REQ-2039 RPC 小组长
This commit is contained in:
henry
parent
a897771bf3
commit
633e150b8c
@ -6,12 +6,14 @@ import cn.axzo.tyr.client.model.req.QueryByIdentityIdTypeReq;
|
||||
import cn.axzo.tyr.client.model.req.QueryRoleByNameReq;
|
||||
import cn.axzo.tyr.client.model.req.QuerySaasRoleReq;
|
||||
import cn.axzo.tyr.client.model.req.RoleWithUserQueryReq;
|
||||
import cn.axzo.tyr.client.model.req.ChangeGroupLeaderRoleReq;
|
||||
import cn.axzo.tyr.client.model.res.IsSuperAdminRes;
|
||||
import cn.axzo.tyr.client.model.res.QueryBatchByIdentityIdTypeRes;
|
||||
import cn.axzo.tyr.client.model.res.QueryRoleByNameResp;
|
||||
import cn.axzo.tyr.client.model.res.RoleWithUserRes;
|
||||
import cn.axzo.tyr.client.model.vo.SaasRoleAndGroupVO;
|
||||
import cn.axzo.tyr.client.model.vo.SaasRoleCategoryVO;
|
||||
import cn.axzo.tyr.client.model.vo.SaasRoleGroupCodeVO;
|
||||
import cn.axzo.tyr.client.model.vo.SaasRoleVO;
|
||||
import cn.axzo.tyr.client.model.vo.SaveOrUpdateRoleVO;
|
||||
import org.springframework.cloud.openfeign.FeignClient;
|
||||
@ -125,5 +127,18 @@ public interface TyrSaasRoleApi {
|
||||
@GetMapping("/api/saasRole/queryByCategoryCode")
|
||||
ApiResult<List<SaasRoleCategoryVO>> queryByCategoryCode(@RequestParam("categoryCodes") List<String> categoryCodes);
|
||||
|
||||
/**
|
||||
* 通过角色GroupCode查询标准角色
|
||||
*/
|
||||
@GetMapping("/api/saasRole/queryByCategoryCode")
|
||||
ApiResult<List<SaasRoleGroupCodeVO>> queryByCodes(@RequestParam("codes") List<String> codes);
|
||||
|
||||
/**
|
||||
*
|
||||
* @param req
|
||||
* @return
|
||||
*/
|
||||
@PostMapping("api/saasRole/changeGroupLeaderRole")
|
||||
ApiResult<Void> changeGroupLeaderRole(@RequestBody @Valid List<ChangeGroupLeaderRoleReq> req);
|
||||
|
||||
}
|
||||
|
||||
@ -0,0 +1,46 @@
|
||||
package cn.axzo.tyr.client.model.req;
|
||||
|
||||
import com.google.common.collect.Lists;
|
||||
import lombok.AllArgsConstructor;
|
||||
import lombok.Builder;
|
||||
import lombok.Data;
|
||||
import lombok.NoArgsConstructor;
|
||||
|
||||
import javax.validation.constraints.NotEmpty;
|
||||
import javax.validation.constraints.NotNull;
|
||||
import java.util.List;
|
||||
|
||||
@Data
|
||||
@AllArgsConstructor
|
||||
@NoArgsConstructor
|
||||
@Builder
|
||||
public class ChangeGroupLeaderRoleReq {
|
||||
/**
|
||||
* 小组nodeId
|
||||
*/
|
||||
@NotNull
|
||||
private Long groupNodeId;
|
||||
/**
|
||||
* 工作台id
|
||||
*/
|
||||
private Long workspaceId;
|
||||
/**
|
||||
* 小组长Personid
|
||||
*/
|
||||
@NotNull
|
||||
private Long groupLeaderPersonId;
|
||||
/**
|
||||
* 团队Id
|
||||
*/
|
||||
private Long ouId;
|
||||
|
||||
/**
|
||||
* 小组长身份id
|
||||
*/
|
||||
private Long groupLeaderIdentityId;
|
||||
/**
|
||||
* 权限名列表
|
||||
*/
|
||||
@NotEmpty
|
||||
private List<String> permissionNameList = Lists.newArrayListWithExpectedSize(3);
|
||||
}
|
||||
@ -0,0 +1,18 @@
|
||||
package cn.axzo.tyr.client.model.vo;
|
||||
|
||||
import lombok.AllArgsConstructor;
|
||||
import lombok.Data;
|
||||
