wangli/tyr
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Merge remote-tracking branch 'origin/feature/REQ-1502' into feature/REQ-1502

Browse Source 
# Conflicts:
#	tyr-server/src/main/java/cn/axzo/tyr/server/controller/roleuser/RoleUserController.java
This commit is contained in:
yangsong 2023-10-20 09:50:05 +08:00
commit c437ace6d7
23 changed files with 296 additions and 251 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
integration-test/src/test/resources/role-user.http
View File

@ -4,7 +4,7 @@ Accept: application/json
Content-Type: application/json
{
"identityIds": [809,631]
}
> reponse-check.js

3
tyr-api/src/main/java/cn/axzo/tyr/client/feign/TyrSaasRoleApi.java
View File

@ -8,6 +8,7 @@ import cn.axzo.tyr.client.model.req.QuerySaasRoleReq;
import cn.axzo.tyr.client.model.req.RoleWithUserQueryReq;
import cn.axzo.tyr.client.model.res.IsSuperAdminRes;
import cn.axzo.tyr.client.model.res.QueryBatchByIdentityIdTypeRes;
import cn.axzo.tyr.client.model.res.QueryRoleByNameResp;
import cn.axzo.tyr.client.model.res.RoleWithUserRes;
import cn.axzo.tyr.client.model.vo.SaasRoleVO;
import cn.axzo.tyr.client.model.vo.SaveOrUpdateRoleVO;
@ -82,7 +83,7 @@ public interface TyrSaasRoleApi {
* @return
*/
@PostMapping("/api/saasRole/findRoleByName")
ApiResult<List<SaasRoleVO>> findRoleByName(@RequestBody @Valid QueryRoleByNameReq req);
ApiResult<List<QueryRoleByNameResp>> findRoleByName(@RequestBody @Valid QueryRoleByNameReq req);
/** 分页查询角色含用户 **/

4
tyr-api/src/main/java/cn/axzo/tyr/client/feign/TyrSaasRoleUserApi.java
View File

@ -11,7 +11,7 @@ import org.springframework.web.bind.annotation.RequestBody;
import cn.axzo.framework.domain.web.result.ApiResult;
import cn.axzo.tyr.client.model.roleuser.dto.CreateAdminRoleDTO;
import cn.axzo.tyr.client.model.roleuser.dto.SaasRoleUserRelationDTO;
import cn.axzo.tyr.client.model.roleuser.dto.SaasRoleUserDTO;
import cn.axzo.tyr.client.model.roleuser.dto.SuperAdminInfoDTO;
import cn.axzo.tyr.client.model.roleuser.req.*;
@ -33,7 +33,7 @@ public interface TyrSaasRoleUserApi {
* @return
*/
@PostMapping("/api/saas-role-user/list")
ApiResult<List<SaasRoleUserRelationDTO>> roleUserList(@RequestBody @Valid RoleUserParam param);
ApiResult<List<SaasRoleUserDTO>> roleUserList(@RequestBody @Valid RoleUserParam param);
/**
* 移除某个人在某个工作台的所有角色(除超管)

14
tyr-api/src/main/java/cn/axzo/tyr/client/model/req/FeaturePermissionReq.java
View File

@ -1,5 +1,6 @@
package cn.axzo.tyr.client.model.req;
import cn.axzo.tyr.client.common.enums.WorkspaceJoinType;
import lombok.AccessLevel;
import lombok.Getter;
import lombok.Setter;
@ -25,6 +26,19 @@ public class FeaturePermissionReq {
@NotNull
@Min(value = 1)
Long workspaceId;
/**
* 工作台类型
*/
@NotNull
private Integer workspaceType;
/**
* 使用{@link WorkspaceJoinType}
*/
@NotNull
private Integer workspaceJoinType;
/**
* 单位id
*/

10
tyr-api/src/main/java/cn/axzo/tyr/client/model/req/FeatureTreeReq.java
View File

@ -21,6 +21,16 @@ public class FeatureTreeReq {
*/
private Long workspaceId;
/**
* 工作台类型
*/
private Integer workspaceType;
/**
* 单位类型
*/
private Integer ouTypeCode;
/**
* 单位Id
*/

5
tyr-api/src/main/java/cn/axzo/tyr/client/model/req/QueryRoleByNameReq.java
View File

@ -18,4 +18,9 @@ public class QueryRoleByNameReq extends BaseWorkspaceAndOuModel {
@NotEmpty(message = "角色名字不能为空")
private List<String> roleNames;
/**
* 单位类型字典code
*/
private List<String> ouTypeCode;
}

5
tyr-api/src/main/java/cn/axzo/tyr/client/model/req/RoleWithUserQueryReq.java
View File

@ -3,6 +3,8 @@ package cn.axzo.tyr.client.model.req;
import cn.axzo.basics.common.page.PageRequest;
import lombok.Data;
import java.util.List;
/**
* 角色-含用户查询参数
*
@ -21,4 +23,7 @@ public class RoleWithUserQueryReq extends PageRequest {
/** 工作台ID **/
private Long workspaceId;
/** 企业工作台参建类型 **/
private Integer workspaceJoinType;
}

26
tyr-api/src/main/java/cn/axzo/tyr/client/model/res/QueryRoleByNameResp.java Normal file
View File

@ -0,0 +1,26 @@
package cn.axzo.tyr.client.model.res;
import lombok.Data;
/**
* @author honghao.zhang
* @since 2023/10/19 11:38
*/
@Data
public class QueryRoleByNameResp {
/**
* 角色名字
*/
private String roleName;
/**
* 角色Id
*/
private Long roleId;
/**
* 角色类型common 普通角色 super_admin超级管理员(禁止删除) admin子管理员(禁止删除) init初始化内置角色
*/
private String roleType;
}

18
tyr-api/src/main/java/cn/axzo/tyr/client/model/roleuser/dto/SaasRoleUserRelationDTO.java → tyr-api/src/main/java/cn/axzo/tyr/client/model/roleuser/dto/SaasRoleUserDTO.java
View File

