|
|
@@ -33,12 +33,16 @@ import java.util.stream.Stream;
|
|
|
*/
|
|
|
@Service
|
|
|
public class BasicRoleDataPermissionServiceImpl extends ServiceImpl<BasicRoleDataPermissionMapper, BasicRoleDataPermission> implements BasicRoleDataPermissionService {
|
|
|
+
|
|
|
@Resource
|
|
|
SysPrivilegeService sysPrivilegeService;
|
|
|
+
|
|
|
@Resource
|
|
|
SysRoleService sysRoleService;
|
|
|
+
|
|
|
@Resource
|
|
|
SysUserService sysUserService;
|
|
|
+
|
|
|
@Resource
|
|
|
SysOrgService sysOrgService;
|
|
|
|
|
|
@@ -49,16 +53,12 @@ public class BasicRoleDataPermissionServiceImpl extends ServiceImpl<BasicRoleDat
|
|
|
Object schoolIdObj = ServletUtil.getRequestHeaderSchoolIdByNotVaild();
|
|
|
Long schoolId = schoolIdObj == null ? null : SystemConstant.convertIdToLong(String.valueOf(ServletUtil.getRequestHeaderSchoolIdByNotVaild()));
|
|
|
|
|
|
- List<Long> privilegeIdList = dataPermissionInfoList.stream()
|
|
|
- .map(DataPermissionInfo::getPrivilegeId)
|
|
|
- .distinct()
|
|
|
+ List<Long> privilegeIdList = dataPermissionInfoList.stream().map(DataPermissionInfo::getPrivilegeId).distinct()
|
|
|
.collect(Collectors.toList());
|
|
|
|
|
|
if (privilegeIdList.size() > 0) {
|
|
|
- int count = sysPrivilegeService.count(new QueryWrapper<SysPrivilege>()
|
|
|
- .lambda()
|
|
|
- .ne(SysPrivilege::getType, PrivilegeEnum.MENU)
|
|
|
- .in(SysPrivilege::getId, privilegeIdList));
|
|
|
+ int count = sysPrivilegeService.count(
|
|
|
+ new QueryWrapper<SysPrivilege>().lambda().ne(SysPrivilege::getType, PrivilegeEnum.MENU).in(SysPrivilege::getId, privilegeIdList));
|
|
|
|
|
|
if (count > 0) {
|
|
|
throw ExceptionResultEnum.ERROR.exception("角色数据权限要绑在菜单级权限上");
|
|
|
@@ -71,8 +71,7 @@ public class BasicRoleDataPermissionServiceImpl extends ServiceImpl<BasicRoleDat
|
|
|
this.remove(basicRoleDataPermissionQueryWrapper);
|
|
|
|
|
|
List<BasicRoleDataPermission> basicRoleDataPermissionList = dataPermissionInfoList.stream()
|
|
|
- .filter(e -> Objects.nonNull(e.getDataPermissionType()))
|
|
|
- .flatMap(e -> {
|
|
|
+ .filter(e -> Objects.nonNull(e.getDataPermissionType())).flatMap(e -> {
|
|
|
BasicRoleDataPermission basicRoleDataPermission = new BasicRoleDataPermission();
|
|
|
basicRoleDataPermission.insertInfo(requestUser.getId());
|
|
|
basicRoleDataPermission.setSchoolId(schoolId);
|
|
|
@@ -87,17 +86,14 @@ public class BasicRoleDataPermissionServiceImpl extends ServiceImpl<BasicRoleDat
|
|
|
|
|
|
@Override
|
|
|
public List<DataPermissionInfo> findRoleDataPermissionInfo(Long roleId) {
|
|
|
- return this.list(new QueryWrapper<BasicRoleDataPermission>().lambda()
