新增：

【调查问卷】增加问卷访问权限校验接口 /data/aggregator/questionnaire/permission-validate

epmet-module/data-aggregator/data-aggregator-client/src/main/java/com/epmet/dataaggre/dto/epmettduck/form/TDuckDetailFormDTO.java

@@ -31,7 +31,6 @@ public class TDuckDetailFormDTO implements Serializable {
     private Boolean displayType;
 
     /** 当前操作人所在的组织的类型(grid:网格,agency:单位) */
-    @NotBlank(message = "当前操作人所在的Org类型不能为空",groups = { PermissionValidate.class })
     private String orgType;
 
     /** 当前操作人所在的组织的ID(当orgType为grid的时候必填，为agency的时候留空) */

epmet-module/data-aggregator/data-aggregator-server/src/main/java/com/epmet/dataaggre/controller/EpmetTDuckController.java

@@ -170,9 +170,9 @@ public class EpmetTDuckController {
 
         PermissionValidateResultDTO r = null;
         if (AppClientConstant.APP_RESI.equals(app)) {
-            if (StringUtils.isBlank(orgId)) {
+            if (StringUtils.isBlank(orgId) || !"grid".equals(input.getOrgType())) {
                 // 居民端，orgId是网格id，必填
-                throw new ValidateException(EpmetErrorCode.INTERNAL_VALIDATE_ERROR.getCode(), "缺少orgId参数");
+                throw new ValidateException(EpmetErrorCode.INTERNAL_VALIDATE_ERROR.getCode(), "【调查问卷】校验访问权限-居民端 orgId不能为空，且orgType需要为[grid]");
             }
             r = questionnaireService.resiPermissionValidate(projectKey, userId, orgId);
         } else if (AppClientConstant.APP_GOV.equals(app)) {

epmet-module/data-aggregator/data-aggregator-server/src/main/java/com/epmet/dataaggre/service/epmettduck/PrPublishRangeService.java

@@ -102,6 +102,16 @@ public interface PrPublishRangeService extends BaseService<PrPublishRangeEntity>
      */
     List<String> getRangeOrgList(String projectKey);
 
+    /**
+     * @description 使用projectKey查询发布范围entity
+     *
+     * @param projectKey
+     * @return
+     * @author wxz
+     * @date 2021.09.23 23:04:23
+     */
+    List<PrPublishRangeEntity> getPublishRangeEntity(String projectKey);
+
     /**
      * @Description 获取组织范围内的问卷
      * @Param orgList

epmet-module/data-aggregator/data-aggregator-server/src/main/java/com/epmet/dataaggre/service/epmettduck/impl/PrPublishRangeServiceImpl.java

@@ -125,6 +125,13 @@ public class PrPublishRangeServiceImpl extends BaseServiceImpl<PrPublishRangeDao
         return list.stream().map(PrPublishRangeEntity::getOrgId).collect(Collectors.toList());
     }
 
+    @Override
+    public List<PrPublishRangeEntity> getPublishRangeEntity(String projectKey) {
+        LambdaQueryWrapper<PrPublishRangeEntity> wrapper = new LambdaQueryWrapper<>();
+        wrapper.eq(PrPublishRangeEntity::getProjectKey, projectKey);
+        return baseDao.selectList(wrapper);
+    }
+
     /**
      * @param orgList
      * @Description 获取组织范围内的问卷

epmet-module/data-aggregator/data-aggregator-server/src/main/java/com/epmet/dataaggre/service/impl/QuestionnaireServiceImpl.java

@@ -12,6 +12,7 @@ import com.epmet.commons.tools.redis.RedisUtils;
 import com.epmet.commons.tools.redis.common.CustomerStaffRedis;
 import com.epmet.commons.tools.utils.Result;
 import com.epmet.dataaggre.dto.epmettduck.result.PermissionValidateResultDTO;
+import com.epmet.dataaggre.entity.epmettduck.PrPublishRangeEntity;
 import com.epmet.dataaggre.entity.epmettduck.PrUserProjectEntity;
 import com.epmet.dataaggre.service.QuestionnaireService;
 import com.epmet.dataaggre.service.epmettduck.PrPublishRangeService;
@@ -19,15 +20,22 @@ import com.epmet.dataaggre.service.epmettduck.PrUserProjectService;
 import com.epmet.dto.CustomerGridDTO;
 import com.epmet.dto.form.CustomerGridFormDTO;
 import com.epmet.feign.GovOrgOpenFeignClient;
+import lombok.extern.slf4j.Slf4j;
+import org.apache.commons.lang3.StringUtils;
 import org.springframework.beans.factory.annotation.Autowired;
 import org.springframework.stereotype.Service;
 
