feat:(REQ-2720) 兼容子节点是免授权，需要返回父节点权限的逻辑

tyr-api/src/main/java/cn/axzo/tyr/client/model/res/IdentityAuthRes.java

@@ -56,7 +56,7 @@ public class IdentityAuthRes   {
    public static class PermissionPoint {
         private Long featureId;
 
-       private String featureCode;
+        private String featureCode;
 
         private Integer featureType;
 

tyr-api/src/main/java/cn/axzo/tyr/client/model/res/SaasFeatureResourceResp.java

@@ -3,7 +3,7 @@ package cn.axzo.tyr.client.model.res;
 import cn.axzo.tyr.client.model.base.FeatureResourceExtraDO;
 import com.baomidou.mybatisplus.annotation.TableField;
 import com.baomidou.mybatisplus.extension.handlers.FastjsonTypeHandler;
-import com.google.common.collect.Lists;
+import com.google.common.collect.Sets;
 import lombok.AllArgsConstructor;
 import lombok.Builder;
 import lombok.Data;
@@ -11,7 +11,6 @@ import lombok.NoArgsConstructor;
 
 import java.util.Arrays;
 import java.util.Date;
-import java.util.List;
 import java.util.Optional;
 import java.util.Set;
 import java.util.stream.Collectors;
@@ -149,9 +148,9 @@ public class SaasFeatureResourceResp {
      */
     private String uniCode;
 
-    public List<Long> resolvePath() {
+    public Set<Long> resolvePath() {
         return Optional.ofNullable(this.getPath())
-                .map(e -> Arrays.stream(e.split(",")).map(Long::valueOf).collect(Collectors.toList()))
-                .orElseGet(Lists::newArrayList);
+                .map(e -> Arrays.stream(e.split(",")).map(Long::valueOf).collect(Collectors.toSet()))
+                .orElseGet(Sets::newHashSet);
     }
 }

tyr-server/src/main/java/cn/axzo/tyr/server/event/inner/CacheSaasFeatureHandler.java

@@ -48,6 +48,7 @@ public class CacheSaasFeatureHandler implements EventHandler, InitializingBean {
                 .map(e -> SaasFeatureResourceService.SaasFeatureResourceCache.builder()
                         .featureId(e.getId())
                         .notAuth(DelegatedType.notAuth(e.getDelegatedType()))
+                        .parentIds(e.splitPath())
                         .build())
                 .collect(Collectors.toList());
 

tyr-server/src/main/java/cn/axzo/tyr/server/event/inner/CacheSaasFeatureResourceHandler.java

@@ -48,6 +48,7 @@ public class CacheSaasFeatureResourceHandler implements EventHandler, Initializi
                 .map(e -> SaasFeatureResourceService.SaasFeatureResourceCache.builder()
                         .featureId(e.getId())
                         .notAuth(SaasFeatureResource.AuthType.isAllRole(e.getAuthType()))
+                        .parentIds(e.resolvePath())
                         .build())
                 .collect(Collectors.toList());
 

tyr-server/src/main/java/cn/axzo/tyr/server/service/SaasFeatureResourceService.java

@@ -105,5 +105,7 @@ public interface SaasFeatureResourceService extends IService<SaasFeatureResource
         private Long featureId;
 
         private boolean notAuth;
+
+        private Set<Long> parentIds;
     }
 }

tyr-server/src/main/java/cn/axzo/tyr/server/service/impl/TyrSaasAuthServiceImpl.java

@@ -1521,6 +1521,15 @@ public class TyrSaasAuthServiceImpl implements TyrSaasAuthService {
                 .collect(Collectors.groupingBy(e -> e.getSaasRoleUser().buildOuWorkspaceKey(),
                         Collectors.mapping(SaasRoleUserV2DTO::getSaasRole, Collectors.toList())));
 
