Merge remote-tracking branch 'origin/master' into feature/REQ-2750
# Conflicts: # tyr-server/src/main/java/cn/axzo/tyr/server/service/impl/SaasRoleUserRelationServiceImpl.java # tyr-server/src/main/java/cn/axzo/tyr/server/service/impl/TyrSaasAuthServiceImpl.java
This commit is contained in:
lilong
commit
19ae1ee0d0
@ -63,4 +63,11 @@ public enum RoleTypeEnum {
|
||||
.map(RoleTypeEnum::getValue)
|
||||
.collect(Collectors.toList());
|
||||
}
|
||||
|
||||
public static List<String> listNormal() {
|
||||
return Arrays.stream(values())
|
||||
.filter(e -> !e.isAdmin)
|
||||
.map(RoleTypeEnum::getValue)
|
||||
.collect(Collectors.toList());
|
||||
}
|
||||
}
|
||||
|
||||
@ -1,11 +1,15 @@
|
||||
package cn.axzo.tyr.client.feign;
|
||||
|
||||
import cn.axzo.foundation.page.PageResp;
|
||||
import cn.axzo.framework.domain.web.result.ApiResult;
|
||||
import cn.axzo.tyr.client.model.req.DeleteFeatureResourceReq;
|
||||
import cn.axzo.tyr.client.model.req.DetailFeatureResourceReq;
|
||||
import cn.axzo.tyr.client.model.req.FeatureResourceTreeSaveReq;
|
||||
import cn.axzo.tyr.client.model.req.GetFeatureResourceTreeReq;
|
||||
import cn.axzo.tyr.client.model.req.PageSaasFeatureResourceReq;
|
||||
import cn.axzo.tyr.client.model.req.ResourceSyncReq;
|
||||
import cn.axzo.tyr.client.model.res.FeatureResourceTreeNode;
|
||||
import cn.axzo.tyr.client.model.res.SaasFeatureResourceResp;
|
||||
import org.springframework.cloud.openfeign.FeignClient;
|
||||
import org.springframework.validation.annotation.Validated;
|
||||
import org.springframework.web.bind.annotation.GetMapping;
|
||||
@ -53,10 +57,18 @@ public interface FeatureResourceApi {
|
||||
@PostMapping("/api/featureResource/reorder")
|
||||
ApiResult<Void> reorderFeatureTree(@RequestParam Long featureId, @RequestParam Integer offset);
|
||||
|
||||
/** 菜单详情 **/
|
||||
/**
|
||||
* 去掉,因为原接口入参只能只一个featureId,无法扩展,所以使用detailV2
|
||||
* @param featureId
|
||||
* @return
|
||||
*/
|
||||
@PostMapping("/api/featureResource/detail")
|
||||
@Deprecated
|
||||
ApiResult<FeatureResourceTreeNode> detail(@RequestParam Long featureId);
|
||||
|
||||
@PostMapping("/api/featureResource/detail/v2")
|
||||
ApiResult<FeatureResourceTreeNode> detailV2(@RequestBody @Valid DetailFeatureResourceReq req);
|
||||
|
||||
/** 从基准环境查询功能资源树 **/
|
||||
@PostMapping("/api/featureResource/getBaseTree")
|
||||
ApiResult<List<FeatureResourceTreeNode>> getBaseTree(@RequestBody @Valid GetFeatureResourceTreeReq req);
|
||||
@ -64,4 +76,10 @@ public interface FeatureResourceApi {
|
||||
/** 通过featureResourceIds查询对应的featureCode **/
|
||||
@PostMapping("/api/featureResource/listFeatureCodeByFeatureResourceIds")
|
||||
ApiResult<Map<Long, String>> listFeatureCodeByFeatureResourceIds(@RequestParam List<Long> featureResourceIds);
|
||||
|
||||
@PostMapping("/api/featureResource/list")
|
||||
ApiResult<List<SaasFeatureResourceResp>> list(@Validated @RequestBody PageSaasFeatureResourceReq param);
|
||||
|
||||
@PostMapping("/api/featureResource/page")
|
||||
ApiResult<PageResp<SaasFeatureResourceResp>> page(@Validated @RequestBody PageSaasFeatureResourceReq param);
|
||||
}
|
||||
|
||||
@ -1,6 +1,7 @@
|
||||
package cn.axzo.tyr.client.feign;
|
||||
|
||||
import cn.axzo.framework.domain.web.result.ApiResult;
|
||||
import cn.axzo.tyr.client.model.req.BatchPermissionCheckReq;
|
||||
import cn.axzo.tyr.client.model.req.ListPermissionFeatureReq;
|
||||
import cn.axzo.tyr.client.model.req.NavTreeReq;
|
||||
import cn.axzo.tyr.client.model.req.PagePermissionReq;
|
||||
@ -8,6 +9,7 @@ import cn.axzo.tyr.client.model.req.PagePermissionResp;
|
||||
import cn.axzo.tyr.client.model.req.PermissionCheckReq;
|
||||
import cn.axzo.tyr.client.model.req.TreePermissionReq;
|
||||
import cn.axzo.tyr.client.model.req.TreeProductFeatureResourceReq;
|
||||
import cn.axzo.tyr.client.model.res.BatchPermissionCheckRes;
|
||||
import cn.axzo.tyr.client.model.res.FeatureResourceDTO;
|
||||
import cn.axzo.tyr.client.model.res.ListPermissionFeatureResp;
|
||||
import cn.axzo.tyr.client.model.res.NavTreeResp;
|
||||
@ -44,6 +46,14 @@ public interface PermissionQueryApi {
|
||||
@PostMapping(value = "/api/v3/permission/query/hasPermission")
|
||||
ApiResult<Boolean> hasPermission(@RequestBody @Valid PermissionCheckReq req);
|
||||
|
||||
/**
|
||||
* 批量鉴权
|
||||
* @param req
|
||||
* @return
|
||||
*/
|
||||
@PostMapping(value = "/api/v3/permission/query/hasPermission/batch")
|
||||
ApiResult<BatchPermissionCheckRes> hasPermissionBatch(@RequestBody @Valid BatchPermissionCheckReq req);
|
||||
|
||||
/**
|
||||
* 查询租户的权限树
|
||||
* @param request
|
||||
|
||||
@ -156,6 +156,7 @@ public interface ProductApi {
|
||||
* @param terminal 政务端
|
||||
* @return {@link GovernmentTerminalResp}
|
||||
*/
|
||||
@Deprecated
|
||||
@GetMapping("api/auth/product/getGovernmentTerminal")
|
||||
ApiResult<List<GovernmentTerminalResp>> getGovernmentTerminal(@RequestParam @NotNull(message = "terminal不能为空") String terminal);
|
||||
|
||||
|
||||
@ -107,9 +107,13 @@ public interface TyrSaasRoleApi {
|
||||
*
|
||||
* @return
|
||||
*/
|
||||
@Deprecated
|
||||
@PostMapping("/api/saasRole/queryBatchByIdentityIdType")
|
||||
ApiResult<List<QueryBatchByIdentityIdTypeRes>> queryBatchByIdentityIdType(@RequestBody List<QueryByIdentityIdTypeReq> req);
|
||||
|
||||
@PostMapping("/api/saasRole/queryBatchByIdentityIdType/v2")
|
||||
ApiResult<List<QueryBatchByIdentityIdTypeRes>> queryBatchByIdentityIdTypeV2(@RequestBody List<QueryByIdentityIdTypeReq> req);
|
||||
|
||||
/**
|
||||
* 根据身份id身份类型查询是否为超管
|
||||
*
|
||||
|
||||
@ -0,0 +1,28 @@
|
||||
package cn.axzo.tyr.client.model.req;
|
||||
|
||||
