From f88b632ad5e4242861062da28cde74918e520fd1 Mon Sep 17 00:00:00 2001
From: "1437892690@qq.com" <1437892690@qq.com>
Date: Mon, 12 May 2025 19:48:06 +0800
Subject: [PATCH 1/2] =?UTF-8?q?[=E4=BF=AE=E5=A4=8D]=20=E7=94=A8=E6=88=B7?=
=?UTF-8?q?=E6=8E=88=E6=9D=83=E9=A1=B5=E6=9D=83=E9=99=90=E5=9B=9E=E6=98=BE?=
=?UTF-8?q?=E4=B8=8D=E6=AD=A3=E7=A1=AE?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit
关联 #[1417283535077376]用户授权页权限回显不正确 http://192.168.0.96:8090/demo/rdm.html#/bug-detail/939050947543040/939050947543057/1417283535077376
---
.../tenant/api/user/UserAuthSearchApi.java | 63 ++++++--
.../tenant/api/user/UserGetForEditApi.java | 137 ++++++++++++++++++
2 files changed, 191 insertions(+), 9 deletions(-)
create mode 100644 src/main/java/neatlogic/module/tenant/api/user/UserGetForEditApi.java
diff --git a/src/main/java/neatlogic/module/tenant/api/user/UserAuthSearchApi.java b/src/main/java/neatlogic/module/tenant/api/user/UserAuthSearchApi.java
index 20e46463..678eebfd 100644
--- a/src/main/java/neatlogic/module/tenant/api/user/UserAuthSearchApi.java
+++ b/src/main/java/neatlogic/module/tenant/api/user/UserAuthSearchApi.java
@@ -15,32 +15,43 @@ along with this program. If not, see .*/
package neatlogic.module.tenant.api.user;
-import neatlogic.framework.auth.core.AuthAction;
+import com.alibaba.fastjson.JSONArray;
+import com.alibaba.fastjson.JSONObject;
import neatlogic.framework.common.constvalue.ApiParamType;
+import neatlogic.framework.dao.mapper.RoleMapper;
+import neatlogic.framework.dao.mapper.TeamMapper;
import neatlogic.framework.dao.mapper.UserMapper;
import neatlogic.framework.dto.RoleAuthVo;
+import neatlogic.framework.dto.RoleVo;
+import neatlogic.framework.dto.TeamVo;
import neatlogic.framework.dto.UserAuthVo;
-import neatlogic.framework.restful.constvalue.OperationTypeEnum;
import neatlogic.framework.restful.annotation.*;
+import neatlogic.framework.restful.constvalue.OperationTypeEnum;
import neatlogic.framework.restful.core.privateapi.PrivateApiComponentBase;
-
-import com.alibaba.fastjson.JSONArray;
-import com.alibaba.fastjson.JSONObject;
-import org.springframework.beans.factory.annotation.Autowired;
+import org.apache.commons.collections4.CollectionUtils;
import org.springframework.stereotype.Service;
+import javax.annotation.Resource;
+import java.util.ArrayList;
import java.util.HashMap;
import java.util.List;
import java.util.Map;
+import java.util.stream.Collectors;
@Service
@OperationType(type = OperationTypeEnum.SEARCH)
public class UserAuthSearchApi extends PrivateApiComponentBase {
- @Autowired
+ @Resource
private UserMapper userMapper;
+ @Resource
+ private TeamMapper teamMapper;
+
+ @Resource
+ private RoleMapper roleMapper;
+
@Override
public String getToken() {
return "user/auth/search";
@@ -75,7 +86,7 @@ public class UserAuthSearchApi extends PrivateApiComponentBase {
JSONObject userRoleAuthObj = new JSONObject();
- if (userRoleAuthList != null && userRoleAuthList.size() > 0) {
+ if (CollectionUtils.isNotEmpty(userRoleAuthList)) {
for (RoleAuthVo roleAuth : userRoleAuthList) {
if (userRoleAuthMap.containsKey(roleAuth.getAuth())){
if (roleAuth.getAuthGroup().equals(userRoleAuthMap.get(roleAuth.getAuth()))){
@@ -94,8 +105,42 @@ public class UserAuthSearchApi extends PrivateApiComponentBase {
}
}
+ List teamUuidList = new ArrayList<>();
+ List teamRoleList = new ArrayList<>();
+ List teamList = teamMapper.getTeamListByUserUuid(userUuid);
+ for (TeamVo teamVo : teamList) {
+ teamUuidList.add(teamVo.getUuid());
+ List list = roleMapper.getParentTeamRoleListWithCheckedChildrenByTeam(teamVo);
+ teamRoleList.addAll(list);
+ }
+ if (CollectionUtils.isNotEmpty(teamUuidList)) {
+ List list = roleMapper.getRoleListWithTeamByTeamUuidList(teamUuidList);
+ teamRoleList.addAll(list);
+ }
+ if (CollectionUtils.isNotEmpty(teamRoleList)) {
