Skip to content

feat(resource): 增加资源管理器页面,更新依赖#413

Merged
kanyxmo merged 1 commit into
masterfrom
feat(resource)
Nov 3, 2024
Merged

feat(resource): 增加资源管理器页面,更新依赖#413
kanyxmo merged 1 commit into
masterfrom
feat(resource)

Conversation

@kanyxmo

@kanyxmo kanyxmo commented Nov 3, 2024

Copy link
Copy Markdown
Member

Summary by CodeRabbit

Release Notes

  • New Features

    • Menu items for dataCenter and dataCenter:attachment are now visible.
    • Introduced new API endpoints for managing attachments and user logs.
    • Added a new component for "dataCenter:attachment" functionality.
  • Enhancements

    • The MaResourcePanel component now includes a customizable action button visibility feature.
    • Improved responsiveness of the resource search layout.
  • Bug Fixes

    • Updated API documentation for clarity and accuracy.
  • Dependency Updates

    • Minor version upgrades for @mineadmin/pro-table and @mineadmin/table packages.

@dosubot dosubot Bot added the size:M This PR changes 30-99 lines, ignoring generated files. label Nov 3, 2024
@coderabbitai

coderabbitai Bot commented Nov 3, 2024

Copy link
Copy Markdown

Walkthrough

The changes in this pull request include updates to the visibility of menu items in the MenuUpdate20241029 class, modifications to the OpenAPI specification for the MineAdmin system, dependency version updates in the package.json file, enhancements to the ma-resource-picker component, and the introduction of a new Vue component for dataCenter:attachment. These adjustments improve the API documentation, component flexibility, and overall functionality of the application.

Changes

File Path Change Summary
databases/seeders/menu_update_20241029.php Modified hidden property of dataCenter and dataCenter:attachment menu items from 1 to 0 to make them visible.
storage/swagger/http.json Updated API paths and operations for managing attachments, user logs, and authentication endpoints, including new endpoints and response schemas.
web/package.json Updated dependency versions: @mineadmin/pro-table from ^1.0.23 to ^1.0.25 and @mineadmin/table from ^1.0.25 to ^1.0.29.
web/src/components/ma-resource-picker/panel.vue Added showAction prop to control action button visibility; modified layout for better responsiveness.
web/src/components/ma-resource-picker/type.ts Introduced optional showAction property in ResourcePanelProps interface.
web/src/modules/base/views/dataCenter/attachment/index.vue Introduced new Vue component for dataCenter:attachment, utilizing reactive state management and responsive layout adjustments.

Possibly related PRs

Suggested labels

enhancement, dependencies

Suggested reviewers

  • zds-s

Poem

In the garden of code, where rabbits play,
New paths and menus come out to sway.
With action buttons bright, and dependencies neat,
We hop through the changes, oh what a treat!
From hidden to seen, our work takes flight,
In the world of MineAdmin, all feels just right! 🐇✨


Thank you for using CodeRabbit. We offer it for free to the OSS community and would appreciate your support in helping us grow. If you find it useful, would you consider giving us a shout-out on your favorite social media?

❤️ Share
🪧 Tips

Chat

There are 3 ways to chat with CodeRabbit:

  • Review comments: Directly reply to a review comment made by CodeRabbit. Example:
    • I pushed a fix in commit <commit_id>, please review it.
    • Generate unit testing code for this file.
    • Open a follow-up GitHub issue for this discussion.
  • Files and specific lines of code (under the "Files changed" tab): Tag @coderabbitai in a new review comment at the desired location with your query. Examples:
    • @coderabbitai generate unit testing code for this file.
    • @coderabbitai modularize this function.
  • PR comments: Tag @coderabbitai in a new PR comment to ask questions about the PR branch. For the best results, please provide a very specific query, as very limited context is provided in this mode. Examples:
    • @coderabbitai gather interesting stats about this repository and render them as a table. Additionally, render a pie chart showing the language distribution in the codebase.
    • @coderabbitai read src/utils.ts and generate unit testing code.
    • @coderabbitai read the files in the src/scheduler package and generate a class diagram using mermaid and a README in the markdown format.
    • @coderabbitai help me debug CodeRabbit configuration file.

Note: Be mindful of the bot's finite context window. It's strongly recommended to break down tasks such as reading entire modules into smaller chunks. For a focused discussion, use review comments to chat about specific files and their changes, instead of using the PR comments.

