diff --git a/src/main/java/neatlogic/module/cmdb/api/cicatalog/ListCiCatalogAndCiForTreeApi.java b/src/main/java/neatlogic/module/cmdb/api/cicatalog/ListCiCatalogAndCiForTreeApi.java index a80676b5ae00fd6f8ebfff218037fc28e77bf4ee..f3740e833ebcb3212a60a2d05ec9bbe1068adc46 100644 --- a/src/main/java/neatlogic/module/cmdb/api/cicatalog/ListCiCatalogAndCiForTreeApi.java +++ b/src/main/java/neatlogic/module/cmdb/api/cicatalog/ListCiCatalogAndCiForTreeApi.java @@ -2,25 +2,31 @@ package neatlogic.module.cmdb.api.cicatalog; import com.alibaba.fastjson.JSONObject; import neatlogic.framework.auth.core.AuthAction; +import neatlogic.framework.auth.core.AuthActionChecker; +import neatlogic.framework.cmdb.auth.label.CIENTITY_MODIFY; +import neatlogic.framework.cmdb.auth.label.CI_MODIFY; import neatlogic.framework.cmdb.auth.label.CMDB_BASE; +import neatlogic.framework.cmdb.dto.ci.CiAuthVo; import neatlogic.framework.cmdb.dto.ci.CiVo; import neatlogic.framework.cmdb.dto.cicatalog.CiCatalogNodeVo; import neatlogic.framework.cmdb.dto.cicatalog.CiCatalogVo; +import neatlogic.framework.cmdb.enums.CiAuthType; +import neatlogic.framework.cmdb.enums.group.GroupType; import neatlogic.framework.common.constvalue.ApiParamType; import neatlogic.framework.restful.annotation.*; import neatlogic.framework.restful.constvalue.OperationTypeEnum; import neatlogic.framework.restful.core.privateapi.PrivateApiComponentBase; +import neatlogic.module.cmdb.dao.mapper.ci.CiAuthMapper; import neatlogic.module.cmdb.dao.mapper.ci.CiMapper; +import neatlogic.module.cmdb.service.ci.CiAuthChecker; import neatlogic.module.cmdb.service.cicatalog.CiCatalogService; import org.apache.commons.collections4.CollectionUtils; import org.apache.commons.lang3.StringUtils; import org.springframework.stereotype.Service; import javax.annotation.Resource; -import java.util.ArrayList; -import java.util.HashMap; -import java.util.List; -import java.util.Map; +import java.util.*; +import java.util.stream.Collectors; @Service @AuthAction(action = CMDB_BASE.class) @@ -30,6 +36,9 @@ public class ListCiCatalogAndCiForTreeApi extends PrivateApiComponentBase { @Resource private CiMapper ciMapper; + @Resource + private CiAuthMapper ciAuthMapper; + @Resource private CiCatalogService ciCatalogService; @@ -47,88 +56,73 @@ public class ListCiCatalogAndCiForTreeApi extends PrivateApiComponentBase { @Description(desc = "nmcac.listcicatalogandcifortreeapi.getname") @Override public Object myDoService(JSONObject paramObj) throws Exception { - CiCatalogNodeVo rootNode = null; List catalogList = new ArrayList<>(); - Map id2NodeMap = new HashMap<>(); + List matchCiCatalogNodeList = new ArrayList<>(); List noCatalogCiNodeList = new ArrayList<>(); - List ciNodeList = new ArrayList<>(); + List hasCatalogCiNodeList = new ArrayList<>(); List allNodeList = ciCatalogService.getAllCiCatalogList(); + Map id2NodeMap = allNodeList.stream().collect(Collectors.toMap(e -> e.getId(), e -> e)); List ciList = ciMapper.getAllCi(null); String keyword = paramObj.getString("keyword"); if (StringUtils.isNotBlank(keyword)) { keyword = keyword.toLowerCase(); - List matchKeywordCiCatalogNodeList = new ArrayList<>(); - if (CollectionUtils.isNotEmpty(allNodeList)) { - rootNode = allNodeList.get(0); - for (CiCatalogNodeVo node : allNodeList) { - node.setType(CiCatalogNodeVo.CATALOG); - id2NodeMap.put(node.getId(), node); - if (node.getName().toLowerCase().contains(keyword)) { - matchKeywordCiCatalogNodeList.add(node); - } + List