1.基本完成了权限部分，除上级，同级其他，我参与的

epmet-admin/epmet-admin-server/src/test/java/io/renren/service/DynamicDataSourceTest.java

@@ -1,48 +1,48 @@
-/**
+///**
- * Copyright 2018 人人开源 https://www.renren.io
+// * Copyright 2018 人人开源 https://www.renren.io
- * <p>
+// * <p>
- * This program is free software: you can redistribute it and/or modify
+// * This program is free software: you can redistribute it and/or modify
- * it under the terms of the GNU General Public License as published by
+// * it under the terms of the GNU General Public License as published by
- * the Free Software Foundation, either version 3 of the License, or
+// * the Free Software Foundation, either version 3 of the License, or
- * (at your option) any later version.
+// * (at your option) any later version.
- * <p>
+// * <p>
- * This program is distributed in the hope that it will be useful,
+// * This program is distributed in the hope that it will be useful,
- * but WITHOUT ANY WARRANTY; without even the implied warranty of
+// * but WITHOUT ANY WARRANTY; without even the implied warranty of
- * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+// * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
- * GNU General Public License for more details.
+// * GNU General Public License for more details.
- * <p>
+// * <p>
- * You should have received a copy of the GNU General Public License
+// * You should have received a copy of the GNU General Public License
- * along with this program.  If not, see <http://www.gnu.org/licenses/>.
+// * along with this program.  If not, see <http://www.gnu.org/licenses/>.
- */
+// */
-
+//
-package com.epmet.service;
+//package com.epmet.service;
-
+//
-import org.junit.Test;
+//import org.junit.Test;
-import org.junit.runner.RunWith;
+//import org.junit.runner.RunWith;
-import org.springframework.beans.factory.annotation.Autowired;
+//import org.springframework.beans.factory.annotation.Autowired;
-import org.springframework.boot.test.context.SpringBootTest;
+//import org.springframework.boot.test.context.SpringBootTest;
-import org.springframework.test.context.junit4.SpringRunner;
+//import org.springframework.test.context.junit4.SpringRunner;
-
+//
-/**
+///**
- * 多数据源测试
+// * 多数据源测试
- *
+// *
- * @author Mark sunlightcs@gmail.com
+// * @author Mark sunlightcs@gmail.com
- * @since 1.0.0
+// * @since 1.0.0
- */
+// */
-@RunWith(SpringRunner.class)
+//@RunWith(SpringRunner.class)
-@SpringBootTest
+//@SpringBootTest
-public class DynamicDataSourceTest {
+//public class DynamicDataSourceTest {
-    @Autowired
+//    @Autowired
-    private DynamicDataSourceTestService dynamicDataSourceTestService;
+//    private com.epmet.service.DynamicDataSourceTestService dynamicDataSourceTestService;
-
+//
-    @Test
+//    @Test
-    public void test(){
+//    public void test(){
-        Long id = 1067246875800000001L;
+//        Long id = 1067246875800000001L;
-        dynamicDataSourceTestService.selectById(id);
+//        dynamicDataSourceTestService.selectById(id);
-        dynamicDataSourceTestService.updateUser(id);
+//        dynamicDataSourceTestService.updateUser(id);
-        dynamicDataSourceTestService.updateUserBySlave1(id);
+//        dynamicDataSourceTestService.updateUserBySlave1(id);
-        dynamicDataSourceTestService.updateUserBySlave2(id);
+//        dynamicDataSourceTestService.updateUserBySlave2(id);
-    }
+//    }
-
+//
-
+//
-}
+//}

epmet-auth/src/main/java/com/epmet/feign/GovOrgFeignClient.java

@@ -3,10 +3,12 @@ package com.epmet.feign;
 import com.epmet.commons.tools.constant.ServiceConstant;
 import com.epmet.commons.tools.utils.Result;
 import com.epmet.dto.form.StaffOrgFormDTO;
+import com.epmet.dto.result.DepartmentListResultDTO;
 import com.epmet.dto.result.StaffOrgsResultDTO;
 import com.epmet.feign.fallback.GovOrgFeignClientFallback;
 import org.springframework.cloud.openfeign.FeignClient;
 import org.springframework.http.MediaType;
+import org.springframework.web.bind.annotation.PathVariable;
 import org.springframework.web.bind.annotation.PostMapping;
 
 import java.util.List;
@@ -27,4 +29,12 @@ public interface GovOrgFeignClient {
      **/
     @PostMapping(value = "/gov/org/customeragency/getStaffOrgList",consumes = MediaType.APPLICATION_JSON_VALUE)
     Result<List<StaffOrgsResultDTO>> getStaffOrgList(StaffOrgFormDTO staffOrgFormDTO);
+
+    /**
+     * 查询人员部门列表
+     * @param staffId
+     * @return
+     */
+    @PostMapping("/gov/org/department/staff/{staffId}/departmentlist")
+    Result<List<DepartmentListResultDTO>> getDepartmentListByStaffId(@PathVariable("staffId") String staffId);
 }

epmet-auth/src/main/java/com/epmet/feign/fallback/GovOrgFeignClientFallback.java

@@ -4,6 +4,7 @@ import com.epmet.commons.tools.constant.ServiceConstant;
 import com.epmet.commons.tools.utils.ModuleUtils;
 import com.epmet.commons.tools.utils.Result;
 import com.epmet.dto.form.StaffOrgFormDTO;
+import com.epmet.dto.result.DepartmentListResultDTO;
 import com.epmet.dto.result.StaffOrgsResultDTO;
 import com.epmet.feign.GovOrgFeignClient;
 import org.springframework.stereotype.Component;
@@ -22,5 +23,10 @@ public class GovOrgFeignClientFallback implements GovOrgFeignClient {
     public Result<List<StaffOrgsResultDTO>> getStaffOrgList(StaffOrgFormDTO staffOrgFormDTO) {
         return ModuleUtils.feignConError(ServiceConstant.GOV_ORG_SERVER, "getStaffOrgList", staffOrgFormDTO);
     }
+
+    @Override
+    public Result<List<DepartmentListResultDTO>> getDepartmentListByStaffId(String staffId) {
+        return ModuleUtils.feignConError(ServiceConstant.GOV_ORG_SERVER, "getDepartmentListByStaffId", staffId);
+    }
 }
 

epmet-auth/src/main/java/com/epmet/service/impl/GovLoginServiceImpl.java

@@ -3,6 +3,7 @@ package com.epmet.service.impl;
 import cn.binarywang.wx.miniapp.bean.WxMaJscode2SessionResult;
 import com.epmet.common.token.constant.LoginConstant;
 import com.epmet.commons.tools.exception.EpmetErrorCode;
+import com.epmet.commons.tools.exception.ExceptionUtils;
 import com.epmet.commons.tools.exception.RenException;
 import com.epmet.commons.tools.security.dto.GovTokenDto;
 import com.epmet.commons.tools.security.dto.TokenDto;
@@ -12,6 +13,7 @@ import com.epmet.commons.tools.utils.Result;
 import com.epmet.commons.tools.validator.PhoneValidatorUtils;
 import com.epmet.dto.CustomerStaffDTO;
 import com.epmet.dto.form.*;
+import com.epmet.dto.result.DepartmentListResultDTO;
 import com.epmet.dto.result.StaffLatestAgencyResultDTO;
 import com.epmet.dto.result.StaffOrgsResultDTO;
 import com.epmet.dto.result.UserTokenResultDTO;
@@ -27,11 +29,10 @@ import org.slf4j.Logger;
 import org.slf4j.LoggerFactory;
 import org.springframework.beans.factory.annotation.Autowired;
 import org.springframework.stereotype.Service;
+import org.springframework.util.CollectionUtils;
 
-import java.util.ArrayList;
+import java.util.*;
-import java.util.HashMap;
+import java.util.stream.Collectors;
-import java.util.List;
-import java.util.Map;
 
