feat:(REQ-3010) 迁移pudge接口
This commit is contained in:
lilong
parent
a995ae4fef
commit
3272ae9df5
@ -3,6 +3,7 @@ package cn.axzo.tyr.client.feign;
|
||||
import cn.axzo.tyr.client.model.permission.IdentityAndAccountResp;
|
||||
import cn.axzo.tyr.client.model.permission.WorkspaceGrantAdminRoleByPhoneReq;
|
||||
import cn.axzo.tyr.client.model.permission.WorkspaceGrantAdminRoleReq;
|
||||
import cn.axzo.tyr.client.model.req.UpdateUserJobReq;
|
||||
import cn.azxo.framework.common.model.CommonResponse;
|
||||
import org.springframework.cloud.openfeign.FeignClient;
|
||||
import org.springframework.validation.annotation.Validated;
|
||||
@ -36,4 +37,7 @@ public interface SaasRoleApi {
|
||||
*/
|
||||
@PostMapping("api/saas/role/grantAdminRoleByPhone")
|
||||
CommonResponse<List<IdentityAndAccountResp>> grantAdminRoleByPhone(@RequestBody @Valid List<WorkspaceGrantAdminRoleByPhoneReq> req);
|
||||
|
||||
@PostMapping("api/saas/role/user/update")
|
||||
CommonResponse<Boolean> updateUserRole(@RequestBody @Valid UpdateUserJobReq req);
|
||||
}
|
||||
|
||||
@ -0,0 +1,45 @@
|
||||
package cn.axzo.tyr.client.model.enums;
|
||||
|
||||
import com.baomidou.mybatisplus.annotation.EnumValue;
|
||||
import com.fasterxml.jackson.annotation.JsonCreator;
|
||||
import com.fasterxml.jackson.annotation.JsonValue;
|
||||
import lombok.Getter;
|
||||
import lombok.RequiredArgsConstructor;
|
||||
|
||||
import java.util.Arrays;
|
||||
|
||||
/**
|
||||
* @author tanjie@axzo.cn
|
||||
* @date 2022/10/10 10:50
|
||||
*/
|
||||
@Getter
|
||||
@RequiredArgsConstructor
|
||||
public enum SaasJobTypeEnum {
|
||||
//主岗
|
||||
MASTER_JOB(1,"岗位"),
|
||||
//兼岗
|
||||
SLAVE_JOB(2,"协助岗位");
|
||||
@EnumValue
|
||||
@JsonValue
|
||||
private Integer value;
|
||||
private String desc;
|
||||
|
||||
|
||||
SaasJobTypeEnum(Integer value, String desc) {
|
||||
this.value = value;
|
||||
this.desc = desc;
|
||||
}
|
||||
|
||||
@JsonCreator(mode = JsonCreator.Mode.DELEGATING)
|
||||
public static SaasJobTypeEnum create(Integer value){
|
||||
return match(value);
|
||||
}
|
||||
|
||||
public static SaasJobTypeEnum match(Integer saasJobType) {
|
||||
return Arrays.stream(values()).filter(e -> e.getValue().equals(saasJobType)).findFirst().get();
|
||||
}
|
||||
|
||||
public boolean isMaster() {
|
||||
return value.equals(MASTER_JOB.getValue());
|
||||
}
|
||||
}
|
||||
@ -0,0 +1,50 @@
|
||||
package cn.axzo.tyr.client.model.req;
|
||||
|
||||
import cn.axzo.basics.profiles.common.enums.IdentityType;
|
||||
import cn.axzo.tyr.client.model.enums.SaasJobTypeEnum;
|
||||
import lombok.EqualsAndHashCode;
|
||||
import lombok.Getter;
|
||||
import lombok.Setter;
|
||||
import lombok.ToString;
|
||||
|
||||
import javax.validation.constraints.Min;
|
||||
import javax.validation.constraints.NotEmpty;
|
||||
import javax.validation.constraints.NotNull;
|
||||
import java.util.Set;
|
||||
|
||||
/**
|
||||
* @author cn
|
||||
* @version 1.0
|
||||
* @description
|
||||
* @date 2022/10/14 11:44
|
||||
*/
|
||||
@Getter
|
||||
@Setter
|
||||
@ToString
|
||||
@EqualsAndHashCode
|
||||
public class UpdateUserJobReq {
|
||||
|
||||
@NotNull
|
||||
@Min(value = 1)
|
||||
private Long workspaceId;
|
||||
@NotNull
|
||||
@Min(value = 1)
|
||||
private Long identityId;
|
||||
@NotNull
|
||||
private IdentityType identityType;
|
||||
@NotNull
|
||||
@Min(value = 1)
|
||||
