From 3272ae9df5d2229a6d1d9018124a55668b5669ea Mon Sep 17 00:00:00 2001 From: lilong Date: Sat, 12 Oct 2024 10:56:28 +0800 Subject: [PATCH] =?UTF-8?q?feat:(REQ-3010)=20=E8=BF=81=E7=A7=BBpudge?= =?UTF-8?q?=E6=8E=A5=E5=8F=A3?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- .../cn/axzo/tyr/client/feign/SaasRoleApi.java | 4 + .../client/model/enums/SaasJobTypeEnum.java | 45 ++++ .../client/model/req/UpdateUserJobReq.java | 50 ++++ .../model/req/WorkspaceUpdateUserRoleDTO.java | 46 ++++ .../axzo/tyr/server/common/util/NumUtil.java | 49 ++++ .../permission/SaasRoleApiImpl.java | 10 + .../server/repository/dao/SaasRoleDao.java | 8 + .../dao/SaasRoleUserRelationDao.java | 23 ++ .../server/repository/entity/SaasRole.java | 6 + .../entity/SaasRoleUserRelation.java | 7 + .../mapper/SaasRoleUserRelationMapper.java | 13 ++ .../service/SaasRoleUserRelationService.java | 3 + .../impl/SaasRoleUserRelationServiceImpl.java | 219 ++++++++++++++++++ .../mapper/SaasRoleUserRelationMapper.xml | 13 ++ 14 files changed, 496 insertions(+) create mode 100644 tyr-api/src/main/java/cn/axzo/tyr/client/model/enums/SaasJobTypeEnum.java create mode 100644 tyr-api/src/main/java/cn/axzo/tyr/client/model/req/UpdateUserJobReq.java create mode 100644 tyr-api/src/main/java/cn/axzo/tyr/client/model/req/WorkspaceUpdateUserRoleDTO.java create mode 100644 tyr-server/src/main/java/cn/axzo/tyr/server/common/util/NumUtil.java diff --git a/tyr-api/src/main/java/cn/axzo/tyr/client/feign/SaasRoleApi.java b/tyr-api/src/main/java/cn/axzo/tyr/client/feign/SaasRoleApi.java index 9f481eb1..75aecea4 100644 --- a/tyr-api/src/main/java/cn/axzo/tyr/client/feign/SaasRoleApi.java +++ b/tyr-api/src/main/java/cn/axzo/tyr/client/feign/SaasRoleApi.java @@ -3,6 +3,7 @@ package cn.axzo.tyr.client.feign; import cn.axzo.tyr.client.model.permission.IdentityAndAccountResp; import cn.axzo.tyr.client.model.permission.WorkspaceGrantAdminRoleByPhoneReq; import cn.axzo.tyr.client.model.permission.WorkspaceGrantAdminRoleReq; +import cn.axzo.tyr.client.model.req.UpdateUserJobReq; import cn.azxo.framework.common.model.CommonResponse; import org.springframework.cloud.openfeign.FeignClient; import org.springframework.validation.annotation.Validated; @@ -36,4 +37,7 @@ public interface SaasRoleApi { */ @PostMapping("api/saas/role/grantAdminRoleByPhone") CommonResponse> grantAdminRoleByPhone(@RequestBody @Valid List req); + + @PostMapping("api/saas/role/user/update") + CommonResponse updateUserRole(@RequestBody @Valid UpdateUserJobReq req); } diff --git a/tyr-api/src/main/java/cn/axzo/tyr/client/model/enums/SaasJobTypeEnum.java b/tyr-api/src/main/java/cn/axzo/tyr/client/model/enums/SaasJobTypeEnum.java new file mode 100644 index 00000000..aec9f007 --- /dev/null +++ b/tyr-api/src/main/java/cn/axzo/tyr/client/model/enums/SaasJobTypeEnum.java @@ -0,0 +1,45 @@ +package cn.axzo.tyr.client.model.enums; + +import com.baomidou.mybatisplus.annotation.EnumValue; +import com.fasterxml.jackson.annotation.JsonCreator; +import com.fasterxml.jackson.annotation.JsonValue; +import lombok.Getter; +import lombok.RequiredArgsConstructor; + +import java.util.Arrays; + +/** + * @author tanjie@axzo.cn + * @date 2022/10/10 10:50 + */ +@Getter +@RequiredArgsConstructor +public enum SaasJobTypeEnum { + //主岗 + MASTER_JOB(1,"岗位"), + //兼岗 + SLAVE_JOB(2,"协助岗位"); + @EnumValue + @JsonValue + private Integer value; + private String desc; + + + SaasJobTypeEnum(Integer value, String desc) { + this.value = value; + this.desc = desc; + } + + @JsonCreator(mode = JsonCreator.Mode.DELEGATING) + public static SaasJobTypeEnum create(Integer