Merge remote-tracking branch 'origin/master'

eiam-application/eiam-application-core/src/main/java/cn/topiam/employee/application/AbstractApplicationService.java

@@ -59,9 +59,19 @@ public abstract class AbstractApplicationService implements ApplicationService {
         return account;
     }
 
+    /**
+     * 创建应用
+     *
+     * @param name              {@link String}
+     * @param icon              {@link String}
+     * @param remark            {@link String}
+     * @param initLoginType     {@link InitLoginType}
+     * @param authorizationType {@link AuthorizationType}
+     * @return {@link AppEntity}
+     */
     @Override
-    public AppEntity createApp(String name, String icon, String remark, Long[] groupId,
+    public AppEntity createApp(String name, String icon, String remark, InitLoginType initLoginType,
-                               InitLoginType initLoginType, AuthorizationType authorizationType) {
+                               AuthorizationType authorizationType) {
         AppEntity appEntity = new AppEntity();
         appEntity.setName(name);
         appEntity.setIcon(icon);
@@ -75,11 +85,18 @@ public abstract class AbstractApplicationService implements ApplicationService {
         appEntity.setInitLoginType(initLoginType);
         appEntity.setAuthorizationType(authorizationType);
         appEntity.setRemark(remark);
-        appRepository.save(appEntity);
+        return appRepository.save(appEntity);
+    }
+
+    @Override
+    public AppEntity createApp(String name, String icon, String remark, List<String> groupIds,
+                               InitLoginType initLoginType, AuthorizationType authorizationType) {
+
+        AppEntity appEntity = createApp(name, icon, remark, initLoginType, authorizationType);
         List<AppGroupAssociationEntity> list = new ArrayList<>();
-        for (Long id : groupId) {
+        for (String id : groupIds) {
             AppGroupAssociationEntity appGroupAssociationEntity = new AppGroupAssociationEntity();
-            appGroupAssociationEntity.setGroupId(id);
+            appGroupAssociationEntity.setGroupId(Long.valueOf(id));
             appGroupAssociationEntity.setAppId(appEntity.getId());
             list.add(appGroupAssociationEntity);
         }

eiam-application/eiam-application-core/src/main/java/cn/topiam/employee/application/ApplicationService.java

@@ -92,11 +92,11 @@ public interface ApplicationService {
      * @param name {@link String} 名称
      * @param icon {@link String} 图标
      * @param remark {@link String} 备注
-     * @param groupId {@link String} 分组id
+     * @param groupIds {@link String} 分组id
      * @return {@link Long} 应用ID
      */
     @Transactional(rollbackFor = Exception.class)
-    String create(String name, String icon, String remark, Long[] groupId);
+    String create(String name, String icon, String remark, List<String> groupIds);
 
     /**
      * 删除应用
@@ -137,11 +137,24 @@ public interface ApplicationService {
      * @param name {@link String}
      * @param icon  {@link String}
      * @param remark  {@link String}
-     * @param groupId {@link Long} 分组id
      * @param initLoginType  {@link InitLoginType}
      * @param authorizationType {@link AuthorizationType}
      * @return {@link AppEntity}
      */
-    AppEntity createApp(String name, String icon, String remark, Long[] groupId,
+    AppEntity createApp(String name, String icon, String remark, InitLoginType initLoginType,
+                        AuthorizationType authorizationType);
+
+    /**
+     * 创建应用
+     *
+     * @param name {@link String}
+     * @param icon  {@link String}
+     * @param remark  {@link String}
+     * @param groupIds {@link Long} 分组id
+     * @param initLoginType  {@link InitLoginType}
+     * @param authorizationType {@link AuthorizationType}
+     * @return {@link AppEntity}
+     */
+    AppEntity createApp(String name, String icon, String remark, List<String> groupIds,
                         InitLoginType initLoginType, AuthorizationType authorizationType);
 }

eiam-application/eiam-application-form/src/main/java/cn/topiam/employee/application/form/FormStandardApplicationServiceImpl.java

