运营人员添加权限

gic-platform-auth-api/src/main/java/com/gic/auth/service/CollaboratorApiService.java

@@ -102,9 +102,10 @@ public interface CollaboratorApiService {
      * @param enterpriseId
      * @param phone
      * @param appId

+     * @param userId 登录用户ID
      * @return  com.gic.api.base.commons.ServiceResponse<java.util.List<com.gic.auth.dto.MenuDTO>>

     
*/
-    ServiceResponse<List<MenuDTO>> getCollaboratorOperationItem(Integer enterpriseId, String phone, String appId, boolean isSuperAdmin);
+    ServiceResponse<List<MenuDTO>> getCollaboratorOperationItem(Integer enterpriseId, String phone, String appId, Integer userId);
 
     /**
      * 查询主键ID，协作人那边授权跳转，需要主键ID

gic-platform-auth-api/src/main/java/com/gic/auth/service/MenuApiService.java

@@ -103,10 +103,10 @@ public interface MenuApiService {
     
* @author guojuxing
      * @param menuIdList 协作应用权限
      * @param appId 应用ID
-     * @param 
isSuperAdmin 是否是超级管理员
+     * @param 
userId 管理员
      * @return  com.gic.api.base.commons.ServiceResponse<java.util.List<com.gic.auth.dto.MenuDTO>>

     
*/
-    ServiceResponse<List<MenuDTO>> getCollaboratorAppOperationItem(List<Integer> menuIdList, String appId, boolean isSuperAdmin);
+    ServiceResponse<List<MenuDTO>> getCollaboratorAppOperationItem(List<Integer> menuIdList, String appId, Integer userId);
 
     /**
      * 获取登陆用户的应用菜单（页面类型）已构建成树结构

gic-platform-auth-service/src/main/java/com/gic/auth/service/outer/impl/CollaboratorApiServiceImpl.java

@@ -205,7 +205,7 @@ public class CollaboratorApiServiceImpl implements CollaboratorApiService {
     }
 
     @Override
-    public ServiceResponse<List<MenuDTO>> getCollaboratorOperationItem(Integer enterpriseId, String phone, String appId, boolean isSuperAdmin) {
+    public ServiceResponse<List<MenuDTO>> getCollaboratorOperationItem(Integer enterpriseId, String phone, String appId, Integer userId) {
         TabSysCollaborator record = collaboratorService.getByPhoneAndAppId(enterpriseId, phone, appId);
         if (record == null) {
             LOGGER.info("协作人接口getIdByPhoneAndAppId入参数据：{}, {}, {}", enterpriseId, phone, appId);
@@ -220,7 +220,7 @@ public class CollaboratorApiServiceImpl implements CollaboratorApiService {
                 menuIdList.add(menu.getMenuId());
             }
         }
-        return menuApiService.getCollaboratorAppOperationItem(menuIdList, appId, isSuperAdmin);
+        return menuApiService.getCollaboratorAppOperationItem(menuIdList, appId, userId);
     }
 
     @Override

gic-platform-auth-service/src/main/java/com/gic/auth/service/outer/impl/MenuApiServiceImpl.java

@@ -117,12 +117,17 @@ public class MenuApiServiceImpl implements MenuApiService {
         if (StringUtils.isBlank(versionCode)) {
             return ServiceResponse.success(new ArrayList<>());
         }
+        //是否是运维用户
+        boolean isOperationUser = tabSysUser.getLoginType().intValue() != 0;
 
         List<MenuDTO> result;
         if (tabSysUser.getSuperAdmin().intValue() == 1) {
             List<TabSysMenu> temp = new ArrayList<>();
             //超级管理员
             MenuListQO params = new MenuListQO();
+            if (!isOperationUser) {
+                params.setAuthTypeList(Arrays.stream(new Integer[]{1,2}).collect(Collectors.toList()));
+            }
             //查询gic的菜单
             params.setIsGIC(MenuProjectConstants.DEFAULT_PROJECT_CODE);
             params.setVersionCode(versionCode);
@@ -178,8 +183,8 @@ public class MenuApiServiceImpl implements MenuApiService {
     }
 
     @Override
-    public ServiceResponse<List<MenuDTO>> getCollaboratorAppOperationItem(List<Integer> menuIdList, String appId, boolean isSuperAdmin) {
-        return getAppNoAuthOperationItem(menuIdList, appId, isSuperAdmin);
+    public ServiceResponse<List<MenuDTO>> getCollaboratorAppOperationItem(List<Integer> menuIdList, String appId, Integer userId) {
+        return getAppNoAuthOperationItem(menuIdList, appId, userId);
     }
 
     @Override
@@ -1093,7 +1098,7 @@ public class MenuApiServiceImpl implements MenuApiService {
     }
 
     /**
-     * 查询用户拥有的权限菜单(页面、权限项)
+     * 查询用户拥有的权限菜单(页面、权限项)(已经过滤登录用)
      * @Title: getUserMenuList

      * @Description: 
     
 * @author guojuxing 
@@ -1101,6 +1106,8 @@ public class MenuApiServiceImpl implements MenuApiService {
      * @return  java.util.List<com.gic.auth.entity.TabSysMenu>

     
 */
     private List<TabSysMenu> getUserMenuList(Integer userId) {
+        TabSysUser tabSysUser = userService.getUserById(userId);
+
         //查询用户的权限集
         List<UserRoleDTO> userRoleList = userRoleService.listUserRoleByUserId(userId);
         List<Integer> roleIdList = new ArrayList<>(userRoleList.size());
@@ -1114,7 +1121,7 @@ public class MenuApiServiceImpl implements MenuApiService {
             menuIdList.add(menuRole.getMenuId());
         }
         List<TabSysMenu> menuList = menuService.selectByIds(menuIdList);
-        return menuList;
+        return filterOperationUserDepartAuth(menuList, tabSysUser);
     }
 
