Merge remote-tracking branch 'origin/feature/REQ-3068' into release/20241016
This commit is contained in:
lilong
commit
2ae3650cd4
@ -1,6 +1,7 @@
|
|||||||
package cn.axzo.tyr.client.feign;
|
package cn.axzo.tyr.client.feign;
|
||||||
|
|
||||||
import cn.axzo.framework.domain.web.result.ApiResult;
|
import cn.axzo.framework.domain.web.result.ApiResult;
|
||||||
|
import cn.axzo.tyr.client.model.req.BatchPermissionCheckReq;
|
||||||
import cn.axzo.tyr.client.model.req.ListPermissionFeatureReq;
|
import cn.axzo.tyr.client.model.req.ListPermissionFeatureReq;
|
||||||
import cn.axzo.tyr.client.model.req.NavTreeReq;
|
import cn.axzo.tyr.client.model.req.NavTreeReq;
|
||||||
import cn.axzo.tyr.client.model.req.PagePermissionReq;
|
import cn.axzo.tyr.client.model.req.PagePermissionReq;
|
||||||
@ -8,6 +9,7 @@ import cn.axzo.tyr.client.model.req.PagePermissionResp;
|
|||||||
import cn.axzo.tyr.client.model.req.PermissionCheckReq;
|
import cn.axzo.tyr.client.model.req.PermissionCheckReq;
|
||||||
import cn.axzo.tyr.client.model.req.TreePermissionReq;
|
import cn.axzo.tyr.client.model.req.TreePermissionReq;
|
||||||
import cn.axzo.tyr.client.model.req.TreeProductFeatureResourceReq;
|
import cn.axzo.tyr.client.model.req.TreeProductFeatureResourceReq;
|
||||||
|
import cn.axzo.tyr.client.model.res.BatchPermissionCheckRes;
|
||||||
import cn.axzo.tyr.client.model.res.FeatureResourceDTO;
|
import cn.axzo.tyr.client.model.res.FeatureResourceDTO;
|
||||||
import cn.axzo.tyr.client.model.res.ListPermissionFeatureResp;
|
import cn.axzo.tyr.client.model.res.ListPermissionFeatureResp;
|
||||||
import cn.axzo.tyr.client.model.res.NavTreeResp;
|
import cn.axzo.tyr.client.model.res.NavTreeResp;
|
||||||
@ -44,6 +46,14 @@ public interface PermissionQueryApi {
|
|||||||
@PostMapping(value = "/api/v3/permission/query/hasPermission")
|
@PostMapping(value = "/api/v3/permission/query/hasPermission")
|
||||||
ApiResult<Boolean> hasPermission(@RequestBody @Valid PermissionCheckReq req);
|
ApiResult<Boolean> hasPermission(@RequestBody @Valid PermissionCheckReq req);
|
||||||
|
|
||||||
|
/**
|
||||||
|
* 批量鉴权
|
||||||
|
* @param req
|
||||||
|
* @return
|
||||||
|
*/
|
||||||
|
@PostMapping(value = "/api/v3/permission/query/hasPermission/batch")
|
||||||
|
ApiResult<BatchPermissionCheckRes> hasPermissionBatch(@RequestBody @Valid BatchPermissionCheckReq req);
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* 查询租户的权限树
|
* 查询租户的权限树
|
||||||
* @param request
|
* @param request
|
||||||
|
|||||||
@ -107,9 +107,13 @@ public interface TyrSaasRoleApi {
|
|||||||
*
|
*
|
||||||
* @return
|
* @return
|
||||||
*/
|
*/
|
||||||
|
@Deprecated
|
||||||
@PostMapping("/api/saasRole/queryBatchByIdentityIdType")
|
@PostMapping("/api/saasRole/queryBatchByIdentityIdType")
|
||||||
ApiResult<List<QueryBatchByIdentityIdTypeRes>> queryBatchByIdentityIdType(@RequestBody List<QueryByIdentityIdTypeReq> req);
|
ApiResult<List<QueryBatchByIdentityIdTypeRes>> queryBatchByIdentityIdType(@RequestBody List<QueryByIdentityIdTypeReq> req);
|
||||||
|
|
||||||
|
@PostMapping("/api/saasRole/queryBatchByIdentityIdType/v2")
|
||||||
|
