feat(openapi): allow user create app via openapi

CHANGES.md

@@ -29,6 +29,7 @@ Apollo 2.2.0
 * [[Multi-Database Support][h2] Support run on h2](https://github.com/apolloconfig/apollo/pull/4851)
 * [Fix the issue that env special case handling is missing in some case](https://github.com/apolloconfig/apollo/pull/4887)
 * [Fix the issue that namespace content being cleared when identical content is pasted into the namespace](https://github.com/apolloconfig/apollo/pull/4922)
+* [feat(openapi): allow user create app via openapi](https://github.com/apolloconfig/apollo/pull/4954)
 
 ------------------
 All issues and pull requests are [here](https://github.com/apolloconfig/apollo/milestone/13?closed=1)

apollo-common/src/main/java/com/ctrip/framework/apollo/common/exception/BadRequestException.java

@@ -29,6 +29,14 @@
     setHttpStatus(HttpStatus.BAD_REQUEST);
   }
 
+  public static BadRequestException ownerNameIsBlank() {
+    return new BadRequestException("ownerName can not be blank");
+  }
+
+  public static BadRequestException orgIdIsBlank() {
+    return new BadRequestException("orgId can not be blank");
+  }
+
   public static BadRequestException itemAlreadyExists(String itemKey) {
     return new BadRequestException("item already exists for itemKey:%s", itemKey);
   }
@@ -92,6 +100,14 @@
     return new BadRequestException("app already exists for appId:%s", appId);
   }
 
+  public static BadRequestException appIdIsBlank() {
+    return new BadRequestException("appId can not be blank");
+  }
+
+  public static BadRequestException appNameIsBlank() {
+    return new BadRequestException("app name can not be blank");
+  }
+
   public static BadRequestException clusterNotExists(String clusterName) {
     return new BadRequestException("cluster not exists for clusterName:%s", clusterName);
   }

apollo-common/src/main/java/com/ctrip/framework/apollo/common/exception/NotFoundException.java

@@ -64,4 +64,10 @@ public static NotFoundException appNotFound(String appId) {
     return new NotFoundException("app not found for appId:%s", appId);
   }
 
+  public static NotFoundException roleNotFound(String roleName) {
+    return new NotFoundException(
+        "role not found for roleName:%s, please check apollo portal DB table 'Role'",
+        roleName
+    );
+  }
 }

apollo-common/src/test/java/com/ctrip/framework/apollo/common/exception/NotFoundExceptionTest.java

@@ -16,8 +16,9 @@
  */
 package com.ctrip.framework.apollo.common.exception;
 
-import org.junit.Assert;
-import org.junit.Test;
+import static org.junit.jupiter.api.Assertions.assertEquals;
+
+import org.junit.jupiter.api.Test;
 
 public class NotFoundExceptionTest {
 
@@ -33,49 +34,54 @@ public void testConstructor() {
         clusterName, namespaceName, key);
     e2 = new NotFoundException(
         String.format("item not found for %s %s %s %s", appId, clusterName, namespaceName, key));
-    Assert.assertEquals(e1.getMessage(), e2.getMessage());
+    assertEquals(e1.getMessage(), e2.getMessage());
   }
 
   @Test
   public void testAppNotFoundException() {
     NotFoundException exception = NotFoundException.appNotFound(appId);
-    Assert.assertEquals(exception.getMessage(), "app not found for appId:app-1001");
+    assertEquals(exception.getMessage(), "app not found for appId:app-1001");
   }
 
   @Test
   public void testClusterNotFoundException() {
     NotFoundException exception = NotFoundException.clusterNotFound(appId, clusterName);
-    Assert.assertEquals(exception.getMessage(), "cluster not found for appId:app-1001 clusterName:test");
+    assertEquals(exception.getMessage(), "cluster not found for appId:app-1001 clusterName:test");
   }
 