+import java.util.ArrayList;
 import java.util.List;
 import java.util.UUID;
 
 @Service
+@Slf4j
 public class QuestionnaireServiceImpl implements QuestionnaireService, ResultDataResolver {
 
+    /** 调查问卷有效期  15min */
+    public static final long QUESTIONNAIRE_EXPIRE_SECONDS = 15 * 60;
+
     @Autowired
     private PrUserProjectService prUserProjectService;
 
@@ -55,10 +63,11 @@ public class QuestionnaireServiceImpl implements QuestionnaireService, ResultDat
      */
     public PermissionValidateResultDTO resiPermissionValidate(String projectKey, String userId, String gridId) {
 
-        PrUserProjectEntity projectEntity = prUserProjectService.getProjectEntityBykey(projectKey);
-        if (!AppClientConstant.APP_RESI.equals(projectEntity.getClient())) {
-            throw new RenException(EpmetErrorCode.SERVER_ERROR.getCode(),
-                    String.format("【调查问卷详情权限校验】该调查问卷发布端为[%s]，当前用户为[%s]", projectEntity.getClient(), AppClientConstant.APP_RESI));
+        PrUserProjectEntity project = prUserProjectService.getProjectEntityBykey(projectKey);
+        if (project == null || !AppClientConstant.APP_RESI.equals(project.getClient())) {
+            // 工作端只能看到发布到居民端的
+            log.warn("【调查问卷】居民端无法查看发布到工作端的调查问卷,staffId:{}, projectKey:{}", userId, projectKey);
+            return generateValidateResult(userId, projectKey, false);
         }
 
         CustomerGridFormDTO form = new CustomerGridFormDTO();
@@ -67,36 +76,44 @@ public class QuestionnaireServiceImpl implements QuestionnaireService, ResultDat
         CustomerGridDTO gridInfo = getResultDataOrThrowsException(gridInfoResult, ServiceConstant.GOV_ORG_SERVER, EpmetErrorCode.SERVER_ERROR.getCode(), "【调查问卷】校验访问权限，查询网格信息失败");
         // 网格父级ID列表:网格ID(拼接起来，冒号分割)
         String gridIdPath = gridInfo.getPids().concat(":").concat(gridInfo.getId());
-        List<String> rangeList = prPublishRangeService.getRangeOrgList(projectKey);
+        List<PrPublishRangeEntity> publishRangeEntity = prPublishRangeService.getPublishRangeEntity(projectKey);
         PermissionValidateResultDTO r = new PermissionValidateResultDTO();
-        for (String range : rangeList) {
-            if (gridIdPath.contains(range)) {
-                r.setPermitted(true);
-                r.setAccessKey(generateQuestionnaireAccessKey(userId, projectKey));
-                return r;
+        for (PrPublishRangeEntity rangeEntity : publishRangeEntity) {
+            if (gridIdPath.contains(rangeEntity.getOrgIds())) {
+                return generateValidateResult(userId, projectKey, true);
             }
         }
         r.setPermitted(false);
         return r;
     }
 
-    /**
-     * @description 生成调查问卷accessKey
-     *
-     * @param userId
-     * @param qKey
-     * @return
-     * @author wxz
-     * @date 2021.09.23 17:43:50
-     */
-    private String generateQuestionnaireAccessKey(String userId, String qKey) {
-        String accessKey = UUID.randomUUID().toString();
-        redisUtils.set(RedisKeys.getQuestionnaireAccessKey(userId, qKey), accessKey);
-        return accessKey;
-    }
-
     @Override
     public PermissionValidateResultDTO govPermissionValidate(String projectKey, String staffId, String customerId) {
+        PrUserProjectEntity project = prUserProjectService.getProjectEntityBykey(projectKey);
+        if (project == null || !"gov".equals(project.getClient())) {
+            // 工作端只能看到发布到工作端的
+            log.warn("【调查问卷】工作端无法查看发布到居民端的调查问卷,staffId:{}, projectKey:{}", staffId, projectKey);
+            return generateValidateResult(staffId, projectKey, false);
+        }
+
+        List<String> gridRangeOrgIds = new ArrayList<>();
+        List<String> agencyRangeOrgIds = new ArrayList<>();
+        List<String> deptRangeOrgIds = new ArrayList<>();
+
+        // 将发布范围分别放到3个不同的列表中
+        List<PrPublishRangeEntity> publishRangeEntitys = prPublishRangeService.getPublishRangeEntity(projectKey);
+        publishRangeEntitys.forEach(rangeEntity -> {
+            if ("grid".equals(rangeEntity.getOrgType())) {
+                gridRangeOrgIds.add(rangeEntity.getOrgIds());
+            } else if ("agency".equals(rangeEntity.getOrgType())) {
+                agencyRangeOrgIds.add(rangeEntity.getOrgIds());
+            } else if ("dept".equals(rangeEntity.getOrgType())) {
+                deptRangeOrgIds.add(rangeEntity.getOrgIds());
+            } else {
+                throw new RenException(EpmetErrorCode.SERVER_ERROR.getCode(), String.format("【调查问卷】未知的发布范围类型:%s", rangeEntity.getOrgType()));
+            }
+        });
+
         CustomerStaffInfoCacheResult staffInfo = customerStaffRedis.getStaffInfo(customerId, staffId);
         PermissionValidateResultDTO r = null;
         //if ("agency".equals(staffInfo.getFromOrgType())) {
@@ -110,19 +127,67 @@ public class QuestionnaireServiceImpl implements QuestionnaireService, ResultDat
         //}
 
         String agencyId = staffInfo.getAgencyId();
+        String agencyPIds = staffInfo.getAgencyPIds();
+
+        // 网格范围内的权限判断
+        List<IdAndNameDTO> staffGridList = staffInfo.getGridList();
+        for (IdAndNameDTO gridIdAndName : staffGridList) {
+            // 工作人员所属的 父orgId路径:网格id
+            String staffGridIdPath = (StringUtils.isEmpty(agencyPIds) ? "" : agencyPIds.concat(":")).concat(agencyId).concat(":").concat(gridIdAndName.getId());
+            for (String gridRangeOrgId : gridRangeOrgIds) {
+                if (staffGridIdPath.contains(gridRangeOrgId)) {
+                    r = generateValidateResult(staffId, projectKey, true);
+                    return r;
+                }
+            }
+        }
 
-        List<IdAndNameDTO> gridList = staffInfo.getGridList();
-        for (IdAndNameDTO gridIdAndName : gridList) {
+        // dept范围内的权限判断
+        List<IdAndNameDTO> staffDeptList = staffInfo.getDeptList();
+        for (IdAndNameDTO deptIdAndName : staffDeptList) {
+            // 工作人员所属的 父orgId路径:网格id
+            String staffDeptIdPath = (StringUtils.isEmpty(agencyPIds) ? "" : agencyPIds.concat(":")).concat(agencyId).concat(":").concat(deptIdAndName.getId());
+            for (String deptRangeOrgIdPath : deptRangeOrgIds) {
+                if (staffDeptIdPath.contains(deptRangeOrgIdPath)) {
+                    r = generateValidateResult(staffId, projectKey, true);
+                    return r;
+                }
+            }
+        }
 
+        // agency范围内的权限判断
+        String staffAgencyIdPath = (StringUtils.isEmpty(agencyPIds) ? "" : agencyPIds.concat(":")).concat(agencyId);
+        for (String agencyRangeOrgId : agencyRangeOrgIds) {
+            if (staffAgencyIdPath.contains(agencyRangeOrgId)) {
+                r = generateValidateResult(staffId, projectKey, true);
+                return r;
+            }
         }
 
+        // 如果上述范围中都不能判断通过，那么返回一个不通过的结果给到前端
+        r = generateValidateResult(staffId, projectKey, false);
         return r;
     }
 
-    //private CustomerGridDTO getGridInfoById(String gridId) {
-    //    CustomerGridFormDTO gridInfoForm = new CustomerGridFormDTO();
-    //    gridInfoForm.setGridId(gridId);
-    //    Result<CustomerGridDTO> result = govOrgOpenFeignClient.getGridBaseInfoByGridId(gridInfoForm);
-    //    return getResultDataOrThrowsException(result, ServiceConstant.GOV_ORG_SERVER, EpmetErrorCode.SERVER_ERROR.getCode(), "【调查问卷】获取网格信息失败");
-    //}
+    /**
+     * @description 生成权限允许的返回结果
+     *
+     * @param userId
+     * @param projectKey
+     * @param permitted 是否允许访问
+     * @return
+     * @author wxz
+     * @date 2021.09.23 23:19:17
+     */
+    private PermissionValidateResultDTO generateValidateResult(String userId, String projectKey, Boolean permitted) {
+        PermissionValidateResultDTO d = new PermissionValidateResultDTO();
+        d.setPermitted(permitted);
+        if (permitted) {
+            String accessKey = UUID.randomUUID().toString().replace("-", "");
+            redisUtils.set(RedisKeys.getQuestionnaireAccessKey(userId, projectKey), accessKey, QUESTIONNAIRE_EXPIRE_SECONDS);
+            d.setAccessKey(accessKey);
+        }
+        return d;
+    }
+
 }