Merge branch 'release/20241016' into 'master'
Release/20241016 See merge request universal/infrastructure/backend/tyr!260
This commit is contained in:
李龙
commit
3e80c801c9
@ -3,6 +3,7 @@ package cn.axzo.tyr.client.feign;
|
||||
import cn.axzo.foundation.page.PageResp;
|
||||
import cn.axzo.framework.domain.web.result.ApiResult;
|
||||
import cn.axzo.tyr.client.model.req.DeleteFeatureResourceReq;
|
||||
import cn.axzo.tyr.client.model.req.DetailFeatureResourceReq;
|
||||
import cn.axzo.tyr.client.model.req.FeatureResourceTreeSaveReq;
|
||||
import cn.axzo.tyr.client.model.req.GetFeatureResourceTreeReq;
|
||||
import cn.axzo.tyr.client.model.req.PageSaasFeatureResourceReq;
|
||||
@ -56,10 +57,18 @@ public interface FeatureResourceApi {
|
||||
@PostMapping("/api/featureResource/reorder")
|
||||
ApiResult<Void> reorderFeatureTree(@RequestParam Long featureId, @RequestParam Integer offset);
|
||||
|
||||
/** 菜单详情 **/
|
||||
/**
|
||||
* 去掉,因为原接口入参只能只一个featureId,无法扩展,所以使用detailV2
|
||||
* @param featureId
|
||||
* @return
|
||||
*/
|
||||
@PostMapping("/api/featureResource/detail")
|
||||
@Deprecated
|
||||
ApiResult<FeatureResourceTreeNode> detail(@RequestParam Long featureId);
|
||||
|
||||
@PostMapping("/api/featureResource/detail/v2")
|
||||
ApiResult<FeatureResourceTreeNode> detailV2(@RequestBody @Valid DetailFeatureResourceReq req);
|
||||
|
||||
/** 从基准环境查询功能资源树 **/
|
||||
@PostMapping("/api/featureResource/getBaseTree")
|
||||
ApiResult<List<FeatureResourceTreeNode>> getBaseTree(@RequestBody @Valid GetFeatureResourceTreeReq req);
|
||||
|
||||
@ -1,6 +1,7 @@
|
||||
package cn.axzo.tyr.client.feign;
|
||||
|
||||
import cn.axzo.framework.domain.web.result.ApiResult;
|
||||
import cn.axzo.tyr.client.model.req.BatchPermissionCheckReq;
|
||||
import cn.axzo.tyr.client.model.req.ListPermissionFeatureReq;
|
||||
import cn.axzo.tyr.client.model.req.NavTreeReq;
|
||||
import cn.axzo.tyr.client.model.req.PagePermissionReq;
|
||||
@ -8,6 +9,7 @@ import cn.axzo.tyr.client.model.req.PagePermissionResp;
|
||||
import cn.axzo.tyr.client.model.req.PermissionCheckReq;
|
||||
import cn.axzo.tyr.client.model.req.TreePermissionReq;
|
||||
import cn.axzo.tyr.client.model.req.TreeProductFeatureResourceReq;
|
||||
import cn.axzo.tyr.client.model.res.BatchPermissionCheckRes;
|
||||
import cn.axzo.tyr.client.model.res.FeatureResourceDTO;
|
||||
import cn.axzo.tyr.client.model.res.ListPermissionFeatureResp;
|
||||
import cn.axzo.tyr.client.model.res.NavTreeResp;
|
||||
@ -44,6 +46,14 @@ public interface PermissionQueryApi {
|
||||
@PostMapping(value = "/api/v3/permission/query/hasPermission")
|
||||
ApiResult<Boolean> hasPermission(@RequestBody @Valid PermissionCheckReq req);
|
||||
|
||||
/**
|
||||
* 批量鉴权
|
||||
* @param req
|
||||
* @return
|
||||
*/
|
||||
@PostMapping(value = "/api/v3/permission/query/hasPermission/batch")
|
||||
ApiResult<BatchPermissionCheckRes> hasPermissionBatch(@RequestBody @Valid BatchPermissionCheckReq req);
|
||||
|
||||
/**
|
||||
* 查询租户的权限树
|
||||
* @param request
|
||||
|
||||
@ -107,9 +107,13 @@ public interface TyrSaasRoleApi {
|
||||
*
|
||||
* @return
|
||||
*/
|
||||
@Deprecated
|
||||
@PostMapping("/api/saasRole/queryBatchByIdentityIdType")
|
||||
ApiResult<List<QueryBatchByIdentityIdTypeRes>> queryBatchByIdentityIdType(@RequestBody List<QueryByIdentityIdTypeReq> req);
|
||||
|
||||
@PostMapping("/api/saasRole/queryBatchByIdentityIdType/v2")
|
||||
ApiResult<List<QueryBatchByIdentityIdTypeRes>> queryBatchByIdentityIdTypeV2(@RequestBody List<QueryByIdentityIdTypeReq> req);
|
||||
|
||||
/**
|
||||
* 根据身份id身份类型查询是否为超管
|
||||
*
|
||||
|
||||
@ -0,0 +1,28 @@
|
||||
package cn.axzo.tyr.client.model.req;
|
||||
|
||||
import cn.axzo.tyr.client.model.base.WorkspaceOUPair;
|
||||
