diff --git a/epmet-commons/epmet-commons-mybatis/src/main/java/com/epmet/commons/mybatis/aspect/DataFilterAspect.java b/epmet-commons/epmet-commons-mybatis/src/main/java/com/epmet/commons/mybatis/aspect/DataFilterAspect.java index b9431a6c48..13910a6f3a 100644 --- a/epmet-commons/epmet-commons-mybatis/src/main/java/com/epmet/commons/mybatis/aspect/DataFilterAspect.java +++ b/epmet-commons/epmet-commons-mybatis/src/main/java/com/epmet/commons/mybatis/aspect/DataFilterAspect.java @@ -8,8 +8,10 @@ package com.epmet.commons.mybatis.aspect; +import com.epmet.commons.mybatis.annotation.DataFilter; import com.epmet.commons.mybatis.constant.OpeScopeConstant; import com.epmet.commons.mybatis.dto.form.OperationScopeDTO; +import com.epmet.commons.mybatis.dto.form.OperationScopeFormDTO; import com.epmet.commons.mybatis.dto.form.StaffPermCacheResultDTO; import com.epmet.commons.mybatis.dto.form.StaffPermissionFormDTO; import com.epmet.commons.mybatis.entity.DataScope; @@ -23,6 +25,7 @@ import org.apache.commons.lang3.StringUtils; import org.aspectj.lang.JoinPoint; import org.aspectj.lang.annotation.Aspect; import org.aspectj.lang.annotation.Before; +import org.aspectj.lang.reflect.MethodSignature; import org.slf4j.Logger; import org.slf4j.LoggerFactory; import org.springframework.beans.factory.annotation.Autowired; @@ -53,15 +56,11 @@ public class DataFilterAspect { @Before("@annotation(com.epmet.commons.mybatis.annotation.DataFilter)") public void dataFilter(JoinPoint point) { - // 反射的方式 - //MethodSignature signature = (MethodSignature) point.getSignature(); - //Class[] parameterTypes = signature.getParameterTypes(); - //for (Class parameterType : parameterTypes) { - // if (parameterType == DataScope.class) { - // - // } - //} + // 通过反射,取到注解属性 + DataFilter dataFilterAnno = ((MethodSignature) point.getSignature()).getMethod().getAnnotation(DataFilter.class); + String tableAlias = dataFilterAnno.tableAlias(); + // 从ThreadLocal中取所需权限 String requirePermission = AccessOpeAspect.requirePermissionTl.get(); // 没有配置所需权限,不做操作,打印提示日志 if (StringUtils.isBlank(requirePermission)) { @@ -69,10 +68,14 @@ public class DataFilterAspect { return; } + String app = loginUserUtil.getLoginUserApp(); + String client = loginUserUtil.getLoginUserClient(); + String userId = loginUserUtil.getLoginUserId(); + StaffPermissionFormDTO staffPermissionFormDTO = new StaffPermissionFormDTO(); - staffPermissionFormDTO.setApp(loginUserUtil.getLoginUserApp()); - staffPermissionFormDTO.setClient(loginUserUtil.getLoginUserClient()); - staffPermissionFormDTO.setStaffId(loginUserUtil.getLoginUserId()); + staffPermissionFormDTO.setApp(app); + staffPermissionFormDTO.setClient(client); + staffPermissionFormDTO.setStaffId(userId); Result result = govAccessFeignClient.getStaffCurrPermissions(staffPermissionFormDTO); if (result.getCode() != 0) { @@ -91,10 +94,17 @@ public class DataFilterAspect { // 校验操作权限 validateOpePermission(permCacheResultDTO.getPermissions(), requirePermission); + // 生成过滤sql Object[] methodArgs = point.getArgs(); for (Object methodArg : methodArgs) { if (methodArg instanceof DataScope) { - ((DataScope) methodArg).setSqlFilter(getSqlFilterSegment(permCacheResultDTO.getRoleIdList(), requirePermission, permCacheResultDTO.getOrgIdPath())); + ((DataScope) methodArg).setSqlFilter(getSqlFilterSegment( + userId, + permCacheResultDTO.getRoleIdList(), + requirePermission, + permCacheResultDTO.getOrgIdPath(), + permCacheResultDTO.getGridId(), + tableAlias)); return; } } @@ -118,56 +128,111 @@ public class DataFilterAspect { * * @return */ - private String getSqlFilterSegment(Set roleIds, String reqiurePermission, String orgIdPath) { + private String getSqlFilterSegment(String userId,Set roleIds, String reqiurePermission, String orgIdPath, String gridId, String tableAlias) { // 根据角色列表查询操作范围列表 - // todo 暂停,先模拟数据 - //roleIds.forEach(roleId -> { - // OperationScopeFormDTO osformDto = new OperationScopeFormDTO(); - // osformDto.setRoleId(roleId); - // osformDto.setOperationKey(reqiurePermission); - // Result> result = govAccessFeignClient.getOperationScopesByRoleId(osformDto); - // List scopeDTOS = result.getData(); - //}); - Set scopeDTOS = genScopeDtos(); - - // 过滤有效范围 + Set scopeDTOS = new HashSet<>(); + roleIds.forEach(roleId -> { + OperationScopeFormDTO osformDto = new OperationScopeFormDTO(); + osformDto.setRoleId(roleId); + osformDto.setOperationKey(reqiurePermission); + Result> result = govAccessFeignClient.getOperationScopesByRoleId(osformDto); + if (result.success()) { + scopeDTOS.addAll(result.getData()); + } + }); + + // 过滤范围 HashSet scopes = filteScopes(scopeDTOS); + if (CollectionUtils.isEmpty(scopes)) { + // 没有范围限制 + return ""; + } + StringBuilder sb = new StringBuilder(); + + // 1.