feat:(REQ-2720) 修改菜单、没有页面元素的权限缓存,key使用uniCode
This commit is contained in:
lilong
parent
dec1069f9e
commit
edc5f944f7
@ -14,6 +14,7 @@ import cn.axzo.tyr.server.service.ProductFeatureRelationService;
|
|||||||
import cn.axzo.tyr.server.service.ProductPermissionCacheService;
|
import cn.axzo.tyr.server.service.ProductPermissionCacheService;
|
||||||
import cn.axzo.tyr.server.service.SaasFeatureResourceService;
|
import cn.axzo.tyr.server.service.SaasFeatureResourceService;
|
||||||
import com.google.common.collect.Lists;
|
import com.google.common.collect.Lists;
|
||||||
|
import com.google.common.collect.Sets;
|
||||||
import lombok.extern.slf4j.Slf4j;
|
import lombok.extern.slf4j.Slf4j;
|
||||||
import org.springframework.beans.factory.InitializingBean;
|
import org.springframework.beans.factory.InitializingBean;
|
||||||
import org.springframework.beans.factory.annotation.Autowired;
|
import org.springframework.beans.factory.annotation.Autowired;
|
||||||
@ -25,6 +26,8 @@ import java.util.Collections;
|
|||||||
import java.util.List;
|
import java.util.List;
|
||||||
import java.util.Map;
|
import java.util.Map;
|
||||||
import java.util.Objects;
|
import java.util.Objects;
|
||||||
|
import java.util.Optional;
|
||||||
|
import java.util.Set;
|
||||||
import java.util.function.Function;
|
import java.util.function.Function;
|
||||||
import java.util.stream.Collectors;
|
import java.util.stream.Collectors;
|
||||||
|
|
||||||
@ -110,10 +113,18 @@ public class CacheProductPermissionHandler implements EventHandler, Initializing
|
|||||||
.map(relation -> {
|
.map(relation -> {
|
||||||
if (Objects.equals(relation.getType(), NEW_FEATURE)) {
|
if (Objects.equals(relation.getType(), NEW_FEATURE)) {
|
||||||
SaasFeatureResourceResp featureResource = featureResources.get(relation.getFeatureId());
|
SaasFeatureResourceResp featureResource = featureResources.get(relation.getFeatureId());
|
||||||
if (Objects.isNull(featureResource) || CollectionUtils.isEmpty(featureResource.getFeatureCodes())) {
|
// 菜单节点是不会关联元素code,所以缓存的featureCode使用菜单编码
|
||||||
|
if (Objects.isNull(featureResource)) {
|
||||||
return null;
|
return null;
|
||||||
}
|
}
|
||||||
return featureResource.getFeatureCodes().stream()
|
Set<String> featureCodes = Optional.ofNullable(featureResource.getFeatureCodes())
|
||||||
|
.orElseGet(() -> Sets.newHashSet(featureResource.getUniCode()));
|
||||||
|
|
||||||
|
if (CollectionUtils.isEmpty(featureCodes)) {
|
||||||
|
return null;
|
||||||
|
}
|
||||||
|
|
||||||
|
return featureCodes.stream()
|
||||||
.map(featureCode -> ProductPermissionCacheService.PermissionDTO.builder()
|
.map(featureCode -> ProductPermissionCacheService.PermissionDTO.builder()
|
||||||
.featureId(featureResource.getId())
|
.featureId(featureResource.getId())
|
||||||
.featureCode(featureCode)
|
.featureCode(featureCode)
|
||||||
@ -137,6 +148,7 @@ public class CacheProductPermissionHandler implements EventHandler, Initializing
|
|||||||
.cooperateType(relation.getDictCode())
|
.cooperateType(relation.getDictCode())
|
||||||
.build());
|
.build());
|
||||||