import lombok.NoArgsConstructor;
|
||||
import lombok.experimental.SuperBuilder;
|
||||
|
||||
import java.util.List;
|
||||
|
||||
@Data
|
||||
@AllArgsConstructor
|
||||
@NoArgsConstructor
|
||||
@SuperBuilder
|
||||
public class SaasRoleGroupCodeVO {
|
||||
private String code;
|
||||
|
||||
private List<SaasRoleVO> roleInfos;
|
||||
}
|
||||
@ -21,7 +21,11 @@
|
||||
</properties>
|
||||
|
||||
<dependencies>
|
||||
|
||||
<dependency>
|
||||
<groupId>cn.axzo.basics</groupId>
|
||||
<artifactId>basics-auth-api</artifactId>
|
||||
<version>${project.version}</version>
|
||||
</dependency>
|
||||
<dependency>
|
||||
<groupId>cn.axzo.tyr</groupId>
|
||||
<artifactId>tyr-api</artifactId>
|
||||
|
||||
@ -8,15 +8,18 @@ import cn.axzo.tyr.client.model.req.QueryByIdentityIdTypeReq;
|
||||
import cn.axzo.tyr.client.model.req.QueryRoleByNameReq;
|
||||
import cn.axzo.tyr.client.model.req.QuerySaasRoleReq;
|
||||
import cn.axzo.tyr.client.model.req.RoleWithUserQueryReq;
|
||||
import cn.axzo.tyr.client.model.req.ChangeGroupLeaderRoleReq;
|
||||
import cn.axzo.tyr.client.model.res.IsSuperAdminRes;
|
||||
import cn.axzo.tyr.client.model.res.QueryBatchByIdentityIdTypeRes;
|
||||
import cn.axzo.tyr.client.model.res.QueryRoleByNameResp;
|
||||
import cn.axzo.tyr.client.model.res.RoleWithUserRes;
|
||||
import cn.axzo.tyr.client.model.vo.SaasRoleAndGroupVO;
|
||||
import cn.axzo.tyr.client.model.vo.SaasRoleCategoryVO;
|
||||
import cn.axzo.tyr.client.model.vo.SaasRoleGroupCodeVO;
|
||||
import cn.axzo.tyr.client.model.vo.SaasRoleVO;
|
||||
import cn.axzo.tyr.client.model.vo.SaveOrUpdateRoleVO;
|
||||
import cn.axzo.tyr.server.model.PermissionCacheKey;
|
||||
import cn.axzo.tyr.server.repository.dao.SaasRoleUserRelationDao;
|
||||
import cn.axzo.tyr.server.service.PermissionCacheService;
|
||||
import cn.axzo.tyr.server.service.RoleService;
|
||||
import com.google.common.collect.Lists;
|
||||
@ -44,6 +47,8 @@ public class SaasRoleController implements TyrSaasRoleApi {
|
||||
RoleService roleService;
|
||||
@Autowired
|
||||
PermissionCacheService permissionCacheService;
|
||||
@Autowired
|
||||
private SaasRoleUserRelationDao saasRoleUserRelationDao;
|
||||
|
||||
@Override
|
||||
public ApiResult<Long> saveOrUpdate(SaveOrUpdateRoleVO saveOrUpdateRole) {
|
||||
@ -117,4 +122,15 @@ public class SaasRoleController implements TyrSaasRoleApi {
|
||||
public ApiResult<List<SaasRoleCategoryVO>> queryByCategoryCode(List<String> categoryCodes) {
|
||||
return ApiResult.ok(roleService.queryByCategoryCode(categoryCodes));
|
||||
}
|
||||
|
||||
@Override
|
||||
public ApiResult<List<SaasRoleGroupCodeVO>> queryByCodes(List<String> codes) {
|
||||
return ApiResult.ok(roleService.queryByCodes(codes));
|
||||
}
|
||||
|
||||
@Override
|
||||
public ApiResult<Void> changeGroupLeaderRole(List<ChangeGroupLeaderRoleReq> reqs) {
|
||||
roleService.changeGroupLeaderRole(reqs);
|
||||
return ApiResult.ok();
|
||||
}
|
||||
}
|
||||
|
||||
@ -55,5 +55,10 @@ public class SaasRoleGroupDao extends ServiceImpl<SaasRoleGroupMapper, SaasRoleG
