Merge pull request #2639 from actiontech/sqle-ce-2619

Sqle ce 2619

go.mod

@@ -5,7 +5,7 @@ go 1.19
 require (
 	github.com/DATA-DOG/go-sqlmock v1.5.0
 	github.com/Masterminds/semver/v3 v3.1.1
-	github.com/actiontech/dms v0.0.0-20240926055926-19deadba8c4d
+	github.com/actiontech/dms v0.0.0-20240924063121-a47dfeeca205
 	github.com/actiontech/java-sql-extractor v0.0.0-20231103015812-cdd5fc040f62
 	github.com/actiontech/mybatis-mapper-2-sql v0.5.1-0.20240806065717-29cde7000ef5
 	github.com/agiledragon/gomonkey v2.0.2+incompatible

go.sum

@@ -46,8 +46,8 @@ github.com/VividCortex/ewma v1.1.1 h1:MnEK4VOv6n0RSY4vtRe3h11qjxL3+t0B8yOL8iMXdc
 github.com/VividCortex/ewma v1.1.1/go.mod h1:2Tkkvm3sRDVXaiyucHiACn4cqf7DpdyLvmxzcbUokwA=
 github.com/acomagu/bufpipe v1.0.4 h1:e3H4WUzM3npvo5uv95QuJM3cQspFNtFBzvJ2oNjKIDQ=
 github.com/acomagu/bufpipe v1.0.4/go.mod h1:mxdxdup/WdsKVreO5GpW4+M/1CE2sMG4jeGJ2sYmHc4=
-github.com/actiontech/dms v0.0.0-20240926055926-19deadba8c4d h1:/z2JFYFzVhfYlyhoQzkJB6Lhb5mFP2DpScZKWJ+vgTI=
-github.com/actiontech/dms v0.0.0-20240926055926-19deadba8c4d/go.mod h1:Jm+tDoBYmX8R8zqgPJRq1NwZXdxO/F+HxVRJVF65WXA=
+github.com/actiontech/dms v0.0.0-20240924063121-a47dfeeca205 h1:5+IsvHRG4pMyTGOrl2QmRbHBbXSwWjUAq9PzVlUY8QI=
+github.com/actiontech/dms v0.0.0-20240924063121-a47dfeeca205/go.mod h1:Jm+tDoBYmX8R8zqgPJRq1NwZXdxO/F+HxVRJVF65WXA=
 github.com/actiontech/java-sql-extractor v0.0.0-20231103015812-cdd5fc040f62 h1:JM7WnLzlvXOGE90KKd+aigi+qUDS+U5dLwQMNpTKZxE=
 github.com/actiontech/java-sql-extractor v0.0.0-20231103015812-cdd5fc040f62/go.mod h1:adDZHhAf2LRMx2h0JzofPXn12x2XlyQjVE116KXquwo=
 github.com/actiontech/mybatis-mapper-2-sql v0.5.1-0.20240806065717-29cde7000ef5 h1:vyQVrkYPzUV9d7gSvOWoezwWMTiC4jc3f3Hpianefq0=

sqle/api/controller/v1/audit_plan.go

@@ -475,7 +475,7 @@ func DeleteAuditPlan(c echo.Context) error {
 
 	apName := c.Param("audit_plan_name")
 
-	ap, exist, err := GetAuditPlanIfCurrentUserCanAccess(c, projectUid, apName, "")
+	ap, exist, err := GetAuditPlanIfCurrentUserCanOp(c, projectUid, apName, "")
 	if err != nil {
 		return controller.JSONBaseErrorReq(c, err)
 	}
@@ -521,7 +521,7 @@ func UpdateAuditPlan(c echo.Context) error {
 
 	storage := model.GetStorage()
 
-	ap, exist, err := GetAuditPlanIfCurrentUserCanAccess(c, projectUid, apName, "")
+	ap, exist, err := GetAuditPlanIfCurrentUserCanOp(c, projectUid, apName, "")
 	if err != nil {
 		return controller.JSONBaseErrorReq(c, err)
 	}
@@ -654,7 +654,7 @@ func GetAuditPlans(c echo.Context) error {
 		"current_user_is_admin":           up.IsAdmin(),
 		"offset":                          offset,
 	}
-	if !up.IsAdmin() {
+	if !up.CanViewProject() {
 		instanceNames, err := dms.GetInstanceNamesInProjectByIds(c.Request().Context(), projectUid, up.GetInstancesByOP(v1.OpPermissionTypeViewOtherAuditPlan))
 		if err != nil {
 			return err
@@ -713,7 +713,7 @@ func GetAuditPlan(c echo.Context) error {
 	}
 	apName := c.Param("audit_plan_name")
 
