diff --git a/build.gradle b/build.gradle index 8e8c0bf..60cd0cb 100644 --- a/build.gradle +++ b/build.gradle @@ -32,7 +32,7 @@ ext { set('lombokVersion', '1.18.10') set("junitVersion", "5.4.2") - String iamVersion = (System.getProperty("iamVersion") ?: "1.0.51") + String iamVersion = (System.getProperty("iamVersion") ?: "1.0.52") if (System.getProperty("snapshot") == "true") { set('iamVersion', iamVersion + "-SNAPSHOT") } else { diff --git a/src/main/java/com/tencent/bk/sdk/iam/constants/V2IamUri.java b/src/main/java/com/tencent/bk/sdk/iam/constants/V2IamUri.java index eb21aa9..da7d353 100644 --- a/src/main/java/com/tencent/bk/sdk/iam/constants/V2IamUri.java +++ b/src/main/java/com/tencent/bk/sdk/iam/constants/V2IamUri.java @@ -24,6 +24,7 @@ public class V2IamUri { public static final String V2_MANAGER_ROLE_GROUP_BELONG = "/api/v2/open/management/systems/%s/users/%s/groups/belong/?groups=%s&inherit=%s"; public static final String V2_MANAGER_ROLE_GROUP_MEMBER_CREATE = "/api/v2/open/management/systems/%s/groups/%s/members/"; public static final String V2_MANAGER_ROLE_GROUP_MEMBER_GET = "/api/v2/open/management/systems/%s/groups/%s/members/"; + public static final String V2_MANAGER_ROLE_GROUP_TEMPLATES_LIST = "/api/v2/open/management/systems/%s/groups/%s/subject_templates/"; public static final String V2_MANAGER_ROLE_GROUP_MEMBER_DEL = "/api/v2/open/management/systems/%s/groups/%s/members/?type=%s&ids=%s"; public static final String V2_MANAGER_ROLE_GROUP_MEMBER_RENEWAL = "/api/v2/open/management/systems/%s/groups/%s/members/-/expired_at/"; public static final String V2_AUTH_POLICY = "/api/v2/policy/systems/%s/auth/"; @@ -39,6 +40,7 @@ public class V2IamUri { public static final String V2_SUBSET_GRADE_MANAGER_GROUP_GET = "/api/v2/open/management/systems/%s/subset_managers/%s/groups/"; public static final String V2_MANAGER_GRADE_GROUP_GET = "/api/v2/open/management/systems/%s/grade_managers/%s/groups/"; public static final String V2_MANAGER_GRADE_TEMPLATE_GET = "/api/v2/open/management/systems/%s/grade_managers/%s/subject_templates/"; + public static final String V2_MEMBER_GROUP_DETAILS_GET = "/api/v2/open/management/systems/%s/grade_managers/%s/group_member_types/%s/members/%s/groups/-/details?group_ids=%s"; // 创建分级管理员 public static final String V2_MANAGER_ROLE_CREATE = "/api/v2/open/management/systems/%s/grade_managers/"; diff --git a/src/main/java/com/tencent/bk/sdk/iam/dto/response/GradeManagerApplicationResponse.java b/src/main/java/com/tencent/bk/sdk/iam/dto/response/GradeManagerApplicationResponse.java index cf4f900..c706d19 100644 --- a/src/main/java/com/tencent/bk/sdk/iam/dto/response/GradeManagerApplicationResponse.java +++ b/src/main/java/com/tencent/bk/sdk/iam/dto/response/GradeManagerApplicationResponse.java @@ -11,13 +11,8 @@ package com.tencent.bk.sdk.iam.dto.response; -import com.tencent.bk.sdk.iam.dto.manager.AuthorizationScopes; -import com.tencent.bk.sdk.iam.dto.manager.ManagerScopes; -import lombok.Builder; import lombok.Data; -import java.util.List; - @Data public class GradeManagerApplicationResponse { /* diff --git a/src/main/java/com/tencent/bk/sdk/iam/dto/response/MemberGroupDetailsResponse.java b/src/main/java/com/tencent/bk/sdk/iam/dto/response/MemberGroupDetailsResponse.java new file mode 100644 index 0000000..d48f461 --- /dev/null +++ b/src/main/java/com/tencent/bk/sdk/iam/dto/response/MemberGroupDetailsResponse.java @@ -0,0 +1,37 @@ +/* + * TencentBlueKing is pleased to support the open source community by making + * 蓝鲸智云-权限中心Java SDK(iam-java-sdk) available. + * Copyright (C) 2017-2021 THL A29 Limited, a Tencent company. All rights reserved. + * Licensed under the MIT License (the "License"); you may not use this file except in compliance with the License. + * You may obtain a copy of the License at http://opensource.org/licenses/MIT + * Unless required by