From 0e33a0a1dc97d55b455ed3ea1855f5e1309dc7b5 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?=E6=9D=8E=E9=BE=99?= Date: Mon, 16 Dec 2024 15:57:32 +0800 Subject: [PATCH] =?UTF-8?q?feat:(REQ-3282)=20=E6=94=B6=E5=8F=A3=E6=9F=A5?= =?UTF-8?q?=E8=AF=A2=E4=BA=BA=E5=91=98=E6=9D=83=E9=99=90=E6=8E=A5=E5=8F=A3?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- .../model/req/ListSaasRoleGroupParam.java | 6 + .../model/req/PageSaasRoleGroupParam.java | 14 + .../req/ListRoleUserRelationParam.java | 20 ++ .../cn/axzo/tyr/feign/api/RoleGroupApi.java | 2 +- .../cn/axzo/tyr/feign/api/RoleUserApi.java | 2 +- .../axzo/tyr/feign/api/UserPermissionApi.java | 18 ++ .../tyr/feign/req/ListUserPermissionReq.java | 85 +++++ .../cn/axzo/tyr/feign/req/PageRoleReq.java | 1 + .../axzo/tyr/feign/req/PageRoleUserReq.java | 5 + .../axzo/tyr/feign/resp/PermissionResp.java | 43 +++ .../cn/axzo/tyr/feign/resp/RoleUserResp.java | 7 +- .../tyr/feign/resp/UserPermissionResp.java | 54 ++++ .../config/exception/BizResultCode.java | 2 +- .../server/controller/PrivateController.java | 98 ++---- .../v2/UserPermissionController.java | 76 +++++ .../tyr/server/service/PermissionService.java | 78 +++++ .../ProductPermissionCacheService.java | 16 + .../service/WorkspaceProductService.java | 16 + .../service/impl/PermissionServiceImpl.java | 290 ++++++++++++++++++ .../ProductPermissionCacheServiceImpl.java | 15 +- ...rmissionRelationOperateLogServiceImpl.java | 15 +- .../SaasRoleGroupRelationServiceImpl.java | 5 +- .../impl/SaasRoleGroupServiceImpl.java | 48 ++- .../impl/SaasRoleUserRelationServiceImpl.java | 66 +++- .../service/impl/TyrSaasAuthServiceImpl.java | 46 +-- .../impl/WorkspaceProductServiceImpl.java | 3 + .../java/cn/axzo/tyr/base/TestConfig.java | 3 + .../v2/RoleUserV2ControllerTest.java | 111 ++++++- .../mysql/RoleUserV2ControllerTest.sql | 71 ++++- .../src/test/resources/mysql/schema.sql | 1 + 30 files changed, 1096 insertions(+), 121 deletions(-) create mode 100644 tyr-client/src/main/java/cn/axzo/tyr/feign/api/UserPermissionApi.java create mode 100644 tyr-client/src/main/java/cn/axzo/tyr/feign/req/ListUserPermissionReq.java create mode 100644 tyr-client/src/main/java/cn/axzo/tyr/feign/resp/PermissionResp.java create mode 100644 tyr-client/src/main/java/cn/axzo/tyr/feign/resp/UserPermissionResp.java create mode 100644 tyr-server/src/main/java/cn/axzo/tyr/server/controller/v2/UserPermissionController.java create mode 100644 tyr-server/src/main/java/cn/axzo/tyr/server/service/PermissionService.java create mode 100644 tyr-server/src/main/java/cn/axzo/tyr/server/service/impl/PermissionServiceImpl.java diff --git a/tyr-api/src/main/java/cn/axzo/tyr/client/model/req/ListSaasRoleGroupParam.java b/tyr-api/src/main/java/cn/axzo/tyr/client/model/req/ListSaasRoleGroupParam.java index 1a381dd1..e62f0dd2 100644 --- a/tyr-api/src/main/java/cn/axzo/tyr/client/model/req/ListSaasRoleGroupParam.java +++ b/tyr-api/src/main/java/cn/axzo/tyr/client/model/req/ListSaasRoleGroupParam.java @@ -69,4 +69,10 @@ public class ListSaasRoleGroupParam { */ @CriteriaField(ignore = true) private Set roleTypes; + + /** + * 查找指定角色分组code层级及以下所有层级角色的用户 + */ + @CriteriaField(ignore = true) + private String ancestorRoleGroupCode; } diff --git a/tyr-api/src/main/java/cn/axzo/tyr/client/model/req/PageSaasRoleGroupParam.java b/tyr-api/src/main/java/cn/axzo/tyr/client/model/req/PageSaasRoleGroupParam.java index 96936ea6..3121ed2a 100644 --- a/tyr-api/src/main/java/cn/axzo/tyr/client/model/req/PageSaasRoleGroupParam.java +++ b/tyr-api/src/main/java/cn/axzo/tyr/client/model/req/PageSaasRoleGroupParam.java @@ -2,12 +2,16 @@ package cn.axzo.tyr.client.model.req; import cn.axzo.foundation.dao.support.wrapper.CriteriaField; import cn.axzo.foundation.page.IPageReq; +import cn.axzo.foundation.page.PageResp; +import cn.axzo.tyr.client.model.res.SaasRoleGroupDTO; import lombok.AllArgsConstructor; import lombok.Data; import lombok.NoArgsConstructor; import lombok.experimental.SuperBuilder; +import java.util.Collections; import java.util.List; +import java.util.Optional; @SuperBuilder @@ -28,4 +32,14 @@ public class PageSaasRoleGroupParam extends ListSaasRoleGroupParam implements IP @CriteriaField(ignore = true) List sort; + public PageResp toEmpty() { + return PageResp.builder() + .current(Optional.ofNullable(this.getPage()) + .orElse(DEFAULT_PAGE_NUMBER)) + .size(Optional.ofNullable(this.getPageSize()) + .orElse(DEFAULT_PAGE_SIZE)) + .total(0) + .data(Collections.emptyList()) + .build(); + } } diff --git a/tyr-api/src/main/java/cn/axzo/tyr/client/model/roleuser/req/ListRoleUserRelationParam.java b/tyr-api/src/main/java/cn/axzo/tyr/client/model/roleuser/req/ListRoleUserRelationParam.java index cf08c79c..44c836c7 100644 --- a/tyr-api/src/main/java/cn/axzo/tyr/client/model/roleuser/req/ListRoleUserRelationParam.java +++ b/tyr-api/src/main/java/cn/axzo/tyr/client/model/roleuser/req/ListRoleUserRelationParam.java @@ -147,6 +147,26 @@ public class ListRoleUserRelationParam { @CriteriaField(ignore = true) private Set roleTypes; + /** + * 查找指定角色分组code层级下角色的用户 + */ + @CriteriaField(ignore = true) + private String roleGroupCode; + + /** + * 查找指定角色分组code层级及以下所有层级角色的用户 + */ + @CriteriaField(ignore = true) + private String ancestorRoleGroupCode; + + /** + * 查询用户拥有的权限 + * 跟needPermission的区别是:needPermission是查询角色关联的菜单组件 + * needUserPermission是查询这个用户拥有的权限,要根据产品去匹配, + */ + @CriteriaField(ignore = true) + private Boolean needUserPermission; + @Data @Builder @NoArgsConstructor diff --git a/tyr-client/src/main/java/cn/axzo/tyr/feign/api/RoleGroupApi.java b/tyr-client/src/main/java/cn/axzo/tyr/feign/api/RoleGroupApi.java index 26cfbac1..88c46b1f 100644 --- a/tyr-client/src/main/java/cn/axzo/tyr/feign/api/RoleGroupApi.java +++ b/tyr-client/src/main/java/cn/axzo/tyr/feign/api/RoleGroupApi.java @@ -17,6 +17,6 @@ public interface RoleGroupApi { * @param req * @return */ - @PostMapping("/api/roleGroup/page") + @PostMapping("/api/role-group/page") ApiResult> page(@RequestBody @Validated PageRoleGroupReq req); } diff --git a/tyr-client/src/main/java/cn/axzo/tyr/feign/api/RoleUserApi.java b/tyr-client/src/main/java/cn/axzo/tyr/feign/api/RoleUserApi.java index 208de511..5fba10f1 100644 --- a/tyr-client/src/main/java/cn/axzo/tyr/feign/api/RoleUserApi.java +++ b/tyr-client/src/main/java/cn/axzo/tyr/feign/api/RoleUserApi.java @@ -17,6 +17,6 @@ public interface RoleUserApi { * @param req * @return */ - @PostMapping("/api/roleUser/page") + @PostMapping("/api/role-user/page") ApiResult> page(@RequestBody @Validated PageRoleUserReq req); } diff --git a/tyr-client/src/main/java/cn/axzo/tyr/feign/api/UserPermissionApi.java b/tyr-client/src/main/java/cn/axzo/tyr/feign/api/UserPermissionApi.java new file mode 100644 index 00000000..55182d70 --- /dev/null +++ b/tyr-client/src/main/java/cn/axzo/tyr/feign/api/UserPermissionApi.java @@ -0,0 +1,18 @@ +package cn.axzo.tyr.feign.api; + +import cn.axzo.foundation.result.ApiResult; +import cn.axzo.tyr.feign.req.ListUserPermissionReq; +import cn.axzo.tyr.feign.resp.UserPermissionResp; +import org.springframework.cloud.openfeign.FeignClient; +import org.springframework.validation.annotation.Validated; +import org.springframework.web.bind.annotation.PostMapping; +import org.springframework.web.bind.annotation.RequestBody; + +import java.util.List; + +@FeignClient(name = "tyr", url = "${axzo.service.tyr:http://tyr:8080}") +public interface UserPermissionApi { + + @PostMapping("/api/user-permission/list") + ApiResult> list(@RequestBody @Validated ListUserPermissionReq req); +} diff --git a/tyr-client/src/main/java/cn/axzo/tyr/feign/req/ListUserPermissionReq.java b/tyr-client/src/main/java/cn/axzo/tyr/feign/req/ListUserPermissionReq.java new file mode 100644 index 00000000..f41b2b8e --- /dev/null +++ b/tyr-client/src/main/java/cn/axzo/tyr/feign/req/ListUserPermissionReq.java @@ -0,0 +1,85 @@ +package cn.axzo.tyr.feign.req; + +import cn.axzo.tyr.feign.enums.IdentityTypeEnum; +import cn.axzo.tyr.feign.enums.RolePermissionTagEnum; +import lombok.AllArgsConstructor; +import lombok.Builder; +import lombok.Data; +import lombok.NoArgsConstructor; + +import javax.validation.constraints.NotEmpty; +import java.util.List; +import java.util.Set; + +@Data +@Builder +@NoArgsConstructor +@AllArgsConstructor +public class ListUserPermissionReq { + + /** + * 人员id + * 根据personId查询权限或者根据identityId、identityType查询权限,不能同时都为空 + */ + private Long personId; + + /** + * 身份id + */ + private Long identityId; + + /** + * 身份类型 + */ + private IdentityTypeEnum identityType; + + /** + * 权限code + * 没有指定就查询所有的权限,指定了就查询指定code的权限 + */ + private Set featureCodes; + + /** + * 端信息 + */ + private String terminal; + + /** + * 项目信息 + */ + @NotEmpty(message = "workspaceOuPairs不能为空") + private List workspaceOuPairs; + + /** + * app类型(APP:原生,H5:h5页面) + */ + private String appType; + + /** + * 项目code(H5会拉取项目下所有的元素) + * APP上每个应用的code,数据库叫itemCode,保持一致 + */ + private String itemCode; + + @Data + @Builder + @NoArgsConstructor + @AllArgsConstructor + public static class WorkspaceOuPair { + /** + * 租户id + */ + private Long workspaceId; + + /** + * 单位id + */ + private Long ouId; + + /** + * 根据权限标签去过滤角色对应的权限 + * 如果没有指定值,则会根据用户在当前workspaceId和ouId在人岗架的状态来解析 + */ + private Set permissionTags; + } +} diff --git a/tyr-client/src/main/java/cn/axzo/tyr/feign/req/PageRoleReq.java b/tyr-client/src/main/java/cn/axzo/tyr/feign/req/PageRoleReq.java index 56f4e293..a59bb0b2 100644 --- a/tyr-client/src/main/java/cn/axzo/tyr/feign/req/PageRoleReq.java +++ b/tyr-client/src/main/java/cn/axzo/tyr/feign/req/PageRoleReq.java @@ -95,6 +95,7 @@ public class PageRoleReq { /** * 协同关系类型 * 1:总包 2:建设单位 3:监理单位 4:劳务分包 5:专业分包 6:OMS通用 7:企业通用 8:企业内班组 9:项目内班组 + * @see cn.axzo.maokai.common.enums.SaasCooperateShipCooperateTypeEnum */ private Set