feat: 数据分组授权.

orion-ops-module-infra/orion-ops-module-infra-provider/src/main/java/com/orion/ops/module/infra/api/DataPermissionApi.java

@@ -31,7 +31,7 @@ public interface DataPermissionApi {
     void updateDataPermission(DataPermissionTypeEnum type, DataPermissionUpdateDTO dto);
 
     /**
-     * 通过 userId 查询 (不包含角色 不走缓存)
+     * 通过 userId 查询数据权限 (不包含角色 不走缓存)
      *
      * @param type   type
      * @param userId userId
@@ -40,7 +40,7 @@ public interface DataPermissionApi {
     List<Long> getRelIdListByUserId(DataPermissionTypeEnum type, Long userId);
 
     /**
-     * 通过 roleId 查询 不走缓存
+     * 通过 roleId 查询数据权限 不走缓存
      *
      * @param type   type
      * @param roleId roleId
@@ -49,13 +49,13 @@ public interface DataPermissionApi {
     List<Long> getRelIdListByRoleId(DataPermissionTypeEnum type, Long roleId);
 
     /**
-     * 通过 userId 查询 (包含角色 走缓存)
+     * 查询 userId 已授权的数据权限 (包含角色 走缓存)
      *
      * @param type   type
      * @param userId userId
      * @return relId
      */
-    List<Long> getAllowRelIdList(DataPermissionTypeEnum type, Long userId);
+    List<Long> getUserAuthorizedRelIdList(DataPermissionTypeEnum type, Long userId);
 
     /**
      * 通过 relId 删除

orion-ops-module-infra/orion-ops-module-infra-provider/src/main/java/com/orion/ops/module/infra/api/SystemRoleApi.java

@@ -0,0 +1,22 @@
+package com.orion.ops.module.infra.api;
+
+import com.orion.ops.module.infra.entity.dto.role.SystemRoleDTO;
+
+/**
+ * 角色服务
+ *
+ * @author Jiahang Li
+ * @version 1.0.0
+ * @since 2023/11/23 15:16
+ */
+public interface SystemRoleApi {
+
+    /**
+     * 查询角色
+     *
+     * @param id id
+     * @return role
+     */
+    SystemRoleDTO getRoleById(Long id);
+
+}

orion-ops-module-infra/orion-ops-module-infra-provider/src/main/java/com/orion/ops/module/infra/api/SystemUserApi.java

@@ -0,0 +1,30 @@
+package com.orion.ops.module.infra.api;
+
+import com.orion.ops.module.infra.entity.dto.user.SystemUserDTO;
+
+/**
+ * 用户服务
+ *
+ * @author Jiahang Li
+ * @version 1.0.0
+ * @since 2023/11/23 15:15
+ */
+public interface SystemUserApi {
+
+    /**
+     * 通过 id 查询用户
+     *
+     * @param id id
+     * @return user
+     */
+    SystemUserDTO getUserById(Long id);
+
+    /**
+     * 用户是否为管理员用户
+     *
+     * @param id id
+     * @return isAdmin
+     */
+    boolean isAdminUser(Long id);
+
+}

orion-ops-module-infra/orion-ops-module-infra-provider/src/main/java/com/orion/ops/module/infra/entity/dto/data/DataGroupDTO.java

@@ -1,5 +1,6 @@
 package com.orion.ops.module.infra.entity.dto.data;
 
+import com.orion.ops.framework.common.entity.TreeNode;
 import io.swagger.v3.oas.annotations.media.Schema;
 import lombok.AllArgsConstructor;
 import lombok.Builder;
@@ -21,7 +22,7 @@ import java.util.List;
 @NoArgsConstructor
 @AllArgsConstructor
 @Schema(name = "DataGroupDTO", description = "数据分组 业务对象")
-public class DataGroupDTO implements Serializable {
+public class DataGroupDTO implements TreeNode<DataGroupDTO>, Serializable {
 
     private static final long serialVersionUID = 1L;
 

orion-ops-module-infra/orion-ops-module-infra-provider/src/main/java/com/orion/ops/module/infra/entity/dto/role/SystemRoleDTO.java