import lombok.AllArgsConstructor;
|
||||
import lombok.Builder;
|
||||
import lombok.Data;
|
||||
import lombok.NoArgsConstructor;
|
||||
|
||||
import javax.validation.constraints.NotBlank;
|
||||
import javax.validation.constraints.NotEmpty;
|
||||
import javax.validation.constraints.NotNull;
|
||||
import java.util.List;
|
||||
|
||||
@Data
|
||||
@Builder
|
||||
@NoArgsConstructor
|
||||
@AllArgsConstructor
|
||||
public class BatchPermissionCheckReq {
|
||||
|
||||
@NotNull(message = "personId不能为空")
|
||||
private Long personId;
|
||||
|
||||
@NotEmpty(message = "workspaceOUPairs不能为空")
|
||||
private List<WorkspaceOUPair> workspaceOUPairs;
|
||||
|
||||
@NotBlank(message = "itemCode不能为空")
|
||||
private String itemCode;
|
||||
}
|
||||
@ -0,0 +1,25 @@
|
||||
package cn.axzo.tyr.client.model.req;
|
||||
|
||||
import lombok.AllArgsConstructor;
|
||||
import lombok.Builder;
|
||||
import lombok.Data;
|
||||
import lombok.NoArgsConstructor;
|
||||
|
||||
import javax.validation.constraints.NotNull;
|
||||
|
||||
@Data
|
||||
@Builder
|
||||
@NoArgsConstructor
|
||||
@AllArgsConstructor
|
||||
public class DetailFeatureResourceReq {
|
||||
|
||||
@NotNull(message = "featureId不能为空")
|
||||
private Long featureId;
|
||||
|
||||
private Boolean needRole;
|
||||
|
||||
/**
|
||||
* 资源类型1-菜单 2-页面 3-应用入口 4-组件;5-root节点
|
||||
*/
|
||||
private Integer featureType;
|
||||
}
|
||||
@ -9,6 +9,10 @@ import lombok.*;
|
||||
@EqualsAndHashCode
|
||||
public class QueryByIdentityIdTypeReq {
|
||||
|
||||
/**
|
||||
* personId跟identityId、identityType不能混用
|
||||
* 只存在使用personId或者identityId\identityType
|
||||
*/
|
||||
Long identityId;
|
||||
|
||||
/**
|
||||
|
||||
@ -0,0 +1,34 @@
|
||||
package cn.axzo.tyr.client.model.res;
|
||||
|
||||
import lombok.AllArgsConstructor;
|
||||
import lombok.Builder;
|
||||
import lombok.Data;
|
||||
import lombok.NoArgsConstructor;
|
||||
|
||||
import java.util.List;
|
||||
|
||||
@Data
|
||||
@Builder
|
||||
@NoArgsConstructor
|
||||
@AllArgsConstructor
|
||||
public class BatchPermissionCheckRes {
|
||||
|
||||
private List<WorkspaceOuPermission> workspaceOuPermissions;
|
||||
|
||||
@Data
|
||||
@Builder
|
||||
@NoArgsConstructor
|
||||
@AllArgsConstructor
|
||||
public static class WorkspaceOuPermission {
|
||||
private Long ouId;
|
||||
|
||||
private Long workspaceId;
|
||||
|
||||
/**
|
||||
* true表示有权限
|
||||
* false表示没权限
|
||||
*/
|
||||
private Boolean permissionResult;
|
||||
}
|
||||
}
|
||||
|
||||
@ -8,6 +8,7 @@ import lombok.NoArgsConstructor;
|
||||
import lombok.experimental.SuperBuilder;
|
||||
|
||||
import java.util.List;
|
||||
import java.util.Set;
|
||||
|
||||
/**
|
||||
* 功能资源树形节点
|
||||
@ -26,6 +27,8 @@ public class FeatureResourceTreeNode extends FeatureResourceDTO implements IBase
|
||||
|
||||
private List<String> roleCodes;
|
||||
|
||||
private Set<Long> roleIds;
|
||||
|
||||
@JsonIgnore
|
||||
@Override
|
||||
public Long getNodeCode() {
|
||||
|
||||
@ -113,6 +113,9 @@ public class ListRoleUserRelationParam {
|
||||
@CriteriaField(ignore = true)
|
||||
private Set<String> roleCodes;
|
||||
|
||||
@CriteriaField(ignore = true)
|
||||
private List<BatchPerson> batchPersons;
|
||||
|
||||
@Data
|
||||
@Builder
|
||||
@NoArgsConstructor
|
||||
@ -130,4 +133,23 @@ public class ListRoleUserRelationParam {
|
||||
private Long ouId;
|
||||
}
|
||||
|
||||
@Data
|
||||
@Builder
|
||||
@NoArgsConstructor
|
||||
@AllArgsConstructor
|
||||
public static class BatchPerson {
|
||||
private Long identityId;
|
||||
|
||||
/**
|
||||
* 身份类型 1:工人 2:班组长 3:从业人员 4:监管人员 5:运营人员
|
||||
*/
|
||||
private Integer identityType;
|
||||
|
||||
private Long workspaceId;
|
||||
|
||||
private Long ouId;
|
||||
|
||||
private Long personId;
|
||||
}
|
||||
|
||||
}
|
||||
|
