From c76c8b1100dd02030aab0c2b0a73140bb7eb474d Mon Sep 17 00:00:00 2001 From: yumaojun03 <719118794@qq.com> Date: Sun, 29 Jun 2025 15:26:49 +0800 Subject: [PATCH] =?UTF-8?q?=E8=A1=A5=E5=85=85=E5=BA=94=E7=94=A8=E6=8E=88?= =?UTF-8?q?=E6=9D=83?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- devcloud/.vscode/launch.json | 2 +- devcloud/etc/application.toml | 4 +- devcloud/main.go | 3 + .../mcenter/apps/policy/impl/permission.go | 33 +++++++---- .../apps/policy/impl/permission_test.go | 6 +- .../mcenter/apps/policy/impl/policy_test.go | 7 ++- devcloud/mcenter/apps/policy/interface.go | 29 +++++++--- devcloud/mcenter/apps/policy/model.go | 31 +++++++++- .../apps/role/impl/api_permission_test.go | 11 ++-- devcloud/mcenter/apps/token/impl/token.go | 4 +- devcloud/mcenter/apps/token/model.go | 20 ++++--- devcloud/mcenter/permission/checker.go | 25 +++++--- devcloud/mpaas/apps/application/api/api.go | 58 +++++++++++++++++++ .../mpaas/apps/application/api/application.go | 31 ++++++++++ .../apps/application/impl/application.go | 1 + .../apps/application/impl/application_test.go | 4 +- devcloud/mpaas/apps/application/impl/impl.go | 6 ++ devcloud/mpaas/apps/registry.go | 1 + devcloud/mpaas/test/set_up.go | 1 + 19 files changed, 224 insertions(+), 53 deletions(-) create mode 100644 devcloud/mpaas/apps/application/api/api.go create mode 100644 devcloud/mpaas/apps/application/api/application.go diff --git a/devcloud/.vscode/launch.json b/devcloud/.vscode/launch.json index 8806066..7ca5c3f 100644 --- a/devcloud/.vscode/launch.json +++ b/devcloud/.vscode/launch.json @@ -5,7 +5,7 @@ "version": "0.2.0", "configurations": [ { - "name": "mcenter api server", + "name": "devcloud api server", "type": "go", "request": "launch", "mode": "auto", diff --git a/devcloud/etc/application.toml b/devcloud/etc/application.toml index 8b94ce8..5e76a9c 100644 --- a/devcloud/etc/application.toml +++ b/devcloud/etc/application.toml @@ -11,8 +11,8 @@ database = "devcloud_go18" username = "root" password = "123456" - auto_migrate = true - debug = true + auto_migrate = false + debug = false [mongo] endpoints = ["127.0.0.1:27017"] diff --git a/devcloud/main.go b/devcloud/main.go index d45c56d..a04f4a2 100644 --- a/devcloud/main.go +++ b/devcloud/main.go @@ -5,9 +5,12 @@ import ( // mcenter 业务对象 _ "122.51.31.227/go-course/go18/devcloud/mcenter/apps" + // audit 业务对象 _ "122.51.31.227/go-course/go18/devcloud/audit/apps" + // mpaas 应用发布 + _ "122.51.31.227/go-course/go18/devcloud/mpaas/apps" // 非功能性模块 _ "github.com/infraboard/mcube/v2/ioc/apps/apidoc/restful" diff --git a/devcloud/mcenter/apps/policy/impl/permission.go b/devcloud/mcenter/apps/policy/impl/permission.go index 9a5a66a..5e1bc26 100644 --- a/devcloud/mcenter/apps/policy/impl/permission.go +++ b/devcloud/mcenter/apps/policy/impl/permission.go @@ -2,8 +2,8 @@ package impl import ( "context" + "fmt" - "122.51.31.227/go-course/go18/devcloud/mcenter/apps/endpoint" "122.51.31.227/go-course/go18/devcloud/mcenter/apps/namespace" "122.51.31.227/go-course/go18/devcloud/mcenter/apps/policy" "122.51.31.227/go-course/go18/devcloud/mcenter/apps/role" @@ -36,8 +36,8 @@ func (i *PolicyServiceImpl) QueryNamespace(ctx context.Context, in *policy.Query // 查询用户可以访问的Api接口 // 找到用户可以访问的角色列表,然后在找出角色对应的Api访问权限 -func (i *PolicyServiceImpl) QueryEndpoint(ctx