feat(REQ-3714): 不在管辖范围优先提示

2025-03-14 16:30:39 +08:00 · 2025-03-14 16:30:39 +08:00 · 333f782554
commit 333f782554
parent c9309f5ad7
2 changed files with 71 additions and 37 deletions
--- a/orgmanax-server/src/main/java/cn/axzo/orgmanax/server/nodeuser/dto/CheckUserOperateParam.java
+++ b/orgmanax-server/src/main/java/cn/axzo/orgmanax/server/nodeuser/dto/CheckUserOperateParam.java
@ -7,6 +7,7 @@ import lombok.Data;
 import lombok.NoArgsConstructor;
 import org.apache.commons.lang3.ObjectUtils;
 import java.util.List;
 import java.util.Set;
 /**
@ -22,6 +23,7 @@ public class CheckUserOperateParam {
    private Set<Long> personIds;
    private Long workspaceId;
    private boolean isWorkspace;
    private List<Long> topNodeIds;
    public void check() {
        if (ObjectUtils.anyNull(personIds, workspaceId, operatorId)) {
--- a/orgmanax-server/src/main/java/cn/axzo/orgmanax/server/nodeuser/service/impl/NodeUserCheckServiceImpl.java
+++ b/orgmanax-server/src/main/java/cn/axzo/orgmanax/server/nodeuser/service/impl/NodeUserCheckServiceImpl.java
@ -153,6 +153,7 @@ public class NodeUserCheckServiceImpl implements NodeUserCheckService {
                .operatorId(req.getOperatorId())
                .personIds(req.getPersonIds())
                .workspaceId(req.getWorkspaceId())
                .topNodeIds(Collections.singletonList(topNodeId))
                .build(), failInfoMap);
        transformFailMap(failInfoMap, resultList);
        return resultList;
@ -207,7 +208,7 @@ public class NodeUserCheckServiceImpl implements NodeUserCheckService {
        List<NodeUserDTO> nodeUsers = nodeUserService.list(query);
        // 校验当前操作人
-        checkPermission(nodeUsers, personId, nodePersonIds);
+        checkPermission(nodeUsers, personId, req.getPersonIds());
        if (CollUtil.isEmpty(nodeUsers)) {
            req.getPersonIds().forEach(e -> {
@ -228,6 +229,25 @@ public class NodeUserCheckServiceImpl implements NodeUserCheckService {
            }
        }
        // 检查节点权限
        boolean noTInJurisdiction = checkUserOperate(CheckUserOperateParam.builder()
                .operatorId(req.getOperatorId())
                .personIds(req.getPersonIds())
                .workspaceId(req.getWorkspaceId())
                .isWorkspace(true)
                .topNodeIds(nodeIds)
                .build(), failInfoMap);
        if (!noTInJurisdiction) {
            req.getPersonIds().forEach(e -> {
                BatchDeleteNodeUserCheckResp.CheckFailInfo checkFailInfo = new BatchDeleteNodeUserCheckResp.CheckFailInfo();
                checkFailInfo.setType(CheckInfoTypeEnum.NOT_IN_JURISDICTION);
                addFailInfo(failInfoMap, e, checkFailInfo);
            });
            transformFailMap(failInfoMap, resultList);
            return resultList;
        }
        Set<Long> teamLeadPersonSet = new HashSet<>();
        nodeUsers.stream().filter(e -> e.getIdentityType().equals(IdentityType.WORKER_LEADER.getCode())).forEach(e -> {
            BatchDeleteNodeUserCheckResp.CheckFailInfo checkFailInfo = new BatchDeleteNodeUserCheckResp.CheckFailInfo();
@ -246,6 +266,7 @@ public class NodeUserCheckServiceImpl implements NodeUserCheckService {
        roleUserParam.setWorkspaceOuPairs(workspaceOuPairList);
        roleUserParam.setPersonIds(req.getPersonIds());
        roleUserParam.setNeedRole(true);
        roleUserParam.setPageSize(1000);
        List<RoleUserResp> saasRoleUserInfo = roleUserGateway.pageAll(roleUserParam);
        saasRoleUserInfo = saasRoleUserInfo.stream().filter(e -> Objects.nonNull(e.getRole())).collect(Collectors.toList());
