chore: project finished

.trae/skills/access-plugin-dev/SKILL.md

@@ -0,0 +1,301 @@
+# Access 插件开发技能
+
+## 什么是 Access 插件
+
+Access 插件是 Certd 系统中用于存储用户第三方应用授权数据的插件，例如用户名密码、accessSecret 或 accessToken 等。同时，它还负责对接实现第三方的 API 接口，供其他插件调用使用。
+
+## 开发步骤
+
+### 1. 导入必要的依赖
+
+```typescript
+import { AccessInput, BaseAccess, IsAccess, Pager, PageRes, PageSearch } from '@certd/pipeline';
+import { DomainRecord } from '@certd/plugin-lib';
+```
+
+### 2. 使用 @IsAccess 注解注册插件
+
+```typescript
+@IsAccess({
+  name: 'demo', // 插件唯一标识
+  title: '授权插件示例', // 插件标题
+  icon: 'clarity:plugin-line', // 插件图标
+  desc: '这是一个示例授权插件，用于演示如何实现一个授权插件', // 插件描述
+})
+export class DemoAccess extends BaseAccess {
+  // 插件实现...
+}
+```
+
+### 3. 定义授权属性
+
+使用 `@AccessInput` 注解定义授权属性：
+
+```typescript
+@AccessInput({
+  title: '授权方式',
+  value: 'apiKey', // 默认值
+  component: {
+    name: "a-select", // 基于 antdv 的输入组件
+    vModel: "value", // v-model 绑定的属性名
+    options: [ // 组件参数
+      { label: "API密钥（推荐）", value: "apiKey" },
+      { label: "账号密码", value: "account" },
+    ],
+    placeholder: 'demoKeyId',
+  },
+  required: true,
+})
+apiType = '';
+
+@AccessInput({
+  title: '密钥Id',
+  component: {
+    name:"a-input",
+    allowClear: true,
+    placeholder: 'demoKeyId',
+  },
+  required: true,
+})
+demoKeyId = '';
+
+@AccessInput({
+  title: '密钥',//标题
+  required: true,  //text组件可以省略
+  encrypt: true, //该属性是否需要加密
+})
+demoKeySecret = '';
+```
+
+### 4. 实现测试方法
+
+```typescript
+@AccessInput({
+  title: "测试",
+  component: {
+    name: "api-test",
+    action: "TestRequest"
+  },
+  helper: "点击测试接口是否正常"
+})
+testRequest = true;
+
+/**
+ * 会通过上面的testRequest参数在ui界面上生成测试按钮，供用户测试接口调用是否正常
+ */
+async onTestRequest() {
+  await this.GetDomainList({});
+  return "ok"
+}
+```
+
+### 5. 实现 API 方法
+
+```typescript
+/**
+ * 获api接口示例 取域名列表，
+ */
+async GetDomainList(req: PageSearch): Promise<PageRes<DomainRecord>> {
+  //输出日志必须使用ctx.logger
+  this.ctx.logger.info(`获取域名列表，req:${JSON.stringify(req)}`);
+  const pager = new Pager(req);
+  const resp = await this.doRequest({
+    action: "ListDomains",
+    data: {
+      domain: req.searchKey,
+      offset: pager.getOffset(),
+      limit: pager.pageSize,
+    }
+  });
+  const total = resp?.TotalCount || 0;
+  let list = resp?.DomainList?.map((item) => {
+    item.domain = item.Domain;
+    item.id = item.DomainId;
+    return item;
+  })
+  return {
+    total,
+    list
+  };
+}
+
+/**
+ *  通用api调用方法, 具体如何构造请求体，需参考对应应用的API文档
+ */
+async doRequest(req: { action: string, data?: any }) {
+  /**
+      this.ctx中包含很多有用的工具类
+      type AccessContext = {
+        http: HttpClient;
+        logger: ILogger;
+        utils: typeof utils;
+        accessService: IAccessService;
+      }
+   */
+  const res = await this.ctx.http.request({
+    url: "https://api.demo.cn/api/",
+    method: "POST",
+    data: {
+      Action: req.action,
+      Body: req.data
+    }
+  });
+
+  if (res.Code !== 0) {
+    //异常处理 
+    throw new Error(res.Message || "请求失败");
+  }
+  return res.Resp;
+}
+```
+
+## 注意事项
+
+1. **插件命名**：插件名称应简洁明了，反映其功能。
+2. **属性加密**：对于敏感信息（如密钥），应设置 `encrypt: true`。
+3. **日志输出**：必须使用 `this.ctx.logger` 输出日志，而不是 `console`。
+4. **错误处理**：API 调用失败时应抛出明确的错误信息。
+5. **测试方法**：实现 `onTestRequest` 方法，以便用户可以测试授权是否正常。
+
+## 完整示例
+
+```typescript
+import { AccessInput, BaseAccess, IsAccess, Pager, PageRes, PageSearch } from '@certd/pipeline';
+import { DomainRecord } from '@certd/plugin-lib';
+
+/**
+ * 这个注解将注册一个授权配置
+ * 在certd的后台管理系统中，用户可以选择添加此类型的授权
+ */
+@IsAccess({
+  name: 'demo',
+  title: '授权插件示例',
+  icon: 'clarity:plugin-line', //插件图标
+  desc: '这是一个示例授权插件，用于演示如何实现一个授权插件',
+})
+export class DemoAccess extends BaseAccess {
+
+   /**
+   * 授权属性配置
+   */
+  @AccessInput({
+    title: '授权方式',
+    value: 'apiKey', //默认值
+    component: {
+      name: "a-select", //基于antdv的输入组件
+      vModel: "value", // v-model绑定的属性名
+      options: [ //组件参数
+        {
+          label: "API密钥（推荐）",
+          value: "apiKey"
+        },
+        {
+          label: "账号密码",
+          value: "account"
+        },
+      ],
+      placeholder: 'demoKeyId',
+    },
+    required: true,
+  })
+  apiType = '';
+
+  /**
+   * 授权属性配置
+   */
+  @AccessInput({
+    title: '密钥Id',
+    component: {
+      name:"a-input",
+      allowClear: true,
+      placeholder: 'demoKeyId',
+    },
+    required: true,
+  })
+  demoKeyId = '';
+
+  @AccessInput({
+    title: '密钥',//标题
+    required: true,  //text组件可以省略
+    encrypt: true, //该属性是否需要加密
+  })
+  demoKeySecret = '';
+
+
+  @AccessInput({
+    title: "测试",
+    component: {
+      name: "api-test",
+      action: "TestRequest"
+    },
+    helper: "点击测试接口是否正常"
+  })
+  testRequest = true;
+
+  /**
+   * 会通过上面的testRequest参数在ui界面上生成测试按钮，供用户测试接口调用是否正常
+   */
+  async onTestRequest() {
+    await this.GetDomainList({});
+    return "ok"
+  }
+
+  /**
+   * 获api接口示例 取域名列表，
+   */
+  async GetDomainList(req: PageSearch): Promise<PageRes<DomainRecord>> {
+    //输出日志必须使用ctx.logger
+    this.ctx.logger.info(`获取域名列表，req:${JSON.stringify(req)}`);
+    const pager = new Pager(req);
+    const resp = await this.doRequest({
+      action: "ListDomains",
+      data: {
+        domain: req.searchKey,
+        offset: pager.getOffset(),
+        limit: pager.pageSize,
+      }
+    });
+    const total = resp?.TotalCount || 0;
+    let list = resp?.DomainList?.map((item) => {
+      item.domain = item.Domain;
+      item.id = item.DomainId;
+      return item;
+    })
+    return {
+      total,
+      list
+    };
+  }
+
+  // 还可以继续编写API
+
+  /**
+   *  通用api调用方法, 具体如何构造请求体，需参考对应应用的API文档
+   */
+  async doRequest(req: { action: string, data?: any }) {
+    /**
+        this.ctx中包含很多有用的工具类
+        type AccessContext = {
+          http: HttpClient;
+          logger: ILogger;
+          utils: typeof utils;
+          accessService: IAccessService;
+        }
+     */
+    const res = await this.ctx.http.request({
+      url: "https://api.demo.cn/api/",
+      method: "POST",
+      data: {
+        Action: req.action,
+        Body: req.data
+      }
+    });
+
+    if (res.Code !== 0) {
+      //异常处理 
+      throw new Error(res.Message || "请求失败");
+    }
+    return res.Resp;
+  }
+}
+```

.trae/skills/access-plugin-dev/examples/input.md

@@ -0,0 +1 @@
+我需要开发一个 Access 插件，用于存储和管理第三方应用的授权信息。请指导我如何实现。

.trae/skills/access-plugin-dev/examples/output.md

@@ -0,0 +1,145 @@
+# Access 插件开发指南
+
+## 开发步骤
+
+### 1. 导入必要的依赖
+
+```typescript
+import { AccessInput, BaseAccess, IsAccess, Pager, PageRes, PageSearch } from '@certd/pipeline';
+import { DomainRecord } from '@certd/plugin-lib';
+```
+
+### 2. 使用 @IsAccess 注解注册插件
+
+```typescript
+@IsAccess({
+  name: 'demo', // 插件唯一标识
+  title: '授权插件示例', // 插件标题
+  icon: 'clarity:plugin-line', // 插件图标
+  desc: '这是一个示例授权插件，用于演示如何实现一个授权插件', // 插件描述
+})
+export class DemoAccess extends BaseAccess {
+  // 插件实现...
+}
+```
+
+### 3. 定义授权属性
+
+使用 `@AccessInput` 注解定义授权属性：
+
+```typescript
+@AccessInput({
+  title: '授权方式',
+  value: 'apiKey', // 默认值
+  component: {
+    name: "a-select", // 基于 antdv 的输入组件
+    vModel: "value", // v-model 绑定的属性名
+    options: [ // 组件参数
+      { label: "API密钥（推荐）", value: "apiKey" },
+      { label: "账号密码", value: "account" },
+    ],
+    placeholder: 'demoKeyId',
+  },
+  required: true,
+})
+apiType = '';
+
+@AccessInput({
+  title: '密钥Id',
+  component: {
+    name:"a-input",
+    allowClear: true,
+    placeholder: 'demoKeyId',
+  },
+  required: true,
+})
+demoKeyId = '';
+
+@AccessInput({
+  title: '密钥',//标题
+  required: true,  //text组件可以省略
+  encrypt: true, //该属性是否需要加密
+})
+demoKeySecret = '';
+```
+
+### 4. 实现测试方法
+
+```typescript
+@AccessInput({
+  title: "测试",
+  component: {
+    name: "api-test",
+    action: "TestRequest"
+  },
+  helper: "点击测试接口是否正常"
+})
+testRequest = true;
+
+/**
+ * 会通过上面的testRequest参数在ui界面上生成测试按钮，供用户测试接口调用是否正常
+ */
+async onTestRequest() {
+  await this.GetDomainList({});
+  return "ok"
+}
+```
+
+### 5. 实现 API 方法
+
+```typescript
+/**
+ * 获api接口示例 取域名列表，
+ */
+async GetDomainList(req: PageSearch): Promise<PageRes<DomainRecord>> {
+  //输出日志必须使用ctx.logger
+  this.ctx.logger.info(`获取域名列表，req:${JSON.stringify(req)}`);
+  const pager = new Pager(req);
+  const resp = await this.doRequest({
+    action: "ListDomains",
+    data: {
+      domain: req.searchKey,
+      offset: pager.getOffset(),
+      limit: pager.pageSize,
+    }
+  });
+  const total = resp?.TotalCount || 0;
+  let list = resp?.DomainList?.map((item) => {
+    item.domain = item.Domain;
+    item.id = item.DomainId;
+    return item;
+  })
+  return {
+    total,
+    list
+  };
+}
+
+/**
+ *  通用api调用方法, 具体如何构造请求体，需参考对应应用的API文档
+ */
+async doRequest(req: { action: string, data?: any }) {
+  const res = await this.ctx.http.request({
+    url: "https://api.demo.cn/api/",
+    method: "POST",
+    data: {
+      Action: req.action,
+      Body: req.data
+    }
+  });
+
+  if (res.Code !== 0) {
+    //异常处理 
+    throw new Error(res.Message || "请求失败");
+  }
+  return res.Resp;
+}
+```
+
+## 注意事项
+
+1. **插件命名**：插件名称应简洁明了，反映其功能。
+2. **属性加密**：对于敏感信息（如密钥），应设置 `encrypt: true`。
+3. **日志输出**：必须使用 `this.ctx.logger` 输出日志，而不是 `console`。
+4. **错误处理**：API 调用失败时应抛出明确的错误信息。
+5. **测试方法**：实现 `onTestRequest` 方法，以便用户可以测试授权是否正常。

.trae/skills/dns-provider-dev/SKILL.md

@@ -0,0 +1,212 @@
+# DNS Provider 插件开发技能
+
+## 什么是 DNS Provider 插件
+
+DNS Provider 插件是 Certd 系统中的 DNS 提供商插件，它用于在 ACME 申请证书时给域名添加 TXT 解析记录，以验证域名所有权。
+
+## 开发步骤
+
+### 1. 导入必要的依赖
+
+```typescript
+import { AbstractDnsProvider, CreateRecordOptions, IsDnsProvider, RemoveRecordOptions } from '@certd/plugin-cert';
+import { DemoAccess } from './access.js';
+import { isDev } from '../../utils/env.js';
+```
+
+### 2. 定义记录数据结构
+
+```typescript
+type DemoRecord = {
+  // 这里定义 Record 记录的数据结构，跟对应云平台接口返回值一样即可，一般是拿到 id 就行，用于删除 txt 解析记录，清理申请痕迹
+  // id:string
+};
+```
+
+### 3. 使用 @IsDnsProvider 注解注册插件
+
+```typescript
+// 这里通过 IsDnsProvider 注册一个 dnsProvider
+@IsDnsProvider({
+  name: 'demo', // 插件唯一标识
+  title: 'Dns提供商Demo', // 插件标题
+  desc: 'dns provider示例', // 插件描述
+  icon: 'clarity:plugin-line', // 插件图标
+  // 这里是对应的云平台的 access 类型名称
+  accessType: 'demo',
+  order: 99, // 排序
+})
+export class DemoDnsProvider extends AbstractDnsProvider<DemoRecord> {
+  access!: DemoAccess;
+
+  async onInstance() {
+    this.access = this.ctx.access as DemoAccess;
+    // 也可以通过 ctx 成员变量传递 context
+    this.logger.debug('access', this.access);
+    // 初始化的操作
+    // ...
+  }
+
+  // 插件实现...
+}
+```
+
+### 4. 实现 createRecord 方法
+
+```typescript
+/**
+ * 创建 dns 解析记录，用于验证域名所有权
+ */
+async createRecord(options: CreateRecordOptions): Promise<any> {
+  /**
+   * options 参数说明
+   * fullRecord: '_acme-challenge.example.com',
+   * value: 一串 uuid
+   * type: 'TXT',
+   * domain: 'example.com'
+   */
+  const { fullRecord, value, type, domain } = options;
+  this.logger.info('添加域名解析：', fullRecord, value, type, domain);
+
+  // 调用创建 dns 解析记录的对应的云端接口，创建 txt 类型的 dns 解析记录
+  // 请根据实际接口情况调用，例如：
+  // const createDnsRecordUrl = "xxx"
+  // const record = this.http.post(createDnsRecordUrl,{
+  //   // 授权参数
+  //   // 创建 dns 解析记录的参数
+  // })
+  // // 返回本次创建的 dns 解析记录，这个记录会在删除的时候用到
+  // return record
+}
+```
+
+### 5. 实现 removeRecord 方法
+
+```typescript
+/**
+ *  删除 dns 解析记录,清理申请痕迹
+ * @param options
+ */
+async removeRecord(options: RemoveRecordOptions<DemoRecord>): Promise<void> {
+  const { fullRecord, value, domain } = options.recordReq;
+  const record = options.recordRes;
+  this.logger.info('删除域名解析：', domain, fullRecord, value, record);
+  // 这里调用删除 txt dns 解析记录接口
+  // 请根据实际接口情况调用，例如：
+
+  // const deleteDnsRecordUrl = "xxx"
+  // const res = this.http.delete(deleteDnsRecordUrl,{
+  //   // 授权参数
+  //   // 删除 dns 解析记录的参数
+  // })
+
+
+  this.logger.info('删除域名解析成功:', fullRecord, value);
+}
+```
+
+### 6. 实例化插件
+
+```typescript
+// 实例化这个 provider，将其自动注册到系统中
+if (isDev()) {
+  // 你的实现 要去掉这个 if，不然生产环境将不会显示
+  new DemoDnsProvider();
+}
+```
+
+## 注意事项
+
+1. **插件命名**：插件名称应简洁明了，反映其功能。
+2. **accessType**：必须指定对应的云平台的 access 类型名称。
+3. **记录结构**：定义适合对应云平台的记录数据结构，至少包含 id 字段用于删除记录。
+4. **日志输出**：使用 `this.logger` 输出日志，而不是 `console`。
+5. **错误处理**：API 调用失败时应抛出明确的错误信息。
+6. **实例化**：生产环境中应移除 `if (isDev())` 条件，确保插件在生产环境中也能被注册。
+
+## 完整示例
+
+```typescript
+import { AbstractDnsProvider, CreateRecordOptions, IsDnsProvider, RemoveRecordOptions } from '@certd/plugin-cert';
+import { DemoAccess } from './access.js';
+import { isDev } from '../../utils/env.js';
+
+type DemoRecord = {
+  // 这里定义 Record 记录的数据结构，跟对应云平台接口返回值一样即可，一般是拿到 id 就行，用于删除 txt 解析记录，清理申请痕迹
+  // id:string
+};
+
+// 这里通过 IsDnsProvider 注册一个 dnsProvider
+@IsDnsProvider({
+  name: 'demo',
+  title: 'Dns提供商Demo',
+  desc: 'dns provider示例',
+  icon: 'clarity:plugin-line',
+  // 这里是对应的云平台的 access 类型名称
+  accessType: 'demo',
+  order: 99,
+})
+export class DemoDnsProvider extends AbstractDnsProvider<DemoRecord> {
+  access!: DemoAccess;
+
+  async onInstance() {
+    this.access = this.ctx.access as DemoAccess;
+    // 也可以通过 ctx 成员变量传递 context
+    this.logger.debug('access', this.access);
+    // 初始化的操作
+    // ...
+  }
+
+  /**
+   * 创建 dns 解析记录，用于验证域名所有权
+   */
+  async createRecord(options: CreateRecordOptions): Promise<any> {
+    /**
+     * options 参数说明
+     * fullRecord: '_acme-challenge.example.com',
+     * value: 一串 uuid
+     * type: 'TXT',
+     * domain: 'example.com'
+     */
+    const { fullRecord, value, type, domain } = options;
+    this.logger.info('添加域名解析：', fullRecord, value, type, domain);
+
+    // 调用创建 dns 解析记录的对应的云端接口，创建 txt 类型的 dns 解析记录
+    // 请根据实际接口情况调用，例如：
+    // const createDnsRecordUrl = "xxx"
+    // const record = this.http.post(createDnsRecordUrl,{
+    //   // 授权参数
+    //   // 创建 dns 解析记录的参数
+    // })
+    // // 返回本次创建的 dns 解析记录，这个记录会在删除的时候用到
+    // return record
+  }
+
+  /**
+   *  删除 dns 解析记录,清理申请痕迹
+   * @param options
+   */
+  async removeRecord(options: RemoveRecordOptions<DemoRecord>): Promise<void> {
+    const { fullRecord, value, domain } = options.recordReq;
+    const record = options.recordRes;
+    this.logger.info('删除域名解析：', domain, fullRecord, value, record);
+    // 这里调用删除 txt dns 解析记录接口
+    // 请根据实际接口情况调用，例如：
+
+    // const deleteDnsRecordUrl = "xxx"
+    // const res = this.http.delete(deleteDnsRecordUrl,{
+    //   // 授权参数
+    //   // 删除 dns 解析记录的参数
+    // })
+
+
+    this.logger.info('删除域名解析成功:', fullRecord, value);
+  }
+}
+
+// 实例化这个 provider，将其自动注册到系统中
+if (isDev()) {
+  // 你的实现 要去掉这个 if，不然生产环境将不会显示
+  new DemoDnsProvider();
+}
+```

.trae/skills/dns-provider-dev/examples/input.md

@@ -0,0 +1 @@
+我需要开发一个 DNS Provider 插件，用于在 ACME 申请证书时添加 TXT 解析记录。请指导我如何实现。

.trae/skills/dns-provider-dev/examples/output.md

@@ -0,0 +1,121 @@
+# DNS Provider 插件开发指南
+
+## 开发步骤
+
+### 1. 导入必要的依赖
+
+```typescript
+import { AbstractDnsProvider, CreateRecordOptions, IsDnsProvider, RemoveRecordOptions } from '@certd/plugin-cert';
+import { DemoAccess } from './access.js';
+import { isDev } from '../../utils/env.js';
+```
+
+### 2. 定义记录数据结构
+
+```typescript
+type DemoRecord = {
+  // 这里定义 Record 记录的数据结构，跟对应云平台接口返回值一样即可，一般是拿到 id 就行，用于删除 txt 解析记录，清理申请痕迹
+  // id:string
+};
+```
+
+### 3. 使用 @IsDnsProvider 注解注册插件
+
+```typescript
+// 这里通过 IsDnsProvider 注册一个 dnsProvider
+@IsDnsProvider({
+  name: 'demo', // 插件唯一标识
+  title: 'Dns提供商Demo', // 插件标题
+  desc: 'dns provider示例', // 插件描述
+  icon: 'clarity:plugin-line', // 插件图标
+  // 这里是对应的云平台的 access 类型名称
+  accessType: 'demo',
+  order: 99, // 排序
+})
+export class DemoDnsProvider extends AbstractDnsProvider<DemoRecord> {
+  access!: DemoAccess;
+
+  async onInstance() {
+    this.access = this.ctx.access as DemoAccess;
+    // 也可以通过 ctx 成员变量传递 context
+    this.logger.debug('access', this.access);
+    // 初始化的操作
+    // ...
+  }
+
+  // 插件实现...
+}
+```
+
+### 4. 实现 createRecord 方法
+
+```typescript
+/**
+ * 创建 dns 解析记录，用于验证域名所有权
+ */
+async createRecord(options: CreateRecordOptions): Promise<any> {
+  /**
+   * options 参数说明
+   * fullRecord: '_acme-challenge.example.com',
+   * value: 一串 uuid
+   * type: 'TXT',
+   * domain: 'example.com'
+   */
+  const { fullRecord, value, type, domain } = options;
+  this.logger.info('添加域名解析：', fullRecord, value, type, domain);
+
+  // 调用创建 dns 解析记录的对应的云端接口，创建 txt 类型的 dns 解析记录
+  // 请根据实际接口情况调用，例如：
+  // const createDnsRecordUrl = "xxx"
+  // const record = this.http.post(createDnsRecordUrl,{
+  //   // 授权参数
+  //   // 创建 dns 解析记录的参数
+  // })
+  // // 返回本次创建的 dns 解析记录，这个记录会在删除的时候用到
+  // return record
+}
+```
+
+### 5. 实现 removeRecord 方法
+
+```typescript
+/**
+ *  删除 dns 解析记录,清理申请痕迹
+ * @param options
+ */
+async removeRecord(options: RemoveRecordOptions<DemoRecord>): Promise<void> {
+  const { fullRecord, value, domain } = options.recordReq;
+  const record = options.recordRes;
+  this.logger.info('删除域名解析：', domain, fullRecord, value, record);
+  // 这里调用删除 txt dns 解析记录接口
+  // 请根据实际接口情况调用，例如：
+
+  // const deleteDnsRecordUrl = "xxx"
+  // const res = this.http.delete(deleteDnsRecordUrl,{
+  //   // 授权参数
+  //   // 删除 dns 解析记录的参数
+  // })
+
+
+  this.logger.info('删除域名解析成功:', fullRecord, value);
+}
+```
+
+### 6. 实例化插件
+
+```typescript
+// 实例化这个 provider，将其自动注册到系统中
+if (isDev()) {
+  // 你的实现 要去掉这个 if，不然生产环境将不会显示
+  new DemoDnsProvider();
+}
+```
+
+## 注意事项
+
+1. **插件命名**：插件名称应简洁明了，反映其功能。
+2. **accessType**：必须指定对应的云平台的 access 类型名称。
+3. **记录结构**：定义适合对应云平台的记录数据结构，至少包含 id 字段用于删除记录。
+4. **日志输出**：使用 `this.logger` 输出日志，而不是 `console`。
+5. **错误处理**：API 调用失败时应抛出明确的错误信息。
+6. **实例化**：生产环境中应移除 `if (isDev())` 条件，确保插件在生产环境中也能被注册。

