Merge pull request #9830 from carlyin0801/issue_9803_static_file_host…

…_refer_fix pref:静态文件url中域名支持根据http请求的Referer头进行替换 #9803
TencentBlueKing · Dec 19, 2023 · 52dcfab · 52dcfab
2 parents 23f6f79 + 32e6b90
commit 52dcfab
Show file tree

Hide file tree

Showing 10 changed files with 238 additions and 152 deletions.
diff --git a/...nd/ci/core/common/common-api/src/main/kotlin/com/tencent/devops/common/api/auth/Header.kt b/...nd/ci/core/common/common-api/src/main/kotlin/com/tencent/devops/common/api/auth/Header.kt
@@ -107,3 +107,4 @@ const val AUTH_HEADER_CODECC_OPENAPI_TOKEN = "X-CODECC-OPENAPI-TOKEN"
 const val AUTH_HEADER_OAUTH2_CLIENT_ID: String = "X-DEVOPS-OAUTH2-CLIENT-ID"
 const val AUTH_HEADER_OAUTH2_CLIENT_SECRET: String = "X-DEVOPS-OAUTH2-CLIENT-SECRET"
 const val AUTH_HEADER_OAUTH2_AUTHORIZATION: String = "X-DEVOPS-OAUTH2-AUTHORIZATION"
+const val REFERER = "referer" // 来源
diff --git a/...e/common/common-api/src/main/kotlin/com/tencent/devops/common/api/util/ThreadLocalUtil.kt b/...e/common/common-api/src/main/kotlin/com/tencent/devops/common/api/util/ThreadLocalUtil.kt
@@ -0,0 +1,70 @@
+/*
+ * Tencent is pleased to support the open source community by making BK-CI 蓝鲸持续集成平台 available.
+ *
+ * Copyright (C) 2019 THL A29 Limited, a Tencent company.  All rights reserved.
+ *
+ * BK-CI 蓝鲸持续集成平台 is licensed under the MIT license.
+ *
+ * A copy of the MIT License is included in this file.
+ *
+ *
+ * Terms of the MIT License:
+ * ---------------------------------------------------
+ * Permission is hereby granted, free of charge, to any person obtaining a copy of this software and associated
+ * documentation files (the "Software"), to deal in the Software without restriction, including without limitation the
+ * rights to use, copy, modify, merge, publish, distribute, sublicense, and/or sell copies of the Software, and to
+ * permit persons to whom the Software is furnished to do so, subject to the following conditions:
+ *
+ * The above copyright notice and this permission notice shall be included in all copies or substantial portions of
+ * the Software.
+ *
+ * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR IMPLIED, INCLUDING BUT NOT
+ * LIMITED TO THE WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN
+ * NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY,
+ * WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION WITH THE
+ * SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.
+ */
+
+package com.tencent.devops.common.api.util
+
+object ThreadLocalUtil {
+
+    private val threadLocalMap = object : ThreadLocal<MutableMap<String, Any>>() {
+        override fun initialValue(): MutableMap<String, Any> {
+            return mutableMapOf()
+        }
+    }
+
+    /**
+     * 根据 key 获取线程变量
+     * @param key 变量 key
+     * @return 变量值
+     */
+    fun get(key: String): Any? {
+        return threadLocalMap.get()[key]
+    }
+
+    /**
+     * 设置线程变量
+     * @param key 变量 key
+     * @param value 变量值
+     */
+    fun set(key: String, value: Any) {
+        threadLocalMap.get()[key] = value
+    }
+
+    /**
+     * 移除线程变量
+     * @param key 变量 key
+     */
+    fun remove(key: String) {
+        threadLocalMap.get().remove(key)
+    }
+
+    /**
+     * 清空当前线程变量
+     */
+    fun clear() {
+        threadLocalMap.get().clear()
+    }
+}
diff --git a/...ore/common/common-web/src/main/kotlin/com/tencent/devops/common/web/FeignConfiguration.kt b/...ore/common/common-web/src/main/kotlin/com/tencent/devops/common/web/FeignConfiguration.kt
@@ -32,6 +32,7 @@ import com.tencent.devops.common.api.auth.AUTH_HEADER_DEVOPS_SERVICE_NAME
 import com.tencent.devops.common.api.auth.AUTH_HEADER_GATEWAY_TAG
 import com.tencent.devops.common.api.auth.AUTH_HEADER_PROJECT_ID
 import com.tencent.devops.common.api.auth.AUTH_HEADER_USER_ID
+import com.tencent.devops.common.api.auth.REFERER
 import com.tencent.devops.common.api.constant.API_PERMISSION
 import com.tencent.devops.common.api.constant.REQUEST_CHANNEL
 import com.tencent.devops.common.api.constant.REQUEST_IP
@@ -134,6 +135,11 @@ class FeignConfiguration @Autowired constructor(
             if (!requestIp.isNullOrBlank()) {
                 requestTemplate.header(REQUEST_IP, requestIp)
             }
+            // 设置请求来源
+            val referer = request.getHeader(REFERER)
+            if (!referer.isNullOrBlank()) {
+                requestTemplate.header(REFERER, referer)
+            }
             val cookies = request.cookies
             if (cookies != null && cookies.isNotEmpty()) {
                 val cookieBuilder = StringBuilder()

