[ISSUE #321] Fix interface permission verification

src/main/java/org/apache/rocketmq/dashboard/permisssion/PermissionAspect.java

@@ -19,6 +19,7 @@ package org.apache.rocketmq.dashboard.permisssion;
 import jakarta.annotation.Resource;
 import jakarta.servlet.http.HttpServletRequest;
 import org.apache.rocketmq.dashboard.config.RMQConfigure;
+import org.apache.rocketmq.dashboard.exception.ServiceException;
 import org.apache.rocketmq.dashboard.model.UserInfo;
 import org.apache.rocketmq.dashboard.service.PermissionService;
 import org.apache.rocketmq.dashboard.util.WebUtil;
@@ -55,13 +56,13 @@ public class PermissionAspect {
             HttpServletRequest request = ((ServletRequestAttributes) RequestContextHolder.getRequestAttributes()).getRequest();
             String url = request.getRequestURI();
             UserInfo userInfo = (UserInfo) request.getSession().getAttribute(WebUtil.USER_INFO);
-//            if (userInfo == null || userInfo.getUser() == null) {
+            if (userInfo == null || userInfo.getUser() == null) {
-//                throw new ServiceException(-1, "user not login");
+                throw new ServiceException(-1, "user not login");
-//            }
+            }
-//            boolean checkResult = permissionService.checkUrlAvailable(userInfo, url);
+            boolean checkResult = permissionService.checkUrlAvailable(userInfo, url);
-//            if (!checkResult) {
+            if (!checkResult) {
-//                throw new ServiceException(-1, "no permission");
+                throw new ServiceException(-1, "no permission");
-//            }
+            }
         }
         return joinPoint.proceed();
     }

src/main/java/org/apache/rocketmq/dashboard/permisssion/UserRoleEnum.java

@@ -17,8 +17,8 @@
 package org.apache.rocketmq.dashboard.permisssion;
 
 public enum UserRoleEnum {
-    ADMIN(1, "admin"),
+    SUPER(1, "Super"),
-    ORDINARY(0, "ordinary");
+    NORMAL(2, "Normal");
 
     private int roleType;
     private String roleName;

src/main/java/org/apache/rocketmq/dashboard/service/impl/PermissionServiceImpl.java

@@ -33,8 +33,9 @@ import java.util.List;
 import java.util.Map;
 import java.util.concurrent.ConcurrentHashMap;
 
-import static org.apache.rocketmq.dashboard.permisssion.UserRoleEnum.ADMIN;
+import static org.apache.rocketmq.dashboard.permisssion.UserRoleEnum.NORMAL;
-import static org.apache.rocketmq.dashboard.permisssion.UserRoleEnum.ORDINARY;
+import static org.apache.rocketmq.dashboard.permisssion.UserRoleEnum.SUPER;
+
 
 @Service
 public class PermissionServiceImpl implements PermissionService, InitializingBean {
@@ -55,10 +56,10 @@ public class PermissionServiceImpl implements PermissionService, InitializingBea
     public boolean checkUrlAvailable(UserInfo userInfo, String url) {
         int type = userInfo.getUser().getType();
         // if it is admin, it could access all resources
-        if (type == ADMIN.getRoleType()) {
+        if (type == SUPER.getRoleType()) {
             return true;
         }
-        String loginUserRole = ORDINARY.getRoleName();
+        String loginUserRole = NORMAL.getRoleName();
         Map<String, List<String>> rolePerms = PermissionFileStore.rolePerms;
         List<String> perms = rolePerms.get(loginUserRole);
         for (String perm : perms) {

src/main/resources/role-permission.yml

@@ -22,12 +22,13 @@
 # **: Matches 0 or more characters.
 
 rolePerms:
-  ordinary:
+  Normal:
     - /rocketmq/*.query
     - /ops/*.query
     - /dashboard/*.query
     - /topic/*.query
     - /topic/sendTopicMessage.do
+    - /topic/list.queryTopicType
     - /producer/*.query
     - /message/*.query
     - /messageTrace/*.query