修复：给所有客户的某角色分配权限，customerid填充为操作人的customerid的bug

4 years ago · 40fe2c18b8
3 changed files with 25 additions and 14 deletions
--- a/epmet-commons/epmet-commons-mybatis/src/main/java/com/epmet/commons/mybatis/handler/FieldMetaObjectHandler.java
+++ b/epmet-commons/epmet-commons-mybatis/src/main/java/com/epmet/commons/mybatis/handler/FieldMetaObjectHandler.java
@ -97,12 +97,20 @@ public class FieldMetaObjectHandler implements MetaObjectHandler {
    }

    public Object getCustomerIdByFieldValue(MetaObject metaObject) {
-        if (metaObject.hasSetter(FieldConstant.CUSTOMER_ID_HUMP)) {
-            return loginUserUtil.getLoginUserCustomerId();
-        }
+        if (!metaObject.hasSetter(FieldConstant.CUSTOMER_ID_HUMP)) {
+            // 如果该entity对象，没有customerId属性，那么返回null;
            return null;
        }

+        Object customerId;
+        customerId = getFieldValByName(FieldConstant.CUSTOMER_ID_HUMP, metaObject);
+        if (customerId != null) {
+            // 看entity是否手动设置了，设置了就用设置的
+            return customerId;
+        }
+        return loginUserUtil.getLoginUserCustomerId();
+    }
+
    public Object getCreatedTimeByFieldValue(MetaObject metaObject) {
        Object createdTime = null;
        if (metaObject.hasGetter(FieldConstant.CREATED_TIME_HUMP)) {
--- a/epmet-module/gov-access/gov-access-server/src/main/java/com/epmet/service/impl/AccessConfigServiceImpl.java
+++ b/epmet-module/gov-access/gov-access-server/src/main/java/com/epmet/service/impl/AccessConfigServiceImpl.java
@ -213,6 +213,7 @@ public class AccessConfigServiceImpl implements AccessConfigService {
    */
    @Override
    public void addOpeAndScopes4Role(String roleKey, String operationKey, List<String> scopeKeys) {
+        // 所有客户下该角色的列表
        Result<List<GovStaffRoleResultDTO>> rolesResult = epmetUserOpenFeignClient.listRolesByRoleKey(roleKey);
        if (!rolesResult.success()) {
            String msg = "调用user服务，根据key查询角色列表失败";
@ -220,39 +221,41 @@ public class AccessConfigServiceImpl implements AccessConfigService {
                    RenException.MessageMode.CODE_INTERNAL_EXTERNAL.CODE_INTERNAL_EXTERNAL);
        }

-        List<GovStaffRoleResultDTO> roles = rolesResult.getData();
-        List<String> roleIds2Add = roles.stream().map(GovStaffRoleResultDTO::getRoleId).collect(Collectors.toList());
-        addOpeAndScopes4Role(roleIds2Add, operationKey, scopeKeys);
+        List<GovStaffRoleResultDTO> rolesOfAllCustomer = rolesResult.getData();
+        addOpeAndScopes4Role(rolesOfAllCustomer, operationKey, scopeKeys);
    }

    /**
     * @Description 将默认的角色操作和范围同步给具体的角色
+     * @param rolesOfAllCustomer 所有客户的该角色的列表
     * @return
     * @author wxz
     * @date 2020.11.17 17:38
    */
    @Transactional(rollbackFor = Exception.class)
-    public void addOpeAndScopes4Role(List<String> roleIds, String operationKey, List<String> scopeKeys) {
-        for (String roleId : roleIds) {
+    public void addOpeAndScopes4Role(List<GovStaffRoleResultDTO> rolesOfAllCustomer, String operationKey, List<String> scopeKeys) {
+        for (GovStaffRoleResultDTO role : rolesOfAllCustomer) {
            // 只给没有添加该权限的用户赋予该权限，已经添加了和添加了又取消的不操作
-            RoleOperationEntity roleOpe = roleOperationDao.getRoleOpe(roleId, operationKey);
+            RoleOperationEntity roleOpe = roleOperationDao.getRoleOpe(role.getRoleId(), operationKey);
            boolean needRefreshCache = false;
            if (roleOpe == null) {
                // 没有该操作，则添加
                RoleOperationEntity roleOperation = new RoleOperationEntity();
                roleOperation.setOperationKey(operationKey);
-                roleOperation.setRoleId(roleId);
+                roleOperation.setRoleId(role.getRoleId());
+                roleOperation.setCustomerId(role.getCustomerId());
                roleOperationDao.insert(roleOperation);
                needRefreshCache = true;
            }
            for (String scopeKey : scopeKeys) {
                // 没有的话则添加
-                RoleScopeEntity roleScopeInDb = roleScopeDao.getByRoleIdAndOpeKey(roleId, operationKey, scopeKey);
+                RoleScopeEntity roleScopeInDb = roleScopeDao.getByRoleIdAndOpeKey(role.getRoleId(), operationKey, scopeKey);
                if (roleScopeInDb == null) {
                    RoleScopeEntity roleScopeEntity = new RoleScopeEntity();
                    roleScopeEntity.setOperationKey(operationKey);
-                    roleScopeEntity.setRoleId(roleId);
+                    roleScopeEntity.setRoleId(role.getRoleId());
                    roleScopeEntity.setScopeKey(scopeKey);
+                    roleScopeEntity.setCustomerId(role.getCustomerId());
                    roleScopeDao.insert(roleScopeEntity);
                    needRefreshCache = true;
                }
@ -260,7 +263,7 @@ public class AccessConfigServiceImpl implements AccessConfigService {

            // 清空角色的权限缓存
            if (needRefreshCache) {
-                roleOpeScopeRedis.delRoleAllOpeScopes(roleId);
+                roleOpeScopeRedis.delRoleAllOpeScopes(role.getRoleId());
            }
        }
    }
--- a/epmet-user/epmet-user-server/src/main/resources/mapper/GovStaffRoleDao.xml
+++ b/epmet-user/epmet-user-server/src/main/resources/mapper/GovStaffRoleDao.xml
@ -104,7 +104,7 @@
        )
    </select>

-    <!--根据角色key查询具有该key的所有角色列表-->
+    <!--根据角色key查询具有该key的所有角色列表(所有客户下该角色列表)-->
    <select id="listRolesByRoleKey" resultType="com.epmet.dto.result.GovStaffRoleResultDTO">
        select gsr.ID roleId, gsr.ROLE_KEY roleKey, gsr.ROLE_NAME, gsr.CUSTOMER_ID customerId
        from gov_staff_role gsr