matchKeywordCiCatalogNodeIdList = new ArrayList<>(); + for (CiCatalogNodeVo node : allNodeList) { + if (node.getName().toLowerCase().contains(keyword)) { + matchCiCatalogNodeList.add(node); + matchKeywordCiCatalogNodeIdList.add(node.getId()); } } - for (CiVo ciVo : ciList) { - if (!ciVo.getName().toLowerCase().contains(keyword) && !ciVo.getLabel().toLowerCase().contains(keyword)) { - continue; - } - CiCatalogNodeVo ciNode = new CiCatalogNodeVo(ciVo); - if (ciVo.getCatalogId() == null) { - noCatalogCiNodeList.add(ciNode); + Iterator iterator = ciList.iterator(); + while (iterator.hasNext()) { + CiVo ciVo = iterator.next(); + if (matchKeywordCiCatalogNodeIdList.contains(ciVo.getCatalogId())) { continue; } - CiCatalogNodeVo node = id2NodeMap.get(ciVo.getCatalogId()); - if (node == null) { - noCatalogCiNodeList.add(ciNode); - continue; + if (!ciVo.getName().toLowerCase().contains(keyword) && !ciVo.getLabel().toLowerCase().contains(keyword)) { + iterator.remove(); } - matchKeywordCiCatalogNodeList.add(node); - ciNodeList.add(ciNode); } - for (CiCatalogNodeVo node : allNodeList) { - for (CiCatalogNodeVo matchKeywordCiCatalogNode : matchKeywordCiCatalogNodeList) { - if (node.getLft() <= matchKeywordCiCatalogNode.getLft() && node.getRht() >= matchKeywordCiCatalogNode.getRht()) { - catalogList.add(node); - } - } + } + checkCiAuth(ciList); + for (CiVo ciVo : ciList) { + CiCatalogNodeVo ciNode = new CiCatalogNodeVo(ciVo); + if (ciVo.getCatalogId() == null) { + noCatalogCiNodeList.add(ciNode); + continue; } - } else { - if (CollectionUtils.isNotEmpty(allNodeList)) { - rootNode = allNodeList.get(0); - for (CiCatalogNodeVo node : allNodeList) { - node.setType(CiCatalogNodeVo.CATALOG); - id2NodeMap.put(node.getId(), node); - catalogList.add(node); - } + CiCatalogNodeVo node = id2NodeMap.get(ciVo.getCatalogId()); + if (node == null) { + noCatalogCiNodeList.add(ciNode); + continue; } - for (CiVo ciVo : ciList) { - CiCatalogNodeVo ciNode = new CiCatalogNodeVo(ciVo); - if (ciVo.getCatalogId() == null) { - noCatalogCiNodeList.add(ciNode); - continue; - } - CiCatalogNodeVo node = id2NodeMap.get(ciVo.getCatalogId()); - if (node == null) { - noCatalogCiNodeList.add(ciNode); - continue; + matchCiCatalogNodeList.add(node); + hasCatalogCiNodeList.add(ciNode); + } + + for (CiCatalogNodeVo node : allNodeList) { + for (CiCatalogNodeVo matchCiCatalogNode : matchCiCatalogNodeList) { + if (node.getLft() <= matchCiCatalogNode.getLft() && node.getRht() >= matchCiCatalogNode.getRht()) { + catalogList.add(node); } - ciNodeList.add(ciNode); } } if (CollectionUtils.isNotEmpty(catalogList)) { for (CiCatalogNodeVo node : catalogList) { + node.setType(CiCatalogNodeVo.CATALOG); CiCatalogNodeVo parent = id2NodeMap.get(node.getParentId()); if (parent != null) { parent.addChild(node); } } - for (CiCatalogNodeVo node : ciNodeList) { + for (CiCatalogNodeVo node : hasCatalogCiNodeList) { CiCatalogNodeVo parent = id2NodeMap.get(node.getParentId()); if (parent != null) { parent.addChild(node); } } + CiCatalogNodeVo rootNode = allNodeList.get(0); for (CiCatalogNodeVo node : noCatalogCiNodeList) { rootNode.addChild(node); } @@ -143,4 +137,31 @@ public class ListCiCatalogAndCiForTreeApi extends PrivateApiComponentBase { return "cmdb/cicatalogandci/listtree"; } + private void checkCiAuth(List ciList) { + //如果没有管理权限则需要检查每个模型的权限 + if (!AuthActionChecker.check(CI_MODIFY.class, CIENTITY_MODIFY.class)) { + Map> ciId2CiAuthListMap = new HashMap<>(); + List