2 月之前 · b4ac09c785
--- a/gly-base-core/src/main/java/cn/com/taiji/core/repo/jpa/user/AccountUserRoleRepo.java
+++ b/gly-base-core/src/main/java/cn/com/taiji/core/repo/jpa/user/AccountUserRoleRepo.java
@@ -49,9 +49,20 @@ public interface AccountUserRoleRepo extends AbstractJpaRepo<AccountUserRole, St

    /**
     * 根据用户openId查找该用户的系统访问权限
     *
     * @param openId
     * @return
     */
    @Query(nativeQuery = true, value =  " select b.system_type from user_account_role a, user_role b where a.role_id = b.id and b.status = 'ENABLE' and a.open_id = ?1")
    List<SystemType> findSystemTypeByOpenId(String openId);

    /**
     * 根据用户openId和systemType查找该用户的角色
     *
     * @param openId
     * @param systemType
     * @return
     */
    @Query(value = "select roleId from AccountUserRole where openId=?1 and systemType=?2")
    List<String> findRoleByOpenIdAndSystemType(String openId, SystemType systemType);
 }
--- a/gly-base-core/src/main/java/cn/com/taiji/core/repo/jpa/user/UserMenuRepo.java
+++ b/gly-base-core/src/main/java/cn/com/taiji/core/repo/jpa/user/UserMenuRepo.java
@@ -84,4 +84,7 @@ public interface UserMenuRepo extends AbstractJpaRepo<UserMenu, String> {

    @Query("from UserMenu where menuSource = 'WEB' AND status = 'ENABLE' AND link is not null")
    List<UserMenu> searchByName();

    @Query(value = " from UserMenu where status='ENABLE' and id in ( select menuId from UserRoleUserMenu where roleId in (?1)) order by floor, sort")
    List<UserMenu> listBy(List<String> roleIds);
 }
--- a/gly-base-core/src/main/java/cn/com/taiji/core/repo/jpa/user/UserPermRepo.java
+++ b/gly-base-core/src/main/java/cn/com/taiji/core/repo/jpa/user/UserPermRepo.java
@@ -2,12 +2,18 @@ package cn.com.taiji.core.repo.jpa.user;

 import cn.com.taiji.common.repo.jpa.AbstractJpaRepo;
 import cn.com.taiji.core.entity.dict.user.RbacStatus;
 import cn.com.taiji.core.entity.user.UserMenu;
 import cn.com.taiji.core.entity.user.UserPerm;
 import org.springframework.data.jpa.repository.Query;

 import java.util.List;


 /***
 *
 * @Author weicailin
 * @Date 2023/4/17 17:32
 * @Email 13079168756@163.com
 */
 public interface UserPermRepo extends AbstractJpaRepo<UserPerm, String> {


@@ -58,4 +64,7 @@ public interface UserPermRepo extends AbstractJpaRepo<UserPerm, String> {
    @Query("select count(*) from UserPerm where  menuId = ?2 and id in ?1")
    long countByIdListAndMenuId(List<String> buttonIdList, String menuId);

    @Query(value = " from UserPerm where status='ENABLE' and id in ( select permId from UserRoleMenuPerm where roleId in (?1)) ")
    List<UserPerm> listBy(List<String> roleIds);

 }
--- a/zhywpt-app-userw/src/main/java/cn/com/taiji/userw/api/rbac/RabcSystemTypeController.java
+++ b/zhywpt-app-userw/src/main/java/cn/com/taiji/userw/api/rbac/RabcSystemTypeController.java
@@ -50,4 +50,10 @@ public class RabcSystemTypeController extends MyValidController {
        return ApiResponse.of(rbacSystemTypeManager.systemTypeByOpneId(dto)).setMessage("获取小程序系统下的所有角色成功");
    }

    @ApiOperation(value = "根据系统类型和openId获取菜单列表")
    @PostMapping(value = "/menuListBySystemTypeAndOpenId")
    public ApiResponse<RbacMenuListBySystemTypeAndOpenIdResponseDTO> systemTypeByAccountRole(@RequestBody RbacMenuListBySystemTypeAndOpenIdRequestDTO dto) throws ServiceHandleException {
        return ApiResponse.of(rbacMenuManger.menuListBySystemTypeAndOpenId(dto)).setMessage("获取小程序系统下的所有角色成功");
    }

 }
--- a/zhywpt-app-userw/src/main/java/cn/com/taiji/userw/dto/rbac/RbacMenuListBySystemTypeAndOpenIdMenuVO.java
+++ b/zhywpt-app-userw/src/main/java/cn/com/taiji/userw/dto/rbac/RbacMenuListBySystemTypeAndOpenIdMenuVO.java
@@ -0,0 +1,35 @@
 package cn.com.taiji.userw.dto.rbac;

 import cn.com.taiji.common.model.BaseModel;
 import cn.com.taiji.core.entity.dict.user.IsEnable;
 import cn.com.taiji.core.entity.dict.user.RbacSource;
 import cn.com.taiji.core.entity.dict.user.RbacStatus;
 import cn.com.taiji.core.entity.dict.user.SystemType;
 import lombok.Getter;
 import lombok.Setter;
 import lombok.experimental.Accessors;

 import java.util.List;

@Getter
@Setter
@Accessors(chain = true)
 public class RbacMenuListBySystemTypeAndOpenIdMenuVO extends BaseModel {
    private String id;
    private String name;
    private String description;
    private String link;
    private String pid;
    private Integer floor;
    private Integer sort;
    private String insertTime;
    private String updateTime;
    private SystemType systemType;
    private RbacSource menuSource;
    private RbacStatus status;
    private String iconPath;
    private List<RbacMenuListBySystemTypeAndOpenIdMenuVO> children;
    private Boolean hasPerm;
    private List<RbacMenuListBySystemTypeAndOpenIdPermVO> perms;
    private IsEnable isRecommend;
 }
--- a/zhywpt-app-userw/src/main/java/cn/com/taiji/userw/dto/rbac/RbacMenuListBySystemTypeAndOpenIdPermVO.java
+++ b/zhywpt-app-userw/src/main/java/cn/com/taiji/userw/dto/rbac/RbacMenuListBySystemTypeAndOpenIdPermVO.java
@@ -0,0 +1,25 @@
 package cn.com.taiji.userw.dto.rbac;

 import cn.com.taiji.common.model.BaseModel;
 import cn.com.taiji.core.entity.dict.user.RbacSource;
 import cn.com.taiji.core.entity.dict.user.RbacStatus;
 import cn.com.taiji.core.entity.dict.user.SystemType;
 import lombok.Getter;
 import lombok.Setter;
 import lombok.experimental.Accessors;

@Getter
@Setter
@Accessors(chain = true)
 public class RbacMenuListBySystemTypeAndOpenIdPermVO extends BaseModel {
    private String id;
    private String description;// 备注
    private String permIdentity;// 按钮的权限标识
    private RbacStatus status;// 功能按钮是否启用  1：启用  2：不启用（默认）
    private Integer sort;
    private SystemType systemType;// 所属系统
    private RbacSource menuSource;// 按钮所属来源方
    private String insertTime;
    private String menuId;
 //    private SimpleMenuVo menuVo;// 按钮所在的菜单
 }
--- a/zhywpt-app-userw/src/main/java/cn/com/taiji/userw/dto/rbac/RbacMenuListBySystemTypeAndOpenIdRequestDTO.java
+++ b/zhywpt-app-userw/src/main/java/cn/com/taiji/userw/dto/rbac/RbacMenuListBySystemTypeAndOpenIdRequestDTO.java
@@ -0,0 +1,21 @@
 package cn.com.taiji.userw.dto.rbac;//package cn.com.taiji.core.model.comm.protocol.issues.portal;

 import cn.com.taiji.core.dto.AbstractBizRequestDTO;
 import cn.com.taiji.core.entity.dict.user.SystemType;
 import cn.com.taiji.core.model.comm.protocol.constraint.EnumInteger;
 import lombok.Getter;
 import lombok.Setter;
 import lombok.experimental.Accessors;

 import javax.validation.constraints.NotNull;

@Getter
@Setter
@Accessors(chain = true)
 public class RbacMenuListBySystemTypeAndOpenIdRequestDTO extends AbstractBizRequestDTO {

    @NotNull(message = "systemType不能为空")
    @EnumInteger(enumClazz = SystemType.class)
    private Integer systemType;

