From 34ff292b02a65b48acede0def3063271ac2c7e7b Mon Sep 17 00:00:00 2001 From: wxz Date: Thu, 23 Sep 2021 22:47:49 +0800 Subject: [PATCH 1/2] =?UTF-8?q?wxz=E6=9C=AC=E5=9C=B0=E6=9A=82=E5=AD=98?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- .../epmet/commons/tools/redis/RedisKeys.java | 13 ++ .../epmettduck/form/TDuckDetailFormDTO.java | 10 +- .../result/PermissionValidateResultDTO.java | 9 ++ .../controller/EpmetTDuckController.java | 47 ++++++- .../service/QuestionnaireService.java | 9 ++ .../epmettduck/PrUserProjectService.java | 10 ++ .../impl/PrUserProjectServiceImpl.java | 7 + .../impl/QuestionnaireServiceImpl.java | 128 ++++++++++++++++++ 8 files changed, 228 insertions(+), 5 deletions(-) create mode 100644 epmet-module/data-aggregator/data-aggregator-client/src/main/java/com/epmet/dataaggre/dto/epmettduck/result/PermissionValidateResultDTO.java create mode 100644 epmet-module/data-aggregator/data-aggregator-server/src/main/java/com/epmet/dataaggre/service/QuestionnaireService.java create mode 100644 epmet-module/data-aggregator/data-aggregator-server/src/main/java/com/epmet/dataaggre/service/impl/QuestionnaireServiceImpl.java diff --git a/epmet-commons/epmet-commons-tools/src/main/java/com/epmet/commons/tools/redis/RedisKeys.java b/epmet-commons/epmet-commons-tools/src/main/java/com/epmet/commons/tools/redis/RedisKeys.java index 320f275136..a6a83e64e7 100644 --- a/epmet-commons/epmet-commons-tools/src/main/java/com/epmet/commons/tools/redis/RedisKeys.java +++ b/epmet-commons/epmet-commons-tools/src/main/java/com/epmet/commons/tools/redis/RedisKeys.java @@ -543,4 +543,17 @@ public class RedisKeys { public static String getGridInfoKey(String gridId) { return rootPrefix.concat("gov:grid:").concat(gridId); } + + /** + * @description 调查问卷accessKey + * + * @param userId + * @param qKey + * @return + * @author wxz + * @date 2021.09.23 17:38:37 + */ + public static String getQuestionnaireAccessKey(String userId, String qKey) { + return rootPrefix.concat("questionnaire:accesskey:").concat(userId).concat(":").concat(qKey); + } } diff --git a/epmet-module/data-aggregator/data-aggregator-client/src/main/java/com/epmet/dataaggre/dto/epmettduck/form/TDuckDetailFormDTO.java b/epmet-module/data-aggregator/data-aggregator-client/src/main/java/com/epmet/dataaggre/dto/epmettduck/form/TDuckDetailFormDTO.java index 8796d3291b..bd5ac26e8e 100644 --- a/epmet-module/data-aggregator/data-aggregator-client/src/main/java/com/epmet/dataaggre/dto/epmettduck/form/TDuckDetailFormDTO.java +++ b/epmet-module/data-aggregator/data-aggregator-client/src/main/java/com/epmet/dataaggre/dto/epmettduck/form/TDuckDetailFormDTO.java @@ -17,15 +17,23 @@ public class TDuckDetailFormDTO implements Serializable { private static final long serialVersionUID = 3793280475377993346L; public interface TDuckDetailForm{} + public interface PermissionValidate{} /** * 项目key */ - @NotBlank(message = "项目key不能为空",groups = TDuckDetailForm.class) + @NotBlank(message = "项目key不能为空",groups = { TDuckDetailForm.class, PermissionValidate.class }) private String key; /** * 是否显示类型 */ @NotNull(message = "是否显示类型不能为空",groups = TDuckDetailForm.class) private Boolean displayType; + + /** 当前操作人所在的组织的类型(grid:网格,agency:单位) */ + @NotBlank(message = "当前操作人所在的Org类型不能为空",groups = { PermissionValidate.class }) + private String orgType; + + /** 当前操作人所在的组织的ID(当orgType为grid的时候必填,为agency的时候留空) */ + private String orgId; } diff --git a/epmet-module/data-aggregator/data-aggregator-client/src/main/java/com/epmet/dataaggre/dto/epmettduck/result/PermissionValidateResultDTO.java