feat: (feature/REQ-2595) 修改查询用户有权限的菜单资源支持权限标签过滤

2024-10-24 16:46:10 +08:00 · 2024-10-24 16:46:10 +08:00 · 9a9ab39fcc
commit 9a9ab39fcc
parent 65363b6e48
10 changed files with 51 additions and 193 deletions
--- a/tyr-api/src/main/java/cn/axzo/tyr/client/model/base/WorkspaceOUPair.java
+++ b/tyr-api/src/main/java/cn/axzo/tyr/client/model/base/WorkspaceOUPair.java
@ -1,10 +1,13 @@
 package cn.axzo.tyr.client.model.base;
 import cn.axzo.tyr.client.model.enums.RolePermissionTagEnum;
 import lombok.AllArgsConstructor;
 import lombok.Builder;
 import lombok.Data;
 import lombok.NoArgsConstructor;
 import java.util.Set;
 /**
 * OU Workspace对
 *
@ -22,7 +25,9 @@ public class WorkspaceOUPair {
    private Long workspaceId;
-    private String buildKey() {
+    private Set<RolePermissionTagEnum> tags;
-        return ouId + "-" + workspaceId;
+
    public String buildKey() {
        return ouId + "_" + workspaceId;
    }
 }
--- a/tyr-api/src/main/java/cn/axzo/tyr/client/model/req/BatchPermissionCheckReq.java
+++ b/tyr-api/src/main/java/cn/axzo/tyr/client/model/req/BatchPermissionCheckReq.java
@ -26,6 +26,4 @@ public class BatchPermissionCheckReq {
    @NotBlank(message = "itemCode不能为空")
    private String itemCode;
    private Set<String> tags;
 }
--- a/tyr-api/src/main/java/cn/axzo/tyr/client/model/req/ListPermissionFeatureReq.java
+++ b/tyr-api/src/main/java/cn/axzo/tyr/client/model/req/ListPermissionFeatureReq.java
@ -4,6 +4,7 @@ import cn.axzo.tyr.client.common.enums.FeatureResourceStatus;
 import cn.axzo.tyr.client.common.enums.FeatureResourceType;
 import cn.axzo.tyr.client.common.enums.PageElementFeatureResourceRelationTypeEnum;
 import cn.axzo.tyr.client.model.base.WorkspaceOUPair;
 import cn.axzo.tyr.client.model.enums.RolePermissionTagEnum;
 import lombok.AllArgsConstructor;
 import lombok.Builder;
 import lombok.Data;
@ -68,5 +69,4 @@ public class ListPermissionFeatureReq {
     */
    private FeatureResourceStatus status;
    private Set<String> tags;
 }
--- a/tyr-api/src/main/java/cn/axzo/tyr/client/model/req/PermissionCheckReq.java
+++ b/tyr-api/src/main/java/cn/axzo/tyr/client/model/req/PermissionCheckReq.java
@ -42,6 +42,8 @@ public class PermissionCheckReq {
     */
    private String terminal;
-    @Builder.Default
+    /**
-    private Set<RolePermissionTagEnum> tags = Sets.newHashSet(RolePermissionTagEnum.JOINED);
+     * 权限标签
     */
    private Set<RolePermissionTagEnum> tags;
 }
--- a/tyr-api/src/main/java/cn/axzo/tyr/client/model/req/TreePermissionReq.java
+++ b/tyr-api/src/main/java/cn/axzo/tyr/client/model/req/TreePermissionReq.java
@ -4,6 +4,7 @@ import cn.axzo.tyr.client.common.enums.FeatureResourceStatus;
 import cn.axzo.tyr.client.common.enums.FeatureResourceType;
 import cn.axzo.tyr.client.common.enums.PageElementFeatureResourceRelationTypeEnum;
 import cn.axzo.tyr.client.model.base.WorkspaceOUPair;
 import cn.axzo.tyr.client.model.enums.RolePermissionTagEnum;
 import lombok.AllArgsConstructor;
 import lombok.Builder;
 import lombok.Data;
@ -80,5 +81,4 @@ public class TreePermissionReq {
     */
    private FeatureResourceStatus status;
    private Set<String> tags;
 }
--- a/tyr-server/src/main/java/cn/axzo/tyr/server/controller/permission/PermissionQueryController.java
+++ b/tyr-server/src/main/java/cn/axzo/tyr/server/controller/permission/PermissionQueryController.java
@ -97,7 +97,6 @@ public class PermissionQueryController implements PermissionQueryApi {
    @Override
    public ApiResult<List<ListPermissionFeatureResp>> listPermission(ListPermissionFeatureReq req) {
        return ApiResult.ok(permissionService.listPermission(req));
    }
 }
--- a/tyr-server/src/main/java/cn/axzo/tyr/server/event/inner/CacheRoleSaasFeatureResourceHandler.java
+++ b/tyr-server/src/main/java/cn/axzo/tyr/server/event/inner/CacheRoleSaasFeatureResourceHandler.java
@ -40,12 +40,6 @@ public class CacheRoleSaasFeatureResourceHandler implements InitializingBean {
        log.info("begin cached role saasFeatureResource handler rocketmq event: {}", event);
