修改单元测试

Author: little3201

assets/src/main/resources/sql/table-ddl.sql renamed to assets/src/main/resources/schema.sql

@@ -8,7 +8,7 @@ create table categories
     id                 bigserial    not null primary key,
     name               varchar(127) not null UNIQUE,
     description        varchar(255),
-    is_enabled         boolean      not null default true,
+    enabled boolean not null default true,
     created_by         varchar(32)  not null,
     created_date       timestamp    not null default CURRENT_TIMESTAMP,
     last_modified_by   varchar(32)  not null,
@@ -29,7 +29,7 @@ CREATE TABLE posts
     tags               varchar[],
     cover              varchar(127),
     category_id        bigint       not null,
-    is_enabled         boolean      not null default true,
+    enabled boolean not null default true,
     created_by         varchar(32)  not null,
     created_date       timestamp    not null default CURRENT_TIMESTAMP,
     last_modified_by   varchar(32)  not null,
@@ -66,7 +66,7 @@ CREATE UNIQUE INDEX idx_unique_post_id ON post_content (post_id);
 drop table if exists comments;
 
 /*
- *  Copyright 2018-2024 little3201.
+ *  Copyright 2018-2025 little3201.
  *
  *  Licensed under the Apache License, Version 2.0 (the "License");
  *  you may not use this file except in compliance with the License.

auth/src/main/java/io/leafage/auth/config/AuthorizationServerConfiguration.java

@@ -30,21 +30,30 @@
 import org.springframework.jdbc.core.JdbcTemplate;
 import org.springframework.security.config.Customizer;
 import org.springframework.security.config.annotation.web.builders.HttpSecurity;
+import org.springframework.security.core.GrantedAuthority;
 import org.springframework.security.oauth2.jwt.JwtDecoder;
 import org.springframework.security.oauth2.server.authorization.JdbcOAuth2AuthorizationConsentService;
 import org.springframework.security.oauth2.server.authorization.JdbcOAuth2AuthorizationService;
+import org.springframework.security.oauth2.server.authorization.OAuth2TokenType;
 import org.springframework.security.oauth2.server.authorization.client.JdbcRegisteredClientRepository;
 import org.springframework.security.oauth2.server.authorization.client.RegisteredClientRepository;
 import org.springframework.security.oauth2.server.authorization.config.annotation.web.configuration.OAuth2AuthorizationServerConfiguration;
 import org.springframework.security.oauth2.server.authorization.config.annotation.web.configurers.OAuth2AuthorizationServerConfigurer;
 import org.springframework.security.oauth2.server.authorization.settings.AuthorizationServerSettings;
+import org.springframework.security.oauth2.server.authorization.token.JwtEncodingContext;
+import org.springframework.security.oauth2.server.authorization.token.OAuth2TokenCustomizer;
 import org.springframework.security.web.SecurityFilterChain;
 import org.springframework.security.web.authentication.LoginUrlAuthenticationEntryPoint;
 import org.springframework.security.web.util.matcher.MediaTypeRequestMatcher;
 import org.springframework.web.cors.CorsConfiguration;
 import org.springframework.web.cors.CorsConfigurationSource;
 import org.springframework.web.cors.UrlBasedCorsConfigurationSource;
 
+import java.util.Collection;
+import java.util.Optional;
+import java.util.Set;
+import java.util.stream.Collectors;
+
 import static org.springframework.security.oauth2.server.authorization.config.annotation.web.configurers.OAuth2AuthorizationServerConfigurer.authorizationServer;
 
 /**
@@ -114,6 +123,29 @@ public JwtDecoder jwtDecoder(JWKSource<SecurityContext> jwkSource) {
         return OAuth2AuthorizationServerConfiguration.jwtDecoder(jwkSource);
     }
 
+    @Bean
+    public OAuth2TokenCustomizer<JwtEncodingContext> jwtTokenCustomizer() {
+        return (context -> {
+            if (OAuth2TokenType.ACCESS_TOKEN.equals(context.getTokenType())) {
+                context.getClaims().claims(claims -> {
+                    // 获取原有的 scope，若不存在则初始化
+                    Set<String> scope = Optional.ofNullable((Collection<?>) claims.get("scope"))
+                            .stream()
+                            .flatMap(Collection::stream)
+                            .filter(String.class::isInstance)
+                            .map(String.class::cast)
+                            .collect(Collectors.toSet());
+                    claims.put("scope", scope);
+
+                    // 获取用户权限并添加到 scope
+                    context.getPrincipal().getAuthorities().stream()
+                            .map(GrantedAuthority::getAuthority)
+                            .forEach(scope::add);
+                });
+            }
+        });
+    }
+
     @Bean
     public CorsConfigurationSource corsConfigurationSource() {
         UrlBasedCorsConfigurationSource source = new UrlBasedCorsConfigurationSource();

auth/src/main/resources/sql/table-ddl.sql renamed to auth/src/main/resources/schema.sql

