角色数据权限设置

distributed-print-business/src/main/java/com/qmth/distributed/print/business/bean/dto/DataPermissionInfo.java

@@ -15,17 +15,17 @@ import java.io.Serializable;
 public class DataPermissionInfo implements Serializable {
     @ApiModelProperty("权限表id")
     @JsonSerialize(using = ToStringSerializer.class)
-    private Long id;
+    private Long privilegeId;
 
     @ApiModelProperty("数据权限类型")
     private DataPermissionTypeEnum dataPermissionType;
 
-    public Long getId() {
-        return id;
+    public Long getPrivilegeId() {
+        return privilegeId;
     }
 
-    public void setId(Long id) {
-        this.id = id;
+    public void setPrivilegeId(Long privilegeId) {
+        this.privilegeId = privilegeId;
     }
 
     public DataPermissionTypeEnum getDataPermissionType() {

distributed-print-business/src/main/java/com/qmth/distributed/print/business/bean/dto/DataPermissionQuery.java

@@ -0,0 +1,35 @@
+package com.qmth.distributed.print.business.bean.dto;
+
+import io.swagger.annotations.ApiModelProperty;
+
+import java.io.Serializable;
+import java.util.Set;
+
+/**
+ * @Description: 数据权限查询参数
+ * @Author: CaoZixuan
+ * @Date: 22022-12-07
+ */
+public class DataPermissionQuery implements Serializable {
+    @ApiModelProperty("有数据权限的机构集合（所有、本机构及以下、本机构）")
+    private Set<Long> orgIdSet;
+
+    @ApiModelProperty("登录用户数据权限（只允许看自己的数据）")
+    private Long requestUserId;
+
+    public Set<Long> getOrgIdSet() {
+        return orgIdSet;
+    }
+
+    public void setOrgIdSet(Set<Long> orgIdSet) {
+        this.orgIdSet = orgIdSet;
+    }
+
+    public Long getRequestUserId() {
+        return requestUserId;
+    }
+
+    public void setRequestUserId(Long requestUserId) {
+        this.requestUserId = requestUserId;
+    }
+}

distributed-print-business/src/main/java/com/qmth/distributed/print/business/bean/params/SysRolePrivilegeParams.java

@@ -33,11 +33,11 @@ public class SysRolePrivilegeParams implements Serializable {
 
     @ApiModelProperty("权限id数组")
     @NotEmpty(message = "权限集合不能为空")
-    private Long[] privilegeIds;
+    private List<String> privilegeIds;
 
     @ApiModelProperty("数据权限集合")
     @NotEmpty(message = "数据权限集合不能为空")
-    private List<DataPermissionInfo> datePermissionInfo;
+    private List<DataPermissionInfo> dataPermissionInfo;
 
     public Long getId() {
         return id;
@@ -63,19 +63,19 @@ public class SysRolePrivilegeParams implements Serializable {
         this.interpret = interpret;
     }
 
-    public Long[] getPrivilegeIds() {
+    public List<String> getPrivilegeIds() {
         return privilegeIds;
     }
 
-    public void setPrivilegeIds(Long[] privilegeIds) {
+    public void setPrivilegeIds(List<String> privilegeIds) {
         this.privilegeIds = privilegeIds;
     }
 
-    public List<DataPermissionInfo> getDatePermissionInfo() {
-        return datePermissionInfo;
+    public List<DataPermissionInfo> getDataPermissionInfo() {
+        return dataPermissionInfo;
     }
 
-    public void setDatePermissionInfo(List<DataPermissionInfo> datePermissionInfo) {
-        this.datePermissionInfo = datePermissionInfo;
+    public void setDataPermissionInfo(List<DataPermissionInfo> dataPermissionInfo) {
+        this.dataPermissionInfo = dataPermissionInfo;
     }
 }

distributed-print-business/src/main/java/com/qmth/distributed/print/business/service/BasicRoleDataPermissionService.java

@@ -2,7 +2,9 @@ package com.qmth.distributed.print.business.service;
 
 import com.baomidou.mybatisplus.extension.service.IService;
 import com.qmth.distributed.print.business.bean.dto.DataPermissionInfo;
+import com.qmth.distributed.print.business.bean.dto.DataPermissionQuery;
 import com.qmth.distributed.print.business.entity.BasicRoleDataPermission;
+import com.qmth.teachcloud.common.entity.SysUser;
 
 import java.util.List;
 
@@ -15,10 +17,26 @@ public interface BasicRoleDataPermissionService extends IService<BasicRoleDataPe
 
     /**
      * 新增角色数据权限设置
-     * @param roleId 角色id
+     *
+     * @param roleId                 角色id
      * @param dataPermissionInfoList 角色数据权限集合
      */
     void saveRoleDataPermission(Long roleId, List<DataPermissionInfo> dataPermissionInfoList);
 
+    /**
+     * 查询角色数据权限
+     * @param roleId 角色id
+     * @return 该角色数据权限信息集合
+     */
+    List<DataPermissionInfo> findRoleDataPermissionInfo(Long roleId);
 
