mirror of https://gitee.com/topiam/eiam
⚡ 优化
awenes
parent
8ecb1760da
commit
45ecbfd668
|
|
@ -67,7 +67,7 @@ public abstract class AbstractCertificateApplicationService extends AbstractAppl
|
||||||
//算法
|
//算法
|
||||||
config.setSignAlgo("SHA256WITHRSA");
|
config.setSignAlgo("SHA256WITHRSA");
|
||||||
RsaUtils.RsaResult keys = getKeys(config.getKeyLong());
|
RsaUtils.RsaResult keys = getKeys(config.getKeyLong());
|
||||||
X500Name x500Name = getX500Name("app_" + appCode, "TopIAM", "Jinan", "Shandong", "CN",
|
X500Name x500Name = getX500Name("app_" + appCode, "TOPIAM", "Jinan", "Shandong", "CN",
|
||||||
"EIAM");
|
"EIAM");
|
||||||
//发行者
|
//发行者
|
||||||
config.setIssuer(x500Name.toString());
|
config.setIssuer(x500Name.toString());
|
||||||
|
|
|
||||||
|
|
@ -32,7 +32,7 @@ import cn.topiam.employee.application.form.pojo.AppFormSaveConfigParam;
|
||||||
import cn.topiam.employee.common.entity.app.AppFormConfigEntity;
|
import cn.topiam.employee.common.entity.app.AppFormConfigEntity;
|
||||||
import cn.topiam.employee.common.entity.app.po.AppFormConfigPO;
|
import cn.topiam.employee.common.entity.app.po.AppFormConfigPO;
|
||||||
import cn.topiam.employee.core.help.ServerHelp;
|
import cn.topiam.employee.core.help.ServerHelp;
|
||||||
import static cn.topiam.employee.common.constant.ProtocolConstants.APP_CODE;
|
import static cn.topiam.employee.common.constant.AppConstants.APP_CODE;
|
||||||
import static cn.topiam.employee.common.constant.ProtocolConstants.FormEndpointConstants.FORM_SSO_PATH;
|
import static cn.topiam.employee.common.constant.ProtocolConstants.FormEndpointConstants.FORM_SSO_PATH;
|
||||||
|
|
||||||
/**
|
/**
|
||||||
|
|
|
||||||
|
|
@ -30,7 +30,7 @@ import cn.topiam.employee.application.jwt.pojo.AppJwtSaveConfigParam;
|
||||||
import cn.topiam.employee.common.entity.app.AppJwtConfigEntity;
|
import cn.topiam.employee.common.entity.app.AppJwtConfigEntity;
|
||||||
import cn.topiam.employee.common.entity.app.po.AppJwtConfigPO;
|
import cn.topiam.employee.common.entity.app.po.AppJwtConfigPO;
|
||||||
import cn.topiam.employee.core.help.ServerHelp;
|
import cn.topiam.employee.core.help.ServerHelp;
|
||||||
import static cn.topiam.employee.common.constant.ProtocolConstants.APP_CODE;
|
import static cn.topiam.employee.common.constant.AppConstants.APP_CODE;
|
||||||
import static cn.topiam.employee.common.constant.ProtocolConstants.JwtEndpointConstants.JWT_SLO_PATH;
|
import static cn.topiam.employee.common.constant.ProtocolConstants.JwtEndpointConstants.JWT_SLO_PATH;
|
||||||
import static cn.topiam.employee.common.constant.ProtocolConstants.JwtEndpointConstants.JWT_SSO_PATH;
|
import static cn.topiam.employee.common.constant.ProtocolConstants.JwtEndpointConstants.JWT_SSO_PATH;
|
||||||
|
|
||||||
|
|
|
||||||
|
|
@ -32,8 +32,9 @@ import cn.topiam.employee.application.oidc.model.OidcProtocolConfig;
|
||||||
import cn.topiam.employee.common.entity.app.AppCertEntity;
|
import cn.topiam.employee.common.entity.app.AppCertEntity;
|
||||||