@@ -197,12 +197,12 @@ public class FormStandardApplicationServiceImpl extends AbstractFormApplicationS
      * @param name   {@link String} 名称
      * @param icon   {@link String} 图标
      * @param remark {@link String} 备注
-     * @param groupId {@link Long} 分组id
+     * @param groupIds {@link Long} 分组id
      */
     @Override
-    public String create(String name, String icon, String remark, Long[] groupId) {
+    public String create(String name, String icon, String remark, List<String> groupIds) {
         //1、创建应用
-        AppEntity appEntity = createApp(name, icon, remark, groupId, InitLoginType.PORTAL_OR_APP,
+        AppEntity appEntity = createApp(name, icon, remark, groupIds, InitLoginType.PORTAL_OR_APP,
             AuthorizationType.AUTHORIZATION);
         AppFormConfigEntity appFormConfig = new AppFormConfigEntity();
         appFormConfig.setAppId(appEntity.getId());

eiam-application/eiam-application-jwt/src/main/java/cn/topiam/employee/application/jwt/JwtStandardCertificateApplicationServiceImpl.java

@@ -201,12 +201,12 @@ public class JwtStandardCertificateApplicationServiceImpl extends
      * @param name   {@link String} 名称
      * @param icon   {@link String} 图标
      * @param remark {@link String} 备注
-     * @param groupId {@link Long} 分组id
+     * @param groupIds {@link Long} 分组id
      */
     @Override
-    public String create(String name, String icon, String remark, Long[] groupId) {
+    public String create(String name, String icon, String remark, List<String> groupIds) {
         //1、创建应用
-        AppEntity appEntity = createApp(name, icon, remark, groupId, InitLoginType.PORTAL_OR_APP,
+        AppEntity appEntity = createApp(name, icon, remark, groupIds, InitLoginType.PORTAL_OR_APP,
             AuthorizationType.AUTHORIZATION);
         //jwt配置
         AppJwtConfigEntity jwtConfigEntity = new AppJwtConfigEntity();

eiam-application/eiam-application-oidc/src/main/java/cn/topiam/employee/application/oidc/OidcStandardCertificateApplicationServiceImpl.java

@@ -75,12 +75,12 @@ public class OidcStandardCertificateApplicationServiceImpl extends
      * @param name   {@link String} 名称
      * @param icon   {@link String} 图标
      * @param remark {@link String} 备注
-     * @param groupId {@link Long} 分组id
+     * @param groupIds {@link Long} 分组id
      */
     @Override
-    public String create(String name, String icon, String remark, Long[] groupId) {
+    public String create(String name, String icon, String remark, List<String> groupIds) {
         //1、创建应用
-        AppEntity appEntity = createApp(name, icon, remark, groupId, InitLoginType.APP,
+        AppEntity appEntity = createApp(name, icon, remark, groupIds, InitLoginType.APP,
             AuthorizationType.AUTHORIZATION);
         //2、创建证书
         createCertificate(appEntity.getId(), appEntity.getCode(), AppCertUsingType.OIDC_JWK);

eiam-common/src/main/java/cn/topiam/employee/common/enums/app/AppDefaultGroup.java

@@ -0,0 +1,67 @@
+/*
+ * eiam-common - Employee Identity and Access Management
+ * Copyright © 2022-Present Jinan Yuanchuang Network Technology Co., Ltd. (support@topiam.cn)
+ *
+ * This program is free software: you can redistribute it and/or modify
+ * it under the terms of the GNU Affero General Public License as published by
+ * the Free Software Foundation, either version 3 of the License, or
+ * (at your option) any later version.
+ *
+ * This program is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ * GNU Affero General Public License for more details.
+ *
+ * You should have received a copy of the GNU Affero General Public License
+ * along with this program.  If not, see <http://www.gnu.org/licenses/>.
+ */
+package cn.topiam.employee.common.enums.app;
+
+import cn.topiam.employee.support.enums.BaseEnum;
+import cn.topiam.employee.support.web.converter.EnumConvert;
+
+/**
+ * 应用默认分组
+ *
+ * @author TopIAM
+ * Created by support@topiam.cn on  2023/9/9 16:22
+ */
+public enum AppDefaultGroup implements BaseEnum {
+                                                 DEVELOPMENT("development", "开发类"), OFFICE("office",
+                                                                                           "办公类");
+
+    private final String code;
+    private final String desc;
+
+    AppDefaultGroup(String code, String desc) {
+        this.code = code;
+        this.desc = desc;
+    }
+
+    /**
+     * 获取类型
+     *
+     * @param code {@link String}
+     * @return {@link AppPolicyEffect}
+     */
+    @EnumConvert
+    public static AppDefaultGroup getType(String code) {
+        AppDefaultGroup[] values = values();
+        for (AppDefaultGroup status : values) {
+            if (String.valueOf(status.getCode()).equals(code)) {
+                return status;
+            }
+        }
+        return null;
+    }
+
+    @Override
+    public String getCode() {
+        return code;
+    }
+
+    @Override
+    public String getDesc() {
+        return desc;
+    }
+}

eiam-common/src/main/java/cn/topiam/employee/common/enums/app/converter/AppGroupConverter.java

@@ -0,0 +1,67 @@
+/*
+ * eiam-common - Employee Identity and Access Management
+ * Copyright © 2022-Present Jinan Yuanchuang Network Technology Co., Ltd. (support@topiam.cn)
+ *
+ * This program is free software: you can redistribute it and/or modify
+ * it under the terms of the GNU Affero General Public License as published by
+ * the Free Software Foundation, either version 3 of the License, or
+ * (at your option) any later version.
+ *
+ * This program is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ * GNU Affero General Public License for more details.
+ *
+ * You should have received a copy of the GNU Affero General Public License
+ * along with this program.  If not, see <http://www.gnu.org/licenses/>.
+ */
+package cn.topiam.employee.common.enums.app.converter;
+
+import java.util.Objects;
+
+import cn.topiam.employee.common.enums.app.AppDefaultGroup;
+
+import jakarta.persistence.AttributeConverter;
+import jakarta.persistence.Converter;
+
+/**
+ * @author TopIAM
+ * Created by support@topiam.cn on  2023/9/9 16:23
+ */
+@Converter(autoApply = true)
+public class AppGroupConverter implements AttributeConverter<AppDefaultGroup, String> {
+
+    /**
+     * Converts the value stored in the entity attribute into the
+     * data representation to be stored in the database.
+     *
+     * @param attribute the entity attribute value to be converted
+     * @return the converted data to be stored in the database
+     * column
+     */
+    @Override
+    public String convertToDatabaseColumn(AppDefaultGroup attribute) {
+        if (Objects.isNull(attribute)) {
+            return null;
+        }
+        return attribute.getCode();
+    }
+
+    /**
+     * Converts the data stored in the database column into the
+     * value to be stored in the entity attribute.
+     * Note that it is the responsibility of the converter writer to
+     * specify the correct <code>dbData</code> type for the corresponding
+     * column for use by the JDBC driver: i.e., persistence providers are
+     * not expected to do such type conversion.
+     *
+     * @param dbData the data from the database column to be
+     *               converted
+     * @return the converted value to be stored in the entity
+     * attribute
+     */
+    @Override
+    public AppDefaultGroup convertToEntityAttribute(String dbData) {
+        return AppDefaultGroup.getType(dbData);
+    }
+}

eiam-common/src/main/java/cn/topiam/employee/common/repository/app/AppGroupRepository.java

@@ -17,6 +17,7 @@
  */
 package cn.topiam.employee.common.repository.app;
 
+import java.util.Collection;
 import java.util.List;
 import java.util.Optional;
 