b/epmet-module/data-aggregator/data-aggregator-client/src/main/java/com/epmet/dataaggre/dto/epmettduck/result/PermissionValidateResultDTO.java new file mode 100644 index 0000000000..45897428d9 --- /dev/null +++ b/epmet-module/data-aggregator/data-aggregator-client/src/main/java/com/epmet/dataaggre/dto/epmettduck/result/PermissionValidateResultDTO.java @@ -0,0 +1,9 @@ +package com.epmet.dataaggre.dto.epmettduck.result; + +import lombok.Data; + +@Data +public class PermissionValidateResultDTO { + private Boolean permitted; + private String accessKey; +} diff --git a/epmet-module/data-aggregator/data-aggregator-server/src/main/java/com/epmet/dataaggre/controller/EpmetTDuckController.java b/epmet-module/data-aggregator/data-aggregator-server/src/main/java/com/epmet/dataaggre/controller/EpmetTDuckController.java index 38956e9129..f5b8d05117 100644 --- a/epmet-module/data-aggregator/data-aggregator-server/src/main/java/com/epmet/dataaggre/controller/EpmetTDuckController.java +++ b/epmet-module/data-aggregator/data-aggregator-server/src/main/java/com/epmet/dataaggre/controller/EpmetTDuckController.java @@ -1,6 +1,10 @@ package com.epmet.dataaggre.controller; import com.epmet.commons.tools.annotation.LoginUser; +import com.epmet.commons.tools.constant.AppClientConstant; +import com.epmet.commons.tools.exception.EpmetErrorCode; +import com.epmet.commons.tools.exception.RenException; +import com.epmet.commons.tools.exception.ValidateException; import com.epmet.commons.tools.security.dto.TokenDto; import com.epmet.commons.tools.utils.Result; import com.epmet.commons.tools.validator.ValidatorUtils; @@ -9,14 +13,15 @@ import com.epmet.dataaggre.dto.epmettduck.form.*; import com.epmet.dataaggre.dto.epmettduck.result.*; import com.epmet.dataaggre.entity.epmettduck.PrUserProjectEntity; import com.epmet.dataaggre.entity.epmettduck.PrUserProjectItemEntity; +import com.epmet.dataaggre.service.QuestionnaireService; import com.epmet.dataaggre.service.epmettduck.PrUserProjectItemService; import com.epmet.dataaggre.service.epmettduck.PrUserProjectService; +import org.apache.commons.lang3.StringUtils; import org.springframework.beans.factory.annotation.Autowired; -import org.springframework.web.bind.annotation.PostMapping; -import org.springframework.web.bind.annotation.RequestBody; -import org.springframework.web.bind.annotation.RequestMapping; -import org.springframework.web.bind.annotation.RestController; +import org.springframework.web.bind.annotation.*; +import sun.tools.jstat.Token; +import javax.validation.constraints.NotBlank; import java.util.List; /** @@ -31,6 +36,8 @@ public class EpmetTDuckController { private PrUserProjectService prUserProjectService; @Autowired private PrUserProjectItemService projectItemService; + @Autowired + private QuestionnaireService questionnaireService; /** @@ -142,4 +149,36 @@ public class EpmetTDuckController { public Result redPoint(@LoginUser TokenDto tokenDto) { return new Result().ok(prUserProjectService.redPoint(tokenDto)); } + + /** + * @description 校验权限,并且获取accesskey + * + * @param input + * @return + * @author wxz + * @date 2021.09.23 15:13:53 + */ + @PostMapping("/permission-validate") + public Result permissionValidate(@RequestBody TDuckDetailFormDTO input, @LoginUser TokenDto loginUserInfo, @RequestHeader("customerId") String customerId) { + ValidatorUtils.validateEntity(input, TDuckDetailFormDTO.PermissionValidate.class); + // 所用端的类型:gov:工作端,resi居民端 + String app = loginUserInfo.getApp(); + String orgId = input.getOrgId(); + String projectKey = input.getKey(); + String