Merge remote-tracking branch 'origin/feature/REQ-1502' into feature/REQ-1502
This commit is contained in:
陈维伟
commit
2d254e93d2
@ -111,6 +111,6 @@ public interface ProductApi {
|
||||
* @param workspaceIds
|
||||
* @return
|
||||
*/
|
||||
@PostMapping("/temp")
|
||||
ApiResult<Map<Long, List<ProductFeatureRelationVO>>> queryProductFeatureRelationByWorkspace(Set<Long> workspaceIds);
|
||||
@PostMapping("api/auth/product/feature/query")
|
||||
ApiResult<Map<Long, List<ProductFeatureRelationVO>>> queryProductFeatureRelationByWorkspace(@RequestBody Set<Long> workspaceIds);
|
||||
}
|
||||
|
||||
@ -77,7 +77,7 @@ public interface TyrSaasAuthApi {
|
||||
* @param req
|
||||
* @return
|
||||
*/
|
||||
@PostMapping("/api/v2/auth/listPermissionFromFeature")
|
||||
@PostMapping("/api/v2/auth/listIdentityFromPermission")
|
||||
ApiResult<List<QueryIdentityByPermissionResp>> listIdentityFromPermissionV2(@RequestBody ListPermissionFromFeatureReq req);
|
||||
|
||||
|
||||
|
||||
@ -0,0 +1,20 @@
|
||||
package cn.axzo.tyr.client.feign;
|
||||
|
||||
import cn.axzo.framework.domain.web.result.ApiResult;
|
||||
import cn.axzo.tyr.client.model.req.FeaturePermissionReq;
|
||||
import cn.axzo.tyr.client.model.res.FeaturePermissionRes;
|
||||
import org.springframework.cloud.openfeign.FeignClient;
|
||||
import org.springframework.validation.annotation.Validated;
|
||||
import org.springframework.web.bind.annotation.PostMapping;
|
||||
import org.springframework.web.bind.annotation.RequestBody;
|
||||
|
||||
/**
|
||||
* @author honghao.zhang
|
||||
* @since 2023/10/18 18:29
|
||||
*/
|
||||
@FeignClient(name = "tyr", url = "${axzo.service.tyr:http://tyr:8080}")
|
||||
public interface TyrSaasFeatureApi {
|
||||
|
||||
@PostMapping("/api/saasFeature/permission/codes")
|
||||
ApiResult<FeaturePermissionRes> listPermissionCodes(@RequestBody @Validated FeaturePermissionReq req);
|
||||
}
|
||||
@ -0,0 +1,47 @@
|
||||
package cn.axzo.tyr.client.model.req;
|
||||
|
||||
import lombok.AccessLevel;
|
||||
import lombok.Getter;
|
||||
import lombok.Setter;
|
||||
import lombok.ToString;
|
||||
import lombok.experimental.FieldDefaults;
|
||||
|
||||
import javax.validation.constraints.Min;
|
||||
import javax.validation.constraints.NotNull;
|
||||
|
||||
/**
|
||||
* @author honghao.zhang
|
||||
* @since 2023/10/18 17:17
|
||||
*/
|
||||
@Getter
|
||||
@Setter
|
||||
@ToString(callSuper = true)
|
||||
@FieldDefaults(level = AccessLevel.PRIVATE)
|
||||
public class FeaturePermissionReq {
|
||||
|
||||
/**
|
||||
* 工作台id
|
||||
*/
|
||||
@NotNull
|
||||
@Min(value = 1)
|
||||
Long workspaceId;
|
||||
/**
|
||||
* 单位id
|
||||
*/
|
||||
@NotNull
|
||||
@Min(value = 1)
|
||||
Long ouId;
|
||||
|
||||
/**
|
||||
* 指定端的权限
|
||||
*/
|
||||
String terminal;
|
||||
|
||||
@NotNull
|
||||
@Min(value = 1)
|
||||
Long identityId;
|
||||
@NotNull
|
||||
@Min(value = 0)
|
||||
Integer identityType;
|
||||
|
||||
}
|
||||
@ -0,0 +1,41 @@
|
||||
package cn.axzo.tyr.client.model.req;
|
||||
|
||||
import lombok.Data;
|
||||
|
||||
/**
|
||||
* @author honghao.zhang
|
||||
* @since 2023/10/18 17:50
|
||||
*/
|
||||
@Data
|
||||
public class FeatureTreeReq {
|
||||
|
||||
/**
|
||||
* 身份Id
|
||||
*/
|
||||
private Long identityId;
|
||||
|
||||
private Integer identityType;
|
||||
|
||||
/**
|
||||
* 工作台Id
|
||||
*/
|
||||
private Long workspaceId;
|
||||
|
||||
/**
|
||||
* 单位Id
|
||||
*/
|
||||
private Long ouId;
|
||||
|
||||
/**
|
||||
* 指定端的权限
|
||||
*/
|
||||
private String terminal;
|
||||
|
||||
/**
|
||||
* FeatureType: 类型 0.模块 1.菜单 2页面 3功能
|
||||
* 此字段=0,只返回模块,=1,返回到菜单级,=2,返回到页面级,=3,到功能级。
|
||||
* 此字段默认到功能级, (会做为递归的深度限制)
|
||||
* ------
|
||||
*/
|
||||
private Integer limitFeatureTypeLevel = 3;
|
||||
}
|
||||
@ -0,0 +1,23 @@
|
||||
package cn.axzo.tyr.client.model.res;
|
||||
|
