Merge branch '1.3.x' into 1.4.x
diff --git "a/deploy-manifests/charts/1.2.0003.\350\256\244\350\257\201\346\216\210\346\235\203-\344\272\221\345\271\263\345\217\260\346\225\260\346\215\256\345\210\235\345\247\213\345\214\226\357\274\210API\350\267\257\347\224\261\343\200\201\345\272\224\347\224\250\343\200\201\350\217\234\345\215\225\343\200\201\350\247\222\350\211\262\346\235\203\351\231\220\357\274\211.md" "b/deploy-manifests/charts/1.2.0003.\350\256\244\350\257\201\346\216\210\346\235\203-\344\272\221\345\271\263\345\217\260\346\225\260\346\215\256\345\210\235\345\247\213\345\214\226\357\274\210API\350\267\257\347\224\261\343\200\201\345\272\224\347\224\250\343\200\201\350\217\234\345\215\225\343\200\201\350\247\222\350\211\262\346\235\203\351\231\220\357\274\211.md"
index c1094af..b340e7c 100644
--- "a/deploy-manifests/charts/1.2.0003.\350\256\244\350\257\201\346\216\210\346\235\203-\344\272\221\345\271\263\345\217\260\346\225\260\346\215\256\345\210\235\345\247\213\345\214\226\357\274\210API\350\267\257\347\224\261\343\200\201\345\272\224\347\224\250\343\200\201\350\217\234\345\215\225\343\200\201\350\247\222\350\211\262\346\235\203\351\231\220\357\274\211.md"
+++ "b/deploy-manifests/charts/1.2.0003.\350\256\244\350\257\201\346\216\210\346\235\203-\344\272\221\345\271\263\345\217\260\346\225\260\346\215\256\345\210\235\345\247\213\345\214\226\357\274\210API\350\267\257\347\224\261\343\200\201\345\272\224\347\224\250\343\200\201\350\217\234\345\215\225\343\200\201\350\247\222\350\211\262\346\235\203\351\231\220\357\274\211.md"
@@ -804,23 +804,23 @@
[
{
"roleId": "20", "roleCode":"cas-admin",
- "permissionIdOrCodes": ["20000", "20100", "20200", "20300", "20400", "20500", "20600", "20700", "20800", "20900", "21000", "21100", "22000"]
+ "permissionIdOrCodes": ["1", "20000", "20100", "20200", "20300", "20400", "20500", "20600", "20700", "20800", "20900", "21000", "21100", "22000"]
},
{
"roleId": "30", "roleCode": "user-admin",
- "permissionIdOrCodes": ["30000", "30100", "30200", "30300", "30400", "30500", "30600", "30700", "30800", "31000"]
+ "permissionIdOrCodes": ["1", "30000", "30100", "30200", "30300", "30400", "30500", "30600", "30700", "30800", "31000"]
},
{
"roleId": "40", "roleCode": "user-authz-admin",
- "permissionIdOrCodes": ["40000", "40050", "40100", "40200", "40300", "40500", "40900"]
+ "permissionIdOrCodes": ["1", "40000", "40050", "40100", "40200", "40300", "40500", "40900"]
},
{
"roleId": "41", "roleCode": "user-authz-grant-admin",
- "permissionIdOrCodes": ["40000", "40100", "40300", "40500"]
+ "permissionIdOrCodes": ["1", "40000", "40100", "40300", "40500"]
},
{
"roleId": "42", "roleCode": "user-authz-man-grant-admin",
- "permissionIdOrCodes": ["40000", "40900"]
+ "permissionIdOrCodes": ["1", "40000", "40900"]
}
]
```
@@ -844,23 +844,23 @@
[
{
"roleId": "20", "roleCode":"cas-admin",