-	ap, exist, err := GetAuditPlanIfCurrentUserCanAccess(c, projectUid, apName, "")
+	ap, exist, err := GetAuditPlanIfCurrentUserCanView(c, projectUid, apName, "")
 	if err != nil {
 		return controller.JSONBaseErrorReq(c, err)
 	}
@@ -786,7 +786,7 @@ func GetAuditPlanReports(c echo.Context) error {
 	}
 	apName := c.Param("audit_plan_name")
 
-	_, exist, err := GetAuditPlanIfCurrentUserCanAccess(c, projectUid, apName, v1.OpPermissionTypeViewOtherAuditPlan)
+	_, exist, err := GetAuditPlanIfCurrentUserCanView(c, projectUid, apName, v1.OpPermissionTypeViewOtherAuditPlan)
 	if err != nil {
 		return controller.JSONBaseErrorReq(c, err)
 	}
@@ -846,7 +846,7 @@ func GetAuditPlanReport(c echo.Context) error {
 	}
 	apName := c.Param("audit_plan_name")
 
-	ap, exist, err := GetAuditPlanIfCurrentUserCanAccess(c, projectUid, apName, v1.OpPermissionTypeViewOtherAuditPlan)
+	ap, exist, err := GetAuditPlanIfCurrentUserCanView(c, projectUid, apName, v1.OpPermissionTypeViewOtherAuditPlan)
 	if err != nil {
 		return controller.JSONBaseErrorReq(c, err)
 	}
@@ -1093,7 +1093,7 @@ func TriggerAuditPlan(c echo.Context) error {
 	}
 	apName := c.Param("audit_plan_name")
 
-	ap, exist, err := GetAuditPlanIfCurrentUserCanAccess(c, projectUid, apName, "")
+	ap, exist, err := GetAuditPlanIfCurrentUserCanOp(c, projectUid, apName, "")
 	if err != nil {
 		return controller.JSONBaseErrorReq(c, err)
 	}
@@ -1152,7 +1152,7 @@ func UpdateAuditPlanNotifyConfig(c echo.Context) error {
 
 	storage := model.GetStorage()
 
-	ap, exist, err := GetAuditPlanIfCurrentUserCanAccess(c, projectUid, apName, "")
+	ap, exist, err := GetAuditPlanIfCurrentUserCanOp(c, projectUid, apName, "")
 	if err != nil {
 		return controller.JSONBaseErrorReq(c, err)
 	}
@@ -1214,7 +1214,7 @@ func GetAuditPlanNotifyConfig(c echo.Context) error {
 	}
 	apName := c.Param("audit_plan_name")
 
-	ap, exist, err := GetAuditPlanIfCurrentUserCanAccess(c, projectUid, apName, v1.OpPermissionTypeViewOtherAuditPlan)
+	ap, exist, err := GetAuditPlanIfCurrentUserCanView(c, projectUid, apName, v1.OpPermissionTypeViewOtherAuditPlan)
 	if err != nil {
 		return controller.JSONBaseErrorReq(c, err)
 	}
@@ -1261,7 +1261,7 @@ func TestAuditPlanNotifyConfig(c echo.Context) error {
 	}
 	apName := c.Param("audit_plan_name")
 
-	ap, exist, err := GetAuditPlanIfCurrentUserCanAccess(c, projectUid, apName, "")
+	ap, exist, err := GetAuditPlanIfCurrentUserCanView(c, projectUid, apName, "")
 	if err != nil {
 		return controller.JSONBaseErrorReq(c, err)
 	}
@@ -1390,7 +1390,7 @@ func GetAuditPlanSQLs(c echo.Context) error {
 	}
 	apName := c.Param("audit_plan_name")
 
-	ap, exist, err := GetAuditPlanIfCurrentUserCanAccess(c, projectUid, apName, v1.OpPermissionTypeViewOtherAuditPlan)
+	ap, exist, err := GetAuditPlanIfCurrentUserCanView(c, projectUid, apName, v1.OpPermissionTypeViewOtherAuditPlan)
 	if err != nil {
 		return controller.JSONBaseErrorReq(c, err)
 	}
@@ -1471,7 +1471,7 @@ func GetAuditPlanReportSQLsV1(c echo.Context) error {
 	}
 	apName := c.Param("audit_plan_name")
 
-	ap, exist, err := GetAuditPlanIfCurrentUserCanAccess(c, projectUid, apName, v1.OpPermissionTypeViewOtherAuditPlan)
+	ap, exist, err := GetAuditPlanIfCurrentUserCanView(c, projectUid, apName, v1.OpPermissionTypeViewOtherAuditPlan)
 	if err != nil {
 		return controller.JSONBaseErrorReq(c, err)
 	}

sqle/api/controller/v1/instance.go

@@ -120,7 +120,7 @@ func CheckInstanceIsConnectableByName(c echo.Context) error {
 		return controller.JSONBaseErrorReq(c, ErrInstanceNoAccess)
 	}
 
-	can, err := CheckCurrentUserCanAccessInstances(c.Request().Context(), projectUid, controller.GetUserID(c), []*model.Instance{instance})
+	can, err := CheckCurrentUserCanViewInstances(c.Request().Context(), projectUid, controller.GetUserID(c), []*model.Instance{instance})
 	if err != nil {
 		return controller.JSONBaseErrorReq(c, err)
 	}
@@ -195,7 +195,7 @@ func BatchCheckInstanceConnections(c echo.Context) error {
 		return controller.JSONBaseErrorReq(c, ErrInstanceNoAccess)
 	}
 
-	can, err := CheckCurrentUserCanAccessInstances(c.Request().Context(), projectUid, controller.GetUserID(c), instances)
+	can, err := CheckCurrentUserCanViewInstances(c.Request().Context(), projectUid, controller.GetUserID(c), instances)
 	if err != nil {
 		return controller.JSONBaseErrorReq(c, err)
 	}
@@ -301,7 +301,7 @@ func GetInstanceSchemas(c echo.Context) error {
 		return controller.JSONBaseErrorReq(c, ErrInstanceNoAccess)
 	}
 
-	can, err := CheckCurrentUserCanAccessInstances(c.Request().Context(), projectUid, controller.GetUserID(c), []*model.Instance{instance})
+	can, err := CheckCurrentUserCanViewInstances(c.Request().Context(), projectUid, controller.GetUserID(c), []*model.Instance{instance})
 	if err != nil {
 		return controller.JSONBaseErrorReq(c, err)
 	}
@@ -462,7 +462,7 @@ func GetInstanceRules(c echo.Context) error {
 		return controller.JSONBaseErrorReq(c, errors.New(errors.DataNotExist, fmt.Errorf("instance is not exist")))
 	}
 
-	can, err := CheckCurrentUserCanAccessInstances(c.Request().Context(), projectUid, controller.GetUserID(c), []*model.Instance{instance})
+	can, err := CheckCurrentUserCanViewInstances(c.Request().Context(), projectUid, controller.GetUserID(c), []*model.Instance{instance})
 	if err != nil {
 		return controller.JSONBaseErrorReq(c, err)
 	}

sqle/api/controller/v1/instance_audit_plan.go

@@ -234,7 +234,7 @@ func DeleteInstanceAuditPlan(c echo.Context) error {
 	}
 	s := model.GetStorage()
 	// check current user instance audit plan permission
-	_, exist, err := GetInstanceAuditPlanIfCurrentUserCanAccess(c, projectUID, instanceAuditPlanID, v1.OpPermissionTypeSaveAuditPlan)
+	_, exist, err := GetInstanceAuditPlanIfCurrentUserCanOp(c, projectUID, instanceAuditPlanID, v1.OpPermissionTypeSaveAuditPlan)
 	if err != nil {
 		return controller.JSONBaseErrorReq(c, err)
 	}
@@ -276,7 +276,7 @@ func UpdateInstanceAuditPlan(c echo.Context) error {
 		return controller.JSONBaseErrorReq(c, err)
 	}
 	// check current user instance audit plan permission
-	dbAuditPlans, exist, err := GetInstanceAuditPlanIfCurrentUserCanAccess(c, projectUID, instanceAuditPlanID, v1.OpPermissionTypeSaveAuditPlan)
+	dbAuditPlans, exist, err := GetInstanceAuditPlanIfCurrentUserCanOp(c, projectUID, instanceAuditPlanID, v1.OpPermissionTypeSaveAuditPlan)
 	if err != nil {
 		return controller.JSONBaseErrorReq(c, err)
 	}
@@ -389,7 +389,7 @@ func UpdateInstanceAuditPlanStatus(c echo.Context) error {
 		return controller.JSONBaseErrorReq(c, err)
 	}
 	// check current user instance audit plan permission
-	instanceAuditPlan, exist, err := GetInstanceAuditPlanIfCurrentUserCanAccess(c, projectUID, instanceAuditPlanID, v1.OpPermissionTypeSaveAuditPlan)
+	instanceAuditPlan, exist, err := GetInstanceAuditPlanIfCurrentUserCanOp(c, projectUID, instanceAuditPlanID, v1.OpPermissionTypeSaveAuditPlan)
 	if err != nil {
 		return controller.JSONBaseErrorReq(c, err)
 	}
@@ -501,7 +501,7 @@ func GetInstanceAuditPlans(c echo.Context) error {
 		"limit":                              limit,
 		"offset":                             offset,
 	}
-	if !up.IsAdmin() {
+	if !up.CanViewProject() {
 		accessinstanceId := up.GetInstancesByOP(v1.OpPermissionTypeViewOtherAuditPlan)
 		if len(accessinstanceId) > 0 {
 			data["accessible_instances_id"] = fmt.Sprintf("\"%s\"", strings.Join(accessinstanceId, "\",\""))
@@ -632,7 +632,7 @@ func GetInstanceAuditPlanDetail(c echo.Context) error {
 		return controller.JSONBaseErrorReq(c, err)
 	}
 	// check current user instance audit plan permission
-	detail, exist, err := GetInstanceAuditPlanIfCurrentUserCanAccess(c, projectUID, instanceAuditPlanID, v1.OpPermissionTypeViewOtherAuditPlan)
+	detail, exist, err := GetInstanceAuditPlanIfCurrentUserCanView(c, projectUID, instanceAuditPlanID, v1.OpPermissionTypeViewOtherAuditPlan)
 	if err != nil {
 		return controller.JSONBaseErrorReq(c, err)
 	}
@@ -758,7 +758,7 @@ func GetInstanceAuditPlanOverview(c echo.Context) error {
 		return controller.JSONBaseErrorReq(c, err)
 	}
 	// check current user instance audit plan permission
-	detail, exist, err := GetInstanceAuditPlanIfCurrentUserCanAccess(c, projectUID, instanceAuditPlanID, v1.OpPermissionTypeViewOtherAuditPlan)
+	detail, exist, err := GetInstanceAuditPlanIfCurrentUserCanView(c, projectUID, instanceAuditPlanID, v1.OpPermissionTypeViewOtherAuditPlan)
 	if err != nil {
 		return controller.JSONBaseErrorReq(c, err)
 	}
@@ -875,7 +875,7 @@ func DeleteAuditPlanById(c echo.Context) error {
 		return controller.JSONBaseErrorReq(c, err)
 	}
 	// check current user instance audit plan permission
-	_, exist, err := GetInstanceAuditPlanIfCurrentUserCanAccess(c, projectUID, instanceAuditPlanID, v1.OpPermissionTypeSaveAuditPlan)
+	_, exist, err := GetInstanceAuditPlanIfCurrentUserCanOp(c, projectUID, instanceAuditPlanID, v1.OpPermissionTypeSaveAuditPlan)
 	if err != nil {
 		return controller.JSONBaseErrorReq(c, err)
 	}
@@ -922,7 +922,7 @@ func UpdateAuditPlanStatus(c echo.Context) error {
 		return controller.JSONBaseErrorReq(c, err)
 	}
 	// check current user instance audit plan permission
-	deatil, exist, err := GetInstanceAuditPlanIfCurrentUserCanAccess(c, projectUID, instanceAuditPlanID, v1.OpPermissionTypeSaveAuditPlan)
+	deatil, exist, err := GetInstanceAuditPlanIfCurrentUserCanOp(c, projectUID, instanceAuditPlanID, v1.OpPermissionTypeSaveAuditPlan)
 	if err != nil {
 		return controller.JSONBaseErrorReq(c, err)
 	}
@@ -975,7 +975,7 @@ func GetInstanceAuditPlanSQLs(c echo.Context) error {
 		return controller.JSONBaseErrorReq(c, err)
 	}
 	// check current user instance audit plan permission
-	_, exist, err := GetInstanceAuditPlanIfCurrentUserCanAccess(c, projectUID, instanceAuditPlanID, v1.OpPermissionTypeViewOtherAuditPlan)
+	_, exist, err := GetInstanceAuditPlanIfCurrentUserCanView(c, projectUID, instanceAuditPlanID, v1.OpPermissionTypeViewOtherAuditPlan)
 	if err != nil {
 		return controller.JSONBaseErrorReq(c, err)
 	}
@@ -1074,7 +1074,7 @@ func GetInstanceAuditPlanSQLMeta(c echo.Context) error {
 		return controller.JSONBaseErrorReq(c, err)
 	}
 	// check current user instance audit plan permission
-	_, exist, err := GetInstanceAuditPlanIfCurrentUserCanAccess(c, projectUID, instanceAuditPlanID, v1.OpPermissionTypeViewOtherAuditPlan)
+	_, exist, err := GetInstanceAuditPlanIfCurrentUserCanView(c, projectUID, instanceAuditPlanID, v1.OpPermissionTypeViewOtherAuditPlan)
 	if err != nil {
 		return controller.JSONBaseErrorReq(c, err)
 	}
@@ -1174,7 +1174,7 @@ func GetInstanceAuditPlanSQLData(c echo.Context) error {
 		return controller.JSONBaseErrorReq(c, err)
 	}
 	// check current user instance audit plan permission
-	_, exist, err := GetInstanceAuditPlanIfCurrentUserCanAccess(c, projectUID, instanceAuditPlanID, v1.OpPermissionTypeViewOtherAuditPlan)
+	_, exist, err := GetInstanceAuditPlanIfCurrentUserCanView(c, projectUID, instanceAuditPlanID, v1.OpPermissionTypeViewOtherAuditPlan)
 	if err != nil {
 		return controller.JSONBaseErrorReq(c, err)
 	}
@@ -1240,7 +1240,7 @@ func GetInstanceAuditPlanSQLExport(c echo.Context) error {
 		return controller.JSONBaseErrorReq(c, err)
 	}
 	// check current user instance audit plan permission
-	_, exist, err := GetInstanceAuditPlanIfCurrentUserCanAccess(c, projectUID, instanceAuditPlanID, v1.OpPermissionTypeViewOtherAuditPlan)
+	_, exist, err := GetInstanceAuditPlanIfCurrentUserCanView(c, projectUID, instanceAuditPlanID, v1.OpPermissionTypeViewOtherAuditPlan)
 	if err != nil {
 		return controller.JSONBaseErrorReq(c, err)
 	}
@@ -1337,7 +1337,7 @@ func GetAuditPlanSqlAnalysisData(c echo.Context) error {
 	if err != nil {
 		return controller.JSONBaseErrorReq(c, err)
 	}
-	detail, exist, err := GetInstanceAuditPlanIfCurrentUserCanAccess(c, projectUID, insAuditPlanID, v1.OpPermissionTypeViewOtherAuditPlan)
+	detail, exist, err := GetInstanceAuditPlanIfCurrentUserCanView(c, projectUID, insAuditPlanID, v1.OpPermissionTypeViewOtherAuditPlan)
 	if err != nil {
 		return controller.JSONBaseErrorReq(c, err)
 	}
@@ -1391,7 +1391,7 @@ func AuditPlanTriggerSqlAudit(c echo.Context) error {
 	if err != nil {
 		return controller.JSONBaseErrorReq(c, err)
 	}
-	_, exist, err := GetInstanceAuditPlanIfCurrentUserCanAccess(c, projectUID, insAuditPlanID, v1.OpPermissionTypeSaveAuditPlan)
+	_, exist, err := GetInstanceAuditPlanIfCurrentUserCanOp(c, projectUID, insAuditPlanID, v1.OpPermissionTypeSaveAuditPlan)
 	if err != nil {
 		return controller.JSONBaseErrorReq(c, err)
 	}