wangli/tyr
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Merge remote-tracking branch 'origin/feature/REQ-1502' into feature/REQ-1502

Browse Source 
# Conflicts:
#	tyr-server/src/main/java/cn/axzo/tyr/server/service/impl/RoleServiceImpl.java
This commit is contained in:
zhansihu 2023-10-18 16:24:56 +08:00
commit ea4883c6b5
23 changed files with 568 additions and 84 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

12
integration-test/src/test/resources/role-user.http
View File

@ -21,4 +21,16 @@ Content-Type: application/json
> reponse-check.js
###
POST {{host}}/api/saas-role-user/delete-user-role-of-workspace
Accept: application/json
Content-Type: application/json
{
}
> reponse-check.js

3
tyr-api/src/main/java/cn/axzo/tyr/client/feign/PermissionPointApplyApi.java
View File

@ -30,9 +30,6 @@ public interface PermissionPointApplyApi {
@PostMapping(value = "/api/v1/permissionPoint/apply/submit")
ApiResult<Long> submitApply(@RequestBody@Valid SubmitPermissionPointApplyVO apply);
@PostMapping(value = "/api/v1/permissionPoint/apply/update-detail")
ApiResult<Void> updateDetail(@RequestBody@Valid UpdatePermissionPointApplyVO updateDetail);
@PostMapping(value = "/api/v1/permissionPoint/apply/bind")
ApiResult<Void> bindWorkflowInstantce(@RequestBody@Valid BindWorkflowInstantceVO bind);

10
tyr-api/src/main/java/cn/axzo/tyr/client/feign/ProductApi.java
View File

@ -21,6 +21,8 @@ import org.springframework.web.bind.annotation.RequestParam;
import javax.validation.constraints.NotNull;
import java.util.List;
import java.util.Map;
import java.util.Set;
/**
* 产品相关 API
@ -102,4 +104,12 @@ public interface ProductApi {
*/
@PostMapping("api/auth/product/feature/relation/update")
ApiResult<Boolean> updateFeatureRelation(@Validated @RequestBody List<ProductFeatureRelationUpdateReq> req);
/**
* 查询指定工作台关联的服务包下的产品权限点
*
* @param workspaceIds
* @return
*/
ApiResult<Map<Long, List<ProductFeatureRelationVO>>> queryProductFeatureRelationByWorkspace(Set<Long> workspaceIds);
}

43
tyr-api/src/main/java/cn/axzo/tyr/client/feign/TyrSaasRoleUserApi.java
View File

@ -1,18 +1,16 @@
package cn.axzo.tyr.client.feign;
import cn.axzo.framework.domain.web.result.ApiResult;
import cn.axzo.tyr.client.model.roleuser.dto.CreateAdminRoleDTO;
import cn.axzo.tyr.client.model.roleuser.dto.SaasRoleUserRelationDTO;
import cn.axzo.tyr.client.model.roleuser.req.DeleteRoleUserParam;
import cn.axzo.tyr.client.model.roleuser.req.DeleteUserRoleParam;
import cn.axzo.tyr.client.model.roleuser.req.RoleUserParam;
import cn.axzo.tyr.client.model.roleuser.req.RoleUserReq;
import cn.azxo.framework.common.model.CommonResponse;
import cn.axzo.tyr.client.model.roleuser.dto.SuperAdminInfoDTO;
import cn.axzo.tyr.client.model.roleuser.req.*;
import org.springframework.cloud.openfeign.FeignClient;
import org.springframework.validation.annotation.Validated;
import org.springframework.web.bind.annotation.PostMapping;
import org.springframework.web.bind.annotation.RequestBody;
import javax.validation.Valid;
import javax.validation.constraints.NotEmpty;
import java.util.List;
/**
@ -41,15 +39,42 @@ public interface TyrSaasRoleUserApi {
* @param param
* @return
*/
@PostMapping("api/saas-role-user/delete")
@PostMapping("/api/saas-role-user/delete")
ApiResult<Boolean> deleteUserAllRoles(@RequestBody @Valid List<DeleteRoleUserParam> param);
/**
* 新的 移除某个人在某个工作台的所有角色(除超管)
* 删除某个用户非超管角色()
*
* @param param
* @return
*/
@PostMapping("api/saas-role-user/delete-user-role")
@PostMapping("/api/saas-role-user/delete-user-role")
ApiResult<Boolean> deleteUserRoles(@RequestBody @Valid DeleteUserRoleParam param);
/**
*
* @param param
* @return
*/
@PostMapping("/api/saas-role-user/create-agency-admin-role")
ApiResult<CreateAdminRoleDTO> createAgencyAdminRole(@RequestBody @Valid CreateAgencyAdminRoleParam param);
@PostMapping("/api/saas-role-user/create-super-admin-role")
ApiResult<Void> createSuperAdminRole(@RequestBody @Valid @NotEmpty CreateSuperAdminRoleParam param);
/**
* 移除超管角色
* @param params
* @return
*/
@PostMapping("/api/saas-role-user/delete-admin-role")
ApiResult<Boolean> deleteAdminRole(@RequestBody @Valid @NotEmpty List<DeleteAdminRoleParam> params);
/**
* 批量查询超管, 只能批量获取单个工作台台下的超管业务系统需要根据返回的identityId和identityType查询identityProfile查询用户明细信息
* @param param
* @return
*/
@PostMapping("/api/saas-role-user/super-admin-list")
ApiResult<List<SuperAdminInfoDTO>> superAdminList(@RequestBody @Valid SuperAdminParam param);
}

