Merge remote-tracking branch 'origin/feature/REQ-1502' into feature/REQ-1502
This commit is contained in:
zhansihu
commit
24f30d7fd2
@ -111,6 +111,6 @@ public interface ProductApi {
|
||||
* @param workspaceIds
|
||||
* @return
|
||||
*/
|
||||
@PostMapping("/temp")
|
||||
ApiResult<Map<Long, List<ProductFeatureRelationVO>>> queryProductFeatureRelationByWorkspace(Set<Long> workspaceIds);
|
||||
@PostMapping("api/auth/product/feature/query")
|
||||
ApiResult<Map<Long, List<ProductFeatureRelationVO>>> queryProductFeatureRelationByWorkspace(@RequestBody Set<Long> workspaceIds);
|
||||
}
|
||||
|
||||
@ -79,4 +79,6 @@ public interface TyrSaasRoleUserApi {
|
||||
*/
|
||||
@PostMapping("/api/saas-role-user/super-admin-list")
|
||||
ApiResult<List<SuperAdminInfoDTO>> superAdminList(@RequestBody @Valid SuperAdminParam param);
|
||||
|
||||
|
||||
}
|
||||
|
||||
@ -2,8 +2,8 @@ package cn.axzo.tyr.client.model.roleuser.req;
|
||||
|
||||
import java.util.List;
|
||||
|
||||
import javax.validation.constraints.Max;
|
||||
import javax.validation.constraints.Min;
|
||||
import javax.validation.constraints.NotBlank;
|
||||
import javax.validation.constraints.NotEmpty;
|
||||
import javax.validation.constraints.NotNull;
|
||||
|
||||
@ -33,10 +33,21 @@ public class CreateAgencyAdminRoleParam {
|
||||
|
||||
/**
|
||||
* 单位类型
|
||||
* 1:施工单位
|
||||
* 2:建设单位
|
||||
* 3:监理单位
|
||||
* 4: 劳务分包
|
||||
* 5:专业分包
|
||||
* 6:OMS通用
|
||||
* 7:企业通用
|
||||
*/
|
||||
@NotNull(message = "单位类型不能为空")
|
||||
@Min(value = 1)
|
||||
private Integer organizationalUnitType;
|
||||
@Max(value = 7)
|
||||
private Integer organizationalUnitTypeCode;
|
||||
|
||||
@NotNull(message = "身份id不能为空")
|
||||
private Long identityId;
|
||||
|
||||
/**
|
||||
* 被赋予角色的人的身份类型
|
||||
@ -44,17 +55,6 @@ public class CreateAgencyAdminRoleParam {
|
||||
@NotNull(message = "身份类型不能为空")
|
||||
private IdentityType identityType;
|
||||
|
||||
/**
|
||||
* 手机号
|
||||
*/
|
||||
@NotBlank(message = "手机号不能为空")
|
||||
private String phoneNo;
|
||||
|
||||
/**
|
||||
* 用户名
|
||||
*/
|
||||
@NotBlank(message = "用户名不能为空")
|
||||
private String userName;
|
||||
|
||||
/**
|
||||
* 之前的所有RoleId都被更新
|
||||
@ -62,4 +62,7 @@ public class CreateAgencyAdminRoleParam {
|
||||
@NotEmpty(message = "角色列表不能为空")
|
||||
private List<Long> updateRoleIds;
|
||||
|
||||
@NotNull(message = "自然人id不能为空")
|
||||
private Long naturalPersonId;
|
||||
|
||||
}
|
||||
|
||||
@ -5,14 +5,18 @@ import cn.axzo.pokonyan.config.mybatisplus.BaseEntity;
|
||||
import cn.axzo.tyr.client.common.enums.RoleTypeEnum;
|
||||
import cn.axzo.tyr.server.repository.dao.*;
|
||||
import cn.axzo.tyr.server.repository.entity.*;
|
||||
import cn.hutool.json.JSONUtil;
|
||||
import com.xxl.job.core.biz.model.ReturnT;
|
||||
import com.xxl.job.core.handler.IJobHandler;
|
||||
import com.xxl.job.core.handler.annotation.XxlJob;
|
||||
import lombok.AllArgsConstructor;
|
||||
import lombok.RequiredArgsConstructor;
|
||||
import lombok.extern.slf4j.Slf4j;
|
||||
import org.apache.commons.collections4.CollectionUtils;
|
||||
import org.apache.ibatis.annotations.Flush;
|
||||
import org.springframework.beans.factory.annotation.Autowired;
|
||||
import org.springframework.beans.factory.annotation.Value;