private Long ouId;
|
||||
@NotEmpty
|
||||
private Set<RoleReq> roles;
|
||||
|
||||
@Getter
|
||||
@Setter
|
||||
@ToString
|
||||
@EqualsAndHashCode
|
||||
public static class RoleReq {
|
||||
private String roleCode;
|
||||
private Long roleId;
|
||||
private SaasJobTypeEnum jobType;
|
||||
}
|
||||
}
|
||||
@ -0,0 +1,46 @@
|
||||
package cn.axzo.tyr.client.model.req;
|
||||
|
||||
import cn.axzo.basics.profiles.common.enums.IdentityType;
|
||||
import cn.axzo.tyr.client.model.enums.SaasJobTypeEnum;
|
||||
import lombok.AllArgsConstructor;
|
||||
import lombok.Builder;
|
||||
import lombok.Data;
|
||||
import lombok.NoArgsConstructor;
|
||||
|
||||
import java.util.List;
|
||||
|
||||
@Builder
|
||||
@Data
|
||||
@NoArgsConstructor
|
||||
@AllArgsConstructor
|
||||
public class WorkspaceUpdateUserRoleDTO {
|
||||
|
||||
/**
|
||||
* 工作台id,与context校验
|
||||
*/
|
||||
private Long workspaceId;
|
||||
|
||||
/**
|
||||
* 单位id : 必填
|
||||
*/
|
||||
private Long ouId;
|
||||
|
||||
/**
|
||||
* 被赋予角色的人的身份id
|
||||
*/
|
||||
private Long identityId;
|
||||
|
||||
/**
|
||||
* 被赋予角色的人的身份类型
|
||||
*/
|
||||
private IdentityType identityType;
|
||||
|
||||
/**
|
||||
* 完整的update,之前的所有RoleId都被更新
|
||||
*/
|
||||
private List<Long> updateRoleIds;
|
||||
|
||||
|
||||
private SaasJobTypeEnum jobType = SaasJobTypeEnum.SLAVE_JOB;
|
||||
|
||||
}
|
||||
@ -0,0 +1,49 @@
|
||||
package cn.axzo.tyr.server.common.util;
|
||||
|
||||
import java.util.List;
|
||||
|
||||
public class NumUtil {
|
||||
|
||||
public static boolean equals(Long a, Long b) {
|
||||
return numberEquals(a, b);
|
||||
}
|
||||
|
||||
public static boolean numberEquals(Number a, Number b) {
|
||||
if (a == null) {
|
||||
a = 0L;
|
||||
}
|
||||
if (b == null) {
|
||||
b = 0L;
|
||||
}
|
||||
|
||||
return a.equals(b);
|
||||
}
|
||||
|
||||
public static boolean equals(Integer a, Integer b) {
|
||||
return numberEquals(a, b);
|
||||
}
|
||||
|
||||
public static boolean notZero(Long a) {
|
||||
if (a == null) {
|
||||
return false;
|
||||
}
|
||||
return a.longValue() != 0L;
|
||||
}
|
||||
|
||||
public static String joinToString(List<Long> list, String split) {
|
||||
if (list == null || list.size() == 0)
|
||||
return "";
|
||||
StringBuilder sb = new StringBuilder(list.get(0).toString());
|
||||
for (int i = 1; i < list.size(); i++) {
|
||||
sb.append(split).append(list.get(i).toString());
|
||||
}
|
||||
return sb.toString();
|
||||
}
|
||||
|
||||
public static boolean isZero(Long workspaceId) {
|
||||
if(workspaceId == null)
|
||||
return true;
|
||||
return workspaceId == 0L;
|
||||
}
|
||||
|
||||
}
|
||||
@ -21,8 +21,10 @@ import cn.axzo.tyr.client.model.permission.IdentityAndAccountResp;
|
||||
import cn.axzo.tyr.client.model.permission.UpdateWorkspaceSupAdminDTO;
|
||||
import cn.axzo.tyr.client.model.permission.WorkspaceGrantAdminRoleByPhoneReq;
|
||||
import cn.axzo.tyr.client.model.permission.WorkspaceGrantAdminRoleReq;
|
||||
import cn.axzo.tyr.client.model.req.UpdateUserJobReq;
|
||||
import cn.axzo.tyr.client.model.roleuser.req.CreateSuperAdminRoleParam;
|
||||
import cn.axzo.tyr.server.controller.roleuser.RoleUserController;
|
||||
import cn.axzo.tyr.server.service.SaasRoleUserRelationService;
|
||||
import cn.axzo.tyr.server.util.RpcInternalUtil;
|
||||
import cn.azxo.framework.common.model.CommonResponse;
|
||||
import cn.hutool.extra.pinyin.PinyinUtil;