@@ -81,10 +82,30 @@ public interface AppGroupRepository extends LogicDeleteRepository<AppGroupEntity
      */
     @NotNull
     @Cacheable
-    @Query(value = "SELECT * FROM app_group WHERE id_ = :id", nativeQuery = true)
+    @Query(value = "FROM AppGroupEntity WHERE id = :id")
     Optional<AppGroupEntity> findByIdContainsDeleted(@NotNull @Param(value = "id") Long id);
 
-    @Query(value = "SELECT * FROM app_group WHERE is_deleted = 0", nativeQuery = true)
+    /**
+     * 获取所有分组列表
+     *
+     * @return {@link List}
+     */
+    @Query(value = "FROM AppGroupEntity WHERE deleted = false ")
     List<AppGroupEntity> getAppGroupList();
 
+    /**
+     * 根据code列表查询
+     *
+     * @param codes {@link List}
+     * @return {@link List}
+     */
+    List<AppGroupEntity> findAllByCodeIn(@Param("codes") Collection<String> codes);
+
+    /**
+     * 根据code查询
+     *
+     * @param code {@link String}
+     * @return {@link AppGroupEntity}
+     */
+    Optional<AppGroupEntity> findByCode(@Param("code") String code);
 }

eiam-common/src/main/java/cn/topiam/employee/common/repository/app/impl/AppGroupRepositoryCustomizedImpl.java

@@ -54,35 +54,19 @@ public class AppGroupRepositoryCustomizedImpl implements AppGroupRepositoryCusto
     @Override
     public Page<AppGroupPO> getAppGroupList(AppGroupQuery query, Pageable pageable) {
         //@formatter:off
-        StringBuilder builder = new StringBuilder("""
+        StringBuilder builder = new StringBuilder("SELECT `group`.id_, `group`.name_, `group`.code_, `group`.type_, `group`.create_time, `group`.remark_, IFNULL( ass.app_count, 0) AS app_count FROM app_group `group` LEFT JOIN(SELECT aga.group_id, COUNT(*) AS `app_count` FROM app_group_association aga INNER JOIN app ON aga.app_id = app.id_ AND app.is_deleted = 0 GROUP BY aga.group_id ) ass ON `group`.id_ = ass.group_id WHERE is_deleted = '0'");
-                SELECT
-                	`group`.id_,
-                	`group`.name_,
-                	`group`.code_,
-                	`group`.type_,
-                	`group`.create_time,
-                	`group`.remark_,
-                	 IFNULL( ass.app_count, 0 ) AS app_count
-                FROM
-                	app_group `group`
-                	LEFT JOIN ( SELECT group_id, count(*) AS `app_count` FROM app_group_association GROUP BY group_id ) ass ON `group`.id_ = ass.group_id
-                	WHERE is_deleted = '0'
-                """);
         //分组名称
         if (StringUtils.isNoneBlank(query.getName())) {
             builder.append(" AND `group`.name_ like '%").append(query.getName()).append("%'");
         }
-
         //分组编码
         if (StringUtils.isNoneBlank(query.getCode())) {
             builder.append(" AND `group`.code_ like '%").append(query.getCode()).append("%'");
         }
-
         //分组类型
         if (ObjectUtils.isNotEmpty(query.getType())) {
             builder.append(" AND `group`.type_ like '%").append(query.getType().getCode()).append("%'");
         }
-
         builder.append(" ORDER BY `group`.create_time DESC");
         //@formatter:on
         String sql = builder.toString();

eiam-console/src/main/java/cn/topiam/employee/console/initialize/DefaultAdministratorInitialize.java

@@ -15,7 +15,7 @@
  * You should have received a copy of the GNU Affero General Public License
  * along with this program.  If not, see <http://www.gnu.org/licenses/>.
  */
-package cn.topiam.employee.console.listener;
+package cn.topiam.employee.console.initialize;
 
 import java.io.BufferedWriter;
 import java.io.File;
@@ -47,18 +47,17 @@ import static cn.topiam.employee.support.lock.LockAspect.getTopiamLockKeyPrefix;
 import static cn.topiam.employee.support.util.CreateFileUtil.createFile;
 
