diff --git a/arex-web-api/src/main/java/com/arextest/web/api/service/aspect/AppAuthAspectExecutor.java b/arex-web-api/src/main/java/com/arextest/web/api/service/aspect/AppAuthAspectExecutor.java index 147468cb..d3765a25 100644 --- a/arex-web-api/src/main/java/com/arextest/web/api/service/aspect/AppAuthAspectExecutor.java +++ b/arex-web-api/src/main/java/com/arextest/web/api/service/aspect/AppAuthAspectExecutor.java @@ -4,8 +4,7 @@ import com.arextest.common.context.ArexContext; import com.arextest.common.exceptions.ArexException; import com.arextest.common.jwt.JWTService; -import com.arextest.common.model.response.ResponseCode; -import com.arextest.common.utils.ResponseUtils; +import com.arextest.common.utils.ResponseUtils_New; import com.arextest.config.model.dao.config.SystemConfigurationCollection; import com.arextest.config.model.dto.application.ApplicationConfiguration; import com.arextest.config.model.dto.system.SystemConfiguration; @@ -56,18 +55,10 @@ public Object doAround(ProceedingJoinPoint point, AppAuth auth) throws Throwable if (context.getAppId() == null) { LOGGER.error("header has no appId"); - return reject(point, auth, Constants.NO_APPID); + return reject(point, auth, Constants.NO_APPID, ArexApiResponseCode.APP_AUTH_NO_APP_ID); } - OwnerExistResult ownerExistResult = getOwnerExistResult(); - if (ownerExistResult.getExist()) { - context.setPassAuth(true); - return point.proceed(); - } else { - context.setPassAuth(false); - return reject(point, auth, ownerExistResult.getRemark()); - } - + return processOwnerExistVerify(ownerExistResult, context, point, auth); } finally { ArexContext.removeContext(); } @@ -103,21 +94,37 @@ protected OwnerExistResult getOwnerExistResult() { context.getAppId()); if (CollectionUtils.isEmpty(applications)) { LOGGER.error("error appId, appId: {}", context.getAppId()); - return new OwnerExistResult(false, Constants.ERROR_APPID); + return new OwnerExistResult(false, Constants.ERROR_APPID, + ArexApiResponseCode.APP_AUTH_ERROR_APP_ID); } Set owners = applications.get(0).getOwners(); if (CollectionUtils.isEmpty(owners) || owners.contains(userName)) { - return new OwnerExistResult(true, null); + return new OwnerExistResult(true, null, null); + } else { + return new OwnerExistResult(false, Constants.NO_PERMISSION, + ArexApiResponseCode.APP_AUTH_NO_PERMISSION); + } + } + + + private Object processOwnerExistVerify(OwnerExistResult ownerExistResult, ArexContext context, + ProceedingJoinPoint point, AppAuth auth) + throws Throwable { + if (ownerExistResult.getExist()) { + context.setPassAuth(true); + return point.proceed(); } else { - return new OwnerExistResult(false, Constants.NO_PERMISSION); + context.setPassAuth(false); + return reject(point, auth, ownerExistResult.getRemark(), ownerExistResult.getResponseCode()); } } - private Object reject(ProceedingJoinPoint point, AppAuth auth, String remark) throws Throwable { + private Object reject(ProceedingJoinPoint point, AppAuth auth, String remark, int responseCode) + throws Throwable { switch (auth.rejectStrategy()) { case FAIL_RESPONSE: - return ResponseUtils.errorResponse(remark, ResponseCode.AUTHENTICATION_FAILED); + return ResponseUtils_New.errorResponse(remark, responseCode); case DOWNGRADE: ArexContext.getContext().setPassAuth(false); return point.proceed(); @@ -146,6 +153,7 @@ public static class OwnerExistResult { private Boolean exist; private