feat(frontend): 密码规则 #7031

dbm-ui/frontend/src/common/const/clusterTypes.ts

@@ -42,3 +42,5 @@ export enum ClusterTypes {
   SQLSERVER_SINGLE = 'sqlserver_single', // SQLServer单节点版
   SQLSERVER_HA = 'sqlserver_ha', // SQLServer主从版
 }
+
+export type ClusterTypeValues = keyof typeof ClusterTypes;

dbm-ui/frontend/src/common/const/ticketTypes.ts

@@ -40,7 +40,7 @@ export enum TicketTypes {
   MYSQL_PROXY_UPGRADE = 'MYSQL_PROXY_UPGRADE', // MySQL Proxy 升级
   MYSQL_LOCAL_UPGRADE = 'MYSQL_LOCAL_UPGRADE', // MySQL 原地升级
   MYSQL_MIGRATE_UPGRADE = 'MYSQL_MIGRATE_UPGRADE', // MySQL 迁移升级
-  MYSQL_SLAVE_MIGRATE_UPGRADE = 'MYSQL_SLAVE_MIGRATE_UPGRADE' // MySQL 从库迁移升级
+  MYSQL_SLAVE_MIGRATE_UPGRADE = 'MYSQL_SLAVE_MIGRATE_UPGRADE', // MySQL 从库迁移升级
 }
 export enum TicketTypes {
   REDIS_CLUSTER_APPLY = 'REDIS_CLUSTER_APPLY',
@@ -123,7 +123,6 @@ export enum TicketTypes {
   MONGODB_ENABLE = 'MONGODB_ENABLE', // MongoDB 集群启用
   MONGODB_DESTROY = 'MONGODB_DESTROY', // MongoDB 集群删除
   MONGODB_SCALE_UPDOWN = 'MONGODB_SCALE_UPDOWN', // MongoDB 分片式集群单个容量变更
-  MONGODB_AUTHORIZE = 'MONGODB_AUTHORIZE', // MongoDB 集群授权
   MONGODB_EXCEL_AUTHORIZE = 'MONGODB_EXCEL_AUTHORIZE', // MongoDB 导入授权
   MONGODB_AUTHORIZE_RULES = 'MONGODB_AUTHORIZE_RULES', // MongoDB 集群授权
   MONGODB_EXCEL_AUTHORIZE_RULES = 'MONGODB_EXCEL_AUTHORIZE_RULES', // MongoDB 导入授权

dbm-ui/frontend/src/locales/en.json

@@ -1037,7 +1037,6 @@
   "进行中": "In progress",
   "DB实例权限克隆": "DB instance privileges clone",
   "DB重命名": "DB Rename",
-  "MySQL_授权规则": "'MySQL' grant rules",
   "MySQL单节点_集群管理": "'MySQL standalone' Management",
   "MySQL单节点详情": "MySQL standalone details",
   "MySQL主从集群_实例视图": "'MySQL HA' instance view",

dbm-ui/frontend/src/locales/zh-cn.json

@@ -1046,11 +1046,10 @@
     "清除表数据和结构_droptable": "清除表数据和结构(drop table)",
     "清除表数据_truncatetable": "清除表数据(truncate table)",
     "特殊符号序": "特殊符号序",
-    "包含特殊字符_除空格外": "包含特殊字符，除空格外",
     "包含数字": "包含数字",
     "包含大写字母": "包含大写字母",
     "包含小写字母": "包含小写字母",
-    "MySQL_授权规则": "【MySQL】授权规则",
+    "指定特殊字符(s)": "指定特殊字符({s})",
     "MySQL主从集群_实例详情": "【MySQL 主从集群】实例详情",
     "MySQL主从集群_实例视图": "【MySQL 主从集群】实例视图",
     "MySQL主从集群详情": "MySQL 主从集群详情",
@@ -2569,7 +2568,6 @@
     "复制域名": "复制域名",
     "克隆分区策略": "克隆分区策略",
     "注意_对从域名授权时仅会授予 select 权限": "注意：对从域名授权时仅会授予 select 权限",
-    "mongDB实例视图": "【MongDB】实例视图",
     "实例：name": "实例：{name}",
     "从域名": "从域名",
     "请输入关键字或选择条件搜索": "请输入关键字或选择条件搜索",
@@ -2594,9 +2592,6 @@
     "申请MongoDB副本集部署": "申请 MongoDB 副本集部署",
     "MongoDB分片集群部署": "MongoDB 分片集群部署",
     "MongoDB副本集部署": "MongoDB 副本集部署",
-    "【MongDB】分片集群管理": "【MongDB】分片集群管理",
-    "【MongDB】副本集集群管理": "【MongDB】副本集集群管理",
-    "【MongDB】授权规则": "【MongDB】授权规则",
     "MongoDB版本": "MongoDB 版本",
     "默认从n开始分配": "默认从 {0} 开始分配",
     "每台主机oplog容量占比": "每台主机oplog容量占比",
@@ -3483,6 +3478,7 @@
     "中的任意 n 种": "中的任意 {n} 种",
     "不允许超过 x 位连续字符": "不允许超过 {x} 位连续字符",
     "不允许的字符: s": "不允许的字符: {s}",
+    "包含特殊字符_除空格外": "包含特殊字符_除空格外",
     "请先添加实例": "请先添加实例",
     "【SQLServer】授权规则": "【SQLServer】授权规则",
     "【MySQL】授权规则": "【MySQL】授权规则",

