[CHG]解决etherpad登录失败问题

.github/script/scan_image.sh

@@ -0,0 +1,84 @@
+
+IAM_DATA=$(cat <<EOF
+{
+    "auth": {
+        "identity": {
+            "methods": [
+                "password"
+            ],
+            "password": {
+                "user": {
+                    "domain": {
+                        "name": "freesky-edward"
+                    },
+                    "name": "codearts_test",
+                    "password": "$3"
+                }
+            }
+        },
+        "scope": {
+            "project": {
+                "name": "cn-north-4"
+            }
+        }
+    }
+}
+EOF
+)
+
+response=$(curl -s -i --location 'https://iam.myhuaweicloud.com/v3/auth/tokens?nocatalog=true' \
+  --header 'Content-Type: application/json' \
+  --data "$IAM_DATA")
+
+# Extract the X-Subject-Token from the response
+token=$(echo "$response" | grep "X-Subject-Token" | awk '{print $2}' | tr -d '\r')
+
+echo "X-Subject-Token: $token"
+
+
+DATA=$(cat <<EOF
+{
+  "sources" : [ {
+    "type" : "code",
+    "params" : {
+      "git_type" : "github",
+      "default_branch" : "main",
+      "git_url" : "$6",
+      "endpoint_id" : "$5",
+      "build_params" : {
+        "build_type" : "branch",
+        "event_type" : "Manual",
+        "target_branch" : "$1"
+      }
+    }
+  } ],
+  "description" : "运行描述",
+  "variables" : [ {
+    "name" : "repo",
+    "value" : "$8"
+  } ,
+  {
+    "name" : "owner",
+    "value" : "$7"
+  }
+  ,
+  {
+    "name" : "pr_id",
+    "value" : "$2"
+  }
+  ,
+    {
+      "name" : "imageUrl",
+      "value" : "$9"
+    }
+  ]
+}
+EOF
+)
+
+CODEARTS_PIPELINE="$4"
+
+curl --location "$CODEARTS_PIPELINE" \
+--header "X-Auth-Token:$token" \
+--header "Content-Type: application/json" \
+--data "$DATA"

.github/workflows/check-label-owner.yml

@@ -6,15 +6,15 @@ on:
       - labeled  # 当 PR 被添加标签时触发
 jobs:
   verify-label-owner:
-    runs-on: ubuntu-latest
+    runs-on: self-hosted
 
     steps:
       - name: Check if the label was added by the bot
         env:
           LABEL_NAME: "gate_check_pass"  # 替换为需要检查的标签名称
           GITHUB_TOKEN: ${{ secrets.OWNER_TOKEN }}
           TARGET_LABEL: "gate_check_pass"  # 替换为需要检查的标签名称
-          AUTHORIZED_USER: "shishupei"  # 替换为允许添加标签的 bot 用户名
+          AUTHORIZED_USER: "opensourceways-robot"  # 替换为允许添加标签的 bot 用户名
         run: |
 
           LABEL_NAME=${{ github.event.label.name }}

.github/workflows/gate-check.yml

@@ -2,11 +2,16 @@ name: Gate Check
 
 on:
   pull_request:
-    types: [opened, synchronize, reopened]  # 在PR打开、同步、重新打开时触发
+    types: [opened, synchronize, reopened]
+    # 在PR打开、同步、重新打开时触发
+    branches:
+      - main
+      - master
+      - release/*
 
 jobs:
   codearts-check:
-    runs-on: ubuntu-latest
+    runs-on: self-hosted
     steps:
       - name: Check and Remove Label
         run: |

.github/workflows/label-check.yml

@@ -6,7 +6,7 @@ on:
 
 jobs:
   check-label:
-    runs-on: ubuntu-latest
+    runs-on: self-hosted
     steps:
       - name: Check PR Labels
         uses: actions/github-script@v6