ApiResult<List<QueryBatchByIdentityIdTypeRes>> queryBatchByIdentityIdTypeV2(@RequestBody List<QueryByIdentityIdTypeReq> req);
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* 根据身份id身份类型查询是否为超管
|
* 根据身份id身份类型查询是否为超管
|
||||||
*
|
*
|
||||||
|
|||||||
@ -0,0 +1,28 @@
|
|||||||
|
package cn.axzo.tyr.client.model.req;
|
||||||
|
|
||||||
|
import cn.axzo.tyr.client.model.base.WorkspaceOUPair;
|
||||||
|
import lombok.AllArgsConstructor;
|
||||||
|
import lombok.Builder;
|
||||||
|
import lombok.Data;
|
||||||
|
import lombok.NoArgsConstructor;
|
||||||
|
|
||||||
|
import javax.validation.constraints.NotBlank;
|
||||||
|
import javax.validation.constraints.NotEmpty;
|
||||||
|
import javax.validation.constraints.NotNull;
|
||||||
|
import java.util.List;
|
||||||
|
|
||||||
|
@Data
|
||||||
|
@Builder
|
||||||
|
@NoArgsConstructor
|
||||||
|
@AllArgsConstructor
|
||||||
|
public class BatchPermissionCheckReq {
|
||||||
|
|
||||||
|
@NotNull(message = "personId不能为空")
|
||||||
|
private Long personId;
|
||||||
|
|
||||||
|
@NotEmpty(message = "workspaceOUPairs不能为空")
|
||||||
|
private List<WorkspaceOUPair> workspaceOUPairs;
|
||||||
|
|
||||||
|
@NotBlank(message = "itemCode不能为空")
|
||||||
|
private String itemCode;
|
||||||
|
}
|
||||||
@ -9,6 +9,10 @@ import lombok.*;
|
|||||||
@EqualsAndHashCode
|
@EqualsAndHashCode
|
||||||
public class QueryByIdentityIdTypeReq {
|
public class QueryByIdentityIdTypeReq {
|
||||||
|
|
||||||
|
/**
|
||||||
|
* personId跟identityId、identityType不能混用
|
||||||
|
* 只存在使用personId或者identityId\identityType
|
||||||
|
*/
|
||||||
Long identityId;
|
Long identityId;
|
||||||
|
|
||||||
/**
|
/**
|
||||||
|
|||||||
@ -0,0 +1,34 @@
|
|||||||
|
package cn.axzo.tyr.client.model.res;
|
||||||
|
|
||||||
|
import lombok.AllArgsConstructor;
|
||||||
|
import lombok.Builder;
|
||||||
|
import lombok.Data;
|
||||||
|
import lombok.NoArgsConstructor;
|
||||||
|
|
||||||
|
import java.util.List;
|
||||||
|
|
||||||
|
@Data
|
||||||
|
@Builder
|
||||||
|
@NoArgsConstructor
|
||||||
|
@AllArgsConstructor
|
||||||
|
public class BatchPermissionCheckRes {
|
||||||
|
|
||||||
|
private List<WorkspaceOuPermission> workspaceOuPermissions;
|
||||||
|
|
||||||
|
@Data
|
||||||
|
@Builder
|
||||||
|
@NoArgsConstructor
|
||||||
|
@AllArgsConstructor
|
||||||
|
public static class WorkspaceOuPermission {
|
||||||
|
private Long ouId;
|
||||||
|
|
||||||
|
private Long workspaceId;
|
||||||
|
|
||||||
|
/**
|
||||||
|
* true表示有权限
|
||||||
|
* false表示没权限
|
||||||
|
*/
|
||||||
|
private Boolean permissionResult;
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
@ -113,6 +113,9 @@ public class ListRoleUserRelationParam {
|
|||||||
@CriteriaField(ignore = true)
|
@CriteriaField(ignore = true)
|
||||||
private Set<String> roleCodes;
|
private Set<String> roleCodes;
|
||||||
|
|
||||||
|
@CriteriaField(ignore = true)
|
||||||
|
private List<BatchPerson> batchPersons;
|
||||||
|
|
||||||
@Data
|
@Data
|
||||||
@Builder
|
@Builder
|
||||||
@NoArgsConstructor
|
@NoArgsConstructor
|
||||||
@ -130,4 +133,23 @@ public class ListRoleUserRelationParam {
|
|||||||
private Long ouId;
|
private Long ouId;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
@Data
|
||||||
|
@Builder
|
||||||
|
@NoArgsConstructor
