diff --git a/tyr-api/src/main/java/cn/axzo/tyr/client/model/req/ListPermissionFromRoleGroupReq.java b/tyr-api/src/main/java/cn/axzo/tyr/client/model/req/ListPermissionFromRoleGroupReq.java index 35f184fa..dd07edee 100644 --- a/tyr-api/src/main/java/cn/axzo/tyr/client/model/req/ListPermissionFromRoleGroupReq.java +++ b/tyr-api/src/main/java/cn/axzo/tyr/client/model/req/ListPermissionFromRoleGroupReq.java @@ -41,6 +41,9 @@ public class ListPermissionFromRoleGroupReq { @Builder.Default private Boolean findFeatureInfo = false; + /** 角色组ID **/ + private List roleGroupIds; + @Data @Builder @AllArgsConstructor diff --git a/tyr-server/src/main/java/cn/axzo/tyr/server/repository/dao/SaasRoleGroupDao.java b/tyr-server/src/main/java/cn/axzo/tyr/server/repository/dao/SaasRoleGroupDao.java index ffcd7dd6..cfc9921a 100644 --- a/tyr-server/src/main/java/cn/axzo/tyr/server/repository/dao/SaasRoleGroupDao.java +++ b/tyr-server/src/main/java/cn/axzo/tyr/server/repository/dao/SaasRoleGroupDao.java @@ -53,6 +53,8 @@ public class SaasRoleGroupDao extends ServiceImpl listByCategoryCode(List categoryCode) { return lambdaQuery().eq(BaseEntity::getIsDelete, 0L) .in(SaasRoleGroup::getCategoryCode, categoryCode).list(); diff --git a/tyr-server/src/main/java/cn/axzo/tyr/server/service/SaasFeatureResourceService.java b/tyr-server/src/main/java/cn/axzo/tyr/server/service/SaasFeatureResourceService.java index 9f631a73..ef4cfa6c 100644 --- a/tyr-server/src/main/java/cn/axzo/tyr/server/service/SaasFeatureResourceService.java +++ b/tyr-server/src/main/java/cn/axzo/tyr/server/service/SaasFeatureResourceService.java @@ -43,9 +43,6 @@ public interface SaasFeatureResourceService { /** 资源权限通用查询 **/ List permissionQuery(ResourcePermissionQueryDTO param); - /** 是否免授权 **/ - boolean isAuthFree(Long featureId); - /** 查询资源树 **/ List getTree(GetFeatureResourceTreeReq req); diff --git a/tyr-server/src/main/java/cn/axzo/tyr/server/service/SaasRoleGroupService.java b/tyr-server/src/main/java/cn/axzo/tyr/server/service/SaasRoleGroupService.java index 653745b7..1aebfe41 100644 --- a/tyr-server/src/main/java/cn/axzo/tyr/server/service/SaasRoleGroupService.java +++ b/tyr-server/src/main/java/cn/axzo/tyr/server/service/SaasRoleGroupService.java @@ -34,4 +34,11 @@ public interface SaasRoleGroupService extends IService { * @return */ List listByCategoryCode(List categoryCode); + + /** + * 根据code查询角色组 + * @param codes 角色组编码 + * @param type 1-仅查当前code 2-对应code角色组及子级角色组 3-仅对应code角色组的子级 + * **/ + List listByCodes(List codes, int type); } diff --git a/tyr-server/src/main/java/cn/axzo/tyr/server/service/impl/RoleServiceImpl.java b/tyr-server/src/main/java/cn/axzo/tyr/server/service/impl/RoleServiceImpl.java index f249d3b9..57027880 100644 --- a/tyr-server/src/main/java/cn/axzo/tyr/server/service/impl/RoleServiceImpl.java +++ b/tyr-server/src/main/java/cn/axzo/tyr/server/service/impl/RoleServiceImpl.java @@ -895,7 +895,8 @@ public class RoleServiceImpl extends ServiceImpl return new ArrayList<>(); } List result = new ArrayList<>(); - List saasRoleGroups = saasRoleGroupDao.listByCategoryCode(categoryCodes); + //category code转code 查询对应code及子级 + List saasRoleGroups = saasRoleGroupService.listByCodes(categoryCodes, 3); Set roleGroupId = saasRoleGroups.stream().map(BaseEntity::getId).collect(Collectors.toSet()); List