mirror of
https://gitee.com/huangge1199_admin/vue-pro.git
synced 2024-11-22 23:31:52 +08:00
CRM: 根据 review 完善数据权限
This commit is contained in:
puhui999
parent
0043d02d0a
commit
47a698868c
@ -74,6 +74,7 @@ public interface ErrorCodeConstants {
|
||||
ErrorCode CRM_PERMISSION_DELETE_DENIED = new ErrorCode(1_020_007_006, "删除数据权限失败,原因:没有权限");
|
||||
ErrorCode CRM_PERMISSION_DELETE_SELF_PERMISSION_FAIL_EXIST_OWNER = new ErrorCode(1_020_007_007, "删除数据权限失败,原因:不能删除负责人");
|
||||
ErrorCode CRM_PERMISSION_CREATE_FAIL = new ErrorCode(1_020_007_008, "创建数据权限失败,原因:所加用户已有权限");
|
||||
ErrorCode CRM_PERMISSION_CREATE_FAIL_EXISTS = new ErrorCode(1_020_007_009, "同时添加数据权限失败,原因:用户【{}】已有模块【{}】数据【{}】的【{}】权限");
|
||||
|
||||
// ========== 产品 1_020_008_000 ==========
|
||||
ErrorCode PRODUCT_NOT_EXISTS = new ErrorCode(1_020_008_000, "产品不存在");
|
||||
|
||||
@ -1,5 +1,6 @@
|
||||
package cn.iocoder.yudao.module.crm.enums.permission;
|
||||
|
||||
import cn.hutool.core.collection.CollUtil;
|
||||
import cn.hutool.core.util.ObjUtil;
|
||||
import cn.iocoder.yudao.framework.common.core.IntArrayValuable;
|
||||
import lombok.AllArgsConstructor;
|
||||
@ -50,4 +51,10 @@ public enum CrmPermissionLevelEnum implements IntArrayValuable {
|
||||
return ObjUtil.equal(WRITE.level, level);
|
||||
}
|
||||
|
||||
public static String getNameByLevel(Integer level) {
|
||||
CrmPermissionLevelEnum typeEnum = CollUtil.findOne(CollUtil.newArrayList(CrmPermissionLevelEnum.values()),
|
||||
item -> ObjUtil.equal(item.level, level));
|
||||
return typeEnum == null ? null : typeEnum.getName();
|
||||
}
|
||||
|
||||
}
|
||||
|
||||
@ -1,6 +1,7 @@
|
||||
package cn.iocoder.yudao.module.crm.controller.admin.permission;
|
||||
|
||||
import cn.hutool.core.collection.CollUtil;
|
||||
import cn.hutool.extra.spring.SpringUtil;
|
||||
import cn.iocoder.yudao.framework.common.pojo.CommonResult;
|
||||
import cn.iocoder.yudao.framework.common.util.collection.CollectionUtils;
|
||||
import cn.iocoder.yudao.framework.common.util.collection.MapUtils;
|
||||
@ -56,63 +57,20 @@ public class CrmPermissionController {
|
||||
@Resource
|
||||
private CrmPermissionService permissionService;
|
||||
@Resource
|
||||
private CrmContactService contactService;
|
||||
@Resource
|
||||
private CrmBusinessService businessService;
|
||||
@Resource
|
||||
private CrmContractService contractService;
|
||||
@Resource
|
||||
private AdminUserApi adminUserApi;
|
||||
@Resource
|
||||
private DeptApi deptApi;
|
||||
@Resource
|
||||
private PostApi postApi;
|
||||
|
||||
// TODO @puhui999:是不是还是叫 create 好点哈。
|
||||
@PostMapping("/create")
|
||||
@Operation(summary = "创建数据权限")
|
||||
@Transactional(rollbackFor = Exception.class)
|
||||
@PreAuthorize("@ss.hasPermission('crm:permission:create')")
|
||||
@CrmPermission(bizTypeValue = "#reqVO.bizType", bizId = "#reqVO.bizId", level = CrmPermissionLevelEnum.OWNER)
|
||||
public CommonResult<Boolean> savePermission(@Valid @RequestBody CrmPermissionSaveReqVO reqVO) {
|
||||
permissionService.createPermission(BeanUtils.toBean(reqVO, CrmPermissionCreateReqBO.class));
|
||||
// 处理【同时添加至】的权限
|
||||
if (CollUtil.isNotEmpty(reqVO.getToBizTypes())) {
|
||||
createBizTypePermissions(reqVO);
|
||||
}
|
||||
public CommonResult<Boolean> create(@Valid @RequestBody CrmPermissionSaveReqVO reqVO) {
