diff --git a/epmet-admin/epmet-admin-server/src/test/java/io/renren/service/DynamicDataSourceTest.java b/epmet-admin/epmet-admin-server/src/test/java/io/renren/service/DynamicDataSourceTest.java index 823c7bb233..22069ffd12 100644 --- a/epmet-admin/epmet-admin-server/src/test/java/io/renren/service/DynamicDataSourceTest.java +++ b/epmet-admin/epmet-admin-server/src/test/java/io/renren/service/DynamicDataSourceTest.java @@ -1,48 +1,48 @@ -/** - * Copyright 2018 人人开源 https://www.renren.io - *

- * This program is free software: you can redistribute it and/or modify - * it under the terms of the GNU General Public License as published by - * the Free Software Foundation, either version 3 of the License, or - * (at your option) any later version. - *

- * This program is distributed in the hope that it will be useful, - * but WITHOUT ANY WARRANTY; without even the implied warranty of - * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the - * GNU General Public License for more details. - *

- * You should have received a copy of the GNU General Public License - * along with this program. If not, see . - */ - -package com.epmet.service; - -import org.junit.Test; -import org.junit.runner.RunWith; -import org.springframework.beans.factory.annotation.Autowired; -import org.springframework.boot.test.context.SpringBootTest; -import org.springframework.test.context.junit4.SpringRunner; - -/** - * 多数据源测试 - * - * @author Mark sunlightcs@gmail.com - * @since 1.0.0 - */ -@RunWith(SpringRunner.class) -@SpringBootTest -public class DynamicDataSourceTest { - @Autowired - private DynamicDataSourceTestService dynamicDataSourceTestService; - - @Test - public void test(){ - Long id = 1067246875800000001L; - dynamicDataSourceTestService.selectById(id); - dynamicDataSourceTestService.updateUser(id); - dynamicDataSourceTestService.updateUserBySlave1(id); - dynamicDataSourceTestService.updateUserBySlave2(id); - } - - -} +///** +// * Copyright 2018 人人开源 https://www.renren.io +// *

+// * This program is free software: you can redistribute it and/or modify +// * it under the terms of the GNU General Public License as published by +// * the Free Software Foundation, either version 3 of the License, or +// * (at your option) any later version. +// *

+// * This program is distributed in the hope that it will be useful, +// * but WITHOUT ANY WARRANTY; without even the implied warranty of +// * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +// * GNU General Public License for more details. +// *