@ -1,5 +1,6 @@
package cn.axzo.tyr.client.model.roleuser.dto;
import cn.axzo.tyr.client.common.enums.RoleTypeEnum;
import lombok.AllArgsConstructor;
import lombok.Builder;
import lombok.Data;
@ -13,7 +14,7 @@ import lombok.NoArgsConstructor;
@Builder
@AllArgsConstructor
@NoArgsConstructor
public class SaasRoleUserRelationDTO {
public class SaasRoleUserDTO {
/**
* 主键ID
*/
@ -39,6 +40,21 @@ public class SaasRoleUserRelationDTO {
*/
private Long naturalPersonId;
/**
* 角色名称
*/
private String roleName;
/**
* 角色类型common 普通角色 super_admin超级管理员(禁止删除) admin子管理员(禁止删除) init初始化内置角色
*/
private RoleTypeEnum roleType;
/**
* 角色描述
*/
private String description;
/**
* 创建者
*/

8
tyr-api/src/main/java/cn/axzo/tyr/client/model/roleuser/req/RoleUserParam.java
View File

@ -6,8 +6,6 @@ import lombok.Builder;
import lombok.Data;
import lombok.NoArgsConstructor;
import javax.validation.constraints.NotEmpty;
import javax.validation.constraints.NotNull;
import java.util.Set;
/**
@ -29,7 +27,6 @@ public class RoleUserParam {
*/
private Long ouId;
/**
* personId
*/
@ -50,4 +47,9 @@ public class RoleUserParam {
* role ids
*/
private Set<Long> roleIds;
/**
* identityIds
*/
private Set<Long> identityIds;
}

3
tyr-server/src/main/java/cn/axzo/tyr/server/TyrApplication.java
View File

@ -1,5 +1,6 @@
package cn.axzo.tyr.server;
import cn.axzo.tyr.server.job.CMSRoleJobHandler;
import cn.hutool.extra.spring.SpringUtil;
import lombok.extern.slf4j.Slf4j;
import org.mybatis.spring.annotation.MapperScan;
@ -48,7 +49,7 @@ public class TyrApplication {
}
// public static void test() throws Exception {
// OMSRoleJobHandler executor = SpringUtil.getBean(OMSRoleJobHandler.class);
// CMSRoleJobHandler executor = SpringUtil.getBean(CMSRoleJobHandler.class);
// executor.execute(null);
// }
}

3
tyr-server/src/main/java/cn/axzo/tyr/server/controller/role/SaasRoleController.java
View File

@ -10,6 +10,7 @@ import cn.axzo.tyr.client.model.req.QuerySaasRoleReq;
import cn.axzo.tyr.client.model.req.RoleWithUserQueryReq;
import cn.axzo.tyr.client.model.res.IsSuperAdminRes;
import cn.axzo.tyr.client.model.res.QueryBatchByIdentityIdTypeRes;
import cn.axzo.tyr.client.model.res.QueryRoleByNameResp;
import cn.axzo.tyr.client.model.res.RoleWithUserRes;
import cn.axzo.tyr.client.model.vo.SaasRoleVO;
import cn.axzo.tyr.client.model.vo.SaveOrUpdateRoleVO;
@ -79,7 +80,7 @@ public class SaasRoleController implements TyrSaasRoleApi {
}
@Override
public ApiResult<List<SaasRoleVO>> findRoleByName(QueryRoleByNameReq req) {
public ApiResult<List<QueryRoleByNameResp>> findRoleByName(QueryRoleByNameReq req) {
return ApiResult.ok(roleService.findRoleByName(req));
}

2
tyr-server/src/main/java/cn/axzo/tyr/server/controller/roleuser/RoleUserController.java
View File

@ -35,7 +35,7 @@ public class RoleUserController implements TyrSaasRoleUserApi {
}
@Override
public ApiResult<List<SaasRoleUserRelationDTO>> roleUserList(@RequestBody @Valid RoleUserParam param) {
public ApiResult<List<SaasRoleUserDTO>> roleUserList(@RequestBody @Valid RoleUserParam param) {
return ApiResult.ok(saasRoleUserRelationService.list(param));
}

72
tyr-server/src/main/java/cn/axzo/tyr/server/job/CMSRoleJobHandler.java
View File

