wangli/tyr
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

feat(auth): 根据身份查询权限点实现

Browse Source
This commit is contained in:
zhansihu 2023-10-08 11:04:19 +08:00
parent 611acadbf9
commit 4486aa8b12
18 changed files with 455 additions and 37 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

3
tyr-api/src/main/java/cn/axzo/tyr/client/feign/TyrSaasAuthApi.java
View File

@ -12,7 +12,8 @@ import org.springframework.cloud.openfeign.FeignClient;
public interface TyrSaasAuthApi {
ApiResult<QueryIdentityByPermissionResp> findAuth(QueryIdentityByPermissionReq req);
ApiResult<QueryIdentityByPermissionResp> findAuthFromIdentity(QueryIdentityByPermissionReq req);
ApiResult<QueryIdentityByPermissionResp> findAuthFromFeature(QueryIdentityByPermissionReq req);
}

4
tyr-api/src/main/java/cn/axzo/tyr/client/model/req/QueryIdentityByPermissionReq.java
View File

@ -20,7 +20,7 @@ import lombok.NonNull;
public class QueryIdentityByPermissionReq {
/**
* 权限列表
* 权限列表以权限为基础查询时不能为空
* Query的语义是只要有一个code就算命中而不是必须有所有code权限
*/
private List<String> codes;
@ -32,7 +32,7 @@ public class QueryIdentityByPermissionReq {
/**
* 身份Id
* 身份Id以人为基础查询时不能为空
*/
private Long identityId;

6
tyr-server/pom.xml
View File

@ -43,6 +43,12 @@
<groupId>cn.axzo.framework</groupId>
<artifactId>axzo-processor-spring-boot-starter</artifactId>
</dependency>
<dependency>
<groupId>cn.axzo.thrones</groupId>
<artifactId>thrones-client</artifactId>
</dependency>
<dependency>
<groupId>mysql</groupId>
<artifactId>mysql-connector-java</artifactId>

12
tyr-server/src/main/java/cn/axzo/tyr/server/controller/auth/TyrSaasAuthController.java
View File

@ -1,5 +1,6 @@
package cn.axzo.tyr.server.controller.auth;
import cn.axzo.basics.common.util.AssertUtil;
import cn.axzo.framework.domain.web.result.ApiResult;
import cn.axzo.tyr.client.feign.TyrSaasAuthApi;
import cn.axzo.tyr.client.model.req.QueryIdentityByPermissionReq;
@ -20,9 +21,16 @@ import org.springframework.web.bind.annotation.RestController;
public class TyrSaasAuthController implements TyrSaasAuthApi {
private final TyrSaasAuthService tyrSaasAuthService;
@Override
public ApiResult<QueryIdentityByPermissionResp> findAuth(QueryIdentityByPermissionReq req) {
return ApiResult.ok(tyrSaasAuthService.findAuth(req));
public ApiResult<QueryIdentityByPermissionResp> findAuthFromIdentity(QueryIdentityByPermissionReq req) {
AssertUtil.notNull(req.getIdentityId(), "人员身份ID不能为空");
return ApiResult.ok(tyrSaasAuthService.findAuthFromIdentity(req));
}
@Override
public ApiResult<QueryIdentityByPermissionResp> findAuthFromFeature(QueryIdentityByPermissionReq req) {
AssertUtil.notEmpty(req.getCodes(), "权限点编码不能为空");
return ApiResult.ok(tyrSaasAuthService.findAuthFromFeature(req));
}
}

6
tyr-server/src/main/java/cn/axzo/tyr/server/repository/dao/SaasProductModuleFeatureRelationDao.java
View File

@ -1,5 +1,6 @@
package cn.axzo.tyr.server.repository.dao;
import cn.axzo.tyr.server.repository.entity.ProductFeatureInfo;
import cn.axzo.tyr.server.repository.entity.SaasProductModuleFeatureRelation;
import cn.axzo.tyr.server.repository.mapper.SaasProductModuleFeatureRelationMapper;
import cn.hutool.core.collection.CollectionUtil;
@ -8,6 +9,7 @@ import com.baomidou.mybatisplus.extension.service.impl.ServiceImpl;
import org.springframework.stereotype.Repository;
import java.util.List;
import java.util.Set;
/**
* 产品-菜单关联关系(SaasProductModuleFeatureRelation)表服务实现类
@ -25,5 +27,9 @@ public class SaasProductModuleFeatureRelationDao extends ServiceImpl<SaasProduct
this.remove(new LambdaQueryWrapper<SaasProductModuleFeatureRelation>()
.in(SaasProductModuleFeatureRelation::getFeatureId, permissionPointIds));
}
public List<ProductFeatureInfo> listWithFeatureByProduct(Set<Long> productIdSet) {
return null;
}
}

