diff --git a/tyr-server/src/main/java/cn/axzo/tyr/server/config/ExecutorConfig.java b/tyr-server/src/main/java/cn/axzo/tyr/server/config/ExecutorConfig.java index 758d0048..7bcccf63 100644 --- a/tyr-server/src/main/java/cn/axzo/tyr/server/config/ExecutorConfig.java +++ b/tyr-server/src/main/java/cn/axzo/tyr/server/config/ExecutorConfig.java @@ -24,11 +24,9 @@ public class ExecutorConfig { @Bean public ExecutorService authExecutor() { new ThreadPoolExecutor.CallerRunsPolicy(); - int coreSize = Runtime.getRuntime() - .availableProcessors() < 4 ? Runtime.getRuntime().availableProcessors() * 4 - : Runtime.getRuntime().availableProcessors(); - ThreadPoolExecutor executor = new ThreadPoolExecutor(coreSize, coreSize * 4, 60, TimeUnit.SECONDS, - new ArrayBlockingQueue<>(1), r -> new Thread(r, "TYR-AUTH-EXECUTOR"), new ThreadPoolExecutor.CallerRunsPolicy() { + int coreSize = 5; + ThreadPoolExecutor executor = new ThreadPoolExecutor(coreSize, 20, 60, TimeUnit.SECONDS, + new ArrayBlockingQueue<>(100), r -> new Thread(r, "TYR-AUTH-EXECUTOR"), new ThreadPoolExecutor.CallerRunsPolicy() { @Override public void rejectedExecution(Runnable r, ThreadPoolExecutor executor) { log.warn("auth executor rejected , use caller runs"); diff --git a/tyr-server/src/main/java/cn/axzo/tyr/server/service/impl/PermissionPointServiceImpl.java b/tyr-server/src/main/java/cn/axzo/tyr/server/service/impl/PermissionPointServiceImpl.java index d461cbf8..2f2c660a 100644 --- a/tyr-server/src/main/java/cn/axzo/tyr/server/service/impl/PermissionPointServiceImpl.java +++ b/tyr-server/src/main/java/cn/axzo/tyr/server/service/impl/PermissionPointServiceImpl.java @@ -568,7 +568,7 @@ public class PermissionPointServiceImpl implements PermissionPointService { List currentFeatrureList = saasFeatureDao.list(new LambdaQueryWrapper() .eq(SaasFeature::getFeatureCode, featureCode) .eq(StrUtil.isNotBlank(terminal), SaasFeature::getTerminal, terminal)); - //button过滤减少查询 + //button过滤-如果全是按钮则不查子级 Set pathsWithoutButton = currentFeatrureList.stream() .filter(f -> !BUTTON.sameCode(f.getFeatureType())) .map(SaasFeature::getPath) diff --git a/tyr-server/src/main/java/cn/axzo/tyr/server/service/impl/TyrSaasAuthServiceImpl.java b/tyr-server/src/main/java/cn/axzo/tyr/server/service/impl/TyrSaasAuthServiceImpl.java index 1d2bd05e..b7226831 100644 --- a/tyr-server/src/main/java/cn/axzo/tyr/server/service/impl/TyrSaasAuthServiceImpl.java +++ b/tyr-server/src/main/java/cn/axzo/tyr/server/service/impl/TyrSaasAuthServiceImpl.java @@ -510,15 +510,21 @@ public class TyrSaasAuthServiceImpl implements TyrSaasAuthService { result.setOuId(req.getOuId()); result.setWorkspaceId(req.getWorkspaceId()); + StopWatch watch = StopWatch.create("listIdentityFromPermission"); //code查询权限点信息 + watch.start("listNodeWithChildrenByCode"); List features = permissionPointService.listNodeWithChildrenByCode(req.getFeatureCode(), req.getTerminal()); + watch.stop(); if (CollectionUtil.isEmpty(features)) { + log.warn("------trace-L-I-F-P----> no features found for:{}", req.getFeatureCode()); return result; } Set featureIds = features.stream().map(SaasFeature::getId).collect(Collectors.toSet()); log.info("------trace-L-I-F-P----> features need to check:{}", featureIds); //权限匹配 - 工作台是否有指定权限 + watch.start("matchWorkspaceFeature"); Set matchedFeatureIds = matchWorkspaceFeature(req.getWorkspaceId(), req.getWorkspaceJoinType(), featureIds); + watch.stop(); if (CollectionUtil.isEmpty(matchedFeatureIds)) { log.warn("------trace-L-I-F-P----> no matched feature in workspace"); return result; @@ -537,7 +543,10 @@ public class TyrSaasAuthServiceImpl implements TyrSaasAuthService { } //从相关角色查询用户-超管和普通角色 + watch.start("getUsersFromRole"); List users = getUsersFromRole(req, matchedFeatureIds); + watch.stop(); + watch.prettyPrint(TimeUnit.MILLISECONDS); result.setUsers(users); return result; } @@ -565,9 +574,11 @@ public class TyrSaasAuthServiceImpl implements TyrSaasAuthService { private List getUsersFromRole(ListIdentityFromPermissionReq req, Set featureIds) { Long ouId = req.getOuId(); Long workspaceId = req.getWorkspaceId(); - + StopWatch watch = StopWatch.create("getUsersFromRole"); //查询OU-工作台下的角色-含superAdmin + watch.start("listForOUWorkspace"); List roleList = roleService.listForOUWorkspace(ouId, workspaceId, req.getWorkspaceJoinType()); + watch.stop(); List roleIds = roleList.stream().map(SaasRole::getId).collect(Collectors.toList()); log.info("------trace-L-I-F-P----> roles from ou-workspace:{}", roleIds); if (CollectionUtil.isEmpty(roleList)) { @@ -576,9 +587,12 @@ public class TyrSaasAuthServiceImpl implements TyrSaasAuthService { } //查询角色及权限 + watch.start("roleService.getByIds"); List rolePermissions = roleService.getByIds(roleIds, null, Lists.newArrayList(workspaceId), Lists.newArrayList(ouId), true); + watch.stop(); //计算角色实际的权限 - 匹配请求的权限 --> 实际拥有权限的角色 + watch.start("filterMatchFeature"); List matchedRoleList = new ArrayList<>(); for (SaasRoleVO rolePermission : rolePermissions) { List filterFeature = rolePermission.getMatchFeature(workspaceId, ouId); @@ -589,8 +603,10 @@ public class TyrSaasAuthServiceImpl implements TyrSaasAuthService { log.info("------trace-L-I-F-P----> not matched role:{}", rolePermission.getId()); } } + watch.stop(); //查询角色下用户 + watch.start("roleUserService.listByRoleIds"); List matchedRoleIds = matchedRoleList.stream().map(SaasRoleVO::getId).collect(Collectors.toList()); //追加工作台超管 Set superAdmins = roleList @@ -606,6 +622,7 @@ public class TyrSaasAuthServiceImpl implements TyrSaasAuthService { } List relationList = roleUserService.listByRoleIds(matchedRoleIds, ouId, workspaceId); + watch.stop(); //构建用户-去重(identityId-identityType) List users = new ArrayList<>(); Set filterSet = new HashSet<>(); @@ -618,6 +635,7 @@ public class TyrSaasAuthServiceImpl implements TyrSaasAuthService { users.add(user); } } + watch.prettyPrint(TimeUnit.MILLISECONDS); return users; }