生成sql:组织范围过滤 + genOrgScopeSql(sb, orgIdPath, scopes, tableAlias); + + // 2.生成sql:我发起的 + genIStartedSql(sb, userId, tableAlias); + + // 3.生成sql:本网格的 + genInGrid(sb, gridId, tableAlias); + + //sb.append(")"); + System.out.println("生成的过滤sql:" + sb.toString()); + return sb.toString(); + } + + /** + * 网格sql + * @param sb + * @param gridId + * @param tableAlias + */ + private void genInGrid(StringBuilder sb, String gridId, String tableAlias) { + if (StringUtils.isBlank(tableAlias)) { + sb.append(" OR GRID_ID ='").append(gridId).append("'"); + } else { + sb.append(" OR ").append(tableAlias).append(".GRID_ID ='").append(gridId).append("'"); + } + } + + /** + * sql:我发起的 + * @param userId + */ + private void genIStartedSql(StringBuilder sb, String userId, String tableAlias) { + if (StringUtils.isBlank(tableAlias)) { + sb.append(" OR CREATED_BY ='").append(userId).append("'"); + } else { + sb.append(" OR ").append(tableAlias).append(".CREATED_BY ='").append(userId).append("'"); + } + } + /** + * 计算组织范围过滤sql,整体入口 + * @param sb + * @param orgIdPath + * @param scopes + */ + public void genOrgScopeSql(StringBuilder sb, String orgIdPath, HashSet scopes, String tableAlias) { // 取出父组织ID path 和当前组织ID String pOrgPath = orgIdPath.substring(0, orgIdPath.lastIndexOf(orgIdPathSpliter)); String currOrgPath = orgIdPath.substring(orgIdPath.lastIndexOf(orgIdPathSpliter) + 1); - - StringBuilder sb = new StringBuilder(" AND ("); - getOrgScopeSql(sb, scopes, currOrgPath, pOrgPath); + genOrgScopeSql(sb, scopes, currOrgPath, pOrgPath, tableAlias); sb.replace(sb.lastIndexOf("OR"), sb.lastIndexOf("OR") + 3, ""); - sb.append(") "); - // 拼接sql语句 - sb.replace(141,142,""); - // TODO - return ""; } /** - * 计算范围过滤sql + * 计算组织范围过滤sql * @param scopes * @param currOrg * @param pOrgPath * @return */ - private void getOrgScopeSql(StringBuilder sb,HashSet scopes, String currOrg, String pOrgPath) { + private void genOrgScopeSql(StringBuilder sb,HashSet scopes, String currOrg, String pOrgPath, String tableAlias) { for (String scope : scopes) { switch (scope) { case OpeScopeConstant.ORG_CURR: - getAgencyCurrScopedSql(sb, currOrg); - sb.append(" OR "); + if (StringUtils.isBlank(tableAlias)) { + sb.append(" ORG_ID = '").append(currOrg).append("' OR "); + } else { + sb.append(" ").append(tableAlias).append(".ORG_ID = '").append(currOrg).append("' OR "); + } break; case OpeScopeConstant.ORG_CURR_AND_SUB: - getAgencyCurrAndSubScopedSql(sb, pOrgPath); - sb.append(" OR "); + if (StringUtils.isBlank(tableAlias)) { + sb.append(" ORG_ID_PATH like '").append(pOrgPath).append("%' ").append(" OR "); + } else { + sb.append(" ").append(tableAlias).append(".ORG_ID_PATH like '").append(pOrgPath).append("%' ").append(" OR "); + } break; case OpeScopeConstant.ORG_CURR_SUB: - getAgencyCurrSubScopedSql(sb, pOrgPath, currOrg); - sb.append(" OR "); + if (StringUtils.isBlank(tableAlias)) { + sb.append(" ORG_ID_PATH like '").append(pOrgPath).append(orgIdPathSpliter).append(currOrg).append("%' ").append(" OR "); + } else { + sb.append(" ").append(tableAlias).append(".ORG_ID_PATH like '").append(pOrgPath).append(orgIdPathSpliter).append(currOrg).append("%' ").append(" OR "); + } break; case OpeScopeConstant.ORG_EQUAL: // todo 同级 @@ -185,32 +250,6 @@ public class DataFilterAspect { } } - /** - * 本身 - * @param sb - * @param orgId - */ - public void getAgencyCurrScopedSql(StringBuilder sb,String orgId) { - sb.append(" ORG_ID = ").append(orgId); - } - - /** - * 本身及子级 - * @param sb - * @param pOrgIdPath - */ - public void getAgencyCurrAndSubScopedSql(StringBuilder sb,String pOrgIdPath) { - sb.append(" ORG_ID_PATH like '").append(pOrgIdPath).append("%'"); - } - - /** - * 子级组织(不含本身) - * @param sb - */ - public void getAgencyCurrSubScopedSql(StringBuilder sb,String pOrgIdPath, String currOrgIdPath) { - sb.append("ORG_ID_PATH like '").append(pOrgIdPath).append(orgIdPathSpliter).append(currOrgIdPath).append("%'"); - } - /** * 过滤有效范围 * diff --git a/epmet-commons/epmet-commons-mybatis/src/main/java/com/epmet/commons/mybatis/dto/form/OperationScopeDTO.java b/epmet-commons/epmet-commons-mybatis/src/main/java/com/epmet/commons/mybatis/dto/form/OperationScopeDTO.java index 494cff66b9..3e65b753d7 100644 --- a/epmet-commons/epmet-commons-mybatis/src/main/java/com/epmet/commons/mybatis/dto/form/OperationScopeDTO.java +++ b/epmet-commons/epmet-commons-mybatis/src/main/java/com/epmet/commons/mybatis/dto/form/OperationScopeDTO.java @@ -39,6 +39,11 @@ public class OperationScopeDTO implements Serializable { */ private String id; + /** + * 角色id + */ + private String roleId; + /** * 范围key */ diff --git a/epmet-commons/epmet-commons-mybatis/src/main/java/com/epmet/commons/mybatis/dto/form/StaffPermCacheResultDTO.java b/epmet-commons/epmet-commons-mybatis/src/main/java/com/epmet/commons/mybatis/dto/form/StaffPermCacheResultDTO.java index 6f37ef7033..7775756b38 100644 --- a/epmet-commons/epmet-commons-mybatis/src/main/java/com/epmet/commons/mybatis/dto/form/StaffPermCacheResultDTO.java +++ b/epmet-commons/epmet-commons-mybatis/src/main/java/com/epmet/commons/mybatis/dto/form/StaffPermCacheResultDTO.java @@ -22,4 +22,9 @@ public class StaffPermCacheResultDTO { */ private String orgIdPath; + /** + * 网格ID + */ + private String gridId; + } diff --git a/epmet-commons/epmet-commons-mybatis/src/main/java/com/epmet/commons/mybatis/feign/GovAccessFeignClient.java b/epmet-commons/epmet-commons-mybatis/src/main/java/com/epmet/commons/mybatis/feign/GovAccessFeignClient.java index 4d04adc835..50b20890e7 100644 --- a/epmet-commons/epmet-commons-mybatis/src/main/java/com/epmet/commons/mybatis/feign/GovAccessFeignClient.java +++ b/epmet-commons/epmet-commons-mybatis/src/main/java/com/epmet/commons/mybatis/feign/GovAccessFeignClient.java @@ -34,6 +34,6 @@ public interface GovAccessFeignClient { * @return */ @PostMapping("/gov/access/access/operationscopes") - Result> getOperationScopesByRoleId(OperationScopeFormDTO operationScopeFormDTO); + Result> getOperationScopesByRoleId(OperationScopeFormDTO operationScopeFormDTO); } diff --git a/epmet-commons/epmet-commons-mybatis/src/main/java/com/epmet/commons/mybatis/feign/fallback/GovAccessFeignClientFallback.java b/epmet-commons/epmet-commons-mybatis/src/main/java/com/epmet/commons/mybatis/feign/fallback/GovAccessFeignClientFallback.java index 2f5b9287a1..6dfa1b89cc 100644 --- a/epmet-commons/epmet-commons-mybatis/src/main/java/com/epmet/commons/mybatis/feign/fallback/GovAccessFeignClientFallback.java +++ b/epmet-commons/epmet-commons-mybatis/src/main/java/com/epmet/commons/mybatis/feign/fallback/GovAccessFeignClientFallback.java @@ -10,7 +10,7 @@ import com.epmet.commons.tools.utils.ModuleUtils; import com.epmet.commons.tools.utils.Result; import org.springframework.stereotype.Component; -import java.util.List; +import java.util.Set; /** * 调用政府端权限 @@ -27,7 +27,7 @@ public class GovAccessFeignClientFallback implements GovAccessFeignClient { } @Override - public Result> getOperationScopesByRoleId(OperationScopeFormDTO operationScopeFormDTO) { + public Result> getOperationScopesByRoleId(OperationScopeFormDTO operationScopeFormDTO) { return ModuleUtils.feignConError(ServiceConstant.GOV_ACCESS_SERVER, "getOperationScopesByRoleId", operationScopeFormDTO); } } diff --git a/epmet-commons/epmet-commons-mybatis/src/main/java/com/epmet/commons/mybatis/interceptor/DataFilterInterceptor.java b/epmet-commons/epmet-commons-mybatis/src/main/java/com/epmet/commons/mybatis/interceptor/DataFilterInterceptor.java index 046c012da4..d26f7525a1 100644 --- a/epmet-commons/epmet-commons-mybatis/src/main/java/com/epmet/commons/mybatis/interceptor/DataFilterInterceptor.java +++ b/epmet-commons/epmet-commons-mybatis/src/main/java/com/epmet/commons/mybatis/interceptor/DataFilterInterceptor.java @@ -10,9 +10,9 @@ package com.epmet.commons.mybatis.interceptor; import com.baomidou.mybatisplus.core.conditions.query.QueryWrapper; import com.baomidou.mybatisplus.core.toolkit.PluginUtils; -import com.baomidou.mybatisplus.core.toolkit.StringUtils; import com.baomidou.mybatisplus.extension.handlers.AbstractSqlParserHandler; import com.epmet.commons.mybatis.entity.DataScope; +import org.apache.commons.lang3.StringUtils; import org.apache.ibatis.executor.statement.StatementHandler; import org.apache.ibatis.mapping.BoundSql; import org.apache.ibatis.mapping.MappedStatement; @@ -43,10 +43,10 @@ public class DataFilterInterceptor extends AbstractSqlParserHandler implements I this.sqlParser(metaObject); // 先判断是不是SELECT操作 - MappedStatement mappedStatement = (MappedStatement) metaObject.getValue("delegate.mappedStatement"); - if (!SqlCommandType.SELECT.equals(mappedStatement.getSqlCommandType())) { - return invocation.proceed(); - } + //MappedStatement