gitee
/
eiam
mirror of https://gitee.com/topiam/eiam
1
0
Fork 0
Code Issues Projects Releases Wiki Activity

feat: 应用统一权限

pull/42/head
kay 2023-08-30 01:04:34 +00:00 committed by Friday
parent 1cd01f5403
commit b01d2f3787
92 changed files with 8281 additions and 8 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

79
eiam-common/src/main/java/cn/topiam/employee/common/entity/app/AppPermissionActionEntity.java Normal file
View File

@ -0,0 +1,79 @@
/*
* eiam-common - Employee Identity and Access Management
* Copyright © 2022-Present Jinan Yuanchuang Network Technology Co., Ltd. (support@topiam.cn)
*
* This program is free software: you can redistribute it and/or modify
* it under the terms of the GNU Affero General Public License as published by
* the Free Software Foundation, either version 3 of the License, or
* (at your option) any later version.
*
* This program is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU Affero General Public License for more details.
*
* You should have received a copy of the GNU Affero General Public License
* along with this program. If not, see <http://www.gnu.org/licenses/>.
*/
package cn.topiam.employee.common.entity.app;
import java.io.Serial;
import org.hibernate.annotations.SQLDelete;
import org.hibernate.annotations.Where;
import cn.topiam.employee.common.enums.PermissionActionType;
import cn.topiam.employee.support.repository.domain.LogicDeleteEntity;
import lombok.Getter;
import lombok.Setter;
import lombok.ToString;
import lombok.experimental.Accessors;
import jakarta.persistence.*;
import static cn.topiam.employee.support.repository.domain.LogicDeleteEntity.SOFT_DELETE_SET;
import static cn.topiam.employee.support.repository.domain.LogicDeleteEntity.SOFT_DELETE_WHERE;
/**
*
*
* @author TopIAM
* Created by support@topiam.cn on 2021/11/2 21:05
*/
@Getter
@Setter
@ToString
@Entity
@Accessors(chain = true)
@Table(name = "app_permission_action")
@SQLDelete(sql = "update app_permission_action set " + SOFT_DELETE_SET + " where id_ = ?")
@Where(clause = SOFT_DELETE_WHERE)
public class AppPermissionActionEntity extends LogicDeleteEntity<Long> {
@Serial
private static final long serialVersionUID = -3954680915360748087L;
/**
*
*/
@Column(name = "value_")
private String value;
/**
*
*/
@Column(name = "name_")
private String name;
/**
*
*/
@Column(name = "type_")
private PermissionActionType type;
/**
*
*/
@ManyToOne
@JoinColumn(name = "resource_id")
private AppPermissionResourceEntity resource;
}

86
eiam-common/src/main/java/cn/topiam/employee/common/entity/app/AppPermissionPolicyEntity.java Normal file
View File

@ -0,0 +1,86 @@
/*
* eiam-common - Employee Identity and Access Management
* Copyright © 2022-Present Jinan Yuanchuang Network Technology Co., Ltd. (support@topiam.cn)
*
* This program is free software: you can redistribute it and/or modify
* it under the terms of the GNU Affero General Public License as published by
* the Free Software Foundation, either version 3 of the License, or
* (at your option) any later version.
*
* This program is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU Affero General Public License for more details.
*
* You should have received a copy of the GNU Affero General Public License
* along with this program. If not, see <http://www.gnu.org/licenses/>.
*/
package cn.topiam.employee.common.entity.app;
import org.hibernate.annotations.SQLDelete;
import org.hibernate.annotations.Where;
import cn.topiam.employee.common.enums.app.AppPolicyEffect;
import cn.topiam.employee.common.enums.app.AppPolicyObjectType;
import cn.topiam.employee.common.enums.app.AppPolicySubjectType;
import cn.topiam.employee.support.repository.domain.LogicDeleteEntity;
import lombok.Getter;
import lombok.Setter;
import lombok.ToString;
import lombok.experimental.Accessors;
import jakarta.persistence.Column;
import jakarta.persistence.Entity;
import jakarta.persistence.Table;
import static cn.topiam.employee.support.repository.domain.LogicDeleteEntity.SOFT_DELETE_SET;
import static cn.topiam.employee.support.repository.domain.LogicDeleteEntity.SOFT_DELETE_WHERE;
/**
*
*
* @author TopIAM
* Created by support@topiam.cn on 2021/11/4 19:41
*/
@Getter
@Setter
@ToString
@Entity
@Accessors(chain = true)
@Table(name = "app_permission_policy")
@SQLDelete(sql = "update app_permission_policy set " + SOFT_DELETE_SET + " where id_ = ?")
@Where(clause = SOFT_DELETE_WHERE)
public class AppPermissionPolicyEntity extends LogicDeleteEntity<Long> {
/**
* id
*/
@Column(name = "app_id")
private Long appId;
/**
* ID
*/
@Column(name = "subject_id")
private String subjectId;
/**
*
*/
@Column(name = "subject_type")
private AppPolicySubjectType subjectType;
/**
* ID
*/
@Column(name = "object_id")
private Long objectId;
/**
*
*/
@Column(name = "object_type")
private AppPolicyObjectType objectType;
/**
* Effect
*/
@Column(name = "effect_")
private AppPolicyEffect effect;
}

97
eiam-common/src/main/java/cn/topiam/employee/common/entity/app/AppPermissionResourceEntity.java Normal file
View File

@ -0,0 +1,97 @@
/*
* eiam-common - Employee Identity and Access Management
* Copyright © 2022-Present Jinan Yuanchuang Network Technology Co., Ltd. (support@topiam.cn)
*
* This program is free software: you can redistribute it and/or modify
* it under the terms of the GNU Affero General Public License as published by
* the Free Software Foundation, either version 3 of the License, or
* (at your option) any later version.
*
* This program is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU Affero General Public License for more details.
*
* You should have received a copy of the GNU Affero General Public License
* along with this program. If not, see <http://www.gnu.org/licenses/>.
*/
package cn.topiam.employee.common.entity.app;
import java.io.Serial;
import java.util.List;
import org.hibernate.annotations.SQLDelete;
import org.hibernate.annotations.Where;
import cn.topiam.employee.support.repository.domain.LogicDeleteEntity;
import lombok.Getter;
import lombok.Setter;
import lombok.ToString;
import lombok.experimental.Accessors;
import jakarta.persistence.*;
import static cn.topiam.employee.support.repository.domain.LogicDeleteEntity.SOFT_DELETE_SET;
import static cn.topiam.employee.support.repository.domain.LogicDeleteEntity.SOFT_DELETE_WHERE;
import static jakarta.persistence.FetchType.LAZY;
/**
* <p>
*
* </p>
*
* @author TopIAM
* Created by support@topiam.cn on 2020-08-10
*/
@Getter
@Setter
@ToString
@Entity
@Accessors(chain = true)
@Table(name = "app_permission_resource")
@SQLDelete(sql = "update app_permission_resource set " + SOFT_DELETE_SET + " where id_ = ?")
@Where(clause = SOFT_DELETE_WHERE)
public class AppPermissionResourceEntity extends LogicDeleteEntity<Long> {
@Serial
private static final long serialVersionUID = 7342074686605139968L;
/**
*
*/
@Column(name = "code_")
private String code;
/**
*
*/
@Column(name = "name_")
private String name;
/**
* ID
*/
@Column(name = "app_id")
private Long appId;
/**
*
*/
@Column(name = "desc_")
private String desc;
/**
*
*/
@Column(name = "is_enabled")
private Boolean enabled;
/**
*
*/
@ToString.Exclude
@OneToMany(mappedBy = "resource", fetch = LAZY, cascade = { CascadeType.PERSIST,
CascadeType.REMOVE })
private List<AppPermissionActionEntity> actions;
}

82
eiam-common/src/main/java/cn/topiam/employee/common/entity/app/AppPermissionRoleEntity.java Normal file
View File

@ -0,0 +1,82 @@
/*
* eiam-common - Employee Identity and Access Management
* Copyright © 2022-Present Jinan Yuanchuang Network Technology Co., Ltd. (support@topiam.cn)
*
* This program is free software: you can redistribute it and/or modify
* it under the terms of the GNU Affero General Public License as published by
* the Free Software Foundation, either version 3 of the License, or
* (at your option) any later version.
*
* This program is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU Affero General Public License for more details.
*
* You should have received a copy of the GNU Affero General Public License
* along with this program. If not, see <http://www.gnu.org/licenses/>.
*/
package cn.topiam.employee.common.entity.app;
import java.io.Serial;
import org.hibernate.annotations.SQLDelete;
import org.hibernate.annotations.Where;
import cn.topiam.employee.support.repository.domain.LogicDeleteEntity;
import lombok.Getter;
import lombok.Setter;
import lombok.ToString;
import lombok.experimental.Accessors;
import jakarta.persistence.Column;
import jakarta.persistence.Entity;
import jakarta.persistence.Table;
import static cn.topiam.employee.support.repository.domain.LogicDeleteEntity.SOFT_DELETE_SET;
import static cn.topiam.employee.support.repository.domain.LogicDeleteEntity.SOFT_DELETE_WHERE;
/**
* <p>
*
* </p>
*
* @author TopIAM
* Created by support@topiam.cn on 2020-08-10
*/
@Getter
@Setter
@ToString
@Entity
@Accessors(chain = true)
@Table(name = "app_permission_role")
@SQLDelete(sql = "update app_permission_role set " + SOFT_DELETE_SET + " where id_ = ?")
@Where(clause = SOFT_DELETE_WHERE)
public class AppPermissionRoleEntity extends LogicDeleteEntity<Long> {
@Serial
private static final long serialVersionUID = -7761332532995424593L;
/**
*
*/
@Column(name = "name_")
private String name;
/**
*
*/
@Column(name = "code_")
private String code;
/**
* ID
*/
@Column(name = "app_id")
private Long appId;
/**
*
*/
@Column(name = "is_enabled")
private Boolean enabled;
}

44
eiam-common/src/main/java/cn/topiam/employee/common/repository/app/AppPermissionActionRepository.java Normal file
View File

@ -0,0 +1,44 @@
/*
* eiam-common - Employee Identity and Access Management
* Copyright © 2022-Present Jinan Yuanchuang Network Technology Co., Ltd. (support@topiam.cn)
*
* This program is free software: you can redistribute it and/or modify
* it under the terms of the GNU Affero General Public License as published by
* the Free Software Foundation, either version 3 of the License, or
* (at your option) any later version.
*
* This program is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU Affero General Public License for more details.
*
* You should have received a copy of the GNU Affero General Public License
* along with this program. If not, see <http://www.gnu.org/licenses/>.
*/
package cn.topiam.employee.common.repository.app;
import java.util.List;
import org.springframework.data.querydsl.QuerydslPredicateExecutor;
import org.springframework.stereotype.Repository;
import cn.topiam.employee.common.entity.app.AppPermissionActionEntity;
import cn.topiam.employee.common.entity.app.AppPermissionResourceEntity;
import cn.topiam.employee.support.repository.LogicDeleteRepository;
/**
* @author TopIAM
* Created by support@topiam.cn on 2021/11/22 23:06
*/
@Repository
public interface AppPermissionActionRepository extends
LogicDeleteRepository<AppPermissionActionEntity, Long>,
QuerydslPredicateExecutor<AppPermissionActionEntity> {
/**
* findAllByResource
*
* @param resource {@link AppPermissionResourceEntity}
* @return {@link List}
*/
List<AppPermissionActionEntity> findAllByResource(AppPermissionResourceEntity resource);
}

86
eiam-common/src/main/java/cn/topiam/employee/common/repository/app/AppPermissionPolicyRepository.java Normal file
View File

@ -0,0 +1,86 @@
/*
* eiam-common - Employee Identity and Access Management
* Copyright © 2022-Present Jinan Yuanchuang Network Technology Co., Ltd. (support@topiam.cn)
*
* This program is free software: you can redistribute it and/or modify
* it under the terms of the GNU Affero General Public License as published by
* the Free Software Foundation, either version 3 of the License, or
* (at your option) any later version.
*
* This program is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU Affero General Public License for more details.
*
* You should have received a copy of the GNU Affero General Public License
* along with this program. If not, see <http://www.gnu.org/licenses/>.
*/
package cn.topiam.employee.common.repository.app;
import java.io.Serializable;
import java.util.Collection;
import org.springframework.data.jpa.repository.Modifying;
import org.springframework.data.jpa.repository.Query;
import org.springframework.data.querydsl.QuerydslPredicateExecutor;
import org.springframework.data.repository.query.Param;
import org.springframework.stereotype.Repository;
import org.springframework.transaction.annotation.Transactional;
import cn.topiam.employee.common.entity.app.AppPermissionPolicyEntity;
import cn.topiam.employee.support.repository.LogicDeleteRepository;
import static cn.topiam.employee.support.repository.domain.LogicDeleteEntity.SOFT_DELETE_SET;
/**
* @author TopIAM
* Created by support@topiam.cn on 2021/11/4 22:44
*/
@Repository
public interface AppPermissionPolicyRepository extends AppPermissionPolicyRepositoryCustomized,
LogicDeleteRepository<AppPermissionPolicyEntity, Long>,
QuerydslPredicateExecutor<AppPermissionPolicyEntity> {
/**
* ID
*
* @param subjectIds {@link String}
*/
@Modifying
@Transactional(rollbackFor = Exception.class)
@Query(value = "UPDATE app_permission_policy SET " + SOFT_DELETE_SET
+ " WHERE subject_id IN (:subjectIds)", nativeQuery = true)
void deleteAllBySubjectIdIn(@Param("subjectIds") Collection<String> subjectIds);
/**
* ID
*
* @param objectIds {@link String}
*/
@Modifying
@Transactional(rollbackFor = Exception.class)
@Query(value = "UPDATE app_permission_policy SET " + SOFT_DELETE_SET
+ " WHERE object_id IN (:objectIds)", nativeQuery = true)
void deleteAllByObjectIdIn(@Param("objectIds") Collection<Long> objectIds);
/**
*
*
* @param objectId
*/
@Modifying
@Transactional(rollbackFor = Exception.class)
@Query(value = "UPDATE app_permission_policy SET " + SOFT_DELETE_SET
+ " WHERE object_id = :objectId", nativeQuery = true)
void deleteAllByObjectId(@Param("objectId") Long objectId);
/**
* /
*
* @param id {@link Serializable}
* @param status {@link Boolean}
* @return {@link Integer}
*/
@Transactional(rollbackFor = Exception.class)
@Modifying
@Query(value = "UPDATE AppPermissionResourceEntity set enabled =:status WHERE id =:id")
Integer updateStatus(@Param(value = "id") Long id, @Param(value = "status") Boolean status);
}

39
eiam-common/src/main/java/cn/topiam/employee/common/repository/app/AppPermissionPolicyRepositoryCustomized.java Normal file
View File

@ -0,0 +1,39 @@
/*
* eiam-common - Employee Identity and Access Management
* Copyright © 2022-Present Jinan Yuanchuang Network Technology Co., Ltd. (support@topiam.cn)
*
* This program is free software: you can redistribute it and/or modify
* it under the terms of the GNU Affero General Public License as published by
* the Free Software Foundation, either version 3 of the License, or
* (at your option) any later version.
*
* This program is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU Affero General Public License for more details.
*
* You should have received a copy of the GNU Affero General Public License
* along with this program. If not, see <http://www.gnu.org/licenses/>.
*/
package cn.topiam.employee.common.repository.app;
import org.springframework.data.domain.Page;
import org.springframework.data.domain.Pageable;
import cn.topiam.employee.common.entity.app.po.AppPermissionPolicyPO;
import cn.topiam.employee.common.entity.app.query.AppPolicyQuery;
/**
* @author TopIAM
* Created by support@topiam.cn on 2021/11/4 22:44
*/
public interface AppPermissionPolicyRepositoryCustomized {
/**
*
*
* @param query {@link AppPolicyQuery}
* @param request {@link Pageable}
* @return {@link AppPermissionPolicyPO}
*/
Page<AppPermissionPolicyPO> findPage(AppPolicyQuery query, Pageable request);
}

53
eiam-common/src/main/java/cn/topiam/employee/common/repository/app/AppPermissionResourceRepository.java Normal file
View File

@ -0,0 +1,53 @@
/*
* eiam-common - Employee Identity and Access Management
* Copyright © 2022-Present Jinan Yuanchuang Network Technology Co., Ltd. (support@topiam.cn)
*
* This program is free software: you can redistribute it and/or modify
* it under the terms of the GNU Affero General Public License as published by
* the Free Software Foundation, either version 3 of the License, or
* (at your option) any later version.
*
* This program is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU Affero General Public License for more details.
*
* You should have received a copy of the GNU Affero General Public License
* along with this program. If not, see <http://www.gnu.org/licenses/>.
*/
package cn.topiam.employee.common.repository.app;
import java.util.Optional;
import org.jetbrains.annotations.NotNull;
import org.springframework.data.jpa.repository.Query;
import org.springframework.data.querydsl.QuerydslPredicateExecutor;
import org.springframework.data.repository.query.Param;
import org.springframework.stereotype.Repository;
import cn.topiam.employee.common.entity.app.AppPermissionResourceEntity;
import cn.topiam.employee.support.repository.LogicDeleteRepository;
/**
* <p>
* Repository SystemRepositoryCustomized
* </p>
*
* @author TopIAM
* Created by support@topiam.cn on 2020-08-10
*/
@Repository
public interface AppPermissionResourceRepository extends
LogicDeleteRepository<AppPermissionResourceEntity, Long>,
QuerydslPredicateExecutor<AppPermissionResourceEntity> {
/**
* findByIdContainsDeleted
*
* @param id must not be {@literal null}.
* @return {@link AppPermissionResourceEntity}
*/
@NotNull
@Query(value = "SELECT * FROM app_permission_resource WHERE id_ = :id", nativeQuery = true)
Optional<AppPermissionResourceEntity> findByIdContainsDeleted(@NotNull @Param(value = "id") Long id);
}

67
eiam-common/src/main/java/cn/topiam/employee/common/repository/app/AppPermissionRoleRepository.java Normal file
View File

@ -0,0 +1,67 @@
/*
* eiam-common - Employee Identity and Access Management
* Copyright © 2022-Present Jinan Yuanchuang Network Technology Co., Ltd. (support@topiam.cn)
*
* This program is free software: you can redistribute it and/or modify
* it under the terms of the GNU Affero General Public License as published by
* the Free Software Foundation, either version 3 of the License, or
* (at your option) any later version.
*
* This program is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU Affero General Public License for more details.
*
* You should have received a copy of the GNU Affero General Public License
* along with this program. If not, see <http://www.gnu.org/licenses/>.
*/
package cn.topiam.employee.common.repository.app;
import java.util.Optional;
import org.jetbrains.annotations.NotNull;
import org.springframework.cache.annotation.Cacheable;
import org.springframework.data.jpa.repository.Modifying;
import org.springframework.data.jpa.repository.Query;
import org.springframework.data.querydsl.QuerydslPredicateExecutor;
import org.springframework.data.repository.query.Param;
import org.springframework.stereotype.Repository;
import org.springframework.transaction.annotation.Transactional;
import cn.topiam.employee.common.entity.app.AppPermissionRoleEntity;
import cn.topiam.employee.support.repository.LogicDeleteRepository;
/**
* <p>
* Repository
* </p>
*
* @author TopIAM
* Created by support@topiam.cn on 2020-08-10
*/
@Repository
public interface AppPermissionRoleRepository extends
LogicDeleteRepository<AppPermissionRoleEntity, Long>,
QuerydslPredicateExecutor<AppPermissionRoleEntity> {
/**
*
*
* @param id {@link String}
* @param enabled {@link String}
*/
@Transactional(rollbackFor = Exception.class)
@Modifying
@Query(value = "update app_permission_role set is_enabled = ?2 where id_ = ?1", nativeQuery = true)
void updateStatus(@Param(value = "id") String id, @Param(value = "enabled") Boolean enabled);
/**
* findByIdContainsDeleted
*
* @param id must not be {@literal null}.
* @return {@link AppPermissionRoleEntity}
*/
@NotNull
@Cacheable
@Query(value = "SELECT * FROM app_permission_role WHERE id_ = :id", nativeQuery = true)
Optional<AppPermissionRoleEntity> findByIdContainsDeleted(@NotNull @Param(value = "id") Long id);
}

130
eiam-common/src/main/java/cn/topiam/employee/common/repository/app/impl/AppPermissionPolicyRepositoryCustomizedImpl.java Normal file
View File

@ -0,0 +1,130 @@
/*
* eiam-common - Employee Identity and Access Management
* Copyright © 2022-Present Jinan Yuanchuang Network Technology Co., Ltd. (support@topiam.cn)
*
* This program is free software: you can redistribute it and/or modify
* it under the terms of the GNU Affero General Public License as published by
* the Free Software Foundation, either version 3 of the License, or
* (at your option) any later version.
*
* This program is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU Affero General Public License for more details.
*
* You should have received a copy of the GNU Affero General Public License
* along with this program. If not, see <http://www.gnu.org/licenses/>.
*/
package cn.topiam.employee.common.repository.app.impl;
import java.util.List;
import org.springframework.data.domain.Page;
import org.springframework.data.domain.PageImpl;
import org.springframework.data.domain.Pageable;
import org.springframework.jdbc.core.JdbcTemplate;
import org.springframework.stereotype.Repository;
import org.springframework.util.ObjectUtils;
import com.google.common.collect.Lists;
import cn.topiam.employee.common.entity.app.po.AppPermissionPolicyPO;
import cn.topiam.employee.common.entity.app.query.AppPolicyQuery;
import cn.topiam.employee.common.repository.app.AppPermissionPolicyRepositoryCustomized;
import cn.topiam.employee.common.repository.app.impl.mapper.AppPermissionPolicyPoMapper;
import lombok.RequiredArgsConstructor;
/**
* @author TopIAM
* Created by support@topiam.cn on 2021/11/4 22:46
*/
@Repository
@RequiredArgsConstructor
public class AppPermissionPolicyRepositoryCustomizedImpl implements
AppPermissionPolicyRepositoryCustomized {
private String leftJoin(String table, String condition) {
return " LEFT JOIN " + table + " ON " + condition + " AND " + table + ".is_deleted = '0' ";
}
@Override
public Page<AppPermissionPolicyPO> findPage(AppPolicyQuery query, Pageable pageable) {
//查询条件
//@formatter:off
// 所属应用
StringBuilder where = new StringBuilder("WHERE policy.is_deleted = '0' AND policy.app_id = '").append(query.getAppId()).append("' ");
// 主体类型
where.append(" AND policy.subject_type = '").append(query.getSubjectType().getCode()).append("' ");
// 客体类型
where.append(" AND policy.object_type = '").append(query.getObjectType().getCode()).append("' ");
// 主体id
if (!ObjectUtils.isEmpty(query.getSubjectId())) {
where.append("policy.subject_id = '").append(query.getSubjectId()).append("' ");
}
// 客体id
if (!ObjectUtils.isEmpty(query.getObjectId())) {
where.append("policy.object_id = '").append(query.getObjectId()).append("' ");
}
// 授权效果
if (!ObjectUtils.isEmpty(query.getEffect())) {
where.append("policy.effect = '").append(query.getEffect().getCode()).append("' ");
}
List<String> fields = Lists.newArrayList("policy.subject_id", "policy.object_id", "policy.subject_type", "policy.object_type", "policy.id", "policy.effect");
String subjectJoin;
String objectJoin = null;
switch (query.getSubjectType()) {
case USER -> {
subjectJoin = leftJoin("app_account account", "policy.subject_id = account.id");
fields.add("account.account as subject_name");
}
case USER_GROUP -> {
subjectJoin = leftJoin("user_group group", "policy.subject_id = group.id");
fields.add("group.name as subject_name");
}
case ORGANIZATION -> {
subjectJoin = leftJoin("organization org", "policy.subject_id = org.id");
fields.add("org.name as subject_name");
}
case ROLE -> {
subjectJoin = leftJoin("app_permission_role role", "policy.subject_id = role.id");
fields.add("role.name as subject_name");
}
default -> throw new RuntimeException("暂不支持");
}
switch (query.getObjectType()) {
case PERMISSION -> {
objectJoin = leftJoin("app_permission_action action", "policy.subject_id = action.id");
fields.add("action.name as object_name");
}
case ROLE -> {
objectJoin = leftJoin("app_permission_role role2", "policy.subject_id = role2.id");
fields.add("role2.name as object_name");
}
case RESOURCE -> {
objectJoin = leftJoin("app_permission_resource resource", "policy.subject_id = resource.id");
fields.add("resource.name as object_name");
}
}
StringBuilder selectSql = new StringBuilder("SELECT ").append(String.join(", ", fields))
.append(" FROM app_permission_policy policy ").append(subjectJoin).append(objectJoin);
// @formatter:off
List<AppPermissionPolicyPO> list = jdbcTemplate
.query(
selectSql.append(" LIMIT ").append(pageable.getPageNumber() * pageable.getPageSize())
.append(",").append(pageable.getPageSize()).toString(),
new AppPermissionPolicyPoMapper());
//@formatter:off
String countSql = "SELECT count(*) FROM (" + selectSql + ") app_policy_";
//@formatter:on
Integer count = jdbcTemplate.queryForObject(countSql, Integer.class);
return new PageImpl<>(list, pageable, count);
}
/**
* JdbcTemplate
*/
private final JdbcTemplate jdbcTemplate;
}

63
eiam-common/src/main/java/cn/topiam/employee/common/repository/app/impl/mapper/AppPermissionPolicyPoMapper.java Normal file
View File

@ -0,0 +1,63 @@
/*
* eiam-common - Employee Identity and Access Management
* Copyright © 2022-Present Jinan Yuanchuang Network Technology Co., Ltd. (support@topiam.cn)
*
* This program is free software: you can redistribute it and/or modify
* it under the terms of the GNU Affero General Public License as published by
* the Free Software Foundation, either version 3 of the License, or
* (at your option) any later version.
*
* This program is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU Affero General Public License for more details.
*
* You should have received a copy of the GNU Affero General Public License
* along with this program. If not, see <http://www.gnu.org/licenses/>.
*/
package cn.topiam.employee.common.repository.app.impl.mapper;
import java.sql.ResultSet;
import java.sql.SQLException;
import org.springframework.jdbc.core.RowMapper;
import cn.topiam.employee.common.entity.app.po.AppPermissionPolicyPO;
import cn.topiam.employee.common.enums.app.AppPolicyEffect;
import cn.topiam.employee.common.enums.app.AppPolicyObjectType;
import cn.topiam.employee.common.enums.app.AppPolicySubjectType;
/**
* @author TopIAM
* Created by support@topiam.cn on 2022/2/13 23:25
*/
public class AppPermissionPolicyPoMapper implements RowMapper<AppPermissionPolicyPO> {
/**
* Implementations must implement this method to map each row of data
* in the ResultSet. This method should not call {@code next()} on
* the ResultSet; it is only supposed to map values of the current row.
*
* @param rs the ResultSet to map (pre-initialized for the current row)
* @param rowNum the number of the current row
* @return the result object for the current row (may be {@code null})
* @throws SQLException if an SQLException is encountered getting
* column values (that is, there's no need to catch SQLException)
*/
@SuppressWarnings("DuplicatedCode")
@Override
public AppPermissionPolicyPO mapRow(ResultSet rs, int rowNum) throws SQLException {
AppPermissionPolicyPO appPermissionPolicyPo = new AppPermissionPolicyPO();
appPermissionPolicyPo.setId(rs.getLong("id_"));
appPermissionPolicyPo.setEffect(AppPolicyEffect.getType(rs.getString("effect")));
appPermissionPolicyPo.setSubjectId(rs.getString("subject_id"));
appPermissionPolicyPo
.setSubjectType(AppPolicySubjectType.getType(rs.getString("subject_type")));
appPermissionPolicyPo.setSubjectName(rs.getString("subject_name"));
appPermissionPolicyPo.setObjectId(rs.getLong("object_id"));
appPermissionPolicyPo
.setObjectType(AppPolicyObjectType.getType(rs.getString("object_type")));
appPermissionPolicyPo.setObjectName(rs.getString("object_name"));
return appPermissionPolicyPo;
}
}

76
eiam-console/src/main/java/cn/topiam/employee/console/controller/app/AppPermissionActionController.java Normal file
View File

@ -0,0 +1,76 @@
/*
* eiam-console - Employee Identity and Access Management Program
* Copyright © 2020-2023 TopIAM (support@topiam.cn)
*
* This program is free software: you can redistribute it and/or modify
* it under the terms of the GNU Affero General Public License as published by
* the Free Software Foundation, either version 3 of the License, or
* (at your option) any later version.
*
* This program is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU Affero General Public License for more details.
*
* You should have received a copy of the GNU Affero General Public License
* along with this program. If not, see <http://www.gnu.org/licenses/>.
*/
package cn.topiam.employee.console.controller.app;
import java.util.List;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.springframework.http.MediaType;
import org.springframework.security.access.prepost.PreAuthorize;
import org.springframework.validation.annotation.Validated;
import org.springframework.web.bind.annotation.GetMapping;
import org.springframework.web.bind.annotation.RequestMapping;
import org.springframework.web.bind.annotation.RestController;
import cn.topiam.employee.console.pojo.query.app.AppPermissionActionListQuery;
import cn.topiam.employee.console.pojo.result.app.AppPermissionActionListResult;
import cn.topiam.employee.console.service.app.AppPermissionActionService;
import cn.topiam.employee.support.result.ApiRestResult;
import lombok.RequiredArgsConstructor;
import io.swagger.v3.oas.annotations.Operation;
import io.swagger.v3.oas.annotations.tags.Tag;
import static cn.topiam.employee.common.constant.AppConstants.APP_PATH;
/**
* -
*
* @author TopIAM
* Created by support@topiam.cn on 2020/8/26 20:28
*/
@RequiredArgsConstructor
@Validated
@Tag(name = "应用权限-权限项")
@RequestMapping(value = APP_PATH
+ "/permission/action", produces = MediaType.APPLICATION_JSON_VALUE)
@RestController
public class AppPermissionActionController {
/**
* logger
*/
private final Logger logger = LoggerFactory.getLogger(AppPermissionActionController.class);
/**
*
*
* @return {@link AppPermissionActionListResult}
*/
@Operation(summary = "获取权限项列表")
@GetMapping(value = "/list")
@PreAuthorize(value = "authenticated and @sae.hasAuthority(T(cn.topiam.employee.support.security.userdetails.UserType).ADMIN)")
public ApiRestResult<List<AppPermissionActionListResult>> getPermissionActionList(@Validated AppPermissionActionListQuery query) {
List<AppPermissionActionListResult> list = appPermissionActionService
.getPermissionActionList(query);
return ApiRestResult.<List<AppPermissionActionListResult>> builder().result(list).build();
}
private final AppPermissionActionService appPermissionActionService;
}

142
eiam-console/src/main/java/cn/topiam/employee/console/controller/app/AppPermissionPolicyController.java Normal file
View File

