diff --git a/doc/XXL-JOB官方文档.md b/doc/XXL-JOB官方文档.md index 3792f1c0..e9826983 100644 --- a/doc/XXL-JOB官方文档.md +++ b/doc/XXL-JOB官方文档.md @@ -1483,7 +1483,7 @@ Tips: 历史版本(V1.3.x)目前已经Release至稳定版本, 进入维护阶段 - 触发:单节点周期性触发,运行事件如delayqueue; - 调度:集群竞争,负载方式协同处理,竞争-加入时间轮-释放-竞争; - 2、用户管理:支持在线管理系统用户,存在管理员、普通用户两种角色; -- 3、权限管理:执行器维度进行权限控制,管理员拥有全量权限,普通用户需要分配执行器权限后才允许相关操作;([规划中]任务、日志,执行器,均限制权限;) +- 3、权限管理:执行器维度进行权限控制,管理员拥有全量权限,普通用户需要分配执行器权限后才允许相关操作; - 4、调度日志优化:支持设置日志保留天数,过期日志天维度记录报表,并清理;调度报表汇总实时数据和报表; - 5、调度线程池参数调优; - 6、升级xxl-rpc至较新版本,并清理冗余POM; diff --git a/xxl-job-admin/src/main/java/com/xxl/job/admin/controller/JobCodeController.java b/xxl-job-admin/src/main/java/com/xxl/job/admin/controller/JobCodeController.java index 2cb59de7..808bc4d7 100644 --- a/xxl-job-admin/src/main/java/com/xxl/job/admin/controller/JobCodeController.java +++ b/xxl-job-admin/src/main/java/com/xxl/job/admin/controller/JobCodeController.java @@ -1,10 +1,13 @@ package com.xxl.job.admin.controller; +import com.xxl.job.admin.core.exception.XxlJobException; import com.xxl.job.admin.core.model.XxlJobInfo; import com.xxl.job.admin.core.model.XxlJobLogGlue; +import com.xxl.job.admin.core.model.XxlJobUser; import com.xxl.job.admin.core.util.I18nUtil; import com.xxl.job.admin.dao.XxlJobInfoDao; import com.xxl.job.admin.dao.XxlJobLogGlueDao; +import com.xxl.job.admin.service.LoginService; import com.xxl.job.core.biz.model.ReturnT; import com.xxl.job.core.glue.GlueTypeEnum; import org.springframework.stereotype.Controller; @@ -13,6 +16,7 @@ import org.springframework.web.bind.annotation.RequestMapping; import org.springframework.web.bind.annotation.ResponseBody; import javax.annotation.Resource; +import javax.servlet.http.HttpServletRequest; import java.util.Date; import java.util.List; @@ -30,7 +34,7 @@ public class JobCodeController { private XxlJobLogGlueDao xxlJobLogGlueDao; @RequestMapping - public String index(Model model, int jobId) { + public String index(HttpServletRequest request, Model model, int jobId) { XxlJobInfo jobInfo = xxlJobInfoDao.loadById(jobId); List jobLogGlues = xxlJobLogGlueDao.findByJobId(jobId); @@ -41,6 +45,12 @@ public class JobCodeController { throw new RuntimeException(I18nUtil.getString("jobinfo_glue_gluetype_unvalid")); } + // valid permission + XxlJobUser loginUser = (XxlJobUser) request.getAttribute(LoginService.LOGIN_IDENTITY_KEY); + if (!loginUser.validPermission(jobInfo.getJobGroup())) { + throw new XxlJobException(I18nUtil.getString("system_permission_limit")); + } + // Glue类型-字典 model.addAttribute("GlueTypeEnum", GlueTypeEnum.values()); diff --git a/xxl-job-admin/src/main/java/com/xxl/job/admin/controller/JobInfoController.java b/xxl-job-admin/src/main/java/com/xxl/job/admin/controller/JobInfoController.java index 59e59d0d..fded5d33 100644 --- a/xxl-job-admin/src/main/java/com/xxl/job/admin/controller/JobInfoController.java +++ b/xxl-job-admin/src/main/java/com/xxl/job/admin/controller/JobInfoController.java @@ -16,7 +16,6 @@ import com.xxl.job.core.enums.ExecutorBlockStrategyEnum; import com.xxl.job.core.glue.GlueTypeEnum; import org.springframework.stereotype.Controller; import org.springframework.ui.Model; -import org.springframework.util.StringUtils; import org.springframework.web.bind.annotation.RequestMapping; import org.springframework.web.bind.annotation.RequestParam; import org.springframework.web.bind.annotation.ResponseBody; @@ -53,6 +52,18 @@ public class JobInfoController { List jobGroupList_all = xxlJobGroupDao.findAll(); // filter group + List jobGroupList = filterJobGroupByRole(request, jobGroupList_all); + if (jobGroupList==null || jobGroupList.size()==0) { + throw new XxlJobException(I18nUtil.getString("jobgroup_empty")); + } + + model.addAttribute("JobGroupList", jobGroupList); + model.addAttribute("jobGroup", jobGroup); + + return "jobinfo/jobinfo.index"; + } + + public static List filterJobGroupByRole(HttpServletRequest request, List jobGroupList_all){ List jobGroupList = new ArrayList<>(); if (jobGroupList_all!