import cn.topiam.employee.common.entity.app.po.AppOidcConfigPO;
|
import cn.topiam.employee.common.entity.app.po.AppOidcConfigPO;
|
||||||
import cn.topiam.employee.common.repository.app.*;
|
import cn.topiam.employee.common.repository.app.*;
|
||||||
import cn.topiam.employee.common.util.X509Utils;
|
|
||||||
import static cn.topiam.employee.common.enums.app.AppCertUsingType.OIDC_JWK;
|
import static cn.topiam.employee.common.enums.app.AppCertUsingType.OIDC_JWK;
|
||||||
|
import static cn.topiam.employee.support.util.CertUtils.readPrivateKey;
|
||||||
|
import static cn.topiam.employee.support.util.CertUtils.readPublicKey;
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* OIDC 应用配置
|
* OIDC 应用配置
|
||||||
|
|
@ -80,8 +81,8 @@ public abstract class AbstractOidcCertificateApplicationService extends
|
||||||
//@formatter:off
|
//@formatter:off
|
||||||
try {
|
try {
|
||||||
|
|
||||||
PrivateKey rsaPrivateKey = X509Utils.readPrivateKey(appCert.getPrivateKey(), "");
|
PrivateKey rsaPrivateKey = readPrivateKey(appCert.getPrivateKey(), "");
|
||||||
RSAPublicKey rsaPublicKey = (RSAPublicKey) X509Utils.readPublicKey(appCert.getPublicKey(), "");
|
RSAPublicKey rsaPublicKey = (RSAPublicKey) readPublicKey(appCert.getPublicKey(), "");
|
||||||
|
|
||||||
RSAKey rsaKey = new RSAKey.Builder(rsaPublicKey)
|
RSAKey rsaKey = new RSAKey.Builder(rsaPublicKey)
|
||||||
.privateKey(rsaPrivateKey)
|
.privateKey(rsaPrivateKey)
|
||||||
|
|
|
||||||
|
|
@ -32,8 +32,8 @@ import cn.topiam.employee.common.constant.ProtocolConstants;
|
||||||
import cn.topiam.employee.common.entity.app.AppOidcConfigEntity;
|
import cn.topiam.employee.common.entity.app.AppOidcConfigEntity;
|
||||||
import cn.topiam.employee.common.entity.app.po.AppOidcConfigPO;
|
import cn.topiam.employee.common.entity.app.po.AppOidcConfigPO;
|
||||||
import cn.topiam.employee.core.help.ServerHelp;
|
import cn.topiam.employee.core.help.ServerHelp;
|
||||||
import cn.topiam.employee.support.util.HttpUrlUtils;
|
import cn.topiam.employee.support.util.UrlUtils;
|
||||||
import static cn.topiam.employee.common.constant.ProtocolConstants.APP_CODE;
|
import static cn.topiam.employee.common.constant.AppConstants.APP_CODE;
|
||||||
import static cn.topiam.employee.common.constant.ProtocolConstants.OidcEndpointConstants.OIDC_AUTHORIZE_PATH;
|
import static cn.topiam.employee.common.constant.ProtocolConstants.OidcEndpointConstants.OIDC_AUTHORIZE_PATH;
|
||||||
import static cn.topiam.employee.common.constant.ProtocolConstants.OidcEndpointConstants.WELL_KNOWN_OPENID_CONFIGURATION;
|
import static cn.topiam.employee.common.constant.ProtocolConstants.OidcEndpointConstants.WELL_KNOWN_OPENID_CONFIGURATION;
|
||||||
|
|
||||||
|
|
@ -118,19 +118,19 @@ public interface AppOidcStandardConfigConverter {
|
||||||
//Issuer
|
//Issuer
|
||||||
domain.setIssuer(sub.replace(ServerHelp.getPortalPublicBaseUrl()+OIDC_AUTHORIZE_PATH));
|
domain.setIssuer(sub.replace(ServerHelp.getPortalPublicBaseUrl()+OIDC_AUTHORIZE_PATH));
|
||||||
//发现端点
|
//发现端点
|
