diff --git a/tyr-api/src/main/java/cn/axzo/tyr/client/model/enums/SaasJobTypeEnum.java b/tyr-api/src/main/java/cn/axzo/tyr/client/model/enums/SaasJobTypeEnum.java deleted file mode 100644 index aec9f007..00000000 --- a/tyr-api/src/main/java/cn/axzo/tyr/client/model/enums/SaasJobTypeEnum.java +++ /dev/null @@ -1,45 +0,0 @@ -package cn.axzo.tyr.client.model.enums; - -import com.baomidou.mybatisplus.annotation.EnumValue; -import com.fasterxml.jackson.annotation.JsonCreator; -import com.fasterxml.jackson.annotation.JsonValue; -import lombok.Getter; -import lombok.RequiredArgsConstructor; - -import java.util.Arrays; - -/** - * @author tanjie@axzo.cn - * @date 2022/10/10 10:50 - */ -@Getter -@RequiredArgsConstructor -public enum SaasJobTypeEnum { - //主岗 - MASTER_JOB(1,"岗位"), - //兼岗 - SLAVE_JOB(2,"协助岗位"); - @EnumValue - @JsonValue - private Integer value; - private String desc; - - - SaasJobTypeEnum(Integer value, String desc) { - this.value = value; - this.desc = desc; - } - - @JsonCreator(mode = JsonCreator.Mode.DELEGATING) - public static SaasJobTypeEnum create(Integer value){ - return match(value); - } - - public static SaasJobTypeEnum match(Integer saasJobType) { - return Arrays.stream(values()).filter(e -> e.getValue().equals(saasJobType)).findFirst().get(); - } - - public boolean isMaster() { - return value.equals(MASTER_JOB.getValue()); - } -} diff --git a/tyr-api/src/main/java/cn/axzo/tyr/client/model/permission/AccountUserReq.java b/tyr-api/src/main/java/cn/axzo/tyr/client/model/permission/AccountUserReq.java deleted file mode 100644 index 438c8a3a..00000000 --- a/tyr-api/src/main/java/cn/axzo/tyr/client/model/permission/AccountUserReq.java +++ /dev/null @@ -1,42 +0,0 @@ -package cn.axzo.tyr.client.model.permission; - -import lombok.Data; - -import javax.validation.constraints.NotNull; - -/** - * @author : liuchuntao - * @date : 2022/5/11 10:56 - * @description : 创建账户Req - */ -@Data -public class AccountUserReq { - - /** - * 手机号 - */ - @NotNull(message = "手机号不能为空") - private String phone; - - private String realName; - - /** - * 昵称,历史数据里是真实姓名,未来可以给用户自己定义 - */ - private String nickname; - - - /** - * 自然人Id - */ - private Long naturalPersonId; - - /** - * 创建账号的类型,目前只有在运营人员场景使用 - * 0.从业人员 - * 1.运营人员 - * 3.监管人员 - */ - private Integer type=0; - -} diff --git a/tyr-api/src/main/java/cn/axzo/tyr/client/model/permission/SaasRoleFits.java b/tyr-api/src/main/java/cn/axzo/tyr/client/model/permission/SaasRoleFits.java new file mode 100644 index 00000000..f5967652 --- /dev/null +++ b/tyr-api/src/main/java/cn/axzo/tyr/client/model/permission/SaasRoleFits.java @@ -0,0 +1,165 @@ +package cn.axzo.tyr.client.model.permission; + +import cn.axzo.basics.common.constant.enums.OrganizationalNodeTypeEnum; +import cn.axzo.basics.common.constant.enums.OrganizationalUnitTypeEnum; + +import java.util.ArrayList; +import java.util.Collections; +import java.util.HashMap; +import java.util.List; +import java.util.Map; +import java.util.Map.Entry; +import java.util.Set; +import java.util.stream.Collectors; + +public class SaasRoleFits { + private static Map ouTypeMap = new HashMap<>(); + private static Map ouTypeValueToBitMap = new HashMap<>(); + static { + ouTypeMap.put(1L, OrganizationalUnitTypeEnum.PRIMARY_CONTRACTING_UNIT); //总包 + ouTypeMap.put(2L, OrganizationalUnitTypeEnum.CONSTRUCTION_UNIT); //建设单位 + ouTypeMap.put(4L, OrganizationalUnitTypeEnum.SUPERVISION_UNIT); //监理单位 + ouTypeMap.put(8L, OrganizationalUnitTypeEnum.LABOR_SUBCONTRACTING); //劳务分包 + ouTypeMap.put(16L, OrganizationalUnitTypeEnum.PROFESSIONAL_SUBCONTRACTING); //专业分包 + ouTypeMap.put(32L, OrganizationalUnitTypeEnum.PROJECT_OUT_TEAM); //平台班组 + ouTypeMap.put(64L, OrganizationalUnitTypeEnum.AXZ_PLATFORM); //安心筑平台 + + for(Entry e : ouTypeMap.entrySet()) + ouTypeValueToBitMap.put(e.getValue().getValue(), e.getKey()); + } + + static Map ouNodeTypeMap = new HashMap<>(); + private static Map ouNodeTypeValueToBitMap = new HashMap<>(); + static { + ouNodeTypeMap.put(1L, OrganizationalNodeTypeEnum.DEPARTMENT); // 部门 + ouNodeTypeMap.put(2L, OrganizationalNodeTypeEnum.TEAM); // 团队 + ouNodeTypeMap.put(3L, OrganizationalNodeTypeEnum.GROUP); // 小组 + ouNodeTypeMap.put(4L, OrganizationalNodeTypeEnum.PROJECT_TEAM); // 项目内班组 + ouNodeTypeMap.put(5L, OrganizationalNodeTypeEnum.PROJECT_GROUP); // 项目内小组 + + for(Entry e : ouNodeTypeMap.entrySet()) + ouNodeTypeValueToBitMap.put(e.getValue().getValue(), e.getKey()); + } + + public static List splitToFitOuTypeEnums(Long fitOuType) { + if(isZero(fitOuType)) + return ouTypeMap.values().stream().collect(Collectors.toList()); + List list = toListByCheckBit(fitOuType, ouTypeMap); + return list; + } + + public static List splitToFitOuTypeValues(Long fitOuType) { + if(isZero(fitOuType)) + return ouTypeMap.values().stream().map(e -> e.getValue()).collect(Collectors.toList()); + List list = toListByCheckBit(fitOuType, ouTypeMap); + return list.stream().map(t -> t.getValue()).collect(Collectors.toList()); + } + + public static List splitToFitOuNodeTypeValues(Long fitOuNodeType) { + if(isZero(fitOuNodeType)) + return ouNodeTypeMap.values().stream().map(e -> e.getValue()).collect(Collectors.toList()); + List list = toListByCheckBit(fitOuNodeType, ouNodeTypeMap); + return list.stream().map(t -> t.getValue()).collect(Collectors.toList()); + } + + public static List splitToFitOuNodeTypeEnums(Long fitOuNodeType) { + if(isZero(fitOuNodeType)) + return ouNodeTypeMap.values().stream().collect(Collectors.toList()); + List list = toListByCheckBit(fitOuNodeType, ouNodeTypeMap); + return list; + } + + public static Long concatFitOuTypeByList(List fitOuTypeList) { + if(fitOuTypeList == null || fitOuTypeList.size() == 0) + return 0L; + Set set = fitOuTypeList.stream().collect(Collectors.toSet()); + Long result = 0L; + for(OrganizationalUnitTypeEnum type : set) { + result += ouTypeValueToBitMap.get(type.getValue()); + } + return result; + } + + public static Long concatFitOuNodeTypeByList(List fitOuNodeTypeList) { + if(fitOuNodeTypeList == null || fitOuNodeTypeList.size() == 0) + return 0L; + Set set = fitOuNodeTypeList.stream().collect(Collectors.toSet()); + Long result = 0L; + for(OrganizationalNodeTypeEnum type : set) { + result += ouNodeTypeValueToBitMap.get(type.getValue()); + } + return result; + } + + public static Long concatFitOuTypeByValues(List fitOuTypeList) { + if(fitOuTypeList == null || fitOuTypeList.size() == 0) + return 0L; + Set set = fitOuTypeList.stream().collect(Collectors.toSet()); + Long result = 0L; + for(Integer type : set) { + result += ouTypeValueToBitMap.get(type); + } + return result; + } + + public static Long concatFitOuNodeTypeByValues(List