value){ + return match(value); + } + + public static SaasJobTypeEnum match(Integer saasJobType) { + return Arrays.stream(values()).filter(e -> e.getValue().equals(saasJobType)).findFirst().get(); + } + + public boolean isMaster() { + return value.equals(MASTER_JOB.getValue()); + } +} diff --git a/tyr-api/src/main/java/cn/axzo/tyr/client/model/req/UpdateUserJobReq.java b/tyr-api/src/main/java/cn/axzo/tyr/client/model/req/UpdateUserJobReq.java new file mode 100644 index 00000000..934520bf --- /dev/null +++ b/tyr-api/src/main/java/cn/axzo/tyr/client/model/req/UpdateUserJobReq.java @@ -0,0 +1,50 @@ +package cn.axzo.tyr.client.model.req; + +import cn.axzo.basics.profiles.common.enums.IdentityType; +import cn.axzo.tyr.client.model.enums.SaasJobTypeEnum; +import lombok.EqualsAndHashCode; +import lombok.Getter; +import lombok.Setter; +import lombok.ToString; + +import javax.validation.constraints.Min; +import javax.validation.constraints.NotEmpty; +import javax.validation.constraints.NotNull; +import java.util.Set; + +/** + * @author cn + * @version 1.0 + * @description + * @date 2022/10/14 11:44 + */ +@Getter +@Setter +@ToString +@EqualsAndHashCode +public class UpdateUserJobReq { + + @NotNull + @Min(value = 1) + private Long workspaceId; + @NotNull + @Min(value = 1) + private Long identityId; + @NotNull + private IdentityType identityType; + @NotNull + @Min(value = 1) + private Long ouId; + @NotEmpty + private Set roles; + + @Getter + @Setter + @ToString + @EqualsAndHashCode + public static class RoleReq { + private String roleCode; + private Long roleId; + private SaasJobTypeEnum jobType; + } +} diff --git a/tyr-api/src/main/java/cn/axzo/tyr/client/model/req/WorkspaceUpdateUserRoleDTO.java b/tyr-api/src/main/java/cn/axzo/tyr/client/model/req/WorkspaceUpdateUserRoleDTO.java new file mode 100644 index 00000000..2d2b3ec1 --- /dev/null +++ b/tyr-api/src/main/java/cn/axzo/tyr/client/model/req/WorkspaceUpdateUserRoleDTO.java @@ -0,0 +1,46 @@ +package cn.axzo.tyr.client.model.req; + +import cn.axzo.basics.profiles.common.enums.IdentityType; +import cn.axzo.tyr.client.model.enums.SaasJobTypeEnum; +import lombok.AllArgsConstructor; +import lombok.Builder; +import lombok.Data; +import lombok.NoArgsConstructor; + +import java.util.List; + +@Builder +@Data +@NoArgsConstructor +@AllArgsConstructor +public class WorkspaceUpdateUserRoleDTO { + + /** + * 工作台id,与context校验 + */ + private Long workspaceId; + + /** + * 单位id : 必填 + */ + private Long ouId; + + /** + * 被赋予角色的人的身份id + */ + private Long identityId; + + /** + * 被赋予角色的人的身份类型 + */ + private IdentityType identityType; + + /** + * 完整的update,之前的所有RoleId都被更新 + */ + private List updateRoleIds; + + + private SaasJobTypeEnum jobType = SaasJobTypeEnum.SLAVE_JOB; + +} diff --git a/tyr-server/src/main/java/cn/axzo/tyr/server/common/util/NumUtil.java b/tyr-server/src/main/java/cn/axzo/tyr/server/common/util/NumUtil.java new file mode 100644 index 00000000..8c3af441 --- /dev/null +++ b/tyr-server/src/main/java/cn/axzo/tyr/server/common/util/NumUtil.java @@ -0,0 +1,49 @@ +package cn.axzo.tyr.server.common.util; + +import java.util.List; + +public class NumUtil { + + public static boolean equals(Long a, Long b) { + return numberEquals(a, b); + } + + public static boolean numberEquals(Number a, Number b) { + if (a == null) { + a = 0L; + } + if (b == null) { + b = 0L; + } + + return a.equals(b); + } + + public static boolean equals(Integer a, Integer b) { + return numberEquals(a, b); + } + + public static boolean notZero(Long a) { + if (a == null) { + return false; + } + return a.longValue() != 