Skip to content

G
gic-platform-auth
Commit 97cd84f1 by guojuxing
Options

权限集过滤

parent 25310e7b
Showing with 125 additions and 36 deletions
gic-platform-auth-api/src/main/java/com/gic/auth/service/MenuApiService.java
......@@ -221,9 +221,20 @@ public interface MenuApiService {
* @Description:

 * @author guojuxing
* @param enterpriseId
* @param userId 登录用户的ID
* @return com.gic.api.base.commons.ServiceResponse<java.lang.Void>


 */
ServiceResponse<List<MenuDTO>> listAppPageOfHasBuy(Integer enterpriseId);
ServiceResponse<List<MenuDTO>> listAppPageOfHasBuy(Integer enterpriseId, Integer userId);
/**
* 查询子管理员应用菜单权限数据
* @Title: listAppPageOfHasBuyForRole

* @Description:

* @author guojuxing
* @param enterpriseId

* @return com.gic.api.base.commons.ServiceResponse<java.util.List<com.gic.auth.dto.MenuDTO>>


*/
ServiceResponse<List<MenuDTO>> listAppPageOfHasBuyForRole(Integer enterpriseId);
/**
* 编辑gic页面
......
gic-platform-auth-service/pom.xml
......@@ -153,6 +153,11 @@
<artifactId>gic-goods-api</artifactId>
<version>${gic-goods-api}</version>
</dependency>
<dependency>
<groupId>com.gic.authcenter</groupId>
<artifactId>gic-authcenter-api</artifactId>
<version>${gic-authcenter-api}</version>
</dependency>
</dependencies>
<build>
......
gic-platform-auth-service/src/main/java/com/gic/auth/dao/mapper/TabSysMenuMapper.java
......@@ -153,7 +153,9 @@ public interface TabSysMenuMapper {
* @param versionCode gic商户基础服务版本
* @return java.util.List<com.gic.auth.entity.TabSysMenu>


 */
List<TabSysMenu> listMenuTree(@Param("project") String project, @Param("versionCode") String versionCode);
List<TabSysMenu> listMenuTree(@Param("project") String project,
@Param("versionCode") String versionCode,
@Param("list") List<Integer> authTypeList);
List<TabSysMenu> selectByProjectList(@Param("projectList") List<String> projectList);
......@@ -167,7 +169,7 @@ public interface TabSysMenuMapper {
* @return java.util.List<com.gic.auth.entity.TabSysMenu>


 */
List<TabSysMenu> selectAppMenuByParam(@Param("projectList") List<String> projectList,
@Param("versionList") List<String> versionList);
@Param("versionList") List<String> versionList, @Param("authTypeList") List<Integer> authTypeList);
/**
* 相同code个数
......
gic-platform-auth-service/src/main/java/com/gic/auth/service/MenuService.java
......@@ -123,9 +123,10 @@ public interface MenuService {

 * @author guojuxing
* @param project

* @param versionCode gic商户基础服务版本
* @param authTypeList 权限适用 1:管理员 2:超管可用&达摩侧 3:仅达摩侧
* @return java.util.List<com.gic.auth.dto.MenuDTO>


 */
List<TabSysMenu> listMenuTree(String project, String versionCode);
List<TabSysMenu> listMenuTree(String project, String versionCode, List<Integer> authTypeList);
/**
* 根据项目查询
......@@ -144,9 +145,10 @@ public interface MenuService {

 * @author guojuxing
* @param projectList appID List
* @param versionList
 版本/拓展包 list
* @param authTypeList 1:普通管理员 2:超管&达摩 3:仅达摩
* @return java.util.List<com.gic.auth.entity.TabSysMenu>