@ -30,7 +30,7 @@ import java.util.stream.Collectors;
* 生产 项目 5 企业 23
* pre 5 35
* test 5 239
* dev 5 40
* dev 5 43
* @author cn
* @version 1.0
* @description
@ -72,6 +72,10 @@ public class CMSRoleJobHandler extends IJobHandler {
@Autowired
SaasPreGroupRoleRelationDao saasPreGroupRoleRelationDao;
private Set<Long> deleteSaasPermissionGroupId;
private Set<Long> deletePgroupPermissionRelationId;
private Set<Long> deleteRoleId;
/**
* 清洗CMS角色相关数据(先通过SQL检查和清除脏数据要不然无法保证各个实体的关联关系)
*
@ -83,9 +87,14 @@ public class CMSRoleJobHandler extends IJobHandler {
@Override
@XxlJob("CMSRoleJobHandler")
public ReturnT<String> execute(String s) throws Exception {
// 每次执行都初始化待删除列表
deleteSaasPermissionGroupId = new HashSet<>();
deletePgroupPermissionRelationId = new HashSet<>();
deleteRoleId = new HashSet<>();
log.info("CMSRoleJobHandler start");
buildProjectRole(saasPreTempalteIdOfProject, "2");
buildOuRole(saasPreTempalteIdOfOu, "1");
delete(deleteSaasPermissionGroupId,deletePgroupPermissionRelationId,deleteRoleId);
log.info("CMSRoleJobHandler end");
return ReturnT.SUCCESS;
}
@ -114,7 +123,7 @@ public class CMSRoleJobHandler extends IJobHandler {
// 根据模板id查询角色列表
List<SaasPreRole> role = saasPreRoleDao.lambdaQuery()
.in(SaasPreRole::getTemplateId, templateId)
.eq(SaasPreRole::getFitOuTypeBit, Arrays.asList(64))
.eq(SaasPreRole::getFitOuTypeBit, 64)
.eq(BaseEntity::getIsDelete,0)
.list();
saveRole(role,workspaceTypCode,"7","企业通用");
@ -141,23 +150,32 @@ public class CMSRoleJobHandler extends IJobHandler {
// 根据角色id查询角色权限集关联关系
List<SaasPreGroupRoleRelation> pgroupRoleRelation = saasPreGroupRoleRelationDao.lambdaQuery()
.eq(SaasPreGroupRoleRelation::getPreRoleId, preRole.getId())
.eq(BaseEntity::getIsDelete, 0)
.list();
if (CollectionUtils.isEmpty(pgroupRoleRelation)) {
log.info("未查询到preRole 对应的权限集关联关系 preRole:{}",JSONUtil.toJsonStr(preRole));
return;
}
List<SaasPermissionGroup> oldPermissionGroup = saasPermissionGroupDao.lambdaQuery()
.in(BaseEntity::getId, pgroupRoleRelation.stream().map(SaasPreGroupRoleRelation::getGroupId).collect(Collectors.toList()))
.eq(BaseEntity::getIsDelete, 0)
.list();
if (CollectionUtils.isEmpty(oldPermissionGroup)) {
log.info("未查询到preRole 对应的权限集 preRole:{}",JSONUtil.toJsonStr(preRole));
return;
}
List<SaasPgroupPermissionRelation> oldPgroupPermissionRelation = pgroupPermissionRelationDao.lambdaQuery()
.in(SaasPgroupPermissionRelation::getGroupId, oldPermissionGroup.stream().map(BaseEntity::getId).collect(Collectors.toList()))
.eq(BaseEntity::getIsDelete, 0)
.list();
if (CollectionUtils.isEmpty(oldPgroupPermissionRelation)) {
log.info("未查询到权限集对应的权限点 oldPermissionGroup:{}",JSONUtil.toJsonStr(oldPermissionGroup));
return;
}
List<SaasFeature> feature = featureDao.lambdaQuery()
.in(BaseEntity::getId, oldPgroupPermissionRelation.stream().map(SaasPgroupPermissionRelation::getFeatureId).collect(Collectors.toList()))
.eq(BaseEntity::getIsDelete, 0)
.list();
if (CollectionUtils.isEmpty(feature)) {
log.info("未查询到权限点 oldPgroupPermissionRelation:{}",JSONUtil.toJsonStr(oldPgroupPermissionRelation));
return;
}
// 创建新的权限集
SaasPermissionGroup saasPermissionGroup = new SaasPermissionGroup();
@ -169,14 +187,15 @@ public class CMSRoleJobHandler extends IJobHandler {
saasPermissionGroup.setIsCommon(1);
saasPermissionGroupDao.save(saasPermissionGroup);
// 创建新的权限集权限关联关系
feature.forEach(e -> {
List<SaasPgroupPermissionRelation> saasPgroupPermissionRelationList = feature.stream().map(e -> {
SaasPgroupPermissionRelation saasPgroupPermissionRelation = new SaasPgroupPermissionRelation();
saasPgroupPermissionRelation.setGroupId(saasPermissionGroup.getId());
saasPgroupPermissionRelation.setFeatureId(e.getId());
saasPgroupPermissionRelation.setCreateBy(-1L);
saasPgroupPermissionRelation.setUpdateBy(-1L);
pgroupPermissionRelationDao.save(saasPgroupPermissionRelation);
});
return saasPgroupPermissionRelation;
}).collect(Collectors.toList());
pgroupPermissionRelationDao.saveBatch(saasPgroupPermissionRelationList);
// 创建角色:根据预设角色创建新的角色
SaasRole newRole = new SaasRole();
@ -208,7 +227,7 @@ public class CMSRoleJobHandler extends IJobHandler {
// SELECT * FROM `saas_pgroup_role_relation` WHERE `role_id` in (
// SELECT id FROM saas_role WHERE is_delete=0 and workspace_id != -1 and from_pre_role_id = 0 and role_type!='super_admin' and `NAME` not like '%代班长%' and `NAME` not like '%带班长%')
List<SaasRole> list = roleDao.lambdaQuery()
.eq(SaasRole::getFromPreRoleId, preRole)
.eq(SaasRole::getFromPreRoleId, preRole.getId())
.list();
if (CollectionUtils.isEmpty(list)) {
log.info("未找到preRole下发的role preRole:{}", JSONUtil.toJsonStr(preRole));
@ -221,31 +240,40 @@ public class CMSRoleJobHandler extends IJobHandler {
.set(SaasRoleUserRelation::getRoleId,newRole.getId())
.update();
// 补充待删除数据
deleteRoleId.addAll(list.stream().map(BaseEntity::getId).collect(Collectors.toSet()));
deleteSaasPermissionGroupId.addAll(oldPermissionGroup.stream().map(BaseEntity::getId).collect(Collectors.toSet()));
deletePgroupPermissionRelationId.addAll(oldPgroupPermissionRelation.stream().map(BaseEntity::getId).collect(Collectors.toSet()));
});
}
/**
* 删除历史数据
* @param deleteSaasPermissionGroupId
* @param deletePgroupPermissionRelationId
* @param deleteRoleId
*/
private void delete(Set<Long> deleteSaasPermissionGroupId, Set<Long> deletePgroupPermissionRelationId, Set<Long> deleteRoleId) {
// 清除老的权限集
oldPermissionGroup.forEach(e ->{
saasPermissionGroupDao.lambdaUpdate()
.eq(BaseEntity::getId, e.getId())
.set(BaseEntity::getIsDelete, e.getId())
.in(BaseEntity::getId,deleteSaasPermissionGroupId)
.set(BaseEntity::getIsDelete,1)
.update();
});
// 清除老的权限集权限关联关系
oldPgroupPermissionRelation.forEach(e ->{
pgroupPermissionRelationDao.lambdaUpdate()
.eq(BaseEntity::getId, e.getId())
.set(BaseEntity::getIsDelete, e.getId())
.in(BaseEntity::getId,deletePgroupPermissionRelationId)
.set(BaseEntity::getIsDelete,1)
.update();
});
// 清除老的角色
roleDao.lambdaUpdate()
.in(BaseEntity::getId,oldRoleId)
.in(BaseEntity::getId,deleteRoleId)
.set(BaseEntity::getIsDelete,1)
.update();
// 清除老的角色和权限集关联关系
roleGroupRelationDao.lambdaUpdate()
.in(SaasRoleGroupRelation::getRoleId,oldRoleId)
pgroupRoleRelationDao.lambdaUpdate()
.in(SaasPgroupRoleRelation::getRoleId,deleteRoleId)
.set(BaseEntity::getIsDelete,1)
.update();
});
}
private Integer tranceOuTypeBit(Long ouTypeBit) {

