wangli/tyr
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

feat:(feature/REQ-3010) 迁移pudge 权限相关接口

Browse Source
This commit is contained in:
lilong 2024-10-09 20:04:12 +08:00
parent 63f339ef4a
commit a995ae4fef
13 changed files with 323 additions and 1040 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

45
tyr-api/src/main/java/cn/axzo/tyr/client/model/enums/SaasJobTypeEnum.java
View File

@ -1,45 +0,0 @@
package cn.axzo.tyr.client.model.enums;
import com.baomidou.mybatisplus.annotation.EnumValue;
import com.fasterxml.jackson.annotation.JsonCreator;
import com.fasterxml.jackson.annotation.JsonValue;
import lombok.Getter;
import lombok.RequiredArgsConstructor;
import java.util.Arrays;
/**
* @author tanjie@axzo.cn
* @date 2022/10/10 10:50
*/
@Getter
@RequiredArgsConstructor
public enum SaasJobTypeEnum {
//主岗
MASTER_JOB(1,"岗位"),
//兼岗
SLAVE_JOB(2,"协助岗位");
@EnumValue
@JsonValue
private Integer value;
private String desc;
SaasJobTypeEnum(Integer value, String desc) {
this.value = value;
this.desc = desc;
}
@JsonCreator(mode = JsonCreator.Mode.DELEGATING)
public static SaasJobTypeEnum create(Integer value){
return match(value);
}
public static SaasJobTypeEnum match(Integer saasJobType) {
return Arrays.stream(values()).filter(e -> e.getValue().equals(saasJobType)).findFirst().get();
}
public boolean isMaster() {
return value.equals(MASTER_JOB.getValue());
}
}

42
tyr-api/src/main/java/cn/axzo/tyr/client/model/permission/AccountUserReq.java
View File

@ -1,42 +0,0 @@
package cn.axzo.tyr.client.model.permission;
import lombok.Data;
import javax.validation.constraints.NotNull;
/**
* @author : liuchuntao
* @date : 2022/5/11 10:56
* @description : 创建账户Req
*/
@Data
public class AccountUserReq {
/**
* 手机号
*/
@NotNull(message = "手机号不能为空")
private String phone;
private String realName;
/**
* 昵称历史数据里是真实姓名未来可以给用户自己定义
*/
private String nickname;
/**
* 自然人Id
*/
private Long naturalPersonId;
/**
* 创建账号的类型目前只有在运营人员场景使用
* 0.从业人员
* 1.运营人员
* 3.监管人员
*/
private Integer type=0;
}

165
tyr-api/src/main/java/cn/axzo/tyr/client/model/permission/SaasRoleFits.java Normal file
View File

@ -0,0 +1,165 @@
package cn.axzo.tyr.client.model.permission;
import cn.axzo.basics.common.constant.enums.OrganizationalNodeTypeEnum;
import cn.axzo.basics.common.constant.enums.OrganizationalUnitTypeEnum;
import java.util.ArrayList;
import java.util.Collections;
import java.util.HashMap;
import java.util.List;
import java.util.Map;
import java.util.Map.Entry;
import java.util.Set;
import java.util.stream.Collectors;
public class SaasRoleFits {
private static Map<Long, OrganizationalUnitTypeEnum> ouTypeMap = new HashMap<>();
private static Map<Integer, Long> ouTypeValueToBitMap = new HashMap<>();
static {
ouTypeMap.put(1L, OrganizationalUnitTypeEnum.PRIMARY_CONTRACTING_UNIT); //总包
ouTypeMap.put(2L, OrganizationalUnitTypeEnum.CONSTRUCTION_UNIT); //建设单位
ouTypeMap.put(4L, OrganizationalUnitTypeEnum.SUPERVISION_UNIT); //监理单位
ouTypeMap.put(8L, OrganizationalUnitTypeEnum.LABOR_SUBCONTRACTING); //劳务分包
ouTypeMap.put(16L, OrganizationalUnitTypeEnum.PROFESSIONAL_SUBCONTRACTING); //专业分包
ouTypeMap.put(32L, OrganizationalUnitTypeEnum.PROJECT_OUT_TEAM); //平台班组
ouTypeMap.put(64L, OrganizationalUnitTypeEnum.AXZ_PLATFORM); //安心筑平台
for(Entry<Long, OrganizationalUnitTypeEnum> e : ouTypeMap.entrySet())
ouTypeValueToBitMap.put(e.getValue().getValue(), e.getKey());
}
static Map<Long, OrganizationalNodeTypeEnum> ouNodeTypeMap = new HashMap<>();
private static Map<Integer, Long> ouNodeTypeValueToBitMap = new HashMap<>();
static {
ouNodeTypeMap.put(1L, OrganizationalNodeTypeEnum.DEPARTMENT); // 部门
ouNodeTypeMap.put(2L, OrganizationalNodeTypeEnum.TEAM); // 团队
ouNodeTypeMap.put(3L, OrganizationalNodeTypeEnum.GROUP); // 小组
ouNodeTypeMap.put(4L, OrganizationalNodeTypeEnum.PROJECT_TEAM); // 项目内班组
ouNodeTypeMap.put(5L, OrganizationalNodeTypeEnum.PROJECT_GROUP); // 项目内小组
for(Entry<Long, OrganizationalNodeTypeEnum> e : ouNodeTypeMap.entrySet())
ouNodeTypeValueToBitMap.put(e.getValue().getValue(), e.getKey());
}
public static List<OrganizationalUnitTypeEnum> splitToFitOuTypeEnums(Long fitOuType) {
if(isZero(fitOuType))
return ouTypeMap.values().stream().collect(Collectors.toList());
List<OrganizationalUnitTypeEnum> list = toListByCheckBit(fitOuType, ouTypeMap);
return list;
}
public static List<Integer> splitToFitOuTypeValues(Long fitOuType) {
if(isZero(fitOuType))
return ouTypeMap.values().stream().map(e -> e.getValue()).collect(Collectors.toList());
List<OrganizationalUnitTypeEnum> list = toListByCheckBit(fitOuType, ouTypeMap);
return list.stream().map(t -> t.getValue()).collect(Collectors.toList());
}
public static List<Integer> splitToFitOuNodeTypeValues(Long fitOuNodeType) {
if(isZero(fitOuNodeType))
return ouNodeTypeMap.values().stream().map(e -> e.getValue()).collect(Collectors.toList());
List<OrganizationalNodeTypeEnum> list = toListByCheckBit(fitOuNodeType, ouNodeTypeMap);
return list.stream().map(t -> t.getValue()).collect(Collectors.toList());
}
public static List<OrganizationalNodeTypeEnum> splitToFitOuNodeTypeEnums(Long fitOuNodeType) {
if(isZero(fitOuNodeType))
return ouNodeTypeMap.values().stream().collect(Collectors.toList());
List<OrganizationalNodeTypeEnum> list = toListByCheckBit(fitOuNodeType, ouNodeTypeMap);
return list;
}
public static Long concatFitOuTypeByList(List<OrganizationalUnitTypeEnum> fitOuTypeList) {
if(fitOuTypeList == null || fitOuTypeList.size() == 0)
return 0L;
Set<OrganizationalUnitTypeEnum> set = fitOuTypeList.stream().collect(Collectors.toSet());
Long result = 0L;
for(OrganizationalUnitTypeEnum type : set) {
result += ouTypeValueToBitMap.get(type.getValue());
}
return result;
}
public static Long concatFitOuNodeTypeByList(List<OrganizationalNodeTypeEnum> fitOuNodeTypeList) {
if(fitOuNodeTypeList == null || fitOuNodeTypeList.size() == 0)
return 0L;
Set<OrganizationalNodeTypeEnum> set = fitOuNodeTypeList.stream().collect(Collectors.toSet());
Long result = 0L;
for(OrganizationalNodeTypeEnum type : set) {
result += ouNodeTypeValueToBitMap.get(type.getValue());
}
return result;
}
public static Long concatFitOuTypeByValues(List<Integer> fitOuTypeList) {
if(fitOuTypeList == null || fitOuTypeList.size() == 0)
return 0L;
Set<Integer> set = fitOuTypeList.stream().collect(Collectors.toSet());
Long result = 0L;
for(Integer type : set) {
result += ouTypeValueToBitMap.get(type);
}
return result;
}
public static Long concatFitOuNodeTypeByValues(List<Integer> fitOuNodeTypeList) {
if(fitOuNodeTypeList == null || fitOuNodeTypeList.size() == 0)
return 0L;
Set<Integer> set = fitOuNodeTypeList.stream().collect(Collectors.toSet());
Long result = 0L;
for(Integer type : set) {
result += ouNodeTypeValueToBitMap.get(type);
}
return result;
}
public static boolean isFitOuType(Long fitOuTypeBit, Integer ouType) {
if(fitOuTypeBit == 0 || fitOuTypeBit == null)
return true;
Long bit = ouTypeValueToBitMap.get(ouType);
long result = bit & fitOuTypeBit;
return result > 0;
}
public static boolean isFitOuNodeType(Long fitOuNodeTypeBit, Integer ouNodeType) {
if(fitOuNodeTypeBit == 0 || fitOuNodeTypeBit == null)
return true;
Long bit = ouNodeTypeValueToBitMap.get(ouNodeType);
long result = bit & fitOuNodeTypeBit;
return result > 0;
}
///以下是工具函数
private static boolean isZero(Long l) {
if(l == null)
return true;
if(l == 0L)
return true;
return false;
}
private static <T> List<T> toListByCheckBit(Long fitOuType, Map<Long, T> map) {
if(fitOuType == null || fitOuType == 0L)
return Collections.emptyList();
List<T> list = new ArrayList<>();
for(Long key : map.keySet()) {
long result = fitOuType & key;
if(result > 0L) {
list.add(map.get(key));
}
}
return list;
}
public static void main(String[] args) {
List<Integer> list = SaasRoleFits.splitToFitOuTypeValues(1+2+4L);
System.out.println(list);
Long value = SaasRoleFits.concatFitOuNodeTypeByValues(list);
System.out.println(value);
}
}

