feat:(REQ-3282) 定义有权限的用户、更新用户角色的接口

tyr-client/src/main/java/cn/axzo/tyr/feign/api/RoleUserApi.java

@@ -3,6 +3,7 @@ package cn.axzo.tyr.feign.api;
 import cn.axzo.foundation.page.PageResp;
 import cn.axzo.foundation.result.ApiResult;
 import cn.axzo.tyr.feign.req.PageRoleUserReq;
+import cn.axzo.tyr.feign.req.UpsertUserRoleReq;
 import cn.axzo.tyr.feign.resp.RoleUserResp;
 import org.springframework.cloud.openfeign.FeignClient;
 import org.springframework.validation.annotation.Validated;
@@ -19,4 +20,12 @@ public interface RoleUserApi {
      */
     @PostMapping("/api/role-user/page")
     ApiResult<PageResp<RoleUserResp>> page(@RequestBody @Validated PageRoleUserReq req);
+
+    /**
+     * 更新用户角色
+     * @param req
+     * @return
+     */
+    @PostMapping("/api/user-role/upsert")
+    ApiResult<Void> upsertUserRole(@RequestBody @Validated UpsertUserRoleReq req);
 }

tyr-client/src/main/java/cn/axzo/tyr/feign/api/UserPermissionApi.java

@@ -1,7 +1,9 @@
 package cn.axzo.tyr.feign.api;
 
 import cn.axzo.foundation.result.ApiResult;
+import cn.axzo.tyr.feign.req.ListPermissionUserReq;
 import cn.axzo.tyr.feign.req.ListUserPermissionReq;
+import cn.axzo.tyr.feign.resp.PermissionUserResp;
 import cn.axzo.tyr.feign.resp.UserPermissionResp;
 import org.springframework.cloud.openfeign.FeignClient;
 import org.springframework.validation.annotation.Validated;
@@ -13,6 +15,20 @@ import java.util.List;
 @FeignClient(name = "tyr", url = "${axzo.service.tyr:http://tyr:8080}")
 public interface UserPermissionApi {
 
+    /**
+     * 查询用户的权限
+     * @param req
+     * @return
+     */
     @PostMapping("/api/user-permission/list")
-    ApiResult<List<UserPermissionResp>> list(@RequestBody @Validated ListUserPermissionReq req);
+    ApiResult<List<UserPermissionResp>> listUserPermission(@RequestBody @Validated ListUserPermissionReq req);
+
+    /**
+     * 查询有权限的用户
+     * @param req
+     * @return
+     */
+    @PostMapping("/api/permission-user/list")
+    ApiResult<List<PermissionUserResp>> listPermissionUser(@RequestBody @Validated ListPermissionUserReq req);
+
 }

tyr-client/src/main/java/cn/axzo/tyr/feign/req/ListPermissionUserReq.java

@@ -0,0 +1,59 @@
+package cn.axzo.tyr.feign.req;
+
+import cn.axzo.tyr.feign.enums.RolePermissionTagEnum;
+import lombok.AllArgsConstructor;
+import lombok.Builder;
+import lombok.Data;
+import lombok.NoArgsConstructor;
+
+import javax.validation.Valid;
+import javax.validation.constraints.NotBlank;
+import javax.validation.constraints.NotEmpty;
+import javax.validation.constraints.NotNull;
+import java.util.Set;
+
+@Data
+@Builder
+@NoArgsConstructor
+@AllArgsConstructor
+public class ListPermissionUserReq {
+
+    @Valid
+    @NotEmpty(message = "permissionUsers不能为空")
+    private Set<PermissionUserReq> permissionUsers;
+
+    @Data
+    @Builder
+    @NoArgsConstructor
+    @AllArgsConstructor
+    public static class PermissionUserReq {
+        /**
+         * 权限码
+         */
+
+        @NotBlank(message = "featureCode不能为空")
+        private String featureCode;
+
+        /**
+         * 单位id
+         */
+        @NotNull(message = "ouId不能为空")
+        private Long ouId;
+
+        /**
+         * 项目Id
+         */
+        @NotNull(message = "workspaceId不能为空")
+        private Long workspaceId;
+
+        /**
+         * 指定端的权限
+         */
+        private String terminal;
+
+        /**
+         * 指定权限标签
+         */
+        private Set<RolePermissionTagEnum> tags;
+    }
+}