|
|
|
- .eq(BasicRoleDataPermission::getRoleId, roleId))
|
|
|
- .stream()
|
|
|
- .flatMap(e -> {
|
|
|
+ return this.list(
|
|
|
+ new QueryWrapper<BasicRoleDataPermission>().lambda().eq(BasicRoleDataPermission::getRoleId, roleId))
|
|
|
+ .stream().flatMap(e -> {
|
|
|
DataPermissionInfo dataPermissionInfo = new DataPermissionInfo();
|
|
|
dataPermissionInfo.setPrivilegeId(e.getPrivilegeId());
|
|
|
dataPermissionInfo.setDataPermissionType(e.getDataPermissionType());
|
|
|
return Stream.of(dataPermissionInfo);
|
|
|
- })
|
|
|
- .distinct()
|
|
|
- .collect(Collectors.toList());
|
|
|
+ }).distinct().collect(Collectors.toList());
|
|
|
}
|
|
|
|
|
|
@Override
|
|
|
@@ -105,10 +101,8 @@ public class BasicRoleDataPermissionServiceImpl extends ServiceImpl<BasicRoleDat
|
|
|
|
|
|
// 方法的权限
|
|
|
SysPrivilege sysPrivilege = new SysPrivilege();
|
|
|
- List<SysPrivilege> sysPrivilegeList = sysPrivilegeService.list(new QueryWrapper<SysPrivilege>()
|
|
|
- .lambda()
|
|
|
- .eq(SysPrivilege::getUrl, url)
|
|
|
- .eq(SysPrivilege::getType, PrivilegeEnum.URL));
|
|
|
+ List<SysPrivilege> sysPrivilegeList = sysPrivilegeService.list(
|
|
|
+ new QueryWrapper<SysPrivilege>().lambda().eq(SysPrivilege::getUrl, url).eq(SysPrivilege::getType, PrivilegeEnum.URL));
|
|
|
// url权限默认取第一条
|
|
|
if (sysPrivilegeList.size() > 0) {
|
|
|
sysPrivilege = sysPrivilegeList.get(0);
|
|
|
@@ -146,7 +140,8 @@ public class BasicRoleDataPermissionServiceImpl extends ServiceImpl<BasicRoleDat
|
|
|
// 数据库中存在该方法的url
|
|
|
int maxWeight = 0;
|
|
|
for (Long roleId : roleIdList) {
|
|
|
- DataPermissionTypeEnum roleDataPermissionType = this.searchRoleDataPermissionByPrivilege(roleId, sysPrivilege, schoolId);
|
|
|
+ DataPermissionTypeEnum roleDataPermissionType = this.searchRoleDataPermissionByPrivilege(roleId,
|
|
|
+ sysPrivilege, schoolId);
|
|
|
if (Objects.nonNull(roleDataPermissionType)) {
|
|
|
// 角色数据权限不为空时,筛选出所有角色在该url中的最大范围数据权限为该url的最终数据权限
|
|
|
int weight = roleDataPermissionType.getWeight();
|
|
|
@@ -160,23 +155,23 @@ public class BasicRoleDataPermissionServiceImpl extends ServiceImpl<BasicRoleDat
|
|
|
// 最终数据权限不为空
|
|
|
SysUser requestUser = sysUserService.getById(requestUserId);
|
|
|
switch (finalPermissionType) {
|
|
|
- case SELF:
|
|
|
- // 只能看自己创建的
|
|
|
- result.setRequestUserId(requestUserId);
|
|
|
- break;
|
|
|
- case SELF_ORG:
|
|
|
- // 只能看自己所在机构
|
|
|
- Long orgId = requestUser.getOrgId();
|
|
|
- Set<Long> orgIdSet = new HashSet<>();
|
|
|
- orgIdSet.add(orgId);
|
|
|
- result.setOrgIdSet(orgIdSet);
|
|
|
- break;
|
|
|
- case SELF_ORG_BELOW:
|
|
|
- // 只能看自己所在机构和所辖机构