||||||
domain.setDiscoveryEndpoint(HttpUrlUtils.format(ServerHelp.getPortalPublicBaseUrl() + sub.replace(WELL_KNOWN_OPENID_CONFIGURATION)));
|
domain.setDiscoveryEndpoint(UrlUtils.format(ServerHelp.getPortalPublicBaseUrl() + sub.replace(WELL_KNOWN_OPENID_CONFIGURATION)));
|
||||||
//认证端点
|
//认证端点
|
||||||
domain.setAuthorizationEndpoint(HttpUrlUtils.format(ServerHelp.getPortalPublicBaseUrl() + sub.replace(ProtocolConstants.OidcEndpointConstants.AUTHORIZATION_ENDPOINT)));
|
domain.setAuthorizationEndpoint(UrlUtils.format(ServerHelp.getPortalPublicBaseUrl() + sub.replace(ProtocolConstants.OidcEndpointConstants.AUTHORIZATION_ENDPOINT)));
|
||||||
//Token端点
|
//Token端点
|
||||||
domain.setTokenEndpoint(HttpUrlUtils.format(ServerHelp.getPortalPublicBaseUrl() + sub.replace( ProtocolConstants.OidcEndpointConstants.TOKEN_ENDPOINT)));
|
domain.setTokenEndpoint(UrlUtils.format(ServerHelp.getPortalPublicBaseUrl() + sub.replace( ProtocolConstants.OidcEndpointConstants.TOKEN_ENDPOINT)));
|
||||||
//Jwks端点
|
//Jwks端点
|
||||||
domain.setJwksEndpoint(HttpUrlUtils.format(ServerHelp.getPortalPublicBaseUrl() + sub.replace(ProtocolConstants.OidcEndpointConstants.JWK_SET_ENDPOINT)));
|
domain.setJwksEndpoint(UrlUtils.format(ServerHelp.getPortalPublicBaseUrl() + sub.replace(ProtocolConstants.OidcEndpointConstants.JWK_SET_ENDPOINT)));
|
||||||
//撤销端点
|
//撤销端点
|
||||||
domain.setRevokeEndpoint(HttpUrlUtils.format(ServerHelp.getPortalPublicBaseUrl()+ sub.replace(ProtocolConstants.OidcEndpointConstants.TOKEN_REVOCATION_ENDPOINT)));
|
domain.setRevokeEndpoint(UrlUtils.format(ServerHelp.getPortalPublicBaseUrl()+ sub.replace(ProtocolConstants.OidcEndpointConstants.TOKEN_REVOCATION_ENDPOINT)));
|
||||||
//UserInfo端点
|
//UserInfo端点
|
||||||
domain.setUserinfoEndpoint(HttpUrlUtils.format(ServerHelp.getPortalPublicBaseUrl() + sub.replace(ProtocolConstants.OidcEndpointConstants.OIDC_USER_INFO_ENDPOINT)));
|
domain.setUserinfoEndpoint(UrlUtils.format(ServerHelp.getPortalPublicBaseUrl() + sub.replace(ProtocolConstants.OidcEndpointConstants.OIDC_USER_INFO_ENDPOINT)));
|
||||||
//登出端点
|
//登出端点
|
||||||
domain.setEndSessionEndpoint(HttpUrlUtils.format(ServerHelp.getPortalPublicBaseUrl() + sub.replace(ProtocolConstants.OidcEndpointConstants.OIDC_LOGOUT_ENDPOINT)));
|
domain.setEndSessionEndpoint(UrlUtils.format(ServerHelp.getPortalPublicBaseUrl() + sub.replace(ProtocolConstants.OidcEndpointConstants.OIDC_LOGOUT_ENDPOINT)));
|
||||||
return domain;
|
return domain;
|
||||||
//@formatter:on
|
//@formatter:on
|
||||||
}
|
}
|
||||||
|
|
|
||||||
|
|
@ -17,18 +17,14 @@
|
||||||
*/
|
*/
|
||||||
package cn.topiam.employee.core.security.password.manager;
|
package cn.topiam.employee.core.security.password.manager;
|
||||||
|
|
||||||
import java.time.LocalDateTime;
|
|
||||||
import java.util.*;
|
import java.util.*;
|
||||||
|
|
||||||
|
import org.springframework.data.domain.Example;
|
||||||
import org.springframework.data.domain.Page;
|
import org.springframework.data.domain.Page;
|
||||||