+    /**
+     * 查询数据权限
+     *
+     * @param schoolId      学校id
+     * @param requestUserId 请求的用户id
+     * @param url           请求的url
+     * @return 数据权限查询集合
+     */
+    DataPermissionQuery findDataPermission(Long schoolId, Long requestUserId, String url);
 }

distributed-print-business/src/main/java/com/qmth/distributed/print/business/service/impl/BasicRoleDataPermissionServiceImpl.java

@@ -3,6 +3,7 @@ package com.qmth.distributed.print.business.service.impl;
 import com.baomidou.mybatisplus.core.conditions.query.QueryWrapper;
 import com.baomidou.mybatisplus.extension.service.impl.ServiceImpl;
 import com.qmth.distributed.print.business.bean.dto.DataPermissionInfo;
+import com.qmth.distributed.print.business.bean.dto.DataPermissionQuery;
 import com.qmth.distributed.print.business.entity.BasicRoleDataPermission;
 import com.qmth.distributed.print.business.mapper.BasicRoleDataPermissionMapper;
 import com.qmth.distributed.print.business.service.BasicRoleDataPermissionService;
@@ -12,6 +13,7 @@ import com.qmth.teachcloud.common.entity.SysUser;
 import com.qmth.teachcloud.common.enums.ExceptionResultEnum;
 import com.qmth.teachcloud.common.enums.PrivilegeEnum;
 import com.qmth.teachcloud.common.service.SysPrivilegeService;
+import com.qmth.teachcloud.common.service.SysRoleService;
 import com.qmth.teachcloud.common.util.ServletUtil;
 import org.springframework.stereotype.Service;
 import org.springframework.transaction.annotation.Transactional;
@@ -30,6 +32,8 @@ import java.util.stream.Stream;
 public class BasicRoleDataPermissionServiceImpl extends ServiceImpl<BasicRoleDataPermissionMapper, BasicRoleDataPermission> implements BasicRoleDataPermissionService {
     @Resource
     SysPrivilegeService sysPrivilegeService;
+    @Resource
+    SysRoleService sysRoleService;
 
     @Transactional(rollbackFor = Exception.class)
     @Override
@@ -38,7 +42,7 @@ public class BasicRoleDataPermissionServiceImpl extends ServiceImpl<BasicRoleDat
         Long schoolId = SystemConstant.convertIdToLong(String.valueOf(ServletUtil.getRequestHeaderSchoolId()));
 
         List<Long> privilegeIdList = dataPermissionInfoList.stream()
-                .map(DataPermissionInfo::getId)
+                .map(DataPermissionInfo::getPrivilegeId)
                 .distinct()
                 .collect(Collectors.toList());
 
@@ -52,7 +56,7 @@ public class BasicRoleDataPermissionServiceImpl extends ServiceImpl<BasicRoleDat
                 throw ExceptionResultEnum.ERROR.exception("角色数据权限要绑在菜单级权限上");
             }
             this.remove(new QueryWrapper<BasicRoleDataPermission>().lambda()
-                    .eq(BasicRoleDataPermission::getSchoolId, requestUser.getSchoolId())
+                    .eq(BasicRoleDataPermission::getSchoolId, schoolId)
                     .eq(BasicRoleDataPermission::getRoleId, roleId));
 
             List<BasicRoleDataPermission> basicRoleDataPermissionList = dataPermissionInfoList.stream().flatMap(e -> {
@@ -60,7 +64,7 @@ public class BasicRoleDataPermissionServiceImpl extends ServiceImpl<BasicRoleDat
                 basicRoleDataPermission.insertInfo(requestUser.getId());
                 basicRoleDataPermission.setSchoolId(schoolId);
                 basicRoleDataPermission.setRoleId(roleId);
-                basicRoleDataPermission.setPrivilegeId(e.getId());
+                basicRoleDataPermission.setPrivilegeId(e.getPrivilegeId());
                 basicRoleDataPermission.setDataPermissionType(e.getDataPermissionType());
                 return Stream.of(basicRoleDataPermission);
             }).collect(Collectors.toList());
@@ -68,4 +72,29 @@ public class BasicRoleDataPermissionServiceImpl extends ServiceImpl<BasicRoleDat
         }
 
     }
+
+    @Override
+    public List<DataPermissionInfo> findRoleDataPermissionInfo(Long roleId) {
+        return this.list(new QueryWrapper<BasicRoleDataPermission>().lambda()
+                        .eq(BasicRoleDataPermission::getRoleId, roleId))
+                .stream()
+                .flatMap(e -> {
+                    DataPermissionInfo dataPermissionInfo = new DataPermissionInfo();
+                    dataPermissionInfo.setPrivilegeId(e.getPrivilegeId());
+                    dataPermissionInfo.setDataPermissionType(e.getDataPermissionType());
+                    return Stream.of(dataPermissionInfo);
+                })
+                .distinct()
+                .collect(Collectors.toList());
+    }
+
+    @Override
+    public DataPermissionQuery findDataPermission(Long schoolId, Long requestUserId, String url) {
+        // 角色集合
+        List<Long> roleList = sysRoleService.getUserRoles(requestUserId);
+
+        SysPrivilege sysPrivilege = sysPrivilegeService.getOne(new QueryWrapper<SysPrivilege>().lambda().eq(SysPrivilege::getUrl, url).eq(SysPrivilege::getType, PrivilegeEnum.URL));
+//        sysPrivilege.get
+        return null;
+    }
 }

distributed-print/src/main/java/com/qmth/distributed/print/api/SysPrivilegeController.java

