!762 crm:完善 code review 数据权限提到的问题

Merge pull request !762 from puhui999/feature/crm
This commit is contained in:
芋道源码 2023-11-28 12:33:19 +00:00 committed by Gitee
commit 6f882ca24e
No known key found for this signature in database
GPG Key ID: 173E9B9CA92EEF8F
6 changed files with 55 additions and 47 deletions

View File

@ -31,6 +31,7 @@ import java.util.Map;
import java.util.stream.Stream;
import static cn.iocoder.yudao.framework.common.pojo.CommonResult.success;
import static cn.iocoder.yudao.framework.common.pojo.PageParam.PAGE_SIZE_NONE;
import static cn.iocoder.yudao.framework.common.util.collection.CollectionUtils.convertSet;
import static cn.iocoder.yudao.framework.common.util.collection.CollectionUtils.convertSetByFlatMap;
import static cn.iocoder.yudao.framework.operatelog.core.enums.OperateTypeEnum.EXPORT;
@ -115,7 +116,7 @@ public class CrmCustomerController {
@OperateLog(type = EXPORT)
public void exportCustomerExcel(@Valid CrmCustomerPageReqVO pageVO,
HttpServletResponse response) throws IOException {
// TODO @puhui999看看复用 getCustomerPage 方法然后可以禁用下分页
pageVO.setPageSize(PAGE_SIZE_NONE); // 不分页
List<CrmCustomerDO> list = customerService.getCustomerPage(pageVO, getLoginUserId()).getList();
// 导出 Excel
List<CrmCustomerExcelVO> datas = CrmCustomerConvert.INSTANCE.convertList02(list);
@ -168,9 +169,6 @@ public class CrmCustomerController {
@PreAuthorize("@ss.hasPermission('crm:customer:distribute')")
public CommonResult<Boolean> distributeCustomer(@RequestParam(value = "ids") List<Long> ids,
@RequestParam(value = "ownerUserId") Long ownerUserId) {
// 校验负责人是否存在
// TODO @puhui999这个校验是不是可以收到 validateUserList
adminUserApi.validateUserList(singletonList(ownerUserId));
// 领取公海数据
customerService.receiveCustomer(ids, ownerUserId);
return success(true);

View File

@ -80,7 +80,7 @@ public class CrmPermissionController {
@DeleteMapping("/delete-self")
@Operation(summary = "删除自己的数据权限")
@Parameter(name = "id", description = "数据权限编号", required = true, example = "1024")
@PreAuthorize("@ss.hasPermission('crm:permission:delete')") // TODO puhui999: 数据权限在页面上只是已团队成员组件的形式出现那么这个权限怎么分配
@PreAuthorize("@ss.hasPermission('crm:permission:delete')")
public CommonResult<Boolean> deleteSelfPermission(@RequestParam("id") Long id) {
permissionService.deleteSelfPermission(id, getLoginUserId());
return success(true);

View File

@ -23,7 +23,7 @@ import static cn.iocoder.yudao.framework.common.util.collection.MapUtils.findAnd
/**
* Crm 数据权限 Convert
*
* @author Wanwan
* @author HUIHUI
*/
@Mapper
public interface CrmPermissionConvert {