3
tyr-api/src/main/java/cn/axzo/tyr/client/model/product/ProductSearchPageReq.java
View File

@ -2,11 +2,8 @@ package cn.axzo.tyr.client.model.product;
import cn.axzo.core.domain.PageRequest;
import lombok.AllArgsConstructor;
import lombok.Builder;
import lombok.Data;
import lombok.EqualsAndHashCode;
import lombok.NoArgsConstructor;
import lombok.experimental.Accessors;
/**

2
tyr-api/src/main/java/cn/axzo/tyr/client/model/req/IdentityAuthReq.java
View File

@ -50,7 +50,7 @@ public class IdentityAuthReq {
/**
* {@link TerminalInfo#NT()}
*/
private String terminal;
private List<String> terminal;
@Builder.Default
private Set<Long> featureId = new HashSet<>();
@Builder.Default

47
tyr-api/src/main/java/cn/axzo/tyr/client/model/roleuser/dto/CreateAdminRoleDTO.java Normal file
View File

@ -0,0 +1,47 @@
package cn.axzo.tyr.client.model.roleuser.dto;
import cn.axzo.tyr.client.model.enums.IdentityType;
import lombok.Data;
/**
* @author : liuchuntao
* @date : 2022/5/11 11:20
* @description :
*/
@Data
public class CreateAdminRoleDTO {
/**
* 身份Id
*/
private Long identityId;
/**
* 身份类型
*/
private IdentityType identityType;
/**
* 账户Id
*
* @deprecated 此字段业务中不要使用全部用身份id来处理业务
*/
@Deprecated
private Long accountId;
/**
* 手机号
*/
private String phone;
/**
* 真实姓名
*/
private String realName;
/**
* 自然人Id
*/
private Long naturalPersonId;
}

29
tyr-api/src/main/java/cn/axzo/tyr/client/model/roleuser/dto/SuperAdminInfoDTO.java Normal file
View File

@ -0,0 +1,29 @@
package cn.axzo.tyr.client.model.roleuser.dto;
import lombok.Data;
/**
* @author : liuchuntao
* @date : 2022/6/17 16:20
* @description : 超管信息
*/
@Data
public class SuperAdminInfoDTO {
/**
* 身份ID
*/
private Long identityId;
private Integer identityType;
/**
* 工作台Id
*/
private Long workspaceId;
/**
* 单位Id
*/
private Long ouId;
}

65
tyr-api/src/main/java/cn/axzo/tyr/client/model/roleuser/req/CreateAgencyAdminRoleParam.java Normal file
View File

@ -0,0 +1,65 @@
package cn.axzo.tyr.client.model.roleuser.req;
import java.util.List;
import javax.validation.constraints.Min;
import javax.validation.constraints.NotBlank;
import javax.validation.constraints.NotEmpty;
import javax.validation.constraints.NotNull;
import cn.axzo.tyr.client.model.enums.IdentityType;
import lombok.AllArgsConstructor;
import lombok.Builder;
import lombok.Data;
import lombok.NoArgsConstructor;
@Builder
@Data
@NoArgsConstructor
@AllArgsConstructor
public class CreateAgencyAdminRoleParam {
/**
* 工作台id与context校验
*/
@NotNull(message = "工作台Id不能为空")
private Long workspaceId;
/**
* 单位id : 必填
*/
@NotNull(message = "单位Id不能为空")
private Long ouId;
/**
* 单位类型
*/
@NotNull(message = "单位类型不能为空")
@Min(value = 1)
private Integer organizationalUnitType;
/**
* 被赋予角色的人的身份类型
*/
@NotNull(message = "身份类型不能为空")
private IdentityType identityType;
/**
* 手机号
*/
@NotBlank(message = "手机号不能为空")
private String phoneNo;
/**
* 用户名
*/
@NotBlank(message = "用户名不能为空")
private String userName;
/**
* 之前的所有RoleId都被更新
*/
@NotEmpty(message = "角色列表不能为空")
private List<Long> updateRoleIds;
}

62
tyr-api/src/main/java/cn/axzo/tyr/client/model/roleuser/req/CreateSuperAdminRoleParam.java Normal file
View File

@ -0,0 +1,62 @@
package cn.axzo.tyr.client.model.roleuser.req;
import cn.axzo.tyr.client.common.enums.RoleTypeEnum;
import cn.axzo.tyr.client.model.enums.IdentityType;
import lombok.Data;
import javax.validation.constraints.NotNull;
@Data
public class CreateSuperAdminRoleParam {
/**
* 工作台id与context校验
*/
@NotNull(message = "workspaceId不能为空")
private Long workspaceId;
/**
* 单位id
*/
@NotNull(message = "ouId不能为空")
private Long ouId;
/**
* 适用单位类型 1:总包 2:建设单位 4:监理单位 8:劳务分包 16:专业分包 0都可以用 只会挂在最末级
* <p>
* 业务层这个字段不要直接用有变种的gettersetter或者直接用解释工具
*/
private Long fitOuTypeBit;
/**
*
* 适用节点类型 1:部门 2:班组 4:小组 只会挂在最末级
*
* 业务层这个字段不要直接用
*/
private Long fitOuNodeTypeBit;
/**
* 角色Id必填
* 只能传SUPER_ADMINADMIN
*/
private RoleTypeEnum roleType;
/**
* 身份id
*/
@NotNull(message = "identityId不能为空")
private Long identityId;
/**
* 身份类型
*/
@NotNull(message = "identityType不能为空")
private IdentityType identityType;
@NotNull(message = "workspaceType不能为空")
private Integer workspaceType;
private Long naturalPersonId;
}

