From ee337b22c3830c1ca39b3f7694832e0e8e6cc66d Mon Sep 17 00:00:00 2001 From: yjieliang Date: Thu, 24 Mar 2022 14:23:32 +0800 Subject: [PATCH 01/11] =?UTF-8?q?feat=EF=BC=9A=20json=E6=96=87=E4=BB=B6?= =?UTF-8?q?=E7=94=9F=E6=88=90=E7=9A=84=E6=B5=81=E6=B0=B4=E7=BA=BF=E8=87=AA?= =?UTF-8?q?=E5=8A=A8=E4=B8=8B=E8=BD=BD=E8=8C=83=E5=9B=B4=E5=8F=AF=E8=A7=81?= =?UTF-8?q?=E6=8F=92=E4=BB=B6=20#5939?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- .../service/PipelineInfoFacadeService.kt | 12 ++- .../api/template/ServiceTemplateResource.kt | 17 +++++ .../template/ServiceTemplateResourceImpl.kt | 5 ++ .../service/template/MarketTemplateService.kt | 10 +++ .../impl/MarketTemplateServiceImpl.kt | 73 +++++++++++++++++++ 5 files changed, 116 insertions(+), 1 deletion(-) diff --git a/src/backend/ci/core/process/biz-process/src/main/kotlin/com/tencent/devops/process/service/PipelineInfoFacadeService.kt b/src/backend/ci/core/process/biz-process/src/main/kotlin/com/tencent/devops/process/service/PipelineInfoFacadeService.kt index 1fd60f10f3c..f40f0f995ab 100644 --- a/src/backend/ci/core/process/biz-process/src/main/kotlin/com/tencent/devops/process/service/PipelineInfoFacadeService.kt +++ b/src/backend/ci/core/process/biz-process/src/main/kotlin/com/tencent/devops/process/service/PipelineInfoFacadeService.kt @@ -145,7 +145,17 @@ class PipelineInfoFacadeService @Autowired constructor( } val model = pipelineModelAndSetting.model modelCheckPlugin.clearUpModel(model) - + if (model.srcTemplateId.isNullOrBlank()) { + val validateRet = client.get(ServiceTemplateResource::class) + .validateModelComponentVisibleDept( + userId = userId, + model = model, + projectCode = projectId + ) + if (validateRet.isNotOk()) { + throw OperationException(validateRet.message ?: "模版下存在无权限的组件") + } + } val newPipelineId = createPipeline( userId = userId, projectId = projectId, diff --git a/src/backend/ci/core/store/api-store/src/main/kotlin/com/tencent/devops/store/api/template/ServiceTemplateResource.kt b/src/backend/ci/core/store/api-store/src/main/kotlin/com/tencent/devops/store/api/template/ServiceTemplateResource.kt index 5b4e97c4051..55cba01341c 100644 --- a/src/backend/ci/core/store/api-store/src/main/kotlin/com/tencent/devops/store/api/template/ServiceTemplateResource.kt +++ b/src/backend/ci/core/store/api-store/src/main/kotlin/com/tencent/devops/store/api/template/ServiceTemplateResource.kt @@ -29,11 +29,13 @@ package com.tencent.devops.store.api.template import com.tencent.devops.common.api.auth.AUTH_HEADER_USER_ID import com.tencent.devops.common.api.pojo.Result +import com.tencent.devops.common.pipeline.Model import com.tencent.devops.store.pojo.template.InstallTemplateReq import com.tencent.devops.store.pojo.template.MarketTemplateResp import io.swagger.annotations.Api import io.swagger.annotations.ApiOperation import io.swagger.annotations.ApiParam +import javax.validation.Valid import javax.ws.rs.Consumes import javax.ws.rs.GET import javax.ws.rs.HeaderParam @@ -84,4 +86,19 @@ interface ServiceTemplateResource { @QueryParam("projectCode") projectCode: String ): Result + + @ApiOperation("校验流水线模型内组件可见范围") + @POST + @Path("/{projectCode}/verification") + fun validateModelComponentVisibleDept( + @ApiParam("用户", required = true) + @HeaderParam(AUTH_HEADER_USER_ID) + userId: String, + @ApiParam("流水线模型", required = true) + @Valid + model: Model, + @ApiParam("项目", required = true) + @PathParam("projectCode") + projectCode: String + ): Result } diff --git a/src/backend/ci/core/store/biz-store/src/main/kotlin/com/tencent/devops/store/resources/template/ServiceTemplateResourceImpl.kt b/src/backend/ci/core/store/biz-store/src/main/kotlin/com/tencent/devops/store/resources/template/ServiceTemplateResourceImpl.kt index f0529ee694c..c5521abc8d3 100644 --- a/src/backend/ci/core/store/biz-store/src/main/kotlin/com/tencent/devops/store/resources/template/ServiceTemplateResourceImpl.kt +++ b/src/backend/ci/core/store/biz-store/src/main/kotlin/com/tencent/devops/store/resources/template/ServiceTemplateResourceImpl.kt @@ -28,6 +28,7 @@ package com.tencent.devops.store.resources.template import com.tencent.devops.common.api.pojo.Result +import com.tencent.devops.common.pipeline.Model import com.tencent.devops.common.pipeline.enums.ChannelCode import com.tencent.devops.common.web.RestResource import com.tencent.devops.store.api.template.ServiceTemplateResource @@ -78,4 +79,8 @@ class ServiceTemplateResourceImpl @Autowired constructor( projectCodeList = arrayListOf(projectCode) ) } + + override fun validateModelComponentVisibleDept(userId: String, model: Model, projectCode: String): Result { + return marketTemplateService.verificationModelComponentVisibleDept(userId, model, projectCode) + } } diff --git a/src/backend/ci/core/store/biz-store/src/main/kotlin/com/tencent/devops/store/service/template/MarketTemplateService.kt b/src/backend/ci/core/store/biz-store/src/main/kotlin/com/tencent/devops/store/service/template/MarketTemplateService.kt index 281d3690cd0..b94004c0b65 100644 --- a/src/backend/ci/core/store/biz-store/src/main/kotlin/com/tencent/devops/store/service/template/MarketTemplateService.kt +++ b/src/backend/ci/core/store/biz-store/src/main/kotlin/com/tencent/devops/store/service/template/MarketTemplateService.kt @@ -29,6 +29,7 @@ package com.tencent.devops.store.service.template import com.tencent.devops.common.api.pojo.Page import com.tencent.devops.common.api.pojo.Result +import com.tencent.devops.common.pipeline.Model import com.tencent.devops.common.pipeline.enums.ChannelCode import com.tencent.devops.store.pojo.template.InstallTemplateReq import com.tencent.devops.store.pojo.template.MarketTemplateMain @@ -109,6 +110,15 @@ interface MarketTemplateService { projectCodeList: ArrayList ): Result + /** + * 校验流水线模型组件的可见范围 + */ + fun verificationModelComponentVisibleDept( + userId: String, + model: Model, + projectCode: String + ): Result + /** * 获取工作台模版列表 */ diff --git a/src/backend/ci/core/store/biz-store/src/main/kotlin/com/tencent/devops/store/service/template/impl/MarketTemplateServiceImpl.kt b/src/backend/ci/core/store/biz-store/src/main/kotlin/com/tencent/devops/store/service/template/impl/MarketTemplateServiceImpl.kt index 5fbb30eb0a8..9426bf99223 100644 --- a/src/backend/ci/core/store/biz-store/src/main/kotlin/com/tencent/devops/store/service/template/impl/MarketTemplateServiceImpl.kt +++ b/src/backend/ci/core/store/biz-store/src/main/kotlin/com/tencent/devops/store/service/template/impl/MarketTemplateServiceImpl.kt @@ -755,6 +755,79 @@ abstract class MarketTemplateServiceImpl @Autowired constructor() : MarketTempla return Result(data = true) } + override fun verificationModelComponentVisibleDept(userId: String, model: Model, projectCode: String): Result { + val invalidImageList = mutableListOf() + val invalidAtomList = mutableListOf() + val needInstallImageMap = mutableMapOf() + val needInstallAtomMap = mutableMapOf() + val userDeptIdList = storeUserService.getUserDeptList(userId) // 获取用户的机构ID信息 + val stageList = model.stages + // 获取模板下镜像的机构信息 + val modelImageDeptMap = storeDeptService.getTemplateImageDeptMap(stageList) + // 获取每个模板下插件的机构信息 + val modelAtomDeptMap = storeDeptService.getTemplateAtomDeptMap(stageList) + // 获取可用的镜像标识列表 + val validImageCodes = getValidStoreCodes( + projectCode = projectCode, + storeCodes = modelImageDeptMap.keys, + storeType = StoreTypeEnum.IMAGE + ) + // 获取可用的插件标识列表 + val validAtomCodes = getValidStoreCodes( + projectCode = projectCode, + storeCodes = modelAtomDeptMap.keys, + storeType = StoreTypeEnum.ATOM + ) + stageList.forEach { stage -> + val containerList = stage.containers + containerList.forEach { container -> + // 判断用户的组织架构是否在镜像的可见范围之内 + validateUserImageVisible( + container = container, + templateImageDeptMap = modelImageDeptMap, + userId = userId, + userDeptIdList = userDeptIdList, + validImageCodes = validImageCodes, + invalidImageList = invalidImageList, + needInstallImageMap = needInstallImageMap + ) + val elementList = container.elements + elementList.forEach { element -> + // 判断用户的组织架构是否在插件的可见范围之内 + validateUserAtomVisible( + element = element, + userId = userId, + userDeptIdList = userDeptIdList, + templateAtomDeptMap = modelAtomDeptMap, + validAtomCodes = validAtomCodes, + invalidAtomList = invalidAtomList, + needInstallAtomMap = needInstallAtomMap + ) + } + } + if (invalidImageList.isNotEmpty()) { + // 存在用户不在镜像的可见范围内的镜像,给出错误提示 + throw ErrorCodeException( + errorCode = StoreMessageCode.USER_IMAGE_PROJECT_IS_INVALID, + params = arrayOf(JsonUtil.toJson(invalidImageList), projectCode) + ) + } + logger.info("validateModelComponentVisibleDept invalidAtomList:$invalidAtomList") + if (invalidAtomList.isNotEmpty()) { + // 存在用户不在插件的可见范围内的插件,给出错误提示 + throw ErrorCodeException( + errorCode = StoreMessageCode.USER_ATOM_VISIBLE_DEPT_IS_INVALID, + params = arrayOf(JsonUtil.toJson(invalidAtomList)) + ) + } + // 安装镜像 + installStoreComponent(needInstallImageMap, userId, projectCode, StoreTypeEnum.IMAGE) + // 安装插件 + installStoreComponent(needInstallAtomMap, userId, projectCode, StoreTypeEnum.ATOM) + } + return Result(data = true) + } + private fun validateUserImageVisible( container: Container, templateImageDeptMap: Map?>, From 35bafef01cd0e3b7b38d1909e685354bc0ca16cb Mon Sep 17 00:00:00 2001 From: yjieliang Date: Mon, 28 Mar 2022 11:03:14 +0800 Subject: [PATCH 02/11] =?UTF-8?q?feat=EF=BC=9A=20json=E6=96=87=E4=BB=B6?= =?UTF-8?q?=E7=94=9F=E6=88=90=E7=9A=84=E6=B5=81=E6=B0=B4=E7=BA=BF=E8=87=AA?= =?UTF-8?q?=E5=8A=A8=E4=B8=8B=E8=BD=BD=E8=8C=83=E5=9B=B4=E5=8F=AF=E8=A7=81?= =?UTF-8?q?=E6=8F=92=E4=BB=B6=20#5939?