Skip to content

Commit

Permalink
Merge pull request #293 from TencentBlueKing/develop
Browse files Browse the repository at this point in the history
v.12.12
  • Loading branch information
zhu327 authored Apr 8, 2024
2 parents 9c73403 + 860b994 commit 8df6afe
Show file tree
Hide file tree
Showing 13 changed files with 141 additions and 43 deletions.
2 changes: 1 addition & 1 deletion VERSION
Original file line number Diff line number Diff line change
@@ -1 +1 @@
1.12.11
1.12.12
7 changes: 7 additions & 0 deletions build/bkpkg-bkiam.yaml
Original file line number Diff line number Diff line change
@@ -0,0 +1,7 @@
bkpkg: v1
name: bkiam
type: file+tar
description: 权限中心后台
contains:
relations:
bkimports:
2 changes: 1 addition & 1 deletion pkg/api/web/handler/action_slz.go
Original file line number Diff line number Diff line change
Expand Up @@ -16,7 +16,7 @@ import (

const (
actionSupportFields = "id,name,name_en,related_resource_types,version,type,auth_type," +
"hidden,description,description_en,related_actions,related_environments"
"hidden,description,description_en,related_actions,related_environments,sensitivity"
actionDefaultFields = "id,name,name_en"
)

Expand Down
18 changes: 6 additions & 12 deletions pkg/database/dao/expression.go
Original file line number Diff line number Diff line change
Expand Up @@ -148,20 +148,14 @@ func (m *expressionManager) selectAuthByPKs(expressions *[]AuthExpression, pks [
}

func (m *expressionManager) selectBySignaturesType(expressions *[]Expression, signatures []string, _type int64) error {
query := `SELECT
pk,
type,
expression,
signature
FROM expression
WHERE pk IN (
SELECT
MIN(pk)
query := `SELECT e.pk, e.type, e.expression, e.signature
FROM expression e
JOIN (
SELECT MIN(pk) AS min_pk
FROM expression
WHERE signature IN (?)
AND type = ?
WHERE signature IN (?) AND type = ?
GROUP BY signature
)`
) subquery ON e.pk = subquery.min_pk`
return database.SqlxSelect(m.DB, expressions, query, signatures, _type)
}

Expand Down
2 changes: 1 addition & 1 deletion pkg/database/dao/expression_test.go
Original file line number Diff line number Diff line change
Expand Up @@ -141,7 +141,7 @@ func Test_expressionManager_ListDistinctBySignaturesType(t *testing.T) {
Signature: "test2",
},
}
mockQuery := `^SELECT pk, type, expression, signature FROM expression WHERE pk IN`
mockQuery := `^SELECT e.pk, e.type, e.expression, e.signature FROM expression e`
mockRows := database.NewMockRows(mock, mockData...)
mock.ExpectQuery(mockQuery).WithArgs("a", "b", int64(1)).WillReturnRows(mockRows)

Expand Down
4 changes: 4 additions & 0 deletions pkg/database/dao/group_resource_policy.go
Original file line number Diff line number Diff line change
Expand Up @@ -216,6 +216,10 @@ func (m *groupResourcePolicyManager) BulkDeleteByGroupPKsWithTx(
tx *sqlx.Tx,
groupPKs []int64,
) error {
if len(groupPKs) == 0 {
return nil
}

sql := `DELETE FROM rbac_group_resource_policy WHERE group_pk IN (?)`
return database.SqlxDeleteWithTx(tx, sql, groupPKs)
}
Expand Down
24 changes: 12 additions & 12 deletions pkg/database/dao/mock/subject_group.go

Some generated files are not rendered by default. Learn more about how customized files appear on GitHub.

14 changes: 14 additions & 0 deletions pkg/database/dao/mock/subject_template_group.go

Some generated files are not rendered by default. Learn more about how customized files appear on GitHub.

12 changes: 6 additions & 6 deletions pkg/database/dao/subject_group.go
Original file line number Diff line number Diff line change
Expand Up @@ -68,8 +68,8 @@ type SubjectGroupManager interface {
FilterGroupPKsHasMemberBeforeExpiredAt(groupPKs []int64, expiredAt int64) ([]int64, error)

BulkCreateWithTx(tx *sqlx.Tx, relations []SubjectRelation) error
BulkDeleteBySubjectPKs(tx *sqlx.Tx, subjectPKs []int64) error
BulkDeleteByGroupPKs(tx *sqlx.Tx, groupPKs []int64) error
BulkDeleteBySubjectPKsWithTx(tx *sqlx.Tx, subjectPKs []int64) error
BulkDeleteByGroupPKsWithTx(tx *sqlx.Tx, groupPKs []int64) error
BulkUpdateExpiredAtWithTx(tx *sqlx.Tx, relations []SubjectRelation) error

ListGroupMember(groupPK int64) ([]SubjectRelation, error)
Expand Down Expand Up @@ -352,16 +352,16 @@ func (m *subjectGroupManager) BulkCreateWithTx(tx *sqlx.Tx, relations []SubjectR
return m.bulkInsertWithTx(tx, relations)
}

// BulkDeleteBySubjectPKs ...
func (m *subjectGroupManager) BulkDeleteBySubjectPKs(tx *sqlx.Tx, subjectPKs []int64) error {
// BulkDeleteBySubjectPKsWithTx ...
func (m *subjectGroupManager) BulkDeleteBySubjectPKsWithTx(tx *sqlx.Tx, subjectPKs []int64) error {
if len(subjectPKs) == 0 {
return nil
}
return m.bulkDeleteBySubjectPKs(tx, subjectPKs)
}

// BulkDeleteByGroupPKs ...
func (m *subjectGroupManager) BulkDeleteByGroupPKs(tx *sqlx.Tx, groupPKs []int64) error {
// BulkDeleteByGroupPKsWithTx ...
func (m *subjectGroupManager) BulkDeleteByGroupPKsWithTx(tx *sqlx.Tx, groupPKs []int64) error {
if len(groupPKs) == 0 {
return nil
}
Expand Down
13 changes: 12 additions & 1 deletion pkg/database/dao/subject_template_group.go
Original file line number Diff line number Diff line change
Expand Up @@ -34,6 +34,7 @@ type SubjectTemplateGroup struct {

type SubjectTemplateGroupManager interface {
GetTemplateGroupMemberCount(groupPK, templateID int64) (int64, error)
GetMaxExpiredAtBySubjectGroup(subjectPK, groupPK int64, excludeTemplateID int64) (int64, error)
ListPagingTemplateGroupMember(
groupPK, templateID int64,
limit, offset int64,
Expand All @@ -46,7 +47,7 @@ type SubjectTemplateGroupManager interface {
BulkUpdateExpiredAtWithTx(tx *sqlx.Tx, relations []SubjectTemplateGroup) error
BulkUpdateExpiredAtByRelationWithTx(tx *sqlx.Tx, relations []SubjectRelation) error
BulkDeleteWithTx(tx *sqlx.Tx, relations []SubjectTemplateGroup) error
GetMaxExpiredAtBySubjectGroup(subjectPK, groupPK int64, excludeTemplateID int64) (int64, error)
BulkDeleteBySubjectPKsWithTx(tx *sqlx.Tx, subjectPKs []int64) error
}

type subjectTemplateGroupManager struct {
Expand Down Expand Up @@ -235,3 +236,13 @@ func (m *subjectTemplateGroupManager) ListThinRelationWithMaxExpiredAtByGroupPK(

return relations, err
}

func (m *subjectTemplateGroupManager) BulkDeleteBySubjectPKsWithTx(tx *sqlx.Tx, subjectPKs []int64) error {
if len(subjectPKs) == 0 {
return nil
}

sql := `DELETE FROM subject_template_group
WHERE subject_pk in (?)`
return database.SqlxDeleteWithTx(tx, sql, subjectPKs)
}
14 changes: 12 additions & 2 deletions pkg/service/group.go
Original file line number Diff line number Diff line change
Expand Up @@ -879,7 +879,7 @@ func (l *groupService) BulkDeleteByGroupPKsWithTx(tx *sqlx.Tx, groupPKs []int64)
errorWrapf := errorx.NewLayerFunctionErrorWrapf(GroupSVC, "BulkDeleteByGroupPKsWithTx")

// 批量用户组删除成员关系 subjectRelation
err := l.manager.BulkDeleteByGroupPKs(tx, groupPKs)
err := l.manager.BulkDeleteByGroupPKsWithTx(tx, groupPKs)
if err != nil {
return errorWrapf(
err, "manager.BulkDeleteByGroupPKs group_pks=`%+v` fail", groupPKs)
Expand All @@ -893,12 +893,22 @@ func (l *groupService) BulkDeleteBySubjectPKsWithTx(tx *sqlx.Tx, subjectPKs []in
errorWrapf := errorx.NewLayerFunctionErrorWrapf(GroupSVC, "BulkDeleteBySubjectPKsWithTx")

// 批量其加入的用户组关系 subjectRelation
err := l.manager.BulkDeleteBySubjectPKs(tx, subjectPKs)
err := l.manager.BulkDeleteBySubjectPKsWithTx(tx, subjectPKs)
if err != nil {
return errorWrapf(
err, "manager.BulkDeleteBySubjectPKs subject_pks=`%+v` fail", subjectPKs)
}

// 批量删除subject template group
err = l.subjectTemplateGroupManager.BulkDeleteBySubjectPKsWithTx(tx, subjectPKs)
if err != nil {
return errorWrapf(
err,
"subjectTemplateGroupManager.BulkDeleteBySubjectPKsWithTx subjectPKs=`%+v` fail",
subjectPKs,
)
}

// 批量删除用户的subject system group
err = l.subjectSystemGroupManager.DeleteBySubjectPKsWithTx(tx, subjectPKs)
if err != nil {
Expand Down
48 changes: 41 additions & 7 deletions pkg/service/group_test.go
Original file line number Diff line number Diff line change
Expand Up @@ -81,7 +81,7 @@ var _ = Describe("GroupService", func() {
It("manager.BulkDeleteBySubjectPKs fail", func() {
mockSubjectService := mock.NewMockSubjectGroupManager(ctl)

mockSubjectService.EXPECT().BulkDeleteBySubjectPKs(gomock.Any(), []int64{1, 2}).Return(
mockSubjectService.EXPECT().BulkDeleteBySubjectPKsWithTx(gomock.Any(), []int64{1, 2}).Return(
errors.New("error"),
).AnyTimes()

Expand All @@ -94,10 +94,37 @@ var _ = Describe("GroupService", func() {
assert.Contains(GinkgoT(), err.Error(), "BulkDeleteBySubjectPKs")
})

It("manager.BulkDeleteBySubjectPKs fail", func() {
mockSubjectService := mock.NewMockSubjectGroupManager(ctl)

mockSubjectService.EXPECT().BulkDeleteBySubjectPKsWithTx(gomock.Any(), []int64{1, 2}).Return(
nil,
).AnyTimes()

mockSubjectTemplateGroupService := mock.NewMockSubjectTemplateGroupManager(ctl)
mockSubjectTemplateGroupService.EXPECT().BulkDeleteBySubjectPKsWithTx(gomock.Any(), []int64{1, 2}).Return(
errors.New("error"),
).AnyTimes()

manager := &groupService{
manager: mockSubjectService,
subjectTemplateGroupManager: mockSubjectTemplateGroupService,
}

err := manager.BulkDeleteBySubjectPKsWithTx(nil, []int64{1, 2})
assert.Error(GinkgoT(), err)
assert.Contains(GinkgoT(), err.Error(), "subjectTemplateGroupManager.BulkDeleteBySubjectPKsWithTx")
})

It("subjectSystemGroupManager.DeleteBySubjectPKsWithTx fail", func() {
mockSubjectService := mock.NewMockSubjectGroupManager(ctl)

mockSubjectService.EXPECT().BulkDeleteBySubjectPKs(gomock.Any(), []int64{1, 2}).Return(
mockSubjectService.EXPECT().BulkDeleteBySubjectPKsWithTx(gomock.Any(), []int64{1, 2}).Return(
nil,
).AnyTimes()

mockSubjectTemplateGroupService := mock.NewMockSubjectTemplateGroupManager(ctl)
mockSubjectTemplateGroupService.EXPECT().BulkDeleteBySubjectPKsWithTx(gomock.Any(), []int64{1, 2}).Return(
nil,
).AnyTimes()

Expand All @@ -107,8 +134,9 @@ var _ = Describe("GroupService", func() {
).AnyTimes()

manager := &groupService{
manager: mockSubjectService,
subjectSystemGroupManager: mockSubjectSystemGroupService,
manager: mockSubjectService,
subjectSystemGroupManager: mockSubjectSystemGroupService,
subjectTemplateGroupManager: mockSubjectTemplateGroupService,
}

err := manager.BulkDeleteBySubjectPKsWithTx(nil, []int64{1, 2})
Expand All @@ -119,7 +147,12 @@ var _ = Describe("GroupService", func() {
It("ok", func() {
mockSubjectService := mock.NewMockSubjectGroupManager(ctl)

mockSubjectService.EXPECT().BulkDeleteBySubjectPKs(gomock.Any(), []int64{1, 2}).Return(
mockSubjectService.EXPECT().BulkDeleteBySubjectPKsWithTx(gomock.Any(), []int64{1, 2}).Return(
nil,
).AnyTimes()

mockSubjectTemplateGroupService := mock.NewMockSubjectTemplateGroupManager(ctl)
mockSubjectTemplateGroupService.EXPECT().BulkDeleteBySubjectPKsWithTx(gomock.Any(), []int64{1, 2}).Return(
nil,
).AnyTimes()

Expand All @@ -129,8 +162,9 @@ var _ = Describe("GroupService", func() {
).AnyTimes()

manager := &groupService{
manager: mockSubjectService,
subjectSystemGroupManager: mockSubjectSystemGroupService,
manager: mockSubjectService,
subjectSystemGroupManager: mockSubjectSystemGroupService,
subjectTemplateGroupManager: mockSubjectTemplateGroupService,
}

err := manager.BulkDeleteBySubjectPKsWithTx(nil, []int64{1, 2})
Expand Down
24 changes: 24 additions & 0 deletions release.md
Original file line number Diff line number Diff line change
@@ -1,3 +1,27 @@
# 1.12.12

- add: add default sensitivity level query
- update: optimize SQL for expression queries

# 1.12.11

- add: subject template group api
- add: instace:paste select mod
- update: update requirements version

# 1.12.10

- update: feat: add subject cache batch get

# 1.12.9

- update: update policy list order

# 1.12.8

- update: user subject local cache replace subject cache
- bugfix: action update with hidden

# 1.12.7

- bugfix: delete unreferenced expression
Expand Down

0 comments on commit 8df6afe

Please sign in to comment.