wangli/tyr
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

feat:(REQ-3282) 定义有权限的用户、更新用户角色的接口

Browse Source
This commit is contained in:
李龙 2024-12-16 19:34:12 +08:00
parent 0e33a0a1dc
commit 40aab97560
9 changed files with 259 additions and 43 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

9
tyr-client/src/main/java/cn/axzo/tyr/feign/api/RoleUserApi.java
View File

@ -3,6 +3,7 @@ package cn.axzo.tyr.feign.api;
import cn.axzo.foundation.page.PageResp;
import cn.axzo.foundation.result.ApiResult;
import cn.axzo.tyr.feign.req.PageRoleUserReq;
import cn.axzo.tyr.feign.req.UpsertUserRoleReq;
import cn.axzo.tyr.feign.resp.RoleUserResp;
import org.springframework.cloud.openfeign.FeignClient;
import org.springframework.validation.annotation.Validated;
@ -19,4 +20,12 @@ public interface RoleUserApi {
*/
@PostMapping("/api/role-user/page")
ApiResult<PageResp<RoleUserResp>> page(@RequestBody @Validated PageRoleUserReq req);
/**
* 更新用户角色
* @param req
* @return
*/
@PostMapping("/api/user-role/upsert")
ApiResult<Void> upsertUserRole(@RequestBody @Validated UpsertUserRoleReq req);
}

18
tyr-client/src/main/java/cn/axzo/tyr/feign/api/UserPermissionApi.java
View File

@ -1,7 +1,9 @@
package cn.axzo.tyr.feign.api;
import cn.axzo.foundation.result.ApiResult;
import cn.axzo.tyr.feign.req.ListPermissionUserReq;
import cn.axzo.tyr.feign.req.ListUserPermissionReq;
import cn.axzo.tyr.feign.resp.PermissionUserResp;
import cn.axzo.tyr.feign.resp.UserPermissionResp;
import org.springframework.cloud.openfeign.FeignClient;
import org.springframework.validation.annotation.Validated;
@ -13,6 +15,20 @@ import java.util.List;
@FeignClient(name = "tyr", url = "${axzo.service.tyr:http://tyr:8080}")
public interface UserPermissionApi {
/**
* 查询用户的权限
* @param req
* @return
*/
@PostMapping("/api/user-permission/list")
ApiResult<List<UserPermissionResp>> list(@RequestBody @Validated ListUserPermissionReq req);
ApiResult<List<UserPermissionResp>> listUserPermission(@RequestBody @Validated ListUserPermissionReq req);
/**
* 查询有权限的用户
* @param req
* @return
*/
@PostMapping("/api/permission-user/list")
ApiResult<List<PermissionUserResp>> listPermissionUser(@RequestBody @Validated ListPermissionUserReq req);
}

59
tyr-client/src/main/java/cn/axzo/tyr/feign/req/ListPermissionUserReq.java Normal file
View File

@ -0,0 +1,59 @@
package cn.axzo.tyr.feign.req;
import cn.axzo.tyr.feign.enums.RolePermissionTagEnum;
import lombok.AllArgsConstructor;
import lombok.Builder;
import lombok.Data;
import lombok.NoArgsConstructor;
import javax.validation.Valid;
import javax.validation.constraints.NotBlank;
import javax.validation.constraints.NotEmpty;
import javax.validation.constraints.NotNull;
import java.util.Set;
@Data
@Builder
@NoArgsConstructor
@AllArgsConstructor
public class ListPermissionUserReq {
@Valid
@NotEmpty(message = "permissionUsers不能为空")
private Set<PermissionUserReq> permissionUsers;
@Data
@Builder
@NoArgsConstructor
@AllArgsConstructor
public static class PermissionUserReq {
/**
* 权限码
*/
@NotBlank(message = "featureCode不能为空")
private String featureCode;
/**
* 单位id
*/
@NotNull(message = "ouId不能为空")
private Long ouId;
/**
* 项目Id
*/
@NotNull(message = "workspaceId不能为空")
private Long workspaceId;
/**
* 指定端的权限
*/
private String terminal;
/**
* 指定权限标签
*/
private Set<RolePermissionTagEnum> tags;
}
}

81
tyr-client/src/main/java/cn/axzo/tyr/feign/req/UpsertUserRoleReq.java Normal file
View File

@ -0,0 +1,81 @@
package cn.axzo.tyr.feign.req;
import cn.axzo.tyr.feign.enums.IdentityTypeEnum;
import lombok.AllArgsConstructor;
import lombok.Builder;
import lombok.Data;
import lombok.NoArgsConstructor;
import javax.validation.Valid;
import javax.validation.constraints.NotEmpty;
import javax.validation.constraints.NotNull;
import java.util.Set;
@Data
@Builder
@NoArgsConstructor
@AllArgsConstructor
public class UpsertUserRoleReq {
@Valid
@NotEmpty(message = "userRoles不能为空")
private Set<UserRoleReq> userRoles;
/**
* 操作人personId
*/
@NotNull(message = "operatorId不能为空")
private Long operatorId;
@Data
@Builder
@NoArgsConstructor
@AllArgsConstructor
public static class UserRoleReq {
@NotNull(message = "workspaceId不能为空")
private Long workspaceId;
@NotNull(message = "ouId不能为空")
private Long ouId;
@NotNull(message = "identityId不能为空")
private Long identityId;
@NotNull(message = "identityType不能为空")
private IdentityTypeEnum identityType;
@NotNull(message = "personId不能为空")
private Long personId;
/**
* 增量新增的角色id
*/
private Set<Long> insertRoleIds;
/**
* 增量新增的角色code
*/
private Set<String> insertRoleCodes;
/**
* 全量新增的角色id
*/
private Set<Long> fullRoleIds;
/**
* 全量新增的角色code
*/
private Set<String> fullRoleCodes;
/**
* 删除用户的角色id
*/
private Set<Long> removeRoleIds;
/**
* 删除用户的角色code
*/
private Set<String> removeRoleCodes;
}
}

36
tyr-client/src/main/java/cn/axzo/tyr/feign/resp/PermissionUserResp.java Normal file
View File

@ -0,0 +1,36 @@
package cn.axzo.tyr.feign.resp;
import lombok.AllArgsConstructor;
import lombok.Builder;
import lombok.Data;
import lombok.NoArgsConstructor;
import java.util.Set;
@Data
@Builder
@NoArgsConstructor
@AllArgsConstructor
public class PermissionUserResp {
private Long ouId;
private Long workspaceId;
private Set<User> users;
@Data
@Builder
@AllArgsConstructor
@NoArgsConstructor
public static class User {
private Long identityId;
private Integer identityType;
private Long personId;
private boolean isSuperAdmin;
}
}

6
tyr-server/src/main/java/cn/axzo/tyr/server/controller/v2/RoleUserV2Controller.java
View File

@ -7,6 +7,7 @@ import cn.axzo.tyr.client.model.roleuser.dto.SaasRoleUserV2DTO;
import cn.axzo.tyr.client.model.roleuser.req.PageRoleUserRelationParam;
import cn.axzo.tyr.feign.api.RoleUserApi;
import cn.axzo.tyr.feign.req.PageRoleUserReq;
import cn.axzo.tyr.feign.req.UpsertUserRoleReq;
import cn.axzo.tyr.feign.resp.FeatureResourceRelationResp;
import cn.axzo.tyr.feign.resp.RoleFeatureResourceResp;
import cn.axzo.tyr.feign.resp.RoleResp;
@ -49,6 +50,11 @@ public class RoleUserV2Controller implements RoleUserApi {
.build());
}
@Override
public ApiResult<Void> upsertUserRole(UpsertUserRoleReq req) {
return null;
}
private PageRoleUserRelationParam from(PageRoleUserReq req) {
PageRoleUserRelationParam result = JSON.parseObject(JSON.toJSONString(req),
PageRoleUserRelationParam.class);

9
tyr-server/src/main/java/cn/axzo/tyr/server/controller/v2/UserPermissionController.java
View File

@ -6,7 +6,9 @@ import cn.axzo.tyr.client.model.enums.IdentityType;
import cn.axzo.tyr.client.model.roleuser.dto.SaasRoleUserV2DTO;
import cn.axzo.tyr.client.model.roleuser.req.ListRoleUserRelationParam;
import cn.axzo.tyr.feign.api.UserPermissionApi;
import cn.axzo.tyr.feign.req.ListPermissionUserReq;
import cn.axzo.tyr.feign.req.ListUserPermissionReq;
import cn.axzo.tyr.feign.resp.PermissionUserResp;
import cn.axzo.tyr.feign.resp.UserPermissionResp;
import cn.axzo.tyr.server.service.PermissionService;
import cn.axzo.tyr.server.service.SaasRoleUserRelationService;
@ -31,7 +33,7 @@ public class UserPermissionController implements UserPermissionApi {
private SaasRoleUserRelationService saasRoleUserRelationService;
@Override
public ApiResult<List<UserPermissionResp>> list(ListUserPermissionReq req) {
public ApiResult<List<UserPermissionResp>> listUserPermission(ListUserPermissionReq req) {
check(req);
@ -41,6 +43,11 @@ public class UserPermissionController implements UserPermissionApi {
return null;
}
@Override
public ApiResult<List<PermissionUserResp>> listPermissionUser(ListPermissionUserReq req) {
return null;
}
private void check(ListUserPermissionReq req) {
Axssert.check(Objects.nonNull(req.getPersonId()) || Objects.nonNull(req.getIdentityId()),