fitOuNodeTypeList) { + if(fitOuNodeTypeList == null || fitOuNodeTypeList.size() == 0) + return 0L; + Set set = fitOuNodeTypeList.stream().collect(Collectors.toSet()); + Long result = 0L; + for(Integer type : set) { + result += ouNodeTypeValueToBitMap.get(type); + } + return result; + } + + public static boolean isFitOuType(Long fitOuTypeBit, Integer ouType) { + if(fitOuTypeBit == 0 || fitOuTypeBit == null) + return true; + Long bit = ouTypeValueToBitMap.get(ouType); + long result = bit & fitOuTypeBit; + return result > 0; + } + + public static boolean isFitOuNodeType(Long fitOuNodeTypeBit, Integer ouNodeType) { + if(fitOuNodeTypeBit == 0 || fitOuNodeTypeBit == null) + return true; + Long bit = ouNodeTypeValueToBitMap.get(ouNodeType); + long result = bit & fitOuNodeTypeBit; + return result > 0; + } + + ///以下是工具函数 + + private static boolean isZero(Long l) { + if(l == null) + return true; + if(l == 0L) + return true; + return false; + } + + private static List toListByCheckBit(Long fitOuType, Map map) { + if(fitOuType == null || fitOuType == 0L) + return Collections.emptyList(); + + List list = new ArrayList<>(); + for(Long key : map.keySet()) { + long result = fitOuType & key; + if(result > 0L) { + list.add(map.get(key)); + } + } + return list; + } + + + public static void main(String[] args) { + List list = SaasRoleFits.splitToFitOuTypeValues(1+2+4L); + System.out.println(list); + Long value = SaasRoleFits.concatFitOuNodeTypeByValues(list); + System.out.println(value); + } + + +} diff --git a/tyr-api/src/main/java/cn/axzo/tyr/client/model/permission/WorkspaceUpdateUserRoleDTO.java b/tyr-api/src/main/java/cn/axzo/tyr/client/model/permission/WorkspaceUpdateUserRoleDTO.java deleted file mode 100644 index 202130ec..00000000 --- a/tyr-api/src/main/java/cn/axzo/tyr/client/model/permission/WorkspaceUpdateUserRoleDTO.java +++ /dev/null @@ -1,46 +0,0 @@ -package cn.axzo.tyr.client.model.permission; - -import cn.axzo.basics.profiles.common.enums.IdentityType; -import cn.axzo.tyr.client.model.enums.SaasJobTypeEnum; -import lombok.AllArgsConstructor; -import lombok.Builder; -import lombok.Data; -import lombok.NoArgsConstructor; - -import java.util.List; - -@Builder -@Data -@NoArgsConstructor -@AllArgsConstructor -public class WorkspaceUpdateUserRoleDTO { - - /** - * 工作台id,与context校验 - */ - private Long workspaceId; - - /** - * 单位id : 必填 - */ - private Long ouId; - - /** - * 被赋予角色的人的身份id - */ - private Long identityId; - - /** - * 被赋予角色的人的身份类型 - */ - private IdentityType identityType; - - /** - * 完整的update,之前的所有RoleId都被更新 - */ - private List updateRoleIds; - - - private SaasJobTypeEnum jobType = SaasJobTypeEnum.SLAVE_JOB; - -} diff --git a/tyr-server/pom.xml b/tyr-server/pom.xml index 64dde375..b6dc9549 100644 --- a/tyr-server/pom.xml +++ b/tyr-server/pom.xml @@ -100,6 +100,12 @@ cn.axzo.maokai maokai-api + + + cn.axzo.basics + basics-auth-api + + @@ -144,6 +150,12 @@ alibaba-dingtalk-service-sdk 2.0.0 + + + cn.axzo.braum + braum-api + 1.0.0-SNAPSHOT + diff --git a/tyr-server/src/main/java/cn/axzo/tyr/server/controller/permission/SaasAuthApiImpl.java b/tyr-server/src/main/java/cn/axzo/tyr/server/controller/permission/SaasAuthApiImpl.java index a69dddf2..3081143d 100644 --- a/tyr-server/src/main/java/cn/axzo/tyr/server/controller/permission/SaasAuthApiImpl.java +++ b/tyr-server/src/main/java/cn/axzo/tyr/server/controller/permission/SaasAuthApiImpl.java @@ -1,6 +1,9 @@ package cn.axzo.tyr.server.controller.permission; import cn.axzo.basics.common.BeanMapper; +import cn.axzo.basics.common.util.AssertUtil; +import cn.axzo.basics.profiles.api.IdentityProfileApi; +import cn.axzo.basics.profiles.api.vo.request.FindIdentityProfileReq; import cn.axzo.basics.profiles.common.enums.IdentityType; import cn.axzo.basics.profiles.dto.basic.IdentityProfileDto; import cn.axzo.tyr.client.feign.SaasAuthApi; @@ -10,6 +13,7 @@ import cn.axzo.tyr.client.model.permission.IdentityKey; import cn.axzo.tyr.client.model.permission.QueryIdentityByPermissionDTO; import cn.axzo.tyr.client.model.permission.QueryIdentityByPermissionReq; import cn.axzo.tyr.server.service.SaasRoleUserRelationService; +import cn.axzo.tyr.server.util.RpcInternalUtil; import cn.azxo.framework.common.model.CommonResponse; import cn.hutool.core.collection.CollectionUtil; import com.google.common.collect.Lists; @@ -26,7 +30,7 @@ import java.util.stream.Collectors; public class SaasAuthApiImpl implements SaasAuthApi { private final SaasRoleUserRelationService relationService; -// private final IdentityProfileService identityProfileService; + private final IdentityProfileApi identityProfileApi; private static final String SPLIT = "|"; @@ -54,13 +58,16 @@ public class SaasAuthApiImpl implements SaasAuthApi { private IdentityProfileDto getSuperAdmin(Long identityId, IdentityType identityType, Long workspaceId, Long ouId) { IdentityProfileDto saasAccount = null; boolean superAdmin = relationService.isSuperAdmin(identityId, identityType, workspaceId, ouId); -// if (superAdmin) { -// Optional identityProfile = identityProfileService.findIdentityProfile(identityId, identityType); -// if (!identityProfile.isPresent()) { -// AssertUtil.fail("未找到自然人信息"); -// } -// saasAccount = identityProfile.get(); -// } + if (superAdmin) { + IdentityProfileDto identityProfile = RpcInternalUtil.checkAndGetData(identityProfileApi.findIdentityProfile(FindIdentityProfileReq.builder() + .identityId(identityId) + .identityType(identityType) + .build())); + if (identityProfile == null) { + AssertUtil.fail("未找到自然人信息"); + } + saasAccount = identityProfile; + } return saasAccount; } diff --git a/tyr-server/src/main/java/cn/axzo/tyr/server/controller/permission/SaasRoleApiImpl.java b/tyr-server/src/main/java/cn/axzo/tyr/server/controller/permission/SaasRoleApiImpl.java index 953a49b0..abde78ea 100644 --- a/tyr-server/src/main/java/cn/axzo/tyr/server/controller/permission/SaasRoleApiImpl.java +++ b/tyr-server/src/main/java/cn/axzo/tyr/server/controller/permission/SaasRoleApiImpl.java @@ -1,14 +1,34 @@ package cn.axzo.tyr.server.controller.permission; import cn.axzo.basics.profiles.api.OperatorProfileServiceApi; +import cn.axzo.basics.profiles.api.RegulatorProfileApi; import cn.axzo.basics.profiles.api.UserProfileServiceApi; +import cn.axzo.basics.profiles.api.vo.profiles.PersonPostVo; +import cn.axzo.basics.profiles.api.vo.profiles.PractitionerAndPersonPostVO; +import cn.axzo.basics.profiles.common.enums.IdentityType; +import cn.axzo.basics.profiles.dto.basic.OperatorProfileDto; +import cn.axzo.basics.profiles.dto.basic.PersonProfileDto; +import cn.axzo.basics.profiles.dto.basic.PersonUnion; +import