1. 服务密钥列表支持关联规则模糊搜索 (#2985)

2. 新增检测服务密钥名称接口
TencentBlueKing · Feb 29, 2024 · f272c43 · f272c43
1 parent 75cd621
commit f272c43
Show file tree

Hide file tree

Showing 13 changed files with 9,216 additions and 8,588 deletions.
diff --git a/bcs-services/bcs-bscp/cmd/config-server/service/credential.go b/bcs-services/bcs-bscp/cmd/config-server/service/credential.go
@@ -190,3 +190,29 @@ func (s *Service) UpdateCredential(ctx context.Context,
 
 	return resp, nil
 }
+
+// CheckCredentialName Check if the credential name exists
+func (s *Service) CheckCredentialName(ctx context.Context, req *pbcs.CheckCredentialNameReq) (
+	*pbcs.CheckCredentialNameResp, error) {
+	grpcKit := kit.FromGrpcContext(ctx)
+
+	res := []*meta.ResourceAttribute{
+		{Basic: meta.Basic{Type: meta.Biz, Action: meta.FindBusinessResource}, BizID: req.BizId},
+		{Basic: meta.Basic{Type: meta.Credential, Action: meta.View}, BizID: req.BizId},
+	}
+
+	err := s.authorizer.Authorize(grpcKit, res...)
+	if err != nil {
+		return nil, err
+	}
+
+	credential, err := s.client.DS.CheckCredentialName(grpcKit.Ctx, &pbds.CheckCredentialNameReq{
+		BizId:          req.BizId,
+		CredentialName: req.CredentialName,
+	})
+	if err != nil {
+		return nil, err
+	}
+
+	return &pbcs.CheckCredentialNameResp{Exist: credential.Exist}, nil
+}
diff --git a/bcs-services/bcs-bscp/cmd/data-service/service/credential.go b/bcs-services/bcs-bscp/cmd/data-service/service/credential.go
@@ -75,10 +75,36 @@ func (s *Service) ListCredentials(ctx context.Context, req *pbds.ListCredentialR
 		logs.Errorf("list credential failed, err: %v, rid: %s", err, kt.Rid)
 		return nil, err
 	}
+	credentialScopes := map[uint32][]string{}
+	if count > 0 {
+		credentialID := []uint32{}
+		for _, v := range details {
+			credentialID = append(credentialID, v.ID)
+		}
+		// 获取关联规则
+		item, err := s.dao.CredentialScope().ListByCredentialIDs(kt, credentialID, req.BizId)
+		if err != nil {
+			return nil, err
+		}
+		for _, v := range item {
+			app, scope, err := v.Spec.CredentialScope.Split()
+			if err != nil {
+				return nil, err
+			}
+			credentialScopes[v.Attachment.CredentialId] = append(credentialScopes[v.Attachment.CredentialId],
+				fmt.Sprintf("%s%s", app, scope))
+		}
+	}
+
+	data := pbcredential.PbCredentials(details)
+
+	for _, v := range data {
+		v.CredentialScopes = credentialScopes[v.Id]
+	}
 
 	resp := &pbds.ListCredentialResp{
 		Count:   uint32(count),
-		Details: pbcredential.PbCredentials(details),
+		Details: data,
 	}
 	return resp, nil
 }
@@ -142,3 +168,22 @@ func (s *Service) UpdateCredential(ctx context.Context, req *pbds.UpdateCredenti
 
 	return new(pbbase.EmptyResp), nil
 }
+
+// CheckCredentialName Check if the credential name exists
+func (s *Service) CheckCredentialName(ctx context.Context, req *pbds.CheckCredentialNameReq) (
+	*pbds.CheckCredentialNameResp, error) {
+	kt := kit.FromGrpcContext(ctx)
+
+	credential, err := s.dao.Credential().GetByName(kt, req.BizId, req.CredentialName)
+	if err != nil && !errors.Is(err, gorm.ErrRecordNotFound) {
+		return nil, err
+	}
+
+	var exist bool
+	if credential != nil && credential.ID != 0 {
+		exist = true
+	}
+	return &pbds.CheckCredentialNameResp{
+		Exist: exist,
+	}, nil
+}
diff --git a/bcs-services/bcs-bscp/pkg/dal/dao/credential.go b/bcs-services/bcs-bscp/pkg/dal/dao/credential.go
@@ -195,12 +195,31 @@ func (dao *credentialDao) List(kit *kit.Kit, bizID uint32, searchKey string, opt
 	topIds []uint32) ([]*table.Credential, int64, error) {
 	m := dao.genQ.Credential
 	q := dao.genQ.Credential.WithContext(kit.Ctx)
+	cs := dao.genQ.CredentialScope
 
 	var conds []rawgen.Condition
 	if searchKey != "" {
 		searchVal := "%" + searchKey + "%"
-		conds = append(conds, q.Where(m.Memo.Like(searchVal)).Or(m.Reviser.Like(searchVal)).
-			Or(m.Name.Like(searchVal)))
+
+		var item []struct {
+			CredentialID uint32
+		}
+		err := cs.WithContext(kit.Ctx).Select(cs.CredentialId).
+			Where(cs.BizID.Eq(bizID), cs.CredentialScope.Like(searchVal)).Group(cs.CredentialId).Scan(&item)
+		if err != nil {
+			return nil, 0, err
+		}
+		if len(item) > 0 {
+			credentialID := []uint32{}
+			for _, v := range item {
+				credentialID = append(credentialID, v.CredentialID)
+			}
+			conds = append(conds, q.Where(m.Memo.Like(searchVal)).Or(m.Reviser.Like(searchVal)).
+				Or(m.Name.Like(searchVal)).Or(m.ID.In(credentialID...)))
+		} else {
+			conds = append(conds, q.Where(m.Memo.Like(searchVal)).Or(m.Reviser.Like(searchVal)).
+				Or(m.Name.Like(searchVal)))
+		}
 	}
 
 	if len(topIds) != 0 {

diff --git a/bcs-services/bcs-bscp/pkg/dal/dao/credential_scope.go b/bcs-services/bcs-bscp/pkg/dal/dao/credential_scope.go
@@ -36,6 +36,8 @@ type CredentialScope interface {
 	DeleteByCredentialIDWithTx(kit *kit.Kit, tx *gen.QueryTx, bizID, credentialID uint32) error
 	// BatchDeleteWithTx batch delete credential scope with transaction
 	BatchDeleteWithTx(kit *kit.Kit, tx *gen.QueryTx, bizID uint32, ids []uint32) error
+	// ListByCredentialIDs 按多个凭据 ID 列出
+	ListByCredentialIDs(kit *kit.Kit, credentialIDs []uint32, bizID uint32) ([]*table.CredentialScope, error)
 }
 
 var _ CredentialScope = new(credentialScopeDao)
@@ -46,6 +48,16 @@ type credentialScopeDao struct {
 	auditDao AuditDao
 }
 
+// ListByCredentialIDs 按多个凭据 ID 列出
+func (dao *credentialScopeDao) ListByCredentialIDs(kit *kit.Kit, credentialIDs []uint32, bizID uint32) (
+	[]*table.CredentialScope, error) {
+	if bizID == 0 {
+		return nil, errors.New("biz id is 0")
+	}
+	m := dao.genQ.CredentialScope
+	return m.WithContext(kit.Ctx).Where(m.BizID.Eq(bizID), m.CredentialId.In(credentialIDs...)).Find()
+}
+
 // CreateWithTx create credential scope with transaction
 func (dao *credentialScopeDao) CreateWithTx(kit *kit.Kit, tx *gen.QueryTx, g *table.CredentialScope) (uint32, error) {
 	if err := g.ValidateCreate(); err != nil {