feat: 菜单授权管理整合到权限管理中

2021-06-03 14:01:18 +08:00 · 2021-06-03 14:01:18 +08:00 · 8e61d2eaee
commit 8e61d2eaee
parent 974d7549f6
13 changed files with 167 additions and 66 deletions
--- a/backend/src/main/java/io/dataease/auth/service/impl/AuthUserServiceImpl.java
+++ b/backend/src/main/java/io/dataease/auth/service/impl/AuthUserServiceImpl.java
@ -2,8 +2,11 @@ package io.dataease.auth.service.impl;

 import io.dataease.auth.api.dto.CurrentRoleDto;
 import io.dataease.auth.entity.SysUserEntity;
+import io.dataease.base.domain.SysUser;
+import io.dataease.base.mapper.SysUserMapper;
 import io.dataease.base.mapper.ext.AuthMapper;
 import io.dataease.auth.service.AuthUserService;
+import io.dataease.base.mapper.ext.ExtPluginSysMenuMapper;
 import io.dataease.commons.constants.AuthConstants;
 import io.dataease.plugins.common.dto.PluginSysMenu;
 import io.dataease.plugins.util.PluginUtils;
@ -13,8 +16,12 @@ import org.springframework.cache.annotation.CacheEvict;
 import org.springframework.cache.annotation.Cacheable;
 import org.springframework.cache.annotation.Caching;
 import org.springframework.stereotype.Service;
+import org.springframework.transaction.annotation.Transactional;
+
 import javax.annotation.Resource;
+import java.util.ArrayList;
 import java.util.List;
+import java.util.Optional;
 import java.util.stream.Collectors;

@Service
@ -23,6 +30,10 @@ public class AuthUserServiceImpl implements AuthUserService {

    @Resource
    private AuthMapper authMapper;
+    @Resource
+    private SysUserMapper sysUserMapper;
+    @Resource
+    private ExtPluginSysMenuMapper extPluginSysMenuMapper;

    /**
     * 此处需被F2CRealm登录认证调用 也就是说每次请求都会被调用 所以最好加上缓存
@ -53,16 +64,16 @@ public class AuthUserServiceImpl implements AuthUserService {
    @Cacheable(value = AuthConstants.USER_PERMISSION_CACHE_NAME,  key = "'user' + #userId" )
    @Override
    public List<String> permissions(Long userId){
-        List<String> permissions = authMapper.permissions(userId);
-        List<PluginSysMenu> pluginSysMenus = PluginUtils.pluginMenus();
-        if (CollectionUtils.isNotEmpty(pluginSysMenus)) {
-            List<Long> menuIds = authMapper.userMenuIds(userId);
-            List<String> pluginPermissions = pluginSysMenus.stream().
-                    filter(sysMenu -> menuIds.contains(sysMenu.getMenuId()))
-                    .map(menu -> menu.getPermission()).collect(Collectors.toList());
-            permissions.addAll(pluginPermissions);
+        // 用户登录获取菜单权限时同时更新插件菜单表
+        this.syncPluginMenu();
+        List<String> permissions;
+        SysUser sysUser = sysUserMapper.selectByPrimaryKey(userId);
+        if(sysUser.getIsAdmin()!=null&&sysUser.getIsAdmin()){
+            permissions = authMapper.permissionsAll();
+        }else{
+            permissions = authMapper.permissions(userId);
        }
-        return permissions.stream().filter(StringUtils::isNotEmpty).collect(Collectors.toList());
+        return Optional.ofNullable(permissions).orElse(new ArrayList<>()).stream().filter(StringUtils::isNotEmpty).collect(Collectors.toList());
    }

    /**
@ -90,4 +101,13 @@ public class AuthUserServiceImpl implements AuthUserService {
    public void clearCache(Long userId) {

    }
+
+    @Transactional
+    public void syncPluginMenu() {
+        List<PluginSysMenu> pluginSysMenuList = PluginUtils.pluginMenus();
+        extPluginSysMenuMapper.deletePluginMenu();
+        if(CollectionUtils.isNotEmpty(pluginSysMenuList)){
+            extPluginSysMenuMapper.savePluginMenu(pluginSysMenuList);
+        }
+    }
 }
--- a/backend/src/main/java/io/dataease/base/mapper/ext/AuthMapper.java
+++ b/backend/src/main/java/io/dataease/base/mapper/ext/AuthMapper.java
@ -16,6 +16,8 @@ public interface AuthMapper {