String remark; + private Integer responseCode; } diff --git a/arex-web-api/src/main/java/com/arextest/web/api/service/controller/FileSystemController.java b/arex-web-api/src/main/java/com/arextest/web/api/service/controller/FileSystemController.java index e585f372..b357ce89 100644 --- a/arex-web-api/src/main/java/com/arextest/web/api/service/controller/FileSystemController.java +++ b/arex-web-api/src/main/java/com/arextest/web/api/service/controller/FileSystemController.java @@ -1,9 +1,11 @@ package com.arextest.web.api.service.controller; +import com.arextest.common.jwt.JWTService; import com.arextest.common.model.response.Response; import com.arextest.common.model.response.ResponseCode; -import com.arextest.common.jwt.JWTService; import com.arextest.common.utils.ResponseUtils; +import com.arextest.common.utils.ResponseUtils_New; +import com.arextest.web.common.exception.ArexApiResponseCode; import com.arextest.web.core.business.filesystem.FileSystemService; import com.arextest.web.core.business.filesystem.RolePermission; import com.arextest.web.model.contract.contracts.SuccessResponseType; @@ -102,8 +104,8 @@ public Response addItem(@RequestHeader(name = Constants.ACCESS_TOKEN) String tok if (StringUtils.isNotEmpty(request.getId()) && !rolePermission.checkPermissionByToken(RolePermission.EDIT_ITEM, token, request.getId())) { - return ResponseUtils.errorResponse(Constants.NO_PERMISSION, - ResponseCode.AUTHENTICATION_FAILED); + return ResponseUtils_New.errorResponse(Constants.NO_PERMISSION, + ArexApiResponseCode.FS_NO_PERMISSION); } String userName = jwtService.getUserName(token); request.setUserName(userName); @@ -116,8 +118,8 @@ public Response addItem(@RequestHeader(name = Constants.ACCESS_TOKEN) String tok public Response removeItem(@RequestHeader(name = Constants.ACCESS_TOKEN) String token, @Valid @RequestBody FSRemoveItemRequestType request) { if (!rolePermission.checkPermissionByToken(RolePermission.EDIT_ITEM, token, request.getId())) { - return ResponseUtils.errorResponse(Constants.NO_PERMISSION, - ResponseCode.AUTHENTICATION_FAILED); + return ResponseUtils_New.errorResponse(Constants.NO_PERMISSION, + ArexApiResponseCode.FS_NO_PERMISSION); } String userName = jwtService.getUserName(token); FSRemoveItemResponseType response = new FSRemoveItemResponseType(); @@ -130,8 +132,8 @@ public Response removeItem(@RequestHeader(name = Constants.ACCESS_TOKEN) String public Response rename(@RequestHeader(name = Constants.ACCESS_TOKEN) String token, @Valid @RequestBody FSRenameRequestType request) { if (!rolePermission.checkPermissionByToken(RolePermission.EDIT_ITEM, token, request.getId())) { - return ResponseUtils.errorResponse(Constants.NO_PERMISSION, - ResponseCode.AUTHENTICATION_FAILED); + return ResponseUtils_New.errorResponse(Constants.NO_PERMISSION, + ArexApiResponseCode.FS_NO_PERMISSION); } FSRenameResponseType response = new FSRenameResponseType(); response.setSuccess(fileSystemService.rename(request)); @@ -143,8 +145,8 @@ public Response rename(@RequestHeader(name = Constants.ACCESS_TOKEN) String toke public Response duplicate(@RequestHeader(name = Constants.ACCESS_TOKEN) String token, @Valid @RequestBody FSDuplicateRequestType request) { if (!rolePermission.checkPermissionByToken(RolePermission.EDIT_ITEM, token, request.getId())) { - return ResponseUtils.errorResponse(Constants.NO_PERMISSION, - ResponseCode.AUTHENTICATION_FAILED); + return