|
||||||
|
@AllArgsConstructor
|
||||||
|
public static class BatchPerson {
|
||||||
|
private Long identityId;
|
||||||
|
|
||||||
|
/**
|
||||||
|
* 身份类型 1:工人 2:班组长 3:从业人员 4:监管人员 5:运营人员
|
||||||
|
*/
|
||||||
|
private Integer identityType;
|
||||||
|
|
||||||
|
private Long workspaceId;
|
||||||
|
|
||||||
|
private Long ouId;
|
||||||
|
|
||||||
|
private Long personId;
|
||||||
|
}
|
||||||
|
|
||||||
}
|
}
|
||||||
|
|||||||
@ -1,7 +1,10 @@
|
|||||||
package cn.axzo.tyr.server.controller.permission;
|
package cn.axzo.tyr.server.controller.permission;
|
||||||
|
|
||||||
|
import cn.axzo.basics.common.BeanMapper;
|
||||||
import cn.axzo.framework.domain.web.result.ApiResult;
|
import cn.axzo.framework.domain.web.result.ApiResult;
|
||||||
import cn.axzo.tyr.client.feign.PermissionQueryApi;
|
import cn.axzo.tyr.client.feign.PermissionQueryApi;
|
||||||
|
import cn.axzo.tyr.client.model.req.BatchPermissionCheckReq;
|
||||||
|
import cn.axzo.tyr.client.model.req.IdentityAuthReq;
|
||||||
import cn.axzo.tyr.client.model.req.ListPermissionFeatureReq;
|
import cn.axzo.tyr.client.model.req.ListPermissionFeatureReq;
|
||||||
import cn.axzo.tyr.client.model.req.NavTreeReq;
|
import cn.axzo.tyr.client.model.req.NavTreeReq;
|
||||||
import cn.axzo.tyr.client.model.req.PagePermissionReq;
|
import cn.axzo.tyr.client.model.req.PagePermissionReq;
|
||||||
@ -9,17 +12,22 @@ import cn.axzo.tyr.client.model.req.PagePermissionResp;
|
|||||||
import cn.axzo.tyr.client.model.req.PermissionCheckReq;
|
import cn.axzo.tyr.client.model.req.PermissionCheckReq;
|
||||||
import cn.axzo.tyr.client.model.req.TreePermissionReq;
|
import cn.axzo.tyr.client.model.req.TreePermissionReq;
|
||||||
import cn.axzo.tyr.client.model.req.TreeProductFeatureResourceReq;
|
import cn.axzo.tyr.client.model.req.TreeProductFeatureResourceReq;
|
||||||
|
import cn.axzo.tyr.client.model.res.BatchPermissionCheckRes;
|
||||||
import cn.axzo.tyr.client.model.res.FeatureResourceDTO;
|
import cn.axzo.tyr.client.model.res.FeatureResourceDTO;
|
||||||
|
import cn.axzo.tyr.client.model.res.IdentityAuthRes;
|
||||||
import cn.axzo.tyr.client.model.res.ListPermissionFeatureResp;
|
import cn.axzo.tyr.client.model.res.ListPermissionFeatureResp;
|
||||||
import cn.axzo.tyr.client.model.res.NavTreeResp;
|
import cn.axzo.tyr.client.model.res.NavTreeResp;
|
||||||
import cn.axzo.tyr.client.model.res.ProductFeatureResourceResp;
|
import cn.axzo.tyr.client.model.res.ProductFeatureResourceResp;
|
||||||
import cn.axzo.tyr.client.model.res.TreePermissionResp;
|
import cn.axzo.tyr.client.model.res.TreePermissionResp;
|
||||||
import cn.axzo.tyr.server.service.PermissionQueryService;
|
import cn.axzo.tyr.server.service.PermissionQueryService;
|
||||||
|
import cn.axzo.tyr.server.service.TyrSaasAuthService;
|
||||||
import lombok.RequiredArgsConstructor;
|
import lombok.RequiredArgsConstructor;
|
||||||
import lombok.extern.slf4j.Slf4j;
|
import lombok.extern.slf4j.Slf4j;
|
||||||
|
import org.apache.commons.collections.CollectionUtils;
|
||||||
import org.springframework.web.bind.annotation.RestController;
|
import org.springframework.web.bind.annotation.RestController;
|
||||||
|
|
||||||