|
||||
@ -49,6 +51,8 @@ public class SaasRoleApiImpl implements SaasRoleApi {
|
||||
private RegulatorProfileApi regulatorProfileApi;
|
||||
@Autowired
|
||||
private SaasAccountApi saasAccountApi;
|
||||
@Autowired
|
||||
private SaasRoleUserRelationService saasRoleUserRelationService;
|
||||
|
||||
@Override
|
||||
@Transactional(rollbackFor = Exception.class)
|
||||
@ -172,4 +176,10 @@ public class SaasRoleApiImpl implements SaasRoleApi {
|
||||
});
|
||||
return CommonResponse.success(list);
|
||||
}
|
||||
|
||||
@Override
|
||||
public CommonResponse<Boolean> updateUserRole(UpdateUserJobReq req) {
|
||||
saasRoleUserRelationService.updateWorkspaceUserRolesList(req);
|
||||
return CommonResponse.success(Boolean.TRUE);
|
||||
}
|
||||
}
|
||||
|
||||
@ -131,5 +131,13 @@ public class SaasRoleDao extends ServiceImpl<SaasRoleMapper, SaasRole> {
|
||||
.eq(SaasRole::getRoleType, RoleTypeEnum.INIT.getValue())
|
||||
.list();
|
||||
}
|
||||
|
||||
public List<SaasRole> listRoleByIds(Set<Long> notRemoveRoleIds) {
|
||||
return this.lambdaQuery()
|
||||
.in(BaseEntity::getId, notRemoveRoleIds)
|
||||
.eq(SaasRole::getIsDelete, TableIsDeleteEnum.NORMAL.value)
|
||||
.select(BaseEntity::getId, SaasRole::getRoleType)
|
||||
.list();
|
||||
}
|
||||
}
|
||||
|
||||
|
||||
@ -5,6 +5,7 @@ import cn.axzo.pokonyan.config.mybatisplus.BaseEntity;
|
||||
import cn.axzo.tyr.client.common.enums.RoleResourceTypeEnum;
|
||||
import cn.axzo.tyr.client.model.BaseWorkspaceModel;
|
||||
import cn.axzo.tyr.client.model.enums.IdentityType;
|
||||
import cn.axzo.tyr.client.model.enums.SaasJobTypeEnum;
|
||||
import cn.axzo.tyr.client.model.permission.IdentityAndAccountDTO;
|
||||
import cn.axzo.tyr.client.model.permission.QueryIdentityByPermissionDTO;
|
||||
import cn.axzo.tyr.client.model.roleuser.dto.IdentityInfo;
|
||||
@ -205,5 +206,27 @@ public class SaasRoleUserRelationDao extends ServiceImpl<SaasRoleUserRelationMap
|
||||
List<IdentityAndAccountDTO> dtoList = saasRoleUserRelationMapper.findIdentityAndAccountInfosByParams(req);
|
||||
return dtoList;
|
||||
}
|
||||
|
||||
/**
|
||||
* 删除用户的岗位,不包含超管和代班长的
|
||||
*
|
||||
* @param workspaceId
|
||||
* @param ouId
|
||||
* @param identityId
|
||||
* @param identityType
|
||||
* @param masterJob
|
||||
*/
|
||||
public void deleteButNotAdminAndNotLeader(Long workspaceId, Long ouId, Long identityId, cn.axzo.basics.profiles.common.enums.IdentityType identityType, SaasJobTypeEnum masterJob) {
|
||||
getBaseMapper().deleteButNotAdminAndNotLeader(workspaceId, ouId, identityId, identityType, masterJob);
|
||||
}
|
||||
|
||||
public void delByIdentityAndWorkspaceIdAndOuId(Long identityId, cn.axzo.basics.profiles.common.enums.IdentityType identityType, Long workspaceId, Long ouId) {
|
||||
getBaseMapper().deleteButNotAdminAndNotLeader(workspaceId, ouId, identityId, identityType, null);
|
||||
// lambdaUpdate().eq(SaasRoleUserRelation::getWorkspaceId, workspaceId)
|
||||
// .eq(SaasRoleUserRelation::getIdentityId, identityId)
|
||||
// .eq(SaasRoleUserRelation::getIdentityType, identityType)
|
||||
// .eq(SaasRoleUserRelation::getOuId, ouId)
|
||||
// .set(SaasRoleUserRelation::getIsDelete, TableIsDeleteEnum.DELETE.value).update();
|
||||
}
|
||||
}
|
||||
|
||||
|
||||
@ -1,6 +1,7 @@
|
||||
package cn.axzo.tyr.server.repository.entity;
|
||||
|
||||
import cn.axzo.pokonyan.config.mybatisplus.BaseEntity;
