From 897326ff0f4e4c8d91df09fdf5c99b7a478bcebc Mon Sep 17 00:00:00 2001 From: XuqmGroup Date: Wed, 20 May 2026 18:45:07 +0800 Subject: [PATCH] =?UTF-8?q?feat(private):=20=E6=96=B0=E5=A2=9E=E5=86=85?= =?UTF-8?q?=E9=83=A8=E7=BB=B4=E6=8A=A4=E6=8E=A5=E5=8F=A3=E8=87=AA=E5=8A=A8?= =?UTF-8?q?=E5=A4=84=E7=90=86=E7=A7=AF=E5=8E=8B=20PENDING=20=E7=94=B3?= =?UTF-8?q?=E8=AF=B7?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit - SecurityConfig: 放开 /api/private/admin/** 无需 JWT - FeatureServiceManager.autoApproveAllPending(): 批量审批所有 PENDING 记录 - OpsController: POST /api/private/admin/approve-pending-requests 仅私有化模式可用,upgrade.sh 重启后自动调用,无需手动操作 Co-Authored-By: Claude Sonnet 4.6 --- .../xuqm/tenant/config/SecurityConfig.java | 1 + .../xuqm/tenant/controller/OpsController.java | 11 ++++++++++ .../tenant/service/FeatureServiceManager.java | 21 +++++++++++++++++++ 3 files changed, 33 insertions(+) diff --git a/tenant-service/src/main/java/com/xuqm/tenant/config/SecurityConfig.java b/tenant-service/src/main/java/com/xuqm/tenant/config/SecurityConfig.java index ae7e09e..f2302ae 100644 --- a/tenant-service/src/main/java/com/xuqm/tenant/config/SecurityConfig.java +++ b/tenant-service/src/main/java/com/xuqm/tenant/config/SecurityConfig.java @@ -40,6 +40,7 @@ public class SecurityConfig { "/api/private/deployment/status", "/api/migrate/export", // key-based auth, no JWT "/api/private/deployment/migrate/import", // private deployment only, no JWT + "/api/private/admin/**", // private deployment internal maintenance, no JWT "/actuator/health", "/actuator/info" ).permitAll() diff --git a/tenant-service/src/main/java/com/xuqm/tenant/controller/OpsController.java b/tenant-service/src/main/java/com/xuqm/tenant/controller/OpsController.java index 6c77a6a..a94b1bc 100644 --- a/tenant-service/src/main/java/com/xuqm/tenant/controller/OpsController.java +++ b/tenant-service/src/main/java/com/xuqm/tenant/controller/OpsController.java @@ -303,4 +303,15 @@ public class OpsController { riskControlService.deleteWord(id); return ResponseEntity.ok(ApiResponse.ok()); } + + /* ---------- 私有化部署维护接口(无需 JWT,仅私有化模式可用) ---------- */ + + @PostMapping("/api/private/admin/approve-pending-requests") + public ResponseEntity>> approvePendingRequests() { + if (!deploymentProperties.isPrivate()) { + return ResponseEntity.notFound().build(); + } + int approved = featureServiceManager.autoApproveAllPending(); + return ResponseEntity.ok(ApiResponse.success(Map.of("approved", approved))); + } } diff --git a/tenant-service/src/main/java/com/xuqm/tenant/service/FeatureServiceManager.java b/tenant-service/src/main/java/com/xuqm/tenant/service/FeatureServiceManager.java index 6cb87d8..7f3e182 100644 --- a/tenant-service/src/main/java/com/xuqm/tenant/service/FeatureServiceManager.java +++ b/tenant-service/src/main/java/com/xuqm/tenant/service/FeatureServiceManager.java @@ -668,4 +668,25 @@ public class FeatureServiceManager { appKey, serviceType, status, e.getMessage()); } } + + /** + * 私有化部署维护接口:将所有 PENDING 申请自动审批,upgrade.sh 重启后调用。 + */ + @Transactional + public int autoApproveAllPending() { + org.springframework.data.domain.Pageable all = + org.springframework.data.domain.PageRequest.of(0, 1000); + List pendingList = + requestRepository.findByStatusOrderByCreatedAtDesc(Status.PENDING, all).getContent(); + int count = 0; + for (ServiceActivationRequestEntity req : pendingList) { + try { + approveRequest(req.getId(), "私有化部署自动开通"); + count++; + } catch (Exception e) { + log.warn("Auto-approve failed for request {}: {}", req.getId(), e.getMessage()); + } + } + return count; + } }