.trae/skills/plugin-converter/SKILL.md

@@ -0,0 +1,201 @@
+# 插件转换工具技能
+
+## 什么是插件转换工具
+
+插件转换工具是一个用于将 Certd 插件转换为 YAML 配置文件的命令行工具。它可以分析单个插件文件，识别插件类型，并生成对应的 YAML 配置，方便插件的注册和管理。
+
+## 工具位置
+
+`trae/skills/convert-plugin-to-yaml.js`
+
+## 功能特性
+
+- **单个插件转换**：支持指定单个插件文件进行转换，而不是扫描整个目录
+- **自动类型识别**：自动识别插件类型（Access、Task、DNS Provider、Notification、Addon）
+- **详细日志输出**：提供详细的转换过程日志，便于调试
+- **YAML 配置生成**：生成标准的 YAML 配置文件
+- **配置文件保存**：自动将生成的配置保存到 `./metadata` 目录
+- **可复用函数**：导出了可复用的函数，便于其他模块调用
+
+## 使用方法
+
+### 基本用法
+
+```bash
+node trae/skills/convert-plugin-to-yaml.js <插件文件路径>
+```
+
+### 示例
+
+```bash
+# 转换 Access 插件
+node trae/skills/convert-plugin-to-yaml.js packages/ui/certd-server/src/plugins/plugin-demo/access.js
+
+# 转换 Task 插件
+node trae/skills/convert-plugin-to-yaml.js packages/ui/certd-server/src/plugins/plugin-demo/plugins/plugin-test.js
+
+# 转换 DNS Provider 插件
+node trae/skills/convert-plugin-to-yaml.js packages/ui/certd-server/src/plugins/plugin-demo/dns-provider.js
+```
+
+## 转换过程
+
+1. **加载插件模块**：使用 `import()` 动态加载指定的插件文件
+2. **分析插件定义**：检查模块导出的对象，寻找带有 `define` 属性的插件
+3. **识别插件类型**：根据插件的继承关系或属性识别插件类型
+4. **生成 YAML 配置**：基于插件定义生成标准的 YAML 配置
+5. **保存配置文件**：将生成的配置保存到 `./metadata` 目录
+
+## 输出说明
+
+### 命令行输出
+
+执行转换命令后，工具会输出以下信息：
+
+- 插件加载状态
+- 插件导出的对象列表
+- 插件类型识别结果
+- 生成的 YAML 配置内容
+- 配置文件保存路径
+
+### 配置文件命名规则
+
+生成的配置文件命名规则为：
+
+```
+<插件类型>[_<子类型>]_<插件名称>.yaml
+```
+
+例如：
+- `access_demo.yaml`（Access 插件）
+- `deploy_DemoTest.yaml`（Task 插件）
+- `dnsProvider_demo.yaml`（DNS Provider 插件）
+
+## 插件类型识别逻辑
+
+工具通过以下逻辑识别插件类型：
+
+1. **DNS Provider**：如果插件定义中包含 `accessType` 属性
+2. **Task**：如果插件继承自 `AbstractTaskPlugin`
+3. **Notification**：如果插件继承自 `BaseNotification`
+4. **Access**：如果插件继承自 `BaseAccess`
+5. **Addon**：如果插件继承自 `BaseAddon`
+
+## 注意事项
+
+1. **文件路径**：插件文件路径可以是相对路径或绝对路径
+2. **文件格式**：仅支持 `.js` 文件，不支持 `.ts` 文件（需要先编译）
+3. **依赖安装**：执行前确保已安装所有必要的依赖
+4. **配置目录**：如果 `./metadata` 目录不存在，工具会自动创建
+5. **错误处理**：如果插件加载失败或识别失败，工具会输出错误信息但不会终止执行
+
+## 代码结构
+
+### 主要函数
+
+1. **isPrototypeOf(value, cls)**：检查对象是否是指定类的原型
+2. **loadSingleModule(filePath)**：加载单个插件模块
+3. **convertSinglePlugin(pluginPath)**：分析单个插件并生成 YAML 配置
+4. **main()**：主函数，处理命令行参数并执行转换
+
+### 导出函数
+
+工具导出了以下函数，便于其他模块调用：
+
+```javascript
+export {
+  convertSinglePlugin,  // 转换单个插件
+  loadSingleModule,     // 加载单个模块
+  isPrototypeOf         // 检查原型关系
+};
+```
+
+## 应用场景
+
+1. **插件开发**：在开发新插件时，快速生成配置文件
+2. **插件调试**：查看插件的内部定义和配置
+3. **插件管理**：批量转换现有插件为标准配置格式
+4. **自动化构建**：集成到构建流程中，自动生成插件配置
+
+## 示例输出
+
+### 转换 Access 插件示例
+
+```bash
+$ node trae/skills/convert-plugin-to-yaml.js packages/ui/certd-server/src/plugins/plugin-demo/access.js
+开始转换插件: packages/ui/certd-server/src/plugins/plugin-demo/access.js
+插件模块导出了 1 个对象: DemoAccess
+处理插件: DemoAccess
+插件类型: access
+脚本路径: packages/ui/certd-server/src/plugins/plugin-demo/access.js
+
+生成的 YAML 配置:
+name: demo
+title: 授权插件示例
+desc: 这是一个示例授权插件，用于演示如何实现一个授权插件
+icon: clarity:plugin-line
+pluginType: access
+type: builtIn
+scriptFilePath: packages/ui/certd-server/src/plugins/plugin-demo/access.js
+
+YAML 配置已保存到: ./metadata/access_demo.yaml
+插件转换完成!
+```
+
+### 转换 Task 插件示例
+
+```bash
+$ node trae/skills/convert-plugin-to-yaml.js packages/ui/certd-server/src/plugins/plugin-demo/plugins/plugin-test.js
+开始转换插件: packages/ui/certd-server/src/plugins/plugin-demo/plugins/plugin-test.js
+插件模块导出了 1 个对象: DemoTest
+处理插件: DemoTest
+插件类型: deploy
+脚本路径: packages/ui/certd-server/src/plugins/plugin-demo/plugins/plugin-test.js
+
+生成的 YAML 配置:
+name: DemoTest
+title: Demo-测试插件
+desc: ""
+icon: clarity:plugin-line
+group: other
+default:
+  strategy:
+    runStrategy: SkipWhenSucceed
+pluginType: deploy
+type: builtIn
+scriptFilePath: packages/ui/certd-server/src/plugins/plugin-demo/plugins/plugin-test.js
+
+YAML 配置已保存到: ./metadata/deploy_DemoTest.yaml
+插件转换完成!
+```
+
+## 故障排除
+
+### 常见问题
+
+1. **模块加载失败**
+   - 原因：插件文件依赖未安装或路径错误
+   - 解决：确保已安装所有依赖，检查文件路径是否正确
+
+2. **插件类型识别失败**
+   - 原因：插件未正确继承基类或缺少必要的属性
+   - 解决：检查插件代码，确保正确继承对应的基类
+
+3. **YAML 配置生成失败**
+   - 原因：插件定义格式不正确
+   - 解决：检查插件的 `define` 属性格式是否正确
+
+4. **配置文件保存失败**
+   - 原因：权限不足或磁盘空间不足
+   - 解决：确保有足够的权限和磁盘空间
+
+### 调试建议
+
+- **查看详细日志**：工具会输出详细的转换过程日志，仔细查看日志信息
+- **检查插件代码**：确保插件代码符合 Certd 插件开发规范
+- **尝试简化插件**：如果转换失败，尝试创建一个最小化的插件示例进行测试
+- **检查依赖版本**：确保使用的依赖版本与 Certd 兼容
+
+## 总结
+
+插件转换工具是一个方便实用的工具，它可以帮助开发者快速生成插件的 YAML 配置文件，简化插件的注册和管理过程。通过命令行参数指定单个插件文件，工具会自动完成类型识别、配置生成和保存等操作，大大提高了插件开发和管理的效率。

.trae/skills/plugin-converter/examples/input.md

@@ -0,0 +1 @@
+我需要将一个插件转换为 YAML 配置文件。请指导我如何使用插件转换工具。

.trae/skills/plugin-converter/examples/output.md

@@ -0,0 +1,95 @@
+# 插件转换工具使用指南
+
+## 工具说明
+
+插件转换工具用于将单个 Certd 插件转换为 YAML 配置文件，方便插件的注册和管理。
+
+## 工具位置
+
+`.trae/skills/plugin-converter/resources/convert-plugin-to-yaml.js`
+
+## 使用方法
+
+### 基本用法
+
+```bash
+node .trae/skills/plugin-converter/resources/convert-plugin-to-yaml.js <插件文件路径>
+```
+
+### 示例
+
+#### 转换 Access 插件
+
+```bash
+node .trae/skills/plugin-converter/resources/convert-plugin-to-yaml.js packages/ui/certd-server/src/plugins/plugin-demo/access.js
+```
+
+#### 转换 Task 插件
+
+```bash
+node .trae/skills/plugin-converter/resources/convert-plugin-to-yaml.js packages/ui/certd-server/src/plugins/plugin-demo/plugins/plugin-test.js
+```
+
+#### 转换 DNS Provider 插件
+
+```bash
+node .trae/skills/plugin-converter/resources/convert-plugin-to-yaml.js packages/ui/certd-server/src/plugins/plugin-demo/dns-provider.js
+```
+
+## 转换过程
+
+1. **加载插件模块**：使用 `import()` 动态加载指定的插件文件
+2. **分析插件定义**：检查模块导出的对象，寻找带有 `define` 属性的插件
+3. **识别插件类型**：根据插件的继承关系或属性识别插件类型
+4. **生成 YAML 配置**：基于插件定义生成标准的 YAML 配置
+5. **保存配置文件**：将生成的配置保存到 `./metadata` 目录
+
+## 输出说明
+
+### 命令行输出
+
+执行转换命令后，工具会输出以下信息：
+
+- 插件加载状态
+- 插件导出的对象列表
+- 插件类型识别结果
+- 生成的 YAML 配置内容
+- 配置文件保存路径
+
+### 配置文件命名规则
+
+生成的配置文件命名规则为：
+
+```
+<插件类型>[_<子类型>]_<插件名称>.yaml
+```
+
+例如：
+- `access_demo.yaml`（Access 插件）
+- `deploy_DemoTest.yaml`（Task 插件）
+- `dnsProvider_demo.yaml`（DNS Provider 插件）
+
+## 示例输出
+
+### 转换 Access 插件示例
+
+```bash
+$ node .trae/skills/plugin-converter/resources/convert-plugin-to-yaml.js packages/ui/certd-server/src/plugins/plugin-demo/access.js
+开始转换插件: packages/ui/certd-server/src/plugins/plugin-demo/access.js
+插件模块导出了 1 个对象: DemoAccess
+处理插件: DemoAccess
+插件类型: access
+脚本路径: packages/ui/certd-server/src/plugins/plugin-demo/access.js
+
+生成的 YAML 配置:
+name: demo
+title: 授权插件示例
+desc: 这是一个示例授权插件，用于演示如何实现一个授权插件
+icon: clarity:plugin-line
+pluginType: access
+type: builtIn
+scriptFilePath: packages/ui/certd-server/src/plugins/plugin-demo/access.js
+
+YAML 配置已保存到: ./metadata/access_demo.yaml
+插件转换完成!
+```

.trae/skills/plugin-converter/resources/convert-plugin-to-yaml.js

@@ -0,0 +1,160 @@
+// 转换单个插件为 YAML 配置的技能脚本
+
+import path from "path";
+import fs from "fs";
+import { pathToFileURL } from "node:url";
+import * as yaml from "js-yaml";
+import { AbstractTaskPlugin, BaseAccess, BaseNotification} from "@certd/pipeline";
+import { BaseAddon} from "@certd/lib-server";
+
+/**
+ * 检查对象是否是指定类的原型
+ */
+function isPrototypeOf(value, cls) {
+  return cls.prototype.isPrototypeOf(value.prototype);
+}
+
+/**
+ * 加载单个插件模块
+ */
+async function loadSingleModule(filePath) {
+  try {
+    // 转换为 file:// URL（Windows 必需）
+    const moduleUrl = pathToFileURL(filePath).href;
+    const module = await import(moduleUrl);
+    return module.default || module;
+  } catch (err) {
+    console.error(`加载模块 ${filePath} 失败:`, err);
+    return null;
+  }
+}
+
+/**
+ * 分析单个插件并生成 YAML 配置
+ */
+async function convertSinglePlugin(pluginPath) {
+  console.log(`开始转换插件: ${pluginPath}`);
+  
+  // 加载插件模块
+  const module = await loadSingleModule(pluginPath);
+  if (!module) {
+    console.error("加载插件失败，退出");
+    return;
+  }
+  
+  // 处理模块中的所有导出
+  const entry = Object.entries(module);
+  if (entry.length === 0) {
+    console.error("插件模块没有导出任何内容");
+    return;
+  }
+  
+  console.log(`插件模块导出了 ${entry.length} 个对象: ${entry.map(([name]) => name).join(", ")}`);
+  
+  // 处理每个导出的对象
+  for (const [name, value] of entry) {
+    // 检查是否是插件（有 define 属性）
+    if (!value.define) {
+      console.log(`跳过非插件对象: ${name}`);
+      continue;
+    }
+    
+    console.log(`处理插件: ${name}`);
+    
+    // 构建插件定义
+    const pluginDefine = {
+      ...value.define
+    };
+    
+    let subType = "";
+    
+    // 确定插件类型
+    if (pluginDefine.accessType) {
+      pluginDefine.pluginType = "dnsProvider";
+    } else if (isPrototypeOf(value, AbstractTaskPlugin)) {
+      pluginDefine.pluginType = "deploy";
+    } else if (isPrototypeOf(value, BaseNotification)) {
+      pluginDefine.pluginType = "notification";
+    } else if (isPrototypeOf(value, BaseAccess)) {
+      pluginDefine.pluginType = "access";
+    } else if (isPrototypeOf(value, BaseAddon)) {
+      pluginDefine.pluginType = "addon";
+      subType = "_" + (pluginDefine.addonType || "");
+    } else {
+      console.log(`[warning] 未知的插件类型：${pluginDefine.name}`);
+      continue;
+    }
+    
+    pluginDefine.type = "builtIn";
+    
+    // 计算脚本文件路径
+    const relativePath = path.relative(process.cwd(), pluginPath);
+    const scriptFilePath = relativePath.replace(/\\/g, "/").replace(/\.js$/, ".js");
+    pluginDefine.scriptFilePath = scriptFilePath;
+    
+    console.log(`插件类型: ${pluginDefine.pluginType}`);
+    console.log(`脚本路径: ${scriptFilePath}`);
+    
+    // 生成 YAML 配置
+    const yamlContent = yaml.dump(pluginDefine);
+    console.log("\n生成的 YAML 配置:");
+    console.log(yamlContent);
+    
+    // 可选：保存到文件
+    const outputDir = "./metadata";
+    if (!fs.existsSync(outputDir)) {
+      fs.mkdirSync(outputDir, { recursive: true });
+    }
+    
+    const outputFileName = `${pluginDefine.pluginType}${subType}_${pluginDefine.name}.yaml`;
+    const outputPath = path.join(outputDir, outputFileName);
+    
+    fs.writeFileSync(outputPath, yamlContent, 'utf8');
+    console.log(`\nYAML 配置已保存到: ${outputPath}`);
+    
+    return pluginDefine;
+  }
+  
+  console.error("未找到有效的插件定义");
+}
+
+/**
+ * 主函数
+ */
+async function main() {
+  const args = process.argv.slice(2);
+  
+  if (args.length === 0) {
+    console.error("请指定插件文件路径");
+    console.log("用法: node convert-plugin-to-yaml.js <插件文件路径>");
+    process.exit(1);
+  }
+  
+  const pluginPath = args[0];
+  
+  if (!fs.existsSync(pluginPath)) {
+    console.error(`插件文件不存在: ${pluginPath}`);
+    process.exit(1);
+  }
+  
+  try {
+    await convertSinglePlugin(pluginPath);
+    console.log("\n插件转换完成!");
+  } catch (error) {
+    console.error("转换过程中出错:", error);
+    process.exit(1);
+  }
+}
+
+// 如果直接运行此脚本
+if (import.meta.url === pathToFileURL(process.argv[1]).href) {
+  main();
+}
+
+// 导出函数，以便其他模块使用
+export {
+  convertSinglePlugin,
+  loadSingleModule,
+  isPrototypeOf
+};
+

.trae/skills/task-plugin-dev/SKILL.md

@@ -0,0 +1,388 @@
+# Task 插件开发技能
+
+## 什么是 Task 插件
+
+Task 插件是 Certd 系统中的部署任务插件，它继承自 `AbstractTaskPlugin` 类，被流水线调用 `execute` 方法，将证书部署到对应的应用上。
+
+## 开发步骤
+
+### 1. 导入必要的依赖
+
+```typescript
+import { AbstractTaskPlugin, IsTaskPlugin, PageSearch, pluginGroups, RunStrategy, TaskInput } from '@certd/pipeline';
+import { CertInfo, CertReader } from '@certd/plugin-cert';
+import { createCertDomainGetterInputDefine, createRemoteSelectInputDefine } from '@certd/plugin-lib';
+import { optionsUtils } from '@certd/basic';
+import { CertApplyPluginNames} from '@certd/plugin-cert';
+```
+
+### 2. 使用 @IsTaskPlugin 注解注册插件
+
+```typescript
+@IsTaskPlugin({
+  // 命名规范，插件类型+功能，大写字母开头，驼峰命名
+  name: 'DemoTest',
+  title: 'Demo-测试插件', // 插件标题
+  icon: 'clarity:plugin-line', // 插件图标
+  // 插件分组
+  group: pluginGroups.other.key,
+  default: {
+    // 默认值配置照抄即可
+    strategy: {
+      runStrategy: RunStrategy.SkipWhenSucceed,
+    },
+  },
+})
+// 类名规范，跟上面插件名称（name）一致
+export class DemoTest extends AbstractTaskPlugin {
+  // 插件实现...
+}
+```
+
+### 3. 定义任务输入参数
+
+使用 `@TaskInput` 注解定义任务输入参数：
+
+```typescript
+// 测试参数
+@TaskInput({
+  title: '属性示例',
+  value: '默认值',
+  component: {
+    // 前端组件配置，具体配置见组件文档 https://www.antdv.com/components/input-cn
+    name: 'a-input',
+    vModel: 'value', // 双向绑定组件的 props 名称
+  },
+  helper: '帮助说明,[链接](https://certd.docmirror.cn)',
+  required: false, // 是否必填
+})
+text!: string;
+
+// 证书选择，此项必须要有
+@TaskInput({
+  title: '域名证书',
+  helper: '请选择前置任务输出的域名证书',
+  component: {
+    name: 'output-selector',
+    from: [...CertApplyPluginNames],
+  },
+  // required: true, // 必填
+})
+cert!: CertInfo;
+
+@TaskInput(createCertDomainGetterInputDefine({ props: { required: false } }))
+// 前端可以展示，当前申请的证书域名列表
+certDomains!: string[];
+
+// 授权选择框
+@TaskInput({
+  title: 'demo授权',
+  helper: 'demoAccess授权',
+  component: {
+    name: 'access-selector',
+    type: 'demo', // 固定授权类型
+  },
+  // rules: [{ required: true, message: '此项必填' }],
+  // required: true, // 必填
+})
+accessId!: string;
+```
+
+### 4. 实现插件方法
+
+#### 4.1 插件实例化时执行的方法
+
+```typescript
+// 插件实例化时执行的方法
+async onInstance() {}
+```
+
+#### 4.2 插件执行方法
+
+```typescript
+// 插件执行方法
+async execute(): Promise<void> {
+  const { select, text, cert, accessId } = this;
+
+  try {
+    const access = await this.getAccess(accessId);
+    this.logger.debug('access', access);
+  } catch (e) {
+    this.logger.error('获取授权失败', e);
+  }
+
+  try {
+    const certReader = new CertReader(cert);
+    this.logger.debug('certReader', certReader);
+  } catch (e) {
+    this.logger.error('读取crt失败', e);
+  }
+
+  this.logger.info('DemoTestPlugin execute');
+  this.logger.info('text:', text);
+  this.logger.info('select:', select);
+  this.logger.info('switch:', this.switch);
+  this.logger.info('授权id:', accessId);
+
+  // 具体的部署逻辑
+  // ...
+}
+```
+
+#### 4.3 后端获取选项方法
+
+```typescript
+@TaskInput(
+  createRemoteSelectInputDefine({
+    title: '从后端获取选项',
+    helper: '选择时可以从后端获取选项',
+    action: DemoTest.prototype.onGetSiteList.name,
+    // 当以下参数变化时，触发获取选项
+    watches: ['certDomains', 'accessId'],
+    required: true,
+  })
+)
+siteName!: string | string[];
+
+// 从后端获取选项的方法
+async onGetSiteList(req: PageSearch) {
+  if (!this.accessId) {
+    throw new Error('请选择Access授权');
+  }
+
+  // @ts-ignore
+  const access = await this.getAccess(this.accessId);
+
+  // const siteRes = await access.GetDomainList(req);
+  // 以下是模拟数据
+  const siteRes = [
+    { id: 1, siteName: 'site1.com' },
+    { id: 2, siteName: 'site2.com' },
+    { id: 3, siteName: 'site2.com' },
+  ];
+  // 转换为前端所需要的格式
+  const options = siteRes.map((item: any) => {
+    return {
+      value: item.siteName,
+      label: item.siteName,
+      domain: item.siteName,
+    };
+  });
+  // 将站点域名名称根据证书域名进行匹配分组，分成匹配的和不匹配的两组选项，返回给前端，供用户选择
+  return optionsUtils.buildGroupOptions(options, this.certDomains);
+}
+```
+
+## 注意事项
+
+1. **插件命名**：插件名称应遵循命名规范，大写字母开头，驼峰命名。
+2. **类名规范**：类名应与插件名称（name）一致。
+3. **证书选择**：必须包含证书选择参数，用于获取前置任务输出的域名证书。
+4. **日志输出**：使用 `this.logger` 输出日志，而不是 `console`。
+5. **错误处理**：执行过程中的错误应被捕获并记录。
+6. **授权获取**：使用 `this.getAccess(accessId)` 获取授权信息。
+
+## 完整示例
+
+```typescript
+import { AbstractTaskPlugin, IsTaskPlugin, PageSearch, pluginGroups, RunStrategy, TaskInput } from '@certd/pipeline';
+import { CertInfo, CertReader } from '@certd/plugin-cert';
+import { createCertDomainGetterInputDefine, createRemoteSelectInputDefine } from '@certd/plugin-lib';
+import { optionsUtils } from '@certd/basic';
+import { CertApplyPluginNames} from '@certd/plugin-cert';
+@IsTaskPlugin({
+  //命名规范，插件类型+功能（就是目录plugin-demo中的demo），大写字母开头，驼峰命名
+  name: 'DemoTest',
+  title: 'Demo-测试插件',
+  icon: 'clarity:plugin-line',
+  //插件分组
+  group: pluginGroups.other.key,
+  default: {
+    //默认值配置照抄即可
+    strategy: {
+      runStrategy: RunStrategy.SkipWhenSucceed,
+    },
+  },
+})
+//类名规范，跟上面插件名称（name）一致
+export class DemoTest extends AbstractTaskPlugin {
+  //测试参数
+  @TaskInput({
+    title: '属性示例',
+    value: '默认值',
+    component: {
+      //前端组件配置，具体配置见组件文档 https://www.antdv.com/components/input-cn
+      name: 'a-input',
+      vModel: 'value', //双向绑定组件的props名称
+    },
+    helper: '帮助说明,[链接](https://certd.docmirror.cn)',
+    required: false, //是否必填
+  })
+  text!: string;
+
+  //测试参数
+  @TaskInput({
+    title: '选择框',
+    component: {
+      //前端组件配置，具体配置见组件文档 https://www.antdv.com/components/select-cn
+      name: 'a-auto-complete',
+      vModel: 'value',
+      options: [
+        //选项列表
+        { label: '动态显', value: 'show' },
+        { label: '动态隐', value: 'hide' },
+      ],
+    },
+  })
+  select!: string;
+
+  @TaskInput({
+    title: '动态显隐',
+    helper: '我会根据选择框的值进行显隐',
+    show: true, //动态计算的值会覆盖它
+    //动态计算脚本， mergeScript返回的对象会合并当前配置，此处演示 show的值会被动态计算结果覆盖，show的值根据用户选择的select的值决定
+    mergeScript: `
+    return {
+      show: ctx.compute(({form})=>{
+        return form.select === 'show';
+      })
+    }
+    `,
+  })
+  showText!: string;
+
+  //测试参数
+  @TaskInput({
+    title: '多选框',
+    component: {
+      //前端组件配置，具体配置见组件文档 https://www.antdv.com/components/select-cn
+      name: 'a-select',
+      vModel: 'value',
+      mode: 'tags',
+      multiple: true,
+      options: [
+        { value: '1', label: '选项1' },
+        { value: '2', label: '选项2' },
+      ],
+    },
+  })
+  multiSelect!: string;
+
+  //测试参数
+  @TaskInput({
+    title: 'switch',
+    component: {
+      //前端组件配置，具体配置见组件文档 https://www.antdv.com/components/switch-cn
+      name: 'a-switch',
+      vModel: 'checked',
+    },
+  })
+  switch!: boolean;
+  //证书选择，此项必须要有
+  @TaskInput({
+    title: '域名证书',
+    helper: '请选择前置任务输出的域名证书',
+    component: {
+      name: 'output-selector',
+      from: [...CertApplyPluginNames],
+    },
+    // required: true, // 必填
+  })
+  cert!: CertInfo;
+
+  @TaskInput(createCertDomainGetterInputDefine({ props: { required: false } }))
+  //前端可以展示，当前申请的证书域名列表
+  certDomains!: string[];
+
+  //授权选择框
+  @TaskInput({
+    title: 'demo授权',
+    helper: 'demoAccess授权',
+    component: {
+      name: 'access-selector',
+      type: 'demo', //固定授权类型
+    },
+    // rules: [{ required: true, message: '此项必填' }],
+    // required: true, //必填
+  })
+  accessId!: string;
+
+  @TaskInput(
+    createRemoteSelectInputDefine({
+      title: '从后端获取选项',
+      helper: '选择时可以从后端获取选项',
+      action: DemoTest.prototype.onGetSiteList.name,
+      //当以下参数变化时，触发获取选项
+      watches: ['certDomains', 'accessId'],
+      required: true,
+    })
+  )
+  siteName!: string | string[];
+
+  //插件实例化时执行的方法
+  async onInstance() {}
+
+  //插件执行方法
+  async execute(): Promise<void> {
+    const { select, text, cert, accessId } = this;
+
+    try {
+      const access = await this.getAccess(accessId);
+      this.logger.debug('access', access);
+    } catch (e) {
+      this.logger.error('获取授权失败', e);
+    }
+
+    try {
+      const certReader = new CertReader(cert);
+      this.logger.debug('certReader', certReader);
+    } catch (e) {
+      this.logger.error('读取crt失败', e);
+    }
+
+    this.logger.info('DemoTestPlugin execute');
+    this.logger.info('text:', text);
+    this.logger.info('select:', select);
+    this.logger.info('switch:', this.switch);
+    this.logger.info('授权id:', accessId);
+
+    // const res = await this.http.request({
+    //   url: 'https://api.demo.com',
+    //   method: 'GET',
+    // });
+    // if (res.code !== 0) {
+    //   //检查res是否报错,你需要抛异常，来结束插件执行，否则会判定为执行成功，下次执行时会跳过本任务
+    //   throw new Error(res.message);
+    // }
+    // this.logger.info('部署成功:', res);
+  }
+
+  //此方法演示，如何让前端在添加插件时可以从后端获取选项，这里是后端返回选项的方法
+  async onGetSiteList(req: PageSearch) {
+    if (!this.accessId) {
+      throw new Error('请选择Access授权');
+    }
+
+    // @ts-ignore
+    const access = await this.getAccess(this.accessId);
+
+    // const siteRes = await access.GetDomainList(req);
+    //以下是模拟数据
+    const siteRes = [
+      { id: 1, siteName: 'site1.com' },
+      { id: 2, siteName: 'site2.com' },
+      { id: 3, siteName: 'site2.com' },
+    ];
+    //转换为前端所需要的格式
+    const options = siteRes.map((item: any) => {
+      return {
+        value: item.siteName,
+        label: item.siteName,
+        domain: item.siteName,
+      };
+    });
+    //将站点域名名称根据证书域名进行匹配分组，分成匹配的和不匹配的两组选项，返回给前端，供用户选择
+    return optionsUtils.buildGroupOptions(options, this.certDomains);
+  }
+}
+```

