wangli/tyr
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

fix(REQ-2774): 权限操作日志记录操作人角色和表名

Browse Source
This commit is contained in:
李昆鹏 2024-07-25 11:01:46 +08:00
parent 45e01d07bd
commit dc6fd4c28c
9 changed files with 166 additions and 3 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
tyr-api/src/main/java/cn/axzo/tyr/client/common/enums/PermissionRelationOperateLogSceneEnum.java
View File

@ -14,9 +14,9 @@ import lombok.Getter;
public enum PermissionRelationOperateLogSceneEnum {
/**
* 同步
* oms同步
*/
SYNC("SYNC", "同步"),
OMS_SYNC("OMS_SYNC", "oms同步"),
/**
* oms后台更新资源绑定的角色

76
tyr-server/src/main/java/cn/axzo/tyr/server/config/ContextInfoFillInterceptor.java Normal file
View File

@ -0,0 +1,76 @@
package cn.axzo.tyr.server.config;
import cn.axzo.framework.auth.config.FeignContextInfoInterceptor;
import cn.axzo.framework.auth.domain.*;
import cn.hutool.core.util.StrUtil;
import cn.hutool.json.JSONUtil;
import lombok.extern.slf4j.Slf4j;
import org.springframework.stereotype.Component;
import org.springframework.web.servlet.HandlerInterceptor;
import org.springframework.web.servlet.ModelAndView;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import java.util.Objects;
/**
* @author chenwenjian
* @version 1.0
* @date 2024/6/19 12:44
*/
@Slf4j
@Component
public class ContextInfoFillInterceptor implements HandlerInterceptor {
@Override
public void postHandle(HttpServletRequest request, HttpServletResponse response, Object handler, ModelAndView modelAndView) throws Exception {
HandlerInterceptor.super.postHandle(request, response, handler, modelAndView);
}
@Override
public void afterCompletion(HttpServletRequest request, HttpServletResponse response, Object handler, Exception ex) throws Exception {
ContextInfoHolder.clear();
HandlerInterceptor.super.afterCompletion(request, response, handler, ex);
}
@Override
public boolean preHandle(HttpServletRequest request, HttpServletResponse response, Object handler) throws Exception {
String lite = request.getHeader(FeignContextInfoInterceptor.LITE);
if (StrUtil.isNotBlank(lite)) {
try {
ContextInfo.LiteSaasContext liteSaasContext = JSONUtil.toBean(lite, ContextInfo.LiteSaasContext.class);
String serverName = request.getHeader(FeignContextInfoInterceptor.SERVICE_NAME);
if (Objects.nonNull(liteSaasContext)) {
ContextInfo contextInfo = new ContextInfo();
contextInfo.setWorkspaceId(liteSaasContext.getWorkspaceId());
contextInfo.setWorkspaceType(liteSaasContext.getWorkspaceType());
contextInfo.setOuId(liteSaasContext.getOuId());
contextInfo.setOuType(liteSaasContext.getOuType());
contextInfo.setSaasTenantId(liteSaasContext.getSaasTennantId());
UserInfo userInfo = new UserInfo();
userInfo.setIdentityId(liteSaasContext.getIdentityId());
userInfo.setIdentityType(liteSaasContext.getIdentityType());
userInfo.setPersonId(liteSaasContext.getPersonId());
userInfo.setAcntId(liteSaasContext.getAcntId());
userInfo.setRealName(liteSaasContext.getRealName());
contextInfo.setUserInfo(userInfo);
TerminalInfo terminalInfo = new TerminalInfo(liteSaasContext.getTerminal());
contextInfo.setTerminalInfo(terminalInfo);
SystemAndDeviceInfo systemAndDeviceInfo = new SystemAndDeviceInfo();
systemAndDeviceInfo.setIpAddress(liteSaasContext.getIpAddress());
contextInfo.setSystemAndDeviceInfo(systemAndDeviceInfo);
ContextInfoHolder.set(contextInfo);
log.info("ContextInfo parsing success! server: {}, contextInfo: {}", StrUtil.isNotBlank(serverName) ? serverName : "unknown", lite);
}
} catch (Exception e) {
log.warn("ContextInfo parsing failure! {}", e.getMessage());
}
return true;
}
log.warn("Can not get LiteSaasContext!");
return true;
}
}