14
tyr-server/src/main/java/cn/axzo/tyr/server/repository/dao/SaasRoleDao.java
View File

@ -4,10 +4,13 @@ import cn.axzo.basics.common.constant.enums.TableIsDeleteEnum;
import cn.axzo.pokonyan.config.mybatisplus.BaseEntity;
import cn.axzo.tyr.client.common.enums.RoleTypeEnum;
import cn.axzo.tyr.client.model.enums.IdentityType;
import cn.axzo.tyr.client.model.req.RoleWithUserQueryReq;
import cn.axzo.tyr.server.repository.entity.SaasRole;
import cn.axzo.tyr.server.repository.entity.SaasRoleWithUser;
import cn.axzo.tyr.server.repository.mapper.SaasRoleMapper;
import cn.hutool.core.collection.CollUtil;
import com.baomidou.mybatisplus.core.metadata.IPage;
import com.baomidou.mybatisplus.extension.plugins.pagination.Page;
import com.baomidou.mybatisplus.extension.service.impl.ServiceImpl;
import org.apache.commons.collections.CollectionUtils;
import org.springframework.stereotype.Repository;
@ -81,14 +84,19 @@ public class SaasRoleDao extends ServiceImpl<SaasRoleMapper, SaasRole> {
.list();
}
public List<SaasRole> findRoleByName(Long ouId, Long workspaceId,
public List<SaasRole> findRoleByName(Long ouId, Long workspaceId,List<Long> roleIds,
List<String> roleNames) {
return this.lambdaQuery()
return this.lambdaQuery().select(SaasRole::getId, SaasRole::getName, SaasRole::getRoleType)
.eq(workspaceId != null && workspaceId != 0, SaasRole::getWorkspaceId, workspaceId)
.eq(ouId != null && ouId != 0, SaasRole::getOwnerOuId, ouId)
.in(CollectionUtils.isNotEmpty(roleIds), SaasRole::getId, roleIds)
.in(CollectionUtils.isNotEmpty(roleNames), SaasRole::getName, roleNames)
.eq(SaasRole::getIsDelete, TableIsDeleteEnum.NORMAL.value).list();
.list();
}
public Page<SaasRole> pageQueryForOUWorkspace(RoleWithUserQueryReq req) {
IPage<SaasRole> page = new Page<>(req.getPage(), req.getPageSize());
return this.baseMapper.pageQueryForOUWorkspace(page, req.getOuId(), req.getWorkspaceId(), req.getWorkspaceJoinType());
}
}

4
tyr-server/src/main/java/cn/axzo/tyr/server/repository/mapper/SaasRoleMapper.java
View File

@ -4,6 +4,8 @@ import cn.axzo.tyr.client.model.enums.IdentityType;
import cn.axzo.tyr.server.repository.entity.SaasRole;
import cn.axzo.tyr.server.repository.entity.SaasRoleWithUser;
import com.baomidou.mybatisplus.core.mapper.BaseMapper;
import com.baomidou.mybatisplus.core.metadata.IPage;
import com.baomidou.mybatisplus.extension.plugins.pagination.Page;
import org.apache.ibatis.annotations.Mapper;
import java.util.List;
@ -17,5 +19,7 @@ public interface SaasRoleMapper extends BaseMapper<SaasRole> {
List<SaasRoleWithUser> listSuperAdminByWorkspace(List<Long> workspaceIds);
List<SaasRoleWithUser> listRoleUserByPermissionGroup(List<Long> permissionGroupIds, Set<Long> workspaceIds);
Page<SaasRole> pageQueryForOUWorkspace(IPage<SaasRole> page, Long ouId, Long workspaceId, Integer workspaceJoinType);
}

9
tyr-server/src/main/java/cn/axzo/tyr/server/service/RoleService.java
View File

@ -2,12 +2,10 @@ package cn.axzo.tyr.server.service;
import cn.axzo.framework.domain.page.PageResp;
import cn.axzo.tyr.client.model.enums.IdentityType;
import cn.axzo.tyr.client.model.req.QueryByIdentityIdTypeReq;
import cn.axzo.tyr.client.model.req.QueryRoleByNameReq;
import cn.axzo.tyr.client.model.req.QuerySaasRoleReq;
import cn.axzo.tyr.client.model.req.RoleWithUserQueryReq;
import cn.axzo.tyr.client.model.req.*;
import cn.axzo.tyr.client.model.res.IsSuperAdminRes;
import cn.axzo.tyr.client.model.res.QueryBatchByIdentityIdTypeRes;
import cn.axzo.tyr.client.model.res.QueryRoleByNameResp;
import cn.axzo.tyr.client.model.res.RoleWithUserRes;
import cn.axzo.tyr.client.model.vo.SaasRoleVO;
import cn.axzo.tyr.client.model.vo.SaveOrUpdateRoleVO;
@ -59,7 +57,7 @@ public interface RoleService {
* @param req
* @return
*/
List<SaasRoleVO> findRoleByName(QueryRoleByNameReq req);
List<QueryRoleByNameResp> findRoleByName(QueryRoleByNameReq req);
/** 分页查询角色含用户 **/
PageResp<RoleWithUserRes> queryRoleWithUser(RoleWithUserQueryReq req);
@ -71,4 +69,5 @@ public interface RoleService {
* @return
*/
List<SaasRoleVO> queryRoleByRoleTypes(QueryByIdentityIdTypeReq req, List<String> roleTypes);
}

8
tyr-server/src/main/java/cn/axzo/tyr/server/service/SaasRoleUserRelationService.java
View File