- "permissionIdOrCodes": ["20000", "20100", "20200", "20300", "20400", "20500", "20600", "20700", "20800", "20900", "21000", "21100", "22000"]
+ "permissionIdOrCodes": ["1", "20000", "20100", "20200", "20300", "20400", "20500", "20600", "20700", "20800", "20900", "21000", "21100", "22000"]
},
{
"roleId": "30", "roleCode": "user-admin",
- "permissionIdOrCodes": ["30000", "30100", "30200", "30300", "30400", "30500", "30600", "30700", "30800", "31000"]
+ "permissionIdOrCodes": ["1", "30000", "30100", "30200", "30300", "30400", "30500", "30600", "30700", "30800", "31000"]
},
{
"roleId": "40", "roleCode": "user-authz-admin",
- "permissionIdOrCodes": ["40000", "40050", "40100", "40200", "40300", "40500", "40900"]
+ "permissionIdOrCodes": ["1", "40000", "40050", "40100", "40200", "40300", "40500", "40900"]
},
{
"roleId": "41", "roleCode": "user-authz-grant-admin",
- "permissionIdOrCodes": ["40000", "40100", "40300", "40500"]
+ "permissionIdOrCodes": ["1", "40000", "40100", "40300", "40500"]
},
{
"roleId": "42", "roleCode": "user-authz-man-grant-admin",
- "permissionIdOrCodes": ["40000", "40900"]
+ "permissionIdOrCodes": ["1", "40000", "40900"]
}
]
}
diff --git "a/deploy-manifests/charts/1.3.0002.\350\256\244\350\257\201\346\216\210\346\235\203-\344\272\221\345\271\263\345\217\260\346\225\260\346\215\256\345\210\235\345\247\213\345\214\226\357\274\210\350\217\234\345\215\225\343\200\201\350\247\222\350\211\262\346\235\203\351\231\220\357\274\211.md" "b/deploy-manifests/charts/1.3.0002.\350\256\244\350\257\201\346\216\210\346\235\203-\344\272\221\345\271\263\345\217\260\346\225\260\346\215\256\345\210\235\345\247\213\345\214\226\357\274\210\350\217\234\345\215\225\343\200\201\350\247\222\350\211\262\346\235\203\351\231\220\357\274\211.md"
index f296fb2..644d89c 100644
--- "a/deploy-manifests/charts/1.3.0002.\350\256\244\350\257\201\346\216\210\346\235\203-\344\272\221\345\271\263\345\217\260\346\225\260\346\215\256\345\210\235\345\247\213\345\214\226\357\274\210\350\217\234\345\215\225\343\200\201\350\247\222\350\211\262\346\235\203\351\231\220\357\274\211.md"
+++ "b/deploy-manifests/charts/1.3.0002.\350\256\244\350\257\201\346\216\210\346\235\203-\344\272\221\345\271\263\345\217\260\346\225\260\346\215\256\345\210\235\345\247\213\345\214\226\357\274\210\350\217\234\345\215\225\343\200\201\350\247\222\350\211\262\346\235\203\351\231\220\357\274\211.md"
@@ -42,7 +42,7 @@
"order": 41100, "resourceIdOrCodes": []
},
{
- "id": "41200", "parentIdOrCode":"40000", "code": "userAudit", "name": "用户规则权限审计", "memo": "", "status": "1",
+ "id": "41200", "parentIdOrCode":"40000", "code": "userAudit", "name": "用户规则权限审计", "memo": "", "status": "0",
"icon": "su-icon-yhgzqxsj", "origin": "http://admin-platform.paas.xxx.edu.cn", "url": "/auth-server/userAudit", "target": "",
"order": 41200, "resourceIdOrCodes": []
},
@@ -88,7 +88,7 @@
"order": 41100, "resourceIdOrCodes": []
},
{
