feat:(REQ-3068) 新增批量判断是否有应用权限的接口

2024-10-11 14:44:43 +08:00 · 2024-10-11 14:44:43 +08:00 · d766af05aa
commit d766af05aa
parent 8870a1830d
4 changed files with 102 additions and 0 deletions
--- a/tyr-api/src/main/java/cn/axzo/tyr/client/feign/PermissionQueryApi.java
+++ b/tyr-api/src/main/java/cn/axzo/tyr/client/feign/PermissionQueryApi.java
@ -1,6 +1,7 @@
 package cn.axzo.tyr.client.feign;

 import cn.axzo.framework.domain.web.result.ApiResult;
+import cn.axzo.tyr.client.model.req.BatchPermissionCheckReq;
 import cn.axzo.tyr.client.model.req.ListPermissionFeatureReq;
 import cn.axzo.tyr.client.model.req.NavTreeReq;
 import cn.axzo.tyr.client.model.req.PagePermissionReq;
@ -8,6 +9,7 @@ import cn.axzo.tyr.client.model.req.PagePermissionResp;
 import cn.axzo.tyr.client.model.req.PermissionCheckReq;
 import cn.axzo.tyr.client.model.req.TreePermissionReq;
 import cn.axzo.tyr.client.model.req.TreeProductFeatureResourceReq;
+import cn.axzo.tyr.client.model.res.BatchPermissionCheckRes;
 import cn.axzo.tyr.client.model.res.FeatureResourceDTO;
 import cn.axzo.tyr.client.model.res.ListPermissionFeatureResp;
 import cn.axzo.tyr.client.model.res.NavTreeResp;
@ -44,6 +46,14 @@ public interface PermissionQueryApi {
    @PostMapping(value = "/api/v3/permission/query/hasPermission")
    ApiResult<Boolean> hasPermission(@RequestBody @Valid PermissionCheckReq req);

+    /**
+     * 批量鉴权
+     * @param req
+     * @return
+     */
+    @PostMapping(value = "/api/v3/permission/query/hasPermission/batch")
+    ApiResult<BatchPermissionCheckRes> hasPermissionBatch(@RequestBody @Valid BatchPermissionCheckReq req);
+
    /**
     * 查询租户的权限树
     * @param request
--- a/tyr-api/src/main/java/cn/axzo/tyr/client/model/req/BatchPermissionCheckReq.java
+++ b/tyr-api/src/main/java/cn/axzo/tyr/client/model/req/BatchPermissionCheckReq.java
@ -0,0 +1,28 @@
+package cn.axzo.tyr.client.model.req;
+
+import cn.axzo.tyr.client.model.base.WorkspaceOUPair;
+import lombok.AllArgsConstructor;
+import lombok.Builder;
+import lombok.Data;
+import lombok.NoArgsConstructor;
+
+import javax.validation.constraints.NotBlank;
+import javax.validation.constraints.NotEmpty;
+import javax.validation.constraints.NotNull;
+import java.util.List;
+
+@Data
+@Builder
+@NoArgsConstructor
+@AllArgsConstructor
+public class BatchPermissionCheckReq {
+
+    @NotNull(message = "personId不能为空")
+    private Long personId;
+
+    @NotEmpty(message = "workspaceOUPairs不能为空")
+    private List<WorkspaceOUPair> workspaceOUPairs;
+
+    @NotBlank(message = "itemCode不能为空")
+    private String itemCode;
+}
--- a/tyr-api/src/main/java/cn/axzo/tyr/client/model/res/BatchPermissionCheckRes.java
+++ b/tyr-api/src/main/java/cn/axzo/tyr/client/model/res/BatchPermissionCheckRes.java
@ -0,0 +1,34 @@
+package cn.axzo.tyr.client.model.res;
+
+import lombok.AllArgsConstructor;
+import lombok.Builder;
+import lombok.Data;
+import lombok.NoArgsConstructor;
+
+import java.util.List;
+
+@Data
+@Builder
+@NoArgsConstructor
+@AllArgsConstructor
+public class BatchPermissionCheckRes {
+
+    private List<WorkspaceOuPermission> workspaceOuPermissions;
+
+    @Data
+    @Builder
+    @NoArgsConstructor
+    @AllArgsConstructor
+    public static class WorkspaceOuPermission {
+        private Long ouId;
+
+        private Long workspaceId;
+
+        /**
+         * true表示有权限
+         * false表示没权限
+         */
+        private Boolean permissionResult;
+    }
+}
+
--- a/tyr-server/src/main/java/cn/axzo/tyr/server/controller/permission/PermissionQueryController.java
+++ b/tyr-server/src/main/java/cn/axzo/tyr/server/controller/permission/PermissionQueryController.java
@ -1,7 +1,10 @@
 package cn.axzo.tyr.server.controller.permission;