.trae/skills/task-plugin-dev/examples/input.md

@@ -0,0 +1 @@
+我需要开发一个 Task 插件，用于将申请的证书部署到指定的应用系统中。请指导我如何实现。

.trae/skills/task-plugin-dev/examples/output.md

@@ -0,0 +1,129 @@
+# Task 插件开发指南
+
+## 开发步骤
+
+### 1. 导入必要的依赖
+
+```typescript
+import { AbstractTaskPlugin, IsTaskPlugin, PageSearch, pluginGroups, RunStrategy, TaskInput } from '@certd/pipeline';
+import { CertInfo, CertReader } from '@certd/plugin-cert';
+import { createCertDomainGetterInputDefine, createRemoteSelectInputDefine } from '@certd/plugin-lib';
+import { optionsUtils } from '@certd/basic';
+import { CertApplyPluginNames} from '@certd/plugin-cert';
+```
+
+### 2. 使用 @IsTaskPlugin 注解注册插件
+
+```typescript
+@IsTaskPlugin({
+  // 命名规范，插件类型+功能，大写字母开头，驼峰命名
+  name: 'DemoTest',
+  title: 'Demo-测试插件', // 插件标题
+  icon: 'clarity:plugin-line', // 插件图标
+  // 插件分组
+  group: pluginGroups.other.key,
+  default: {
+    // 默认值配置照抄即可
+    strategy: {
+      runStrategy: RunStrategy.SkipWhenSucceed,
+    },
+  },
+})
+// 类名规范，跟上面插件名称（name）一致
+export class DemoTest extends AbstractTaskPlugin {
+  // 插件实现...
+}
+```
+
+### 3. 定义任务输入参数
+
+使用 `@TaskInput` 注解定义任务输入参数：
+
+```typescript
+// 测试参数
+@TaskInput({
+  title: '属性示例',
+  value: '默认值',
+  component: {
+    //前端组件配置，具体配置见组件文档 https://www.antdv.com/components/input-cn
+    name: 'a-input',
+    vModel: 'value', //双向绑定组件的props名称
+  },
+  helper: '帮助说明,[链接](https://certd.docmirror.cn)',
+  required: false, //是否必填
+})
+text!: string;
+
+//证书选择，此项必须要有
+@TaskInput({
+  title: '域名证书',
+  helper: '请选择前置任务输出的域名证书',
+  component: {
+    name: 'output-selector',
+    from: [...CertApplyPluginNames],
+  },
+  // required: true, // 必填
+})
+cert!: CertInfo;
+
+@TaskInput(createCertDomainGetterInputDefine({ props: { required: false } }))
+//前端可以展示，当前申请的证书域名列表
+certDomains!: string[];
+
+//授权选择框
+@TaskInput({
+  title: 'demo授权',
+  helper: 'demoAccess授权',
+  component: {
+    name: 'access-selector',
+    type: 'demo', //固定授权类型
+  },
+  // rules: [{ required: true, message: '此项必填' }],
+  // required: true, //必填
+})
+accessId!: string;
+```
+
+### 4. 实现插件方法
+
+```typescript
+//插件实例化时执行的方法
+async onInstance() {}
+
+//插件执行方法
+async execute(): Promise<void> {
+  const { select, text, cert, accessId } = this;
+
+  try {
+    const access = await this.getAccess(accessId);
+    this.logger.debug('access', access);
+  } catch (e) {
+    this.logger.error('获取授权失败', e);
+  }
+
+  try {
+    const certReader = new CertReader(cert);
+    this.logger.debug('certReader', certReader);
+  } catch (e) {
+    this.logger.error('读取crt失败', e);
+  }
+
+  this.logger.info('DemoTestPlugin execute');
+  this.logger.info('text:', text);
+  this.logger.info('select:', select);
+  this.logger.info('switch:', this.switch);
+  this.logger.info('授权id:', accessId);
+
+  // 具体的部署逻辑
+  // ...
+}
+```
+
+## 注意事项
+
+1. **插件命名**：插件名称应遵循命名规范，大写字母开头，驼峰命名。
+2. **类名规范**：类名应与插件名称（name）一致。
+3. **证书选择**：必须包含证书选择参数，用于获取前置任务输出的域名证书。
+4. **日志输出**：使用 `this.logger` 输出日志，而不是 `console`。
+5. **错误处理**：执行过程中的错误应被捕获并记录。
+6. **授权获取**：使用 `this.getAccess(accessId)` 获取授权信息。

docs/guide/changelogs/CHANGELOG.md

@@ -3,6 +3,12 @@
 All notable changes to this project will be documented in this file.
 See [Conventional Commits](https://conventionalcommits.org) for commit guidelines.
 
+## [1.38.12](https://github.com/certd/certd/compare/v1.38.11...v1.38.12) (2026-02-18)
+
+### Bug Fixes
+
+* 修复获取群辉deviceid报错的bug ([39d3bf9](https://github.com/certd/certd/commit/39d3bf97d1935918bac575da9d0726310c83c19d))
+
 ## [1.38.11](https://github.com/certd/certd/compare/v1.38.10...v1.38.11) (2026-02-16)
 
 ### Bug Fixes

package.json

@@ -15,25 +15,25 @@
   },
   "scripts": {
     "start": "lerna bootstrap --hoist",
-    "start:server": "cd ./packages/ui/certd-server && npm start",
+    "start:server": "cd ./packages/ui/certd-server && pnpm start",
     "devb": "lerna run dev-build",
     "i-all": "lerna link && lerna exec npm install  ",
-    "publish": "npm run prepublishOnly2  && lerna publish --force-publish=pro/plus-core --conventional-commits && npm run afterpublishOnly ",
-    "afterpublishOnly": "npm run copylogs && time /t >trigger/build.trigger && git add ./trigger/build.trigger && git commit -m \"build: trigger build image\" && TIMEOUT /T 10 && npm run commitAll",
+    "publish": "pnpm run prepublishOnly2  && lerna publish --force-publish=pro/plus-core --conventional-commits && pnpm run afterpublishOnly ",
+    "afterpublishOnly": "pnpm run copylogs && time /t >trigger/build.trigger && git add ./trigger/build.trigger && git commit -m \"build: trigger build image\" && TIMEOUT /T 10 && pnpm run commitAll",
     "transform-sql": "cd ./packages/ui/certd-server/db/ && node --experimental-json-modules transform.js",
-    "plugin-doc-gen": "cd ./packages/ui/certd-server/ && npm run export-metadata",
-    "commitAll": "git add . && git commit -m \"build: publish\" && git push && npm run commitPro",
+    "plugin-doc-gen": "cd ./packages/ui/certd-server/ && pnpm run export-metadata",
+    "commitAll": "git add . && git commit -m \"build: publish\" && git push && pnpm run commitPro",
     "commitPro": "cd ./packages/pro/ && git add . && git commit -m \"build: publish\" && git push",
     "copylogs": "copyfiles \"CHANGELOG.md\"  ./docs/guide/changelogs/",
-    "prepublishOnly1": "npm run check && lerna run build ",
-    "prepublishOnly2": "npm run check && npm run before-build && lerna run build && npm run plugin-doc-gen",
-    "before-build": "npm run transform-sql && cd ./packages/core/basic && time /t >build.md && git add ./build.md && git commit -m \"build: prepare to build\"",
+    "prepublishOnly1": "pnpm run check && lerna run build ",
+    "prepublishOnly2": "pnpm run check && pnpm run before-build && lerna run build && pnpm run plugin-doc-gen",
+    "before-build": "pnpm run transform-sql && cd ./packages/core/basic && time /t >build.md && git add ./build.md && git commit -m \"build: prepare to build\"",
     "deploy1": "node --experimental-json-modules ./scripts/deploy.js ",
     "check": "node --experimental-json-modules ./scripts/publish-check.js",
     "init": "lerna run build",
     "init:dev": "lerna run build",
     "docs:dev": "vitepress dev docs",
-    "docs:build": "npm run copylogs && vitepress build docs",
+    "docs:build": "pnpm run copylogs && vitepress build docs",
     "docs:preview": "vitepress preview docs",
     "pub": "echo 1",
     "dev": "pnpm run -r --parallel  compile ",

packages/core/acme-client/package.json

@@ -70,5 +70,5 @@
     "bugs": {
         "url": "https://github.com/publishlab/node-acme-client/issues"
     },
-    "gitHead": "1f002159e2a3c73fb5e00341a344effa07d6f653"
+    "gitHead": "49457505cdf8156fd9d936b8e9ace0b48e43a6b2"
 }

packages/core/basic/package.json

@@ -47,5 +47,5 @@
     "tslib": "^2.8.1",
     "typescript": "^5.4.2"
   },
-  "gitHead": "1f002159e2a3c73fb5e00341a344effa07d6f653"
+  "gitHead": "49457505cdf8156fd9d936b8e9ace0b48e43a6b2"
 }

packages/core/basic/src/utils/util.request.ts

@@ -323,6 +323,7 @@ export function createAgent(opts: CreateAgentOptions = {}) {
     {
       autoSelectFamily: true,
       autoSelectFamilyAttemptTimeout: 1000,
+      connectTimeout: 5000, // 连接建立超时
     },
     opts
   );

packages/core/pipeline/package.json

@@ -45,5 +45,5 @@
     "tslib": "^2.8.1",
     "typescript": "^5.4.2"
   },
-  "gitHead": "1f002159e2a3c73fb5e00341a344effa07d6f653"
+  "gitHead": "49457505cdf8156fd9d936b8e9ace0b48e43a6b2"
 }

packages/core/pipeline/src/plugin/api.ts

@@ -123,6 +123,9 @@ export type TaskInstanceContext = {
   //用户信息
   user: UserInfo;
 
+  //项目id
+  projectId?: number;
+
   emitter: TaskEmitter;
 
   //service 容器

packages/libs/lib-huawei/package.json

@@ -24,5 +24,5 @@
     "prettier": "^2.8.8",
     "tslib": "^2.8.1"
   },
-  "gitHead": "1f002159e2a3c73fb5e00341a344effa07d6f653"
+  "gitHead": "49457505cdf8156fd9d936b8e9ace0b48e43a6b2"
 }

packages/libs/lib-iframe/package.json

@@ -31,5 +31,5 @@
     "tslib": "^2.8.1",
     "typescript": "^5.4.2"
   },
-  "gitHead": "1f002159e2a3c73fb5e00341a344effa07d6f653"
+  "gitHead": "49457505cdf8156fd9d936b8e9ace0b48e43a6b2"
 }

packages/libs/lib-jdcloud/package.json

@@ -56,5 +56,5 @@
       "fetch"
     ]
   },
-  "gitHead": "1f002159e2a3c73fb5e00341a344effa07d6f653"
+  "gitHead": "49457505cdf8156fd9d936b8e9ace0b48e43a6b2"
 }

packages/libs/lib-k8s/package.json

@@ -32,5 +32,5 @@
     "tslib": "^2.8.1",
     "typescript": "^5.4.2"
   },
-  "gitHead": "1f002159e2a3c73fb5e00341a344effa07d6f653"
+  "gitHead": "49457505cdf8156fd9d936b8e9ace0b48e43a6b2"
 }

packages/libs/lib-server/package.json

@@ -64,5 +64,5 @@
     "typeorm": "^0.3.11",
     "typescript": "^5.4.2"
   },
-  "gitHead": "1f002159e2a3c73fb5e00341a344effa07d6f653"
+  "gitHead": "49457505cdf8156fd9d936b8e9ace0b48e43a6b2"
 }

packages/libs/lib-server/src/basic/base-controller.ts

@@ -1,11 +1,17 @@
-import { Inject } from '@midwayjs/core';
+import { ApplicationContext, Inject } from '@midwayjs/core';
+import type {IMidwayContainer} from  '@midwayjs/core';
 import * as koa from '@midwayjs/koa';
 import { Constants } from './constants.js';
+import { isEnterprise } from './mode.js';
+
 
 export abstract class BaseController {
   @Inject()
   ctx: koa.Context;
 
+  @ApplicationContext()
+  applicationContext: IMidwayContainer;
+
   /**
    * 成功返回
    * @param data 返回数据
@@ -28,7 +34,7 @@ export abstract class BaseController {
   fail(msg: string, code?: any) {
     return {
       code: code ? code : Constants.res.error.code,
-      msg: msg ? msg : Constants.res.error.code,
+      message: msg ? msg : Constants.res.error.code,
     };
   }
 
@@ -55,4 +61,67 @@ export abstract class BaseController {
     }
   }
 
+  async getProjectId(permission:string) {
+    if (!isEnterprise()) {
+      return null
+    }
+    let projectIdStr = this.ctx.headers["project-id"] as string;
+    if (!projectIdStr){
+      projectIdStr = this.ctx.request.query["projectId"] as string;
+    }
+    if (!projectIdStr) {
+      //这里必须抛异常，否则可能会有权限问题
+      throw new Error("projectId 不能为空")
+    }
+    const userId = this.getUserId()
+    const projectId = parseInt(projectIdStr)
+    await this.checkProjectPermission(userId, projectId,permission)
+    return projectId;
+  }
+
+  async getProjectUserId(permission:string){
+    let userId = this.getUserId()
+    const projectId = await this.getProjectId(permission)
+    if(projectId){
+      userId = 0
+    }
+    return {
+      projectId,userId
+    }
+  }
+  async getProjectUserIdRead(){
+    return await this.getProjectUserId("read")
+  }
+  async getProjectUserIdWrite(){
+    return await this.getProjectUserId("write")
+  }
+  async getProjectUserIdAdmin(){
+    return await this.getProjectUserId("admin")
+  }
+
+  async checkProjectPermission(userId: number, projectId: number,permission:string) {
+    const projectService:any = await this.applicationContext.getAsync("projectService");
+    await projectService.checkPermission({userId,projectId,permission})
+  }
+
+  /**
+   * 
+   * @param service 检查记录是否属于某用户或某项目
+   * @param id 
+   */
+  async checkOwner(service:any,id:number,permission:string,allowAdmin:boolean = false){
+    let { projectId,userId } = await this.getProjectUserId(permission)
+    const authService:any = await this.applicationContext.getAsync("authService");
+    if (projectId) {
+      await authService.checkProjectId(service, id, projectId);
+    }else{
+      if(allowAdmin){
+        await authService.checkUserIdButAllowAdmin(this.ctx, service, id);
+      }else{
+        await authService.checkUserId(this.ctx, service, id);
+      }
+    }
+    return {projectId,userId}
+  }
+
 }

packages/libs/lib-server/src/basic/base-service.ts

@@ -206,30 +206,41 @@ export abstract class BaseService<T> {
     return await qb.getMany();
   }
 
-  async checkUserId(id: any = 0, userId: number, userKey = 'userId') {
-    const res = await this.getRepository().findOne({
+  async checkUserId(ids: number | number[] = 0, userId: number, userKey = 'userId') {
+    if (ids == null) {
+      throw new ValidateException('id不能为空');
+    }
+    if (userId == null) {
+      throw new ValidateException('userId不能为空');
+    }
+    if (!Array.isArray(ids)) {
+      ids = [ids];
+    }
+    const res = await this.getRepository().find({
       // eslint-disable-next-line @typescript-eslint/ban-ts-comment
       // @ts-ignore
       select: { [userKey]: true },
       where: {
         // eslint-disable-next-line @typescript-eslint/ban-ts-comment
         // @ts-ignore
-        id,
+        id: In(ids),
+        [userKey]: userId,
       },
     });
-    if (!res || res[userKey] === userId) {
+    if (!res || res.length === ids.length) {
       return;
     }
     throw new PermissionException('权限不足');
   }
 
-  async batchDelete(ids: number[], userId: number) {
-    if(userId >0){
+  async batchDelete(ids: number[], userId: number,projectId?:number) {
+    if(userId!=null){
       const list = await this.getRepository().find({
         where: {
           // @ts-ignore
           id: In(ids),
           userId,
+          projectId,
         },
       })
       // @ts-ignore
@@ -242,4 +253,19 @@ export abstract class BaseService<T> {
   async findOne(options: FindOneOptions<T>) {
     return await this.getRepository().findOne(options);
   }
+
 }
+
+export function checkUserProjectParam(userId: number, projectId: number) {
+  if (projectId != null ){
+    if( userId !==0) {
+      throw new ValidateException('userId projectId 错误');
+    }
+    return true
+  }else{
+    if( userId > 0) {
+      return true
+    }
+     throw new ValidateException('userId不能为空');
+  }
+}

packages/libs/lib-server/src/basic/exception/base-exception.ts

@@ -4,7 +4,7 @@
 export class BaseException extends Error {
   code: number;
   data?:any
-  constructor(name, code, message,data?:any) {
+  constructor(name: string, code: number, message: string ,data?:any) {
     super(message);
     this.name = name;
     this.code = code;

packages/libs/lib-server/src/basic/index.ts

@@ -5,3 +5,4 @@ export * from './enum-item.js';
 export * from './exception/index.js';
 export * from './result.js';
 export * from './base-service.js';
+export * from "./mode.js"

packages/libs/lib-server/src/basic/mode.ts

@@ -0,0 +1,12 @@
+let adminMode = "saas"
+
+export function setAdminMode(mode:string = "saas"){
+  adminMode = mode
+}
+export function getAdminMode(){
+  return adminMode
+}
+
+export function isEnterprise(){
+  return adminMode === "enterprise"
+}

packages/libs/lib-server/src/basic/result.ts

@@ -1,19 +1,19 @@
 export class Result<T> {
   code: number;
-  msg: string;
+  message: string;
   data: T;
 
-  constructor(code, msg, data?) {
+  constructor(code, message, data?) {
     this.code = code;
-    this.msg = msg;
+    this.message = message;
     this.data = data;
   }
 
-  static error(code = 1, msg, data?: any) {
-    return new Result(code, msg, data);
+  static error(code = 1, message, data?: any) {
+    return new Result(code, message, data);
   }
 
-  static success(msg, data?) {
-    return new Result(0, msg, data);
+  static success(message, data?) {
+    return new Result(0, message, data);
   }
 }

packages/libs/lib-server/src/system/settings/service/models.ts

@@ -65,6 +65,8 @@ export class SysPublicSettings extends BaseSettings {
   }> = {};
 
   notice?: string;
+
+  adminMode?: "enterprise" | "saas" = "saas";
 }
 
 export class SysPrivateSettings extends BaseSettings {

packages/libs/lib-server/src/system/settings/service/sys-settings-service.ts

@@ -7,9 +7,10 @@ import { BaseSettings, SysInstallInfo, SysPrivateSettings, SysPublicSettings, Sy
 import { getAllSslProviderDomains, setSslProviderReverseProxies } from '@certd/acme-client';
 import { cache, logger, mergeUtils, setGlobalProxy } from '@certd/basic';
 import * as dns from 'node:dns';
-import { BaseService } from '../../../basic/index.js';
+import { BaseService, setAdminMode } from '../../../basic/index.js';
 import { executorQueue } from '../../basic/service/executor-queue.js';
-const {merge} = mergeUtils;
+import { isComm } from '@certd/plus-core';
+const { merge } = mergeUtils;
 /**
  * 设置
  */
@@ -116,7 +117,15 @@ export class SysSettingsService extends BaseService<SysSettingsEntity> {
   }
 
   async savePublicSettings(bean: SysPublicSettings) {
+    if(isComm()){
+      if(bean.adminMode === 'enterprise'){
+        throw new Error("商业版不支持使用企业管理模式")
+      }
+    }
+    
     await this.saveSetting(bean);
+    //让设置生效
+    await this.reloadPublicSettings();
   }
 
   async getPrivateSettings(): Promise<SysPrivateSettings> {
@@ -137,23 +146,33 @@ export class SysSettingsService extends BaseService<SysSettingsEntity> {
     await this.reloadPrivateSettings();
   }
 
+  async reloadSettings() {
+    await this.reloadPrivateSettings()
+    await this.reloadPublicSettings()
+  }
+
+  async reloadPublicSettings() {
+    const publicSetting = await this.getPublicSettings()
+    setAdminMode(publicSetting.adminMode)
+  }
+
   async reloadPrivateSettings() {
-    const bean = await this.getPrivateSettings();
+    const privateSetting = await this.getPrivateSettings();
     const opts = {
-      httpProxy: bean.httpProxy,
-      httpsProxy: bean.httpsProxy,
+      httpProxy: privateSetting.httpProxy,
+      httpsProxy: privateSetting.httpsProxy,
     };
     setGlobalProxy(opts);
 