CodeRabbit Commands (Invoked using PR comments)

  • @coderabbitai pause to pause the reviews on a PR.
  • @coderabbitai resume to resume the paused reviews.
  • @coderabbitai review to trigger an incremental review. This is useful when automatic reviews are disabled for the repository.
  • @coderabbitai full review to do a full review from scratch and review all the files again.
  • @coderabbitai summary to regenerate the summary of the PR.
  • @coderabbitai resolve resolve all the CodeRabbit review comments.
  • @coderabbitai configuration to show the current CodeRabbit configuration for the repository.
  • @coderabbitai help to get help.

Other keywords and placeholders

  • Add @coderabbitai ignore anywhere in the PR description to prevent this PR from being reviewed.
  • Add @coderabbitai summary to generate the high-level summary at a specific location in the PR description.
  • Add @coderabbitai anywhere in the PR title to generate the title automatically.

CodeRabbit Configuration File (.coderabbit.yaml)

  • You can programmatically configure CodeRabbit by adding a .coderabbit.yaml file to the root of your repository.
  • Please see the configuration documentation for more information.
  • If your editor has YAML language server enabled, you can add the path at the top of this file to enable auto-completion and validation: # yaml-language-server: $schema=https://coderabbit.ai/integrations/schema.v2.json

Documentation and Community

  • Visit our Documentation for detailed information on how to use CodeRabbit.
  • Join our Discord Community to get help, request features, and share feedback.
  • Follow us on X/Twitter for updates and announcements.

@dosubot dosubot Bot added dependencies Pull requests that update a dependency file enhancement labels Nov 3, 2024

@coderabbitai coderabbitai Bot left a comment

Copy link
Copy Markdown

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Actionable comments posted: 4

🧹 Outside diff range and nitpick comments (9)
web/src/components/ma-resource-picker/type.ts (1)

29-29: Add JSDoc documentation for the new property.

The addition of the optional showAction property is well-structured and maintains backward compatibility. However, consider adding JSDoc documentation to explain its purpose and usage.

+  /** Controls the visibility of action buttons in the resource panel */
   showAction?: boolean
web/src/modules/base/views/dataCenter/attachment/index.vue (3)

24-28: Add documentation for component behavior

The template structure could benefit from comments explaining:

  1. Why actions are disabled in this context
  2. The purpose of the resource-page class and its height adjustment

Consider adding these comments:

 <template>
+  <!-- Container for resource panel with dynamic height adjustment -->
   <div class="mine-card resource-page">
+    <!-- Resource panel with actions disabled for attachment view only mode -->
     <MaResourcePanel v-model="model" :show-action="false" />
   </div>
 </template>

30-32: Remove empty style block

The empty style block can be removed if no styles are needed.

-<style scoped lang="scss">
-
-</style>

18-21: Consider adding window resize handling

The current implementation only sets the height on mount, which won't respond to window resizing.

Consider implementing a resize observer or window resize event handler:

+import { useEventListener } from '@vueuse/core'
+
 onMounted(() => {
+  const updateHeight = () => {
+    const dom = document.querySelector('.resource-page') as HTMLElement
+    if (dom) {
+      dom.style.height = `${getOnlyWorkAreaHeight()}px`
+    }
+  }
+
+  updateHeight()
+  useEventListener(window, 'resize', updateHeight)
-  const dom = document.querySelector('.resource-page') as HTMLElement
-  dom.style.height = `${getOnlyWorkAreaHeight()}px`
 })
web/package.json (1)

24-24: Consider documenting the dependency updates.

Since these table packages are being updated and likely affect the new resource management page, consider:

  1. Testing the resource management page thoroughly with these new versions
  2. Reviewing the changelogs for any breaking changes
  3. Adding a comment in the PR description about why these specific versions were chosen

Also applies to: 26-26

databases/seeders/menu_update_20241029.php (1)

Line range hint 82-102: Consider adding documentation for the new attachment management feature.

The menu structure and permissions for attachment management operations are well-organized. To ensure proper usage:

  1. Consider adding documentation explaining:

    • The purpose and scope of the attachment management feature
    • Available operations and their permissions
    • Usage guidelines and best practices
  2. The permission structure follows the principle of least privilege with separate entries for list/upload/delete operations.

Would you like me to help create a documentation template for this feature?

web/src/components/ma-resource-picker/panel.vue (1)

384-392: Consider adding i18n for button text

The action buttons implementation with slots provides good flexibility. However, the button text "取消" and "确认" should use i18n translations for consistency with the rest of the component.

Apply this diff to add i18n support:

 <el-button @click="cancel">
-  取消
+  {{ $t('cancel') }}
 </el-button>
 <el-button type="primary" @click="confirm">
-  确认
+  {{ $t('confirm') }}
 </el-button>

Add these translations to the i18n block:

en:
  cancel: Cancel
  confirm: Confirm
zh_CN:
  cancel: 取消
  confirm: 确认
zh_TW:
  cancel: 取消
  confirm: 確認
storage/swagger/http.json (2)

Line range hint 32-38: Enhance Authentication Endpoints Security

The /admin/attachment/upload endpoint needs additional security measures for file uploads.

