From 633e150b8ca6c6e1efbdd7ab05a92b299763949d Mon Sep 17 00:00:00 2001 From: henry <1792539268@qq.com> Date: Tue, 16 Jan 2024 16:41:16 +0800 Subject: [PATCH] =?UTF-8?q?REQ-2039=20RPC=20=E5=B0=8F=E7=BB=84=E9=95=BF?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- .../axzo/tyr/client/feign/TyrSaasRoleApi.java | 15 ++ .../model/req/ChangeGroupLeaderRoleReq.java | 46 ++++++ .../client/model/vo/SaasRoleGroupCodeVO.java | 18 +++ tyr-server/pom.xml | 6 +- .../controller/role/SaasRoleController.java | 16 ++ .../repository/dao/SaasRoleGroupDao.java | 5 + .../dao/SaasRoleUserRelationDao.java | 11 ++ .../axzo/tyr/server/service/RoleService.java | 5 + .../server/service/impl/RoleServiceImpl.java | 137 +++++++++++++++++- 9 files changed, 256 insertions(+), 3 deletions(-) create mode 100644 tyr-api/src/main/java/cn/axzo/tyr/client/model/req/ChangeGroupLeaderRoleReq.java create mode 100644 tyr-api/src/main/java/cn/axzo/tyr/client/model/vo/SaasRoleGroupCodeVO.java diff --git a/tyr-api/src/main/java/cn/axzo/tyr/client/feign/TyrSaasRoleApi.java b/tyr-api/src/main/java/cn/axzo/tyr/client/feign/TyrSaasRoleApi.java index c4f50d13..2c0cd710 100644 --- a/tyr-api/src/main/java/cn/axzo/tyr/client/feign/TyrSaasRoleApi.java +++ b/tyr-api/src/main/java/cn/axzo/tyr/client/feign/TyrSaasRoleApi.java @@ -6,12 +6,14 @@ import cn.axzo.tyr.client.model.req.QueryByIdentityIdTypeReq; import cn.axzo.tyr.client.model.req.QueryRoleByNameReq; import cn.axzo.tyr.client.model.req.QuerySaasRoleReq; import cn.axzo.tyr.client.model.req.RoleWithUserQueryReq; +import cn.axzo.tyr.client.model.req.ChangeGroupLeaderRoleReq; import cn.axzo.tyr.client.model.res.IsSuperAdminRes; import cn.axzo.tyr.client.model.res.QueryBatchByIdentityIdTypeRes; import cn.axzo.tyr.client.model.res.QueryRoleByNameResp; import cn.axzo.tyr.client.model.res.RoleWithUserRes; import cn.axzo.tyr.client.model.vo.SaasRoleAndGroupVO; import cn.axzo.tyr.client.model.vo.SaasRoleCategoryVO; +import cn.axzo.tyr.client.model.vo.SaasRoleGroupCodeVO; import cn.axzo.tyr.client.model.vo.SaasRoleVO; import cn.axzo.tyr.client.model.vo.SaveOrUpdateRoleVO; import org.springframework.cloud.openfeign.FeignClient; @@ -125,5 +127,18 @@ public interface TyrSaasRoleApi { @GetMapping("/api/saasRole/queryByCategoryCode") ApiResult> queryByCategoryCode(@RequestParam("categoryCodes") List categoryCodes); + /** + * 通过角色GroupCode查询标准角色 + */ + @GetMapping("/api/saasRole/queryByCategoryCode") + ApiResult> queryByCodes(@RequestParam("codes") List codes); + + /** + * + * @param req + * @return + */ + @PostMapping("api/saasRole/changeGroupLeaderRole") + ApiResult changeGroupLeaderRole(@RequestBody @Valid List req); } diff --git a/tyr-api/src/main/java/cn/axzo/tyr/client/model/req/ChangeGroupLeaderRoleReq.java b/tyr-api/src/main/java/cn/axzo/tyr/client/model/req/ChangeGroupLeaderRoleReq.java new file mode 100644 index 00000000..4fff7058 --- /dev/null +++ b/tyr-api/src/main/java/cn/axzo/tyr/client/model/req/ChangeGroupLeaderRoleReq.java @@ -0,0 +1,46 @@ +package cn.axzo.tyr.client.model.req; + +import