+// * You should have received a copy of the GNU General Public License +// * along with this program. If not, see . +// */ +// +//package com.epmet.service; +// +//import org.junit.Test; +//import org.junit.runner.RunWith; +//import org.springframework.beans.factory.annotation.Autowired; +//import org.springframework.boot.test.context.SpringBootTest; +//import org.springframework.test.context.junit4.SpringRunner; +// +///** +// * 多数据源测试 +// * +// * @author Mark sunlightcs@gmail.com +// * @since 1.0.0 +// */ +//@RunWith(SpringRunner.class) +//@SpringBootTest +//public class DynamicDataSourceTest { +// @Autowired +// private com.epmet.service.DynamicDataSourceTestService dynamicDataSourceTestService; +// +// @Test +// public void test(){ +// Long id = 1067246875800000001L; +// dynamicDataSourceTestService.selectById(id); +// dynamicDataSourceTestService.updateUser(id); +// dynamicDataSourceTestService.updateUserBySlave1(id); +// dynamicDataSourceTestService.updateUserBySlave2(id); +// } +// +// +//} diff --git a/epmet-auth/src/main/java/com/epmet/feign/GovOrgFeignClient.java b/epmet-auth/src/main/java/com/epmet/feign/GovOrgFeignClient.java index 527db417ef..27c596f0de 100644 --- a/epmet-auth/src/main/java/com/epmet/feign/GovOrgFeignClient.java +++ b/epmet-auth/src/main/java/com/epmet/feign/GovOrgFeignClient.java @@ -3,10 +3,12 @@ package com.epmet.feign; import com.epmet.commons.tools.constant.ServiceConstant; import com.epmet.commons.tools.utils.Result; import com.epmet.dto.form.StaffOrgFormDTO; +import com.epmet.dto.result.DepartmentListResultDTO; import com.epmet.dto.result.StaffOrgsResultDTO; import com.epmet.feign.fallback.GovOrgFeignClientFallback; import org.springframework.cloud.openfeign.FeignClient; import org.springframework.http.MediaType; +import org.springframework.web.bind.annotation.PathVariable; import org.springframework.web.bind.annotation.PostMapping; import java.util.List; @@ -27,4 +29,12 @@ public interface GovOrgFeignClient { **/ @PostMapping(value = "/gov/org/customeragency/getStaffOrgList",consumes = MediaType.APPLICATION_JSON_VALUE) Result> getStaffOrgList(StaffOrgFormDTO staffOrgFormDTO); + + /** + * 查询人员部门列表 + * @param staffId + * @return + */ + @PostMapping("/gov/org/department/staff/{staffId}/departmentlist") + Result> getDepartmentListByStaffId(@PathVariable("staffId") String staffId); } diff --git a/epmet-auth/src/main/java/com/epmet/feign/fallback/GovOrgFeignClientFallback.java b/epmet-auth/src/main/java/com/epmet/feign/fallback/GovOrgFeignClientFallback.java index a1ccd0bdf0..0e42e2436f 100644 --- a/epmet-auth/src/main/java/com/epmet/feign/fallback/GovOrgFeignClientFallback.java +++ b/epmet-auth/src/main/java/com/epmet/feign/fallback/GovOrgFeignClientFallback.java @@ -4,6 +4,7 @@ import com.epmet.commons.tools.constant.ServiceConstant; import com.epmet.commons.tools.utils.ModuleUtils; import com.epmet.commons.tools.utils.Result; import com.epmet.dto.form.StaffOrgFormDTO; +import com.epmet.dto.result.DepartmentListResultDTO; import com.epmet.dto.result.StaffOrgsResultDTO; import com.epmet.feign.GovOrgFeignClient; import org.springframework.stereotype.Component; @@ -22,5 +23,10 @@ public class GovOrgFeignClientFallback implements GovOrgFeignClient { public Result> getStaffOrgList(StaffOrgFormDTO staffOrgFormDTO) { return ModuleUtils.feignConError(ServiceConstant.GOV_ORG_SERVER, "getStaffOrgList", staffOrgFormDTO); } + + @Override + public Result> getDepartmentListByStaffId(String staffId) { + return ModuleUtils.feignConError(ServiceConstant.GOV_ORG_SERVER, "getDepartmentListByStaffId", staffId); + } } diff --git a/epmet-auth/src/main/java/com/epmet/service/impl/GovLoginServiceImpl.java b/epmet-auth/src/main/java/com/epmet/service/impl/GovLoginServiceImpl.java index 35ce90b25c..6b5fc2914d 100644 --- a/epmet-auth/src/main/java/com/epmet/service/impl/GovLoginServiceImpl.java +++ b/epmet-auth/src/main/java/com/epmet/service/impl/GovLoginServiceImpl.java @@ -3,6 +3,7 @@ package com.epmet.service.impl; import cn.binarywang.wx.miniapp.bean.WxMaJscode2SessionResult; import com.epmet.common.token.constant.LoginConstant; import com.epmet.commons.tools.exception.EpmetErrorCode; +import com.epmet.commons.tools.exception.ExceptionUtils; import com.epmet.commons.tools.exception.RenException; import com.epmet.commons.tools.security.dto.GovTokenDto; import com.epmet.commons.tools.security.dto.TokenDto; @@ -12,6 +13,7 @@ import com.epmet.commons.tools.utils.Result; import com.epmet.commons.tools.validator.PhoneValidatorUtils; import com.epmet.dto.CustomerStaffDTO; import com.epmet.dto.form.*; +import com.epmet.dto.result.DepartmentListResultDTO; import com.epmet.dto.result.StaffLatestAgencyResultDTO; import com.epmet.dto.result.StaffOrgsResultDTO; import com.epmet.dto.result.UserTokenResultDTO; @@ -27,11 +29,10 @@ import org.slf4j.Logger; import org.slf4j.LoggerFactory; import org.springframework.beans.factory.annotation.Autowired; import org.springframework.stereotype.Service; +import org.springframework.util.CollectionUtils; -import java.util.ArrayList; -import java.util.HashMap; -import java.util.List; -import java.util.Map; +import java.util.*; +import java.util.stream.Collectors; /** * @Description 政府端登录服务 @@ -166,6 +167,22 @@ public class GovLoginServiceImpl implements GovLoginService { govTokenDto.setExpireTime(jwtTokenUtils.getExpiration(token).getTime()); govTokenDto.setAgencyId(staffLatestAgency.getAgencyId()); govTokenDto.setCustomerId(staffLatestAgency.getCustomerId()); + + try { + Result> deptListResult = govOrgFeignClient.getDepartmentListByStaffId(staffLatestAgency.getStaffId()); + if (deptListResult.success()) { + if (!CollectionUtils.isEmpty(deptListResult.getData())) { + Set deptIdLists = deptListResult.getData().stream().map(dept -> dept.getDepartmentId()).collect(Collectors.toSet()); + govTokenDto.setDeptIdList(deptIdLists); + } + } else { + logger.error("登录:查询部门列表,远程调用返回错误:{}", deptListResult.getMsg()); + } + } catch (Exception e) { + String errorStackTrace = ExceptionUtils.getErrorStackTrace(e); + logger.error("登录:查询部门列表异常:{}", errorStackTrace); + } + cpUserDetailRedis.set(govTokenDto, expire); logger.info("截止时间:" + DateUtils.format(jwtTokenUtils.getExpiration(token), "yyyy-MM-dd HH:mm:ss")); } diff --git a/epmet-auth/src/test/java/com/epmet/TokenGenTest.java b/epmet-auth/src/test/java/com/epmet/TokenGenTest.java index 3368e2d1cf..60f7654b22 100644 --- a/epmet-auth/src/test/java/com/epmet/TokenGenTest.java +++ b/epmet-auth/src/test/java/com/epmet/TokenGenTest.java @@ -11,7 +11,9 @@ import org.springframework.beans.factory.annotation.Autowired; import org.springframework.boot.test.context.SpringBootTest; import org.springframework.test.context.junit4.SpringRunner; +import java.util.Arrays; import java.util.HashMap; +import java.util.HashSet; import java.util.Map; @RunWith(SpringRunner.class) @@ -43,6 +45,7 @@ public class TokenGenTest { govTokenDto.setUpdateTime(System.currentTimeMillis()); govTokenDto.setExpireTime(jwtTokenUtils.getExpiration(tokenStr).getTime()); govTokenDto.setAgencyId("1"); + govTokenDto.setDeptIdList(new HashSet<>(Arrays.asList("1","2","3"))); govTokenDto.setCustomerId("f76def116c9c2dc0269cc17867af122c"); cpUserDetailRedis.set(govTokenDto, expire); } diff --git a/epmet-commons/epmet-commons-mybatis/src/main/java/com/epmet/commons/mybatis/aspect/DataFilterAspect.java b/epmet-commons/epmet-commons-mybatis/src/main/java/com/epmet/commons/mybatis/aspect/DataFilterAspect.java index 13910a6f3a..382e268146 100644 --- a/epmet-commons/epmet-commons-mybatis/src/main/java/com/epmet/commons/mybatis/aspect/DataFilterAspect.java +++ b/epmet-commons/epmet-commons-mybatis/src/main/java/com/epmet/commons/mybatis/aspect/DataFilterAspect.java @@ -9,13 +9,12 @@ package com.epmet.commons.mybatis.aspect; import com.epmet.commons.mybatis.annotation.DataFilter; +import com.epmet.commons.mybatis.constant.AccessSettingConstant; import com.epmet.commons.mybatis.constant.OpeScopeConstant; -import com.epmet.commons.mybatis.dto.form.OperationScopeDTO; -import com.epmet.commons.mybatis.dto.form.OperationScopeFormDTO; -import com.epmet.commons.mybatis.dto.form.StaffPermCacheResultDTO; -import com.epmet.commons.mybatis.dto.form.StaffPermissionFormDTO; +import com.epmet.commons.mybatis.dto.form.