+ List roleUuidList = teamRoleList.stream().map(RoleVo::getUuid).collect(Collectors.toList());
+ List teamRoleAuthList = roleMapper.searchRoleAuthByRoleUuidList(roleUuidList);
+ if (CollectionUtils.isNotEmpty(teamRoleAuthList)) {
+ for (RoleAuthVo roleAuth : teamRoleAuthList) {
+ if (userRoleAuthMap.containsKey(roleAuth.getAuth())){
+ if (roleAuth.getAuthGroup().equals(userRoleAuthMap.get(roleAuth.getAuth()))){
+ continue;
+ }
+ }
+ userRoleAuthMap.put(roleAuth.getAuth(), roleAuth.getAuthGroup());
+ if (userRoleAuthObj.containsKey(roleAuth.getAuthGroup())){
+ JSONArray authArray = userRoleAuthObj.getJSONArray(roleAuth.getAuthGroup());
+ authArray.add(roleAuth.getAuth());
+ }else {
+ JSONArray authArray = new JSONArray();
+ authArray.add(roleAuth.getAuth());
+ userRoleAuthObj.put(roleAuth.getAuthGroup(), authArray);
+ }
+ }
+ }
+ }
JSONObject userAuthObj = new JSONObject();
- if (userAuthList != null && userAuthList.size() > 0) {
+ if (CollectionUtils.isNotEmpty(userAuthList)) {
for (UserAuthVo authVo : userAuthList) {
boolean sameAuth = userRoleAuthMap.containsKey(authVo.getAuth());
boolean sameGroup = false;
diff --git a/src/main/java/neatlogic/module/tenant/api/user/UserGetForEditApi.java b/src/main/java/neatlogic/module/tenant/api/user/UserGetForEditApi.java
new file mode 100644
index 00000000..c90ef844
--- /dev/null
+++ b/src/main/java/neatlogic/module/tenant/api/user/UserGetForEditApi.java
@@ -0,0 +1,137 @@
+/*Copyright (C) 2024 深圳极向量科技有限公司 All Rights Reserved.
+
+This program is free software: you can redistribute it and/or modify
+it under the terms of the GNU Affero General Public License as published by
+the Free Software Foundation, either version 3 of the License, or
+(at your option) any later version.
+
+This program is distributed in the hope that it will be useful,
+but WITHOUT ANY WARRANTY; without even the implied warranty of
+MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+GNU Affero General Public License for more details.
+
+You should have received a copy of the GNU Affero General Public License
+along with this program. If not, see .*/
+
+package neatlogic.module.tenant.api.user;
+
+import com.alibaba.fastjson.JSONObject;
+import neatlogic.framework.common.constvalue.ApiParamType;
+import neatlogic.framework.common.constvalue.GroupSearch;
+import neatlogic.framework.dao.mapper.RoleMapper;
+import neatlogic.framework.dao.mapper.TeamMapper;
+import neatlogic.framework.dao.mapper.UserMapper;
+import neatlogic.framework.dto.RoleVo;
+import neatlogic.framework.dto.TeamVo;
+import neatlogic.framework.dto.UserVo;
+import neatlogic.framework.exception.user.UserNotFoundException;
+import neatlogic.framework.restful.annotation.*;
+import neatlogic.framework.restful.constvalue.OperationTypeEnum;
+import neatlogic.framework.restful.core.privateapi.PrivateApiComponentBase;
+import org.apache.commons.collections4.CollectionUtils;
+import org.springframework.stereotype.Service;
+
+import javax.annotation.Resource;
+import java.util.ArrayList;
+import java.util.HashMap;
+import java.util.List;
+import java.util.Map;
+
+@Service
+
+@OperationType(type = OperationTypeEnum.SEARCH)
+public class UserGetForEditApi extends PrivateApiComponentBase {
+
+ @Resource
+ private UserMapper userMapper;
+
+ @Resource
+ private TeamMapper teamMapper;
+
+ @Resource
+ private RoleMapper roleMapper;
+
+ @Override
+ public String getToken() {
+ return "user/get/foredit";
+ }
+
+ @Override
+ public String getName() {
+ return "获取用户信息(编辑页面回显专用)";
+ }
+
+ @Override
+ public String getConfig() {
+ return null;
+ }
+
+ @Input({
+ @Param(name = "userUuid", type = ApiParamType.STRING, isRequired = true, desc = "common.useruuid")
+ })
+ @Output({
+ @Param(name = "Return", explode = UserVo.class, desc = "nmtau.usergetapi.output.param.desc.user")
+ })
+ @Description(desc = "获取用户信息(编辑页面回显专用)")