})
|
})
|
||||||
|
.filter(Objects::nonNull)
|
||||||
.flatMap(Collection::stream)
|
.flatMap(Collection::stream)
|
||||||
.collect(Collectors.toList());
|
.collect(Collectors.toList());
|
||||||
|
|
||||||
|
|||||||
@ -14,6 +14,7 @@ import cn.axzo.tyr.server.service.RolePermissionCacheService;
|
|||||||
import cn.axzo.tyr.server.service.RoleService;
|
import cn.axzo.tyr.server.service.RoleService;
|
||||||
import cn.axzo.tyr.server.service.SaasFeatureResourceService;
|
import cn.axzo.tyr.server.service.SaasFeatureResourceService;
|
||||||
import com.google.common.collect.Lists;
|
import com.google.common.collect.Lists;
|
||||||
|
import com.google.common.collect.Sets;
|
||||||
import lombok.extern.slf4j.Slf4j;
|
import lombok.extern.slf4j.Slf4j;
|
||||||
import org.springframework.beans.factory.InitializingBean;
|
import org.springframework.beans.factory.InitializingBean;
|
||||||
import org.springframework.beans.factory.annotation.Autowired;
|
import org.springframework.beans.factory.annotation.Autowired;
|
||||||
@ -25,6 +26,8 @@ import java.util.Collections;
|
|||||||
import java.util.List;
|
import java.util.List;
|
||||||
import java.util.Map;
|
import java.util.Map;
|
||||||
import java.util.Objects;
|
import java.util.Objects;
|
||||||
|
import java.util.Optional;
|
||||||
|
import java.util.Set;
|
||||||
import java.util.function.Function;
|
import java.util.function.Function;
|
||||||
import java.util.stream.Collectors;
|
import java.util.stream.Collectors;
|
||||||
|
|
||||||
@ -100,13 +103,22 @@ public class CacheRolePermissionHandler implements EventHandler, InitializingBea
|
|||||||
}
|
}
|
||||||
|
|
||||||
List<RolePermissionCacheService.PermissionDTO> permissions = e.getPermissionRelations().stream()
|
List<RolePermissionCacheService.PermissionDTO> permissions = e.getPermissionRelations().stream()
|
||||||
|
.distinct()
|
||||||
.map(permissionRelation -> {
|
.map(permissionRelation -> {
|
||||||
if (Objects.equals(permissionRelation.getType(), NEW_FEATURE)) {
|
if (Objects.equals(permissionRelation.getType(), NEW_FEATURE)) {
|
||||||
SaasFeatureResourceResp featureResource = featureResources.get(permissionRelation.getFeatureId());
|
SaasFeatureResourceResp featureResource = featureResources.get(permissionRelation.getFeatureId());
|
||||||
if (Objects.isNull(featureResource) || CollectionUtils.isEmpty(featureResource.getFeatureCodes())) {
|
// 菜单节点是不会关联元素code,所以缓存的featureCode使用菜单编码
|
||||||
|
if (Objects.isNull(featureResource)) {
|
||||||
return null;
|
return null;
|
||||||
}
|
}
|
||||||
return featureResource.getFeatureCodes().stream()
|
Set<String> featureCodes = Optional.ofNullable(featureResource.getFeatureCodes())
|
||||||
|
.orElseGet(() -> Sets.newHashSet(featureResource.getUniCode()));
|
||||||
|
|
||||||
|
if (CollectionUtils.isEmpty(featureCodes)) {
|
||||||
|
return null;
|
||||||
|
}
|
||||||
|
|
||||||
|
return featureCodes.stream()
|
||||||
.map(featureCode -> RolePermissionCacheService.PermissionDTO.builder()
|
.map(featureCode -> RolePermissionCacheService.PermissionDTO.builder()
|
||||||