context.Context, in *policy.QueryEndpointRequest) (*types.Set[*endpoint.Endpoint], error) { - set := types.New[*endpoint.Endpoint]() +func (i *PolicyServiceImpl) QueryEndpoint(ctx context.Context, in *policy.QueryEndpointRequest) (*policy.QueryEndpointResponse, error) { + resp := policy.NewQueryEndpointResponse() policies, err := i.QueryPolicy(ctx, policy.NewQueryPolicyRequest(). SetSkipPage(true). @@ -49,19 +49,25 @@ func (i *PolicyServiceImpl) QueryEndpoint(ctx context.Context, in *policy.QueryE return nil, err } - roleReq := role.NewQueryMatchedEndpointRequest() - policies.ForEach(func(t *policy.Policy) { - roleReq.Add(t.RoleId...) - }) + if policies.Len() > 1 { + return nil, fmt.Errorf("同一个空间下, 一个用户有多条[%d]授权", policies.Len()) + } + p := policies.First() + roleReq := role.NewQueryMatchedEndpointRequest() + roleReq.Add(p.RoleId...) + + // p.ResourceScope + resp.ResourceScope = p.ResourceScope if policies.Len() > 0 { - set, err = role.GetService().QueryMatchedEndpoint(ctx, roleReq) + set, err := role.GetService().QueryMatchedEndpoint(ctx, roleReq) if err != nil { return nil, err } + resp.Items = set.Items } - return set, nil + return resp, nil } // 校验Api接口权限 @@ -69,7 +75,7 @@ func (i *PolicyServiceImpl) ValidateEndpointPermission(ctx context.Context, in * resp := policy.NewValidateEndpointPermissionResponse(*in) // 空间Owner有所有权限 - ns, err := namespace.GetService().DescribeNamespace(ctx, namespace.NewDescribeNamespaceRequest().SetNamespaceId(in.NamespaceId)) + ns, err := namespace.GetService().DescribeNamespace(ctx, namespace.NewDescribeNamespaceRequest().SetNamespaceId(in.GetNamespaceId())) if err != nil { return nil, err } @@ -81,15 +87,20 @@ func (i *PolicyServiceImpl) ValidateEndpointPermission(ctx context.Context, in * // 非空间管理员需要独立鉴权, 查询用户可以访问的API列表 endpointReq := policy.NewQueryEndpointRequest() endpointReq.UserId = in.UserId - endpointReq.NamespaceId = in.NamespaceId + endpointReq.NamespaceId = in.GetNamespaceId() endpointSet, err := i.QueryEndpoint(ctx, endpointReq) if err != nil { return nil, err } + + // 补充Api访问的scope + resp.ResourceScope = endpointSet.ResourceScope + for _, item := range endpointSet.Items { if item.IsMatched(in.Service, in.Method, in.Path) { resp.HasPermission = true resp.Endpoint = item + break } } diff --git a/devcloud/mcenter/apps/policy/impl/permission_test.go b/devcloud/mcenter/apps/policy/impl/permission_test.go index ca124a1..8841d25 100644 --- a/devcloud/mcenter/apps/policy/impl/permission_test.go +++ b/devcloud/mcenter/apps/policy/impl/permission_test.go @@ -8,7 +8,7 @@ import ( func TestQueryNamespace(t *testing.T) { req := policy.NewQueryNamespaceRequest() - req.UserId = 1 + req.UserId = 2 set, err := impl.QueryNamespace(ctx, req) if err != nil { t.Fatal(err) @@ -29,8 +29,8 @@ func TestQueryEndpoint(t *testing.T) { func TestValidateEndpointPermission(t *testing.T) { req := policy.NewValidateEndpointPermissionRequest() - req.UserId = 1 - req.NamespaceId = 1 + req.UserId = 3 + req.SetNamespaceId(1) req.Service = "devcloud" req.Method = "GET" req.Path = "/api/devcloud/v1/users/" diff --git a/devcloud/mcenter/apps/policy/impl/policy_test.go b/devcloud/mcenter/apps/policy/impl/policy_test.go index cecf5ab..1fdb962 100644 --- a/devcloud/mcenter/apps/policy/impl/policy_test.go +++ b/devcloud/mcenter/apps/policy/impl/policy_test.go @@ -20,9 +20,14 @@ func TestQueryPolicy(t *testing.T) { func TestCreatePolicy(t *testing.T) { req := policy.NewCreatePolicyRequest() + // guest req.UserId = 2 - req.RoleId = []uint64{1} + // 开发 + req.RoleId = []uint64{3} + // default req.SetNamespaceId(1) + // 开发小组1的资源 + req.SetScope("team", []string{"dev01"}) set, err := impl.CreatePolicy(ctx, req) if err != nil { t.Fatal(err) diff --git a/devcloud/mcenter/apps/policy/interface.go b/devcloud/mcenter/apps/policy/interface.go index 4a2f5f9..965de04 100644 --- a/devcloud/mcenter/apps/policy/interface.go +++ b/devcloud/mcenter/apps/policy/interface.go @@ -132,17 +132,28 @@ type PermissionService interface { // 查询用户可以访问的菜单 QueryMenu(context.Context, *QueryMenuRequest) (*types.Set[*view.Menu], error) // 查询用户可以访问的Api接口 - QueryEndpoint(context.Context, *QueryEndpointRequest) (*types.Set[*endpoint.Endpoint], error) + QueryEndpoint(context.Context, *QueryEndpointRequest) (*QueryEndpointResponse, error) // 校验页面权限 ValidatePagePermission(context.Context, *ValidatePagePermissionRequest) (*ValidatePagePermissionResponse, error) // 校验接口权限 ValidateEndpointPermission(context.Context, *ValidateEndpointPermissionRequest) (*ValidateEndpointPermissionResponse, error) } +func NewQueryEndpointResponse() *QueryEndpointResponse { + return &QueryEndpointResponse{ + Items: []*endpoint.Endpoint{}, + } +} + +type QueryEndpointResponse struct { + ResourceScope + Items []*endpoint.Endpoint +} + type ValidatePagePermissionRequest struct { - UserId uint64 `json:"user_id" form:"user_id"` - NamespaceId uint64 `json:"namespace_id" form:"namespace_id"` - Path string `json:"path" form:"path"` + UserId uint64 `json:"user_id" form:"user_id"` + Path string `json:"path" form:"path"` + ResourceScope } func NewValidatePagePermissionResponse(req ValidatePagePermissionRequest) *ValidatePagePermissionResponse { @@ -162,11 +173,11 @@ func NewValidateEndpointPermissionRequest() *ValidateEndpointPermissionRequest { } type ValidateEndpointPermissionRequest struct { - UserId uint64 `json:"user_id" form:"user_id"` - NamespaceId uint64 `json:"namespace_id" form:"namespace_id"` - Service string `json:"service" form:"service"` - Path string `json:"path" form:"path"` - Method string `json:"method" form:"method"` + UserId uint64 `json:"user_id" form:"user_id"` + Service string `json:"service" form:"service"` + Path string `json:"path" form:"path"` + Method string `json:"method" form:"method"` + ResourceScope } func NewValidateEndpointPermissionResponse(req ValidateEndpointPermissionRequest) *ValidateEndpointPermissionResponse { diff --git a/devcloud/mcenter/apps/policy/model.go b/devcloud/mcenter/apps/policy/model.go index f4e2001..9214b6e 100644 --- a/devcloud/mcenter/apps/policy/model.go +++ b/devcloud/mcenter/apps/policy/model.go @@ -82,6 +82,31 @@ type ResourceScope struct { Scope map[string][]string `json:"scope" bson:"scope" gorm:"column:scope;serializer:json;type:json" description:"数据访问的范围" optional:"true"` } +func (r ResourceScope) String() string { + return pretty.ToJSON(r) +} + +func (r *ResourceScope) BuildMySQLPrefixBlob() { + for k := range r.Scope { + for i := range r.Scope[k] { + if !strings.HasSuffix(r.Scope[k][i], "%") { + r.Scope[k][i] += "%" + } + } + } +} + +func (r *ResourceScope) SetNamespaceId(v uint64) { + r.NamespaceId = &v +} + +func (r *ResourceScope) GetNamespaceId() uint64 { + if r.NamespaceId == nil { + return 0 + } + return *r.NamespaceId +} + func (l *ResourceScope) SetScope(key string, value []string) { if l.Scope == nil { l.Scope = map[string][]string{} @@ -91,7 +116,7 @@ func (l *ResourceScope) SetScope(key string, value []string) { func (r ResourceScope) GormResourceFilter(query *gorm.DB) *gorm.DB { if r.NamespaceId != nil { - query = query.Where("namespace = ?", r.NamespaceId) + query = query.Where("namespace_id = ?", r.NamespaceId) } for key, values := range r.Scope { @@ -144,6 +169,10 @@ type ResourceLabel struct { Label map[string]string `json:"label" bson:"label" gorm:"column:label;serializer:json;type:json" description:"数据访问的范围" optional:"true"` } +func (l *ResourceLabel) SetNamespaceId(v uint64) { + l.NamespaceId = &v +} + func (l *ResourceLabel) SetLabel(key, value string) { if l.Label == nil { l.Label = map[string]string{} diff --git a/devcloud/mcenter/apps/role/impl/api_permission_test.go b/devcloud/mcenter/apps/role/impl/api_permission_test.go index 97d1dc3..d3395c6 100644 --- a/devcloud/mcenter/apps/role/impl/api_permission_test.go +++ b/devcloud/mcenter/apps/role/impl/api_permission_test.go @@ -8,7 +8,7 @@ import ( func TestQueryApiPermission(t *testing.T) { req := role.NewQueryApiPermissionRequest() - req.AddRoleId(2) + req.AddRoleId(3) set, err := impl.QueryApiPermission(ctx, req) if err != nil { t.Fatal(err) @@ -17,8 +17,11 @@ func TestQueryApiPermission(t *testing.T) { } func TestAddApiPermission(t *testing.T) { - req := role.NewAddApiPermissionRequest(1) - req.Add(role.NewResourceActionApiPermissionSpec("devcloud", "user", "list")) + req := role.NewAddApiPermissionRequest(3) + req.Add( + role.NewResourceActionApiPermissionSpec("devcloud", "user", "list"), + // role.NewResourceActionApiPermissionSpec("devcloud", "application", "list"), + ) set, err := impl.AddApiPermission(ctx, req) if err != nil { t.Fatal(err) @@ -28,7 +31,7 @@ func TestAddApiPermission(t *testing.T) { func TestQueryMatchedEndpoint(t *testing.T) { req := role.NewQueryMatchedEndpointRequest() - req.Add(1) + req.Add(3) set, err := impl.QueryMatchedEndpoint(ctx, req) if err != nil { t.Fatal(err) diff --git a/devcloud/mcenter/apps/token/impl/token.go b/devcloud/mcenter/apps/token/impl/token.go index 3975b4b..8ec37eb 100644 --- a/devcloud/mcenter/apps/token/impl/token.go +++ b/devcloud/mcenter/apps/token/impl/token.go @@ -49,8 +49,8 @@ func (i *TokenServiceImpl) IssueToken(ctx context.Context, in *token.IssueTokenR } } - if tk.NamespaceId == 0 { - tk.NamespaceId = 1 + if tk.NamespaceId == nil { + tk.SetNamespaceId(1) } // 保持Token diff --git a/devcloud/mcenter/apps/token/model.go b/devcloud/mcenter/apps/token/model.go index 1b08eeb..ea2f3e5 100644 --- a/devcloud/mcenter/apps/token/model.go +++ b/devcloud/mcenter/apps/token/model.go @@ -8,6 +8,7 @@ import ( "strings" "time" + "122.51.31.227/go-course/go18/devcloud/mcenter/apps/policy" "github.com/infraboard/mcube/v2/exception" "github.com/infraboard/mcube/v2/tools/pretty" ) @@ -56,7 +57,6 @@ func NewToken() *Token { IssueAt: time.Now(), Status: NewStatus(), Extras: map[string]string{}, - Scope: map[string]string{}, } return tk @@ -77,12 +77,14 @@ type Token struct { UserName string `json:"user_name" gorm:"column:user_name;type:varchar(100);not