Skip to content

Commit

Permalink
feat:前端开启蓝鲸权限校验迁移 TencentBlueKing#2703
Browse files Browse the repository at this point in the history 
* feat:前端开启蓝鲸权限校验迁移 TencentBlueKing#2703

* feat:前端开启蓝鲸权限校验迁移 TencentBlueKing#2703
  • Loading branch information
@lannoy0523
lannoy0523 authored Oct 28, 2024
1 parent 8173632 commit 0dc8afd
Show file tree
Hide file tree
Showing 4 changed files with 72 additions and 99 deletions.
6 changes: 0 additions & 6 deletions src/frontend/devops-repository/src/store/actions/permission.js
View file
Original file line number Diff line number Diff line change
Expand Up @@ -257,12 +257,6 @@ export default {
`${authPrefix}/user/auth/bkiamv3/project/refresh/${projectId}`
)
},
// 判断蓝鲸权限是否开启
getIamPermissionStatus () {
return Vue.prototype.$ajax.get(
`${authPrefix}/user/auth/bkiamv3/status`
)
},
// 创建项目用户
createProjectUser (_, { body }) {
return Vue.prototype.$ajax.post(
Expand Down
81 changes: 25 additions & 56 deletions src/frontend/devops-repository/src/views/repoConfig/controlConfig/index.vue
View file
Original file line number Diff line number Diff line change
Expand Up @@ -9,32 +9,37 @@
</card-radio-group>
</bk-form-item>
<template v-if="(repoType === 'generic' || repoType === 'ddc') && repoName !== 'pipeline'">
<bk-form-item v-for="type in genericInterceptorsList" :key="type"
<bk-form-item
v-for="type in genericInterceptorsList" :key="type"
:label="$t(`${type}Download`)" :property="`${type}.enable`">
<bk-radio-group v-model="controlConfigs[type].enable">
<bk-radio class="mr20" :value="true">{{ $t('enable') }}</bk-radio>
<bk-radio :value="false">{{ $t('disable') }}</bk-radio>
</bk-radio-group>
<template v-if="controlConfigs[type].enable && ['mobile', 'web'].includes(type)">
<bk-form-item :label="$t('fileName')" :label-width="80" class="mt10"
<bk-form-item
:label="$t('fileName')" :label-width="80" class="mt10"
:property="`${type}.filename`" required error-display-type="normal">
<bk-input class="w250" v-model.trim="controlConfigs[type].filename"></bk-input>
<i class="bk-icon icon-info f14 ml5" v-bk-tooltips="$t('fileNameRule')"></i>
</bk-form-item>
<bk-form-item :label="$t('metadata')" :label-width="80"
<bk-form-item
:label="$t('metadata')" :label-width="80"
:property="`${type}.metadata`" required error-display-type="normal">
<bk-input class="w250" v-model.trim="controlConfigs[type].metadata" :placeholder="$t('metadataRule')"></bk-input>
<a class="f12 ml5" href="https://bk.tencent.com/docs/markdown/ZH/Devops/2.0/UserGuide/Services/Artifactory/meta.md" target="__blank">{{ $t('viewMetadataDocument') }}</a>
</bk-form-item>
</template>
<template v-if="controlConfigs[type].enable && type === 'ip_segment'">
<bk-form-item :label="$t('IP')" :label-width="150" class="mt10"
<bk-form-item
:label="$t('IP')" :label-width="150" class="mt10"
:property="`${type}.ipSegment`" :required="!controlConfigs[type].officeNetwork" error-display-type="normal">
<bk-input class="w250 mr10" v-model.trim="controlConfigs[type].ipSegment" :placeholder="$t('ipPlaceholder')" :maxlength="4096"></bk-input>
<bk-checkbox v-model="controlConfigs[type].officeNetwork">{{ $t('office_networkDownload') }}</bk-checkbox>
<i class="bk-icon icon-info f14 ml5" v-bk-tooltips="$t('office_networkDownloadTips')"></i>
</bk-form-item>
<bk-form-item :label="$t('whiteUser')" :label-width="150"
<bk-form-item
:label="$t('whiteUser')" :label-width="150"
:property="`${type}.whitelistUser`" error-display-type="normal">
<bk-input class="w250" v-model.trim="controlConfigs[type].whitelistUser" :placeholder="$t('whiteUserPlaceholder')"></bk-input>
</bk-form-item>
Expand All @@ -49,7 +54,8 @@
:multiple="true"
searchable
:placeholder="$t('controlConfigPlaceholder')">
<bk-option v-for="option in roleList"
<bk-option
v-for="option in roleList"
:key="option.id"
:id="option.id"
:name="option.name">
Expand All @@ -62,18 +68,16 @@
<bk-button theme="primary" @click="save()">{{$t('save')}}</bk-button>
</bk-form-item>
</bk-form>
<add-user-dialog ref="addUserDialog" :visible.sync="showAddUserDialog" @complete="handleAddUsers"></add-user-dialog>
</div>
</template>
<script>
import { mapActions } from 'vuex'
import AddUserDialog from '@repository/components/AddUserDialog/addUserDialog'
import { specialRepoEnum } from '@repository/store/publicEnum'
import CardRadioGroup from '@repository/components/CardRadioGroup'
import { specialRepoEnum } from '@/store/publicEnum'
export default {
name: 'controlConfig',
components: { CardRadioGroup, AddUserDialog },
name: 'ControlConfig',
components: { CardRadioGroup },
props: {
baseData: Object
},
Expand Down Expand Up @@ -116,6 +120,7 @@
}
]
return {
specialRepoEnum,
rootDirectoryPermission: '',
controlConfigs: {
mobile: {
Expand All @@ -136,11 +141,11 @@
}
},
blackList: [],
showAddUserDialog: false,
filenameRule,
metadataRule,
ipSegmentRule,
roleList: []
roleList: [],
authMode: undefined
}
},
computed: {
Expand Down Expand Up @@ -183,19 +188,19 @@
set (val) {
if (val === 'public') {
this.$emit('showPermissionConfigTab', false)
this.baseData.public = true
this.controlConfigs.public = true
this.rootDirectoryPermission = null
} else if (val === 'folder') {
this.$emit('showPermissionConfigTab', true)
this.baseData.public = false
this.controlConfigs.public = false
this.rootDirectoryPermission = 'DIR_CTRL'
} else if (val === 'strict') {
this.$emit('showPermissionConfigTab', true)
this.baseData.public = false
this.controlConfigs.public = false
this.rootDirectoryPermission = 'STRICT'
} else if (val === 'default') {
this.$emit('showPermissionConfigTab', false)
this.baseData.public = false
this.controlConfigs.public = false
this.rootDirectoryPermission = 'DEFAULT'
} else {
this.$emit('showPermissionConfigTab', false)
Expand Down Expand Up @@ -249,6 +254,7 @@
}).then((res) => {
this.rootDirectoryPermission = res.accessControlMode
this.blackList = res.officeDenyGroupSet
this.authMode = res
})
this.getRoleListHandler()
},
Expand All @@ -269,41 +275,6 @@
name: 'userGroup'
})
},
addUserGroup () {
this.$refs.roleForm.clearError()
this.editRoleConfig = {
show: true,
loading: false,
id: '',
name: '',
description: '',
users: [],
originUsers: []
}
},
showAddDialog () {
this.showAddUserDialog = true
this.$refs.addUserDialog.editUserConfig = {
users: this.editRoleConfig.users,
originUsers: this.editRoleConfig.originUsers,
search: '',
newUser: ''
}
},
handleAddUsers (users) {
this.editRoleConfig.originUsers = users
this.editRoleConfig.users = users
},
deleteUser (index) {
const temp = []
for (let i = 0; i < this.editRoleConfig.users.length; i++) {
if (i !== index) {
temp.push(this.editRoleConfig.users[i])
}
}
this.editRoleConfig.users = temp
this.editRoleConfig.originUsers = temp
},
async save () {
await this.$refs.controlForm.validate()
try {
Expand All @@ -312,7 +283,8 @@
projectId: this.projectId,
repoName: this.repoName,
accessControlMode: this.rootDirectoryPermission,
officeDenyGroupSet: this.blackList
officeDenyGroupSet: this.blackList,
bkiamv3Check: false
}
const configBody = this.getRepoConfigBody()
await this.updateRepoInfo({
Expand Down Expand Up @@ -385,9 +357,6 @@
}
}
}
if (!specialRepoEnum.includes(this.baseData.name)) {
body.configuration.settings.bkiamv3Check = this.baseData.configuration.settings.bkiamv3Check
}
return body
}
}
Expand Down
60 changes: 40 additions & 20 deletions src/frontend/devops-repository/src/views/repoConfig/index.vue
View file
Original file line number Diff line number Diff line change
Expand Up @@ -20,8 +20,8 @@
</bk-form-item>
<bk-form-item
:label="$t('bkPermissionCheck')"
v-if="!specialRepoEnum.includes(repoBaseInfo.name) && rbacStatus">
<bk-radio-group v-model="repoBaseInfo.configuration.settings.bkiamv3Check">
v-if="!specialRepoEnum.includes(repoBaseInfo.name)">
<bk-radio-group v-model="bkiamv3Check">
<bk-radio class="mr20" :value="true">{{ $t('open') }}</bk-radio>
<bk-radio :value="false">{{ $t('close') }}</bk-radio>
</bk-radio-group>
Expand Down Expand Up @@ -129,16 +129,12 @@
officeNetwork: false,
ipSegment: '',
whitelistUser: ''
},
configuration: {
settings: {
bkiamv3Check: false
}
}
},
showIamDenyDialog: false,
showData: {},
rbacStatus: false,
bkiamv3Check: false,
authMode: undefined,
showPermissionConfig: false
}
},
Expand All @@ -160,7 +156,7 @@
return ['docker', 'generic', 'helm'].includes(this.repoType) && (this.userInfo.admin || this.userInfo.manage)
},
showControlConfigTab () {
return this.userInfo.admin || this.userInfo.manage
return (this.userInfo.admin || this.userInfo.manage) && !this.authMode.bkiamv3Check
},
repoAddress () {
const { repoType, name } = this.repoBaseInfo
Expand Down Expand Up @@ -211,17 +207,24 @@
created () {
if (!this.repoName || !this.repoType) this.toRepoList()
this.getRepoInfoHandler()
this.getIamPermissionStatus().then(res => {
this.rbacStatus = res
})
this.getAuthModeFunc()
},
methods: {
...mapActions(['getRepoInfo', 'updateRepoInfo', 'getDomain', 'getPermissionUrl', 'getIamPermissionStatus']),
...mapActions(['getRepoInfo', 'updateRepoInfo', 'getDomain', 'getPermissionUrl', 'getRootPermission', 'createOrUpdateRootPermission']),
toRepoList () {
this.$router.push({
name: 'repositories'
})
},
getAuthModeFunc () {
this.getRootPermission({
projectId: this.projectId,
repoName: this.repoName
}).then(res => {
this.authMode = res
this.bkiamv3Check = res.bkiamv3Check
})
},
getRepoInfoHandler () {
this.isLoading = true
this.getRepoInfo({
Expand Down Expand Up @@ -327,20 +330,14 @@
}
}
}
if (!specialRepoEnum.includes(this.repoBaseInfo.name)) {
body.configuration.settings.bkiamv3Check = this.repoBaseInfo.configuration.settings.bkiamv3Check
}
this.repoBaseInfo.loading = true
this.updateRepoInfo({
projectId: this.projectId,
name: this.repoName,
body
}).then(() => {
this.saveRepoMode()
this.getRepoInfoHandler()
this.$bkMessage({
theme: 'success',
message: this.$t('save') + this.$t('space') + this.$t('success')
})
}).catch(err => {
if (err.status === 403) {
this.getPermissionUrl({
Expand Down Expand Up @@ -386,6 +383,29 @@
this.$refs.tab.$el.style.height = '100%'
}
})
},
saveRepoMode () {
const body = {
projectId: this.projectId,
repoName: this.repoBaseInfo.name,
accessControlMode: this.authMode.accessControlMode,
officeDenyGroupSet: this.authMode.officeDenyGroupSet,
bkiamv3Check: this.bkiamv3Check
}
this.createOrUpdateRootPermission({
body: body
}).then(() => {
this.getAuthModeFunc()
this.$bkMessage({
theme: 'success',
message: this.$t('save') + this.$t('space') + this.$t('success')
})
}).catch((err) => {
this.$bkMessage({
theme: 'error',
message: err.message
})
})
}
}
}
Expand Down
24 changes: 7 additions & 17 deletions src/frontend/devops-repository/src/views/repoList/createRepoDialog.vue
View file
Original file line number Diff line number Diff line change
Expand Up @@ -37,8 +37,8 @@
</bk-form-item>
<bk-form-item
:label="$t('bkPermissionCheck')"
v-if="!specialRepoEnum.includes(repoBaseInfo.name) && rbacStatus">
<bk-radio-group v-model="repoBaseInfo.configuration.settings.bkiamv3Check">
v-if="!specialRepoEnum.includes(repoBaseInfo.name)">
<bk-radio-group v-model="bkiamv3Check">
<bk-radio class="mr20" :value="true">{{ $t('open') }}</bk-radio>
<bk-radio :value="false">{{ $t('close') }}</bk-radio>
</bk-radio-group>
Expand Down Expand Up @@ -117,11 +117,6 @@
officeNetwork: false,
ipSegment: '',
whitelistUser: ''
},
configuration: {
settings: {
bkiamv3Check: false
}
}
}
}
Expand All @@ -139,8 +134,8 @@
showIamDenyDialog: false,
showData: {},
title: this.$t('createRepository'),
rbacStatus: false,
accessControl: 'DEFAULT'
accessControl: 'DEFAULT',
bkiamv3Check: false
}
},
computed: {
Expand Down Expand Up @@ -235,14 +230,11 @@
}
},
methods: {
...mapActions(['createRepo', 'checkRepoName', 'getPermissionUrl', 'getIamPermissionStatus', 'createOrUpdateRootPermission']),
...mapActions(['createRepo', 'checkRepoName', 'getPermissionUrl', 'createOrUpdateRootPermission']),
showDialogHandler () {
this.show = true
this.repoBaseInfo = getRepoBaseInfo()
this.$refs.repoBaseInfo && this.$refs.repoBaseInfo.clearError()
this.getIamPermissionStatus().then(res => {
this.rbacStatus = res
})
},
cancel () {
this.accessControl = 'DEFAULT'
Expand Down Expand Up @@ -285,9 +277,6 @@
}
}
}
if (!specialRepoEnum.includes(this.repoBaseInfo.name)) {
body.configuration.settings.bkiamv3Check = this.repoBaseInfo.configuration.settings.bkiamv3Check
}
this.loading = true
this.createRepo({
body: body
Expand Down Expand Up @@ -327,7 +316,8 @@
const body = {
projectId: this.projectId,
repoName: this.repoBaseInfo.name,
accessControlMode: this.accessControl
accessControlMode: this.accessControl,
bkiamv3Check: this.bkiamv3Check
}
this.createOrUpdateRootPermission({
body: body
Expand Down

0 comments on commit 0dc8afd

Please sign in to comment.