|
||||
permissionService.createPermission(reqVO, getLoginUserId());
|
||||
return success(true);
|
||||
}
|
||||
|
||||
private void createBizTypePermissions(CrmPermissionSaveReqVO reqVO) {
|
||||
List<CrmPermissionCreateReqBO> createPermissions = new ArrayList<>();
|
||||
// TODO @puhui999:需要考虑,被添加人,是不是应该有对应的权限了;
|
||||
if (reqVO.getToBizTypes().contains(CrmBizTypeEnum.CRM_CONTACT.getType())) {
|
||||
List<CrmContactDO> contactList = contactService.getContactListByCustomerIdOwnerUserId(reqVO.getBizId(), getLoginUserId());
|
||||
contactList.forEach(item -> {
|
||||
createPermissions.add(new CrmPermissionCreateReqBO().setBizType(CrmBizTypeEnum.CRM_CONTACT.getType())
|
||||
.setBizId(item.getId()).setUserId(reqVO.getUserId()).setLevel(reqVO.getLevel()));
|
||||
});
|
||||
}
|
||||
if (reqVO.getToBizTypes().contains(CrmBizTypeEnum.CRM_BUSINESS.getType())) {
|
||||
List<CrmBusinessDO> businessList = businessService.getBusinessListByCustomerIdOwnerUserId(reqVO.getBizId(), getLoginUserId());
|
||||
businessList.forEach(item -> {
|
||||
createPermissions.add(new CrmPermissionCreateReqBO().setBizType(CrmBizTypeEnum.CRM_BUSINESS.getType())
|
||||
.setBizId(item.getId()).setUserId(reqVO.getUserId()).setLevel(reqVO.getLevel()));
|
||||
});
|
||||
}
|
||||
if (reqVO.getToBizTypes().contains(CrmBizTypeEnum.CRM_CONTRACT.getType())) {
|
||||
List<CrmContractDO> contractList = contractService.getContractListByCustomerIdOwnerUserId(reqVO.getBizId(), getLoginUserId());
|
||||
contractList.forEach(item -> {
|
||||
createPermissions.add(new CrmPermissionCreateReqBO().setBizType(CrmBizTypeEnum.CRM_CONTRACT.getType())
|
||||
.setBizId(item.getId()).setUserId(reqVO.getUserId()).setLevel(reqVO.getLevel()));
|
||||
});
|
||||
}
|
||||
if (CollUtil.isEmpty(createPermissions)) {
|
||||
return;
|
||||
}
|
||||
permissionService.createPermissionBatch(createPermissions);
|
||||
}
|
||||
|
||||
@PutMapping("/update")
|
||||
@Operation(summary = "编辑数据权限")
|
||||
@PreAuthorize("@ss.hasPermission('crm:permission:update')")
|
||||
|
||||
@ -53,9 +53,11 @@ public interface CrmPermissionMapper extends BaseMapperX<CrmPermissionDO> {
|
||||
CrmPermissionDO::getUserId, userId);
|
||||
}
|
||||
|
||||
default CrmPermissionDO selectByBizIdAndUserId(Long bizId, Long userId) {
|
||||
return selectOne(CrmPermissionDO::getBizId, bizId,
|
||||
CrmPermissionDO::getUserId, userId);
|
||||
default CrmPermissionDO selectByBizAndUserId(Integer bizType, Long bizId, Long userId) {
|
||||
return selectOne(new LambdaQueryWrapperX<CrmPermissionDO>()
|
||||
.eq(CrmPermissionDO::getBizType, bizType)
|
||||
.eq(CrmPermissionDO::getBizId, bizId)
|
||||
.eq(CrmPermissionDO::getUserId, userId));
|
||||
}
|
||||
|
||||
default int deletePermission(Integer bizType, Long bizId) {
|
||||
|
||||
@ -1,6 +1,7 @@
|
||||
package cn.iocoder.yudao.module.crm.service.permission;
|
||||
|
||||
|
||||
import cn.iocoder.yudao.module.crm.controller.admin.permission.vo.CrmPermissionSaveReqVO;
|
||||
import cn.iocoder.yudao.module.crm.controller.admin.permission.vo.CrmPermissionUpdateReqVO;
|
||||
import cn.iocoder.yudao.module.crm.dal.dataobject.permission.CrmPermissionDO;
|
||||
import cn.iocoder.yudao.module.crm.enums.common.CrmBizTypeEnum;
|
||||