|
||||
import org.springframework.cloud.context.config.annotation.RefreshScope;
|
||||
import org.springframework.stereotype.Component;
|
||||
import org.springframework.transaction.annotation.Transactional;
|
||||
|
||||
@ -35,13 +39,15 @@ import java.util.stream.Collectors;
|
||||
@Component
|
||||
@AllArgsConstructor
|
||||
@Slf4j
|
||||
@RefreshScope
|
||||
@RequiredArgsConstructor
|
||||
public class CMSRoleJobHandler extends IJobHandler {
|
||||
|
||||
@Value("${saasPreTempalteIdOfProject")
|
||||
Long saasPreTempalteIdOfProject;
|
||||
@Value("${flush.role1052.saasPreTempalteIdOfProject}")
|
||||
private Long saasPreTempalteIdOfProject;
|
||||
|
||||
@Value("${saasPreTempalteIdOfOu")
|
||||
Long saasPreTempalteIdOfOu;
|
||||
@Value("${flush.role1052.saasPreTempalteIdOfOu}")
|
||||
private Long saasPreTempalteIdOfOu;
|
||||
|
||||
@Autowired
|
||||
SaasRoleGroupDao roleGroupDao;
|
||||
@ -111,7 +117,7 @@ public class CMSRoleJobHandler extends IJobHandler {
|
||||
.eq(SaasPreRole::getFitOuTypeBit, Arrays.asList(64))
|
||||
.eq(BaseEntity::getIsDelete,0)
|
||||
.list();
|
||||
saveRole(role,workspaceTypCode,"1,2,3,4,5","企业通用");
|
||||
saveRole(role,workspaceTypCode,"7","企业通用");
|
||||
}
|
||||
|
||||
/**
|
||||
@ -140,16 +146,16 @@ public class CMSRoleJobHandler extends IJobHandler {
|
||||
if (CollectionUtils.isEmpty(pgroupRoleRelation)) {
|
||||
return;
|
||||
}
|
||||
List<SaasPermissionGroup> permissionGroup = saasPermissionGroupDao.lambdaQuery()
|
||||
List<SaasPermissionGroup> oldPermissionGroup = saasPermissionGroupDao.lambdaQuery()
|
||||
.in(BaseEntity::getId, pgroupRoleRelation.stream().map(SaasPreGroupRoleRelation::getGroupId).collect(Collectors.toList()))
|
||||
.eq(BaseEntity::getIsDelete, 0)
|
||||
.list();
|
||||
List<SaasPgroupPermissionRelation> pgroupPermissionRelation = pgroupPermissionRelationDao.lambdaQuery()
|
||||
.in(SaasPgroupPermissionRelation::getGroupId, permissionGroup.stream().map(BaseEntity::getId).collect(Collectors.toList()))
|
||||
List<SaasPgroupPermissionRelation> oldPgroupPermissionRelation = pgroupPermissionRelationDao.lambdaQuery()
|
||||
.in(SaasPgroupPermissionRelation::getGroupId, oldPermissionGroup.stream().map(BaseEntity::getId).collect(Collectors.toList()))
|
||||
.eq(BaseEntity::getIsDelete, 0)
|
||||
.list();
|
||||
List<SaasFeature> feature = featureDao.lambdaQuery()
|
||||
.in(BaseEntity::getId, pgroupPermissionRelation.stream().map(SaasPgroupPermissionRelation::getFeatureId).collect(Collectors.toList()))
|
||||
.in(BaseEntity::getId, oldPgroupPermissionRelation.stream().map(SaasPgroupPermissionRelation::getFeatureId).collect(Collectors.toList()))
|
||||
.eq(BaseEntity::getIsDelete, 0)
|
||||
.list();
|
||||
|
||||
@ -198,9 +204,47 @@ public class CMSRoleJobHandler extends IJobHandler {
|
||||
|
||||
// 更新用户关联关系表(根据老的fromRoleId更新至新roldId)
|
||||
// 根据fromeRoleId查询老的roleId
|
||||
// TODO zhaobudao fromRoleId的是自定义角色,不用管直接丢弃
|
||||
|
||||
// fromRoleId的角色未关联具体角色分组和权限点,可以直接丢弃,已经和产品确认过
|
||||
// SELECT * FROM `saas_pgroup_role_relation` WHERE `role_id` in (
|
||||
// SELECT id FROM saas_role WHERE is_delete=0 and workspace_id != -1 and from_pre_role_id = 0 and role_type!='super_admin' and `NAME` not like '%代班长%' and `NAME` not like '%带班长%')