 /**
  * @Description 政府端登录服务
@@ -166,6 +167,22 @@ public class GovLoginServiceImpl implements GovLoginService {
         govTokenDto.setExpireTime(jwtTokenUtils.getExpiration(token).getTime());
         govTokenDto.setAgencyId(staffLatestAgency.getAgencyId());
         govTokenDto.setCustomerId(staffLatestAgency.getCustomerId());
+
+        try {
+            Result<List<DepartmentListResultDTO>> deptListResult = govOrgFeignClient.getDepartmentListByStaffId(staffLatestAgency.getStaffId());
+            if (deptListResult.success()) {
+                if (!CollectionUtils.isEmpty(deptListResult.getData())) {
+                    Set<String> deptIdLists = deptListResult.getData().stream().map(dept -> dept.getDepartmentId()).collect(Collectors.toSet());
+                    govTokenDto.setDeptIdList(deptIdLists);
+                }
+            } else {
+                logger.error("登录:查询部门列表，远程调用返回错误:{}", deptListResult.getMsg());
+            }
+        } catch (Exception e) {
+            String errorStackTrace = ExceptionUtils.getErrorStackTrace(e);
+            logger.error("登录:查询部门列表异常:{}", errorStackTrace);
+        }
+
         cpUserDetailRedis.set(govTokenDto, expire);
         logger.info("截止时间：" + DateUtils.format(jwtTokenUtils.getExpiration(token), "yyyy-MM-dd HH:mm:ss"));
     }

epmet-auth/src/test/java/com/epmet/TokenGenTest.java

@@ -11,7 +11,9 @@ import org.springframework.beans.factory.annotation.Autowired;
 import org.springframework.boot.test.context.SpringBootTest;
 import org.springframework.test.context.junit4.SpringRunner;
 
+import java.util.Arrays;
 import java.util.HashMap;
+import java.util.HashSet;
 import java.util.Map;
 
 @RunWith(SpringRunner.class)
@@ -43,6 +45,7 @@ public class TokenGenTest {
         govTokenDto.setUpdateTime(System.currentTimeMillis());
         govTokenDto.setExpireTime(jwtTokenUtils.getExpiration(tokenStr).getTime());
         govTokenDto.setAgencyId("1");
+        govTokenDto.setDeptIdList(new HashSet<>(Arrays.asList("1","2","3")));
         govTokenDto.setCustomerId("f76def116c9c2dc0269cc17867af122c");
         cpUserDetailRedis.set(govTokenDto, expire);
     }

epmet-commons/epmet-commons-mybatis/src/main/java/com/epmet/commons/mybatis/aspect/DataFilterAspect.java

@@ -9,13 +9,12 @@
 package com.epmet.commons.mybatis.aspect;
 
 import com.epmet.commons.mybatis.annotation.DataFilter;
+import com.epmet.commons.mybatis.constant.AccessSettingConstant;
 import com.epmet.commons.mybatis.constant.OpeScopeConstant;
-import com.epmet.commons.mybatis.dto.form.OperationScopeDTO;
+import com.epmet.commons.mybatis.dto.form.*;
-import com.epmet.commons.mybatis.dto.form.OperationScopeFormDTO;
-import com.epmet.commons.mybatis.dto.form.StaffPermCacheResultDTO;
-import com.epmet.commons.mybatis.dto.form.StaffPermissionFormDTO;
 import com.epmet.commons.mybatis.entity.DataScope;
 import com.epmet.commons.mybatis.feign.GovAccessFeignClient;
+import com.epmet.commons.mybatis.feign.GovOrgFeignClient;
 import com.epmet.commons.tools.aspect.AccessOpeAspect;
 import com.epmet.commons.tools.exception.EpmetErrorCode;
 import com.epmet.commons.tools.exception.RenException;
@@ -46,12 +45,20 @@ public class DataFilterAspect {
 
     private static final Logger log = LoggerFactory.getLogger(DataFilterAspect.class);
 
+    /**
+     * 线程变量，记录是否已经添加了至少一个过滤条件
+     */
+    private static final ThreadLocal<Boolean> hasConditions = new ThreadLocal();
+
     @Autowired
     private LoginUserUtil loginUserUtil;
 
     @Autowired
     private GovAccessFeignClient govAccessFeignClient;
 
+    @Autowired
+    private GovOrgFeignClient govOrgFeignClient;
+
     public static final String orgIdPathSpliter = ":";
 
     @Before("@annotation(com.epmet.commons.mybatis.annotation.DataFilter)")
@@ -94,22 +101,20 @@ public class DataFilterAspect {
         // 校验操作权限
         validateOpePermission(permCacheResultDTO.getPermissions(), requirePermission);
 
+        hasConditions.set(false);
+
         // 生成过滤sql
+        String sqlFilterSegment = getSqlFilterSegment(userId, permCacheResultDTO.getRoleIdList(), requirePermission,
+                permCacheResultDTO.getOrgIdPath(), permCacheResultDTO.getGridId(), tableAlias, permCacheResultDTO.getDeptIdList());
+
+        // 填充到Service方法列表中的DataScope对象中
         Object[] methodArgs = point.getArgs();
         for (Object methodArg : methodArgs) {
             if (methodArg instanceof DataScope) {
-                ((DataScope) methodArg).setSqlFilter(getSqlFilterSegment(
+                ((DataScope) methodArg).setSqlFilter(sqlFilterSegment);
-                        userId,
-                        permCacheResultDTO.getRoleIdList(),
-                        requirePermission,
-                        permCacheResultDTO.getOrgIdPath(),
-                        permCacheResultDTO.getGridId(),
-                        tableAlias));
                 return;
             }
         }
-
-        //throw new RenException(ErrorCode.DATA_SCOPE_PARAMS_ERROR);
     }
 
     /**
@@ -128,89 +133,149 @@ public class DataFilterAspect {
      *
      * @return
      */
-    private String getSqlFilterSegment(String userId,Set<String> roleIds, String reqiurePermission, String orgIdPath, String gridId, String tableAlias) {
+    private String getSqlFilterSegment(String userId, Set<String> roleIds, String reqiurePermission, String orgIdPath,
-        // 根据角色列表查询操作范围列表
+                                       String gridId, String tableAlias, Set<String> deptIds) {
-        Set<OperationScopeDTO> scopeDTOS = new HashSet<>();
-        roleIds.forEach(roleId -> {
-            OperationScopeFormDTO osformDto = new OperationScopeFormDTO();
-            osformDto.setRoleId(roleId);
-            osformDto.setOperationKey(reqiurePermission);
-            Result<Set<OperationScopeDTO>> result = govAccessFeignClient.getOperationScopesByRoleId(osformDto);
-            if (result.success()) {
-                scopeDTOS.addAll(result.getData());
-            }
-        });
 
-        // 过滤范围
-        HashSet<String> scopes = filteScopes(scopeDTOS);
-        if (CollectionUtils.isEmpty(scopes)) {
-            // 没有范围限制
-            return "";
-        }
         StringBuilder sb = new StringBuilder();
 
+        Map<String, String> accessSettings = listRoleAccessSettings(roleIds);
+
         // 1.生成sql:组织范围过滤
-        genOrgScopeSql(sb, orgIdPath, scopes, tableAlias);
+        genOrgScopeSql(sb, orgIdPath, roleIds, reqiurePermission, tableAlias);
 
         // 2.生成sql:我发起的
-        genIStartedSql(sb, userId, tableAlias);
+        String iCreated = accessSettings.get(AccessSettingConstant.I_CREATED_KEY);
+        if (StringUtils.isNotBlank(iCreated) && AccessSettingConstant.I_CREATED_YES.equals(iCreated)) {
+            genICreatedSql(sb, userId, tableAlias);
+        }
 