ciIdList = ciList.stream().map(CiVo::getId).collect(Collectors.toList()); + List ciAuthList = ciAuthMapper.getCiAuthByCiIdList(ciIdList); + for (CiAuthVo ciAuth : ciAuthList) { + ciId2CiAuthListMap.computeIfAbsent(ciAuth.getCiId(), key -> new ArrayList<>()).add(ciAuth); + } + Iterator iterator = ciList.iterator(); + while (iterator.hasNext()) { + CiVo ciVo = iterator.next(); + List ciAuths = ciId2CiAuthListMap.get(ciVo.getId()); + if (CollectionUtils.isNotEmpty(ciAuths)) { + if (!CiAuthChecker.hasPrivilege(ciAuths, CiAuthType.CIMANAGE, CiAuthType.CIENTITYUPDATE, CiAuthType.CIENTITYDELETE, CiAuthType.TRANSACTIONMANAGE, CiAuthType.CIENTITYQUERY)) { + if (!CiAuthChecker.isCiInGroup(ciVo.getId(), GroupType.READONLY, GroupType.MAINTAIN)) { + iterator.remove(); + } + } + } else { + if (!CiAuthChecker.isCiInGroup(ciVo.getId(), GroupType.READONLY, GroupType.MAINTAIN)) { + iterator.remove(); + } + } + } + } + } } diff --git a/src/main/java/neatlogic/module/cmdb/dao/mapper/ci/CiAuthMapper.java b/src/main/java/neatlogic/module/cmdb/dao/mapper/ci/CiAuthMapper.java index 56e0de1270653450be747bfa10297af6544502b4..0b3c82d7a80b4bdbd04871b03fc929de3ba93ff2 100644 --- a/src/main/java/neatlogic/module/cmdb/dao/mapper/ci/CiAuthMapper.java +++ b/src/main/java/neatlogic/module/cmdb/dao/mapper/ci/CiAuthMapper.java @@ -30,6 +30,8 @@ import java.util.List; public interface CiAuthMapper { public List getCiAuthByCiId(Long ciId); + List getCiAuthByCiIdList(List ciIdList); + public int insertCiAuth(CiAuthVo ciAuthVo); public int deleteCiAuthByCiId(Long ciId); diff --git a/src/main/java/neatlogic/module/cmdb/dao/mapper/ci/CiAuthMapper.xml b/src/main/java/neatlogic/module/cmdb/dao/mapper/ci/CiAuthMapper.xml index 118f8a69351361a285a5fcb1e0adb06a5b691f68..97f7d8c820e641243c4723227d09cecfbdf492e3 100644 --- a/src/main/java/neatlogic/module/cmdb/dao/mapper/ci/CiAuthMapper.xml +++ b/src/main/java/neatlogic/module/cmdb/dao/mapper/ci/CiAuthMapper.xml @@ -29,6 +29,19 @@ WHERE ci_id = #{value} + + INSERT INTO `cmdb_ci_auth` (`ci_id`, `auth_type`, diff --git a/src/main/java/neatlogic/module/cmdb/dao/mapper/globalattr/GlobalAttrMapper.xml b/src/main/java/neatlogic/module/cmdb/dao/mapper/globalattr/GlobalAttrMapper.xml index a2ab21342a3f9194ef5c67247dc1f59e018627da..2608a9896dc8e2f05e53ba4815d2cf5dd391d73b 100644 --- a/src/main/java/neatlogic/module/cmdb/dao/mapper/globalattr/GlobalAttrMapper.xml +++ b/src/main/java/neatlogic/module/cmdb/dao/mapper/globalattr/GlobalAttrMapper.xml @@ -35,7 +35,7 @@ diff --git a/src/main/resources/neatlogic/resources/cmdb/sqlscript/dml.sql b/src/main/resources/neatlogic/resources/cmdb/sqlscript/dml.sql index 09840d04034089026d1a9bbc1b29f955e0804b5d..9ab42756abe56dc98df07371276256d8317b40fc 100644 --- a/src/main/resources/neatlogic/resources/cmdb/sqlscript/dml.sql +++ b/src/main/resources/neatlogic/resources/cmdb/sqlscript/dml.sql @@ -29,7 +29,7 @@ insert ignore into `cmdb_resourcecenter_entity`(`name`,`label`,`status`,`error`, -- ---------------------------- -- Records of cmdb_global_attr -- ---------------------------- -insert ignore into `cmdb_global_attr`(`id`,`name`,`label`,`is_active`,`is_multiple`,`description`) values (979768512987136,'app_environment','应用环境',1,0,NULL); +insert ignore into `cmdb_global_attr`(`id`,`name`,`label`,`is_active`,`is_multiple`,`description`, `is_private`) values (979768512987136,'app_environment','应用环境',1,0,NULL,1); -- ---------------------------- -- Records of cmdb_global_attritem