   @Test
   public void testNamespaceNotFoundException() {
     NotFoundException exception = NotFoundException.namespaceNotFound(appId, clusterName, namespaceName);
-    Assert.assertEquals(exception.getMessage(), "namespace not found for appId:app-1001 clusterName:test namespaceName:application");
+    assertEquals(exception.getMessage(), "namespace not found for appId:app-1001 clusterName:test namespaceName:application");
 
     exception = NotFoundException.namespaceNotFound(66);
-    Assert.assertEquals(exception.getMessage(), "namespace not found for namespaceId:66");
+    assertEquals(exception.getMessage(), "namespace not found for namespaceId:66");
   }
 
   @Test
   public void testReleaseNotFoundException() {
     NotFoundException exception = NotFoundException.releaseNotFound(66);
-    Assert.assertEquals(exception.getMessage(), "release not found for releaseId:66");
+    assertEquals(exception.getMessage(), "release not found for releaseId:66");
   }
 
   @Test
   public void testItemNotFoundException(){
     NotFoundException exception = NotFoundException.itemNotFound(66);
-    Assert.assertEquals(exception.getMessage(), "item not found for itemId:66");
+    assertEquals(exception.getMessage(), "item not found for itemId:66");
 
     exception = NotFoundException.itemNotFound("test.key");
-    Assert.assertEquals(exception.getMessage(), "item not found for itemKey:test.key");
+    assertEquals(exception.getMessage(), "item not found for itemKey:test.key");
 
     exception = NotFoundException.itemNotFound(appId, clusterName, namespaceName, "test.key");
-    Assert.assertEquals(exception.getMessage(), "item not found for appId:app-1001 clusterName:test namespaceName:application itemKey:test.key");
+    assertEquals(exception.getMessage(), "item not found for appId:app-1001 clusterName:test namespaceName:application itemKey:test.key");
 
     exception = NotFoundException.itemNotFound(appId, clusterName, namespaceName, 66);
-    Assert.assertEquals(exception.getMessage(), "item not found for appId:app-1001 clusterName:test namespaceName:application itemId:66");
+    assertEquals(exception.getMessage(), "item not found for appId:app-1001 clusterName:test namespaceName:application itemId:66");
   }
 
+  @Test
+  void roleNotFound() {
+    NotFoundException exception = NotFoundException.roleNotFound("CreateApplication+SystemRole");
+    assertEquals(exception.getMessage(), "role not found for roleName:CreateApplication+SystemRole, please check apollo portal DB table 'Role'");
+  }
 }

apollo-portal/src/main/java/com/ctrip/framework/apollo/openapi/auth/ConsumerPermissionValidator.java

@@ -16,6 +16,8 @@
  */
 package com.ctrip.framework.apollo.openapi.auth;
 
+import static com.ctrip.framework.apollo.portal.service.SystemRoleManagerService.SYSTEM_PERMISSION_TARGET_ID;
+
 import com.ctrip.framework.apollo.openapi.service.ConsumerRolePermissionService;
 import com.ctrip.framework.apollo.openapi.util.ConsumerAuthUtil;
 import com.ctrip.framework.apollo.portal.constant.PermissionType;
@@ -70,4 +72,9 @@
     return permissionService.consumerHasPermission(consumerAuthUtil.retrieveConsumerId(request),
         PermissionType.CREATE_CLUSTER, appId);
   }
+
+  public boolean hasCreateApplicationPermission(HttpServletRequest request) {
+    long consumerId = consumerAuthUtil.retrieveConsumerId(request);
+    return permissionService.consumerHasPermission(consumerId, PermissionType.CREATE_APPLICATION, SYSTEM_PERMISSION_TARGET_ID);
+  }
 }

apollo-portal/src/main/java/com/ctrip/framework/apollo/openapi/server/service/ServerAppOpenApiService.java

@@ -21,9 +21,11 @@
 import com.ctrip.framework.apollo.common.utils.BeanUtils;
 import com.ctrip.framework.apollo.openapi.api.AppOpenApiService;
 import com.ctrip.framework.apollo.openapi.dto.OpenAppDTO;
+import com.ctrip.framework.apollo.openapi.dto.OpenCreateAppDTO;
 import com.ctrip.framework.apollo.openapi.dto.OpenEnvClusterDTO;
 import com.ctrip.framework.apollo.openapi.util.OpenApiBeanUtils;
 import com.ctrip.framework.apollo.portal.component.PortalSettings;
+import com.ctrip.framework.apollo.portal.entity.model.AppModel;
 import com.ctrip.framework.apollo.portal.environment.Env;
 import com.ctrip.framework.apollo.portal.service.AppService;
 import com.ctrip.framework.apollo.portal.service.ClusterService;
@@ -37,6 +39,7 @@
  */
 @Service
 public class ServerAppOpenApiService implements AppOpenApiService {
+
   private final PortalSettings portalSettings;
   private final ClusterService clusterService;
   private final AppService appService;
@@ -50,6 +53,26 @@
     this.appService = appService;
   }
 