+import cn.axzo.basics.common.BeanMapper;
 import cn.axzo.framework.domain.web.result.ApiResult;
 import cn.axzo.tyr.client.feign.PermissionQueryApi;
+import cn.axzo.tyr.client.model.req.BatchPermissionCheckReq;
+import cn.axzo.tyr.client.model.req.IdentityAuthReq;
 import cn.axzo.tyr.client.model.req.ListPermissionFeatureReq;
 import cn.axzo.tyr.client.model.req.NavTreeReq;
 import cn.axzo.tyr.client.model.req.PagePermissionReq;
@ -9,17 +12,22 @@ import cn.axzo.tyr.client.model.req.PagePermissionResp;
 import cn.axzo.tyr.client.model.req.PermissionCheckReq;
 import cn.axzo.tyr.client.model.req.TreePermissionReq;
 import cn.axzo.tyr.client.model.req.TreeProductFeatureResourceReq;
+import cn.axzo.tyr.client.model.res.BatchPermissionCheckRes;
 import cn.axzo.tyr.client.model.res.FeatureResourceDTO;
+import cn.axzo.tyr.client.model.res.IdentityAuthRes;
 import cn.axzo.tyr.client.model.res.ListPermissionFeatureResp;
 import cn.axzo.tyr.client.model.res.NavTreeResp;
 import cn.axzo.tyr.client.model.res.ProductFeatureResourceResp;
 import cn.axzo.tyr.client.model.res.TreePermissionResp;
 import cn.axzo.tyr.server.service.PermissionQueryService;
+import cn.axzo.tyr.server.service.TyrSaasAuthService;
 import lombok.RequiredArgsConstructor;
 import lombok.extern.slf4j.Slf4j;
+import org.apache.commons.collections.CollectionUtils;
 import org.springframework.web.bind.annotation.RestController;

 import java.util.List;
+import java.util.stream.Collectors;

 /**
 * 权限接口实现
@ -34,6 +42,7 @@ import java.util.List;
 public class PermissionQueryController implements PermissionQueryApi {

    private final PermissionQueryService permissionService;
+    private final TyrSaasAuthService tyrSaasAuthService;

    @Override
    public ApiResult<List<NavTreeResp>> getNavTree(NavTreeReq req) {
@ -50,6 +59,27 @@ public class PermissionQueryController implements PermissionQueryApi {
        return ApiResult.ok(permissionService.hasPermission(req));
    }

+    @Override
+    public ApiResult<BatchPermissionCheckRes> hasPermissionBatch(BatchPermissionCheckReq req) {
+
+        IdentityAuthReq request = IdentityAuthReq.builder().build();
+        request.setPersonId(req.getPersonId());
+        List<IdentityAuthReq.WorkspaceOuPair> pairs = BeanMapper.copyList(req.getWorkspaceOUPairs(), IdentityAuthReq.WorkspaceOuPair.class);
+        request.setWorkspaceOusPairs(pairs);
+        request.setItemCode(req.getItemCode());
+        IdentityAuthRes authRes = tyrSaasAuthService.findIdentityAuthMix(request);
+
+        return ApiResult.ok(BatchPermissionCheckRes.builder()
+                .workspaceOuPermissions(authRes.getPermissions().stream()
+                        .map(e -> BatchPermissionCheckRes.WorkspaceOuPermission.builder()
+                                .workspaceId(e.getWorkspaceId())
+                                .ouId(e.getOuId())
+                                .permissionResult(CollectionUtils.isNotEmpty(e.getPermissionPoint()))
+                                .build())
+                        .collect(Collectors.toList()))
+                .build());
+    }
+
    @Override
    public ApiResult<List<ProductFeatureResourceResp>> treeProduct(TreeProductFeatureResourceReq request) {
        return ApiResult.ok(permissionService.treeProduct(request));