ResponseUtils_New.errorResponse(Constants.NO_PERMISSION, + ArexApiResponseCode.FS_NO_PERMISSION); } FSDuplicateResponseType response = fileSystemService.duplicate(request); return ResponseUtils.successResponse(response); @@ -171,8 +173,8 @@ public Response deleteWorkspace(@RequestHeader(name = Constants.ACCESS_TOKEN) St @Valid @RequestBody FSDeleteWorkspaceRequestType request) { if (!rolePermission.checkPermissionByToken(RolePermission.EDIT_WORKSPACE, token, request.getWorkspaceId())) { - return ResponseUtils.errorResponse(Constants.NO_PERMISSION, - ResponseCode.AUTHENTICATION_FAILED); + return ResponseUtils_New.errorResponse(Constants.NO_PERMISSION, + ArexApiResponseCode.FS_NO_PERMISSION); } SuccessResponseType response = new SuccessResponseType(); response.setSuccess(fileSystemService.deleteWorkspace(request.getWorkspaceId())); @@ -185,8 +187,8 @@ public Response renameWorkspace(@RequestHeader(name = Constants.ACCESS_TOKEN) St @Valid @RequestBody FSRenameWorkspaceRequestType request) { if (!rolePermission.checkPermissionByToken(RolePermission.EDIT_WORKSPACE, token, request.getId())) { - return ResponseUtils.errorResponse(Constants.NO_PERMISSION, - ResponseCode.AUTHENTICATION_FAILED); + return ResponseUtils_New.errorResponse(Constants.NO_PERMISSION, + ArexApiResponseCode.FS_NO_PERMISSION); } SuccessResponseType response = new SuccessResponseType(); response.setSuccess(fileSystemService.renameWorkspace(request)); @@ -199,8 +201,8 @@ public Response queryWorkspaceById(@RequestHeader(name = Constants.ACCESS_TOKEN) @RequestBody FSQueryWorkspaceRequestType request) { if (!rolePermission.checkPermissionByToken(RolePermission.VIEW_WORKSPACE, token, request.getId())) { - return ResponseUtils.errorResponse(Constants.NO_PERMISSION, - ResponseCode.AUTHENTICATION_FAILED); + return ResponseUtils_New.errorResponse(Constants.NO_PERMISSION, + ArexApiResponseCode.FS_NO_PERMISSION); } FSQueryWorkspaceResponseType response = fileSystemService.queryWorkspaceById(request); return ResponseUtils.successResponse(response); @@ -283,8 +285,8 @@ public Response inviteToWorkspace(@RequestHeader(name = Constants.ACCESS_TOKEN) @Valid @RequestBody InviteToWorkspaceRequestType request) { if (!rolePermission.checkPermissionByToken(RolePermission.INVITE_TO_WORKSPACE, token, request.getWorkspaceId())) { - return ResponseUtils.errorResponse(Constants.NO_PERMISSION, - ResponseCode.AUTHENTICATION_FAILED); + return ResponseUtils_New.errorResponse(Constants.NO_PERMISSION, + ArexApiResponseCode.FS_NO_PERMISSION); } InviteToWorkspaceResponseType response = fileSystemService.inviteToWorkspace(request); return ResponseUtils.successResponse(response); @@ -305,8 +307,8 @@ public Response removeUserFromWorkspace( @Valid @RequestBody RemoveUserFromWorkspaceType request) { if (!rolePermission.checkPermissionByToken(RolePermission.EDIT_WORKSPACE, token, request.getWorkspaceId())) { - return ResponseUtils.errorResponse(Constants.NO_PERMISSION, - ResponseCode.AUTHENTICATION_FAILED); + return ResponseUtils_New.errorResponse(Constants.NO_PERMISSION, + ArexApiResponseCode.FS_NO_PERMISSION); } SuccessResponseType response = new SuccessResponseType(); response.setSuccess( @@ -320,8 +322,8 @@ public Response changeRole(@RequestHeader(name = Constants.ACCESS_TOKEN) String @Valid @RequestBody ChangeRoleRequestType request) { if (!rolePermission.checkPermissionByToken(RolePermission.EDIT_WORKSPACE, token, request.getWorkspaceId())) { - return ResponseUtils.errorResponse(Constants.NO_PERMISSION, - ResponseCode.AUTHENTICATION_FAILED); + return ResponseUtils_New.errorResponse(Constants.NO_PERMISSION, + ArexApiResponseCode.FS_NO_PERMISSION); } SuccessResponseType response = new SuccessResponseType(); response.setSuccess(fileSystemService.changeRole(request)); @@ -403,8 +405,8 @@ public Response getWorkspaceItem(@RequestHeader(name = Constants.ACCESS_TOKEN) S @RequestBody FSGetWorkspaceItemsRequestType request) { if (!rolePermission.checkPermissionByToken(RolePermission.VIEW_WORKSPACE, token, request.getWorkspaceId())) { - return ResponseUtils.errorResponse(Constants.NO_PERMISSION, - ResponseCode.AUTHENTICATION_FAILED); + return ResponseUtils_New.errorResponse(Constants.NO_PERMISSION, + ArexApiResponseCode.FS_NO_PERMISSION); } FSGetWorkspaceItemsResponseType response = fileSystemService.getWorkspaceItems(request); return ResponseUtils.successResponse(response); @@ -416,8 +418,8 @@ public Response searchWorkspaceItems(@RequestHeader(name = Constants.ACCESS_TOKE @RequestBody FSSearchWorkspaceItemsRequestType request) { if (!rolePermission.checkPermissionByToken(RolePermission.VIEW_WORKSPACE, token, request.getWorkspaceId())) { - return ResponseUtils.errorResponse(Constants.NO_PERMISSION, - ResponseCode.AUTHENTICATION_FAILED); + return ResponseUtils_New.errorResponse(Constants.NO_PERMISSION, + ArexApiResponseCode.FS_NO_PERMISSION); } FSSearchWorkspaceItemsResponseType response = fileSystemService.searchWorkspaceItems(request); return ResponseUtils.successResponse(response); @@ -430,8 +432,8 @@ public Response getWorkspaceItemTree(@RequestHeader(name = Constants.ACCESS_TOKE @RequestBody FSGetWorkspaceItemTreeRequestType request) { if (!rolePermission.checkPermissionByToken(RolePermission.VIEW_WORKSPACE, token, request.getWorkspaceId())) { - return ResponseUtils.errorResponse(Constants.NO_PERMISSION, - ResponseCode.AUTHENTICATION_FAILED); + return ResponseUtils_New.errorResponse(Constants.NO_PERMISSION, + ArexApiResponseCode.FS_NO_PERMISSION); } FSGetWorkspaceItemTreeResponseType response = fileSystemService.getWorkspaceItemTree(request); return ResponseUtils.successResponse(response); @@ -443,8 +445,8 @@ public Response batchGetInterfaceCase(@RequestHeader(name = Constants.ACCESS_TOK @RequestBody BatchGetInterfaceCaseRequestType request) { if (!rolePermission.checkPermissionByToken(RolePermission.VIEW_WORKSPACE, token, request.getWorkspaceId())) { - return ResponseUtils.errorResponse(Constants.NO_PERMISSION, - ResponseCode.AUTHENTICATION_FAILED); + return ResponseUtils_New.errorResponse(Constants.NO_PERMISSION, + ArexApiResponseCode.FS_NO_PERMISSION); } BatchGetInterfaceCaseResponseType response = fileSystemService.batchGetInterfaceCase(request); return ResponseUtils.successResponse(response); diff --git a/arex-web-api/src/main/java/com/arextest/web/api/service/controller/LabelController.java b/arex-web-api/src/main/java/com/arextest/web/api/service/controller/LabelController.java index 0ea2bafe..25fa2c52 100644 --- a/arex-web-api/src/main/java/com/arextest/web/api/service/controller/LabelController.java +++ b/arex-web-api/src/main/java/com/arextest/web/api/service/controller/LabelController.java @@ -3,6 +3,8 @@ import com.arextest.common.model.response.Response; import com.arextest.common.model.response.ResponseCode; import