5
tyr-server/src/main/java/cn/axzo/tyr/server/repository/dao/SaasRoleDao.java
View File

@ -2,7 +2,9 @@ package cn.axzo.tyr.server.repository.dao;
import cn.axzo.basics.common.constant.enums.TableIsDeleteEnum;
import cn.axzo.pokonyan.config.mybatisplus.BaseEntity;
import cn.axzo.tyr.client.model.enums.IdentityType;
import cn.axzo.tyr.server.repository.entity.SaasRole;
import cn.axzo.tyr.server.repository.entity.SaasRoleWithUser;
import cn.axzo.tyr.server.repository.mapper.SaasRoleMapper;
import com.baomidou.mybatisplus.extension.service.impl.ServiceImpl;
import org.apache.commons.collections.CollectionUtils;
@ -30,5 +32,8 @@ public class SaasRoleDao extends ServiceImpl<SaasRoleMapper, SaasRole> {
.update();
}
public List<SaasRoleWithUser> listSuperAdminByIdentity(Long identityId, IdentityType identityType) {
return this.getBaseMapper().listSuperAdminByIdentity(identityId, identityType.getCode());
}
}

19
tyr-server/src/main/java/cn/axzo/tyr/server/repository/entity/ProductFeatureInfo.java Normal file
View File

@ -0,0 +1,19 @@
package cn.axzo.tyr.server.repository.entity;
import lombok.Data;
/**
* 产品权限点
*
* @version V1.0
* @author: ZhanSiHu
* @date: 2023/10/7 18:18
*/
@Data
public class ProductFeatureInfo {
Long productModuleId;
Long featureId;
String featureCode;
}

20
tyr-server/src/main/java/cn/axzo/tyr/server/repository/entity/RolePermission.java Normal file
View File

@ -0,0 +1,20 @@
package cn.axzo.tyr.server.repository.entity;
import lombok.Data;
/**
* 角色权限
*
* @version V1.0
* @author: ZhanSiHu
* @date: 2023/10/8 09:38
*/
@Data
public class RolePermission {
private Long roleId;
private Long groupId;
private Long featureId;
private String featureCode;
private String featureName;
private Integer featureType;
}

60
tyr-server/src/main/java/cn/axzo/tyr/server/repository/entity/SaasRoleWithUser.java Normal file
View File

@ -0,0 +1,60 @@
package cn.axzo.tyr.server.repository.entity;
import lombok.Data;
/**
* saas_role和saas_role_user_relation
*
* @version V1.0
* @author: ZhanSiHu
* @date: 2023/10/7 16:42
*/
@Data
public class SaasRoleWithUser {
/** 用户角色关系ID **/
private Long relationId;
/** 角色ID **/
private Long roleId;
/**
* 角色名称
*/
private String roleName;
/**
* 角色类型common 普通角色 super_admin超级管理员(禁止删除) admin子管理员(禁止删除) init初始化内置角色
*/
private String roleType;
private Long workspaceId;
/**
* 身份Id
*/
private Long identityId;
/**
* 身份类型 1:工人 2:从业人员 3:班组长 4:运营人员 5:政务人员
*/
private Integer identityType;
/**
* 自然人Id
*/
private Long naturalPersonId;
/**
* 所属单位Id 用户在当前工作台的所属单位
*/
private Long ouId;
/**
* relation 工作台Id
*/
private Long relationWorkspaceId;
}

4
tyr-server/src/main/java/cn/axzo/tyr/server/repository/mapper/SaasRoleMapper.java
View File

@ -1,11 +1,15 @@
package cn.axzo.tyr.server.repository.mapper;
import cn.axzo.tyr.server.repository.entity.SaasRole;
import cn.axzo.tyr.server.repository.entity.SaasRoleWithUser;
import com.baomidou.mybatisplus.core.mapper.BaseMapper;
import org.apache.ibatis.annotations.Mapper;
import java.util.List;
@Mapper
public interface SaasRoleMapper extends BaseMapper<SaasRole> {
List<SaasRoleWithUser> listSuperAdminByIdentity(Long identityId, Integer identityType);
}