import cn.axzo.tyr.client.model.base.WorkspaceOUPair;
|
||||
import lombok.AllArgsConstructor;
|
||||
import lombok.Builder;
|
||||
import lombok.Data;
|
||||
import lombok.NoArgsConstructor;
|
||||
|
||||
import javax.validation.constraints.NotBlank;
|
||||
import javax.validation.constraints.NotEmpty;
|
||||
import javax.validation.constraints.NotNull;
|
||||
import java.util.List;
|
||||
|
||||
@Data
|
||||
@Builder
|
||||
@NoArgsConstructor
|
||||
@AllArgsConstructor
|
||||
public class BatchPermissionCheckReq {
|
||||
|
||||
@NotNull(message = "personId不能为空")
|
||||
private Long personId;
|
||||
|
||||
@NotEmpty(message = "workspaceOUPairs不能为空")
|
||||
private List<WorkspaceOUPair> workspaceOUPairs;
|
||||
|
||||
@NotBlank(message = "itemCode不能为空")
|
||||
private String itemCode;
|
||||
}
|
||||
@ -0,0 +1,25 @@
|
||||
package cn.axzo.tyr.client.model.req;
|
||||
|
||||
import lombok.AllArgsConstructor;
|
||||
import lombok.Builder;
|
||||
import lombok.Data;
|
||||
import lombok.NoArgsConstructor;
|
||||
|
||||
import javax.validation.constraints.NotNull;
|
||||
|
||||
@Data
|
||||
@Builder
|
||||
@NoArgsConstructor
|
||||
@AllArgsConstructor
|
||||
public class DetailFeatureResourceReq {
|
||||
|
||||
@NotNull(message = "featureId不能为空")
|
||||
private Long featureId;
|
||||
|
||||
private Boolean needRole;
|
||||
|
||||
/**
|
||||
* 资源类型1-菜单 2-页面 3-应用入口 4-组件;5-root节点
|
||||
*/
|
||||
private Integer featureType;
|
||||
}
|
||||
@ -9,6 +9,10 @@ import lombok.*;
|
||||
@EqualsAndHashCode
|
||||
public class QueryByIdentityIdTypeReq {
|
||||
|
||||
/**
|
||||
* personId跟identityId、identityType不能混用
|
||||
* 只存在使用personId或者identityId\identityType
|
||||
*/
|
||||
Long identityId;
|
||||
|
||||
/**
|
||||
|
||||
@ -0,0 +1,34 @@
|
||||
package cn.axzo.tyr.client.model.res;
|
||||
|
||||
import lombok.AllArgsConstructor;
|
||||
import lombok.Builder;
|
||||
import lombok.Data;
|
||||
import lombok.NoArgsConstructor;
|
||||
|
||||
import java.util.List;
|
||||
|
||||
@Data
|
||||
@Builder
|
||||
@NoArgsConstructor
|
||||
@AllArgsConstructor
|
||||
public class BatchPermissionCheckRes {
|
||||
|
||||
private List<WorkspaceOuPermission> workspaceOuPermissions;
|
||||
|
||||
@Data
|
||||
@Builder
|
||||
@NoArgsConstructor
|
||||
@AllArgsConstructor
|
||||
public static class WorkspaceOuPermission {
|
||||
private Long ouId;
|
||||
|
||||
private Long workspaceId;
|
||||
|
||||
/**
|
||||
* true表示有权限
|
||||
* false表示没权限
|
||||
*/
|
||||
private Boolean permissionResult;
|
||||
}
|
||||
}
|
||||
|
||||
@ -8,6 +8,7 @@ import lombok.NoArgsConstructor;
|
||||
import lombok.experimental.SuperBuilder;
|
||||
|
||||
import java.util.List;
|
||||
import java.util.Set;
|
||||
|
||||
/**
|
||||
* 功能资源树形节点
|
||||
@ -26,6 +27,8 @@ public class FeatureResourceTreeNode extends FeatureResourceDTO implements IBase
|
||||
|
||||
private List<String> roleCodes;
|
||||
|
||||
private Set<Long> roleIds;
|
||||
|
||||
@JsonIgnore
|
||||
@Override
|
||||
public Long getNodeCode() {
|
||||
|
||||
@ -134,6 +134,9 @@ public class ListRoleUserRelationParam {
|
||||
@CriteriaField(ignore = true)
|
||||
private Set<String> roleCodes;
|
||||
|
||||
@CriteriaField(ignore = true)
|
||||
private List<BatchPerson> batchPersons;
|
||||
|
||||
@Data
|
||||
@Builder
|
||||
@NoArgsConstructor
|
||||
@ -151,4 +154,23 @@ public class ListRoleUserRelationParam {
|
||||
private Long ouId;
|
||||
}
|
||||
|
||||
@Data
|
||||
@Builder
|
||||
@NoArgsConstructor
|
||||
@AllArgsConstructor
|
||||
public static class BatchPerson {
|
||||
private Long identityId;
|
||||
|
||||
/**
|
||||
* 身份类型 1:工人 2:班组长 3:从业人员 4:监管人员 5:运营人员
|
||||
*/
|
||||
private Integer identityType;
|
||||
|
||||
private Long workspaceId;
|
||||
|
||||
private Long ouId;
|
||||
|
||||
private Long personId;
|
||||
}
|
||||
|
||||
}
|
||||
|
||||
@ -1,12 +1,16 @@
|
||||
package cn.axzo.tyr.server.controller.permission;
|
||||
|
||||
import cn.axzo.foundation.page.PageResp;
|
||||
import cn.axzo.framework.domain.web.result.ApiResult;
|
||||
import cn.axzo.tyr.client.feign.FeatureResourceApi;
|
||||
import cn.axzo.tyr.client.model.req.DeleteFeatureResourceReq;
|
||||
import cn.axzo.tyr.client.model.req.DetailFeatureResourceReq;
|
||||
import cn.axzo.tyr.client.model.req.FeatureResourceTreeSaveReq;
|
||||
import cn.axzo.tyr.client.model.req.GetFeatureResourceTreeReq;
|
||||
import cn.axzo.tyr.client.model.req.PageSaasFeatureResourceReq;
|
||||
import cn.axzo.tyr.client.model.req.ResourceSyncReq;
|
||||
import cn.axzo.tyr.client.model.res.FeatureResourceTreeNode;
|
||||
import cn.axzo.tyr.client.model.res.SaasFeatureResourceResp;
|
||||
import cn.axzo.tyr.server.service.FeatureResourceSyncService;
|
||||
import cn.axzo.tyr.server.service.SaasFeatureResourceService;
|
||||
import cn.hutool.core.collection.CollectionUtil;
|
||||
@ -76,7 +80,15 @@ public class FeatureResourceController implements FeatureResourceApi {
|
||||
@Override
|
||||
public ApiResult<FeatureResourceTreeNode> detail(Long featureId) {
|
||||
// 详情只查子集组件
|
||||
return ApiResult.ok(featureResourceService.getTreeFeatureDescendant(featureId, null));
|
||||
DetailFeatureResourceReq detailFeatureResourceReq = DetailFeatureResourceReq.builder()
|
||||
.featureId(featureId)
|
||||
.build();
|
||||
return ApiResult.ok(featureResourceService.getTreeFeatureDescendant(detailFeatureResourceReq));
|
||||
}
|
||||
|
||||
@Override
|
||||
public ApiResult<FeatureResourceTreeNode> detailV2(DetailFeatureResourceReq req) {
|
||||
return ApiResult.ok(featureResourceService.getTreeFeatureDescendant(req));
|
||||
}
|
||||
|
||||
@Override
|
||||
@ -93,4 +105,14 @@ public class FeatureResourceController implements FeatureResourceApi {