=null && jobGroupList_all.size()>0) { XxlJobUser loginUser = (XxlJobUser) request.getAttribute(LoginService.LOGIN_IDENTITY_KEY); @@ -70,14 +81,7 @@ public class JobInfoController { } } } - if (jobGroupList==null || jobGroupList.size()==0) { - throw new XxlJobException(I18nUtil.getString("jobgroup_empty")); - } - - model.addAttribute("JobGroupList", jobGroupList); - model.addAttribute("jobGroup", jobGroup); - - return "jobinfo/jobinfo.index"; + return jobGroupList; } @RequestMapping("/pageList") diff --git a/xxl-job-admin/src/main/java/com/xxl/job/admin/controller/JobLogController.java b/xxl-job-admin/src/main/java/com/xxl/job/admin/controller/JobLogController.java index 5fc53b6e..fec31074 100644 --- a/xxl-job-admin/src/main/java/com/xxl/job/admin/controller/JobLogController.java +++ b/xxl-job-admin/src/main/java/com/xxl/job/admin/controller/JobLogController.java @@ -4,13 +4,11 @@ import com.xxl.job.admin.core.exception.XxlJobException; import com.xxl.job.admin.core.model.XxlJobGroup; import com.xxl.job.admin.core.model.XxlJobInfo; import com.xxl.job.admin.core.model.XxlJobLog; -import com.xxl.job.admin.core.model.XxlJobUser; import com.xxl.job.admin.core.schedule.XxlJobDynamicScheduler; import com.xxl.job.admin.core.util.I18nUtil; import com.xxl.job.admin.dao.XxlJobGroupDao; import com.xxl.job.admin.dao.XxlJobInfoDao; import com.xxl.job.admin.dao.XxlJobLogDao; -import com.xxl.job.admin.service.LoginService; import com.xxl.job.core.biz.ExecutorBiz; import com.xxl.job.core.biz.model.LogResult; import com.xxl.job.core.biz.model.ReturnT; @@ -25,8 +23,10 @@ import org.springframework.web.bind.annotation.ResponseBody; import javax.annotation.Resource; import javax.servlet.http.HttpServletRequest; -import java.text.ParseException; -import java.util.*; +import java.util.Date; +import java.util.HashMap; +import java.util.List; +import java.util.Map; /** * index controller @@ -51,23 +51,7 @@ public class JobLogController { List jobGroupList_all = xxlJobGroupDao.findAll(); // filter group - List jobGroupList = new ArrayList<>(); - if (jobGroupList_all!=null && jobGroupList_all.size()>0) { - XxlJobUser loginUser = (XxlJobUser) request.getAttribute(LoginService.LOGIN_IDENTITY_KEY); - if (loginUser.getRole() == 1) { - jobGroupList = jobGroupList_all; - } else { - List groupIdStrs = new ArrayList<>(); - if (loginUser.getPermission()!=null && loginUser.getPermission().trim().length()>0) { - groupIdStrs = Arrays.asList(loginUser.getPermission().trim().split(",")); - } - for (XxlJobGroup groupItem:jobGroupList_all) { - if (groupIdStrs.contains(String.valueOf(groupItem.getId()))) { - jobGroupList.add(groupItem); - } - } - } - } + List jobGroupList = JobInfoController.filterJobGroupByRole(request, jobGroupList_all); if (jobGroupList==null || jobGroupList.size()==0) { throw new XxlJobException(I18nUtil.getString("jobgroup_empty")); } diff --git a/xxl-job-admin/src/main/java/com/xxl/job/admin/core/model/XxlJobUser.java b/xxl-job-admin/src/main/java/com/xxl/job/admin/core/model/XxlJobUser.java index 7de4f6f6..db17327a 100644 --- a/xxl-job-admin/src/main/java/com/xxl/job/admin/core/model/XxlJobUser.java +++ b/xxl-job-admin/src/main/java/com/xxl/job/admin/core/model/XxlJobUser.java @@ -1,5 +1,7 @@ package com.xxl.job.admin.core.model; +import org.springframework.util.StringUtils; + /** * @author xuxueli 2019-05-04 16:43:12 */ @@ -51,4 +53,21 @@ public class XxlJobUser { this.permission = permission; } + // plugin + public boolean validPermission(int jobGroup){ + if (this.role == 1) { + return true; + } else { + if (StringUtils.hasText(this.permission)) { + for (String permissionItem : this.permission.split(",")) { + if (String.valueOf(jobGroup).equals(permissionItem)) { + return true; + } + } + } + return false; + } + + } + }