Browse Source

1.权限改造

master
wxz 6 years ago
parent
commit
acaaf1edda
  1. 10
      epmet-module/gov-access/gov-access-client/src/main/java/com/epmet/dto/form/ListOpePermsFormDTO.java
  2. 16
      epmet-module/gov-access/gov-access-server/src/main/java/com/epmet/controller/AccessController.java
  3. 2
      epmet-module/gov-access/gov-access-server/src/main/java/com/epmet/feign/EpmetUserFeignClient.java
  4. 2
      epmet-module/gov-access/gov-access-server/src/main/java/com/epmet/feign/GovOrgFeignClient.java
  5. 6
      epmet-module/gov-access/gov-access-server/src/main/java/com/epmet/service/AccessService.java
  6. 145
      epmet-module/gov-access/gov-access-server/src/main/java/com/epmet/service/impl/AccessServiceImpl.java
  7. 10
      epmet-module/gov-mine/gov-mine-server/src/main/java/com/epmet/feign/GovAccessFeignClient.java
  8. 6
      epmet-module/gov-mine/gov-mine-server/src/main/java/com/epmet/feign/fallback/GovAccessFeignClientFallback.java
  9. 257
      epmet-module/gov-mine/gov-mine-server/src/main/java/com/epmet/service/impl/AccessServiceImpl.java
  10. 1
      epmet-module/gov-org/gov-org-server/src/main/java/com/epmet/service/CustomerAgencyService.java

10
epmet-module/gov-access/gov-access-client/src/main/java/com/epmet/dto/form/ListOpePermsFormDTO.java

@ -1,4 +1,14 @@
package com.epmet.dto.form; package com.epmet.dto.form;
import lombok.Data;
import javax.validation.constraints.NotBlank;
@Data
public class ListOpePermsFormDTO { public class ListOpePermsFormDTO {
@NotBlank(message = "用户ID不能为空")
private String staffId;
@NotBlank(message = "当前单位不能为空")
private String currAgencyId;
} }

16
epmet-module/gov-access/gov-access-server/src/main/java/com/epmet/controller/AccessController.java

@ -10,6 +10,7 @@ import com.epmet.service.AccessService;
import org.springframework.beans.factory.annotation.Autowired; import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.web.bind.annotation.*; import org.springframework.web.bind.annotation.*;
import javax.validation.constraints.NotBlank;
import java.util.List; import java.util.List;
import java.util.Set; import java.util.Set;
@ -88,7 +89,7 @@ public class AccessController {
} }
/** /**
* 用户是否具有指定权限 * 用户是否具有指定功能权限
* @return * @return
*/ */
@PostMapping("hasspecifiedpermission") @PostMapping("hasspecifiedpermission")
@ -98,6 +99,19 @@ public class AccessController {
return new Result<Boolean>().ok(hasPermission); return new Result<Boolean>().ok(hasPermission);
} }
/**
* 列出功能权限列表
* @return
*/
@PostMapping("listoperationpermissions")
public Result<Set<String>> listOperationPermissions(@RequestBody ListOpePermsFormDTO listOpePermsFormDTO) {
ValidatorUtils.validateEntity(listOpePermsFormDTO);
String currAgencyId = listOpePermsFormDTO.getCurrAgencyId();
String staffId = listOpePermsFormDTO.getStaffId();
Set<String> operationPermissions = accessService.listOperationPermissions(staffId, currAgencyId);
return new Result<Set<String>>().ok(operationPermissions);
}
/** /**
* 查询sql过滤片段 * 查询sql过滤片段
* @param form * @param form

2
epmet-module/gov-access/gov-access-server/src/main/java/com/epmet/feign/EpmetUserFeignClient.java

@ -1,4 +1,4 @@
package com.epmet.feign.fallback; package com.epmet.feign;
import com.epmet.commons.tools.constant.ServiceConstant; import com.epmet.commons.tools.constant.ServiceConstant;
import com.epmet.commons.tools.utils.Result; import com.epmet.commons.tools.utils.Result;

2
epmet-module/gov-access/gov-access-server/src/main/java/com/epmet/feign/GovOrgFeignClient.java

@ -1,4 +1,4 @@
package com.epmet.feign.fallback; package com.epmet.feign;
import com.epmet.commons.tools.constant.ServiceConstant; import com.epmet.commons.tools.constant.ServiceConstant;
import com.epmet.commons.tools.utils.Result; import com.epmet.commons.tools.utils.Result;

6
epmet-module/gov-access/gov-access-server/src/main/java/com/epmet/service/AccessService.java

@ -50,4 +50,10 @@ public interface AccessService {
* @param form * @param form
*/ */
String getSqlFilterSegment(GetSQLFilterFormDTO form); String getSqlFilterSegment(GetSQLFilterFormDTO form);
/**
* 列出角色的功能权限
* @return
*/
Set<String> listOperationPermissions(String staffId, String currAgencyId);
} }

145
epmet-module/gov-access/gov-access-server/src/main/java/com/epmet/service/impl/AccessServiceImpl.java

@ -8,9 +8,13 @@ import com.epmet.commons.tools.exception.ExceptionUtils;
import com.epmet.commons.tools.exception.RenException; import com.epmet.commons.tools.exception.RenException;
import com.epmet.commons.tools.security.dto.GovTokenDto; import com.epmet.commons.tools.security.dto.GovTokenDto;
import com.epmet.commons.tools.utils.CpUserDetailRedis; import com.epmet.commons.tools.utils.CpUserDetailRedis;
import com.epmet.commons.tools.utils.Result;
import com.epmet.constant.OperationScopeConstant; import com.epmet.constant.OperationScopeConstant;
import com.epmet.dao.OperationScopeDao; import com.epmet.dao.OperationScopeDao;
import com.epmet.dto.CustomerAgencyDTO;
import com.epmet.dto.GovStaffRoleDTO;
import com.epmet.dto.form.GetSQLFilterFormDTO; import com.epmet.dto.form.GetSQLFilterFormDTO;
import com.epmet.dto.form.StaffRoleFormDTO;
import com.epmet.dto.result.RoleOpeScopeResultDTO; import com.epmet.dto.result.RoleOpeScopeResultDTO;
import com.epmet.redis.RoleOpeScopeRedis; import com.epmet.redis.RoleOpeScopeRedis;
import com.epmet.service.AccessService; import com.epmet.service.AccessService;
@ -43,6 +47,16 @@ public class AccessServiceImpl implements AccessService {
@Autowired @Autowired
private RoleOpeScopeRedis roleOpeScopeRedis; private RoleOpeScopeRedis roleOpeScopeRedis;
@Autowired
private GovOrgFeignClient govOrgFeignClient;
@Autowired
private EpmetUserFeignClient userFeignClient;
public static final String ORG_RELATION_SAME = "same";
public static final String ORG_RELATION_SUB = "sub";
public static final String ORG_RELATION_SUP = "sup";
/** /**
* 更新权限缓存 * 更新权限缓存
* @param staffId * @param staffId
@ -423,4 +437,135 @@ public class AccessServiceImpl implements AccessService {
sb.replace(sb.lastIndexOf("OR"), sb.lastIndexOf("OR") + 3, ""); sb.replace(sb.lastIndexOf("OR"), sb.lastIndexOf("OR") + 3, "");
hasConditions.set(true); hasConditions.set(true);
} }
@Override
public Set<String> listOperationPermissions(String staffId, String currAgencyId) {
// 1.拿到所属组织机构信息
Result<CustomerAgencyDTO> agencyByStaffRst = govOrgFeignClient.getAgencyByStaff(staffId);
if (!agencyByStaffRst.success()) {
logger.error("根据StaffId查询所属单位出错,StaffId:{}, 错误信息:{}", staffId, agencyByStaffRst.getMsg());
throw new RenException(EpmetErrorCode.SERVER_ERROR.getCode());
}
CustomerAgencyDTO belongAgency = agencyByStaffRst.getData();
if (belongAgency == null) {
logger.error("根据StaffId查询所属单位结果为空,StaffId:{}", staffId);
throw new RenException(EpmetErrorCode.SERVER_ERROR.getCode());
}
// 2.拿到当前所处机关单位信息
Result<CustomerAgencyDTO> currAgencyRst = govOrgFeignClient.getAgencyById(currAgencyId);
CustomerAgencyDTO currAgencyDto = currAgencyRst.getData();
if (!currAgencyRst.success() || currAgencyDto == null) {
logger.error("根据当前机构id[{}]查询pids失败:{}", currAgencyId, currAgencyRst.getMsg());
throw new RenException(EpmetErrorCode.SERVER_ERROR.getCode());
}
// 查询机关单位中的角色
List<GovStaffRoleDTO> roleDTOS = queryGovStaffRoles(staffId, belongAgency.getId());
// 当前组织和所属组织的orgId路径,以及他们的上下级关系
String belongOrgIdPath = getOrgIdPath(belongAgency);
String currOrgIdPath = getOrgIdPath(currAgencyDto);
String currOrgRelation = getCurrOrgRelation(belongOrgIdPath, currOrgIdPath);
Set<String> filtedOps = new HashSet<>();
roleDTOS.forEach(roleDTO -> {
List<RoleOpeScopeResultDTO> opeAndScopeDTO = listAllRoleOperationScopesByRoleId(roleDTO.getId());
filtedOps.addAll(filterOpesByScope(currOrgRelation, opeAndScopeDTO));
});
return filtedOps;
}
/**
* 获取当前所处机关与所属机关的关系
*/
private String getCurrOrgRelation(String belongOrgPath, String currAgencyPath) {
if (belongOrgPath.equals(currAgencyPath)) {
// 当前机关即该人员所属机关
return ORG_RELATION_SAME;
} else if (currAgencyPath.indexOf(belongOrgPath.concat(":")) > -1) {
// 说明当前所在机关是人员所属机关子级,只取出scope为sub的
return ORG_RELATION_SUB;
} else if (belongOrgPath.indexOf(currAgencyPath.concat(":")) > -1) {
// 说明当前所在机关是人员所属机关的上级
return ORG_RELATION_SUP;
}
return belongOrgPath;
}
/**
* 获取组织的orgId路径
*/
public String getOrgIdPath(CustomerAgencyDTO agency) {
// 拼接单位ID全路径
if ("0".equals(agency.getPid())) {
// 顶级组织
return agency.getId();
} else {
return agency.getPids().concat(":").concat(agency.getId());
}
}
public List<GovStaffRoleDTO> queryGovStaffRoles(String staffId, String orgId) {
List<GovStaffRoleDTO> roleDTOS = new ArrayList<>();
StaffRoleFormDTO formDTO = new StaffRoleFormDTO();
formDTO.setStaffId(staffId);
formDTO.setOrgId(orgId);
Result<List<GovStaffRoleDTO>> gridResult = userFeignClient.getRolesOfStaff(formDTO);
if (!CollectionUtils.isEmpty(gridResult.getData())) {
roleDTOS.addAll(gridResult.getData());
}
return roleDTOS;
}
/**
* 根据上下级关系过滤出要返回的权限列表
*
* @param currOrgRelation
* @param roleOperations
* @return
*/
private HashSet<String> filterOpesByScope(String currOrgRelation, List<RoleOpeScopeResultDTO> roleOperations) {
HashSet<String> opeKeys = new HashSet<>();
for (RoleOpeScopeResultDTO opeScope : roleOperations) {
String scopeKey = opeScope.getScopeKey();
if (OpeScopeConstant.ORG_ALL.equals(scopeKey) || OpeScopeConstant.ALL.equals(scopeKey)) {
// 如果该操作的范围是org_all或者all,不需要根据上下级关系判断,直接返回即可。
opeKeys.add(opeScope.getOperationKey());
continue;
}
if (!opeScope.getSeries().equals(OperationScopeConstant.SERIES_ORG_LEVEL)) {
// 如果不是org_level系列权限,跳过。(如果一个操作没有分配org_level系列权限,那么无法根据所在机构判断是否具有该功能权限)
// 此时不会给前台返回此功能权限。即要求所有操作必须分配至少一个org_level系列权限(如果实在不需要,可以分配成org_all)。
continue;
}
switch (currOrgRelation) {
case ORG_RELATION_SAME:// 就在所在机构下
if (OpeScopeConstant.ORG_CURR.equals(scopeKey)
|| OpeScopeConstant.ORG_CURR_AND_SUB.equals(scopeKey)
|| OpeScopeConstant.ORG_CURR_AND_SUP.equals(scopeKey)) {
opeKeys.add(opeScope.getOperationKey());
}
break;
case ORG_RELATION_SUB:// 所在机构的子级
if (OpeScopeConstant.ORG_CURR_SUB.equals(scopeKey)
|| OpeScopeConstant.ORG_CURR_AND_SUB.equals(scopeKey)) {
opeKeys.add(opeScope.getOperationKey());
}
break;
case ORG_RELATION_SUP:// 所在机构的上级
if (OpeScopeConstant.ORG_CURR_SUP.equals(scopeKey)
|| OpeScopeConstant.ORG_CURR_AND_SUP.equals(scopeKey)) {
opeKeys.add(opeScope.getOperationKey());
}
break;
}
}
return opeKeys;
}
} }

