alibaba · KomachiSion · Nov 4, 2024 · Nov 4, 2024
diff --git a/...rc/main/java/com/alibaba/nacos/plugin/auth/impl/controller/v3/PermissionControllerV3.java b/...rc/main/java/com/alibaba/nacos/plugin/auth/impl/controller/v3/PermissionControllerV3.java
@@ -69,7 +69,7 @@ public PermissionControllerV3(NacosRoleServiceImpl nacosRoleService) {
      */
     @PostMapping
     @Secured(resource = AuthConstants.CONSOLE_RESOURCE_NAME_PREFIX + "permissions", action = ActionTypes.WRITE)
-    public Object createPermission(@RequestParam String role, @RequestParam String resource, @RequestParam String action) {
+    public Result<String> createPermission(@RequestParam String role, @RequestParam String resource, @RequestParam String action) {
         nacosRoleService.addPermission(role, resource, action);
         return Result.success("add permission ok!");
     }
@@ -85,7 +85,7 @@ public Object createPermission(@RequestParam String role, @RequestParam String r
      */
     @DeleteMapping
     @Secured(resource = AuthConstants.CONSOLE_RESOURCE_NAME_PREFIX + "permissions", action = ActionTypes.WRITE)
-    public Object deletePermission(@RequestParam String role, @RequestParam String resource,
+    public Result<String> deletePermission(@RequestParam String role, @RequestParam String resource,
             @RequestParam String action) {
         nacosRoleService.deletePermission(role, resource, action);
         return Result.success("delete permission ok!");

diff --git a/...ugin/src/main/java/com/alibaba/nacos/plugin/auth/impl/controller/v3/RoleControllerV3.java b/...ugin/src/main/java/com/alibaba/nacos/plugin/auth/impl/controller/v3/RoleControllerV3.java
@@ -65,7 +65,7 @@ public RoleControllerV3(NacosRoleServiceImpl roleService) {
      */
     @PostMapping
     @Secured(resource = AuthConstants.CONSOLE_RESOURCE_NAME_PREFIX + "roles", action = ActionTypes.WRITE)
-    public Object createRole(@RequestParam String role, @RequestParam String username) {
+    public Result<String> createRole(@RequestParam String role, @RequestParam String username) {
         roleService.addRole(role, username);
         return Result.success("add role ok!");
     }
@@ -79,7 +79,7 @@ public Object createRole(@RequestParam String role, @RequestParam String usernam
      */
     @DeleteMapping
     @Secured(resource = AuthConstants.CONSOLE_RESOURCE_NAME_PREFIX + "roles", action = ActionTypes.WRITE)
-    public Object deleteRole(@RequestParam String role,
+    public Result<String> deleteRole(@RequestParam String role,
             @RequestParam(name = "username", defaultValue = StringUtils.EMPTY) String username) {
         if (StringUtils.isBlank(username)) {
             roleService.deleteRole(role);

diff --git a/...ugin/src/main/java/com/alibaba/nacos/plugin/auth/impl/controller/v3/UserControllerV3.java b/...ugin/src/main/java/com/alibaba/nacos/plugin/auth/impl/controller/v3/UserControllerV3.java
@@ -117,7 +117,7 @@ public UserControllerV3(NacosUserDetailsServiceImpl userDetailsService, NacosRol
      */
     @Secured(resource = AuthConstants.CONSOLE_RESOURCE_NAME_PREFIX + "users", action = ActionTypes.WRITE)
     @PostMapping
-    public Object createUser(@RequestParam String username, @RequestParam String password) {
+    public Result<String> createUser(@RequestParam String username, @RequestParam String password) {
         User user = userDetailsService.getUserFromDatabase(username);
         if (user != null) {
             throw new IllegalArgumentException("user '" + username + "' already exist!");
@@ -130,27 +130,26 @@ public Object createUser(@RequestParam String username, @RequestParam String pas
      * Create a admin user only not exist admin user can use.
      */
     @PostMapping("/admin")
-    public Object createAdminUser(@RequestParam(required = false) String password) {
+    public Result<User> createAdminUser(@RequestParam(required = false) String password) {
 
         if (StringUtils.isBlank(password)) {
             password = PasswordGeneratorUtil.generateRandomPassword();
         }
 
