wangli/tyr
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Merge remote-tracking branch 'origin/master' into feature/REQ-1696

Browse Source 
# Conflicts:
#	tyr-api/src/main/java/cn/axzo/tyr/client/feign/TyrSaasRoleUserApi.java
#	tyr-server/src/main/java/cn/axzo/tyr/server/controller/roleuser/RoleUserController.java
#	tyr-server/src/main/java/cn/axzo/tyr/server/service/impl/RoleServiceImpl.java
#	tyr-server/src/main/java/cn/axzo/tyr/server/service/impl/RoleUserService.java
This commit is contained in:
陈维伟 2023-12-18 20:40:15 +08:00
commit 4fd8f32f59
39 changed files with 1630 additions and 666 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

17
sql/init.sql Normal file
View File

@ -0,0 +1,17 @@
CREATE TABLE IF NOT EXISTS plat_user_role_job_change
(
id bigint auto_increment comment '主键',
person_id bigint default 0 not null comment '安心筑personId',
request_id varchar(64) default 0 not null comment '请求ID',
change_type varchar(20) default '' not null comment '变更类型',
change_detail varchar(256) default '' not null comment '变更详情',
operator varchar(50) not null comment '变更操作人',
operator_time datetime default CURRENT_TIMESTAMP not null comment '变更时间',
is_delete tinyint default 0 not null comment '未删除0,删除1',
create_at datetime default CURRENT_TIMESTAMP not null comment '创建时间',
update_at datetime default CURRENT_TIMESTAMP not null comment '更新时间',
PRIMARY KEY (`id`)
) ENGINE = InnoDB
DEFAULT CHARSET = utf8 comment '平台账户角色岗位变动记录';
create index idx_plat_user_role_job_change
on plat_user_role_job_change (person_id, operator_time);

47
tyr-api/src/main/java/cn/axzo/tyr/client/feign/PlatUserRoleChangeApi.java Normal file
View File

@ -0,0 +1,47 @@
package cn.axzo.tyr.client.feign;
import cn.axzo.framework.domain.web.result.ApiPageResult;
import cn.axzo.framework.domain.web.result.ApiResult;
import cn.axzo.tyr.client.model.req.GetWorkflowQueryAndUpdatePermissionReq;
import cn.axzo.tyr.client.model.req.PlatAccountChangeLogReq;
import cn.axzo.tyr.client.model.req.PlatAccountChangeQuery;
import cn.axzo.tyr.client.model.res.GetWorkflowQueryAndUpdatePermissionRes;
import cn.axzo.tyr.client.model.res.PlatAccountChangeLogResp;
import org.springframework.cloud.openfeign.FeignClient;
import org.springframework.validation.annotation.Validated;
import org.springframework.web.bind.annotation.GetMapping;
import org.springframework.web.bind.annotation.PathVariable;
import org.springframework.web.bind.annotation.PostMapping;
import org.springframework.web.bind.annotation.RequestBody;
/**
* tyr
*
* @author zuoqinbo
* @version V1.0
* @date 2023/11/23 18:03
*/
@FeignClient(name = "tyr", url = "${axzo.service.tyr:http://tyr:8080}")
public interface PlatUserRoleChangeApi {
/**
* 保存账户变更日志
*
* @param req 户变更日志
* @return
*/
@PostMapping(value = "/api/v1/plat/account/change/log")
ApiResult<Void> savePlatUserAccountChangeLog(@RequestBody @Validated PlatAccountChangeLogReq req);
/**
* 查询平台账户变更日志
*
* @param platAccountChangeQuery 查询条件
* @return 返回账户变动记录列表
*/
@PostMapping(value = "/api/v1/plat/account/change/log/query")
ApiPageResult<PlatAccountChangeLogResp> queryPlatUserAccountChangeLog(@RequestBody @Validated PlatAccountChangeQuery platAccountChangeQuery);
}

18
tyr-api/src/main/java/cn/axzo/tyr/client/feign/SaasRoleGroupApi.java
View File

@ -18,7 +18,7 @@ import java.util.List;
public interface SaasRoleGroupApi {
/**
* 保存/更新
* 保存/更新角色分组
* @return
*/
@PostMapping("/api/saasRoleGroup/save")
@ -29,15 +29,25 @@ public interface SaasRoleGroupApi {
* @return
*/
@PostMapping("/api/saasRoleGroup/getList")
@Deprecated
ApiResult<List<SaasRoleGroupVO>> getList(@RequestBody QuerySaasRoleGroupReq req);
/**
* 查询自定义角色权限分组列表
* @return 返回 角色分组列表
*/
@PostMapping("/api/saasRoleGroup/getRoleGroupList")
ApiResult<List<SaasRoleGroupVO>> getSaasRoleGroupList(@RequestBody QuerySaasRoleGroupReq req);
@PostMapping("/api/saasRoleGroup/getById")
ApiResult<SaasRoleGroupVO> getById(@RequestParam("id") Long id);
/**
* 删除
* 删除角色分组
* @param ids 角色分组ID
* @return 返回删除角色分组状态
*/
@PostMapping("/api/saasRoleGroup//api/saasPermissionGoup/delete")
ApiResult<Void> delete(@RequestBody@NotEmpty List<Long> ids);
@PostMapping("/api/saasRoleGroup/delete")
ApiResult<Void> delete(@RequestParam @NotEmpty List<Long> ids);
}

32
tyr-api/src/main/java/cn/axzo/tyr/client/feign/TyrSaasRoleApi.java
View File

@ -10,6 +10,7 @@ import cn.axzo.tyr.client.model.res.IsSuperAdminRes;
import cn.axzo.tyr.client.model.res.QueryBatchByIdentityIdTypeRes;
import cn.axzo.tyr.client.model.res.QueryRoleByNameResp;
import cn.axzo.tyr.client.model.res.RoleWithUserRes;
import cn.axzo.tyr.client.model.vo.SaasRoleAndGroupVO;
import cn.axzo.tyr.client.model.vo.SaasRoleVO;
import cn.axzo.tyr.client.model.vo.SaveOrUpdateRoleVO;
import org.springframework.cloud.openfeign.FeignClient;
@ -45,6 +46,7 @@ public interface TyrSaasRoleApi {
/**
* 获取角色列表
*
* @return
*/
@PostMapping("/api/saasRole/query")
@ -54,10 +56,24 @@ public interface TyrSaasRoleApi {
* 删除
*/
@PostMapping("/api/saasRole/delete")
ApiResult delete(@RequestBody List<Long> id);
@Deprecated
ApiResult<Void> delete(@RequestBody List<Long> id);
/**
* 删除角色
*
* @param roleIds 待删除角色集合
* @param workSpaceId 待删除角色所属workSpaceId
* @param outId 待删除角色所属单位ID
*/
@PostMapping("/api/saasRole/strict/delete")
ApiResult<Void> deleteRole(@RequestParam(required = true) List<Long> roleIds,
@RequestParam(required = true) Long workSpaceId, @RequestParam(required = true) Long outId);
/**
* 根据身份id身份类型查询权限列表只返回角色信息
*
* @param identityType 身份类型 1:工人 2:班组长 3:从业人员 4:监管人员 5:运营人员
* @return
*/
@ -66,6 +82,7 @@ public interface TyrSaasRoleApi {
/**
* 根据身份id身份类型查询权限列表批量,只返回角色信息
*
* @return
*/
@PostMapping("/api/saasRole/queryBatchByIdentityIdType")
@ -73,6 +90,7 @@ public interface TyrSaasRoleApi {
/**
* 根据身份id身份类型查询是否为超管
*
* @return
*/
@PostMapping("/api/saasRole/isSuperAdmin")
@ -80,14 +98,24 @@ public interface TyrSaasRoleApi {
/**
* 通过角色名字获取角色信息
*
* @return
*/
@PostMapping("/api/saasRole/findRoleByName")
ApiResult<List<QueryRoleByNameResp>> findRoleByName(@RequestBody @Valid QueryRoleByNameReq req);
/** 分页查询角色含用户 **/
/**
* 分页查询角色含用户
**/
@PostMapping("/api/saasRole/queryWithUser")
ApiPageResult<RoleWithUserRes> queryRoleWithUser(@RequestBody RoleWithUserQueryReq req);
/**
* 通过工作台类型获取对应的标准角
*/
@GetMapping("/api/saasRole/queryByWorkspaceType")
ApiResult<List<SaasRoleAndGroupVO>> queryInitRoleByWorkspaceId(@RequestParam("workspaceType") String workspaceType);
}

6
tyr-api/src/main/java/cn/axzo/tyr/client/feign/TyrSaasRoleUserApi.java
View File

