Skip to content

Commit

Permalink
feat:支持管理员查看项目成员 TencentBlueKing#9620
Browse files Browse the repository at this point in the history
  • Loading branch information
fcfang123 committed Jun 6, 2024
1 parent 7ad1488 commit d1330c3
Show file tree
Hide file tree
Showing 17 changed files with 515 additions and 26 deletions.
Original file line number Diff line number Diff line change
Expand Up @@ -28,11 +28,15 @@

package com.tencent.devops.auth.api.user

import com.tencent.bk.sdk.iam.constants.ManagerScopesEnum
import com.tencent.devops.auth.pojo.dto.GroupMemberRenewalDTO
import com.tencent.devops.auth.pojo.dto.RenameGroupDTO
import com.tencent.devops.auth.pojo.vo.GroupDetailsInfoVo
import com.tencent.devops.auth.pojo.vo.MemberGroupCountWithPermissionsVo
import com.tencent.devops.auth.pojo.vo.IamGroupPoliciesVo
import com.tencent.devops.common.api.annotation.BkInterfaceI18n
import com.tencent.devops.common.api.auth.AUTH_HEADER_USER_ID
import com.tencent.devops.common.api.pojo.Pagination
import com.tencent.devops.common.api.pojo.Result
import io.swagger.v3.oas.annotations.tags.Tag
import io.swagger.v3.oas.annotations.Operation
Expand All @@ -45,16 +49,18 @@ import javax.ws.rs.PUT
import javax.ws.rs.Path
import javax.ws.rs.PathParam
import javax.ws.rs.Produces
import javax.ws.rs.QueryParam
import javax.ws.rs.core.MediaType

@Tag(name = "AUTH_RESOURCE_GROUP", description = "用户态-iam用户组")
@Path("/user/auth/resource/group/{projectId}/{resourceType}")
@Path("/user/auth/resource/group/{projectId}/")
@Produces(MediaType.APPLICATION_JSON)
@Consumes(MediaType.APPLICATION_JSON)
@Suppress("LongParameterList")
interface UserAuthResourceGroupResource {

@GET
@Path("{groupId}/groupPolicies")
@Path("{resourceType}/{groupId}/groupPolicies")
@Operation(summary = "获取组策略详情")
@BkInterfaceI18n(keyPrefixNames = ["{data[*].action}"])
fun getGroupPolicies(
Expand All @@ -72,9 +78,52 @@ interface UserAuthResourceGroupResource {
groupId: Int
): Result<List<IamGroupPoliciesVo>>

@GET
@Path("/getMemberGroupCountWithPermissions")
@Operation(summary = "获取项目成员有权限的用户组数量--以资源类型进行分类")
fun getMemberGroupCountWithPermissions(
@Parameter(description = "用户名", required = true)
@HeaderParam(AUTH_HEADER_USER_ID)
userId: String,
@Parameter(description = "项目ID", required = true)
@PathParam("projectId")
projectId: String,
@QueryParam("type")
@Parameter(description = "成员类型")
type: ManagerScopesEnum,
@QueryParam("member")
@Parameter(description = "组织ID/成员ID")
member: String
): Result<List<MemberGroupCountWithPermissionsVo>>

@GET
@Path("{resourceType}/getMemberGroupsWithPermissions/{offset}/{limit}")
@Operation(summary = "获取项目成员有权限的用户组")
fun getMemberGroupsWithPermissions(
@Parameter(description = "用户名", required = true)
@HeaderParam(AUTH_HEADER_USER_ID)
userId: String,
@Parameter(description = "项目ID", required = true)
@PathParam("projectId")
projectId: String,
@Parameter(description = "资源类型")
@PathParam("resourceType")
resourceType: String,
@QueryParam("member")
@Parameter(description = "组织ID/成员ID")
member: String,
@Parameter(description = "资源类型")
@PathParam("offset")
offset: Int,
@Parameter(description = "资源类型")
@PathParam("limit")
limit: Int
): Result<Pagination<GroupDetailsInfoVo>>

//todo 改造一下,注意该接口发生变化,需要前端配合修改
@PUT
@Path("{groupId}/member/renewal")
@Operation(summary = "用户续期")
@Path("{resourceType}/member/renewal")
@Operation(summary = "用户主动发起续期--需进行审批")
fun renewal(
@Parameter(description = "用户名", required = true)
@HeaderParam(AUTH_HEADER_USER_ID)
Expand All @@ -85,14 +134,12 @@ interface UserAuthResourceGroupResource {
@Parameter(description = "资源类型")
@PathParam("resourceType")
resourceType: String,
@Parameter(description = "用户组Id")
@PathParam("groupId")
groupId: Int,
@Parameter(description = "续期请求实体")
memberRenewalDTO: GroupMemberRenewalDTO
): Result<Boolean>

@DELETE
@Path("{groupId}/member")
@Path("{resourceType}/{groupId}/member")
@Operation(summary = "用户退出")
fun deleteMember(
@Parameter(description = "用户名", required = true)
Expand All @@ -110,7 +157,7 @@ interface UserAuthResourceGroupResource {
): Result<Boolean>

