|
|
@@ -2,21 +2,24 @@ package cn.com.taiji.userw.manager.rbac; |
|
|
|
|
|
|
|
import cn.com.taiji.common.manager.net.http.ServiceHandleException; |
|
|
|
import cn.com.taiji.common.pub.BeanTools; |
|
|
|
import cn.com.taiji.common.pub.CommonAbstract; |
|
|
|
import cn.com.taiji.core.entity.dict.basic.SourceType; |
|
|
|
import cn.com.taiji.core.entity.dict.user.RbacSource; |
|
|
|
import cn.com.taiji.core.entity.dict.user.RbacStatus; |
|
|
|
import cn.com.taiji.core.entity.dict.user.SystemType; |
|
|
|
import cn.com.taiji.core.entity.user.*; |
|
|
|
import cn.com.taiji.core.entity.user.UserMenu; |
|
|
|
import cn.com.taiji.core.entity.user.UserPerm; |
|
|
|
import cn.com.taiji.core.entity.user.UserRoleMenuPerm; |
|
|
|
import cn.com.taiji.core.entity.user.UserRoleUserMenu; |
|
|
|
import cn.com.taiji.core.manager.cache.RedisCacheManager; |
|
|
|
import cn.com.taiji.core.model.comm.protocol.valid.GlyServiceError; |
|
|
|
import cn.com.taiji.core.repo.jpa.user.*; |
|
|
|
import cn.com.taiji.userw.dto.rbac.RbacMenuListBySystemTypeRequestDTO; |
|
|
|
import cn.com.taiji.userw.dto.rbac.RbacMenuListBySystemTypeResponseDTO; |
|
|
|
import cn.com.taiji.userw.dto.rbac.SystemTypeListByRbacSourceRequestDTO; |
|
|
|
import cn.com.taiji.userw.dto.rbac.SystemTypeListByRbacSourceResponseDTO; |
|
|
|
import cn.com.taiji.userw.dto.rbac.*; |
|
|
|
import cn.com.taiji.userw.model.rbac.MenuModel; |
|
|
|
import cn.com.taiji.userw.model.rbac.PermModel; |
|
|
|
import cn.com.taiji.userw.model.rbac.SystemTypeMode; |
|
|
|
import org.springframework.beans.BeanUtils; |
|
|
|
import org.springframework.stereotype.Service; |
|
|
|
import org.springframework.util.CollectionUtils; |
|
|
|
|
|
|
|
import javax.annotation.Resource; |
|
|
|
import java.util.ArrayList; |
|
|
@@ -25,8 +28,18 @@ import java.util.stream.Collectors; |
|
|
|
|
|
|
|
|
|
|
|
@Service |
|
|
|
public class RbacMenuMangerImpl extends CommonAbstract implements RbacMenuManger { |
|
|
|
public class RbacMenuMangerImpl extends RedisCacheManager implements RbacMenuManger { |
|
|
|
|
|
|
|
private final static String appBaseRoleId = "d1eb3eebfac846d39aea7d39aea7s365"; |
|
|
|
private final static String miniProgramBaseRoleId = "d1eb3eebfac846d39aea7d39aea7s124"; |
|
|
|
private final static String zfbMiniProgramBaseRoleId = "7acb029592c84738a8f509af6e179ffc"; |
|
|
|
|
|
|
|
@Resource |
|
|
|
private AccountUserRoleRepo accountUserRoleRepo; |
|
|
|
@Resource |
|
|
|
private UserRoleMenuPermRepo userRoleMenuPermRepo; |
|
|
|
@Resource |
|
|
|
private UserRoleUserMenuRepo userRoleUserMenuRepo; |
