diff --git a/src/main/java/neatlogic/module/process/api/catalog/CalalogBreadcrumbSearchApi.java b/src/main/java/neatlogic/module/process/api/catalog/CalalogBreadcrumbSearchApi.java index afd05ba9553c9a3793ccefcfe45605dbfe4f1e54..ad6e1efdd7efc268a500ac0745521e36ad38cacc 100644 --- a/src/main/java/neatlogic/module/process/api/catalog/CalalogBreadcrumbSearchApi.java +++ b/src/main/java/neatlogic/module/process/api/catalog/CalalogBreadcrumbSearchApi.java @@ -7,6 +7,7 @@ import neatlogic.framework.common.dto.BasePageVo; import neatlogic.framework.common.util.PageUtil; import neatlogic.framework.dto.AuthenticationInfoVo; import neatlogic.framework.process.auth.PROCESS_BASE; +import neatlogic.framework.process.constvalue.CatalogChannelAuthorityAction; import neatlogic.module.process.dao.mapper.catalog.CatalogMapper; import neatlogic.module.process.dao.mapper.catalog.ChannelMapper; import neatlogic.framework.process.dto.CatalogVo; @@ -112,7 +113,7 @@ public class CalalogBreadcrumbSearchApi extends PrivateApiComponentBase { catalogList.add(catalog); } //已授权的目录uuid - List currentUserAuthorizedCatalogUuidList = catalogMapper.getAuthorizedCatalogUuidList(UserContext.get().getUserUuid(true), authenticationInfoVo.getTeamUuidList(), authenticationInfoVo.getRoleUuidList(), null); + List currentUserAuthorizedCatalogUuidList = catalogMapper.getAuthorizedCatalogUuidList(UserContext.get().getUserUuid(true), authenticationInfoVo.getTeamUuidList(), authenticationInfoVo.getRoleUuidList(), CatalogChannelAuthorityAction.REPORT.getValue(), null); Map uuidKeyMap = new HashMap<>(); for (CatalogVo catalogVo : catalogList) { diff --git a/src/main/java/neatlogic/module/process/api/catalog/CatalogGetApi.java b/src/main/java/neatlogic/module/process/api/catalog/CatalogGetApi.java index 9c0e391354fda9d4ebee2c098b1ad51171b9bf72..93a9b22cd96e8fd2a6b93513575bc0002569ac81 100755 --- a/src/main/java/neatlogic/module/process/api/catalog/CatalogGetApi.java +++ b/src/main/java/neatlogic/module/process/api/catalog/CatalogGetApi.java @@ -1,23 +1,23 @@ package neatlogic.module.process.api.catalog; -import java.util.List; - +import com.alibaba.fastjson.JSONObject; import neatlogic.framework.auth.core.AuthAction; +import neatlogic.framework.common.constvalue.ApiParamType; +import neatlogic.framework.dto.AuthorityVo; import neatlogic.framework.process.auth.PROCESS_BASE; -import neatlogic.framework.restful.constvalue.OperationTypeEnum; +import neatlogic.framework.process.constvalue.CatalogChannelAuthorityAction; +import neatlogic.framework.process.dto.CatalogVo; +import neatlogic.framework.process.exception.catalog.CatalogNotFoundEditTargetException; import neatlogic.framework.restful.annotation.*; +import neatlogic.framework.restful.constvalue.OperationTypeEnum; import neatlogic.framework.restful.core.privateapi.PrivateApiComponentBase; - +import neatlogic.module.process.dao.mapper.catalog.CatalogMapper; import org.springframework.beans.factory.annotation.Autowired; import org.springframework.stereotype.Service; -import com.alibaba.fastjson.JSONObject; - -import neatlogic.framework.common.constvalue.ApiParamType; -import neatlogic.framework.dto.AuthorityVo; -import neatlogic.module.process.dao.mapper.catalog.CatalogMapper; -import neatlogic.framework.process.dto.CatalogVo; -import neatlogic.framework.process.exception.catalog.CatalogNotFoundEditTargetException; +import java.util.List; +import java.util.Objects; +import java.util.stream.Collectors; @Service @AuthAction(action = PROCESS_BASE.class) @@ -64,7 +64,11 @@ public class CatalogGetApi extends PrivateApiComponentBase { // int count = channelMapper.searchChannelCount(channelVo); // catalog.setChildrenCount(count + catalogList.size()); List authorityVoList = catalogMapper.getCatalogAuthorityListByCatalogUuid(uuid); - catalog.setAuthorityVoList(authorityVoList); +// catalog.setAuthorityVoList(authorityVoList); + List viewAuthorityVoList = authorityVoList.stream().filter(e -> Objects.equals(e.getAction(), CatalogChannelAuthorityAction.VIEW.getValue())).collect(Collectors.toList()); + catalog.setViewAuthorityList(AuthorityVo.getAuthorityList(viewAuthorityVoList)); + List reportAuthorityVoList = authorityVoList.stream().filter(e -> Objects.equals(e.getAction(), CatalogChannelAuthorityAction.REPORT.getValue())).collect(Collectors.toList()); + catalog.setReportAuthorityList(AuthorityVo.getAuthorityList(reportAuthorityVoList)); return