+  private App convert(OpenAppDTO dto) {
+    return App.builder()
+        .appId(dto.getAppId())
+        .name(dto.getName())
+        .ownerName(dto.getOwnerName())
+        .orgId(dto.getOrgId())
+        .orgName(dto.getOrgName())
+        .ownerEmail(dto.getOwnerEmail())
+        .build();
+  }
+
+  /**
+   * @see com.ctrip.framework.apollo.portal.controller.AppController#create(AppModel)
+   */
+  @Override
+  public void createApp(OpenCreateAppDTO req) {
+    App app = convert(req.getApp());
+    appService.createAppAndAddRolePermission(app, req.getAdmins());
+  }
+
   @Override
   public List<OpenEnvClusterDTO> getEnvClusterInfo(String appId) {
     List<OpenEnvClusterDTO> envClusters = new LinkedList<>();

apollo-portal/src/main/java/com/ctrip/framework/apollo/openapi/service/ConsumerService.java

@@ -16,7 +16,10 @@
  */
 package com.ctrip.framework.apollo.openapi.service;
 
+import static com.ctrip.framework.apollo.portal.service.SystemRoleManagerService.CREATE_APPLICATION_ROLE_NAME;
+
 import com.ctrip.framework.apollo.common.exception.BadRequestException;
+import com.ctrip.framework.apollo.common.exception.NotFoundException;
 import com.ctrip.framework.apollo.openapi.entity.Consumer;
 import com.ctrip.framework.apollo.openapi.entity.ConsumerAudit;
 import com.ctrip.framework.apollo.openapi.entity.ConsumerRole;
@@ -28,6 +31,7 @@
 import com.ctrip.framework.apollo.portal.component.config.PortalConfig;
 import com.ctrip.framework.apollo.portal.entity.bo.UserInfo;
 import com.ctrip.framework.apollo.portal.entity.po.Role;
+import com.ctrip.framework.apollo.portal.entity.vo.consumer.ConsumerInfo;
 import com.ctrip.framework.apollo.portal.repository.RoleRepository;
 import com.ctrip.framework.apollo.portal.service.RolePermissionService;
 import com.ctrip.framework.apollo.portal.spi.UserInfoHolder;
@@ -38,6 +42,8 @@
 import com.google.common.base.Preconditions;
 import com.google.common.base.Strings;
 import com.google.common.hash.Hashing;
+import java.util.ArrayList;
+import java.util.Collections;
 import java.util.Objects;
 import org.apache.commons.lang3.time.FastDateFormat;
 import org.springframework.data.domain.Pageable;
@@ -186,9 +192,97 @@
     return Arrays.asList(createdModifyConsumerRole, createdReleaseConsumerRole);
   }
 