import java.util.List;
|
import java.util.List;
|
||||||
|
import java.util.stream.Collectors;
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* 权限接口实现
|
* 权限接口实现
|
||||||
@ -34,6 +42,7 @@ import java.util.List;
|
|||||||
public class PermissionQueryController implements PermissionQueryApi {
|
public class PermissionQueryController implements PermissionQueryApi {
|
||||||
|
|
||||||
private final PermissionQueryService permissionService;
|
private final PermissionQueryService permissionService;
|
||||||
|
private final TyrSaasAuthService tyrSaasAuthService;
|
||||||
|
|
||||||
@Override
|
@Override
|
||||||
public ApiResult<List<NavTreeResp>> getNavTree(NavTreeReq req) {
|
public ApiResult<List<NavTreeResp>> getNavTree(NavTreeReq req) {
|
||||||
@ -50,6 +59,27 @@ public class PermissionQueryController implements PermissionQueryApi {
|
|||||||
return ApiResult.ok(permissionService.hasPermission(req));
|
return ApiResult.ok(permissionService.hasPermission(req));
|
||||||
}
|
}
|
||||||
|
|
||||||
|
@Override
|
||||||
|
public ApiResult<BatchPermissionCheckRes> hasPermissionBatch(BatchPermissionCheckReq req) {
|
||||||
|
|
||||||
|
IdentityAuthReq request = IdentityAuthReq.builder().build();
|
||||||
|
request.setPersonId(req.getPersonId());
|
||||||
|
List<IdentityAuthReq.WorkspaceOuPair> pairs = BeanMapper.copyList(req.getWorkspaceOUPairs(), IdentityAuthReq.WorkspaceOuPair.class);
|
||||||
|
request.setWorkspaceOusPairs(pairs);
|
||||||
|
request.setItemCode(req.getItemCode());
|
||||||
|
IdentityAuthRes authRes = tyrSaasAuthService.findIdentityAuthMix(request);
|
||||||
|
|
||||||
|
return ApiResult.ok(BatchPermissionCheckRes.builder()
|
||||||
|
.workspaceOuPermissions(authRes.getPermissions().stream()
|
||||||
|
.map(e -> BatchPermissionCheckRes.WorkspaceOuPermission.builder()
|
||||||
|
.workspaceId(e.getWorkspaceId())
|
||||||
|
.ouId(e.getOuId())
|
||||||
|
.permissionResult(CollectionUtils.isNotEmpty(e.getPermissionPoint()))
|
||||||
|
.build())
|
||||||
|
.collect(Collectors.toList()))
|
||||||
|
.build());
|
||||||
|
}
|
||||||
|
|
||||||
@Override
|
@Override
|
||||||
public ApiResult<List<ProductFeatureResourceResp>> treeProduct(TreeProductFeatureResourceReq request) {
|
public ApiResult<List<ProductFeatureResourceResp>> treeProduct(TreeProductFeatureResourceReq request) {
|
||||||
return ApiResult.ok(permissionService.treeProduct(request));
|
return ApiResult.ok(permissionService.treeProduct(request));
|
||||||
|
|||||||
@ -173,6 +173,11 @@ public class SaasRoleController implements TyrSaasRoleApi {
|
|||||||
return ApiResult.ok(roleService.queryBatchByIdentityIdType(req));
|
return ApiResult.ok(roleService.queryBatchByIdentityIdType(req));
|
||||||
}
|
}
|
||||||
|
|
||||||
|
@Override
|
||||||
|
public ApiResult<List<QueryBatchByIdentityIdTypeRes>> queryBatchByIdentityIdTypeV2(List<QueryByIdentityIdTypeReq> req) {
|
||||||
|
return ApiResult.ok(roleService.queryBatchByIdentityIdTypeV2(req));
|
||||||
|
}
|
||||||
|
|
||||||
@Override
|
@Override
|
||||||
public ApiResult<List<IsSuperAdminRes>> isSuperAdmin(List<QueryByIdentityIdTypeReq> req) {
|
public ApiResult<List<IsSuperAdminRes>> isSuperAdmin(List<QueryByIdentityIdTypeReq> req) {