|
||||
import cn.axzo.tyr.client.model.permission.SaasRoleFits;
|
||||
import com.baomidou.mybatisplus.annotation.TableField;
|
||||
import com.baomidou.mybatisplus.annotation.TableName;
|
||||
import lombok.EqualsAndHashCode;
|
||||
@ -104,5 +105,10 @@ public class SaasRole extends BaseEntity<SaasRole> {
|
||||
protected Serializable pkVal() {
|
||||
return this.id;
|
||||
}
|
||||
|
||||
public boolean isFitOuType(Integer ouType) {
|
||||
return SaasRoleFits.isFitOuType(this.fitOuTypeBit, ouType);
|
||||
}
|
||||
|
||||
}
|
||||
|
||||
|
||||
@ -2,6 +2,7 @@ package cn.axzo.tyr.server.repository.entity;
|
||||
|
||||
import cn.axzo.pokonyan.config.mybatisplus.BaseEntity;
|
||||
import cn.axzo.tyr.client.model.enums.IdentityType;
|
||||
import cn.axzo.tyr.client.model.enums.SaasJobTypeEnum;
|
||||
import com.baomidou.mybatisplus.annotation.TableName;
|
||||
import lombok.EqualsAndHashCode;
|
||||
import lombok.Getter;
|
||||
@ -73,6 +74,12 @@ public class SaasRoleUserRelation extends BaseEntity<SaasRoleUserRelation> {
|
||||
*/
|
||||
private Long resourceId;
|
||||
|
||||
/**
|
||||
* 岗位类型 1:主岗 2:兼岗
|
||||
* 一个人在一个工作台内,除非 特殊的角色(超管,无权限角色等)必定有且只有一个主岗,可以有N个兼岗
|
||||
*/
|
||||
private SaasJobTypeEnum jobType;
|
||||
|
||||
/**
|
||||
* 获取主键值
|
||||
*
|
||||
|
||||
@ -1,5 +1,7 @@
|
||||
package cn.axzo.tyr.server.repository.mapper;
|
||||
|
||||
import cn.axzo.basics.profiles.common.enums.IdentityType;
|
||||
import cn.axzo.tyr.client.model.enums.SaasJobTypeEnum;
|
||||
import cn.axzo.tyr.client.model.permission.IdentityAndAccountDTO;
|
||||
import cn.axzo.tyr.client.model.permission.QueryIdentityByPermissionDTO;
|
||||
import cn.axzo.tyr.server.model.QueryUserRoleReq;
|
||||
@ -35,6 +37,17 @@ public interface SaasRoleUserRelationMapper extends BaseMapper<SaasRoleUserRelat
|
||||
|
||||
List<IdentityAndAccountDTO> findIdentityAndAccountInfosByParams(@Param("req") QueryIdentityByPermissionDTO req);
|
||||
|
||||
/**
|
||||
* 删除岗位,但不包括超管和带班长的
|
||||
*
|
||||
* @param workspaceId
|
||||
* @param ouId
|
||||
* @param identityId
|
||||
* @param identityType
|
||||
* @param jobType
|
||||
*/
|
||||
void deleteButNotAdminAndNotLeader(@Param("workspaceId") Long workspaceId, @Param("ouId") Long ouId, @Param("identityId") Long identityId, @Param("identityType") IdentityType identityType, @Param("jobType") SaasJobTypeEnum jobType);
|
||||
|
||||
@Data
|
||||
@Builder
|
||||
@NoArgsConstructor
|
||||
|
||||
@ -4,6 +4,7 @@ import cn.axzo.basics.profiles.common.enums.IdentityType;
|
||||
import cn.axzo.framework.domain.page.PageResp;
|
||||
import cn.axzo.tyr.client.model.permission.IdentityAndAccountDTO;
|
||||
import cn.axzo.tyr.client.model.permission.QueryIdentityByPermissionDTO;
|
||||
import cn.axzo.tyr.client.model.req.UpdateUserJobReq;
|
||||
import cn.axzo.tyr.client.model.roleuser.dto.SaasRoleUserDTO;
|
||||
import cn.axzo.tyr.client.model.roleuser.dto.SaasRoleUserV2DTO;
|
||||
import cn.axzo.tyr.client.model.roleuser.req.ListRoleUserRelationParam;
|
||||
@ -40,4 +41,6 @@ public interface SaasRoleUserRelationService extends IService<SaasRoleUserRelati
|
||||
Boolean deleteByPersonId(Long personId);
|
||||
|
||||
List<IdentityAndAccountDTO> findIdentityAndAccountInfosByParams(QueryIdentityByPermissionDTO req);
|
||||
|
||||
void updateWorkspaceUserRolesList(UpdateUserJobReq req);
|
||||
}
|
||||
|
||||