         // 3.生成sql:本网格的
-        genInGrid(sb, gridId, tableAlias);
+        String inGrid = accessSettings.get(AccessSettingConstant.IN_GRID_KEY);
+        if (StringUtils.isNotBlank(inGrid) && AccessSettingConstant.IN_GRID_YES.equals(inGrid)) {
+            genInGrid(sb, gridId, tableAlias);
+        }
+
+        // 4.生成sql:根据部门列表
+        String inDept = accessSettings.get(AccessSettingConstant.IN_DEPARTMENT_KEY);
+        if (StringUtils.isNotBlank(inDept) && AccessSettingConstant.IN_DEPARTMENT_YES.equals(inDept)) {
+            genDepartmentFilterSql(sb, deptIds);
+        }
 
-        //sb.append(")");
-        System.out.println("生成的过滤sql：" + sb.toString());
         return sb.toString();
     }
 
+    /**
+     * 列出角色对应的权限设置项
+     * @param roleIds
+     * @return
+     */
+    private Map<String, String> listRoleAccessSettings(Set<String> roleIds) {
+        Map<String, String> settings = new HashMap<>();
+        roleIds.forEach(roleId -> {
+            settings.putAll(listRoleAccessSettings(roleId));
+        });
+        return settings;
+    }
+
+    private Map<String, String> listRoleAccessSettings(String roleId) {
+        Result<Map<String, String>> result = govAccessFeignClient.listAccessSettings(roleId);
+        if (result.success()) {
+            return result.getData();
+        } else {
+            log.error("角色[{}]查询权限配置AccessSettings失败:{}", roleId, result.getMsg());
+        }
+        return new HashMap<>();
+    }
+    /**
+     * 生成部门过滤sql
+     *
+     * @param sb
+     */
+    private void genDepartmentFilterSql(StringBuilder sb, Set<String> deptIdList) {
+        //Result<List<DepartmentListResultDTO>> deptListResult = govOrgFeignClient.getDepartmentListByStaffId(staffId);
+        if (CollectionUtils.isEmpty(deptIdList)) {
+            return;
+        }
+        deptIdList.forEach(deptId -> {
+            sb.append(hasConditions.get() ? " OR " : "").append(" DEPARTMENT_ID = '").append(deptId).append("' ");
+        });
+        hasConditions.set(true);
+    }
+
     /**
      * 网格sql
+     *
      * @param sb
      * @param gridId
      * @param tableAlias
      */
     private void genInGrid(StringBuilder sb, String gridId, String tableAlias) {
         if (StringUtils.isBlank(tableAlias)) {
-            sb.append(" OR GRID_ID ='").append(gridId).append("'");
+            sb.append(hasConditions.get() ? " OR " : "").append(" GRID_ID ='").append(gridId).append("' ");
         } else {
-            sb.append(" OR ").append(tableAlias).append(".GRID_ID ='").append(gridId).append("'");
+            sb.append(hasConditions.get() ? " OR " : "").append(tableAlias).append(".GRID_ID ='").append(gridId).append("' ");
         }
+        hasConditions.set(true);
     }
 
     /**
      * sql：我发起的
+     *
      * @param userId
      */
-    private void genIStartedSql(StringBuilder sb, String userId, String tableAlias) {
+    private void genICreatedSql(StringBuilder sb, String userId, String tableAlias) {
         if (StringUtils.isBlank(tableAlias)) {
-            sb.append(" OR CREATED_BY ='").append(userId).append("'");
+            sb.append(hasConditions.get() ? " OR " : " ").append(" CREATED_BY ='").append(userId).append("'");
         } else {
-            sb.append(" OR ").append(tableAlias).append(".CREATED_BY ='").append(userId).append("'");
+            sb.append(hasConditions.get() ? " OR " : " ").append(tableAlias).append(".CREATED_BY ='").append(userId).append("'");
         }
+        hasConditions.set(true);
     }
 
     /**
      * 计算组织范围过滤sql，整体入口
+     *
      * @param sb
      * @param orgIdPath
-     * @param scopes
      */
-    public void genOrgScopeSql(StringBuilder sb, String orgIdPath, HashSet<String> scopes, String tableAlias) {
+    public void genOrgScopeSql(StringBuilder sb, String orgIdPath, Set<String> roleIds, String reqiurePermission, String tableAlias) {
+
+        // 根据角色列表查询操作范围列表
+        Set<OperationScopeDTO> scopeDTOS = new HashSet<>();
+        roleIds.forEach(roleId -> {
+            OperationScopeFormDTO osformDto = new OperationScopeFormDTO();
+            osformDto.setRoleId(roleId);
+            osformDto.setOperationKey(reqiurePermission);
+            Result<Set<OperationScopeDTO>> result = govAccessFeignClient.getOperationScopesByRoleId(osformDto);
+            if (result.success()) {
+                scopeDTOS.addAll(result.getData());
+            }
+        });
+
+        // 过滤范围
+        HashSet<String> scopes = filteScopes(scopeDTOS);
+        if (CollectionUtils.isEmpty(scopes)) {
+            // 没有范围限制
+            return;
+        }
+
         // 取出父组织ID path 和当前组织ID
         String pOrgPath = orgIdPath.substring(0, orgIdPath.lastIndexOf(orgIdPathSpliter));
         String currOrgPath = orgIdPath.substring(orgIdPath.lastIndexOf(orgIdPathSpliter) + 1);
         genOrgScopeSql(sb, scopes, currOrgPath, pOrgPath, tableAlias);
         sb.replace(sb.lastIndexOf("OR"), sb.lastIndexOf("OR") + 3, "");
+        hasConditions.set(true);
     }
 
     /**
      * 计算组织范围过滤sql
+     *
      * @param scopes
      * @param currOrg
      * @param pOrgPath
      * @return
      */
-    private void genOrgScopeSql(StringBuilder sb,HashSet<String> scopes, String currOrg, String pOrgPath, String tableAlias) {
+    private void genOrgScopeSql(StringBuilder sb, HashSet<String> scopes, String currOrg, String pOrgPath, String tableAlias) {
         for (String scope : scopes) {
             switch (scope) {
                 case OpeScopeConstant.ORG_CURR:
@@ -261,6 +326,9 @@ public class DataFilterAspect {
 
         for (OperationScopeDTO scope : scopeDTOS) {
             String scopeIndex = scope.getScopeIndex();
+            if (StringUtils.isBlank(scopeIndex)) {
+                continue;
+            }
             String[] currArr = scopeIndex.split("_");
             if ("0".equals(currArr[1])) {
                 // 为0，说明没有包含关系，直接放入

epmet-commons/epmet-commons-mybatis/src/main/java/com/epmet/commons/mybatis/constant/AccessSettingConstant.java

@@ -0,0 +1,15 @@
+package com.epmet.commons.mybatis.constant;
+
+public class AccessSettingConstant {
+    public static final String I_CREATED_KEY = "I_CREATED";
+    public static final String I_CREATED_YES = "YES";
+
+    public static final String I_PART_KEY = "I_PART";
+    public static final String I_PART_YES = "YES";
+
+    public static final String IN_GRID_KEY = "IN_GRID";
+    public static final String IN_GRID_YES = "YES";
+
+    public static final String IN_DEPARTMENT_KEY = "IN_DEPARTMENT";
+    public static final String IN_DEPARTMENT_YES = "YES";
+}

epmet-commons/epmet-commons-mybatis/src/main/java/com/epmet/commons/mybatis/dto/form/DepartmentListResultDTO.java