@@ -42,12 +42,10 @@ public abstract class PrivilegeBO {
      */
     @NotBlank(message = "icon must not be empty.")
     private String icon;
-
     /**
      * 路径
      */
     private String path;
-
     /**
      * redirect
      */
@@ -56,7 +54,9 @@ public abstract class PrivilegeBO {
      * component
      */
     private String component;
-
+    /**
+     * 操作
+     */
     private Set<String> actions;
     /**
      * 描述

hypervisor/src/main/java/io/leafage/basic/hypervisor/bo/PrivilegeBO.java

@@ -1,5 +1,5 @@
 /*
- *  Copyright 2018-2024 little3201.
+ *  Copyright 2018-2025 little3201.
  *
  *  Licensed under the Apache License, Version 2.0 (the "License");
  *  you may not use this file except in compliance with the License.
@@ -47,7 +47,7 @@ public class AccessLogController {
     /**
      * <p>Constructor for AccessLogController.</p>
      *
-     * @param accessLogService a {@link io.leafage.basic.hypervisor.service.AccessLogService} object
+     * @param accessLogService a {@link AccessLogService} object
      */
     public AccessLogController(AccessLogService accessLogService) {
         this.accessLogService = accessLogService;

hypervisor/src/main/java/io/leafage/basic/hypervisor/controller/AccessLogController.java

@@ -1,5 +1,5 @@
 /*
- *  Copyright 2018-2024 little3201.
+ *  Copyright 2018-2025 little3201.
  *
  *  Licensed under the Apache License, Version 2.0 (the "License");
  *  you may not use this file except in compliance with the License.
@@ -48,7 +48,7 @@ public class DictionaryController {
     /**
      * <p>Constructor for DictionaryController.</p>
      *
-     * @param dictionaryService a {@link io.leafage.basic.hypervisor.service.DictionaryService} object
+     * @param dictionaryService a {@link DictionaryService} object
      */
     public DictionaryController(DictionaryService dictionaryService) {
         this.dictionaryService = dictionaryService;

hypervisor/src/main/java/io/leafage/basic/hypervisor/controller/DictionaryController.java

@@ -1,5 +1,5 @@
 /*
- *  Copyright 2018-2024 little3201.
+ *  Copyright 2018-2025 little3201.
  *
  *  Licensed under the Apache License, Version 2.0 (the "License");
  *  you may not use this file except in compliance with the License.
@@ -18,8 +18,10 @@
 package io.leafage.basic.hypervisor.controller;
 
 import io.leafage.basic.hypervisor.domain.GroupMembers;
+import io.leafage.basic.hypervisor.domain.GroupPrivileges;
 import io.leafage.basic.hypervisor.dto.GroupDTO;
 import io.leafage.basic.hypervisor.service.GroupMembersService;
+import io.leafage.basic.hypervisor.service.GroupPrivilegesService;
 import io.leafage.basic.hypervisor.service.GroupService;
 import io.leafage.basic.hypervisor.vo.GroupVO;
 import jakarta.validation.Valid;
@@ -33,6 +35,7 @@
 import reactor.core.publisher.Mono;
 
 import java.util.List;
+import java.util.Set;
 
 /**
  * group controller
@@ -48,16 +51,19 @@ public class GroupController {
 
     private final GroupMembersService groupMembersService;
     private final GroupService groupService;
+    private final GroupPrivilegesService groupPrivilegesService;
 
     /**
      * <p>Constructor for GroupController.</p>
      *
-     * @param groupMembersService a {@link io.leafage.basic.hypervisor.service.GroupMembersService} object
-     * @param groupService        a {@link io.leafage.basic.hypervisor.service.GroupService} object
+     * @param groupMembersService    a {@link GroupMembersService} object
+     * @param groupService           a {@link GroupService} object
+     * @param groupPrivilegesService a {@link GroupPrivilegesService} object
      */
-    public GroupController(GroupMembersService groupMembersService, GroupService groupService) {
+    public GroupController(GroupMembersService groupMembersService, GroupService groupService, GroupPrivilegesService groupPrivilegesService) {
         this.groupMembersService = groupMembersService;
         this.groupService = groupService;
+        this.groupPrivilegesService = groupPrivilegesService;
     }
 
     /**
@@ -189,4 +195,21 @@ public ResponseEntity<Mono<List<GroupMembers>>> members(@PathVariable Long id) {
         return ResponseEntity.ok(listMono);
     }
 