import org.springframework.data.domain.PageRequest;
|
import org.springframework.data.domain.PageRequest;
|
||||||
import org.springframework.data.querydsl.QSort;
|
import org.springframework.data.domain.Sort;
|
||||||
import org.springframework.security.crypto.password.PasswordEncoder;
|
import org.springframework.security.crypto.password.PasswordEncoder;
|
||||||
|
|
||||||
import com.querydsl.core.types.OrderSpecifier;
|
|
||||||
import com.querydsl.core.types.dsl.BooleanExpression;
|
|
||||||
|
|
||||||
import cn.topiam.employee.common.entity.account.QUserHistoryPasswordEntity;
|
|
||||||
import cn.topiam.employee.common.entity.account.UserEntity;
|
import cn.topiam.employee.common.entity.account.UserEntity;
|
||||||
import cn.topiam.employee.common.entity.account.UserHistoryPasswordEntity;
|
import cn.topiam.employee.common.entity.account.UserHistoryPasswordEntity;
|
||||||
import cn.topiam.employee.common.entity.setting.SettingEntity;
|
import cn.topiam.employee.common.entity.setting.SettingEntity;
|
||||||
|
|
@ -42,6 +38,7 @@ import cn.topiam.employee.support.security.password.enums.PasswordComplexityRule
|
||||||
import cn.topiam.employee.support.security.password.validator.*;
|
import cn.topiam.employee.support.security.password.validator.*;
|
||||||
import cn.topiam.employee.support.security.password.weak.PasswordWeakLib;
|
import cn.topiam.employee.support.security.password.weak.PasswordWeakLib;
|
||||||
import static cn.topiam.employee.core.setting.constant.PasswordPolicySettingConstants.*;
|
import static cn.topiam.employee.core.setting.constant.PasswordPolicySettingConstants.*;
|
||||||
|
import static cn.topiam.employee.support.repository.base.BaseEntity.LAST_MODIFIED_TIME;
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* 密码策略管理器
|
* 密码策略管理器
|
||||||
|
|
@ -83,7 +80,7 @@ public class DefaultPasswordPolicyManager implements PasswordPolicyManager<UserE
|
||||||
if (userId.getId() != null) {
|
if (userId.getId() != null) {
|
||||||
//@formatter:off
|
//@formatter:off
|
||||||
validators.add(getPasswordIncludeUserInfoValidator(userId.getId()));
|
validators.add(getPasswordIncludeUserInfoValidator(userId.getId()));
|
||||||
validators.add(getHistoryPasswordValidator(userId.getId()));
|
validators.add(getHistoryPasswordValidator(String.valueOf(userId.getId())));
|
||||||
//@formatter:on
|
//@formatter:on
|
||||||
}
|
}
|
||||||
validators.forEach(passwordValidator -> passwordValidator.validate(password));
|
validators.forEach(passwordValidator -> passwordValidator.validate(password));
|
||||||
|
|
@ -117,7 +114,7 @@ public class DefaultPasswordPolicyManager implements PasswordPolicyManager<UserE
|
||||||
*
|
*
|
||||||
* @return {@link HistoryPasswordValidator}
|
* @return {@link HistoryPasswordValidator}
|
||||||
*/
|
*/
|
||||||
private HistoryPasswordValidator getHistoryPasswordValidator(Long userId) {
|
private HistoryPasswordValidator getHistoryPasswordValidator(String userId) {
|
||||||
