[Fix-18276][API] Fix alert plugin instance permission check

[ruanwenjun]

Was this PR generated or assisted by AI?

YES. The implementation and tests were assisted by OpenAI Codex, then reviewed and verified locally.

Purpose of the pull request

Fixes #18276.

Fix alert plugin instance permission checks so alert plugin instance APIs consistently validate the current user's operation-level permission before returning alert plugin instance data.

Brief change log

• Pass the login user into alert plugin instance list and duplicate-name check service APIs.
• Add operation-level permission checks for alert plugin instance list, page query, and name verification flows.
• Keep alert plugin instance checks operation-scoped without deriving fake per-instance resource permissions from alert plugin definitions.
• Add service and controller tests for the permission checks.

Verify this pull request

This change added tests and can be verified as follows:

• ./mvnw -pl dolphinscheduler-api -am -DskipITs -DskipTests=false -Dsurefire.failIfNoSpecifiedTests=false -Djacoco.skip=true -Dtest=AlertPluginInstanceServiceTest,AlertPluginInstanceControllerTest test
• ./mvnw -pl dolphinscheduler-api -am -DskipITs -DskipTests=false -Dsurefire.failIfNoSpecifiedTests=false -Djacoco.skip=true -Dtest=AlertPluginInstanceResourcePermissionCheckTest test
• ./mvnw -pl dolphinscheduler-dao -am -DskipITs -DskipTests=false -Dsurefire.failIfNoSpecifiedTests=false -Djacoco.skip=true -Dtest=AlertPluginInstanceMapperTest test
• git diff --check

Pull Request Notice

Pull Request Notice

[sonarqubecloud]

Quality Gate failed

Failed conditions
0.0% Coverage on New Code (required ≥ 60%)

See analysis details on SonarQube Cloud

[ruanwenjun]

Since the current alert group instances lack user information, it is not possible to implement more granular permission management.

[SbloodyS]

LGTM