|
||||
public ApiResult<Map<Long, String>> listFeatureCodeByFeatureResourceIds(List<Long> featureResourceIds) {
|
||||
return ApiResult.ok(featureResourceSyncService.listFeatureCodeByFeatureResourceIds(featureResourceIds));
|
||||
}
|
||||
|
||||
@Override
|
||||
public ApiResult<List<SaasFeatureResourceResp>> list(PageSaasFeatureResourceReq param) {
|
||||
return ApiResult.ok(featureResourceService.list(param));
|
||||
}
|
||||
|
||||
@Override
|
||||
public ApiResult<PageResp<SaasFeatureResourceResp>> page(PageSaasFeatureResourceReq param) {
|
||||
return ApiResult.ok(featureResourceService.page(param));
|
||||
}
|
||||
}
|
||||
|
||||
@ -1,7 +1,10 @@
|
||||
package cn.axzo.tyr.server.controller.permission;
|
||||
|
||||
import cn.axzo.basics.common.BeanMapper;
|
||||
import cn.axzo.framework.domain.web.result.ApiResult;
|
||||
import cn.axzo.tyr.client.feign.PermissionQueryApi;
|
||||
import cn.axzo.tyr.client.model.req.BatchPermissionCheckReq;
|
||||
import cn.axzo.tyr.client.model.req.IdentityAuthReq;
|
||||
import cn.axzo.tyr.client.model.req.ListPermissionFeatureReq;
|
||||
import cn.axzo.tyr.client.model.req.NavTreeReq;
|
||||
import cn.axzo.tyr.client.model.req.PagePermissionReq;
|
||||
@ -9,17 +12,22 @@ import cn.axzo.tyr.client.model.req.PagePermissionResp;
|
||||
import cn.axzo.tyr.client.model.req.PermissionCheckReq;
|
||||
import cn.axzo.tyr.client.model.req.TreePermissionReq;
|
||||
import cn.axzo.tyr.client.model.req.TreeProductFeatureResourceReq;
|
||||
import cn.axzo.tyr.client.model.res.BatchPermissionCheckRes;
|
||||
import cn.axzo.tyr.client.model.res.FeatureResourceDTO;
|
||||
import cn.axzo.tyr.client.model.res.IdentityAuthRes;
|
||||
import cn.axzo.tyr.client.model.res.ListPermissionFeatureResp;
|
||||
import cn.axzo.tyr.client.model.res.NavTreeResp;
|
||||
import cn.axzo.tyr.client.model.res.ProductFeatureResourceResp;
|
||||
import cn.axzo.tyr.client.model.res.TreePermissionResp;
|
||||
import cn.axzo.tyr.server.service.PermissionQueryService;
|
||||
import cn.axzo.tyr.server.service.TyrSaasAuthService;
|
||||
import lombok.RequiredArgsConstructor;
|
||||
import lombok.extern.slf4j.Slf4j;
|
||||
import org.apache.commons.collections.CollectionUtils;
|
||||
import org.springframework.web.bind.annotation.RestController;
|
||||
|
||||
import java.util.List;
|
||||
import java.util.stream.Collectors;
|
||||
|
||||
/**
|
||||
* 权限接口实现
|
||||
@ -34,6 +42,7 @@ import java.util.List;
|
||||
public class PermissionQueryController implements PermissionQueryApi {
|
||||
|
||||
private final PermissionQueryService permissionService;
|
||||
private final TyrSaasAuthService tyrSaasAuthService;
|
||||
|
||||
@Override
|
||||
public ApiResult<List<NavTreeResp>> getNavTree(NavTreeReq req) {
|
||||
@ -50,6 +59,27 @@ public class PermissionQueryController implements PermissionQueryApi {
|
||||
return ApiResult.ok(permissionService.hasPermission(req));
|
||||
}
|
||||
|
||||
@Override
|
||||
public ApiResult<BatchPermissionCheckRes> hasPermissionBatch(BatchPermissionCheckReq req) {
|
||||
|
||||
IdentityAuthReq request = IdentityAuthReq.builder().build();
|
||||
request.setPersonId(req.getPersonId());
|
||||
List<IdentityAuthReq.WorkspaceOuPair> pairs = BeanMapper.copyList(req.getWorkspaceOUPairs(), IdentityAuthReq.WorkspaceOuPair.class);
|
||||
request.setWorkspaceOusPairs(pairs);
|
||||
request.setItemCode(req.getItemCode());
|
||||
IdentityAuthRes authRes = tyrSaasAuthService.findIdentityAuthMix(request);
|
||||
|
||||
return ApiResult.ok(BatchPermissionCheckRes.builder()
|
||||
.workspaceOuPermissions(authRes.getPermissions().stream()
|
||||
.map(e -> BatchPermissionCheckRes.WorkspaceOuPermission.builder()
|
||||
.workspaceId(e.getWorkspaceId())
|
||||
.ouId(e.getOuId())
|
||||
.permissionResult(CollectionUtils.isNotEmpty(e.getPermissionPoint()))
|
||||
.build())
|
||||
.collect(Collectors.toList()))
|
||||
.build());
|
||||
}
|
||||
|
||||
@Override
|
||||
public ApiResult<List<ProductFeatureResourceResp>> treeProduct(TreeProductFeatureResourceReq request) {
|
||||
return ApiResult.ok(permissionService.treeProduct(request));
|
||||
|
||||
@ -176,6 +176,11 @@ public class SaasRoleController implements TyrSaasRoleApi {
|
||||
return ApiResult.ok(roleService.queryBatchByIdentityIdType(req));
|
||||
}
|
||||
|
||||
@Override
|
||||
public ApiResult<List<QueryBatchByIdentityIdTypeRes>> queryBatchByIdentityIdTypeV2(List<QueryByIdentityIdTypeReq> req) {
|
||||
return ApiResult.ok(roleService.queryBatchByIdentityIdTypeV2(req));
|
||||
}
|
||||
|
||||
@Override
|
||||
public ApiResult<List<IsSuperAdminRes>> isSuperAdmin(List<QueryByIdentityIdTypeReq> req) {
|
||||
return ApiResult.ok(roleService.isSuperAdmin(req));
|
||||
|
||||
@ -57,8 +57,11 @@ public interface RoleService extends IService<SaasRole> {
|
||||
|
||||
List<SaasRoleVO> query(QuerySaasRoleReq req);
|
||||
|
||||
@Deprecated
|
||||
List<QueryBatchByIdentityIdTypeRes> queryBatchByIdentityIdType(List<QueryByIdentityIdTypeReq> req);
|
||||
|
||||
List<QueryBatchByIdentityIdTypeRes> queryBatchByIdentityIdTypeV2(List<QueryByIdentityIdTypeReq> req);
|
||||
|
||||
Long saveOrUpdate(SaveOrUpdateRoleVO saveOrUpdateRole);
|
||||
|
||||
List<IsSuperAdminRes> isSuperAdmin(List<QueryByIdentityIdTypeReq> req);
|
||||
|
||||
@ -1,134 +1,137 @@
|
||||
package cn.axzo.tyr.server.service;
|
||||
|
||||
import cn.axzo.foundation.page.PageResp;
|
||||
import cn.axzo.tyr.client.model.req.DeleteFeatureResourceReq;
|
||||
import cn.axzo.tyr.client.model.req.FeatureResourceTreeSaveReq;
|
||||
import cn.axzo.tyr.client.model.req.GetFeatureResourceTreeReq;
|
||||
import cn.axzo.tyr.client.model.req.PageSaasFeatureResourceReq;
|
||||
import cn.axzo.tyr.client.model.res.FeatureResourceTreeNode;
|
||||
import cn.axzo.tyr.client.model.res.SaasFeatureResourceResp;
|
||||
import cn.axzo.tyr.server.model.ResourcePermission;
|
||||
import cn.axzo.tyr.server.model.ResourcePermissionQueryDTO;
|
||||
import cn.axzo.tyr.server.repository.entity.SaasFeatureResource;
|
||||
import com.baomidou.mybatisplus.extension.service.IService;
|
||||
import lombok.AllArgsConstructor;
|
||||
import lombok.Builder;
|
||||
import lombok.Data;
|
||||
import lombok.NoArgsConstructor;
|
||||
|
||||
import java.util.List;
|
||||
import java.util.Map;
|
||||
import java.util.Set;
|
||||
|
||||
/**
|
||||
* 功能资源服务
|
||||
*
|
||||
* @version V1.0
|
||||
* @author: ZhanSiHu
|
||||
* @date: 2024/4/3 10:17
|
||||
*/
|
||||
public interface SaasFeatureResourceService extends IService<SaasFeatureResource> {
|
||||
|
||||
Long saveOrUpdateMenu(FeatureResourceTreeSaveReq req);
|
||||
|
||||
void updateFeatureAuthType(Long featureId, Integer authType);
|
||||
|
||||
/**递归的**/
|
||||
List<SaasFeatureResource> batchListDescendant(List<Long> featureIds);
|
||||
|
||||
SaasFeatureResource featureResourceById(Long featureId);
|
||||
|
||||
FeatureResourceTreeNode getTreeFeatureDescendant(Long featureId, Integer featureType);
|
||||
|
||||
/**菜单重排序**/
|
||||
void reorderMenuFeature(Long featureId, Integer offset);
|
||||
|
||||
/** 根据ID查询导航菜单页面信息 仅可显示 - 限制查询字段 **/
|
||||
List<SaasFeatureResource> listNavByIds(List<Long> featureIds, List<Integer> featureTypes);
|
||||
|
||||
/** 资源权限通用查询 **/
|
||||
List<ResourcePermission> permissionQuery(ResourcePermissionQueryDTO param);
|
||||
|
||||
/** 查询资源树 **/
|
||||
List<FeatureResourceTreeNode> getTree(GetFeatureResourceTreeReq req);
|
||||
|
||||
SaasFeatureResource getByCode(String featureCode);
|
||||
|
||||
Set<Long> listAuthFree();
|
||||
|
||||
List<SaasFeatureResource> listByParentIdAndTerminalAndIds(Long parentId, String terminal, List<Long> featureIds);
|
||||
|
||||
List<SaasFeatureResourceResp> list(PageSaasFeatureResourceReq param);
|
||||
|
||||
PageResp<SaasFeatureResourceResp> page(PageSaasFeatureResourceReq param);
|
||||
|
||||
void deleteFeatureResource(DeleteFeatureResourceReq param);
|
||||
|
||||
Map<String, List<SaasFeatureResourceCache>> listCache(ListSaasFeatureResourceCache param);
|
||||
|
||||
void refreshCache(RefreshFeatureResourceCacheParam param);
|
||||
|
||||
@Data
|
||||
@Builder
|
||||
@NoArgsConstructor
|
||||
@AllArgsConstructor
|
||||
class RefreshFeatureResourceCacheParam {
|
||||
private Set<String> terminals;
|
||||
}
|
||||
|
||||
@Data
|
||||
@Builder
|
||||
@NoArgsConstructor
|
||||
@AllArgsConstructor
|
||||
class StoreSaasFeatureResourceCache {
|
||||
|
||||
private List<SaasFeatureResourceDTO> saasFeatureResources;
|
||||
}
|
||||
|
||||
@Data
|
||||
@Builder
|
||||
@NoArgsConstructor
|
||||
@AllArgsConstructor
|
||||
class SaasFeatureResourceDTO {
|
||||
private String terminal;
|
||||
|
||||
private List<SaasFeatureResourceCache> features;
|
||||
}
|
||||
|
||||
@Data
|
||||
@Builder
|
||||
@NoArgsConstructor
|
||||
@AllArgsConstructor
|
||||
class ListSaasFeatureResourceCache {
|
||||
|
||||
private Set<String> terminals;
|
||||
}
|
||||
|
||||
@Data
|
||||
@Builder
|
||||
@NoArgsConstructor
|
||||
@AllArgsConstructor
|
||||
class SaasFeatureResourceCache {
|
||||
|
||||
private Long featureId;
|
||||
|
||||
private boolean notAuth;
|
||||
|
||||
private Set<Long> parentIds;
|
||||
|
||||
private String uniCode;
|
||||
|
||||
/**
|
||||
* 客户端版本号
|
||||
* 在根据版本号查询菜单树限的时候需要
|
||||
*/
|
||||
private Integer version;
|
||||
|
||||
/**
|
||||
* 1、展示
|
||||
* 0、隐藏
|
||||
* FeatureResourceStatus
|
||||
*/
|
||||
private Integer status;
|
||||
}
|
||||
}
|
||||
package cn.axzo.tyr.server.service;
|
||||
|
||||
import cn.axzo.foundation.page.PageResp;
|
||||
import cn.axzo.tyr.client.model.req.DeleteFeatureResourceReq;
|
||||
import cn.axzo.tyr.client.model.req.DetailFeatureResourceReq;
|
||||
import cn.axzo.tyr.client.model.req.FeatureResourceTreeSaveReq;
|
||||
import cn.axzo.tyr.client.model.req.GetFeatureResourceTreeReq;
|
||||
import cn.axzo.tyr.client.model.req.PageSaasFeatureResourceReq;
|
||||
import cn.axzo.tyr.client.model.res.FeatureResourceTreeNode;
|
||||
import cn.axzo.tyr.client.model.res.SaasFeatureResourceResp;
|
||||
import cn.axzo.tyr.server.model.ResourcePermission;
|
||||
import cn.axzo.tyr.server.model.ResourcePermissionQueryDTO;
|
||||
import cn.axzo.tyr.server.repository.entity.SaasFeatureResource;
|
||||
import com.baomidou.mybatisplus.extension.service.IService;
|
||||
import lombok.AllArgsConstructor;
|
||||
import lombok.Builder;
|
||||
import lombok.Data;
|
||||
import lombok.NoArgsConstructor;
|
||||
|
||||
import java.util.List;
|
||||
import java.util.Map;
|
||||
import java.util.Set;
|
||||
|
||||
/**
|
||||
* 功能资源服务
|
||||
*
|
||||
* @version V1.0
|
||||
* @author: ZhanSiHu
|
||||
* @date: 2024/4/3 10:17
|
||||
*/
|
||||
public interface SaasFeatureResourceService extends IService<SaasFeatureResource> {
|
||||
|
||||
Long saveOrUpdateMenu(FeatureResourceTreeSaveReq req);
|
||||
|
||||
void updateFeatureAuthType(Long featureId, Integer authType);
|
||||
|
||||
/**递归的**/
|
||||
List<SaasFeatureResource> batchListDescendant(List<Long> featureIds);
|
||||
|
||||
SaasFeatureResource featureResourceById(Long featureId);
|
||||
|
||||
FeatureResourceTreeNode getTreeFeatureDescendant(DetailFeatureResourceReq param);
|
||||
|
||||
/**菜单重排序**/
|
||||
void reorderMenuFeature(Long featureId, Integer offset);
|
||||
|
||||
/** 根据ID查询导航菜单页面信息 仅可显示 - 限制查询字段 **/
|
||||
List<SaasFeatureResource> listNavByIds(List<Long> featureIds, List<Integer> featureTypes);
|
||||
|
||||
/** 资源权限通用查询 **/
|
||||
List<ResourcePermission> permissionQuery(ResourcePermissionQueryDTO param);
|
||||
|
||||
/** 查询资源树 **/
|
||||
List<FeatureResourceTreeNode> getTree(GetFeatureResourceTreeReq req);
|
||||
|
||||
SaasFeatureResource getByCode(String featureCode);
|
||||
|
||||
Set<Long> listAuthFree();
|
||||
|
||||
List<SaasFeatureResource> listByParentIdAndTerminalAndIds(Long parentId, String terminal, List<Long> featureIds);
|
||||
|
||||
List<SaasFeatureResource> listByParentIdAndBlurTerminalAndIds(Long parentId, String terminal, List<Long> featureIds);
|
||||
|
||||
List<SaasFeatureResourceResp> list(PageSaasFeatureResourceReq param);
|
||||
|
||||
PageResp<SaasFeatureResourceResp> page(PageSaasFeatureResourceReq param);
|
||||
|
||||
void deleteFeatureResource(DeleteFeatureResourceReq param);
|
||||
|
||||
Map<String, List<SaasFeatureResourceCache>> listCache(ListSaasFeatureResourceCache param);
|
||||
|
||||
void refreshCache(RefreshFeatureResourceCacheParam param);
|
||||
|
||||
@Data
|
||||
@Builder
|
||||
@NoArgsConstructor
|
||||
@AllArgsConstructor
|
||||
class RefreshFeatureResourceCacheParam {
|
||||
private Set<String> terminals;
|
||||
}
|
||||
|
||||
@Data
|
||||
@Builder
|
||||
@NoArgsConstructor
|
||||
@AllArgsConstructor
|
||||
class StoreSaasFeatureResourceCache {
|
||||
|
||||
private List<SaasFeatureResourceDTO> saasFeatureResources;
|
||||
}
|
||||
|
||||
@Data
|
||||
@Builder
|
||||
@NoArgsConstructor
|
||||
@AllArgsConstructor
|
||||
class SaasFeatureResourceDTO {
|
||||
private String terminal;
|
||||
|
||||
private List<SaasFeatureResourceCache> features;
|
||||
}
|
||||
|
||||
@Data
|
||||
@Builder
|
||||
@NoArgsConstructor
|
||||
@AllArgsConstructor
|
||||
class ListSaasFeatureResourceCache {
|
||||
|
||||
private Set<String> terminals;
|
||||
}
|
||||
|
||||
@Data
|
||||
@Builder
|
||||
@NoArgsConstructor
|
||||
@AllArgsConstructor
|
||||
class SaasFeatureResourceCache {
|
||||
|
||||
private Long featureId;
|
||||
|
||||
private boolean notAuth;
|
||||
|
||||
private Set<Long> parentIds;
|
||||
|
||||
private String uniCode;
|
||||
|
||||
/**
|
||||
* 客户端版本号
|
||||
* 在根据版本号查询菜单树限的时候需要
|
||||
*/
|
||||
private Integer version;
|
||||
|
||||
/**
|
||||
* 1、展示
|
||||
* 0、隐藏
|
||||
* FeatureResourceStatus
|
||||
*/
|
||||
private Integer status;
|
||||
}
|
||||
}
|
||||
|
||||
@ -182,12 +182,21 @@ public class PermissionQueryServiceImpl implements PermissionQueryService {
|
||||
return navTreeList.stream().filter(t -> Objects.equals(t.getParentId(), root.getId())).collect(Collectors.toList());
|
||||
}
|
||||
|
||||
private boolean isGATerminal(String terminal) {
|
||||
if (Objects.isNull(terminal)) {
|
||||
return false;
|
||||
}
|
||||
|
||||
TerminalInfo tm = new TerminalInfo(terminal);
|
||||
return tm.isGA();
|
||||
}
|
||||
|
||||
@Override
|
||||
public boolean hasPermission(PermissionCheckReq req) {
|
||||
|
||||
//这里暂时硬编码-非OMS端鉴权请求 直接转老接口处理
|
||||
if (!StrUtil.equals("NT_OMS_WEB" ,req.getTerminal())
|
||||
&& !Objects.equals(TerminalInfo.NT_PC_GA_GENERAL, req.getTerminal())) {
|
||||
&& !isGATerminal(req.getTerminal())) {
|
||||
|
||||
// 为了兼容用户没有在企业中,但是需要看到企业类型的菜单,在调用相关接口时,忽略这些菜单的鉴权
|
||||
if (CollectionUtils.isNotEmpty(notAuthUniCodes)) {
|
||||
|
||||
@ -4,7 +4,6 @@ import cn.axzo.basics.common.BeanMapper;
|
||||
import cn.axzo.basics.common.util.AssertUtil;
|
||||
import cn.axzo.basics.profiles.api.UserProfileServiceApi;
|
||||
import cn.axzo.basics.profiles.dto.basic.PersonProfileDto;
|
||||
import cn.axzo.framework.auth.domain.TerminalInfo;
|
||||
import cn.axzo.framework.domain.page.PageResp;
|
||||
import cn.axzo.framework.domain.web.result.ApiPageResult;
|
||||
import cn.axzo.framework.domain.web.result.ApiResult;
|
||||
@ -78,6 +77,10 @@ import java.util.stream.Collectors;
|
||||
@RequiredArgsConstructor
|
||||
@Service
|
||||
public class ProductServiceImpl implements ProductService {
|
||||
|
||||
/** 政务端前缀 **/
|
||||
private static final String PREFIX_TERMINAL_GA = "NT_PC_GA_";
|
||||
|
||||
private final ProductModuleDao productModuleDao;
|
||||
private final ProductFeatureRelationService productFeatureRelationService;
|
||||
private final SaasFeatureResourceService saasFeatureResourceService;
|
||||
@ -290,7 +293,7 @@ public class ProductServiceImpl implements ProductService {
|
||||
|
||||
@Override
|
||||
public ApiResult<List<GovernmentTerminalResp>> getGovernmentTerminal(String terminal) {
|
||||
List<SaasFeatureResource> featureResources = saasFeatureResourceService.listByParentIdAndTerminalAndIds(0L, terminal, null);
|
||||
List<SaasFeatureResource> featureResources = saasFeatureResourceService.listByParentIdAndBlurTerminalAndIds(0L, terminal, null);
|
||||
List<GovernmentTerminalResp> resps = CollectionUtil.isEmpty(featureResources) ? Collections.emptyList() : featureResources.stream().map(e -> GovernmentTerminalResp.builder()
|
||||
.featureResourceId(e.getId())
|
||||
.featureResourceName(e.getFeatureName())
|
||||
@ -405,7 +408,7 @@ public class ProductServiceImpl implements ProductService {
|
||||
List<SaasFeatureResource> saasFeatureResources = saasFeatureResourceService.listByParentIdAndTerminalAndIds(null, null, rootFeatureIds);
|
||||
AssertUtil.notEmpty(saasFeatureResources, "功能范围选择端不能为空");
|
||||
saasFeatureResources.forEach(e -> {
|
||||
AssertUtil.isTrue(e.getParentId() == 0 && TerminalInfo.NT_PC_GA_GENERAL.equals(e.getTerminal()), "功能范围选择端有误");
|
||||
AssertUtil.isTrue(e.getParentId() == 0 && e.getTerminal().startsWith(PREFIX_TERMINAL_GA), "功能范围选择端有误");
|
||||
});
|
||||
|
||||
List<SaasFeatureResource> frs = saasFeatureResourceService.batchListDescendant(rootFeatureIds);
|
||||
@ -471,7 +474,7 @@ public class ProductServiceImpl implements ProductService {
|
||||
}
|
||||
product.setRelationType(result.getData().get(0).getType());
|
||||
List<Long> featureIds = result.getData().stream().map(ProductFeatureRelationVO::getFeatureId).collect(Collectors.toList());
|
||||
List<SaasFeatureResource> featureResources = saasFeatureResourceService.listByParentIdAndTerminalAndIds(0L, TerminalInfo.NT_PC_GA_GENERAL, featureIds);
|
||||
List<SaasFeatureResource> featureResources = saasFeatureResourceService.listByParentIdAndBlurTerminalAndIds(0L, PREFIX_TERMINAL_GA, featureIds);
|
||||
if (CollectionUtil.isNotEmpty(featureResources)) {
|
||||
product.setFeatureScopes(featureResources.stream().map(e -> ProductVO.FeatureScope.builder()
|
||||
.governmentFeatureResourceId(e.getId())
|
||||
|
||||
@ -384,6 +384,71 @@ public class RoleServiceImpl extends ServiceImpl<SaasRoleMapper, SaasRole>
|
||||
return result;
|
||||
}
|
||||
|
||||
@Override
|
||||
public List<QueryBatchByIdentityIdTypeRes> queryBatchByIdentityIdTypeV2(List<QueryByIdentityIdTypeReq> req) {
|
||||
// 一起查询,减少数据库io,原来入参过多时,接口性能很差
|
||||
List<ListRoleUserRelationParam.BatchPerson> batchPersons = req.stream()
|
||||
.distinct()
|
||||
.map(e -> {
|
||||
ListRoleUserRelationParam.BatchPerson batchPerson = ListRoleUserRelationParam.BatchPerson.builder().build();
|
||||
BeanUtils.copyProperties(e, batchPerson);
|
||||
return batchPerson;
|
||||
})
|
||||
.collect(Collectors.toList());
|
||||
List<SaasRoleUserV2DTO> saasRoleUsers = saasRoleUserRelationService.listV2(ListRoleUserRelationParam.builder()
|
||||
.batchPersons(batchPersons)
|
||||
.build());
|
||||
|
||||
List<Long> allRoleIds = saasRoleUsers.stream()
|
||||
.map(SaasRoleUserV2DTO::getRoleId)
|
||||
.distinct()
|
||||
.collect(Collectors.toList());
|
||||
|
||||
// 这里使用原来代码的查询角色信息的接口,因为接口返回的对象使用的这个接口返回对象
|
||||
Map<Long, SaasRoleVO> saasRoles = getByIds(allRoleIds, null, null, null, false, null)
|
||||
.stream()
|
||||
.collect(Collectors.toMap(SaasRoleVO::getId, Function.identity()));
|
||||
|
||||
return batchPersons.stream()
|
||||
.map(e -> {
|
||||
QueryBatchByIdentityIdTypeRes result = QueryBatchByIdentityIdTypeRes.builder().build();
|
||||
BeanUtils.copyProperties(e, result);
|
||||
// 原代码是入参有personId就使用personId查询,不能同时使用personId和identityId、identityType
|
||||
// 因为入参workspaceId和ouId不一定都有,所以不好转成map去取,只能遍历,数据量不大,所以还好
|
||||
Set<Long> roleIds = saasRoleUsers.stream()
|
||||
.filter(role -> {
|
||||
if (Objects.nonNull(e.getIdentityType()) && !Objects.equals(e.getIdentityType(), role.getSaasRoleUser().getIdentityType())) {
|
||||
return false;
|
||||
}
|
||||
|
||||
if (Objects.nonNull(e.getIdentityId()) && !Objects.equals(e.getIdentityId(), role.getSaasRoleUser().getIdentityId())) {
|
||||
return false;
|
||||
}
|
||||
|
||||
if (Objects.nonNull(e.getPersonId()) && !Objects.equals(e.getPersonId(), role.getSaasRoleUser().getPersonId())) {
|
||||
return false;
|
||||
}
|
||||
|
||||
if (Objects.nonNull(e.getWorkspaceId()) && !Objects.equals(e.getWorkspaceId(), role.getSaasRoleUser().getWorkspaceId())) {
|
||||
return false;
|
||||
}
|
||||
|
||||
if (Objects.nonNull(e.getOuId()) && !Objects.equals(e.getOuId(), role.getSaasRoleUser().getOuId())) {
|
||||
return false;
|
||||
}
|
||||
return true;
|
||||
})
|
||||
.map(SaasRoleUserV2DTO::getRoleId)
|
||||
.collect(Collectors.toSet());
|
||||
|
||||
if (CollectionUtils.isNotEmpty(roleIds)) {
|
||||
result.setRole(roleIds.stream().map(saasRoles::get).filter(Objects::nonNull).collect(Collectors.toList()));
|
||||
}
|
||||
return result;
|
||||
})
|
||||
.collect(Collectors.toList());
|
||||
}
|
||||
|
||||
@Override
|
||||
@Transactional(rollbackFor = Exception.class)
|
||||
public Long saveOrUpdate(SaveOrUpdateRoleVO saveOrUpdateRole) {
|
||||
|
||||
@ -17,6 +17,7 @@ import cn.axzo.tyr.client.common.enums.FeatureResourceType;
|
||||
import cn.axzo.tyr.client.common.enums.PageElementFeatureResourceRelationTypeEnum;
|
||||
import cn.axzo.tyr.client.model.enums.DelegatedType;
|
||||
import cn.axzo.tyr.client.model.req.DeleteFeatureResourceReq;
|
||||
import cn.axzo.tyr.client.model.req.DetailFeatureResourceReq;
|
||||
import cn.axzo.tyr.client.model.req.FeatureComponentSaveReq;
|
||||
import cn.axzo.tyr.client.model.req.FeatureResourceTreeSaveReq;
|
||||
import cn.axzo.tyr.client.model.req.GetFeatureResourceTreeReq;
|
||||
@ -30,6 +31,7 @@ import cn.axzo.tyr.client.model.res.FeatureResourceTreeNode;
|
||||
import cn.axzo.tyr.client.model.res.PageElementBasicDTO;
|
||||
import cn.axzo.tyr.client.model.res.PageElementResp;
|
||||
import cn.axzo.tyr.client.model.res.SaasFeatureResourceResp;
|
||||
import cn.axzo.tyr.client.model.res.SaasRoleRes;
|
||||
import cn.axzo.tyr.server.common.util.Throws;
|
||||
import cn.axzo.tyr.server.config.MqProducer;
|
||||
import cn.axzo.tyr.server.event.payload.SaasFeatureResourceUpsertPayload;
|
||||
@ -38,11 +40,14 @@ import cn.axzo.tyr.server.model.ResourcePermissionQueryDTO;
|
||||
import cn.axzo.tyr.server.model.convert.SaasFeatureResourceConvert;
|
||||
import cn.axzo.tyr.server.repository.dao.SaasFeatureDao;
|
||||
import cn.axzo.tyr.server.repository.dao.SaasFeatureResourceDao;
|
||||
import cn.axzo.tyr.server.repository.dao.SaasPgroupRoleRelationDao;
|
||||
import cn.axzo.tyr.server.repository.entity.SaasFeature;
|
||||
import cn.axzo.tyr.server.repository.entity.SaasFeatureResource;
|
||||
import cn.axzo.tyr.server.repository.entity.SaasPageElementFeatureResourceRelation;
|
||||
import cn.axzo.tyr.server.repository.entity.SaasPgroupPermissionRelation;
|
||||
import cn.axzo.tyr.server.repository.entity.SaasPgroupRoleRelation;
|
||||
import cn.axzo.tyr.server.repository.mapper.SaasFeatureResourceMapper;
|
||||
import cn.axzo.tyr.server.service.RoleService;
|
||||
import cn.axzo.tyr.server.service.SaasFeatureResourceService;
|
||||
import cn.axzo.tyr.server.service.SaasPageElementFeatureResourceRelationService;
|
||||
import cn.axzo.tyr.server.service.SaasPageElementService;
|
||||
@ -50,6 +55,7 @@ import cn.axzo.tyr.server.service.SaasPgroupPermissionRelationService;
|
||||
import cn.azxo.framework.common.utils.StringUtils;
|
||||
import cn.hutool.core.collection.CollectionUtil;
|
||||
import cn.hutool.core.lang.Assert;
|
||||
import cn.hutool.core.lang.Pair;
|
||||
import cn.hutool.core.util.ObjectUtil;
|
||||
import com.baomidou.mybatisplus.core.conditions.query.QueryWrapper;
|
||||
import com.baomidou.mybatisplus.core.metadata.IPage;
|
||||
@ -112,6 +118,8 @@ public class SaasFeatureResourceServiceImpl extends ServiceImpl<SaasFeatureResou
|
||||
private final SaasPageElementFeatureResourceRelationService saasPageElementFeatureResourceRelationService;
|
||||
private final MqProducer mqProducer;
|
||||
private final SaasFeatureDao saasFeatureDao;
|
||||
private final SaasPgroupRoleRelationDao saasPgroupRoleRelationDao;
|
||||
private final RoleService roleService;
|
||||
|
||||
private static final String TARGET_TYPE = "saasFeatureResourceId";
|
||||
/**
|
||||
@ -238,18 +246,77 @@ public class SaasFeatureResourceServiceImpl extends ServiceImpl<SaasFeatureResou
|
||||
return Objects.equals(e.getWorkspaceType(), req.getWorkspaceType());
|
||||
}
|
||||
|
||||
|
||||
private Map<Long, List<SaasRoleRes>> listRoles(DetailFeatureResourceReq detailFeatureResourceReq,
|
||||
List<SaasFeatureResource> descendants) {
|
||||
if (CollectionUtils.isEmpty(descendants) || BooleanUtils.isNotTrue(detailFeatureResourceReq.getNeedRole())) {
|
||||
return Collections.emptyMap();
|
||||
}
|
||||
|
||||
List<SaasPgroupPermissionRelation> relations = saasPgroupPermissionRelationService.list(PagePgroupPermissionRelationReq.builder()
|
||||
.featureIds(Lists.transform(descendants, SaasFeatureResource::getId))
|
||||
.build());
|
||||
if (CollectionUtils.isEmpty(relations)) {
|
||||
return Collections.emptyMap();
|
||||
}
|
||||
|
||||
List<Long> groupIds = Lists.transform(relations, SaasPgroupPermissionRelation::getGroupId);
|
||||
List<SaasPgroupRoleRelation> saasPgroupRoleRelations = saasPgroupRoleRelationDao.listByGroupIds(groupIds);
|
||||
|
||||
if (CollectionUtils.isEmpty(saasPgroupRoleRelations)) {
|
||||
return Collections.emptyMap();
|
||||
}
|
||||
|
||||
Map<Long, SaasRoleRes> roles = roleService.list(RoleService.ListSaasRoleParam.builder()
|
||||
.roleIds(Lists.transform(saasPgroupRoleRelations, SaasPgroupRoleRelation::getRoleId))
|
||||
.build())
|
||||
.stream()
|
||||
.collect(Collectors.toMap(SaasRoleRes::getId, Function.identity()));
|
||||
|
||||
Map<Long, List<Long>> groupRoleMap = saasPgroupRoleRelations.stream()
|
||||
.collect(Collectors.groupingBy(SaasPgroupRoleRelation::getGroupId,
|
||||
Collectors.mapping(SaasPgroupRoleRelation::getRoleId, Collectors.toList())));
|
||||
|
||||
return relations.stream()
|
||||
.map(e -> {
|
||||
List<Long> roleIds = groupRoleMap.get(e.getGroupId());
|
||||
if (CollectionUtils.isEmpty(roleIds)) {
|
||||
return null;
|
||||
}
|
||||
|
||||
return Pair.of(e.getFeatureId(), roleIds.stream()
|
||||
.map(roles::get)
|
||||
.filter(Objects::nonNull)
|
||||
.collect(Collectors.toList()));
|
||||
})
|
||||
.filter(Objects::nonNull)
|
||||
.collect(Collectors.toMap(Pair::getKey, Pair::getValue, (f, s) -> {
|
||||
f.addAll(s);
|
||||
return f;
|
||||
}));
|
||||
}
|
||||
|
||||
@Override
|
||||
public FeatureResourceTreeNode getTreeFeatureDescendant(Long featureId, Integer featureType) {
|
||||
public FeatureResourceTreeNode getTreeFeatureDescendant(DetailFeatureResourceReq param) {
|
||||
List<SaasFeatureResource> descendants = featureResourceDao.lambdaQuery()
|
||||
.eq(BaseEntity::getIsDelete,0)
|
||||
.eq(ObjectUtil.isNotNull(featureType), SaasFeatureResource::getFeatureType, featureType)
|
||||
.apply("FIND_IN_SET('" + featureId + "', path)")
|
||||
.eq(ObjectUtil.isNotNull(param.getFeatureType()), SaasFeatureResource::getFeatureType, param.getFeatureType())
|
||||
.apply("FIND_IN_SET('" + param.getFeatureId() + "', path)")
|
||||
.list();
|
||||
if (CollectionUtil.isEmpty(descendants)) {
|
||||
return null;
|
||||
}
|
||||
|
||||
Map<Long, List<SaasRoleRes>> roles = listRoles(param, descendants);
|
||||
|
||||
List<FeatureResourceTreeNode> treeList = TreeUtil.buildTree(descendants.stream()
|
||||
.map(SaasFeatureResourceConvert.INSTANCE::convert)
|
||||
.map(e -> {
|
||||
FeatureResourceTreeNode featureResourceTreeNode = SaasFeatureResourceConvert.INSTANCE.convert(e);
|
||||
featureResourceTreeNode.setRoleIds(Optional.ofNullable(roles.get(featureResourceTreeNode.getId()))
|
||||
.map(f -> f.stream().map(SaasRoleRes::getId).collect(Collectors.toSet()))
|
||||
.orElse(null));
|
||||
return featureResourceTreeNode;
|
||||
})
|
||||
.sorted(Comparator.comparing(FeatureResourceDTO::getDisplayOrder))
|
||||
.collect(Collectors.toList()));
|
||||
FeatureResourceTreeNode featureResourceTreeNode = treeList.get(0);
|
||||
@ -602,6 +669,16 @@ public class SaasFeatureResourceServiceImpl extends ServiceImpl<SaasFeatureResou
|
||||
.list();
|
||||
}
|
||||
|
||||
@Override
|
||||
public List<SaasFeatureResource> listByParentIdAndBlurTerminalAndIds(Long parentId, String terminal, List<Long> featureIds) {
|
||||
return featureResourceDao.lambdaQuery()
|
||||
.eq(BaseEntity::getIsDelete, 0)
|
||||