@@ -0,0 +1,49 @@
+/**
+ * Copyright 2018 人人开源 https://www.renren.io
+ * <p>
+ * This program is free software: you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation, either version 3 of the License, or
+ * (at your option) any later version.
+ * <p>
+ * This program is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ * GNU General Public License for more details.
+ * <p>
+ * You should have received a copy of the GNU General Public License
+ * along with this program.  If not, see <http://www.gnu.org/licenses/>.
+ */
+
+package com.epmet.commons.mybatis.dto.form;
+
+import lombok.Data;
+
+import java.io.Serializable;
+
+
+/**
+ * 组织首页-获取机关下部门列表-部门详情数据
+ *
+ * @author sun
+ */
+@Data
+public class DepartmentListResultDTO implements Serializable {
+
+    private static final long serialVersionUID = 1L;
+
+    /**
+     * 部门Id
+     */
+    private String departmentId;
+
+    /**
+     * 部门名称
+     */
+    private String departmentName;
+
+    /**
+     * 部门下总人数
+     */
+    private Integer totalUser;
+}

epmet-commons/epmet-commons-mybatis/src/main/java/com/epmet/commons/mybatis/dto/form/RoleAccessSettingResultDTO.java

@@ -0,0 +1,13 @@
+package com.epmet.commons.mybatis.dto.form;
+
+import lombok.Data;
+
+@Data
+public class RoleAccessSettingResultDTO {
+
+    private String settingKey;
+    private String id;
+    private String settingName;
+    private String roleId;
+
+}

epmet-commons/epmet-commons-mybatis/src/main/java/com/epmet/commons/mybatis/dto/form/StaffPermCacheResultDTO.java

@@ -17,6 +17,11 @@ public class StaffPermCacheResultDTO {
      */
     private Set<String> roleIdList;
 
+    /**
+     * 部门id列表
+     */
+    private Set<String> deptIdList;
+
     /**
      * 机构Id
      */

epmet-commons/epmet-commons-mybatis/src/main/java/com/epmet/commons/mybatis/feign/GovAccessFeignClient.java

@@ -1,23 +1,23 @@
 package com.epmet.commons.mybatis.feign;
 
-import com.epmet.commons.mybatis.dto.form.OperationScopeDTO;
+import com.epmet.commons.mybatis.dto.form.*;
-import com.epmet.commons.mybatis.dto.form.OperationScopeFormDTO;
-import com.epmet.commons.mybatis.dto.form.StaffPermCacheResultDTO;
-import com.epmet.commons.mybatis.dto.form.StaffPermissionFormDTO;
 import com.epmet.commons.mybatis.feign.fallback.GovAccessFeignClientFallback;
 import com.epmet.commons.tools.constant.ServiceConstant;
 import com.epmet.commons.tools.utils.Result;
 import org.springframework.cloud.openfeign.FeignClient;
+import org.springframework.web.bind.annotation.PathVariable;
 import org.springframework.web.bind.annotation.PostMapping;
 import org.springframework.web.bind.annotation.RequestBody;
 
 import java.util.List;
+import java.util.Map;
 import java.util.Set;
 
 /**
  * @Description
  * @Author sun
  */
+//, url = "localhost:8099"
 @FeignClient(name = ServiceConstant.GOV_ACCESS_SERVER, fallback = GovAccessFeignClientFallback.class)
 public interface GovAccessFeignClient {
 
@@ -36,4 +36,11 @@ public interface GovAccessFeignClient {
     @PostMapping("/gov/access/access/operationscopes")
     Result<Set<OperationScopeDTO>> getOperationScopesByRoleId(OperationScopeFormDTO operationScopeFormDTO);
 
+    /**
+     * 查询角色的权限相关配置
+     * @param roleId
+     * @return
+     */
+    @PostMapping("/gov/access/access/role/{roleId}/accesssettings")
+    Result<Map<String, String>> listAccessSettings(@PathVariable("roleId") String roleId);
 }

epmet-commons/epmet-commons-mybatis/src/main/java/com/epmet/commons/mybatis/feign/GovOrgFeignClient.java

@@ -0,0 +1,30 @@
+package com.epmet.commons.mybatis.feign;
+
+import com.epmet.commons.mybatis.dto.form.*;
+import com.epmet.commons.mybatis.feign.fallback.GovAccessFeignClientFallback;
+import com.epmet.commons.mybatis.feign.fallback.GovOrgFeignClientFallback;
+import com.epmet.commons.tools.constant.ServiceConstant;
+import com.epmet.commons.tools.utils.Result;
+import org.springframework.cloud.openfeign.FeignClient;
+import org.springframework.web.bind.annotation.PathVariable;
+import org.springframework.web.bind.annotation.PostMapping;
+
+import java.util.List;
+import java.util.Set;
+
+/**
+ * @Description
+ * @Author sun
+ */
+//, url = "localhost:8092"
+@FeignClient(name = ServiceConstant.GOV_ORG_SERVER, fallback = GovOrgFeignClientFallback.class)
+public interface GovOrgFeignClient {
+
+    /**
+     * 查询人员部门列表
+     * @param staffId
+     * @return
+     */
+    @PostMapping("/gov/org/department/staff/{staffId}/departmentlist")
+    Result<List<DepartmentListResultDTO>> getDepartmentListByStaffId(@PathVariable("staffId") String staffId);
+}

epmet-commons/epmet-commons-mybatis/src/main/java/com/epmet/commons/mybatis/feign/fallback/GovAccessFeignClientFallback.java

@@ -1,15 +1,14 @@
 package com.epmet.commons.mybatis.feign.fallback;
 
-import com.epmet.commons.mybatis.dto.form.OperationScopeDTO;
+import com.epmet.commons.mybatis.dto.form.*;
-import com.epmet.commons.mybatis.dto.form.OperationScopeFormDTO;
-import com.epmet.commons.mybatis.dto.form.StaffPermCacheResultDTO;
-import com.epmet.commons.mybatis.dto.form.StaffPermissionFormDTO;
 import com.epmet.commons.mybatis.feign.GovAccessFeignClient;
 import com.epmet.commons.tools.constant.ServiceConstant;
 import com.epmet.commons.tools.utils.ModuleUtils;
 import com.epmet.commons.tools.utils.Result;
 import org.springframework.stereotype.Component;
 
+import java.util.List;
+import java.util.Map;
 import java.util.Set;
 
 /**
@@ -30,4 +29,9 @@ public class GovAccessFeignClientFallback implements GovAccessFeignClient {
     public Result<Set<OperationScopeDTO>> getOperationScopesByRoleId(OperationScopeFormDTO operationScopeFormDTO) {
         return ModuleUtils.feignConError(ServiceConstant.GOV_ACCESS_SERVER, "getOperationScopesByRoleId", operationScopeFormDTO);
     }
+
+    @Override
+    public Result<Map<String, String>> listAccessSettings(String roleId) {
+        return ModuleUtils.feignConError(ServiceConstant.GOV_ACCESS_SERVER, "listAccessSettings", roleId);
+    }
 }

epmet-commons/epmet-commons-mybatis/src/main/java/com/epmet/commons/mybatis/feign/fallback/GovOrgFeignClientFallback.java

@@ -0,0 +1,27 @@
+package com.epmet.commons.mybatis.feign.fallback;
+
+import com.epmet.commons.mybatis.dto.form.*;
+import com.epmet.commons.mybatis.feign.GovAccessFeignClient;
+import com.epmet.commons.mybatis.feign.GovOrgFeignClient;
+import com.epmet.commons.tools.constant.ServiceConstant;
+import com.epmet.commons.tools.utils.ModuleUtils;
+import com.epmet.commons.tools.utils.Result;
+import org.springframework.stereotype.Component;
+
+import java.util.List;
+import java.util.Set;
+
+/**
+ * 调用政府端权限
+ * @Author wxz
+ * @Description
+ * @Date 2020/4/24 11:17
+ **/
+@Component
+public class GovOrgFeignClientFallback implements GovOrgFeignClient {
+
+    @Override
+    public Result<List<DepartmentListResultDTO>> getDepartmentListByStaffId(String staffId) {
+        return ModuleUtils.feignConError(ServiceConstant.GOV_ACCESS_SERVER, "getDepartmentListByStaffId", staffId);
+    }
+}

epmet-commons/epmet-commons-mybatis/src/main/java/com/epmet/commons/mybatis/interceptor/DataFilterInterceptor.java