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- .../devops/process/service/PipelineInfoFacadeService.kt | 2 +- .../devops/store/api/template/ServiceTemplateResource.kt | 6 +++--- .../store/resources/template/ServiceTemplateResourceImpl.kt | 4 ++-- .../devops/store/service/template/MarketTemplateService.kt | 4 ++-- .../service/template/impl/MarketTemplateServiceImpl.kt | 4 ++-- 5 files changed, 10 insertions(+), 10 deletions(-) diff --git a/src/backend/ci/core/process/biz-process/src/main/kotlin/com/tencent/devops/process/service/PipelineInfoFacadeService.kt b/src/backend/ci/core/process/biz-process/src/main/kotlin/com/tencent/devops/process/service/PipelineInfoFacadeService.kt index f40f0f995ab..40c0e999198 100644 --- a/src/backend/ci/core/process/biz-process/src/main/kotlin/com/tencent/devops/process/service/PipelineInfoFacadeService.kt +++ b/src/backend/ci/core/process/biz-process/src/main/kotlin/com/tencent/devops/process/service/PipelineInfoFacadeService.kt @@ -149,7 +149,7 @@ class PipelineInfoFacadeService @Autowired constructor( val validateRet = client.get(ServiceTemplateResource::class) .validateModelComponentVisibleDept( userId = userId, - model = model, + stageList = model.stages, projectCode = projectId ) if (validateRet.isNotOk()) { diff --git a/src/backend/ci/core/store/api-store/src/main/kotlin/com/tencent/devops/store/api/template/ServiceTemplateResource.kt b/src/backend/ci/core/store/api-store/src/main/kotlin/com/tencent/devops/store/api/template/ServiceTemplateResource.kt index 55cba01341c..53e4c786ad3 100644 --- a/src/backend/ci/core/store/api-store/src/main/kotlin/com/tencent/devops/store/api/template/ServiceTemplateResource.kt +++ b/src/backend/ci/core/store/api-store/src/main/kotlin/com/tencent/devops/store/api/template/ServiceTemplateResource.kt @@ -29,7 +29,7 @@ package com.tencent.devops.store.api.template import com.tencent.devops.common.api.auth.AUTH_HEADER_USER_ID import com.tencent.devops.common.api.pojo.Result -import com.tencent.devops.common.pipeline.Model +import com.tencent.devops.common.pipeline.container.Stage import com.tencent.devops.store.pojo.template.InstallTemplateReq import com.tencent.devops.store.pojo.template.MarketTemplateResp import io.swagger.annotations.Api @@ -94,9 +94,9 @@ interface ServiceTemplateResource { @ApiParam("用户", required = true) @HeaderParam(AUTH_HEADER_USER_ID) userId: String, - @ApiParam("流水线模型", required = true) + @ApiParam("流水线模型-阶段", required = true) @Valid - model: Model, + stageList: List, @ApiParam("项目", required = true) @PathParam("projectCode") projectCode: String diff --git a/src/backend/ci/core/store/biz-store/src/main/kotlin/com/tencent/devops/store/resources/template/ServiceTemplateResourceImpl.kt b/src/backend/ci/core/store/biz-store/src/main/kotlin/com/tencent/devops/store/resources/template/ServiceTemplateResourceImpl.kt index c5521abc8d3..fbb05815956 100644 --- a/src/backend/ci/core/store/biz-store/src/main/kotlin/com/tencent/devops/store/resources/template/ServiceTemplateResourceImpl.kt +++ b/src/backend/ci/core/store/biz-store/src/main/kotlin/com/tencent/devops/store/resources/template/ServiceTemplateResourceImpl.kt @@ -80,7 +80,7 @@ class ServiceTemplateResourceImpl @Autowired constructor( ) } - override fun validateModelComponentVisibleDept(userId: String, model: Model, projectCode: String): Result { - return marketTemplateService.verificationModelComponentVisibleDept(userId, model, projectCode) + override fun validateModelComponentVisibleDept(userId: String, stageList: List, projectCode: String): Result { + return marketTemplateService.verificationModelComponentVisibleDept(userId, stageList, projectCode) } } diff --git a/src/backend/ci/core/store/biz-store/src/main/kotlin/com/tencent/devops/store/service/template/MarketTemplateService.kt b/src/backend/ci/core/store/biz-store/src/main/kotlin/com/tencent/devops/store/service/template/MarketTemplateService.kt index b94004c0b65..524ae131700 100644 --- a/src/backend/ci/core/store/biz-store/src/main/kotlin/com/tencent/devops/store/service/template/MarketTemplateService.kt +++ b/src/backend/ci/core/store/biz-store/src/main/kotlin/com/tencent/devops/store/service/template/MarketTemplateService.kt @@ -29,7 +29,7 @@ package com.tencent.devops.store.service.template import com.tencent.devops.common.api.pojo.Page import com.tencent.devops.common.api.pojo.Result -import com.tencent.devops.common.pipeline.Model +import com.tencent.devops.common.pipeline.container.Stage import com.tencent.devops.common.pipeline.enums.ChannelCode import com.tencent.devops.store.pojo.template.InstallTemplateReq import com.tencent.devops.store.pojo.template.MarketTemplateMain @@ -115,7 +115,7 @@ interface MarketTemplateService { */ fun verificationModelComponentVisibleDept( userId: String, - model: Model, + stageList: List, projectCode: String ): Result diff --git a/src/backend/ci/core/store/biz-store/src/main/kotlin/com/tencent/devops/store/service/template/impl/MarketTemplateServiceImpl.kt b/src/backend/ci/core/store/biz-store/src/main/kotlin/com/tencent/devops/store/service/template/impl/MarketTemplateServiceImpl.kt index 9426bf99223..a74bf3fc9d5 100644 --- a/src/backend/ci/core/store/biz-store/src/main/kotlin/com/tencent/devops/store/service/template/impl/MarketTemplateServiceImpl.kt +++ b/src/backend/ci/core/store/biz-store/src/main/kotlin/com/tencent/devops/store/service/template/impl/MarketTemplateServiceImpl.kt @@ -41,6 +41,7 @@ import com.tencent.devops.common.api.util.timestampmilli