 /**
- * ConsoleAdminPasswordInitializeListener
+ * DefaultAdministratorInitialize
  *
  * @author TopIAM
  * Created by support@topiam.cn on  2022/11/26 21:44
  */
 @Order(2)
 @Component
-public class ConsoleAdminPasswordInitializeListener implements
+public class DefaultAdministratorInitialize implements ApplicationListener<ContextRefreshedEvent> {
-                                                    ApplicationListener<ContextRefreshedEvent> {
 
     private final Logger        logger    = LoggerFactory
-        .getLogger(ConsoleAdminPasswordInitializeListener.class);
+        .getLogger(DefaultAdministratorInitialize.class);
     private static final String DIR_NAME  = ".topiam";
     private static final String USER_HOME = "user.home";
 
@@ -159,9 +158,9 @@ public class ConsoleAdminPasswordInitializeListener implements
 
     private final RedissonClient            redissonClient;
 
-    public ConsoleAdminPasswordInitializeListener(AdministratorRepository administratorRepository,
+    public DefaultAdministratorInitialize(AdministratorRepository administratorRepository,
-                                                  PasswordEncoder passwordEncoder,
+                                          PasswordEncoder passwordEncoder,
-                                                  RedissonClient redissonClient) {
+                                          RedissonClient redissonClient) {
         this.administratorRepository = administratorRepository;
         this.passwordEncoder = passwordEncoder;
         this.redissonClient = redissonClient;

eiam-console/src/main/java/cn/topiam/employee/console/initialize/DefaultAppGroupInitialize.java

@@ -0,0 +1,103 @@
+/*
+ * eiam-console - Employee Identity and Access Management
+ * Copyright © 2022-Present Jinan Yuanchuang Network Technology Co., Ltd. (support@topiam.cn)
+ *
+ * This program is free software: you can redistribute it and/or modify
+ * it under the terms of the GNU Affero General Public License as published by
+ * the Free Software Foundation, either version 3 of the License, or
+ * (at your option) any later version.
+ *
+ * This program is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ * GNU Affero General Public License for more details.
+ *
+ * You should have received a copy of the GNU Affero General Public License
+ * along with this program.  If not, see <http://www.gnu.org/licenses/>.
+ */
+package cn.topiam.employee.console.initialize;
+
+import java.util.Arrays;
+import java.util.Optional;
+import java.util.concurrent.TimeUnit;
+
+import org.redisson.api.RLock;
+import org.redisson.api.RedissonClient;
+import org.springframework.boot.SpringApplication;
+import org.springframework.context.ApplicationListener;
+import org.springframework.context.event.ContextRefreshedEvent;
+import org.springframework.core.annotation.Order;
+import org.springframework.lang.NonNull;
+import org.springframework.stereotype.Component;
+import org.springframework.transaction.annotation.Transactional;
+import org.springframework.util.AlternativeJdkIdGenerator;
+
+import cn.topiam.employee.common.entity.app.AppGroupEntity;
+import cn.topiam.employee.common.enums.app.AppDefaultGroup;
+import cn.topiam.employee.common.enums.app.AppGroupType;
+import cn.topiam.employee.common.repository.app.AppGroupRepository;
+import cn.topiam.employee.support.trace.TraceUtils;
+import static cn.topiam.employee.support.lock.LockAspect.getTopiamLockKeyPrefix;
+
+/**
+ * DefaultAppGroupInitialize
+ *
+ * @author TopIAM
+ * Created by support@topiam.cn on  2023/9/11 21:44
+ */
+@Order(2)
+@Component
+public class DefaultAppGroupInitialize implements ApplicationListener<ContextRefreshedEvent> {
+
+    @Override
+    @Transactional(rollbackFor = Exception.class)
+    public void onApplicationEvent(@NonNull ContextRefreshedEvent contextRefreshedEvent) {
+        //@formatter:off
+        String traceId = idGenerator.generateId().toString();
+        TraceUtils.put(traceId);
+        RLock lock = redissonClient.getLock(getTopiamLockKeyPrefix());
+        boolean tryLock = false;
+        try {
+            tryLock = lock.tryLock(1, TimeUnit.SECONDS);
+            if (tryLock) {
+                Arrays.stream(AppDefaultGroup.values()).toList().forEach(i -> {
+                    Optional<AppGroupEntity> optional = appGroupRepository.findByCode(i.getCode());
+                    if (optional.isEmpty()) {
+                        AppGroupEntity appGroup = new AppGroupEntity();
+                        appGroup.setCode(i.getCode());
+                        appGroup.setName(i.getDesc());
+                        appGroup.setType(AppGroupType.DEFAULT);
+                        appGroup.setRemark(
+                            "This app group is automatically created during system initialization.");
+                        appGroupRepository.save(appGroup);
+                    }
+                });
+
+            }
+
+        } catch (Exception exception) {
+            int exitCode = SpringApplication.exit(contextRefreshedEvent.getApplicationContext(),
+                () -> 0);
+            System.exit(exitCode);
+        } finally {
+            if (tryLock && lock.isLocked()) {
+                lock.unlock();
+            }
+            TraceUtils.remove();
+        }
+        //@formatter:on
+    }
+
+    private final AlternativeJdkIdGenerator idGenerator = new AlternativeJdkIdGenerator();
+
+    private final AppGroupRepository        appGroupRepository;
+
+    private final RedissonClient            redissonClient;
+
+    public DefaultAppGroupInitialize(AppGroupRepository appGroupRepository,
+                                     RedissonClient redissonClient) {
+        this.appGroupRepository = appGroupRepository;
+        this.redissonClient = redissonClient;
+    }
+
+}

