llvy.ltd/casdoor
1
0
Fork 0
mirror of https://github.com/casdoor/casdoor.git synced 2025-07-01 18:40:18 +08:00
Code Issues Packages Projects Releases Wiki Activity

feat: support shared application across organizations (#3108)

Browse Source 
* feat: support share application

* revert: revert i18n

* fix: improve code format

* fix: improve code format and move GetSharedOrgFromApp to string.go
This commit is contained in:
DacongDA
2024-08-09 15:43:25 +08:00
committed by GitHub
parent e7230700e0
commit 4c0fff66ff
9 changed files with 75 additions and 16 deletions
Download Patch File Download Diff File Expand all files Collapse all files

30
object/application.go
View File

@ -91,6 +91,7 @@ type Application struct {
CertPublicKey string `xorm:"-" json:"certPublicKey"` CertPublicKey string `xorm:"-" json:"certPublicKey"`
Tags []string `xorm:"mediumtext" json:"tags"` Tags []string `xorm:"mediumtext" json:"tags"`
SamlAttributes []*SamlItem `xorm:"varchar(1000)" json:"samlAttributes"` SamlAttributes []*SamlItem `xorm:"varchar(1000)" json:"samlAttributes"`
IsShared bool `json:"isShared"`
ClientId string `xorm:"varchar(100)" json:"clientId"` ClientId string `xorm:"varchar(100)" json:"clientId"`
ClientSecret string `xorm:"varchar(100)" json:"clientSecret"` ClientSecret string `xorm:"varchar(100)" json:"clientSecret"`
@ -123,9 +124,9 @@ func GetApplicationCount(owner, field, value string) (int64, error) {
return session.Count(&Application{}) return session.Count(&Application{})
} }
func GetOrganizationApplicationCount(owner, Organization, field, value string) (int64, error) { func GetOrganizationApplicationCount(owner, organization, field, value string) (int64, error) {
session := GetSession(owner, -1, -1, field, value, "", "") session := GetSession(owner, -1, -1, field, value, "", "")
return session.Count(&Application{Organization: Organization}) return session.Where("organization = ? or is_shared = ? ", organization, true).Count(&Application{})
} }
func GetApplications(owner string) ([]*Application, error) { func GetApplications(owner string) ([]*Application, error) {
@ -140,7 +141,7 @@ func GetApplications(owner string) ([]*Application, error) {
func GetOrganizationApplications(owner string, organization string) ([]*Application, error) { func GetOrganizationApplications(owner string, organization string) ([]*Application, error) {
applications := []*Application{} applications := []*Application{}
err := ormer.Engine.Desc("created_time").Find(&applications, &Application{Organization: organization}) err := ormer.Engine.Desc("created_time").Where("organization = ? or is_shared = ? ", organization, true).Find(&applications, &Application{})
if err != nil { if err != nil {
return applications, err return applications, err
} }
@ -162,7 +163,7 @@ func GetPaginationApplications(owner string, offset, limit int, field, value, so
func GetPaginationOrganizationApplications(owner, organization string, offset, limit int, field, value, sortField, sortOrder string) ([]*Application, error) { func GetPaginationOrganizationApplications(owner, organization string, offset, limit int, field, value, sortField, sortOrder string) ([]*Application, error) {
applications := []*Application{} applications := []*Application{}
session := GetSession(owner, offset, limit, field, value, sortField, sortOrder) session := GetSession(owner, offset, limit, field, value, sortField, sortOrder)
err := session.Find(&applications, &Application{Organization: organization}) err := session.Where("organization = ? or is_shared = ? ", organization, true).Find(&applications, &Application{})
if err != nil { if err != nil {
return applications, err return applications, err
} }
@ -337,12 +338,18 @@ func getApplication(owner string, name string) (*Application, error) {
return nil, nil return nil, nil
} }
application := Application{Owner: owner, Name: name} realApplicationName, sharedOrg := util.GetSharedOrgFromApp(name)
application := Application{Owner: owner, Name: realApplicationName}
existed, err := ormer.Engine.Get(&application) existed, err := ormer.Engine.Get(&application)
if err != nil { if err != nil {
return nil, err return nil, err
} }
if application.IsShared && sharedOrg != "" {
application.Organization = sharedOrg
}
if existed { if existed {
err = extendApplicationWithProviders(&application) err = extendApplicationWithProviders(&application)
if err != nil { if err != nil {
@ -428,11 +435,18 @@ func GetApplicationByUserId(userId string) (application *Application, err error)
func GetApplicationByClientId(clientId string) (*Application, error) { func GetApplicationByClientId(clientId string) (*Application, error) {
application := Application{} application := Application{}
existed, err := ormer.Engine.Where("client_id=?", clientId).Get(&application)
realClientId, sharedOrg := util.GetSharedOrgFromApp(clientId)
existed, err := ormer.Engine.Where("client_id=?", realClientId).Get(&application)
if err != nil { if err != nil {
return nil, err return nil, err
} }
if application.IsShared && sharedOrg != "" {
application.Organization = sharedOrg
}
if existed { if existed {
err = extendApplicationWithProviders(&application) err = extendApplicationWithProviders(&application)
if err != nil { if err != nil {
@ -626,6 +640,10 @@ func UpdateApplication(id string, application *Application) (bool, error) {
return false, err return false, err
} }
if application.IsShared == true && application.Organization != "built-in" {
return false, fmt.Errorf("only applications belonging to built-in organization can be shared")
}
for _, providerItem := range application.Providers { for _, providerItem := range application.Providers {
providerItem.Provider = nil providerItem.Provider = nil
} }