@ -266,13 +287,7 @@ public class NodeUserCheckServiceImpl implements NodeUserCheckService {
                addFailInfo(failInfoMap, e.getPersonId(), checkFailInfo);
            }
        });
-        // 检查节点权限
+
        checkUserOperate(CheckUserOperateParam.builder()
                .operatorId(req.getOperatorId())
                .personIds(req.getPersonIds())
                .workspaceId(req.getWorkspaceId())
                .isWorkspace(true)
                .build(), failInfoMap);
        // 三方阻断校验
        thirdApiCheckPerson(req.getWorkspaceId(), req.getPersonIds(), failInfoMap);
        transformFailMap(failInfoMap, resultList);
@ -280,10 +295,11 @@ public class NodeUserCheckServiceImpl implements NodeUserCheckService {
    }
    private List<PageRoleUserReq.WorkspaceOuPair> transformWorkspaceOuPair(List<NodeUserDTO> nodeUsers) {
-        return nodeUsers.stream().map(e -> {
+        Map<Long, Long> worspaceOuPairMap = nodeUsers.stream().collect(Collectors.toMap(NodeUserDTO::getWorkspaceId, NodeUserDTO::getOrganizationalUnitId, (e1, e2) -> e1));
        return worspaceOuPairMap.entrySet().stream().map(e -> {
            PageRoleUserReq.WorkspaceOuPair ouPair = new PageRoleUserReq.WorkspaceOuPair();
-            ouPair.setWorkspaceId(e.getWorkspaceId());
+            ouPair.setWorkspaceId(e.getKey());
-            ouPair.setOuId(e.getOrganizationalUnitId());
+            ouPair.setOuId(e.getValue());
            return ouPair;
        }).collect(Collectors.toList());
    }
@ -328,6 +344,9 @@ public class NodeUserCheckServiceImpl implements NodeUserCheckService {
            return;
        }
        for (NodeUserDTO u : nodeUsers) {
            if (Objects.isNull(u.getJob())) {
                continue;
            }
            if (projectTeamGPLeader.equals(u.getJob().getCode())) {
                BatchDeleteNodeUserCheckResp.CheckFailInfo checkFailInfo = new BatchDeleteNodeUserCheckResp.CheckFailInfo();
                checkFailInfo.setType(CheckInfoTypeEnum.PROJECT_GROUP_LEADER);
@ -336,9 +355,9 @@ public class NodeUserCheckServiceImpl implements NodeUserCheckService {
        }
    }
-    private void checkPermission(List<NodeUserDTO> nodeUsers, Long personId, List<Long> nodePersonIds) {
+    private void checkPermission(List<NodeUserDTO> nodeUsers, Long personId, Set<Long> nodePersonIds) {
        if (CollUtil.isEmpty(nodeUsers)) {
-            if (nodePersonIds.size() == 1 && Objects.equals(personId, nodePersonIds.get(0))) {
+            if (nodePersonIds.size() == 1 && Objects.equals(personId, nodePersonIds.stream().findFirst().orElse(null))) {
                throw ResultCode.INVALID_PARAMS.toException("你已被移除当前项目，请刷新后重试当前操作！");
            }
        }
@ -352,9 +371,9 @@ public class NodeUserCheckServiceImpl implements NodeUserCheckService {
        }
    }
-    public void checkUserOperate(CheckUserOperateParam param, Map<Long, List<BatchDeleteNodeUserCheckResp.CheckFailInfo>> failInfoMap) {
+    public boolean checkUserOperate(CheckUserOperateParam param, Map<Long, List<BatchDeleteNodeUserCheckResp.CheckFailInfo>> failInfoMap) {
        if (NumberUtil.isNotPositiveNumber(param.getOperatorId())) {
-            return;
+            return false;
        }
        param.check();
        List<Long> nodePersonIds = Lists.newArrayList(param.getPersonIds());
@ -363,9 +382,12 @@ public class NodeUserCheckServiceImpl implements NodeUserCheckService {
                .personIds(nodePersonIds)
                .workspaceId(param.getWorkspaceId())
                .needs(ListNodeUserReq.Needs.builder().job(true).node(true).build())
