优化角色的功能权限的分配逻辑
This commit is contained in:
jishenghua
parent
509b93dc44
commit
c1de4c53e2
@ -4,13 +4,11 @@ import com.alibaba.fastjson.JSONArray;
|
|||||||
import com.alibaba.fastjson.JSONObject;
|
import com.alibaba.fastjson.JSONObject;
|
||||||
import com.jsh.erp.base.BaseController;
|
import com.jsh.erp.base.BaseController;
|
||||||
import com.jsh.erp.base.TableDataInfo;
|
import com.jsh.erp.base.TableDataInfo;
|
||||||
import com.jsh.erp.datasource.entities.Function;
|
import com.jsh.erp.datasource.entities.*;
|
||||||
import com.jsh.erp.datasource.entities.FunctionEx;
|
|
||||||
import com.jsh.erp.datasource.entities.SystemConfig;
|
|
||||||
import com.jsh.erp.datasource.entities.UserBusiness;
|
|
||||||
import com.jsh.erp.service.FunctionService;
|
import com.jsh.erp.service.FunctionService;
|
||||||
import com.jsh.erp.service.SystemConfigService;
|
import com.jsh.erp.service.SystemConfigService;
|
||||||
import com.jsh.erp.service.UserBusinessService;
|
import com.jsh.erp.service.UserBusinessService;
|
||||||
|
import com.jsh.erp.service.UserService;
|
||||||
import com.jsh.erp.utils.*;
|
import com.jsh.erp.utils.*;
|
||||||
import io.swagger.annotations.Api;
|
import io.swagger.annotations.Api;
|
||||||
import io.swagger.annotations.ApiOperation;
|
import io.swagger.annotations.ApiOperation;
|
||||||
@ -41,6 +39,9 @@ public class FunctionController extends BaseController {
|
|||||||
@Resource
|
@Resource
|
||||||
private FunctionService functionService;
|
private FunctionService functionService;
|
||||||
|
|
||||||
|
@Resource
|
||||||
|
private UserService userService;
|
||||||
|
|
||||||
@Resource
|
@Resource
|
||||||
private UserBusinessService userBusinessService;
|
private UserBusinessService userBusinessService;
|
||||||
|
|
||||||
@ -171,7 +172,9 @@ public class FunctionController extends BaseController {
|
|||||||
}
|
}
|
||||||
List<Function> dataList = functionService.getRoleFunction(pNumber);
|
List<Function> dataList = functionService.getRoleFunction(pNumber);
|
||||||
if (dataList.size() != 0) {
|
if (dataList.size() != 0) {
|
||||||
dataArray = getMenuByFunction(dataList, fc, approvalFlag);
|
//获取当前用户所属的租户所拥有的功能id的map
|
||||||
|
Map<Long, Long> funIdMap = functionService.getCurrentTenantFunIdMap();
|
||||||
|
dataArray = getMenuByFunction(dataList, fc, approvalFlag, funIdMap);
|
||||||
//增加首页菜单项
|
//增加首页菜单项
|
||||||
JSONObject homeItem = new JSONObject();
|
JSONObject homeItem = new JSONObject();
|
||||||
homeItem.put("id", 0);
|
homeItem.put("id", 0);
|
||||||
@ -187,9 +190,11 @@ public class FunctionController extends BaseController {
|
|||||||
return dataArray;
|
return dataArray;
|
||||||
}
|
}
|
||||||
|
|
||||||
public JSONArray getMenuByFunction(List<Function> dataList, String fc, String approvalFlag) throws Exception {
|
public JSONArray getMenuByFunction(List<Function> dataList, String fc, String approvalFlag, Map<Long, Long> funIdMap) throws Exception {
|
||||||
JSONArray dataArray = new JSONArray();
|
JSONArray dataArray = new JSONArray();
|
||||||
for (Function function : dataList) {
|
for (Function function : dataList) {
|
||||||
|
//如果funIdMap有值(说明不是租户)需要校验,防止分配下级用户的功能权限,大于租户的权限
|
||||||
|