@@ -80,6 +80,9 @@ public class DataFilterInterceptor extends AbstractSqlParserHandler implements I
         String orderBy = "ORDER BY";
         String groupBy = "GROUP BY";
         String sqlFilter = scope.getSqlFilter();
+        if (StringUtils.isBlank(sqlFilter)) {
+            return invocation.proceed();
+        }
         if (originalSql.indexOf("WHERE") == 0) {
             // 不包含where，需要手动拼接上
             sqlFilter = " WHERE ".concat(sqlFilter);

epmet-commons/epmet-commons-tools/src/main/java/com/epmet/commons/tools/redis/RedisKeys.java

@@ -215,6 +215,15 @@ public class RedisKeys {
 	 * @return
 	 */
 	public static String getRoleOpeScopesKey(String roleId, String opeKey) {
-		return rootPrefix.concat("gov:access:role:opescopes:").concat(roleId).concat(opeKey);
+		return rootPrefix.concat("gov:access:role:opescopes:").concat(roleId).concat(":").concat(opeKey);
+	}
+
+	/**
+	 * 角色ID对应的权限配置
+	 * @param roleId
+	 * @return
+	 */
+	public static String getRoleAccessSettingKey(String roleId) {
+		return rootPrefix.concat("gov:access:role:accesssettings:").concat(roleId);
 	}
 }

epmet-commons/epmet-commons-tools/src/main/java/com/epmet/commons/tools/security/dto/GovTokenDto.java

@@ -62,7 +62,7 @@ public class GovTokenDto extends BaseTokenDto implements Serializable {
     /**
      * 部门id列表
      */
-    private List<String> deptIdList;
+    private Set<String> deptIdList;
 
     /**
      * 功能权限列表，实际上是gov_staff => staff_role => role_operation查询到的operationKey

epmet-module/gov-access/gov-access-client/src/main/java/com/epmet/dto/form/StaffPermCacheFormDTO.java

@@ -51,4 +51,9 @@ public class StaffPermCacheFormDTO {
      */
     private Set<String> roleIdList;
 
+    /**
+     * 当前所在网格id
+     */
+    private String gridId;
+
 }

epmet-module/gov-access/gov-access-client/src/main/java/com/epmet/dto/result/RoleAccessSettingResultDTO.java

@@ -0,0 +1,14 @@
+package com.epmet.dto.result;
+
+import lombok.Data;
+
+@Data
+public class RoleAccessSettingResultDTO {
+
+    private String settingKey;
+    private String id;
+    private String settingName;
+    private String settingValue;
+    private String roleId;
+
+}

epmet-module/gov-access/gov-access-client/src/main/java/com/epmet/dto/result/StaffPermCacheResultDTO.java

@@ -18,6 +18,11 @@ public class StaffPermCacheResultDTO {
      */
     private Set<String> roleIdList;
 
+    /**
+     * 部门id列表
+     */
+    private Set<String> deptIdList;
+
     /**
      * 组织ID
      */

epmet-module/gov-access/gov-access-server/src/main/java/com/epmet/controller/AccessController.java

@@ -6,6 +6,7 @@ import com.epmet.commons.tools.validator.ValidatorUtils;
 import com.epmet.dto.OperationScopeDTO;
 import com.epmet.dto.form.OperationScopeFormDTO;
 import com.epmet.dto.form.StaffPermCacheFormDTO;
+import com.epmet.dto.result.RoleAccessSettingResultDTO;
 import com.epmet.dto.result.RoleOpeScopeResultDTO;
 import com.epmet.dto.result.StaffPermCacheResultDTO;
 import com.epmet.entity.OperationScopeEntity;
@@ -16,6 +17,7 @@ import org.springframework.web.bind.annotation.*;
 
 import java.util.ArrayList;
 import java.util.List;
+import java.util.Map;
 import java.util.Set;
 
 /**
@@ -32,7 +34,7 @@ public class AccessController {
     private AccessService accessService;
 
     /**
-     * 更新工作人员权限缓存
+     * 更新工作人员权限缓存(前端查询权限时候gov-mine会调用此处)
      * @param staffPermCacheFormDTO
      * @return
      */
@@ -45,12 +47,13 @@ public class AccessController {
         Set<String> permissions = staffPermCacheFormDTO.getPermissions();
         Set<String> roleIdList = staffPermCacheFormDTO.getRoleIdList();
         String orgId = staffPermCacheFormDTO.getOrgIdPath();
-        accessService.updatePermissionCache(staffId, app, client, permissions, roleIdList, orgId);
+        String gridId = staffPermCacheFormDTO.getGridId();
+        accessService.updatePermissionCache(staffId, app, client, permissions, roleIdList, orgId, gridId);
         return new Result();
     }
 
     /**
-     * 查询用户当前权限列表(DataFilterAspect中用到)
+     * 从缓存中查询用户当前权限列表(DataFilterAspect中用到)
      * @return
      */
     @PostMapping("getcurrpermissions")
@@ -64,6 +67,7 @@ public class AccessController {
             resultDTO.setRoleIdList(govTokenDto.getRoleIdList());
             resultDTO.setOrgIdPath(govTokenDto.getOrgIdPath());
             resultDTO.setGridId(govTokenDto.getGridId());
+            resultDTO.setDeptIdList(govTokenDto.getDeptIdList());
         }
         return new Result<StaffPermCacheResultDTO>().ok(resultDTO);
     }
@@ -78,4 +82,15 @@ public class AccessController {
         Set<RoleOpeScopeResultDTO> scopes = accessService.listOperationScopesByRoleId(operationScopeFormDTO.getRoleId(), operationScopeFormDTO.getOperationKey());
         return new Result<Set<RoleOpeScopeResultDTO>>().ok(scopes);
     }
+
+    /**
+     * 查询角色的权限相关配置
+     * @param roleId
+     * @return
+     */
+    @PostMapping("/role/{roleId}/accesssettings")
+    public Result<Map<String, String>> listAccessSettings(@PathVariable("roleId") String roleId) {
+        Map<String, String> settings = accessService.listAccessSettings(roleId);
+        return new Result<Map<String, String>>().ok(settings);
+    }
 }

epmet-module/gov-access/gov-access-server/src/main/java/com/epmet/dao/RoleAccessSettingDao.java

@@ -0,0 +1,37 @@
+/**
+ * Copyright 2018 人人开源 https://www.renren.io
+ * <p>
+ * This program is free software: you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation, either version 3 of the License, or
+ * (at your option) any later version.
+ * <p>
+ * This program is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ * GNU General Public License for more details.
+ * <p>
+ * You should have received a copy of the GNU General Public License
+ * along with this program.  If not, see <http://www.gnu.org/licenses/>.
+ */
+
+package com.epmet.dao;
+
+import com.epmet.commons.mybatis.dao.BaseDao;
+import com.epmet.dto.result.RoleAccessSettingResultDTO;
+import com.epmet.entity.RoleAccessSettingEntity;
+import org.apache.ibatis.annotations.Mapper;
+
+import java.util.List;
+
+/**
+ * 权限配置
+ *
+ * @author generator generator@elink-cn.com
+ * @since v1.0.0 2020-04-26
+ */
+@Mapper
+public interface RoleAccessSettingDao extends BaseDao<RoleAccessSettingEntity> {
+
+    List<RoleAccessSettingResultDTO> listRoleAccessSettingsByRoleId(String roleId);
+}

epmet-module/gov-access/gov-access-server/src/main/java/com/epmet/entity/RoleAccessSettingEntity.java