|
||||||
return ApiResult.ok(roleService.isSuperAdmin(req));
|
return ApiResult.ok(roleService.isSuperAdmin(req));
|
||||||
|
|||||||
@ -55,8 +55,11 @@ public interface RoleService extends IService<SaasRole> {
|
|||||||
|
|
||||||
List<SaasRoleVO> query(QuerySaasRoleReq req);
|
List<SaasRoleVO> query(QuerySaasRoleReq req);
|
||||||
|
|
||||||
|
@Deprecated
|
||||||
List<QueryBatchByIdentityIdTypeRes> queryBatchByIdentityIdType(List<QueryByIdentityIdTypeReq> req);
|
List<QueryBatchByIdentityIdTypeRes> queryBatchByIdentityIdType(List<QueryByIdentityIdTypeReq> req);
|
||||||
|
|
||||||
|
List<QueryBatchByIdentityIdTypeRes> queryBatchByIdentityIdTypeV2(List<QueryByIdentityIdTypeReq> req);
|
||||||
|
|
||||||
Long saveOrUpdate(SaveOrUpdateRoleVO saveOrUpdateRole);
|
Long saveOrUpdate(SaveOrUpdateRoleVO saveOrUpdateRole);
|
||||||
|
|
||||||
List<IsSuperAdminRes> isSuperAdmin(List<QueryByIdentityIdTypeReq> req);
|
List<IsSuperAdminRes> isSuperAdmin(List<QueryByIdentityIdTypeReq> req);
|
||||||
|
|||||||
@ -46,11 +46,14 @@ import cn.axzo.tyr.client.model.vo.SaveOrUpdateRoleVO;
|
|||||||
import cn.axzo.tyr.server.config.MqProducer;
|
import cn.axzo.tyr.server.config.MqProducer;
|
||||||
import cn.axzo.tyr.server.event.payload.RolePermissionCreatedPayload;
|
import cn.axzo.tyr.server.event.payload.RolePermissionCreatedPayload;
|
||||||
import cn.axzo.tyr.server.event.payload.SaasFeatureResourceUpsertPayload;
|
import cn.axzo.tyr.server.event.payload.SaasFeatureResourceUpsertPayload;
|
||||||
|
import cn.axzo.tyr.server.model.RelationOperateLogResourceBindRoleDO;
|
||||||
|
import cn.axzo.tyr.server.model.RelationOperateLogRoleBindResourceDO;
|
||||||
import cn.axzo.tyr.server.model.ResourcePermission;
|
import cn.axzo.tyr.server.model.ResourcePermission;
|
||||||
import cn.axzo.tyr.server.model.ResourcePermissionQueryDTO;
|
import cn.axzo.tyr.server.model.ResourcePermissionQueryDTO;
|
||||||
import cn.axzo.tyr.server.model.RoleFeatureRelation;
|
import cn.axzo.tyr.server.model.RoleFeatureRelation;
|
||||||
import cn.axzo.tyr.server.model.RoleWithFeature;
|
import cn.axzo.tyr.server.model.RoleWithFeature;
|
||||||
import cn.axzo.tyr.server.repository.dao.SaasFeatureDao;
|
import cn.axzo.tyr.server.repository.dao.SaasFeatureDao;
|
||||||
|
import cn.axzo.tyr.server.repository.dao.SaasFeatureResourceDao;
|
||||||
import cn.axzo.tyr.server.repository.dao.SaasPermissionGroupDao;
|
import cn.axzo.tyr.server.repository.dao.SaasPermissionGroupDao;
|
||||||
import cn.axzo.tyr.server.repository.dao.SaasPgroupPermissionRelationDao;
|
import cn.axzo.tyr.server.repository.dao.SaasPgroupPermissionRelationDao;
|
||||||
import cn.axzo.tyr.server.repository.dao.SaasPgroupRoleRelationDao;
|
import cn.axzo.tyr.server.repository.dao.SaasPgroupRoleRelationDao;
|
||||||
@ -62,17 +65,22 @@ import cn.axzo.tyr.server.repository.entity.SaasFeature;
|
|||||||
import cn.axzo.tyr.server.repository.entity.SaasFeatureResource;
|
import cn.axzo.tyr.server.repository.entity.SaasFeatureResource;
|
||||||
import cn.axzo.tyr.server.repository.entity.SaasPermissionGroup;
|
import cn.axzo.tyr.server.repository.entity.SaasPermissionGroup;
|
||||||
import cn.axzo.tyr.server.repository.entity.SaasPgroupPermissionRelation;
|
import cn.axzo.tyr.server.repository.entity.SaasPgroupPermissionRelation;
|
||||||
|
import cn.axzo.tyr.server.repository.entity.SaasPgroupPermissionRelationOperateLog;
|
||||||
import cn.axzo.tyr.server.repository.entity.SaasPgroupRoleRelation;
|
import cn.axzo.tyr.server.repository.entity.SaasPgroupRoleRelation;
|
||||||
import cn.axzo.tyr.server.repository.entity.SaasRole;
|
import cn.axzo.tyr.server.repository.entity.SaasRole;
|
||||||
import cn.axzo.tyr.server.repository.entity.SaasRoleGroup;
|
import cn.axzo.tyr.server.repository.entity.SaasRoleGroup;
|
||||||
import cn.axzo.tyr.server.repository.entity.SaasRoleGroupRelation;
|
import cn.axzo.tyr.server.repository.entity.SaasRoleGroupRelation;
|
||||||
import cn.axzo.tyr.server.repository.entity.SaasRoleUserRelation;
|
import cn.axzo.tyr.server.repository.entity.SaasRoleUserRelation;
|
||||||
import cn.axzo.tyr.server.repository.entity.SaasRoleWithUser;
|
import cn.axzo.tyr.server.repository.entity.SaasRoleWithUser;
|
||||||
import cn.axzo.tyr.server.model.*;
|
|
||||||
import cn.axzo.tyr.server.repository.dao.*;
|
|
||||||
import cn.axzo.tyr.server.repository.entity.*;
|
|
||||||
import cn.axzo.tyr.server.repository.mapper.SaasRoleMapper;
|
import cn.axzo.tyr.server.repository.mapper.SaasRoleMapper;
|
||||||
import cn.axzo.tyr.server.service.*;
|
import cn.axzo.tyr.server.service.PermissionGroupService;
|
||||||
|
import cn.axzo.tyr.server.service.RoleService;
|
||||||
|
import cn.axzo.tyr.server.service.SaasFeatureResourceService;
|
||||||
|
import cn.axzo.tyr.server.service.SaasPgroupPermissionRelationOperateLogService;
|
||||||
|
import cn.axzo.tyr.server.service.SaasPgroupPermissionRelationService;
|
||||||
|
import cn.axzo.tyr.server.service.SaasRoleGroupRelationService;
|
||||||
|
import cn.axzo.tyr.server.service.SaasRoleGroupService;
|
||||||
|
import cn.axzo.tyr.server.service.SaasRoleUserRelationService;
|
||||||
import cn.axzo.tyr.server.util.RpcInternalUtil;
|
import cn.axzo.tyr.server.util.RpcInternalUtil;
|
||||||
import cn.azxo.framework.common.constatns.Constants;
|
import cn.azxo.framework.common.constatns.Constants;
|
||||||
import cn.hutool.core.bean.BeanUtil;
|
import cn.hutool.core.bean.BeanUtil;
|
||||||
@ -355,6 +363,71 @@ public class RoleServiceImpl extends ServiceImpl<SaasRoleMapper, SaasRole>
|
|||||||
return result;
|
return result;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
@Override
|
||||||
|
public List<QueryBatchByIdentityIdTypeRes> queryBatchByIdentityIdTypeV2(List<QueryByIdentityIdTypeReq> req) {
|
||||||
|
// 一起查询,减少数据库io,原来入参过多时,接口性能很差
|
||||||
|
List<ListRoleUserRelationParam.BatchPerson> batchPersons = req.stream()
|
||||||
|
.distinct()
|
||||||
|
.map(e -> {
|
||||||
|
ListRoleUserRelationParam.BatchPerson batchPerson = ListRoleUserRelationParam.BatchPerson.builder().build();
|
||||||
|
BeanUtils.copyProperties(e, batchPerson);
|
||||||
|
return batchPerson;
|
||||||
|
})
|
||||||
|
.collect(Collectors.toList());
|
||||||
|
List<SaasRoleUserV2DTO> saasRoleUsers = saasRoleUserRelationService.listV2(ListRoleUserRelationParam.builder()
|
||||||
|
.batchPersons(batchPersons)