@ -1,5 +1,7 @@
package cn.axzo.tyr.client.feign;
import cn.axzo.basics.common.page.PageRequest;
import cn.axzo.framework.domain.web.result.ApiPageResult;
import cn.axzo.framework.domain.web.result.ApiResult;
import cn.axzo.tyr.client.model.roleuser.dto.SaasRoleUserDTO;
import cn.axzo.tyr.client.model.roleuser.dto.SuperAminInfoResp;
@ -68,6 +70,10 @@ public interface TyrSaasRoleUserApi {
@PostMapping("/api/saas-role-user/batch-super-admin-list")
ApiResult<List<SuperAminInfoResp>> batchSuperAdminList(@RequestBody @Valid List<SuperAdminParam> param);
/** 分页查询角色用户数据 多条件 最大分页100**/
@PostMapping("/api/saas-role-user/page")
ApiPageResult<SaasRoleUserDTO> pageQuery(@RequestBody @Valid RoleUserParam param);
/**
* 根据id删除用户角色关联关系
* @return

2
tyr-api/src/main/java/cn/axzo/tyr/client/model/dict/response/BasicDictNodeResp.java
View File

@ -22,7 +22,7 @@ public class BasicDictNodeResp {
private String workspaceType;
/**
* 类型"ouType", "terminal"
* 类型"ouType", "terminal" identity
*/
private String type;

39
tyr-api/src/main/java/cn/axzo/tyr/client/model/enums/ChangeActionType.java Normal file
View File

@ -0,0 +1,39 @@
package cn.axzo.tyr.client.model.enums;
import lombok.AllArgsConstructor;
import lombok.Getter;
/**
* 账户变更类型
*
* @author zuoqinbo
* @version V1.0
* @Date 2023/11/24 11:05
*/
@Getter
@AllArgsConstructor
public enum ChangeActionType {
/**
* 加入
*/
JOIN("join", "加入"),
/**
* 添加
*/
ADD("add", "添加"),
/**
* 变更
*/
CHANGE("change", "变更"),
/**
* 移除
*/
REMOVE("remove", "移除"),
;
private final String code;
private final String desc;
}

40
tyr-api/src/main/java/cn/axzo/tyr/client/model/enums/ChangeType.java Normal file
View File

@ -0,0 +1,40 @@
package cn.axzo.tyr.client.model.enums;
import lombok.AllArgsConstructor;
import lombok.Getter;
import java.util.HashMap;
import java.util.Map;
/**
* 账户变更类型
*
* @version V1.0
* @author: zuoqinbo
* @date: 2023/11/24 11:05
*/
@Getter
@AllArgsConstructor
public enum ChangeType {
/**
* 离职
*/
DIMISSION("dimission", "离职"),
/**
* 角色变动
*/
ROLE_CHANGE("role_change", "角色变动"),
/**
* 部门变动
*/
ORGANIZATION_CHANGE("organization_change", "部门变动"),
/**
* 岗位变动
*/
JOB_CHANGE("job_change", "岗位变动"),
;
private String code;
private String desc;
}

3
tyr-api/src/main/java/cn/axzo/tyr/client/model/enums/DictTypeFiledEnum.java
View File

@ -28,7 +28,8 @@ public enum DictTypeFiledEnum {
/**
* 工作台
*/
WORKSPACE("workspace","工作台")
WORKSPACE("workspace","工作台"),
IDENTITY("identity","身份"),
;
@EnumValue

3
tyr-api/src/main/java/cn/axzo/tyr/client/model/req/IdentityAuthReq.java
View File

@ -56,6 +56,9 @@ public class IdentityAuthReq {
@Builder.Default
private Set<String> featureCode = new HashSet<>();
/** 指定角色ID - 预览用,不需要用户已配置角色 **/
private Set<Long> specifyRoleIds;
@Data
@Builder

2
tyr-api/src/main/java/cn/axzo/tyr/client/model/req/OUWorkspacePair.java
View File

@ -5,7 +5,7 @@ import lombok.Data;
import javax.validation.constraints.NotNull;
/**
* OU和wokspace对
* OU和workspace对
*
* @version V1.0
* @author: ZhanSiHu

64
tyr-api/src/main/java/cn/axzo/tyr/client/model/req/PlatAccountChangeLogReq.java Normal file
View File

@ -0,0 +1,64 @@
package cn.axzo.tyr.client.model.req;
import lombok.AllArgsConstructor;
import lombok.Builder;
import lombok.Data;
import lombok.NoArgsConstructor;
import javax.validation.constraints.NotEmpty;
import javax.validation.constraints.NotNull;
import java.util.Date;
/**
* PlatAccountChangeLogReq
*
* @author zuoqinbo
* @version V1.0
* @date 2023/11/23 18:03
*/
@Data
@Builder
@AllArgsConstructor
@NoArgsConstructor
public class PlatAccountChangeLogReq {
/**
* 安心筑id
*/
@NotNull(message = "personId is required")
private Long personId;
/**
* 请求ID
*/
private String requestId;
/**
* 变更类型
*
* @see cn.axzo.tyr.client.model.enums.ChangeType
*/
@NotEmpty(message = "changeType is required")
private String changeType;
/**
* 变更详情
* 变更动作:变更模板
*
* @see cn.axzo.tyr.client.model.enums.ChangeActionType
*/
@NotEmpty(message = "changeDetail is required")
private String changeDetail;
/**
* operator
*/
@NotEmpty(message = "operator is required")
private String operator;
/**
* 变更时间
*/
private Date operatorTime;
}

29
tyr-api/src/main/java/cn/axzo/tyr/client/model/req/PlatAccountChangeQuery.java Normal file
View File

@ -0,0 +1,29 @@
package cn.axzo.tyr.client.model.req;
import cn.axzo.core.domain.PageRequest;
import lombok.Builder;
import lombok.Data;
import javax.validation.constraints.NotEmpty;
import javax.validation.constraints.NotNull;
import java.util.Date;
/**
* PlatAccountChangeLogReq
*
* @author zuoqinbo
* @version V1.0
* @date 2023/11/23 18:03
*/
@Data
public class PlatAccountChangeQuery extends PageRequest {
/**
* 安心筑personId
*/
@NotNull(message = "personId is required")
private Long personId;
}

22
tyr-api/src/main/java/cn/axzo/tyr/client/model/req/RoleWithUserQueryReq.java
View File

@ -15,15 +15,29 @@ import java.util.List;
@Data
public class RoleWithUserQueryReq extends PageRequest {
/** 查询关键字 **/
/**
* 查询关键字
**/
private String keyword;
/** 企业组织ID **/
/**
* 企业组织ID
**/
private Long ouId;
/** 工作台ID **/
/**
* 工作台ID
**/
private Long workspaceId;
/** 企业工作台参建类型 **/
/**
* 企业工作台参建类型
**/
private Integer workspaceJoinType;
/**
* 角色ID
**/
private Long roleId;
}

54
tyr-api/src/main/java/cn/axzo/tyr/client/model/res/PlatAccountChangeLogResp.java Normal file
View File

@ -0,0 +1,54 @@
package cn.axzo.tyr.client.model.res;
import lombok.AllArgsConstructor;
import lombok.Builder;
import lombok.Data;
import lombok.NoArgsConstructor;
import java.util.Date;
/**
* PlatAccountChangeLogReq
*
* @author zuoqinbo
* @version V1.0
* @date 2023/11/23 18:03
*/
@Data
@Builder
@AllArgsConstructor
@NoArgsConstructor
public class PlatAccountChangeLogResp {
/**
* 安心筑用户personId
*/
private Long personId;
/**
* requestId
*/
private String requestId;
/**
* 变更类型
* @see cn.axzo.tyr.client.model.enums.ChangeType
*/
private String changeType;
/**
* 变更详情
*/
private String changeDetail;
/**
* operator
*/
private String operator;
/**
* 变更时间
*/
private Date operatorTime;
}

10
tyr-api/src/main/java/cn/axzo/tyr/client/model/roleuser/req/RoleUserParam.java
View File

@ -1,11 +1,13 @@
package cn.axzo.tyr.client.model.roleuser.req;
import cn.axzo.basics.common.page.PageRequest;
import cn.axzo.tyr.client.model.enums.IdentityType;
import lombok.AllArgsConstructor;
import lombok.Builder;
import lombok.Data;
import lombok.NoArgsConstructor;
import java.util.List;
import java.util.Set;
/**
@ -16,7 +18,7 @@ import java.util.Set;
@Builder
@AllArgsConstructor
@NoArgsConstructor
public class RoleUserParam {
public class RoleUserParam extends PageRequest {
/**
* 工作台id
*/
@ -54,4 +56,10 @@ public class RoleUserParam {
* identityIds
*/
private Set<Long> identityIds;
/** ouId列表**/
private List<Long> ouIds;
/** 工作台ID列表 **/
private List<Long> workspaceIds;
}