4
tyr-server/src/main/java/cn/axzo/tyr/server/repository/mapper/TyrSaasAuthMapper.java
View File

@ -1,11 +1,15 @@
package cn.axzo.tyr.server.repository.mapper;
import cn.axzo.tyr.server.repository.entity.RolePermission;
import org.apache.ibatis.annotations.Mapper;
import java.util.List;
/**
* @author tanjie@axzo.cn
* @date 2023/10/7 10:56
*/
@Mapper
public interface TyrSaasAuthMapper {
List<RolePermission> listPermissionByRole(List<Long> roleIdList);
}

5
tyr-server/src/main/java/cn/axzo/tyr/server/service/RoleService.java
View File

@ -1,11 +1,13 @@
package cn.axzo.tyr.server.service;
import cn.axzo.tyr.client.model.enums.IdentityType;
import cn.axzo.tyr.client.model.req.QueryByIdentityIdTypeReq;
import cn.axzo.tyr.client.model.req.QuerySaasRoleReq;
import cn.axzo.tyr.client.model.res.IsSuperAdminRes;
import cn.axzo.tyr.client.model.res.QueryBatchByIdentityIdTypeRes;
import cn.axzo.tyr.client.model.vo.SaasRoleVO;
import cn.axzo.tyr.client.model.vo.SaveOrUpdateRoleVO;
import cn.axzo.tyr.server.repository.entity.SaasRoleWithUser;
import java.util.List;
@ -30,6 +32,7 @@ public interface RoleService {
List<IsSuperAdminRes> isSuperAdmin(List<QueryByIdentityIdTypeReq> req);
List<IsSuperAdminRes> findSuperAdminByIdentity(List<QueryByIdentityIdTypeReq> req);
List<IsSuperAdminRes> listSuperAdminByIdentity(Long identityId, IdentityType identityType);
List<SaasRoleWithUser> listRoleByIdentity(Long identityId, IdentityType identityType);
}

7
tyr-server/src/main/java/cn/axzo/tyr/server/service/TyrSaasAuthService.java
View File

@ -8,9 +8,8 @@ import cn.axzo.tyr.client.model.res.QueryIdentityByPermissionResp;
* @date 2023/10/7 10:00
*/
public interface TyrSaasAuthService {
QueryIdentityByPermissionResp findAuth(QueryIdentityByPermissionReq req);
QueryIdentityByPermissionResp findAuthByIdentity(QueryIdentityByPermissionReq req);
QueryIdentityByPermissionResp findAuthFromIdentity(QueryIdentityByPermissionReq req);
QueryIdentityByPermissionResp findAuthByCode(QueryIdentityByPermissionReq req);
}
QueryIdentityByPermissionResp findAuthFromFeature(QueryIdentityByPermissionReq req);
}

15
tyr-server/src/main/java/cn/axzo/tyr/server/service/impl/RoleServiceImpl.java
View File

@ -4,6 +4,7 @@ import cn.axzo.basics.common.constant.enums.TableIsDeleteEnum;
import cn.axzo.basics.common.exception.ServiceException;
import cn.axzo.pokonyan.config.mybatisplus.BaseEntity;
import cn.axzo.tyr.client.common.enums.RoleTypeEnum;
import cn.axzo.tyr.client.model.enums.IdentityType;
import cn.axzo.tyr.client.model.enums.PermissionGroupType;
import cn.axzo.tyr.client.model.req.QueryByIdentityIdTypeReq;
import cn.axzo.tyr.client.model.req.QuerySaasPermissionGroupReq;
@ -274,8 +275,20 @@ public class RoleServiceImpl implements RoleService {
}
@Override
public List<IsSuperAdminRes> findSuperAdminByIdentity(List<QueryByIdentityIdTypeReq> req) {
public List<IsSuperAdminRes> listSuperAdminByIdentity(Long identityId, IdentityType identityType) {
//TODO:@Zhan 需要去重
List<SaasRoleWithUser> roleList = saasRoleDao.listSuperAdminByIdentity(identityId, identityType);
return roleList.stream().map(this::convert2SuperAdmin).collect(Collectors.toList());
}
private IsSuperAdminRes convert2SuperAdmin(SaasRoleWithUser saasRoleWithUser) {
IsSuperAdminRes res = new IsSuperAdminRes();
res.setIsSuperAdmin(true);
res.setOuId(saasRoleWithUser.getOuId());
res.setWorkspaceId(saasRoleWithUser.getWorkspaceId());
res.setIdentityId(saasRoleWithUser.getIdentityId());
res.setIdentityType(saasRoleWithUser.getIdentityType());
return res;
}
private SaasRole validAndBuildRole(SaveOrUpdateRoleVO saveOrUpdateRole, Date now) {

168
tyr-server/src/main/java/cn/axzo/tyr/server/service/impl/TyrSaasAuthServiceImpl.java
View File

@ -1,19 +1,40 @@
package cn.axzo.tyr.server.service.impl;
import cn.axzo.framework.domain.ServiceException;
import cn.axzo.tyr.client.feign.TyrSaasAuthApi;
import cn.axzo.tyr.client.feign.TyrSaasRoleApi;
import cn.axzo.thrones.client.saas.ServicePkgClient;
import cn.axzo.thrones.client.saas.entity.serivicepgkproduct.ServicePkgProduct;
import cn.axzo.thrones.client.saas.entity.servicepkg.ServicePkgDetailRes;
import cn.axzo.tyr.client.common.enums.RoleTypeEnum;
import cn.axzo.tyr.client.model.req.QueryIdentityByPermissionReq;
import cn.axzo.tyr.client.model.res.IsSuperAdminRes;
import cn.axzo.tyr.client.model.res.QueryIdentityByPermissionResp;
import cn.axzo.tyr.server.repository.dao.SaasProductModuleFeatureRelationDao;
import cn.axzo.tyr.server.repository.entity.ProductFeatureInfo;
import cn.axzo.tyr.server.repository.entity.RolePermission;
import cn.axzo.tyr.server.repository.entity.SaasProductModuleFeatureRelation;
import cn.axzo.tyr.server.repository.entity.SaasRoleWithUser;
import cn.axzo.tyr.server.repository.mapper.TyrSaasAuthMapper;
import cn.axzo.tyr.server.service.RoleService;
import cn.axzo.tyr.server.service.SaasRoleUserService;
import cn.axzo.tyr.server.service.TyrSaasAuthService;
import cn.axzo.tyr.server.util.RpcInternalUtil;
import cn.azxo.framework.common.model.CommonResponse;
import cn.hutool.core.collection.CollectionUtil;
import cn.hutool.core.util.NumberUtil;
import cn.hutool.core.util.StrUtil;
import com.baomidou.mybatisplus.core.conditions.query.LambdaQueryWrapper;
import lombok.RequiredArgsConstructor;
import org.springframework.stereotype.Service;
import java.util.ArrayList;
import java.util.Collection;
import java.util.HashMap;
import java.util.HashSet;
import java.util.List;
import java.util.Map;
import java.util.Set;
import java.util.function.Function;
import java.util.stream.Collectors;
import static cn.axzo.tyr.server.util.RpcInternalUtil.checkAndGetData;
/**
* @author tanjie@axzo.cn
* @date 2023/10/7 10:03
@ -25,36 +46,131 @@ public class TyrSaasAuthServiceImpl implements TyrSaasAuthService {
private final TyrSaasAuthMapper saasAuthMapper;
private final RoleService roleService;
@Override
public QueryIdentityByPermissionResp findAuth(QueryIdentityByPermissionReq req) {
if (req.getIdentityId() != null) {
return findAuthByIdentity(req);
}
private final ServicePkgClient servicePkgClient;
private final SaasProductModuleFeatureRelationDao saasProductModuleFeatureRelationDao;
if (CollectionUtil.isNotEmpty(req.getCodes())) {
return findAuthByCode(req);
}
throw new ServiceException("只支持通过身份或者CODE进行查询");
}
/**
* 通过身份查询人员权限
*
* @return
*/
public QueryIdentityByPermissionResp findAuthByIdentity(QueryIdentityByPermissionReq req) {
//超管
// 1.查当前人在哪些工作台是超管
// 2.这些工作台对应的服务包->产品->FEATURE CODE
roleService.findSuperAdminByIdentity(req.getIdentityId(), req.getIdentityType());
@Override
public QueryIdentityByPermissionResp findAuthFromIdentity(QueryIdentityByPermissionReq req) {
//非超管
// 1.查这个人拥有哪些角色 (saas_role_User_relation -> saas_role -> saas_pg
//身份 --> 查询角色
List<SaasRoleWithUser> roleList = roleService.listRoleByIdentity(req.getIdentityId(), req.getIdentityType());
//TODO:@Zhan 过滤工作台
//拆分超管和普通角色
Map<Boolean, List<SaasRoleWithUser>> splitMap = roleList.stream()
.collect(Collectors.groupingBy(r -> StrUtil.equals(r.getRoleType(), RoleTypeEnum.SUPER_ADMIN.getValue())));
//-------------- 超管 -------------
List<SaasRoleWithUser> superAdminRoleList = splitMap.get(true);
List<QueryIdentityByPermissionResp> adminResult = getSuperAdminPermission(req, superAdminRoleList);
//聚合
//---------------- 非超管 ------------------
List<SaasRoleWithUser> normalRoleList = splitMap.get(false);
List<QueryIdentityByPermissionResp> normalResult = getNormalPermission(req, normalRoleList);
//聚合-过滤
return null;
}
private List<QueryIdentityByPermissionResp> getNormalPermission(QueryIdentityByPermissionReq req, List<SaasRoleWithUser> normalRoleList) {
List<QueryIdentityByPermissionResp> normalResult = new ArrayList<>();
if (CollectionUtil.isEmpty(normalRoleList)) {
return normalResult;
}
// 角色 --> 角色对应的权限
List<RolePermission> permissionList = saasAuthMapper.listPermissionByRole(normalRoleList.stream()
.map(SaasRoleWithUser::getRoleId)
.collect(Collectors.toList()));
//mapping
Map<Long, List<SaasRoleWithUser>> workspaceRoleMapping = normalRoleList.stream()
.collect(Collectors.groupingBy(SaasRoleWithUser::getWorkspaceId));
Map<Long, List<RolePermission>> roleFeatureMapping = permissionList.stream()
.collect(Collectors.groupingBy(RolePermission::getRoleId));
//组装数据
for (Map.Entry<Long, List<SaasRoleWithUser>> entry : workspaceRoleMapping.entrySet()) {
QueryIdentityByPermissionResp permissionResp = new QueryIdentityByPermissionResp();
permissionResp.setWorkspaceId(entry.getKey());
//任意取一个OUId
permissionResp.setOuId(entry.getValue().get(0).getOuId());
List<String> featureCodes = entry.getValue().stream().map(r -> roleFeatureMapping.get(r.getRoleId())
.stream()
.map(RolePermission::getFeatureCode)
.collect(Collectors.toList()))
.flatMap(Collection::stream)
.collect(Collectors.toList());
permissionResp.setFeatureCode(featureCodes);
normalResult.add(permissionResp);
}
return normalResult;
}
private List<QueryIdentityByPermissionResp> getSuperAdminPermission(QueryIdentityByPermissionReq req, List<SaasRoleWithUser> superAdminRoleList) {
List<QueryIdentityByPermissionResp> adminResult = new ArrayList<>();
if (CollectionUtil.isEmpty(superAdminRoleList)) {
return adminResult;
}
//超管所属的工作台
Set<Long> workspaceIdSet = superAdminRoleList.stream().map(SaasRoleWithUser::getWorkspaceId).collect(Collectors.toSet());
//工作台 --> 所属服务包--包含的产品
CommonResponse<List<ServicePkgDetailRes>> servicePkgResponse = servicePkgClient.getServicePkgDetailBySpaceId(workspaceIdSet);
List<ServicePkgDetailRes> servicePkgList = checkAndGetData(servicePkgResponse);
Set<Long> productIdSet = new HashSet<>();
Map<Long, List<ServicePkgProduct>> workspaceProduct = new HashMap<>();
servicePkgList.forEach(e -> {
productIdSet.addAll(e.getProducts()
.stream()
.map(ServicePkgProduct::getProductId)
.collect(Collectors.toList()));
List<ServicePkgProduct> mappingList = workspaceProduct.computeIfAbsent(e.getSpaceId(), k -> new ArrayList<>());
mappingList.addAll(e.getProducts());
});
//产品 --> 产品关联的权限点
List<ProductFeatureInfo> featureList = saasProductModuleFeatureRelationDao.listWithFeatureByProduct(productIdSet);
//mapping
Map<Long, List<ProductFeatureInfo>> productFeatureMapping = featureList.stream()
.collect(Collectors.groupingBy(ProductFeatureInfo::getProductModuleId));
Map<Long, List<SaasRoleWithUser>> workspaceRoleMapping = superAdminRoleList.stream()
.collect(Collectors.groupingBy(SaasRoleWithUser::getWorkspaceId));
//组装数据
for (Map.Entry<Long, List<ServicePkgProduct>> entry : workspaceProduct.entrySet()) {
QueryIdentityByPermissionResp permissionResp = new QueryIdentityByPermissionResp();
permissionResp.setWorkspaceId(entry.getKey());
//workspace对应OUID
SaasRoleWithUser roleWithUser = workspaceRoleMapping.get(entry.getKey()).get(0);
permissionResp.setOuId(roleWithUser.getOuId());
//workspace对应权限点
List<String> featureCodes = entry.getValue()
.stream()
.map(x -> productFeatureMapping.get(x.getProductId())
.stream()
.map(ProductFeatureInfo::getFeatureCode)
.collect(Collectors.toList()))
.flatMap(Collection::stream)
.collect(Collectors.toList());
permissionResp.setFeatureCode(featureCodes);
adminResult.add(permissionResp);
}
return adminResult;
}
/**
@ -62,7 +178,8 @@ public class TyrSaasAuthServiceImpl implements TyrSaasAuthService {
* @param req
* @return
*/
public QueryIdentityByPermissionResp findAuthByCode(QueryIdentityByPermissionReq req) {
@Override
public QueryIdentityByPermissionResp findAuthFromFeature(QueryIdentityByPermissionReq req) {
//超管
// 先查CODE对应的产品 在去查哪些工作台有这些产品在去查这些工作台的超管
@ -71,7 +188,6 @@ public class TyrSaasAuthServiceImpl implements TyrSaasAuthService {
// 先查code对应的权限集->权限集对应的角色-> 查人
//聚合
return null;
}
}

104
tyr-server/src/main/java/cn/axzo/tyr/server/util/RpcInternalUtil.java Normal file
View File

@ -0,0 +1,104 @@
package cn.axzo.tyr.server.util;
import cn.axzo.basics.common.util.AssertUtil;
import cn.axzo.framework.domain.ServiceException;
import cn.axzo.framework.domain.web.BizException;
import cn.axzo.framework.domain.web.result.ApiPageResult;
import cn.axzo.framework.domain.web.result.ApiResult;
import cn.azxo.framework.common.model.CommonResponse;
import cn.hutool.core.lang.Assert;
import cn.hutool.http.HttpStatus;
import cn.hutool.json.JSONUtil;
import lombok.extern.slf4j.Slf4j;
import java.util.function.Consumer;
import java.util.function.Supplier;
import static cn.axzo.framework.domain.web.code.BaseCode.BAD_REQUEST;
import static cn.axzo.framework.domain.web.code.BaseCode.SERVER_ERROR;
/**
* 内部api 使用 服务与 yoke 下游服务 下游服务统一使用 ApiResult
* @author tanjie@axzo.cn
* @date 2022/5/23 11:08
*/
@Slf4j
public class RpcInternalUtil {
/**
* 常用的RPC请求返回值解析如果 被请求方 返回非200会抛出异常
*/
public static <T> ApiResult<T> rpcProcessor(Supplier<ApiResult<T>> supplier, String operationType, Object... param) {
return rpcProcessorMayThrow(supplier, operationType, (commonResponse) -> {
throw new ServiceException(commonResponse.getMsg());
}, param);
}
public static <T> ApiResult<T> rpcProcessorMayThrow(Supplier<ApiResult<T>> supplier, String operationType, Consumer<ApiResult<T>> throwConsumer, Object... param) {
AssertUtil.notNull(throwConsumer, "自定义的异常处理不可为空");
log.info(operationType + "-Param: " + JSONUtil.toJsonStr(param));
ApiResult<T> result = null;
try {
result = supplier.get();
} catch (Throwable e) {
throwConsumer.accept(ApiResult.err(e.getMessage()));
}
log.info(operationType + "-Result: " + JSONUtil.toJsonStr(result));
Assert.notNull(result, "服务调用异常");
// 200自定义处理
if (HttpStatus.HTTP_OK != result.getCode()) {
throwConsumer.accept(result);
}
return result;
}
/**
* 常用的RPC请求返回值解析如果 被请求方 返回非200会抛出异常
*/
public static <T> ApiPageResult<T> rpcPageProcessor(Supplier<ApiPageResult<T>> supplier, String operationType, Object... param) {
return rpcPageProcessorMayThrow(supplier, operationType, (commonResponse) -> {
throw new ServiceException(commonResponse.getMsg());
}, param);
}
public static <T> ApiPageResult<T> rpcPageProcessorMayThrow(Supplier<ApiPageResult<T>> supplier, String operationType, Consumer<ApiPageResult<T>> throwConsumer, Object... param) {
AssertUtil.notNull(throwConsumer, "自定义的异常处理不可为空");
log.info(operationType + "-Param: " + JSONUtil.toJsonStr(param));
ApiPageResult<T> result = supplier.get();
log.info(operationType + "-Result: " + JSONUtil.toJsonStr(result));
Assert.notNull(result, "服务调用异常");
// 200自定义处理
if (HttpStatus.HTTP_OK != result.getCode()) {
throwConsumer.accept(result);
}
return result;
}
public static <T> T checkAndGetData(ApiResult<T> result) {
if (result.isError()) {
throw new BizException(result.getRespCode(), result.getMsg());
}
T data = result.getData();
if (data == null) {
throw new BizException(BAD_REQUEST, "数据不存在");
}
return data;
}
public static <T> T checkAndGetData(CommonResponse<T> response) {
if (response.getCode() != 200) {
throw new BizException(SERVER_ERROR, response.getMsg());
}
T data = response.getData();
if (data == null) {
throw new BizException(BAD_REQUEST, "数据不存在");
}
return data;
}
}

27
tyr-server/src/main/resources/mapper/SaasRoleMapper.xml Normal file
View File

@ -0,0 +1,27 @@
<?xml version="1.0" encoding="UTF-8"?>
<!DOCTYPE mapper PUBLIC "-//mybatis.org//DTD Mapper 3.0//EN"
"http://mybatis.org/dtd/mybatis-3-mapper.dtd">
<mapper namespace="cn.axzo.tyr.server.repository.mapper.SaasRoleMapper">
<select id="listSuperAdminByIdentity" resultType="cn.axzo.tyr.server.repository.entity.SaasRoleWithUser">
SELECT
ru.id AS relationId,
r.id AS roleId,
r.`name` AS roleName,
r.role_type AS roleType,
r.workspace_id AS workspaceId,
ru.identity_id AS identityId,
ru.identity_type AS identityType,
ru.natural_person_id AS naturalPersonId,
ru.ou_id AS ouId,
ru.workspace_id AS relationWorkspaceId
FROM saas_role r, saas_role_user_relation ru
WHERE ru.role_id = r.id
AND r.is_delete = 0
AND ru.is_delete = 0
AND ru.identity_id = #{identityId}
AND ru.identity_type = ${identityType}
AND r.role_type = 'super_admin'
</select>
</mapper>

23
tyr-server/src/main/resources/mapper/TyrSaasAuthMapper.xml
View File

@ -4,4 +4,27 @@
<mapper namespace="cn.axzo.tyr.server.repository.mapper.TyrSaasAuthMapper">
<select id="listPermissionByRole">
SELECT
rg.role_id AS roleId,
rg.group_id AS groupId,
f.id AS featureId,
f.feature_code AS featureCode,
f.feature_name as featureName,
f.feature_type AS featureType
FROM
saas_pgroup_role_relation rg,
saas_pgroup_permission_relation pg,
saas_feature f
WHERE
rg.is_delete = 0
AND pg.is_delete = 0
AND f.is_delete = 0
AND rg.role_id IN
<foreach collection="roleIdList" open="(" close=")" separator="," index="index" item="item">
#{item, jdbcType=LONG}
</foreach>
AND rg.group_id = pg.group_id
AND pg.feature_id = f.id
</select>
</mapper>