@ -2,22 +2,35 @@ package cn.axzo.tyr.server.service.impl;
|
||||
|
||||
import cn.axzo.basics.common.BeanMapper;
|
||||
import cn.axzo.basics.common.constant.enums.TableIsDeleteEnum;
|
||||
import cn.axzo.basics.common.util.AssertUtil;
|
||||
import cn.axzo.basics.profiles.api.IdentityProfileApi;
|
||||
import cn.axzo.basics.profiles.api.UserProfileServiceApi;
|
||||
import cn.axzo.basics.profiles.api.vo.request.FindIdentityProfileReq;
|
||||
import cn.axzo.basics.profiles.common.enums.IdentityType;
|
||||
import cn.axzo.basics.profiles.dto.basic.IdentityProfileDto;
|
||||
import cn.axzo.basics.profiles.dto.basic.PersonProfileDto;
|
||||
import cn.axzo.foundation.dao.support.converter.PageConverter;
|
||||
import cn.axzo.foundation.dao.support.mysql.QueryWrapperHelper;
|
||||
import cn.axzo.framework.auth.domain.ContextInfo;
|
||||
import cn.axzo.framework.auth.domain.ContextInfoHolder;
|
||||
import cn.axzo.framework.domain.page.PageResp;
|
||||
import cn.axzo.maokai.api.client.OrganizationalUnitApi;
|
||||
import cn.axzo.maokai.api.vo.response.OrganizationalUnitVO;
|
||||
import cn.axzo.pokonyan.config.mybatisplus.BaseEntity;
|
||||
import cn.axzo.pudge.core.service.ServiceException;
|
||||
import cn.axzo.tyr.client.common.enums.RoleTypeEnum;
|
||||
import cn.axzo.tyr.client.model.enums.SaasJobTypeEnum;
|
||||
import cn.axzo.tyr.client.model.permission.IdentityAndAccountDTO;
|
||||
import cn.axzo.tyr.client.model.permission.QueryIdentityByPermissionDTO;
|
||||
import cn.axzo.tyr.client.model.req.UpdateUserJobReq;
|
||||
import cn.axzo.tyr.client.model.req.WorkspaceUpdateUserRoleDTO;
|
||||
import cn.axzo.tyr.client.model.res.SaasRoleRes;
|
||||
import cn.axzo.tyr.client.model.roleuser.dto.SaasRoleUserDTO;
|
||||
import cn.axzo.tyr.client.model.roleuser.dto.SaasRoleUserV2DTO;
|
||||
import cn.axzo.tyr.client.model.roleuser.req.ListRoleUserRelationParam;
|
||||
import cn.axzo.tyr.client.model.roleuser.req.PageRoleUserRelationParam;
|
||||
import cn.axzo.tyr.client.model.roleuser.req.RoleUserParam;
|
||||
import cn.axzo.tyr.server.common.util.NumUtil;
|
||||
import cn.axzo.tyr.server.model.QueryUserRoleReq;
|
||||
import cn.axzo.tyr.server.model.SaasUserRoleExBO;
|
||||
import cn.axzo.tyr.server.repository.dao.SaasRoleDao;
|
||||
@ -41,12 +54,15 @@ import org.apache.commons.lang3.BooleanUtils;
|
||||
import org.springframework.beans.BeanUtils;
|
||||
import org.springframework.beans.factory.annotation.Autowired;
|
||||
import org.springframework.stereotype.Service;
|
||||
import org.springframework.transaction.annotation.Transactional;
|
||||
import org.springframework.util.CollectionUtils;
|
||||
|
||||
import javax.annotation.Resource;
|
||||
import java.util.ArrayList;
|
||||
import java.util.Arrays;
|
||||
import java.util.Collection;
|
||||
import java.util.Collections;
|
||||
import java.util.HashSet;
|
||||
import java.util.List;
|
||||
import java.util.Map;
|
||||
import java.util.Objects;
|
||||
@ -74,6 +90,10 @@ public class SaasRoleUserRelationServiceImpl extends ServiceImpl<SaasRoleUserRel
|
||||
private UserProfileServiceApi userProfileServiceApi;
|
||||
@Autowired
|
||||
private RoleService roleService;
|
||||
@Autowired
|
||||
private IdentityProfileApi identityProfileApi;
|
||||
@Autowired
|
||||
private OrganizationalUnitApi organizationalUnitApi;
|
||||
|
||||
@Override
|
||||
public List<SaasRoleUserDTO> list(RoleUserParam param) {
