diff options
8 files changed, 43 insertions, 24 deletions
diff --git a/cn-admin/pom.xml b/cn-admin/pom.xml index c3aa4c9..8a3210c 100644 --- a/cn-admin/pom.xml +++ b/cn-admin/pom.xml @@ -488,7 +488,7 @@ <buildArgs> <!--向Dockerfile中传入参数,k-v格式--> <!-- <JDK_IMAGE>${docker.registry}:${docker.registry.port}/common/jdk:1.8.0_73</JDK_IMAGE>--> - <JDK_IMAGE>${docker.registry}:${docker.registry.port}/common/amazon-corretto:11.0.21.9.1</JDK_IMAGE> + <JDK_IMAGE>${docker.registry}:${docker.registry.port}/common/jdk-node-cn:11.0.21</JDK_IMAGE> <JAR_FILE>${project.build.finalName}.xjar</JAR_FILE> </buildArgs> <resources> diff --git a/cn-admin/src/main/java/net/geedge/modules/knowledge/controller/KnowledgeBaseController.java b/cn-admin/src/main/java/net/geedge/modules/knowledge/controller/KnowledgeBaseController.java index 5b5f276..299e284 100644 --- a/cn-admin/src/main/java/net/geedge/modules/knowledge/controller/KnowledgeBaseController.java +++ b/cn-admin/src/main/java/net/geedge/modules/knowledge/controller/KnowledgeBaseController.java @@ -5,6 +5,8 @@ import java.util.List; import java.util.Map; import net.geedge.common.annotation.SysLog; import net.geedge.common.utils.*; + +import org.apache.shiro.authz.annotation.RequiresPermissions; import org.springframework.beans.factory.annotation.Autowired; import org.springframework.data.repository.query.Param; import org.springframework.transaction.annotation.Transactional; @@ -31,6 +33,7 @@ public class KnowledgeBaseController { @DeleteMapping @SysLog(operation = OperationEnum.DELETE, type = TypeEnum.KNOWLEDGEBASE) + @RequiresPermissions({"knowledge:base:delete"}) public R remove(@RequestParam("knowledgeIds") String knowledgeIds) { ValidateUtils.is(knowledgeIds).notNull(RCode.KNOWLEDGE_IDS_ISNULL); List<Integer> result = knowledgeBaseService.remove(knowledgeIds); @@ -38,6 +41,7 @@ public class KnowledgeBaseController { } @PostMapping("/parser") + @RequiresPermissions({"knowledge:base:add"}) public R importKnowledgeBase(@Param("file") MultipartFile file,@Param("source")String source) { ValidateUtils.is(file).notNull(RCode.KNOWLEDGE_FILE_ISNULL); ValidateUtils.is(source).notNull(RCode.KNOWLEDGE_SOURCE_ISNULL); @@ -69,6 +73,7 @@ public class KnowledgeBaseController { @PostMapping @SysLog(operation = OperationEnum.ADD, type = TypeEnum.KNOWLEDGEBASE) + @RequiresPermissions({"knowledge:base:add"}) public R addKnowledgeBase(@RequestBody Map<String,Object> params) { Integer id = knowledgeBaseService.addOrModifyKnowledgeBase(params); return R.ok().put("knowledgeId", id); @@ -76,6 +81,7 @@ public class KnowledgeBaseController { @PutMapping @SysLog(operation = OperationEnum.UPDATE, type = TypeEnum.KNOWLEDGEBASE) + @RequiresPermissions({"knowledge:base:update"}) public R modifyKnowledgeBase(@RequestBody Map<String,Object> params) { Integer knowledgeId = (Integer) params.get("knowledgeId"); ValidateUtils.is(knowledgeId).notNull(RCode.KNOWLEDGE_ID_ISNULL); @@ -84,6 +90,7 @@ public class KnowledgeBaseController { } @PostMapping("/items/batch") + @RequiresPermissions({"knowledge:base:add"}) public R importBatch(@Param("file") MultipartFile file,@Param("knowledgeId")Integer knowledgeId,@Param("action")String action ,@Param("status")Integer status,@Param("color")String color,@Param("description")String description) { ValidateUtils.is(file).notNull(RCode.KNOWLEDGE_FILE_ISNULL); diff --git a/cn-admin/src/main/java/net/geedge/modules/report/controller/ReportJobController.java b/cn-admin/src/main/java/net/geedge/modules/report/controller/ReportJobController.java index fffeaa2..14a64ad 100644 --- a/cn-admin/src/main/java/net/geedge/modules/report/controller/ReportJobController.java +++ b/cn-admin/src/main/java/net/geedge/modules/report/controller/ReportJobController.java @@ -85,12 +85,14 @@ public class ReportJobController extends AbstractController{ } @PutMapping("/restart") + @RequiresPermissions({"report:job:update"}) public R restartJob(@RequestBody Map<String,Object> param) { reportJobService.restartJob(param); return R.ok(); } @PutMapping("/reupload") + @RequiresPermissions({"report:job:update"}) public R reuploadJob(@RequestParam String ids) { ValidateUtils.is(ids).notNull(RCode.REPORT_JOB_ID_ISNULL); reportJobService.reuploadJob(ids); diff --git a/cn-admin/src/main/java/net/geedge/modules/rule/controller/DetectionRuleController.java b/cn-admin/src/main/java/net/geedge/modules/rule/controller/DetectionRuleController.java index 88c8328..dad2a47 100644 --- a/cn-admin/src/main/java/net/geedge/modules/rule/controller/DetectionRuleController.java +++ b/cn-admin/src/main/java/net/geedge/modules/rule/controller/DetectionRuleController.java @@ -3,6 +3,8 @@ package net.geedge.modules.rule.controller; import java.util.Arrays; import java.util.List; import java.util.Map; + +import org.apache.shiro.authz.annotation.RequiresPermissions; import org.springframework.beans.factory.annotation.Autowired; import org.springframework.web.bind.annotation.DeleteMapping; import org.springframework.web.bind.annotation.GetMapping; @@ -44,6 +46,7 @@ public class DetectionRuleController { @DeleteMapping @SysLog(operation = OperationEnum.DELETE,type = TypeEnum.DETECTIONRULE) + @RequiresPermissions({"detection:rule:delete"}) public R removeRule(@RequestParam Integer... ruleIds) { ValidateUtils.is(ruleIds).notNull(RCode.RULE_ID_ISNULL); List<Integer> removeRuleIds = detectionRuleService.removeRules(Arrays.asList(ruleIds)); @@ -52,6 +55,7 @@ public class DetectionRuleController { @PostMapping @SysLog(operation = OperationEnum.ADD,type = TypeEnum.DETECTIONRULE) + @RequiresPermissions({"detection:rule:add"}) public R saveDetectionRule(@RequestBody DetectionRule detectionRule) { DetectionRule rule = detectionRuleService.saveDetectionRule(detectionRule); return R.ok(rule.getRuleId()); @@ -59,6 +63,7 @@ public class DetectionRuleController { @PutMapping @SysLog(operation = OperationEnum.UPDATE,type = TypeEnum.DETECTIONRULE) + @RequiresPermissions({"detection:rule:update"}) public R modifyDetectionRule(@RequestBody DetectionRule detectionRule) { ValidateUtils.is(detectionRule.getRuleId()).notNull(RCode.RULE_ID_ISNULL); DetectionRule rule = detectionRuleService.modifyDetectionRule(detectionRule); diff --git a/cn-admin/src/main/java/net/geedge/modules/sys/controller/SysConfigController.java b/cn-admin/src/main/java/net/geedge/modules/sys/controller/SysConfigController.java index 7daf022..2f0d7c2 100644 --- a/cn-admin/src/main/java/net/geedge/modules/sys/controller/SysConfigController.java +++ b/cn-admin/src/main/java/net/geedge/modules/sys/controller/SysConfigController.java @@ -67,6 +67,7 @@ public class SysConfigController extends AbstractController { */ @SysLog @PostMapping("/config") + @RequiresPermissions("sys:config:add") public R save(@RequestBody SysConfigEntity config) { ValidatorUtils.validateEntity(config); sysConfigService.saveConfig(config); @@ -78,6 +79,7 @@ public class SysConfigController extends AbstractController { */ @SysLog @PutMapping("/config") + @RequiresPermissions("sys:config:update") public R update(@RequestBody SysConfigEntity config) { ValidatorUtils.validateEntity(config); sysConfigService.update(config); @@ -89,6 +91,7 @@ public class SysConfigController extends AbstractController { */ @SysLog @DeleteMapping("/config") + @RequiresPermissions("sys:config:delete") public R delete(@RequestBody Long[] ids) { sysConfigService.deleteBatch(ids); return R.ok(); @@ -109,6 +112,7 @@ public class SysConfigController extends AbstractController { */ @PutMapping("/appearance") @SysLog(operation = OperationEnum.UPDATE, type = TypeEnum.SYSTEM) + @RequiresPermissions("sys:config:update") public R updateAppearance(@RequestBody Map<String, String> params) { sysConfigService.saveBasic(params); return R.ok(); @@ -130,6 +134,7 @@ public class SysConfigController extends AbstractController { */ @PutMapping("/batchModify") @SysLog(operation = OperationEnum.UPDATE, type = TypeEnum.SYSTEM) + @RequiresPermissions("sys:config:update") public R updateSecurity(@RequestBody Map<String,String> params) { sysConfigService.updateByKey(params); return R.ok(); diff --git a/cn-admin/src/main/java/net/geedge/modules/sys/controller/SysRoleController.java b/cn-admin/src/main/java/net/geedge/modules/sys/controller/SysRoleController.java index 77eaa4e..513a70d 100644 --- a/cn-admin/src/main/java/net/geedge/modules/sys/controller/SysRoleController.java +++ b/cn-admin/src/main/java/net/geedge/modules/sys/controller/SysRoleController.java @@ -66,7 +66,7 @@ public class SysRoleController extends AbstractController { */ @PostMapping @SysLog(operation = OperationEnum.ADD,type = TypeEnum.SYSTEM) - /*@RequiresPermissions("sys:role:save")*/ + @RequiresPermissions("sys:role:add") public R save(@RequestBody SysRoleEntity role){ sysRoleService.saveRole(role); return R.ok().put("id", role.getId()); @@ -79,7 +79,7 @@ public class SysRoleController extends AbstractController { */ @PutMapping @SysLog(operation = OperationEnum.UPDATE,type = TypeEnum.SYSTEM) - /*@RequiresPermissions("sys:role:update")*/ + @RequiresPermissions("sys:role:update") public R update(@RequestBody SysRoleEntity role){ ValidateUtils.is(role.getId()).notNull(RCode.SYS_ROLE_ID_ISNULL); sysRoleService.update(role); @@ -93,7 +93,7 @@ public class SysRoleController extends AbstractController { */ @DeleteMapping @SysLog(operation = OperationEnum.DELETE,type = TypeEnum.SYSTEM) - /*@RequiresPermissions("sys:role:delete")*/ + @RequiresPermissions("sys:role:delete") public R delete(@RequestParam Integer[] ids, @RequestParam Map<String, Object> params) { ValidateUtils.is(ids).notNull(RCode.SYS_ROLE_ID_ISNULL); diff --git a/cn-admin/src/main/java/net/geedge/modules/sys/controller/SysUserController.java b/cn-admin/src/main/java/net/geedge/modules/sys/controller/SysUserController.java index f3c684e..a916b87 100644 --- a/cn-admin/src/main/java/net/geedge/modules/sys/controller/SysUserController.java +++ b/cn-admin/src/main/java/net/geedge/modules/sys/controller/SysUserController.java @@ -81,7 +81,7 @@ public class SysUserController extends AbstractController { */ @PostMapping @SysLog(operation = OperationEnum.ADD,type = TypeEnum.ACCOUNT) - /* @RequiresPermissions("sys:user:save")*/ + @RequiresPermissions("sys:user:add") public R save(@RequestBody SysUserEntity user){ Integer id = sysUserService.saveUser(user); return R.ok().putData("id", id); @@ -92,7 +92,7 @@ public class SysUserController extends AbstractController { */ @PutMapping @SysLog(operation = OperationEnum.UPDATE,type = TypeEnum.ACCOUNT) - /*@RequiresPermissions("sys:user:update")*/ + @RequiresPermissions("sys:user:update") public R update(@RequestBody SysUserEntity user){ ValidateUtils.is(user).notNull(RCode.SYS_USER_ID_ISNULL) .and(user.getId()).notNull(RCode.SYS_USER_ID_ISNULL); @@ -105,7 +105,7 @@ public class SysUserController extends AbstractController { */ @DeleteMapping @SysLog(operation = OperationEnum.DELETE,type = TypeEnum.ACCOUNT) - /*@RequiresPermissions("sys:user:delete")*/ + @RequiresPermissions("sys:user:delete") public R delete(String ids) { sysUserService.deleteUsers(ids); return R.ok(); diff --git a/cn-admin/src/main/resources/db/R__AZ_sys_menu.sql b/cn-admin/src/main/resources/db/R__AZ_sys_menu.sql index 5c0d174..ed4535d 100644 --- a/cn-admin/src/main/resources/db/R__AZ_sys_menu.sql +++ b/cn-admin/src/main/resources/db/R__AZ_sys_menu.sql @@ -35,31 +35,31 @@ INSERT INTO `sys_menu` VALUES (8, 'Detections', 'detections', 'overall.detection INSERT INTO `sys_menu` VALUES (9, 'Security events', 'securityEvents', 'entities.securityEvents', 8, NULL, 1, '/detection/securityEvent', '', NULL, 1, 1); INSERT INTO `sys_menu` VALUES (10, 'Performance events', 'performanceEvents', 'overall.performanceEvents', 8, NULL, 1, '/detection/performanceEvent', '', NULL, 21, 1); INSERT INTO `sys_menu` VALUES (11, 'Detection policy', 'detectionPolicy', 'overall.policies', 8, NULL, 1, '/detection/policy', '', NULL, 21, 1); -INSERT INTO `sys_menu` VALUES (12, 'Create detection policy', 'createDetectionPolicy', 'overall.create', 11, NULL, 1, '/detection/policy/create', '', NULL, 1, 1); -INSERT INTO `sys_menu` VALUES (13, 'Edit detection policy', 'editDetectionPolicy', 'overall.edit', 11, NULL, 1, '/detection/policy/edit', '', NULL, 11, 1); -INSERT INTO `sys_menu` VALUES (14, 'Delete detection policy', 'deleteDetectionPolicy', 'overall.delete', 11, NULL, 2, '', '', NULL, 21, 1); +INSERT INTO `sys_menu` VALUES (12, 'Create detection policy', 'createDetectionPolicy', 'overall.create', 11, 'detection:rule:add', 1, '/detection/policy/create', '', NULL, 1, 1); +INSERT INTO `sys_menu` VALUES (13, 'Edit detection policy', 'editDetectionPolicy', 'overall.edit', 11, 'detection:rule:update', 1, '/detection/policy/edit', '', NULL, 11, 1); +INSERT INTO `sys_menu` VALUES (14, 'Delete detection policy', 'deleteDetectionPolicy', 'overall.delete', 11, 'detection:rule:delete', 2, '', '', NULL, 21, 1); INSERT INTO `sys_menu` VALUES (15, 'Report', 'report', 'overall.report', 0, NULL, 1, '/report', 'cn-icon cn-icon-report1', NULL, 31, 1); -INSERT INTO `sys_menu` VALUES (16, 'Create report', 'createReport', 'overall.create', 15, NULL, 2, '', '', NULL, 1, 1); -INSERT INTO `sys_menu` VALUES (17, 'Edit report', 'editReport', 'overall.edit', 15, NULL, 2, '', '', NULL, 11, 1); -INSERT INTO `sys_menu` VALUES (18, 'Delete report', 'deleteReport', 'overall.delete', 15, NULL, 2, '', '', NULL, 21, 1); +INSERT INTO `sys_menu` VALUES (16, 'Create report', 'createReport', 'overall.create', 15, 'report:job:add,report:temp:add', 2, '', '', NULL, 1, 1); +INSERT INTO `sys_menu` VALUES (17, 'Edit report', 'editReport', 'overall.edit', 15, 'report:job:update,report:temp:update', 2, '', '', NULL, 11, 1); +INSERT INTO `sys_menu` VALUES (18, 'Delete report', 'deleteReport', 'overall.delete', 15, 'report:job:delete,report:temp:delete', 2, '', '', NULL, 21, 1); INSERT INTO `sys_menu` VALUES (19, 'Knowledge base', 'knowledgeBase', 'overall.knowledgeBase', 0, NULL, 1, '/knowledgeBase', 'cn-icon cn-icon-knowledge-base', NULL, 41, 1); -INSERT INTO `sys_menu` VALUES (20, 'Edit built-in knowledge base', 'editBuiltInKnowledgeBase', 'overall.edit', 19, NULL, 2, '', '', NULL, 1, 1); +INSERT INTO `sys_menu` VALUES (20, 'Edit built-in knowledge base', 'editBuiltInKnowledgeBase', 'overall.edit', 19, 'knowledge:base:add', 2, '', '', NULL, 1, 1); INSERT INTO `sys_menu` VALUES (21, 'User-defined library', 'userDefinedLibrary', 'knowledgeBase.userDefinedLibrary', 19, NULL, 1, '/knowledgeBase/userDefined', '', NULL, 11, 1); -INSERT INTO `sys_menu` VALUES (22, 'Create user-defined library', 'createUserDefinedLibrary', 'overall.create', 21, NULL, 1, '/knowledgeBase/userDefined/create', '', NULL, 1, 1); -INSERT INTO `sys_menu` VALUES (23, 'Edit user-defined library', 'editUserDefinedLibrary', 'overall.edit', 21, NULL, 1, '/knowledgeBase/userDefined/edit', '', NULL, 11, 1); -INSERT INTO `sys_menu` VALUES (24, 'Delete user-defined library', 'deleteUserDefinedLibrary', 'overall.delete', 21, NULL, 2, '', '', NULL, 21, 1); +INSERT INTO `sys_menu` VALUES (22, 'Create user-defined library', 'createUserDefinedLibrary', 'overall.create', 21, 'knowledge:base:add', 1, '/knowledgeBase/userDefined/create', '', NULL, 1, 1); +INSERT INTO `sys_menu` VALUES (23, 'Edit user-defined library', 'editUserDefinedLibrary', 'overall.edit', 21, 'knowledge:base:update', 1, '/knowledgeBase/userDefined/edit', '', NULL, 11, 1); +INSERT INTO `sys_menu` VALUES (24, 'Delete user-defined library', 'deleteUserDefinedLibrary', 'overall.delete', 21, 'knowledge:base:delete', 2, '', '', NULL, 21, 1); INSERT INTO `sys_menu` VALUES (25, 'Administration', 'administration', 'overall.administration', 0, NULL, 1, 'redirect:/administration', 'cn-icon cn-icon-administrations', NULL, 51, 1); INSERT INTO `sys_menu` VALUES (26, 'User', 'user', 'overall.user', 25, NULL, 1, '/administration/user', 'cn-icon cn-icon-user2', NULL, 1, 1); -INSERT INTO `sys_menu` VALUES (27, 'Create user', 'createUser', 'overall.create', 26, NULL, 2, '', '', NULL, 1, 1); -INSERT INTO `sys_menu` VALUES (28, 'Edit user', 'editUser', 'overall.edit', 26, NULL, 2, '', '', NULL, 11, 1); -INSERT INTO `sys_menu` VALUES (29, 'Delete user', 'deleteUser', 'overall.delete', 26, NULL, 2, '', '', NULL, 21, 1); +INSERT INTO `sys_menu` VALUES (27, 'Create user', 'createUser', 'overall.create', 26, 'sys:user:add', 2, '', '', NULL, 1, 1); +INSERT INTO `sys_menu` VALUES (28, 'Edit user', 'editUser', 'overall.edit', 26, 'sys:user:update', 2, '', '', NULL, 11, 1); +INSERT INTO `sys_menu` VALUES (29, 'Delete user', 'deleteUser', 'overall.delete', 26, 'sys:user:delete', 2, '', '', NULL, 21, 1); INSERT INTO `sys_menu` VALUES (30, 'Role', 'role', 'overall.role', 25, NULL, 1, '/administration/role', 'cn-icon cn-icon-role2', NULL, 11, 1); -INSERT INTO `sys_menu` VALUES (31, 'Create role', 'createRole', 'overall.create', 30, NULL, 2, '', '', NULL, 1, 1); -INSERT INTO `sys_menu` VALUES (32, 'Edit role', 'editRole', 'overall.edit', 30, NULL, 2, '', '', NULL, 11, 1); -INSERT INTO `sys_menu` VALUES (33, 'Delete role', 'deleteRole', 'overall.delete', 30, NULL, 2, '', '', NULL, 21, 1); +INSERT INTO `sys_menu` VALUES (31, 'Create role', 'createRole', 'overall.create', 30, 'sys:role:add', 2, '', '', NULL, 1, 1); +INSERT INTO `sys_menu` VALUES (32, 'Edit role', 'editRole', 'overall.edit', 30, 'sys:role:update', 2, '', '', NULL, 11, 1); +INSERT INTO `sys_menu` VALUES (33, 'Delete role', 'deleteRole', 'overall.delete', 30, 'sys:role:delete', 2, '', '', NULL, 21, 1); INSERT INTO `sys_menu` VALUES (34, 'Operation log', 'operationLog', 'overall.operationLog', 25, NULL, 1, '/administration/operationLog', 'cn-icon cn-icon-operation-log', NULL, 21, 1); INSERT INTO `sys_menu` VALUES (35, 'Appearance', 'appearance', 'appearance.appearance', 25, NULL, 1, '/administration/appearance', 'cn-icon cn-icon-preview', NULL, 31, 1); -INSERT INTO `sys_menu` VALUES (36, 'Edit appearence', 'editAppearence', 'overall.edit', 35, NULL, 2, '', '', NULL, 1, 1); +INSERT INTO `sys_menu` VALUES (36, 'Edit appearence', 'editAppearence', 'overall.edit', 35, 'sys:config:update', 2, '', '', NULL, 1, 1); INSERT INTO `sys_menu` VALUES (37, 'I18n', 'I18N', 'I18N', 0, NULL, 1, '/i18n', 'cn-icon cn-icon-i18n', NULL, 91, 1); INSERT INTO `sys_menu` VALUES (38, 'Link monitor', 'linkMonitor', 'overall.linkMonitor', 1, NULL, 1, '/panel/linkMonitor', '', NULL, 31, 1); |