+        Set<String> terminals = workspaceProductPermissions.values().stream()
+                .flatMap(Collection::stream)
+                .map(WorkspaceProductService.ProductPermission::getPermissions)
+                .flatMap(Collection::stream)
+                .map(ProductPermissionCacheService.PermissionDTO::getTerminal)
+                .collect(Collectors.toSet());
+        // CMP、CMS新旧菜单树id不会重复
+        List<SaasFeatureResourceService.SaasFeatureResourceCache> allFeatures = listSaasFeatureCaches(terminals);
+
         watch.start("redis:resolve permission");
         List<IdentityAuthRes.WorkspacePermission> permissions = identityAuthReq.getWorkspaceOusPairs().stream()
                 .map(workspaceOuPair -> {
@@ -1541,7 +1550,7 @@ public class TyrSaasAuthServiceImpl implements TyrSaasAuthService {
 
                     List<SaasRoleUserV2DTO.SaasRole> saasRoles = workspaceRoles.get(workspaceOuPair.buildOuWorkspaceKey());
 
-                    return buildPermissionsV2(workspaceOuPair, productPermissions, saasRoles, rolePermissions);
+                    return buildPermissionsV2(workspaceOuPair, productPermissions, saasRoles, rolePermissions, allFeatures);
                 })
                 .collect(Collectors.toList());
         watch.stop();
@@ -1560,19 +1569,14 @@ public class TyrSaasAuthServiceImpl implements TyrSaasAuthService {
     private IdentityAuthRes.WorkspacePermission buildPermissionsV2(IdentityAuthReq.WorkspaceOuPair workspaceOuPair,
                                                                    List<ProductPermissionCacheService.PermissionDTO> productPermissions,
                                                                    List<SaasRoleUserV2DTO.SaasRole> saasRoles,
-                                                                   Map<Long, List<RolePermissionCacheService.PermissionDTO>> rolePermissions) {
+                                                                   Map<Long, List<RolePermissionCacheService.PermissionDTO>> rolePermissions,
+                                                                   List<SaasFeatureResourceService.SaasFeatureResourceCache> allFeatures) {
 
         IdentityAuthRes.WorkspacePermission workspacePermission = IdentityAuthRes.WorkspacePermission.builder()
                 .workspaceId(workspaceOuPair.getWorkspaceId())
                 .ouId(workspaceOuPair.getOuId())
                 .build();
 
-        // 根据项目的产品找到对应端的所有权限点，因为可能存在某些权限点被删除或者是免授权，虽然有两颗权限点树，但是id不会重复，新的权限点从100000开始，历史的后续不会再使用
-        Set<String> terminals = productPermissions.stream()
-                .map(ProductPermissionCacheService.PermissionDTO::getTerminal)
-                .collect(Collectors.toSet());
-        List<SaasFeatureResourceService.SaasFeatureResourceCache> allFeatures = listSaasFeatureCaches(terminals);
-
         if (CollectionUtils.isEmpty(allFeatures)) {
             return workspacePermission;
         }
@@ -1650,15 +1654,24 @@ public class TyrSaasAuthServiceImpl implements TyrSaasAuthService {
 
     private Set<IdentityAuthRes.PermissionPoint> buildNoAuthPermission(List<ProductPermissionCacheService.PermissionDTO> productPermissions,
                                                                        List<SaasFeatureResourceService.SaasFeatureResourceCache> allFeatuers) {
+
+        // 因为有权授权权限的权限点，就需要有所有上层权限点的权限
         Set<Long> notAuthFeatureIds = allFeatuers.stream()
                 .filter(SaasFeatureResourceService.SaasFeatureResourceCache::isNotAuth)
-                .map(SaasFeatureResourceService.SaasFeatureResourceCache::getFeatureId)
+                .map(e -> Optional.ofNullable(e.getParentIds())
+                            .map(f -> {
+                                f.add(e.getFeatureId());
+                                return f;
+                            })
+                            .orElseGet(() -> Sets.newHashSet(e.getFeatureId())))
+                .flatMap(Collection::stream)
                 .collect(Collectors.toSet());
 
         if (CollectionUtils.isEmpty(notAuthFeatureIds)) {
             return Collections.emptySet();
         }
 
+
         return productPermissions.stream()
                 .filter(productPermission -> notAuthFeatureIds.contains(productPermission.getFeatureId()))
                 .map(e -> IdentityAuthRes.PermissionPoint.builder()