Merge branch 'feature/REQ-2545' into 'master'
Feature/req 2545 See merge request universal/infrastructure/backend/tyr!86
This commit is contained in:
李龙
commit
abac704bc8
@ -64,13 +64,6 @@ public class IdentityAuthReq {
|
||||
/** 是否使用缓存 - 默认true **/
|
||||
@Builder.Default
|
||||
private boolean useCache = true;
|
||||
|
||||
/**
|
||||
* 权限点类型(0:saas_feature,1:saas_feature_resource)
|
||||
* 为了兼容第三方调用查询用户的权限点,会把新旧权限点都查询出来,灰度端历史版本由使用方传入版本
|
||||
*/
|
||||
private Integer type;
|
||||
|
||||
public IdentityAuthRes toEmpty() {
|
||||
IdentityAuthRes result = new IdentityAuthRes();
|
||||
result.setIdentity(this.getIdentityId());
|
||||
|
||||
@ -61,6 +61,11 @@ public class IdentityAuthRes {
|
||||
// private FeatureType featureType;
|
||||
|
||||
private String terminal;
|
||||
|
||||
/**
|
||||
* 应用范围(租户类型):1:企业工作台 2;项目工作台
|
||||
*/
|
||||
private Long workspaceType;
|
||||
}
|
||||
|
||||
|
||||
|
||||
@ -232,7 +232,6 @@ public class SaasPageElementServiceImpl implements SaasPageElementService {
|
||||
.workspaceOusPairs(Lists.newArrayList(IdentityAuthReq.WorkspaceOuPair.builder().ouId(request.getOuId()).workspaceId(request.getWorkspaceId()).build()))
|
||||
.terminal(Lists.newArrayList(request.getTerminal()))
|
||||
.featureCode(resultRelations.stream().map(SaasPageElementFeatureResourceRelation::getPageElementCode).collect(Collectors.toSet()))
|
||||
.type(SaasPgroupPermissionRelation.NEW_FEATURE)
|
||||
.build());
|
||||
if (Objects.isNull(res) || CollectionUtils.isEmpty(res.getPermissions())) {
|
||||
return null;
|
||||
|
||||
@ -12,6 +12,7 @@ import cn.axzo.tyr.client.common.enums.RoleTypeEnum;
|
||||
import cn.axzo.tyr.client.common.enums.WorkspaceJoinType;
|
||||
import cn.axzo.tyr.client.model.enums.DelegatedType;
|
||||
import cn.axzo.tyr.client.model.enums.IdentityType;
|
||||
import cn.axzo.tyr.client.model.enums.WorkspaceTypeCodeEnum;
|
||||
import cn.axzo.tyr.client.model.permission.PermissionPointListQueryRequest;
|
||||
import cn.axzo.tyr.client.model.permission.PermissionPointTreeNode;
|
||||
import cn.axzo.tyr.client.model.product.ProductFeatureRelationVO;
|
||||
@ -386,7 +387,6 @@ public class TyrSaasAuthServiceImpl implements TyrSaasAuthService {
|
||||
.supplyAsync(TraceSupplier.create(() -> {
|
||||
WorkspaceProductService.WorkspaceProductParam workspaceProductParam = WorkspaceProductService.WorkspaceProductParam.builder()
|
||||
.workspaceIds(realWorkspaceId)
|
||||
.type(identityAuthReq.getType())
|
||||
.build();
|
||||
return workspaceProductService.listWorkspaceProduct(workspaceProductParam);
|
||||
}), executor);
|
||||
@ -492,6 +492,7 @@ public class TyrSaasAuthServiceImpl implements TyrSaasAuthService {
|
||||
.featureCode(featureCode)
|
||||
.featureId(e.getId())
|
||||
.terminal(e.getTerminal())
|
||||
.workspaceType(e.getWorkspaceType())
|
||||
.build())
|
||||
.collect(Collectors.toList()))
|
||||
.flatMap(Collection::stream)
|
||||
@ -684,7 +685,6 @@ public class TyrSaasAuthServiceImpl implements TyrSaasAuthService {
|
||||
RoleService.ListSaasRoleParam listSaasRoleParam = RoleService.ListSaasRoleParam.builder()
|
||||
.roleIds(Lists.newArrayList(roleIds))
|
||||
.needPermissionRelation(true)
|
||||
.type(identityAuthReq.getType())
|
||||
.build();
|
||||
Map<Long, SaasRoleRes> saasRoleRes = roleService.list(listSaasRoleParam).stream()
|
||||
.collect(Collectors.toMap(SaasRoleRes::getId, Function.identity()));
|
||||
@ -935,12 +935,6 @@ public class TyrSaasAuthServiceImpl implements TyrSaasAuthService {
|
||||
|
||||
req.setFeatureCode(featureCodeUtil.resolveFeatureCode(req.getFeatureCode()));
|
||||
|
||||
// 因为目前只有/yoke/webApi/profile/user/v3/application接口会传入featureId,使用的是app端,所以这里只需要查询saas_feature的权限点
|
||||
// 以为下面要根据featureId进行匹配,为了解决saas_feature和saas_feature_resource有冲突的数据,必须给type
|
||||
if (!CollectionUtils.isEmpty(req.getFeatureId())) {
|
||||
req.setType(OLD_FEATURE);
|
||||
}
|
||||
|
||||
boolean notUseCache = !req.isUseCache()
|
||||
|| CollectionUtil.isNotEmpty(req.getSpecifyRoleIds())
|
||||
|| permissionCacheService.cacheDisable(
|
||||
@ -971,7 +965,21 @@ public class TyrSaasAuthServiceImpl implements TyrSaasAuthService {
|
||||
Set<String> terminals = req.getTerminal() == null ? null : new HashSet<>(req.getTerminal());
|
||||
permissions.forEach(permission -> {
|
||||
List<IdentityAuthRes.PermissionPoint> filterPermission = permission.getPermissionPoint().stream()
|
||||
.filter(p -> CollectionUtil.isEmpty(terminals) || terminals.contains(p.getTerminal()))
|
||||
.filter(p -> {
|
||||
if (CollectionUtil.isEmpty(terminals)) {
|
||||
return true;
|
||||
}
|
||||
|
||||
if (terminals.contains(p.getTerminal())) {
|
||||
return true;
|
||||
}
|
||||
|
||||
// 历史接口会只给NT_CMS_WEB_PROJ、NT_CMS_WEB_ENT_ZB查询,但是为了兼容新老版本的权限,需要补充新版本的项目的权限code
|
||||
if (terminals.contains("NT_CMS_WEB_PROJ") || terminals.contains("NT_CMS_WEB_ENT_ZB")) {
|
||||
return Objects.equals(p.getTerminal(), "NT_CMS_WEB_GENERAL");
|
||||
}
|
||||
return false;
|
||||
})
|
||||
.filter(p -> CollectionUtil.isEmpty(req.getFeatureId()) || req.getFeatureId().contains(p.getFeatureId()))
|
||||
.filter(p -> CollectionUtil.isEmpty(req.getFeatureCode()) || req.getFeatureCode().contains(p.getFeatureCode()))
|
||||
.collect(Collectors.toList());
|
||||
|
||||
Loading…
Reference in New Issue
Block a user