|
||||
List<SaasRole> list = roleDao.lambdaQuery()
|
||||
.eq(SaasRole::getFromPreRoleId, preRole)
|
||||
.list();
|
||||
if (CollectionUtils.isEmpty(list)) {
|
||||
log.info("未找到preRole下发的role preRole:{}", JSONUtil.toJsonStr(preRole));
|
||||
return;
|
||||
}
|
||||
List<Long> oldRoleId = list.stream().map(BaseEntity::getId).collect(Collectors.toList());
|
||||
// 更新用户角色关联关系
|
||||
roleUserRelationDao.lambdaUpdate()
|
||||
.in(SaasRoleUserRelation::getRoleId,oldRoleId)
|
||||
.set(SaasRoleUserRelation::getRoleId,newRole.getId())
|
||||
.update();
|
||||
|
||||
// 清除老的权限集
|
||||
oldPermissionGroup.forEach(e ->{
|
||||
saasPermissionGroupDao.lambdaUpdate()
|
||||
.eq(BaseEntity::getId, e.getId())
|
||||
.set(BaseEntity::getIsDelete, e.getId())
|
||||
.update();
|
||||
});
|
||||
// 清除老的权限集权限关联关系
|
||||
oldPgroupPermissionRelation.forEach(e ->{
|
||||
pgroupPermissionRelationDao.lambdaUpdate()
|
||||
.eq(BaseEntity::getId, e.getId())
|
||||
.set(BaseEntity::getIsDelete, e.getId())
|
||||
.update();
|
||||
});
|
||||
// 清除老的角色
|
||||
roleDao.lambdaUpdate()
|
||||
.in(BaseEntity::getId,oldRoleId)
|
||||
.set(BaseEntity::getIsDelete,1)
|
||||
.update();
|
||||
// 清除老的角色和权限集关联关系
|
||||
roleGroupRelationDao.lambdaUpdate()
|
||||
.in(SaasRoleGroupRelation::getRoleId,oldRoleId)
|
||||
.set(BaseEntity::getIsDelete,1)
|
||||
.update();
|
||||
});
|
||||
}
|
||||
|
||||
|
||||
@ -58,6 +58,12 @@ public class SaasRole extends BaseEntity<SaasRole> {
|
||||
*/
|
||||
private Long updateBy;
|
||||
|
||||
/**
|
||||
* 来源的模版角色id(1052上线后可删除)
|
||||
*/
|
||||
@Deprecated
|
||||
private Long fromPreRoleId;
|
||||
|
||||
/**
|
||||
* 获取主键值
|
||||
*
|
||||
|
||||
@ -77,4 +77,10 @@ public interface SaasRoleUserService {
|
||||
* @return
|
||||
*/
|
||||
boolean deleteUserRoleIncludeAdmin(List<DeleteUserRoleIncludeAdminParam> params);
|
||||
|
||||
/**
|
||||
* 创建机构账户类型
|
||||
* @param param
|
||||
*/
|
||||
void createAgencyAdminRole(CreateAgencyAdminRoleParam param);
|
||||
}
|
||||
@ -1,8 +1,20 @@
|
||||
package cn.axzo.tyr.server.service.impl;
|
||||
|
||||
import java.util.*;
|
||||
import java.util.stream.Collectors;
|
||||
|
||||
import org.apache.commons.lang3.StringUtils;
|
||||
import org.springframework.stereotype.Service;
|
||||
import org.springframework.transaction.annotation.Transactional;
|
||||
|
||||
import com.alibaba.nacos.common.utils.CollectionUtils;
|
||||
import com.baomidou.mybatisplus.core.toolkit.Wrappers;
|
||||
import com.google.common.collect.Lists;
|
||||
|
||||
import cn.axzo.basics.common.constant.enums.TableIsDeleteEnum;
|
||||
import cn.axzo.basics.common.exception.ServiceException;
|
||||
import cn.axzo.basics.common.util.AssertUtil;
|
||||
import cn.axzo.framework.jackson.utility.JSON;
|
||||
import cn.axzo.pokonyan.config.mybatisplus.BaseEntity;
|
||||
import cn.axzo.tyr.client.common.enums.RoleTypeEnum;
|
||||
import cn.axzo.tyr.client.model.BaseWorkspaceModel;
|
||||
@ -10,24 +22,18 @@ import cn.axzo.tyr.client.model.enums.IdentityType;
|
||||
import cn.axzo.tyr.client.model.roleuser.dto.SuperAdminInfoDTO;
|
||||
import cn.axzo.tyr.client.model.roleuser.req.*;
|
||||
import cn.axzo.tyr.server.repository.dao.SaasRoleDao;
|
||||