userId = loginUserInfo.getUserId(); + + PermissionValidateResultDTO r = null; + if (AppClientConstant.APP_RESI.equals(app)) { + if (StringUtils.isBlank(orgId)) { + // 居民端,orgId是网格id,必填 + throw new ValidateException(EpmetErrorCode.INTERNAL_VALIDATE_ERROR.getCode(), "缺少orgId参数"); + } + r = questionnaireService.resiPermissionValidate(projectKey, userId, orgId); + } else if (AppClientConstant.APP_GOV.equals(app)) { + // 工作端 + r = questionnaireService.govPermissionValidate(projectKey, userId, customerId); + } + + return new Result().ok(r); + } } diff --git a/epmet-module/data-aggregator/data-aggregator-server/src/main/java/com/epmet/dataaggre/service/QuestionnaireService.java b/epmet-module/data-aggregator/data-aggregator-server/src/main/java/com/epmet/dataaggre/service/QuestionnaireService.java new file mode 100644 index 0000000000..c23f7f1245 --- /dev/null +++ b/epmet-module/data-aggregator/data-aggregator-server/src/main/java/com/epmet/dataaggre/service/QuestionnaireService.java @@ -0,0 +1,9 @@ +package com.epmet.dataaggre.service; + +import com.epmet.dataaggre.dto.epmettduck.result.PermissionValidateResultDTO; + +public interface QuestionnaireService { + PermissionValidateResultDTO resiPermissionValidate(String projectKey, String userId, String gridId); + + PermissionValidateResultDTO govPermissionValidate(String projectKey, String staffId, String customerId); +} diff --git a/epmet-module/data-aggregator/data-aggregator-server/src/main/java/com/epmet/dataaggre/service/epmettduck/PrUserProjectService.java b/epmet-module/data-aggregator/data-aggregator-server/src/main/java/com/epmet/dataaggre/service/epmettduck/PrUserProjectService.java index 2a35aa5ac1..93e437a043 100644 --- a/epmet-module/data-aggregator/data-aggregator-server/src/main/java/com/epmet/dataaggre/service/epmettduck/PrUserProjectService.java +++ b/epmet-module/data-aggregator/data-aggregator-server/src/main/java/com/epmet/dataaggre/service/epmettduck/PrUserProjectService.java @@ -174,4 +174,14 @@ public interface PrUserProjectService extends BaseService { * @Date 2021/9/23 10:05 */ RedPointResultDTO redPoint(TokenDto tokenDto); + + /** + * @description 根据key查询问卷 + * + * @param key + * @return + * @author wxz + * @date 2021.09.23 22:25:57 + */ + PrUserProjectEntity getProjectEntityBykey(String key); } \ No newline at end of file diff --git a/epmet-module/data-aggregator/data-aggregator-server/src/main/java/com/epmet/dataaggre/service/epmettduck/impl/PrUserProjectServiceImpl.java b/epmet-module/data-aggregator/data-aggregator-server/src/main/java/com/epmet/dataaggre/service/epmettduck/impl/PrUserProjectServiceImpl.java index 1030c10c32..e4daf90485 100644 --- a/epmet-module/data-aggregator/data-aggregator-server/src/main/java/com/epmet/dataaggre/service/epmettduck/impl/PrUserProjectServiceImpl.java +++ b/epmet-module/data-aggregator/data-aggregator-server/src/main/java/com/epmet/dataaggre/service/epmettduck/impl/PrUserProjectServiceImpl.java @@ -706,4 +706,11 @@ public class PrUserProjectServiceImpl extends BaseServiceImpl query = new LambdaQueryWrapper<>(); + query.eq(PrUserProjectEntity::getKey, key); + return baseDao.selectOne(query); + } } \ No newline at end of file diff --git a/epmet-module/data-aggregator/data-aggregator-server/src/main/java/com/epmet/dataaggre/service/impl/QuestionnaireServiceImpl.java b/epmet-module/data-aggregator/data-aggregator-server/src/main/java/com/epmet/dataaggre/service/impl/QuestionnaireServiceImpl.java new file mode 100644 index 0000000000..ad4b5cb6a9 --- /dev/null +++ b/epmet-module/data-aggregator/data-aggregator-server/src/main/java/com/epmet/dataaggre/service/impl/QuestionnaireServiceImpl.java @@ -0,0 +1,128 @@ +package com.epmet.dataaggre.service.impl; + +import com.epmet.commons.tools.constant.AppClientConstant; +import com.epmet.commons.tools.constant.ServiceConstant; +import com.epmet.commons.tools.dto.form.IdAndNameDTO; +import com.epmet.commons.tools.dto.result.CustomerStaffInfoCacheResult; +import com.epmet.commons.tools.exception.EpmetErrorCode; +import com.epmet.commons.tools.exception.RenException; +import com.epmet.commons.tools.feign.ResultDataResolver; +import com.epmet.commons.tools.redis.RedisKeys; +import com.epmet.commons.tools.redis.RedisUtils; +import com.epmet.commons.tools.redis.common.CustomerStaffRedis; +import com.epmet.commons.tools.utils.Result; +import com.epmet.dataaggre.dto.epmettduck.result.PermissionValidateResultDTO; +import com.epmet.dataaggre.entity.epmettduck.PrUserProjectEntity; +import com.epmet.dataaggre.service.QuestionnaireService; +import com.epmet.dataaggre.service.epmettduck.PrPublishRangeService; +import com.epmet.dataaggre.service.epmettduck.PrUserProjectService; +import com.epmet.dto.CustomerGridDTO; +import com.epmet.dto.form.CustomerGridFormDTO; +import com.epmet.feign.GovOrgOpenFeignClient; +import org.springframework.beans.factory.annotation.Autowired; +import org.springframework.stereotype.Service; + +import java.util.List; +import java.util.UUID; + +@Service +public class QuestionnaireServiceImpl implements QuestionnaireService, ResultDataResolver { + + @Autowired + private PrUserProjectService prUserProjectService; + + @Autowired + private PrPublishRangeService prPublishRangeService; + + @Autowired + private GovOrgOpenFeignClient govOrgOpenFeignClient; + + @Autowired + private RedisUtils redisUtils; + + @Autowired + private CustomerStaffRedis customerStaffRedis; + + /** + * @description 居民端调查问卷权限校验 + * + * @param projectKey + * @param userId + * @param gridId + * @return + * @author wxz + * @date 2021.09.23 17:45:25 + */ + public PermissionValidateResultDTO resiPermissionValidate(String projectKey, String userId, String gridId) { + + PrUserProjectEntity projectEntity = prUserProjectService.getProjectEntityBykey(projectKey); + if (!AppClientConstant.APP_RESI.equals(projectEntity.getClient())) { + throw new RenException(EpmetErrorCode.SERVER_ERROR.getCode(), + String.format("【调查问卷详情权限校验】该调查问卷发布端为[%s],当前用户为[%s]", projectEntity.getClient(), AppClientConstant.APP_RESI)); + } + + CustomerGridFormDTO form = new CustomerGridFormDTO(); + form.setGridId(gridId); + Result gridInfoResult = govOrgOpenFeignClient.getGridBaseInfoByGridId(form); + CustomerGridDTO gridInfo = getResultDataOrThrowsException(gridInfoResult, ServiceConstant.GOV_ORG_SERVER, EpmetErrorCode.SERVER_ERROR.getCode(), "【调查问卷】校验访问权限,查询网格信息失败"); + // 网格父级ID列表:网格ID(拼接起来,冒号分割) + String gridIdPath = gridInfo.getPids().concat(":").concat(gridInfo.getId()); + List rangeList = prPublishRangeService.getRangeOrgList(projectKey); + PermissionValidateResultDTO r = new PermissionValidateResultDTO(); + for (String range : rangeList) { + if (gridIdPath.contains(range)) { + r.setPermitted(true); + r.setAccessKey(generateQuestionnaireAccessKey(userId, projectKey)); + return r; + } + } + r.setPermitted(false); + return r; + } + + /** + * @description 生成调查问卷accessKey + * + * @param userId + * @param qKey + * @return + * @author wxz + * @date 2021.09.23 17:43:50 + */ + private String generateQuestionnaireAccessKey(String userId, String qKey) { + String accessKey = UUID.randomUUID().toString(); + redisUtils.set(RedisKeys.getQuestionnaireAccessKey(userId, qKey), accessKey); + return accessKey; + } + + @Override + public PermissionValidateResultDTO govPermissionValidate(String projectKey, String staffId, String customerId) { + CustomerStaffInfoCacheResult staffInfo = customerStaffRedis.getStaffInfo(customerId, staffId); + PermissionValidateResultDTO r = null; + //if ("agency".equals(staffInfo.getFromOrgType())) { + // // 来自agency + // + //} else if ("grid".equals(staffInfo.getFromOrgType())) { + // List belongGridList = staffInfo.getGridList(); + // + //} else if ("dept".equals(staffInfo.getFromOrgType())) { + // + //} + + String agencyId = staffInfo.getAgencyId(); + + List gridList = staffInfo.getGridList(); + for (IdAndNameDTO gridIdAndName : gridList) { + + } + + return r; + } + + //private CustomerGridDTO getGridInfoById(String gridId) { + // CustomerGridFormDTO gridInfoForm = new CustomerGridFormDTO(); + // gridInfoForm.setGridId(gridId); + // Result result = govOrgOpenFeignClient.getGridBaseInfoByGridId(gridInfoForm); + // return getResultDataOrThrowsException(result, ServiceConstant.GOV_ORG_SERVER, EpmetErrorCode.SERVER_ERROR.getCode(), "【调查问卷】获取网格信息失败"); + //} +} From 33321ce46866bac59672f6a01c7265f6e4e1d3f7 Mon Sep 17 00:00:00 2001 From: wxz Date: Fri, 24 Sep 2021 12:39:20 +0800 Subject: [PATCH 2/2] =?UTF-8?q?=E6=96=B0=E5=A2=9E=EF=BC=9A=20=E3=80=90?= =?UTF-8?q?=E8=B0=83=E6=9F=A5=E9=97=AE=E5=8D=B7=E3=80=91=E5=A2=9E=E5=8A=A0?= =?UTF-8?q?=E9=97=AE=E5=8D=B7=E8=AE=BF=E9=97=AE=E6=9D=83=E9=99=90=E6=A0=A1?= =?UTF-8?q?=E9=AA=8C=E6=8E=A5=E5=8F=A3=20/data/aggregator/questionnaire/pe?= =?UTF-8?q?rmission-validate?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- .../epmettduck/form/TDuckDetailFormDTO.java | 1 - .../controller/EpmetTDuckController.java | 4 +- .../epmettduck/PrPublishRangeService.java | 10 ++ .../impl/PrPublishRangeServiceImpl.java | 7 + .../impl/QuestionnaireServiceImpl.java | 131 +++++++++++++----- 5 files changed, 117 insertions(+), 36 deletions(-) diff --git a/epmet-module/data-aggregator/data-aggregator-client/src/main/java/com/epmet/dataaggre/dto/epmettduck/form/TDuckDetailFormDTO.java b/epmet-module/data-aggregator/data-aggregator-client/src/main/java/com/epmet/dataaggre/dto/epmettduck/form/TDuckDetailFormDTO.java index bd5ac26e8e..3a9b934b69 100644 --- a/epmet-module/data-aggregator/data-aggregator-client/src/main/java/com/epmet/dataaggre/dto/epmettduck/form/TDuckDetailFormDTO.java +++ b/epmet-module/data-aggregator/data-aggregator-client/src/main/java/com/epmet/dataaggre/dto/epmettduck/form/TDuckDetailFormDTO.java @@ -31,7 +31,6 @@ public class TDuckDetailFormDTO implements Serializable { private Boolean displayType; /** 当前操作人所在的组织的类型(grid:网格,agency:单位) */ - @NotBlank(message = "当前操作人所在的Org类型不能为空",groups = { PermissionValidate.class }) private String orgType; /** 当前操作人所在的组织的ID(当orgType为grid的时候必填,为agency的时候留空) */ diff --git a/epmet-module/data-aggregator/data-aggregator-server/src/main/java/com/epmet/dataaggre/controller/EpmetTDuckController.java b/epmet-module/data-aggregator/data-aggregator-server/src/main/java/com/epmet/dataaggre/controller/EpmetTDuckController.java index d12a151996..bcffe238d4 100644 --- a/epmet-module/data-aggregator/data-aggregator-server/src/main/java/com/epmet/dataaggre/controller/EpmetTDuckController.java +++ b/epmet-module/data-aggregator/data-aggregator-server/src/main/java/com/epmet/dataaggre/controller/EpmetTDuckController.java @@ -170,9 +170,9 @@ public class EpmetTDuckController { PermissionValidateResultDTO r = null; if (AppClientConstant.APP_RESI.equals(app)) { - if (StringUtils.isBlank(orgId)) { + if (StringUtils.isBlank(orgId) || !"grid".equals(input.getOrgType())) { // 居民端,orgId是网格id,必填 - throw new ValidateException(EpmetErrorCode.INTERNAL_VALIDATE_ERROR.getCode(), "缺少orgId参数"); + throw new ValidateException(EpmetErrorCode.INTERNAL_VALIDATE_ERROR.getCode(), "【调查问卷】校验访问权限-居民端 orgId不能为空,且orgType需要为[grid]"); } r = questionnaireService.resiPermissionValidate(projectKey, userId, orgId); } else if (AppClientConstant.APP_GOV.equals(app)) { diff --git a/epmet-module/data-aggregator/data-aggregator-server/src/main/java/com/epmet/dataaggre/service/epmettduck/PrPublishRangeService.java b/epmet-module/data-aggregator/data-aggregator-server/src/main/java/com/epmet/dataaggre/service/epmettduck/PrPublishRangeService.java index d238150f46..66a2dbb79e 100644 --- a/epmet-module/data-aggregator/data-aggregator-server/src/main/java/com/epmet/dataaggre/service/epmettduck/PrPublishRangeService.java +++ b/epmet-module/data-aggregator/data-aggregator-server/src/main/java/com/epmet/dataaggre/service/epmettduck/PrPublishRangeService.java @@ -102,6 +102,16 @@ public interface PrPublishRangeService extends BaseService */ List getRangeOrgList(String projectKey); + /** + * @description 使用projectKey查询发布范围entity + * + * @param projectKey + * @return + * @author wxz + * @date 2021.09.23 23:04:23 + */ + List getPublishRangeEntity(String projectKey); + /** * @Description 获取组织范围内的问卷 * @Param orgList diff --git a/epmet-module/data-aggregator/data-aggregator-server/src/main/java/com/epmet/dataaggre/service/epmettduck/impl/PrPublishRangeServiceImpl.java b/epmet-module/data-aggregator/data-aggregator-server/src/main/java/com/epmet/dataaggre/service/epmettduck/impl/PrPublishRangeServiceImpl.java index d669cc59c8..6865f8764e 100644 --- a/epmet-module/data-aggregator/data-aggregator-server/src/main/java/com/epmet/dataaggre/service/epmettduck/impl/PrPublishRangeServiceImpl.java +++ b/epmet-module/data-aggregator/data-aggregator-server/src/main/java/com/epmet/dataaggre/service/epmettduck/impl/PrPublishRangeServiceImpl.java @@ -125,6 +125,13 @@ public class PrPublishRangeServiceImpl extends BaseServiceImpl getPublishRangeEntity(String projectKey) { + LambdaQueryWrapper wrapper = new LambdaQueryWrapper<>(); + wrapper.eq(PrPublishRangeEntity::getProjectKey, projectKey); + return baseDao.selectList(wrapper); + } + /** * @param orgList * @Description 获取组织范围内的问卷 diff --git a/epmet-module/data-aggregator/data-aggregator-server/src/main/java/com/epmet/dataaggre/service/impl/QuestionnaireServiceImpl.java b/epmet-module/data-aggregator/data-aggregator-server/src/main/java/com/epmet/dataaggre/service/impl/QuestionnaireServiceImpl.java index ad4b5cb6a9..1c6aab452d 100644 --- a/epmet-module/data-aggregator/data-aggregator-server/src/main/java/com/epmet/dataaggre/service/impl/QuestionnaireServiceImpl.java +++ b/epmet-module/data-aggregator/data-aggregator-server/src/main/java/com/epmet/dataaggre/service/impl/QuestionnaireServiceImpl.java @@ -12,6 +12,7 @@ import com.epmet.commons.tools.redis.RedisUtils; import com.epmet.commons.tools.redis.common.CustomerStaffRedis; import com.epmet.commons.tools.utils.Result; import com.epmet.dataaggre.dto.epmettduck.result.PermissionValidateResultDTO; +import com.epmet.dataaggre.entity.epmettduck.PrPublishRangeEntity; import com.epmet.dataaggre.entity.epmettduck.PrUserProjectEntity; import com.epmet.dataaggre.service.QuestionnaireService; import com.epmet.dataaggre.service.epmettduck.PrPublishRangeService; @@ -19,15 +20,22 @@ import