feat:(REQ-2227) 修改新增角色的逻辑

tyr-api/src/main/java/cn/axzo/tyr/client/feign/TyrSaasRoleApi.java

@@ -8,13 +8,13 @@ import cn.axzo.tyr.client.model.req.FeatureRoleRelationReq;
 import cn.axzo.tyr.client.model.req.QueryByIdentityIdTypeReq;
 import cn.axzo.tyr.client.model.req.QueryRoleByNameReq;
 import cn.axzo.tyr.client.model.req.QuerySaasRoleReq;
-import cn.axzo.tyr.client.model.res.FeatureRoleRelationResp;
-import cn.axzo.tyr.client.model.res.RoleTreeRes;
 import cn.axzo.tyr.client.model.req.RoleWithUserQueryReq;
 import cn.axzo.tyr.client.model.req.TreeRoleReq;
+import cn.axzo.tyr.client.model.res.FeatureRoleRelationResp;
 import cn.axzo.tyr.client.model.res.IsSuperAdminRes;
 import cn.axzo.tyr.client.model.res.QueryBatchByIdentityIdTypeRes;
 import cn.axzo.tyr.client.model.res.QueryRoleByNameResp;
+import cn.axzo.tyr.client.model.res.RoleTreeRes;
 import cn.axzo.tyr.client.model.res.RoleWithUserRes;
 import cn.axzo.tyr.client.model.vo.SaasRoleAndGroupVO;
 import cn.axzo.tyr.client.model.vo.SaasRoleCategoryVO;

tyr-api/src/main/java/cn/axzo/tyr/client/model/vo/SaveOrUpdateRoleVO.java

@@ -7,6 +7,7 @@ import javax.validation.constraints.NotBlank;
 import javax.validation.constraints.NotEmpty;
 import javax.validation.constraints.NotNull;
 import java.util.List;
+import java.util.Set;
 
 @Data
 public class SaveOrUpdateRoleVO {
@@ -42,10 +43,14 @@ public class SaveOrUpdateRoleVO {
 	/**
 	 * 角色分组
 	 */
-	@NotEmpty
-	@Valid
 	private List<GroupInfoVO> groupTree;
 
+	/**
+	 * 产品单位类型
+	 * 1:总包 2:建设单位 3:监理单位 4:劳务分包 5:专业分包 6:OMS通用 7:企业通用 8:企业内班组 9:项目内班组
+	 */
+	private Integer productUnitType;
+
 	private String permissionGroupName;
 
 	private String permissionGroupDescription;
@@ -57,23 +62,27 @@ public class SaveOrUpdateRoleVO {
 
 	/**
 	 * 选中的权限点id
+	 * cms再使用，后面都会切到使用permissionIds
 	 */
-	@NotNull(message = "权限点ID不能为空")
+	@Deprecated
 	private List<Long> selectedPPIds;
 
+	/**
+	 * 新的oms权限
+	 */
+	private Set<Long> permissionIds;
+
 	@Data
 	public static class GroupInfoVO {
 
 		/**
 		 * 角色分组id
 		 */
-		@NotNull(message = "角色分组ID不能为空")
 		private Long id;
 
 		/**
 		 * 项目部类型字典code
 		 */
-		@NotNull(message = "workspaceTypeCode不能为空")
 		private String workspaceTypeCode;
 	}
 }

tyr-server/src/main/java/cn/axzo/tyr/server/TyrApplication.java

@@ -7,6 +7,7 @@ import org.springframework.boot.autoconfigure.SpringBootApplication;
 import org.springframework.cache.annotation.EnableCaching;
 import org.springframework.cloud.client.discovery.EnableDiscoveryClient;
 import org.springframework.context.ConfigurableApplicationContext;
+import org.springframework.context.annotation.Import;
 import org.springframework.core.env.Environment;
 import org.springframework.scheduling.annotation.EnableAsync;
 

tyr-server/src/main/java/cn/axzo/tyr/server/controller/role/SaasRoleController.java

