日志权限控制:仅管理员支持查询全部;普通用户仅支持查询有权限的 jobGroup

pull/10/head
xuxueli 6 years ago
parent 9329fb39e7
commit 211abb985b

@ -1,13 +1,10 @@
package com.xxl.job.admin.controller; package com.xxl.job.admin.controller;
import com.xxl.job.admin.core.exception.XxlJobException;
import com.xxl.job.admin.core.model.XxlJobInfo; import com.xxl.job.admin.core.model.XxlJobInfo;
import com.xxl.job.admin.core.model.XxlJobLogGlue; import com.xxl.job.admin.core.model.XxlJobLogGlue;
import com.xxl.job.admin.core.model.XxlJobUser;
import com.xxl.job.admin.core.util.I18nUtil; import com.xxl.job.admin.core.util.I18nUtil;
import com.xxl.job.admin.dao.XxlJobInfoDao; import com.xxl.job.admin.dao.XxlJobInfoDao;
import com.xxl.job.admin.dao.XxlJobLogGlueDao; import com.xxl.job.admin.dao.XxlJobLogGlueDao;
import com.xxl.job.admin.service.LoginService;
import com.xxl.job.core.biz.model.ReturnT; import com.xxl.job.core.biz.model.ReturnT;
import com.xxl.job.core.glue.GlueTypeEnum; import com.xxl.job.core.glue.GlueTypeEnum;
import org.springframework.stereotype.Controller; import org.springframework.stereotype.Controller;
@ -46,10 +43,7 @@ public class JobCodeController {
} }
// valid permission // valid permission
XxlJobUser loginUser = (XxlJobUser) request.getAttribute(LoginService.LOGIN_IDENTITY_KEY); JobInfoController.validPermission(request, jobInfo.getJobGroup());
if (!loginUser.validPermission(jobInfo.getJobGroup())) {
throw new XxlJobException(I18nUtil.getString("system_permission_limit"));
}
// Glue类型-字典 // Glue类型-字典
model.addAttribute("GlueTypeEnum", GlueTypeEnum.values()); model.addAttribute("GlueTypeEnum", GlueTypeEnum.values());

@ -83,6 +83,12 @@ public class JobInfoController {
} }
return jobGroupList; return jobGroupList;
} }
public static void validPermission(HttpServletRequest request, int jobGroup) {
XxlJobUser loginUser = (XxlJobUser) request.getAttribute(LoginService.LOGIN_IDENTITY_KEY);
if (!loginUser.validPermission(jobGroup)) {
throw new RuntimeException(I18nUtil.getString("system_permission_limit"));
}
}
@RequestMapping("/pageList") @RequestMapping("/pageList")
@ResponseBody @ResponseBody

@ -61,7 +61,14 @@ public class JobLogController {
// 任务 // 任务
if (jobId > 0) { if (jobId > 0) {
XxlJobInfo jobInfo = xxlJobInfoDao.loadById(jobId); XxlJobInfo jobInfo = xxlJobInfoDao.loadById(jobId);
if (jobInfo == null) {
throw new RuntimeException(I18nUtil.getString("jobinfo_field_id") + I18nUtil.getString("system_unvalid"));
}
model.addAttribute("jobInfo", jobInfo); model.addAttribute("jobInfo", jobInfo);
// valid permission
JobInfoController.validPermission(request, jobInfo.getJobGroup());
} }
return "joblog/joblog.index"; return "joblog/joblog.index";
@ -76,9 +83,13 @@ public class JobLogController {
@RequestMapping("/pageList") @RequestMapping("/pageList")
@ResponseBody @ResponseBody
public Map<String, Object> pageList(@RequestParam(required = false, defaultValue = "0") int start, public Map<String, Object> pageList(HttpServletRequest request,
@RequestParam(required = false, defaultValue = "10") int length, @RequestParam(required = false, defaultValue = "0") int start,
int jobGroup, int jobId, int logStatus, String filterTime) { @RequestParam(required = false, defaultValue = "10") int length,
int jobGroup, int jobId, int logStatus, String filterTime) {
// valid permission
JobInfoController.validPermission(request, jobGroup); // 仅管理员支持查询全部;普通用户仅支持查询有权限的 jobGroup
// parse param // parse param
Date triggerTimeStart = null; Date triggerTimeStart = null;

@ -216,6 +216,11 @@ $(function() {
} }
} }
}); });
logTable.on('xhr.dt',function(e, settings, json, xhr) {
if (json.code && json.code != 200) {
layer.msg( json.msg || I18n.system_api_error );
}
});
// logTips alert // logTips alert
$('#joblog_list').on('click', '.logTips', function(){ $('#joblog_list').on('click', '.logTips', function(){

@ -30,7 +30,9 @@
<div class="input-group"> <div class="input-group">
<span class="input-group-addon">${I18n.jobinfo_field_jobgroup}</span> <span class="input-group-addon">${I18n.jobinfo_field_jobgroup}</span>
<select class="form-control" id="jobGroup" paramVal="<#if jobInfo?exists>${jobInfo.jobGroup}</#if>" > <select class="form-control" id="jobGroup" paramVal="<#if jobInfo?exists>${jobInfo.jobGroup}</#if>" >
<option value="0" >${I18n.system_all}</option> <#if Request["XXL_JOB_LOGIN_IDENTITY"].role == 1>
<option value="0" >${I18n.system_all}</option> <#-- jobGroup -->
</#if>
<#list JobGroupList as group> <#list JobGroupList as group>
<option value="${group.id}" >${group.title}</option> <option value="${group.id}" >${group.title}</option>
</#list> </#list>

Loading…
Cancel
Save