mappedStatement = (MappedStatement) metaObject.getValue("delegate.mappedStatement"); + //if (!SqlCommandType.SELECT.equals(mappedStatement.getSqlCommandType())) { + // return invocation.proceed(); + //} // 针对定义了rowBounds,做为mapper接口方法的参数 BoundSql boundSql = (BoundSql) metaObject.getValue("delegate.boundSql"); @@ -79,12 +79,18 @@ public class DataFilterInterceptor extends AbstractSqlParserHandler implements I // 拼接新SQL String orderBy = "ORDER BY"; String groupBy = "GROUP BY"; + String sqlFilter = scope.getSqlFilter(); + if (originalSql.indexOf("WHERE") == 0) { + // 不包含where,需要手动拼接上 + sqlFilter = " WHERE ".concat(sqlFilter); + } + if (originalSql.indexOf(groupBy) > -1) { - originalSql = originalSql.replace(groupBy, scope.getSqlFilter() + groupBy); + originalSql = originalSql.replace(groupBy, sqlFilter + groupBy); } else if (originalSql.indexOf(orderBy) > -1) { - originalSql = originalSql.replace(orderBy, scope.getSqlFilter() + orderBy); + originalSql = originalSql.replace(orderBy, sqlFilter + orderBy); } else { - originalSql = originalSql + scope.getSqlFilter(); + originalSql = originalSql.concat(" AND (").concat(scope.getSqlFilter()).concat(")"); } // 重写SQL diff --git a/epmet-commons/epmet-commons-tools/src/main/java/com/epmet/commons/tools/redis/RedisKeys.java b/epmet-commons/epmet-commons-tools/src/main/java/com/epmet/commons/tools/redis/RedisKeys.java index 199e38e235..6598010561 100644 --- a/epmet-commons/epmet-commons-tools/src/main/java/com/epmet/commons/tools/redis/RedisKeys.java +++ b/epmet-commons/epmet-commons-tools/src/main/java/com/epmet/commons/tools/redis/RedisKeys.java @@ -207,4 +207,14 @@ public class RedisKeys { public static String getLoginSmsCodeKey(String app, String client, String phone) { return String.format(rootPrefix+"smsCode:login:%s:%s:%s",app,client,phone); } + + /** + * 角色的操作权限对应的可操作范围 + * @param roleId 角色ID + * @param opeKey 操作Key + * @return + */ + public static String getRoleOpeScopesKey(String roleId, String opeKey) { + return rootPrefix.concat("gov:access:role:opescopes:").concat(roleId).concat(opeKey); + } } diff --git a/epmet-module/gov-access/gov-access-client/src/main/java/com/epmet/dto/result/RoleOpeScopeResultDTO.java b/epmet-module/gov-access/gov-access-client/src/main/java/com/epmet/dto/result/RoleOpeScopeResultDTO.java new file mode 100644 index 0000000000..fbafb374e7 --- /dev/null +++ b/epmet-module/gov-access/gov-access-client/src/main/java/com/epmet/dto/result/RoleOpeScopeResultDTO.java @@ -0,0 +1,28 @@ +package com.epmet.dto.result; + +import lombok.Data; + +@Data +public class RoleOpeScopeResultDTO { + + /** + * 角色ID + */ + private String roleId; + + /** + * 范围key + */ + private String scopeKey; + + /** + * 范围名称 + */ + private String scopeName; + + /** + * 范围序号 + */ + private String scopeIndex; + +} diff --git a/epmet-module/gov-access/gov-access-client/src/main/java/com/epmet/dto/result/StaffPermCacheResultDTO.java b/epmet-module/gov-access/gov-access-client/src/main/java/com/epmet/dto/result/StaffPermCacheResultDTO.java index 0f6be83e72..ce24cf9501 100644 --- a/epmet-module/gov-access/gov-access-client/src/main/java/com/epmet/dto/result/StaffPermCacheResultDTO.java +++ b/epmet-module/gov-access/gov-access-client/src/main/java/com/epmet/dto/result/StaffPermCacheResultDTO.java @@ -23,4 +23,9 @@ public class StaffPermCacheResultDTO { */ private String orgIdPath; + /** + * 网格ID + */ + private String gridId; + } diff --git a/epmet-module/gov-access/gov-access-server/src/main/java/com/epmet/controller/AccessController.java b/epmet-module/gov-access/gov-access-server/src/main/java/com/epmet/controller/AccessController.java index d60f7cb528..e34df14a06 100644 --- a/epmet-module/gov-access/gov-access-server/src/main/java/com/epmet/controller/AccessController.java +++ b/epmet-module/gov-access/gov-access-server/src/main/java/com/epmet/controller/AccessController.java @@ -6,6 +6,7 @@ import com.epmet.commons.tools.validator.ValidatorUtils; import com.epmet.dto.OperationScopeDTO; import com.epmet.dto.form.OperationScopeFormDTO; import com.epmet.dto.form.StaffPermCacheFormDTO; +import com.epmet.dto.result.RoleOpeScopeResultDTO; import com.epmet.dto.result.StaffPermCacheResultDTO; import com.epmet.entity.OperationScopeEntity; import com.epmet.service.AccessService; @@ -62,26 +63,19 @@ public class AccessController { resultDTO.setPermissions(govTokenDto.getPermissions()); resultDTO.setRoleIdList(govTokenDto.getRoleIdList()); resultDTO.setOrgIdPath(govTokenDto.getOrgIdPath()); + resultDTO.setGridId(govTokenDto.getGridId()); } return