wangli/tyr
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

feat(REQ-2545): 查询用户页面有权限的元素过滤方法修改

Browse Source
This commit is contained in:
李昆鹏 2024-07-02 11:40:12 +08:00
parent f75f9d1fae
commit c56a48596f
1 changed files with 25 additions and 22 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

47
tyr-server/src/main/java/cn/axzo/tyr/server/service/impl/SaasPageElementServiceImpl.java
View File

@ -9,6 +9,7 @@ import cn.axzo.tyr.client.common.enums.FeatureResourceType;
import cn.axzo.tyr.client.common.enums.PageElementTypeEnum;
import cn.axzo.tyr.client.model.req.*;
import cn.axzo.tyr.client.model.res.GetUserHasPermissionPageElementResp;
import cn.axzo.tyr.client.model.res.IdentityAuthRes;
import cn.axzo.tyr.client.model.res.PageElementResp;
import cn.axzo.tyr.client.model.res.SaasPermissionRelationRes;
import cn.axzo.tyr.client.model.roleuser.dto.SaasRoleUserV2DTO;
@ -22,11 +23,13 @@ import cn.axzo.tyr.server.repository.entity.SaasPageElementFeatureResourceRelati
import cn.axzo.tyr.server.repository.entity.SaasPgroupPermissionRelation;
import cn.axzo.tyr.server.service.SaasPageElementService;
import cn.axzo.tyr.server.service.SaasRoleUserRelationService;
import cn.axzo.tyr.server.service.TyrSaasAuthService;
import cn.hutool.json.JSONUtil;
import com.baomidou.mybatisplus.core.metadata.IPage;
import com.baomidou.mybatisplus.extension.plugins.pagination.Page;
import com.google.common.collect.Lists;
import com.google.common.collect.Maps;
import com.google.common.collect.Sets;
import lombok.RequiredArgsConstructor;
import lombok.extern.slf4j.Slf4j;
import org.apache.commons.collections4.CollectionUtils;
@ -59,6 +62,7 @@ public class SaasPageElementServiceImpl implements SaasPageElementService {
private final SaasPageElementFeatureResourceRelationDao saasPageElementFeatureResourceRelationDao;
private final SaasFeatureResourceDao saasFeatureResourceDao;
private final SaasRoleUserRelationService saasRoleUserRelationService;
private final TyrSaasAuthService tyrSaasAuthService;
@Qualifier("asyncExecutor")
@Autowired
@ -180,32 +184,31 @@ public class SaasPageElementServiceImpl implements SaasPageElementService {
if (CollectionUtils.isEmpty(saasFeatureResources)) {
return null;
}
// 过滤用户有权限的featureIds
List<SaasRoleUserV2DTO> saasRoleUsers = saasRoleUserRelationService.listV2(ListRoleUserRelationParam.builder()
.personId(request.getPersonId())
.workspaceOuPairs(Lists.newArrayList(ListRoleUserRelationParam.WorkspaceOuPair.builder().ouId(request.getOuId()).workspaceId(request.getWorkspaceId()).build()))
.needRole(Boolean.TRUE)
.needPermissionRelation(Boolean.TRUE)
.type(SaasPgroupPermissionRelation.NEW_FEATURE)
.featureIds(saasFeatureResources.stream().map(BaseEntity::getId).collect(Collectors.toList()))
.terminal(request.getTerminal())
.build());
List<Long> hasPermissionFeatureIds = CollectionUtils.emptyIfNull(saasRoleUsers).stream()
.filter(e -> Objects.nonNull(e.getSaasRole()) && CollectionUtils.isNotEmpty(e.getSaasRole().getPermissionRelations()))
.flatMap(e -> e.getSaasRole().getPermissionRelations().stream().map(SaasPermissionRelationRes::getFeatureId))
.distinct().collect(Collectors.toList());
log.info("getUserHasPermissionPageElement personId:{} pageElementCode:{}, hasPermissionFeatureIds:{}", request.getPersonId(), request.getPageElementCode(), hasPermissionFeatureIds);
if (CollectionUtils.isEmpty(hasPermissionFeatureIds)) {
log.warn("不存在有权限的组件,页面元素编码:{}", request.getPageElementCode());
List<SaasPageElementFeatureResourceRelation> resourceRelations = saasPageElementFeatureResourceRelationDao.listByUniCodeAndTerminal(saasFeatureResources.stream().map(SaasFeatureResource::getUniCode).collect(Collectors.toList()), request.getTerminal());
if (CollectionUtils.isEmpty(resourceRelations)) {
return null;
}
List<String> hasPermissionUniCodes = saasFeatureResources.stream().filter(e -> hasPermissionFeatureIds.contains(e.getId())).map(SaasFeatureResource::getUniCode).collect(Collectors.toList());
List<SaasPageElementFeatureResourceRelation> resourceRelations = saasPageElementFeatureResourceRelationDao.listByUniCodeAndTerminal(hasPermissionUniCodes, request.getTerminal());
// 过滤用户有权限的featureIds
IdentityAuthRes res = tyrSaasAuthService.findIdentityAuthMix(IdentityAuthReq.builder()
.personId(request.getPersonId())
.workspaceOusPairs(Lists.newArrayList(IdentityAuthReq.WorkspaceOuPair.builder().ouId(request.getOuId()).workspaceId(request.getWorkspaceId()).build()))
.terminal(Lists.newArrayList(request.getTerminal()))
.featureCode(resourceRelations.stream().map(SaasPageElementFeatureResourceRelation::getPageElementCode).collect(Collectors.toSet()))
.type(SaasPgroupPermissionRelation.NEW_FEATURE)
.build());
if (Objects.isNull(res) || CollectionUtils.isEmpty(res.getPermissions())) {
return null;
}
List<String> hasPermissionFeatureCode = res.getPermissions().stream().filter(e -> CollectionUtils.isNotEmpty(e.getPermissionPoint()))
.map(e -> e.getPermissionPoint().stream().map(IdentityAuthRes.PermissionPoint::getFeatureCode).collect(Collectors.toList())).flatMap(List::stream).distinct().collect(Collectors.toList());
log.info("getUserHasPermissionPageElement personId:{} pageElementCode:{}, hasPermissionFeatureCode:{}", request.getPersonId(), request.getPageElementCode(), hasPermissionFeatureCode);
return GetUserHasPermissionPageElementResp.builder()
.pageElementCodes(CollectionUtils.emptyIfNull(resourceRelations).stream().map(SaasPageElementFeatureResourceRelation::getPageElementCode).collect(Collectors.toList()))
.pageElementCodes(hasPermissionFeatureCode)
.build();
}