diff --git a/src/main/java/neatlogic/framework/process/operationauth/core/IOperationAuthHandler.java b/src/main/java/neatlogic/framework/process/operationauth/core/IOperationAuthHandler.java index 19383b213a6c95b91dcfa7d87eed0caa2d925a7c..9330581af6046133f892baab303f88516694af98 100644 --- a/src/main/java/neatlogic/framework/process/operationauth/core/IOperationAuthHandler.java +++ b/src/main/java/neatlogic/framework/process/operationauth/core/IOperationAuthHandler.java @@ -21,7 +21,7 @@ public interface IOperationAuthHandler { String getHandler(); - default Boolean getOperateMap(ProcessTaskVo processTaskVo, String userUuid, + default PredicateResult getOperateMap(ProcessTaskVo processTaskVo, String userUuid, IOperationType operationType, Map> operationTypePermissionDeniedExceptionMap, JSONObject extraParam @@ -37,7 +37,7 @@ public interface IOperationAuthHandler { * @param operationType 需要判断的权限类型 * @return */ - default Boolean getOperateMap(ProcessTaskVo processTaskVo, + default PredicateResult getOperateMap(ProcessTaskVo processTaskVo, ProcessTaskStepVo processTaskStepVo, String userUuid, IOperationType operationType, diff --git a/src/main/java/neatlogic/framework/process/operationauth/core/IOperationType.java b/src/main/java/neatlogic/framework/process/operationauth/core/IOperationType.java index 71a8b174dbb3c527f638807efb29c8f13e603257..ace1c864d65fe596b1c8a87dbd6d171923ca483d 100644 --- a/src/main/java/neatlogic/framework/process/operationauth/core/IOperationType.java +++ b/src/main/java/neatlogic/framework/process/operationauth/core/IOperationType.java @@ -37,7 +37,19 @@ public interface IOperationType { return new ArrayList<>(); } + /** + * 该操作权限级别,工单级别或步骤级别 + * @return + */ default OperationAuthHandlerType getOperationAuthHandlerType() { return null; } + + /** + * 该操作权限是否可以授予给别人 + * @return + */ + default boolean getCanProxyPermission() { + return true; + } } diff --git a/src/main/java/neatlogic/framework/process/operationauth/core/OperationAuthHandlerType.java b/src/main/java/neatlogic/framework/process/operationauth/core/OperationAuthHandlerType.java index d3bdebd3511c3db8b68f49a86ced9bfee26b2c7d..91972f43896133c1d622c8a55b7cbb0108e688ae 100644 --- a/src/main/java/neatlogic/framework/process/operationauth/core/OperationAuthHandlerType.java +++ b/src/main/java/neatlogic/framework/process/operationauth/core/OperationAuthHandlerType.java @@ -1,13 +1,9 @@ package neatlogic.framework.process.operationauth.core; -import neatlogic.framework.util.$; - public enum OperationAuthHandlerType implements IOperationAuthHandlerType { TASK("task", "工单"), STEP("step", "步骤"), - OMNIPOTENT("omnipotent", "普通组件"), - AUTOMATIC("automatic", "自动组件"), - TIMER("timer", "定时组件"); + ; private OperationAuthHandlerType(String value, String text) { this.value = value; @@ -17,7 +13,7 @@ public enum OperationAuthHandlerType implements IOperationAuthHandlerType { private String text; @Override public String getText() { - return $.t(text); + return text; } @Override public String getValue() { diff --git a/src/main/java/neatlogic/framework/process/operationauth/core/OperationTypeFactory.java b/src/main/java/neatlogic/framework/process/operationauth/core/OperationTypeFactory.java new file mode 100644 index 0000000000000000000000000000000000000000..2c737ae599a785876a0f1b775dd21eb92a059b4b --- /dev/null +++ b/src/main/java/neatlogic/framework/process/operationauth/core/OperationTypeFactory.java @@ -0,0 +1,51 @@ +/* + * Copyright (C) 2024 深圳极向量科技有限公司 All Rights Reserved. + * + * This program is free software: you can redistribute it and/or modify + * it under the terms of the GNU Affero General Public License as published by + * the Free Software Foundation, either version 3 of the License, or + * (at your option) any later version. + * + * This program is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU Affero General Public License for more details. + * + * You should have received a copy of the GNU Affero General Public License + * along with this program. If not, see . + */ + +package neatlogic.framework.process.operationauth.core; + +import org.reflections.Reflections; + +import java.util.Arrays; +import java.util.HashSet; +import java.util.Set; + +public class OperationTypeFactory { + /** 标记是否未初始化数据,只初始化一次 **/ + private static volatile boolean isUninitialized = true; + + private static final Set set = new HashSet<>(); + + public static Set getOperationTypeList(){ + if(isUninitialized) { + synchronized(OperationTypeFactory.class) { + if(isUninitialized) { + Reflections reflections = new Reflections("neatlogic"); + Set> classSet = reflections.getSubTypesOf(IOperationType.class); + for (Class c : classSet) { + try { + set.addAll(Arrays.asList(c.getEnumConstants())); + } catch (Exception ignored) { + + } + } + isUninitialized = false; + } + } + } + return set; + } +} diff --git a/src/main/java/neatlogic/framework/process/operationauth/core/PredicateResult.java b/src/main/java/neatlogic/framework/process/operationauth/core/PredicateResult.java new file mode 100644 index 0000000000000000000000000000000000000000..0c2507d85736b40b462b44f7652aeea345768bc8 --- /dev/null +++ b/src/main/java/neatlogic/framework/process/operationauth/core/PredicateResult.java @@ -0,0 +1,33 @@ +/* + * Copyright (C) 2024 深圳极向量科技有限公司 All Rights Reserved. + * + * This program is free software: you can redistribute it and/or modify + * it under the terms of the GNU Affero General Public License as published by + * the Free Software Foundation, either version 3 of the License, or + * (at your option) any later version. + * + * This program is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU Affero General Public License for more details. + * + * You should have received a copy of the GNU Affero General Public License + * along with this program. If not, see . + */ + +package neatlogic.framework.process.operationauth.core; + +public enum PredicateResult { + /** + * 否认 + */ + DENY, + /** + * 中立 + */ + NEUTRAL, + /** + * 接受 + */ + ACCEPT; +} diff --git a/src/main/java/neatlogic/framework/process/operationauth/core/ProcessAuthManager.java b/src/main/java/neatlogic/framework/process/operationauth/core/ProcessAuthManager.java index f6f1ecab4e67ffde157ee4412a50c248bec4e88a..8a382b5edd682a4e55bb808f66fa790557ef581f 100644 --- a/src/main/java/neatlogic/framework/process/operationauth/core/ProcessAuthManager.java +++ b/src/main/java/neatlogic/framework/process/operationauth/core/ProcessAuthManager.java @@ -316,8 +316,8 @@ public class ProcessAuthManager { IOperationAuthHandler handler = OperationAuthHandlerFactory.getHandler(OperationAuthHandlerType.TASK.getValue()); Set resultSet = new HashSet<>(); for (IOperationType operationType : taskOperationTypeSet) { - boolean result = handler.getOperateMap(processTaskVo, userUuid, operationType, operationTypePermissionDeniedExceptionMap, extraParam); - if (result) { + PredicateResult result = handler.getOperateMap(processTaskVo, userUuid, operationType, operationTypePermissionDeniedExceptionMap, extraParam); + if (result == PredicateResult.ACCEPT) { resultSet.add(operationType); } else { /** 因为上报权限不能授权,所以转报和复制上报权限不能授权 **/ @@ -335,7 +335,7 @@ public class ProcessAuthManager { if (CollectionUtils.isNotEmpty(fromUuidList)) { for (String fromUuid : fromUuidList) { result = handler.getOperateMap(processTaskVo, fromUuid, operationType, operationTypePermissionDeniedExceptionMap, extraParam); - if (result) { + if (result == PredicateResult.ACCEPT) { resultSet.add(operationType); break; } @@ -354,18 +354,18 @@ public class ProcessAuthManager { extraParam = extraParamMap.computeIfAbsent(processTaskStepVo.getId(), key -> new JSONObject()); Set resultSet = new HashSet<>(); for (IOperationType operationType : stepOperationTypeSet) { - Boolean result = null; + PredicateResult result = null; IOperationAuthHandler handler = OperationAuthHandlerFactory.getHandler(processTaskStepVo.getHandler()); if (handler != null) { result = handler.getOperateMap(processTaskVo, processTaskStepVo, userUuid, operationType, operationTypePermissionDeniedExceptionMap, extraParam); } - if(result == null || result) { + if(result == null || result == PredicateResult.ACCEPT) { result = stepHandler.getOperateMap(processTaskVo, processTaskStepVo, userUuid, operationType, operationTypePermissionDeniedExceptionMap, extraParam); if (result == null) { - result = false; + result = PredicateResult.DENY; } } - if (result) { + if (result == PredicateResult.ACCEPT) { resultSet.add(operationType); } else { /** 如果当前用户接受了其他用户的授权,查出其他用户拥有的权限,叠加当前用户权限里 **/ @@ -376,13 +376,13 @@ public class ProcessAuthManager { if (handler != null) { result = handler.getOperateMap(processTaskVo, processTaskStepVo, fromUuid, operationType, operationTypePermissionDeniedExceptionMap, extraParam); } - if(result == null || result) { + if(result == null || result == PredicateResult.ACCEPT) { result = stepHandler.getOperateMap(processTaskVo, processTaskStepVo, fromUuid, operationType, operationTypePermissionDeniedExceptionMap, extraParam); if (result == null) { - result = false; + result = PredicateResult.DENY; } } - if (result) { + if (result == PredicateResult.ACCEPT) { resultSet.add(operationType); break; } diff --git a/src/main/java/neatlogic/framework/process/operationauth/core/TernaryPredicate.java b/src/main/java/neatlogic/framework/process/operationauth/core/TernaryPredicate.java index 7d2b05e50e73ebfdbfa38215a7e80a01108c3167..1db2919f893db9aab7bad6ddffeb63087711a727 100644 --- a/src/main/java/neatlogic/framework/process/operationauth/core/TernaryPredicate.java +++ b/src/main/java/neatlogic/framework/process/operationauth/core/TernaryPredicate.java @@ -11,6 +11,6 @@ package neatlogic.framework.process.operationauth.core; */ @FunctionalInterface public interface TernaryPredicate { - - boolean test(T t, U u, V v, W w, X x); + + PredicateResult test(T t, U u, V v, W w, X x); }