|  | @ -7,6 +7,7 @@ import com.epmet.commons.tools.exception.EpmetErrorCode; | 
			
		
	
		
		
			
				
					|  |  | import com.epmet.commons.tools.exception.ExceptionUtils; |  |  | import com.epmet.commons.tools.exception.ExceptionUtils; | 
			
		
	
		
		
			
				
					|  |  | import com.epmet.commons.tools.exception.RenException; |  |  | import com.epmet.commons.tools.exception.RenException; | 
			
		
	
		
		
			
				
					|  |  | import com.epmet.commons.tools.security.dto.GovTokenDto; |  |  | import com.epmet.commons.tools.security.dto.GovTokenDto; | 
			
		
	
		
		
			
				
					|  |  |  |  |  | import com.epmet.commons.tools.security.user.LoginUserUtil; | 
			
		
	
		
		
			
				
					|  |  | import com.epmet.commons.tools.utils.CpUserDetailRedis; |  |  | import com.epmet.commons.tools.utils.CpUserDetailRedis; | 
			
		
	
		
		
			
				
					|  |  | import com.epmet.commons.tools.utils.Result; |  |  | import com.epmet.commons.tools.utils.Result; | 
			
		
	
		
		
			
				
					|  |  | import com.epmet.constant.OperationScopeConstant; |  |  | import com.epmet.constant.OperationScopeConstant; | 
			
		
	
	
		
		
			
				
					|  | @ -55,9 +56,13 @@ public class AccessServiceImpl implements AccessService { | 
			
		
	
		
		
			
				
					|  |  |     @Autowired |  |  |     @Autowired | 
			
		
	
		
		
			
				
					|  |  |     private EpmetUserFeignClient userFeignClient; |  |  |     private EpmetUserFeignClient userFeignClient; | 
			
		
	
		
		
			
				
					|  |  | 
 |  |  | 
 | 
			
		
	
		
		
			
				
					|  |  |  |  |  |     @Autowired | 
			
		
	
		
		
			
				
					|  |  |  |  |  |     private LoginUserUtil loginUserUtil; | 
			
		
	
		
		
			
				
					|  |  |  |  |  | 
 | 
			
		
	
		
		
			
				
					|  |  |     public static final String ORG_RELATION_SAME = "same"; |  |  |     public static final String ORG_RELATION_SAME = "same"; | 
			
		
	
		
		
			
				
					|  |  |     public static final String ORG_RELATION_SUB = "sub"; |  |  |     public static final String ORG_RELATION_SUB = "sub"; | 
			
		
	
		
		
			
				
					|  |  |     public static final String ORG_RELATION_SUP = "sup"; |  |  |     public static final String ORG_RELATION_SUP = "sup"; | 
			
		
	
		
		
			
				
					|  |  |  |  |  |     public static final String ORG_PATH_SEPARATOR = ":"; | 
			
		
	
		
		
			
				
					|  |  | 
 |  |  | 
 | 
			
		
	
		
		
			
				
					|  |  |     /** |  |  |     /** | 
			
		
	
		
		
			
				
					|  |  |      * 更新权限缓存 |  |  |      * 更新权限缓存 | 
			
		
	
	
		
		
			
				
					|  | @ -448,28 +453,42 @@ public class AccessServiceImpl implements AccessService { | 
			
		
	
		
		
			
				
					|  |  |     @Override |  |  |     @Override | 
			
		
	
		
		
			
				
					|  |  |     public Set<String> listOperationPermissions(String staffId, String currAgencyId) { |  |  |     public Set<String> listOperationPermissions(String staffId, String currAgencyId) { | 
			
		
	
		
		
			
				
					|  |  | 
 |  |  | 
 | 
			
		
	
		
		
			
				
					
					|  |  |         // 1.拿到所属组织机构信息
 |  |  |         GovTokenDto userDetails = getUserDetails(loginUserUtil.getLoginUserApp(), loginUserUtil.getLoginUserClient(), loginUserUtil.getLoginUserId()); | 
			
				
				
			
		
	
		
		
			
				
					
					|  |  |         Result<CustomerAgencyDTO> agencyByStaffRst = govOrgFeignClient.getAgencyByStaff(staffId); |  |  |         if (userDetails == null) { | 
			
				
				
			
		
	
		
		
			
				
					
					|  |  |         if (!agencyByStaffRst.success()) { |  |  |             throw new RenException(EpmetErrorCode.ERR10006.getCode(), EpmetErrorCode.ERR10006.getMsg()); | 
			
				
				
			
		
	
		
		
			
				
					|  |  |             logger.error("根据StaffId查询所属单位出错,StaffId:{}, 错误信息:{}", staffId, agencyByStaffRst.getMsg()); |  |  |  | 
			
		
	
		
		
			
				
					|  |  |             throw new RenException(EpmetErrorCode.SERVER_ERROR.getCode()); |  |  |  | 
			
		
	
		
		
	
		
		
	