|
||||||
|
.build());
|
||||||
|
|
||||||
|
List<Long> allRoleIds = saasRoleUsers.stream()
|
||||||
|
.map(SaasRoleUserV2DTO::getRoleId)
|
||||||
|
.distinct()
|
||||||
|
.collect(Collectors.toList());
|
||||||
|
|
||||||
|
// 这里使用原来代码的查询角色信息的接口,因为接口返回的对象使用的这个接口返回对象
|
||||||
|
Map<Long, SaasRoleVO> saasRoles = getByIds(allRoleIds, null, null, null, false, null)
|
||||||
|
.stream()
|
||||||
|
.collect(Collectors.toMap(SaasRoleVO::getId, Function.identity()));
|
||||||
|
|
||||||
|
return batchPersons.stream()
|
||||||
|
.map(e -> {
|
||||||
|
QueryBatchByIdentityIdTypeRes result = QueryBatchByIdentityIdTypeRes.builder().build();
|
||||||
|
BeanUtils.copyProperties(e, result);
|
||||||
|
// 原代码是入参有personId就使用personId查询,不能同时使用personId和identityId、identityType
|
||||||
|
// 因为入参workspaceId和ouId不一定都有,所以不好转成map去取,只能遍历,数据量不大,所以还好
|
||||||
|
Set<Long> roleIds = saasRoleUsers.stream()
|
||||||
|
.filter(role -> {
|
||||||
|
if (Objects.nonNull(e.getIdentityType()) && !Objects.equals(e.getIdentityType(), role.getSaasRoleUser().getIdentityType())) {
|
||||||
|
return false;
|
||||||
|
}
|
||||||
|
|
||||||
|
if (Objects.nonNull(e.getIdentityId()) && !Objects.equals(e.getIdentityId(), role.getSaasRoleUser().getIdentityId())) {
|
||||||
|
return false;
|
||||||
|
}
|
||||||
|
|
||||||
|
if (Objects.nonNull(e.getPersonId()) && !Objects.equals(e.getPersonId(), role.getSaasRoleUser().getPersonId())) {
|
||||||
|
return false;
|
||||||
|
}
|
||||||
|
|
||||||
|
if (Objects.nonNull(e.getWorkspaceId()) && !Objects.equals(e.getWorkspaceId(), role.getSaasRoleUser().getWorkspaceId())) {
|
||||||
|
return false;
|
||||||
|
}
|
||||||
|
|
||||||
|
if (Objects.nonNull(e.getOuId()) && !Objects.equals(e.getOuId(), role.getSaasRoleUser().getOuId())) {
|
||||||
|
return false;
|
||||||
|
}
|
||||||
|
return true;
|
||||||
|
})
|
||||||
|
.map(SaasRoleUserV2DTO::getRoleId)
|
||||||
|
.collect(Collectors.toSet());
|
||||||
|
|
||||||
|
if (CollectionUtils.isNotEmpty(roleIds)) {
|
||||||
|
result.setRole(roleIds.stream().map(saasRoles::get).filter(Objects::nonNull).collect(Collectors.toList()));
|
||||||
|
}
|
||||||
|
return result;
|
||||||
|
})
|
||||||
|
.collect(Collectors.toList());
|
||||||
|
}
|
||||||
|
|
||||||
@Override
|
@Override
|
||||||
@Transactional(rollbackFor = Exception.class)
|
@Transactional(rollbackFor = Exception.class)
|
||||||
public Long saveOrUpdate(SaveOrUpdateRoleVO saveOrUpdateRole) {
|
public Long saveOrUpdate(SaveOrUpdateRoleVO saveOrUpdateRole) {
|
||||||
|
|||||||
@ -925,7 +925,11 @@ public class SaasFeatureResourceServiceImpl extends ServiceImpl<SaasFeatureResou
|
|||||||
}
|
}
|
||||||
|
|
||||||
return resolveSaasFeature(Sets.newHashSet(terminals)).stream()
|
return resolveSaasFeature(Sets.newHashSet(terminals)).stream()
|
||||||
.collect(Collectors.toMap(SaasFeatureResourceDTO::getTerminal, SaasFeatureResourceDTO::getFeatures));
|
.collect(Collectors.toMap(SaasFeatureResourceDTO::getTerminal, SaasFeatureResourceDTO::getFeatures,
|
||||||
|
(f, s) -> {
|
||||||
|
f.addAll(s);
|
||||||
|
return f;
|
||||||
|
}));
|
||||||
}
|
}
|
||||||
|
|
||||||
private List<SaasFeatureResourceDTO> resolveSaasFeature(Set<String> terminals) {