dbm-ui/frontend/src/services/model/mongodb/mongodb-permission-account.ts

@@ -11,29 +11,21 @@
  * the specific language governing permissions and limitations under the License.
  */
 
+import type { PermissionRule, PermissionRuleAccount, PermissionRuleInfo } from '@services/types';
+
 import { isRecentDays } from '@utils';
 
-export default class MongodbPermissonAccount {
-  account: {
-    account_id: number;
-    bk_biz_id: number;
-    create_time: string;
-    creator: string;
-    password: string;
-    user: string;
+export default class MongodbPermissonAccount implements PermissionRule {
+  account: PermissionRuleAccount;
+  permission: {
+    mongodb_account_delete: boolean;
+    mongodb_add_account_rule: boolean;
   };
-  rules: Array<{
-    access_db: string;
-    account_id: number;
-    bk_biz_id: number;
-    create_time: string;
-    creator: string;
-    privilege: string;
-    rule_id: number;
-  }>;
+  rules: PermissionRuleInfo[];
 
   constructor(payload = {} as MongodbPermissonAccount) {
     this.account = payload.account;
+    this.permission = payload.permission;
     this.rules = payload.rules;
   }
 

dbm-ui/frontend/src/services/model/mysql/mysql-permission-account.ts

@@ -11,33 +11,21 @@
  * the specific language governing permissions and limitations under the License.
  */
 
+import type { PermissionRule, PermissionRuleAccount, PermissionRuleInfo } from '@services/types';
+
 import { isRecentDays } from '@utils';
 
-export default class MysqlPermissonAccount {
-  account: {
-    account_id: number;
-    bk_biz_id: number;
-    create_time: string;
-    creator: string;
-    user: string;
-  };
+export default class MysqlPermissionAccount implements PermissionRule {
+  account: PermissionRuleAccount;
   permission: {
     mysql_account_delete: boolean;
     mysql_add_account_rule: boolean;
     tendbcluster_account_delete: boolean;
     tendbcluster_add_account_rule: boolean;
   };
-  rules: Array<{
-    access_db: string;
-    account_id: number;
-    bk_biz_id: number;
-    create_time: string;
-    creator: string;
-    privilege: string;
-    rule_id: number;
-  }>;
+  rules: PermissionRuleInfo[];
 
-  constructor(payload = {} as MysqlPermissonAccount) {
+  constructor(payload = {} as MysqlPermissionAccount) {
     this.account = payload.account;
     this.permission = payload.permission;
     this.rules = payload.rules;

dbm-ui/frontend/src/services/model/sqlserver/sqlserver-permission-account.ts

@@ -13,29 +13,21 @@
 
 import dayjs from 'dayjs';
 
+import type { PermissionRule, PermissionRuleAccount, PermissionRuleInfo } from '@services/types';
+
 import { utcDisplayTime } from '@utils';
 