@@ -12,14 +12,14 @@ import cn.axzo.tyr.client.model.req.QueryByIdentityIdTypeReq;
 import cn.axzo.tyr.client.model.req.QueryRoleByNameReq;
 import cn.axzo.tyr.client.model.req.QuerySaasRoleGroupReq;
 import cn.axzo.tyr.client.model.req.QuerySaasRoleReq;
-import cn.axzo.tyr.client.model.res.FeatureRoleRelationResp;
-import cn.axzo.tyr.client.model.res.RoleTreeRes;
 import cn.axzo.tyr.client.model.req.RoleWithUserQueryReq;
 import cn.axzo.tyr.client.model.req.TreeRoleReq;
 import cn.axzo.tyr.client.model.res.CommonDictResp;
+import cn.axzo.tyr.client.model.res.FeatureRoleRelationResp;
 import cn.axzo.tyr.client.model.res.IsSuperAdminRes;
 import cn.axzo.tyr.client.model.res.QueryBatchByIdentityIdTypeRes;
 import cn.axzo.tyr.client.model.res.QueryRoleByNameResp;
+import cn.axzo.tyr.client.model.res.RoleTreeRes;
 import cn.axzo.tyr.client.model.res.RoleWithUserRes;
 import cn.axzo.tyr.client.model.vo.SaasRoleAndGroupVO;
 import cn.axzo.tyr.client.model.vo.SaasRoleCategoryVO;

tyr-server/src/main/java/cn/axzo/tyr/server/service/impl/RoleServiceImpl.java

@@ -31,6 +31,8 @@ import cn.axzo.tyr.client.model.vo.SaasRoleGroupCodeVO;
 import cn.axzo.tyr.client.model.vo.SaasRoleGroupVO;
 import cn.axzo.tyr.client.model.vo.SaasRoleVO;
 import cn.axzo.tyr.client.model.vo.SaveOrUpdateRoleVO;
+import cn.axzo.tyr.server.model.ResourcePermission;
+import cn.axzo.tyr.server.model.ResourcePermissionQueryDTO;
 import cn.axzo.tyr.server.model.RoleFeatureRelation;
 import cn.axzo.tyr.server.model.RoleWithFeature;
 import cn.axzo.tyr.server.repository.dao.SaasFeatureDao;
@@ -81,8 +83,6 @@ import org.springframework.stereotype.Service;
 import org.springframework.transaction.annotation.Transactional;
 
 import java.util.ArrayList;
-import java.util.Arrays;
-import java.util.Collection;
 import java.util.Collections;
 import java.util.Date;
 import java.util.HashSet;
@@ -145,6 +145,8 @@ public class RoleServiceImpl extends ServiceImpl<SaasRoleMapper, SaasRole>
     @Value("${groupLeader.code:projectTeamGPLeader}")
     private String groupLeaderCode;
 
+    private static final Set<String> COMMON_ROLE_TYPES = Sets.newHashSet(RoleTypeEnum.COMMON.getValue(), RoleTypeEnum.AUTO_OWN.getValue());
+
     @Override
     public List<SaasRoleVO> queryByIdentityIdType(Long identityId, Integer identityType, Long workspaceId, Long ouId, Boolean includePermissionGroup) {
         // 查询人关联的角色id
@@ -314,7 +316,11 @@ public class RoleServiceImpl extends ServiceImpl<SaasRoleMapper, SaasRole>
         SaasRole saasRole = validAndBuildRole(saveOrUpdateRole, now);
         //验证权限集信息
         SaasPermissionGroup saasPermissionGroup = validPermissionGroupCommon(saveOrUpdateRole);
+
+        // TODO 旧的权限,待权限切完后就下掉
         validFeature(saveOrUpdateRole.getSelectedPPIds());
+        // 新的权限
+        validPermission(saveOrUpdateRole.getPermissionIds());
 