@ -0,0 +1,142 @@
/*
* eiam-console - Employee Identity and Access Management Program
* Copyright © 2020-2023 TopIAM (support@topiam.cn)
*
* This program is free software: you can redistribute it and/or modify
* it under the terms of the GNU Affero General Public License as published by
* the Free Software Foundation, either version 3 of the License, or
* (at your option) any later version.
*
* This program is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU Affero General Public License for more details.
*
* You should have received a copy of the GNU Affero General Public License
* along with this program. If not, see <http://www.gnu.org/licenses/>.
*/
package cn.topiam.employee.console.controller.app;
import org.springframework.http.MediaType;
import org.springframework.security.access.prepost.PreAuthorize;
import org.springframework.validation.annotation.Validated;
import org.springframework.web.bind.annotation.*;
import cn.topiam.employee.common.entity.app.query.AppPolicyQuery;
import cn.topiam.employee.console.pojo.result.app.AppPermissionPolicyGetResult;
import cn.topiam.employee.console.pojo.result.app.AppPermissionPolicyListResult;
import cn.topiam.employee.console.pojo.result.app.AppPermissionRoleListResult;
import cn.topiam.employee.console.pojo.save.app.AppPermissionPolicyCreateParam;
import cn.topiam.employee.console.pojo.save.app.AppPermissionRoleCreateParam;
import cn.topiam.employee.console.pojo.update.app.AppPermissionPolicyUpdateParam;
import cn.topiam.employee.console.pojo.update.app.PermissionRoleUpdateParam;
import cn.topiam.employee.console.service.app.AppPermissionPolicyService;
import cn.topiam.employee.support.lock.Lock;
import cn.topiam.employee.support.preview.Preview;
import cn.topiam.employee.support.repository.page.domain.Page;
import cn.topiam.employee.support.repository.page.domain.PageModel;
import cn.topiam.employee.support.result.ApiRestResult;
import lombok.RequiredArgsConstructor;
import io.swagger.v3.oas.annotations.Operation;
import io.swagger.v3.oas.annotations.tags.Tag;
import static cn.topiam.employee.common.constant.AppConstants.APP_PATH;
/**
*
*
* @author TopIAM
* Created by support@topiam.cn on 2022/7/12 22:30
*/
@Validated
@Tag(name = "应用权限-授权策略")
@RequestMapping(value = APP_PATH
+ "/permission/policy", produces = MediaType.APPLICATION_JSON_VALUE)
@RestController
@RequiredArgsConstructor
public class AppPermissionPolicyController {
/**
*
*
* @param page {@link PageModel}
* @return {@link AppPermissionRoleListResult}
*/
@Operation(summary = "获取策略列表")
@GetMapping(value = "/list")
@PreAuthorize(value = "authenticated and @sae.hasAuthority(T(cn.topiam.employee.support.security.userdetails.UserType).ADMIN)")
public ApiRestResult<Page<AppPermissionPolicyListResult>> getPermissionPolicyList(PageModel page,
@Validated AppPolicyQuery query) {
Page<AppPermissionPolicyListResult> result = permissionPolicyService
.getPermissionPolicyList(page, query);
return ApiRestResult.<Page<AppPermissionPolicyListResult>> builder().result(result).build();
}
/**
*
*
* @param param {@link AppPermissionRoleCreateParam}
* @return {@link Boolean}
*/
@Lock
@Preview
@Operation(summary = "创建资源")
@PostMapping(value = "/create")
@PreAuthorize(value = "authenticated and @sae.hasAuthority(T(cn.topiam.employee.support.security.userdetails.UserType).ADMIN)")
public ApiRestResult<Boolean> createPolicy(@Validated @RequestBody AppPermissionPolicyCreateParam param) {
return ApiRestResult.<Boolean> builder()
.result(permissionPolicyService.createPermissionPolicy(param)).build();
}
/**
*
*
* @param param {@link PermissionRoleUpdateParam}
* @return {@link Boolean}
*/
@Lock
@Preview
@Operation(summary = "修改资源")
@PutMapping(value = "/update/{id}")
@PreAuthorize(value = "authenticated and @sae.hasAuthority(T(cn.topiam.employee.support.security.userdetails.UserType).ADMIN)")
public ApiRestResult<Boolean> updatePolicy(@Validated AppPermissionPolicyUpdateParam param) {
return ApiRestResult.<Boolean> builder()
.result(permissionPolicyService.updatePermissionPolicy(param)).build();
}
/**
*
*
* @param id {@link String}
* @return {@link Boolean}
*/
@Lock
@Preview
@Operation(summary = "删除资源")
@DeleteMapping(value = "/delete/{id}")
@PreAuthorize(value = "authenticated and @sae.hasAuthority(T(cn.topiam.employee.support.security.userdetails.UserType).ADMIN)")
public ApiRestResult<Boolean> deletePermissionPolicy(@PathVariable(value = "id") String id) {
return ApiRestResult.<Boolean> builder()
.result(permissionPolicyService.deletePermissionPolicy(id)).build();
}
/**
*
*
* @param id {@link String}
* @return {@link Boolean}
*/
@Lock
@Preview
@Operation(summary = "获取资源信息")
@GetMapping(value = "/{id}")
@PreAuthorize(value = "authenticated and @sae.hasAuthority(T(cn.topiam.employee.support.security.userdetails.UserType).ADMIN)")
public ApiRestResult<AppPermissionPolicyGetResult> getPermissionPolicy(@PathVariable(value = "id") String id) {
//返回
return ApiRestResult.<AppPermissionPolicyGetResult> builder()
.result(permissionPolicyService.getPermissionPolicy(id)).build();
}
private final AppPermissionPolicyService permissionPolicyService;
}

205
eiam-console/src/main/java/cn/topiam/employee/console/controller/app/AppPermissionResourceController.java Normal file
View File

@ -0,0 +1,205 @@
/*
* eiam-console - Employee Identity and Access Management Program
* Copyright © 2020-2023 TopIAM (support@topiam.cn)
*
* This program is free software: you can redistribute it and/or modify
* it under the terms of the GNU Affero General Public License as published by
* the Free Software Foundation, either version 3 of the License, or
* (at your option) any later version.
*
* This program is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU Affero General Public License for more details.
*
* You should have received a copy of the GNU Affero General Public License
* along with this program. If not, see <http://www.gnu.org/licenses/>.
*/
package cn.topiam.employee.console.controller.app;
import org.springframework.http.MediaType;
import org.springframework.security.access.prepost.PreAuthorize;
import org.springframework.validation.annotation.Validated;
import org.springframework.web.bind.annotation.*;
import cn.topiam.employee.audit.annotation.Audit;
import cn.topiam.employee.audit.event.type.EventType;
import cn.topiam.employee.common.enums.CheckValidityType;
import cn.topiam.employee.console.pojo.query.app.AppResourceListQuery;
import cn.topiam.employee.console.pojo.result.app.AppPermissionResourceGetResult;
import cn.topiam.employee.console.pojo.result.app.AppPermissionResourceListResult;
import cn.topiam.employee.console.pojo.result.app.AppPermissionRoleListResult;
import cn.topiam.employee.console.pojo.save.app.AppPermissionResourceCreateParam;
import cn.topiam.employee.console.pojo.save.app.AppPermissionRoleCreateParam;
import cn.topiam.employee.console.pojo.update.app.AppPermissionResourceUpdateParam;
import cn.topiam.employee.console.pojo.update.app.PermissionRoleUpdateParam;
import cn.topiam.employee.console.service.app.AppPermissionResourceService;
import cn.topiam.employee.support.lock.Lock;
import cn.topiam.employee.support.preview.Preview;
import cn.topiam.employee.support.repository.page.domain.Page;
import cn.topiam.employee.support.repository.page.domain.PageModel;
import cn.topiam.employee.support.result.ApiRestResult;
import lombok.RequiredArgsConstructor;
import io.swagger.v3.oas.annotations.Operation;
import io.swagger.v3.oas.annotations.Parameter;
import io.swagger.v3.oas.annotations.tags.Tag;
import jakarta.validation.constraints.NotEmpty;
import jakarta.validation.constraints.NotNull;
import static cn.topiam.employee.common.constant.AppConstants.APP_PATH;
/**
*
*
* @author TopIAM
* Created by support@topiam.cn on 2022/7/12 22:30
*/
@Validated
@Tag(name = "应用权限-资源")
@RequestMapping(value = APP_PATH
+ "/permission/resource", produces = MediaType.APPLICATION_JSON_VALUE)
@RestController
@RequiredArgsConstructor
public class AppPermissionResourceController {
/**
*
*
* @param page {@link PageModel}
* @return {@link AppPermissionRoleListResult}
*/
@Operation(summary = "获取资源列表")
@GetMapping(value = "/list")
@PreAuthorize(value = "authenticated and @sae.hasAuthority(T(cn.topiam.employee.support.security.userdetails.UserType).ADMIN)")
public ApiRestResult<Page<AppPermissionResourceListResult>> getPermissionResourceList(PageModel page,
@Validated AppResourceListQuery query) {
Page<AppPermissionResourceListResult> result = appPermissionResourceService
.getPermissionResourceList(page, query);
return ApiRestResult.<Page<AppPermissionResourceListResult>> builder().result(result)
.build();
}
/**
*
*
* @param param {@link AppPermissionRoleCreateParam}
* @return {@link Boolean}
*/
@Lock
@Preview
@Operation(summary = "创建资源")
@Audit(type = EventType.SAVE_APP_PERMISSION_RESOURCE)
@PostMapping(value = "/create")
@PreAuthorize(value = "authenticated and @sae.hasAuthority(T(cn.topiam.employee.support.security.userdetails.UserType).ADMIN)")
public ApiRestResult<Boolean> createResource(@Validated @RequestBody AppPermissionResourceCreateParam param) {
return ApiRestResult.<Boolean> builder()
.result(appPermissionResourceService.createPermissionResource(param)).build();
}
/**
*
*
* @param param {@link PermissionRoleUpdateParam}
* @return {@link Boolean}
*/
@Lock
@Preview
@Operation(summary = "修改资源")
@Audit(type = EventType.UPDATE_APP_PERMISSION_RESOURCE)
@PutMapping(value = "/update")
@PreAuthorize(value = "authenticated and @sae.hasAuthority(T(cn.topiam.employee.support.security.userdetails.UserType).ADMIN)")
public ApiRestResult<Boolean> updateResource(@RequestBody @Validated AppPermissionResourceUpdateParam param) {
return ApiRestResult.<Boolean> builder()
.result(appPermissionResourceService.updatePermissionResource(param)).build();
}
/**
*
*
* @param id {@link String}
* @return {@link Boolean}
*/
@Lock
@Preview
@Operation(summary = "删除资源")
@Audit(type = EventType.DELETE_APP_PERMISSION_RESOURCE)
@DeleteMapping(value = "/delete/{id}")
@PreAuthorize(value = "authenticated and @sae.hasAuthority(T(cn.topiam.employee.support.security.userdetails.UserType).ADMIN)")
public ApiRestResult<Boolean> deletePermissionResource(@PathVariable(value = "id") String id) {
return ApiRestResult.<Boolean> builder()
.result(appPermissionResourceService.deletePermissionResource(id)).build();
}
/**
*
*
* @param id {@link String}
* @return {@link Boolean}
*/
@Operation(summary = "获取资源信息")
@GetMapping(value = "/get/{id}")
@PreAuthorize(value = "authenticated and @sae.hasAuthority(T(cn.topiam.employee.support.security.userdetails.UserType).ADMIN)")
public ApiRestResult<AppPermissionResourceGetResult> getPermissionResource(@PathVariable(value = "id") String id) {
//返回
return ApiRestResult.<AppPermissionResourceGetResult> builder()
.result(appPermissionResourceService.getPermissionResource(id)).build();
}
/**
*
*
* @param id {@link String}
* @return {@link Boolean}
*/
@Lock
@Preview
@Operation(summary = "启用资源")
@Audit(type = EventType.ENABLE_APP_PERMISSION_RESOURCE)
@PutMapping(value = "/enable/{id}")
@PreAuthorize(value = "authenticated and @sae.hasAuthority(T(cn.topiam.employee.support.security.userdetails.UserType).ADMIN)")
public ApiRestResult<Boolean> enableOrganization(@PathVariable(value = "id") Long id) {
return ApiRestResult.<Boolean> builder()
.result(appPermissionResourceService.updateStatus(id, Boolean.TRUE)).build();
}
/**
*
*
* @param id {@link String}
* @return {@link Boolean}
*/
@Lock
@Preview
@Operation(summary = "禁用资源")
@Audit(type = EventType.DISABLE_APP_PERMISSION_RESOURCE)
@PutMapping(value = "/disable/{id}")
@PreAuthorize(value = "authenticated and @sae.hasAuthority(T(cn.topiam.employee.support.security.userdetails.UserType).ADMIN)")
public ApiRestResult<Boolean> disableOrganization(@PathVariable(value = "id") Long id) {
return ApiRestResult.<Boolean> builder()
.result(appPermissionResourceService.updateStatus(id, Boolean.FALSE)).build();
}
/**
*
*
* @return {@link Boolean}
*/
@Operation(summary = "参数有效性验证")
@GetMapping(value = "/param_check")
@PreAuthorize(value = "authenticated and @sae.hasAuthority(T(cn.topiam.employee.support.security.userdetails.UserType).ADMIN)")
public ApiRestResult<Boolean> resourceParamCheck(@Parameter(description = "验证类型") @NotNull(message = "验证类型不能为空") CheckValidityType type,
@Parameter(description = "值") @NotEmpty(message = "验证值不能为空") String value,
@Parameter(description = "应用ID") @NotNull(message = "应用ID不能为空") Long appId,
@Parameter(description = "ID") Long id) {
Boolean result = appPermissionResourceService.permissionResourceParamCheck(type, value,
appId, id);
//返回
return ApiRestResult.<Boolean> builder().result(result).build();
}
/**
*
*/
private final AppPermissionResourceService appPermissionResourceService;
}

197
eiam-console/src/main/java/cn/topiam/employee/console/controller/app/AppPermissionRoleController.java Normal file
View File

@ -0,0 +1,197 @@
/*
* eiam-console - Employee Identity and Access Management Program
* Copyright © 2020-2023 TopIAM (support@topiam.cn)
*
* This program is free software: you can redistribute it and/or modify
* it under the terms of the GNU Affero General Public License as published by
* the Free Software Foundation, either version 3 of the License, or
* (at your option) any later version.
*
* This program is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU Affero General Public License for more details.
*
* You should have received a copy of the GNU Affero General Public License
* along with this program. If not, see <http://www.gnu.org/licenses/>.
*/
package cn.topiam.employee.console.controller.app;
import org.springframework.http.MediaType;
import org.springframework.security.access.prepost.PreAuthorize;
import org.springframework.validation.annotation.Validated;
import org.springframework.web.bind.annotation.*;
import cn.topiam.employee.audit.annotation.Audit;
import cn.topiam.employee.audit.event.type.EventType;
import cn.topiam.employee.common.enums.CheckValidityType;
import cn.topiam.employee.console.pojo.query.app.AppPermissionRoleListQuery;
import cn.topiam.employee.console.pojo.result.app.AppPermissionRoleListResult;
import cn.topiam.employee.console.pojo.result.app.AppPermissionRoleResult;
import cn.topiam.employee.console.pojo.save.app.AppPermissionRoleCreateParam;
import cn.topiam.employee.console.pojo.update.app.PermissionRoleUpdateParam;
import cn.topiam.employee.console.service.app.AppPermissionRoleService;
import cn.topiam.employee.support.lock.Lock;
import cn.topiam.employee.support.preview.Preview;
import cn.topiam.employee.support.repository.page.domain.Page;
import cn.topiam.employee.support.repository.page.domain.PageModel;
import cn.topiam.employee.support.result.ApiRestResult;
import lombok.RequiredArgsConstructor;
import io.swagger.v3.oas.annotations.Operation;
import io.swagger.v3.oas.annotations.Parameter;
import io.swagger.v3.oas.annotations.tags.Tag;
import jakarta.validation.constraints.NotEmpty;
import jakarta.validation.constraints.NotNull;
import static cn.topiam.employee.common.constant.AppConstants.APP_PATH;
/**
*
*
* @author TopIAM
* Created by support@topiam.cn on 2020/8/26 20:28
*/
@RequiredArgsConstructor
@Validated
@Tag(name = "应用权限-角色")
@RequestMapping(value = APP_PATH + "/permission/role", produces = MediaType.APPLICATION_JSON_VALUE)
@RestController
public class AppPermissionRoleController {
/**
*
*
* @param page {@link PageModel}
* @return {@link AppPermissionRoleListResult}
*/
@Operation(summary = "获取角色列表")
@GetMapping(value = "/list")
@PreAuthorize(value = "authenticated and @sae.hasAuthority(T(cn.topiam.employee.support.security.userdetails.UserType).ADMIN)")
public ApiRestResult<Page<AppPermissionRoleListResult>> getPermissionRoleList(PageModel page,
@Validated AppPermissionRoleListQuery query) {
Page<AppPermissionRoleListResult> result = appPermissionRoleService
.getPermissionRoleList(page, query);
return ApiRestResult.<Page<AppPermissionRoleListResult>> builder().result(result).build();
}
/**
*
*
* @param param {@link AppPermissionRoleCreateParam}
* @return {@link Boolean}
*/
@Lock
@Preview
@Operation(summary = "创建角色")
@Audit(type = EventType.SAVE_APP_PERMISSION_ROLE)
@PostMapping(value = "/create")
@PreAuthorize(value = "authenticated and @sae.hasAuthority(T(cn.topiam.employee.support.security.userdetails.UserType).ADMIN)")
public ApiRestResult<Boolean> createPermissionRole(@Validated @RequestBody AppPermissionRoleCreateParam param) {
return ApiRestResult.<Boolean> builder()
.result(appPermissionRoleService.createPermissionRole(param)).build();
}
/**
*
*
* @param param {@link PermissionRoleUpdateParam}
* @return {@link Boolean}
*/
@Lock
@Preview
@Operation(summary = "修改角色")
@Audit(type = EventType.UPDATE_APP_PERMISSION_ROLE)
@PutMapping(value = "/update")
@PreAuthorize(value = "authenticated and @sae.hasAuthority(T(cn.topiam.employee.support.security.userdetails.UserType).ADMIN)")
public ApiRestResult<Boolean> updatePermissionRole(@RequestBody @Validated PermissionRoleUpdateParam param) {
return ApiRestResult.<Boolean> builder()
.result(appPermissionRoleService.updatePermissionRole(param)).build();
}
/**
*
*
* @param ids {@link String}
* @return {@link Boolean}
*/
@Lock
@Preview
@Operation(summary = "删除角色")
@Audit(type = EventType.DELETE_APP_PERMISSION_ROLE)
@DeleteMapping(value = "/delete/{ids}")
@PreAuthorize(value = "authenticated and @sae.hasAuthority(T(cn.topiam.employee.support.security.userdetails.UserType).ADMIN)")
public ApiRestResult<Boolean> deletePermissionRole(@PathVariable(value = "ids") String ids) {
return ApiRestResult.<Boolean> builder()
.result(appPermissionRoleService.deletePermissionRole(ids)).build();
}
/**
*
*
* @param id {@link String}
* @return {@link Boolean}
*/
@Operation(summary = "获取角色信息")
@GetMapping(value = "/{id}")
@PreAuthorize(value = "authenticated and @sae.hasAuthority(T(cn.topiam.employee.support.security.userdetails.UserType).ADMIN)")
public ApiRestResult<AppPermissionRoleResult> getPermissionRole(@PathVariable(value = "id") Long id) {
AppPermissionRoleResult details = appPermissionRoleService.getPermissionRole(id);
//返回
return ApiRestResult.<AppPermissionRoleResult> builder().result(details).build();
}
/**
*
*
* @param id {@link String}
* @return {@link Boolean}
*/
@Lock
@Preview
@Operation(summary = "启用角色")
@PutMapping(value = "/enable/{id}")
@PreAuthorize(value = "authenticated and @sae.hasAuthority(T(cn.topiam.employee.support.security.userdetails.UserType).ADMIN)")
public ApiRestResult<Boolean> enablePermissionRole(@PathVariable(value = "id") String id) {
Boolean result = appPermissionRoleService.updatePermissionRoleStatus(id, Boolean.TRUE);
return ApiRestResult.<Boolean> builder().result(result).build();
}
/**
*
*
* @param id {@link String}
* @return {@link Boolean}
*/
@Lock
@Preview
@Operation(summary = "禁用角色")
@PutMapping(value = "/disable/{id}")
@PreAuthorize(value = "authenticated and @sae.hasAuthority(T(cn.topiam.employee.support.security.userdetails.UserType).ADMIN)")
public ApiRestResult<Boolean> disablePermissionRole(@PathVariable(value = "id") String id) {
Boolean result = appPermissionRoleService.updatePermissionRoleStatus(id, Boolean.FALSE);
return ApiRestResult.<Boolean> builder().result(result).build();
}
/**
*
*
* @return {@link Boolean}
*/
@Operation(summary = "参数有效性验证")
@GetMapping(value = "/param_check")
@PreAuthorize(value = "authenticated and @sae.hasAuthority(T(cn.topiam.employee.support.security.userdetails.UserType).ADMIN)")
public ApiRestResult<Boolean> permissionRoleParamCheck(@Parameter(description = "验证类型") @NotNull(message = "验证类型不能为空") CheckValidityType type,
@Parameter(description = "值") @NotEmpty(message = "验证值不能为空") String value,
@Parameter(description = "应用ID") @NotNull(message = "应用ID不能为空") Long appId,
@Parameter(description = "ID") Long id) {
Boolean result = appPermissionRoleService.permissionRoleParamCheck(type, value, appId, id);
//返回
return ApiRestResult.<Boolean> builder().result(result).build();
}
/**
*
*/
private final AppPermissionRoleService appPermissionRoleService;
}

2
eiam-console/src/main/java/cn/topiam/employee/console/converter/account/UserConverter.java
View File

@ -144,7 +144,7 @@ public interface UserConverter {
}
userEntity.setFullName(param.getFullName());
userEntity.setNickName(param.getNickName());
userEntity.setLastUpdatePasswordTime(java.time.LocalDateTime.now());
userEntity.setLastUpdatePasswordTime(LocalDateTime.now());
userEntity.setStatus(cn.topiam.employee.common.enums.UserStatus.ENABLE);
userEntity.setAvatar(CommonConstants.getRandomAvatar());
userEntity.setDataOrigin(cn.topiam.employee.common.enums.DataOrigin.INPUT);

126
eiam-console/src/main/java/cn/topiam/employee/console/converter/app/AppPermissionActionConverter.java Normal file
View File

@ -0,0 +1,126 @@
/*
* eiam-console - Employee Identity and Access Management Program
* Copyright © 2020-2023 TopIAM (support@topiam.cn)
*
* This program is free software: you can redistribute it and/or modify
* it under the terms of the GNU Affero General Public License as published by
* the Free Software Foundation, either version 3 of the License, or
* (at your option) any later version.
*
* This program is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU Affero General Public License for more details.
*
* You should have received a copy of the GNU Affero General Public License
* along with this program. If not, see <http://www.gnu.org/licenses/>.
*/
package cn.topiam.employee.console.converter.app;
import java.util.ArrayList;
import java.util.List;
import org.apache.commons.lang3.StringUtils;
import org.mapstruct.Mapper;
import org.mapstruct.Mapping;
import org.springframework.util.ObjectUtils;
import com.querydsl.core.types.ExpressionUtils;
import com.querydsl.core.types.Predicate;
import cn.topiam.employee.common.entity.app.AppPermissionActionEntity;
import cn.topiam.employee.common.entity.app.AppPermissionResourceEntity;
import cn.topiam.employee.common.entity.app.QAppPermissionResourceEntity;
import cn.topiam.employee.common.enums.PermissionActionType;
import cn.topiam.employee.console.pojo.query.app.AppPermissionActionListQuery;
import cn.topiam.employee.console.pojo.result.app.AppPermissionActionListResult;
/**
*
*
* @author TopIAM
* Created by support@topiam.cn on 2020/8/14 22:45
*/
@Mapper(componentModel = "spring")
public interface AppPermissionActionConverter {
/**
*
*
* @param query {@link AppPermissionActionListQuery}
* @return {@link Predicate}
*/
default Predicate appPermissionActionListQueryConvertToPredicate(AppPermissionActionListQuery query) {
QAppPermissionResourceEntity resource = QAppPermissionResourceEntity.appPermissionResourceEntity;
Predicate predicate = ExpressionUtils.and(resource.isNotNull(),
resource.deleted.eq(Boolean.FALSE));
//查询条件
//@formatter:off
// 资源名称
predicate = StringUtils.isBlank(query.getName()) ? predicate : ExpressionUtils.and(predicate, resource.name.like("%" + query.getName() + "%"));
// 资源ID
predicate = ObjectUtils.isEmpty(query.getId()) ? predicate : ExpressionUtils.and(predicate, resource.id.eq(Long.valueOf(query.getId())));
//应用ID
predicate = ObjectUtils.isEmpty(query.getAppId()) ? predicate : ExpressionUtils.and(predicate, resource.appId.eq(Long.valueOf(query.getAppId())));
//@formatter:on
return predicate;
}
/**
*
*
* @param list {@link AppPermissionResourceEntity}
* @return {@link AppPermissionActionListResult}
*/
default List<AppPermissionActionListResult> entityConvertToResourceActionListResult(List<AppPermissionResourceEntity> list) {
List<AppPermissionActionListResult> results = new ArrayList<>();
List<AppPermissionActionListResult.Action> menus = new ArrayList<>();
List<AppPermissionActionListResult.Action> apis = new ArrayList<>();
List<AppPermissionActionListResult.Action> buttons = new ArrayList<>();
List<AppPermissionActionListResult.Action> others = new ArrayList<>();
List<AppPermissionActionListResult.Action> datas = new ArrayList<>();
for (AppPermissionResourceEntity resource : list) {
for (AppPermissionActionEntity action : resource.getActions()) {
if (PermissionActionType.MENU.equals(action.getType())) {
menus.add(actionConvertToResourceActionResult(action));
}
if (PermissionActionType.API.equals(action.getType())) {
apis.add(actionConvertToResourceActionResult(action));
}
if (PermissionActionType.DATA.equals(action.getType())) {
datas.add(actionConvertToResourceActionResult(action));
}
if (PermissionActionType.BUTTON.equals(action.getType())) {
buttons.add(actionConvertToResourceActionResult(action));
}
if (PermissionActionType.OTHER.equals(action.getType())) {
others.add(actionConvertToResourceActionResult(action));
}
}
AppPermissionActionListResult result = new AppPermissionActionListResult();
//基本信息
result.setAppId(resource.getAppId().toString());
result.setId(resource.getId().toString());
result.setName(resource.getName());
result.setEnabled(resource.getEnabled());
result.setDesc(resource.getDesc());
//权限资源
result.setButtons(buttons);
result.setApis(apis);
result.setDatas(datas);
result.setMenus(menus);
result.setOthers(others);
results.add(result);
}
return results;
}
/**
* actionConvertToResourceActionResult
*
* @param action {@link AppPermissionActionEntity}
* @return {@link AppPermissionActionListResult.Action}
*/
@Mapping(target = "access", source = "value")
AppPermissionActionListResult.Action actionConvertToResourceActionResult(AppPermissionActionEntity action);
}

105
eiam-console/src/main/java/cn/topiam/employee/console/converter/app/AppPermissionPolicyConverter.java Normal file
View File

@ -0,0 +1,105 @@
/*
* eiam-console - Employee Identity and Access Management Program
* Copyright © 2020-2023 TopIAM (support@topiam.cn)
*
* This program is free software: you can redistribute it and/or modify
* it under the terms of the GNU Affero General Public License as published by
* the Free Software Foundation, either version 3 of the License, or
* (at your option) any later version.
*
* This program is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU Affero General Public License for more details.
*
* You should have received a copy of the GNU Affero General Public License
* along with this program. If not, see <http://www.gnu.org/licenses/>.
*/
package cn.topiam.employee.console.converter.app;
import java.util.ArrayList;
import java.util.List;
import org.mapstruct.Mapper;
import org.mapstruct.Mapping;
import org.springframework.util.CollectionUtils;
import cn.topiam.employee.common.entity.app.AppPermissionPolicyEntity;
import cn.topiam.employee.common.entity.app.po.AppPermissionPolicyPO;
import cn.topiam.employee.console.pojo.result.app.AppPermissionPolicyListResult;
import cn.topiam.employee.console.pojo.save.app.AppPermissionPolicyCreateParam;
import cn.topiam.employee.console.pojo.update.app.AppPermissionPolicyUpdateParam;
import cn.topiam.employee.support.repository.page.domain.Page;
/**
*
*
* @author TopIAM
* Created by support@topiam.cn on 2020/8/14 22:45
*/
@Mapper(componentModel = "spring", uses = AppPermissionActionConverter.class)
public interface AppPermissionPolicyConverter {
/**
*
*
* @param param {@link AppPermissionPolicyCreateParam}
* @return {@link AppPermissionPolicyEntity}
*/
@Mapping(target = "deleted", ignore = true)
@Mapping(target = "id", ignore = true)
@Mapping(target = "updateTime", ignore = true)
@Mapping(target = "updateBy", ignore = true)
@Mapping(target = "remark", ignore = true)
@Mapping(target = "createTime", ignore = true)
@Mapping(target = "createBy", ignore = true)
AppPermissionPolicyEntity policyCreateParamConvertToEntity(AppPermissionPolicyCreateParam param);
/**
*
*
* @param param {@link AppPermissionPolicyCreateParam}
* @return {@link AppPermissionPolicyEntity}
*/
@Mapping(target = "deleted", ignore = true)
@Mapping(target = "updateTime", ignore = true)
@Mapping(target = "updateBy", ignore = true)
@Mapping(target = "remark", ignore = true)
@Mapping(target = "createTime", ignore = true)
@Mapping(target = "createBy", ignore = true)
AppPermissionPolicyEntity policyUpdateParamConvertToEntity(AppPermissionPolicyUpdateParam param);
/**
*
*
* @param page {@link Page}
* @return {@link Page}
*/
default Page<AppPermissionPolicyListResult> entityConvertToPolicyListResult(org.springframework.data.domain.Page<AppPermissionPolicyPO> page) {
Page<AppPermissionPolicyListResult> result = new Page<>();
List<AppPermissionPolicyPO> pageList = page.getContent();
if (!CollectionUtils.isEmpty(pageList)) {
//@formatter:off
result.setPagination(Page.Pagination.builder()
.total(page.getTotalElements())
.totalPages(page.getTotalPages())
.current(page.getPageable().getPageNumber() + 1)
.build());
//@formatter:on
List<AppPermissionPolicyListResult> list = new ArrayList<>();
for (AppPermissionPolicyPO po : pageList) {
list.add(entityConvertToPolicyListResult(po));
}
result.setList(list);
}
return result;
}
/**
* entityConvertToPolicyListResult
*
* @param entity {@link AppPermissionPolicyListResult}
* @return {@link AppPermissionPolicyPO}
*/
AppPermissionPolicyListResult entityConvertToPolicyListResult(AppPermissionPolicyPO entity);
}

143
eiam-console/src/main/java/cn/topiam/employee/console/converter/app/AppPermissionResourceConverter.java Normal file
View File

@ -0,0 +1,143 @@
/*
* eiam-console - Employee Identity and Access Management Program
* Copyright © 2020-2023 TopIAM (support@topiam.cn)
*
* This program is free software: you can redistribute it and/or modify
* it under the terms of the GNU Affero General Public License as published by
* the Free Software Foundation, either version 3 of the License, or
* (at your option) any later version.
*
* This program is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU Affero General Public License for more details.
*
* You should have received a copy of the GNU Affero General Public License
* along with this program. If not, see <http://www.gnu.org/licenses/>.
*/
package cn.topiam.employee.console.converter.app;
import java.util.ArrayList;
import java.util.List;
import org.apache.commons.lang3.StringUtils;
import org.mapstruct.Mapper;
import org.mapstruct.Mapping;
import org.springframework.util.CollectionUtils;
import org.springframework.util.ObjectUtils;
import com.querydsl.core.types.ExpressionUtils;
import com.querydsl.core.types.Predicate;
import cn.topiam.employee.common.entity.app.AppPermissionResourceEntity;
import cn.topiam.employee.common.entity.app.QAppPermissionResourceEntity;
import cn.topiam.employee.console.pojo.query.app.AppResourceListQuery;
import cn.topiam.employee.console.pojo.result.app.AppPermissionResourceGetResult;
import cn.topiam.employee.console.pojo.result.app.AppPermissionResourceListResult;
import cn.topiam.employee.console.pojo.save.app.AppPermissionResourceCreateParam;
import cn.topiam.employee.console.pojo.update.app.AppPermissionResourceUpdateParam;
import cn.topiam.employee.support.repository.page.domain.Page;
/**
*
*
* @author TopIAM
* Created by support@topiam.cn on 2020/8/14 22:45
*/
@Mapper(componentModel = "spring", uses = AppPermissionActionConverter.class)
public interface AppPermissionResourceConverter {
/**
*
*
* @param query {@link AppResourceListQuery}
* @return {@link Predicate}
*/
default Predicate resourcePaginationParamConvertToPredicate(AppResourceListQuery query) {
QAppPermissionResourceEntity resource = QAppPermissionResourceEntity.appPermissionResourceEntity;
Predicate predicate = ExpressionUtils.and(resource.isNotNull(),
resource.deleted.eq(Boolean.FALSE));
//查询条件
//@formatter:off
// 资源名称
predicate = StringUtils.isBlank(query.getName()) ? predicate : ExpressionUtils.and(predicate, resource.name.like("%" + query.getName() + "%"));
// 所属应用
predicate = ObjectUtils.isEmpty(query.getAppId()) ? predicate : ExpressionUtils.and(predicate, resource.appId.eq(query.getAppId()));
//@formatter:on
return predicate;
}
/**
*
*
* @param param {@link AppPermissionResourceCreateParam}
* @return {@link AppPermissionResourceEntity}
*/
@Mapping(target = "deleted", ignore = true)
@Mapping(target = "actions", ignore = true)
@Mapping(target = "id", ignore = true)
@Mapping(target = "updateTime", ignore = true)
@Mapping(target = "updateBy", ignore = true)
@Mapping(target = "remark", ignore = true)
@Mapping(target = "createTime", ignore = true)
@Mapping(target = "createBy", ignore = true)
AppPermissionResourceEntity resourceCreateParamConvertToEntity(AppPermissionResourceCreateParam param);
/**
*
*
* @param param {@link AppPermissionResourceCreateParam}
* @return {@link AppPermissionResourceEntity}
*/
@Mapping(target = "deleted", ignore = true)
@Mapping(target = "actions", ignore = true)
@Mapping(target = "updateTime", ignore = true)
@Mapping(target = "updateBy", ignore = true)
@Mapping(target = "remark", ignore = true)
@Mapping(target = "createTime", ignore = true)
@Mapping(target = "createBy", ignore = true)
AppPermissionResourceEntity resourceUpdateParamConvertToEntity(AppPermissionResourceUpdateParam param);
/**
*
*
* @param page {@link Page}
* @return {@link Page}
*/
default Page<AppPermissionResourceListResult> entityConvertToResourceListResult(org.springframework.data.domain.Page<AppPermissionResourceEntity> page) {
Page<AppPermissionResourceListResult> result = new Page<>();
List<AppPermissionResourceEntity> pageList = page.getContent();
if (!CollectionUtils.isEmpty(pageList)) {
List<AppPermissionResourceListResult> list = new ArrayList<>();
for (AppPermissionResourceEntity resource : pageList) {
list.add(entityConvertToResourceListResult(resource));
}
//@formatter:off
result.setPagination(Page.Pagination.builder()
.total(page.getTotalElements())
.totalPages(page.getTotalPages())
.current(page.getPageable().getPageNumber() + 1)
.build());
//@formatter:on
result.setList(list);
}
return result;
}
/**
*
*
* @param data {@link AppPermissionResourceEntity}
* @return {@link AppPermissionResourceListResult}
*/
AppPermissionResourceListResult entityConvertToResourceListResult(AppPermissionResourceEntity data);
/**
*
*
* @param resource {@link AppPermissionResourceEntity}
* @return {@link AppPermissionResourceGetResult}
*/
@Mapping(target = "actions", source = "actions")
AppPermissionResourceGetResult entityConvertToResourceGetResult(AppPermissionResourceEntity resource);
}

143
eiam-console/src/main/java/cn/topiam/employee/console/converter/app/AppPermissionRoleConverter.java Normal file
View File

@ -0,0 +1,143 @@
/*
* eiam-console - Employee Identity and Access Management Program
* Copyright © 2020-2023 TopIAM (support@topiam.cn)
*
* This program is free software: you can redistribute it and/or modify
* it under the terms of the GNU Affero General Public License as published by
* the Free Software Foundation, either version 3 of the License, or
* (at your option) any later version.
*
* This program is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU Affero General Public License for more details.
*
* You should have received a copy of the GNU Affero General Public License
* along with this program. If not, see <http://www.gnu.org/licenses/>.
*/
package cn.topiam.employee.console.converter.app;
import java.util.ArrayList;
import java.util.List;
import org.apache.commons.lang3.StringUtils;
import org.mapstruct.Mapper;
import org.mapstruct.Mapping;
import org.springframework.util.CollectionUtils;
import org.springframework.util.ObjectUtils;
import com.querydsl.core.types.ExpressionUtils;
import com.querydsl.core.types.Predicate;
import cn.topiam.employee.common.entity.app.AppPermissionRoleEntity;
import cn.topiam.employee.common.entity.app.QAppPermissionRoleEntity;
import cn.topiam.employee.console.pojo.query.app.AppPermissionRoleListQuery;
import cn.topiam.employee.console.pojo.result.app.AppPermissionRoleListResult;
import cn.topiam.employee.console.pojo.result.app.AppPermissionRoleResult;
import cn.topiam.employee.console.pojo.save.app.AppPermissionRoleCreateParam;
import cn.topiam.employee.console.pojo.update.app.PermissionRoleUpdateParam;
import cn.topiam.employee.support.repository.page.domain.Page;
/**
*
*
* @author TopIAM
* Created by support@topiam.cn on 2020/8/14 22:45
*/
@Mapper(componentModel = "spring")
public interface AppPermissionRoleConverter {
/**
*
*
* @param page {@link Page}
* @return {@link Page}
*/
default Page<AppPermissionRoleListResult> entityConvertToRolePaginationResult(org.springframework.data.domain.Page<AppPermissionRoleEntity> page) {
Page<AppPermissionRoleListResult> result = new Page<>();
if (!CollectionUtils.isEmpty(page.getContent())) {
List<AppPermissionRoleListResult> list = new ArrayList<>();
for (AppPermissionRoleEntity user : page.getContent()) {
list.add(entityConvertToRolePaginationResult(user));
}
//@formatter:off
result.setPagination(Page.Pagination.builder()
.total(page.getTotalElements())
.totalPages(page.getTotalPages())
.current(page.getPageable().getPageNumber() + 1)
.build());
//@formatter:on
result.setList(list);
}
return result;
}
/**
*
*
* @param page {@link AppPermissionRoleEntity}
* @return {@link AppPermissionRoleListResult}
*/
AppPermissionRoleListResult entityConvertToRolePaginationResult(AppPermissionRoleEntity page);
/**
*
*
* @param param {@link AppPermissionRoleCreateParam}
* @return {@link AppPermissionRoleEntity}
*/
@Mapping(target = "deleted", ignore = true)
@Mapping(target = "id", ignore = true)
@Mapping(target = "enabled", expression = "java(Boolean.TRUE)")
@Mapping(target = "updateTime", ignore = true)
@Mapping(target = "updateBy", ignore = true)
@Mapping(target = "createTime", ignore = true)
@Mapping(target = "createBy", ignore = true)
AppPermissionRoleEntity roleCreateParamConvertToEntity(AppPermissionRoleCreateParam param);
/**
*
*
* @param param {@link PermissionRoleUpdateParam}
* @return {@link AppPermissionRoleEntity}
*/
@Mapping(target = "deleted", ignore = true)
@Mapping(target = "appId", ignore = true)
@Mapping(target = "enabled", ignore = true)
@Mapping(target = "updateTime", ignore = true)
@Mapping(target = "updateBy", ignore = true)
@Mapping(target = "createTime", ignore = true)
@Mapping(target = "createBy", ignore = true)
AppPermissionRoleEntity roleUpdateParamConvertToEntity(PermissionRoleUpdateParam param);
/**
*
*
* @param role {@link AppPermissionRoleEntity}
* @return {@link AppPermissionRoleResult}
*/
AppPermissionRoleResult entityConvertToRoleDetailResult(AppPermissionRoleEntity role);
/**
*
*
* @param query {@link AppPermissionRoleListQuery}
* @return {@link AppPermissionRoleEntity}
*/
default Predicate rolePaginationParamConvertToPredicate(AppPermissionRoleListQuery query) {
QAppPermissionRoleEntity role = QAppPermissionRoleEntity.appPermissionRoleEntity;
Predicate predicate = ExpressionUtils.and(role.isNotNull(), role.deleted.eq(Boolean.FALSE));
//查询条件
//@formatter:off
// 角色名称
predicate = StringUtils.isBlank(query.getName()) ? predicate : ExpressionUtils.and(predicate, role.name.like("%" + query.getName() + "%"));
// 是否启用
predicate = ObjectUtils.isEmpty(query.getEnabled()) ? predicate : ExpressionUtils.and(predicate, role.enabled.eq(query.getEnabled()));
// 角色编码
predicate = StringUtils.isBlank(query.getCode()) ? predicate : ExpressionUtils.and(predicate, role.code.eq(query.getCode()));
// 所属应用
predicate = ObjectUtils.isEmpty(query.getAppId()) ? predicate : ExpressionUtils.and(predicate, role.appId.eq(query.getAppId()));
//@formatter:on
return predicate;
}
}

64
eiam-console/src/main/java/cn/topiam/employee/console/pojo/query/app/AppPermissionActionListQuery.java Normal file
View File

@ -0,0 +1,64 @@
/*
* eiam-console - Employee Identity and Access Management Program
* Copyright © 2020-2023 TopIAM (support@topiam.cn)
*
* This program is free software: you can redistribute it and/or modify
* it under the terms of the GNU Affero General Public License as published by
* the Free Software Foundation, either version 3 of the License, or
* (at your option) any later version.
*
* This program is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU Affero General Public License for more details.
*
* You should have received a copy of the GNU Affero General Public License
* along with this program. If not, see <http://www.gnu.org/licenses/>.
*/
package cn.topiam.employee.console.pojo.query.app;
import java.io.Serial;
import java.io.Serializable;
import org.springdoc.core.annotations.ParameterObject;
import lombok.Data;
import io.swagger.v3.oas.annotations.Parameter;
import io.swagger.v3.oas.annotations.media.Schema;
import jakarta.validation.constraints.NotEmpty;
/**
*
*
* @author TopIAM
* Created by support@topiam.cn on 2020/8/11 23:08
*/
@Data
@Schema(description = "查询权限列表入参")
@ParameterObject
public class AppPermissionActionListQuery implements Serializable {
@Serial
private static final long serialVersionUID = 4307939244290315206L;
/**
* ID
*/
@Parameter(description = "资源ID")
private String id;
/**
*
*/
@Parameter(description = "资源名称")
private String name;
/**
* ID
*/
@Parameter(description = "应用ID")
@NotEmpty(message = "应用ID不能为空")
private String appId;
}

66
eiam-console/src/main/java/cn/topiam/employee/console/pojo/query/app/AppPermissionRoleListQuery.java Normal file
View File

@ -0,0 +1,66 @@
/*
* eiam-console - Employee Identity and Access Management Program
* Copyright © 2020-2023 TopIAM (support@topiam.cn)
*
* This program is free software: you can redistribute it and/or modify
* it under the terms of the GNU Affero General Public License as published by
* the Free Software Foundation, either version 3 of the License, or
* (at your option) any later version.
*
* This program is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU Affero General Public License for more details.
*
* You should have received a copy of the GNU Affero General Public License
* along with this program. If not, see <http://www.gnu.org/licenses/>.
*/
package cn.topiam.employee.console.pojo.query.app;
import java.io.Serializable;
import org.springdoc.core.annotations.ParameterObject;
import lombok.Data;
import io.swagger.v3.oas.annotations.Parameter;
import io.swagger.v3.oas.annotations.media.Schema;
import jakarta.validation.constraints.NotNull;
/**
*
*
* @author TopIAM
* Created by support@topiam.cn on 2020/8/11 23:08
*/
@Data
@Schema(description = "查询角色列表入参")
@ParameterObject
public class AppPermissionRoleListQuery implements Serializable {
/**
*
*/
@Parameter(description = "角色名称")
private String name;
/**
*
*/
@Parameter(description = "角色编码")
private String code;
/**
*
*/
@NotNull(message = "请选择角色所属应用")
@Parameter(description = "所属应用")
private Long appId;
/**
*
*/
@Parameter(description = "是否启用")
private Boolean enabled;
}

60
eiam-console/src/main/java/cn/topiam/employee/console/pojo/query/app/AppResourceListQuery.java Normal file
View File

@ -0,0 +1,60 @@
/*
* eiam-console - Employee Identity and Access Management Program
* Copyright © 2020-2023 TopIAM (support@topiam.cn)
*
* This program is free software: you can redistribute it and/or modify
* it under the terms of the GNU Affero General Public License as published by
* the Free Software Foundation, either version 3 of the License, or
* (at your option) any later version.
*
* This program is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU Affero General Public License for more details.
*
* You should have received a copy of the GNU Affero General Public License
* along with this program. If not, see <http://www.gnu.org/licenses/>.
*/
package cn.topiam.employee.console.pojo.query.app;
import java.io.Serializable;
import org.springdoc.core.annotations.ParameterObject;
import lombok.Data;
import io.swagger.v3.oas.annotations.Parameter;
import io.swagger.v3.oas.annotations.media.Schema;
import jakarta.validation.constraints.NotNull;
/**
*
*
* @author TopIAM
* Created by support@topiam.cn on 2020/8/11 23:08
*/
@Data
@Schema(description = "查询权限资源列表入参")
@ParameterObject
public class AppResourceListQuery implements Serializable {
/**
*
*/
@Parameter(description = "资源名称")
private String name;
/**
*
*/
@NotNull(message = "请选择资源所属应用")
@Parameter(description = "所属应用")
private Long appId;
/**
*
*/
@Parameter(description = "是否启用")
private Boolean enabled;
}

131
eiam-console/src/main/java/cn/topiam/employee/console/pojo/result/app/AppPermissionActionListResult.java Normal file
View File

@ -0,0 +1,131 @@
/*
* eiam-console - Employee Identity and Access Management Program
* Copyright © 2020-2023 TopIAM (support@topiam.cn)
*
* This program is free software: you can redistribute it and/or modify
* it under the terms of the GNU Affero General Public License as published by
* the Free Software Foundation, either version 3 of the License, or
* (at your option) any later version.
*
* This program is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU Affero General Public License for more details.
*
* You should have received a copy of the GNU Affero General Public License
* along with this program. If not, see <http://www.gnu.org/licenses/>.
*/
package cn.topiam.employee.console.pojo.result.app;
import java.io.Serial;
import java.io.Serializable;
import java.util.List;
import lombok.Data;
import lombok.experimental.Accessors;
import io.swagger.v3.oas.annotations.Parameter;
import io.swagger.v3.oas.annotations.media.Schema;
/**
*
*
* @author TopIAM
* Created by support@topiam.cn on 2020/8/11 23:08
*/
@Data
@Accessors(chain = true)
@Schema(description = "获取应用资源权限列表")
public class AppPermissionActionListResult implements Serializable {
@Serial
private static final long serialVersionUID = 3320953184046791392L;
/**
* ID
*/
@Parameter(description = "资源ID")
private String id;
/**
*
*/
@Parameter(description = "资源编码")
private String code;
/**
*
*/
@Parameter(description = "资源名称")
private String name;
/**
*
*/
@Parameter(description = "所属应用")
private String appId;
/**
* desc
*/
@Parameter(description = "描述")
private String desc;
/**
*
*/
@Parameter(description = "是否启用")
private Boolean enabled;
/**
*
*/
@Parameter(description = "菜单权限")
private List<Action> menus;
/**
*
*/
@Parameter(description = "操作权限")
private List<Action> buttons;
/**
*
*/
@Parameter(description = "接口权限")
private List<Action> apis;
/**
*
*/
@Parameter(description = "数据权限")
private List<Action> datas;
/**
*
*/
@Parameter(description = "其他权限")
private List<Action> others;
@Data
@Schema(description = "权限项")
public static class Action implements Serializable {
/**
* ID
*/
@Parameter(description = "权限ID")
private String id;
/**
*
*/
@Parameter(description = "权限名称")
private String name;
/**
*
*/
@Parameter(description = "权限标识")
private String access;
}
}

87
eiam-console/src/main/java/cn/topiam/employee/console/pojo/result/app/AppPermissionPolicyGetResult.java Normal file
View File

@ -0,0 +1,87 @@
/*
* eiam-console - Employee Identity and Access Management Program
* Copyright © 2020-2023 TopIAM (support@topiam.cn)
*
* This program is free software: you can redistribute it and/or modify
* it under the terms of the GNU Affero General Public License as published by
* the Free Software Foundation, either version 3 of the License, or
* (at your option) any later version.
*
* This program is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU Affero General Public License for more details.
*
* You should have received a copy of the GNU Affero General Public License
* along with this program. If not, see <http://www.gnu.org/licenses/>.
*/
package cn.topiam.employee.console.pojo.result.app;
import java.io.Serializable;
import cn.topiam.employee.common.enums.app.AppPolicyEffect;
import cn.topiam.employee.common.enums.app.AppPolicyObjectType;
import cn.topiam.employee.common.enums.app.AppPolicySubjectType;
import lombok.Data;
import io.swagger.v3.oas.annotations.Parameter;
import io.swagger.v3.oas.annotations.media.Schema;
/**
*
*
* @author TopIAM
* Created by support@topiam.cn on 2020/8/26 21:45
*/
@Schema(description = "获取资源结果")
@Data
public class AppPermissionPolicyGetResult implements Serializable {
/**
* ID
*/
@Parameter(description = "id")
private String id;
/**
* id
*/
@Parameter(description = "授权主体id")
private String subjectId;
/**
*
*/
@Parameter(description = "授权主体名称")
private String subjectName;
/**
*
*/
@Parameter(description = "授权主体类型")
private AppPolicySubjectType subjectType;
/**
* ID
*/
@Parameter(description = "授权客体id")
private Long objectId;
/**
*
*/
@Parameter(description = "授权客体名称")
private String objectName;
/**
*
*/
@Parameter(description = "授权客体类型")
private AppPolicyObjectType objectType;
/**
*
*/
@Parameter(description = "授权作用")
private AppPolicyEffect effect;
}

84
eiam-console/src/main/java/cn/topiam/employee/console/pojo/result/app/AppPermissionPolicyListResult.java Normal file
View File

@ -0,0 +1,84 @@
/*
* eiam-console - Employee Identity and Access Management Program
* Copyright © 2020-2023 TopIAM (support@topiam.cn)
*
* This program is free software: you can redistribute it and/or modify
* it under the terms of the GNU Affero General Public License as published by
* the Free Software Foundation, either version 3 of the License, or
* (at your option) any later version.
*
* This program is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU Affero General Public License for more details.
*
* You should have received a copy of the GNU Affero General Public License
* along with this program. If not, see <http://www.gnu.org/licenses/>.
*/
package cn.topiam.employee.console.pojo.result.app;
import cn.topiam.employee.common.enums.app.AppPolicyEffect;
import cn.topiam.employee.common.enums.app.AppPolicyObjectType;
import cn.topiam.employee.common.enums.app.AppPolicySubjectType;
import lombok.Data;
import io.swagger.v3.oas.annotations.Parameter;
import io.swagger.v3.oas.annotations.media.Schema;
/**
*
* @author TopIAM
* Created by support@topiam.cn on 2022/9/9 23:33
*/
@Schema(description = "获取授权列表")
@Data
public class AppPermissionPolicyListResult {
/**
* ID
*/
@Parameter(description = "id")
private String id;
/**
* id
*/
@Parameter(description = "授权主体id")
private String subjectId;
/**
*
*/
@Parameter(description = "授权主体名称")
private String subjectName;
/**
*
*/
@Parameter(description = "授权主体类型")
private AppPolicySubjectType subjectType;
/**
* ID
*/
@Parameter(description = "授权客体id")
private Long objectId;
/**
*
*/
@Parameter(description = "授权客体名称")
private String objectName;
/**
*
*/
@Parameter(description = "授权客体类型")
private AppPolicyObjectType objectType;
/**
*
*/
@Parameter(description = "授权作用")
private AppPolicyEffect effect;
}

107
eiam-console/src/main/java/cn/topiam/employee/console/pojo/result/app/AppPermissionResourceGetResult.java Normal file
View File

@ -0,0 +1,107 @@
/*
* eiam-console - Employee Identity and Access Management Program
* Copyright © 2020-2023 TopIAM (support@topiam.cn)
*
* This program is free software: you can redistribute it and/or modify
* it under the terms of the GNU Affero General Public License as published by
* the Free Software Foundation, either version 3 of the License, or
* (at your option) any later version.
*
* This program is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU Affero General Public License for more details.
*
* You should have received a copy of the GNU Affero General Public License
* along with this program. If not, see <http://www.gnu.org/licenses/>.
*/
package cn.topiam.employee.console.pojo.result.app;
import java.io.Serial;
import java.io.Serializable;
import java.util.List;
import cn.topiam.employee.common.enums.PermissionActionType;
import lombok.Data;
import io.swagger.v3.oas.annotations.Hidden;
import io.swagger.v3.oas.annotations.media.Schema;
/**
*
*
* @author TopIAM
* Created by support@topiam.cn on 2020/8/26 21:45
*/
@Schema(description = "获取资源结果")
@Data
public class AppPermissionResourceGetResult implements Serializable {
/**
*
*/
@Schema(description = "资源名称")
private String name;
/**
*
*/
@Schema(description = "资源编码")
private String code;
/**
*
*/
@Schema(description = "资源描述")
private String desc;
/**
*
*/
@Schema(description = "所属应用")
private Long appId;
/**
*
*/
@Schema(description = "资源权限")
private List<AppPermissionsAction> actions;
/**
* AppPermissionsActionParam
*
* @author TopIAM
* Created by support@topiam.cn on 2022/9/1 00:18
*/
@Data
public static class AppPermissionsAction implements Serializable {
@Serial
private static final long serialVersionUID = -6391182747252245592L;
/**
* ID
*/
@Hidden
@Schema(description = "ID")
private String id;
/**
*
*/
@Schema(description = "权限类型")
private PermissionActionType type;
/**
*
*/
@Schema(description = "权限值")
private String value;
/**
*
*/
@Schema(description = "权限描述")
private String name;
}
}

77
eiam-console/src/main/java/cn/topiam/employee/console/pojo/result/app/AppPermissionResourceListResult.java Normal file
View File

@ -0,0 +1,77 @@
/*
* eiam-console - Employee Identity and Access Management Program
* Copyright © 2020-2023 TopIAM (support@topiam.cn)
*
* This program is free software: you can redistribute it and/or modify
* it under the terms of the GNU Affero General Public License as published by
* the Free Software Foundation, either version 3 of the License, or
* (at your option) any later version.
*
* This program is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU Affero General Public License for more details.
*
* You should have received a copy of the GNU Affero General Public License
* along with this program. If not, see <http://www.gnu.org/licenses/>.
*/
package cn.topiam.employee.console.pojo.result.app;
import java.io.Serial;
import java.io.Serializable;
import lombok.Data;
import lombok.experimental.Accessors;
import io.swagger.v3.oas.annotations.Parameter;
import io.swagger.v3.oas.annotations.media.Schema;
/**
*
*
* @author TopIAM
* Created by support@topiam.cn on 2020/8/11 23:08
*/
@Data
@Accessors(chain = true)
@Schema(description = "分页查询资源结果")
public class AppPermissionResourceListResult implements Serializable {
@Serial
private static final long serialVersionUID = 3320953184046791392L;
/**
* ID
*/
@Parameter(description = "id")
private String id;
/**
*
*/
@Parameter(description = "资源名称")
private String name;
/**
* code
*/
@Parameter(description = "资源编码")
private String code;
/**
*
*/
@Parameter(description = "所属应用")
private String appId;
/**
* desc
*/
@Parameter(description = "描述")
private String desc;
/**
*
*/
@Parameter(description = "是否启用")
private Boolean enabled;
}

75
eiam-console/src/main/java/cn/topiam/employee/console/pojo/result/app/AppPermissionRoleListResult.java Normal file
View File

@ -0,0 +1,75 @@
/*
* eiam-console - Employee Identity and Access Management Program
* Copyright © 2020-2023 TopIAM (support@topiam.cn)
*
* This program is free software: you can redistribute it and/or modify
* it under the terms of the GNU Affero General Public License as published by
* the Free Software Foundation, either version 3 of the License, or
* (at your option) any later version.
*
* This program is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU Affero General Public License for more details.
*
* You should have received a copy of the GNU Affero General Public License
* along with this program. If not, see <http://www.gnu.org/licenses/>.
*/
package cn.topiam.employee.console.pojo.result.app;
import java.io.Serial;
import java.io.Serializable;
import lombok.Data;
import lombok.experimental.Accessors;
import io.swagger.v3.oas.annotations.Parameter;
import io.swagger.v3.oas.annotations.media.Schema;
/**
*
*
* @author TopIAM
* Created by support@topiam.cn on 2020/8/11 23:08
*/
@Data
@Accessors(chain = true)
@Schema(description = "分页查询角色结果")
public class AppPermissionRoleListResult implements Serializable {
@Serial
private static final long serialVersionUID = 3320953184046791392L;
/**
* ID
*/
@Parameter(description = "id")
private String id;
/**
*
*/
@Parameter(description = "角色名称")
private String name;
/**
*
*/
@Parameter(description = "角色编码")
private String code;
/**
*
*/
@Parameter(description = "所属应用")
private String appId;
/**
*
*/
@Parameter(description = "是否启用")
private Boolean enabled;
/**
* remark
*/
@Parameter(description = "描述")
private String remark;
}

69
eiam-console/src/main/java/cn/topiam/employee/console/pojo/result/app/AppPermissionRoleResult.java Normal file
View File

@ -0,0 +1,69 @@
/*
* eiam-console - Employee Identity and Access Management Program
* Copyright © 2020-2023 TopIAM (support@topiam.cn)
*
* This program is free software: you can redistribute it and/or modify
* it under the terms of the GNU Affero General Public License as published by
* the Free Software Foundation, either version 3 of the License, or
* (at your option) any later version.
*
* This program is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU Affero General Public License for more details.
*
* You should have received a copy of the GNU Affero General Public License
* along with this program. If not, see <http://www.gnu.org/licenses/>.
*/
package cn.topiam.employee.console.pojo.result.app;
import java.io.Serializable;
import lombok.Data;
import io.swagger.v3.oas.annotations.Parameter;
import io.swagger.v3.oas.annotations.media.Schema;
/**
*
*
* @author TopIAM
* Created by support@topiam.cn on 2020/8/26 21:45
*/
@Schema(description = "获取角色")
@Data
public class AppPermissionRoleResult implements Serializable {
/**
* id
*/
@Parameter(description = "id")
private String id;
/**
* appId
*/
@Parameter(description = "应用ID")
private String appId;
/**
*
*/
@Parameter(description = "角色名称")
private String name;
/**
*
*/
@Parameter(description = "角色编码")
private String code;
/**
*
*/
@Parameter(description = "是否启用")
private Boolean enabled;
/**
*
*/
@Parameter(description = "备注")
private String remark;
}

83
eiam-console/src/main/java/cn/topiam/employee/console/pojo/save/app/AppPermissionPolicyCreateParam.java Normal file
View File

@ -0,0 +1,83 @@
/*
* eiam-console - Employee Identity and Access Management Program
* Copyright © 2020-2023 TopIAM (support@topiam.cn)
*
* This program is free software: you can redistribute it and/or modify
* it under the terms of the GNU Affero General Public License as published by
* the Free Software Foundation, either version 3 of the License, or
* (at your option) any later version.
*
* This program is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU Affero General Public License for more details.
*
* You should have received a copy of the GNU Affero General Public License
* along with this program. If not, see <http://www.gnu.org/licenses/>.
*/
package cn.topiam.employee.console.pojo.save.app;
import java.io.Serializable;
import cn.topiam.employee.common.enums.app.AppPolicyEffect;
import cn.topiam.employee.common.enums.app.AppPolicyObjectType;
import cn.topiam.employee.common.enums.app.AppPolicySubjectType;
import lombok.Data;
import io.swagger.v3.oas.annotations.Parameter;
import io.swagger.v3.oas.annotations.media.Schema;
import jakarta.validation.constraints.NotNull;
/**
*
*
* @author TopIAM
* Created by support@topiam.cn on 2020/8/26 21:46
*/
@Data
@Schema(description = "创建策略入参")
public class AppPermissionPolicyCreateParam implements Serializable {
/**
*
*/
@NotNull(message = "资源所属应用不能为空")
@Parameter(description = "所属应用")
private Long appId;
/**
* id
*/
@NotNull(message = "授权主体id不能为空")
@Parameter(description = "授权主体id")
private String subjectId;
/**
*
*/
@NotNull(message = "授权主体类型不能为空")
@Parameter(description = "授权主体类型")
private AppPolicySubjectType subjectType;
/**
* ID
*/
@NotNull(message = "权限客体ID不能为空")
@Parameter(description = "授权客体id")
private Long objectId;
/**
*
*/
@NotNull(message = "权限客体类型不能为空")
@Parameter(description = "授权客体类型")
private AppPolicyObjectType objectType;
/**
*
*/
@NotNull(message = "授权作用不能为空")
@Parameter(description = "授权作用")
private AppPolicyEffect effect;
}

75
eiam-console/src/main/java/cn/topiam/employee/console/pojo/save/app/AppPermissionResourceCreateParam.java Normal file
View File

@ -0,0 +1,75 @@
/*
* eiam-console - Employee Identity and Access Management Program
* Copyright © 2020-2023 TopIAM (support@topiam.cn)
*
* This program is free software: you can redistribute it and/or modify
* it under the terms of the GNU Affero General Public License as published by
* the Free Software Foundation, either version 3 of the License, or
* (at your option) any later version.
*
* This program is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU Affero General Public License for more details.
*
* You should have received a copy of the GNU Affero General Public License
* along with this program. If not, see <http://www.gnu.org/licenses/>.
*/
package cn.topiam.employee.console.pojo.save.app;
import java.io.Serializable;
import java.util.List;
import lombok.Data;
import io.swagger.v3.oas.annotations.media.Schema;
import jakarta.validation.constraints.NotBlank;
import jakarta.validation.constraints.NotNull;
/**
*
*
* @author TopIAM
* Created by support@topiam.cn on 2020/8/26 21:46
*/
@Data
@Schema(description = "创建资源入参")
public class AppPermissionResourceCreateParam implements Serializable {
/**
*
*/
@Schema(description = "资源编码")
@NotBlank(message = "资源编码不能为空")
private String code;
/**
*
*/
@Schema(description = "资源名称")
@NotBlank(message = "资源名称不能为空")
private String name;
/**
*
*/
@Schema(description = "资源描述")
@NotBlank(message = "资源描述不能为空")
private String desc;
/**
*
*/
private Boolean enabled = true;
/**
*
*/
@Schema(description = "所属应用")
@NotNull(message = "所属应用不能为空")
private Long appId;
/**
*
*/
@Schema(description = "资源权限")
@NotNull(message = "资源权限不能为空")
private List<AppPermissionsActionParam> actions;
}

61
eiam-console/src/main/java/cn/topiam/employee/console/pojo/save/app/AppPermissionRoleCreateParam.java Normal file
View File

@ -0,0 +1,61 @@
/*
* eiam-console - Employee Identity and Access Management Program
* Copyright © 2020-2023 TopIAM (support@topiam.cn)
*
* This program is free software: you can redistribute it and/or modify
* it under the terms of the GNU Affero General Public License as published by
* the Free Software Foundation, either version 3 of the License, or
* (at your option) any later version.
*
* This program is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU Affero General Public License for more details.
*
* You should have received a copy of the GNU Affero General Public License
* along with this program. If not, see <http://www.gnu.org/licenses/>.
*/
package cn.topiam.employee.console.pojo.save.app;
import java.io.Serializable;
import lombok.Data;
import io.swagger.v3.oas.annotations.media.Schema;
import jakarta.validation.constraints.NotBlank;
import jakarta.validation.constraints.NotNull;
/**
*
*
* @author TopIAM
* Created by support@topiam.cn on 2020/8/26 21:46
*/
@Data
@Schema(description = "创建角色入参")
public class AppPermissionRoleCreateParam implements Serializable {
/**
*
*/
@NotBlank(message = "角色名称不能为空")
private String name;
/**
*
*/
@NotBlank(message = "角色编码不能为空")
private String code;
/**
*
*/
private Boolean enabled = true;
/**
*
*/
@NotNull(message = "所属应用不能为空")
private Long appId;
/**
*
*/
@Schema(description = "备注")
private String remark;
}

59
eiam-console/src/main/java/cn/topiam/employee/console/pojo/save/app/AppPermissionsActionParam.java Normal file
View File

@ -0,0 +1,59 @@
/*
* eiam-console - Employee Identity and Access Management Program
* Copyright © 2020-2023 TopIAM (support@topiam.cn)
*
* This program is free software: you can redistribute it and/or modify
* it under the terms of the GNU Affero General Public License as published by
* the Free Software Foundation, either version 3 of the License, or
* (at your option) any later version.
*
* This program is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU Affero General Public License for more details.
*
* You should have received a copy of the GNU Affero General Public License
* along with this program. If not, see <http://www.gnu.org/licenses/>.
*/
package cn.topiam.employee.console.pojo.save.app;
import java.io.Serial;
import java.io.Serializable;
import cn.topiam.employee.common.enums.PermissionActionType;
import lombok.Data;
import jakarta.validation.Valid;
import jakarta.validation.constraints.NotEmpty;
import jakarta.validation.constraints.NotNull;
/**
* AppPermissionsActionParam
*
* @author TopIAM
* Created by support@topiam.cn on 2022/9/1 00:18
*/
@Data
@Valid
public class AppPermissionsActionParam implements Serializable {
@Serial
private static final long serialVersionUID = -6391182747252245592L;
/**
*
*/
@NotNull(message = "权限类型")
private PermissionActionType type;
/**
*
*/
@NotEmpty(message = "权限值")
private String value;
/**
*
*/
@NotEmpty(message = "权限描述")
private String name;
}

