manager/orion-visor
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

feature: 主机额外配置保存.

Browse Source
This commit is contained in:
lijiahangmax
2023-12-24 22:20:33 +08:00
parent 68ac0d6968
commit 03c87b28d4
16 changed files with 187 additions and 66 deletions
Download Patch File Download Diff File Expand all files Collapse all files

16
orion-ops-module-infra/orion-ops-module-infra-provider/src/main/java/com/orion/ops/module/infra/api/DataExtraApi.java
View File

@@ -96,4 +96,20 @@ public interface DataExtraApi {
*/
Integer deleteByRelId(DataExtraTypeEnum type, Long relId);
/**
* 删除主机秘钥
*
* @param keyId keyId
* @return effect
*/
int deleteHostKeyExtra(Long keyId);
/**
* 删除主机身份
*
* @param identityId identityId
* @return effect
*/
int deleteHostIdentityExtra(Long identityId);
}

10
orion-ops-module-infra/orion-ops-module-infra-provider/src/main/java/com/orion/ops/module/infra/api/DataPermissionApi.java
View File

@@ -30,6 +30,16 @@ public interface DataPermissionApi {
*/
void updateDataPermission(DataPermissionTypeEnum type, DataPermissionUpdateDTO dto);
/**
* 检查用户是否有权限
*
* @param type type
* @param userId userId
* @param relId relId
* @return effect
*/
boolean hasPermission(DataPermissionTypeEnum type, Long userId, Long relId);
/**
* 通过 userId 查询数据权限 (不包含角色 不走缓存)
*

16
orion-ops-module-infra/orion-ops-module-infra-service/src/main/java/com/orion/ops/module/infra/api/impl/DataExtraApiImpl.java
View File

@@ -3,6 +3,7 @@ package com.orion.ops.module.infra.api.impl;
import com.orion.ops.framework.common.utils.Valid;
import com.orion.ops.module.infra.api.DataExtraApi;
import com.orion.ops.module.infra.convert.DataExtraProviderConvert;
import com.orion.ops.module.infra.dao.DataExtraDAO;
import com.orion.ops.module.infra.entity.domain.DataExtraDO;
import com.orion.ops.module.infra.entity.dto.data.DataExtraDTO;
import com.orion.ops.module.infra.entity.dto.data.DataExtraQueryDTO;
@@ -33,6 +34,9 @@ public class DataExtraApiImpl implements DataExtraApi {
@Resource
private DataExtraService dataExtraService;
@Resource
private DataExtraDAO dataExtraDAO;
@Override
public Integer setExtraItem(DataExtraSetDTO dto, DataExtraTypeEnum type) {
Valid.valid(dto);
@@ -103,4 +107,16 @@ public class DataExtraApiImpl implements DataExtraApi {
return dataExtraService.deleteByRelId(type.name(), relId);
}
@Override
public int deleteHostKeyExtra(Long keyId) {
Valid.notNull(keyId);
return dataExtraDAO.deleteHostKey(keyId);
}
@Override
public int deleteHostIdentityExtra(Long identityId) {
Valid.notNull(identityId);
return dataExtraDAO.deleteHostIdentity(identityId);
}
}

6
orion-ops-module-infra/orion-ops-module-infra-service/src/main/java/com/orion/ops/module/infra/api/impl/DataPermissionApiImpl.java
View File

@@ -49,6 +49,12 @@ public class DataPermissionApiImpl implements DataPermissionApi {
dataPermissionService.updateDataPermission(request);
}
@Override
public boolean hasPermission(DataPermissionTypeEnum type, Long userId, Long relId) {
Valid.allNotNull(userId, relId);
return dataPermissionService.hasPermission(type.name(), userId, relId);
}
@Override
public List<Long> getRelIdListByUserId(DataPermissionTypeEnum type, Long userId) {
return dataPermissionService.getRelIdListByUserId(type.name(), userId);

17
orion-ops-module-infra/orion-ops-module-infra-service/src/main/java/com/orion/ops/module/infra/dao/DataExtraDAO.java
View File

