Skip to content

G
gic-platform-auth
Commit 97cd84f1 by guojuxing
Options

权限集过滤

parent 25310e7b
Showing with 125 additions and 36 deletions
gic-platform-auth-api/src/main/java/com/gic/auth/service/MenuApiService.java
...@@ -221,9 +221,20 @@ public interface MenuApiService { ...@@ -221,9 +221,20 @@ public interface MenuApiService {
* @Description: * @Description:

 * @author guojuxing 
 * @author guojuxing
* @param enterpriseId * @param enterpriseId
* @param userId 登录用户的ID
* @return com.gic.api.base.commons.ServiceResponse<java.lang.Void>
 * @return com.gic.api.base.commons.ServiceResponse<java.lang.Void>


 */ 
 */
ServiceResponse<List<MenuDTO>> listAppPageOfHasBuy(Integer enterpriseId); ServiceResponse<List<MenuDTO>> listAppPageOfHasBuy(Integer enterpriseId, Integer userId);
/**
* 查询子管理员应用菜单权限数据
* @Title: listAppPageOfHasBuyForRole

* @Description:

* @author guojuxing
* @param enterpriseId

* @return com.gic.api.base.commons.ServiceResponse<java.util.List<com.gic.auth.dto.MenuDTO>>


*/
ServiceResponse<List<MenuDTO>> listAppPageOfHasBuyForRole(Integer enterpriseId);
/** /**
* 编辑gic页面 * 编辑gic页面
......
gic-platform-auth-service/pom.xml
...@@ -153,6 +153,11 @@ ...@@ -153,6 +153,11 @@
<artifactId>gic-goods-api</artifactId> <artifactId>gic-goods-api</artifactId>
<version>${gic-goods-api}</version> <version>${gic-goods-api}</version>
</dependency> </dependency>
<dependency>
<groupId>com.gic.authcenter</groupId>
<artifactId>gic-authcenter-api</artifactId>
<version>${gic-authcenter-api}</version>
</dependency>
</dependencies> </dependencies>
<build> <build>
......
gic-platform-auth-service/src/main/java/com/gic/auth/dao/mapper/TabSysMenuMapper.java
...@@ -153,7 +153,9 @@ public interface TabSysMenuMapper { ...@@ -153,7 +153,9 @@ public interface TabSysMenuMapper {
* @param versionCode gic商户基础服务版本 * @param versionCode gic商户基础服务版本
* @return java.util.List<com.gic.auth.entity.TabSysMenu>
 * @return java.util.List<com.gic.auth.entity.TabSysMenu>


 */ 
 */
List<TabSysMenu> listMenuTree(@Param("project") String project, @Param("versionCode") String versionCode); List<TabSysMenu> listMenuTree(@Param("project") String project,
@Param("versionCode") String versionCode,
@Param("list") List<Integer> authTypeList);
List<TabSysMenu> selectByProjectList(@Param("projectList") List<String> projectList); List<TabSysMenu> selectByProjectList(@Param("projectList") List<String> projectList);
...@@ -167,7 +169,7 @@ public interface TabSysMenuMapper { ...@@ -167,7 +169,7 @@ public interface TabSysMenuMapper {
* @return java.util.List<com.gic.auth.entity.TabSysMenu>
 * @return java.util.List<com.gic.auth.entity.TabSysMenu>


 */ 
 */
List<TabSysMenu> selectAppMenuByParam(@Param("projectList") List<String> projectList, List<TabSysMenu> selectAppMenuByParam(@Param("projectList") List<String> projectList,
@Param("versionList") List<String> versionList); @Param("versionList") List<String> versionList, @Param("authTypeList") List<Integer> authTypeList);
/** /**
* 相同code个数 * 相同code个数
......
gic-platform-auth-service/src/main/java/com/gic/auth/service/MenuService.java
...@@ -123,9 +123,10 @@ public interface MenuService { ...@@ -123,9 +123,10 @@ public interface MenuService {