 */
List<TabSysMenu> selectAppMenuByParam(List<String> projectList, List<String> versionList);
List<TabSysMenu> selectAppMenuByParam(List<String> projectList, List<String> versionList, List<Integer> authTypeList);
/**
* 是否重复页面code
......
gic-platform-auth-service/src/main/java/com/gic/auth/service/impl/MenuServiceImpl.java
......@@ -133,8 +133,8 @@ public class MenuServiceImpl implements MenuService {
}
@Override
public List<TabSysMenu> listMenuTree(String project, String versionCode) {
return tabSysMenuMapper.listMenuTree(project, versionCode);
public List<TabSysMenu> listMenuTree(String project, String versionCode, List<Integer> authTypeList) {
return tabSysMenuMapper.listMenuTree(project, versionCode, authTypeList);
}
@Override
......@@ -143,8 +143,8 @@ public class MenuServiceImpl implements MenuService {
}
@Override
public List<TabSysMenu> selectAppMenuByParam(List<String> projectList, List<String> versionList) {
return tabSysMenuMapper.selectAppMenuByParam(projectList, versionList);
public List<TabSysMenu> selectAppMenuByParam(List<String> projectList, List<String> versionList, List<Integer> authTypeList) {
return tabSysMenuMapper.selectAppMenuByParam(projectList, versionList, authTypeList);
}
@Override
......
gic-platform-auth-service/src/main/java/com/gic/auth/service/outer/impl/MenuApiServiceImpl.java
......@@ -5,6 +5,8 @@ import java.util.stream.Collectors;
import com.gic.auth.entity.*;
import com.gic.auth.qo.UserMenuQO;
import com.gic.authcenter.api.dto.GicUserDTO;
import com.gic.authcenter.api.service.GicUserService;
import com.gic.commons.util.CollectionUtil;
import com.gic.enterprise.dto.EnterpriseDTO;
import com.gic.enterprise.dto.EnterpriseResourceRelDTO;
......@@ -62,6 +64,8 @@ public class MenuApiServiceImpl implements MenuApiService {
private BusinessFrontResService businessFrontResService;
@Autowired
private MenuAuthDepartService menuAuthDepartService;
@Autowired
private GicUserService gicUserService;
@Override
public ServiceResponse<List<MenuDTO>> listByMenuIdList(List<Integer> menuIdList) {
......@@ -250,7 +254,8 @@ public class MenuApiServiceImpl implements MenuApiService {
@Override
public ServiceResponse<List<MenuDTO>> listMenuTreeForRole(String project, String versionCode) {
List<TabSysMenu> list = menuService.listMenuTree(project, versionCode);
//普通管理员级别的菜单,给子管理员适用
List<TabSysMenu> list = menuService.listMenuTree(project, versionCode, Arrays.asList(1));
if (CollectionUtils.isNotEmpty(list)) {
return ServiceResponse.success(EntityUtil.changeEntityListNew(MenuDTO.class, list));
}
......@@ -282,7 +287,7 @@ public class MenuApiServiceImpl implements MenuApiService {
}
@Override
public ServiceResponse<List<MenuDTO>> listAppPageOfHasBuy(Integer enterpriseId) {
public ServiceResponse<List<MenuDTO>> listAppPageOfHasBuy(Integer enterpriseId, Integer userId) {
ServiceResponse<List<ApplicationTokenDTO>> appResult = appTokenApiService
.listApplicationByeId(Long.valueOf(enterpriseId));
if (appResult.isSuccess()) {
......@@ -302,8 +307,32 @@ public class MenuApiServiceImpl implements MenuApiService {
}
}
}
List<TabSysMenu> tabSysMenuList;
if (userId != null) {
//过滤运营人员部门职位权限
TabSysUser tabSysUser = userService.getUserById(userId);
if (tabSysUser == null) {
return ServiceResponse.success(new ArrayList<>());
}
if (tabSysUser.getLoginType().intValue() != 0) {
tabSysMenuList = filterOperationUserDepartAuth(menuService
.selectAppMenuByParam(projectList, versionList, null), tabSysUser);
} else if (tabSysUser.getSuperAdmin().intValue() == 1) {
//超级管理员,包括1和2的权限适用
tabSysMenuList = menuService.selectAppMenuByParam(projectList,
versionList,
Arrays.stream(new Integer[]{1, 2}).collect(Collectors.toList()));
} else {