.eq(Objects.nonNull(parentId), SaasFeatureResource::getParentId, parentId)
|
||||
.likeRight(StringUtils.isNotBlank(terminal), SaasFeatureResource::getTerminal, terminal)
|
||||
.in(CollectionUtil.isNotEmpty(featureIds), SaasFeatureResource::getId, featureIds)
|
||||
.list();
|
||||
}
|
||||
|
||||
@Override
|
||||
public List<SaasFeatureResourceResp> list(PageSaasFeatureResourceReq param) {
|
||||
return PageConverter.drainAll(pageNumber -> {
|
||||
@ -848,7 +925,11 @@ public class SaasFeatureResourceServiceImpl extends ServiceImpl<SaasFeatureResou
|
||||
}
|
||||
|
||||
return resolveSaasFeature(Sets.newHashSet(terminals)).stream()
|
||||
.collect(Collectors.toMap(SaasFeatureResourceDTO::getTerminal, SaasFeatureResourceDTO::getFeatures));
|
||||
.collect(Collectors.toMap(SaasFeatureResourceDTO::getTerminal, SaasFeatureResourceDTO::getFeatures,
|
||||
(f, s) -> {
|
||||
f.addAll(s);
|
||||
return f;
|
||||
}));
|
||||
}
|
||||
|
||||
private List<SaasFeatureResourceDTO> resolveSaasFeature(Set<String> terminals) {
|
||||
|
||||
@ -99,6 +99,8 @@ public class SaasRoleUserRelationServiceImpl extends ServiceImpl<SaasRoleUserRel
|
||||
}
|
||||
wrapper.in(!CollectionUtils.isEmpty(roleIds), "role_id", roleIds);
|
||||
|
||||
assembleBatchPersonWrapper(param, wrapper);
|
||||
|
||||
IPage<SaasRoleUserRelation> page = this.page(PageConverter.toMybatis(param, SaasRoleUserRelation.class), wrapper);
|
||||
|
||||
Map<Long, SaasRoleUserV2DTO.SaasRoleUser> saasRoleUsers = listSaasRoleUser(param, page.getRecords());
|
||||
@ -108,6 +110,26 @@ public class SaasRoleUserRelationServiceImpl extends ServiceImpl<SaasRoleUserRel
|
||||
return PageConverter.toResp(page, (record) -> from(record, saasRoleUsers, saasRoles));
|
||||
}
|
||||
|
||||
private void assembleBatchPersonWrapper(PageRoleUserRelationParam param,
|
||||
QueryWrapper<SaasRoleUserRelation> wrapper) {
|
||||
|
||||
if (CollectionUtils.isEmpty(param.getBatchPersons())) {
|
||||
return;
|
||||
}
|
||||
|
||||
wrapper.and(j -> {
|
||||
for (ListRoleUserRelationParam.BatchPerson batchPerson : param.getBatchPersons()) {
|
||||
j.or(k -> {
|
||||
k.eq(Objects.nonNull(batchPerson.getPersonId()), "natural_person_id", batchPerson.getPersonId());
|
||||
k.eq(Objects.nonNull(batchPerson.getIdentityId()), "identity_id", batchPerson.getIdentityId());
|
||||
k.eq(Objects.nonNull(batchPerson.getIdentityType()), "identity_type", batchPerson.getIdentityType());
|
||||
k.eq(Objects.nonNull(batchPerson.getWorkspaceId()), "workspace_id", batchPerson.getWorkspaceId());
|
||||
k.eq(Objects.nonNull(batchPerson.getOuId()), "ou_id", batchPerson.getOuId());
|
||||
});
|
||||
}
|
||||
});
|
||||
}
|
||||
|
||||
@Override
|
||||
@Transactional
|
||||
public void upsert(UpsertParam param) {
|
||||
|
||||
@ -584,7 +584,7 @@ public class TyrSaasAuthServiceImpl implements TyrSaasAuthService {
|
||||
}
|
||||
|
||||
private Set<Long> resolvePermissionNormalRole(ListPermissionUser req,
|
||||
List<ProductPermissionCacheService.PermissionDTO> productPermissions,
|
||||
List<ProductPermissionCacheService.PermissionDTO> productPermissions,
|
||||
Set<Long> featureIds) {
|
||||
|
||||
// 因为通过权限id找对应的角色数据量巨大,所以通过找项目的角色,再找有权限的角色比较快
|
||||
@ -596,8 +596,17 @@ public class TyrSaasAuthServiceImpl implements TyrSaasAuthService {
|
||||
return Collections.emptySet();
|
||||
}
|
||||
|
||||
List<SaasRoleRes> normalRoles = roleService.list(RoleService.ListSaasRoleParam.builder()
|
||||
.roleIds(Lists.newArrayList(allRoleIds))
|
||||
.roleTypes(RoleTypeEnum.listNormal())
|
||||
.build());
|
||||
|
||||
if (CollectionUtils.isEmpty(normalRoles)) {
|
||||
return Collections.emptySet();
|
||||
}
|
||||
|
||||
RolePermissionCacheService.ListRolePermissionParam listRolePermissionParam = RolePermissionCacheService.ListRolePermissionParam.builder()
|
||||
.roleIds(allRoleIds)
|
||||
.roleIds(normalRoles.stream().map(SaasRoleRes::getId).collect(Collectors.toSet()))
|
||||
.featureCodes(productPermissions.stream()
|
||||
.map(ProductPermissionCacheService.PermissionDTO::getFeatureCode)
|
||||
.collect(Collectors.toSet()))
|
||||
@ -611,10 +620,8 @@ public class TyrSaasAuthServiceImpl implements TyrSaasAuthService {
|
||||
|| e.getValue().stream().anyMatch(p -> Objects.equals(p.getTerminal(), req.getTerminal())))
|
||||
.map(Map.Entry::getKey)
|
||||
.collect(Collectors.toSet());
|
||||
Map<Long, SaasRoleRes> normalRoles = roleService.list(ListRoleReq.builder()
|
||||
.roleIds(Lists.newArrayList(normalRoleIds))
|
||||
.build())
|
||||
.stream()
|
||||
Map<Long, SaasRoleRes> normalRoleMap = normalRoles.stream()
|
||||
.filter(e -> normalRoleIds.contains(e.getId()))
|
||||
.collect(Collectors.toMap(SaasRoleRes::getId, Function.identity()));
|
||||
|
||||
Map<String, Set<String>> featureCodeCooperateTypeMap = productPermissions.stream()
|
||||
@ -622,7 +629,7 @@ public class TyrSaasAuthServiceImpl implements TyrSaasAuthService {
|
||||
Collectors.mapping(ProductPermissionCacheService.PermissionDTO::getCooperateType, Collectors.toSet())));
|
||||
return normalRolePermissionMap.entrySet().stream()
|
||||
.filter(e -> {
|
||||
SaasRoleRes saasRoleRes = normalRoles.get(e.getKey());
|
||||
SaasRoleRes saasRoleRes = normalRoleMap.get(e.getKey());
|
||||
if (Objects.isNull(saasRoleRes)) {
|
||||
return false;
|
||||
}
|
||||
@ -808,7 +815,7 @@ public class TyrSaasAuthServiceImpl implements TyrSaasAuthService {
|
||||
try {
|
||||
return findIdentityAuthV2(req).getPermissions();
|
||||
} catch (Exception ex) {
|
||||
log.error("查询权限异常,执行降级处理");
|
||||
log.error("查询权限异常,执行降级处理,", ex);
|
||||
return findIdentityAuth(req).getPermissions();
|
||||
}
|
||||
}
|
||||
|
||||
Loading…
Reference in New Issue
Block a user