diff --git a/tyr-server/src/main/java/cn/axzo/tyr/server/config/ExecutorConfig.java b/tyr-server/src/main/java/cn/axzo/tyr/server/config/ExecutorConfig.java index 758d0048..774b1a55 100644 --- a/tyr-server/src/main/java/cn/axzo/tyr/server/config/ExecutorConfig.java +++ b/tyr-server/src/main/java/cn/axzo/tyr/server/config/ExecutorConfig.java @@ -1,5 +1,6 @@ package cn.axzo.tyr.server.config; +import cn.hutool.core.thread.NamedThreadFactory; import lombok.extern.slf4j.Slf4j; import org.springframework.context.annotation.Bean; import org.springframework.context.annotation.Configuration; @@ -24,11 +25,9 @@ public class ExecutorConfig { @Bean public ExecutorService authExecutor() { new ThreadPoolExecutor.CallerRunsPolicy(); - int coreSize = Runtime.getRuntime() - .availableProcessors() < 4 ? Runtime.getRuntime().availableProcessors() * 4 - : Runtime.getRuntime().availableProcessors(); - ThreadPoolExecutor executor = new ThreadPoolExecutor(coreSize, coreSize * 4, 60, TimeUnit.SECONDS, - new ArrayBlockingQueue<>(1), r -> new Thread(r, "TYR-AUTH-EXECUTOR"), new ThreadPoolExecutor.CallerRunsPolicy() { + int coreSize = 5; + ThreadPoolExecutor executor = new ThreadPoolExecutor(coreSize, 30, 60, TimeUnit.SECONDS, + new ArrayBlockingQueue<>(50), new NamedThreadFactory("TYR-AUTH-EXECUTOR-", false), new ThreadPoolExecutor.CallerRunsPolicy() { @Override public void rejectedExecution(Runnable r, ThreadPoolExecutor executor) { log.warn("auth executor rejected , use caller runs"); diff --git a/tyr-server/src/main/java/cn/axzo/tyr/server/service/impl/PermissionPointServiceImpl.java b/tyr-server/src/main/java/cn/axzo/tyr/server/service/impl/PermissionPointServiceImpl.java index d461cbf8..2f2c660a 100644 --- a/tyr-server/src/main/java/cn/axzo/tyr/server/service/impl/PermissionPointServiceImpl.java +++ b/tyr-server/src/main/java/cn/axzo/tyr/server/service/impl/PermissionPointServiceImpl.java @@ -568,7 +568,7 @@ public class PermissionPointServiceImpl implements PermissionPointService { List currentFeatrureList = saasFeatureDao.list(new LambdaQueryWrapper() .eq(SaasFeature::getFeatureCode, featureCode) .eq(StrUtil.isNotBlank(terminal), SaasFeature::getTerminal, terminal)); - //button过滤减少查询 + //button过滤-如果全是按钮则不查子级 Set pathsWithoutButton = currentFeatrureList.stream() .filter(f -> !BUTTON.sameCode(f.getFeatureType())) .map(SaasFeature::getPath) diff --git a/tyr-server/src/main/java/cn/axzo/tyr/server/service/impl/TyrSaasAuthServiceImpl.java b/tyr-server/src/main/java/cn/axzo/tyr/server/service/impl/TyrSaasAuthServiceImpl.java index 7399d88b..f2490cd0 100644 --- a/tyr-server/src/main/java/cn/axzo/tyr/server/service/impl/TyrSaasAuthServiceImpl.java +++ b/tyr-server/src/main/java/cn/axzo/tyr/server/service/impl/TyrSaasAuthServiceImpl.java @@ -4,6 +4,7 @@ import cn.axzo.basics.common.BeanMapper; import cn.axzo.basics.common.util.AssertUtil; import cn.axzo.framework.domain.ServiceException; import cn.axzo.pokonyan.config.mybatisplus.BaseEntity; +import cn.axzo.pokonyan.util.TraceSupplier; import cn.axzo.thrones.client.saas.ServicePkgClient; import cn.axzo.thrones.client.saas.entity.serivicepgkproduct.ServicePkgProduct; import cn.axzo.thrones.client.saas.entity.servicepkg.ServicePkgDetailRes; @@ -15,25 +16,12 @@ import cn.axzo.tyr.client.model.permission.PermissionPointListQueryRequest; import cn.axzo.tyr.client.model.permission.PermissionPointTreeNode; import cn.axzo.tyr.client.model.permission.PermissionPointTreeQueryReq; import cn.axzo.tyr.client.model.product.ProductFeatureRelationVO; -import cn.axzo.tyr.client.model.req.CheckIdentityPermissionReq; -import cn.axzo.tyr.client.model.req.IdentityAuthReq; -import cn.axzo.tyr.client.model.req.ListIdentityFromPermissionReq; -import cn.axzo.tyr.client.model.req.ListPermissionFromFeatureReq; -import cn.axzo.tyr.client.model.req.ListPermissionFromIdentityReq; -import cn.axzo.tyr.client.model.req.OUWorkspacePair; -import cn.axzo.tyr.client.model.req.QuerySaasRoleReq; +import cn.axzo.tyr.client.model.req.*; import cn.axzo.tyr.client.model.res.IdentityAuthRes; import cn.axzo.tyr.client.model.res.ListIdentityFromPermissionResp; import cn.axzo.tyr.client.model.res.QueryIdentityByPermissionResp; import cn.axzo.tyr.client.model.vo.SaasRoleVO; -import cn.axzo.tyr.server.repository.entity.ProductFeatureInfo; -import cn.axzo.tyr.server.repository.entity.ProductFeatureQuery; -import cn.axzo.tyr.server.repository.entity.RolePermission; -import cn.axzo.tyr.server.repository.entity.SaasFeature; -import cn.axzo.tyr.server.repository.entity.SaasProductModuleFeatureRelation; -import cn.axzo.tyr.server.repository.entity.SaasRole; -import cn.axzo.tyr.server.repository.entity.SaasRoleUserRelation; -import cn.axzo.tyr.server.repository.entity.SaasRoleWithUser; +import cn.axzo.tyr.server.repository.entity.*; import cn.axzo.tyr.server.repository.mapper.TyrSaasAuthMapper; import cn.axzo.tyr.server.service.PermissionPointService; import cn.axzo.tyr.server.service.ProductFeatureRelationService; @@ -48,7 +36,6 @@ import cn.hutool.core.date.StopWatch; import cn.hutool.core.util.ArrayUtil; import cn.hutool.core.util.StrUtil; import cn.hutool.json.JSONUtil; -import com.alibaba.fastjson.JSON; import com.google.common.collect.Lists; import lombok.Data; import lombok.RequiredArgsConstructor; @@ -57,16 +44,7 @@ import org.springframework.beans.factory.annotation.Autowired; import org.springframework.beans.factory.annotation.Qualifier; import org.springframework.stereotype.Service; -import java.util.ArrayList; -import java.util.Collection; -import java.util.Collections; -import java.util.HashMap; -import java.util.HashSet; -import java.util.List; -import java.util.Map; -import java.util.Objects; -import java.util.Optional; -import java.util.Set; +import java.util.*; import java.util.concurrent.CompletableFuture; import java.util.concurrent.Executor; import java.util.concurrent.TimeUnit; @@ -533,12 +511,21 @@ public class TyrSaasAuthServiceImpl implements TyrSaasAuthService { result.setOuId(req.getOuId()); result.setWorkspaceId(req.getWorkspaceId()); + StopWatch watch = StopWatch.create("listIdentityFromPermission"); //code查询权限点信息 + watch.start("listNodeWithChildrenByCode"); List features = permissionPointService.listNodeWithChildrenByCode(req.getFeatureCode(), req.getTerminal()); + watch.stop(); + if (CollectionUtil.isEmpty(features)) { + log.warn("------trace-L-I-F-P----> no features found for:{}", req.getFeatureCode()); + return result; + } Set featureIds = features.stream().map(SaasFeature::getId).collect(Collectors.toSet()); log.info("------trace-L-I-F-P----> features need to check:{}", featureIds); //权限匹配 - 工作台是否有指定权限 + watch.start("matchWorkspaceFeature"); Set matchedFeatureIds = matchWorkspaceFeature(req.getWorkspaceId(), req.getWorkspaceJoinType(), featureIds); + watch.stop(); if (CollectionUtil.isEmpty(matchedFeatureIds)) { log.warn("------trace-L-I-F-P----> no matched feature in workspace"); return result; @@ -557,7 +544,10 @@ public class TyrSaasAuthServiceImpl implements TyrSaasAuthService { } //从相关角色查询用户-超管和普通角色 + watch.start("getUsersFromRole"); List users = getUsersFromRole(req, matchedFeatureIds); + watch.stop(); + watch.prettyPrint(TimeUnit.MILLISECONDS); result.setUsers(users); return result; } @@ -585,9 +575,11 @@ public class TyrSaasAuthServiceImpl implements TyrSaasAuthService { private List getUsersFromRole(ListIdentityFromPermissionReq req, Set featureIds) { Long ouId = req.getOuId(); Long workspaceId = req.getWorkspaceId(); - + StopWatch watch = StopWatch.create("getUsersFromRole"); //查询OU-工作台下的角色-含superAdmin + watch.start("listForOUWorkspace"); List roleList = roleService.listForOUWorkspace(ouId, workspaceId, req.getWorkspaceJoinType()); + watch.stop(); List roleIds = roleList.stream().map(SaasRole::getId).collect(Collectors.toList()); log.info("------trace-L-I-F-P----> roles from ou-workspace:{}", roleIds); if (CollectionUtil.isEmpty(roleList)) { @@ -596,9 +588,12 @@ public class TyrSaasAuthServiceImpl implements TyrSaasAuthService { } //查询角色及权限 + watch.start("roleService.getByIds"); List rolePermissions = roleService.getByIds(roleIds, null, Lists.newArrayList(workspaceId), Lists.newArrayList(ouId), true); + watch.stop(); //计算角色实际的权限 - 匹配请求的权限 --> 实际拥有权限的角色 + watch.start("filterMatchFeature"); List matchedRoleList = new ArrayList<>(); for (SaasRoleVO rolePermission : rolePermissions) { List filterFeature = rolePermission.getMatchFeature(workspaceId, ouId); @@ -609,8 +604,10 @@ public class TyrSaasAuthServiceImpl implements TyrSaasAuthService { log.info("------trace-L-I-F-P----> not matched role:{}", rolePermission.getId()); } } + watch.stop(); //查询角色下用户 + watch.start("roleUserService.listByRoleIds"); List matchedRoleIds = matchedRoleList.stream().map(SaasRoleVO::getId).collect(Collectors.toList()); //追加工作台超管 Set superAdmins = roleList @@ -626,6 +623,7 @@ public class TyrSaasAuthServiceImpl implements TyrSaasAuthService { } List relationList = roleUserService.listByRoleIds(matchedRoleIds, ouId, workspaceId); + watch.stop(); //构建用户-去重(identityId-identityType) List users = new ArrayList<>(); Set filterSet = new HashSet<>(); @@ -638,23 +636,34 @@ public class TyrSaasAuthServiceImpl implements TyrSaasAuthService { users.add(user); } } + watch.prettyPrint(TimeUnit.MILLISECONDS); return users; } @Override public List batchListIdentityFromPermission(List reqList) { //异步处理 + StopWatch watch = StopWatch.create("batchListIdentityFromPermission"); + watch.start("addFuture"); List> futureList = new ArrayList<>(); for (ListIdentityFromPermissionReq req : reqList) { - CompletableFuture future = CompletableFuture.supplyAsync( - () -> this.listIdentityFromPermission(req), executor); + long start = System.currentTimeMillis(); + CompletableFuture future = CompletableFuture.supplyAsync(TraceSupplier.create(() -> { + ListIdentityFromPermissionResp resp = this.listIdentityFromPermission(req); + log.info("------trace-B-L-I-F-P----> code:{},task cost:{}", req.getFeatureCode(), System.currentTimeMillis() - start); + return resp; + }), executor); futureList.add(future); } + watch.stop(); List result = new ArrayList<>(); + watch.start("collectResult"); for (CompletableFuture future : futureList) { result.add(future.join()); } + watch.stop(); + watch.prettyPrint(TimeUnit.MILLISECONDS); return result; } diff --git a/tyr-server/src/test/java/cn/axzo/tyr/server/permission/SimpleTest.java b/tyr-server/src/test/java/cn/axzo/tyr/server/permission/SimpleTest.java index 6f379ddc..5b27c8d6 100644 --- a/tyr-server/src/test/java/cn/axzo/tyr/server/permission/SimpleTest.java +++ b/tyr-server/src/test/java/cn/axzo/tyr/server/permission/SimpleTest.java @@ -1,8 +1,11 @@ package cn.axzo.tyr.server.permission; import cn.axzo.tyr.client.model.permission.PermissionPointVO; +import cn.hutool.core.date.StopWatch; import org.junit.Test; +import java.util.concurrent.TimeUnit; + /** * @version V1.0 * @author: ZhanSiHu