import com.tencent.devops.common.client.Client import com.tencent.devops.common.pipeline.Model import com.tencent.devops.common.pipeline.container.Container +import com.tencent.devops.common.pipeline.container.Stage import com.tencent.devops.common.pipeline.container.VMBuildContainer import com.tencent.devops.common.pipeline.enums.ChannelCode import com.tencent.devops.common.pipeline.pojo.element.Element @@ -755,13 +756,12 @@ abstract class MarketTemplateServiceImpl @Autowired constructor() : MarketTempla return Result(data = true) } - override fun verificationModelComponentVisibleDept(userId: String, model: Model, projectCode: String): Result { + override fun verificationModelComponentVisibleDept(userId: String, stageList: List, projectCode: String): Result { val invalidImageList = mutableListOf() val invalidAtomList = mutableListOf() val needInstallImageMap = mutableMapOf() val needInstallAtomMap = mutableMapOf() val userDeptIdList = storeUserService.getUserDeptList(userId) // 获取用户的机构ID信息 - val stageList = model.stages // 获取模板下镜像的机构信息 val modelImageDeptMap = storeDeptService.getTemplateImageDeptMap(stageList) // 获取每个模板下插件的机构信息 From c0a6cb58d4285784aaf6372826a09e86739e3d3b Mon Sep 17 00:00:00 2001 From: yjieliang Date: Mon, 28 Mar 2022 11:04:51 +0800 Subject: [PATCH 03/11] =?UTF-8?q?feat=EF=BC=9A=20json=E6=96=87=E4=BB=B6?= =?UTF-8?q?=E7=94=9F=E6=88=90=E7=9A=84=E6=B5=81=E6=B0=B4=E7=BA=BF=E8=87=AA?= =?UTF-8?q?=E5=8A=A8=E4=B8=8B=E8=BD=BD=E8=8C=83=E5=9B=B4=E5=8F=AF=E8=A7=81?= =?UTF-8?q?=E6=8F=92=E4=BB=B6=20#5939?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- .../store/resources/template/ServiceTemplateResourceImpl.kt | 6 +++++- 1 file changed, 5 insertions(+), 1 deletion(-) diff --git a/src/backend/ci/core/store/biz-store/src/main/kotlin/com/tencent/devops/store/resources/template/ServiceTemplateResourceImpl.kt b/src/backend/ci/core/store/biz-store/src/main/kotlin/com/tencent/devops/store/resources/template/ServiceTemplateResourceImpl.kt index fbb05815956..49fdd19d3a2 100644 --- a/src/backend/ci/core/store/biz-store/src/main/kotlin/com/tencent/devops/store/resources/template/ServiceTemplateResourceImpl.kt +++ b/src/backend/ci/core/store/biz-store/src/main/kotlin/com/tencent/devops/store/resources/template/ServiceTemplateResourceImpl.kt @@ -80,7 +80,11 @@ class ServiceTemplateResourceImpl @Autowired constructor( ) } - override fun validateModelComponentVisibleDept(userId: String, stageList: List, projectCode: String): Result { + override fun validateModelComponentVisibleDept( + userId: String, + stageList: List, + projectCode: String + ): Result { return marketTemplateService.verificationModelComponentVisibleDept(userId, stageList, projectCode) } } From f8f295c9df60512149ef04aed24edfe4ac3a5906 Mon Sep 17 00:00:00 2001 From: yjieliang Date: Mon, 28 Mar 2022 11:07:00 +0800 Subject: [PATCH 04/11] =?UTF-8?q?feat=EF=BC=9A=20json=E6=96=87=E4=BB=B6?= =?UTF-8?q?=E7=94=9F=E6=88=90=E7=9A=84=E6=B5=81=E6=B0=B4=E7=BA=BF=E8=87=AA?= =?UTF-8?q?=E5=8A=A8=E4=B8=8B=E8=BD=BD=E8=8C=83=E5=9B=B4=E5=8F=AF=E8=A7=81?= =?UTF-8?q?=E6=8F=92=E4=BB=B6=20#5939?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- .../store/resources/template/ServiceTemplateResourceImpl.kt | 1 - 1 file changed, 1 deletion(-) diff --git a/src/backend/ci/core/store/biz-store/src/main/kotlin/com/tencent/devops/store/resources/template/ServiceTemplateResourceImpl.kt b/src/backend/ci/core/store/biz-store/src/main/kotlin/com/tencent/devops/store/resources/template/ServiceTemplateResourceImpl.kt index 49fdd19d3a2..406b758f7c6 100644 --- a/src/backend/ci/core/store/biz-store/src/main/kotlin/com/tencent/devops/store/resources/template/ServiceTemplateResourceImpl.kt +++ b/src/backend/ci/core/store/biz-store/src/main/kotlin/com/tencent/devops/store/resources/template/ServiceTemplateResourceImpl.kt @@ -28,7 +28,6 @@ package com.tencent.devops.store.resources.template import com.tencent.devops.common.api.pojo.Result -import com.tencent.devops.common.pipeline.Model import com.tencent.devops.common.pipeline.enums.ChannelCode import com.tencent.devops.common.web.RestResource import com.tencent.devops.store.api.template.ServiceTemplateResource From 4e7a08141c00d546d6a5fcc4bb6a2af68a56b15b Mon Sep 17 00:00:00 2001 From: yjieliang Date: Mon, 28 Mar 2022 11:28:25 +0800 Subject: [PATCH 05/11] =?UTF-8?q?feat=EF=BC=9A=20json=E6=96=87=E4=BB=B6?= =?UTF-8?q?=E7=94=9F=E6=88=90=E7=9A=84=E6=B5=81=E6=B0=B4=E7=BA=BF=E8=87=AA?= =?UTF-8?q?=E5=8A=A8=E4=B8=8B=E8=BD=BD=E8=8C=83=E5=9B=B4=E5=8F=AF=E8=A7=81?= =?UTF-8?q?=E6=8F=92=E4=BB=B6=20#5939?