import cn.axzo.tyr.server.repository.dao.SaasRoleGroupDao;
|
||||
import cn.axzo.tyr.server.repository.dao.SaasRoleGroupRelationDao;
|
||||
import cn.axzo.tyr.server.repository.dao.SaasRoleUserRelationDao;
|
||||
import cn.axzo.tyr.server.repository.entity.SaasRole;
|
||||
import cn.axzo.tyr.server.repository.entity.SaasRoleGroup;
|
||||
import cn.axzo.tyr.server.repository.entity.SaasRoleGroupRelation;
|
||||
import cn.axzo.tyr.server.repository.entity.SaasRoleUserRelation;
|
||||
import cn.axzo.tyr.server.service.SaasRoleUserService;
|
||||
import cn.hutool.core.collection.CollUtil;
|
||||
import cn.hutool.core.collection.CollectionUtil;
|
||||
import com.alibaba.nacos.common.utils.CollectionUtils;
|
||||
import com.baomidou.mybatisplus.core.toolkit.Wrappers;
|
||||
import com.google.common.collect.Lists;
|
||||
import lombok.RequiredArgsConstructor;
|
||||
import lombok.extern.slf4j.Slf4j;
|
||||
import org.springframework.stereotype.Service;
|
||||
import org.springframework.transaction.annotation.Transactional;
|
||||
|
||||
import java.util.Collections;
|
||||
import java.util.List;
|
||||
import java.util.Objects;
|
||||
import java.util.Set;
|
||||
import java.util.stream.Collectors;
|
||||
|
||||
/**
|
||||
* 角色
|
||||
@ -43,6 +49,8 @@ public class RoleUserService implements SaasRoleUserService {
|
||||
|
||||
private final SaasRoleUserRelationDao roleUserRelationDao;
|
||||
private final SaasRoleDao saasRoleDao;
|
||||
private final SaasRoleGroupRelationDao roleGroupRelationDao;
|
||||
private final SaasRoleGroupDao roleGroupDao;
|
||||
@Override
|
||||
@Transactional(rollbackFor = Exception.class)
|
||||
public void saveOrUpdate(RoleUserReq req) {
|
||||
@ -232,4 +240,76 @@ public class RoleUserService implements SaasRoleUserService {
|
||||
});
|
||||
return true;
|
||||
}
|
||||
|
||||
@Override
|
||||
@Transactional(rollbackFor = Exception.class)
|
||||
public void createAgencyAdminRole(CreateAgencyAdminRoleParam param) {
|
||||
/*
|
||||
* 根据传入的角色id和适用单位类型,筛选出符合添加权限的角色
|
||||
*/
|
||||
List<SaasRoleGroupRelation> matchedRelations = filterAgencyAdminRoleGroupRelation(param);
|
||||
List<Long> matchedRoleIds = matchedRelations.stream().map(SaasRoleGroupRelation::getRoleId).sorted().collect(Collectors.toList());
|
||||
|
||||
// 如果用户已经存在对应的权限,忽略,如果不存在,添加
|
||||
List<Long> existUserRoleIds = roleUserRelationDao.lambdaQuery().in(SaasRoleUserRelation::getRoleId, matchedRoleIds).eq(SaasRoleUserRelation::getWorkspaceId, param.getWorkspaceId())
|
||||
.eq(SaasRoleUserRelation::getOuId, param.getOuId()).eq(SaasRoleUserRelation::getIdentityId, param.getIdentityId()).eq(SaasRoleUserRelation::getIdentityType, param.getIdentityType())
|
||||
.eq(SaasRoleUserRelation::getIsDelete, TableIsDeleteEnum.NORMAL.value).list().stream().map(SaasRoleUserRelation::getRoleId).collect(Collectors.toList());
|
||||
|
||||
Collection<Long> insertRoleIds = org.apache.commons.collections4.CollectionUtils.subtract(matchedRoleIds, existUserRoleIds);
|
||||
if (CollectionUtils.isEmpty(insertRoleIds)) {
|
||||
return;
|
||||
}
|
||||
List<SaasRoleUserRelation> newUserRoleRelations = insertRoleIds.stream().map(rid -> {
|
||||
SaasRoleUserRelation roleUserRelation = new SaasRoleUserRelation();
|
||||
