apollo icon indicating copy to clipboard operation
apollo copied to clipboard

Published 20 hours ago verified publisher icon apolloconfig

Open Api support get authorized apps, namespaces

Open Anilople opened this issue 3 years ago • 6 comments

Is your feature request related to a problem? Please describe.

Use method com.ctrip.framework.apollo.openapi.client.ApolloOpenApiClient#getAllApps can get all apps.

But there are some app my open api token has no authority to access, and open api will meet exception when try to access them.

If someone just want to get the apps or namespaces authoried,

are there any way to satisfy that?

Describe the solution you'd like

Some new method in com.ctrip.framework.apollo.openapi.client.ApolloOpenApiClient

Like getAuthorizedApps, getAuthorizedNamespacesByApp

Describe alternatives you've considered A clear and concise description of any alternative solutions or features you've considered.

Additional context Add any other context or screenshots about the feature request here.

Anilople avatar Mar 17 '21 12:03 Anilople

Like getAuthorizedApps, getAuthorizedNamespacesByApp

These methods should have params, could you give the full method signature?

nisiyong avatar Mar 17 '21 13:03 nisiyong

Like getAuthorizedApps, getAuthorizedNamespacesByApp

These methods should have params, could you give the full method signature?

public List<OpenAppDTO> getAuthorizedApps();
public List<OpenNamespaceDTO> getAuthorizedNamespaces(String appId, String env, String clusterName);

Anilople avatar Mar 17 '21 13:03 Anilople

LGTM

nisiyong avatar Mar 17 '21 14:03 nisiyong

LGTM

nobodyiam avatar Mar 19 '21 00:03 nobodyiam

analysis

Open api's request contains a token

Through portal's database table and E-R Diagram in https://ctripcorp.github.io/apollo/#/zh/design/apollo-design

We can find column by table like follow

square node is column, edge is table

graph TD
  Token -->|ConsumerToken|ConsumerId
  ConsumerId -->|ConsumerRole|RoleId
  RoleId -->|Role|RoleName
  RoleId -->|RolePermission|PermissionId
  PermissionId -->|Permission|PermissionType
  PermissionId -->|Permission|TargetId

The key information is RoleName, PermissionType, TargetId

RoleName

Example:

ModifyNamespace+test+012345678901234567890123456789+DEV

ReleaseNamespace+PT3.sentinel.dashboard+custom

ManageAppMaster+test

Is there a Jave method to parse it?

We can use those information to implement public List<OpenAppDTO> getAuthorizedApps();?

PermissionType and TargetId

Example

PermissionType TargetId
ReleaseNamespace agent+application+DEV
CreateNamespace 123456
CreateCluster agent

It is complex.

We can use those information to implement public List<OpenNamespaceDTO> getAuthorizedNamespaces(String appId, String env, String clusterName); or other more complex query of authorization?

Meet same problem like above, Is there a Jave method to parse it?

@nobodyiam @nisiyong

Anilople avatar Apr 24 '21 03:04 Anilople

I think we may follow the similar logic of com.ctrip.framework.apollo.portal.controller.AppController#findAppsByOwner

https://github.com/ctripcorp/apollo/blob/de05540e6c9a18cdf370ae95ca5e544d7b8d04bf/apollo-portal/src/main/java/com/ctrip/framework/apollo/portal/controller/AppController.java#L91-L106

nobodyiam avatar Apr 27 '21 00:04 nobodyiam