feat(2046) 班组管理员相关权限添加批量取消授权功能

2024-01-09 18:51:41 +08:00 · 2024-01-09 18:51:41 +08:00 · e432ed7260
commit e432ed7260
parent a93d71e11a
4 changed files with 62 additions and 3 deletions
--- a/tyr-api/src/main/java/cn/axzo/tyr/client/model/roleuser/req/WorkerManagerRoleUserReq.java
+++ b/tyr-api/src/main/java/cn/axzo/tyr/client/model/roleuser/req/WorkerManagerRoleUserReq.java
@ -37,7 +37,7 @@ public class WorkerManagerRoleUserReq {
    private Integer resourceType;
    @NotNull
    private Long resourceId;
-    private boolean ungrant = false;
+
    private IdentityType identityType;
    private Long identityId;
    private Long personId;
@ -48,6 +48,25 @@ public class WorkerManagerRoleUserReq {
    @NotEmpty
    private List<Long> permissionGroupId;

+// -------------
+    /**
+     * 是否取消授权
+     */
+    @Builder.Default
+    private boolean ungrant = false;
+    /**
+     * 是否取消所有权限，是的话则不消费permissionGroupId
+     */
+    @Builder.Default
+    private boolean isUngrantAll = false;
+
+    /**
+     * 取消所有授权的角色分组 saas role group 上的categoryCode;
+     * 只有在isUngrantAll时生效
+     * #{@link SaasPositionEnum}
+     */
+    private String roleGroupCategoryCode;
+



--- a/tyr-server/src/main/java/cn/axzo/tyr/server/model/RoleUserInfo.java
+++ b/tyr-server/src/main/java/cn/axzo/tyr/server/model/RoleUserInfo.java
@ -7,6 +7,7 @@ import lombok.Data;
 import lombok.NoArgsConstructor;

 import java.util.List;
+import java.util.Set;

 /**
 * @author tanjie@axzo.cn
@ -24,7 +25,7 @@ public class RoleUserInfo {
    private IdentityType identityType;
    private Long identityId;
    private Long personId;
-    private List<Long> roleId;
+    private Set<Long> roleId;


 }
--- a/tyr-server/src/main/java/cn/axzo/tyr/server/repository/dao/SaasRoleGroupRelationDao.java
+++ b/tyr-server/src/main/java/cn/axzo/tyr/server/repository/dao/SaasRoleGroupRelationDao.java
@ -9,8 +9,10 @@ import org.apache.commons.collections.CollectionUtils;
 import org.springframework.stereotype.Repository;

 import java.io.Serializable;
+import java.util.ArrayList;
 import java.util.Collection;
 import java.util.List;
+import java.util.Set;

@Repository
 public class SaasRoleGroupRelationDao extends ServiceImpl<SaasRoleGroupRelationMapper, SaasRoleGroupRelation> {
@ -41,5 +43,14 @@ public class SaasRoleGroupRelationDao extends ServiceImpl<SaasRoleGroupRelationM
 				.set(BaseEntity::getIsDelete,1L)
 				.update();
 	}
+
+	public List<SaasRoleGroupRelation> findByGroupId(Set<Long> groupIds) {
+		if (CollectionUtils.isEmpty(groupIds)) {
+			return new ArrayList<>();
+		}
+		return lambdaQuery().eq(BaseEntity::getIsDelete, TableIsDeleteEnum.NORMAL)
+				.in(SaasRoleGroupRelation::getSaasRoleGroupId, groupIds).list();
+	}
+
 }

--- a/tyr-server/src/main/java/cn/axzo/tyr/server/service/impl/RoleUserService.java
+++ b/tyr-server/src/main/java/cn/axzo/tyr/server/service/impl/RoleUserService.java
@ -5,6 +5,7 @@ import cn.axzo.basics.common.exception.ServiceException;
 import cn.axzo.basics.common.util.AssertUtil;
 import cn.axzo.pokonyan.config.mybatisplus.BaseEntity;
 import cn.axzo.tyr.client.common.enums.RoleTypeEnum;
+import cn.axzo.tyr.client.common.enums.SaasPositionEnum;
 import cn.axzo.tyr.client.model.BaseWorkspaceModel;
 import cn.axzo.tyr.client.model.enums.IdentityType;
 import cn.axzo.tyr.client.model.enums.WorkerLeaderRoleEnum;
@ -14,16 +15,22 @@ import cn.axzo.tyr.client.model.roleuser.req.GantOrUnGantaWorkerLeaderRoleReq;
 import cn.axzo.tyr.client.model.roleuser.req.RoleUserReq;
 import cn.axzo.tyr.client.model.roleuser.req.SuperAdminParam;
 import cn.axzo.tyr.client.model.roleuser.req.WorkerManagerRoleUserReq;
+import cn.axzo.tyr.client.model.vo.SaasRoleGroupVO;
 import cn.axzo.tyr.server.model.RoleUserInfo;
 import cn.axzo.tyr.server.repository.dao.SaasPgroupRoleRelationDao;
 import cn.axzo.tyr.server.repository.dao.SaasRoleDao;
+import cn.axzo.tyr.server.repository.dao.SaasRoleGroupRelationDao;
 import cn.axzo.tyr.server.repository.dao.SaasRoleUserRelationDao;
 import cn.axzo.tyr.server.repository.entity.SaasPgroupRoleRelation;
 import cn.axzo.tyr.server.repository.entity.SaasRole;
+import cn.axzo.tyr.server.repository.entity.SaasRoleGroupRelation;
 import cn.axzo.tyr.server.repository.entity.SaasRoleUserRelation;
+import cn.axzo.tyr.server.service.SaasRoleGroupRelationService;
+import cn.axzo.tyr.server.service.SaasRoleGroupService;
 import cn.axzo.tyr.server.service.SaasRoleUserRelationService;
 import cn.axzo.tyr.server.service.SaasRoleUserService;
 import cn.hutool.core.collection.CollectionUtil;
+import cn.hutool.core.util.StrUtil;
 import com.alibaba.nacos.common.utils.CollectionUtils;
 import com.baomidou.mybatisplus.core.conditions.query.LambdaQueryWrapper;
 import com.baomidou.mybatisplus.extension.conditions.query.LambdaQueryChainWrapper;
@ -54,6 +61,8 @@ public class RoleUserService implements SaasRoleUserService {
    private final SaasRoleUserRelationDao roleUserRelationDao;
    private final SaasRoleDao saasRoleDao;
    private final SaasPgroupRoleRelationDao saasPgroupRoleRelationDao;
+    private final SaasRoleGroupService saasRoleGroupService;
+    private final SaasRoleGroupRelationDao saasRoleGroupRelationDao;

    // 单位类型默认角色关系,后面可以座位管理员的逻辑进行迭代
    @Value("#{${participateUnitDefaultRoleId:{}}}")
@ -315,6 +324,7 @@ public class RoleUserService implements SaasRoleUserService {
    }

    @Override
+    @Transactional
    public void grantOrUngrantWorkerManager(WorkerManagerRoleUserReq req) {
        // 查询出角色ID
        List<SaasPgroupRoleRelation> saasPgroupRoleRelations = saasPgroupRoleRelationDao.listByIds(req.getPermissionGroupId());
@ -334,7 +344,7 @@ public class RoleUserService implements SaasRoleUserService {
                .ouId(req.getOuId())
                .identityId(req.getIdentityId())
                .identityType(req.getIdentityType())
-                .roleId(roleInfos.stream().map(BaseEntity::getId).distinct().collect(Collectors.toList()))
+                .roleId(roleInfos.stream().map(BaseEntity::getId).distinct().collect(Collectors.toSet()))
                .build();
        // 授权
        if (!req.isUngrant()) {
@ -357,6 +367,24 @@ public class RoleUserService implements SaasRoleUserService {
            return;
        }
        // 取消授权
+        if (!req.isUngrantAll()) {
+            roleUserRelationDao.removeByResource(roleUserBaseInfo);
+            return;
+        }
+        //  取消所有权限
+        String categoryCode = req.getRoleGroupCategoryCode();
+        if (StrUtil.isBlank(categoryCode)) {
+            throw new ServiceException("不支持清除该人员所有角色，请指定分组");
+        }
+        List<SaasRoleGroupVO> saasRoleGroupVO = saasRoleGroupService.listByCategoryCode(categoryCode);
+        List<SaasRoleGroupRelation> roleGroupRelations = saasRoleGroupRelationDao.findByGroupId(saasRoleGroupVO.stream().map(SaasRoleGroupVO::getId).collect(Collectors.toSet()));
+        Set<Long> roleIds = roleGroupRelations.stream().map(SaasRoleGroupRelation::getRoleId).collect(Collectors.toSet());
+        if (CollectionUtil.isEmpty(roleIds)) {
+            return;
+        }
+        roleUserBaseInfo.setRoleId(roleIds);
        roleUserRelationDao.removeByResource(roleUserBaseInfo);
+
    }
+
 }