-    if (bean.dnsResultOrder) {
-      dns.setDefaultResultOrder(bean.dnsResultOrder as any);
+    if (privateSetting.dnsResultOrder) {
+      dns.setDefaultResultOrder(privateSetting.dnsResultOrder as any);
     }
 
-    if (bean.pipelineMaxRunningCount){
-      executorQueue.setMaxRunningCount(bean.pipelineMaxRunningCount);
+    if (privateSetting.pipelineMaxRunningCount) {
+      executorQueue.setMaxRunningCount(privateSetting.pipelineMaxRunningCount);
     }
 
-    setSslProviderReverseProxies(bean.reverseProxies);
+    setSslProviderReverseProxies(privateSetting.reverseProxies);
   }
 
   async updateByKey(key: string, setting: any) {

packages/libs/lib-server/src/user/access/entity/access.ts

@@ -21,6 +21,12 @@ export class AccessEntity {
   @Column({ name: 'encrypt_setting', comment: '已加密设置', length: 10240, nullable: true })
   encryptSetting: string;
 
+  @Column({ name: 'project_id', comment: '项目id' })
+  projectId: number;
+
+  @Column({ comment: '权限等级', length: 100 })
+  level: string; // user common system
+
   @Column({
     name: 'create_time',
     comment: '创建时间',

packages/libs/lib-server/src/user/access/service/access-getter.ts

@@ -2,17 +2,19 @@ import { IAccessService } from '@certd/pipeline';
 
 export class AccessGetter implements IAccessService {
   userId: number;
-  getter: <T>(id: any, userId?: number) => Promise<T>;
-  constructor(userId: number, getter: (id: any, userId: number) => Promise<any>) {
+  projectId?: number;
+  getter: <T>(id: any, userId?: number, projectId?: number) => Promise<T>;
+  constructor(userId: number, projectId: number, getter: (id: any, userId: number, projectId?: number) => Promise<any>) {
     this.userId = userId;
+    this.projectId = projectId;
     this.getter = getter;
   }
 
   async getById<T = any>(id: any) {
-    return await this.getter<T>(id, this.userId);
+    return await this.getter<T>(id, this.userId, this.projectId);
   }
 
   async getCommonById<T = any>(id: any) {
-    return await this.getter<T>(id, 0);
+    return await this.getter<T>(id, 0,null);
   }
 }

packages/libs/lib-server/src/user/access/service/access-service.ts

@@ -129,10 +129,11 @@ export class AccessService extends BaseService<AccessEntity> {
       id: entity.id,
       name: entity.name,
       userId: entity.userId,
+      projectId: entity.projectId,
     };
   }
 
-  async getAccessById(id: any, checkUserId: boolean, userId?: number): Promise<any> {
+  async getAccessById(id: any, checkUserId: boolean, userId?: number, projectId?: number): Promise<any> {
     const entity = await this.info(id);
     if (entity == null) {
       throw new Error(`该授权配置不存在,请确认是否已被删除:id=${id}`);
@@ -145,6 +146,9 @@ export class AccessService extends BaseService<AccessEntity> {
         throw new PermissionException('您对该Access授权无访问权限');
       }
     }
+    if (projectId != null && projectId !== entity.projectId) {
+      throw new PermissionException('您对该Access授权无访问权限');
+    }
 
     // const access = accessRegistry.get(entity.type);
     const setting = this.decryptAccessEntity(entity);
@@ -152,12 +156,12 @@ export class AccessService extends BaseService<AccessEntity> {
       id: entity.id,
       ...setting,
     };
-    const accessGetter = new AccessGetter(userId, this.getById.bind(this));
+    const accessGetter = new AccessGetter(userId,projectId, this.getById.bind(this));
     return await newAccess(entity.type, input,accessGetter);
   }
 
-  async getById(id: any, userId: number): Promise<any> {
-    return await this.getAccessById(id, true, userId);
+  async getById(id: any, userId: number, projectId?: number): Promise<any> {
+    return await this.getAccessById(id, true, userId, projectId);
   }
 
   decryptAccessEntity(entity: AccessEntity): any {
@@ -188,23 +192,25 @@ export class AccessService extends BaseService<AccessEntity> {
   }
 
 
-  async getSimpleByIds(ids: number[], userId: any) {
+  async getSimpleByIds(ids: number[], userId: any, projectId?: number) {
     if (ids.length === 0) {
       return [];
     }
-    if (!userId) {
+    if (userId==null) {
       return [];
     }
     return await this.repository.find({
       where: {
         id: In(ids),
         userId,
+        projectId,
       },
       select: {
         id: true,
         name: true,
         type: true,
-        userId:true
+        userId:true,
+        projectId:true,
       },
     });
 

packages/libs/lib-server/src/user/addon/entity/addon.ts

@@ -28,6 +28,9 @@ export class AddonEntity {
   @Column({ name: 'is_default', comment: '是否默认',  nullable: false, default: false })
   isDefault: boolean;
 
+  @Column({ name: 'project_id', comment: '项目id' })
+  projectId: number;
+
 
   @Column({
     name: 'create_time',

packages/libs/lib-server/src/user/addon/service/addon-service.ts

@@ -70,7 +70,8 @@ export class AddonService extends BaseService<AddonEntity> {
       name: entity.name,
       userId: entity.userId,
       addonType: entity.addonType,
-      type: entity.type
+      type: entity.type,
+      projectId: entity.projectId
     };
   }
 
@@ -84,17 +85,18 @@ export class AddonService extends BaseService<AddonEntity> {
   }
 
 
-  async getSimpleByIds(ids: number[], userId: any) {
+  async getSimpleByIds(ids: number[], userId: any,projectId?:number) {
     if (ids.length === 0) {
       return [];
     }
-    if (!userId) {
+    if (userId==null) {
       return [];
     }
     return await this.repository.find({
       where: {
         id: In(ids),
-        userId
+        userId,
+        projectId
       },
       select: {
         id: true,
@@ -109,11 +111,12 @@ export class AddonService extends BaseService<AddonEntity> {
   }
 
 
-  async getDefault(userId: number, addonType: string): Promise<any> {
+  async getDefault(userId: number, addonType: string,projectId?:number): Promise<any> {
     const res = await this.repository.findOne({
       where: {
         userId,
-        addonType
+        addonType,
+        projectId
       },
       order: {
         isDefault: "DESC"
@@ -133,21 +136,23 @@ export class AddonService extends BaseService<AddonEntity> {
       type: res.type,
       name: res.name,
       userId: res.userId,
-      setting
+      setting,
+      projectId: res.projectId
     };
   }
 
-  async setDefault(id: number, userId: number, addonType: string) {
+  async setDefault(id: number, userId: number, addonType: string,projectId?:number) {
     if (!id) {
       throw new ValidateException("id不能为空");
     }
-    if (!userId) {
+    if (userId==null) {
       throw new ValidateException("userId不能为空");
     }
     await this.repository.update(
       {
         userId,
-        addonType
+        addonType,
+        projectId
       },
       {
         isDefault: false
@@ -157,7 +162,8 @@ export class AddonService extends BaseService<AddonEntity> {
       {
         id,
         userId,
-        addonType
+        addonType,
+        projectId
       },
       {
         isDefault: true
@@ -165,12 +171,12 @@ export class AddonService extends BaseService<AddonEntity> {
     );
   }
 
-  async getOrCreateDefault(opts: { addonType: string, type: string, inputs: any, userId: any }) {
-    const { addonType, type, inputs, userId } = opts;
+  async getOrCreateDefault(opts: { addonType: string, type: string, inputs: any, userId: any,projectId?:number }) {
+    const { addonType, type, inputs, userId,projectId } = opts;
 
     const addonDefine = this.getDefineByType(type, addonType);
 
-    const defaultConfig = await this.getDefault(userId, addonType);
+    const defaultConfig = await this.getDefault(userId, addonType,projectId);
     if (defaultConfig) {
       return defaultConfig;
     }
@@ -183,17 +189,19 @@ export class AddonService extends BaseService<AddonEntity> {
       type: type,
       name: addonDefine.title,
       setting: JSON.stringify(setting),
-      isDefault: true
+      isDefault: true,
+      projectId
     });
     return this.buildAddonInstanceConfig(res);
   }
 
-  async getOneByType(req:{addonType:string,type:string,userId:number}) {
+  async getOneByType(req:{addonType:string,type:string,userId:number,projectId?:number}) {
     return await this.repository.findOne({
       where: {
         addonType: req.addonType,
         type: req.type,
-        userId: req.userId
+        userId: req.userId,
+        projectId: req.projectId
       }
     });
   }

packages/libs/midway-flyway-js/package.json

@@ -46,5 +46,5 @@
     "typeorm": "^0.3.11",
     "typescript": "^5.4.2"
   },
-  "gitHead": "1f002159e2a3c73fb5e00341a344effa07d6f653"
+  "gitHead": "49457505cdf8156fd9d936b8e9ace0b48e43a6b2"
 }

packages/plugins/plugin-cert/package.json

@@ -38,5 +38,5 @@
     "tslib": "^2.8.1",
     "typescript": "^5.4.2"
   },
-  "gitHead": "1f002159e2a3c73fb5e00341a344effa07d6f653"
+  "gitHead": "49457505cdf8156fd9d936b8e9ace0b48e43a6b2"
 }

packages/plugins/plugin-lib/package.json

@@ -57,5 +57,5 @@
     "tslib": "^2.8.1",
     "typescript": "^5.4.2"
   },
-  "gitHead": "1f002159e2a3c73fb5e00341a344effa07d6f653"
+  "gitHead": "49457505cdf8156fd9d936b8e9ace0b48e43a6b2"
 }

packages/ui/certd-client/src/api/service.ts

@@ -3,6 +3,7 @@ import { get } from "lodash-es";
 import { errorLog, errorCreate } from "./tools";
 import { env } from "/src/utils/util.env";
 import { useUserStore } from "/@/store/user";
+import { useProjectStore } from "../store/project";
 
 export class CodeError extends Error {
   code: number;
@@ -135,21 +136,29 @@ function createService() {
  */
 function createRequestFunction(service: any) {
   return function (config: any) {
-    const configDefault = {
+    const configDefault: any = {
       headers: {
         "Content-Type": get(config, "headers.Content-Type", "application/json"),
-      },
+      } as any,
       timeout: 30000,
       baseURL: env.API,
       data: {},
+      params: {},
     };
+    const projectStore = useProjectStore();
+
     const userStore = useUserStore();
     const token = userStore.getToken;
     if (token != null) {
       // @ts-ignore
       configDefault.headers.Authorization = token;
     }
-    return service(Object.assign(configDefault, config));
+    Object.assign(configDefault, config);
+
+    if (!configDefault.params.projectId && projectStore.isEnterprise && !config.url.startsWith("/sys") && !config.url.startsWith("http")) {
+      configDefault.params.projectId = projectStore.currentProject?.id;
+    }
+    return service(configDefault);
   };
 }
 

packages/ui/certd-client/src/api/tools.ts

@@ -19,30 +19,30 @@ export function parse(jsonString = "{}", defaultValue = {}) {
 /**
  * @description 接口请求返回
  * @param {Any} data 返回值
- * @param {String} msg 状态信息
+ * @param {String} message 状态信息
  * @param {Number} code 状态码
  */
-export function response(data = {}, msg = "", code = 0) {
-  return [200, { code, msg, data }];
+export function response(data = {}, message = "", code = 0) {
+  return [200, { code, message, data }];
 }
 
 /**
  * @description 接口请求返回 正确返回
  * @param {Any} data 返回值
- * @param {String} msg 状态信息
+ * @param {String} message 状态信息
  */
-export function responseSuccess(data = {}, msg = "成功") {
-  return response(data, msg);
+export function responseSuccess(data = {}, message = "成功") {
+  return response(data, message);
 }
 
 /**
  * @description 接口请求返回 错误返回
  * @param {Any} data 返回值
- * @param {String} msg 状态信息
+ * @param {String} message 状态信息
  * @param {Number} code 状态码
  */
-export function responseError(data = {}, msg = "请求失败", code = 500) {
-  return response(data, msg, code);
+export function responseError(data = {}, message = "请求失败", code = 500) {
+  return response(data, message, code);
 }
 
 /**

packages/ui/certd-client/src/components/index.ts

@@ -16,6 +16,9 @@ import { defineAsyncComponent } from "vue";
 import NotificationSelector from "../views/certd/notification/notification-selector/index.vue";
 import EmailSelector from "./email-selector/index.vue";
 import ValidTimeFormat from "./valid-time-format.vue";
+import ProjectSelector from "./project-selector/index.vue";
+import ProjectCurrent from "./project-selector/project-current.vue";
+
 export default {
   install(app: any) {
     app.component(
@@ -45,5 +48,7 @@ export default {
     app.component("ExpiresTimeText", ExpiresTimeText);
     app.use(vip);
     app.use(Plugins);
+    app.component("ProjectSelector", ProjectSelector);
+    app.component("ProjectCurrent", ProjectCurrent);
   },
 };

packages/ui/certd-client/src/components/plugins/common/domain-selector.vue

@@ -83,6 +83,7 @@ const props = defineProps<{
   search?: boolean;
   pager?: boolean;
   value?: any[];
+  open?: boolean;
 }>();
 
 const emit = defineEmits<{

packages/ui/certd-client/src/components/project-selector/api.ts

@@ -0,0 +1,9 @@
+import { request } from "/src/api/service";
+
+export async function MyProjectList() {
+  return await request({
+    url: "/enterprise/project/list",
+    method: "post",
+    data: {},
+  });
+}

packages/ui/certd-client/src/components/project-selector/index.vue

@@ -0,0 +1,68 @@
+<template>
+  <a-dropdown class="project-selector">
+    <template #overlay>
+      <a-menu @click="handleMenuClick">
+        <a-menu-item v-for="item in projectStore.myProjects" :key="item.id">
+          <div class="flex items-center justify-between w-full">
+            <span class="mr-1">{{ item.name }}</span>
+            <fs-values-format :model-value="item.permission" :dict="projectPermissionDict"></fs-values-format>
+          </div>
+        </a-menu-item>
+        <a-menu-item key="join">
+          <div class="flex items-center w-full">
+            <fs-icon icon="ion:add" class="mr-1"></fs-icon>
+            <span>加入其他项目</span>
+          </div>
+        </a-menu-item>
+      </a-menu>
+    </template>
+    <div class="rounded pl-3 pr-3 px-2 py-1 flex-center flex pointer items-center bg-accent h-10 button-text" title="当前项目">
+      <!-- <fs-icon icon="ion:apps" class="mr-1"></fs-icon> -->
+      当前项目：{{ projectStore.currentProject?.name || "..." }}
+      <fs-icon :icon="currentIcon" class="ml-5"></fs-icon>
+    </div>
+  </a-dropdown>
+</template>
+
+<script lang="ts" setup>
+import { computed, onMounted } from "vue";
+import { useProjectStore } from "/@/store/project";
+import { useDicts } from "/@/views/certd/dicts";
+import { useRouter } from "vue-router";
+defineOptions({
+  name: "ProjectSelector",
+});
+
+const projectStore = useProjectStore();
+onMounted(async () => {
+  await projectStore.init();
+  console.log(projectStore.myProjects);
+});
+
+const router = useRouter();
+function handleMenuClick({ key }: any) {
+  if (key === "join") {
+    router.push("/certd/project/join");
+    return;
+  }
+
+  projectStore.changeCurrentProject(key);
+  window.location.reload();
+}
+const { projectPermissionDict } = useDicts();
+
+const currentIcon = computed(() => {
+  return projectPermissionDict.dataMap[projectStore.currentProject?.permission || ""]?.icon || "";
+});
+</script>
+<style lang="less">
+.project-selector {
+  &.button-text {
+    min-width: 150px;
+    max-width: 250px;
+    overflow: hidden;
+    text-overflow: ellipsis;
+    white-space: nowrap;
+  }
+}
+</style>

packages/ui/certd-client/src/components/project-selector/project-current.vue

@@ -0,0 +1,28 @@
+<template>
+  <a-tag color="green" class="flex-center flex pointer items-center button-text" title="当前项目">
+    <!-- <fs-icon icon="ion:apps" class="mr-1"></fs-icon> -->
+    当前项目：{{ projectStore.currentProject?.name || "..." }}
+    <fs-icon :icon="currentIcon" class="ml-5"></fs-icon>
+  </a-tag>
+</template>
+
+<script lang="ts" setup>
+import { computed, onMounted } from "vue";
+import { useProjectStore } from "/@/store/project";
+import { useDicts } from "/@/views/certd/dicts";
+defineOptions({
+  name: "ProjectCurrent",
+});
+
+const projectStore = useProjectStore();
+// onMounted(async () => {
+//   await projectStore.reload();
+// });
+
+const { projectPermissionDict } = useDicts();
+
+const currentIcon = computed(() => {
+  return projectPermissionDict.dataMap[projectStore.currentProject?.permission || ""]?.icon || "";
+});
+</script>
+<style lang="less"></style>

packages/ui/certd-client/src/layout/layout-basic.vue

@@ -10,6 +10,7 @@ import PageFooter from "./components/footer/index.vue";
 import { useRouter } from "vue-router";
 import MaxKBChat from "/@/components/ai/index.vue";
 import { useI18n } from "vue-i18n";
+import { useProjectStore } from "../store/project";
 
 const { t } = useI18n();
 
@@ -77,10 +78,17 @@ const openChat = (q: string) => {
   chatBox.value.openChat({ q });
 };
 provide("fn:ai.open", openChat);
+
+const projectStore = useProjectStore();
 </script>
 
 <template>
   <BasicLayout @clear-preferences-and-logout="handleLogout">
+    <template #header-left-0>
+      <div v-if="projectStore.isEnterprise" class="ml-1 mr-2">
+        <project-selector class="flex-center header-btn" />
+      </div>
+    </template>
     <template #user-dropdown>
       <UserDropdown :avatar="avatar" :menus="menus" :text="userStore.userInfo?.nickName || userStore.userInfo?.username" description="" tag-text="" @logout="handleLogout" />
     </template>
@@ -94,7 +102,7 @@ provide("fn:ai.open", openChat);
       <div class="hover:bg-accent ml-1 mr-2 cursor-pointer rounded-full">
         <vip-button class="flex-center header-btn" mode="nav" />
       </div>
-      <div v-if="!settingStore.isComm" class="hover:bg-accent ml-1 mr-2 cursor-pointer rounded-full">
+      <div v-if="!settingStore.isComm" class="hover:bg-accent ml-1 mr-2 cursor-pointer rounded-full hidden md:block">
         <fs-button shape="circle" type="text" icon="ion:logo-github" :text="null" @click="goGithub" />
       </div>
     </template>

packages/ui/certd-client/src/locales/langs/en-US/certd.ts

@@ -1,3 +1,4 @@
+//注意： @符号是保留字符，需要用{'@'}替换， AI请务必提醒我修改
 export default {
   app: {
     crud: {
@@ -161,6 +162,8 @@ export default {
     triggerType: "Trigger Type",
     pipelineId: "Pipeline Id",
     nextRunTime: "Next Run Time",
+    projectName: "Project",
+    adminId: "Admin",
   },
 
   pi: {
@@ -209,6 +212,14 @@ export default {
     orderManager: "Order Management",
     userSuites: "User Suites",
     netTest: "Network Test",
+
+    enterpriseSetting: "Enterprise Settings",
+    projectManager: "Project Management",
+    projectUserManager: "Project User Management",
+    myProjectManager: "My Projects",
+    myProjectDetail: "Project Detail",
+    projectJoin: "Join Project",
+    currentProject: "Current Project",
   },
   certificateRepo: {
     title: "Certificate Repository",
@@ -266,77 +277,6 @@ export default {
     webhookEnabledHelper: "Support webhook trigger pipeline, please check webhook address in trigger source",
   },
   notificationDefault: "Use Default Notification",
-  monitor: {
-    remark: "Remark",
-    title: "Site Certificate Monitoring",
-    description: "Check website certificates' expiration at 0:00 daily; reminders sent 10 days before expiration (using default notification channel);",
-    settingLink: "Site Monitoring Settings",
-    limitInfo: "Basic edition limited to 1, professional and above unlimited, current",
-    checkAll: "Check All",
-    confirmTitle: "Confirm",
-    confirmContent: "Confirm to trigger check for all site certificates?",
-    checkSubmitted: "Check task submitted",
-    pleaseRefresh: "Please refresh the page later to see the results",
-    siteName: "Site Name",
-    enterSiteName: "Please enter the site name",
-    domain: "Domain",
-    enterDomain: "Please enter the domain",
-    enterValidDomain: "Please enter a valid domain",
-    httpsPort: "HTTPS Port",
-    enterPort: "Please enter the port",
-    certInfo: "Certificate Info",
-    issuer: "Issuer",
-    certDomains: "Certificate Domains",
-    certProvider: "Issuer",
-    certStatus: "Certificate Status",
-    error: "Error",
-    status: {
-      ok: "Valid",
-      expired: "Expired",
-    },
-    certEffectiveTime: "Certificate Effective",
-    certExpiresTime: "Certificate Expiration",
-    remainingValidity: "Remaining Validity",
-    expired: "expired",
-    days: "days",
-    lastCheckTime: "Last Check Time",
-    disabled: "Enable/Disable",
-    ipCheck: "Enable IP Check",
-    ipCheckHelper: "Enable to check certificate expiration time on each IP (or source site domain) ",
-    ipSyncAuto: "Enable IP Sync Auto",
-    ipSyncMode: "IP Sync Mode",
-    ipIgnoreCoherence: "Ignore Certificate Coherence",
-    ipIgnoreCoherenceHelper: "Enable to ignore certificate coherence check, only check certificate expiration time",
-    selectRequired: "Please select",
-    ipCheckConfirm: "Are you sure to {status} IP check?",
-    ipCount: "IP Count",
-    checkStatus: "Check Status",
-    pipelineId: "Linked Pipeline ID",
-    certInfoId: "Certificate ID",
-    checkSubmittedRefresh: "Check task submitted. Please refresh later to view the result.",
-    ipManagement: "IP Management",
-    bulkImport: "Bulk Import",
-    basicLimitError: "Basic version allows only one monitoring site. Please upgrade to the Pro version.",
-    limitExceeded: "Sorry, you can only create up to {max} monitoring records. Please purchase or upgrade your plan.",
-    setting: {
-      siteMonitorSettings: "Site Monitor Settings",
-      notificationChannel: "Notification Channel",
-      setNotificationChannel: "Set the notification channel",
-      retryTimes: "Retry Times",
-      monitorRetryTimes: "Number of retry attempts for monitoring requests",
-      monitorCronSetting: "Monitoring Schedule",
-      cronTrigger: "Scheduled trigger for monitoring",
-      dnsServer: "DNS Server",
-      dnsServerHelper: "Use a custom domain name resolution server, such as: 1.1.1.1 , support multiple",
-      certValidDays: "Certificate Valid Days",
-      certValidDaysHelper: "Number of days before expiration to send a notification",
-    },
-    cert: {
-      expired: "Expired",
-      expiring: "Expiring",
-      noExpired: "Not Expired",
-    },
-  },
   checkStatus: {
     success: "Success",
     checking: "Checking",
@@ -690,7 +630,7 @@ export default {
   password: "Password",
   pleaseEnterPassword: "Please enter password",
   qqEmailAuthCodeHelper: "If using QQ email, get an authorization code in QQ email settings as the password",
-  senderEmailHelper: "You can use the format: Name<Email> to set the sender name, e.g.: autossl<certd@example.com>",
+  senderEmailHelper: "You can use the format: Name<Email> to set the sender name, e.g.: autossl<certd{'@'}example.com>",
   senderEmail: "Sender Email",
   pleaseEnterSenderEmail: "Please enter sender email",
   useSsl: "Use SSL",
@@ -788,6 +728,10 @@ export default {
       pipelineSetting: "Pipeline Settings",
       oauthSetting: "OAuth2 Settings",
       networkSetting: "Network Settings",
+      adminModeSetting: "Admin Mode Settings",
+      adminModeHelper: "enterprise mode : allow to create and manage pipelines, roles, users, etc.\n saas mode : only allow to create and manage pipelines",
+      enterpriseMode: "Enterprise Mode",
+      saasMode: "SaaS Mode",
 