26
tyr-api/src/main/java/cn/axzo/tyr/client/model/roleuser/req/DeleteAdminRoleParam.java Normal file
View File

@ -0,0 +1,26 @@
package cn.axzo.tyr.client.model.roleuser.req;
import cn.axzo.tyr.client.model.enums.IdentityType;
import lombok.Data;
@Data
public class DeleteAdminRoleParam {
/**
* 工作台id与context校验
*/
private Long workspaceId;
/**
* 单位id : 非必填
*/
private Long ouId;
/**
* 被赋予角色的人的身份id
*/
private Long identityId;
/**
* 身份类型必填
*/
private IdentityType identityType;
}

30
tyr-api/src/main/java/cn/axzo/tyr/client/model/roleuser/req/DeleteUserRolesOfWorkspaceParam.java Normal file
View File

@ -0,0 +1,30 @@
package cn.axzo.tyr.client.model.roleuser.req;
import lombok.AllArgsConstructor;
import lombok.Builder;
import lombok.Data;
import lombok.NoArgsConstructor;
import javax.validation.constraints.NotNull;
/**
* @author haiyangjin
* @date 2023/10/17
*/
@Data
@Builder
@AllArgsConstructor
@NoArgsConstructor
public class DeleteUserRolesOfWorkspaceParam {
/**
* 工作台id
*/
@NotNull(message = "工作台ID不能为空")
private Long workspaceId;
/**
* 单位id
*/
@NotNull(message = "单位ID不能为空")
private Long ouId;
}

35
tyr-api/src/main/java/cn/axzo/tyr/client/model/roleuser/req/SuperAdminParam.java Normal file
View File

@ -0,0 +1,35 @@
package cn.axzo.tyr.client.model.roleuser.req;
import java.util.List;
import javax.validation.constraints.NotEmpty;
import javax.validation.constraints.NotNull;
import lombok.AllArgsConstructor;
import lombok.Builder;
import lombok.Data;
import lombok.NoArgsConstructor;
/**
* @author : liuchuntao
* @date : 2022/6/17 16:28
* @description : 查询超管信息
*/
@Data
@Builder
@AllArgsConstructor
@NoArgsConstructor
public class SuperAdminParam {
/**
* 工作台Id
*/
@NotNull(message = "工作台Id不能为空")
private Long workspaceId;
/**
* 单位Id
*/
@NotEmpty(message = "单位Id不能为空")
private List<Long> ouIds;
}

5
tyr-server/src/main/java/cn/axzo/tyr/server/controller/permission/PermissionPointApplyController.java
View File

@ -35,11 +35,6 @@ public class PermissionPointApplyController implements PermissionPointApplyApi {
return ApiResult.ok(saasFeatureApplyService.saveApply(apply));
}
@Override
public ApiResult<Void> updateDetail(UpdatePermissionPointApplyVO updateDetail) {
return null;
}
@Override
public ApiResult<Void> bindWorkflowInstantce(BindWorkflowInstantceVO bind) {
saasFeatureApplyService.bindWorkflowInstantce(bind);

8
tyr-server/src/main/java/cn/axzo/tyr/server/controller/product/ProductController.java
View File

@ -20,6 +20,8 @@ import org.springframework.web.bind.annotation.RequestBody;
import org.springframework.web.bind.annotation.RestController;
import java.util.List;
import java.util.Map;
import java.util.Set;
/**
* 产品相关 API 实现
@ -124,4 +126,10 @@ public class ProductController implements ProductApi {
}
return productFeatureRelationService.updateFeatureRelation(req);
}
@Override
public ApiResult<Map<Long, List<ProductFeatureRelationVO>>> queryProductFeatureRelationByWorkspace(Set<Long> workspaceIds) {
return ApiResult.ok(productFeatureRelationService.getByWorkspace(workspaceIds));
}
}

36
tyr-server/src/main/java/cn/axzo/tyr/server/controller/roleuser/RoleUserController.java
View File

@ -2,11 +2,10 @@ package cn.axzo.tyr.server.controller.roleuser;
import cn.axzo.framework.domain.web.result.ApiResult;
import cn.axzo.tyr.client.feign.TyrSaasRoleUserApi;
import cn.axzo.tyr.client.model.roleuser.dto.CreateAdminRoleDTO;
import cn.axzo.tyr.client.model.roleuser.dto.SaasRoleUserRelationDTO;
import cn.axzo.tyr.client.model.roleuser.req.DeleteRoleUserParam;
import cn.axzo.tyr.client.model.roleuser.req.DeleteUserRoleParam;
import cn.axzo.tyr.client.model.roleuser.req.RoleUserParam;
import cn.axzo.tyr.client.model.roleuser.req.RoleUserReq;
import cn.axzo.tyr.client.model.roleuser.dto.SuperAdminInfoDTO;
import cn.axzo.tyr.client.model.roleuser.req.*;
import cn.axzo.tyr.server.service.SaasRoleUserRelationService;
import cn.axzo.tyr.server.service.SaasRoleUserService;
import lombok.RequiredArgsConstructor;
@ -45,7 +44,7 @@ public class RoleUserController implements TyrSaasRoleUserApi {
}
/**
* 新的 移除某个人在某个工作台的所有角色(除超管)
* 删除用户非超管角色
*
* @param param
* @return
@ -55,4 +54,31 @@ public class RoleUserController implements TyrSaasRoleUserApi {
return ApiResult.ok(saasRoleUserService.deleteUserRoles(param));
}
@Override
public ApiResult<CreateAdminRoleDTO> createAgencyAdminRole(CreateAgencyAdminRoleParam param) {
// todo cn.axzo.basics.auth.api.SaasRoleApi#grantAgencyAdminRole
return ApiResult.ok(new CreateAdminRoleDTO());
}
@Override
public ApiResult<Void> createSuperAdminRole(CreateSuperAdminRoleParam param) {
saasRoleUserService.createSuperAdminRole(param);
return ApiResult.ok();
}
@Override
public ApiResult<Boolean> deleteAdminRole(List<DeleteAdminRoleParam> params) {
// todo cn.axzo.basics.auth.api.SaasRoleApi#ungrantAdminRole
return ApiResult.ok(true);
}
/**
* cn.axzo.basics.auth.api.SaasRoleApi#batchFindSuperAdmin
* @param param
* @return
*/
@Override
public ApiResult<List<SuperAdminInfoDTO>> superAdminList(SuperAdminParam param) {
return ApiResult.ok(saasRoleUserService.superAdminList(param));
}
}

28
tyr-server/src/main/java/cn/axzo/tyr/server/repository/dao/SaasRoleDao.java
View File

@ -2,10 +2,13 @@ package cn.axzo.tyr.server.repository.dao;
import cn.axzo.basics.common.constant.enums.TableIsDeleteEnum;
import cn.axzo.pokonyan.config.mybatisplus.BaseEntity;
import cn.axzo.tyr.client.common.enums.RoleTypeEnum;
import cn.axzo.tyr.client.model.enums.IdentityType;
import cn.axzo.tyr.server.repository.entity.SaasRole;
import cn.axzo.tyr.server.repository.entity.SaasRoleWithUser;
import cn.axzo.tyr.server.repository.mapper.SaasRoleMapper;
import cn.hutool.core.collection.CollUtil;
import cn.hutool.core.collection.CollectionUtil;
import com.baomidou.mybatisplus.extension.service.impl.ServiceImpl;
import org.apache.commons.collections.CollectionUtils;
import org.springframework.stereotype.Repository;
@ -53,5 +56,30 @@ public class SaasRoleDao extends ServiceImpl<SaasRoleMapper, SaasRole> {
}
return this.getBaseMapper().listRoleUserByPermissionGroup(permissionGroupIdList, workspaceIds);
}
public SaasRole findRoleByTypeAndWorkspaceIdAndOuId(String roleType, Long workspaceId,
Long ouId) {
List<SaasRole> list = this.lambdaQuery()
.eq(SaasRole::getRoleType, roleType)
.eq(SaasRole::getWorkspaceId, workspaceId)
.eq(SaasRole::getOwnerOuId, ouId)
.eq(SaasRole::getIsDelete, TableIsDeleteEnum.NORMAL.value)
.list();
if(CollUtil.isEmpty(list)){
return null;
}
return list.get(0);
}
public List<SaasRole> listCommonRoleByNameAndWorkspaceIdAndOuId(String name, Long workspaceId,
Long ouId) {
return lambdaQuery().eq(SaasRole::getName, name)
.eq(SaasRole::getWorkspaceId, workspaceId)
.eq(SaasRole::getOwnerOuId, ouId)
.eq(SaasRole::getRoleType, RoleTypeEnum.COMMON.getValue())
.eq(SaasRole::getIsDelete, TableIsDeleteEnum.NORMAL.value)
.select(SaasRole::getId)
.list();
}
}

27
tyr-server/src/main/java/cn/axzo/tyr/server/service/SaasRoleUserService.java
View File