Consider adding:

  1. File size limits in the schema
  2. Allowed MIME types validation
  3. Virus/malware scanning headers
  4. Rate limiting headers

Example addition to the schema:

 "/admin/attachment/upload": {
   "post": {
     "requestBody": {
       "content": {
         "multipart/form-data": {
           "schema": {
             "properties": {
               "file": {
                 "type": "string",
                 "format": "binary",
+                "maxLength": 10485760,
+                "description": "Max file size: 10MB"
               }
             }
           }
         }
       }
     },
+    "x-upload-max-size": "10MB",
+    "x-allowed-mime-types": ["image/*", "application/pdf"],
+    "x-rate-limit": {
+      "rate": 10,
+      "burst": 20,
+      "period": 3600
+    }
   }
 }
🧰 Tools
🪛 Gitleaks

1-1: Uncovered a JSON Web Token, which may lead to unauthorized access to web applications and sensitive user data.

(jwt)


1-1: Uncovered a JSON Web Token, which may lead to unauthorized access to web applications and sensitive user data.

(jwt)


1-1: Uncovered a JSON Web Token, which may lead to unauthorized access to web applications and sensitive user data.

(jwt)


1-1: Uncovered a JSON Web Token, which may lead to unauthorized access to web applications and sensitive user data.

(jwt)

🪛 checkov

[HIGH] 0-1: Ensure that the global security field has rules defined

(CKV_OPENAPI_4)


[HIGH] 0-1: Ensure that security operations is not empty.

(CKV_OPENAPI_5)


[HIGH] 0-1: Ensure that API keys are not sent over cleartext

(CKV_OPENAPI_20)


1-1: Add Response Examples for Error Cases

The API specification lacks examples for error responses, which are crucial for proper error handling by clients.

Add error response examples:

 "components": {
   "schemas": {
     "Result": {
       "properties": {
         "code": {
           "$ref": "#/components/schemas/ResultCode"
         }
       },
+      "examples": {
+        "unauthorized": {
+          "value": {
+            "code": 401,
+            "message": "Unauthorized access",
+            "data": null
+          }
+        },
+        "validation_error": {
+          "value": {
+            "code": 422,
+            "message": "Validation failed",
+            "data": {
+              "field": ["error message"]
+            }
+          }
+        }
+      }
     }
   }
 }
🧰 Tools
🪛 Gitleaks

1-1: Uncovered a JSON Web Token, which may lead to unauthorized access to web applications and sensitive user data.

(jwt)


1-1: Uncovered a JSON Web Token, which may lead to unauthorized access to web applications and sensitive user data.

(jwt)


1-1: Uncovered a JSON Web Token, which may lead to unauthorized access to web applications and sensitive user data.

(jwt)


1-1: Uncovered a JSON Web Token, which may lead to unauthorized access to web applications and sensitive user data.

(jwt)

🪛 checkov

[HIGH] 0-1: Ensure that the global security field has rules defined

(CKV_OPENAPI_4)


[HIGH] 0-1: Ensure that security operations is not empty.

(CKV_OPENAPI_5)


[HIGH] 0-1: Ensure that API keys are not sent over cleartext

(CKV_OPENAPI_20)

📜 Review details

Configuration used: CodeRabbit UI
Review profile: CHILL

📥 Commits

Reviewing files that changed from the base of the PR and between a3016af and 299f04b.

⛔ Files ignored due to path filters (1)
  • web/pnpm-lock.yaml is excluded by !**/pnpm-lock.yaml
📒 Files selected for processing (6)
  • databases/seeders/menu_update_20241029.php (2 hunks)
  • storage/swagger/http.json (1 hunks)
  • web/package.json (1 hunks)
  • web/src/components/ma-resource-picker/panel.vue (4 hunks)
  • web/src/components/ma-resource-picker/type.ts (1 hunks)
  • web/src/modules/base/views/dataCenter/attachment/index.vue (1 hunks)
🧰 Additional context used
🪛 Gitleaks
storage/swagger/http.json

1-1: Uncovered a JSON Web Token, which may lead to unauthorized access to web applications and sensitive user data.

(jwt)


1-1: Uncovered a JSON Web Token, which may lead to unauthorized access to web applications and sensitive user data.

(jwt)


1-1: Uncovered a JSON Web Token, which may lead to unauthorized access to web applications and sensitive user data.