 }
--- a/zhywpt-app-userw/src/main/java/cn/com/taiji/userw/dto/rbac/RbacMenuListBySystemTypeAndOpenIdResponseDTO.java
+++ b/zhywpt-app-userw/src/main/java/cn/com/taiji/userw/dto/rbac/RbacMenuListBySystemTypeAndOpenIdResponseDTO.java
@@ -0,0 +1,20 @@
 package cn.com.taiji.userw.dto.rbac;//package cn.com.taiji.core.model.comm.protocol.issues.portal;

 import cn.com.taiji.common.model.BaseModel;
 import lombok.Getter;
 import lombok.Setter;
 import lombok.experimental.Accessors;

 import java.util.List;


@Getter
@Setter
@Accessors(chain = true)
 public class RbacMenuListBySystemTypeAndOpenIdResponseDTO extends BaseModel {
    private List<RbacMenuListBySystemTypeAndOpenIdMenuVO> menuList;

    public RbacMenuListBySystemTypeAndOpenIdResponseDTO(List<RbacMenuListBySystemTypeAndOpenIdMenuVO> menuList) {
        this.menuList = menuList;
    }
 }
--- a/zhywpt-app-userw/src/main/java/cn/com/taiji/userw/manager/rbac/RbacMenuManger.java
+++ b/zhywpt-app-userw/src/main/java/cn/com/taiji/userw/manager/rbac/RbacMenuManger.java
@@ -2,10 +2,7 @@ package cn.com.taiji.userw.manager.rbac;


 import cn.com.taiji.common.manager.net.http.ServiceHandleException;
 import cn.com.taiji.userw.dto.rbac.RbacMenuListBySystemTypeRequestDTO;
 import cn.com.taiji.userw.dto.rbac.RbacMenuListBySystemTypeResponseDTO;
 import cn.com.taiji.userw.dto.rbac.SystemTypeListByRbacSourceRequestDTO;
 import cn.com.taiji.userw.dto.rbac.SystemTypeListByRbacSourceResponseDTO;
 import cn.com.taiji.userw.dto.rbac.*;


 public interface RbacMenuManger {
@@ -13,4 +10,6 @@ public interface RbacMenuManger {
    RbacMenuListBySystemTypeResponseDTO getMenuListBySystemType(RbacMenuListBySystemTypeRequestDTO request) throws ServiceHandleException;

    SystemTypeListByRbacSourceResponseDTO getSystemTypeListByRbacSource(SystemTypeListByRbacSourceRequestDTO dto);

    RbacMenuListBySystemTypeAndOpenIdResponseDTO menuListBySystemTypeAndOpenId(RbacMenuListBySystemTypeAndOpenIdRequestDTO dto) throws ServiceHandleException;
 }
--- a/zhywpt-app-userw/src/main/java/cn/com/taiji/userw/manager/rbac/RbacMenuMangerImpl.java
+++ b/zhywpt-app-userw/src/main/java/cn/com/taiji/userw/manager/rbac/RbacMenuMangerImpl.java
@@ -2,21 +2,24 @@ package cn.com.taiji.userw.manager.rbac;

 import cn.com.taiji.common.manager.net.http.ServiceHandleException;
 import cn.com.taiji.common.pub.BeanTools;
 import cn.com.taiji.common.pub.CommonAbstract;
 import cn.com.taiji.core.entity.dict.basic.SourceType;
 import cn.com.taiji.core.entity.dict.user.RbacSource;
 import cn.com.taiji.core.entity.dict.user.RbacStatus;
 import cn.com.taiji.core.entity.dict.user.SystemType;
 import cn.com.taiji.core.entity.user.*;
 import cn.com.taiji.core.entity.user.UserMenu;
 import cn.com.taiji.core.entity.user.UserPerm;
 import cn.com.taiji.core.entity.user.UserRoleMenuPerm;
 import cn.com.taiji.core.entity.user.UserRoleUserMenu;
 import cn.com.taiji.core.manager.cache.RedisCacheManager;
 import cn.com.taiji.core.model.comm.protocol.valid.GlyServiceError;
 import cn.com.taiji.core.repo.jpa.user.*;
 import cn.com.taiji.userw.dto.rbac.RbacMenuListBySystemTypeRequestDTO;
 import cn.com.taiji.userw.dto.rbac.RbacMenuListBySystemTypeResponseDTO;
 import cn.com.taiji.userw.dto.rbac.SystemTypeListByRbacSourceRequestDTO;
 import cn.com.taiji.userw.dto.rbac.SystemTypeListByRbacSourceResponseDTO;
 import cn.com.taiji.userw.dto.rbac.*;
 import cn.com.taiji.userw.model.rbac.MenuModel;
 import cn.com.taiji.userw.model.rbac.PermModel;
 import cn.com.taiji.userw.model.rbac.SystemTypeMode;
 import org.springframework.beans.BeanUtils;
 import org.springframework.stereotype.Service;
 import org.springframework.util.CollectionUtils;