SettingEntity historyCipherCheck = settingRepository.findByName(PasswordPolicySettingConstants.PASSWORD_POLICY_HISTORY_PASSWORD_CHECK);
|
SettingEntity historyCipherCheck = settingRepository.findByName(PasswordPolicySettingConstants.PASSWORD_POLICY_HISTORY_PASSWORD_CHECK);
|
||||||
boolean enabled = Objects.isNull(historyCipherCheck)
|
boolean enabled = Objects.isNull(historyCipherCheck)
|
||||||
? Boolean.parseBoolean(PasswordPolicySettingConstants.PASSWORD_POLICY_DEFAULT_SETTINGS.get(PASSWORD_POLICY_HISTORY_PASSWORD_CHECK))
|
? Boolean.parseBoolean(PasswordPolicySettingConstants.PASSWORD_POLICY_DEFAULT_SETTINGS.get(PASSWORD_POLICY_HISTORY_PASSWORD_CHECK))
|
||||||
|
|
@ -127,11 +124,9 @@ public class DefaultPasswordPolicyManager implements PasswordPolicyManager<UserE
|
||||||
Integer count = Objects.isNull(historyCipherCheckCount)
|
Integer count = Objects.isNull(historyCipherCheckCount)
|
||||||
? Integer.valueOf(PasswordPolicySettingConstants.PASSWORD_POLICY_DEFAULT_SETTINGS.get(PASSWORD_POLICY_HISTORY_PASSWORD_CHECK_COUNT))
|
? Integer.valueOf(PasswordPolicySettingConstants.PASSWORD_POLICY_DEFAULT_SETTINGS.get(PASSWORD_POLICY_HISTORY_PASSWORD_CHECK_COUNT))
|
||||||
: Integer.valueOf(historyCipherCheckCount.getValue());
|
: Integer.valueOf(historyCipherCheckCount.getValue());
|
||||||
//构建查询条件
|
Page<UserHistoryPasswordEntity> entities = userHistoryPasswordRepository.findAll(
|
||||||
QUserHistoryPasswordEntity historyPasswordEntity = QUserHistoryPasswordEntity.userHistoryPasswordEntity;
|
Example.of(new UserHistoryPasswordEntity().setUserId(userId)),
|
||||||
BooleanExpression expression = historyPasswordEntity.userId.eq(String.valueOf(userId));
|
PageRequest.of(0, count, Sort.by(Sort.Direction.DESC, LAST_MODIFIED_TIME)));
|
||||||
OrderSpecifier<LocalDateTime> desc = historyPasswordEntity.updateTime.desc();
|
|
||||||
Page<UserHistoryPasswordEntity> entities = userHistoryPasswordRepository.findAll(expression, PageRequest.of(0, count, QSort.by(desc)));
|
|
||||||
//构建历史密码验证器
|
//构建历史密码验证器
|
||||||
new HistoryPasswordValidator(entities.getContent().stream().map(UserHistoryPasswordEntity::getPassword).toList(), passwordEncoder);
|
new HistoryPasswordValidator(entities.getContent().stream().map(UserHistoryPasswordEntity::getPassword).toList(), passwordEncoder);
|
||||||
}
|
}
|
||||||
|
|
|
||||||
|
|
@ -34,7 +34,6 @@ import com.fasterxml.jackson.databind.DeserializationFeature;
|
||||||
import com.fasterxml.jackson.databind.ObjectMapper;
|
import com.fasterxml.jackson.databind.ObjectMapper;
|
||||||
|
|
||||||
import cn.topiam.employee.common.enums.identitysource.IdentitySourceProvider;
|
import cn.topiam.employee.common.enums.identitysource.IdentitySourceProvider;
|
||||||
import cn.topiam.employee.common.util.RequestUtils;
|
|
||||||
import cn.topiam.employee.identitysource.core.AbstractDefaultIdentitySource;
|
import cn.topiam.employee.identitysource.core.AbstractDefaultIdentitySource;
|
||||||
import cn.topiam.employee.identitysource.core.client.IdentitySourceClient;
|
import cn.topiam.employee.identitysource.core.client.IdentitySourceClient;