roleGroupRelations = saasRoleGroupRelationDao.getByGroupIds(roleGroupId); @@ -917,7 +918,13 @@ public class RoleServiceImpl extends ServiceImpl Map roleMap = roleInfos.stream().collect(Collectors.toMap(BaseEntity::getId, Function.identity())); Map permissionGroupMap = permissionGroups.stream().collect(Collectors.toMap(BaseEntity::getId, Function.identity())); - Map> groupsByCategory = saasRoleGroups.stream().collect(Collectors.groupingBy(SaasRoleGroup::getCategoryCode)); + Map> allGroupMap = saasRoleGroups.stream().collect(Collectors.groupingBy(SaasRoleGroup::getParentId)); + List categoryRoleGroups = saasRoleGroupService.listByCodes(categoryCodes, 1); + Map> groupMap = categoryRoleGroups.stream().collect(Collectors.groupingBy(SaasRoleGroup::getCode)); + for (Map.Entry> entry : groupMap.entrySet()) { + + } + return groupsByCategory.entrySet().stream() .map(entry -> { diff --git a/tyr-server/src/main/java/cn/axzo/tyr/server/service/impl/SaasFeatureResourceServiceImpl.java b/tyr-server/src/main/java/cn/axzo/tyr/server/service/impl/SaasFeatureResourceServiceImpl.java index c8fa83a3..b2438101 100644 --- a/tyr-server/src/main/java/cn/axzo/tyr/server/service/impl/SaasFeatureResourceServiceImpl.java +++ b/tyr-server/src/main/java/cn/axzo/tyr/server/service/impl/SaasFeatureResourceServiceImpl.java @@ -112,22 +112,6 @@ public class SaasFeatureResourceServiceImpl implements SaasFeatureResourceServic return BeanMapper.copyList(resourceList, ResourcePermission.class); } - @Override - public boolean isAuthFree(Long featureId) { - - if (BooleanUtil.isTrue(RedisClient.KeyOps.hasKey(KEY_AUTH_FREE))) { - return RedisClient.SetOps.sIsMember(KEY_AUTH_FREE, String.valueOf(featureId)); - } - - //load from DB - Set featureIds = this.permissionQuery(ResourcePermissionQueryDTO.builder() - .authTypes(Collections.singletonList(FeatureResourceAuthType.ALL_ROLE.getCode())) - .build()) - .stream() - .map(ResourcePermission::getId).collect(Collectors.toSet()); - return false; - } - @Override public SaasFeatureResource getByCode(String featureCode) { return featureResourceDao.getByCode(featureCode); diff --git a/tyr-server/src/main/java/cn/axzo/tyr/server/service/impl/SaasRoleGroupServiceImpl.java b/tyr-server/src/main/java/cn/axzo/tyr/server/service/impl/SaasRoleGroupServiceImpl.java index b636970b..5dacb92d 100644 --- a/tyr-server/src/main/java/cn/axzo/tyr/server/service/impl/SaasRoleGroupServiceImpl.java +++ b/tyr-server/src/main/java/cn/axzo/tyr/server/service/impl/SaasRoleGroupServiceImpl.java @@ -11,6 +11,7 @@ import cn.axzo.tyr.server.repository.entity.SaasRoleGroupRelation; import cn.axzo.tyr.server.repository.mapper.SaasRoleGroupMapper; import cn.axzo.tyr.server.service.SaasRoleGroupService; import cn.hutool.core.bean.BeanUtil; +import cn.hutool.core.collection.CollectionUtil; import com.baomidou.mybatisplus.extension.service.impl.ServiceImpl; import lombok.RequiredArgsConstructor; import lombok.extern.slf4j.Slf4j; @@ -20,6 +21,7 @@ import org.springframework.stereotype.Service; import java.util.ArrayList; import java.util.Arrays; +import java.util.Collections; import java.util.Date; import java.util.List; import java.util.Map; @@ -175,7 +177,7 @@ public class SaasRoleGroupServiceImpl extends