.featureId(featureResource.getId())
|
.featureId(featureResource.getId())
|
||||||
.featureCode(featureCode)
|
.featureCode(featureCode)
|
||||||
|
|||||||
@ -1,11 +1,15 @@
|
|||||||
package cn.axzo.tyr.server.job;
|
package cn.axzo.tyr.server.job;
|
||||||
|
|
||||||
import cn.axzo.foundation.page.PageResp;
|
import cn.axzo.foundation.page.PageResp;
|
||||||
import cn.axzo.framework.rocketmq.Event;
|
import cn.axzo.tyr.client.model.res.SaasPermissionRelationRes;
|
||||||
import cn.axzo.tyr.client.model.res.SaasRoleRes;
|
import cn.axzo.tyr.client.model.res.SaasRoleRes;
|
||||||
import cn.axzo.tyr.server.event.inner.CacheRolePermissionHandler;
|
import cn.axzo.tyr.server.event.inner.CacheRolePermissionHandler;
|
||||||
import cn.axzo.tyr.server.event.payload.RolePermissionCreatedPayload;
|
import cn.axzo.tyr.server.repository.dao.SaasPgroupRoleRelationDao;
|
||||||
|
import cn.axzo.tyr.server.repository.entity.SaasPgroupPermissionRelation;
|
||||||
|
import cn.axzo.tyr.server.repository.entity.SaasPgroupRoleRelation;
|
||||||
|
import cn.axzo.tyr.server.service.RolePermissionCacheService;
|
||||||
import cn.axzo.tyr.server.service.RoleService;
|
import cn.axzo.tyr.server.service.RoleService;
|
||||||
|
import cn.axzo.tyr.server.service.SaasPgroupPermissionRelationService;
|
||||||
import com.alibaba.fastjson.JSONObject;
|
import com.alibaba.fastjson.JSONObject;
|
||||||
import com.xxl.job.core.biz.model.ReturnT;
|
import com.xxl.job.core.biz.model.ReturnT;
|
||||||
import com.xxl.job.core.handler.IJobHandler;
|
import com.xxl.job.core.handler.IJobHandler;
|
||||||
@ -13,7 +17,12 @@ import com.xxl.job.core.handler.annotation.XxlJob;
|
|||||||
import lombok.extern.slf4j.Slf4j;
|
import lombok.extern.slf4j.Slf4j;
|
||||||
import org.springframework.beans.factory.annotation.Autowired;
|
import org.springframework.beans.factory.annotation.Autowired;
|
||||||
import org.springframework.stereotype.Component;
|
import org.springframework.stereotype.Component;
|
||||||
|
import org.springframework.util.CollectionUtils;
|
||||||
|
|
||||||
|
import java.util.Collection;
|
||||||
|
import java.util.List;
|
||||||
|
import java.util.Map;
|
||||||
|
import java.util.Objects;
|
||||||
import java.util.Optional;
|
import java.util.Optional;
|
||||||
import java.util.Set;
|
import java.util.Set;
|
||||||
import java.util.stream.Collectors;
|
import java.util.stream.Collectors;
|
||||||
@ -26,8 +35,14 @@ public class CacheRolePermissionJob extends IJobHandler {
|
|||||||
private CacheRolePermissionHandler cacheRolePermissionHandler;
|
private CacheRolePermissionHandler cacheRolePermissionHandler;
|
||||||
@Autowired
|
@Autowired
|
||||||
private RoleService roleService;
|
private RoleService roleService;
|
||||||
|
@Autowired
|
||||||
|
private SaasPgroupPermissionRelationService saasPgroupPermissionRelationService;
|
||||||
|
@Autowired
|
||||||
|
private SaasPgroupRoleRelationDao saasPgroupRoleRelationDao;
|
||||||
|
@Autowired
|
||||||
|
private RolePermissionCacheService rolePermissionCacheService;
|
||||||
|
|
||||||
private static final Integer DEFAULT_PAGE_SIZE = 1000;