 import javax.annotation.Resource;
 import java.util.ArrayList;
@@ -25,8 +28,18 @@ import java.util.stream.Collectors;


@Service
 public class RbacMenuMangerImpl extends CommonAbstract implements RbacMenuManger {
 public class RbacMenuMangerImpl extends RedisCacheManager implements RbacMenuManger {

    private final static String appBaseRoleId = "d1eb3eebfac846d39aea7d39aea7s365";
    private final static String miniProgramBaseRoleId = "d1eb3eebfac846d39aea7d39aea7s124";
    private final static String zfbMiniProgramBaseRoleId = "7acb029592c84738a8f509af6e179ffc";

    @Resource
    private AccountUserRoleRepo accountUserRoleRepo;
    @Resource
    private UserRoleMenuPermRepo userRoleMenuPermRepo;
    @Resource
    private UserRoleUserMenuRepo userRoleUserMenuRepo;
    @Resource
    private UserMenuRepo userMenuRepo;

@@ -95,8 +108,6 @@ public class RbacMenuMangerImpl extends CommonAbstract implements RbacMenuManger
    }




    public void setSub(MenuModel pMenu, List<MenuModel> menuList) throws ServiceHandleException {
        boolean hasSub = false;
        //设置该父菜单的子菜单
@@ -149,4 +160,150 @@ public class RbacMenuMangerImpl extends CommonAbstract implements RbacMenuManger
        }
    }

    @Override
    public RbacMenuListBySystemTypeAndOpenIdResponseDTO menuListBySystemTypeAndOpenId(RbacMenuListBySystemTypeAndOpenIdRequestDTO dto) throws ServiceHandleException {
        //TODO 根据登录来源方区分
        // 小程序：则查询AccountUserRole中 根据openId、SystemType.MINI_PROGRAM、LoginSource.MINI_PROGRAM 去找，然后再额外分配一个基本角色
        // APP：则查询AccountUserRole中 根据openId和SystemType.COMMON、LoginSource.MINI_PROGRAM 去找，然后再额外分配一个基本角色
        // WEB：则查询AccountUserRole中 根据openId和SystemType.xitong、LoginSource.MINI_PROGRAM 去找
        // ...
        // 注册账号的时候就进行角色分配？还是固定有一个基本角色的概念在
        // 目前做法：创建了一个基本角色，可以去给基本角色去进行菜单分配，
        // 每个人在进入小程序的时候会默认分配一个基本角色，然后再去查询，在小程序中该账号是否又分配了其他的角色，并返回这些角色
        // 每个人在进入APP的时候会默认分配一个基本角色，然后再去查询，在小程序中该账号是否又分配了其他的角色，并返回这些角色
        String openId = findOpenIdByToken(dto.getAccessToken());
        SystemType systemType = SystemType.fromCode(dto.getSystemType());
        if (systemType == null) throw GlyServiceError.BUSINESS_VALIDATE_ERR.toHandleException("系统类型错误");
        SourceType loginSource = SourceType.findByCode(dto.getLoginSource());
        if (loginSource == null) throw GlyServiceError.BUSINESS_VALIDATE_ERR.toHandleException("来源错误");
        List<String> roleIds = accountUserRoleRepo.findRoleByOpenIdAndSystemType(openId, systemType);
        if (isEmpty(roleIds))
            throw GlyServiceError.BUSINESS_VALIDATE_ERR.toHandleException("该账号在该系统中没有分配角色，无法访问该系统！");
        if (loginSource == SourceType.SERVICE_HALL) roleIds.add(appBaseRoleId);// APP
        if (loginSource == SourceType.WECHAT) roleIds.add(miniProgramBaseRoleId);// 微信小程序
        if (loginSource == SourceType.ALI) roleIds.add(zfbMiniProgramBaseRoleId);// 支付宝小程序
        if (loginSource == SourceType.WEB && roleIds.size() > 1)
            throw GlyServiceError.BUSINESS_VALIDATE_ERR.toHandleException("该账号在一个系统中只能分配一个角色，该账户在该系统中分配了多个角色，暂时无法访问，请联系管理员处理！");
        List<UserRoleUserMenu> userRoleUserMenuList = userRoleUserMenuRepo.getListByRoleIds(roleIds);