catalog; } diff --git a/src/main/java/neatlogic/module/process/api/catalog/CatalogSaveApi.java b/src/main/java/neatlogic/module/process/api/catalog/CatalogSaveApi.java index b563bded6b0be1d789f5860b11e32f1683439660..3abf67b5d1fb6ebef8b8aedb93137f9b13102a90 100755 --- a/src/main/java/neatlogic/module/process/api/catalog/CatalogSaveApi.java +++ b/src/main/java/neatlogic/module/process/api/catalog/CatalogSaveApi.java @@ -6,6 +6,7 @@ import neatlogic.framework.dto.AuthorityVo; import neatlogic.framework.dto.FieldValidResultVo; import neatlogic.framework.lrcode.LRCodeManager; import neatlogic.framework.process.auth.CATALOG_MODIFY; +import neatlogic.framework.process.constvalue.CatalogChannelAuthorityAction; import neatlogic.module.process.dao.mapper.catalog.CatalogMapper; import neatlogic.framework.process.dto.CatalogVo; import neatlogic.framework.process.exception.catalog.CatalogNameRepeatException; @@ -41,7 +42,7 @@ public class CatalogSaveApi extends PrivateApiComponentBase { @Override public String getName() { - return "服务目录保存信息接口"; + return "nmpac.catalogsaveapi.getname"; } @Override @@ -50,22 +51,23 @@ public class CatalogSaveApi extends PrivateApiComponentBase { } @Input({ - @Param(name = "uuid", type = ApiParamType.STRING, desc = "服务目录uuid"), - @Param(name = "name", type = ApiParamType.REGEX, rule = RegexUtils.NAME, isRequired= true, maxLength = 50, desc = "服务目录名称"), - @Param(name = "parentUuid", type = ApiParamType.STRING, isRequired= true, desc = "父级uuid"), - @Param(name = "isActive", type = ApiParamType.ENUM, isRequired= true, desc = "是否激活", rule = "0,1"), - @Param(name = "icon", type = ApiParamType.STRING, isRequired= false, desc = "图标"), - @Param(name = "color", type = ApiParamType.STRING, isRequired= false, desc = "颜色"), - @Param(name = "desc", type = ApiParamType.STRING, isRequired= false, desc = "描述", maxLength = 200, xss = true), - @Param(name = "authorityList", type = ApiParamType.JSONARRAY, desc = "授权对象,可多选,格式[\"user#userUuid\",\"team#teamUuid\",\"role#roleUuid\"]") - }) + @Param(name = "uuid", type = ApiParamType.STRING, desc = "common.uuid"), + @Param(name = "name", type = ApiParamType.REGEX, rule = RegexUtils.NAME, isRequired= true, maxLength = 50, desc = "common.name"), + @Param(name = "parentUuid", type = ApiParamType.STRING, isRequired= true, desc = "common.parentUuid"), + @Param(name = "isActive", type = ApiParamType.ENUM, isRequired= true, desc = "common.isactive", rule = "0,1"), + @Param(name = "icon", type = ApiParamType.STRING, isRequired= false, desc = "common.icon"), + @Param(name = "color", type = ApiParamType.STRING, isRequired= false, desc = "common.color"), + @Param(name = "desc", type = ApiParamType.STRING, isRequired= false, desc = "common.description", maxLength = 200, xss = true), + @Param(name = "reportAuthorityList", type = ApiParamType.JSONARRAY, desc = "common.reportauthoritylist", help = "可多选,格式[\"user#userUuid\",\"team#teamUuid\",\"role#roleUuid\"]"), + @Param(name = "viewAuthorityList", type = ApiParamType.JSONARRAY, desc = "common.viewauthoritylist", help = "可多选,格式[\"user#userUuid\",\"team#teamUuid\",\"role#roleUuid\"]") + }) @Output({ - @Param(name = "uuid", type = ApiParamType.STRING, isRequired= true, desc = "服务目录uuid") + @Param(name = "uuid", type = ApiParamType.STRING, isRequired= true, desc = "common.uuid") }) - @Description(desc = "服务目录保存信息接口") + @Description(desc = "nmpac.catalogsaveapi.getname") @Override public Object myDoService(JSONObject jsonObj) throws Exception { - CatalogVo catalogVo = JSON.toJavaObject(jsonObj, CatalogVo.class); + CatalogVo catalogVo = jsonObj.toJavaObject(CatalogVo.class); //获取父级信息 String parentUuid = catalogVo.getParentUuid(); //如果parentUuid为0,则表明其目标父目录为root @@ -95,10 +97,18 @@ public class CatalogSaveApi extends PrivateApiComponentBase { catalogMapper.insertCatalog(catalogVo); } - List authorityList = catalogVo.getAuthorityVoList(); - if(CollectionUtils.isNotEmpty(authorityList)) { - for(AuthorityVo authorityVo : authorityList) { - catalogMapper.insertCatalogAuthority(authorityVo,catalogVo.getUuid()); + List reportAuthorityList = catalogVo.getReportAuthorityList(); + if (CollectionUtils.isNotEmpty(reportAuthorityList)) { + List authorityVoList = AuthorityVo.getAuthorityVoList(reportAuthorityList, CatalogChannelAuthorityAction.REPORT.getValue()); + for(AuthorityVo authorityVo : authorityVoList) { + catalogMapper.insertCatalogAuthority(authorityVo, catalogVo.getUuid()); + } + } + List viewAuthorityList = catalogVo.getViewAuthorityList(); + if (CollectionUtils.isNotEmpty(viewAuthorityList)) { + List viewAuthorityVoList = AuthorityVo.getAuthorityVoList(viewAuthorityList, CatalogChannelAuthorityAction.VIEW.getValue()); + for(AuthorityVo authorityVo : viewAuthorityVoList) { + catalogMapper.insertCatalogAuthority(authorityVo, catalogVo.getUuid()); } } return catalogVo.getUuid(); diff --git a/src/main/java/neatlogic/module/process/api/catalog/CatalogTreeSearchApi.java b/src/main/java/neatlogic/module/process/api/catalog/CatalogTreeSearchApi.java index ce22d265f16578cdfec89fc285a78655649ec33e..0d59049416dbc344400035957c07c8548b065ec6 100755 --- a/src/main/java/neatlogic/module/process/api/catalog/CatalogTreeSearchApi.java +++ b/src/main/java/neatlogic/module/process/api/catalog/CatalogTreeSearchApi.java @@ -5,6 +5,7 @@ import java.util.*; import neatlogic.framework.auth.core.AuthAction; import neatlogic.framework.dto.AuthenticationInfoVo; import neatlogic.framework.process.auth.PROCESS_BASE; +import neatlogic.framework.process.constvalue.CatalogChannelAuthorityAction; import neatlogic.framework.restful.constvalue.OperationTypeEnum; import neatlogic.framework.restful.annotation.*; import neatlogic.framework.restful.core.privateapi.PrivateApiComponentBase; @@ -68,7 +69,7 @@ public class CatalogTreeSearchApi extends PrivateApiComponentBase { AuthenticationInfoVo authenticationInfoVo = UserContext.get().getAuthenticationInfoVo(); //已授权的目录uuid - List currentUserAuthorizedCatalogUuidList = catalogMapper.getAuthorizedCatalogUuidList(UserContext.get().getUserUuid(true), authenticationInfoVo.getTeamUuidList(), authenticationInfoVo.getRoleUuidList(), null); + List currentUserAuthorizedCatalogUuidList = catalogMapper.getAuthorizedCatalogUuidList(UserContext.get().getUserUuid(true), authenticationInfoVo.getTeamUuidList(), authenticationInfoVo.getRoleUuidList(), CatalogChannelAuthorityAction.REPORT.getValue(), null); if(CollectionUtils.isEmpty(currentUserAuthorizedCatalogUuidList)) { return new ArrayList<>(); } diff --git a/src/main/java/neatlogic/module/process/api/catalog/relation/CalalogBreadcrumbApi.java b/src/main/java/neatlogic/module/process/api/catalog/relation/CalalogBreadcrumbApi.java index 6fe9f53469f1bc18ebae91ceecaa497942773b01..f3847532681779d34f0d1de94cc66e3d41157e1d 100755 --- a/src/main/java/neatlogic/module/process/api/catalog/relation/CalalogBreadcrumbApi.java +++ b/src/main/java/neatlogic/module/process/api/catalog/relation/CalalogBreadcrumbApi.java @@ -6,6 +6,7 @@ import java.util.stream.Collectors; import neatlogic.framework.auth.core.AuthAction; import neatlogic.framework.dto.AuthenticationInfoVo; import neatlogic.framework.process.auth.PROCESS_BASE; +import neatlogic.framework.process.constvalue.CatalogChannelAuthorityAction; import neatlogic.module.process.dao.mapper.catalog.ChannelTypeMapper; import org.apache.commons.collections4.CollectionUtils; import org.apache.commons.collections4.ListUtils; @@ -143,7 +144,7 @@ public class CalalogBreadcrumbApi extends PrivateApiComponentBase { catalogList.add(catalog); } //已授权的目录uuid - List currentUserAuthorizedCatalogUuidList = catalogMapper.getAuthorizedCatalogUuidList(UserContext.get().getUserUuid(true), authenticationInfoVo.getTeamUuidList(), authenticationInfoVo.getRoleUuidList(), null); + List currentUserAuthorizedCatalogUuidList = catalogMapper.getAuthorizedCatalogUuidList(UserContext.get().getUserUuid(true), authenticationInfoVo.getTeamUuidList(), authenticationInfoVo.getRoleUuidList(), CatalogChannelAuthorityAction.REPORT.getValue(), null); /** 2021-10-11 开晚会时确认用户个人设置任务授权不包括服务上报权限 **/ // if(StringUtils.isNotBlank(agentUuid)){ // AuthenticationInfoVo agentAuthenticationInfoVo = authenticationInfoService.getAuthenticationInfo(agentUuid); diff --git a/src/main/java/neatlogic/module/process/api/catalog/relation/CatalogTreeApi.java b/src/main/java/neatlogic/module/process/api/catalog/relation/CatalogTreeApi.java index fe35e4813846479707f5319f81729314fff6b274..8bff3e8e7b81792a14be7b654d1e659c7c7404a1 100755 --- a/src/main/java/neatlogic/module/process/api/catalog/relation/CatalogTreeApi.java +++ b/src/main/java/neatlogic/module/process/api/catalog/relation/CatalogTreeApi.java @@ -5,6 +5,7 @@ import java.util.