||||
@ -4,6 +4,7 @@ import cn.axzo.foundation.page.PageResp;
|
||||
import cn.axzo.framework.domain.web.result.ApiResult;
|
||||
import cn.axzo.tyr.client.feign.FeatureResourceApi;
|
||||
import cn.axzo.tyr.client.model.req.DeleteFeatureResourceReq;
|
||||
import cn.axzo.tyr.client.model.req.DetailFeatureResourceReq;
|
||||
import cn.axzo.tyr.client.model.req.FeatureResourceTreeSaveReq;
|
||||
import cn.axzo.tyr.client.model.req.GetFeatureResourceTreeReq;
|
||||
import cn.axzo.tyr.client.model.req.PageSaasFeatureResourceReq;
|
||||
@ -79,7 +80,15 @@ public class FeatureResourceController implements FeatureResourceApi {
|
||||
@Override
|
||||
public ApiResult<FeatureResourceTreeNode> detail(Long featureId) {
|
||||
// 详情只查子集组件
|
||||
return ApiResult.ok(featureResourceService.getTreeFeatureDescendant(featureId, null));
|
||||
DetailFeatureResourceReq detailFeatureResourceReq = DetailFeatureResourceReq.builder()
|
||||
.featureId(featureId)
|
||||
.build();
|
||||
return ApiResult.ok(featureResourceService.getTreeFeatureDescendant(detailFeatureResourceReq));
|
||||
}
|
||||
|
||||
@Override
|
||||
public ApiResult<FeatureResourceTreeNode> detailV2(DetailFeatureResourceReq req) {
|
||||
return ApiResult.ok(featureResourceService.getTreeFeatureDescendant(req));
|
||||
}
|
||||
|
||||
@Override
|
||||
|
||||
@ -1,7 +1,10 @@
|
||||
package cn.axzo.tyr.server.controller.permission;
|
||||
|
||||
import cn.axzo.basics.common.BeanMapper;
|
||||
import cn.axzo.framework.domain.web.result.ApiResult;
|
||||
import cn.axzo.tyr.client.feign.PermissionQueryApi;
|
||||
import cn.axzo.tyr.client.model.req.BatchPermissionCheckReq;
|
||||
import cn.axzo.tyr.client.model.req.IdentityAuthReq;
|
||||
import cn.axzo.tyr.client.model.req.ListPermissionFeatureReq;
|
||||
import cn.axzo.tyr.client.model.req.NavTreeReq;
|
||||
import cn.axzo.tyr.client.model.req.PagePermissionReq;
|
||||
@ -9,17 +12,22 @@ import cn.axzo.tyr.client.model.req.PagePermissionResp;
|
||||
import cn.axzo.tyr.client.model.req.PermissionCheckReq;
|
||||
import cn.axzo.tyr.client.model.req.TreePermissionReq;
|
||||
import cn.axzo.tyr.client.model.req.TreeProductFeatureResourceReq;
|
||||
import cn.axzo.tyr.client.model.res.BatchPermissionCheckRes;
|
||||
import cn.axzo.tyr.client.model.res.FeatureResourceDTO;
|
||||
import cn.axzo.tyr.client.model.res.IdentityAuthRes;
|
||||
import cn.axzo.tyr.client.model.res.ListPermissionFeatureResp;
|
||||
import cn.axzo.tyr.client.model.res.NavTreeResp;
|
||||
import cn.axzo.tyr.client.model.res.ProductFeatureResourceResp;
|
||||
import cn.axzo.tyr.client.model.res.TreePermissionResp;
|
||||
import cn.axzo.tyr.server.service.PermissionQueryService;
|
||||
import cn.axzo.tyr.server.service.TyrSaasAuthService;
|
||||
import lombok.RequiredArgsConstructor;
|
||||
import lombok.extern.slf4j.Slf4j;
|
||||
import org.apache.commons.collections.CollectionUtils;
|
||||
import org.springframework.web.bind.annotation.RestController;
|
||||
|
||||
import java.util.List;
|
||||
import java.util.stream.Collectors;
|
||||
|
||||
/**
|
||||
* 权限接口实现
|
||||
@ -34,6 +42,7 @@ import java.util.List;
|
||||
public class PermissionQueryController implements PermissionQueryApi {
|
||||
|
||||
private final PermissionQueryService permissionService;
|
||||
private final TyrSaasAuthService tyrSaasAuthService;
|
||||
|
||||
@Override
|
||||
public ApiResult<List<NavTreeResp>> getNavTree(NavTreeReq req) {
|
||||
@ -50,6 +59,27 @@ public class PermissionQueryController implements PermissionQueryApi {
|
||||
return ApiResult.ok(permissionService.hasPermission(req));
|
||||
}
|
||||
|
||||
@Override
|
||||
public ApiResult<BatchPermissionCheckRes> hasPermissionBatch(BatchPermissionCheckReq req) {
|
||||
|
||||