com.arextest.common.utils.ResponseUtils; +import com.arextest.common.utils.ResponseUtils_New; +import com.arextest.web.common.exception.ArexApiResponseCode; import com.arextest.web.core.business.LabelService; import com.arextest.web.core.business.filesystem.RolePermission; import com.arextest.web.model.contract.contracts.SuccessResponseType; @@ -41,8 +43,8 @@ public Response saveLabel(@RequestHeader(name = Constants.ACCESS_TOKEN) String t @Valid @RequestBody SaveLabelRequestType request) { if (!rolePermission.checkPermissionByToken(RolePermission.EDIT_LABEL, token, request.getWorkspaceId())) { - return ResponseUtils.errorResponse(Constants.NO_PERMISSION, - ResponseCode.AUTHENTICATION_FAILED); + return ResponseUtils_New.errorResponse(Constants.NO_PERMISSION, + ArexApiResponseCode.FS_NO_PERMISSION); } SuccessResponseType response = new SuccessResponseType(); response.setSuccess(labelService.saveLabel(request)); @@ -54,8 +56,8 @@ public Response removeLabel(@RequestHeader(name = Constants.ACCESS_TOKEN) String @Valid @RequestBody RemoveLabelRequestType request) { if (!rolePermission.checkPermissionByToken(RolePermission.EDIT_LABEL, token, request.getWorkspaceId())) { - return ResponseUtils.errorResponse(Constants.NO_PERMISSION, - ResponseCode.AUTHENTICATION_FAILED); + return ResponseUtils_New.errorResponse(Constants.NO_PERMISSION, + ArexApiResponseCode.FS_NO_PERMISSION); } SuccessResponseType response = new SuccessResponseType(); response.setSuccess(labelService.removeLabel(request)); @@ -68,8 +70,8 @@ public Response queryLabelsByWorkspaceId( @Valid @RequestBody QueryLabelsByWorkspaceIdRequestType request) { if (!rolePermission.checkPermissionByToken(RolePermission.EDIT_LABEL, token, request.getWorkspaceId())) { - return ResponseUtils.errorResponse(Constants.NO_PERMISSION, - ResponseCode.AUTHENTICATION_FAILED); + return ResponseUtils_New.errorResponse(Constants.NO_PERMISSION, + ArexApiResponseCode.FS_NO_PERMISSION); } QueryLabelsByWorkspaceIdResponseType response = new QueryLabelsByWorkspaceIdResponseType(); response.setLabels(labelService.queryLabelsByWorkspaceId(request.getWorkspaceId())); diff --git a/arex-web-api/src/main/java/com/arextest/web/api/service/controller/config/AbstractMultiEnvConfigController.java b/arex-web-api/src/main/java/com/arextest/web/api/service/controller/config/AbstractMultiEnvConfigController.java index 8f97b44c..00588738 100644 --- a/arex-web-api/src/main/java/com/arextest/web/api/service/controller/config/AbstractMultiEnvConfigController.java +++ b/arex-web-api/src/main/java/com/arextest/web/api/service/controller/config/AbstractMultiEnvConfigController.java @@ -33,6 +33,17 @@ public Response modify(@PathVariable ModifyType modifyType, @RequestBody T confi configuration.validateEnvConfigs(); return ResponseUtils.successResponse(getMultiEnvConfigurableHandler().editMultiEnvList(configuration)); } - return super.modify(modifyType, configuration); + if (modifyType == ModifyType.INSERT) { + configuration.validParameters(); + return ResponseUtils.successResponse(getConfigurableHandler().insert(configuration)); + } + if (modifyType == ModifyType.UPDATE) { + configuration.validParameters(); + return ResponseUtils.successResponse(getConfigurableHandler().update(configuration)); + } + if (modifyType == ModifyType.REMOVE) { + return ResponseUtils.successResponse(getConfigurableHandler().remove(configuration)); + } + return