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- .../store/resources/template/ServiceTemplateResourceImpl.kt | 1 + 1 file changed, 1 insertion(+) diff --git a/src/backend/ci/core/store/biz-store/src/main/kotlin/com/tencent/devops/store/resources/template/ServiceTemplateResourceImpl.kt b/src/backend/ci/core/store/biz-store/src/main/kotlin/com/tencent/devops/store/resources/template/ServiceTemplateResourceImpl.kt index 406b758f7c6..63ae817f42a 100644 --- a/src/backend/ci/core/store/biz-store/src/main/kotlin/com/tencent/devops/store/resources/template/ServiceTemplateResourceImpl.kt +++ b/src/backend/ci/core/store/biz-store/src/main/kotlin/com/tencent/devops/store/resources/template/ServiceTemplateResourceImpl.kt @@ -30,6 +30,7 @@ package com.tencent.devops.store.resources.template import com.tencent.devops.common.api.pojo.Result import com.tencent.devops.common.pipeline.enums.ChannelCode import com.tencent.devops.common.web.RestResource +import com.tencent.devops.common.pipeline.container.Stage import com.tencent.devops.store.api.template.ServiceTemplateResource import com.tencent.devops.store.pojo.template.InstallTemplateReq import com.tencent.devops.store.pojo.template.MarketTemplateResp From 683788c0557544bfa0885a6debdae8541860c817 Mon Sep 17 00:00:00 2001 From: yjieliang Date: Mon, 28 Mar 2022 15:50:36 +0800 Subject: [PATCH 06/11] =?UTF-8?q?feat=EF=BC=9A=20json=E6=96=87=E4=BB=B6?= =?UTF-8?q?=E7=94=9F=E6=88=90=E7=9A=84=E6=B5=81=E6=B0=B4=E7=BA=BF=E8=87=AA?= =?UTF-8?q?=E5=8A=A8=E4=B8=8B=E8=BD=BD=E8=8C=83=E5=9B=B4=E5=8F=AF=E8=A7=81?= =?UTF-8?q?=E6=8F=92=E4=BB=B6=20#5939?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- .../service/PipelineInfoFacadeService.kt | 2 +- .../api/template/ServiceTemplateResource.kt | 4 +- .../template/ServiceTemplateResourceImpl.kt | 11 ++++- .../service/template/MarketTemplateService.kt | 7 ++-- .../impl/MarketTemplateServiceImpl.kt | 42 ++++++++++++------- 5 files changed, 42 insertions(+), 24 deletions(-) diff --git a/src/backend/ci/core/process/biz-process/src/main/kotlin/com/tencent/devops/process/service/PipelineInfoFacadeService.kt b/src/backend/ci/core/process/biz-process/src/main/kotlin/com/tencent/devops/process/service/PipelineInfoFacadeService.kt index 40c0e999198..f40f0f995ab 100644 --- a/src/backend/ci/core/process/biz-process/src/main/kotlin/com/tencent/devops/process/service/PipelineInfoFacadeService.kt +++ b/src/backend/ci/core/process/biz-process/src/main/kotlin/com/tencent/devops/process/service/PipelineInfoFacadeService.kt @@ -149,7 +149,7 @@ class PipelineInfoFacadeService @Autowired constructor( val validateRet = client.get(ServiceTemplateResource::class) .validateModelComponentVisibleDept( userId = userId, - stageList = model.stages, + model = model, projectCode = projectId ) if (validateRet.isNotOk()) { diff --git a/src/backend/ci/core/store/api-store/src/main/kotlin/com/tencent/devops/store/api/template/ServiceTemplateResource.kt b/src/backend/ci/core/store/api-store/src/main/kotlin/com/tencent/devops/store/api/template/ServiceTemplateResource.kt index 53e4c786ad3..a3fd9739913 100644 --- a/src/backend/ci/core/store/api-store/src/main/kotlin/com/tencent/devops/store/api/template/ServiceTemplateResource.kt +++ b/src/backend/ci/core/store/api-store/src/main/kotlin/com/tencent/devops/store/api/template/ServiceTemplateResource.kt @@ -29,7 +29,7 @@ package com.tencent.devops.store.api.template import com.tencent.devops.common.api.auth.AUTH_HEADER_USER_ID import com.tencent.devops.common.api.pojo.Result -import com.tencent.devops.common.pipeline.container.Stage +import com.tencent.devops.common.pipeline.Model import com.tencent.devops.store.pojo.template.InstallTemplateReq import com.tencent.devops.store.pojo.template.MarketTemplateResp import io.swagger.annotations.Api @@ -96,7 +96,7 @@ interface ServiceTemplateResource { userId: String, @ApiParam("流水线模型-阶段", required = true) @Valid - stageList: List, + model: Model, @ApiParam("项目", required = true) @PathParam("projectCode") projectCode: String diff --git a/src/backend/ci/core/store/biz-store/src/main/kotlin/com/tencent/devops/store/resources/template/ServiceTemplateResourceImpl.kt b/src/backend/ci/core/store/biz-store/src/main/kotlin/com/tencent/devops/store/resources/template/ServiceTemplateResourceImpl.kt index 63ae817f42a..fedcb21c425 100644 --- a/src/backend/ci/core/store/biz-store/src/main/kotlin/com/tencent/devops/store/resources/template/ServiceTemplateResourceImpl.kt +++ b/src/backend/ci/core/store/biz-store/src/main/kotlin/com/tencent/devops/store/resources/template/ServiceTemplateResourceImpl.kt @@ -82,9 +82,16 @@ class ServiceTemplateResourceImpl @Autowired constructor( override fun validateModelComponentVisibleDept( userId: String, - stageList: List, + model: Model, projectCode: String ): Result { - return marketTemplateService.verificationModelComponentVisibleDept(userId, stageList, projectCode) + val projectCodeList = ArrayList() + projectCodeList.add(projectCode) + return marketTemplateService.verificationModelComponentVisibleDept( + userId = userId, + model = model, + projectCodeList = projectCodeList, + templateCode = null + ) } } diff --git a/src/backend/ci/core/store/biz-store/src/main/kotlin/com/tencent/devops/store/service/template/MarketTemplateService.kt b/src/backend/ci/core/store/biz-store/src/main/kotlin/com/tencent/devops/store/service/template/MarketTemplateService.kt index 524ae131700..e9b1bf90774 100644 --- a/src/backend/ci/core/store/biz-store/src/main/kotlin/com/tencent/devops/store/service/template/MarketTemplateService.kt +++ b/src/backend/ci/core/store/biz-store/src/main/kotlin/com/tencent/devops/store/service/template/MarketTemplateService.kt @@ -29,7 +29,7 @@ package com.tencent.devops.store.service.template import com.tencent.devops.common.api.pojo.Page import com.tencent.devops.common.api.pojo.Result -import com.tencent.devops.common.pipeline.container.Stage +import com.tencent.devops.common.pipeline.Model import com.tencent.devops.common.pipeline.enums.ChannelCode import com.tencent.devops.store.pojo.template.InstallTemplateReq import com.tencent.devops.store.pojo.template.MarketTemplateMain @@ -115,8 +115,9 @@ interface MarketTemplateService { */ fun verificationModelComponentVisibleDept( userId: String, - stageList: List, - projectCode: String + model: Model, + projectCodeList: ArrayList, + templateCode: String? ): Result /** diff --git a/src/backend/ci/core/store/biz-store/src/main/kotlin/com/tencent/devops/store/service/template/impl/MarketTemplateServiceImpl.kt b/src/backend/ci/core/store/biz-store/src/main/kotlin/com/tencent/devops/store/service/template/impl/MarketTemplateServiceImpl.kt index a74bf3fc9d5..38f18c622cc 100644 --- a/src/backend/ci/core/store/biz-store/src/main/kotlin/com/tencent/devops/store/service/template/impl/MarketTemplateServiceImpl.kt +++ b/src/backend/ci/core/store/biz-store/src/main/kotlin/com/tencent/devops/store/service/template/impl/MarketTemplateServiceImpl.kt @@ -672,12 +672,27 @@ abstract class MarketTemplateServiceImpl @Autowired constructor() : MarketTempla val templateDetail = templateDetailResult.data val templateModel = templateDetail?.templateModel ?: return MessageCodeUtil.generateResponseDataObject(CommonMessageCode.SYSTEM_ERROR) + return verificationModelComponentVisibleDept( + userId = userId, + model = templateModel, + projectCodeList = projectCodeList, + templateCode = templateCode + ) + } + + override fun verificationModelComponentVisibleDept( + userId: String, + model: Model, + projectCodeList: ArrayList, + templateCode: String? + ): Result { + val invalidImageList = mutableListOf() val invalidAtomList = mutableListOf() val needInstallImageMap = mutableMapOf() val needInstallAtomMap = mutableMapOf() val userDeptIdList = storeUserService.getUserDeptList(userId) // 获取用户的机构ID信息 - val stageList = templateModel.stages + val stageList = model.stages // 获取模板下镜像的机构信息 val templateImageDeptMap = storeDeptService.getTemplateImageDeptMap(stageList) // 获取每个模板下插件的机构信息 @@ -739,22 +754,17 @@ abstract class MarketTemplateServiceImpl @Autowired constructor() : MarketTempla params = arrayOf(JsonUtil.toJson(invalidAtomList)) ) } - val validateTempleAtomVisibleResult = validateTemplateVisibleDept( - templateCode = templateDetail.templateCode, - templateModel = templateModel, - validImageCodes = validImageCodes, - validAtomCodes = validAtomCodes - ) - if (validateTempleAtomVisibleResult.isNotOk()) { - return validateTempleAtomVisibleResult + if (!templateCode.isNullOrBlank()) { + val validateTempleAtomVisibleResult = validateTemplateVisibleDept( + templateCode = templateCode, + templateModel = model, + validImageCodes = validImageCodes, + validAtomCodes = validAtomCodes + ) + if (validateTempleAtomVisibleResult.isNotOk()) { + return validateTempleAtomVisibleResult + } } - // 安装镜像 - installStoreComponent(needInstallImageMap, userId, projectCode, StoreTypeEnum.IMAGE) - // 安装插件 - installStoreComponent(needInstallAtomMap, userId, projectCode, StoreTypeEnum.ATOM) - } - return Result(data = true) - } override fun verificationModelComponentVisibleDept(userId: String, stageList: List, projectCode: String): Result { val invalidImageList = mutableListOf() From a74733f51fdb150276cc4bcbd5cee53b832c68ac Mon Sep 17 00:00:00 2001 From: yjieliang Date: Mon, 28 Mar 2022 15:56:00 +0800 Subject: [PATCH 07/11] =?UTF-8?q?feat=EF=BC=9A=20json=E6=96=87=E4=BB=B6?= =?UTF-8?q?=E7=94=9F=E6=88=90=E7=9A=84=E6=B5=81=E6=B0=B4=E7=BA=BF=E8=87=AA?= =?UTF-8?q?=E5=8A=A8=E4=B8=8B=E8=BD=BD=E8=8C=83=E5=9B=B4=E5=8F=AF=E8=A7=81?= =?UTF-8?q?=E6=8F=92=E4=BB=B6=20#5939?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- .../template/ServiceTemplateResourceImpl.kt | 1 - .../impl/MarketTemplateServiceImpl.kt | 64 ------------------- 2 files changed, 65 deletions(-) diff --git a/src/backend/ci/core/store/biz-store/src/main/kotlin/com/tencent/devops/store/resources/template/ServiceTemplateResourceImpl.kt b/src/backend/ci/core/store/biz-store/src/main/kotlin/com/tencent/devops/store/resources/template/ServiceTemplateResourceImpl.kt index fedcb21c425..68e372b2f52 100644 --- a/src/backend/ci/core/store/biz-store/src/main/kotlin/com/tencent/devops/store/resources/template/ServiceTemplateResourceImpl.kt +++ b/src/backend/ci/core/store/biz-store/src/main/kotlin/com/tencent/devops/store/resources/template/ServiceTemplateResourceImpl.kt @@ -30,7 +30,6 @@ package com.tencent.devops.store.resources.template import com.tencent.devops.common.api.pojo.Result import