diff --git a/...mmon-web/src/main/kotlin/com/tencent/devops/common/web/interceptor/BkWriterInterceptor.kt b/...mmon-web/src/main/kotlin/com/tencent/devops/common/web/interceptor/BkWriterInterceptor.kt
@@ -21,8 +21,6 @@ import org.apache.commons.collections4.ListUtils
 import org.slf4j.LoggerFactory
 import org.springframework.core.annotation.AnnotationUtils
 import org.springframework.stereotype.Component
-import org.springframework.web.context.request.RequestContextHolder
-import org.springframework.web.context.request.ServletRequestAttributes
 
 @Provider
 @BkInterfaceI18n
@@ -231,9 +229,8 @@ class BkWriterInterceptor(
         dbI18ndbKeyMap: MutableMap<String, String>,
         bkI18nFieldMap: MutableMap<String, I18nFieldInfo>
     ) {
-        val attributes = RequestContextHolder.getRequestAttributes() as? ServletRequestAttributes
         // 获取模块标识
-        val moduleCode = I18nUtil.getModuleCode(attributes)
+        val moduleCode = I18nUtil.getModuleCode()
         // 获取用户ID
         val userId = I18nUtil.getRequestUserId()
         // 根据用户ID获取语言信息

diff --git a/...i/core/common/common-web/src/main/kotlin/com/tencent/devops/common/web/utils/BkApiUtil.kt b/...i/core/common/common-web/src/main/kotlin/com/tencent/devops/common/web/utils/BkApiUtil.kt
@@ -1,6 +1,9 @@
 package com.tencent.devops.common.web.utils
 
 import com.tencent.devops.common.web.constant.BkApiHandleType
+import org.springframework.web.context.request.RequestContextHolder
+import org.springframework.web.context.request.ServletRequestAttributes
+import javax.servlet.http.HttpServletRequest
 
 /**
  * API接口工具类
@@ -36,4 +39,13 @@ object BkApiUtil {
     fun getPermissionFlag(): Boolean? {
         return apiPermissionThreadLocal.get()
     }
+
+    /**
+     * 获取request对象
+     * @return request对象
+     */
+    fun getHttpServletRequest(): HttpServletRequest? {
+        val attributes = RequestContextHolder.getRequestAttributes() as? ServletRequestAttributes
+        return attributes?.request
+    }
 }
diff --git a/...ci/core/common/common-web/src/main/kotlin/com/tencent/devops/common/web/utils/I18nUtil.kt b/...ci/core/common/common-web/src/main/kotlin/com/tencent/devops/common/web/utils/I18nUtil.kt
@@ -43,10 +43,8 @@ import com.tencent.devops.common.service.config.CommonConfig
 import com.tencent.devops.common.service.utils.CookieUtil
 import com.tencent.devops.common.service.utils.SpringContextUtil
 import com.tencent.devops.common.web.service.ServiceLocaleResource
-import java.net.URLDecoder
 import org.slf4j.LoggerFactory
-import org.springframework.web.context.request.RequestContextHolder
-import org.springframework.web.context.request.ServletRequestAttributes
+import java.net.URLDecoder
 
