wangli/tyr
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Merge remote-tracking branch 'origin/feature/REQ-1502' into feature/REQ-1502

Browse Source
This commit is contained in:
zhansihu 2023-10-19 10:16:12 +08:00
commit 8cff1d1338
30 changed files with 1198 additions and 21 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

20
tyr-api/src/main/java/cn/axzo/tyr/client/feign/TyrSaasFeatureApi.java Normal file
View File

@ -0,0 +1,20 @@
package cn.axzo.tyr.client.feign;
import cn.axzo.framework.domain.web.result.ApiResult;
import cn.axzo.tyr.client.model.req.FeaturePermissionReq;
import cn.axzo.tyr.client.model.res.FeaturePermissionRes;
import org.springframework.cloud.openfeign.FeignClient;
import org.springframework.validation.annotation.Validated;
import org.springframework.web.bind.annotation.PostMapping;
import org.springframework.web.bind.annotation.RequestBody;
/**
* @author honghao.zhang
* @since 2023/10/18 18:29
*/
@FeignClient(name = "tyr", url = "${axzo.service.tyr:http://tyr:8080}")
public interface TyrSaasFeatureApi {
@PostMapping("/api/saasFeature/permission/codes")
ApiResult<FeaturePermissionRes> listPermissionCodes(@RequestBody @Validated FeaturePermissionReq req);
}

22
tyr-api/src/main/java/cn/axzo/tyr/client/feign/TyrSaasRoleUserApi.java
View File

@ -1,17 +1,19 @@
package cn.axzo.tyr.client.feign;
import java.util.List;
import javax.validation.Valid;
import javax.validation.constraints.NotEmpty;
import org.springframework.cloud.openfeign.FeignClient;
import org.springframework.web.bind.annotation.PostMapping;
import org.springframework.web.bind.annotation.RequestBody;
import cn.axzo.framework.domain.web.result.ApiResult;
import cn.axzo.tyr.client.model.roleuser.dto.CreateAdminRoleDTO;
import cn.axzo.tyr.client.model.roleuser.dto.SaasRoleUserRelationDTO;
import cn.axzo.tyr.client.model.roleuser.dto.SuperAdminInfoDTO;
import cn.axzo.tyr.client.model.roleuser.req.*;
import org.springframework.cloud.openfeign.FeignClient;
import org.springframework.web.bind.annotation.PostMapping;
import org.springframework.web.bind.annotation.RequestBody;
import javax.validation.Valid;
import javax.validation.constraints.NotEmpty;
import java.util.List;
/**
* 角色
@ -63,12 +65,12 @@ public interface TyrSaasRoleUserApi {
ApiResult<Void> createSuperAdminRole(@RequestBody @Valid @NotEmpty CreateSuperAdminRoleParam param);
/**
* 移除超管角色
* 移除用户权限包含超管一般用于移除超管权限
* @param params
* @return
*/
@PostMapping("/api/saas-role-user/delete-admin-role")
ApiResult<Boolean> deleteAdminRole(@RequestBody @Valid @NotEmpty List<DeleteAdminRoleParam> params);
@PostMapping("/api/saas-role-user/delete-user-role-include-admin")
ApiResult<Boolean> deleteUserRoleIncludeAdmin(@RequestBody @Valid @NotEmpty List<DeleteUserRoleIncludeAdminParam> params);
/**
* 批量查询超管, 只能批量获取单个工作台台下的超管业务系统需要根据返回的identityId和identityType查询identityProfile查询用户明细信息

47
tyr-api/src/main/java/cn/axzo/tyr/client/model/req/FeaturePermissionReq.java Normal file
View File

@ -0,0 +1,47 @@
package cn.axzo.tyr.client.model.req;
import lombok.AccessLevel;
import lombok.Getter;
import lombok.Setter;
import lombok.ToString;
import lombok.experimental.FieldDefaults;
import javax.validation.constraints.Min;
import javax.validation.constraints.NotNull;
/**
* @author honghao.zhang
* @since 2023/10/18 17:17
*/
@Getter
@Setter
@ToString(callSuper = true)
@FieldDefaults(level = AccessLevel.PRIVATE)
public class FeaturePermissionReq {
/**
* 工作台id
*/
@NotNull
@Min(value = 1)
Long workspaceId;
/**
* 单位id
*/
@NotNull
@Min(value = 1)
Long ouId;
/**
* 指定端的权限
*/
String terminal;
@NotNull
@Min(value = 1)
Long identityId;
@NotNull
@Min(value = 0)
Integer identityType;
}

41
tyr-api/src/main/java/cn/axzo/tyr/client/model/req/FeatureTreeReq.java Normal file
View File

@ -0,0 +1,41 @@
package cn.axzo.tyr.client.model.req;
import lombok.Data;
/**
* @author honghao.zhang
* @since 2023/10/18 17:50
*/
@Data
public class FeatureTreeReq {
/**
* 身份Id
*/
private Long identityId;
private Integer identityType;
/**
* 工作台Id
*/
private Long workspaceId;
/**
* 单位Id
*/
private Long ouId;
/**
* 指定端的权限
*/
private String terminal;
/**
* FeatureType: 类型 0.模块 1.菜单 2页面 3功能
* 此字段=0只返回模块=1返回到菜单级=2返回到页面级=3到功能级
* 此字段默认到功能级 会做为递归的深度限制
* ------
*/
private Integer limitFeatureTypeLevel = 3;
}

23
tyr-api/src/main/java/cn/axzo/tyr/client/model/res/FeaturePermissionRes.java Normal file
View File

@ -0,0 +1,23 @@
package cn.axzo.tyr.client.model.res;
import lombok.AccessLevel;
import lombok.Getter;
import lombok.Setter;
import lombok.ToString;
import lombok.experimental.FieldDefaults;
import java.util.Set;
/**
* @author honghao.zhang
* @since 2023/10/18 17:30
*/
@Getter
@Setter
@ToString(callSuper = true)
@FieldDefaults(level = AccessLevel.PRIVATE)
public class FeaturePermissionRes {
boolean superAdmin = false;
Set<String> permissionCodes;
}

159
tyr-api/src/main/java/cn/axzo/tyr/client/model/res/FeatureTreeResp.java Normal file
View File

