2024年7月

1 1. Technical Programme
- 1.1 1.1 Technical Framwork
- 1.2 1.2 Functional Description
2 2. Operating Instructions
- 2.1 2.1 Preparation
  - 2.1.1 2.1.1 Preparation Before Start-up
- 2.2 2.2 Log in
- 2.3 2.3 Configuring GC Information
  - 2.3.1 2.3.1 Group Added When the User Log In
  - 2.3.2 2.3.2 Timed Task Setting
  - 2.3.3 2.3.3 Whitelist Group Setting
- 2.4 2.4 People Management
  - 2.4.1 2.4.1 License Moving Users Out of License

1. Technical Programme

1.1 Technical Framwork

Group Change project based on the Confluence system to achieve the Confluence user group change and licence group management, in order to meet the network security, at the same time with the two-way request of the internal and external networks, the system will be deployed in the DMZ area. The system is implemented based on SpringBoot+VUE and deployed in an independent database.

Secure Authentication

The system has independent operation and maintenance management, and its login authentication is based on basic JTW token authentication, JWT adopts symmetric encryption by RSA, and the access is filtered and verified by carrying the request header.

Plug-in Integration

JIRA has been integrated with the Group Change system and uses it without login by authorizing users in JIRA.

Synchronization

The synchronization business system has a bi-directional API request to meet the bi-directional synchronization.

API Access

Synchronization business can realize API access to external JIRA site through proxy mode, and also can directly expose intranet JIRA API access through the network.

Task Scheduling

Based on Quartz task scheduling framework, it realizes the execution of tasks through the configuration of different time interval granularity.

Network Isolation

The DMZ is isolated from the intranet environment. In order to realize plug-in integration access, it is necessary to open the port access between the intranet and the DMZ environment. If you need to expose the API, you need to configure DNAT rules to realize external API access.

1.2 Functional Description

The system provides the functions of group change configuration, white list configuration, license configuration, scheduled task opening, and viewing the login information of JIRA users. The overall function module is roughly as follows:

Prerequisite Functions:

The admin account can configure the Group Change information, and other accounts will trigger the change logic to execute based on the configured Group Change information only when they log in.
The admin account is the only super administrator account.

GC Config

Group Change配置from group、to group、白名单、license group和定时任务，将自定义天数未登录的JIRA用户移出license组。选择用户登陆时是否开启Group Change配置，以及是否启用每日定时任务。

User Manage

实现直观分页查看JIRA用户的个人信息以及登录信息包括用户名、邮箱、最后登录时间、总计登录次数、登陆失败次数。可以批量选择或者将指定用户移出license组。

Function Module:

1. GC Config

Group Change configures from group, to group, whitelist, license group and timed tasks to move JIRA users who have not logged in for a customized number of days out of the license group. Select whether to open Group Change configuration when users log in, and whether to enable daily timed tasks.

2. User Manage

Realize intuitive paging to view the personal information and login information of JIRA users, including user name, email address, last login time, total login times and login failure times. You can select or remove the specified users from the license group in batches.

2. Operating Instructions

2.1 Preparation

2.1.1 Preparation Before Start-up

Database Creation Configuring Database Connection Methods

Start the Sync backend Main.class

Start the frontend npm run dev

Starting nginx

2.1.2 Configuring nginx

Nginx.config

worker_processes 1;

events {

worker_connections 1024;

}

http {

include mime.types;

default_type application/octet-stream;

sendfile on;

keepalive_timeout 65;

server {

listen 4000;

server_name localhost;

location / {

proxy_pass http://localhost:4010/;

}

location /user-authorized/ {

proxy_pass http://localhost:8081/;

}

2.2 Log in

Login to the JIRA system and verify username and password in the backend.

2.3 Configuring GC Information

2.3.1 Group Added When the User Log In

On the application management page, click GC Config to enter the configuration page to configure, and then initiate the enable function at login.

Take user2 as an example, before logging in, it was in group1 and permission group. Then log in to the user2 account.

After logging in, query the user2 information again, and it has been added to group3 (there is a check here. If the number of existing licenses exceeds or is equal to the maximum number of licenses in the system, the operation of adding a group will not be performed).

2.3.2 Timed Task Setting

There are also timed tasks, moving unlogged-in users with a custom number of days out of the configured license group (unaffected if the user is in a configured whitelisted group) , and adding people from the To Group to the From Group on a daily basis (custom requirement).

2.3.3 Whitelist Group Setting

Customize the white list group. Users in this white list group will not be affected by regularly cleaning up the license of unregistered users.

2.4 People Management

In user management, you can view all the JIRA users by page, including user name, email address, last login time, login failure times and user creation time.

2.4.1 License Moving Users Out of License

Select users to move out of the license in batches, or specify a single user to move out of the license group.

Move user2 out of the license here, and then check the group situation of user2.

User2 is no longer in group3, that is the configured license group (the move out license feature is not affected by whitelisting).

IGS Uranus App Release Notes

Uranus Flexible License for Jira