@ -1,10 +1,8 @@
package cn.axzo.tyr.server.service;
import cn.axzo.tyr.client.model.enums.IdentityType;
import cn.axzo.tyr.client.model.roleuser.req.DeleteRoleUserParam;
import cn.axzo.tyr.client.model.roleuser.req.DeleteUserRoleParam;
import cn.axzo.tyr.client.model.roleuser.req.RoleUserParam;
import cn.axzo.tyr.client.model.roleuser.req.RoleUserReq;
import cn.axzo.tyr.client.model.roleuser.dto.SuperAdminInfoDTO;
import cn.axzo.tyr.client.model.roleuser.req.*;
import cn.axzo.tyr.server.repository.entity.SaasRoleUserRelation;
import java.util.List;
@ -44,7 +42,6 @@ public interface SaasRoleUserService {
*/
boolean deleteUserRoles(DeleteUserRoleParam param);
/**
* <pre>
* 查询人所在的工作台或者单位中的数据
@ -60,4 +57,24 @@ public interface SaasRoleUserService {
* @return
*/
List<SaasRoleUserRelation> queryByWorkspaceIdOrOu(Long identityId, IdentityType identityType, Set<Long> workspaceIds, Set<Long> ouIds);
/**
* workpaceId + ownerOuId + roleId + 手机号 + 姓名 赋予角色支持角色赋予的同时 角色创建
* work for: 组织 + 服务包
*/
void createSuperAdminRole(CreateSuperAdminRoleParam param);
/**
* 批量获取超管信息
* @param param
* @return
*/
List<SuperAdminInfoDTO> superAdminList(SuperAdminParam param);
/**
* 移除管理员
* @param params
* @return
*/
boolean deleteAdminRole(List<DeleteAdminRoleParam> params);
}

89
tyr-server/src/main/java/cn/axzo/tyr/server/service/impl/RoleServiceImpl.java
View File

@ -120,15 +120,15 @@ public class RoleServiceImpl implements RoleService {
pgrouRelationMap = saasPgroupRoleRelations.stream().collect(Collectors.groupingBy(SaasPgroupRoleRelation::getRoleId));
// 查询权限集
pGroupMap = permissionGroupService.page(QuerySaasPermissionGroupReq.builder()
.isCommon(isCommon)
.roleIds(roleIds)
.ids(saasPgroupRoleRelations.stream().map(SaasPgroupRoleRelation::getGroupId).collect(Collectors.toList()))
.workspaceId(workspaceId)
.ouId(ouId)
.fetchPage(Boolean.FALSE)
.build()).getList()
// 转map<pgroupId>
.stream().collect(Collectors.groupingBy(SaasPermissionGroupVO::getId));
.isCommon(isCommon)
.roleIds(roleIds)
.ids(saasPgroupRoleRelations.stream().map(SaasPgroupRoleRelation::getGroupId).collect(Collectors.toList()))
.workspaceId(workspaceId)
.ouId(ouId)
.fetchPage(Boolean.FALSE)
.build()).getList()
// 转map<pgroupId>
.stream().collect(Collectors.groupingBy(SaasPermissionGroupVO::getId));
}
}
Map<Long, List<SaasPgroupRoleRelation>> finalPgrouRelationMap = pgrouRelationMap;
@ -138,12 +138,12 @@ public class RoleServiceImpl implements RoleService {
List<SaasPermissionGroupVO> pGroup = new ArrayList<>();
if (finalPgrouRelationMap != null && finalPgrouRelationMap.containsKey(role.getId())) {
pGroup = finalPgrouRelationMap.get(role.getId())
.stream()
.map(SaasPgroupRoleRelation::getGroupId)
.map(finalPGroupMap::get)
.filter(Objects::nonNull)
.flatMap(List::stream)
.collect(Collectors.toList());
.stream()
.map(SaasPgroupRoleRelation::getGroupId)
.map(finalPGroupMap::get)
.filter(Objects::nonNull)
.flatMap(List::stream)
.collect(Collectors.toList());
}
SaasRoleVO saasRoleVO = BeanUtil.copyProperties(role, SaasRoleVO.class);
saasRoleVO.setPermissionGroup(pGroup);
@ -172,12 +172,13 @@ public class RoleServiceImpl implements RoleService {
}
// 根据工作台类型和单位类型查询角色分组
List<SaasRoleGroup> roleGroup = new ArrayList<>();
if (CollectionUtils.isNotEmpty(req.getWorkspaceTypeCode()) || CollectionUtils.isNotEmpty(req.getOuTypeCode())) {
// 如果传入了角色id就以传入的角色id为准
if (CollectionUtils.isEmpty(req.getIds()) && (CollectionUtils.isNotEmpty(req.getWorkspaceTypeCode()) || CollectionUtils.isNotEmpty(req.getOuTypeCode()))) {
roleGroup = saasRoleGroupDao.query(QuerySaasRoleGroupReq.builder()
.ids(req.getSassRoleGroupIds())
.workspaceTypeCode(req.getWorkspaceTypeCode())
.ouTypeCode(req.getOuTypeCode())
.build());
.ids(req.getSassRoleGroupIds())
.workspaceTypeCode(req.getWorkspaceTypeCode())
.ouTypeCode(req.getOuTypeCode())
.build());
if (CollectionUtils.isEmpty(roleGroup)) {
return new ArrayList<>();
}
@ -186,8 +187,8 @@ public class RoleServiceImpl implements RoleService {
List<SaasRoleGroupRelation> groupRelation = new ArrayList<>();
if (CollectionUtils.isNotEmpty(roleGroup)) {
groupRelation = roleGroupRelationDao.lambdaQuery()
.in(SaasRoleGroupRelation::getSaasRoleGroupId, roleGroup.stream().map(BaseEntity::getId).collect(Collectors.toList()))
.list();
.in(SaasRoleGroupRelation::getSaasRoleGroupId, roleGroup.stream().map(BaseEntity::getId).collect(Collectors.toList()))
.list();
if (CollectionUtils.isEmpty(groupRelation)) {
return new ArrayList<>();
}
@ -197,8 +198,8 @@ public class RoleServiceImpl implements RoleService {
.in(CollectionUtils.isNotEmpty(req.getIds()), BaseEntity::getId, req.getIds())
.in(CollectionUtils.isNotEmpty(groupRelation), BaseEntity::getId, groupRelation.stream().map(SaasRoleGroupRelation::getRoleId).collect(Collectors.toList()))
.in(CollectionUtils.isNotEmpty(req.getRoleType()), SaasRole::getRoleType, req.getRoleType())
.in(CollectionUtils.isNotEmpty(req.getWorkspaceId()),SaasRole::getWorkspaceId,req.getWorkspaceId())
.in(CollectionUtils.isNotEmpty(req.getOuId()),SaasRole::getOwnerOuId,req.getOuId())
.in(CollectionUtils.isEmpty(req.getIds()) && CollectionUtils.isNotEmpty(req.getWorkspaceId()),SaasRole::getWorkspaceId,req.getWorkspaceId())
.in(CollectionUtils.isEmpty(req.getIds()) && CollectionUtils.isNotEmpty(req.getOuId()),SaasRole::getOwnerOuId,req.getOuId())
.orderByDesc(BaseEntity::getId)
.list();
return getByIds(list.stream().map(BaseEntity::getId).collect(Collectors.toList()), req.getIsCommon(),req.getWorkspaceId(),req.getOuId(),req.getIncludePermissionGroup());
@ -209,12 +210,12 @@ public class RoleServiceImpl implements RoleService {
List<QueryBatchByIdentityIdTypeRes> result = new ArrayList<>();
req.forEach(e -> {
result.add(QueryBatchByIdentityIdTypeRes.builder()
.identityId(e.getIdentityId())
.identityType(e.getIdentityType())
.workspaceId(e.getWorkspaceId())
.ouId(e.getOuId())
.role(queryByIdentityIdType(e.getIdentityId(),e.getIdentityType(),e.getWorkspaceId(),e.getOuId()))
.build());
.identityId(e.getIdentityId())
.identityType(e.getIdentityType())
.workspaceId(e.getWorkspaceId())
.ouId(e.getOuId())
.role(queryByIdentityIdType(e.getIdentityId(),e.getIdentityType(),e.getWorkspaceId(),e.getOuId()))
.build());
});
return result;
}
@ -276,17 +277,17 @@ public class RoleServiceImpl implements RoleService {
List<SaasRole> list = new ArrayList<>();
if (CollectionUtils.isNotEmpty(roleIds)) {
list = saasRoleDao.lambdaQuery()
.in(BaseEntity::getId, roleIds)
.eq(SaasRole::getRoleType, RoleTypeEnum.SUPER_ADMIN.getValue())
.list();
.in(BaseEntity::getId, roleIds)
.eq(SaasRole::getRoleType, RoleTypeEnum.SUPER_ADMIN.getValue())
.list();
}
result.add(IsSuperAdminRes.builder()
.identityId(e.getIdentityId())
.identityType(e.getIdentityType())
.workspaceId(e.getWorkspaceId())
.ouId(e.getOuId())
.isSuperAdmin(CollectionUtils.isNotEmpty(list)?true:false)
.build());
.identityId(e.getIdentityId())
.identityType(e.getIdentityType())
.workspaceId(e.getWorkspaceId())
.ouId(e.getOuId())
.isSuperAdmin(CollectionUtils.isNotEmpty(list)?true:false)
.build());
});
return result;
}
@ -419,9 +420,9 @@ public class RoleServiceImpl implements RoleService {
*/
public List<SaasPgroupRoleRelation> queryPermissionGroupRelation(List<Long> roleIds) {
return saasPgroupRoleRelationDao.lambdaQuery()
.in(SaasPgroupRoleRelation::getRoleId, roleIds)
.eq(BaseEntity::getIsDelete, TableIsDeleteEnum.NORMAL.value)
.list();
.in(SaasPgroupRoleRelation::getRoleId, roleIds)
.eq(BaseEntity::getIsDelete, TableIsDeleteEnum.NORMAL.value)
.list();
}
@Override
@ -434,7 +435,7 @@ public class RoleServiceImpl implements RoleService {
Set<Long> initRoleId = new HashSet<>();
//有标准角查询角色分组
if (role.stream().anyMatch(r -> Objects.equals(RoleTypeEnum.INIT.getValue(), r.getRoleType()))) {
List<SaasRoleGroupVO> roleGroupList = saasRoleGroupService.getList(QuerySaasRoleGroupReq.builder()
List<SaasRoleGroupVO> roleGroupList = saasRoleGroupService.getList(QuerySaasRoleGroupReq.builder()
.workspaceTypeCode(Collections.singletonList(userRoleInfoMap.getWorkspaceType().toString()))
.ouTypeCode(Collections.singletonList(userRoleInfoMap.getWorkspaceJoinType().getValue().toString()))
.build());
@ -448,7 +449,7 @@ public class RoleServiceImpl implements RoleService {
.collect(Collectors.toList());
return resultRole.stream().map(
e -> e.getMatchFeature(userRoleInfoMap.workspaceId, userRoleInfoMap.getOuId()))
e -> e.getMatchFeature(userRoleInfoMap.workspaceId, userRoleInfoMap.getOuId()))
.flatMap(List::stream)
.map(PermissionPointTreeNode::getPermissionPointId)
.collect(Collectors.toSet());