+    /**
+     * 关联权限
+     *
+     * @param id 组id
+     * @return 查询到的数据集，异常时返回204状态码
+     */
+    @PatchMapping("/{id}/privileges/{privilegeId}")
+    public ResponseEntity<Mono<GroupPrivileges>> relation(@PathVariable Long id, @PathVariable Long privilegeId, @RequestBody Set<String> actions) {
+        Mono<GroupPrivileges> mono;
+        try {
+            mono = groupPrivilegesService.relation(id, privilegeId, actions);
+        } catch (Exception e) {
+            logger.error("Relation group privileges occurred an error: ", e);
+            return ResponseEntity.noContent().build();
+        }
+        return ResponseEntity.ok(mono);
+    }
 }

hypervisor/src/main/java/io/leafage/basic/hypervisor/controller/GroupController.java

@@ -1,5 +1,5 @@
 /*
- *  Copyright 2018-2024 little3201.
+ *  Copyright 2018-2025 little3201.
  *
  *  Licensed under the Apache License, Version 2.0 (the "License");
  *  you may not use this file except in compliance with the License.
@@ -47,7 +47,7 @@ public class MessageController {
     /**
      * <p>Constructor for MessageController.</p>
      *
-     * @param messageService a {@link io.leafage.basic.hypervisor.service.MessageService} object
+     * @param messageService a {@link MessageService} object
      */
     public MessageController(MessageService messageService) {
         this.messageService = messageService;

hypervisor/src/main/java/io/leafage/basic/hypervisor/controller/MessageController.java

@@ -49,7 +49,7 @@ public class UserController {
     /**
      * <p>Constructor for UserController.</p>
      *
-     * @param userService a {@link io.leafage.basic.hypervisor.service.UserService} object
+     * @param userService a {@link UserService} object
      */
     public UserController(UserService userService) {
         this.userService = userService;

hypervisor/src/main/java/io/leafage/basic/hypervisor/controller/UserController.java

@@ -1,5 +1,5 @@
 /*
- *  Copyright 2018-2024 little3201.
+ *  Copyright 2018-2025 little3201.
  *
  *  Licensed under the Apache License, Version 2.0 (the "License");
  *  you may not use this file except in compliance with the License.
@@ -21,13 +21,15 @@
 import org.springframework.data.relational.core.mapping.Column;
 import org.springframework.data.relational.core.mapping.Table;
 
+import java.util.Set;
+
 /**
- * model class for group roles
+ * model class for group privileges
  *
  * @author wq li
  */
-@Table(name = "group_roles")
-public class GroupRoles {
+@Table(name = "group_privileges")
+public class GroupPrivileges {
 
     /**
      * 主键
@@ -40,10 +42,12 @@ public class GroupRoles {
     @Column(value = "group_id")
     private Long groupId;
     /**
-     * role主键
+     * privilege主键
      */
-    @Column(value = "role_id")
-    private Long roleId;
+    @Column(value = "privilege_id")
+    private Long privilegeId;
+
+    private Set<String> actions;
 
     /**
      * <p>Getter for the field <code>id</code>.</p>
@@ -82,20 +86,28 @@ public void setGroupId(Long groupId) {
     }
 
     /**
-     * <p>Getter for the field <code>roleId</code>.</p>
+     * <p>Getter for the field <code>privilegeId</code>.</p>
      *
      * @return a {@link java.lang.Long} object
      */
-    public Long getRoleId() {
-        return roleId;
+    public Long getPrivilegeId() {
+        return privilegeId;
     }
 
     /**
-     * <p>Setter for the field <code>roleId</code>.</p>
+     * <p>Setter for the field <code>privilegeId</code>.</p>
      *
-     * @param roleId a {@link java.lang.Long} object
+     * @param privilegeId a {@link java.lang.Long} object
      */
-    public void setRoleId(Long roleId) {
-        this.roleId = roleId;
+    public void setPrivilegeId(Long privilegeId) {
+        this.privilegeId = privilegeId;
+    }
+
+    public Set<String> getActions() {
+        return actions;
+    }
+
+    public void setActions(Set<String> actions) {
+        this.actions = actions;
     }
 }

hypervisor/src/main/java/io/leafage/basic/hypervisor/domain/GroupRoles.java renamed to hypervisor/src/main/java/io/leafage/basic/hypervisor/domain/GroupPrivileges.java

@@ -1,5 +1,5 @@
 /*
- *  Copyright 2018-2024 little3201.
+ *  Copyright 2018-2025 little3201.
  *
  *  Licensed under the Apache License, Version 2.0 (the "License");
  *  you may not use this file except in compliance with the License.
@@ -21,7 +21,6 @@
 import org.springframework.data.r2dbc.repository.R2dbcRepository;
 import org.springframework.stereotype.Repository;
 import reactor.core.publisher.Flux;
-import reactor.core.publisher.Mono;
 
 /**
  * group members repository
@@ -31,14 +30,6 @@
 @Repository
 public interface GroupMembersRepository extends R2dbcRepository<GroupMembers, Long> {
 
-    /**
-     * 统计关联member
-     *
-     * @param groupId 组ID
-     * @return result
-     */
-    Mono<Long> countByGroupId(Long groupId);
-
     /**
      * 根据group查member
      *