        //4、获取分好层级的所有菜单
        List<RbacMenuListBySystemTypeAndOpenIdMenuVO> pMenuList = new ArrayList<>();
        //4.1、判断是否查询到角色对应的分配的菜单
        if (!CollectionUtils.isEmpty(userRoleUserMenuList)) {
            List<String> menuIds = new ArrayList<>();
            List<UserMenu> menuList = new ArrayList<>();

            menuIds.addAll(userRoleUserMenuList.stream().map(rm -> rm.getMenuId()).collect(Collectors.toList()));
            menuList.addAll(userMenuRepo.findAllById(menuIds));

            //4.2、过滤被禁用的菜单
            menuList = menuList.stream().filter(m -> RbacStatus.ENABLE.equals(m.getStatus())).collect(Collectors.toList());

            //4.3、包装为vo类
            List<RbacMenuListBySystemTypeAndOpenIdMenuVO> menuVoList = new ArrayList<>();
            for (UserMenu userMenu : menuList) {
                RbacMenuListBySystemTypeAndOpenIdMenuVO menuVo = new RbacMenuListBySystemTypeAndOpenIdMenuVO();
                BeanTools.copyProperties(userMenu, menuVo);
                menuVoList.add(menuVo);
            }

            //4.4、获取顶层父菜单
            pMenuList = menuVoList.stream().filter(m -> 1 == m.getFloor()).collect(Collectors.toList());
            ;
            //4.5、顶级父菜单排序
            pMenuList = pMenuList.stream().sorted((m1, m2) -> m1.getSort() - m2.getSort()).collect(Collectors.toList());
            ;
            //4.5、获取非顶层的父菜单
            menuVoList = menuVoList.stream().filter(m -> 1 != m.getFloor()).collect(Collectors.toList());
            ;

            //4.6、为顶层父菜单配置子菜单
            for (RbacMenuListBySystemTypeAndOpenIdMenuVO pMenu : pMenuList) {
 //            List<MenuVo> subMenuList = new ArrayList<>();
 //            for (MenuVo subMenu : menuVoList) {
 //                if (pMenu.getId().equals(subMenu.getPid())) {
 //                    subMenuList.add(subMenu);
 //                }
 //            }
 //            //子菜单排序
 //            subMenuList = subMenuList.stream().sorted((m1, m2) -> m1.getSort() - m2.getSort()).collect(Collectors.toList());;
 //            pMenu.setSubMenus(subMenuList);
 //            pMenu.setHasPerm(false);//改成没有权限标识
 //            pMenu.setButtons(new ArrayList<>());

                //TODO 目前是通过查询菜单列表的时候，同步把该角色在该菜单对应的权限标识，附在最底层的菜单中
                //通过递归的方式，设置到最底层的子菜单
                setSubByRole(pMenu, menuVoList, userRoleUserMenuList);
            }
        }

        return new RbacMenuListBySystemTypeAndOpenIdResponseDTO(pMenuList);
    }

    public void setSubByRole(RbacMenuListBySystemTypeAndOpenIdMenuVO pMenu, List<RbacMenuListBySystemTypeAndOpenIdMenuVO> menuList, List<UserRoleUserMenu> userRoleUserMenuList) throws ServiceHandleException {
        boolean hasSub = false;
        //设置该父菜单的子菜单
        List<RbacMenuListBySystemTypeAndOpenIdMenuVO> subMenuList = new ArrayList<>();
        for (RbacMenuListBySystemTypeAndOpenIdMenuVO subMenu : menuList) {
            if (pMenu.getId().equals(subMenu.getPid())) {
                subMenuList.add(subMenu);
                hasSub = true;
            }
        }