        RolePermissionCreatedPayload payload = event.normalizedData(RolePermissionCreatedPayload.class);
        // 影响角色权限入口的代码没法简单重构，导致发送的roleIds可能不准确，所以一旦有角色权限的更新事件后，全量更新角色权限，角色权限数量不多
        // 后续收口了代码就准确根据角色去更新缓存
 //        if (CollectionUtils.isEmpty(payload.getRoleIds())) {
 //            return;
 //        }
        ListRoleReq listSaasRoleParam = ListRoleReq.builder()
                .roleIds(Optional.ofNullable(payload.getRoleIds())
                        .map(Lists::newArrayList)
--- a/tyr-server/src/main/java/cn/axzo/tyr/server/service/RoleSaasFeatureResourceCacheService.java
+++ b/tyr-server/src/main/java/cn/axzo/tyr/server/service/RoleSaasFeatureResourceCacheService.java
@ -1,5 +1,6 @@
 package cn.axzo.tyr.server.service;
 import cn.axzo.tyr.client.model.enums.RolePermissionTagEnum;
 import lombok.AllArgsConstructor;
 import lombok.Builder;
 import lombok.Data;
@ -70,5 +71,7 @@ public interface RoleSaasFeatureResourceCacheService {
        private Integer featureType;
        private String uniCode;
        private Set<RolePermissionTagEnum> tags;
    }
 }
--- a/tyr-server/src/main/java/cn/axzo/tyr/server/service/impl/PermissionQueryServiceImpl.java
+++ b/tyr-server/src/main/java/cn/axzo/tyr/server/service/impl/PermissionQueryServiceImpl.java
@ -11,15 +11,14 @@ import cn.axzo.pokonyan.config.mybatisplus.BaseEntity;
 import cn.axzo.thrones.client.saas.ServicePkgClient;
 import cn.axzo.thrones.client.saas.entity.serivicepgkproduct.ServicePkgProduct;
 import cn.axzo.thrones.client.saas.entity.servicepkg.ServicePkgDetailRes;
 import cn.axzo.tyr.client.common.enums.FeatureResourceAuthType;
 import cn.axzo.tyr.client.common.enums.FeatureResourceStatus;
 import cn.axzo.tyr.client.common.enums.FeatureResourceType;
 import cn.axzo.tyr.client.common.enums.RoleTypeEnum;
 import cn.axzo.tyr.client.model.base.FeatureResourceExtraDO;
 import cn.axzo.tyr.client.model.base.WorkspaceOUPair;
 import cn.axzo.tyr.client.model.enums.IdentityType;
 import cn.axzo.tyr.client.model.enums.RolePermissionTagEnum;
 import cn.axzo.tyr.client.model.product.ProductFeatureRelationVO;
 import cn.axzo.tyr.client.model.req.FeatureIdPair;
 import cn.axzo.tyr.client.model.req.IdentityAuthReq;
 import cn.axzo.tyr.client.model.req.ListPermissionFeatureReq;
 import cn.axzo.tyr.client.model.req.NavTreeReq;
@ -35,7 +34,6 @@ import cn.axzo.tyr.client.model.res.ListPermissionFeatureResp;
 import cn.axzo.tyr.client.model.res.NavTreeResp;
 import cn.axzo.tyr.client.model.res.ProductFeatureResourceResp;
 import cn.axzo.tyr.client.model.res.SaasFeatureResourceResp;
 import cn.axzo.tyr.client.model.res.SaasPermissionRelationRes;
 import cn.axzo.tyr.client.model.res.TreePermissionResp;
 import cn.axzo.tyr.client.model.roleuser.dto.SaasRoleUserV2DTO;
 import cn.axzo.tyr.client.model.roleuser.req.ListRoleUserRelationParam;
@ -49,7 +47,6 @@ import cn.axzo.tyr.server.model.WorkspaceFeatureRelation;
 import cn.axzo.tyr.server.repository.dao.ProductModuleDao;
 import cn.axzo.tyr.server.repository.dao.SaasFeatureResourceDao;
 import cn.axzo.tyr.server.repository.entity.SaasFeatureResource;
 import cn.axzo.tyr.server.repository.entity.SaasProductModuleFeatureRelation;
 import cn.axzo.tyr.server.service.PermissionQueryService;
 import cn.axzo.tyr.server.service.ProductFeatureRelationService;
 import cn.axzo.tyr.server.service.ProductSaasFeatureResourceCacheService;
@ -89,7 +86,6 @@ import java.util.function.Function;
 import java.util.stream.Collectors;
 import static cn.axzo.tyr.server.repository.entity.SaasFeatureResource.DISPLAY_STATUS;
 import static cn.axzo.tyr.server.repository.entity.SaasPgroupPermissionRelation.NEW_FEATURE;
 /**
 * 权限查询服务实现
 *
@ -104,7 +100,6 @@ import static cn.axzo.tyr.server.repository.entity.SaasPgroupPermissionRelation.
 public class PermissionQueryServiceImpl implements PermissionQueryService {
    private final SaasFeatureResourceService featureResourceService;
    private final RoleUserService roleUserService;
    private final RoleService roleService;
    private final TyrSaasAuthService saasAuthService;
    private final ServicePkgClient servicePkgClient;
@ -114,7 +109,6 @@ public class PermissionQueryServiceImpl implements PermissionQueryService {
    private final SaasRoleUserRelationService saasRoleUserRelationService;
    private final WorkspaceProductService workspaceProductService;
    private final RoleSaasFeatureResourceCacheService roleSaasFeatureResourceCacheService;
    private final TyrSaasAuthService tyrSaasAuthService;
    @Value("${not.auth.uniCodes:}")
    private Set<String> notAuthUniCodes;
@ -317,125 +311,11 @@ public class PermissionQueryServiceImpl implements PermissionQueryService {
    }
    private List<Long> resolveFeatureIds(TreePermissionReq treePermissionReq) {
        if (CollectionUtils.isEmpty(treePermissionReq.getUniCodes())) {
            return Collections.emptyList();
        }
        PageSaasFeatureResourceReq pageSaasFeatureResourceReq = PageSaasFeatureResourceReq.builder()
                .uniCodes(treePermissionReq.getUniCodes())
                .build();
        return featureResourceService.list(pageSaasFeatureResourceReq).stream()
                .map(SaasFeatureResourceResp::getId)
                .collect(Collectors.toList());
    }
    private List<SaasRoleUserV2DTO> listUserPermission(TreePermissionReq treePermissionReq, List<Long> featureIds) {
        List<ListRoleUserRelationParam.WorkspaceOuPair> workspaceOuPairs = treePermissionReq.getWorkspaceOUPairs().stream()
                .map(e -> ListRoleUserRelationParam.WorkspaceOuPair.builder()
                        .workspaceId(e.getWorkspaceId())
                        .ouId(e.getOuId())
                        .build())
                .collect(Collectors.toList());
        ListRoleUserRelationParam listRoleUserRelationParam = ListRoleUserRelationParam.builder()
                .personId(treePermissionReq.getPersonId())
                .workspaceOuPairs(Lists.newArrayList(workspaceOuPairs))
                .needRole(true)
                .needPermissionRelation(true)
                .featureResourceTypes(treePermissionReq.getFeatureResourceTypes())
                .type(NEW_FEATURE)
                .terminal(treePermissionReq.getTerminal())
                .featureIds(featureIds)
                .build();
        return saasRoleUserRelationService.listV2(listRoleUserRelationParam).stream()
                .filter(e -> e.getSaasRole() != null)
                .collect(Collectors.toList());
    }
    private Set<Long> listUserPermissionFeatureIdsFromDB(TreePermissionReq treePermissionReq) {
        List<Long> featureIds = resolveFeatureIds(treePermissionReq);
        if (CollectionUtils.isNotEmpty(treePermissionReq.getUniCodes()) && CollectionUtils.isEmpty(featureIds)) {
            return Collections.emptySet();
        }
        List<SaasRoleUserV2DTO> saasRoleUserV2DTOS = listUserPermission(treePermissionReq, featureIds);
        // 用户可能没有角色
        if (CollectionUtils.isEmpty(saasRoleUserV2DTOS)) {
            return Collections.emptySet();
        }
        List<WorkspaceProductService.WorkspaceProduct> workspaceProducts = listWorkspaceProducts(treePermissionReq, featureIds);
        //免授权
        Set<Long> authFreeFeatureIds = listNotAuthFeatures(treePermissionReq);
        //取交集确定权限
        return mixFeatureIds(saasRoleUserV2DTOS, workspaceProducts, authFreeFeatureIds);
    }
    private Set<Long> mixFeatureIds(List<SaasRoleUserV2DTO> saasRoleUsers,
                                    List<WorkspaceProductService.WorkspaceProduct> workspaceProducts,
                                    Set<Long> authFreeFeatureIds) {
        Map<Long, WorkspaceProductService.WorkspaceProduct> workspaceProductMap = workspaceProducts.stream()
                .collect(Collectors.toMap(WorkspaceProductService.WorkspaceProduct::getWorkspaceId, Function.identity()));
        return saasRoleUsers.stream()
                .filter(roleUser -> {