@@ -0,0 +1,65 @@
+/**
+ * Copyright 2018 人人开源 https://www.renren.io
+ * <p>
+ * This program is free software: you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation, either version 3 of the License, or
+ * (at your option) any later version.
+ * <p>
+ * This program is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ * GNU General Public License for more details.
+ * <p>
+ * You should have received a copy of the GNU General Public License
+ * along with this program.  If not, see <http://www.gnu.org/licenses/>.
+ */
+
+package com.epmet.entity;
+
+import com.baomidou.mybatisplus.annotation.TableName;
+
+import com.epmet.commons.mybatis.entity.BaseEpmetEntity;
+import lombok.Data;
+import lombok.EqualsAndHashCode;
+
+import java.util.Date;
+
+/**
+ * 权限配置
+ *
+ * @author generator generator@elink-cn.com
+ * @since v1.0.0 2020-04-26
+ */
+@Data
+@EqualsAndHashCode(callSuper=false)
+@TableName("role_access_setting")
+public class RoleAccessSettingEntity extends BaseEpmetEntity {
+
+	private static final long serialVersionUID = 1L;
+
+    /**
+     * 配置KEY
+     */
+	private String settingKey;
+
+    /**
+     * 配置name
+     */
+	private String settingName;
+	/**
+	 * 配置值
+	 */
+	private String settingValue;
+
+    /**
+     * 角色ID
+     */
+	private String roleId;
+
+    /**
+     * 操作简介
+     */
+	private String brief;
+
+}

epmet-module/gov-access/gov-access-server/src/main/java/com/epmet/redis/RoleAccessSettingRedis.java

@@ -0,0 +1,37 @@
+package com.epmet.redis;
+
+import com.epmet.commons.tools.redis.RedisKeys;
+import com.epmet.commons.tools.redis.RedisUtils;
+import com.epmet.dto.result.RoleAccessSettingResultDTO;
+import org.springframework.beans.factory.annotation.Autowired;
+import org.springframework.stereotype.Component;
+
+import java.util.HashMap;
+import java.util.List;
+import java.util.Map;
+import java.util.function.BiConsumer;
+
+@Component
+public class RoleAccessSettingRedis {
+
+    @Autowired
+    private RedisUtils redisUtils;
+
+    public void set(Map<String, Object> settings, String roleId) {
+        String roleAccessSettingKey = RedisKeys.getRoleAccessSettingKey(roleId);
+        redisUtils.hMSet(roleAccessSettingKey, settings);
+    }
+
+    public Map<String, String> get(String roleId) {
+        String roleAccessSettingKey = RedisKeys.getRoleAccessSettingKey(roleId);
+        Map<String, Object> s = redisUtils.hGetAll(roleAccessSettingKey);
+        Map<String, String> settings = new HashMap<>();
+        s.forEach((s1, o) -> {
+            if (o != null) {
+                settings.put(s1, String.valueOf(o));
+            }
+        });
+        return settings;
+    }
+
+}

epmet-module/gov-access/gov-access-server/src/main/java/com/epmet/service/AccessService.java

@@ -1,10 +1,12 @@
 package com.epmet.service;
 
 import com.epmet.commons.tools.security.dto.GovTokenDto;
+import com.epmet.dto.result.RoleAccessSettingResultDTO;
 import com.epmet.dto.result.RoleOpeScopeResultDTO;
 import com.epmet.entity.OperationScopeEntity;
 
 import java.util.List;
+import java.util.Map;
 import java.util.Set;
 
 public interface AccessService {
@@ -13,7 +15,7 @@ public interface AccessService {
      * @param staffId
      * @param permissions
      */
-    void updatePermissionCache(String staffId, String app, String client, Set<String> permissions, Set<String> roleIdList, String orgIdPath);
+    void updatePermissionCache(String staffId, String app, String client, Set<String> permissions, Set<String> roleIdList, String orgIdPath, String gridId);
 
     /**
      * 查询用户当前权限列表
@@ -28,4 +30,11 @@ public interface AccessService {
      * @return
      */
     Set<RoleOpeScopeResultDTO> listOperationScopesByRoleId(String roleId, String operationKey);
+
+    /**
+     * 查询角色的权限相关配置
+     * @param roleId
+     * @return
+     */
+    Map<String, String> listAccessSettings(String roleId);
 }

epmet-module/gov-access/gov-access-server/src/main/java/com/epmet/service/impl/AccessServiceImpl.java

@@ -4,7 +4,10 @@ import com.epmet.commons.tools.exception.ExceptionUtils;
 import com.epmet.commons.tools.security.dto.GovTokenDto;
 import com.epmet.commons.tools.utils.CpUserDetailRedis;
 import com.epmet.dao.OperationScopeDao;
+import com.epmet.dao.RoleAccessSettingDao;
+import com.epmet.dto.result.RoleAccessSettingResultDTO;
 import com.epmet.dto.result.RoleOpeScopeResultDTO;
+import com.epmet.redis.RoleAccessSettingRedis;
 import com.epmet.redis.RoleOpeScopeRedis;
 import com.epmet.service.AccessService;
 import org.slf4j.Logger;
@@ -13,7 +16,7 @@ import org.springframework.beans.factory.annotation.Autowired;
 import org.springframework.stereotype.Service;
 import org.springframework.util.CollectionUtils;
 
-import java.util.Set;
+import java.util.*;
 
 @Service
 public class AccessServiceImpl implements AccessService {
@@ -26,16 +29,24 @@ public class AccessServiceImpl implements AccessService {
     @Autowired
     private OperationScopeDao operationScopeDao;
 
+    @Autowired
+    private RoleAccessSettingDao roleAccessSettingDao;
+
     @Autowired
     private RoleOpeScopeRedis roleOpeScopeRedis;
 
+    @Autowired
+    private RoleAccessSettingRedis roleAccessSettingRedis;
+
+
     /**
      * 更新权限缓存
      * @param staffId
      * @param permissions
      */
     @Override
-    public void updatePermissionCache(String staffId, String app, String client, Set<String> permissions, Set<String> roleIdList, String orgIdPath) {
+    public void updatePermissionCache(String staffId, String app, String client, Set<String> permissions, Set<String> roleIdList,
+                                      String orgIdPath, String gridId) {
         GovTokenDto govTokenDto = cpUserDetailRedis.get(app, client, staffId, GovTokenDto.class);
         if (govTokenDto == null) {
             logger.warn("更新[{}]用户缓存:Redis中不存在该用户TokenDto缓存信息", staffId);
@@ -45,6 +56,7 @@ public class AccessServiceImpl implements AccessService {
         govTokenDto.setPermissions(permissions);
         govTokenDto.setRoleIdList(roleIdList);
         govTokenDto.setOrgIdPath(orgIdPath);
+        govTokenDto.setGridId(gridId);
 
         // 将新的TokenDto更新到redis中
         long expire = cpUserDetailRedis.getExpire(app, client, staffId);
@@ -77,4 +89,26 @@ public class AccessServiceImpl implements AccessService {
         }
         return scopes;
     }
+
+    /**
+     * 查询角色的权限相关配置
+     * @param roleId
+     * @return
+     */
+    @Override
+    public Map<String, String> listAccessSettings(String roleId) {
+        Map<String, String> settings = roleAccessSettingRedis.get(roleId);
+        //if (CollectionUtils.isEmpty(settings)) {
+        //    // 数据库查出来，放入redis一份。此处为权限过滤器用到，存在缓存穿透，所以不采用这种方式。
+        //    // 改用为：变动setting的时候手动更新缓存的方式
+        //    List<RoleAccessSettingResultDTO> settingsDB = roleAccessSettingDao.listRoleAccessSettingsByRoleId(roleId);
+        //    if (!CollectionUtils.isEmpty(settingsDB)) {
+        //        roleAccessSettingRedis.set(settingsDB, roleId);
+        //    }
+        //}
+        if (settings == null) {
+            settings = new HashMap<>();
+        }
+        return settings;
+    }
 }

epmet-module/gov-access/gov-access-server/src/main/resources/db.migration/epmet_gov_access.sql