12
tyr-api/src/main/java/cn/axzo/tyr/client/model/roleuser/req/RoleUserReq.java
View File

@ -57,4 +57,16 @@ public class RoleUserReq {
*/
private Set<Long> updateRoleIds;
/**
* 是否合并当前已存在的角色
* 适用于角色更新或者角色新增
*/
private boolean mergeExistsRoles;
/**
* 该请求是否是权限回收
*/
private boolean isRecycleModel;
}

31
tyr-api/src/main/java/cn/axzo/tyr/client/model/vo/SaasRoleAndGroupVO.java Normal file
View File

@ -0,0 +1,31 @@
package cn.axzo.tyr.client.model.vo;
import lombok.AllArgsConstructor;
import lombok.Builder;
import lombok.Data;
import lombok.NoArgsConstructor;
import java.util.List;
/**
* @author tanjie@axzo.cn
* @date 2023/11/16 16:25
*/
@Data
@Builder
@AllArgsConstructor
@NoArgsConstructor
public class SaasRoleAndGroupVO {
/**
* 单位类型CODE
*/
private String ouTypeCode;
/**
* 单位类型名称
*/
private String ouTypeName;
/**
* 对应角色不包括权限
*/
private List<SaasRoleVO> simpleSaasRole;
}

2
tyr-api/src/main/java/cn/axzo/tyr/client/model/vo/SaasRoleVO.java
View File

@ -65,7 +65,7 @@ public class SaasRoleVO {
*
* @return
*/
public List<PermissionPointTreeNode> getFeature() {
public List<PermissionPointTreeNode> currentFeature() {
return this.permissionGroup.stream().map(SaasPermissionGroupVO::getFeature).flatMap(List::stream).distinct().collect(Collectors.toList());
}

6
tyr-api/src/main/java/cn/axzo/tyr/client/model/vo/SaveOrUpdateRoleVO.java
View File

@ -58,7 +58,7 @@ public class SaveOrUpdateRoleVO {
/**
* 选中的权限点id
*/
@NotNull
@NotNull(message = "权限点ID不能为空")
private List<Long> selectedPPIds;
@Data
@ -67,13 +67,13 @@ public class SaveOrUpdateRoleVO {
/**
* 角色分组id
*/
@NotNull
@NotNull(message = "角色分组ID不能为空")
private Long id;
/**
* 项目部类型字典code
*/
@NotNull
@NotNull(message = "workspaceTypeCode不能为空")
private String workspaceTypeCode;
}
}

51
tyr-server/src/main/java/cn/axzo/tyr/server/config/exception/ExceptionAdviceHandler.java Normal file
View File

@ -0,0 +1,51 @@
package cn.axzo.tyr.server.config.exception;
import cn.axzo.basics.common.exception.ServiceException;
import cn.axzo.framework.domain.web.result.ApiResult;
import lombok.extern.slf4j.Slf4j;
import org.springframework.core.annotation.Order;
import org.springframework.util.CollectionUtils;
import org.springframework.validation.BindException;
import org.springframework.validation.ObjectError;
import org.springframework.web.bind.annotation.ExceptionHandler;
import org.springframework.web.bind.annotation.RestControllerAdvice;
import java.util.List;
/**
* Controller异常
* @author zuoqinbo
* @version V1.0
* @date 2023/10/11 9:44
*/
@Order(value = 0)
@RestControllerAdvice
@Slf4j
public class ExceptionAdviceHandler {
@ExceptionHandler(cn.axzo.framework.domain.ServiceException.class)
public ApiResult<Void> basicsServiceExceptionHandler(ServiceException e) {
log.warn("业务异常", e);
return ApiResult.err(e.getMessage());
}
@ExceptionHandler(cn.axzo.basics.common.exception.ServiceException.class)
public ApiResult<Void> coreServiceExceptionHandler(cn.axzo.basics.common.exception.ServiceException e) {
log.warn("业务异常", e);
return ApiResult.err(e.getMessage());
}
@ExceptionHandler(BindException.class)
public ApiResult<Void> bindExceptionHandler(BindException e) {
log.warn("业务异常", e);
List<ObjectError> allErrors = e.getBindingResult().getAllErrors();
if (CollectionUtils.isEmpty(allErrors)) {
return ApiResult.err("操作失败 请联系系统管理员");
}
ObjectError objectError = allErrors.get(0);
String objectErrorDefaultMessage = objectError.getDefaultMessage();
return ApiResult.err(objectErrorDefaultMessage);
}
}

41
tyr-server/src/main/java/cn/axzo/tyr/server/controller/change/PlatUserRoleChangeController.java Normal file
View File

@ -0,0 +1,41 @@
package cn.axzo.tyr.server.controller.change;
import cn.axzo.framework.domain.web.result.ApiPageResult;
import cn.axzo.framework.domain.web.result.ApiResult;
import cn.axzo.tyr.client.feign.PlatUserRoleChangeApi;
import cn.axzo.tyr.client.model.req.PlatAccountChangeLogReq;
import cn.axzo.tyr.client.model.req.PlatAccountChangeQuery;
import cn.axzo.tyr.client.model.res.PlatAccountChangeLogResp;
import cn.axzo.tyr.server.service.impl.PlatUserRoleChangeService;
import lombok.RequiredArgsConstructor;
import lombok.extern.slf4j.Slf4j;
import org.springframework.web.bind.annotation.RestController;
import javax.annotation.Resource;
/**
* tyr
*
* @author zuoqinbo
* @version V1.0
* @date 2023/11/23 18:27
*/
@Slf4j
@RestController
@RequiredArgsConstructor
public class PlatUserRoleChangeController implements PlatUserRoleChangeApi {
@Resource
private PlatUserRoleChangeService roleChangeService;
@Override
public ApiResult<Void> savePlatUserAccountChangeLog(PlatAccountChangeLogReq accountChangeLog) {
roleChangeService.savePlatUserAccountChangeLog(accountChangeLog);
return ApiResult.ok();
}
@Override
public ApiPageResult<PlatAccountChangeLogResp> queryPlatUserAccountChangeLog(PlatAccountChangeQuery platAccountChangeQuery) {
return roleChangeService.queryPlatUserAccountChangeLog(platAccountChangeQuery);
}
}

20
tyr-server/src/main/java/cn/axzo/tyr/server/controller/role/SaasRoleController.java
View File

@ -12,6 +12,7 @@ import cn.axzo.tyr.client.model.res.IsSuperAdminRes;
import cn.axzo.tyr.client.model.res.QueryBatchByIdentityIdTypeRes;
import cn.axzo.tyr.client.model.res.QueryRoleByNameResp;
import cn.axzo.tyr.client.model.res.RoleWithUserRes;
import cn.axzo.tyr.client.model.vo.SaasRoleAndGroupVO;
import cn.axzo.tyr.client.model.vo.SaasRoleVO;
import cn.axzo.tyr.client.model.vo.SaveOrUpdateRoleVO;
import cn.axzo.tyr.server.service.RoleService;
@ -27,9 +28,9 @@ import java.util.List;
/**
* 权限
*
* @author ZhanSiHu
* @version V1.0
* @author: ZhanSiHu
* @date: 2023/9/6 14:55
* @date 2023/9/6 14:55
*/
@Slf4j
@RestController
@ -63,8 +64,14 @@ public class SaasRoleController implements TyrSaasRoleApi {
}
@Override
public ApiResult delete(List<Long> id) {
return null;
public ApiResult<Void> deleteRole(List<Long> roleIds, Long workSpaceId, Long outId) {
roleService.deleteRole(roleIds, workSpaceId, outId);
return ApiResult.ok();
}
@Override
public ApiResult<Void> delete(List<Long> roleIds) {
return ApiResult.ok();
}
@Override
@ -92,4 +99,9 @@ public class SaasRoleController implements TyrSaasRoleApi {
return ApiPageResult.ok(roleService.queryRoleWithUser(req));
}
@Override
public ApiResult<List<SaasRoleAndGroupVO>> queryInitRoleByWorkspaceId(String workspaceType) {
return ApiResult.ok(roleService.queryInitRoleByWorkspaceId(workspaceType));
}
}

5
tyr-server/src/main/java/cn/axzo/tyr/server/controller/role/SaasRoleGroupController.java
View File