null;index" description:"持有该Token的用户名称"` // 是不是管理员 IsAdmin bool `json:"is_admin" gorm:"column:is_admin;type:tinyint(1)" description:"是不是管理员"` - // 令牌生效空间Id - NamespaceId uint64 `json:"namespace_id" gorm:"column:namespace_id;type:uint;index" description:"令牌所属空间Id"` + + // 令牌生效空间Ids + policy.ResourceScope + // NamespaceId uint64 `json:"namespace_id" gorm:"column:namespace_id;type:uint;index" description:"令牌所属空间Id"` // 令牌生效空间名称 NamespaceName string `json:"namespace_name" gorm:"column:namespace_name;type:varchar(100);index" description:"令牌所属空间"` - // 访问范围定义, 鉴权完成后补充 - Scope map[string]string `json:"scope" gorm:"column:scope;type:varchar(100);serializer:json" description:"令牌访问范围定义"` + // // 访问范围定义, 鉴权完成后补充 + // Scope map[string][]string `json:"scope" gorm:"column:scope;type:varchar(100);serializer:json" description:"令牌访问范围定义"` // 颁发给用户的访问令牌(用户需要携带Token来访问接口) AccessToken string `json:"access_token" gorm:"column:access_token;type:varchar(100);not null;uniqueIndex" description:"访问令牌"` // 访问令牌过期时间 @@ -105,6 +107,10 @@ func (t *Token) TableName() string { return "tokens" } +func (r *Token) String() string { + return pretty.ToJSON(r) +} + // 判断访问令牌是否过期,没设置代表用不过期 func (t *Token) IsAccessTokenExpired() error { if t.AccessTokenExpiredAt != nil { @@ -158,10 +164,6 @@ func (t *Token) SetRefreshTokenExpiredAt(v time.Time) { t.RefreshTokenExpiredAt = &v } -func (t *Token) String() string { - return pretty.ToJSON(t) -} - func (t *Token) SetIssuer(issuer string) *Token { t.Issuer = issuer return t diff --git a/devcloud/mcenter/permission/checker.go b/devcloud/mcenter/permission/checker.go index 847c845..1d6c63a 100644 --- a/devcloud/mcenter/permission/checker.go +++ b/devcloud/mcenter/permission/checker.go @@ -92,6 +92,14 @@ func (c *Checker) Check(r *restful.Request, w *restful.Response, next *restful.F response.Failed(w, err) return } + + // 如果校验成功,需要把 用户的身份信息,放到请求的上下文中,方便后面的逻辑获取 + // context.WithValue 来往ctx 添加 value + // key: value, value token对象 + ctx := context.WithValue(r.Request.Context(), token.CTX_TOKEN_KEY, tk) + + // ctx 生成一个新的,继续往下传递 + r.Request = r.Request.WithContext(ctx) } // 请求处理 @@ -111,13 +119,6 @@ func (c *Checker) CheckToken(r *restful.Request) (*token.Token, error) { return nil, err } - // 如果校验成功,需要把 用户的身份信息,放到请求的上下文中,方便后面的逻辑获取 - // context.WithValue 来往ctx 添加 value - // key: value, value token对象 - ctx := context.WithValue(r.Request.Context(), token.CTX_TOKEN_KEY, tk) - - // ctx 生成一个新的,继续往下传递 - r.Request = r.Request.WithContext(ctx) return tk, nil } @@ -131,7 +132,7 @@ func (c *Checker) CheckPolicy(r *restful.Request, tk *token.Token, route *endpoi if route.HasRequiredRole() { set, err := c.policy.QueryPolicy(r.Request.Context(), policy.NewQueryPolicyRequest(). - SetNamespaceId(tk.NamespaceId). + SetNamespaceId(tk.GetNamespaceId()). SetUserId(tk.UserId). SetExpired(false). SetEnabled(true). @@ -145,6 +146,9 @@ func (c *Checker) CheckPolicy(r *restful.Request, tk *token.Token, route *endpoi p := set.Items[i] if route.IsRequireRole(p.Role.Name) { hasPerm = true + + // 把这个scope传递下去 + tk.Scope = p.Scope break } } @@ -157,7 +161,7 @@ func (c *Checker) CheckPolicy(r *restful.Request, tk *token.Token, route *endpoi if route.RequiredPerm { validateReq := policy.NewValidateEndpointPermissionRequest() validateReq.UserId = tk.UserId - validateReq.NamespaceId = tk.NamespaceId + validateReq.ResourceScope = tk.ResourceScope validateReq.Service = application.Get().GetAppName() validateReq.Method = route.Method validateReq.Path = route.Path @@ -168,6 +172,9 @@ func (c *Checker) CheckPolicy(r *restful.Request, tk *token.Token, route *endpoi if !resp.HasPermission { return exception.NewPermissionDeny("无权限访问") } + + tk.ResourceScope = resp.ResourceScope + tk.BuildMySQLPrefixBlob() } return nil diff --git a/devcloud/mpaas/apps/application/api/api.go b/devcloud/mpaas/apps/application/api/api.go new file mode 100644 index 0000000..363b58d --- /dev/null +++ b/devcloud/mpaas/apps/application/api/api.go @@ -0,0 +1,58 @@ +package api + +import ( + "122.51.31.227/go-course/go18/devcloud/audit/audit" + "122.51.31.227/go-course/go18/devcloud/mcenter/permission" + "122.51.31.227/go-course/go18/devcloud/mpaas/apps/application" + "github.com/infraboard/mcube/v2/ioc" + "github.com/infraboard/mcube/v2/ioc/config/gorestful" + + restfulspec "github.com/emicklei/go-restful-openapi/v2" + "github.com/emicklei/go-restful/v3" +) + +func init() { + ioc.Api().Registry(&UserRestfulApiHandler{}) +} + +type UserRestfulApiHandler struct { + ioc.ObjectImpl + + // 依赖控制器 + svc application.Service +} + +func (h *UserRestfulApiHandler) Name() string { + return "applications" +} + +func (h *UserRestfulApiHandler) Init() error { + h.svc = application.GetService() + + tags := []string{"应用管理"} + ws := gorestful.ObjectRouter(h) + // required_auth=true/false + ws.Route(ws.GET("").To(h.QueryApplication). + Doc("应用列表查询"). + Metadata(restfulspec.KeyOpenAPITags, tags). + // 这个开关怎么生效 + // 中间件需求读取接口的描述信息,来决定是否需要认证 + Metadata(permission.Auth(true)). + Metadata(permission.Permission(true)). + Metadata(permission.Resource("application")). + Metadata(permission.Action("list")). + Metadata(audit.Enable(true)). + Param(restful.QueryParameter("page_size", "分页大小").DataType("integer")). + Param(restful.QueryParameter("page_number", "页码").DataType("integer")). + Writes(Set{}). + Returns(200, "OK", Set{})) + + return nil +} + +// *types.Set[*User] +// 返回的泛型, API Doc这个工具 不支持泛型 +type Set struct { + Total int64 `json:"total"` + Items []application.Application `json:"items"` +} diff --git a/devcloud/mpaas/apps/application/api/application.go b/devcloud/mpaas/apps/application/api/application.go new file mode 100644 index 0000000..eaef313 --- /dev/null +++ b/devcloud/mpaas/apps/application/api/application.go @@ -0,0 +1,31 @@ +package api + +import ( + "122.51.31.227/go-course/go18/devcloud/mcenter/apps/token" + "122.51.31.227/go-course/go18/devcloud/mpaas/apps/application" + "github.com/emicklei/go-restful/v3" + "github.com/gin-gonic/gin/binding" + "github.com/infraboard/mcube/v2/http/restful/response" + "github.com/infraboard/mcube/v2/ioc/config/log" +) + +func (h *UserRestfulApiHandler) QueryApplication(r *restful.Request, w *restful.Response) { + req := application.NewQueryApplicationRequest() + if err := binding.Query.Bind(r.Request, &req.QueryApplicationRequestSpec); err != nil { + response.Failed(w, err) + return + } + + // 过滤条件在认证完成后的上下文中 + tk := token.GetTokenFromCtx(r.Request.Context()) + req.ResourceScope = tk.ResourceScope + log.L().Debug().Msgf("resource scope: %s", tk.ResourceScope) + + set, err := h.svc.QueryApplication(r.Request.Context(), req) + if err != nil { + response.Failed(w, err) + return + } + + response.Success(w, set) +} diff --git a/devcloud/mpaas/apps/application/impl/application.go b/devcloud/mpaas/apps/application/impl/application.go index 8fbab96..8a04f54 100644 --- a/devcloud/mpaas/apps/application/impl/application.go +++ b/devcloud/mpaas/apps/application/impl/application.go @@ -29,6 +29,7 @@ func (i *ApplicationServiceImpl) CreateApplication(ctx context.Context, in *appl func (i *ApplicationServiceImpl) QueryApplication(ctx context.Context, in *application.QueryApplicationRequest) (*types.Set[*application.Application], error) { set := types.New[*application.Application]() + i.log.Debug().Msgf("scope: %s", in.ResourceScope) query := in.GormResourceFilter(datasource.DBFromCtx(ctx).Model(&application.Application{})) if in.Id != "" { query = query.Where("id = ?", in.Id) diff --git a/devcloud/mpaas/apps/application/impl/application_test.go b/devcloud/mpaas/apps/application/impl/application_test.go index 197369b..b51509f 100644 --- a/devcloud/mpaas/apps/application/impl/application_test.go +++ b/devcloud/mpaas/apps/application/impl/application_test.go @@ -14,6 +14,7 @@ func TestCreateApplication(t *testing.T) { req.CodeRepository = application.CodeRepository{ SshUrl: "git@122.51.31.227:go-course/go18.git", } + req.SetNamespaceId(1) req.SetLabel("team", "dev01.web_developer") ins, err := svc.CreateApplication(ctx, req) if err != nil { @@ -26,7 +27,8 @@ func TestCreateApplication(t *testing.T) { func TestQueryApplication(t *testing.T) { req := application.NewQueryApplicationRequest() // dev01.% - req.SetScope("team", []string{"%"}) + // req.SetNamespaceId(1) + req.SetScope("team", []string{"dev01%"}) // req.SetScope("env", []string{"prod"}) ins, err := svc.QueryApplication(ctx, req) if err != nil { diff --git a/devcloud/mpaas/apps/application/impl/impl.go b/devcloud/mpaas/apps/application/impl/impl.go index bc889f3..ee70b55 100644 --- a/devcloud/mpaas/apps/application/impl/impl.go +++ b/devcloud/mpaas/apps/application/impl/impl.go @@ -4,6 +4,8 @@ import ( "122.51.31.227/go-course/go18/devcloud/mpaas/apps/application" "github.com/infraboard/mcube/v2/ioc" "github.com/infraboard/mcube/v2/ioc/config/datasource" + "github.com/infraboard/mcube/v2/ioc/config/log" + "github.com/rs/zerolog" ) func init() { @@ -14,9 +16,13 @@ var _ application.Service = (*ApplicationServiceImpl)(nil) type ApplicationServiceImpl struct { ioc.ObjectImpl + + log *zerolog.Logger } func (i *ApplicationServiceImpl) Init() error { + i.log = log.Sub(i.Name()) + if datasource.Get().AutoMigrate { err := datasource.DB().AutoMigrate(&application.Application{}) if err != nil { diff --git a/devcloud/mpaas/apps/registry.go b/devcloud/mpaas/apps/registry.go index a53a700..3bbda80 100644 --- a/devcloud/mpaas/apps/registry.go +++ b/devcloud/mpaas/apps/registry.go @@ -1,5 +1,6 @@ package apps import ( + _ "122.51.31.227/go-course/go18/devcloud/mpaas/apps/application/api" _ "122.51.31.227/go-course/go18/devcloud/mpaas/apps/application/impl" ) diff --git a/devcloud/mpaas/test/set_up.go b/devcloud/mpaas/test/set_up.go index 095207d..8183d0f 100644 --- a/devcloud/mpaas/test/set_up.go +++ b/devcloud/mpaas/test/set_up.go @@ -7,6 +7,7 @@ import ( // 要注册哪些对象, Book, Comment // 加载的业务对象 + _ "122.51.31.227/go-course/go18/devcloud/mcenter/apps" _ "122.51.31.227/go-course/go18/devcloud/mpaas/apps" )