||||
import lombok.AccessLevel;
|
||||
import lombok.Getter;
|
||||
import lombok.Setter;
|
||||
import lombok.ToString;
|
||||
import lombok.experimental.FieldDefaults;
|
||||
|
||||
import java.util.Set;
|
||||
|
||||
/**
|
||||
* @author honghao.zhang
|
||||
* @since 2023/10/18 17:30
|
||||
*/
|
||||
@Getter
|
||||
@Setter
|
||||
@ToString(callSuper = true)
|
||||
@FieldDefaults(level = AccessLevel.PRIVATE)
|
||||
public class FeaturePermissionRes {
|
||||
|
||||
boolean superAdmin = false;
|
||||
Set<String> permissionCodes;
|
||||
}
|
||||
@ -0,0 +1,159 @@
|
||||
package cn.axzo.tyr.client.model.res;
|
||||
|
||||
import cn.axzo.basics.common.model.IBaseTree;
|
||||
import com.fasterxml.jackson.annotation.JsonIgnore;
|
||||
import lombok.Data;
|
||||
|
||||
import java.util.Date;
|
||||
import java.util.List;
|
||||
|
||||
/**
|
||||
* @author honghao.zhang
|
||||
* @since 2023/10/18 18:10
|
||||
*/
|
||||
@Data
|
||||
public class FeatureTreeResp implements IBaseTree<FeatureTreeResp, String> {
|
||||
|
||||
/**
|
||||
* 元素 Id
|
||||
*/
|
||||
private Long id;
|
||||
|
||||
/**
|
||||
* 父级 Id
|
||||
*/
|
||||
private Long parentId;
|
||||
|
||||
/**
|
||||
* 0.模块 1.菜单 2页面 3功能 99:端-不可编辑
|
||||
*/
|
||||
private Integer menuType;
|
||||
|
||||
/**
|
||||
* 元素名称
|
||||
*/
|
||||
private String name;
|
||||
/**
|
||||
* code
|
||||
*/
|
||||
private String code;
|
||||
|
||||
/**
|
||||
* 图标名
|
||||
*/
|
||||
private String icon;
|
||||
/**
|
||||
* 路由地址
|
||||
*/
|
||||
private String linkUrl;
|
||||
/**
|
||||
* 1:安心筑企业 2:小程序 4:原生 如果菜单同时又对应app上展示 则填写对应linkUrl 和linkExt
|
||||
*/
|
||||
private Integer linkType;
|
||||
/**
|
||||
* 扩展字段 原生使用
|
||||
*/
|
||||
private String linkExt;
|
||||
|
||||
/**
|
||||
* 排序号
|
||||
*/
|
||||
private Integer sort;
|
||||
|
||||
|
||||
/**
|
||||
* 小程序id 关联micro_app_item id
|
||||
*/
|
||||
private String microAppItemId;
|
||||
|
||||
/**
|
||||
* 菜单适用于平台 NT_CMS_WEB_ENT_ZB:企业工作台 NT_CMS_WEB_PROJ:项目工作台
|
||||
* NT_CMP_APP_ENT_ZB:从业人员企业端 NT_CMP_APP_PROJ:从业人员项目端
|
||||
* NT_CM_APP_CM_LEADER:班组长侧 NT_CM_APP_WORKER:工人侧
|
||||
* NT_OMS_WEB OMS,运营管理后台 NT_SM:数据大屏
|
||||
* NT_SCREEN 数据大屏
|
||||
* */
|
||||
private String terminal;
|
||||
|
||||
/**
|
||||
* 备注
|
||||
*/
|
||||
private String remark;
|
||||
|
||||
/**
|
||||
* 创建时间
|
||||
*/
|
||||
private Date createAt;
|
||||
|
||||
/**
|
||||
* 更新时间
|
||||
*/
|
||||
private Date updateAt;
|
||||
|
||||
/**
|
||||
* 1:总包 2:建设单位 4:监理单位 8:劳务分包 16:专业分包
|
||||
*/
|
||||
private List<Integer> fitOuTypes;
|
||||
|
||||
/**
|
||||
* 1:部门 2:班组 4:小组
|
||||
*/
|
||||
private List<Integer> fitOuNodeTypes;
|
||||
|
||||
/**
|
||||
* 适配老接口 应用所属 system:系统应用 personal:个人应用 business:业务应用 只会挂在第一级别
|
||||
*/
|
||||
private String legacyLayout;
|
||||
|
||||
|
||||
/**
|
||||
* 网关专属字段,所属应用
|
||||
*/
|
||||
private String appName;
|
||||
/**
|
||||
* 网关专属字段,是否授权 0:无需要授权 1:需要授权
|
||||
*/
|
||||
private Integer needAuth;
|
||||
|
||||
/**
|
||||
* 网关专属字段,是否认证 0:无需要认证 1:需要认证
|
||||
*/
|
||||
private Integer needCert;
|
||||
|
||||
/**
|
||||
* 网关专属字段 ,功能URL,对应后端接口url
|
||||
*/
|
||||
private String featureUrl;
|
||||
|
||||
/**
|
||||
* 子集
|
||||
*/
|
||||
private List<FeatureTreeResp> children;
|
||||
|
||||
private String businessNo;
|
||||
|
||||
private String parentBusinessNo;
|
||||
|
||||
@Override
|
||||
@JsonIgnore
|
||||
public String getNodeCode() {
|
||||
return businessNo;
|
||||
}
|
||||
|
||||
@Override
|
||||
@JsonIgnore
|
||||
public String getParentNodeCode() {
|
||||
return parentBusinessNo;
|
||||
}
|
||||
|
||||
@Override
|
||||
@JsonIgnore
|
||||
public List<FeatureTreeResp> getNodeChildren() {
|
||||
return children;
|
||||
}
|
||||
|
||||
@Override
|
||||
public void setNodeChildren(List<FeatureTreeResp> nodeChildren) {
|
||||
this.children = nodeChildren;
|
||||
}
|