|
|
|
@Resource |
|
|
|
private UserMenuRepo userMenuRepo; |
|
|
|
|
|
|
@@ -95,8 +108,6 @@ public class RbacMenuMangerImpl extends CommonAbstract implements RbacMenuManger |
|
|
|
} |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
public void setSub(MenuModel pMenu, List<MenuModel> menuList) throws ServiceHandleException { |
|
|
|
boolean hasSub = false; |
|
|
|
//设置该父菜单的子菜单 |
|
|
@@ -149,4 +160,150 @@ public class RbacMenuMangerImpl extends CommonAbstract implements RbacMenuManger |
|
|
|
} |
|
|
|
} |
|
|
|
|
|
|
|
@Override |
|
|
|
public RbacMenuListBySystemTypeAndOpenIdResponseDTO menuListBySystemTypeAndOpenId(RbacMenuListBySystemTypeAndOpenIdRequestDTO dto) throws ServiceHandleException { |
|
|
|
//TODO 根据登录来源方区分 |
|
|
|
// 小程序:则查询AccountUserRole中 根据openId、SystemType.MINI_PROGRAM、LoginSource.MINI_PROGRAM 去找,然后再额外分配一个基本角色 |
|
|
|
// APP:则查询AccountUserRole中 根据openId和SystemType.COMMON、LoginSource.MINI_PROGRAM 去找,然后再额外分配一个基本角色 |
|
|
|
// WEB:则查询AccountUserRole中 根据openId和SystemType.xitong、LoginSource.MINI_PROGRAM 去找 |
|
|
|
// ... |
|
|
|
// 注册账号的时候就进行角色分配?还是固定有一个基本角色的概念在 |
|
|
|
// 目前做法:创建了一个基本角色,可以去给基本角色去进行菜单分配, |
|
|
|
// 每个人在进入小程序的时候会默认分配一个基本角色,然后再去查询,在小程序中该账号是否又分配了其他的角色,并返回这些角色 |
|
|
|
// 每个人在进入APP的时候会默认分配一个基本角色,然后再去查询,在小程序中该账号是否又分配了其他的角色,并返回这些角色 |
|
|
|
String openId = findOpenIdByToken(dto.getAccessToken()); |
|
|
|
SystemType systemType = SystemType.fromCode(dto.getSystemType()); |
|
|
|
if (systemType == null) throw GlyServiceError.BUSINESS_VALIDATE_ERR.toHandleException("系统类型错误"); |
|
|
|
SourceType loginSource = SourceType.findByCode(dto.getLoginSource()); |
|
|
|
if (loginSource == null) throw GlyServiceError.BUSINESS_VALIDATE_ERR.toHandleException("来源错误"); |
|
|
|
List<String> roleIds = accountUserRoleRepo.findRoleByOpenIdAndSystemType(openId, systemType); |
|
|
|
if (isEmpty(roleIds)) |
|
|
|
throw GlyServiceError.BUSINESS_VALIDATE_ERR.toHandleException("该账号在该系统中没有分配角色,无法访问该系统!"); |
|
|
|
if (loginSource == SourceType.SERVICE_HALL) roleIds.add(appBaseRoleId);// APP |
|
|
|
if (loginSource == SourceType.WECHAT) roleIds.add(miniProgramBaseRoleId);// 微信小程序 |
|
|
|
if (loginSource == SourceType.ALI) roleIds.add(zfbMiniProgramBaseRoleId);// 支付宝小程序 |
|
|
|
if (loginSource == SourceType.WEB && roleIds.size() > 1) |
|
|
|
throw GlyServiceError.BUSINESS_VALIDATE_ERR.toHandleException("该账号在一个系统中只能分配一个角色,该账户在该系统中分配了多个角色,暂时无法访问,请联系管理员处理!"); |
|
|
|
List<UserRoleUserMenu> userRoleUserMenuList = userRoleUserMenuRepo.getListByRoleIds(roleIds); |
|
|
|
|
|
|
|
//4、获取分好层级的所有菜单 |
|
|
|