*; import com.epmet.commons.mybatis.entity.DataScope; import com.epmet.commons.mybatis.feign.GovAccessFeignClient; +import com.epmet.commons.mybatis.feign.GovOrgFeignClient; import com.epmet.commons.tools.aspect.AccessOpeAspect; import com.epmet.commons.tools.exception.EpmetErrorCode; import com.epmet.commons.tools.exception.RenException; @@ -46,12 +45,20 @@ public class DataFilterAspect { private static final Logger log = LoggerFactory.getLogger(DataFilterAspect.class); + /** + * 线程变量,记录是否已经添加了至少一个过滤条件 + */ + private static final ThreadLocal hasConditions = new ThreadLocal(); + @Autowired private LoginUserUtil loginUserUtil; @Autowired private GovAccessFeignClient govAccessFeignClient; + @Autowired + private GovOrgFeignClient govOrgFeignClient; + public static final String orgIdPathSpliter = ":"; @Before("@annotation(com.epmet.commons.mybatis.annotation.DataFilter)") @@ -94,22 +101,20 @@ public class DataFilterAspect { // 校验操作权限 validateOpePermission(permCacheResultDTO.getPermissions(), requirePermission); + hasConditions.set(false); + // 生成过滤sql + String sqlFilterSegment = getSqlFilterSegment(userId, permCacheResultDTO.getRoleIdList(), requirePermission, + permCacheResultDTO.getOrgIdPath(), permCacheResultDTO.getGridId(), tableAlias, permCacheResultDTO.getDeptIdList()); + + // 填充到Service方法列表中的DataScope对象中 Object[] methodArgs = point.getArgs(); for (Object methodArg : methodArgs) { if (methodArg instanceof DataScope) { - ((DataScope) methodArg).setSqlFilter(getSqlFilterSegment( - userId, - permCacheResultDTO.getRoleIdList(), - requirePermission, - permCacheResultDTO.getOrgIdPath(), - permCacheResultDTO.getGridId(), - tableAlias)); + ((DataScope) methodArg).setSqlFilter(sqlFilterSegment); return; } } - - //throw new RenException(ErrorCode.DATA_SCOPE_PARAMS_ERROR); } /** @@ -128,89 +133,149 @@ public class DataFilterAspect { * * @return */ - private String getSqlFilterSegment(String userId,Set roleIds, String reqiurePermission, String orgIdPath, String gridId, String tableAlias) { - // 根据角色列表查询操作范围列表 - Set scopeDTOS = new HashSet<>(); - roleIds.forEach(roleId -> { - OperationScopeFormDTO osformDto = new OperationScopeFormDTO(); - osformDto.setRoleId(roleId); - osformDto.setOperationKey(reqiurePermission); - Result> result = govAccessFeignClient.getOperationScopesByRoleId(osformDto); - if (result.success()) { - scopeDTOS.addAll(result.getData()); - } - }); + private String getSqlFilterSegment(String userId, Set roleIds, String reqiurePermission, String orgIdPath, + String gridId, String tableAlias, Set deptIds) { - // 过滤范围 - HashSet scopes = filteScopes(scopeDTOS); - if (CollectionUtils.isEmpty(scopes)) { - // 没有范围限制 - return ""; - } StringBuilder sb = new StringBuilder(); + Map accessSettings = listRoleAccessSettings(roleIds); + // 1.生成sql:组织范围过滤 - genOrgScopeSql(sb, orgIdPath, scopes, tableAlias); + genOrgScopeSql(sb, orgIdPath, roleIds, reqiurePermission, tableAlias); // 2.生成sql:我发起的 - genIStartedSql(sb, userId, tableAlias); + String iCreated = accessSettings.get(AccessSettingConstant.I_CREATED_KEY); + if (StringUtils.isNotBlank(iCreated) && AccessSettingConstant.I_CREATED_YES.equals(iCreated)) { + genICreatedSql(sb, userId, tableAlias); + } // 3.生成sql:本网格的 - genInGrid(sb, gridId, tableAlias); + String inGrid = accessSettings.get(AccessSettingConstant.IN_GRID_KEY); + if (StringUtils.isNotBlank(inGrid) && AccessSettingConstant.IN_GRID_YES.equals(inGrid)) { + genInGrid(sb, gridId, tableAlias); + } + + // 4.生成sql:根据部门列表 + String inDept = accessSettings.get(AccessSettingConstant.IN_DEPARTMENT_KEY); + if (StringUtils.isNotBlank(inDept) && AccessSettingConstant.IN_DEPARTMENT_YES.equals(inDept)) { + genDepartmentFilterSql(sb, deptIds); + } - //sb.append(")"); - System.out.println("生成的过滤sql:" + sb.toString()); return sb.toString(); } + /** + * 列出角色对应的权限设置项 + * @param roleIds + * @return + */ + private Map listRoleAccessSettings(Set roleIds) { + Map settings = new HashMap<>(); + roleIds.forEach(roleId -> { + settings.putAll(listRoleAccessSettings(roleId)); + }); + return settings; + } + + private Map listRoleAccessSettings(String roleId) { + Result> result = govAccessFeignClient.listAccessSettings(roleId); + if (result.success()) { + return result.getData(); + } else { + log.error("角色[{}]查询权限配置AccessSettings失败:{}", roleId, result.getMsg()); + } + return new HashMap<>(); + } + /** + * 生成部门过滤sql + * + * @param sb + */ + private void genDepartmentFilterSql(StringBuilder sb, Set deptIdList) { + //Result> deptListResult = govOrgFeignClient.getDepartmentListByStaffId(staffId); + if (CollectionUtils.isEmpty(deptIdList)) { + return; + } + deptIdList.forEach(deptId -> { + sb.append(hasConditions.get() ? " OR " : "").append(" DEPARTMENT_ID = '").append(deptId).append("' "); + }); + hasConditions.set(true); + } + /** * 网格sql + * * @param sb * @param gridId * @param tableAlias */ private void genInGrid(StringBuilder sb, String gridId, String tableAlias) { if (StringUtils.isBlank(tableAlias)) { - sb.append(" OR GRID_ID ='").append(gridId).append("'"); + sb.append(hasConditions.get() ? " OR " : "").append(" GRID_ID ='").append(gridId).append("' "); } else { - sb.append(" OR ").append(tableAlias).append(".GRID_ID ='").append(gridId).append("'"); + sb.append(hasConditions.get() ? " OR " : "").append(tableAlias).append(".GRID_ID ='").append(gridId).append("' "); } + hasConditions.set(true); } /** * sql:我发起的 + * * @param userId */ - private void genIStartedSql(StringBuilder sb, String userId, String tableAlias) { + private void genICreatedSql(StringBuilder sb, String userId, String tableAlias) { if (StringUtils.isBlank(tableAlias)) { - sb.append(" OR CREATED_BY ='").append(userId).append("'"); + sb.append(hasConditions.get() ? " OR " : " ").append(" CREATED_BY ='").append(userId).append("'"); } else { - sb.append(" OR ").append(tableAlias).append(".CREATED_BY ='").append(userId).append("'"); + sb.append(hasConditions.get() ? " OR " : " ").append(tableAlias).append(".CREATED_BY ='").append(userId).append("'"); } + hasConditions.set(true); } /** * 计算组织范围过滤sql,整体入口 + * * @param sb * @param orgIdPath - * @param scopes */ - public void genOrgScopeSql(StringBuilder sb, String orgIdPath, HashSet scopes, String tableAlias) { + public void genOrgScopeSql(StringBuilder sb, String orgIdPath, Set roleIds, String reqiurePermission, String tableAlias) { + + // 根据角色列表查询操作范围列表 + Set scopeDTOS = new HashSet<>(); + roleIds.forEach(roleId -> { + OperationScopeFormDTO osformDto = new OperationScopeFormDTO(); + osformDto.setRoleId(roleId); + osformDto.setOperationKey(reqiurePermission); + Result> result = govAccessFeignClient.getOperationScopesByRoleId(osformDto); + if (result.success()) { + scopeDTOS.addAll(result.getData()); + } + }); + + // 过滤范围 + HashSet scopes = filteScopes(scopeDTOS); + if (CollectionUtils.isEmpty(scopes)) { + // 没有范围限制 + return; + } + // 取出父组织ID path 和当前组织ID String pOrgPath = orgIdPath.substring(0, orgIdPath.lastIndexOf(orgIdPathSpliter)); String currOrgPath = orgIdPath.substring(orgIdPath.lastIndexOf(orgIdPathSpliter) + 1); genOrgScopeSql(sb, scopes, currOrgPath, pOrgPath, tableAlias); sb.replace(sb.lastIndexOf("OR"), sb.lastIndexOf("OR") + 3, ""); + hasConditions.set(true); } /** * 计算组织范围过滤sql + * * @param scopes * @param currOrg * @param pOrgPath * @return */ - private void genOrgScopeSql(StringBuilder sb,HashSet scopes, String currOrg, String pOrgPath, String tableAlias) { + private void genOrgScopeSql(StringBuilder sb, HashSet scopes, String currOrg, String pOrgPath, String tableAlias) { for (String scope : scopes) { switch (scope) { case OpeScopeConstant.ORG_CURR: @@ -261,6 +326,9 @@ public class DataFilterAspect { for (OperationScopeDTO scope : scopeDTOS) { String scopeIndex = scope.getScopeIndex(); + if (StringUtils.isBlank(scopeIndex)) { + continue; + } String[] currArr = scopeIndex.split("_"); if ("0".equals(currArr[1])) { // 为0,说明没有包含关系,直接放入 diff --git a/epmet-commons/epmet-commons-mybatis/src/main/java/com/epmet/commons/mybatis/constant/AccessSettingConstant.java b/epmet-commons/epmet-commons-mybatis/src/main/java/com/epmet/commons/mybatis/constant/AccessSettingConstant.java new file mode 100644 index 0000000000..4ccb9a8b41 --- /dev/null +++ b/epmet-commons/epmet-commons-mybatis/src/main/java/com/epmet/commons/mybatis/constant/AccessSettingConstant.java @@ -0,0 +1,15 @@ +package com.epmet.commons.mybatis.constant; + +public class AccessSettingConstant { + public static final String I_CREATED_KEY = "I_CREATED"; + public static final String I_CREATED_YES = "YES"; + + public static final String I_PART_KEY = "I_PART"; + public static final String I_PART_YES = "YES"; + + public static final String IN_GRID_KEY = "IN_GRID"; + public static final String IN_GRID_YES = "YES"; + + public static final String IN_DEPARTMENT_KEY = "IN_DEPARTMENT"; + public static final String IN_DEPARTMENT_YES = "YES"; +} diff --git a/epmet-commons/epmet-commons-mybatis/src/main/java/com/epmet/commons/mybatis/dto/form/DepartmentListResultDTO.java b/epmet-commons/epmet-commons-mybatis/src/main/java/com/epmet/commons/mybatis/dto/form/DepartmentListResultDTO.java new file mode 100644 index 0000000000..1bf20bae66 --- /dev/null +++ b/epmet-commons/epmet-commons-mybatis/src/main/java/com/epmet/commons/mybatis/dto/form/DepartmentListResultDTO.java @@ -0,0 +1,49 @@ +/** + * Copyright 2018 人人开源 https://www.renren.io + *