28
tyr-server/src/main/java/cn/axzo/tyr/server/model/BasicRoleDO.java Normal file
View File

@ -0,0 +1,28 @@
package cn.axzo.tyr.server.model;
import lombok.AllArgsConstructor;
import lombok.Builder;
import lombok.Data;
import lombok.NoArgsConstructor;
/**
* @author likunpeng
* @version 1.0
* @date 2024/7/25
*/
@Builder
@Data
@AllArgsConstructor
@NoArgsConstructor
public class BasicRoleDO {
/**
* 角色ID
*/
private Long roleId;
/**
* 角色code
*/
private String roleCode;
}

10
tyr-server/src/main/java/cn/axzo/tyr/server/repository/entity/SaasPgroupPermissionRelationOperateLog.java
View File

@ -18,6 +18,11 @@ import lombok.*;
@TableName("saas_pgroup_permission_relation_operate_log")
public class SaasPgroupPermissionRelationOperateLog extends BaseEntity<SaasPgroupPermissionRelationOperateLog> {
/**
* 操作关联的表名
*/
private String tableName;
/**
* 操作场景
* @see PermissionRelationOperateLogSceneEnum
@ -53,4 +58,9 @@ public class SaasPgroupPermissionRelationOperateLog extends BaseEntity<SaasPgrou
* 操作人名
*/
private String createByName;
/**
* 操作人角色
*/
private String createByRole;
}

3
tyr-server/src/main/java/cn/axzo/tyr/server/service/SaasPgroupPermissionRelationOperateLogService.java
View File

@ -1,5 +1,6 @@
package cn.axzo.tyr.server.service;
import cn.axzo.tyr.server.model.BasicRoleDO;
import cn.axzo.tyr.server.repository.entity.SaasPgroupPermissionRelationOperateLog;
import java.util.List;
@ -12,4 +13,6 @@ import java.util.List;
public interface SaasPgroupPermissionRelationOperateLogService {
void batchSave(List<SaasPgroupPermissionRelationOperateLog> logs);
List<BasicRoleDO> getPersonBasicRoles(Long personId);
}

4
tyr-server/src/main/java/cn/axzo/tyr/server/service/impl/FeatureResourceSyncServiceImpl.java
View File

@ -360,12 +360,14 @@ public class FeatureResourceSyncServiceImpl implements FeatureResourceSyncServic
PersonProfileDto operator = CollectionUtils.isEmpty(personProfileDtos) ? null : personProfileDtos.get(0);
SaasPgroupPermissionRelationOperateLog operateLog = SaasPgroupPermissionRelationOperateLog.builder()
.scene(PermissionRelationOperateLogSceneEnum.SYNC.getValue())
.tableName(SaasPgroupPermissionRelationOperateLogServiceImpl.TABLE_NAME_FEATURE_RESOURCE)
.scene(PermissionRelationOperateLogSceneEnum.OMS_SYNC.getValue())
.createBy(req.getOperatorId())
.createByName(Objects.isNull(operator) ? "" : operator.getRealName())
.traceId(MDC.get(Constants.CTX_LOG_ID_MDC))
.requestData(JSONObject.toJSONString(req))
.operateData(JSONObject.toJSONString(operateDos))
.createByRole(JSONObject.toJSONString(saasPgroupPermissionRelationOperateLogService.getPersonBasicRoles(req.getOperatorId())))
.build();
saasPgroupPermissionRelationOperateLogService.batchSave(Lists.newArrayList(operateLog));
}

6
tyr-server/src/main/java/cn/axzo/tyr/server/service/impl/RoleServiceImpl.java
View File

