diff --git a/arex-web-api/src/main/java/com/arextest/web/api/service/aspect/AppAuthAspect.java b/arex-web-api/src/main/java/com/arextest/web/api/service/aspect/AppAuthAspect.java new file mode 100644 index 000000000..3f3028446 --- /dev/null +++ b/arex-web-api/src/main/java/com/arextest/web/api/service/aspect/AppAuthAspect.java @@ -0,0 +1,84 @@ +package com.arextest.web.api.service.aspect; + +import com.arextest.common.annotation.AppAuth; +import com.arextest.common.context.ArexContext; +import com.arextest.common.model.response.ResponseCode; +import com.arextest.common.utils.JwtUtil; +import com.arextest.common.utils.ResponseUtils; +import com.arextest.config.model.dto.application.ApplicationConfiguration; +import com.arextest.config.repository.impl.ApplicationConfigurationRepositoryImpl; +import com.arextest.web.api.service.controller.Constants; +import lombok.extern.slf4j.Slf4j; +import org.apache.commons.collections4.CollectionUtils; +import org.aspectj.lang.ProceedingJoinPoint; +import org.aspectj.lang.annotation.Around; +import org.aspectj.lang.annotation.Aspect; +import org.aspectj.lang.annotation.Pointcut; +import org.springframework.boot.autoconfigure.condition.ConditionalOnProperty; +import org.springframework.stereotype.Component; +import org.springframework.web.context.request.RequestContextHolder; +import org.springframework.web.context.request.ServletRequestAttributes; + +import javax.annotation.Resource; +import javax.servlet.http.HttpServletRequest; +import java.util.List; + +/** + * @author wildeslam. + * @create 2023/10/8 17:12 + */ +@Slf4j +@Aspect +@Component +@ConditionalOnProperty(value = "arex.app.auth.switch", havingValue = "true") +public class AppAuthAspect { + @Resource + private ApplicationConfigurationRepositoryImpl applicationConfigurationRepository; + + @Pointcut("@annotation(com.arextest.common.annotation.AppAuth)") + public void appAuth(){} + + @Around("appAuth() && @annotation(auth)") + public Object doAround(ProceedingJoinPoint point, AppAuth auth) throws Throwable { + ArexContext context = ArexContext.getContext(); + ServletRequestAttributes requestAttributes = (ServletRequestAttributes) RequestContextHolder.getRequestAttributes(); + HttpServletRequest request = requestAttributes.getRequest(); + String appId = request.getHeader("appId"); + String accessToken = request.getHeader("access-token"); + String userName = JwtUtil.getUserName(accessToken); + context.setAppId(appId); + context.setOperator(userName); + if (appId == null) { + LOGGER.error("header has no appId"); + return reject(point, auth, Constants.NO_APPID); + } + List applications = applicationConfigurationRepository.listBy(context.getAppId()); + if (CollectionUtils.isEmpty(applications)) { + LOGGER.error("error appId"); + return reject(point, auth, Constants.ERROR_APPID); + } + ApplicationConfiguration application = applications.get(0); + Object result; + if (CollectionUtils.isEmpty(application.getOwners()) || application.getOwners().contains(userName)) { + context.setPassAuth(true); + result = point.proceed(); + } else { + context.setPassAuth(false); + result = reject(point, auth, Constants.NO_PERMISSION); + } + ArexContext.removeContext(); + return result; + } + + private Object reject(ProceedingJoinPoint point, AppAuth auth, String remark) throws Throwable { + switch (auth.rejectStrategy()) { + case FAIL_RESPONSE: + return ResponseUtils.errorResponse(remark, ResponseCode.AUTHENTICATION_FAILED); + case DOWNGRADE: + ArexContext.getContext().setPassAuth(false); + default: + return point.proceed(); + } + } + +} diff --git a/arex-web-api/src/main/java/com/arextest/web/api/service/controller/Constants.java b/arex-web-api/src/main/java/com/arextest/web/api/service/controller/Constants.java index 2ee0d7f62..b871fd17f 100644 --- a/arex-web-api/src/main/java/com/arextest/web/api/service/controller/Constants.java +++ b/arex-web-api/src/main/java/com/arextest/web/api/service/controller/Constants.java @@ -4,4 +4,7 @@ public class Constants { public static final String ACCESS_TOKEN = "access-token"; public static final String NO_PERMISSION = "No permission"; + + public static final String NO_APPID = "No appId"; + public static final String ERROR_APPID = "error appId"; } diff --git a/arex-web-api/src/main/java/com/arextest/web/api/service/controller/ReplayQueryController.java b/arex-web-api/src/main/java/com/arextest/web/api/service/controller/ReplayQueryController.java new file mode 100644 index 000000000..3f322ae4a --- /dev/null +++ b/arex-web-api/src/main/java/com/arextest/web/api/service/controller/ReplayQueryController.java @@ -0,0 +1,74 @@ +package com.arextest.web.api.service.controller; + +import com.arextest.common.annotation.AppAuth; +import com.arextest.common.context.ArexContext; +import com.arextest.common.enums.AuthRejectStrategy; +import com.arextest.common.model.response.ResponseCode; +import com.arextest.model.replay.ViewRecordRequestType; +import com.arextest.model.replay.ViewRecordResponseType; +import com.arextest.model.response.Response; +import com.arextest.model.response.ResponseStatusType; +import com.arextest.web.common.HttpUtils; +import org.springframework.beans.factory.annotation.Value; +import org.springframework.http.ResponseEntity; +import org.springframework.stereotype.Controller; +import org.springframework.web.bind.annotation.GetMapping; +import org.springframework.web.bind.annotation.PostMapping; +import org.springframework.web.bind.annotation.RequestBody; +import org.springframework.web.bind.annotation.RequestMapping; +import org.springframework.web.bind.annotation.RequestParam; +import org.springframework.web.bind.annotation.ResponseBody; + +import java.util.HashMap; +import java.util.Map; + +/** + * @author wildeslam. + * @create 2023/10/12 20:18 + */ +@Controller +@RequestMapping("/api/replay/query") +public class ReplayQueryController { + + @Value("${arex.storage.viewRecord.url}") + private String viewRecordUrl; + + @ResponseBody + @GetMapping(value = "/viewRecord/") + public Response viewRecord(String recordId, + @RequestParam(required = false) String category, + @RequestParam(required = false, defaultValue = "Rolling") String srcProvider) { + ViewRecordRequestType recordRequestType = new ViewRecordRequestType(); + recordRequestType.setRecordId(recordId); + recordRequestType.setSourceProvider(srcProvider); + recordRequestType.setCategoryType(category); + return viewRecord(recordRequestType); + } + + @PostMapping("/viewRecord") + @ResponseBody + @AppAuth(rejectStrategy = AuthRejectStrategy.DOWNGRADE) + public Response viewRecord(@RequestBody ViewRecordRequestType requestType) { + ArexContext arexContext = ArexContext.getContext(); + Map headers = new HashMap<>(); + boolean downgrade = Boolean.FALSE.equals(arexContext.getPassAuth()); + headers.put("downgrade", Boolean.toString(downgrade)); + ResponseEntity response = HttpUtils.post(viewRecordUrl, requestType, + ViewRecordResponseType.class, headers); + ViewRecordResponseType responseType = new ViewRecordResponseType(); + ResponseStatusType responseStatusType = new ResponseStatusType(); + responseStatusType.setTimestamp(System.currentTimeMillis()); + if (response == null || response.getBody() == null) { + responseStatusType.setResponseDesc("call storage failed"); + responseStatusType.setResponseCode(ResponseCode.REQUESTED_RESOURCE_NOT_FOUND.getCodeValue()); + responseType.setResponseStatusType(responseStatusType); + return responseType; + } + + responseStatusType.setResponseDesc("success"); + responseStatusType.setResponseCode(ResponseCode.SUCCESS.getCodeValue()); + responseType = response.getBody(); + responseType.setResponseStatusType(responseStatusType); + return response.getBody(); + } +} diff --git a/arex-web-api/src/main/java/com/arextest/web/api/service/controller/ReportQueryController.java b/arex-web-api/src/main/java/com/arextest/web/api/service/controller/ReportQueryController.java index 7e89475d0..2a06bb4bb 100644 --- a/arex-web-api/src/main/java/com/arextest/web/api/service/controller/ReportQueryController.java +++ b/arex-web-api/src/main/java/com/arextest/web/api/service/controller/ReportQueryController.java @@ -4,6 +4,8 @@ import javax.servlet.http.HttpServletResponse; import javax.validation.Valid; +import com.arextest.common.annotation.AppAuth; +import com.arextest.common.enums.AuthRejectStrategy; import com.arextest.web.common.HttpUtils; import com.arextest.web.model.contract.contracts.FeedbackSceneRequest; import com.arextest.web.model.contract.contracts.RemoveRecordsAndScenesRequest; @@ -120,6 +122,7 @@ public class ReportQueryController { @Deprecated @PostMapping("/pushCompareResults") @ResponseBody + // from schedule public Response pushCompareResults(@Valid @RequestBody PushCompareResultsRequestType request) { PushCompareResultsResponseType response = new PushCompareResultsResponseType(); response.setSuccess(reportService.saveCompareResults(request)); @@ -147,6 +150,7 @@ public Response reportInitial(@RequestBody ReportInitialRequestType request) { @PostMapping("/updateReportInfo") @ResponseBody + // from schedule public Response updateReportInfo(@Valid @RequestBody UpdateReportInfoRequestType request) { UpdateReportInfoResponseType response = new UpdateReportInfoResponseType(); response.setSuccess(replayInfoService.updatePlan(request)); @@ -155,6 +159,7 @@ public Response updateReportInfo(@Valid @RequestBody UpdateReportInfoRequestType @PostMapping("/pushReplayStatus") @ResponseBody + // from schedule public Response changeReplayStatus(@Valid @RequestBody ChangeReplayStatusRequestType request) { ChangeReplayStatusResponseType response = new ChangeReplayStatusResponseType(); response.setUpdateSuccess(reportService.changeReportStatus(request)); @@ -163,6 +168,7 @@ public Response changeReplayStatus(@Valid @RequestBody ChangeReplayStatusRequest @PostMapping("/removeRecordsAndScenes") @ResponseBody + // from schedule public Response removeFailedCases(@Valid @RequestBody RemoveRecordsAndScenesRequest request) { SuccessResponse response = new SuccessResponse(); response.setSuccess(reportService.removeRecords(request) && sceneReportService.removeScene(request)); @@ -222,6 +228,7 @@ public Response queryDiffAggInfo(@RequestBody QueryDiffAggInfoRequestType reques return ResponseUtils.successResponse(response); } + @AppAuth(rejectStrategy = AuthRejectStrategy.DOWNGRADE) @PostMapping("/queryMsgWithDiff") @ResponseBody public Response queryMsgWithDiff(@RequestBody QueryMsgWithDiffRequestType request) { @@ -250,6 +257,7 @@ public Response queryScenes(@Valid @RequestBody QueryScenesRequestType request) return ResponseUtils.successResponse(response); } + @AppAuth(rejectStrategy = AuthRejectStrategy.DOWNGRADE) @PostMapping("/queryFullLinkMsg") @ResponseBody public Response queryFullLinkMsg(@Valid @RequestBody QueryFullLinkMsgRequestType request) { @@ -257,6 +265,7 @@ public Response queryFullLinkMsg(@Valid @RequestBody QueryFullLinkMsgRequestType return ResponseUtils.successResponse(response); } + @AppAuth(rejectStrategy = AuthRejectStrategy.DOWNGRADE) @PostMapping("/queryReplayMsg") @ResponseBody public Response queryReplayMsg(@Valid @RequestBody QueryReplayMsgRequestType request) { @@ -264,6 +273,7 @@ public Response queryReplayMsg(@Valid @RequestBody QueryReplayMsgRequestType req return ResponseUtils.successResponse(response); } + @AppAuth @PostMapping("/downloadReplayMsg") @ResponseBody public void downloadReplayMsg(@Valid @RequestBody DownloadReplayMsgRequestType request, @@ -362,7 +372,7 @@ public Response countRecord(@Valid @RequestBody CountRecordRequestType requestTy @PostMapping("/listRecord") @ResponseBody - public Response countRecord(@Valid @RequestBody ListRecordRequestType requestType) { + public Response listRecord(@Valid @RequestBody ListRecordRequestType requestType) { if (requestType.getOperationType() == null) { return ResponseUtils.errorResponse("no operationType", ResponseCode.REQUESTED_PARAMETER_INVALID); } diff --git a/arex-web-api/src/main/java/com/arextest/web/api/service/controller/config/AbstractConfigurableController.java b/arex-web-api/src/main/java/com/arextest/web/api/service/controller/config/AbstractConfigurableController.java index c984bee02..40db46d36 100644 --- a/arex-web-api/src/main/java/com/arextest/web/api/service/controller/config/AbstractConfigurableController.java +++ b/arex-web-api/src/main/java/com/arextest/web/api/service/controller/config/AbstractConfigurableController.java @@ -2,8 +2,10 @@ import java.util.List; +import com.arextest.common.annotation.AppAuth; import com.arextest.config.model.dto.AbstractConfiguration; import com.arextest.config.model.dto.ModifyType; +import lombok.Getter; import org.apache.commons.lang3.StringUtils; import org.springframework.web.bind.annotation.*; @@ -16,6 +18,7 @@ * @since 2022/1/22 */ public abstract class AbstractConfigurableController { + @Getter protected final ConfigurableHandler configurableHandler; protected AbstractConfigurableController(ConfigurableHandler configurableHandler) { @@ -28,7 +31,7 @@ public final Response useResult(@PathVariable String appId) { if (StringUtils.isEmpty(appId)) { return InvalidResponse.REQUESTED_APP_ID_IS_EMPTY; } - return ResponseUtils.successResponse(this.configurableHandler.useResult(appId)); + return ResponseUtils.successResponse(getConfigurableHandler().useResult(appId)); } @GetMapping("/useResultAsList/appId/{appId}") @@ -37,7 +40,7 @@ public final Response useResultList(@PathVariable String appId) { if (StringUtils.isEmpty(appId)) { return InvalidResponse.REQUESTED_APP_ID_IS_EMPTY; } - return ResponseUtils.successResponse(this.configurableHandler.useResultAsList(appId)); + return ResponseUtils.successResponse(getConfigurableHandler().useResultAsList(appId)); } @GetMapping("/editList/appId/{appId}") @@ -46,37 +49,39 @@ public final Response editList(@PathVariable String appId) { if (StringUtils.isEmpty(appId)) { return InvalidResponse.REQUESTED_APP_ID_IS_EMPTY; } - return ResponseUtils.successResponse(this.configurableHandler.editList(appId)); + return ResponseUtils.successResponse(getConfigurableHandler().editList(appId)); } @PostMapping("/modify/{modifyType}") @ResponseBody + @AppAuth public Response modify(@PathVariable ModifyType modifyType, @RequestBody T configuration) throws Exception { if (modifyType == ModifyType.INSERT) { configuration.validParameters(); - return ResponseUtils.successResponse(this.configurableHandler.insert(configuration)); + return ResponseUtils.successResponse(getConfigurableHandler().insert(configuration)); } if (modifyType == ModifyType.UPDATE) { - return ResponseUtils.successResponse(this.configurableHandler.update(configuration)); + return ResponseUtils.successResponse(getConfigurableHandler().update(configuration)); } if (modifyType == ModifyType.REMOVE) { - return ResponseUtils.successResponse(this.configurableHandler.remove(configuration)); + return ResponseUtils.successResponse(getConfigurableHandler().remove(configuration)); } return ResponseUtils.resourceNotFoundResponse(); } @PostMapping("/batchModify/{modifyType}") @ResponseBody + @AppAuth public final Response batchModify(@PathVariable ModifyType modifyType, @RequestBody List configuration) throws Exception { if (modifyType == ModifyType.INSERT) { for (T item : configuration) { item.validParameters(); } - return ResponseUtils.successResponse(this.configurableHandler.insertList(configuration)); + return ResponseUtils.successResponse(getConfigurableHandler().insertList(configuration)); } if (modifyType == ModifyType.REMOVE) { - return ResponseUtils.successResponse(this.configurableHandler.removeList(configuration)); + return ResponseUtils.successResponse(getConfigurableHandler().removeList(configuration)); } return ResponseUtils.resourceNotFoundResponse(); } diff --git a/arex-web-api/src/main/java/com/arextest/web/api/service/controller/config/ApplicationConfigurableController.java b/arex-web-api/src/main/java/com/arextest/web/api/service/controller/config/ApplicationConfigurableController.java index aea8fa1f4..025912b2a 100644 --- a/arex-web-api/src/main/java/com/arextest/web/api/service/controller/config/ApplicationConfigurableController.java +++ b/arex-web-api/src/main/java/com/arextest/web/api/service/controller/config/ApplicationConfigurableController.java @@ -26,7 +26,7 @@ */ @Controller @RequestMapping("/api/config/application") -public final class ApplicationConfigurableController extends AbstractConfigurableController { +public class ApplicationConfigurableController extends AbstractConfigurableController { @Resource private ScheduleConfigurableHandler scheduleHandler; diff --git a/arex-web-api/src/main/java/com/arextest/web/api/service/controller/config/ApplicationServiceConfigurableController.java b/arex-web-api/src/main/java/com/arextest/web/api/service/controller/config/ApplicationServiceConfigurableController.java index dc5d5429d..c5cf5392b 100644 --- a/arex-web-api/src/main/java/com/arextest/web/api/service/controller/config/ApplicationServiceConfigurableController.java +++ b/arex-web-api/src/main/java/com/arextest/web/api/service/controller/config/ApplicationServiceConfigurableController.java @@ -12,7 +12,7 @@ */ @Controller @RequestMapping("/api/config/applicationService") -public final class ApplicationServiceConfigurableController extends AbstractConfigurableController { +public class ApplicationServiceConfigurableController extends AbstractConfigurableController { public ApplicationServiceConfigurableController(@Autowired ConfigurableHandler configurableHandler) { super(configurableHandler); } diff --git a/arex-web-api/src/main/java/com/arextest/web/api/service/controller/config/DynamicClassConfigurableController.java b/arex-web-api/src/main/java/com/arextest/web/api/service/controller/config/DynamicClassConfigurableController.java index bf18d9dbd..512163019 100644 --- a/arex-web-api/src/main/java/com/arextest/web/api/service/controller/config/DynamicClassConfigurableController.java +++ b/arex-web-api/src/main/java/com/arextest/web/api/service/controller/config/DynamicClassConfigurableController.java @@ -20,7 +20,7 @@ */ @Controller @RequestMapping("/api/config/dynamicClass") -public final class DynamicClassConfigurableController extends AbstractConfigurableController { +public class DynamicClassConfigurableController extends AbstractConfigurableController { public DynamicClassConfigurableController(@Autowired ConfigurableHandler configurableHandler) { super(configurableHandler); } diff --git a/arex-web-api/src/main/java/com/arextest/web/api/service/controller/config/ScheduleConfigurableController.java b/arex-web-api/src/main/java/com/arextest/web/api/service/controller/config/ScheduleConfigurableController.java index 1f6b8d5d6..3da03d02e 100644 --- a/arex-web-api/src/main/java/com/arextest/web/api/service/controller/config/ScheduleConfigurableController.java +++ b/arex-web-api/src/main/java/com/arextest/web/api/service/controller/config/ScheduleConfigurableController.java @@ -12,7 +12,7 @@ */ @Controller @RequestMapping("/api/config/schedule") -public final class ScheduleConfigurableController extends AbstractConfigurableController { +public class ScheduleConfigurableController extends AbstractConfigurableController { public ScheduleConfigurableController(@Autowired ConfigurableHandler configurableHandler) { super(configurableHandler); } diff --git a/arex-web-api/src/main/java/com/arextest/web/api/service/controller/config/ServiceCollectConfigurableController.java b/arex-web-api/src/main/java/com/arextest/web/api/service/controller/config/ServiceCollectConfigurableController.java index cbd15cff0..1806e38f3 100644 --- a/arex-web-api/src/main/java/com/arextest/web/api/service/controller/config/ServiceCollectConfigurableController.java +++ b/arex-web-api/src/main/java/com/arextest/web/api/service/controller/config/ServiceCollectConfigurableController.java @@ -21,7 +21,7 @@ */ @Controller @RequestMapping("/api/config/serviceCollect") -public final class ServiceCollectConfigurableController extends AbstractConfigurableController { +public class ServiceCollectConfigurableController extends AbstractConfigurableController { public ServiceCollectConfigurableController(@Autowired ConfigurableHandler configurableHandler) { super(configurableHandler); } diff --git a/arex-web-api/src/main/resources/application.properties b/arex-web-api/src/main/resources/application.properties index 4c8afc083..19586975c 100644 --- a/arex-web-api/src/main/resources/application.properties +++ b/arex-web-api/src/main/resources/application.properties @@ -29,6 +29,7 @@ arex.api.redis.lease-time=30 arex.storage.countRecord.url=${arex.storage.service.url}/api/storage/replay/query/countByRange arex.storage.listRecord.url=${arex.storage.service.url}/api/storage/replay/query/replayCase arex.storage.aggCountRecord.url=${arex.storage.service.url}/api/storage/replay/query/countByOperationName +arex.storage.viewRecord.url=${arex.storage.service.url}/api/storage/replay/query/viewRecord #call schedule arex.schedule.stop.url=${arex.schedule.service.url}/api/stopPlan arex.oauth.github.clientid= @@ -41,4 +42,5 @@ arex.oauth.gitlab.secret= arex.oauth.gitlab.redirecturi= arex.oauth.gitlab.uri= arex.prometheus.port=20090 -arex.jwt.secret=arex \ No newline at end of file +arex.jwt.secret=arex +arex.app.auth.switch=true \ No newline at end of file diff --git a/arex-web-common/src/main/java/com/arextest/web/common/HttpUtils.java b/arex-web-common/src/main/java/com/arextest/web/common/HttpUtils.java index afd7f8b89..448954bfe 100644 --- a/arex-web-common/src/main/java/com/arextest/web/common/HttpUtils.java +++ b/arex-web-common/src/main/java/com/arextest/web/common/HttpUtils.java @@ -24,6 +24,12 @@ public static ResponseEntity post(String url, R request, Class resp return call(url, request, responseClazz, HttpMethod.POST, null, null, null); } + public static ResponseEntity post(String url, R request, Class responseClazz, + Map headers) { + return call(url, request, responseClazz, HttpMethod.POST, null, headers, null); + } + + public static ResponseEntity post(String url, R request, Class responseClazz, String contentType, Map headers, Integer timeout) { return call(url, request, responseClazz, HttpMethod.POST, contentType, headers, timeout); diff --git a/arex-web-core/src/main/java/com/arextest/web/core/business/MsgShowService.java b/arex-web-core/src/main/java/com/arextest/web/core/business/MsgShowService.java index dad1980c7..18ad022ee 100644 --- a/arex-web-core/src/main/java/com/arextest/web/core/business/MsgShowService.java +++ b/arex-web-core/src/main/java/com/arextest/web/core/business/MsgShowService.java @@ -1,5 +1,8 @@ package com.arextest.web.core.business; +import com.arextest.common.context.ArexContext; +import com.arextest.common.utils.JsonTraverseUtils; +import com.arextest.web.core.business.util.JsonUtils; import com.arextest.web.core.business.util.ListUtils; import com.arextest.web.core.repository.mongo.ReplayCompareResultRepositoryImpl; import com.arextest.web.model.contract.contracts.QueryMsgWithDiffRequestType; @@ -17,6 +20,7 @@ import com.fasterxml.jackson.databind.node.ObjectNode; import lombok.Data; import lombok.NoArgsConstructor; +import lombok.extern.slf4j.Slf4j; import org.apache.commons.lang3.tuple.MutablePair; import org.springframework.scheduling.concurrent.ThreadPoolTaskExecutor; import org.springframework.stereotype.Component; @@ -38,6 +42,7 @@ import java.util.stream.Stream; +@Slf4j @Component public class MsgShowService { @@ -62,6 +67,13 @@ public QueryMsgWithDiffResponseType queryMsgWithDiff(QueryMsgWithDiffRequestType if (compareResultDto == null) { return response; } + + if (Boolean.FALSE.equals(ArexContext.getContext().getPassAuth())) { + JsonUtils.downgrade(compareResultDto); + response.setDesensitized(true); + } + + String baseMsg = compareResultDto.getBaseMsg(); String testMsg = compareResultDto.getTestMsg(); @@ -83,6 +95,7 @@ public QueryMsgWithDiffResponseType queryMsgWithDiff(QueryMsgWithDiffRequestType testMsg = baseAndTestObjCombination.getRight().toString(); } } + response.setBaseMsg(baseMsg); response.setTestMsg(testMsg); response.setLogs(sceneLogs); diff --git a/arex-web-core/src/main/java/com/arextest/web/core/business/QueryReplayMsgService.java b/arex-web-core/src/main/java/com/arextest/web/core/business/QueryReplayMsgService.java index 15112f65d..e150a770b 100644 --- a/arex-web-core/src/main/java/com/arextest/web/core/business/QueryReplayMsgService.java +++ b/arex-web-core/src/main/java/com/arextest/web/core/business/QueryReplayMsgService.java @@ -10,7 +10,6 @@ import java.util.HashMap; import java.util.HashSet; import java.util.List; -import java.util.Map; import java.util.Objects; import java.util.Set; import java.util.stream.Collectors; @@ -18,8 +17,10 @@ import javax.annotation.Resource; import javax.servlet.http.HttpServletResponse; +import com.arextest.common.context.ArexContext; import com.arextest.config.model.dto.application.ApplicationOperationConfiguration; import com.arextest.config.repository.impl.ApplicationOperationConfigurationRepositoryImpl; +import com.arextest.web.core.business.util.JsonUtils; import org.apache.commons.collections4.CollectionUtils; import org.apache.commons.lang3.tuple.MutablePair; import org.springframework.stereotype.Component; @@ -70,8 +71,15 @@ public QueryReplayMsgResponseType queryReplayMsg(QueryReplayMsgRequestType reque if (dto == null) { return response; } + + if (Boolean.FALSE.equals(ArexContext.getContext().getPassAuth())) { + JsonUtils.downgrade(dto); + response.setDesensitized(true); + } + String baseMsg = dto.getBaseMsg(); String testMsg = dto.getTestMsg(); + String tempBaseMsg = baseMsg != null ? baseMsg : ""; String tempTestMsg = testMsg != null ? testMsg : ""; if (tempBaseMsg.length() > BIG_MESSAGE_THRESHOLD) { @@ -137,8 +145,14 @@ public QueryFullLinkMsgResponseType queryFullLinkMsg(QueryFullLinkMsgRequestType if (dtos == null) { return response; } + + if (Boolean.FALSE.equals(ArexContext.getContext().getPassAuth())) { + dtos.forEach(JsonUtils::downgrade); + response.setDesensitized(true); + } List compareResults = dtos.stream() - .map(CompareResultMapper.INSTANCE::contractFromDtoLogsLimitDisplay).collect(Collectors.toList()); + .map(CompareResultMapper.INSTANCE::contractFromDtoLogsLimitDisplay) + .collect(Collectors.toList()); response.setCompareResults(compareResults); return response; } diff --git a/arex-web-core/src/main/java/com/arextest/web/core/business/RecordService.java b/arex-web-core/src/main/java/com/arextest/web/core/business/RecordService.java index c72de8396..144db2403 100644 --- a/arex-web-core/src/main/java/com/arextest/web/core/business/RecordService.java +++ b/arex-web-core/src/main/java/com/arextest/web/core/business/RecordService.java @@ -78,6 +78,7 @@ public ListRecordResponseType listRecord(ListRecordRequestType requestType) { ResponseEntity listResponse; String operationType = requestType.getOperationType(); pagedRequestType.setCategory(MockCategoryType.createEntryPoint(operationType)); + listResponse = HttpUtils.post(listRecordUrl, pagedRequestType, PagedResponseType.class); if (listResponse != null && listResponse.getBody() != null) { recordItemList.addAll(listResponse.getBody().getRecords() diff --git a/arex-web-core/src/main/java/com/arextest/web/core/business/util/JsonUtils.java b/arex-web-core/src/main/java/com/arextest/web/core/business/util/JsonUtils.java new file mode 100644 index 000000000..d59ca109c --- /dev/null +++ b/arex-web-core/src/main/java/com/arextest/web/core/business/util/JsonUtils.java @@ -0,0 +1,36 @@ +package com.arextest.web.core.business.util; + +import com.arextest.common.utils.JsonTraverseUtils; +import com.arextest.web.model.dto.CompareResultDto; +import lombok.extern.slf4j.Slf4j; +import org.apache.commons.lang3.StringUtils; + +/** + * @author wildeslam. + * @create 2023/10/13 17:33 + */ +@Slf4j +public class JsonUtils { + + public static void downgrade(CompareResultDto compareResult) { + try { + if (isJsonStr(compareResult.getBaseMsg())) { + compareResult.setBaseMsg(JsonTraverseUtils.trimAllLeaves(compareResult.getBaseMsg())); + } else { + compareResult.setBaseMsg(null); + } + if (isJsonStr(compareResult.getTestMsg())) { + compareResult.setTestMsg(JsonTraverseUtils.trimAllLeaves(compareResult.getTestMsg())); + } else { + compareResult.setTestMsg(null); + } + } catch (Exception e) { + LOGGER.error("trimAllLeaves error", e); + } + + } + + public static boolean isJsonStr(String obj) { + return StringUtils.isNotEmpty(obj) && obj.startsWith("{") && obj.endsWith("}"); + } +} diff --git a/arex-web-model-contract/src/main/java/com/arextest/web/model/contract/contracts/DesensitizationResponseType.java b/arex-web-model-contract/src/main/java/com/arextest/web/model/contract/contracts/DesensitizationResponseType.java new file mode 100644 index 000000000..b8fea1209 --- /dev/null +++ b/arex-web-model-contract/src/main/java/com/arextest/web/model/contract/contracts/DesensitizationResponseType.java @@ -0,0 +1,8 @@ +package com.arextest.web.model.contract.contracts; + +import lombok.Data; + +@Data +public class DesensitizationResponseType { + private boolean desensitized; +} diff --git a/arex-web-model-contract/src/main/java/com/arextest/web/model/contract/contracts/QueryFullLinkMsgResponseType.java b/arex-web-model-contract/src/main/java/com/arextest/web/model/contract/contracts/QueryFullLinkMsgResponseType.java index 692d9f829..6d6710910 100644 --- a/arex-web-model-contract/src/main/java/com/arextest/web/model/contract/contracts/QueryFullLinkMsgResponseType.java +++ b/arex-web-model-contract/src/main/java/com/arextest/web/model/contract/contracts/QueryFullLinkMsgResponseType.java @@ -7,6 +7,6 @@ @Data -public class QueryFullLinkMsgResponseType { +public class QueryFullLinkMsgResponseType extends DesensitizationResponseType{ List compareResults; } diff --git a/arex-web-model-contract/src/main/java/com/arextest/web/model/contract/contracts/QueryMsgWithDiffResponseType.java b/arex-web-model-contract/src/main/java/com/arextest/web/model/contract/contracts/QueryMsgWithDiffResponseType.java index aa2be0216..a024f3ecf 100644 --- a/arex-web-model-contract/src/main/java/com/arextest/web/model/contract/contracts/QueryMsgWithDiffResponseType.java +++ b/arex-web-model-contract/src/main/java/com/arextest/web/model/contract/contracts/QueryMsgWithDiffResponseType.java @@ -7,7 +7,7 @@ @Data -public class QueryMsgWithDiffResponseType { +public class QueryMsgWithDiffResponseType extends DesensitizationResponseType { private String replayId; private String recordId; private int diffResultCode; diff --git a/arex-web-model-contract/src/main/java/com/arextest/web/model/contract/contracts/QueryReplayMsgResponseType.java b/arex-web-model-contract/src/main/java/com/arextest/web/model/contract/contracts/QueryReplayMsgResponseType.java index 9b4902d93..07302fed6 100644 --- a/arex-web-model-contract/src/main/java/com/arextest/web/model/contract/contracts/QueryReplayMsgResponseType.java +++ b/arex-web-model-contract/src/main/java/com/arextest/web/model/contract/contracts/QueryReplayMsgResponseType.java @@ -7,7 +7,7 @@ @Data -public class QueryReplayMsgResponseType { +public class QueryReplayMsgResponseType extends DesensitizationResponseType { private boolean baseMsgDownload; private boolean testMsgDownload; diff --git a/pom.xml b/pom.xml index 3a3f1f30a..905743e44 100644 --- a/pom.xml +++ b/pom.xml @@ -32,7 +32,7 @@ 31.1-jre 0.1.4 1.29 - 0.1.13 + 0.1.15 0.0.1 2.8.0 4.34.0