diff --git a/epmet-commons/epmet-commons-mybatis/src/main/java/com/epmet/commons/mybatis/handler/FieldMetaObjectHandler.java b/epmet-commons/epmet-commons-mybatis/src/main/java/com/epmet/commons/mybatis/handler/FieldMetaObjectHandler.java index f0afe84833..de796f3760 100644 --- a/epmet-commons/epmet-commons-mybatis/src/main/java/com/epmet/commons/mybatis/handler/FieldMetaObjectHandler.java +++ b/epmet-commons/epmet-commons-mybatis/src/main/java/com/epmet/commons/mybatis/handler/FieldMetaObjectHandler.java @@ -97,10 +97,18 @@ public class FieldMetaObjectHandler implements MetaObjectHandler { } public Object getCustomerIdByFieldValue(MetaObject metaObject) { - if (metaObject.hasSetter(FieldConstant.CUSTOMER_ID_HUMP)) { - return loginUserUtil.getLoginUserCustomerId(); + if (!metaObject.hasSetter(FieldConstant.CUSTOMER_ID_HUMP)) { + // 如果该entity对象,没有customerId属性,那么返回null; + return null; } - return null; + + Object customerId; + customerId = getFieldValByName(FieldConstant.CUSTOMER_ID_HUMP, metaObject); + if (customerId != null && !customerId.equals("")) { + // 看entity是否手动设置了,设置了就用设置的 + return customerId; + } + return loginUserUtil.getLoginUserCustomerId(); } public Object getCreatedTimeByFieldValue(MetaObject metaObject) { diff --git a/epmet-commons/epmet-commons-tools/src/main/java/com/epmet/commons/tools/exception/EpmetErrorCode.java b/epmet-commons/epmet-commons-tools/src/main/java/com/epmet/commons/tools/exception/EpmetErrorCode.java index b23c50ee42..80885587be 100644 --- a/epmet-commons/epmet-commons-tools/src/main/java/com/epmet/commons/tools/exception/EpmetErrorCode.java +++ b/epmet-commons/epmet-commons-tools/src/main/java/com/epmet/commons/tools/exception/EpmetErrorCode.java @@ -129,6 +129,7 @@ public enum EpmetErrorCode { OPER_UPLOAD_IMG_TYPE_ERROR(8716, "请上传PNG格式的图片"), OPER_UPLOAD_IMG_SIZE_ERROR(8717, "请上传200*200的图片"), OPER_CORS_CONFIG_ERROR(8718, "跨域配置错误"), + ACCESS_CONFIG_ERROR(8719, "权限配置错误"), // 党建声音 前端提示 88段 DRAFT_CONTENT_IS_NULL(8801, "至少需要添加一个段落"), diff --git a/epmet-module/data-aggregator/data-aggregator-server/src/main/java/com/epmet/dataaggre/controller/GovOrgController.java b/epmet-module/data-aggregator/data-aggregator-server/src/main/java/com/epmet/dataaggre/controller/GovOrgController.java index 6f52f37e7c..064669c50d 100644 --- a/epmet-module/data-aggregator/data-aggregator-server/src/main/java/com/epmet/dataaggre/controller/GovOrgController.java +++ b/epmet-module/data-aggregator/data-aggregator-server/src/main/java/com/epmet/dataaggre/controller/GovOrgController.java @@ -80,7 +80,7 @@ public class GovOrgController { * @date 2021.07.05 11:14 */ @PostMapping("gridmemberdataanalysis") - //@RequirePermission(requirePermission = RequirePermissionEnum.MORE_GRID_MEMBER_STATS_ANALYSIS) + @RequirePermission(requirePermission = RequirePermissionEnum.MORE_GRID_MEMBER_STATS_ANALYSIS) public Result getGridMemberDataAnalysis(@RequestBody GridMemberDataAnalysisFromDTO input) { ValidatorUtils.validateEntity(input, GridMemberDataAnalysisFromDTO.listGridMemberDatas.class); diff --git a/epmet-module/gov-access/gov-access-client/src/main/java/com/epmet/dto/form/AccessConfigAdd4RoletFormDTO.java b/epmet-module/gov-access/gov-access-client/src/main/java/com/epmet/dto/form/AccessConfigAdd4RoletFormDTO.java index d2a6770d41..657cb271f0 100644 --- a/epmet-module/gov-access/gov-access-client/src/main/java/com/epmet/dto/form/AccessConfigAdd4RoletFormDTO.java +++ b/epmet-module/gov-access/gov-access-client/src/main/java/com/epmet/dto/form/AccessConfigAdd4RoletFormDTO.java @@ -18,10 +18,13 @@ public class AccessConfigAdd4RoletFormDTO { // 为角色添加多个操作 public interface AddMultiOperations4RoleGroup {} - @NotBlank(message = "角色Key不能为空", groups = { AddSingleOperation4RoleGroup.class }) + //为角色添加单个操作,从默认配置里面查询,而不从前端传 + public interface AddSingleOperations4RoleByDefault {} + + @NotBlank(message = "角色Key不能为空", groups = { AddSingleOperation4RoleGroup.class, AddSingleOperations4RoleByDefault.class }) private String roleKey; - @NotBlank(message = "操作Key不能为空", groups = { AddSingleOperation4RoleGroup.class }) + @NotBlank(message = "操作Key不能为空", groups = { AddSingleOperation4RoleGroup.class, AddSingleOperations4RoleByDefault.class }) private String operationKey; private List scopeKeys; diff --git a/epmet-module/gov-access/gov-access-server/src/main/java/com/epmet/controller/AccessConfigController.java b/epmet-module/gov-access/gov-access-server/src/main/java/com/epmet/controller/AccessConfigController.java index 49ab6f6f9d..71ce7c3ec5 100644 --- a/epmet-module/gov-access/gov-access-server/src/main/java/com/epmet/controller/AccessConfigController.java +++ b/epmet-module/gov-access/gov-access-server/src/main/java/com/epmet/controller/AccessConfigController.java @@ -135,6 +135,22 @@ public class AccessConfigController { return new Result(); } + /** + * @Description 根据默认配置,为所有客户的某角色,配置某操作及其范围 + * @return + * @author wxz + * @date 2021.07.01 16:07 + */ + @PostMapping("add-ope-and-scopes-4role/by-default-conf") + public Result addOpeAndScopes4RoleByDefaultConf(@RequestBody AccessConfigAdd4RoletFormDTO form) { + ValidatorUtils.validateEntity(form, AccessConfigAdd4RoletFormDTO.AddSingleOperations4RoleByDefault.class); + String roleKey = form.getRoleKey(); + String operationKey = form.getOperationKey(); + + accessConfigService.addOpeAndScopes4RoleByDefaultConf(roleKey, operationKey); + return new Result(); + } + /** * @Description 给角色添加单个操作权限和操作范围 * @return diff --git a/epmet-module/gov-access/gov-access-server/src/main/java/com/epmet/service/AccessConfigService.java b/epmet-module/gov-access/gov-access-server/src/main/java/com/epmet/service/AccessConfigService.java index 4d50c59ebe..985bdda5c3 100644 --- a/epmet-module/gov-access/gov-access-server/src/main/java/com/epmet/service/AccessConfigService.java +++ b/epmet-module/gov-access/gov-access-server/src/main/java/com/epmet/service/AccessConfigService.java @@ -29,4 +29,6 @@ public interface AccessConfigService { void addOpeAndScopes4Role(String roleKey, String operationKey, List scopeKeys); void addOpesAndScopes4Role(String roleKey, List operations); + + void addOpeAndScopes4RoleByDefaultConf(String roleKey, String operationKey); } diff --git a/epmet-module/gov-access/gov-access-server/src/main/java/com/epmet/service/impl/AccessConfigServiceImpl.java b/epmet-module/gov-access/gov-access-server/src/main/java/com/epmet/service/impl/AccessConfigServiceImpl.java index ab5ef83012..9137aff983 100644 --- a/epmet-module/gov-access/gov-access-server/src/main/java/com/epmet/service/impl/AccessConfigServiceImpl.java +++ b/epmet-module/gov-access/gov-access-server/src/main/java/com/epmet/service/impl/AccessConfigServiceImpl.java @@ -1,5 +1,6 @@ package com.epmet.service.impl; +import com.baomidou.mybatisplus.core.conditions.query.LambdaQueryWrapper; import com.epmet.commons.tools.exception.EpmetErrorCode; import com.epmet.commons.tools.exception.RenException; import com.epmet.commons.tools.utils.Result; @@ -213,6 +214,7 @@ public class AccessConfigServiceImpl implements AccessConfigService { */ @Override public void addOpeAndScopes4Role(String roleKey, String operationKey, List scopeKeys) { + // 所有客户下该角色的列表 Result> rolesResult = epmetUserOpenFeignClient.listRolesByRoleKey(roleKey); if (!rolesResult.success()) { String msg = "调用user服务,根据key查询角色列表失败"; @@ -220,39 +222,41 @@ public class AccessConfigServiceImpl implements AccessConfigService { RenException.MessageMode.CODE_INTERNAL_EXTERNAL.CODE_INTERNAL_EXTERNAL); } - List roles = rolesResult.getData(); - List roleIds2Add = roles.stream().map(GovStaffRoleResultDTO::getRoleId).collect(Collectors.toList()); - addOpeAndScopes4Role(roleIds2Add, operationKey, scopeKeys); + List rolesOfAllCustomer = rolesResult.getData(); + addOpeAndScopes4Role(rolesOfAllCustomer, operationKey, scopeKeys); } /** * @Description 将默认的角色操作和范围同步给具体的角色 + * @param rolesOfAllCustomer 所有客户的该角色的列表 * @return * @author wxz * @date 2020.11.17 17:38 */ @Transactional(rollbackFor = Exception.class) - public void addOpeAndScopes4Role(List roleIds, String operationKey, List scopeKeys) { - for (String roleId : roleIds) { + public void addOpeAndScopes4Role(List rolesOfAllCustomer, String operationKey, List scopeKeys) { + for (GovStaffRoleResultDTO role : rolesOfAllCustomer) { // 只给没有添加该权限的用户赋予该权限,已经添加了和添加了又取消的不操作 - RoleOperationEntity roleOpe = roleOperationDao.getRoleOpe(roleId, operationKey); + RoleOperationEntity roleOpe = roleOperationDao.getRoleOpe(role.getRoleId(), operationKey); boolean needRefreshCache = false; if (roleOpe == null) { // 没有该操作,则添加 RoleOperationEntity roleOperation = new RoleOperationEntity(); roleOperation.setOperationKey(operationKey); - roleOperation.setRoleId(roleId); + roleOperation.setRoleId(role.getRoleId()); + roleOperation.setCustomerId(role.getCustomerId()); roleOperationDao.insert(roleOperation); needRefreshCache = true; } for (String scopeKey : scopeKeys) { // 没有的话则添加 - RoleScopeEntity roleScopeInDb = roleScopeDao.getByRoleIdAndOpeKey(roleId, operationKey, scopeKey); + RoleScopeEntity roleScopeInDb = roleScopeDao.getByRoleIdAndOpeKey(role.getRoleId(), operationKey, scopeKey); if (roleScopeInDb == null) { RoleScopeEntity roleScopeEntity = new RoleScopeEntity(); roleScopeEntity.setOperationKey(operationKey); - roleScopeEntity.setRoleId(roleId); + roleScopeEntity.setRoleId(role.getRoleId()); roleScopeEntity.setScopeKey(scopeKey); + roleScopeEntity.setCustomerId(role.getCustomerId()); roleScopeDao.insert(roleScopeEntity); needRefreshCache = true; } @@ -260,7 +264,7 @@ public class AccessConfigServiceImpl implements AccessConfigService { // 清空角色的权限缓存 if (needRefreshCache) { - roleOpeScopeRedis.delRoleAllOpeScopes(roleId); + roleOpeScopeRedis.delRoleAllOpeScopes(role.getRoleId()); } } } @@ -273,4 +277,24 @@ public class AccessConfigServiceImpl implements AccessConfigService { addOpeAndScopes4Role(roleKey, operationKey, scopeKeys); } } + + @Override + public void addOpeAndScopes4RoleByDefaultConf(String roleKey, String operationKey) { + // 1.先判断该角色是否已经为该操作配做了默认配置 + LambdaQueryWrapper rodw = new LambdaQueryWrapper<>(); + rodw.eq(RoleOperationDefaultEntity::getRoleKey, roleKey); + rodw.eq(RoleOperationDefaultEntity::getOperationKey, operationKey); + rodw.eq(RoleOperationDefaultEntity::getDelFlag, 0); + Integer roleOperationCount = roleOperationDefaultDao.selectCount(rodw); + List scopes = operationScopeDefaultDao.listOpeDefaultScopesByRoleAndOpeKey(roleKey, operationKey); + if (roleOperationCount == 0 || CollectionUtils.isEmpty(scopes)) { + throw new RenException(EpmetErrorCode.ACCESS_CONFIG_ERROR.getCode(), String.format("为所有客户同步%s的%s配置权限默认失败,请先保存默认权限配置再重试", roleKey, operationKey)); + } + + // 2.开始执行同步 + List scopeKeys = scopes.stream().map(s -> s.getScopeKey()).collect(Collectors.toList()); + logger.info(String.format("为所有客户同步%s的%s配置权限,范围列表:" + scopeKeys, roleKey, operationKey)); + addOpeAndScopes4Role(roleKey, operationKey, scopeKeys); + logger.info("同步完成"); + } } diff --git a/epmet-user/epmet-user-server/src/main/resources/mapper/GovStaffRoleDao.xml b/epmet-user/epmet-user-server/src/main/resources/mapper/GovStaffRoleDao.xml index be9203602e..17f537f182 100644 --- a/epmet-user/epmet-user-server/src/main/resources/mapper/GovStaffRoleDao.xml +++ b/epmet-user/epmet-user-server/src/main/resources/mapper/GovStaffRoleDao.xml @@ -104,7 +104,7 @@ ) - +