         if (AuthSystemTypes.NACOS.name().equalsIgnoreCase(authConfigs.getNacosAuthSystemType())) {
             if (iAuthenticationManager.hasGlobalAdminRole()) {
-                return Result.failure(HttpStatus.CONFLICT.value(), HttpStatus.CONFLICT.getReasonPhrase(),
-                        "have admin user cannot use it");
+                return Result.failure(HttpStatus.CONFLICT.value(), "have admin user cannot use it.", null);
             }
             String username = AuthConstants.DEFAULT_USER;
             userDetailsService.createUser(username, PasswordEncoderUtil.encode(password));
             roleService.addAdminRole(username);
-            ObjectNode result = JacksonUtils.createEmptyJsonNode();
-            result.put(AuthConstants.PARAM_USERNAME, username);
-            result.put(AuthConstants.PARAM_PASSWORD, password);
+            User result = new User();
+            result.setUsername(username);
+            result.setPassword(password);
             return Result.success(result);
         } else {
-            return Result.failure(HttpStatus.NOT_IMPLEMENTED.value(), HttpStatus.NOT_IMPLEMENTED.getReasonPhrase(),
-                    "not support");
+            return Result.failure(HttpStatus.NOT_IMPLEMENTED.value(),
+                    "Current auth type not supported create admin user.", null);
         }
     }
 
@@ -163,7 +162,7 @@ public Object createAdminUser(@RequestParam(required = false) String password) {
      */
     @DeleteMapping
     @Secured(resource = AuthConstants.CONSOLE_RESOURCE_NAME_PREFIX + "users", action = ActionTypes.WRITE)
-    public Object deleteUser(@RequestParam String username) {
+    public Result<String> deleteUser(@RequestParam String username) {
         List<RoleInfo> roleInfoList = roleService.getRoles(username);
         if (roleInfoList != null) {
             for (RoleInfo roleInfo : roleInfoList) {
@@ -189,7 +188,7 @@ public Object deleteUser(@RequestParam String username) {
      */
     @PutMapping
     @Secured(resource = AuthConstants.UPDATE_PASSWORD_ENTRY_POINT, action = ActionTypes.WRITE)
-    public Object updateUser(@RequestParam String username, @RequestParam String newPassword,
+    public Result<String> updateUser(@RequestParam String username, @RequestParam String newPassword,
             HttpServletResponse response, HttpServletRequest request) throws IOException {
         try {
             if (!hasPermission(username, request)) {
@@ -241,7 +240,6 @@ private boolean hasPermission(String username, HttpServletRequest request)
         return user.getUserName().equals(username);
     }
 
-
     /**
      * Get paged users with the option for accurate or fuzzy search.
      *

diff --git a/.../src/test/java/com/alibaba/nacos/plugin/auth/impl/controller/v3/UserControllerV3Test.java b/.../src/test/java/com/alibaba/nacos/plugin/auth/impl/controller/v3/UserControllerV3Test.java
@@ -189,7 +189,7 @@ void testCreateAdminUserSuccess() {
         when(authConfigs.getNacosAuthSystemType()).thenReturn(AuthSystemTypes.NACOS.name());
         when(iAuthenticationManager.hasGlobalAdminRole()).thenReturn(false);
 
-        Result<ObjectNode> result = (Result<ObjectNode>) userControllerV3.createAdminUser("testAdminPass");
+        Result<User> result = userControllerV3.createAdminUser("testAdminPass");
 
         ArgumentCaptor<String> usernameCaptor = ArgumentCaptor.forClass(String.class);
         ArgumentCaptor<String> passwordCaptor = ArgumentCaptor.forClass(String.class);
@@ -198,9 +198,9 @@ void testCreateAdminUserSuccess() {
 
         assertEquals(AuthConstants.DEFAULT_USER, usernameCaptor.getValue());
 
-        ObjectNode data = result.getData();
-        assertEquals(AuthConstants.DEFAULT_USER, data.get(AuthConstants.PARAM_USERNAME).asText());
-        assertEquals("testAdminPass", data.get(AuthConstants.PARAM_PASSWORD).asText());
+        User data = result.getData();
+        assertEquals(AuthConstants.DEFAULT_USER, data.getUsername());
+        assertEquals("testAdminPass", data.getPassword());
 
         assertTrue(passwordCaptor.getValue().startsWith("$2a$10$"));
     }
@@ -210,7 +210,7 @@ void testCreateAdminUserConflict() {
         when(authConfigs.getNacosAuthSystemType()).thenReturn(AuthSystemTypes.NACOS.name());
         when(iAuthenticationManager.hasGlobalAdminRole()).thenReturn(true);
 
-        Result<String> result = (Result<String>) userControllerV3.createAdminUser("adminPass");
+        Result<User> result = userControllerV3.createAdminUser("adminPass");
 
         assertEquals(HttpStatus.CONFLICT.value(), result.getCode());
     }