【8.0】【role】完善绑定权限增加范围筛选

2023-09-08 23:01:55 +08:00 · 2023-09-08 23:01:55 +08:00 · 9008401032
parent 757f5826cc
commit 9008401032
3 changed files with 42 additions and 6 deletions
--- a/kernel-s-system/system-business-permission/src/main/java/cn/stylefeng/roses/kernel/sys/modular/role/action/RoleAssignOperateAction.java
+++ b/kernel-s-system/system-business-permission/src/main/java/cn/stylefeng/roses/kernel/sys/modular/role/action/RoleAssignOperateAction.java
@ -3,6 +3,8 @@ package cn.stylefeng.roses.kernel.sys.modular.role.action;
 import cn.stylefeng.roses.kernel.sys.modular.role.enums.PermissionNodeTypeEnum;
 import cn.stylefeng.roses.kernel.sys.modular.role.pojo.request.RoleBindPermissionRequest;

+import java.util.Set;
+
 /**
 * 角色绑定权限操作的接口
 *
@ -22,10 +24,11 @@ public interface RoleAssignOperateAction {
    /**
     * 执行角色绑定权限的过程，根据不同的点击类型，执行不同的操作过程
     *
-     * @param roleBindPermissionRequest 角色绑定权限的参数
+     * @param roleBindPermissionRequest    角色绑定权限的参数
+     * @param roleLimitMenuIdsAndOptionIds 角色所能承受的绑定范围
     * @author fengshuonan
     * @since 2023/6/13 22:17
     */
-    void doOperateAction(RoleBindPermissionRequest roleBindPermissionRequest);
+    void doOperateAction(RoleBindPermissionRequest roleBindPermissionRequest, Set<Long> roleLimitMenuIdsAndOptionIds);

 }
--- a/kernel-s-system/system-business-permission/src/main/java/cn/stylefeng/roses/kernel/sys/modular/role/service/impl/PermissionAssignServiceImpl.java
+++ b/kernel-s-system/system-business-permission/src/main/java/cn/stylefeng/roses/kernel/sys/modular/role/service/impl/PermissionAssignServiceImpl.java
@ -90,10 +90,15 @@ public class PermissionAssignServiceImpl implements PermissionAssignService {

    @Override
    public void updateRoleBindPermission(RoleBindPermissionRequest roleBindPermissionRequest) {
+
+        // 1. 获取角色的限制范围，如果限制范围为空，则为查询所有的范围
+        Set<Long> userRoleLimitScope = userRoleServiceApi.findCurrentUserRoleLimitScope();
+
+        // 2. 绑定角色的权限
        Map<String, RoleAssignOperateAction> operateActionMap = SpringUtil.getBeansOfType(RoleAssignOperateAction.class);
        for (RoleAssignOperateAction roleAssignOperateAction : operateActionMap.values()) {
            if (roleAssignOperateAction.getNodeType().getCode().equals(roleBindPermissionRequest.getPermissionNodeType())) {
-                roleAssignOperateAction.doOperateAction(roleBindPermissionRequest);
+                roleAssignOperateAction.doOperateAction(roleBindPermissionRequest, userRoleLimitScope);

                // 更新角色绑定权限的缓存
                BusinessEventPublisher.publishEvent(RoleConstants.ROLE_BIND_MENU_EVENT, roleBindPermissionRequest.getRoleId());
--- a/kernel-s-system/system-business-permission/src/main/java/cn/stylefeng/roses/kernel/sys/modular/role/service/impl/RoleBindAppImpl.java
+++ b/kernel-s-system/system-business-permission/src/main/java/cn/stylefeng/roses/kernel/sys/modular/role/service/impl/RoleBindAppImpl.java
@ -58,19 +58,19 @@ public class RoleBindAppImpl implements RoleAssignOperateAction, RoleBindLimitAc
    }