0L; + } + + public static String joinToString(List list, String split) { + if (list == null || list.size() == 0) + return ""; + StringBuilder sb = new StringBuilder(list.get(0).toString()); + for (int i = 1; i < list.size(); i++) { + sb.append(split).append(list.get(i).toString()); + } + return sb.toString(); + } + + public static boolean isZero(Long workspaceId) { + if(workspaceId == null) + return true; + return workspaceId == 0L; + } + +} diff --git a/tyr-server/src/main/java/cn/axzo/tyr/server/controller/permission/SaasRoleApiImpl.java b/tyr-server/src/main/java/cn/axzo/tyr/server/controller/permission/SaasRoleApiImpl.java index abde78ea..6ced628e 100644 --- a/tyr-server/src/main/java/cn/axzo/tyr/server/controller/permission/SaasRoleApiImpl.java +++ b/tyr-server/src/main/java/cn/axzo/tyr/server/controller/permission/SaasRoleApiImpl.java @@ -21,8 +21,10 @@ import cn.axzo.tyr.client.model.permission.IdentityAndAccountResp; import cn.axzo.tyr.client.model.permission.UpdateWorkspaceSupAdminDTO; import cn.axzo.tyr.client.model.permission.WorkspaceGrantAdminRoleByPhoneReq; import cn.axzo.tyr.client.model.permission.WorkspaceGrantAdminRoleReq; +import cn.axzo.tyr.client.model.req.UpdateUserJobReq; import cn.axzo.tyr.client.model.roleuser.req.CreateSuperAdminRoleParam; import cn.axzo.tyr.server.controller.roleuser.RoleUserController; +import cn.axzo.tyr.server.service.SaasRoleUserRelationService; import cn.axzo.tyr.server.util.RpcInternalUtil; import cn.azxo.framework.common.model.CommonResponse; import cn.hutool.extra.pinyin.PinyinUtil; @@ -49,6 +51,8 @@ public class SaasRoleApiImpl implements SaasRoleApi { private RegulatorProfileApi regulatorProfileApi; @Autowired private SaasAccountApi saasAccountApi; + @Autowired + private SaasRoleUserRelationService saasRoleUserRelationService; @Override @Transactional(rollbackFor = Exception.class) @@ -172,4 +176,10 @@ public class SaasRoleApiImpl implements SaasRoleApi { }); return CommonResponse.success(list); } + + @Override + public CommonResponse updateUserRole(UpdateUserJobReq req) { + saasRoleUserRelationService.updateWorkspaceUserRolesList(req); + return CommonResponse.success(Boolean.TRUE); + } } diff --git a/tyr-server/src/main/java/cn/axzo/tyr/server/repository/dao/SaasRoleDao.java b/tyr-server/src/main/java/cn/axzo/tyr/server/repository/dao/SaasRoleDao.java index 888a33d3..13e44e71 100644 --- a/tyr-server/src/main/java/cn/axzo/tyr/server/repository/dao/SaasRoleDao.java +++ b/tyr-server/src/main/java/cn/axzo/tyr/server/repository/dao/SaasRoleDao.java @@ -131,5 +131,13 @@ public class SaasRoleDao extends ServiceImpl { .eq(SaasRole::getRoleType, RoleTypeEnum.INIT.getValue()) .list(); } + + public List listRoleByIds(Set notRemoveRoleIds) { + return this.lambdaQuery() + .in(BaseEntity::getId, notRemoveRoleIds) + .eq(SaasRole::getIsDelete, TableIsDeleteEnum.NORMAL.value) + .select(BaseEntity::getId, SaasRole::getRoleType) + .list(); + } } diff --git a/tyr-server/src/main/java/cn/axzo/tyr/server/repository/dao/SaasRoleUserRelationDao.java b/tyr-server/src/main/java/cn/axzo/tyr/server/repository/dao/SaasRoleUserRelationDao.java index e11a6865..ec6a66c1 100644 --- a/tyr-server/src/main/java/cn/axzo/tyr/server/repository/dao/SaasRoleUserRelationDao.java +++ b/tyr-server/src/main/java/cn/axzo/tyr/server/repository/dao/SaasRoleUserRelationDao.java @@ -5,6 +5,7 @@ import cn.axzo.pokonyan.config.mybatisplus.BaseEntity; import cn.axzo.tyr.client.common.enums.RoleResourceTypeEnum; import cn.axzo.tyr.client.model.BaseWorkspaceModel; import cn.axzo.tyr.client.model.enums.IdentityType; +import