|
||||||
import cn.topiam.employee.identitysource.core.enums.IdentitySourceEventReceiveType;
|
import cn.topiam.employee.identitysource.core.enums.IdentitySourceEventReceiveType;
|
||||||
|
|
@ -44,6 +43,7 @@ import cn.topiam.employee.identitysource.core.processor.IdentitySourceSyncUserPo
|
||||||
import cn.topiam.employee.identitysource.core.processor.modal.IdentitySourceEventProcessData;
|
import cn.topiam.employee.identitysource.core.processor.modal.IdentitySourceEventProcessData;
|
||||||
import cn.topiam.employee.identitysource.dingtalk.enums.DingTalkEventType;
|
import cn.topiam.employee.identitysource.dingtalk.enums.DingTalkEventType;
|
||||||
import cn.topiam.employee.identitysource.dingtalk.util.DingTalkEventCryptoUtils;
|
import cn.topiam.employee.identitysource.dingtalk.util.DingTalkEventCryptoUtils;
|
||||||
|
import cn.topiam.employee.support.util.HttpRequestUtils;
|
||||||
|
|
||||||
import lombok.Data;
|
import lombok.Data;
|
||||||
import lombok.extern.slf4j.Slf4j;
|
import lombok.extern.slf4j.Slf4j;
|
||||||
|
|
@ -75,7 +75,7 @@ public class DingTalkIdentitySource extends AbstractDefaultIdentitySource<DingTa
|
||||||
@Override
|
@Override
|
||||||
public Object event(HttpServletRequest request, String body) {
|
public Object event(HttpServletRequest request, String body) {
|
||||||
LocalDateTime eventTime = LocalDateTime.now();
|
LocalDateTime eventTime = LocalDateTime.now();
|
||||||
Map<String, Object> params = RequestUtils.getParams(request);
|
Map<String, String> params = HttpRequestUtils.getRequestParameters(request);
|
||||||
if (StringUtils.isNoneBlank(body)) {
|
if (StringUtils.isNoneBlank(body)) {
|
||||||
String encrypt = JSON.parseObject(body).getString(ENCRYPT);
|
String encrypt = JSON.parseObject(body).getString(ENCRYPT);
|
||||||
log.info("钉钉身份源 [{}] 回调入参: {}, encrypt: {}", getId(), JSON.toJSONString(params),
|
log.info("钉钉身份源 [{}] 回调入参: {}, encrypt: {}", getId(), JSON.toJSONString(params),
|
||||||
|
|
@ -96,13 +96,13 @@ public class DingTalkIdentitySource extends AbstractDefaultIdentitySource<DingTa
|
||||||
* @param syncMap {@link Map}
|
* @param syncMap {@link Map}
|
||||||
* @return {@link Map}
|
* @return {@link Map}
|
||||||
*/
|
*/
|
||||||
private Object eventCallBack(LocalDateTime eventTime, Map<String, Object> syncMap,
|
private Object eventCallBack(LocalDateTime eventTime, Map<String, String> syncMap,
|
||||||
String encrypt) {
|
String encrypt) {
|
||||||
try {
|
try {
|
||||||
DingTalkConfig config = getConfig();
|
DingTalkConfig config = getConfig();
|
||||||
String msgSignature = (String) syncMap.get(MSG_SIGNATURE);
|
String msgSignature = syncMap.get(MSG_SIGNATURE);
|
||||||
String timeStamp = (String) syncMap.get(TIMESTAMP);
|
String timeStamp = syncMap.get(TIMESTAMP);
|
||||||
String nonce = (String) syncMap.get(NONCE);
|
String nonce = syncMap.get(NONCE);
|
||||||
DingTalkEventCryptoUtils eventCryptoUtils = new DingTalkEventCryptoUtils(
|
DingTalkEventCryptoUtils eventCryptoUtils = new DingTalkEventCryptoUtils(