||||
}
|
||||
@ -49,14 +49,12 @@ public class TyrSaasAuthController implements TyrSaasAuthApi {
|
||||
|
||||
@Override
|
||||
public ApiResult<Boolean> hasPermissionForIdentityV2(CheckIdentityPermissionReq req) {
|
||||
//TODO:@Zhan
|
||||
return null;
|
||||
return ApiResult.ok(tyrSaasAuthService.hasPermissionForIdentityV2(req));
|
||||
}
|
||||
|
||||
@Override
|
||||
public ApiResult<List<QueryIdentityByPermissionResp>> listIdentityFromPermissionV2(ListPermissionFromFeatureReq req) {
|
||||
//TODO:@Zhan
|
||||
return null;
|
||||
return ApiResult.ok(tyrSaasAuthService.listIdentityFromPermissionV2(req));
|
||||
}
|
||||
|
||||
}
|
||||
|
||||
@ -0,0 +1,27 @@
|
||||
package cn.axzo.tyr.server.controller.permission;
|
||||
|
||||
import cn.axzo.framework.domain.web.result.ApiResult;
|
||||
import cn.axzo.tyr.client.feign.TyrSaasFeatureApi;
|
||||
import cn.axzo.tyr.client.model.req.FeaturePermissionReq;
|
||||
import cn.axzo.tyr.client.model.res.FeaturePermissionRes;
|
||||
import cn.axzo.tyr.server.service.SaasFeatureService;
|
||||
import lombok.RequiredArgsConstructor;
|
||||
import lombok.extern.slf4j.Slf4j;
|
||||
import org.springframework.web.bind.annotation.RestController;
|
||||
|
||||
/**
|
||||
* @author honghao.zhang
|
||||
* @since 2023/10/18 18:30
|
||||
*/
|
||||
@Slf4j
|
||||
@RestController
|
||||
@RequiredArgsConstructor
|
||||
public class TyrSaasFeatureController implements TyrSaasFeatureApi {
|
||||
|
||||
private final SaasFeatureService saasFeatureService;
|
||||
|
||||
@Override
|
||||
public ApiResult<FeaturePermissionRes> listPermissionCodes(FeaturePermissionReq req) {
|
||||
return ApiResult.ok(saasFeatureService.listPermissionCodes(req));
|
||||
}
|
||||
}
|
||||
@ -1,5 +1,6 @@
|
||||
package cn.axzo.tyr.server.repository.dao;
|
||||
|
||||
import cn.axzo.tyr.client.model.req.FeatureTreeReq;
|
||||
import cn.axzo.tyr.server.repository.entity.SaasFeature;
|
||||
import com.baomidou.mybatisplus.extension.service.IService;
|
||||
|
||||
@ -24,4 +25,11 @@ public interface SaasFeatureDao extends IService<SaasFeature> {
|
||||
List<SaasFeature> listLikePath(String path);
|
||||
|
||||
List<SaasFeature> listByParentIdAndTerminal(Long parentId, String terminal);
|
||||
|
||||
List<SaasFeature> listFeatureByTerminal(String terminal);
|
||||
|
||||
List<String> listCodeByProductIds(FeatureTreeReq req, List<Long> productIds);
|
||||
|
||||
List<String> listByProductIdsAndTerminal(List<Long> productIds, String terminal);
|
||||
|
||||
}
|
||||
|
||||
@ -1,11 +1,13 @@
|
||||
package cn.axzo.tyr.server.repository.dao.impl;
|
||||
|
||||
import cn.axzo.tyr.client.model.req.FeatureTreeReq;
|
||||
import cn.axzo.tyr.server.repository.entity.SaasFeature;
|
||||
import cn.axzo.tyr.server.repository.mapper.SaasFeatureMapper;
|
||||
import cn.axzo.tyr.server.repository.dao.SaasFeatureDao;
|
||||
import com.baomidou.mybatisplus.core.conditions.query.LambdaQueryWrapper;
|
||||
import com.baomidou.mybatisplus.core.conditions.update.LambdaUpdateWrapper;
|
||||
import com.baomidou.mybatisplus.extension.service.impl.ServiceImpl;
|
||||
import org.apache.commons.lang3.StringUtils;
|
||||
import org.springframework.stereotype.Service;
|
||||
|
||||
import java.util.List;
|
||||
@ -47,4 +49,19 @@ public class SaasFeatureDaoImpl extends ServiceImpl<SaasFeatureMapper, SaasFeatu
|
||||
.eq(SaasFeature::getParentId, parentId)
|
||||
.eq(SaasFeature::getTerminal, terminal));
|
||||
}
|
||||
|
||||
@Override
|
||||
public List<SaasFeature> listFeatureByTerminal(String terminal) {
|
||||
return lambdaQuery().eq(StringUtils.isNotEmpty(terminal), SaasFeature::getTerminal, terminal).list();
|
||||
}
|
||||
|
||||
@Override
|
||||
public List<String> listCodeByProductIds(FeatureTreeReq req, List<Long> productIds) {
|
||||
return this.baseMapper.listCodeByProductIds(req, productIds);
|
||||
}
|
||||
|
||||
@Override
|
||||
public List<String> listByProductIdsAndTerminal(List<Long> productIds, String terminal) {
|
||||
return this.baseMapper.listCodeByProductIdsAndTerminal(productIds, terminal);
|
||||
}
|
||||
}
|
||||
|
||||
@ -1,9 +1,13 @@
|
||||
package cn.axzo.tyr.server.repository.mapper;
|
||||
|
||||
import cn.axzo.tyr.client.model.req.FeatureTreeReq;
|
||||
import cn.axzo.tyr.server.repository.entity.SaasFeature;
|
||||
import com.baomidou.mybatisplus.core.mapper.BaseMapper;
|
||||
import org.apache.ibatis.annotations.Param;
|
||||
import org.apache.ibatis.annotations.Update;
|
||||
|
||||
import java.util.List;
|
||||
|
||||
/**
|
||||
* <p>
|
||||
* Mapper 接口
|
||||
@ -18,4 +22,8 @@ public interface SaasFeatureMapper extends BaseMapper<SaasFeature> {
|
||||
"SET path = REPLACE(path,#{pathPrefix}, #{newPathPrefix}) , update_by = #{updater} " +
|
||||
"WHERE path LIKE CONCAT(#{pathPrefix},'%') ")
|
||||
void updateChildrenPath(Long updater, String pathPrefix, String newPathPrefix);
|
||||
|
||||
List<String> listCodeByProductIds(@Param("req") FeatureTreeReq req, @Param("productIds") List<Long> productIds);
|
||||
|
||||
List<String> listCodeByProductIdsAndTerminal(@Param("productIds") List<Long> productIds, @Param("terminal") String terminal);
|
||||
}
|
||||
@ -60,6 +60,15 @@ public interface RoleService {
|
||||
* @return
|
||||
*/
|
||||
List<SaasRoleVO> findRoleByName(QueryRoleByNameReq req);
|
||||
|
||||
/** 分页查询角色含用户 **/
|
||||
PageResp<RoleWithUserRes> queryRoleWithUser(RoleWithUserQueryReq req);
|
||||
|
||||
/**
|
||||
* 通过角色类型获取角色
|
||||
* @param req
|
||||
* @param roleTypes
|
||||
* @return
|
||||
*/
|
||||
List<SaasRoleVO> queryRoleByRoleTypes(QueryByIdentityIdTypeReq req, List<String> roleTypes);
|
||||
}
|
||||
|
||||
@ -0,0 +1,13 @@
|
||||
package cn.axzo.tyr.server.service;
|
||||
|
||||
import cn.axzo.tyr.client.model.req.FeaturePermissionReq;
|
||||
import cn.axzo.tyr.client.model.res.FeaturePermissionRes;
|
||||
|
||||
/**
|
||||
* @author honghao.zhang
|
||||
* @since 2023/10/18 18:25
|
||||
*/
|
||||
public interface SaasFeatureService {
|
||||
|
||||
FeaturePermissionRes listPermissionCodes(FeaturePermissionReq req);
|
||||
}
|
||||
@ -31,4 +31,7 @@ public interface TyrSaasAuthService {
|
||||
*/
|
||||
IdentityAuthRes findIdentityAuth(IdentityAuthReq identityAuthReq);
|
||||
|
||||
boolean hasPermissionForIdentityV2(CheckIdentityPermissionReq req);
|
||||
|
||||
List<QueryIdentityByPermissionResp> listIdentityFromPermissionV2(ListPermissionFromFeatureReq req);
|
||||
}
|
||||
|
||||
@ -493,6 +493,20 @@ public class RoleServiceImpl implements RoleService {
|
||||
return PageResp.list(req.getPage(), req.getPageSize(), rolePage.getTotal(), resultData);
|
||||
}
|
||||
|
||||
@Override
|
||||
public List<SaasRoleVO> queryRoleByRoleTypes(QueryByIdentityIdTypeReq req, List<String> roleTypes) {
|
||||
List<Long> roleIds = roleUserRelationDao.query(req.getIdentityId(), req.getIdentityType(),
|
||||
req.getWorkspaceId(), req.getOuId()).stream().map(SaasRoleUserRelation::getRoleId).collect(Collectors.toList());
|
||||
List<SaasRole> list = new ArrayList<>();
|
||||
if (CollectionUtils.isNotEmpty(roleIds)) {
|
||||
list = saasRoleDao.lambdaQuery()
|
||||
.in(BaseEntity::getId, roleIds)
|
||||
.in(SaasRole::getRoleType, roleTypes)
|
||||
.list();
|
||||
}
|
||||
return BeanUtil.copyToList(list, SaasRoleVO.class);
|
||||
}
|
||||
|
||||
@Override
|
||||
public List<SaasRoleVO> findRoleByName(QueryRoleByNameReq req) {
|
||||
List<SaasRole> roleList = saasRoleDao.findRoleByName(req.getOuId(), req.getWorkspaceId(), req.getRoleNames());
|
||||
|
||||
@ -0,0 +1,202 @@
|
||||
package cn.axzo.tyr.server.service.impl;
|
||||
|
||||
import cn.axzo.framework.domain.ServiceException;
|
||||
import cn.axzo.thrones.client.saas.ServicePkgClient;
|
||||
import cn.axzo.thrones.client.saas.entity.serivicepgkproduct.ServicePkgProduct;
|
||||
import cn.axzo.tyr.client.common.enums.RoleTypeEnum;
|
||||
import cn.axzo.tyr.client.model.req.FeaturePermissionReq;
|
||||
import cn.axzo.tyr.client.model.req.FeatureTreeReq;
|
||||
import cn.axzo.tyr.client.model.req.QueryByIdentityIdTypeReq;
|
||||
import cn.axzo.tyr.client.model.res.FeaturePermissionRes;
|
||||
import cn.axzo.tyr.client.model.res.FeatureTreeResp;
|
||||
import cn.axzo.tyr.client.model.vo.SaasRoleVO;
|
||||
import cn.axzo.tyr.server.repository.dao.SaasFeatureDao;
|
||||
import cn.axzo.tyr.server.repository.entity.SaasFeature;
|
||||
import cn.axzo.tyr.server.service.RoleService;
|
||||
import cn.axzo.tyr.server.service.SaasFeatureService;
|
||||
import cn.axzo.tyr.server.util.IdPathUtil;
|
||||
import cn.azxo.framework.common.logger.MethodAroundLog;
|
||||
import cn.azxo.framework.common.model.CommonResponse;
|
||||
import cn.hutool.core.bean.BeanUtil;
|
||||
import cn.hutool.core.collection.CollectionUtil;
|
||||
import com.google.common.collect.Lists;
|
||||
import lombok.RequiredArgsConstructor;
|
||||
import lombok.extern.slf4j.Slf4j;
|
||||
import org.springframework.stereotype.Service;
|
||||
import org.springframework.util.CollectionUtils;
|
||||
|
||||
import java.util.*;
|
||||
import java.util.function.Function;
|
||||
import java.util.stream.Collectors;
|
||||
|
||||
import static cn.axzo.tyr.server.util.RpcInternalUtil.checkAndGetData;
|
||||
|
||||
/**
|
||||
* @author honghao.zhang
|
||||
* @since 2023/10/18 18:26
|
||||
*/
|
||||
@Slf4j
|
||||
@Service
|
||||
@RequiredArgsConstructor
|
||||
public class SaasFeatureServiceImpl implements SaasFeatureService {
|
||||
|
||||
private final RoleService roleService;
|
||||
private final ServicePkgClient servicePkgClient;
|
||||
private final SaasFeatureDao saasFeatureDao;
|
||||
|
||||
@Override
|
||||
public FeaturePermissionRes listPermissionCodes(FeaturePermissionReq req) {
|
||||
FeaturePermissionRes featurePermissionRes = new FeaturePermissionRes();
|
||||
QueryByIdentityIdTypeReq idTypeReq = QueryByIdentityIdTypeReq.builder()
|
||||
.identityId(req.getIdentityId()).identityType(req.getIdentityType())
|
||||
.ouId(req.getOuId()).workspaceId(req.getWorkspaceId())
|
||||
.build();
|
||||
List<SaasRoleVO> saasRoleVOS = roleService.queryRoleByRoleTypes(idTypeReq, Lists.newArrayList(RoleTypeEnum.SUPER_ADMIN.getValue(),
|
||||
RoleTypeEnum.ADMIN.getValue()));
|
||||
featurePermissionRes.setSuperAdmin(saasRoleVOS.stream().anyMatch(e -> RoleTypeEnum.SUPER_ADMIN.getValue().equals(e.getRoleType())));
|
||||
FeatureTreeReq featureTreeReq = new FeatureTreeReq();
|
||||
featureTreeReq.setIdentityId(req.getIdentityId());
|
||||
featureTreeReq.setIdentityType(req.getIdentityType());
|
||||
featureTreeReq.setWorkspaceId(req.getWorkspaceId());
|
||||
featureTreeReq.setOuId(req.getOuId());
|
||||
featureTreeReq.setTerminal(req.getTerminal());
|
||||
|
||||
List<FeatureTreeResp> saasFeatureTreeResp = filterFeatureTree(featureTreeReq, !saasRoleVOS.isEmpty());
|
||||
Map<Integer, List<FeatureTreeResp>> treeMap = groupByMenuType(
|
||||
saasFeatureTreeResp, 20);
|
||||
featurePermissionRes.setPermissionCodes(treeMap.getOrDefault(3, Collections.emptyList()).stream().map(FeatureTreeResp::getCode)
|
||||
.collect(Collectors.toSet()));
|
||||
return featurePermissionRes;
|
||||
}
|
||||
|
||||
@MethodAroundLog(value = "获取权限集树")
|
||||
private List<FeatureTreeResp> filterFeatureTree(FeatureTreeReq req, boolean isAdmin) {
|
||||
// 1. 根据这个用户的角色,找到对应的code,Admin/Common各自的拿法。
|
||||
List<String> minFeatureCode = listFeatureCode(req, isAdmin);
|
||||
|
||||
log.info("产品对应的最小权限集:{}", minFeatureCode);
|
||||
// 因为只能查出来最小功能FeatureCode,所以在递归查询出其上级.
|
||||
List<SaasFeature> allFeature = saasFeatureDao.listFeatureByTerminal(req.getTerminal());
|
||||
List<SaasFeature> featureTree = constructFeatureByMinFeatureCode(minFeatureCode, allFeature
|
||||
);
|
||||
|
||||
// 2. 组织成一棵树
|
||||
return formatToTreeAndSort(featureTree, req.getLimitFeatureTypeLevel());
|
||||
}
|
||||
|
||||
private List<FeatureTreeResp> formatToTreeAndSort(List<SaasFeature> featureTree, Integer level) {
|
||||
List<FeatureTreeResp> roots = new ArrayList<>();
|
||||
Map<Long, FeatureTreeResp> map = new LinkedHashMap<>();
|
||||
|
||||
for (SaasFeature feature : featureTree) {
|
||||
if (feature.getFeatureType() > level)
|
||||
continue;
|
||||
FeatureTreeResp resp = featureBOToResp(feature);
|
||||
map.put(feature.getId(), resp);
|
||||
if (feature.getFeatureType() == 0 || feature.getParentId() == 0) {
|
||||
roots.add(resp);
|
||||
}
|
||||
}
|
||||
|
||||
for (FeatureTreeResp feature : map.values()) {
|
||||
FeatureTreeResp parent = map.get(feature.getParentId());
|
||||
if (null == parent) {
|
||||
continue;
|
||||
}
|
||||
if (parent.getChildren() == null)
|
||||
parent.setChildren(new ArrayList<>());
|
||||
parent.getChildren().add(feature);
|
||||
}
|
||||
return roots;
|
||||
}
|
||||
|
||||
private FeatureTreeResp featureBOToResp(SaasFeature feature) {
|
||||
FeatureTreeResp resp = new FeatureTreeResp();
|
||||
BeanUtil.copyProperties(feature, resp);
|
||||
resp.setName(feature.getFeatureName());
|
||||
resp.setCode(feature.getFeatureCode());
|
||||
resp.setMenuType(feature.getFeatureType());
|
||||
return resp;
|
||||
}
|
||||
|
||||
private List<SaasFeature> constructFeatureByMinFeatureCode(List<String> minFeatureCode, List<SaasFeature> allFeature) {
|
||||
List<SaasFeature> result = new ArrayList<>();
|
||||
Map<Long, SaasFeature> featureMap = allFeature.stream()
|
||||
.collect(Collectors.toMap(SaasFeature::getId, Function.identity()));
|
||||
if (!CollectionUtils.isEmpty(minFeatureCode)) {
|
||||
List<SaasFeature> minFeature = allFeature.stream()
|
||||
.filter(e -> org.apache.commons.lang3.StringUtils.isNotBlank(e.getFeatureCode())
|
||||
&& minFeatureCode.contains(e.getFeatureCode())).collect(Collectors.toList());
|
||||
result.addAll(minFeature);
|
||||
Set<String> collect = minFeature.stream().map(SaasFeature::getPath)
|
||||
.collect(Collectors.toSet());
|
||||
Set<Long> longs = IdPathUtil.featurePathsToIds(collect);
|
||||
for (Long aLong : longs) {
|
||||
SaasFeature saasFeatureBO = featureMap.get(aLong);
|
||||
if (saasFeatureBO != null) {
|
||||
result.add(saasFeatureBO);
|
||||
}
|
||||
}
|
||||
}
|
||||
return getFeatureBOS(result);
|
||||
}
|
||||
|
||||
private ArrayList<SaasFeature> getFeatureBOS(List<SaasFeature> result) {
|
||||
return result.stream()
|
||||
.collect(Collectors.collectingAndThen(
|
||||
Collectors.toCollection(
|
||||
() -> new TreeSet<>(Comparator.comparing(SaasFeature::getId))),
|
||||
ArrayList::new));
|
||||
}
|
||||
|
||||
private List<String> listFeatureCode(FeatureTreeReq req, boolean isAdmin) {
|
||||
List<Long> productIds = getProductIdsOfWorkspace(req.getWorkspaceId());
|
||||
if (isAdmin) {
|
||||
return listCodeByProductIdsAndTerminal(productIds, req.getTerminal());
|
||||
}
|
||||
return listCodeByProductIds(req, productIds);
|
||||
}
|
||||
|
||||
private List<String> listCodeByProductIds(FeatureTreeReq req, List<Long> productIds) {
|
||||
return saasFeatureDao.listCodeByProductIds(req, productIds);
|
||||
}
|
||||
|
||||
private List<String> listCodeByProductIdsAndTerminal(List<Long> productIds, String terminal) {
|
||||
return saasFeatureDao.listByProductIdsAndTerminal(productIds, terminal);
|
||||
}
|
||||
|
||||
private Map<Integer, List<FeatureTreeResp>> groupByMenuType(List<FeatureTreeResp> saasFeatureTree, Integer maxDepth) {
|
||||
HashMap<Integer, List<FeatureTreeResp>> result = new HashMap<>();
|
||||
if (CollectionUtil.isEmpty(saasFeatureTree) || maxDepth <= 0) {
|
||||
return result;
|
||||
}
|
||||
for (FeatureTreeResp featureTreeResp : saasFeatureTree) {
|
||||
|
||||
List<FeatureTreeResp> defaultLists = result.getOrDefault(featureTreeResp.getMenuType(), new ArrayList<>());
|
||||
if (defaultLists.isEmpty()) {
|
||||
result.put(featureTreeResp.getMenuType(), defaultLists);
|
||||
}
|
||||
defaultLists.add(featureTreeResp);
|
||||
Map<Integer, List<FeatureTreeResp>> children = groupByMenuType(featureTreeResp.getChildren(), --maxDepth);
|
||||
for (Integer childrenKey : children.keySet()) {
|
||||
List<FeatureTreeResp> childList = result.getOrDefault(childrenKey, new ArrayList<>());
|
||||
if (childList.isEmpty()) {
|
||||
result.put(childrenKey, childList);
|
||||
}
|
||||
childList.addAll(children.get(childrenKey));
|
||||
|
||||
}
|
||||
}
|
||||
return result;
|
||||
}
|
||||
|
||||
public List<Long> getProductIdsOfWorkspace(Long workspaceId) {
|
||||
CommonResponse<List<ServicePkgProduct>> servicePkgResponse = servicePkgClient.listProductInWorkSpace(workspaceId);
|
||||
List<ServicePkgProduct> products = checkAndGetData(servicePkgResponse);
|
||||
if (CollectionUtil.isEmpty(products)) {
|
||||
log.warn("thrones:获取产品列表失败:workspaceId{}", workspaceId);
|
||||
throw new ServiceException("当前工作台未找到任何的产品");
|
||||
}
|
||||
return products.stream().map(ServicePkgProduct::getProductId).collect(Collectors.toList());
|
||||
}
|
||||
}
|
||||
@ -52,6 +52,7 @@ import org.springframework.beans.factory.annotation.Qualifier;
|
||||
import org.springframework.stereotype.Service;
|
||||
|
||||
import java.util.ArrayList;
|
||||
import java.util.Arrays;
|
||||
import java.util.Collection;
|
||||
import java.util.Collections;
|
||||
import java.util.HashMap;
|
||||
@ -499,6 +500,35 @@ public class TyrSaasAuthServiceImpl implements TyrSaasAuthService {
|
||||
return result;
|
||||
}
|
||||
|
||||
@Override
|
||||
public boolean hasPermissionForIdentityV2(CheckIdentityPermissionReq req) {
|
||||
if (CollectionUtil.isEmpty(req.getCodes())) {
|
||||
return true;
|
||||
}
|
||||
IdentityAuthReq request = new IdentityAuthReq();
|
||||
request.setIdentityId(req.getIdentityId());
|
||||
request.setIdentityType(req.getIdentityType());
|
||||
if (StrUtil.isNotBlank(req.getTerminal())) {
|
||||
request.setTerminal(Collections.singletonList(req.getTerminal()));
|
||||
}
|
||||
IdentityAuthRes authRes = this.findIdentityAuth(request);
|
||||
HashSet<String> codeSet = new HashSet<>(req.getCodes());
|
||||
//比较code
|
||||
return authRes.getPermissions().stream()
|
||||
.anyMatch(e -> e.getPermissionPoint()
|
||||
.stream()
|
||||
.anyMatch(p -> codeSet.contains(p.getFeatureCode())));
|
||||
}
|
||||
|
||||
@Override
|
||||
public List<QueryIdentityByPermissionResp> listIdentityFromPermissionV2(ListPermissionFromFeatureReq req) {
|
||||
//TODO:@Zhan
|
||||
//超管 - 保持原逻辑
|
||||
//非超管 权限code+terminal -> feature -> 权限集 -> 例外权限集作用范围过滤 --> 权限集角色-角色组匹配OU类型资质(OU参建单位)
|
||||
//免授权型 - 没有意义
|
||||
return null;
|
||||
}
|
||||
|
||||
@Data
|
||||
public static class UserRoleInfoMap {
|
||||
|
||||
|
||||
@ -0,0 +1,33 @@
|
||||
package cn.axzo.tyr.server.util;
|
||||
|
||||
import lombok.AccessLevel;
|
||||
import lombok.NoArgsConstructor;
|
||||
import org.springframework.util.CollectionUtils;
|
||||
import org.springframework.util.StringUtils;
|
||||
|
||||
import java.util.Arrays;
|
||||
import java.util.Collections;
|
||||
import java.util.HashSet;
|
||||
import java.util.Set;
|
||||
import java.util.stream.Collectors;
|
||||
|
||||
@NoArgsConstructor(access = AccessLevel.PRIVATE)
|
||||
public class IdPathUtil {
|
||||
|
||||
private static final String PATH_SPLIT = "/";
|
||||
|
||||
public static Set<Long> featurePathsToIds(Set<String> paths) {
|
||||
if (CollectionUtils.isEmpty(paths)) {
|
||||
return Collections.emptySet();
|
||||
}
|
||||
return paths.stream().map(e -> {
|
||||
String[] split = e.split(PATH_SPLIT);
|
||||
return Arrays.stream(split).filter(StringUtils::hasText).map(Long::parseLong)
|
||||
.collect(Collectors.toSet());
|
||||
}).reduce(new HashSet<>(), (a, b) -> {
|
||||
a.addAll(b);
|
||||
return a;
|
||||
});
|
||||
}
|
||||
|
||||
}
|
||||
56
tyr-server/src/main/resources/mapper/SaasFeatureMapper.xml
Normal file
56
tyr-server/src/main/resources/mapper/SaasFeatureMapper.xml
Normal file
@ -0,0 +1,56 @@
|
||||
<?xml version="1.0" encoding="UTF-8"?>
|
||||
<!DOCTYPE mapper PUBLIC "-//mybatis.org//DTD Mapper 3.0//EN"
|
||||
"http://mybatis.org/dtd/mybatis-3-mapper.dtd">
|
||||
<mapper namespace="cn.axzo.tyr.server.repository.mapper.SaasFeatureMapper">
|
||||
|
||||
<select id="listCodeByProductIds" resultType="java.lang.String">
|
||||
select distinct sf.feature_code
|
||||
from saas_feature sf
|
||||
join saas_pgroup_permission_relation sppr on sf.id = sppr.feature_id and sppr.is_delete =0
|
||||
join saas_pgroup_role_relation sprr on sprr.group_id = sppr.group_id and sprr.is_delete = 0
|
||||
join saas_role sr on sr.id = sprr.role_id and sr.is_delete = 0
|
||||
join saas_role_user_relation srur on srur.role_id = sr.id and srur.is_delete = 0
|
||||
join saas_product_module_feature_relation pfr on pfr.feature_id = sf.id and pfr.is_delete = 0
|
||||
join saas_permission_group spg on spg.id = sprr.group_id and spg.is_delete = 0
|
||||
where sf.is_delete = 0
|
||||
<if test="req.workspaceId !=0 and req.workspaceId != null">
|
||||
and srur.workspace_id = #{req.workspaceId}
|
||||
</if>
|
||||
<if test="req.ouId !=0 and req.ouId != null">
|
||||
and srur.ou_id = #{req.ouId}
|
||||
</if>
|
||||
<if test="req.identityId !=0 and req.identityId != null">
|
||||
and srur.identity_id = #{req.identityId}
|
||||
</if>
|
||||
<if test="req.identityType != null">
|
||||
and srur.identity_type = #{req.identityType}
|
||||
</if>
|
||||
<if test="req.terminal !='' and req.terminal != null">
|
||||
and sf.terminal = #{req.terminal}
|
||||
</if>
|
||||
<if test="productIds != null and productIds.size>0">
|
||||
and pfr.product_module_id in
|
||||
<foreach collection="productIds" index="index" item="id" open="(" separator="," close=")">
|
||||
#{id}
|
||||
</foreach>
|
||||
</if>
|
||||
</select>
|
||||
|
||||
<select id="listCodeByProductIdsAndTerminal" resultType="java.lang.String">
|
||||
select distinct sf.feature_code
|
||||
from saas_feature sf
|
||||
join saas_product_module_feature_relation sp on sf.id = sp.feature_id
|
||||
where sf.is_delete = 0
|
||||
and sp.is_delete = 0
|
||||
<if test="productIds.size>0">
|
||||
and sp.product_module_id in
|
||||
<foreach collection="productIds" index="index" item="id" open="(" separator="," close=")">
|
||||
#{id}
|
||||
</foreach>
|
||||
</if>
|
||||
<if test="terminal != null and terminal !=''">
|
||||
AND sf.terminal=#{terminal}
|
||||
</if>
|
||||
</select>
|
||||
|
||||
</mapper>
|
||||
Loading…
Reference in New Issue
Block a user