@ -0,0 +1,159 @@
package cn.axzo.tyr.client.model.res;
import cn.axzo.basics.common.model.IBaseTree;
import com.fasterxml.jackson.annotation.JsonIgnore;
import lombok.Data;
import java.util.Date;
import java.util.List;
/**
* @author honghao.zhang
* @since 2023/10/18 18:10
*/
@Data
public class FeatureTreeResp implements IBaseTree<FeatureTreeResp, String> {
/**
* 元素 Id
*/
private Long id;
/**
* 父级 Id
*/
private Long parentId;
/**
* 0.模块 1.菜单 2页面 3功能 99:-不可编辑
*/
private Integer menuType;
/**
* 元素名称
*/
private String name;
/**
* code
*/
private String code;
/**
* 图标名
*/
private String icon;
/**
* 路由地址
*/
private String linkUrl;
/**
* 1:安心筑企业 2:小程序 4:原生 如果菜单同时又对应app上展示 则填写对应linkUrl 和linkExt
*/
private Integer linkType;
/**
* 扩展字段 原生使用
*/
private String linkExt;
/**
* 排序号
*/
private Integer sort;
/**
* 小程序id 关联micro_app_item id
*/
private String microAppItemId;
/**
* 菜单适用于平台 NT_CMS_WEB_ENT_ZB:企业工作台 NT_CMS_WEB_PROJ:项目工作台
* NT_CMP_APP_ENT_ZB:从业人员企业端 NT_CMP_APP_PROJ:从业人员项目端
* NT_CM_APP_CM_LEADER:班组长侧 NT_CM_APP_WORKER:工人侧
* NT_OMS_WEB OMS运营管理后台 NT_SM:数据大屏
* NT_SCREEN 数据大屏
* */
private String terminal;
/**
* 备注
*/
private String remark;
/**
* 创建时间
*/
private Date createAt;
/**
* 更新时间
*/
private Date updateAt;
/**
* 1:总包 2:建设单位 4:监理单位 8:劳务分包 16:专业分包
*/
private List<Integer> fitOuTypes;
/**
* 1:部门 2:班组 4:小组
*/
private List<Integer> fitOuNodeTypes;
/**
* 适配老接口 应用所属 system:系统应用 personal:个人应用 business:业务应用 只会挂在第一级别
*/
private String legacyLayout;
/**
* 网关专属字段所属应用
*/
private String appName;
/**
* 网关专属字段是否授权 0:无需要授权 1:需要授权
*/
private Integer needAuth;
/**
* 网关专属字段是否认证 0:无需要认证 1:需要认证
*/
private Integer needCert;
/**
* 网关专属字段 功能URL对应后端接口url
*/
private String featureUrl;
/**
* 子集
*/
private List<FeatureTreeResp> children;
private String businessNo;
private String parentBusinessNo;
@Override
@JsonIgnore
public String getNodeCode() {
return businessNo;
}
@Override
@JsonIgnore
public String getParentNodeCode() {
return parentBusinessNo;
}
@Override
@JsonIgnore
public List<FeatureTreeResp> getNodeChildren() {
return children;
}
@Override
public void setNodeChildren(List<FeatureTreeResp> nodeChildren) {
this.children = nodeChildren;
}
}

8
tyr-api/src/main/java/cn/axzo/tyr/client/model/roleuser/req/DeleteAdminRoleParam.java → tyr-api/src/main/java/cn/axzo/tyr/client/model/roleuser/req/DeleteUserRoleIncludeAdminParam.java
View File

@ -3,24 +3,30 @@ package cn.axzo.tyr.client.model.roleuser.req;
import cn.axzo.tyr.client.model.enums.IdentityType;
import lombok.Data;
import javax.validation.constraints.NotNull;
@Data
public class DeleteAdminRoleParam {
public class DeleteUserRoleIncludeAdminParam {
/**
* 工作台id与context校验
*/
@NotNull
private Long workspaceId;
/**
* 单位id : 非必填
*/
@NotNull
private Long ouId;
/**
* 被赋予角色的人的身份id
*/
@NotNull
private Long identityId;
/**
* 身份类型必填
*/
@NotNull
private IdentityType identityType;
}

27
tyr-server/src/main/java/cn/axzo/tyr/server/controller/permission/TyrSaasFeatureController.java Normal file
View File

@ -0,0 +1,27 @@
package cn.axzo.tyr.server.controller.permission;
import cn.axzo.framework.domain.web.result.ApiResult;
import cn.axzo.tyr.client.feign.TyrSaasFeatureApi;
import cn.axzo.tyr.client.model.req.FeaturePermissionReq;
import cn.axzo.tyr.client.model.res.FeaturePermissionRes;
import cn.axzo.tyr.server.service.SaasFeatureService;
import lombok.RequiredArgsConstructor;
import lombok.extern.slf4j.Slf4j;
import org.springframework.web.bind.annotation.RestController;
/**
* @author honghao.zhang
* @since 2023/10/18 18:30
*/
@Slf4j
@RestController
@RequiredArgsConstructor
public class TyrSaasFeatureController implements TyrSaasFeatureApi {
private final SaasFeatureService saasFeatureService;
@Override
public ApiResult<FeaturePermissionRes> listPermissionCodes(FeaturePermissionReq req) {
return ApiResult.ok(saasFeatureService.listPermissionCodes(req));
}
}

4
tyr-server/src/main/java/cn/axzo/tyr/server/controller/roleuser/RoleUserController.java
View File

@ -67,8 +67,8 @@ public class RoleUserController implements TyrSaasRoleUserApi {
}
@Override
public ApiResult<Boolean> deleteAdminRole(List<DeleteAdminRoleParam> params) {
// todo cn.axzo.basics.auth.api.SaasRoleApi#ungrantAdminRole
public ApiResult<Boolean> deleteUserRoleIncludeAdmin(List<DeleteUserRoleIncludeAdminParam> params) {
saasRoleUserService.deleteUserRoleIncludeAdmin(params);
return ApiResult.ok(true);
}

225
tyr-server/src/main/java/cn/axzo/tyr/server/job/CMSRoleJobHandler.java Normal file
View File

@ -0,0 +1,225 @@
package cn.axzo.tyr.server.job;
import cn.axzo.basics.common.constant.enums.OrganizationalUnitTypeEnum;
import cn.axzo.pokonyan.config.mybatisplus.BaseEntity;
import cn.axzo.tyr.client.common.enums.RoleTypeEnum;
import cn.axzo.tyr.server.repository.dao.*;
import cn.axzo.tyr.server.repository.entity.*;
import com.xxl.job.core.biz.model.ReturnT;
import com.xxl.job.core.handler.IJobHandler;
import com.xxl.job.core.handler.annotation.XxlJob;
import lombok.AllArgsConstructor;
import lombok.extern.slf4j.Slf4j;
import org.apache.commons.collections4.CollectionUtils;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.beans.factory.annotation.Value;
import org.springframework.stereotype.Component;
import org.springframework.transaction.annotation.Transactional;
import java.util.*;
import java.util.function.BiConsumer;
import java.util.stream.Collectors;
/**
* CMS角色清洗job
* saas_pre_template
* 生产 项目 5 企业 23
* pre 5 35
* test 5 239
* dev 5 40
* @author cn
* @version 1.0
* @description
* @date 2021/9/13 11:31
*/
@Component
@AllArgsConstructor
@Slf4j
public class CMSRoleJobHandler extends IJobHandler {
@Value("${saasPreTempalteIdOfProject")
Long saasPreTempalteIdOfProject;
@Value("${saasPreTempalteIdOfOu")
Long saasPreTempalteIdOfOu;
@Autowired
SaasRoleGroupDao roleGroupDao;
@Autowired
SaasRoleDao roleDao;
@Autowired
SaasPermissionGroupDao saasPermissionGroupDao;
@Autowired
SaasFeatureDao featureDao;
@Autowired
SaasRoleGroupRelationDao roleGroupRelationDao;
@Autowired
SaasRoleUserRelationDao roleUserRelationDao;
@Autowired
SaasPgroupRoleRelationDao pgroupRoleRelationDao;
@Autowired
SaasPgroupPermissionRelationDao pgroupPermissionRelationDao;
@Autowired
SaasPreRoleDao saasPreRoleDao;
@Autowired
SaasPreTemplateDao saasPreTemplateDao;
@Autowired
SaasPreGroupRoleRelationDao saasPreGroupRoleRelationDao;
/**
* 清洗CMS角色相关数据(先通过SQL检查和清除脏数据要不然无法保证各个实体的关联关系)
*
* @param s
* @return
* @throws Exception
*/
@Transactional // 在一个事务里面做一起提交
@Override
@XxlJob("CMSRoleJobHandler")
public ReturnT<String> execute(String s) throws Exception {
log.info("CMSRoleJobHandler start");
buildProjectRole(saasPreTempalteIdOfProject,"2");
buildOuRole(saasPreTempalteIdOfOu,"1");
log.info("CMSRoleJobHandler end");
return ReturnT.SUCCESS;
}
private void buildProjectRole(Long templateId,String workspaceTypCode) {
// 根据模板id查询角色列表
List<SaasPreRole> role = saasPreRoleDao.lambdaQuery()
.in(SaasPreRole::getTemplateId, templateId)
.in(SaasPreRole::getFitOuTypeBit, Arrays.asList(1,2,4,8,16))
.eq(BaseEntity::getIsDelete,0)
.list();
// 根据单位类型遍历预制角色
Map<Long, List<SaasPreRole>> preRoleMap = role.stream().collect(Collectors.groupingBy(SaasPreRole::getFitOuTypeBit));
preRoleMap.forEach(new BiConsumer<Long, List<SaasPreRole>>() {
@Override
public void accept(Long ouTypeBit, List<SaasPreRole> saasPreRoles) {
// 转换ouTypeBit -> ouType
Integer ouType = tranceOuTypeBit(ouTypeBit);
// 保存权限
saveRole(saasPreRoles, workspaceTypCode, String.valueOf(ouType),OrganizationalUnitTypeEnum.getByType(ouType).getDesc());
}
});
}
private void buildOuRole(Long templateId,String workspaceTypCode) {
// 根据模板id查询角色列表
List<SaasPreRole> role = saasPreRoleDao.lambdaQuery()
.in(SaasPreRole::getTemplateId, templateId)
.eq(SaasPreRole::getFitOuTypeBit, Arrays.asList(64))
.eq(BaseEntity::getIsDelete,0)
.list();
saveRole(role,workspaceTypCode,"1,2,3,4,5","企业通用");
}
/**
* 保存权限通用方法
* @param saasPreRoles
* @param workspaceTypCode
* @param ouType
*/
private void saveRole(List<SaasPreRole> saasPreRoles,String workspaceTypCode,String ouType,String groupName) {
// 创建角色分组
SaasRoleGroup roleGroup = new SaasRoleGroup();
roleGroup.setWorkspaceTypeCode(workspaceTypCode);
roleGroup.setOuTypeCode(ouType);
roleGroup.setName(groupName);
roleGroup.setWorkspaceId(-1l);
roleGroup.setOuId(-1l);
roleGroup.setSort(1);
roleGroupDao.save(roleGroup);
saasPreRoles.forEach(preRole -> {
// 根据角色id查询角色权限集关联关系
List<SaasPreGroupRoleRelation> pgroupRoleRelation = saasPreGroupRoleRelationDao.lambdaQuery()
.eq(SaasPreGroupRoleRelation::getPreRoleId, preRole.getId())
.eq(BaseEntity::getIsDelete, 0)
.list();
if (CollectionUtils.isEmpty(pgroupRoleRelation)) {
return;
}
List<SaasPermissionGroup> permissionGroup = saasPermissionGroupDao.lambdaQuery()
.in(BaseEntity::getId, pgroupRoleRelation.stream().map(SaasPreGroupRoleRelation::getGroupId).collect(Collectors.toList()))
.eq(BaseEntity::getIsDelete, 0)
.list();
List<SaasPgroupPermissionRelation> pgroupPermissionRelation = pgroupPermissionRelationDao.lambdaQuery()
.in(SaasPgroupPermissionRelation::getGroupId, permissionGroup.stream().map(BaseEntity::getId).collect(Collectors.toList()))
.eq(BaseEntity::getIsDelete, 0)
.list();
List<SaasFeature> feature = featureDao.lambdaQuery()
.in(BaseEntity::getId, pgroupPermissionRelation.stream().map(SaasPgroupPermissionRelation::getFeatureId).collect(Collectors.toList()))
.eq(BaseEntity::getIsDelete, 0)
.list();
// 创建新的权限集
SaasPermissionGroup saasPermissionGroup = new SaasPermissionGroup();
saasPermissionGroup.setName("通用权限");
saasPermissionGroup.setDescription("");
saasPermissionGroup.setCreateBy(-1L);
saasPermissionGroup.setUpdateBy(-1L);
saasPermissionGroup.setType("feature");
saasPermissionGroup.setIsCommon(1);
saasPermissionGroupDao.save(saasPermissionGroup);
// 创建新的权限集权限关联关系
feature.forEach(e -> {
SaasPgroupPermissionRelation saasPgroupPermissionRelation = new SaasPgroupPermissionRelation();
saasPgroupPermissionRelation.setGroupId(saasPermissionGroup.getId());
saasPgroupPermissionRelation.setFeatureId(e.getId());
saasPgroupPermissionRelation.setCreateBy(-1L);
saasPgroupPermissionRelation.setUpdateBy(-1L);
pgroupPermissionRelationDao.save(saasPgroupPermissionRelation);
});
// 创建角色:根据预设角色创建新的角色
SaasRole newRole = new SaasRole();
newRole.setRoleType(RoleTypeEnum.INIT.getValue());
newRole.setName(preRole.getName());
newRole.setCreateBy(-1l);
newRole.setUpdateBy(-1l);
newRole.setOwnerOuId(-1l);
newRole.setWorkspaceId(-1l);
roleDao.save(newRole);
// 创建新的角色权限集关联关系
SaasPgroupRoleRelation saasPgroupRoleRelation = new SaasPgroupRoleRelation();
saasPgroupRoleRelation.setRoleId(newRole.getId());
saasPgroupRoleRelation.setGroupId(saasPermissionGroup.getId());
saasPgroupRoleRelation.setCreateBy(-1L);
saasPgroupRoleRelation.setUpdateBy(-1L);
pgroupRoleRelationDao.save(saasPgroupRoleRelation);
// 创建角色分组关联关系
SaasRoleGroupRelation saasRoleGroupRelation = new SaasRoleGroupRelation();
saasRoleGroupRelation.setRoleId(newRole.getId());
saasRoleGroupRelation.setSaasRoleGroupId(roleGroup.getId());
roleGroupRelationDao.save(saasRoleGroupRelation);
// 更新用户关联关系表(根据老的fromRoleId更新至新roldId)
// 根据fromeRoleId查询老的roleId
// TODO zhaobudao fromRoleId的是自定义角色不用管直接丢弃
});
}
private Integer tranceOuTypeBit(Long ouTypeBit) {
Integer ouType;
if (ouTypeBit == 1) {
ouType = OrganizationalUnitTypeEnum.PRIMARY_CONTRACTING_UNIT.getValue();
} else if (ouTypeBit == 2) {
ouType = OrganizationalUnitTypeEnum.CONSTRUCTION_UNIT.getValue();
} else if (ouTypeBit == 4) {
ouType = OrganizationalUnitTypeEnum.SUPERVISION_UNIT.getValue();
} else if (ouTypeBit == 8) {
ouType = OrganizationalUnitTypeEnum.LABOR_SUBCONTRACTING.getValue();
} else if (ouTypeBit == 16) {
ouType = OrganizationalUnitTypeEnum.PROFESSIONAL_SUBCONTRACTING.getValue();
} else {
throw new IllegalStateException("ouTypeBit 错误: " + ouTypeBit);
}
return ouType;
}
}

