wangli/tyr
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

feat(2227-permissionQuery):修复免授权

Browse Source
This commit is contained in:
zhansihu 2024-04-15 23:06:57 +08:00
parent 3940b0c394
commit 346dab8247
2 changed files with 12 additions and 8 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

9
tyr-server/src/main/java/cn/axzo/tyr/server/service/impl/PermissionQueryServiceImpl.java
View File

@ -6,6 +6,7 @@ import cn.axzo.basics.common.util.NumberUtil;
import cn.axzo.basics.common.util.TreeUtil; import cn.axzo.basics.common.util.TreeUtil;
import cn.axzo.framework.auth.domain.TerminalInfo; import cn.axzo.framework.auth.domain.TerminalInfo;
import cn.axzo.maokai.common.enums.SaasCooperateShipCooperateTypeEnum; import cn.axzo.maokai.common.enums.SaasCooperateShipCooperateTypeEnum;
import cn.axzo.tyr.client.common.enums.FeatureResourceAuthType;
import cn.axzo.tyr.client.common.enums.RoleTypeEnum; import cn.axzo.tyr.client.common.enums.RoleTypeEnum;
import cn.axzo.tyr.client.model.base.WorkspaceOUPair; import cn.axzo.tyr.client.model.base.WorkspaceOUPair;
import cn.axzo.tyr.client.model.enums.IdentityType; import cn.axzo.tyr.client.model.enums.IdentityType;
@ -235,13 +236,19 @@ public class PermissionQueryServiceImpl implements PermissionQueryService {
} }
private List<Long> buildNormalPermission(RoleWithFeature role, List<WorkspaceFeatureRelation> allFeatures) { private List<Long> buildNormalPermission(RoleWithFeature role, List<WorkspaceFeatureRelation> allFeatures) {
Set<Long> featureIds = featureResourceService.permissionQuery(ResourcePermissionQueryDTO.builder()
.authTypes(Collections.singletonList(FeatureResourceAuthType.ALL_ROLE.getCode()))
.build())
.stream()
.map(ResourcePermission::getId)
.collect(Collectors.toSet());
//普通角色角色同类型的租户产品权限已分配 且角色上已分配 + 免授权 //普通角色角色同类型的租户产品权限已分配 且角色上已分配 + 免授权
Set<Long> roleFeatures = role.getFeatureIds(); Set<Long> roleFeatures = role.getFeatureIds();
return allFeatures.stream() return allFeatures.stream()
.filter(f -> Objects.equals(f.getProductUnitType(), role.getProductUnitType()) .filter(f -> Objects.equals(f.getProductUnitType(), role.getProductUnitType())
|| !NumberUtil.isPositiveNumber(role.getProductUnitType())) || !NumberUtil.isPositiveNumber(role.getProductUnitType()))
.map(WorkspaceFeatureRelation::getFeatureId) .map(WorkspaceFeatureRelation::getFeatureId)
.filter(id -> roleFeatures.contains(id) || featureResourceService.isAuthFree(id)) .filter(id -> roleFeatures.contains(id) || featureIds.contains(id))
.collect(Collectors.toList()); .collect(Collectors.toList());
} }

11
tyr-server/src/main/java/cn/axzo/tyr/server/service/impl/SaasFeatureResourceServiceImpl.java
View File

@ -44,6 +44,7 @@ import java.util.Comparator;
import java.util.List; import java.util.List;
import java.util.Map; import java.util.Map;
import java.util.Objects; import java.util.Objects;
import java.util.Set;
import java.util.concurrent.TimeUnit; import java.util.concurrent.TimeUnit;
import java.util.concurrent.atomic.AtomicLong; import java.util.concurrent.atomic.AtomicLong;
import java.util.function.Function; import java.util.function.Function;
@ -118,16 +119,12 @@ public class SaasFeatureResourceServiceImpl implements SaasFeatureResourceServic
} }
//load from DB //load from DB
String[] featureIds = this.permissionQuery(ResourcePermissionQueryDTO.builder() Set<Long> featureIds = this.permissionQuery(ResourcePermissionQueryDTO.builder()
.authTypes(Collections.singletonList(FeatureResourceAuthType.ALL_ROLE.getCode())) .authTypes(Collections.singletonList(FeatureResourceAuthType.ALL_ROLE.getCode()))
.build()) .build())
.stream() .stream()
.map(ResourcePermission::getId).map(String::valueOf) .map(ResourcePermission::getId).collect(Collectors.toSet());
.toArray(String[]::new); return false;
RedisClient.SetOps.sAdd(KEY_AUTH_FREE, featureIds);
RedisClient.KeyOps.expire(KEY_AUTH_FREE, 120L, TimeUnit.MINUTES);
return RedisClient.SetOps.sIsMember(KEY_AUTH_FREE, featureId);
} }
@Override @Override