@ -1507,6 +1507,7 @@ public class RoleServiceImpl extends ServiceImpl<SaasRoleMapper, SaasRole>
.uniCode(saasFeatureResource.getUniCode())
.build();
SaasPgroupPermissionRelationOperateLog operateLog = SaasPgroupPermissionRelationOperateLog.builder()
.tableName(SaasPgroupPermissionRelationOperateLogServiceImpl.TABLE_NAME_FEATURE_RESOURCE)
.scene(PermissionRelationOperateLogSceneEnum.OMS_FEATURE_RESOURCE_BIND_ROLE.getValue())
.sceneId(saasFeatureResource.getUniCode())
.createBy(operatorId)
@ -1514,6 +1515,7 @@ public class RoleServiceImpl extends ServiceImpl<SaasRoleMapper, SaasRole>
.traceId(MDC.get(Constants.CTX_LOG_ID_MDC))
.requestData(Objects.isNull(req) ? null : JSONObject.toJSONString(req))
.operateData(JSONObject.toJSONString(Lists.newArrayList(operateAfter)))
.createByRole(JSONObject.toJSONString(saasPgroupPermissionRelationOperateLogService.getPersonBasicRoles(operatorId)))
.build();
saasPgroupPermissionRelationOperateLogService.batchSave(Lists.newArrayList(operateLog));
@ -1533,6 +1535,7 @@ public class RoleServiceImpl extends ServiceImpl<SaasRoleMapper, SaasRole>
.roleCodes(saasRoles.stream().map(SaasRole::getRoleCode).collect(Collectors.toList()))
.build();
SaasPgroupPermissionRelationOperateLog operateLog = SaasPgroupPermissionRelationOperateLog.builder()
.tableName(SaasPgroupPermissionRelationOperateLogServiceImpl.TABLE_NAME_FEATURE_RESOURCE)
.scene(PermissionRelationOperateLogSceneEnum.OMS_FEATURE_RESOURCE_BIND_ROLE.getValue())
.sceneId(saasFeatureResource.getUniCode())
.createBy(operatorId)
@ -1540,6 +1543,7 @@ public class RoleServiceImpl extends ServiceImpl<SaasRoleMapper, SaasRole>
.traceId(MDC.get(Constants.CTX_LOG_ID_MDC))
.requestData(Objects.isNull(req) ? null : JSONObject.toJSONString(req))
.operateData(JSONObject.toJSONString(Lists.newArrayList(operateAfter)))
.createByRole(JSONObject.toJSONString(saasPgroupPermissionRelationOperateLogService.getPersonBasicRoles(operatorId)))
.build();
saasPgroupPermissionRelationOperateLogService.batchSave(Lists.newArrayList(operateLog));
@ -1557,6 +1561,7 @@ public class RoleServiceImpl extends ServiceImpl<SaasRoleMapper, SaasRole>
.roleCode(saasRole.getRoleCode())
.build();
SaasPgroupPermissionRelationOperateLog operateLog = SaasPgroupPermissionRelationOperateLog.builder()
.tableName(SaasPgroupPermissionRelationOperateLogServiceImpl.TABLE_NAME_ROLE)
.scene(PermissionRelationOperateLogSceneEnum.OMS_ROLE_BIND_FEATURE_RESOURCE.getValue())
.sceneId(saasRole.getRoleCode())
.createBy(saveOrUpdateRole.getOperatorId())
@ -1564,6 +1569,7 @@ public class RoleServiceImpl extends ServiceImpl<SaasRoleMapper, SaasRole>
.traceId(MDC.get(Constants.CTX_LOG_ID_MDC))
.requestData(Objects.isNull(saveOrUpdateRole) ? null : JSONObject.toJSONString(saveOrUpdateRole))
.operateData(JSONObject.toJSONString(Lists.newArrayList(operateAfter)))
.createByRole(JSONObject.toJSONString(saasPgroupPermissionRelationOperateLogService.getPersonBasicRoles(saveOrUpdateRole.getOperatorId())))
.build();
saasPgroupPermissionRelationOperateLogService.batchSave(Lists.newArrayList(operateLog));

2
tyr-server/src/main/java/cn/axzo/tyr/server/service/impl/SaasPageElementServiceImpl.java
View File

