本文档,为中台产品在部署时,提供对接数据初始化的相关接口
主要涉及:
CAS认证,创建 Servcie
授权服务,创建 应用,应用角色
云平台菜单,创建 应用,菜单,角色权限的关联
采用 sql 文件执行接口进行部署
版本要求:1.2.2
curl -i -s -X POST \ -H 'Content-Type: text/plain' \ --data-binary @cas_server_integrate.sql \ 'http://cas-server-sa.cas-server.svc.cluster.local:8080/deploy/execSql'
cas_server_integrate.sql
-- Service 的创建 INSERT INTO TB_SERVICE (ID, COMPANY_ID, DELETED, ADD_ACCOUNT, ADD_TIME, NAME, DESCRIPTION, INFORMATION_URL, LOGOUT_URL, RESPONSE_TYPE, LOGOUT_TYPE, EVALUATION_ORDER, FRIENDLY_NAME, REGISTERED_SERVICE_ID, SERVICE_ID, ENABLED, SSO_ENABLED, REQUIRE_ALL_ATTRIBUTES, ID_TOKEN_ENABLED, JWT_AS_SERVICE_TICKET, ADAPT_V4_PRODUCT, APPLICATION_ID, APPLICATION_DOMAIN, EXTERNAL_ID) VALUES ('0', '1', 0, 'admin', null, '示例', '示例', 'https://example.com', 'https://example.com/slo', 'REDIRECT', 'FRONT_CHANNEL', 0, '示例', 0, 'https://example.com/(.*)', 1, 1, 1, 0, 0, 0, '0', 'example.com', '0'); commit;
说明
修改 ID、EVALUATION_ORDER、REGISTERED_SERVICE_ID、APPLICATION_ID、EXTERNAL_ID,应用的ID、标识等
修改 NAME、DESCRIPTION、FRIENDLY_NAME,应用的名称
修改 ID_TOKEN_ENABLED、JWT_AS_SERVICE_TICKET,1 启用,0 禁用
修改 INFORMATION_URL、LOGOUT_URL、SERVICE_ID、APPLICATION_DOMAIN,相关地址、域名修改
应用对接表 TB_SERVICE
字段名 | 字段说明
采用 sql 文件执行接口进行部署
版本要求:1.2.3
curl -i -s -X POST \ -H 'Content-Type: text/plain' \ --data-binary @user_authz_integrate.sql \ 'http://authx-service-user-authz-service-sa.authx-service.svc.cluster.local:8080/deploy/execSql'
user_authz_integrate.sql
-- 应用的创建脚本 INSERT INTO TB_R_SYSTEM (ID, COMPANY_ID, DELETED, ADD_ACCOUNT, ADD_TIME, BUSINESS_DOMAIN_ID, CODE, NAME, ENABLED) VALUES ('0', '1', 0, 'init', null, '1', '0', '示例系统', 1); INSERT INTO TB_APPLICATION (ID, COMPANY_ID, DELETED, ADD_ACCOUNT, ADD_TIME, BUSINESS_DOMAIN_ID, SYSTEM_ID, NAME, APPLICATION_ID, SYNC_URL, ENABLED) VALUES ('0', '1', 0, 'init', null, '1', '0', '示例应用', '0', '', 1); commit; -- 应用角色的创建脚本 INSERT INTO TB_ROLE (ID, COMPANY_ID, DELETED, ADD_ACCOUNT, ADD_TIME, APPLICATION_ID, CODE, NAME, DESCRIPTION, ENABLED, EXTERNAL_ID) VALUES ('0', '1', 0, 'init', null, '0', 'example-admin', '示例管理员', '示例管理员', 1, '0'); commit;
系统信息表 TB_R_SYSTEM
字段名 | 字段说明
应用信息表 TB_APPLICATION
字段名 | 字段说明
角色表 TB_ROLE
字段名 | 字段说明
采用业务管理接口进行部署
版本要求:1.2.0
创建应用
curl -i -s -X POST \ -H 'Content-Type: application/json' \ -d '{"id": "0", "code": "0", "name":"示例", "memo":"示例", "status":"1", "url":""}' \ 'http://admin-platform-admin-center-sa.admin-platform.svc.cluster.local:8080/v1/admin/applications'
导入菜单
curl -i -s -X POST \ -H 'Content-Type: application/json' \ -d '{ "applicationId": "0", "menuList": [ { "id": "0-10000", "parentIdOrCode":"1", "code": "example-10000", "name": "示例一级", "memo": "", "status": "1", "icon": "", "origin": "http://admin-platform.paas.xxx.edu.cn", "url": "/", "target": "", "order": 10000, "resourceIdOrCodes": [] }, { "id": "0-10100", "parentIdOrCode":"0-10000", "code": "example-10100", "name": "示例二级", "memo": "", "status": "1", "icon": "su-icon-denglupeizhi", "origin": "http://admin-platform.paas.xxx.edu.cn", "url": "/example/example-10100", "target": "", "order": 10100, "resourceIdOrCodes": [] }, …… ] }' \ 'http://admin-platform-admin-center-sa.admin-platform.svc.cluster.local:8080/v1/admin/menus/importMenu'
导入操作(按钮权限)
curl -i -s -X POST \ -H 'Content-Type: application/json' \ -d '{ "applicationId": "0", "operationList": [ { "id": "0-10000-10001", "parentIdOrCode":"0-10000", "code": "example-10000-10001", "name": "示例一级-操作", "memo": "", "status": "1", "order": 10001, "resourceIdOrCodes": [] }, { "id": "0-10100-10101", "parentIdOrCode":"0-10100", "code": "example-10100-10101", "name": "示例二级-操作", "memo": "", "status": "1", "order": 10101, "resourceIdOrCodes": [] }, …… ] }' \ 'http://admin-platform-admin-center-sa.admin-platform.svc.cluster.local:8080/v1/admin/operations/importOperation'
导入资源
curl -i -s -X POST \ -H 'Content-Type: application/json' \ -d '{ "applicationId": "0", "resourceList": [ { "id": "0-10001", "code": "example-10001", "name": "示例资源一", "memo": "", "status": "1", "origin": "http://admin-platform.paas.xxx.edu.cn", "method": "GET", "path": "/api/v1/example/10001", "access": "authenticate", "order": 10001, "resourceIdOrCodes": [] }, { "id": "0-10002", "code": "example-10002", "name": "示例资源二", "memo": "", "status": "1", "origin": "http://admin-platform.paas.xxx.edu.cn", "method": "GET", "path": "/api/v1/example/10001", "access": "authenticate", "order": 10002, "resourceIdOrCodes": [] }, …… ] }' \ 'http://admin-platform-admin-center-sa.admin-platform.svc.cluster.local:8080/v1/admin/resources/importResource'
角色权限(关联菜单、操作)
curl -i -s -X POST \ -H 'Content-Type: application/json' \ -d '{ "rolePermissionList": [ { "roleCode":"example-admin", "permissionIdOrCodes": ["0-10000", "0-10100", "0-10000-10001", "0-10100-10101"] }, …… ] }' \ 'http://admin-platform-admin-center-sa.admin-platform.svc.cluster.local:8080/v1/admin/rolePermissions/importRolePermission'
应用的属性说明
属性名 | 说明
菜单的属性说明
属性名 | 说明
操作的属性说明
属性名 | 说明
资源的属性说明
属性名 | 说明
角色权限的属性说明
属性名 | 说明