    @Override
-    public void doOperateAction(RoleBindPermissionRequest roleBindPermissionRequest) {
+    public void doOperateAction(RoleBindPermissionRequest roleBindPermissionRequest, Set<Long> roleLimitMenuIdsAndOptionIds) {

        Long roleId = roleBindPermissionRequest.getRoleId();
        Long appId = roleBindPermissionRequest.getNodeId();

        // 找到所选应用的对应的所有菜单
-        Set<Long> appMenuIds = this.getAppMenuIds(appId);
+        Set<Long> appMenuIds = this.getAppMenuIds(appId, roleLimitMenuIdsAndOptionIds);
        if (ObjectUtil.isEmpty(appMenuIds)) {
            return;
        }

        // 找到所选应用的对应的所有菜单功能
-        List<SysMenuOptions> totalMenuOptions = this.getAppMenuOptions(appId);
+        List<SysMenuOptions> totalMenuOptions = this.getAppMenuOptions(appId, roleLimitMenuIdsAndOptionIds);
        Set<Long> totalMenuOptionIds = totalMenuOptions.stream().map(SysMenuOptions::getMenuOptionId).collect(Collectors.toSet());

        // 先删除角色绑定的这些菜单
@ -183,8 +183,22 @@ public class RoleBindAppImpl implements RoleAssignOperateAction, RoleBindLimitAc
     * @since 2023/9/8 15:03
     */
    private Set<Long> getAppMenuIds(Long appId) {
+        return this.getAppMenuIds(appId, null);
+    }
+
+    /**
+     * 获取应用下的所有菜单id
+     *
+     * @author fengshuonan
+     * @since 2023/9/8 15:03
+     */
+    private Set<Long> getAppMenuIds(Long appId, Set<Long> roleLimitMenuIdsAndOptionIds) {
        LambdaQueryWrapper<SysMenu> menuLambdaQueryWrapper = new LambdaQueryWrapper<>();
        menuLambdaQueryWrapper.eq(SysMenu::getAppId, appId);
+        // 如果有范围限制，则查询范围内的菜单
+        if (ObjectUtil.isNotEmpty(roleLimitMenuIdsAndOptionIds)) {
+            menuLambdaQueryWrapper.in(SysMenu::getMenuId, roleLimitMenuIdsAndOptionIds);
+        }
        menuLambdaQueryWrapper.select(SysMenu::getMenuId);
        List<SysMenu> totalMenus = sysMenuService.list(menuLambdaQueryWrapper);
        if (ObjectUtil.isEmpty(totalMenus)) {
@ -200,8 +214,22 @@ public class RoleBindAppImpl implements RoleAssignOperateAction, RoleBindLimitAc
     * @since 2023/9/8 15:13
     */
    private List<SysMenuOptions> getAppMenuOptions(Long appId) {
+        return this.getAppMenuOptions(appId, null);
+    }
+
+    /**
+     * 获取应用下的所有菜单功能
+     *
+     * @author fengshuonan
+     * @since 2023/9/8 15:13
+     */
+    private List<SysMenuOptions> getAppMenuOptions(Long appId, Set<Long> roleLimitMenuIdsAndOptionIds) {
        LambdaQueryWrapper<SysMenuOptions> menuOptionsLambdaQueryWrapper = new LambdaQueryWrapper<>();
        menuOptionsLambdaQueryWrapper.eq(SysMenuOptions::getAppId, appId);
+        // 如果有范围限制，则查询范围内的菜单
+        if (ObjectUtil.isNotEmpty(roleLimitMenuIdsAndOptionIds)) {
+            menuOptionsLambdaQueryWrapper.in(SysMenuOptions::getMenuOptionId, roleLimitMenuIdsAndOptionIds);
+        }
        menuOptionsLambdaQueryWrapper.select(SysMenuOptions::getMenuOptionId, SysMenuOptions::getMenuId);
        return sysMenuOptionsService.list(menuOptionsLambdaQueryWrapper);
    }