
+    @Test
+    @WithMockUser(value = "test", authorities = { ROLE_PREFIX + MENU_IDC_PLANNING_DESIGN })
+    public void queryNonSystemEnum_should_success_for_role_IDC_PLANNING_DESIGN() throws Exception {
+        shouldApiCallSucceedSucceed(QUERY_NON_SYSTEM_CODE_URL);
+    }
+
+    @Test
+    @WithMockUser(value = "test", authorities = { ROLE_PREFIX + MENU_IDC_RESOURCE_PLANNING })
+    public void queryNonSystemEnum_should_success_for_role_IDC_RESOURCE_PLANNING() throws Exception {
+        shouldApiCallSucceedSucceed(QUERY_NON_SYSTEM_CODE_URL);
+    }
+
+    @Test
+    @WithMockUser(value = "test", authorities = { ROLE_PREFIX + MENU_APPLICATION_ARCHITECTURE_DESIGN })
+    public void queryNonSystemEnum_should_success_for_role_APPLICATION_ARCHITECTURE_DESIGN() throws Exception {
+        shouldApiCallSucceedSucceed(QUERY_NON_SYSTEM_CODE_URL);
+    }
+
+    @Test
+    @WithMockUser(value = "test", authorities = { ROLE_PREFIX + MENU_APPLICATION_ARCHITECTURE_QUERY })
+    public void queryNonSystemEnum_should_success_for_role_APPLICATION_ARCHITECTURE_QUERY() throws Exception {
+        shouldApiCallSucceedSucceed(QUERY_NON_SYSTEM_CODE_URL);
+    }
+
+    @Test
+    @WithMockUser(value = "test", authorities = { ROLE_PREFIX + MENU_APPLICATION_DEPLOYMENT_DESIGN })
+    public void queryNonSystemEnum_should_success_for_role_APPLICATION_DEPLOYMENT_DESIGN() throws Exception {
+        shouldApiCallSucceedSucceed(QUERY_NON_SYSTEM_CODE_URL);
+    }
+
+    private void shouldApiCallSucceedSucceed(String url) throws Exception {
+        mvc.perform(post(url)
+                .contentType(MediaType.APPLICATION_JSON_UTF8).content("{}"))
+                .andExpect(status().isOk())
+                .andExpect(jsonPath("$.statusCode", is("OK")))
+                .andExpect(jsonPath("$.data", notNullValue()))
+        ;
+    }
+
+    private void shouldApiCallFailForInsufficientPermission(String url) throws Exception {
+        mvc.perform(post(url)
+                .contentType(MediaType.APPLICATION_JSON_UTF8).content("{}"))
+                .andExpect(status().isOk())
+                .andExpect(jsonPath("$.statusCode", is("ERROR")))
+                .andExpect(jsonPath("$.statusMessage", is("Access is denied")))
+        ;
+    }
+}
diff --git a/cmdb-core/src/test/java/com/webank/cmdb/controller/ui/UILogControllerTest.java b/cmdb-core/src/test/java/com/webank/cmdb/controller/ui/UILogControllerTest.java
@@ -0,0 +1,55 @@
+package com.webank.cmdb.controller.ui;
+
+import com.fasterxml.jackson.databind.ObjectMapper;
+import com.google.common.collect.ImmutableMap;
+import com.webank.cmdb.controller.AbstractBaseControllerTest;
+import org.junit.Test;
+import org.springframework.http.MediaType;
+import org.springframework.security.test.context.support.WithMockUser;
+
+import javax.transaction.Transactional;
+
+import java.io.Serializable;
+import java.util.Map;
+
+import static com.webank.cmdb.domain.AdmMenu.MENU_ADMIN_QUERY_LOG;
+import static com.webank.cmdb.domain.AdmMenu.ROLE_PREFIX;
+import static org.hamcrest.CoreMatchers.is;
+import static org.springframework.test.web.servlet.request.MockMvcRequestBuilders.post;
+import static org.springframework.test.web.servlet.result.MockMvcResultMatchers.jsonPath;
+import static org.springframework.test.web.servlet.result.MockMvcResultMatchers.status;
+
+@WithMockUser(username = "test", authorities = { ROLE_PREFIX + MENU_ADMIN_QUERY_LOG })
+public class UILogControllerTest extends AbstractBaseControllerTest {
+
+    @Test
+    public void queryLogWithEmptyQueryObject() throws Exception {
+        mvc.perform(post("/ui/v2/log/query").contentType(MediaType.APPLICATION_JSON)
+                .content("{}"))
+                .andExpect(status().isOk())
+                .andExpect(jsonPath("$.statusCode", is("OK")));
+        ;
+    }
+
+    @Test
+    public void queryLogWithNullSorting() throws Exception {
+        mvc.perform(post("/ui/v2/log/query").contentType(MediaType.APPLICATION_JSON)
+                .content("{\"sorting\": null}"))
+                .andExpect(status().isOk())
+                .andExpect(jsonPath("$.statusCode", is("OK")));
+        ;
+    }
+
+    @Test
+    public void queryLogWithSorting() throws Exception {
+        Map<String, Object> sortingMap = ImmutableMap.of("asc", true, "field", "createdDate");
+        Map<String, Object> requestMap = ImmutableMap.of("sorting", sortingMap);
+
+        mvc.perform(post("/ui/v2/log/query").contentType(MediaType.APPLICATION_JSON)
+                .content(new ObjectMapper().writeValueAsString(requestMap)))
+                .andExpect(status().isOk())
+                .andExpect(jsonPath("$.statusCode", is("OK")));
+        ;
+    }
+
+}