       showRunStrategy: "Show RunStrategy",
       showRunStrategyHelper: "Allow modify the run strategy of the task",
@@ -866,6 +810,36 @@ export default {
     fromType: "From Type",
     expirationDate: "Expiration Date",
   },
+  ent: {
+    projectName: "Project Name",
+    projectDescription: "Project Description",
+    projectDetailManager: "Project Detail",
+    projectDetailDescription: "Manage Project Members",
+    projectPermission: "Permission",
+    permission: {
+      read: "Read",
+      write: "Write",
+      admin: "Admin",
+    },
+    projectMemberStatus: "Member Status",
+  },
+  project: {
+    noProjectJoined: "You haven't joined any projects yet",
+    applyToJoin: "Please apply to join a project to start using",
+    systemProjects: "System Project List",
+    createdAt: "Created At",
+    applyJoin: "Apply to Join",
+    noSystemProjects: "No system projects available",
+    fetchFailed: "Failed to fetch project list",
+    applySuccess: "Application successful, waiting for admin approval",
+    applyFailed: "Application failed, please try again later",
+    leave: "Leave Project",
+    leaveSuccess: "Leave project successful",
+    leaveFailed: "Leave project failed, please try again later",
+    applyJoinConfirm: "Are you sure you want to apply to join this project?",
+    leaveConfirm: "Are you sure you want to leave this project?",
+    viewDetail: "View Detail",
+  },
   addonSelector: {
     select: "Select",
     placeholder: "select please",

packages/ui/certd-client/src/locales/langs/en-US/index.ts

@@ -6,7 +6,8 @@ import preferences from "./preferences";
 import ui from "./ui";
 import guide from "./guide";
 import common from "./common";
-
+import monitor from "./monitor";
+//注意： @符号是保留字符，需要用{'@'}替换
 export default {
   certd,
   authentication,
@@ -16,4 +17,5 @@ export default {
   preferences,
   guide,
   common,
+  monitor,
 };

packages/ui/certd-client/src/locales/langs/en-US/monitor.ts

@@ -0,0 +1,73 @@
+export default {
+  ipAddress: "IP地址",
+  ipAddressHelper: "填写则固定检查此IP，不从DNS获取域名的IP地址",
+  remark: "Remark",
+  title: "Site Certificate Monitoring",
+  description: "Check website certificates' expiration at 0:00 daily; reminders sent 10 days before expiration (using default notification channel);",
+  settingLink: "Site Monitoring Settings",
+  limitInfo: "Basic edition limited to 1, professional and above unlimited, current",
+  checkAll: "Check All",
+  confirmTitle: "Confirm",
+  confirmContent: "Confirm to trigger check for all site certificates?",
+  checkSubmitted: "Check task submitted",
+  pleaseRefresh: "Please refresh the page later to see the results",
+  siteName: "Site Name",
+  enterSiteName: "Please enter the site name",
+  domain: "Domain",
+  enterDomain: "Please enter the domain",
+  enterValidDomain: "Please enter a valid domain",
+  httpsPort: "HTTPS Port",
+  enterPort: "Please enter the port",
+  certInfo: "Certificate Info",
+  issuer: "Issuer",
+  certDomains: "Certificate Domains",
+  certProvider: "Issuer",
+  certStatus: "Certificate Status",
+  error: "Error",
+  status: {
+    ok: "Valid",
+    expired: "Expired",
+  },
+  certEffectiveTime: "Certificate Effective",
+  certExpiresTime: "Certificate Expiration",
+  remainingValidity: "Remaining Validity",
+  expired: "expired",
+  days: "days",
+  lastCheckTime: "Last Check Time",
+  disabled: "Enable/Disable",
+  ipCheck: "Enable IP Check",
+  ipCheckHelper: "Enable to check certificate expiration time on each IP (or source site domain) ",
+  ipSyncAuto: "Enable IP Sync Auto",
+  ipSyncMode: "IP Sync Mode",
+  ipIgnoreCoherence: "Ignore Certificate Coherence",
+  ipIgnoreCoherenceHelper: "Enable to ignore certificate coherence check, only check certificate expiration time",
+  selectRequired: "Please select",
+  ipCheckConfirm: "Are you sure to {status} IP check?",
+  ipCount: "IP Count",
+  checkStatus: "Check Status",
+  pipelineId: "Linked Pipeline ID",
+  certInfoId: "Certificate ID",
+  checkSubmittedRefresh: "Check task submitted. Please refresh later to view the result.",
+  ipManagement: "IP Management",
+  bulkImport: "Bulk Import",
+  basicLimitError: "Basic version allows only one monitoring site. Please upgrade to the Pro version.",
+  limitExceeded: "Sorry, you can only create up to {max} monitoring records. Please purchase or upgrade your plan.",
+  setting: {
+    siteMonitorSettings: "Site Monitor Settings",
+    notificationChannel: "Notification Channel",
+    setNotificationChannel: "Set the notification channel",
+    retryTimes: "Retry Times",
+    monitorRetryTimes: "Number of retry attempts for monitoring requests",
+    monitorCronSetting: "Monitoring Schedule",
+    cronTrigger: "Scheduled trigger for monitoring",
+    dnsServer: "DNS Server",
+    dnsServerHelper: "Use a custom domain name resolution server, such as: 1.1.1.1 , support multiple",
+    certValidDays: "Certificate Valid Days",
+    certValidDaysHelper: "Number of days before expiration to send a notification",
+  },
+  cert: {
+    expired: "Expired",
+    expiring: "Expiring",
+    noExpired: "Not Expired",
+  },
+};

packages/ui/certd-client/src/locales/langs/zh-CN/certd.ts

@@ -1,3 +1,4 @@
+//注意： @符号是保留字符，需要用{'@'}替换， AI请务必提醒我修改
 export default {
   app: {
     crud: {
@@ -168,6 +169,8 @@ export default {
     triggerType: "触发类型",
     pipelineId: "流水线Id",
     nextRunTime: "下次运行时间",
+    projectName: "项目",
+    adminId: "管理员",
   },
   pi: {
     validTime: "流水线有效期",
@@ -215,6 +218,14 @@ export default {
     orderManager: "订单管理",
     userSuites: "用户套餐",
     netTest: "网络测试",
+    enterpriseManager: "企业管理设置",
+    projectManager: "项目管理",
+    projectDetail: "项目详情",
+    enterpriseSetting: "企业设置",
+    myProjectManager: "我的项目",
+    myProjectDetail: "项目详情",
+    projectJoin: "加入项目",
+    currentProject: "当前项目",
   },
   certificateRepo: {
     title: "证书仓库",
@@ -269,82 +280,6 @@ export default {
     webhookEnabledHelper: "支持webhook触发流水线，请在触发源中查看webhook地址",
   },
   notificationDefault: "使用默认通知",
-  monitor: {
-    remark: "备注",
-    title: "站点证书监控",
-    description: "每天0点，检查网站证书的过期时间，到期前10天时将发出提醒（使用默认通知渠道）;",
-    settingLink: "站点监控设置",
-    limitInfo: "基础版限制1条，专业版以上无限制，当前",
-    checkAll: "检查全部",
-    confirmTitle: "确认",
-    confirmContent: "确认触发检查全部站点证书吗?",
-    checkSubmitted: "检查任务已提交",
-    pleaseRefresh: "请稍后刷新页面查看结果",
-    siteName: "站点名称",
-    enterSiteName: "请输入站点名称",
-    domain: "网站域名",
-    enterDomain: "请输入域名",
-    enterValidDomain: "请输入正确的域名",
-    httpsPort: "HTTPS端口",
-    enterPort: "请输入端口",
-    certInfo: "证书信息",
-    issuer: "证书颁发机构",
-    certDomains: "证书域名",
-    certProvider: "颁发机构",
-    certStatus: "证书状态",
-    error: "错误信息",
-    status: {
-      ok: "正常",
-      expired: "过期",
-    },
-    certEffectiveTime: "证书生效时间",
-    certExpiresTime: "证书到期时间",
-    remainingValidity: "到期剩余",
-    expired: "过期",
-    days: "天",
-    lastCheckTime: "上次检查时间",
-    disabled: "禁用启用",
-    ipCheck: "开启IP检查",
-    ipCheckHelper: "开启后，会检查IP（或源站）上的证书有效期",
-    ipSyncAuto: "自动同步IP",
-    ipSyncMode: "IP同步模式",
-    ipSyncModeHelper: "选择仅检查IPv4或IPv6，或检查所有IP",
-    ipSyncModeAll: "检查所有IP",
-    ipSyncModeIPV4Only: "仅检查IPv4",
-    ipSyncModeIPV6Only: "仅检查IPv6",
-    selectRequired: "请选择",
-    ipCheckConfirm: "确定{status}IP检查？",
-    ipCount: "IP数量",
-    ipIgnoreCoherence: "忽略证书一致性",
-    ipIgnoreCoherenceHelper: "开启后，即使IP上的证书与站点证书不一致，也会被认为是正常，仅校验证书过期时间",
-    checkStatus: "检查状态",
-    pipelineId: "关联流水线ID",
-    certInfoId: "证书ID",
-    checkSubmittedRefresh: "检查任务已提交，请稍后刷新查看结果",
-    ipManagement: "IP管理",
-    bulkImport: "批量导入",
-    basicLimitError: "基础版只能添加一个监控站点，请赞助升级专业版",
-    limitExceeded: "对不起，您最多只能创建条{max}监控记录，请购买或升级套餐",
-    setting: {
-      siteMonitorSettings: "站点监控设置",
-      notificationChannel: "通知渠道",
-      setNotificationChannel: "设置通知渠道",
-      retryTimes: "重试次数",
-      monitorRetryTimes: "监控请求重试次数",
-      monitorCronSetting: "监控定时设置",
-      cronTrigger: "定时触发监控",
-      dnsServer: "DNS服务器",
-      dnsServerHelper: "使用自定义的域名解析服务器，如：1.1.1.1 , 支持多个",
-      certValidDays: "证书到期前天数",
-      certValidDaysHelper: "证书到期前多少天发送通知",
-    },
-
-    cert: {
-      expired: "已过期",
-      expiring: "即将过期",
-      noExpired: "未过期",
-    },
-  },
   checkStatus: {
     success: "成功",
     checking: "检查中",
@@ -701,7 +636,7 @@ export default {
   password: "密码",
   pleaseEnterPassword: "请输入密码",
   qqEmailAuthCodeHelper: "如果是qq邮箱，需要到qq邮箱的设置里面申请授权码作为密码",
-  senderEmailHelper: "您可以使用 名称<邮箱> 的格式，来修改发件人名称，例如: autossl<certd@example.com>",
+  senderEmailHelper: "您可以使用 名称<邮箱> 的格式，来修改发件人名称，例如: autossl<certd{'@'}example.com>",
   senderEmail: "发件邮箱",
   pleaseEnterSenderEmail: "请输入发件邮箱",
   useSsl: "是否ssl",
@@ -795,6 +730,12 @@ export default {
       pipelineSetting: "流水线设置",
       oauthSetting: "第三方登录",
       networkSetting: "网络设置",
+      adminModeSetting: "管理模式",
+      adminModeHelper: "企业管理模式: 企业内部使用，通过项目来隔离权限，流水线、授权数据属于项目。\nsaas模式：供外部用户注册使用，各个用户之间数据隔离，流水线、授权数据属于用户。",
+
+      adminMode: "管理模式",
+      enterpriseMode: "企业模式",
+      saasMode: "SaaS模式",
 
       showRunStrategy: "显示运行策略选择",
       showRunStrategyHelper: "任务设置中是否允许选择运行策略",
@@ -885,4 +826,34 @@ export default {
     select: "选择",
     placeholder: "请选择",
   },
+  ent: {
+    projectName: "项目名称",
+    projectDescription: "项目描述",
+    projectDetailManager: "项目详情",
+    projectDetailDescription: "管理项目成员",
+    projectPermission: "权限",
+    permission: {
+      read: "查看",
+      write: "修改",
+      admin: "管理员",
+    },
+    projectMemberStatus: "成员状态",
+  },
+  project: {
+    noProjectJoined: "您还没有加入任何项目",
+    applyToJoin: "请申请加入项目以开始使用",
+    projectList: "项目列表",
+    createdAt: "创建时间",
+    applyJoin: "申请加入",
+    noProjects: "暂无项目",
+    fetchFailed: "获取项目列表失败",
+    applySuccess: "申请成功，等待管理员审核",
+    applyFailed: "申请失败，请稍后重试",
+    leave: "退出项目",
+    leaveSuccess: "退出项目成功",
+    leaveFailed: "退出项目失败，请稍后重试",
+    applyJoinConfirm: "确认加入项目？",
+    leaveConfirm: "确认退出项目？",
+    viewDetail: "查看详情",
+  },
 };

packages/ui/certd-client/src/locales/langs/zh-CN/index.ts

@@ -6,7 +6,8 @@ import preferences from "./preferences";
 import ui from "./ui";
 import guide from "./guide";
 import common from "./common";
-
+import monitor from "./monitor";
+//注意： @符号是保留字符，需要用{'@'}替换
 export default {
   certd,
   authentication,
@@ -16,4 +17,5 @@ export default {
   preferences,
   guide,
   common,
+  monitor,
 };

packages/ui/certd-client/src/locales/langs/zh-CN/monitor.ts

@@ -0,0 +1,77 @@
+export default {
+  ipAddress: "IP地址",
+  ipAddressHelper: "填写则固定检查此IP，不从DNS获取域名的IP地址",
+  remark: "备注",
+  title: "站点证书监控",
+  description: "每天0点，检查网站证书的过期时间，到期前10天时将发出提醒（使用默认通知渠道）;",
+  settingLink: "站点监控设置",
+  limitInfo: "基础版限制1条，专业版以上无限制，当前",
+  checkAll: "检查全部",
+  confirmTitle: "确认",
+  confirmContent: "确认触发检查全部站点证书吗?",
+  checkSubmitted: "检查任务已提交",
+  pleaseRefresh: "请稍后刷新页面查看结果",
+  siteName: "站点名称",
+  enterSiteName: "请输入站点名称",
+  domain: "网站域名",
+  enterDomain: "请输入域名",
+  enterValidDomain: "请输入正确的域名",
+  httpsPort: "HTTPS端口",
+  enterPort: "请输入端口",
+  certInfo: "证书信息",
+  issuer: "证书颁发机构",
+  certDomains: "证书域名",
+  certProvider: "颁发机构",
+  certStatus: "证书状态",
+  error: "错误信息",
+  status: {
+    ok: "正常",
+    expired: "过期",
+  },
+  certEffectiveTime: "证书生效时间",
+  certExpiresTime: "证书到期时间",
+  remainingValidity: "到期剩余",
+  expired: "过期",
+  days: "天",
+  lastCheckTime: "上次检查时间",
+  disabled: "禁用启用",
+  ipCheck: "开启IP检查",
+  ipCheckHelper: "开启后，会检查IP（或源站）上的证书有效期",
+  ipSyncAuto: "自动同步IP",
+  ipSyncMode: "IP同步模式",
+  ipSyncModeHelper: "选择仅检查IPv4或IPv6，或检查所有IP",
+  ipSyncModeAll: "检查所有IP",
+  ipSyncModeIPV4Only: "仅检查IPv4",
+  ipSyncModeIPV6Only: "仅检查IPv6",
+  selectRequired: "请选择",
+  ipCheckConfirm: "确定{status}IP检查？",
+  ipCount: "IP数量",
+  ipIgnoreCoherence: "忽略证书一致性",
+  ipIgnoreCoherenceHelper: "开启后，即使IP上的证书与站点证书不一致，也会被认为是正常，仅校验证书过期时间",
+  checkStatus: "检查状态",
+  pipelineId: "关联流水线ID",
+  certInfoId: "证书ID",
+  checkSubmittedRefresh: "检查任务已提交，请稍后刷新查看结果",
+  ipManagement: "IP管理",
+  bulkImport: "批量导入",
+  basicLimitError: "基础版只能添加一个监控站点，请赞助升级专业版",
+  limitExceeded: "对不起，您最多只能创建条{max}监控记录，请购买或升级套餐",
+  setting: {
+    siteMonitorSettings: "站点监控设置",
+    notificationChannel: "通知渠道",
+    setNotificationChannel: "设置通知渠道",
+    retryTimes: "重试次数",
+    monitorRetryTimes: "监控请求重试次数",
+    monitorCronSetting: "监控定时设置",
+    cronTrigger: "定时触发监控",
+    dnsServer: "DNS服务器",
+    dnsServerHelper: "使用自定义的域名解析服务器，如：1.1.1.1 , 支持多个",
+    certValidDays: "证书到期前天数",
+    certValidDaysHelper: "证书到期前多少天发送通知",
+  },
+  cert: {
+    expired: "已过期",
+    expiring: "即将过期",
+    noExpired: "未过期",
+  },
+};

packages/ui/certd-client/src/locales/langs/zh-CN/vip.ts

@@ -55,7 +55,7 @@ export default {
   email_webhook_notifications: "邮件、webhook通知方式",
 
   professional_edition: "专业版",
-  open_source_support: "开源需要您的赞助支持",
+  open_source_support: "开源需要您的赞助支持，个人和企业内部使用",
   vip_group_priority: "可加VIP群，您的需求将优先实现",
   unlimited_site_certificate_monitoring: "站点证书监控无限制",
   more_notification_methods: "更多通知方式",
@@ -66,13 +66,13 @@ export default {
   get_after_support: "立即赞助",
 
   business_edition: "商业版",
-  commercial_license: "商业授权，可对外运营",
+  commercial_license: "商业授权，可对外运营，提供SaaS服务",
   all_pro_privileges: "拥有专业版所有特权",
   allow_commercial_use_modify_logo_title: "允许商用，可修改logo、标题",
   data_statistics: "数据统计",
   plugin_management: "插件管理",
   unlimited_multi_users: "多用户无限制",
-  support_user_payment: "支持用户支付",
+  support_user_payment: "支持用户支付（购买套餐，按流水线条数、域名数量、部署次数计费）",
   activate: "激活",
   get_pro_code_after_support: "前往获取",
   business_contact_author: "",

packages/ui/certd-client/src/plugin/fast-crud/index.tsx

@@ -123,7 +123,6 @@ function install(app: App, options: any = {}) {
               if (scope.key === "__blank__") {
                 return false;
               }
-
               //不能用 !scope.value ， 否则switch组件设置为关之后就消失了
               const { value, key, props } = scope;
               return !value && key != "_index" && value != false && value != 0;

packages/ui/certd-client/src/plugin/permission/use-crud-permission.ts

@@ -1,12 +1,15 @@
 import { usePermission } from "/@/plugin/permission";
 import { merge as LodashMerge } from "lodash-es";
+import { useProjectStore } from "/@/store/project";
 
 export type UseCrudPermissionExtraProps = {
   hasActionPermission: (action: string) => boolean;
 };
 export type UseCrudPermissionExtra = (props: UseCrudPermissionExtraProps) => any;
 export type UseCrudPermissionCompProps = {
-  prefix: string;
+  isProjectPermission?: boolean;
+  projectPermission?: string;
+  prefix?: string;
   extra?: UseCrudPermissionExtra;
   [key: string]: any;
 };
@@ -20,14 +23,31 @@ export type UseCrudPermissionProps = {
 export function useCrudPermission({ permission }: UseCrudPermissionProps) {
   const { hasPermissions } = usePermission();
 
-  const prefix = permission instanceof Object ? permission.prefix : permission;
-
   //根据权限显示按钮
-  function hasActionPermission(action: string) {
+  let hasActionPermission = (action: string) => {
     if (!prefix) {
       return true;
     }
     return hasPermissions(prefix + ":" + action);
+  };
+
+  let per: UseCrudPermissionCompProps = permission as any;
+  if (per == null) {
+    per = { prefix: "" };
+  }
+  if (typeof per === "string") {
+    per = {
+      prefix: per || "",
+    };
+  }
+  let prefix = per.prefix || "";
+  const isProjectPermission = per.isProjectPermission || false;
+  if (isProjectPermission) {
+    const projectStore = useProjectStore();
+    prefix = "";
+    hasActionPermission = function (value: string) {
+      return projectStore.hasPermission(value as string);
+    };
   }
 
   function buildCrudPermission(): any {
@@ -36,25 +56,45 @@ export function useCrudPermission({ permission }: UseCrudPermissionProps) {
     }
 
     let extra = {};
-    if (permission instanceof Object) {
-      extra = permission.extra;
-      if (permission.extra && permission.extra instanceof Function) {
-        extra = permission.extra({ hasActionPermission });
+    if (per instanceof Object) {
+      extra = per.extra;
+      if (per.extra && per.extra instanceof Function) {
+        extra = per.extra({ hasActionPermission });
       }
     }
 
+    let viewPermission = "view";
+    if (isProjectPermission) {
+      viewPermission = "read";
+    }
+
+    let addPermission = "add";
+    if (isProjectPermission) {
+      addPermission = per.projectPermission || "write";
+    }
+
+    let editPermission = "edit";
+    if (isProjectPermission) {
+      editPermission = per.projectPermission || "write";
+    }
+
+    let removePermission = "remove";
+    if (isProjectPermission) {
+      removePermission = per.projectPermission || "write";
+    }
     return LodashMerge(
       {
         actionbar: {
           buttons: {
-            add: { show: hasActionPermission("add") },
+            add: { show: hasActionPermission(addPermission) },
           },
         },
         rowHandle: {
           buttons: {
-            edit: { show: hasActionPermission("edit") },
-            remove: { show: hasActionPermission("remove") },
-            view: { show: hasActionPermission("view") },
+            edit: { show: hasActionPermission(editPermission) },
+            remove: { show: hasActionPermission(removePermission) },
+            view: { show: hasActionPermission(viewPermission) },
+            copy: { show: hasActionPermission(addPermission) },
           },
         },
       },

packages/ui/certd-client/src/router/guard.ts

@@ -9,6 +9,9 @@ import { useSettingStore } from "/@/store/settings";
 import { usePermissionStore } from "/@/plugin/permission/store.permission";
 import util from "/@/plugin/permission/util.permission";
 import { useUserStore } from "/@/store/user";
+import { useProjectStore } from "../store/project";
+export const PROJECT_PATH_PREFIX = "/certd/project";
+export const SYS_PATH_PREFIX = "/sys";
 
 function buildAccessedMenus(menus: any) {
   if (menus == null) {
@@ -124,6 +127,20 @@ function setupAccessGuard(router: Router) {
         };
       }
       return true;
+    } else {
+      // 如果是项目模式
+      const projectStore = useProjectStore();
+      if (projectStore.isEnterprise) {
+        //加载我的项目
+        await projectStore.init();
+        if (!projectStore.currentProject && !to.path.startsWith(PROJECT_PATH_PREFIX) && !to.path.startsWith(SYS_PATH_PREFIX)) {
+          //没有项目
+          return {
+            path: `${PROJECT_PATH_PREFIX}/join`,
+            replace: true,
+          };
+        }
+      }
     }
   });
 }

packages/ui/certd-client/src/router/source/modules/certd.ts

@@ -1,6 +1,5 @@
+import { useProjectStore } from "/@/store/project";
 import { useSettingStore } from "/@/store/settings";
-import aboutResource from "/@/router/source/modules/about";
-import i18n from "/@/locales/i18n";
 
 export const certdResources = [
   {
@@ -14,6 +13,49 @@ export const certdResources = [
       order: 0,
     },
     children: [
+      {
+        title: "certd.sysResources.myProjectManager",
+        name: "MyProjectManager",
+        path: "/certd/project",
+        component: "/certd/project/index.vue",
+        meta: {
+          show: () => {
+            const projectStore = useProjectStore();
+            return projectStore.isEnterprise;
+          },
+          isMenu: false,
+          icon: "ion:apps",
+          keepAlive: true,
+          auth: true,
+        },
+      },
+      {
+        title: "certd.sysResources.currentProject",
+        name: "CurrentProject",
+        path: "/certd/project/detail",
+        component: "/certd/project/detail/index.vue",
+        meta: {
+          show: () => {
+            const projectStore = useProjectStore();
+            return projectStore.isEnterprise;
+          },
+          isMenu: true,
+          icon: "ion:apps",
+          auth: true,
+        },
+      },
+      {
+        title: "certd.sysResources.projectJoin",
+        name: "ProjectJoin",
+        path: "/certd/project/join",
+        component: "/certd/project/join.vue",
+        meta: {
+          isMenu: false,
+          show: true,
+          icon: "ion:apps",
+          auth: true,
+        },
+      },
       {
         title: "certd.pipeline",
         name: "PipelineManager",
@@ -22,6 +64,7 @@ export const certdResources = [
         meta: {
           icon: "ion:analytics-sharp",
           keepAlive: true,
+          auth: true,
         },
       },
       {
@@ -31,6 +74,7 @@ export const certdResources = [
         component: "/certd/pipeline/detail.vue",
         meta: {
           isMenu: false,
+          auth: true,
         },
       },
       {
@@ -41,6 +85,7 @@ export const certdResources = [
         meta: {
           icon: "ion:timer-outline",
           keepAlive: true,
+          auth: true,
         },
       },
       {
@@ -51,6 +96,7 @@ export const certdResources = [
         meta: {
           isMenu: true,
           icon: "ion:duplicate-outline",
+          auth: true,
         },
       },
       {
@@ -60,6 +106,7 @@ export const certdResources = [
         component: "/certd/pipeline/template/edit.vue",
         meta: {
           isMenu: false,
+          auth: true,
         },
       },
       {
@@ -69,6 +116,7 @@ export const certdResources = [
         component: "/certd/pipeline/template/import/index.vue",
         meta: {
           isMenu: false,
+          auth: true,
         },
       },
       {
@@ -213,6 +261,10 @@ export const certdResources = [
               icon: "mi:user-check",
               auth: true,
               isMenu: true,
+              show: () => {
+                const projectStore = useProjectStore();
+                return !projectStore.isEnterprise;
+              },
             },
           },
           {

packages/ui/certd-client/src/router/source/modules/sys.ts

@@ -1,7 +1,4 @@
-import LayoutPass from "/@/layout/layout-pass.vue";
 import { useSettingStore } from "/@/store/settings";
-import aboutResource from "/@/router/source/modules/about";
-import i18n from "/@/locales/i18n";
 
 export const sysResources = [
   {
@@ -13,6 +10,7 @@ export const sysResources = [
       icon: "ion:settings-outline",
       permission: "sys:settings:view",
       order: 10,
+      auth: true,
     },
     children: [
       {
@@ -27,6 +25,7 @@ export const sysResources = [
           },
           icon: "ion:speedometer-outline",
           permission: "sys:auth:user:view",
+          auth: true,
         },
       },
 