+ * This program is free software: you can redistribute it and/or modify + * it under the terms of the GNU General Public License as published by + * the Free Software Foundation, either version 3 of the License, or + * (at your option) any later version. + *

+ * This program is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU General Public License for more details. + *

+ * You should have received a copy of the GNU General Public License + * along with this program. If not, see . + */ + +package com.epmet.commons.mybatis.dto.form; + +import lombok.Data; + +import java.io.Serializable; + + +/** + * 组织首页-获取机关下部门列表-部门详情数据 + * + * @author sun + */ +@Data +public class DepartmentListResultDTO implements Serializable { + + private static final long serialVersionUID = 1L; + + /** + * 部门Id + */ + private String departmentId; + + /** + * 部门名称 + */ + private String departmentName; + + /** + * 部门下总人数 + */ + private Integer totalUser; +} \ No newline at end of file diff --git a/epmet-commons/epmet-commons-mybatis/src/main/java/com/epmet/commons/mybatis/dto/form/RoleAccessSettingResultDTO.java b/epmet-commons/epmet-commons-mybatis/src/main/java/com/epmet/commons/mybatis/dto/form/RoleAccessSettingResultDTO.java new file mode 100644 index 0000000000..f4099cfaa1 --- /dev/null +++ b/epmet-commons/epmet-commons-mybatis/src/main/java/com/epmet/commons/mybatis/dto/form/RoleAccessSettingResultDTO.java @@ -0,0 +1,13 @@ +package com.epmet.commons.mybatis.dto.form; + +import lombok.Data; + +@Data +public class RoleAccessSettingResultDTO { + + private String settingKey; + private String id; + private String settingName; + private String roleId; + +} diff --git a/epmet-commons/epmet-commons-mybatis/src/main/java/com/epmet/commons/mybatis/dto/form/StaffPermCacheResultDTO.java b/epmet-commons/epmet-commons-mybatis/src/main/java/com/epmet/commons/mybatis/dto/form/StaffPermCacheResultDTO.java index 7775756b38..ec090d7aee 100644 --- a/epmet-commons/epmet-commons-mybatis/src/main/java/com/epmet/commons/mybatis/dto/form/StaffPermCacheResultDTO.java +++ b/epmet-commons/epmet-commons-mybatis/src/main/java/com/epmet/commons/mybatis/dto/form/StaffPermCacheResultDTO.java @@ -17,6 +17,11 @@ public class StaffPermCacheResultDTO { */ private Set roleIdList; + /** + * 部门id列表 + */ + private Set deptIdList; + /** * 机构Id */ diff --git a/epmet-commons/epmet-commons-mybatis/src/main/java/com/epmet/commons/mybatis/feign/GovAccessFeignClient.java b/epmet-commons/epmet-commons-mybatis/src/main/java/com/epmet/commons/mybatis/feign/GovAccessFeignClient.java index 50b20890e7..354df4950f 100644 --- a/epmet-commons/epmet-commons-mybatis/src/main/java/com/epmet/commons/mybatis/feign/GovAccessFeignClient.java +++ b/epmet-commons/epmet-commons-mybatis/src/main/java/com/epmet/commons/mybatis/feign/GovAccessFeignClient.java @@ -1,23 +1,23 @@ package com.epmet.commons.mybatis.feign; -import com.epmet.commons.mybatis.dto.form.OperationScopeDTO; -import com.epmet.commons.mybatis.dto.form.OperationScopeFormDTO; -import com.epmet.commons.mybatis.dto.form.StaffPermCacheResultDTO; -import com.epmet.commons.mybatis.dto.form.StaffPermissionFormDTO; +import com.epmet.commons.mybatis.dto.form.*; import com.epmet.commons.mybatis.feign.fallback.GovAccessFeignClientFallback; import com.epmet.commons.tools.constant.ServiceConstant; import com.epmet.commons.tools.utils.Result; import org.springframework.cloud.openfeign.FeignClient; +import org.springframework.web.bind.annotation.PathVariable; import org.springframework.web.bind.annotation.PostMapping; import org.springframework.web.bind.annotation.RequestBody; import java.util.List; +import java.util.Map; import java.util.Set; /** * @Description * @Author sun */ +//, url = "localhost:8099" @FeignClient(name = ServiceConstant.GOV_ACCESS_SERVER, fallback = GovAccessFeignClientFallback.class) public interface GovAccessFeignClient { @@ -36,4 +36,11 @@ public interface GovAccessFeignClient { @PostMapping("/gov/access/access/operationscopes") Result> getOperationScopesByRoleId(OperationScopeFormDTO operationScopeFormDTO); + /** + * 查询角色的权限相关配置 + * @param roleId + * @return + */ + @PostMapping("/gov/access/access/role/{roleId}/accesssettings") + Result> listAccessSettings(@PathVariable("roleId") String roleId); } diff --git a/epmet-commons/epmet-commons-mybatis/src/main/java/com/epmet/commons/mybatis/feign/GovOrgFeignClient.java b/epmet-commons/epmet-commons-mybatis/src/main/java/com/epmet/commons/mybatis/feign/GovOrgFeignClient.java new file mode 100644 index 0000000000..67226cdd0e --- /dev/null +++ b/epmet-commons/epmet-commons-mybatis/src/main/java/com/epmet/commons/mybatis/feign/GovOrgFeignClient.java @@ -0,0 +1,30 @@ +package com.epmet.commons.mybatis.feign; + +import com.epmet.commons.mybatis.dto.form.*; +import com.epmet.commons.mybatis.feign.fallback.GovAccessFeignClientFallback; +import com.epmet.commons.mybatis.feign.fallback.GovOrgFeignClientFallback; +import com.epmet.commons.tools.constant.ServiceConstant; +import com.epmet.commons.tools.utils.Result; +import org.springframework.cloud.openfeign.FeignClient; +import org.springframework.web.bind.annotation.PathVariable; +import org.springframework.web.bind.annotation.PostMapping; + +import java.util.List; +import java.util.Set; + +/** + * @Description + * @Author sun + */ +//, url = "localhost:8092" +@FeignClient(name = ServiceConstant.GOV_ORG_SERVER, fallback = GovOrgFeignClientFallback.class) +public interface GovOrgFeignClient { + + /** + * 查询人员部门列表 + * @param staffId + * @return + */ + @PostMapping("/gov/org/department/staff/{staffId}/departmentlist") + Result> getDepartmentListByStaffId(@PathVariable("staffId") String staffId); +} diff --git a/epmet-commons/epmet-commons-mybatis/src/main/java/com/epmet/commons/mybatis/feign/fallback/GovAccessFeignClientFallback.java b/epmet-commons/epmet-commons-mybatis/src/main/java/com/epmet/commons/mybatis/feign/fallback/GovAccessFeignClientFallback.java index 6dfa1b89cc..ae74de9483 100644 --- a/epmet-commons/epmet-commons-mybatis/src/main/java/com/epmet/commons/mybatis/feign/fallback/GovAccessFeignClientFallback.java +++ b/epmet-commons/epmet-commons-mybatis/src/main/java/com/epmet/commons/mybatis/feign/fallback/GovAccessFeignClientFallback.java @@ -1,15 +1,14 @@ package com.epmet.commons.mybatis.feign.fallback; -import com.epmet.commons.mybatis.dto.form.OperationScopeDTO; -import com.epmet.commons.mybatis.dto.form.OperationScopeFormDTO; -import com.epmet.commons.mybatis.dto.form.StaffPermCacheResultDTO; -import com.epmet.commons.mybatis.dto.form.StaffPermissionFormDTO; +import com.epmet.commons.mybatis.dto.form.*; import com.epmet.commons.mybatis.feign.GovAccessFeignClient; import com.epmet.commons.tools.constant.ServiceConstant; import com.epmet.commons.tools.utils.ModuleUtils; import com.epmet.commons.tools.utils.Result; import org.springframework.stereotype.Component; +import java.util.List; +import java.util.Map; import java.util.Set; /** @@ -30,4 +29,9 @@ public class GovAccessFeignClientFallback implements GovAccessFeignClient { public Result> getOperationScopesByRoleId(OperationScopeFormDTO operationScopeFormDTO) { return ModuleUtils.feignConError(ServiceConstant.GOV_ACCESS_SERVER, "getOperationScopesByRoleId", operationScopeFormDTO); } + + @Override + public Result> listAccessSettings(String roleId) { + return ModuleUtils.feignConError(ServiceConstant.GOV_ACCESS_SERVER, "listAccessSettings", roleId); + } } diff --git a/epmet-commons/epmet-commons-mybatis/src/main/java/com/epmet/commons/mybatis/feign/fallback/GovOrgFeignClientFallback.java b/epmet-commons/epmet-commons-mybatis/src/main/java/com/epmet/commons/mybatis/feign/fallback/GovOrgFeignClientFallback.java new file mode 100644 index 0000000000..cce3d60309 --- /dev/null +++ b/epmet-commons/epmet-commons-mybatis/src/main/java/com/epmet/commons/mybatis/feign/fallback/GovOrgFeignClientFallback.java @@ -0,0 +1,27 @@ +package com.epmet.commons.mybatis.feign.fallback; + +import com.epmet.commons.mybatis.dto.form.