+ @Override
+ public Object myDoService(JSONObject jsonObj) throws Exception {
+ String userUuid = jsonObj.getString("userUuid");
+ UserVo userVo = userMapper.getUserByUuid(userUuid);
+ if (userVo == null) {
+ throw new UserNotFoundException(userUuid);
+ }
+ JSONObject userObj = new JSONObject();
+ userObj.put("id", userVo.getId());
+ userObj.put("uuid", userVo.getUuid());
+ userObj.put("userId", userVo.getUserId());
+ userObj.put("userName", userVo.getUserName());
+ userObj.put("vipLevel", userVo.getVipLevel());
+ userObj.put("email", userVo.getEmail());
+ userObj.put("phone", userVo.getPhone());
+ userObj.put("isActive", userVo.getIsActive());
+ /**
+ * 补充分组角色信息,以用户的a分组为例
+ * 1、根据a分组的父节点(需要穿透)找到roleList
+ * 2、根据a分组找到roleList
+ * 3、将以上两点找到的roleList 以role的uuid为唯一键合并
+ */
+ List teamUuidList = new ArrayList<>();
+ List teamRoleList = new ArrayList<>();
+ List teamList = teamMapper.getTeamListByUserUuid(userUuid);
+ for (TeamVo teamVo : teamList) {
+ teamUuidList.add(teamVo.getUuid());
+ List list = roleMapper.getParentTeamRoleListWithCheckedChildrenByTeam(teamVo);
+ teamRoleList.addAll(list);
+ }
+ if (CollectionUtils.isNotEmpty(teamUuidList)) {
+ List list = roleMapper.getRoleListWithTeamByTeamUuidList(teamUuidList);
+ teamRoleList.addAll(list);
+ }
+ Map roleVoMap = new HashMap<>();
+ for (RoleVo roleVo : teamRoleList) {
+ String uuid = roleVo.getUuid();
+ if (!roleVoMap.containsKey(uuid)) {
+ roleVoMap.put(uuid, roleVo);
+ } else {
+ roleVoMap.get(uuid).getTeamList().addAll(roleVo.getTeamList());
+ }
+ }
+ userObj.put("teamRoleList", new ArrayList<>(roleVoMap.values()));
+ List newTeamUuidList = new ArrayList<>();
+ if (CollectionUtils.isNotEmpty(teamUuidList)) {
+ for (String teamUuid : teamUuidList) {
+ newTeamUuidList.add(GroupSearch.TEAM.addPrefix(teamUuid));
+ }
+ }
+ userObj.put("teamUuidList", newTeamUuidList);
+ List roleUuidList = roleMapper.getRoleUuidListByUserUuid(userUuid);
+ List newRoleUuidList = new ArrayList<>();
+ if (CollectionUtils.isNotEmpty(roleUuidList)) {
+ for (String roleUuid : roleUuidList) {
+ newRoleUuidList.add(GroupSearch.ROLE.addPrefix(roleUuid));
+ }
+ }
+ userObj.put("roleUuidList", newRoleUuidList);
+ return userObj;
+ }
+}
--
Gitee
From 766ce6fac9629992f945fc3b27555b7747abdd7d Mon Sep 17 00:00:00 2001
From: "1437892690@qq.com" <1437892690@qq.com>
Date: Tue, 13 May 2025 10:15:19 +0800
Subject: [PATCH 2/2] =?UTF-8?q?[=E4=BF=AE=E5=A4=8D]=20=E7=94=A8=E6=88=B7?=
=?UTF-8?q?=E6=8E=88=E6=9D=83=E9=A1=B5=E6=9D=83=E9=99=90=E5=9B=9E=E6=98=BE?=
=?UTF-8?q?=E4=B8=8D=E6=AD=A3=E7=A1=AE?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit
关联 #[1417283535077376]用户授权页权限回显不正确 http://192.168.0.96:8090/demo/rdm.html#/bug-detail/939050947543040/939050947543057/1417283535077376
---
.../neatlogic/module/tenant/api/user/UserGetForEditApi.java | 4 ++--
1 file changed, 2 insertions(+), 2 deletions(-)
diff --git a/src/main/java/neatlogic/module/tenant/api/user/UserGetForEditApi.java b/src/main/java/neatlogic/module/tenant/api/user/UserGetForEditApi.java
index c90ef844..26dc50c9 100644
--- a/src/main/java/neatlogic/module/tenant/api/user/UserGetForEditApi.java
+++ b/src/main/java/neatlogic/module/tenant/api/user/UserGetForEditApi.java
@@ -58,7 +58,7 @@ public class UserGetForEditApi extends PrivateApiComponentBase {
@Override
public String getName() {
- return "获取用户信息(编辑页面回显专用)";
+ return "nmtau.usergetforeditapi.getname";
}
@Override
@@ -72,7 +72,7 @@ public class UserGetForEditApi extends PrivateApiComponentBase {
@Output({
@Param(name = "Return", explode = UserVo.class, desc = "nmtau.usergetapi.output.param.desc.user")
})
- @Description(desc = "获取用户信息(编辑页面回显专用)")
+ @Description(desc = "nmtau.usergetforeditapi.getname")
@Override
public Object myDoService(JSONObject jsonObj) throws Exception {
String userUuid = jsonObj.getString("userUuid");
--
Gitee