 * @author guojuxing 
 * @author guojuxing
* @param project
 * @param project

* @param versionCode gic商户基础服务版本 * @param versionCode gic商户基础服务版本
* @param authTypeList 权限适用 1:管理员 2:超管可用&达摩侧 3:仅达摩侧
* @return java.util.List<com.gic.auth.dto.MenuDTO>
 * @return java.util.List<com.gic.auth.dto.MenuDTO>


 */ 
 */
List<TabSysMenu> listMenuTree(String project, String versionCode); List<TabSysMenu> listMenuTree(String project, String versionCode, List<Integer> authTypeList);
/** /**
* 根据项目查询 * 根据项目查询
...@@ -144,9 +145,10 @@ public interface MenuService { ...@@ -144,9 +145,10 @@ public interface MenuService {

 * @author guojuxing 
 * @author guojuxing
* @param projectList appID List * @param projectList appID List
* @param versionList
 版本/拓展包 list * @param versionList
 版本/拓展包 list
* @param authTypeList 1:普通管理员 2:超管&达摩 3:仅达摩
* @return java.util.List<com.gic.auth.entity.TabSysMenu>
 * @return java.util.List<com.gic.auth.entity.TabSysMenu>


 */ 
 */
List<TabSysMenu> selectAppMenuByParam(List<String> projectList, List<String> versionList); List<TabSysMenu> selectAppMenuByParam(List<String> projectList, List<String> versionList, List<Integer> authTypeList);
/** /**
* 是否重复页面code * 是否重复页面code
......
gic-platform-auth-service/src/main/java/com/gic/auth/service/impl/MenuServiceImpl.java
...@@ -133,8 +133,8 @@ public class MenuServiceImpl implements MenuService { ...@@ -133,8 +133,8 @@ public class MenuServiceImpl implements MenuService {
} }
@Override @Override
public List<TabSysMenu> listMenuTree(String project, String versionCode) { public List<TabSysMenu> listMenuTree(String project, String versionCode, List<Integer> authTypeList) {
return tabSysMenuMapper.listMenuTree(project, versionCode); return tabSysMenuMapper.listMenuTree(project, versionCode, authTypeList);
} }
@Override @Override
...@@ -143,8 +143,8 @@ public class MenuServiceImpl implements MenuService { ...@@ -143,8 +143,8 @@ public class MenuServiceImpl implements MenuService {
} }
@Override @Override
public List<TabSysMenu> selectAppMenuByParam(List<String> projectList, List<String> versionList) { public List<TabSysMenu> selectAppMenuByParam(List<String> projectList, List<String> versionList, List<Integer> authTypeList) {
return tabSysMenuMapper.selectAppMenuByParam(projectList, versionList); return tabSysMenuMapper.selectAppMenuByParam(projectList, versionList, authTypeList);
} }
@Override @Override
......
gic-platform-auth-service/src/main/java/com/gic/auth/service/outer/impl/MenuApiServiceImpl.java
...@@ -5,6 +5,8 @@ import java.util.stream.Collectors; ...@@ -5,6 +5,8 @@ import java.util.stream.Collectors;
import com.gic.auth.entity.*; import com.gic.auth.entity.*;
import com.gic.auth.qo.UserMenuQO; import com.gic.auth.qo.UserMenuQO;
import com.gic.authcenter.api.dto.GicUserDTO;
import com.gic.authcenter.api.service.GicUserService;
import com.gic.commons.util.CollectionUtil; import com.gic.commons.util.CollectionUtil;
import com.gic.enterprise.dto.EnterpriseDTO; import com.gic.enterprise.dto.EnterpriseDTO;
import com.gic.enterprise.dto.EnterpriseResourceRelDTO; import com.gic.enterprise.dto.EnterpriseResourceRelDTO;
...@@ -62,6 +64,8 @@ public class MenuApiServiceImpl implements MenuApiService { ...@@ -62,6 +64,8 @@ public class MenuApiServiceImpl implements MenuApiService {