tyr-client/src/main/java/cn/axzo/tyr/feign/req/UpsertUserRoleReq.java

@@ -0,0 +1,81 @@
+package cn.axzo.tyr.feign.req;
+
+import cn.axzo.tyr.feign.enums.IdentityTypeEnum;
+import lombok.AllArgsConstructor;
+import lombok.Builder;
+import lombok.Data;
+import lombok.NoArgsConstructor;
+
+import javax.validation.Valid;
+import javax.validation.constraints.NotEmpty;
+import javax.validation.constraints.NotNull;
+import java.util.Set;
+
+@Data
+@Builder
+@NoArgsConstructor
+@AllArgsConstructor
+public class UpsertUserRoleReq {
+
+    @Valid
+    @NotEmpty(message = "userRoles不能为空")
+    private Set<UserRoleReq> userRoles;
+
+    /**
+     * 操作人personId
+     */
+    @NotNull(message = "operatorId不能为空")
+    private Long operatorId;
+
+    @Data
+    @Builder
+    @NoArgsConstructor
+    @AllArgsConstructor
+    public static class UserRoleReq {
+
+        @NotNull(message = "workspaceId不能为空")
+        private Long workspaceId;
+
+        @NotNull(message = "ouId不能为空")
+        private Long ouId;
+
+        @NotNull(message = "identityId不能为空")
+        private Long identityId;
+
+        @NotNull(message = "identityType不能为空")
+        private IdentityTypeEnum identityType;
+
+        @NotNull(message = "personId不能为空")
+        private Long personId;
+
+        /**
+         * 增量新增的角色id
+         */
+        private Set<Long> insertRoleIds;
+
+        /**
+         * 增量新增的角色code
+         */
+        private Set<String> insertRoleCodes;
+
+        /**
+         * 全量新增的角色id
+         */
+        private Set<Long> fullRoleIds;
+
+        /**
+         * 全量新增的角色code
+         */
+        private Set<String> fullRoleCodes;
+
+        /**
+         * 删除用户的角色id
+         */
+        private Set<Long> removeRoleIds;
+
+        /**
+         * 删除用户的角色code
+         */
+        private Set<String> removeRoleCodes;
+    }
+}

tyr-client/src/main/java/cn/axzo/tyr/feign/resp/PermissionUserResp.java

@@ -0,0 +1,36 @@
+package cn.axzo.tyr.feign.resp;
+
+import lombok.AllArgsConstructor;
+import lombok.Builder;
+import lombok.Data;
+import lombok.NoArgsConstructor;
+
+import java.util.Set;
+
+@Data
+@Builder
+@NoArgsConstructor
+@AllArgsConstructor
+public class PermissionUserResp {
+
+    private Long ouId;
+
+    private Long workspaceId;
+
+    private Set<User> users;
+
+    @Data
+    @Builder
+    @AllArgsConstructor
+    @NoArgsConstructor
+    public static class User {
+
+        private Long identityId;
+
+        private Integer identityType;
+
+        private Long personId;
+
+        private boolean isSuperAdmin;
+    }
+}

tyr-server/src/main/java/cn/axzo/tyr/server/controller/v2/RoleUserV2Controller.java

@@ -7,6 +7,7 @@ import cn.axzo.tyr.client.model.roleuser.dto.SaasRoleUserV2DTO;
 import cn.axzo.tyr.client.model.roleuser.req.PageRoleUserRelationParam;
 import cn.axzo.tyr.feign.api.RoleUserApi;
 import cn.axzo.tyr.feign.req.PageRoleUserReq;
+import cn.axzo.tyr.feign.req.UpsertUserRoleReq;
 import cn.axzo.tyr.feign.resp.FeatureResourceRelationResp;
 import cn.axzo.tyr.feign.resp.RoleFeatureResourceResp;
 import cn.axzo.tyr.feign.resp.RoleResp;
@@ -49,6 +50,11 @@ public class RoleUserV2Controller implements RoleUserApi {
                 .build());
     }
 
+    @Override
+    public ApiResult<Void> upsertUserRole(UpsertUserRoleReq req) {
+        return null;
+    }
+
     private PageRoleUserRelationParam from(PageRoleUserReq req) {
         PageRoleUserRelationParam result = JSON.parseObject(JSON.toJSONString(req),
                 PageRoleUserRelationParam.class);

tyr-server/src/main/java/cn/axzo/tyr/server/controller/v2/UserPermissionController.java

@@ -6,7 +6,9 @@ import cn.axzo.tyr.client.model.enums.IdentityType;
 import cn.axzo.tyr.client.model.roleuser.dto.SaasRoleUserV2DTO;
 import cn.axzo.tyr.client.model.roleuser.req.ListRoleUserRelationParam;
 import cn.axzo.tyr.feign.api.UserPermissionApi;
+import cn.axzo.tyr.feign.req.ListPermissionUserReq;
 import cn.axzo.tyr.feign.req.ListUserPermissionReq;
+import cn.axzo.tyr.feign.resp.PermissionUserResp;
 import cn.axzo.tyr.feign.resp.UserPermissionResp;
 import cn.axzo.tyr.server.service.PermissionService;
 import cn.axzo.tyr.server.service.SaasRoleUserRelationService;
@@ -31,7 +33,7 @@ public class UserPermissionController implements UserPermissionApi {
     private SaasRoleUserRelationService saasRoleUserRelationService;
 
     @Override
-    public ApiResult<List<UserPermissionResp>> list(ListUserPermissionReq req) {
+    public ApiResult<List<UserPermissionResp>> listUserPermission(ListUserPermissionReq req) {
 
         check(req);
 
@@ -41,6 +43,11 @@ public class UserPermissionController implements UserPermissionApi {
         return null;
     }
 
+    @Override
+    public ApiResult<List<PermissionUserResp>> listPermissionUser(ListPermissionUserReq req) {
+        return null;
+    }
+
     private void check(ListUserPermissionReq req) {
 
         Axssert.check(Objects.nonNull(req.getPersonId()) || Objects.nonNull(req.getIdentityId()),

tyr-server/src/main/java/cn/axzo/tyr/server/service/impl/PermissionServiceImpl.java

@@ -87,7 +87,7 @@ public class PermissionServiceImpl implements PermissionService {
                     Set<PermissionResp> adminRolePermission = resolveAdminRolePermission(workspacePermissions, user);
 
                     // 用户普通角色的权限
-
+                    return null;
                 })
                 .filter(Objects::nonNull)
                 .collect(Collectors.toList());
@@ -181,46 +181,48 @@ public class PermissionServiceImpl implements PermissionService {
             return Collections.emptySet();
         }
 
-        return normalRoles.stream()
+        return Collections.emptySet();
-                .map(role -> {
 
-                    Set<String> rolePermissionFeatureCodes = Optional.ofNullable(rolePermissionMap.get(role.getId()))
+//        return normalRoles.stream()
-                            .map(e -> e.stream()
+//                .map(role -> {
-                                    .filter(Objects::nonNull)
+//
-                                    .filter(rolePermission -> {
+//                    Set<String> rolePermissionFeatureCodes = Optional.ofNullable(rolePermissionMap.get(role.getId()))
-                                        if (CollectionUtils.isEmpty(workspaceOuPair.getTags()) || CollectionUtils.isEmpty(rolePermission.getTags())) {
+//                            .map(e -> e.stream()
-                                            return true;
+//                                    .filter(Objects::nonNull)
-                                        }
+//                                    .filter(rolePermission -> {
-
+//                                        if (CollectionUtils.isEmpty(workspaceOuPair.getTags()) || CollectionUtils.isEmpty(rolePermission.getTags())) {
-                                        if (Sets.intersection(workspaceOuPair.getTags(), rolePermission.getTags()).isEmpty()) {
+//                                            return true;
-                                            return false;
+//                                        }
-                                        }
+//
-
+//                                        if (Sets.intersection(workspaceOuPair.getTags(), rolePermission.getTags()).isEmpty()) {
-                                        return true;
+//                                            return false;
-                                    })
+//                                        }
-                                    .map(RolePermissionCacheService.PermissionDTO::getFeatureCode)
+//
-                                    .collect(Collectors.toSet()))
+//                                        return true;
-                            .orElseGet(Sets::newHashSet);
+//                                    })
-
+//                                    .map(RolePermissionCacheService.PermissionDTO::getFeatureCode)
-                    if (CollectionUtils.isEmpty(rolePermissionFeatureCodes)) {
+//                                    .collect(Collectors.toSet()))
-                        return null;
+//                            .orElseGet(Sets::newHashSet);
-                    }
+//
-
+//                    if (CollectionUtils.isEmpty(rolePermissionFeatureCodes)) {
-                    return productPermissions.stream()
+//                        return null;
-                            .filter(productPermission -> Objects.equals(productPermission.getCooperateType(), String.valueOf(role.getProductUnitType())))
+//                    }
-                            .filter(productPermission -> rolePermissionFeatureCodes.contains(productPermission.getFeatureCode()))
+//
-                            .map(e -> IdentityAuthRes.PermissionPoint.builder()
+//                    return productPermissions.stream()
-                                    .featureCode(e.getFeatureCode())
+//                            .filter(productPermission -> Objects.equals(productPermission.getCooperateType(), String.valueOf(role.getProductUnitType())))
-                                    .featureId(e.getFeatureId())
+//                            .filter(productPermission -> rolePermissionFeatureCodes.contains(productPermission.getFeatureCode()))
-                                    .terminal(e.getTerminal())
+//                            .map(e -> IdentityAuthRes.PermissionPoint.builder()
-                                    .featureType(e.getFeatureType())
+//                                    .featureCode(e.getFeatureCode())
-                                    .build())
+//                                    .featureId(e.getFeatureId())
-                            .collect(Collectors.toSet());
+//                                    .terminal(e.getTerminal())
-
+//                                    .featureType(e.getFeatureType())
-                })
+//                                    .build())
-                .filter(Objects::nonNull)
+//                            .collect(Collectors.toSet());
-                .flatMap(Collection::stream)
+//
-                .collect(Collectors.toSet());
+//                })
+//                .filter(Objects::nonNull)
+//                .flatMap(Collection::stream)
+//                .collect(Collectors.toSet());
     }
 
     private Map<Long, List<RolePermissionCacheService.PermissionDTO>> listRolePermission(ListUserPermissionParam param) {

tyr-server/src/main/java/cn/axzo/tyr/server/service/impl/SaasRoleUserRelationServiceImpl.java

@@ -681,6 +681,6 @@ public class SaasRoleUserRelationServiceImpl extends ServiceImpl<SaasRoleUserRel
             return Collections.emptyMap();
         }
 
-
+        return Collections.emptyMap();
     }
 }