wangli/tyr
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Merge remote-tracking branch 'origin/master' into feature/REQ-1696

Browse Source 
# Conflicts:
#	tyr-api/src/main/java/cn/axzo/tyr/client/feign/TyrSaasRoleUserApi.java
#	tyr-server/src/main/java/cn/axzo/tyr/server/controller/roleuser/RoleUserController.java
#	tyr-server/src/main/java/cn/axzo/tyr/server/service/impl/RoleServiceImpl.java
#	tyr-server/src/main/java/cn/axzo/tyr/server/service/impl/RoleUserService.java
This commit is contained in:
陈维伟 2023-12-18 20:40:15 +08:00
commit 4fd8f32f59
39 changed files with 1630 additions and 666 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

17
sql/init.sql Normal file
View File

@ -0,0 +1,17 @@
CREATE TABLE IF NOT EXISTS plat_user_role_job_change
(
id bigint auto_increment comment '主键',
person_id bigint default 0 not null comment '安心筑personId',
request_id varchar(64) default 0 not null comment '请求ID',
change_type varchar(20) default '' not null comment '变更类型',
change_detail varchar(256) default '' not null comment '变更详情',
operator varchar(50) not null comment '变更操作人',
operator_time datetime default CURRENT_TIMESTAMP not null comment '变更时间',
is_delete tinyint default 0 not null comment '未删除0,删除1',
create_at datetime default CURRENT_TIMESTAMP not null comment '创建时间',
update_at datetime default CURRENT_TIMESTAMP not null comment '更新时间',
PRIMARY KEY (`id`)
) ENGINE = InnoDB
DEFAULT CHARSET = utf8 comment '平台账户角色岗位变动记录';
create index idx_plat_user_role_job_change
on plat_user_role_job_change (person_id, operator_time);

47
tyr-api/src/main/java/cn/axzo/tyr/client/feign/PlatUserRoleChangeApi.java Normal file
View File

@ -0,0 +1,47 @@
package cn.axzo.tyr.client.feign;
import cn.axzo.framework.domain.web.result.ApiPageResult;
import cn.axzo.framework.domain.web.result.ApiResult;
import cn.axzo.tyr.client.model.req.GetWorkflowQueryAndUpdatePermissionReq;
import cn.axzo.tyr.client.model.req.PlatAccountChangeLogReq;
import cn.axzo.tyr.client.model.req.PlatAccountChangeQuery;
import cn.axzo.tyr.client.model.res.GetWorkflowQueryAndUpdatePermissionRes;
import cn.axzo.tyr.client.model.res.PlatAccountChangeLogResp;
import org.springframework.cloud.openfeign.FeignClient;
import org.springframework.validation.annotation.Validated;
import org.springframework.web.bind.annotation.GetMapping;
import org.springframework.web.bind.annotation.PathVariable;
import org.springframework.web.bind.annotation.PostMapping;
import org.springframework.web.bind.annotation.RequestBody;
/**
* tyr
*
* @author zuoqinbo
* @version V1.0
* @date 2023/11/23 18:03
*/
@FeignClient(name = "tyr", url = "${axzo.service.tyr:http://tyr:8080}")
public interface PlatUserRoleChangeApi {
/**
* 保存账户变更日志
*
* @param req 户变更日志
* @return
*/
@PostMapping(value = "/api/v1/plat/account/change/log")
ApiResult<Void> savePlatUserAccountChangeLog(@RequestBody @Validated PlatAccountChangeLogReq req);
/**
* 查询平台账户变更日志
*
* @param platAccountChangeQuery 查询条件
* @return 返回账户变动记录列表
*/
@PostMapping(value = "/api/v1/plat/account/change/log/query")
ApiPageResult<PlatAccountChangeLogResp> queryPlatUserAccountChangeLog(@RequestBody @Validated PlatAccountChangeQuery platAccountChangeQuery);
}

18
tyr-api/src/main/java/cn/axzo/tyr/client/feign/SaasRoleGroupApi.java
View File

@ -18,7 +18,7 @@ import java.util.List;
public interface SaasRoleGroupApi {
/**
* 保存/更新
* 保存/更新角色分组
* @return
*/
@PostMapping("/api/saasRoleGroup/save")
@ -29,15 +29,25 @@ public interface SaasRoleGroupApi {
* @return
*/
@PostMapping("/api/saasRoleGroup/getList")
@Deprecated
ApiResult<List<SaasRoleGroupVO>> getList(@RequestBody QuerySaasRoleGroupReq req);
/**
* 查询自定义角色权限分组列表
* @return 返回 角色分组列表
*/
@PostMapping("/api/saasRoleGroup/getRoleGroupList")
ApiResult<List<SaasRoleGroupVO>> getSaasRoleGroupList(@RequestBody QuerySaasRoleGroupReq req);
@PostMapping("/api/saasRoleGroup/getById")
ApiResult<SaasRoleGroupVO> getById(@RequestParam("id") Long id);
/**
* 删除
* 删除角色分组
* @param ids 角色分组ID
* @return 返回删除角色分组状态
*/
@PostMapping("/api/saasRoleGroup//api/saasPermissionGoup/delete")
ApiResult<Void> delete(@RequestBody@NotEmpty List<Long> ids);
@PostMapping("/api/saasRoleGroup/delete")
ApiResult<Void> delete(@RequestParam @NotEmpty List<Long> ids);
}

34
tyr-api/src/main/java/cn/axzo/tyr/client/feign/TyrSaasRoleApi.java
View File

@ -10,6 +10,7 @@ import cn.axzo.tyr.client.model.res.IsSuperAdminRes;
import cn.axzo.tyr.client.model.res.QueryBatchByIdentityIdTypeRes;
import cn.axzo.tyr.client.model.res.QueryRoleByNameResp;
import cn.axzo.tyr.client.model.res.RoleWithUserRes;
import cn.axzo.tyr.client.model.vo.SaasRoleAndGroupVO;
import cn.axzo.tyr.client.model.vo.SaasRoleVO;
import cn.axzo.tyr.client.model.vo.SaveOrUpdateRoleVO;
import org.springframework.cloud.openfeign.FeignClient;
@ -45,6 +46,7 @@ public interface TyrSaasRoleApi {
/**
* 获取角色列表
*
* @return
*/
@PostMapping("/api/saasRole/query")
@ -54,18 +56,33 @@ public interface TyrSaasRoleApi {
* 删除
*/
@PostMapping("/api/saasRole/delete")
ApiResult delete(@RequestBody List<Long> id);
@Deprecated
ApiResult<Void> delete(@RequestBody List<Long> id);
/**
* 删除角色
*
* @param roleIds 待删除角色集合
* @param workSpaceId 待删除角色所属workSpaceId
* @param outId 待删除角色所属单位ID
*/
@PostMapping("/api/saasRole/strict/delete")
ApiResult<Void> deleteRole(@RequestParam(required = true) List<Long> roleIds,
@RequestParam(required = true) Long workSpaceId, @RequestParam(required = true) Long outId);
/**
* 根据身份id身份类型查询权限列表只返回角色信息
*
* @param identityType 身份类型 1:工人 2:班组长 3:从业人员 4:监管人员 5:运营人员
* @return
*/
@GetMapping("/api/saasRole/queryByIdentityIdType")
ApiResult<List<SaasRoleVO>> queryByIdentityIdType(@RequestParam(required = true) Long identityId,@RequestParam(required = true) Integer identityType,@RequestParam(required = true) Long workspaceId,@RequestParam(required = true) Long ouId,@RequestParam(required = true) Boolean includePermissionGroup);
ApiResult<List<SaasRoleVO>> queryByIdentityIdType(@RequestParam(required = true) Long identityId, @RequestParam(required = true) Integer identityType, @RequestParam(required = true) Long workspaceId, @RequestParam(required = true) Long ouId, @RequestParam(required = true) Boolean includePermissionGroup);
/**
* 根据身份id身份类型查询权限列表批量,只返回角色信息
*
* @return
*/
@PostMapping("/api/saasRole/queryBatchByIdentityIdType")
@ -73,6 +90,7 @@ public interface TyrSaasRoleApi {
/**
* 根据身份id身份类型查询是否为超管
*
* @return
*/
@PostMapping("/api/saasRole/isSuperAdmin")
@ -80,14 +98,24 @@ public interface TyrSaasRoleApi {
/**
* 通过角色名字获取角色信息
*
* @return
*/
@PostMapping("/api/saasRole/findRoleByName")
ApiResult<List<QueryRoleByNameResp>> findRoleByName(@RequestBody @Valid QueryRoleByNameReq req);
/** 分页查询角色含用户 **/
/**
* 分页查询角色含用户
**/
@PostMapping("/api/saasRole/queryWithUser")
ApiPageResult<RoleWithUserRes> queryRoleWithUser(@RequestBody RoleWithUserQueryReq req);
/**
* 通过工作台类型获取对应的标准角
*/
@GetMapping("/api/saasRole/queryByWorkspaceType")
ApiResult<List<SaasRoleAndGroupVO>> queryInitRoleByWorkspaceId(@RequestParam("workspaceType") String workspaceType);
}

6
tyr-api/src/main/java/cn/axzo/tyr/client/feign/TyrSaasRoleUserApi.java
View File

