feat: 查询权限逻辑调整

2023-10-16 18:00:36 +08:00 · 2023-10-16 18:00:36 +08:00 · 8ac09649b3
commit 8ac09649b3
parent ef33e01d85
1 changed files with 20 additions and 8 deletions
--- a/tyr-server/src/main/java/cn/axzo/tyr/server/service/impl/TyrSaasAuthServiceImpl.java
+++ b/tyr-server/src/main/java/cn/axzo/tyr/server/service/impl/TyrSaasAuthServiceImpl.java
@ -344,6 +344,7 @@ public class TyrSaasAuthServiceImpl implements TyrSaasAuthService {
        }

        Set<Long> realWorkspaceId = saasRoleUserRelations.stream().map(SaasRoleUserRelation::getWorkspaceId).collect(Collectors.toSet());
+        Set<Long> realOuId = saasRoleUserRelations.stream().map(SaasRoleUserRelation::getOuId).collect(Collectors.toSet());
        //工作台对应产品 key = workapceId
        CompletableFuture<Map<Long, List<ProductFeatureRelationVO>>> workspacePermissionPointFuture = CompletableFuture.supplyAsync(() -> {
            return productFeatureRelationService.getByWorkspace(realWorkspaceId);
@ -357,6 +358,8 @@ public class TyrSaasAuthServiceImpl implements TyrSaasAuthService {
        List<SaasRoleVO> existsRole = roleService.query(QuerySaasRoleReq.builder()
                //角色ID
                .ids(new ArrayList<>(userRoleMap.values()))
+                        .workspaceId(new ArrayList<>(realWorkspaceId))
+                        .ouId(new ArrayList<>(realOuId))
                .includePermissionGroup(true)
                .build());
        stopWatch.stop();
@ -407,11 +410,15 @@ public class TyrSaasAuthServiceImpl implements TyrSaasAuthService {
                            Set<Long> buttonPermissionPointId = productFeatureRelationVOS.stream().filter(productFeatureRelationVO ->
                                    Objects.equals(productFeatureRelationVO.getDictCode(), workspaceJoinType.getValue().toString())
                            ).map(ProductFeatureRelationVO::getFeatureId).collect(Collectors.toSet());
+                            if (CollectionUtil.isEmpty(buttonPermissionPointId)) {
+                                permissions.add(workspacePermission);
+                                return;
+                            }

                            //通过子级查询父级并打平树型结构
                            List<PermissionPointTreeNode> allPermissionPoint = permissionPointService.listTreeNodesFlatChild(PermissionPointTreeQueryReq.builder()
                                    .ids(buttonPermissionPointId)
-                                    .terminalList(Collections.singletonList(identityAuthReq.getTerminal()))
+                                    .terminalList(StrUtil.isNotBlank(identityAuthReq.getTerminal()) ? Collections.singletonList(identityAuthReq.getTerminal()) : new ArrayList<>())
                                    .build());

                            workspacePermission.getPermissionPoint().addAll(allPermissionPoint.stream()
@ -426,21 +433,26 @@ public class TyrSaasAuthServiceImpl implements TyrSaasAuthService {
                            return;
                        }
                        // 非超管
-                        //获取免授权型
-                        List<PermissionPointTreeNode> noNeedPermissionPoint = permissionPointService.queryList(PermissionPointListQueryRequest.builder()
+                        // 获取菜单详情信息
+                        List<PermissionPointTreeNode> productPermissionInfo = permissionPointService.queryList(PermissionPointListQueryRequest.builder()
                                .ids(productFeatureRelationVOS.stream().map(ProductFeatureRelationVO::getFeatureId).distinct().collect(Collectors.toList()))
-                                .delegatedType(DelegatedType.NO_NEED.getCode())
                                .build());

                        Set<Long> buttonPermissionPointIds = roleService.filterPermissionPoint(role, userRoleInfoMap);

+                        //获取免授权型
+                        Set<Long> noNeedPermissionPoint = productPermissionInfo.stream().filter(permission -> Objects.equals(permission.getDelegatedType(), DelegatedType.NO_NEED.getCode())).mapToLong(PermissionPointTreeNode::getPermissionPointId).boxed().collect(Collectors.toSet());
+                        buttonPermissionPointIds.addAll(noNeedPermissionPoint);
                        // 产品对应权限点（权限点的授权类型为免授权型）+角色对应权限点 与 产品对应权限点 取交集
-                        Collection<Long> resultHashAuthPointId = CollectionUtil.intersection(noNeedPermissionPoint.stream().mapToLong(PermissionPointTreeNode::getPermissionPointId).boxed().collect(Collectors.toSet()), buttonPermissionPointIds);
-
+                        Collection<Long> resultHashAuthPointId = CollectionUtil.intersection(buttonPermissionPointIds, productPermissionInfo.stream().mapToLong(PermissionPointTreeNode::getPermissionPointId).boxed().collect(Collectors.toList()));
+                        if (CollectionUtil.isEmpty(resultHashAuthPointId)) {
+                            permissions.add(workspacePermission);
+                            return;
+                        }
                        //通过子级查询父级并平铺菜单
                        List<PermissionPointTreeNode> allPermissionPoint = permissionPointService.listTreeNodesFlatChild(PermissionPointTreeQueryReq.builder()
                                .ids(new HashSet<>(resultHashAuthPointId))
-                                .terminalList(Collections.singletonList(identityAuthReq.getTerminal()))
+                                .terminalList(StrUtil.isNotBlank(identityAuthReq.getTerminal()) ? Collections.singletonList(identityAuthReq.getTerminal()) : new ArrayList<>())
                                .build());

                        workspacePermission.getPermissionPoint().addAll(allPermissionPoint.stream()