tabSysMenuList = menuService.selectAppMenuByParam(projectList, versionList, Arrays.asList(1));
}
} else {
//过滤
tabSysMenuList = menuService.selectAppMenuByParam(projectList, versionList, Arrays.asList(1));
}
List<MenuDTO> menuList = EntityUtil.changeEntityListNew(MenuDTO.class,
menuService.selectAppMenuByParam(projectList, versionList));
tabSysMenuList);
return ServiceResponse.success(menuList);
} else {
return ServiceResponse.success(new ArrayList<>());
......@@ -313,6 +342,11 @@ public class MenuApiServiceImpl implements MenuApiService {
}
@Override
public ServiceResponse<List<MenuDTO>> listAppPageOfHasBuyForRole(Integer enterpriseId) {
return listAppPageOfHasBuy(enterpriseId, null);
}
@Override
public ServiceResponse<Void> updateGICPage(MenuDTO menuDTO) {
return updatePage(menuDTO, MenuTypeEnum.PAGE, MenuDTO.SavePageValid.class);
}
......@@ -840,6 +874,7 @@ public class MenuApiServiceImpl implements MenuApiService {
menuDTO.setMenuName(app.getName());
menuDTO.setProject(app.getApplicationId().toString());
setMenuVersion(app.getPropDTOList(), app.getServeExpanList(), menuDTO);
setMenuAuthType(menuDTO);
menuDTO.setMenuId(appMenu.get(app.getApplicationId().toString()).getMenuId());
menuService.updatePage(menuDTO);
} else {
......@@ -847,6 +882,7 @@ public class MenuApiServiceImpl implements MenuApiService {
menuDTO.setMenuName(app.getName());
menuDTO.setProject(app.getApplicationId().toString());
setMenuVersion(app.getPropDTOList(), app.getServeExpanList(), menuDTO);
setMenuAuthType(menuDTO);
setNormalFieldValue(menuDTO);
menuService.savePage(menuDTO);
}
......@@ -1110,25 +1146,7 @@ public class MenuApiServiceImpl implements MenuApiService {
}
if (params.isOperationUser()) {
resultList = this.menuService.listMenu(menuListParams);
//todo 运营人员的部门职位;根据手机号查询运维人员的部门职位信息
//如果是运营人员
Set<String> departPosition = new HashSet<>(2);
//过滤运营人员的部门职位权限
Map<String, List<TabSysMenuAuthDepart>> departMap = getAuthDepartMap(null);
resultList = resultList.stream().filter(e -> {
List<TabSysMenuAuthDepart> authList = departMap.get(e.getMenuCode());
if (authList == null) {
//如果是空的,说明是全部权限
return true;
}
//验证departPosition是否存在一个于authList中
if (authList.stream().anyMatch(auth -> departPosition.contains(auth.getDepartCode() + "-" + auth.getPositionCode()))) {
return true;
}
return false;
}).collect(Collectors.toList());
resultList = filterOperationUserDepartAuth(this.menuService.listMenu(menuListParams), tabSysUser);
} else {
if (tabSysUser.getSuperAdmin().intValue() == 1) {
......@@ -1178,6 +1196,40 @@ public class MenuApiServiceImpl implements MenuApiService {
}
/**
* 过滤达摩侧用户的部门职位权限
* @param resultList
* @param tabSysUser
* @return
*/
private List<TabSysMenu> filterOperationUserDepartAuth(List<TabSysMenu> resultList, TabSysUser tabSysUser) {
if (tabSysUser != null && tabSysUser.getLoginType().intValue() != 0) {
//运营人员的部门职位;根据手机号查询运维人员的部门职位信息
GicUserDTO gicUserDTO = gicUserService.getUserByMobile(tabSysUser.getPhoneNumber());
LOGGER.info("运维人员的部门职位数据:{}", JSON.toJSONString(gicUserDTO));
//如果是运营人员
Set<String> departPosition = new HashSet<>(2);
if (StringUtils.isNotBlank(gicUserDTO.getDepartmentCode())) {
departPosition.add(gicUserDTO.getDepartmentCode() + "-" + gicUserDTO.getPositionCode());
}
//过滤运营人员的部门职位权限
Map<String, List<TabSysMenuAuthDepart>> departMap = getAuthDepartMap(null);
return resultList.stream().filter(e -> {
List<TabSysMenuAuthDepart> authList = departMap.get(e.getMenuCode());
if (authList == null) {
//如果是空的,说明是全部权限
return true;
}
//验证departPosition是否存在一个于authList中
if (authList.stream().anyMatch(auth -> departPosition.contains(auth.getDepartCode() + "-" + auth.getPositionCode()))) {
return true;
}
return false;
}).collect(Collectors.toList());