IdentityAuthReq request = IdentityAuthReq.builder().build();
|
||||
request.setPersonId(req.getPersonId());
|
||||
List<IdentityAuthReq.WorkspaceOuPair> pairs = BeanMapper.copyList(req.getWorkspaceOUPairs(), IdentityAuthReq.WorkspaceOuPair.class);
|
||||
request.setWorkspaceOusPairs(pairs);
|
||||
request.setItemCode(req.getItemCode());
|
||||
IdentityAuthRes authRes = tyrSaasAuthService.findIdentityAuthMix(request);
|
||||
|
||||
return ApiResult.ok(BatchPermissionCheckRes.builder()
|
||||
.workspaceOuPermissions(authRes.getPermissions().stream()
|
||||
.map(e -> BatchPermissionCheckRes.WorkspaceOuPermission.builder()
|
||||
.workspaceId(e.getWorkspaceId())
|
||||
.ouId(e.getOuId())
|
||||
.permissionResult(CollectionUtils.isNotEmpty(e.getPermissionPoint()))
|
||||
.build())
|
||||
.collect(Collectors.toList()))
|
||||
.build());
|
||||
}
|
||||
|
||||
@Override
|
||||
public ApiResult<List<ProductFeatureResourceResp>> treeProduct(TreeProductFeatureResourceReq request) {
|
||||
return ApiResult.ok(permissionService.treeProduct(request));
|
||||
|
||||
@ -173,6 +173,11 @@ public class SaasRoleController implements TyrSaasRoleApi {
|
||||
return ApiResult.ok(roleService.queryBatchByIdentityIdType(req));
|
||||
}
|
||||
|
||||
@Override
|
||||
public ApiResult<List<QueryBatchByIdentityIdTypeRes>> queryBatchByIdentityIdTypeV2(List<QueryByIdentityIdTypeReq> req) {
|
||||
return ApiResult.ok(roleService.queryBatchByIdentityIdTypeV2(req));
|
||||
}
|
||||
|
||||
@Override
|
||||
public ApiResult<List<IsSuperAdminRes>> isSuperAdmin(List<QueryByIdentityIdTypeReq> req) {
|
||||
return ApiResult.ok(roleService.isSuperAdmin(req));
|
||||
|
||||
@ -55,8 +55,11 @@ public interface RoleService extends IService<SaasRole> {
|
||||
|
||||
List<SaasRoleVO> query(QuerySaasRoleReq req);
|
||||
|
||||
@Deprecated
|
||||
List<QueryBatchByIdentityIdTypeRes> queryBatchByIdentityIdType(List<QueryByIdentityIdTypeReq> req);
|
||||
|
||||
List<QueryBatchByIdentityIdTypeRes> queryBatchByIdentityIdTypeV2(List<QueryByIdentityIdTypeReq> req);
|
||||
|
||||
Long saveOrUpdate(SaveOrUpdateRoleVO saveOrUpdateRole);
|
||||
|
||||
List<IsSuperAdminRes> isSuperAdmin(List<QueryByIdentityIdTypeReq> req);
|
||||
|
||||
@ -2,6 +2,7 @@ package cn.axzo.tyr.server.service;
|
||||
|
||||
import cn.axzo.foundation.page.PageResp;
|
||||
import cn.axzo.tyr.client.model.req.DeleteFeatureResourceReq;
|
||||
import cn.axzo.tyr.client.model.req.DetailFeatureResourceReq;
|
||||
import cn.axzo.tyr.client.model.req.FeatureResourceTreeSaveReq;
|
||||
import cn.axzo.tyr.client.model.req.GetFeatureResourceTreeReq;
|
||||
import cn.axzo.tyr.client.model.req.PageSaasFeatureResourceReq;
|
||||
@ -38,7 +39,7 @@ public interface SaasFeatureResourceService extends IService<SaasFeatureResource
|
||||
|
||||
SaasFeatureResource featureResourceById(Long featureId);
|
||||
|
||||
FeatureResourceTreeNode getTreeFeatureDescendant(Long featureId, Integer featureType);
|
||||
FeatureResourceTreeNode getTreeFeatureDescendant(DetailFeatureResourceReq param);
|
||||
|
||||
/**菜单重排序**/
|
||||
void reorderMenuFeature(Long featureId, Integer offset);
|
||||
|
||||
@ -46,11 +46,14 @@ import cn.axzo.tyr.client.model.vo.SaveOrUpdateRoleVO;
|
||||
import cn.axzo.tyr.server.config.MqProducer;
|
||||
import cn.axzo.tyr.server.event.payload.RolePermissionCreatedPayload;
|
||||
import cn.axzo.tyr.server.event.payload.SaasFeatureResourceUpsertPayload;
|
||||
import cn.axzo.tyr.server.model.RelationOperateLogResourceBindRoleDO;
|
||||
import cn.axzo.tyr.server.model.RelationOperateLogRoleBindResourceDO;
|
||||
import cn.axzo.tyr.server.model.ResourcePermission;
|
||||
import cn.axzo.tyr.server.model.ResourcePermissionQueryDTO;
|
||||
import cn.axzo.tyr.server.model.RoleFeatureRelation;
|
||||