com.google.common.collect.Lists; +import lombok.AllArgsConstructor; +import lombok.Builder; +import lombok.Data; +import lombok.NoArgsConstructor; + +import javax.validation.constraints.NotEmpty; +import javax.validation.constraints.NotNull; +import java.util.List; + +@Data +@AllArgsConstructor +@NoArgsConstructor +@Builder +public class ChangeGroupLeaderRoleReq { + /** + * 小组nodeId + */ + @NotNull + private Long groupNodeId; + /** + * 工作台id + */ + private Long workspaceId; + /** + * 小组长Personid + */ + @NotNull + private Long groupLeaderPersonId; + /** + * 团队Id + */ + private Long ouId; + + /** + * 小组长身份id + */ + private Long groupLeaderIdentityId; + /** + * 权限名列表 + */ + @NotEmpty + private List permissionNameList = Lists.newArrayListWithExpectedSize(3); +} diff --git a/tyr-api/src/main/java/cn/axzo/tyr/client/model/vo/SaasRoleGroupCodeVO.java b/tyr-api/src/main/java/cn/axzo/tyr/client/model/vo/SaasRoleGroupCodeVO.java new file mode 100644 index 00000000..eba94ec2 --- /dev/null +++ b/tyr-api/src/main/java/cn/axzo/tyr/client/model/vo/SaasRoleGroupCodeVO.java @@ -0,0 +1,18 @@ +package cn.axzo.tyr.client.model.vo; + +import lombok.AllArgsConstructor; +import lombok.Data; +import lombok.NoArgsConstructor; +import lombok.experimental.SuperBuilder; + +import java.util.List; + +@Data +@AllArgsConstructor +@NoArgsConstructor +@SuperBuilder +public class SaasRoleGroupCodeVO { + private String code; + + private List roleInfos; +} diff --git a/tyr-server/pom.xml b/tyr-server/pom.xml index cdb35da1..1a4cc423 100644 --- a/tyr-server/pom.xml +++ b/tyr-server/pom.xml @@ -21,7 +21,11 @@ - + + cn.axzo.basics + basics-auth-api + ${project.version} + cn.axzo.tyr tyr-api diff --git a/tyr-server/src/main/java/cn/axzo/tyr/server/controller/role/SaasRoleController.java b/tyr-server/src/main/java/cn/axzo/tyr/server/controller/role/SaasRoleController.java index 543ea73d..7e3becd5 100644 --- a/tyr-server/src/main/java/cn/axzo/tyr/server/controller/role/SaasRoleController.java +++ b/tyr-server/src/main/java/cn/axzo/tyr/server/controller/role/SaasRoleController.java @@ -8,15 +8,18 @@ import cn.axzo.tyr.client.model.req.QueryByIdentityIdTypeReq; import cn.axzo.tyr.client.model.req.QueryRoleByNameReq; import cn.axzo.tyr.client.model.req.QuerySaasRoleReq; import cn.axzo.tyr.client.model.req.RoleWithUserQueryReq; +import cn.axzo.tyr.client.model.req.ChangeGroupLeaderRoleReq; import cn.axzo.tyr.client.model.res.IsSuperAdminRes; import cn.axzo.tyr.client.model.res.QueryBatchByIdentityIdTypeRes; import cn.axzo.tyr.client.model.res.QueryRoleByNameResp; import cn.axzo.tyr.client.model.res.RoleWithUserRes; import cn.axzo.tyr.client.model.vo.SaasRoleAndGroupVO; import cn.axzo.tyr.client.model.vo.SaasRoleCategoryVO; +import cn.axzo.tyr.client.model.vo.SaasRoleGroupCodeVO; import cn.axzo.tyr.client.model.vo.SaasRoleVO; import cn.axzo.tyr.client.model.vo.SaveOrUpdateRoleVO; import cn.axzo.tyr.server.model.PermissionCacheKey; +import cn.axzo.tyr.server.repository.dao.SaasRoleUserRelationDao; import cn.axzo.tyr.server.service.PermissionCacheService; import cn.axzo.tyr.server.service.RoleService; import com.google.common.collect.Lists; @@ -44,6 +47,8 @@ public class SaasRoleController implements TyrSaasRoleApi { RoleService roleService; @Autowired PermissionCacheService permissionCacheService; + @Autowired + private SaasRoleUserRelationDao saasRoleUserRelationDao; @Override public ApiResult saveOrUpdate(SaveOrUpdateRoleVO saveOrUpdateRole) { @@ -117,4 +122,15 @@ public class SaasRoleController implements TyrSaasRoleApi { public ApiResult> queryByCategoryCode(List categoryCodes) { return ApiResult.ok(roleService.queryByCategoryCode(categoryCodes)); } + + @Override + public ApiResult> queryByCodes(List codes) { + return ApiResult.ok(roleService.queryByCodes(codes)); + } + + @Override + public ApiResult changeGroupLeaderRole(List reqs) { + roleService.changeGroupLeaderRole(reqs); + return ApiResult.ok(); + } } diff --git a/tyr-server/src/main/java/cn/axzo/tyr/server/repository/dao/SaasRoleGroupDao.java b/tyr-server/src/main/java/cn/axzo/tyr/server/repository/dao/SaasRoleGroupDao.java index 2ba91076..8d5c7128 100644 --- a/tyr-server/src/main/java/cn/axzo/tyr/server/repository/dao/SaasRoleGroupDao.java +++ b/tyr-server/src/main/java/cn/axzo/tyr/server/repository/dao/SaasRoleGroupDao.java @@ -55,5 +55,10 @@ public class SaasRoleGroupDao extends ServiceImpl listByCodes(List codes) { + return lambdaQuery().eq(BaseEntity::getIsDelete, 0L) + .in(SaasRoleGroup::getCode, codes).list(); + } } diff --git a/tyr-server/src/main/java/cn/axzo/tyr/server/repository/dao/SaasRoleUserRelationDao.java b/tyr-server/src/main/java/cn/axzo/tyr/server/repository/dao/SaasRoleUserRelationDao.java index e2389a23..803ffb66 100644 --- a/tyr-server/src/main/java/cn/axzo/tyr/server/repository/dao/SaasRoleUserRelationDao.java +++ b/tyr-server/src/main/java/cn/axzo/tyr/server/repository/dao/SaasRoleUserRelationDao.java @@ -1,5 +1,6 @@ package cn.axzo.tyr.server.repository.dao; +import cn.axzo.basics.auth.api.enums.SaasResourceTypeEnum; import cn.axzo.basics.common.constant.enums.TableIsDeleteEnum; import cn.axzo.pokonyan.config.mybatisplus.BaseEntity; import cn.axzo.tyr.client.model.BaseWorkspaceModel; @@ -118,6 +119,16 @@ public class SaasRoleUserRelationDao extends ServiceImpl findValidByNodeResource(Long personId, Long nodeId, Long roleId) { + return lambdaQuery() + .eq(SaasRoleUserRelation::getIsDelete, TableIsDeleteEnum.NORMAL.value) + .eq(SaasRoleUserRelation::getResourceType, SaasResourceTypeEnum.NODE_TYPE.code) + .eq(Objects.nonNull(nodeId), SaasRoleUserRelation::getResourceId, nodeId) + .eq(Objects.nonNull(personId), SaasRoleUserRelation::getNaturalPersonId, personId) + .eq(Objects.nonNull(roleId), SaasRoleUserRelation::getRoleId, roleId) + .list(); + } + public void removeByResource(RemoveRoleUserByResource req) { List identityId = req.getIdentityId(); lambdaUpdate() diff --git a/tyr-server/src/main/java/cn/axzo/tyr/server/service/RoleService.java b/tyr-server/src/main/java/cn/axzo/tyr/server/service/RoleService.java index 54021a27..8209109f 