@ -1,5 +1,7 @@
package cn.axzo.tyr.client.feign;
import cn.axzo.basics.common.page.PageRequest;
import cn.axzo.framework.domain.web.result.ApiPageResult;
import cn.axzo.framework.domain.web.result.ApiResult;
import cn.axzo.tyr.client.model.roleuser.dto.SaasRoleUserDTO;
import cn.axzo.tyr.client.model.roleuser.dto.SuperAminInfoResp;
@ -68,6 +70,10 @@ public interface TyrSaasRoleUserApi {
@PostMapping("/api/saas-role-user/batch-super-admin-list")
ApiResult<List<SuperAminInfoResp>> batchSuperAdminList(@RequestBody @Valid List<SuperAdminParam> param);
/** 分页查询角色用户数据 多条件 最大分页100**/
@PostMapping("/api/saas-role-user/page")
ApiPageResult<SaasRoleUserDTO> pageQuery(@RequestBody @Valid RoleUserParam param);
/**
* 根据id删除用户角色关联关系
* @return

2
tyr-api/src/main/java/cn/axzo/tyr/client/model/dict/response/BasicDictNodeResp.java
View File

@ -22,7 +22,7 @@ public class BasicDictNodeResp {
private String workspaceType;
/**
* 类型"ouType", "terminal"
* 类型"ouType", "terminal" identity
*/
private String type;

39
tyr-api/src/main/java/cn/axzo/tyr/client/model/enums/ChangeActionType.java Normal file
View File

@ -0,0 +1,39 @@
package cn.axzo.tyr.client.model.enums;
import lombok.AllArgsConstructor;
import lombok.Getter;
/**
* 账户变更类型
*
* @author zuoqinbo
* @version V1.0
* @Date 2023/11/24 11:05
*/
@Getter
@AllArgsConstructor
public enum ChangeActionType {
/**
* 加入
*/
JOIN("join", "加入"),
/**
* 添加
*/
ADD("add", "添加"),
/**
* 变更
*/
CHANGE("change", "变更"),
/**
* 移除
*/
REMOVE("remove", "移除"),
;
private final String code;
private final String desc;
}

40
tyr-api/src/main/java/cn/axzo/tyr/client/model/enums/ChangeType.java Normal file
View File

@ -0,0 +1,40 @@
package cn.axzo.tyr.client.model.enums;
import lombok.AllArgsConstructor;
import lombok.Getter;
import java.util.HashMap;
import java.util.Map;
/**
* 账户变更类型
*
* @version V1.0
* @author: zuoqinbo
* @date: 2023/11/24 11:05
*/
@Getter
@AllArgsConstructor
public enum ChangeType {
/**
* 离职
*/
DIMISSION("dimission", "离职"),
/**
* 角色变动
*/
ROLE_CHANGE("role_change", "角色变动"),
/**
* 部门变动
*/
ORGANIZATION_CHANGE("organization_change", "部门变动"),
/**
* 岗位变动
*/
JOB_CHANGE("job_change", "岗位变动"),
;
private String code;
private String desc;
}

3
tyr-api/src/main/java/cn/axzo/tyr/client/model/enums/DictTypeFiledEnum.java
View File

@ -28,7 +28,8 @@ public enum DictTypeFiledEnum {
/**
* 工作台
*/
WORKSPACE("workspace","工作台")
WORKSPACE("workspace","工作台"),
IDENTITY("identity","身份"),
;
@EnumValue

3
tyr-api/src/main/java/cn/axzo/tyr/client/model/req/IdentityAuthReq.java
View File

@ -56,6 +56,9 @@ public class IdentityAuthReq {
@Builder.Default
private Set<String> featureCode = new HashSet<>();
/** 指定角色ID - 预览用,不需要用户已配置角色 **/
private Set<Long> specifyRoleIds;
@Data
@Builder

2
tyr-api/src/main/java/cn/axzo/tyr/client/model/req/OUWorkspacePair.java
View File

@ -5,7 +5,7 @@ import lombok.Data;
import javax.validation.constraints.NotNull;
/**
* OU和wokspace对
* OU和workspace对
*
* @version V1.0
* @author: ZhanSiHu

64
tyr-api/src/main/java/cn/axzo/tyr/client/model/req/PlatAccountChangeLogReq.java Normal file
View File

@ -0,0 +1,64 @@
package cn.axzo.tyr.client.model.req;
import lombok.AllArgsConstructor;
import lombok.Builder;
import lombok.Data;
import lombok.NoArgsConstructor;
import javax.validation.constraints.NotEmpty;
import javax.validation.constraints.NotNull;
import java.util.Date;
/**
* PlatAccountChangeLogReq
*
* @author zuoqinbo
* @version V1.0
* @date 2023/11/23 18:03
*/
@Data
@Builder
@AllArgsConstructor
@NoArgsConstructor
public class PlatAccountChangeLogReq {
/**
* 安心筑id
*/
@NotNull(message = "personId is required")
private Long personId;
/**
* 请求ID
*/
private String requestId;
/**
* 变更类型
*
* @see cn.axzo.tyr.client.model.enums.ChangeType
*/
@NotEmpty(message = "changeType is required")
private String changeType;
/**
* 变更详情
* 变更动作:变更模板
*
* @see cn.axzo.tyr.client.model.enums.ChangeActionType
*/
@NotEmpty(message = "changeDetail is required")
private String changeDetail;
/**
* operator
*/
@NotEmpty(message = "operator is required")
private String operator;
/**
* 变更时间
*/
private Date operatorTime;
}

29
tyr-api/src/main/java/cn/axzo/tyr/client/model/req/PlatAccountChangeQuery.java Normal file
View File

@ -0,0 +1,29 @@
package cn.axzo.tyr.client.model.req;
import cn.axzo.core.domain.PageRequest;
import lombok.Builder;
import lombok.Data;
import javax.validation.constraints.NotEmpty;
import javax.validation.constraints.NotNull;
import java.util.Date;
/**
* PlatAccountChangeLogReq
*
* @author zuoqinbo
* @version V1.0
* @date 2023/11/23 18:03
*/
@Data
public class PlatAccountChangeQuery extends PageRequest {
/**
* 安心筑personId
*/
@NotNull(message = "personId is required")
private Long personId;
}

22
tyr-api/src/main/java/cn/axzo/tyr/client/model/req/RoleWithUserQueryReq.java
View File

@ -15,15 +15,29 @@ import java.util.List;
@Data
public class RoleWithUserQueryReq extends PageRequest {
/** 查询关键字 **/
/**
* 查询关键字
**/
private String keyword;
/** 企业组织ID **/
/**
* 企业组织ID
**/
private Long ouId;
/** 工作台ID **/
/**
* 工作台ID
**/
private Long workspaceId;
/** 企业工作台参建类型 **/
/**
* 企业工作台参建类型
**/
private Integer workspaceJoinType;
/**
* 角色ID
**/
private Long roleId;
}

54
tyr-api/src/main/java/cn/axzo/tyr/client/model/res/PlatAccountChangeLogResp.java Normal file
View File

@ -0,0 +1,54 @@
package cn.axzo.tyr.client.model.res;
import lombok.AllArgsConstructor;
import lombok.Builder;
import lombok.Data;
import lombok.NoArgsConstructor;
import java.util.Date;
/**
* PlatAccountChangeLogReq
*
* @author zuoqinbo
* @version V1.0
* @date 2023/11/23 18:03
*/
@Data
@Builder
@AllArgsConstructor
@NoArgsConstructor
public class PlatAccountChangeLogResp {
/**
* 安心筑用户personId
*/
private Long personId;
/**
* requestId
*/
private String requestId;
/**
* 变更类型
* @see cn.axzo.tyr.client.model.enums.ChangeType
*/
private String changeType;
/**
* 变更详情
*/
private String changeDetail;
/**
* operator
*/
private String operator;
/**
* 变更时间
*/
private Date operatorTime;
}

10
tyr-api/src/main/java/cn/axzo/tyr/client/model/roleuser/req/RoleUserParam.java
View File

@ -1,11 +1,13 @@
package cn.axzo.tyr.client.model.roleuser.req;
import cn.axzo.basics.common.page.PageRequest;
import cn.axzo.tyr.client.model.enums.IdentityType;
import lombok.AllArgsConstructor;
import lombok.Builder;
import lombok.Data;
import lombok.NoArgsConstructor;
import java.util.List;
import java.util.Set;
/**
@ -16,7 +18,7 @@ import java.util.Set;
@Builder
@AllArgsConstructor
@NoArgsConstructor
public class RoleUserParam {
public class RoleUserParam extends PageRequest {
/**
* 工作台id
*/
@ -54,4 +56,10 @@ public class RoleUserParam {
* identityIds
*/
private Set<Long> identityIds;
/** ouId列表**/
private List<Long> ouIds;
/** 工作台ID列表 **/
private List<Long> workspaceIds;
}

12
tyr-api/src/main/java/cn/axzo/tyr/client/model/roleuser/req/RoleUserReq.java
View File

@ -57,4 +57,16 @@ public class RoleUserReq {
*/
private Set<Long> updateRoleIds;
/**
* 是否合并当前已存在的角色
* 适用于角色更新或者角色新增
*/
private boolean mergeExistsRoles;
/**
* 该请求是否是权限回收
*/
private boolean isRecycleModel;
}

31
tyr-api/src/main/java/cn/axzo/tyr/client/model/vo/SaasRoleAndGroupVO.java Normal file
View File

@ -0,0 +1,31 @@
package cn.axzo.tyr.client.model.vo;
import lombok.AllArgsConstructor;
import lombok.Builder;
import lombok.Data;
import lombok.NoArgsConstructor;
import java.util.List;
/**
* @author tanjie@axzo.cn
* @date 2023/11/16 16:25
*/
@Data
@Builder
@AllArgsConstructor
@NoArgsConstructor
public class SaasRoleAndGroupVO {
/**
* 单位类型CODE
*/
private String ouTypeCode;
/**
* 单位类型名称
*/
private String ouTypeName;
/**
* 对应角色不包括权限
*/
private List<SaasRoleVO> simpleSaasRole;
}

2
tyr-api/src/main/java/cn/axzo/tyr/client/model/vo/SaasRoleVO.java
View File

@ -65,7 +65,7 @@ public class SaasRoleVO {
*
* @return
*/
public List<PermissionPointTreeNode> getFeature() {
public List<PermissionPointTreeNode> currentFeature() {
return this.permissionGroup.stream().map(SaasPermissionGroupVO::getFeature).flatMap(List::stream).distinct().collect(Collectors.toList());
}

6
tyr-api/src/main/java/cn/axzo/tyr/client/model/vo/SaveOrUpdateRoleVO.java
View File

@ -58,7 +58,7 @@ public class SaveOrUpdateRoleVO {
/**
* 选中的权限点id
*/
@NotNull
@NotNull(message = "权限点ID不能为空")
private List<Long> selectedPPIds;
@Data
@ -67,13 +67,13 @@ public class SaveOrUpdateRoleVO {
/**
* 角色分组id
*/
@NotNull
@NotNull(message = "角色分组ID不能为空")
private Long id;
/**
* 项目部类型字典code
*/
@NotNull
@NotNull(message = "workspaceTypeCode不能为空")
private String workspaceTypeCode;
}
}

51
tyr-server/src/main/java/cn/axzo/tyr/server/config/exception/ExceptionAdviceHandler.java Normal file
View File

@ -0,0 +1,51 @@
package cn.axzo.tyr.server.config.exception;
import cn.axzo.basics.common.exception.ServiceException;
import cn.axzo.framework.domain.web.result.ApiResult;
import lombok.extern.slf4j.Slf4j;
import org.springframework.core.annotation.Order;
import org.springframework.util.CollectionUtils;
import org.springframework.validation.BindException;
import org.springframework.validation.ObjectError;
import org.springframework.web.bind.annotation.ExceptionHandler;
import org.springframework.web.bind.annotation.RestControllerAdvice;
import java.util.List;
/**
* Controller异常
* @author zuoqinbo
* @version V1.0
* @date 2023/10/11 9:44
*/
@Order(value = 0)
@RestControllerAdvice
@Slf4j
public class ExceptionAdviceHandler {
@ExceptionHandler(cn.axzo.framework.domain.ServiceException.class)
public ApiResult<Void> basicsServiceExceptionHandler(ServiceException e) {
log.warn("业务异常", e);
return ApiResult.err(e.getMessage());
}
@ExceptionHandler(cn.axzo.basics.common.exception.ServiceException.class)
public ApiResult<Void> coreServiceExceptionHandler(cn.axzo.basics.common.exception.ServiceException e) {
log.warn("业务异常", e);
return ApiResult.err(e.getMessage());
}
@ExceptionHandler(BindException.class)
public ApiResult<Void> bindExceptionHandler(BindException e) {
log.warn("业务异常", e);
List<ObjectError> allErrors = e.getBindingResult().getAllErrors();
if (CollectionUtils.isEmpty(allErrors)) {
return ApiResult.err("操作失败 请联系系统管理员");
}
ObjectError objectError = allErrors.get(0);
String objectErrorDefaultMessage = objectError.getDefaultMessage();
return ApiResult.err(objectErrorDefaultMessage);
}
}

41
tyr-server/src/main/java/cn/axzo/tyr/server/controller/change/PlatUserRoleChangeController.java Normal file
View File

@ -0,0 +1,41 @@
package cn.axzo.tyr.server.controller.change;
import cn.axzo.framework.domain.web.result.ApiPageResult;
import cn.axzo.framework.domain.web.result.ApiResult;
import cn.axzo.tyr.client.feign.PlatUserRoleChangeApi;
import cn.axzo.tyr.client.model.req.PlatAccountChangeLogReq;
import cn.axzo.tyr.client.model.req.PlatAccountChangeQuery;
import cn.axzo.tyr.client.model.res.PlatAccountChangeLogResp;
import cn.axzo.tyr.server.service.impl.PlatUserRoleChangeService;
import lombok.RequiredArgsConstructor;
import lombok.extern.slf4j.Slf4j;
import org.springframework.web.bind.annotation.RestController;
import javax.annotation.Resource;
/**
* tyr
*
* @author zuoqinbo
* @version V1.0
* @date 2023/11/23 18:27
*/
@Slf4j
@RestController
@RequiredArgsConstructor
public class PlatUserRoleChangeController implements PlatUserRoleChangeApi {
@Resource
private PlatUserRoleChangeService roleChangeService;
@Override
public ApiResult<Void> savePlatUserAccountChangeLog(PlatAccountChangeLogReq accountChangeLog) {
roleChangeService.savePlatUserAccountChangeLog(accountChangeLog);
return ApiResult.ok();
}
@Override
public ApiPageResult<PlatAccountChangeLogResp> queryPlatUserAccountChangeLog(PlatAccountChangeQuery platAccountChangeQuery) {
return roleChangeService.queryPlatUserAccountChangeLog(platAccountChangeQuery);
}
}

30
tyr-server/src/main/java/cn/axzo/tyr/server/controller/role/SaasRoleController.java
View File

@ -12,6 +12,7 @@ import cn.axzo.tyr.client.model.res.IsSuperAdminRes;
import cn.axzo.tyr.client.model.res.QueryBatchByIdentityIdTypeRes;
import cn.axzo.tyr.client.model.res.QueryRoleByNameResp;
import cn.axzo.tyr.client.model.res.RoleWithUserRes;
import cn.axzo.tyr.client.model.vo.SaasRoleAndGroupVO;
import cn.axzo.tyr.client.model.vo.SaasRoleVO;
import cn.axzo.tyr.client.model.vo.SaveOrUpdateRoleVO;
import cn.axzo.tyr.server.service.RoleService;
@ -27,9 +28,9 @@ import java.util.List;
/**
* 权限
*
* @author ZhanSiHu
* @version V1.0
* @author: ZhanSiHu
* @date: 2023/9/6 14:55
* @date 2023/9/6 14:55
*/
@Slf4j
@RestController
@ -47,9 +48,9 @@ public class SaasRoleController implements TyrSaasRoleApi {
@Override
public ApiResult<SaasRoleVO> getById(Long id) {
QuerySaasRoleReq query = QuerySaasRoleReq.builder()
.ids(Lists.newArrayList(id))
.includePermissionGroup(true)
.build();
.ids(Lists.newArrayList(id))
.includePermissionGroup(true)
.build();
List<SaasRoleVO> saasRoles = roleService.query(query);
if (CollectionUtils.isNotEmpty(saasRoles)) {
return ApiResult.ok(saasRoles.get(0));
@ -63,13 +64,19 @@ public class SaasRoleController implements TyrSaasRoleApi {
}
@Override
public ApiResult delete(List<Long> id) {
return null;
public ApiResult<Void> deleteRole(List<Long> roleIds, Long workSpaceId, Long outId) {
roleService.deleteRole(roleIds, workSpaceId, outId);
return ApiResult.ok();
}
@Override
public ApiResult<List<SaasRoleVO>> queryByIdentityIdType(Long identityId, Integer identityType,Long workspaceId,Long ouId,Boolean includePermissionGroup) {
return ApiResult.ok(roleService.queryByIdentityIdType(identityId, identityType,workspaceId,ouId, includePermissionGroup));
public ApiResult<Void> delete(List<Long> roleIds) {
return ApiResult.ok();
}
@Override
public ApiResult<List<SaasRoleVO>> queryByIdentityIdType(Long identityId, Integer identityType, Long workspaceId, Long ouId, Boolean includePermissionGroup) {
return ApiResult.ok(roleService.queryByIdentityIdType(identityId, identityType, workspaceId, ouId, includePermissionGroup));
}
@Override
@ -92,4 +99,9 @@ public class SaasRoleController implements TyrSaasRoleApi {
return ApiPageResult.ok(roleService.queryRoleWithUser(req));
}
@Override
public ApiResult<List<SaasRoleAndGroupVO>> queryInitRoleByWorkspaceId(String workspaceType) {
return ApiResult.ok(roleService.queryInitRoleByWorkspaceId(workspaceType));
}
}

5
tyr-server/src/main/java/cn/axzo/tyr/server/controller/role/SaasRoleGroupController.java
View File

@ -31,6 +31,11 @@ public class SaasRoleGroupController implements SaasRoleGroupApi {
return ApiResult.ok(saasRoleGroupService.getList(req));
}
@Override
public ApiResult<List<SaasRoleGroupVO>> getSaasRoleGroupList(QuerySaasRoleGroupReq req) {
return ApiResult.ok(saasRoleGroupService.getRoleGroupList(req));
}
@Override
public ApiResult<SaasRoleGroupVO> getById(Long id) {
List<SaasRoleGroupVO> roleGroups = saasRoleGroupService.getList(QuerySaasRoleGroupReq.builder().ids(Lists.newArrayList(id)).build());

6
tyr-server/src/main/java/cn/axzo/tyr/server/controller/roleuser/RoleUserController.java
View File