List<RbacMenuListBySystemTypeAndOpenIdMenuVO> pMenuList = new ArrayList<>(); |
|
|
|
//4.1、判断是否查询到角色对应的分配的菜单 |
|
|
|
if (!CollectionUtils.isEmpty(userRoleUserMenuList)) { |
|
|
|
List<String> menuIds = new ArrayList<>(); |
|
|
|
List<UserMenu> menuList = new ArrayList<>(); |
|
|
|
|
|
|
|
menuIds.addAll(userRoleUserMenuList.stream().map(rm -> rm.getMenuId()).collect(Collectors.toList())); |
|
|
|
menuList.addAll(userMenuRepo.findAllById(menuIds)); |
|
|
|
|
|
|
|
//4.2、过滤被禁用的菜单 |
|
|
|
menuList = menuList.stream().filter(m -> RbacStatus.ENABLE.equals(m.getStatus())).collect(Collectors.toList()); |
|
|
|
|
|
|
|
//4.3、包装为vo类 |
|
|
|
List<RbacMenuListBySystemTypeAndOpenIdMenuVO> menuVoList = new ArrayList<>(); |
|
|
|
for (UserMenu userMenu : menuList) { |
|
|
|
RbacMenuListBySystemTypeAndOpenIdMenuVO menuVo = new RbacMenuListBySystemTypeAndOpenIdMenuVO(); |
|
|
|
BeanTools.copyProperties(userMenu, menuVo); |
|
|
|
menuVoList.add(menuVo); |
|
|
|
} |
|
|
|
|
|
|
|
//4.4、获取顶层父菜单 |
|
|
|
pMenuList = menuVoList.stream().filter(m -> 1 == m.getFloor()).collect(Collectors.toList()); |
|
|
|
; |
|
|
|
//4.5、顶级父菜单排序 |
|
|
|
pMenuList = pMenuList.stream().sorted((m1, m2) -> m1.getSort() - m2.getSort()).collect(Collectors.toList()); |
|
|
|
; |
|
|
|
//4.5、获取非顶层的父菜单 |
|
|
|
menuVoList = menuVoList.stream().filter(m -> 1 != m.getFloor()).collect(Collectors.toList()); |
|
|
|
; |
|
|
|
|
|
|
|
//4.6、为顶层父菜单配置子菜单 |
|
|
|
for (RbacMenuListBySystemTypeAndOpenIdMenuVO pMenu : pMenuList) { |
|
|
|
// List<MenuVo> subMenuList = new ArrayList<>(); |
|
|
|
// for (MenuVo subMenu : menuVoList) { |
|
|
|
// if (pMenu.getId().equals(subMenu.getPid())) { |
|
|
|
// subMenuList.add(subMenu); |
|
|
|
// } |
|
|
|
// } |
|
|
|
// //子菜单排序 |
|
|
|
// subMenuList = subMenuList.stream().sorted((m1, m2) -> m1.getSort() - m2.getSort()).collect(Collectors.toList());; |
|
|
|
// pMenu.setSubMenus(subMenuList); |
|
|
|
// pMenu.setHasPerm(false);//改成没有权限标识 |
|
|
|
// pMenu.setButtons(new ArrayList<>()); |
|
|
|
|
|
|
|
//TODO 目前是通过查询菜单列表的时候,同步把该角色在该菜单对应的权限标识,附在最底层的菜单中 |
|
|
|
//通过递归的方式,设置到最底层的子菜单 |
|
|
|
setSubByRole(pMenu, menuVoList, userRoleUserMenuList); |
|
|
|
} |
|
|
|
} |
|
|
|
|
|
|
|
return new RbacMenuListBySystemTypeAndOpenIdResponseDTO(pMenuList); |
|
|
|
} |
|
|
|
|
|
|
|
public void setSubByRole(RbacMenuListBySystemTypeAndOpenIdMenuVO pMenu, List<RbacMenuListBySystemTypeAndOpenIdMenuVO> menuList, List<UserRoleUserMenu> userRoleUserMenuList) throws ServiceHandleException { |
|
|
|
boolean hasSub = false; |
|
|
|
//设置该父菜单的子菜单 |
|
|
|
List<RbacMenuListBySystemTypeAndOpenIdMenuVO> subMenuList = new ArrayList<>(); |