88
eiam-console/src/main/java/cn/topiam/employee/console/pojo/update/app/AppPermissionPolicyUpdateParam.java Normal file
View File

@ -0,0 +1,88 @@
/*
* eiam-console - Employee Identity and Access Management Program
* Copyright © 2020-2023 TopIAM (support@topiam.cn)
*
* This program is free software: you can redistribute it and/or modify
* it under the terms of the GNU Affero General Public License as published by
* the Free Software Foundation, either version 3 of the License, or
* (at your option) any later version.
*
* This program is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU Affero General Public License for more details.
*
* You should have received a copy of the GNU Affero General Public License
* along with this program. If not, see <http://www.gnu.org/licenses/>.
*/
package cn.topiam.employee.console.pojo.update.app;
import java.io.Serializable;
import cn.topiam.employee.common.enums.app.AppPolicyEffect;
import cn.topiam.employee.common.enums.app.AppPolicyObjectType;
import cn.topiam.employee.common.enums.app.AppPolicySubjectType;
import lombok.Data;
import io.swagger.v3.oas.annotations.Parameter;
import io.swagger.v3.oas.annotations.media.Schema;
import jakarta.validation.constraints.NotNull;
/**
*
*
* @author TopIAM
* Created by support@topiam.cn on 2020/8/26 21:46
*/
@Data
@Schema(description = "修改策略入参")
public class AppPermissionPolicyUpdateParam implements Serializable {
/**
*
*/
@NotNull(message = "资源所属应用不能为空")
@Parameter(description = "所属应用")
private Long appId;
/**
* id
*/
@NotNull(message = "主键id不能为空")
@Parameter(description = "主键id")
private Long id;
/**
* id
*/
@NotNull(message = "授权主体id不能为空")
@Parameter(description = "授权主体id")
private String subjectId;
/**
*
*/
@NotNull(message = "授权主体类型不能为空")
@Parameter(description = "授权主体类型")
private AppPolicySubjectType subjectType;
/**
* ID
*/
@NotNull(message = "权限客体ID不能为空")
@Parameter(description = "授权客体id")
private Long objectId;
/**
*
*/
@NotNull(message = "权限客体类型不能为空")
@Parameter(description = "授权客体类型")
private AppPolicyObjectType objectType;
/**
*
*/
@NotNull(message = "授权作用不能为空")
@Parameter(description = "授权作用")
private AppPolicyEffect effect;
}

91
eiam-console/src/main/java/cn/topiam/employee/console/pojo/update/app/AppPermissionResourceUpdateParam.java Normal file
View File

@ -0,0 +1,91 @@
/*
* eiam-console - Employee Identity and Access Management Program
* Copyright © 2020-2023 TopIAM (support@topiam.cn)
*
* This program is free software: you can redistribute it and/or modify
* it under the terms of the GNU Affero General Public License as published by
* the Free Software Foundation, either version 3 of the License, or
* (at your option) any later version.
*
* This program is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU Affero General Public License for more details.
*
* You should have received a copy of the GNU Affero General Public License
* along with this program. If not, see <http://www.gnu.org/licenses/>.
*/
package cn.topiam.employee.console.pojo.update.app;
import java.io.Serial;
import java.io.Serializable;
import java.util.List;
import cn.topiam.employee.console.pojo.save.app.AppPermissionsActionParam;
import lombok.Data;
import io.swagger.v3.oas.annotations.media.Schema;
import jakarta.validation.constraints.NotBlank;
import jakarta.validation.constraints.NotNull;
import static io.swagger.v3.oas.annotations.media.Schema.AccessMode.READ_ONLY;
/**
*
*
* @author TopIAM
* Created by support@topiam.cn on 2020/8/26 21:46
*/
@Data
@Schema(description = "修改资源入参")
public class AppPermissionResourceUpdateParam implements Serializable {
@Serial
private static final long serialVersionUID = 6021548372386059064L;
/**
* ID
*/
@Schema(accessMode = READ_ONLY)
@NotBlank(message = "ID不能为空")
private String id;
/**
*
*/
@Schema(description = "资源名称")
@NotBlank(message = "资源名称不能为空")
private String name;
/**
*
*/
@Schema(description = "资源编码")
@NotBlank(message = "资源编码不能为空")
private String code;
/**
*
*/
@Schema(description = "资源描述")
@NotBlank(message = "资源描述不能为空")
private String desc;
/**
*
*/
@Schema(description = "所属应用")
@NotNull(message = "所属应用不能为空")
private Long appId;
/**
*
*/
@Schema(description = "是否启用")
private Boolean enabled;
/**
*
*/
@Schema(description = "资源权限")
@NotNull(message = "资源权限不能为空")
private List<AppPermissionsActionParam> actions;
}

61
eiam-console/src/main/java/cn/topiam/employee/console/pojo/update/app/PermissionRoleUpdateParam.java Normal file
View File

@ -0,0 +1,61 @@
/*
* eiam-console - Employee Identity and Access Management Program
* Copyright © 2020-2023 TopIAM (support@topiam.cn)
*
* This program is free software: you can redistribute it and/or modify
* it under the terms of the GNU Affero General Public License as published by
* the Free Software Foundation, either version 3 of the License, or
* (at your option) any later version.
*
* This program is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU Affero General Public License for more details.
*
* You should have received a copy of the GNU Affero General Public License
* along with this program. If not, see <http://www.gnu.org/licenses/>.
*/
package cn.topiam.employee.console.pojo.update.app;
import java.io.Serial;
import java.io.Serializable;
import lombok.Data;
import io.swagger.v3.oas.annotations.media.Schema;
import jakarta.validation.constraints.NotBlank;
import static io.swagger.v3.oas.annotations.media.Schema.AccessMode.READ_ONLY;
/**
*
*
* @author TopIAM
* Created by support@topiam.cn on 2020/8/26 21:46
*/
@Data
@Schema(description = "修改角色入参")
public class PermissionRoleUpdateParam implements Serializable {
@Serial
private static final long serialVersionUID = 6021548372386059064L;
/**
* ID
*/
@Schema(accessMode = READ_ONLY)
@NotBlank(message = "ID不能为空")
private String id;
/**
*
*/
@Schema(description = "角色名称")
private String name;
/**
*
*/
@Schema(description = "角色编码")
private String code;
/**
*
*/
@Schema(description = "备注")
private String remark;
}

43
eiam-console/src/main/java/cn/topiam/employee/console/service/app/AppPermissionActionService.java Normal file
View File

@ -0,0 +1,43 @@
/*
* eiam-console - Employee Identity and Access Management Program
* Copyright © 2020-2023 TopIAM (support@topiam.cn)
*
* This program is free software: you can redistribute it and/or modify
* it under the terms of the GNU Affero General Public License as published by
* the Free Software Foundation, either version 3 of the License, or
* (at your option) any later version.
*
* This program is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU Affero General Public License for more details.
*
* You should have received a copy of the GNU Affero General Public License
* along with this program. If not, see <http://www.gnu.org/licenses/>.
*/
package cn.topiam.employee.console.service.app;
import java.util.List;
import cn.topiam.employee.console.pojo.query.app.AppPermissionActionListQuery;
import cn.topiam.employee.console.pojo.result.app.AppPermissionActionListResult;
/**
* <p>
*
* </p>
*
* @author TopIAM
* Created by support@topiam.cn on 2020-08-10
*/
public interface AppPermissionActionService {
/**
*
*
* @param query {@link AppPermissionActionListQuery}
* @return {@link AppPermissionActionListResult}
*/
List<AppPermissionActionListResult> getPermissionActionList(AppPermissionActionListQuery query);
}

78
eiam-console/src/main/java/cn/topiam/employee/console/service/app/AppPermissionPolicyService.java Normal file
View File

@ -0,0 +1,78 @@
/*
* eiam-console - Employee Identity and Access Management Program
* Copyright © 2020-2023 TopIAM (support@topiam.cn)
*
* This program is free software: you can redistribute it and/or modify
* it under the terms of the GNU Affero General Public License as published by
* the Free Software Foundation, either version 3 of the License, or
* (at your option) any later version.
*
* This program is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU Affero General Public License for more details.
*
* You should have received a copy of the GNU Affero General Public License
* along with this program. If not, see <http://www.gnu.org/licenses/>.
*/
package cn.topiam.employee.console.service.app;
import cn.topiam.employee.common.entity.app.query.AppPolicyQuery;
import cn.topiam.employee.console.pojo.result.app.AppPermissionPolicyGetResult;
import cn.topiam.employee.console.pojo.result.app.AppPermissionPolicyListResult;
import cn.topiam.employee.console.pojo.save.app.AppPermissionPolicyCreateParam;
import cn.topiam.employee.console.pojo.update.app.AppPermissionPolicyUpdateParam;
import cn.topiam.employee.support.repository.page.domain.Page;
import cn.topiam.employee.support.repository.page.domain.PageModel;
/**
* <p>
*
* </p>
*
* @author TopIAM
* Created by support@topiam.cn on 2020-08-10
*/
public interface AppPermissionPolicyService {
/**
*
*
* @param page {@link PageModel}
* @param query {@link AppPolicyQuery}
* @return {@link AppPermissionPolicyListResult}
*/
Page<AppPermissionPolicyListResult> getPermissionPolicyList(PageModel page,
AppPolicyQuery query);
/**
*
*
* @param id {@link String}
* @return {@link AppPermissionPolicyGetResult}
*/
AppPermissionPolicyGetResult getPermissionPolicy(String id);
/**
*
*
* @param id {@link String}
* @return {@link Boolean}
*/
Boolean deletePermissionPolicy(String id);
/**
*
*
* @param param {@link AppPermissionPolicyCreateParam}
* @return {@link Boolean}
*/
Boolean createPermissionPolicy(AppPermissionPolicyCreateParam param);
/**
*
*
* @param param {@link AppPermissionPolicyUpdateParam}
* @return {@link Boolean}
*/
Boolean updatePermissionPolicy(AppPermissionPolicyUpdateParam param);
}

99
eiam-console/src/main/java/cn/topiam/employee/console/service/app/AppPermissionResourceService.java Normal file
View File

@ -0,0 +1,99 @@
/*
* eiam-console - Employee Identity and Access Management Program
* Copyright © 2020-2023 TopIAM (support@topiam.cn)
*
* This program is free software: you can redistribute it and/or modify
* it under the terms of the GNU Affero General Public License as published by
* the Free Software Foundation, either version 3 of the License, or
* (at your option) any later version.
*
* This program is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU Affero General Public License for more details.
*
* You should have received a copy of the GNU Affero General Public License
* along with this program. If not, see <http://www.gnu.org/licenses/>.
*/
package cn.topiam.employee.console.service.app;
import cn.topiam.employee.common.enums.CheckValidityType;
import cn.topiam.employee.console.pojo.query.app.AppResourceListQuery;
import cn.topiam.employee.console.pojo.result.app.AppPermissionResourceGetResult;
import cn.topiam.employee.console.pojo.result.app.AppPermissionResourceListResult;
import cn.topiam.employee.console.pojo.save.app.AppPermissionResourceCreateParam;
import cn.topiam.employee.console.pojo.update.app.AppPermissionResourceUpdateParam;
import cn.topiam.employee.support.repository.page.domain.Page;
import cn.topiam.employee.support.repository.page.domain.PageModel;
/**
* <p>
*
* </p>
*
* @author TopIAM
* Created by support@topiam.cn on 2020-08-10
*/
public interface AppPermissionResourceService {
/**
*
*
* @param page {@link PageModel}
* @param query {@link AppResourceListQuery}
* @return {@link AppPermissionResourceListResult}
*/
Page<AppPermissionResourceListResult> getPermissionResourceList(PageModel page,
AppResourceListQuery query);
/**
*
*
* @param id {@link String}
* @return {@link AppPermissionResourceGetResult}
*/
AppPermissionResourceGetResult getPermissionResource(String id);
/**
*
*
* @param id {@link String}
* @return {@link Boolean}
*/
Boolean deletePermissionResource(String id);
/**
* /
*
* @param id {@link Long}
* @param enabled {@link Boolean}
* @return {@link Boolean}
*/
Boolean updateStatus(Long id, boolean enabled);
/**
*
*
* @param param {@link AppPermissionResourceCreateParam}
* @return {@link Boolean}
*/
Boolean createPermissionResource(AppPermissionResourceCreateParam param);
/**
*
*
* @param param {@link AppPermissionResourceUpdateParam}
* @return {@link Boolean}
*/
Boolean updatePermissionResource(AppPermissionResourceUpdateParam param);
/**
*
*
* @param type {@link CheckValidityType}
* @param value {@link String}
* @param appId {@link Long}
* @param id {@link Long}
* @return {@link Boolean}
*/
Boolean permissionResourceParamCheck(CheckValidityType type, String value, Long appId, Long id);
}

100
eiam-console/src/main/java/cn/topiam/employee/console/service/app/AppPermissionRoleService.java Normal file
View File

@ -0,0 +1,100 @@
/*
* eiam-console - Employee Identity and Access Management Program
* Copyright © 2020-2023 TopIAM (support@topiam.cn)
*
* This program is free software: you can redistribute it and/or modify
* it under the terms of the GNU Affero General Public License as published by
* the Free Software Foundation, either version 3 of the License, or
* (at your option) any later version.
*
* This program is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU Affero General Public License for more details.
*
* You should have received a copy of the GNU Affero General Public License
* along with this program. If not, see <http://www.gnu.org/licenses/>.
*/
package cn.topiam.employee.console.service.app;
import cn.topiam.employee.common.enums.CheckValidityType;
import cn.topiam.employee.console.pojo.query.app.AppPermissionRoleListQuery;
import cn.topiam.employee.console.pojo.result.app.AppPermissionRoleListResult;
import cn.topiam.employee.console.pojo.result.app.AppPermissionRoleResult;
import cn.topiam.employee.console.pojo.save.app.AppPermissionRoleCreateParam;
import cn.topiam.employee.console.pojo.update.app.PermissionRoleUpdateParam;
import cn.topiam.employee.support.repository.page.domain.Page;
import cn.topiam.employee.support.repository.page.domain.PageModel;
/**
* <p>
*
* </p>
*
* @author TopIAM
* Created by support@topiam.cn on 2020-08-10
*/
public interface AppPermissionRoleService {
/**
*
*
* @param page {@link PageModel}
* @param query {@link AppPermissionRoleListQuery}
* @return {@link AppPermissionRoleListResult}
*/
Page<AppPermissionRoleListResult> getPermissionRoleList(PageModel page,
AppPermissionRoleListQuery query);
/**
*
*
* @param param {@link AppPermissionRoleCreateParam}
* @return {@link Boolean}
*/
boolean createPermissionRole(AppPermissionRoleCreateParam param);
/**
*
*
* @param param {@link PermissionRoleUpdateParam}
* @return {@link Boolean}
*/
boolean updatePermissionRole(PermissionRoleUpdateParam param);
/**
*
*
* @param ids {@link String}
* @return {@link Boolean}
*/
boolean deletePermissionRole(String ids);
/**
*
*
* @param id {@link Long}
* @return {@link AppPermissionRoleResult}
*/
AppPermissionRoleResult getPermissionRole(Long id);
/**
*
*
* @param type {@link CheckValidityType}
* @param value {@link String}
* @param appId {@link Long}
* @param id {@link Long}
* @return {@link Boolean}
*/
Boolean permissionRoleParamCheck(CheckValidityType type, String value, Long appId, Long id);
/**
*
*
* @param id {@link String}
* @param status {@link Boolean}
* @return {@link Boolean}
*/
Boolean updatePermissionRoleStatus(String id, Boolean status);
}

65
eiam-console/src/main/java/cn/topiam/employee/console/service/app/impl/AppPermissionActionServiceImpl.java Normal file
View File

@ -0,0 +1,65 @@
/*
* eiam-console - Employee Identity and Access Management Program
* Copyright © 2020-2023 TopIAM (support@topiam.cn)
*
* This program is free software: you can redistribute it and/or modify
* it under the terms of the GNU Affero General Public License as published by
* the Free Software Foundation, either version 3 of the License, or
* (at your option) any later version.
*
* This program is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU Affero General Public License for more details.
*
* You should have received a copy of the GNU Affero General Public License
* along with this program. If not, see <http://www.gnu.org/licenses/>.
*/
package cn.topiam.employee.console.service.app.impl;
import java.util.List;
import org.springframework.stereotype.Service;
import com.querydsl.core.types.Predicate;
import cn.topiam.employee.common.entity.app.AppPermissionResourceEntity;
import cn.topiam.employee.common.repository.app.AppPermissionResourceRepository;
import cn.topiam.employee.console.converter.app.AppPermissionActionConverter;
import cn.topiam.employee.console.pojo.query.app.AppPermissionActionListQuery;
import cn.topiam.employee.console.pojo.result.app.AppPermissionActionListResult;
import cn.topiam.employee.console.service.app.AppPermissionActionService;
import lombok.RequiredArgsConstructor;
/**
* <p>
*
* </p>
*
* @author TopIAM
* Created by support@topiam.cn on 2020-08-10
*/
@Service
@RequiredArgsConstructor
public class AppPermissionActionServiceImpl implements AppPermissionActionService {
/**
*
*
* @param query {@link AppPermissionActionListQuery}
* @return {@link AppPermissionActionListResult}
*/
@Override
public List<AppPermissionActionListResult> getPermissionActionList(AppPermissionActionListQuery query) {
Predicate predicate = appPermissionActionConverter
.appPermissionActionListQueryConvertToPredicate(query);
List<AppPermissionResourceEntity> list = (List<AppPermissionResourceEntity>) appPermissionResourceRepository
.findAll(predicate);
return appPermissionActionConverter.entityConvertToResourceActionListResult(list);
}
private final AppPermissionResourceRepository appPermissionResourceRepository;
private final AppPermissionActionConverter appPermissionActionConverter;
}

128
eiam-console/src/main/java/cn/topiam/employee/console/service/app/impl/AppPermissionPolicyServiceImpl.java Normal file
View File

@ -0,0 +1,128 @@
/*
* eiam-console - Employee Identity and Access Management Program
* Copyright © 2020-2023 TopIAM (support@topiam.cn)
*
* This program is free software: you can redistribute it and/or modify
* it under the terms of the GNU Affero General Public License as published by
* the Free Software Foundation, either version 3 of the License, or
* (at your option) any later version.
*
* This program is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU Affero General Public License for more details.
*
* You should have received a copy of the GNU Affero General Public License
* along with this program. If not, see <http://www.gnu.org/licenses/>.
*/
package cn.topiam.employee.console.service.app.impl;
import org.springframework.data.querydsl.QPageRequest;
import org.springframework.stereotype.Service;
import org.springframework.transaction.annotation.Transactional;
import cn.topiam.employee.common.entity.app.AppPermissionPolicyEntity;
import cn.topiam.employee.common.entity.app.po.AppPermissionPolicyPO;
import cn.topiam.employee.common.entity.app.query.AppPolicyQuery;
import cn.topiam.employee.common.exception.app.AppPolicyNotExistException;
import cn.topiam.employee.common.repository.app.AppPermissionPolicyRepository;
import cn.topiam.employee.console.converter.app.AppPermissionPolicyConverter;
import cn.topiam.employee.console.pojo.result.app.AppPermissionPolicyGetResult;
import cn.topiam.employee.console.pojo.result.app.AppPermissionPolicyListResult;
import cn.topiam.employee.console.pojo.save.app.AppPermissionPolicyCreateParam;
import cn.topiam.employee.console.pojo.update.app.AppPermissionPolicyUpdateParam;
import cn.topiam.employee.console.service.app.AppPermissionPolicyService;
import cn.topiam.employee.support.repository.page.domain.Page;
import cn.topiam.employee.support.repository.page.domain.PageModel;
import lombok.RequiredArgsConstructor;
/**
* <p>
*
* </p>
*
* @author TopIAM
* Created by support@topiam.cn on 2020-08-10
*/
@Service
@RequiredArgsConstructor
public class AppPermissionPolicyServiceImpl implements AppPermissionPolicyService {
/**
*
*
* @param page {@link PageModel}
* @param query {@link AppPolicyQuery}
* @return {@link AppPermissionPolicyListResult}
*/
@Override
public Page<AppPermissionPolicyListResult> getPermissionPolicyList(PageModel page,
AppPolicyQuery query) {
org.springframework.data.domain.Page<AppPermissionPolicyPO> data;
QPageRequest request = QPageRequest.of(page.getCurrent(), page.getPageSize());
data = appPermissionPolicyRepository.findPage(query, request);
return appPermissionPolicyConverter.entityConvertToPolicyListResult(data);
}
/**
*
*
* @param id {@link String}
* @return {@link AppPermissionPolicyGetResult}
*/
@Override
public AppPermissionPolicyGetResult getPermissionPolicy(String id) {
return null;
}
/**
*
*
* @param id {@link String}
* @return {@link Boolean}
*/
@Override
public Boolean deletePermissionPolicy(String id) {
Long policyId = Long.valueOf(id);
appPermissionPolicyRepository.findById(policyId)
.orElseThrow(AppPolicyNotExistException::new);
appPermissionPolicyRepository.deleteById(policyId);
return true;
}
/**
*
*
* @param param {@link AppPermissionPolicyCreateParam}
* @return {@link Boolean}
*/
@Override
@Transactional(rollbackFor = Exception.class)
public Boolean createPermissionPolicy(AppPermissionPolicyCreateParam param) {
AppPermissionPolicyEntity resource = appPermissionPolicyConverter
.policyCreateParamConvertToEntity(param);
// 新增策略
appPermissionPolicyRepository.save(resource);
return true;
}
/**
*
*
* @param param {@link AppPermissionPolicyUpdateParam}
* @return {@link Boolean}
*/
@Override
public Boolean updatePermissionPolicy(AppPermissionPolicyUpdateParam param) {
AppPermissionPolicyEntity resource = appPermissionPolicyConverter
.policyUpdateParamConvertToEntity(param);
// 更新策略
appPermissionPolicyRepository.save(resource);
return null;
}
private final AppPermissionPolicyConverter appPermissionPolicyConverter;
private final AppPermissionPolicyRepository appPermissionPolicyRepository;
}

281
eiam-console/src/main/java/cn/topiam/employee/console/service/app/impl/AppPermissionResourceServiceImpl.java Normal file
View File

@ -0,0 +1,281 @@
/*
* eiam-console - Employee Identity and Access Management Program
* Copyright © 2020-2023 TopIAM (support@topiam.cn)
*
* This program is free software: you can redistribute it and/or modify
* it under the terms of the GNU Affero General Public License as published by
* the Free Software Foundation, either version 3 of the License, or
* (at your option) any later version.
*
* This program is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU Affero General Public License for more details.
*
* You should have received a copy of the GNU Affero General Public License
* along with this program. If not, see <http://www.gnu.org/licenses/>.
*/
package cn.topiam.employee.console.service.app.impl;
import java.util.ArrayList;
import java.util.List;
import java.util.Objects;
import java.util.Set;
import java.util.stream.Collectors;
import org.apache.commons.lang3.StringUtils;
import org.springframework.data.querydsl.QPageRequest;
import org.springframework.stereotype.Service;
import org.springframework.transaction.annotation.Transactional;
import com.querydsl.core.types.Predicate;
import com.querydsl.core.types.dsl.BooleanExpression;
import cn.topiam.employee.audit.context.AuditContext;
import cn.topiam.employee.audit.entity.Target;
import cn.topiam.employee.audit.enums.TargetType;
import cn.topiam.employee.common.entity.app.AppPermissionActionEntity;
import cn.topiam.employee.common.entity.app.AppPermissionResourceEntity;
import cn.topiam.employee.common.entity.app.QAppPermissionResourceEntity;
import cn.topiam.employee.common.enums.CheckValidityType;
import cn.topiam.employee.common.exception.app.AppResourceNotExistException;
import cn.topiam.employee.common.repository.app.AppPermissionActionRepository;
import cn.topiam.employee.common.repository.app.AppPermissionPolicyRepository;
import cn.topiam.employee.common.repository.app.AppPermissionResourceRepository;
import cn.topiam.employee.console.converter.app.AppPermissionResourceConverter;
import cn.topiam.employee.console.pojo.query.app.AppResourceListQuery;
import cn.topiam.employee.console.pojo.result.app.AppPermissionResourceGetResult;
import cn.topiam.employee.console.pojo.result.app.AppPermissionResourceListResult;
import cn.topiam.employee.console.pojo.save.app.AppPermissionResourceCreateParam;
import cn.topiam.employee.console.pojo.save.app.AppPermissionsActionParam;
import cn.topiam.employee.console.pojo.update.app.AppPermissionResourceUpdateParam;
import cn.topiam.employee.console.service.app.AppPermissionResourceService;
import cn.topiam.employee.support.exception.BadParamsException;
import cn.topiam.employee.support.repository.page.domain.Page;
import cn.topiam.employee.support.repository.page.domain.PageModel;
import cn.topiam.employee.support.util.BeanUtils;
import lombok.RequiredArgsConstructor;
import static cn.topiam.employee.support.repository.domain.BaseEntity.LAST_MODIFIED_BY;
import static cn.topiam.employee.support.repository.domain.BaseEntity.LAST_MODIFIED_TIME;
/**
* <p>
*
* </p>
*
* @author TopIAM
* Created by support@topiam.cn on 2020-08-10
*/
@Service
@RequiredArgsConstructor
public class AppPermissionResourceServiceImpl implements AppPermissionResourceService {
/**
*
*
* @param page {@link PageModel}
* @param query {@link AppResourceListQuery}
* @return {@link AppPermissionResourceListResult}
*/
@Override
public Page<AppPermissionResourceListResult> getPermissionResourceList(PageModel page,
AppResourceListQuery query) {
org.springframework.data.domain.Page<AppPermissionResourceEntity> data;
Predicate predicate = appPermissionResourceConverter
.resourcePaginationParamConvertToPredicate(query);
QPageRequest request = QPageRequest.of(page.getCurrent(), page.getPageSize());
data = appResourceRepository.findAll(predicate, request);
return appPermissionResourceConverter.entityConvertToResourceListResult(data);
}
/**
*
*
* @param id {@link String}
* @return {@link AppPermissionResourceGetResult}
*/
@Override
public AppPermissionResourceGetResult getPermissionResource(String id) {
AppPermissionResourceEntity resource = appResourceRepository.findById(Long.valueOf(id))
.orElseThrow(AppResourceNotExistException::new);
return appPermissionResourceConverter.entityConvertToResourceGetResult(resource);
}
/**
*
*
* @param id {@link String}
* @return {@link Boolean}
*/
@Override
@Transactional(rollbackFor = Exception.class)
public Boolean deletePermissionResource(String id) {
Long resourceId = Long.valueOf(id);
AppPermissionResourceEntity resource = appResourceRepository.findById(resourceId)
.orElseThrow(AppResourceNotExistException::new);
List<AppPermissionActionEntity> actionList = appPermissionActionRepository
.findAllByResource(resource);
List<Long> objectIdList = new ArrayList<>(
actionList.stream().map(AppPermissionActionEntity::getId).toList());
objectIdList.add(resourceId);
appPermissionPolicyRepository.deleteAllByObjectIdIn(objectIdList);
appResourceRepository.deleteById(resourceId);
AuditContext
.setTarget(Target.builder().id(id).type(TargetType.APP_PERMISSION_RESOURCE).build());
return true;
}
/**
* /
*
* @param id {@link String}
* @param enabled {@link Boolean}
* @return {@link Boolean}
*/
@Override
public Boolean updateStatus(Long id, boolean enabled) {
AppPermissionResourceEntity resource = appResourceRepository.findById(Long.valueOf(id))
.orElseThrow(AppResourceNotExistException::new);
AuditContext.setTarget(
Target.builder().id(id.toString()).type(TargetType.APP_PERMISSION_RESOURCE).build());
return appPermissionPolicyRepository.updateStatus(id, enabled) > 0;
}
/**
*
*
* @param param {@link AppPermissionResourceCreateParam}
* @return {@link Boolean}
*/
@Override
@Transactional(rollbackFor = Exception.class)
public Boolean createPermissionResource(AppPermissionResourceCreateParam param) {
AppPermissionResourceEntity resource = appPermissionResourceConverter
.resourceCreateParamConvertToEntity(param);
buildActions(param.getActions(), resource);
// 新增资源
appResourceRepository.save(resource);
AuditContext.setTarget(Target.builder().id(resource.getId().toString())
.type(TargetType.APP_PERMISSION_RESOURCE).build());
return true;
}
/**
*
*
* @param param {@link AppPermissionResourceUpdateParam}
* @return {@link Boolean}
*/
@Override
@Transactional(rollbackFor = Exception.class)
public Boolean updatePermissionResource(AppPermissionResourceUpdateParam param) {
AppPermissionResourceEntity resource = appPermissionResourceConverter
.resourceUpdateParamConvertToEntity(param);
AppPermissionResourceEntity entity = getAppPermissionResourceEntity(
Long.valueOf(param.getId()));
buildActions(param.getActions(), resource);
BeanUtils.merge(resource, entity, LAST_MODIFIED_BY, LAST_MODIFIED_TIME);
// 查询资源下所有权限
List<AppPermissionActionEntity> actionList = appPermissionActionRepository
.findAllByResource(resource);
// 取出未删除的权限id
Set<Long> reservedSet = resource.getActions().stream().map(AppPermissionActionEntity::getId)
.collect(Collectors.toSet());
// 过滤要删除的权限id
List<Long> removeActions = actionList.stream()
.filter(item -> !reservedSet.contains(item.getId()))
.map(AppPermissionActionEntity::getId).toList();
appPermissionActionRepository.deleteAllById(removeActions);
// 更新资源
appResourceRepository.save(entity);
AuditContext.setTarget(
Target.builder().id(param.getId()).type(TargetType.APP_PERMISSION_RESOURCE).build());
return true;
}
/**
*
*
* @param id {@link Long}
* @return {@link AppPermissionResourceEntity}
*/
private AppPermissionResourceEntity getAppPermissionResourceEntity(Long id) {
return appResourceRepository.findById(id)
.orElseThrow(() -> new BadParamsException("应用权限资源不存在"));
}
/**
*
*
* @param type {@link CheckValidityType}
* @param value {@link String}
* @param appId {@link Long}
* @param id {@link Long}
* @return {@link Boolean}
*/
@SuppressWarnings("DuplicatedCode")
@Override
public Boolean permissionResourceParamCheck(CheckValidityType type, String value, Long appId,
Long id) {
QAppPermissionResourceEntity role = QAppPermissionResourceEntity.appPermissionResourceEntity;
AppPermissionResourceEntity entity = new AppPermissionResourceEntity();
boolean result = false;
// ID存在说明是修改操作查询一下当前数据
if (Objects.nonNull(id)) {
entity = appResourceRepository.findById(id)
.orElseThrow(AppResourceNotExistException::new);
}
//资源名称
if (CheckValidityType.NAME.equals(type)) {
if (StringUtils.equals(entity.getName(), value)) {
return true;
}
BooleanExpression eq = role.name.eq(value).and(role.appId.eq(appId));
result = !appResourceRepository.exists(eq);
}
//资源编码
if (CheckValidityType.CODE.equals(type)) {
if (StringUtils.equals(entity.getCode(), value)) {
return true;
}
BooleanExpression eq = role.code.eq(value).and(role.appId.eq(appId));
result = !appResourceRepository.exists(eq);
}
return result;
}
/**
* actions
*
* @param permissions {@link List<AppPermissionsActionParam>}
* @param resource {@link AppPermissionResourceEntity>}
*/
private void buildActions(List<AppPermissionsActionParam> permissions,
AppPermissionResourceEntity resource) {
// 权限
List<AppPermissionActionEntity> list = new ArrayList<>();
for (AppPermissionsActionParam p : permissions) {
AppPermissionActionEntity entity = new AppPermissionActionEntity();
entity.setResource(resource);
entity.setType(p.getType());
entity.setName(p.getName());
//API需要单独处理
entity.setValue(p.getValue());
list.add(entity);
}
resource.setActions(list);
}
private final AppPermissionResourceConverter appPermissionResourceConverter;
private final AppPermissionResourceRepository appResourceRepository;
/**
* PolicyRepository
*/
private final AppPermissionPolicyRepository appPermissionPolicyRepository;
/**
* ActionRepository
*/
private final AppPermissionActionRepository appPermissionActionRepository;
}

220
eiam-console/src/main/java/cn/topiam/employee/console/service/app/impl/AppPermissionRoleServiceImpl.java Normal file
View File

@ -0,0 +1,220 @@
/*
* eiam-console - Employee Identity and Access Management Program
* Copyright © 2020-2023 TopIAM (support@topiam.cn)
*
* This program is free software: you can redistribute it and/or modify
* it under the terms of the GNU Affero General Public License as published by
* the Free Software Foundation, either version 3 of the License, or
* (at your option) any later version.
*
* This program is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU Affero General Public License for more details.
*
* You should have received a copy of the GNU Affero General Public License
* along with this program. If not, see <http://www.gnu.org/licenses/>.
*/
package cn.topiam.employee.console.service.app.impl;
import java.util.Arrays;
import java.util.List;
import java.util.Objects;
import java.util.Optional;
import org.apache.commons.lang3.StringUtils;
import org.springframework.data.querydsl.QPageRequest;
import org.springframework.stereotype.Service;
import org.springframework.transaction.annotation.Transactional;
import com.querydsl.core.types.Predicate;
import com.querydsl.core.types.dsl.BooleanExpression;
import cn.topiam.employee.audit.context.AuditContext;
import cn.topiam.employee.audit.entity.Target;
import cn.topiam.employee.audit.enums.TargetType;
import cn.topiam.employee.common.entity.app.AppPermissionRoleEntity;
import cn.topiam.employee.common.entity.app.QAppPermissionRoleEntity;
import cn.topiam.employee.common.enums.CheckValidityType;
import cn.topiam.employee.common.exception.app.AppRoleNotExistException;
import cn.topiam.employee.common.repository.app.AppPermissionPolicyRepository;
import cn.topiam.employee.common.repository.app.AppPermissionRoleRepository;
import cn.topiam.employee.console.converter.app.AppPermissionRoleConverter;
import cn.topiam.employee.console.pojo.query.app.AppPermissionRoleListQuery;
import cn.topiam.employee.console.pojo.result.app.AppPermissionRoleListResult;
import cn.topiam.employee.console.pojo.result.app.AppPermissionRoleResult;
import cn.topiam.employee.console.pojo.save.app.AppPermissionRoleCreateParam;
import cn.topiam.employee.console.pojo.update.app.PermissionRoleUpdateParam;
import cn.topiam.employee.console.service.app.AppPermissionRoleService;
import cn.topiam.employee.support.repository.page.domain.Page;
import cn.topiam.employee.support.repository.page.domain.PageModel;
import cn.topiam.employee.support.util.BeanUtils;
import lombok.RequiredArgsConstructor;
import static cn.topiam.employee.support.repository.domain.BaseEntity.LAST_MODIFIED_BY;
import static cn.topiam.employee.support.repository.domain.BaseEntity.LAST_MODIFIED_TIME;
/**
* <p>
*
* </p>
*
* @author TopIAM
* Created by support@topiam.cn on 2020-08-10
*/
@Service
@RequiredArgsConstructor
public class AppPermissionRoleServiceImpl implements AppPermissionRoleService {
/**
*
*
* @param page {@link PageModel}
* @return {@link AppPermissionRoleListResult}
*/
@Override
public Page<AppPermissionRoleListResult> getPermissionRoleList(PageModel page,
AppPermissionRoleListQuery query) {
org.springframework.data.domain.Page<AppPermissionRoleEntity> data;
Predicate predicate = appPermissionRoleConverter
.rolePaginationParamConvertToPredicate(query);
QPageRequest request = QPageRequest.of(page.getCurrent(), page.getPageSize());
data = appPermissionRoleRepository.findAll(predicate, request);
return appPermissionRoleConverter.entityConvertToRolePaginationResult(data);
}
/**
*
*
* @param param {@link AppPermissionRoleCreateParam}
* @return {@link Boolean}
*/
@Override
public boolean createPermissionRole(AppPermissionRoleCreateParam param) {
AppPermissionRoleEntity entity = appPermissionRoleConverter
.roleCreateParamConvertToEntity(param);
appPermissionRoleRepository.save(entity);
AuditContext.setTarget(Target.builder().id(entity.getId().toString())
.type(TargetType.APP_PERMISSION_ROLE).build());
return true;
}
/**
* @param param {@link PermissionRoleUpdateParam}
* @return {@link Boolean}
*/
@Override
public boolean updatePermissionRole(PermissionRoleUpdateParam param) {
AppPermissionRoleEntity source = appPermissionRoleConverter
.roleUpdateParamConvertToEntity(param);
AppPermissionRoleEntity target = appPermissionRoleRepository
.findById(Long.valueOf(param.getId())).orElseThrow(AppRoleNotExistException::new);
BeanUtils.merge(source, target, LAST_MODIFIED_TIME, LAST_MODIFIED_BY);
appPermissionRoleRepository.save(target);
AuditContext.setTarget(Target.builder().id(target.getId().toString())
.type(TargetType.APP_PERMISSION_ROLE).build());
return true;
}
/**
*
*
* @param ids {@link String}
* @return {@link Boolean}
*/
@Override
@Transactional(rollbackFor = Exception.class)
public boolean deletePermissionRole(String ids) {
List<String> idList = Arrays.stream(ids.split(",")).toList();
List<Long> longIds = idList.stream().map(Long::parseLong).toList();
appPermissionRoleRepository.deleteAllById(longIds);
// 删除对应策略
appPermissionPolicyRepository.deleteAllBySubjectIdIn(idList);
appPermissionPolicyRepository.deleteAllByObjectIdIn(longIds);
AuditContext
.setTarget(Target.builder().id(ids).type(TargetType.APP_PERMISSION_ROLE).build());
return true;
}
/**
*
*
* @param id {@link Long}
* @return {@link AppPermissionRoleResult}
*/
@Override
public AppPermissionRoleResult getPermissionRole(Long id) {
//查询
Optional<AppPermissionRoleEntity> entity = appPermissionRoleRepository.findById(id);
//映射
return appPermissionRoleConverter.entityConvertToRoleDetailResult(entity.orElse(null));
}
/**
*
*
* @param type {@link CheckValidityType}
* @param value {@link String}
* @param id {@link Long}
* @param appId {@link Long}
* @return {@link Boolean}
*/
@SuppressWarnings("DuplicatedCode")
@Override
public Boolean permissionRoleParamCheck(CheckValidityType type, String value, Long appId,
Long id) {
QAppPermissionRoleEntity role = QAppPermissionRoleEntity.appPermissionRoleEntity;
AppPermissionRoleEntity entity = new AppPermissionRoleEntity();
boolean result = false;
// ID存在说明是修改操作查询一下当前数据
if (Objects.nonNull(id)) {
entity = appPermissionRoleRepository.findById(id)
.orElseThrow(AppRoleNotExistException::new);
}
//角色编码
if (CheckValidityType.CODE.equals(type)) {
if (StringUtils.equals(entity.getCode(), value)) {
return true;
}
BooleanExpression eq = role.code.eq(value);
eq.and(role.appId.eq(appId));
result = !appPermissionRoleRepository.exists(eq);
}
//角色名称
if (CheckValidityType.NAME.equals(type)) {
if (StringUtils.equals(entity.getName(), value)) {
return true;
}
BooleanExpression eq = role.name.eq(value);
eq.and(role.appId.eq(appId));
result = !appPermissionRoleRepository.exists(eq);
}
return result;
}
/**
*
*
* @param id {@link String}
* @param status {@link Boolean}
* @return {@link Boolean}
*/
@Override
public Boolean updatePermissionRoleStatus(String id, Boolean status) {
appPermissionRoleRepository.updateStatus(id, status);
return true;
}
/**
*
*/
private final AppPermissionRoleConverter appPermissionRoleConverter;
/**
* RoleRepository
*/
private final AppPermissionRoleRepository appPermissionRoleRepository;
/**
* PolicyRepository
*/
private final AppPermissionPolicyRepository appPermissionPolicyRepository;
}

19
eiam-openapi/src/main/java/cn/topiam/employee/openapi/constants/OpenApiV1Constants.java
View File

@ -29,32 +29,37 @@ public class OpenApiV1Constants {
/**
* OpenAPI
*/
public final static String OPEN_API_V1_PATH = V1_API_PATH;
public final static String OPEN_API_V1_PATH = V1_API_PATH;
public final static Integer ACCESS_TOKEN_EXPIRES_IN = 7200;
public final static Integer ACCESS_TOKEN_EXPIRES_IN = 7200;
/**
*
*/
public static final String OPEN_API_NAME = "开放接口";
public static final String OPEN_API_NAME = "开放接口";
/**
* 访
*/
public final static String AUTH_PATH = OPEN_API_V1_PATH + "/auth";
public final static String AUTH_PATH = OPEN_API_V1_PATH + "/auth";
/**
*
*/
public final static String ACCOUNT_PATH = OPEN_API_V1_PATH + "/account";
public final static String ACCOUNT_PATH = OPEN_API_V1_PATH + "/account";
/**
*
*/
public final static String USER_PATH = ACCOUNT_PATH + "/user";
public final static String USER_PATH = ACCOUNT_PATH + "/user";
/**
*
*/
public final static String ORGANIZATION_PATH = ACCOUNT_PATH + "/organization";
public final static String ORGANIZATION_PATH = ACCOUNT_PATH + "/organization";
/**
* API
*/
public final static String OPEN_API_PERMISSION_PATH = OPEN_API_V1_PATH + "/permission";
}

91
eiam-openapi/src/main/java/cn/topiam/employee/openapi/converter/app/AppAccountConverter.java Normal file
View File

@ -0,0 +1,91 @@
/*
* eiam-openapi - Employee Identity and Access Management
* Copyright © 2022-Present Jinan Yuanchuang Network Technology Co., Ltd. (support@topiam.cn)
*
* This program is free software: you can redistribute it and/or modify
* it under the terms of the GNU Affero General Public License as published by
* the Free Software Foundation, either version 3 of the License, or
* (at your option) any later version.
*
* This program is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU Affero General Public License for more details.
*
* You should have received a copy of the GNU Affero General Public License
* along with this program. If not, see <http://www.gnu.org/licenses/>.
*/
package cn.topiam.employee.openapi.converter.app;
import java.util.ArrayList;
import java.util.List;
import org.mapstruct.Mapper;
import org.mapstruct.Mapping;
import org.springframework.util.CollectionUtils;
import cn.topiam.employee.common.entity.app.AppAccountEntity;
import cn.topiam.employee.common.entity.app.po.AppAccountPO;
import cn.topiam.employee.openapi.pojo.request.app.save.AppAccountCreateParam;
import cn.topiam.employee.openapi.pojo.response.app.AppAccountListResult;
import cn.topiam.employee.support.repository.page.domain.Page;
/**
*
*
* @author TopIAM
* Created by support@topiam.cn on 2022/6/4 19:08
*/
@Mapper(componentModel = "spring")
public interface AppAccountConverter {
/**
*
*
* @param page {@link Page}
* @return {@link Page}
*/
default Page<AppAccountListResult> appAccountEntityConvertToAppAccountResult(org.springframework.data.domain.Page<AppAccountPO> page) {
Page<AppAccountListResult> result = new Page<>();
if (!CollectionUtils.isEmpty(page.getContent())) {
List<AppAccountListResult> list = new ArrayList<>();
for (AppAccountPO po : page.getContent()) {
list.add(entityConvertToAppAccountResult(po));
}
//@formatter:off
result.setPagination(Page.Pagination.builder()
.total(page.getTotalElements())
.totalPages(page.getTotalPages())
.current(page.getPageable().getPageNumber() + 1)
.build());
//@formatter:on
result.setList(list);
}
return result;
}
/**
*
*
* @param appAccountPo {@link AppAccountPO}
* @return {@link AppAccountListResult}
*/
AppAccountListResult entityConvertToAppAccountResult(AppAccountPO appAccountPo);
/**
*
*
* @param param {@link AppAccountCreateParam}
* @return {@link AppAccountEntity}
*/
@Mapping(target = "password", ignore = true)
@Mapping(target = "deleted", ignore = true)
@Mapping(target = "remark", ignore = true)
@Mapping(target = "id", ignore = true)
@Mapping(target = "updateTime", ignore = true)
@Mapping(target = "updateBy", ignore = true)
@Mapping(target = "createTime", ignore = true)
@Mapping(target = "createBy", ignore = true)
AppAccountEntity appAccountCreateParamConvertToEntity(AppAccountCreateParam param);
}

46
eiam-openapi/src/main/java/cn/topiam/employee/openapi/converter/app/AppPermissionActionConverter.java Normal file
View File

@ -0,0 +1,46 @@
/*
* eiam-openapi - Employee Identity and Access Management
* Copyright © 2022-Present Jinan Yuanchuang Network Technology Co., Ltd. (support@topiam.cn)
*
* This program is free software: you can redistribute it and/or modify
* it under the terms of the GNU Affero General Public License as published by
* the Free Software Foundation, either version 3 of the License, or
* (at your option) any later version.
*
* This program is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU Affero General Public License for more details.
*
* You should have received a copy of the GNU Affero General Public License
* along with this program. If not, see <http://www.gnu.org/licenses/>.
*/
package cn.topiam.employee.openapi.converter.app;
import org.mapstruct.Mapper;
import org.mapstruct.Mapping;
import cn.topiam.employee.common.entity.app.AppPermissionActionEntity;
import cn.topiam.employee.openapi.pojo.request.app.AppPermissionsActionParam;
/**
*
*
* @author TopIAM
* Created by support@topiam.cn on 2020/8/14 22:45
*/
@SuppressWarnings("AlibabaAbstractMethodOrInterfaceMethodMustUseJavadoc")
@Mapper(componentModel = "spring")
public interface AppPermissionActionConverter {
@Mapping(target = "updateTime", ignore = true)
@Mapping(target = "updateBy", ignore = true)
@Mapping(target = "resource", ignore = true)
@Mapping(target = "remark", ignore = true)
@Mapping(target = "id", ignore = true)
@Mapping(target = "deleted", ignore = true)
@Mapping(target = "createTime", ignore = true)
@Mapping(target = "createBy", ignore = true)
AppPermissionActionEntity toEntity(AppPermissionsActionParam dto);
AppPermissionsActionParam toDTO(AppPermissionActionEntity entities);
}

91
eiam-openapi/src/main/java/cn/topiam/employee/openapi/converter/app/AppPermissionPolicyConverter.java Normal file
View File

@ -0,0 +1,91 @@
/*
* eiam-openapi - Employee Identity and Access Management
* Copyright © 2022-Present Jinan Yuanchuang Network Technology Co., Ltd. (support@topiam.cn)
*
* This program is free software: you can redistribute it and/or modify
* it under the terms of the GNU Affero General Public License as published by
* the Free Software Foundation, either version 3 of the License, or
* (at your option) any later version.
*
* This program is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU Affero General Public License for more details.
*
* You should have received a copy of the GNU Affero General Public License
* along with this program. If not, see <http://www.gnu.org/licenses/>.
*/
package cn.topiam.employee.openapi.converter.app;
import java.util.List;
import org.mapstruct.Mapper;
import org.mapstruct.Mapping;
import org.springframework.util.CollectionUtils;
import cn.topiam.employee.common.entity.app.AppPermissionPolicyEntity;
import cn.topiam.employee.common.entity.app.po.AppPermissionPolicyPO;
import cn.topiam.employee.openapi.pojo.request.app.save.AppPermissionPolicyCreateParam;
import cn.topiam.employee.openapi.pojo.request.app.update.AppPermissionPolicyUpdateParam;
import cn.topiam.employee.support.repository.page.domain.Page;
/**
*
*
* @author TopIAM
* Created by support@topiam.cn on 2020/8/14 22:45
*/
@Mapper(componentModel = "spring", uses = AppPermissionActionConverter.class)
public interface AppPermissionPolicyConverter {
/**
*
*
* @param param {@link AppPermissionPolicyCreateParam}
* @return {@link AppPermissionPolicyEntity}
*/
@Mapping(target = "deleted", ignore = true)
@Mapping(target = "id", ignore = true)
@Mapping(target = "updateTime", ignore = true)
@Mapping(target = "updateBy", ignore = true)
@Mapping(target = "remark", ignore = true)
@Mapping(target = "createTime", ignore = true)
@Mapping(target = "createBy", ignore = true)
AppPermissionPolicyEntity policyCreateParamConvertToEntity(AppPermissionPolicyCreateParam param);
/**
*
*
* @param param {@link AppPermissionPolicyCreateParam}
* @return {@link AppPermissionPolicyEntity}
*/
@Mapping(target = "deleted", ignore = true)
@Mapping(target = "updateTime", ignore = true)
@Mapping(target = "updateBy", ignore = true)
@Mapping(target = "remark", ignore = true)
@Mapping(target = "createTime", ignore = true)
@Mapping(target = "createBy", ignore = true)
AppPermissionPolicyEntity policyUpdateParamConvertToEntity(AppPermissionPolicyUpdateParam param);
/**
*
*
* @param page {@link Page}
* @return {@link Page}
*/
default Page<AppPermissionPolicyPO> entityConvertToPolicyListResult(org.springframework.data.domain.Page<AppPermissionPolicyPO> page) {
Page<AppPermissionPolicyPO> result = new Page<>();
List<AppPermissionPolicyPO> pageList = page.getContent();
if (!CollectionUtils.isEmpty(pageList)) {
//@formatter:off
result.setPagination(Page.Pagination.builder()
.total(page.getTotalElements())
.totalPages(page.getTotalPages())
.current(page.getPageable().getPageNumber() + 1)
.build());
//@formatter:on
result.setList(pageList);
}
return result;
}
}

145
eiam-openapi/src/main/java/cn/topiam/employee/openapi/converter/app/AppPermissionResourceConverter.java Normal file
View File

@ -0,0 +1,145 @@
/*
* eiam-openapi - Employee Identity and Access Management
* Copyright © 2022-Present Jinan Yuanchuang Network Technology Co., Ltd. (support@topiam.cn)
*
* This program is free software: you can redistribute it and/or modify
* it under the terms of the GNU Affero General Public License as published by
* the Free Software Foundation, either version 3 of the License, or
* (at your option) any later version.
*
* This program is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU Affero General Public License for more details.
*
* You should have received a copy of the GNU Affero General Public License
* along with this program. If not, see <http://www.gnu.org/licenses/>.
*/
package cn.topiam.employee.openapi.converter.app;
import java.util.ArrayList;
import java.util.List;
import org.apache.commons.lang3.StringUtils;
import org.mapstruct.Mapper;
import org.mapstruct.Mapping;
import org.springframework.util.CollectionUtils;
import com.querydsl.core.types.ExpressionUtils;
import com.querydsl.core.types.Predicate;
import cn.topiam.employee.common.entity.app.AppPermissionResourceEntity;
import cn.topiam.employee.common.entity.app.QAppPermissionResourceEntity;
import cn.topiam.employee.openapi.pojo.request.app.query.AppResourceListQuery;
import cn.topiam.employee.openapi.pojo.request.app.save.AppPermissionResourceCreateParam;
import cn.topiam.employee.openapi.pojo.request.app.update.AppPermissionResourceUpdateParam;
import cn.topiam.employee.openapi.pojo.response.app.AppPermissionResourceGetResult;
import cn.topiam.employee.openapi.pojo.response.app.AppPermissionResourceListResult;
import cn.topiam.employee.support.repository.page.domain.Page;
/**
*
*
* @author TopIAM
* Created by support@topiam.cn on 2020/8/14 22:45
*/
@Mapper(componentModel = "spring", uses = AppPermissionActionConverter.class)
public interface AppPermissionResourceConverter {
/**
*
*
* @param query {@link AppResourceListQuery}
* @return {@link Predicate}
*/
default Predicate resourcePaginationParamConvertToPredicate(AppResourceListQuery query) {
QAppPermissionResourceEntity resource = QAppPermissionResourceEntity.appPermissionResourceEntity;
Predicate predicate = ExpressionUtils.and(resource.isNotNull(),
resource.deleted.eq(Boolean.FALSE));
//查询条件
//@formatter:off
// 资源名称
predicate = StringUtils.isBlank(query.getName()) ? predicate : ExpressionUtils.and(predicate, resource.name.like("%" + query.getName() + "%"));
// TODO 从token中获取 所属应用
// predicate = ExpressionUtils.and(predicate, resource.appId.eq(0L));
//@formatter:on
return predicate;
}
/**
*
*
* @param param {@link AppPermissionResourceCreateParam}
* @return {@link AppPermissionResourceEntity}
*/
@Mapping(target = "deleted", ignore = true)
@Mapping(target = "actions", ignore = true)
@Mapping(target = "id", ignore = true)
@Mapping(target = "updateTime", ignore = true)
@Mapping(target = "updateBy", ignore = true)
@Mapping(target = "remark", ignore = true)
@Mapping(target = "createTime", ignore = true)
@Mapping(target = "createBy", ignore = true)
AppPermissionResourceEntity resourceCreateParamConvertToEntity(AppPermissionResourceCreateParam param);
/**
*
*
* @param param {@link AppPermissionResourceCreateParam}
* @return {@link AppPermissionResourceEntity}
*/
@Mapping(target = "enabled", expression = "java(Boolean.TRUE)")
@Mapping(target = "deleted", ignore = true)
@Mapping(target = "code", ignore = true)
@Mapping(target = "appId", ignore = true)
@Mapping(target = "actions", ignore = true)
@Mapping(target = "updateTime", ignore = true)
@Mapping(target = "updateBy", ignore = true)
@Mapping(target = "remark", ignore = true)
@Mapping(target = "createTime", ignore = true)
@Mapping(target = "createBy", ignore = true)
AppPermissionResourceEntity resourceUpdateParamConvertToEntity(AppPermissionResourceUpdateParam param);
/**
*
*
* @param page {@link Page}
* @return {@link Page}
*/
default Page<AppPermissionResourceListResult> entityConvertToResourceListResult(org.springframework.data.domain.Page<AppPermissionResourceEntity> page) {
Page<AppPermissionResourceListResult> result = new Page<>();
List<AppPermissionResourceEntity> pageList = page.getContent();
if (!CollectionUtils.isEmpty(pageList)) {
List<AppPermissionResourceListResult> list = new ArrayList<>();
for (AppPermissionResourceEntity resource : pageList) {
list.add(entityConvertToResourceListResult(resource));
}
//@formatter:off
result.setPagination(Page.Pagination.builder()
.total(page.getTotalElements())
.totalPages(page.getTotalPages())
.current(page.getPageable().getPageNumber() + 1)
.build());
//@formatter:on
result.setList(list);
}
return result;
}
/**
*
*
* @param data {@link AppPermissionResourceEntity}
* @return {@link AppPermissionResourceListResult}
*/
AppPermissionResourceListResult entityConvertToResourceListResult(AppPermissionResourceEntity data);
/**
*
*
* @param resource {@link AppPermissionResourceEntity}
* @return {@link AppPermissionResourceGetResult}
*/
@Mapping(target = "actions", source = "actions")
AppPermissionResourceGetResult entityConvertToResourceGetResult(AppPermissionResourceEntity resource);
}

142
eiam-openapi/src/main/java/cn/topiam/employee/openapi/converter/app/AppPermissionRoleConverter.java Normal file
View File

@ -0,0 +1,142 @@
/*
* eiam-openapi - Employee Identity and Access Management
* Copyright © 2022-Present Jinan Yuanchuang Network Technology Co., Ltd. (support@topiam.cn)
*
* This program is free software: you can redistribute it and/or modify
* it under the terms of the GNU Affero General Public License as published by
* the Free Software Foundation, either version 3 of the License, or
* (at your option) any later version.
*
* This program is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU Affero General Public License for more details.
*
* You should have received a copy of the GNU Affero General Public License
* along with this program. If not, see <http://www.gnu.org/licenses/>.
*/
package cn.topiam.employee.openapi.converter.app;
import java.util.ArrayList;
import java.util.List;
import org.apache.commons.lang3.StringUtils;
import org.mapstruct.Mapper;
import org.mapstruct.Mapping;
import org.springframework.util.CollectionUtils;
import org.springframework.util.ObjectUtils;
import com.querydsl.core.types.ExpressionUtils;
import com.querydsl.core.types.Predicate;
import cn.topiam.employee.common.entity.app.AppPermissionRoleEntity;
import cn.topiam.employee.common.entity.app.QAppPermissionRoleEntity;
import cn.topiam.employee.openapi.pojo.request.app.query.AppPermissionRoleListQuery;
import cn.topiam.employee.openapi.pojo.request.app.save.AppPermissionRoleCreateParam;
import cn.topiam.employee.openapi.pojo.request.app.update.PermissionRoleUpdateParam;
import cn.topiam.employee.openapi.pojo.response.app.AppPermissionRoleListResult;
import cn.topiam.employee.openapi.pojo.response.app.AppPermissionRoleResult;
import cn.topiam.employee.support.repository.page.domain.Page;
/**
*
*
* @author TopIAM
* Created by support@topiam.cn on 2020/8/14 22:45
*/
@Mapper(componentModel = "spring")
public interface AppPermissionRoleConverter {
/**
*
*
* @param page {@link Page}
* @return {@link Page}
*/
default Page<AppPermissionRoleListResult> entityConvertToRolePaginationResult(org.springframework.data.domain.Page<AppPermissionRoleEntity> page) {
Page<AppPermissionRoleListResult> result = new Page<>();
if (!CollectionUtils.isEmpty(page.getContent())) {
List<AppPermissionRoleListResult> list = new ArrayList<>();
for (AppPermissionRoleEntity user : page.getContent()) {
list.add(entityConvertToRolePaginationResult(user));
}
//@formatter:off
result.setPagination(Page.Pagination.builder()
.total(page.getTotalElements())
.totalPages(page.getTotalPages())
.current(page.getPageable().getPageNumber() + 1)
.build());
//@formatter:on
result.setList(list);
}
return result;
}
/**
*
*
* @param page {@link AppPermissionRoleEntity}
* @return {@link AppPermissionRoleListResult}
*/
AppPermissionRoleListResult entityConvertToRolePaginationResult(AppPermissionRoleEntity page);
/**
*
*
* @param param {@link AppPermissionRoleCreateParam}
* @return {@link AppPermissionRoleEntity}
*/
@Mapping(target = "deleted", ignore = true)
@Mapping(target = "id", ignore = true)
@Mapping(target = "enabled", expression = "java(Boolean.TRUE)")
@Mapping(target = "updateTime", ignore = true)
@Mapping(target = "updateBy", ignore = true)
@Mapping(target = "createTime", ignore = true)
@Mapping(target = "createBy", ignore = true)
AppPermissionRoleEntity roleCreateParamConvertToEntity(AppPermissionRoleCreateParam param);
/**
*
*
* @param param {@link PermissionRoleUpdateParam}
* @return {@link AppPermissionRoleEntity}
*/
@Mapping(target = "appId", ignore = true)
@Mapping(target = "enabled", ignore = true)
@Mapping(target = "updateTime", ignore = true)
@Mapping(target = "updateBy", ignore = true)
@Mapping(target = "createTime", ignore = true)
@Mapping(target = "createBy", ignore = true)
AppPermissionRoleEntity roleUpdateParamConvertToEntity(PermissionRoleUpdateParam param);
/**
*
*
* @param role {@link AppPermissionRoleEntity}
* @return {@link AppPermissionRoleResult}
*/
AppPermissionRoleResult entityConvertToRoleDetailResult(AppPermissionRoleEntity role);
/**
*
*
* @param query {@link AppPermissionRoleListQuery}
* @return {@link AppPermissionRoleEntity}
*/
default Predicate rolePaginationParamConvertToPredicate(AppPermissionRoleListQuery query) {
QAppPermissionRoleEntity role = QAppPermissionRoleEntity.appPermissionRoleEntity;
Predicate predicate = ExpressionUtils.and(role.isNotNull(), role.deleted.eq(Boolean.FALSE));
//查询条件
//@formatter:off
// 角色名称
predicate = StringUtils.isBlank(query.getName()) ? predicate : ExpressionUtils.and(predicate, role.name.like("%" + query.getName() + "%"));
// 是否启用
predicate = ObjectUtils.isEmpty(query.getEnabled()) ? predicate : ExpressionUtils.and(predicate, role.enabled.eq(query.getEnabled()));
// 角色编码
predicate = StringUtils.isBlank(query.getCode()) ? predicate : ExpressionUtils.and(predicate, role.code.eq(query.getCode()));
// TODO 从token中获取 所属应用
predicate = ExpressionUtils.and(predicate, role.appId.eq(0L));
//@formatter:on
return predicate;
}
}

63
eiam-openapi/src/main/java/cn/topiam/employee/openapi/endpoint/permission/AppPermissionPolicyEndpoint.java Normal file
View File

@ -0,0 +1,63 @@
/*
* eiam-openapi - Employee Identity and Access Management
* Copyright © 2022-Present Jinan Yuanchuang Network Technology Co., Ltd. (support@topiam.cn)
*
* This program is free software: you can redistribute it and/or modify
* it under the terms of the GNU Affero General Public License as published by
* the Free Software Foundation, either version 3 of the License, or
* (at your option) any later version.
*
* This program is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU Affero General Public License for more details.
*
* You should have received a copy of the GNU Affero General Public License
* along with this program. If not, see <http://www.gnu.org/licenses/>.
*/
package cn.topiam.employee.openapi.endpoint.permission;
import org.springframework.validation.annotation.Validated;
import org.springframework.web.bind.annotation.GetMapping;
import org.springframework.web.bind.annotation.RequestMapping;
import org.springframework.web.bind.annotation.RestController;
import cn.topiam.employee.common.entity.app.po.AppPermissionPolicyPO;
import cn.topiam.employee.openapi.pojo.request.app.query.OpenApiPolicyQuery;
import cn.topiam.employee.openapi.service.AppPermissionPolicyService;
import cn.topiam.employee.support.repository.page.domain.Page;
import cn.topiam.employee.support.repository.page.domain.PageModel;
import cn.topiam.employee.support.result.ApiRestResult;
import lombok.RequiredArgsConstructor;
import io.swagger.v3.oas.annotations.Operation;
import static cn.topiam.employee.openapi.constants.OpenApiV1Constants.OPEN_API_PERMISSION_PATH;
/**
* -API
*
* @author TopIAM
* Created by support@topiam.cn on 2022/9/5 21:04
*/
@RestController
@RequestMapping(value = OPEN_API_PERMISSION_PATH + "/policy")
@RequiredArgsConstructor
public class AppPermissionPolicyEndpoint {
/**
*
*
* @param page {@link PageModel}
* @return {@link AppPermissionPolicyPO}
*/
@Operation(summary = "获取策略列表")
@GetMapping(value = "/list")
public ApiRestResult<Page<AppPermissionPolicyPO>> getPermissionPolicyList(PageModel page,
@Validated OpenApiPolicyQuery query) {
Page<AppPermissionPolicyPO> result = permissionPolicyService.getPermissionPolicyList(page,
query);
return ApiRestResult.<Page<AppPermissionPolicyPO>> builder().result(result).build();
}
private final AppPermissionPolicyService permissionPolicyService;
}

72
eiam-openapi/src/main/java/cn/topiam/employee/openapi/endpoint/permission/AppPermissionResourceEndpoint.java Normal file
View File

@ -0,0 +1,72 @@
/*
* eiam-openapi - Employee Identity and Access Management
* Copyright © 2022-Present Jinan Yuanchuang Network Technology Co., Ltd. (support@topiam.cn)
*
* This program is free software: you can redistribute it and/or modify
* it under the terms of the GNU Affero General Public License as published by
* the Free Software Foundation, either version 3 of the License, or
* (at your option) any later version.
*
* This program is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU Affero General Public License for more details.
*
* You should have received a copy of the GNU Affero General Public License
* along with this program. If not, see <http://www.gnu.org/licenses/>.
*/
package cn.topiam.employee.openapi.endpoint.permission;
import org.springframework.validation.annotation.Validated;
import org.springframework.web.bind.annotation.GetMapping;
import org.springframework.web.bind.annotation.RequestMapping;
import org.springframework.web.bind.annotation.RestController;
import cn.topiam.employee.openapi.pojo.request.app.query.AppResourceListQuery;
import cn.topiam.employee.openapi.pojo.response.app.AppPermissionResourceListResult;
import cn.topiam.employee.openapi.service.AppPermissionResourceService;
import cn.topiam.employee.support.repository.page.domain.Page;
import cn.topiam.employee.support.repository.page.domain.PageModel;
import cn.topiam.employee.support.result.ApiRestResult;
import lombok.RequiredArgsConstructor;
import io.swagger.v3.oas.annotations.Operation;
import static cn.topiam.employee.openapi.constants.OpenApiV1Constants.OPEN_API_PERMISSION_PATH;
/**
* -API
*
* @author TopIAM
* Created by support@topiam.cn on 2022/9/5 21:04
*/
@RestController
@RequestMapping(value = OPEN_API_PERMISSION_PATH + "/resource")
@RequiredArgsConstructor
public class AppPermissionResourceEndpoint {
/**
*
*
* @param page {@link PageModel}
* @return {@link AppPermissionResourceListResult}
*/
@Operation(summary = "获取资源列表")
@GetMapping(value = "/list")
public ApiRestResult<Page<AppPermissionResourceListResult>> getPermissionResourceList(PageModel page,
@Validated AppResourceListQuery query) {
Page<AppPermissionResourceListResult> result = appPermissionResourceService
.getPermissionResourceList(page, query);
return ApiRestResult.<Page<AppPermissionResourceListResult>> builder().result(result)
.build();
}
//2、新增资源
//3、编辑资源
//4、删除资源
/**
*
*/
private final AppPermissionResourceService appPermissionResourceService;
}

72
eiam-openapi/src/main/java/cn/topiam/employee/openapi/endpoint/permission/AppPermissionRoleEndpoint.java Normal file
View File

@ -0,0 +1,72 @@
/*
* eiam-openapi - Employee Identity and Access Management
* Copyright © 2022-Present Jinan Yuanchuang Network Technology Co., Ltd. (support@topiam.cn)
*
* This program is free software: you can redistribute it and/or modify
* it under the terms of the GNU Affero General Public License as published by
* the Free Software Foundation, either version 3 of the License, or
* (at your option) any later version.
*
* This program is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU Affero General Public License for more details.
*
* You should have received a copy of the GNU Affero General Public License
* along with this program. If not, see <http://www.gnu.org/licenses/>.
*/
package cn.topiam.employee.openapi.endpoint.permission;
import org.springframework.validation.annotation.Validated;
import org.springframework.web.bind.annotation.GetMapping;
import org.springframework.web.bind.annotation.RequestMapping;
import org.springframework.web.bind.annotation.RestController;
import cn.topiam.employee.openapi.pojo.request.app.query.AppPermissionRoleListQuery;
import cn.topiam.employee.openapi.pojo.response.app.AppPermissionRoleListResult;
import cn.topiam.employee.openapi.service.AppPermissionRoleService;
import cn.topiam.employee.support.repository.page.domain.Page;
import cn.topiam.employee.support.repository.page.domain.PageModel;
import cn.topiam.employee.support.result.ApiRestResult;
import lombok.RequiredArgsConstructor;
import io.swagger.v3.oas.annotations.Operation;
import static cn.topiam.employee.openapi.constants.OpenApiV1Constants.OPEN_API_PERMISSION_PATH;
/**
* -API
*
* @author TopIAM
* Created by support@topiam.cn on 2022/9/5 21:04
*/
@RestController
@RequestMapping(value = OPEN_API_PERMISSION_PATH + "/role")
@RequiredArgsConstructor
public class AppPermissionRoleEndpoint {
//1、获取应用的所有角色分页
/**
*
*
* @param page {@link PageModel}
* @return {@link AppPermissionRoleListResult}
*/
@Operation(summary = "获取角色列表")
@GetMapping(value = "/list")
public ApiRestResult<Page<AppPermissionRoleListResult>> getPermissionRoleList(PageModel page,
@Validated AppPermissionRoleListQuery query) {
Page<AppPermissionRoleListResult> result = appPermissionRoleService
.getPermissionRoleList(page, query);
return ApiRestResult.<Page<AppPermissionRoleListResult>> builder().result(result).build();
}
//2、新增角色
//3、编辑角色
//4、删除角色
/**
*
*/
private final AppPermissionRoleService appPermissionRoleService;
}

18
eiam-openapi/src/main/java/cn/topiam/employee/openapi/endpoint/permission/package-info.java Normal file
View File

@ -0,0 +1,18 @@
/*
* eiam-openapi - Employee Identity and Access Management
* Copyright © 2022-Present Jinan Yuanchuang Network Technology Co., Ltd. (support@topiam.cn)
*
* This program is free software: you can redistribute it and/or modify
* it under the terms of the GNU Affero General Public License as published by
* the Free Software Foundation, either version 3 of the License, or
* (at your option) any later version.
*
* This program is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU Affero General Public License for more details.
*
* You should have received a copy of the GNU Affero General Public License
* along with this program. If not, see <http://www.gnu.org/licenses/>.
*/
package cn.topiam.employee.openapi.endpoint.permission;

59
eiam-openapi/src/main/java/cn/topiam/employee/openapi/pojo/request/app/AppPermissionsActionParam.java Normal file
View File

@ -0,0 +1,59 @@
/*
* eiam-openapi - Employee Identity and Access Management
* Copyright © 2022-Present Jinan Yuanchuang Network Technology Co., Ltd. (support@topiam.cn)
*
* This program is free software: you can redistribute it and/or modify
* it under the terms of the GNU Affero General Public License as published by
* the Free Software Foundation, either version 3 of the License, or
* (at your option) any later version.
*
* This program is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU Affero General Public License for more details.
*
* You should have received a copy of the GNU Affero General Public License
* along with this program. If not, see <http://www.gnu.org/licenses/>.
*/
package cn.topiam.employee.openapi.pojo.request.app;
import java.io.Serial;
import java.io.Serializable;
import cn.topiam.employee.common.enums.PermissionActionType;
import lombok.Data;
import jakarta.validation.Valid;
import jakarta.validation.constraints.NotEmpty;
import jakarta.validation.constraints.NotNull;
/**
* AppPermissionsActionParam
*
* @author TopIAM
* Created by support@topiam.cn on 2022/9/1 00:18
*/
@Data
@Valid
public class AppPermissionsActionParam implements Serializable {
@Serial
private static final long serialVersionUID = -6391182747252245592L;
/**
*
*/
@NotNull(message = "权限类型")
private PermissionActionType type;
/**
*
*/
@NotEmpty(message = "权限值")
private String value;
/**
*
*/
@NotEmpty(message = "权限描述")
private String name;
}

60
eiam-openapi/src/main/java/cn/topiam/employee/openapi/pojo/request/app/query/AppPermissionListQuery.java Normal file
View File

@ -0,0 +1,60 @@
/*
* eiam-openapi - Employee Identity and Access Management
* Copyright © 2022-Present Jinan Yuanchuang Network Technology Co., Ltd. (support@topiam.cn)
*
* This program is free software: you can redistribute it and/or modify
* it under the terms of the GNU Affero General Public License as published by
* the Free Software Foundation, either version 3 of the License, or
* (at your option) any later version.
*
* This program is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU Affero General Public License for more details.
*
* You should have received a copy of the GNU Affero General Public License
* along with this program. If not, see <http://www.gnu.org/licenses/>.
*/
package cn.topiam.employee.openapi.pojo.request.app.query;
import java.io.Serializable;
import org.springdoc.core.annotations.ParameterObject;
import lombok.Data;
import io.swagger.v3.oas.annotations.Parameter;
import io.swagger.v3.oas.annotations.media.Schema;
import jakarta.validation.constraints.NotNull;
/**
*
*
* @author TopIAM
* Created by support@topiam.cn on 2020/8/11 23:08
*/
@Data
@Schema(description = "查询权限列表入参")
@ParameterObject
public class AppPermissionListQuery implements Serializable {
/**
*
*/
@Parameter(description = "权限名称")
private String name;
/**
*
*/
@NotNull(message = "请选择权限所属资源")
@Parameter(description = "所属资源")
private Long resourceId;
/**
*
*/
@Parameter(description = "是否启用")
private Boolean enabled;
}

58
eiam-openapi/src/main/java/cn/topiam/employee/openapi/pojo/request/app/query/AppPermissionRoleListQuery.java Normal file
View File

@ -0,0 +1,58 @@
/*
* eiam-openapi - Employee Identity and Access Management
* Copyright © 2022-Present Jinan Yuanchuang Network Technology Co., Ltd. (support@topiam.cn)
*
* This program is free software: you can redistribute it and/or modify
* it under the terms of the GNU Affero General Public License as published by
* the Free Software Foundation, either version 3 of the License, or
* (at your option) any later version.
*
* This program is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU Affero General Public License for more details.
*
* You should have received a copy of the GNU Affero General Public License
* along with this program. If not, see <http://www.gnu.org/licenses/>.
*/
package cn.topiam.employee.openapi.pojo.request.app.query;
import java.io.Serializable;
import org.springdoc.core.annotations.ParameterObject;
import lombok.Data;
import io.swagger.v3.oas.annotations.Parameter;
import io.swagger.v3.oas.annotations.media.Schema;
/**
*
*
* @author TopIAM
* Created by support@topiam.cn on 2020/8/11 23:08
*/
@Data
@Schema(description = "查询角色列表入参")
@ParameterObject
public class AppPermissionRoleListQuery implements Serializable {
/**
*
*/
@Parameter(description = "角色名称")
private String name;
/**
*
*/
@Parameter(description = "角色编码")
private String code;
/**
*
*/
@Parameter(description = "是否启用")
private Boolean enabled;
}

51
eiam-openapi/src/main/java/cn/topiam/employee/openapi/pojo/request/app/query/AppResourceListQuery.java Normal file
View File

@ -0,0 +1,51 @@
/*
* eiam-openapi - Employee Identity and Access Management
* Copyright © 2022-Present Jinan Yuanchuang Network Technology Co., Ltd. (support@topiam.cn)
*
* This program is free software: you can redistribute it and/or modify
* it under the terms of the GNU Affero General Public License as published by
* the Free Software Foundation, either version 3 of the License, or
* (at your option) any later version.
*
* This program is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU Affero General Public License for more details.
*
* You should have received a copy of the GNU Affero General Public License
* along with this program. If not, see <http://www.gnu.org/licenses/>.
*/
package cn.topiam.employee.openapi.pojo.request.app.query;
import java.io.Serializable;
import org.springdoc.core.annotations.ParameterObject;
import lombok.Data;
import io.swagger.v3.oas.annotations.Parameter;
import io.swagger.v3.oas.annotations.media.Schema;
/**
*
*
* @author TopIAM
* Created by support@topiam.cn on 2020/8/11 23:08
*/
@Data
@Schema(description = "查询权限资源列表入参")
@ParameterObject
public class AppResourceListQuery implements Serializable {
/**
*
*/
@Parameter(description = "资源名称")
private String name;
/**
*
*/
@Parameter(description = "是否启用")
private Boolean enabled;
}

75
eiam-openapi/src/main/java/cn/topiam/employee/openapi/pojo/request/app/query/OpenApiPolicyQuery.java Normal file
View File

@ -0,0 +1,75 @@
/*
* eiam-openapi - Employee Identity and Access Management
* Copyright © 2022-Present Jinan Yuanchuang Network Technology Co., Ltd. (support@topiam.cn)
*
* This program is free software: you can redistribute it and/or modify
* it under the terms of the GNU Affero General Public License as published by
* the Free Software Foundation, either version 3 of the License, or
* (at your option) any later version.
*
* This program is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU Affero General Public License for more details.
*
* You should have received a copy of the GNU Affero General Public License
* along with this program. If not, see <http://www.gnu.org/licenses/>.
*/
package cn.topiam.employee.openapi.pojo.request.app.query;
import java.io.Serializable;
import org.springdoc.core.annotations.ParameterObject;
import cn.topiam.employee.common.enums.app.AppPolicyEffect;
import cn.topiam.employee.common.enums.app.AppPolicyObjectType;
import cn.topiam.employee.common.enums.app.AppPolicySubjectType;
import lombok.Data;
import io.swagger.v3.oas.annotations.Parameter;
import io.swagger.v3.oas.annotations.media.Schema;
import jakarta.validation.constraints.NotNull;
/**
*
*
* @author TopIAM
*/
@Data
@Schema(description = "查询权限策略列表入参")
@ParameterObject
public class OpenApiPolicyQuery implements Serializable {
/**
* Id
*/
@Parameter(description = "授权主体Id")
private String subjectId;
/**
*
*/
@NotNull(message = "授权主体类型不能为空")
@Parameter(description = "授权主体类型")
private AppPolicySubjectType subjectType;
/**
* Id
*/
@Parameter(description = "授权客体Id")
private String objectId;
/**
*
*/
@NotNull(message = "授权客体类型不能为空")
@Parameter(description = "授权客体类型")
private AppPolicyObjectType objectType;
/**
*
*/
@Parameter(description = "规则效果")
private AppPolicyEffect effect;
}

56
eiam-openapi/src/main/java/cn/topiam/employee/openapi/pojo/request/app/save/AppAccountCreateParam.java Normal file
View File

@ -0,0 +1,56 @@
/*
* eiam-openapi - Employee Identity and Access Management
* Copyright © 2022-Present Jinan Yuanchuang Network Technology Co., Ltd. (support@topiam.cn)
*
* This program is free software: you can redistribute it and/or modify
* it under the terms of the GNU Affero General Public License as published by
* the Free Software Foundation, either version 3 of the License, or
* (at your option) any later version.
*
* This program is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU Affero General Public License for more details.
*
* You should have received a copy of the GNU Affero General Public License
* along with this program. If not, see <http://www.gnu.org/licenses/>.
*/
package cn.topiam.employee.openapi.pojo.request.app.save;
import lombok.Data;
import io.swagger.v3.oas.annotations.media.Schema;
import jakarta.validation.constraints.NotBlank;
import jakarta.validation.constraints.NotNull;
/**
* AppAccountCreateParam
*
* @author TopIAM
* Created by support@topiam.cn on 2022/5/24 22:13
*/
@Data
@Schema(description = "应用账户新增入参")
public class AppAccountCreateParam {
/**
* ID
*/
@Schema(description = "应用ID")
@NotNull(message = "应用ID不能为空")
private Long appId;
/**
* ID
*/
@Schema(description = "用户ID")
@NotNull(message = "用户ID不能为空")
private Long userId;
/**
*
*/
@Schema(description = "账户名称")
@NotBlank(message = "账户名称不能为空")
private String account;
}

77
eiam-openapi/src/main/java/cn/topiam/employee/openapi/pojo/request/app/save/AppPermissionActionCreateParam.java Normal file
View File

@ -0,0 +1,77 @@
/*
* eiam-openapi - Employee Identity and Access Management
* Copyright © 2022-Present Jinan Yuanchuang Network Technology Co., Ltd. (support@topiam.cn)
*
* This program is free software: you can redistribute it and/or modify
* it under the terms of the GNU Affero General Public License as published by
* the Free Software Foundation, either version 3 of the License, or
* (at your option) any later version.
*
* This program is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU Affero General Public License for more details.
*
* You should have received a copy of the GNU Affero General Public License
* along with this program. If not, see <http://www.gnu.org/licenses/>.
*/
package cn.topiam.employee.openapi.pojo.request.app.save;
import java.io.Serializable;
import cn.topiam.employee.common.enums.PermissionActionType;
import lombok.Data;
import io.swagger.v3.oas.annotations.media.Schema;
import jakarta.validation.constraints.NotBlank;
import jakarta.validation.constraints.NotNull;
/**
*
*
* @author TopIAM
* Created by support@topiam.cn on 2020/8/26 21:46
*/
@Data
@Schema(description = "创建权限入参")
public class AppPermissionActionCreateParam implements Serializable {
/**
*
*/
@Schema(description = "权限名称")
@NotBlank(message = "权限名称不能为空")
private String name;
/**
*
*/
@Schema(description = "权限值")
@NotBlank(message = "权限值不能为空")
private String value;
/**
*
*/
@Schema(description = "权限类型")
@NotNull(message = "权限类型不能为空")
private PermissionActionType type;
/**
*
*/
private Boolean enabled = true;
/**
*
*/
@Schema(description = "所属资源")
@NotBlank(message = "所属资源不能为空")
private Long resourceId;
/**
*
*/
@Schema(description = "备注")
private String remark;
}

83
eiam-openapi/src/main/java/cn/topiam/employee/openapi/pojo/request/app/save/AppPermissionPolicyCreateParam.java Normal file
View File

@ -0,0 +1,83 @@
/*
* eiam-openapi - Employee Identity and Access Management
* Copyright © 2022-Present Jinan Yuanchuang Network Technology Co., Ltd. (support@topiam.cn)
*
* This program is free software: you can redistribute it and/or modify
* it under the terms of the GNU Affero General Public License as published by
* the Free Software Foundation, either version 3 of the License, or
* (at your option) any later version.
*
* This program is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU Affero General Public License for more details.
*
* You should have received a copy of the GNU Affero General Public License
* along with this program. If not, see <http://www.gnu.org/licenses/>.
*/
package cn.topiam.employee.openapi.pojo.request.app.save;
import java.io.Serializable;
import cn.topiam.employee.common.enums.app.AppPolicyEffect;
import cn.topiam.employee.common.enums.app.AppPolicyObjectType;
import cn.topiam.employee.common.enums.app.AppPolicySubjectType;
import lombok.Data;
import io.swagger.v3.oas.annotations.Parameter;
import io.swagger.v3.oas.annotations.media.Schema;
import jakarta.validation.constraints.NotNull;
/**
*
*
* @author TopIAM
* Created by support@topiam.cn on 2020/8/26 21:46
*/
@Data
@Schema(description = "创建策略入参")
public class AppPermissionPolicyCreateParam implements Serializable {
/**
*
*/
@NotNull(message = "资源所属应用不能为空")
@Parameter(description = "所属应用")
private Long appId;
/**
* id
*/
@NotNull(message = "授权主体id不能为空")
@Parameter(description = "授权主体id")
private String subjectId;
/**
*
*/
@NotNull(message = "授权主体类型不能为空")
@Parameter(description = "授权主体类型")
private AppPolicySubjectType subjectType;
/**
* ID
*/
@NotNull(message = "权限客体ID不能为空")
@Parameter(description = "授权客体id")
private Long objectId;
/**
*
*/
@NotNull(message = "权限客体类型不能为空")
@Parameter(description = "授权客体类型")
private AppPolicyObjectType objectType;
/**
*
*/
@NotNull(message = "授权作用不能为空")
@Parameter(description = "授权作用")
private AppPolicyEffect effect;
}

77
eiam-openapi/src/main/java/cn/topiam/employee/openapi/pojo/request/app/save/AppPermissionResourceCreateParam.java Normal file
View File

@ -0,0 +1,77 @@
/*
* eiam-openapi - Employee Identity and Access Management
* Copyright © 2022-Present Jinan Yuanchuang Network Technology Co., Ltd. (support@topiam.cn)
*
* This program is free software: you can redistribute it and/or modify
* it under the terms of the GNU Affero General Public License as published by
* the Free Software Foundation, either version 3 of the License, or
* (at your option) any later version.
*
* This program is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU Affero General Public License for more details.
*
* You should have received a copy of the GNU Affero General Public License
* along with this program. If not, see <http://www.gnu.org/licenses/>.
*/
package cn.topiam.employee.openapi.pojo.request.app.save;
import java.io.Serializable;
import java.util.List;
import cn.topiam.employee.openapi.pojo.request.app.AppPermissionsActionParam;
import lombok.Data;
import io.swagger.v3.oas.annotations.media.Schema;
import jakarta.validation.constraints.NotBlank;
import jakarta.validation.constraints.NotNull;
/**
*
*
* @author TopIAM
* Created by support@topiam.cn on 2020/8/26 21:46
*/
@Data
@Schema(description = "创建资源入参")
public class AppPermissionResourceCreateParam implements Serializable {
/**
*
*/
@Schema(description = "资源编码")
@NotBlank(message = "资源编码不能为空")
private String code;
/**
*
*/
@Schema(description = "资源名称")
@NotBlank(message = "资源名称不能为空")
private String name;
/**
*
*/
@Schema(description = "资源描述")
@NotBlank(message = "资源描述不能为空")
private String desc;
/**
*
*/
private Boolean enabled = true;
/**
*
*/
@Schema(description = "所属应用")
@NotNull(message = "所属应用不能为空")
private Long appId;
/**
*
*/
@Schema(description = "资源权限")
@NotNull(message = "资源权限不能为空")
private List<AppPermissionsActionParam> actions;
}

61
eiam-openapi/src/main/java/cn/topiam/employee/openapi/pojo/request/app/save/AppPermissionRoleCreateParam.java Normal file
View File

@ -0,0 +1,61 @@
/*
* eiam-openapi - Employee Identity and Access Management
* Copyright © 2022-Present Jinan Yuanchuang Network Technology Co., Ltd. (support@topiam.cn)
*
* This program is free software: you can redistribute it and/or modify
* it under the terms of the GNU Affero General Public License as published by
* the Free Software Foundation, either version 3 of the License, or
* (at your option) any later version.
*
* This program is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU Affero General Public License for more details.
*
* You should have received a copy of the GNU Affero General Public License
* along with this program. If not, see <http://www.gnu.org/licenses/>.
*/
package cn.topiam.employee.openapi.pojo.request.app.save;
import java.io.Serializable;
import lombok.Data;
import io.swagger.v3.oas.annotations.media.Schema;
import jakarta.validation.constraints.NotBlank;
import jakarta.validation.constraints.NotNull;
/**
*
*
* @author TopIAM
* Created by support@topiam.cn on 2020/8/26 21:46
*/
@Data
@Schema(description = "创建角色入参")
public class AppPermissionRoleCreateParam implements Serializable {
/**
*
*/
@NotBlank(message = "角色名称不能为空")
private String name;
/**
*
*/
@NotBlank(message = "角色编码不能为空")
private String code;
/**
*
*/
private Boolean enabled = true;
/**
*
*/
@NotNull(message = "所属应用不能为空")
private Long appId;
/**
*
*/
@Schema(description = "备注")
private String remark;
}

88
eiam-openapi/src/main/java/cn/topiam/employee/openapi/pojo/request/app/update/AppPermissionPolicyUpdateParam.java Normal file
View File

@ -0,0 +1,88 @@
/*
* eiam-openapi - Employee Identity and Access Management
* Copyright © 2022-Present Jinan Yuanchuang Network Technology Co., Ltd. (support@topiam.cn)
*
* This program is free software: you can redistribute it and/or modify
* it under the terms of the GNU Affero General Public License as published by
* the Free Software Foundation, either version 3 of the License, or
* (at your option) any later version.
*
* This program is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU Affero General Public License for more details.
*
* You should have received a copy of the GNU Affero General Public License
* along with this program. If not, see <http://www.gnu.org/licenses/>.
*/
package cn.topiam.employee.openapi.pojo.request.app.update;
import java.io.Serializable;
import cn.topiam.employee.common.enums.app.AppPolicyEffect;
import cn.topiam.employee.common.enums.app.AppPolicyObjectType;
import cn.topiam.employee.common.enums.app.AppPolicySubjectType;
import lombok.Data;
import io.swagger.v3.oas.annotations.Parameter;
import io.swagger.v3.oas.annotations.media.Schema;
import jakarta.validation.constraints.NotNull;
/**
*
*
* @author TopIAM
* Created by support@topiam.cn on 2020/8/26 21:46
*/
@Data
@Schema(description = "修改策略入参")
public class AppPermissionPolicyUpdateParam implements Serializable {
/**
*
*/
@NotNull(message = "资源所属应用不能为空")
@Parameter(description = "所属应用")
private Long appId;
/**
* id
*/
@NotNull(message = "主键id不能为空")
@Parameter(description = "主键id")
private Long id;
/**
* id
*/
@NotNull(message = "授权主体id不能为空")
@Parameter(description = "授权主体id")
private String subjectId;
/**
*
*/
@NotNull(message = "授权主体类型不能为空")
@Parameter(description = "授权主体类型")
private AppPolicySubjectType subjectType;
/**
* ID
*/
@NotNull(message = "权限客体ID不能为空")
@Parameter(description = "授权客体id")
private Long objectId;
/**
*
*/
@NotNull(message = "权限客体类型不能为空")
@Parameter(description = "授权客体类型")
private AppPolicyObjectType objectType;
/**
*
*/
@NotNull(message = "授权作用不能为空")
@Parameter(description = "授权作用")
private AppPolicyEffect effect;
}

69
eiam-openapi/src/main/java/cn/topiam/employee/openapi/pojo/request/app/update/AppPermissionResourceUpdateParam.java Normal file
View File

@ -0,0 +1,69 @@
/*
* eiam-openapi - Employee Identity and Access Management
* Copyright © 2022-Present Jinan Yuanchuang Network Technology Co., Ltd. (support@topiam.cn)
*
* This program is free software: you can redistribute it and/or modify
* it under the terms of the GNU Affero General Public License as published by
* the Free Software Foundation, either version 3 of the License, or
* (at your option) any later version.
*
* This program is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU Affero General Public License for more details.
*
* You should have received a copy of the GNU Affero General Public License
* along with this program. If not, see <http://www.gnu.org/licenses/>.
*/
package cn.topiam.employee.openapi.pojo.request.app.update;
import java.io.Serial;
import java.io.Serializable;
import java.util.List;
import cn.topiam.employee.openapi.pojo.request.app.AppPermissionsActionParam;
import lombok.Data;
import io.swagger.v3.oas.annotations.media.Schema;
import jakarta.validation.constraints.NotBlank;
import jakarta.validation.constraints.NotNull;
import static io.swagger.v3.oas.annotations.media.Schema.AccessMode.READ_ONLY;
/**
*
*
* @author TopIAM
* Created by support@topiam.cn on 2020/8/26 21:46
*/
@Data
@Schema(description = "修改资源入参")
public class AppPermissionResourceUpdateParam implements Serializable {
@Serial
private static final long serialVersionUID = 6021548372386059064L;
/**
* ID
*/
@Schema(accessMode = READ_ONLY)
@NotBlank(message = "ID不能为空")
private String id;
/**
*
*/
@Schema(description = "资源名称")
@NotBlank(message = "资源名称不能为空")
private String name;
/**
*
*/
@Schema(description = "资源描述")
@NotBlank(message = "资源描述不能为空")
private String desc;
/**
*
*/
@Schema(description = "资源权限")
@NotNull(message = "资源权限不能为空")
private List<AppPermissionsActionParam> actions;
}

61
eiam-openapi/src/main/java/cn/topiam/employee/openapi/pojo/request/app/update/PermissionRoleUpdateParam.java Normal file
View File

@ -0,0 +1,61 @@
/*
* eiam-openapi - Employee Identity and Access Management
* Copyright © 2022-Present Jinan Yuanchuang Network Technology Co., Ltd. (support@topiam.cn)
*
* This program is free software: you can redistribute it and/or modify
* it under the terms of the GNU Affero General Public License as published by
* the Free Software Foundation, either version 3 of the License, or
* (at your option) any later version.
*
* This program is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU Affero General Public License for more details.
*
* You should have received a copy of the GNU Affero General Public License
* along with this program. If not, see <http://www.gnu.org/licenses/>.
*/
package cn.topiam.employee.openapi.pojo.request.app.update;
import java.io.Serial;
import java.io.Serializable;
import lombok.Data;
import io.swagger.v3.oas.annotations.media.Schema;
import jakarta.validation.constraints.NotBlank;
import static io.swagger.v3.oas.annotations.media.Schema.AccessMode.READ_ONLY;
/**
*
*
* @author TopIAM
* Created by support@topiam.cn on 2020/8/26 21:46
*/
@Data
@Schema(description = "修改角色入参")
public class PermissionRoleUpdateParam implements Serializable {
@Serial
private static final long serialVersionUID = 6021548372386059064L;
/**
* ID
*/
@Schema(accessMode = READ_ONLY)
@NotBlank(message = "ID不能为空")
private String id;
/**
*
*/
@Schema(description = "角色名称")
private String name;
/**
*
*/
@Schema(description = "角色编码")
private String code;
/**
*
*/
@Schema(description = "备注")
private String remark;
}

84
eiam-openapi/src/main/java/cn/topiam/employee/openapi/pojo/request/app/update/ResourceActionUpdateParam.java Normal file
View File

@ -0,0 +1,84 @@
/*
* eiam-openapi - Employee Identity and Access Management
* Copyright © 2022-Present Jinan Yuanchuang Network Technology Co., Ltd. (support@topiam.cn)
*
* This program is free software: you can redistribute it and/or modify
* it under the terms of the GNU Affero General Public License as published by
* the Free Software Foundation, either version 3 of the License, or
* (at your option) any later version.
*
* This program is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU Affero General Public License for more details.
*
* You should have received a copy of the GNU Affero General Public License
* along with this program. If not, see <http://www.gnu.org/licenses/>.
*/
package cn.topiam.employee.openapi.pojo.request.app.update;
import java.io.Serial;
import java.io.Serializable;
import cn.topiam.employee.common.enums.PermissionActionType;
import lombok.Data;
import io.swagger.v3.oas.annotations.media.Schema;
import jakarta.validation.constraints.NotBlank;
import static io.swagger.v3.oas.annotations.media.Schema.AccessMode.READ_ONLY;
/**
*
*
* @author TopIAM
* Created by support@topiam.cn on 2020/8/26 21:46
*/
@Data
@Schema(description = "修改资源入参")
public class ResourceActionUpdateParam implements Serializable {
@Serial
private static final long serialVersionUID = 6021548372386059064L;
/**
* ID
*/
@Schema(accessMode = READ_ONLY)
@NotBlank(message = "ID不能为空")
private String id;
/**
*
*/
@Schema(description = "权限名称")
private String name;
/**
*
*/
@Schema(description = "权限值")
private String value;
/**
*
*/
@Schema(description = "权限类型")
private PermissionActionType type;
/**
*
*/
private Boolean enabled = true;
/**
*
*/
@Schema(description = "所属资源")
@NotBlank(message = "所属资源不能为空")
private Long resourceId;
/**
*
*/
@Schema(description = "备注")
private String remark;
}

95
eiam-openapi/src/main/java/cn/topiam/employee/openapi/pojo/response/app/AppAccountListResult.java Normal file
View File

@ -0,0 +1,95 @@
/*
* eiam-openapi - Employee Identity and Access Management
* Copyright © 2022-Present Jinan Yuanchuang Network Technology Co., Ltd. (support@topiam.cn)
*
* This program is free software: you can redistribute it and/or modify
* it under the terms of the GNU Affero General Public License as published by
* the Free Software Foundation, either version 3 of the License, or
* (at your option) any later version.
*
* This program is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU Affero General Public License for more details.
*
* You should have received a copy of the GNU Affero General Public License
* along with this program. If not, see <http://www.gnu.org/licenses/>.
*/
package cn.topiam.employee.openapi.pojo.response.app;
import java.time.LocalDateTime;
import lombok.Data;
import io.swagger.v3.oas.annotations.media.Schema;
/**
* AppAccountCreateParam
*
* @author TopIAM
* Created by support@topiam.cn on 2022/5/24 22:13
*/
@Data
@Schema(description = "应用账户列表查询结果")
public class AppAccountListResult {
/**
* id
*/
@Schema(description = "id")
private String id;
/**
* ID
*/
@Schema(description = "应用ID")
private Long appId;
/**
*
*/
@Schema(description = "应用名称")
private String appName;
/**
*
*/
@Schema(description = "应用模版")
private String appTemplate;
/**
*
*/
@Schema(description = "应用协议")
private String appProtocol;
/**
*
*/
@Schema(description = "应用类型")
private String appType;
/**
* ID
*/
@Schema(description = "用户ID")
private Long userId;
/**
*
*/
@Schema(description = "用户名称")
private String username;
/**
*
*/
@Schema(description = "账户名称")
private String account;
/**
*
*/
@Schema(description = "添加时间")
private LocalDateTime createTime;
}

66
eiam-openapi/src/main/java/cn/topiam/employee/openapi/pojo/response/app/AppPermissionActionGetResult.java Normal file
View File

