feat:(REQ-2720) 修改菜单、没有页面元素的权限缓存,key使用uniCode
This commit is contained in:
lilong
parent
dec1069f9e
commit
edc5f944f7
@ -14,6 +14,7 @@ import cn.axzo.tyr.server.service.ProductFeatureRelationService;
|
||||
import cn.axzo.tyr.server.service.ProductPermissionCacheService;
|
||||
import cn.axzo.tyr.server.service.SaasFeatureResourceService;
|
||||
import com.google.common.collect.Lists;
|
||||
import com.google.common.collect.Sets;
|
||||
import lombok.extern.slf4j.Slf4j;
|
||||
import org.springframework.beans.factory.InitializingBean;
|
||||
import org.springframework.beans.factory.annotation.Autowired;
|
||||
@ -25,6 +26,8 @@ import java.util.Collections;
|
||||
import java.util.List;
|
||||
import java.util.Map;
|
||||
import java.util.Objects;
|
||||
import java.util.Optional;
|
||||
import java.util.Set;
|
||||
import java.util.function.Function;
|
||||
import java.util.stream.Collectors;
|
||||
|
||||
@ -110,10 +113,18 @@ public class CacheProductPermissionHandler implements EventHandler, Initializing
|
||||
.map(relation -> {
|
||||
if (Objects.equals(relation.getType(), NEW_FEATURE)) {
|
||||
SaasFeatureResourceResp featureResource = featureResources.get(relation.getFeatureId());
|
||||
if (Objects.isNull(featureResource) || CollectionUtils.isEmpty(featureResource.getFeatureCodes())) {
|
||||
// 菜单节点是不会关联元素code,所以缓存的featureCode使用菜单编码
|
||||
if (Objects.isNull(featureResource)) {
|
||||
return null;
|
||||
}
|
||||
return featureResource.getFeatureCodes().stream()
|
||||
Set<String> featureCodes = Optional.ofNullable(featureResource.getFeatureCodes())
|
||||
.orElseGet(() -> Sets.newHashSet(featureResource.getUniCode()));
|
||||
|
||||
if (CollectionUtils.isEmpty(featureCodes)) {
|
||||
return null;
|
||||
}
|
||||
|
||||
return featureCodes.stream()
|
||||
.map(featureCode -> ProductPermissionCacheService.PermissionDTO.builder()
|
||||
.featureId(featureResource.getId())
|
||||
.featureCode(featureCode)
|
||||
@ -137,6 +148,7 @@ public class CacheProductPermissionHandler implements EventHandler, Initializing
|
||||
.cooperateType(relation.getDictCode())
|
||||
.build());
|
||||
})
|
||||
.filter(Objects::nonNull)
|
||||
.flatMap(Collection::stream)
|
||||
.collect(Collectors.toList());
|
||||
|
||||
|
||||
@ -14,6 +14,7 @@ import cn.axzo.tyr.server.service.RolePermissionCacheService;
|
||||
import cn.axzo.tyr.server.service.RoleService;
|
||||
import cn.axzo.tyr.server.service.SaasFeatureResourceService;
|
||||
import com.google.common.collect.Lists;
|
||||
import com.google.common.collect.Sets;
|
||||
import lombok.extern.slf4j.Slf4j;
|
||||
import org.springframework.beans.factory.InitializingBean;
|
||||
import org.springframework.beans.factory.annotation.Autowired;
|
||||
@ -25,6 +26,8 @@ import java.util.Collections;
|
||||
import java.util.List;
|
||||
import java.util.Map;
|
||||
import java.util.Objects;
|
||||
import java.util.Optional;
|
||||
import java.util.Set;
|
||||
import java.util.function.Function;
|
||||
import java.util.stream.Collectors;
|
||||
|
||||
@ -100,13 +103,22 @@ public class CacheRolePermissionHandler implements EventHandler, InitializingBea
|
||||
}
|
||||
|
||||
List<RolePermissionCacheService.PermissionDTO> permissions = e.getPermissionRelations().stream()
|
||||
.distinct()
|
||||
.map(permissionRelation -> {
|
||||
if (Objects.equals(permissionRelation.getType(), NEW_FEATURE)) {
|
||||
SaasFeatureResourceResp featureResource = featureResources.get(permissionRelation.getFeatureId());
|
||||
if (Objects.isNull(featureResource) || CollectionUtils.isEmpty(featureResource.getFeatureCodes())) {
|
||||
// 菜单节点是不会关联元素code,所以缓存的featureCode使用菜单编码
|
||||
if (Objects.isNull(featureResource)) {
|
||||
return null;
|
||||
}
|
||||