import cn.axzo.tyr.server.model.RoleWithFeature;
|
||||
import cn.axzo.tyr.server.repository.dao.SaasFeatureDao;
|
||||
import cn.axzo.tyr.server.repository.dao.SaasFeatureResourceDao;
|
||||
import cn.axzo.tyr.server.repository.dao.SaasPermissionGroupDao;
|
||||
import cn.axzo.tyr.server.repository.dao.SaasPgroupPermissionRelationDao;
|
||||
import cn.axzo.tyr.server.repository.dao.SaasPgroupRoleRelationDao;
|
||||
@ -62,17 +65,22 @@ import cn.axzo.tyr.server.repository.entity.SaasFeature;
|
||||
import cn.axzo.tyr.server.repository.entity.SaasFeatureResource;
|
||||
import cn.axzo.tyr.server.repository.entity.SaasPermissionGroup;
|
||||
import cn.axzo.tyr.server.repository.entity.SaasPgroupPermissionRelation;
|
||||
import cn.axzo.tyr.server.repository.entity.SaasPgroupPermissionRelationOperateLog;
|
||||
import cn.axzo.tyr.server.repository.entity.SaasPgroupRoleRelation;
|
||||
import cn.axzo.tyr.server.repository.entity.SaasRole;
|
||||
import cn.axzo.tyr.server.repository.entity.SaasRoleGroup;
|
||||
import cn.axzo.tyr.server.repository.entity.SaasRoleGroupRelation;
|
||||
import cn.axzo.tyr.server.repository.entity.SaasRoleUserRelation;
|
||||
import cn.axzo.tyr.server.repository.entity.SaasRoleWithUser;
|
||||
import cn.axzo.tyr.server.model.*;
|
||||
import cn.axzo.tyr.server.repository.dao.*;
|
||||
import cn.axzo.tyr.server.repository.entity.*;
|
||||
import cn.axzo.tyr.server.repository.mapper.SaasRoleMapper;
|
||||
import cn.axzo.tyr.server.service.*;
|
||||
import cn.axzo.tyr.server.service.PermissionGroupService;
|
||||
import cn.axzo.tyr.server.service.RoleService;
|
||||
import cn.axzo.tyr.server.service.SaasFeatureResourceService;
|
||||
import cn.axzo.tyr.server.service.SaasPgroupPermissionRelationOperateLogService;
|
||||
import cn.axzo.tyr.server.service.SaasPgroupPermissionRelationService;
|
||||
import cn.axzo.tyr.server.service.SaasRoleGroupRelationService;
|
||||
import cn.axzo.tyr.server.service.SaasRoleGroupService;
|
||||
import cn.axzo.tyr.server.service.SaasRoleUserRelationService;
|
||||
import cn.axzo.tyr.server.util.RpcInternalUtil;
|
||||
import cn.azxo.framework.common.constatns.Constants;
|
||||
import cn.hutool.core.bean.BeanUtil;
|
||||
@ -355,6 +363,71 @@ public class RoleServiceImpl extends ServiceImpl<SaasRoleMapper, SaasRole>
|
||||
return result;
|
||||
}
|
||||
|
||||
@Override
|
||||
public List<QueryBatchByIdentityIdTypeRes> queryBatchByIdentityIdTypeV2(List<QueryByIdentityIdTypeReq> req) {
|
||||
// 一起查询,减少数据库io,原来入参过多时,接口性能很差
|
||||
List<ListRoleUserRelationParam.BatchPerson> batchPersons = req.stream()
|
||||
.distinct()
|
||||
.map(e -> {
|
||||
ListRoleUserRelationParam.BatchPerson batchPerson = ListRoleUserRelationParam.BatchPerson.builder().build();
|
||||
BeanUtils.copyProperties(e, batchPerson);
|
||||
return batchPerson;
|
||||
})
|
||||
.collect(Collectors.toList());
|
||||
List<SaasRoleUserV2DTO> saasRoleUsers = saasRoleUserRelationService.listV2(ListRoleUserRelationParam.builder()
|
||||
.batchPersons(batchPersons)
|
||||
.build());
|
||||
|
||||
List<Long> allRoleIds = saasRoleUsers.stream()
|
||||
.map(SaasRoleUserV2DTO::getRoleId)
|
||||
.distinct()
|
||||
.collect(Collectors.toList());
|
||||
|
||||
// 这里使用原来代码的查询角色信息的接口,因为接口返回的对象使用的这个接口返回对象
|
||||
Map<Long, SaasRoleVO> saasRoles = getByIds(allRoleIds, null, null, null, false, null)
|
||||
.stream()
|
||||
.collect(Collectors.toMap(SaasRoleVO::getId, Function.identity()));
|
||||
|
||||
return batchPersons.stream()
|
||||
.map(e -> {
|
||||
QueryBatchByIdentityIdTypeRes result = QueryBatchByIdentityIdTypeRes.builder().build();
|
||||
BeanUtils.copyProperties(e, result);
|
||||
// 原代码是入参有personId就使用personId查询,不能同时使用personId和identityId、identityType
|
||||
// 因为入参workspaceId和ouId不一定都有,所以不好转成map去取,只能遍历,数据量不大,所以还好