                    WorkspaceProductService.WorkspaceProduct workspaceProduct = workspaceProductMap.get(roleUser.getSaasRoleUser().getWorkspaceId());
                    if (workspaceProduct == null || CollectionUtils.isEmpty(workspaceProduct.getSaasProductModuleFeatureRelations())) {
                        log.warn("no workspace product feature found for id:{}", roleUser.getSaasRoleUser().getWorkspaceId());
                        return false;
                    }
                    return true;
                })
                .map(roleUser -> {
                    WorkspaceProductService.WorkspaceProduct workspaceProduct = workspaceProductMap.get(roleUser.getSaasRoleUser().getWorkspaceId());
                    SaasRoleUserV2DTO.SaasRole saasRole = roleUser.getSaasRole();
                    if (RoleTypeEnum.isAdmin(saasRole.getRoleType())) {
                        return resolveAdminRole(workspaceProduct, saasRole);
                    }
                    return resolveNormalRole(workspaceProduct, saasRole, authFreeFeatureIds);
                })
                .flatMap(Collection::stream)
                .collect(Collectors.toSet());
    }
    private List<WorkspaceProductService.WorkspaceProduct> listWorkspaceProducts(TreePermissionReq treePermissionReq,
                                                                                 List<Long> featureIds) {
        //查询租户产品权限点
        Set<Long> workspaceIds = treePermissionReq.getWorkspaceOUPairs().stream()
                .map(WorkspaceOUPair::getWorkspaceId)
                .collect(Collectors.toSet());
        WorkspaceProductService.WorkspaceProductParam workspaceProductParam = WorkspaceProductService.WorkspaceProductParam.builder()
                .terminal(treePermissionReq.getTerminal())
                .workspaceIds(workspaceIds)
                .featureResourceTypes(treePermissionReq.getFeatureResourceTypes())
                .type(NEW_FEATURE)
                .build();
        if (CollectionUtils.isNotEmpty(featureIds)) {
            workspaceProductParam.setFeatureIdPairs(Lists.newArrayList(FeatureIdPair.builder()
                    .featureIds(Sets.newHashSet(featureIds))
                    .type(NEW_FEATURE)
                    .build()));
        }
        return workspaceProductService.listWorkspaceProduct(workspaceProductParam);
    }
    @Override
    public List<TreePermissionResp> treePermission(TreePermissionReq req) {
        Set<Long> allFeatureIds = Sets.newHashSet();
-        Set<Long> featureIds = resovlePermission(req);
+        Set<Long> featureIds = listUserPermissionFeatureIds(req);
        Set<Long> defaultFeatureIds = listNotAuthFeatureIds(req);
        allFeatureIds.addAll(featureIds);
@ -533,20 +413,6 @@ public class PermissionQueryServiceImpl implements PermissionQueryService {
                .collect(Collectors.toList());
    }
    private Set<Long> resovlePermission(TreePermissionReq req) {
        if (tyrSaasAuthService.permissionFromDB()) {
            return listUserPermissionFeatureIdsFromDB(req);
        }
        try {
            return listUserPermissionFeatureIds(req);
        } catch (Exception ex) {
            log.error("查询权限异常，执行降级处理");
            return listUserPermissionFeatureIdsFromDB(req);
        }
    }
    private List<SaasFeatureResourceResp> filterFeature(List<SaasFeatureResourceResp> saasFeatureResources) {
        if (CollectionUtils.isEmpty(saasFeatureResources)) {
            return Collections.emptyList();
@ -843,6 +709,11 @@ public class PermissionQueryServiceImpl implements PermissionQueryService {
                .orElse(Collections.emptyList());
    }
    /**
     * 用户可能只有子节点的权限，但是要构建这个菜单树，所以需要先查询这个端的所有菜单，然后根据用户的权限找到对应的父节点构建树
     * @param treePermissionReq
     * @return
     */
    private Set<Long> listUserPermissionFeatureIds(TreePermissionReq treePermissionReq) {
        List<SaasFeatureResourceService.SaasFeatureResourceCache> allFeatureResources = listAllFeatureResources(treePermissionReq);
@ -882,16 +753,6 @@ public class PermissionQueryServiceImpl implements PermissionQueryService {
                allFeatureIds);
    }
    private Set<Long> listNotAuthFeatures(TreePermissionReq treePermissionReq) {
        PageSaasFeatureResourceReq pageSaasFeatureResourceReq = PageSaasFeatureResourceReq.builder()
                .terminal(treePermissionReq.getTerminal())
                .authType(FeatureResourceAuthType.ALL_ROLE.getCode())
                .build();
        return featureResourceService.list(pageSaasFeatureResourceReq).stream()
                .map(SaasFeatureResourceResp::getId)
                .collect(Collectors.toSet());
    }
    private List<WorkspaceProductService.WorkspaceProductFeatureSource> listWorkspaceProducts(TreePermissionReq treePermissionReq) {
        //查询租户产品权限点
        Set<Long> workspaceIds = treePermissionReq.getWorkspaceOUPairs().stream()
@ -957,6 +818,9 @@ public class PermissionQueryServiceImpl implements PermissionQueryService {
                .map(e -> e.stream().map(FeatureResourceType::getCode).collect(Collectors.toSet()))
                .orElseGet(Sets::newHashSet);
        Map<String, WorkspaceOUPair> workspaceOuPairs = treePermissionReq.getWorkspaceOUPairs().stream()
                .collect(Collectors.toMap(WorkspaceOUPair::buildKey, Function.identity(), (f, s) -> f));
        return saasRoleUsers.stream()
                .map(roleUser -> {
                    List<ProductSaasFeatureResourceCacheService.FeatureResourceDTO> productFeatureSources = workspaceProductMap.get(roleUser.getSaasRoleUser().getWorkspaceId())
@ -974,15 +838,30 @@ public class PermissionQueryServiceImpl implements PermissionQueryService {
                    SaasRoleUserV2DTO.SaasRole saasRole = roleUser.getSaasRole();
-                    Set<Long> adminFeatureIds = resolveAdminRole(productFeatureSources, saasRole);
+                    WorkspaceOUPair workspaceOUPair = workspaceOuPairs.get(roleUser.getSaasRoleUser().buildOuWorkspaceKey());
-                    Set<Long> notAuthFeatureIds = resolveNotAuthFeatureIds(productFeatureSources, authFreeFeatureIds);
+                    if (Objects.isNull(workspaceOUPair)) {
                        return null;
                    }
                    Set<Long> adminFeatureIds = resolveAdminRole(productFeatureSources, saasRole, workspaceOUPair);
                    Set<Long> notAuthFeatureIds = resolveNotAuthFeatureIds(productFeatureSources, authFreeFeatureIds);
                    List<RoleSaasFeatureResourceCacheService.SaasFeatureResourceDTO> roleFeatureResources = Optional.ofNullable(roleFeatureResourceMap.get(saasRole.getId()))
                            .map(role -> role.stream()
                                    .filter(e -> StringUtils.isBlank(treePermissionReq.getTerminal())
                                            || Objects.equals(e.getTerminal(), treePermissionReq.getTerminal()))
                                    .filter(e -> CollectionUtils.isEmpty(featureTypes) || featureTypes.contains(e.getFeatureType()))
                                    .filter(e -> {
                                        if (CollectionUtils.isEmpty(workspaceOUPair.getTags())) {
                                            return true;
                                        }
                                        if (Sets.intersection(workspaceOUPair.getTags(), e.getTags()).isEmpty()) {
                                            return false;
                                        }
                                        return true;
                                    })
                                    .collect(Collectors.toList()))
                            .orElseGet(Lists::newArrayList);
@ -1001,12 +880,17 @@ public class PermissionQueryServiceImpl implements PermissionQueryService {
    }
    private Set<Long> resolveAdminRole(List<ProductSaasFeatureResourceCacheService.FeatureResourceDTO> productFeatureSources,
-                                       SaasRoleUserV2DTO.SaasRole saasRole) {
+                                       SaasRoleUserV2DTO.SaasRole saasRole,
                                       WorkspaceOUPair workspaceOUPair) {
        if (!RoleTypeEnum.isAdmin(saasRole.getRoleType())) {
            return Collections.emptySet();
        }
        if (!CollectionUtils.isEmpty(workspaceOUPair.getTags()) && !workspaceOUPair.getTags().contains(RolePermissionTagEnum.JOINED)) {
            return Collections.emptySet();
        }
        //超管和管理员 直接取和角色类型匹配的租户产品权限
        return productFeatureSources.stream()
                .filter(e -> Objects.equals(e.getCooperateType(), saasRole.getProductUnitType().toString())
@ -1047,33 +931,4 @@ public class PermissionQueryServiceImpl implements PermissionQueryService {
                .filter(authFreeFeatureIds::contains)
                .collect(Collectors.toSet());
    }
    private List<Long> resolveAdminRole(WorkspaceProductService.WorkspaceProduct workspaceProduct,
                                        SaasRoleUserV2DTO.SaasRole saasRole) {
        //超管和管理员 直接取和角色类型匹配的租户产品权限
        return workspaceProduct.getSaasProductModuleFeatureRelations().stream()
                .filter(f -> Objects.equals(f.getDictCode(), saasRole.getProductUnitType().toString())
                        || !NumberUtil.isPositiveNumber(saasRole.getProductUnitType()))
                .map(SaasProductModuleFeatureRelation::getFeatureId)
                .collect(Collectors.toList());
    }
    private List<Long> resolveNormalRole(WorkspaceProductService.WorkspaceProduct workspaceProduct,
                                         SaasRoleUserV2DTO.SaasRole saasRole,
                                         Set<Long> authFreeFeatureIds) {
        //普通角色：角色同类型的租户产品权限已分配 且角色上已分配 + 免授权
        Set<Long> roleFeatureIds = Optional.ofNullable(saasRole.getPermissionRelations())
                .map(e -> e.stream()
                        .map(SaasPermissionRelationRes::getFeatureId)
                        .collect(Collectors.toSet()))
                .orElseGet(Collections::emptySet);
        return workspaceProduct.getSaasProductModuleFeatureRelations().stream()
                .filter(f -> Objects.equals(f.getDictCode(), saasRole.getProductUnitType().toString())
                        || !NumberUtil.isPositiveNumber(saasRole.getProductUnitType()))
                .map(SaasProductModuleFeatureRelation::getFeatureId)
                .filter(id -> roleFeatureIds.contains(id) || authFreeFeatureIds.contains(id))
                .collect(Collectors.toList());
    }
 }
--- a/tyr-server/src/main/java/cn/axzo/tyr/server/service/impl/RoleSaasFeatureResourceCacheServiceImpl.java
+++ b/tyr-server/src/main/java/cn/axzo/tyr/server/service/impl/RoleSaasFeatureResourceCacheServiceImpl.java
@ -162,6 +162,7 @@ public class RoleSaasFeatureResourceCacheServiceImpl implements RoleSaasFeatureR
                                        .featureType(featureResource.getFeatureType())
                                        .terminal(featureResource.getTerminal())
                                        .uniCode(featureResource.getUniCode())
                                        .tags(permissionRelation.getTags())
                                        .build());
                                List<RoleSaasFeatureResourceCacheService.SaasFeatureResourceDTO> parentPermissions = featureResource.resolvePath().stream()
                                        .map(parentFeatureResources::get)
@ -177,6 +178,7 @@ public class RoleSaasFeatureResourceCacheServiceImpl implements RoleSaasFeatureR
                                                    .featureType(f.getFeatureType())
                                                    .terminal(f.getTerminal())
                                                    .uniCode(f.getUniCode())
                                                    .tags(permissionRelation.getTags())
                                                    .build();
                                        })
                                        .filter(Objects::nonNull)