                .topNodeIds(param.getTopNodeIds())
                .findByTopNodeId(true)
                .build();
        List<NodeUserDTO> nodeUsers = nodeUserService.list(nodeUserReq);
        NodeUserDTO operator = nodeUsers.stream().filter(nu -> Objects.equals(nu.getPersonId(), param.getOperatorId()))
                .filter(nu -> Objects.nonNull(nu.getJob()))
                .filter(nu -> StrUtil.isNotBlank(nu.getJob().getCode()))
                .min(Comparator.comparingInt(NODE_USER_PRIORITY_RESOLVER)).orElse(null);
        List<NodeUserDTO> targets = param.getPersonIds().stream()
@ -378,6 +400,14 @@ public class NodeUserCheckServiceImpl implements NodeUserCheckService {
        log.info("## checkUserOperate, param = {}, operator = {}, targets = {}, nodeUsers = {} "
                , JSON.toJSONString(param), JSON.toJSONString(operator), JSON.toJSONString(targets), JSON.toJSONString(nodeUsers));
        if (operator == null) {
            if (CollUtil.isNotEmpty(targets)) {
                targets.forEach(target -> {
                    BatchDeleteNodeUserCheckResp.CheckFailInfo checkFailInfo = new BatchDeleteNodeUserCheckResp.CheckFailInfo();
                    checkFailInfo.setType(CheckInfoTypeEnum.NOT_IN_JURISDICTION);
                    addFailInfo(failInfoMap, target.getPersonId(), checkFailInfo);
                });
                return false;
            }
            throw ResultCode.INVALID_PARAMS.toException("你已经被移出该企业/项目，请及时联系管理员；你可以退出登录或切换到其他企业/项目使用");
        }
        if (CollUtil.isEmpty(targets)) {
@ -389,11 +419,11 @@ public class NodeUserCheckServiceImpl implements NodeUserCheckService {
            throw ResultCode.INVALID_PARAMS.toException("操作失败，您暂无权限！");
        }
        if (param.getPersonIds().size() == 1 && param.getPersonIds().contains(param.getOperatorId())) {
-            return;
+            return true;
        }
        // 如果 操作人是 从业人员 直接返回
        if (isPractitioner(operator)) {
-            return;
+            return true;
        }
        // 操作人是 班组长或者带班长， 则被操作人，只能是 自己，或者自己班组 及 小组的工人
        if (isProjectTeamLeader(operator) || isProjectTeamManager(operator)) {
@ -402,15 +432,10 @@ public class NodeUserCheckServiceImpl implements NodeUserCheckService {
        if (isProjectGroupManager(operator)) {
            targets.forEach(target -> groupManagerCheck(target, operator, nodeUsers, failInfoMap));
        }
        return true;
    }
    private void groupManagerCheck(NodeUserDTO target, NodeUserDTO operator, List<NodeUserDTO> nodeUsers, Map<Long, List<BatchDeleteNodeUserCheckResp.CheckFailInfo>> failInfoMap) {
        if (isPractitioner(target)) {
            BatchDeleteNodeUserCheckResp.CheckFailInfo checkFailInfo = new BatchDeleteNodeUserCheckResp.CheckFailInfo();
            checkFailInfo.setType(CheckInfoTypeEnum.ANY_ADMIN);
            addFailInfo(failInfoMap, target.getPersonId(), checkFailInfo);
            return;
        }
        // 工人必须仅在自己小组
        boolean isSameGroup = nodeUsers.stream()
                .filter(nu -> Objects.equals(nu.getPersonId(), target.getPersonId()))
@ -419,10 +444,25 @@ public class NodeUserCheckServiceImpl implements NodeUserCheckService {
            BatchDeleteNodeUserCheckResp.CheckFailInfo checkFailInfo = new BatchDeleteNodeUserCheckResp.CheckFailInfo();
            checkFailInfo.setType(CheckInfoTypeEnum.NOT_IN_JURISDICTION);
            addFailInfo(failInfoMap, target.getPersonId(), checkFailInfo);
            return;
        }
        if (isPractitioner(target)) {