|
||||
Set<Long> roleIds = saasRoleUsers.stream()
|
||||
.filter(role -> {
|
||||
if (Objects.nonNull(e.getIdentityType()) && !Objects.equals(e.getIdentityType(), role.getSaasRoleUser().getIdentityType())) {
|
||||
return false;
|
||||
}
|
||||
|
||||
if (Objects.nonNull(e.getIdentityId()) && !Objects.equals(e.getIdentityId(), role.getSaasRoleUser().getIdentityId())) {
|
||||
return false;
|
||||
}
|
||||
|
||||
if (Objects.nonNull(e.getPersonId()) && !Objects.equals(e.getPersonId(), role.getSaasRoleUser().getPersonId())) {
|
||||
return false;
|
||||
}
|
||||
|
||||
if (Objects.nonNull(e.getWorkspaceId()) && !Objects.equals(e.getWorkspaceId(), role.getSaasRoleUser().getWorkspaceId())) {
|
||||
return false;
|
||||
}
|
||||
|
||||
if (Objects.nonNull(e.getOuId()) && !Objects.equals(e.getOuId(), role.getSaasRoleUser().getOuId())) {
|
||||
return false;
|
||||
}
|
||||
return true;
|
||||
})
|
||||
.map(SaasRoleUserV2DTO::getRoleId)
|
||||
.collect(Collectors.toSet());
|
||||
|
||||
if (CollectionUtils.isNotEmpty(roleIds)) {
|
||||
result.setRole(roleIds.stream().map(saasRoles::get).filter(Objects::nonNull).collect(Collectors.toList()));
|
||||
}
|
||||
return result;
|
||||
})
|
||||
.collect(Collectors.toList());
|
||||
}
|
||||
|
||||
@Override
|
||||
@Transactional(rollbackFor = Exception.class)
|
||||
public Long saveOrUpdate(SaveOrUpdateRoleVO saveOrUpdateRole) {
|
||||
|
||||
@ -17,6 +17,7 @@ import cn.axzo.tyr.client.common.enums.FeatureResourceType;
|
||||
import cn.axzo.tyr.client.common.enums.PageElementFeatureResourceRelationTypeEnum;
|
||||
import cn.axzo.tyr.client.model.enums.DelegatedType;
|
||||
import cn.axzo.tyr.client.model.req.DeleteFeatureResourceReq;
|
||||
import cn.axzo.tyr.client.model.req.DetailFeatureResourceReq;
|
||||
import cn.axzo.tyr.client.model.req.FeatureComponentSaveReq;
|
||||
import cn.axzo.tyr.client.model.req.FeatureResourceTreeSaveReq;
|
||||
import cn.axzo.tyr.client.model.req.GetFeatureResourceTreeReq;
|
||||
@ -30,6 +31,7 @@ import cn.axzo.tyr.client.model.res.FeatureResourceTreeNode;
|
||||
import cn.axzo.tyr.client.model.res.PageElementBasicDTO;
|
||||
import cn.axzo.tyr.client.model.res.PageElementResp;
|
||||
import cn.axzo.tyr.client.model.res.SaasFeatureResourceResp;
|
||||
import cn.axzo.tyr.client.model.res.SaasRoleRes;
|
||||
import cn.axzo.tyr.server.common.util.Throws;
|
||||
import cn.axzo.tyr.server.config.MqProducer;
|
||||
import cn.axzo.tyr.server.event.payload.SaasFeatureResourceUpsertPayload;
|
||||
@ -38,11 +40,14 @@ import cn.axzo.tyr.server.model.ResourcePermissionQueryDTO;
|
||||
import cn.axzo.tyr.server.model.convert.SaasFeatureResourceConvert;
|
||||
import cn.axzo.tyr.server.repository.dao.SaasFeatureDao;
|
||||
import cn.axzo.tyr.server.repository.dao.SaasFeatureResourceDao;
|
||||
import cn.axzo.tyr.server.repository.dao.SaasPgroupRoleRelationDao;
|
||||
import cn.axzo.tyr.server.repository.entity.SaasFeature;
|
||||
import cn.axzo.tyr.server.repository.entity.SaasFeatureResource;
|
||||
import cn.axzo.tyr.server.repository.entity.SaasPageElementFeatureResourceRelation;
|
||||
import cn.axzo.tyr.server.repository.entity.SaasPgroupPermissionRelation;
|
||||
import cn.axzo.tyr.server.repository.entity.SaasPgroupRoleRelation;
|
||||
import cn.axzo.tyr.server.repository.mapper.SaasFeatureResourceMapper;
|
||||
import cn.axzo.tyr.server.service.RoleService;
|
||||
import cn.axzo.tyr.server.service.SaasFeatureResourceService;
|
||||
import cn.axzo.tyr.server.service.SaasPageElementFeatureResourceRelationService;
|
||||
import cn.axzo.tyr.server.service.SaasPageElementService;
|
||||
@ -50,6 +55,7 @@ import cn.axzo.tyr.server.service.SaasPgroupPermissionRelationService;
|
||||
import cn.azxo.framework.common.utils.StringUtils;