        //判断是否有子菜单
        if (hasSub) {
            //子菜单排序
            subMenuList = subMenuList.stream().sorted((m1, m2) -> m1.getSort() - m2.getSort()).collect(Collectors.toList());
            ;
            pMenu.setChildren(subMenuList);
            pMenu.setHasPerm(false);//改成没有权限标识
            pMenu.setPerms(new ArrayList<>());

            //有子菜单，则该父菜单的子菜单们继续递归
            for (RbacMenuListBySystemTypeAndOpenIdMenuVO subMenu : pMenu.getChildren()) {
                setSubByRole(subMenu, menuList, userRoleUserMenuList);
            }
        } else {
            //无子菜单，则表明是最底层，
            pMenu.setChildren(new ArrayList<>());
            pMenu.setHasPerm(true);//改成没有权限标识
            //查询该菜单的所有权限标识
            pMenu.setPerms(new ArrayList<>());

            //在角色-菜单 中间表中，找到改菜单对应的所有角色
            List<UserRoleUserMenu> roleMenuRelation = userRoleUserMenuList.stream().filter(urum -> urum.getMenuId().equals(pMenu.getId())).collect(Collectors.toList());
            ;
            List<String> roleIdList = roleMenuRelation.stream().map(r -> r.getRoleId()).collect(Collectors.toList());
            ;

            if (roleIdList != null && roleIdList.size() > 0) {
                //获取该用户在 该端、该系统、该菜单下，所有角色对应的权限标识
                List<UserRoleMenuPerm> roleMenuPermRelation = userRoleMenuPermRepo.findListByRoleIdListAndMenuId(roleIdList, pMenu.getId());

                if (roleMenuPermRelation != null && roleMenuPermRelation.size() > 0) {
                    List<String> permIdList = roleMenuPermRelation.stream().map(r -> r.getPermId()).collect(Collectors.toList());
                    ;
                    //获取权限标识列表
                    List<UserPerm> permList = userPermRepo.findAllById(permIdList);
                    List<RbacMenuListBySystemTypeAndOpenIdPermVO> permVoList = new ArrayList<>();
                    if (permList != null && permList.size() > 0) {
                        //过滤禁用的权限标识
                        permList = permList.stream().filter(b -> b.getStatus().equals(RbacStatus.ENABLE)).collect(Collectors.toList());
                        ;

                        for (UserPerm perm : permList) {
                            RbacMenuListBySystemTypeAndOpenIdPermVO permVo = new RbacMenuListBySystemTypeAndOpenIdPermVO();
                            BeanUtils.copyProperties(perm, permVo);
                            permVoList.add(permVo);
                        }
                    }
                    if (permVoList != null && permVoList.size() > 0) {
                        //设置该菜单的所有权限标识
                        pMenu.setPerms(permVoList);
                    }
                }
            }
        }
    }
 }
--- a/zhywpt-app-userw/src/main/java/cn/com/taiji/userw/manager/rbac/RbacSystemTypeManagerImpl.java
+++ b/zhywpt-app-userw/src/main/java/cn/com/taiji/userw/manager/rbac/RbacSystemTypeManagerImpl.java
@@ -6,9 +6,7 @@ import cn.com.taiji.core.entity.dict.user.SystemType;
 import cn.com.taiji.core.manager.cache.RedisCacheManager;
 import cn.com.taiji.core.model.comm.protocol.valid.GlyServiceError;
 import cn.com.taiji.core.repo.jpa.user.AccountUserRoleRepo;
 import cn.com.taiji.userw.dto.rbac.RbacSystemTypeByOpenIdRequestDTO;
 import cn.com.taiji.userw.dto.rbac.RbacSystemTypeByOpenIdResponseDTO;
 import cn.com.taiji.userw.dto.rbac.RbacSystemTypeByOpenIdVO;
 import cn.com.taiji.userw.dto.rbac.*;
 import org.apache.commons.compress.utils.Lists;
 import org.springframework.beans.factory.annotation.Autowired;
 import org.springframework.stereotype.Service;
@@ -54,4 +52,6 @@ public class RbacSystemTypeManagerImpl extends RedisCacheManager implements Rbac
        vo.setCode(type.getCode());
        return vo;
    }


 }