new Result().ok(resultDTO); } /** - * 查询角色的操作key对应操作范围列表(需要入缓存) + * 查询角色的操作key对应操作范围列表(缓存) * @return */ - // todo 需要加缓存 @PostMapping("operationscopes") - public Result> getOperationScopesByRoleId(@RequestBody OperationScopeFormDTO operationScopeFormDTO) { + public Result> getOperationScopesByRoleId(@RequestBody OperationScopeFormDTO operationScopeFormDTO) { ValidatorUtils.validateEntity(operationScopeFormDTO, OperationScopeFormDTO.ListOperationScopeGroup.class); - List scopes = accessService.listOperationScopesByRoleId(operationScopeFormDTO.getRoleId(), operationScopeFormDTO.getOperationKey()); - ArrayList scopeDtos = new ArrayList<>(); - scopes.forEach(scope -> { - OperationScopeDTO scopeDTO = new OperationScopeDTO(); - BeanUtils.copyProperties(scope, scopeDTO); - scopeDtos.add(scopeDTO); - }); - - return new Result>().ok(scopeDtos); + Set scopes = accessService.listOperationScopesByRoleId(operationScopeFormDTO.getRoleId(), operationScopeFormDTO.getOperationKey()); + return new Result>().ok(scopes); } } diff --git a/epmet-module/gov-access/gov-access-server/src/main/java/com/epmet/dao/OperationScopeDao.java b/epmet-module/gov-access/gov-access-server/src/main/java/com/epmet/dao/OperationScopeDao.java index a944cdd628..4ac02b7f91 100644 --- a/epmet-module/gov-access/gov-access-server/src/main/java/com/epmet/dao/OperationScopeDao.java +++ b/epmet-module/gov-access/gov-access-server/src/main/java/com/epmet/dao/OperationScopeDao.java @@ -18,12 +18,14 @@ package com.epmet.dao; import com.epmet.commons.mybatis.dao.BaseDao; +import com.epmet.dto.result.RoleOpeScopeResultDTO; import com.epmet.entity.OperationScopeEntity; import org.apache.ibatis.annotations.Mapper; import org.apache.ibatis.annotations.Param; import org.springframework.context.annotation.Scope; import java.util.List; +import java.util.Set; /** * 权限范围表 @@ -40,6 +42,6 @@ public interface OperationScopeDao extends BaseDao { * @param operationKey 操作key * @return */ - List listOperationScopesByRoleId(@Param("roleId") String roleId, - @Param("operationKey") String operationKey); + Set listOperationScopesByRoleId(@Param("roleId") String roleId, + @Param("operationKey") String operationKey); } \ No newline at end of file diff --git a/epmet-module/gov-access/gov-access-server/src/main/java/com/epmet/redis/OperationScopeRedis.java b/epmet-module/gov-access/gov-access-server/src/main/java/com/epmet/redis/OperationScopeRedis.java deleted file mode 100644 index 3f5a7c6562..0000000000 --- a/epmet-module/gov-access/gov-access-server/src/main/java/com/epmet/redis/OperationScopeRedis.java +++ /dev/null @@ -1,47 +0,0 @@ -/** - * Copyright 2018 人人开源 https://www.renren.io - *

- * This program is free software: you can redistribute it and/or modify - * it under the terms of the GNU General Public License as published by - * the Free Software Foundation, either version 3 of the License, or - * (at your option) any later version. - *

- * This program is distributed in the hope that it will be useful, - * but WITHOUT ANY WARRANTY; without even the implied warranty of - * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the - * GNU General Public License for more details. - *

- * You should have received a copy of the GNU General Public License - * along with this program. If not, see . - */ - -package com.epmet.redis; - -import com.epmet.commons.tools.redis.RedisUtils; -import org.springframework.beans.factory.annotation.Autowired; -import org.springframework.stereotype.Component; - -/** - * 权限范围表 - * - * @author generator generator@elink-cn.com - * @since v1.0.0 2020-04-24 - */ -@Component -public class OperationScopeRedis { - @Autowired - private RedisUtils redisUtils; - - public void delete(Object[] ids) { - - } - - public void set(){ - - } - - public String get(String id){ - return null; - } - -} \ No newline at end of file diff --git a/epmet-module/gov-access/gov-access-server/src/main/java/com/epmet/redis/RoleOpeScopeRedis.java b/epmet-module/gov-access/gov-access-server/src/main/java/com/epmet/redis/RoleOpeScopeRedis.java new file mode 100644 index 0000000000..cd929c692d --- /dev/null +++ b/epmet-module/gov-access/gov-access-server/src/main/java/com/epmet/redis/RoleOpeScopeRedis.java @@ -0,0 +1,43 @@ +package com.epmet.redis; + +import cn.hutool.core.bean.BeanUtil; +import com.epmet.commons.tools.redis.RedisKeys; +import com.epmet.commons.tools.redis.RedisUtils; +import