@ -31,6 +31,11 @@ public class SaasRoleGroupController implements SaasRoleGroupApi {
return ApiResult.ok(saasRoleGroupService.getList(req));
}
@Override
public ApiResult<List<SaasRoleGroupVO>> getSaasRoleGroupList(QuerySaasRoleGroupReq req) {
return ApiResult.ok(saasRoleGroupService.getRoleGroupList(req));
}
@Override
public ApiResult<SaasRoleGroupVO> getById(Long id) {
List<SaasRoleGroupVO> roleGroups = saasRoleGroupService.getList(QuerySaasRoleGroupReq.builder().ids(Lists.newArrayList(id)).build());

6
tyr-server/src/main/java/cn/axzo/tyr/server/controller/roleuser/RoleUserController.java
View File

@ -1,6 +1,7 @@
package cn.axzo.tyr.server.controller.roleuser;
import cn.axzo.basics.common.util.AssertUtil;
import cn.axzo.framework.domain.web.result.ApiPageResult;
import cn.axzo.framework.domain.web.result.ApiResult;
import cn.axzo.pokonyan.config.mybatisplus.BaseEntity;
import cn.axzo.tyr.client.feign.TyrSaasRoleUserApi;
@ -102,4 +103,9 @@ public class RoleUserController implements TyrSaasRoleUserApi {
public ApiResult<List<Long>> getSpecialRole() {
return ApiResult.ok(saasRoleUserService.getSpecialRole());
}
@Override
public ApiPageResult<SaasRoleUserDTO> pageQuery(RoleUserParam param) {
return ApiPageResult.ok(saasRoleUserRelationService.pageQuery(param));
}
}

18
tyr-server/src/main/java/cn/axzo/tyr/server/repository/dao/PlatUserRoleChangeDao.java Normal file
View File

@ -0,0 +1,18 @@
package cn.axzo.tyr.server.repository.dao;
import cn.axzo.tyr.server.repository.entity.PlatUserAccountChangeLog;
import cn.axzo.tyr.server.repository.mapper.PlatUserAccountChangeMapper;
import com.baomidou.mybatisplus.extension.service.impl.ServiceImpl;
import org.springframework.stereotype.Repository;
/**
* tyr
*
* @author zuoqinbo
* @version V1.0
* @date 2023/11/23 18:28
*/
@Repository
public class PlatUserRoleChangeDao extends ServiceImpl<PlatUserAccountChangeMapper, PlatUserAccountChangeLog> {
}

2
tyr-server/src/main/java/cn/axzo/tyr/server/repository/dao/SaasRoleDao.java
View File

@ -34,7 +34,7 @@ public class SaasRoleDao extends ServiceImpl<SaasRoleMapper, SaasRole> {
public void delete(List<Long> id) {
lambdaUpdate()
.in(BaseEntity::getId,id)
.set(BaseEntity::getIsDelete,id)
.set(BaseEntity::getIsDelete,TableIsDeleteEnum.DELETE.value)
.update();
}

16
tyr-server/src/main/java/cn/axzo/tyr/server/repository/dao/SaasRoleGroupRelationDao.java
View File

@ -25,5 +25,21 @@ public class SaasRoleGroupRelationDao extends ServiceImpl<SaasRoleGroupRelationM
.set(BaseEntity::getIsDelete, TableIsDeleteEnum.DELETE.value)
.update();
}
public List<SaasRoleGroupRelation> getByGroupIds(List<Long> groupIds) {
return lambdaQuery().in(SaasRoleGroupRelation::getSaasRoleGroupId, groupIds)
.eq(BaseEntity::getIsDelete, 0)
.list();
}
public void deleteGroupRelation(List<Long> roleIds) {
if (CollectionUtils.isEmpty(roleIds)) {
return ;
}
lambdaUpdate()
.in(SaasRoleGroupRelation::getRoleId,roleIds)
.set(BaseEntity::getIsDelete,1L)
.update();
}
}

68
tyr-server/src/main/java/cn/axzo/tyr/server/repository/entity/PlatUserAccountChangeLog.java Normal file
View File

@ -0,0 +1,68 @@
package cn.axzo.tyr.server.repository.entity;
import cn.axzo.pokonyan.config.mybatisplus.BaseEntity;
import com.baomidou.mybatisplus.annotation.TableField;
import com.baomidou.mybatisplus.annotation.TableName;
import com.baomidou.mybatisplus.extension.handlers.JacksonTypeHandler;
import lombok.AllArgsConstructor;
import lombok.Builder;
import lombok.Data;
import lombok.NoArgsConstructor;
import org.apache.ibatis.type.BooleanTypeHandler;
import java.io.Serializable;
import java.util.Date;
import java.util.Map;
/**
* @author zuoqinbo
* @date 2023/11/23 17:39
* @description 账号异动记录
* @modifiedBy
* @version: 1.0
*/
@Data
@Builder
@AllArgsConstructor
@NoArgsConstructor
@TableName("plat_user_role_job_change")
public class PlatUserAccountChangeLog extends BaseEntity<PlatUserAccountChangeLog> {
/**
* 安心筑personId
*/
@TableField(value = "person_id")
private Long personId;
/**
* 请求Id
*/
@TableField(value = "request_id")
private String requestId;
/**
* 变更类型
*/
@TableField(value = "change_type")
private String changeType;
/**
* 变更详情
*/
@TableField(value = "change_detail")
private String changeDetail;
/**
* operator
*/
@TableField(value = "operator")
private String operator;
/**
* 变更时间
*/
@TableField(value = "operator_time")
private Date operatorTime;
}

17
tyr-server/src/main/java/cn/axzo/tyr/server/repository/mapper/PlatUserAccountChangeMapper.java Normal file
View File

@ -0,0 +1,17 @@
package cn.axzo.tyr.server.repository.mapper;
import cn.axzo.tyr.server.repository.entity.PlatUserAccountChangeLog;
import cn.axzo.tyr.server.repository.entity.ProductModule;
import com.baomidou.mybatisplus.core.mapper.BaseMapper;
import org.apache.ibatis.annotations.Mapper;
/**
* tyr
*
* @author zuoqinbo
* @version V1.0
* @date 2023/11/23 18:34
*/
@Mapper
public interface PlatUserAccountChangeMapper extends BaseMapper<PlatUserAccountChangeLog> {
}

12
tyr-server/src/main/java/cn/axzo/tyr/server/service/RoleService.java
View File

@ -7,6 +7,7 @@ import cn.axzo.tyr.client.model.res.IsSuperAdminRes;
import cn.axzo.tyr.client.model.res.QueryBatchByIdentityIdTypeRes;
import cn.axzo.tyr.client.model.res.QueryRoleByNameResp;
import cn.axzo.tyr.client.model.res.RoleWithUserRes;
import cn.axzo.tyr.client.model.vo.SaasRoleAndGroupVO;
import cn.axzo.tyr.client.model.vo.SaasRoleVO;
import cn.axzo.tyr.client.model.vo.SaveOrUpdateRoleVO;
import cn.axzo.tyr.server.repository.entity.SaasRole;
@ -74,4 +75,15 @@ public interface RoleService {
List<SaasRoleVO> queryRoleByRoleTypes(QueryByIdentityIdTypeReq req, List<String> roleTypes);
List<SaasRole> listForOUWorkspace(Long ouId, Long workspaceId, Integer workspaceJoinType);
List<SaasRoleAndGroupVO> queryInitRoleByWorkspaceId(String workspaceType);
/**
* 删除角色列表
* @param roleIds 待删除角色集合
* @param workSpaceId 待删除角色所属workSpaceId
* @param outId 待删除角色所属单位ID
*/
void deleteRole(List<Long> roleIds,Long workSpaceId,Long outId);
}

16
tyr-server/src/main/java/cn/axzo/tyr/server/service/SaasRoleGroupService.java
View File

@ -4,10 +4,24 @@ import cn.axzo.tyr.client.model.req.QuerySaasRoleGroupReq;
import cn.axzo.tyr.client.model.vo.SaasRoleGroupVO;
import java.util.List;
/**
* @author zuoqinbo
* @version 1.0
* @description
* @date 2023/12/1 16:37
*/
public interface SaasRoleGroupService {
List<SaasRoleGroupVO> getList(QuerySaasRoleGroupReq req);
/**
* 查询自定义角色分组
* @param req 角色分组参数
* @return 角色分组列表
*/
List<SaasRoleGroupVO> getRoleGroupList(QuerySaasRoleGroupReq req);
Long saveOrUpdate(SaasRoleGroupVO req);
void delete(List<Long> ids);

3
tyr-server/src/main/java/cn/axzo/tyr/server/service/SaasRoleUserRelationService.java
View File