 object I18nUtil {
 
@@ -97,9 +95,8 @@ object I18nUtil {
      * @return 渠道信息
      */
     fun getRequestChannel(): String? {
-        val attributes = RequestContextHolder.getRequestAttributes() as? ServletRequestAttributes
-        return if (null != attributes) {
-            val request = attributes.request
+        val request = BkApiUtil.getHttpServletRequest()
+        return if (null != request) {
             (request.getAttribute(REQUEST_CHANNEL) ?: request.getHeader(REQUEST_CHANNEL))?.toString()
         } else {
             null // 不是接口请求来源则返回null
@@ -112,8 +109,8 @@ object I18nUtil {
      */
     private fun getCookieLocale(): String? {
         // 从request请求中获取本地语言信息
-        val attributes = RequestContextHolder.getRequestAttributes() as? ServletRequestAttributes
-        return attributes?.let { bkLanguageTransMap[CookieUtil.getCookieValue(attributes.request, BK_LANGUAGE)] }
+        val request = BkApiUtil.getHttpServletRequest()
+        return request?.let { bkLanguageTransMap[CookieUtil.getCookieValue(request, BK_LANGUAGE)] }
     }
 
     // 蓝鲸专定义的语言头, 有差异,要定制转换
@@ -138,9 +135,8 @@ object I18nUtil {
      * @return 用户ID
      */
     fun getRequestUserId(): String? {
-        val attributes = RequestContextHolder.getRequestAttributes() as? ServletRequestAttributes
-        return if (null != attributes) {
-            val request = attributes.request
+        val request = BkApiUtil.getHttpServletRequest()
+        return if (null != request) {
             request.getHeader(AUTH_HEADER_USER_ID)?.toString()
         } else {
             null
@@ -255,12 +251,11 @@ object I18nUtil {
 
     /**
      * 获取模块标识
-     * @param attributes 属性列表
      * @return 模块标识
      */
-    fun getModuleCode(attributes: ServletRequestAttributes?): String {
-        val moduleCode = if (null != attributes) {
-            val request = attributes.request
+    fun getModuleCode(): String {
+        val request = BkApiUtil.getHttpServletRequest()
+        val moduleCode = if (null != request) {
             // 从请求头中获取服务名称
             val serviceName = request.getHeader(AUTH_HEADER_DEVOPS_SERVICE_NAME) ?: SystemModuleEnum.COMMON.name
             try {

diff --git a/...re/biz-store-image/src/main/kotlin/com/tencent/devops/store/service/image/ImageService.kt b/...re/biz-store-image/src/main/kotlin/com/tencent/devops/store/service/image/ImageService.kt
@@ -43,8 +43,8 @@ import com.tencent.devops.common.web.utils.I18nUtil
 import com.tencent.devops.model.store.tables.records.TImageRecord
 import com.tencent.devops.project.api.service.ServiceProjectResource
 import com.tencent.devops.store.constant.StoreMessageCode
-import com.tencent.devops.store.constant.StoreMessageCode.NO_COMPONENT_ADMIN_PERMISSION
 import com.tencent.devops.store.constant.StoreMessageCode.GET_INFO_NO_PERMISSION
+import com.tencent.devops.store.constant.StoreMessageCode.NO_COMPONENT_ADMIN_PERMISSION
 import com.tencent.devops.store.constant.StoreMessageCode.USER_IMAGE_VERSION_NOT_EXIST
 import com.tencent.devops.store.dao.common.CategoryDao
 import com.tencent.devops.store.dao.common.ClassifyDao
@@ -326,7 +326,6 @@ abstract class ImageService @Autowired constructor() {
         classifyList?.forEach {
             classifyMap[it.id] = it.classifyCode
         }
-
         images.forEach {
             val imageCode = it[KEY_IMAGE_CODE] as String
             val visibleList = imageVisibleData?.get(imageCode)

diff --git a/...re/src/main/kotlin/com/tencent/devops/store/service/atom/impl/MarketAtomEnvServiceImpl.kt b/...re/src/main/kotlin/com/tencent/devops/store/service/atom/impl/MarketAtomEnvServiceImpl.kt
@@ -278,8 +278,8 @@ class MarketAtomEnvServiceImpl @Autowired constructor(
             version = version,
             atomDefaultFlag = atomDefaultFlag,
             atomStatusList = atomStatusList
-        ) ?: return I18nUtil.generateResponseDataObject(
-            messageCode = CommonMessageCode.PARAMETER_IS_INVALID,
+        ) ?: throw ErrorCodeException(
+            errorCode = CommonMessageCode.PARAMETER_IS_INVALID,
             params = arrayOf("[project($projectCode)-plugin($atomCode)]")
         )
         val tAtom = TAtom.T_ATOM