		
		
	
		
		
			
				
					|  |  |         } |  |  |         } | 
			
		
	
		
		
			
				
					
					|  |  |         CustomerAgencyDTO belongAgency = agencyByStaffRst.getData(); |  |  | 
 | 
			
				
				
			
		
	
		
		
			
				
					
					|  |  |         if (belongAgency == null) { |  |  |         // 1.拿到所属组织机构信息
 | 
			
				
				
			
		
	
		
		
			
				
					
					|  |  |             logger.error("根据StaffId查询所属单位结果为空,StaffId:{}", staffId); |  |  |         String belongAgencyId = getBelongAgencyFromOrgIdPath(userDetails.getOrgIdPath()); | 
			
				
				
			
		
	
		
		
			
				
					
					|  |  |             throw new RenException(EpmetErrorCode.SERVER_ERROR.getCode()); |  |  |         Result<CustomerAgencyDTO> belongAgencyRst = govOrgFeignClient.getAgencyById(belongAgencyId); | 
			
				
				
			
		
	
		
		
	
		
		
	
		
		
	
		
		
	
		
		
			
				
					|  |  |  |  |  |         if (!belongAgencyRst.success()) { | 
			
		
	
		
		
			
				
					|  |  |  |  |  |             throw new RenException("查询用户的操作权限列表:调用GovOrg,根据belongAgencyId查询机构信息失败:".concat(belongAgencyRst.getInternalMsg())); | 
			
		
	
		
		
			
				
					|  |  |         } |  |  |         } | 
			
		
	
		
		
			
				
					|  |  | 
 |  |  | 
 | 
			
		
	
		
		
			
				
					|  |  |  |  |  |         CustomerAgencyDTO belongAgency = belongAgencyRst.getData(); | 
			
		
	
		
		
			
				
					|  |  |  |  |  | 
 | 
			
		
	
		
		
			
				
					|  |  |  |  |  |         //Result<CustomerAgencyDTO> agencyByStaffRst = govOrgFeignClient.getAgencyByStaff(staffId);
 | 
			
		
	
		
		
			
				
					|  |  |  |  |  |         //if (!agencyByStaffRst.success()) {
 | 
			
		
	
		
		
			
				
					|  |  |  |  |  |         //    logger.error("根据StaffId查询所属单位出错,StaffId:{}, 错误信息:{}", staffId, agencyByStaffRst.getMsg());
 | 
			
		
	
		
		
			
				
					|  |  |  |  |  |         //    throw new RenException(EpmetErrorCode.SERVER_ERROR.getCode());
 | 
			
		
	
		
		
			
				
					|  |  |  |  |  |         //}
 | 
			
		
	
		
		
			
				
					|  |  |  |  |  |         //CustomerAgencyDTO belongAgency = agencyByStaffRst.getData();
 | 
			
		
	
		
		
			
				
					|  |  |  |  |  |         //if (belongAgency == null) {
 | 
			
		
	
		
		
			
				
					|  |  |  |  |  |         //    logger.error("根据StaffId查询所属单位结果为空,StaffId:{}", staffId);
 | 
			
		
	
		
		
			
				
					|  |  |  |  |  |         //    throw new RenException(EpmetErrorCode.SERVER_ERROR.getCode());
 | 
			
		
	
		
		
			
				
					|  |  |  |  |  |         //}
 | 
			
		
	
		
		
			
				
					|  |  |  |  |  | 
 | 
			
		
	
		
		
			
				
					|  |  |         // 2.拿到当前所处机关单位信息
 |  |  |         // 2.拿到当前所处机关单位信息
 | 
			
		
	
		
		
			
				
					|  |  |         Result<CustomerAgencyDTO> currAgencyRst = govOrgFeignClient.getAgencyById(currAgencyId); |  |  |         Result<CustomerAgencyDTO> currAgencyRst = govOrgFeignClient.getAgencyById(currAgencyId); | 
			
		
	
		
		
			
				
					|  |  |         CustomerAgencyDTO currAgencyDto = currAgencyRst.getData(); |  |  |         CustomerAgencyDTO currAgencyDto = currAgencyRst.getData(); | 
			
		
	
		
		
			
				
					|  |  |         if (!currAgencyRst.success() || currAgencyDto == null) { |  |  |         if (!currAgencyRst.success() || currAgencyDto == null) { | 
			
		
	
		
		
			
				
					
					|  |  |             logger.error("根据当前机构id[{}]查询pids失败:{}", currAgencyId, currAgencyRst.getMsg()); |  |  |             throw new RenException(String.format("根据当前机构id[%s]查询pids失败:%s", currAgencyId, currAgencyRst.getMsg())); | 
			
				
				
			
		
	
		
		
			
				
					|  |  |             throw new RenException(EpmetErrorCode.SERVER_ERROR.getCode()); |  |  |  | 
			
		
	
		
		
	
		
		
			
				
					|  |  |         } |  |  |         } | 
			
		
	