com.tencent.devops.common.pipeline.enums.ChannelCode import com.tencent.devops.common.web.RestResource -import com.tencent.devops.common.pipeline.container.Stage import com.tencent.devops.store.api.template.ServiceTemplateResource import com.tencent.devops.store.pojo.template.InstallTemplateReq import com.tencent.devops.store.pojo.template.MarketTemplateResp diff --git a/src/backend/ci/core/store/biz-store/src/main/kotlin/com/tencent/devops/store/service/template/impl/MarketTemplateServiceImpl.kt b/src/backend/ci/core/store/biz-store/src/main/kotlin/com/tencent/devops/store/service/template/impl/MarketTemplateServiceImpl.kt index 38f18c622cc..e6b17009c65 100644 --- a/src/backend/ci/core/store/biz-store/src/main/kotlin/com/tencent/devops/store/service/template/impl/MarketTemplateServiceImpl.kt +++ b/src/backend/ci/core/store/biz-store/src/main/kotlin/com/tencent/devops/store/service/template/impl/MarketTemplateServiceImpl.kt @@ -766,70 +766,6 @@ abstract class MarketTemplateServiceImpl @Autowired constructor() : MarketTempla } } - override fun verificationModelComponentVisibleDept(userId: String, stageList: List, projectCode: String): Result { - val invalidImageList = mutableListOf() - val invalidAtomList = mutableListOf() - val needInstallImageMap = mutableMapOf() - val needInstallAtomMap = mutableMapOf() - val userDeptIdList = storeUserService.getUserDeptList(userId) // 获取用户的机构ID信息 - // 获取模板下镜像的机构信息 - val modelImageDeptMap = storeDeptService.getTemplateImageDeptMap(stageList) - // 获取每个模板下插件的机构信息 - val modelAtomDeptMap = storeDeptService.getTemplateAtomDeptMap(stageList) - // 获取可用的镜像标识列表 - val validImageCodes = getValidStoreCodes( - projectCode = projectCode, - storeCodes = modelImageDeptMap.keys, - storeType = StoreTypeEnum.IMAGE - ) - // 获取可用的插件标识列表 - val validAtomCodes = getValidStoreCodes( - projectCode = projectCode, - storeCodes = modelAtomDeptMap.keys, - storeType = StoreTypeEnum.ATOM - ) - stageList.forEach { stage -> - val containerList = stage.containers - containerList.forEach { container -> - // 判断用户的组织架构是否在镜像的可见范围之内 - validateUserImageVisible( - container = container, - templateImageDeptMap = modelImageDeptMap, - userId = userId, - userDeptIdList = userDeptIdList, - validImageCodes = validImageCodes, - invalidImageList = invalidImageList, - needInstallImageMap = needInstallImageMap - ) - val elementList = container.elements - elementList.forEach { element -> - // 判断用户的组织架构是否在插件的可见范围之内 - validateUserAtomVisible( - element = element, - userId = userId, - userDeptIdList = userDeptIdList, - templateAtomDeptMap = modelAtomDeptMap, - validAtomCodes = validAtomCodes, - invalidAtomList = invalidAtomList, - needInstallAtomMap = needInstallAtomMap - ) - } - } - if (invalidImageList.isNotEmpty()) { - // 存在用户不在镜像的可见范围内的镜像,给出错误提示 - throw ErrorCodeException( - errorCode = StoreMessageCode.USER_IMAGE_PROJECT_IS_INVALID, - params = arrayOf(JsonUtil.toJson(invalidImageList), projectCode) - ) - } - logger.info("validateModelComponentVisibleDept invalidAtomList:$invalidAtomList") - if (invalidAtomList.isNotEmpty()) { - // 存在用户不在插件的可见范围内的插件,给出错误提示 - throw ErrorCodeException( - errorCode = StoreMessageCode.USER_ATOM_VISIBLE_DEPT_IS_INVALID, - params = arrayOf(JsonUtil.toJson(invalidAtomList)) - ) - } // 安装镜像 installStoreComponent(needInstallImageMap, userId, projectCode, StoreTypeEnum.IMAGE) // 安装插件 From 8d11e92e1aaabc47b1e2da60fe79a916484ab8a0 Mon Sep 17 00:00:00 2001 From: yjieliang Date: Mon, 28 Mar 2022 15:56:48 +0800 Subject: [PATCH 08/11] =?UTF-8?q?feat=EF=BC=9A=20json=E6=96=87=E4=BB=B6?= =?UTF-8?q?=E7=94=9F=E6=88=90=E7=9A=84=E6=B5=81=E6=B0=B4=E7=BA=BF=E8=87=AA?= =?UTF-8?q?=E5=8A=A8=E4=B8=8B=E8=BD=BD=E8=8C=83=E5=9B=B4=E5=8F=AF=E8=A7=81?= =?UTF-8?q?=E6=8F=92=E4=BB=B6=20#5939?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- .../store/service/template/impl/MarketTemplateServiceImpl.kt | 1 - 1 file changed, 1 deletion(-) diff --git a/src/backend/ci/core/store/biz-store/src/main/kotlin/com/tencent/devops/store/service/template/impl/MarketTemplateServiceImpl.kt b/src/backend/ci/core/store/biz-store/src/main/kotlin/com/tencent/devops/store/service/template/impl/MarketTemplateServiceImpl.kt index e6b17009c65..63cf983b5bd 100644 --- a/src/backend/ci/core/store/biz-store/src/main/kotlin/com/tencent/devops/store/service/template/impl/MarketTemplateServiceImpl.kt +++ b/src/backend/ci/core/store/biz-store/src/main/kotlin/com/tencent/devops/store/service/template/impl/MarketTemplateServiceImpl.kt @@ -41,7 +41,6 @@ import com.tencent.devops.common.api.util.timestampmilli import com.tencent.devops.common.client.Client import com.tencent.devops.common.pipeline.Model import com.tencent.devops.common.pipeline.container.Container -import com.tencent.devops.common.pipeline.container.Stage import com.tencent.devops.common.pipeline.container.VMBuildContainer import com.tencent.devops.common.pipeline.enums.ChannelCode import com.tencent.devops.common.pipeline.pojo.element.Element From 714d2939ab516ce766ad83d59d6cdcdd49c77823 Mon Sep 17 00:00:00 2001 From: yjieliang Date: Mon, 28 Mar 2022 16:05:17 +0800 Subject: [PATCH 09/11] =?UTF-8?q?feat=EF=BC=9A=20json=E6=96=87=E4=BB=B6?