if(funIdMap == null || funIdMap.get(function.getId())!=null) {
|
||||||
//如果关闭多级审核,遇到任务审核菜单直接跳过
|
//如果关闭多级审核,遇到任务审核菜单直接跳过
|
||||||
if("0".equals(approvalFlag) && "/workflow".equals(function.getUrl())) {
|
if("0".equals(approvalFlag) && "/workflow".equals(function.getUrl())) {
|
||||||
continue;
|
continue;
|
||||||
@ -202,7 +207,7 @@ public class FunctionController extends BaseController {
|
|||||||
item.put("url", function.getUrl());
|
item.put("url", function.getUrl());
|
||||||
item.put("component", function.getComponent());
|
item.put("component", function.getComponent());
|
||||||
if (newList.size()>0) {
|
if (newList.size()>0) {
|
||||||
JSONArray childrenArr = getMenuByFunction(newList, fc, approvalFlag);
|
JSONArray childrenArr = getMenuByFunction(newList, fc, approvalFlag, funIdMap);
|
||||||
if(childrenArr.size()>0) {
|
if(childrenArr.size()>0) {
|
||||||
item.put("children", childrenArr);
|
item.put("children", childrenArr);
|
||||||
dataArray.add(item);
|
dataArray.add(item);
|
||||||
@ -213,6 +218,7 @@ public class FunctionController extends BaseController {
|
|||||||
}
|
}
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
}
|
||||||
return dataArray;
|
return dataArray;
|
||||||
}
|
}
|
||||||
|
|
||||||
@ -227,7 +233,13 @@ public class FunctionController extends BaseController {
|
|||||||
HttpServletRequest request)throws Exception {
|
HttpServletRequest request)throws Exception {
|
||||||
JSONArray arr = new JSONArray();
|
JSONArray arr = new JSONArray();
|
||||||
try {
|
try {
|
||||||
List<Function> dataListFun = functionService.findRoleFunction("0");
|
User userInfo = userService.getCurrentUser();
|
||||||
|
//获取当前用户所拥有的功能id列表
|
||||||
|
List<Long> funIdList = functionService.getCurrentUserFunIdList();
|
||||||
|
if("admin".equals(userInfo.getLoginName())) {
|
||||||
|
funIdList = null;
|
||||||
|
}
|
||||||
|
List<Function> dataListFun = functionService.findRoleFunction("0", funIdList);
|
||||||
//开始拼接json数据
|
//开始拼接json数据
|
||||||
JSONObject outer = new JSONObject();
|
JSONObject outer = new JSONObject();
|
||||||
outer.put("id", 0);
|
outer.put("id", 0);
|
||||||
@ -252,7 +264,7 @@ public class FunctionController extends BaseController {
|
|||||||
dataList.add(fun);
|
dataList.add(fun);
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
dataArray = getFunctionList(dataList, type, keyId);
|
dataArray = getFunctionList(dataList, type, keyId, funIdList);
|
||||||
outer.put("children", dataArray);
|
outer.put("children", dataArray);
|
||||||
}
|
}
|
||||||
arr.add(outer);
|
arr.add(outer);
|
||||||
@ -262,7 +274,7 @@ public class FunctionController extends BaseController {
|
|||||||
return arr;
|
return arr;
|
||||||
}
|
}
|
||||||
|
|
||||||
public JSONArray getFunctionList(List<Function> dataList, String type, String keyId) throws Exception {
|
public JSONArray getFunctionList(List<Function> dataList, String type, String keyId, List<Long> funIdList) throws Exception {
|
||||||
JSONArray dataArray = new JSONArray();
|
JSONArray dataArray = new JSONArray();
|
||||||
//获取权限信息
|
//获取权限信息
|
||||||
String ubValue = userBusinessService.getUBValueByTypeAndKeyId(type, keyId);
|
String ubValue = userBusinessService.getUBValueByTypeAndKeyId(type, keyId);
|
||||||