|
||||
@ -323,4 +343,203 @@ public class SaasRoleUserRelationServiceImpl extends ServiceImpl<SaasRoleUserRel
|
||||
public List<IdentityAndAccountDTO> findIdentityAndAccountInfosByParams(QueryIdentityByPermissionDTO req) {
|
||||
return saasRoleUserRelationDao.findAccountInfosByCode(req);
|
||||
}
|
||||
|
||||
@Override
|
||||
@Transactional(rollbackFor = Exception.class)
|
||||
public void updateWorkspaceUserRolesList(UpdateUserJobReq req) {
|
||||
Set<UpdateUserJobReq.RoleReq> roles = req.getRoles();
|
||||
if (CollectionUtils.isEmpty(roles)) {
|
||||
return;
|
||||
}
|
||||
//region 排除掉超管和带班长,只修改init的
|
||||
Set<Long> roleIds = roles.stream().map(UpdateUserJobReq.RoleReq::getRoleId).collect(Collectors.toSet());
|
||||
List<SaasRole> saasRoles = saasRoleDao.listRoleByIds(roleIds);
|
||||
if (CollectionUtils.isEmpty(saasRoles)) {
|
||||
return;
|
||||
}
|
||||
Set<Long> couldUpdateRoleIds = saasRoles.stream().filter(e -> Objects.equals(RoleTypeEnum.INIT.getValue(), e.getRoleType())).map(BaseEntity::getId).collect(Collectors.toSet());
|
||||
if (CollectionUtils.isEmpty(couldUpdateRoleIds)) {
|
||||
return;
|
||||
}
|
||||
roles = roles.stream().filter(e -> couldUpdateRoleIds.contains(e.getRoleId())).collect(Collectors.toSet());
|
||||
//endregion
|
||||
|
||||
List<UpdateUserJobReq.RoleReq> masterJobs = roles.stream().filter(e -> e.getJobType().equals(SaasJobTypeEnum.MASTER_JOB)).collect(Collectors.toList());
|
||||
if (masterJobs.size() != 1) {
|
||||
AssertUtil.fail("主岗必须且只能有一个");
|
||||
}
|
||||
Set<UpdateUserJobReq.RoleReq> slaveJobs = roles.stream().filter(e -> e.getJobType().equals(SaasJobTypeEnum.SLAVE_JOB)).collect(Collectors.toSet());
|
||||
if (!CollectionUtils.isEmpty(slaveJobs)) {
|
||||
WorkspaceUpdateUserRoleDTO workspaceUpdateUserRoleDTO = new WorkspaceUpdateUserRoleDTO();
|
||||
workspaceUpdateUserRoleDTO.setWorkspaceId(req.getWorkspaceId());
|
||||
workspaceUpdateUserRoleDTO.setOuId(req.getOuId());
|
||||
workspaceUpdateUserRoleDTO.setIdentityId(req.getIdentityId());
|
||||
workspaceUpdateUserRoleDTO.setIdentityType(req.getIdentityType());
|
||||
workspaceUpdateUserRoleDTO.setUpdateRoleIds(slaveJobs.stream().map(UpdateUserJobReq.RoleReq::getRoleId).collect(Collectors.toList()));
|
||||
//这里面会删除所有岗位(主岗,兼岗)
|
||||
updateWorkspaceUserRolesList(Lists.newArrayList(workspaceUpdateUserRoleDTO));
|
||||
} else {
|
||||
//如果传入空,表示删除兼岗
|
||||
saasRoleUserRelationDao.deleteButNotAdminAndNotLeader(req.getWorkspaceId(), req.getOuId(), req.getIdentityId(),
|
||||
req.getIdentityType(), SaasJobTypeEnum.SLAVE_JOB);
|
||||
}
|
||||
UpdateUserJobReq.RoleReq masterJob = masterJobs.get(0);
|
||||
checkRoleInWorkspaceAndFitOu(Collections.singletonList(masterJob.getRoleId()), req.getWorkspaceId(), req.getOuId(), Collections.singletonList(RoleTypeEnum.INIT));
|
||||
IdentityProfileDto profile = this.checkIdentity(req.getIdentityId(), req.getIdentityType());
|
||||
//删除用户的主岗
|
||||
saasRoleUserRelationDao.deleteButNotAdminAndNotLeader(req.getWorkspaceId(), req.getOuId(), req.getIdentityId(),
|
||||
req.getIdentityType(), SaasJobTypeEnum.MASTER_JOB);
|
||||
|
||||
//添加用户主岗
|
||||
SaasRoleUserRelation relation = new SaasRoleUserRelation();
|
||||
relation.setRoleId(masterJob.getRoleId());
|
||||
relation.setIdentityId(req.getIdentityId());
|
||||
relation.setIdentityType(profile.getIdentityType().getCode());
|
||||