- "id": "41200", "parentIdOrCode":"40000", "code": "userAudit", "name": "用户规则权限审计", "memo": "", "status": "1",
+ "id": "41200", "parentIdOrCode":"40000", "code": "userAudit", "name": "用户规则权限审计", "memo": "", "status": "0",
"icon": "su-icon-yhgzqxsj", "origin": "http://admin-platform.paas.xxx.edu.cn", "url": "/auth-server/userAudit", "target": "",
"order": 41200, "resourceIdOrCodes": []
},
@@ -157,23 +157,23 @@
[
{
"roleId": "20", "roleCode":"cas-admin",
- "permissionIdOrCodes": ["20000", "20100", "20200", "20300", "20400", "20500", "20600", "20700", "20800", "20900", "21000", "21100", "22000"]
+ "permissionIdOrCodes": ["1", "20000", "20100", "20200", "20300", "20400", "20500", "20600", "20700", "20800", "20900", "21000", "21100", "22000"]
},
{
"roleId": "30", "roleCode": "user-admin",
- "permissionIdOrCodes": ["30000", "30100", "30200", "30300", "30400", "30500", "30600", "30700", "30800", "31000"]
+ "permissionIdOrCodes": ["1", "30000", "30100", "30200", "30300", "30400", "30500", "30600", "30700", "30800", "31000"]
},
{
"roleId": "40", "roleCode": "user-authz-admin",
- "permissionIdOrCodes": ["40000", "40050", "40100", "40200", "40300", "40500", "40900", "41100", "41200", "41300", "41350", "41400", "41500"]
+ "permissionIdOrCodes": ["1", "40000", "40050", "40100", "40200", "40300", "40500", "40900", "41100", "41200", "41300", "41350", "41400", "41500"]
},
{
"roleId": "41", "roleCode": "user-authz-grant-admin",
- "permissionIdOrCodes": ["40000", "40100", "40300", "40500"]
+ "permissionIdOrCodes": ["1", "40000", "40100", "40300", "40500"]
},
{
"roleId": "42", "roleCode": "user-authz-man-grant-admin",
- "permissionIdOrCodes": ["40000", "40900"]
+ "permissionIdOrCodes": ["1", "40000", "40900"]
}
]
}
diff --git "a/docs/\345\205\263\344\272\216\344\277\256\346\224\271\345\257\206\347\240\201\345\220\216\357\274\214\350\270\242\345\207\272\350\266\205\347\272\247APP\347\231\273\345\275\225\347\212\266\346\200\201\347\232\204\351\205\215\347\275\256\350\257\264\346\230\216.md" "b/docs/\345\205\263\344\272\216\344\277\256\346\224\271\345\257\206\347\240\201\345\220\216\357\274\214\350\270\242\345\207\272\350\266\205\347\272\247APP\347\231\273\345\275\225\347\212\266\346\200\201\347\232\204\351\205\215\347\275\256\350\257\264\346\230\216.md"
new file mode 100644
index 0000000..1b8c48b
--- /dev/null
+++ "b/docs/\345\205\263\344\272\216\344\277\256\346\224\271\345\257\206\347\240\201\345\220\216\357\274\214\350\270\242\345\207\272\350\266\205\347\272\247APP\347\231\273\345\275\225\347\212\266\346\200\201\347\232\204\351\205\215\347\275\256\350\257\264\346\230\216.md"
@@ -0,0 +1,55 @@
+
+# 关于修改密码后,踢出超级APP登录状态的配置说明
+
+
+## 前提
+
+Token 认证(token-server) 须升级至 1.2.0-RELEASE
+
+用户服务(user-data-service) 须升级至 1.2.0-RELEASE
+
+消息服务,须支持 『app消息推送接口』
+
+超级APP,确保对 `APP_LOGIN`、`PASSWORD` 两个消息的正确处理
+
+
+## 准备
+
+1. 从 POA 申请 clientId、clientSecret,并授予 Scope `messagecenter:v1:sendMessage`
+
