Support displaying configs only to team members

[nobodyiam]

Purpose

To support displaying configs only to team members for some specific environments.

For some configs such as database connection strings, users would like to make them hidden from non-team members, especially in production environment.

Brief Changes

1. Added a new config configView.memberOnly.envs to config which environments should hide private namespace configs from non-team memebers.
2. Adjusted apollo-portal's controller and front end logic to hide configs, release histories from non-team members.
3. For those environments configured in configView.memberOnly.envs, only super admin, app admin and those who have either modification or release permissons can see private namespace configs and release histories.
4. Public namespaces are always open to every user.

Usage

Simply config configView.memberOnly.envs in system configuration page(/server_config.html).

And non-team member will see the following page:

[codecov-io]

Codecov Report

Merging #1531 into master will decrease coverage by 0.16%.
The diff coverage is 0%.

@@             Coverage Diff             @@
##             master   #1531      +/-   ##
===========================================
- Coverage     48.86%   48.7%   -0.17%     
- Complexity     1893    1895       +2     
===========================================
  Files           393     393              
  Lines         11435   11484      +49     
  Branches       1176    1187      +11     
===========================================
+ Hits           5588    5593       +5     
- Misses         5419    5463      +44     
  Partials        428     428

Impacted Files	Coverage Δ	Complexity Δ
...framework/apollo/portal/entity/bo/NamespaceBO.java	62.06% <0%> (-19.75%)	11 <0> (ø)
...ework/apollo/portal/controller/ItemController.java	1.51% <0%> (-0.34%)	1 <0> (ø)
...o/portal/controller/NamespaceBranchController.java	3.22% <0%> (-0.35%)	1 <0> (ø)
...ork/apollo/portal/controller/CommitController.java	16.66% <0%> (-8.34%)	1 <0> (ø)
...k/apollo/portal/component/PermissionValidator.java	3.22% <0%> (-0.78%)	1 <0> (ø)
...k/apollo/portal/component/config/PortalConfig.java	20.89% <0%> (-1.69%)	8 <0> (ø)
.../apollo/portal/controller/NamespaceController.java	3.27% <0%> (-0.5%)	2 <0> (ø)
...lo/portal/controller/ReleaseHistoryController.java	25% <0%> (-25%)	1 <0> (ø)
...rk/apollo/portal/controller/ReleaseController.java	1.63% <0%> (-0.12%)	1 <0> (ø)
...work/apollo/biz/message/DatabaseMessageSender.java	66.66% <0%> (+10.41%)	8% <0%> (+2%)	⬆️

---

Continue to review full report at Codecov.

Legend - Click here to learn more
Δ = absolute <relative> (impact), ø = not affected, ? = missing data
Powered by Codecov. Last update b3fb3fa...1794d3d. Read the comment docs.

[coveralls]

Coverage decreased (-0.2%) to 52.429% when pulling 1794d3d on nobodyiam:config-view-member-only into b3fb3fa on ctripcorp:master.

[wkcaeser]

只有添加某个用为项目管理员，这个用户登录的时候才能看到项目，但是添加成管理员以后，用户就对这个项目的所有配置都能查看了。 我现在的解决办法先添加管理员，然后用这个用户去登录查看一下项目，这时在最近访问列表就能看到项目了，然后把这个用户从项目管理员列表删除，然后分配namespace的权限来控制它的访问权限。 有啥其他的解决办法么？或者后期会不会优化这块的逻辑？ configView.memberOnly.envs这个配置我的理解应该是能够达到效果的，但是问题在于不添加管理员账户就无法查看项目，项目只有管理员权限么？

[nobodyiam]

问题在于不添加管理员账户就无法查看项目

其他用户可以通过页面上方的搜索功能找到项目

[funlake]

多个项目共用一套数据库连接配置，如何操作?
我不想把数据库连接暴露给无关人员。

如果是公用namespace,里面的配置，可共享给所有项目，但所有人可见，不安全。
如果是私有namespace,不可共享，意味着每个项目必须自己冗余管理多一份数据库连接参数配置，可行，但很繁琐
我理解有误吗？如果没有，请问有什么方式可以实现这种需求吗

[nobodyiam]

数据库连接这类配置还是建议加密存储，在sdk层做解密后去连接数据库。
因为即使在页面上做了查看权限的控制，这份配置还是会明文下发到应用程序的，可以被其它人获取到。

[kikupotter]

在我的生产环境中遇到了跟 @funlake 一样的问题,我现在要为每个项目单独新建一个私有的namespace来管理这些私密的账号信息，还有各类的授权。确实比较繁琐。
@nobodyiam 我觉得这个在公共namespace中能够隐藏一些特定关键字的value值是很必要的，最起码在第一层就可以防止用户去获知敏感账号信息。

[nobodyiam]

@kikupotter 这块可以考虑增加单独的查看权限来实现，不过在结合公共namespace的时候可能会有些问题，还得仔细考虑一下，如果有好的建议也欢迎提出~