@@ -1,11 +1,17 @@
 package com.qmth.distributed.print.api;
 
 import com.qmth.boot.api.constant.ApiConstant;
+import com.qmth.distributed.print.business.bean.dto.DataPermissionInfo;
+import com.qmth.distributed.print.business.bean.params.SysRolePrivilegeParams;
+import com.qmth.distributed.print.business.service.BasicRoleDataPermissionService;
 import com.qmth.teachcloud.common.annotation.OperationLogDetail;
 import com.qmth.teachcloud.common.contant.SystemConstant;
 import com.qmth.teachcloud.common.entity.SysPrivilege;
+import com.qmth.teachcloud.common.entity.SysRole;
+import com.qmth.teachcloud.common.enums.ExceptionResultEnum;
 import com.qmth.teachcloud.common.enums.log.CustomizedOperationTypeEnum;
 import com.qmth.teachcloud.common.service.SysPrivilegeService;
+import com.qmth.teachcloud.common.service.SysRoleService;
 import com.qmth.teachcloud.common.util.Result;
 import com.qmth.teachcloud.common.util.ResultUtil;
 import io.swagger.annotations.Api;
@@ -13,6 +19,11 @@ import io.swagger.annotations.ApiOperation;
 import org.springframework.beans.factory.annotation.Autowired;
 import org.springframework.web.bind.annotation.*;
 
+import javax.annotation.Resource;
+import java.util.List;
+import java.util.Objects;
+import java.util.stream.Collectors;
+
 /**
  * <p>
  * 菜单权限表 前端控制器
@@ -26,8 +37,12 @@ import org.springframework.web.bind.annotation.*;
 @RequestMapping(ApiConstant.DEFAULT_URI_PREFIX  + SystemConstant.PREFIX_URL_SYS + "/privilege")
 public class SysPrivilegeController {
 
-    @Autowired
+    @Resource
     private SysPrivilegeService sysPrivilegeService;
+    @Resource
+    private BasicRoleDataPermissionService basicRoleDataPermissionService;
+    @Resource
+    private SysRoleService sysRoleService;
 
     /**
      * 查询
@@ -89,7 +104,21 @@ public class SysPrivilegeController {
     @RequestMapping(value = "/get_role_privileges", method = RequestMethod.POST)
     @OperationLogDetail(customizedOperationType = CustomizedOperationTypeEnum.SEARCH)
     public Result getRolePrivileges(@RequestParam(value = "roleId", required = true) Long roleId) {
-        return ResultUtil.ok(sysPrivilegeService.getRolePrivileges(roleId));
+        SysRole sysRole = sysRoleService.getById(roleId);
+        if (Objects.isNull(sysRole)){
+            throw ExceptionResultEnum.ERROR.exception("角色不存在");
+        }
+
+        SysRolePrivilegeParams result = new SysRolePrivilegeParams();
+        // 该角色拥有的权限集合
+        result.setPrivilegeIds(sysPrivilegeService.getRolePrivileges(roleId));
+        // 该角色拥有的数据权限
+        result.setDataPermissionInfo(basicRoleDataPermissionService.findRoleDataPermissionInfo(roleId));
+        result.setId(roleId);
+        result.setInterpret(sysRole.getInterpret());
+        result.setName(sysRole.getName());
+
+        return ResultUtil.ok(result);
     }
 }
 

distributed-print/src/main/java/com/qmth/distributed/print/api/SysRoleController.java

@@ -23,6 +23,7 @@ import javax.validation.constraints.Max;
 import javax.validation.constraints.Min;
 import java.security.NoSuchAlgorithmException;
 import java.util.List;
+import java.util.stream.Collectors;
 
 /**
  * <p>
@@ -92,14 +93,14 @@ public class SysRoleController {
         role.setId(sysRolePrivilegeParams.getId());
         role.setName(sysRolePrivilegeParams.getName());
         role.setInterpret(sysRolePrivilegeParams.getInterpret());
-        role.setPrivilegeIds(sysRolePrivilegeParams.getPrivilegeIds());
+        role.setPrivilegeIds(sysRolePrivilegeParams.getPrivilegeIds().stream().map(SystemConstant::convertIdToLong).toArray(Long[]::new));
         boolean rolePrivilegeResult = sysRoleService.saveRoleNew(role);
 
         // 组装角色权限
         Long roleId = role.getId();
         // 数据权限集合
         if (rolePrivilegeResult && roleId > 0){
-            List<DataPermissionInfo> dataPermissionInfoList = sysRolePrivilegeParams.getDatePermissionInfo();
+            List<DataPermissionInfo> dataPermissionInfoList = sysRolePrivilegeParams.getDataPermissionInfo();
             basicRoleDataPermissionService.saveRoleDataPermission(roleId,dataPermissionInfoList);
         }
         return ResultUtil.ok();