mirror of
https://github.com/PowerJob/PowerJob.git
synced 2025-07-17 00:00:04 +08:00
fix: Override vulnerability #1050
This commit is contained in:
tjq
parent
a406602b09
commit
024b1a4f87
@ -22,6 +22,7 @@ import tech.powerjob.server.auth.Permission;
|
||||
import tech.powerjob.server.auth.Role;
|
||||
import tech.powerjob.server.auth.RoleScope;
|
||||
import tech.powerjob.server.auth.common.AuthConstants;
|
||||
import tech.powerjob.server.auth.common.utils.HttpHeaderUtils;
|
||||
import tech.powerjob.server.auth.interceptor.ApiPermission;
|
||||
import tech.powerjob.server.auth.plugin.ModifyOrCreateDynamicPermission;
|
||||
import tech.powerjob.server.auth.plugin.SaveAppGrantPermissionPlugin;
|
||||
@ -43,6 +44,7 @@ import tech.powerjob.server.web.service.AppWebService;
|
||||
import tech.powerjob.server.web.service.NamespaceWebService;
|
||||
import tech.powerjob.server.web.service.UserWebService;
|
||||
|
||||
import javax.servlet.http.HttpServletRequest;
|
||||
import java.util.List;
|
||||
import java.util.Map;
|
||||
import java.util.Optional;
|
||||
@ -81,9 +83,11 @@ public class AppInfoController {
|
||||
|
||||
@PostMapping("/delete")
|
||||
@ApiPermission(name = "App-Delete", roleScope = RoleScope.APP, requiredPermission = Permission.SU)
|
||||
public ResultDTO<Void> deleteApp(Long appId) {
|
||||
public ResultDTO<Void> deleteApp(HttpServletRequest hsr) {
|
||||
|
||||
Long appId = Long.valueOf(HttpHeaderUtils.fetchAppId(hsr));
|
||||
appWebService.delete(appId);
|
||||
|
||||
return ResultDTO.success(null);
|
||||
}
|
||||
|
||||
|
||||
@ -7,12 +7,13 @@ import org.springframework.beans.BeanUtils;
|
||||
import org.springframework.web.bind.annotation.*;
|
||||
import org.springframework.web.multipart.MultipartFile;
|
||||
import tech.powerjob.common.OmsConstant;
|
||||
import tech.powerjob.common.enums.SwitchableStatus;
|
||||
import tech.powerjob.common.response.ResultDTO;
|
||||
import tech.powerjob.server.auth.Permission;
|
||||
import tech.powerjob.server.auth.RoleScope;
|
||||
import tech.powerjob.server.auth.common.utils.HttpHeaderUtils;
|
||||
import tech.powerjob.server.auth.interceptor.ApiPermission;
|
||||
import tech.powerjob.server.common.constants.ContainerSourceType;
|
||||
import tech.powerjob.common.enums.SwitchableStatus;
|
||||
import tech.powerjob.server.common.utils.OmsFileUtils;
|
||||
import tech.powerjob.server.core.container.ContainerService;
|
||||
import tech.powerjob.server.core.container.ContainerTemplateGenerator;
|
||||
@ -24,6 +25,7 @@ import tech.powerjob.server.web.request.GenerateContainerTemplateRequest;
|
||||
import tech.powerjob.server.web.request.SaveContainerInfoRequest;
|
||||
import tech.powerjob.server.web.response.ContainerInfoVO;
|
||||
|
||||
import javax.servlet.http.HttpServletRequest;
|
||||
import javax.servlet.http.HttpServletResponse;
|
||||
import java.io.File;
|
||||
import java.io.IOException;
|
||||
@ -71,7 +73,6 @@ public class ContainerController {
|
||||
}
|
||||
|
||||
@PostMapping("/downloadContainerTemplate")
|
||||
@ApiPermission(name = "Container-DownloadContainerTemplate", roleScope = RoleScope.APP, requiredPermission = Permission.READ)
|
||||
public void downloadContainerTemplate(@RequestBody GenerateContainerTemplateRequest req, HttpServletResponse response) throws IOException {
|
||||
File zipFile = ContainerTemplateGenerator.generate(req.getGroup(), req.getArtifact(), req.getName(), req.getPackageName(), req.getJavaVersion());
|
||||
OmsFileUtils.file2HttpResponse(zipFile, response);
|
||||
@ -88,7 +89,11 @@ public class ContainerController {
|
||||
|
||||
@PostMapping("/save")
|
||||
@ApiPermission(name = "Container-Save", roleScope = RoleScope.APP, requiredPermission = Permission.OPS)
|
||||
public ResultDTO<Void> saveContainer(@RequestBody SaveContainerInfoRequest request) {
|
||||
public ResultDTO<Void> saveContainer(@RequestBody SaveContainerInfoRequest request, HttpServletRequest hsr) {
|
||||
|
||||
Long appId = Long.valueOf(HttpHeaderUtils.fetchAppId(hsr));
|
||||
request.setAppId(appId);
|
||||
|
||||
request.valid();
|
||||
|
||||
ContainerInfoDO container = new ContainerInfoDO();
|
||||
@ -102,14 +107,16 @@ public class ContainerController {
|
||||
|
||||
@GetMapping("/delete")
|
||||
@ApiPermission(name = "Container-Delete", roleScope = RoleScope.APP, requiredPermission = Permission.OPS)
|
||||
public ResultDTO<Void> deleteContainer(Long appId, Long containerId) {
|
||||
public ResultDTO<Void> deleteContainer(Long containerId, HttpServletRequest hsr) {
|
||||
Long appId = Long.valueOf(HttpHeaderUtils.fetchAppId(hsr));
|
||||
containerService.delete(appId, containerId);
|
||||
return ResultDTO.success(null);
|
||||
}
|
||||
|
||||
@GetMapping("/list")
|
||||
@ApiPermission(name = "Container-List", roleScope = RoleScope.APP, requiredPermission = Permission.READ)
|
||||
public ResultDTO<List<ContainerInfoVO>> listContainers(Long appId) {
|
||||
public ResultDTO<List<ContainerInfoVO>> listContainers(HttpServletRequest hsr) {
|
||||
Long appId = Long.valueOf(HttpHeaderUtils.fetchAppId(hsr));
|
||||
List<ContainerInfoVO> res = containerInfoRepository.findByAppIdAndStatusNot(appId, SwitchableStatus.DELETED.getV())
|
||||
.stream().map(ContainerController::convert).collect(Collectors.toList());
|
||||
return ResultDTO.success(res);
|
||||
@ -117,7 +124,9 @@ public class ContainerController {
|
||||
|
||||
@GetMapping("/listDeployedWorker")
|
||||
@ApiPermission(name = "Container-ListDeployedWorker", roleScope = RoleScope.APP, requiredPermission = Permission.READ)
|
||||
public ResultDTO<String> listDeployedWorker(Long appId, Long containerId, HttpServletResponse response) {
|
||||
public ResultDTO<String> listDeployedWorker(Long containerId, HttpServletResponse response, HttpServletRequest hsr) {
|
||||
Long appId = Long.valueOf(HttpHeaderUtils.fetchAppId(hsr));
|
||||
|
||||
AppInfoDO appInfoDO = appInfoRepository.findById(appId).orElseThrow(() -> new IllegalArgumentException("can't find app by id:" + appId));
|
||||
String targetServer = appInfoDO.getCurrentServer();
|
||||
|
||||
|
||||
@ -1,35 +1,39 @@
|
||||
package tech.powerjob.server.web.controller;
|
||||
|
||||
import tech.powerjob.common.OmsConstant;
|
||||
import tech.powerjob.common.enums.InstanceStatus;
|
||||
import tech.powerjob.common.response.ResultDTO;
|
||||
import tech.powerjob.server.auth.Permission;
|
||||
import tech.powerjob.server.auth.RoleScope;
|
||||
import tech.powerjob.server.auth.interceptor.ApiPermission;
|
||||
import tech.powerjob.server.common.utils.OmsFileUtils;
|
||||
import tech.powerjob.server.persistence.PageResult;
|
||||
import tech.powerjob.server.persistence.StringPage;
|
||||
import tech.powerjob.server.persistence.remote.model.InstanceInfoDO;
|
||||
import tech.powerjob.server.persistence.remote.repository.InstanceInfoRepository;
|
||||
import tech.powerjob.server.core.service.CacheService;
|
||||
import tech.powerjob.server.core.instance.InstanceLogService;
|
||||
import tech.powerjob.server.core.instance.InstanceService;
|
||||
import tech.powerjob.server.web.request.QueryInstanceDetailRequest;
|
||||
import tech.powerjob.server.web.request.QueryInstanceRequest;
|
||||
import tech.powerjob.server.web.response.InstanceDetailVO;
|
||||
import tech.powerjob.server.web.response.InstanceInfoVO;
|
||||
import lombok.SneakyThrows;
|
||||
import lombok.extern.slf4j.Slf4j;
|
||||
import org.apache.commons.io.FileUtils;
|
||||
import org.apache.commons.lang3.StringUtils;
|
||||
import org.springframework.beans.BeanUtils;
|
||||
import org.springframework.data.domain.Example;
|
||||
import org.springframework.data.domain.Page;
|
||||
import org.springframework.data.domain.PageRequest;
|
||||
import org.springframework.data.domain.Sort;
|
||||
import org.apache.commons.lang3.StringUtils;
|
||||
import org.springframework.web.bind.annotation.*;
|
||||
import tech.powerjob.common.OmsConstant;
|
||||
import tech.powerjob.common.enums.ErrorCodes;
|
||||
import tech.powerjob.common.enums.InstanceStatus;
|
||||
import tech.powerjob.common.exception.PowerJobException;
|
||||
import tech.powerjob.common.response.ResultDTO;
|
||||
import tech.powerjob.server.auth.Permission;
|
||||
import tech.powerjob.server.auth.RoleScope;
|
||||
import tech.powerjob.server.auth.common.utils.HttpHeaderUtils;
|
||||
import tech.powerjob.server.auth.interceptor.ApiPermission;
|
||||
import tech.powerjob.server.common.utils.OmsFileUtils;
|
||||
import tech.powerjob.server.core.instance.InstanceLogService;
|
||||
import tech.powerjob.server.core.instance.InstanceService;
|
||||
import tech.powerjob.server.core.service.CacheService;
|
||||
import tech.powerjob.server.persistence.PageResult;
|
||||
import tech.powerjob.server.persistence.StringPage;
|
||||
import tech.powerjob.server.persistence.remote.model.InstanceInfoDO;
|
||||
import tech.powerjob.server.persistence.remote.repository.InstanceInfoRepository;
|
||||
import tech.powerjob.server.web.request.QueryInstanceDetailRequest;
|
||||
import tech.powerjob.server.web.request.QueryInstanceRequest;
|
||||
import tech.powerjob.server.web.response.InstanceDetailVO;
|
||||
import tech.powerjob.server.web.response.InstanceInfoVO;
|
||||
|
||||
import javax.annotation.Resource;
|
||||
import javax.servlet.http.HttpServletRequest;
|
||||
import javax.servlet.http.HttpServletResponse;
|
||||
import java.io.File;
|
||||
import java.net.URL;
|
||||
@ -61,29 +65,38 @@ public class InstanceController {
|
||||
|
||||
@GetMapping("/stop")
|
||||
@ApiPermission(name = "Instance-Stop", roleScope = RoleScope.APP, requiredPermission = Permission.OPS)
|
||||
public ResultDTO<Void> stopInstance(Long appId,Long instanceId) {
|
||||
instanceService.stopInstance(appId,instanceId);
|
||||
public ResultDTO<Void> stopInstance(Long instanceId, HttpServletRequest hsr) {
|
||||
preCheck(instanceId, hsr);
|
||||
|
||||
Long appId = Long.valueOf(HttpHeaderUtils.fetchAppId(hsr));
|
||||
instanceService.stopInstance(appId, instanceId);
|
||||
|
||||
return ResultDTO.success(null);
|
||||
}
|
||||
|
||||
@GetMapping("/retry")
|
||||
@ApiPermission(name = "Instance-Retry", roleScope = RoleScope.APP, requiredPermission = Permission.OPS)
|
||||
public ResultDTO<Void> retryInstance(String appId, Long instanceId) {
|
||||
instanceService.retryInstance(Long.valueOf(appId), instanceId);
|
||||
public ResultDTO<Void> retryInstance(Long instanceId, HttpServletRequest hsr) {
|
||||
|
||||
preCheck(instanceId, hsr);
|
||||
|
||||
Long appId = Long.valueOf(HttpHeaderUtils.fetchAppId(hsr));
|
||||
instanceService.retryInstance(appId, instanceId);
|
||||
return ResultDTO.success(null);
|
||||
}
|
||||
|
||||
@GetMapping("/detail")
|
||||
@ApiPermission(name = "Instance-Detail", roleScope = RoleScope.APP, requiredPermission = Permission.READ)
|
||||
public ResultDTO<InstanceDetailVO> getInstanceDetail(Long appId, Long instanceId) {
|
||||
public ResultDTO<InstanceDetailVO> getInstanceDetail(Long instanceId, HttpServletRequest hsr) {
|
||||
QueryInstanceDetailRequest queryInstanceDetailRequest = new QueryInstanceDetailRequest();
|
||||
queryInstanceDetailRequest.setAppId(appId);
|
||||
queryInstanceDetailRequest.setAppId(Long.valueOf(HttpHeaderUtils.fetchAppId(hsr)));
|
||||
queryInstanceDetailRequest.setInstanceId(instanceId);
|
||||
return getInstanceDetailPlus(queryInstanceDetailRequest);
|
||||
return getInstanceDetailPlus(queryInstanceDetailRequest, hsr);
|
||||
}
|
||||
|
||||
@PostMapping("/detailPlus")
|
||||
public ResultDTO<InstanceDetailVO> getInstanceDetailPlus(@RequestBody QueryInstanceDetailRequest req) {
|
||||
@ApiPermission(name = "Instance-DetailPlus", roleScope = RoleScope.APP, requiredPermission = Permission.READ)
|
||||
public ResultDTO<InstanceDetailVO> getInstanceDetailPlus(@RequestBody QueryInstanceDetailRequest req, HttpServletRequest hsr) {
|
||||
|
||||
// 非法请求参数校验
|
||||
String customQuery = req.getCustomQuery();
|
||||
@ -95,6 +108,8 @@ public class InstanceController {
|
||||
// 兼容老版本前端不存在 appId 的场景
|
||||
if (req.getAppId() == null) {
|
||||
req.setAppId(instanceService.getInstanceInfo(req.getInstanceId()).getAppId());
|
||||
} else {
|
||||
req.setAppId(Long.valueOf(HttpHeaderUtils.fetchAppId(hsr)));
|
||||
}
|
||||
|
||||
return ResultDTO.success(InstanceDetailVO.from(instanceService.getInstanceDetail(req.getAppId(), req.getInstanceId(), customQuery)));
|
||||
@ -102,13 +117,20 @@ public class InstanceController {
|
||||
|
||||
@GetMapping("/log")
|
||||
@ApiPermission(name = "Instance-Log", roleScope = RoleScope.APP, requiredPermission = Permission.OPS)
|
||||
public ResultDTO<StringPage> getInstanceLog(Long appId, Long instanceId, Long index) {
|
||||
public ResultDTO<StringPage> getInstanceLog(Long instanceId, Long index, HttpServletRequest hsr) {
|
||||
|
||||
preCheck(instanceId, hsr);
|
||||
Long appId = Long.valueOf(HttpHeaderUtils.fetchAppId(hsr));
|
||||
return ResultDTO.success(instanceLogService.fetchInstanceLog(appId, instanceId, index));
|
||||
}
|
||||
|
||||
@GetMapping("/downloadLogUrl")
|
||||
@ApiPermission(name = "Instance-FetchDownloadLogUrl", roleScope = RoleScope.APP, requiredPermission = Permission.READ)
|
||||
public ResultDTO<String> getDownloadUrl(Long appId, Long instanceId) {
|
||||
public ResultDTO<String> getDownloadUrl(Long instanceId, HttpServletRequest hsr) {
|
||||
|
||||
preCheck(instanceId, hsr);
|
||||
Long appId = Long.valueOf(HttpHeaderUtils.fetchAppId(hsr));
|
||||
|
||||
return ResultDTO.success(instanceLogService.fetchDownloadUrl(appId, instanceId));
|
||||
}
|
||||
|
||||
@ -140,7 +162,10 @@ public class InstanceController {
|
||||
|
||||
@PostMapping("/list")
|
||||
@ApiPermission(name = "Instance-List", roleScope = RoleScope.APP, requiredPermission = Permission.READ)
|
||||
public ResultDTO<PageResult<InstanceInfoVO>> list(@RequestBody QueryInstanceRequest request) {
|
||||
public ResultDTO<PageResult<InstanceInfoVO>> list(@RequestBody QueryInstanceRequest request, HttpServletRequest hsr) {
|
||||
|
||||
Long appId = Long.valueOf(HttpHeaderUtils.fetchAppId(hsr));
|
||||
request.setAppId(appId);
|
||||
|
||||
Sort sort = Sort.by(Sort.Direction.DESC, "gmtModified");
|
||||
PageRequest pageable = PageRequest.of(request.getIndex(), request.getPageSize(), sort);
|
||||
@ -166,4 +191,16 @@ public class InstanceController {
|
||||
return pageResult;
|
||||
}
|
||||
|
||||
private void preCheck(Long instanceId, HttpServletRequest hsr) {
|
||||
Optional<InstanceInfoDO> instanceInfoOpt = instanceInfoRepository.findById(instanceId);
|
||||
if (!instanceInfoOpt.isPresent()) {
|
||||
throw new PowerJobException(ErrorCodes.ILLEGAL_ARGS_ERROR, "Can'tFindInstanceInfoById:" + instanceId);
|
||||
}
|
||||
Long appId = instanceInfoOpt.get().getAppId();
|
||||
String targetId = HttpHeaderUtils.fetchAppId(hsr);
|
||||
if (!targetId.equalsIgnoreCase(String.valueOf(appId))) {
|
||||
throw new PowerJobException(ErrorCodes.INVALID_REQUEST, String.format("AppIdNotMatch(%d!=%d)", targetId, appId));
|
||||
}
|
||||
}
|
||||
|
||||
}
|
||||
|
||||
@ -8,6 +8,7 @@ import tech.powerjob.common.response.ResultDTO;
|
||||
import tech.powerjob.server.auth.Permission;
|
||||
import tech.powerjob.server.auth.RoleScope;
|
||||
import tech.powerjob.server.auth.common.AuthConstants;
|
||||
import tech.powerjob.server.auth.common.utils.HttpHeaderUtils;
|
||||
import tech.powerjob.server.auth.interceptor.ApiPermission;
|
||||
import tech.powerjob.server.auth.plugin.ModifyOrCreateDynamicPermission;
|
||||
import tech.powerjob.server.auth.plugin.SaveNamespaceGrantPermissionPlugin;
|
||||
@ -25,6 +26,7 @@ import tech.powerjob.server.web.service.NamespaceWebService;
|
||||
import tech.powerjob.server.web.service.UserWebService;
|
||||
|
||||
import javax.annotation.Resource;
|
||||
import javax.servlet.http.HttpServletRequest;
|
||||
import java.util.List;
|
||||
import java.util.stream.Collectors;
|
||||
|
||||
@ -57,8 +59,9 @@ public class NamespaceController {
|
||||
|
||||
@DeleteMapping("/delete")
|
||||
@ApiPermission(name = "Namespace-Delete", roleScope = RoleScope.NAMESPACE, requiredPermission = Permission.SU)
|
||||
public ResultDTO<Void> deleteNamespace(Long id) {
|
||||
namespaceWebService.delete(id);
|
||||
public ResultDTO<Void> deleteNamespace(HttpServletRequest hsr) {
|
||||
Long namespaceId = Long.valueOf(HttpHeaderUtils.fetchNamespaceId(hsr));
|
||||
namespaceWebService.delete(namespaceId);
|
||||
return ResultDTO.success(null);
|
||||
}
|
||||
|
||||
|
||||
@ -5,13 +5,14 @@ import org.springframework.data.domain.Page;
|
||||
import org.springframework.data.domain.PageRequest;
|
||||
import org.springframework.data.domain.Sort;
|
||||
import org.springframework.web.bind.annotation.*;
|
||||
import tech.powerjob.common.enums.SwitchableStatus;
|
||||
import tech.powerjob.common.request.http.SaveWorkflowNodeRequest;
|
||||
import tech.powerjob.common.request.http.SaveWorkflowRequest;
|
||||
import tech.powerjob.common.response.ResultDTO;
|
||||
import tech.powerjob.server.auth.Permission;
|
||||
import tech.powerjob.server.auth.RoleScope;
|
||||
import tech.powerjob.server.auth.common.utils.HttpHeaderUtils;
|
||||
import tech.powerjob.server.auth.interceptor.ApiPermission;
|
||||
import tech.powerjob.common.enums.SwitchableStatus;
|
||||
import tech.powerjob.server.core.workflow.WorkflowService;
|
||||
import tech.powerjob.server.persistence.PageResult;
|
||||
import tech.powerjob.server.persistence.remote.model.WorkflowInfoDO;
|
||||
@ -21,6 +22,7 @@ import tech.powerjob.server.web.request.QueryWorkflowInfoRequest;
|
||||
import tech.powerjob.server.web.response.WorkflowInfoVO;
|
||||
|
||||
import javax.annotation.Resource;
|
||||
import javax.servlet.http.HttpServletRequest;
|
||||
import java.text.ParseException;
|
||||
import java.util.List;
|
||||
import java.util.stream.Collectors;
|
||||
@ -43,40 +45,51 @@ public class WorkflowController {
|
||||
|
||||
@PostMapping("/save")
|
||||
@ApiPermission(name = "Workflow-Save", roleScope = RoleScope.APP, requiredPermission = Permission.WRITE)
|
||||
public ResultDTO<Long> save(@RequestBody SaveWorkflowRequest req) throws ParseException {
|
||||
public ResultDTO<Long> save(@RequestBody SaveWorkflowRequest req, HttpServletRequest hsr) throws ParseException {
|
||||
|
||||
Long appId = Long.valueOf(HttpHeaderUtils.fetchAppId(hsr));
|
||||
req.setAppId(appId);
|
||||
|
||||
return ResultDTO.success(workflowService.saveWorkflow(req));
|
||||
}
|
||||
|
||||
@PostMapping("/copy")
|
||||
@ApiPermission(name = "Workflow-Copy", roleScope = RoleScope.APP, requiredPermission = Permission.WRITE)
|
||||
public ResultDTO<Long> copy(Long workflowId, Long appId) {
|
||||
return ResultDTO.success(workflowService.copyWorkflow(workflowId,appId));
|
||||
public ResultDTO<Long> copy(Long workflowId, HttpServletRequest hsr) {
|
||||
Long appId = Long.valueOf(HttpHeaderUtils.fetchAppId(hsr));
|
||||
return ResultDTO.success(workflowService.copyWorkflow(workflowId, appId));
|
||||
}
|
||||
|
||||
@GetMapping("/disable")
|
||||
@ApiPermission(name = "Workflow-Disable", roleScope = RoleScope.APP, requiredPermission = Permission.WRITE)
|
||||
public ResultDTO<Void> disableWorkflow(Long workflowId, Long appId) {
|
||||
public ResultDTO<Void> disableWorkflow(Long workflowId, HttpServletRequest hsr) {
|
||||
Long appId = Long.valueOf(HttpHeaderUtils.fetchAppId(hsr));
|
||||
workflowService.disableWorkflow(workflowId, appId);
|
||||
return ResultDTO.success(null);
|
||||
}
|
||||
|
||||
@GetMapping("/enable")
|
||||
@ApiPermission(name = "Workflow-Enable", roleScope = RoleScope.APP, requiredPermission = Permission.WRITE)
|
||||
public ResultDTO<Void> enableWorkflow(Long workflowId, Long appId) {
|
||||
public ResultDTO<Void> enableWorkflow(Long workflowId, HttpServletRequest hsr) {
|
||||
Long appId = Long.valueOf(HttpHeaderUtils.fetchAppId(hsr));
|
||||
workflowService.enableWorkflow(workflowId, appId);
|
||||
return ResultDTO.success(null);
|
||||
}
|
||||
|
||||
@GetMapping("/delete")
|
||||
@ApiPermission(name = "Workflow-Delete", roleScope = RoleScope.APP, requiredPermission = Permission.WRITE)
|
||||
public ResultDTO<Void> deleteWorkflow(Long workflowId, Long appId) {
|
||||
public ResultDTO<Void> deleteWorkflow(Long workflowId, HttpServletRequest hsr) {
|
||||
Long appId = Long.valueOf(HttpHeaderUtils.fetchAppId(hsr));
|
||||
workflowService.deleteWorkflow(workflowId, appId);
|
||||
return ResultDTO.success(null);
|
||||
}
|
||||
|
||||
@PostMapping("/list")
|
||||
@ApiPermission(name = "Workflow-List", roleScope = RoleScope.APP, requiredPermission = Permission.READ)
|
||||
public ResultDTO<PageResult<WorkflowInfoVO>> list(@RequestBody QueryWorkflowInfoRequest req) {
|
||||
public ResultDTO<PageResult<WorkflowInfoVO>> list(@RequestBody QueryWorkflowInfoRequest req, HttpServletRequest hsr) {
|
||||
|
||||
Long appId = Long.valueOf(HttpHeaderUtils.fetchAppId(hsr));
|
||||
req.setAppId(appId);
|
||||
|
||||
Sort sort = Sort.by(Sort.Direction.DESC, "gmtCreate");
|
||||
PageRequest pageRequest = PageRequest.of(req.getIndex(), req.getPageSize(), sort);
|
||||
@ -98,23 +111,28 @@ public class WorkflowController {
|
||||
|
||||
@GetMapping("/run")
|
||||
@ApiPermission(name = "Workflow-Run", roleScope = RoleScope.APP, requiredPermission = Permission.OPS)
|
||||
public ResultDTO<Long> runWorkflow(Long workflowId, Long appId,
|
||||
public ResultDTO<Long> runWorkflow(Long workflowId,
|
||||
@RequestParam(required = false,defaultValue = "0") Long delay,
|
||||
@RequestParam(required = false) String initParams
|
||||
@RequestParam(required = false) String initParams,
|
||||
HttpServletRequest hsr
|
||||
) {
|
||||
Long appId = Long.valueOf(HttpHeaderUtils.fetchAppId(hsr));
|
||||
return ResultDTO.success(workflowService.runWorkflow(workflowId, appId, initParams, delay));
|
||||
}
|
||||
|
||||
@GetMapping("/fetch")
|
||||
@ApiPermission(name = "Workflow-Fetch", roleScope = RoleScope.APP, requiredPermission = Permission.READ)
|
||||
public ResultDTO<WorkflowInfoVO> fetchWorkflow(Long workflowId, Long appId) {
|
||||
public ResultDTO<WorkflowInfoVO> fetchWorkflow(Long workflowId, HttpServletRequest hsr) {
|
||||
Long appId = Long.valueOf(HttpHeaderUtils.fetchAppId(hsr));
|
||||
WorkflowInfoDO workflowInfoDO = workflowService.fetchWorkflow(workflowId, appId);
|
||||
return ResultDTO.success(WorkflowInfoVO.from(workflowInfoDO));
|
||||
}
|
||||
|
||||
@PostMapping("/saveNode")
|
||||
@ApiPermission(name = "Workflow-SaveNode", roleScope = RoleScope.APP, requiredPermission = Permission.WRITE)
|
||||
public ResultDTO<List<WorkflowNodeInfoDO>> addWorkflowNode(@RequestBody List<SaveWorkflowNodeRequest> request) {
|
||||
public ResultDTO<List<WorkflowNodeInfoDO>> addWorkflowNode(@RequestBody List<SaveWorkflowNodeRequest> request, HttpServletRequest hsr) {
|
||||
Long appId = Long.valueOf(HttpHeaderUtils.fetchAppId(hsr));
|
||||
request.forEach(r -> r.setAppId(appId));
|
||||
return ResultDTO.success(workflowService.saveWorkflowNode(request));
|
||||
}
|
||||
|
||||
|
||||
@ -1,26 +1,28 @@
|
||||
package tech.powerjob.server.web.controller;
|
||||
|
||||
import tech.powerjob.common.enums.WorkflowInstanceStatus;
|
||||
import tech.powerjob.common.response.ResultDTO;
|
||||
import tech.powerjob.server.auth.Permission;
|
||||
import tech.powerjob.server.auth.RoleScope;
|
||||
import tech.powerjob.server.auth.interceptor.ApiPermission;
|
||||
import tech.powerjob.server.persistence.PageResult;
|
||||
import tech.powerjob.server.persistence.remote.model.WorkflowInstanceInfoDO;
|
||||
import tech.powerjob.server.persistence.remote.repository.WorkflowInstanceInfoRepository;
|
||||
import tech.powerjob.server.core.service.CacheService;
|
||||
import tech.powerjob.server.core.workflow.WorkflowInstanceService;
|
||||
import tech.powerjob.server.web.request.QueryWorkflowInstanceRequest;
|
||||
import tech.powerjob.server.web.response.WorkflowInstanceInfoVO;
|
||||
import org.apache.commons.lang3.StringUtils;
|
||||
import org.springframework.beans.BeanUtils;
|
||||
import org.springframework.data.domain.Example;
|
||||
import org.springframework.data.domain.Page;
|
||||
import org.springframework.data.domain.PageRequest;
|
||||
import org.springframework.data.domain.Sort;
|
||||
import org.apache.commons.lang3.StringUtils;
|
||||
import org.springframework.web.bind.annotation.*;
|
||||
import tech.powerjob.common.enums.WorkflowInstanceStatus;
|
||||
import tech.powerjob.common.response.ResultDTO;
|
||||
import tech.powerjob.server.auth.Permission;
|
||||
import tech.powerjob.server.auth.RoleScope;
|
||||
import tech.powerjob.server.auth.common.utils.HttpHeaderUtils;
|
||||
import tech.powerjob.server.auth.interceptor.ApiPermission;
|
||||
import tech.powerjob.server.core.service.CacheService;
|
||||
import tech.powerjob.server.core.workflow.WorkflowInstanceService;
|
||||
import tech.powerjob.server.persistence.PageResult;