relation.setIsDelete(0L);
|
||||
relation.setNaturalPersonId(profile.getPersonProfile().getId());
|
||||
relation.setOuId(req.getOuId());
|
||||
relation.setResourceId(0L);
|
||||
relation.setJobType(SaasJobTypeEnum.MASTER_JOB);
|
||||
relation.setResourceType(0);
|
||||
relation.setWorkspaceId(req.getWorkspaceId());
|
||||
saasRoleUserRelationDao.save(relation);
|
||||
}
|
||||
|
||||
private Boolean updateWorkspaceUserRolesList(List<WorkspaceUpdateUserRoleDTO> dtoList) {
|
||||
Set<Long> roleIdSet = new HashSet<>();
|
||||
for (WorkspaceUpdateUserRoleDTO dto : dtoList) {
|
||||
roleIdSet.addAll(dto.getUpdateRoleIds());
|
||||
}
|
||||
// 先从数据库里拿出所有的Role by roleIds
|
||||
// 检查一下是否有SUPER_ADMIN、ADMIN,如果有就抛异常,不能分配ADMIN、SUPER_ADMIN
|
||||
// 检查一下所有Role都存在,且都是这个workspace、这个ou的,否则抛异常,角色列表有错
|
||||
// 完成数据库写操作
|
||||
// 返回
|
||||
|
||||
Long workspaceId = dtoList.get(0).getWorkspaceId();
|
||||
Long ouId = dtoList.get(0).getOuId();
|
||||
for (int i = 1; i < dtoList.size(); i++) {
|
||||
if (!NumUtil.equals(workspaceId, dtoList.get(i).getWorkspaceId())) {
|
||||
throw new ServiceException(String.format("批量配置角色失败,输入列表中有多个不同的工作台Id,%d != %d", workspaceId,
|
||||
dtoList.get(i).getWorkspaceId()));
|
||||
}
|
||||
if (!NumUtil.equals(ouId, dtoList.get(i).getOuId())) {
|
||||
throw new ServiceException(
|
||||
String.format("批量配置角色失败,输入列表中有多个不同的单位ID,%d != %d", ouId, dtoList.get(i).getOuId()));
|
||||
}
|
||||
|
||||
}
|
||||
|
||||
checkWorkspace(workspaceId);
|
||||
checkRoleInWorkspaceAndFitOu(roleIdSet, workspaceId, ouId,
|
||||
Arrays.asList(RoleTypeEnum.INIT, RoleTypeEnum.COMMON));
|
||||
for (WorkspaceUpdateUserRoleDTO g : dtoList) {
|
||||
if (!doUpdateWorkspaceUserRoles(g.getIdentityId(), g.getIdentityType(), g.getUpdateRoleIds(), g.getWorkspaceId(), g.getOuId(), g.getJobType())) {
|
||||
throw new ServiceException(String.format("批量配置角色失败,失败点:用户身份ID=%d,工作台ID=%d, 角色列表=%s", g.getIdentityId(),
|
||||
g.getWorkspaceId(), NumUtil.joinToString(g.getUpdateRoleIds(), ",")));
|
||||
}
|
||||
}
|
||||
return Boolean.TRUE;
|
||||
}
|
||||
|
||||
/**
|
||||
* 检查这些Role是这个Workspace的,也是这个OU合适的
|
||||
*
|
||||
* @param roleIds
|
||||
* @param workspaceId
|
||||
* @param typeList
|
||||
*/
|
||||
private void checkRoleInWorkspaceAndFitOu(Collection<Long> roleIds, Long workspaceId, Long ouId,
|
||||
List<RoleTypeEnum> typeList) {
|
||||
if (CollectionUtils.isEmpty(roleIds)) {
|
||||
return;
|
||||
}
|
||||
OrganizationalUnitVO ou = checkAndReturnOU(ouId);
|
||||
List<SaasRole> roles = this.saasRoleDao.lambdaQuery().in(SaasRole::getId, roleIds)
|
||||
.in(SaasRole::getRoleType,
|
||||
typeList.stream().map(RoleTypeEnum::getValue).collect(Collectors.toList()))
|
||||
.eq(SaasRole::getIsDelete, 0).list();
|
||||
Set<Long> roleIdSet = roles.stream().map(SaasRole::getId).collect(Collectors.toSet());
|
||||
|
||||
for (Long id : roleIds) {
|
||||
if (roleIdSet.contains(id))
|
||||
continue;
|
||||
throw new ServiceException("无法找到角色,ID=" + id);
|
||||
}
|
||||
|
||||
for (SaasRole role : roles) {
|
||||
if (!NumUtil.equals(role.getWorkspaceId(), workspaceId)) {
|
||||
throw new ServiceException("角色不属于当前工作台");
|
||||
}
|
||||
if (!role.isFitOuType(ou.getType())) {
|
||||
throw new ServiceException(String.format("角色[%d-%s]不能适用于单位[%d-%s]", role.getId(), role.getName(),
|
||||
ou.getId(), ou.getName()));
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