com.epmet.dto.result.RoleOpeScopeResultDTO; +import org.springframework.beans.factory.annotation.Autowired; +import org.springframework.stereotype.Component; + +import java.util.Set; + +/** + * 角色的操作权限对应的操作范围Redis + */ +@Component +public class RoleOpeScopeRedis { + + @Autowired + private RedisUtils redisUtils; + + /** + * 缓存角色操作范围 + * @param roleId + * @param opeKey + * @param scopes + */ + public void setRoleOpeScopes(String roleId, String opeKey, Set scopes) { + String roleOpeScopesKey = RedisKeys.getRoleOpeScopesKey(roleId, opeKey); + redisUtils.set(roleOpeScopesKey, scopes); + } + + /** + * 查询角色操作范围 + * @param roleId + * @param opeKey + * @return + */ + public Set getRoleOpeScopes(String roleId, String opeKey) { + String roleOpeScopesKey = RedisKeys.getRoleOpeScopesKey(roleId, opeKey); + return (Set)redisUtils.get(roleOpeScopesKey); + } + +} diff --git a/epmet-module/gov-access/gov-access-server/src/main/java/com/epmet/redis/RoleOperationRedis.java b/epmet-module/gov-access/gov-access-server/src/main/java/com/epmet/redis/RoleOperationRedis.java deleted file mode 100644 index d57c02ebde..0000000000 --- a/epmet-module/gov-access/gov-access-server/src/main/java/com/epmet/redis/RoleOperationRedis.java +++ /dev/null @@ -1,47 +0,0 @@ -/** - * Copyright 2018 人人开源 https://www.renren.io - *

- * This program is free software: you can redistribute it and/or modify - * it under the terms of the GNU General Public License as published by - * the Free Software Foundation, either version 3 of the License, or - * (at your option) any later version. - *

- * This program is distributed in the hope that it will be useful, - * but WITHOUT ANY WARRANTY; without even the implied warranty of - * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the - * GNU General Public License for more details. - *

- * You should have received a copy of the GNU General Public License - * along with this program. If not, see . - */ - -package com.epmet.redis; - -import com.epmet.commons.tools.redis.RedisUtils; -import org.springframework.beans.factory.annotation.Autowired; -import org.springframework.stereotype.Component; - -/** - * 角色能进行那些操作 - * - * @author generator generator@elink-cn.com - * @since v1.0.0 2020-04-22 - */ -@Component -public class RoleOperationRedis { - @Autowired - private RedisUtils redisUtils; - - public void delete(Object[] ids) { - - } - - public void set(){ - - } - - public String get(String id){ - return null; - } - -} \ No newline at end of file diff --git a/epmet-module/gov-access/gov-access-server/src/main/java/com/epmet/redis/RoleScopeRedis.java b/epmet-module/gov-access/gov-access-server/src/main/java/com/epmet/redis/RoleScopeRedis.java deleted file mode 100644 index 1198f8651a..0000000000 --- a/epmet-module/gov-access/gov-access-server/src/main/java/com/epmet/redis/RoleScopeRedis.java +++ /dev/null @@ -1,47 +0,0 @@ -/** - * Copyright 2018 人人开源 https://www.renren.io - *

- * This program is free software: you can redistribute it and/or modify - * it under the terms of the GNU General Public License as published by - * the Free Software Foundation, either version 3 of the License, or - * (at your option) any later version. - *

- * This program is distributed in the hope that it will be useful, - * but WITHOUT ANY WARRANTY; without even the implied warranty of - * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the - * GNU General Public License for more details. - *

- * You should have received a copy of the GNU General Public License - * along with this program. If not, see . - */ - -package com.epmet.redis; - -import com.epmet.commons.tools.redis.RedisUtils; -import org.springframework.beans.factory.annotation.Autowired; -import org.springframework.stereotype.Component; - -/** - * 角色能操作哪些范围 - * - * @author generator generator@elink-cn.com - * @since v1.0.0 2020-04-24 - */ -@Component -public class RoleScopeRedis { - @Autowired - private RedisUtils redisUtils; - - public void delete(Object[] ids) { - - } - - public void set(){ - - } - - public String get(String id){ - return null; - } - -} \ No newline at end of file diff --git a/epmet-module/gov-access/gov-access-server/src/main/java/com/epmet/service/AccessService.java b/epmet-module/gov-access/gov-access-server/src/main/java/com/epmet/service/AccessService.java index 4355b2714b..df16e1e9df 100644 --- a/epmet-module/gov-access/gov-access-server/src/main/java/com/epmet/service/AccessService.java +++ b/epmet-module/gov-access/gov-access-server/src/main/java/com/epmet/service/AccessService.java @@ -1,6 +1,7 @@ package com.epmet.service; import com.epmet.commons.tools.security.dto.GovTokenDto; +import com.epmet.dto.result.RoleOpeScopeResultDTO; import com.epmet.entity.OperationScopeEntity; import java.util.List; @@ -26,5 +27,5 @@ public interface AccessService { * @param operationKey * @return */ - List listOperationScopesByRoleId(String roleId, String operationKey); + Set listOperationScopesByRoleId(String roleId, String operationKey); } diff --git a/epmet-module/gov-access/gov-access-server/src/main/java/com/epmet/service/impl/AccessServiceImpl.java b/epmet-module/gov-access/gov-access-server/src/main/java/com/epmet/service/impl/AccessServiceImpl.java index 95b01a1f0c..34e458ec6a 100644 --- a/epmet-module/gov-access/gov-access-server/src/main/java/com/epmet/service/impl/AccessServiceImpl.java +++ b/epmet-module/gov-access/gov-access-server/src/main/java/com/epmet/service/impl/AccessServiceImpl.java @@ -1,9 +1,11 @@ package com.epmet.service.impl; +import com.epmet.commons.tools.exception.ExceptionUtils; import com.epmet.commons.tools.security.dto.GovTokenDto; import com.epmet.commons.tools.utils.CpUserDetailRedis; import com.epmet.dao.OperationScopeDao; -import com.epmet.entity.OperationScopeEntity; +import com.epmet.dto.result.RoleOpeScopeResultDTO; +import com.epmet.redis.RoleOpeScopeRedis; import com.epmet.service.AccessService; import org.slf4j.Logger; import org.slf4j.LoggerFactory; @@ -11,8 +13,6 @@ import org.springframework.beans.factory.annotation.Autowired; import org.springframework.stereotype.Service; import org.springframework.util.CollectionUtils; -import java.util.HashSet; -import java.util.List; import java.util.Set; @Service @@ -26,6 +26,9 @@ public class AccessServiceImpl implements AccessService { @Autowired private OperationScopeDao operationScopeDao; + @Autowired + private RoleOpeScopeRedis roleOpeScopeRedis; + /** * 更新权限缓存 * @param staffId @@ -60,7 +63,18 @@ public class AccessServiceImpl implements AccessService { * @param operationKey * @return */ - public List listOperationScopesByRoleId(String roleId, String operationKey) { - return operationScopeDao.listOperationScopesByRoleId(roleId, operationKey); + public Set listOperationScopesByRoleId(String roleId, String operationKey) { + Set roleOpeScopes = roleOpeScopeRedis.getRoleOpeScopes(roleId, operationKey); + if (roleOpeScopes != null) { + return roleOpeScopes; + } + Set scopes = operationScopeDao.listOperationScopesByRoleId(roleId, operationKey); + try { + roleOpeScopeRedis.setRoleOpeScopes(roleId, operationKey, scopes); + } catch (Exception e) { + String errorStackTrace = ExceptionUtils.getErrorStackTrace(e); + logger.error("GovAccess:查询角色的操作范围:缓存范围出错:{}", errorStackTrace); + } + return scopes; } } diff --git a/epmet-module/gov-access/gov-access-server/src/main/java/com/epmet/service/impl/OperationScopeServiceImpl.java b/epmet-module/gov-access/gov-access-server/src/main/java/com/epmet/service/impl/OperationScopeServiceImpl.java index fe8f8b4079..e582395fe2 100644 --- a/epmet-module/gov-access/gov-access-server/src/main/java/com/epmet/service/impl/OperationScopeServiceImpl.java +++ b/epmet-module/gov-access/gov-access-server/src/main/java/com/epmet/service/impl/OperationScopeServiceImpl.java @@ -26,7 +26,6 @@ import com.epmet.commons.tools.constant.FieldConstant; import com.epmet.dao.OperationScopeDao; import com.epmet.dto.OperationScopeDTO; import com.epmet.entity.OperationScopeEntity; -import com.epmet.redis.OperationScopeRedis; import com.epmet.service.OperationScopeService; import org.apache.commons.lang3.StringUtils; import org.springframework.beans.factory.annotation.Autowired; @@ -46,8 +45,6 @@ import java.util.Map; @Service public class OperationScopeServiceImpl extends BaseServiceImpl implements OperationScopeService { - @Autowired - private OperationScopeRedis operationScopeRedis; @Override public PageData page(Map params) { diff --git a/epmet-module/gov-access/gov-access-server/src/main/java/com/epmet/service/impl/RoleOperationServiceImpl.java b/epmet-module/gov-access/gov-access-server/src/main/java/com/epmet/service/impl/RoleOperationServiceImpl.java index bb6d914d2e..a690363b33 100644 --- a/epmet-module/gov-access/gov-access-server/src/main/java/com/epmet/service/impl/RoleOperationServiceImpl.java +++ b/epmet-module/gov-access/gov-access-server/src/main/java/com/epmet/service/impl/RoleOperationServiceImpl.java @@ -27,7 +27,6 @@ import com.epmet.dao.RoleOperationDao; import com.epmet.dto.RoleOperationDTO; import com.epmet.dto.result.RoleOperationResultDTO; import com.epmet.entity.RoleOperationEntity; -import com.epmet.redis.RoleOperationRedis; import com.epmet.service.RoleOperationService; import org.apache.commons.lang3.StringUtils; import org.springframework.beans.factory.annotation.Autowired; @@ -47,9 +46,6 @@ import java.util.Map; @Service public class RoleOperationServiceImpl extends BaseServiceImpl implements RoleOperationService { - @Autowired - private RoleOperationRedis roleOperationRedis; - @Override public PageData page(Map params) { IPage page = baseDao.selectPage( diff --git a/epmet-module/gov-access/gov-access-server/src/main/java/com/epmet/service/impl/RoleScopeServiceImpl.java b/epmet-module/gov-access/gov-access-server/src/main/java/com/epmet/service/impl/RoleScopeServiceImpl.java index 4417549965..bff52f8d64 100644 --- a/epmet-module/gov-access/gov-access-server/src/main/java/com/epmet/service/impl/RoleScopeServiceImpl.java +++ b/epmet-module/gov-access/gov-access-server/src/main/java/com/epmet/service/impl/RoleScopeServiceImpl.java @@ -26,7 +26,6 @@ import com.epmet.commons.tools.constant.FieldConstant; import com.epmet.dao.RoleScopeDao; import com.epmet.dto.RoleScopeDTO; import com.epmet.entity.RoleScopeEntity; -import com.epmet.redis.RoleScopeRedis; import com.epmet.service.RoleScopeService; import org.apache.commons.lang3.StringUtils; import org.springframework.beans.factory.annotation.Autowired; @@ -46,9 +45,6 @@ import java.util.Map; @Service public class RoleScopeServiceImpl extends BaseServiceImpl implements RoleScopeService { - @Autowired - private RoleScopeRedis roleScopeRedis; - @Override public PageData page(Map params) { IPage page = baseDao.selectPage( diff --git a/epmet-module/gov-access/gov-access-server/src/main/resources/db.migration/epmet_gov_access.sql b/epmet-module/gov-access/gov-access-server/src/main/resources/db.migration/epmet_gov_access.sql index 6bcbc33e76..93d8c2a148 100644 --- a/epmet-module/gov-access/gov-access-server/src/main/resources/db.migration/epmet_gov_access.sql +++ b/epmet-module/gov-access/gov-access-server/src/main/resources/db.migration/epmet_gov_access.sql @@ -10,6 +10,7 @@ CREATE TABLE `operation_scope` ( `ID` varchar(64) CHARACTER SET utf8mb4 COLLATE utf8mb4_general_ci NOT NULL COMMENT 'id', `SCOPE_KEY` varchar(30) CHARACTER SET utf8mb4 COLLATE utf8mb4_general_ci NOT NULL COMMENT '范围key', `SCOPE_NAME` varchar(30) CHARACTER SET utf8mb4 COLLATE utf8mb4_general_ci NOT NULL COMMENT '范围名称', + `SCOPE_INDEX` varchar(30) CHARACTER SET utf8mb4 COLLATE utf8mb4_general_ci NOT NULL COMMENT '范围序号', `DEL_FLAG` tinyint(1) NULL DEFAULT NULL COMMENT '是否删除,0:未删除,1:已删除', `REVISION` int(10) NULL DEFAULT NULL COMMENT '乐观锁', `CREATED_BY` varchar(64) CHARACTER SET utf8mb4 COLLATE utf8mb4_general_ci NULL DEFAULT NULL COMMENT '创建者id', diff --git a/epmet-module/gov-access/gov-access-server/src/main/resources/mapper/OperationScopeDao.xml b/epmet-module/gov-access/gov-access-server/src/main/resources/mapper/OperationScopeDao.xml index dd4554f5d8..ab6839e941 100644 --- a/epmet-module/gov-access/gov-access-server/src/main/resources/mapper/OperationScopeDao.xml +++ b/epmet-module/gov-access/gov-access-server/src/main/resources/mapper/OperationScopeDao.xml @@ -16,13 +16,13 @@ - + select os.SCOPE_KEY, os.SCOPE_NAME, rs.ROLE_ID, os.SCOPE_INDEX from role_scope rs - inner join operation_scope os - on (rs.SCOPE_KEY = os.SCOPE_KEY) + inner join operation_scope os + on (rs.SCOPE_KEY = os.SCOPE_KEY) where rs.ROLE_ID = #{roleId} - and rs.OPERATION_KEY = #{operationKey} + and rs.OPERATION_KEY = #{operationKey} diff --git a/epmet-module/gov-mine/gov-mine-server/src/main/java/com/epmet/feign/GovAccessFeignClient.java b/epmet-module/gov-mine/gov-mine-server/src/main/java/com/epmet/feign/GovAccessFeignClient.java index 8cb514ad3f..b41a5e59ca 100644 --- a/epmet-module/gov-mine/gov-mine-server/src/main/java/com/epmet/feign/GovAccessFeignClient.java +++ b/epmet-module/gov-mine/gov-mine-server/src/main/java/com/epmet/feign/GovAccessFeignClient.java @@ -16,7 +16,7 @@ import java.util.List; * @Description * @Author sun */ -@FeignClient(name = ServiceConstant.GOV_ACCESS_SERVER, fallback = GovAccessFeignClientFallback.class) +@FeignClient(name = ServiceConstant.GOV_ACCESS_SERVER, fallback = GovAccessFeignClientFallback.class, url = "localhost:8099") public interface GovAccessFeignClient { /**