View File

@ -25,38 +25,14 @@ import java.util.List;
@Mapper
public interface CrmCustomerMapper extends BaseMapperX<CrmCustomerDO> {
static void appendQueryParams(MPJLambdaWrapperX<CrmCustomerDO> mpjLambdaWrapperX, CrmCustomerPageReqVO pageReqVO, Long userId) {
if (pageReqVO.getPool()) { // 情况一公海
mpjLambdaWrapperX.isNull(CrmCustomerDO::getOwnerUserId);
} else { // 情况二不是公海
mpjLambdaWrapperX.isNotNull(CrmCustomerDO::getOwnerUserId);
}
// TODO 场景数据过滤
if (CrmSceneEnum.isOwner(pageReqVO.getSceneType())) { // 场景一我负责的数据
mpjLambdaWrapperX.eq(CrmCustomerDO::getOwnerUserId, userId);
}
}
static void appendQueryParams(LambdaQueryWrapperX<CrmCustomerDO> lambdaQueryWrapperX, CrmCustomerPageReqVO pageReqVO, Long userId) {
if (pageReqVO.getPool()) { // 情况一公海
lambdaQueryWrapperX.isNull(CrmCustomerDO::getOwnerUserId);
} else { // 情况二不是公海
lambdaQueryWrapperX.isNotNull(CrmCustomerDO::getOwnerUserId);
}
// TODO 场景数据过滤
if (CrmSceneEnum.isOwner(pageReqVO.getSceneType())) { // 场景一我负责的数据
lambdaQueryWrapperX.eq(CrmCustomerDO::getOwnerUserId, userId);
}
}
default int updateOwnerUserIdById(Long id, Long ownerUserId) {
return update(new LambdaUpdateWrapper<CrmCustomerDO>()
.eq(CrmCustomerDO::getId, id)
.set(CrmCustomerDO::getOwnerUserId, ownerUserId));
}
default PageResult<CrmCustomerDO> selectPage(CrmCustomerPageReqVO pageReqVO, Long userId, Boolean admin) {
if (admin) { // 情况一管理员查看
default PageResult<CrmCustomerDO> selectPageWithAdmin(CrmCustomerPageReqVO pageReqVO, Long userId) {
// 情况一管理员查看
LambdaQueryWrapperX<CrmCustomerDO> queryWrapperX = new LambdaQueryWrapperX<>();
appendQueryParams(queryWrapperX, pageReqVO, userId);
return selectPage(pageReqVO, queryWrapperX
@ -66,6 +42,8 @@ public interface CrmCustomerMapper extends BaseMapperX<CrmCustomerDO> {
.eqIfPresent(CrmCustomerDO::getLevel, pageReqVO.getLevel())
.eqIfPresent(CrmCustomerDO::getSource, pageReqVO.getSource()));
}
default PageResult<CrmCustomerDO> selectPage(CrmCustomerPageReqVO pageReqVO, Long userId) {
// 情况二获取当前用户能看的分页数据
IPage<CrmCustomerDO> mpPage = MyBatisUtils.buildPage(pageReqVO);
MPJLambdaWrapperX<CrmCustomerDO> mpjLambdaWrapperX = new MPJLambdaWrapperX<>();
@ -91,4 +69,28 @@ public interface CrmCustomerMapper extends BaseMapperX<CrmCustomerDO> {
return new PageResult<>(mpPage.getRecords(), mpPage.getTotal());
}
static void appendQueryParams(MPJLambdaWrapperX<CrmCustomerDO> mpjLambdaWrapperX, CrmCustomerPageReqVO pageReqVO, Long userId) {
if (pageReqVO.getPool()) { // 情况一公海
mpjLambdaWrapperX.isNull(CrmCustomerDO::getOwnerUserId);
} else { // 情况二不是公海
mpjLambdaWrapperX.isNotNull(CrmCustomerDO::getOwnerUserId);
}
// TODO 场景数据过滤
if (CrmSceneEnum.isOwner(pageReqVO.getSceneType())) { // 场景一我负责的数据
mpjLambdaWrapperX.eq(CrmCustomerDO::getOwnerUserId, userId);
}
}
static void appendQueryParams(LambdaQueryWrapperX<CrmCustomerDO> lambdaQueryWrapperX, CrmCustomerPageReqVO pageReqVO, Long userId) {
if (pageReqVO.getPool()) { // 情况一公海
lambdaQueryWrapperX.isNull(CrmCustomerDO::getOwnerUserId);
} else { // 情况二不是公海
lambdaQueryWrapperX.isNotNull(CrmCustomerDO::getOwnerUserId);
}
// TODO 场景数据过滤
if (CrmSceneEnum.isOwner(pageReqVO.getSceneType())) { // 场景一我负责的数据
lambdaQueryWrapperX.eq(CrmCustomerDO::getOwnerUserId, userId);
}
}
}

View File

@ -13,6 +13,7 @@ import cn.iocoder.yudao.module.crm.framework.enums.CrmBizTypeEnum;
import cn.iocoder.yudao.module.crm.framework.enums.CrmPermissionLevelEnum;
import cn.iocoder.yudao.module.crm.service.permission.CrmPermissionService;
import cn.iocoder.yudao.module.crm.service.permission.bo.CrmPermissionCreateReqBO;
import cn.iocoder.yudao.module.system.api.user.AdminUserApi;
import org.springframework.stereotype.Service;
import org.springframework.transaction.annotation.Transactional;
import org.springframework.validation.annotation.Validated;
@ -25,6 +26,7 @@ import java.util.Objects;
import static cn.iocoder.yudao.framework.common.exception.util.ServiceExceptionUtil.exception;
import static cn.iocoder.yudao.module.crm.enums.ErrorCodeConstants.*;
import static java.util.Collections.singletonList;
/**
* 客户 Service 实现类
@ -40,6 +42,8 @@ public class CrmCustomerServiceImpl implements CrmCustomerService {
@Resource
private CrmPermissionService crmPermissionService;
@Resource
private AdminUserApi adminUserApi;
@Override
@Transactional(rollbackFor = Exception.class)
@ -96,9 +100,12 @@ public class CrmCustomerServiceImpl implements CrmCustomerService {
@Override
public PageResult<CrmCustomerDO> getCustomerPage(CrmCustomerPageReqVO pageReqVO, Long userId) {
// 1.1. TODO 如果是超级管理员
boolean admin = false;
return customerMapper.selectPage(pageReqVO, userId, admin);
if (admin) { // 1.1. 情况一 TODO 如果是管理员
customerMapper.selectPageWithAdmin(pageReqVO, userId);
}
// 1.2. 情况二获取当前用户能看的分页数据
return customerMapper.selectPage(pageReqVO, userId);
}
/**
@ -174,7 +181,9 @@ public class CrmCustomerServiceImpl implements CrmCustomerService {
if (customers.size() != ids.size()) {
throw exception(CUSTOMER_NOT_EXISTS);
}
// 1.2. 校验状态
// 1.2. 校验负责人是否存在
adminUserApi.validateUserList(singletonList(ownerUserId));
// 1.3. 校验状态
customers.forEach(customer -> {
// 校验是否已有负责人
validateCustomerOwnerExists(customer, false);

View File

@ -19,11 +19,10 @@ import static cn.iocoder.yudao.framework.common.util.date.DateUtils.FORMAT_YEAR_
@ToString(callSuper = true)
public class BannerPageReqVO extends PageParam {
// TODO @puhui999example
@Schema(description = "标题")
@Schema(description = "标题", example = "这是一个标题")
private String title;
@Schema(description = "状态")
@Schema(description = "状态", example = "1")
@InEnum(CommonStatusEnum.class)
private Integer status;