|
||||
import cn.hutool.core.collection.CollectionUtil;
|
||||
import cn.hutool.core.lang.Assert;
|
||||
import cn.hutool.core.lang.Pair;
|
||||
import cn.hutool.core.util.ObjectUtil;
|
||||
import com.baomidou.mybatisplus.core.conditions.query.QueryWrapper;
|
||||
import com.baomidou.mybatisplus.core.metadata.IPage;
|
||||
@ -112,6 +118,8 @@ public class SaasFeatureResourceServiceImpl extends ServiceImpl<SaasFeatureResou
|
||||
private final SaasPageElementFeatureResourceRelationService saasPageElementFeatureResourceRelationService;
|
||||
private final MqProducer mqProducer;
|
||||
private final SaasFeatureDao saasFeatureDao;
|
||||
private final SaasPgroupRoleRelationDao saasPgroupRoleRelationDao;
|
||||
private final RoleService roleService;
|
||||
|
||||
private static final String TARGET_TYPE = "saasFeatureResourceId";
|
||||
/**
|
||||
@ -238,18 +246,77 @@ public class SaasFeatureResourceServiceImpl extends ServiceImpl<SaasFeatureResou
|
||||
return Objects.equals(e.getWorkspaceType(), req.getWorkspaceType());
|
||||
}
|
||||
|
||||
|
||||
private Map<Long, List<SaasRoleRes>> listRoles(DetailFeatureResourceReq detailFeatureResourceReq,
|
||||
List<SaasFeatureResource> descendants) {
|
||||
if (CollectionUtils.isEmpty(descendants) || BooleanUtils.isNotTrue(detailFeatureResourceReq.getNeedRole())) {
|
||||
return Collections.emptyMap();
|
||||
}
|
||||
|
||||
List<SaasPgroupPermissionRelation> relations = saasPgroupPermissionRelationService.list(PagePgroupPermissionRelationReq.builder()
|
||||
.featureIds(Lists.transform(descendants, SaasFeatureResource::getId))
|
||||
.build());
|
||||
if (CollectionUtils.isEmpty(relations)) {
|
||||
return Collections.emptyMap();
|
||||
}
|
||||
|
||||
List<Long> groupIds = Lists.transform(relations, SaasPgroupPermissionRelation::getGroupId);
|
||||
List<SaasPgroupRoleRelation> saasPgroupRoleRelations = saasPgroupRoleRelationDao.listByGroupIds(groupIds);
|
||||
|
||||
if (CollectionUtils.isEmpty(saasPgroupRoleRelations)) {
|
||||
return Collections.emptyMap();
|
||||
}
|
||||
|
||||
Map<Long, SaasRoleRes> roles = roleService.list(RoleService.ListSaasRoleParam.builder()
|
||||
.roleIds(Lists.transform(saasPgroupRoleRelations, SaasPgroupRoleRelation::getRoleId))
|
||||
.build())
|
||||
.stream()
|
||||
.collect(Collectors.toMap(SaasRoleRes::getId, Function.identity()));
|
||||
|
||||
Map<Long, List<Long>> groupRoleMap = saasPgroupRoleRelations.stream()
|
||||
.collect(Collectors.groupingBy(SaasPgroupRoleRelation::getGroupId,
|
||||
Collectors.mapping(SaasPgroupRoleRelation::getRoleId, Collectors.toList())));
|
||||
|
||||
return relations.stream()
|
||||
.map(e -> {
|
||||
List<Long> roleIds = groupRoleMap.get(e.getGroupId());
|
||||
if (CollectionUtils.isEmpty(roleIds)) {
|
||||
return null;
|
||||
}
|
||||
|
||||
return Pair.of(e.getFeatureId(), roleIds.stream()
|
||||
.map(roles::get)
|
||||
.filter(Objects::nonNull)
|
||||
.collect(Collectors.toList()));
|
||||
})
|
||||
.filter(Objects::nonNull)
|
||||
.collect(Collectors.toMap(Pair::getKey, Pair::getValue, (f, s) -> {
|
||||
f.addAll(s);
|
||||
return f;
|
||||
}));
|
||||
}
|
||||
|
||||
@Override
|
||||
public FeatureResourceTreeNode getTreeFeatureDescendant(Long featureId, Integer featureType) {
|
||||
public FeatureResourceTreeNode getTreeFeatureDescendant(DetailFeatureResourceReq param) {
|
||||
List<SaasFeatureResource> descendants = featureResourceDao.lambdaQuery()
|
||||
.eq(BaseEntity::getIsDelete,0)
|
||||
.eq(ObjectUtil.isNotNull(featureType), SaasFeatureResource::getFeatureType, featureType)
|
||||
.apply("FIND_IN_SET('" + featureId + "', path)")
|
||||
.eq(ObjectUtil.isNotNull(param.getFeatureType()), SaasFeatureResource::getFeatureType, param.getFeatureType())
|
||||