@DELETE
@Path("{groupId}")
@Path("{resourceType}/{groupId}")
@Operation(summary = "删除组")
fun deleteGroup(
@Parameter(description = "用户名", required = true)
Expand All @@ -128,7 +175,7 @@ interface UserAuthResourceGroupResource {
): Result<Boolean>

@PUT
@Path("{groupId}/rename")
@Path("{resourceType}/{groupId}/rename")
@Operation(summary = "重命名组")
fun rename(
@Parameter(description = "用户名", required = true)
Expand Down
Original file line number Diff line number Diff line change
@@ -0,0 +1,113 @@
package com.tencent.devops.auth.api.user

import com.tencent.bk.sdk.iam.constants.ManagerScopesEnum
import com.tencent.devops.auth.pojo.MemberInfo
import com.tencent.devops.auth.pojo.dto.GroupMemberHandoverDTO
import com.tencent.devops.auth.pojo.dto.GroupMemberRemoveDTO
import com.tencent.devops.auth.pojo.dto.GroupMemberRenewalDTO
import com.tencent.devops.common.api.auth.AUTH_HEADER_USER_ID
import com.tencent.devops.common.api.pojo.Pagination
import com.tencent.devops.common.api.pojo.Result
import io.swagger.v3.oas.annotations.Operation
import io.swagger.v3.oas.annotations.Parameter
import io.swagger.v3.oas.annotations.tags.Tag
import javax.ws.rs.Consumes
import javax.ws.rs.DELETE
import javax.ws.rs.GET
import javax.ws.rs.HeaderParam
import javax.ws.rs.PUT
import javax.ws.rs.Path
import javax.ws.rs.PathParam
import javax.ws.rs.Produces
import javax.ws.rs.QueryParam
import javax.ws.rs.core.MediaType

@Tag(name = "AUTH_RESOURCE_MEMBER", description = "用户态-iam用户")
@Path("/user/auth/resource/member/{projectId}/")
@Produces(MediaType.APPLICATION_JSON)
@Consumes(MediaType.APPLICATION_JSON)
interface UserAuthResourceMemberResource {
@GET
@Path("/listProjectMembers")
@Operation(summary = "获取项目下全体成员")
@Suppress("LongParameterList")
fun listProjectMembers(
@Parameter(description = "用户名", required = true)
@HeaderParam(AUTH_HEADER_USER_ID)
userId: String,
@Parameter(description = "项目ID", required = true)
@PathParam("projectId")
projectId: String,
@Parameter(description = "用户名称搜索")
@QueryParam("userName")
userName: String?,
@Parameter(description = "组织搜索")
@QueryParam("userName")
deptName: String?,
@Parameter(description = "第几页")
@QueryParam("page")
page: Int,
@Parameter(description = "每页多少条")
@QueryParam("pageSize")
pageSize: Int
): Result<Pagination<MemberInfo>>

@PUT
@Path("/batch/renewal")
@Operation(summary = "批量续期组成员权限--无需进行审批")
fun batchRenewalGroupMembers(
@Parameter(description = "用户名", required = true)
@HeaderParam(AUTH_HEADER_USER_ID)
userId: String,
@Parameter(description = "项目ID", required = true)
@PathParam("projectId")
projectId: String,
@Parameter(description = "批量续期成员请求实体")
batchRenewalMemberDTO: List<GroupMemberRenewalDTO>
): Result<Boolean>

@DELETE
@Path("/batch/remove")
@Operation(summary = "批量移除用户组成员")
fun batchRemoveGroupMembers(
@Parameter(description = "用户名", required = true)
@HeaderParam(AUTH_HEADER_USER_ID)
userId: String,
@Parameter(description = "项目ID", required = true)
@PathParam("projectId")
projectId: String,
@Parameter(description = "批量移除成员请求实体")
batchRemoveMemberDTO: List<GroupMemberRemoveDTO>
): Result<Boolean>

@DELETE
@Path("/batch/handover")
@Operation(summary = "批量交接用户组成员")
fun batchHandoverGroupMembers(
@Parameter(description = "用户名", required = true)
@HeaderParam(AUTH_HEADER_USER_ID)
userId: String,
@Parameter(description = "项目ID", required = true)
@PathParam("projectId")
projectId: String,
@Parameter(description = "批量交接成员请求实体")
batchHandoverMemberDTO: List<GroupMemberHandoverDTO>
): Result<Boolean>

@DELETE
@Path("/removeMemberFromProject")
fun removeMemberFromProject(
@Parameter(description = "用户名", required = true)
@HeaderParam(AUTH_HEADER_USER_ID)
userId: String,
@Parameter(description = "项目ID", required = true)
@PathParam("projectId")
projectId: String,
@QueryParam("type")
@Parameter(description = "成员类型")
type: ManagerScopesEnum,
@QueryParam("member")
@Parameter(description = "组织ID/成员ID")
member: String
): Result<List<String>?>
}
Original file line number Diff line number Diff line change
@@ -1,5 +1,6 @@
package com.tencent.devops.auth.pojo

import com.tencent.bk.sdk.iam.constants.ManagerScopesEnum
import io.swagger.v3.oas.annotations.media.Schema