@ -1,6 +1,7 @@
package cn.axzo.tyr.server.controller.roleuser;
import cn.axzo.basics.common.util.AssertUtil;
import cn.axzo.framework.domain.web.result.ApiPageResult;
import cn.axzo.framework.domain.web.result.ApiResult;
import cn.axzo.pokonyan.config.mybatisplus.BaseEntity;
import cn.axzo.tyr.client.feign.TyrSaasRoleUserApi;
@ -102,4 +103,9 @@ public class RoleUserController implements TyrSaasRoleUserApi {
public ApiResult<List<Long>> getSpecialRole() {
return ApiResult.ok(saasRoleUserService.getSpecialRole());
}
@Override
public ApiPageResult<SaasRoleUserDTO> pageQuery(RoleUserParam param) {
return ApiPageResult.ok(saasRoleUserRelationService.pageQuery(param));
}
}

18
tyr-server/src/main/java/cn/axzo/tyr/server/repository/dao/PlatUserRoleChangeDao.java Normal file
View File

@ -0,0 +1,18 @@
package cn.axzo.tyr.server.repository.dao;
import cn.axzo.tyr.server.repository.entity.PlatUserAccountChangeLog;
import cn.axzo.tyr.server.repository.mapper.PlatUserAccountChangeMapper;
import com.baomidou.mybatisplus.extension.service.impl.ServiceImpl;
import org.springframework.stereotype.Repository;
/**
* tyr
*
* @author zuoqinbo
* @version V1.0
* @date 2023/11/23 18:28
*/
@Repository
public class PlatUserRoleChangeDao extends ServiceImpl<PlatUserAccountChangeMapper, PlatUserAccountChangeLog> {
}

2
tyr-server/src/main/java/cn/axzo/tyr/server/repository/dao/SaasRoleDao.java
View File

@ -34,7 +34,7 @@ public class SaasRoleDao extends ServiceImpl<SaasRoleMapper, SaasRole> {
public void delete(List<Long> id) {
lambdaUpdate()
.in(BaseEntity::getId,id)
.set(BaseEntity::getIsDelete,id)
.set(BaseEntity::getIsDelete,TableIsDeleteEnum.DELETE.value)
.update();
}

16
tyr-server/src/main/java/cn/axzo/tyr/server/repository/dao/SaasRoleGroupRelationDao.java
View File

@ -25,5 +25,21 @@ public class SaasRoleGroupRelationDao extends ServiceImpl<SaasRoleGroupRelationM
.set(BaseEntity::getIsDelete, TableIsDeleteEnum.DELETE.value)
.update();
}
public List<SaasRoleGroupRelation> getByGroupIds(List<Long> groupIds) {
return lambdaQuery().in(SaasRoleGroupRelation::getSaasRoleGroupId, groupIds)
.eq(BaseEntity::getIsDelete, 0)
.list();
}
public void deleteGroupRelation(List<Long> roleIds) {
if (CollectionUtils.isEmpty(roleIds)) {
return ;
}
lambdaUpdate()
.in(SaasRoleGroupRelation::getRoleId,roleIds)
.set(BaseEntity::getIsDelete,1L)
.update();
}
}

68
tyr-server/src/main/java/cn/axzo/tyr/server/repository/entity/PlatUserAccountChangeLog.java Normal file
View File

@ -0,0 +1,68 @@
package cn.axzo.tyr.server.repository.entity;
import cn.axzo.pokonyan.config.mybatisplus.BaseEntity;
import com.baomidou.mybatisplus.annotation.TableField;
import com.baomidou.mybatisplus.annotation.TableName;
import com.baomidou.mybatisplus.extension.handlers.JacksonTypeHandler;
import lombok.AllArgsConstructor;
import lombok.Builder;
import lombok.Data;
import lombok.NoArgsConstructor;
import org.apache.ibatis.type.BooleanTypeHandler;
import java.io.Serializable;
import java.util.Date;
import java.util.Map;
/**
* @author zuoqinbo
* @date 2023/11/23 17:39
* @description 账号异动记录
* @modifiedBy
* @version: 1.0
*/
@Data
@Builder
@AllArgsConstructor
@NoArgsConstructor
@TableName("plat_user_role_job_change")
public class PlatUserAccountChangeLog extends BaseEntity<PlatUserAccountChangeLog> {
/**
* 安心筑personId
*/
@TableField(value = "person_id")
private Long personId;
/**
* 请求Id
*/
@TableField(value = "request_id")
private String requestId;
/**
* 变更类型
*/
@TableField(value = "change_type")
private String changeType;
/**
* 变更详情
*/
@TableField(value = "change_detail")
private String changeDetail;
/**
* operator
*/
@TableField(value = "operator")
private String operator;
/**
* 变更时间
*/
@TableField(value = "operator_time")
private Date operatorTime;
}

17
tyr-server/src/main/java/cn/axzo/tyr/server/repository/mapper/PlatUserAccountChangeMapper.java Normal file
View File

@ -0,0 +1,17 @@
package cn.axzo.tyr.server.repository.mapper;
import cn.axzo.tyr.server.repository.entity.PlatUserAccountChangeLog;
import cn.axzo.tyr.server.repository.entity.ProductModule;
import com.baomidou.mybatisplus.core.mapper.BaseMapper;
import org.apache.ibatis.annotations.Mapper;
/**
* tyr
*
* @author zuoqinbo
* @version V1.0
* @date 2023/11/23 18:34
*/
@Mapper
public interface PlatUserAccountChangeMapper extends BaseMapper<PlatUserAccountChangeLog> {
}

12
tyr-server/src/main/java/cn/axzo/tyr/server/service/RoleService.java
View File

@ -7,6 +7,7 @@ import cn.axzo.tyr.client.model.res.IsSuperAdminRes;
import cn.axzo.tyr.client.model.res.QueryBatchByIdentityIdTypeRes;
import cn.axzo.tyr.client.model.res.QueryRoleByNameResp;
import cn.axzo.tyr.client.model.res.RoleWithUserRes;
import cn.axzo.tyr.client.model.vo.SaasRoleAndGroupVO;
import cn.axzo.tyr.client.model.vo.SaasRoleVO;
import cn.axzo.tyr.client.model.vo.SaveOrUpdateRoleVO;
import cn.axzo.tyr.server.repository.entity.SaasRole;
@ -74,4 +75,15 @@ public interface RoleService {
List<SaasRoleVO> queryRoleByRoleTypes(QueryByIdentityIdTypeReq req, List<String> roleTypes);
List<SaasRole> listForOUWorkspace(Long ouId, Long workspaceId, Integer workspaceJoinType);
List<SaasRoleAndGroupVO> queryInitRoleByWorkspaceId(String workspaceType);
/**
* 删除角色列表
* @param roleIds 待删除角色集合
* @param workSpaceId 待删除角色所属workSpaceId
* @param outId 待删除角色所属单位ID
*/
void deleteRole(List<Long> roleIds,Long workSpaceId,Long outId);
}

16
tyr-server/src/main/java/cn/axzo/tyr/server/service/SaasRoleGroupService.java
View File

@ -4,10 +4,24 @@ import cn.axzo.tyr.client.model.req.QuerySaasRoleGroupReq;
import cn.axzo.tyr.client.model.vo.SaasRoleGroupVO;
import java.util.List;
/**
* @author zuoqinbo
* @version 1.0
* @description
* @date 2023/12/1 16:37
*/
public interface SaasRoleGroupService {
List<SaasRoleGroupVO> getList(QuerySaasRoleGroupReq req);
/**
* 查询自定义角色分组
* @param req 角色分组参数
* @return 角色分组列表
*/
List<SaasRoleGroupVO> getRoleGroupList(QuerySaasRoleGroupReq req);
Long saveOrUpdate(SaasRoleGroupVO req);
void delete(List<Long> ids);

3
tyr-server/src/main/java/cn/axzo/tyr/server/service/SaasRoleUserRelationService.java
View File

@ -1,5 +1,6 @@
package cn.axzo.tyr.server.service;
import cn.axzo.framework.domain.page.PageResp;
import cn.axzo.tyr.client.model.roleuser.dto.SaasRoleUserDTO;
import cn.axzo.tyr.client.model.roleuser.req.RoleUserParam;
@ -11,4 +12,6 @@ import java.util.List;
*/
public interface SaasRoleUserRelationService {
List<SaasRoleUserDTO> list(RoleUserParam param);
PageResp<SaasRoleUserDTO> pageQuery(RoleUserParam param);
}

66
tyr-server/src/main/java/cn/axzo/tyr/server/service/impl/PlatUserRoleChangeService.java Normal file
View File