.apply("FIND_IN_SET('" + param.getFeatureId() + "', path)")
|
||||
.list();
|
||||
if (CollectionUtil.isEmpty(descendants)) {
|
||||
return null;
|
||||
}
|
||||
|
||||
Map<Long, List<SaasRoleRes>> roles = listRoles(param, descendants);
|
||||
|
||||
List<FeatureResourceTreeNode> treeList = TreeUtil.buildTree(descendants.stream()
|
||||
.map(SaasFeatureResourceConvert.INSTANCE::convert)
|
||||
.map(e -> {
|
||||
FeatureResourceTreeNode featureResourceTreeNode = SaasFeatureResourceConvert.INSTANCE.convert(e);
|
||||
featureResourceTreeNode.setRoleIds(Optional.ofNullable(roles.get(featureResourceTreeNode.getId()))
|
||||
.map(f -> f.stream().map(SaasRoleRes::getId).collect(Collectors.toSet()))
|
||||
.orElse(null));
|
||||
return featureResourceTreeNode;
|
||||
})
|
||||
.sorted(Comparator.comparing(FeatureResourceDTO::getDisplayOrder))
|
||||
.collect(Collectors.toList()));
|
||||
FeatureResourceTreeNode featureResourceTreeNode = treeList.get(0);
|
||||
@ -858,7 +925,11 @@ public class SaasFeatureResourceServiceImpl extends ServiceImpl<SaasFeatureResou
|
||||
}
|
||||
|
||||
return resolveSaasFeature(Sets.newHashSet(terminals)).stream()
|
||||
.collect(Collectors.toMap(SaasFeatureResourceDTO::getTerminal, SaasFeatureResourceDTO::getFeatures));
|
||||
.collect(Collectors.toMap(SaasFeatureResourceDTO::getTerminal, SaasFeatureResourceDTO::getFeatures,
|
||||
(f, s) -> {
|
||||
f.addAll(s);
|
||||
return f;
|
||||
}));
|
||||
}
|
||||
|
||||
private List<SaasFeatureResourceDTO> resolveSaasFeature(Set<String> terminals) {
|
||||
|
||||
@ -161,6 +161,8 @@ public class SaasRoleUserRelationServiceImpl extends ServiceImpl<SaasRoleUserRel
|
||||
}
|
||||
wrapper.in(!CollectionUtils.isEmpty(roleIds), "role_id", roleIds);
|
||||
|
||||
assembleBatchPersonWrapper(param, wrapper);
|
||||
|
||||
IPage<SaasRoleUserRelation> page = this.page(PageConverter.toMybatis(param, SaasRoleUserRelation.class), wrapper);
|
||||
|
||||
Map<Long, SaasRoleUserV2DTO.SaasRoleUser> saasRoleUsers = listSaasRoleUser(param, page.getRecords());
|
||||
@ -170,6 +172,26 @@ public class SaasRoleUserRelationServiceImpl extends ServiceImpl<SaasRoleUserRel
|
||||
return PageConverter.toResp(page, (record) -> from(record, saasRoleUsers, saasRoles));
|
||||
}
|
||||
|
||||
private void assembleBatchPersonWrapper(PageRoleUserRelationParam param,
|
||||
QueryWrapper<SaasRoleUserRelation> wrapper) {
|
||||
|
||||
if (CollectionUtils.isEmpty(param.getBatchPersons())) {
|
||||
return;
|
||||
}
|
||||
|
||||
wrapper.and(j -> {
|
||||
for (ListRoleUserRelationParam.BatchPerson batchPerson : param.getBatchPersons()) {
|
||||
j.or(k -> {
|
||||
k.eq(Objects.nonNull(batchPerson.getPersonId()), "natural_person_id", batchPerson.getPersonId());
|
||||
k.eq(Objects.nonNull(batchPerson.getIdentityId()), "identity_id", batchPerson.getIdentityId());
|
||||
k.eq(Objects.nonNull(batchPerson.getIdentityType()), "identity_type", batchPerson.getIdentityType());
|
||||
k.eq(Objects.nonNull(batchPerson.getWorkspaceId()), "workspace_id", batchPerson.getWorkspaceId());
|
||||
k.eq(Objects.nonNull(batchPerson.getOuId()), "ou_id", batchPerson.getOuId());
|
||||
});
|
||||
}
|
||||
});
|
||||
}
|
||||
|
||||
private Set<Long> resolveRoleIds(PageRoleUserRelationParam param) {
|
||||
if (CollectionUtils.isEmpty(param.getRoleCodes())) {
|
||||
return Optional.ofNullable(param.getRoleIds())
|
||||
|
||||
@ -814,7 +814,7 @@ public class TyrSaasAuthServiceImpl implements TyrSaasAuthService {
|
||||
try {
|
||||
return findIdentityAuthV2(req).getPermissions();
|
||||
} catch (Exception ex) {
|
||||
log.error("查询权限异常,执行降级处理");
|
||||
log.error("查询权限异常,执行降级处理,", ex);
|
||||
return findIdentityAuth(req).getPermissions();
|
||||
}
|
||||
}
|
||||
|
||||
Loading…
Reference in New Issue
Block a user