@ -409,6 +409,7 @@ public class SaasPageElementServiceImpl implements SaasPageElementService {
.featureCodes(relation.getPageElementCodes())
.build();
SaasPgroupPermissionRelationOperateLog operateLog = SaasPgroupPermissionRelationOperateLog.builder()
.tableName(SaasPgroupPermissionRelationOperateLogServiceImpl.TABLE_NAME_PAGE_ELEMENT)
.scene(PermissionRelationOperateLogSceneEnum.OMS_FEATURE_RESOURCE_BIND_ELEMENT.getValue())
.sceneId(relation.getFeatureResourceUniCode())
.createBy(relation.getOperatorId())
@ -416,6 +417,7 @@ public class SaasPageElementServiceImpl implements SaasPageElementService {
.traceId(MDC.get(Constants.CTX_LOG_ID_MDC))
.requestData(JSONObject.toJSONString(relation))
.operateData(JSONObject.toJSONString(Lists.newArrayList(operateAfter)))
.createByRole(JSONObject.toJSONString(saasPgroupPermissionRelationOperateLogService.getPersonBasicRoles(relation.getOperatorId())))
.build();
saasPgroupPermissionRelationOperateLogService.batchSave(Lists.newArrayList(operateLog));

36
tyr-server/src/main/java/cn/axzo/tyr/server/service/impl/SaasPgroupPermissionRelationOperateLogServiceImpl.java
View File

@ -1,14 +1,25 @@
package cn.axzo.tyr.server.service.impl;
import cn.axzo.framework.auth.domain.ContextInfo;
import cn.axzo.framework.auth.domain.ContextInfoHolder;
import cn.axzo.pokonyan.config.mybatisplus.BaseEntity;
import cn.axzo.tyr.server.model.BasicRoleDO;
import cn.axzo.tyr.server.repository.dao.SaasPgroupPermissionRelationOperateLogDao;
import cn.axzo.tyr.server.repository.dao.SaasRoleDao;
import cn.axzo.tyr.server.repository.dao.SaasRoleUserRelationDao;
import cn.axzo.tyr.server.repository.entity.SaasPgroupPermissionRelationOperateLog;
import cn.axzo.tyr.server.repository.entity.SaasRoleUserRelation;
import cn.axzo.tyr.server.service.SaasPgroupPermissionRelationOperateLogService;
import cn.axzo.tyr.server.service.SaasRoleUserService;
import lombok.AllArgsConstructor;
import lombok.extern.slf4j.Slf4j;
import org.apache.commons.collections4.CollectionUtils;
import org.springframework.stereotype.Service;
import java.util.Collections;
import java.util.List;
import java.util.Objects;
import java.util.stream.Collectors;
/**
* @author likunpeng
@ -20,7 +31,13 @@ import java.util.List;
@AllArgsConstructor
public class SaasPgroupPermissionRelationOperateLogServiceImpl implements SaasPgroupPermissionRelationOperateLogService {
public static final String TABLE_NAME_FEATURE_RESOURCE = "saas_feature_resource";
public static final String TABLE_NAME_ROLE = "saas_role";
public static final String TABLE_NAME_PAGE_ELEMENT = "saas_page_element";
private final SaasPgroupPermissionRelationOperateLogDao saasPgroupPermissionRelationOperateLogDao;
private final SaasRoleUserRelationDao roleUserRelationDao;
private final SaasRoleDao saasRoleDao;
@Override
public void batchSave(List<SaasPgroupPermissionRelationOperateLog> logs) {
@ -30,4 +47,23 @@ public class SaasPgroupPermissionRelationOperateLogServiceImpl implements SaasPg
saasPgroupPermissionRelationOperateLogDao.saveBatch(logs);
}
@Override
public List<BasicRoleDO> getPersonBasicRoles(Long personId) {
if (Objects.isNull(personId)) {
return Collections.emptyList();
}
ContextInfo contextInfo = ContextInfoHolder.get();
if (Objects.isNull(contextInfo)) {
log.warn("no contextInfo, personId:{}", personId);
return Collections.emptyList();
}
List<SaasRoleUserRelation> relations = roleUserRelationDao.queryByPersonId(personId, contextInfo.getWorkspaceId(), contextInfo.getOuId());
if (CollectionUtils.isEmpty(relations)) {
return Collections.emptyList();
}
return saasRoleDao.lambdaQuery().in(BaseEntity::getId, relations.stream().map(SaasRoleUserRelation::getRoleId).collect(Collectors.toList())).list()
.stream().map(e -> BasicRoleDO.builder().roleId(e.getId()).roleCode(e.getRoleCode()).build()).collect(Collectors.toList());
}
}