@ -0,0 +1,66 @@
package cn.axzo.tyr.server.service.impl;
import cn.axzo.basics.common.BeanMapper;
import cn.axzo.framework.domain.ServiceException;
import cn.axzo.framework.domain.page.PageResp;
import cn.axzo.framework.domain.web.result.ApiPageResult;
import cn.axzo.pokonyan.config.mybatisplus.BaseEntity;
import cn.axzo.tyr.client.model.product.ProductVO;
import cn.axzo.tyr.client.model.req.PlatAccountChangeLogReq;
import cn.axzo.tyr.client.model.req.PlatAccountChangeQuery;
import cn.axzo.tyr.client.model.res.PlatAccountChangeLogResp;
import cn.axzo.tyr.server.repository.dao.PlatUserRoleChangeDao;
import cn.axzo.tyr.server.repository.dao.SaasFeatureDao;
import cn.axzo.tyr.server.repository.entity.PlatUserAccountChangeLog;
import cn.axzo.tyr.server.repository.entity.ProductModule;
import cn.axzo.tyr.server.repository.entity.SaasProductModuleFeatureRelation;
import com.alibaba.nacos.common.utils.UuidUtils;
import com.baomidou.mybatisplus.core.metadata.IPage;
import lombok.RequiredArgsConstructor;
import lombok.extern.slf4j.Slf4j;
import org.apache.commons.lang.StringUtils;
import org.springframework.beans.BeanUtils;
import org.springframework.stereotype.Service;
import java.util.Date;
import java.util.List;
/**
* tyr
*
* @author zuoqinbo
* @version V1.0
* @date 2023/11/23 18:28
*/
@Slf4j
@RequiredArgsConstructor
@Service
public class PlatUserRoleChangeService {
private final PlatUserRoleChangeDao userRoleChangeDao;
public void savePlatUserAccountChangeLog(PlatAccountChangeLogReq accountChangeLog) {
PlatUserAccountChangeLog platUserAccountChangeLog = new PlatUserAccountChangeLog();
BeanUtils.copyProperties(accountChangeLog, platUserAccountChangeLog);
if (platUserAccountChangeLog.getOperatorTime() == null) {
platUserAccountChangeLog.setOperatorTime(new Date());
}
if (platUserAccountChangeLog.getRequestId() == null) {
platUserAccountChangeLog.setRequestId(UuidUtils.generateUuid());
}
userRoleChangeDao.saveOrUpdate(platUserAccountChangeLog);
}
public ApiPageResult<PlatAccountChangeLogResp> queryPlatUserAccountChangeLog(PlatAccountChangeQuery platAccountChangeQuery) {
if (platAccountChangeQuery.getPersonId() == null) {
throw new ServiceException("PersonId不能为空");
}
IPage<PlatUserAccountChangeLog> page = userRoleChangeDao.lambdaQuery()
.eq(PlatUserAccountChangeLog::getPersonId, platAccountChangeQuery.getPersonId())
.orderByDesc(BaseEntity::getUpdateAt)
.page(platAccountChangeQuery.toPage());
List<PlatAccountChangeLogResp> list = BeanMapper.copyList(page.getRecords(), PlatAccountChangeLogResp.class);
PageResp<PlatAccountChangeLogResp> data = PageResp.list(page.getCurrent(), page.getSize(), page.getTotal(), list);
return ApiPageResult.ok(data);
}
}

1015
tyr-server/src/main/java/cn/axzo/tyr/server/service/impl/RoleServiceImpl.java
View File

File diff suppressed because it is too large Load Diff

371
tyr-server/src/main/java/cn/axzo/tyr/server/service/impl/RoleUserService.java
View File

@ -43,9 +43,12 @@ import java.util.stream.Collectors;
@RefreshScope
public class RoleUserService implements SaasRoleUserService {
private final SaasRoleUserRelationDao roleUserRelationDao;
private final SaasRoleDao saasRoleDao;
private final SaasRoleUserRelationDao roleUserRelationDao;
private final SaasRoleDao saasRoleDao;
@Override
@Transactional(rollbackFor = Exception.class)
public void saveOrUpdate(RoleUserReq req) {
// 单位类型默认角色关系,后面可以座位管理员的逻辑进行迭代
@Value("${#{${participateUnitDefaultRoleIdList:{}}}:}")
public Map<Integer,Long> participateUnitDefaultRoleId;
@ -68,202 +71,212 @@ public class RoleUserService implements SaasRoleUserService {
@Transactional(rollbackFor = Exception.class)
public void saveOrUpdate(RoleUserReq req) {
Set<Long> updateRoleIds = req.getUpdateRoleIds();
// 角色校验(不能将角色修改为管理员角色)
if(CollectionUtils.isNotEmpty(updateRoleIds)){
List<SaasRole> roles = saasRoleDao.listByIds(updateRoleIds);
if (roles.stream().anyMatch(e -> RoleTypeEnum.getRoleType(e.getRoleType()).isAdminRole())) {
throw new ServiceException("暂不支持更换管理员角色");
}
}
Set<Long> updateRoleIds = req.getUpdateRoleIds();
// 角色校验(不能将角色修改为管理员角色)
if (CollectionUtils.isNotEmpty(updateRoleIds)) {
List<SaasRole> roles = saasRoleDao.listByIds(updateRoleIds);
if (roles.stream().anyMatch(e -> RoleTypeEnum.getRoleType(e.getRoleType()).isAdminRole())) {
throw new ServiceException("暂不支持更换/移除管理员角色");
}
}
// 查询用户所有角色
List<SaasRoleUserRelation> existsRoleUser = roleUserRelationDao.query(req.getIdentityId(), req.getIdentityType().getCode(), req.getWorkspaceId(), req.getOuId());
// 当前用户非超管的角色
List<Long> notAdminRole = Collections.emptyList();
if (CollectionUtils.isNotEmpty(existsRoleUser)) {
List<SaasRole> existsRole = saasRoleDao.listByIds(existsRoleUser.stream().mapToLong(SaasRoleUserRelation::getRoleId).boxed().collect(Collectors.toList()));
// 管理员角色
List<Long> adminRole = existsRole.stream().filter(e -> RoleTypeEnum.getRoleType(e.getRoleType()).isAdminRole()).mapToLong(SaasRole::getId).boxed().collect(Collectors.toList());
// 排除管理员角色(普通角色) 这里用过滤的方式是为了防止脏数据产生(saas_role_user_relation表有用户数据但是角色表已经被删除)
notAdminRole = existsRoleUser.stream().mapToLong(SaasRoleUserRelation::getRoleId).boxed().filter(roleId -> !adminRole.contains(roleId)).collect(Collectors.toList());
// 查询用户所有角色
List<SaasRoleUserRelation> existsRoleUser = roleUserRelationDao.query(req.getIdentityId(), req.getIdentityType().getCode(), req.getWorkspaceId(), req.getOuId());
// 当前用户非超管的角色
List<Long> notAdminRole = Collections.emptyList();
if (CollectionUtils.isNotEmpty(existsRoleUser)) {
List<SaasRole> existsRole = saasRoleDao.listByIds(existsRoleUser.stream().mapToLong(SaasRoleUserRelation::getRoleId).boxed().collect(Collectors.toList()));
// 管理员角色
List<Long> adminRole = existsRole.stream().filter(e -> RoleTypeEnum.getRoleType(e.getRoleType()).isAdminRole()).mapToLong(SaasRole::getId).boxed().collect(Collectors.toList());
// 排除管理员角色(普通角色) 这里用过滤的方式是为了防止脏数据产生(saas_role_user_relation表有用户数据但是角色表已经被删除)
notAdminRole = existsRoleUser.stream().mapToLong(SaasRoleUserRelation::getRoleId).boxed().filter(roleId -> !adminRole.contains(roleId)).collect(Collectors.toList());
// 排除分包负责人等角色
if (CollectionUtils.isNotEmpty(notAdminRole) && participateUnitDefaultRoleId != null && participateUnitDefaultRoleId.size() > 0) {
notAdminRole = notAdminRole.stream().filter(e-> !participateUnitDefaultRoleId.values().contains(e)).collect(Collectors.toList());
}
}
}
BaseWorkspaceModel workspaceModel = BaseWorkspaceModel.builder()
.workspaceId(req.getWorkspaceId()).ouId(req.getOuId())
.identityId(req.getIdentityId()).identityType(req.getIdentityType())
.build();
// 删除现有非管理员的角色
if (CollectionUtils.isNotEmpty(notAdminRole)) {
//如果该接口支持 权限回收那么参数UpdateRoleIds就是待删除的权限合集
if (req.isRecycleModel()) {
notAdminRole.clear();
//回收角色权限,只移除用户传参的权限
notAdminRole.addAll(req.getUpdateRoleIds());
roleUserRelationDao.deleteByUser(workspaceModel, notAdminRole);
return;
}
roleUserRelationDao.deleteByUser(workspaceModel, notAdminRole);
}
if(req.isMergeExistsRoles()){
//合并新的角色和老的角色
updateRoleIds.addAll(notAdminRole);
}
// 清空所有角色
if (CollectionUtil.isEmpty(updateRoleIds)) {
return;
}
BaseWorkspaceModel workspaceModel = BaseWorkspaceModel.builder()
.workspaceId(req.getWorkspaceId()).ouId(req.getOuId())
.identityId(req.getIdentityId()).identityType(req.getIdentityType())
.build();
roleUserRelationDao.saveBatch(updateRoleIds.stream().map(e -> {
SaasRoleUserRelation saasRoleUserRelation = new SaasRoleUserRelation();
saasRoleUserRelation.setIdentityId(req.getIdentityId());
saasRoleUserRelation.setIdentityType(req.getIdentityType().getCode());
saasRoleUserRelation.setRoleId(e);
saasRoleUserRelation.setNaturalPersonId(req.getPersonId());
saasRoleUserRelation.setNaturalPersonId(req.getPersonId());
saasRoleUserRelation.setOuId(req.getOuId());
saasRoleUserRelation.setWorkspaceId(req.getWorkspaceId());
return saasRoleUserRelation;
}).collect(Collectors.toList()));
// 删除现有非管理员的角色
if (CollectionUtils.isNotEmpty(notAdminRole)) {
roleUserRelationDao.deleteByUser(workspaceModel, notAdminRole);
}
// 清空所有角色
if (CollectionUtil.isEmpty(updateRoleIds)) {
return;
}
}
roleUserRelationDao.saveBatch(updateRoleIds.stream().map(e -> {
SaasRoleUserRelation saasRoleUserRelation = new SaasRoleUserRelation();
saasRoleUserRelation.setIdentityId(req.getIdentityId());
saasRoleUserRelation.setIdentityType(req.getIdentityType().getCode());
saasRoleUserRelation.setRoleId(e);
saasRoleUserRelation.setNaturalPersonId(req.getPersonId());
saasRoleUserRelation.setNaturalPersonId(req.getPersonId());
saasRoleUserRelation.setOuId(req.getOuId());
saasRoleUserRelation.setWorkspaceId(req.getWorkspaceId());
return saasRoleUserRelation;
}).collect(Collectors.toList()));
@Override
public boolean isSuperAdmin(Long identityId, IdentityType identityType, Long workspaceId, Long ouId) {
List<SaasRole> roleList = saasRoleDao.lambdaQuery()
.eq(SaasRole::getOwnerOuId, ouId)
.eq(SaasRole::getWorkspaceId, workspaceId)
.eq(SaasRole::getRoleType, RoleTypeEnum.SUPER_ADMIN.getValue())
.list();
List<Long> roleIds = roleList.stream().map(SaasRole::getId).collect(Collectors.toList());
List<SaasRoleUserRelation> saasRoleUserRelations = roleUserRelationDao.lambdaQuery().eq(SaasRoleUserRelation::getIdentityId, identityId)
.eq(SaasRoleUserRelation::getIdentityType, identityType.getCode())
.eq(SaasRoleUserRelation::getWorkspaceId, workspaceId)
.eq(SaasRoleUserRelation::getOuId, ouId)
.in(SaasRoleUserRelation::getRoleId, roleIds).last("limit 1").list();
return saasRoleUserRelations.size() > 0;
}
}
@Override
public List<SaasRoleUserRelation> queryByWorkspaceIdOrOu(Long identityId, IdentityType identityType, Set<Long> workspaceIds, Set<Long> ouIds) {
return roleUserRelationDao.queryByWorkspaceIdOrOu(identityId, identityType, workspaceIds, ouIds);
}
@Override
public boolean isSuperAdmin(Long identityId, IdentityType identityType, Long workspaceId, Long ouId) {
List<SaasRole> roleList = saasRoleDao.lambdaQuery()
.eq(SaasRole::getOwnerOuId, ouId)
.eq(SaasRole::getWorkspaceId, workspaceId)
.eq(SaasRole::getRoleType, RoleTypeEnum.SUPER_ADMIN.getValue())
.list();
List<Long> roleIds = roleList.stream().map(SaasRole::getId).collect(Collectors.toList());
List<SaasRoleUserRelation> saasRoleUserRelations = roleUserRelationDao.lambdaQuery().eq(SaasRoleUserRelation::getIdentityId, identityId)
.eq(SaasRoleUserRelation::getIdentityType, identityType.getCode())
.eq(SaasRoleUserRelation::getWorkspaceId, workspaceId)
.eq(SaasRoleUserRelation::getOuId, ouId)
.in(SaasRoleUserRelation::getRoleId, roleIds).last("limit 1").list();
return saasRoleUserRelations.size() > 0;
}
@Override
@Transactional(rollbackFor = Exception.class)
public void createSuperAdminRole(CreateSuperAdminRoleParam param) {
//获取超管角色
SaasRole saasRole = saasRoleDao
.findRoleByTypeAndWorkspaceIdAndOuId(RoleTypeEnum.SUPER_ADMIN.getValue(),
param.getWorkspaceId(), param.getOuId());
if (saasRole == null) {
saasRole = new SaasRole();
saasRole.setDescription(RoleTypeEnum.SUPER_ADMIN.getDesc());
saasRole.setName(RoleTypeEnum.SUPER_ADMIN.getDesc());
saasRole.setWorkspaceId(param.getWorkspaceId());
saasRole.setWorkspaceType(param.getWorkspaceType());
saasRole.setOwnerOuId(param.getOuId());
saasRole.setRoleType(RoleTypeEnum.SUPER_ADMIN.getValue());
saasRole.setIsDelete(0L);
@Override
public List<SaasRoleUserRelation> queryByWorkspaceIdOrOu(Long identityId, IdentityType identityType, Set<Long> workspaceIds, Set<Long> ouIds) {
return roleUserRelationDao.queryByWorkspaceIdOrOu(identityId, identityType, workspaceIds, ouIds);
}
checkRoleName(RoleTypeEnum.SUPER_ADMIN.getDesc(), param.getWorkspaceId(), param.getOuId());
saasRoleDao.save(saasRole);
}
//删除当前超管角色
roleUserRelationDao.deleteByRoldId(Lists.newArrayList(saasRole.getId()));
@Override
@Transactional(rollbackFor = Exception.class)
public void createSuperAdminRole(CreateSuperAdminRoleParam param) {
//获取超管角色
SaasRole saasRole = saasRoleDao
.findRoleByTypeAndWorkspaceIdAndOuId(RoleTypeEnum.SUPER_ADMIN.getValue(),
param.getWorkspaceId(), param.getOuId());
if (saasRole == null) {
saasRole = new SaasRole();
saasRole.setDescription(RoleTypeEnum.SUPER_ADMIN.getDesc());
saasRole.setName(RoleTypeEnum.SUPER_ADMIN.getDesc());
saasRole.setWorkspaceId(param.getWorkspaceId());
saasRole.setWorkspaceType(param.getWorkspaceType());
saasRole.setOwnerOuId(param.getOuId());
saasRole.setRoleType(RoleTypeEnum.SUPER_ADMIN.getValue());
saasRole.setIsDelete(0L);
//新增关联关系
SaasRoleUserRelation saasRoleUserRelation = new SaasRoleUserRelation();
saasRoleUserRelation.setIdentityId(param.getIdentityId());
saasRoleUserRelation.setRoleId(saasRole.getId());
saasRoleUserRelation.setIdentityType(param.getIdentityType().getCode());
saasRoleUserRelation.setNaturalPersonId(param.getNaturalPersonId());
saasRoleUserRelation.setOuId(param.getOuId());
saasRoleUserRelation.setWorkspaceId(param.getWorkspaceId());
roleUserRelationDao.save(saasRoleUserRelation);
}
checkRoleName(RoleTypeEnum.SUPER_ADMIN.getDesc(), param.getWorkspaceId(), param.getOuId());
saasRoleDao.save(saasRole);
}
//删除当前超管角色
roleUserRelationDao.deleteByRoldId(Lists.newArrayList(saasRole.getId()));
private void checkRoleName(String name, Long workspaceId, Long ouId) {
List<SaasRole> saasRoles = saasRoleDao.listCommonRoleByNameAndWorkspaceIdAndOuId(name,
workspaceId, ouId);
AssertUtil.isEmpty(saasRoles, "已存在相同的角色名称,请更换角色名称");
}
//新增关联关系
SaasRoleUserRelation saasRoleUserRelation = new SaasRoleUserRelation();
saasRoleUserRelation.setIdentityId(param.getIdentityId());
saasRoleUserRelation.setRoleId(saasRole.getId());
saasRoleUserRelation.setIdentityType(param.getIdentityType().getCode());
saasRoleUserRelation.setNaturalPersonId(param.getNaturalPersonId());
saasRoleUserRelation.setOuId(param.getOuId());
saasRoleUserRelation.setWorkspaceId(param.getWorkspaceId());
roleUserRelationDao.save(saasRoleUserRelation);
}
@Override
public List<SuperAminInfoResp> batchSuperAdminList(List<SuperAdminParam> param) {
LambdaQueryChainWrapper<SaasRole> roleWrapper = saasRoleDao.lambdaQuery();
roleWrapper.and(w ->
param.forEach(c -> w.or()
.eq(SaasRole::getOwnerOuId, c.getOuId())
.eq(SaasRole::getWorkspaceId, c.getWorkspaceId())));
roleWrapper.eq(SaasRole::getIsDelete, TableIsDeleteEnum.NORMAL.value)
.eq(SaasRole::getRoleType, RoleTypeEnum.SUPER_ADMIN.getValue());
List<SaasRole> roleList = roleWrapper.list();
if (CollectionUtils.isEmpty(roleList)) {
return Collections.emptyList();
}
private void checkRoleName(String name, Long workspaceId, Long ouId) {
List<SaasRole> saasRoles = saasRoleDao.listCommonRoleByNameAndWorkspaceIdAndOuId(name,
workspaceId, ouId);
AssertUtil.isEmpty(saasRoles, "已存在相同的角色名称,请更换角色名称");
}
LambdaQueryChainWrapper<SaasRoleUserRelation> userRoleWrapper = roleUserRelationDao.lambdaQuery();
userRoleWrapper.and(w ->
roleList.forEach(c -> w.or()
.eq(SaasRoleUserRelation::getOuId, c.getOwnerOuId())
.eq(SaasRoleUserRelation::getWorkspaceId, c.getWorkspaceId())
.eq(SaasRoleUserRelation::getRoleId, c.getId())
));
userRoleWrapper.eq(SaasRoleUserRelation::getIsDelete, TableIsDeleteEnum.NORMAL.value);
List<SaasRoleUserRelation> relations = userRoleWrapper.list();
@Override
public List<SuperAminInfoResp> batchSuperAdminList(List<SuperAdminParam> param) {
LambdaQueryChainWrapper<SaasRole> roleWrapper = saasRoleDao.lambdaQuery();
roleWrapper.and(w ->
param.forEach(c -> w.or()
.eq(SaasRole::getOwnerOuId, c.getOuId())
.eq(SaasRole::getWorkspaceId, c.getWorkspaceId())));
roleWrapper.eq(SaasRole::getIsDelete, TableIsDeleteEnum.NORMAL.value)
.eq(SaasRole::getRoleType, RoleTypeEnum.SUPER_ADMIN.getValue());
List<SaasRole> roleList = roleWrapper.list();
if (CollectionUtils.isEmpty(roleList)) {
return Collections.emptyList();
}
if (CollectionUtils.isEmpty(relations)) {
return Collections.emptyList();
}
return relations.stream().map(r -> SuperAminInfoResp.builder()
.workspaceId(r.getWorkspaceId())
.ouId(r.getOuId())
.identityId(r.getIdentityId())
.identityType(r.getIdentityType())
.personId(r.getNaturalPersonId())
.build()
).collect(Collectors.toList());
}
LambdaQueryChainWrapper<SaasRoleUserRelation> userRoleWrapper = roleUserRelationDao.lambdaQuery();
userRoleWrapper.and(w ->
roleList.forEach(c -> w.or()
.eq(SaasRoleUserRelation::getOuId, c.getOwnerOuId())
.eq(SaasRoleUserRelation::getWorkspaceId, c.getWorkspaceId())
.eq(SaasRoleUserRelation::getRoleId, c.getId())
));
userRoleWrapper.eq(SaasRoleUserRelation::getIsDelete, TableIsDeleteEnum.NORMAL.value);
List<SaasRoleUserRelation> relations = userRoleWrapper.list();
@Override
public List<SuperAminInfoResp> superAdminList(SuperAdminParam param) {
if (param.getWorkspaceId() == null || Objects.isNull(param.getOuId())) {
return Collections.emptyList();
}
SaasRole saasRole = saasRoleDao.findRoleByTypeAndWorkspaceIdAndOuId(RoleTypeEnum.SUPER_ADMIN.getValue(),
param.getWorkspaceId(), param.getOuId());
if (Objects.isNull(saasRole)) {
return Collections.emptyList();
}
List<SaasRoleUserRelation> relations = roleUserRelationDao.lambdaQuery()
.eq(SaasRoleUserRelation::getWorkspaceId, param.getWorkspaceId())
.eq(SaasRoleUserRelation::getOuId, param.getOuId())
.eq(SaasRoleUserRelation::getRoleId, saasRole.getId())
.eq(SaasRoleUserRelation::getIsDelete, TableIsDeleteEnum.NORMAL.value).list();
if (CollectionUtils.isEmpty(relations)) {
return Collections.emptyList();
}
return relations.stream().map(r -> {
SuperAminInfoResp superAdminInfo = new SuperAminInfoResp();
superAdminInfo.setWorkspaceId(r.getWorkspaceId());
superAdminInfo.setOuId(r.getOuId());
superAdminInfo.setIdentityId(r.getIdentityId());
superAdminInfo.setIdentityType(r.getIdentityType());
superAdminInfo.setPersonId(r.getNaturalPersonId());
return superAdminInfo;
}).collect(Collectors.toList());
}
if (CollectionUtils.isEmpty(relations)) {
return Collections.emptyList();
}
return relations.stream().map(r -> SuperAminInfoResp.builder()
.workspaceId(r.getWorkspaceId())
.ouId(r.getOuId())
.identityId(r.getIdentityId())
.identityType(r.getIdentityType())
.personId(r.getNaturalPersonId())
.build()
).collect(Collectors.toList());
}
@Override
public List<SaasRoleUserRelation> listByRoleIds(List<Long> roleIds, Long ouId, Long workspaceId) {
if (CollectionUtil.isEmpty(roleIds)) {
return new ArrayList<>();
}
return roleUserRelationDao.list(new LambdaQueryWrapper<SaasRoleUserRelation>()
.eq(SaasRoleUserRelation::getOuId, ouId)
.eq(SaasRoleUserRelation::getWorkspaceId, workspaceId)
.in(SaasRoleUserRelation::getRoleId, roleIds));
}
@Override
public List<SuperAminInfoResp> superAdminList(SuperAdminParam param) {
if (param.getWorkspaceId() == null || Objects.isNull(param.getOuId())) {
return Collections.emptyList();
}
SaasRole saasRole = saasRoleDao.findRoleByTypeAndWorkspaceIdAndOuId(RoleTypeEnum.SUPER_ADMIN.getValue(),
param.getWorkspaceId(), param.getOuId());
if (Objects.isNull(saasRole)) {
return Collections.emptyList();
}
List<SaasRoleUserRelation> relations = roleUserRelationDao.lambdaQuery()
.eq(SaasRoleUserRelation::getWorkspaceId, param.getWorkspaceId())
.eq(SaasRoleUserRelation::getOuId, param.getOuId())
.eq(SaasRoleUserRelation::getRoleId, saasRole.getId())
.eq(SaasRoleUserRelation::getIsDelete, TableIsDeleteEnum.NORMAL.value).list();
if (CollectionUtils.isEmpty(relations)) {
return Collections.emptyList();
}
return relations.stream().map(r -> {
SuperAminInfoResp superAdminInfo = new SuperAminInfoResp();
superAdminInfo.setWorkspaceId(r.getWorkspaceId());
superAdminInfo.setOuId(r.getOuId());
superAdminInfo.setIdentityId(r.getIdentityId());
superAdminInfo.setIdentityType(r.getIdentityType());
superAdminInfo.setPersonId(r.getNaturalPersonId());
return superAdminInfo;
}).collect(Collectors.toList());
}
@Override
public List<SaasRoleUserRelation> listByRoleIds(List<Long> roleIds, Long ouId, Long workspaceId) {
if (CollectionUtil.isEmpty(roleIds)) {
return new ArrayList<>();
}
return roleUserRelationDao.list(new LambdaQueryWrapper<SaasRoleUserRelation>()
.eq(SaasRoleUserRelation::getOuId, ouId)
.eq(SaasRoleUserRelation::getWorkspaceId, workspaceId)
.in(SaasRoleUserRelation::getRoleId, roleIds));
}
@Override
public void removeWorkspaceOuAllUserRole(Long workspaceId, Long ouId) {
saasRoleDao.removeWorkspaceOuAllRole(workspaceId, ouId);
roleUserRelationDao.removeWorkspaceOuAllUserRole(workspaceId, ouId);
}
@Override
public void removeWorkspaceOuAllUserRole(Long workspaceId, Long ouId) {
saasRoleDao.removeWorkspaceOuAllRole(workspaceId, ouId);
roleUserRelationDao.removeWorkspaceOuAllUserRole(workspaceId, ouId);
}
}

26
tyr-server/src/main/java/cn/axzo/tyr/server/service/impl/SaasRoleGroupServiceImpl.java
View File

@ -38,6 +38,11 @@ public class SaasRoleGroupServiceImpl implements SaasRoleGroupService {
} else if (!req.getOuIds().contains(-1L)) {
req.getOuIds().add(-1L);
}
return queryRoleGroup(req);
}
private List<SaasRoleGroupVO> queryRoleGroup(QuerySaasRoleGroupReq req){
List<SaasRoleGroupRelation> saasRoleGroupRelations = null;
if (CollectionUtils.isNotEmpty(req.getRoleIds())) {
saasRoleGroupRelations = saasRoleGroupRelationDao.lambdaQuery()
@ -60,7 +65,7 @@ public class SaasRoleGroupServiceImpl implements SaasRoleGroupService {
}
// 如果参数指定了roleIds, 返回的值就包含在请求的roleIds中否则返回全量的roleIds
if (CollectionUtils.isEmpty(saasRoleGroupRelations)) {
saasRoleGroupRelations = saasRoleGroupRelationDao.lambdaQuery()
saasRoleGroupRelations = saasRoleGroupRelationDao.lambdaQuery()
.in(SaasRoleGroupRelation::getSaasRoleGroupId, groups.stream().map(SaasRoleGroup::getId).collect(Collectors.toList()))
.eq(SaasRoleGroupRelation::getIsDelete, TableIsDeleteEnum.NORMAL.value).list();
}
@ -74,9 +79,18 @@ public class SaasRoleGroupServiceImpl implements SaasRoleGroupService {
target.setRoleIds(groupRoleMap.get(e.getId()));
return target;
}).collect(Collectors.toList());
return results;
}
@Override
public List<SaasRoleGroupVO> getRoleGroupList(QuerySaasRoleGroupReq req) {
if (CollectionUtils.isEmpty(req.getWorkspaceIds())) {
req.setWorkspaceIds(Arrays.asList(-1L));
}
if (CollectionUtils.isEmpty(req.getOuIds())) {
req.setOuIds(Arrays.asList(-1L));
}
return queryRoleGroup(req);
}
@Override
public Long saveOrUpdate(SaasRoleGroupVO req) {
@ -99,7 +113,7 @@ public class SaasRoleGroupServiceImpl implements SaasRoleGroupService {
.eq(SaasRoleGroupRelation::getIsDelete, TableIsDeleteEnum.NORMAL.value)
.count();
if (relationCount > 0) {
throw new ServiceException("分组关联角色,不能删除");
throw new ServiceException("该角色分组关联角色,不能进行删除");
}
saasRoleGroupDao.delete(ids);
}
@ -119,13 +133,15 @@ public class SaasRoleGroupServiceImpl implements SaasRoleGroupService {
throw new ServiceException("角色分组不存在");
}
}
List<SaasRoleGroup> groups = saasRoleGroupDao.lambdaQuery().eq(SaasRoleGroup::getWorkspaceTypeCode, req.getWorkspaceTypeCode())
List<SaasRoleGroup> groups = saasRoleGroupDao.lambdaQuery()
.eq(SaasRoleGroup::getWorkspaceId,req.getWorkspaceId())
.eq(SaasRoleGroup::getOuId,req.getOuId())
.eq(SaasRoleGroup::getIsDelete, TableIsDeleteEnum.NORMAL.value).list();
if (CollectionUtils.isNotEmpty(groups)) {
Optional<SaasRoleGroup> repeatGroupName = groups.stream()
.filter(g -> !Objects.equals(g.getId(), req.getId()) && StringUtils.equalsIgnoreCase(g.getName(), req.getName())).findFirst();
if (repeatGroupName.isPresent()) {
throw new ServiceException("工作台类型内,分组名称不能重复");
throw new ServiceException("一个企业单位、工作台或自定义角色分组,名称不能重复!");
}
}
// 拼接ouTypeCode字符串