@ -1,12 +1,8 @@
package cn.axzo.tyr.server.service;
import cn.axzo.tyr.client.model.enums.IdentityType;
import cn.axzo.tyr.client.model.roleuser.dto.SaasRoleUserRelationDTO;
import cn.axzo.tyr.client.model.roleuser.req.DeleteRoleUserParam;
import cn.axzo.tyr.client.model.roleuser.dto.SaasRoleUserDTO;
import cn.axzo.tyr.client.model.roleuser.req.RoleUserParam;
import org.springframework.web.bind.annotation.RequestBody;
import javax.validation.Valid;
import java.util.List;
/**
@ -14,5 +10,5 @@ import java.util.List;
* @date 2023/9/14
*/
public interface SaasRoleUserRelationService {
List<SaasRoleUserRelationDTO> list(RoleUserParam param);
List<SaasRoleUserDTO> list(RoleUserParam param);
}

58
tyr-server/src/main/java/cn/axzo/tyr/server/service/impl/RoleServiceImpl.java
View File

@ -9,13 +9,9 @@ import cn.axzo.tyr.client.model.enums.IdentityType;
import cn.axzo.tyr.client.model.enums.PermissionGroupType;
import cn.axzo.tyr.client.model.permission.PermissionPointTreeNode;
import cn.axzo.tyr.client.model.req.*;
import cn.axzo.tyr.client.model.req.QueryByIdentityIdTypeReq;
import cn.axzo.tyr.client.model.req.QuerySaasPermissionGroupReq;
import cn.axzo.tyr.client.model.req.QuerySaasRoleGroupReq;
import cn.axzo.tyr.client.model.req.QuerySaasRoleReq;
import cn.axzo.tyr.client.model.req.RoleWithUserQueryReq;
import cn.axzo.tyr.client.model.res.IsSuperAdminRes;
import cn.axzo.tyr.client.model.res.QueryBatchByIdentityIdTypeRes;
import cn.axzo.tyr.client.model.res.QueryRoleByNameResp;
import cn.axzo.tyr.client.model.res.RoleWithUserRes;
import cn.axzo.tyr.client.model.vo.SaasPermissionGroupVO;
import cn.axzo.tyr.client.model.vo.SaasRoleGroupVO;
@ -86,7 +82,7 @@ public class RoleServiceImpl implements RoleService {
if (CollectionUtils.isEmpty(roleIds)) {
return new ArrayList<>();
}
return getByIds(roleIds, null, null,null, null);
return getByIds(roleIds, null, null,null, false);
}
/**
@ -96,7 +92,7 @@ public class RoleServiceImpl implements RoleService {
*/
public List<SaasRoleVO> getByIds(List<Long> roleIds, Integer isCommon, List<Long> workspaceId, List<Long> ouId, Boolean includePermissionGroup) {
if (includePermissionGroup == null) {
includePermissionGroup = true;
includePermissionGroup = false;
}
if (CollectionUtils.isEmpty(roleIds)) {
return new ArrayList<>();
@ -198,6 +194,7 @@ public class RoleServiceImpl implements RoleService {
@Override
public List<QueryBatchByIdentityIdTypeRes> queryBatchByIdentityIdType(List<QueryByIdentityIdTypeReq> req) {
List<QueryBatchByIdentityIdTypeRes> result = new ArrayList<>();
req.forEach(e -> {
result.add(QueryBatchByIdentityIdTypeRes.builder()
.identityId(e.getIdentityId())
@ -447,13 +444,9 @@ public class RoleServiceImpl implements RoleService {
@Override
public PageResp<RoleWithUserRes> queryRoleWithUser(RoleWithUserQueryReq req) {
//按role进行分页查询
Page<SaasRole> rolePage = saasRoleDao
.page(new Page<>(req.getPage(), req.getPageSize()),
new LambdaQueryWrapper<SaasRole>()
.eq(SaasRole::getOwnerOuId, req.getOuId())
.eq(SaasRole::getWorkspaceId, req.getWorkspaceId())
.ne(SaasRole::getRoleType, RoleTypeEnum.SUPER_ADMIN.getValue()));
page2Default(req);
//按role进行分页查询 -
Page<SaasRole> rolePage = saasRoleDao.pageQueryForOUWorkspace(req);
if (CollectionUtil.isEmpty(rolePage.getRecords())) {
return PageResp.list(req.getPage(), req.getPageSize(), 0L, Collections.emptyList());
}
@ -488,6 +481,15 @@ public class RoleServiceImpl implements RoleService {
return PageResp.list(req.getPage(), req.getPageSize(), rolePage.getTotal(), resultData);
}
private void page2Default(RoleWithUserQueryReq req) {
if (req.getPage() == null) {
req.setPage(1L);
}
if (req.getPageSize() == null) {
req.setPageSize(10L);
}
}
@Override
public List<SaasRoleVO> queryRoleByRoleTypes(QueryByIdentityIdTypeReq req, List<String> roleTypes) {
List<Long> roleIds = roleUserRelationDao.query(req.getIdentityId(), req.getIdentityType(),
@ -503,8 +505,30 @@ public class RoleServiceImpl implements RoleService {
}
@Override
public List<SaasRoleVO> findRoleByName(QueryRoleByNameReq req) {
List<SaasRole> roleList = saasRoleDao.findRoleByName(req.getOuId(), req.getWorkspaceId(), req.getRoleNames());
return BeanUtil.copyToList(roleList, SaasRoleVO.class);
public List<QueryRoleByNameResp> findRoleByName(QueryRoleByNameReq req) {
List<Long> relationRoleIds = Lists.newArrayList();
if (CollectionUtils.isNotEmpty(req.getOuTypeCode())) {
List<SaasRoleGroup> roleGroup = saasRoleGroupDao.query(QuerySaasRoleGroupReq.builder()
.ouTypeCode(req.getOuTypeCode())
.build());
if (CollectionUtils.isEmpty(roleGroup)) {
return new ArrayList<>();
}
List<SaasRoleGroupRelation> groupRelation = roleGroupRelationDao.lambdaQuery()
.in(SaasRoleGroupRelation::getSaasRoleGroupId, roleGroup.stream().map(BaseEntity::getId).collect(Collectors.toList()))
.list();
if (CollectionUtils.isEmpty(groupRelation)) {
return new ArrayList<>();
}
relationRoleIds = groupRelation.stream().map(SaasRoleGroupRelation::getRoleId).collect(Collectors.toList());
}
List<SaasRole> roleList = saasRoleDao.findRoleByName(req.getOuId(), req.getWorkspaceId(), relationRoleIds, req.getRoleNames());
return roleList.stream().map(item -> {
QueryRoleByNameResp resp = new QueryRoleByNameResp();
resp.setRoleName(item.getName());
resp.setRoleId(item.getId());
resp.setRoleType(item.getRoleType());
return resp;
}).collect(Collectors.toList());
}
}