*; import neatlogic.framework.auth.core.AuthAction; import neatlogic.framework.dto.AuthenticationInfoVo; import neatlogic.framework.process.auth.PROCESS_BASE; +import neatlogic.framework.process.constvalue.CatalogChannelAuthorityAction; import neatlogic.module.process.dao.mapper.catalog.ChannelTypeMapper; import neatlogic.framework.restful.constvalue.OperationTypeEnum; import neatlogic.framework.restful.annotation.*; @@ -87,7 +88,7 @@ public class CatalogTreeApi extends PrivateApiComponentBase { if(CollectionUtils.isNotEmpty(channelRelationTargetChannelUuidList)) { AuthenticationInfoVo authenticationInfoVo = UserContext.get().getAuthenticationInfoVo(); //已授权的目录uuid - List currentUserAuthorizedCatalogUuidList = catalogMapper.getAuthorizedCatalogUuidList(UserContext.get().getUserUuid(true), authenticationInfoVo.getTeamUuidList(), authenticationInfoVo.getRoleUuidList(), null); + List currentUserAuthorizedCatalogUuidList = catalogMapper.getAuthorizedCatalogUuidList(UserContext.get().getUserUuid(true), authenticationInfoVo.getTeamUuidList(), authenticationInfoVo.getRoleUuidList(), CatalogChannelAuthorityAction.REPORT.getValue(), null); /** 2021-10-11 开晚会时确认用户个人设置任务授权不包括服务上报权限 **/ // String agentUuid = userMapper.getUserUuidByAgentUuidAndFunc(UserContext.get().getUserUuid(true), "processtask"); // if(StringUtils.isNotBlank(agentUuid)){ diff --git a/src/main/java/neatlogic/module/process/api/process/ProcessReferenceListApi.java b/src/main/java/neatlogic/module/process/api/process/ProcessReferenceListApi.java index fd8b9a370fee2f26c37ccab21e2ea67f496066ad..0b0c1c01db813ad81cf6171b4edf0ead61803422 100644 --- a/src/main/java/neatlogic/module/process/api/process/ProcessReferenceListApi.java +++ b/src/main/java/neatlogic/module/process/api/process/ProcessReferenceListApi.java @@ -5,6 +5,7 @@ import neatlogic.framework.asynchronization.threadlocal.UserContext; import neatlogic.framework.auth.core.AuthAction; import neatlogic.framework.common.constvalue.ApiParamType; import neatlogic.framework.process.auth.PROCESS_BASE; +import neatlogic.framework.process.constvalue.CatalogChannelAuthorityAction; import neatlogic.framework.process.dto.ChannelTypeVo; import neatlogic.framework.process.dto.ChannelVo; import neatlogic.framework.restful.annotation.*; @@ -44,7 +45,7 @@ public class ProcessReferenceListApi extends PrivateApiComponentBase { @Override public String getName() { - return "流程引用列表接口"; + return "nmpap.processreferencelistapi.getname"; } @Override @@ -53,12 +54,12 @@ public class ProcessReferenceListApi extends PrivateApiComponentBase { } @Input({ - @Param(name = "processUuid", type = ApiParamType.STRING, isRequired = true, desc = "流程uuid") + @Param(name = "processUuid", type = ApiParamType.STRING, isRequired = true, desc = "term.itsm.processuuid") }) @Output({ - @Param(name = "channelList", explode = ChannelVo[].class, desc = "流程引用列表") + @Param(name = "channelList", explode = ChannelVo[].class, desc = "common.tbodylist") }) - @Description(desc = "流程引用列表接口") + @Description(desc = "nmpap.processreferencelistapi.getname") @Override public Object myDoService(JSONObject jsonObj) throws Exception { JSONObject resultObj = new JSONObject(); @@ -70,7 +71,7 @@ public class ProcessReferenceListApi extends PrivateApiComponentBase { for(ChannelVo channelVo : channelVoList){ ChannelTypeVo channelTypeVo = channelTypeMapper.getChannelTypeByUuid(channelVo.getChannelTypeUuid()); channelVo.setChannelTypeVo(channelTypeVo.clone()); - boolean effectiveAuthority = catalogService.channelIsAuthority(channelVo.getUuid(), UserContext.get().getUserUuid(true)); + boolean effectiveAuthority = catalogService.channelIsAuthority(channelVo.getUuid(), UserContext.get().getUserUuid(true), CatalogChannelAuthorityAction.REPORT); channelVo.setEffectiveAuthority(effectiveAuthority); channelVo.setParentUuid(null); channelVo.setChannelTypeUuid(null); diff --git a/src/main/java/neatlogic/module/process/api/processtask/ProcessTaskDraftGetApi.java b/src/main/java/neatlogic/module/process/api/processtask/ProcessTaskDraftGetApi.java index 86a1bf77ba22d824dd6c29479d4e8fc472bff78a..7878fea8d3a6953d2d57dfb84bd2e55bf20957e3 100644 --- a/src/main/java/neatlogic/module/process/api/processtask/ProcessTaskDraftGetApi.java +++ b/src/main/java/neatlogic/module/process/api/processtask/ProcessTaskDraftGetApi.java @@ -28,6 +28,7 @@ import neatlogic.framework.exception.type.PermissionDeniedException; import neatlogic.framework.form.dto.FormAttributeVo; import neatlogic.framework.form.dto.FormVersionVo; import neatlogic.framework.process.auth.PROCESS_BASE; +import neatlogic.framework.process.constvalue.CatalogChannelAuthorityAction; import neatlogic.framework.process.constvalue.ProcessTaskOperationType; import neatlogic.framework.process.dto.