49
tyr-server/src/main/java/cn/axzo/tyr/server/service/impl/SaasRoleUserRelationServiceImpl.java
View File

@ -1,6 +1,8 @@
package cn.axzo.tyr.server.service.impl;
import cn.axzo.basics.common.BeanMapper;
import cn.axzo.basics.common.constant.enums.TableIsDeleteEnum;
import cn.axzo.framework.domain.page.PageResp;
import cn.axzo.pokonyan.config.mybatisplus.BaseEntity;
import cn.axzo.tyr.client.model.roleuser.dto.SaasRoleUserDTO;
import cn.axzo.tyr.client.model.roleuser.req.RoleUserParam;
@ -11,6 +13,9 @@ import cn.axzo.tyr.server.repository.entity.SaasRoleUserRelation;
import cn.axzo.tyr.server.service.SaasRoleUserRelationService;
import cn.hutool.core.bean.BeanUtil;
import cn.hutool.core.collection.CollectionUtil;
import com.baomidou.mybatisplus.core.metadata.IPage;
import com.baomidou.mybatisplus.extension.conditions.query.LambdaQueryChainWrapper;
import com.baomidou.mybatisplus.extension.plugins.pagination.Page;
import lombok.extern.slf4j.Slf4j;
import org.springframework.stereotype.Service;
@ -39,16 +44,8 @@ public class SaasRoleUserRelationServiceImpl implements SaasRoleUserRelationServ
@Override
public List<SaasRoleUserDTO> list(RoleUserParam param) {
// TODO jhy 角色查询 需要验证标准角色和自定义角色的查询逻辑
List<SaasRoleUserRelation> saasRoleUserRelations = saasRoleUserRelationDao.lambdaQuery()
.eq(Objects.nonNull(param.getIdentityId()), SaasRoleUserRelation::getIdentityId, param.getIdentityId())
.eq(Objects.nonNull(param.getIdentityType()), SaasRoleUserRelation::getIdentityType, param.getIdentityType())
.eq(Objects.nonNull(param.getWorkspaceId()), SaasRoleUserRelation::getWorkspaceId, param.getWorkspaceId())
.eq(Objects.nonNull(param.getOuId()), SaasRoleUserRelation::getOuId, param.getOuId())
.in(CollectionUtil.isNotEmpty(param.getRoleIds()), SaasRoleUserRelation::getRoleId, param.getRoleIds())
.in(CollectionUtil.isNotEmpty(param.getIdentityIds()), SaasRoleUserRelation::getIdentityId, param.getIdentityIds())
.eq(BaseEntity::getIsDelete, TableIsDeleteEnum.NORMAL.value)
.last("LIMIT 1000")
.list();
LambdaQueryChainWrapper<SaasRoleUserRelation> wrapper = buildWrapper(param);
List<SaasRoleUserRelation> saasRoleUserRelations = wrapper.last("LIMIT 1000").list();
if (CollectionUtil.isEmpty(saasRoleUserRelations)) {
return Collections.emptyList();
}
@ -66,4 +63,36 @@ public class SaasRoleUserRelationServiceImpl implements SaasRoleUserRelationServ
return userRole;
}).collect(Collectors.toList());
}
private LambdaQueryChainWrapper<SaasRoleUserRelation> buildWrapper(RoleUserParam param) {
return saasRoleUserRelationDao.lambdaQuery()
.eq(Objects.nonNull(param.getIdentityId()), SaasRoleUserRelation::getIdentityId, param.getIdentityId())
.eq(Objects.nonNull(param.getIdentityType()), SaasRoleUserRelation::getIdentityType, param.getIdentityType())
.eq(Objects.nonNull(param.getWorkspaceId()), SaasRoleUserRelation::getWorkspaceId, param.getWorkspaceId())
.eq(Objects.nonNull(param.getOuId()), SaasRoleUserRelation::getOuId, param.getOuId())
.in(CollectionUtil.isNotEmpty(param.getOuIds()), SaasRoleUserRelation::getOuId, param.getOuIds())
.in(CollectionUtil.isNotEmpty(param.getWorkspaceIds()), SaasRoleUserRelation::getWorkspaceId, param.getWorkspaceId())
.in(CollectionUtil.isNotEmpty(param.getRoleIds()), SaasRoleUserRelation::getRoleId, param.getRoleIds())
.in(CollectionUtil.isNotEmpty(param.getIdentityIds()), SaasRoleUserRelation::getIdentityId, param.getIdentityIds())
.eq(BaseEntity::getIsDelete, TableIsDeleteEnum.NORMAL.value);
}
@Override
public PageResp<SaasRoleUserDTO> pageQuery(RoleUserParam param) {
//限制分页100
if (param.getPageSize() != null && param.getPageSize().compareTo(200L) > 0) {
param.setPageSize(100L);
}
//查询条件构造 - ID升序
LambdaQueryChainWrapper<SaasRoleUserRelation> wrapper = buildWrapper(param)
.orderByAsc(SaasRoleUserRelation::getId);
IPage<SaasRoleUserRelation> page = wrapper.page(param.toPage());
if (CollectionUtil.isEmpty(page.getRecords())) {
return PageResp.zero(param.getPage(), param.getPageSize());
}
List<SaasRoleUserDTO> list = page.getRecords().stream()
.map(r -> BeanMapper.copyBean(r, SaasRoleUserDTO.class))
.collect(Collectors.toList());
return PageResp.list(param.getPage(), param.getPageSize(), page.getTotal(), list);
}
}

43
tyr-server/src/main/java/cn/axzo/tyr/server/service/impl/TyrSaasAuthServiceImpl.java
View File

@ -316,17 +316,42 @@ public class TyrSaasAuthServiceImpl implements TyrSaasAuthService {
userRoleInfoMap.setWorkspaceJoinType(WorkspaceJoinType.matchValue(e.getWorkspaceJoinType()));
queryKey.putIfAbsent(KeyUtil.buildKeyBySeparator(e.getWorkspaceId(), e.getOuId()), userRoleInfoMap);
});
stopWatch.start("query role user relation");
List<SaasRoleUserRelation> saasRoleUserRelations = roleUserService.queryByWorkspaceIdOrOu(identityAuthReq.getIdentityId(), identityAuthReq.getIdentityType(), queryWorkspace, queryOuId);
stopWatch.stop();
if (CollectionUtil.isEmpty(saasRoleUserRelations)) {
return result;
}
// 有工作台和单位的查询条件通过单位与工作台在过滤一次
if (CollectionUtil.isNotEmpty(queryInfo)) {
saasRoleUserRelations = saasRoleUserRelations.stream().filter(roleUserService -> queryKey.containsKey(KeyUtil.buildKeyBySeparator(roleUserService.getWorkspaceId(), roleUserService.getOuId()))).collect(Collectors.toList());
final List<SaasRoleUserRelation> saasRoleUserRelations = new ArrayList<>();
if (CollectionUtil.isNotEmpty(identityAuthReq.getSpecifyRoleIds())) {
//指定了角色 则不需要去查用户角色关系
// mock 看做已有所有角色
queryKey.values().forEach(k -> {
List<SaasRoleUserRelation> relations = identityAuthReq.getSpecifyRoleIds().stream().map(id -> {
SaasRoleUserRelation relation = new SaasRoleUserRelation();
relation.setRoleId(id);
relation.setOuId(k.getOuId());
relation.setWorkspaceId(k.getWorkspaceId());
relation.setIdentityId(identityAuthReq.getIdentityId());
relation.setIdentityType(identityAuthReq.getIdentityType().getCode());
// 使用角色ID替代不需要在查询一次
relation.setId(id);
return relation;
}).collect(Collectors.toList());
saasRoleUserRelations.addAll(relations);
});
} else {
stopWatch.start("query role user relation");
List<SaasRoleUserRelation> relations = roleUserService.queryByWorkspaceIdOrOu(identityAuthReq.getIdentityId(), identityAuthReq.getIdentityType(), queryWorkspace, queryOuId);
stopWatch.stop();
if (CollectionUtil.isEmpty(relations)) {
return result;
}
// 有工作台和单位的查询条件通过单位与工作台在过滤一次
if (CollectionUtil.isNotEmpty(queryInfo)) {
saasRoleUserRelations.addAll(relations.stream()
.filter(roleUserService -> queryKey.containsKey(
KeyUtil.buildKeyBySeparator(roleUserService.getWorkspaceId(), roleUserService.getOuId())))
.collect(Collectors.toList()));
}
}
Set<Long> realWorkspaceId = saasRoleUserRelations.stream().map(SaasRoleUserRelation::getWorkspaceId).collect(Collectors.toSet());
Set<Long> realOuId = saasRoleUserRelations.stream().map(SaasRoleUserRelation::getOuId).collect(Collectors.toSet());
//工作台对应产品 key = workapceId