private void checkWorkspace(Long workspaceId) {
|
||||
ContextInfo contextInfo = ContextInfoHolder.get();
|
||||
if (null != contextInfo) {
|
||||
if (!NumUtil.equals(contextInfo.getWorkspaceId(), workspaceId)) {
|
||||
String msg = String.format("输入的工作台与当前Context工作台不一致, contextInfo.workspace=%d, params.workspaceId=%d",
|
||||
contextInfo.getWorkspaceId(), workspaceId);
|
||||
log.error(msg);
|
||||
// 以后稍微稳定一些了再抛异常吧。
|
||||
// throw new ServiceException(msg);
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
/**
|
||||
* @param identityId
|
||||
* @param roleIdList
|
||||
* @param workspaceId
|
||||
* @param ouId
|
||||
* @param jobType
|
||||
* @return
|
||||
*/
|
||||
private boolean doUpdateWorkspaceUserRoles(Long identityId, IdentityType identityType, List<Long> roleIdList, Long workspaceId, Long ouId, SaasJobTypeEnum jobType) {
|
||||
IdentityProfileDto profile = this.checkIdentity(identityId, identityType);
|
||||
saasRoleUserRelationDao.delByIdentityAndWorkspaceIdAndOuId(identityId, identityType, workspaceId, ouId);
|
||||
List<SaasRoleUserRelation> list = new ArrayList<>();
|
||||
for (Long roleId : roleIdList) {
|
||||
SaasRoleUserRelation relation = new SaasRoleUserRelation();
|
||||
relation.setRoleId(roleId);
|
||||
relation.setIdentityId(identityId);
|
||||
relation.setIdentityType(profile.getIdentityType().getCode());
|
||||
relation.setIsDelete(0L);
|
||||
relation.setNaturalPersonId(profile.getPersonProfile().getId());
|
||||
relation.setOuId(ouId);
|
||||
relation.setResourceId(0L);
|
||||
relation.setJobType(jobType);
|
||||
relation.setResourceType(0);
|
||||
relation.setWorkspaceId(workspaceId);
|
||||
list.add(relation);
|
||||
}
|
||||
return saasRoleUserRelationDao.saveBatch(list);
|
||||
}
|
||||
|
||||
private IdentityProfileDto checkIdentity(Long identityId, IdentityType identityType) {
|
||||
if(identityId == null || NumUtil.equals(identityId, 0L))
|
||||
throw new ServiceException("身份错误");
|
||||
|
||||
if (identityType == null)
|
||||
return null;
|
||||
|
||||
FindIdentityProfileReq req = FindIdentityProfileReq.builder()
|
||||
.identityId(identityId)
|
||||
.identityType(identityType)
|
||||
.build();
|
||||
IdentityProfileDto profile = RpcInternalUtil.checkAndGetData(identityProfileApi.findIdentityProfile(req));
|
||||
if (Objects.isNull(profile))
|
||||
throw new ServiceException(String.format("找不到相关身份ID=%d的信息", identityId));
|
||||
return profile;
|
||||
}
|
||||
|
||||
private OrganizationalUnitVO checkAndReturnOU(Long ouId) {
|
||||
if(NumUtil.isZero(ouId))
|
||||
throw new ServiceException("单位为空");
|
||||
return RpcInternalUtil.checkAndGetData(organizationalUnitApi.getById(ouId));
|
||||
}
|
||||
}
|
||||
|
||||
@ -135,4 +135,17 @@
|
||||
</if>
|
||||
GROUP BY sa.natural_person_id,srur.identity_id,srur.identity_type,sa.id
|
||||
</select>
|
||||
|
||||
<update id="deleteButNotAdminAndNotLeader">
|
||||
update saas_role_user_relation t1 inner join saas_role t2 on t1.role_id = t2.id and t2.role_type = 'init' and
|
||||
t2.is_delete = 0
|
||||
set t1.is_delete=t1.id
|
||||
where t1.workspace_id = #{workspaceId}
|
||||
and t1.ou_id = #{ouId}
|
||||
and t1.identity_id = #{identityId}
|
||||
and t1.identity_type = #{identityType}
|
||||
<if test="jobType!=null">
|
||||
and t1.job_type = #{jobType}
|
||||
</if>
|
||||
</update>
|
||||
</mapper>
|
||||
Loading…
Reference in New Issue
Block a user