package com.actionsoft.apps.coe.pal.cooperation; import com.actionsoft.apps.coe.pal.constant.CoEConstant; import com.actionsoft.apps.coe.pal.cooperation.cache.CooperationCache; import com.actionsoft.apps.coe.pal.cooperation.cache.model.TeamInfo; import com.actionsoft.apps.coe.pal.cooperation.cache.model.UserInfo; import com.actionsoft.apps.coe.pal.cooperation.constant.CoeCooperationConst; import com.actionsoft.apps.coe.pal.cooperation.dao.*; import com.actionsoft.apps.coe.pal.cooperation.model.*; import com.actionsoft.apps.coe.pal.pal.repository.PALRepositoryQueryAPIManager; import com.actionsoft.apps.coe.pal.pal.repository.cache.PALRepositoryCache; import com.actionsoft.apps.coe.pal.pal.repository.dao.CoeProcessLevelDaoFacotory; import com.actionsoft.apps.coe.pal.pal.repository.dao.PALRepository; import com.actionsoft.apps.coe.pal.pal.repository.model.PALRepositoryModel; import com.actionsoft.apps.coe.pal.pal.ws.dao.CoeWorkSpaceDaoFactory; import com.actionsoft.apps.coe.pal.pal.ws.model.CoeWorkSpaceModel; import com.actionsoft.apps.coe.pal.team.user.dao.CoeUser; import com.actionsoft.apps.coe.pal.team.user.model.CoeUserModel; import com.actionsoft.apps.coe.pal.util.HighSecurityUtil; import com.actionsoft.bpms.commons.mvc.view.ResponseObject; import com.actionsoft.bpms.server.DispatcherRequest; import com.actionsoft.bpms.server.UserContext; import com.actionsoft.bpms.util.ConsolePrinter; import com.actionsoft.bpms.util.UUIDGener; import com.actionsoft.bpms.util.UtilString; import com.actionsoft.sdk.local.SDK; import com.actionsoft.sdk.local.api.AppAPI; import com.alibaba.fastjson.JSONArray; import org.apache.commons.lang.StringUtils; import javax.servlet.RequestDispatcher; import java.sql.Timestamp; import java.util.*; import java.util.stream.Collectors; /** * @Created by sunlh * @Date 2020-12-01 */ public class CoeCooperationAPIManager { private static CoeCooperationAPIManager instance = new CoeCooperationAPIManager(); private CoeCooperationAPIManager() { } public static CoeCooperationAPIManager getInstance() { return instance; } /** * 是否安装并启动PAL小组应用 * @return */ public boolean isInstall() { return SDK.getAppAPI().isActive("com.actionsoft.apps.coe.pal.cooperation"); } /** * 删除PAL用户中不存在但是小组成员中存在的用户 * 应用场景,PAL用户管理 * @return */ public void syncCooperationMemberFromPal() { CoeCooperationMemberDao memberDao = new CoeCooperationMemberDao(); List memberModels = memberDao.getAllUserList(); Set coopUserIds = new HashSet<>(); for (CoeCooperationMemberModel memberModel : memberModels) { coopUserIds.add(memberModel.getUserId()); } if (!coopUserIds.isEmpty()) { List coeUserModels = new CoeUser().getCoeUsers(); Set userIds = new HashSet<>(); for (CoeUserModel user : coeUserModels) { userIds.add(user.getUserId()); } for (String userId : coopUserIds) { if (!userIds.contains(userId)) { memberDao.remove(userId); SDK.getLogAPI().consoleInfo("[" + SDK.getAppAPI().getAppContext(CoEConstant.APP_ID).getNameI18N() + "][删除]同步PAL用户,同步PAL用户至PAL小组成员,删除在PAL小组中存在但是不在PAL用户中存在的成员[" + userId + "]"); } } } } /** * 获取小组信息,不区分是否启用中 * @param teamId * @return */ public CoeCooperationTeamModel queryCooperationTeamById(String teamId) { CoeCooperationTeamDao dao = new CoeCooperationTeamDao(); return dao.getInstance(teamId); } /** * 获取小组信息 * @param teamId * @param isRun 小组是否要求启用中 true启用中,false不限制 * @return */ public CoeCooperationTeamModel queryCooperationTeamById(String teamId, boolean isRun) { CoeCooperationTeamModel model = new CoeCooperationTeamDao().getInstance(teamId); if (model != null && isRun) { return CoeCooperationConst.TEAM_STATUS_RUN == model.getTeamStatus() ? model : null; } return model; } /** * 获取所有协作小组分类 * @return */ public List queryCooperationCategoryList() { CoeCooperationTeamDao dao = new CoeCooperationTeamDao(); return dao.getCategoryList(); } /** * 获取小组的所有用户 * @param teamId * @return */ public List queryCooperationTeamMemberList(String teamId) { CoeCooperationMemberDao dao = new CoeCooperationMemberDao(); return dao.queryUserListByTeam(teamId); } /** * 获取小组下指定用户的多角色列表 * @param teamId * @param userid * @return */ public List queryCooperationTeamMembersByUser(String teamId,String userid) { CoeCooperationMemberDao dao = new CoeCooperationMemberDao(); return dao.getTeamRolesByUser(teamId,userid); } /** * 获取小组下指定用户的隐藏角色-用户权限 * @param teamId * @param userid * @return */ public CoeCooperationRoleModel queryCooperationTeamHideRole(String teamId,String userid){ CoeCooperationRoleDao roleDao = new CoeCooperationRoleDao(); return roleDao.getCooperationHideRoleByRoleName(teamId,userid); } /** * 获取小组的管理员用户 * @param teamId * @return */ public List queryCooperationAdminUsers(String teamId) { CoeCooperationMemberDao dao = new CoeCooperationMemberDao(); return dao.getCooperationAdminUsers(teamId, "0"); } /** * 指定用户是否是小组的管理员 * @param teamId 小组ID * @param userId 用户Id * @return */ public boolean isTeamManager(String teamId, String userId) { CoeCooperationMemberDao dao = new CoeCooperationMemberDao(); List list = dao.getCooperationAdminUsers(teamId, "0"); return list != null && list.contains(userId); } /** * 获取小组的模型访问权限数据 * @param teamId * @return */ public List queryCooperationTeamPermVerIds(String teamId) { CoeCooperationTeamPermDao dao = new CoeCooperationTeamPermDao(); return dao.getCooperationTeamPermVerIds(teamId); } /** * 查询小组的管理角色 * @param teamId * @return */ public CoeCooperationRoleModel queryCooperationManageRole(String teamId) { List list = queryCooperationRoleByType(teamId, CoeCooperationConst.ROLE_TYPE_MANAGER); if (list.size() > 0) { return list.get(0); } return null; } /** * 查询小组的某类角色 * @param teamId * @param roleType * @see CoeCooperationConst#ROLE_TYPE_MANAGER 管理员角色 * @see CoeCooperationConst#ROLE_TYPE_DESIGNER 设计人员角色 * @see CoeCooperationConst#ROLE_TYPE_VISITOR 浏览人员角色 * @see CoeCooperationConst#ROLE_TYPE_CUSTOM 自定义角色合集 * @return */ public List queryCooperationRoleByType(String teamId, int roleType) { CoeCooperationRoleDao dao = new CoeCooperationRoleDao(); return dao.getCooperationRoleByType(teamId, roleType); } /** * 创建默认角色(管理员、设计人员、浏览人员) * 多用于创建小组阶段 * @param teamId * @return */ public boolean createCooperationDefaultRole(String teamId, String userId) { Timestamp nowTime = new Timestamp(System.currentTimeMillis()); // 全部数据权限、全部操作权限、全部应用权限、小组信息权限 CoeCooperationRoleModel role1 = new CoeCooperationRoleModel(UUIDGener.getUUID(), teamId, "管理员", "拥有小组的管理权限,可以对小组信息和小组成员进行管理。", CoeCooperationConst.ROLE_TYPE_MANAGER, CoeCooperationConst.PERM_ALL, CoeCooperationConst.ACTION_WRITE + "," + CoeCooperationConst.ACTION_DELETE + "," + CoeCooperationConst.ACTION_VERSION, CoeCooperationConst.PERM_ALL, userId, nowTime, userId, nowTime); // 全部数据权限、全部操作权限、全部应用权限 CoeCooperationRoleModel role2 = new CoeCooperationRoleModel(UUIDGener.getUUID(), teamId, "设计成员", "拥有小组所有数据和功能权限,可以对小组内的资产进行管理。", CoeCooperationConst.ROLE_TYPE_DESIGNER, CoeCooperationConst.PERM_ALL, CoeCooperationConst.ACTION_WRITE + "," + CoeCooperationConst.ACTION_DELETE + "," + CoeCooperationConst.ACTION_VERSION, CoeCooperationConst.PERM_ALL, userId, nowTime, userId, nowTime); // 全部数据权限、无操作权限、无流程梳理以外应用权限 CoeCooperationRoleModel role3 = new CoeCooperationRoleModel(UUIDGener.getUUID(), teamId, "浏览成员", "拥有小组内所有数据的浏览权限", CoeCooperationConst.ROLE_TYPE_VISITOR, "", "", CoeCooperationConst.PERM_ALL, userId, nowTime, userId, nowTime); List list = new ArrayList<>(); list.add(role1); list.add(role2); list.add(role3); return new CoeCooperationRoleDao().batchInsert(list); } /** * 新小组权限创建默认角色 * @param teamId * @param userId * @return */ public boolean createCooperationDefaultRoleNewPerm(String teamId, String userId) { Timestamp nowTime = new Timestamp(System.currentTimeMillis()); // 全部数据权限、全部操作权限、全部应用权限、小组信息权限 CoeCooperationRoleModel role1 = new CoeCooperationRoleModel(UUIDGener.getUUID(), teamId, "管理员", "拥有小组的管理权限,可以对小组信息和小组成员进行管理。", CoeCooperationConst.ROLE_TYPE_MANAGER, CoeCooperationConst.PERM_ALL, CoeCooperationConst.ACTION_CREATE_PROCESS + "," + CoeCooperationConst.ACTION_BATCH , CoeCooperationConst.PERM_ALL, userId, nowTime, userId, nowTime); // 全部数据权限、全部操作权限、全部应用权限 CoeCooperationRoleModel role2 = new CoeCooperationRoleModel(UUIDGener.getUUID(), teamId, "设计成员", "拥有小组所有数据和功能权限,可以对小组内的资产进行管理。", CoeCooperationConst.ROLE_TYPE_DESIGNER, CoeCooperationConst.PERM_ALL, CoeCooperationConst.ACTION_CREATE_PROCESS + "," + CoeCooperationConst.ACTION_BATCH , CoeCooperationConst.PERM_ALL, userId, nowTime, userId, nowTime); // 全部数据权限、无操作权限、无流程梳理以外应用权限 CoeCooperationRoleModel role3 = new CoeCooperationRoleModel(UUIDGener.getUUID(), teamId, "浏览成员", "拥有小组内所有数据的浏览权限", CoeCooperationConst.ROLE_TYPE_VISITOR, "", "", CoeCooperationConst.PERM_ALL, userId, nowTime, userId, nowTime); List list = new ArrayList<>(); list.add(role1); list.add(role2); list.add(role3); return new CoeCooperationRoleDao().batchInsert(list); } /** * 批量创建小组角色 * @param list * @return */ public boolean createCooperationRoles(List list) { return new CoeCooperationRoleDao().batchInsert(list); } /** * 创建小组角色 * @param model * @return */ public boolean createCooperationRole(CoeCooperationRoleModel model) { int r = new CoeCooperationRoleDao().insert(model); return r == 1; } /** * 修改小组角色 * @param model * @return */ public boolean updateCooperationRole(CoeCooperationRoleModel model) { int r = new CoeCooperationRoleDao().update(model); return r > 0; } /** * 创建小组 * @param model * @return */ public boolean createCooperationTeam(CoeCooperationTeamModel model) { if (model == null) { return false; } int r = new CoeCooperationTeamDao().insert(model); if (r > 0) { return true; } return false; } /** * 更新小组信息 * @param teamId * @param teamName * @param category * @param teamDesc * @param teamLogo * @param wsId * @param updateUserId * @return */ public Boolean updateCooperationTeam(String teamId, String teamName, String category, String teamDesc, String teamLogo, String wsId, String updateUserId) { CoeCooperationTeamDao dao = new CoeCooperationTeamDao(); return dao.updateCooperationTeam(teamId, teamName, category, teamDesc, teamLogo, wsId, updateUserId); } /** * 更新小组状态 * @param teamId * @param status 0启用/1停用 * @see CoeCooperationConst#TEAM_STATUS_RUN * @see CoeCooperationConst#TEAM_STATUS_STOP * @return */ public Boolean updateCooperationTeamStatus(String teamId, int status) { CoeCooperationTeamDao dao = new CoeCooperationTeamDao(); if (status != CoeCooperationConst.TEAM_STATUS_STOP && status != CoeCooperationConst.TEAM_STATUS_RUN) { return false; } return dao.updateCooperationTeamStatus(teamId, status); } /** * 创建小组成员 * @param list * @return */ public boolean createCooperationMemebers(List list) { return new CoeCooperationMemberDao().batchInsert(list); } /** * 查询指定用户加入的小组,安装创建时间排序 * @param userId 用户id * @param isOnlyRunTeam 是否只包含启用中的小组,true:只获取启用小组,false:获取加入的启用和停用小组小组 * @param isOnlyRunWorkspace 是否只包含启用中的资产库,true:只获取小组对应的启用资产库,false:不限制资产库状态 * @return */ public List queryJoindTeamList(String userId, boolean isOnlyRunTeam, boolean isOnlyRunWorkspace) { List result = new ArrayList<>(); CoeCooperationMemberDao memberDao = new CoeCooperationMemberDao(); List teamIdList = memberDao.queryTeamListByUser(userId); if (teamIdList.size() > 0) { for (String teamId : teamIdList) { CoeCooperationTeamModel teamModel = queryCooperationTeamById(teamId); if (teamModel != null) { if (isOnlyRunTeam && CoeCooperationConst.TEAM_STATUS_STOP == teamModel.getTeamStatus()) { continue; } if (isOnlyRunWorkspace && !PALRepositoryQueryAPIManager.getInstance().isActiveWorkSpace(teamModel.getWsId())) { continue; } result.add(teamModel); } } } // 创建时间排序 result.sort((t1, t2) -> t1.getCreateTime().compareTo(t2.getCreateTime())); return result; } /** * 删除小组下的特定类别的角色下的所有成员 * @param teamId * @param roleType * @see CoeCooperationConst#ROLE_TYPE_MANAGER 管理员角色 * @see CoeCooperationConst#ROLE_TYPE_DESIGNER 设计人员角色 * @see CoeCooperationConst#ROLE_TYPE_VISITOR 浏览人员角色 * @see CoeCooperationConst#ROLE_TYPE_CUSTOM 自定义角色合集 * @return */ public void removeCooperationMemebers(String teamId, int roleType) { CoeCooperationRoleModel role = queryCooperationRoleByType(teamId, roleType).get(0); new CoeCooperationMemberDao().remove(teamId, role.getId()); } /** * 删除小组下指定角色类型的隐藏角色-用户权限 * @param teamId * @param roleType */ public void removeCooperationMemebersHideRole(String teamId, String userid) { CoeCooperationRoleDao roleDao = new CoeCooperationRoleDao(); CoeCooperationRoleModel hideRole = roleDao.getCooperationHideRoleByRoleName(teamId, userid); if (null != hideRole){ roleDao.remove(teamId,hideRole.getId()); } } /** * 删除某个具体角色下的所有成员 * @param teamId * @param roleId */ public void removeCooperationMemebers(String teamId, String roleId) { new CoeCooperationMemberDao().remove(teamId, roleId); } /** * 删除某个小组下的指定用户 * @param teamId * @param userId */ public void removeCooperationMemeber(String teamId, String userId) { new CoeCooperationMemberDao().removeUserByTeam(teamId, userId); } /** * 创建小组的模型数据权限 * @param list * @return */ public boolean createCooperationTeamPerms(List list) { return new CoeCooperationTeamPermDao().batchInsert(list); } /** * 删除小组的模型数据权限配置 * @param teamId */ public void removeCooperationTeamPerms(String teamId) { new CoeCooperationTeamPermDao().removeByTeam(teamId); } /** * 根据资产库删除所有相关小组信息 * @param wsId */ public void removeAllCooperationByWsId(String wsId) { List list = new CoeCooperationTeamDao().getListByWsId(wsId); for (CoeCooperationTeamModel team : list) { removeAllCooperationByTeamId(team.getId()); } } /** * 根据小组删除所有小组信息 * @param teamId */ public void removeAllCooperationByTeamId(String teamId) { new CoeCooperationRolePermDao().removeByTeam(teamId); new CoeCooperationRoleDao().removeByTeam(teamId); new CoeCooperationMemberDao().removeByTeam(teamId); new CoeCooperationTeamPermDao().removeByTeam(teamId); new CoeCooperationTeamDao().removeByTeam(teamId); } /** * 卸载PAL小组时删除所有数据 */ public void removeAllCooperation() { new CoeCooperationRolePermDao().removeAll(); new CoeCooperationRoleDao().removeAll(); new CoeCooperationMemberDao().removeAll(); new CoeCooperationTeamPermDao().removeAll(); new CoeCooperationTeamDao().removeAll(); } /** * 获取个人权限下的模型数据集合 * 数据集合中有可能会包含回收站中尚未彻底删除的权限数据 * @param teamId * @param userId * @return versionIds 小组数据权限范围之内该角色(当前用户所属角色)下的数据权限交集 */ public List queryCooperationRoleDataPermByTeamUser(String teamId, String userId) { return queryCooperationRoleDataPermByTeamUser(teamId, userId, false); } /** * 获取个人权限下的模型数据集合 * @param teamId 小组id * @param userId 用户id * @param isValidPermData 是否只获取有效的流程 true:只获取流程表中有的数据 false:直接获取权限数据,可能会包含在回收站但是未彻底删除的数据 * @return versionIds 小组数据权限范围之内该角色(当前用户所属角色)下的数据权限交集 */ public List queryCooperationRoleDataPermByTeamUser(String teamId, String userId, boolean isValidPermData) { // 判断用户是否在小组中 CoeCooperationMemberModel memberModel = new CoeCooperationMemberDao().getModelByTeamUser(teamId, userId); if (memberModel != null) { // 小组数据权限范围+该角色(当前用户所属角色)下的数据权限交集 List teamPermVerList = queryCooperationTeamPermVerIds(teamId); String roleId = memberModel.getRoleId(); CoeCooperationRoleModel roleModel = new CoeCooperationRoleDao().getInstance(roleId); if (CoeCooperationConst.PERM_ALL.equals(roleModel.getDataPerm())) { // 全部权限 return teamPermVerList; } else { // 部分权限 List rolePermList = new CoeCooperationRolePermDao().getRolePermListByRole(teamId, roleId); // 获取交集 List result = new ArrayList<>(); if (rolePermList.size() > 0) { for (String teamPermVer : teamPermVerList) { if (rolePermList.contains(teamPermVer)) { if (isValidPermData) {// 是否增加该流程是否在流程表的校验 List verModels = PALRepositoryCache.getByVersionId(teamPermVer); if (verModels != null && verModels.size() > 0) { result.add(teamPermVer); } } else { result.add(teamPermVer); } } } } return result; } } return new ArrayList<>(); } /** * 将模型文件加入PAL小组权限 * @param uc * @param teamId 小组id * @param palVersionId 流程模型版本id * @param addToTeamPerm 是否将权限加入小组数据权限中 * @param addToRolePerm 是否将权限加入当前小组的该用户 * @return */ public boolean addRepositoryToTeamAndRolePerm(UserContext uc, String teamId, String palVersionId, boolean addToTeamPerm, boolean addToRolePerm) { String userId = uc.getUID(); if (addToTeamPerm) { // 获取现有数据权限,判断是否已存在 List teamPermList = queryCooperationTeamPermVerIds(teamId); if (!teamPermList.contains(palVersionId)) { // 添加 CoeCooperationTeamPermModel teamPerm = new CoeCooperationTeamPermModel(UUIDGener.getUUID(), teamId, palVersionId); new CoeCooperationTeamPermDao().insert(teamPerm); } } if (addToRolePerm) { //新版权限向隐藏角色中添加 boolean isOlderVersion = SDK.getAppAPI().getPropertyBooleanValue("com.actionsoft.apps.coe.pal", "IsOlderVersion", true); if (isOlderVersion){ CoeCooperationMemberModel memberModel = new CoeCooperationMemberDao().getModelByTeamUser(teamId, userId); String roleId = memberModel.getRoleId(); CoeCooperationRoleModel roleModel = new CoeCooperationRoleDao().getInstance(roleId); // 判断是否设定的默认全部权限 if (!CoeCooperationConst.PERM_ALL.equals(roleModel.getDataPerm())) { // 获取现有角色数据权限,判断是否已存在 List rolePermList = new CoeCooperationRolePermDao().getRolePermListByRole(teamId, roleId); if (!rolePermList.contains(palVersionId)) { // 添加 CoeCooperationRolePermModel rolePerm = new CoeCooperationRolePermModel(UUIDGener.getUUID(), teamId, roleId, palVersionId); new CoeCooperationRolePermDao().insert(rolePerm); } } }else { //查询用户权限 CoeCooperationRoleModel hideRole = new CoeCooperationRoleDao().getCooperationHideRoleByRoleName(teamId, userId); if (!CoeCooperationConst.PERM_ALL.equals(hideRole.getDataPerm())) { // 获取用户权限,判断是否已存在 List rolePermList = new CoeCooperationRolePermDao().getRolePermListByRole(teamId, hideRole.getId()); if (!rolePermList.contains(palVersionId)) { // 添加角色权限, 当前用户新建默认给全部的操作权限 CoeCooperationRolePermModel rolePerm = new CoeCooperationRolePermModel(UUIDGener.getUUID(), teamId, hideRole.getId(), palVersionId,"w,d,v"); new CoeCooperationRolePermDao().insert(rolePerm); } } } } //更新用户权限缓存 CooperationCache.updateTeamInfo(teamId); return true; } /** * 查询用户在指定小组中的角色 * @param teamId * @param userId * @return */ public CoeCooperationRoleModel queryCooperationRoleByUser(String teamId, String userId) { return new CoeCooperationRoleDao().getCooperationRoleByUser(teamId, userId); } /** * 查询指定id的角色 * @param roleId * @return */ public CoeCooperationRoleModel queryCooperationRole(String roleId) { return new CoeCooperationRoleDao().getInstance(roleId); } /** * 查询小组下的所有角色 * 按照管理员/设计人员/浏览人员+剩余角色创建时间倒序排序 * @param teamId * @return */ public List queryCooperationRoleList(String teamId) { List list = new CoeCooperationRoleDao().getCooperationRoleByTeam(teamId); list.sort((r1, r2) -> { int index = r1.getRoleType() - r2.getRoleType(); if (index != 0) { return index; } return r1.getCreateTime().compareTo(r2.getCreateTime()); }); return list; } /** * 更新用户的角色 * @param teamId 小组Id * @param userId 用户Id * @param roleId 要更新的角色Id * @param updateUser 更新人 */ public boolean updateCooperationUserRole(String teamId, String userId, String roleId, String updateUser) { CoeCooperationMemberDao dao = new CoeCooperationMemberDao(); return dao.updateCooperationUserRole(teamId, userId, roleId, updateUser); } /** * 获取角色下的模型数据权限 * @param teamId * @param roleId * @return List palVersionId */ public List queryCooperationRoleDataPerms(String teamId, String roleId) { return new CoeCooperationRolePermDao().getRolePermListByRole(teamId, roleId); } /** * 获取角色下的模型数据权限 * @param teamId * @param roleId * @return */ public List queryCooperationRoleDataPermList(String teamId, String roleId) { return new CoeCooperationRolePermDao().getRolePermByTeamIdAndRoleId(teamId, roleId); } /** * 创建小组下角色的模型数据权限 * @param list * @return */ public boolean createCooperationRolePerms(List list) { return new CoeCooperationRolePermDao().batchInsert(list); } /** * 删除小组下的角色信息 * @param teamId * @param roleId */ public void removeCooperationRole(String teamId, String roleId) { removeCooperationRolePerms(teamId, roleId); new CoeCooperationRoleDao().remove(teamId, roleId); } /** * 删除隐藏用户 * @param teamId * @param roleName */ public void removeCooperationHideRole(String teamId, String roleName) { CoeCooperationRoleDao roleDao = new CoeCooperationRoleDao(); CoeCooperationRoleModel deletedRole = roleDao.getCooperationHideRoleByRoleName(teamId, roleName); if (deletedRole == null){ return; } removeCooperationRolePerms(teamId, deletedRole.getId()); roleDao.remove(teamId, deletedRole.getId()); } /** * 删除小组角色的模型数据权限配置 * @param teamId * @param roleId */ public void removeCooperationRolePerms(String teamId, String roleId) { new CoeCooperationRolePermDao().removeByRole(teamId, roleId); } /** * 获取小组成员的操作权限 * @param teamId * @param userId * @param ro havingWritePerm、havingRemovePerm、havingVersionManagePerm 返回true false */ public void queryCooperationMemberActionPerm(String teamId, String userId, ResponseObject ro) { boolean isOlderVersion = SDK.getAppAPI().getPropertyBooleanValue("com.actionsoft.apps.coe.pal", "IsOlderVersion", true); if (isOlderVersion){ // 权限获取 boolean havingWritePerm = true; boolean havingRemovePerm = true; boolean havingVersionManagePerm = true; int validUserPermDataCount = 0;// 当前小组成员有效(流程表中存在)的数据权限数量 if (!UtilString.isEmpty(teamId) && isInstall()) { Set userOperatePermission = CooperationCache.getUserOperatePermission(teamId, userId); havingWritePerm = userOperatePermission.contains(CoeCooperationConst.ACTION_WRITE);// 新增、修改权限 havingRemovePerm = userOperatePermission.contains(CoeCooperationConst.ACTION_DELETE);// 删除权限 havingVersionManagePerm = userOperatePermission.contains(CoeCooperationConst.ACTION_VERSION);// 版本管理权限 } ro.put("isOlderVersion", isOlderVersion); ro.put("havingWritePerm", havingWritePerm);// 新增、修改权限 ro.put("havingRemovePerm", havingRemovePerm);// 删除权限 ro.put("havingVersionManagePerm", havingVersionManagePerm);// 版本管理权限 Set permDataVerIdList = CooperationCache.getUserDataVisitablePermission(teamId, userId,true); validUserPermDataCount = permDataVerIdList != null ? permDataVerIdList.size() : 0; ro.put("validUserPermDataCount", validUserPermDataCount); }else { boolean havingCreatePerm = true; boolean havingBatchPerm = true; int validUserPermDataCount = 0; if (!UtilString.isEmpty(teamId) && isInstall()) { Set userOperatePermission = CooperationCache.getUserOperatePermission(teamId, userId); havingCreatePerm = userOperatePermission.contains(CoeCooperationConst.ACTION_CREATE_PROCESS); havingBatchPerm = userOperatePermission.contains(CoeCooperationConst.ACTION_BATCH); } ro.put("isOlderVersion", isOlderVersion);// ro.put("havingCreatePerm", havingCreatePerm);// 新增流程权限 ro.put("havingBatchPerm", havingBatchPerm);// 批量操作 Set dataVisitablePermission = CooperationCache.getUserDataVisitablePermission(teamId, userId,true); validUserPermDataCount = dataVisitablePermission != null ? dataVisitablePermission.size() : 0; ro.put("validUserPermDataCount", validUserPermDataCount); } } /** * 获取小组成员指定文件的操作权限 * @param teamId * @param userId * @param versionId * @param ro */ public void queryCooperationFileActionPerm(String teamId, String userId,String versionId, ResponseObject ro) { boolean isOlderVersion = SDK.getAppAPI().getPropertyBooleanValue("com.actionsoft.apps.coe.pal", "IsOlderVersion", true); if (isOlderVersion){ return; } boolean havingWritePerm = true; boolean havingRemovePerm = true; boolean havingVersionManagePerm = true; int validUserPermDataCount = 0;// 当前小组成员有效(流程表中存在)的数据权限数量 if (StringUtils.isNotEmpty(teamId) && isInstall()) { Set userOperatePermission = CooperationCache.getUserDataOperatePermission(teamId, userId,versionId); havingWritePerm = userOperatePermission.contains(CoeCooperationConst.ACTION_WRITE);// 新增、修改权限 havingRemovePerm = userOperatePermission.contains(CoeCooperationConst.ACTION_DELETE);// 删除权限 havingVersionManagePerm = userOperatePermission.contains(CoeCooperationConst.ACTION_VERSION);// 版本管理权限 } ro.put("isOlderVersion", isOlderVersion);// ro.put("havingWritePerm", havingWritePerm);// 新增、修改权限 ro.put("havingRemovePerm", havingRemovePerm);// 删除权限 ro.put("havingVersionManagePerm", havingVersionManagePerm);// 版本管理权限 } /** * 判断小组成员是否有某类操作权限 * @param teamId * @param userId * @param actionType * @see CoeCooperationConst#ACTION_WRITE * @see CoeCooperationConst#ACTION_DELETE * @see CoeCooperationConst#ACTION_VERSION * @return */ private boolean compareRoleActionPerm(String teamId, String userId, String actionType) { // 查询角色 CoeCooperationRoleModel role = queryCooperationRoleByUser(teamId, userId); if (role != null && role.getActionPerm() != null) { return role.getActionPerm().contains(actionType); } return false; } /** * 小组成员是否有新增、修改的操作权限 * @param teamId * @param userId * @return */ public boolean havingWritePerm(String teamId, String userId) { return compareRoleActionPerm(teamId, userId, CoeCooperationConst.ACTION_WRITE); } /** * 小组成员是否有删除的操作权限 * @param teamId * @param userId * @return */ public boolean havingRemovePerm(String teamId, String userId) { return compareRoleActionPerm(teamId, userId, CoeCooperationConst.ACTION_DELETE); } /** * 小组成员是否有版本管理操作权限 * @param teamId * @param userId * @return */ public boolean havingVersionManagePerm(String teamId, String userId) { return compareRoleActionPerm(teamId, userId, CoeCooperationConst.ACTION_VERSION); } /** * 查询小组成员的应用权限 * @param teamId * @param userId * @return */ public Set queryAppPerm(String teamId, String userId) { CoeCooperationRoleModel role = queryCooperationRoleByUser(teamId, userId); if (role != null) { String appPerm = role.getAppPerm(); if (appPerm == null) { appPerm = ""; } if ("all".equals(appPerm)) { // 获取所有的PAL小组扩展应用 // 调用App String sourceAppId = CoEConstant.APP_ID; // aslp服务地址 String aslp = "aslp://com.actionsoft.apps.coe.pal.cooperation/listApps"; // 参数定义列表 Map params = new HashMap(); AppAPI appAPI = SDK.getAppAPI(); //列出已注册的流程团队扩展App ResponseObject ro = appAPI.callASLP(appAPI.getAppContext(sourceAppId), aslp, params); if (ro.isOk()) { JSONArray appArr = (JSONArray)((Map)ro.getData()).get("apps"); Set result = new HashSet<>(); for (int i = 0; i < appArr.size(); i++) { result.add(appArr.getJSONObject(i).getString("id")); } return result; } else { SDK.getLogAPI().consoleWarn(ro.toString()); } } else { return new HashSet<>(Arrays.asList(appPerm.split(","))); } } return new HashSet<>(); } /** * 删除小组指定数据权限和小组角色指定数据权限 * 用于彻底删除指定流程,例如回收站删除 * @param palVerId pal模型versionId */ public void removeCooperationDataPerm(String palVerId) { new CoeCooperationRolePermDao().removeByPalVersionId(palVerId); new CoeCooperationTeamPermDao().removeByPalVersionId(palVerId); } /** * 根据文件id判断是否有小组和资产库访问权限 * @param uuid * @return */ public boolean hasRepositoryPermision(String uuid){ PALRepositoryModel plModel = CoeProcessLevelDaoFacotory.createCoeProcessLevel().getInstance(uuid); if (null == plModel){ return false; } //资产库信息 String wsId = plModel.getWsId(); CoeWorkSpaceModel workSpaceModel = CoeWorkSpaceDaoFactory.createCoeWorkSpace().getAllModel(wsId); String uid = DispatcherRequest.getUserContext().getUID(); if (null != workSpaceModel && workSpaceModel.getIsUse()==1 && workSpaceModel.getWsAdmin().contains(uid)){ //资产库管理员权限 return true; }else { //小组权限 List teamModels = this.queryJoindTeamList(uid, true, true); for (CoeCooperationTeamModel teamModel: teamModels){ String teamId = teamModel.getId(); // List list = this.queryCooperationRoleDataPermByTeamUser(teamId, uid); //使用用户权限获取小组下用户多角色文件访问权限 Set list = CooperationCache.getUserDataVisitablePermission(teamId, uid, false); if (list.contains(plModel.getVersionId())){ return true; } } } return false; } public List getAllTeamInfo(){ List list = new ArrayList<>(); List allTeam = new CoeCooperationTeamDao().getAllTeam(); for (CoeCooperationTeamModel teamModel : allTeam) { TeamInfo teamInfo = this.getTeamInfo(teamModel.getId()); list.add(teamInfo); } return list; } public TeamInfo getTeamInfo(String teamId){ TeamInfo teamInfo = new TeamInfo(); if (StringUtils.isEmpty(teamId)){ return teamInfo; } teamInfo.setTeamId(teamId); List userInfos = this.getUserInfoByTeamId(teamId); teamInfo.setUsers(userInfos); List permVerIds = new CoeCooperationTeamPermDao().getCooperationTeamPermVerIds(teamId); teamInfo.getVersionIds().addAll(permVerIds); return teamInfo; } public List getUserInfoByTeamId(String teamId){ List list = new ArrayList<>(); Map userMap = new HashMap<>(); List memberModels = new CoeCooperationMemberDao().queryUserListByTeam(teamId); for (CoeCooperationMemberModel memberModel : memberModels) { UserInfo userInfo = userMap.get(memberModel.getUserId()); if (null == userInfo){ userInfo = new UserInfo(); userInfo.setUserid(memberModel.getUserId()); userInfo.getRoleIds().add(memberModel.getRoleId()); }else { userInfo.getRoleIds().add(memberModel.getRoleId()); } //加载隐藏角色 CoeCooperationRoleModel hideRole = new CoeCooperationRoleDao().getCooperationHideRoleByRoleName(teamId, memberModel.getUserId()); if (null != hideRole && !userInfo.getRoleIds().contains(hideRole.getId())){ userInfo.getRoleIds().add(hideRole.getId()); } userMap.put(memberModel.getUserId(),userInfo); } for (UserInfo userInfo : userMap.values()) { List roleIds = userInfo.getRoleIds(); Set appPerm = this.getAppPerm(roleIds); userInfo.setAppPermission(appPerm); Set actionPerm = this.getActionPerm(roleIds); userInfo.setOperatePermission(actionPerm); boolean allDataPerm = this.isAllDataPerm(roleIds); userInfo.setIsAllDataPermission(allDataPerm); if (!allDataPerm){ Map> dataPerm = this.getDataPerm(teamId, roleIds); userInfo.setDataPermission(dataPerm); } } list.addAll(userMap.values()); return list; } private Set getAppPerm(List roleIds){ Set set = new HashSet<>(); for (String roleId : roleIds) { CoeCooperationRoleModel roleModel = new CoeCooperationRoleDao().queryById(roleId); //TODO:可在这里做隐藏角色判断,判断是否为新版权限,否则去除isUser为1的角色 if (null == roleModel){ continue; } //设置全局app权限 List appPerm = Arrays.stream(roleModel.getAppPerm().split(",")).collect(Collectors.toList()); set.addAll(appPerm); } return set; } private Set getActionPerm(List roleIds){ Set set = new HashSet<>(); for (String roleId : roleIds) { CoeCooperationRoleModel roleModel = new CoeCooperationRoleDao().queryById(roleId); //TODO:可在这里做隐藏角色判断,判断是否为新版权限,否则去除isUser为1的角色 if (null == roleModel){ continue; } //设置全局操作权限 List actionPermList = Arrays.stream(roleModel.getActionPerm().split(",")).collect(Collectors.toList()); set.addAll(actionPermList); } return set; } private boolean isAllDataPerm(List roleIds){ for (String roleId : roleIds) { CoeCooperationRoleModel roleModel = new CoeCooperationRoleDao().queryById(roleId); //TODO:可在这里做隐藏角色判断,判断是否为新版权限,否则去除isUser为1的角色 if (null == roleModel){ continue; } if (roleModel.getDataPerm().equals("all")){ return true; } } return false; } private Map> getDataPerm(String teamId,List roleIds){ Map> map = new HashMap<>(); for (String roleId : roleIds) { CoeCooperationRoleModel roleModel = new CoeCooperationRoleDao().queryById(roleId); if (null == roleModel) { continue; } //获取角色下数据权限,设置数据权限 List rolePerms = new CoeCooperationRolePermDao().getRolePermByTeamIdAndRoleId(teamId, roleId); for (CoeCooperationRolePermModel rolePerm : rolePerms) { Set dataPerm = map.get(rolePerm.getPalVersionId()); if (null == dataPerm){ dataPerm = new HashSet<>(); } if (StringUtils.isNotEmpty(rolePerm.getActionPerm())){ dataPerm.addAll(Arrays.asList(rolePerm.getActionPerm().split(",").clone())); } map.put(rolePerm.getPalVersionId(), dataPerm); } } return map; } }