@Schema(title = "成员信息")
Expand All @@ -8,6 +9,6 @@ data class MemberInfo(
val id: String,
@get:Schema(title = "成员名称")
val name: String,
@get:Schema(title = "成员类别")
val type: String
@get:Schema(title = "成员类型")
val type: ManagerScopesEnum
)
Original file line number Diff line number Diff line change
@@ -0,0 +1,40 @@
/*
* Tencent is pleased to support the open source community by making BK-CI 蓝鲸持续集成平台 available.
*
* Copyright (C) 2019 THL A29 Limited, a Tencent company. All rights reserved.
*
* BK-CI 蓝鲸持续集成平台 is licensed under the MIT license.
*
* A copy of the MIT License is included in this file.
*
*
* Terms of the MIT License:
* ---------------------------------------------------
* Permission is hereby granted, free of charge, to any person obtaining a copy of this software and associated
* documentation files (the "Software"), to deal in the Software without restriction, including without limitation the
* rights to use, copy, modify, merge, publish, distribute, sublicense, and/or sell copies of the Software, and to
* permit persons to whom the Software is furnished to do so, subject to the following conditions:
*
* The above copyright notice and this permission notice shall be included in all copies or substantial portions of
* the Software.
*
* THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR IMPLIED, INCLUDING BUT NOT
* LIMITED TO THE WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN
* NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY,
* WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION WITH THE
* SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.
*/

package com.tencent.devops.auth.pojo.dto

import io.swagger.v3.oas.annotations.media.Schema

@Schema(title = "用户组成员交接")
data class GroupMemberHandoverDTO(
@get:Schema(title = "组ID")
val groupId: Int,
@get:Schema(title = "交接人")
val handoverFrom: String,
@get:Schema(title = "授予人")
val handoverTo: String
)
Original file line number Diff line number Diff line change
@@ -0,0 +1,38 @@
/*
* Tencent is pleased to support the open source community by making BK-CI 蓝鲸持续集成平台 available.
*
* Copyright (C) 2019 THL A29 Limited, a Tencent company. All rights reserved.
*
* BK-CI 蓝鲸持续集成平台 is licensed under the MIT license.
*
* A copy of the MIT License is included in this file.
*
*
* Terms of the MIT License:
* ---------------------------------------------------
* Permission is hereby granted, free of charge, to any person obtaining a copy of this software and associated
* documentation files (the "Software"), to deal in the Software without restriction, including without limitation the
* rights to use, copy, modify, merge, publish, distribute, sublicense, and/or sell copies of the Software, and to
* permit persons to whom the Software is furnished to do so, subject to the following conditions:
*
* The above copyright notice and this permission notice shall be included in all copies or substantial portions of
* the Software.
*
* THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR IMPLIED, INCLUDING BUT NOT
* LIMITED TO THE WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN
* NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY,
* WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION WITH THE
* SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.
*/

package com.tencent.devops.auth.pojo.dto

import io.swagger.v3.oas.annotations.media.Schema

@Schema(title = "用户组成员移除")
data class GroupMemberRemoveDTO(
@get:Schema(title = "组成员")
val member: String,
@get:Schema(title = "组ID")
val groupId: Int
)
Original file line number Diff line number Diff line change
Expand Up @@ -31,6 +31,10 @@ import io.swagger.v3.oas.annotations.media.Schema

@Schema(title = "用户组成员续期")
data class GroupMemberRenewalDTO(
@get:Schema(title = "过期时间戳(单位秒),即用户或部门在 expired_at 后将不具有该用户组的相关权限")
@get:Schema(title = "组成员")
val member: String,
@get:Schema(title = "组ID")
val groupId: Int,
@get:Schema(title = "过期时间戳(单位秒)")
val expiredAt: Long
)
Original file line number Diff line number Diff line change
@@ -0,0 +1,36 @@
/*
* Tencent is pleased to support the open source community by making BK-CI 蓝鲸持续集成平台 available.
*
* Copyright (C) 2019 THL A29 Limited, a Tencent company. All rights reserved.
*
* BK-CI 蓝鲸持续集成平台 is licensed under the MIT license.
*
* A copy of the MIT License is included in this file.
*
*
* Terms of the MIT License:
* ---------------------------------------------------
* Permission is hereby granted, free of charge, to any person obtaining a copy of this software and associated
* documentation files (the "Software"), to deal in the Software without restriction, including without limitation the
* rights to use, copy, modify, merge, publish, distribute, sublicense, and/or sell copies of the Software, and to
* permit persons to whom the Software is furnished to do so, subject to the following conditions:
*
* The above copyright notice and this permission notice shall be included in all copies or substantial portions of
* the Software.
*
* THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR IMPLIED, INCLUDING BUT NOT
* LIMITED TO THE WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN
* NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY,
* WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION WITH THE
* SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.
*/

package com.tencent.devops.auth.pojo.enum

enum class JoinedType {
// 直接加入
DIRECT,

// 通过模板加入
TEMPLATE
}
Loading

0 comments on commit d1330c3

Please sign in to comment.