200
tyr-server/src/main/java/cn/axzo/tyr/server/service/impl/SaasFeatureServiceImpl.java
View File

@ -1,36 +1,22 @@
package cn.axzo.tyr.server.service.impl;
import cn.axzo.framework.domain.ServiceException;
import cn.axzo.thrones.client.saas.ServicePkgClient;
import cn.axzo.thrones.client.saas.entity.serivicepgkproduct.ServicePkgProduct;
import cn.axzo.tyr.client.common.enums.RoleTypeEnum;
import cn.axzo.tyr.client.model.enums.IdentityType;
import cn.axzo.tyr.client.model.req.FeaturePermissionReq;
import cn.axzo.tyr.client.model.req.FeatureTreeReq;
import cn.axzo.tyr.client.model.req.QueryByIdentityIdTypeReq;
import cn.axzo.tyr.client.model.req.IdentityAuthReq;
import cn.axzo.tyr.client.model.res.FeaturePermissionRes;
import cn.axzo.tyr.client.model.res.FeatureTreeResp;
import cn.axzo.tyr.client.model.vo.SaasRoleVO;
import cn.axzo.tyr.server.repository.dao.SaasFeatureDao;
import cn.axzo.tyr.server.repository.entity.SaasFeature;
import cn.axzo.tyr.server.service.RoleService;
import cn.axzo.tyr.client.model.res.IdentityAuthRes;
import cn.axzo.tyr.server.service.SaasFeatureService;
import cn.axzo.tyr.server.util.IdPathUtil;
import cn.azxo.framework.common.logger.MethodAroundLog;
import cn.azxo.framework.common.model.CommonResponse;
import cn.hutool.core.bean.BeanUtil;
import cn.hutool.core.collection.CollectionUtil;
import cn.axzo.tyr.server.service.TyrSaasAuthService;
import cn.hutool.core.collection.CollUtil;
import com.google.common.collect.Lists;
import lombok.RequiredArgsConstructor;
import lombok.extern.slf4j.Slf4j;
import org.springframework.stereotype.Service;
import org.springframework.util.CollectionUtils;
import org.springframework.util.StringUtils;
import java.util.*;
import java.util.function.Function;
import java.util.List;
import java.util.stream.Collectors;
import static cn.axzo.tyr.server.util.RpcInternalUtil.checkAndGetData;
/**
* @author honghao.zhang
* @since 2023/10/18 18:26
@ -40,163 +26,33 @@ import static cn.axzo.tyr.server.util.RpcInternalUtil.checkAndGetData;
@RequiredArgsConstructor
public class SaasFeatureServiceImpl implements SaasFeatureService {
private final RoleService roleService;
private final ServicePkgClient servicePkgClient;
private final SaasFeatureDao saasFeatureDao;
private final TyrSaasAuthService tyrSaasAuthService;
@Override
public FeaturePermissionRes listPermissionCodes(FeaturePermissionReq req) {
FeaturePermissionRes featurePermissionRes = new FeaturePermissionRes();
QueryByIdentityIdTypeReq idTypeReq = QueryByIdentityIdTypeReq.builder()
.identityId(req.getIdentityId()).identityType(req.getIdentityType())
.ouId(req.getOuId()).workspaceId(req.getWorkspaceId())
.build();
List<SaasRoleVO> saasRoleVOS = roleService.queryRoleByRoleTypes(idTypeReq, Lists.newArrayList(RoleTypeEnum.SUPER_ADMIN.getValue(),
RoleTypeEnum.ADMIN.getValue()));
featurePermissionRes.setSuperAdmin(saasRoleVOS.stream().anyMatch(e -> RoleTypeEnum.SUPER_ADMIN.getValue().equals(e.getRoleType())));
FeatureTreeReq featureTreeReq = new FeatureTreeReq();
featureTreeReq.setIdentityId(req.getIdentityId());
featureTreeReq.setIdentityType(req.getIdentityType());
featureTreeReq.setWorkspaceId(req.getWorkspaceId());
featureTreeReq.setOuId(req.getOuId());
featureTreeReq.setTerminal(req.getTerminal());
IdentityAuthReq authReq = new IdentityAuthReq();
if (StringUtils.hasText(req.getTerminal())) {
authReq.setTerminal(Lists.newArrayList());
}
authReq.setIdentityId(req.getIdentityId());
authReq.setIdentityType(IdentityType.getIdentityType(req.getIdentityType()));
IdentityAuthReq.WorkspaceOuPair workspaceOuPair = new IdentityAuthReq.WorkspaceOuPair();
workspaceOuPair.setWorkspaceId(req.getWorkspaceId());
workspaceOuPair.setOuId(req.getOuId());
workspaceOuPair.setWorkspaceType(req.getWorkspaceType());
workspaceOuPair.setWorkspaceJoinType(req.getWorkspaceJoinType());
authReq.setWorkspaceOusPairs(Lists.newArrayList(workspaceOuPair));
List<FeatureTreeResp> saasFeatureTreeResp = filterFeatureTree(featureTreeReq, !saasRoleVOS.isEmpty());
Map<Integer, List<FeatureTreeResp>> treeMap = groupByMenuType(
saasFeatureTreeResp, 20);
featurePermissionRes.setPermissionCodes(treeMap.getOrDefault(3, Collections.emptyList()).stream().map(FeatureTreeResp::getCode)
.collect(Collectors.toSet()));
IdentityAuthRes identityAuthRes = tyrSaasAuthService.findIdentityAuth(authReq);
List<IdentityAuthRes.WorkspacePermission> workspacePermissionList = identityAuthRes.getPermissions();
if (CollUtil.isNotEmpty(workspacePermissionList)) {
IdentityAuthRes.WorkspacePermission workspacePermission = workspacePermissionList.get(0);
featurePermissionRes.setSuperAdmin(workspacePermission.isSuperAdmin());
featurePermissionRes.setPermissionCodes(workspacePermission.getPermissionPoint()
.stream().map(IdentityAuthRes.PermissionPoint::getFeatureCode).collect(Collectors.toSet()));
}
return featurePermissionRes;
}