    List<String> permissions(@Param("userId") Long userId);

+    List<String> permissionsAll();
+
    List<Long> userMenuIds(@Param("userId") Long userId);


@ -25,4 +27,5 @@ public interface AuthMapper {


    List<CurrentRoleDto> roles(@Param("userId") Long userId);
+
 }
--- a/backend/src/main/java/io/dataease/base/mapper/ext/AuthMapper.xml
+++ b/backend/src/main/java/io/dataease/base/mapper/ext/AuthMapper.xml
@ -4,19 +4,19 @@

    <resultMap id="baseMap" type="io.dataease.auth.entity.SysUserEntity">
        <id column="user_id" property="userId"/>
-        <result column="username" jdbcType="VARCHAR" property="username" />
-        <result column="nick_name" jdbcType="VARCHAR" property="nickName" />
-        <result column="dept_id"  property="deptId" />
-        <result column="password" jdbcType="VARCHAR" property="password" />
-        <result column="email" jdbcType="VARCHAR" property="email" />
-        <result column="phone" jdbcType="VARCHAR" property="phone" />
-        <result column="enabled" property="enabled" />
-        <result column="is_admin" jdbcType="BIT" property="isAdmin" />
+        <result column="username" jdbcType="VARCHAR" property="username"/>
+        <result column="nick_name" jdbcType="VARCHAR" property="nickName"/>
+        <result column="dept_id" property="deptId"/>
+        <result column="password" jdbcType="VARCHAR" property="password"/>
+        <result column="email" jdbcType="VARCHAR" property="email"/>
+        <result column="phone" jdbcType="VARCHAR" property="phone"/>
+        <result column="enabled" property="enabled"/>
+        <result column="is_admin" jdbcType="BIT" property="isAdmin"/>
    </resultMap>

-    <resultMap id="roleMap" type="io.dataease.auth.api.dto.CurrentRoleDto" >
+    <resultMap id="roleMap" type="io.dataease.auth.api.dto.CurrentRoleDto">
        <id column="role_id" property="id"/>
-        <result column="name" jdbcType="VARCHAR" property="name" />
+        <result column="name" jdbcType="VARCHAR" property="name"/>
    </resultMap>


@ -34,12 +34,21 @@
            where sur.user_id = #{userId}
    </select>

-    <select id="permissions"  resultType="String">
-        select sm.permission
-            from sys_menu sm
-            left join sys_roles_menus srm on srm.menu_id = sm.menu_id
-            left join sys_users_roles sur on sur.role_id = srm.role_id
-            where sur.user_id = #{userId}
+    <select id="permissions" resultType="String">
+		SELECT
+			sys_menu.permission
+		FROM
+			( SELECT GET_V_AUTH_MODEL_ID_P_USE ( #{userId}, 'menu' ) cids ) t,
+			sys_menu
+		WHERE
+			FIND_IN_SET( sys_menu.menu_id, cids ) UNION ALL
+		SELECT
+			plugin_sys_menu.permission
+		FROM
+			( SELECT GET_V_AUTH_MODEL_ID_P_USE (  #{userId}, 'menu' ) cids ) t,
+			plugin_sys_menu
+		WHERE
+			FIND_IN_SET( plugin_sys_menu.menu_id, cids )
    </select>

    <select id="userMenuIds" resultType="Long">
@ -57,6 +66,16 @@
    </select>


+    <select id="permissionsAll" resultType="String">
+		SELECT
+			sys_menu.permission
+		FROM
+			sys_menu UNION ALL
+		SELECT
+			plugin_sys_menu.permission
+		FROM
+			plugin_sys_menu
+    </select>