|
private static final Integer DEFAULT_PAGE_SIZE = 2000;
|
||||||
|
|
||||||
@Override
|
@Override
|
||||||
@XxlJob("CacheRolePermissionJob")
|
@XxlJob("CacheRolePermissionJob")
|
||||||
@ -38,25 +53,16 @@ public class CacheRolePermissionJob extends IJobHandler {
|
|||||||
.map(e -> JSONObject.parseObject(e, RoleService.PageSaasRoleParam.class))
|
.map(e -> JSONObject.parseObject(e, RoleService.PageSaasRoleParam.class))
|
||||||
.orElseGet(() -> RoleService.PageSaasRoleParam.builder().build());
|
.orElseGet(() -> RoleService.PageSaasRoleParam.builder().build());
|
||||||
|
|
||||||
|
// 因为角色权限集是重复使用,通过角色找权限集数据量太大,直接查询所有权限集的权限,比较快
|
||||||
|
Map<Long, List<SaasPermissionRelationRes>> permissionRelations = listPgroupPermissionRelation();
|
||||||
|
|
||||||
Integer pageNumber = 1;
|
Integer pageNumber = 1;
|
||||||
while (true) {
|
while (true) {
|
||||||
pageSaasRoleParam.setPage(pageNumber++);
|
pageSaasRoleParam.setPage(pageNumber++);
|
||||||
pageSaasRoleParam.setPageSize(DEFAULT_PAGE_SIZE);
|
pageSaasRoleParam.setPageSize(DEFAULT_PAGE_SIZE);
|
||||||
|
|
||||||
PageResp<SaasRoleRes> page = roleService.page(pageSaasRoleParam);
|
PageResp<SaasRoleRes> page = roleService.page(pageSaasRoleParam);
|
||||||
Set<Long> roleIds = page.getData().stream()
|
|
||||||
.map(SaasRoleRes::getId)
|
|
||||||
.collect(Collectors.toSet());
|
|
||||||
|
|
||||||
RolePermissionCreatedPayload payload = RolePermissionCreatedPayload.builder()
|
store(page.getData(), permissionRelations);
|
||||||
.roleIds(roleIds)
|
|
||||||
.build();
|
|
||||||
|
|
||||||
Event event = Event.builder()
|
|
||||||
.data(payload)
|
|
||||||
.build();
|
|
||||||
|
|
||||||
cacheRolePermissionHandler.onEvent(event, null);
|
|
||||||
|
|
||||||
if (!page.hasNext()) {
|
if (!page.hasNext()) {
|
||||||
break;
|
break;
|
||||||
@ -65,4 +71,62 @@ public class CacheRolePermissionJob extends IJobHandler {
|
|||||||
|
|
||||||
return ReturnT.SUCCESS;
|
return ReturnT.SUCCESS;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
private Map<Long, List<SaasPermissionRelationRes>> listPgroupPermissionRelation() {
|
||||||
|
return saasPgroupPermissionRelationService.list().stream()
|
||||||
|
.collect(Collectors.groupingBy(SaasPgroupPermissionRelation::getGroupId,
|
||||||
|
Collectors.mapping(e -> SaasPermissionRelationRes.builder()
|
||||||
|
.featureId(e.getFeatureId())
|
||||||
|
.featureType(e.getFeatureType())
|
||||||
|
.type(e.getType())
|
||||||
|
.build(), Collectors.toList())));
|
||||||
|
|
||||||
|
}
|
||||||
|
|
||||||
|
private Map<Long, Set<Long>> listPermissionGroup(List<Long> roleIds) {
|
||||||
|
|
||||||
|
return saasPgroupRoleRelationDao.findByRoleIds(roleIds).stream()
|
||||||
|
.collect(Collectors.groupingBy(SaasPgroupRoleRelation::getRoleId,
|
||||||
|
Collectors.mapping(SaasPgroupRoleRelation::getGroupId, Collectors.toSet())));
|
||||||
|
}
|
||||||
|
|
||||||
|
private void store(List<SaasRoleRes> roles,
|
||||||
|
Map<Long, List<SaasPermissionRelationRes>> permissionRelations) {
|
||||||
|
|
||||||
|
if (CollectionUtils.isEmpty(roles)) {