@ -0,0 +1,66 @@
/*
* eiam-openapi - Employee Identity and Access Management
* Copyright © 2022-Present Jinan Yuanchuang Network Technology Co., Ltd. (support@topiam.cn)
*
* This program is free software: you can redistribute it and/or modify
* it under the terms of the GNU Affero General Public License as published by
* the Free Software Foundation, either version 3 of the License, or
* (at your option) any later version.
*
* This program is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU Affero General Public License for more details.
*
* You should have received a copy of the GNU Affero General Public License
* along with this program. If not, see <http://www.gnu.org/licenses/>.
*/
package cn.topiam.employee.openapi.pojo.response.app;
import java.io.Serializable;
import cn.topiam.employee.common.enums.PermissionActionType;
import lombok.Data;
import io.swagger.v3.oas.annotations.Parameter;
import io.swagger.v3.oas.annotations.media.Schema;
/**
*
*
* @author TopIAM
* Created by support@topiam.cn on 2020/8/26 21:45
*/
@Schema(description = "权限操作")
@Data
public class AppPermissionActionGetResult implements Serializable {
/**
* ID
*/
@Parameter(description = "ID")
private String id;
/**
*
*/
@Parameter(description = "权限名称")
private String name;
/**
*
*/
@Parameter(description = "权限值")
private String value;
/**
*
*/
@Parameter(description = "权限类型")
private PermissionActionType type;
/**
*
*/
@Parameter(description = "备注")
private String remark;
}

72
eiam-openapi/src/main/java/cn/topiam/employee/openapi/pojo/response/app/AppPermissionActionListResult.java Normal file
View File

@ -0,0 +1,72 @@
/*
* eiam-openapi - Employee Identity and Access Management
* Copyright © 2022-Present Jinan Yuanchuang Network Technology Co., Ltd. (support@topiam.cn)
*
* This program is free software: you can redistribute it and/or modify
* it under the terms of the GNU Affero General Public License as published by
* the Free Software Foundation, either version 3 of the License, or
* (at your option) any later version.
*
* This program is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU Affero General Public License for more details.
*
* You should have received a copy of the GNU Affero General Public License
* along with this program. If not, see <http://www.gnu.org/licenses/>.
*/
package cn.topiam.employee.openapi.pojo.response.app;
import java.io.Serial;
import java.io.Serializable;
import cn.topiam.employee.common.enums.PermissionActionType;
import lombok.Data;
import lombok.experimental.Accessors;
import io.swagger.v3.oas.annotations.Parameter;
import io.swagger.v3.oas.annotations.media.Schema;
/**
*
*
* @author TopIAM
* Created by support@topiam.cn on 2020/8/11 23:08
*/
@Data
@Accessors(chain = true)
@Schema(description = "查询权限列表结果")
public class AppPermissionActionListResult implements Serializable {
@Serial
private static final long serialVersionUID = 3320953184046791392L;
/**
* ID
*/
@Parameter(description = "ID")
private String id;
/**
*
*/
@Parameter(description = "权限名称")
private String name;
/**
*
*/
@Parameter(description = "权限值")
private String value;
/**
*
*/
@Parameter(description = "权限类型")
private PermissionActionType type;
/**
*
*/
@Parameter(description = "备注")
private String remark;
}

87
eiam-openapi/src/main/java/cn/topiam/employee/openapi/pojo/response/app/AppPermissionPolicyGetResult.java Normal file
View File

@ -0,0 +1,87 @@
/*
* eiam-openapi - Employee Identity and Access Management
* Copyright © 2022-Present Jinan Yuanchuang Network Technology Co., Ltd. (support@topiam.cn)
*
* This program is free software: you can redistribute it and/or modify
* it under the terms of the GNU Affero General Public License as published by
* the Free Software Foundation, either version 3 of the License, or
* (at your option) any later version.
*
* This program is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU Affero General Public License for more details.
*
* You should have received a copy of the GNU Affero General Public License
* along with this program. If not, see <http://www.gnu.org/licenses/>.
*/
package cn.topiam.employee.openapi.pojo.response.app;
import java.io.Serializable;
import cn.topiam.employee.common.enums.app.AppPolicyEffect;
import cn.topiam.employee.common.enums.app.AppPolicyObjectType;
import cn.topiam.employee.common.enums.app.AppPolicySubjectType;
import lombok.Data;
import io.swagger.v3.oas.annotations.Parameter;
import io.swagger.v3.oas.annotations.media.Schema;
/**
*
*
* @author TopIAM
* Created by support@topiam.cn on 2020/8/26 21:45
*/
@Schema(description = "获取资源结果")
@Data
public class AppPermissionPolicyGetResult implements Serializable {
/**
* ID
*/
@Parameter(description = "id")
private String id;
/**
* id
*/
@Parameter(description = "授权主体id")
private String subjectId;
/**
*
*/
@Parameter(description = "授权主体名称")
private String subjectName;
/**
*
*/
@Parameter(description = "授权主体类型")
private AppPolicySubjectType subjectType;
/**
* ID
*/
@Parameter(description = "授权客体id")
private Long objectId;
/**
*
*/
@Parameter(description = "授权客体名称")
private String objectName;
/**
*
*/
@Parameter(description = "授权客体类型")
private AppPolicyObjectType objectType;
/**
*
*/
@Parameter(description = "授权作用")
private AppPolicyEffect effect;
}

107
eiam-openapi/src/main/java/cn/topiam/employee/openapi/pojo/response/app/AppPermissionResourceGetResult.java Normal file
View File

@ -0,0 +1,107 @@
/*
* eiam-openapi - Employee Identity and Access Management
* Copyright © 2022-Present Jinan Yuanchuang Network Technology Co., Ltd. (support@topiam.cn)
*
* This program is free software: you can redistribute it and/or modify
* it under the terms of the GNU Affero General Public License as published by
* the Free Software Foundation, either version 3 of the License, or
* (at your option) any later version.
*
* This program is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU Affero General Public License for more details.
*
* You should have received a copy of the GNU Affero General Public License
* along with this program. If not, see <http://www.gnu.org/licenses/>.
*/
package cn.topiam.employee.openapi.pojo.response.app;
import java.io.Serial;
import java.io.Serializable;
import java.util.List;
import cn.topiam.employee.common.enums.PermissionActionType;
import lombok.Data;
import io.swagger.v3.oas.annotations.Hidden;
import io.swagger.v3.oas.annotations.media.Schema;
/**
*
*
* @author TopIAM
* Created by support@topiam.cn on 2020/8/26 21:45
*/
@Schema(description = "获取资源结果")
@Data
public class AppPermissionResourceGetResult implements Serializable {
/**
*
*/
@Schema(description = "资源名称")
private String name;
/**
*
*/
@Schema(description = "资源编码")
private String code;
/**
*
*/
@Schema(description = "资源描述")
private String desc;
/**
*
*/
@Schema(description = "所属应用")
private Long appId;
/**
*
*/
@Schema(description = "资源权限")
private List<AppPermissionsAction> actions;
/**
* AppPermissionsActionParam
*
* @author TopIAM
* Created by support@topiam.cn on 2022/9/1 00:18
*/
@Data
public static class AppPermissionsAction implements Serializable {
@Serial
private static final long serialVersionUID = -6391182747252245592L;
/**
* ID
*/
@Hidden
@Schema(description = "ID")
private String id;
/**
*
*/
@Schema(description = "权限类型")
private PermissionActionType type;
/**
*
*/
@Schema(description = "权限值")
private String value;
/**
*
*/
@Schema(description = "权限描述")
private String name;
}
}

71
eiam-openapi/src/main/java/cn/topiam/employee/openapi/pojo/response/app/AppPermissionResourceListResult.java Normal file
View File

@ -0,0 +1,71 @@
/*
* eiam-openapi - Employee Identity and Access Management
* Copyright © 2022-Present Jinan Yuanchuang Network Technology Co., Ltd. (support@topiam.cn)
*
* This program is free software: you can redistribute it and/or modify
* it under the terms of the GNU Affero General Public License as published by
* the Free Software Foundation, either version 3 of the License, or
* (at your option) any later version.
*
* This program is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU Affero General Public License for more details.
*
* You should have received a copy of the GNU Affero General Public License
* along with this program. If not, see <http://www.gnu.org/licenses/>.
*/
package cn.topiam.employee.openapi.pojo.response.app;
import java.io.Serial;
import java.io.Serializable;
import lombok.Data;
import lombok.experimental.Accessors;
import io.swagger.v3.oas.annotations.Parameter;
import io.swagger.v3.oas.annotations.media.Schema;
/**
*
*
* @author TopIAM
* Created by support@topiam.cn on 2020/8/11 23:08
*/
@Data
@Accessors(chain = true)
@Schema(description = "分页查询资源结果")
public class AppPermissionResourceListResult implements Serializable {
@Serial
private static final long serialVersionUID = 3320953184046791392L;
/**
* ID
*/
@Parameter(description = "id")
private String id;
/**
*
*/
@Parameter(description = "资源名称")
private String name;
/**
* code
*/
@Parameter(description = "资源编码")
private String code;
/**
*
*/
@Parameter(description = "所属应用")
private String appId;
/**
* desc
*/
@Parameter(description = "描述")
private String desc;
}

75
eiam-openapi/src/main/java/cn/topiam/employee/openapi/pojo/response/app/AppPermissionRoleListResult.java Normal file
View File

@ -0,0 +1,75 @@
/*
* eiam-openapi - Employee Identity and Access Management
* Copyright © 2022-Present Jinan Yuanchuang Network Technology Co., Ltd. (support@topiam.cn)
*
* This program is free software: you can redistribute it and/or modify
* it under the terms of the GNU Affero General Public License as published by
* the Free Software Foundation, either version 3 of the License, or
* (at your option) any later version.
*
* This program is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU Affero General Public License for more details.
*
* You should have received a copy of the GNU Affero General Public License
* along with this program. If not, see <http://www.gnu.org/licenses/>.
*/
package cn.topiam.employee.openapi.pojo.response.app;
import java.io.Serial;
import java.io.Serializable;
import lombok.Data;
import lombok.experimental.Accessors;
import io.swagger.v3.oas.annotations.Parameter;
import io.swagger.v3.oas.annotations.media.Schema;
/**
*
*
* @author TopIAM
* Created by support@topiam.cn on 2020/8/11 23:08
*/
@Data
@Accessors(chain = true)
@Schema(description = "分页查询角色结果")
public class AppPermissionRoleListResult implements Serializable {
@Serial
private static final long serialVersionUID = 3320953184046791392L;
/**
* ID
*/
@Parameter(description = "id")
private String id;
/**
*
*/
@Parameter(description = "角色名称")
private String name;
/**
*
*/
@Parameter(description = "角色编码")
private String code;
/**
*
*/
@Parameter(description = "所属应用")
private String appId;
/**
*
*/
@Parameter(description = "是否启用")
private Boolean enabled;
/**
* remark
*/
@Parameter(description = "描述")
private String remark;
}

69
eiam-openapi/src/main/java/cn/topiam/employee/openapi/pojo/response/app/AppPermissionRoleResult.java Normal file
View File

@ -0,0 +1,69 @@
/*
* eiam-openapi - Employee Identity and Access Management
* Copyright © 2022-Present Jinan Yuanchuang Network Technology Co., Ltd. (support@topiam.cn)
*
* This program is free software: you can redistribute it and/or modify
* it under the terms of the GNU Affero General Public License as published by
* the Free Software Foundation, either version 3 of the License, or
* (at your option) any later version.
*
* This program is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU Affero General Public License for more details.
*
* You should have received a copy of the GNU Affero General Public License
* along with this program. If not, see <http://www.gnu.org/licenses/>.
*/
package cn.topiam.employee.openapi.pojo.response.app;
import java.io.Serializable;
import lombok.Data;
import io.swagger.v3.oas.annotations.Parameter;
import io.swagger.v3.oas.annotations.media.Schema;
/**
*
*
* @author TopIAM
* Created by support@topiam.cn on 2020/8/26 21:45
*/
@Schema(description = "获取角色")
@Data
public class AppPermissionRoleResult implements Serializable {
/**
* id
*/
@Parameter(description = "id")
private String id;
/**
* appId
*/
@Parameter(description = "应用ID")
private String appId;
/**
*
*/
@Parameter(description = "角色名称")
private String name;
/**
*
*/
@Parameter(description = "角色编码")
private String code;
/**
*
*/
@Parameter(description = "是否启用")
private Boolean enabled;
/**
*
*/
@Parameter(description = "备注")
private String remark;
}

58
eiam-openapi/src/main/java/cn/topiam/employee/openapi/service/AppAccountService.java Normal file
View File

@ -0,0 +1,58 @@
/*
* eiam-openapi - Employee Identity and Access Management
* Copyright © 2022-Present Jinan Yuanchuang Network Technology Co., Ltd. (support@topiam.cn)
*
* This program is free software: you can redistribute it and/or modify
* it under the terms of the GNU Affero General Public License as published by
* the Free Software Foundation, either version 3 of the License, or
* (at your option) any later version.
*
* This program is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU Affero General Public License for more details.
*
* You should have received a copy of the GNU Affero General Public License
* along with this program. If not, see <http://www.gnu.org/licenses/>.
*/
package cn.topiam.employee.openapi.service;
import cn.topiam.employee.common.entity.app.query.AppAccountQuery;
import cn.topiam.employee.openapi.pojo.request.app.save.AppAccountCreateParam;
import cn.topiam.employee.openapi.pojo.response.app.AppAccountListResult;
import cn.topiam.employee.support.repository.page.domain.Page;
import cn.topiam.employee.support.repository.page.domain.PageModel;
/**
*
*
* @author TopIAM
* Created by support@topiam.cn on 2022/6/4 19:07
*/
public interface AppAccountService {
/**
*
*
* @param pageModel {@link PageModel}
* @param query {@link AppAccountQuery}
* @return {@link Page}
*/
Page<AppAccountListResult> getAppAccountList(PageModel pageModel, AppAccountQuery query);
/**
*
*
* @param param {@link AppAccountCreateParam}
* @return {@link Boolean}
*/
Boolean createAppAccount(AppAccountCreateParam param);
/**
*
*
* @param id {@link String}
* @return {@link Boolean}
*/
Boolean deleteAppAccount(String id);
}

76
eiam-openapi/src/main/java/cn/topiam/employee/openapi/service/AppPermissionActionService.java Normal file
View File

@ -0,0 +1,76 @@
/*
* eiam-openapi - Employee Identity and Access Management
* Copyright © 2022-Present Jinan Yuanchuang Network Technology Co., Ltd. (support@topiam.cn)
*
* This program is free software: you can redistribute it and/or modify
* it under the terms of the GNU Affero General Public License as published by
* the Free Software Foundation, either version 3 of the License, or
* (at your option) any later version.
*
* This program is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU Affero General Public License for more details.
*
* You should have received a copy of the GNU Affero General Public License
* along with this program. If not, see <http://www.gnu.org/licenses/>.
*/
package cn.topiam.employee.openapi.service;
import java.util.List;
import cn.topiam.employee.openapi.pojo.request.app.query.AppPermissionListQuery;
import cn.topiam.employee.openapi.pojo.request.app.save.AppPermissionActionCreateParam;
import cn.topiam.employee.openapi.pojo.request.app.update.ResourceActionUpdateParam;
import cn.topiam.employee.openapi.pojo.response.app.AppPermissionActionGetResult;
import cn.topiam.employee.openapi.pojo.response.app.AppPermissionActionListResult;
/**
* <p>
*
* </p>
*
* @author TopIAM
* Created by support@topiam.cn on 2020-08-10
*/
public interface AppPermissionActionService {
/**
*
*
* @param query {@link AppPermissionListQuery}
* @return {@link AppPermissionActionListResult}
*/
List<AppPermissionActionListResult> getPermissionActionList(AppPermissionListQuery query);
/**
*
*
* @param id {@link String}
* @return {@link AppPermissionActionGetResult}
*/
AppPermissionActionGetResult getPermissionAction(String id);
/**
*
*
* @param id {@link String}
* @return {@link Boolean}
*/
Boolean deletePermissionAction(String id);
/**
*
*
* @param param {@link AppPermissionActionCreateParam}
* @return {@link Boolean}
*/
Boolean createPermissionAction(AppPermissionActionCreateParam param);
/**
*
*
* @param param {@link ResourceActionUpdateParam}
* @return {@link Boolean}
*/
Boolean updatePermissionAction(ResourceActionUpdateParam param);
}

77
eiam-openapi/src/main/java/cn/topiam/employee/openapi/service/AppPermissionPolicyService.java Normal file
View File

@ -0,0 +1,77 @@
/*
* eiam-openapi - Employee Identity and Access Management
* Copyright © 2022-Present Jinan Yuanchuang Network Technology Co., Ltd. (support@topiam.cn)
*
* This program is free software: you can redistribute it and/or modify
* it under the terms of the GNU Affero General Public License as published by
* the Free Software Foundation, either version 3 of the License, or
* (at your option) any later version.
*
* This program is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU Affero General Public License for more details.
*
* You should have received a copy of the GNU Affero General Public License
* along with this program. If not, see <http://www.gnu.org/licenses/>.
*/
package cn.topiam.employee.openapi.service;
import cn.topiam.employee.common.entity.app.po.AppPermissionPolicyPO;
import cn.topiam.employee.openapi.pojo.request.app.query.OpenApiPolicyQuery;
import cn.topiam.employee.openapi.pojo.request.app.save.AppPermissionPolicyCreateParam;
import cn.topiam.employee.openapi.pojo.request.app.update.AppPermissionPolicyUpdateParam;
import cn.topiam.employee.openapi.pojo.response.app.AppPermissionPolicyGetResult;
import cn.topiam.employee.support.repository.page.domain.Page;
import cn.topiam.employee.support.repository.page.domain.PageModel;
/**
* <p>
*
* </p>
*
* @author TopIAM
* Created by support@topiam.cn on 2020-08-10
*/
public interface AppPermissionPolicyService {
/**
*
*
* @param page {@link PageModel}
* @param query {@link OpenApiPolicyQuery}
* @return {@link AppPermissionPolicyPO}
*/
Page<AppPermissionPolicyPO> getPermissionPolicyList(PageModel page, OpenApiPolicyQuery query);
/**
*
*
* @param id {@link String}
* @return {@link AppPermissionPolicyGetResult}
*/
AppPermissionPolicyGetResult getPermissionPolicy(String id);
/**
*
*
* @param id {@link String}
* @return {@link Boolean}
*/
Boolean deletePermissionPolicy(String id);
/**
*
*
* @param param {@link AppPermissionPolicyCreateParam}
* @return {@link Boolean}
*/
Boolean createPermissionPolicy(AppPermissionPolicyCreateParam param);
/**
*
*
* @param param {@link AppPermissionPolicyUpdateParam}
* @return {@link Boolean}
*/
Boolean updatePermissionPolicy(AppPermissionPolicyUpdateParam param);
}

90
eiam-openapi/src/main/java/cn/topiam/employee/openapi/service/AppPermissionResourceService.java Normal file
View File

@ -0,0 +1,90 @@
/*
* eiam-openapi - Employee Identity and Access Management
* Copyright © 2022-Present Jinan Yuanchuang Network Technology Co., Ltd. (support@topiam.cn)
*
* This program is free software: you can redistribute it and/or modify
* it under the terms of the GNU Affero General Public License as published by
* the Free Software Foundation, either version 3 of the License, or
* (at your option) any later version.
*
* This program is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU Affero General Public License for more details.
*
* You should have received a copy of the GNU Affero General Public License
* along with this program. If not, see <http://www.gnu.org/licenses/>.
*/
package cn.topiam.employee.openapi.service;
import cn.topiam.employee.common.enums.CheckValidityType;
import cn.topiam.employee.openapi.pojo.request.app.query.AppResourceListQuery;
import cn.topiam.employee.openapi.pojo.request.app.save.AppPermissionResourceCreateParam;
import cn.topiam.employee.openapi.pojo.request.app.update.AppPermissionResourceUpdateParam;
import cn.topiam.employee.openapi.pojo.response.app.AppPermissionResourceGetResult;
import cn.topiam.employee.openapi.pojo.response.app.AppPermissionResourceListResult;
import cn.topiam.employee.support.repository.page.domain.Page;
import cn.topiam.employee.support.repository.page.domain.PageModel;
/**
* <p>
*
* </p>
*
* @author TopIAM
* Created by support@topiam.cn on 2020-08-10
*/
public interface AppPermissionResourceService {
/**
*
*
* @param page {@link PageModel}
* @param query {@link AppResourceListQuery}
* @return {@link AppPermissionResourceListResult}
*/
Page<AppPermissionResourceListResult> getPermissionResourceList(PageModel page,
AppResourceListQuery query);
/**
*
*
* @param id {@link String}
* @return {@link AppPermissionResourceGetResult}
*/
AppPermissionResourceGetResult getPermissionResource(String id);
/**
*
*
* @param id {@link String}
* @return {@link Boolean}
*/
Boolean deletePermissionResource(String id);
/**
*
*
* @param param {@link AppPermissionResourceCreateParam}
* @return {@link Boolean}
*/
Boolean createPermissionResource(AppPermissionResourceCreateParam param);
/**
*
*
* @param param {@link AppPermissionResourceUpdateParam}
* @return {@link Boolean}
*/
Boolean updatePermissionResource(AppPermissionResourceUpdateParam param);
/**
*
*
* @param type {@link CheckValidityType}
* @param value {@link String}
* @param appId {@link Long}
* @param id {@link Long}
* @return {@link Boolean}
*/
Boolean permissionResourceParamCheck(CheckValidityType type, String value, Long appId, Long id);
}

100
eiam-openapi/src/main/java/cn/topiam/employee/openapi/service/AppPermissionRoleService.java Normal file
View File

@ -0,0 +1,100 @@
/*
* eiam-openapi - Employee Identity and Access Management
* Copyright © 2022-Present Jinan Yuanchuang Network Technology Co., Ltd. (support@topiam.cn)
*
* This program is free software: you can redistribute it and/or modify
* it under the terms of the GNU Affero General Public License as published by
* the Free Software Foundation, either version 3 of the License, or
* (at your option) any later version.
*
* This program is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU Affero General Public License for more details.
*
* You should have received a copy of the GNU Affero General Public License
* along with this program. If not, see <http://www.gnu.org/licenses/>.
*/
package cn.topiam.employee.openapi.service;
import cn.topiam.employee.common.enums.CheckValidityType;
import cn.topiam.employee.openapi.pojo.request.app.query.AppPermissionRoleListQuery;
import cn.topiam.employee.openapi.pojo.request.app.save.AppPermissionRoleCreateParam;
import cn.topiam.employee.openapi.pojo.request.app.update.PermissionRoleUpdateParam;
import cn.topiam.employee.openapi.pojo.response.app.AppPermissionRoleListResult;
import cn.topiam.employee.openapi.pojo.response.app.AppPermissionRoleResult;
import cn.topiam.employee.support.repository.page.domain.Page;
import cn.topiam.employee.support.repository.page.domain.PageModel;
/**
* <p>
*
* </p>
*
* @author TopIAM
* Created by support@topiam.cn on 2020-08-10
*/
public interface AppPermissionRoleService {
/**
*
*
* @param page {@link PageModel}
* @param query {@link AppPermissionRoleListQuery}
* @return {@link AppPermissionRoleListResult}
*/
Page<AppPermissionRoleListResult> getPermissionRoleList(PageModel page,
AppPermissionRoleListQuery query);
/**
*
*
* @param param {@link AppPermissionRoleCreateParam}
* @return {@link Boolean}
*/
boolean createPermissionRole(AppPermissionRoleCreateParam param);
/**
*
*
* @param param {@link PermissionRoleUpdateParam}
* @return {@link Boolean}
*/
boolean updatePermissionRole(PermissionRoleUpdateParam param);
/**
*
*
* @param ids {@link String}
* @return {@link Boolean}
*/
boolean deletePermissionRole(String ids);
/**
*
*
* @param id {@link Long}
* @return {@link AppPermissionRoleResult}
*/
AppPermissionRoleResult getPermissionRole(Long id);
/**
*
*
* @param type {@link CheckValidityType}
* @param value {@link String}
* @param appId {@link Long}
* @param id {@link Long}
* @return {@link Boolean}
*/
Boolean permissionRoleParamCheck(CheckValidityType type, String value, Long appId, Long id);
/**
*
*
* @param id {@link String}
* @param status {@link Boolean}
* @return {@link Boolean}
*/
Boolean updatePermissionRoleStatus(String id, Boolean status);
}

126
eiam-openapi/src/main/java/cn/topiam/employee/openapi/service/impl/AppAccountServiceImpl.java Normal file
View File

@ -0,0 +1,126 @@
/*
* eiam-openapi - Employee Identity and Access Management
* Copyright © 2022-Present Jinan Yuanchuang Network Technology Co., Ltd. (support@topiam.cn)
*
* This program is free software: you can redistribute it and/or modify
* it under the terms of the GNU Affero General Public License as published by
* the Free Software Foundation, either version 3 of the License, or
* (at your option) any later version.
*
* This program is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU Affero General Public License for more details.
*
* You should have received a copy of the GNU Affero General Public License
* along with this program. If not, see <http://www.gnu.org/licenses/>.
*/
package cn.topiam.employee.openapi.service.impl;
import java.util.Optional;
import org.springframework.data.querydsl.QPageRequest;
import org.springframework.stereotype.Service;
import org.springframework.transaction.annotation.Transactional;
import cn.topiam.employee.audit.context.AuditContext;
import cn.topiam.employee.audit.entity.Target;
import cn.topiam.employee.audit.enums.TargetType;
import cn.topiam.employee.common.entity.app.AppAccountEntity;
import cn.topiam.employee.common.entity.app.po.AppAccountPO;
import cn.topiam.employee.common.entity.app.query.AppAccountQuery;
import cn.topiam.employee.common.exception.app.AppAccountExistException;
import cn.topiam.employee.common.repository.app.AppAccountRepository;
import cn.topiam.employee.openapi.converter.app.AppAccountConverter;
import cn.topiam.employee.openapi.pojo.request.app.save.AppAccountCreateParam;
import cn.topiam.employee.openapi.pojo.response.app.AppAccountListResult;
import cn.topiam.employee.openapi.service.AppAccountService;
import cn.topiam.employee.support.exception.TopIamException;
import cn.topiam.employee.support.repository.page.domain.Page;
import cn.topiam.employee.support.repository.page.domain.PageModel;
import lombok.AllArgsConstructor;
import lombok.extern.slf4j.Slf4j;
/**
*
*
* @author TopIAM
* Created by support@topiam.cn on 2022/6/4 19:07
*/
@Service
@Slf4j
@AllArgsConstructor
public class AppAccountServiceImpl implements AppAccountService {
/**
*
*
* @param pageModel {@link PageModel}
* @param query {@link AppAccountQuery}
* @return {@link Page}
*/
@Override
public Page<AppAccountListResult> getAppAccountList(PageModel pageModel,
AppAccountQuery query) {
//分页条件
QPageRequest request = QPageRequest.of(pageModel.getCurrent(), pageModel.getPageSize());
//查询映射
org.springframework.data.domain.Page<AppAccountPO> list = appAccountRepository
.getAppAccountList(query, request);
return appAccountConverter.appAccountEntityConvertToAppAccountResult(list);
}
/**
*
*
* @param param {@link AppAccountCreateParam}
* @return {@link Boolean}
*/
@Override
@Transactional(rollbackFor = Exception.class)
public Boolean createAppAccount(AppAccountCreateParam param) {
Optional<AppAccountEntity> optional = appAccountRepository
.findByAppIdAndUserId(param.getAppId(), param.getUserId());
if (optional.isPresent()) {
throw new AppAccountExistException();
}
AppAccountEntity entity = appAccountConverter.appAccountCreateParamConvertToEntity(param);
appAccountRepository.save(entity);
AuditContext.setTarget(Target.builder().id(entity.getId().toString())
.type(TargetType.APPLICATION_ACCOUNT).build());
return true;
}
/**
*
*
* @param id {@link Long}
* @return {@link String}
*/
@Override
@Transactional(rollbackFor = Exception.class)
public Boolean deleteAppAccount(String id) {
Optional<AppAccountEntity> optional = appAccountRepository.findById(Long.valueOf(id));
//管理员不存在
if (optional.isEmpty()) {
AuditContext.setContent("删除失败,应用账户不存在");
log.warn(AuditContext.getContent());
throw new TopIamException(AuditContext.getContent());
}
appAccountRepository.deleteById(Long.valueOf(id));
AuditContext
.setTarget(Target.builder().id(id).type(TargetType.APPLICATION_ACCOUNT).build());
return true;
}
/**
* AppAccountConverter
*/
private final AppAccountConverter appAccountConverter;
/**
* AppAccountRepository
*/
private final AppAccountRepository appAccountRepository;
}

99
eiam-openapi/src/main/java/cn/topiam/employee/openapi/service/impl/AppPermissionActionServiceImpl.java Normal file
View File

@ -0,0 +1,99 @@
/*
* eiam-openapi - Employee Identity and Access Management
* Copyright © 2022-Present Jinan Yuanchuang Network Technology Co., Ltd. (support@topiam.cn)
*
* This program is free software: you can redistribute it and/or modify
* it under the terms of the GNU Affero General Public License as published by
* the Free Software Foundation, either version 3 of the License, or
* (at your option) any later version.
*
* This program is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU Affero General Public License for more details.
*
* You should have received a copy of the GNU Affero General Public License
* along with this program. If not, see <http://www.gnu.org/licenses/>.
*/
package cn.topiam.employee.openapi.service.impl;
import java.util.List;
import org.springframework.stereotype.Service;
import cn.topiam.employee.openapi.pojo.request.app.query.AppPermissionListQuery;
import cn.topiam.employee.openapi.pojo.request.app.save.AppPermissionActionCreateParam;
import cn.topiam.employee.openapi.pojo.request.app.update.ResourceActionUpdateParam;
import cn.topiam.employee.openapi.pojo.response.app.AppPermissionActionGetResult;
import cn.topiam.employee.openapi.pojo.response.app.AppPermissionActionListResult;
import cn.topiam.employee.openapi.service.AppPermissionActionService;
import lombok.RequiredArgsConstructor;
/**
* <p>
*
* </p>
*
* @author TopIAM
* Created by support@topiam.cn on 2020-08-10
*/
@Service
@RequiredArgsConstructor
public class AppPermissionActionServiceImpl implements AppPermissionActionService {
/**
*
*
* @param query {@link AppPermissionListQuery}
* @return {@link AppPermissionActionListResult}
*/
@Override
public List<AppPermissionActionListResult> getPermissionActionList(AppPermissionListQuery query) {
return null;
}
/**
*
*
* @param id {@link String}
* @return {@link AppPermissionActionGetResult}
*/
@Override
public AppPermissionActionGetResult getPermissionAction(String id) {
return null;
}
/**
*
*
* @param id {@link String}
* @return {@link Boolean}
*/
@Override
public Boolean deletePermissionAction(String id) {
return null;
}
/**
*
*
* @param param {@link AppPermissionActionCreateParam}
* @return {@link Boolean}
*/
@Override
public Boolean createPermissionAction(AppPermissionActionCreateParam param) {
return null;
}
/**
*
*
* @param param {@link ResourceActionUpdateParam}
* @return {@link Boolean}
*/
@Override
public Boolean updatePermissionAction(ResourceActionUpdateParam param) {
return null;
}
}

136
eiam-openapi/src/main/java/cn/topiam/employee/openapi/service/impl/AppPermissionPolicyServiceImpl.java Normal file
View File