com.epmet.dataaggre.service.epmettduck.PrUserProjectService; import com.epmet.dto.CustomerGridDTO; import com.epmet.dto.form.CustomerGridFormDTO; import com.epmet.feign.GovOrgOpenFeignClient; +import lombok.extern.slf4j.Slf4j; +import org.apache.commons.lang3.StringUtils; import org.springframework.beans.factory.annotation.Autowired; import org.springframework.stereotype.Service; +import java.util.ArrayList; import java.util.List; import java.util.UUID; @Service +@Slf4j public class QuestionnaireServiceImpl implements QuestionnaireService, ResultDataResolver { + /** 调查问卷有效期 15min */ + public static final long QUESTIONNAIRE_EXPIRE_SECONDS = 15 * 60; + @Autowired private PrUserProjectService prUserProjectService; @@ -55,10 +63,11 @@ public class QuestionnaireServiceImpl implements QuestionnaireService, ResultDat */ public PermissionValidateResultDTO resiPermissionValidate(String projectKey, String userId, String gridId) { - PrUserProjectEntity projectEntity = prUserProjectService.getProjectEntityBykey(projectKey); - if (!AppClientConstant.APP_RESI.equals(projectEntity.getClient())) { - throw new RenException(EpmetErrorCode.SERVER_ERROR.getCode(), - String.format("【调查问卷详情权限校验】该调查问卷发布端为[%s],当前用户为[%s]", projectEntity.getClient(), AppClientConstant.APP_RESI)); + PrUserProjectEntity project = prUserProjectService.getProjectEntityBykey(projectKey); + if (project == null || !AppClientConstant.APP_RESI.equals(project.getClient())) { + // 工作端只能看到发布到居民端的 + log.warn("【调查问卷】居民端无法查看发布到工作端的调查问卷,staffId:{}, projectKey:{}", userId, projectKey); + return generateValidateResult(userId, projectKey, false); } CustomerGridFormDTO form = new CustomerGridFormDTO(); @@ -67,36 +76,44 @@ public class QuestionnaireServiceImpl implements QuestionnaireService, ResultDat CustomerGridDTO gridInfo = getResultDataOrThrowsException(gridInfoResult, ServiceConstant.GOV_ORG_SERVER, EpmetErrorCode.SERVER_ERROR.getCode(), "【调查问卷】校验访问权限,查询网格信息失败"); // 网格父级ID列表:网格ID(拼接起来,冒号分割) String gridIdPath = gridInfo.getPids().concat(":").concat(gridInfo.getId()); - List rangeList = prPublishRangeService.getRangeOrgList(projectKey); + List publishRangeEntity = prPublishRangeService.getPublishRangeEntity(projectKey); PermissionValidateResultDTO r = new PermissionValidateResultDTO(); - for (String range : rangeList) { - if (gridIdPath.contains(range)) { - r.setPermitted(true); - r.setAccessKey(generateQuestionnaireAccessKey(userId, projectKey)); - return r; + for (PrPublishRangeEntity rangeEntity : publishRangeEntity) { + if (gridIdPath.contains(rangeEntity.getOrgIds())) { + return generateValidateResult(userId, projectKey, true); } } r.setPermitted(false); return r; } - /** - * @description 生成调查问卷accessKey - * - * @param userId - * @param qKey - * @return - * @author wxz - * @date 2021.09.23 17:43:50 - */ - private String generateQuestionnaireAccessKey(String userId, String qKey) { - String accessKey = UUID.randomUUID().toString(); - redisUtils.set(RedisKeys.getQuestionnaireAccessKey(userId, qKey), accessKey); - return accessKey; - } - @Override public PermissionValidateResultDTO govPermissionValidate(String projectKey, String staffId, String customerId) { + PrUserProjectEntity project = prUserProjectService.getProjectEntityBykey(projectKey); + if (project == null || !"gov".equals(project.getClient())) { + // 工作端只能看到发布到工作端的 + log.warn("【调查问卷】工作端无法查看发布到居民端的调查问卷,staffId:{}, projectKey:{}", staffId, projectKey); + return generateValidateResult(staffId, projectKey, false); + } + + List gridRangeOrgIds = new ArrayList<>(); + List agencyRangeOrgIds = new