100644 --- a/tyr-server/src/main/java/cn/axzo/tyr/server/service/RoleService.java +++ b/tyr-server/src/main/java/cn/axzo/tyr/server/service/RoleService.java @@ -9,6 +9,7 @@ import cn.axzo.tyr.client.model.res.QueryRoleByNameResp; import cn.axzo.tyr.client.model.res.RoleWithUserRes; import cn.axzo.tyr.client.model.vo.SaasRoleAndGroupVO; import cn.axzo.tyr.client.model.vo.SaasRoleCategoryVO; +import cn.axzo.tyr.client.model.vo.SaasRoleGroupCodeVO; import cn.axzo.tyr.client.model.vo.SaasRoleVO; import cn.axzo.tyr.client.model.vo.SaveOrUpdateRoleVO; import cn.axzo.tyr.server.repository.entity.SaasRole; @@ -91,4 +92,8 @@ public interface RoleService { List getByIds(Set ids); List queryByCategoryCode(List categoryCodes); + + List queryByCodes(List codes); + + void changeGroupLeaderRole(List reqs); } diff --git a/tyr-server/src/main/java/cn/axzo/tyr/server/service/impl/RoleServiceImpl.java b/tyr-server/src/main/java/cn/axzo/tyr/server/service/impl/RoleServiceImpl.java index 335efaf4..74cd0e74 100644 --- a/tyr-server/src/main/java/cn/axzo/tyr/server/service/impl/RoleServiceImpl.java +++ b/tyr-server/src/main/java/cn/axzo/tyr/server/service/impl/RoleServiceImpl.java @@ -1,11 +1,11 @@ package cn.axzo.tyr.server.service.impl; +import cn.axzo.basics.auth.api.enums.SaasResourceTypeEnum; import cn.axzo.basics.common.constant.enums.TableIsDeleteEnum; import cn.axzo.basics.common.exception.ServiceException; import cn.axzo.framework.domain.page.PageResp; import cn.axzo.pokonyan.config.mybatisplus.BaseEntity; import cn.axzo.tyr.client.common.enums.RoleTypeEnum; -import cn.axzo.tyr.client.model.BaseWorkspaceModel; import cn.axzo.tyr.client.model.enums.IdentityType; import cn.axzo.tyr.client.model.enums.PermissionGroupType; import cn.axzo.tyr.client.model.permission.PermissionPointTreeNode; @@ -17,6 +17,7 @@ import cn.axzo.tyr.client.model.res.RoleWithUserRes; import cn.axzo.tyr.client.model.vo.SaasPermissionGroupVO; import cn.axzo.tyr.client.model.vo.SaasRoleAndGroupVO; import cn.axzo.tyr.client.model.vo.SaasRoleCategoryVO; +import cn.axzo.tyr.client.model.vo.SaasRoleGroupCodeVO; import cn.axzo.tyr.client.model.vo.SaasRoleGroupVO; import cn.axzo.tyr.client.model.vo.SaasRoleVO; import cn.axzo.tyr.client.model.vo.SaveOrUpdateRoleVO; @@ -24,12 +25,14 @@ import cn.axzo.tyr.server.repository.dao.*; import cn.axzo.tyr.server.repository.entity.*; import cn.axzo.tyr.server.service.*; import cn.hutool.core.bean.BeanUtil; +import cn.hutool.core.collection.CollUtil; import cn.hutool.core.collection.CollectionUtil; import cn.hutool.core.collection.ListUtil; import cn.hutool.core.util.StrUtil; import com.baomidou.mybatisplus.core.conditions.query.LambdaQueryWrapper; import com.baomidou.mybatisplus.extension.plugins.pagination.Page; import com.google.common.collect.Lists; +import com.google.common.collect.Sets; import lombok.RequiredArgsConstructor; import lombok.extern.slf4j.Slf4j; import org.apache.commons.collections.CollectionUtils; @@ -39,7 +42,6 @@ import org.springframework.stereotype.Service; import org.springframework.transaction.annotation.Transactional; import java.util.*; -import java.util.function.Consumer; import java.util.function.Function; import java.util.stream.Collectors; @@ -773,4 +775,135 @@ public class RoleServiceImpl implements RoleService { return result; } + + @Override + public List queryByCodes(List codes) { + if (CollectionUtils.isEmpty(codes)) { + return new ArrayList<>(); + } + List result = new ArrayList<>(); + List saasRoleGroups = saasRoleGroupDao.listByCodes(codes); + + Set roleGroupId = saasRoleGroups.stream().map(BaseEntity::getId).collect(Collectors.toSet()); + List roleGroupRelations = saasRoleGroupRelationDao.getByGroupIds(roleGroupId); + + Map> groupByGroupId = roleGroupRelations.stream().collect(Collectors.groupingBy(SaasRoleGroupRelation::getSaasRoleGroupId)); + Set roleIds = roleGroupRelations.stream().map(SaasRoleGroupRelation::getRoleId).collect(Collectors.toSet()); + List saasPgroupRoleRelations = saasPgroupRoleRelationDao.findByRoleIds(roleIds); + + Map> rolePermissionMap = saasPgroupRoleRelations.stream().collect(Collectors.groupingBy(SaasPgroupRoleRelation::getRoleId)); + List permissionIds = saasPgroupRoleRelations.stream().map(SaasPgroupRoleRelation::getGroupId).distinct().collect(Collectors.toList()); + + if (CollectionUtils.isEmpty(roleIds) || CollectionUtils.isEmpty(permissionIds)) { + return new ArrayList<>(); + } + + //原数据 + List roleInfos = getByIds(roleIds); + List permissionGroups = saasPermissionGroupDao.listByIds(permissionIds); + Map roleMap = roleInfos.stream().collect(Collectors.toMap(BaseEntity::getId, Function.identity())); + Map permissionGroupMap = permissionGroups.stream().collect(Collectors.toMap(BaseEntity::getId, Function.identity())); + + + saasRoleGroups.stream().collect(Collectors.groupingBy(SaasRoleGroup::getCode)).forEach((code,saasRoleGroupsInfo)->{ + SaasRoleGroupCodeVO saasRoleCategoryVO = new SaasRoleGroupCodeVO(); + saasRoleCategoryVO.setCode(code); + List roleId = saasRoleGroupsInfo.stream().map(e -> groupByGroupId.get(e.getId())).flatMap(List::stream).map(SaasRoleGroupRelation::getRoleId).collect(Collectors.toList()); + + List saasRoleVOS = BeanUtil.copyToList(roleId.stream().map(roleMap::get).collect(Collectors.toList()), SaasRoleVO.class); + + saasRoleVOS.forEach( + e->{ + + List pgroupRoleRelations = rolePermissionMap.get(e.getId()); + List permissionGroupList = pgroupRoleRelations.stream().map(pgroupRoleRelation -> permissionGroupMap.get(pgroupRoleRelation.getGroupId())).collect(Collectors.toList()); + e.setPermissionGroup(BeanUtil.copyToList(permissionGroupList,SaasPermissionGroupVO.class)); + } + + ); + + saasRoleCategoryVO.setRoleInfos(saasRoleVOS); + result.add(saasRoleCategoryVO); + + }); + + return result; + } + + @Override + public void changeGroupLeaderRole(List reqs) { + List voList = queryByCodes(Lists.newArrayList("projectTeamGPLeader")); + if (CollUtil.isEmpty(voList) || CollUtil.isEmpty(voList.get(0).getRoleInfos())) { + log.warn("can't find group_role_relation.code: projectTeamGPLeader"); + return; + } + Map roleMap = voList.get(0).getRoleInfos().stream().collect(Collectors.toMap(SaasRoleVO::getName, SaasRoleVO::getId, (a, b) -> a)); + List userRelationList = reqs.stream().map(req -> { + List nowRelations = saasRoleUserRelationDao.findValidByNodeResource(req.getGroupLeaderPersonId(), req.getGroupNodeId(), null); + Map relationMap = nowRelations.stream().collect(Collectors.toMap(SaasRoleUserRelation::getRoleId, Function.identity(), (a, b) -> a)); + List permissionNameList = req.getPermissionNameList(); + if (CollUtil.isNotEmpty(permissionNameList)) { + if (CollUtil.isNotEmpty(nowRelations)) { + List resList = Lists.newArrayList(); + // 都不为空 既增又减 + Set nowRoles = nowRelations.stream().map(SaasRoleUserRelation::getRoleId).collect(Collectors.toSet()); + // nowRoles -A , newRoles - B + // A-B 减少的权限 + Set newRoles = permissionNameList.stream().map(e -> roleMap.get(e)).collect(Collectors.toSet()); + Set deductRoles = Sets.difference(nowRoles, newRoles); + if (CollUtil.isNotEmpty(deductRoles)) { + List deductRelations = deductRoles.stream().map(relationMap::get).collect(Collectors.toList()); + resList.addAll(deductRelations); + } + + // B - A 增加的权限 + Set addRoles = Sets.difference(newRoles, nowRoles); + if (CollUtil.isNotEmpty(addRoles)) { + List addRelations = addRoles.stream().map(roleId -> { + SaasRoleUserRelation userRelation = new SaasRoleUserRelation(); + userRelation.setIdentityId(req.getGroupLeaderIdentityId()); + userRelation.setRoleId(roleId); + userRelation.setIdentityType(IdentityType.WORKER.getCode()); + userRelation.setNaturalPersonId(req.getGroupLeaderPersonId()); + userRelation.setWorkspaceId(req.getWorkspaceId()); + userRelation.setOuId(req.getOuId()); + userRelation.setResourceType(SaasResourceTypeEnum.NODE_TYPE.code); + userRelation.setResourceId(req.getGroupNodeId()); + return userRelation; + }).collect(Collectors.toList()); + resList.addAll(addRelations); + } + return resList; + } else { + // nowRelations 为空 则只增不减 + return permissionNameList.stream().map(e -> { + SaasRoleUserRelation userRelation = new SaasRoleUserRelation(); + + userRelation.setIdentityId(req.getGroupLeaderIdentityId()); + userRelation.setRoleId(roleMap.get(e)); + userRelation.setIdentityType(IdentityType.WORKER.getCode()); + userRelation.setNaturalPersonId(req.getGroupLeaderPersonId()); + userRelation.setWorkspaceId(req.getWorkspaceId()); + userRelation.setOuId(req.getOuId()); + userRelation.setResourceType(SaasResourceTypeEnum.NODE_TYPE.code); + + userRelation.setResourceId(req.getGroupNodeId()); + + return userRelation; + }).collect(Collectors.toList()); + } + } + if (CollUtil.isNotEmpty(nowRelations)) { + // newRelations 为空 则只减不增 + nowRelations.forEach(relation -> relation.setIsDelete(relation.getId())); + } + return nowRelations; + }).filter(CollUtil::isNotEmpty).flatMap(List::stream).collect(Collectors.toList()); + if (CollUtil.isEmpty(userRelationList)) { + return; + } + // 没有权限就把查到的权限全删了 + // 已经有的就不再save了 业务唯一键:personId+resourceId+roleId(+id?) + saasRoleUserRelationDao.saveOrUpdateBatch(userRelationList); + } }