@ -1,5 +1,6 @@
package cn.axzo.tyr.server.service;
import cn.axzo.framework.domain.page.PageResp;
import cn.axzo.tyr.client.model.roleuser.dto.SaasRoleUserDTO;
import cn.axzo.tyr.client.model.roleuser.req.RoleUserParam;
@ -11,4 +12,6 @@ import java.util.List;
*/
public interface SaasRoleUserRelationService {
List<SaasRoleUserDTO> list(RoleUserParam param);
PageResp<SaasRoleUserDTO> pageQuery(RoleUserParam param);
}

66
tyr-server/src/main/java/cn/axzo/tyr/server/service/impl/PlatUserRoleChangeService.java Normal file
View File

@ -0,0 +1,66 @@
package cn.axzo.tyr.server.service.impl;
import cn.axzo.basics.common.BeanMapper;
import cn.axzo.framework.domain.ServiceException;
import cn.axzo.framework.domain.page.PageResp;
import cn.axzo.framework.domain.web.result.ApiPageResult;
import cn.axzo.pokonyan.config.mybatisplus.BaseEntity;
import cn.axzo.tyr.client.model.product.ProductVO;
import cn.axzo.tyr.client.model.req.PlatAccountChangeLogReq;
import cn.axzo.tyr.client.model.req.PlatAccountChangeQuery;
import cn.axzo.tyr.client.model.res.PlatAccountChangeLogResp;
import cn.axzo.tyr.server.repository.dao.PlatUserRoleChangeDao;
import cn.axzo.tyr.server.repository.dao.SaasFeatureDao;
import cn.axzo.tyr.server.repository.entity.PlatUserAccountChangeLog;
import cn.axzo.tyr.server.repository.entity.ProductModule;
import cn.axzo.tyr.server.repository.entity.SaasProductModuleFeatureRelation;
import com.alibaba.nacos.common.utils.UuidUtils;
import com.baomidou.mybatisplus.core.metadata.IPage;
import lombok.RequiredArgsConstructor;
import lombok.extern.slf4j.Slf4j;
import org.apache.commons.lang.StringUtils;
import org.springframework.beans.BeanUtils;
import org.springframework.stereotype.Service;
import java.util.Date;
import java.util.List;
/**
* tyr
*
* @author zuoqinbo
* @version V1.0
* @date 2023/11/23 18:28
*/
@Slf4j
@RequiredArgsConstructor
@Service
public class PlatUserRoleChangeService {
private final PlatUserRoleChangeDao userRoleChangeDao;
public void savePlatUserAccountChangeLog(PlatAccountChangeLogReq accountChangeLog) {
PlatUserAccountChangeLog platUserAccountChangeLog = new PlatUserAccountChangeLog();
BeanUtils.copyProperties(accountChangeLog, platUserAccountChangeLog);
if (platUserAccountChangeLog.getOperatorTime() == null) {
platUserAccountChangeLog.setOperatorTime(new Date());
}
if (platUserAccountChangeLog.getRequestId() == null) {
platUserAccountChangeLog.setRequestId(UuidUtils.generateUuid());
}
userRoleChangeDao.saveOrUpdate(platUserAccountChangeLog);
}
public ApiPageResult<PlatAccountChangeLogResp> queryPlatUserAccountChangeLog(PlatAccountChangeQuery platAccountChangeQuery) {
if (platAccountChangeQuery.getPersonId() == null) {
throw new ServiceException("PersonId不能为空");
}
IPage<PlatUserAccountChangeLog> page = userRoleChangeDao.lambdaQuery()
.eq(PlatUserAccountChangeLog::getPersonId, platAccountChangeQuery.getPersonId())
.orderByDesc(BaseEntity::getUpdateAt)
.page(platAccountChangeQuery.toPage());
List<PlatAccountChangeLogResp> list = BeanMapper.copyList(page.getRecords(), PlatAccountChangeLogResp.class);
PageResp<PlatAccountChangeLogResp> data = PageResp.list(page.getCurrent(), page.getSize(), page.getTotal(), list);
return ApiPageResult.ok(data);
}
}

165
tyr-server/src/main/java/cn/axzo/tyr/server/service/impl/RoleServiceImpl.java
View File

@ -5,6 +5,7 @@ import cn.axzo.basics.common.exception.ServiceException;
import cn.axzo.framework.domain.page.PageResp;
import cn.axzo.pokonyan.config.mybatisplus.BaseEntity;
import cn.axzo.tyr.client.common.enums.RoleTypeEnum;
import cn.axzo.tyr.client.model.BaseWorkspaceModel;
import cn.axzo.tyr.client.model.enums.IdentityType;
import cn.axzo.tyr.client.model.enums.PermissionGroupType;
import cn.axzo.tyr.client.model.permission.PermissionPointTreeNode;
@ -14,6 +15,7 @@ import cn.axzo.tyr.client.model.res.QueryBatchByIdentityIdTypeRes;
import cn.axzo.tyr.client.model.res.QueryRoleByNameResp;
import cn.axzo.tyr.client.model.res.RoleWithUserRes;
import cn.axzo.tyr.client.model.vo.SaasPermissionGroupVO;
import cn.axzo.tyr.client.model.vo.SaasRoleAndGroupVO;
import cn.axzo.tyr.client.model.vo.SaasRoleGroupVO;
import cn.axzo.tyr.client.model.vo.SaasRoleVO;
import cn.axzo.tyr.client.model.vo.SaveOrUpdateRoleVO;
@ -22,6 +24,8 @@ import cn.axzo.tyr.server.repository.entity.*;
import cn.axzo.tyr.server.service.*;
import cn.hutool.core.bean.BeanUtil;
import cn.hutool.core.collection.CollectionUtil;
import cn.hutool.core.collection.ListUtil;
import cn.hutool.core.util.StrUtil;
import com.baomidou.mybatisplus.core.conditions.query.LambdaQueryWrapper;
import com.baomidou.mybatisplus.extension.plugins.pagination.Page;
import com.google.common.collect.Lists;
@ -34,9 +38,12 @@ import org.springframework.stereotype.Service;
import org.springframework.transaction.annotation.Transactional;
import java.util.*;
import java.util.function.Consumer;
import java.util.function.Function;
import java.util.stream.Collectors;
import static org.codehaus.groovy.runtime.DefaultGroovyMethods.collect;
/**
* 角色
*
@ -71,6 +78,7 @@ public class RoleServiceImpl implements RoleService {
SaasPgroupPermissionRelationService saasPgroupPermissionRelationService;
@Autowired
SaasRoleGroupService saasRoleGroupService;
@Autowired
SaasRoleUserRelationDao saasRoleUserRelationDao;
@Autowired
@ -92,7 +100,7 @@ public class RoleServiceImpl implements RoleService {
* @return
*/
@Override
public List<SaasRoleVO> getByIds(List<Long> roleIds, Integer isCommon, List<Long> workspaceId, List<Long> ouId, Boolean includePermissionGroup, Boolean includeSpecialRole) {
public List<SaasRoleVO> getByIds(List<Long> roleIds, Integer isCommon, List<Long> workspaceId, List<Long> ouId, Boolean includePermissionGroup) {
if (CollectionUtils.isEmpty(roleIds)) {
return new ArrayList<>();
}
@ -108,7 +116,6 @@ public class RoleServiceImpl implements RoleService {
}
// 查询角色信息
List<SaasRole> roles = saasRoleDao.lambdaQuery().in(BaseEntity::getId, roleIds).list();
// 查询权限集
Map<Long, List<SaasPgroupRoleRelation>> pgrouRelationMap = null;
Map<Long, List<SaasPermissionGroupVO>> pGroupMap = null;
@ -225,6 +232,7 @@ public class RoleServiceImpl implements RoleService {
List<SaveOrUpdateRoleVO.GroupInfoVO> groupTrees = saveOrUpdateRole.getGroupTree();
// 验证角色分组信息
validRoleGroup(groupTrees);
//validRoleName(saveOrUpdateRole);
SaasRole saasRole = validAndBuildRole(saveOrUpdateRole, now);
//验证权限集信息
SaasPermissionGroup saasPermissionGroup = validPermissionGroupCommon(saveOrUpdateRole);
@ -265,6 +273,53 @@ public class RoleServiceImpl implements RoleService {
return saasRole.getId();
}
private void validRoleName(SaveOrUpdateRoleVO saveOrUpdateRole) {
List<SaveOrUpdateRoleVO.GroupInfoVO> groupTrees = saveOrUpdateRole.getGroupTree();
if (CollectionUtil.isEmpty(groupTrees)) {
return;
}
String currentWorkspaceCode = groupTrees.get(0).getWorkspaceTypeCode();
List<SaasRoleGroup> roleGroups = saasRoleGroupDao.lambdaQuery()
.in(SaasRoleGroup::getWorkspaceTypeCode, currentWorkspaceCode)
.eq(SaasRoleGroup::getWorkspaceId, saveOrUpdateRole.getWorkspaceId())
.eq(SaasRoleGroup::getOuId, saveOrUpdateRole.getOwnerOuId())
.eq(SaasRoleGroup::getIsDelete, TableIsDeleteEnum.NORMAL.value).list();
List<Long> roleGroupIds = roleGroups.stream().map(SaasRoleGroup::getId).collect(Collectors.toList());
if (CollectionUtil.isEmpty(roleGroupIds)) {
return;
}
List<SaasRoleGroupRelation> roleGroupRelations = roleGroupRelationDao.lambdaQuery()
.in(SaasRoleGroupRelation::getSaasRoleGroupId, roleGroupIds)
.eq(SaasRoleGroupRelation::getIsDelete, TableIsDeleteEnum.NORMAL.value).list();
if (CollectionUtil.isNotEmpty(roleGroupRelations)) {
List<Long> saasRoleIds = roleGroupRelations.stream().map(SaasRoleGroupRelation::getRoleId).collect(Collectors.toList());
//确保这些角色id 都是正常使用的
List<SaasRole> roles = saasRoleDao.lambdaQuery()
.eq(SaasRole::getWorkspaceId, saveOrUpdateRole.getWorkspaceId())
.eq(SaasRole::getId, saasRoleIds)
.eq(SaasRole::getName, saveOrUpdateRole.getName())
.eq(SaasRole::getOwnerOuId, saveOrUpdateRole.getOwnerOuId())
.eq(SaasRole::getIsDelete, TableIsDeleteEnum.NORMAL.value).list();
if (CollectionUtil.isNotEmpty(roles)) {
//新增角色 判断角色名称重复
if (Objects.isNull(saveOrUpdateRole.getId())) {
throw new ServiceException("同一企业单位、同一工作台类型,角色名称不能重复!");
} else {
//如果是更新角色必须是当前角色
if (!(roles.size() == 1 && (roles.get(0).getId().equals(saveOrUpdateRole.getId())))) {
throw new ServiceException("同一企业单位、同一工作台类型,角色名称不能重复!");
}
}
}
// Optional<SaasRole> repeatGroupName = roles.stream()
// .filter(g -> !Objects.equals(g.getId(), saveOrUpdateRole.getId()) && StringUtils.equalsIgnoreCase(g.getName(), saveOrUpdateRole.getName())).findFirst();
// if (repeatGroupName.isPresent()) {
// throw new ServiceException("同一个单位、同一工作台类型内,角色名称不能重复!");
// }
}
}
@Override
public List<IsSuperAdminRes> isSuperAdmin(List<QueryByIdentityIdTypeReq> req) {
List<IsSuperAdminRes> result = new ArrayList<>();
@ -320,24 +375,54 @@ public class RoleServiceImpl implements RoleService {
saasRole.setRoleType(saveOrUpdateRole.getRoleType());
saasRole.setWorkspaceId(saveOrUpdateRole.getWorkspaceId());
saasRole.setOwnerOuId(saveOrUpdateRole.getOwnerOuId());
saasRole.setWorkspaceType(Integer.parseInt(saveOrUpdateRole.getGroupTree().get(0).getWorkspaceTypeCode()));
saasRole.setUpdateBy(saveOrUpdateRole.getOperatorId());
saasRole.setUpdateAt(now);
// 不可能为空
List<Long> groupIds = saveOrUpdateRole.getGroupTree().stream().map(SaveOrUpdateRoleVO.GroupInfoVO::getId).sorted().collect(Collectors.toList());
//同分组内角色名称不能重复
List<SaasRoleGroupRelation> relations = roleGroupRelationDao.lambdaQuery().in(SaasRoleGroupRelation::getSaasRoleGroupId, groupIds)
String message = "角色校验异常";
List<SaasRoleGroupRelation> relations = Lists.newArrayList();
//系统预设角色分组 同分组内角色名称不能重复
if (saveOrUpdateRole.getWorkspaceId() == -1L && saveOrUpdateRole.getOwnerOuId() == -1L) {
List<Long> presetGroupIds = saveOrUpdateRole.getGroupTree().stream().map(SaveOrUpdateRoleVO.GroupInfoVO::getId).sorted().collect(Collectors.toList());
relations = roleGroupRelationDao.lambdaQuery().in(SaasRoleGroupRelation::getSaasRoleGroupId, presetGroupIds)
.eq(SaasRoleGroupRelation::getIsDelete, TableIsDeleteEnum.NORMAL.value).list();
message = "同一角色分组内,角色名称不能重复!";
} else {
//自定义角色 同一个企业单位 同一个工作台 角色名称不能为空
String currentWorkspaceCode = saveOrUpdateRole.getGroupTree().get(0).getWorkspaceTypeCode();
List<Long> systemAndCustomWorkspaceCodes = new ArrayList<>();
systemAndCustomWorkspaceCodes.add(Long.valueOf(currentWorkspaceCode));
systemAndCustomWorkspaceCodes.add(-1L);
List<Long> systemAndCustomOuIds = new ArrayList<>();
systemAndCustomOuIds.add(saveOrUpdateRole.getOwnerOuId());
systemAndCustomOuIds.add(-1L);
List<Long> systemAndCustomWorkspaceIds = new ArrayList<>();
systemAndCustomWorkspaceIds.add(saveOrUpdateRole.getWorkspaceId());
systemAndCustomWorkspaceIds.add(-1L);
List<SaasRoleGroup> roleGroups = saasRoleGroupDao.lambdaQuery()
.in(SaasRoleGroup::getWorkspaceTypeCode, systemAndCustomWorkspaceCodes)
.in(SaasRoleGroup::getWorkspaceId, systemAndCustomWorkspaceIds)
.in(SaasRoleGroup::getOuId, systemAndCustomOuIds)
.eq(SaasRoleGroup::getIsDelete, TableIsDeleteEnum.NORMAL.value).list();
List<Long> roleGroupIds = roleGroups.stream().map(SaasRoleGroup::getId).collect(Collectors.toList());
//同分组内角色名称不能重复 --->> 同一个企业单位 同一个工作台 角色名称不能为空 by zuoqinbo
relations = roleGroupRelationDao.lambdaQuery().in(SaasRoleGroupRelation::getSaasRoleGroupId, roleGroupIds)
.eq(SaasRoleGroupRelation::getIsDelete, TableIsDeleteEnum.NORMAL.value).list();
message = "同一个企业单位,系统工作台和自定义角色,名称不能重复!";
}
if (CollectionUtils.isNotEmpty(relations)) {
List<Long> roleIds = relations.stream().map(SaasRoleGroupRelation::getRoleId).sorted().collect(Collectors.toList());
Map<Long, Set<Long>> groupRoleMap = relations.stream().collect(Collectors.groupingBy(SaasRoleGroupRelation::getSaasRoleGroupId, Collectors.mapping(SaasRoleGroupRelation::getRoleId, Collectors.toSet())));
List<SaasRole> roles = saasRoleDao.lambdaQuery().in(SaasRole::getId, roleIds).eq(SaasRole::getIsDelete, TableIsDeleteEnum.NORMAL.value).list();
Map<Long, SaasRole> roleMap = roles.stream().collect(Collectors.toMap(SaasRole::getId, Function.identity(), (e1, e2) -> e2));
String finalMessage = message;
groupRoleMap.forEach((groupId, roleSet) -> {
Optional<SaasRole> repeatNameRole = roleSet.stream().map(roleMap::get)
.filter(e -> Objects.nonNull(e) && !Objects.equals(e.getId(), saveOrUpdateRole.getId()) && StringUtils.equalsIgnoreCase(e.getName(), saasRole.getName()))
.findFirst();
if (repeatNameRole.isPresent()) {
throw new ServiceException("同分组内角色名称不能重复");
throw new ServiceException(finalMessage);
}
});
}
@ -461,7 +546,12 @@ public class RoleServiceImpl implements RoleService {
}
//反查relation
List<Long> roleIds = rolePage.getRecords().stream().map(SaasRole::getId).collect(Collectors.toList());
List<Long> roleIds = Lists.newArrayList();
if (req.getRoleId() == null) {
roleIds = rolePage.getRecords().stream().map(SaasRole::getId).collect(Collectors.toList());
} else {
roleIds.add(req.getRoleId());
}
List<SaasRoleUserRelation> relationList = saasRoleUserRelationDao.list(new LambdaQueryWrapper<SaasRoleUserRelation>().
in(SaasRoleUserRelation::getRoleId, roleIds)
.eq(SaasRoleUserRelation::getOuId, req.getOuId())
@ -549,4 +639,63 @@ public class RoleServiceImpl implements RoleService {
return resp;
}).collect(Collectors.toList());
}
@Override
public List<SaasRoleAndGroupVO> queryInitRoleByWorkspaceId(String workspaceType) {
if (StrUtil.isEmpty(workspaceType)) {
return new ArrayList<>();
}
List<SaasRoleGroup> query = saasRoleGroupDao.query(QuerySaasRoleGroupReq.builder()
.workspaceTypeCode(ListUtil.of(workspaceType))
.build());
if (CollectionUtils.isEmpty(query)) {
return Collections.emptyList();
}
List<SaasRoleGroupRelation> roleGroupRelation = roleGroupRelationDao.getByGroupIds(query.stream().map(BaseEntity::getId).collect(Collectors.toList()));
if (CollectionUtils.isEmpty(roleGroupRelation)) {
return Collections.emptyList();
}
Map<Long, List<SaasRoleGroupRelation>> groupIdMap = roleGroupRelation.stream().collect(Collectors.groupingBy(SaasRoleGroupRelation::getSaasRoleGroupId));
ArrayList<SaasRoleAndGroupVO> result = new ArrayList<>();
query.forEach(e -> {
List<SaasRoleGroupRelation> saasRoleGroupRelations = groupIdMap.get(e.getId());
if (CollectionUtils.isEmpty(saasRoleGroupRelations)) {
return;
}
List<SaasRole> roles = saasRoleDao.listByIds(saasRoleGroupRelations.stream().map(SaasRoleGroupRelation::getRoleId).collect(Collectors.toList()));
result.add(SaasRoleAndGroupVO.builder()
.ouTypeName(e.getName())
.ouTypeCode(e.getOuTypeCode())
.simpleSaasRole(roles.stream().map(role -> SaasRoleVO.builder()
.roleType(role.getRoleType())
.id(role.getId())
.name(role.getName())
.build()).collect(Collectors.toList()))
.build());
});
return result;
}
@Override
@Transactional(rollbackFor = Exception.class)
public void deleteRole(List<Long> roleIds, Long workSpaceId, Long ouId) {
List<SaasRoleUserRelation> saasRoleUserRelations = roleUserRelationDao.lambdaQuery()
.in(CollectionUtil.isNotEmpty(roleIds), SaasRoleUserRelation::getRoleId, roleIds)
.eq(workSpaceId != null, SaasRoleUserRelation::getWorkspaceId, workSpaceId)
.eq(ouId != null, SaasRoleUserRelation::getOuId, ouId)
.eq(BaseEntity::getIsDelete, TableIsDeleteEnum.NORMAL.value)
.list();
if (CollectionUtil.isNotEmpty(saasRoleUserRelations)) {
throw new cn.axzo.basics.common.exception.ServiceException("当前角色已被用户使用,无法删除!");
}
saasRoleDao.delete(roleIds);
roleUserRelationDao.deleteByRoldId(roleIds);
roleGroupRelationDao.deleteGroupRelation(roleIds);
}
}