@@ -38,6 +37,33 @@ export const sysResources = [
         meta: {
           icon: "ion:settings-outline",
           permission: "sys:settings:view",
+          auth: true,
+        },
+      },
+      {
+        title: "certd.sysResources.projectManager",
+        name: "ProjectManager",
+        path: "/sys/enterprise/project",
+        component: "/sys/enterprise/project/index.vue",
+        meta: {
+          show: true,
+          auth: true,
+          icon: "ion:apps",
+          permission: "sys:settings:edit",
+          keepAlive: true,
+        },
+      },
+      {
+        title: "certd.sysResources.projectDetail",
+        name: "ProjectDetail",
+        path: "/sys/enterprise/project/detail",
+        component: "/sys/enterprise/project/detail/index.vue",
+        meta: {
+          isMenu: false,
+          show: true,
+          auth: true,
+          icon: "ion:apps",
+          permission: "sys:settings:edit",
         },
       },
       {
@@ -49,6 +75,7 @@ export const sysResources = [
           icon: "ion:earth-outline",
           permission: "sys:settings:view",
           keepAlive: true,
+          auth: true,
         },
       },
       {
@@ -72,6 +99,7 @@ export const sysResources = [
             const settingStore = useSettingStore();
             return settingStore.isComm;
           },
+          auth: true,
           icon: "ion:document-text-outline",
           permission: "sys:settings:view",
         },
@@ -86,6 +114,7 @@ export const sysResources = [
             const settingStore = useSettingStore();
             return settingStore.isComm;
           },
+          auth: true,
           icon: "ion:menu",
           permission: "sys:settings:view",
           keepAlive: true,
@@ -101,6 +130,7 @@ export const sysResources = [
             const settingStore = useSettingStore();
             return settingStore.isComm;
           },
+          auth: true,
           icon: "ion:disc-outline",
           permission: "sys:settings:view",
           keepAlive: true,
@@ -115,6 +145,7 @@ export const sysResources = [
           icon: "ion:extension-puzzle-outline",
           permission: "sys:settings:view",
           keepAlive: true,
+          auth: true,
         },
       },
       {
@@ -127,6 +158,7 @@ export const sysResources = [
           icon: "ion:extension-puzzle",
           permission: "sys:settings:view",
           keepAlive: true,
+          auth: true,
         },
       },
       {
@@ -141,6 +173,7 @@ export const sysResources = [
           },
           icon: "ion:extension-puzzle",
           permission: "sys:settings:view",
+          auth: true,
         },
       },
       {
@@ -152,6 +185,7 @@ export const sysResources = [
           icon: "ion:golf-outline",
           permission: "sys:settings:view",
           keepAlive: true,
+          auth: true,
         },
       },
       {
@@ -163,6 +197,7 @@ export const sysResources = [
           icon: "ion:list-outline",
           permission: "sys:auth:per:view",
           keepAlive: true,
+          auth: true,
         },
       },
       {
@@ -174,6 +209,7 @@ export const sysResources = [
           icon: "ion:people-outline",
           permission: "sys:auth:role:view",
           keepAlive: true,
+          auth: true,
         },
       },
       {
@@ -185,9 +221,9 @@ export const sysResources = [
           icon: "ion:person-outline",
           permission: "sys:auth:user:view",
           keepAlive: true,
+          auth: true,
         },
       },
-
       {
         title: "certd.sysResources.suiteManager",
         name: "SuiteManager",
@@ -201,6 +237,7 @@ export const sysResources = [
             return settingStore.isComm;
           },
           keepAlive: true,
+          auth: true,
         },
         children: [
           {
@@ -215,6 +252,7 @@ export const sysResources = [
               },
               icon: "ion:cart",
               permission: "sys:settings:edit",
+              auth: true,
             },
           },
           {
@@ -230,6 +268,7 @@ export const sysResources = [
               icon: "ion:bag-check",
               permission: "sys:settings:edit",
               keepAlive: true,
+              auth: true,
             },
           },
           {

packages/ui/certd-client/src/store/project/api.ts

@@ -0,0 +1,9 @@
+import { request } from "/src/api/service";
+
+export async function MyProjectList() {
+  return await request({
+    url: "/enterprise/project/list",
+    method: "post",
+    data: {},
+  });
+}

packages/ui/certd-client/src/store/project/index.ts

@@ -0,0 +1,143 @@
+import { defineStore } from "pinia";
+import * as api from "./api";
+import { message } from "ant-design-vue";
+import { computed, ref } from "vue";
+import { useSettingStore } from "../settings";
+import { LocalStorage } from "/@/utils/util.storage";
+import { useUserStore } from "../user";
+
+export type ProjectItem = {
+  id: string;
+  name: string;
+  permission?: string;
+};
+
+export const useProjectStore = defineStore("app.project", () => {
+  const myProjects = ref([]);
+  const inited = ref(false);
+  const userStore = useUserStore();
+  const userId = userStore.getUserInfo?.id;
+  const lastProjectIdCacheKey = "currentProjectId:" + userId;
+  const lastProjectId = LocalStorage.get(lastProjectIdCacheKey);
+  const currentProjectId = ref(lastProjectId); // 直接调用
+
+  const projects = computed(() => {
+    return myProjects.value;
+  });
+  const currentProject = computed(() => {
+    if (currentProjectId.value) {
+      const project = projects.value.find(item => item.id === currentProjectId.value);
+      if (project) {
+        return project;
+      }
+    }
+    if (projects.value.length > 0) {
+      return projects.value[0];
+    }
+
+    return null;
+  });
+
+  const settingStore = useSettingStore();
+  const isEnterprise = computed(() => {
+    return settingStore.isEnterprise;
+  });
+
+  function getSearchForm() {
+    if (!currentProjectId.value || !isEnterprise.value) {
+      return {};
+    }
+    return {
+      projectId: currentProjectId.value,
+    };
+  }
+  async function loadMyProjects(): Promise<ProjectItem[]> {
+    if (!isEnterprise.value) {
+      return [];
+    }
+    const projects = await api.MyProjectList();
+    myProjects.value = projects;
+    if (projects.length > 0 && !currentProjectId.value) {
+      changeCurrentProject(projects[0].id, true);
+    }
+  }
+
+  function changeCurrentProject(id: string, silent?: boolean) {
+    currentProjectId.value = id;
+    LocalStorage.set(lastProjectIdCacheKey, id);
+    if (!silent) {
+      message.success("切换项目成功");
+    }
+  }
+
+  async function reload() {
+    inited.value = false;
+    await init();
+  }
+
+  async function init() {
+    if (!inited.value) {
+      await loadMyProjects();
+      inited.value = true;
+    }
+    return myProjects.value;
+  }
+
+  const isRead = computed(() => {
+    if (!isEnterprise.value) {
+      return true;
+    }
+    return currentProject.value;
+  });
+
+  const isWrite = computed(() => {
+    if (!isEnterprise.value) {
+      return true;
+    }
+    return currentProject.value?.permission === "write" || currentProject.value?.permission === "admin";
+  });
+
+  const isAdmin = computed(() => {
+    if (!isEnterprise.value) {
+      return true;
+    }
+    return currentProject.value?.permission === "admin";
+  });
+
+  function hasPermission(value: string) {
+    if (!isEnterprise.value) {
+      return true;
+    }
+    if (value === "read") {
+      return isRead.value;
+    } else if (value === "write") {
+      return isWrite.value;
+    } else if (value === "admin") {
+      return isAdmin.value;
+    }
+    return false;
+  }
+
+  function $reset() {
+    myProjects.value = [];
+    currentProjectId.value = "";
+  }
+
+  return {
+    projects,
+    myProjects,
+    currentProject,
+    currentProjectId,
+    isEnterprise,
+    isRead,
+    isWrite,
+    isAdmin,
+    getSearchForm,
+    loadMyProjects,
+    changeCurrentProject,
+    reload,
+    init,
+    $reset,
+    hasPermission,
+  };
+});

packages/ui/certd-client/src/store/settings/api.basic.ts

@@ -86,6 +86,9 @@ export type SysPublicSetting = {
   >;
   // 系统通知
   notice?: string;
+
+  // 管理员模式
+  adminMode?: "enterprise" | "saas";
 };
 export type SuiteSetting = {
   enabled?: boolean;

packages/ui/certd-client/src/store/settings/index.tsx

@@ -141,6 +141,9 @@ export const useSettingStore = defineStore({
     isComm(): boolean {
       return this.plusInfo?.isComm && (this.plusInfo?.expireTime === -1 || this.plusInfo?.expireTime > new Date().getTime());
     },
+    isEnterprise(): boolean {
+      return this.isPlus && this.sysPublic.adminMode === "enterprise";
+    },
     isAgent(): boolean {
       return this.siteEnv?.agent?.enabled === true;
     },

packages/ui/certd-client/src/style/common.less

@@ -6,6 +6,7 @@
 @import "./antdv4.less";
 @import "./certd.less";
 @import "./dark.less";
+@import "./vben.less";
 
 html,
 body {

packages/ui/certd-client/src/style/dark.less

@@ -1,7 +1,13 @@
-.dark{
-  .fs-page-header{
+.dark {
+  .fs-page-header {
     .title {
-        color: #d5d5d5 !important;
-      }
+      color: #d5d5d5 !important;
     }
+  }
+
+
+  .vben-normal-menu__item.is-active{
+    background-color: #3b3b3b !important;
+    }
+
 }

packages/ui/certd-client/src/style/vben.less

@@ -0,0 +1,3 @@
+.vben-normal-menu__item.is-active{
+background-color: #ebf1f6 !important;
+}

packages/ui/certd-client/src/vben/layouts/basic/header/header.vue

@@ -111,7 +111,7 @@ function clearPreferencesAndLogout() {
   <template v-for="slot in leftSlots.filter(item => item.index < REFERENCE_VALUE)" :key="slot.name">
     <slot :name="slot.name">
       <template v-if="slot.name === 'refresh'">
-        <VbenIconButton class="my-0 mr-1 rounded-md" @click="refresh">
+        <VbenIconButton class="my-0 mr-1 rounded-md hidden md:block" @click="refresh">
           <RotateCw class="size-4" />
         </VbenIconButton>
       </template>
@@ -131,7 +131,7 @@ function clearPreferencesAndLogout() {
     <template v-for="slot in rightSlots" :key="slot.name">
       <slot :name="slot.name">
         <template v-if="slot.name === 'global-search'">
-          <GlobalSearch :enable-shortcut-key="globalSearchShortcutKey" :menus="accessStore.accessMenus" class="mr-1 sm:mr-4" />
+          <GlobalSearch :enable-shortcut-key="globalSearchShortcutKey" :menus="accessStore.accessMenus" class="mr-1 sm:mr-4 hidden md:block" />
         </template>
 
         <template v-else-if="slot.name === 'preferences'">
@@ -144,7 +144,7 @@ function clearPreferencesAndLogout() {
           <LanguageToggle class="mr-1" />
         </template>
         <template v-else-if="slot.name === 'fullscreen'">
-          <VbenFullScreen class="mr-1" />
+          <VbenFullScreen class="mr-1 hidden md:block" />
         </template>
       </slot>
     </template>

packages/ui/certd-client/src/views/certd/access/access-selector/access/crud.tsx

@@ -3,6 +3,8 @@ import { ref } from "vue";
 import { getCommonColumnDefine } from "/@/views/certd/access/common";
 import { AddReq, CreateCrudOptionsProps, CreateCrudOptionsRet, DelReq, dict, EditReq, UserPageQuery, UserPageRes } from "@fast-crud/fast-crud";
 import { useI18n } from "/src/locales";
+import { useProjectStore } from "/@/store/project";
+import { useDicts } from "../../../dicts";
 
 export default function ({ crudExpose, context }: CreateCrudOptionsProps): CreateCrudOptionsRet {
   const { t } = useI18n();
@@ -39,11 +41,12 @@ export default function ({ crudExpose, context }: CreateCrudOptionsProps): Creat
     selectedRowKey.value = changed;
     ctx.emit("update:modelValue", changed[0]);
   };
-
+  const { myProjectDict } = useDicts();
   const typeRef = ref("aliyun");
   context.typeRef = typeRef;
   const commonColumnsDefine = getCommonColumnDefine(crudExpose, typeRef, api);
   commonColumnsDefine.type.form.component.disabled = true;
+  const projectStore = useProjectStore();
   return {
     typeRef,
     crudOptions: {
@@ -58,6 +61,9 @@ export default function ({ crudExpose, context }: CreateCrudOptionsProps): Creat
       },
       search: {
         show: true,
+        initialForm: {
+          ...projectStore.getSearchForm(),
+        },
       },
       form: {
         wrapper: {
@@ -141,6 +147,14 @@ export default function ({ crudExpose, context }: CreateCrudOptionsProps): Creat
           },
         },
         ...commonColumnsDefine,
+        projectId: {
+          title: t("certd.fields.projectName"),
+          type: "dict-select",
+          dict: myProjectDict,
+          form: {
+            show: false,
+          },
+        },
       },
     },
   };

packages/ui/certd-client/src/views/certd/access/crud.tsx

@@ -1,8 +1,10 @@
 // @ts-ignore
-import { useI18n } from "/src/locales";
-import { ref } from "vue";
-import { getCommonColumnDefine } from "/@/views/certd/access/common";
 import { AddReq, CreateCrudOptionsProps, CreateCrudOptionsRet, DelReq, dict, EditReq, UserPageQuery, UserPageRes } from "@fast-crud/fast-crud";
+import { ref } from "vue";
+import { useDicts } from "../dicts";
+import { useProjectStore } from "/@/store/project";
+import { getCommonColumnDefine } from "/@/views/certd/access/common";
+import { useI18n } from "/src/locales";
 
 export default function ({ crudExpose, context }: CreateCrudOptionsProps): CreateCrudOptionsRet {
   const { t } = useI18n();
@@ -29,6 +31,9 @@ export default function ({ crudExpose, context }: CreateCrudOptionsProps): Creat
 
   const typeRef = ref();
   const commonColumnsDefine = getCommonColumnDefine(crudExpose, typeRef, api);
+  const projectStore = useProjectStore();
+
+  const { myProjectDict } = useDicts();
   return {
     crudOptions: {
       request: {
@@ -42,6 +47,11 @@ export default function ({ crudExpose, context }: CreateCrudOptionsProps): Creat
           confirmMessage: "授权如果已经被使用，可能会导致流水线无法正常运行，请谨慎操作",
         },
       },
+      search: {
+        initialForm: {
+          ...projectStore.getSearchForm(),
+        },
+      },
       rowHandle: {
         width: 200,
         buttons: {
@@ -115,6 +125,14 @@ export default function ({ crudExpose, context }: CreateCrudOptionsProps): Creat
           },
         },
         ...commonColumnsDefine,
+        projectId: {
+          title: t("certd.fields.projectName"),
+          type: "dict-select",
+          dict: myProjectDict,
+          form: {
+            show: false,
+          },
+        },
       },
     },
   };

packages/ui/certd-client/src/views/certd/access/index.vue

@@ -22,7 +22,7 @@ export default defineComponent({
   setup() {
     const { t } = useI18n();
     const api = createAccessApi("user");
-    const { crudBinding, crudRef, crudExpose } = useFs({ createCrudOptions, context: { api } });
+    const { crudBinding, crudRef, crudExpose } = useFs({ createCrudOptions, context: { api, permission: { isProjectPermission: true } } });
 
     // 页面打开后获取列表数据
     onMounted(() => {

packages/ui/certd-client/src/views/certd/addon/index.vue

@@ -22,7 +22,10 @@ export default defineComponent({
   setup() {
     const api = createAddonApi({ from: "user", addonType: "" });
     addonProvide(api);
-    const { crudBinding, crudRef, crudExpose } = useFs({ createCrudOptions, context: { api } });
+    const { crudBinding, crudRef, crudExpose } = useFs({
+      createCrudOptions,
+      context: { api, permission: { isProjectPermission: true } },
+    });
 
     // 页面打开后获取列表数据
     onMounted(() => {

packages/ui/certd-client/src/views/certd/basic/group/index.vue

@@ -18,7 +18,12 @@ import createCrudOptions from "./crud";
 export default defineComponent({
   name: "BasicGroupManager",
   setup() {
-    const { crudBinding, crudRef, crudExpose } = useFs({ createCrudOptions, context: {} });
+    const { crudBinding, crudRef, crudExpose } = useFs({
+      createCrudOptions,
+      context: {
+        permission: { isProjectPermission: true },
+      },
+    });
 
     // 页面打开后获取列表数据
     onMounted(() => {

packages/ui/certd-client/src/views/certd/cert/domain/crud.tsx

@@ -12,6 +12,7 @@ import { useI18n } from "/src/locales";
 export default function ({ crudExpose, context }: CreateCrudOptionsProps): CreateCrudOptionsRet {
   const router = useRouter();
   const { t } = useI18n();
+  const { hasActionPermission } = context;
   const pageRequest = async (query: UserPageQuery): Promise<UserPageRes> => {
     return await api.GetList(query);
   };
@@ -96,6 +97,7 @@ export default function ({ crudExpose, context }: CreateCrudOptionsProps): Creat
             icon: "ion:add-circle-outline",
           },
           import: {
+            show: hasActionPermission("write"),
             title: "从域名提供商导入域名",
             type: "primary",
             text: "从域名提供商导入",
@@ -111,6 +113,7 @@ export default function ({ crudExpose, context }: CreateCrudOptionsProps): Creat
             },
           },
           syncExpirationDate: {
+            show: hasActionPermission("write"),
             title: "同步域名过期时间",
             type: "primary",
             icon: "ion:refresh-outline",

packages/ui/certd-client/src/views/certd/cert/domain/index.vue

@@ -10,7 +10,7 @@
     </template>
     <fs-crud ref="crudRef" v-bind="crudBinding">
       <template #pagination-left>
-        <a-tooltip :title="t('certd.batch_delete')">
+        <a-tooltip v-if="hasActionPermission('write')" :title="t('certd.batch_delete')">
           <fs-button icon="DeleteOutlined" @click="handleBatchDelete"></fs-button>
         </a-tooltip>
       </template>
@@ -25,13 +25,22 @@ import createCrudOptions from "./crud";
 import { message, Modal } from "ant-design-vue";
 import { DeleteBatch } from "./api";
 import { useI18n } from "/src/locales";
+import { useCrudPermission } from "/@/plugin/permission";
 
 const { t } = useI18n();
 
 defineOptions({
   name: "DomainManager",
 });
-const { crudBinding, crudRef, crudExpose, context } = useFs({ createCrudOptions });
+const context: any = {
+  permission: {
+    isProjectPermission: true,
+  },
+};
+
+const { hasActionPermission } = useCrudPermission({ permission: context.permission });
+context.hasActionPermission = hasActionPermission;
+const { crudBinding, crudRef, crudExpose } = useFs({ createCrudOptions, context });
 
 const selectedRowKeys = context.selectedRowKeys;
 const handleBatchDelete = () => {

packages/ui/certd-client/src/views/certd/cname/record/crud.tsx

@@ -8,6 +8,7 @@ import { useSettingStore } from "/@/store/settings";
 import { message, Modal } from "ant-design-vue";
 import CnameTip from "/@/components/plugins/cert/domains-verify-plan-editor/cname-tip.vue";
 import { useCnameImport } from "./use";
+import { useCrudPermission } from "/@/plugin/permission";
 export default function ({ crudExpose, context }: CreateCrudOptionsProps): CreateCrudOptionsRet {
   const crudBinding = crudExpose.crudBinding;
   const router = useRouter();
@@ -45,6 +46,8 @@ export default function ({ crudExpose, context }: CreateCrudOptionsProps): Creat
       { label: t("certd.validation_timed_out"), value: "timeout", color: "red" },
     ],
   });
+
+  const { hasActionPermission } = useCrudPermission(context);
   return {
     crudOptions: {
       settings: {
@@ -75,6 +78,7 @@ export default function ({ crudExpose, context }: CreateCrudOptionsProps): Creat
             icon: "ion:add-circle-outline",
           },
           import: {
+            show: hasActionPermission("write"),
             title: "导入CNAME记录",
             type: "primary",
             text: "批量导入",

packages/ui/certd-client/src/views/certd/cname/record/index.vue

@@ -12,7 +12,7 @@
     </template>
     <fs-crud ref="crudRef" v-bind="crudBinding">
       <template #pagination-left>
-        <a-tooltip :title="t('certd.batch_delete')">
+        <a-tooltip v-if="hasActionPermission('write')" :title="t('certd.batch_delete')">
           <fs-button icon="DeleteOutlined" @click="handleBatchDelete"></fs-button>
         </a-tooltip>
       </template>
@@ -27,13 +27,20 @@ import createCrudOptions from "./crud";
 import { message, Modal } from "ant-design-vue";
 import { DeleteBatch } from "./api";
 import { useI18n } from "/src/locales";
+import { useCrudPermission } from "/@/plugin/permission";
 
 const { t } = useI18n();
 
 defineOptions({
   name: "CnameRecord",
 });
-const { crudBinding, crudRef, crudExpose, context } = useFs({ createCrudOptions });
+
+const context: any = {
+  permission: { isProjectPermission: true },
+};
+
+const { hasActionPermission } = useCrudPermission(context);
+const { crudBinding, crudRef, crudExpose } = useFs({ createCrudOptions, context });
 
 const selectedRowKeys = context.selectedRowKeys;
 const handleBatchDelete = () => {

packages/ui/certd-client/src/views/certd/dicts.ts

@@ -0,0 +1,93 @@
+import { dict } from "@fast-crud/fast-crud";
+import { GetMyProjectList } from "./project/api";
+import { request } from "/@/api/service";
+
+const projectPermissionDict = dict({
+  data: [
+    {
+      value: "read",
+      label: "查看",
+      color: "cyan",
+      icon: "material-symbols:folder-eye-outline-sharp",
+    },
+    {
+      value: "write",
+      label: "修改",
+      color: "green",
+      icon: "material-symbols:edit-square-outline-rounded",
+    },
+    {
+      value: "admin",
+      label: "管理员",
+      color: "orange",
+      icon: "material-symbols:manage-accounts-rounded",
+    },
+  ],
+});
+
+const projectMemberStatusDict = dict({
+  data: [
+    {
+      value: "pending",
+      label: "待审核",
+      color: "orange",
+      icon: "material-symbols:hourglass-top",
+    },
+    {
+      value: "approved",
+      label: "已加入",
+      color: "green",
+      icon: "material-symbols:done-all",
+    },
+    {
+      value: "rejected",
+      label: "已拒绝",
+      color: "red",
+      icon: "material-symbols:close",
+    },
+  ],
+});
+
+const myProjectDict = dict({
+  url: "/enterprise/project/list",
+  getData: async () => {
+    const res = await GetMyProjectList();
+    return res;
+  },
+  value: "id",
+  label: "name",
+  immediate: false,
+  onReady: ({ dict }) => {
+    for (const item of dict.data) {
+      item.label = item.name;
+      item.value = item.id;
+    }
+  },
+});
+
+const userDict = dict({
+  url: "/basic/user/getSimpleUsers",
+  value: "id",
+  getData: async () => {
+    const res = await request({
+      url: "/basic/user/getSimpleUsers",
+      method: "POST",
+    });
+    return res;
+  },
+  immediate: false,
+  onReady: ({ dict }) => {
+    for (const item of dict.data) {
+      item.label = item.nickName || item.username || item.phoneCode + item.mobile;
+    }
+  },
+});
+
+export function useDicts() {
+  return {
+    projectPermissionDict,
+    myProjectDict,
+    userDict,
+    projectMemberStatusDict,
+  };
+}