 </mapper>
--- a/backend/src/main/java/io/dataease/base/mapper/ext/ExtPluginSysMenuMapper.java
+++ b/backend/src/main/java/io/dataease/base/mapper/ext/ExtPluginSysMenuMapper.java
@ -0,0 +1,15 @@
+package io.dataease.base.mapper.ext;
+
+import io.dataease.base.mapper.ext.query.GridExample;
+import io.dataease.controller.sys.request.SimpleTreeNode;
+import io.dataease.plugins.common.dto.PluginSysMenu;
+import org.apache.ibatis.annotations.Param;
+
+import java.util.List;
+
+public interface ExtPluginSysMenuMapper {
+
+    void savePluginMenu(@Param("menuList") List<PluginSysMenu> menuList);
+
+    void deletePluginMenu();
+}
--- a/backend/src/main/java/io/dataease/base/mapper/ext/ExtPluginSysMenuMapper.xml
+++ b/backend/src/main/java/io/dataease/base/mapper/ext/ExtPluginSysMenuMapper.xml
@ -0,0 +1,17 @@
+<?xml version="1.0" encoding="UTF-8" ?>
+<!DOCTYPE mapper PUBLIC "-//mybatis.org//DTD Mapper 3.0//EN" "http://mybatis.org/dtd/mybatis-3-mapper.dtd" >
+<mapper namespace="io.dataease.base.mapper.ext.ExtPluginSysMenuMapper">
+
+    <delete id="deletePluginMenu">
+        delete from plugin_sys_menu
+    </delete>
+
+    <insert id="savePluginMenu">
+        INSERT INTO `plugin_sys_menu` ( menu_id, title, pid, sub_count, permission, hidden ) VALUES
+        <foreach collection="menuList" item="menu" index="index" separator=",">
+            (#{menu.menuId},#{menu.title},#{menu.pid},#{menu.subCount},#{menu.permission},#{menu.hidden})
+        </foreach>
+    </insert>
+
+
+</mapper>
--- a/backend/src/main/java/io/dataease/base/mapper/ext/ExtSysAuthMapper.java
+++ b/backend/src/main/java/io/dataease/base/mapper/ext/ExtSysAuthMapper.java
@ -1,13 +1,13 @@
 package io.dataease.base.mapper.ext;

 import io.dataease.controller.request.SysAuthRequest;
-import io.dataease.dto.SysAuthDTO;
+import io.dataease.dto.SysAuthDetailDTO;
 import org.apache.ibatis.annotations.Param;

 import java.util.List;

 public interface ExtSysAuthMapper {
-    List<SysAuthDTO> searchAuth(SysAuthRequest request);
+    List<SysAuthDetailDTO> searchAuth(SysAuthRequest request);

    Boolean authExist(@Param("authSource") String authSource, @Param("authTarget") String authTarget);

--- a/backend/src/main/java/io/dataease/base/mapper/ext/ExtSysAuthMapper.xml
+++ b/backend/src/main/java/io/dataease/base/mapper/ext/ExtSysAuthMapper.xml
@ -2,17 +2,15 @@
 <!DOCTYPE mapper PUBLIC "-//mybatis.org//DTD Mapper 3.0//EN" "http://mybatis.org/dtd/mybatis-3-mapper.dtd">
 <mapper namespace="io.dataease.base.mapper.ext.ExtSysAuthMapper">

-    <resultMap id="BaseResultMapDTO" type="io.dataease.dto.SysAuthDTO"
-               extends="io.dataease.base.mapper.SysAuthMapper.BaseResultMap">
-        <collection property="sysAuthDetails" ofType="io.dataease.base.domain.SysAuthDetail" javaType="list">
-            <result column="auth_id" property="authId"/>
-            <result column="privilege_name" property="privilegeName"/>
-            <result column="privilege_type" property="privilegeType"/>
-            <result column="privilege_value" property="privilegeValue"/>
-            <result column="privilege_extend" property="privilegeExtend"/>
-        </collection>
+    <resultMap id="BaseResultMapAuthDetailDTO" type="io.dataease.dto.SysAuthDetailDTO"
+               extends="io.dataease.base.mapper.SysAuthDetailMapper.BaseResultMap">
+        <result column="auth_source" jdbcType="VARCHAR" property="authSource" />
+        <result column="auth_source_type" jdbcType="VARCHAR" property="authSourceType" />
+        <result column="auth_target" jdbcType="VARCHAR" property="authTarget" />
+        <result column="auth_target_type" jdbcType="VARCHAR" property="authTargetType" />
    </resultMap>
-    <select id="searchAuth" resultMap="BaseResultMapDTO">
+
+    <select id="searchAuth" resultMap="BaseResultMapAuthDetailDTO">
        select
        sys_auth.id,
        sys_auth.auth_source,
--- a/backend/src/main/java/io/dataease/base/mapper/ext/ExtVAuthModelMapper.java
+++ b/backend/src/main/java/io/dataease/base/mapper/ext/ExtVAuthModelMapper.java
@ -7,4 +7,5 @@ import java.util.List;

 public interface ExtVAuthModelMapper {
    List<VAuthModelDTO> searchTree(BaseTreeRequest request);
+
 }
--- a/backend/src/main/java/io/dataease/base/mapper/ext/ExtVAuthModelMapper.xml
+++ b/backend/src/main/java/io/dataease/base/mapper/ext/ExtVAuthModelMapper.xml
@ -19,7 +19,7 @@
        <where>
            model_type = #{modelType}
            <if test="1== withAuth">
-               and  FIND_IN_SET(v_auth_model.id,GET_V_AUTH_MODEL_WITH_PARENT ( cids2 ,#{modelType}))
+                and FIND_IN_SET(v_auth_model.id,GET_V_AUTH_MODEL_WITH_PARENT ( cids2 ,#{modelType}))
            </if>
            <if test="pid !=null">
                and v_auth_model.pid = #{pid}
@ -36,7 +36,8 @@
            </if>

            <if test="name != null and name !='' and withExtend == 'parent'">
-               and  FIND_IN_SET(v_auth_model.id,GET_V_AUTH_MODEL_WITH_PARENT ( (select GROUP_CONCAT(id) from v_auth_model where model_type = #{modelType} and `name`  like CONCAT('%', #{name},'%')) ,#{modelType}))
+                and FIND_IN_SET(v_auth_model.id,GET_V_AUTH_MODEL_WITH_PARENT ( (select GROUP_CONCAT(id) from
+                v_auth_model where model_type = #{modelType} and `name` like CONCAT('%', #{name},'%')) ,#{modelType}))
            </if>

            <if test="name != null and name =='' and withExtend == 'parent'">
@ -54,7 +55,7 @@
        <where>
            model_type = #{modelType}
            <if test="1== withAuth">
-                and   FIND_IN_SET(v_auth_model.id,GET_V_AUTH_MODEL_WITH_PARENT ( cids3 ,#{modelType}))
+                and FIND_IN_SET(v_auth_model.id,GET_V_AUTH_MODEL_WITH_PARENT ( cids3 ,#{modelType}))
            </if>
        </where>
        ) authTemp
@ -69,4 +70,5 @@
        </where>

    </select>
+
 </mapper>
--- a/backend/src/main/java/io/dataease/commons/constants/SystemConstants.java
+++ b/backend/src/main/java/io/dataease/commons/constants/SystemConstants.java
@ -19,5 +19,10 @@ public class SystemConstants {
        public final static Integer OFF = 0;
    }

+    public static final class AUTH_SOURCE{
+        public final static String MENU = "menu";
+    }
+
+

 }
--- a/backend/src/main/java/io/dataease/controller/sys/SysAuthController.java
+++ b/backend/src/main/java/io/dataease/controller/sys/SysAuthController.java
@ -9,6 +9,7 @@ import io.dataease.controller.request.BaseTreeRequest;
 import io.dataease.controller.request.SysAuthDetailRequest;
 import io.dataease.controller.request.SysAuthRequest;
 import io.dataease.dto.BaseAuthDetail;
+import io.dataease.dto.SysAuthDetailDTO;
 import io.dataease.dto.VAuthModelDTO;
 import io.dataease.service.sys.SysAuthService;
 import io.swagger.annotations.Api;
@ -44,7 +45,7 @@ public class SysAuthController {

    @ApiOperation("查询授权")
    @PostMapping("/authDetails")
-    public Map<String,List<SysAuthDetail>> authDetails(@RequestBody SysAuthRequest request){
+    public Map<String,List<SysAuthDetailDTO>> authDetails(@RequestBody SysAuthRequest request){
        return sysAuthService.searchAuthDetails(request);
    }

--- a/backend/src/main/java/io/dataease/dto/SysAuthDetailDTO.java
+++ b/backend/src/main/java/io/dataease/dto/SysAuthDetailDTO.java
@ -0,0 +1,20 @@
+package io.dataease.dto;
+
+import io.dataease.base.domain.SysAuthDetail;
+import lombok.Data;
+
+/**
+ * Author: wangjiahao
+ * Date: 2021-06-03
+ * Description:
+ */
+@Data
+public class SysAuthDetailDTO extends SysAuthDetail {
+    private String authSource;
+
+    private String authSourceType;
+
+    private String authTarget;
+
+    private String authTargetType;
+}
--- a/backend/src/main/java/io/dataease/service/sys/SysAuthService.java
+++ b/backend/src/main/java/io/dataease/service/sys/SysAuthService.java
@ -12,12 +12,10 @@ import io.dataease.commons.constants.SystemConstants;
 import io.dataease.commons.utils.AuthUtils;
 import io.dataease.controller.request.BaseTreeRequest;
 import io.dataease.controller.request.SysAuthRequest;
-import io.dataease.dto.SysAuthDTO;
-import io.dataease.dto.SysDeptDTO;
+import io.dataease.dto.SysAuthDetailDTO;
 import io.dataease.dto.VAuthModelDTO;
 import io.dataease.i18n.Translator;
 import org.apache.commons.collections4.CollectionUtils;
-import org.apache.commons.lang3.ArrayUtils;
 import org.apache.commons.lang3.StringUtils;
 import org.springframework.stereotype.Service;

@ -25,6 +23,8 @@ import javax.annotation.Resource;
 import java.util.*;
 import java.util.stream.Collectors;

+import static java.util.stream.Collectors.groupingBy;
+
@Service
 public class SysAuthService {

@ -41,7 +41,7 @@ public class SysAuthService {
    @Resource
    private ExtVAuthModelMapper extVAuthModelMapper;

-    private static List<String> PRI_MODEL_TYPE = Arrays.asList("link","dataset","chart","panel","menu");
+    private static List<String> PRI_MODEL_TYPE = Arrays.asList("link", "dataset", "chart", "panel", "menu");


    /**
@ -51,23 +51,22 @@ public class SysAuthService {
    public List<VAuthModelDTO> searchAuthModelTree(BaseTreeRequest request) {
        CurrentUserDto currentUserDto = AuthUtils.getUser();
        request.setCreateBy(String.valueOf(currentUserDto.getUserId()));
-        if(PRI_MODEL_TYPE.contains(request.getModelType())&&(currentUserDto.getIsAdmin() == null || !currentUserDto.getIsAdmin())){
+        if (PRI_MODEL_TYPE.contains(request.getModelType()) && (currentUserDto.getIsAdmin() == null || !currentUserDto.getIsAdmin())) {
            request.setWithAuth("1");
-        }else{
+        } else {
            request.setWithAuth("0");
        }
        return extVAuthModelMapper.searchTree(request);
    }


-
    /**
     * @Description: 查询授权明细map
     **/
-    public Map<String, List<SysAuthDetail>> searchAuthDetails(SysAuthRequest request) {
-        List<SysAuthDTO> authDTOList = extSysAuthMapper.searchAuth(request);
-        return Optional.ofNullable(authDTOList).orElse(new ArrayList<>()).stream()
-                .collect(Collectors.toMap(SysAuthDTO::getAuthSource, SysAuthDTO::getSysAuthDetails));
+    public Map<String, List<SysAuthDetailDTO>> searchAuthDetails(SysAuthRequest request) {
+        List<SysAuthDetailDTO> authDetailDTOList = extSysAuthMapper.searchAuth(request);
+        return Optional.ofNullable(authDetailDTOList).orElse(new ArrayList<>()).stream()
+                .collect(groupingBy(SysAuthDetailDTO::getAuthSource));
    }

    /**
@ -81,33 +80,33 @@ public class SysAuthService {
        SysAuthDetail sysAuthDetail = request.getAuthDetail();
        //TODO 获取需要授权的资源id(当前节点和所有权限的下级节点)
        List<String> authSources = getAuthModels(request.getAuthSource(), request.getAuthSourceType());
-        if(CollectionUtils.isEmpty(authSources)){
+        if (CollectionUtils.isEmpty(authSources)) {
            throw new RuntimeException(Translator.get("i18n_auth_source_be_canceled"));
        }
        //TODO 获取需要被授权的目标id(部门当前节点和所有权限的下级节点)
-        List<String> authTargets =getAuthModels(request.getAuthTarget(), request.getAuthTargetType());
+        List<String> authTargets = getAuthModels(request.getAuthTarget(), request.getAuthTargetType());

-        if(CollectionUtils.isNotEmpty(authSources)&& CollectionUtils.isNotEmpty(authTargets)){
+        if (CollectionUtils.isNotEmpty(authSources) && CollectionUtils.isNotEmpty(authTargets)) {
            List<String> authIdChange = new ArrayList<>();
            authTargets.stream().forEach(authTarget -> {
-                authSources.forEach(authSource ->{
-                    String authId = checkAuth(authSource, request.getAuthSourceType(),authTarget,request.getAuthTargetType());
+                authSources.forEach(authSource -> {
+                    String authId = checkAuth(authSource, request.getAuthSourceType(), authTarget, request.getAuthTargetType());
                    authIdChange.add(authId);
                });
            });
            // 授权修改
-            if(sysAuthDetail.getPrivilegeValue()==SystemConstants.PRIVILEGE_VALUE.ON){
+            if (sysAuthDetail.getPrivilegeValue() == SystemConstants.PRIVILEGE_VALUE.ON) {
                //当前为开启1 >>> 关闭0 需要将权限级别（PrivilegeType）大于当前级别的全新都修改为关闭 0
-                extSysAuthDetailMapper.authDetailsChange(SystemConstants.PRIVILEGE_VALUE.OFF,sysAuthDetail.getPrivilegeType(),authIdChange);
-            }else{
+                extSysAuthDetailMapper.authDetailsChange(SystemConstants.PRIVILEGE_VALUE.OFF, sysAuthDetail.getPrivilegeType(), authIdChange);
+            } else {
                //当前为关闭0 >>> 开启1 需要将权限级别（PrivilegeType）小于当前级别的全新都修改为开启 1
-                extSysAuthDetailMapper.authDetailsChange(SystemConstants.PRIVILEGE_VALUE.ON,sysAuthDetail.getPrivilegeType(),authIdChange);
+                extSysAuthDetailMapper.authDetailsChange(SystemConstants.PRIVILEGE_VALUE.ON, sysAuthDetail.getPrivilegeType(), authIdChange);
            }
        }
    }

    private List<String> getAuthModels(String id, String type) {
-        List<VAuthModelDTO> vAuthModelDTOS = searchAuthModelTree(new BaseTreeRequest(id,type, SystemConstants.WITH_EXTEND.CHILDREN));
+        List<VAuthModelDTO> vAuthModelDTOS = searchAuthModelTree(new BaseTreeRequest(id, type, SystemConstants.WITH_EXTEND.CHILDREN));
        List<String> authSources = Optional.ofNullable(vAuthModelDTOS).orElse(new ArrayList<>()).stream().map(VAuthModelDTO::getId)
                .collect(Collectors.toList());
        return authSources;
@ -116,9 +115,9 @@ public class SysAuthService {
    /**
     * @Description: 查询当前target 是否有存在授权 不存在 增加权限 并复制权限模板
     **/
-    private String checkAuth(String authSource,String authSourceType,String authTarget,String authTargetType){
-        String authId = extSysAuthMapper.findAuthId(authSource,authSourceType,authTarget,authTargetType);
-        if(StringUtils.isEmpty(authId)){
+    private String checkAuth(String authSource, String authSourceType, String authTarget, String authTargetType) {
+        String authId = extSysAuthMapper.findAuthId(authSource, authSourceType, authTarget, authTargetType);
+        if (StringUtils.isEmpty(authId)) {
            authId = UUID.randomUUID().toString();
            //TODO 插入权限
            SysAuth sysAuthRecord = new SysAuth();
@ -132,10 +131,11 @@ public class SysAuthService {
            sysAuthMapper.insertSelective(sysAuthRecord);

            //TODO 复制权限模板
-            extSysAuthDetailMapper.copyAuthModel(authSourceType,authId,AuthUtils.getUser().getUsername());
+            extSysAuthDetailMapper.copyAuthModel(authSourceType, authId, AuthUtils.getUser().getUsername());
        }

        return authId;
    }

+
 }