roleUserRelation.setIdentityId(param.getIdentityId());
|
||||
roleUserRelation.setIdentityType(param.getIdentityType().getCode());
|
||||
roleUserRelation.setRoleId(rid);
|
||||
roleUserRelation.setNaturalPersonId(param.getNaturalPersonId());
|
||||
roleUserRelation.setCreateBy(0L);
|
||||
roleUserRelation.setUpdateBy(0L);
|
||||
roleUserRelation.setOuId(param.getOuId());
|
||||
roleUserRelation.setWorkspaceId(param.getWorkspaceId());
|
||||
roleUserRelation.setResourceType(0);
|
||||
roleUserRelation.setResourceId(0L);
|
||||
return roleUserRelation;
|
||||
}).collect(Collectors.toList());
|
||||
roleUserRelationDao.saveBatch(newUserRoleRelations);
|
||||
}
|
||||
|
||||
private List<SaasRoleGroupRelation> filterAgencyAdminRoleGroupRelation(CreateAgencyAdminRoleParam param) {
|
||||
// 根据传入的角色id筛选出内置角色
|
||||
List<SaasRole> saasRoles = saasRoleDao.lambdaQuery().in(SaasRole::getId, param.getUpdateRoleIds())
|
||||
.eq(SaasRole::getRoleType, RoleTypeEnum.INIT.getValue())
|
||||
.eq(SaasRole::getIsDelete, TableIsDeleteEnum.NORMAL.value).list();
|
||||
if (CollUtil.isEmpty(saasRoles)) {
|
||||
throw new ServiceException("选中角色中无角色可以给改分包公司所属类型适用");
|
||||
}
|
||||
// 传入的角色id对应的角色可能不存在|已删除|不是内置角色,需要重新过滤一次
|
||||
List<Long> roleIds = saasRoles.stream().map(SaasRole::getId).sorted().collect(Collectors.toList());
|
||||
// 获取这些角色对应的分组,角色必须绑定在某个分组下,删除分组时候需要判断分组下是否有角色,否则不能删除,但是如果手动删除数据或者创建角色和删除分组时候出现并发,可能导致这种角色对应的分组不存在,需要人工处理
|
||||
List<SaasRoleGroupRelation> roleGroupRelations = roleGroupRelationDao.lambdaQuery().in(SaasRoleGroupRelation::getRoleId, roleIds).eq(SaasRoleGroupRelation::getIsDelete, TableIsDeleteEnum.NORMAL.value).list();
|
||||
if (CollectionUtils.isEmpty(roleGroupRelations)) {
|
||||
log.error("数据异常,所选角色没有对应角色分组信息:roleId {}", JSON.toJSONString(roleIds));
|
||||
throw new ServiceException("数据错误,所选角色没有对应角色分组信息,请联系管理员");
|
||||
}
|
||||
/*
|
||||
* 根据角色分组上的适用单位类型,来筛选出符合传入的单位类型的角色信息
|
||||
*/
|
||||
List<Long> roleGroupIds = roleGroupRelations.stream().map(SaasRoleGroupRelation::getSaasRoleGroupId).sorted().collect(Collectors.toList());
|
||||
List<SaasRoleGroup> roleGroups = roleGroupDao.lambdaQuery().in(SaasRoleGroup::getId, roleGroupIds).eq(SaasRoleGroup::getIsDelete, TableIsDeleteEnum.NORMAL.value).list();
|
||||
if (CollectionUtils.isEmpty(roleGroups)) {
|
||||
log.error("数据错误,角色关联已被删除的分组信息,roleId {}, roleGroupIds {}", JSON.toJSONString(roleIds), JSON.toJSONString(roleGroupIds));
|
||||
throw new ServiceException("数据错误,角色关联已被删除的分组信息,请联系管理员");
|
||||
}
|
||||
Set<Long> matchedRoleGroupIds = roleGroups.stream().filter(g -> {
|
||||
if (StringUtils.isBlank(g.getOuTypeCode())) {
|
||||
return false;
|
||||
}
|
||||
return Arrays.stream(g.getOuTypeCode().split(",")).filter(StringUtils::isNotBlank).anyMatch(s -> StringUtils.equals(s, param.getOrganizationalUnitTypeCode().toString()));
|
||||
}).map(SaasRoleGroup::getId).collect(Collectors.toSet());
|
||||
if (CollectionUtils.isEmpty(matchedRoleGroupIds)) {
|
||||
throw new ServiceException("选中角色中无角色可以给改分包公司所属类型适用");
|
||||
}
|
||||
return roleGroupRelations.stream().filter(r -> matchedRoleGroupIds.contains(r.getSaasRoleGroupId())).collect(Collectors.toList());
|
||||
}
|
||||
}
|
||||
|
||||
Loading…
Reference in New Issue
Block a user