8
tyr-server/src/main/java/cn/axzo/tyr/server/repository/dao/SaasFeatureDao.java
View File

@ -1,5 +1,6 @@
package cn.axzo.tyr.server.repository.dao;
import cn.axzo.tyr.client.model.req.FeatureTreeReq;
import cn.axzo.tyr.server.repository.entity.SaasFeature;
import com.baomidou.mybatisplus.extension.service.IService;
@ -24,4 +25,11 @@ public interface SaasFeatureDao extends IService<SaasFeature> {
List<SaasFeature> listLikePath(String path);
List<SaasFeature> listByParentIdAndTerminal(Long parentId, String terminal);
List<SaasFeature> listFeatureByTerminal(String terminal);
List<String> listCodeByProductIds(FeatureTreeReq req, List<Long> productIds);
List<String> listByProductIdsAndTerminal(List<Long> productIds, String terminal);
}

14
tyr-server/src/main/java/cn/axzo/tyr/server/repository/dao/SaasPreGroupRoleRelationDao.java Normal file
View File

@ -0,0 +1,14 @@
package cn.axzo.tyr.server.repository.dao;
import cn.axzo.tyr.server.repository.entity.SaasPreGroupRoleRelation;
import cn.axzo.tyr.server.repository.entity.SaasPreRole;
import cn.axzo.tyr.server.repository.mapper.SaasPreGroupRoleRelationMapper;
import cn.axzo.tyr.server.repository.mapper.SaasPreRoleMapper;
import com.baomidou.mybatisplus.extension.service.impl.ServiceImpl;
import org.springframework.stereotype.Repository;
@Repository
public class SaasPreGroupRoleRelationDao extends ServiceImpl<SaasPreGroupRoleRelationMapper, SaasPreGroupRoleRelation> {
}

12
tyr-server/src/main/java/cn/axzo/tyr/server/repository/dao/SaasPreRoleDao.java Normal file
View File

@ -0,0 +1,12 @@
package cn.axzo.tyr.server.repository.dao;
import cn.axzo.tyr.server.repository.entity.SaasPreRole;
import cn.axzo.tyr.server.repository.mapper.SaasPreRoleMapper;
import com.baomidou.mybatisplus.extension.service.impl.ServiceImpl;
import org.springframework.stereotype.Repository;
@Repository
public class SaasPreRoleDao extends ServiceImpl<SaasPreRoleMapper, SaasPreRole> {
}

12
tyr-server/src/main/java/cn/axzo/tyr/server/repository/dao/SaasPreTemplateDao.java Normal file
View File

@ -0,0 +1,12 @@
package cn.axzo.tyr.server.repository.dao;
import cn.axzo.tyr.server.repository.entity.SaasPreTemplate;
import cn.axzo.tyr.server.repository.mapper.SaasPreTemplateMapper;
import com.baomidou.mybatisplus.extension.service.impl.ServiceImpl;
import org.springframework.stereotype.Repository;
@Repository
public class SaasPreTemplateDao extends ServiceImpl<SaasPreTemplateMapper, SaasPreTemplate> {
}

17
tyr-server/src/main/java/cn/axzo/tyr/server/repository/dao/impl/SaasFeatureDaoImpl.java
View File

@ -1,11 +1,13 @@
package cn.axzo.tyr.server.repository.dao.impl;
import cn.axzo.tyr.client.model.req.FeatureTreeReq;
import cn.axzo.tyr.server.repository.entity.SaasFeature;
import cn.axzo.tyr.server.repository.mapper.SaasFeatureMapper;
import cn.axzo.tyr.server.repository.dao.SaasFeatureDao;
import com.baomidou.mybatisplus.core.conditions.query.LambdaQueryWrapper;
import com.baomidou.mybatisplus.core.conditions.update.LambdaUpdateWrapper;
import com.baomidou.mybatisplus.extension.service.impl.ServiceImpl;
import org.apache.commons.lang3.StringUtils;
import org.springframework.stereotype.Service;
import java.util.List;
@ -47,4 +49,19 @@ public class SaasFeatureDaoImpl extends ServiceImpl<SaasFeatureMapper, SaasFeatu
.eq(SaasFeature::getParentId, parentId)
.eq(SaasFeature::getTerminal, terminal));
}
@Override
public List<SaasFeature> listFeatureByTerminal(String terminal) {
return lambdaQuery().eq(StringUtils.isNotEmpty(terminal), SaasFeature::getTerminal, terminal).list();
}
@Override
public List<String> listCodeByProductIds(FeatureTreeReq req, List<Long> productIds) {
return this.baseMapper.listCodeByProductIds(req, productIds);
}
@Override
public List<String> listByProductIdsAndTerminal(List<Long> productIds, String terminal) {
return this.baseMapper.listCodeByProductIdsAndTerminal(productIds, terminal);
}
}

58
tyr-server/src/main/java/cn/axzo/tyr/server/repository/entity/SaasPreGroupRoleRelation.java Normal file
View File

@ -0,0 +1,58 @@
package cn.axzo.tyr.server.repository.entity;
import cn.axzo.pokonyan.config.mybatisplus.BaseEntity;
import com.baomidou.mybatisplus.annotation.TableName;
import lombok.EqualsAndHashCode;
import lombok.Getter;
import lombok.Setter;
import lombok.ToString;
import java.io.Serializable;
/**
* saas-模板角色资源关联表(SaasPreFatureRoleRelation)表实体类
*
* @author makejava
* @since 2022-05-28 17:42:41
*/
@Getter
@Setter
@ToString
@EqualsAndHashCode(callSuper = true)
@TableName("saas_pre_group_role_relation")
public class SaasPreGroupRoleRelation extends BaseEntity<SaasPreGroupRoleRelation> {
/**
* id
*/
/**
* 角色Id
*/
private Long preRoleId;
/**
* 权限Id
*/
private Long groupId;
/**
* 创建人id
*/
private Long createBy;
/**
* 修改人id
*/
private Long updateBy;
/**
* 获取主键值
*
* @return 主键值
*/
@Override
protected Serializable pkVal() {
return this.id;
}
}

65
tyr-server/src/main/java/cn/axzo/tyr/server/repository/entity/SaasPreRole.java Normal file
View File

@ -0,0 +1,65 @@
package cn.axzo.tyr.server.repository.entity;
import cn.axzo.pokonyan.config.mybatisplus.BaseEntity;
import com.baomidou.mybatisplus.annotation.TableName;
import lombok.EqualsAndHashCode;
import lombok.Getter;
import lombok.Setter;
import lombok.ToString;
import java.io.Serializable;
import java.util.List;
/**
* saas-模板角色(SaasPreRole)表实体类
*
* @author makejava
* @since 2022-05-28 17:42:41
*/
@Getter
@Setter
@ToString
@EqualsAndHashCode(callSuper = true)
@TableName("saas_pre_role")
public class SaasPreRole extends BaseEntity<SaasPreRole> {
/**
* 角色名称
*/
private String name;
/**
* 角色描述
*/
private String description;
/**
* 角色类型common 普通角色 super_admin超级管理员(禁止删除) admin子管理员(禁止删除) init初始化内置角色
*/
private String roleType;
/**
* 创建者
*/
private Long createBy;
/**
* 更新者
*/
private Long updateBy;
/**
* 模板Id
*/
private Long templateId;
/**
* 适用单位类型 1:总包 2:建设单位 4:监理单位 8:劳务分包 16:专业分包 0都可以用 只会挂在最末级
*/
private Long fitOuTypeBit;
/**
* 获取主键值
*
* @return 主键值
*/
@Override
protected Serializable pkVal() {
return this.id;
}
}

58
tyr-server/src/main/java/cn/axzo/tyr/server/repository/entity/SaasPreTemplate.java Normal file
View File

@ -0,0 +1,58 @@
package cn.axzo.tyr.server.repository.entity;
import cn.axzo.pokonyan.config.mybatisplus.BaseEntity;
import com.baomidou.mybatisplus.annotation.TableName;
import lombok.EqualsAndHashCode;
import lombok.Getter;
import lombok.Setter;
import lombok.ToString;
import java.io.Serializable;
/**
* saas-模板(SaasPreTemplate)表实体类
*
* @author makejava
* @since 2022-05-28 17:42:40
*/
@Getter
@Setter
@ToString
@EqualsAndHashCode(callSuper = true)
@TableName("saas_pre_template")
public class SaasPreTemplate extends BaseEntity<SaasPreTemplate> {
/**
* 角色名称
*/
private String name;
/**
* 0:企业工作台 1:项目工作台
*/
private Integer type;
/**
* 角色描述
*/
private String description;
/**
* 创建者
*/
private Long createBy;
/**
* 更新者
*/
private Long updateBy;
/**
* 获取主键值
*
* @return 主键值
*/
@Override
protected Serializable pkVal() {
return this.id;
}
}

8
tyr-server/src/main/java/cn/axzo/tyr/server/repository/mapper/SaasFeatureMapper.java
View File

@ -1,9 +1,13 @@
package cn.axzo.tyr.server.repository.mapper;
import cn.axzo.tyr.client.model.req.FeatureTreeReq;
import cn.axzo.tyr.server.repository.entity.SaasFeature;
import com.baomidou.mybatisplus.core.mapper.BaseMapper;
import org.apache.ibatis.annotations.Param;
import org.apache.ibatis.annotations.Update;
import java.util.List;
/**
* <p>
* Mapper 接口
@ -18,4 +22,8 @@ public interface SaasFeatureMapper extends BaseMapper<SaasFeature> {
"SET path = REPLACE(path,#{pathPrefix}, #{newPathPrefix}) , update_by = #{updater} " +
"WHERE path LIKE CONCAT(#{pathPrefix},'%') ")
void updateChildrenPath(Long updater, String pathPrefix, String newPathPrefix);
List<String> listCodeByProductIds(@Param("req") FeatureTreeReq req, @Param("productIds") List<Long> productIds);
List<String> listCodeByProductIdsAndTerminal(@Param("productIds") List<Long> productIds, @Param("terminal") String terminal);
}

11
tyr-server/src/main/java/cn/axzo/tyr/server/repository/mapper/SaasPreGroupRoleRelationMapper.java Normal file
View File

@ -0,0 +1,11 @@
package cn.axzo.tyr.server.repository.mapper;
import cn.axzo.tyr.server.repository.entity.SaasPreGroupRoleRelation;
import cn.axzo.tyr.server.repository.entity.SaasPreRole;
import com.baomidou.mybatisplus.core.mapper.BaseMapper;
public interface SaasPreGroupRoleRelationMapper extends BaseMapper<SaasPreGroupRoleRelation> {
}

10
tyr-server/src/main/java/cn/axzo/tyr/server/repository/mapper/SaasPreRoleMapper.java Normal file
View File

@ -0,0 +1,10 @@
package cn.axzo.tyr.server.repository.mapper;
import cn.axzo.tyr.server.repository.entity.SaasPreRole;
import com.baomidou.mybatisplus.core.mapper.BaseMapper;
public interface SaasPreRoleMapper extends BaseMapper<SaasPreRole> {
}

10
tyr-server/src/main/java/cn/axzo/tyr/server/repository/mapper/SaasPreTemplateMapper.java Normal file
View File

@ -0,0 +1,10 @@
package cn.axzo.tyr.server.repository.mapper;
import cn.axzo.tyr.server.repository.entity.SaasPreTemplate;
import com.baomidou.mybatisplus.core.mapper.BaseMapper;
public interface SaasPreTemplateMapper extends BaseMapper<SaasPreTemplate> {
}

9
tyr-server/src/main/java/cn/axzo/tyr/server/service/RoleService.java
View File

@ -60,6 +60,15 @@ public interface RoleService {
* @return
*/
List<SaasRoleVO> findRoleByName(QueryRoleByNameReq req);
/** 分页查询角色含用户 **/
PageResp<RoleWithUserRes> queryRoleWithUser(RoleWithUserQueryReq req);
/**
* 通过角色类型获取角色
* @param req
* @param roleTypes
* @return
*/
List<SaasRoleVO> queryRoleByRoleTypes(QueryByIdentityIdTypeReq req, List<String> roleTypes);
}

13
tyr-server/src/main/java/cn/axzo/tyr/server/service/SaasFeatureService.java Normal file
View File

@ -0,0 +1,13 @@
package cn.axzo.tyr.server.service;
import cn.axzo.tyr.client.model.req.FeaturePermissionReq;
import cn.axzo.tyr.client.model.res.FeaturePermissionRes;
/**
* @author honghao.zhang
* @since 2023/10/18 18:25
*/
public interface SaasFeatureService {
FeaturePermissionRes listPermissionCodes(FeaturePermissionReq req);
}

10
tyr-server/src/main/java/cn/axzo/tyr/server/service/SaasRoleUserService.java
View File

@ -1,13 +1,13 @@
package cn.axzo.tyr.server.service;
import java.util.List;
import java.util.Set;
import cn.axzo.tyr.client.model.enums.IdentityType;
import cn.axzo.tyr.client.model.roleuser.dto.SuperAdminInfoDTO;
import cn.axzo.tyr.client.model.roleuser.req.*;
import cn.axzo.tyr.server.repository.entity.SaasRoleUserRelation;
import java.util.List;
import java.util.Set;
/**
* @author tanjie@axzo.cn
* @date 2023/9/13 15:36
@ -72,9 +72,9 @@ public interface SaasRoleUserService {
List<SuperAdminInfoDTO> superAdminList(SuperAdminParam param);
/**
* 移除理员
* 移除用户角色包含超
* @param params
* @return
*/
boolean deleteAdminRole(List<DeleteAdminRoleParam> params);
boolean deleteUserRoleIncludeAdmin(List<DeleteUserRoleIncludeAdminParam> params);
}

14
tyr-server/src/main/java/cn/axzo/tyr/server/service/impl/RoleServiceImpl.java
View File

@ -493,6 +493,20 @@ public class RoleServiceImpl implements RoleService {
return PageResp.list(req.getPage(), req.getPageSize(), rolePage.getTotal(), resultData);
}
@Override
public List<SaasRoleVO> queryRoleByRoleTypes(QueryByIdentityIdTypeReq req, List<String> roleTypes) {
List<Long> roleIds = roleUserRelationDao.query(req.getIdentityId(), req.getIdentityType(),
req.getWorkspaceId(), req.getOuId()).stream().map(SaasRoleUserRelation::getRoleId).collect(Collectors.toList());
List<SaasRole> list = new ArrayList<>();
if (CollectionUtils.isNotEmpty(roleIds)) {
list = saasRoleDao.lambdaQuery()
.in(BaseEntity::getId, roleIds)
.in(SaasRole::getRoleType, roleTypes)
.list();
}
return BeanUtil.copyToList(list, SaasRoleVO.class);
}
@Override
public List<SaasRoleVO> findRoleByName(QueryRoleByNameReq req) {
List<SaasRole> roleList = saasRoleDao.findRoleByName(req.getOuId(), req.getWorkspaceId(), req.getRoleNames());

23
tyr-server/src/main/java/cn/axzo/tyr/server/service/impl/RoleUserService.java
View File

@ -211,8 +211,25 @@ public class RoleUserService implements SaasRoleUserService {
@Override
@Transactional(rollbackFor = Exception.class)
public boolean deleteAdminRole(List<DeleteAdminRoleParam> params) {
return false;
public boolean deleteUserRoleIncludeAdmin(List<DeleteUserRoleIncludeAdminParam> params) {
if (CollectionUtils.isEmpty(params)) {
return false;
}
params.forEach(param -> {
List<SaasRole> roles = saasRoleDao.lambdaQuery()
.eq(SaasRole::getWorkspaceId, param.getWorkspaceId()).eq(SaasRole::getOwnerOuId, param.getOuId()).eq(SaasRole::getIsDelete, TableIsDeleteEnum.NORMAL.value).list();
if (CollectionUtils.isEmpty(roles)) {
return;
}
List<Long> roleIds = roles.stream().map(SaasRole::getId).sorted().collect(Collectors.toList());
List<SaasRoleUserRelation> relations = roleUserRelationDao.lambdaQuery().in(SaasRoleUserRelation::getRoleId, roleIds)
.eq(SaasRoleUserRelation::getIdentityId, param.getIdentityId()).eq(SaasRoleUserRelation::getIdentityType, param.getIdentityType().getCode())
.eq(SaasRoleUserRelation::getIsDelete, TableIsDeleteEnum.NORMAL.value).list();
if (CollectionUtils.isNotEmpty(relations)) {
relations.forEach(r -> r.setIsDelete(r.getId()));
roleUserRelationDao.updateBatchById(relations);
}
});
return true;
}
}

202
tyr-server/src/main/java/cn/axzo/tyr/server/service/impl/SaasFeatureServiceImpl.java Normal file
View File

@ -0,0 +1,202 @@
package cn.axzo.tyr.server.service.impl;
import cn.axzo.framework.domain.ServiceException;
import cn.axzo.thrones.client.saas.ServicePkgClient;
import cn.axzo.thrones.client.saas.entity.serivicepgkproduct.ServicePkgProduct;
import cn.axzo.tyr.client.common.enums.RoleTypeEnum;
import cn.axzo.tyr.client.model.req.FeaturePermissionReq;
import cn.axzo.tyr.client.model.req.FeatureTreeReq;
import cn.axzo.tyr.client.model.req.QueryByIdentityIdTypeReq;
import cn.axzo.tyr.client.model.res.FeaturePermissionRes;
import cn.axzo.tyr.client.model.res.FeatureTreeResp;
import cn.axzo.tyr.client.model.vo.SaasRoleVO;
import cn.axzo.tyr.server.repository.dao.SaasFeatureDao;
import cn.axzo.tyr.server.repository.entity.SaasFeature;
import cn.axzo.tyr.server.service.RoleService;
import cn.axzo.tyr.server.service.SaasFeatureService;
import cn.axzo.tyr.server.util.IdPathUtil;
import cn.azxo.framework.common.logger.MethodAroundLog;
import cn.azxo.framework.common.model.CommonResponse;
import cn.hutool.core.bean.BeanUtil;
import cn.hutool.core.collection.CollectionUtil;
import com.google.common.collect.Lists;
import lombok.RequiredArgsConstructor;
import lombok.extern.slf4j.Slf4j;
import org.springframework.stereotype.Service;
import org.springframework.util.CollectionUtils;
import java.util.*;
import java.util.function.Function;
import java.util.stream.Collectors;
import static cn.axzo.tyr.server.util.RpcInternalUtil.checkAndGetData;
/**
* @author honghao.zhang
* @since 2023/10/18 18:26
*/
@Slf4j
@Service
@RequiredArgsConstructor
public class SaasFeatureServiceImpl implements SaasFeatureService {
private final RoleService roleService;
private final ServicePkgClient servicePkgClient;
private final SaasFeatureDao saasFeatureDao;
@Override
public FeaturePermissionRes listPermissionCodes(FeaturePermissionReq req) {
FeaturePermissionRes featurePermissionRes = new FeaturePermissionRes();
QueryByIdentityIdTypeReq idTypeReq = QueryByIdentityIdTypeReq.builder()
.identityId(req.getIdentityId()).identityType(req.getIdentityType())
.ouId(req.getOuId()).workspaceId(req.getWorkspaceId())
.build();
List<SaasRoleVO> saasRoleVOS = roleService.queryRoleByRoleTypes(idTypeReq, Lists.newArrayList(RoleTypeEnum.SUPER_ADMIN.getValue(),
RoleTypeEnum.ADMIN.getValue()));
featurePermissionRes.setSuperAdmin(saasRoleVOS.stream().anyMatch(e -> RoleTypeEnum.SUPER_ADMIN.getValue().equals(e.getRoleType())));
FeatureTreeReq featureTreeReq = new FeatureTreeReq();
featureTreeReq.setIdentityId(req.getIdentityId());
featureTreeReq.setIdentityType(req.getIdentityType());
featureTreeReq.setWorkspaceId(req.getWorkspaceId());
featureTreeReq.setOuId(req.getOuId());
featureTreeReq.setTerminal(req.getTerminal());
List<FeatureTreeResp> saasFeatureTreeResp = filterFeatureTree(featureTreeReq, !saasRoleVOS.isEmpty());
Map<Integer, List<FeatureTreeResp>> treeMap = groupByMenuType(
saasFeatureTreeResp, 20);
featurePermissionRes.setPermissionCodes(treeMap.getOrDefault(3, Collections.emptyList()).stream().map(FeatureTreeResp::getCode)
.collect(Collectors.toSet()));
return featurePermissionRes;
}
@MethodAroundLog(value = "获取权限集树")
private List<FeatureTreeResp> filterFeatureTree(FeatureTreeReq req, boolean isAdmin) {
// 1. 根据这个用户的角色找到对应的codeAdmin/Common各自的拿法
List<String> minFeatureCode = listFeatureCode(req, isAdmin);
log.info("产品对应的最小权限集:{}", minFeatureCode);
// 因为只能查出来最小功能FeatureCode,所以在递归查询出其上级.
List<SaasFeature> allFeature = saasFeatureDao.listFeatureByTerminal(req.getTerminal());
List<SaasFeature> featureTree = constructFeatureByMinFeatureCode(minFeatureCode, allFeature
);
// 2. 组织成一棵树
return formatToTreeAndSort(featureTree, req.getLimitFeatureTypeLevel());
}
private List<FeatureTreeResp> formatToTreeAndSort(List<SaasFeature> featureTree, Integer level) {
List<FeatureTreeResp> roots = new ArrayList<>();
Map<Long, FeatureTreeResp> map = new LinkedHashMap<>();
for (SaasFeature feature : featureTree) {
if (feature.getFeatureType() > level)
continue;
FeatureTreeResp resp = featureBOToResp(feature);
map.put(feature.getId(), resp);
if (feature.getFeatureType() == 0 || feature.getParentId() == 0) {
roots.add(resp);
}
}
for (FeatureTreeResp feature : map.values()) {
FeatureTreeResp parent = map.get(feature.getParentId());
if (null == parent) {
continue;
}
if (parent.getChildren() == null)
parent.setChildren(new ArrayList<>());
parent.getChildren().add(feature);
}
return roots;
}
private FeatureTreeResp featureBOToResp(SaasFeature feature) {
FeatureTreeResp resp = new FeatureTreeResp();
BeanUtil.copyProperties(feature, resp);
resp.setName(feature.getFeatureName());
resp.setCode(feature.getFeatureCode());
resp.setMenuType(feature.getFeatureType());
return resp;
}
private List<SaasFeature> constructFeatureByMinFeatureCode(List<String> minFeatureCode, List<SaasFeature> allFeature) {
List<SaasFeature> result = new ArrayList<>();
Map<Long, SaasFeature> featureMap = allFeature.stream()
.collect(Collectors.toMap(SaasFeature::getId, Function.identity()));
if (!CollectionUtils.isEmpty(minFeatureCode)) {
List<SaasFeature> minFeature = allFeature.stream()
.filter(e -> org.apache.commons.lang3.StringUtils.isNotBlank(e.getFeatureCode())
&& minFeatureCode.contains(e.getFeatureCode())).collect(Collectors.toList());
result.addAll(minFeature);
Set<String> collect = minFeature.stream().map(SaasFeature::getPath)
.collect(Collectors.toSet());
Set<Long> longs = IdPathUtil.featurePathsToIds(collect);
for (Long aLong : longs) {
SaasFeature saasFeatureBO = featureMap.get(aLong);
if (saasFeatureBO != null) {
result.add(saasFeatureBO);
}
}
}
return getFeatureBOS(result);
}
private ArrayList<SaasFeature> getFeatureBOS(List<SaasFeature> result) {
return result.stream()
.collect(Collectors.collectingAndThen(
Collectors.toCollection(
() -> new TreeSet<>(Comparator.comparing(SaasFeature::getId))),
ArrayList::new));
}
private List<String> listFeatureCode(FeatureTreeReq req, boolean isAdmin) {
List<Long> productIds = getProductIdsOfWorkspace(req.getWorkspaceId());
if (isAdmin) {
return listCodeByProductIdsAndTerminal(productIds, req.getTerminal());
}
return listCodeByProductIds(req, productIds);
}
private List<String> listCodeByProductIds(FeatureTreeReq req, List<Long> productIds) {
return saasFeatureDao.listCodeByProductIds(req, productIds);
}
private List<String> listCodeByProductIdsAndTerminal(List<Long> productIds, String terminal) {
return saasFeatureDao.listByProductIdsAndTerminal(productIds, terminal);
}
private Map<Integer, List<FeatureTreeResp>> groupByMenuType(List<FeatureTreeResp> saasFeatureTree, Integer maxDepth) {
HashMap<Integer, List<FeatureTreeResp>> result = new HashMap<>();
if (CollectionUtil.isEmpty(saasFeatureTree) || maxDepth <= 0) {
return result;
}
for (FeatureTreeResp featureTreeResp : saasFeatureTree) {
List<FeatureTreeResp> defaultLists = result.getOrDefault(featureTreeResp.getMenuType(), new ArrayList<>());
if (defaultLists.isEmpty()) {
result.put(featureTreeResp.getMenuType(), defaultLists);
}
defaultLists.add(featureTreeResp);
Map<Integer, List<FeatureTreeResp>> children = groupByMenuType(featureTreeResp.getChildren(), --maxDepth);
for (Integer childrenKey : children.keySet()) {
List<FeatureTreeResp> childList = result.getOrDefault(childrenKey, new ArrayList<>());
if (childList.isEmpty()) {
result.put(childrenKey, childList);
}
childList.addAll(children.get(childrenKey));
}
}
return result;
}
public List<Long> getProductIdsOfWorkspace(Long workspaceId) {
CommonResponse<List<ServicePkgProduct>> servicePkgResponse = servicePkgClient.listProductInWorkSpace(workspaceId);
List<ServicePkgProduct> products = checkAndGetData(servicePkgResponse);
if (CollectionUtil.isEmpty(products)) {
log.warn("thrones:获取产品列表失败:workspaceId{}", workspaceId);
throw new ServiceException("当前工作台未找到任何的产品");
}
return products.stream().map(ServicePkgProduct::getProductId).collect(Collectors.toList());
}
}

33
tyr-server/src/main/java/cn/axzo/tyr/server/util/IdPathUtil.java Normal file
View File

@ -0,0 +1,33 @@
package cn.axzo.tyr.server.util;
import lombok.AccessLevel;
import lombok.NoArgsConstructor;
import org.springframework.util.CollectionUtils;
import org.springframework.util.StringUtils;
import java.util.Arrays;
import java.util.Collections;
import java.util.HashSet;
import java.util.Set;
import java.util.stream.Collectors;
@NoArgsConstructor(access = AccessLevel.PRIVATE)
public class IdPathUtil {
private static final String PATH_SPLIT = "/";
public static Set<Long> featurePathsToIds(Set<String> paths) {
if (CollectionUtils.isEmpty(paths)) {
return Collections.emptySet();
}
return paths.stream().map(e -> {
String[] split = e.split(PATH_SPLIT);
return Arrays.stream(split).filter(StringUtils::hasText).map(Long::parseLong)
.collect(Collectors.toSet());
}).reduce(new HashSet<>(), (a, b) -> {
a.addAll(b);
return a;
});
}
}

56
tyr-server/src/main/resources/mapper/SaasFeatureMapper.xml Normal file
View File

@ -0,0 +1,56 @@
<?xml version="1.0" encoding="UTF-8"?>
<!DOCTYPE mapper PUBLIC "-//mybatis.org//DTD Mapper 3.0//EN"
"http://mybatis.org/dtd/mybatis-3-mapper.dtd">
<mapper namespace="cn.axzo.tyr.server.repository.mapper.SaasFeatureMapper">
<select id="listCodeByProductIds" resultType="java.lang.String">
select distinct sf.feature_code
from saas_feature sf
join saas_pgroup_permission_relation sppr on sf.id = sppr.feature_id and sppr.is_delete =0
join saas_pgroup_role_relation sprr on sprr.group_id = sppr.group_id and sprr.is_delete = 0
join saas_role sr on sr.id = sprr.role_id and sr.is_delete = 0
join saas_role_user_relation srur on srur.role_id = sr.id and srur.is_delete = 0
join saas_product_module_feature_relation pfr on pfr.feature_id = sf.id and pfr.is_delete = 0
join saas_permission_group spg on spg.id = sprr.group_id and spg.is_delete = 0
where sf.is_delete = 0
<if test="req.workspaceId !=0 and req.workspaceId != null">
and srur.workspace_id = #{req.workspaceId}
</if>
<if test="req.ouId !=0 and req.ouId != null">
and srur.ou_id = #{req.ouId}
</if>
<if test="req.identityId !=0 and req.identityId != null">
and srur.identity_id = #{req.identityId}
</if>
<if test="req.identityType != null">
and srur.identity_type = #{req.identityType}
</if>
<if test="req.terminal !='' and req.terminal != null">
and sf.terminal = #{req.terminal}
</if>
<if test="productIds != null and productIds.size>0">
and pfr.product_module_id in
<foreach collection="productIds" index="index" item="id" open="(" separator="," close=")">
#{id}
</foreach>
</if>
</select>
<select id="listCodeByProductIdsAndTerminal" resultType="java.lang.String">
select distinct sf.feature_code
from saas_feature sf
join saas_product_module_feature_relation sp on sf.id = sp.feature_id
where sf.is_delete = 0
and sp.is_delete = 0
<if test="productIds.size>0">
and sp.product_module_id in
<foreach collection="productIds" index="index" item="id" open="(" separator="," close=")">
#{id}
</foreach>
</if>
<if test="terminal != null and terminal !=''">
AND sf.terminal=#{terminal}
</if>
</select>
</mapper>