*; +import com.epmet.commons.mybatis.feign.GovAccessFeignClient; +import com.epmet.commons.mybatis.feign.GovOrgFeignClient; +import com.epmet.commons.tools.constant.ServiceConstant; +import com.epmet.commons.tools.utils.ModuleUtils; +import com.epmet.commons.tools.utils.Result; +import org.springframework.stereotype.Component; + +import java.util.List; +import java.util.Set; + +/** + * 调用政府端权限 + * @Author wxz + * @Description + * @Date 2020/4/24 11:17 + **/ +@Component +public class GovOrgFeignClientFallback implements GovOrgFeignClient { + + @Override + public Result> getDepartmentListByStaffId(String staffId) { + return ModuleUtils.feignConError(ServiceConstant.GOV_ACCESS_SERVER, "getDepartmentListByStaffId", staffId); + } +} diff --git a/epmet-commons/epmet-commons-mybatis/src/main/java/com/epmet/commons/mybatis/interceptor/DataFilterInterceptor.java b/epmet-commons/epmet-commons-mybatis/src/main/java/com/epmet/commons/mybatis/interceptor/DataFilterInterceptor.java index d26f7525a1..e211c01e4e 100644 --- a/epmet-commons/epmet-commons-mybatis/src/main/java/com/epmet/commons/mybatis/interceptor/DataFilterInterceptor.java +++ b/epmet-commons/epmet-commons-mybatis/src/main/java/com/epmet/commons/mybatis/interceptor/DataFilterInterceptor.java @@ -80,6 +80,9 @@ public class DataFilterInterceptor extends AbstractSqlParserHandler implements I String orderBy = "ORDER BY"; String groupBy = "GROUP BY"; String sqlFilter = scope.getSqlFilter(); + if (StringUtils.isBlank(sqlFilter)) { + return invocation.proceed(); + } if (originalSql.indexOf("WHERE") == 0) { // 不包含where,需要手动拼接上 sqlFilter = " WHERE ".concat(sqlFilter); diff --git a/epmet-commons/epmet-commons-tools/src/main/java/com/epmet/commons/tools/redis/RedisKeys.java b/epmet-commons/epmet-commons-tools/src/main/java/com/epmet/commons/tools/redis/RedisKeys.java index 6598010561..0b6c64d6ef 100644 --- a/epmet-commons/epmet-commons-tools/src/main/java/com/epmet/commons/tools/redis/RedisKeys.java +++ b/epmet-commons/epmet-commons-tools/src/main/java/com/epmet/commons/tools/redis/RedisKeys.java @@ -215,6 +215,15 @@ public class RedisKeys { * @return */ public static String getRoleOpeScopesKey(String roleId, String opeKey) { - return rootPrefix.concat("gov:access:role:opescopes:").concat(roleId).concat(opeKey); + return rootPrefix.concat("gov:access:role:opescopes:").concat(roleId).concat(":").concat(opeKey); + } + + /** + * 角色ID对应的权限配置 + * @param roleId + * @return + */ + public static String getRoleAccessSettingKey(String roleId) { + return rootPrefix.concat("gov:access:role:accesssettings:").concat(roleId); } } diff --git a/epmet-commons/epmet-commons-tools/src/main/java/com/epmet/commons/tools/security/dto/GovTokenDto.java b/epmet-commons/epmet-commons-tools/src/main/java/com/epmet/commons/tools/security/dto/GovTokenDto.java index 49d6cb15a3..de94567fb6 100644 --- a/epmet-commons/epmet-commons-tools/src/main/java/com/epmet/commons/tools/security/dto/GovTokenDto.java +++ b/epmet-commons/epmet-commons-tools/src/main/java/com/epmet/commons/tools/security/dto/GovTokenDto.java @@ -62,7 +62,7 @@ public class GovTokenDto extends BaseTokenDto implements Serializable { /** * 部门id列表 */ - private List deptIdList; + private Set deptIdList; /** * 功能权限列表,实际上是gov_staff => staff_role => role_operation查询到的operationKey diff --git a/epmet-module/gov-access/gov-access-client/src/main/java/com/epmet/dto/form/StaffPermCacheFormDTO.java b/epmet-module/gov-access/gov-access-client/src/main/java/com/epmet/dto/form/StaffPermCacheFormDTO.java index 191314af0a..a35af017c9 100644 --- a/epmet-module/gov-access/gov-access-client/src/main/java/com/epmet/dto/form/StaffPermCacheFormDTO.java +++ b/epmet-module/gov-access/gov-access-client/src/main/java/com/epmet/dto/form/StaffPermCacheFormDTO.java @@ -51,4 +51,9 @@ public class StaffPermCacheFormDTO { */ private Set roleIdList; + /** + * 当前所在网格id + */ + private String gridId; + } diff --git a/epmet-module/gov-access/gov-access-client/src/main/java/com/epmet/dto/result/RoleAccessSettingResultDTO.java b/epmet-module/gov-access/gov-access-client/src/main/java/com/epmet/dto/result/RoleAccessSettingResultDTO.java new file mode 100644 index 0000000000..7330f3b425 --- /dev/null +++ b/epmet-module/gov-access/gov-access-client/src/main/java/com/epmet/dto/result/RoleAccessSettingResultDTO.java @@ -0,0 +1,14 @@ +package com.epmet.dto.result; + +import lombok.Data; + +@Data +public class RoleAccessSettingResultDTO { + + private String settingKey; + private String id; + private String settingName; + private String settingValue; + private String roleId; + +} diff --git a/epmet-module/gov-access/gov-access-client/src/main/java/com/epmet/dto/result/StaffPermCacheResultDTO.java b/epmet-module/gov-access/gov-access-client/src/main/java/com/epmet/dto/result/StaffPermCacheResultDTO.java index ce24cf9501..d19ed3ff27 100644 --- a/epmet-module/gov-access/gov-access-client/src/main/java/com/epmet/dto/result/StaffPermCacheResultDTO.java +++ b/epmet-module/gov-access/gov-access-client/src/main/java/com/epmet/dto/result/StaffPermCacheResultDTO.java @@ -18,6 +18,11 @@ public class StaffPermCacheResultDTO { */ private Set roleIdList; + /** + * 部门id列表 + */ + private Set deptIdList; + /** * 组织ID */ diff --git a/epmet-module/gov-access/gov-access-server/src/main/java/com/epmet/controller/AccessController.java b/epmet-module/gov-access/gov-access-server/src/main/java/com/epmet/controller/AccessController.java index e34df14a06..2f9bdcb567 100644 --- a/epmet-module/gov-access/gov-access-server/src/main/java/com/epmet/controller/AccessController.java +++ b/epmet-module/gov-access/gov-access-server/src/main/java/com/epmet/controller/AccessController.java @@ -6,6 +6,7 @@ import com.epmet.commons.tools.validator.ValidatorUtils; import com.epmet.dto.OperationScopeDTO; import com.epmet.dto.form.OperationScopeFormDTO; import com.epmet.dto.form.StaffPermCacheFormDTO; +import com.epmet.dto.result.RoleAccessSettingResultDTO; import com.epmet.dto.result.RoleOpeScopeResultDTO; import com.epmet.dto.result.StaffPermCacheResultDTO; import com.epmet.entity.OperationScopeEntity; @@ -16,6 +17,7 @@ import org.springframework.web.bind.annotation.*; import java.util.ArrayList; import java.util.List; +import java.util.Map; import java.util.Set; /** @@ -32,7 +34,7 @@ public class AccessController { private AccessService accessService; /** - * 更新工作人员权限缓存 + * 更新工作人员权限缓存(前端查询权限时候gov-mine会调用此处) * @param staffPermCacheFormDTO * @return */ @@ -45,12 +47,13 @@ public class AccessController { Set permissions = staffPermCacheFormDTO.getPermissions(); Set roleIdList = staffPermCacheFormDTO.getRoleIdList(); String orgId = staffPermCacheFormDTO.getOrgIdPath(); - accessService.updatePermissionCache(staffId, app, client, permissions, roleIdList, orgId); + String gridId = staffPermCacheFormDTO.getGridId(); + accessService.updatePermissionCache(staffId, app, client, permissions, roleIdList, orgId, gridId); return new Result(); } /** - * 查询用户当前权限列表(DataFilterAspect中用到) + * 从缓存中查询用户当前权限列表(DataFilterAspect中用到) * @return */ @PostMapping("getcurrpermissions") @@ -64,6 +67,7 @@ public class AccessController { resultDTO.setRoleIdList(govTokenDto.getRoleIdList()); resultDTO.setOrgIdPath(govTokenDto.getOrgIdPath()); resultDTO.setGridId(govTokenDto.getGridId()); + resultDTO.setDeptIdList(govTokenDto.getDeptIdList()); } return new Result().ok(resultDTO); } @@ -78,4 +82,15 @@ public class AccessController { Set scopes = accessService.listOperationScopesByRoleId(operationScopeFormDTO.getRoleId(), operationScopeFormDTO.getOperationKey()); return new Result>().ok(scopes); } + + /** + * 查询角色的权限相关配置 + * @param roleId + * @return + */ + @PostMapping("/role/{roleId}/accesssettings") + public Result> listAccessSettings(@PathVariable("roleId") String roleId) { + Map settings = accessService.listAccessSettings(roleId); + return new Result>().ok(settings); + } } diff --git a/epmet-module/gov-access/gov-access-server/src/main/java/com/epmet/dao/RoleAccessSettingDao.java b/epmet-module/gov-access/gov-access-server/src/main/java/com/epmet/dao/RoleAccessSettingDao.java new file mode 100644 index 0000000000..42acf285e0 --- /dev/null +++ b/epmet-module/gov-access/gov-access-server/src/main/java/com/epmet/dao/RoleAccessSettingDao.java @@ -0,0 +1,37 @@ +/** + * Copyright 2018 人人开源 https://www.renren.io + *

