feat(2227-permissionQuery):调整免授权查询

tyr-server/src/main/java/cn/axzo/tyr/server/service/SaasFeatureResourceService.java

@@ -9,6 +9,7 @@ import cn.axzo.tyr.client.model.req.FeatureResourceTreeSaveReq;
 import io.swagger.models.auth.In;
 
 import java.util.List;
+import java.util.Set;
 
 /**
  * 功能资源服务
@@ -49,4 +50,6 @@ public interface SaasFeatureResourceService {
     List<FeatureResourceTreeNode> getTree(GetFeatureResourceTreeReq req);
 
     SaasFeatureResource getByCode(String featureCode);
+
+    Set<Long> listAuthFree();
 }

tyr-server/src/main/java/cn/axzo/tyr/server/service/impl/PermissionQueryServiceImpl.java

@@ -205,6 +205,8 @@ public class PermissionQueryServiceImpl implements PermissionQueryService {
                 .collect(Collectors.toMap(RoleWithFeature::getRoleId, Function.identity()));
         Map<Long, List<WorkspaceFeatureRelation>> workspaceMap = workspaceFeatureRelations.stream()
                 .collect(Collectors.groupingBy(WorkspaceFeatureRelation::getWorkspaceId));
+        //免授权
+        Set<Long> authFreeFeatureIds = featureResourceService.listAuthFree();
         //按拥有的角色构建权限结果
         Map<String, PermissionDO> result = new HashMap<>();
         for (SaasRoleUserRelation relation : userRoleRelations) {
@@ -234,7 +236,7 @@ public class PermissionQueryServiceImpl implements PermissionQueryService {
                 }
             } else {
                 //普通角色权限
-                permission.getFeatureIds().addAll(buildNormalPermission(role, allFeatures));
+                permission.getFeatureIds().addAll(buildNormalPermission(role, allFeatures, authFreeFeatureIds));
             }
 
             result.put(key, permission);
@@ -242,20 +244,14 @@ public class PermissionQueryServiceImpl implements PermissionQueryService {
         return new ArrayList<>(result.values());
     }
 
-    private List<Long> buildNormalPermission(RoleWithFeature role, List<WorkspaceFeatureRelation> allFeatures) {
-        Set<Long> featureIds = featureResourceService.permissionQuery(ResourcePermissionQueryDTO.builder()
-                        .authTypes(Collections.singletonList(FeatureResourceAuthType.ALL_ROLE.getCode()))
-                        .build())
-                .stream()
-                .map(ResourcePermission::getId)
-                .collect(Collectors.toSet());
+    private List<Long> buildNormalPermission(RoleWithFeature role, List<WorkspaceFeatureRelation> allFeatures, Set<Long> authFreeFeatureIds) {
         //普通角色：角色同类型的租户产品权限已分配 且角色上已分配 + 免授权
         Set<Long> roleFeatures = role.getFeatureIds();
         return allFeatures.stream()
                 .filter(f -> Objects.equals(f.getProductUnitType(), role.getProductUnitType())
                         || !NumberUtil.isPositiveNumber(role.getProductUnitType()))
                 .map(WorkspaceFeatureRelation::getFeatureId)
-                .filter(id -> roleFeatures.contains(id) || featureIds.contains(id))
+                .filter(id -> roleFeatures.contains(id) || authFreeFeatureIds.contains(id))
                 .collect(Collectors.toList());
     }
 

tyr-server/src/main/java/cn/axzo/tyr/server/service/impl/SaasFeatureResourceServiceImpl.java

@@ -440,5 +440,11 @@ public class SaasFeatureResourceServiceImpl implements SaasFeatureResourceServic
         }
     }
 
-
+    @Override
+    public Set<Long> listAuthFree() {
+        return featureResourceDao.lambdaQuery()
+                .select(SaasFeatureResource::getId)
+                .eq(SaasFeatureResource::getAuthType, FeatureResourceAuthType.ALL_ROLE.getCode())
+                .list().stream().map(SaasFeatureResource::getId).collect(Collectors.toSet());
+    }
 }