private BusinessFrontResService businessFrontResService; private BusinessFrontResService businessFrontResService;
@Autowired @Autowired
private MenuAuthDepartService menuAuthDepartService; private MenuAuthDepartService menuAuthDepartService;
@Autowired
private GicUserService gicUserService;
@Override @Override
public ServiceResponse<List<MenuDTO>> listByMenuIdList(List<Integer> menuIdList) { public ServiceResponse<List<MenuDTO>> listByMenuIdList(List<Integer> menuIdList) {
...@@ -250,7 +254,8 @@ public class MenuApiServiceImpl implements MenuApiService { ...@@ -250,7 +254,8 @@ public class MenuApiServiceImpl implements MenuApiService {
@Override @Override
public ServiceResponse<List<MenuDTO>> listMenuTreeForRole(String project, String versionCode) { public ServiceResponse<List<MenuDTO>> listMenuTreeForRole(String project, String versionCode) {
List<TabSysMenu> list = menuService.listMenuTree(project, versionCode); //普通管理员级别的菜单,给子管理员适用
List<TabSysMenu> list = menuService.listMenuTree(project, versionCode, Arrays.asList(1));
if (CollectionUtils.isNotEmpty(list)) { if (CollectionUtils.isNotEmpty(list)) {
return ServiceResponse.success(EntityUtil.changeEntityListNew(MenuDTO.class, list)); return ServiceResponse.success(EntityUtil.changeEntityListNew(MenuDTO.class, list));
} }
...@@ -282,7 +287,7 @@ public class MenuApiServiceImpl implements MenuApiService { ...@@ -282,7 +287,7 @@ public class MenuApiServiceImpl implements MenuApiService {
} }
@Override @Override
public ServiceResponse<List<MenuDTO>> listAppPageOfHasBuy(Integer enterpriseId) { public ServiceResponse<List<MenuDTO>> listAppPageOfHasBuy(Integer enterpriseId, Integer userId) {
ServiceResponse<List<ApplicationTokenDTO>> appResult = appTokenApiService ServiceResponse<List<ApplicationTokenDTO>> appResult = appTokenApiService
.listApplicationByeId(Long.valueOf(enterpriseId)); .listApplicationByeId(Long.valueOf(enterpriseId));
if (appResult.isSuccess()) { if (appResult.isSuccess()) {
...@@ -302,8 +307,32 @@ public class MenuApiServiceImpl implements MenuApiService { ...@@ -302,8 +307,32 @@ public class MenuApiServiceImpl implements MenuApiService {
} }
} }
} }
List<TabSysMenu> tabSysMenuList;
if (userId != null) {
//过滤运营人员部门职位权限
TabSysUser tabSysUser = userService.getUserById(userId);
if (tabSysUser == null) {
return ServiceResponse.success(new ArrayList<>());
}
if (tabSysUser.getLoginType().intValue() != 0) {
tabSysMenuList = filterOperationUserDepartAuth(menuService
.selectAppMenuByParam(projectList, versionList, null), tabSysUser);
} else if (tabSysUser.getSuperAdmin().intValue() == 1) {
//超级管理员,包括1和2的权限适用
tabSysMenuList = menuService.selectAppMenuByParam(projectList,
versionList,
Arrays.stream(new Integer[]{1, 2}).collect(Collectors.toList()));
} else {
tabSysMenuList = menuService.selectAppMenuByParam(projectList, versionList, Arrays.asList(1));
}
} else {
//过滤
tabSysMenuList = menuService.selectAppMenuByParam(projectList, versionList, Arrays.asList(1));
}
List<MenuDTO> menuList = EntityUtil.changeEntityListNew(MenuDTO.class, List<MenuDTO> menuList = EntityUtil.changeEntityListNew(MenuDTO.class,
menuService.selectAppMenuByParam(projectList, versionList)); tabSysMenuList);
return ServiceResponse.success(menuList); return ServiceResponse.success(menuList);
} else { } else {
return ServiceResponse.success(new ArrayList<>()); return ServiceResponse.success(new ArrayList<>());