}
return resultList;
}
/**
* 查询出所有的部门职位,用于过滤运营人员权限
* @param menuCodeList
* @return
......
gic-platform-auth-service/src/main/resources/dubbo-gic-platform-auth-service.xml
......@@ -69,4 +69,5 @@
<dubbo:reference interface="com.gic.member.config.api.service.AuthorizationEnterConfApiService" id="authorizationEnterConfApiService" timeout="6000" />
<dubbo:reference interface="com.gic.goods.api.service.GoodsRightsSelectorApiService" id="goodsRightsSelectorApiService" timeout="6000" />
<dubbo:reference interface="com.gic.authcenter.api.service.GicUserService" id="gicUserService" timeout="6000" />
</beans>
gic-platform-auth-service/src/main/resources/mapper/TabSysMenuMapper.xml
......@@ -456,6 +456,12 @@
<if test="versionCode != null and versionCode != '' ">
and menu_version like concat('%_', #{versionCode}, '_%' )
</if>
<if test="null != list and list.size() &gt; 0">
and auth_type in
<foreach close=")" collection="list" index="index" item="item" open="(" separator=",">
#{item}
</foreach>
</if>
<include refid="tree_filter" />
order by level,sort
......@@ -497,6 +503,12 @@
</foreach>
)
</if>
<if test="null != authTypeList and authTypeList.size() &gt; 0">
and auth_type in
<foreach close=")" collection="authTypeList" index="index" item="item" open="(" separator=",">
#{item}
</foreach>
</if>
</select>
<select id="countByMenuCode" resultType="int">
......
gic-platform-auth-web/src/main/java/com/gic/auth/web/controller/MenuController.java
......@@ -209,7 +209,7 @@ public class MenuController {
boolean isSuperAdmin = userDetail.getUserInfo().getSuperAdmin().intValue() == 1;
ServiceResponse<List<MenuDTO>> result;
if (isSuperAdmin) {
result = menuApiService.listAppPageOfHasBuy(UserDetailUtils.getUserDetail().getEnterpriseId());
result = menuApiService.listAppPageOfHasBuy(UserDetailUtils.getUserDetail().getEnterpriseId(), userDetail.getUserId());
} else {
//权限控制
result = menuApiService.getUserMenuOfAppNotTree(userDetail.getEnterpriseId(), userDetail.getUserId(), null,
......@@ -268,7 +268,7 @@ public class MenuController {
}
ServiceResponse<List<MenuDTO>> appResult;
if (isSuperAdmin) {
appResult = menuApiService.listAppPageOfHasBuy(UserDetailUtils.getUserDetail().getEnterpriseId());
appResult = menuApiService.listAppPageOfHasBuy(UserDetailUtils.getUserDetail().getEnterpriseId(), userDetail.getUserId());
} else {
//权限控制
appResult = menuApiService.getUserMenuOfAppNotTree(userDetail.getEnterpriseId(), userDetail.getUserId(),
......
gic-platform-auth-web/src/main/java/com/gic/auth/web/controller/RoleController.java
......@@ -72,7 +72,7 @@ public class RoleController {
//app已购买应用
ServiceResponse<List<MenuDTO>> appResult = menuApiService
.listAppPageOfHasBuy(UserDetailUtils.getUserDetail().getEnterpriseId());
.listAppPageOfHasBuyForRole(UserDetailUtils.getUserDetail().getEnterpriseId());
//过滤商户基础应用
List<MenuDTO> appMenuList = appResult.getResult();
if (CollectionUtils.isNotEmpty(appMenuList)) {
......@@ -133,7 +133,7 @@ public class RoleController {
}
/**
* 查询列表数据
* 查询授权子管理菜单权限列表数据
* @Title: updateAppPage

* @Description:

 * @author guojuxing
......@@ -149,10 +149,14 @@ public class RoleController {
return EnterpriseRestResponse.failure(result);
}
/**
* 查询授权子管理员应用菜单权限数据
* @return
*/
@RequestMapping("/list-app-menu-tree")
public RestResponse listAppMenuTree() {
ServiceResponse<List<MenuDTO>> result = menuApiService
.listAppPageOfHasBuy(UserDetailUtils.getUserDetail().getEnterpriseId());
.listAppPageOfHasBuyForRole(UserDetailUtils.getUserDetail().getEnterpriseId());
if (result.isSuccess()) {
List<MenuDTO> menuList = result.getResult();
if (CollectionUtils.isNotEmpty(menuList)) {
......
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment