Merge branch 'feature/REQ-1502' into dev

2023-10-26 17:50:49 +08:00 · 2023-10-26 17:50:49 +08:00 · e21b3cf15e
commit e21b3cf15e
parent 35fa4afbc2 4b27dcf42b
8 changed files with 81 additions and 12 deletions
--- a/integration-test/src/test/resources/rest-client.env.json
+++ b/integration-test/src/test/resources/rest-client.env.json
@ -4,5 +4,8 @@
  },
  "dev": {
    "host": "https://dev-app.axzo.cn/msg-center/webApi/message/"
+  },
+  "test": {
+    "host": "https://test-api.axzo.cn/"
  }
 }
--- a/integration-test/src/test/resources/role-user.http
+++ b/integration-test/src/test/resources/role-user.http
@ -33,4 +33,37 @@ Content-Type: application/json
 > reponse-check.js


+###
+POST {{host}}/tyr/api/v2/auth/batchListIdentityFromPermission
+Accept: application/json
+Content-Type: application/json
+
+{
+  "featureCode": "CMS_WEB_PROJ_0528",
+  "ouId": 5836,
+  "workspaceId":326,
+  "workspaceJoinType": 1
+}
+
+> reponse-check.js
+
+###
+POST {{host}}/tyr/api/v2/auth/listIdentityFromPermission
+Accept: application/json
+Content-Type: application/json
+
+{
+  "featureCode": "CMP_APP_PROJ_0056",
+  "ouId": 5812,
+  "workspaceId":311,
+  "workspaceJoinType": 1
+}
+
+> reponse-check.js
+
+
+
+
+
+

--- a/tyr-server/src/main/java/cn/axzo/tyr/server/service/PermissionPointService.java
+++ b/tyr-server/src/main/java/cn/axzo/tyr/server/service/PermissionPointService.java
@ -9,8 +9,6 @@ import cn.axzo.tyr.client.model.permission.PermissionPointVO;
 import cn.axzo.tyr.server.repository.entity.SaasFeature;

 import java.util.List;
-import java.util.Map;
-import java.util.Set;

 /**
 * 权限点服务
@ -55,6 +53,6 @@ public interface PermissionPointService {
     */
    List<PermissionPointTreeNode> listTreeNodesFlatChild(PermissionPointTreeQueryReq request);

-    /** 根据code查询权限点, terminal可为空- 直查 **/
-    List<SaasFeature> listNodeByCode(String featureCode, String terminal);
+    /** 根据code查询权限点, terminal可为空 **/
+    List<SaasFeature> listNodeWithChildrenByCode(String featureCode, String terminal);
 }
--- a/tyr-server/src/main/java/cn/axzo/tyr/server/service/SaasRoleUserService.java
+++ b/tyr-server/src/main/java/cn/axzo/tyr/server/service/SaasRoleUserService.java
@ -63,7 +63,7 @@ public interface SaasRoleUserService {
     */
    List<SuperAminInfoResp> batchSuperAdminList(List<SuperAdminParam> param);

-    List<SaasRoleUserRelation> listByRoleIds(List<Long> roleIds);
+    List<SaasRoleUserRelation> listByRoleIds(List<Long> roleIds, Long workspaceId);

    /**
     * 删除单位参与的工作台的所有的人员与角色。 目前主要是用于移除参与单位的地方
--- a/tyr-server/src/main/java/cn/axzo/tyr/server/service/impl/PermissionPointServiceImpl.java
+++ b/tyr-server/src/main/java/cn/axzo/tyr/server/service/impl/PermissionPointServiceImpl.java
@ -9,6 +9,7 @@ import java.util.function.Function;
 import java.util.stream.Collectors;

 import cn.axzo.tyr.client.model.enums.FeatureDataType;
+import cn.hutool.core.lang.Opt;
 import org.springframework.stereotype.Service;
 import org.springframework.transaction.annotation.Transactional;

@ -319,6 +320,8 @@ public class PermissionPointServiceImpl implements PermissionPointService {
        vo.setParentName(parent.getFeatureName());
        vo.setParentFeatureType(parent.getFeatureType());
        vo.setParentFeatureTypeDes(FeatureType.apply(parent.getFeatureType()).getDesc());
+        vo.setFitOuNodeTypeList(Collections.emptyList());
+        vo.setFitOuNodeTypeList(Collections.emptyList());

        return vo;
    }
@ -560,9 +563,26 @@ public class PermissionPointServiceImpl implements PermissionPointService {
    }

    @Override
-    public List<SaasFeature> listNodeByCode(String featureCode, String terminal) {
-        return saasFeatureDao.list(new LambdaQueryWrapper<SaasFeature>()
+    public List<SaasFeature> listNodeWithChildrenByCode(String featureCode, String terminal) {
+        List<SaasFeature> currentFeatrureList = saasFeatureDao.list(new LambdaQueryWrapper<SaasFeature>()
                .eq(SaasFeature::getFeatureCode, featureCode)
                .eq(StrUtil.isNotBlank(terminal), SaasFeature::getTerminal, terminal));
+        //button过滤减少查询
+        Set<String> pathsWithoutButton = currentFeatrureList.stream()
+                .filter(f -> !BUTTON.sameCode(f.getFeatureType()))
+                .map(SaasFeature::getPath)
+                .collect(Collectors.toSet());
+        if (CollectionUtil.isEmpty(pathsWithoutButton)) {
+            return currentFeatrureList;
+        }
+
+        Wrapper<SaasFeature> wrapper = new LambdaQueryWrapper<SaasFeature>()
+                .eq(StrUtil.isNotBlank(terminal), SaasFeature::getTerminal, terminal)
+                .and(w -> {
+                    pathsWithoutButton.forEach(p -> w.or().likeRight(SaasFeature::getPath, p));
+                });
+        List<SaasFeature> children = saasFeatureDao.list(wrapper);
+        currentFeatrureList.addAll(children);
+        return currentFeatrureList;
    }
 }
--- a/tyr-server/src/main/java/cn/axzo/tyr/server/service/impl/RoleUserService.java
+++ b/tyr-server/src/main/java/cn/axzo/tyr/server/service/impl/RoleUserService.java
@ -227,11 +227,12 @@ public class RoleUserService implements SaasRoleUserService {
 	}

 	@Override
-	public List<SaasRoleUserRelation> listByRoleIds(List<Long> roleIds) {
+	public List<SaasRoleUserRelation> listByRoleIds(List<Long> roleIds, Long workspaceId) {
 		if (CollectionUtil.isEmpty(roleIds)) {
 			return new ArrayList<>();
 		}
 		return roleUserRelationDao.list(new LambdaQueryWrapper<SaasRoleUserRelation>()
+				.eq(SaasRoleUserRelation::getWorkspaceId, workspaceId)
 				.in(SaasRoleUserRelation::getRoleId, roleIds));
 	}

--- a/tyr-server/src/main/java/cn/axzo/tyr/server/service/impl/TyrSaasAuthServiceImpl.java
+++ b/tyr-server/src/main/java/cn/axzo/tyr/server/service/impl/TyrSaasAuthServiceImpl.java
@ -533,7 +533,7 @@ public class TyrSaasAuthServiceImpl implements TyrSaasAuthService {
        result.setWorkspaceId(req.getWorkspaceId());

        //code查询权限点信息
-        List<SaasFeature> features = permissionPointService.listNodeByCode(req.getFeatureCode(), req.getTerminal());
+        List<SaasFeature> features = permissionPointService.listNodeWithChildrenByCode(req.getFeatureCode(), req.getTerminal());
        //权限匹配 - 工作台是否有指定权限
        List<SaasFeature> matchedFeature = matchWorkspaceFeature(req.getWorkspaceId(), req.getWorkspaceJoinType(), features);
        if (CollectionUtil.isEmpty(matchedFeature)) {
@ -587,19 +587,23 @@ public class TyrSaasAuthServiceImpl implements TyrSaasAuthService {

        //查询OU-工作台下的角色
        List<SaasRole> roleList = roleService.listForOUWorkspace(ouId, workspaceId, req.getWorkspaceJoinType());
+        log.info("====查询OU-工作台下的角色:{}===",roleList);

        //查询角色及权限
        List<SaasRoleVO> rolePermissions = roleService.getByIds(roleList.stream().map(SaasRole::getId).collect(Collectors.toList()),
                null, Lists.newArrayList(workspaceId), Lists.newArrayList(ouId), true);
-
+        log.info("====查询角色及权限:{}===",rolePermissions);
        //计算角色实际的权限 - 匹配请求的权限  --> 实际拥有权限的角色
        Set<Long> featureIds = features.stream().map(SaasFeature::getId).collect(Collectors.toSet());
        List<SaasRoleVO> matchedRoleList = rolePermissions.stream()
                .filter(rp -> rp.getMatchFeature(workspaceId, ouId).stream()
                        .anyMatch(f -> featureIds.contains(f.getPermissionPointId())))
                .collect(Collectors.toList());
+
+        log.info("====计算角色实际的权限 - 匹配请求的权限  --> 实际拥有权限的角色:{}===",featureIds);
        //查询角色下用户
        List<Long> matchedRoleIds = matchedRoleList.stream().map(SaasRoleVO::getId).collect(Collectors.toList());
+        log.info("====查询角色下用户:{}===",matchedRoleIds);
        //追加工作台超管
        Set<Long> superAdmins = roleList
                .stream()
@ -607,8 +611,9 @@ public class TyrSaasAuthServiceImpl implements TyrSaasAuthService {
                .map(SaasRole::getId)
                .collect(Collectors.toSet());
        matchedRoleIds.addAll(superAdmins);
-        List<SaasRoleUserRelation> relationList = roleUserService.listByRoleIds(matchedRoleIds);
-
+        log.info("====追加工作台超管:{}===",superAdmins);
+        List<SaasRoleUserRelation> relationList = roleUserService.listByRoleIds(matchedRoleIds, workspaceId);
+        log.info("====追加工作台超管:{}===",relationList);
        //构建用户-去重(identityId-identityType)
        List<ListIdentityFromPermissionResp.UserVO> users = new ArrayList<>();
        Set<String> filterSet = new HashSet<>();
--- a/tyr-server/src/test/java/cn/axzo/tyr/server/permission/PermissionPointTest.java
+++ b/tyr-server/src/test/java/cn/axzo/tyr/server/permission/PermissionPointTest.java
@ -11,6 +11,7 @@ import cn.axzo.tyr.client.model.permission.PermissionPointVO;
 import cn.axzo.tyr.server.controller.permission.PermissionPointController;
 import cn.axzo.tyr.server.repository.entity.SaasFeature;
 import cn.axzo.tyr.server.repository.dao.SaasFeatureDao;
+import cn.axzo.tyr.server.service.PermissionPointService;
 import com.alibaba.fastjson.JSON;
 import com.alibaba.fastjson.serializer.SerializerFeature;
 import org.junit.jupiter.api.Test;
@ -33,6 +34,8 @@ public class PermissionPointTest {
    private PermissionPointController controller;
    @Autowired
    private SaasFeatureDao saasFeatureDao;
+    @Autowired
+    private PermissionPointService permissionPointService;

    @Test
    public void testList() {
@ -133,4 +136,10 @@ public class PermissionPointTest {
        System.out.println(JSON.toJSONString(result));
    }

+    @Test
+    public void test() {
+        List<SaasFeature> saasFeatures = permissionPointService.listNodeWithChildrenByCode("CMS_WEB_PROJ_0546", "NT_CMS_WEB_PROJ");
+        System.out.println(JSON.toJSONString(saasFeatures));
+    }
+
 }