.github/workflows/pr-branch-check.yml

@@ -0,0 +1,36 @@
+name: Check Branch Naming for PRs
+
+on:
+  pull_request:
+    types: [opened, synchronize, reopened]
+
+jobs:
+  check-branch-naming:
+    runs-on: self-hosted
+
+    steps:
+      - name: Checkout code
+        uses: actions/checkout@v2
+
+      - name: Check PR source branch against target branch
+        run: |
+          # 获取目标分支和源分支
+          TARGET_BRANCH="${{ github.base_ref }}"
+          SOURCE_BRANCH="${{ github.head_ref }}"
+
+          echo "Target branch: $TARGET_BRANCH"
+          echo "Source branch: $SOURCE_BRANCH"
+
+          # 检查目标分支是否是 default 分支 (main/master)
+          if [[ "$TARGET_BRANCH" == "${{ github.event.repository.default_branch }}" ]]; then
+            if [[ ! "$SOURCE_BRANCH" =~ ^release/.* ]]; then
+              echo "Error: The source branch must be of the form 'release/*' when merging into the default branch."
+              exit 1
+            fi
+          # 检查目标分支是否是 release/*
+          elif [[ "$TARGET_BRANCH" =~ ^release/.* ]]; then
+            if [[ ! "$SOURCE_BRANCH" =~ ^(feature|bugfix)/.* ]]; then
+              echo "Error: The source branch must be of the form 'feature/*' or 'bugfix/*' when merging into 'release/*'."
+              exit 1
+            fi
+          fi

pom.xml

@@ -17,7 +17,6 @@
 
     <properties>
         <java.version>17</java.version>
-        <netty.version>4.1.108.Final</netty.version>
         <spring-framework.version>6.1.14</spring-framework.version>
     </properties>
 
@@ -115,11 +114,6 @@
             <artifactId>unirest-java</artifactId>
             <version>3.13.8</version>
         </dependency>
-        <dependency>
-            <groupId>io.netty</groupId>
-            <artifactId>netty-all</artifactId>
-            <version>4.1.108.Final</version>
-        </dependency>
         <dependency>
             <groupId>junit</groupId>
             <artifactId>junit</artifactId>

src/main/java/com/om/dao/AuthingManagerDao.java

@@ -18,6 +18,9 @@
 import cn.authing.core.types.AuthorizedTargetsParam;
 import cn.authing.core.types.CommonMessage;
 import cn.authing.core.types.FindUserParam;
+import cn.authing.core.types.IAction;
+import cn.authing.core.types.IResourceDto;
+import cn.authing.core.types.IResourceResponse;
 import cn.authing.core.types.Identity;
 import cn.authing.core.types.Operator;
 import cn.authing.core.types.PaginatedAuthorizedResources;
@@ -31,6 +34,7 @@
 import com.om.controller.bean.request.NamespaceInfoPage;
 import com.om.dao.bean.AuthorizeInfo;
 import com.om.dao.bean.UserInfo;
+import com.om.utils.CommonUtil;
 import jakarta.annotation.PostConstruct;
 
 import com.alibaba.fastjson2.JSON;
@@ -107,6 +111,11 @@ public class AuthingManagerDao {
      */
     private static final String LIST_COMMON_RESOURCE = "/list-common-resource";
 
+    /**
+     * 创建账号.
+     */
+    private static final String CREATE_USER = "/create-user";
+
     /**
      * 允许的社区列表.
      */
@@ -621,7 +630,11 @@ public List<UserOfResourceInfo> listUserOfResource(String nameSpaceCode, String
             }
             List<String> userIds = sourceList.stream()
                     .map(ResourcePermissionAssignment::getTargetIdentifier).collect(Collectors.toList());
-            List<User> users = managementClient.users().batch(userIds).execute();
+            List<List<String>> splitUserIds = CommonUtil.splitList(userIds, 80);
+            List<User> users = new ArrayList<>();
+            for (List<String> userIdList : splitUserIds) {
+                users.addAll(managementClient.users().batch(userIdList).execute());
+            }
             HashMap<String, List<IdentityInfo>> identityBeanMap = new HashMap<>();
             HashMap<String, User> userMap = new HashMap<>();
             for (User user : users) {
@@ -890,6 +903,46 @@ public String updateAccountInfo(String token, String account, String type) {
         return "true";
     }
 
+    /**
+     * 创建资源.
+     *
+     * @param namespace 命名空间
+     * @param resource 资源
+     * @param actions 操作
+     * @return 创建结果
+     */
+    public boolean createResource(String namespace, String resource, List<String> actions) {
+        try {
+            String resourceName = convertResource(resource);
+            IResourceResponse execute = managementClient.acl().findResourceByCode(resourceName, namespace).execute();
+            if (execute != null && StringUtils.isNotBlank(execute.getCode())) {
+                return true;
+            }
+            ArrayList<IAction> list = new ArrayList<>();
+            for (String action : actions) {
+                list.add(new IAction(action, null));
+            }
+            IResourceDto iResourceDto = new IResourceDto(
+                    resourceName,
+                    ResourceType.DATA,
+                    null,
+                    list,
+                    namespace
+            );
+            IResourceResponse res = managementClient.acl().createResource(iResourceDto).execute();
+            if (res != null && StringUtils.equals(res.getCode(), resourceName)) {
+                LOGGER.info("create resource({}:{}) success", namespace, resource);
+                return true;
+            } else {
+                LOGGER.info("create resource({}:{}) failed", namespace, resource);
+                return false;
+            }
+        } catch (Exception e) {
+            LOGGER.error("create resource {} failed {}", resource, e.getMessage());
+            return false;
+        }
+    }
+
     /**
      * 授权.
      *
@@ -973,7 +1026,7 @@ public boolean revokeResource(String namespaceCode, String resource, List<String
     }
 
     /**
-     * 根据ID批量获取用户.
+     * 根据ID批量获取用户(最多一次只能查询50个用户).
      *
      * @param type 用户类型
      * @param extIdpId 三方平台ID
@@ -1033,6 +1086,44 @@ public List<UserInfo> getUsersByIds(String type, String extIdpId, List<String> u
         }
     }
 
+    /**
+     * 创建用户.
+     *
+     * @param usersObj 用户消息体
+     * @return 创建用户结果
+     */
+    public UserInfo createUser(JSONObject usersObj) {
+        try {
+            String mToken = (String) redisDao.get(Constant.REDIS_KEY_AUTH_MANAGER_TOKEN);
+            if (StringUtils.isBlank(mToken) || "null".equals(mToken)) {
+                mToken = getManagementToken();
+            }
+            System.out.println(usersObj.toString());
+            HttpResponse<JsonNode> response = Unirest.post(authingApiHostV3 + CREATE_USER)
+                    .header("Content-Type", "application/json")
+                    .header("x-authing-userpool-id", userPoolId)
+                    .header("authorization", mToken)
+                    .body(usersObj.toString())
+                    .asJson();
+            JSONObject resObj = response.getBody().getObject();
+            if (resObj.getInt("statusCode") != 200) {
+                LOGGER.error("create users failed {}", resObj.getString("message"));
+                return null;
+            }
+            JSONObject data = resObj.getJSONObject("data");
+            if (data == null) {
+                return null;
+            }
+            UserInfo userInfo = new UserInfo();
+            userInfo.setUserId(data.getString("userId"));
+            userInfo.setUsername(data.getString("username"));
+            return userInfo;
+        } catch (Exception e) {
+            LOGGER.error("delete resource failed {}", e.getMessage());
+            return null;
+        }
+    }
+
     /**
      * 转换resource(部分resource在authing无法使用，需要转化使用).
      *

src/main/java/com/om/dao/AuthingUserDao.java

@@ -1462,7 +1462,7 @@ public String updateUserBaseInfo(String token, Map<String, Object> map, String u
                         updateUserInput.withCompany(inputValue);
                         break;
                     case "username":
-                        msg = checkUsername(appId, inputValue, community);
+                        msg = checkUsername(appId, inputValue, community, false);
                         if (!msg.equals("success")) {
                             return msg;
                         }
@@ -1671,10 +1671,12 @@ public void deleteObsObjectByUrl(String objectUrl) {
      * @param appId 应用程序 ID
      * @param userName 用户名
      * @param community 社区名
+     * @param isJustContent 只检测内容
      * @return 如果用户名可用则返回消息提示，否则返回错误信息
      * @throws ServerErrorException 如果在检查过程中出现服务器错误
      */
-    public String checkUsername(String appId, String userName, String community) throws ServerErrorException {
+    public String checkUsername(String appId, String userName, String community, boolean isJustContent)
+            throws ServerErrorException {
         String msg = "success";
         if (StringUtils.isBlank(userName)) {
             msg = "用户名不能为空";
@@ -1693,16 +1695,17 @@ public String checkUsername(String appId, String userName, String community) thr
                 return msg;
             }
         }
-        if (reservedUsernames.contains(userName) || isUserExists(appId, userName, "username")) {
-            msg = "用户名已存在";
-            return msg;
-        }
-        if (!moderatorService.checkText(userName)) {
-            msg = "Username is illegal";
-            LOGGER.error("username is illegal: {}", userName);
-            return msg;
+        if (!isJustContent) {
+            if (reservedUsernames.contains(userName) || isUserExists(appId, userName, "username")) {
+                msg = "用户名已存在";
+                return msg;
+            }
+            if (!moderatorService.checkText(userName)) {
+                msg = "Username is illegal";
+                LOGGER.error("username is illegal: {}", userName);
+                return msg;
+            }
         }
-
         return msg;
     }