Added before/after detail of data source permission update event

Thomasr · Thomasr · commit 02c41aaf608e · 2025-05-24T12:42:52.000-04:00
diff --git a/server/api-service/lowcoder-infra/src/main/java/org/lowcoder/infra/event/DatasourceResourcePermissionEvent.java b/server/api-service/lowcoder-infra/src/main/java/org/lowcoder/infra/event/DatasourceResourcePermissionEvent.java
@@ -0,0 +1,18 @@
+package org.lowcoder.infra.event;
+
+import lombok.Getter;
+import lombok.experimental.SuperBuilder;
+
+@Getter
+@SuperBuilder
+public class DatasourceResourcePermissionEvent extends AbstractEvent {
+
+    private final String datasourceId;
+    private final String name;
+    private final String type;
+
+    private final Object oldPermission;
+    private final Object newPermission;
+
+    private final EventType eventType;
+}
diff --git a/server/api-service/lowcoder-infra/src/main/java/org/lowcoder/infra/event/datasource/DatasourcePermissionEvent.java b/server/api-service/lowcoder-infra/src/main/java/org/lowcoder/infra/event/datasource/DatasourcePermissionEvent.java
@@ -5,6 +5,7 @@
 import org.lowcoder.infra.event.AbstractEvent;
 
 import java.util.Collection;
+import java.util.List;
 
 @Getter
 @SuperBuilder
@@ -18,5 +19,8 @@ public class DatasourcePermissionEvent extends AbstractEvent {
     private final Collection<String> groupIds;
     private final String role;
 
+    private final List<?> oldPermissions;
+    private final List<?> newPermissions;
+
     private final EventType eventType;
 }
diff --git a/server/api-service/lowcoder-server/src/main/java/org/lowcoder/api/datasource/DatasourceController.java b/server/api-service/lowcoder-server/src/main/java/org/lowcoder/api/datasource/DatasourceController.java
@@ -17,6 +17,7 @@
 import org.lowcoder.domain.datasource.service.DatasourceService;
 import org.lowcoder.domain.datasource.service.DatasourceStructureService;
 import org.lowcoder.domain.permission.model.ResourceRole;
+import org.lowcoder.domain.permission.service.ResourcePermissionService;
 import org.lowcoder.domain.plugin.client.dto.GetPluginDynamicConfigRequestDTO;
 import org.lowcoder.sdk.exception.BizError;
 import org.lowcoder.sdk.models.DatasourceStructure;
@@ -48,6 +49,7 @@ public class DatasourceController implements DatasourceEndpoints
     private final BusinessEventPublisher businessEventPublisher;
     private final DatasourceService datasourceService;
     private final GidService gidService;
+    private final ResourcePermissionService resourcePermissionService;
 
     @Override
 	public Mono<ResponseView<Datasource>> create(@Valid @RequestBody UpsertDatasourceRequest request) {
@@ -180,15 +182,17 @@ public Mono<ResponseView<Boolean>> grantPermission(@PathVariable String datasour
             return ofError(INVALID_PARAMETER, "INVALID_PARAMETER", request.role());
         }
         return gidService.convertDatasourceIdToObjectId(datasourceId).flatMap(objectId ->
-            datasourceApiService.grantPermission(objectId, request.userIds(), request.groupIds(), role)
-                .delayUntil(result -> {
-                    if (BooleanUtils.isTrue(result)) {
-                        return businessEventPublisher.publishDatasourcePermissionEvent(objectId, request.userIds(),
-                                request.groupIds(), request.role(), DATA_SOURCE_PERMISSION_GRANT);
-                    }
-                    return Mono.empty();
-                })
-                .map(ResponseView::success));
+                datasourceApiService.getPermissions(objectId).flatMap(oldPermissions ->
+                        datasourceApiService.grantPermission(objectId, request.userIds(), request.groupIds(), role)
+                            .delayUntil(result -> {
+                                if (BooleanUtils.isTrue(result)) {
+                                    return datasourceApiService.getPermissions(objectId).flatMap(newPermissions ->
+                                            businessEventPublisher.publishDatasourcePermissionEvent(objectId, request.userIds(),
+                                            request.groupIds(), request.role(), DATA_SOURCE_PERMISSION_GRANT, oldPermissions, newPermissions));
+                                }
+                                return Mono.empty();
+                            })
+                            .map(ResponseView::success)));
     }
 
     @Override
@@ -197,21 +201,24 @@ public Mono<ResponseView<Boolean>> updatePermission(@PathVariable("permissionId"
         if (request.getResourceRole() == null) {
             return ofError(INVALID_PARAMETER, "INVALID_PARAMETER", request.role());
         }
-        return datasourceApiService.updatePermission(permissionId, request.getResourceRole())
+        return resourcePermissionService.getById(permissionId).flatMap(oldPermission ->
+                datasourceApiService.updatePermission(permissionId, request.getResourceRole())
                 .delayUntil(result -> {
                     if (BooleanUtils.isTrue(result)) {
-                        return businessEventPublisher.publishDatasourcePermissionEvent(permissionId, DATA_SOURCE_PERMISSION_UPDATE);
+                        return resourcePermissionService.getById(permissionId).flatMap(newPermission ->
+                                businessEventPublisher.publishDatasourceResourcePermissionEvent(DATA_SOURCE_PERMISSION_UPDATE, oldPermission, newPermission));
                     }
                     return Mono.empty();
                 })
-                .map(ResponseView::success);
+                .map(ResponseView::success));
     }
 