...@@ -313,6 +342,11 @@ public class MenuApiServiceImpl implements MenuApiService { ...@@ -313,6 +342,11 @@ public class MenuApiServiceImpl implements MenuApiService {
} }
@Override @Override
public ServiceResponse<List<MenuDTO>> listAppPageOfHasBuyForRole(Integer enterpriseId) {
return listAppPageOfHasBuy(enterpriseId, null);
}
@Override
public ServiceResponse<Void> updateGICPage(MenuDTO menuDTO) { public ServiceResponse<Void> updateGICPage(MenuDTO menuDTO) {
return updatePage(menuDTO, MenuTypeEnum.PAGE, MenuDTO.SavePageValid.class); return updatePage(menuDTO, MenuTypeEnum.PAGE, MenuDTO.SavePageValid.class);
} }
...@@ -840,6 +874,7 @@ public class MenuApiServiceImpl implements MenuApiService { ...@@ -840,6 +874,7 @@ public class MenuApiServiceImpl implements MenuApiService {
menuDTO.setMenuName(app.getName()); menuDTO.setMenuName(app.getName());
menuDTO.setProject(app.getApplicationId().toString()); menuDTO.setProject(app.getApplicationId().toString());
setMenuVersion(app.getPropDTOList(), app.getServeExpanList(), menuDTO); setMenuVersion(app.getPropDTOList(), app.getServeExpanList(), menuDTO);
setMenuAuthType(menuDTO);
menuDTO.setMenuId(appMenu.get(app.getApplicationId().toString()).getMenuId()); menuDTO.setMenuId(appMenu.get(app.getApplicationId().toString()).getMenuId());
menuService.updatePage(menuDTO); menuService.updatePage(menuDTO);
} else { } else {
...@@ -847,6 +882,7 @@ public class MenuApiServiceImpl implements MenuApiService { ...@@ -847,6 +882,7 @@ public class MenuApiServiceImpl implements MenuApiService {
menuDTO.setMenuName(app.getName()); menuDTO.setMenuName(app.getName());
menuDTO.setProject(app.getApplicationId().toString()); menuDTO.setProject(app.getApplicationId().toString());
setMenuVersion(app.getPropDTOList(), app.getServeExpanList(), menuDTO); setMenuVersion(app.getPropDTOList(), app.getServeExpanList(), menuDTO);
setMenuAuthType(menuDTO);
setNormalFieldValue(menuDTO); setNormalFieldValue(menuDTO);
menuService.savePage(menuDTO); menuService.savePage(menuDTO);
} }
...@@ -1110,25 +1146,7 @@ public class MenuApiServiceImpl implements MenuApiService { ...@@ -1110,25 +1146,7 @@ public class MenuApiServiceImpl implements MenuApiService {
} }
if (params.isOperationUser()) { if (params.isOperationUser()) {
resultList = this.menuService.listMenu(menuListParams); resultList = filterOperationUserDepartAuth(this.menuService.listMenu(menuListParams), tabSysUser);
//todo 运营人员的部门职位;根据手机号查询运维人员的部门职位信息
//如果是运营人员
Set<String> departPosition = new HashSet<>(2);
//过滤运营人员的部门职位权限
Map<String, List<TabSysMenuAuthDepart>> departMap = getAuthDepartMap(null);
resultList = resultList.stream().filter(e -> {
List<TabSysMenuAuthDepart> authList = departMap.get(e.getMenuCode());
if (authList == null) {
//如果是空的,说明是全部权限
return true;
}
//验证departPosition是否存在一个于authList中
if (authList.stream().anyMatch(auth -> departPosition.contains(auth.getDepartCode() + "-" + auth.getPositionCode()))) {
return true;
}
return false;
}).collect(Collectors.toList());
} else { } else {
if (tabSysUser.getSuperAdmin().intValue() == 1) { if (tabSysUser.getSuperAdmin().intValue() == 1) {
...@@ -1178,6 +1196,40 @@ public class MenuApiServiceImpl implements MenuApiService { ...@@ -1178,6 +1196,40 @@ public class MenuApiServiceImpl implements MenuApiService {
} }
/** /**
* 过滤达摩侧用户的部门职位权限
* @param resultList