= =?UTF-8?q?=E7=94=9F=E6=88=90=E7=9A=84=E6=B5=81=E6=B0=B4=E7=BA=BF=E8=87=AA?= =?UTF-8?q?=E5=8A=A8=E4=B8=8B=E8=BD=BD=E8=8C=83=E5=9B=B4=E5=8F=AF=E8=A7=81?= =?UTF-8?q?=E6=8F=92=E4=BB=B6=20#5939?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- .../store/resources/template/ServiceTemplateResourceImpl.kt | 1 + 1 file changed, 1 insertion(+) diff --git a/src/backend/ci/core/store/biz-store/src/main/kotlin/com/tencent/devops/store/resources/template/ServiceTemplateResourceImpl.kt b/src/backend/ci/core/store/biz-store/src/main/kotlin/com/tencent/devops/store/resources/template/ServiceTemplateResourceImpl.kt index 68e372b2f52..119f49fcbf4 100644 --- a/src/backend/ci/core/store/biz-store/src/main/kotlin/com/tencent/devops/store/resources/template/ServiceTemplateResourceImpl.kt +++ b/src/backend/ci/core/store/biz-store/src/main/kotlin/com/tencent/devops/store/resources/template/ServiceTemplateResourceImpl.kt @@ -28,6 +28,7 @@ package com.tencent.devops.store.resources.template import com.tencent.devops.common.api.pojo.Result +import com.tencent.devops.common.pipeline.Model import com.tencent.devops.common.pipeline.enums.ChannelCode import com.tencent.devops.common.web.RestResource import com.tencent.devops.store.api.template.ServiceTemplateResource From d8de8a7b87cf1205dc40931ba7d0abf70aac0ae6 Mon Sep 17 00:00:00 2001 From: yjieliang Date: Wed, 30 Mar 2022 14:54:56 +0800 Subject: [PATCH 10/11] =?UTF-8?q?feat=EF=BC=9A=20json=E6=96=87=E4=BB=B6?= =?UTF-8?q?=E7=94=9F=E6=88=90=E7=9A=84=E6=B5=81=E6=B0=B4=E7=BA=BF=E8=87=AA?= =?UTF-8?q?=E5=8A=A8=E4=B8=8B=E8=BD=BD=E8=8C=83=E5=9B=B4=E5=8F=AF=E8=A7=81?= =?UTF-8?q?=E6=8F=92=E4=BB=B6=20#5939?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- .../store/resources/template/ServiceTemplateResourceImpl.kt | 3 +-- .../devops/store/service/template/MarketTemplateService.kt | 2 +- 2 files changed, 2 insertions(+), 3 deletions(-) diff --git a/src/backend/ci/core/store/biz-store/src/main/kotlin/com/tencent/devops/store/resources/template/ServiceTemplateResourceImpl.kt b/src/backend/ci/core/store/biz-store/src/main/kotlin/com/tencent/devops/store/resources/template/ServiceTemplateResourceImpl.kt index 119f49fcbf4..4bf72483b32 100644 --- a/src/backend/ci/core/store/biz-store/src/main/kotlin/com/tencent/devops/store/resources/template/ServiceTemplateResourceImpl.kt +++ b/src/backend/ci/core/store/biz-store/src/main/kotlin/com/tencent/devops/store/resources/template/ServiceTemplateResourceImpl.kt @@ -90,8 +90,7 @@ class ServiceTemplateResourceImpl @Autowired constructor( return marketTemplateService.verificationModelComponentVisibleDept( userId = userId, model = model, - projectCodeList = projectCodeList, - templateCode = null + projectCodeList = projectCodeList ) } } diff --git a/src/backend/ci/core/store/biz-store/src/main/kotlin/com/tencent/devops/store/service/template/MarketTemplateService.kt b/src/backend/ci/core/store/biz-store/src/main/kotlin/com/tencent/devops/store/service/template/MarketTemplateService.kt index e9b1bf90774..80ce93fe203 100644 --- a/src/backend/ci/core/store/biz-store/src/main/kotlin/com/tencent/devops/store/service/template/MarketTemplateService.kt +++ b/src/backend/ci/core/store/biz-store/src/main/kotlin/com/tencent/devops/store/service/template/MarketTemplateService.kt @@ -117,7 +117,7 @@ interface MarketTemplateService { userId: String, model: Model, projectCodeList: ArrayList, - templateCode: String? + templateCode: String? = null ): Result /** From 129187e52c8cf2879b390af98510ceb125b058ae Mon Sep 17 00:00:00 2001 From: yjieliang Date: Fri, 8 Apr 2022 11:27:46 +0800 Subject: [PATCH 11/11] =?UTF-8?q?feat=EF=BC=9A=20json=E6=96=87=E4=BB=B6?= =?UTF-8?q?=E7=94=9F=E6=88=90=E7=9A=84=E6=B5=81=E6=B0=B4=E7=BA=BF=E8=87=AA?= =?UTF-8?q?=E5=8A=A8=E4=B8=8B=E8=BD=BD=E8=8C=83=E5=9B=B4=E5=8F=AF=E8=A7=81?= =?UTF-8?q?=E6=8F=92=E4=BB=B6=20#5939?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- .../devops/process/service/PipelineInfoFacadeService.kt | 5 ++++- 1 file changed, 4 insertions(+), 1 deletion(-) diff --git a/src/backend/ci/core/process/biz-process/src/main/kotlin/com/tencent/devops/process/service/PipelineInfoFacadeService.kt b/src/backend/ci/core/process/biz-process/src/main/kotlin/com/tencent/devops/process/service/PipelineInfoFacadeService.kt index f40f0f995ab..9deb4247807 100644 --- a/src/backend/ci/core/process/biz-process/src/main/kotlin/com/tencent/devops/process/service/PipelineInfoFacadeService.kt +++ b/src/backend/ci/core/process/biz-process/src/main/kotlin/com/tencent/devops/process/service/PipelineInfoFacadeService.kt @@ -153,7 +153,10 @@ class PipelineInfoFacadeService @Autowired constructor( projectCode = projectId ) if (validateRet.isNotOk()) { - throw OperationException(validateRet.message ?: "模版下存在无权限的组件") + throw ErrorCodeException( + errorCode = validateRet.status.toString(), + defaultMessage = validateRet.message + ) } } val newPipelineId = createPipeline(