         saasRoleDao.saveOrUpdate(saasRole);
         // 新增或者保存分组和角色映射关系
@@ -338,8 +344,14 @@ public class RoleServiceImpl extends ServiceImpl<SaasRoleMapper, SaasRole>
         if (Objects.isNull(saveOrUpdateRole.getId())) {
             saasPgroupRoleRelationDao.save(pgrr);
         }
+        if (CollectionUtils.isNotEmpty(saveOrUpdateRole.getSelectedPPIds())
+                || CollectionUtils.isNotEmpty(saveOrUpdateRole.getPermissionIds())) {
+
+            List<Long> pids = Optional.ofNullable(saveOrUpdateRole.getSelectedPPIds())
+                    .orElse(Lists.newArrayList(saveOrUpdateRole.getPermissionIds()));
+
             // 保存权限集和权限点映射关系
-        List<SaasPgroupPermissionRelation> pgpRelations = Optional.ofNullable(saveOrUpdateRole.getSelectedPPIds()).orElse(new ArrayList<>()).stream().map(ppId -> {
+            List<SaasPgroupPermissionRelation> pgpRelations = pids.stream().map(ppId -> {
                 SaasPgroupPermissionRelation target = new SaasPgroupPermissionRelation();
                 target.setGroupId(saasPermissionGroup.getId());
                 target.setFeatureId(ppId);
@@ -348,6 +360,8 @@ public class RoleServiceImpl extends ServiceImpl<SaasRoleMapper, SaasRole>
                 return target;
             }).collect(Collectors.toList());
             saasPgroupPermissionRelationService.saveOrUpdate(Lists.newArrayList(saasPermissionGroup.getId()), pgpRelations);
+        }
+
         return saasRole.getId();
     }
 
@@ -453,8 +467,20 @@ public class RoleServiceImpl extends ServiceImpl<SaasRoleMapper, SaasRole>
         saasRole.setRoleType(saveOrUpdateRole.getRoleType());
         saasRole.setWorkspaceId(saveOrUpdateRole.getWorkspaceId());
         saasRole.setOwnerOuId(saveOrUpdateRole.getOwnerOuId());
-        saasRole.setWorkspaceType(Integer.parseInt(saveOrUpdateRole.getGroupTree().get(0).getWorkspaceTypeCode()));
+        // roleType = 自定义，common，workspaceType = saveOrUpdateRole.workspaceType
+        // 其他就从角色组取，没有就saveOrUpdateRole.workspaceType
+        Integer workspaceType = null;
+        if (COMMON_ROLE_TYPES.contains(saveOrUpdateRole.getRoleType()) || CollectionUtils.isEmpty(saveOrUpdateRole.getGroupTree())) {
+            workspaceType = saveOrUpdateRole.getWorkspaceType();
+        } else {
+            workspaceType = Integer.parseInt(saveOrUpdateRole.getGroupTree().get(0).getWorkspaceTypeCode());
+        }
+        if (CollectionUtils.isNotEmpty(saveOrUpdateRole.getGroupTree())) {
             saasRole.setProductUnitType(setProductUnitType(saveOrUpdateRole.getGroupTree().get(0)));
+        } else {
+            saasRole.setProductUnitType(saveOrUpdateRole.getProductUnitType());
+        }
+
         saasRole.setUpdateBy(saveOrUpdateRole.getOperatorId());
         saasRole.setUpdateAt(now);
         String message = "角色校验异常";
@@ -467,9 +493,8 @@ public class RoleServiceImpl extends ServiceImpl<SaasRoleMapper, SaasRole>
             message = "同一角色分组内,角色名称不能重复!";
         } else {
             //自定义角色 同一个企业单位 同一个工作台 角色名称不能为空
-            String currentWorkspaceCode = saveOrUpdateRole.getGroupTree().get(0).getWorkspaceTypeCode();
             List<Long> systemAndCustomWorkspaceCodes = new ArrayList<>();
-            systemAndCustomWorkspaceCodes.add(Long.valueOf(currentWorkspaceCode));
+            systemAndCustomWorkspaceCodes.add(Long.valueOf(workspaceType));
             systemAndCustomWorkspaceCodes.add(-1L);
 
             List<Long> systemAndCustomOuIds = new ArrayList<>();
@@ -1102,4 +1127,17 @@ public class RoleServiceImpl extends ServiceImpl<SaasRoleMapper, SaasRole>
         });
         return resps;
     }
+
+    private void validPermission(Set<Long> permissionIds) {
+        if (CollectionUtils.isEmpty(permissionIds)) {
+            return;
+        }
+        List<ResourcePermission> resourcePermissions = saasFeatureResourceService.permissionQuery(ResourcePermissionQueryDTO.builder()
+                .ids(Lists.newArrayList(permissionIds))
+                .build());
+        if (permissionIds.size() != resourcePermissions.size()) {
+            permissionIds.removeAll(resourcePermissions.stream().map(ResourcePermission::getId).collect(Collectors.toSet()));
+            throw new ServiceException(String.format("权限点 %s 信息错误", permissionIds));
+        }
+    }
 }