@@ -0,0 +1,39 @@
+package com.orion.ops.module.infra.entity.dto.role;
+
+import io.swagger.v3.oas.annotations.media.Schema;
+import lombok.AllArgsConstructor;
+import lombok.Builder;
+import lombok.Data;
+import lombok.NoArgsConstructor;
+
+import java.io.Serializable;
+
+/**
+ * 角色 业务对象
+ *
+ * @author Jiahang Li
+ * @version 1.0.0
+ * @since 2023-7-16 01:19
+ */
+@Data
+@Builder
+@NoArgsConstructor
+@AllArgsConstructor
+@Schema(name = "SystemRoleDTO", description = "角色 业务对象")
+public class SystemRoleDTO implements Serializable {
+
+    private static final long serialVersionUID = 1L;
+
+    @Schema(description = "id")
+    private Long id;
+
+    @Schema(description = "角色名称")
+    private String name;
+
+    @Schema(description = "角色编码")
+    private String code;
+
+    @Schema(description = "状态 0停用 1启用")
+    private Integer status;
+
+}

orion-ops-module-infra/orion-ops-module-infra-provider/src/main/java/com/orion/ops/module/infra/entity/dto/user/SystemUserDTO.java

@@ -0,0 +1,52 @@
+package com.orion.ops.module.infra.entity.dto.user;
+
+import io.swagger.v3.oas.annotations.media.Schema;
+import lombok.AllArgsConstructor;
+import lombok.Builder;
+import lombok.Data;
+import lombok.NoArgsConstructor;
+
+import java.io.Serializable;
+import java.util.Date;
+
+/**
+ * 用户 业务对象
+ *
+ * @author Jiahang Li
+ * @version 1.0.0
+ * @since 2023-7-13 18:42
+ */
+@Data
+@Builder
+@NoArgsConstructor
+@AllArgsConstructor
+@Schema(name = "SystemUserDTO", description = "用户 业务对象")
+public class SystemUserDTO implements Serializable {
+
+    private static final long serialVersionUID = 1L;
+
+    @Schema(description = "id")
+    private Long id;
+
+    @Schema(description = "用户名")
+    private String username;
+
+    @Schema(description = "花名")
+    private String nickname;
+
+    @Schema(description = "头像地址")
+    private String avatar;
+
+    @Schema(description = "手机号")
+    private String mobile;
+
+    @Schema(description = "邮箱")
+    private String email;
+
+    @Schema(description = "用户状态 0停用 1启用 2锁定")
+    private Integer status;
+
+    @Schema(description = "最后登录时间")
+    private Date lastLoginTime;
+
+}

orion-ops-module-infra/orion-ops-module-infra-service/src/main/java/com/orion/ops/module/infra/api/impl/DataPermissionApiImpl.java

@@ -60,8 +60,8 @@ public class DataPermissionApiImpl implements DataPermissionApi {
     }
 
     @Override
-    public List<Long> getAllowRelIdList(DataPermissionTypeEnum type, Long userId) {
-        return dataPermissionService.getAllowRelIdList(type.name(), userId);
+    public List<Long> getUserAuthorizedRelIdList(DataPermissionTypeEnum type, Long userId) {
+        return dataPermissionService.getUserAuthorizedRelIdList(type.name(), userId);
     }
 
     @Override

orion-ops-module-infra/orion-ops-module-infra-service/src/main/java/com/orion/ops/module/infra/api/impl/SystemRoleApiImpl.java

@@ -0,0 +1,34 @@
+package com.orion.ops.module.infra.api.impl;
+
+import com.orion.ops.module.infra.api.SystemRoleApi;
+import com.orion.ops.module.infra.convert.SystemRoleProviderConvert;
+import com.orion.ops.module.infra.dao.SystemRoleDAO;
+import com.orion.ops.module.infra.entity.domain.SystemRoleDO;
+import com.orion.ops.module.infra.entity.dto.role.SystemRoleDTO;
+import org.springframework.stereotype.Service;
+
+import javax.annotation.Resource;
+
+/**
+ * 角色服务实现
+ *
+ * @author Jiahang Li
+ * @version 1.0.0
+ * @since 2023/11/23 15:16
+ */
+@Service
+public class SystemRoleApiImpl implements SystemRoleApi {
+
+    @Resource
+    private SystemRoleDAO systemRoleDAO;
+
+    @Override
+    public SystemRoleDTO getRoleById(Long id) {
+        SystemRoleDO role = systemRoleDAO.selectById(id);
+        if (role == null) {
+            return null;
+        }
+        return SystemRoleProviderConvert.MAPPER.to(role);
+    }
+
+}

orion-ops-module-infra/orion-ops-module-infra-service/src/main/java/com/orion/ops/module/infra/api/impl/SystemUserApiImpl.java

@@ -0,0 +1,43 @@
+package com.orion.ops.module.infra.api.impl;
+
+import com.orion.ops.module.infra.api.SystemUserApi;
+import com.orion.ops.module.infra.convert.SystemUserProviderConvert;
+import com.orion.ops.module.infra.dao.SystemUserDAO;
+import com.orion.ops.module.infra.entity.domain.SystemUserDO;
+import com.orion.ops.module.infra.entity.dto.user.SystemUserDTO;
+import com.orion.ops.module.infra.service.SystemUserService;
+import org.springframework.stereotype.Service;
+
+import javax.annotation.Resource;
+
+/**
+ * 用户服务实现
+ *
+ * @author Jiahang Li
+ * @version 1.0.0
+ * @since 2023/11/23 15:15
+ */
+@Service
+public class SystemUserApiImpl implements SystemUserApi {
+
+    @Resource
+    private SystemUserDAO systemUserDAO;
+
+    @Resource
+    private SystemUserService systemUserService;
+
+    @Override
+    public SystemUserDTO getUserById(Long id) {
+        SystemUserDO user = systemUserDAO.selectById(id);
+        if (user == null) {
+            return null;
+        }
+        return SystemUserProviderConvert.MAPPER.to(user);
+    }
+
+    @Override
+    public boolean isAdminUser(Long id) {
+        return systemUserService.isAdminUser(id);
+    }
+
+}

orion-ops-module-infra/orion-ops-module-infra-service/src/main/java/com/orion/ops/module/infra/convert/SystemRoleProviderConvert.java

@@ -0,0 +1,22 @@
+package com.orion.ops.module.infra.convert;
+
+import com.orion.ops.module.infra.entity.domain.SystemRoleDO;
+import com.orion.ops.module.infra.entity.dto.role.SystemRoleDTO;
+import org.mapstruct.Mapper;
+import org.mapstruct.factory.Mappers;
+
+/**
+ * 角色 对外对象转换器
+ *
+ * @author Jiahang Li
+ * @version 1.0.0
+ * @since 2023-7-16 01:19
+ */
+@Mapper
+public interface SystemRoleProviderConvert {
+
+    SystemRoleProviderConvert MAPPER = Mappers.getMapper(SystemRoleProviderConvert.class);
+
+    SystemRoleDTO to(SystemRoleDO domain);
+
+}

orion-ops-module-infra/orion-ops-module-infra-service/src/main/java/com/orion/ops/module/infra/convert/SystemUserProviderConvert.java

@@ -0,0 +1,22 @@
+package com.orion.ops.module.infra.convert;
+
+import com.orion.ops.module.infra.entity.domain.SystemUserDO;
+import com.orion.ops.module.infra.entity.dto.user.SystemUserDTO;
+import org.mapstruct.Mapper;
+import org.mapstruct.factory.Mappers;
+
+/**
+ * 用户 对外对象转换器
+ *
+ * @author Jiahang Li
+ * @version 1.0.0
+ * @since 2023-7-13 18:42
+ */
+@Mapper
+public interface SystemUserProviderConvert {
+
+    SystemUserProviderConvert MAPPER = Mappers.getMapper(SystemUserProviderConvert.class);
+
+    SystemUserDTO to(SystemUserDO domain);
+
+}

orion-ops-module-infra/orion-ops-module-infra-service/src/main/java/com/orion/ops/module/infra/dao/SystemRoleDAO.java

@@ -4,6 +4,7 @@ import com.baomidou.mybatisplus.core.conditions.query.LambdaQueryWrapper;
 import com.orion.ops.framework.mybatis.core.mapper.IMapper;
 import com.orion.ops.module.infra.entity.domain.SystemRoleDO;
 import org.apache.ibatis.annotations.Mapper;
+import org.apache.ibatis.annotations.Param;
 
 import java.util.Collection;
 import java.util.List;
@@ -30,4 +31,13 @@ public interface SystemRoleDAO extends IMapper<SystemRoleDO> {
         return this.selectList(wrapper);
     }
 
+    /**
+     * 通过 userId 和 roleCode 查询 roleId (检查用户是否包含某个角色)
+     *
+     * @param userId userId
+     * @param code   code
+     * @return roleId
+     */
+    Long getRoleIdByUserIdAndRoleCode(@Param("userId") Long userId, @Param("code") String code);
+
 }

orion-ops-module-infra/orion-ops-module-infra-service/src/main/java/com/orion/ops/module/infra/entity/dto/DataGroupCacheDTO.java

@@ -1,6 +1,7 @@
 package com.orion.ops.module.infra.entity.dto;
 
 import com.orion.lang.define.cache.key.model.LongCacheIdModel;
+import com.orion.ops.framework.common.entity.TreeNode;
 import io.swagger.v3.oas.annotations.media.Schema;
 import lombok.AllArgsConstructor;
 import lombok.Builder;
@@ -22,7 +23,7 @@ import java.util.List;
 @NoArgsConstructor
 @AllArgsConstructor
 @Schema(name = "DataGroupCacheDTO", description = "数据分组 缓存对象")
-public class DataGroupCacheDTO implements LongCacheIdModel, Serializable {
+public class DataGroupCacheDTO implements TreeNode<DataGroupCacheDTO>, LongCacheIdModel, Serializable {
 
     private static final long serialVersionUID = 1L;
 

orion-ops-module-infra/orion-ops-module-infra-service/src/main/java/com/orion/ops/module/infra/service/DataPermissionService.java

@@ -28,7 +28,7 @@ public interface DataPermissionService {
     void updateDataPermission(DataPermissionUpdateRequest request);
 
     /**
-     * 通过 userId 查询 (不包含角色 不走缓存)
+     * 通过 userId 查询数据权限 (不包含角色 不走缓存)
      *
      * @param type   type
      * @param userId userId
@@ -37,7 +37,7 @@ public interface DataPermissionService {
     List<Long> getRelIdListByUserId(String type, Long userId);
 
     /**
-     * 通过 roleId 查询 不走缓存
+     * 通过 roleId 查询数据权限 不走缓存
      *
      * @param type   type
      * @param roleId roleId
@@ -46,13 +46,13 @@ public interface DataPermissionService {
     List<Long> getRelIdListByRoleId(String type, Long roleId);
 
     /**
-     * 通过 userId 查询 (包含角色 走缓存)
+     * 查询 userId 已授权的数据权限 (包含角色 走缓存)
      *
      * @param type   type
      * @param userId userId
      * @return relId
      */
-    List<Long> getAllowRelIdList(String type, Long userId);
+    List<Long> getUserAuthorizedRelIdList(String type, Long userId);
 
     /**
      * 通过 relId 删除

orion-ops-module-infra/orion-ops-module-infra-service/src/main/java/com/orion/ops/module/infra/service/impl/DataGroupServiceImpl.java

@@ -7,6 +7,7 @@ import com.orion.ops.framework.biz.operator.log.core.uitls.OperatorLogs;
 import com.orion.ops.framework.common.constant.Const;
 import com.orion.ops.framework.common.constant.ErrorMessage;
 import com.orion.ops.framework.common.enums.MovePosition;
+import com.orion.ops.framework.common.utils.TreeUtils;
 import com.orion.ops.framework.common.utils.Valid;
 import com.orion.ops.framework.redis.core.utils.RedisStrings;
 import com.orion.ops.framework.redis.core.utils.barrier.CacheBarriers;
@@ -25,7 +26,6 @@ import org.springframework.stereotype.Service;
 import org.springframework.transaction.annotation.Transactional;
 
 import javax.annotation.Resource;
-import java.util.Comparator;
 import java.util.List;
 import java.util.stream.Collectors;
 
@@ -185,7 +185,7 @@ public class DataGroupServiceImpl implements DataGroupService {
                         .id(Const.ROOT_PARENT_ID)
                         .sort(Const.DEFAULT_SORT)
                         .build();
-                this.buildGroupTree(rootNode, rows);
+                TreeUtils.buildGroupTree(rootNode, rows);
                 treeData = rootNode.getChildren();
             }
             // 设置缓存
@@ -196,29 +196,6 @@ public class DataGroupServiceImpl implements DataGroupService {
         return treeData;
     }
 
-    /**
-     * 构建树
-     *
-     * @param parentNode parentNode
-     * @param nodes      nodes
-     */
-    private void buildGroupTree(DataGroupCacheDTO parentNode,
-                                List<DataGroupCacheDTO> nodes) {
-        // 获取子节点
-        List<DataGroupCacheDTO> childrenNodes = nodes.stream()
-                .filter(s -> parentNode.getId().equals(s.getParentId()))
-                .sorted(Comparator.comparing(DataGroupCacheDTO::getSort))
-                .collect(Collectors.toList());
-        if (childrenNodes.isEmpty()) {
-            return;
-        }
-        parentNode.setChildren(childrenNodes);
-        // 遍历子节点
-        for (DataGroupCacheDTO childrenNode : childrenNodes) {
-            this.buildGroupTree(childrenNode, nodes);
-        }
-    }
-
     @Override
     @Transactional(rollbackFor = Exception.class)
     public Integer deleteDataGroupById(Long id) {

orion-ops-module-infra/orion-ops-module-infra-service/src/main/java/com/orion/ops/module/infra/service/impl/DataPermissionServiceImpl.java

@@ -130,7 +130,7 @@ public class DataPermissionServiceImpl implements DataPermissionService {
     }
 
     @Override
-    public List<Long> getAllowRelIdList(String type, Long userId) {
+    public List<Long> getUserAuthorizedRelIdList(String type, Long userId) {
         String cacheKey = DataPermissionCacheKeyDefine.DATA_PERMISSION_USER.format(type, userId);
         // 获取缓存
         List<Long> list = RedisLists.range(cacheKey, Long::valueOf);

orion-ops-module-infra/orion-ops-module-infra-service/src/main/java/com/orion/ops/module/infra/service/impl/SystemUserServiceImpl.java

@@ -22,7 +22,6 @@ import com.orion.ops.module.infra.dao.SystemUserRoleDAO;
 import com.orion.ops.module.infra.define.RoleDefine;
 import com.orion.ops.module.infra.define.cache.TipsCacheKeyDefine;
 import com.orion.ops.module.infra.define.cache.UserCacheKeyDefine;
-import com.orion.ops.module.infra.entity.domain.SystemRoleDO;
 import com.orion.ops.module.infra.entity.domain.SystemUserDO;
 import com.orion.ops.module.infra.entity.dto.UserInfoDTO;
 import com.orion.ops.module.infra.entity.request.user.*;
@@ -275,16 +274,7 @@ public class SystemUserServiceImpl implements SystemUserService {
 
     @Override
     public boolean isAdminUser(Long userId) {
-        // 查询用户角色
-        List<Long> roleIdList = systemUserRoleDAO.selectRoleIdByUserId(userId);
-        if (!roleIdList.isEmpty()) {
-            // 查询角色信息
-            return systemRoleDAO.selectBatchIds(roleIdList)
-                    .stream()
-                    .map(SystemRoleDO::getCode)
-                    .anyMatch(RoleDefine::isAdmin);
-        }
-        return false;
+        return systemRoleDAO.getRoleIdByUserIdAndRoleCode(userId, RoleDefine.ADMIN_CODE) != null;
     }
 
     /**

orion-ops-module-infra/orion-ops-module-infra-service/src/main/resources/mapper/SystemRoleMapper.xml

@@ -20,4 +20,12 @@
         id, name, code, status, create_time, update_time, creator, updater, deleted
     </sql>
 
+    <select id="getRoleIdByUserIdAndRoleCode" resultType="java.lang.Long">
+        SELECT role_id
+        FROM system_user_role
+        WHERE user_id = 1
+          AND deleted = 0
+          AND role_id IN (SELECT id FROM system_role WHERE CODE = 'admin' AND deleted = 0) LIMIT 1
+    </select>
+
 </mapper>