Skip to content
项目
群组
代码片段
帮助
正在加载...
帮助
提交反馈
为 GitLab 提交贡献
登录
切换导航
I
ibzuaa
项目
项目
详情
动态
版本
周期分析
仓库
仓库
文件
提交
分支
标签
贡献者
分支图
比较
统计图
议题
0
议题
0
列表
看板
标记
里程碑
合并请求
0
合并请求
0
CI / CD
CI / CD
流水线
作业
计划
统计图
Wiki
Wiki
代码片段
代码片段
成员
成员
收起侧边栏
关闭侧边栏
动态
分支图
统计图
创建新议题
作业
提交
议题看板
打开侧边栏
ibiz4jteam
ibzuaa
提交
05ea347b
提交
05ea347b
编写于
5月 02, 2020
作者:
zhouweidong
浏览文件
操作
浏览文件
下载
电子邮件补丁
差异文件
UAA USER代碼
上级
d1596baa
变更
1
隐藏空白字符变更
内嵌
并排
正在显示
1 个修改的文件
包含
255 行增加
和
0 行删除
+255
-0
PermissionFeignService.java
...zlab/api/rest/rest/extensions/PermissionFeignService.java
+255
-0
未找到文件。
ibzuaa-provider/ibzuaa-provider-api/src/main/java/cn/ibizlab/api/rest/rest/extensions/PermissionFeignService.java
0 → 100644
浏览文件 @
05ea347b
package
cn
.
ibizlab
.
api
.
rest
.
rest
.
extensions
;
import
cn.ibizlab.core.uaa.domain.SYS_PERMISSION
;
import
cn.ibizlab.core.uaa.domain.SYS_PSDEOPPRIV
;
import
cn.ibizlab.core.uaa.service.ISYS_PERMISSIONService
;
import
cn.ibizlab.core.uaa.service.ISYS_PSDEOPPRIVService
;
import
com.alibaba.fastjson.JSONArray
;
import
com.alibaba.fastjson.JSONObject
;
import
com.fasterxml.jackson.databind.JsonNode
;
import
org.springframework.beans.factory.annotation.Autowired
;
import
org.springframework.util.DigestUtils
;
import
org.springframework.util.StringUtils
;
import
org.springframework.validation.annotation.Validated
;
import
org.springframework.web.bind.annotation.*
;
import
javax.validation.constraints.NotBlank
;
import
java.util.ArrayList
;
import
java.util.List
;
import
java.util.Map
;
/**
* 为业务系统提供权限相关服务
* 提供以下能力:
* (1)返回用户权限数据(含菜单、表格、表单)
* (2)业务系统权限数据初始化(含菜单、数据能力):保存业务系统权限数据到UAA中,用于权限树展示
*/
@RestController
public
class
PermissionFeignService
{
/**
* 实体操作标识
*/
private
String
OPPriTag
=
"OPPRIV"
;
/**
* 实体行为操作标识
*/
private
String
DEActionType
=
"DEACTION"
;
/**
* 实体数据集操作标识
*/
private
String
DataSetTag
=
"DATASET"
;
@Autowired
private
ISYS_PERMISSIONService
permissionService
;
@Autowired
private
ISYS_PSDEOPPRIVService
opprivService
;
/**
* 根据登录的用户userid,系统标识,获取指定该系统下角色的菜单、或权限
* @return
*/
@GetMapping
(
value
=
"/uaa/permission/{loginname}"
)
public
JSONObject
getUserPermissionData
(
@Validated
@NotBlank
(
message
=
"loginname不允许为空"
)
@PathVariable
(
"loginname"
)
String
loginName
,
@Validated
@NotBlank
(
message
=
"systemid不允许为空"
)
@RequestParam
(
"systemid"
)
String
systemid
)
{
JSONObject
permissionObj
=
new
JSONObject
();
String
opprivSQL
=
"SELECT\n"
+
"\tT2.pssysmoduleid as sysmodule,\n"
+
"\tT2.psdataentityid as dataentity,\n"
+
"\tT2.pssourceid as pssourceid,\n"
+
"\tT2.pssourcetype as pssourcetype,\n"
+
"\tT2.psdedatarangeid as dedatarange,\n"
+
"\tT1.sys_permissionname\n"
+
"FROM\n"
+
"\tibzrole_permission T\n"
+
"INNER JOIN ibzpermission T1 ON T.SYS_PERMISSIONID = T1.SYS_PERMISSIONID\n"
+
"INNER JOIN ibzpsdeoppriv T2 on T1.SYS_PERMISSIONID=t2.SYS_PSDEOPPRIVID\n"
+
"WHERE\n"
+
"\tT.SYS_ROLEID IN (\n"
+
"\t SELECT SYS_ROLEID\n"
+
"\t FROM\n"
+
"\t IBZUSER_ROLE t LEFT JOIN IBZUSER t1 ON t.SYS_USERID=T1.USERID\n"
+
"\t WHERE\n"
+
"\t T1.USERNAME = '%s'\n"
+
"\t)\n"
+
"AND T1.SYSTEMID = '%s'\n"
+
"AND T1.PERMISSIONTYPE = '%s' "
;
List
<
JSONObject
>
userPermission
=
permissionService
.
select
(
String
.
format
(
opprivSQL
,
loginName
,
systemid
,
OPPriTag
));
//查询用户权限下的菜单数据
JSONObject
userPermissionList
=
getUserPermissionList
(
userPermission
);
permissionObj
.
put
(
"userPermissionList"
,
userPermissionList
);
return
permissionObj
;
}
/**
* 拼接实体行为资源
* @param role_permissions
* @return
*/
private
JSONObject
getUserPermissionList
(
List
<
JSONObject
>
role_permissions
)
{
JSONObject
permission_entity
=
new
JSONObject
();
for
(
Map
rolePermission
:
role_permissions
)
{
JSONObject
obj
=
JSONObject
.
parseObject
(
JSONObject
.
toJSON
(
rolePermission
).
toString
());
String
entityName
=
obj
.
getString
(
"dataentity"
);
String
dataRangeName
=
obj
.
getString
(
"dedatarange"
);
String
sourceName
=
obj
.
getString
(
"pssourceid"
);
String
sourceType
=
obj
.
getString
(
"pssourcetype"
);
JSONObject
entity
=
new
JSONObject
();
JSONObject
permission
=
new
JSONObject
();
JSONArray
dataRange
=
new
JSONArray
();
if
(
permission_entity
.
containsKey
(
entityName
))
//实体合并
entity
=
permission_entity
.
getJSONObject
(
entityName
);
if
(
entity
.
containsKey
(
sourceType
))
//数据能力合并
permission
=
entity
.
getJSONObject
(
sourceType
);
if
(
permission
.
containsKey
(
sourceName
))
dataRange
=
permission
.
getJSONArray
(
sourceName
);
dataRange
.
add
(
dataRangeName
);
permission
.
put
(
sourceName
,
dataRange
);
entity
.
put
(
sourceType
,
permission
);
permission_entity
.
put
(
entityName
,
entity
);
}
return
permission_entity
;
}
/**
* 拿到业务系统传过来的权限和菜单数据,存入uaa的权限表中
*/
@PostMapping
(
"/uaa/permission/save"
)
public
Map
<
String
,
JsonNode
>
pushSystemPermissionData
(
@RequestBody
Map
<
String
,
Object
>
map
,
@Validated
@NotBlank
(
message
=
"systemid不允许为空"
)
@RequestParam
(
"systemid"
)
String
systemId
){
//如果map值不为null说明要更新数据,则先将表中该系统标识下的所有数据进行逻辑删除
if
(
map
!=
null
){
permissionService
.
execute
(
String
.
format
(
"UPDATE ibzpermission t SET t.enable=0 WHERE SYSTEMID='%s'"
,
systemId
));
}
List
<
SYS_PSDEOPPRIV
>
opprivList
=
new
ArrayList
<>();
//菜单项集合
List
<
SYS_PERMISSION
>
ability_list
=
new
ArrayList
<>();
//资源-操作能力集合
if
(
map
.
containsKey
(
"permission"
)){
JSONObject
paramsObj
=
new
JSONObject
(
map
);
JSONObject
capabilityPermissionObj
=
paramsObj
.
getJSONObject
(
"permission"
);
parseDECapability
(
capabilityPermissionObj
,
systemId
,
ability_list
,
opprivList
);
}
if
(
opprivList
.
size
()>
0
){
opprivService
.
saveOrUpdateBatch
(
opprivList
);
//批量保存数据操作标识
}
if
(
ability_list
.
size
()>
0
){
permissionService
.
saveOrUpdateBatch
(
ability_list
);
//批量保存数据操作标识资源
}
return
null
;
}
/**
* 保存实体数据能力
* @param permission
* @param systemId
* @param sysPermission
* @param opprivPermission
*/
public
void
parseDECapability
(
JSONObject
permission
,
String
systemId
,
List
<
SYS_PERMISSION
>
sysPermission
,
List
<
SYS_PSDEOPPRIV
>
opprivPermission
){
JSONArray
preDefinedDataRange
=
permission
.
getJSONArray
(
"predefineddatarange"
);
JSONArray
entities
=
permission
.
getJSONArray
(
"entities"
);
for
(
int
a
=
0
;
a
<
entities
.
size
();
a
++){
JSONObject
entity
=
entities
.
getJSONObject
(
a
);
JSONArray
dataSetArray
=
entity
.
getJSONArray
(
"dedataset"
);
JSONArray
deActionArray
=
entity
.
getJSONArray
(
"deaction"
);
createDataRange
(
dataSetArray
,
preDefinedDataRange
,
entity
,
DataSetTag
,
systemId
,
sysPermission
,
opprivPermission
);
//存储数据集
createDataRange
(
deActionArray
,
preDefinedDataRange
,
entity
,
DEActionType
,
systemId
,
sysPermission
,
opprivPermission
);
//存储实体行为
}
}
/**
* 根据实体行为或数据集合结合预定于数据类型生成数据范围
* @param deActionArray
* @param preDefinedDataRange
* @param entity
* @param permissionType
* @param systemId
* @param ability_list
* @param opprivList
*/
private
void
createDataRange
(
JSONArray
deActionArray
,
JSONArray
preDefinedDataRange
,
JSONObject
entity
,
String
permissionType
,
String
systemId
,
List
<
SYS_PERMISSION
>
ability_list
,
List
<
SYS_PSDEOPPRIV
>
opprivList
){
for
(
int
b
=
0
;
b
<
deActionArray
.
size
();
b
++)
{
JSONObject
deSource
=
deActionArray
.
getJSONObject
(
b
);
String
deActionType
=
deSource
.
getString
(
"type"
);
if
(
permissionType
.
equalsIgnoreCase
(
DEActionType
)
&&
!
StringUtils
.
isEmpty
(
deActionType
)
&&
!
deActionType
.
equalsIgnoreCase
(
"BUILTIN"
))
{
JSONObject
dataRange
=
new
JSONObject
();
createDataRange
(
entity
,
deSource
,
dataRange
,
permissionType
,
systemId
,
ability_list
,
opprivList
);
//自定义用户行为
}
else
{
for
(
int
c
=
0
;
c
<
preDefinedDataRange
.
size
();
c
++){
JSONObject
dataRange
=
preDefinedDataRange
.
getJSONObject
(
c
);
createDataRange
(
entity
,
deSource
,
dataRange
,
permissionType
,
systemId
,
ability_list
,
opprivList
);
//实体预置行为及数据集
}
}
}
}
/**
* 根据实体行为或数据集合结合预定于数据类型生成数据范围
* @param entity
* @param source
* @param dataRange
* @param permissionType
* @param systemId
* @param ability_list
* @param opprivList
*/
private
void
createDataRange
(
JSONObject
entity
,
JSONObject
source
,
JSONObject
dataRange
,
String
permissionType
,
String
systemId
,
List
<
SYS_PERMISSION
>
ability_list
,
List
<
SYS_PSDEOPPRIV
>
opprivList
)
{
String
deName
=
entity
.
getString
(
"dename"
);
String
deLogicName
=
entity
.
getString
(
"delogicname"
);
JSONObject
module
=
entity
.
getJSONObject
(
"sysmoudle"
);
String
moduleId
=
module
.
getString
(
"id"
);
String
moduleName
=
module
.
getString
(
"name"
);
String
sourceId
=
source
.
getString
(
"id"
);
String
sourceName
=
source
.
getString
(
"name"
);
String
dataRangeId
=
dataRange
.
getString
(
"id"
);
String
dataRangeName
=
dataRange
.
getString
(
"name"
);
String
permissionId
=
DigestUtils
.
md5DigestAsHex
(
String
.
format
(
"%s%s%s%s%s"
,
systemId
,
moduleId
,
deName
,
sourceId
,
dataRangeId
).
getBytes
());
String
permissionName
;
if
(!
StringUtils
.
isEmpty
(
dataRangeName
)){
permissionName
=
String
.
format
(
"[%s]%s[%s]"
,
deLogicName
,
sourceName
,
dataRangeName
);
}
else
{
permissionName
=
String
.
format
(
"[%s]%s"
,
deLogicName
,
sourceName
);
}
//存资源表
SYS_PERMISSION
sys_permission
=
new
SYS_PERMISSION
();
sys_permission
.
setPermissionname
(
permissionName
);
sys_permission
.
setPssystemid
(
systemId
);
sys_permission
.
setPermissionid
(
permissionId
);
sys_permission
.
setPermissiontype
(
OPPriTag
);
sys_permission
.
setEnable
(
1
);
ability_list
.
add
(
sys_permission
);
//存数据操作能力表
SYS_PSDEOPPRIV
psDEOppriv
=
new
SYS_PSDEOPPRIV
();
psDEOppriv
.
setPsdeopprivid
(
permissionId
);
psDEOppriv
.
setPsdeopprivname
(
permissionName
);
psDEOppriv
.
setPssystemid
(
systemId
);
psDEOppriv
.
setPssysmoduleid
(
moduleId
);
psDEOppriv
.
setPssysmodulename
(
moduleName
);
psDEOppriv
.
setPsdataentityid
(
deName
);
psDEOppriv
.
setPsdataentityname
(
deLogicName
);
psDEOppriv
.
setPssourceid
(
sourceId
);
psDEOppriv
.
setPssourcename
(
sourceName
);
psDEOppriv
.
setPsdedatarangeid
(
dataRangeId
);
psDEOppriv
.
setPsdedatarangename
(
dataRangeName
);
psDEOppriv
.
setPssourcetype
(
permissionType
);
opprivList
.
add
(
psDEOppriv
);
}
}
编辑
预览
Markdown
格式
0%
请重试
or
添加新附件
添加附件
取消
您添加了
0
人
到此讨论。请谨慎行事。
先完成此消息的编辑!
取消
想要评论请
注册
或
登录