		
		
			
				
					|  |  | 
 |  |  | 
 | 
			
		
	
		
		
			
				
					
					|  |  |         // 查询机关单位中的角色
 |  |  |         // 获取机关单位中的角色
 | 
			
				
				
			
		
	
		
		
			
				
					
					|  |  |         List<GovStaffRoleDTO> roleDTOS = queryGovStaffRoles(staffId, belongAgency.getId()); |  |  |         // 目前一个人只在一个单位下,所以不动态查询,如果后面需要一个人在多个单位,再改这里
 | 
			
				
				
			
		
	
		
		
	
		
		
	
		
		
			
				
					|  |  |  |  |  |         //List<GovStaffRoleDTO> roleDTOS = queryGovStaffRoles(staffId, belongAgency.getId());
 | 
			
		
	
		
		
			
				
					|  |  |  |  |  |         Set<String> roleIdList = userDetails.getRoleIdList(); | 
			
		
	
		
		
			
				
					|  |  | 
 |  |  | 
 | 
			
		
	
		
		
			
				
					|  |  |         // 当前组织和所属组织的orgId路径,以及他们的上下级关系
 |  |  |         // 当前组织和所属组织的orgId路径,以及他们的上下级关系
 | 
			
		
	
		
		
			
				
					|  |  |         String belongOrgIdPath = getOrgIdPath(belongAgency); |  |  |         String belongOrgIdPath = getOrgIdPath(belongAgency); | 
			
		
	
	
		
		
			
				
					|  | @ -478,13 +497,26 @@ public class AccessServiceImpl implements AccessService { | 
			
		
	
		
		
			
				
					|  |  | 
 |  |  | 
 | 
			
		
	
		
		
			
				
					|  |  |         Set<String> filtedOps = new HashSet<>(); |  |  |         Set<String> filtedOps = new HashSet<>(); | 
			
		
	
		
		
			
				
					|  |  | 
 |  |  | 
 | 
			
		
	
		
		
			
				
					
					|  |  |         roleDTOS.forEach(roleDTO -> { |  |  |         roleIdList.forEach(roleId -> { | 
			
				
				
			
		
	
		
		
			
				
					
					|  |  |             List<RoleOpeScopeResultDTO> opeAndScopeDTO = listAllRoleOperationScopesByRoleId(roleDTO.getId()); |  |  |             List<RoleOpeScopeResultDTO> opeAndScopeDTO = listAllRoleOperationScopesByRoleId(roleId); | 
			
				
				
			
		
	
		
		
	
		
		
	
		
		
			
				
					|  |  |             filtedOps.addAll(filterOpesByScope(currOrgRelation, opeAndScopeDTO)); |  |  |             filtedOps.addAll(filterOpesByScope(currOrgRelation, opeAndScopeDTO)); | 
			
		
	
		
		
			
				
					|  |  |         }); |  |  |         }); | 
			
		
	
		
		
			
				
					|  |  |  |  |  | 
 | 
			
		
	
		
		
			
				
					|  |  |         return filtedOps; |  |  |         return filtedOps; | 
			
		
	
		
		
			
				
					|  |  |     } |  |  |     } | 
			
		
	
		
		
			
				
					|  |  | 
 |  |  | 
 | 
			
		
	
		
		
			
				
					|  |  |  |  |  |     /** | 
			
		
	
		
		
			
				
					|  |  |  |  |  |      * 从OrgIdPath中取所属机构(即最后一截) | 
			
		
	
		
		
			
				
					|  |  |  |  |  |      * @param orgIdPath | 
			
		
	
		
		
			
				
					|  |  |  |  |  |      * @return | 
			
		
	
		
		
			
				
					|  |  |  |  |  |      */ | 
			
		
	
		
		
			
				
					|  |  |  |  |  |     private String getBelongAgencyFromOrgIdPath(String orgIdPath) { | 
			
		
	
		
		
			
				
					|  |  |  |  |  |         if (!orgIdPath.contains(ORG_PATH_SEPARATOR)) { | 
			
		
	
		
		
			
				
					|  |  |  |  |  |             return orgIdPath; | 
			
		
	
		
		
			
				
					|  |  |  |  |  |         } | 
			
		
	
		
		
			
				
					|  |  |  |  |  |         return orgIdPath.substring(orgIdPath.lastIndexOf(ORG_PATH_SEPARATOR + 1)); | 
			
		
	
		
		
			
				
					|  |  |  |  |  |     } | 
			
		
	
		
		
			
				
					|  |  |  |  |  | 
 | 
			
		
	
		
		
			
				
					|  |  |     /** |  |  |     /** | 
			
		
	
		
		
			
				
					|  |  |      * 获取当前所处机关与所属机关的关系 |  |  |      * 获取当前所处机关与所属机关的关系 | 
			
		
	
		
		
			
				
					|  |  |      */ |  |  |      */ | 
			
		
	
	
		
		
			
				
					|  | 
 |