From 389e87d149309ad69b164d91d2098faaedebc53c Mon Sep 17 00:00:00 2001 From: "1437892690@qq.com" <1437892690@qq.com> Date: Tue, 3 Dec 2024 15:37:48 +0800 Subject: [PATCH 1/2] =?UTF-8?q?[=E5=8A=9F=E8=83=BD]=20=E5=B7=A5=E5=8D=95?= =?UTF-8?q?=E6=AD=A5=E9=AA=A4=E6=9D=83=E9=99=90=E6=A0=A1=E9=AA=8C=E4=BC=98?= =?UTF-8?q?=E5=8C=96?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit 关联 #[1208759358029824]工单步骤权限校验优化 http://192.168.0.96:8090/demo/rdm.html#/story-detail/939050947543040/939050947543042/1208759358029824 --- .../core/IOperationAuthHandler.java | 4 +- .../operationauth/core/IOperationType.java | 12 +++++ .../core/OperationAuthHandlerType.java | 4 +- .../core/OperationTypeFactory.java | 51 +++++++++++++++++++ .../operationauth/core/PredicateResult.java | 33 ++++++++++++ .../core/ProcessAuthManager.java | 20 ++++---- .../operationauth/core/TernaryPredicate.java | 4 +- 7 files changed, 111 insertions(+), 17 deletions(-) create mode 100644 src/main/java/neatlogic/framework/process/operationauth/core/OperationTypeFactory.java create mode 100644 src/main/java/neatlogic/framework/process/operationauth/core/PredicateResult.java diff --git a/src/main/java/neatlogic/framework/process/operationauth/core/IOperationAuthHandler.java b/src/main/java/neatlogic/framework/process/operationauth/core/IOperationAuthHandler.java index 19383b21..9330581a 100644 --- a/src/main/java/neatlogic/framework/process/operationauth/core/IOperationAuthHandler.java +++ b/src/main/java/neatlogic/framework/process/operationauth/core/IOperationAuthHandler.java @@ -21,7 +21,7 @@ public interface IOperationAuthHandler { String getHandler(); - default Boolean getOperateMap(ProcessTaskVo processTaskVo, String userUuid, + default PredicateResult getOperateMap(ProcessTaskVo processTaskVo, String userUuid, IOperationType operationType, Map> operationTypePermissionDeniedExceptionMap, JSONObject extraParam @@ -37,7 +37,7 @@ public interface IOperationAuthHandler { * @param operationType 需要判断的权限类型 * @return */ - default Boolean getOperateMap(ProcessTaskVo processTaskVo, + default PredicateResult getOperateMap(ProcessTaskVo processTaskVo, ProcessTaskStepVo processTaskStepVo, String userUuid, IOperationType operationType, diff --git a/src/main/java/neatlogic/framework/process/operationauth/core/IOperationType.java b/src/main/java/neatlogic/framework/process/operationauth/core/IOperationType.java index 71a8b174..ace1c864 100644 --- a/src/main/java/neatlogic/framework/process/operationauth/core/IOperationType.java +++ b/src/main/java/neatlogic/framework/process/operationauth/core/IOperationType.java @@ -37,7 +37,19 @@ public interface IOperationType { return new ArrayList<>(); } + /** + * 该操作权限级别,工单级别或步骤级别 + * @return + */ default OperationAuthHandlerType getOperationAuthHandlerType() { return null; } + + /** + * 该操作权限是否可以授予给别人 + * @return + */ + default boolean getCanProxyPermission() { + return true; + } } diff --git a/src/main/java/neatlogic/framework/process/operationauth/core/OperationAuthHandlerType.java b/src/main/java/neatlogic/framework/process/operationauth/core/OperationAuthHandlerType.java index d3bdebd3..104dec9f 100644 --- a/src/main/java/neatlogic/framework/process/operationauth/core/OperationAuthHandlerType.java +++ b/src/main/java/neatlogic/framework/process/operationauth/core/OperationAuthHandlerType.java @@ -5,9 +5,7 @@ import neatlogic.framework.util.$; public enum OperationAuthHandlerType implements IOperationAuthHandlerType { TASK("task", "工单"), STEP("step", "步骤"), - OMNIPOTENT("omnipotent", "普通组件"), - AUTOMATIC("automatic", "自动组件"), - TIMER("timer", "定时组件"); + ; private OperationAuthHandlerType(String value, String text) { this.value = value; diff --git a/src/main/java/neatlogic/framework/process/operationauth/core/OperationTypeFactory.java b/src/main/java/neatlogic/framework/process/operationauth/core/OperationTypeFactory.java new file mode 100644 index 00000000..2c737ae5 --- /dev/null +++ b/src/main/java/neatlogic/framework/process/operationauth/core/OperationTypeFactory.java @@ -0,0 +1,51 @@ +/* + * Copyright (C) 2024 深圳极向量科技有限公司 All Rights Reserved. + * + * This program is free software: you can redistribute it and/or modify + * it under the terms of the GNU Affero General Public License as published by + * the Free Software Foundation, either version 3 of the License, or + * (at your option) any later version. + * + * This program is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU Affero General Public License for more details. + * + * You should have received a copy of the GNU Affero General Public License + * along with this program. If not, see . + */ + +package neatlogic.framework.process.operationauth.core; + +import org.reflections.Reflections; + +import java.util.Arrays; +import java.util.HashSet; +import java.util.Set; + +public class OperationTypeFactory { + /** 标记是否未初始化数据,只初始化一次 **/ + private static volatile boolean isUninitialized = true; + + private static final Set set = new HashSet<>(); + + public static Set getOperationTypeList(){ + if(isUninitialized) { + synchronized(OperationTypeFactory.class) { + if(isUninitialized) { + Reflections reflections = new Reflections("neatlogic"); + Set> classSet = reflections.getSubTypesOf(IOperationType.class); + for (Class c : classSet) { + try { + set.addAll(Arrays.asList(c.getEnumConstants())); + } catch (Exception ignored) { + + } + } + isUninitialized = false; + } + } + } + return set; + } +} diff --git a/src/main/java/neatlogic/framework/process/operationauth/core/PredicateResult.java b/src/main/java/neatlogic/framework/process/operationauth/core/PredicateResult.java new file mode 100644 index 00000000..0c2507d8 --- /dev/null +++ b/src/main/java/neatlogic/framework/process/operationauth/core/PredicateResult.java @@ -0,0 +1,33 @@ +/* + * Copyright (C) 2024 深圳极向量科技有限公司 All Rights Reserved. + * + * This program is free software: you can redistribute it and/or modify + * it under the terms of the GNU Affero General Public License as published by + * the Free Software Foundation, either version 3 of the License, or + * (at your option) any later version. + * + * This program is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU Affero General Public License for more details. + * + * You should have received a copy of the GNU Affero General Public License + * along with this program. If not, see . + */ + +package neatlogic.framework.process.operationauth.core; + +public enum PredicateResult { + /** + * 否认 + */ + DENY, + /** + * 中立 + */ + NEUTRAL, + /** + * 接受 + */ + ACCEPT; +} diff --git a/src/main/java/neatlogic/framework/process/operationauth/core/ProcessAuthManager.java b/src/main/java/neatlogic/framework/process/operationauth/core/ProcessAuthManager.java index f6f1ecab..8a382b5e 100644 --- a/src/main/java/neatlogic/framework/process/operationauth/core/ProcessAuthManager.java +++ b/src/main/java/neatlogic/framework/process/operationauth/core/ProcessAuthManager.java @@ -316,8 +316,8 @@ public class ProcessAuthManager { IOperationAuthHandler handler = OperationAuthHandlerFactory.getHandler(OperationAuthHandlerType.TASK.getValue()); Set resultSet = new HashSet<>(); for (IOperationType operationType : taskOperationTypeSet) { - boolean result = handler.getOperateMap(processTaskVo, userUuid, operationType, operationTypePermissionDeniedExceptionMap, extraParam); - if (result) { + PredicateResult result = handler.getOperateMap(processTaskVo, userUuid, operationType, operationTypePermissionDeniedExceptionMap, extraParam); + if (result == PredicateResult.ACCEPT) { resultSet.add(operationType); } else { /** 因为上报权限不能授权,所以转报和复制上报权限不能授权 **/ @@ -335,7 +335,7 @@ public class ProcessAuthManager { if (CollectionUtils.isNotEmpty(fromUuidList)) { for (String fromUuid : fromUuidList) { result = handler.getOperateMap(processTaskVo, fromUuid, operationType, operationTypePermissionDeniedExceptionMap, extraParam); - if (result) { + if (result == PredicateResult.ACCEPT) { resultSet.add(operationType); break; } @@ -354,18 +354,18 @@ public class ProcessAuthManager { extraParam = extraParamMap.computeIfAbsent(processTaskStepVo.getId(), key -> new JSONObject()); Set resultSet = new HashSet<>(); for (IOperationType operationType : stepOperationTypeSet) { - Boolean result = null; + PredicateResult result = null; IOperationAuthHandler handler = OperationAuthHandlerFactory.getHandler(processTaskStepVo.getHandler()); if (handler != null) { result = handler.getOperateMap(processTaskVo, processTaskStepVo, userUuid, operationType, operationTypePermissionDeniedExceptionMap, extraParam); } - if(result == null || result) { + if(result == null || result == PredicateResult.ACCEPT) { result = stepHandler.getOperateMap(processTaskVo, processTaskStepVo, userUuid, operationType, operationTypePermissionDeniedExceptionMap, extraParam); if (result == null) { - result = false; + result = PredicateResult.DENY; } } - if (result) { + if (result == PredicateResult.ACCEPT) { resultSet.add(operationType); } else { /** 如果当前用户接受了其他用户的授权,查出其他用户拥有的权限,叠加当前用户权限里 **/ @@ -376,13 +376,13 @@ public class ProcessAuthManager { if (handler != null) { result = handler.getOperateMap(processTaskVo, processTaskStepVo, fromUuid, operationType, operationTypePermissionDeniedExceptionMap, extraParam); } - if(result == null || result) { + if(result == null || result == PredicateResult.ACCEPT) { result = stepHandler.getOperateMap(processTaskVo, processTaskStepVo, fromUuid, operationType, operationTypePermissionDeniedExceptionMap, extraParam); if (result == null) { - result = false; + result = PredicateResult.DENY; } } - if (result) { + if (result == PredicateResult.ACCEPT) { resultSet.add(operationType); break; } diff --git a/src/main/java/neatlogic/framework/process/operationauth/core/TernaryPredicate.java b/src/main/java/neatlogic/framework/process/operationauth/core/TernaryPredicate.java index 7d2b05e5..1db2919f 100644 --- a/src/main/java/neatlogic/framework/process/operationauth/core/TernaryPredicate.java +++ b/src/main/java/neatlogic/framework/process/operationauth/core/TernaryPredicate.java @@ -11,6 +11,6 @@ package neatlogic.framework.process.operationauth.core; */ @FunctionalInterface public interface TernaryPredicate { - - boolean test(T t, U u, V v, W w, X x); + + PredicateResult test(T t, U u, V v, W w, X x); } -- Gitee From 4b7f6d6dd356dcad65358bfd6ed63dfa86aec267 Mon Sep 17 00:00:00 2001 From: "1437892690@qq.com" <1437892690@qq.com> Date: Tue, 3 Dec 2024 15:57:33 +0800 Subject: [PATCH 2/2] =?UTF-8?q?[=E5=8A=9F=E8=83=BD]=20=E5=B7=A5=E5=8D=95?= =?UTF-8?q?=E6=AD=A5=E9=AA=A4=E6=9D=83=E9=99=90=E6=A0=A1=E9=AA=8C=E4=BC=98?= =?UTF-8?q?=E5=8C=96?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit 关联 #[1208759358029824]工单步骤权限校验优化 http://192.168.0.96:8090/demo/rdm.html#/story-detail/939050947543040/939050947543042/1208759358029824 --- .../process/operationauth/core/OperationAuthHandlerType.java | 4 +--- 1 file changed, 1 insertion(+), 3 deletions(-) diff --git a/src/main/java/neatlogic/framework/process/operationauth/core/OperationAuthHandlerType.java b/src/main/java/neatlogic/framework/process/operationauth/core/OperationAuthHandlerType.java index 104dec9f..91972f43 100644 --- a/src/main/java/neatlogic/framework/process/operationauth/core/OperationAuthHandlerType.java +++ b/src/main/java/neatlogic/framework/process/operationauth/core/OperationAuthHandlerType.java @@ -1,7 +1,5 @@ package neatlogic.framework.process.operationauth.core; -import neatlogic.framework.util.$; - public enum OperationAuthHandlerType implements IOperationAuthHandlerType { TASK("task", "工单"), STEP("step", "步骤"), @@ -15,7 +13,7 @@ public enum OperationAuthHandlerType implements IOperationAuthHandlerType { private String text; @Override public String getText() { - return $.t(text); + return text; } @Override public String getValue() { -- Gitee