* @param tabSysUser
* @return
*/
private List<TabSysMenu> filterOperationUserDepartAuth(List<TabSysMenu> resultList, TabSysUser tabSysUser) {
if (tabSysUser != null && tabSysUser.getLoginType().intValue() != 0) {
//运营人员的部门职位;根据手机号查询运维人员的部门职位信息
GicUserDTO gicUserDTO = gicUserService.getUserByMobile(tabSysUser.getPhoneNumber());
LOGGER.info("运维人员的部门职位数据:{}", JSON.toJSONString(gicUserDTO));
//如果是运营人员
Set<String> departPosition = new HashSet<>(2);
if (StringUtils.isNotBlank(gicUserDTO.getDepartmentCode())) {
departPosition.add(gicUserDTO.getDepartmentCode() + "-" + gicUserDTO.getPositionCode());
}
//过滤运营人员的部门职位权限
Map<String, List<TabSysMenuAuthDepart>> departMap = getAuthDepartMap(null);
return resultList.stream().filter(e -> {
List<TabSysMenuAuthDepart> authList = departMap.get(e.getMenuCode());
if (authList == null) {
//如果是空的,说明是全部权限
return true;
}
//验证departPosition是否存在一个于authList中
if (authList.stream().anyMatch(auth -> departPosition.contains(auth.getDepartCode() + "-" + auth.getPositionCode()))) {
return true;
}
return false;
}).collect(Collectors.toList());
}
return resultList;
}
/**
* 查询出所有的部门职位,用于过滤运营人员权限 * 查询出所有的部门职位,用于过滤运营人员权限
* @param menuCodeList * @param menuCodeList
* @return * @return
......
gic-platform-auth-service/src/main/resources/dubbo-gic-platform-auth-service.xml
...@@ -69,4 +69,5 @@ ...@@ -69,4 +69,5 @@
<dubbo:reference interface="com.gic.member.config.api.service.AuthorizationEnterConfApiService" id="authorizationEnterConfApiService" timeout="6000" /> <dubbo:reference interface="com.gic.member.config.api.service.AuthorizationEnterConfApiService" id="authorizationEnterConfApiService" timeout="6000" />
<dubbo:reference interface="com.gic.goods.api.service.GoodsRightsSelectorApiService" id="goodsRightsSelectorApiService" timeout="6000" /> <dubbo:reference interface="com.gic.goods.api.service.GoodsRightsSelectorApiService" id="goodsRightsSelectorApiService" timeout="6000" />
<dubbo:reference interface="com.gic.authcenter.api.service.GicUserService" id="gicUserService" timeout="6000" />
</beans> </beans>
gic-platform-auth-service/src/main/resources/mapper/TabSysMenuMapper.xml
...@@ -456,6 +456,12 @@ ...@@ -456,6 +456,12 @@
<if test="versionCode != null and versionCode != '' "> <if test="versionCode != null and versionCode != '' ">
and menu_version like concat('%_', #{versionCode}, '_%' ) and menu_version like concat('%_', #{versionCode}, '_%' )
</if> </if>
<if test="null != list and list.size() &gt; 0">
and auth_type in
<foreach close=")" collection="list" index="index" item="item" open="(" separator=",">
#{item}
</foreach>
</if>
<include refid="tree_filter" /> <include refid="tree_filter" />
order by level,sort order by level,sort
...@@ -497,6 +503,12 @@ ...@@ -497,6 +503,12 @@
</foreach> </foreach>
) )
</if> </if>
<if test="null != authTypeList and authTypeList.size() &gt; 0">
and auth_type in
<foreach close=")" collection="authTypeList" index="index" item="item" open="(" separator=",">
#{item}
</foreach>
</if>
</select> </select>
<select id="countByMenuCode" resultType="int"> <select id="countByMenuCode" resultType="int">
......
gic-platform-auth-web/src/main/java/com/gic/auth/web/controller/MenuController.java
...@@ -209,7 +209,7 @@ public class MenuController { ...@@ -209,7 +209,7 @@ public class MenuController {
