diff --git a/tyr-client/src/main/java/cn/axzo/tyr/feign/api/RoleUserApi.java b/tyr-client/src/main/java/cn/axzo/tyr/feign/api/RoleUserApi.java index 5fba10f1..dc32bc6e 100644 --- a/tyr-client/src/main/java/cn/axzo/tyr/feign/api/RoleUserApi.java +++ b/tyr-client/src/main/java/cn/axzo/tyr/feign/api/RoleUserApi.java @@ -3,6 +3,7 @@ package cn.axzo.tyr.feign.api; import cn.axzo.foundation.page.PageResp; import cn.axzo.foundation.result.ApiResult; import cn.axzo.tyr.feign.req.PageRoleUserReq; +import cn.axzo.tyr.feign.req.UpsertUserRoleReq; import cn.axzo.tyr.feign.resp.RoleUserResp; import org.springframework.cloud.openfeign.FeignClient; import org.springframework.validation.annotation.Validated; @@ -19,4 +20,12 @@ public interface RoleUserApi { */ @PostMapping("/api/role-user/page") ApiResult> page(@RequestBody @Validated PageRoleUserReq req); + + /** + * 更新用户角色 + * @param req + * @return + */ + @PostMapping("/api/user-role/upsert") + ApiResult upsertUserRole(@RequestBody @Validated UpsertUserRoleReq req); } diff --git a/tyr-client/src/main/java/cn/axzo/tyr/feign/api/UserPermissionApi.java b/tyr-client/src/main/java/cn/axzo/tyr/feign/api/UserPermissionApi.java index 55182d70..c6f29ebb 100644 --- a/tyr-client/src/main/java/cn/axzo/tyr/feign/api/UserPermissionApi.java +++ b/tyr-client/src/main/java/cn/axzo/tyr/feign/api/UserPermissionApi.java @@ -1,7 +1,9 @@ package cn.axzo.tyr.feign.api; import cn.axzo.foundation.result.ApiResult; +import cn.axzo.tyr.feign.req.ListPermissionUserReq; import cn.axzo.tyr.feign.req.ListUserPermissionReq; +import cn.axzo.tyr.feign.resp.PermissionUserResp; import cn.axzo.tyr.feign.resp.UserPermissionResp; import org.springframework.cloud.openfeign.FeignClient; import org.springframework.validation.annotation.Validated; @@ -13,6 +15,20 @@ import java.util.List; @FeignClient(name = "tyr", url = "${axzo.service.tyr:http://tyr:8080}") public interface UserPermissionApi { + /** + * 查询用户的权限 + * @param req + * @return + */ @PostMapping("/api/user-permission/list") - ApiResult> list(@RequestBody @Validated ListUserPermissionReq req); + ApiResult> listUserPermission(@RequestBody @Validated ListUserPermissionReq req); + + /** + * 查询有权限的用户 + * @param req + * @return + */ + @PostMapping("/api/permission-user/list") + ApiResult> listPermissionUser(@RequestBody @Validated ListPermissionUserReq req); + } diff --git a/tyr-client/src/main/java/cn/axzo/tyr/feign/req/ListPermissionUserReq.java b/tyr-client/src/main/java/cn/axzo/tyr/feign/req/ListPermissionUserReq.java new file mode 100644 index 00000000..8ab7a860 --- /dev/null +++ b/tyr-client/src/main/java/cn/axzo/tyr/feign/req/ListPermissionUserReq.java @@ -0,0 +1,59 @@ +package cn.axzo.tyr.feign.req; + +import cn.axzo.tyr.feign.enums.RolePermissionTagEnum; +import lombok.AllArgsConstructor; +import lombok.Builder; +import lombok.Data; +import lombok.NoArgsConstructor; + +import javax.validation.Valid; +import javax.validation.constraints.NotBlank; +import javax.validation.constraints.NotEmpty; +import javax.validation.constraints.NotNull; +import java.util.Set; + +@Data +@Builder +@NoArgsConstructor +@AllArgsConstructor +public class ListPermissionUserReq { + + @Valid + @NotEmpty(message = "permissionUsers不能为空") + private Set permissionUsers; + + @Data + @Builder + @NoArgsConstructor + @AllArgsConstructor + public static class PermissionUserReq { + /** + * 权限码 + */ + + @NotBlank(message = "featureCode不能为空") + private String featureCode; + + /** + * 单位id + */ + @NotNull(message = "ouId不能为空") + private Long ouId; + + /** + * 项目Id + */ + @NotNull(message = "workspaceId不能为空") + private Long workspaceId; + + /** + * 指定端的权限 + */ + private String terminal; + + /** + * 指定权限标签 + */ + private Set tags; + } +} diff --git a/tyr-client/src/main/java/cn/axzo/tyr/feign/req/UpsertUserRoleReq.java b/tyr-client/src/main/java/cn/axzo/tyr/feign/req/UpsertUserRoleReq.java new file mode 100644 index 00000000..8cf0aa5a --- /dev/null +++ b/tyr-client/src/main/java/cn/axzo/tyr/feign/req/UpsertUserRoleReq.java @@ -0,0 +1,81 @@ +package cn.axzo.tyr.feign.req; + +import cn.axzo.tyr.feign.enums.IdentityTypeEnum; +import lombok.AllArgsConstructor; +import lombok.Builder; +import lombok.Data; +import lombok.NoArgsConstructor; + +import javax.validation.Valid; +import javax.validation.constraints.NotEmpty; +import javax.validation.constraints.NotNull; +import java.util.Set; + +@Data +@Builder +@NoArgsConstructor +@AllArgsConstructor +public class UpsertUserRoleReq { + + @Valid + @NotEmpty(message = "userRoles不能为空") + private Set userRoles; + + /** + * 操作人personId + */ + @NotNull(message = "operatorId不能为空") + private Long operatorId; + + @Data + @Builder + @NoArgsConstructor + @AllArgsConstructor + public static class UserRoleReq { + + @NotNull(message = "workspaceId不能为空") + private Long workspaceId; + + @NotNull(message = "ouId不能为空") + private Long ouId; + + @NotNull(message = "identityId不能为空") + private Long identityId; + + @NotNull(message = "identityType不能为空") + private IdentityTypeEnum identityType; + + @NotNull(message = "personId不能为空") + private Long personId; + + /** + * 增量新增的角色id + */ + private Set insertRoleIds; + + /** + * 增量新增的角色code + */ + private Set insertRoleCodes; + + /** + * 全量新增的角色id + */ + private Set fullRoleIds; + + /** + * 全量新增的角色code + */ + private Set fullRoleCodes; + + /** + * 删除用户的角色id + */ + private Set removeRoleIds; + + /** + * 删除用户的角色code + */ + private Set removeRoleCodes; + } +} diff --git a/tyr-client/src/main/java/cn/axzo/tyr/feign/resp/PermissionUserResp.java b/tyr-client/src/main/java/cn/axzo/tyr/feign/resp/PermissionUserResp.java new file mode 100644 index 00000000..14e8879e --- /dev/null +++ b/tyr-client/src/main/java/cn/axzo/tyr/feign/resp/PermissionUserResp.java @@ -0,0 +1,36 @@ +package cn.axzo.tyr.feign.resp; + +import lombok.AllArgsConstructor; +import lombok.Builder; +import lombok.Data; +import lombok.NoArgsConstructor; + +import java.util.Set; + +@Data +@Builder +@NoArgsConstructor +@AllArgsConstructor +public class PermissionUserResp { + + private Long ouId; + + private Long workspaceId; + + private Set users; + + @Data + @Builder + @AllArgsConstructor + @NoArgsConstructor + public static class User { + + private Long identityId; + + private Integer identityType; + + private Long personId; + + private boolean isSuperAdmin; + } +} diff --git a/tyr-server/src/main/java/cn/axzo/tyr/server/controller/v2/RoleUserV2Controller.java b/tyr-server/src/main/java/cn/axzo/tyr/server/controller/v2/RoleUserV2Controller.java index 1f88aec4..f04cad6e 100644 --- a/tyr-server/src/main/java/cn/axzo/tyr/server/controller/v2/RoleUserV2Controller.java +++ b/tyr-server/src/main/java/cn/axzo/tyr/server/controller/v2/RoleUserV2Controller.java @@ -7,6 +7,7 @@ import cn.axzo.tyr.client.model.roleuser.dto.SaasRoleUserV2DTO; import cn.axzo.tyr.client.model.roleuser.req.PageRoleUserRelationParam; import cn.axzo.tyr.feign.api.RoleUserApi; import cn.axzo.tyr.feign.req.PageRoleUserReq; +import cn.axzo.tyr.feign.req.UpsertUserRoleReq; import cn.axzo.tyr.feign.resp.FeatureResourceRelationResp; import cn.axzo.tyr.feign.resp.RoleFeatureResourceResp; import cn.axzo.tyr.feign.resp.RoleResp; @@ -49,6 +50,11 @@ public class RoleUserV2Controller implements RoleUserApi { .build()); } + @Override + public ApiResult upsertUserRole(UpsertUserRoleReq req) { + return null; + } + private PageRoleUserRelationParam from(PageRoleUserReq req) { PageRoleUserRelationParam result = JSON.parseObject(JSON.toJSONString(req), PageRoleUserRelationParam.class); diff --git a/tyr-server/src/main/java/cn/axzo/tyr/server/controller/v2/UserPermissionController.java b/tyr-server/src/main/java/cn/axzo/tyr/server/controller/v2/UserPermissionController.java index d157ff23..7ba22e5c 100644 --- a/tyr-server/src/main/java/cn/axzo/tyr/server/controller/v2/UserPermissionController.java +++ b/tyr-server/src/main/java/cn/axzo/tyr/server/controller/v2/UserPermissionController.java @@ -6,7 +6,9 @@ import cn.axzo.tyr.client.model.enums.IdentityType; import cn.axzo.tyr.client.model.roleuser.dto.SaasRoleUserV2DTO; import cn.axzo.tyr.client.model.roleuser.req.ListRoleUserRelationParam; import cn.axzo.tyr.feign.api.UserPermissionApi; +import cn.axzo.tyr.feign.req.ListPermissionUserReq; import cn.axzo.tyr.feign.req.ListUserPermissionReq; +import cn.axzo.tyr.feign.resp.PermissionUserResp; import cn.axzo.tyr.feign.resp.UserPermissionResp; import cn.axzo.tyr.server.service.PermissionService; import cn.axzo.tyr.server.service.SaasRoleUserRelationService; @@ -31,7 +33,7 @@ public class UserPermissionController implements UserPermissionApi { private SaasRoleUserRelationService saasRoleUserRelationService; @Override - public ApiResult> list(ListUserPermissionReq req) { + public ApiResult> listUserPermission(ListUserPermissionReq req) { check(req); @@ -41,6 +43,11 @@ public class UserPermissionController implements UserPermissionApi { return null; } + @Override + public ApiResult> listPermissionUser(ListPermissionUserReq req) { + return null; + } + private void check(ListUserPermissionReq req) { Axssert.check(Objects.nonNull(req.getPersonId()) || Objects.nonNull(req.getIdentityId()), diff --git a/tyr-server/src/main/java/cn/axzo/tyr/server/service/impl/PermissionServiceImpl.java b/tyr-server/src/main/java/cn/axzo/tyr/server/service/impl/PermissionServiceImpl.java index 10521607..25db16c3 100644 --- a/tyr-server/src/main/java/cn/axzo/tyr/server/service/impl/PermissionServiceImpl.java +++ b/tyr-server/src/main/java/cn/axzo/tyr/server/service/impl/PermissionServiceImpl.java @@ -87,7 +87,7 @@ public class PermissionServiceImpl implements PermissionService { Set adminRolePermission = resolveAdminRolePermission(workspacePermissions, user); // 用户普通角色的权限 - + return null; }) .filter(Objects::nonNull) .collect(Collectors.toList()); @@ -181,46 +181,48 @@ public class PermissionServiceImpl implements PermissionService { return Collections.emptySet(); } - return normalRoles.stream() - .map(role -> { + return Collections.emptySet(); - Set rolePermissionFeatureCodes = Optional.ofNullable(rolePermissionMap.get(role.getId())) - .map(e -> e.stream() - .filter(Objects::nonNull) - .filter(rolePermission -> { - if (CollectionUtils.isEmpty(workspaceOuPair.getTags()) || CollectionUtils.isEmpty(rolePermission.getTags())) { - return true; - } - - if (Sets.intersection(workspaceOuPair.getTags(), rolePermission.getTags()).isEmpty()) { - return false; - } - - return true; - }) - .map(RolePermissionCacheService.PermissionDTO::getFeatureCode) - .collect(Collectors.toSet())) - .orElseGet(Sets::newHashSet); - - if (CollectionUtils.isEmpty(rolePermissionFeatureCodes)) { - return null; - } - - return productPermissions.stream() - .filter(productPermission -> Objects.equals(productPermission.getCooperateType(), String.valueOf(role.getProductUnitType()))) - .filter(productPermission -> rolePermissionFeatureCodes.contains(productPermission.getFeatureCode())) - .map(e -> IdentityAuthRes.PermissionPoint.builder() - .featureCode(e.getFeatureCode()) - .featureId(e.getFeatureId()) - .terminal(e.getTerminal()) - .featureType(e.getFeatureType()) - .build()) - .collect(Collectors.toSet()); - - }) - .filter(Objects::nonNull) - .flatMap(Collection::stream) - .collect(Collectors.toSet()); +// return normalRoles.stream() +// .map(role -> { +// +// Set rolePermissionFeatureCodes = Optional.ofNullable(rolePermissionMap.get(role.getId())) +// .map(e -> e.stream() +// .filter(Objects::nonNull) +// .filter(rolePermission -> { +// if (CollectionUtils.isEmpty(workspaceOuPair.getTags()) || CollectionUtils.isEmpty(rolePermission.getTags())) { +// return true; +// } +// +// if (Sets.intersection(workspaceOuPair.getTags(), rolePermission.getTags()).isEmpty()) { +// return false; +// } +// +// return true; +// }) +// .map(RolePermissionCacheService.PermissionDTO::getFeatureCode) +// .collect(Collectors.toSet())) +// .orElseGet(Sets::newHashSet); +// +// if (CollectionUtils.isEmpty(rolePermissionFeatureCodes)) { +// return null; +// } +// +// return productPermissions.stream() +// .filter(productPermission -> Objects.equals(productPermission.getCooperateType(), String.valueOf(role.getProductUnitType()))) +// .filter(productPermission -> rolePermissionFeatureCodes.contains(productPermission.getFeatureCode())) +// .map(e -> IdentityAuthRes.PermissionPoint.builder() +// .featureCode(e.getFeatureCode()) +// .featureId(e.getFeatureId()) +// .terminal(e.getTerminal()) +// .featureType(e.getFeatureType()) +// .build()) +// .collect(Collectors.toSet()); +// +// }) +// .filter(Objects::nonNull) +// .flatMap(Collection::stream) +// .collect(Collectors.toSet()); } private Map> listRolePermission(ListUserPermissionParam param) { diff --git a/tyr-server/src/main/java/cn/axzo/tyr/server/service/impl/SaasRoleUserRelationServiceImpl.java b/tyr-server/src/main/java/cn/axzo/tyr/server/service/impl/SaasRoleUserRelationServiceImpl.java index ed56cda8..abb0ac76 100644 --- a/tyr-server/src/main/java/cn/axzo/tyr/server/service/impl/SaasRoleUserRelationServiceImpl.java +++ b/tyr-server/src/main/java/cn/axzo/tyr/server/service/impl/SaasRoleUserRelationServiceImpl.java @@ -681,6 +681,6 @@ public class SaasRoleUserRelationServiceImpl extends ServiceImpl