+ * This program is free software: you can redistribute it and/or modify + * it under the terms of the GNU General Public License as published by + * the Free Software Foundation, either version 3 of the License, or + * (at your option) any later version. + *

+ * This program is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU General Public License for more details. + *

+ * You should have received a copy of the GNU General Public License + * along with this program. If not, see . + */ + +package com.epmet.dao; + +import com.epmet.commons.mybatis.dao.BaseDao; +import com.epmet.dto.result.RoleAccessSettingResultDTO; +import com.epmet.entity.RoleAccessSettingEntity; +import org.apache.ibatis.annotations.Mapper; + +import java.util.List; + +/** + * 权限配置 + * + * @author generator generator@elink-cn.com + * @since v1.0.0 2020-04-26 + */ +@Mapper +public interface RoleAccessSettingDao extends BaseDao { + + List listRoleAccessSettingsByRoleId(String roleId); +} \ No newline at end of file diff --git a/epmet-module/gov-access/gov-access-server/src/main/java/com/epmet/entity/RoleAccessSettingEntity.java b/epmet-module/gov-access/gov-access-server/src/main/java/com/epmet/entity/RoleAccessSettingEntity.java new file mode 100644 index 0000000000..bbb8d650bf --- /dev/null +++ b/epmet-module/gov-access/gov-access-server/src/main/java/com/epmet/entity/RoleAccessSettingEntity.java @@ -0,0 +1,65 @@ +/** + * Copyright 2018 人人开源 https://www.renren.io + *