@MethodAroundLog(value = "获取权限集树")
private List<FeatureTreeResp> filterFeatureTree(FeatureTreeReq req, boolean isAdmin) {
// 1. 根据这个用户的角色找到对应的codeAdmin/Common各自的拿法
List<String> minFeatureCode = listFeatureCode(req, isAdmin);
log.info("产品对应的最小权限集:{}", minFeatureCode);
// 因为只能查出来最小功能FeatureCode,所以在递归查询出其上级.
List<SaasFeature> allFeature = saasFeatureDao.listFeatureByTerminal(req.getTerminal());
List<SaasFeature> featureTree = constructFeatureByMinFeatureCode(minFeatureCode, allFeature
);
// 2. 组织成一棵树
return formatToTreeAndSort(featureTree, req.getLimitFeatureTypeLevel());
}
private List<FeatureTreeResp> formatToTreeAndSort(List<SaasFeature> featureTree, Integer level) {
List<FeatureTreeResp> roots = new ArrayList<>();
Map<Long, FeatureTreeResp> map = new LinkedHashMap<>();
for (SaasFeature feature : featureTree) {
if (feature.getFeatureType() > level)
continue;
FeatureTreeResp resp = featureBOToResp(feature);
map.put(feature.getId(), resp);
if (feature.getFeatureType() == 0 || feature.getParentId() == 0) {
roots.add(resp);
}
}
for (FeatureTreeResp feature : map.values()) {
FeatureTreeResp parent = map.get(feature.getParentId());
if (null == parent) {
continue;
}
if (parent.getChildren() == null)
parent.setChildren(new ArrayList<>());
parent.getChildren().add(feature);
}
return roots;
}
private FeatureTreeResp featureBOToResp(SaasFeature feature) {
FeatureTreeResp resp = new FeatureTreeResp();
BeanUtil.copyProperties(feature, resp);
resp.setName(feature.getFeatureName());
resp.setCode(feature.getFeatureCode());
resp.setMenuType(feature.getFeatureType());
return resp;
}
private List<SaasFeature> constructFeatureByMinFeatureCode(List<String> minFeatureCode, List<SaasFeature> allFeature) {
List<SaasFeature> result = new ArrayList<>();
Map<Long, SaasFeature> featureMap = allFeature.stream()
.collect(Collectors.toMap(SaasFeature::getId, Function.identity()));
if (!CollectionUtils.isEmpty(minFeatureCode)) {
List<SaasFeature> minFeature = allFeature.stream()
.filter(e -> org.apache.commons.lang3.StringUtils.isNotBlank(e.getFeatureCode())
&& minFeatureCode.contains(e.getFeatureCode())).collect(Collectors.toList());
result.addAll(minFeature);
Set<String> collect = minFeature.stream().map(SaasFeature::getPath)
.collect(Collectors.toSet());
Set<Long> longs = IdPathUtil.featurePathsToIds(collect);
for (Long aLong : longs) {
SaasFeature saasFeatureBO = featureMap.get(aLong);
if (saasFeatureBO != null) {
result.add(saasFeatureBO);
}
}
}
return getFeatureBOS(result);
}
private ArrayList<SaasFeature> getFeatureBOS(List<SaasFeature> result) {
return result.stream()
.collect(Collectors.collectingAndThen(
Collectors.toCollection(
() -> new TreeSet<>(Comparator.comparing(SaasFeature::getId))),
ArrayList::new));
}
private List<String> listFeatureCode(FeatureTreeReq req, boolean isAdmin) {
List<Long> productIds = getProductIdsOfWorkspace(req.getWorkspaceId());
if (isAdmin) {
return listCodeByProductIdsAndTerminal(productIds, req.getTerminal());
}
return listCodeByProductIds(req, productIds);
}
private List<String> listCodeByProductIds(FeatureTreeReq req, List<Long> productIds) {
return saasFeatureDao.listCodeByProductIds(req, productIds);
}
private List<String> listCodeByProductIdsAndTerminal(List<Long> productIds, String terminal) {
return saasFeatureDao.listByProductIdsAndTerminal(productIds, terminal);
}
private Map<Integer, List<FeatureTreeResp>> groupByMenuType(List<FeatureTreeResp> saasFeatureTree, Integer maxDepth) {
HashMap<Integer, List<FeatureTreeResp>> result = new HashMap<>();
if (CollectionUtil.isEmpty(saasFeatureTree) || maxDepth <= 0) {
return result;
}
for (FeatureTreeResp featureTreeResp : saasFeatureTree) {
List<FeatureTreeResp> defaultLists = result.getOrDefault(featureTreeResp.getMenuType(), new ArrayList<>());
if (defaultLists.isEmpty()) {
result.put(featureTreeResp.getMenuType(), defaultLists);
}
defaultLists.add(featureTreeResp);
Map<Integer, List<FeatureTreeResp>> children = groupByMenuType(featureTreeResp.getChildren(), --maxDepth);
for (Integer childrenKey : children.keySet()) {
List<FeatureTreeResp> childList = result.getOrDefault(childrenKey, new ArrayList<>());
if (childList.isEmpty()) {
result.put(childrenKey, childList);
}
childList.addAll(children.get(childrenKey));
}
}
return result;
}
public List<Long> getProductIdsOfWorkspace(Long workspaceId) {
CommonResponse<List<ServicePkgProduct>> servicePkgResponse = servicePkgClient.listProductInWorkSpace(workspaceId);
List<ServicePkgProduct> products = checkAndGetData(servicePkgResponse);
if (CollectionUtil.isEmpty(products)) {
log.warn("thrones:获取产品列表失败:workspaceId{}", workspaceId);
throw new ServiceException("当前工作台未找到任何的产品");
}
return products.stream().map(ServicePkgProduct::getProductId).collect(Collectors.toList());
}
}

21
tyr-server/src/main/java/cn/axzo/tyr/server/service/impl/SaasRoleUserRelationServiceImpl.java
View File