|
|
|
- result.setOrgIdSet(sysOrgService.findDeepOrgIdListByUserId(requestUser.getId()));
|
|
|
- break;
|
|
|
- default:
|
|
|
- break;
|
|
|
+ case SELF:
|
|
|
+ // 只能看自己创建的
|
|
|
+ result.setRequestUserId(requestUserId);
|
|
|
+ break;
|
|
|
+ case SELF_ORG:
|
|
|
+ // 只能看自己所在机构
|
|
|
+ Long orgId = requestUser.getOrgId();
|
|
|
+ Set<Long> orgIdSet = new HashSet<>();
|
|
|
+ orgIdSet.add(orgId);
|
|
|
+ result.setOrgIdSet(orgIdSet);
|
|
|
+ break;
|
|
|
+ case SELF_ORG_BELOW:
|
|
|
+ // 只能看自己所在机构和所辖机构
|
|
|
+ result.setOrgIdSet(sysOrgService.findDeepOrgIdListByUserId(requestUser.getId()));
|
|
|
+ break;
|
|
|
+ default:
|
|
|
+ break;
|
|
|
}
|
|
|
}
|
|
|
}
|
|
|
@@ -198,25 +193,25 @@ public class BasicRoleDataPermissionServiceImpl extends ServiceImpl<BasicRoleDat
|
|
|
SysRole sysRole = sysRoleService.getById(roleId);
|
|
|
QueryWrapper<BasicRoleDataPermission> queryWrapper = new QueryWrapper<>();
|
|
|
queryWrapper.lambda().eq(BasicRoleDataPermission::getRoleId, roleId)
|
|
|
- .eq(BasicRoleDataPermission::getPrivilegeId, privilegeId);
|
|
|
- if (sysRole.getDefaultRole()) {
|
|
|
- queryWrapper.lambda().and(t -> t.isNull(BasicRoleDataPermission::getSchoolId).or()
|
|
|
- .eq(BasicRoleDataPermission::getSchoolId, schoolId));
|
|
|
- } else {
|
|
|
- queryWrapper.lambda().eq(BasicRoleDataPermission::getSchoolId, schoolId);
|
|
|
- }
|
|
|
+ .eq(BasicRoleDataPermission::getPrivilegeId, privilegeId)
|
|
|
+ .eq(BasicRoleDataPermission::getSchoolId, schoolId);
|
|
|
BasicRoleDataPermission basicRoleDataPermission = this.getOne(queryWrapper);
|
|
|
if (Objects.nonNull(basicRoleDataPermission)) {
|
|
|
// 有数据权限
|
|
|
return basicRoleDataPermission.getDataPermissionType();
|
|
|
- } else {
|
|
|
- // 没数据权限查父菜单
|
|
|
- return getDataPermissionRule(roleId, privilege, schoolId);
|
|
|
+ } else if (sysRole.getDefaultRole()) {
|
|
|
+ // 查询默认
|
|
|
+ BasicRoleDataPermission defaultBasicRoleDataPermission = this.getOne(new QueryWrapper<BasicRoleDataPermission>().lambda()
|
|
|
+ .eq(BasicRoleDataPermission::getRoleId, roleId)
|
|
|
+ .eq(BasicRoleDataPermission::getPrivilegeId, privilegeId).isNull(BasicRoleDataPermission::getSchoolId));
|
|
|
+ if (Objects.nonNull(defaultBasicRoleDataPermission)) {
|
|
|
+ // 有数据权限
|
|
|
+ return defaultBasicRoleDataPermission.getDataPermissionType();
|
|
|
+ }
|
|
|
}
|
|
|
- } else {
|
|
|
- // 如果该url不是菜单类型则查询其父目录
|
|
|
- return getDataPermissionRule(roleId, privilege, schoolId);
|
|
|
}
|
|
|
+ // 如果该url不是菜单类型则查询其父目录
|
|
|
+ return getDataPermissionRule(roleId, privilege, schoolId);
|
|
|
}
|
|
|
|
|
|
/**
|
caozixuan