19
tyr-server/src/main/java/cn/axzo/tyr/server/service/impl/RoleUserService.java
View File

@ -46,6 +46,9 @@ public class RoleUserService implements SaasRoleUserService {
private final SaasRoleUserRelationDao roleUserRelationDao;
private final SaasRoleDao saasRoleDao;
@Override
@Transactional(rollbackFor = Exception.class)
public void saveOrUpdate(RoleUserReq req) {
// 单位类型默认角色关系,后面可以座位管理员的逻辑进行迭代
@Value("${#{${participateUnitDefaultRoleIdList:{}}}:}")
public Map<Integer,Long> participateUnitDefaultRoleId;
@ -73,7 +76,7 @@ public class RoleUserService implements SaasRoleUserService {
if (CollectionUtils.isNotEmpty(updateRoleIds)) {
List<SaasRole> roles = saasRoleDao.listByIds(updateRoleIds);
if (roles.stream().anyMatch(e -> RoleTypeEnum.getRoleType(e.getRoleType()).isAdminRole())) {
throw new ServiceException("暂不支持更换管理员角色");
throw new ServiceException("暂不支持更换/移除管理员角色");
}
}
@ -92,8 +95,6 @@ public class RoleUserService implements SaasRoleUserService {
notAdminRole = notAdminRole.stream().filter(e-> !participateUnitDefaultRoleId.values().contains(e)).collect(Collectors.toList());
}
}
BaseWorkspaceModel workspaceModel = BaseWorkspaceModel.builder()
.workspaceId(req.getWorkspaceId()).ouId(req.getOuId())
.identityId(req.getIdentityId()).identityType(req.getIdentityType())
@ -101,7 +102,19 @@ public class RoleUserService implements SaasRoleUserService {
// 删除现有非管理员的角色
if (CollectionUtils.isNotEmpty(notAdminRole)) {
//如果该接口支持 权限回收那么参数UpdateRoleIds就是待删除的权限合集
if (req.isRecycleModel()) {
notAdminRole.clear();
//回收角色权限,只移除用户传参的权限
notAdminRole.addAll(req.getUpdateRoleIds());
roleUserRelationDao.deleteByUser(workspaceModel, notAdminRole);
return;
}
roleUserRelationDao.deleteByUser(workspaceModel, notAdminRole);
}
if(req.isMergeExistsRoles()){
//合并新的角色和老的角色
updateRoleIds.addAll(notAdminRole);
}
// 清空所有角色
if (CollectionUtil.isEmpty(updateRoleIds)) {

24
tyr-server/src/main/java/cn/axzo/tyr/server/service/impl/SaasRoleGroupServiceImpl.java
View File

@ -38,6 +38,11 @@ public class SaasRoleGroupServiceImpl implements SaasRoleGroupService {
} else if (!req.getOuIds().contains(-1L)) {
req.getOuIds().add(-1L);
}
return queryRoleGroup(req);
}
private List<SaasRoleGroupVO> queryRoleGroup(QuerySaasRoleGroupReq req){
List<SaasRoleGroupRelation> saasRoleGroupRelations = null;
if (CollectionUtils.isNotEmpty(req.getRoleIds())) {
saasRoleGroupRelations = saasRoleGroupRelationDao.lambdaQuery()
@ -74,9 +79,18 @@ public class SaasRoleGroupServiceImpl implements SaasRoleGroupService {
target.setRoleIds(groupRoleMap.get(e.getId()));
return target;
}).collect(Collectors.toList());
return results;
}
@Override
public List<SaasRoleGroupVO> getRoleGroupList(QuerySaasRoleGroupReq req) {
if (CollectionUtils.isEmpty(req.getWorkspaceIds())) {
req.setWorkspaceIds(Arrays.asList(-1L));
}
if (CollectionUtils.isEmpty(req.getOuIds())) {
req.setOuIds(Arrays.asList(-1L));
}
return queryRoleGroup(req);
}
@Override
public Long saveOrUpdate(SaasRoleGroupVO req) {
@ -99,7 +113,7 @@ public class SaasRoleGroupServiceImpl implements SaasRoleGroupService {
.eq(SaasRoleGroupRelation::getIsDelete, TableIsDeleteEnum.NORMAL.value)
.count();
if (relationCount > 0) {
throw new ServiceException("分组关联角色,不能删除");
throw new ServiceException("该角色分组关联角色,不能进行删除");
}
saasRoleGroupDao.delete(ids);
}
@ -119,13 +133,15 @@ public class SaasRoleGroupServiceImpl implements SaasRoleGroupService {
throw new ServiceException("角色分组不存在");
}
}
List<SaasRoleGroup> groups = saasRoleGroupDao.lambdaQuery().eq(SaasRoleGroup::getWorkspaceTypeCode, req.getWorkspaceTypeCode())
List<SaasRoleGroup> groups = saasRoleGroupDao.lambdaQuery()
.eq(SaasRoleGroup::getWorkspaceId,req.getWorkspaceId())
.eq(SaasRoleGroup::getOuId,req.getOuId())
.eq(SaasRoleGroup::getIsDelete, TableIsDeleteEnum.NORMAL.value).list();
if (CollectionUtils.isNotEmpty(groups)) {
Optional<SaasRoleGroup> repeatGroupName = groups.stream()
.filter(g -> !Objects.equals(g.getId(), req.getId()) && StringUtils.equalsIgnoreCase(g.getName(), req.getName())).findFirst();
if (repeatGroupName.isPresent()) {
throw new ServiceException("工作台类型内,分组名称不能重复");
throw new ServiceException("一个企业单位、工作台或自定义角色分组,名称不能重复!");
}
}
// 拼接ouTypeCode字符串