cn.axzo.tyr.client.model.enums.SaasJobTypeEnum; import cn.axzo.tyr.client.model.permission.IdentityAndAccountDTO; import cn.axzo.tyr.client.model.permission.QueryIdentityByPermissionDTO; import cn.axzo.tyr.client.model.roleuser.dto.IdentityInfo; @@ -205,5 +206,27 @@ public class SaasRoleUserRelationDao extends ServiceImpl dtoList = saasRoleUserRelationMapper.findIdentityAndAccountInfosByParams(req); return dtoList; } + + /** + * 删除用户的岗位,不包含超管和代班长的 + * + * @param workspaceId + * @param ouId + * @param identityId + * @param identityType + * @param masterJob + */ + public void deleteButNotAdminAndNotLeader(Long workspaceId, Long ouId, Long identityId, cn.axzo.basics.profiles.common.enums.IdentityType identityType, SaasJobTypeEnum masterJob) { + getBaseMapper().deleteButNotAdminAndNotLeader(workspaceId, ouId, identityId, identityType, masterJob); + } + + public void delByIdentityAndWorkspaceIdAndOuId(Long identityId, cn.axzo.basics.profiles.common.enums.IdentityType identityType, Long workspaceId, Long ouId) { + getBaseMapper().deleteButNotAdminAndNotLeader(workspaceId, ouId, identityId, identityType, null); +// lambdaUpdate().eq(SaasRoleUserRelation::getWorkspaceId, workspaceId) +// .eq(SaasRoleUserRelation::getIdentityId, identityId) +// .eq(SaasRoleUserRelation::getIdentityType, identityType) +// .eq(SaasRoleUserRelation::getOuId, ouId) +// .set(SaasRoleUserRelation::getIsDelete, TableIsDeleteEnum.DELETE.value).update(); + } } diff --git a/tyr-server/src/main/java/cn/axzo/tyr/server/repository/entity/SaasRole.java b/tyr-server/src/main/java/cn/axzo/tyr/server/repository/entity/SaasRole.java index 0b2bd48e..e4618c1e 100644 --- a/tyr-server/src/main/java/cn/axzo/tyr/server/repository/entity/SaasRole.java +++ b/tyr-server/src/main/java/cn/axzo/tyr/server/repository/entity/SaasRole.java @@ -1,6 +1,7 @@ package cn.axzo.tyr.server.repository.entity; import cn.axzo.pokonyan.config.mybatisplus.BaseEntity; +import cn.axzo.tyr.client.model.permission.SaasRoleFits; import com.baomidou.mybatisplus.annotation.TableField; import com.baomidou.mybatisplus.annotation.TableName; import lombok.EqualsAndHashCode; @@ -104,5 +105,10 @@ public class SaasRole extends BaseEntity { protected Serializable pkVal() { return this.id; } + + public boolean isFitOuType(Integer ouType) { + return SaasRoleFits.isFitOuType(this.fitOuTypeBit, ouType); + } + } diff --git a/tyr-server/src/main/java/cn/axzo/tyr/server/repository/entity/SaasRoleUserRelation.java b/tyr-server/src/main/java/cn/axzo/tyr/server/repository/entity/SaasRoleUserRelation.java index ca3c4687..db31dc77 100644 --- a/tyr-server/src/main/java/cn/axzo/tyr/server/repository/entity/SaasRoleUserRelation.java +++ b/tyr-server/src/main/java/cn/axzo/tyr/server/repository/entity/SaasRoleUserRelation.java @@ -2,6 +2,7 @@ package cn.axzo.tyr.server.repository.entity; import cn.axzo.pokonyan.config.mybatisplus.BaseEntity; import cn.axzo.tyr.client.model.enums.IdentityType; +import cn.axzo.tyr.client.model.enums.SaasJobTypeEnum; import com.baomidou.mybatisplus.annotation.TableName; import lombok.EqualsAndHashCode; import lombok.Getter; @@ -73,6 +74,12 @@ public class SaasRoleUserRelation extends BaseEntity { */ private Long resourceId; + /** + * 岗位类型 1:主岗 2:兼岗 + * 一个人在一个工作台内,除非 特殊的角色(超管,无权限角色等)必定有且只有一个主岗,可以有N个兼岗 + */ + private SaasJobTypeEnum jobType; + /** * 获取主键值 * diff --git a/tyr-server/src/main/java/cn/axzo/tyr/server/repository/mapper/SaasRoleUserRelationMapper.java b/tyr-server/src/main/java/cn/axzo/tyr/server/repository/mapper/SaasRoleUserRelationMapper.java index 2bc1cf0e..0f344f9f 100644 --- a/tyr-server/src/main/java/cn/axzo/tyr/server/repository/mapper/SaasRoleUserRelationMapper.java +++ b/tyr-server/src/main/java/cn/axzo/tyr/server/repository/mapper/SaasRoleUserRelationMapper.java @@ -1,5 +1,7 @@ package cn.axzo.tyr.server.repository.mapper; +import cn.axzo.basics.profiles.common.enums.IdentityType; +import cn.axzo.tyr.client.model.enums.SaasJobTypeEnum; import cn.axzo.tyr.client.model.permission.IdentityAndAccountDTO; import cn.axzo.tyr.client.model.permission.QueryIdentityByPermissionDTO; import cn.axzo.tyr.server.model.QueryUserRoleReq; @@ -35,6 +37,17 @@ public interface SaasRoleUserRelationMapper extends BaseMapper findIdentityAndAccountInfosByParams(@Param("req") QueryIdentityByPermissionDTO req); + /** + * 删除岗位,但不包括超管和带班长的 + * + * @param workspaceId + * @param ouId + * @param identityId + * @param identityType + * @param jobType + */ + void deleteButNotAdminAndNotLeader(@Param("workspaceId") Long workspaceId, @Param("ouId") Long ouId, @Param("identityId") Long identityId, @Param("identityType") IdentityType identityType, @Param("jobType") SaasJobTypeEnum jobType); + @Data @Builder @NoArgsConstructor diff --git a/tyr-server/src/main/java/cn/axzo/tyr/server/service/SaasRoleUserRelationService.java b/tyr-server/src/main/java/cn/axzo/tyr/server/service/SaasRoleUserRelationService.java index 48dc9787..a787b066 100644 --- a/tyr-server/src/main/java/cn/axzo/tyr/server/service/SaasRoleUserRelationService.java +++ b/tyr-server/src/main/java/cn/axzo/tyr/server/service/SaasRoleUserRelationService.java @@ -4,6 +4,7 @@ import cn.axzo.basics.profiles.common.enums.IdentityType; import cn.axzo.framework.domain.page.PageResp; import cn.axzo.tyr.client.model.permission.IdentityAndAccountDTO; import cn.axzo.tyr.client.model.permission.QueryIdentityByPermissionDTO; +import cn.axzo.tyr.client.model.req.UpdateUserJobReq; import cn.axzo.tyr.client.model.roleuser.dto.SaasRoleUserDTO; import cn.axzo.tyr.client.model.roleuser.dto.SaasRoleUserV2DTO; import cn.axzo.tyr.client.model.roleuser.req.ListRoleUserRelationParam; @@ -40,4 +41,6 @@ public interface SaasRoleUserRelationService extends IService findIdentityAndAccountInfosByParams(QueryIdentityByPermissionDTO req); + + void updateWorkspaceUserRolesList(UpdateUserJobReq req); } diff --git a/tyr-server/src/main/java/cn/axzo/tyr/server/service/impl/SaasRoleUserRelationServiceImpl.java b/tyr-server/src/main/java/cn/axzo/tyr/server/service/impl/SaasRoleUserRelationServiceImpl.java index ef35a888..50a48b4e 100644 --- a/tyr-server/src/main/java/cn/axzo/tyr/server/service/impl/SaasRoleUserRelationServiceImpl.java +++ b/tyr-server/src/main/java/cn/axzo/tyr/server/service/impl/SaasRoleUserRelationServiceImpl.java @@ -2,22 +2,35 @@ package cn.axzo.tyr.server.service.impl; import cn.axzo.basics.common.BeanMapper; import cn.axzo.basics.common.constant.enums.TableIsDeleteEnum; +import cn.axzo.basics.common.util.AssertUtil; +import cn.axzo.basics.profiles.api.IdentityProfileApi; import cn.axzo.basics.profiles.api.UserProfileServiceApi; +import cn.axzo.basics.profiles.api.vo.request.FindIdentityProfileReq; import cn.axzo.basics.profiles.common.enums.IdentityType; +import cn.axzo.basics.profiles.dto.basic.IdentityProfileDto; import cn.axzo.basics.profiles.dto.basic.PersonProfileDto; import cn.axzo.foundation.dao.support.converter.PageConverter; import cn.axzo.foundation.dao.support.mysql.QueryWrapperHelper; +import cn.axzo.framework.auth.domain.ContextInfo; +import cn.axzo.framework.auth.domain.ContextInfoHolder; import cn.axzo.framework.domain.page.PageResp; +import cn.axzo.maokai.api.client.OrganizationalUnitApi; +import