@@ -5,6 +5,8 @@
 -- SET NAMES utf8mb4;
 -- #SET FOREIGN_KEY_CHECKS = 0;
 
+CREATE DATABASE `epmet_gov_access` DEFAULT CHARACTER SET utf8mb4;
+
 -- DROP TABLE IF EXISTS `permission_scope`;
 CREATE TABLE `operation_scope`  (
   `ID` varchar(64) CHARACTER SET utf8mb4 COLLATE utf8mb4_general_ci NOT NULL COMMENT 'id',
@@ -73,4 +75,22 @@ CREATE TABLE `role_scope`  (
   PRIMARY KEY (`ID`) USING BTREE
 ) ENGINE = InnoDB CHARACTER SET = utf8mb4 COLLATE = utf8mb4_general_ci COMMENT = '角色能操作哪些范围' ROW_FORMAT = Dynamic;
 
+-- 2020.04.26 wxz --
+
+CREATE TABLE `role_access_setting` (
+  `ID` varchar(64) NOT NULL COMMENT '主键',
+  `SETTING_KEY` varchar(30) NOT NULL COMMENT '配置KEY',
+  `SETTING_NAME` varchar(30) NOT NULL COMMENT '配置name',
+  `SETTING_VALUE` varchar(30) NOT NULL COMMENT '配置值',
+  `ROLE_ID` varchar(64) DEFAULT NULL COMMENT '角色ID',
+  `BRIEF` varchar(255) DEFAULT NULL COMMENT '操作简介',
+  `DEL_FLAG` tinyint(1) DEFAULT NULL,
+  `REVISION` int(10) DEFAULT NULL,
+  `CREATED_BY` varchar(64) DEFAULT NULL,
+  `CREATED_TIME` datetime DEFAULT NULL,
+  `UPDATED_BY` varchar(64) DEFAULT NULL,
+  `UPDATED_TIME` datetime DEFAULT NULL,
+  PRIMARY KEY (`ID`)
+) ENGINE=InnoDB DEFAULT CHARSET=utf8mb4 COMMENT='权限配置'
+
 -- SET FOREIGN_KEY_CHECKS = 1;

epmet-module/gov-access/gov-access-server/src/main/resources/mapper/RoleAccessSettingDao.xml

@@ -0,0 +1,30 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<!DOCTYPE mapper PUBLIC "-//mybatis.org//DTD Mapper 3.0//EN" "http://mybatis.org/dtd/mybatis-3-mapper.dtd">
+
+<mapper namespace="com.epmet.dao.RoleAccessSettingDao">
+
+    <resultMap type="com.epmet.entity.RoleAccessSettingEntity" id="roleAccessSettingMap">
+        <result property="id" column="ID"/>
+        <result property="settingKey" column="SETTING_KEY"/>
+        <result property="settingName" column="SETTING_NAME"/>
+        <result property="settingValue" column="SETTING_VALUE"/>
+        <result property="roleId" column="ROLE_ID"/>
+        <result property="brief" column="BRIEF"/>
+        <result property="delFlag" column="DEL_FLAG"/>
+        <result property="revision" column="REVISION"/>
+        <result property="createdBy" column="CREATED_BY"/>
+        <result property="createdTime" column="CREATED_TIME"/>
+        <result property="updatedBy" column="UPDATED_BY"/>
+        <result property="updatedTime" column="UPDATED_TIME"/>
+    </resultMap>
+
+    <!--查询角色的权限相关配置-->
+    <select id="listRoleAccessSettingsByRoleId" resultType="com.epmet.dto.result.RoleAccessSettingResultDTO">
+        select settings.*
+        from role_access_setting settings
+        where ROLE_ID = #{roleId}
+            AND DEL_FLAG = '0'
+    </select>
+
+
+</mapper>

epmet-module/gov-access/gov-access-server/src/test/java/com/epmet/test/govaccess/AccessSettingTest.java

@@ -0,0 +1,38 @@
+package com.epmet.test.govaccess;
+
+import com.epmet.dao.RoleAccessSettingDao;
+import com.epmet.dto.result.RoleAccessSettingResultDTO;
+import com.epmet.redis.RoleAccessSettingRedis;
+import org.junit.Test;
+import org.junit.runner.RunWith;
+import org.springframework.beans.factory.annotation.Autowired;
+import org.springframework.boot.test.context.SpringBootTest;
+import org.springframework.test.context.junit4.SpringRunner;
+
+import java.util.HashMap;
+import java.util.List;
+import java.util.Map;
+
+@RunWith(SpringRunner.class)
+@SpringBootTest
+public class AccessSettingTest {
+
+    @Autowired
+    private RoleAccessSettingDao roleAccessSettingDao;
+
+    @Autowired
+    private RoleAccessSettingRedis roleAccessSettingRedis;
+
+    @Test
+    public void  addAccessSettings2Redis() {
+        List<RoleAccessSettingResultDTO> settings = roleAccessSettingDao.listRoleAccessSettingsByRoleId("1");
+        HashMap<String, Object> objectObjectHashMap = new HashMap<>();
+        settings.forEach(s -> {
+            objectObjectHashMap.put(s.getSettingKey(), s.getSettingValue());
+        });
+        roleAccessSettingRedis.set(objectObjectHashMap, "1");
+        Map<String, String> map = roleAccessSettingRedis.get("1");
+        System.out.println(map);
+    }
+
+}

epmet-module/gov-mine/gov-mine-server/src/main/java/com/epmet/feign/EpmetUserFeignClient.java

@@ -23,6 +23,7 @@ import java.util.List;
  * @Description
  * @Author sun
  */
+//, url = "localhost:8087"
 @FeignClient(name = ServiceConstant.EPMET_USER_SERVER, fallback = EpmetUserFeignClientFallback.class)
 public interface EpmetUserFeignClient {
     /**

epmet-module/gov-mine/gov-mine-server/src/main/java/com/epmet/feign/GovOrgFeignClient.java

@@ -19,6 +19,7 @@ import java.util.List;
  * @Description
  * @Author sun
  */
+//, url = "localhost:8092"
 @FeignClient(name = ServiceConstant.GOV_ORG_SERVER, fallback = GovOrgFeignClientFallBack.class)
 public interface GovOrgFeignClient {
 

epmet-module/gov-mine/gov-mine-server/src/main/java/com/epmet/service/impl/AccessServiceImpl.java

@@ -38,27 +38,25 @@ public class AccessServiceImpl implements AccessService {
     @Autowired
     private GovOrgFeignClient govOrgFeignClient;
 
-    @Autowired
+    public List<GovStaffRoleDTO> queryGovStaffRoles(String staffId, String orgId) {
-    private CpUserDetailRedis cpUserDetailRedis;
-
-    @Override
-    public Set<String> listOpeKeysByStaffId(String app, String client, String staffId, String agencyId, String gridId) {
         List<GovStaffRoleDTO> roleDTOS = new ArrayList<>();
-        // 查询机关单位权限
         StaffRoleFormDTO formDTO = new StaffRoleFormDTO();
         formDTO.setStaffId(staffId);
-        formDTO.setOrgId(agencyId);
+        formDTO.setOrgId(orgId);
-        Result<List<GovStaffRoleDTO>> agencyResult = userFeignClient.getRolesOfStaff(formDTO);
-        if (!CollectionUtils.isEmpty(agencyResult.getData())) {
-            roleDTOS.addAll(agencyResult.getData());
-        }
-        // 查询网格权限
-        formDTO.setStaffId(staffId);
-        formDTO.setOrgId(gridId);
         Result<List<GovStaffRoleDTO>> gridResult = userFeignClient.getRolesOfStaff(formDTO);
         if (!CollectionUtils.isEmpty(gridResult.getData())) {
             roleDTOS.addAll(gridResult.getData());
         }
+        return roleDTOS;
+    }
+
+    @Override
+    public Set<String> listOpeKeysByStaffId(String app, String client, String staffId, String agencyId, String gridId) {
+        List<GovStaffRoleDTO> roleDTOS = new ArrayList<>();
+        // 查询机关单位中的角色
+        roleDTOS.addAll(queryGovStaffRoles(staffId, agencyId));
+        // 查询网格中的角色
+        roleDTOS.addAll(queryGovStaffRoles(staffId, gridId));
 