1
object/organization.go
View File

@ -319,6 +319,7 @@ func GetDefaultApplication(id string) (*Application, error) {
if defaultApplication == nil { if defaultApplication == nil {
return nil, fmt.Errorf("The default application: %s does not exist", organization.DefaultApplication) return nil, fmt.Errorf("The default application: %s does not exist", organization.DefaultApplication)
} else { } else {
defaultApplication.Organization = organization.Name
return defaultApplication, nil return defaultApplication, nil
} }
} }

2
object/user.go
View File

@ -1138,7 +1138,7 @@ func (user *User) IsApplicationAdmin(application *Application) bool {
return false return false
} }
return (user.Owner == application.Organization && user.IsAdmin) || user.IsGlobalAdmin() return (user.Owner == application.Organization && user.IsAdmin) || user.IsGlobalAdmin() || (user.IsAdmin && application.IsShared)
} }
func (user *User) IsGlobalAdmin() bool { func (user *User) IsGlobalAdmin() bool {

10
util/string.go
View File

@ -154,6 +154,16 @@ func GetOwnerAndNameAndOtherFromId(id string) (string, string, string) {
return tokens[0], tokens[1], tokens[2] return tokens[0], tokens[1], tokens[2]
} }
func GetSharedOrgFromApp(rawName string) (name string, organization string) {
name = rawName
splitName := strings.Split(rawName, "-org-")
if len(splitName) >= 2 {
organization = splitName[len(splitName)-1]
name = splitName[0]
}
return name, organization
}
func GenerateId() string { func GenerateId() string {
return uuid.NewString() return uuid.NewString()
} }