49
tyr-server/src/main/java/cn/axzo/tyr/server/service/impl/SaasRoleUserRelationServiceImpl.java
View File

@ -1,6 +1,8 @@
package cn.axzo.tyr.server.service.impl;
import cn.axzo.basics.common.BeanMapper;
import cn.axzo.basics.common.constant.enums.TableIsDeleteEnum;
import cn.axzo.framework.domain.page.PageResp;
import cn.axzo.pokonyan.config.mybatisplus.BaseEntity;
import cn.axzo.tyr.client.model.roleuser.dto.SaasRoleUserDTO;
import cn.axzo.tyr.client.model.roleuser.req.RoleUserParam;
@ -11,6 +13,9 @@ import cn.axzo.tyr.server.repository.entity.SaasRoleUserRelation;
import cn.axzo.tyr.server.service.SaasRoleUserRelationService;
import cn.hutool.core.bean.BeanUtil;
import cn.hutool.core.collection.CollectionUtil;
import com.baomidou.mybatisplus.core.metadata.IPage;
import com.baomidou.mybatisplus.extension.conditions.query.LambdaQueryChainWrapper;
import com.baomidou.mybatisplus.extension.plugins.pagination.Page;
import lombok.extern.slf4j.Slf4j;
import org.springframework.stereotype.Service;
@ -39,16 +44,8 @@ public class SaasRoleUserRelationServiceImpl implements SaasRoleUserRelationServ
@Override
public List<SaasRoleUserDTO> list(RoleUserParam param) {
// TODO jhy 角色查询 需要验证标准角色和自定义角色的查询逻辑
List<SaasRoleUserRelation> saasRoleUserRelations = saasRoleUserRelationDao.lambdaQuery()
.eq(Objects.nonNull(param.getIdentityId()), SaasRoleUserRelation::getIdentityId, param.getIdentityId())
.eq(Objects.nonNull(param.getIdentityType()), SaasRoleUserRelation::getIdentityType, param.getIdentityType())
.eq(Objects.nonNull(param.getWorkspaceId()), SaasRoleUserRelation::getWorkspaceId, param.getWorkspaceId())
.eq(Objects.nonNull(param.getOuId()), SaasRoleUserRelation::getOuId, param.getOuId())
.in(CollectionUtil.isNotEmpty(param.getRoleIds()), SaasRoleUserRelation::getRoleId, param.getRoleIds())
.in(CollectionUtil.isNotEmpty(param.getIdentityIds()), SaasRoleUserRelation::getIdentityId, param.getIdentityIds())
.eq(BaseEntity::getIsDelete, TableIsDeleteEnum.NORMAL.value)
.last("LIMIT 1000")
.list();
LambdaQueryChainWrapper<SaasRoleUserRelation> wrapper = buildWrapper(param);
List<SaasRoleUserRelation> saasRoleUserRelations = wrapper.last("LIMIT 1000").list();
if (CollectionUtil.isEmpty(saasRoleUserRelations)) {
return Collections.emptyList();
}
@ -66,4 +63,36 @@ public class SaasRoleUserRelationServiceImpl implements SaasRoleUserRelationServ
return userRole;
}).collect(Collectors.toList());
}
private LambdaQueryChainWrapper<SaasRoleUserRelation> buildWrapper(RoleUserParam param) {
return saasRoleUserRelationDao.lambdaQuery()
.eq(Objects.nonNull(param.getIdentityId()), SaasRoleUserRelation::getIdentityId, param.getIdentityId())
.eq(Objects.nonNull(param.getIdentityType()), SaasRoleUserRelation::getIdentityType, param.getIdentityType())
.eq(Objects.nonNull(param.getWorkspaceId()), SaasRoleUserRelation::getWorkspaceId, param.getWorkspaceId())
.eq(Objects.nonNull(param.getOuId()), SaasRoleUserRelation::getOuId, param.getOuId())
.in(CollectionUtil.isNotEmpty(param.getOuIds()), SaasRoleUserRelation::getOuId, param.getOuIds())
.in(CollectionUtil.isNotEmpty(param.getWorkspaceIds()), SaasRoleUserRelation::getWorkspaceId, param.getWorkspaceId())
.in(CollectionUtil.isNotEmpty(param.getRoleIds()), SaasRoleUserRelation::getRoleId, param.getRoleIds())
.in(CollectionUtil.isNotEmpty(param.getIdentityIds()), SaasRoleUserRelation::getIdentityId, param.getIdentityIds())
.eq(BaseEntity::getIsDelete, TableIsDeleteEnum.NORMAL.value);
}
@Override
public PageResp<SaasRoleUserDTO> pageQuery(RoleUserParam param) {
//限制分页100
if (param.getPageSize() != null && param.getPageSize().compareTo(200L) > 0) {
param.setPageSize(100L);
}
//查询条件构造 - ID升序
LambdaQueryChainWrapper<SaasRoleUserRelation> wrapper = buildWrapper(param)
.orderByAsc(SaasRoleUserRelation::getId);
IPage<SaasRoleUserRelation> page = wrapper.page(param.toPage());
if (CollectionUtil.isEmpty(page.getRecords())) {
return PageResp.zero(param.getPage(), param.getPageSize());
}
List<SaasRoleUserDTO> list = page.getRecords().stream()
.map(r -> BeanMapper.copyBean(r, SaasRoleUserDTO.class))
.collect(Collectors.toList());
return PageResp.list(param.getPage(), param.getPageSize(), page.getTotal(), list);
}
}

31
tyr-server/src/main/java/cn/axzo/tyr/server/service/impl/TyrSaasAuthServiceImpl.java
View File

@ -316,16 +316,41 @@ public class TyrSaasAuthServiceImpl implements TyrSaasAuthService {
userRoleInfoMap.setWorkspaceJoinType(WorkspaceJoinType.matchValue(e.getWorkspaceJoinType()));
queryKey.putIfAbsent(KeyUtil.buildKeyBySeparator(e.getWorkspaceId(), e.getOuId()), userRoleInfoMap);
});
final List<SaasRoleUserRelation> saasRoleUserRelations = new ArrayList<>();
if (CollectionUtil.isNotEmpty(identityAuthReq.getSpecifyRoleIds())) {
//指定了角色 则不需要去查用户角色关系
// mock 看做已有所有角色
queryKey.values().forEach(k -> {
List<SaasRoleUserRelation> relations = identityAuthReq.getSpecifyRoleIds().stream().map(id -> {
SaasRoleUserRelation relation = new SaasRoleUserRelation();
relation.setRoleId(id);
relation.setOuId(k.getOuId());
relation.setWorkspaceId(k.getWorkspaceId());
relation.setIdentityId(identityAuthReq.getIdentityId());
relation.setIdentityType(identityAuthReq.getIdentityType().getCode());
// 使用角色ID替代不需要在查询一次
relation.setId(id);
return relation;
}).collect(Collectors.toList());
saasRoleUserRelations.addAll(relations);
});
} else {
stopWatch.start("query role user relation");
List<SaasRoleUserRelation> saasRoleUserRelations = roleUserService.queryByWorkspaceIdOrOu(identityAuthReq.getIdentityId(), identityAuthReq.getIdentityType(), queryWorkspace, queryOuId);
List<SaasRoleUserRelation> relations = roleUserService.queryByWorkspaceIdOrOu(identityAuthReq.getIdentityId(), identityAuthReq.getIdentityType(), queryWorkspace, queryOuId);
stopWatch.stop();
if (CollectionUtil.isEmpty(saasRoleUserRelations)) {
if (CollectionUtil.isEmpty(relations)) {
return result;
}
// 有工作台和单位的查询条件通过单位与工作台在过滤一次
if (CollectionUtil.isNotEmpty(queryInfo)) {
saasRoleUserRelations = saasRoleUserRelations.stream().filter(roleUserService -> queryKey.containsKey(KeyUtil.buildKeyBySeparator(roleUserService.getWorkspaceId(), roleUserService.getOuId()))).collect(Collectors.toList());
saasRoleUserRelations.addAll(relations.stream()
.filter(roleUserService -> queryKey.containsKey(
KeyUtil.buildKeyBySeparator(roleUserService.getWorkspaceId(), roleUserService.getOuId())))
.collect(Collectors.toList()));
}
}
Set<Long> realWorkspaceId = saasRoleUserRelations.stream().map(SaasRoleUserRelation::getWorkspaceId).collect(Collectors.toSet());
Set<Long> realOuId = saasRoleUserRelations.stream().map(SaasRoleUserRelation::getOuId).collect(Collectors.toSet());