角色数据权限设置

distributed-print-business/src/main/java/com/qmth/distributed/print/business/bean/dto/DataPermissionInfo.java

@@ -0,0 +1,38 @@
+package com.qmth.distributed.print.business.bean.dto;
+
+import com.fasterxml.jackson.databind.annotation.JsonSerialize;
+import com.fasterxml.jackson.databind.ser.std.ToStringSerializer;
+import com.qmth.distributed.print.business.enums.DataPermissionTypeEnum;
+import io.swagger.annotations.ApiModelProperty;
+
+import java.io.Serializable;
+
+/**
+ * @Description: 数据权限信息
+ * @Author: CaoZixuan
+ * @Date: 2022-12-06
+ */
+public class DataPermissionInfo implements Serializable {
+    @ApiModelProperty("权限表id")
+    @JsonSerialize(using = ToStringSerializer.class)
+    private Long id;
+
+    @ApiModelProperty("数据权限类型")
+    private DataPermissionTypeEnum dataPermissionType;
+
+    public Long getId() {
+        return id;
+    }
+
+    public void setId(Long id) {
+        this.id = id;
+    }
+
+    public DataPermissionTypeEnum getDataPermissionType() {
+        return dataPermissionType;
+    }
+
+    public void setDataPermissionType(DataPermissionTypeEnum dataPermissionType) {
+        this.dataPermissionType = dataPermissionType;
+    }
+}

distributed-print-business/src/main/java/com/qmth/distributed/print/business/bean/params/SysRolePrivilegeParams.java

@@ -0,0 +1,81 @@
+package com.qmth.distributed.print.business.bean.params;
+
+import com.fasterxml.jackson.databind.annotation.JsonSerialize;
+import com.fasterxml.jackson.databind.ser.std.ToStringSerializer;
+import com.qmth.distributed.print.business.bean.dto.DataPermissionInfo;
+import com.qmth.teachcloud.common.annotation.EditKey;
+import io.swagger.annotations.ApiModelProperty;
+import org.hibernate.validator.constraints.Length;
+
+import javax.validation.constraints.NotEmpty;
+import javax.validation.constraints.NotNull;
+import java.io.Serializable;
+import java.util.List;
+
+/**
+ * @Description: 用户角色权限编辑参数
+ * @Author: CaoZixuan
+ * @Date: 2022-12-06
+ */
+public class SysRolePrivilegeParams implements Serializable {
+    @ApiModelProperty("角色id")
+    @JsonSerialize(using = ToStringSerializer.class)
+    @EditKey
+    private Long id;
+
+    @ApiModelProperty("角色名称")
+    @NotNull(message = "请输入角色名称")
+    @Length(min = 1, message = "请输入角色名称")
+    private String name;
+
+    @ApiModelProperty("角色描述")
+    private String interpret;
+
+    @ApiModelProperty("权限id数组")
+    @NotEmpty(message = "权限集合不能为空")
+    private Long[] privilegeIds;
+
+    @ApiModelProperty("数据权限集合")
+    @NotEmpty(message = "数据权限集合不能为空")
+    private List<DataPermissionInfo> datePermissionInfo;
+
+    public Long getId() {
+        return id;
+    }
+
+    public void setId(Long id) {
+        this.id = id;
+    }
+
+    public String getName() {
+        return name;
+    }
+
+    public void setName(String name) {
+        this.name = name;
+    }
+
+    public String getInterpret() {
+        return interpret;
+    }
+
+    public void setInterpret(String interpret) {
+        this.interpret = interpret;
+    }
+
+    public Long[] getPrivilegeIds() {
+        return privilegeIds;
+    }
+
+    public void setPrivilegeIds(Long[] privilegeIds) {
+        this.privilegeIds = privilegeIds;
+    }
+
+    public List<DataPermissionInfo> getDatePermissionInfo() {
+        return datePermissionInfo;
+    }
+
+    public void setDatePermissionInfo(List<DataPermissionInfo> datePermissionInfo) {
+        this.datePermissionInfo = datePermissionInfo;
+    }
+}

distributed-print-business/src/main/java/com/qmth/distributed/print/business/entity/BasicRoleDataPermission.java

