diff --git a/server/home/home-service/src/main/java/io/holoinsight/server/home/biz/service/impl/AlertGroupServiceImpl.java b/server/home/home-service/src/main/java/io/holoinsight/server/home/biz/service/impl/AlertGroupServiceImpl.java index 1ffdbb866..d6a1f57c4 100644 --- a/server/home/home-service/src/main/java/io/holoinsight/server/home/biz/service/impl/AlertGroupServiceImpl.java +++ b/server/home/home-service/src/main/java/io/holoinsight/server/home/biz/service/impl/AlertGroupServiceImpl.java @@ -79,8 +79,10 @@ public MonitorPageResult getListByPage( AlarmGroup alarmGroup = alarmGroupConverter.dtoToDO(pageRequest.getTarget()); - this.requestContextAdapter.queryWrapperTenantAdapt(wrapper, alarmGroup.getTenant(), - alarmGroup.getWorkspace()); + wrapper.eq("tenant", alarmGroup.getTenant()); + if (StringUtils.isNotEmpty(alarmGroup.getWorkspace())) { + wrapper.eq("workspace", alarmGroup.getWorkspace()); + } if (null != alarmGroup.getId()) { wrapper.eq("id", alarmGroup.getId()); diff --git a/server/home/home-web/src/main/java/io/holoinsight/server/home/web/security/custom/AlarmRuleLevelAuthorizationChecker.java b/server/home/home-web/src/main/java/io/holoinsight/server/home/web/security/custom/AlarmRuleLevelAuthorizationChecker.java index 8b1469d67..b0b7600ea 100644 --- a/server/home/home-web/src/main/java/io/holoinsight/server/home/web/security/custom/AlarmRuleLevelAuthorizationChecker.java +++ b/server/home/home-web/src/main/java/io/holoinsight/server/home/web/security/custom/AlarmRuleLevelAuthorizationChecker.java @@ -270,11 +270,15 @@ private LevelAuthorizationCheckResult checkAlarmRuleDTO(String methodName, } if (StringUtils.isNotEmpty(alarmRuleDTO.getNoticeType())) { - return failCheckResult("noticeType %s should be empty", alarmRuleDTO.getMergeType()); + return failCheckResult("noticeType %s should be empty", alarmRuleDTO.getNoticeType()); } if (!CollectionUtils.isEmpty(alarmRuleDTO.getAlarmContent())) { - return failCheckResult("alarmContent %s should be empty", alarmRuleDTO.getMergeType()); + for (String content : alarmRuleDTO.getAlarmContent()) { + if (!sqlCnNameCheck(content)) { + return failCheckResult("invalid content %s in alarmContent", content); + } + } } if (StringUtils.isNotEmpty(alarmRuleDTO.getTenant()) @@ -471,7 +475,7 @@ private LevelAuthorizationCheckResult checkCompareConfigs(List co config.getTriggerLevel()); } if (StringUtils.isNotEmpty(config.getTriggerContent()) - && !checkSqlName(config.getTriggerContent())) { + && !sqlCnNameCheck(config.getTriggerContent())) { return failCheckResult("fail to check triggerContent in compareConfigs %s", config.getTriggerContent()); } @@ -509,9 +513,9 @@ private LevelAuthorizationCheckResult checkExtra(AlertRuleExtra extra, String te if (StringUtils.isNotEmpty(extra.sourceLink)) { return failCheckResult("sourceLink %s should be empty", extra.sourceLink); } - if (StringUtils.isNotEmpty(extra.md5)) { - return failCheckResult("md5 %s should be empty", extra.md5); - } + // if (StringUtils.isNotEmpty(extra.md5)) { + // return failCheckResult("md5 %s should be empty", extra.md5); + // } if (!CollectionUtils.isEmpty(extra.alertTags) && !checkSqlField(extra.alertTags)) { return failCheckResult("fail to check sql field in alertTags %s", J.toJson(extra.alertTags)); }