     @Override
     public Mono<ResponseView<Boolean>> deletePermission(@PathVariable("permissionId") String permissionId) {
-        return businessEventPublisher.publishDatasourcePermissionEvent(permissionId, DATA_SOURCE_PERMISSION_DELETE)
+        return resourcePermissionService.getById(permissionId).flatMap(oldPermission ->
+                businessEventPublisher.publishDatasourceResourcePermissionEvent(DATA_SOURCE_PERMISSION_DELETE, oldPermission, null)
                 .then(datasourceApiService.deletePermission(permissionId))
-                .map(ResponseView::success);
+                .map(ResponseView::success));
     }
 
     @Override
diff --git a/server/api-service/lowcoder-server/src/main/java/org/lowcoder/api/util/BusinessEventPublisher.java b/server/api-service/lowcoder-server/src/main/java/org/lowcoder/api/util/BusinessEventPublisher.java
@@ -10,6 +10,7 @@
 import org.lowcoder.api.application.view.ApplicationPublishRequest;
 import org.lowcoder.api.application.view.ApplicationView;
 import org.lowcoder.api.home.SessionUserService;
+import org.lowcoder.api.permission.view.CommonPermissionView;
 import org.lowcoder.api.usermanagement.view.AddMemberRequest;
 import org.lowcoder.api.usermanagement.view.UpdateRoleRequest;
 import org.lowcoder.domain.application.model.Application;
@@ -710,34 +711,16 @@ public Mono<Void> publishDatasourceEvent(Datasource datasource, EventType eventT
                 });
     }
 
-    public Mono<Void> publishDatasourcePermissionEvent(String permissionId, EventType eventType) {
-        return resourcePermissionService.getById(permissionId)
-                .zipWhen(resourcePermission -> datasourceService.getById(resourcePermission.getResourceId()))
-                .flatMap(tuple -> {
-                    ResourcePermission resourcePermission = tuple.getT1();
-                    ResourceHolder holder = resourcePermission.getResourceHolder();
-                    Datasource datasource = tuple.getT2();
-                    return publishDatasourcePermissionEvent(datasource.getId(),
-                            holder == USER ? List.of(resourcePermission.getResourceHolderId()) : Collections.emptyList(),
-                            holder == USER ? Collections.emptyList() : List.of(resourcePermission.getResourceHolderId()),
-                            resourcePermission.getResourceRole().getValue(),
-                            eventType);
-                })
-                .onErrorResume(throwable -> {
-                    log.error("publishDatasourcePermissionEvent error.", throwable);
-                    return Mono.empty();
-                });
-    }
-
     public Mono<Void> publishDatasourcePermissionEvent(String datasourceId,
             Collection<String> userIds, Collection<String> groupIds, String role,
-            EventType eventType) {
+            EventType eventType, CommonPermissionView oldPermissions, CommonPermissionView newPermissions) {
         return Mono.zip(sessionUserService.getVisitorOrgMemberCache(),
                         datasourceService.getById(datasourceId),
                         sessionUserService.getVisitorToken())
                 .flatMap(tuple -> {
                     OrgMember orgMember = tuple.getT1();
                     Datasource datasource = tuple.getT2();
+
                     DatasourcePermissionEvent datasourcePermissionEvent = DatasourcePermissionEvent.builder()
                             .datasourceId(datasourceId)
                             .name(datasource.getName())
@@ -746,6 +729,8 @@ public Mono<Void> publishDatasourcePermissionEvent(String datasourceId,
                             .orgId(orgMember.getOrgId())
                             .userIds(userIds)
                             .groupIds(groupIds)
+                            .newPermissions(newPermissions==null?null:newPermissions.getPermissions())
+                            .oldPermissions(oldPermissions==null?null:oldPermissions.getPermissions())
                             .role(role)
                             .eventType(eventType)
                             .isAnonymous(Authentication.isAnonymousUser(orgMember.getUserId()))
@@ -763,6 +748,37 @@ public Mono<Void> publishDatasourcePermissionEvent(String datasourceId,
                 });
     }
 
+    public Mono<Void> publishDatasourceResourcePermissionEvent(EventType eventType, ResourcePermission oldPermission, ResourcePermission newPermission) {
+        return Mono.zip(sessionUserService.getVisitorOrgMemberCache(),
+                        datasourceService.getById(oldPermission.getResourceId()),
+                        sessionUserService.getVisitorToken())
+                .flatMap(tuple -> {
+                    OrgMember orgMember = tuple.getT1();
+                    Datasource datasource = tuple.getT2();
+
+                    DatasourceResourcePermissionEvent datasourceResourcePermissionEvent = DatasourceResourcePermissionEvent.builder()
+                            .name(datasource.getName())
+                            .type(datasource.getType())
+                            .userId(orgMember.getUserId())
+                            .orgId(orgMember.getOrgId())
+                            .newPermission(newPermission)
+                            .oldPermission(oldPermission)
+                            .eventType(eventType)
+                            .isAnonymous(Authentication.isAnonymousUser(orgMember.getUserId()))
+                            .sessionHash(Hashing.sha512().hashString(tuple.getT3(), StandardCharsets.UTF_8).toString())
+                            .build();
+                    return Mono.deferContextual(contextView -> {
+                        datasourceResourcePermissionEvent.populateDetails(contextView);
+                        applicationEventPublisher.publishEvent(datasourceResourcePermissionEvent);
+                        return Mono.<Void>empty();
+                    });
+                })
+                .onErrorResume(throwable -> {
+                    log.error("DatasourceResourcePermissionEvent error.", throwable);
+                    return Mono.empty();
+                });
+    }
+
     public Mono<Void> publishLibraryQueryPublishEvent(String id, String oldVersion, String newVersion, EventType eventType) {
         return sessionUserService.getVisitorOrgMemberCache()
                 .zipWith(sessionUserService.getVisitorToken())