cn.axzo.maokai.api.vo.response.OrganizationalUnitVO; import cn.axzo.pokonyan.config.mybatisplus.BaseEntity; +import cn.axzo.pudge.core.service.ServiceException; import cn.axzo.tyr.client.common.enums.RoleTypeEnum; +import cn.axzo.tyr.client.model.enums.SaasJobTypeEnum; import cn.axzo.tyr.client.model.permission.IdentityAndAccountDTO; import cn.axzo.tyr.client.model.permission.QueryIdentityByPermissionDTO; +import cn.axzo.tyr.client.model.req.UpdateUserJobReq; +import cn.axzo.tyr.client.model.req.WorkspaceUpdateUserRoleDTO; import cn.axzo.tyr.client.model.res.SaasRoleRes; import cn.axzo.tyr.client.model.roleuser.dto.SaasRoleUserDTO; import cn.axzo.tyr.client.model.roleuser.dto.SaasRoleUserV2DTO; import cn.axzo.tyr.client.model.roleuser.req.ListRoleUserRelationParam; import cn.axzo.tyr.client.model.roleuser.req.PageRoleUserRelationParam; import cn.axzo.tyr.client.model.roleuser.req.RoleUserParam; +import cn.axzo.tyr.server.common.util.NumUtil; import cn.axzo.tyr.server.model.QueryUserRoleReq; import cn.axzo.tyr.server.model.SaasUserRoleExBO; import cn.axzo.tyr.server.repository.dao.SaasRoleDao; @@ -41,12 +54,15 @@ import org.apache.commons.lang3.BooleanUtils; import org.springframework.beans.BeanUtils; import org.springframework.beans.factory.annotation.Autowired; import org.springframework.stereotype.Service; +import org.springframework.transaction.annotation.Transactional; import org.springframework.util.CollectionUtils; import javax.annotation.Resource; +import java.util.ArrayList; import java.util.Arrays; import java.util.Collection; import java.util.Collections; +import java.util.HashSet; import java.util.List; import java.util.Map; import java.util.Objects; @@ -74,6 +90,10 @@ public class SaasRoleUserRelationServiceImpl extends ServiceImpl list(RoleUserParam param) { @@ -323,4 +343,203 @@ public class SaasRoleUserRelationServiceImpl extends ServiceImpl findIdentityAndAccountInfosByParams(QueryIdentityByPermissionDTO req) { return saasRoleUserRelationDao.findAccountInfosByCode(req); } + + @Override + @Transactional(rollbackFor = Exception.class) + public void updateWorkspaceUserRolesList(UpdateUserJobReq req) { + Set roles = req.getRoles(); + if (CollectionUtils.isEmpty(roles)) { + return; + } + //region 排除掉超管和带班长,只修改init的 + Set roleIds = roles.stream().map(UpdateUserJobReq.RoleReq::getRoleId).collect(Collectors.toSet()); + List saasRoles = saasRoleDao.listRoleByIds(roleIds); + if (CollectionUtils.isEmpty(saasRoles)) { + return; + } + Set couldUpdateRoleIds = saasRoles.stream().filter(e -> Objects.equals(RoleTypeEnum.INIT.getValue(), e.getRoleType())).map(BaseEntity::getId).collect(Collectors.toSet()); + if (CollectionUtils.isEmpty(couldUpdateRoleIds)) { + return; + } + roles = roles.stream().filter(e -> couldUpdateRoleIds.contains(e.getRoleId())).collect(Collectors.toSet()); + //endregion + + List masterJobs = roles.stream().filter(e -> e.getJobType().equals(SaasJobTypeEnum.MASTER_JOB)).collect(Collectors.toList()); + if (masterJobs.size() != 1) { + AssertUtil.fail("主岗必须且只能有一个"); + } + Set slaveJobs = roles.stream().filter(e -> e.getJobType().equals(SaasJobTypeEnum.SLAVE_JOB)).collect(Collectors.toSet()); + if (!CollectionUtils.isEmpty(slaveJobs)) { + WorkspaceUpdateUserRoleDTO workspaceUpdateUserRoleDTO = new WorkspaceUpdateUserRoleDTO(); + workspaceUpdateUserRoleDTO.setWorkspaceId(req.getWorkspaceId()); + workspaceUpdateUserRoleDTO.setOuId(req.getOuId()); + workspaceUpdateUserRoleDTO.setIdentityId(req.getIdentityId()); + workspaceUpdateUserRoleDTO.setIdentityType(req.getIdentityType()); + workspaceUpdateUserRoleDTO.setUpdateRoleIds(slaveJobs.stream().map(UpdateUserJobReq.RoleReq::getRoleId).collect(Collectors.toList())); + //这里面会删除所有岗位(主岗,兼岗) + updateWorkspaceUserRolesList(Lists.newArrayList(workspaceUpdateUserRoleDTO)); + } else { + //如果传入空,表示删除兼岗 + saasRoleUserRelationDao.deleteButNotAdminAndNotLeader(req.getWorkspaceId(), req.getOuId(), req.getIdentityId(), + req.getIdentityType(), SaasJobTypeEnum.SLAVE_JOB); + } + UpdateUserJobReq.RoleReq masterJob = masterJobs.get(0); + checkRoleInWorkspaceAndFitOu(Collections.singletonList(masterJob.getRoleId()), req.getWorkspaceId(), req.getOuId(), Collections.singletonList(RoleTypeEnum.INIT)); + IdentityProfileDto profile = this.checkIdentity(req.getIdentityId(), req.getIdentityType()); + //删除用户的主岗 + saasRoleUserRelationDao.deleteButNotAdminAndNotLeader(req.getWorkspaceId(), req.getOuId(), req.getIdentityId(), + req.getIdentityType(), SaasJobTypeEnum.MASTER_JOB); + + //添加用户主岗 + SaasRoleUserRelation relation = new SaasRoleUserRelation(); + relation.setRoleId(masterJob.getRoleId()); + relation.setIdentityId(req.getIdentityId()); + relation.setIdentityType(profile.getIdentityType().getCode()); + relation.setIsDelete(0L); + relation.setNaturalPersonId(profile.getPersonProfile().getId()); + relation.setOuId(req.getOuId()); + relation.setResourceId(0L); + relation.setJobType(SaasJobTypeEnum.MASTER_JOB); + relation.setResourceType(0); + relation.setWorkspaceId(req.getWorkspaceId()); + saasRoleUserRelationDao.save(relation); + } + + private Boolean updateWorkspaceUserRolesList(List dtoList) { + Set roleIdSet = new HashSet<>(); + for (WorkspaceUpdateUserRoleDTO dto : dtoList) { + roleIdSet.addAll(dto.getUpdateRoleIds()); + } + // 先从数据库里拿出所有的Role by roleIds + // 检查一下是否有SUPER_ADMIN、ADMIN,如果有就抛异常,不能分配ADMIN、SUPER_ADMIN + // 检查一下所有Role都存在,且都是这个workspace、这个ou的,否则抛异常,角色列表有错 + // 完成数据库写操作 + // 返回 + + Long workspaceId = dtoList.get(0).getWorkspaceId(); + Long ouId = dtoList.get(0).getOuId(); + for (int i = 1; i < dtoList.size(); i++) { + if (!NumUtil.equals(workspaceId, dtoList.get(i).getWorkspaceId())) { + throw new ServiceException(String.format("批量配置角色失败,输入列表中有多个不同的工作台Id,%d != %d", workspaceId, + dtoList.get(i).getWorkspaceId())); + } + if (!NumUtil.equals(ouId, dtoList.get(i).getOuId())) { + throw new ServiceException( + String.format("批量配置角色失败,输入列表中有多个不同的单位ID,%d != %d", ouId, dtoList.get(i).getOuId())); + } + + } + + checkWorkspace(workspaceId); + checkRoleInWorkspaceAndFitOu(roleIdSet, workspaceId, ouId, + Arrays.asList(RoleTypeEnum.INIT, RoleTypeEnum.COMMON)); + for (WorkspaceUpdateUserRoleDTO g : dtoList) { + if (!doUpdateWorkspaceUserRoles(g.getIdentityId(), g.getIdentityType(), g.getUpdateRoleIds(), g.getWorkspaceId(), g.getOuId(), g.getJobType())) { + throw new ServiceException(String.format("批量配置角色失败,失败点:用户身份ID=%d,工作台ID=%d, 角色列表=%s", g.getIdentityId(), + g.getWorkspaceId(), NumUtil.joinToString(g.getUpdateRoleIds(), ","))); + } + } + return Boolean.TRUE; + } + + /** + * 检查这些Role是这个Workspace的,也是这个OU合适的 + * + * @param roleIds + * @param workspaceId + * @param typeList + */ + private void checkRoleInWorkspaceAndFitOu(Collection roleIds, Long workspaceId, Long ouId, + List typeList) { + if (CollectionUtils.isEmpty(roleIds)) { + return; + } + OrganizationalUnitVO ou = checkAndReturnOU(ouId); + List roles = this.saasRoleDao.lambdaQuery().in(SaasRole::getId, roleIds) + .in(SaasRole::getRoleType, + typeList.stream().map(RoleTypeEnum::getValue).collect(Collectors.toList())) + .eq(SaasRole::getIsDelete, 0).list(); + Set roleIdSet = roles.stream().map(SaasRole::getId).collect(Collectors.toSet()); + + for (Long id : roleIds) { + if (roleIdSet.contains(id)) + continue; + throw new ServiceException("无法找到角色,ID=" + id); + } + + for (SaasRole role : roles) { + if (!NumUtil.equals(role.getWorkspaceId(), workspaceId)) { + throw new ServiceException("角色不属于当前工作台"); + } + if (!role.isFitOuType(ou.getType())) { + throw new ServiceException(String.format("角色[%d-%s]不能适用于单位[%d-%s]", role.getId(), role.getName(), + ou.getId(), ou.getName())); + } + } + } + + private void checkWorkspace(Long workspaceId) { + ContextInfo contextInfo = ContextInfoHolder.get(); + if (null != contextInfo) { + if (!NumUtil.equals(contextInfo.getWorkspaceId(), workspaceId)) { + String msg = String.format("输入的工作台与当前Context工作台不一致, contextInfo.workspace=%d, params.workspaceId=%d", + contextInfo.getWorkspaceId(), workspaceId); + log.error(msg); + // 以后稍微稳定一些了再抛异常吧。 + // throw new ServiceException(msg); + } + } + } + + /** + * @param identityId + * @param roleIdList + * @param workspaceId + * @param ouId + * @param jobType + * @return + */ + private boolean doUpdateWorkspaceUserRoles(Long identityId, IdentityType identityType, List roleIdList, Long workspaceId, Long ouId, SaasJobTypeEnum jobType) { + IdentityProfileDto profile = this.checkIdentity(identityId, identityType); + saasRoleUserRelationDao.delByIdentityAndWorkspaceIdAndOuId(identityId, identityType, workspaceId, ouId); + List list = new ArrayList<>(); + for (Long roleId : roleIdList) { + SaasRoleUserRelation relation = new SaasRoleUserRelation(); + relation.setRoleId(roleId); + relation.setIdentityId(identityId); + relation.setIdentityType(profile.getIdentityType().getCode()); + relation.setIsDelete(0L); + relation.setNaturalPersonId(profile.getPersonProfile().getId()); + relation.setOuId(ouId); + relation.setResourceId(0L); + relation.setJobType(jobType); + relation.setResourceType(0); + relation.setWorkspaceId(workspaceId); + list.add(relation); + } + return saasRoleUserRelationDao.saveBatch(list); + } + + private IdentityProfileDto checkIdentity(Long identityId, IdentityType identityType) { + if(identityId == null || NumUtil.equals(identityId, 0L)) + throw new ServiceException("身份错误"); + + if (identityType == null) + return null; + + FindIdentityProfileReq req = FindIdentityProfileReq.builder() + .identityId(identityId) + .identityType(identityType) + .build(); + IdentityProfileDto profile = RpcInternalUtil.checkAndGetData(identityProfileApi.findIdentityProfile(req)); + if (Objects.isNull(profile)) + throw new ServiceException(String.format("找不到相关身份ID=%d的信息", identityId)); + return profile; + } + + private OrganizationalUnitVO checkAndReturnOU(Long ouId) { + if(NumUtil.isZero(ouId)) + throw new ServiceException("单位为空"); + return RpcInternalUtil.checkAndGetData(organizationalUnitApi.getById(ouId)); + } } diff --git a/tyr-server/src/main/resources/mapper/SaasRoleUserRelationMapper.xml b/tyr-server/src/main/resources/mapper/SaasRoleUserRelationMapper.xml index b33a5e20..813627cd 100644 --- a/tyr-server/src/main/resources/mapper/SaasRoleUserRelationMapper.xml +++ b/tyr-server/src/main/resources/mapper/SaasRoleUserRelationMapper.xml @@ -135,4 +135,17 @@ GROUP BY sa.natural_person_id,srur.identity_id,srur.identity_type,sa.id + + + update saas_role_user_relation t1 inner join saas_role t2 on t1.role_id = t2.id and t2.role_type = 'init' and + t2.is_delete = 0 + set t1.is_delete=t1.id + where t1.workspace_id = #{workspaceId} + and t1.ou_id = #{ouId} + and t1.identity_id = #{identityId} + and t1.identity_type = #{identityType} + + and t1.job_type = #{jobType} + + \ No newline at end of file