新增iaw用户菜单查询

zhywpt-app-iaw/src/main/java/cn/com/taiji/iaw/api/portal/PortalController.java

@@ -175,5 +175,12 @@ public class PortalController extends MyValidController {
         return ApiResponse.success().setMessage("切换ETC账户成功");
     }
 
+    @ApiOperation(value = "根据openId和菜单id，获取用户在该菜单下的权限标识")
+    @PostMapping(value = "/permsByOpenIdAndMenuId")
+    public ApiResponse<RbacPermListByOpenIdAndMenuIdResponseDTO> permsByOpenIdAndMenuId(@Valid @RequestBody RbacPermListByOpenIdAndMenuIdRequestDTO dto) throws ManagerException {
+        RbacPermListByOpenIdAndMenuIdResponseDTO res = portalManager.listByOpenIdAndMenuId(dto);
+        return ApiResponse.of(res).setMessage("操作成功");
+    }
+
 
 }

zhywpt-app-iaw/src/main/java/cn/com/taiji/iaw/dto/portal/RbacPermListByOpenIdAndMenuIdRequestDTO.java

@@ -0,0 +1,16 @@
+package cn.com.taiji.iaw.dto.portal;
+
+import cn.com.taiji.core.dto.AbstractBizRequestDTO;
+import lombok.Getter;
+import lombok.Setter;
+import lombok.experimental.Accessors;
+
+import javax.validation.constraints.NotBlank;
+
+@Getter
+@Setter
+@Accessors(chain = true)
+public class RbacPermListByOpenIdAndMenuIdRequestDTO extends AbstractBizRequestDTO {
+    @NotBlank(message = "菜单id不能为空")
+    private String menuId;
+}

zhywpt-app-iaw/src/main/java/cn/com/taiji/iaw/dto/portal/RbacPermListByOpenIdAndMenuIdResponseDTO.java

@@ -0,0 +1,15 @@
+package cn.com.taiji.iaw.dto.portal;
+
+import cn.com.taiji.common.model.BaseModel;
+import lombok.Getter;
+import lombok.Setter;
+import lombok.experimental.Accessors;
+
+import java.util.List;
+
+@Getter
+@Setter
+@Accessors(chain = true)
+public class RbacPermListByOpenIdAndMenuIdResponseDTO extends BaseModel {
+    private List<String> data;
+}

zhywpt-app-iaw/src/main/java/cn/com/taiji/iaw/manager/portal/PortalManager.java

@@ -53,4 +53,7 @@ public interface PortalManager {
     RbacMenuListBySystemTypeAndOpenIdResponseDTO menuListBySystemTypeAndOpenId(RbacMenuListBySystemTypeAndOpenIdRequestDTO dto) throws ServiceHandleException;
 
     void etcChange(CommRequestDTO dto) throws ManagerException;
+
+    RbacPermListByOpenIdAndMenuIdResponseDTO listByOpenIdAndMenuId(RbacPermListByOpenIdAndMenuIdRequestDTO dto) throws ServiceHandleException;
+
 }

zhywpt-app-iaw/src/main/java/cn/com/taiji/iaw/manager/portal/PortalManagerImpl.java

@@ -24,6 +24,7 @@ import cn.com.taiji.iaw.dto.comm.ChangeMobileCensorChangeMobileRequestDTO;
 import cn.com.taiji.iaw.dto.issue.order.GetAccountInfoResponseDTO;
 import cn.com.taiji.iaw.dto.portal.*;
 import cn.com.taiji.iaw.manager.AbstractCommManager;
+import com.google.common.collect.Lists;
 import org.springframework.beans.BeanUtils;
 import org.springframework.beans.factory.annotation.Autowired;
 import org.springframework.stereotype.Service;
@@ -344,4 +345,47 @@ public class PortalManagerImpl extends AbstractCommManager implements PortalMana
         //更新缓存
         redisManager.set(RedisKeyGenerator.getLoginAccountInfoKey(dto.getAccessToken()), accountInfo.toJson(), LoginCacheFinals.LOGIN_TOKEN_EXPIRED, TimeUnit.MINUTES);
     }
+
+    @Override
+    public RbacPermListByOpenIdAndMenuIdResponseDTO listByOpenIdAndMenuId(RbacPermListByOpenIdAndMenuIdRequestDTO dto) throws ServiceHandleException {
+        String openId = findOpenIdByToken(dto.getAccessToken());
+        UserMenu menu = userMenuRepo.findMenuById(dto.getMenuId());
+        if (menu == null) throw GlyServiceError.BUSINESS_VALIDATE_ERR.toHandleException("菜单不存在");
+        SourceType loginSource = SourceType.findByCode(dto.getLoginSource());
+        if (loginSource == null) throw GlyServiceError.BUSINESS_VALIDATE_ERR.toHandleException("来源错误");
+        if (!isMatch(loginSource, menu.getSystemType()))
+            throw GlyServiceError.BUSINESS_VALIDATE_ERR.toHandleException("登录来源方与菜单所属系统不匹配，请核实入参！");
+        List<String> roleIds = Lists.newArrayList();
+        List<String> others = accountUserRoleRepo.findRoleByOpenIdAndSystemType(openId, menu.getSystemType());
+        if (!isEmpty(others))
+            roleIds.addAll(others);
+        if (loginSource == SourceType.SERVICE_HALL) roleIds.add(appBaseRoleId);// APP
+        if (loginSource == SourceType.WECHAT) roleIds.add(miniProgramBaseRoleId);// 微信小程序
+        if (loginSource == SourceType.ALI) roleIds.add(zfbMiniProgramBaseRoleId);// 支付宝小程序
+        if (isEmpty(roleIds))
+            throw GlyServiceError.BUSINESS_VALIDATE_ERR.toHandleException("该账号在该系统中没有分配角色，无法访问该系统！");
+        if (loginSource == SourceType.WEB && roleIds.size() > 1)
+            throw GlyServiceError.BUSINESS_VALIDATE_ERR.toHandleException("该账号在一个系统中只能分配一个角色，该账户在该系统中分配了多个角色，暂时无法访问，请联系管理员处理！");
+        List<UserPerm> perms = userPermRepo.listBy(roleIds, menu.getId());
+        List<String> permIdentitys = perms.stream().map(UserPerm::getPermIdentity).distinct().collect(Collectors.toList());
+        RbacPermListByOpenIdAndMenuIdResponseDTO res = new RbacPermListByOpenIdAndMenuIdResponseDTO();
+        res.setData(permIdentitys);
+        return res;
+    }
+
+    private boolean isMatch(SourceType loginSource, SystemType systemType) {
+        switch (loginSource) {
+            case SERVICE_HALL:
+                return systemType == SystemType.APP;
+            case ALI:
+                return systemType == SystemType.ZFB_MINI_PROGRAM;
+            case WECHAT:
+                return systemType == SystemType.MINI_PROGRAM;
+            case WEB:
+                return !Lists.newArrayList(SystemType.APP, SystemType.ZFB_MINI_PROGRAM, SystemType.MINI_PROGRAM).contains(systemType);
+            default:
+                return false;
+        }
+    }
+
 }