feat: checker (#868)

traas-stack · Jun 25, 2024 · 9bcbb07 · 9bcbb07
1 parent 15cac3d
commit 9bcbb07
Show file tree

Hide file tree

Showing 10 changed files with 41 additions and 8 deletions.
diff --git a/.../home-common/src/main/java/io/holoinsight/server/home/common/service/query/KeyResult.java b/.../home-common/src/main/java/io/holoinsight/server/home/common/service/query/KeyResult.java
@@ -16,4 +16,5 @@ public class KeyResult {
 
   private String metric;
   private List<String> tags;
+  private String unit;
 }
diff --git a/...src/main/java/io/holoinsight/server/home/web/controller/AlarmDingDingRobotFacadeImpl.java b/...src/main/java/io/holoinsight/server/home/web/controller/AlarmDingDingRobotFacadeImpl.java
@@ -67,6 +67,7 @@ public void doManage() {
         if (null != mu) {
           alarmDingDingRobotDTO.setCreator(mu.getLoginName());
         }
+        alarmDingDingRobotDTO.setModifier(null);
         if (null != ms && !StringUtils.isEmpty(ms.tenant)) {
           alarmDingDingRobotDTO.setTenant(ms.tenant);
         }

diff --git a/...home-web/src/main/java/io/holoinsight/server/home/web/controller/AlarmRuleFacadeImpl.java b/...home-web/src/main/java/io/holoinsight/server/home/web/controller/AlarmRuleFacadeImpl.java
@@ -107,7 +107,7 @@ public void doManage() {
         String tenant = tenant();
         String workspace = workspace();
         MonitorUser mu = RequestContext.getContext().mu;
-        if (null != mu && StringUtils.isBlank(alarmRuleDTO.getCreator())) {
+        if (null != mu) {
           alarmRuleDTO.setCreator(mu.getLoginName());
         }
         if (StringUtils.isNotEmpty(tenant)) {

diff --git a/...me/home-web/src/main/java/io/holoinsight/server/home/web/controller/FolderFacadeImpl.java b/...me/home-web/src/main/java/io/holoinsight/server/home/web/controller/FolderFacadeImpl.java
@@ -68,11 +68,13 @@ public class FolderFacadeImpl extends BaseFacade {
   @PostMapping("/update")
   @ResponseBody
   @MonitorScopeAuth(targetType = AuthTargetType.TENANT, needPower = PowerConstants.EDIT)
-  public JsonResult<Object> update(@RequestBody Folder folder) {
+  public JsonResult<Folder> update(@RequestBody Folder folder) {
     final JsonResult<Folder> result = new JsonResult<>();
     facadeTemplate.manage(result, new ManageCallback() {
       @Override
       public void checkParameter() {
+
+        log.info("update Folder req {}", J.toJson(folder));
         MonitorScope ms = RequestContext.getContext().ms;
         ParaCheckUtil.checkParaNotNull(folder.id, "id");
         ParaCheckUtil.checkParaNotNull(folder.parentFolderId, "parentFolderId");
@@ -112,6 +114,7 @@ public void doManage() {
         }
         update.setGmtModified(new Date());
         folderService.updateById(update);
+        result.setData(update);
 
         assert mu != null;
         userOpLogService.append("folder", folder.getId(), OpType.UPDATE, mu.getLoginName(),
@@ -120,7 +123,7 @@ public void doManage() {
       }
     });
 
-    return JsonResult.createSuccessResult(true);
+    return result;
   }
 
   @PostMapping("/create")
@@ -131,6 +134,7 @@ public JsonResult<Folder> create(@RequestBody Folder folder) {
     facadeTemplate.manage(result, new ManageCallback() {
       @Override
       public void checkParameter() {
+        log.info("create Folder req {}", J.toJson(folder));
         ParaCheckUtil.checkParaNotNull(folder.parentFolderId, "parentFolderId");
         ParaCheckUtil.checkParaNotBlank(folder.name, "name");
         ParaCheckUtil.checkParaId(folder.getId());

diff --git a/...ome/home-web/src/main/java/io/holoinsight/server/home/web/controller/QueryFacadeImpl.java b/...ome/home-web/src/main/java/io/holoinsight/server/home/web/controller/QueryFacadeImpl.java
@@ -283,6 +283,7 @@ public void doManage() {
           if (metricInfo != null) {
             List<String> tags = metricInfo.getTags();
             KeyResult keyResult = new KeyResult();
+            keyResult.setUnit(metricInfo.getUnit());
             keyResult.setMetric(metric);
             keyResult.setTags(tags);
             result.setData(keyResult);

diff --git a/...e-web/src/main/java/io/holoinsight/server/home/web/security/ParameterSecurityService.java b/...e-web/src/main/java/io/holoinsight/server/home/web/security/ParameterSecurityService.java
@@ -38,4 +38,6 @@ boolean checkFilterTenantAndWorkspace(String metricTable, Map<String, List<Objec
   boolean checkRelateId(String relateId, String relateType, String tenant, String workspace);
 
   boolean checkTenant(String target, String tenant);
+
+  boolean checkSourceId(Long sourceId, String sourceType, String tenant, String workspace);
 }
diff --git a/...b/src/main/java/io/holoinsight/server/home/web/security/ParameterSecurityServiceImpl.java b/...b/src/main/java/io/holoinsight/server/home/web/security/ParameterSecurityServiceImpl.java
@@ -75,4 +75,9 @@ public boolean checkRelateId(String relateId, String relateType, String tenant,
   public boolean checkTenant(String target, String tenant) {
     return StringUtils.equals(target, tenant);
   }
+
+  @Override
+  public boolean checkSourceId(Long sourceId, String sourceType, String tenant, String workspace) {
+    return true;
+  }
 }
diff --git a/...va/io/holoinsight/server/home/web/security/custom/AlarmRuleLevelAuthorizationChecker.java b/...va/io/holoinsight/server/home/web/security/custom/AlarmRuleLevelAuthorizationChecker.java
@@ -25,9 +25,12 @@
 import io.holoinsight.server.common.dao.mapper.AlarmRuleMapper;
 import io.holoinsight.server.common.dao.mapper.AlertTemplateMapper;
 import io.holoinsight.server.common.service.RequestContextAdapter;
+import io.holoinsight.server.home.dal.mapper.CustomPluginMapper;
+import io.holoinsight.server.home.dal.model.CustomPlugin;
 import io.holoinsight.server.home.web.common.ParaCheckUtil;
 import io.holoinsight.server.home.web.security.LevelAuthorizationCheckResult;
 import io.holoinsight.server.home.web.security.LevelAuthorizationMetaData;
+import io.holoinsight.server.home.web.security.ParameterSecurityService;
 import lombok.extern.slf4j.Slf4j;
 import org.aopalliance.intercept.MethodInvocation;
 import org.apache.commons.lang3.StringUtils;
@@ -66,6 +69,8 @@ public class AlarmRuleLevelAuthorizationChecker extends AbstractQueryChecker
   private AlertTemplateMapper alertTemplateMapper;
   @Autowired
   private AlarmHistoryFacadeImplChecker historyFacadeImplChecker;
+  @Autowired
+  private ParameterSecurityService parameterSecurityService;
   private static final Pattern timePattern =
       Pattern.compile("^(?:[01]\\d|2[0-3]):(?:[0-5]\\d):(?:[0-5]\\d)$");
 
@@ -81,7 +86,7 @@ public class AlarmRuleLevelAuthorizationChecker extends AbstractQueryChecker
       new HashSet<>(Arrays.asList("custom", "cloudbase", "log", "hosting_system", "hosting_port",
           "hosting_tbase", "hosting_spanner", "hosting_ob", "hosting_apm_ai", "hosting_spanner_ai",
           "hosting_ob_ai", "hosting_tbase_ai", "hosting_system_ai", "hosting_disk", "iot",
-          "miniapp", "antiTemplate", "template", "hosting"));
+          "miniapp", "antiTemplate", "template", "hosting", "template_default", "template_update"));
 
   private static final Set<String> silenceModes =
       new HashSet<>(Arrays.asList("default", "gradual", "fixed"));
@@ -347,9 +352,21 @@ private LevelAuthorizationCheckResult checkAlarmRuleDTO(String methodName,
       return failCheckResult("invalid alertTemplateUuid %s", alarmRuleDTO.getAlertTemplateUuid());
     }
 
+    if (alarmRuleDTO.getSourceId() != null && !checkSourceId(alarmRuleDTO.getSourceId(),
+        alarmRuleDTO.getSourceType(), tenant, workspace)) {
+      return failCheckResult("invalid source id %s", String.valueOf(alarmRuleDTO.getSourceId()));
+    }
+
     return successCheckResult();
   }
 
+  private boolean checkSourceId(Long sourceId, String sourceType, String tenant, String workspace) {
+    if (StringUtils.isEmpty(sourceType)) {
+      return false;
+    }
+    return this.parameterSecurityService.checkSourceId(sourceId, sourceType, tenant, workspace);
+  }
+
   private LevelAuthorizationCheckResult checkRule(Map<String, Object> ruleMap, String tenant,
       String workspace) {
     AlarmRuleConf alarmRuleConf = J.fromJson(J.toJson(ruleMap), AlarmRuleConf.class);

diff --git a/test/server-e2e-test/src/main/java/io/holoinsight/server/test/it/FolderFacadeIT.java b/test/server-e2e-test/src/main/java/io/holoinsight/server/test/it/FolderFacadeIT.java
@@ -26,7 +26,8 @@ public class FolderFacadeIT extends BaseIT {
   Supplier<Response> queryById = () -> given() //
       .pathParam("id", id) //
       .when() //
-      .get("/webapi/folder/query/{id}"); //
+      .get("/webapi/folder/query/{id}") //
+      .prettyPeek(); //
 
   Supplier<Response> queryByParentFolderId = () -> given() //
       .pathParam("parentFolderId", parentFolderId) //
@@ -80,7 +81,7 @@ public void test_folder_create() {
   public void test_folder_update() {
     name = name + "_v02";
     Folder item = new Folder();
-    parentFolderId = Long.valueOf(2);
+    parentFolderId = (long) -1;
     item.setId(id);
     item.setName(name);
     item.setTenant(tenant);
@@ -90,9 +91,9 @@ public void test_folder_update() {
         .body(new JSONObject(J.toMap(J.toJson(item)))) //
         .when() //
         .post("/webapi/folder/update") //
+        .prettyPeek() //
         .then() //
-        .body("success", IS_TRUE) //
-        .body("data", IS_TRUE); //
+        .body("success", IS_TRUE); //
     Response response = queryById.get();
     System.out.println(response.body().print());
     response //

diff --git a/test/server-e2e-test/src/main/java/io/holoinsight/server/test/it/LogMonitoringFolderIT.java b/test/server-e2e-test/src/main/java/io/holoinsight/server/test/it/LogMonitoringFolderIT.java
@@ -118,6 +118,7 @@ public void test_folder_rename() {
             .put("tenant", tenant)) //
         .when() //
         .post("/webapi/folder/update") //
+        .prettyPeek() //
         .then() //
         .body("success", IS_TRUE); //