@@ -0,0 +1,82 @@
+package com.qmth.distributed.print.business.entity;
+
+import com.baomidou.mybatisplus.annotation.TableName;
+import com.qmth.distributed.print.business.enums.DataPermissionTypeEnum;
+import com.qmth.teachcloud.common.base.BaseEntity;
+import io.swagger.annotations.ApiModelProperty;
+
+import java.io.Serializable;
+
+/**
+ * @Description: 基础角色数据权限
+ * @Author: CaoZixuan
+ * @Date: 2022-12-05
+ */
+@TableName("basic_role_data_permission")
+public class BasicRoleDataPermission extends BaseEntity implements Serializable {
+    @ApiModelProperty("学校id")
+    private Long schoolId;
+
+    @ApiModelProperty("角色id")
+    private Long roleId;
+
+    @ApiModelProperty("权限id")
+    private Long privilegeId;
+
+    @ApiModelProperty("数据权限类型")
+    private DataPermissionTypeEnum dataPermissionType;
+
+    @ApiModelProperty("数据权限机构权限组")
+    private Long orgScope;
+
+    @ApiModelProperty("创建人机构id")
+    private Long orgId;
+
+    public Long getSchoolId() {
+        return schoolId;
+    }
+
+    public void setSchoolId(Long schoolId) {
+        this.schoolId = schoolId;
+    }
+
+    public Long getRoleId() {
+        return roleId;
+    }
+
+    public void setRoleId(Long roleId) {
+        this.roleId = roleId;
+    }
+
+    public Long getPrivilegeId() {
+        return privilegeId;
+    }
+
+    public void setPrivilegeId(Long privilegeId) {
+        this.privilegeId = privilegeId;
+    }
+
+    public DataPermissionTypeEnum getDataPermissionType() {
+        return dataPermissionType;
+    }
+
+    public void setDataPermissionType(DataPermissionTypeEnum dataPermissionType) {
+        this.dataPermissionType = dataPermissionType;
+    }
+
+    public Long getOrgScope() {
+        return orgScope;
+    }
+
+    public void setOrgScope(Long orgScope) {
+        this.orgScope = orgScope;
+    }
+
+    public Long getOrgId() {
+        return orgId;
+    }
+
+    public void setOrgId(Long orgId) {
+        this.orgId = orgId;
+    }
+}

distributed-print-business/src/main/java/com/qmth/distributed/print/business/enums/DataPermissionTypeEnum.java

@@ -0,0 +1,51 @@
+package com.qmth.distributed.print.business.enums;
+
+import com.qmth.teachcloud.common.enums.EnumResult;
+import io.swagger.annotations.ApiModelProperty;
+
+import java.util.ArrayList;
+import java.util.List;
+
+/**
+ * @Description: 角色数据权限类型
+ * @Author: CaoZixuan
+ * @Date: 2022-12-06
+ */
+public enum DataPermissionTypeEnum {
+    SELF("仅本人数据权限", 1),
+    SELF_ORG("本部门数据权限", 2),
+    SELF_ORG_BELOW("本部门及下级部门数据权限", 3),
+    ALL("全部数据权限", 4);
+
+    @ApiModelProperty("描述")
+    private final String desc;
+
+    @ApiModelProperty("范围大小权重")
+    private final int weight;
+
+    DataPermissionTypeEnum(String desc, int weight) {
+        this.desc = desc;
+        this.weight = weight;
+    }
+
+    public String getDesc() {
+        return desc;
+    }
+
+    public int getWeight() {
+        return weight;
+    }
+
+    public static List<EnumResult> listTypes() {
+        List<EnumResult> list = new ArrayList<EnumResult>();
+        for (DataPermissionTypeEnum value : DataPermissionTypeEnum.values()) {
+            EnumResult result = new EnumResult();
+            result.setName(value.name());
+            result.setOrdinal(value.ordinal());
+            result.setCode(null);
+            result.setDesc(value.getDesc());
+            list.add(result);
+        }
+        return list;
+    }
+}

distributed-print-business/src/main/java/com/qmth/distributed/print/business/enums/EnumType.java

