diff --git a/tyr-server/src/main/java/cn/axzo/tyr/server/event/inner/CacheProductPermissionHandler.java b/tyr-server/src/main/java/cn/axzo/tyr/server/event/inner/CacheProductPermissionHandler.java index 097067ee..28742366 100644 --- a/tyr-server/src/main/java/cn/axzo/tyr/server/event/inner/CacheProductPermissionHandler.java +++ b/tyr-server/src/main/java/cn/axzo/tyr/server/event/inner/CacheProductPermissionHandler.java @@ -14,6 +14,7 @@ import cn.axzo.tyr.server.service.ProductFeatureRelationService; import cn.axzo.tyr.server.service.ProductPermissionCacheService; import cn.axzo.tyr.server.service.SaasFeatureResourceService; import com.google.common.collect.Lists; +import com.google.common.collect.Sets; import lombok.extern.slf4j.Slf4j; import org.springframework.beans.factory.InitializingBean; import org.springframework.beans.factory.annotation.Autowired; @@ -25,6 +26,8 @@ import java.util.Collections; import java.util.List; import java.util.Map; import java.util.Objects; +import java.util.Optional; +import java.util.Set; import java.util.function.Function; import java.util.stream.Collectors; @@ -110,10 +113,18 @@ public class CacheProductPermissionHandler implements EventHandler, Initializing .map(relation -> { if (Objects.equals(relation.getType(), NEW_FEATURE)) { SaasFeatureResourceResp featureResource = featureResources.get(relation.getFeatureId()); - if (Objects.isNull(featureResource) || CollectionUtils.isEmpty(featureResource.getFeatureCodes())) { + // 菜单节点是不会关联元素code,所以缓存的featureCode使用菜单编码 + if (Objects.isNull(featureResource)) { return null; } - return featureResource.getFeatureCodes().stream() + Set featureCodes = Optional.ofNullable(featureResource.getFeatureCodes()) + .orElseGet(() -> Sets.newHashSet(featureResource.getUniCode())); + + if (CollectionUtils.isEmpty(featureCodes)) { + return null; + } + + return featureCodes.stream() .map(featureCode -> ProductPermissionCacheService.PermissionDTO.builder() .featureId(featureResource.getId()) .featureCode(featureCode) @@ -137,6 +148,7 @@ public class CacheProductPermissionHandler implements EventHandler, Initializing .cooperateType(relation.getDictCode()) .build()); }) + .filter(Objects::nonNull) .flatMap(Collection::stream) .collect(Collectors.toList()); diff --git a/tyr-server/src/main/java/cn/axzo/tyr/server/event/inner/CacheRolePermissionHandler.java b/tyr-server/src/main/java/cn/axzo/tyr/server/event/inner/CacheRolePermissionHandler.java index 24e1a6c1..8f115601 100644 --- a/tyr-server/src/main/java/cn/axzo/tyr/server/event/inner/CacheRolePermissionHandler.java +++ b/tyr-server/src/main/java/cn/axzo/tyr/server/event/inner/CacheRolePermissionHandler.java @@ -14,6 +14,7 @@ import cn.axzo.tyr.server.service.RolePermissionCacheService; import cn.axzo.tyr.server.service.RoleService; import cn.axzo.tyr.server.service.SaasFeatureResourceService; import com.google.common.collect.Lists; +import com.google.common.collect.Sets; import lombok.extern.slf4j.Slf4j; import org.springframework.beans.factory.InitializingBean; import org.springframework.beans.factory.annotation.Autowired; @@ -25,6 +26,8 @@ import java.util.Collections; import java.util.List; import java.util.Map; import java.util.Objects; +import java.util.Optional; +import java.util.Set; import java.util.function.Function; import java.util.stream.Collectors; @@ -100,13 +103,22 @@ public class CacheRolePermissionHandler implements EventHandler, InitializingBea } List permissions = e.getPermissionRelations().stream() + .distinct() .map(permissionRelation -> { if (Objects.equals(permissionRelation.getType(), NEW_FEATURE)) { SaasFeatureResourceResp