@ -2,10 +2,11 @@ package cn.axzo.tyr.server.service.impl;
import cn.axzo.basics.common.constant.enums.TableIsDeleteEnum;
import cn.axzo.pokonyan.config.mybatisplus.BaseEntity;
import cn.axzo.tyr.client.model.roleuser.dto.SaasRoleUserRelationDTO;
import cn.axzo.tyr.client.model.roleuser.dto.SaasRoleUserDTO;
import cn.axzo.tyr.client.model.roleuser.req.RoleUserParam;
import cn.axzo.tyr.server.repository.dao.SaasRoleDao;
import cn.axzo.tyr.server.repository.dao.SaasRoleUserRelationDao;
import cn.axzo.tyr.server.repository.entity.SaasRole;
import cn.axzo.tyr.server.repository.entity.SaasRoleUserRelation;
import cn.axzo.tyr.server.service.SaasRoleUserRelationService;
import cn.hutool.core.bean.BeanUtil;
@ -16,7 +17,9 @@ import org.springframework.stereotype.Service;
import javax.annotation.Resource;
import java.util.Collections;
import java.util.List;
import java.util.Map;
import java.util.Objects;
import java.util.function.Function;
import java.util.stream.Collectors;
/**
@ -34,20 +37,32 @@ public class SaasRoleUserRelationServiceImpl implements SaasRoleUserRelationServ
private SaasRoleDao saasRoleDao;
@Override
public List<SaasRoleUserRelationDTO> list(RoleUserParam param) {
public List<SaasRoleUserDTO> list(RoleUserParam param) {
List<SaasRoleUserRelation> saasRoleUserRelations = saasRoleUserRelationDao.lambdaQuery()
.eq(Objects.nonNull(param.getIdentityId()), SaasRoleUserRelation::getIdentityId, param.getIdentityId())
.eq(Objects.nonNull(param.getIdentityType()), SaasRoleUserRelation::getIdentityType, param.getIdentityType())
.eq(Objects.nonNull(param.getWorkspaceId()), SaasRoleUserRelation::getWorkspaceId, param.getWorkspaceId())
.eq(Objects.nonNull(param.getOuId()), SaasRoleUserRelation::getOuId, param.getOuId())
.in(CollectionUtil.isNotEmpty(param.getRoleIds()), SaasRoleUserRelation::getRoleId, param.getRoleIds())
.in(CollectionUtil.isNotEmpty(param.getIdentityIds()), SaasRoleUserRelation::getIdentityId, param.getIdentityIds())
.eq(BaseEntity::getIsDelete, TableIsDeleteEnum.NORMAL.value)
.last("LIMIT 1000")
.list();
if (CollectionUtil.isEmpty(saasRoleUserRelations)) {
return Collections.emptyList();
}
Map<Long, SaasRole> roleMap = saasRoleDao.lambdaQuery()
.in(SaasRole::getId, saasRoleUserRelations.stream().map(SaasRoleUserRelation::getRoleId).collect(Collectors.toSet()))
.list().stream().collect(Collectors.toMap(SaasRole::getId, Function.identity()));
return saasRoleUserRelations.stream().map(e -> BeanUtil.copyProperties(e, SaasRoleUserRelationDTO.class)).collect(Collectors.toList());
return saasRoleUserRelations.stream().map(e -> {
SaasRoleUserDTO userRole = BeanUtil.copyProperties(e, SaasRoleUserDTO.class);
SaasRole role = roleMap.get(userRole.getRoleId());
if (Objects.nonNull(role)) {
userRole.setRoleName(role.getName());
userRole.setDescription(role.getDescription());
}
return userRole;
}).collect(Collectors.toList());
}
}

16
tyr-server/src/main/resources/mapper/SaasRoleMapper.xml
View File

@ -90,4 +90,20 @@
</select>
<select id="pageQueryForOUWorkspace" resultType="cn.axzo.tyr.server.repository.entity.SaasRole">
SELECT
r.*
FROM
saas_role r
LEFT JOIN saas_role_group_relation rg ON r.id = rg.role_id
LEFT JOIN saas_role_group g ON rg.saas_role_group_id = g.id
WHERE
r.is_delete = 0
AND (
( r.workspace_id = #{workspaceId} AND r.owner_ou_id = #{ouId} AND r.role_type = 'common' )
OR
( r.owner_ou_id = - 1 AND FIND_IN_SET( #{workspaceJoinType},g.ou_type_code) > 0)
)
</select>
</mapper>

18
tyr-server/src/test/java/cn/axzo/tyr/server/permission/RoleUserTest.java
View File

@ -10,8 +10,11 @@ import cn.axzo.tyr.client.model.req.RoleWithUserQueryReq;
import cn.axzo.tyr.client.model.res.RoleWithUserRes;
import cn.axzo.tyr.server.controller.role.SaasRoleController;
import cn.axzo.tyr.server.repository.dao.SaasFeatureDao;
import cn.axzo.tyr.server.repository.dao.SaasRoleDao;
import cn.axzo.tyr.server.repository.dao.SaasRoleUserRelationDao;
import cn.axzo.tyr.server.repository.entity.SaasRole;
import com.alibaba.fastjson.JSON;
import com.baomidou.mybatisplus.extension.plugins.pagination.Page;
import org.junit.jupiter.api.Test;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.boot.test.context.SpringBootTest;
@ -36,6 +39,9 @@ public class RoleUserTest {
@Autowired
private SaasRoleController controller;
@Autowired
private SaasRoleDao saasRoleDao;
@Test
public void testList() {
saasRoleUserRelationDao.deleteByUser(BaseWorkspaceModel.builder()
@ -59,5 +65,17 @@ public class RoleUserTest {
System.out.println(JSON.toJSONString(result));
}
@Test
public void testPageQueryForOUWorkspace() {
RoleWithUserQueryReq req = new RoleWithUserQueryReq();
req.setOuId(5195L);
req.setWorkspaceId(371L);
req.setWorkspaceJoinType(2);
req.setPage(1L);
req.setPageSize(20L);
Page<SaasRole> page = saasRoleDao.pageQueryForOUWorkspace(req);
System.out.println(JSON.toJSONString(page));
}
}