@@ -4,6 +4,7 @@ import com.baomidou.mybatisplus.core.conditions.query.LambdaQueryWrapper;
import com.orion.ops.framework.mybatis.core.mapper.IMapper;
import com.orion.ops.module.infra.entity.domain.DataExtraDO;
import org.apache.ibatis.annotations.Mapper;
import org.apache.ibatis.annotations.Param;
/**
* 数据拓展信息 Mapper 接口
@@ -41,4 +42,20 @@ public interface DataExtraDAO extends IMapper<DataExtraDO> {
return this.delete(wrapper);
}
/**
* 删除主机秘钥
*
* @param keyId keyId
* @return effect
*/
int deleteHostKey(@Param("keyId") Long keyId);
/**
* 删除主机身份
*
* @param identityId identityId
* @return effect
*/
int deleteHostIdentity(@Param("identityId") Long identityId);
}

11
orion-ops-module-infra/orion-ops-module-infra-service/src/main/java/com/orion/ops/module/infra/service/DataPermissionService.java
View File

@@ -1,6 +1,7 @@
package com.orion.ops.module.infra.service;
import com.orion.ops.module.infra.entity.request.data.DataPermissionUpdateRequest;
import com.orion.ops.module.infra.enums.DataPermissionTypeEnum;
import java.util.List;
@@ -27,6 +28,16 @@ public interface DataPermissionService {
*/
void updateDataPermission(DataPermissionUpdateRequest request);
/**
* 检查用户是否有权限
*
* @param type type
* @param userId userId
* @param relId relId
* @return effect
*/
boolean hasPermission(String type, Long userId, Long relId);
/**
* 通过 userId 查询数据权限 (不包含角色 不走缓存)
*

47
orion-ops-module-infra/orion-ops-module-infra-service/src/main/java/com/orion/ops/module/infra/service/impl/DataPermissionServiceImpl.java
View File

@@ -104,6 +104,16 @@ public class DataPermissionServiceImpl implements DataPermissionService {
this.deleteCache(type, userId, roleId);
}
@Override
public boolean hasPermission(String type, Long userId, Long relId) {
// 查询用户授权列表
List<Long> relIdList = this.getUserAuthorizedRelIdList(type, userId);
if (relIdList.isEmpty()) {
return false;
}
return relIdList.contains(relId);
}
@Override
public List<Long> getRelIdListByUserId(String type, Long userId) {
return dataPermissionDAO.of()
@@ -185,41 +195,27 @@ public class DataPermissionServiceImpl implements DataPermissionService {
.collect(Collectors.toList());
List<Long> userIdList = mapper.apply(DataPermissionDO::getUserId);
List<Long> roleIdList = mapper.apply(DataPermissionDO::getRoleId);
this.deleteCache(Lists.singleton(type), userIdList, roleIdList);
this.deleteCache(userIdList, roleIdList);
return effect;
}
@Override
public int deleteByUserId(Long userId) {
LambdaQueryWrapper<DataPermissionDO> wrapper = Conditions.eq(DataPermissionDO::getUserId, userId);
// 查询
List<String> typeList = dataPermissionDAO.of()
.wrapper(wrapper)
.stream()
.map(DataPermissionDO::getType)
.distinct()
.collect(Collectors.toList());
// 删除
int effect = dataPermissionDAO.delete(wrapper);
// 删除缓存
this.deleteCache(typeList, Lists.singleton(userId), null);
this.deleteCache(Lists.singleton(userId), null);
return effect;
}
@Override
public int deleteByRoleId(Long roleId) {
LambdaQueryWrapper<DataPermissionDO> wrapper = Conditions.eq(DataPermissionDO::getRoleId, roleId);
// 查询
List<String> typeList = dataPermissionDAO.of()
.wrapper(wrapper)
.stream()
.map(DataPermissionDO::getType)
.distinct()
.collect(Collectors.toList());
// 删除
int effect = dataPermissionDAO.delete(wrapper);
// 删除缓存
this.deleteCache(typeList, null, Lists.singleton(roleId));
this.deleteCache(null, Lists.singleton(roleId));
return effect;
}
@@ -241,12 +237,12 @@ public class DataPermissionServiceImpl implements DataPermissionService {
@Override
public void clearUserCache(List<Long> userIdList) {
// 扫描的 key
List<String> keyMatchs = userIdList.stream()
List<String> keyMatches = userIdList.stream()
.distinct()
.map(s -> DataPermissionCacheKeyDefine.DATA_PERMISSION_USER.format("*", s))
.collect(Collectors.toList());
// 扫描并删除
RedisUtils.scanKeysDelete(keyMatchs);
RedisUtils.scanKeysDelete(keyMatches);
}
/**
@@ -262,8 +258,10 @@ public class DataPermissionServiceImpl implements DataPermissionService {
userIdList.add(userId);
}
// 查询角色的权限
List<Long> roleUserIdList = systemUserRoleDAO.selectUserIdByRoleId(roleId);
userIdList.addAll(roleUserIdList);
if (roleId != null) {
List<Long> roleUserIdList = systemUserRoleDAO.selectUserIdByRoleId(roleId);
userIdList.addAll(roleUserIdList);
}
// 删除缓存
if (!userIdList.isEmpty()) {
List<String> keys = userIdList.stream()
@@ -276,11 +274,10 @@ public class DataPermissionServiceImpl implements DataPermissionService {
/**
* 删除缓存
*
* @param typeList typeList
* @param userIdList userIdList
* @param roleIdList roleIdList
*/
private void deleteCache(List<String> typeList, List<Long> userIdList, List<Long> roleIdList) {
private void deleteCache(List<Long> userIdList, List<Long> roleIdList) {
Set<Long> deleteUserIdList = new HashSet<>(4);
if (!Lists.isEmpty(userIdList)) {
deleteUserIdList.addAll(userIdList);
@@ -295,10 +292,10 @@ public class DataPermissionServiceImpl implements DataPermissionService {
}
// 删除缓存
List<String> keys = new ArrayList<>();
for (String type : typeList) {
for (DataPermissionTypeEnum type : DataPermissionTypeEnum.values()) {
userIdList.stream()
.filter(Objects::nonNull)
.map(s -> DataPermissionCacheKeyDefine.DATA_PERMISSION_USER.format(type, s))
.map(s -> DataPermissionCacheKeyDefine.DATA_PERMISSION_USER.format(type.name(), s))
.forEach(keys::add);
}
RedisLists.delete(keys);