82
tyr-server/src/main/java/cn/axzo/tyr/server/service/impl/PermissionServiceImpl.java
View File

@ -87,7 +87,7 @@ public class PermissionServiceImpl implements PermissionService {
Set<PermissionResp> adminRolePermission = resolveAdminRolePermission(workspacePermissions, user);
// 用户普通角色的权限
return null;
})
.filter(Objects::nonNull)
.collect(Collectors.toList());
@ -181,46 +181,48 @@ public class PermissionServiceImpl implements PermissionService {
return Collections.emptySet();
}
return normalRoles.stream()
.map(role -> {
return Collections.emptySet();
Set<String> rolePermissionFeatureCodes = Optional.ofNullable(rolePermissionMap.get(role.getId()))
.map(e -> e.stream()
.filter(Objects::nonNull)
.filter(rolePermission -> {
if (CollectionUtils.isEmpty(workspaceOuPair.getTags()) || CollectionUtils.isEmpty(rolePermission.getTags())) {
return true;
}
if (Sets.intersection(workspaceOuPair.getTags(), rolePermission.getTags()).isEmpty()) {
return false;
}
return true;
})
.map(RolePermissionCacheService.PermissionDTO::getFeatureCode)
.collect(Collectors.toSet()))
.orElseGet(Sets::newHashSet);
if (CollectionUtils.isEmpty(rolePermissionFeatureCodes)) {
return null;
}
return productPermissions.stream()
.filter(productPermission -> Objects.equals(productPermission.getCooperateType(), String.valueOf(role.getProductUnitType())))
.filter(productPermission -> rolePermissionFeatureCodes.contains(productPermission.getFeatureCode()))
.map(e -> IdentityAuthRes.PermissionPoint.builder()
.featureCode(e.getFeatureCode())
.featureId(e.getFeatureId())
.terminal(e.getTerminal())
.featureType(e.getFeatureType())
.build())
.collect(Collectors.toSet());
})
.filter(Objects::nonNull)
.flatMap(Collection::stream)
.collect(Collectors.toSet());
// return normalRoles.stream()
// .map(role -> {
//
// Set<String> rolePermissionFeatureCodes = Optional.ofNullable(rolePermissionMap.get(role.getId()))
// .map(e -> e.stream()
// .filter(Objects::nonNull)
// .filter(rolePermission -> {
// if (CollectionUtils.isEmpty(workspaceOuPair.getTags()) || CollectionUtils.isEmpty(rolePermission.getTags())) {
// return true;
// }
//
// if (Sets.intersection(workspaceOuPair.getTags(), rolePermission.getTags()).isEmpty()) {
// return false;
// }
//
// return true;
// })
// .map(RolePermissionCacheService.PermissionDTO::getFeatureCode)
// .collect(Collectors.toSet()))
// .orElseGet(Sets::newHashSet);
//
// if (CollectionUtils.isEmpty(rolePermissionFeatureCodes)) {
// return null;
// }
//
// return productPermissions.stream()
// .filter(productPermission -> Objects.equals(productPermission.getCooperateType(), String.valueOf(role.getProductUnitType())))
// .filter(productPermission -> rolePermissionFeatureCodes.contains(productPermission.getFeatureCode()))
// .map(e -> IdentityAuthRes.PermissionPoint.builder()
// .featureCode(e.getFeatureCode())
// .featureId(e.getFeatureId())
// .terminal(e.getTerminal())
// .featureType(e.getFeatureType())
// .build())
// .collect(Collectors.toSet());
//
// })
// .filter(Objects::nonNull)
// .flatMap(Collection::stream)
// .collect(Collectors.toSet());
}
private Map<Long, List<RolePermissionCacheService.PermissionDTO>> listRolePermission(ListUserPermissionParam param) {

2
tyr-server/src/main/java/cn/axzo/tyr/server/service/impl/SaasRoleUserRelationServiceImpl.java
View File

@ -681,6 +681,6 @@ public class SaasRoleUserRelationServiceImpl extends ServiceImpl<SaasRoleUserRel
return Collections.emptyMap();
}
return Collections.emptyMap();
}
}