featureResource = featureResources.get(permissionRelation.getFeatureId()); - if (Objects.isNull(featureResource) || CollectionUtils.isEmpty(featureResource.getFeatureCodes())) { + // 菜单节点是不会关联元素code,所以缓存的featureCode使用菜单编码 + if (Objects.isNull(featureResource)) { return null; } - return featureResource.getFeatureCodes().stream() + Set featureCodes = Optional.ofNullable(featureResource.getFeatureCodes()) + .orElseGet(() -> Sets.newHashSet(featureResource.getUniCode())); + + if (CollectionUtils.isEmpty(featureCodes)) { + return null; + } + + return featureCodes.stream() .map(featureCode -> RolePermissionCacheService.PermissionDTO.builder() .featureId(featureResource.getId()) .featureCode(featureCode) diff --git a/tyr-server/src/main/java/cn/axzo/tyr/server/job/CacheRolePermissionJob.java b/tyr-server/src/main/java/cn/axzo/tyr/server/job/CacheRolePermissionJob.java index 5e464316..2d5556c1 100644 --- a/tyr-server/src/main/java/cn/axzo/tyr/server/job/CacheRolePermissionJob.java +++ b/tyr-server/src/main/java/cn/axzo/tyr/server/job/CacheRolePermissionJob.java @@ -1,11 +1,15 @@ package cn.axzo.tyr.server.job; import cn.axzo.foundation.page.PageResp; -import cn.axzo.framework.rocketmq.Event; +import cn.axzo.tyr.client.model.res.SaasPermissionRelationRes; import cn.axzo.tyr.client.model.res.SaasRoleRes; import cn.axzo.tyr.server.event.inner.CacheRolePermissionHandler; -import cn.axzo.tyr.server.event.payload.RolePermissionCreatedPayload; +import cn.axzo.tyr.server.repository.dao.SaasPgroupRoleRelationDao; +import cn.axzo.tyr.server.repository.entity.SaasPgroupPermissionRelation; +import cn.axzo.tyr.server.repository.entity.SaasPgroupRoleRelation; +import cn.axzo.tyr.server.service.RolePermissionCacheService; import cn.axzo.tyr.server.service.RoleService; +import cn.axzo.tyr.server.service.SaasPgroupPermissionRelationService; import com.alibaba.fastjson.JSONObject; import com.xxl.job.core.biz.model.ReturnT; import com.xxl.job.core.handler.IJobHandler; @@ -13,7 +17,12 @@ import com.xxl.job.core.handler.annotation.XxlJob; import lombok.extern.slf4j.Slf4j; import org.springframework.beans.factory.annotation.Autowired; import org.springframework.stereotype.Component; +import org.springframework.util.CollectionUtils; +import java.util.Collection; +import java.util.List; +import java.util.Map; +import java.util.Objects; import java.util.Optional; import java.util.Set; import java.util.stream.Collectors; @@ -26,8 +35,14 @@ public class CacheRolePermissionJob extends IJobHandler { private CacheRolePermissionHandler cacheRolePermissionHandler; @Autowired private RoleService roleService; + @Autowired + private SaasPgroupPermissionRelationService saasPgroupPermissionRelationService; + @Autowired + private SaasPgroupRoleRelationDao saasPgroupRoleRelationDao; + @Autowired + private RolePermissionCacheService rolePermissionCacheService; - private static final Integer DEFAULT_PAGE_SIZE = 1000; + private static final Integer DEFAULT_PAGE_SIZE = 2000; @Override @XxlJob("CacheRolePermissionJob") @@ -38,25 +53,16 @@ public class CacheRolePermissionJob extends IJobHandler { .map(e -> JSONObject.parseObject(e, RoleService.PageSaasRoleParam.class)) .orElseGet(() -> RoleService.PageSaasRoleParam.builder().build()); + // 因为角色权限集是重复使用,通过角色找权限集数据量太大,直接查询所有权限集的权限,比较快 + Map> permissionRelations = listPgroupPermissionRelation(); + Integer pageNumber = 1; while (true) { pageSaasRoleParam.setPage(pageNumber++); pageSaasRoleParam.setPageSize(DEFAULT_PAGE_SIZE); - PageResp page = roleService.page(pageSaasRoleParam); - Set roleIds = page.getData().stream() - .map(SaasRoleRes::getId) - .collect(Collectors.toSet()); - RolePermissionCreatedPayload payload = RolePermissionCreatedPayload.builder() - .roleIds(roleIds) - .build(); - - Event event = Event.builder() - .data(payload) - .build(); - - cacheRolePermissionHandler.onEvent(event, null); + store(page.getData(), permissionRelations); if (!page.hasNext()) { break; @@ -65,4 +71,62 @@ public class CacheRolePermissionJob extends IJobHandler { return ReturnT.SUCCESS; } + + private Map> listPgroupPermissionRelation() { + return saasPgroupPermissionRelationService.list().stream() + .collect(Collectors.groupingBy(SaasPgroupPermissionRelation::getGroupId, + Collectors.mapping(e -> SaasPermissionRelationRes.builder() + .featureId(e.getFeatureId()) + .featureType(e.getFeatureType()) + .type(e.getType()) + .build(), Collectors.toList()))); + + } + + private Map> listPermissionGroup(List roleIds) { + + return saasPgroupRoleRelationDao.findByRoleIds(roleIds).stream() + .collect(Collectors.groupingBy(SaasPgroupRoleRelation::getRoleId, + Collectors.mapping(SaasPgroupRoleRelation::getGroupId, Collectors.toSet()))); + } + + private void store(List roles, + Map> permissionRelations) { + + if (CollectionUtils.isEmpty(roles)) { + return; + } + + List roleIds = roles.stream() + .map(SaasRoleRes::getId) + .collect(Collectors.toList()); + Map> roleGroupMap = listPermissionGroup(roleIds); + + roles.forEach(e -> { + Set groupIds = roleGroupMap.get(e.getId()); + if (CollectionUtils.isEmpty(groupIds)) { + return; + } + + List rolePermissions = groupIds.stream() + .map(permissionRelations::get) + .filter(f -> !CollectionUtils.isEmpty(f)) + .flatMap(Collection::stream) + .distinct() + .collect(Collectors.toList()); + + e.setPermissionRelations(rolePermissions); + }); + + List rolePermissions = cacheRolePermissionHandler.resolveRolePermission(roles); + + if (CollectionUtils.isEmpty(rolePermissions)) { + return; + } + + RolePermissionCacheService.StoreRolePermissionParam storeRolePermissionParam = RolePermissionCacheService.StoreRolePermissionParam.builder() + .rolePermissions(rolePermissions) + .build(); + rolePermissionCacheService.store(storeRolePermissionParam); + } } diff --git a/tyr-server/src/main/java/cn/axzo/tyr/server/service/impl/TyrSaasAuthServiceImpl.java b/tyr-server/src/main/java/cn/axzo/tyr/server/service/impl/TyrSaasAuthServiceImpl.java index eddcdd13..ea2a8a87 100644 --- a/tyr-server/src/main/java/cn/axzo/tyr/server/service/impl/TyrSaasAuthServiceImpl.java +++ b/tyr-server/src/main/java/cn/axzo/tyr/server/service/impl/TyrSaasAuthServiceImpl.java @@ -1526,8 +1526,10 @@ public class TyrSaasAuthServiceImpl implements TyrSaasAuthService { //组装返回值 //是否超管 - boolean superAdmin = saasRoles.stream() - .anyMatch(e -> RoleTypeEnum.SUPER_ADMIN.getValue().equals(e.getRoleType())); + boolean superAdmin = Optional.ofNullable(saasRoles) + .map(e -> e.stream() + .anyMatch(f -> RoleTypeEnum.SUPER_ADMIN.getValue().equals(f.getRoleType()))) + .orElse(false); workspacePermission.setSuperAdmin(superAdmin); Set allPermissionPoints = Sets.newHashSet(); @@ -1636,7 +1638,7 @@ public class TyrSaasAuthServiceImpl implements TyrSaasAuthService { } return productPermissions.stream() - .filter(productPermission -> Objects.equals(productPermission.getCooperateType(), role.getProductUnitType())) + .filter(productPermission -> Objects.equals(productPermission.getCooperateType(), String.valueOf(role.getProductUnitType()))) .filter(productPermission -> rolePermissionFeatureCodes.contains(productPermission.getFeatureCode())) .map(e -> IdentityAuthRes.PermissionPoint.builder() .featureCode(e.getFeatureCode())