@@ -29,7 +29,9 @@ public enum EnumType {
     SYSTEM_CODE_ENUM("系统编码类型"),
     PUSH_TYPE_ENUM("同步云阅卷类型"),
     TB_TASK_STATUS("同步云阅卷日志表状态类型"),
-    CUSTOMIZED_OPERATION_TYPE_ENUM("自定义日志记录枚举类");
+    CUSTOMIZED_OPERATION_TYPE_ENUM("自定义日志记录枚举类"),
+    DATA_PERMISSION_TYPE_ENUM("角色数据权限类型");
+
 
     EnumType(String desc) {
         this.desc = desc;

distributed-print-business/src/main/java/com/qmth/distributed/print/business/mapper/BasicRoleDataPermissionMapper.java

@@ -0,0 +1,12 @@
+package com.qmth.distributed.print.business.mapper;
+
+import com.baomidou.mybatisplus.core.mapper.BaseMapper;
+import com.qmth.distributed.print.business.entity.BasicRoleDataPermission;
+
+/**
+ * @Description: 角色数据权限mapper
+ * @Author: CaoZixuan
+ * @Date: 2022-12-06
+ */
+public interface BasicRoleDataPermissionMapper extends BaseMapper<BasicRoleDataPermission> {
+}

distributed-print-business/src/main/java/com/qmth/distributed/print/business/service/BasicRoleDataPermissionService.java

@@ -0,0 +1,24 @@
+package com.qmth.distributed.print.business.service;
+
+import com.baomidou.mybatisplus.extension.service.IService;
+import com.qmth.distributed.print.business.bean.dto.DataPermissionInfo;
+import com.qmth.distributed.print.business.entity.BasicRoleDataPermission;
+
+import java.util.List;
+
+/**
+ * @Description: 角色数据权限服务接口
+ * @Author: CaoZixuan
+ * @Date: 2022-12-06
+ */
+public interface BasicRoleDataPermissionService extends IService<BasicRoleDataPermission> {
+
+    /**
+     * 新增角色数据权限设置
+     * @param roleId 角色id
+     * @param dataPermissionInfoList 角色数据权限集合
+     */
+    void saveRoleDataPermission(Long roleId, List<DataPermissionInfo> dataPermissionInfoList);
+
+
+}

distributed-print-business/src/main/java/com/qmth/distributed/print/business/service/impl/BasicRoleDataPermissionServiceImpl.java

@@ -0,0 +1,71 @@
+package com.qmth.distributed.print.business.service.impl;
+
+import com.baomidou.mybatisplus.core.conditions.query.QueryWrapper;
+import com.baomidou.mybatisplus.extension.service.impl.ServiceImpl;
+import com.qmth.distributed.print.business.bean.dto.DataPermissionInfo;
+import com.qmth.distributed.print.business.entity.BasicRoleDataPermission;
+import com.qmth.distributed.print.business.mapper.BasicRoleDataPermissionMapper;
+import com.qmth.distributed.print.business.service.BasicRoleDataPermissionService;
+import com.qmth.teachcloud.common.contant.SystemConstant;
+import com.qmth.teachcloud.common.entity.SysPrivilege;
+import com.qmth.teachcloud.common.entity.SysUser;
+import com.qmth.teachcloud.common.enums.ExceptionResultEnum;
+import com.qmth.teachcloud.common.enums.PrivilegeEnum;
+import com.qmth.teachcloud.common.service.SysPrivilegeService;
+import com.qmth.teachcloud.common.util.ServletUtil;
+import org.springframework.stereotype.Service;
+import org.springframework.transaction.annotation.Transactional;
+
+import javax.annotation.Resource;
+import java.util.List;
+import java.util.stream.Collectors;
+import java.util.stream.Stream;
+
+/**
+ * @Description: 数据权限服务实现类
+ * @Author: CaoZixuan
+ * @Date: 2022-12-06
+ */
+@Service
+public class BasicRoleDataPermissionServiceImpl extends ServiceImpl<BasicRoleDataPermissionMapper, BasicRoleDataPermission> implements BasicRoleDataPermissionService {
+    @Resource
+    SysPrivilegeService sysPrivilegeService;
+
+    @Transactional(rollbackFor = Exception.class)
+    @Override
+    public void saveRoleDataPermission(Long roleId, List<DataPermissionInfo> dataPermissionInfoList) {
+        SysUser requestUser = (SysUser) ServletUtil.getRequestUser();
+        Long schoolId = SystemConstant.convertIdToLong(String.valueOf(ServletUtil.getRequestHeaderSchoolId()));
+
+        List<Long> privilegeIdList = dataPermissionInfoList.stream()
+                .map(DataPermissionInfo::getId)
+                .distinct()
+                .collect(Collectors.toList());
+
+        if (privilegeIdList.size() > 0) {
+            int count = sysPrivilegeService.count(new QueryWrapper<SysPrivilege>()
+                    .lambda()
+                    .ne(SysPrivilege::getType, PrivilegeEnum.MENU)
+                    .in(SysPrivilege::getId, privilegeIdList));
+
+            if (count > 0) {
+                throw ExceptionResultEnum.ERROR.exception("角色数据权限要绑在菜单级权限上");
+            }
+            this.remove(new QueryWrapper<BasicRoleDataPermission>().lambda()
+                    .eq(BasicRoleDataPermission::getSchoolId, requestUser.getSchoolId())
+                    .eq(BasicRoleDataPermission::getRoleId, roleId));
+
+            List<BasicRoleDataPermission> basicRoleDataPermissionList = dataPermissionInfoList.stream().flatMap(e -> {
+                BasicRoleDataPermission basicRoleDataPermission = new BasicRoleDataPermission();
+                basicRoleDataPermission.insertInfo(requestUser.getId());
+                basicRoleDataPermission.setSchoolId(schoolId);
+                basicRoleDataPermission.setRoleId(roleId);
+                basicRoleDataPermission.setPrivilegeId(e.getId());
+                basicRoleDataPermission.setDataPermissionType(e.getDataPermissionType());
+                return Stream.of(basicRoleDataPermission);
+            }).collect(Collectors.toList());
+            this.saveBatch(basicRoleDataPermissionList);
+        }
+
+    }
+}

distributed-print-business/src/main/resources/mapper/BasicRoleDataPermissionMapper.xml

@@ -0,0 +1,5 @@
+<?xml version="1.0" encoding="UTF-8" ?>
+<!DOCTYPE mapper PUBLIC "-//mybatis.org//DTD Mapper 3.0//EN" "http://mybatis.org/dtd/mybatis-3-mapper.dtd" >
+<mapper namespace="com.qmth.distributed.print.business.mapper.BasicRoleDataPermissionMapper">
+
+</mapper>

distributed-print/src/main/java/com/qmth/distributed/print/api/EnumsController.java

@@ -111,6 +111,9 @@ public class EnumsController {
         } else if (type.equals(EnumType.CUSTOMIZED_OPERATION_TYPE_ENUM.name())){
             // 同步云阅卷日志表状态类型
             list = CustomizedOperationTypeEnum.listTypes();
+        } else if (type.equals(EnumType.DATA_PERMISSION_TYPE_ENUM.name())){
+            // 同步云阅卷日志表状态类型
+            list = DataPermissionTypeEnum.listTypes();
         }
         return ResultUtil.ok(list);
     }

distributed-print/src/main/java/com/qmth/distributed/print/api/SysRoleController.java

@@ -1,6 +1,9 @@
 package com.qmth.distributed.print.api;
 
 import com.qmth.boot.api.constant.ApiConstant;
+import com.qmth.distributed.print.business.bean.dto.DataPermissionInfo;
+import com.qmth.distributed.print.business.bean.params.SysRolePrivilegeParams;
+import com.qmth.distributed.print.business.service.BasicRoleDataPermissionService;
 import com.qmth.teachcloud.common.annotation.OperationLogDetail;
 import com.qmth.teachcloud.common.contant.SystemConstant;
 import com.qmth.teachcloud.common.entity.SysRole;
@@ -10,15 +13,16 @@ import com.qmth.teachcloud.common.util.Result;
 import com.qmth.teachcloud.common.util.ResultUtil;
 import io.swagger.annotations.Api;
 import io.swagger.annotations.ApiOperation;
-import org.springframework.beans.factory.annotation.Autowired;
 import org.springframework.validation.BindingResult;
 import org.springframework.validation.annotation.Validated;
 import org.springframework.web.bind.annotation.*;
 
+import javax.annotation.Resource;
 import javax.validation.Valid;
 import javax.validation.constraints.Max;
 import javax.validation.constraints.Min;
 import java.security.NoSuchAlgorithmException;
+import java.util.List;
 
 /**
  * <p>
@@ -34,8 +38,10 @@ import java.security.NoSuchAlgorithmException;
 @Validated
 public class SysRoleController {
 
-    @Autowired
+    @Resource
     private SysRoleService sysRoleService;
+    @Resource
+    private BasicRoleDataPermissionService basicRoleDataPermissionService;
 
     /**
      * 查询
@@ -71,17 +77,32 @@ public class SysRoleController {
     /**
      * 新增/修改
      *
-     * @param role
+     * @param sysRolePrivilegeParams
      * @return
      */
     @ApiOperation(value = "新增/修改")
     @RequestMapping(value = "/save", method = RequestMethod.POST)
     @OperationLogDetail(customizedOperationType = CustomizedOperationTypeEnum.EDIT)
-    public Result save(@Valid @RequestBody SysRole role, BindingResult bindingResult) {
+    public Result save(@Valid @RequestBody SysRolePrivilegeParams sysRolePrivilegeParams, BindingResult bindingResult) {
         if (bindingResult.hasErrors()) {
             return ResultUtil.error(bindingResult.getAllErrors().get(0).getDefaultMessage());
         }
-        return ResultUtil.ok(sysRoleService.saveRoleNew(role));
+        // 组装角色
+        SysRole role = new SysRole();
+        role.setId(sysRolePrivilegeParams.getId());
+        role.setName(sysRolePrivilegeParams.getName());
+        role.setInterpret(sysRolePrivilegeParams.getInterpret());
+        role.setPrivilegeIds(sysRolePrivilegeParams.getPrivilegeIds());
+        boolean rolePrivilegeResult = sysRoleService.saveRoleNew(role);
+
+        // 组装角色权限
+        Long roleId = role.getId();
+        // 数据权限集合
+        if (rolePrivilegeResult && roleId > 0){
+            List<DataPermissionInfo> dataPermissionInfoList = sysRolePrivilegeParams.getDatePermissionInfo();
+            basicRoleDataPermissionService.saveRoleDataPermission(roleId,dataPermissionInfoList);
+        }
+        return ResultUtil.ok();
     }
 
     /**

teachcloud-common/src/main/java/com/qmth/teachcloud/common/enums/OrgTypeEnum.java

@@ -19,9 +19,7 @@ public enum OrgTypeEnum {
 
 //    TEACHING_ROOM("教研室"),
 
-    PRINTING_HOUSE("印刷厂"),
-
-    EXECUTIVE("行政机构");
+    PRINTING_HOUSE("印刷厂");
 
     private String title;