|
||||||
config.getToken(), config.getAesKey(), config.getAppKey());
|
config.getToken(), config.getAesKey(), config.getAppKey());
|
||||||
String decryptMsg = eventCryptoUtils.getDecryptMsg(msgSignature, timeStamp, nonce,
|
String decryptMsg = eventCryptoUtils.getDecryptMsg(msgSignature, timeStamp, nonce,
|
||||||
|
|
|
||||||
|
|
@ -27,17 +27,10 @@ import org.springframework.stereotype.Service;
|
||||||
import org.springframework.transaction.annotation.Transactional;
|
import org.springframework.transaction.annotation.Transactional;
|
||||||
import org.springframework.util.CollectionUtils;
|
import org.springframework.util.CollectionUtils;
|
||||||
|
|
||||||
import com.querydsl.core.types.ExpressionUtils;
|
|
||||||
import com.querydsl.core.types.Predicate;
|
|
||||||
import com.querydsl.core.types.dsl.BooleanExpression;
|
|
||||||
import com.querydsl.core.types.dsl.Expressions;
|
|
||||||
import com.querydsl.jpa.impl.JPAQuery;
|
|
||||||
import com.querydsl.jpa.impl.JPAQueryFactory;
|
|
||||||
|
|
||||||
import cn.topiam.employee.audit.context.AuditContext;
|
import cn.topiam.employee.audit.context.AuditContext;
|
||||||
import cn.topiam.employee.audit.entity.Target;
|
import cn.topiam.employee.audit.entity.Target;
|
||||||
import cn.topiam.employee.audit.enums.TargetType;
|
import cn.topiam.employee.audit.enums.TargetType;
|
||||||
import cn.topiam.employee.common.entity.account.*;
|
import cn.topiam.employee.common.entity.account.OrganizationEntity;
|
||||||
import cn.topiam.employee.common.repository.account.OrganizationRepository;
|
import cn.topiam.employee.common.repository.account.OrganizationRepository;
|
||||||
import cn.topiam.employee.openapi.constant.OpenApiStatus;
|
import cn.topiam.employee.openapi.constant.OpenApiStatus;
|
||||||
import cn.topiam.employee.openapi.converter.account.OrganizationConverter;
|
import cn.topiam.employee.openapi.converter.account.OrganizationConverter;
|
||||||
|
|
@ -210,7 +203,7 @@ public class OrganizationServiceImpl implements OrganizationService {
|
||||||
List<OrganizationEntity> list = organizationRepository.findByParentId(id);
|
List<OrganizationEntity> list = organizationRepository.findByParentId(id);
|
||||||
if (CollectionUtils.isEmpty(list)) {
|
if (CollectionUtils.isEmpty(list)) {
|
||||||
//查询当前机构和当前机构下子机构下是否存在用户,不存在删除,存在抛出异常
|
//查询当前机构和当前机构下子机构下是否存在用户,不存在删除,存在抛出异常
|
||||||
Long count = getOrgMemberCount(id);
|
Integer count = getOrgMemberCount(id);
|
||||||
if (count > 0) {
|
if (count > 0) {
|
||||||
throw new OpenApiException(OpenApiStatus.DEPARTMENT_HAS_USER);
|
throw new OpenApiException(OpenApiStatus.DEPARTMENT_HAS_USER);
|
||||||
}
|
}
|
||||||
|
|
@ -265,23 +258,9 @@ public class OrganizationServiceImpl implements OrganizationService {
|
||||||
* @param orgId {@link String}
|
* @param orgId {@link String}
|
||||||
* @return {@link Long}
|
* @return {@link Long}
|
||||||
*/
|
*/
|
||||||
public Long getOrgMemberCount(String orgId) {
|
public Integer getOrgMemberCount(String orgId) {