-export default class SqlserverPermissionAccount {
-  account: {
-    account_id: number;
-    bk_biz_id: number;
-    create_time: string;
-    creator: string;
-    password: string;
-    user: string;
+export default class SqlserverPermissionAccount implements PermissionRule {
+  account: PermissionRuleAccount;
+  permission: {
+    sqlserver_account_delete: boolean;
+    sqlserver_add_account_rule: boolean;
   };
-  rules: {
-    access_db: string;
-    account_id: number;
-    bk_biz_id: number;
-    create_time: string;
-    creator: string;
-    privilege: string;
-    rule_id: number;
-  }[];
+  rules: PermissionRuleInfo[];
 
   constructor(payload: SqlserverPermissionAccount) {
     this.account = payload.account;
+    this.permission = payload.permission;
     this.rules = payload.rules;
   }
 

dbm-ui/frontend/src/services/source/mongodbPermissionAccount.ts

@@ -14,20 +14,16 @@
 import MongodbPermissonAccountModel from '@services/model/mongodb/mongodb-permission-account';
 import type { ListBase } from '@services/types';
 
-import { useGlobalBizs } from '@stores';
-
 import type { AccountTypesValues } from '@common/const';
 
 import http, { type IRequestPayload } from '../http';
 
-const { currentBizId } = useGlobalBizs();
-
-const path = `/apis/mongodb/bizs/${currentBizId}/permission/account`;
+const getRootPath = () => `/apis/mongodb/bizs/${window.PROJECT_CONFIG.BIZ_ID}/permission/account`;
 
 /**
  * 添加账号规则
  */
-export function addMongodbAccountRule(params: {
+export function addAccountRule(params: {
   access_db: string;
   privilege: {
     mongo_user: string[];
@@ -36,27 +32,27 @@ export function addMongodbAccountRule(params: {
   account_id: number | null;
   account_type: AccountTypesValues;
 }) {
-  return http.post<null>(`${path}/add_account_rule/`, params);
+  return http.post<null>(`${getRootPath()}/add_account_rule/`, params);
 }
 
 /**
  * 创建账号
  */
-export function createMongodbAccount(params: { user: string; password: string; account_type?: AccountTypesValues }) {
-  return http.post<null>(`${path}/create_account/`, params);
+export function createAccount(params: { user: string; password: string; account_type?: AccountTypesValues }) {
+  return http.post<null>(`${getRootPath()}/create_account/`, params);
 }
 
 /**
  * 删除账号
  */
-export function deleteMongodbAccount(params: { bizId: number; account_id: number; account_type?: AccountTypesValues }) {
-  return http.delete<null>(`${path}/delete_account/`, params);
+export function deleteAccount(params: { bizId: number; account_id: number; account_type?: AccountTypesValues }) {
+  return http.delete<null>(`${getRootPath()}/delete_account/`, params);
 }
 
 /**
  * 查询账号规则列表
  */
-export function getMongodbPermissionRules(
+export function getPermissionRules(
   params: {
     limit?: number;
     offset?: number;
@@ -68,7 +64,7 @@ export function getMongodbPermissionRules(
   payload = {} as IRequestPayload,
 ) {
   return http
-    .get<ListBase<MongodbPermissonAccountModel[]>>(`${path}/list_account_rules/`, params, payload)
+    .get<ListBase<MongodbPermissonAccountModel[]>>(`${getRootPath()}/list_account_rules/`, params, payload)
     .then((res) => ({
       ...res,
       results: res.results.map((item) => new MongodbPermissonAccountModel(item)),
@@ -78,13 +74,11 @@ export function getMongodbPermissionRules(
 /**
  * 查询账号规则
  */
-export function queryMongodbAccountRules(params: {
-  user: string;
-  access_dbs: string[];
-  account_type?: AccountTypesValues;
-}) {
-  return http.post<ListBase<MongodbPermissonAccountModel[]>>(`${path}/query_account_rules/`, params).then((res) => ({
-    ...res,
-    results: res.results.map((item) => new MongodbPermissonAccountModel(item)),
-  }));
+export function queryAccountRules(params: { user: string; access_dbs: string[]; account_type?: AccountTypesValues }) {
+  return http
+    .post<ListBase<MongodbPermissonAccountModel[]>>(`${getRootPath()}/query_account_rules/`, params)
+    .then((res) => ({
+      ...res,
+      results: res.results.map((item) => new MongodbPermissonAccountModel(item)),
+    }));
 }

dbm-ui/frontend/src/services/source/mongodbPermissionAuthorize.ts

@@ -11,18 +11,14 @@
  * the specific language governing permissions and limitations under the License.
  */
 
