huangping/starRiverProperty
1
0
Fork 0
mirror of https://github.com/hpd840321/starRiverProperty.git synced 2026-06-11 01:10:29 +08:00
Code Issues Packages Projects Releases Wiki Activity
Files
72040cdce6853ed27191efb5bbc846489fb1abc6
starRiverProperty/maven-cw-elevator-application/releases/org-policy-fix-test-20260501/README.md
T
反编译工作区 8b15445328 feat: add service config templates and extraction script 
Former-commit-id: 1de24b7eb79676d1aba9d799a58c5a753290cf52
2026-05-01 19:38:01 +08:00

121 lines
3.8 KiB
Markdown
Raw Blame History

This file contains ambiguous Unicode characters
This file contains Unicode characters that might be confused with other characters. If you think that this is intentional, you can safely ignore this warning. Use the Escape button to reveal them.
# org_id 策略修复 — 生产环境部署验证
## 发布包内容
```
org-policy-fix-test-20260501/
├── cw-elevator-application-V1.0.0.20211103.jar # V2 JAR(含 @RibbonClients 修复,命名同 V1
├── scripts/
│ ├── verify_org_policy_fix.py # 7 用例验证脚本
│ └── stub_org_service.py # 组织服务 HTTP 桩(本地测试用)
├── config/
│ └── v2-local-config.properties # 本地测试配置参考
├── sql/
│ ├── tenant_visitor_floor_policy_v2.sql # DDL(加 org_id 列)
│ └── tenant_visitor_floor_policy_migrate_org_id.sql # 数据迁移(business_id → org_id
└── docs/
└── 2026-05-01-org-policy-verify-manual.md # 详细操作手册
```
---
## 部署验证流程
### 第一步:DDL 上线(DBA 执行,仅一次)
在生产库 `cw-elevator-application` 执行:
```bash
mysql -h <生产MySQL主机> -P <端口> -u <用户> -p cw-elevator-application < sql/tenant_visitor_floor_policy_v2.sql
```
验证:
```sql
-- 确认 org_id 列已添加,uk_org_building 约束已创建
SELECT COLUMN_NAME, COLUMN_KEY, COLUMN_COMMENT
FROM INFORMATION_SCHEMA.COLUMNS
WHERE TABLE_SCHEMA = 'cw-elevator-application'
AND TABLE_NAME = 'tenant_visitor_floor_policy'
ORDER BY ORDINAL_POSITION;
```
### 第二步:数据迁移(DBA 执行,按公司逐行)
```sql
-- 1. 查看可用公司节点
SELECT o.ID, o.NAME
FROM component-organization.cw_is_organization o
WHERE o.BUSINESS_ID = '2524639890ba4f2cba9ba1a4eeaa4015'
AND o.IS_DEL = 0
ORDER BY o.NAME;
-- 2. 为广发基金迁移(示例)
UPDATE cw-elevator-application.tenant_visitor_floor_policy
SET org_id = '<广发基金 org_id>'
WHERE id = 'gf_vstr_policy_guangfa_fund_001x';
-- 3. 为其他公司新增策略(模板)
INSERT INTO cw-elevator-application.tenant_visitor_floor_policy
(id, org_id, business_id, policy_type, allow_zone_ids, building_id, enabled, policy_version, remark, created_at, updated_at)
VALUES
(REPLACE(UUID(),'-',''), '<公司 org_id>', NULL, 'INTERSECT_ALLOWLIST',
'["<zone_id>"]', NULL, 1, 1, '', UNIX_TIMESTAMP(NOW())*1000, UNIX_TIMESTAMP(NOW())*1000);
```
### 第三步:部署 V2 JAR(运维执行)
```bash
# 1. 停旧 V2
/path/to/stop.sh
# 2. 替换 JAR
cp cw-elevator-application-V1.0.0.20211103.jar /path/to/deploy/
# 3. 确认配置文件不变(application.properties / bootstrap.properties 沿用现有)
# 4. 启动
/path/to/start.sh
```
### 第四步:运行验证脚本
```bash
# 安装依赖
pip3 install requests pymysql
# 运行(根据生产环境修改 DB 地址和电梯 URL)
cd scripts/
python3 verify_org_policy_fix.py \
--elevator-base-url http://<生产V2地址>:<端口>
```
**注意:** 生产环境不需要桩服务——`ninca-common``ninca-common-component-organization` 服务在生产 Consul 或 Dubbo 中可用。脚本直接调用生产 V2V2 通过现有 Feign/Ribbon 链路访问真实组织服务。
---
## 验证用例清单
| ID | 场景 | 期望 |
|----|------|------|
| T1 | 公司有策略 allow=[28F] | passRule 返回仅 [28F] |
| T2 | 公司无策略 | passRule 返回 floorList 全集 |
| T3 | allow 含无效 zoneId | fail 76260533 |
| T4 | 被访人多组织,其一有策略 | 命中该策略 |
| T5 | enabled=0 | 等同无策略 |
| T6 | 调用方传 floorIds,但策略优先 | 策略 allow 覆盖调用方值 |
| T7 | 广发基金迁移后生效 | 仅 [28F] |
---
## 回滚方案
```sql
-- 回滚 DDL
ALTER TABLE tenant_visitor_floor_policy DROP INDEX uk_org_building;
ALTER TABLE tenant_visitor_floor_policy DROP COLUMN org_id;
ALTER TABLE tenant_visitor_floor_policy ADD UNIQUE KEY uk_biz_building (business_id, building_id);
```
部署旧 JAR 即可恢复原有行为。
Reference in New Issue View Git Blame Copy Permalink