+  private ConsumerInfo convert(
+      Consumer consumer,
+      String token,
+      boolean allowCreateApplication
+  ) {
+    ConsumerInfo consumerInfo = new ConsumerInfo();
+    consumerInfo.setConsumerId(consumer.getId());
+    consumerInfo.setAppId(consumer.getAppId());
+    consumerInfo.setName(consumer.getName());
+    consumerInfo.setOwnerName(consumer.getOwnerName());
+    consumerInfo.setOwnerEmail(consumer.getOwnerEmail());
+    consumerInfo.setOrgId(consumer.getOrgId());
+    consumerInfo.setOrgName(consumer.getOrgName());
+
+    consumerInfo.setToken(token);
+    consumerInfo.setAllowCreateApplication(allowCreateApplication);
+    return consumerInfo;
+  }
+
+  public ConsumerInfo getConsumerInfoByAppId(String appId) {
+    ConsumerToken consumerToken = getConsumerTokenByAppId(appId);
+    if (null == consumerToken) {
+      return null;
+    }
+    Consumer consumer = consumerRepository.findByAppId(appId);
+    if (consumer == null) {
+      return null;
+    }
+    return convert(consumer, consumerToken.getToken(), isAllowCreateApplication(consumer.getId()));
+  }
+
+  private boolean isAllowCreateApplication(Long consumerId) {
+    return isAllowCreateApplication(Collections.singletonList(consumerId)).get(0);
+  }
+
+  private List<Boolean> isAllowCreateApplication(List<Long> consumerIdList) {
+    Role createAppRole = getCreateAppRole();
+    if (createAppRole == null) {
+      List<Boolean> list = new ArrayList<>(consumerIdList.size());
+      for (Long ignored : consumerIdList) {
+        list.add(false);
+      }
+      return list;
+    }
+
+    long roleId = createAppRole.getId();
+    List<Boolean> list = new ArrayList<>(consumerIdList.size());
+    for (Long consumerId : consumerIdList) {
+      ConsumerRole createAppConsumerRole = consumerRoleRepository.findByConsumerIdAndRoleId(
+          consumerId, roleId
+      );
+      list.add(createAppConsumerRole != null);
+    }
+
+    return list;
+  }
+
+  private Role getCreateAppRole() {
+    return rolePermissionService.findRoleByRoleName(CREATE_APPLICATION_ROLE_NAME);
+  }
+
+  public ConsumerRole assignCreateApplicationRoleToConsumer(String token) {
+    Long consumerId = getConsumerIdByToken(token);
+    if (consumerId == null) {
+      throw new BadRequestException("Token is Illegal");
+    }
+    Role createAppRole = getCreateAppRole();
+    if (createAppRole == null) {
+      throw NotFoundException.roleNotFound(CREATE_APPLICATION_ROLE_NAME);
+    }
+
+    long roleId = createAppRole.getId();
+    ConsumerRole createAppConsumerRole = consumerRoleRepository.findByConsumerIdAndRoleId(consumerId, roleId);
+    if (createAppConsumerRole != null) {
+      return createAppConsumerRole;
+    }
+
+    String operator = userInfoHolder.getUser().getUserId();
+    ConsumerRole consumerRole = createConsumerRole(consumerId, roleId, operator);
+    return consumerRoleRepository.save(consumerRole);
+  }
+
+
   @Transactional
   public ConsumerRole assignAppRoleToConsumer(String token, String appId) {
     Long consumerId = getConsumerIdByToken(token);
+    return assignAppRoleToConsumer(consumerId, appId);
+  }
+
+  @Transactional
+  public ConsumerRole assignAppRoleToConsumer(Long consumerId, String appId) {
     if (consumerId == null) {
       throw new BadRequestException("Token is Illegal");
     }
@@ -295,10 +389,30 @@
     return appIds;
   }
 
-  public List<Consumer> findAllConsumer(Pageable page){
+  List<Consumer> findAllConsumer(Pageable page){
     return this.consumerRepository.findAll(page).getContent();
   }
 
+  public List<ConsumerInfo> findConsumerInfoList(Pageable page) {
+    List<Consumer> consumerList = findAllConsumer(page);
+    List<Long> consumerIdList = consumerList.stream()
+        .map(Consumer::getId).collect(Collectors.toList());
+    List<Boolean> allowCreateApplicationList = isAllowCreateApplication(consumerIdList);
+
+    List<ConsumerInfo> consumerInfoList = new ArrayList<>(consumerList.size());
+
+    for (int i = 0; i < consumerList.size(); i++) {
+      Consumer consumer = consumerList.get(i);
+      // without token
+      ConsumerInfo consumerInfo = convert(
+          consumer, null, allowCreateApplicationList.get(i)
+      );
+      consumerInfoList.add(consumerInfo);
+    }
+
+    return consumerInfoList;
+  }
+
   @Transactional
   public void deleteConsumer(String appId){
     Consumer consumer = consumerRepository.findByAppId(appId);