This is an automated email from the ASF dual-hosted git repository. gongchao pushed a commit to branch new-startup in repository https://gitbox.apache.org/repos/asf/hertzbeat.git
commit a71f5102dd6c1c0e8d79fe201ec4e0e34ef82526 Author: tomsun28 <[email protected]> AuthorDate: Mon Oct 27 23:36:25 2025 +0800 fix Signed-off-by: tomsun28 <[email protected]> --- hertzbeat-manager/src/test/resources/sureness.yml | 136 +++++++++++++++++++++ .../startup/dao/MetricsFavoriteDaoTest.java | 1 - 2 files changed, 136 insertions(+), 1 deletion(-) diff --git a/hertzbeat-manager/src/test/resources/sureness.yml b/hertzbeat-manager/src/test/resources/sureness.yml new file mode 100644 index 000000000..f04c5a2f7 --- /dev/null +++ b/hertzbeat-manager/src/test/resources/sureness.yml @@ -0,0 +1,136 @@ +# Licensed to the Apache Software Foundation (ASF) under one or more +# contributor license agreements. See the NOTICE file distributed with +# this work for additional information regarding copyright ownership. +# The ASF licenses this file to You under the Apache License, Version 2.0 +# (the "License"); you may not use this file except in compliance with +# the License. You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +## -- sureness.yml account source -- ## + +# config the resource restful api that need auth protection, base rbac +# rule: api===method===role +# eg: /api/v1/source1===get===[admin] means /api/v2/host===post support role[admin] access. +# eg: /api/v1/source2===get===[] means /api/v1/source2===get can not access by any role. +resourceRole: + - /api/account/auth/refresh===post===[admin,user,guest] + - /api/apps/**===get===[admin,user,guest] + - /api/monitor/**===get===[admin,user,guest] + - /api/monitor/**===post===[admin,user] + - /api/monitor/**===put===[admin,user] + - /api/monitor/**===delete==[admin] + - /api/monitors/**===get===[admin,user,guest] + - /api/monitors/**===post===[admin,user] + - /api/monitors/**===put===[admin,user] + - /api/monitors/**===delete===[admin] + - /api/alert/**===get===[admin,user,guest] + - /api/alert/**===post===[admin,user] + - /api/alert/**===put===[admin,user] + - /api/alert/**===delete===[admin] + - /api/alerts/**===get===[admin,user,guest] + - /api/alerts/**===post===[admin,user] + - /api/alerts/**===put===[admin,user] + - /api/alerts/**===delete===[admin] + - /api/notice/**===get===[admin,user,guest] + - /api/notice/**===post===[admin,user] + - /api/notice/**===put===[admin,user] + - /api/notice/**===delete===[admin] + - /api/tag/**===get===[admin,user,guest] + - /api/tag/**===post===[admin,user] + - /api/tag/**===put===[admin,user] + - /api/tag/**===delete===[admin] + - /api/summary/**===get===[admin,user,guest] + - /api/summary/**===post===[admin,user] + - /api/summary/**===put===[admin,user] + - /api/summary/**===delete===[admin] + - /api/collector/**===get===[admin,user,guest] + - /api/collector/**===post===[admin,user] + - /api/collector/**===put===[admin,user] + - /api/collector/**===delete===[admin] + - /api/status/page/**===get===[admin,user,guest] + - /api/status/page/**===post===[admin,user] + - /api/status/page/**===put===[admin,user] + - /api/status/page/**===delete===[admin] + - /api/grafana/**===get===[admin,user,guest] + - /api/grafana/**===post===[admin,user] + - /api/grafana/**===put===[admin,user] + - /api/grafana/**===delete===[admin] + - /api/bulletin/**===get===[admin,user,guest] + - /api/bulletin/**===post===[admin,user] + - /api/bulletin/**===put===[admin,user] + - /api/bulletin/**===delete===[admin] + - /api/sse/**===get===[admin,user] + - /api/sse/**===post===[admin,user] + - /api/chat/**===get===[admin,user] + - /api/chat/**===post===[admin,user] + - /api/logs/ingest/**===post===[admin,user] + +# config the resource restful api that need bypass auth protection +# rule: api===method +# eg: /api/v1/source3===get means /api/v1/source3===get can be access by anyone, no need auth. +excludedResource: + - /api/alert/sse/**===* + - /api/logs/sse/**===* + - /api/account/auth/**===* + - /api/i18n/**===get + - /api/apps/hierarchy===get + - /api/push/**===* + - /api/status/page/public/**===* + - /api/manager/sse/**===* + # web ui resource + - /===get + - /assets/**===get + - /dashboard/**===get + - /monitors/**===get + - /alert/**===get + - /account/**===get + - /setting/**===get + - /passport/**===get + - /status/**===get + - /**/*.html===get + - /**/*.js===get + - /**/*.css===get + - /**/*.ico===get + - /**/*.ttf===get + - /**/*.png===get + - /**/*.gif===get + - /**/*.jpg===get + - /**/*.svg===get + - /**/*.json===get + - /**/*.woff===get + - /**/*.eot===get + # swagger ui resource + - /swagger-resources/**===get + - /v2/api-docs===get + - /v3/api-docs===get + # h2 database + - /h2-console/**===* + +# account info config +# eg: admin has role [admin,user], password is hertzbeat +# eg: tom has role [user], password is hertzbeat +# eg: lili has role [guest], plain password is lili, salt is 123, salted password is 1A676730B0C7F54654B0E09184448289 +account: + - appId: admin + credential: hertzbeat + role: [admin] + - appId: tom + credential: hertzbeat + role: [user] + - appId: guest + credential: hertzbeat + role: [guest] + - appId: lili + # credential = MD5(password + salt) + # plain password: hertzbeat + # attention: digest authentication does not support salted encrypted password accounts + credential: 94C6B34E7A199A9F9D4E1F208093B489 + salt: 123 + role: [user] diff --git a/hertzbeat-startup/src/test/java/org/apache/hertzbeat/startup/dao/MetricsFavoriteDaoTest.java b/hertzbeat-startup/src/test/java/org/apache/hertzbeat/startup/dao/MetricsFavoriteDaoTest.java index 82a3e52dc..ec7857341 100644 --- a/hertzbeat-startup/src/test/java/org/apache/hertzbeat/startup/dao/MetricsFavoriteDaoTest.java +++ b/hertzbeat-startup/src/test/java/org/apache/hertzbeat/startup/dao/MetricsFavoriteDaoTest.java @@ -23,7 +23,6 @@ import org.apache.hertzbeat.manager.dao.MetricsFavoriteDao; import org.apache.hertzbeat.startup.AbstractSpringIntegrationTest; import org.junit.jupiter.api.BeforeEach; import org.junit.jupiter.api.Test; -import org.springframework.boot.test.autoconfigure.orm.jpa.DataJpaTest; import org.springframework.test.annotation.DirtiesContext; import org.springframework.transaction.annotation.Transactional; --------------------------------------------------------------------- To unsubscribe, e-mail: [email protected] For additional commands, e-mail: [email protected]