@ -19,6 +20,14 @@ import java.util.List;
|
||||
*/
|
||||
public interface CrmPermissionService {
|
||||
|
||||
/**
|
||||
* 创建数据权限
|
||||
*
|
||||
* @param reqVO 创建信息
|
||||
* @param userId 用户编号
|
||||
*/
|
||||
void createPermission(CrmPermissionSaveReqVO reqVO, Long userId);
|
||||
|
||||
/**
|
||||
* 创建数据权限
|
||||
*
|
||||
@ -111,10 +120,10 @@ public interface CrmPermissionService {
|
||||
/**
|
||||
* 校验是否有指定数据的操作权限
|
||||
*
|
||||
* @param bizType 数据类型,关联 {@link CrmBizTypeEnum}
|
||||
* @param bizId 数据编号,关联 {@link CrmBizTypeEnum} 对应模块 DO#getId()
|
||||
* @param userId 用户编号
|
||||
* @param level 权限级别
|
||||
* @param bizType 数据类型,关联 {@link CrmBizTypeEnum}
|
||||
* @param bizId 数据编号,关联 {@link CrmBizTypeEnum} 对应模块 DO#getId()
|
||||
* @param userId 用户编号
|
||||
* @param level 权限级别
|
||||
* @return 是否有权限
|
||||
*/
|
||||
boolean hasPermission(Integer bizType, Long bizId, Long userId, CrmPermissionLevelEnum level);
|
||||
|
||||
@ -4,28 +4,34 @@ import cn.hutool.core.collection.CollUtil;
|
||||
import cn.hutool.core.util.ObjUtil;
|
||||
import cn.iocoder.yudao.framework.common.util.collection.CollectionUtils;
|
||||
import cn.iocoder.yudao.framework.common.util.object.BeanUtils;
|
||||
import cn.iocoder.yudao.module.crm.controller.admin.permission.vo.CrmPermissionSaveReqVO;
|
||||
import cn.iocoder.yudao.module.crm.controller.admin.permission.vo.CrmPermissionUpdateReqVO;
|
||||
import cn.iocoder.yudao.module.crm.dal.dataobject.business.CrmBusinessDO;
|
||||
import cn.iocoder.yudao.module.crm.dal.dataobject.contact.CrmContactDO;
|
||||
import cn.iocoder.yudao.module.crm.dal.dataobject.contract.CrmContractDO;
|
||||
import cn.iocoder.yudao.module.crm.dal.dataobject.permission.CrmPermissionDO;
|
||||
import cn.iocoder.yudao.module.crm.dal.mysql.permission.CrmPermissionMapper;
|
||||
import cn.iocoder.yudao.module.crm.enums.common.CrmBizTypeEnum;
|
||||
import cn.iocoder.yudao.module.crm.enums.permission.CrmPermissionLevelEnum;
|
||||
import cn.iocoder.yudao.module.crm.framework.permission.core.annotations.CrmPermission;
|
||||
import cn.iocoder.yudao.module.crm.service.business.CrmBusinessService;
|
||||
import cn.iocoder.yudao.module.crm.service.contact.CrmContactService;
|
||||
import cn.iocoder.yudao.module.crm.service.contract.CrmContractService;
|
||||
import cn.iocoder.yudao.module.crm.service.permission.bo.CrmPermissionCreateReqBO;
|
||||
import cn.iocoder.yudao.module.crm.service.permission.bo.CrmPermissionTransferReqBO;
|
||||
import cn.iocoder.yudao.module.crm.util.CrmPermissionUtils;
|
||||
import cn.iocoder.yudao.module.system.api.user.AdminUserApi;
|
||||
import cn.iocoder.yudao.module.system.api.user.dto.AdminUserRespDTO;
|
||||
import jakarta.annotation.Resource;
|
||||
import org.springframework.context.annotation.Lazy;
|
||||
import org.springframework.stereotype.Service;
|
||||
import org.springframework.transaction.annotation.Transactional;
|
||||
import org.springframework.validation.annotation.Validated;
|
||||
|
||||
import java.util.Collection;
|
||||
import java.util.Collections;
|
||||
import java.util.List;
|
||||
import java.util.Set;
|
||||
import java.util.*;
|
||||
|
||||
import static cn.iocoder.yudao.framework.common.exception.util.ServiceExceptionUtil.exception;
|
||||
import static cn.iocoder.yudao.framework.common.util.collection.CollectionUtils.anyMatch;
|
||||
import static cn.iocoder.yudao.framework.common.util.collection.CollectionUtils.convertSet;
|
||||
import static cn.iocoder.yudao.framework.common.util.collection.CollectionUtils.*;
|
||||
import static cn.iocoder.yudao.module.crm.enums.ErrorCodeConstants.*;
|
||||
import static cn.iocoder.yudao.module.crm.enums.permission.CrmPermissionLevelEnum.isOwner;
|
||||
|
||||
@ -40,13 +46,124 @@ public class CrmPermissionServiceImpl implements CrmPermissionService {
|
||||
|
||||
@Resource
|
||||
private CrmPermissionMapper permissionMapper;
|
||||
|
||||
@Resource
|
||||
@Lazy // 解决依赖循环
|
||||
private CrmContactService contactService;
|
||||
@Resource
|
||||
@Lazy // 解决依赖循环
|
||||
private CrmBusinessService businessService;
|
||||
@Resource
|
||||
@Lazy // 解决依赖循环
|
||||
private CrmContractService contractService;
|
||||
@Resource
|
||||
private AdminUserApi adminUserApi;
|
||||
|
||||
|
||||
@Override
|
||||
@Transactional(rollbackFor = Exception.class)
|
||||
@CrmPermission(bizTypeValue = "#reqVO.bizType", bizId = "#reqVO.bizId", level = CrmPermissionLevelEnum.OWNER)
|
||||
public void createPermission(CrmPermissionSaveReqVO reqVO, Long userId) {
|
||||
// 创建数据权限
|
||||
createPermission0(BeanUtils.toBean(reqVO, CrmPermissionCreateReqBO.class));
|
||||
|
||||
// 处理【同时添加至】的权限
|
||||
if (CollUtil.isEmpty(reqVO.getToBizTypes())) {
|
||||
return;
|
||||
}
|
||||
List<CrmPermissionCreateReqBO> createPermissions = new ArrayList<>();
|
||||
createContactPermissions(reqVO, userId, createPermissions);
|
||||
createBusinessPermissions(reqVO, userId, createPermissions);
|
||||
createContractPermissions(reqVO, userId, createPermissions);
|
||||
if (CollUtil.isEmpty(createPermissions)) {
|
||||
return;
|
||||
}
|
||||
createPermissionBatch(createPermissions);
|
||||
}
|
||||
|
||||
/**
|
||||
* 处理同时添加至联系人
|
||||
*
|
||||
* @param reqVO 请求
|
||||
* @param userId 操作人
|
||||
* @param createPermissions 待添加权限列表
|
||||
*/
|
||||
private void createContactPermissions(CrmPermissionSaveReqVO reqVO, Long userId, List<CrmPermissionCreateReqBO> createPermissions) {
|
||||
// 1. 校验是否被同时添加
|
||||
Integer type = CrmBizTypeEnum.CRM_CONTACT.getType();
|
||||
if (!reqVO.getToBizTypes().contains(type)) {
|
||||
return;
|
||||
}
|
||||
|
||||
// 2.1 添加数据权限
|
||||
List<CrmContactDO> contactList = contactService.getContactListByCustomerIdOwnerUserId(reqVO.getBizId(), userId);
|
||||
contactList.forEach(item -> {
|
||||
createBizTypePermissions(reqVO, type, item.getId(), item.getName(), createPermissions);
|
||||
});
|
||||
}
|
||||
|
||||
/**
|
||||
* 处理同时添加至商机
|
||||
*
|
||||
* @param reqVO 请求
|
||||
* @param userId 操作人
|
||||
* @param createPermissions 待添加权限列表
|
||||
*/
|
||||
private void createBusinessPermissions(CrmPermissionSaveReqVO reqVO, Long userId, List<CrmPermissionCreateReqBO> createPermissions) {
|
||||
// 1. 校验是否被同时添加
|
||||
Integer type = CrmBizTypeEnum.CRM_BUSINESS.getType();
|
||||
if (!reqVO.getToBizTypes().contains(type)) {
|
||||
return;
|
||||
}
|
||||
|
||||
// 2.1 添加数据权限
|
||||
List<CrmBusinessDO> businessList = businessService.getBusinessListByCustomerIdOwnerUserId(reqVO.getBizId(), userId);
|
||||
businessList.forEach(item -> {
|
||||