     /**
@@ -1253,6 +1260,12 @@ public class MenuApiServiceImpl implements MenuApiService {
                 }
                 return false;
             }).collect(Collectors.toList());
+        } else if (tabSysUser != null && tabSysUser.getSuperAdmin().intValue() == 1) {
+            //超级管理员
+            return resultList.stream().filter(e -> e.getAuthType().intValue() != 3).collect(Collectors.toList());
+        } else if (tabSysUser != null && tabSysUser.getSuperAdmin().intValue() == 0) {
+            //普通管理员
+            return resultList.stream().filter(e -> e.getAuthType().intValue() == 1).collect(Collectors.toList());
         }
         return resultList;
     }
@@ -1338,22 +1351,23 @@ public class MenuApiServiceImpl implements MenuApiService {
         if (tabSysUser == null) {
             return ServiceResponse.failure(ErrorCode.PARAMETER_ERROR.getCode(), "用户不存在");
         }
-        //添加逻辑：如果是超级管理员，直接全部有效，不存在没有权限的操作项
-        if (tabSysUser.getSuperAdmin().intValue() == 1) {
-            return ServiceResponse.success(new ArrayList<>());
-        }
+
+//        //添加逻辑：如果是超级管理员，直接全部有效，不存在没有权限的操作项
+//        if (tabSysUser.getSuperAdmin().intValue() == 1) {
+//            return ServiceResponse.success(new ArrayList<>());
+//        }
 
         //用户拥有的菜单权限
         List<TabSysMenu> menuList = getUserMenuList(userId);
 
         List<MenuDTO> resultList = getNoAuthOperationItemByMenuIdList(menuList, projectCode, versionCode);
         //仅超管可用
-        if (tabSysUser.getSuperAdmin().intValue() != 1) {
-            List<TabSysMenu> adminOnlyOperationItemList = menuService.listAdminOnlyOperationItem();
-            if (CollectionUtils.isNotEmpty(adminOnlyOperationItemList)) {
-                resultList.addAll(EntityUtil.changeEntityListNew(MenuDTO.class, adminOnlyOperationItemList));
-            }
-        }
+//        if (tabSysUser.getSuperAdmin().intValue() != 1) {
+//            List<TabSysMenu> adminOnlyOperationItemList = menuService.listAdminOnlyOperationItem();
+//            if (CollectionUtils.isNotEmpty(adminOnlyOperationItemList)) {
+//                resultList.addAll(EntityUtil.changeEntityListNew(MenuDTO.class, adminOnlyOperationItemList));
+//            }
+//        }
 
         return ServiceResponse.success(resultList);
     }
@@ -1406,17 +1420,21 @@ public class MenuApiServiceImpl implements MenuApiService {
         return resultList;
     }
 
-    private ServiceResponse<List<MenuDTO>> getAppNoAuthOperationItem(List<Integer> menuIdList, String appId, boolean isSuperAdmin) {
+    private ServiceResponse<List<MenuDTO>> getAppNoAuthOperationItem(List<Integer> menuIdList, String appId, Integer userId) {
+        TabSysUser tabSysUser = userService.getUserById(userId);
+        if (tabSysUser == null) {
+            return ServiceResponse.failure(ErrorCode.PARAMETER_ERROR.getCode(), "用户ID：" + userId + "用户不存在");
+        }
         //用户拥有的菜单权限
-        List<TabSysMenu> menuList = menuService.selectByIds(menuIdList);
+        List<TabSysMenu> menuList = filterOperationUserDepartAuth(menuService.selectByIds(menuIdList), tabSysUser);
         List<MenuDTO> resultList = getNoAuthOperationItemByMenuIdList(menuList, MenuProjectConstants.APP_PROJECT_CODE, "");
-        //仅超管可用
-        if (!isSuperAdmin) {
-            List<TabSysMenu> adminOnlyOperationItemList = menuService.listAdminOnlyOperationItem();
-            if (CollectionUtils.isNotEmpty(adminOnlyOperationItemList)) {
-                resultList.addAll(EntityUtil.changeEntityListNew(MenuDTO.class, adminOnlyOperationItemList));
-            }
-        }
+//        //仅超管可用
+//        if (!isSuperAdmin) {
+//            List<TabSysMenu> adminOnlyOperationItemList = menuService.listAdminOnlyOperationItem();
+//            if (CollectionUtils.isNotEmpty(adminOnlyOperationItemList)) {
+//                resultList.addAll(EntityUtil.changeEntityListNew(MenuDTO.class, adminOnlyOperationItemList));
+//            }
+//        }
         //过滤应用
         List<MenuDTO> tempResult = new ArrayList<>();
         if (CollectionUtils.isNotEmpty(resultList)) {

gic-platform-auth-web/src/main/java/com/gic/auth/web/controller/MenuController.java

@@ -133,9 +133,8 @@ public class MenuController {
         LOGGER.info("查询登录用户的协作应用的操作项参数：{}-{}", appId, menuCode);
         UserDetail userDetail = UserDetailUtils.getUserDetail();
         appId = getAppId(appId, menuCode);
-        boolean isSuperAdmin = userDetail.getUserInfo().getSuperAdmin().intValue() == 1;
         ServiceResponse<List<MenuDTO>> userMenu = this.collaboratorApiService.getCollaboratorOperationItem(
-                userDetail.getEnterpriseId(), userDetail.getUserInfo().getPhoneNumber(), appId, isSuperAdmin);
+                userDetail.getEnterpriseId(), userDetail.getUserInfo().getPhoneNumber(), appId, userDetail.getUserId());
         return ResultControllerUtils.commonResult(userMenu, UserOperationItemAuthVO.class);
     }