From 2230d4ed8b3fcd5ec4251e3a382ecb18a6c60650 Mon Sep 17 00:00:00 2001 From: lijiahang Date: Thu, 23 Nov 2023 17:19:42 +0800 Subject: [PATCH] =?UTF-8?q?feat:=20=E6=95=B0=E6=8D=AE=E5=88=86=E7=BB=84?= =?UTF-8?q?=E6=8E=88=E6=9D=83.?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- .../ops/framework/common/entity/TreeNode.java | 49 ++++++++ .../ops/framework/common/utils/TreeUtils.java | 84 +++++++++++++ .../asset/controller/AssetDataController.http | 0 .../asset/controller/AssetDataController.java | 45 +++++++ .../asset/controller/HostGroupController.java | 40 +++++-- .../operator/HostGroupOperatorType.java | 3 + .../host/HostGroupGrantQueryRequest.java | 31 +++++ .../request/host/HostGroupGrantRequest.java | 35 ++++++ .../asset/entity/vo/HostGroupTreeVO.java | 11 +- .../asset/service/HostGroupService.java | 25 ++++ .../service/impl/HostGroupServiceImpl.java | 113 ++++++++++++++++-- .../module/infra/api/DataPermissionApi.java | 8 +- .../ops/module/infra/api/SystemRoleApi.java | 22 ++++ .../ops/module/infra/api/SystemUserApi.java | 30 +++++ .../infra/entity/dto/data/DataGroupDTO.java | 3 +- .../infra/entity/dto/role/SystemRoleDTO.java | 39 ++++++ .../infra/entity/dto/user/SystemUserDTO.java | 52 ++++++++ .../infra/api/impl/DataPermissionApiImpl.java | 4 +- .../infra/api/impl/SystemRoleApiImpl.java | 34 ++++++ .../infra/api/impl/SystemUserApiImpl.java | 43 +++++++ .../convert/SystemRoleProviderConvert.java | 22 ++++ .../convert/SystemUserProviderConvert.java | 22 ++++ .../ops/module/infra/dao/SystemRoleDAO.java | 10 ++ .../infra/entity/dto/DataGroupCacheDTO.java | 3 +- .../infra/service/DataPermissionService.java | 8 +- .../service/impl/DataGroupServiceImpl.java | 27 +---- .../impl/DataPermissionServiceImpl.java | 2 +- .../service/impl/SystemUserServiceImpl.java | 12 +- .../resources/mapper/SystemRoleMapper.xml | 8 ++ orion-ops-ui/src/api/asset/host-group.ts | 16 +-- 30 files changed, 727 insertions(+), 74 deletions(-) create mode 100644 orion-ops-framework/orion-ops-framework-common/src/main/java/com/orion/ops/framework/common/entity/TreeNode.java create mode 100644 orion-ops-framework/orion-ops-framework-common/src/main/java/com/orion/ops/framework/common/utils/TreeUtils.java create mode 100644 orion-ops-module-asset/orion-ops-module-asset-service/src/main/java/com/orion/ops/module/asset/controller/AssetDataController.http create mode 100644 orion-ops-module-asset/orion-ops-module-asset-service/src/main/java/com/orion/ops/module/asset/controller/AssetDataController.java create mode 100644 orion-ops-module-asset/orion-ops-module-asset-service/src/main/java/com/orion/ops/module/asset/entity/request/host/HostGroupGrantQueryRequest.java create mode 100644 orion-ops-module-asset/orion-ops-module-asset-service/src/main/java/com/orion/ops/module/asset/entity/request/host/HostGroupGrantRequest.java create mode 100644 orion-ops-module-infra/orion-ops-module-infra-provider/src/main/java/com/orion/ops/module/infra/api/SystemRoleApi.java create mode 100644 orion-ops-module-infra/orion-ops-module-infra-provider/src/main/java/com/orion/ops/module/infra/api/SystemUserApi.java create mode 100644 orion-ops-module-infra/orion-ops-module-infra-provider/src/main/java/com/orion/ops/module/infra/entity/dto/role/SystemRoleDTO.java create mode 100644 orion-ops-module-infra/orion-ops-module-infra-provider/src/main/java/com/orion/ops/module/infra/entity/dto/user/SystemUserDTO.java create mode 100644 orion-ops-module-infra/orion-ops-module-infra-service/src/main/java/com/orion/ops/module/infra/api/impl/SystemRoleApiImpl.java create mode 100644 orion-ops-module-infra/orion-ops-module-infra-service/src/main/java/com/orion/ops/module/infra/api/impl/SystemUserApiImpl.java create mode 100644 orion-ops-module-infra/orion-ops-module-infra-service/src/main/java/com/orion/ops/module/infra/convert/SystemRoleProviderConvert.java create mode 100644 orion-ops-module-infra/orion-ops-module-infra-service/src/main/java/com/orion/ops/module/infra/convert/SystemUserProviderConvert.java diff --git a/orion-ops-framework/orion-ops-framework-common/src/main/java/com/orion/ops/framework/common/entity/TreeNode.java b/orion-ops-framework/orion-ops-framework-common/src/main/java/com/orion/ops/framework/common/entity/TreeNode.java new file mode 100644 index 00000000..fd3df3f9 --- /dev/null +++ b/orion-ops-framework/orion-ops-framework-common/src/main/java/com/orion/ops/framework/common/entity/TreeNode.java @@ -0,0 +1,49 @@ +package com.orion.ops.framework.common.entity; + +import java.util.List; + +/** + * 树节点 + * + * @author Jiahang Li + * @version 1.0.0 + * @since 2023/11/23 16:52 + */ +public interface TreeNode> { + + /** + * id + * + * @return id + */ + Long getId(); + + /** + * parentId + * + * @return parentId + */ + Long getParentId(); + + /** + * sort + * + * @return sort + */ + Integer getSort(); + + /** + * children + * + * @return children + */ + List getChildren(); + + /** + * 设置 children + * + * @param children children + */ + void setChildren(List children); + +} diff --git a/orion-ops-framework/orion-ops-framework-common/src/main/java/com/orion/ops/framework/common/utils/TreeUtils.java b/orion-ops-framework/orion-ops-framework-common/src/main/java/com/orion/ops/framework/common/utils/TreeUtils.java new file mode 100644 index 00000000..6a8ccfea --- /dev/null +++ b/orion-ops-framework/orion-ops-framework-common/src/main/java/com/orion/ops/framework/common/utils/TreeUtils.java @@ -0,0 +1,84 @@ +package com.orion.ops.framework.common.utils; + +import com.orion.lang.utils.collect.Lists; +import com.orion.ops.framework.common.constant.Const; +import com.orion.ops.framework.common.entity.TreeNode; + +import java.util.Comparator; +import java.util.List; +import java.util.stream.Collectors; + +/** + * 树工具类 + * + * @author Jiahang Li + * @version 1.0.0 + * @since 2023/11/23 16:52 + */ +public class TreeUtils { + + private TreeUtils() { + } + + /** + * 获取节点以及父节点 + * + * @param nodes nodes + * @param idList idList + * @param result result + * @param T + */ + public static > void getAllNodes(List nodes, + List idList, + List result) { + if (Lists.isEmpty(idList)) { + return; + } + // 获取当前节点的数据 + List currentNodes = nodes.stream() + .filter(s -> idList.contains(s.getId())) + .collect(Collectors.toList()); + if (currentNodes.isEmpty()) { + return; + } + result.addAll(currentNodes); + // 获取父节点id + List parentIdList = currentNodes.stream() + .map(T::getParentId) + .distinct() + .collect(Collectors.toList()); + // 如果为空 或者唯一的元素为 rootId 直接返回 + if (parentIdList.isEmpty() + || parentIdList.size() == 1 + || parentIdList.get(0).equals(Const.ROOT_PARENT_ID)) { + return; + } + // 递归 + getAllNodes(nodes, parentIdList, result); + } + + /** + * 构建树 + * + * @param parentNode parentNode + * @param nodes nodes + * @param T + */ + public static > void buildGroupTree(T parentNode, + List nodes) { + // 获取子节点 + List childrenNodes = nodes.stream() + .filter(s -> parentNode.getId().equals(s.getParentId())) + .sorted(Comparator.comparing(T::getSort)) + .collect(Collectors.toList()); + if (childrenNodes.isEmpty()) { + return; + } + parentNode.setChildren(childrenNodes); + // 遍历子节点 + for (T childrenNode : childrenNodes) { + buildGroupTree(childrenNode, nodes); + } + } + +} diff --git a/orion-ops-module-asset/orion-ops-module-asset-service/src/main/java/com/orion/ops/module/asset/controller/AssetDataController.http b/orion-ops-module-asset/orion-ops-module-asset-service/src/main/java/com/orion/ops/module/asset/controller/AssetDataController.http new file mode 100644 index 00000000..e69de29b diff --git a/orion-ops-module-asset/orion-ops-module-asset-service/src/main/java/com/orion/ops/module/asset/controller/AssetDataController.java b/orion-ops-module-asset/orion-ops-module-asset-service/src/main/java/com/orion/ops/module/asset/controller/AssetDataController.java new file mode 100644 index 00000000..04fd743d --- /dev/null +++ b/orion-ops-module-asset/orion-ops-module-asset-service/src/main/java/com/orion/ops/module/asset/controller/AssetDataController.java @@ -0,0 +1,45 @@ +package com.orion.ops.module.asset.controller; + +import com.orion.ops.framework.log.core.annotation.IgnoreLog; +import com.orion.ops.framework.log.core.enums.IgnoreLogMode; +import com.orion.ops.framework.security.core.utils.SecurityUtils; +import com.orion.ops.framework.web.core.annotation.RestWrapper; +import com.orion.ops.module.asset.entity.vo.HostGroupTreeVO; +import com.orion.ops.module.asset.service.HostGroupService; +import io.swagger.v3.oas.annotations.Operation; +import io.swagger.v3.oas.annotations.tags.Tag; +import lombok.extern.slf4j.Slf4j; +import org.springframework.validation.annotation.Validated; +import org.springframework.web.bind.annotation.GetMapping; +import org.springframework.web.bind.annotation.RequestMapping; +import org.springframework.web.bind.annotation.RestController; + +import javax.annotation.Resource; +import java.util.List; + +/** + * 资产模块 授权数据服务 + * + * @author Jiahang Li + * @version 1.0.0 + * @since 2023/11/23 14:10 + */ +@Tag(name = "asset - 授权数据服务") +@Slf4j +@Validated +@RestWrapper +@RestController +@RequestMapping("/asset/authorized-data") +public class AssetDataController { + + @Resource + private HostGroupService hostGroupService; + + @IgnoreLog(IgnoreLogMode.RET) + @GetMapping("/host-group") + @Operation(summary = "查询已授权的主机分组") + public List getAuthorizedHostGroup() { + return hostGroupService.getUserAuthorizedHostGroup(SecurityUtils.getLoginUserId()); + } + +} diff --git a/orion-ops-module-asset/orion-ops-module-asset-service/src/main/java/com/orion/ops/module/asset/controller/HostGroupController.java b/orion-ops-module-asset/orion-ops-module-asset-service/src/main/java/com/orion/ops/module/asset/controller/HostGroupController.java index 25375825..61c733e7 100644 --- a/orion-ops-module-asset/orion-ops-module-asset-service/src/main/java/com/orion/ops/module/asset/controller/HostGroupController.java +++ b/orion-ops-module-asset/orion-ops-module-asset-service/src/main/java/com/orion/ops/module/asset/controller/HostGroupController.java @@ -6,6 +6,8 @@ import com.orion.ops.framework.log.core.annotation.IgnoreLog; import com.orion.ops.framework.log.core.enums.IgnoreLogMode; import com.orion.ops.framework.web.core.annotation.RestWrapper; import com.orion.ops.module.asset.define.operator.HostGroupOperatorType; +import com.orion.ops.module.asset.entity.request.host.HostGroupGrantQueryRequest; +import com.orion.ops.module.asset.entity.request.host.HostGroupGrantRequest; import com.orion.ops.module.asset.entity.request.host.HostGroupRelUpdateRequest; import com.orion.ops.module.asset.entity.vo.HostGroupTreeVO; import com.orion.ops.module.asset.service.HostGroupService; @@ -45,7 +47,7 @@ public class HostGroupController { @OperatorLog(HostGroupOperatorType.CREATE) @PostMapping("/create") - @Operation(summary = "创建主机分组 - 管理") + @Operation(summary = "创建主机分组") @PreAuthorize("@ss.hasPermission('asset:host-group:create')") public Long createHostGroup(@Validated @RequestBody DataGroupCreateDTO request) { return hostGroupService.createHostGroup(request); @@ -53,7 +55,7 @@ public class HostGroupController { @IgnoreLog(IgnoreLogMode.RET) @GetMapping("/tree") - @Operation(summary = "查询主机分组 - 管理") + @Operation(summary = "查询主机分组") @PreAuthorize("@ss.hasPermission('asset:host-group:query')") public List queryHostGroupTree() { return hostGroupService.queryHostGroupTree(); @@ -61,7 +63,7 @@ public class HostGroupController { @OperatorLog(HostGroupOperatorType.RENAME) @PutMapping("/rename") - @Operation(summary = "修改名称 - 管理") + @Operation(summary = "修改名称") @PreAuthorize("@ss.hasPermission('asset:host-group:update')") public Integer updateHostGroupName(@Validated @RequestBody DataGroupRenameDTO request) { return hostGroupService.updateHostGroupName(request); @@ -69,7 +71,7 @@ public class HostGroupController { @OperatorLog(HostGroupOperatorType.MOVE) @PutMapping("/move") - @Operation(summary = "移动位置 - 管理") + @Operation(summary = "移动位置") @PreAuthorize("@ss.hasPermission('asset:host-group:update')") public Integer moveHostGroup(@Validated @RequestBody DataGroupMoveDTO request) { return hostGroupService.moveHostGroup(request); @@ -77,7 +79,7 @@ public class HostGroupController { @OperatorLog(HostGroupOperatorType.DELETE) @DeleteMapping("/delete") - @Operation(summary = "删除主机分组 - 管理") + @Operation(summary = "删除主机分组") @PreAuthorize("@ss.hasPermission('asset:host-group:delete')") public Integer deleteHostGroup(@RequestParam("id") Long id) { return hostGroupService.deleteHostGroup(id); @@ -85,7 +87,7 @@ public class HostGroupController { @IgnoreLog(IgnoreLogMode.RET) @GetMapping("/rel-list") - @Operation(summary = "查询分组内主机 - 管理") + @Operation(summary = "查询分组内主机") @Parameter(name = "groupId", description = "groupId", required = true) @PreAuthorize("@ss.hasPermission('asset:host-group:query')") public Set queryHostGroupRel(@RequestParam("groupId") Long groupId) { @@ -93,13 +95,33 @@ public class HostGroupController { } @OperatorLog(HostGroupOperatorType.UPDATE_REL) - @PostMapping("/update-rel") - @Operation(summary = "修改分组内主机 - 管理") - @PreAuthorize("@ss.hasPermission('asset:host:update')") + @PutMapping("/update-rel") + @Operation(summary = "修改分组内主机") + @PreAuthorize("@ss.hasPermission('asset:host-group:update')") public HttpWrapper updateHostGroupRel(@Validated @RequestBody HostGroupRelUpdateRequest request) { hostGroupService.updateHostGroupRel(request); return HttpWrapper.ok(); } + // TODO 日志 host-group:grant + // TODO 菜单 asset:host-group:grant + + @IgnoreLog(IgnoreLogMode.RET) + @GetMapping("/get-authorized-group") + @Operation(summary = "获取已授权的分组") + @PreAuthorize("@ss.hasPermission('asset:host-group:grant')") + public List getAuthorizedHostGroup(@RequestParam HostGroupGrantQueryRequest request) { + return hostGroupService.getAuthorizedHostGroup(request); + } + + @OperatorLog(HostGroupOperatorType.GRANT) + @PutMapping("/grant") + @Operation(summary = "主机分组授权") + @PreAuthorize("@ss.hasPermission('asset:host-group:grant')") + public HttpWrapper grantHostGroup(@RequestBody HostGroupGrantRequest request) { + hostGroupService.grantHostGroup(request); + return HttpWrapper.ok(); + } + } diff --git a/orion-ops-module-asset/orion-ops-module-asset-service/src/main/java/com/orion/ops/module/asset/define/operator/HostGroupOperatorType.java b/orion-ops-module-asset/orion-ops-module-asset-service/src/main/java/com/orion/ops/module/asset/define/operator/HostGroupOperatorType.java index ca37e8ac..e9f201bb 100644 --- a/orion-ops-module-asset/orion-ops-module-asset-service/src/main/java/com/orion/ops/module/asset/define/operator/HostGroupOperatorType.java +++ b/orion-ops-module-asset/orion-ops-module-asset-service/src/main/java/com/orion/ops/module/asset/define/operator/HostGroupOperatorType.java @@ -26,6 +26,8 @@ public class HostGroupOperatorType extends InitializingOperatorTypes { public static final String UPDATE_REL = "host-group:update-rel"; + public static final String GRANT = "host-group:grant"; + @Override public OperatorType[] types() { return new OperatorType[]{ @@ -34,6 +36,7 @@ public class HostGroupOperatorType extends InitializingOperatorTypes { new OperatorType(L, MOVE, "移动主机分组 ${source}${target}(${position})"), new OperatorType(H, DELETE, "删除主机分组 ${groupName}"), new OperatorType(M, UPDATE_REL, "修改分组内主机 ${groupName}"), + new OperatorType(H, GRANT, "将主机分组权限授予 ${type} ${name}"), }; } diff --git a/orion-ops-module-asset/orion-ops-module-asset-service/src/main/java/com/orion/ops/module/asset/entity/request/host/HostGroupGrantQueryRequest.java b/orion-ops-module-asset/orion-ops-module-asset-service/src/main/java/com/orion/ops/module/asset/entity/request/host/HostGroupGrantQueryRequest.java new file mode 100644 index 00000000..069357a4 --- /dev/null +++ b/orion-ops-module-asset/orion-ops-module-asset-service/src/main/java/com/orion/ops/module/asset/entity/request/host/HostGroupGrantQueryRequest.java @@ -0,0 +1,31 @@ +package com.orion.ops.module.asset.entity.request.host; + +import io.swagger.v3.oas.annotations.media.Schema; +import lombok.AllArgsConstructor; +import lombok.Builder; +import lombok.Data; +import lombok.NoArgsConstructor; + +import java.io.Serializable; + +/** + * 主机分组 查询请求对象 + * + * @author Jiahang Li + * @version 1.0.0 + * @since 2023/11/23 11:56 + */ +@Data +@Builder +@NoArgsConstructor +@AllArgsConstructor +@Schema(name = "HostGroupQueryRequest", description = "主机分组 查询请求对象") +public class HostGroupGrantQueryRequest implements Serializable { + + @Schema(description = "用户id") + private Long userId; + + @Schema(description = "角色id") + private Long roleId; + +} diff --git a/orion-ops-module-asset/orion-ops-module-asset-service/src/main/java/com/orion/ops/module/asset/entity/request/host/HostGroupGrantRequest.java b/orion-ops-module-asset/orion-ops-module-asset-service/src/main/java/com/orion/ops/module/asset/entity/request/host/HostGroupGrantRequest.java new file mode 100644 index 00000000..08335243 --- /dev/null +++ b/orion-ops-module-asset/orion-ops-module-asset-service/src/main/java/com/orion/ops/module/asset/entity/request/host/HostGroupGrantRequest.java @@ -0,0 +1,35 @@ +package com.orion.ops.module.asset.entity.request.host; + +import io.swagger.v3.oas.annotations.media.Schema; +import lombok.AllArgsConstructor; +import lombok.Builder; +import lombok.Data; +import lombok.NoArgsConstructor; + +import java.io.Serializable; +import java.util.List; + +/** + * 主机分组 授权请求对象 + * + * @author Jiahang Li + * @version 1.0.0 + * @since 2023/11/23 11:56 + */ +@Data +@Builder +@NoArgsConstructor +@AllArgsConstructor +@Schema(name = "HostGroupGrantRequest", description = "主机分组 授权请求对象") +public class HostGroupGrantRequest implements Serializable { + + @Schema(description = "用户id") + private Long userId; + + @Schema(description = "角色id") + private Long roleId; + + @Schema(description = "分组id") + private List groupIdList; + +} diff --git a/orion-ops-module-asset/orion-ops-module-asset-service/src/main/java/com/orion/ops/module/asset/entity/vo/HostGroupTreeVO.java b/orion-ops-module-asset/orion-ops-module-asset-service/src/main/java/com/orion/ops/module/asset/entity/vo/HostGroupTreeVO.java index 15439884..55895f54 100644 --- a/orion-ops-module-asset/orion-ops-module-asset-service/src/main/java/com/orion/ops/module/asset/entity/vo/HostGroupTreeVO.java +++ b/orion-ops-module-asset/orion-ops-module-asset-service/src/main/java/com/orion/ops/module/asset/entity/vo/HostGroupTreeVO.java @@ -1,6 +1,7 @@ package com.orion.ops.module.asset.entity.vo; import com.fasterxml.jackson.annotation.JsonProperty; +import com.orion.ops.framework.common.entity.TreeNode; import io.swagger.v3.oas.annotations.media.Schema; import lombok.AllArgsConstructor; import lombok.Builder; @@ -8,6 +9,7 @@ import lombok.Data; import lombok.NoArgsConstructor; import java.io.Serializable; +import java.util.Collection; import java.util.List; /** @@ -22,7 +24,8 @@ import java.util.List; @NoArgsConstructor @AllArgsConstructor @Schema(name = "HostGroupTreeVO", description = "主机秘钥 视图响应对象") -public class HostGroupTreeVO implements Serializable { +public class HostGroupTreeVO implements TreeNode, Serializable { + private static final long serialVersionUID = 1L; @JsonProperty("key") @@ -36,7 +39,13 @@ public class HostGroupTreeVO implements Serializable { @Schema(description = "组名称") private String name; + @Schema(description = "排序") + private Integer sort; + @Schema(description = "子节点") private List children; + @Schema(description = "分组内主机id") + private Collection hosts; + } diff --git a/orion-ops-module-asset/orion-ops-module-asset-service/src/main/java/com/orion/ops/module/asset/service/HostGroupService.java b/orion-ops-module-asset/orion-ops-module-asset-service/src/main/java/com/orion/ops/module/asset/service/HostGroupService.java index 6eb85dd8..dbd997c0 100644 --- a/orion-ops-module-asset/orion-ops-module-asset-service/src/main/java/com/orion/ops/module/asset/service/HostGroupService.java +++ b/orion-ops-module-asset/orion-ops-module-asset-service/src/main/java/com/orion/ops/module/asset/service/HostGroupService.java @@ -1,5 +1,7 @@ package com.orion.ops.module.asset.service; +import com.orion.ops.module.asset.entity.request.host.HostGroupGrantQueryRequest; +import com.orion.ops.module.asset.entity.request.host.HostGroupGrantRequest; import com.orion.ops.module.asset.entity.request.host.HostGroupRelUpdateRequest; import com.orion.ops.module.asset.entity.vo.HostGroupTreeVO; import com.orion.ops.module.infra.entity.dto.data.DataGroupCreateDTO; @@ -72,4 +74,27 @@ public interface HostGroupService { */ void updateHostGroupRel(HostGroupRelUpdateRequest request); + /** + * 获取已授权的分组 + * + * @param request request + * @return grantGroupId + */ + List getAuthorizedHostGroup(HostGroupGrantQueryRequest request); + + /** + * 授权主机分组 + * + * @param request request + */ + void grantHostGroup(HostGroupGrantRequest request); + + /** + * 查询用户已授权的主机分组和主机 + * + * @param userId userId + * @return group + */ + List getUserAuthorizedHostGroup(Long userId); + } diff --git a/orion-ops-module-asset/orion-ops-module-asset-service/src/main/java/com/orion/ops/module/asset/service/impl/HostGroupServiceImpl.java b/orion-ops-module-asset/orion-ops-module-asset-service/src/main/java/com/orion/ops/module/asset/service/impl/HostGroupServiceImpl.java index bdc6228e..abebd2eb 100644 --- a/orion-ops-module-asset/orion-ops-module-asset-service/src/main/java/com/orion/ops/module/asset/service/impl/HostGroupServiceImpl.java +++ b/orion-ops-module-asset/orion-ops-module-asset-service/src/main/java/com/orion/ops/module/asset/service/impl/HostGroupServiceImpl.java @@ -1,23 +1,27 @@ package com.orion.ops.module.asset.service.impl; +import com.orion.lang.utils.collect.Lists; +import com.orion.ops.framework.common.constant.Const; +import com.orion.ops.framework.common.constant.ErrorMessage; +import com.orion.ops.framework.common.utils.TreeUtils; +import com.orion.ops.framework.common.utils.Valid; import com.orion.ops.module.asset.convert.HostGroupConvert; +import com.orion.ops.module.asset.entity.request.host.HostGroupGrantQueryRequest; +import com.orion.ops.module.asset.entity.request.host.HostGroupGrantRequest; import com.orion.ops.module.asset.entity.request.host.HostGroupRelUpdateRequest; import com.orion.ops.module.asset.entity.vo.HostGroupTreeVO; import com.orion.ops.module.asset.service.HostGroupService; -import com.orion.ops.module.infra.api.DataGroupApi; -import com.orion.ops.module.infra.api.DataGroupRelApi; -import com.orion.ops.module.infra.api.DataPermissionApi; -import com.orion.ops.module.infra.entity.dto.data.DataGroupCreateDTO; -import com.orion.ops.module.infra.entity.dto.data.DataGroupDTO; -import com.orion.ops.module.infra.entity.dto.data.DataGroupMoveDTO; -import com.orion.ops.module.infra.entity.dto.data.DataGroupRenameDTO; +import com.orion.ops.module.infra.api.*; +import com.orion.ops.module.infra.entity.dto.data.*; import com.orion.ops.module.infra.enums.DataGroupTypeEnum; import com.orion.ops.module.infra.enums.DataPermissionTypeEnum; import org.springframework.stereotype.Service; import org.springframework.transaction.annotation.Transactional; import javax.annotation.Resource; +import java.util.ArrayList; import java.util.List; +import java.util.Map; import java.util.Set; /** @@ -39,6 +43,12 @@ public class HostGroupServiceImpl implements HostGroupService { @Resource private DataPermissionApi dataPermissionApi; + @Resource + private SystemRoleApi systemRoleApi; + + @Resource + private SystemUserApi systemUserApi; + @Override public Long createHostGroup(DataGroupCreateDTO request) { return dataGroupApi.createDataGroup(DataGroupTypeEnum.HOST, request); @@ -80,4 +90,93 @@ public class HostGroupServiceImpl implements HostGroupService { dataGroupRelApi.updateGroupRel(request.getGroupId(), request.getHostIdList()); } + @Override + public List getAuthorizedHostGroup(HostGroupGrantQueryRequest request) { + Long userId = request.getUserId(); + Long roleId = request.getRoleId(); + Valid.isTrue(userId != null || roleId != null); + if (userId != null) { + // 查询用户数据 + return dataPermissionApi.getRelIdListByUserId(DataPermissionTypeEnum.HOST_GROUP, userId); + } else { + // 查询角色数据 + return dataPermissionApi.getRelIdListByRoleId(DataPermissionTypeEnum.HOST_GROUP, roleId); + } + } + + @Override + public void grantHostGroup(HostGroupGrantRequest request) { + Long userId = request.getUserId(); + Long roleId = request.getRoleId(); + Valid.isTrue(userId != null || roleId != null); + if (userId != null) { + // 检测用户是否存在 + Valid.notNull(systemUserApi.getUserById(userId), ErrorMessage.USER_ABSENT); + } + if (roleId != null) { + // 检测角色是否存在 + Valid.notNull(systemRoleApi.getRoleById(roleId), ErrorMessage.ROLE_ABSENT); + } + // 授权 + DataPermissionUpdateDTO grant = DataPermissionUpdateDTO.builder() + .roleId(roleId) + .userId(userId) + .relIdList(request.getGroupIdList()) + .build(); + dataPermissionApi.updateDataPermission(DataPermissionTypeEnum.HOST_GROUP, grant); + } + + @Override + public List getUserAuthorizedHostGroup(Long userId) { + if (systemUserApi.isAdminUser(userId)) { + // 管理员查询所有 + return this.buildUserAuthorizedHostGroup(null); + } else { + // 其他用户查询授权的分组 + List authorizedGroupIdList = dataPermissionApi.getUserAuthorizedRelIdList(DataPermissionTypeEnum.HOST_GROUP, userId); + if (authorizedGroupIdList.isEmpty()) { + return Lists.empty(); + } + return this.buildUserAuthorizedHostGroup(authorizedGroupIdList); + } + } + + /** + * 构建授权的主机分组树 + * + * @param authorizedGroupIdList authorizedGroupIdList + * @return tree + */ + private List buildUserAuthorizedHostGroup(List authorizedGroupIdList) { + // 查询分组 + List dataGroup = dataGroupApi.getDataGroupList(DataGroupTypeEnum.HOST); + // 过滤分组 + if (!Lists.isEmpty(authorizedGroupIdList)) { + // 构建已授权的分组 + List relNodes = new ArrayList<>(); + TreeUtils.getAllNodes(dataGroup, authorizedGroupIdList, relNodes); + dataGroup = relNodes; + } + // 查询分组引用 + Map> groupRel = dataGroupRelApi.getGroupRelList(DataGroupTypeEnum.HOST); + // 设置组内数据 + List groupList = HostGroupConvert.MAPPER.toList(dataGroup); + if (Lists.isEmpty(authorizedGroupIdList)) { + // 设置全部数据 + groupList.forEach(s -> s.setHosts(groupRel.get(s.getId()))); + } else { + // 仅设置已授权的数据 + groupList.stream() + .filter(s -> authorizedGroupIdList.contains(s.getId())) + .forEach(s -> s.setHosts(groupRel.get(s.getId()))); + } + // 构建树 + HostGroupTreeVO rootNode = HostGroupTreeVO.builder() + .id(Const.ROOT_PARENT_ID) + .sort(Const.DEFAULT_SORT) + .build(); + TreeUtils.buildGroupTree(rootNode, groupList); + return rootNode.getChildren(); + } + } diff --git a/orion-ops-module-infra/orion-ops-module-infra-provider/src/main/java/com/orion/ops/module/infra/api/DataPermissionApi.java b/orion-ops-module-infra/orion-ops-module-infra-provider/src/main/java/com/orion/ops/module/infra/api/DataPermissionApi.java index 23d787d7..b61a2109 100644 --- a/orion-ops-module-infra/orion-ops-module-infra-provider/src/main/java/com/orion/ops/module/infra/api/DataPermissionApi.java +++ b/orion-ops-module-infra/orion-ops-module-infra-provider/src/main/java/com/orion/ops/module/infra/api/DataPermissionApi.java @@ -31,7 +31,7 @@ public interface DataPermissionApi { void updateDataPermission(DataPermissionTypeEnum type, DataPermissionUpdateDTO dto); /** - * 通过 userId 查询 (不包含角色 不走缓存) + * 通过 userId 查询数据权限 (不包含角色 不走缓存) * * @param type type * @param userId userId @@ -40,7 +40,7 @@ public interface DataPermissionApi { List getRelIdListByUserId(DataPermissionTypeEnum type, Long userId); /** - * 通过 roleId 查询 不走缓存 + * 通过 roleId 查询数据权限 不走缓存 * * @param type type * @param roleId roleId @@ -49,13 +49,13 @@ public interface DataPermissionApi { List getRelIdListByRoleId(DataPermissionTypeEnum type, Long roleId); /** - * 通过 userId 查询 (包含角色 走缓存) + * 查询 userId 已授权的数据权限 (包含角色 走缓存) * * @param type type * @param userId userId * @return relId */ - List getAllowRelIdList(DataPermissionTypeEnum type, Long userId); + List getUserAuthorizedRelIdList(DataPermissionTypeEnum type, Long userId); /** * 通过 relId 删除 diff --git a/orion-ops-module-infra/orion-ops-module-infra-provider/src/main/java/com/orion/ops/module/infra/api/SystemRoleApi.java b/orion-ops-module-infra/orion-ops-module-infra-provider/src/main/java/com/orion/ops/module/infra/api/SystemRoleApi.java new file mode 100644 index 00000000..c6faacb9 --- /dev/null +++ b/orion-ops-module-infra/orion-ops-module-infra-provider/src/main/java/com/orion/ops/module/infra/api/SystemRoleApi.java @@ -0,0 +1,22 @@ +package com.orion.ops.module.infra.api; + +import com.orion.ops.module.infra.entity.dto.role.SystemRoleDTO; + +/** + * 角色服务 + * + * @author Jiahang Li + * @version 1.0.0 + * @since 2023/11/23 15:16 + */ +public interface SystemRoleApi { + + /** + * 查询角色 + * + * @param id id + * @return role + */ + SystemRoleDTO getRoleById(Long id); + +} diff --git a/orion-ops-module-infra/orion-ops-module-infra-provider/src/main/java/com/orion/ops/module/infra/api/SystemUserApi.java b/orion-ops-module-infra/orion-ops-module-infra-provider/src/main/java/com/orion/ops/module/infra/api/SystemUserApi.java new file mode 100644 index 00000000..10550bfc --- /dev/null +++ b/orion-ops-module-infra/orion-ops-module-infra-provider/src/main/java/com/orion/ops/module/infra/api/SystemUserApi.java @@ -0,0 +1,30 @@ +package com.orion.ops.module.infra.api; + +import com.orion.ops.module.infra.entity.dto.user.SystemUserDTO; + +/** + * 用户服务 + * + * @author Jiahang Li + * @version 1.0.0 + * @since 2023/11/23 15:15 + */ +public interface SystemUserApi { + + /** + * 通过 id 查询用户 + * + * @param id id + * @return user + */ + SystemUserDTO getUserById(Long id); + + /** + * 用户是否为管理员用户 + * + * @param id id + * @return isAdmin + */ + boolean isAdminUser(Long id); + +} diff --git a/orion-ops-module-infra/orion-ops-module-infra-provider/src/main/java/com/orion/ops/module/infra/entity/dto/data/DataGroupDTO.java b/orion-ops-module-infra/orion-ops-module-infra-provider/src/main/java/com/orion/ops/module/infra/entity/dto/data/DataGroupDTO.java index b98b0efd..b4d2d278 100644 --- a/orion-ops-module-infra/orion-ops-module-infra-provider/src/main/java/com/orion/ops/module/infra/entity/dto/data/DataGroupDTO.java +++ b/orion-ops-module-infra/orion-ops-module-infra-provider/src/main/java/com/orion/ops/module/infra/entity/dto/data/DataGroupDTO.java @@ -1,5 +1,6 @@ package com.orion.ops.module.infra.entity.dto.data; +import com.orion.ops.framework.common.entity.TreeNode; import io.swagger.v3.oas.annotations.media.Schema; import lombok.AllArgsConstructor; import lombok.Builder; @@ -21,7 +22,7 @@ import java.util.List; @NoArgsConstructor @AllArgsConstructor @Schema(name = "DataGroupDTO", description = "数据分组 业务对象") -public class DataGroupDTO implements Serializable { +public class DataGroupDTO implements TreeNode, Serializable { private static final long serialVersionUID = 1L; diff --git a/orion-ops-module-infra/orion-ops-module-infra-provider/src/main/java/com/orion/ops/module/infra/entity/dto/role/SystemRoleDTO.java b/orion-ops-module-infra/orion-ops-module-infra-provider/src/main/java/com/orion/ops/module/infra/entity/dto/role/SystemRoleDTO.java new file mode 100644 index 00000000..3fa6cac6 --- /dev/null +++ b/orion-ops-module-infra/orion-ops-module-infra-provider/src/main/java/com/orion/ops/module/infra/entity/dto/role/SystemRoleDTO.java @@ -0,0 +1,39 @@ +package com.orion.ops.module.infra.entity.dto.role; + +import io.swagger.v3.oas.annotations.media.Schema; +import lombok.AllArgsConstructor; +import lombok.Builder; +import lombok.Data; +import lombok.NoArgsConstructor; + +import java.io.Serializable; + +/** + * 角色 业务对象 + * + * @author Jiahang Li + * @version 1.0.0 + * @since 2023-7-16 01:19 + */ +@Data +@Builder +@NoArgsConstructor +@AllArgsConstructor +@Schema(name = "SystemRoleDTO", description = "角色 业务对象") +public class SystemRoleDTO implements Serializable { + + private static final long serialVersionUID = 1L; + + @Schema(description = "id") + private Long id; + + @Schema(description = "角色名称") + private String name; + + @Schema(description = "角色编码") + private String code; + + @Schema(description = "状态 0停用 1启用") + private Integer status; + +} diff --git a/orion-ops-module-infra/orion-ops-module-infra-provider/src/main/java/com/orion/ops/module/infra/entity/dto/user/SystemUserDTO.java b/orion-ops-module-infra/orion-ops-module-infra-provider/src/main/java/com/orion/ops/module/infra/entity/dto/user/SystemUserDTO.java new file mode 100644 index 00000000..fe9741d5 --- /dev/null +++ b/orion-ops-module-infra/orion-ops-module-infra-provider/src/main/java/com/orion/ops/module/infra/entity/dto/user/SystemUserDTO.java @@ -0,0 +1,52 @@ +package com.orion.ops.module.infra.entity.dto.user; + +import io.swagger.v3.oas.annotations.media.Schema; +import lombok.AllArgsConstructor; +import lombok.Builder; +import lombok.Data; +import lombok.NoArgsConstructor; + +import java.io.Serializable; +import java.util.Date; + +/** + * 用户 业务对象 + * + * @author Jiahang Li + * @version 1.0.0 + * @since 2023-7-13 18:42 + */ +@Data +@Builder +@NoArgsConstructor +@AllArgsConstructor +@Schema(name = "SystemUserDTO", description = "用户 业务对象") +public class SystemUserDTO implements Serializable { + + private static final long serialVersionUID = 1L; + + @Schema(description = "id") + private Long id; + + @Schema(description = "用户名") + private String username; + + @Schema(description = "花名") + private String nickname; + + @Schema(description = "头像地址") + private String avatar; + + @Schema(description = "手机号") + private String mobile; + + @Schema(description = "邮箱") + private String email; + + @Schema(description = "用户状态 0停用 1启用 2锁定") + private Integer status; + + @Schema(description = "最后登录时间") + private Date lastLoginTime; + +} diff --git a/orion-ops-module-infra/orion-ops-module-infra-service/src/main/java/com/orion/ops/module/infra/api/impl/DataPermissionApiImpl.java b/orion-ops-module-infra/orion-ops-module-infra-service/src/main/java/com/orion/ops/module/infra/api/impl/DataPermissionApiImpl.java index 307a2c28..4939edd7 100644 --- a/orion-ops-module-infra/orion-ops-module-infra-service/src/main/java/com/orion/ops/module/infra/api/impl/DataPermissionApiImpl.java +++ b/orion-ops-module-infra/orion-ops-module-infra-service/src/main/java/com/orion/ops/module/infra/api/impl/DataPermissionApiImpl.java @@ -60,8 +60,8 @@ public class DataPermissionApiImpl implements DataPermissionApi { } @Override - public List getAllowRelIdList(DataPermissionTypeEnum type, Long userId) { - return dataPermissionService.getAllowRelIdList(type.name(), userId); + public List getUserAuthorizedRelIdList(DataPermissionTypeEnum type, Long userId) { + return dataPermissionService.getUserAuthorizedRelIdList(type.name(), userId); } @Override diff --git a/orion-ops-module-infra/orion-ops-module-infra-service/src/main/java/com/orion/ops/module/infra/api/impl/SystemRoleApiImpl.java b/orion-ops-module-infra/orion-ops-module-infra-service/src/main/java/com/orion/ops/module/infra/api/impl/SystemRoleApiImpl.java new file mode 100644 index 00000000..6aad5328 --- /dev/null +++ b/orion-ops-module-infra/orion-ops-module-infra-service/src/main/java/com/orion/ops/module/infra/api/impl/SystemRoleApiImpl.java @@ -0,0 +1,34 @@ +package com.orion.ops.module.infra.api.impl; + +import com.orion.ops.module.infra.api.SystemRoleApi; +import com.orion.ops.module.infra.convert.SystemRoleProviderConvert; +import com.orion.ops.module.infra.dao.SystemRoleDAO; +import com.orion.ops.module.infra.entity.domain.SystemRoleDO; +import com.orion.ops.module.infra.entity.dto.role.SystemRoleDTO; +import org.springframework.stereotype.Service; + +import javax.annotation.Resource; + +/** + * 角色服务实现 + * + * @author Jiahang Li + * @version 1.0.0 + * @since 2023/11/23 15:16 + */ +@Service +public class SystemRoleApiImpl implements SystemRoleApi { + + @Resource + private SystemRoleDAO systemRoleDAO; + + @Override + public SystemRoleDTO getRoleById(Long id) { + SystemRoleDO role = systemRoleDAO.selectById(id); + if (role == null) { + return null; + } + return SystemRoleProviderConvert.MAPPER.to(role); + } + +} diff --git a/orion-ops-module-infra/orion-ops-module-infra-service/src/main/java/com/orion/ops/module/infra/api/impl/SystemUserApiImpl.java b/orion-ops-module-infra/orion-ops-module-infra-service/src/main/java/com/orion/ops/module/infra/api/impl/SystemUserApiImpl.java new file mode 100644 index 00000000..6f3c185a --- /dev/null +++ b/orion-ops-module-infra/orion-ops-module-infra-service/src/main/java/com/orion/ops/module/infra/api/impl/SystemUserApiImpl.java @@ -0,0 +1,43 @@ +package com.orion.ops.module.infra.api.impl; + +import com.orion.ops.module.infra.api.SystemUserApi; +import com.orion.ops.module.infra.convert.SystemUserProviderConvert; +import com.orion.ops.module.infra.dao.SystemUserDAO; +import com.orion.ops.module.infra.entity.domain.SystemUserDO; +import com.orion.ops.module.infra.entity.dto.user.SystemUserDTO; +import com.orion.ops.module.infra.service.SystemUserService; +import org.springframework.stereotype.Service; + +import javax.annotation.Resource; + +/** + * 用户服务实现 + * + * @author Jiahang Li + * @version 1.0.0 + * @since 2023/11/23 15:15 + */ +@Service +public class SystemUserApiImpl implements SystemUserApi { + + @Resource + private SystemUserDAO systemUserDAO; + + @Resource + private SystemUserService systemUserService; + + @Override + public SystemUserDTO getUserById(Long id) { + SystemUserDO user = systemUserDAO.selectById(id); + if (user == null) { + return null; + } + return SystemUserProviderConvert.MAPPER.to(user); + } + + @Override + public boolean isAdminUser(Long id) { + return systemUserService.isAdminUser(id); + } + +} diff --git a/orion-ops-module-infra/orion-ops-module-infra-service/src/main/java/com/orion/ops/module/infra/convert/SystemRoleProviderConvert.java b/orion-ops-module-infra/orion-ops-module-infra-service/src/main/java/com/orion/ops/module/infra/convert/SystemRoleProviderConvert.java new file mode 100644 index 00000000..003fab95 --- /dev/null +++ b/orion-ops-module-infra/orion-ops-module-infra-service/src/main/java/com/orion/ops/module/infra/convert/SystemRoleProviderConvert.java @@ -0,0 +1,22 @@ +package com.orion.ops.module.infra.convert; + +import com.orion.ops.module.infra.entity.domain.SystemRoleDO; +import com.orion.ops.module.infra.entity.dto.role.SystemRoleDTO; +import org.mapstruct.Mapper; +import org.mapstruct.factory.Mappers; + +/** + * 角色 对外对象转换器 + * + * @author Jiahang Li + * @version 1.0.0 + * @since 2023-7-16 01:19 + */ +@Mapper +public interface SystemRoleProviderConvert { + + SystemRoleProviderConvert MAPPER = Mappers.getMapper(SystemRoleProviderConvert.class); + + SystemRoleDTO to(SystemRoleDO domain); + +} diff --git a/orion-ops-module-infra/orion-ops-module-infra-service/src/main/java/com/orion/ops/module/infra/convert/SystemUserProviderConvert.java b/orion-ops-module-infra/orion-ops-module-infra-service/src/main/java/com/orion/ops/module/infra/convert/SystemUserProviderConvert.java new file mode 100644 index 00000000..e8f5e0d1 --- /dev/null +++ b/orion-ops-module-infra/orion-ops-module-infra-service/src/main/java/com/orion/ops/module/infra/convert/SystemUserProviderConvert.java @@ -0,0 +1,22 @@ +package com.orion.ops.module.infra.convert; + +import com.orion.ops.module.infra.entity.domain.SystemUserDO; +import com.orion.ops.module.infra.entity.dto.user.SystemUserDTO; +import org.mapstruct.Mapper; +import org.mapstruct.factory.Mappers; + +/** + * 用户 对外对象转换器 + * + * @author Jiahang Li + * @version 1.0.0 + * @since 2023-7-13 18:42 + */ +@Mapper +public interface SystemUserProviderConvert { + + SystemUserProviderConvert MAPPER = Mappers.getMapper(SystemUserProviderConvert.class); + + SystemUserDTO to(SystemUserDO domain); + +} diff --git a/orion-ops-module-infra/orion-ops-module-infra-service/src/main/java/com/orion/ops/module/infra/dao/SystemRoleDAO.java b/orion-ops-module-infra/orion-ops-module-infra-service/src/main/java/com/orion/ops/module/infra/dao/SystemRoleDAO.java index 585c917f..e6ae8bac 100644 --- a/orion-ops-module-infra/orion-ops-module-infra-service/src/main/java/com/orion/ops/module/infra/dao/SystemRoleDAO.java +++ b/orion-ops-module-infra/orion-ops-module-infra-service/src/main/java/com/orion/ops/module/infra/dao/SystemRoleDAO.java @@ -4,6 +4,7 @@ import com.baomidou.mybatisplus.core.conditions.query.LambdaQueryWrapper; import com.orion.ops.framework.mybatis.core.mapper.IMapper; import com.orion.ops.module.infra.entity.domain.SystemRoleDO; import org.apache.ibatis.annotations.Mapper; +import org.apache.ibatis.annotations.Param; import java.util.Collection; import java.util.List; @@ -30,4 +31,13 @@ public interface SystemRoleDAO extends IMapper { return this.selectList(wrapper); } + /** + * 通过 userId 和 roleCode 查询 roleId (检查用户是否包含某个角色) + * + * @param userId userId + * @param code code + * @return roleId + */ + Long getRoleIdByUserIdAndRoleCode(@Param("userId") Long userId, @Param("code") String code); + } diff --git a/orion-ops-module-infra/orion-ops-module-infra-service/src/main/java/com/orion/ops/module/infra/entity/dto/DataGroupCacheDTO.java b/orion-ops-module-infra/orion-ops-module-infra-service/src/main/java/com/orion/ops/module/infra/entity/dto/DataGroupCacheDTO.java index b123aa48..e4981d7d 100644 --- a/orion-ops-module-infra/orion-ops-module-infra-service/src/main/java/com/orion/ops/module/infra/entity/dto/DataGroupCacheDTO.java +++ b/orion-ops-module-infra/orion-ops-module-infra-service/src/main/java/com/orion/ops/module/infra/entity/dto/DataGroupCacheDTO.java @@ -1,6 +1,7 @@ package com.orion.ops.module.infra.entity.dto; import com.orion.lang.define.cache.key.model.LongCacheIdModel; +import com.orion.ops.framework.common.entity.TreeNode; import io.swagger.v3.oas.annotations.media.Schema; import lombok.AllArgsConstructor; import lombok.Builder; @@ -22,7 +23,7 @@ import java.util.List; @NoArgsConstructor @AllArgsConstructor @Schema(name = "DataGroupCacheDTO", description = "数据分组 缓存对象") -public class DataGroupCacheDTO implements LongCacheIdModel, Serializable { +public class DataGroupCacheDTO implements TreeNode, LongCacheIdModel, Serializable { private static final long serialVersionUID = 1L; diff --git a/orion-ops-module-infra/orion-ops-module-infra-service/src/main/java/com/orion/ops/module/infra/service/DataPermissionService.java b/orion-ops-module-infra/orion-ops-module-infra-service/src/main/java/com/orion/ops/module/infra/service/DataPermissionService.java index 605a8c44..661cce64 100644 --- a/orion-ops-module-infra/orion-ops-module-infra-service/src/main/java/com/orion/ops/module/infra/service/DataPermissionService.java +++ b/orion-ops-module-infra/orion-ops-module-infra-service/src/main/java/com/orion/ops/module/infra/service/DataPermissionService.java @@ -28,7 +28,7 @@ public interface DataPermissionService { void updateDataPermission(DataPermissionUpdateRequest request); /** - * 通过 userId 查询 (不包含角色 不走缓存) + * 通过 userId 查询数据权限 (不包含角色 不走缓存) * * @param type type * @param userId userId @@ -37,7 +37,7 @@ public interface DataPermissionService { List getRelIdListByUserId(String type, Long userId); /** - * 通过 roleId 查询 不走缓存 + * 通过 roleId 查询数据权限 不走缓存 * * @param type type * @param roleId roleId @@ -46,13 +46,13 @@ public interface DataPermissionService { List getRelIdListByRoleId(String type, Long roleId); /** - * 通过 userId 查询 (包含角色 走缓存) + * 查询 userId 已授权的数据权限 (包含角色 走缓存) * * @param type type * @param userId userId * @return relId */ - List getAllowRelIdList(String type, Long userId); + List getUserAuthorizedRelIdList(String type, Long userId); /** * 通过 relId 删除 diff --git a/orion-ops-module-infra/orion-ops-module-infra-service/src/main/java/com/orion/ops/module/infra/service/impl/DataGroupServiceImpl.java b/orion-ops-module-infra/orion-ops-module-infra-service/src/main/java/com/orion/ops/module/infra/service/impl/DataGroupServiceImpl.java index 3b8e2e28..1fbd85fc 100644 --- a/orion-ops-module-infra/orion-ops-module-infra-service/src/main/java/com/orion/ops/module/infra/service/impl/DataGroupServiceImpl.java +++ b/orion-ops-module-infra/orion-ops-module-infra-service/src/main/java/com/orion/ops/module/infra/service/impl/DataGroupServiceImpl.java @@ -7,6 +7,7 @@ import com.orion.ops.framework.biz.operator.log.core.uitls.OperatorLogs; import com.orion.ops.framework.common.constant.Const; import com.orion.ops.framework.common.constant.ErrorMessage; import com.orion.ops.framework.common.enums.MovePosition; +import com.orion.ops.framework.common.utils.TreeUtils; import com.orion.ops.framework.common.utils.Valid; import com.orion.ops.framework.redis.core.utils.RedisStrings; import com.orion.ops.framework.redis.core.utils.barrier.CacheBarriers; @@ -25,7 +26,6 @@ import org.springframework.stereotype.Service; import org.springframework.transaction.annotation.Transactional; import javax.annotation.Resource; -import java.util.Comparator; import java.util.List; import java.util.stream.Collectors; @@ -185,7 +185,7 @@ public class DataGroupServiceImpl implements DataGroupService { .id(Const.ROOT_PARENT_ID) .sort(Const.DEFAULT_SORT) .build(); - this.buildGroupTree(rootNode, rows); + TreeUtils.buildGroupTree(rootNode, rows); treeData = rootNode.getChildren(); } // 设置缓存 @@ -196,29 +196,6 @@ public class DataGroupServiceImpl implements DataGroupService { return treeData; } - /** - * 构建树 - * - * @param parentNode parentNode - * @param nodes nodes - */ - private void buildGroupTree(DataGroupCacheDTO parentNode, - List nodes) { - // 获取子节点 - List childrenNodes = nodes.stream() - .filter(s -> parentNode.getId().equals(s.getParentId())) - .sorted(Comparator.comparing(DataGroupCacheDTO::getSort)) - .collect(Collectors.toList()); - if (childrenNodes.isEmpty()) { - return; - } - parentNode.setChildren(childrenNodes); - // 遍历子节点 - for (DataGroupCacheDTO childrenNode : childrenNodes) { - this.buildGroupTree(childrenNode, nodes); - } - } - @Override @Transactional(rollbackFor = Exception.class) public Integer deleteDataGroupById(Long id) { diff --git a/orion-ops-module-infra/orion-ops-module-infra-service/src/main/java/com/orion/ops/module/infra/service/impl/DataPermissionServiceImpl.java b/orion-ops-module-infra/orion-ops-module-infra-service/src/main/java/com/orion/ops/module/infra/service/impl/DataPermissionServiceImpl.java index a8815fe2..de6f4095 100644 --- a/orion-ops-module-infra/orion-ops-module-infra-service/src/main/java/com/orion/ops/module/infra/service/impl/DataPermissionServiceImpl.java +++ b/orion-ops-module-infra/orion-ops-module-infra-service/src/main/java/com/orion/ops/module/infra/service/impl/DataPermissionServiceImpl.java @@ -130,7 +130,7 @@ public class DataPermissionServiceImpl implements DataPermissionService { } @Override - public List getAllowRelIdList(String type, Long userId) { + public List getUserAuthorizedRelIdList(String type, Long userId) { String cacheKey = DataPermissionCacheKeyDefine.DATA_PERMISSION_USER.format(type, userId); // 获取缓存 List list = RedisLists.range(cacheKey, Long::valueOf); diff --git a/orion-ops-module-infra/orion-ops-module-infra-service/src/main/java/com/orion/ops/module/infra/service/impl/SystemUserServiceImpl.java b/orion-ops-module-infra/orion-ops-module-infra-service/src/main/java/com/orion/ops/module/infra/service/impl/SystemUserServiceImpl.java index ca5d2950..6a1a0cb2 100644 --- a/orion-ops-module-infra/orion-ops-module-infra-service/src/main/java/com/orion/ops/module/infra/service/impl/SystemUserServiceImpl.java +++ b/orion-ops-module-infra/orion-ops-module-infra-service/src/main/java/com/orion/ops/module/infra/service/impl/SystemUserServiceImpl.java @@ -22,7 +22,6 @@ import com.orion.ops.module.infra.dao.SystemUserRoleDAO; import com.orion.ops.module.infra.define.RoleDefine; import com.orion.ops.module.infra.define.cache.TipsCacheKeyDefine; import com.orion.ops.module.infra.define.cache.UserCacheKeyDefine; -import com.orion.ops.module.infra.entity.domain.SystemRoleDO; import com.orion.ops.module.infra.entity.domain.SystemUserDO; import com.orion.ops.module.infra.entity.dto.UserInfoDTO; import com.orion.ops.module.infra.entity.request.user.*; @@ -275,16 +274,7 @@ public class SystemUserServiceImpl implements SystemUserService { @Override public boolean isAdminUser(Long userId) { - // 查询用户角色 - List roleIdList = systemUserRoleDAO.selectRoleIdByUserId(userId); - if (!roleIdList.isEmpty()) { - // 查询角色信息 - return systemRoleDAO.selectBatchIds(roleIdList) - .stream() - .map(SystemRoleDO::getCode) - .anyMatch(RoleDefine::isAdmin); - } - return false; + return systemRoleDAO.getRoleIdByUserIdAndRoleCode(userId, RoleDefine.ADMIN_CODE) != null; } /** diff --git a/orion-ops-module-infra/orion-ops-module-infra-service/src/main/resources/mapper/SystemRoleMapper.xml b/orion-ops-module-infra/orion-ops-module-infra-service/src/main/resources/mapper/SystemRoleMapper.xml index bae07f98..46234b49 100644 --- a/orion-ops-module-infra/orion-ops-module-infra-service/src/main/resources/mapper/SystemRoleMapper.xml +++ b/orion-ops-module-infra/orion-ops-module-infra-service/src/main/resources/mapper/SystemRoleMapper.xml @@ -20,4 +20,12 @@ id, name, code, status, create_time, update_time, creator, updater, deleted + + diff --git a/orion-ops-ui/src/api/asset/host-group.ts b/orion-ops-ui/src/api/asset/host-group.ts index f224015a..20c470a1 100644 --- a/orion-ops-ui/src/api/asset/host-group.ts +++ b/orion-ops-ui/src/api/asset/host-group.ts @@ -43,50 +43,50 @@ export interface HostGroupRelUpdateRequest { } /** - * 创建主机分组 - 管理 + * 创建主机分组 */ export function createHostGroup(request: HostGroupCreateRequest) { return axios.post('/asset/host-group/create', request); } /** - * 更新主机分组名称 - 管理 + * 更新主机分组名称 */ export function updateHostGroupName(request: HostGroupRenameRequest) { return axios.put('/asset/host-group/rename', request); } /** - * 移动主机分组 - 管理 + * 移动主机分组 */ export function moveHostGroup(request: HostGroupMoveRequest) { return axios.put('/asset/host-group/move', request); } /** - * 查询主机分组树 - 管理 + * 查询主机分组树 */ export function getHostGroupTree() { return axios.get>('/asset/host-group/tree'); } /** - * 删除主机分组 - 管理 + * 删除主机分组 */ export function deleteHostGroup(id: number) { return axios.delete('/asset/host-group/delete', { params: { id } }); } /** - * 查询分组内主机 - 管理 + * 查询分组内主机 */ export function getHostGroupRelList(groupId: number) { return axios.get>('/asset/host-group/rel-list', { params: { groupId } }); } /** - * 修改分组内主机 - 管理 + * 修改分组内主机 */ export function updateHostGroupRel(request: HostGroupRelUpdateRequest) { - return axios.post('/asset/host-group/update-rel', request); + return axios.put('/asset/host-group/update-rel', request); }