|
private List<SaasFeatureResourceDTO> resolveSaasFeature(Set<String> terminals) {
|
||||||
|
|||||||
@ -161,6 +161,8 @@ public class SaasRoleUserRelationServiceImpl extends ServiceImpl<SaasRoleUserRel
|
|||||||
}
|
}
|
||||||
wrapper.in(!CollectionUtils.isEmpty(roleIds), "role_id", roleIds);
|
wrapper.in(!CollectionUtils.isEmpty(roleIds), "role_id", roleIds);
|
||||||
|
|
||||||
|
assembleBatchPersonWrapper(param, wrapper);
|
||||||
|
|
||||||
IPage<SaasRoleUserRelation> page = this.page(PageConverter.toMybatis(param, SaasRoleUserRelation.class), wrapper);
|
IPage<SaasRoleUserRelation> page = this.page(PageConverter.toMybatis(param, SaasRoleUserRelation.class), wrapper);
|
||||||
|
|
||||||
Map<Long, SaasRoleUserV2DTO.SaasRoleUser> saasRoleUsers = listSaasRoleUser(param, page.getRecords());
|
Map<Long, SaasRoleUserV2DTO.SaasRoleUser> saasRoleUsers = listSaasRoleUser(param, page.getRecords());
|
||||||
@ -170,6 +172,26 @@ public class SaasRoleUserRelationServiceImpl extends ServiceImpl<SaasRoleUserRel
|
|||||||
return PageConverter.toResp(page, (record) -> from(record, saasRoleUsers, saasRoles));
|
return PageConverter.toResp(page, (record) -> from(record, saasRoleUsers, saasRoles));
|
||||||
}
|
}
|
||||||
|
|
||||||
|
private void assembleBatchPersonWrapper(PageRoleUserRelationParam param,
|
||||||
|
QueryWrapper<SaasRoleUserRelation> wrapper) {
|
||||||
|
|
||||||
|
if (CollectionUtils.isEmpty(param.getBatchPersons())) {
|
||||||
|
return;
|
||||||
|
}
|
||||||
|
|
||||||
|
wrapper.and(j -> {
|
||||||
|
for (ListRoleUserRelationParam.BatchPerson batchPerson : param.getBatchPersons()) {
|
||||||
|
j.or(k -> {
|
||||||
|
k.eq(Objects.nonNull(batchPerson.getPersonId()), "natural_person_id", batchPerson.getPersonId());
|
||||||
|
k.eq(Objects.nonNull(batchPerson.getIdentityId()), "identity_id", batchPerson.getIdentityId());
|
||||||
|
k.eq(Objects.nonNull(batchPerson.getIdentityType()), "identity_type", batchPerson.getIdentityType());
|
||||||
|
k.eq(Objects.nonNull(batchPerson.getWorkspaceId()), "workspace_id", batchPerson.getWorkspaceId());
|
||||||
|
k.eq(Objects.nonNull(batchPerson.getOuId()), "ou_id", batchPerson.getOuId());
|
||||||
|
});
|
||||||
|
}
|
||||||
|
});
|
||||||
|
}
|
||||||
|
|
||||||
private Set<Long> resolveRoleIds(PageRoleUserRelationParam param) {
|
private Set<Long> resolveRoleIds(PageRoleUserRelationParam param) {
|
||||||
if (CollectionUtils.isEmpty(param.getRoleCodes())) {
|
if (CollectionUtils.isEmpty(param.getRoleCodes())) {
|
||||||
return Optional.ofNullable(param.getRoleIds())
|
return Optional.ofNullable(param.getRoleIds())
|
||||||
|
|||||||
@ -814,7 +814,7 @@ public class TyrSaasAuthServiceImpl implements TyrSaasAuthService {
|
|||||||
try {
|
try {
|
||||||
return findIdentityAuthV2(req).getPermissions();
|
return findIdentityAuthV2(req).getPermissions();
|
||||||
} catch (Exception ex) {
|
} catch (Exception ex) {
|
||||||
log.error("查询权限异常,执行降级处理");
|
log.error("查询权限异常,执行降级处理,", ex);
|
||||||
return findIdentityAuth(req).getPermissions();
|
return findIdentityAuth(req).getPermissions();
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|||||||
Loading…
Reference in New Issue
Block a user