diff --git a/xxl-job-admin/src/main/java/com/xxl/job/admin/controller/biz/JobInfoController.java b/xxl-job-admin/src/main/java/com/xxl/job/admin/controller/biz/JobInfoController.java index 7aab4472..94b7de34 100644 --- a/xxl-job-admin/src/main/java/com/xxl/job/admin/controller/biz/JobInfoController.java +++ b/xxl-job-admin/src/main/java/com/xxl/job/admin/controller/biz/JobInfoController.java @@ -75,14 +75,19 @@ public class JobInfoController { @RequestMapping("/pageList") @ResponseBody - public Map pageList(@RequestParam(value = "start", required = false, defaultValue = "0") int start, + public Map pageList(HttpServletRequest request, + @RequestParam(value = "start", required = false, defaultValue = "0") int start, @RequestParam(value = "length", required = false, defaultValue = "10") int length, @RequestParam("jobGroup") int jobGroup, @RequestParam("triggerStatus") int triggerStatus, @RequestParam("jobDesc") String jobDesc, @RequestParam("executorHandler") String executorHandler, @RequestParam("author") String author) { - + + // valid jobGroup permission + validJobGroupPermission(request, jobGroup); + + // page return xxlJobService.pageList(start, length, jobGroup, triggerStatus, jobDesc, executorHandler, author); } @@ -108,20 +113,23 @@ public class JobInfoController { @RequestMapping("/remove") @ResponseBody - public ReturnT remove(@RequestParam("id") int id) { - return xxlJobService.remove(id); + public ReturnT remove(HttpServletRequest request, @RequestParam("id") int id) { + Response loginInfoResponse = XxlSsoHelper.loginCheckWithAttr(request); + return xxlJobService.remove(id, loginInfoResponse.getData()); } @RequestMapping("/stop") @ResponseBody - public ReturnT pause(@RequestParam("id") int id) { - return xxlJobService.stop(id); + public ReturnT pause(HttpServletRequest request, @RequestParam("id") int id) { + Response loginInfoResponse = XxlSsoHelper.loginCheckWithAttr(request); + return xxlJobService.stop(id, loginInfoResponse.getData()); } @RequestMapping("/start") @ResponseBody - public ReturnT start(@RequestParam("id") int id) { - return xxlJobService.start(id); + public ReturnT start(HttpServletRequest request, @RequestParam("id") int id) { + Response loginInfoResponse = XxlSsoHelper.loginCheckWithAttr(request); + return xxlJobService.start(id, loginInfoResponse.getData()); } @RequestMapping("/trigger") @@ -130,11 +138,7 @@ public class JobInfoController { @RequestParam("id") int id, @RequestParam("executorParam") String executorParam, @RequestParam("addressList") String addressList) { - - // login user Response loginInfoResponse = XxlSsoHelper.loginCheckWithAttr(request); - - // trigger return xxlJobService.trigger(loginInfoResponse.getData(), id, executorParam, addressList); } @@ -186,7 +190,7 @@ public class JobInfoController { * valid jobGroup permission */ public static LoginInfo validJobGroupPermission(HttpServletRequest request, int jobGroup) { - Response loginInfoResponse = XxlSsoHelper.loginCheckWithAttr(request); + Response loginInfoResponse = XxlSsoHelper.loginCheckWithAttr(request); if (!(loginInfoResponse.isSuccess() && hasJobGroupPermission(loginInfoResponse.getData(), jobGroup))) { throw new RuntimeException(I18nUtil.getString("system_permission_limit") + "[username="+ loginInfoResponse.getData().getUserName() +"]"); } diff --git a/xxl-job-admin/src/main/java/com/xxl/job/admin/service/XxlJobService.java b/xxl-job-admin/src/main/java/com/xxl/job/admin/service/XxlJobService.java index 167df74e..356ee83f 100644 --- a/xxl-job-admin/src/main/java/com/xxl/job/admin/service/XxlJobService.java +++ b/xxl-job-admin/src/main/java/com/xxl/job/admin/service/XxlJobService.java @@ -51,7 +51,7 @@ public interface XxlJobService { * @param id * @return */ - public ReturnT remove(int id); + public ReturnT remove(int id, LoginInfo loginInfo); /** * start job @@ -59,7 +59,7 @@ public interface XxlJobService { * @param id * @return */ - public ReturnT start(int id); + public ReturnT start(int id, LoginInfo loginInfo); /** * stop job @@ -67,7 +67,7 @@ public interface XxlJobService { * @param id * @return */ - public ReturnT stop(int id); + public ReturnT stop(int id, LoginInfo loginInfo); /** * trigger diff --git a/xxl-job-admin/src/main/java/com/xxl/job/admin/service/impl/XxlJobServiceImpl.java b/xxl-job-admin/src/main/java/com/xxl/job/admin/service/impl/XxlJobServiceImpl.java index 12467db6..64fc871b 100644 --- a/xxl-job-admin/src/main/java/com/xxl/job/admin/service/impl/XxlJobServiceImpl.java +++ b/xxl-job-admin/src/main/java/com/xxl/job/admin/service/impl/XxlJobServiceImpl.java @@ -313,12 +313,18 @@ public class XxlJobServiceImpl implements XxlJobService { } @Override - public ReturnT remove(int id) { + public ReturnT remove(int id, LoginInfo loginInfo) { + // valid job XxlJobInfo xxlJobInfo = xxlJobInfoMapper.loadById(id); if (xxlJobInfo == null) { return ReturnT.ofSuccess(); } + // valid jobGroup permission + if (!JobInfoController.hasJobGroupPermission(loginInfo, xxlJobInfo.getJobGroup())) { + return ReturnT.ofFail(I18nUtil.getString("system_permission_limit")); + } + xxlJobInfoMapper.delete(id); xxlJobLogMapper.delete(id); xxlJobLogGlueMapper.deleteByJobId(id); @@ -326,13 +332,18 @@ public class XxlJobServiceImpl implements XxlJobService { } @Override - public ReturnT start(int id) { + public ReturnT start(int id, LoginInfo loginInfo) { // load and valid XxlJobInfo xxlJobInfo = xxlJobInfoMapper.loadById(id); if (xxlJobInfo == null) { return ReturnT.ofFail(I18nUtil.getString("jobinfo_glue_jobid_unvalid")); } + // valid jobGroup permission + if (!JobInfoController.hasJobGroupPermission(loginInfo, xxlJobInfo.getJobGroup())) { + return ReturnT.ofFail(I18nUtil.getString("system_permission_limit")); + } + // valid ScheduleTypeEnum scheduleTypeEnum = ScheduleTypeEnum.match(xxlJobInfo.getScheduleType(), ScheduleTypeEnum.NONE); if (ScheduleTypeEnum.NONE == scheduleTypeEnum) { @@ -362,13 +373,18 @@ public class XxlJobServiceImpl implements XxlJobService { } @Override - public ReturnT stop(int id) { + public ReturnT stop(int id, LoginInfo loginInfo) { // load and valid XxlJobInfo xxlJobInfo = xxlJobInfoMapper.loadById(id); if (xxlJobInfo == null) { return ReturnT.ofFail(I18nUtil.getString("jobinfo_glue_jobid_unvalid")); } + // valid jobGroup permission + if (!JobInfoController.hasJobGroupPermission(loginInfo, xxlJobInfo.getJobGroup())) { + return ReturnT.ofFail(I18nUtil.getString("system_permission_limit")); + } + // stop xxlJobInfo.setTriggerStatus(0); xxlJobInfo.setTriggerLastTime(0); @@ -383,15 +399,13 @@ public class XxlJobServiceImpl implements XxlJobService { @Override public ReturnT trigger(LoginInfo loginInfo, int jobId, String executorParam, String addressList) { - // permission - if (loginInfo == null) { - return ReturnT.ofFail(I18nUtil.getString("system_permission_limit")); - } + // valid job XxlJobInfo xxlJobInfo = xxlJobInfoMapper.loadById(jobId); if (xxlJobInfo == null) { return ReturnT.ofFail(I18nUtil.getString("jobinfo_glue_jobid_unvalid")); } + // valid jobGroup permission if (!JobInfoController.hasJobGroupPermission(loginInfo, xxlJobInfo.getJobGroup())) { return ReturnT.ofFail(I18nUtil.getString("system_permission_limit")); }