cooperateShipTypes; diff --git a/tyr-client/src/main/java/cn/axzo/tyr/feign/req/PageRoleUserReq.java b/tyr-client/src/main/java/cn/axzo/tyr/feign/req/PageRoleUserReq.java index 17bf56cf..0dd69537 100644 --- a/tyr-client/src/main/java/cn/axzo/tyr/feign/req/PageRoleUserReq.java +++ b/tyr-client/src/main/java/cn/axzo/tyr/feign/req/PageRoleUserReq.java @@ -164,6 +164,11 @@ public class PageRoleUserReq { */ private String ancestorRoleGroupCode; + /** + * 查询用户拥有的权限 + */ + private Boolean needUserPermission; + @Data @Builder @NoArgsConstructor diff --git a/tyr-client/src/main/java/cn/axzo/tyr/feign/resp/PermissionResp.java b/tyr-client/src/main/java/cn/axzo/tyr/feign/resp/PermissionResp.java new file mode 100644 index 00000000..a835969e --- /dev/null +++ b/tyr-client/src/main/java/cn/axzo/tyr/feign/resp/PermissionResp.java @@ -0,0 +1,43 @@ +package cn.axzo.tyr.feign.resp; + +import cn.axzo.tyr.feign.enums.RolePermissionTagEnum; +import lombok.AllArgsConstructor; +import lombok.Builder; +import lombok.Data; +import lombok.NoArgsConstructor; + +import java.util.Set; + +@Data +@Builder +@NoArgsConstructor +@AllArgsConstructor +public class PermissionResp { + + /** + * 权限点id + */ + private Long featureId; + + /** + * 权限code + */ + private String featureCode; + + /** + * 新旧权限 + * 0:表示id是saas_feature的id + * 1:表示id是saas_feature_resource的id + */ + private Integer featureType; + + /** + * 端信息 + */ + private String terminal; + + /** + * 权限的标签 + */ + private Set tags; +} diff --git a/tyr-client/src/main/java/cn/axzo/tyr/feign/resp/RoleUserResp.java b/tyr-client/src/main/java/cn/axzo/tyr/feign/resp/RoleUserResp.java index 3cb22ade..9eae4912 100644 --- a/tyr-client/src/main/java/cn/axzo/tyr/feign/resp/RoleUserResp.java +++ b/tyr-client/src/main/java/cn/axzo/tyr/feign/resp/RoleUserResp.java @@ -6,7 +6,7 @@ import lombok.Data; import lombok.NoArgsConstructor; import java.util.Date; -import java.util.List; +import java.util.Set; @Data @Builder @@ -82,4 +82,9 @@ public class RoleUserResp { * 角色信息 */ private RoleResp role; + + /** + * 用户当前角色拥有的权限 + */ + private Set permissions; } diff --git a/tyr-client/src/main/java/cn/axzo/tyr/feign/resp/UserPermissionResp.java b/tyr-client/src/main/java/cn/axzo/tyr/feign/resp/UserPermissionResp.java new file mode 100644 index 00000000..43099be6 --- /dev/null +++ b/tyr-client/src/main/java/cn/axzo/tyr/feign/resp/UserPermissionResp.java @@ -0,0 +1,54 @@ +package cn.axzo.tyr.feign.resp; + +import lombok.AllArgsConstructor; +import lombok.Builder; +import lombok.Data; +import lombok.NoArgsConstructor; + +import java.util.List; + +@Data +@Builder +@NoArgsConstructor +@AllArgsConstructor +public class UserPermissionResp { + + + /** + * 人员id + */ + private Long personId; + + /** + * 身份id + */ + private Long identityId; + + /** + * 身份类型 + */ + private String identityType; + + /** + * 用户在项目的权限 + */ + private List workspacePermissions; + + @Data + @Builder + @AllArgsConstructor + @NoArgsConstructor + public static class WorkspacePermission { + + private Long workspaceId; + + private Long ouId; + + /** + * 是否是超管 + */ + private Boolean isSuperAdmin; + + private List permissions; + } +} diff --git a/tyr-server/src/main/java/cn/axzo/tyr/server/config/exception/BizResultCode.java b/tyr-server/src/main/java/cn/axzo/tyr/server/config/exception/BizResultCode.java index 1cfd394d..492cb309 100644 --- a/tyr-server/src/main/java/cn/axzo/tyr/server/config/exception/BizResultCode.java +++ b/tyr-server/src/main/java/cn/axzo/tyr/server/config/exception/BizResultCode.java @@ -26,7 +26,7 @@ public enum BizResultCode implements IResultCode { PAGE_ELEMENT_CATEGORY_NOT_FOUND("100016", "资源分组数据不存在"), PAGE_ELEMENT_ERROR("100017", "资源分组错误:{}"), PAGE_CODE_DUPLICATE("100018", "资源元素code重复,重复的code:{}"), - PARAM_ERROR("100019", "参数错误"), + PARAM_ERROR("100019", "参数错误:{}"), FEATURE_NAME_EXIST("100020", "菜单组件名字已经存在:{}"), TERMINAL_CODE_EXIST("100021", "端code已经存在,请修改"), TERMINAL_NOT_FOUND("100022", "原端不存在:{}"), diff --git a/tyr-server/src/main/java/cn/axzo/tyr/server/controller/PrivateController.java b/tyr-server/src/main/java/cn/axzo/tyr/server/controller/PrivateController.java index 9588870e..692be370 100644 --- a/tyr-server/src/main/java/cn/axzo/tyr/server/controller/PrivateController.java +++ b/tyr-server/src/main/java/cn/axzo/tyr/server/controller/PrivateController.java @@ -115,72 +115,38 @@ import static cn.axzo.tyr.server.repository.entity.SaasPgroupPermissionRelation. @RequiredArgsConstructor public class PrivateController { - @Autowired - private SaasCommonDictService saasCommonDictService; - @Autowired - private SaasRoleGroupService saasRoleGroupService; - @Autowired - private SaasRoleGroupRelationDao saasRoleGroupRelationDao; - @Autowired - private RoleService roleService; - @Autowired - private SaasFeatureResourceDao saasFeatureResourceDao; - @Autowired - private SaasFeatureResourceCacheService saasFeatureResourceCacheService; - @Autowired - private ProductPermissionCacheService productPermissionCacheService; - @Autowired - private TyrSaasAuthService tyrSaasAuthService; - @Autowired - private SaasFeatureDao saasFeatureDao; - @Autowired - private SaasPgroupPermissionRelationService saasPgroupPermissionRelationService; - @Autowired - private SaasRoleDao saasRoleDao; - @Autowired - private SaasPgroupRoleRelationDao saasPgroupRoleRelationDao; - @Autowired - private SaasPgroupPermissionRelationDao saasPgroupPermissionRelationDao; - @Autowired - private ProductFeatureRelationService productFeatureRelationService; - @Autowired - private FeatureCodeUtil featureCodeUtil; - @Autowired - private WorkspaceProductService workspaceProductService; - @Autowired - private CacheWorkspaceProductHandler cacheWorkspaceProductHandler; - @Autowired - private SaasRoleGroupDao saasRoleGroupDao; - @Autowired - private CacheProductPermissionJob cacheProductPermissionJob; - @Autowired - private CacheRolePermissionJob cacheRolePermissionJob; - @Autowired - private CacheSaasFeatureJob cacheSaasFeatureJob; - @Autowired - private CacheProductFeatureResourceJob cacheProductFeatureResourceJob; - @Autowired - private CacheRoleFeatureResourceJob cacheRoleFeatureResourceJob; - @Autowired - private SaasFeatureResourceService saasFeatureResourceService; - @Autowired - private RolePermissionCacheService rolePermissionCacheService; - @Autowired - private SaasPageElementDao saasPageElementDao; - @Autowired - private SaasPageElementFeatureResourceRelationDao saasPageElementFeatureResourceRelationDao; - @Autowired - private SaasRoleUserRelationService saasRoleUserRelationService; - @Autowired - private ProductModuleDao productModuleDao; - @Autowired - private CacheWorkspaceProductJob cacheWorkspaceProductJob; - @Autowired - private RoleSaasFeatureResourceCacheService roleSaasFeatureResourceCacheService; - @Autowired - private SendDingTalkHandler sendDingTalkHandler; - @Autowired - private ProductSaasFeatureResourceCacheService productSaasFeatureResourceCacheService; + private final SaasCommonDictService saasCommonDictService; + private final SaasRoleGroupService saasRoleGroupService; + private final SaasRoleGroupRelationDao saasRoleGroupRelationDao; + private final RoleService roleService; + private final SaasFeatureResourceDao saasFeatureResourceDao; + private final SaasFeatureResourceCacheService saasFeatureResourceCacheService; + private final ProductPermissionCacheService productPermissionCacheService; + private final SaasFeatureDao saasFeatureDao; + private final SaasPgroupPermissionRelationService saasPgroupPermissionRelationService; + private final SaasRoleDao saasRoleDao; + private final SaasPgroupRoleRelationDao saasPgroupRoleRelationDao; + private final SaasPgroupPermissionRelationDao saasPgroupPermissionRelationDao; + private final ProductFeatureRelationService productFeatureRelationService; + private final FeatureCodeUtil featureCodeUtil; + private final WorkspaceProductService workspaceProductService; + private final CacheWorkspaceProductHandler cacheWorkspaceProductHandler; + private final SaasRoleGroupDao saasRoleGroupDao; + private final CacheProductPermissionJob cacheProductPermissionJob; + private final CacheRolePermissionJob cacheRolePermissionJob; + private final CacheSaasFeatureJob cacheSaasFeatureJob; + private final CacheProductFeatureResourceJob cacheProductFeatureResourceJob; + private final CacheRoleFeatureResourceJob cacheRoleFeatureResourceJob; + private final SaasFeatureResourceService saasFeatureResourceService; + private final RolePermissionCacheService rolePermissionCacheService; + private final SaasPageElementDao saasPageElementDao; + private final SaasPageElementFeatureResourceRelationDao saasPageElementFeatureResourceRelationDao; + private final SaasRoleUserRelationService saasRoleUserRelationService; + private final ProductModuleDao productModuleDao; + private final CacheWorkspaceProductJob cacheWorkspaceProductJob; + private final RoleSaasFeatureResourceCacheService roleSaasFeatureResourceCacheService; + private final SendDingTalkHandler sendDingTalkHandler; + private final ProductSaasFeatureResourceCacheService productSaasFeatureResourceCacheService; /** * 统一层级的roleGroup按照id升序,sort从1递增 diff --git a/tyr-server/src/main/java/cn/axzo/tyr/server/controller/v2/UserPermissionController.java b/tyr-server/src/main/java/cn/axzo/tyr/server/controller/v2/UserPermissionController.java new file mode 100644 index 00000000..d157ff23 --- /dev/null +++ b/tyr-server/src/main/java/cn/axzo/tyr/server/controller/v2/UserPermissionController.java @@ -0,0 +1,76 @@ +package cn.axzo.tyr.server.controller.v2; + +import cn.axzo.foundation.exception.Axssert; +import cn.axzo.foundation.result.ApiResult; +import cn.axzo.tyr.client.model.enums.IdentityType; +import cn.axzo.tyr.client.model.roleuser.dto.SaasRoleUserV2DTO; +import cn.axzo.tyr.client.model.roleuser.req.ListRoleUserRelationParam; +import cn.axzo.tyr.feign.api.UserPermissionApi; +import cn.axzo.tyr.feign.req.ListUserPermissionReq; +import cn.axzo.tyr.feign.resp.UserPermissionResp; +import cn.axzo.tyr.server.service.PermissionService; +import cn.axzo.tyr.server.service.SaasRoleUserRelationService; +import lombok.extern.slf4j.Slf4j; +import org.springframework.beans.factory.annotation.Autowired; +import org.springframework.web.bind.annotation.RestController; + +import java.util.List; +import java.util.Objects; +import java.util.Optional; +import java.util.stream.Collectors; + +import static cn.axzo.tyr.server.config.exception.BizResultCode.PARAM_ERROR; + +@Slf4j +@RestController +public class UserPermissionController implements UserPermissionApi { + + @Autowired + private PermissionService permissionService; + @Autowired + private SaasRoleUserRelationService saasRoleUserRelationService; + + @Override + public ApiResult> list(ListUserPermissionReq req) { + + check(req); + + List saasRoleUsers = listRoleUserRelation(req); + + + return null; + } + + private void check(ListUserPermissionReq req) { + + Axssert.check(Objects.nonNull(req.getPersonId()) || Objects.nonNull(req.getIdentityId()), + PARAM_ERROR, PARAM_ERROR.getErrorMessage(), "personId 和 identityId不能同时为空"); + + if (Objects.nonNull(req.getIdentityId())) { + Axssert.check(Objects.nonNull(req.getIdentityType()), + PARAM_ERROR, PARAM_ERROR.getErrorMessage(), "identityType不能为空"); + } + } + + private List listRoleUserRelation(ListUserPermissionReq req) { + + ListRoleUserRelationParam listRoleUserRelationParam = ListRoleUserRelationParam.builder() + .personId(req.getPersonId()) + .identityId(req.getIdentityId()) + .identityType(Optional.ofNullable(req.getIdentityType()) + .map(e -> IdentityType.valueOf(e.name())) + .orElse(null)) + .workspaceOuPairs(req.getWorkspaceOuPairs().stream() + .map(e -> ListRoleUserRelationParam.WorkspaceOuPair.builder() + .workspaceId(e.getWorkspaceId()) + .ouId(e.getOuId()) + .build()) + .collect(Collectors.toList())) + .needRole(true) + .build(); + + return saasRoleUserRelationService.listV2(listRoleUserRelationParam).stream() + .filter(e -> e.getSaasRole() != null) + .collect(Collectors.toList()); + } +} diff --git a/tyr-server/src/main/java/cn/axzo/tyr/server/service/PermissionService.java b/tyr-server/src/main/java/cn/axzo/tyr/server/service/PermissionService.java new file mode 100644 index 00000000..4de3f781 --- /dev/null +++ b/tyr-server/src/main/java/cn/axzo/tyr/server/service/PermissionService.java @@ -0,0 +1,78 @@ +package cn.axzo.tyr.server.service; + +import cn.axzo.tyr.feign.enums.RolePermissionTagEnum; +import cn.axzo.tyr.feign.enums.RoleTypeEnum; +import cn.axzo.tyr.feign.resp.UserPermissionResp; +import lombok.AllArgsConstructor; +import lombok.Builder; +import lombok.Data; +import lombok.NoArgsConstructor; + +import java.util.List; +import java.util.Map; +import java.util.Set; + +public interface PermissionService { + + Map> listUserPermission(ListUserPermissionParam param); + + @Data + @Builder + @NoArgsConstructor + @AllArgsConstructor + class ListUserPermissionParam { + private List users; + + /** + * 权限code + * 没有指定就查询所有的权限,指定了就查询指定code的权限 + */ + private Set featureCodes; + + /** + * 端信息 + */ + private String terminal; + + /** + * app类型(APP:原生,H5:h5页面) + */ + private String appType; + + /** + * 项目code(H5会拉取项目下所有的元素) + * APP上每个应用的code,数据库叫itemCode,保持一致 + */ + private String itemCode; + } + + @Data + @Builder + @NoArgsConstructor + @AllArgsConstructor + class UserParam { + private Long personId; + + private Set tags; + + private Set roles; + + private Long workspaceId; + } + + @Data + @Builder + @NoArgsConstructor + @AllArgsConstructor + class RoleParam { + private Long roleId; + + private RoleTypeEnum roleType; + + /** + * 产品单位类型 + * 1:总包 2:建设单位 3:监理单位 4:劳务分包 5:专业分包 6:OMS通用 7:企业通用 8:企业内班组 9:项目内班组 + */ + private Integer cooperateShipTypes; + } +} diff --git a/tyr-server/src/main/java/cn/axzo/tyr/server/service/ProductPermissionCacheService.java b/tyr-server/src/main/java/cn/axzo/tyr/server/service/ProductPermissionCacheService.java index 1e67c38a..a57ca4dd 100644 --- a/tyr-server/src/main/java/cn/axzo/tyr/server/service/ProductPermissionCacheService.java +++ b/tyr-server/src/main/java/cn/axzo/tyr/server/service/ProductPermissionCacheService.java @@ -62,6 +62,22 @@ public interface ProductPermissionCacheService { private Set productIds; private Set featureCodes; + + /** + * 端信息 + */ + private String terminal; + + /** + * app类型(APP:原生,H5:h5页面) + */ + private String appType; + + /** + * 项目code(H5会拉取项目下所有的元素) + * APP上每个应用的code,数据库叫itemCode,保持一致 + */ + private String itemCode; } @Data diff --git a/tyr-server/src/main/java/cn/axzo/tyr/server/service/WorkspaceProductService.java b/tyr-server/src/main/java/cn/axzo/tyr/server/service/WorkspaceProductService.java index fa7d2df5..600eb8db 100644 --- a/tyr-server/src/main/java/cn/axzo/tyr/server/service/WorkspaceProductService.java +++ b/tyr-server/src/main/java/cn/axzo/tyr/server/service/WorkspaceProductService.java @@ -67,6 +67,22 @@ public interface WorkspaceProductService { private Set workspaceIds; private Set featureCodes; + + /** + * 端信息 + */ + private String terminal; + + /** + * app类型(APP:原生,H5:h5页面) + */ + private String appType; + + /** + * 项目code(H5会拉取项目下所有的元素) + * APP上每个应用的code,数据库叫itemCode,保持一致 + */ + private String itemCode; } @Data diff --git a/tyr-server/src/main/java/cn/axzo/tyr/server/service/impl/PermissionServiceImpl.java b/tyr-server/src/main/java/cn/axzo/tyr/server/service/impl/PermissionServiceImpl.java new file mode 100644 index 00000000..10521607 --- /dev/null +++ b/tyr-server/src/main/java/cn/axzo/tyr/server/service/impl/PermissionServiceImpl.java @@ -0,0 +1,290 @@ +package cn.axzo.tyr.server.service.impl; + +import cn.axzo.tyr.client.model.res.IdentityAuthRes; +import cn.axzo.tyr.feign.enums.RolePermissionTagEnum; +import cn.axzo.tyr.feign.resp.PermissionResp; +import cn.axzo.tyr.feign.resp.UserPermissionResp; +import cn.axzo.tyr.server.service.PermissionService; +import cn.axzo.tyr.server.service.ProductPermissionCacheService; +import cn.axzo.tyr.server.service.RolePermissionCacheService; +import cn.axzo.tyr.server.service.SaasFeatureResourceService; +import cn.axzo.tyr.server.service.WorkspaceProductService; +import cn.hutool.core.collection.CollectionUtil; +import com.google.common.collect.Sets; +import lombok.extern.slf4j.Slf4j; +import org.apache.commons.compress.utils.Lists; +import org.springframework.beans.factory.annotation.Autowired; +import org.springframework.stereotype.Service; +import org.springframework.util.CollectionUtils; + +import java.util.Collection; +import java.util.Collections; +import java.util.List; +import java.util.Map; +import java.util.Objects; +import java.util.Optional; +import java.util.Set; +import java.util.stream.Collectors; + +@Slf4j +@Service +public class PermissionServiceImpl implements PermissionService { + + @Autowired + private RolePermissionCacheService rolePermissionCacheService; + @Autowired + private WorkspaceProductService workspaceProductService; + @Autowired + private SaasFeatureResourceService saasFeatureResourceService; + + /** + * 1、查询用户的角色 + * 2、查询角色的权限 + * 3、查询项目的权限 + * 4、查找项目权限的端的所有菜单、可能菜单已经被删除,需要需要校验有权限id是否存在 + * 5、解析超管、管理员角色的权限 + * 6、解析普通角色的权限 + * 7、解析免授权的权限 + * 8、合并5、6、7的权限并返回 + * 因为角色的单位类型要跟产品的单位类型去匹配、超管|管理员角色的权限是对应的产品的权限、普通角色的权限需要跟产品匹配 + * 权限点指定是全部角色,则只需要产品勾选了权限即有权限 + * + */ + @Override + public Map> listUserPermission(ListUserPermissionParam param) { + if (CollectionUtils.isEmpty(param.getUsers())) { + return Collections.emptyMap(); + } + + // 查询项目的权限 + Map> workspacePermissionMap = listWorkspacePermission(param); + if (Objects.isNull(workspacePermissionMap) || workspacePermissionMap.isEmpty()) { + return Collections.emptyMap(); + } + + // 查询产品的端的所有菜单信息 + List allFeatureResources = listAllSaasFeature(workspacePermissionMap); + if (CollectionUtils.isEmpty(allFeatureResources)) { + return Collections.emptyMap(); + } + + // 查询角色的权限 + Map> rolePermissions = listRolePermission(param); + + // 按照人去解析每个人的权限,因为每个人的tag可能不一样 + param.getUsers().stream() + .map(user -> { + if (CollectionUtils.isEmpty(user.getRoles())) { + return null; + } + + List workspacePermissions = workspacePermissionMap.get(user.getWorkspaceId()); + if (CollectionUtils.isEmpty(workspacePermissions)) { + return null; + } + + // 用户在场时的管理员角色的权限 + Set adminRolePermission = resolveAdminRolePermission(workspacePermissions, user); + + // 用户普通角色的权限 + + }) + .filter(Objects::nonNull) + .collect(Collectors.toList()); + + + + return null; + } + + /** + * 只有查询在职权限时才能直接根据管理员角色和产品去匹配 + * 因为离场权限,管理员角色会配置管理员角色对应的离场权限 + * @param workspacePermissions + * @param userParam + * @return + */ + private Set resolveAdminRolePermission(List workspacePermissions, + UserParam userParam) { + + if (!CollectionUtils.isEmpty(userParam.getTags()) && !userParam.getTags().contains(RolePermissionTagEnum.JOINED)) { + log.info("admin role permission:tags not null and no joined tag"); + return Collections.emptySet(); + } + + //超管和管理员角色 + List adminRoles = userParam.getRoles().stream() + .filter(role -> Objects.nonNull(role.getRoleType()) && role.getRoleType().isAdmin()) + .collect(Collectors.toList()); + if (CollectionUtil.isEmpty(adminRoles)) { + log.info("no admin roles"); + return Collections.emptySet(); + } + + Set cooperateShipTypes = adminRoles.stream() + .map(RoleParam::getCooperateShipTypes) + .map(String::valueOf) + .collect(Collectors.toSet()); + + return workspacePermissions.stream() + .filter(e -> cooperateShipTypes.contains(e.getCooperateType())) + .map(e -> PermissionResp.builder() + .featureCode(e.getFeatureCode()) + .featureId(e.getFeatureId()) + .terminal(e.getTerminal()) + .featureType(e.getFeatureType()) + .build()) + .collect(Collectors.toSet()); + } + + + private Set buildNoAuthPermission(List productPermissions, + List allFeatures) { + + // 因为有权授权权限的权限点,就需要有所有上层权限点的权限 + Set notAuthFeatureIds = allFeatures.stream() + .filter(SaasFeatureResourceService.SaasFeatureResourceCache::isNotAuth) + .map(e -> Optional.ofNullable(e.getParentIds()) + .map(f -> { + f.add(e.getFeatureId()); + return f; + }) + .orElseGet(() -> Sets.newHashSet(e.getFeatureId()))) + .flatMap(Collection::stream) + .collect(Collectors.toSet()); + + if (CollectionUtils.isEmpty(notAuthFeatureIds)) { + return Collections.emptySet(); + } + + + return productPermissions.stream() + .filter(productPermission -> notAuthFeatureIds.contains(productPermission.getFeatureId())) + .map(e -> IdentityAuthRes.PermissionPoint.builder() + .featureCode(e.getFeatureCode()) + .featureId(e.getFeatureId()) + .terminal(e.getTerminal()) + .featureType(e.getFeatureType()) + .build()) + .collect(Collectors.toSet()); + } + + private Set resolveNormalRolePermission(List workspacePermissions, + UserParam userParam) { + + // 普通角色 + List normalRoles = userParam.getRoles().stream() + .filter(role -> Objects.nonNull(role.getRoleType()) && !role.getRoleType().isAdmin()) + .collect(Collectors.toList()); + if (CollectionUtil.isEmpty(normalRoles)) { + log.info("no normal roles"); + return Collections.emptySet(); + } + + return normalRoles.stream() + .map(role -> { + + Set rolePermissionFeatureCodes = Optional.ofNullable(rolePermissionMap.get(role.getId())) + .map(e -> e.stream() + .filter(Objects::nonNull) + .filter(rolePermission -> { + if (CollectionUtils.isEmpty(workspaceOuPair.getTags()) || CollectionUtils.isEmpty(rolePermission.getTags())) { + return true; + } + + if (Sets.intersection(workspaceOuPair.getTags(), rolePermission.getTags()).isEmpty()) { + return false; + } + + return true; + }) + .map(RolePermissionCacheService.PermissionDTO::getFeatureCode) + .collect(Collectors.toSet())) + .orElseGet(Sets::newHashSet); + + if (CollectionUtils.isEmpty(rolePermissionFeatureCodes)) { + return null; + } + + return productPermissions.stream() + .filter(productPermission -> Objects.equals(productPermission.getCooperateType(), String.valueOf(role.getProductUnitType()))) + .filter(productPermission -> rolePermissionFeatureCodes.contains(productPermission.getFeatureCode())) + .map(e -> IdentityAuthRes.PermissionPoint.builder() + .featureCode(e.getFeatureCode()) + .featureId(e.getFeatureId()) + .terminal(e.getTerminal()) + .featureType(e.getFeatureType()) + .build()) + .collect(Collectors.toSet()); + + }) + .filter(Objects::nonNull) + .flatMap(Collection::stream) + .collect(Collectors.toSet()); + } + + private Map> listRolePermission(ListUserPermissionParam param) { + Set roleIds = param.getUsers().stream() + .map(UserParam::getRoles) + .filter(Objects::nonNull) + .flatMap(Collection::stream) + .map(RoleParam::getRoleId) + .collect(Collectors.toSet()); + if (CollectionUtils.isEmpty(roleIds)) { + return Collections.emptyMap(); + } + + RolePermissionCacheService.ListRolePermissionParam listRolePermissionParam = RolePermissionCacheService.ListRolePermissionParam.builder() + .roleIds(roleIds) + .featureCodes(param.getFeatureCodes()) + .build(); + return rolePermissionCacheService.list(listRolePermissionParam); + } + + private Map> listWorkspacePermission(ListUserPermissionParam param) { + + Set workspaceIds = param.getUsers().stream() + .map(UserParam::getWorkspaceId) + .filter(Objects::nonNull) + .collect(Collectors.toSet()); + if (CollectionUtils.isEmpty(workspaceIds)) { + return Collections.emptyMap(); + } + + WorkspaceProductService.ListWorkspaceProductPermissionCacheParam listWorkspaceProductPermission = WorkspaceProductService.ListWorkspaceProductPermissionCacheParam.builder() + .workspaceIds(workspaceIds) + .featureCodes(param.getFeatureCodes()) + .appType(param.getAppType()) + .itemCode(param.getItemCode()) + .terminal(param.getTerminal()) + .build(); + return workspaceProductService.listWorkspaceProductPermissionCached(listWorkspaceProductPermission) + .stream() + .collect(Collectors.toMap(WorkspaceProductService.WorkspaceProductPermission::getWorkspaceId, + e -> Optional.ofNullable(e.getProductPermissions()) + .map(productPermissions -> productPermissions.stream() + .map(WorkspaceProductService.ProductPermission::getPermissions) + .filter(Objects::nonNull) + .flatMap(Collection::stream) + .collect(Collectors.toList())) + .orElseGet(Lists::newArrayList))); + } + + private List listAllSaasFeature(Map> workspacePermissions) { + + Set terminals = workspacePermissions.values().stream() + .flatMap(Collection::stream) + .map(ProductPermissionCacheService.PermissionDTO::getTerminal) + .filter(Objects::nonNull) + .collect(Collectors.toSet()); + + SaasFeatureResourceService.ListSaasFeatureResourceCache listSaasFeatureResourceCache = SaasFeatureResourceService.ListSaasFeatureResourceCache.builder() + .terminals(terminals) + .build(); + return saasFeatureResourceService.listCache(listSaasFeatureResourceCache) + .values() + .stream() + .flatMap(Collection::stream) + .collect(Collectors.toList()); + } +} diff --git a/tyr-server/src/main/java/cn/axzo/tyr/server/service/impl/ProductPermissionCacheServiceImpl.java b/tyr-server/src/main/java/cn/axzo/tyr/server/service/impl/ProductPermissionCacheServiceImpl.java index 7a90efe1..ff52a193 100644 --- a/tyr-server/src/main/java/cn/axzo/tyr/server/service/impl/ProductPermissionCacheServiceImpl.java +++ b/tyr-server/src/main/java/cn/axzo/tyr/server/service/impl/ProductPermissionCacheServiceImpl.java @@ -18,6 +18,7 @@ import com.google.common.collect.Lists; import com.google.common.collect.Maps; import com.google.common.collect.Sets; import lombok.extern.slf4j.Slf4j; +import org.apache.commons.lang3.StringUtils; import org.springframework.beans.factory.annotation.Autowired; import org.springframework.cloud.context.config.annotation.RefreshScope; import org.springframework.stereotype.Service; @@ -85,18 +86,20 @@ public class ProductPermissionCacheServiceImpl implements ProductPermissionCache .collect(Collectors.toMap(Map.Entry::getKey, e -> e.getValue().orElseGet(Lists::newArrayList))); } catch (ExecutionException ex) { log.error("list product cache permission error:{} error", param.getProductIds(), ex); - // 外面有做降级 throw new ServiceException("查询产品权限缓存异常"); } - if (CollectionUtils.isEmpty(param.getFeatureCodes())) { - return productPermissions; - } - return productPermissions.entrySet() .stream() .map(e -> Pair.of(e.getKey(), e.getValue().stream() - .filter(permission -> param.getFeatureCodes().contains(permission.getFeatureCode())) + .filter(permission -> CollectionUtils.isEmpty(param.getFeatureCodes()) + || param.getFeatureCodes().contains(permission.getFeatureCode())) + .filter(permission -> StringUtils.isBlank(param.getTerminal()) + || Objects.equals(permission.getTerminal(), param.getTerminal())) + .filter(permission -> StringUtils.isBlank(param.getAppType()) + || Objects.equals(permission.getAppType(), param.getAppType())) + .filter(permission -> StringUtils.isBlank(param.getItemCode()) + || Objects.equals(permission.getItemCode(), param.getItemCode())) .collect(Collectors.toList())) ) .filter(e -> !CollectionUtils.isEmpty(e.getValue())) diff --git a/tyr-server/src/main/java/cn/axzo/tyr/server/service/impl/SaasPgroupPermissionRelationOperateLogServiceImpl.java b/tyr-server/src/main/java/cn/axzo/tyr/server/service/impl/SaasPgroupPermissionRelationOperateLogServiceImpl.java index 06ea3f82..0b618b6e 100644 --- a/tyr-server/src/main/java/cn/axzo/tyr/server/service/impl/SaasPgroupPermissionRelationOperateLogServiceImpl.java +++ b/tyr-server/src/main/java/cn/axzo/tyr/server/service/impl/SaasPgroupPermissionRelationOperateLogServiceImpl.java @@ -18,12 +18,12 @@ import cn.axzo.tyr.server.util.RpcInternalUtil; import cn.azxo.framework.common.constatns.Constants; import com.alibaba.fastjson.JSONObject; import com.google.common.collect.Lists; -import lombok.AllArgsConstructor; import lombok.extern.slf4j.Slf4j; import org.apache.commons.collections4.CollectionUtils; import org.apache.commons.lang3.ObjectUtils; import org.apache.commons.lang3.StringUtils; import org.slf4j.MDC; +import org.springframework.beans.factory.annotation.Autowired; import org.springframework.stereotype.Service; import java.util.Collections; @@ -39,7 +39,6 @@ import java.util.stream.Collectors; */ @Slf4j @Service -@AllArgsConstructor public class SaasPgroupPermissionRelationOperateLogServiceImpl implements SaasPgroupPermissionRelationOperateLogService { public static final String TABLE_NAME_FEATURE_RESOURCE = "saas_feature_resource"; @@ -50,10 +49,14 @@ public class SaasPgroupPermissionRelationOperateLogServiceImpl implements SaasPg public static final String TABLE_NAME_SAAS_ROLE_GROUP = "saas_role_group"; public static final String TABLE_NAME_SAAS_FEATURE = "saas_feature"; - private final SaasPgroupPermissionRelationOperateLogDao saasPgroupPermissionRelationOperateLogDao; - private final SaasRoleDao saasRoleDao; - private final UserProfileServiceApi userProfileServiceApi; - private final SaasRoleUserRelationService saasRoleUserRelationService; + @Autowired + private SaasPgroupPermissionRelationOperateLogDao saasPgroupPermissionRelationOperateLogDao; + @Autowired + private SaasRoleDao saasRoleDao; + @Autowired + private UserProfileServiceApi userProfileServiceApi; + @Autowired + private SaasRoleUserRelationService saasRoleUserRelationService; @Override public void batchSave(List logs) { diff --git a/tyr-server/src/main/java/cn/axzo/tyr/server/service/impl/SaasRoleGroupRelationServiceImpl.java b/tyr-server/src/main/java/cn/axzo/tyr/server/service/impl/SaasRoleGroupRelationServiceImpl.java index 9a189b80..0767c5ab 100644 --- a/tyr-server/src/main/java/cn/axzo/tyr/server/service/impl/SaasRoleGroupRelationServiceImpl.java +++ b/tyr-server/src/main/java/cn/axzo/tyr/server/service/impl/SaasRoleGroupRelationServiceImpl.java @@ -15,6 +15,7 @@ import lombok.RequiredArgsConstructor; import lombok.extern.slf4j.Slf4j; import org.apache.commons.collections.CollectionUtils; import org.springframework.beans.BeanUtils; +import org.springframework.beans.factory.annotation.Autowired; import org.springframework.stereotype.Service; import org.springframework.transaction.annotation.Transactional; @@ -25,10 +26,10 @@ import java.util.stream.Collectors; @Slf4j @Service -@RequiredArgsConstructor public class SaasRoleGroupRelationServiceImpl extends ServiceImpl implements SaasRoleGroupRelationService { - private final SaasRoleGroupRelationDao saasRoleGroupRelationDao; + @Autowired + private SaasRoleGroupRelationDao saasRoleGroupRelationDao; @Override @Transactional(rollbackFor = Exception.class) diff --git a/tyr-server/src/main/java/cn/axzo/tyr/server/service/impl/SaasRoleGroupServiceImpl.java b/tyr-server/src/main/java/cn/axzo/tyr/server/service/impl/SaasRoleGroupServiceImpl.java index e51f7a9d..57d0bd49 100644 --- a/tyr-server/src/main/java/cn/axzo/tyr/server/service/impl/SaasRoleGroupServiceImpl.java +++ b/tyr-server/src/main/java/cn/axzo/tyr/server/service/impl/SaasRoleGroupServiceImpl.java @@ -46,6 +46,7 @@ import org.apache.commons.lang3.BooleanUtils; import org.apache.commons.lang3.StringUtils; import org.slf4j.MDC; import org.springframework.beans.BeanUtils; +import org.springframework.beans.factory.annotation.Autowired; import org.springframework.stereotype.Service; import org.springframework.transaction.annotation.Transactional; @@ -59,23 +60,29 @@ import java.util.List; import java.util.Map; import java.util.Objects; import java.util.Optional; +import java.util.Set; import java.util.function.Function; import java.util.stream.Collectors; import static cn.axzo.tyr.server.config.exception.BizResultCode.CANT_DELETE_ROLE_GROUP; @Slf4j -@RequiredArgsConstructor @Service public class SaasRoleGroupServiceImpl extends ServiceImpl implements SaasRoleGroupService { - private final SaasRoleGroupMapper saasRoleGroupMapper; - private final SaasRoleGroupDao saasRoleGroupDao; - private final SaasRoleGroupRelationDao saasRoleGroupRelationDao; - private final SaasRoleGroupRelationService saasRoleGroupRelationService; - private final RoleService roleService; - private final SaasPgroupPermissionRelationOperateLogService saasPgroupPermissionRelationOperateLogService; + @Autowired + private SaasRoleGroupMapper saasRoleGroupMapper; + @Autowired + private SaasRoleGroupDao saasRoleGroupDao; + @Autowired + private SaasRoleGroupRelationDao saasRoleGroupRelationDao; + @Autowired + private SaasRoleGroupRelationService saasRoleGroupRelationService; + @Autowired + private RoleService roleService; + @Autowired + private SaasPgroupPermissionRelationOperateLogService saasPgroupPermissionRelationOperateLogService; @Override public List getList(QuerySaasRoleGroupReq req) { @@ -403,6 +410,11 @@ public class SaasRoleGroupServiceImpl extends ServiceImpl idByAncestorRoleGroupCode = resolveIdByAncestorRoleGroupCode(param); + if (Objects.nonNull(param.getAncestorRoleGroupCode()) && CollectionUtils.isEmpty(idByAncestorRoleGroupCode)) { + return param.toEmpty(); + } + IPage page = this.page(PageConverter.toMybatis(param, SaasRoleGroup.class), wrapper); Map> roles = listRoles(param, page.getRecords()); @@ -412,6 +424,28 @@ public class SaasRoleGroupServiceImpl extends ServiceImpl from(record, roles, roleGroupRelations)); } + private Set resolveIdByAncestorRoleGroupCode(PageSaasRoleGroupParam param) { + if (Objects.isNull(param.getAncestorRoleGroupCode())) { + return Collections.emptySet(); + } + List saasRoleGroups = this.lambdaQuery() + .eq(SaasRoleGroup::getCode, param.getAncestorRoleGroupCode()) + .list(); + if (CollectionUtils.isEmpty(saasRoleGroups)) { + return Collections.emptySet(); + } + + return this.list(ListSaasRoleGroupParam.builder() + .paths(saasRoleGroups.stream() + .map(SaasRoleGroup::getPath) + .collect(Collectors.toSet())) + .build()) + .stream() + .map(SaasRoleGroupDTO::getId) + .collect(Collectors.toSet()); + + } + private SaasRoleGroupDTO from(SaasRoleGroup saasRoleGroup, Map> roles, Map> roleGroupRelations) { diff --git a/tyr-server/src/main/java/cn/axzo/tyr/server/service/impl/SaasRoleUserRelationServiceImpl.java b/tyr-server/src/main/java/cn/axzo/tyr/server/service/impl/SaasRoleUserRelationServiceImpl.java index 4c2c8806..ed56cda8 100644 --- a/tyr-server/src/main/java/cn/axzo/tyr/server/service/impl/SaasRoleUserRelationServiceImpl.java +++ b/tyr-server/src/main/java/cn/axzo/tyr/server/service/impl/SaasRoleUserRelationServiceImpl.java @@ -26,9 +26,12 @@ import cn.axzo.tyr.client.model.permission.IdentityKey; import cn.axzo.tyr.client.model.permission.QueryIdentityByPermissionDTO; import cn.axzo.tyr.client.model.permission.SaasUserRoleExBO; import cn.axzo.tyr.client.model.req.ListRoleReq; +import cn.axzo.tyr.client.model.req.ListSaasRoleGroupParam; import cn.axzo.tyr.client.model.req.QuerySuperAdminReq; import cn.axzo.tyr.client.model.req.UpdateUserJobReq; import cn.axzo.tyr.client.model.req.WorkspaceUpdateUserRoleDTO; +import cn.axzo.tyr.client.model.res.RoleGroupRelationRes; +import cn.axzo.tyr.client.model.res.SaasRoleGroupDTO; import cn.axzo.tyr.client.model.res.SaasRoleRes; import cn.axzo.tyr.client.model.res.SuperAminInfoResp; import cn.axzo.tyr.client.model.roleuser.dto.SaasRoleUserV2DTO; @@ -44,6 +47,7 @@ import cn.axzo.tyr.server.repository.entity.SaasRole; import cn.axzo.tyr.server.repository.entity.SaasRoleUserRelation; import cn.axzo.tyr.server.repository.mapper.SaasRoleUserRelationMapper; import cn.axzo.tyr.server.service.RoleService; +import cn.axzo.tyr.server.service.SaasRoleGroupService; import cn.axzo.tyr.server.service.SaasRoleUserRelationService; import cn.axzo.tyr.server.util.RpcInternalUtil; import cn.hutool.core.collection.CollectionUtil; @@ -51,6 +55,7 @@ import com.baomidou.mybatisplus.core.conditions.query.QueryWrapper; import com.baomidou.mybatisplus.core.metadata.IPage; import com.baomidou.mybatisplus.extension.service.impl.ServiceImpl; import com.google.common.collect.Lists; +import com.google.common.collect.Sets; import lombok.extern.slf4j.Slf4j; import org.apache.commons.lang3.BooleanUtils; import org.springframework.beans.BeanUtils; @@ -87,7 +92,6 @@ public class SaasRoleUserRelationServiceImpl extends ServiceImpl roleIdsByRoleGroupCode = resolveRoleIdsByRoleGroupCode(param); + if (Objects.nonNull(param.getRoleGroupCode()) && CollectionUtils.isEmpty(roleIdsByRoleGroupCode)) { + return param.toEmpty(); + } + + Set roleIdsByAncestorRoleGroupCode = resolveRoleIdsByAncestorRoleGroupCode(param); + if (Objects.nonNull(param.getAncestorRoleGroupCode()) && CollectionUtils.isEmpty(roleIdsByAncestorRoleGroupCode)) { + return param.toEmpty(); + } + wrapper.in(!CollectionUtils.isEmpty(roleIdsByRoleCodes), "role_id", roleIdsByRoleCodes); wrapper.in(!CollectionUtils.isEmpty(roleIdsByRoleTypes), "role_id", roleIdsByRoleTypes); + wrapper.in(!CollectionUtils.isEmpty(roleIdsByRoleGroupCode), "role_id", roleIdsByRoleGroupCode); + + wrapper.in(!CollectionUtils.isEmpty(roleIdsByAncestorRoleGroupCode), "role_id", roleIdsByAncestorRoleGroupCode); + assembleBatchPersonWrapper(param, wrapper); IPage page = this.page(PageConverter.toMybatis(param, SaasRoleUserRelation.class), wrapper); @@ -619,4 +640,47 @@ public class SaasRoleUserRelationServiceImpl extends ServiceImpl resolveRoleIdsByRoleGroupCode(PageRoleUserRelationParam param) { + if (Objects.isNull(param.getRoleGroupCode())) { + return Collections.emptySet(); + } + + return saasRoleGroupService.list(ListSaasRoleGroupParam.builder() + .roleGroupCodes(Sets.newHashSet(param.getRoleGroupCode())) + .needRoleGroupRelation(true) + .build()) + .stream() + .map(SaasRoleGroupDTO::getRoleGroupRelations) + .filter(Objects::nonNull) + .flatMap(Collection::stream) + .map(RoleGroupRelationRes::getRoleId) + .collect(Collectors.toSet()); + } + + private Set resolveRoleIdsByAncestorRoleGroupCode(PageRoleUserRelationParam param) { + if (Objects.isNull(param.getAncestorRoleGroupCode())) { + return Collections.emptySet(); + } + + return saasRoleGroupService.list(ListSaasRoleGroupParam.builder() + .ancestorRoleGroupCode(param.getAncestorRoleGroupCode()) + .needRoleGroupRelation(true) + .build()) + .stream() + .map(SaasRoleGroupDTO::getRoleGroupRelations) + .filter(Objects::nonNull) + .flatMap(Collection::stream) + .map(RoleGroupRelationRes::getRoleId) + .collect(Collectors.toSet()); + } + + private Map listUserPermission(PageRoleUserRelationParam param, + List saasRoleUserRelations) { + if (CollectionUtils.isEmpty(saasRoleUserRelations) || BooleanUtils.isNotTrue(param.getNeedUserPermission())) { + return Collections.emptyMap(); + } + + + } } diff --git a/tyr-server/src/main/java/cn/axzo/tyr/server/service/impl/TyrSaasAuthServiceImpl.java b/tyr-server/src/main/java/cn/axzo/tyr/server/service/impl/TyrSaasAuthServiceImpl.java index a22aa374..a45bbe82 100644 --- a/tyr-server/src/main/java/cn/axzo/tyr/server/service/impl/TyrSaasAuthServiceImpl.java +++ b/tyr-server/src/main/java/cn/axzo/tyr/server/service/impl/TyrSaasAuthServiceImpl.java @@ -925,24 +925,24 @@ public class TyrSaasAuthServiceImpl implements TyrSaasAuthService { .build()).collect(Collectors.toList())); return permissionInfo.stream() - .filter(e -> { - PermissionTagService.ResolvePermissionDTO resolvePermission = personPermissionTags.get(e.getPersonId() + "_" + e.getOuId() + "_" + e.getWorkspaceId()); - if (Objects.isNull(resolvePermission)) { - // 未解析到标签兼容历史情况 - return true; - } - - Set featureInfos = authMap.get(NumberUtil.parseLong(e.getRoleId())); - - return featureInfos.stream() - .anyMatch(permission -> permission.getTags() - .stream() - .anyMatch(tag -> !Sets.intersection(permission.getTags(), resolvePermission.getTags()).isEmpty())); - }) .peek(e -> { - e.setFeatureInfos(authMap.get(NumberUtil.parseLong(e.getRoleId()))); - e.setSimpleFeatureInfos(org.apache.commons.collections4.CollectionUtils.emptyIfNull(authMap.get(NumberUtil.parseLong(e.getRoleId()))) - .stream().map(ListPermissionFromRoleGroupResp.FeatureInfo::getFeatureId).collect(Collectors.toSet())); + PermissionTagService.ResolvePermissionDTO resolvePermission = personPermissionTags.get(e.getPersonId() + "_" + e.getOuId() + "_" + e.getWorkspaceId()); + + Set featureInfos = Optional.ofNullable(authMap.get(NumberUtil.parseLong(e.getRoleId()))) + .orElseGet(Sets::newHashSet) + .stream() + .filter(feature -> { + if (Objects.isNull(resolvePermission)) { + // 未解析到标签兼容历史情况 + return true; + } + return !Sets.intersection(feature.getTags(), resolvePermission.getTags()).isEmpty(); + }) + .collect(Collectors.toSet()); + e.setFeatureInfos(featureInfos); + e.setSimpleFeatureInfos(featureInfos.stream() + .map(ListPermissionFromRoleGroupResp.FeatureInfo::getFeatureId) + .collect(Collectors.toSet())); }) .collect(Collectors.toList()); } @@ -1010,15 +1010,23 @@ public class TyrSaasAuthServiceImpl implements TyrSaasAuthService { LogUtil.error(" find role info error,role id:{}", roleId); return Collections.emptySet(); } + List permissionDTOS = rolePermissions.get(roleId); + if (CollectionUtils.isEmpty(permissionDTOS)) { + return Collections.emptySet(); + } - Set productPermissionIds = workspaceProductPermissions.get(e.getWorkspaceId()).stream() + List productPermissions = workspaceProductPermissions.get(e.getWorkspaceId()); + if (CollectionUtils.isEmpty(productPermissions)) { + return Collections.emptySet(); + } + Set productPermissionIds = productPermissions.stream() .map(WorkspaceProductService.ProductPermission::getPermissions) .flatMap(Collection::stream) .filter(productPermission -> Objects.equals(productPermission.getCooperateType(), String.valueOf(saasRole.getProductUnitType()))) .map(ProductPermissionCacheService.PermissionDTO::getFeatureId) .collect(Collectors.toSet()); - return rolePermissions.get(roleId).stream() + return permissionDTOS.stream() .filter(rolePermission -> productPermissionIds.contains(rolePermission.getFeatureId())) .collect(Collectors.toSet()); }, (oldFeatureLists, newFeatureLists) -> { diff --git a/tyr-server/src/main/java/cn/axzo/tyr/server/service/impl/WorkspaceProductServiceImpl.java b/tyr-server/src/main/java/cn/axzo/tyr/server/service/impl/WorkspaceProductServiceImpl.java index 5ba05c20..9d7731f5 100644 --- a/tyr-server/src/main/java/cn/axzo/tyr/server/service/impl/WorkspaceProductServiceImpl.java +++ b/tyr-server/src/main/java/cn/axzo/tyr/server/service/impl/WorkspaceProductServiceImpl.java @@ -218,6 +218,9 @@ public class WorkspaceProductServiceImpl implements WorkspaceProductService { ProductPermissionCacheService.ListProductPermissionParam listProductPermissionParam = ProductPermissionCacheService.ListProductPermissionParam.builder() .productIds(productIds) .featureCodes(param.getFeatureCodes()) + .appType(param.getAppType()) + .itemCode(param.getItemCode()) + .terminal(param.getTerminal()) .build(); Map> productPermissionMap = productPermissionCacheService.list(listProductPermissionParam); diff --git a/tyr-server/src/test/java/cn/axzo/tyr/base/TestConfig.java b/tyr-server/src/test/java/cn/axzo/tyr/base/TestConfig.java index 39332068..2a5c4aaa 100644 --- a/tyr-server/src/test/java/cn/axzo/tyr/base/TestConfig.java +++ b/tyr-server/src/test/java/cn/axzo/tyr/base/TestConfig.java @@ -4,6 +4,7 @@ import cn.axzo.apollo.workspace.api.workspace.WorkspaceApi; import cn.axzo.basics.profiles.api.UserProfileServiceApi; import cn.axzo.framework.rocketmq.Event; import cn.axzo.framework.rocketmq.EventProducer; +import cn.axzo.maokai.api.client.OrgUserApi; import cn.axzo.thrones.client.saas.ServicePkgClient; import com.alibaba.fastjson.JSONObject; import lombok.extern.slf4j.Slf4j; @@ -49,6 +50,8 @@ public class TestConfig { private WorkspaceApi workspaceApi; @MockBean private UserProfileServiceApi userProfileServiceApi; + @MockBean + private OrgUserApi orgUserApi; @Bean @Primary diff --git a/tyr-server/src/test/java/cn/axzo/tyr/server/controller/v2/RoleUserV2ControllerTest.java b/tyr-server/src/test/java/cn/axzo/tyr/server/controller/v2/RoleUserV2ControllerTest.java index ef492eef..f69bfe8d 100644 --- a/tyr-server/src/test/java/cn/axzo/tyr/server/controller/v2/RoleUserV2ControllerTest.java +++ b/tyr-server/src/test/java/cn/axzo/tyr/server/controller/v2/RoleUserV2ControllerTest.java @@ -5,6 +5,13 @@ import cn.axzo.apollo.workspace.api.workspace.WorkspaceApi; import cn.axzo.apollo.workspace.api.workspace.res.SimpleWorkspaceRes; import cn.axzo.basics.profiles.api.UserProfileServiceApi; import cn.axzo.basics.profiles.dto.basic.PersonProfileDto; +import cn.axzo.framework.domain.web.result.ApiListResult; +import cn.axzo.maokai.api.client.OrgUserApi; +import cn.axzo.maokai.api.vo.response.OrgUserRes; +import cn.axzo.maokai.common.enums.OrgUserStatusEnum; +import cn.axzo.thrones.client.saas.ServicePkgClient; +import cn.axzo.thrones.client.saas.entity.serivicepgkproduct.ServicePkgProduct; +import cn.axzo.thrones.client.saas.entity.servicepkg.ServicePkgDetailRes; import cn.axzo.tyr.base.BaseTest; import cn.axzo.tyr.base.MysqlDataLoader; import cn.axzo.tyr.client.common.enums.FeatureResourceType; @@ -60,6 +67,10 @@ class RoleUserV2ControllerTest extends BaseTest { private SaasRoleUserRelationService saasRoleUserRelationService; @Autowired private TyrSaasAuthService tyrSaasAuthService; + @Autowired + private OrgUserApi orgUserApi; + @Autowired + private ServicePkgClient servicePkgClient; @BeforeEach @Override @@ -1098,26 +1109,108 @@ class RoleUserV2ControllerTest extends BaseTest { */ @Test void pageV2() { + + Mockito.when(orgUserApi.listOrgUser(Mockito.any())) + .thenReturn(ApiListResult.ok(Lists.newArrayList(OrgUserRes.builder() + .workspaceId(3L) + .ouId(4L) + .personId(3135L) + .status(OrgUserStatusEnum.JOINED) + .build(), + OrgUserRes.builder() + .workspaceId(3L) + .ouId(4L) + .personId(3470L) + .status(OrgUserStatusEnum.LEAVE) + .build()))); + ServicePkgDetailRes servicePkgDetail = new ServicePkgDetailRes(); + servicePkgDetail.setSpaceId(3L); + ServicePkgProduct servicePkgProduct = new ServicePkgProduct(); + servicePkgProduct.setProductId(2L); + servicePkgDetail.setProducts(Lists.newArrayList(servicePkgProduct)); + Mockito.when(servicePkgClient.getServicePkgDetailBySpaceId(Mockito.any())) + .thenReturn(CommonResponse.success(Lists.newArrayList(servicePkgDetail))); // old List listPermissionFromRoleGroupResps = tyrSaasAuthService.listAuthByResourceAndRoleGroup(ListPermissionFromRoleGroupReq.builder() .categoryCode("cms:zb_org_group") .categoryType(1) + .findFeatureInfo(true) .build()); Assertions.assertEquals(listPermissionFromRoleGroupResps.size(), 2); - Assertions.assertEquals(listPermissionFromRoleGroupResps.get(0).getIdentityId(), 17L); - Assertions.assertEquals(listPermissionFromRoleGroupResps.get(0).getIdentityType(), 3); - Assertions.assertEquals(listPermissionFromRoleGroupResps.get(0).getPersonId(), 3135L); + Assertions.assertEquals(listPermissionFromRoleGroupResps.get(1).getIdentityId(), 17L); + Assertions.assertEquals(listPermissionFromRoleGroupResps.get(1).getIdentityType(), IdentityType.PRACTITIONER); + Assertions.assertEquals(listPermissionFromRoleGroupResps.get(1).getPersonId(), 3135L); + Assertions.assertEquals(listPermissionFromRoleGroupResps.get(1).getOuId(), 4L); + Assertions.assertEquals(listPermissionFromRoleGroupResps.get(1).getWorkspaceId(), 3L); + Assertions.assertEquals(listPermissionFromRoleGroupResps.get(1).getTeamOuId(), 0L); + Assertions.assertEquals(listPermissionFromRoleGroupResps.get(1).getResourceId(), 0L); + Assertions.assertEquals(listPermissionFromRoleGroupResps.get(1).getResourceType(), 0); + Assertions.assertEquals(listPermissionFromRoleGroupResps.get(1).getRoleGroupName(), "组织架构"); + Assertions.assertEquals(listPermissionFromRoleGroupResps.get(1).getRoleGroupCode(), "cms:zb_org_group"); + Assertions.assertEquals(listPermissionFromRoleGroupResps.get(1).getRoleId(), "100920"); + Assertions.assertEquals(listPermissionFromRoleGroupResps.get(1).getRoleName(), "工人管理"); + Assertions.assertEquals(listPermissionFromRoleGroupResps.get(1).getRoleCode(), "cms:zb_worker——management"); + Assertions.assertEquals(listPermissionFromRoleGroupResps.get(1).getPermissionGroupId(), 1211L); + Assertions.assertEquals(listPermissionFromRoleGroupResps.get(1).getSimpleFeatureInfos().size(), 3); + Assertions.assertTrue(listPermissionFromRoleGroupResps.get(1).getSimpleFeatureInfos().containsAll(Sets.newHashSet(101744L, 101745L, 101746L))); + Assertions.assertEquals(listPermissionFromRoleGroupResps.get(1).getFeatureInfos().size(), 3); + Assertions.assertEquals(Lists.newArrayList(listPermissionFromRoleGroupResps.get(1).getFeatureInfos()).get(0).getFeatureId(), 101745L); + Assertions.assertEquals(Lists.newArrayList(listPermissionFromRoleGroupResps.get(1).getFeatureInfos()).get(0).getRelationType(), 1); + Assertions.assertEquals(Lists.newArrayList(listPermissionFromRoleGroupResps.get(1).getFeatureInfos()).get(0).getTags().size(), 1); + Assertions.assertTrue(Lists.newArrayList(listPermissionFromRoleGroupResps.get(1).getFeatureInfos()).get(0).getTags() + .containsAll(Sets.newHashSet(cn.axzo.tyr.client.model.enums.RolePermissionTagEnum.JOINED))); + + + listPermissionFromRoleGroupResps = tyrSaasAuthService.listAuthByResourceAndRoleGroup(ListPermissionFromRoleGroupReq.builder() + .categoryCode("cms:zb_cost_group") + .categoryType(2) + .findFeatureInfo(true) + .build()); + Assertions.assertEquals(listPermissionFromRoleGroupResps.size(), 