2
orion-ops-module-infra/orion-ops-module-infra-service/src/main/java/com/orion/ops/module/infra/service/impl/SystemRoleServiceImpl.java
View File

@@ -185,7 +185,7 @@ public class SystemRoleServiceImpl implements SystemRoleService {
// 删除用户缓存中的角色
systemUserRoleService.deleteUserCacheRoleAsync(id, userIdList);
// 删除数据权限缓存
dataPermissionService.clearUserCache(userIdList);
dataPermissionService.deleteByRoleId(id);
return effect;
}

22
orion-ops-module-infra/orion-ops-module-infra-service/src/main/resources/mapper/DataExtraMapper.xml
View File

@@ -22,4 +22,26 @@
id, user_id, rel_id, type, item, value, create_time, update_time, creator, updater, deleted
</sql>
<delete id="deleteHostKey">
UPDATE data_extra
SET value = JSON_REPLACE(value,
"$.keyId", NULL,
"$.authType", IF(JSON_EXTRACT(value, "$.authType") = 'KEY', 'DEFAULT', JSON_EXTRACT(value, "$.authType")))
WHERE deleted = 0
AND type = 'HOST'
AND item = 'ssh'
AND JSON_CONTAINS(value, JSON_OBJECT('keyId', #{keyId}))
</delete>
<delete id="deleteHostIdentity">
UPDATE data_extra
SET value = JSON_REPLACE(value,
"$.identityId", NULL,
"$.authType", IF(JSON_EXTRACT(value, "$.authType") = 'IDENTITY', 'DEFAULT', JSON_EXTRACT(value, "$.authType")))
WHERE deleted = 0
AND type = 'HOST'
AND item = 'ssh'
AND JSON_CONTAINS(value, JSON_OBJECT('identityId', #{identityId}))
</delete>
</mapper>