35
web/src/ApplicationEditPage.js
View File

@ -116,7 +116,6 @@ class ApplicationEditPage extends React.Component {
UNSAFE_componentWillMount() { UNSAFE_componentWillMount() {
this.getApplication(); this.getApplication();
this.getOrganizations(); this.getOrganizations();
this.getProviders();
} }
getApplication() { getApplication() {
@ -145,7 +144,9 @@ class ApplicationEditPage extends React.Component {
application: application, application: application,
}); });
this.getCerts(application.organization); this.getProviders(application);
this.getCerts(application);
this.getSamlMetadata(application.enableSamlPostBinding); this.getSamlMetadata(application.enableSamlPostBinding);
}); });
@ -166,7 +167,11 @@ class ApplicationEditPage extends React.Component {
}); });
} }
getCerts(owner) { getCerts(application) {
let owner = application.organization;
if (application.isShared) {
owner = this.props.owner;
}
CertBackend.getCerts(owner) CertBackend.getCerts(owner)
.then((res) => { .then((res) => {
this.setState({ this.setState({
@ -175,8 +180,12 @@ class ApplicationEditPage extends React.Component {
}); });
} }
getProviders() { getProviders(application) {
ProviderBackend.getProviders(this.state.owner) let owner = application.organization;
if (application.isShared) {
owner = this.props.account.owner;
}
ProviderBackend.getProviders(owner)
.then((res) => { .then((res) => {
if (res.status === "ok") { if (res.status === "ok") {
this.setState({ this.setState({
@ -263,6 +272,16 @@ class ApplicationEditPage extends React.Component {
}} /> }} />
</Col> </Col>
</Row> </Row>
<Row style={{marginTop: "20px"}} >
<Col style={{marginTop: "5px"}} span={(Setting.isMobile()) ? 22 : 2}>
{Setting.getLabel(i18next.t("general:Is shared"), i18next.t("general:Is shared - Tooltip"))} :
</Col>
<Col span={22} >
<Switch disabled={Setting.isAdminUser()} checked={this.state.application.isShared} onChange={checked => {
this.updateApplicationField("isShared", checked);
}} />
</Col>
</Row>
<Row style={{marginTop: "20px"}} > <Row style={{marginTop: "20px"}} >
<Col style={{marginTop: "5px"}} span={(Setting.isMobile()) ? 22 : 2}> <Col style={{marginTop: "5px"}} span={(Setting.isMobile()) ? 22 : 2}>
{Setting.getLabel(i18next.t("general:Logo"), i18next.t("general:Logo - Tooltip"))} : {Setting.getLabel(i18next.t("general:Logo"), i18next.t("general:Logo - Tooltip"))} :
@ -989,7 +1008,11 @@ class ApplicationEditPage extends React.Component {
redirectUri = "\"ERROR: You must specify at least one Redirect URL in 'Redirect URLs'\""; redirectUri = "\"ERROR: You must specify at least one Redirect URL in 'Redirect URLs'\"";
} }
const signInUrl = `/login/oauth/authorize?client_id=${this.state.application.clientId}&response_type=code&redirect_uri=${redirectUri}&scope=read&state=casdoor`; let clientId = this.state.application.clientId;
if (this.state.application.isShared && this.props.account.owner !== "built-in") {
clientId += `-org-${this.props.account.owner}`;
}
const signInUrl = `/login/oauth/authorize?client_id=${clientId}&response_type=code&redirect_uri=${redirectUri}&scope=read&state=casdoor`;
const maskStyle = {position: "absolute", top: "0px", left: "0px", zIndex: 10, height: "97%", width: "100%", background: "rgba(0,0,0,0.4)"}; const maskStyle = {position: "absolute", top: "0px", left: "0px", zIndex: 10, height: "97%", width: "100%", background: "rgba(0,0,0,0.4)"};
if (!Setting.isPasswordEnabled(this.state.application)) { if (!Setting.isPasswordEnabled(this.state.application)) {
signUpUrl = signInUrl.replace("/login/oauth/authorize", "/signup/oauth/authorize"); signUpUrl = signInUrl.replace("/login/oauth/authorize", "/signup/oauth/authorize");

2
web/src/ApplicationListPage.js
View File

@ -123,7 +123,7 @@ class ApplicationListPage extends BaseListPage {
render: (text, record, index) => { render: (text, record, index) => {
return ( return (
<Link to={`/applications/${record.organization}/${text}`}> <Link to={`/applications/${record.organization}/${text}`}>
{text} {Setting.getApplicationDisplayName(record)}
</Link> </Link>
); );
}, },

2
web/src/OrganizationEditPage.js
View File

@ -360,7 +360,7 @@ class OrganizationEditPage extends React.Component {
</Col> </Col>
<Col span={22} > <Col span={22} >
<Select virtual={false} style={{width: "100%"}} value={this.state.organization.defaultApplication} onChange={(value => {this.updateOrganizationField("defaultApplication", value);})} <Select virtual={false} style={{width: "100%"}} value={this.state.organization.defaultApplication} onChange={(value => {this.updateOrganizationField("defaultApplication", value);})}
options={this.state.applications?.map((item) => Setting.getOption(item.name, item.name)) options={this.state.applications?.map((item) => Setting.getOption(Setting.getApplicationDisplayName(item.name), item.name))
} /> } />
</Col> </Col>
</Row> </Row>

7
web/src/Setting.js
View File

@ -1371,6 +1371,13 @@ export function getApplicationName(application) {
return `${application?.owner}/${application?.name}`; return `${application?.owner}/${application?.name}`;
} }
export function getApplicationDisplayName(application) {
if (application.isShared) {
return `${application.name}(Shared)`;
}
return application.name;
}
export function getRandomName() { export function getRandomName() {
return Math.random().toString(36).slice(-6); return Math.random().toString(36).slice(-6);
} }

2
web/src/TransactionEditPage.js
View File

@ -125,7 +125,7 @@ class TransactionEditPage extends React.Component {
application: application, application: application,
}); });
this.getCerts(application.organization); this.getCerts(application);
this.getSamlMetadata(application.enableSamlPostBinding); this.getSamlMetadata(application.enableSamlPostBinding);
}); });