return featureResource.getFeatureCodes().stream()
|
||||
Set<String> featureCodes = Optional.ofNullable(featureResource.getFeatureCodes())
|
||||
.orElseGet(() -> Sets.newHashSet(featureResource.getUniCode()));
|
||||
|
||||
if (CollectionUtils.isEmpty(featureCodes)) {
|
||||
return null;
|
||||
}
|
||||
|
||||
return featureCodes.stream()
|
||||
.map(featureCode -> RolePermissionCacheService.PermissionDTO.builder()
|
||||
.featureId(featureResource.getId())
|
||||
.featureCode(featureCode)
|
||||
|
||||
@ -1,11 +1,15 @@
|
||||
package cn.axzo.tyr.server.job;
|
||||
|
||||
import cn.axzo.foundation.page.PageResp;
|
||||
import cn.axzo.framework.rocketmq.Event;
|
||||
import cn.axzo.tyr.client.model.res.SaasPermissionRelationRes;
|
||||
import cn.axzo.tyr.client.model.res.SaasRoleRes;
|
||||
import cn.axzo.tyr.server.event.inner.CacheRolePermissionHandler;
|
||||
import cn.axzo.tyr.server.event.payload.RolePermissionCreatedPayload;
|
||||
import cn.axzo.tyr.server.repository.dao.SaasPgroupRoleRelationDao;
|
||||
import cn.axzo.tyr.server.repository.entity.SaasPgroupPermissionRelation;
|
||||
import cn.axzo.tyr.server.repository.entity.SaasPgroupRoleRelation;
|
||||
import cn.axzo.tyr.server.service.RolePermissionCacheService;
|
||||
import cn.axzo.tyr.server.service.RoleService;
|
||||
import cn.axzo.tyr.server.service.SaasPgroupPermissionRelationService;
|
||||
import com.alibaba.fastjson.JSONObject;
|
||||
import com.xxl.job.core.biz.model.ReturnT;
|
||||
import com.xxl.job.core.handler.IJobHandler;
|
||||
@ -13,7 +17,12 @@ import com.xxl.job.core.handler.annotation.XxlJob;
|
||||
import lombok.extern.slf4j.Slf4j;
|
||||
import org.springframework.beans.factory.annotation.Autowired;
|
||||
import org.springframework.stereotype.Component;
|
||||
import org.springframework.util.CollectionUtils;
|
||||
|
||||
import java.util.Collection;
|
||||
import java.util.List;
|
||||
import java.util.Map;
|
||||
import java.util.Objects;
|
||||
import java.util.Optional;
|
||||
import java.util.Set;
|
||||
import java.util.stream.Collectors;
|
||||
@ -26,8 +35,14 @@ public class CacheRolePermissionJob extends IJobHandler {
|
||||
private CacheRolePermissionHandler cacheRolePermissionHandler;
|
||||
@Autowired
|
||||
private RoleService roleService;
|
||||
@Autowired
|
||||
private SaasPgroupPermissionRelationService saasPgroupPermissionRelationService;
|
||||
@Autowired
|
||||
private SaasPgroupRoleRelationDao saasPgroupRoleRelationDao;
|
||||
@Autowired
|
||||
private RolePermissionCacheService rolePermissionCacheService;
|
||||
|
||||
private static final Integer DEFAULT_PAGE_SIZE = 1000;
|
||||
private static final Integer DEFAULT_PAGE_SIZE = 2000;
|
||||
|
||||
@Override
|
||||
@XxlJob("CacheRolePermissionJob")
|
||||
@ -38,25 +53,16 @@ public class CacheRolePermissionJob extends IJobHandler {
|
||||
.map(e -> JSONObject.parseObject(e, RoleService.PageSaasRoleParam.class))
|
||||
.orElseGet(() -> RoleService.PageSaasRoleParam.builder().build());
|
||||
|
||||
// 因为角色权限集是重复使用,通过角色找权限集数据量太大,直接查询所有权限集的权限,比较快
|
||||
Map<Long, List<SaasPermissionRelationRes>> permissionRelations = listPgroupPermissionRelation();
|
||||
|
||||
Integer pageNumber = 1;
|
||||
while (true) {
|
||||
pageSaasRoleParam.setPage(pageNumber++);
|
||||
pageSaasRoleParam.setPageSize(DEFAULT_PAGE_SIZE);
|
||||
|
||||
PageResp<SaasRoleRes> page = roleService.page(pageSaasRoleParam);
|
||||
Set<Long> roleIds = page.getData().stream()
|
||||
.map(SaasRoleRes::getId)
|
||||
.collect(Collectors.toSet());
|
||||
|
||||
RolePermissionCreatedPayload payload = RolePermissionCreatedPayload.builder()
|
||||
.roleIds(roleIds)
|
||||
.build();
|
||||
|
||||
Event event = Event.builder()
|
||||
.data(payload)
|
||||
.build();
|
||||
|
||||
cacheRolePermissionHandler.onEvent(event, null);
|
||||
store(page.getData(), permissionRelations);
|
||||
|
||||
if (!page.hasNext()) {
|
||||
break;
|
||||
@ -65,4 +71,62 @@ public class CacheRolePermissionJob extends IJobHandler {
|
||||
|
||||
return ReturnT.SUCCESS;
|
||||
}
|
||||
|
||||
private Map<Long, List<SaasPermissionRelationRes>> listPgroupPermissionRelation() {
|
||||
return saasPgroupPermissionRelationService.list().stream()
|
||||
.collect(Collectors.groupingBy(SaasPgroupPermissionRelation::getGroupId,
|
||||
Collectors.mapping(e -> SaasPermissionRelationRes.builder()
|
||||
.featureId(e.getFeatureId())
|
||||
.featureType(e.getFeatureType())
|
||||
.type(e.getType())
|
||||
.build(), Collectors.toList())));
|
||||
|
||||
}
|
||||
|
||||
private Map<Long, Set<Long>> listPermissionGroup(List<Long> roleIds) {
|
||||
|
||||
return saasPgroupRoleRelationDao.findByRoleIds(roleIds).stream()
|
||||
.collect(Collectors.groupingBy(SaasPgroupRoleRelation::getRoleId,
|
||||
Collectors.mapping(SaasPgroupRoleRelation::getGroupId, Collectors.toSet())));
|
||||
}
|
||||
|
||||
private void store(List<SaasRoleRes> roles,
|
||||
Map<Long, List<SaasPermissionRelationRes>> permissionRelations) {
|
||||
|
||||
if (CollectionUtils.isEmpty(roles)) {
|
||||
return;
|
||||
}
|
||||
|
||||
List<Long> roleIds = roles.stream()
|
||||
.map(SaasRoleRes::getId)
|
||||
.collect(Collectors.toList());
|
||||
Map<Long, Set<Long>> roleGroupMap = listPermissionGroup(roleIds);
|
||||
|
||||
roles.forEach(e -> {
|
||||
Set<Long> groupIds = roleGroupMap.get(e.getId());
|
||||
if (CollectionUtils.isEmpty(groupIds)) {
|
||||
return;
|
||||
}
|
||||
|
||||
List<SaasPermissionRelationRes> rolePermissions = groupIds.stream()
|
||||
.map(permissionRelations::get)
|
||||
.filter(f -> !CollectionUtils.isEmpty(f))
|
||||
.flatMap(Collection::stream)
|
||||
.distinct()
|
||||
.collect(Collectors.toList());
|
||||
|
||||
e.setPermissionRelations(rolePermissions);
|
||||
});
|
||||
|
||||
List<RolePermissionCacheService.RolePermission> rolePermissions = cacheRolePermissionHandler.resolveRolePermission(roles);
|
||||
|
||||
if (CollectionUtils.isEmpty(rolePermissions)) {
|
||||
return;
|
||||
}
|
||||
|
||||
RolePermissionCacheService.StoreRolePermissionParam storeRolePermissionParam = RolePermissionCacheService.StoreRolePermissionParam.builder()
|
||||
.rolePermissions(rolePermissions)
|
||||
.build();
|
||||
rolePermissionCacheService.store(storeRolePermissionParam);
|
||||
}
|
||||
}
|
||||
|
||||
@ -1526,8 +1526,10 @@ public class TyrSaasAuthServiceImpl implements TyrSaasAuthService {
|
||||
|
||||
//组装返回值
|
||||
//是否超管
|
||||
boolean superAdmin = saasRoles.stream()
|
||||
.anyMatch(e -> RoleTypeEnum.SUPER_ADMIN.getValue().equals(e.getRoleType()));
|
||||
boolean superAdmin = Optional.ofNullable(saasRoles)
|
||||
.map(e -> e.stream()
|
||||
.anyMatch(f -> RoleTypeEnum.SUPER_ADMIN.getValue().equals(f.getRoleType())))
|
||||
.orElse(false);
|
||||
workspacePermission.setSuperAdmin(superAdmin);
|
||||
|
||||
Set<IdentityAuthRes.PermissionPoint> allPermissionPoints = Sets.newHashSet();
|
||||
@ -1636,7 +1638,7 @@ public class TyrSaasAuthServiceImpl implements TyrSaasAuthService {
|
||||
}
|
||||
|
||||
return productPermissions.stream()
|
||||
.filter(productPermission -> Objects.equals(productPermission.getCooperateType(), role.getProductUnitType()))
|
||||
.filter(productPermission -> Objects.equals(productPermission.getCooperateType(), String.valueOf(role.getProductUnitType())))
|
||||
.filter(productPermission -> rolePermissionFeatureCodes.contains(productPermission.getFeatureCode()))
|
||||
.map(e -> IdentityAuthRes.PermissionPoint.builder()
|
||||
.featureCode(e.getFeatureCode())
|
||||
|
||||
Loading…
Reference in New Issue
Block a user