*; import neatlogic.framework.process.exception.channel.ChannelNotFoundEditTargetException; @@ -156,7 +157,7 @@ public class ProcessTaskDraftGetApi extends PrivateApiComponentBase { throw new ChannelNotFoundEditTargetException(channelUuid); } /* 判断当前用户是否拥有channelUuid服务的上报权限 */ - if (!catalogService.channelIsAuthority(channelUuid, UserContext.get().getUserUuid(true))) { + if (!catalogService.channelIsAuthority(channelUuid, UserContext.get().getUserUuid(true), CatalogChannelAuthorityAction.REPORT)) { throw new PermissionDeniedException(); } Long fromProcessTaskStepId = jsonObj.getLong("fromProcessTaskStepId"); diff --git a/src/main/java/neatlogic/module/process/dao/mapper/catalog/CatalogMapper.java b/src/main/java/neatlogic/module/process/dao/mapper/catalog/CatalogMapper.java index ede9876538608501a41255b45b0c5c17672878a4..e9d61b2fdcfb780babfbe09974dd7c2c5c985993 100644 --- a/src/main/java/neatlogic/module/process/dao/mapper/catalog/CatalogMapper.java +++ b/src/main/java/neatlogic/module/process/dao/mapper/catalog/CatalogMapper.java @@ -44,6 +44,7 @@ public interface CatalogMapper extends ICatalogCrossoverMapper { @Param("userUuid")String userUuid, @Param("teamUuidList")List teamUuidList, @Param("roleUuidList")List roleUuidList, + @Param("action") String action, @Param("catalogUuid") String catalogUuid ); @@ -51,7 +52,9 @@ public interface CatalogMapper extends ICatalogCrossoverMapper { @Param("userUuid")String userUuid, @Param("teamUuidList")List teamUuidList, @Param("roleUuidList")List roleUuidList, - @Param("catalogUuidList") List catalogUuid + @Param("action") String action, + @Param("isActive") Integer isActive, + @Param("catalogUuidList") List catalogUuidList ); // String getCatalogLockByUuid(String uuid); @@ -85,6 +88,7 @@ public interface CatalogMapper extends ICatalogCrossoverMapper { @Param("userUuid")String userUuid, @Param("teamUuidList")List teamUuidList, @Param("roleUuidList")List roleUuidList, + @Param("action") String action, @Param("parentUuid") String parentUuid, @Param("uuid") String uuid ); diff --git a/src/main/java/neatlogic/module/process/dao/mapper/catalog/CatalogMapper.xml b/src/main/java/neatlogic/module/process/dao/mapper/catalog/CatalogMapper.xml index 1bfd73ebc1299e6e0309421a4afae7cc253c7cf8..e2f3838aa6430d2caa0e09801e62e9f97497248d 100644 --- a/src/main/java/neatlogic/module/process/dao/mapper/catalog/CatalogMapper.xml +++ b/src/main/java/neatlogic/module/process/dao/mapper/catalog/CatalogMapper.xml @@ -103,7 +103,8 @@ SELECT `catalog_uuid` AS catalogUuid, `type`, - `uuid` + `uuid`, + `action` FROM `catalog_authority` WHERE `catalog_uuid` = #{catalogUuid} @@ -113,30 +114,32 @@ DISTINCT `catalog_uuid` FROM `catalog_authority` + + AND `action` = #{action} + - `catalog_uuid` = #{catalogUuid} AND ( + AND `catalog_uuid` = #{catalogUuid} - (type = 'common' AND `uuid` = 'alluser') + AND ( + (`type` = 'common' AND `uuid` = 'alluser') - OR (type = 'user' AND `uuid` = #{userUuid}) + OR (`type` = 'user' AND `uuid` = #{userUuid}) - OR (type = 'team' AND `uuid` IN + OR (`type` = 'team' AND `uuid` IN #{teamUuid} ) - OR (type = 'role' AND `uuid` IN + OR (`type` = 'role' AND `uuid` IN #{roleUuid} ) - - ) - + ) @@ -144,25 +147,31 @@ SELECT DISTINCT a.`catalog_uuid` FROM `catalog_authority` a - JOIN `catalog` b ON b.`uuid` = a.`catalog_uuid` AND b.`is_active` = 1 + JOIN `catalog` b ON b.`uuid` = a.`catalog_uuid` WHERE a.`catalog_uuid` IN #{catalogUuid} + + AND b.`is_active` = #{isActive} + + + AND a.`action` = #{action} + AND ( - (type = 'common' AND a.`uuid` = 'alluser') + (a.type = 'common' AND a.`uuid` = 'alluser') - OR (type = 'user' AND a.`uuid` = #{userUuid}) + OR (a.type = 'user' AND a.`uuid` = #{userUuid}) - OR (type = 'team' AND a.`uuid` IN + OR (a.type = 'team' AND a.`uuid` IN #{teamUuid} ) - OR (type = 'role' AND a.`uuid` IN + OR (a.type = 'role' AND a.`uuid` IN #{roleUuid} @@ -253,6 +262,9 @@ JOIN `catalog` b ON a.`catalog_uuid` = b.`uuid` b.`is_active` =1 + + AND `action` = #{action} + and ((a.type = 'common' AND a.`uuid` = 'alluser') OR (a.type = 'user' AND a.