Commit 40ef0bd1 by Jason Song Committed by GitHub

Merge pull request #427 from lepdou/assign_role_when_create_namespace

default assign modify、release namespace role to namespace creator
parents f5dd22eb eb21142d
package com.ctrip.framework.apollo.portal.controller;
import com.google.common.collect.Sets;
import com.ctrip.framework.apollo.common.dto.NamespaceDTO;
import com.ctrip.framework.apollo.common.entity.App;
import com.ctrip.framework.apollo.common.entity.AppNamespace;
......@@ -10,6 +12,7 @@ import com.ctrip.framework.apollo.core.enums.ConfigFileFormat;
import com.ctrip.framework.apollo.core.enums.Env;
import com.ctrip.framework.apollo.core.utils.StringUtils;
import com.ctrip.framework.apollo.portal.auth.UserInfoHolder;
import com.ctrip.framework.apollo.portal.constant.RoleType;
import com.ctrip.framework.apollo.portal.entity.form.NamespaceCreationModel;
import com.ctrip.framework.apollo.portal.entity.vo.NamespaceVO;
import com.ctrip.framework.apollo.portal.listener.AppNamespaceCreationEvent;
......@@ -17,6 +20,8 @@ import com.ctrip.framework.apollo.portal.service.AppNamespaceService;
import com.ctrip.framework.apollo.portal.service.AppService;
import com.ctrip.framework.apollo.portal.service.NamespaceService;
import com.ctrip.framework.apollo.portal.service.RoleInitializationService;
import com.ctrip.framework.apollo.portal.service.RolePermissionService;
import com.ctrip.framework.apollo.portal.util.RoleUtils;
import com.dianping.cat.Cat;
import org.slf4j.Logger;
......@@ -53,6 +58,8 @@ public class NamespaceController {
private AppNamespaceService appNamespaceService;
@Autowired
private RoleInitializationService roleInitializationService;
@Autowired
private RolePermissionService rolePermissionService;
@RequestMapping("/appnamespaces/public")
public List<AppNamespace> findPublicAppNamespaces() {
......@@ -67,9 +74,10 @@ public class NamespaceController {
checkModel(!CollectionUtils.isEmpty(models));
roleInitializationService.initNamespaceRoles(appId, models.get(0).getNamespace().getNamespaceName());
String namespaceName = null;
for (NamespaceCreationModel model : models) {
NamespaceDTO namespace = model.getNamespace();
namespaceName = namespace.getNamespaceName();
RequestPrecondition
.checkArgumentsNotEmpty(model.getEnv(), namespace.getAppId(), namespace.getClusterName(), namespace.getNamespaceName());
......@@ -82,6 +90,14 @@ public class NamespaceController {
String.format("create namespace fail. (env=%s namespace=%s)", model.getEnv(), namespace.getNamespaceName()), e);
}
}
//default assign modify、release namespace role to namespace creator
String loginUser = userInfoHolder.getUser().getUserId();
rolePermissionService.assignRoleToUsers(RoleUtils.buildNamespaceRoleName(appId, namespaceName, RoleType.MODIFY_NAMESPACE),
Sets.newHashSet(loginUser), loginUser);
rolePermissionService.assignRoleToUsers(RoleUtils.buildNamespaceRoleName(appId, namespaceName, RoleType.RELEASE_NAMESPACE),
Sets.newHashSet(loginUser), loginUser);
return ResponseEntity.ok().build();
}
......
......@@ -8,6 +8,7 @@ import com.ctrip.framework.apollo.common.entity.App;
import com.ctrip.framework.apollo.core.ConfigConsts;
import com.ctrip.framework.apollo.portal.auth.UserInfoHolder;
import com.ctrip.framework.apollo.portal.constant.PermissionType;
import com.ctrip.framework.apollo.portal.constant.RoleType;
import com.ctrip.framework.apollo.portal.entity.po.Permission;
import com.ctrip.framework.apollo.portal.entity.po.Role;
import com.ctrip.framework.apollo.portal.util.RoleUtils;
......@@ -36,17 +37,23 @@ public class RoleInitializationService {
if (rolePermissionService.findRoleByRoleName(appMasterRoleName) != null) {
return;
}
String operaterUserId = userInfoHolder.getUser().getUserId();
String operator = userInfoHolder.getUser().getUserId();
//create app permissions
createAppMasterRole(appId);
//assign master role to user
rolePermissionService
.assignRoleToUsers(RoleUtils.buildAppMasterRoleName(appId), Sets.newHashSet(app.getOwnerName()),
operaterUserId);
operator);
initNamespaceRoles(appId, ConfigConsts.NAMESPACE_APPLICATION);
//assign modify、release namespace role to user
rolePermissionService.assignRoleToUsers(RoleUtils.buildNamespaceRoleName(appId, ConfigConsts.NAMESPACE_APPLICATION, RoleType.MODIFY_NAMESPACE),
Sets.newHashSet(operator), operator);
rolePermissionService.assignRoleToUsers(RoleUtils.buildNamespaceRoleName(appId, ConfigConsts.NAMESPACE_APPLICATION, RoleType.RELEASE_NAMESPACE),
Sets.newHashSet(operator), operator);
}
@Transactional
......
......@@ -262,10 +262,6 @@ table th {
font-size: 13px;
}
.config-item-container {
padding-top: 19px;
}
.config-item-container .panel {
border-radius: 0;
}
......
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment