wangli/tyr
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

review log

Browse Source
This commit is contained in:
金海洋 2023-10-27 09:38:07 +08:00
parent 65478bfd36
commit b8f4b5d260
1 changed files with 6 additions and 11 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

17
tyr-server/src/main/java/cn/axzo/tyr/server/service/impl/TyrSaasAuthServiceImpl.java
View File

@ -588,15 +588,14 @@ public class TyrSaasAuthServiceImpl implements TyrSaasAuthService {
//查询OU-工作台下的角色 //查询OU-工作台下的角色
List<SaasRole> roleList = roleService.listForOUWorkspace(ouId, workspaceId, req.getWorkspaceJoinType()); List<SaasRole> roleList = roleService.listForOUWorkspace(ouId, workspaceId, req.getWorkspaceJoinType());
log.info("====查询OU-工作台下的角色:{}===",roleList); List<Long> roleIds = roleList.stream().map(SaasRole::getId).distinct().collect(Collectors.toList());
log.info("====getUsersFromRole--roleList:{}===", JSON.toJSONString(roleIds));
//查询角色及权限 //查询角色及权限
List<SaasRoleVO> rolePermissions = roleService.getByIds(roleList.stream().map(SaasRole::getId).collect(Collectors.toList()), List<SaasRoleVO> rolePermissions = roleService.getByIds(roleIds,
null, Lists.newArrayList(workspaceId), Lists.newArrayList(ouId), true); null, Lists.newArrayList(workspaceId), Lists.newArrayList(ouId), true);
log.info("====查询角色及权限:{}===",rolePermissions);
//计算角色实际的权限 - 匹配请求的权限 --> 实际拥有权限的角色 //计算角色实际的权限 - 匹配请求的权限 --> 实际拥有权限的角色
Set<Long> featureIds = features.stream().map(SaasFeature::getId).collect(Collectors.toSet()); Set<Long> featureIds = features.stream().map(SaasFeature::getId).collect(Collectors.toSet());
List<SaasRoleVO> matchedRoleList = new ArrayList<>(); List<SaasRoleVO> matchedRoleList = new ArrayList<>();
for (SaasRoleVO rolePermission : rolePermissions) { for (SaasRoleVO rolePermission : rolePermissions) {
List<PermissionPointTreeNode> filterFeature = rolePermission.getMatchFeature(workspaceId, ouId); List<PermissionPointTreeNode> filterFeature = rolePermission.getMatchFeature(workspaceId, ouId);
@ -605,15 +604,11 @@ public class TyrSaasAuthServiceImpl implements TyrSaasAuthService {
matchedRoleList.add(rolePermission); matchedRoleList.add(rolePermission);
} else { } else {
log.info("=====not_match-role-id:{}", rolePermission.getId()); log.info("=====not_match-role-id:{}", rolePermission.getId());
log.warn("=========not match role: {}",JSON.toJSONString(rolePermission));
} }
} }
log.info("-======matchedRoleList: {}", matchedRoleList);
log.info("====计算角色实际的权限 - 匹配请求的权限 --> 实际拥有权限的角色:{}===",featureIds);
//查询角色下用户 //查询角色下用户
List<Long> matchedRoleIds = matchedRoleList.stream().map(SaasRoleVO::getId).collect(Collectors.toList()); List<Long> matchedRoleIds = matchedRoleList.stream().map(SaasRoleVO::getId).collect(Collectors.toList());
log.info("====查询角色下用户:{}===",matchedRoleIds); log.info("====matched-role-ids:{}===",matchedRoleIds);
//追加工作台超管 //追加工作台超管
Set<Long> superAdmins = roleList Set<Long> superAdmins = roleList
.stream() .stream()
@ -621,9 +616,9 @@ public class TyrSaasAuthServiceImpl implements TyrSaasAuthService {
.map(SaasRole::getId) .map(SaasRole::getId)
.collect(Collectors.toSet()); .collect(Collectors.toSet());
matchedRoleIds.addAll(superAdmins); matchedRoleIds.addAll(superAdmins);
log.info("====追加工作台超管:{}===",superAdmins); log.info("====superAdmins:{}===", JSON.toJSONString(superAdmins));
List<SaasRoleUserRelation> relationList = roleUserService.listByRoleIds(matchedRoleIds, workspaceId); List<SaasRoleUserRelation> relationList = roleUserService.listByRoleIds(matchedRoleIds, workspaceId);
log.info("====追加工作台超管:{}===",relationList); log.info("====matched-role-user-relation:{}===", JSON.toJSONString(relationList.stream().map(SaasRoleUserRelation::getId).collect(Collectors.toList())));
//构建用户-去重(identityId-identityType) //构建用户-去重(identityId-identityType)
List<ListIdentityFromPermissionResp.UserVO> users = new ArrayList<>(); List<ListIdentityFromPermissionResp.UserVO> users = new ArrayList<>();
Set<String> filterSet = new HashSet<>(); Set<String> filterSet = new HashSet<>();