@ -0,0 +1,136 @@
/*
* eiam-openapi - Employee Identity and Access Management
* Copyright © 2022-Present Jinan Yuanchuang Network Technology Co., Ltd. (support@topiam.cn)
*
* This program is free software: you can redistribute it and/or modify
* it under the terms of the GNU Affero General Public License as published by
* the Free Software Foundation, either version 3 of the License, or
* (at your option) any later version.
*
* This program is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU Affero General Public License for more details.
*
* You should have received a copy of the GNU Affero General Public License
* along with this program. If not, see <http://www.gnu.org/licenses/>.
*/
package cn.topiam.employee.openapi.service.impl;
import org.springframework.data.querydsl.QPageRequest;
import org.springframework.stereotype.Service;
import org.springframework.transaction.annotation.Transactional;
import cn.topiam.employee.common.entity.app.AppPermissionPolicyEntity;
import cn.topiam.employee.common.entity.app.po.AppPermissionPolicyPO;
import cn.topiam.employee.common.entity.app.query.AppPolicyQuery;
import cn.topiam.employee.common.exception.app.AppPolicyNotExistException;
import cn.topiam.employee.common.repository.app.AppPermissionPolicyRepository;
import cn.topiam.employee.openapi.converter.app.AppPermissionPolicyConverter;
import cn.topiam.employee.openapi.pojo.request.app.query.OpenApiPolicyQuery;
import cn.topiam.employee.openapi.pojo.request.app.save.AppPermissionPolicyCreateParam;
import cn.topiam.employee.openapi.pojo.request.app.update.AppPermissionPolicyUpdateParam;
import cn.topiam.employee.openapi.pojo.response.app.AppPermissionPolicyGetResult;
import cn.topiam.employee.openapi.service.AppPermissionPolicyService;
import cn.topiam.employee.support.repository.page.domain.Page;
import cn.topiam.employee.support.repository.page.domain.PageModel;
import lombok.RequiredArgsConstructor;
/**
* <p>
*
* </p>
*
* @author TopIAM
* Created by support@topiam.cn on 2020-08-10
*/
@Service
@RequiredArgsConstructor
public class AppPermissionPolicyServiceImpl implements AppPermissionPolicyService {
/**
*
*
* @param page {@link PageModel}
* @param query {@link OpenApiPolicyQuery}
* @return {@link AppPermissionPolicyPO}
*/
@Override
public Page<AppPermissionPolicyPO> getPermissionPolicyList(PageModel page,
OpenApiPolicyQuery query) {
AppPolicyQuery appPolicyQuery = new AppPolicyQuery();
// TODO token获取所属应用
// appPolicyQuery.setAppId(0L);
appPolicyQuery.setEffect(query.getEffect());
appPolicyQuery.setSubjectId(query.getSubjectId());
appPolicyQuery.setObjectId(query.getObjectId());
appPolicyQuery.setSubjectType(query.getSubjectType());
appPolicyQuery.setObjectType(query.getObjectType());
QPageRequest request = QPageRequest.of(page.getCurrent(), page.getPageSize());
org.springframework.data.domain.Page<AppPermissionPolicyPO> data = appPermissionPolicyRepository
.findPage(appPolicyQuery, request);
return appPermissionPolicyConverter.entityConvertToPolicyListResult(data);
}
/**
*
*
* @param id {@link String}
* @return {@link AppPermissionPolicyGetResult}
*/
@Override
public AppPermissionPolicyGetResult getPermissionPolicy(String id) {
return null;
}
/**
*
*
* @param id {@link String}
* @return {@link Boolean}
*/
@Override
public Boolean deletePermissionPolicy(String id) {
Long policyId = Long.valueOf(id);
appPermissionPolicyRepository.findById(policyId)
.orElseThrow(AppPolicyNotExistException::new);
appPermissionPolicyRepository.deleteById(policyId);
return true;
}
/**
*
*
* @param param {@link AppPermissionPolicyCreateParam}
* @return {@link Boolean}
*/
@Override
@Transactional(rollbackFor = Exception.class)
public Boolean createPermissionPolicy(AppPermissionPolicyCreateParam param) {
AppPermissionPolicyEntity resource = appPermissionPolicyConverter
.policyCreateParamConvertToEntity(param);
// 新增策略
appPermissionPolicyRepository.save(resource);
return true;
}
/**
*
*
* @param param {@link AppPermissionPolicyUpdateParam}
* @return {@link Boolean}
*/
@Override
public Boolean updatePermissionPolicy(AppPermissionPolicyUpdateParam param) {
AppPermissionPolicyEntity resource = appPermissionPolicyConverter
.policyUpdateParamConvertToEntity(param);
// 更新策略
appPermissionPolicyRepository.save(resource);
return null;
}
private final AppPermissionPolicyConverter appPermissionPolicyConverter;
private final AppPermissionPolicyRepository appPermissionPolicyRepository;
}

241
eiam-openapi/src/main/java/cn/topiam/employee/openapi/service/impl/AppPermissionResourceServiceImpl.java Normal file
View File

@ -0,0 +1,241 @@
/*
* eiam-openapi - Employee Identity and Access Management
* Copyright © 2022-Present Jinan Yuanchuang Network Technology Co., Ltd. (support@topiam.cn)
*
* This program is free software: you can redistribute it and/or modify
* it under the terms of the GNU Affero General Public License as published by
* the Free Software Foundation, either version 3 of the License, or
* (at your option) any later version.
*
* This program is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU Affero General Public License for more details.
*
* You should have received a copy of the GNU Affero General Public License
* along with this program. If not, see <http://www.gnu.org/licenses/>.
*/
package cn.topiam.employee.openapi.service.impl;
import java.util.ArrayList;
import java.util.List;
import java.util.Objects;
import java.util.Set;
import java.util.stream.Collectors;
import org.apache.commons.lang3.StringUtils;
import org.springframework.data.querydsl.QPageRequest;
import org.springframework.stereotype.Service;
import org.springframework.transaction.annotation.Transactional;
import com.querydsl.core.types.Predicate;
import com.querydsl.core.types.dsl.BooleanExpression;
import cn.topiam.employee.common.entity.app.AppPermissionActionEntity;
import cn.topiam.employee.common.entity.app.AppPermissionResourceEntity;
import cn.topiam.employee.common.entity.app.QAppPermissionResourceEntity;
import cn.topiam.employee.common.enums.CheckValidityType;
import cn.topiam.employee.common.exception.app.AppResourceNotExistException;
import cn.topiam.employee.common.repository.app.AppPermissionActionRepository;
import cn.topiam.employee.common.repository.app.AppPermissionPolicyRepository;
import cn.topiam.employee.common.repository.app.AppPermissionResourceRepository;
import cn.topiam.employee.openapi.converter.app.AppPermissionResourceConverter;
import cn.topiam.employee.openapi.pojo.request.app.AppPermissionsActionParam;
import cn.topiam.employee.openapi.pojo.request.app.query.AppResourceListQuery;
import cn.topiam.employee.openapi.pojo.request.app.query.OpenApiPolicyQuery;
import cn.topiam.employee.openapi.pojo.request.app.save.AppPermissionResourceCreateParam;
import cn.topiam.employee.openapi.pojo.request.app.update.AppPermissionResourceUpdateParam;
import cn.topiam.employee.openapi.pojo.response.app.AppPermissionResourceGetResult;
import cn.topiam.employee.openapi.pojo.response.app.AppPermissionResourceListResult;
import cn.topiam.employee.openapi.service.AppPermissionResourceService;
import cn.topiam.employee.support.repository.page.domain.Page;
import cn.topiam.employee.support.repository.page.domain.PageModel;
import lombok.RequiredArgsConstructor;
/**
* <p>
*
* </p>
*
* @author TopIAM
* Created by support@topiam.cn on 2020-08-10
*/
@Service
@RequiredArgsConstructor
public class AppPermissionResourceServiceImpl implements AppPermissionResourceService {
/**
*
*
* @param page {@link PageModel}
* @param query {@link OpenApiPolicyQuery}
* @return {@link AppPermissionResourceListResult}
*/
@Override
public Page<AppPermissionResourceListResult> getPermissionResourceList(PageModel page,
AppResourceListQuery query) {
org.springframework.data.domain.Page<AppPermissionResourceEntity> data;
Predicate predicate = appPermissionResourceConverter
.resourcePaginationParamConvertToPredicate(query);
QPageRequest request = QPageRequest.of(page.getCurrent(), page.getPageSize());
data = appResourceRepository.findAll(predicate, request);
return appPermissionResourceConverter.entityConvertToResourceListResult(data);
}
/**
*
*
* @param id {@link String}
* @return {@link AppPermissionResourceGetResult}
*/
@Override
public AppPermissionResourceGetResult getPermissionResource(String id) {
AppPermissionResourceEntity resource = appResourceRepository.findById(Long.valueOf(id))
.orElseThrow(AppResourceNotExistException::new);
return appPermissionResourceConverter.entityConvertToResourceGetResult(resource);
}
/**
*
*
* @param id {@link String}
* @return {@link Boolean}
*/
@Override
@Transactional(rollbackFor = Exception.class)
public Boolean deletePermissionResource(String id) {
Long resourceId = Long.valueOf(id);
AppPermissionResourceEntity resource = appResourceRepository.findById(resourceId)
.orElseThrow(AppResourceNotExistException::new);
List<AppPermissionActionEntity> actionList = appPermissionActionRepository
.findAllByResource(resource);
List<Long> objectIdList = new ArrayList<>(
actionList.stream().map(AppPermissionActionEntity::getId).toList());
objectIdList.add(resourceId);
appPermissionPolicyRepository.deleteAllByObjectIdIn(objectIdList);
appResourceRepository.deleteById(resourceId);
return true;
}
/**
*
*
* @param param {@link AppPermissionResourceCreateParam}
* @return {@link Boolean}
*/
@Override
@Transactional(rollbackFor = Exception.class)
public Boolean createPermissionResource(AppPermissionResourceCreateParam param) {
AppPermissionResourceEntity resource = appPermissionResourceConverter
.resourceCreateParamConvertToEntity(param);
buildActions(param.getActions(), resource);
// 新增资源
appResourceRepository.save(resource);
return true;
}
/**
*
*
* @param param {@link AppPermissionResourceUpdateParam}
* @return {@link Boolean}
*/
@Override
@Transactional(rollbackFor = Exception.class)
public Boolean updatePermissionResource(AppPermissionResourceUpdateParam param) {
AppPermissionResourceEntity resource = appPermissionResourceConverter
.resourceUpdateParamConvertToEntity(param);
buildActions(param.getActions(), resource);
// 查询资源下所有权限
List<AppPermissionActionEntity> actionList = appPermissionActionRepository
.findAllByResource(resource);
// 取出未删除的权限id
Set<Long> reservedSet = resource.getActions().stream().map(AppPermissionActionEntity::getId)
.collect(Collectors.toSet());
// 过滤要删除的权限id
List<Long> removeActions = actionList.stream()
.filter(item -> reservedSet.contains(item.getId()))
.map(AppPermissionActionEntity::getId).toList();
appPermissionPolicyRepository.deleteAllByObjectIdIn(removeActions);
// 更新资源
appResourceRepository.save(resource);
return true;
}
/**
*
*
* @param type {@link CheckValidityType}
* @param value {@link String}
* @param appId {@link Long}
* @param id {@link Long}
* @return {@link Boolean}
*/
@SuppressWarnings("DuplicatedCode")
@Override
public Boolean permissionResourceParamCheck(CheckValidityType type, String value, Long appId,
Long id) {
QAppPermissionResourceEntity role = QAppPermissionResourceEntity.appPermissionResourceEntity;
AppPermissionResourceEntity entity = new AppPermissionResourceEntity();
boolean result = false;
// ID存在说明是修改操作查询一下当前数据
if (Objects.nonNull(id)) {
entity = appResourceRepository.findById(id)
.orElseThrow(AppResourceNotExistException::new);
}
//资源名称
if (CheckValidityType.NAME.equals(type)) {
if (StringUtils.equals(entity.getName(), value)) {
return true;
}
BooleanExpression eq = role.name.eq(value);
eq.and(role.appId.eq(appId));
result = !appResourceRepository.exists(eq);
}
//资源编码
if (CheckValidityType.CODE.equals(type)) {
if (StringUtils.equals(entity.getCode(), value)) {
return true;
}
BooleanExpression eq = role.code.eq(value);
eq.and(role.appId.eq(appId));
result = !appResourceRepository.exists(eq);
}
return result;
}
/**
* actions
*
* @param permissions {@link List<AppPermissionsActionParam>}
* @param resource {@link AppPermissionResourceEntity>}
*/
private void buildActions(List<AppPermissionsActionParam> permissions,
AppPermissionResourceEntity resource) {
// 权限
List<AppPermissionActionEntity> list = new ArrayList<>();
for (AppPermissionsActionParam p : permissions) {
AppPermissionActionEntity entity = new AppPermissionActionEntity();
entity.setResource(resource);
entity.setType(p.getType());
entity.setName(p.getName());
//API需要单独处理
entity.setValue(p.getValue());
list.add(entity);
}
resource.setActions(list);
}
private final AppPermissionResourceConverter appPermissionResourceConverter;
private final AppPermissionResourceRepository appResourceRepository;
/**
* PolicyRepository
*/
private final AppPermissionPolicyRepository appPermissionPolicyRepository;
/**
* ActionRepository
*/
private final AppPermissionActionRepository appPermissionActionRepository;
}

211
eiam-openapi/src/main/java/cn/topiam/employee/openapi/service/impl/AppPermissionRoleServiceImpl.java Normal file
View File

@ -0,0 +1,211 @@
/*
* eiam-openapi - Employee Identity and Access Management
* Copyright © 2022-Present Jinan Yuanchuang Network Technology Co., Ltd. (support@topiam.cn)
*
* This program is free software: you can redistribute it and/or modify
* it under the terms of the GNU Affero General Public License as published by
* the Free Software Foundation, either version 3 of the License, or
* (at your option) any later version.
*
* This program is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU Affero General Public License for more details.
*
* You should have received a copy of the GNU Affero General Public License
* along with this program. If not, see <http://www.gnu.org/licenses/>.
*/
package cn.topiam.employee.openapi.service.impl;
import java.util.Arrays;
import java.util.List;
import java.util.Objects;
import java.util.Optional;
import org.apache.commons.lang3.StringUtils;
import org.springframework.data.querydsl.QPageRequest;
import org.springframework.stereotype.Service;
import org.springframework.transaction.annotation.Transactional;
import com.querydsl.core.types.Predicate;
import com.querydsl.core.types.dsl.BooleanExpression;
import cn.topiam.employee.common.entity.app.AppPermissionRoleEntity;
import cn.topiam.employee.common.entity.app.QAppPermissionRoleEntity;
import cn.topiam.employee.common.enums.CheckValidityType;
import cn.topiam.employee.common.exception.app.AppRoleNotExistException;
import cn.topiam.employee.common.repository.app.AppPermissionPolicyRepository;
import cn.topiam.employee.common.repository.app.AppPermissionRoleRepository;
import cn.topiam.employee.openapi.converter.app.AppPermissionRoleConverter;
import cn.topiam.employee.openapi.pojo.request.app.query.AppPermissionRoleListQuery;
import cn.topiam.employee.openapi.pojo.request.app.save.AppPermissionRoleCreateParam;
import cn.topiam.employee.openapi.pojo.request.app.update.PermissionRoleUpdateParam;
import cn.topiam.employee.openapi.pojo.response.app.AppPermissionRoleListResult;
import cn.topiam.employee.openapi.pojo.response.app.AppPermissionRoleResult;
import cn.topiam.employee.openapi.service.AppPermissionRoleService;
import cn.topiam.employee.support.repository.page.domain.Page;
import cn.topiam.employee.support.repository.page.domain.PageModel;
import cn.topiam.employee.support.util.BeanUtils;
import lombok.RequiredArgsConstructor;
import static cn.topiam.employee.support.repository.domain.BaseEntity.LAST_MODIFIED_BY;
import static cn.topiam.employee.support.repository.domain.BaseEntity.LAST_MODIFIED_TIME;
/**
* <p>
*
* </p>
*
* @author TopIAM
* Created by support@topiam.cn on 2020-08-10
*/
@Service
@RequiredArgsConstructor
public class AppPermissionRoleServiceImpl implements AppPermissionRoleService {
/**
*
*
* @param page {@link PageModel}
* @return {@link AppPermissionRoleListResult}
*/
@Override
public Page<AppPermissionRoleListResult> getPermissionRoleList(PageModel page,
AppPermissionRoleListQuery query) {
org.springframework.data.domain.Page<AppPermissionRoleEntity> data;
Predicate predicate = appPermissionRoleConverter
.rolePaginationParamConvertToPredicate(query);
QPageRequest request = QPageRequest.of(page.getCurrent(), page.getPageSize());
data = appPermissionRoleRepository.findAll(predicate, request);
return appPermissionRoleConverter.entityConvertToRolePaginationResult(data);
}
/**
*
*
* @param param {@link AppPermissionRoleCreateParam}
* @return {@link Boolean}
*/
@Override
public boolean createPermissionRole(AppPermissionRoleCreateParam param) {
AppPermissionRoleEntity entity = appPermissionRoleConverter
.roleCreateParamConvertToEntity(param);
appPermissionRoleRepository.save(entity);
return true;
}
/**
* @param param {@link PermissionRoleUpdateParam}
* @return {@link Boolean}
*/
@Override
public boolean updatePermissionRole(PermissionRoleUpdateParam param) {
AppPermissionRoleEntity source = appPermissionRoleConverter
.roleUpdateParamConvertToEntity(param);
AppPermissionRoleEntity target = appPermissionRoleRepository
.findById(Long.valueOf(param.getId())).orElseThrow(AppRoleNotExistException::new);
BeanUtils.merge(source, target, LAST_MODIFIED_TIME, LAST_MODIFIED_BY);
appPermissionRoleRepository.save(target);
return true;
}
/**
*
*
* @param ids {@link String}
* @return {@link Boolean}
*/
@Override
@Transactional(rollbackFor = Exception.class)
public boolean deletePermissionRole(String ids) {
List<String> idList = Arrays.stream(ids.split(",")).toList();
List<Long> longIds = idList.stream().map(Long::parseLong).toList();
appPermissionRoleRepository.deleteAllById(longIds);
// 删除对应策略
appPermissionPolicyRepository.deleteAllBySubjectIdIn(idList);
appPermissionPolicyRepository.deleteAllByObjectIdIn(longIds);
return true;
}
/**
*
*
* @param id {@link Long}
* @return {@link AppPermissionRoleResult}
*/
@Override
public AppPermissionRoleResult getPermissionRole(Long id) {
//查询
Optional<AppPermissionRoleEntity> entity = appPermissionRoleRepository.findById(id);
//映射
return appPermissionRoleConverter.entityConvertToRoleDetailResult(entity.orElse(null));
}
/**
*
*
* @param type {@link CheckValidityType}
* @param value {@link String}
* @param id {@link Long}
* @param appId {@link Long}
* @return {@link Boolean}
*/
@SuppressWarnings("DuplicatedCode")
@Override
public Boolean permissionRoleParamCheck(CheckValidityType type, String value, Long appId,
Long id) {
QAppPermissionRoleEntity role = QAppPermissionRoleEntity.appPermissionRoleEntity;
AppPermissionRoleEntity entity = new AppPermissionRoleEntity();
boolean result = false;
// ID存在说明是修改操作查询一下当前数据
if (Objects.nonNull(id)) {
entity = appPermissionRoleRepository.findById(id)
.orElseThrow(AppRoleNotExistException::new);
}
//角色编码
if (CheckValidityType.CODE.equals(type)) {
if (StringUtils.equals(entity.getCode(), value)) {
return true;
}
BooleanExpression eq = role.code.eq(value);
eq.and(role.appId.eq(appId));
result = !appPermissionRoleRepository.exists(eq);
}
//角色名称
if (CheckValidityType.NAME.equals(type)) {
if (StringUtils.equals(entity.getName(), value)) {
return true;
}
BooleanExpression eq = role.name.eq(value);
eq.and(role.appId.eq(appId));
result = !appPermissionRoleRepository.exists(eq);
}
return result;
}
/**
*
*
* @param id {@link String}
* @param status {@link Boolean}
* @return {@link Boolean}
*/
@Override
public Boolean updatePermissionRoleStatus(String id, Boolean status) {
appPermissionRoleRepository.updateStatus(id, status);
return true;
}
/**
*
*/
private final AppPermissionRoleConverter appPermissionRoleConverter;
/**
* RoleRepository
*/
private final AppPermissionRoleRepository appPermissionRoleRepository;
/**
* PolicyRepository
*/
private final AppPermissionPolicyRepository appPermissionPolicyRepository;
}

105
eiam-portal/src/main/java/cn/topiam/employee/portal/controller/AppAccountController.java Normal file
View File

@ -0,0 +1,105 @@
/*
* eiam-portal - Employee Identity and Access Management
* Copyright © 2022-Present Jinan Yuanchuang Network Technology Co., Ltd. (support@topiam.cn)
*
* This program is free software: you can redistribute it and/or modify
* it under the terms of the GNU Affero General Public License as published by
* the Free Software Foundation, either version 3 of the License, or
* (at your option) any later version.
*
* This program is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU Affero General Public License for more details.
*
* You should have received a copy of the GNU Affero General Public License
* along with this program. If not, see <http://www.gnu.org/licenses/>.
*/
package cn.topiam.employee.portal.controller;
import org.springframework.http.MediaType;
import org.springframework.security.access.prepost.PreAuthorize;
import org.springframework.validation.annotation.Validated;
import org.springframework.web.bind.annotation.*;
import cn.topiam.employee.application.AppAccount;
import cn.topiam.employee.audit.annotation.Audit;
import cn.topiam.employee.audit.event.type.EventType;
import cn.topiam.employee.portal.pojo.request.AppAccountRequest;
import cn.topiam.employee.portal.service.AppAccountService;
import cn.topiam.employee.support.lock.Lock;
import cn.topiam.employee.support.preview.Preview;
import cn.topiam.employee.support.result.ApiRestResult;
import lombok.AllArgsConstructor;
import io.swagger.v3.oas.annotations.Operation;
import io.swagger.v3.oas.annotations.tags.Tag;
import static cn.topiam.employee.common.constant.AppConstants.APP_PATH;
/**
*
*
* @author TopIAM
* Created by support@topiam.cn on 2022/6/4 21:06
*/
@Validated
@Tag(name = "应用账户")
@RestController
@AllArgsConstructor
@RequestMapping(value = APP_PATH + "/account", produces = MediaType.APPLICATION_JSON_VALUE)
public class AppAccountController {
/**
*
*
* @param appId {@link String}
* @return {@link }
*/
@Operation(summary = "获取应用账户")
@GetMapping("/appId/{appId}")
public ApiRestResult<AppAccount> getAppAccountList(@PathVariable String appId) {
AppAccount appAccount = appAccountService.getAppAccount(Long.valueOf(appId));
return ApiRestResult.ok(appAccount);
}
/**
*
*
* @param param {@link AppAccountRequest}
* @return {@link Boolean}
*/
@Lock
@Preview
@Operation(summary = "创建应用账户")
@Audit(type = EventType.ADD_APP_ACCOUNT)
@PostMapping(value = "/create")
@PreAuthorize(value = "authenticated and @sae.hasAuthority(T(cn.topiam.employee.support.security.userdetails.UserType).ADMIN)")
public ApiRestResult<Boolean> createAppAccount(@RequestBody @Validated AppAccountRequest param) {
return ApiRestResult.<Boolean> builder().result(appAccountService.createAppAccount(param))
.build();
}
/**
*
*
* @param id {@link String}
* @return {@link Boolean}
*/
@Lock
@Preview
@Operation(summary = "删除应用账户")
@Audit(type = EventType.DELETE_APP_ACCOUNT)
@DeleteMapping(value = "/delete/{id}")
@PreAuthorize(value = "authenticated and @sae.hasAuthority(T(cn.topiam.employee.support.security.userdetails.UserType).ADMIN)")
public ApiRestResult<Boolean> deleteAppAccount(@PathVariable(value = "id") String id) {
return ApiRestResult.<Boolean> builder().result(appAccountService.deleteAppAccount(id))
.build();
}
/**
* AppAccountService
*/
private final AppAccountService appAccountService;
}

51
eiam-portal/src/main/java/cn/topiam/employee/portal/converter/AppAccountConverter.java Normal file
View File

@ -0,0 +1,51 @@
/*
* eiam-portal - Employee Identity and Access Management
* Copyright © 2022-Present Jinan Yuanchuang Network Technology Co., Ltd. (support@topiam.cn)
*
* This program is free software: you can redistribute it and/or modify
* it under the terms of the GNU Affero General Public License as published by
* the Free Software Foundation, either version 3 of the License, or
* (at your option) any later version.
*
* This program is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU Affero General Public License for more details.
*
* You should have received a copy of the GNU Affero General Public License
* along with this program. If not, see <http://www.gnu.org/licenses/>.
*/
package cn.topiam.employee.portal.converter;
import org.mapstruct.Mapper;
import org.mapstruct.Mapping;
import cn.topiam.employee.common.entity.app.AppAccountEntity;
import cn.topiam.employee.portal.pojo.request.AppAccountRequest;
/**
*
*
* @author TopIAM
* Created by support@topiam.cn on 2023/8/25 21:08
*/
@Mapper(componentModel = "spring")
public interface AppAccountConverter {
/**
*
*
* @param param {@link AppAccountRequest}
* @return {@link AppAccountEntity}
*/
@Mapping(target = "userId", ignore = true)
@Mapping(target = "deleted", ignore = true)
@Mapping(target = "remark", ignore = true)
@Mapping(target = "id", ignore = true)
@Mapping(target = "updateTime", ignore = true)
@Mapping(target = "updateBy", ignore = true)
@Mapping(target = "createTime", ignore = true)
@Mapping(target = "createBy", ignore = true)
AppAccountEntity appAccountRequestConvertToEntity(AppAccountRequest param);
}

55
eiam-portal/src/main/java/cn/topiam/employee/portal/pojo/request/AppAccountRequest.java Normal file
View File

@ -0,0 +1,55 @@
/*
* eiam-portal - Employee Identity and Access Management
* Copyright © 2022-Present Jinan Yuanchuang Network Technology Co., Ltd. (support@topiam.cn)
*
* This program is free software: you can redistribute it and/or modify
* it under the terms of the GNU Affero General Public License as published by
* the Free Software Foundation, either version 3 of the License, or
* (at your option) any later version.
*
* This program is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU Affero General Public License for more details.
*
* You should have received a copy of the GNU Affero General Public License
* along with this program. If not, see <http://www.gnu.org/licenses/>.
*/
package cn.topiam.employee.portal.pojo.request;
import lombok.Data;
import io.swagger.v3.oas.annotations.media.Schema;
import jakarta.validation.constraints.NotBlank;
import jakarta.validation.constraints.NotNull;
/**
* AppAccountRequest
*
* @author TopIAM
* Created by support@topiam.cn on 2023/8/25 22:13
*/
@Data
@Schema(description = "应用账户新增入参")
public class AppAccountRequest {
/**
* ID
*/
@Schema(description = "应用ID")
@NotNull(message = "应用ID不能为空")
private Long appId;
/**
*
*/
@Schema(description = "账户名称")
@NotBlank(message = "账户名称不能为空")
private String account;
/**
*
*/
@Schema(description = "账户密码")
private String password;
}

53
eiam-portal/src/main/java/cn/topiam/employee/portal/service/AppAccountService.java Normal file
View File

@ -0,0 +1,53 @@
/*
* eiam-portal - Employee Identity and Access Management
* Copyright © 2022-Present Jinan Yuanchuang Network Technology Co., Ltd. (support@topiam.cn)
*
* This program is free software: you can redistribute it and/or modify
* it under the terms of the GNU Affero General Public License as published by
* the Free Software Foundation, either version 3 of the License, or
* (at your option) any later version.
*
* This program is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU Affero General Public License for more details.
*
* You should have received a copy of the GNU Affero General Public License
* along with this program. If not, see <http://www.gnu.org/licenses/>.
*/
package cn.topiam.employee.portal.service;
import cn.topiam.employee.application.AppAccount;
import cn.topiam.employee.portal.pojo.request.AppAccountRequest;
/**
*
*
* @author TopIAM
* Created by support@topiam.cn on 2023/8/25 21:07
*/
public interface AppAccountService {
/**
*
*
* @param param {@link AppAccountRequest}
* @return {@link Boolean}
*/
Boolean createAppAccount(AppAccountRequest param);
/**
*
*
* @param id {@link String}
* @return {@link Boolean}
*/
Boolean deleteAppAccount(String id);
/**
*
* @param appId {@link Long}
* @return {@link AppAccount}
*/
AppAccount getAppAccount(Long appId);
}

134
eiam-portal/src/main/java/cn/topiam/employee/portal/service/impl/AppAccountServiceImpl.java Normal file
View File

@ -0,0 +1,134 @@
/*
* eiam-portal - Employee Identity and Access Management
* Copyright © 2022-Present Jinan Yuanchuang Network Technology Co., Ltd. (support@topiam.cn)
*
* This program is free software: you can redistribute it and/or modify
* it under the terms of the GNU Affero General Public License as published by
* the Free Software Foundation, either version 3 of the License, or
* (at your option) any later version.
*
* This program is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU Affero General Public License for more details.
*
* You should have received a copy of the GNU Affero General Public License
* along with this program. If not, see <http://www.gnu.org/licenses/>.
*/
package cn.topiam.employee.portal.service.impl;
import java.nio.charset.StandardCharsets;
import java.util.Optional;
import org.apache.commons.codec.binary.Base64;
import org.springframework.stereotype.Service;
import org.springframework.transaction.annotation.Transactional;
import com.alibaba.excel.util.StringUtils;
import cn.topiam.employee.application.AppAccount;
import cn.topiam.employee.audit.context.AuditContext;
import cn.topiam.employee.audit.entity.Target;
import cn.topiam.employee.audit.enums.TargetType;
import cn.topiam.employee.common.entity.app.AppAccountEntity;
import cn.topiam.employee.common.exception.app.AppAccountExistException;
import cn.topiam.employee.common.jackjson.encrypt.EncryptContextHelp;
import cn.topiam.employee.common.repository.app.AppAccountRepository;
import cn.topiam.employee.portal.converter.AppAccountConverter;
import cn.topiam.employee.portal.pojo.request.AppAccountRequest;
import cn.topiam.employee.portal.service.AppAccountService;
import cn.topiam.employee.support.exception.TopIamException;
import cn.topiam.employee.support.security.util.SecurityUtils;
import lombok.AllArgsConstructor;
import lombok.extern.slf4j.Slf4j;
/**
*
*
* @author TopIAM
* Created by support@topiam.cn on 2023/8/25 21:07
*/
@Service
@Slf4j
@AllArgsConstructor
public class AppAccountServiceImpl implements AppAccountService {
/**
*
*
* @param param {@link AppAccountRequest}
* @return {@link Boolean}
*/
@Override
@Transactional(rollbackFor = Exception.class)
public Boolean createAppAccount(AppAccountRequest param) {
Optional<AppAccountEntity> optional = appAccountRepository
.findByAppIdAndUserId(param.getAppId(), Long.valueOf(SecurityUtils.getCurrentUserId()));
if (optional.isPresent()) {
throw new AppAccountExistException();
}
AppAccountEntity entity = appAccountConverter.appAccountRequestConvertToEntity(param);
//密码不为空
if (!StringUtils.isBlank(param.getPassword())) {
Base64 base64 = new Base64();
String password = new String(base64.decode(param.getPassword()),
StandardCharsets.UTF_8);
entity.setPassword(EncryptContextHelp.encrypt(password));
}
appAccountRepository.save(entity);
AuditContext.setTarget(
Target.builder().id(entity.getUserId().toString()).type(TargetType.USER).build(),
Target.builder().id(entity.getAccount()).type(TargetType.APPLICATION_ACCOUNT).build(),
Target.builder().id(entity.getAppId().toString()).type(TargetType.APPLICATION).build());
return true;
}
/**
*
*
* @param id {@link Long}
* @return {@link String}
*/
@Override
@Transactional(rollbackFor = Exception.class)
public Boolean deleteAppAccount(String id) {
Optional<AppAccountEntity> optional = appAccountRepository.findById(Long.valueOf(id));
//管理员不存在
if (optional.isEmpty()) {
AuditContext.setContent("删除失败,应用账户不存在");
log.warn(AuditContext.getContent());
throw new TopIamException(AuditContext.getContent());
}
appAccountRepository.deleteById(Long.valueOf(id));
AuditContext.setTarget(
Target.builder().id(optional.get().getId().toString()).type(TargetType.USER).build(),
Target.builder().id(optional.get().getAppId().toString()).type(TargetType.APPLICATION)
.build());
return true;
}
@Override
public AppAccount getAppAccount(Long appId) {
Optional<AppAccountEntity> optional = appAccountRepository.findByAppIdAndUserId(appId,
Long.valueOf(SecurityUtils.getCurrentUserId()));
if (optional.isPresent()) {
AppAccountEntity entity = optional.get();
AppAccount account = new AppAccount();
account.setAppId(entity.getAppId());
account.setAccount(entity.getAccount());
return account;
}
return null;
}
/**
* AppAccountConverter
*/
private final AppAccountConverter appAccountConverter;
/**
* AppAccountRepository
*/
private final AppAccountRepository appAccountRepository;
}