(jwt)


1-1: Uncovered a JSON Web Token, which may lead to unauthorized access to web applications and sensitive user data.

(jwt)

🪛 checkov
storage/swagger/http.json

[HIGH] 0-1: Ensure that the global security field has rules defined

(CKV_OPENAPI_4)


[HIGH] 0-1: Ensure that security operations is not empty.

(CKV_OPENAPI_5)


[HIGH] 0-1: Ensure that API keys are not sent over cleartext

(CKV_OPENAPI_20)

🔇 Additional comments (5)
web/package.json (1)

24-24: Verify the updated package versions.

The minor version updates to @mineadmin/pro-table (^1.0.25) and @mineadmin/table (^1.0.29) appear to be related to the new resource management page functionality.

Let's verify these package versions:

Also applies to: 26-26

✅ Verification successful

Package versions are published and available

The specified versions @mineadmin/pro-table@1.0.25 and @mineadmin/table@1.0.29 are published and available in the npm registry. Both packages show a consistent version history with incremental updates, indicating stable maintenance.

🏁 Scripts executed

The following scripts were executed for the analysis:

Script:

#!/bin/bash
# Description: Verify if the updated package versions exist and are stable

# Test: Check if these versions are published to npm
npm view @mineadmin/pro-table versions --json
npm view @mineadmin/table versions --json

# Test: Look for any package-lock.json or yarn.lock to ensure version resolution
fd -e json -e lock "package-lock.json|yarn.lock"

Length of output: 910

databases/seeders/menu_update_20241029.php (2)

70-70: LGTM! Verify component and consider documentation.

The visibility change for the attachment management menu is appropriate. The menu structure with separate CRUD operations is well-organized.

#!/bin/bash
# Description: Verify that the referenced component exists
# Expected: The component file should exist in the specified path

# Search for the component file
fd "index.vue" -p "base/views/dataCenter/attachment"

54-54: LGTM! Verify i18n key existence.

The visibility change for the data center menu item is appropriate for exposing the new resource management functionality.

✅ Verification successful

Menu visibility change is properly supported by i18n

The visibility change for the data center menu item is safe. The i18n key baseMenu.dataCenter.index is properly defined in both English and Chinese locale files with translations "Data Center" and "数据中心" respectively.

🏁 Scripts executed

The following scripts were executed for the analysis:

Script:

#!/bin/bash
# Description: Verify that the i18n key exists in the localization files
# Expected: The i18n key should be present in the locale files

# Search for the i18n key in locale files
rg "baseMenu\.dataCenter\.index" -g "*.{json,ts,js}"

Length of output: 262


Script:

#!/bin/bash
# Let's try a more comprehensive search for i18n keys in different formats and locations
# Search in locale/language files which typically contain translations
fd -e json -e js -e ts "locale|lang|i18n" --exec rg -l "dataCenter"

# Also search specifically for the menu key in different formats
rg -i "datacenter.*index|menu.*datacenter" -g "*.{json,js,ts,vue}"

Length of output: 136


Script:

#!/bin/bash
# Let's try a different approach to locate translation files and menu configurations
# First, find all potential locale/language files
fd -t f -e json -e js -e ts

# Then search for any menu-related configurations
rg -l "menu" -g "*.{json,js,ts,vue}"

Length of output: 5137


Script:

#!/bin/bash
# Let's check the locale files in web/src directory and menu configurations
# Check for translation files in common locations
rg -l "i18n|locale|lang" web/src/

# Specifically look at menu store and configuration
cat web/src/store/modules/useMenuStore.ts

# Check menu API implementation
cat web/src/modules/base/api/menu.ts

Length of output: 11307


Script:

#!/bin/bash
# Let's check the localization files found in the base module
cat "web/src/modules/base/locales/en[English].yaml"
cat "web/src/modules/base/locales/zh_CN[简体中文].yaml"

Length of output: 6536

web/src/components/ma-resource-picker/panel.vue (2)

32-32: LGTM: Well-structured prop addition

The new showAction prop is properly typed and includes a sensible default value, maintaining backward compatibility.


Line range hint 277-300: LGTM: Improved responsive layout

The layout changes enhance the component's responsiveness:

  • Proper flex direction management for different screen sizes
  • Consistent spacing with gap-y-1
  • Responsive width adjustment for search input (w-full md:w-[180px])

Comment thread web/src/modules/base/views/dataCenter/attachment/index.vue
Comment thread storage/swagger/http.json
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

dependencies Pull requests that update a dependency file enhancement size:M This PR changes 30-99 lines, ignoring generated files.

Projects

None yet

Development

Successfully merging this pull request may close these issues.

1 participant