10
epmet-module/gov-mine/gov-mine-server/src/main/java/com/epmet/feign/GovAccessFeignClient.java

@ -3,6 +3,7 @@ package com.epmet.feign;
import com.epmet.commons.tools.constant.ServiceConstant; import com.epmet.commons.tools.constant.ServiceConstant;
import com.epmet.commons.tools.utils.Result; import com.epmet.commons.tools.utils.Result;
import com.epmet.dto.OperationScopeDTO; import com.epmet.dto.OperationScopeDTO;
import com.epmet.dto.form.ListOpePermsFormDTO;
import com.epmet.dto.form.OperationScopeFormDTO; import com.epmet.dto.form.OperationScopeFormDTO;
import com.epmet.dto.form.StaffPermCacheFormDTO; import com.epmet.dto.form.StaffPermCacheFormDTO;
import com.epmet.dto.result.RoleOpeScopeResultDTO; import com.epmet.dto.result.RoleOpeScopeResultDTO;
@ -21,7 +22,7 @@ import java.util.Set;
* @Author sun * @Author sun
*/ */
//url = "localhost:8099" //url = "localhost:8099"
@FeignClient(name = ServiceConstant.GOV_ACCESS_SERVER, fallback = GovAccessFeignClientFallback.class) @FeignClient(name = ServiceConstant.GOV_ACCESS_SERVER, fallback = GovAccessFeignClientFallback.class, url = "localhost:8099")
public interface GovAccessFeignClient { public interface GovAccessFeignClient {
/** /**
@ -55,4 +56,11 @@ public interface GovAccessFeignClient {
@PostMapping("/gov/access/access/roleallopesandscopes/{roleId}") @PostMapping("/gov/access/access/roleallopesandscopes/{roleId}")
Result<List<RoleOpeScopeResultDTO>> listRoleAllOperationScopesByRoleId(@PathVariable("roleId") String roleId); Result<List<RoleOpeScopeResultDTO>> listRoleAllOperationScopesByRoleId(@PathVariable("roleId") String roleId);
/**
* 列出觉得的功能权限列表
* @return
*/
@PostMapping("listoperationpermissions")
Result<Set<String>> listOperationPermissions(@RequestBody ListOpePermsFormDTO listOpePermsFormDTO);
} }

6
epmet-module/gov-mine/gov-mine-server/src/main/java/com/epmet/feign/fallback/GovAccessFeignClientFallback.java

@ -4,6 +4,7 @@ import com.epmet.commons.tools.constant.ServiceConstant;
import com.epmet.commons.tools.utils.ModuleUtils; import com.epmet.commons.tools.utils.ModuleUtils;
import com.epmet.commons.tools.utils.Result; import com.epmet.commons.tools.utils.Result;
import com.epmet.dto.OperationScopeDTO; import com.epmet.dto.OperationScopeDTO;
import com.epmet.dto.form.ListOpePermsFormDTO;
import com.epmet.dto.form.OperationScopeFormDTO; import com.epmet.dto.form.OperationScopeFormDTO;
import com.epmet.dto.form.StaffPermCacheFormDTO; import com.epmet.dto.form.StaffPermCacheFormDTO;
import com.epmet.dto.result.RoleOpeScopeResultDTO; import com.epmet.dto.result.RoleOpeScopeResultDTO;
@ -46,4 +47,9 @@ public class GovAccessFeignClientFallback implements GovAccessFeignClient {
public Result<List<RoleOpeScopeResultDTO>> listRoleAllOperationScopesByRoleId(String roleId) { public Result<List<RoleOpeScopeResultDTO>> listRoleAllOperationScopesByRoleId(String roleId) {
return ModuleUtils.feignConError(ServiceConstant.GOV_ACCESS_SERVER, "listRoleAllOperationScopesByRoleId", roleId); return ModuleUtils.feignConError(ServiceConstant.GOV_ACCESS_SERVER, "listRoleAllOperationScopesByRoleId", roleId);
} }
@Override
public Result<Set<String>> listOperationPermissions(ListOpePermsFormDTO listOpePermsFormDTO) {
return ModuleUtils.feignConError(ServiceConstant.GOV_ACCESS_SERVER, "listOperationPermissions", listOpePermsFormDTO);
}
} }

257
epmet-module/gov-mine/gov-mine-server/src/main/java/com/epmet/service/impl/AccessServiceImpl.java

@ -1,24 +1,15 @@
package com.epmet.service.impl; package com.epmet.service.impl;
import com.epmet.commons.tools.constant.OpeScopeConstant;
import com.epmet.commons.tools.exception.EpmetErrorCode; import com.epmet.commons.tools.exception.EpmetErrorCode;
import com.epmet.commons.tools.exception.RenException; import com.epmet.commons.tools.exception.RenException;
import com.epmet.commons.tools.utils.Result; import com.epmet.commons.tools.utils.Result;
import com.epmet.dto.CustomerAgencyDTO; import com.epmet.dto.form.ListOpePermsFormDTO;
import com.epmet.dto.GovStaffRoleDTO;
import com.epmet.dto.OperationScopeDTO;
import com.epmet.dto.form.StaffRoleFormDTO;
import com.epmet.dto.result.RoleOpeScopeResultDTO;
import com.epmet.feign.EpmetUserFeignClient;
import com.epmet.feign.GovAccessFeignClient; import com.epmet.feign.GovAccessFeignClient;
import com.epmet.feign.GovOrgFeignClient;
import com.epmet.service.AccessService; import com.epmet.service.AccessService;
import org.apache.commons.lang3.StringUtils;
import org.slf4j.Logger; import org.slf4j.Logger;
import org.slf4j.LoggerFactory; import org.slf4j.LoggerFactory;
import org.springframework.beans.factory.annotation.Autowired; import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.stereotype.Service; import org.springframework.stereotype.Service;
import org.springframework.util.CollectionUtils;
import java.util.*; import java.util.*;
@ -27,253 +18,21 @@ public class AccessServiceImpl implements AccessService {
private static Logger logger = LoggerFactory.getLogger(AccessServiceImpl.class); private static Logger logger = LoggerFactory.getLogger(AccessServiceImpl.class);
@Autowired
private EpmetUserFeignClient userFeignClient;
@Autowired @Autowired
private GovAccessFeignClient govAccessFeignClient; private GovAccessFeignClient govAccessFeignClient;
@Autowired
private GovOrgFeignClient govOrgFeignClient;
public static final String ORG_RELATION_SAME = "same";
public static final String ORG_RELATION_SUB = "sub";
public static final String ORG_RELATION_SUP = "sup";
public List<GovStaffRoleDTO> queryGovStaffRoles(String staffId, String orgId) {
List<GovStaffRoleDTO> roleDTOS = new ArrayList<>();
StaffRoleFormDTO formDTO = new StaffRoleFormDTO();
formDTO.setStaffId(staffId);
formDTO.setOrgId(orgId);
Result<List<GovStaffRoleDTO>> gridResult = userFeignClient.getRolesOfStaff(formDTO);
if (!CollectionUtils.isEmpty(gridResult.getData())) {
roleDTOS.addAll(gridResult.getData());
}
return roleDTOS;
}
@Override @Override
public Set<String> listOpeKeysByStaffId(String app, String client, String staffId, String currAgencyId, String currGridId) { public Set<String> listOpeKeysByStaffId(String app, String client, String staffId, String currAgencyId, String currGridId) {
// 1.拿到所属组织机构信息 ListOpePermsFormDTO listOpePermsFormDTO = new ListOpePermsFormDTO();
Result<CustomerAgencyDTO> agencyByStaffRst = govOrgFeignClient.getAgencyByStaff(staffId); listOpePermsFormDTO.setStaffId(staffId);
if (!agencyByStaffRst.success()) { listOpePermsFormDTO.setCurrAgencyId(currAgencyId);
logger.error("根据StaffId查询所属单位出错,StaffId:{}, 错误信息:{}", staffId, agencyByStaffRst.getMsg()); Result<Set<String>> result = govAccessFeignClient.listOperationPermissions(listOpePermsFormDTO);
throw new RenException(EpmetErrorCode.SERVER_ERROR.getCode()); if (!result.success()) {
} logger.error("调用GovAccess服务查询功能权限列表失败,StaffId:{},错误信息:{}", staffId, result.getMsg());
CustomerAgencyDTO belongAgency = agencyByStaffRst.getData();
if (belongAgency == null) {
logger.error("根据StaffId查询所属单位结果为空,StaffId:{}", staffId);
throw new RenException(EpmetErrorCode.SERVER_ERROR.getCode());
}
// 2.拿到当前所处机关单位信息
Result<CustomerAgencyDTO> currAgencyRst = govOrgFeignClient.getAgencyById(currAgencyId);
CustomerAgencyDTO currAgencyDto = currAgencyRst.getData();
if (!currAgencyRst.success() || currAgencyDto == null) {
logger.error("根据当前机构id[{}]查询pids失败:{}", currAgencyId, currAgencyRst.getMsg());
throw new RenException(EpmetErrorCode.SERVER_ERROR.getCode()); throw new RenException(EpmetErrorCode.SERVER_ERROR.getCode());
} }
// 拿到该用户所属的组织机构的orgIdPath,拿到当前组织机构的orgIdPath,看当前组织机构的orgIdPath是否在用户所属的组织机构的orgIdPath下 return result.getData();
// 查询机关单位中的角色
List<GovStaffRoleDTO> roleDTOS = queryGovStaffRoles(staffId, belongAgency.getId());
// 拼装操作key列表
//Set<String> opeKeys = new HashSet<>();
// 角色ID列表
//Set<String> roleIds = new HashSet<>();
// 当前组织和所属组织的orgId路径,以及他们的上下级关系
String belongOrgIdPath = getOrgIdPath(belongAgency);
String currOrgIdPath = getOrgIdPath(currAgencyDto);
String currOrgRelation = getCurrOrgRelation(belongOrgIdPath, currOrgIdPath);
HashSet<String> filtedOps = new HashSet<>();
roleDTOS.forEach(roleDto -> {
String roleId = roleDto.getId();
// 找出该角色的所有功能操作列表
Result<List<RoleOpeScopeResultDTO>> result = govAccessFeignClient.listRoleAllOperationScopesByRoleId(roleId);
if (!result.success()) {
// 获取operation异常
logger.error("调用GovAccess,根据RoleId查询Operation列表失败:{}", result.getMsg());
throw new RenException(EpmetErrorCode.SERVER_ERROR.getCode());
}
List<RoleOpeScopeResultDTO> roleOperations = result.getData();
filtedOps.addAll(filterOpesByScope(currOrgRelation, roleOperations));
});
return filtedOps;
}
/**
* 根据上下级关系过滤出要返回的权限列表
*
* @param currOrgRelation
* @param roleOperations
* @return
*/
private HashSet<String> filterOpesByScope(String currOrgRelation, List<RoleOpeScopeResultDTO> roleOperations) {
HashSet<String> opeKeys = new HashSet<>();
for (RoleOpeScopeResultDTO opeScope : roleOperations) {
String scopeKey = opeScope.getScopeKey();
if (OpeScopeConstant.ORG_ALL.equals(scopeKey)) {
// 如果该操作的范围是org_all,那就具有所有范围的该操作权限,不需要根据上下级关系判断
opeKeys.add(opeScope.getOperationKey());
continue;
}
switch (currOrgRelation) {
case ORG_RELATION_SAME:// 就在所在机构下
if (OpeScopeConstant.ORG_CURR.equals(scopeKey)
|| OpeScopeConstant.ORG_CURR_AND_SUB.equals(scopeKey)
|| OpeScopeConstant.ORG_CURR_AND_SUP.equals(scopeKey)) {
opeKeys.add(opeScope.getOperationKey());
}
break;
case ORG_RELATION_SUB:// 所在机构的子级
if (OpeScopeConstant.ORG_CURR_SUB.equals(scopeKey)
|| OpeScopeConstant.ORG_CURR_AND_SUB.equals(scopeKey)) {
opeKeys.add(opeScope.getOperationKey());
}
break;
case ORG_RELATION_SUP:// 所在机构的上级
if (OpeScopeConstant.ORG_CURR_SUP.equals(scopeKey)
|| OpeScopeConstant.ORG_CURR_AND_SUP.equals(scopeKey)) {
opeKeys.add(opeScope.getOperationKey());
}
break;
}
}
return opeKeys;
}
/**
* 获取当前所处机关与所属机关的关系
*/
private String getCurrOrgRelation(String belongOrgPath, String currAgencyPath) {
if (belongOrgPath.equals(currAgencyPath)) {
// 当前机关即该人员所属机关
return ORG_RELATION_SAME;
} else if (currAgencyPath.indexOf(belongOrgPath.concat(":")) > -1) {
// 说明当前所在机关是人员所属机关子级,只取出scope为sub的
return ORG_RELATION_SUB;
} else if (belongOrgPath.indexOf(currAgencyPath.concat(":")) > -1) {
// 说明当前所在机关是人员所属机关的上级
return ORG_RELATION_SUP;
}
return belongOrgPath;
}
/**
* 获取组织的orgId路径
*/
public String getOrgIdPath(CustomerAgencyDTO agency) {
// 拼接单位ID全路径
if ("0".equals(agency.getPid())) {
// 顶级组织
return agency.getId();
} else {
return agency.getPids().concat(":").concat(agency.getId());
}
}
//private boolean filterCurrOrgKeysByScope(Set<String> roleIds, String opeKey) {
// for (String roleId : roleIds) {
// Result<Set<RoleOpeScopeResultDTO>> result = govAccessFeignClient.listRoleAllOperationScopesByRoleId(roleId);
// if (!result.success()) {
// continue;
// }
// Set<RoleOpeScopeResultDTO> scopeDTOS = result.getData();
// Set<String> scopeKeys = scopeDTOS.stream()
// .filter(scope -> scope.getScopeKey().equals(opeKey))
// .map(scope -> scope.getScopeKey())
// .collect(Collectors.toSet());
// if (scopeKeys.contains(OpeScopeConstant.ORG_CURR)
// || scopeKeys.contains(OpeScopeConstant.ORG_CURR_AND_SUB)
// || scopeKeys.contains(OpeScopeConstant.ORG_CURR_AND_SUP)) {
// return true;
// }
// }
// return false;
//}
//private boolean filterSubOrgKeysByScope(Set<String> roleIds, String opeKey) {
// for (String roleId : roleIds) {
// OperationScopeFormDTO opeScopeFormDTO = new OperationScopeFormDTO();
// opeScopeFormDTO.setRoleId(roleId);
// opeScopeFormDTO.setOperationKey(opeKey);
// Result<Set<OperationScopeDTO>> result = govAccessFeignClient.getOperationScopesByRoleId(opeScopeFormDTO);
// if (!result.success()) {
// continue;
// }
//
// Set<OperationScopeDTO> scopeDTOS = result.getData();
// Set<String> scopeKeys = scopeDTOS.stream().map(scope -> scope.getScopeKey()).collect(Collectors.toSet());
// if (scopeKeys.contains(OpeScopeConstant.ORG_CURR_SUB)
// || scopeKeys.contains(OpeScopeConstant.ORG_CURR_AND_SUB)) {
// return true;
// }
// }
// return false;
//}
//private boolean filterSupOrgKeysByScope(Set<String> roleIds, String opeKey) {
// for (String roleId : roleIds) {
// OperationScopeFormDTO opeScopeFormDTO = new OperationScopeFormDTO();
// opeScopeFormDTO.setRoleId(roleId);
// opeScopeFormDTO.setOperationKey(opeKey);
// Result<Set<OperationScopeDTO>> result = govAccessFeignClient.getOperationScopesByRoleId(opeScopeFormDTO);
// if (!result.success()) {
// continue;
// }
//
// Set<OperationScopeDTO> scopeDTOS = result.getData();
// Set<String> scopeKeys = scopeDTOS.stream().map(scope -> scope.getScopeKey()).collect(Collectors.toSet());
// if (scopeKeys.contains(OpeScopeConstant.ORG_CURR_SUP)
// || scopeKeys.contains(OpeScopeConstant.ORG_CURR_AND_SUP)) {
// return true;
// }
// }
// return false;
//}
/**
* 过滤有效范围
*
* @param scopeDTOS
* @return
*/
private HashSet<String> filteScopes(Set<OperationScopeDTO> scopeDTOS) {
HashMap<String, OperationScopeDTO> filtedScopes = new HashMap<>();
for (OperationScopeDTO scope : scopeDTOS) {
String scopeIndex = scope.getScopeIndex();
if (StringUtils.isBlank(scopeIndex)) {
continue;
}
String[] currArr = scopeIndex.split("_");
if ("0".equals(currArr[1])) {
// 为0,说明没有包含关系,直接放入
filtedScopes.put(scopeIndex, scope);
continue;
}
OperationScopeDTO tempScope = filtedScopes.get(currArr[0]);
if (tempScope != null) {
// 已经有ac开头的了
String tempScopeIndex = tempScope.getScopeIndex();
if (Integer.valueOf(currArr[1]) < Integer.valueOf(tempScopeIndex.split("_")[1])) {
filtedScopes.put(currArr[0], scope);
}
} else {
filtedScopes.put(currArr[0], scope);
}
}
HashSet<String> scopeStrs = new HashSet<>();
Set<Map.Entry<String, OperationScopeDTO>> entries = filtedScopes.entrySet();
for (Map.Entry<String, OperationScopeDTO> entry : entries) {
scopeStrs.add(entry.getValue().getScopeKey());
}
return scopeStrs;
} }
} }

1
epmet-module/gov-org/gov-org-server/src/main/java/com/epmet/service/CustomerAgencyService.java

@ -22,7 +22,6 @@ import com.epmet.commons.tools.page.PageData;
import com.epmet.commons.tools.utils.Result; import com.epmet.commons.tools.utils.Result;
import com.epmet.dto.CustomerAgencyDTO; import com.epmet.dto.CustomerAgencyDTO;
import com.epmet.dto.form.AgencyDeptGridFormDTO; import com.epmet.dto.form.AgencyDeptGridFormDTO;
import com.epmet.dto.form.CanTickStaffListFormDTO;
import com.epmet.dto.form.StaffOrgFormDTO; import com.epmet.dto.form.StaffOrgFormDTO;
import com.epmet.dto.result.*; import com.epmet.dto.result.*;
import com.epmet.entity.CustomerAgencyEntity; import com.epmet.entity.CustomerAgencyEntity;

Loading…
Cancel
Save