-import { useGlobalBizs } from '@stores';
-
 import http from '../http';
 
-const { currentBizId } = useGlobalBizs();
-
-const path = `/apis/mongodb/bizs/${currentBizId}/permission/authorize`;
+const getRootPath = () => `/apis/mongodb/bizs/${window.PROJECT_CONFIG.BIZ_ID}/permission/authorize`;
 
 /**
  * MongoDB 授权规则前置检查
  */
-export function preCheckMongodbAuthorizeRules(params: {
+export function preCheckAuthorizeRules(params: {
   mongo_users: {
     user: string;
     access_dbs: string[];
@@ -45,5 +41,5 @@ export function preCheckMongodbAuthorizeRules(params: {
     authorize_uid: string;
     message: string;
     pre_check: boolean;
-  }>(`${path}/pre_check_rules/`, params);
+  }>(`${getRootPath()}/pre_check_rules/`, params);
 }

dbm-ui/frontend/src/services/source/mysqlPermissionAccount.ts

@@ -0,0 +1,94 @@
+/*
+ * TencentBlueKing is pleased to support the open source community by making 蓝鲸智云-DB管理系统(BlueKing-BK-DBM) available.
+ *
+ * Copyright (C) 2017-2023 THL A29 Limited, a Tencent company. All rights reserved.
+ *
+ * Licensed under the MIT License (the "License"); you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at https://opensource.org/licenses/MIT
+ *
+ * Unless required by applicable law or agreed to in writing, software distributed under the License is distributed
+ * on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the License for
+ * the specific language governing permissions and limitations under the License.
+ */
+import MysqlPermissionAccountModel from '@services/model/mysql/mysql-permission-account';
+import type { ListBase } from '@services/types';
+import type { AccountRule, CreateAccountParams, PermissionRule } from '@services/types/permission';
+
+import type { AccountTypesValues } from '@common/const';
+
+import http, { type IRequestPayload } from '../http';
+
+const getRootPath = () => `/apis/mysql/bizs/${window.PROJECT_CONFIG.BIZ_ID}/permission/account`;
+
+/**
+ * 查询账号规则列表
+ */
+export const getPermissionRules = (
+  params: {
+    limit?: number;
+    offset?: number;
+    bk_biz_id: number;
+    rule_ids?: string;
+    user?: string;
+    access_db?: string;
+    privilege?: string;
+    account_type?: AccountTypesValues;
+  },
+  payload = {} as IRequestPayload,
+) =>
+  http
+    .get<ListBase<MysqlPermissionAccountModel[]>>(`${getRootPath()}/list_account_rules/`, params, payload)
+    .then((res) => ({
+      ...res,
+      results: res.results.map((item) => new MysqlPermissionAccountModel(item)),
+    }));
+/**
+ * 创建账户
+ */
+export const createAccount = (params: CreateAccountParams) => http.post(`${getRootPath()}/create_account/`, params);
+
+/**
+ * 删除账号
+ */
+export const deleteAccount = (params: { bizId: number; account_id: number; account_type?: AccountTypesValues }) =>
+  http.delete(`${getRootPath()}/delete_account/`, params);
+
+/**
+ * 添加账号规则
+ */
+export const createAccountRule = (params: AccountRule & { bk_biz_id: number }) =>
+  http.post(`${getRootPath()}/add_account_rule/`, params);
+
+/**
+ * 修改账号规则
+ */
+export const modifyAccountRule = (
+  params: AccountRule & {
+    rule_id: number;
+    bk_biz_id: number;
+  },
+) => http.post(`${getRootPath()}/modify_account_rule/`, params);
+
+/**
+ * 查询账号规则
+ */
+export const queryAccountRules = (params: { user: string; access_dbs: string[]; account_type: AccountTypesValues }) =>
+  http.post<ListBase<PermissionRule[]>>(`${getRootPath()}/query_account_rules/`, params);
+
+/**
+ * 添加账号规则前置检查
+ */
+export const preCheckAddAccountRule = (params: {
+  account_id: number | null;
+  access_db: string;
+  privilege: {
+    dml: string[];
+    ddl: string[];
+    glob: string[];
+  };
+  account_type: AccountTypesValues;
+}) =>
+  http.post<{
+    force_run: boolean;
+    warning: string | null;
+  }>(`${getRootPath()}/pre_check_add_account_rule/`, params);