ArrayList<>(); + List deptRangeOrgIds = new ArrayList<>(); + + // 将发布范围分别放到3个不同的列表中 + List publishRangeEntitys = prPublishRangeService.getPublishRangeEntity(projectKey); + publishRangeEntitys.forEach(rangeEntity -> { + if ("grid".equals(rangeEntity.getOrgType())) { + gridRangeOrgIds.add(rangeEntity.getOrgIds()); + } else if ("agency".equals(rangeEntity.getOrgType())) { + agencyRangeOrgIds.add(rangeEntity.getOrgIds()); + } else if ("dept".equals(rangeEntity.getOrgType())) { + deptRangeOrgIds.add(rangeEntity.getOrgIds()); + } else { + throw new RenException(EpmetErrorCode.SERVER_ERROR.getCode(), String.format("【调查问卷】未知的发布范围类型:%s", rangeEntity.getOrgType())); + } + }); + CustomerStaffInfoCacheResult staffInfo = customerStaffRedis.getStaffInfo(customerId, staffId); PermissionValidateResultDTO r = null; //if ("agency".equals(staffInfo.getFromOrgType())) { @@ -110,19 +127,67 @@ public class QuestionnaireServiceImpl implements QuestionnaireService, ResultDat //} String agencyId = staffInfo.getAgencyId(); + String agencyPIds = staffInfo.getAgencyPIds(); + + // 网格范围内的权限判断 + List staffGridList = staffInfo.getGridList(); + for (IdAndNameDTO gridIdAndName : staffGridList) { + // 工作人员所属的 父orgId路径:网格id + String staffGridIdPath = (StringUtils.isEmpty(agencyPIds) ? "" : agencyPIds.concat(":")).concat(agencyId).concat(":").concat(gridIdAndName.getId()); + for (String gridRangeOrgId : gridRangeOrgIds) { + if (staffGridIdPath.contains(gridRangeOrgId)) { + r = generateValidateResult(staffId, projectKey, true); + return r; + } + } + } - List gridList = staffInfo.getGridList(); - for (IdAndNameDTO gridIdAndName : gridList) { + // dept范围内的权限判断 + List staffDeptList = staffInfo.getDeptList(); + for (IdAndNameDTO deptIdAndName : staffDeptList) { + // 工作人员所属的 父orgId路径:网格id + String staffDeptIdPath = (StringUtils.isEmpty(agencyPIds) ? "" : agencyPIds.concat(":")).concat(agencyId).concat(":").concat(deptIdAndName.getId()); + for (String deptRangeOrgIdPath : deptRangeOrgIds) { + if (staffDeptIdPath.contains(deptRangeOrgIdPath)) { + r = generateValidateResult(staffId, projectKey, true); + return r; + } + } + } + // agency范围内的权限判断 + String staffAgencyIdPath = (StringUtils.isEmpty(agencyPIds) ? "" : agencyPIds.concat(":")).concat(agencyId); + for (String agencyRangeOrgId : agencyRangeOrgIds) { + if (staffAgencyIdPath.contains(agencyRangeOrgId)) { + r = generateValidateResult(staffId, projectKey, true); + return r; + } } + // 如果上述范围中都不能判断通过,那么返回一个不通过的结果给到前端 + r = generateValidateResult(staffId, projectKey, false); return r; } - //private CustomerGridDTO getGridInfoById(String gridId) { - // CustomerGridFormDTO gridInfoForm = new CustomerGridFormDTO(); - // gridInfoForm.setGridId(gridId); - // Result result = govOrgOpenFeignClient.getGridBaseInfoByGridId(gridInfoForm); - // return getResultDataOrThrowsException(result, ServiceConstant.GOV_ORG_SERVER, EpmetErrorCode.SERVER_ERROR.getCode(), "【调查问卷】获取网格信息失败"); - //} + /** + * @description 生成权限允许的返回结果 + * + * @param userId + * @param projectKey + * @param permitted 是否允许访问 + * @return + * @author wxz + * @date 2021.09.23 23:19:17 + */ + private PermissionValidateResultDTO generateValidateResult(String userId, String projectKey, Boolean permitted) { + PermissionValidateResultDTO d = new PermissionValidateResultDTO(); + d.setPermitted(permitted); + if (permitted) { + String accessKey = UUID.randomUUID().toString().replace("-", ""); + redisUtils.set(RedisKeys.getQuestionnaireAccessKey(userId, projectKey), accessKey, QUESTIONNAIRE_EXPIRE_SECONDS); + d.setAccessKey(accessKey); + } + return d; + } + }