|
||||
import tech.powerjob.server.persistence.remote.model.WorkflowInstanceInfoDO;
|
||||
import tech.powerjob.server.persistence.remote.repository.WorkflowInstanceInfoRepository;
|
||||
import tech.powerjob.server.web.request.QueryWorkflowInstanceRequest;
|
||||
import tech.powerjob.server.web.response.WorkflowInstanceInfoVO;
|
||||
|
||||
import javax.annotation.Resource;
|
||||
import javax.servlet.http.HttpServletRequest;
|
||||
import java.util.stream.Collectors;
|
||||
|
||||
/**
|
||||
@ -42,21 +44,24 @@ public class WorkflowInstanceController {
|
||||
|
||||
@GetMapping("/stop")
|
||||
@ApiPermission(name = "WorkflowInstance-Stop", roleScope = RoleScope.APP, requiredPermission = Permission.OPS)
|
||||
public ResultDTO<Void> stopWfInstance(Long wfInstanceId, Long appId) {
|
||||
public ResultDTO<Void> stopWfInstance(Long wfInstanceId, HttpServletRequest hsr) {
|
||||
Long appId = Long.valueOf(HttpHeaderUtils.fetchAppId(hsr));
|
||||
workflowInstanceService.stopWorkflowInstanceEntrance(wfInstanceId, appId);
|
||||
return ResultDTO.success(null);
|
||||
}
|
||||
|
||||
@RequestMapping("/retry")
|
||||
@ApiPermission(name = "WorkflowInstance-Retry", roleScope = RoleScope.APP, requiredPermission = Permission.OPS)
|
||||
public ResultDTO<Void> retryWfInstance(Long wfInstanceId, Long appId) {
|
||||
public ResultDTO<Void> retryWfInstance(Long wfInstanceId, HttpServletRequest hsr) {
|
||||
Long appId = Long.valueOf(HttpHeaderUtils.fetchAppId(hsr));
|
||||
workflowInstanceService.retryWorkflowInstance(wfInstanceId, appId);
|
||||
return ResultDTO.success(null);
|
||||
}
|
||||
|
||||
@RequestMapping("/markNodeAsSuccess")
|
||||
@ApiPermission(name = "WorkflowInstance-MarkNodeAsSuccess", roleScope = RoleScope.APP, requiredPermission = Permission.OPS)
|
||||
public ResultDTO<Void> markNodeAsSuccess(Long wfInstanceId, Long appId, Long nodeId) {
|
||||
public ResultDTO<Void> markNodeAsSuccess(Long wfInstanceId, Long nodeId, HttpServletRequest hsr) {
|
||||
Long appId = Long.valueOf(HttpHeaderUtils.fetchAppId(hsr));
|
||||
workflowInstanceService.markNodeAsSuccess(appId, wfInstanceId, nodeId);
|
||||
return ResultDTO.success(null);
|
||||
}
|
||||
@ -64,14 +69,15 @@ public class WorkflowInstanceController {
|
||||
|
||||
@GetMapping("/info")
|
||||
@ApiPermission(name = "WorkflowInstance-Info", roleScope = RoleScope.APP, requiredPermission = Permission.READ)
|
||||
public ResultDTO<WorkflowInstanceInfoVO> getInfo(Long wfInstanceId, Long appId) {
|
||||
public ResultDTO<WorkflowInstanceInfoVO> getInfo(Long wfInstanceId, HttpServletRequest hsr) {
|
||||
Long appId = Long.valueOf(HttpHeaderUtils.fetchAppId(hsr));
|
||||
WorkflowInstanceInfoDO wfInstanceDO = workflowInstanceService.fetchWfInstance(wfInstanceId, appId);
|
||||
return ResultDTO.success(WorkflowInstanceInfoVO.from(wfInstanceDO, cacheService.getWorkflowName(wfInstanceDO.getWorkflowId())));
|
||||
}
|
||||
|
||||
@PostMapping("/list")
|
||||
@ApiPermission(name = "WorkflowInstance-List", roleScope = RoleScope.APP, requiredPermission = Permission.READ)
|
||||
public ResultDTO<PageResult<WorkflowInstanceInfoVO>> listWfInstance(@RequestBody QueryWorkflowInstanceRequest req) {
|
||||
public ResultDTO<PageResult<WorkflowInstanceInfoVO>> listWfInstance(@RequestBody QueryWorkflowInstanceRequest req, HttpServletRequest hsr) {
|
||||
Sort sort = Sort.by(Sort.Direction.DESC, "gmtModified");
|
||||
PageRequest pageable = PageRequest.of(req.getIndex(), req.getPageSize(), sort);
|
||||
|
||||
|
||||
Loading…
x
Reference in New Issue
Block a user