|
|
|
for (RbacMenuListBySystemTypeAndOpenIdMenuVO subMenu : menuList) { |
|
|
|
if (pMenu.getId().equals(subMenu.getPid())) { |
|
|
|
subMenuList.add(subMenu); |
|
|
|
hasSub = true; |
|
|
|
} |
|
|
|
} |
|
|
|
|
|
|
|
//判断是否有子菜单 |
|
|
|
if (hasSub) { |
|
|
|
//子菜单排序 |
|
|
|
subMenuList = subMenuList.stream().sorted((m1, m2) -> m1.getSort() - m2.getSort()).collect(Collectors.toList()); |
|
|
|
; |
|
|
|
pMenu.setChildren(subMenuList); |
|
|
|
pMenu.setHasPerm(false);//改成没有权限标识 |
|
|
|
pMenu.setPerms(new ArrayList<>()); |
|
|
|
|
|
|
|
//有子菜单,则该父菜单的子菜单们继续递归 |
|
|
|
for (RbacMenuListBySystemTypeAndOpenIdMenuVO subMenu : pMenu.getChildren()) { |
|
|
|
setSubByRole(subMenu, menuList, userRoleUserMenuList); |
|
|
|
} |
|
|
|
} else { |
|
|
|
//无子菜单,则表明是最底层, |
|
|
|
pMenu.setChildren(new ArrayList<>()); |
|
|
|
pMenu.setHasPerm(true);//改成没有权限标识 |
|
|
|
//查询该菜单的所有权限标识 |
|
|
|
pMenu.setPerms(new ArrayList<>()); |
|
|
|
|
|
|
|
//在角色-菜单 中间表中,找到改菜单对应的所有角色 |
|
|
|
List<UserRoleUserMenu> roleMenuRelation = userRoleUserMenuList.stream().filter(urum -> urum.getMenuId().equals(pMenu.getId())).collect(Collectors.toList()); |
|
|
|
; |
|
|
|
List<String> roleIdList = roleMenuRelation.stream().map(r -> r.getRoleId()).collect(Collectors.toList()); |
|
|
|
; |
|
|
|
|
|
|
|
if (roleIdList != null && roleIdList.size() > 0) { |
|
|
|
//获取该用户在 该端、该系统、该菜单下,所有角色对应的权限标识 |
|
|
|
List<UserRoleMenuPerm> roleMenuPermRelation = userRoleMenuPermRepo.findListByRoleIdListAndMenuId(roleIdList, pMenu.getId()); |
|
|
|
|
|
|
|
if (roleMenuPermRelation != null && roleMenuPermRelation.size() > 0) { |
|
|
|
List<String> permIdList = roleMenuPermRelation.stream().map(r -> r.getPermId()).collect(Collectors.toList()); |
|
|
|
; |
|
|
|
//获取权限标识列表 |
|
|
|
List<UserPerm> permList = userPermRepo.findAllById(permIdList); |
|
|
|
List<RbacMenuListBySystemTypeAndOpenIdPermVO> permVoList = new ArrayList<>(); |
|
|
|
if (permList != null && permList.size() > 0) { |
|
|
|
//过滤禁用的权限标识 |
|
|
|
permList = permList.stream().filter(b -> b.getStatus().equals(RbacStatus.ENABLE)).collect(Collectors.toList()); |
|
|
|
; |
|
|
|
|
|
|
|
for (UserPerm perm : permList) { |
|
|
|
RbacMenuListBySystemTypeAndOpenIdPermVO permVo = new RbacMenuListBySystemTypeAndOpenIdPermVO(); |
|
|
|
BeanUtils.copyProperties(perm, permVo); |
|
|
|
permVoList.add(permVo); |
|
|
|
} |
|
|
|
} |
|
|
|
if (permVoList != null && permVoList.size() > 0) { |
|
|
|
//设置该菜单的所有权限标识 |
|
|
|
pMenu.setPerms(permVoList); |
|
|
|
} |
|
|
|
} |
|
|
|
} |
|
|
|
} |
|
|
|
} |
|
|
|
} |