Merge pull request #100 from jumpserver/dev

[hotfix]更改路由权限验证模块

.dockerignore

@@ -1,2 +1,3 @@
+lina
 dist
 node_modules

.eslintignore

@@ -2,4 +2,5 @@ build/*.js
 src/assets
 public
 dist
+lina
 node_modules

.gitignore

@@ -1,6 +1,7 @@
 .DS_Store
 node_modules/
 dist/
+lina/
 npm-debug.log*
 yarn-debug.log*
 yarn-error.log*

Dockerfile

@@ -8,5 +8,5 @@ RUN yarn build:prod
 
 
 FROM nginx:alpine
-COPY --from=stage-build /data/dist /opt/lina/
+COPY --from=stage-build /data/lina /opt/lina/
 COPY nginx.conf /etc/nginx/conf.d/default.conf

src/router/applications.js

@@ -1,32 +1,41 @@
 import i18n from '@/i18n/i18n'
+import empty from '@/layout/empty'
 
 export default [
   {
     path: 'remote-apps',
+    redirect: '',
+    component: empty,
+    meta: { title: i18n.t('route.RemoteApp'), licenseRequired: true },
+    children: [
+      {
+        path: '',
         name: 'RemoteAppList',
-    component: () => import('@/views/applications/RemoteApp/RemoteAppList'),
-    meta: { title: i18n.t('route.RemoteApp'), licenseRequired: true }
+        meta: { title: i18n.t('route.RemoteApp') },
+        component: () => import('@/views/applications/RemoteApp/RemoteAppList')
       },
       {
-    path: 'remote-apps/create',
+        path: 'create',
         name: 'RemoteAppCreate',
         component: () => import('@/views/applications/RemoteApp/RemoteAppCreateUpdate'),
-    meta: { title: i18n.t('route.RemoteApp'), activeMenu: '/applications/remote-apps', action: 'create', licenseRequired: true },
+        meta: { title: i18n.t('route.RemoteApp'), activeMenu: '/applications/remote-apps', action: 'create' },
         hidden: true
       },
       {
-    path: 'remote-apps/:id/update',
+        path: ':id/update',
         name: 'RemoteAppUpdate',
         component: () => import('@/views/applications/RemoteApp/RemoteAppCreateUpdate'),
-    meta: { title: i18n.t('route.RemoteAppUpdate'), activeMenu: '/applications/remote-apps', action: 'update', licenseRequired: true },
+        meta: { title: i18n.t('route.RemoteAppUpdate'), activeMenu: '/applications/remote-apps', action: 'update' },
         hidden: true
       },
       {
-    path: 'remote-apps/:id',
+        path: ':id',
         name: 'RemoteAppDetail',
         component: () => import('@/views/applications/RemoteApp/RemoteAppDetail/index'),
-    meta: { title: i18n.t('route.RemoteAppDetail'), activeMenu: '/applications/remote-apps', licenseRequired: true },
+        meta: { title: i18n.t('route.RemoteAppDetail'), activeMenu: '/applications/remote-apps' },
         hidden: true
+      }
+    ]
   },
   {
     path: 'database-apps',

src/router/index.js

@@ -105,6 +105,7 @@ export const allRoleRoutes = [
     component: Layout,
     redirect: '/applications/remote-apps/',
     name: 'applications',
+    alwaysShow: true,
     meta: { title: i18n.t('route.Applications'), icon: 'th' },
     children: ApplicationsRoute
   },
@@ -129,6 +130,7 @@ export const allRoleRoutes = [
     component: Layout,
     redirect: '/ops/tasks/',
     name: 'JobCenter',
+    alwaysShow: true,
     meta: { title: i18n.t('route.JobCenter'), icon: 'coffee' },
     children: OpsRoutes
   },

src/router/ops.js

@@ -1,5 +1,5 @@
 import i18n from '@/i18n/i18n'
-
+import rolec from '@/utils/role'
 export default [
   {
     path: 'tasks',
@@ -45,6 +45,6 @@ export default [
     path: 'task/monitor',
     name: 'TaskMonitor',
     component: () => window.open(`/core/flower?_=${Date.now()}`),
-    meta: { title: i18n.t('route.TaskMonitor') }
+    meta: { title: i18n.t('route.TaskMonitor'), permissions: [rolec.PERM_SUPER] }
   }
 ]

src/router/perms.js

@@ -1,4 +1,5 @@
 import i18n from '@/i18n/i18n'
+import empty from '@/layout/empty'
 
 const assetPermissionRoutes = [
   {
@@ -33,31 +34,40 @@ const assetPermissionRoutes = [
 const remoteAppPermissionRoutes = [
   {
     path: 'remote-app-permissions',
+    component: empty,
+    meta: { title: i18n.t('route.RemoteAppPermission'), licenseRequired: true },
+    redirect: '',
+    children: [
+      {
+        path: '',
         name: 'RemoteAppPermissionList',
         component: () => import('@/views/perms/RemoteAppPermission/RemoteAppPermissionList'),
         meta: { title: i18n.t('route.RemoteAppPermission') }
+
       },
       {
-    path: 'remote-app-permissions/create',
+        path: 'create',
         component: () => import('@/views/perms/RemoteAppPermission/RemoteAppPermissionCreateUpdate'),
         name: 'RemoteAppPermissionCreate',
         hidden: true,
         meta: { title: i18n.t('route.RemoteAppPermissionCreate'), activeMenu: '/perms/remote-app-permissions', action: 'create' }
       },
       {
-    path: 'remote-app-permissions/update',
+        path: 'update',
         component: () => import('@/views/perms/RemoteAppPermission/RemoteAppPermissionCreateUpdate'),
         name: 'RemoteAppPermissionUpdate',
         hidden: true,
         meta: { title: i18n.t('route.RemoteAppPermissionUpdate'), activeMenu: '/perms/remote-app-permissions', action: 'update' }
       },
       {
-    path: 'remote-app-permissions/:id',
+        path: ':id',
         component: () => import('@/views/perms/RemoteAppPermission/RemoteAppPermissionDetail/index'),
         name: 'RemoteAppPermissionDetail',
         hidden: true,
         meta: { title: i18n.t('route.RemoteAppPermissionDetail'), activeMenu: '/perms/remote-app-permissions' }
+      }]
   }
+
 ]
 
 const databasePermissionRoutes = [

src/router/sessions.js

@@ -1,5 +1,6 @@
 import i18n from '@/i18n/i18n'
 import rolec from '@/utils/role'
+import empty from '@/layout/empty'
 export default [
   {
     path: 'session',
@@ -34,57 +35,65 @@ export default [
   },
   {
     path: 'terminal',
+    component: empty,
+    redirect: '',
+    meta: { title: i18n.t('route.Terminal'), permissions: [rolec.PERM_SUPER] },
+    children: [
+      {
+        path: '',
         name: 'TerminalList',
         component: () => import('@/views/sessions/TerminalList'),
         meta: { title: i18n.t('route.Terminal') }
       },
       {
-    path: 'terminals/:id',
+        path: ':id',
         name: 'TerminalDetail',
         component: () => import('@/views/sessions/TerminalDetail'),
         meta: { title: i18n.t('route.Terminal'), activeMenu: '/terminal/terminal' },
         hidden: true
       },
       {
-    path: 'terminals/:id/update',
+        path: ':id/update',
         name: 'TerminalUpdate',
         component: () => import('@/views/sessions/TerminalUpdate'),
         meta: { title: i18n.t('route.Terminal'), activeMenu: '/terminal/terminal' },
         hidden: true
+      }
+    ]
   },
   {
     path: 'storages',
     name: 'Storage',
     component: () => import('@/views/sessions/Storage/index'),
-    meta: { activeMenu: '/terminal/terminal' },
+    meta: { activeMenu: '/terminal/terminal', permissions: [rolec.PERM_SUPER] },
     hidden: true
   },
   {
     path: 'replay-storage/create',
     name: 'CreateReplayStorage',
     component: () => import('@/views/sessions/ReplayStorageCreateUpdate'),
-    meta: { title: i18n.t('route.CreateReplayStorage'), activeMenu: '/terminal/terminal' },
+    meta: { title: i18n.t('route.CreateReplayStorage'), activeMenu: '/terminal/terminal', permissions: [rolec.PERM_SUPER] },
     hidden: true
   },
   {
     path: 'command-storage/create',
     name: 'CreateCommandStorage',
     component: () => import('@/views/sessions/CommandStorageCreateUpdate'),
-    meta: { title: i18n.t('route.CreateCommandStorage'), activeMenu: '/terminal/terminal' },
+    meta: { title: i18n.t('route.CreateCommandStorage'), activeMenu: '/terminal/terminal', permissions: [rolec.PERM_SUPER] },
     hidden: true
   },
   {
     path: 'replay-storage/:id/update',
     name: 'ReplayStorageUpdate',
     component: () => import('@/views/sessions/ReplayStorageCreateUpdate'),
-    meta: { title: i18n.t('route.ReplayStorageUpdate'), activeMenu: '/terminal/terminal' },
+    meta: { title: i18n.t('route.ReplayStorageUpdate'), activeMenu: '/terminal/terminal', permissions: [rolec.PERM_SUPER] },
     hidden: true
   },
   {
     path: 'command-storage/:id/update',
     name: 'CommandStorageUpdate',
     component: () => import('@/views/sessions/CommandStorageCreateUpdate'),
-    meta: { title: i18n.t('route.CommandStorageUpdate'), activeMenu: '/terminal/terminal' },
+    meta: { title: i18n.t('route.CommandStorageUpdate'), activeMenu: '/terminal/terminal', permissions: [rolec.PERM_SUPER] },
     hidden: true
   }
 ]

src/router/userPage.js

@@ -33,13 +33,14 @@ export default [
     name: 'Apps',
     component: Layout,
     redirect: '/apps/remoteapp',
+    alwaysShow: true,
     meta: { title: i18n.t('route.MyApps'), icon: 'th', permissions: [rolec.PERM_USE] },
     children: [
       {
         path: '/apps/remoteapp',
         name: 'MyRemoteApps',
         component: () => import('@/userviews/apps/RemoteApp'),
-        meta: { title: i18n.t('route.RemoteApp'), permissions: [rolec.PERM_USE] }
+        meta: { title: i18n.t('route.RemoteApp'), permissions: [rolec.PERM_USE], licenseRequired: true }
       },
       {
         path: '/apps/database',

src/store/modules/permission.js

@@ -28,15 +28,16 @@ function hasLicense(licState, route) {
   return licState === requireLic
 }
 
-function hasCommand(cmdState, route) {
-  if (cmdState) {
-    return cmdState
+function hasCommand(cmdBulkExecutionEnable, route) {
+  const routeRequireCmd = route.meta ? route.meta.commandExecutionRequired : false
+  if (!routeRequireCmd) {
+    return true
   }
-  let requireCmd = route.meta ? route.meta.commandExecutionRequired : null
-  if (!requireCmd) {
-    requireCmd = false
+
+  if (!cmdBulkExecutionEnable) {
+    return false
   }
-  return cmdState === requireCmd
+  return true
 }
 
 export function filterLicRoutes(routes, roles) {
@@ -113,10 +114,12 @@ const mutations = {
 const actions = {
   generateRoutes({ commit, rootState }, roles) {
     return new Promise(resolve => {
-      console.log(rootState)
       let accessedRoutes = filterAsyncRoutes(allRoleRoutes, roles)
       accessedRoutes = filterCmdRoutes(accessedRoutes, rootState.settings.publicSettings.SECURITY_COMMAND_EXECUTION)
-      accessedRoutes = filterLicRoutes(accessedRoutes, rootState.settings.publicSettings.XPACK_ENABLED)
+      accessedRoutes = filterLicRoutes(accessedRoutes, rootState.settings.publicSettings.XPACK_LICENSE_IS_VALID)
+      if (accessedRoutes.length === 0) {
+        console.log('No route find')
+      }
       commit('SET_ROUTES', accessedRoutes)
       resolve(accessedRoutes)
     })

src/utils/request.js

@@ -49,7 +49,7 @@ service.interceptors.request.use(
 )
 
 function ifUnauthorized({ response, error }) {
-  if (response.status === 401 && response.request.url.indexOf('/users/profile') !== -1) {
+  if (response.status === 401 && response.request.responseURL.indexOf('/users/profile') === -1) {
     response.config.disableFlashErrorMsg = true
     // 未授权重定向到登录页面
     const title = i18n.t('common.Info')

src/views/sessions/SessionDetail/SessionDetailCard.vue

@@ -103,7 +103,7 @@ export default {
       window.open(replayUrl)
     },
     openReplayDownload: function(id) {
-      const downloadUrl = '/api/v1/terminal/session/00000000-0000-0000-0000-000000000000/replay/download/'
+      const downloadUrl = '/api/v1/terminal/sessions/00000000-0000-0000-0000-000000000000/replay/download/'
         .replace('00000000-0000-0000-0000-000000000000', id)
       window.open(downloadUrl)
     }

src/views/settings/index.vue

@@ -130,13 +130,58 @@ export default {
       }
     },
     basicData(data) {
-      return data.basic
+      const basic = data.basic
+      if (basic.SITE_URL === null) {
+        basic.SITE_URL = ''
+      }
+      if (basic.EMAIL_SUBJECT_PREFIX === null) {
+        basic.EMAIL_SUBJECT_PREFIX = ''
+      }
+      if (basic.USER_GUIDE_URL === null) {
+        basic.USER_GUIDE_URL = ''
+      }
+      return basic
     },
     emailData(data) {
-      return data.email
+      const email = data.email
+      if (email.EMAIL_FROM === null) {
+        email.EMAIL_FROM = ''
+      }
+      if (email.EMAIL_RECIPIENT === null) {
+        email.EMAIL_RECIPIENT = ''
+      }
+      if (email.EMAIL_USE_TLS === null) {
+        email.EMAIL_USE_TLS = false
+      }
+      if (email.EMAIL_HOST === null) {
+        email.EMAIL_HOST = ''
+      }
+      if (email.EMAIL_HOST_USER === null) {
+        email.EMAIL_HOST_USER = ''
+      }
+      if (email.EMAIL_PORT === null) {
+        email.EMAIL_PORT = ''
+      }
+      if (email.EMAIL_USE_SSL === null) {
+        email.EMAIL_USE_SSL = false
+      }
+      return email
     },
     emailContentData(data) {
-      return data.email_content
+      const email_content = data.email_content
+      if (email_content.EMAIL_CUSTOM_USER_CREATED_BODY === null) {
+        email_content.EMAIL_CUSTOM_USER_CREATED_BODY = ''
+      }
+      if (email_content.EMAIL_CUSTOM_USER_CREATED_HONORIFIC === null) {
+        email_content.EMAIL_CUSTOM_USER_CREATED_HONORIFIC = ''
+      }
+      if (email_content.EMAIL_CUSTOM_USER_CREATED_SIGNATURE === null) {
+        email_content.EMAIL_CUSTOM_USER_CREATED_SIGNATURE = ''
+      }
+      if (email_content.EMAIL_CUSTOM_USER_CREATED_SUBJECT === null) {
+        email_content.EMAIL_CUSTOM_USER_CREATED_SUBJECT = ''
+      }
+      return email_content
     },
     ldapData(data) {
       return data.ldap
@@ -145,7 +190,11 @@ export default {
       return data.terminal
     },
     securityData(data) {
-      return data.security
+      const security = data.security
+      if (security.SECURITY_COMMAND_EXECUTION === null) {
+        security.SECURITY_COMMAND_EXECUTION = false
+      }
+      return security
     }
   }
 }

vue.config.js

@@ -29,7 +29,7 @@ module.exports = {
     /\/node_modules\/resize-detector\//
   ],
   publicPath: '/ui/',
-  outputDir: 'dist',
+  outputDir: 'lina',
   assetsDir: 'assets',
   lintOnSave: process.env.NODE_ENV === 'development',
   productionSourceMap: false,