ServiceImpl listByCategoryCode(List categoryCode) { - return BeanUtil.copyToList(saasRoleGroupDao.listByCategoryCode(categoryCode), SaasRoleGroupVO.class); + return BeanUtil.copyToList(this.listByCodes(categoryCode, 3), SaasRoleGroupVO.class); } private void assembleSort(SaasRoleGroup saasRoleGroup) { @@ -212,4 +214,22 @@ public class SaasRoleGroupServiceImpl extends ServiceImpl listByCodes(List codes, int type) { + List groups = saasRoleGroupDao.listByCodes(codes); + if (CollectionUtil.isEmpty(groups) || type == 1) { + return Collections.emptyList(); + } + List parentIds = groups.stream().map(SaasRoleGroup::getId).collect(Collectors.toList()); + List children = saasRoleGroupDao.lambdaQuery().eq(SaasRoleGroup::getParentId, parentIds).list(); + if (type == 2) { + groups.addAll(children); + return groups; + } + if (type == 3) { + return children; + } + return Collections.emptyList(); + } } diff --git a/tyr-server/src/main/java/cn/axzo/tyr/server/service/impl/TyrSaasAuthServiceImpl.java b/tyr-server/src/main/java/cn/axzo/tyr/server/service/impl/TyrSaasAuthServiceImpl.java index 53edc01d..00610f6d 100644 --- a/tyr-server/src/main/java/cn/axzo/tyr/server/service/impl/TyrSaasAuthServiceImpl.java +++ b/tyr-server/src/main/java/cn/axzo/tyr/server/service/impl/TyrSaasAuthServiceImpl.java @@ -34,6 +34,7 @@ import cn.axzo.tyr.server.service.PermissionCacheService; import cn.axzo.tyr.server.service.PermissionPointService; import cn.axzo.tyr.server.service.ProductFeatureRelationService; import cn.axzo.tyr.server.service.RoleService; +import cn.axzo.tyr.server.service.SaasRoleGroupService; import cn.axzo.tyr.server.service.TyrSaasAuthService; import cn.axzo.tyr.server.util.KeyUtil; import cn.axzo.tyr.server.utils.RpcExternalUtil; @@ -92,6 +93,7 @@ public class TyrSaasAuthServiceImpl implements TyrSaasAuthService { private final PermissionPointService permissionPointService; private final PermissionCacheService permissionCacheService; + private final SaasRoleGroupService roleGroupService; /** @@ -787,6 +789,12 @@ public class TyrSaasAuthServiceImpl implements TyrSaasAuthService { @Override public List listAuthByResourceAndRoleGroup(ListPermissionFromRoleGroupReq listPermissionFromRoleGroupReq) { + //确定角色group_id: code对应角色组及其下级 + List groups = roleGroupService.listByCodes(Collections.singletonList(listPermissionFromRoleGroupReq.getCategoryCode()), 2); + if (CollectionUtil.isEmpty(groups)) { + log.warn("no role group found for code :{}", listPermissionFromRoleGroupReq.getCategoryCode()); + return Collections.emptyList(); + } List permissionInfo = saasAuthMapper.listAuthByResourceAndRoleGroup(listPermissionFromRoleGroupReq); if (CollectionUtil.isEmpty(permissionInfo)) { return new ArrayList<>(); diff --git a/tyr-server/src/main/resources/mapper/TyrSaasAuthMapper.xml b/tyr-server/src/main/resources/mapper/TyrSaasAuthMapper.xml index 51fdfb63..c35f0179 100644 --- a/tyr-server/src/main/resources/mapper/TyrSaasAuthMapper.xml +++ b/tyr-server/src/main/resources/mapper/TyrSaasAuthMapper.xml @@ -128,7 +128,10 @@ INNER JOIN saas_role_user_relation t5 ON t3.id = t5.role_id WHERE - t1.category_code = #{req.categoryCode} + t1.id IN + + #{id} + AND T1.IS_DELETE = 0 AND T2.IS_DELETE = 0 AND T3.IS_DELETE=0 AND T4.IS_DELETE = 0 AND T5.IS_DELETE = 0