日志权限控制:仅管理员支持查询全部;普通用户仅支持查询有权限的 jobGroup

pull/10/head
xuxueli 6 years ago
parent 9329fb39e7
commit 211abb985b

@ -1,13 +1,10 @@
package com.xxl.job.admin.controller;
import com.xxl.job.admin.core.exception.XxlJobException;
import com.xxl.job.admin.core.model.XxlJobInfo;
import com.xxl.job.admin.core.model.XxlJobLogGlue;
import com.xxl.job.admin.core.model.XxlJobUser;
import com.xxl.job.admin.core.util.I18nUtil;
import com.xxl.job.admin.dao.XxlJobInfoDao;
import com.xxl.job.admin.dao.XxlJobLogGlueDao;
import com.xxl.job.admin.service.LoginService;
import com.xxl.job.core.biz.model.ReturnT;
import com.xxl.job.core.glue.GlueTypeEnum;
import org.springframework.stereotype.Controller;
@ -46,10 +43,7 @@ public class JobCodeController {
}
// valid permission
XxlJobUser loginUser = (XxlJobUser) request.getAttribute(LoginService.LOGIN_IDENTITY_KEY);
if (!loginUser.validPermission(jobInfo.getJobGroup())) {
throw new XxlJobException(I18nUtil.getString("system_permission_limit"));
}
JobInfoController.validPermission(request, jobInfo.getJobGroup());
// Glue类型-字典
model.addAttribute("GlueTypeEnum", GlueTypeEnum.values());

@ -83,6 +83,12 @@ public class JobInfoController {
}
return jobGroupList;
}
public static void validPermission(HttpServletRequest request, int jobGroup) {
XxlJobUser loginUser = (XxlJobUser) request.getAttribute(LoginService.LOGIN_IDENTITY_KEY);
if (!loginUser.validPermission(jobGroup)) {
throw new RuntimeException(I18nUtil.getString("system_permission_limit"));
}
}
@RequestMapping("/pageList")
@ResponseBody

@ -61,7 +61,14 @@ public class JobLogController {
// 任务
if (jobId > 0) {
XxlJobInfo jobInfo = xxlJobInfoDao.loadById(jobId);
if (jobInfo == null) {
throw new RuntimeException(I18nUtil.getString("jobinfo_field_id") + I18nUtil.getString("system_unvalid"));
}
model.addAttribute("jobInfo", jobInfo);
// valid permission
JobInfoController.validPermission(request, jobInfo.getJobGroup());
}
return "joblog/joblog.index";
@ -76,9 +83,13 @@ public class JobLogController {
@RequestMapping("/pageList")
@ResponseBody
public Map<String, Object> pageList(@RequestParam(required = false, defaultValue = "0") int start,
@RequestParam(required = false, defaultValue = "10") int length,
int jobGroup, int jobId, int logStatus, String filterTime) {
public Map<String, Object> pageList(HttpServletRequest request,
@RequestParam(required = false, defaultValue = "0") int start,
@RequestParam(required = false, defaultValue = "10") int length,
int jobGroup, int jobId, int logStatus, String filterTime) {
// valid permission
JobInfoController.validPermission(request, jobGroup); // 仅管理员支持查询全部;普通用户仅支持查询有权限的 jobGroup
// parse param
Date triggerTimeStart = null;

@ -216,6 +216,11 @@ $(function() {
}
}
});
logTable.on('xhr.dt',function(e, settings, json, xhr) {
if (json.code && json.code != 200) {
layer.msg( json.msg || I18n.system_api_error );
}
});
// logTips alert
$('#joblog_list').on('click', '.logTips', function(){

@ -30,7 +30,9 @@
<div class="input-group">
<span class="input-group-addon">${I18n.jobinfo_field_jobgroup}</span>
<select class="form-control" id="jobGroup" paramVal="<#if jobInfo?exists>${jobInfo.jobGroup}</#if>" >
<option value="0" >${I18n.system_all}</option>
<#if Request["XXL_JOB_LOGIN_IDENTITY"].role == 1>
<option value="0" >${I18n.system_all}</option> <#-- jobGroup -->
</#if>
<#list JobGroupList as group>
<option value="${group.id}" >${group.title}</option>
</#list>

Loading…
Cancel
Save