            BatchDeleteNodeUserCheckResp.CheckFailInfo checkFailInfo = new BatchDeleteNodeUserCheckResp.CheckFailInfo();
            checkFailInfo.setType(CheckInfoTypeEnum.ANY_ADMIN);
            addFailInfo(failInfoMap, target.getPersonId(), checkFailInfo);
        }
    }
    private void teamManagerCheck(NodeUserDTO target, NodeUserDTO operator, Map<Long, List<BatchDeleteNodeUserCheckResp.CheckFailInfo>> failInfoMap) {
        // 否则，自己下级小组，也可以。
        boolean isGroup = target.getNode() != null
                && Objects.equals(target.getNode().getNodeType(), NodeTypeEnum.PROJECT_GROUP.getCode());
        if (!isGroup) {
            BatchDeleteNodeUserCheckResp.CheckFailInfo checkFailInfo = new BatchDeleteNodeUserCheckResp.CheckFailInfo();
            checkFailInfo.setType(CheckInfoTypeEnum.NOT_IN_JURISDICTION);
            addFailInfo(failInfoMap, target.getPersonId(), checkFailInfo);
            return;
        }
        if (isPractitioner(target)) {
            BatchDeleteNodeUserCheckResp.CheckFailInfo checkFailInfo = new BatchDeleteNodeUserCheckResp.CheckFailInfo();
            checkFailInfo.setType(CheckInfoTypeEnum.ANY_ADMIN);
@ -433,15 +473,7 @@ public class NodeUserCheckServiceImpl implements NodeUserCheckService {
        if (isSameTeam) {
            return;
        }
-        // 否则，自己下级小组，也可以。
+
        boolean isGroup = target.getNode() != null
                && Objects.equals(target.getNode().getNodeType(), NodeTypeEnum.PROJECT_GROUP.getCode());
        if (!isGroup) {
            BatchDeleteNodeUserCheckResp.CheckFailInfo checkFailInfo = new BatchDeleteNodeUserCheckResp.CheckFailInfo();
            checkFailInfo.setType(CheckInfoTypeEnum.NOT_IN_JURISDICTION);
            addFailInfo(failInfoMap, target.getPersonId(), checkFailInfo);
            return;
        }
        Long belongProjectTeamNodeId = resolveProjectTeamNodeId(target.getOrganizationalNodeId());
        if (Objects.equals(belongProjectTeamNodeId, operator.getOrganizationalNodeId())) {
            return;
@ -452,35 +484,35 @@ public class NodeUserCheckServiceImpl implements NodeUserCheckService {
    }
    private boolean isPractitioner(NodeUserDTO nodeUser) {
-        if (nodeUser == null) {
+        if (nodeUser == null || Objects.isNull(nodeUser.getJob())) {
            return false;
        }
        return Objects.equals(nodeUser.getIdentityType(), IdentityType.PRACTITIONER.getCode());
    }
    private boolean isProjectWorker(NodeUserDTO nodeUser) {
-        if (nodeUser == null) {
+        if (nodeUser == null || Objects.isNull(nodeUser.getJob())) {
            return false;
        }
        return Objects.equals(nodeUser.getJob().getCode(), JobCodeConstants.PROJECT_TEAM_WORKER);
    }
    private boolean isProjectTeamLeader(NodeUserDTO nodeUser) {
-        if (nodeUser == null) {
+        if (nodeUser == null || Objects.isNull(nodeUser.getJob())) {
            return false;
        }
        return Objects.equals(nodeUser.getJob().getCode(), JobCodeConstants.PROJ_TEAM_LEADER);
    }
    private boolean isProjectTeamManager(NodeUserDTO nodeUser) {
-        if (nodeUser == null) {
+        if (nodeUser == null || Objects.isNull(nodeUser.getJob())) {
            return false;
        }
        return Objects.equals(nodeUser.getJob().getCode(), JobCodeConstants.PROJ_TEAM_MANAGER);
    }
    private boolean isProjectGroupManager(NodeUserDTO nodeUser) {
-        if (nodeUser == null) {
+        if (nodeUser == null || Objects.isNull(nodeUser.getJob())) {
            return false;
        }
        return Objects.equals(nodeUser.getJob().getCode(), JobCodeConstants.PROJECT_TEAM_GROUP_LEADER);