cn.axzo.basics.profiles.dto.basic.PractitionerProfileDto; +import cn.axzo.basics.profiles.dto.basic.RegulatorProfileDto; +import cn.axzo.basics.profiles.dto.request.PersonUpdateDto; +import cn.axzo.basics.profiles.dto.request.PractitionerUpdateDto; +import cn.axzo.braum.client.feign.SaasAccountApi; +import cn.axzo.braum.client.request.AccountUserReq; +import cn.axzo.framework.domain.ServiceException; import cn.axzo.tyr.client.feign.SaasRoleApi; import cn.axzo.tyr.client.model.permission.IdentityAndAccountResp; +import cn.axzo.tyr.client.model.permission.UpdateWorkspaceSupAdminDTO; import cn.axzo.tyr.client.model.permission.WorkspaceGrantAdminRoleByPhoneReq; import cn.axzo.tyr.client.model.permission.WorkspaceGrantAdminRoleReq; +import cn.axzo.tyr.client.model.roleuser.req.CreateSuperAdminRoleParam; import cn.axzo.tyr.server.controller.roleuser.RoleUserController; +import cn.axzo.tyr.server.util.RpcInternalUtil; import cn.azxo.framework.common.model.CommonResponse; +import cn.hutool.extra.pinyin.PinyinUtil; +import com.google.common.collect.Lists; import lombok.extern.slf4j.Slf4j; +import lombok.var; import org.springframework.beans.factory.annotation.Autowired; import org.springframework.transaction.annotation.Transactional; import org.springframework.web.bind.annotation.RestController; @@ -19,24 +39,16 @@ import java.util.List; @RestController public class SaasRoleApiImpl implements SaasRoleApi { -// @Autowired -// private SaasRoleUserRelationService saasRoleUserRelationService; -// -// @Autowired -// private SaasAccountService accountService; -// -// @Autowired -// private PractitionerProfileService practitionerProfileService; -// @Autowired -// private OperatorServiceImpl operatorService; -// @Autowired -// private RegulatorProfileService regulatorProfileService; @Autowired private OperatorProfileServiceApi operatorProfileServiceApi; @Autowired private UserProfileServiceApi userProfileServiceApi; @Autowired private RoleUserController roleUserController; + @Autowired + private RegulatorProfileApi regulatorProfileApi; + @Autowired + private SaasAccountApi saasAccountApi; @Override @Transactional(rollbackFor = Exception.class) @@ -54,110 +66,110 @@ public class SaasRoleApiImpl implements SaasRoleApi { @Transactional(rollbackFor = Exception.class) public CommonResponse> grantAdminRoleByPhone( List req) { -// List list = Lists.newArrayList(); -// -// req.forEach(item -> { -// -// if (null == item.getPhone()) { -// throw new ServiceException("账号为空"); -// } -// //校验账户是否存在 存在继续 不存在-创建账户及身份 -// AccountUserDto accounDto = null; -// var phone = item.getPhone(); -// -// PersonUpdateDto personUpdate = new PersonUpdateDto(). -// setRealName(item.getNickName()). -// setRealNamePinyin(PinyinUtil.getPinyin(item.getNickName())); -// personUpdate.setPhone(phone); -// PersonUnion personUnion = new PersonUnion(); -// personUnion.setPhone(phone); -// -// // 通过手机号这个唯一条件创建人员用户,幂等返回用户 -// PersonProfileDto newPersonProfile; -// Long identityId; -// IdentityType identityType; -// //这里要判断是不是OMS 工作台 // TODO: 2023/8/8 @TanJ 后续需要改成使用WorkspaceTypeEnum判断 -// if (item.getWorkspaceType().equals(6)) { -// //如果是OMS,运营人员 -// PersonUpdateDto personUpdateDto = new PersonUpdateDto(); -// personUpdateDto.setPhone(phone); -// personUpdateDto.setRealName(item.getNickName()); -// personUpdateDto.setRealNamePinyin(PinyinUtil.getPinyin(item.getNickName())); -// OperatorProfileDto withPerson = RpcInternalUtil.checkAndGetData(operatorProfileServiceApi.addOperator(personUpdateDto)); -// newPersonProfile=withPerson.getPersonProfile(); -// identityId= withPerson.getId(); -// identityType= IdentityType.OPERATOR; -// } else if (item.getWorkspaceType().equals(3)) { -// RegulatorUpdateDto regulatorUpdateDto = new RegulatorUpdateDto(); -// RegulatorProfileDto regulatorProfileDto = regulatorProfileService.createWithPerson(regulatorUpdateDto, personUnion, personUpdate); -// newPersonProfile = regulatorProfileDto.getPersonProfile(); -// identityId= regulatorProfileDto.getId(); -// identityType= IdentityType.REGULATOR; -// } else { -// PractitionerAndPersonPostVO practitionerAndPersonPostVO = new PractitionerAndPersonPostVO(); -// practitionerAndPersonPostVO.setUpdate(new PractitionerUpdateDto()); -// -// PersonPostVo personPostVo = new PersonPostVo(); -// personPostVo.setPhone(phone); -// personPostVo.setRealName(item.getNickName()); -// practitionerAndPersonPostVO.setPersonPost(personPostVo); -// PractitionerProfileDto practitionerDto = RpcInternalUtil.checkAndGetData(userProfileServiceApi.postPractitionerProfileWithUnionPerson(practitionerAndPersonPostVO)); -// -// newPersonProfile = practitionerDto.getPersonProfile(); -// identityId= practitionerDto.getId(); -// identityType= IdentityType.PRACTITIONER; -// } -// -// -// -// AccountUserReq accountUserReq = new AccountUserReq(); -// accountUserReq.setPhone(newPersonProfile.getPhone()); -// accountUserReq.setNickname(item.getNickName()); -// accountUserReq.setNaturalPersonId(newPersonProfile.getId()); -// accountUserReq.setType(identityType.equals(IdentityType.OPERATOR) ? 1 : 0); -// accounDto = accountService.createAccount(accountUserReq, 0L); -// //历史代码,暂时屏蔽,上面的创建账号是幂等创建,不会重复创建。 -// /* if (account == null) { -// accounDto = accountService.createAccount(accountUserReq, 0L); -// } else { -// //有账号也不能确认是第一次创建OMS -// accounDto = new AccountUserDto(); -// accounDto.setAccountId(account.getId()); -// accounDto.setPhone(item.getPhone()); -// accounDto.setNickname(item.getNickName()); -// account.setNickname(item.getNickName()); -// account.setNaturalPersonId(newPersonProfile.getId()); -// accountService.updateById(account); -// }*/ -// -// accounDto.setIdentityId(identityId); -// -// UpdateWorkspaceSupAdminDTO dto = UpdateWorkspaceSupAdminDTO.builder() -// .workspaceId(item.getWorkspaceId()) -// .identityType(identityType) -// .identityId(accounDto.getIdentityId()) -// .naturalPersonId(newPersonProfile.getId()) -// .organizationalUnitId(item.getOuId()) -// .workspaceType(item.getWorkspaceType()) -// .build(); -// CreateSuperAdminRoleParam createSuperAdminRoleParam = new CreateSuperAdminRoleParam(); -// createSuperAdminRoleParam.setWorkspaceId(item.getWorkspaceId()); -// createSuperAdminRoleParam.setOuId(item.getOuId()); -// createSuperAdminRoleParam.setIdentityId(accounDto.getIdentityId()); -// createSuperAdminRoleParam.setIdentityType(cn.axzo.tyr.client.model.enums.IdentityType.getIdentityType(dto.getIdentityType().getCode())); -// createSuperAdminRoleParam.setWorkspaceType(dto.getWorkspaceType()); -// createSuperAdminRoleParam.setNaturalPersonId(dto.getNaturalPersonId()); -// roleUserController.createSuperAdminRole(createSuperAdminRoleParam); -// IdentityAndAccountResp resp = new IdentityAndAccountResp(); -// resp.setIdentityId(identityId); -// resp.setIdentityType(identityType); -// resp.setAccountId(accounDto.getAccountId()); -// resp.setPhone(accounDto.getPhone()); -// resp.setRealName(newPersonProfile.getRealName()); -// resp.setNaturalPersonId(newPersonProfile.getId()); -// list.add(resp); -// }); -// return CommonResponse.success(list); - return null; + List list = Lists.newArrayList(); + + req.forEach(item -> { + + if (null == item.getPhone()) { + throw new ServiceException("账号为空"); + } + //校验账户是否存在 存在继续 不存在-创建账户及身份 + cn.axzo.braum.client.resp.IdentityAndAccountResp accounDto = null; + var phone = item.getPhone(); + + PersonUpdateDto personUpdate = new PersonUpdateDto(). + setRealName(item.getNickName()). + setRealNamePinyin(PinyinUtil.getPinyin(item.getNickName())); + personUpdate.setPhone(phone); + PersonUnion personUnion = new PersonUnion(); + personUnion.setPhone(phone); + + // 通过手机号这个唯一条件创建人员用户,幂等返回用户 + PersonProfileDto newPersonProfile; + Long identityId; + IdentityType identityType; + //这里要判断是不是OMS 工作台 // TODO: 2023/8/8 @TanJ 后续需要改成使用WorkspaceTypeEnum判断 + if (item.getWorkspaceType().equals(6)) { + //如果是OMS,运营人员 + PersonUpdateDto personUpdateDto = new PersonUpdateDto(); + personUpdateDto.setPhone(phone); + personUpdateDto.setRealName(item.getNickName()); + personUpdateDto.setRealNamePinyin(PinyinUtil.getPinyin(item.getNickName())); + OperatorProfileDto withPerson = RpcInternalUtil.checkAndGetData(operatorProfileServiceApi.addOperator(personUpdateDto)); + newPersonProfile=withPerson.getPersonProfile(); + identityId= withPerson.getId(); + identityType= IdentityType.OPERATOR; + } else if (item.getWorkspaceType().equals(3)) { + PersonUpdateDto personUpdateDto = new PersonUpdateDto(); + personUpdateDto.setPhone(phone); + RegulatorProfileDto regulatorProfileDto = RpcInternalUtil.checkAndGetData(regulatorProfileApi.create(personUpdateDto)); + newPersonProfile = regulatorProfileDto.getPersonProfile(); + identityId= regulatorProfileDto.getId(); + identityType= IdentityType.REGULATOR; + } else { + PractitionerAndPersonPostVO practitionerAndPersonPostVO = new PractitionerAndPersonPostVO(); + practitionerAndPersonPostVO.setUpdate(new PractitionerUpdateDto()); + + PersonPostVo personPostVo = new PersonPostVo(); + personPostVo.setPhone(phone); + personPostVo.setRealName(item.getNickName()); + practitionerAndPersonPostVO.setPersonPost(personPostVo); + PractitionerProfileDto practitionerDto = RpcInternalUtil.checkAndGetData(userProfileServiceApi.postPractitionerProfileWithUnionPerson(practitionerAndPersonPostVO)); + + newPersonProfile = practitionerDto.getPersonProfile(); + identityId= practitionerDto.getId(); + identityType= IdentityType.PRACTITIONER; + } + + + + AccountUserReq accountUserReq = new AccountUserReq(); + accountUserReq.setPhone(newPersonProfile.getPhone()); + accountUserReq.setNickname(item.getNickName()); + accountUserReq.setNaturalPersonId(newPersonProfile.getId()); + accountUserReq.setType(identityType.equals(IdentityType.OPERATOR) ? 1 : 0); + accounDto = RpcInternalUtil.checkAndGetData(saasAccountApi.createAccount(accountUserReq)); + //历史代码,暂时屏蔽,上面的创建账号是幂等创建,不会重复创建。 + /* if (account == null) { + accounDto = accountService.createAccount(accountUserReq, 0L); + } else { + //有账号也不能确认是第一次创建OMS + accounDto = new AccountUserDto(); + accounDto.setAccountId(account.getId()); + accounDto.setPhone(item.getPhone()); + accounDto.setNickname(item.getNickName()); + account.setNickname(item.getNickName()); + account.setNaturalPersonId(newPersonProfile.getId()); + accountService.updateById(account); + }*/ + + accounDto.setIdentityId(identityId); + + UpdateWorkspaceSupAdminDTO dto = UpdateWorkspaceSupAdminDTO.builder() + .workspaceId(item.getWorkspaceId()) + .identityType(identityType) + .identityId(accounDto.getIdentityId()) + .naturalPersonId(newPersonProfile.getId()) + .organizationalUnitId(item.getOuId()) + .workspaceType(item.getWorkspaceType()) + .build(); + CreateSuperAdminRoleParam createSuperAdminRoleParam = new CreateSuperAdminRoleParam(); + createSuperAdminRoleParam.setWorkspaceId(item.getWorkspaceId()); + createSuperAdminRoleParam.setOuId(item.getOuId()); + createSuperAdminRoleParam.setIdentityId(accounDto.getIdentityId()); + createSuperAdminRoleParam.setIdentityType(cn.axzo.tyr.client.model.enums.IdentityType.getIdentityType(dto.getIdentityType().getCode())); + createSuperAdminRoleParam.setWorkspaceType(dto.getWorkspaceType()); + createSuperAdminRoleParam.setNaturalPersonId(dto.getNaturalPersonId()); + roleUserController.createSuperAdminRole(createSuperAdminRoleParam); + IdentityAndAccountResp resp = new IdentityAndAccountResp(); + resp.setIdentityId(identityId); + resp.setIdentityType(identityType); + resp.setAccountId(accounDto.getAccountId()); + resp.setPhone(accounDto.getPhone()); + resp.setRealName(newPersonProfile.getRealName()); + resp.setNaturalPersonId(newPersonProfile.getId()); + list.add(resp); + }); + return CommonResponse.success(list); } } diff --git a/tyr-server/src/main/java/cn/axzo/tyr/server/model/SaasUserRoleExBO.java b/tyr-server/src/main/java/cn/axzo/tyr/server/model/SaasUserRoleExBO.java index 45fcd0b0..a1e94938 100644 --- a/tyr-server/src/main/java/cn/axzo/tyr/server/model/SaasUserRoleExBO.java +++ b/tyr-server/src/main/java/cn/axzo/tyr/server/model/SaasUserRoleExBO.java @@ -1,10 +1,10 @@ package cn.axzo.tyr.server.model; -import cn.axzo.basics.auth.dto.consts.SaasRoleFits; -import cn.axzo.basics.auth.enums.WorkspaceTypeWithLegacyEnum; import cn.axzo.basics.common.constant.enums.OrganizationalNodeTypeEnum; import cn.axzo.basics.common.constant.enums.OrganizationalUnitTypeEnum; import cn.axzo.basics.profiles.common.enums.IdentityType; +import cn.axzo.tyr.client.common.SaasRoleFits; +import cn.axzo.tyr.client.model.enums.WorkspaceTypeWithLegacyEnum; import lombok.Getter; import lombok.Setter; import lombok.ToString; diff --git a/tyr-server/src/main/java/cn/axzo/tyr/server/service/SaasAuthService.java b/tyr-server/src/main/java/cn/axzo/tyr/server/service/SaasAuthService.java deleted file mode 100644 index 45ae5a4d..00000000 --- a/tyr-server/src/main/java/cn/axzo/tyr/server/service/SaasAuthService.java +++ /dev/null @@ -1,62 +0,0 @@ -package cn.axzo.tyr.server.service; - -import cn.axzo.basics.profiles.common.enums.IdentityType; -import cn.axzo.framework.auth.domain.TerminalInfo; -import cn.axzo.tyr.client.model.permission.BaseAuthorizationReq; -import cn.axzo.tyr.client.model.permission.SaasFeatureTreeResp; -import cn.axzo.tyr.client.model.permission.SaasRoleBO; - -import java.util.List; -import java.util.Map; - -public interface SaasAuthService { - - /** - * @param identityId - * @param workspaceId - * @param ouId 选填,如果是null,就不限制在某个ou里。 - * @return - */ - List getRoles(Long identityId, IdentityType identityType, Long workspaceId, - Long ouId); - - boolean hasLeaderPermission(Long identityId, IdentityType identityType, String featureCode); - - /** - * 检查某个人是否拥有指定featureCode,不管在哪个工作台里面 - * @param identityId - * @param identityType - * @param featureCode - * @return - */ - boolean hasSaasPermissionIgnoreWorkspace(Long identityId, IdentityType identityType, String featureCode); - /** - * 验证指定人是否拥有权限 true为有权限 - * - * @param tm - * @param identityId 身份id - * @param workspaceId 工作台id - * @param ouId 单位id - * @param featureCode 权限码 - * @param workspaceType - * @param workspaceJoinTypes - * @return - */ - @Deprecated - Boolean hasPermission(TerminalInfo tm, Long personId, Long identityId, IdentityType identityType, - Long workspaceId, Long ouId, - String featureCode, Integer workspaceType, List workspaceJoinTypes); - - List listFeatureCode(BaseAuthorizationReq req); - - /** - * 把tree按指定menuType获取Feature - * @param saasFeatureTree - * @return - */ - Map> groupByMenuType(List saasFeatureTree,Integer maxDepth); - - boolean checkFeatureAvailableForWorkspace(Long workspaceId, String featureCode); - - List getProductIdsOfWorkspace(Long workspaceId); -} diff --git a/tyr-server/src/main/java/cn/axzo/tyr/server/service/SaasRoleService.java b/tyr-server/src/main/java/cn/axzo/tyr/server/service/SaasRoleService.java deleted file mode 100644 index acb23be9..00000000 --- a/tyr-server/src/main/java/cn/axzo/tyr/server/service/SaasRoleService.java +++ /dev/null @@ -1,76 +0,0 @@ -package cn.axzo.tyr.server.service; - -import cn.axzo.basics.common.constant.enums.OrganizationalUnitTypeEnum; -import cn.axzo.tyr.client.model.permission.SaasRoleBO; -import cn.axzo.tyr.client.model.permission.SaasRoleDTO; -import cn.axzo.tyr.client.model.permission.SaasRoleExBO; -import cn.axzo.tyr.client.model.permission.SaasRoleExReq; -import cn.axzo.tyr.server.repository.entity.SaasRole; - -import java.util.List; - -/** - * saas-角色(SaasRole)表服务接口 - * - * @author makejava - * @since 2022-05-24 11:18:41 - */ -public interface SaasRoleService { - - /** - * 创建: - * 创建角色 - * input : 角色名称、角色类型、角色所属单位id、角色所属于工作台id、角色所属于工作台类型; - * output: (created entity) - * - * @return - */ - SaasRole create(SaasRoleDTO req); - - /** - * 更新角色 - * - * @return - */ - Boolean update(SaasRoleDTO resRoleDTO); - - /** - * 根据主键id 查询实体 - * - * @param roleId - * @return - */ - SaasRoleBO getById(Long roleId); - - /** - * 根据 id 集合查询 实体集合 - * - * @param roleIds - * @return - */ - List listByIds(List roleIds); - - List listRoleExByParams(SaasRoleExReq req); - - /** - * 通过角色名获取角色id - * - * @param roleName 角色名 - * @param positionTypeId 模板id - * @param workspaceId 项目id - * @param ownerOuId 所属单位ID - * @return 角色id - */ - Long getRoleId(String roleName, Long positionTypeId, Long workspaceId, Long ownerOuId); - - /** - * 获取单位在工作台类型 - */ - int getOrganizationalUnitBitValue(Long workspaceId, Long ouId); - - /** - * 获取单位在工作台类型 - */ - int getOrganizationalUnitBitValue(Long workspaceId, Long ouId, OrganizationalUnitTypeEnum byType); -} - diff --git a/tyr-server/src/main/java/cn/axzo/tyr/server/service/impl/ContextAwareBaseService.java b/tyr-server/src/main/java/cn/axzo/tyr/server/service/impl/ContextAwareBaseService.java deleted file mode 100644 index 639e1b4a..00000000 --- a/tyr-server/src/main/java/cn/axzo/tyr/server/service/impl/ContextAwareBaseService.java +++ /dev/null @@ -1,52 +0,0 @@ -package cn.axzo.tyr.server.service.impl; - -import cn.axzo.basics.profiles.common.enums.IdentityType; -import cn.axzo.basics.profiles.dto.basic.IdentityProfileDto; -import cn.axzo.framework.auth.domain.ContextInfo; -import cn.axzo.framework.auth.domain.ContextInfoHolder; -import lombok.extern.slf4j.Slf4j; - -@Slf4j -public abstract class ContextAwareBaseService { - -// @Autowired -// IdentityProfileService identityProfileService; - - -// @Autowired -// OrganizationalUnitService organizationalUnitService; - - protected void checkWorkspace(Long workspaceId) { - ContextInfo contextInfo = ContextInfoHolder.get(); -// if (null != contextInfo) { -// if (!NumUtil.equals(contextInfo.getWorkspaceId(), workspaceId)) { -// String msg = String.format("输入的工作台与当前Context工作台不一致, contextInfo.workspace=%d, params.workspaceId=%d", -// contextInfo.getWorkspaceId(), workspaceId); -// log.error(msg); -// // 以后稍微稳定一些了再抛异常吧。 -// // throw new ServiceException(msg); -// } -// } - - } - - protected IdentityProfileDto checkIdentity(Long identityId, IdentityType identityType) { -// if(identityId == null || NumUtil.equals(identityId, 0L)) -// throw new ServiceException("身份错误"); -// -// if (identityType == null) - return null; - -// Optional profile = identityProfileService.findIdentityProfile(identityId, identityType); -// if (!profile.isPresent()) -// throw new ServiceException(String.format("找不到相关身份ID=%d的信息", identityId)); -// return profile.get(); - } - -// protected OrganizationalUnitBO checkAndReturnOU(Long ouId) { -// if(NumUtil.isZero(ouId)) -// throw new ServiceException("单位为空"); -// return organizationalUnitService.getUnit(ouId); -// } - -} diff --git a/tyr-server/src/main/java/cn/axzo/tyr/server/service/impl/SaasAuthServiceImpl.java b/tyr-server/src/main/java/cn/axzo/tyr/server/service/impl/SaasAuthServiceImpl.java deleted file mode 100644 index 49c79095..00000000 --- a/tyr-server/src/main/java/cn/axzo/tyr/server/service/impl/SaasAuthServiceImpl.java +++ /dev/null @@ -1,299 +0,0 @@ -package cn.axzo.tyr.server.service.impl; - -import cn.axzo.basics.common.util.NumberUtil; -import cn.axzo.basics.profiles.common.enums.IdentityType; -import cn.axzo.framework.auth.domain.TerminalInfo; -import cn.axzo.pudge.core.service.ServiceException; -import cn.axzo.thrones.client.saas.ServicePkgClient; -import cn.axzo.thrones.client.saas.entity.serivicepgkproduct.ServicePkgProduct; -import cn.axzo.tyr.client.feign.TyrSaasAuthApi; -import cn.axzo.tyr.client.model.permission.BaseAuthorizationReq; -import cn.axzo.tyr.client.model.permission.SaasFeatureTreeResp; -import cn.axzo.tyr.client.model.permission.SaasRoleBO; -import cn.axzo.tyr.client.model.req.IdentityAuthReq; -import cn.axzo.tyr.client.model.res.IdentityAuthRes; -import cn.axzo.tyr.server.service.SaasAuthService; -import cn.axzo.tyr.server.service.SaasFeatureService; -import cn.axzo.tyr.server.service.SaasRoleService; -import cn.axzo.tyr.server.service.SaasRoleUserRelationService; -import cn.azxo.framework.common.logger.MethodAroundLog; -import cn.azxo.framework.common.model.CommonResponse; -import cn.hutool.core.collection.CollectionUtil; -import cn.hutool.core.util.StrUtil; -import lombok.extern.slf4j.Slf4j; -import org.springframework.beans.factory.annotation.Autowired; -import org.springframework.beans.factory.annotation.Value; -import org.springframework.cloud.context.config.annotation.RefreshScope; -import org.springframework.stereotype.Service; - -import java.util.ArrayList; -import java.util.Arrays; -import java.util.Collections; -import java.util.HashMap; -import java.util.List; -import java.util.Map; -import java.util.Objects; -import java.util.stream.Collectors; - -/** - * 原本这个类名字叫AuthorizationService。 - * 但后来写着写着就发现,这个类高度依赖workspace。 - * 没有workspace的RBAC校验,如果也兼容在这个类里,逻辑就太复杂了,另行设计。 - * - * - * @author : liuchuntao - * @date : 2022/6/14 18:31 - * @description : 权限相关Service - */ -@Slf4j -@Service -@RefreshScope -public class SaasAuthServiceImpl implements SaasAuthService { - - @Autowired - private SaasFeatureService saasFeatureService; - - @Autowired - private SaasRoleService saasRoleService; - - @Autowired - private ServicePkgClient servicePkgClient; - - @Autowired - private SaasRoleUserRelationService saasRoleUserRelationService; - -// @Autowired -// private SaasPositionPlatPgRelationDao saasPositionPlatPgRelationDao; -// @Autowired -// private PlutoTeamServiceImpl plutoTeamService; - - @Value("${needAuthorize.nonWorkspace:true}") - private boolean nonWorkspaceAuth; - - - /** - * 身份Id 单位Id 工作台Id获取权限Code列表 :非超管 超管调用 - * {@link cn.axzo.basics.auth.service.SaasFeatureService#listCodeByProductIds(List)} - * - * @param req - * @return - */ - @Override - @MethodAroundLog(value = "获取产品对应的权限集") - public List listFeatureCode(BaseAuthorizationReq req) { - List productIds = getProductIdsOfWorkspace(req.getWorkspaceId()); -// -// boolean flag = this.saasRoleUserRelationService.isAnyAdmin(req.getIdentityId(), req.getIdentityType(), req.getWorkspaceId(), req.getOuId()); -// -// if (flag) { -// return saasFeatureService.listCodeByProductIdsAndTerminal(productIds, req.getTerminal()); -// } -// return saasFeatureService.listFeatureCode(req, productIds); - return null; - } - - - @Override - public List getProductIdsOfWorkspace(Long workspaceId) { -// List products = RpcUtil -// .common(servicePkgClient.listProductInWorkSpace(workspaceId)); -// if (CollectionUtil.isEmpty(products)) { -// log.warn("thrones:获取产品列表失败:workspaceId{}", workspaceId); -// throw new ServiceException("当前工作台未找到任何的产品"); -// } -// List productIds = products.stream().map(ServicePkgProduct::getProductId).collect(Collectors.toList()); -// return productIds; - return null; - } - - @Override - public Map> groupByMenuType(List saasFeatureTree, Integer maxDepth) { - HashMap> result = new HashMap<>(); - if (CollectionUtil.isEmpty(saasFeatureTree) || maxDepth <= 0) { - - return result; - } - for (SaasFeatureTreeResp featureTreeResp : saasFeatureTree) { - - List defaultLists = result.getOrDefault(featureTreeResp.getMenuType(), new ArrayList<>()); - if (defaultLists.isEmpty()) { - result.put(featureTreeResp.getMenuType(), defaultLists); - } - defaultLists.add(featureTreeResp); - Map> children = groupByMenuType(featureTreeResp.getChildren(), --maxDepth); - for (Integer childrenKey : children.keySet()) { - List childList = result.getOrDefault(childrenKey, new ArrayList<>()); - if (childList.isEmpty()) { - result.put(childrenKey, childList); - } - childList.addAll(children.get(childrenKey)); - - } - } - return result; - } - - @Override - public List getRoles(Long identityId, IdentityType identityType, Long workspaceId, - Long ouId) { -// SaasRoleQueryDTO dto = new SaasRoleQueryDTO(); -// dto.setOuId(ouId); -// dto.setWorkspaceId(workspaceId); -// dto.setIdentityId(identityId); -// dto.setIdentityType(identityType); -// List saasRoles = saasRoleService.listByIdentityAndSpaceIdAndOuId(dto); -// return saasRoles; - return null; - } - - - /** - * //check平台级的带班长/工人 - * - * @param identityId - * @param identityType - * @param featureCode - * @return - */ - private boolean hasWorkerPermission(Long identityId, IdentityType identityType, - String featureCode) { - //check平台级的带班长/工人 - if (!checkWorkerFeaturePass(identityId, identityType, featureCode)) { - return Boolean.FALSE; - } - return true; - } - - /** - * leader权限 - * - * @param identityId - * @param identityType - * @param featureCode - * @return - */ - @Override - public boolean hasLeaderPermission(Long identityId, IdentityType identityType, - String featureCode) { - //check平台级的班组长 - if (!checkLeaderFeaturePass(identityId, identityType, featureCode)) { - return Boolean.FALSE; - } - return true; - } - - @Override - public boolean hasSaasPermissionIgnoreWorkspace(Long identityId, IdentityType identityType, String featureCode) { -// return saasRoleUserRelationService.hasSaasPermissionIgnoreWorkspace(identityId, identityType, featureCode); - return false; - } - - /** - * TODO: @gaowei,用cache、内存把整个权限服务包住 - *

- * 验证指定人是否拥有权限 true为有权限 - * - * @param tm - * @param identityId 身份id - * @param workspaceId 工作台id - * @param ouId 单位id - * @param featureCode 权限码 - * @param workspaceType - * @param workspaceJoinTypes - * @return - */ - @Override - public Boolean hasPermission(TerminalInfo tm, Long personId, Long identityId, IdentityType identityType, - Long workspaceId, Long ouId, String featureCode, Integer workspaceType, List workspaceJoinTypes) { - if (StrUtil.isBlank(featureCode)) { - throw new ServiceException("非法请求,缺少FeatureCode参数"); - } - //log.info("权限校验快速放过 - 先支持测试,同步修。 identityId={}, workspaceId={}, ouId={}, featureCode={}", - // identityId, workspaceId, ouId, featureCode); - //check平台级的带班长/工人 - if (identityType == IdentityType.WORKER) { - return hasWorkerPermission(identityId, identityType, featureCode); - } - //check班组长 - if (identityType == IdentityType.WORKER_LEADER) { - return hasLeaderPermission(identityId, identityType, featureCode); - } - - // 非工作台内直接放行 - if (!NumberUtil.isPositiveNumber(workspaceId) && nonWorkspaceAuth) { - return true; - } - -// IdentityAuthRes result = RpcUtil.apiResult(tyrSaasAuthApi.findIdentityAuth(IdentityAuthReq.builder() -// .personId(personId) -// .featureCode(CollectionUtil.newHashSet(featureCode)) -// .workspaceOusPairs(Collections.singletonList(IdentityAuthReq.WorkspaceOuPair.builder() -// .workspaceId(workspaceId) -// .ouId(ouId) -// .build())) -// .build())); -// -// if (null == result) { - return false; -// } -// List permissions = result.getPermissions(); -// List permissionPoints = permissions.stream().filter(e -> Objects.equals(e.getWorkspaceId(), workspaceId) && Objects.equals(e.getOuId(), ouId)).map(IdentityAuthRes.WorkspacePermission::getPermissionPoint).flatMap(List::stream).collect(Collectors.toList()); -// return CollectionUtil.isNotEmpty(result.getPermissions()) && permissionPoints.stream().anyMatch(e -> Objects.equals(e.getFeatureCode(), featureCode)); - } - - private boolean checkLeaderFeaturePass(Long identityId, IdentityType identityType, - String featureCode) { -// return saasFeatureService.checkCodeAndTerminalPass(featureCode, -// Arrays.asList(TerminalInfo.NT_CM_APP_CM_LEADER)); - return false; - } - - /** - * 校验带班长/工人权限通过 - * - * @param identityId - * @param identityType - * @param featureCode - * @return - */ - private boolean checkWorkerFeaturePass(Long identityId, IdentityType identityType, - String featureCode) { -// if (saasPositionPlatPgRelationDao.needCheckFeaturePosition(featureCode)) { -// Long currentTeamOuId = plutoTeamService.getCurrentTeamOuId(identityId, identityType); -// if (!NumberUtil.isPositiveNumber(currentTeamOuId)) { -// return false; -// } -// -// // 平台级代班长code校验 -// if (!saasPositionPlatPgRelationDao.checkFeaturePosition(identityId, identityType, -// currentTeamOuId, featureCode)){ -// // 项目内代班长校验 ,没有进行workspaceId的判断因为目前业务上会进行判断,所以这边只要校验他在任意一个项目部里面有权限就可 -// return hasSaasPermissionIgnoreWorkspace(identityId, identityType, featureCode); -// } - return true; -// } -// -// return saasFeatureService.checkCodeAndTerminalPass(featureCode, -// Arrays.asList(TerminalInfo.NT_CM_APP_CM_WORKER, TerminalInfo.NT_CM_APP_CM_LEADER)); - } - - @Override - public boolean checkFeatureAvailableForWorkspace(Long workspaceId, String featureCode) { -// CommonResponse> rsp = this.servicePkgClient.listProductInWorkSpace(workspaceId); -// if (rsp.getCode() != 200) -// throw new ServiceException("获取workspace相关服务包信息失败:" + rsp.getMsg()); -// -// List list = rsp.getData(); -// if (list == null || list.isEmpty()) { -// log.warn("获取workspace相关服务包信息成功,但内容为空。workspaceId={}", workspaceId); -// return false; -// } -// -// List pkgIds = list.stream().map(ServicePkgProduct::getProductId).collect(Collectors.toList()); -// -// if (this.saasFeatureService.checkFeatureInProductModule(featureCode, pkgIds)) -// return true; - - return false; - } -} diff --git a/tyr-server/src/main/java/cn/axzo/tyr/server/service/impl/SaasRoleServiceImpl.java b/tyr-server/src/main/java/cn/axzo/tyr/server/service/impl/SaasRoleServiceImpl.java deleted file mode 100644 index cfd0d550..00000000 --- a/tyr-server/src/main/java/cn/axzo/tyr/server/service/impl/SaasRoleServiceImpl.java +++ /dev/null @@ -1,291 +0,0 @@ -package cn.axzo.tyr.server.service.impl; - -import cn.axzo.apollo.core.utils.ResultUtil; -import cn.axzo.apollo.workspace.api.workspace.ParticipatingUnitApi; -import cn.axzo.apollo.workspace.api.workspace.WorkspaceApi; -import cn.axzo.apollo.workspace.api.workspace.res.GetDetailRes; -import cn.axzo.basics.auth.enums.RoleType; -import cn.axzo.basics.common.BeanMapper; -import cn.axzo.basics.common.constant.enums.OrganizationalUnitTypeEnum; -import cn.axzo.basics.common.constant.enums.TableIsDeleteEnum; -import cn.axzo.basics.common.util.AssertUtil; -import cn.axzo.basics.common.util.NumberUtil; -import cn.axzo.pudge.core.service.ServiceException; -import cn.axzo.tyr.client.model.permission.SaasRoleBO; -import cn.axzo.tyr.client.model.permission.SaasRoleDTO; -import cn.axzo.tyr.client.model.permission.SaasRoleExBO; -import cn.axzo.tyr.client.model.permission.SaasRoleExReq; -import cn.axzo.tyr.server.repository.dao.SaasPgroupRoleRelationDao; -import cn.axzo.tyr.server.repository.dao.SaasRoleDao; -import cn.axzo.tyr.server.repository.entity.SaasRole; -import cn.axzo.tyr.server.service.SaasRoleService; -import lombok.extern.slf4j.Slf4j; -import org.springframework.beans.factory.annotation.Autowired; -import org.springframework.stereotype.Service; -import org.springframework.transaction.annotation.Transactional; -import org.springframework.util.StringUtils; - -import javax.annotation.Resource; -import java.util.ArrayList; -import java.util.Date; -import java.util.List; -import java.util.Objects; - -/** - * @author cn - * @version 1.0 - * @description - * @date 2022/5/24 14:02 - */ -@Slf4j -@Service -public class SaasRoleServiceImpl extends ContextAwareBaseService implements SaasRoleService { - @Autowired - private WorkspaceApi workspaceApi; - @Resource - private SaasRoleDao saasRoleDao; - @Resource - private SaasPgroupRoleRelationDao saasPgroupRoleRelationDao; - @Autowired - private ParticipatingUnitApi participatingUnitApi; - - private void checkRoleName(Long roleId, String name, Long workspaceId, Long ouId) { - List saasRoles = saasRoleDao.listCommonRoleByNameAndWorkspaceIdAndOuId(name, - workspaceId, ouId); - if (NumberUtil.isPositiveNumber(roleId)) { - if (saasRoles.stream().anyMatch(e -> !Objects.equals(e.getId(), roleId))) { - AssertUtil.fail("已存在相同的角色名称,请更换角色名称"); - } - } else { - AssertUtil.isEmpty(saasRoles, "已存在相同的角色名称,请更换角色名称"); - } - } - - @Override - public SaasRole create(SaasRoleDTO req) { - /** - * 1. 检查角色名是否重复 - * 2. 保存新的角色 - * 3. 保存角色权限集关联表 - */ - SaasRole role = new SaasRole(); - role.setDescription(req.getDescription()); - role.setName(req.getName()); - checkRoleName(req.getId(), req.getName(), req.getWorkspaceId(), req.getOwnerOuId()); - role.setWorkspaceId(req.getWorkspaceId()); - // 单位id - role.setOwnerOuId(req.getOwnerOuId()); - if (NumberUtil.isPositiveNumber(req.getOwnerOuId())) { - // 查询参见单位表数据 -// List participatingUnitResList = RpcUtil.common( -// participatingUnitApi.getList(ParticipatingUnitReq.builder().workspaceId(req.getWorkspaceId()).level(req.getWorkspaceType()).build())); -// if(!CollectionUtils.isEmpty(participatingUnitResList)){ -// // 总包设置单位类型为65535 -// if(req.getWorkspaceType() == WorkspaceTypeEnum.GENERAL_ENT.value){ -// role.setFitOuTypeBit(65535L); -// }else{ -// // 单位加入工作台时的类型 -// role.setFitOuTypeByValues(Lists.newArrayList(participatingUnitResList.get(0).getUnitRoleType())); -// } -// } - } - role.setRoleType( - StringUtils.isEmpty(req.getRoleType()) ? RoleType.COMMON.getValue() : req.getRoleType()); - Integer workSpaceType=req.getWorkspaceType(); - if (!NumberUtil.isPositiveNumber(req.getWorkspaceType())) { - log.info("创建角色,请求apollo开始:{}", req); - GetDetailRes workspaceResult = ResultUtil.getWorkspaceResult(() -> workspaceApi.getById(req.getWorkspaceId())); - AssertUtil.notNull(workspaceResult, "创建失败,所属工作台信息获取失败"); - log.info("创建角色,请求apollo结束:{}", workspaceResult); - workSpaceType = workspaceResult.getWorkspaceType(); - } -// WorkspaceTypeWithLegacyEnum workspaceTypeWithLegacyEnum = WorkspaceTypeWithLegacyEnum.getByCode(workSpaceType); -// AssertUtil.notNull(workspaceTypeWithLegacyEnum, "所属工作台类型不匹配,创建角色失败"); -// role.setWorkspaceType(workspaceTypeWithLegacyEnum); -// role.setIsDelete(0L); -// role.setPositionTemplateId(req.getPositionTemplateId()); -// saasRoleDao.save(role); -// -// if (CollUtil.isNotEmpty(req.getGroupIds())) { -// List relations = new ArrayList<>(); -// req.getGroupIds().forEach(k -> { -// SaasPgroupRoleRelation relation = new SaasPgroupRoleRelation(); -// relation.setRoleId(role.getId()); -// relation.setGroupId(k); -// relations.add(relation); -// }); -// saasPgroupRoleRelationDao.saveBatch(relations); -// } - - return role; - } - - @Override - @Transactional(rollbackFor = Exception.class) - public Boolean update(SaasRoleDTO resRoleDTO) { - if (resRoleDTO.getId() == null || resRoleDTO.getId() == 0) { - throw new ServiceException("未获取到角色Id"); - } - SaasRole oldRole = saasRoleDao.getById(resRoleDTO.getId()); - - if (oldRole == null || oldRole.getIsDelete() != 0) { - throw new ServiceException("对应角色已删除,不能进行更新处理"); - } - checkRoleName(oldRole.getId(), resRoleDTO.getName(), resRoleDTO.getWorkspaceId(), - resRoleDTO.getOwnerOuId()); - // 更新角色 - oldRole.setName(resRoleDTO.getName()); - oldRole.setDescription(resRoleDTO.getDescription()); - oldRole.setRoleType(resRoleDTO.getRoleType()); - oldRole.setIsDelete(TableIsDeleteEnum.NORMAL.value); - oldRole.setUpdateAt(new Date()); - saasRoleDao.updateById(oldRole); - -// // 更新角色权限集对应关系 -// // 获取角色对应权限集 -// List roleRelations = saasPgroupRoleRelationDao.listByRoleId(resRoleDTO.getId()); -// List oldGroupIds = roleRelations.stream().map(SaasPgroupRoleRelation::getGroupId) -// .collect(Collectors.toList()); -// // 获取交集 -// List innerArr = oldGroupIds.stream().filter(item -> resRoleDTO.getGroupIds().contains(item)) -// .collect(Collectors.toList()); -// // 删除多余老数据 -// oldGroupIds.removeAll(innerArr); -// saasPgroupRoleRelationDao.deleteByGroupIdsAndRoleId(oldGroupIds, oldRole.getId()); -// // 更新新加数据 -// List newGroupIds = resRoleDTO.getGroupIds(); -// newGroupIds.removeAll(innerArr); -// List relations = new ArrayList<>(); -// newGroupIds.stream().forEach(k -> { -// SaasPgroupRoleRelation relation = new SaasPgroupRoleRelation(); -// relation.setRoleId(oldRole.getId()); -// relation.setGroupId(k); -// relations.add(relation); -// }); -// if (!CollectionUtils.isEmpty(relations)) { -// saasPgroupRoleRelationDao.saveBatch(relations); -// } - - return true; - } - - @Override - public SaasRoleBO getById(Long roleId) { - SaasRole saasRole = saasRoleDao.getById(roleId); - return BeanMapper.copyBean(saasRole, SaasRoleBO.class); - } - - @Override - public List listByIds(List roleIds) { - List saasRoles = saasRoleDao.lambdaQuery().in(SaasRole::getId, roleIds) - .eq(SaasRole::getIsDelete, TableIsDeleteEnum.NORMAL.value).list(); - - return saasRoles; - } - - @Override - public List listRoleExByParams(SaasRoleExReq req) { -// List list = this.saasRoleDao.listPermissionGroupExByParams(req); -// -// Map> map = list.stream().collect(Collectors.groupingBy(SaasPermissionGroupExBO::getRoleId)); - - List roleList = new ArrayList<>(); - -// for(Entry> entry : map.entrySet()) { -// SaasRoleExBO role = new SaasRoleExBO(); -// BeanUtil.copyProperties(entry.getValue().get(0), role, true); -// roleList.add(role); -// -// role.setPermissionGroupList(entry.getValue().stream().map(gx -> { -// SaasPermissionGroupBO g = new SaasPermissionGroupBO(); -// BeanUtil.copyProperties(gx, g, true); -// return g; -// }).collect(Collectors.toList())); -// } - - return roleList; - } - - @Override - public Long getRoleId(String roleName, Long positionTypeId, Long workspaceId, Long ownerOuId) { -// List saasRoles = saasRoleDao.listCommonRoleIdByNameAndPositionTypeIdAndWorkspaceIdAndOuId(roleName, -// positionTypeId, workspaceId, ownerOuId); -// if (CollectionUtils.isEmpty(saasRoles)) { - return null; -// } -// return saasRoles.get(saasRoles.size() - 1).getId(); - } - - public List checkAndListRole(Long workspaceId, Long ouId) { - int OrganizationalUnitBitValue = getOrganizationalUnitBitValue(workspaceId, ouId); -// return saasRoleDao.listByWorkspaceIdAndFitOutType(workspaceId, OrganizationalUnitBitValue); - return null; - } - - /** - * 获取单位bit类型 - */ - @Override - public int getOrganizationalUnitBitValue(Long workspaceId, Long ouId) { - -// OrganizationalUnitBO unit = organizationalUnitService.getUnit(ouId); -// AssertUtil.isTrue(unit != null, "未找到此单位"); - -// int OrganizationalUnitBitValue = 0; -// // 获取工作台类型 -// GetDetailRes workspaceResult = ResultUtil.getWorkspaceResult(() -> workspaceApi.getById(workspaceId)); -// if(workspaceResult == null){ -// throw new ServiceException("工作台不存在"); -// } -// // 只有项目工作台查询需要使用进入工作台的单位类型查询 -// if(Objects.equals(workspaceResult.getWorkspaceType(), WorkspaceTypeWithLegacyEnum.PROJ_SPACE.getCode())){ -// ParticipatingUnitRes participatingUnitRes = RpcUtil.common(participatingUnitApi.getOne(ParticipatingUnitReq.builder() -// .levels(Collections.singletonList(WorkspaceTypeWithLegacyEnum.PROJ_SPACE.getCode())) -// .workspaceId(workspaceId) -// .organizationUnitId(ouId) -// .build())); -// if(participatingUnitRes == null){ -// throw new ServiceException("未找到参建单位信息"); -// } -// OrganizationalUnitBitValue = OrganizationalUnitTypeEnum.getByType(participatingUnitRes.getUnitRoleType()).getBitValue(); -// } -// return OrganizationalUnitBitValue; - - return 0; - } - - /** - * 获取单位在工作台类型 - */ - @Override - public int getOrganizationalUnitBitValue(Long workspaceId, Long ouId, OrganizationalUnitTypeEnum byType) { - int OrganizationalUnitTypeBitValue = 0; - -// OrganizationalUnitBO unit = organizationalUnitService.getUnit(ouId); -// AssertUtil.isTrue(unit != null, "未找到此单位"); -// -// // 获取工作台类型 -// GetDetailRes workspaceResult = ResultUtil.getWorkspaceResult(() -> workspaceApi.getById(workspaceId)); -// if (workspaceResult == null) { -// throw new ServiceException("工作台不存在"); -// } -// // 只有项目工作台查询需要使用进入工作台的单位类型查询 -// if (Objects.equals(workspaceResult.getWorkspaceType(), WorkspaceTypeWithLegacyEnum.PROJ_SPACE.getCode())) { -// if(byType == null){ -// ParticipatingUnitRes participatingUnitRes = RpcUtil.common(participatingUnitApi.getOne(ParticipatingUnitReq.builder() -// .levels(Collections.singletonList(WorkspaceTypeWithLegacyEnum.PROJ_SPACE.getCode())) -// .workspaceId(workspaceId) -// .organizationUnitId(ouId) -// .build())); -// if (participatingUnitRes == null) { -// throw new ServiceException("未找到参建单位信息"); -// } -// OrganizationalUnitTypeBitValue = OrganizationalUnitTypeEnum.getByType(participatingUnitRes.getUnitRoleType()).getBitValue(); -// }else{ -// OrganizationalUnitTypeBitValue = byType.getBitValue(); -// } -// } - return OrganizationalUnitTypeBitValue; - } - -}