boolean isSuperAdmin = userDetail.getUserInfo().getSuperAdmin().intValue() == 1; boolean isSuperAdmin = userDetail.getUserInfo().getSuperAdmin().intValue() == 1;
ServiceResponse<List<MenuDTO>> result; ServiceResponse<List<MenuDTO>> result;
if (isSuperAdmin) { if (isSuperAdmin) {
result = menuApiService.listAppPageOfHasBuy(UserDetailUtils.getUserDetail().getEnterpriseId()); result = menuApiService.listAppPageOfHasBuy(UserDetailUtils.getUserDetail().getEnterpriseId(), userDetail.getUserId());
} else { } else {
//权限控制 //权限控制
result = menuApiService.getUserMenuOfAppNotTree(userDetail.getEnterpriseId(), userDetail.getUserId(), null, result = menuApiService.getUserMenuOfAppNotTree(userDetail.getEnterpriseId(), userDetail.getUserId(), null,
...@@ -268,7 +268,7 @@ public class MenuController { ...@@ -268,7 +268,7 @@ public class MenuController {
} }
ServiceResponse<List<MenuDTO>> appResult; ServiceResponse<List<MenuDTO>> appResult;
if (isSuperAdmin) { if (isSuperAdmin) {
appResult = menuApiService.listAppPageOfHasBuy(UserDetailUtils.getUserDetail().getEnterpriseId()); appResult = menuApiService.listAppPageOfHasBuy(UserDetailUtils.getUserDetail().getEnterpriseId(), userDetail.getUserId());
} else { } else {
//权限控制 //权限控制
appResult = menuApiService.getUserMenuOfAppNotTree(userDetail.getEnterpriseId(), userDetail.getUserId(), appResult = menuApiService.getUserMenuOfAppNotTree(userDetail.getEnterpriseId(), userDetail.getUserId(),
......
gic-platform-auth-web/src/main/java/com/gic/auth/web/controller/RoleController.java
...@@ -72,7 +72,7 @@ public class RoleController { ...@@ -72,7 +72,7 @@ public class RoleController {
//app已购买应用 //app已购买应用
ServiceResponse<List<MenuDTO>> appResult = menuApiService ServiceResponse<List<MenuDTO>> appResult = menuApiService
.listAppPageOfHasBuy(UserDetailUtils.getUserDetail().getEnterpriseId()); .listAppPageOfHasBuyForRole(UserDetailUtils.getUserDetail().getEnterpriseId());
//过滤商户基础应用 //过滤商户基础应用
List<MenuDTO> appMenuList = appResult.getResult(); List<MenuDTO> appMenuList = appResult.getResult();
if (CollectionUtils.isNotEmpty(appMenuList)) { if (CollectionUtils.isNotEmpty(appMenuList)) {
...@@ -133,7 +133,7 @@ public class RoleController { ...@@ -133,7 +133,7 @@ public class RoleController {
} }
/** /**
* 查询列表数据 * 查询授权子管理菜单权限列表数据
* @Title: updateAppPage
 * @Title: updateAppPage

* @Description: * @Description:

 * @author guojuxing 
 * @author guojuxing
...@@ -149,10 +149,14 @@ public class RoleController { ...@@ -149,10 +149,14 @@ public class RoleController {
return EnterpriseRestResponse.failure(result); return EnterpriseRestResponse.failure(result);
} }
/**
* 查询授权子管理员应用菜单权限数据
* @return
*/
@RequestMapping("/list-app-menu-tree") @RequestMapping("/list-app-menu-tree")
public RestResponse listAppMenuTree() { public RestResponse listAppMenuTree() {
ServiceResponse<List<MenuDTO>> result = menuApiService ServiceResponse<List<MenuDTO>> result = menuApiService
.listAppPageOfHasBuy(UserDetailUtils.getUserDetail().getEnterpriseId()); .listAppPageOfHasBuyForRole(UserDetailUtils.getUserDetail().getEnterpriseId());
if (result.isSuccess()) { if (result.isSuccess()) {
List<MenuDTO> menuList = result.getResult(); List<MenuDTO> menuList = result.getResult();
if (CollectionUtils.isNotEmpty(menuList)) { if (CollectionUtils.isNotEmpty(menuList)) {
......
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment