本文档,为中台产品在部署时,提供对接数据初始化的相关接口
主要涉及:
CAS认证,创建 Servcie
授权服务,创建 应用,应用角色
云平台菜单,创建 应用,菜单,角色权限的关联
采用业务管理接口进行部署
版本要求:1.2.0
curl -i -s -X POST \ -H 'Content-Type: application/json' \ -d '{ "id": "0", "companyId": 1, "name": "示例", "description": "示例", "informationUrl": "https://example.com", "logoutUrl": "https://example.com/slo", "responseType": "REDIRECT", "logoutType": "FRONT_CHANNEL", "evaluationOrder": 0, "friendlyName": "示例", "registeredServiceId": 0, "serviceId": "https://example.com/(.*)", "enabled": true, "ssoEnabled": true, "requireAllAttributes": true, "idTokenEnabled": false, "jwtAsServiceTicket": false, "adaptV4Product": false, "applicationId": "0", "applicationDomain": "example.com", "externalId": "0" }' \ 'http://authx-service-user-data-service-goa.authx-service.svc.cluster.local:8080/v1/admin/services'
curl -i -s -X PUT \ -H 'Content-Type: application/json' \ -d '{ "id": "0", "companyId": 1, "name": "示例", "description": "示例", "informationUrl": "https://example.com", "logoutUrl": "https://example.com/slo", "responseType": "REDIRECT", "logoutType": "FRONT_CHANNEL", "evaluationOrder": 0, "friendlyName": "示例", "registeredServiceId": 0, "serviceId": "https://example.com/(.*)", "enabled": true, "ssoEnabled": true, "requireAllAttributes": true, "idTokenEnabled": false, "jwtAsServiceTicket": false, "adaptV4Product": false, "applicationId": "0", "applicationDomain": "example.com", "externalId": "0" }' \ 'http://authx-service-user-data-service-goa.authx-service.svc.cluster.local:8080/v1/admin/services'
说明
修改 id、registeredServiceId、applicationId、externalId,应用的ID、标识等
修改 evaluationOrder
修改 name、description、friendlyName,应用的名称
修改 idTokenEnabled、jwtAsServiceTicket、adaptV4Product,true 启用,false 禁用
修改 informationUrl、logoutUrl、serviceId、applicationDomain,相关地址、域名修改
应用(Service)的属性说明
属性名 | 说明
可以添加 用户、账号,部门,用户组,
服务地址:http://authx-service-user-data-service-goa.authx-service.svc.cluster.local:8080
版本要求:1.2.7、1.3.2、1.4.1、1.5.0
仅创建用户的基本信息,不会创建账号
POST /api/v1/trans/user?transOrigin=init Content-Type: application/json
{ "uid": "string", "passWord": "string", "name": "string", "nameSpelling": "string", "fullNameSpelling": "string", "certificateTypeCode": "string", "certificateNumber": "string", "phoneNumber": "string", "email": "string", "imageUrl": "string", "genderCode": "string", "nationCode": "string", "countryCode": "string", "addressCode": "string", "activation": true, "dataCenter": true, "externalId": "string" }
用户的属性说明
属性名 | 说明 | 是否必填
版本要求:1.0+
POST /api/v1/trans/account?transOrigin=init Content-Type: application/json
{ "uid": "string", "passWord": "string", "name": "string", "nameSpelling": "string", "fullNameSpelling": "string", "certificateTypeCode": "string", "certificateNumber": "string", "phoneNumber": "string", "email": "string", "imageUrl": "string", "genderCode": "string", "nationCode": "string", "countryCode": "string", "addressCode": "string", "accountName": "string", "organizationCode": "string", "identityTypeCode": "string", "accountExpiryDateMillis": 0, "state": "string", "activation": true, "dataCenter": true, "externalId": "string" }
账号的属性说明
属性名 | 说明 | 是否必填
版本要求:1.0+
POST /api/v1/trans/organization?transOrigin=init Content-Type: application/json
{ "parentOrganizationCode": "string", "code": "string", "name": "string", "description": "string", "typeCode": "string", "state": 0, "isDataCenter": true, "externalId": "string" }
组织机构的属性说明
属性名 | 说明 | 是否必填
版本要求:1.2.9、1.3.5、1.4.3、1.5.0
POST /api/v1/trans/group?transOrigin=init Content-Type: application/json
{ "code": "string", "name": "string", "description": "string", "type": "string", "state": 0, "categoryCode": "string", "common": true, "applicationId": "string", "isDataCenter": true, "externalId": "string" }
用户组的属性说明
属性名 | 说明 | 是否必填
采用 sql 文件执行接口进行部署
版本要求:1.2.3
curl -i -s -X POST \ -H 'Content-Type: text/plain' \ --data-binary @user_authz_integrate.sql \ 'http://authx-service-user-authz-service-sa.authx-service.svc.cluster.local:8080/deploy/execSql'
user_authz_integrate.sql
-- 应用的创建脚本 INSERT INTO TB_R_SYSTEM (ID, COMPANY_ID, DELETED, ADD_ACCOUNT, ADD_TIME, BUSINESS_DOMAIN_ID, CODE, NAME, ENABLED) VALUES ('0', '1', 0, 'init', null, '1', '0', '示例系统', 1); INSERT INTO TB_APPLICATION (ID, COMPANY_ID, DELETED, ADD_ACCOUNT, ADD_TIME, BUSINESS_DOMAIN_ID, SYSTEM_ID, NAME, APPLICATION_ID, SYNC_URL, ENABLED) VALUES ('0', '1', 0, 'init', null, '1', '0', '示例应用', '0', '', 1); commit;
如须自动同步角色,请修改 SYNC_URL
系统信息表 TB_R_SYSTEM
字段名 | 字段说明
应用信息表 TB_APPLICATION
字段名 | 字段说明
** 采用业务管理接口进行部署 **
创建角色
curl -i -s -X POST \ -H 'Content-Type: application/json' \ -d '{ "id": "0", "code": "example-admin", "name": "示例管理员", "description": "示例管理员", "enabled": true, "applicationId": "0", "externalId": "0" }' \ 'http://authx-service-user-authz-service-sa.authx-service.svc.cluster.local:8080/v1/admin/roles'
角色表 TB_ROLE
属性名 | 说明
采用业务管理接口进行部署
版本要求:1.2.0
创建应用
curl -i -s -X POST \ -H 'Content-Type: application/json' \ -d '{"id": "0", "code": "0", "name":"示例", "memo":"示例", "status":"1", "url":""}' \ 'http://admin-platform-admin-center-sa.admin-platform.svc.cluster.local:8080/v1/admin/applications'
导入菜单
curl -i -s -X POST \ -H 'Content-Type: application/json' \ -d '{ "applicationId": "0", "menuList": [ { "id": "0-10000", "parentIdOrCode":"1", "code": "example-10000", "name": "示例一级", "memo": "", "status": "1", "icon": "", "origin": "http://admin-platform.paas.xxx.edu.cn", "url": "/", "target": "", "order": 10000, "resourceIdOrCodes": [] }, { "id": "0-10100", "parentIdOrCode":"0-10000", "code": "example-10100", "name": "示例二级", "memo": "", "status": "1", "icon": "su-icon-denglupeizhi", "origin": "http://admin-platform.paas.xxx.edu.cn", "url": "/example/example-10100", "target": "", "order": 10100, "resourceIdOrCodes": [] }, …… ] }' \ 'http://admin-platform-admin-center-sa.admin-platform.svc.cluster.local:8080/v1/admin/menus/importMenu'
导入操作(按钮权限)
curl -i -s -X POST \ -H 'Content-Type: application/json' \ -d '{ "applicationId": "0", "operationList": [ { "id": "0-10000-10001", "parentIdOrCode":"0-10000", "code": "example-10000-10001", "name": "示例一级-操作", "memo": "", "status": "1", "order": 10001, "resourceIdOrCodes": [] }, { "id": "0-10100-10101", "parentIdOrCode":"0-10100", "code": "example-10100-10101", "name": "示例二级-操作", "memo": "", "status": "1", "order": 10101, "resourceIdOrCodes": [] }, …… ] }' \ 'http://admin-platform-admin-center-sa.admin-platform.svc.cluster.local:8080/v1/admin/operations/importOperation'
导入资源
curl -i -s -X POST \ -H 'Content-Type: application/json' \ -d '{ "applicationId": "0", "resourceList": [ { "id": "0-10001", "code": "example-10001", "name": "示例资源一", "memo": "", "status": "1", "origin": "http://admin-platform.paas.xxx.edu.cn", "method": "GET", "path": "/api/v1/example/10001", "access": "authenticate", "order": 10001, "resourceIdOrCodes": [] }, { "id": "0-10002", "code": "example-10002", "name": "示例资源二", "memo": "", "status": "1", "origin": "http://admin-platform.paas.xxx.edu.cn", "method": "GET", "path": "/api/v1/example/10001", "access": "authenticate", "order": 10002, "resourceIdOrCodes": [] }, …… ] }' \ 'http://admin-platform-admin-center-sa.admin-platform.svc.cluster.local:8080/v1/admin/resources/importResource'
角色权限(关联菜单、操作)
curl -i -s -X POST \ -H 'Content-Type: application/json' \ -d '{ "roleCodeIdMap": { "example-admin": "0", "example-admin-1": "0-1" }, "rolePermissionList": [ { "roleId":"0", "roleCode":"example-admin", "permissionIdOrCodes": ["0-10000", "0-10100", "0-10000-10001", "0-10100-10101"] }, …… ] }' \ 'http://admin-platform-admin-center-sa.admin-platform.svc.cluster.local:8080/v1/admin/rolePermissions/importRolePermission'
应用的属性说明
属性名 | 说明
菜单的属性说明
属性名 | 说明
操作的属性说明
属性名 | 说明
资源的属性说明
属性名 | 说明
角色权限的属性说明
属性名 | 说明