createBizTypePermissions(reqVO, type, item.getId(), item.getName(), createPermissions);
|
||||
});
|
||||
}
|
||||
|
||||
/**
|
||||
* 处理同时添加至合同
|
||||
*
|
||||
* @param reqVO 请求
|
||||
* @param userId 操作人
|
||||
* @param createPermissions 待添加权限列表
|
||||
*/
|
||||
private void createContractPermissions(CrmPermissionSaveReqVO reqVO, Long userId, List<CrmPermissionCreateReqBO> createPermissions) {
|
||||
// 1. 校验是否被同时添加
|
||||
Integer type = CrmBizTypeEnum.CRM_CONTRACT.getType();
|
||||
if (!reqVO.getToBizTypes().contains(type)) {
|
||||
return;
|
||||
}
|
||||
|
||||
// 2.1 添加数据权限
|
||||
List<CrmContractDO> contractList = contractService.getContractListByCustomerIdOwnerUserId(reqVO.getBizId(), userId);
|
||||
contractList.forEach(item -> {
|
||||
createBizTypePermissions(reqVO, type, item.getId(), item.getName(), createPermissions);
|
||||
});
|
||||
}
|
||||
|
||||
private void createBizTypePermissions(CrmPermissionSaveReqVO reqVO, Integer type, Long bizId, String name,
|
||||
List<CrmPermissionCreateReqBO> createPermissions) {
|
||||
AdminUserRespDTO user = adminUserApi.getUser(reqVO.getUserId());
|
||||
// 1. 需要考虑,被添加人,是不是应该有对应的权限了;
|
||||
CrmPermissionDO permission = hasAnyPermission(type, bizId, reqVO.getUserId());
|
||||
if (ObjUtil.isNotNull(permission)) {
|
||||
throw exception(CRM_PERMISSION_CREATE_FAIL_EXISTS, user.getNickname(), CrmBizTypeEnum.getNameByType(type),
|
||||
name, CrmPermissionLevelEnum.getNameByLevel(permission.getLevel()));
|
||||
}
|
||||
// 2. 添加数据权限
|
||||
createPermissions.add(new CrmPermissionCreateReqBO().setBizType(type)
|
||||
.setBizId(bizId).setUserId(reqVO.getUserId()).setLevel(reqVO.getLevel()));
|
||||
}
|
||||
|
||||
@Override
|
||||
@Transactional(rollbackFor = Exception.class)
|
||||
public Long createPermission(CrmPermissionCreateReqBO createReqBO) {
|
||||
return createPermission0(createReqBO);
|
||||
}
|
||||
|
||||
private Long createPermission0(CrmPermissionCreateReqBO createReqBO) {
|
||||
validatePermissionNotExists(Collections.singletonList(createReqBO));
|
||||
// 1. 校验用户是否存在
|
||||
adminUserApi.validateUserList(Collections.singletonList(createReqBO.getUserId()));
|
||||
@ -170,7 +287,7 @@ public class CrmPermissionServiceImpl implements CrmPermissionService {
|
||||
throw exception(CRM_PERMISSION_DELETE_FAIL);
|
||||
}
|
||||
// 校验操作人是否为负责人
|
||||
CrmPermissionDO permission = permissionMapper.selectByBizIdAndUserId(permissions.get(0).getBizId(), userId);
|
||||
CrmPermissionDO permission = permissionMapper.selectByBizAndUserId(permissions.get(0).getBizType(), permissions.get(0).getBizId(), userId);
|
||||
if (permission == null) {
|
||||
throw exception(CRM_PERMISSION_DELETE_DENIED);
|
||||
}
|
||||
@ -220,4 +337,9 @@ public class CrmPermissionServiceImpl implements CrmPermissionService {
|
||||
ObjUtil.equal(permission.getUserId(), userId) && ObjUtil.equal(permission.getLevel(), level.getLevel()));
|
||||
}
|
||||
|
||||
public CrmPermissionDO hasAnyPermission(Integer bizType, Long bizId, Long userId) {
|
||||
List<CrmPermissionDO> permissionList = permissionMapper.selectByBizTypeAndBizId(bizType, bizId);
|
||||
return findFirst(permissionList, permission -> ObjUtil.equal(permission.getUserId(), userId));
|
||||
}
|
||||
|
||||
}
|
||||
|
||||
Loading…
Reference in New Issue
Block a user