`uuid` = #{userUuid}) @@ -354,13 +366,15 @@ INSERT INTO `catalog_authority` ( `catalog_uuid`, `type`, - `uuid` + `uuid`, + `action` ) VALUES ( #{catalogUuid}, #{authorityVo.type}, - #{authorityVo.uuid} + #{authorityVo.uuid}, + #{authorityVo.action} ) diff --git a/src/main/java/neatlogic/module/process/file/ProcessFileHandler.java b/src/main/java/neatlogic/module/process/file/ProcessFileHandler.java index 53a284008bc218e57b455f35e42c7226f4f8f750..d84ced7e79390a53be1378776200facdc7c7ad8a 100644 --- a/src/main/java/neatlogic/module/process/file/ProcessFileHandler.java +++ b/src/main/java/neatlogic/module/process/file/ProcessFileHandler.java @@ -21,6 +21,7 @@ import neatlogic.framework.asynchronization.threadlocal.UserContext; import neatlogic.framework.crossover.CrossoverServiceFactory; import neatlogic.framework.file.core.FileTypeHandlerBase; import neatlogic.framework.file.dto.FileVo; +import neatlogic.framework.process.constvalue.CatalogChannelAuthorityAction; import neatlogic.framework.process.crossover.ICatalogCrossoverService; import neatlogic.module.process.dao.mapper.processtask.ProcessTaskMapper; import neatlogic.framework.process.dto.ProcessTaskVo; @@ -48,7 +49,7 @@ public class ProcessFileHandler extends FileTypeHandlerBase { List processTaskVoList = processTaskMapper.getProcessTaskStepVoListByFileId(fileId); if (CollectionUtils.isNotEmpty(processTaskVoList)) { ICatalogCrossoverService iCatalogCrossoverService = CrossoverServiceFactory.getApi(ICatalogCrossoverService.class); - if (iCatalogCrossoverService.channelIsAuthority(processTaskVoList.get(0).getChannelUuid(), userUuid)) { + if (iCatalogCrossoverService.channelIsAuthority(processTaskVoList.get(0).getChannelUuid(), userUuid, CatalogChannelAuthorityAction.VIEW)) { return true; } return processTaskService.getProcessFileHasDownloadAuthWithFileIdAndProcessTaskIdList(fileVo.getId(), processTaskVoList.stream().map(ProcessTaskVo::getId).collect(Collectors.toList())); diff --git a/src/main/java/neatlogic/module/process/operationauth/handler/TaskOperateHandler.java b/src/main/java/neatlogic/module/process/operationauth/handler/TaskOperateHandler.java index 98dc893572542547f4a3151ee75b7256fa5233ed..5c8840a2f2ad4083c14e31e8e95cb77825b1ec8e 100644 --- a/src/main/java/neatlogic/module/process/operationauth/handler/TaskOperateHandler.java +++ b/src/main/java/neatlogic/module/process/operationauth/handler/TaskOperateHandler.java @@ -90,12 +90,12 @@ public class TaskOperateHandler extends OperationAuthHandlerBase { return true; } //5.判断当前用户是否有工单对应服务的上报权限,如果没有,则提示“您没有【xxx】服务的上报权限”; - if (catalogService.channelIsAuthority(processTaskVo.getChannelUuid(), userUuid)) { + if (catalogService.channelIsAuthority(processTaskVo.getChannelUuid(), userUuid, CatalogChannelAuthorityAction.VIEW)) { return true; } ChannelVo channelVo = channelMapper.getChannelByUuid(processTaskVo.getChannelUuid()); operationTypePermissionDeniedExceptionMap.computeIfAbsent(id, key -> new HashMap<>()) - .put(operationType, new ProcessTaskNotChannelReportException(channelVo.getName())); + .put(operationType, new ProcessTaskNotChannelViewException(channelVo.getName())); return false; }); /** @@ -627,7 +627,7 @@ public class TaskOperateHandler extends OperationAuthHandlerBase { return true; } //2.判断当前用户是否有工单对应服务的上报权限,如果没有,则提示“您没有【xxx】服务的上报权限”; - if (catalogService.channelIsAuthority(processTaskVo.getChannelUuid(), userUuid)) { + if (catalogService.channelIsAuthority(processTaskVo.getChannelUuid(), userUuid, CatalogChannelAuthorityAction.REPORT)) { return true; } ChannelVo channelVo = channelMapper.getChannelByUuid(processTaskVo.getChannelUuid()); diff --git a/src/main/java/neatlogic/module/process/service/CatalogService.java b/src/main/java/neatlogic/module/process/service/CatalogService.java index 3cb5ed69ec113a680fc74458b55a287f042ea784..e4a4d1a95c744acc122b13f556d5119722b93e03 100755 --- a/src/main/java/neatlogic/module/process/service/CatalogService.java +++ b/src/main/java/neatlogic/module/process/service/CatalogService.java @@ -1,6 +1,7 @@ package neatlogic.module.process.service; import com.alibaba.fastjson.JSONObject; +import neatlogic.framework.process.constvalue.CatalogChannelAuthorityAction; import neatlogic.framework.process.dto.CatalogVo; import java.util.List; @@ -21,10 +22,11 @@ public interface CatalogService { /** * @param channelUuid 通道uuid * @param userUuid 用户uuid + * @param action 授权类型 * @return 是否合法 * @Description: 判断当前用户是否有channelUuid服务的上报权限,根据服务是否激活,服务是否授权,服务的所有上级目录是否都授权来判断 */ - boolean channelIsAuthority(String channelUuid, String userUuid); + boolean channelIsAuthority(String channelUuid, String userUuid, CatalogChannelAuthorityAction action); /** * 获取服务目录底下的服务目录&&服务 diff --git a/src/main/java/neatlogic/module/process/service/CatalogServiceImpl.java b/src/main/java/neatlogic/module/process/service/CatalogServiceImpl.java index 10a4a689e799de28de8adbb2f66ffe8d2c14f991..f48f20a55bd43c49206c382421b879905cce8750 100644 --- a/src/main/java/neatlogic/module/process/service/CatalogServiceImpl.java +++ b/src/main/java/neatlogic/module/process/service/CatalogServiceImpl.java @@ -6,6 +6,7 @@ import com.alibaba.fastjson.JSONObject; import neatlogic.framework.asynchronization.threadlocal.UserContext; import neatlogic.framework.common.constvalue.DeviceType; import neatlogic.framework.dto.AuthenticationInfoVo; +import neatlogic.framework.process.constvalue.CatalogChannelAuthorityAction; import neatlogic.framework.process.crossover.ICatalogCrossoverService; import neatlogic.framework.process.dto.CatalogVo; import neatlogic.framework.process.dto.ChannelRelationVo; @@ -63,7 +64,7 @@ public class CatalogServiceImpl implements CatalogService, ICatalogCrossoverServ List resultList = new ArrayList<>(); AuthenticationInfoVo authenticationInfoVo = UserContext.get().getAuthenticationInfoVo(); /* 查出当前用户所有已授权的目录uuid集合 **/ - List currentUserAuthorizedCatalogUuidList = catalogMapper.getAuthorizedCatalogUuidList(UserContext.get().getUserUuid(true), authenticationInfoVo.getTeamUuidList(), authenticationInfoVo.getRoleUuidList(), null); + List currentUserAuthorizedCatalogUuidList = catalogMapper.getAuthorizedCatalogUuidList(UserContext.get().getUserUuid(true), authenticationInfoVo.getTeamUuidList(), authenticationInfoVo.getRoleUuidList(), CatalogChannelAuthorityAction.REPORT.getValue(), null); if (CollectionUtils.isNotEmpty(currentUserAuthorizedCatalogUuidList)) { /* 查出当前用户所有已授权的服务uuid集合 **/ List currentUserAuthorizedChannelUuidList = channelMapper.getAuthorizedChannelUuidList(UserContext.get().getUserUuid(true), authenticationInfoVo.getTeamUuidList(), authenticationInfoVo.getRoleUuidList(), null); @@ -112,7 +113,7 @@ public class CatalogServiceImpl implements CatalogService, ICatalogCrossoverServ } @Override - public boolean channelIsAuthority(String channelUuid, String userUuid) { + public boolean channelIsAuthority(String channelUuid, String userUuid, CatalogChannelAuthorityAction action) { AuthenticationInfoVo authenticationInfoVo = authenticationInfoService.getAuthenticationInfo(userUuid); /* 查出当前用户所有已授权的服务uuid集合 **/ List channelUuidList = channelMapper.getActiveAuthorizedChannelUuidList(userUuid, authenticationInfoVo.getTeamUuidList(), authenticationInfoVo.getRoleUuidList(), channelUuid); @@ -126,17 +127,21 @@ public class CatalogServiceImpl implements CatalogService, ICatalogCrossoverServ if (catalogVo == null) { return false; } + Integer isActive = null; + if (action == CatalogChannelAuthorityAction.REPORT) { + isActive = 1; + } List catalogUuidList = new ArrayList<>(); List ancestorsAndSelfList = catalogMapper.getAncestorsAndSelfByLftRht(catalogVo.getLft(), catalogVo.getRht()); for (CatalogVo catalog : ancestorsAndSelfList) { - if (Objects.equals(catalog.getIsActive(), 0)) { + if (isActive != null && !Objects.equals(catalog.getIsActive(), isActive)) { return false; } catalogUuidList.add(catalog.getUuid()); } if (CollectionUtils.isNotEmpty(catalogUuidList)) { /* 查出当前用户所有已授权的目录uuid集合 **/ - List currentUserAuthorizedCatalogUuidList = catalogMapper.getAuthorizedCatalogUuidListByCatalogUuidList(userUuid, authenticationInfoVo.getTeamUuidList(), authenticationInfoVo.getRoleUuidList(), catalogUuidList); + List currentUserAuthorizedCatalogUuidList = catalogMapper.getAuthorizedCatalogUuidListByCatalogUuidList(userUuid, authenticationInfoVo.getTeamUuidList(), authenticationInfoVo.getRoleUuidList(), action.getValue(), isActive, catalogUuidList); catalogUuidList.removeAll(currentUserAuthorizedCatalogUuidList); return CollectionUtils.isEmpty(catalogUuidList); } @@ -171,6 +176,7 @@ public class CatalogServiceImpl implements CatalogService, ICatalogCrossoverServ List catalogList = catalogMapper.getAuthorizedCatalogList( UserContext.get().getUserUuid(), authenticationInfoVo.getTeamUuidList(), authenticationInfoVo.getRoleUuidList(), + CatalogChannelAuthorityAction.REPORT.getValue(), catalogUuid, null); for (CatalogVo catalogVo : catalogList) { @@ -213,6 +219,7 @@ public class CatalogServiceImpl implements CatalogService, ICatalogCrossoverServ List catalogList = catalogMapper.getAuthorizedCatalogList( UserContext.get().getUserUuid(), authenticationInfoVo.getTeamUuidList(), authenticationInfoVo.getRoleUuidList(), + CatalogChannelAuthorityAction.REPORT.getValue(), catalog.getUuid(), null); for (CatalogVo catalogVo : catalogList) { diff --git a/src/main/java/neatlogic/module/process/service/ProcessTaskServiceImpl.java b/src/main/java/neatlogic/module/process/service/ProcessTaskServiceImpl.java index 8540503e5f49326b45bc0d64d8eebcb1d2e557fb..843acd476cb572f4af224dbebe7523e3ee220375 100644 --- a/src/main/java/neatlogic/module/process/service/ProcessTaskServiceImpl.java +++ b/src/main/java/neatlogic/module/process/service/ProcessTaskServiceImpl.java @@ -1557,6 +1557,9 @@ public class ProcessTaskServiceImpl implements ProcessTaskService, IProcessTaskC if (StringUtils.isNotBlank(processTaskVo.getReporter())) { receiverMap.computeIfAbsent(ProcessUserType.REPORTER.getValue(), k -> new ArrayList<>()) .add(new NotifyReceiverVo(GroupSearch.USER.getValue(), processTaskVo.getReporter())); + } else if (StringUtils.isNotBlank(processTaskVo.getOwner())) { + receiverMap.computeIfAbsent(ProcessUserType.REPORTER.getValue(), k -> new ArrayList<>()) + .add(new NotifyReceiverVo(GroupSearch.USER.getValue(), processTaskVo.getOwner())); } } ProcessTaskStepUserVo processTaskStepUser = new ProcessTaskStepUserVo(); @@ -2593,7 +2596,7 @@ public class ProcessTaskServiceImpl implements ProcessTaskService, IProcessTaskC } } else { /* 判断当前用户是否拥有channelUuid服务的上报权限 **/ - if (!catalogService.channelIsAuthority(channelUuid, UserContext.get().getUserUuid(true))) { + if (!catalogService.channelIsAuthority(channelUuid, UserContext.get().getUserUuid(true), CatalogChannelAuthorityAction.REPORT)) { throw new PermissionDeniedException(); } startProcessTaskStepVo = new ProcessTaskStepVo(); diff --git a/src/main/resources/neatlogic/resources/process/changelog/2024-07-18/neatlogic_tenant.sql b/src/main/resources/neatlogic/resources/process/changelog/2024-07-18/neatlogic_tenant.sql new file mode 100644 index 0000000000000000000000000000000000000000..6a4ec31f50d4225a10577849791c43de59b3ea3b --- /dev/null +++ b/src/main/resources/neatlogic/resources/process/changelog/2024-07-18/neatlogic_tenant.sql @@ -0,0 +1,4 @@ +ALTER TABLE `catalog_authority` + ADD COLUMN `action` ENUM('report','view') NOT NULL COMMENT '授权类型' AFTER `uuid`, + DROP PRIMARY KEY, + ADD PRIMARY KEY (`catalog_uuid`, `type`, `uuid`, `action`); \ No newline at end of file diff --git a/src/main/resources/neatlogic/resources/process/changelog/2024-07-18/version.json b/src/main/resources/neatlogic/resources/process/changelog/2024-07-18/version.json new file mode 100644 index 0000000000000000000000000000000000000000..33894e4598699dc95db3b8d7b105728cbc5bb8f7 --- /dev/null +++ b/src/main/resources/neatlogic/resources/process/changelog/2024-07-18/version.json @@ -0,0 +1,10 @@ +{ + "content":[ + { + "type":"新增功能", + "detail":[ + {"msg":"1.工单查看权限-服务目录"} + ] + } + ] +} diff --git a/src/main/resources/neatlogic/resources/process/sqlscript/ddl.sql b/src/main/resources/neatlogic/resources/process/sqlscript/ddl.sql index 55a4faa3a955702e7f79e7e033a83f49a9ceee8e..d045a8c1272758f504e817ef102cd75165bbf3f6 100644 --- a/src/main/resources/neatlogic/resources/process/sqlscript/ddl.sql +++ b/src/main/resources/neatlogic/resources/process/sqlscript/ddl.sql @@ -21,7 +21,8 @@ CREATE TABLE IF NOT EXISTS `catalog_authority` ( `catalog_uuid` varchar(50) CHARACTER SET utf8mb4 COLLATE utf8mb4_general_ci NOT NULL COMMENT '目录uuid', `type` enum('common','user','team','role') CHARACTER SET utf8mb4 COLLATE utf8mb4_general_ci NOT NULL COMMENT '类型', `uuid` varchar(50) CHARACTER SET utf8mb4 COLLATE utf8mb4_general_ci NOT NULL COMMENT 'uuid', - PRIMARY KEY (`catalog_uuid`, `type`, `uuid`) USING BTREE, + `action` enum('report','view') COLLATE utf8mb4_general_ci NOT NULL COMMENT '授权类型', + PRIMARY KEY (`catalog_uuid`, `type`, `uuid`,`action`) USING BTREE, INDEX `idx_uuid`(`uuid`) USING BTREE, INDEX `idx_catalog_uuid`(`catalog_uuid`) USING BTREE ) ENGINE = InnoDB CHARACTER SET = utf8mb4 COLLATE = utf8mb4_general_ci COMMENT = '目录授权表';