+ 用于 token-server 调用消息服务的 『app消息推送接口』
+
+ client 申请时, name 为 `Token 认证`
+
+2. 从 消息服务 申请 appId,并创建 消息类型 `APP_LOGIN` 、 `PASSWORD`
+
+ 应用申请时, name 为 `Token 认证`
+
+ 其中,
+ * `APP_LOGIN` 用于一个账号登录新设备后,将其他设备的登录状态踢出
+ * `PASSWORD` 用于一个账号修改密码后,将所有设备的登录状态踢出
+
+
+## 部署配置
+
+1. 消息服务
+
+ 确保已经和个推服务对接
+
+ 确保『app消息推送接口』正常使用
+
+1. 用户服务(user-data-service)
+
+ 确保 JOBS_RABBITMQ 相关配置 已开启
+
+1. Token 认证(token-server)
+
+ 确保 SPRING_RABBITMQ 相关配置 已正确配置
+
+ 确保 MESSAGECENTER_ENABLED 已开启, MESSAGECENTER_APP_ID 配置正确
+
+ 确保 POA_SERVER_URL 配置正确, POA_CLIENT_ID、POA_CLIENT_SECRET 配置正确
+
+1. 超级APP
+
+ 确保打包正确
diff --git "a/docs/\345\210\251\347\224\250rancher,k8s\347\232\204ingress,configmap,deployment\351\205\215\347\275\256\345\276\256\344\277\241\346\240\241\351\252\214\346\226\207\344\273\266.md" "b/docs/\345\210\251\347\224\250rancher,k8s\347\232\204ingress,configmap,deployment\351\205\215\347\275\256\345\276\256\344\277\241\346\240\241\351\252\214\346\226\207\344\273\266.md"
new file mode 100644
index 0000000..4f7f33b
--- /dev/null
+++ "b/docs/\345\210\251\347\224\250rancher,k8s\347\232\204ingress,configmap,deployment\351\205\215\347\275\256\345\276\256\344\277\241\346\240\241\351\252\214\346\226\207\344\273\266.md"
@@ -0,0 +1,116 @@
+
+# 利用 rancher / k8s 的 ingress, config map, deployment 配置微信校验文件
+
+
+## 应用场景
+
+微信对接时,会要求对接方,将某个校验文件,放到服务器,以便其验证服务器、域名等信息的正常
+
+此时,可以利用 k8s 的 config map,将 ConfigMap 中某个 key 的 value 映射为 nginx 下的 文件名及文件内容
+
+而,无须将文件放到某个特定的服务里
+
+
+## yaml 配置
+
+```yaml
+# 创建 namespace,如 tmp
+# 并修改以下配置中的 namespace
+
+# 创建 ConfigMap
+
+---
+apiVersion: v1
+kind: ConfigMap
+metadata:
+ # 修改namespace
+ namespace: tmp
+ name: txt
+data:
+ # 修改 key,value
+ # 其中,
+ # key 为 文件名
+ # value 为 文件内容
+ FWdJ6SLVde.txt: "70976dc348062015aaecd04c4fe393c6"
+
+
+
+# 部署nginx,并将 ConfigMap 挂载成文件
+
+---
+apiVersion: v1
+kind: Service
+metadata:
+ # 修改namespace
+ namespace: tmp
+ name: txt-svc
+ labels:
+ app: txt-svc
+spec:
+ ports:
+ - port: 80
+ targetPort: http
+ protocol: TCP
+ name: http
+ selector:
+ app: txt
+
+---
+apiVersion: apps/v1
+kind: Deployment
+metadata:
+ # 修改namespace
+ namespace: tmp
+ name: txt
+spec:
+ selector:
+ matchLabels:
+ app: txt
+ replicas: 1
+ template:
+ metadata:
+ labels:
+ app: txt
+ spec:
+ containers:
+ - name: txt-nginx
+ # 根据情况修改镜像地址
+ image: nginx:latest
+ ports:
+ - containerPort: 80
+ name: http
+ volumeMounts:
+ - name: txt
+ mountPath: /usr/share/nginx/html
+ readOnly: true
+ volumes:
+ - name: txt
+ configMap:
+ # 这个是 ConfigMap 的名称
+ name: txt
+ items:
+ # 将 ConfigMap 中某个 key 的 value 映射为 文件及文件内容
+ - key: FWdJ6SLVde.txt
+ path: FWdJ6SLVde.txt
+
+# 配置ingress
+
+---
+apiVersion: extensions/v1beta1
+kind: Ingress
+metadata:
+ # 修改namespace
+ namespace: tmp
+ name: txt-ingress
+spec:
+ rules:
+ # 修改为学校的根域名
+ - host: txt.paas.xxx.edu.cn
+ http:
+ paths:
+ # 修改path,对应某个文件路径
+ - path: /FWdJ6SLVde.txt
+ backend:
+ serviceName: txt-svc
+ servicePort: http
+```