+ * This program is free software: you can redistribute it and/or modify + * it under the terms of the GNU General Public License as published by + * the Free Software Foundation, either version 3 of the License, or + * (at your option) any later version. + *

+ * This program is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU General Public License for more details. + *

+ * You should have received a copy of the GNU General Public License + * along with this program. If not, see . + */ + +package com.epmet.entity; + +import com.baomidou.mybatisplus.annotation.TableName; + +import com.epmet.commons.mybatis.entity.BaseEpmetEntity; +import lombok.Data; +import lombok.EqualsAndHashCode; + +import java.util.Date; + +/** + * 权限配置 + * + * @author generator generator@elink-cn.com + * @since v1.0.0 2020-04-26 + */ +@Data +@EqualsAndHashCode(callSuper=false) +@TableName("role_access_setting") +public class RoleAccessSettingEntity extends BaseEpmetEntity { + + private static final long serialVersionUID = 1L; + + /** + * 配置KEY + */ + private String settingKey; + + /** + * 配置name + */ + private String settingName; + /** + * 配置值 + */ + private String settingValue; + + /** + * 角色ID + */ + private String roleId; + + /** + * 操作简介 + */ + private String brief; + +} diff --git a/epmet-module/gov-access/gov-access-server/src/main/java/com/epmet/redis/RoleAccessSettingRedis.java b/epmet-module/gov-access/gov-access-server/src/main/java/com/epmet/redis/RoleAccessSettingRedis.java new file mode 100644 index 0000000000..02efbb9850 --- /dev/null +++ b/epmet-module/gov-access/gov-access-server/src/main/java/com/epmet/redis/RoleAccessSettingRedis.java @@ -0,0 +1,37 @@ +package com.epmet.redis; + +import com.epmet.commons.tools.redis.RedisKeys; +import com.epmet.commons.tools.redis.RedisUtils; +import com.epmet.dto.result.RoleAccessSettingResultDTO; +import org.springframework.beans.factory.annotation.Autowired; +import org.springframework.stereotype.Component; + +import java.util.HashMap; +import java.util.List; +import java.util.Map; +import java.util.function.BiConsumer; + +@Component +public class RoleAccessSettingRedis { + + @Autowired + private RedisUtils redisUtils; + + public void set(Map settings, String roleId) { + String roleAccessSettingKey = RedisKeys.getRoleAccessSettingKey(roleId); + redisUtils.hMSet(roleAccessSettingKey, settings); + } + + public Map get(String roleId) { + String roleAccessSettingKey = RedisKeys.getRoleAccessSettingKey(roleId); + Map s = redisUtils.hGetAll(roleAccessSettingKey); + Map settings = new HashMap<>(); + s.forEach((s1, o) -> { + if (o != null) { + settings.put(s1, String.valueOf(o)); + } + }); + return settings; + } + +} diff --git a/epmet-module/gov-access/gov-access-server/src/main/java/com/epmet/service/AccessService.java b/epmet-module/gov-access/gov-access-server/src/main/java/com/epmet/service/AccessService.java index df16e1e9df..dcda2ebe7e 100644 --- a/epmet-module/gov-access/gov-access-server/src/main/java/com/epmet/service/AccessService.java +++ b/epmet-module/gov-access/gov-access-server/src/main/java/com/epmet/service/AccessService.java @@ -1,10 +1,12 @@ package com.epmet.service; import com.epmet.commons.tools.security.dto.GovTokenDto; +import com.epmet.dto.result.RoleAccessSettingResultDTO; import com.epmet.dto.result.RoleOpeScopeResultDTO; import com.epmet.entity.OperationScopeEntity; import java.util.List; +import java.util.Map; import java.util.Set; public interface AccessService { @@ -13,7 +15,7 @@ public interface AccessService { * @param staffId * @param permissions */ - void updatePermissionCache(String staffId, String app, String client, Set permissions, Set roleIdList, String orgIdPath); + void updatePermissionCache(String staffId, String app, String client, Set permissions, Set roleIdList, String orgIdPath, String gridId); /** * 查询用户当前权限列表 @@ -28,4 +30,11 @@ public interface AccessService { * @return */ Set listOperationScopesByRoleId(String roleId, String operationKey); + + /** + * 查询角色的权限相关配置 + * @param roleId + * @return + */ + Map listAccessSettings(String roleId); } diff --git a/epmet-module/gov-access/gov-access-server/src/main/java/com/epmet/service/impl/AccessServiceImpl.java b/epmet-module/gov-access/gov-access-server/src/main/java/com/epmet/service/impl/AccessServiceImpl.java index 34e458ec6a..0249885536 100644 --- a/epmet-module/gov-access/gov-access-server/src/main/java/com/epmet/service/impl/AccessServiceImpl.java +++ b/epmet-module/gov-access/gov-access-server/src/main/java/com/epmet/service/impl/AccessServiceImpl.java @@ -4,7 +4,10 @@ import com.epmet.commons.tools.exception.ExceptionUtils; import com.epmet.commons.tools.security.dto.GovTokenDto; import com.epmet.commons.tools.utils.CpUserDetailRedis; import com.epmet.dao.OperationScopeDao; +import com.epmet.dao.RoleAccessSettingDao; +import com.epmet.dto.result.RoleAccessSettingResultDTO; import com.epmet.dto.result.RoleOpeScopeResultDTO; +import com.epmet.redis.RoleAccessSettingRedis; import com.epmet.redis.RoleOpeScopeRedis; import com.epmet.service.AccessService; import org.slf4j.Logger; @@ -13,7 +16,7 @@ import org.springframework.beans.factory.annotation.Autowired; import org.springframework.stereotype.Service; import org.springframework.util.CollectionUtils; -import java.util.Set; +import java.util.*; @Service public class AccessServiceImpl implements AccessService { @@ -26,16 +29,24 @@ public class AccessServiceImpl implements AccessService { @Autowired private OperationScopeDao operationScopeDao; + @Autowired + private RoleAccessSettingDao roleAccessSettingDao; + @Autowired private RoleOpeScopeRedis roleOpeScopeRedis; + @Autowired + private RoleAccessSettingRedis roleAccessSettingRedis; + + /** * 更新权限缓存 * @param staffId * @param permissions */ @Override - public void updatePermissionCache(String staffId, String app, String client, Set permissions, Set roleIdList, String orgIdPath) { + public void updatePermissionCache(String staffId, String app, String client, Set permissions, Set roleIdList, + String orgIdPath, String gridId) { GovTokenDto govTokenDto = cpUserDetailRedis.get(app, client, staffId, GovTokenDto.class); if (govTokenDto == null) { logger.warn("更新[{}]用户缓存:Redis中不存在该用户TokenDto缓存信息", staffId); @@ -45,6 +56,7 @@ public class AccessServiceImpl implements AccessService { govTokenDto.setPermissions(permissions); govTokenDto.setRoleIdList(roleIdList); govTokenDto.setOrgIdPath(orgIdPath); + govTokenDto.setGridId(gridId); // 将新的TokenDto更新到redis中 long expire = cpUserDetailRedis.getExpire(app, client, staffId); @@ -77,4 +89,26 @@ public class AccessServiceImpl implements AccessService { } return scopes; } + + /** + * 查询角色的权限相关配置 + * @param roleId + * @return + */ + @Override + public Map listAccessSettings(String roleId) { + Map settings = roleAccessSettingRedis.get(roleId); + //if (CollectionUtils.isEmpty(settings)) { + // // 数据库查出来,放入redis一份。此处为权限过滤器用到,存在缓存穿透,所以不采用这种方式。 + // // 改用为:变动setting的时候手动更新缓存的方式 + // List settingsDB = roleAccessSettingDao.listRoleAccessSettingsByRoleId(roleId); + // if (!CollectionUtils.isEmpty(settingsDB)) { + // roleAccessSettingRedis.set(settingsDB, roleId); + // } + //} + if (settings == null) { + settings = new HashMap<>(); + } + return settings; + } } diff --git a/epmet-module/gov-access/gov-access-server/src/main/resources/db.migration/epmet_gov_access.sql b/epmet-module/gov-access/gov-access-server/src/main/resources/db.migration/epmet_gov_access.sql index 93d8c2a148..62e72134a0 100644 --- a/epmet-module/gov-access/gov-access-server/src/main/resources/db.migration/epmet_gov_access.sql +++ b/epmet-module/gov-access/gov-access-server/src/main/resources/db.migration/epmet_gov_access.sql @@ -5,6 +5,8 @@ -- SET NAMES utf8mb4; -- #SET FOREIGN_KEY_CHECKS = 0; +CREATE DATABASE `epmet_gov_access` DEFAULT CHARACTER SET utf8mb4; + -- DROP TABLE IF EXISTS `permission_scope`; CREATE TABLE `operation_scope` ( `ID` varchar(64) CHARACTER SET utf8mb4 COLLATE utf8mb4_general_ci NOT NULL COMMENT 'id', @@ -73,4 +75,22 @@ CREATE TABLE `role_scope` ( PRIMARY KEY (`ID`) USING BTREE ) ENGINE = InnoDB CHARACTER SET = utf8mb4 COLLATE = utf8mb4_general_ci COMMENT = '角色能操作哪些范围' ROW_FORMAT = Dynamic; +-- 2020.04.26 wxz -- + +CREATE TABLE `role_access_setting` ( + `ID` varchar(64) NOT NULL COMMENT '主键', + `SETTING_KEY` varchar(30) NOT NULL COMMENT '配置KEY', + `SETTING_NAME` varchar(30) NOT NULL COMMENT '配置name', + `SETTING_VALUE` varchar(30) NOT NULL COMMENT '配置值', + `ROLE_ID` varchar(64) DEFAULT NULL COMMENT '角色ID', + `BRIEF` varchar(255) DEFAULT NULL COMMENT '操作简介', + `DEL_FLAG` tinyint(1) DEFAULT NULL, + `REVISION` int(10) DEFAULT NULL, + `CREATED_BY` varchar(64) DEFAULT NULL, + `CREATED_TIME` datetime DEFAULT NULL, + `UPDATED_BY` varchar(64) DEFAULT NULL, + `UPDATED_TIME` datetime DEFAULT NULL, + PRIMARY KEY (`ID`) +) ENGINE=InnoDB DEFAULT CHARSET=utf8mb4 COMMENT='权限配置' + -- SET FOREIGN_KEY_CHECKS = 1; diff --git a/epmet-module/gov-access/gov-access-server/src/main/resources/mapper/RoleAccessSettingDao.xml b/epmet-module/gov-access/gov-access-server/src/main/resources/mapper/RoleAccessSettingDao.xml new file mode 100644 index 0000000000..cc31938799 --- /dev/null +++ b/epmet-module/gov-access/gov-access-server/src/main/resources/mapper/RoleAccessSettingDao.xml @@ -0,0 +1,30 @@ + + + + + + + + + + + + + + + + + + + + + + + + + \ No newline at end of file diff --git a/epmet-module/gov-access/gov-access-server/src/test/java/com/epmet/test/govaccess/AccessSettingTest.java b/epmet-module/gov-access/gov-access-server/src/test/java/com/epmet/test/govaccess/AccessSettingTest.java new file mode 100644 index 0000000000..6ac8bf1547 --- /dev/null +++ b/epmet-module/gov-access/gov-access-server/src/test/java/com/epmet/test/govaccess/AccessSettingTest.java @@ -0,0 +1,38 @@ +package com.epmet.test.govaccess; + +import com.epmet.dao.RoleAccessSettingDao; +import com.epmet.dto.result.RoleAccessSettingResultDTO; +import com.epmet.redis.RoleAccessSettingRedis; +import org.junit.Test; +import org.junit.runner.RunWith; +import org.springframework.beans.factory.annotation.Autowired; +import org.springframework.boot.test.context.SpringBootTest; +import org.springframework.test.context.junit4.SpringRunner; + +import java.util.HashMap; +import java.util.List; +import java.util.Map; + +@RunWith(SpringRunner.class) +@SpringBootTest +public class AccessSettingTest { + + @Autowired + private RoleAccessSettingDao roleAccessSettingDao; + + @Autowired + private RoleAccessSettingRedis roleAccessSettingRedis; + + @Test + public void addAccessSettings2Redis() { + List settings = roleAccessSettingDao.listRoleAccessSettingsByRoleId("1"); + HashMap objectObjectHashMap = new HashMap<>(); + settings.forEach(s -> { + objectObjectHashMap.put(s.getSettingKey(), s.getSettingValue()); + }); + roleAccessSettingRedis.set(objectObjectHashMap, "1"); + Map map = roleAccessSettingRedis.get("1"); + System.out.println(map); + } + +} diff --git a/epmet-module/gov-mine/gov-mine-server/src/main/java/com/epmet/feign/EpmetUserFeignClient.java b/epmet-module/gov-mine/gov-mine-server/src/main/java/com/epmet/feign/EpmetUserFeignClient.java index 287da51fec..eaabe43f49 100644 --- a/epmet-module/gov-mine/gov-mine-server/src/main/java/com/epmet/feign/EpmetUserFeignClient.java +++ b/epmet-module/gov-mine/gov-mine-server/src/main/java/com/epmet/feign/EpmetUserFeignClient.java @@ -23,6 +23,7 @@ import java.util.List; * @Description * @Author sun */ +//, url = "localhost:8087" @FeignClient(name = ServiceConstant.EPMET_USER_SERVER, fallback = EpmetUserFeignClientFallback.class) public interface EpmetUserFeignClient { /** diff --git a/epmet-module/gov-mine/gov-mine-server/src/main/java/com/epmet/feign/GovOrgFeignClient.java b/epmet-module/gov-mine/gov-mine-server/src/main/java/com/epmet/feign/GovOrgFeignClient.java index 8c03d28764..45f0647c4b 100644 --- a/epmet-module/gov-mine/gov-mine-server/src/main/java/com/epmet/feign/GovOrgFeignClient.java +++ b/epmet-module/gov-mine/gov-mine-server/src/main/java/com/epmet/feign/GovOrgFeignClient.java @@ -19,6 +19,7 @@ import java.util.List; * @Description * @Author sun */ +//, url = "localhost:8092" @FeignClient(name = ServiceConstant.GOV_ORG_SERVER, fallback = GovOrgFeignClientFallBack.class) public interface GovOrgFeignClient { diff --git a/epmet-module/gov-mine/gov-mine-server/src/main/java/com/epmet/service/impl/AccessServiceImpl.java b/epmet-module/gov-mine/gov-mine-server/src/main/java/com/epmet/service/impl/AccessServiceImpl.java index d76e2e2f34..13340d53e1 100644 --- a/epmet-module/gov-mine/gov-mine-server/src/main/java/com/epmet/service/impl/AccessServiceImpl.java +++ b/epmet-module/gov-mine/gov-mine-server/src/main/java/com/epmet/service/impl/AccessServiceImpl.java @@ -38,27 +38,25 @@ public class AccessServiceImpl implements AccessService { @Autowired private GovOrgFeignClient govOrgFeignClient; - @Autowired - private CpUserDetailRedis cpUserDetailRedis; - - @Override - public Set listOpeKeysByStaffId(String app, String client, String staffId, String agencyId, String gridId) { + public List queryGovStaffRoles(String staffId, String orgId) { List roleDTOS = new ArrayList<>(); - // 查询机关单位权限 StaffRoleFormDTO formDTO = new StaffRoleFormDTO(); formDTO.setStaffId(staffId); - formDTO.setOrgId(agencyId); - Result> agencyResult = userFeignClient.getRolesOfStaff(formDTO); - if (!CollectionUtils.isEmpty(agencyResult.getData())) { - roleDTOS.addAll(agencyResult.getData()); - } - // 查询网格权限 - formDTO.setStaffId(staffId); - formDTO.setOrgId(gridId); + formDTO.setOrgId(orgId); Result> gridResult = userFeignClient.getRolesOfStaff(formDTO); if (!CollectionUtils.isEmpty(gridResult.getData())) { roleDTOS.addAll(gridResult.getData()); } + return roleDTOS; + } + + @Override + public Set listOpeKeysByStaffId(String app, String client, String staffId, String agencyId, String gridId) { + List roleDTOS = new ArrayList<>(); + // 查询机关单位中的角色 + roleDTOS.addAll(queryGovStaffRoles(staffId, agencyId)); + // 查询网格中的角色 + roleDTOS.addAll(queryGovStaffRoles(staffId, gridId)); // 拼装操作key列表 Set opeKeys = new HashSet<>(); @@ -86,7 +84,7 @@ public class AccessServiceImpl implements AccessService { // 查询该直属机关的orgIdPath Result agencyById = govOrgFeignClient.getAgencyById(agencyId); - if (agencyById.getCode() != 0 || agencyById.getData() == null) { + if (!agencyById.success() || agencyById.getData() == null) { logger.error("根据当前机构id[{}]查询pids失败:{}", agencyId, agencyById.getMsg()); throw new RenException(EpmetErrorCode.SERVER_ERROR.getCode()); } @@ -98,6 +96,7 @@ public class AccessServiceImpl implements AccessService { staffPermCacheFormDTO.setStaffId(staffId); staffPermCacheFormDTO.setPermissions(opeKeys); staffPermCacheFormDTO.setRoleIdList(roleIds); + staffPermCacheFormDTO.setGridId(gridId); // 拼接orgIdPath staffPermCacheFormDTO.setOrgIdPath(String.format("%s:%s", agencyById.getData().getPids(), agencyId)); govAccessFeignClient.updatePermissionCache(staffPermCacheFormDTO); diff --git a/epmet-module/gov-org/gov-org-server/src/main/java/com/epmet/controller/DepartmentController.java b/epmet-module/gov-org/gov-org-server/src/main/java/com/epmet/controller/DepartmentController.java index b55e48a3e0..c94a102685 100644 --- a/epmet-module/gov-org/gov-org-server/src/main/java/com/epmet/controller/DepartmentController.java +++ b/epmet-module/gov-org/gov-org-server/src/main/java/com/epmet/controller/DepartmentController.java @@ -11,10 +11,7 @@ import com.epmet.dto.result.DepartmentInAgencyResultDTO; import com.epmet.dto.result.DepartmentListResultDTO; import com.epmet.service.DepartmentService; import org.springframework.beans.factory.annotation.Autowired; -import org.springframework.web.bind.annotation.PostMapping; -import org.springframework.web.bind.annotation.RequestBody; -import org.springframework.web.bind.annotation.RequestMapping; -import org.springframework.web.bind.annotation.RestController; +import org.springframework.web.bind.annotation.*; import java.util.List; @@ -112,4 +109,14 @@ public class DepartmentController { ValidatorUtils.validateEntity(formDTO); return departmentService.departmentList(formDTO); } + + /** + * 根据StaffId查询所属部门列表 + * @return + */ + @PostMapping("staff/{staffId}/departmentlist") + public Result> getDepartmentListByStaffId(@PathVariable("staffId") String staffId) { + List deptList = departmentService.listDepartmentListByStaffId(staffId); + return new Result>().ok(deptList); + } } \ No newline at end of file diff --git a/epmet-module/gov-org/gov-org-server/src/main/java/com/epmet/dao/CustomerDepartmentDao.java b/epmet-module/gov-org/gov-org-server/src/main/java/com/epmet/dao/CustomerDepartmentDao.java index b7569a1396..5ecfdff97f 100644 --- a/epmet-module/gov-org/gov-org-server/src/main/java/com/epmet/dao/CustomerDepartmentDao.java +++ b/epmet-module/gov-org/gov-org-server/src/main/java/com/epmet/dao/CustomerDepartmentDao.java @@ -49,4 +49,11 @@ public interface CustomerDepartmentDao extends BaseDao * @Description 根据当前机关Id查询该机关下的直属部门列表 **/ List selectDepartmentList(@Param("agencyId") String agencyId); + + /** + * 根据StaffId查询所属部门列表 + * @param staffId + * @return + */ + List listDepartmentListByStaffId(@Param("staffId") String staffId); } \ No newline at end of file diff --git a/epmet-module/gov-org/gov-org-server/src/main/java/com/epmet/service/DepartmentService.java b/epmet-module/gov-org/gov-org-server/src/main/java/com/epmet/service/DepartmentService.java index 2d49860de2..495a285f66 100644 --- a/epmet-module/gov-org/gov-org-server/src/main/java/com/epmet/service/DepartmentService.java +++ b/epmet-module/gov-org/gov-org-server/src/main/java/com/epmet/service/DepartmentService.java @@ -86,4 +86,11 @@ public interface DepartmentService { * @return */ Result addDepartmentStaff(TokenDto tokenDto,AddDepartmentStaffFormDTO addDepartmentStaffFormDTO); + + /** + * 根据StaffId查询所属部门列表 + * @param staffId + * @return + */ + List listDepartmentListByStaffId(String staffId); } \ No newline at end of file diff --git a/epmet-module/gov-org/gov-org-server/src/main/java/com/epmet/service/impl/DepartmentServiceImpl.java b/epmet-module/gov-org/gov-org-server/src/main/java/com/epmet/service/impl/DepartmentServiceImpl.java index dda0d02ae7..2df01f8d3a 100644 --- a/epmet-module/gov-org/gov-org-server/src/main/java/com/epmet/service/impl/DepartmentServiceImpl.java +++ b/epmet-module/gov-org/gov-org-server/src/main/java/com/epmet/service/impl/DepartmentServiceImpl.java @@ -226,4 +226,9 @@ public class DepartmentServiceImpl implements DepartmentService { customerStaffDepartmentDao.updateDepartmentStaffCount(data.size(),addDepartmentStaffFormDTO.getDepartmentId()); return new Result(); } + + @Override + public List listDepartmentListByStaffId(String staffId) { + return customerDepartmentDao.listDepartmentListByStaffId(staffId); + } } \ No newline at end of file diff --git a/epmet-module/gov-org/gov-org-server/src/main/resources/mapper/CustomerDepartmentDao.xml b/epmet-module/gov-org/gov-org-server/src/main/resources/mapper/CustomerDepartmentDao.xml index 932f7f66d3..e440745e06 100644 --- a/epmet-module/gov-org/gov-org-server/src/main/resources/mapper/CustomerDepartmentDao.xml +++ b/epmet-module/gov-org/gov-org-server/src/main/resources/mapper/CustomerDepartmentDao.xml @@ -26,4 +26,11 @@ ORDER BY created_time DESC + + \ No newline at end of file diff --git a/epmet-user/epmet-user-server/src/main/java/com/epmet/dao/StaffRoleDao.java b/epmet-user/epmet-user-server/src/main/java/com/epmet/dao/StaffRoleDao.java index 6d65865681..32ec353dfe 100644 --- a/epmet-user/epmet-user-server/src/main/java/com/epmet/dao/StaffRoleDao.java +++ b/epmet-user/epmet-user-server/src/main/java/com/epmet/dao/StaffRoleDao.java @@ -18,11 +18,13 @@ package com.epmet.dao; import com.epmet.commons.mybatis.dao.BaseDao; +import com.epmet.commons.mybatis.entity.DataScope; import com.epmet.dto.StaffRoleDTO; import com.epmet.dto.result.GovStaffRoleResultDTO; import com.epmet.entity.StaffRoleEntity; import org.apache.ibatis.annotations.Mapper; import org.apache.ibatis.annotations.Param; +import org.springframework.context.annotation.Scope; import java.util.List; @@ -40,7 +42,8 @@ public interface StaffRoleDao extends BaseDao { * @param orgId * @return */ - List listStaffIdsByRoleKeyAndOrgId(@Param("roleKey") String roleKey, @Param("orgId") String orgId); + List listStaffIdsByRoleKeyAndOrgId(@Param("roleKey") String roleKey, @Param("orgId") String orgId, + @Param("dataScope") DataScope dataScope); /** * 删除工作人员权限 diff --git a/epmet-user/epmet-user-server/src/main/java/com/epmet/feign/GovOrgFeignClient.java b/epmet-user/epmet-user-server/src/main/java/com/epmet/feign/GovOrgFeignClient.java index acbb5833f7..1f518e6910 100644 --- a/epmet-user/epmet-user-server/src/main/java/com/epmet/feign/GovOrgFeignClient.java +++ b/epmet-user/epmet-user-server/src/main/java/com/epmet/feign/GovOrgFeignClient.java @@ -13,6 +13,7 @@ import org.springframework.web.bind.annotation.PostMapping; * @Author sun * @Date 2020/3/16 */ +//, url = "localhost:8092" @FeignClient(name = ServiceConstant.GOV_ORG_SERVER, fallback = GovOrgFeignClientFallBack.class) public interface GovOrgFeignClient { diff --git a/epmet-user/epmet-user-server/src/main/java/com/epmet/service/impl/StaffRoleServiceImpl.java b/epmet-user/epmet-user-server/src/main/java/com/epmet/service/impl/StaffRoleServiceImpl.java index 180521ebe3..80e16582d8 100644 --- a/epmet-user/epmet-user-server/src/main/java/com/epmet/service/impl/StaffRoleServiceImpl.java +++ b/epmet-user/epmet-user-server/src/main/java/com/epmet/service/impl/StaffRoleServiceImpl.java @@ -111,9 +111,9 @@ public class StaffRoleServiceImpl extends BaseServiceImpl listStaffsInRole(String roleKey, String orgId, DataScope dataScope) { - return baseDao.listStaffIdsByRoleKeyAndOrgId(roleKey, orgId); + return baseDao.listStaffIdsByRoleKeyAndOrgId(roleKey, orgId, dataScope); } @Override