web.mgr.builds 需要有 admin role 才可访问

web/src/main/java/cn/reghao/devops/web/mgr/builds/controller/BuildDirController.java

@@ -7,6 +7,7 @@ import io.swagger.annotations.Api;
 import io.swagger.annotations.ApiOperation;
 import lombok.extern.slf4j.Slf4j;
 import org.springframework.http.MediaType;
+import org.springframework.security.access.prepost.PreAuthorize;
 import org.springframework.web.bind.annotation.*;
 
 /**
@@ -25,6 +26,7 @@ public class BuildDirController {
     }
 
     @ApiOperation(value = "清空构建目录")
+    @PreAuthorize("hasRole('ROLE_ADMIN')")
     @PostMapping(value = "/erase", produces = MediaType.APPLICATION_JSON_VALUE)
     public String emptyBuildDir() {
         Result result = buildDirService.erase();

web/src/main/java/cn/reghao/devops/web/mgr/builds/controller/CompilerConfigController.java

@@ -8,6 +8,7 @@ import io.swagger.annotations.Api;
 import io.swagger.annotations.ApiOperation;
 import lombok.extern.slf4j.Slf4j;
 import org.springframework.http.MediaType;
+import org.springframework.security.access.prepost.PreAuthorize;
 import org.springframework.validation.annotation.Validated;
 import org.springframework.web.bind.annotation.*;
 
@@ -27,6 +28,7 @@ public class CompilerConfigController {
     }
 
     @ApiOperation(value = "添加/修改应用编译配置")
+    @PreAuthorize("hasRole('ROLE_ADMIN')")
     @PostMapping(produces = MediaType.APPLICATION_JSON_VALUE)
     public String addOrUpdateCompileConfig(@Validated CompilerConfig compilerConfig) {
         Result result = compilerConfigService.addOrUpdate(compilerConfig);
@@ -34,6 +36,7 @@ public class CompilerConfigController {
     }
 
     @ApiOperation(value = "删除应用编译配置")
+    @PreAuthorize("hasRole('ROLE_ADMIN')")
     @DeleteMapping(value = "/{id}", produces = MediaType.APPLICATION_JSON_VALUE)
     public String deleteCompileConfig(@PathVariable("id") int id) {
         Result result = compilerConfigService.delete(id);

web/src/main/java/cn/reghao/devops/web/mgr/builds/controller/DockerRegistryController.java

@@ -7,6 +7,7 @@ import io.swagger.annotations.Api;
 import io.swagger.annotations.ApiOperation;
 import lombok.extern.slf4j.Slf4j;
 import org.springframework.http.MediaType;
+import org.springframework.security.access.prepost.PreAuthorize;
 import org.springframework.validation.annotation.Validated;
 import org.springframework.web.bind.annotation.*;
 
@@ -26,6 +27,7 @@ public class DockerRegistryController {
     }
 
     @ApiOperation(value = "添加/修改 DockerRegistry 配置")
+    @PreAuthorize("hasRole('ROLE_ADMIN')")
     @PostMapping(value = "/registry", produces = MediaType.APPLICATION_JSON_VALUE)
     public String addOrUpdateRepoConfig(@Validated DockerAuth dockerAuth) {
         dockerRegistryService.addOrUpdate(dockerAuth);
@@ -33,6 +35,7 @@ public class DockerRegistryController {
     }
 
     @ApiOperation(value = "删除 DockerRegistry 配置")
+    @PreAuthorize("hasRole('ROLE_ADMIN')")
     @DeleteMapping(value = "/registry/{id}", produces = MediaType.APPLICATION_JSON_VALUE)
     public String deleteRepoConfig(@PathVariable("id") Integer id) {
         dockerRegistryService.delete(id);

web/src/main/java/cn/reghao/devops/web/mgr/builds/controller/PackerConfigController.java

@@ -8,6 +8,7 @@ import io.swagger.annotations.Api;
 import io.swagger.annotations.ApiOperation;
 import lombok.extern.slf4j.Slf4j;
 import org.springframework.http.MediaType;
+import org.springframework.security.access.prepost.PreAuthorize;
 import org.springframework.validation.annotation.Validated;
 import org.springframework.web.bind.annotation.*;
 
@@ -27,6 +28,7 @@ public class PackerConfigController {
     }
 
     @ApiOperation(value = "添加/修改应用打包配置")
+    @PreAuthorize("hasRole('ROLE_ADMIN')")
     @PostMapping(produces = MediaType.APPLICATION_JSON_VALUE)
     public String addOrUpdatePackConfig(@Validated PackerConfig packerConfig) {
         Result result = packerConfigService.addOrUpdate(packerConfig);
@@ -34,6 +36,7 @@ public class PackerConfigController {
     }
 
     @ApiOperation(value = "删除应用打包配置")
+    @PreAuthorize("hasRole('ROLE_ADMIN')")
     @DeleteMapping(value = "/{id}", produces = MediaType.APPLICATION_JSON_VALUE)
     public String deletePackConfig(@PathVariable("id")  int id) {
         Result result = packerConfigService.delete(id);

web/src/main/java/cn/reghao/devops/web/mgr/builds/controller/RepoAuthConfigController.java

@@ -8,6 +8,7 @@ import io.swagger.annotations.Api;
 import io.swagger.annotations.ApiOperation;
 import lombok.extern.slf4j.Slf4j;
 import org.springframework.http.MediaType;
+import org.springframework.security.access.prepost.PreAuthorize;
 import org.springframework.validation.annotation.Validated;
 import org.springframework.web.bind.annotation.*;
 
@@ -27,6 +28,7 @@ public class RepoAuthConfigController {
     }
 
     @ApiOperation(value = "添加/修改仓库认证配置")
+    @PreAuthorize("hasRole('ROLE_ADMIN')")
     @PostMapping(produces = MediaType.APPLICATION_JSON_VALUE)
     public String addOrUpdateRepoConfig(@Validated RepoAuthConfig repoAuth) {
         Result result = repoAuthConfigService.addOrUpdate(repoAuth);
@@ -34,6 +36,7 @@ public class RepoAuthConfigController {
     }
 
     @ApiOperation(value = "删除仓库认证配置")
+    @PreAuthorize("hasRole('ROLE_ADMIN')")
     @DeleteMapping(value = "/{id}", produces = MediaType.APPLICATION_JSON_VALUE)
     public String deleteRepoConfig(@PathVariable("id") int id) {
         Result result = repoAuthConfigService.delete(id);

web/src/main/java/cn/reghao/devops/web/mgr/builds/controller/page/BuildDirPageController.java

@@ -9,6 +9,7 @@ import lombok.extern.slf4j.Slf4j;
 import org.springframework.data.domain.Page;
 import org.springframework.data.domain.PageImpl;
 import org.springframework.data.domain.PageRequest;
+import org.springframework.security.access.prepost.PreAuthorize;
 import org.springframework.stereotype.Controller;
 import org.springframework.ui.Model;
 import org.springframework.web.bind.annotation.GetMapping;
@@ -32,6 +33,7 @@ public class BuildDirPageController {
     }
 
     @ApiOperation(value = "构建目录页面")
+    @PreAuthorize("hasRole('ROLE_ADMIN')")
     @GetMapping
     public String buildDirPage(Model model) {
         BuildDir buildDir = buildDirService.get();
@@ -46,6 +48,7 @@ public class BuildDirPageController {
     }
 
     @ApiOperation(value = "目录容量详情页面")
+    @PreAuthorize("hasRole('ROLE_ADMIN')")
     @GetMapping("/usage")
     public String usagePage(Model model) {
         BuildDir buildDir = buildDirService.get();

web/src/main/java/cn/reghao/devops/web/mgr/builds/controller/page/CompilerPageController.java

@@ -11,6 +11,7 @@ import io.swagger.annotations.ApiOperation;
 import lombok.extern.slf4j.Slf4j;
 import org.springframework.data.domain.Page;
 import org.springframework.data.domain.PageRequest;
+import org.springframework.security.access.prepost.PreAuthorize;
 import org.springframework.stereotype.Controller;
 import org.springframework.ui.Model;
 import org.springframework.web.bind.annotation.GetMapping;
@@ -36,6 +37,7 @@ public class CompilerPageController {
     }
 
     @ApiOperation(value = "编译配置页面")
+    @PreAuthorize("hasRole('ROLE_ADMIN')")
     @GetMapping
     public String compilerConfigPage(Model model) {
         PageRequest pageRequest = PageSort.pageRequest();
@@ -46,12 +48,16 @@ public class CompilerPageController {
         return "/devops/build/compiler/index";
     }
 
+    @ApiOperation(value = "编译添加页面")
+    @PreAuthorize("hasRole('ROLE_ADMIN')")
     @GetMapping("/add")
     public String addCompilerPage(Model model) {
         setCompilerModel(model);
         return "/devops/build/compiler/add";
     }
 
+    @ApiOperation(value = "编译更新页面")
+    @PreAuthorize("hasRole('ROLE_ADMIN')")
     @GetMapping("/edit/{id}")
     public String editCompilerPage(@PathVariable("id") CompilerConfig compilerConfig, Model model) {
         model.addAttribute("compiler", compilerConfig);
@@ -68,6 +74,8 @@ public class CompilerPageController {
         model.addAttribute("machineIpv4", Machine.IPV4);
     }
 
+    @ApiOperation(value = "编译详情页面")
+    @PreAuthorize("hasRole('ROLE_ADMIN')")
     @GetMapping("/detail/{id}")
     public String compilerDetailPage(@PathVariable("id") CompilerConfig compilerConfig, Model model) {
         model.addAttribute("compiler", compilerConfig);

web/src/main/java/cn/reghao/devops/web/mgr/builds/controller/page/DockerRegistryPageController.java

@@ -7,6 +7,7 @@ import io.swagger.annotations.Api;
 import io.swagger.annotations.ApiOperation;
 import org.springframework.data.domain.Page;
 import org.springframework.data.domain.PageRequest;
+import org.springframework.security.access.prepost.PreAuthorize;
 import org.springframework.stereotype.Controller;
 import org.springframework.ui.Model;
 import org.springframework.web.bind.annotation.GetMapping;
@@ -28,6 +29,7 @@ public class DockerRegistryPageController {
     }
 
     @ApiOperation(value = "DockerRegistry 列表页面")
+    @PreAuthorize("hasRole('ROLE_ADMIN')")
     @GetMapping("/registry")
     public String repoAuthPage(Model model) {
         PageRequest pageRequest = PageSort.pageRequest();
@@ -39,12 +41,14 @@ public class DockerRegistryPageController {
     }
 
     @ApiOperation(value = "DockerRegistry 添加页面")
+    @PreAuthorize("hasRole('ROLE_ADMIN')")
     @GetMapping("/registry/add")
     public String addRepoAuthPage(Model model) {
         return "/devops/build/docker/add";
     }
 
     @ApiOperation(value = "DockerRegistry 编辑页面")
+    @PreAuthorize("hasRole('ROLE_ADMIN')")
     @GetMapping("/registry/edit/{id}")
     public String editRepoAuthPage(@PathVariable("id") DockerRegistry dockerRegistry, Model model) {
         dockerRegistry.setNull();
@@ -52,6 +56,8 @@ public class DockerRegistryPageController {
         return "/devops/build/docker/edit";
     }
 
+    @ApiOperation(value = "DockerRegistry 详情页面")
+    @PreAuthorize("hasRole('ROLE_ADMIN')")
     @GetMapping("/registry/detail/{id}")
     public String repoAuthDetailPage(@PathVariable("id") DockerRegistry dockerRegistry, Model model) {
         dockerRegistry.setPassword("******");

web/src/main/java/cn/reghao/devops/web/mgr/builds/controller/page/PackerPageController.java

@@ -12,6 +12,7 @@ import io.swagger.annotations.ApiOperation;
 import lombok.extern.slf4j.Slf4j;
 import org.springframework.data.domain.Page;
 import org.springframework.data.domain.PageRequest;
+import org.springframework.security.access.prepost.PreAuthorize;
 import org.springframework.stereotype.Controller;
 import org.springframework.ui.Model;
 import org.springframework.web.bind.annotation.GetMapping;
@@ -40,6 +41,7 @@ public class PackerPageController {
     }
 
     @ApiOperation(value = "打包配置页面")
+    @PreAuthorize("hasRole('ROLE_ADMIN')")
     @GetMapping
     public String packerPage(Model model) {
         PageRequest pageRequest = PageSort.pageRequest();
@@ -50,6 +52,8 @@ public class PackerPageController {
         return "/devops/build/packer/index";
     }
 
+    @ApiOperation(value = "打包添加页面")
+    @PreAuthorize("hasRole('ROLE_ADMIN')")
     @GetMapping("/add")
     public String addPackerPage(Model model) {
         List<KeyValue> registryList = dockerRegistryRepository.findAll()
@@ -66,6 +70,8 @@ public class PackerPageController {
         return "/devops/build/packer/add";
     }
 
+    @ApiOperation(value = "打包更新页面")
+    @PreAuthorize("hasRole('ROLE_ADMIN')")
     @GetMapping("/edit/{id}")
     public String editPackerPage(@PathVariable("id") PackerConfig packerConfig, Model model) {
         model.addAttribute("packer", packerConfig);
@@ -82,6 +88,8 @@ public class PackerPageController {
         model.addAttribute("machineIpv4", Machine.IPV4);
     }
 
+    @ApiOperation(value = "打包详情页面")
+    @PreAuthorize("hasRole('ROLE_ADMIN')")
     @GetMapping("/detail/{id}")
     public String packerDetailPage(@PathVariable("id") PackerConfig packerConfig, Model model) {
         model.addAttribute("packer", packerConfig);

web/src/main/java/cn/reghao/devops/web/mgr/builds/controller/page/RepoAuthPageController.java

@@ -11,6 +11,7 @@ import io.swagger.annotations.ApiOperation;
 import lombok.extern.slf4j.Slf4j;
 import org.springframework.data.domain.Page;
 import org.springframework.data.domain.PageRequest;
+import org.springframework.security.access.prepost.PreAuthorize;
 import org.springframework.stereotype.Controller;
 import org.springframework.ui.Model;
 import org.springframework.web.bind.annotation.GetMapping;
@@ -36,6 +37,7 @@ public class RepoAuthPageController {
     }
 
     @ApiOperation(value = "仓库认证列表页面")
+    @PreAuthorize("hasRole('ROLE_ADMIN')")
     @GetMapping("/repoauth")
     public String repoAuthPage(Model model) {
         PageRequest pageRequest = PageSort.pageRequest();
@@ -47,6 +49,7 @@ public class RepoAuthPageController {
     }
 
     @ApiOperation(value = "仓库认证添加页面")
+    @PreAuthorize("hasRole('ROLE_ADMIN')")
     @GetMapping("/repoauth/add")
     public String addRepoAuthPage(Model model) {
         setRepoAuthModel(model);
@@ -54,6 +57,7 @@ public class RepoAuthPageController {
     }
 
     @ApiOperation(value = "仓库认证编辑页面")
+    @PreAuthorize("hasRole('ROLE_ADMIN')")
     @GetMapping("/repoauth/edit/{id}")
     public String editRepoAuthPage(@PathVariable("id") RepoAuthConfig repoAuth, Model model) {
         repoAuth.setNull();
@@ -76,6 +80,8 @@ public class RepoAuthPageController {
         model.addAttribute("auths", auths);
     }
 
+    @ApiOperation(value = "仓库认证详情页面")
+    @PreAuthorize("hasRole('ROLE_ADMIN')")
     @GetMapping("/repoauth/detail/{id}")
     public String repoAuthDetailPage(@PathVariable("id") RepoAuthConfig repoAuth, Model model) {
         repoAuth.setPassword("******");