eiam-console/src/main/java/cn/topiam/employee/console/pojo/save/app/AppCreateParam.java

@@ -18,6 +18,7 @@
 package cn.topiam.employee.console.pojo.save.app;
 
 import java.io.Serializable;
+import java.util.List;
 
 import lombok.Data;
 
@@ -40,30 +41,30 @@ public class AppCreateParam implements Serializable {
      */
     @NotBlank(message = "应用名称不能为空")
     @Schema(description = "应用名称")
-    private String name;
+    private String       name;
 
     /**
      * 应用模版
      */
     @NotNull(message = "应用模版不能为空")
     @Schema(description = "应用模版")
-    private String template;
+    private String       template;
 
     /**
      * 应用图标
      */
     @Schema(description = "应用图标")
-    private String icon;
+    private String       icon;
 
     /**
      * 备注
      */
     @Schema(description = "备注")
-    private String remark;
+    private String       remark;
 
     /**
      * 应用分组id
      */
-    @Schema(description = "应用分组ID")
+    @Schema(description = "应用分组")
-    private Long[] groupId;
+    private List<String> groupIds;
 }

eiam-console/src/main/java/cn/topiam/employee/console/service/app/impl/AppServiceImpl.java

@@ -97,11 +97,10 @@ public class AppServiceImpl implements AppService {
     @Override
     @Transactional(rollbackFor = Exception.class)
     public AppCreateResult createApp(AppCreateParam param) {
-        // TODO 创建后没有数据权限
         ApplicationService applicationService = applicationServiceLoader
             .getApplicationService(param.getTemplate());
         String appId = applicationService.create(param.getName(), param.getIcon(),
-            param.getRemark(), param.getGroupId());
+            param.getRemark(), param.getGroupIds());
         AuditContext.setTarget(Target.builder().id(appId).type(TargetType.APPLICATION).build());
         return new AppCreateResult(appId);
     }