applicable law or agreed to in writing, software distributed under the License is distributed on + * an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the License for the + * specific language governing permissions and limitations under the License. + */ + +package com.tencent.bk.sdk.iam.dto.response; + +import com.fasterxml.jackson.annotation.JsonProperty; +import lombok.Data; + +@Data +public class MemberGroupDetailsResponse { + @JsonProperty("group_id") + private Integer groupId; + + @JsonProperty("group_name") + private String groupName; + + @JsonProperty("group_description") + private String groupDescription; + /** + * 加入时间戳(秒级) + */ + @JsonProperty("created_at") + private Long createdAt; + /** + * 过期时间戳(秒级) + */ + @JsonProperty("expired_at") + private Long expiredAt; +} diff --git a/src/main/java/com/tencent/bk/sdk/iam/service/v2/V2ManagerService.java b/src/main/java/com/tencent/bk/sdk/iam/service/v2/V2ManagerService.java index 19fc447..d30aba9 100644 --- a/src/main/java/com/tencent/bk/sdk/iam/service/v2/V2ManagerService.java +++ b/src/main/java/com/tencent/bk/sdk/iam/service/v2/V2ManagerService.java @@ -11,6 +11,7 @@ package com.tencent.bk.sdk.iam.service.v2; +import com.tencent.bk.sdk.iam.constants.ManagerScopesEnum; import com.tencent.bk.sdk.iam.dto.CallbackApplicationDTO; import com.tencent.bk.sdk.iam.dto.GradeManagerApplicationCreateDTO; import com.tencent.bk.sdk.iam.dto.GradeManagerApplicationUpdateDTO; @@ -21,6 +22,7 @@ import com.tencent.bk.sdk.iam.dto.manager.AuthorizationScopes; import com.tencent.bk.sdk.iam.dto.manager.GroupMemberVerifyInfo; import com.tencent.bk.sdk.iam.dto.manager.ManagerRoleGroup; +import com.tencent.bk.sdk.iam.dto.manager.RoleGroupMemberInfo; import com.tencent.bk.sdk.iam.dto.manager.dto.CreateManagerDTO; import com.tencent.bk.sdk.iam.dto.manager.dto.CreateSubsetManagerDTO; import com.tencent.bk.sdk.iam.dto.manager.dto.GroupMemberRenewApplicationDTO; @@ -37,6 +39,7 @@ import com.tencent.bk.sdk.iam.dto.response.GradeManagerApplicationResponse; import com.tencent.bk.sdk.iam.dto.response.GroupPermissionDetailResponseDTO; import com.tencent.bk.sdk.iam.dto.response.ManagerDetailResponse; +import com.tencent.bk.sdk.iam.dto.response.MemberGroupDetailsResponse; import java.io.IOException; import java.util.List; @@ -63,13 +66,15 @@ public interface V2ManagerService { /** * 查询二级管理员详情 + * * @param subsetManagerId 二级管理员ID */ public ManagerDetailResponse getSubsetManagerDetail(String subsetManagerId); /** * 更新二级管理员 - * @param subsetManagerId 二级管理员ID + * + * @param subsetManagerId 二级管理员ID * @param updateSubsetManagerDTO */ public void updateSubsetManager(String subsetManagerId, UpdateSubsetManagerDTO updateSubsetManagerDTO); @@ -183,6 +188,11 @@ public GradeManagerApplicationResponse updateGradeManagerApplication(String grad */ public ManagerGroupMemberVo getRoleGroupMemberV2(Integer groupId, V2PageInfoDTO pageInfoDTO); + /** + * 用户组下模板列表 + */ + public List listRoleGroupTemplates(Integer groupId, V2PageInfoDTO pageInfoDTO); + /** * 用户组成员续期(不需要审批版本) */ @@ -193,6 +203,10 @@ public GradeManagerApplicationResponse updateGradeManagerApplication(String grad */ public void renewalRoleGroupMemberApplication(GroupMemberRenewApplicationDTO groupMemberRenewApplicationDTO); + /** + * 批量查询用户/组织/人员模板加入的用户组详情 + */ + public MemberGroupDetailsResponse listMemberGroupsDetails(String gradeManagerId, ManagerScopesEnum memberType, String memberId, String groupIds); /** * 查询用户组有权限的Action列表 diff --git a/src/main/java/com/tencent/bk/sdk/iam/service/v2/impl/V2ManagerServiceImpl.java b/src/main/java/com/tencent/bk/sdk/iam/service/v2/impl/V2ManagerServiceImpl.java index d6f649d..2e21594 100644 --- a/src/main/java/com/tencent/bk/sdk/iam/service/v2/impl/V2ManagerServiceImpl.java +++ b/src/main/java/com/tencent/bk/sdk/iam/service/v2/impl/V2ManagerServiceImpl.java @@ -13,6 +13,7 @@ import