ResponseUtils.resourceNotFoundResponse(); } } diff --git a/arex-web-common/src/main/java/com/arextest/web/common/exception/ArexApiResponseCode.java b/arex-web-common/src/main/java/com/arextest/web/common/exception/ArexApiResponseCode.java index 54baccae..c22d23a3 100644 --- a/arex-web-common/src/main/java/com/arextest/web/common/exception/ArexApiResponseCode.java +++ b/arex-web-common/src/main/java/com/arextest/web/common/exception/ArexApiResponseCode.java @@ -4,10 +4,12 @@ /** * Response codes from arex-api start with 1 + * * @author b_yu * @since 2023/11/8 */ public class ArexApiResponseCode extends ResponseCode_New { + // common error codes start with 101xxx public static final int UNSUPPORTED_CATEGORY = 101001; public static final int RECORD_CASE_NOT_FOUND = 101002; @@ -20,5 +22,16 @@ public class ArexApiResponseCode extends ResponseCode_New { public static final int FS_FORMAT_ERROR = 103002; public static final int FS_UNKNOWN_NODE_TYPE = 103003; + // collections auth error codes start with 1039xx + public static final int FS_NO_PERMISSION = 103900; + // record & replay error codes start with 104xxx + + // app auth error codes start with 105xxx, shared with arex-storage-web-api + // com.arextest.storage.model.ArexStorageResponseCode + public static final int APP_AUTH_NO_APP_ID = 105001; + public static final int APP_AUTH_ERROR_APP_ID = 105002; + public static final int APP_AUTH_NO_PERMISSION = 105003; + + } diff --git a/arex-web-core/src/main/java/com/arextest/web/core/business/config/record/ServiceCollectConfigurableHandler.java b/arex-web-core/src/main/java/com/arextest/web/core/business/config/record/ServiceCollectConfigurableHandler.java index 52327a12..d4983a05 100644 --- a/arex-web-core/src/main/java/com/arextest/web/core/business/config/record/ServiceCollectConfigurableHandler.java +++ b/arex-web-core/src/main/java/com/arextest/web/core/business/config/record/ServiceCollectConfigurableHandler.java @@ -2,9 +2,11 @@ import com.arextest.config.model.dto.record.ServiceCollectConfiguration; import com.arextest.config.repository.MultiEnvConfigRepositoryProvider; +import com.arextest.config.repository.impl.ServiceCollectConfigurationRepositoryImpl; import com.arextest.web.core.business.config.AbstractMultiEnvConfigHandler; import java.util.Collections; import java.util.List; +import javax.annotation.Resource; import lombok.extern.slf4j.Slf4j; import org.springframework.beans.factory.annotation.Autowired; import org.springframework.stereotype.Component; @@ -18,6 +20,9 @@ public final class ServiceCollectConfigurableHandler extends AbstractMultiEnvConfigHandler { + @Resource + ServiceCollectConfigurationRepositoryImpl serviceCollectConfigurationRepository; + protected ServiceCollectConfigurableHandler( @Autowired MultiEnvConfigRepositoryProvider repositoryProvider) { super(repositoryProvider); @@ -39,7 +44,6 @@ protected void mergeGlobalDefaultSettings(ServiceCollectConfiguration source) { } public void updateServiceCollectTime(String appId) { - ServiceCollectConfiguration serviceCollectConfiguration = this.useResult(appId); - this.update(serviceCollectConfiguration); + serviceCollectConfigurationRepository.updateServiceCollectTime(appId); } } diff --git a/pom.xml b/pom.xml index be7c7107..14152992 100644 --- a/pom.xml +++ b/pom.xml @@ -498,7 +498,7 @@ 0.6.5.1 0.1.28 0.0.1 - 1.2.15 + 1.2.24 1.1.27 0.0.1 2.9.3