|
||||||
|
return;
|
||||||
|
}
|
||||||
|
|
||||||
|
List<Long> roleIds = roles.stream()
|
||||||
|
.map(SaasRoleRes::getId)
|
||||||
|
.collect(Collectors.toList());
|
||||||
|
Map<Long, Set<Long>> roleGroupMap = listPermissionGroup(roleIds);
|
||||||
|
|
||||||
|
roles.forEach(e -> {
|
||||||
|
Set<Long> groupIds = roleGroupMap.get(e.getId());
|
||||||
|
if (CollectionUtils.isEmpty(groupIds)) {
|
||||||
|
return;
|
||||||
|
}
|
||||||
|
|
||||||
|
List<SaasPermissionRelationRes> rolePermissions = groupIds.stream()
|
||||||
|
.map(permissionRelations::get)
|
||||||
|
.filter(f -> !CollectionUtils.isEmpty(f))
|
||||||
|
.flatMap(Collection::stream)
|
||||||
|
.distinct()
|
||||||
|
.collect(Collectors.toList());
|
||||||
|
|
||||||
|
e.setPermissionRelations(rolePermissions);
|
||||||
|
});
|
||||||
|
|
||||||
|
List<RolePermissionCacheService.RolePermission> rolePermissions = cacheRolePermissionHandler.resolveRolePermission(roles);
|
||||||
|
|
||||||
|
if (CollectionUtils.isEmpty(rolePermissions)) {
|
||||||
|
return;
|
||||||
|
}
|
||||||
|
|
||||||
|
RolePermissionCacheService.StoreRolePermissionParam storeRolePermissionParam = RolePermissionCacheService.StoreRolePermissionParam.builder()
|
||||||
|
.rolePermissions(rolePermissions)
|
||||||
|
.build();
|
||||||
|
rolePermissionCacheService.store(storeRolePermissionParam);
|
||||||
|
}
|
||||||
}
|
}
|
||||||
|
|||||||
@ -1526,8 +1526,10 @@ public class TyrSaasAuthServiceImpl implements TyrSaasAuthService {
|
|||||||
|
|
||||||
//组装返回值
|
//组装返回值
|
||||||
//是否超管
|
//是否超管
|
||||||
boolean superAdmin = saasRoles.stream()
|
boolean superAdmin = Optional.ofNullable(saasRoles)
|
||||||
.anyMatch(e -> RoleTypeEnum.SUPER_ADMIN.getValue().equals(e.getRoleType()));
|
.map(e -> e.stream()
|
||||||
|
.anyMatch(f -> RoleTypeEnum.SUPER_ADMIN.getValue().equals(f.getRoleType())))
|
||||||
|
.orElse(false);
|
||||||
workspacePermission.setSuperAdmin(superAdmin);
|
workspacePermission.setSuperAdmin(superAdmin);
|
||||||
|
|
||||||
Set<IdentityAuthRes.PermissionPoint> allPermissionPoints = Sets.newHashSet();
|
Set<IdentityAuthRes.PermissionPoint> allPermissionPoints = Sets.newHashSet();
|
||||||
@ -1636,7 +1638,7 @@ public class TyrSaasAuthServiceImpl implements TyrSaasAuthService {
|
|||||||
}
|
}
|
||||||
|
|
||||||
return productPermissions.stream()
|
return productPermissions.stream()
|
||||||
.filter(productPermission -> Objects.equals(productPermission.getCooperateType(), role.getProductUnitType()))
|
.filter(productPermission -> Objects.equals(productPermission.getCooperateType(), String.valueOf(role.getProductUnitType())))
|
||||||
.filter(productPermission -> rolePermissionFeatureCodes.contains(productPermission.getFeatureCode()))
|
.filter(productPermission -> rolePermissionFeatureCodes.contains(productPermission.getFeatureCode()))
|
||||||
.map(e -> IdentityAuthRes.PermissionPoint.builder()
|
.map(e -> IdentityAuthRes.PermissionPoint.builder()
|
||||||
.featureCode(e.getFeatureCode())
|
.featureCode(e.getFeatureCode())
|
||||||
|
|||||||
Loading…
Reference in New Issue
Block a user