|
||||
return lambdaQuery().eq(BaseEntity::getIsDelete, 0L)
|
||||
.in(SaasRoleGroup::getCategoryCode, categoryCode).list();
|
||||
}
|
||||
|
||||
public List<SaasRoleGroup> listByCodes(List<String> codes) {
|
||||
return lambdaQuery().eq(BaseEntity::getIsDelete, 0L)
|
||||
.in(SaasRoleGroup::getCode, codes).list();
|
||||
}
|
||||
}
|
||||
|
||||
|
||||
@ -1,5 +1,6 @@
|
||||
package cn.axzo.tyr.server.repository.dao;
|
||||
|
||||
import cn.axzo.basics.auth.api.enums.SaasResourceTypeEnum;
|
||||
import cn.axzo.basics.common.constant.enums.TableIsDeleteEnum;
|
||||
import cn.axzo.pokonyan.config.mybatisplus.BaseEntity;
|
||||
import cn.axzo.tyr.client.model.BaseWorkspaceModel;
|
||||
@ -118,6 +119,16 @@ public class SaasRoleUserRelationDao extends ServiceImpl<SaasRoleUserRelationMap
|
||||
.list();
|
||||
}
|
||||
|
||||
public List<SaasRoleUserRelation> findValidByNodeResource(Long personId, Long nodeId, Long roleId) {
|
||||
return lambdaQuery()
|
||||
.eq(SaasRoleUserRelation::getIsDelete, TableIsDeleteEnum.NORMAL.value)
|
||||
.eq(SaasRoleUserRelation::getResourceType, SaasResourceTypeEnum.NODE_TYPE.code)
|
||||
.eq(Objects.nonNull(nodeId), SaasRoleUserRelation::getResourceId, nodeId)
|
||||
.eq(Objects.nonNull(personId), SaasRoleUserRelation::getNaturalPersonId, personId)
|
||||
.eq(Objects.nonNull(roleId), SaasRoleUserRelation::getRoleId, roleId)
|
||||
.list();
|
||||
}
|
||||
|
||||
public void removeByResource(RemoveRoleUserByResource req) {
|
||||
List<Long> identityId = req.getIdentityId();
|
||||
lambdaUpdate()
|
||||
|
||||
@ -9,6 +9,7 @@ import cn.axzo.tyr.client.model.res.QueryRoleByNameResp;
|
||||
import cn.axzo.tyr.client.model.res.RoleWithUserRes;
|
||||
import cn.axzo.tyr.client.model.vo.SaasRoleAndGroupVO;
|
||||
import cn.axzo.tyr.client.model.vo.SaasRoleCategoryVO;
|
||||
import cn.axzo.tyr.client.model.vo.SaasRoleGroupCodeVO;
|
||||
import cn.axzo.tyr.client.model.vo.SaasRoleVO;
|
||||
import cn.axzo.tyr.client.model.vo.SaveOrUpdateRoleVO;
|
||||
import cn.axzo.tyr.server.repository.entity.SaasRole;
|
||||
@ -91,4 +92,8 @@ public interface RoleService {
|
||||
List<SaasRole> getByIds(Set<Long> ids);
|
||||
|
||||
List<SaasRoleCategoryVO> queryByCategoryCode(List<String> categoryCodes);
|
||||
|
||||
List<SaasRoleGroupCodeVO> queryByCodes(List<String> codes);
|
||||
|
||||
void changeGroupLeaderRole(List<ChangeGroupLeaderRoleReq> reqs);
|
||||
}
|
||||
|
||||
@ -1,11 +1,11 @@
|
||||
package cn.axzo.tyr.server.service.impl;
|
||||
|
||||
import cn.axzo.basics.auth.api.enums.SaasResourceTypeEnum;
|
||||
import cn.axzo.basics.common.constant.enums.TableIsDeleteEnum;
|
||||
import cn.axzo.basics.common.exception.ServiceException;
|
||||
import cn.axzo.framework.domain.page.PageResp;
|
||||
import cn.axzo.pokonyan.config.mybatisplus.BaseEntity;
|
||||
import cn.axzo.tyr.client.common.enums.RoleTypeEnum;
|
||||
import cn.axzo.tyr.client.model.BaseWorkspaceModel;
|
||||
import cn.axzo.tyr.client.model.enums.IdentityType;