79
tyr-server/src/main/java/cn/axzo/tyr/server/service/impl/RoleUserService.java
View File

@ -1,13 +1,14 @@
package cn.axzo.tyr.server.service.impl;
import cn.axzo.basics.common.constant.enums.TableIsDeleteEnum;
import cn.axzo.basics.common.exception.ServiceException;
import cn.axzo.basics.common.util.AssertUtil;
import cn.axzo.pokonyan.config.mybatisplus.BaseEntity;
import cn.axzo.tyr.client.common.enums.RoleTypeEnum;
import cn.axzo.tyr.client.model.BaseWorkspaceModel;
import cn.axzo.tyr.client.model.enums.IdentityType;
import cn.axzo.tyr.client.model.roleuser.req.DeleteRoleUserParam;
import cn.axzo.tyr.client.model.roleuser.req.DeleteUserRoleParam;
import cn.axzo.tyr.client.model.roleuser.req.RoleUserReq;
import cn.axzo.tyr.client.model.roleuser.dto.SuperAdminInfoDTO;
import cn.axzo.tyr.client.model.roleuser.req.*;
import cn.axzo.tyr.server.repository.dao.SaasRoleDao;
import cn.axzo.tyr.server.repository.dao.SaasRoleUserRelationDao;
import cn.axzo.tyr.server.repository.entity.SaasRole;
@ -16,11 +17,13 @@ import cn.axzo.tyr.server.service.SaasRoleUserService;
import cn.hutool.core.collection.CollectionUtil;
import com.alibaba.nacos.common.utils.CollectionUtils;
import com.baomidou.mybatisplus.core.toolkit.Wrappers;
import com.google.common.collect.Lists;
import lombok.RequiredArgsConstructor;
import lombok.extern.slf4j.Slf4j;
import org.springframework.stereotype.Service;
import org.springframework.transaction.annotation.Transactional;
import java.util.Collections;
import java.util.List;
import java.util.Objects;
import java.util.Set;
@ -120,6 +123,7 @@ public class RoleUserService implements SaasRoleUserService {
}
@Override
@Transactional(rollbackFor = Exception.class)
public boolean deleteUserRoles(DeleteUserRoleParam param) {
List<SaasRole> roleList = saasRoleDao.lambdaQuery()
.eq(Objects.nonNull(param.getOuId()), SaasRole::getOwnerOuId, param.getOuId())
@ -142,4 +146,73 @@ public class RoleUserService implements SaasRoleUserService {
public List<SaasRoleUserRelation> queryByWorkspaceIdOrOu(Long identityId, IdentityType identityType, Set<Long> workspaceIds, Set<Long> ouIds) {
return roleUserRelationDao.queryByWorkspaceIdOrOu(identityId, identityType, workspaceIds, ouIds);
}
@Override
@Transactional(rollbackFor = Exception.class)
public void createSuperAdminRole(CreateSuperAdminRoleParam param) {
//获取超管角色
SaasRole saasRole = saasRoleDao
.findRoleByTypeAndWorkspaceIdAndOuId(RoleTypeEnum.SUPER_ADMIN.getValue(),
param.getWorkspaceId(), param.getOuId());
if (saasRole == null) {
saasRole = new SaasRole();
saasRole.setDescription(RoleTypeEnum.SUPER_ADMIN.getDesc());
saasRole.setName(RoleTypeEnum.SUPER_ADMIN.getDesc());
saasRole.setWorkspaceId(param.getWorkspaceId());
saasRole.setWorkspaceType(param.getWorkspaceType());
saasRole.setOwnerOuId(param.getOuId());
saasRole.setRoleType(RoleTypeEnum.SUPER_ADMIN.getValue());
saasRole.setIsDelete(0L);
checkRoleName(RoleTypeEnum.SUPER_ADMIN.getDesc(), param.getWorkspaceId(), param.getOuId());
saasRoleDao.save(saasRole);
}
//删除当前超管角色
roleUserRelationDao.deleteByRoldId(Lists.newArrayList(saasRole.getId()));
//新增关联关系
SaasRoleUserRelation saasRoleUserRelation = new SaasRoleUserRelation();
saasRoleUserRelation.setIdentityId(param.getIdentityId());
saasRoleUserRelation.setRoleId(saasRole.getId());
saasRoleUserRelation.setIdentityType(param.getIdentityType().getCode());
saasRoleUserRelation.setNaturalPersonId(param.getNaturalPersonId());
saasRoleUserRelation.setOuId(param.getOuId());
saasRoleUserRelation.setWorkspaceId(param.getWorkspaceId());
roleUserRelationDao.save(saasRoleUserRelation);
}
private void checkRoleName(String name, Long workspaceId, Long ouId) {
List<SaasRole> saasRoles = saasRoleDao.listCommonRoleByNameAndWorkspaceIdAndOuId(name,
workspaceId, ouId);
AssertUtil.isEmpty(saasRoles, "已存在相同的角色名称,请更换角色名称");
}
@Override
public List<SuperAdminInfoDTO> superAdminList(SuperAdminParam param) {
if (param.getWorkspaceId() == null || CollectionUtil.isEmpty(param.getOuIds())) {
return Collections.emptyList();
}
List<SaasRoleUserRelation> relations = roleUserRelationDao.lambdaQuery()
.in(SaasRoleUserRelation::getWorkspaceId, param.getWorkspaceId())
.in(SaasRoleUserRelation::getOuId, param.getOuIds())
.eq(SaasRoleUserRelation::getIsDelete, TableIsDeleteEnum.NORMAL.value).list();
if (CollectionUtils.isEmpty(relations)) {
return Collections.emptyList();
}
return relations.stream().map(r -> {
SuperAdminInfoDTO superAdminInfo = new SuperAdminInfoDTO();
superAdminInfo.setWorkspaceId(r.getWorkspaceId());
superAdminInfo.setOuId(r.getOuId());
superAdminInfo.setIdentityId(r.getIdentityId());
superAdminInfo.setIdentityType(r.getIdentityType());
return superAdminInfo;
}).collect(Collectors.toList());
}
@Override
@Transactional(rollbackFor = Exception.class)
public boolean deleteAdminRole(List<DeleteAdminRoleParam> params) {
return false;
}
}

4
tyr-server/src/main/java/cn/axzo/tyr/server/service/impl/SaasFeatureApplyDetailServiceImpl.java
View File

@ -89,9 +89,9 @@ public class SaasFeatureApplyDetailServiceImpl implements SaasFeatureApplyDetail
@Transactional(rollbackFor = Exception.class)
public void updateApplyDetail(PermissionPointApplyDetailUpdateReq req) {
SaasFeatureApplyDetail detail = BeanMapper.copyBean(req, SaasFeatureApplyDetail.class, (p, s) -> {
s.setFitOuTypeBit(p.getFitOuTypeList() == null ? "" : JSON.toJSONString(p.getFitOuTypeList()));
s.setFitOuTypeBit(p.getFitOuTypeList() == null ? "[65535]" : JSON.toJSONString(p.getFitOuTypeList()));
s.setFitOuNodeTypeBit(
p.getFitOuNodeTypeList() == null ? "" : JSON.toJSONString(p.getFitOuNodeTypeList()));
p.getFitOuNodeTypeList() == null ? "[65535]" : JSON.toJSONString(p.getFitOuNodeTypeList()));
});
this.saveOrUpdate(Lists.newArrayList(detail));
}

5
tyr-server/src/main/java/cn/axzo/tyr/server/service/impl/SaasFeatureApplyServiceImpl.java
View File

@ -5,6 +5,7 @@ import java.util.function.Function;
import java.util.stream.Collectors;
import cn.axzo.tyr.client.model.enums.FeatureDataType;
import com.google.common.collect.Lists;
import org.apache.commons.collections4.CollectionUtils;
import org.apache.commons.collections4.MapUtils;
import org.apache.commons.lang3.BooleanUtils;
@ -423,9 +424,9 @@ public class SaasFeatureApplyServiceImpl implements SaasFeatureApplyService {
detail.setSort(point.getSort());
detail.setTerminal(point.getTerminal());
detail.setFeatureType(point.getFeatureType());
detail.setFitOuTypeBit(point.getFitOuTypeList() == null ? "" : JSON.toJSONString(point.getFitOuTypeList()));
detail.setFitOuTypeBit(point.getFitOuTypeList() == null ? "[65535]" : JSON.toJSONString(point.getFitOuTypeList()));
detail.setFitOuNodeTypeBit(
point.getFitOuNodeTypeList() == null ? "" : JSON.toJSONString(point.getFitOuNodeTypeList()));
point.getFitOuNodeTypeList() == null ? "[65535]" : JSON.toJSONString(point.getFitOuNodeTypeList()));
detail.setDelegatedType(point.getDelegatedType());
detail.setCreateBy(createBy);
detail.setCreateAt(now);

4
tyr-server/src/main/java/cn/axzo/tyr/server/service/impl/TyrSaasAuthServiceImpl.java
View File

@ -424,7 +424,7 @@ public class TyrSaasAuthServiceImpl implements TyrSaasAuthService {
//通过子级查询父级并打平树型结构
List<PermissionPointTreeNode> allPermissionPoint = permissionPointService.listTreeNodesFlatChild(PermissionPointTreeQueryReq.builder()
.ids(buttonPermissionPointId)
.terminalList(StrUtil.isNotBlank(identityAuthReq.getTerminal()) ? Collections.singletonList(identityAuthReq.getTerminal()) : new ArrayList<>())
.terminalList(identityAuthReq.getTerminal())
.build());
workspacePermission.getPermissionPoint().addAll(allPermissionPoint.stream()
@ -461,7 +461,7 @@ public class TyrSaasAuthServiceImpl implements TyrSaasAuthService {
//通过子级查询父级并平铺菜单
List<PermissionPointTreeNode> allPermissionPoint = permissionPointService.listTreeNodesFlatChild(PermissionPointTreeQueryReq.builder()
.ids(new HashSet<>(resultHashAuthPointId))
.terminalList(StrUtil.isNotBlank(identityAuthReq.getTerminal()) ? Collections.singletonList(identityAuthReq.getTerminal()) : new ArrayList<>())
.terminalList(identityAuthReq.getTerminal())
.build());
workspacePermission.getPermissionPoint().addAll(allPermissionPoint.stream()