com.fasterxml.jackson.core.type.TypeReference; import com.tencent.bk.sdk.iam.config.IamConfiguration; +import com.tencent.bk.sdk.iam.constants.ManagerScopesEnum; import com.tencent.bk.sdk.iam.constants.V2IamUri; import com.tencent.bk.sdk.iam.dto.CallbackApplicationDTO; import com.tencent.bk.sdk.iam.dto.GradeManagerApplicationCreateDTO; @@ -25,6 +26,7 @@ import com.tencent.bk.sdk.iam.dto.manager.AuthorizationScopes; import com.tencent.bk.sdk.iam.dto.manager.GroupMemberVerifyInfo; import com.tencent.bk.sdk.iam.dto.manager.ManagerRoleGroup; +import com.tencent.bk.sdk.iam.dto.manager.RoleGroupMemberInfo; import com.tencent.bk.sdk.iam.dto.manager.dto.CreateManagerDTO; import com.tencent.bk.sdk.iam.dto.manager.dto.CreateSubsetManagerDTO; import com.tencent.bk.sdk.iam.dto.manager.dto.GroupMemberRenewApplicationDTO; @@ -42,6 +44,7 @@ import com.tencent.bk.sdk.iam.dto.response.GradeManagerApplicationResponse; import com.tencent.bk.sdk.iam.dto.response.GroupPermissionDetailResponseDTO; import com.tencent.bk.sdk.iam.dto.response.ManagerDetailResponse; +import com.tencent.bk.sdk.iam.dto.response.MemberGroupDetailsResponse; import com.tencent.bk.sdk.iam.dto.response.ResponseDTO; import com.tencent.bk.sdk.iam.exception.IamException; import com.tencent.bk.sdk.iam.service.impl.ApigwHttpClientServiceImpl; @@ -239,6 +242,34 @@ public ManagerGroupMemberVo getRoleGroupMemberV2(Integer groupId, V2PageInfoDTO return null; } + @Override + public List listRoleGroupTemplates(Integer groupId, V2PageInfoDTO pageInfoDTO) { + AuthRequestContext.setRequestName("V2_MANAGER_ROLE_GROUP_TEMPLATES_LIST"); + String url = v2BuildURLPage(String.format(V2IamUri.V2_MANAGER_ROLE_GROUP_TEMPLATES_LIST, iamConfiguration.getSystemId(), groupId), pageInfoDTO); + try { + String responseStr = apigwHttpClientService.doHttpGet(url); + if (StringUtils.isNotBlank(responseStr)) { + log.debug("list role group templates response|{}", responseStr); + ResponseDTO> responseInfo = JsonUtil.fromJson( + responseStr, + new TypeReference>>() { + }); + if (responseInfo != null) { + ResponseUtil.checkResponse(responseInfo); + return responseInfo.getData(); + } + } else { + log.warn("list role group templates got empty response!"); + } + } catch (IamException iamException) { + throw iamException; + } catch (Exception e) { + log.error("list role group templates failed", e); + throw new RuntimeException(e); + } + return null; + } + @Override public void renewalRoleGroupMemberV2(Integer groupId, ManagerMemberGroupDTO managerMemberGroupDTO) { try { @@ -286,6 +317,44 @@ public void renewalRoleGroupMemberApplication(GroupMemberRenewApplicationDTO gro } } + @Override + public MemberGroupDetailsResponse listMemberGroupsDetails( + String gradeManagerId, + ManagerScopesEnum memberType, + String memberId, + String groupIds + ) { + try { + AuthRequestContext.setRequestName("V2_MEMBER_GROUPS_DETAILS_LIST"); + String url = String.format(V2IamUri.V2_MEMBER_GROUP_DETAILS_GET, + iamConfiguration.getSystemId(), + gradeManagerId, + ManagerScopesEnum.getType(memberType), + memberId, + groupIds + ); + String responseStr = apigwHttpClientService.doHttpGet(url); + if (StringUtils.isNotBlank(responseStr)) { + log.debug("list member groups details response|{}", responseStr); + ResponseDTO responseInfo = + JsonUtil.fromJson(responseStr, new TypeReference>() { + }); + if (responseInfo != null) { + ResponseUtil.checkResponse(responseInfo); + return responseInfo.getData(); + } + } else { + log.warn("list member groups details got empty response!"); + } + } catch (IamException iamException) { + throw iamException; + } catch (Exception e) { + log.error("list member groups details failed", e); + throw new RuntimeException(e); + } + return null; + } + @Override public List getRoleGroupActionV2(Integer groupId) { AuthRequestContext.setRequestName("V2_MANAGER_ROLE_GROUP_ACTION_GET");