|
||||
import cn.axzo.tyr.client.model.enums.PermissionGroupType;
|
||||
import cn.axzo.tyr.client.model.permission.PermissionPointTreeNode;
|
||||
@ -17,6 +17,7 @@ import cn.axzo.tyr.client.model.res.RoleWithUserRes;
|
||||
import cn.axzo.tyr.client.model.vo.SaasPermissionGroupVO;
|
||||
import cn.axzo.tyr.client.model.vo.SaasRoleAndGroupVO;
|
||||
import cn.axzo.tyr.client.model.vo.SaasRoleCategoryVO;
|
||||
import cn.axzo.tyr.client.model.vo.SaasRoleGroupCodeVO;
|
||||
import cn.axzo.tyr.client.model.vo.SaasRoleGroupVO;
|
||||
import cn.axzo.tyr.client.model.vo.SaasRoleVO;
|
||||
import cn.axzo.tyr.client.model.vo.SaveOrUpdateRoleVO;
|
||||
@ -24,12 +25,14 @@ import cn.axzo.tyr.server.repository.dao.*;
|
||||
import cn.axzo.tyr.server.repository.entity.*;
|
||||
import cn.axzo.tyr.server.service.*;
|
||||
import cn.hutool.core.bean.BeanUtil;
|
||||
import cn.hutool.core.collection.CollUtil;
|
||||
import cn.hutool.core.collection.CollectionUtil;
|
||||
import cn.hutool.core.collection.ListUtil;
|
||||
import cn.hutool.core.util.StrUtil;
|
||||
import com.baomidou.mybatisplus.core.conditions.query.LambdaQueryWrapper;
|
||||
import com.baomidou.mybatisplus.extension.plugins.pagination.Page;
|
||||
import com.google.common.collect.Lists;
|
||||
import com.google.common.collect.Sets;
|
||||
import lombok.RequiredArgsConstructor;
|
||||
import lombok.extern.slf4j.Slf4j;
|
||||
import org.apache.commons.collections.CollectionUtils;
|
||||
@ -39,7 +42,6 @@ import org.springframework.stereotype.Service;
|
||||
import org.springframework.transaction.annotation.Transactional;
|
||||
|
||||
import java.util.*;
|
||||
import java.util.function.Consumer;
|
||||
import java.util.function.Function;
|
||||
import java.util.stream.Collectors;
|
||||
|
||||
@ -773,4 +775,135 @@ public class RoleServiceImpl implements RoleService {
|
||||
|
||||
return result;
|
||||
}
|
||||
|
||||
@Override
|
||||
public List<SaasRoleGroupCodeVO> queryByCodes(List<String> codes) {
|
||||
if (CollectionUtils.isEmpty(codes)) {
|
||||
return new ArrayList<>();
|
||||
}
|
||||
List<SaasRoleGroupCodeVO> result = new ArrayList<>();
|
||||
List<SaasRoleGroup> saasRoleGroups = saasRoleGroupDao.listByCodes(codes);
|
||||
|
||||
Set<Long> roleGroupId = saasRoleGroups.stream().map(BaseEntity::getId).collect(Collectors.toSet());
|
||||
List<SaasRoleGroupRelation> roleGroupRelations = saasRoleGroupRelationDao.getByGroupIds(roleGroupId);
|
||||
|
||||
Map<Long, List<SaasRoleGroupRelation>> groupByGroupId = roleGroupRelations.stream().collect(Collectors.groupingBy(SaasRoleGroupRelation::getSaasRoleGroupId));
|
||||
Set<Long> roleIds = roleGroupRelations.stream().map(SaasRoleGroupRelation::getRoleId).collect(Collectors.toSet());
|
||||
List<SaasPgroupRoleRelation> saasPgroupRoleRelations = saasPgroupRoleRelationDao.findByRoleIds(roleIds);
|
||||
|
||||
Map<Long, List<SaasPgroupRoleRelation>> rolePermissionMap = saasPgroupRoleRelations.stream().collect(Collectors.groupingBy(SaasPgroupRoleRelation::getRoleId));
|
||||
List<Long> permissionIds = saasPgroupRoleRelations.stream().map(SaasPgroupRoleRelation::getGroupId).distinct().collect(Collectors.toList());
|
||||
|
||||
if (CollectionUtils.isEmpty(roleIds) || CollectionUtils.isEmpty(permissionIds)) {
|
||||
return new ArrayList<>();
|
||||
}
|
||||
|
||||
//原数据
|
||||
List<SaasRole> roleInfos = getByIds(roleIds);
|
||||
List<SaasPermissionGroup> permissionGroups = saasPermissionGroupDao.listByIds(permissionIds);
|
||||
Map<Long, SaasRole> roleMap = roleInfos.stream().collect(Collectors.toMap(BaseEntity::getId, Function.identity()));
|
||||
Map<Long, SaasPermissionGroup> permissionGroupMap = permissionGroups.stream().collect(Collectors.toMap(BaseEntity::getId, Function.identity()));
|
||||
|
||||
|
||||
saasRoleGroups.stream().collect(Collectors.groupingBy(SaasRoleGroup::getCode)).forEach((code,saasRoleGroupsInfo)->{
|
||||
SaasRoleGroupCodeVO saasRoleCategoryVO = new SaasRoleGroupCodeVO();
|
||||
saasRoleCategoryVO.setCode(code);
|
||||
List<Long> roleId = saasRoleGroupsInfo.stream().map(e -> groupByGroupId.get(e.getId())).flatMap(List::stream).map(SaasRoleGroupRelation::getRoleId).collect(Collectors.toList());
|
||||
|
||||
List<SaasRoleVO> saasRoleVOS = BeanUtil.copyToList(roleId.stream().map(roleMap::get).collect(Collectors.toList()), SaasRoleVO.class);
|
||||
|
||||
saasRoleVOS.forEach(
|
||||
e->{
|
||||
|
||||
List<SaasPgroupRoleRelation> pgroupRoleRelations = rolePermissionMap.get(e.getId());
|
||||
List<SaasPermissionGroup> permissionGroupList = pgroupRoleRelations.stream().map(pgroupRoleRelation -> permissionGroupMap.get(pgroupRoleRelation.getGroupId())).collect(Collectors.toList());
|
||||
e.setPermissionGroup(BeanUtil.copyToList(permissionGroupList,SaasPermissionGroupVO.class));
|
||||
}
|
||||
|
||||
);
|
||||
|
||||
saasRoleCategoryVO.setRoleInfos(saasRoleVOS);
|
||||
result.add(saasRoleCategoryVO);
|
||||
|
||||
});
|
||||
|
||||
return result;
|
||||
}
|
||||
|
||||
@Override
|
||||
public void changeGroupLeaderRole(List<ChangeGroupLeaderRoleReq> reqs) {
|
||||
List<SaasRoleGroupCodeVO> voList = queryByCodes(Lists.newArrayList("projectTeamGPLeader"));
|
||||
if (CollUtil.isEmpty(voList) || CollUtil.isEmpty(voList.get(0).getRoleInfos())) {
|
||||
log.warn("can't find group_role_relation.code: projectTeamGPLeader");
|
||||
return;
|
||||
}
|
||||
Map<String, Long> roleMap = voList.get(0).getRoleInfos().stream().collect(Collectors.toMap(SaasRoleVO::getName, SaasRoleVO::getId, (a, b) -> a));
|
||||
List<SaasRoleUserRelation> userRelationList = reqs.stream().map(req -> {
|
||||
List<SaasRoleUserRelation> nowRelations = saasRoleUserRelationDao.findValidByNodeResource(req.getGroupLeaderPersonId(), req.getGroupNodeId(), null);
|
||||
Map<Long, SaasRoleUserRelation> relationMap = nowRelations.stream().collect(Collectors.toMap(SaasRoleUserRelation::getRoleId, Function.identity(), (a, b) -> a));
|
||||
List<String> permissionNameList = req.getPermissionNameList();
|
||||
if (CollUtil.isNotEmpty(permissionNameList)) {
|
||||
if (CollUtil.isNotEmpty(nowRelations)) {
|
||||
List<SaasRoleUserRelation> resList = Lists.newArrayList();
|
||||
// 都不为空 既增又减
|
||||
Set<Long> nowRoles = nowRelations.stream().map(SaasRoleUserRelation::getRoleId).collect(Collectors.toSet());
|
||||
// nowRoles -A , newRoles - B
|
||||
// A-B 减少的权限
|
||||
Set<Long> newRoles = permissionNameList.stream().map(e -> roleMap.get(e)).collect(Collectors.toSet());
|
||||
Set<Long> deductRoles = Sets.difference(nowRoles, newRoles);
|
||||
if (CollUtil.isNotEmpty(deductRoles)) {
|
||||
List<SaasRoleUserRelation> deductRelations = deductRoles.stream().map(relationMap::get).collect(Collectors.toList());
|
||||
resList.addAll(deductRelations);
|
||||
}
|
||||
|
||||
// B - A 增加的权限
|
||||
Set<Long> addRoles = Sets.difference(newRoles, nowRoles);
|
||||
if (CollUtil.isNotEmpty(addRoles)) {
|
||||
List<SaasRoleUserRelation> addRelations = addRoles.stream().map(roleId -> {
|
||||
SaasRoleUserRelation userRelation = new SaasRoleUserRelation();
|
||||
userRelation.setIdentityId(req.getGroupLeaderIdentityId());
|
||||
userRelation.setRoleId(roleId);
|
||||
userRelation.setIdentityType(IdentityType.WORKER.getCode());
|
||||
userRelation.setNaturalPersonId(req.getGroupLeaderPersonId());
|
||||
userRelation.setWorkspaceId(req.getWorkspaceId());
|
||||
userRelation.setOuId(req.getOuId());
|
||||
userRelation.setResourceType(SaasResourceTypeEnum.NODE_TYPE.code);
|
||||
userRelation.setResourceId(req.getGroupNodeId());
|
||||
return userRelation;
|
||||
}).collect(Collectors.toList());
|
||||
resList.addAll(addRelations);
|
||||
}
|
||||
return resList;
|
||||
} else {
|
||||
// nowRelations 为空 则只增不减
|
||||
return permissionNameList.stream().map(e -> {
|
||||
SaasRoleUserRelation userRelation = new SaasRoleUserRelation();
|
||||
|
||||
userRelation.setIdentityId(req.getGroupLeaderIdentityId());
|
||||
userRelation.setRoleId(roleMap.get(e));
|
||||
userRelation.setIdentityType(IdentityType.WORKER.getCode());
|
||||
userRelation.setNaturalPersonId(req.getGroupLeaderPersonId());
|
||||
userRelation.setWorkspaceId(req.getWorkspaceId());
|
||||
userRelation.setOuId(req.getOuId());
|
||||
userRelation.setResourceType(SaasResourceTypeEnum.NODE_TYPE.code);
|
||||
|
||||
userRelation.setResourceId(req.getGroupNodeId());
|
||||
|
||||
return userRelation;
|
||||
}).collect(Collectors.toList());
|
||||
}
|
||||
}
|
||||
if (CollUtil.isNotEmpty(nowRelations)) {
|
||||
// newRelations 为空 则只减不增
|
||||
nowRelations.forEach(relation -> relation.setIsDelete(relation.getId()));
|
||||
}
|
||||
return nowRelations;
|
||||
}).filter(CollUtil::isNotEmpty).flatMap(List<SaasRoleUserRelation>::stream).collect(Collectors.toList());
|
||||
if (CollUtil.isEmpty(userRelationList)) {
|
||||
return;
|
||||
}
|
||||
// 没有权限就把查到的权限全删了
|
||||
// 已经有的就不再save了 业务唯一键:personId+resourceId+roleId(+id?)
|
||||
saasRoleUserRelationDao.saveOrUpdateBatch(userRelationList);
|
||||
}
|
||||
}
|
||||
|
||||
Loading…
Reference in New Issue
Block a user