packages/ui/certd-client/src/views/certd/history/crud.tsx

@@ -6,6 +6,8 @@ import { AddReq, CreateCrudOptionsProps, CreateCrudOptionsRet, DelReq, dict, Edi
 import { useUserStore } from "/@/store/user";
 import { useSettingStore } from "/@/store/settings";
 import { statusUtil } from "/@/views/certd/pipeline/pipeline/utils/util.status";
+import { useDicts } from "../dicts";
+import { useProjectStore } from "/@/store/project";
 
 export default function ({ crudExpose, context }: CreateCrudOptionsProps): CreateCrudOptionsRet {
   const router = useRouter();
@@ -31,6 +33,8 @@ export default function ({ crudExpose, context }: CreateCrudOptionsProps): Creat
   const settingStore = useSettingStore();
   const selectedRowKeys: Ref<any[]> = ref([]);
   context.selectedRowKeys = selectedRowKeys;
+  const { myProjectDict } = useDicts();
+  const projectStore = useProjectStore();
 
   return {
     crudOptions: {
@@ -64,6 +68,9 @@ export default function ({ crudExpose, context }: CreateCrudOptionsProps): Creat
         },
       },
       search: {
+        initialForm: {
+          ...projectStore.getSearchForm(),
+        },
         formItem: {
           labelCol: {
             style: {
@@ -195,17 +202,13 @@ export default function ({ crudExpose, context }: CreateCrudOptionsProps): Creat
             align: "center",
           },
         },
-        createTime: {
-          title: t("certd.fields.createTime"),
-          type: "datetime",
+        projectId: {
+          title: t("certd.fields.projectName"),
+          type: "dict-select",
+          dict: myProjectDict,
           form: {
             show: false,
           },
-          column: {
-            sorter: true,
-            width: 160,
-            align: "center",
-          },
         },
         updateTime: {
           title: t("certd.fields.updateTime"),

packages/ui/certd-client/src/views/certd/history/index.vue

@@ -5,7 +5,7 @@
     </template>
     <fs-crud ref="crudRef" v-bind="crudBinding">
       <template #pagination-left>
-        <a-tooltip :title="t('certd.batchDelete')">
+        <a-tooltip v-if="hasActionPermission('write')" :title="t('certd.batchDelete')">
           <fs-button icon="DeleteOutlined" @click="handleBatchDelete"></fs-button>
         </a-tooltip>
       </template>
@@ -20,13 +20,20 @@ import createCrudOptions from "./crud";
 import { message, Modal } from "ant-design-vue";
 import { DeleteBatch } from "./api";
 import { useI18n } from "/src/locales";
+import { useCrudPermission } from "/@/plugin/permission";
 
 const { t } = useI18n();
 
 defineOptions({
   name: "PipelineHistory",
 });
-const { crudBinding, crudRef, crudExpose, context } = useFs({ createCrudOptions });
+
+const context: any = {
+  permission: { isProjectPermission: true },
+};
+
+const { hasActionPermission } = useCrudPermission(context);
+const { crudBinding, crudRef, crudExpose } = useFs({ createCrudOptions, context });
 
 const selectedRowKeys = context.selectedRowKeys;
 const handleBatchDelete = () => {

packages/ui/certd-client/src/views/certd/monitor/cert/crud.tsx

@@ -10,6 +10,9 @@ import { notification } from "ant-design-vue";
 import CertView from "/@/views/certd/pipeline/cert-view.vue";
 import { useCertUpload } from "/@/views/certd/pipeline/cert-upload/use";
 import { useSettingStore } from "/@/store/settings";
+import { useProjectStore } from "/@/store/project";
+import { useDicts } from "../../dicts";
+import { useUserStore } from "/@/store/user";
 
 export default function ({ crudExpose, context }: CreateCrudOptionsProps): CreateCrudOptionsRet {
   const { t } = useI18n();
@@ -34,9 +37,10 @@ export default function ({ crudExpose, context }: CreateCrudOptionsProps): Creat
     return res;
   };
   const router = useRouter();
-
+  const { myProjectDict } = useDicts();
   const settingStore = useSettingStore();
-
+  const projectStore = useProjectStore();
+  const userStore = useUserStore();
   const model = useModal();
   const viewCert = async (row: any) => {
     const cert = await api.GetCert(row.id);
@@ -63,6 +67,7 @@ export default function ({ crudExpose, context }: CreateCrudOptionsProps): Creat
   const expireStatus = route?.query?.expireStatus as string;
   const searchInitForm = {
     expiresLeft: expireStatus,
+    ...projectStore.getSearchForm(),
   };
   return {
     crudOptions: {
@@ -137,7 +142,12 @@ export default function ({ crudExpose, context }: CreateCrudOptionsProps): Creat
                 notification.error({ message: t("certd.certificateNotGenerated") });
                 return;
               }
-              window.open("/api/monitor/cert/download?id=" + row.id);
+              let url = "/api/monitor/cert/download?id=" + row.id;
+              if (projectStore.isEnterprise) {
+                url += `&projectId=${projectStore.currentProject?.id}`;
+              }
+              url += `&token=${userStore.getToken}`;
+              window.open(url);
             },
           },
         },
@@ -227,9 +237,9 @@ export default function ({ crudExpose, context }: CreateCrudOptionsProps): Creat
               name: "fs-dict-select",
               dict: dict({
                 data: [
-                  { label: t("certd.monitor.cert.expired"), value: "expired" },
-                  { label: t("certd.monitor.cert.expiring"), value: "expiring" },
-                  { label: t("certd.monitor.cert.noExpired"), value: "noExpired" },
+                  { label: t("monitor.cert.expired"), value: "expired" },
+                  { label: t("monitor.cert.expiring"), value: "expiring" },
+                  { label: t("monitor.cert.noExpired"), value: "noExpired" },
                 ],
               }),
             },
@@ -344,6 +354,14 @@ export default function ({ crudExpose, context }: CreateCrudOptionsProps): Creat
             },
           },
         },
+        projectId: {
+          title: t("certd.fields.projectName"),
+          type: "dict-select",
+          dict: myProjectDict,
+          form: {
+            show: false,
+          },
+        },
       },
     },
   };

packages/ui/certd-client/src/views/certd/monitor/cert/index.vue

@@ -21,7 +21,7 @@ const { t } = useI18n();
 defineOptions({
   name: "CertStore",
 });
-const { crudBinding, crudRef, crudExpose } = useFs({ createCrudOptions, context: {} });
+const { crudBinding, crudRef, crudExpose } = useFs({ createCrudOptions, context: { permission: { isProjectPermission: true } } });
 
 // 页面打开后获取列表数据
 onMounted(() => {

packages/ui/certd-client/src/views/certd/monitor/site/crud.tsx

@@ -13,6 +13,9 @@ import { useSiteImport } from "/@/views/certd/monitor/site/use";
 import { ref } from "vue";
 import GroupSelector from "../../basic/group/group-selector.vue";
 import { createGroupDictRef } from "../../basic/group/api";
+import { useProjectStore } from "/@/store/project";
+import { useDicts } from "../../dicts";
+import { useCrudPermission } from "/@/plugin/permission";
 export default function ({ crudExpose, context }: CreateCrudOptionsProps): CreateCrudOptionsRet {
   const { t } = useI18n();
   const api = siteInfoApi;
@@ -37,7 +40,7 @@ export default function ({ crudExpose, context }: CreateCrudOptionsProps): Creat
     const res = await api.AddObj(form);
     return res;
   };
-
+  const { myProjectDict } = useDicts();
   const settingsStore = useSettingStore();
 
   const checkStatusDict = dict({
@@ -84,13 +87,13 @@ export default function ({ crudExpose, context }: CreateCrudOptionsProps): Creat
 
   function checkAll() {
     Modal.confirm({
-      title: t("certd.monitor.confirmTitle"), // "确认"
-      content: t("certd.monitor.confirmContent"), // "确认触发检查全部站点证书吗?"
+      title: t("monitor.confirmTitle"), // "确认"
+      content: t("monitor.confirmContent"), // "确认触发检查全部站点证书吗?"
       onOk: async () => {
         await siteInfoApi.CheckAll();
         notification.success({
-          message: t("certd.monitor.checkSubmitted"), // "检查任务已提交"
-          description: t("certd.monitor.pleaseRefresh"), // "请稍后刷新页面查看结果"
+          message: t("monitor.checkSubmitted"), // "检查任务已提交"
+          description: t("monitor.pleaseRefresh"), // "请稍后刷新页面查看结果"
         });
       },
     });
@@ -105,6 +108,9 @@ export default function ({ crudExpose, context }: CreateCrudOptionsProps): Creat
       return searchFrom.groupId;
     }
   }
+
+  const projectStore = useProjectStore();
+  const { hasActionPermission } = useCrudPermission({ permission: context.permission });
   return {
     id: "siteMonitorCrud",
     crudOptions: {
@@ -199,7 +205,7 @@ export default function ({ crudExpose, context }: CreateCrudOptionsProps): Creat
                 // 非plus
                 if (crudBinding.value.data.length >= 1) {
                   notification.error({
-                    message: t("certd.monitor.basicLimitError"),
+                    message: t("monitor.basicLimitError"),
                   });
                   mitter.emit("openVipModal");
                   return;
@@ -213,7 +219,7 @@ export default function ({ crudExpose, context }: CreateCrudOptionsProps): Creat
                 const max = suiteDetail.monitorCount.max;
                 if (max != -1 && max <= suiteDetail.monitorCount.used) {
                   notification.error({
-                    message: t("certd.monitor.limitExceeded", { max }),
+                    message: t("monitor.limitExceeded", { max }),
                   });
                   return;
                 }
@@ -227,8 +233,8 @@ export default function ({ crudExpose, context }: CreateCrudOptionsProps): Creat
           },
           //导入按钮
           import: {
-            show: true,
-            text: t("certd.monitor.bulkImport"),
+            show: hasActionPermission("write"),
+            text: t("monitor.bulkImport"),
             type: "primary",
             async click() {
               const defaultGroupId = getDefaultGroupId();
@@ -242,7 +248,7 @@ export default function ({ crudExpose, context }: CreateCrudOptionsProps): Creat
           },
           checkAll: {
             show: true,
-            text: t("certd.monitor.checkAll"),
+            text: t("monitor.checkAll"),
             type: "primary",
             click() {
               checkAll();
@@ -266,7 +272,7 @@ export default function ({ crudExpose, context }: CreateCrudOptionsProps): Creat
               await api.DoCheck(row.id);
               await crudExpose.doRefresh();
               notification.success({
-                message: t("certd.monitor.checkSubmittedRefresh"),
+                message: t("monitor.checkSubmittedRefresh"),
               });
             },
           },
@@ -276,7 +282,7 @@ export default function ({ crudExpose, context }: CreateCrudOptionsProps): Creat
             text: null,
             show: compute(({ row }) => row.ipCheck === true),
             tooltip: {
-              title: t("certd.monitor.ipManagement"),
+              title: t("monitor.ipManagement"),
             },
             icon: "entypo:address",
             click: async ({ row }) => {
@@ -289,6 +295,11 @@ export default function ({ crudExpose, context }: CreateCrudOptionsProps): Creat
       //   name: "disabled",
       //   show: true,
       // },
+      search: {
+        initialForm: {
+          ...projectStore.getSearchForm(),
+        },
+      },
       columns: {
         id: {
           title: "ID",
@@ -306,29 +317,29 @@ export default function ({ crudExpose, context }: CreateCrudOptionsProps): Creat
           },
         },
         name: {
-          title: t("certd.monitor.siteName"),
+          title: t("monitor.siteName"),
           search: {
             show: true,
           },
           type: "text",
           form: {
-            rules: [{ required: true, message: t("certd.monitor.enterSiteName") }],
+            rules: [{ required: true, message: t("monitor.enterSiteName") }],
           },
           column: {
             width: 160,
           },
         },
         domain: {
-          title: t("certd.monitor.domain"),
+          title: t("monitor.domain"),
           search: {
             show: true,
           },
           type: "text",
           form: {
             rules: [
-              { required: true, message: t("certd.monitor.enterDomain") },
+              { required: true, message: t("monitor.enterDomain") },
               // @ts-ignore
-              { type: "domains", message: t("certd.monitor.enterValidDomain") },
+              { type: "domains", message: t("monitor.enterValidDomain") },
             ],
           },
           column: {
@@ -349,14 +360,14 @@ export default function ({ crudExpose, context }: CreateCrudOptionsProps): Creat
           },
         },
         httpsPort: {
-          title: t("certd.monitor.httpsPort"),
+          title: t("monitor.httpsPort"),
           search: {
             show: false,
           },
           type: "number",
           form: {
             value: 443,
-            rules: [{ required: true, message: t("certd.monitor.enterPort") }],
+            rules: [{ required: true, message: t("monitor.enterPort") }],
           },
           column: {
             width: 100,
@@ -364,7 +375,7 @@ export default function ({ crudExpose, context }: CreateCrudOptionsProps): Creat
           },
         },
         certInfo: {
-          title: t("certd.monitor.certInfo"),
+          title: t("monitor.certInfo"),
           type: "text",
           form: { show: false },
           column: {
@@ -378,10 +389,10 @@ export default function ({ crudExpose, context }: CreateCrudOptionsProps): Creat
                   return (
                     <div>
                       <div>
-                        {t("certd.monitor.issuer")}: {row.certProvider}
+                        {t("monitor.issuer")}: {row.certProvider}
                       </div>
                       <div>
-                        {t("certd.monitor.certDomains")}: {row.certDomains}
+                        {t("monitor.certDomains")}: {row.certDomains}
                       </div>
                     </div>
                   );
@@ -396,7 +407,7 @@ export default function ({ crudExpose, context }: CreateCrudOptionsProps): Creat
           },
         },
         certDomains: {
-          title: t("certd.monitor.certDomains"),
+          title: t("monitor.certDomains"),
           search: {
             show: true,
           },
@@ -418,7 +429,7 @@ export default function ({ crudExpose, context }: CreateCrudOptionsProps): Creat
           },
         },
         certProvider: {
-          title: t("certd.monitor.certProvider"),
+          title: t("monitor.certProvider"),
           search: {
             show: false,
           },
@@ -436,15 +447,15 @@ export default function ({ crudExpose, context }: CreateCrudOptionsProps): Creat
           },
         },
         certStatus: {
-          title: t("certd.monitor.certStatus"),
+          title: t("monitor.certStatus"),
           search: {
             show: true,
           },
           type: "dict-select",
           dict: dict({
             data: [
-              { label: t("certd.monitor.status.ok"), value: "ok", color: "green" },
-              { label: t("certd.monitor.status.expired"), value: "expired", color: "red" },
+              { label: t("monitor.status.ok"), value: "ok", color: "green" },
+              { label: t("monitor.status.expired"), value: "expired", color: "red" },
             ],
           }),
           form: {
@@ -458,7 +469,7 @@ export default function ({ crudExpose, context }: CreateCrudOptionsProps): Creat
           },
         },
         checkStatus: {
-          title: t("certd.monitor.checkStatus"),
+          title: t("monitor.checkStatus"),
           search: {
             show: false,
           },
@@ -481,7 +492,7 @@ export default function ({ crudExpose, context }: CreateCrudOptionsProps): Creat
           },
         },
         certEffectiveTime: {
-          title: t("certd.monitor.certEffectiveTime"),
+          title: t("monitor.certEffectiveTime"),
           search: {
             show: false,
           },
@@ -496,7 +507,7 @@ export default function ({ crudExpose, context }: CreateCrudOptionsProps): Creat
           },
         },
         certExpiresTime: {
-          title: t("certd.monitor.certExpiresTime"),
+          title: t("monitor.certExpiresTime"),
           search: {
             show: false,
           },
@@ -510,7 +521,7 @@ export default function ({ crudExpose, context }: CreateCrudOptionsProps): Creat
           },
         },
         remainingValidity: {
-          title: t("certd.monitor.remainingValidity"),
+          title: t("monitor.remainingValidity"),
           search: {
             show: false,
           },
@@ -543,10 +554,24 @@ export default function ({ crudExpose, context }: CreateCrudOptionsProps): Creat
               const color = leftDays < certValidDays ? "red" : "#389e0d";
               const percent = (leftDays / effectiveDays) * 100;
               // console.log('cellRender', 'effectiveDays', effectiveDays, 'expiresTime', expiresTime, 'applyTime', applyTime, 'percent', percent, row)
-              return <a-progress title={expireDate + t("certd.monitor.expired")} percent={percent} strokeColor={color} format={(percent: number) => `${leftDays}${t("certd.monitor.days")}`} />;
+              return <a-progress title={expireDate + t("monitor.expired")} percent={percent} strokeColor={color} format={(percent: number) => `${leftDays}${t("monitor.days")}`} />;
             },
           },
         },
+        ipAddress: {
+          title: t("monitor.ipAddress"),
+          search: {
+            show: false,
+          },
+          type: "text",
+          form: {
+            helper: t("monitor.ipAddressHelper"),
+          },
+          column: {
+            width: 150,
+            sorter: true,
+          },
+        },
         groupId: {
           title: t("certd.fields.group"),
           type: "dict-select",
@@ -574,7 +599,7 @@ export default function ({ crudExpose, context }: CreateCrudOptionsProps): Creat
           },
         },
         remark: {
-          title: t("certd.monitor.remark"),
+          title: t("monitor.remark"),
           search: {
             show: false,
           },
@@ -589,7 +614,7 @@ export default function ({ crudExpose, context }: CreateCrudOptionsProps): Creat
           },
         },
         lastCheckTime: {
-          title: t("certd.monitor.lastCheckTime"),
+          title: t("monitor.lastCheckTime"),
           search: {
             show: false,
           },
@@ -603,7 +628,7 @@ export default function ({ crudExpose, context }: CreateCrudOptionsProps): Creat
           },
         },
         disabled: {
-          title: t("certd.monitor.disabled"),
+          title: t("monitor.disabled"),
           search: {
             show: false,
           },
@@ -652,7 +677,7 @@ export default function ({ crudExpose, context }: CreateCrudOptionsProps): Creat
         //   }
         // },
         ipCheck: {
-          title: t("certd.monitor.ipCheck"),
+          title: t("monitor.ipCheck"),
           type: "dict-switch",
           dict: dict({
             data: [
@@ -661,9 +686,9 @@ export default function ({ crudExpose, context }: CreateCrudOptionsProps): Creat
             ],
           }),
           form: {
-            helper: t("certd.monitor.ipCheckHelper"),
+            helper: t("monitor.ipCheckHelper"),
             value: false,
-            rules: [{ required: true, message: t("certd.monitor.selectRequired") }],
+            rules: [{ required: true, message: t("monitor.selectRequired") }],
           },
           column: {
             align: "center",
@@ -676,7 +701,7 @@ export default function ({ crudExpose, context }: CreateCrudOptionsProps): Creat
                 change({ row, $event }) {
                   Modal.confirm({
                     title: t("common.confirm"),
-                    content: t("certd.monitor.ipCheckConfirm", { status: $event ? t("common.enabled") : t("common.disabled") }),
+                    content: t("monitor.ipCheckConfirm", { status: $event ? t("common.enabled") : t("common.disabled") }),
                     onOk: async () => {
                       await api.IpCheckChange(row.id, $event);
                       await crudExpose.doRefresh();
@@ -694,7 +719,7 @@ export default function ({ crudExpose, context }: CreateCrudOptionsProps): Creat
           },
         } as ColumnCompositionProps,
         ipSyncAuto: {
-          title: t("certd.monitor.ipSyncAuto"),
+          title: t("monitor.ipSyncAuto"),
           type: "dict-switch",
           dict: dict({
             data: [
@@ -715,13 +740,13 @@ export default function ({ crudExpose, context }: CreateCrudOptionsProps): Creat
           },
         },
         ipSyncMode: {
-          title: t("certd.monitor.ipSyncMode"),
+          title: t("monitor.ipSyncMode"),
           type: "dict-select",
           dict: dict({
             data: [
-              { label: t("certd.monitor.ipSyncModeAll"), value: "all" },
-              { label: t("certd.monitor.ipSyncModeIPV4Only"), value: "ipv4" },
-              { label: t("certd.monitor.ipSyncModeIPV6Only"), value: "ipv6" },
+              { label: t("monitor.ipSyncModeAll"), value: "all" },
+              { label: t("monitor.ipSyncModeIPV4Only"), value: "ipv4" },
+              { label: t("monitor.ipSyncModeIPV6Only"), value: "ipv6" },
             ],
           }),
           form: {
@@ -729,7 +754,7 @@ export default function ({ crudExpose, context }: CreateCrudOptionsProps): Creat
             show: compute(({ form }) => {
               return form.ipSyncAuto;
             }),
-            helper: t("certd.monitor.ipSyncModeHelper"),
+            helper: t("monitor.ipSyncModeHelper"),
           },
           column: {
             width: 100,
@@ -738,7 +763,7 @@ export default function ({ crudExpose, context }: CreateCrudOptionsProps): Creat
           },
         },
         ipIgnoreCoherence: {
-          title: t("certd.monitor.ipIgnoreCoherence"),
+          title: t("monitor.ipIgnoreCoherence"),
           type: "dict-switch",
           dict: dict({
             data: [
@@ -751,7 +776,7 @@ export default function ({ crudExpose, context }: CreateCrudOptionsProps): Creat
             show: compute(({ form }) => {
               return form.ipCheck;
             }),
-            helper: t("certd.monitor.ipIgnoreCoherenceHelper"),
+            helper: t("monitor.ipIgnoreCoherenceHelper"),
           },
           column: {
             width: 100,
@@ -760,7 +785,7 @@ export default function ({ crudExpose, context }: CreateCrudOptionsProps): Creat
           },
         },
         pipelineId: {
-          title: t("certd.monitor.pipelineId"),
+          title: t("monitor.pipelineId"),
           search: {
             show: false,
           },
@@ -773,7 +798,7 @@ export default function ({ crudExpose, context }: CreateCrudOptionsProps): Creat
           },
         },
         certInfoId: {
-          title: t("certd.monitor.certInfoId"),
+          title: t("monitor.certInfoId"),
           search: {
             show: false,
           },
@@ -786,7 +811,7 @@ export default function ({ crudExpose, context }: CreateCrudOptionsProps): Creat
           },
         },
         error: {
-          title: t("certd.monitor.error"),
+          title: t("monitor.error"),
           search: {
             show: false,
           },
@@ -800,6 +825,14 @@ export default function ({ crudExpose, context }: CreateCrudOptionsProps): Creat
             },
           },
         },
+        projectId: {
+          title: t("certd.fields.projectName"),
+          type: "dict-select",
+          dict: myProjectDict,
+          form: {
+            show: false,
+          },
+        },
       },
     },
   };

packages/ui/certd-client/src/views/certd/monitor/site/index.vue

@@ -2,14 +2,14 @@
   <fs-page>
     <template #header>
       <div class="title flex items-center">
-        {{ t("certd.monitor.title") }}
+        {{ t("monitor.title") }}
         <div class="sub flex-1">
           <div>
-            {{ t("certd.monitor.description") }}
-            <router-link to="/certd/monitor/setting">{{ t("certd.monitor.settingLink") }}</router-link>
+            {{ t("monitor.description") }}
+            <router-link to="/certd/monitor/setting">{{ t("monitor.settingLink") }}</router-link>
           </div>
           <div class="flex items-center">
-            {{ t("certd.monitor.limitInfo") }}
+            {{ t("monitor.limitInfo") }}
             <vip-button class="ml-5" mode="nav"></vip-button>
           </div>
         </div>
@@ -34,7 +34,12 @@ const { t } = useI18n();
 defineOptions({
   name: "SiteCertMonitor",
 });
-const { crudBinding, crudRef, crudExpose, context } = useFs({ createCrudOptions });
+const context: any = {
+  permission: {
+    isProjectPermission: true,
+  },
+};
+const { crudBinding, crudRef, crudExpose } = useFs({ createCrudOptions, context });
 