|
||||||
//条件
|
return organizationRepository.getOrgMemberList(orgId).size();
|
||||||
QUserEntity user = QUserEntity.userEntity;
|
|
||||||
QOrganizationEntity qOrganization = QOrganizationEntity.organizationEntity;
|
|
||||||
Predicate predicate = ExpressionUtils.and(user.isNotNull(), user.deleted.eq(Boolean.FALSE));
|
|
||||||
//FIND_IN_SET函数
|
|
||||||
BooleanExpression template = Expressions.booleanTemplate(
|
|
||||||
"FIND_IN_SET({0}, replace({1}, '/', ','))> 0", orgId, qOrganization.path);
|
|
||||||
predicate = ExpressionUtils.and(predicate, qOrganization.id.eq(orgId).or(template));
|
|
||||||
//构造查询
|
|
||||||
JPAQuery<Long> jpaQuery = jpaQueryFactory.selectFrom(user).select(user.count())
|
|
||||||
.innerJoin(QOrganizationMemberEntity.organizationMemberEntity)
|
|
||||||
.on(user.id.eq(QOrganizationMemberEntity.organizationMemberEntity.userId))
|
|
||||||
.innerJoin(qOrganization)
|
|
||||||
.on(qOrganization.id.eq(QOrganizationMemberEntity.organizationMemberEntity.orgId))
|
|
||||||
.where(predicate);
|
|
||||||
return jpaQuery.fetch().get(0);
|
|
||||||
}
|
}
|
||||||
|
|
||||||
@Override
|
@Override
|
||||||
|
|
@ -292,8 +271,6 @@ public class OrganizationServiceImpl implements OrganizationService {
|
||||||
.orElseThrow(() -> new OpenApiException(OpenApiStatus.DEPARTMENT_NOT_EXIST));
|
.orElseThrow(() -> new OpenApiException(OpenApiStatus.DEPARTMENT_NOT_EXIST));
|
||||||
}
|
}
|
||||||
|
|
||||||
private final JPAQueryFactory jpaQueryFactory;
|
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* 组织架构数据映射器
|
* 组织架构数据映射器
|
||||||
*/
|
*/
|
||||||
|
|
|
||||||
|
|
@ -19,7 +19,7 @@ package cn.topiam.employee.openapi.service.app.impl;
|
||||||
|
|
||||||
import java.util.Optional;
|
import java.util.Optional;
|
||||||
|
|
||||||
import org.springframework.data.querydsl.QPageRequest;
|
import org.springframework.data.domain.PageRequest;
|
||||||
import org.springframework.stereotype.Service;
|
import org.springframework.stereotype.Service;
|
||||||
import org.springframework.transaction.annotation.Transactional;
|
import org.springframework.transaction.annotation.Transactional;
|
||||||
|
|
||||||
|
|
@ -64,7 +64,7 @@ public class AppAccountServiceImpl implements AppAccountService {
|
||||||
public Page<AppAccountListResult> getAppAccountList(PageModel pageModel,
|
public Page<AppAccountListResult> getAppAccountList(PageModel pageModel,
|
||||||
AppAccountQuery query) {
|
AppAccountQuery query) {
|
||||||
//分页条件
|
//分页条件
|
||||||
QPageRequest request = QPageRequest.of(pageModel.getCurrent(), pageModel.getPageSize());
|
PageRequest request = PageRequest.of(pageModel.getCurrent(), pageModel.getPageSize());
|
||||||
//查询映射
|
//查询映射
|
||||||
org.springframework.data.domain.Page<AppAccountPO> list = appAccountRepository
|
org.springframework.data.domain.Page<AppAccountPO> list = appAccountRepository
|
||||||
.getAppAccountList(query, request);
|
.getAppAccountList(query, request);
|
||||||
|
|
|
||||||
Loading…
Reference in New Issue