@ -274,9 +286,9 @@ public class FunctionController extends BaseController {
|
|||||||
item.put("value", function.getId());
|
item.put("value", function.getId());
|
||||||
item.put("title", function.getName());
|
item.put("title", function.getName());
|
||||||
item.put("attributes", function.getName());
|
item.put("attributes", function.getName());
|
||||||
List<Function> funList = functionService.findRoleFunction(function.getNumber());
|
List<Function> funList = functionService.findRoleFunction(function.getNumber(), funIdList);
|
||||||
if(funList.size()>0) {
|
if(funList.size()>0) {
|
||||||
JSONArray funArr = getFunctionList(funList, type, keyId);
|
JSONArray funArr = getFunctionList(funList, type, keyId, funIdList);
|
||||||
item.put("children", funArr);
|
item.put("children", funArr);
|
||||||
dataArray.add(item);
|
dataArray.add(item);
|
||||||
} else {
|
} else {
|
||||||
@ -321,11 +333,14 @@ public class FunctionController extends BaseController {
|
|||||||
funIds = funIds.replace("][",",");
|
funIds = funIds.replace("][",",");
|
||||||
List<Function> dataList = functionService.findByIds(funIds);
|
List<Function> dataList = functionService.findByIds(funIds);
|
||||||
JSONObject outer = new JSONObject();
|
JSONObject outer = new JSONObject();
|
||||||
outer.put("total", dataList.size());
|
User userInfo = userService.getCurrentUser();
|
||||||
|
Map<Long, Long> funIdMap = functionService.getCurrentUserFunIdMap();
|
||||||
//存放数据json数组
|
//存放数据json数组
|
||||||
JSONArray dataArray = new JSONArray();
|
JSONArray dataArray = new JSONArray();
|
||||||
if (null != dataList) {
|
if (null != dataList) {
|
||||||
for (Function function : dataList) {
|
for (Function function : dataList) {
|
||||||
|
//如果不是超管需要校验,防止分配下级用户的按钮权限,大于自身的权限
|
||||||
|
if("admin".equals(userInfo.getLoginName()) || funIdMap.get(function.getId())!=null) {
|
||||||
JSONObject item = new JSONObject();
|
JSONObject item = new JSONObject();
|
||||||
item.put("id", function.getId());
|
item.put("id", function.getId());
|
||||||
item.put("name", function.getName());
|
item.put("name", function.getName());
|
||||||
@ -334,7 +349,9 @@ public class FunctionController extends BaseController {
|
|||||||
dataArray.add(item);
|
dataArray.add(item);
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
}
|
||||||
outer.put("rows", dataArray);
|
outer.put("rows", dataArray);
|
||||||
|
outer.put("total", dataArray.size());
|
||||||
res.code = 200;
|
res.code = 200;
|
||||||
res.data = outer;
|
res.data = outer;
|
||||||
}
|
}
|
||||||
|
|||||||
@ -2,10 +2,7 @@ package com.jsh.erp.service;
|
|||||||
|
|
||||||
import com.alibaba.fastjson.JSONObject;
|
import com.alibaba.fastjson.JSONObject;
|
||||||
import com.jsh.erp.constants.BusinessConstants;
|
import com.jsh.erp.constants.BusinessConstants;
|
||||||
import com.jsh.erp.datasource.entities.Function;
|
import com.jsh.erp.datasource.entities.*;
|
||||||
import com.jsh.erp.datasource.entities.FunctionEx;
|
|
||||||
import com.jsh.erp.datasource.entities.FunctionExample;
|
|
||||||
import com.jsh.erp.datasource.entities.User;
|
|
||||||
import com.jsh.erp.datasource.mappers.FunctionMapper;
|
import com.jsh.erp.datasource.mappers.FunctionMapper;
|
||||||
import com.jsh.erp.datasource.mappers.FunctionMapperEx;
|
import com.jsh.erp.datasource.mappers.FunctionMapperEx;
|
||||||
import com.jsh.erp.exception.JshException;
|
import com.jsh.erp.exception.JshException;
|
||||||
@ -20,9 +17,7 @@ import org.springframework.web.context.request.ServletRequestAttributes;
|
|||||||
|
|
||||||
import javax.annotation.Resource;
|
import javax.annotation.Resource;
|
||||||
import javax.servlet.http.HttpServletRequest;
|
import javax.servlet.http.HttpServletRequest;
|
||||||
import java.util.ArrayList;
|
import java.util.*;
|
||||||
import java.util.Date;
|
|
||||||
import java.util.List;
|
|
||||||
|
|
||||||
@Service
|
@Service
|
||||||
public class FunctionService {
|
public class FunctionService {
|
||||||
@ -33,10 +28,16 @@ public class FunctionService {
|
|||||||
|
|
||||||
@Resource
|
@Resource
|
||||||
private FunctionMapperEx functionMapperEx;
|
private FunctionMapperEx functionMapperEx;
|
||||||
|
|
||||||
@Resource
|
@Resource
|
||||||
private UserService userService;
|
private UserService userService;
|
||||||
|
|
||||||
|
@Resource
|
||||||
|
private UserBusinessService userBusinessService;
|
||||||
|
|
||||||
@Resource
|
@Resource
|
||||||
private SystemConfigService systemConfigService;
|
private SystemConfigService systemConfigService;
|
||||||
|
|
||||||
@Resource
|
@Resource
|
||||||
private LogService logService;
|
private LogService logService;
|
||||||
|
|
||||||
@ -193,7 +194,7 @@ public class FunctionService {
|
|||||||
return list;
|
return list;
|
||||||
}
|
}
|
||||||
|
|
||||||
public List<Function> findRoleFunction(String pnumber)throws Exception{
|
public List<Function> findRoleFunction(String pnumber, List<Long> funIdList)throws Exception{
|
||||||
List<Function> list=null;
|
List<Function> list=null;
|
||||||
try{
|
try{
|
||||||
Boolean multiLevelApprovalFlag = systemConfigService.getMultiLevelApprovalFlag();
|
Boolean multiLevelApprovalFlag = systemConfigService.getMultiLevelApprovalFlag();
|
||||||
@ -206,6 +207,9 @@ public class FunctionService {
|
|||||||
criteria.andUrlNotEqualTo("/workflow");
|
criteria.andUrlNotEqualTo("/workflow");
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
if(funIdList!=null && funIdList.size()>0) {
|
||||||
|
criteria.andIdIn(funIdList);
|
||||||
|
}
|
||||||
example.setOrderByClause("Sort");
|
example.setOrderByClause("Sort");
|
||||||
list =functionsMapper.selectByExample(example);
|
list =functionsMapper.selectByExample(example);
|
||||||
}catch(Exception e){
|
}catch(Exception e){
|
||||||
@ -228,4 +232,103 @@ public class FunctionService {
|
|||||||
}
|
}
|
||||||
return list;
|
return list;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
/**
|
||||||
|
* 获取当前用户所属的租户所拥有的功能id列表
|
||||||
|
* @return
|
||||||
|
*/
|
||||||
|
public List<Long> getCurrentTenantFunIdList() throws Exception {
|
||||||
|
List<Long> funIdList = new ArrayList<>();
|
||||||
|
Long roleId = 0L;
|
||||||
|
String fc = "";
|
||||||
|
User userInfo = userService.getCurrentUser();
|
||||||
|
//只返回非租户的map,如果是租户就返回空数组
|
||||||
|
if(!userInfo.getId().equals(userInfo.getTenantId())) {
|
||||||
|
//获取当前用户所有的角色id
|
||||||
|
List<UserBusiness> roleList = userBusinessService.getBasicData(userInfo.getTenantId().toString(), "UserRole");
|
||||||
|
if(roleList!=null && roleList.size()>0){
|
||||||
|
String value = roleList.get(0).getValue();
|
||||||
|
if(StringUtil.isNotEmpty(value)){
|
||||||
|
String roleIdStr = value.replace("[", "").replace("]", "");
|
||||||
|
roleId = Long.parseLong(roleIdStr);
|
||||||
|
}
|
||||||
|
}
|
||||||
|
//当前用户所拥有的功能列表,格式如:[1][2][5]
|
||||||
|
List<UserBusiness> funList = userBusinessService.getBasicData(roleId.toString(), "RoleFunctions");
|
||||||
|
if(funList!=null && funList.size()>0){
|
||||||
|
fc = funList.get(0).getValue();
|
||||||
|
}
|
||||||
|
if(StringUtil.isNotEmpty(fc)) {
|
||||||
|
fc = fc.substring(1, fc.length() - 1);
|
||||||
|
fc = fc.replace("][",",");
|
||||||
|
funIdList = StringUtil.strToLongList(fc);
|
||||||
|
}
|
||||||
|
}
|
||||||
|
return funIdList;
|
||||||
|
}
|
||||||
|
|
||||||
|
/**
|
||||||
|
* 获取当前用户所属的租户所拥有的功能id的map
|
||||||
|
* @return
|
||||||
|
*/
|
||||||
|
public Map<Long, Long> getCurrentTenantFunIdMap() throws Exception {
|
||||||
|
Map<Long, Long> funIdMap = new HashMap<>();
|
||||||
|
List<Long> list = getCurrentTenantFunIdList();
|
||||||
|
if(list.size()>0) {
|
||||||
|
for (Long funId : list) {
|
||||||
|
funIdMap.put(funId, funId);
|
||||||
|
}
|
||||||
|
return funIdMap;
|
||||||
|
} else {
|
||||||
|
return null;
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
|
/**
|
||||||
|
* 获取当前用户所拥有的功能id列表
|
||||||
|
* @return
|
||||||
|
*/
|
||||||
|
public List<Long> getCurrentUserFunIdList() throws Exception {
|
||||||
|
List<Long> funIdList = new ArrayList<>();
|
||||||
|
Long roleId = 0L;
|
||||||
|
String fc = "";
|
||||||
|
User userInfo = userService.getCurrentUser();
|
||||||
|
//获取当前用户所有的角色id
|
||||||
|
List<UserBusiness> roleList = userBusinessService.getBasicData(userInfo.getId().toString(), "UserRole");
|
||||||
|
if(roleList!=null && roleList.size()>0){
|
||||||
|
String value = roleList.get(0).getValue();
|
||||||
|
if(StringUtil.isNotEmpty(value)){
|
||||||
|
String roleIdStr = value.replace("[", "").replace("]", "");
|
||||||
|
roleId = Long.parseLong(roleIdStr);
|
||||||
|
}
|
||||||
|
}
|
||||||
|
//当前用户所拥有的功能列表,格式如:[1][2][5]
|
||||||
|
List<UserBusiness> funList = userBusinessService.getBasicData(roleId.toString(), "RoleFunctions");
|
||||||
|
if(funList!=null && funList.size()>0){
|
||||||
|
fc = funList.get(0).getValue();
|
||||||
|
}
|
||||||
|
if(StringUtil.isNotEmpty(fc)) {
|
||||||
|
fc = fc.substring(1, fc.length() - 1);
|
||||||
|
fc = fc.replace("][",",");
|
||||||
|
funIdList = StringUtil.strToLongList(fc);
|
||||||
|
}
|
||||||
|
return funIdList;
|
||||||
|
}
|
||||||
|
|
||||||
|
/**
|
||||||
|
* 获取当前用户所拥有的功能id的map
|
||||||
|
* @return
|
||||||
|
*/
|
||||||
|
public Map<Long, Long> getCurrentUserFunIdMap() throws Exception {
|
||||||
|
Map<Long, Long> funIdMap = new HashMap<>();
|
||||||
|
List<Long> list = getCurrentUserFunIdList();
|
||||||
|
if(list.size()>0) {
|
||||||
|
for(Long funId: list) {
|
||||||
|
funIdMap.put(funId, funId);
|
||||||
|
}
|
||||||
|
return funIdMap;
|
||||||
|
} else {
|
||||||
|
return null;
|
||||||
|
}
|
||||||
|
}
|
||||||
}
|
}
|
||||||
|
|||||||
Loading…
Reference in New Issue
Block a user