46
tyr-api/src/main/java/cn/axzo/tyr/client/model/permission/WorkspaceUpdateUserRoleDTO.java
View File

@ -1,46 +0,0 @@
package cn.axzo.tyr.client.model.permission;
import cn.axzo.basics.profiles.common.enums.IdentityType;
import cn.axzo.tyr.client.model.enums.SaasJobTypeEnum;
import lombok.AllArgsConstructor;
import lombok.Builder;
import lombok.Data;
import lombok.NoArgsConstructor;
import java.util.List;
@Builder
@Data
@NoArgsConstructor
@AllArgsConstructor
public class WorkspaceUpdateUserRoleDTO {
/**
* 工作台id与context校验
*/
private Long workspaceId;
/**
* 单位id : 必填
*/
private Long ouId;
/**
* 被赋予角色的人的身份id
*/
private Long identityId;
/**
* 被赋予角色的人的身份类型
*/
private IdentityType identityType;
/**
* 完整的update之前的所有RoleId都被更新
*/
private List<Long> updateRoleIds;
private SaasJobTypeEnum jobType = SaasJobTypeEnum.SLAVE_JOB;
}

12
tyr-server/pom.xml
View File

@ -100,6 +100,12 @@
<dependency>
<groupId>cn.axzo.maokai</groupId>
<artifactId>maokai-api</artifactId>
<exclusions>
<exclusion>
<groupId>cn.axzo.basics</groupId>
<artifactId>basics-auth-api</artifactId>
</exclusion>
</exclusions>
</dependency>
<dependency>
@ -144,6 +150,12 @@
<artifactId>alibaba-dingtalk-service-sdk</artifactId>
<version>2.0.0</version>
</dependency>
<dependency>
<groupId>cn.axzo.braum</groupId>
<artifactId>braum-api</artifactId>
<version>1.0.0-SNAPSHOT</version>
</dependency>
</dependencies>
<build>
<plugins>

23
tyr-server/src/main/java/cn/axzo/tyr/server/controller/permission/SaasAuthApiImpl.java
View File

@ -1,6 +1,9 @@
package cn.axzo.tyr.server.controller.permission;
import cn.axzo.basics.common.BeanMapper;
import cn.axzo.basics.common.util.AssertUtil;
import cn.axzo.basics.profiles.api.IdentityProfileApi;
import cn.axzo.basics.profiles.api.vo.request.FindIdentityProfileReq;
import cn.axzo.basics.profiles.common.enums.IdentityType;
import cn.axzo.basics.profiles.dto.basic.IdentityProfileDto;
import cn.axzo.tyr.client.feign.SaasAuthApi;
@ -10,6 +13,7 @@ import cn.axzo.tyr.client.model.permission.IdentityKey;
import cn.axzo.tyr.client.model.permission.QueryIdentityByPermissionDTO;
import cn.axzo.tyr.client.model.permission.QueryIdentityByPermissionReq;
import cn.axzo.tyr.server.service.SaasRoleUserRelationService;
import cn.axzo.tyr.server.util.RpcInternalUtil;
import cn.azxo.framework.common.model.CommonResponse;
import cn.hutool.core.collection.CollectionUtil;
import com.google.common.collect.Lists;
@ -26,7 +30,7 @@ import java.util.stream.Collectors;
public class SaasAuthApiImpl implements SaasAuthApi {
private final SaasRoleUserRelationService relationService;
// private final IdentityProfileService identityProfileService;
private final IdentityProfileApi identityProfileApi;
private static final String SPLIT = "|";
@ -54,13 +58,16 @@ public class SaasAuthApiImpl implements SaasAuthApi {
private IdentityProfileDto getSuperAdmin(Long identityId, IdentityType identityType, Long workspaceId, Long ouId) {
IdentityProfileDto saasAccount = null;
boolean superAdmin = relationService.isSuperAdmin(identityId, identityType, workspaceId, ouId);
// if (superAdmin) {
// Optional<IdentityProfileDto> identityProfile = identityProfileService.findIdentityProfile(identityId, identityType);
// if (!identityProfile.isPresent()) {
// AssertUtil.fail("未找到自然人信息");
// }
// saasAccount = identityProfile.get();
// }
if (superAdmin) {
IdentityProfileDto identityProfile = RpcInternalUtil.checkAndGetData(identityProfileApi.findIdentityProfile(FindIdentityProfileReq.builder()
.identityId(identityId)
.identityType(identityType)
.build()));
if (identityProfile == null) {
AssertUtil.fail("未找到自然人信息");
}
saasAccount = identityProfile;
}
return saasAccount;
}

246
tyr-server/src/main/java/cn/axzo/tyr/server/controller/permission/SaasRoleApiImpl.java
View File

@ -1,14 +1,34 @@
package cn.axzo.tyr.server.controller.permission;
import cn.axzo.basics.profiles.api.OperatorProfileServiceApi;
import cn.axzo.basics.profiles.api.RegulatorProfileApi;
import cn.axzo.basics.profiles.api.UserProfileServiceApi;
import cn.axzo.basics.profiles.api.vo.profiles.PersonPostVo;
import cn.axzo.basics.profiles.api.vo.profiles.PractitionerAndPersonPostVO;
import cn.axzo.basics.profiles.common.enums.IdentityType;
import cn.axzo.basics.profiles.dto.basic.OperatorProfileDto;
import cn.axzo.basics.profiles.dto.basic.PersonProfileDto;
import cn.axzo.basics.profiles.dto.basic.PersonUnion;
import cn.axzo.basics.profiles.dto.basic.PractitionerProfileDto;
import cn.axzo.basics.profiles.dto.basic.RegulatorProfileDto;
import cn.axzo.basics.profiles.dto.request.PersonUpdateDto;
import cn.axzo.basics.profiles.dto.request.PractitionerUpdateDto;
import cn.axzo.braum.client.feign.SaasAccountApi;
import cn.axzo.braum.client.request.AccountUserReq;
import cn.axzo.framework.domain.ServiceException;
import cn.axzo.tyr.client.feign.SaasRoleApi;
import cn.axzo.tyr.client.model.permission.IdentityAndAccountResp;
import cn.axzo.tyr.client.model.permission.UpdateWorkspaceSupAdminDTO;
import cn.axzo.tyr.client.model.permission.WorkspaceGrantAdminRoleByPhoneReq;
import cn.axzo.tyr.client.model.permission.WorkspaceGrantAdminRoleReq;
import cn.axzo.tyr.client.model.roleuser.req.CreateSuperAdminRoleParam;
import cn.axzo.tyr.server.controller.roleuser.RoleUserController;
import cn.axzo.tyr.server.util.RpcInternalUtil;
import cn.azxo.framework.common.model.CommonResponse;
import cn.hutool.extra.pinyin.PinyinUtil;
import com.google.common.collect.Lists;
import lombok.extern.slf4j.Slf4j;
import lombok.var;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.transaction.annotation.Transactional;
import org.springframework.web.bind.annotation.RestController;
@ -19,24 +39,16 @@ import java.util.List;
@RestController
public class SaasRoleApiImpl implements SaasRoleApi {
// @Autowired
// private SaasRoleUserRelationService saasRoleUserRelationService;
//
// @Autowired
// private SaasAccountService accountService;
//
// @Autowired
// private PractitionerProfileService practitionerProfileService;
// @Autowired
// private OperatorServiceImpl operatorService;
// @Autowired
// private RegulatorProfileService regulatorProfileService;
@Autowired
private OperatorProfileServiceApi operatorProfileServiceApi;
@Autowired
private UserProfileServiceApi userProfileServiceApi;
@Autowired
private RoleUserController roleUserController;
@Autowired
private RegulatorProfileApi regulatorProfileApi;
@Autowired
private SaasAccountApi saasAccountApi;
@Override
@Transactional(rollbackFor = Exception.class)
@ -54,110 +66,110 @@ public class SaasRoleApiImpl implements SaasRoleApi {
@Transactional(rollbackFor = Exception.class)
public CommonResponse<List<IdentityAndAccountResp>> grantAdminRoleByPhone(
List<WorkspaceGrantAdminRoleByPhoneReq> req) {
// List<IdentityAndAccountResp> list = Lists.newArrayList();
//
// req.forEach(item -> {
//
// if (null == item.getPhone()) {
// throw new ServiceException("账号为空");
// }
// //校验账户是否存在 存在继续 不存在-创建账户及身份
// AccountUserDto accounDto = null;
// var phone = item.getPhone();
//
// PersonUpdateDto personUpdate = new PersonUpdateDto().
// setRealName(item.getNickName()).
// setRealNamePinyin(PinyinUtil.getPinyin(item.getNickName()));
// personUpdate.setPhone(phone);
// PersonUnion personUnion = new PersonUnion();
// personUnion.setPhone(phone);
//
// // 通过手机号这个唯一条件创建人员用户幂等返回用户
// PersonProfileDto newPersonProfile;
// Long identityId;
// IdentityType identityType;
// //这里要判断是不是OMS 工作台 // TODO: 2023/8/8 @TanJ 后续需要改成使用WorkspaceTypeEnum判断
// if (item.getWorkspaceType().equals(6)) {
// //如果是OMS,运营人员
// PersonUpdateDto personUpdateDto = new PersonUpdateDto();
// personUpdateDto.setPhone(phone);
// personUpdateDto.setRealName(item.getNickName());
// personUpdateDto.setRealNamePinyin(PinyinUtil.getPinyin(item.getNickName()));
// OperatorProfileDto withPerson = RpcInternalUtil.checkAndGetData(operatorProfileServiceApi.addOperator(personUpdateDto));
// newPersonProfile=withPerson.getPersonProfile();
// identityId= withPerson.getId();
// identityType= IdentityType.OPERATOR;
// } else if (item.getWorkspaceType().equals(3)) {
// RegulatorUpdateDto regulatorUpdateDto = new RegulatorUpdateDto();
// RegulatorProfileDto regulatorProfileDto = regulatorProfileService.createWithPerson(regulatorUpdateDto, personUnion, personUpdate);
// newPersonProfile = regulatorProfileDto.getPersonProfile();
// identityId= regulatorProfileDto.getId();
// identityType= IdentityType.REGULATOR;
// } else {
// PractitionerAndPersonPostVO practitionerAndPersonPostVO = new PractitionerAndPersonPostVO();
// practitionerAndPersonPostVO.setUpdate(new PractitionerUpdateDto());
//
// PersonPostVo personPostVo = new PersonPostVo();
// personPostVo.setPhone(phone);
// personPostVo.setRealName(item.getNickName());
// practitionerAndPersonPostVO.setPersonPost(personPostVo);
// PractitionerProfileDto practitionerDto = RpcInternalUtil.checkAndGetData(userProfileServiceApi.postPractitionerProfileWithUnionPerson(practitionerAndPersonPostVO));
//
// newPersonProfile = practitionerDto.getPersonProfile();
// identityId= practitionerDto.getId();
// identityType= IdentityType.PRACTITIONER;
// }
//
//
//
// AccountUserReq accountUserReq = new AccountUserReq();
// accountUserReq.setPhone(newPersonProfile.getPhone());
// accountUserReq.setNickname(item.getNickName());
// accountUserReq.setNaturalPersonId(newPersonProfile.getId());
// accountUserReq.setType(identityType.equals(IdentityType.OPERATOR) ? 1 : 0);
// accounDto = accountService.createAccount(accountUserReq, 0L);
// //历史代码暂时屏蔽上面的创建账号是幂等创建不会重复创建
// /* if (account == null) {
// accounDto = accountService.createAccount(accountUserReq, 0L);
// } else {
// //有账号也不能确认是第一次创建OMS
// accounDto = new AccountUserDto();
// accounDto.setAccountId(account.getId());
// accounDto.setPhone(item.getPhone());
// accounDto.setNickname(item.getNickName());
// account.setNickname(item.getNickName());
// account.setNaturalPersonId(newPersonProfile.getId());
// accountService.updateById(account);
// }*/
//
// accounDto.setIdentityId(identityId);
//
// UpdateWorkspaceSupAdminDTO dto = UpdateWorkspaceSupAdminDTO.builder()
// .workspaceId(item.getWorkspaceId())
// .identityType(identityType)
// .identityId(accounDto.getIdentityId())
// .naturalPersonId(newPersonProfile.getId())
// .organizationalUnitId(item.getOuId())
// .workspaceType(item.getWorkspaceType())
// .build();
// CreateSuperAdminRoleParam createSuperAdminRoleParam = new CreateSuperAdminRoleParam();
// createSuperAdminRoleParam.setWorkspaceId(item.getWorkspaceId());
// createSuperAdminRoleParam.setOuId(item.getOuId());
// createSuperAdminRoleParam.setIdentityId(accounDto.getIdentityId());
// createSuperAdminRoleParam.setIdentityType(cn.axzo.tyr.client.model.enums.IdentityType.getIdentityType(dto.getIdentityType().getCode()));
// createSuperAdminRoleParam.setWorkspaceType(dto.getWorkspaceType());
// createSuperAdminRoleParam.setNaturalPersonId(dto.getNaturalPersonId());
// roleUserController.createSuperAdminRole(createSuperAdminRoleParam);
// IdentityAndAccountResp resp = new IdentityAndAccountResp();
// resp.setIdentityId(identityId);
// resp.setIdentityType(identityType);
// resp.setAccountId(accounDto.getAccountId());
// resp.setPhone(accounDto.getPhone());
// resp.setRealName(newPersonProfile.getRealName());
// resp.setNaturalPersonId(newPersonProfile.getId());
// list.add(resp);
// });
// return CommonResponse.success(list);
return null;
List<IdentityAndAccountResp> list = Lists.newArrayList();
req.forEach(item -> {
if (null == item.getPhone()) {
throw new ServiceException("账号为空");
}
//校验账户是否存在 存在继续 不存在-创建账户及身份
cn.axzo.braum.client.resp.IdentityAndAccountResp accounDto = null;
var phone = item.getPhone();
PersonUpdateDto personUpdate = new PersonUpdateDto().
setRealName(item.getNickName()).
setRealNamePinyin(PinyinUtil.getPinyin(item.getNickName()));
personUpdate.setPhone(phone);
PersonUnion personUnion = new PersonUnion();
personUnion.setPhone(phone);
// 通过手机号这个唯一条件创建人员用户幂等返回用户
PersonProfileDto newPersonProfile;
Long identityId;
IdentityType identityType;
//这里要判断是不是OMS 工作台 // TODO: 2023/8/8 @TanJ 后续需要改成使用WorkspaceTypeEnum判断
if (item.getWorkspaceType().equals(6)) {
//如果是OMS,运营人员
PersonUpdateDto personUpdateDto = new PersonUpdateDto();
personUpdateDto.setPhone(phone);
personUpdateDto.setRealName(item.getNickName());
personUpdateDto.setRealNamePinyin(PinyinUtil.getPinyin(item.getNickName()));
OperatorProfileDto withPerson = RpcInternalUtil.checkAndGetData(operatorProfileServiceApi.addOperator(personUpdateDto));
newPersonProfile=withPerson.getPersonProfile();
identityId= withPerson.getId();
identityType= IdentityType.OPERATOR;
} else if (item.getWorkspaceType().equals(3)) {
PersonUpdateDto personUpdateDto = new PersonUpdateDto();
personUpdateDto.setPhone(phone);
RegulatorProfileDto regulatorProfileDto = RpcInternalUtil.checkAndGetData(regulatorProfileApi.create(personUpdateDto));
newPersonProfile = regulatorProfileDto.getPersonProfile();
identityId= regulatorProfileDto.getId();
identityType= IdentityType.REGULATOR;
} else {
PractitionerAndPersonPostVO practitionerAndPersonPostVO = new PractitionerAndPersonPostVO();
practitionerAndPersonPostVO.setUpdate(new PractitionerUpdateDto());
PersonPostVo personPostVo = new PersonPostVo();
personPostVo.setPhone(phone);
personPostVo.setRealName(item.getNickName());
practitionerAndPersonPostVO.setPersonPost(personPostVo);
PractitionerProfileDto practitionerDto = RpcInternalUtil.checkAndGetData(userProfileServiceApi.postPractitionerProfileWithUnionPerson(practitionerAndPersonPostVO));
newPersonProfile = practitionerDto.getPersonProfile();
identityId= practitionerDto.getId();
identityType= IdentityType.PRACTITIONER;
}
AccountUserReq accountUserReq = new AccountUserReq();
accountUserReq.setPhone(newPersonProfile.getPhone());
accountUserReq.setNickname(item.getNickName());
accountUserReq.setNaturalPersonId(newPersonProfile.getId());
accountUserReq.setType(identityType.equals(IdentityType.OPERATOR) ? 1 : 0);
accounDto = RpcInternalUtil.checkAndGetData(saasAccountApi.createAccount(accountUserReq));
//历史代码暂时屏蔽上面的创建账号是幂等创建不会重复创建
/* if (account == null) {
accounDto = accountService.createAccount(accountUserReq, 0L);
} else {
//有账号也不能确认是第一次创建OMS
accounDto = new AccountUserDto();
accounDto.setAccountId(account.getId());
accounDto.setPhone(item.getPhone());
accounDto.setNickname(item.getNickName());
account.setNickname(item.getNickName());
account.setNaturalPersonId(newPersonProfile.getId());
accountService.updateById(account);
}*/
accounDto.setIdentityId(identityId);
UpdateWorkspaceSupAdminDTO dto = UpdateWorkspaceSupAdminDTO.builder()
.workspaceId(item.getWorkspaceId())
.identityType(identityType)
.identityId(accounDto.getIdentityId())
.naturalPersonId(newPersonProfile.getId())
.organizationalUnitId(item.getOuId())
.workspaceType(item.getWorkspaceType())
.build();
CreateSuperAdminRoleParam createSuperAdminRoleParam = new CreateSuperAdminRoleParam();
createSuperAdminRoleParam.setWorkspaceId(item.getWorkspaceId());
createSuperAdminRoleParam.setOuId(item.getOuId());
createSuperAdminRoleParam.setIdentityId(accounDto.getIdentityId());
createSuperAdminRoleParam.setIdentityType(cn.axzo.tyr.client.model.enums.IdentityType.getIdentityType(dto.getIdentityType().getCode()));
createSuperAdminRoleParam.setWorkspaceType(dto.getWorkspaceType());
createSuperAdminRoleParam.setNaturalPersonId(dto.getNaturalPersonId());
roleUserController.createSuperAdminRole(createSuperAdminRoleParam);
IdentityAndAccountResp resp = new IdentityAndAccountResp();
resp.setIdentityId(identityId);
resp.setIdentityType(identityType);
resp.setAccountId(accounDto.getAccountId());
resp.setPhone(accounDto.getPhone());
resp.setRealName(newPersonProfile.getRealName());
resp.setNaturalPersonId(newPersonProfile.getId());
list.add(resp);
});
return CommonResponse.success(list);
}
}

4
tyr-server/src/main/java/cn/axzo/tyr/server/model/SaasUserRoleExBO.java
View File

@ -1,10 +1,10 @@
package cn.axzo.tyr.server.model;
import cn.axzo.basics.auth.dto.consts.SaasRoleFits;
import cn.axzo.basics.auth.enums.WorkspaceTypeWithLegacyEnum;
import cn.axzo.basics.common.constant.enums.OrganizationalNodeTypeEnum;
import cn.axzo.basics.common.constant.enums.OrganizationalUnitTypeEnum;
import cn.axzo.basics.profiles.common.enums.IdentityType;
import cn.axzo.tyr.client.common.SaasRoleFits;
import cn.axzo.tyr.client.model.enums.WorkspaceTypeWithLegacyEnum;
import lombok.Getter;
import lombok.Setter;
import lombok.ToString;

62
tyr-server/src/main/java/cn/axzo/tyr/server/service/SaasAuthService.java
View File

@ -1,62 +0,0 @@
package cn.axzo.tyr.server.service;
import cn.axzo.basics.profiles.common.enums.IdentityType;
import cn.axzo.framework.auth.domain.TerminalInfo;
import cn.axzo.tyr.client.model.permission.BaseAuthorizationReq;
import cn.axzo.tyr.client.model.permission.SaasFeatureTreeResp;
import cn.axzo.tyr.client.model.permission.SaasRoleBO;
import java.util.List;
import java.util.Map;
public interface SaasAuthService {
/**
* @param identityId
* @param workspaceId
* @param ouId 选填如果是null就不限制在某个ou里
* @return
*/
List<SaasRoleBO> getRoles(Long identityId, IdentityType identityType, Long workspaceId,
Long ouId);
boolean hasLeaderPermission(Long identityId, IdentityType identityType, String featureCode);
/**
* 检查某个人是否拥有指定featureCode,不管在哪个工作台里面
* @param identityId
* @param identityType
* @param featureCode
* @return
*/
boolean hasSaasPermissionIgnoreWorkspace(Long identityId, IdentityType identityType, String featureCode);
/**
* 验证指定人是否拥有权限 true为有权限
*
* @param tm
* @param identityId 身份id
* @param workspaceId 工作台id
* @param ouId 单位id
* @param featureCode 权限码
* @param workspaceType
* @param workspaceJoinTypes
* @return
*/
@Deprecated
Boolean hasPermission(TerminalInfo tm, Long personId, Long identityId, IdentityType identityType,
Long workspaceId, Long ouId,
String featureCode, Integer workspaceType, List<Integer> workspaceJoinTypes);
List<String> listFeatureCode(BaseAuthorizationReq req);
/**
* 把tree按指定menuType获取Feature
* @param saasFeatureTree
* @return
*/
Map<Integer, List<SaasFeatureTreeResp>> groupByMenuType(List<SaasFeatureTreeResp> saasFeatureTree,Integer maxDepth);
boolean checkFeatureAvailableForWorkspace(Long workspaceId, String featureCode);
List<Long> getProductIdsOfWorkspace(Long workspaceId);
}

76
tyr-server/src/main/java/cn/axzo/tyr/server/service/SaasRoleService.java
View File

@ -1,76 +0,0 @@
package cn.axzo.tyr.server.service;
import cn.axzo.basics.common.constant.enums.OrganizationalUnitTypeEnum;
import cn.axzo.tyr.client.model.permission.SaasRoleBO;
import cn.axzo.tyr.client.model.permission.SaasRoleDTO;
import cn.axzo.tyr.client.model.permission.SaasRoleExBO;
import cn.axzo.tyr.client.model.permission.SaasRoleExReq;
import cn.axzo.tyr.server.repository.entity.SaasRole;
import java.util.List;
/**
* saas-角色(SaasRole)表服务接口
*
* @author makejava
* @since 2022-05-24 11:18:41
*/
public interface SaasRoleService {
/**
* 创建
* 创建角色
* input : 角色名称角色类型角色所属单位id角色所属于工作台id角色所属于工作台类型;
* output: (created entity)
*
* @return
*/
SaasRole create(SaasRoleDTO req);
/**
* 更新角色
*
* @return
*/
Boolean update(SaasRoleDTO resRoleDTO);
/**
* 根据主键id 查询实体
*
* @param roleId
* @return
*/
SaasRoleBO getById(Long roleId);
/**
* 根据 id 集合查询 实体集合
*
* @param roleIds
* @return
*/
List<SaasRole> listByIds(List<Long> roleIds);
List<SaasRoleExBO> listRoleExByParams(SaasRoleExReq req);
/**
* 通过角色名获取角色id
*
* @param roleName 角色名
* @param positionTypeId 模板id
* @param workspaceId 项目id
* @param ownerOuId 所属单位ID
* @return 角色id
*/
Long getRoleId(String roleName, Long positionTypeId, Long workspaceId, Long ownerOuId);
/**
* 获取单位在工作台类型
*/
int getOrganizationalUnitBitValue(Long workspaceId, Long ouId);
/**
* 获取单位在工作台类型
*/
int getOrganizationalUnitBitValue(Long workspaceId, Long ouId, OrganizationalUnitTypeEnum byType);
}

52
tyr-server/src/main/java/cn/axzo/tyr/server/service/impl/ContextAwareBaseService.java
View File

@ -1,52 +0,0 @@
package cn.axzo.tyr.server.service.impl;
import cn.axzo.basics.profiles.common.enums.IdentityType;
import cn.axzo.basics.profiles.dto.basic.IdentityProfileDto;
import cn.axzo.framework.auth.domain.ContextInfo;
import cn.axzo.framework.auth.domain.ContextInfoHolder;
import lombok.extern.slf4j.Slf4j;
@Slf4j
public abstract class ContextAwareBaseService {
// @Autowired
// IdentityProfileService identityProfileService;
// @Autowired
// OrganizationalUnitService organizationalUnitService;
protected void checkWorkspace(Long workspaceId) {
ContextInfo contextInfo = ContextInfoHolder.get();
// if (null != contextInfo) {
// if (!NumUtil.equals(contextInfo.getWorkspaceId(), workspaceId)) {
// String msg = String.format("输入的工作台与当前Context工作台不一致, contextInfo.workspace=%d, params.workspaceId=%d",
// contextInfo.getWorkspaceId(), workspaceId);
// log.error(msg);
// // 以后稍微稳定一些了再抛异常吧
// // throw new ServiceException(msg);
// }
// }
}
protected IdentityProfileDto checkIdentity(Long identityId, IdentityType identityType) {
// if(identityId == null || NumUtil.equals(identityId, 0L))
// throw new ServiceException("身份错误");
//
// if (identityType == null)
return null;
// Optional<IdentityProfileDto> profile = identityProfileService.findIdentityProfile(identityId, identityType);
// if (!profile.isPresent())
// throw new ServiceException(String.format("找不到相关身份ID=%d的信息", identityId));
// return profile.get();
}
// protected OrganizationalUnitBO checkAndReturnOU(Long ouId) {
// if(NumUtil.isZero(ouId))
// throw new ServiceException("单位为空");
// return organizationalUnitService.getUnit(ouId);
// }
}

299
tyr-server/src/main/java/cn/axzo/tyr/server/service/impl/SaasAuthServiceImpl.java
View File

@ -1,299 +0,0 @@
package cn.axzo.tyr.server.service.impl;
import cn.axzo.basics.common.util.NumberUtil;
import cn.axzo.basics.profiles.common.enums.IdentityType;
import cn.axzo.framework.auth.domain.TerminalInfo;
import cn.axzo.pudge.core.service.ServiceException;
import cn.axzo.thrones.client.saas.ServicePkgClient;
import cn.axzo.thrones.client.saas.entity.serivicepgkproduct.ServicePkgProduct;
import cn.axzo.tyr.client.feign.TyrSaasAuthApi;
import cn.axzo.tyr.client.model.permission.BaseAuthorizationReq;
import cn.axzo.tyr.client.model.permission.SaasFeatureTreeResp;
import cn.axzo.tyr.client.model.permission.SaasRoleBO;
import cn.axzo.tyr.client.model.req.IdentityAuthReq;
import cn.axzo.tyr.client.model.res.IdentityAuthRes;
import cn.axzo.tyr.server.service.SaasAuthService;
import cn.axzo.tyr.server.service.SaasFeatureService;
import cn.axzo.tyr.server.service.SaasRoleService;
import cn.axzo.tyr.server.service.SaasRoleUserRelationService;
import cn.azxo.framework.common.logger.MethodAroundLog;
import cn.azxo.framework.common.model.CommonResponse;
import cn.hutool.core.collection.CollectionUtil;
import cn.hutool.core.util.StrUtil;
import lombok.extern.slf4j.Slf4j;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.beans.factory.annotation.Value;
import org.springframework.cloud.context.config.annotation.RefreshScope;
import org.springframework.stereotype.Service;
import java.util.ArrayList;
import java.util.Arrays;
import java.util.Collections;
import java.util.HashMap;
import java.util.List;
import java.util.Map;
import java.util.Objects;
import java.util.stream.Collectors;
/**
* 原本这个类名字叫AuthorizationService
* 但后来写着写着就发现这个类高度依赖workspace
* 没有workspace的RBAC校验如果也兼容在这个类里逻辑就太复杂了另行设计
*
*
* @author : liuchuntao
* @date : 2022/6/14 18:31
* @description : 权限相关Service
*/
@Slf4j
@Service
@RefreshScope
public class SaasAuthServiceImpl implements SaasAuthService {
@Autowired
private SaasFeatureService saasFeatureService;
@Autowired
private SaasRoleService saasRoleService;
@Autowired
private ServicePkgClient servicePkgClient;
@Autowired
private SaasRoleUserRelationService saasRoleUserRelationService;
// @Autowired
// private SaasPositionPlatPgRelationDao saasPositionPlatPgRelationDao;
// @Autowired
// private PlutoTeamServiceImpl plutoTeamService;
@Value("${needAuthorize.nonWorkspace:true}")
private boolean nonWorkspaceAuth;
/**
* 身份Id 单位Id 工作台Id获取权限Code列表 :非超管 超管调用
* {@link cn.axzo.basics.auth.service.SaasFeatureService#listCodeByProductIds(List)}
*
* @param req
* @return
*/
@Override
@MethodAroundLog(value = "获取产品对应的权限集")
public List<String> listFeatureCode(BaseAuthorizationReq req) {
List<Long> productIds = getProductIdsOfWorkspace(req.getWorkspaceId());
//
// boolean flag = this.saasRoleUserRelationService.isAnyAdmin(req.getIdentityId(), req.getIdentityType(), req.getWorkspaceId(), req.getOuId());
//
// if (flag) {
// return saasFeatureService.listCodeByProductIdsAndTerminal(productIds, req.getTerminal());
// }
// return saasFeatureService.listFeatureCode(req, productIds);
return null;
}
@Override
public List<Long> getProductIdsOfWorkspace(Long workspaceId) {
// List<ServicePkgProduct> products = RpcUtil
// .common(servicePkgClient.listProductInWorkSpace(workspaceId));
// if (CollectionUtil.isEmpty(products)) {
// log.warn("thrones:获取产品列表失败:workspaceId{}", workspaceId);
// throw new ServiceException("当前工作台未找到任何的产品");
// }
// List<Long> productIds = products.stream().map(ServicePkgProduct::getProductId).collect(Collectors.toList());
// return productIds;
return null;
}
@Override
public Map<Integer, List<SaasFeatureTreeResp>> groupByMenuType(List<SaasFeatureTreeResp> saasFeatureTree, Integer maxDepth) {
HashMap<Integer, List<SaasFeatureTreeResp>> result = new HashMap<>();
if (CollectionUtil.isEmpty(saasFeatureTree) || maxDepth <= 0) {
return result;
}
for (SaasFeatureTreeResp featureTreeResp : saasFeatureTree) {
List<SaasFeatureTreeResp> defaultLists = result.getOrDefault(featureTreeResp.getMenuType(), new ArrayList<>());
if (defaultLists.isEmpty()) {
result.put(featureTreeResp.getMenuType(), defaultLists);
}
defaultLists.add(featureTreeResp);
Map<Integer, List<SaasFeatureTreeResp>> children = groupByMenuType(featureTreeResp.getChildren(), --maxDepth);
for (Integer childrenKey : children.keySet()) {
List<SaasFeatureTreeResp> childList = result.getOrDefault(childrenKey, new ArrayList<>());
if (childList.isEmpty()) {
result.put(childrenKey, childList);
}
childList.addAll(children.get(childrenKey));
}
}
return result;
}
@Override
public List<SaasRoleBO> getRoles(Long identityId, IdentityType identityType, Long workspaceId,
Long ouId) {
// SaasRoleQueryDTO dto = new SaasRoleQueryDTO();
// dto.setOuId(ouId);
// dto.setWorkspaceId(workspaceId);
// dto.setIdentityId(identityId);
// dto.setIdentityType(identityType);
// List<SaasRoleBO> saasRoles = saasRoleService.listByIdentityAndSpaceIdAndOuId(dto);
// return saasRoles;
return null;
}
/**
* //check平台级的带班长/工人
*
* @param identityId
* @param identityType
* @param featureCode
* @return
*/
private boolean hasWorkerPermission(Long identityId, IdentityType identityType,
String featureCode) {
//check平台级的带班长/工人
if (!checkWorkerFeaturePass(identityId, identityType, featureCode)) {
return Boolean.FALSE;
}
return true;
}
/**
* leader权限
*
* @param identityId
* @param identityType
* @param featureCode
* @return
*/
@Override
public boolean hasLeaderPermission(Long identityId, IdentityType identityType,
String featureCode) {
//check平台级的班组长
if (!checkLeaderFeaturePass(identityId, identityType, featureCode)) {
return Boolean.FALSE;
}
return true;
}
@Override
public boolean hasSaasPermissionIgnoreWorkspace(Long identityId, IdentityType identityType, String featureCode) {
// return saasRoleUserRelationService.hasSaasPermissionIgnoreWorkspace(identityId, identityType, featureCode);
return false;
}
/**
* TODO: @gaowei用cache内存把整个权限服务包住
* <p>
* 验证指定人是否拥有权限 true为有权限
*
* @param tm
* @param identityId 身份id
* @param workspaceId 工作台id
* @param ouId 单位id
* @param featureCode 权限码
* @param workspaceType
* @param workspaceJoinTypes
* @return
*/
@Override
public Boolean hasPermission(TerminalInfo tm, Long personId, Long identityId, IdentityType identityType,
Long workspaceId, Long ouId, String featureCode, Integer workspaceType, List<Integer> workspaceJoinTypes) {
if (StrUtil.isBlank(featureCode)) {
throw new ServiceException("非法请求缺少FeatureCode参数");
}
//log.info("权限校验快速放过 - 先支持测试,同步修。 identityId={}, workspaceId={}, ouId={}, featureCode={}",
// identityId, workspaceId, ouId, featureCode);
//check平台级的带班长/工人
if (identityType == IdentityType.WORKER) {
return hasWorkerPermission(identityId, identityType, featureCode);
}
//check班组长
if (identityType == IdentityType.WORKER_LEADER) {
return hasLeaderPermission(identityId, identityType, featureCode);
}
// 非工作台内直接放行
if (!NumberUtil.isPositiveNumber(workspaceId) && nonWorkspaceAuth) {
return true;
}
// IdentityAuthRes result = RpcUtil.apiResult(tyrSaasAuthApi.findIdentityAuth(IdentityAuthReq.builder()
// .personId(personId)
// .featureCode(CollectionUtil.newHashSet(featureCode))
// .workspaceOusPairs(Collections.singletonList(IdentityAuthReq.WorkspaceOuPair.builder()
// .workspaceId(workspaceId)
// .ouId(ouId)
// .build()))
// .build()));
//
// if (null == result) {
return false;
// }
// List<IdentityAuthRes.WorkspacePermission> permissions = result.getPermissions();
// List<IdentityAuthRes.PermissionPoint> permissionPoints = permissions.stream().filter(e -> Objects.equals(e.getWorkspaceId(), workspaceId) && Objects.equals(e.getOuId(), ouId)).map(IdentityAuthRes.WorkspacePermission::getPermissionPoint).flatMap(List::stream).collect(Collectors.toList());
// return CollectionUtil.isNotEmpty(result.getPermissions()) && permissionPoints.stream().anyMatch(e -> Objects.equals(e.getFeatureCode(), featureCode));
}
private boolean checkLeaderFeaturePass(Long identityId, IdentityType identityType,
String featureCode) {
// return saasFeatureService.checkCodeAndTerminalPass(featureCode,
// Arrays.asList(TerminalInfo.NT_CM_APP_CM_LEADER));
return false;
}
/**
* 校验带班长/工人权限通过
*
* @param identityId
* @param identityType
* @param featureCode
* @return
*/
private boolean checkWorkerFeaturePass(Long identityId, IdentityType identityType,
String featureCode) {
// if (saasPositionPlatPgRelationDao.needCheckFeaturePosition(featureCode)) {
// Long currentTeamOuId = plutoTeamService.getCurrentTeamOuId(identityId, identityType);
// if (!NumberUtil.isPositiveNumber(currentTeamOuId)) {
// return false;
// }
//
// // 平台级代班长code校验
// if (!saasPositionPlatPgRelationDao.checkFeaturePosition(identityId, identityType,
// currentTeamOuId, featureCode)){
// // 项目内代班长校验 ,没有进行workspaceId的判断因为目前业务上会进行判断所以这边只要校验他在任意一个项目部里面有权限就可
// return hasSaasPermissionIgnoreWorkspace(identityId, identityType, featureCode);
// }
return true;
// }
//
// return saasFeatureService.checkCodeAndTerminalPass(featureCode,
// Arrays.asList(TerminalInfo.NT_CM_APP_CM_WORKER, TerminalInfo.NT_CM_APP_CM_LEADER));
}
@Override
public boolean checkFeatureAvailableForWorkspace(Long workspaceId, String featureCode) {
// CommonResponse<List<ServicePkgProduct>> rsp = this.servicePkgClient.listProductInWorkSpace(workspaceId);
// if (rsp.getCode() != 200)
// throw new ServiceException("获取workspace相关服务包信息失败" + rsp.getMsg());
//
// List<ServicePkgProduct> list = rsp.getData();
// if (list == null || list.isEmpty()) {
// log.warn("获取workspace相关服务包信息成功但内容为空。workspaceId={}", workspaceId);
// return false;
// }
//
// List<Long> pkgIds = list.stream().map(ServicePkgProduct::getProductId).collect(Collectors.toList());
//
// if (this.saasFeatureService.checkFeatureInProductModule(featureCode, pkgIds))
// return true;
return false;
}
}

291
tyr-server/src/main/java/cn/axzo/tyr/server/service/impl/SaasRoleServiceImpl.java
View File

@ -1,291 +0,0 @@
package cn.axzo.tyr.server.service.impl;
import cn.axzo.apollo.core.utils.ResultUtil;
import cn.axzo.apollo.workspace.api.workspace.ParticipatingUnitApi;
import cn.axzo.apollo.workspace.api.workspace.WorkspaceApi;
import cn.axzo.apollo.workspace.api.workspace.res.GetDetailRes;
import cn.axzo.basics.auth.enums.RoleType;
import cn.axzo.basics.common.BeanMapper;
import cn.axzo.basics.common.constant.enums.OrganizationalUnitTypeEnum;
import cn.axzo.basics.common.constant.enums.TableIsDeleteEnum;
import cn.axzo.basics.common.util.AssertUtil;
import cn.axzo.basics.common.util.NumberUtil;
import cn.axzo.pudge.core.service.ServiceException;
import cn.axzo.tyr.client.model.permission.SaasRoleBO;
import cn.axzo.tyr.client.model.permission.SaasRoleDTO;
import cn.axzo.tyr.client.model.permission.SaasRoleExBO;
import cn.axzo.tyr.client.model.permission.SaasRoleExReq;
import cn.axzo.tyr.server.repository.dao.SaasPgroupRoleRelationDao;
import cn.axzo.tyr.server.repository.dao.SaasRoleDao;
import cn.axzo.tyr.server.repository.entity.SaasRole;
import cn.axzo.tyr.server.service.SaasRoleService;
import lombok.extern.slf4j.Slf4j;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.stereotype.Service;
import org.springframework.transaction.annotation.Transactional;
import org.springframework.util.StringUtils;
import javax.annotation.Resource;
import java.util.ArrayList;
import java.util.Date;
import java.util.List;
import java.util.Objects;
/**
* @author cn
* @version 1.0
* @description
* @date 2022/5/24 14:02
*/
@Slf4j
@Service
public class SaasRoleServiceImpl extends ContextAwareBaseService implements SaasRoleService {
@Autowired
private WorkspaceApi workspaceApi;
@Resource
private SaasRoleDao saasRoleDao;
@Resource
private SaasPgroupRoleRelationDao saasPgroupRoleRelationDao;
@Autowired
private ParticipatingUnitApi participatingUnitApi;
private void checkRoleName(Long roleId, String name, Long workspaceId, Long ouId) {
List<SaasRole> saasRoles = saasRoleDao.listCommonRoleByNameAndWorkspaceIdAndOuId(name,
workspaceId, ouId);
if (NumberUtil.isPositiveNumber(roleId)) {
if (saasRoles.stream().anyMatch(e -> !Objects.equals(e.getId(), roleId))) {
AssertUtil.fail("已存在相同的角色名称,请更换角色名称");
}
} else {
AssertUtil.isEmpty(saasRoles, "已存在相同的角色名称,请更换角色名称");
}
}
@Override
public SaasRole create(SaasRoleDTO req) {
/**
* 1. 检查角色名是否重复
* 2. 保存新的角色
* 3. 保存角色权限集关联表
*/
SaasRole role = new SaasRole();
role.setDescription(req.getDescription());
role.setName(req.getName());
checkRoleName(req.getId(), req.getName(), req.getWorkspaceId(), req.getOwnerOuId());
role.setWorkspaceId(req.getWorkspaceId());
// 单位id
role.setOwnerOuId(req.getOwnerOuId());
if (NumberUtil.isPositiveNumber(req.getOwnerOuId())) {
// 查询参见单位表数据
// List<ParticipatingUnitRes> participatingUnitResList = RpcUtil.common(
// participatingUnitApi.getList(ParticipatingUnitReq.builder().workspaceId(req.getWorkspaceId()).level(req.getWorkspaceType()).build()));
// if(!CollectionUtils.isEmpty(participatingUnitResList)){
// // 总包设置单位类型为65535
// if(req.getWorkspaceType() == WorkspaceTypeEnum.GENERAL_ENT.value){
// role.setFitOuTypeBit(65535L);
// }else{
// // 单位加入工作台时的类型
// role.setFitOuTypeByValues(Lists.newArrayList(participatingUnitResList.get(0).getUnitRoleType()));
// }
// }
}
role.setRoleType(
StringUtils.isEmpty(req.getRoleType()) ? RoleType.COMMON.getValue() : req.getRoleType());
Integer workSpaceType=req.getWorkspaceType();
if (!NumberUtil.isPositiveNumber(req.getWorkspaceType())) {
log.info("创建角色请求apollo开始:{}", req);
GetDetailRes workspaceResult = ResultUtil.getWorkspaceResult(() -> workspaceApi.getById(req.getWorkspaceId()));
AssertUtil.notNull(workspaceResult, "创建失败,所属工作台信息获取失败");
log.info("创建角色请求apollo结束:{}", workspaceResult);
workSpaceType = workspaceResult.getWorkspaceType();
}
// WorkspaceTypeWithLegacyEnum workspaceTypeWithLegacyEnum = WorkspaceTypeWithLegacyEnum.getByCode(workSpaceType);
// AssertUtil.notNull(workspaceTypeWithLegacyEnum, "所属工作台类型不匹配,创建角色失败");
// role.setWorkspaceType(workspaceTypeWithLegacyEnum);
// role.setIsDelete(0L);
// role.setPositionTemplateId(req.getPositionTemplateId());
// saasRoleDao.save(role);
//
// if (CollUtil.isNotEmpty(req.getGroupIds())) {
// List<SaasPgroupRoleRelation> relations = new ArrayList<>();
// req.getGroupIds().forEach(k -> {
// SaasPgroupRoleRelation relation = new SaasPgroupRoleRelation();
// relation.setRoleId(role.getId());
// relation.setGroupId(k);
// relations.add(relation);
// });
// saasPgroupRoleRelationDao.saveBatch(relations);
// }
return role;
}
@Override
@Transactional(rollbackFor = Exception.class)
public Boolean update(SaasRoleDTO resRoleDTO) {
if (resRoleDTO.getId() == null || resRoleDTO.getId() == 0) {
throw new ServiceException("未获取到角色Id");
}
SaasRole oldRole = saasRoleDao.getById(resRoleDTO.getId());
if (oldRole == null || oldRole.getIsDelete() != 0) {
throw new ServiceException("对应角色已删除,不能进行更新处理");
}
checkRoleName(oldRole.getId(), resRoleDTO.getName(), resRoleDTO.getWorkspaceId(),
resRoleDTO.getOwnerOuId());
// 更新角色
oldRole.setName(resRoleDTO.getName());
oldRole.setDescription(resRoleDTO.getDescription());
oldRole.setRoleType(resRoleDTO.getRoleType());
oldRole.setIsDelete(TableIsDeleteEnum.NORMAL.value);
oldRole.setUpdateAt(new Date());
saasRoleDao.updateById(oldRole);
// // 更新角色权限集对应关系
// // 获取角色对应权限集
// List<SaasPgroupRoleRelation> roleRelations = saasPgroupRoleRelationDao.listByRoleId(resRoleDTO.getId());
// List<Long> oldGroupIds = roleRelations.stream().map(SaasPgroupRoleRelation::getGroupId)
// .collect(Collectors.toList());
// // 获取交集
// List<Long> innerArr = oldGroupIds.stream().filter(item -> resRoleDTO.getGroupIds().contains(item))
// .collect(Collectors.toList());
// // 删除多余老数据
// oldGroupIds.removeAll(innerArr);
// saasPgroupRoleRelationDao.deleteByGroupIdsAndRoleId(oldGroupIds, oldRole.getId());
// // 更新新加数据
// List<Long> newGroupIds = resRoleDTO.getGroupIds();
// newGroupIds.removeAll(innerArr);
// List<SaasPgroupRoleRelation> relations = new ArrayList<>();
// newGroupIds.stream().forEach(k -> {
// SaasPgroupRoleRelation relation = new SaasPgroupRoleRelation();
// relation.setRoleId(oldRole.getId());
// relation.setGroupId(k);
// relations.add(relation);
// });
// if (!CollectionUtils.isEmpty(relations)) {
// saasPgroupRoleRelationDao.saveBatch(relations);
// }
return true;
}
@Override
public SaasRoleBO getById(Long roleId) {
SaasRole saasRole = saasRoleDao.getById(roleId);
return BeanMapper.copyBean(saasRole, SaasRoleBO.class);
}
@Override
public List<SaasRole> listByIds(List<Long> roleIds) {
List<SaasRole> saasRoles = saasRoleDao.lambdaQuery().in(SaasRole::getId, roleIds)
.eq(SaasRole::getIsDelete, TableIsDeleteEnum.NORMAL.value).list();
return saasRoles;
}
@Override
public List<SaasRoleExBO> listRoleExByParams(SaasRoleExReq req) {
// List<SaasPermissionGroupExBO> list = this.saasRoleDao.listPermissionGroupExByParams(req);
//
// Map<Long, List<SaasPermissionGroupExBO>> map = list.stream().collect(Collectors.groupingBy(SaasPermissionGroupExBO::getRoleId));
List<SaasRoleExBO> roleList = new ArrayList<>();
// for(Entry<Long, List<SaasPermissionGroupExBO>> entry : map.entrySet()) {
// SaasRoleExBO role = new SaasRoleExBO();
// BeanUtil.copyProperties(entry.getValue().get(0), role, true);
// roleList.add(role);
//
// role.setPermissionGroupList(entry.getValue().stream().map(gx -> {
// SaasPermissionGroupBO g = new SaasPermissionGroupBO();
// BeanUtil.copyProperties(gx, g, true);
// return g;
// }).collect(Collectors.toList()));
// }
return roleList;
}
@Override
public Long getRoleId(String roleName, Long positionTypeId, Long workspaceId, Long ownerOuId) {
// List<SaasRole> saasRoles = saasRoleDao.listCommonRoleIdByNameAndPositionTypeIdAndWorkspaceIdAndOuId(roleName,
// positionTypeId, workspaceId, ownerOuId);
// if (CollectionUtils.isEmpty(saasRoles)) {
return null;
// }
// return saasRoles.get(saasRoles.size() - 1).getId();
}
public List<SaasRole> checkAndListRole(Long workspaceId, Long ouId) {
int OrganizationalUnitBitValue = getOrganizationalUnitBitValue(workspaceId, ouId);
// return saasRoleDao.listByWorkspaceIdAndFitOutType(workspaceId, OrganizationalUnitBitValue);
return null;
}
/**
* 获取单位bit类型
*/
@Override
public int getOrganizationalUnitBitValue(Long workspaceId, Long ouId) {
// OrganizationalUnitBO unit = organizationalUnitService.getUnit(ouId);
// AssertUtil.isTrue(unit != null, "未找到此单位");
// int OrganizationalUnitBitValue = 0;
// // 获取工作台类型
// GetDetailRes workspaceResult = ResultUtil.getWorkspaceResult(() -> workspaceApi.getById(workspaceId));
// if(workspaceResult == null){
// throw new ServiceException("工作台不存在");
// }
// // 只有项目工作台查询需要使用进入工作台的单位类型查询
// if(Objects.equals(workspaceResult.getWorkspaceType(), WorkspaceTypeWithLegacyEnum.PROJ_SPACE.getCode())){
// ParticipatingUnitRes participatingUnitRes = RpcUtil.common(participatingUnitApi.getOne(ParticipatingUnitReq.builder()
// .levels(Collections.singletonList(WorkspaceTypeWithLegacyEnum.PROJ_SPACE.getCode()))
// .workspaceId(workspaceId)
// .organizationUnitId(ouId)
// .build()));
// if(participatingUnitRes == null){
// throw new ServiceException("未找到参建单位信息");
// }
// OrganizationalUnitBitValue = OrganizationalUnitTypeEnum.getByType(participatingUnitRes.getUnitRoleType()).getBitValue();
// }
// return OrganizationalUnitBitValue;
return 0;
}
/**
* 获取单位在工作台类型
*/
@Override
public int getOrganizationalUnitBitValue(Long workspaceId, Long ouId, OrganizationalUnitTypeEnum byType) {
int OrganizationalUnitTypeBitValue = 0;
// OrganizationalUnitBO unit = organizationalUnitService.getUnit(ouId);
// AssertUtil.isTrue(unit != null, "未找到此单位");
//
// // 获取工作台类型
// GetDetailRes workspaceResult = ResultUtil.getWorkspaceResult(() -> workspaceApi.getById(workspaceId));
// if (workspaceResult == null) {
// throw new ServiceException("工作台不存在");
// }
// // 只有项目工作台查询需要使用进入工作台的单位类型查询
// if (Objects.equals(workspaceResult.getWorkspaceType(), WorkspaceTypeWithLegacyEnum.PROJ_SPACE.getCode())) {
// if(byType == null){
// ParticipatingUnitRes participatingUnitRes = RpcUtil.common(participatingUnitApi.getOne(ParticipatingUnitReq.builder()
// .levels(Collections.singletonList(WorkspaceTypeWithLegacyEnum.PROJ_SPACE.getCode()))
// .workspaceId(workspaceId)
// .organizationUnitId(ouId)
// .build()));
// if (participatingUnitRes == null) {
// throw new ServiceException("未找到参建单位信息");
// }
// OrganizationalUnitTypeBitValue = OrganizationalUnitTypeEnum.getByType(participatingUnitRes.getUnitRoleType()).getBitValue();
// }else{
// OrganizationalUnitTypeBitValue = byType.getBitValue();
// }
// }
return OrganizationalUnitTypeBitValue;
}
}