 const handleBatchDelete = context.handleBatchDelete;
 

packages/ui/certd-client/src/views/certd/monitor/site/setting/index.vue

@@ -1,43 +1,43 @@
 <template>
   <fs-page class="page-user-settings page-site-monitor-setting">
     <template #header>
-      <div class="title">{{ t("certd.monitor.setting.siteMonitorSettings") }}</div>
+      <div class="title">{{ t("monitor.setting.siteMonitorSettings") }}</div>
     </template>
     <div class="user-settings-form settings-form">
       <a-form :model="formState" name="basic" :label-col="{ span: 8 }" :wrapper-col="{ span: 16 }" autocomplete="off">
-        <a-form-item :label="t('certd.monitor.setting.notificationChannel')" :name="['notificationId']">
+        <a-form-item :label="t('monitor.setting.notificationChannel')" :name="['notificationId']">
           <div class="flex">
             <NotificationSelector v-model="formState.notificationId" />
           </div>
-          <div class="helper">{{ t("certd.monitor.setting.setNotificationChannel") }}</div>
+          <div class="helper">{{ t("monitor.setting.setNotificationChannel") }}</div>
         </a-form-item>
-        <a-form-item :label="t('certd.monitor.setting.retryTimes')" :name="['retryTimes']">
+        <a-form-item :label="t('monitor.setting.retryTimes')" :name="['retryTimes']">
           <div class="flex">
             <a-input-number v-model:value="formState.retryTimes" />
           </div>
-          <div class="helper">{{ t("certd.monitor.setting.monitorRetryTimes") }}</div>
+          <div class="helper">{{ t("monitor.setting.monitorRetryTimes") }}</div>
         </a-form-item>
-        <a-form-item :label="t('certd.monitor.setting.certValidDays')" :name="['certValidDays']">
+        <a-form-item :label="t('monitor.setting.certValidDays')" :name="['certValidDays']">
           <div class="flex">
             <a-input-number v-model:value="formState.certValidDays" />
           </div>
-          <div class="helper">{{ t("certd.monitor.setting.certValidDaysHelper") }}</div>
+          <div class="helper">{{ t("monitor.setting.certValidDaysHelper") }}</div>
         </a-form-item>
-        <a-form-item :label="t('certd.monitor.setting.dnsServer')" :name="['dnsServer']">
+        <a-form-item :label="t('monitor.setting.dnsServer')" :name="['dnsServer']">
           <div class="flex">
             <a-select v-model:value="formState.dnsServer" :token-separators="[' ', ',', '，', '、', '|']" mode="tags" :open="false" />
           </div>
-          <div class="helper">{{ t("certd.monitor.setting.dnsServerHelper") }}</div>
+          <div class="helper">{{ t("monitor.setting.dnsServerHelper") }}</div>
         </a-form-item>
-        <a-form-item :label="t('certd.monitor.setting.monitorCronSetting')" :name="['cron']">
+        <a-form-item :label="t('monitor.setting.monitorCronSetting')" :name="['cron']">
           <div class="flex flex-baseline">
             <cron-editor v-model="formState.cron" :disabled="!settingsStore.isPlus" :allow-every-min="userStore.isAdmin" />
             <vip-button class="ml-5" mode="button"></vip-button>
           </div>
-          <div class="helper">{{ t("certd.monitor.setting.cronTrigger") }}</div>
+          <div class="helper">{{ t("monitor.setting.cronTrigger") }}</div>
         </a-form-item>
         <a-form-item label=" " :colon="false" :wrapper-col="{ span: 16 }">
-          <loading-button type="primary" html-type="button" :click="doSave">{{ t("certd.save") }}</loading-button>
+          <loading-button type="primary" html-type="button" :click="doSave" :disabled="!hasActionPermission('write')">{{ t("certd.save") }}</loading-button>
         </a-form-item>
       </a-form>
     </div>
@@ -55,6 +55,7 @@ import { utils } from "/@/utils";
 import NotificationSelector from "/@/views/certd/notification/notification-selector/index.vue";
 import { useI18n } from "/src/locales";
 import { useSettingStore } from "/src/store/settings";
+import { useCrudPermission } from "/@/plugin/permission";
 
 const { t } = useI18n();
 
@@ -73,6 +74,8 @@ async function loadUserSettings() {
   merge(formState, data);
 }
 
+const { hasActionPermission } = useCrudPermission({ permission: { isProjectPermission: true } });
+
 loadUserSettings();
 const doSave = async (form: any) => {
   await utils.sleep(300);

packages/ui/certd-client/src/views/certd/notification/common.tsx

@@ -5,6 +5,8 @@ import { forEach, get, merge, set } from "lodash-es";
 import { Modal } from "ant-design-vue";
 import { mitter } from "/@/utils/util.mitt";
 import { useI18n } from "/src/locales";
+import { useProjectStore } from "/@/store/project";
+import { useDicts } from "../dicts";
 
 export function notificationProvide(api: any) {
   provide("notificationApi", api);
@@ -26,6 +28,8 @@ export function getCommonColumnDefine(crudExpose: any, typeRef: any, api: any) {
     },
   };
 
+  const projectStore = useProjectStore();
+  const { myProjectDict } = useDicts();
   provide("getCurrentPluginDefine", () => {
     return currentDefine;
   });
@@ -247,5 +251,13 @@ export function getCommonColumnDefine(crudExpose: any, typeRef: any, api: any) {
         },
       },
     } as ColumnCompositionProps,
+    projectId: {
+      title: t("certd.fields.projectName"),
+      type: "dict-select",
+      dict: myProjectDict,
+      form: {
+        show: false,
+      },
+    },
   };
 }

packages/ui/certd-client/src/views/certd/notification/crud.tsx

@@ -2,6 +2,7 @@ import { ref } from "vue";
 import { getCommonColumnDefine } from "./common";
 import { AddReq, CreateCrudOptionsProps, CreateCrudOptionsRet, DelReq, EditReq, UserPageQuery, UserPageRes } from "@fast-crud/fast-crud";
 import { createNotificationApi } from "/@/views/certd/notification/api";
+import { useProjectStore } from "/@/store/project";
 const api = createNotificationApi();
 export default function ({ crudExpose, context }: CreateCrudOptionsProps): CreateCrudOptionsRet {
   const pageRequest = async (query: UserPageQuery): Promise<UserPageRes> => {
@@ -26,6 +27,7 @@ export default function ({ crudExpose, context }: CreateCrudOptionsProps): Creat
 
   const typeRef = ref();
   const commonColumnsDefine = getCommonColumnDefine(crudExpose, typeRef, api);
+  const projectStore = useProjectStore();
   return {
     crudOptions: {
       request: {
@@ -34,6 +36,11 @@ export default function ({ crudExpose, context }: CreateCrudOptionsProps): Creat
         editRequest,
         delRequest,
       },
+      search: {
+        initialForm: {
+          ...projectStore.getSearchForm(),
+        },
+      },
       form: {
         labelCol: {
           //固定label宽度

packages/ui/certd-client/src/views/certd/notification/index.vue

@@ -22,7 +22,7 @@ export default defineComponent({
   setup() {
     const api = createNotificationApi();
     notificationProvide(api);
-    const { crudBinding, crudRef, crudExpose } = useFs({ createCrudOptions, context: { api } });
+    const { crudBinding, crudRef, crudExpose } = useFs({ createCrudOptions, context: { api, permission: { isProjectPermission: true } } });
 
     // 页面打开后获取列表数据
     onMounted(() => {

packages/ui/certd-client/src/views/certd/notification/notification-selector/modal/crud.tsx

@@ -2,6 +2,7 @@
 import { ref } from "vue";
 import { getCommonColumnDefine } from "../../common";
 import { AddReq, CreateCrudOptionsProps, CreateCrudOptionsRet, DelReq, dict, EditReq, UserPageQuery, UserPageRes } from "@fast-crud/fast-crud";
+import { useProjectStore } from "/@/store/project";
 
 export default function ({ crudExpose, context }: CreateCrudOptionsProps): CreateCrudOptionsRet {
   const { crudBinding } = crudExpose;
@@ -29,6 +30,7 @@ export default function ({ crudExpose, context }: CreateCrudOptionsProps): Creat
     return res;
   };
 
+  const projectStore = useProjectStore();
   const selectedRowKey = ref([props.modelValue]);
 
   const onSelectChange = (changed: any) => {
@@ -54,6 +56,9 @@ export default function ({ crudExpose, context }: CreateCrudOptionsProps): Creat
       },
       search: {
         show: false,
+        initialForm: {
+          ...projectStore.getSearchForm(),
+        },
       },
       form: {
         labelCol: {

packages/ui/certd-client/src/views/certd/open/openkey/crud.tsx

@@ -3,6 +3,9 @@ import { useI18n } from "/src/locales";
 import { AddReq, CreateCrudOptionsProps, CreateCrudOptionsRet, DelReq, dict, EditReq, UserPageQuery, UserPageRes } from "@fast-crud/fast-crud";
 import { OPEN_API_DOC, openkeyApi } from "./api";
 import { useModal } from "/@/use/use-modal";
+import { useProjectStore } from "/@/store/project";
+import { computed } from "vue";
+import { useDicts } from "../../dicts";
 
 export default function ({ crudExpose, context }: CreateCrudOptionsProps): CreateCrudOptionsRet {
   const { t } = useI18n();
@@ -26,6 +29,8 @@ export default function ({ crudExpose, context }: CreateCrudOptionsProps): Creat
     const res = await api.AddObj(form);
     return res;
   };
+  const { myProjectDict } = useDicts();
+  const projectStore = useProjectStore();
   const model = useModal();
   return {
     crudOptions: {
@@ -37,6 +42,9 @@ export default function ({ crudExpose, context }: CreateCrudOptionsProps): Creat
       },
       search: {
         show: false,
+        initialForm: {
+          ...projectStore.getSearchForm(),
+        },
       },
       form: {
         labelCol: {
@@ -163,6 +171,22 @@ export default function ({ crudExpose, context }: CreateCrudOptionsProps): Creat
             sorter: true,
           },
         },
+        projectId: {
+          title: t("certd.fields.projectName"),
+          type: "dict-select",
+          dict: myProjectDict,
+          form: {
+            show: false,
+          },
+          column: {
+            show: computed(() => {
+              return projectStore.isEnterprise;
+            }),
+            width: 120,
+            align: "center",
+            sorter: true,
+          },
+        },
         createTime: {
           title: t("certd.fields.createTime"),
           type: "datetime",

packages/ui/certd-client/src/views/certd/open/openkey/index.vue

@@ -19,7 +19,7 @@ import { OPEN_API_DOC } from "/@/views/certd/open/openkey/api";
 defineOptions({
   name: "OpenKey",
 });
-const { crudBinding, crudRef, crudExpose } = useFs({ createCrudOptions, context: {} });
+const { crudBinding, crudRef, crudExpose } = useFs({ createCrudOptions, context: { permission: { isProjectPermission: true } } });
 
 // 页面打开后获取列表数据
 onMounted(() => {

packages/ui/certd-client/src/views/certd/pipeline/crud.tsx

@@ -14,8 +14,10 @@ import GroupSelector from "/@/views/certd/pipeline/group/group-selector.vue";
 import { statusUtil } from "/@/views/certd/pipeline/pipeline/utils/util.status";
 import { useCertViewer } from "/@/views/certd/pipeline/use";
 import { useI18n } from "/src/locales";
+import { useDicts } from "../dicts";
+import { useProjectStore } from "/@/store/project";
 
-export default function ({ crudExpose, context: { selectedRowKeys, openCertApplyDialog } }: CreateCrudOptionsProps): CreateCrudOptionsRet {
+export default function ({ crudExpose, context: { selectedRowKeys, openCertApplyDialog, hasActionPermission } }: CreateCrudOptionsProps): CreateCrudOptionsRet {
   const router = useRouter();
   const lastResRef = ref();
 
@@ -48,6 +50,7 @@ export default function ({ crudExpose, context: { selectedRowKeys, openCertApply
       delete form.lastVars;
       delete form.createTime;
       delete form.id;
+      delete form.webhook;
       let pipeline = form.content;
       if (typeof pipeline === "string" && pipeline.startsWith("{")) {
         pipeline = JSON.parse(form.content);
@@ -66,13 +69,15 @@ export default function ({ crudExpose, context: { selectedRowKeys, openCertApply
   const userStore = useUserStore();
   const settingStore = useSettingStore();
 
+  const projectStore = useProjectStore();
+  const { myProjectDict } = useDicts();
   const DEFAULT_WILL_EXPIRE_DAYS = settingStore.sysPublic.defaultWillExpireDays || settingStore.sysPublic.defaultCertRenewDays || 15;
 
   function onDialogOpen(opt: any) {
     const searchForm = crudExpose.getSearchValidatedFormData();
     opt.initialForm = {
-      ...opt.initialForm,
       groupId: searchForm.groupId,
+      ...opt.initialForm,
     };
   }
 
@@ -120,9 +125,11 @@ export default function ({ crudExpose, context: { selectedRowKeys, openCertApply
             click() {
               openCertApplyDialog({ key: "CertApply" });
             },
+            show: hasActionPermission("write"),
           },
           uploadCert: {
             order: 2,
+            show: hasActionPermission("write"),
             text: t("certd.commercialCertHosting"),
             type: "primary",
             tooltip: {
@@ -147,7 +154,9 @@ export default function ({ crudExpose, context: { selectedRowKeys, openCertApply
         },
       },
       search: {
-        col: { span: 3 },
+        initialForm: {
+          ...projectStore.getSearchForm(),
+        },
       },
       form: {
         afterSubmit({ form, res, mode }) {
@@ -201,6 +210,7 @@ export default function ({ crudExpose, context: { selectedRowKeys, openCertApply
             },
           },
           copy: {
+            show: hasActionPermission("write"),
             click: async context => {
               settingStore.checkPlus();
               const { ui } = useUi();
@@ -210,7 +220,7 @@ export default function ({ crudExpose, context: { selectedRowKeys, openCertApply
               row = info.pipeline;
               row.content = JSON.parse(row.content);
               row.title = row.title + "_copy";
-              await crudExpose.openCopy({
+              await crudExpose.openAdd({
                 row: row,
                 index: context.index,
               });
@@ -218,6 +228,7 @@ export default function ({ crudExpose, context: { selectedRowKeys, openCertApply
             class: "need-plus",
           },
           config: {
+            show: hasActionPermission("write"),
             order: 1,
             title: t("certd.actions.editPipeline"),
             type: "link",
@@ -228,6 +239,7 @@ export default function ({ crudExpose, context: { selectedRowKeys, openCertApply
             },
           },
           edit: {
+            show: hasActionPermission("write"),
             order: 2,
             title: t("certd.actions.editConfigGroup"),
             icon: "ant-design:setting-outlined",
@@ -440,6 +452,7 @@ export default function ({ crudExpose, context: { selectedRowKeys, openCertApply
           type: "dict-select",
           search: {
             show: true,
+            col: { span: 2 },
           },
           dict: dict({
             data: statusUtil.getOptions(),
@@ -544,6 +557,7 @@ export default function ({ crudExpose, context: { selectedRowKeys, openCertApply
           type: "dict-select",
           search: {
             show: true,
+            col: { span: 2 },
           },
           dict: dict({
             data: [
@@ -641,6 +655,22 @@ export default function ({ crudExpose, context: { selectedRowKeys, openCertApply
             },
           },
         },
+        projectId: {
+          title: t("certd.fields.projectName"),
+          type: "dict-select",
+          dict: myProjectDict,
+          form: {
+            show: false,
+          },
+          column: {
+            show: computed(() => {
+              return settingStore.isEnterprise;
+            }),
+            width: 120,
+            align: "center",
+            sorter: true,
+          },
+        },
         updateTime: {
           title: t("certd.fields.updateTime"),
           type: "datetime",

packages/ui/certd-client/src/views/certd/pipeline/group/crud.tsx

@@ -1,6 +1,8 @@
 import { useI18n } from "/src/locales";
 import { AddReq, CreateCrudOptionsProps, CreateCrudOptionsRet, DelReq, dict, EditReq, UserPageQuery, UserPageRes } from "@fast-crud/fast-crud";
 import { pipelineGroupApi } from "./api";
+import { useProjectStore } from "/@/store/project";
+import { useDicts } from "../../dicts";
 
 export default function ({ crudExpose, context }: CreateCrudOptionsProps): CreateCrudOptionsRet {
   const { t } = useI18n();
@@ -25,6 +27,8 @@ export default function ({ crudExpose, context }: CreateCrudOptionsProps): Creat
     return res;
   };
 
+  const projectStore = useProjectStore();
+  const { myProjectDict } = useDicts();
   return {
     crudOptions: {
       settings: {
@@ -44,6 +48,11 @@ export default function ({ crudExpose, context }: CreateCrudOptionsProps): Creat
         editRequest,
         delRequest,
       },
+      search: {
+        initialForm: {
+          ...projectStore.getSearchForm(),
+        },
+      },
       form: {
         labelCol: {
           //固定label宽度
@@ -127,6 +136,14 @@ export default function ({ crudExpose, context }: CreateCrudOptionsProps): Creat
             width: 400,
           },
         },
+        projectId: {
+          title: t("certd.fields.projectName"),
+          type: "dict-select",
+          dict: myProjectDict,
+          form: {
+            show: false,
+          },
+        },
       },
     },
   };

packages/ui/certd-client/src/views/certd/pipeline/group/index.vue

@@ -14,12 +14,16 @@
 import { defineComponent, onActivated, onMounted } from "vue";
 import { useFs } from "@fast-crud/fast-crud";
 import createCrudOptions from "./crud";
-import { createApi } from "./api";
 
 export default defineComponent({
   name: "PipelineGroupManager",
   setup() {
-    const { crudBinding, crudRef, crudExpose } = useFs({ createCrudOptions, context: {} });
+    const { crudBinding, crudRef, crudExpose } = useFs({
+      createCrudOptions,
+      context: {
+        permission: { isProjectPermission: true },
+      },
+    });
 
     // 页面打开后获取列表数据
     onMounted(() => {

packages/ui/certd-client/src/views/certd/pipeline/index.vue

@@ -13,7 +13,7 @@
     </a-alert> -->
     <fs-crud ref="crudRef" v-bind="crudBinding">
       <template #actionbar-right>
-        <a-dropdown class="ml-1">
+        <a-dropdown v-if="hasActionPermission('write')" class="ml-1">
           <a-button type="primary" class="ant-dropdown-link" @click.prevent>
             {{ t("certd.pipelinePage.addMore") }}
             <DownOutlined />
@@ -37,11 +37,11 @@
       <div v-if="selectedRowKeys.length > 0" class="batch-actions">
         <div class="batch-actions-inner">
           <span>{{ t("certd.selectedCount", { count: selectedRowKeys.length }) }}</span>
-          <fs-button icon="ion:trash-outline" class="color-red" type="link" :text="t('certd.batchDelete')" @click="batchDelete"></fs-button>
+          <fs-button v-if="hasActionPermission('write')" icon="ion:trash-outline" class="color-red" type="link" :text="t('certd.batchDelete')" @click="batchDelete"></fs-button>
           <batch-rerun :selected-row-keys="selectedRowKeys" @change="batchFinished"></batch-rerun>
-          <change-group :selected-row-keys="selectedRowKeys" @change="batchFinished"></change-group>
-          <change-notification :selected-row-keys="selectedRowKeys" @change="batchFinished"></change-notification>
-          <change-trigger :selected-row-keys="selectedRowKeys" @change="batchFinished"></change-trigger>
+          <change-group v-if="hasActionPermission('write')" :selected-row-keys="selectedRowKeys" @change="batchFinished"></change-group>
+          <change-notification v-if="hasActionPermission('write')" :selected-row-keys="selectedRowKeys" @change="batchFinished"></change-notification>
+          <change-trigger v-if="hasActionPermission('write')" :selected-row-keys="selectedRowKeys" @change="batchFinished"></change-trigger>
         </div>
       </div>
       <template #form-bottom>
@@ -68,6 +68,7 @@ import { useSettingStore } from "/@/store/settings";
 import { groupDictRef } from "./group/dicts";
 import { useCertPipelineCreator } from "./certd-form/use";
 import { useRouter } from "vue-router";
+import { useCrudPermission } from "/@/plugin/permission";
 
 defineOptions({
   name: "PipelineManager",
@@ -106,7 +107,10 @@ function openCertApplyDialog(req: { key: string; title: string }) {
   openAddCertdPipelineDialog({ pluginName: req.key, defaultGroupId, title: req.title });
 }
 context.openCertApplyDialog = openCertApplyDialog;
+context.permission = { isProjectPermission: true };
 
+const { hasActionPermission } = useCrudPermission({ permission: { isProjectPermission: true } });
+context.hasActionPermission = hasActionPermission;
 const { crudBinding, crudRef, crudExpose } = useFs({ createCrudOptions, context });
 
 // 页面打开后获取列表数据

packages/ui/certd-client/src/views/certd/pipeline/pipeline/component/task-form/index.vue

@@ -49,6 +49,7 @@
                   </div>
                 </template>
               </v-draggable>
+              <div v-if="currentTask.steps?.length > 0" class="helper mt-6">任务步骤会串行执行，如果前面步骤失败，后面的步骤不会运行</div>
             </a-form-item>
           </div>
         </a-form>

packages/ui/certd-client/src/views/certd/pipeline/pipeline/index.vue

@@ -1,7 +1,7 @@
 <template>
   <fs-page v-if="pipeline" class="page-pipeline-edit">
     <template #header>
-      <div class="title flex-1">
+      <div class="title flex-0">
         <fs-button class="back" icon="ion:chevron-back-outline" @click="goBack"></fs-button>
         <text-editable v-model="pipeline.title" :hover-show="false" :disabled="!editMode"></text-editable>
       </div>
@@ -46,7 +46,7 @@
             </span>
           </a-tag>
         </div>
-        <div class="basis-40 flex justify-end mr-10">
+        <div v-if="hasActionPermission('write')" class="basis-40 flex justify-end mr-10">
           <template v-if="editMode">
             <fs-button type="primary" :loading="saveLoading" @click="save">保存</fs-button>
             <fs-button class="ml-5" @click="cancel">取消</fs-button>
@@ -333,6 +333,7 @@ import { getCronNextTimes } from "/@/components/cron-editor/utils";
 import { useCertViewer } from "/@/views/certd/pipeline/use";
 import { useI18n } from "/@/locales";
 import TriggerIcon from "./component/trigger-icon.vue";
+import { useCrudPermission } from "/@/plugin/permission";
 
 export default defineComponent({
   name: "PipelineEdit",
@@ -1002,12 +1003,15 @@ export default defineComponent({
     const hasWebhookTrigger = computed(() => {
       return currentPipeline.value?.triggers?.some((item: any) => item.type === "webhook");
     });
+
+    const { hasActionPermission } = useCrudPermission({ permission: { isProjectPermission: true } });
     return {
       isCert,
       pipeline,
       currentHistory,
       histories,
       goBack,
+      hasActionPermission,
       userStore,
       settingStore,
       ...useTaskRet,

packages/ui/certd-client/src/views/certd/pipeline/sub-domain/index.vue

@@ -17,7 +17,7 @@
     </template>
     <fs-crud ref="crudRef" v-bind="crudBinding">
       <template #pagination-left>
-        <a-tooltip :title="t('certd.batchDelete')">
+        <a-tooltip v-if="hasActionPermission('write')" :title="t('certd.batchDelete')">
           <fs-button icon="DeleteOutlined" @click="handleBatchDelete"></fs-button>
         </a-tooltip>
       </template>
@@ -32,13 +32,21 @@ import createCrudOptions from "./crud";
 import { message, Modal } from "ant-design-vue";
 import { DeleteBatch } from "./api";
 import { useI18n } from "/src/locales";
+import { useCrudPermission } from "/@/plugin/permission";
 
 const { t } = useI18n();
 
 defineOptions({
   name: "CnameRecord",
 });
-const { crudBinding, crudRef, crudExpose, context } = useFs({ createCrudOptions });
+const context: any = {
+  permission: {
+    isProjectPermission: true,
+  },
+};
+const { hasActionPermission } = useCrudPermission({ permission: context.permission });
+context.hasActionPermission = hasActionPermission;
+const { crudBinding, crudRef, crudExpose } = useFs({ createCrudOptions, context });
 
 const selectedRowKeys = context.selectedRowKeys;
 const handleBatchDelete = () => {