9); + Assertions.assertEquals(listPermissionFromRoleGroupResps.get(0).getIdentityId(), 36L); + Assertions.assertEquals(listPermissionFromRoleGroupResps.get(0).getIdentityType(), IdentityType.PRACTITIONER); + Assertions.assertEquals(listPermissionFromRoleGroupResps.get(0).getPersonId(), 3470L); Assertions.assertEquals(listPermissionFromRoleGroupResps.get(0).getOuId(), 4L); Assertions.assertEquals(listPermissionFromRoleGroupResps.get(0).getWorkspaceId(), 3L); Assertions.assertEquals(listPermissionFromRoleGroupResps.get(0).getTeamOuId(), 0L); Assertions.assertEquals(listPermissionFromRoleGroupResps.get(0).getResourceId(), 0L); Assertions.assertEquals(listPermissionFromRoleGroupResps.get(0).getResourceType(), 0); - Assertions.assertEquals(listPermissionFromRoleGroupResps.get(0).getRoleGroupName(), "组织架构"); - Assertions.assertEquals(listPermissionFromRoleGroupResps.get(0).getRoleGroupCode(), "cms:zb_org_group"); - Assertions.assertEquals(listPermissionFromRoleGroupResps.get(0).getRoleId(), 100920L); - Assertions.assertEquals(listPermissionFromRoleGroupResps.get(0).getRoleName(), "工人管理"); - Assertions.assertEquals(listPermissionFromRoleGroupResps.get(0).getRoleCode(), 2); - Assertions.assertEquals(listPermissionFromRoleGroupResps.get(0).getPermissionGroupId(), 2); + Assertions.assertEquals(listPermissionFromRoleGroupResps.get(0).getRoleGroupName(), "成本管理"); + Assertions.assertEquals(listPermissionFromRoleGroupResps.get(0).getRoleGroupCode(), "cms:zb_cost_group"); + Assertions.assertEquals(listPermissionFromRoleGroupResps.get(0).getRoleId(), "100923"); + Assertions.assertEquals(listPermissionFromRoleGroupResps.get(0).getRoleName(), "查看合约"); + Assertions.assertEquals(listPermissionFromRoleGroupResps.get(0).getRoleCode(), "cms:zb_contact_view"); + Assertions.assertEquals(listPermissionFromRoleGroupResps.get(0).getPermissionGroupId(), 1214L); + Assertions.assertEquals(listPermissionFromRoleGroupResps.get(0).getSimpleFeatureInfos().size(), 0); + + listPermissionFromRoleGroupResps = tyrSaasAuthService.listAuthByResourceAndRoleGroup(ListPermissionFromRoleGroupReq.builder() + .categoryCode("cms:zb_cost_group") + .categoryType(3) + .build()); + Assertions.assertEquals(listPermissionFromRoleGroupResps.size(), 8); + Assertions.assertEquals(listPermissionFromRoleGroupResps.get(0).getIdentityId(), 14L); + Assertions.assertEquals(listPermissionFromRoleGroupResps.get(0).getIdentityType(), IdentityType.PRACTITIONER); + Assertions.assertEquals(listPermissionFromRoleGroupResps.get(0).getPersonId(), 0L); + Assertions.assertEquals(listPermissionFromRoleGroupResps.get(0).getOuId(), 4L); + Assertions.assertEquals(listPermissionFromRoleGroupResps.get(0).getWorkspaceId(), 3L); + Assertions.assertEquals(listPermissionFromRoleGroupResps.get(0).getTeamOuId(), 0L); + Assertions.assertEquals(listPermissionFromRoleGroupResps.get(0).getResourceId(), 0L); + Assertions.assertEquals(listPermissionFromRoleGroupResps.get(0).getResourceType(), 0); + Assertions.assertEquals(listPermissionFromRoleGroupResps.get(0).getRoleGroupName(), "工人管理"); + Assertions.assertEquals(listPermissionFromRoleGroupResps.get(0).getRoleGroupCode(), "cms:zb_cost_group2"); + Assertions.assertEquals(listPermissionFromRoleGroupResps.get(0).getRoleId(), "100921"); + Assertions.assertEquals(listPermissionFromRoleGroupResps.get(0).getRoleName(), "查看组织架构"); + Assertions.assertEquals(listPermissionFromRoleGroupResps.get(0).getRoleCode(), "cms:zb_org_view"); + Assertions.assertEquals(listPermissionFromRoleGroupResps.get(0).getPermissionGroupId(), 1212L); + // old + + roleUserV2Controller.page(PageRoleUserReq.builder() + .roleGroupCode("cms:zb_org_group") + .needRole(true) + .needFeatureResources(true) + .build()) + .getData() + .getData(); } } \ No newline at end of file diff --git a/tyr-server/src/test/resources/mysql/RoleUserV2ControllerTest.sql b/tyr-server/src/test/resources/mysql/RoleUserV2ControllerTest.sql index 7369b1b5..b823e51b 100644 --- a/tyr-server/src/test/resources/mysql/RoleUserV2ControllerTest.sql +++ b/tyr-server/src/test/resources/mysql/RoleUserV2ControllerTest.sql @@ -100,7 +100,76 @@ VALUES (104, '2', '1', '组织架构', -1, -1, 14, 4, 'cms:zb_org_group', '', 0, INSERT INTO saas_role_group (id, workspace_type_code, ou_type_code, name, workspace_id, ou_id, parent_id, sort, code, category_code, is_delete, create_at, update_at, path) VALUES (105, '2', '1', '成本管理', -1, -1, 14, 5, 'cms:zb_cost_group', '', 0, '2024-09-25 11:51:55', '2024-09-25 11:51:55', '14,105,'); INSERT INTO saas_role_group (id, workspace_type_code, ou_type_code, name, workspace_id, ou_id, parent_id, sort, code, category_code, is_delete, create_at, update_at, path) -VALUES (106, '2', '1', '工人管理', -1, -1, 105, 5, 'cms:zb_cost_group', '', 0, '2024-09-25 11:51:55', '2024-09-25 11:51:55', '14,105,106,'); +VALUES (106, '2', '1', '工人管理', -1, -1, 105, 5, 'cms:zb_cost_group2', '', 0, '2024-09-25 11:51:55', '2024-09-25 11:51:55', '14,105,106,'); + +INSERT INTO product_module (id, icon, product_type, product_name, dict_workspace_type_id, dict_workspace_type_code, status, common_product, remark, auth_type, ou_type, is_delete, create_by, create_at, update_at, update_by, category, version, max_person_count, max_workspace_count, price, skus, material) +VALUES (2, 'https://axzo-public.oss-cn-chengdu.aliyuncs.com/oms/test/1695286111017-Snipaste_09-13 16-24.png', 2, '项目基础', 2, '2', 1, 1, '', 1, null, 0, 0, '2022-08-17 19:46:11', '2024-12-12 15:37:27', 89601, 'GENERAL_SERVICE', 0, 0, 0, 0, NULL, NULL); + +INSERT INTO saas_product_module_feature_relation (id, product_module_id, dict_code_id, dict_code, feature_id, is_delete, create_at, update_at, create_by, update_by, type, feature_type, terminal) +VALUES (1257742, 2, 7, '1', 101744, 0, '2024-08-20 17:54:00', '2024-08-20 17:54:00', 0, 0, 1, 0, ''); +INSERT INTO saas_product_module_feature_relation (id, product_module_id, dict_code_id, dict_code, feature_id, is_delete, create_at, update_at, create_by, update_by, type, feature_type, terminal) +VALUES (1257743, 2, 7, '1', 101745, 0, '2024-08-20 17:54:00', '2024-08-20 17:54:00', 0, 0, 1, 0, ''); +INSERT INTO saas_product_module_feature_relation (id, product_module_id, dict_code_id, dict_code, feature_id, is_delete, create_at, update_at, create_by, update_by, type, feature_type, terminal) +VALUES (1257744, 2, 7, '1', 101746, 0, '2024-08-20 17:54:00', '2024-08-20 17:54:00', 0, 0, 1, 0, ''); +INSERT INTO saas_product_module_feature_relation (id, product_module_id, dict_code_id, dict_code, feature_id, is_delete, create_at, update_at, create_by, update_by, type, feature_type, terminal) +VALUES (1257745, 2, 7, '1', 4443, 0, '2024-08-20 17:54:00', '2024-08-20 17:54:00', 0, 0, 1, 0, ''); +INSERT INTO saas_product_module_feature_relation (id, product_module_id, dict_code_id, dict_code, feature_id, is_delete, create_at, update_at, create_by, update_by, type, feature_type, terminal) +VALUES (1257746, 2, 7, '1', 4416, 0, '2024-08-20 17:54:00', '2024-08-20 17:54:00', 0, 0, 1, 0, ''); +INSERT INTO saas_product_module_feature_relation (id, product_module_id, dict_code_id, dict_code, feature_id, is_delete, create_at, update_at, create_by, update_by, type, feature_type, terminal) +VALUES (1257747, 2, 7, '1', 4417, 0, '2024-08-20 17:54:00', '2024-08-20 17:54:00', 0, 0, 1, 0, ''); +INSERT INTO saas_product_module_feature_relation (id, product_module_id, dict_code_id, dict_code, feature_id, is_delete, create_at, update_at, create_by, update_by, type, feature_type, terminal) +VALUES (1257748, 2, 7, '1', 4418, 0, '2024-08-20 17:54:00', '2024-08-20 17:54:00', 0, 0, 1, 0, ''); +INSERT INTO saas_product_module_feature_relation (id, product_module_id, dict_code_id, dict_code, feature_id, is_delete, create_at, update_at, create_by, update_by, type, feature_type, terminal) +VALUES (1257749, 2, 7, '1', 4419, 0, '2024-08-20 17:54:00', '2024-08-20 17:54:00', 0, 0, 1, 0, ''); +INSERT INTO saas_product_module_feature_relation (id, product_module_id, dict_code_id, dict_code, feature_id, is_delete, create_at, update_at, create_by, update_by, type, feature_type, terminal) +VALUES (1257750, 2, 7, '1', 4420, 0, '2024-08-20 17:54:00', '2024-08-20 17:54:00', 0, 0, 1, 0, ''); +INSERT INTO saas_product_module_feature_relation (id, product_module_id, dict_code_id, dict_code, feature_id, is_delete, create_at, update_at, create_by, update_by, type, feature_type, terminal) +VALUES (1257751, 2, 7, '1', 912, 0, '2024-08-20 17:54:00', '2024-08-20 17:54:00', 0, 0, 1, 0, ''); + +INSERT INTO saas_page_element_feature_resource_relation (id, page_element_code, feature_resource_uni_code, type, terminal, create_at, update_at, create_by, update_by, is_delete) +VALUES (14744, 'cms:pro_construction_contract_management', 'cms:pro_contract_management_7701', 1, 'NT_CMS_WEB_GENERAL', '2024-07-10 20:39:15', '2024-07-10 20:39:15', null, null, 0); +INSERT INTO saas_page_element_feature_resource_relation (id, page_element_code, feature_resource_uni_code, type, terminal, create_at, update_at, create_by, update_by, is_delete) +VALUES (18070, 'cms:pro_construction_contract_management', 'cms:pro_contract_management_7701', 0, 'NT_CMS_WEB_GENERAL', '2024-07-16 09:56:12', '2024-07-16 09:56:11', 25923, null, 0); +INSERT INTO saas_page_element_feature_resource_relation (id, page_element_code, feature_resource_uni_code, type, terminal, create_at, update_at, create_by, update_by, is_delete) +VALUES (18079, 'cms:pro_construction_contract_detail', 'cms:pro_contract_detail_7707', 0, 'NT_CMS_WEB_GENERAL', '2024-07-16 09:56:12', '2024-07-16 09:56:11', 25923, null, 0); +INSERT INTO saas_page_element_feature_resource_relation (id, page_element_code, feature_resource_uni_code, type, terminal, create_at, update_at, create_by, update_by, is_delete) +VALUES (18080, 'cms:pro_construction_contract_detail_inventory_submit_audit', 'cms:pro_contract_detail_7707', 0, 'NT_CMS_WEB_GENERAL', '2024-07-16 09:56:12', '2024-07-16 09:56:11', 25923, null, 0); +INSERT INTO saas_page_element_feature_resource_relation (id, page_element_code, feature_resource_uni_code, type, terminal, create_at, update_at, create_by, update_by, is_delete) +VALUES (24219, 'h5:cmp_user_manage_worker_jump_to_team_btn', 'cmp:pro_team_list_0443', 0, 'NT_CMP_APP_GENERAL', '2024-08-28 10:53:36', '2024-08-28 10:53:36', 25923, null, 0); +INSERT INTO saas_page_element_feature_resource_relation (id, page_element_code, feature_resource_uni_code, type, terminal, create_at, update_at, create_by, update_by, is_delete) +VALUES (24220, 'h5:cmp_user_manage_worker_page', 'cmp:pro_team_list_0443', 0, 'NT_CMP_APP_GENERAL', '2024-08-28 10:53:36', '2024-08-28 10:53:36', 25923, null, 0); +INSERT INTO saas_page_element_feature_resource_relation (id, page_element_code, feature_resource_uni_code, type, terminal, create_at, update_at, create_by, update_by, is_delete) +VALUES (24221, 'h5:cmp_user_manage_worker_labor_audit_btn', 'cmp:pro_worker_invite_recorder_0445', 0, 'NT_CMP_APP_GENERAL', '2024-08-28 10:53:36', '2024-08-28 10:53:36', 25923, null, 0); +INSERT INTO saas_page_element_feature_resource_relation (id, page_element_code, feature_resource_uni_code, type, terminal, create_at, update_at, create_by, update_by, is_delete) +VALUES (24222, 'h5:cmp_user_manage_worker_page', 'cmp:pro_worker_invite_recorder_0445', 0, 'NT_CMP_APP_GENERAL', '2024-08-28 10:53:36', '2024-08-28 10:53:36', 25923, null, 0); +INSERT INTO saas_page_element_feature_resource_relation (id, page_element_code, feature_resource_uni_code, type, terminal, create_at, update_at, create_by, update_by, is_delete) +VALUES (24223, 'h5:cmp_user_manage_labor_audit_page', 'cmp:pro_worker_invite_recorder_0445', 0, 'NT_CMP_APP_GENERAL', '2024-08-28 10:53:36', '2024-08-28 10:53:36', 25923, null, 0); +INSERT INTO saas_page_element_feature_resource_relation (id, page_element_code, feature_resource_uni_code, type, terminal, create_at, update_at, create_by, update_by, is_delete) +VALUES (24224, 'h5:cmp_user_manage_labor_audit_detail_btn', 'cmp:pro_worker_invite_recorder_0445', 0, 'NT_CMP_APP_GENERAL', '2024-08-28 10:53:36', '2024-08-28 10:53:36', 25923, null, 0); +INSERT INTO saas_page_element_feature_resource_relation (id, page_element_code, feature_resource_uni_code, type, terminal, create_at, update_at, create_by, update_by, is_delete) +VALUES (24225, 'h5:cmp_user_manage_worker_on_site_audit_btn', 'cmp:pro_team_leader_invite_recorder_0446', 0, 'NT_CMP_APP_GENERAL', '2024-08-28 10:53:36', '2024-08-28 10:53:36', 25923, null, 0); + + +INSERT INTO saas_page_element (id, group_code, code, name, type, link_url, terminal, create_at, update_at, is_delete, create_name, app_type, version, item_code, link_ext, app_id, item_name, ext, create_by, update_by) +VALUES (718447, 'cms:pro_construction_contract_management', 'cms:pro_construction_contract_management', '合约管理', 'PAGE', '/netConstruction/construction/contract-manage', 'NT_CMS_WEB_GENERAL', '2024-10-29 15:07:38', '2024-12-03 14:55:23', 0, '杜才伟-18682489918', 'PC', 0, 'CMS_COMMON', '', '', '单位组织', '{"applications": [{"type": "IOS", "minVersion": 0}, {"type": "ANDROID", "minVersion": 0}]}', null, 9000404098); +INSERT INTO saas_page_element (id, group_code, code, name, type, link_url, terminal, create_at, update_at, is_delete, create_name, app_type, version, item_code, link_ext, app_id, item_name, ext, create_by, update_by) +VALUES (718451, 'cms:pro_construction_contract_detail', 'cms:pro_construction_contract_detail', '合约详情', 'PAGE', '/netConstruction/construction/contract-manage/contract-detail', 'NT_CMS_WEB_GENERAL', '2024-10-29 15:07:38', '2024-12-03 14:55:23', 0, '杜才伟-18682489918', 'PC', 0, 'CMS_COMMON', '', '', '单位组织', '{"applications": [{"type": "IOS", "minVersion": 0}, {"type": "ANDROID", "minVersion": 0}]}', null, 9000404098); +INSERT INTO saas_page_element (id, group_code, code, name, type, link_url, terminal, create_at, update_at, is_delete, create_name, app_type, version, item_code, link_ext, app_id, item_name, ext, create_by, update_by) +VALUES (718455, 'cms:pro_construction_contract_detail', 'cms:pro_construction_contract_detail_inventory_submit_audit', '合约详情-提交审批', 'COMPONENT', '', 'NT_CMS_WEB_GENERAL', '2024-10-29 15:07:38', '2024-12-03 14:55:25', 0, '杜才伟-18682489918', 'PC', 0, 'CMS_COMMON', '', '', '单位组织', '{"applications": [{"type": "IOS", "minVersion": 0}, {"type": "ANDROID", "minVersion": 0}]}', null, 9000404098); +INSERT INTO saas_page_element (id, group_code, code, name, type, link_url, terminal, create_at, update_at, is_delete, create_name, app_type, version, item_code, link_ext, app_id, item_name, ext, create_by, update_by) +VALUES (369205, 'h5:cmp_user_manage_worker_page', 'h5:cmp_user_manage_worker_jump_to_team_btn', '人员管理-施工人员-跳转班组', 'COMPONENT', '', 'NT_CMP_APP_GENERAL', '2024-08-29 09:18:41', '2024-11-28 16:09:41', 0, '', 'H5', 0, 'h5:user_manage_D9B0186', '', '__UNI__D9B0186', '人员管理H5', '{"applications": [{"type": "IOS", "minVersion": 0}, {"type": "ANDROID", "minVersion": 0}]}', null, null); +INSERT INTO saas_page_element (id, group_code, code, name, type, link_url, terminal, create_at, update_at, is_delete, create_name, app_type, version, item_code, link_ext, app_id, item_name, ext, create_by, update_by) +VALUES (369197, 'h5:cmp_user_manage_worker_page', 'h5:cmp_user_manage_worker_page', '人员管理-施工人员', 'PAGE', '__UNI__D9B0186#/pages/worker/index', 'NT_CMP_APP_GENERAL', '2024-08-29 09:18:40', '2024-11-28 16:09:41', 0, '', 'H5', 0, 'h5:user_manage_D9B0186', '', '__UNI__D9B0186', '人员管理H5', '{"applications": [{"type": "IOS", "minVersion": 0}, {"type": "ANDROID", "minVersion": 0}]}', null, null); +INSERT INTO saas_page_element (id, group_code, code, name, type, link_url, terminal, create_at, update_at, is_delete, create_name, app_type, version, item_code, link_ext, app_id, item_name, ext, create_by, update_by) +VALUES (369202, 'h5:cmp_user_manage_worker_page', 'h5:cmp_user_manage_worker_labor_audit_btn', '人员管理-施工人员-劳务审核', 'COMPONENT', '', 'NT_CMP_APP_GENERAL', '2024-08-29 09:18:41', '2024-11-28 16:09:41', 0, '', 'H5', 0, 'h5:user_manage_D9B0186', '', '__UNI__D9B0186', '人员管理H5', '{"applications": [{"type": "IOS", "minVersion": 0}, {"type": "ANDROID", "minVersion": 0}]}', null, null); +INSERT INTO saas_page_element (id, group_code, code, name, type, link_url, terminal, create_at, update_at, is_delete, create_name, app_type, version, item_code, link_ext, app_id, item_name, ext, create_by, update_by) +VALUES (369218, 'h5:cmp_user_manage_labor_audit_page', 'h5:cmp_user_manage_labor_audit_page', '人员管理-劳务审核', 'PAGE', '__UNI__D9B0186#/pages/labour/verify/index', 'NT_CMP_APP_GENERAL', '2024-08-29 09:18:42', '2024-11-28 16:09:41', 0, '', 'H5', 0, 'h5:user_manage_D9B0186', '', '__UNI__D9B0186', '人员管理H5', '{"applications": [{"type": "IOS", "minVersion": 0}, {"type": "ANDROID", "minVersion": 0}]}', null, null); +INSERT INTO saas_page_element (id, group_code, code, name, type, link_url, terminal, create_at, update_at, is_delete, create_name, app_type, version, item_code, link_ext, app_id, item_name, ext, create_by, update_by) +VALUES (369219, 'h5:cmp_user_manage_labor_audit_page', 'h5:cmp_user_manage_labor_audit_detail_btn', '人员管理-劳务审核-详情', 'COMPONENT', '', 'NT_CMP_APP_GENERAL', '2024-08-29 09:18:42', '2024-11-28 16:09:41', 0, '', 'H5', 0, 'h5:user_manage_D9B0186', '', '__UNI__D9B0186', '人员管理H5', '{"applications": [{"type": "IOS", "minVersion": 0}, {"type": "ANDROID", "minVersion": 0}]}', null, null); +INSERT INTO saas_page_element (id, group_code, code, name, type, link_url, terminal, create_at, update_at, is_delete, create_name, app_type, version, item_code, link_ext, app_id, item_name, ext, create_by, update_by) +VALUES (369203, 'h5:cmp_user_manage_worker_page', 'h5:cmp_user_manage_worker_on_site_audit_btn', '人员管理-施工人员-进场审核', 'COMPONENT', '', 'NT_CMP_APP_GENERAL', '2024-08-29 09:18:41', '2024-11-28 16:09:41', 0, '', 'H5', 0, 'h5:user_manage_D9B0186', '', '__UNI__D9B0186', '人员管理H5', '{"applications": [{"type": "IOS", "minVersion": 0}, {"type": "ANDROID", "minVersion": 0}]}', null, null); +INSERT INTO saas_page_element (id, group_code, code, name, type, link_url, terminal, create_at, update_at, is_delete, create_name, app_type, version, item_code, link_ext, app_id, item_name, ext, create_by, update_by) +VALUES (369216, 'h5:cmp_user_manage_on_site_audit_page', 'h5:cmp_user_manage_on_site_audit_page', '人员管理-进场审核', 'PAGE', '__UNI__D9B0186#/pages/labour/enterAudit/index', 'NT_CMP_APP_GENERAL', '2024-08-29 09:18:42', '2024-11-28 16:09:41', 0, '', 'H5', 0, 'h5:user_manage_D9B0186', '', '__UNI__D9B0186', '人员管理H5', '{"applications": [{"type": "IOS", "minVersion": 0}, {"type": "ANDROID", "minVersion": 0}]}', null, null); #-->SaasRoleUserRelationServiceImplTest.sql \ No newline at end of file diff --git a/tyr-server/src/test/resources/mysql/schema.sql b/tyr-server/src/test/resources/mysql/schema.sql index 08089ce3..6a4ff1f4 100644 --- a/tyr-server/src/test/resources/mysql/schema.sql +++ b/tyr-server/src/test/resources/mysql/schema.sql @@ -205,6 +205,7 @@ CREATE TABLE `saas_page_element_feature_resource_relation` ( `id` bigint NOT NULL AUTO_INCREMENT COMMENT '自增主键ID', `page_element_code` varchar(64) NOT NULL COMMENT '页面元素code', `feature_resource_uni_code` varchar(64) NOT NULL COMMENT '菜单组件code', + `type` tinyint default 0 not null comment '绑定类型:0(默认类型) 1(页面默认路由)', `terminal` varchar(32) NOT NULL DEFAULT '' COMMENT '资源所属端', `create_at` datetime DEFAULT CURRENT_TIMESTAMP COMMENT '创建时间', `update_at` datetime DEFAULT CURRENT_TIMESTAMP ON UPDATE CURRENT_TIMESTAMP COMMENT '更新时间',