         // 拼装操作key列表
         Set<String> opeKeys = new HashSet<>();
@@ -86,7 +84,7 @@ public class AccessServiceImpl implements AccessService {
 
         // 查询该直属机关的orgIdPath
         Result<CustomerAgencyDTO> agencyById = govOrgFeignClient.getAgencyById(agencyId);
-        if (agencyById.getCode() != 0 || agencyById.getData() == null) {
+        if (!agencyById.success() || agencyById.getData() == null) {
             logger.error("根据当前机构id[{}]查询pids失败:{}", agencyId, agencyById.getMsg());
             throw new RenException(EpmetErrorCode.SERVER_ERROR.getCode());
         }
@@ -98,6 +96,7 @@ public class AccessServiceImpl implements AccessService {
         staffPermCacheFormDTO.setStaffId(staffId);
         staffPermCacheFormDTO.setPermissions(opeKeys);
         staffPermCacheFormDTO.setRoleIdList(roleIds);
+        staffPermCacheFormDTO.setGridId(gridId);
         // 拼接orgIdPath
         staffPermCacheFormDTO.setOrgIdPath(String.format("%s:%s", agencyById.getData().getPids(), agencyId));
         govAccessFeignClient.updatePermissionCache(staffPermCacheFormDTO);

epmet-module/gov-org/gov-org-server/src/main/java/com/epmet/controller/DepartmentController.java

@@ -11,10 +11,7 @@ import com.epmet.dto.result.DepartmentInAgencyResultDTO;
 import com.epmet.dto.result.DepartmentListResultDTO;
 import com.epmet.service.DepartmentService;
 import org.springframework.beans.factory.annotation.Autowired;
-import org.springframework.web.bind.annotation.PostMapping;
+import org.springframework.web.bind.annotation.*;
-import org.springframework.web.bind.annotation.RequestBody;
-import org.springframework.web.bind.annotation.RequestMapping;
-import org.springframework.web.bind.annotation.RestController;
 
 import java.util.List;
 
@@ -112,4 +109,14 @@ public class DepartmentController {
         ValidatorUtils.validateEntity(formDTO);
         return departmentService.departmentList(formDTO);
     }
+
+    /**
+     * 根据StaffId查询所属部门列表
+     * @return
+     */
+    @PostMapping("staff/{staffId}/departmentlist")
+    public Result<List<DepartmentListResultDTO>> getDepartmentListByStaffId(@PathVariable("staffId") String staffId) {
+        List<DepartmentListResultDTO> deptList = departmentService.listDepartmentListByStaffId(staffId);
+        return new Result<List<DepartmentListResultDTO>>().ok(deptList);
+    }
 }

epmet-module/gov-org/gov-org-server/src/main/java/com/epmet/dao/CustomerDepartmentDao.java

@@ -49,4 +49,11 @@ public interface CustomerDepartmentDao extends BaseDao<CustomerDepartmentEntity>
      * @Description 根据当前机关Id查询该机关下的直属部门列表
      **/
     List<DepartmentListResultDTO> selectDepartmentList(@Param("agencyId") String agencyId);
+
+    /**
+     * 根据StaffId查询所属部门列表
+     * @param staffId
+     * @return
+     */
+    List<DepartmentListResultDTO> listDepartmentListByStaffId(@Param("staffId") String staffId);
 }

epmet-module/gov-org/gov-org-server/src/main/java/com/epmet/service/DepartmentService.java

@@ -86,4 +86,11 @@ public interface DepartmentService {
      * @return
      */
     Result addDepartmentStaff(TokenDto tokenDto,AddDepartmentStaffFormDTO addDepartmentStaffFormDTO);
+
+    /**
+     * 根据StaffId查询所属部门列表
+     * @param staffId
+     * @return
+     */
+    List<DepartmentListResultDTO> listDepartmentListByStaffId(String staffId);
 }

epmet-module/gov-org/gov-org-server/src/main/java/com/epmet/service/impl/DepartmentServiceImpl.java

@@ -226,4 +226,9 @@ public class DepartmentServiceImpl implements DepartmentService {
         customerStaffDepartmentDao.updateDepartmentStaffCount(data.size(),addDepartmentStaffFormDTO.getDepartmentId());
         return new Result();
     }
+
+    @Override
+    public List<DepartmentListResultDTO> listDepartmentListByStaffId(String staffId) {
+        return customerDepartmentDao.listDepartmentListByStaffId(staffId);
+    }
 }

epmet-module/gov-org/gov-org-server/src/main/resources/mapper/CustomerDepartmentDao.xml

@@ -26,4 +26,11 @@
         ORDER BY created_time DESC
     </select>
 
+    <!--根据StaffId查询所属部门列表-->
+    <select id="listDepartmentListByStaffId" resultType="com.epmet.dto.result.DepartmentListResultDTO">
+        select cd.ID as departmentId, cd.DEPARTMENT_NAME, TOTAL_USER
+        from customer_staff_department csd
+               inner join customer_department cd on (csd.DEPARTMENT_ID = cd.ID)
+        where csd.USER_ID = #{staffId}
+    </select>
 </mapper>

epmet-user/epmet-user-server/src/main/java/com/epmet/dao/StaffRoleDao.java

@@ -18,11 +18,13 @@
 package com.epmet.dao;
 
 import com.epmet.commons.mybatis.dao.BaseDao;
+import com.epmet.commons.mybatis.entity.DataScope;
 import com.epmet.dto.StaffRoleDTO;
 import com.epmet.dto.result.GovStaffRoleResultDTO;
 import com.epmet.entity.StaffRoleEntity;
 import org.apache.ibatis.annotations.Mapper;
 import org.apache.ibatis.annotations.Param;
+import org.springframework.context.annotation.Scope;
 
 import java.util.List;
 
@@ -40,7 +42,8 @@ public interface StaffRoleDao extends BaseDao<StaffRoleEntity> {
      * @param orgId
      * @return
      */
-    List<GovStaffRoleResultDTO> listStaffIdsByRoleKeyAndOrgId(@Param("roleKey") String roleKey, @Param("orgId") String orgId);
+    List<GovStaffRoleResultDTO> listStaffIdsByRoleKeyAndOrgId(@Param("roleKey") String roleKey, @Param("orgId") String orgId,
+                                                              @Param("dataScope") DataScope dataScope);
 
     /**
      * 删除工作人员权限

epmet-user/epmet-user-server/src/main/java/com/epmet/feign/GovOrgFeignClient.java

@@ -13,6 +13,7 @@ import org.springframework.web.bind.annotation.PostMapping;
  * @Author sun
  * @Date 2020/3/16
  */
+//, url = "localhost:8092"
 @FeignClient(name = ServiceConstant.GOV_ORG_SERVER, fallback = GovOrgFeignClientFallBack.class)
 public interface GovOrgFeignClient {
 

epmet-user/epmet-user-server/src/main/java/com/epmet/service/impl/StaffRoleServiceImpl.java

@@ -111,9 +111,9 @@ public class StaffRoleServiceImpl extends BaseServiceImpl<StaffRoleDao, StaffRol
      * @return
      */
     @Override
-    //@DataFilter
+    //@DataFilter(tableAlias = "sr")
     public List<GovStaffRoleResultDTO> listStaffsInRole(String roleKey, String orgId, DataScope dataScope) {
-        return baseDao.listStaffIdsByRoleKeyAndOrgId(roleKey, orgId);
+        return baseDao.listStaffIdsByRoleKeyAndOrgId(roleKey, orgId, dataScope);
     }
 
     @Override