mirror of
https://gitee.com/huangge1199_admin/vue-pro.git
synced 2024-11-22 07:11:52 +08:00
code review:权限模块
This commit is contained in:
YunaiV
parent
716b081464
commit
86050d411b
@ -7,6 +7,7 @@ import lombok.Getter;
|
||||
|
||||
import java.util.Arrays;
|
||||
|
||||
// TODO @puhui999:这个应该是 crm 全局的,不仅仅属于 customer 客户哈;
|
||||
/**
|
||||
* CRM 客户等级
|
||||
*
|
||||
|
||||
@ -17,12 +17,13 @@ public class CrmBusinessTransferReqVO {
|
||||
/**
|
||||
* 新负责人的用户编号
|
||||
*/
|
||||
@NotNull(message = "新负责人的用户编号不能为空")
|
||||
@Schema(description = "新负责人的用户编号", requiredMode = Schema.RequiredMode.REQUIRED, example = "10430")
|
||||
@NotNull(message = "新负责人的用户编号不能为空")
|
||||
private Long newOwnerUserId;
|
||||
|
||||
/**
|
||||
* 老负责人加入团队后的权限级别。如果 null 说明移除
|
||||
*
|
||||
* 关联 {@link CrmPermissionLevelEnum}
|
||||
*/
|
||||
@Schema(description = "老负责人加入团队后的权限级别", requiredMode = Schema.RequiredMode.REQUIRED, example = "2")
|
||||
|
||||
@ -17,12 +17,13 @@ public class CrmContactTransferReqVO {
|
||||
/**
|
||||
* 新负责人的用户编号
|
||||
*/
|
||||
@NotNull(message = "新负责人的用户编号不能为空")
|
||||
@Schema(description = "新负责人的用户编号", requiredMode = Schema.RequiredMode.REQUIRED, example = "10430")
|
||||
@NotNull(message = "新负责人的用户编号不能为空")
|
||||
private Long newOwnerUserId;
|
||||
|
||||
/**
|
||||
* 老负责人加入团队后的权限级别。如果 null 说明移除
|
||||
*
|
||||
* 关联 {@link CrmPermissionLevelEnum}
|
||||
*/
|
||||
@Schema(description = "老负责人加入团队后的权限级别", requiredMode = Schema.RequiredMode.REQUIRED, example = "2")
|
||||
|
||||
@ -17,12 +17,13 @@ public class CrmContractTransferReqVO {
|
||||
/**
|
||||
* 新负责人的用户编号
|
||||
*/
|
||||
@NotNull(message = "新负责人的用户编号不能为空")
|
||||
@Schema(description = "新负责人的用户编号", requiredMode = Schema.RequiredMode.REQUIRED, example = "10430")
|
||||
@NotNull(message = "新负责人的用户编号不能为空")
|
||||
private Long newOwnerUserId;
|
||||
|
||||
/**
|
||||
* 老负责人加入团队后的权限级别。如果 null 说明移除
|
||||
*
|
||||
* 关联 {@link CrmPermissionLevelEnum}
|
||||
*/
|
||||
@Schema(description = "老负责人加入团队后的权限级别", requiredMode = Schema.RequiredMode.REQUIRED, example = "2")
|
||||
|
||||
@ -106,6 +106,7 @@ public class CrmCustomerController {
|
||||
return success(CrmCustomerConvert.INSTANCE.convert(customer, ownerMap, userMap, deptMap));
|
||||
}
|
||||
|
||||
// TODO @puhui999:可以在 CrmCustomerPageReqVO 里面加个 pool 参数,为 true 时,代表来自公海客户的分页
|
||||
@GetMapping("/page")
|
||||
@Operation(summary = "获得客户分页")
|
||||
@PreAuthorize("@ss.hasPermission('crm:customer:query')")
|
||||
@ -115,7 +116,7 @@ public class CrmCustomerController {
|
||||
return success(PageResult.empty(pageResult.getTotal()));
|
||||
}
|
||||
// 拼接数据
|
||||
// TODO 芋艿:需要 review 下;
|
||||
// TODO @puhui999:这块的拼接逻辑,可以和 convertPage 合并下;
|
||||
// Map<Long, AdminUserRespDTO> userMap = adminUserApi.getUserMap(
|
||||
// convertSetByFlatMap(pageResult.getList(), user -> Stream.of(NumberUtil.parseLong(user.getCreator()), user.getOwnerUserId())));
|
||||
// Map<Long, DeptRespDTO> deptMap = deptApi.getDeptMap(
|
||||
@ -123,6 +124,7 @@ public class CrmCustomerController {
|
||||
return convertPage(customerService.getCustomerPage(pageVO, getLoginUserId()));
|
||||
}
|
||||
|
||||
// TODO @puhui999:
|
||||
@GetMapping("/pool-page")
|
||||
@Operation(summary = "获得公海客户分页")
|
||||
@PreAuthorize("@ss.hasPermission('crm:customer:query')")
|
||||
|
||||
@ -29,7 +29,9 @@ public class CrmCustomerPageReqVO extends PageParam {
|
||||
private Integer source;
|
||||
|
||||
/**
|
||||
* 场景类型,关联 {@link CrmCustomerSceneEnum}
|
||||
* 场景类型
|
||||
*
|
||||
* 关联 {@link CrmCustomerSceneEnum}
|
||||
*/
|
||||
@Schema(description = "场景类型", example = "1")
|
||||
private Integer sceneType;
|
||||
|
||||
@ -17,12 +17,13 @@ public class CrmCustomerTransferReqVO {
|
||||
/**
|
||||
* 新负责人的用户编号
|
||||
*/
|
||||
@NotNull(message = "新负责人的用户编号不能为空")
|
||||
@Schema(description = "新负责人的用户编号", requiredMode = Schema.RequiredMode.REQUIRED, example = "10430")
|
||||
@NotNull(message = "新负责人的用户编号不能为空")
|
||||
private Long newOwnerUserId;
|
||||
|
||||
/**
|
||||
* 老负责人加入团队后的权限级别。如果 null 说明移除
|
||||
*
|
||||
* 关联 {@link CrmPermissionLevelEnum}
|
||||
*/
|
||||
@Schema(description = "老负责人加入团队后的权限级别", requiredMode = Schema.RequiredMode.REQUIRED, example = "2")
|
||||
|
||||
@ -55,16 +55,18 @@ public class CrmPermissionController {
|
||||
@Resource
|
||||
private PostApi postApi;
|
||||
|
||||
// TODO @puhui999:保持统一,create 噢;然后是 PostMapping
|
||||
@PutMapping("/add")
|
||||
@Operation(summary = "添加团队成员")
|
||||
@PreAuthorize("@ss.hasPermission('crm:permission:create')")
|
||||
@CrmPermission(bizType = CrmBizTypeEnum.CRM_PERMISSION, bizTypeValue = "#reqVO.bizType", bizId = "#reqVO.bizId"
|
||||
, level = CrmPermissionLevelEnum.OWNER)
|
||||
@CrmPermission(bizType = CrmBizTypeEnum.CRM_PERMISSION, bizTypeValue = "#reqVO.bizType", bizId = "#reqVO.bizId",
|
||||
level = CrmPermissionLevelEnum.OWNER)
|
||||
public CommonResult<Boolean> addPermission(@Valid @RequestBody CrmPermissionCreateReqVO reqVO) {
|
||||
permissionService.createPermission(CrmPermissionConvert.INSTANCE.convert(reqVO));
|
||||
return success(true);
|
||||
}
|
||||
|
||||
// TODO @puhui999:领取公海客户,是不是放到客户那更合适哈?
|
||||
@PutMapping("/receive")
|
||||
@Operation(summary = "领取公海数据")
|
||||
@PreAuthorize("@ss.hasPermission('crm:permission:update')")
|
||||
@ -73,6 +75,7 @@ public class CrmPermissionController {
|
||||
return success(true);
|
||||
}
|
||||
|
||||
// TODO @puhui999:是不是放到客户那更合适哈?
|
||||
@PutMapping("/put-pool")
|
||||
@Operation(summary = "数据放入公海")
|
||||
@PreAuthorize("@ss.hasPermission('crm:permission:update')")
|
||||
@ -93,6 +96,7 @@ public class CrmPermissionController {
|
||||
return success(true);
|
||||
}
|
||||
|
||||
// TODO @puhui999:bizType 和 bizId 是不是不用啦;因为参数校验需要 bizType 和 bizId,可以先查询下,在直接调用方法;不一定都要注解哈;
|
||||
@DeleteMapping("/delete")
|
||||
@Operation(summary = "移除团队成员")
|
||||
@Parameters({
|
||||
@ -110,9 +114,11 @@ public class CrmPermissionController {
|
||||
return success(true);
|
||||
}
|
||||
|
||||
// TODO @puhui999:deleteSelfPermission;尽量归成 crud 这样的操作哈;
|
||||
@DeleteMapping("/quit-team")
|
||||
@Operation(summary = "退出团队")
|
||||
@Parameters({
|
||||
// TODO @puhui999:这个可以拿出来,不用包在 @Parameters 里,在只有一个参数时哈;
|
||||
@Parameter(name = "id", description = "团队成员编号", required = true, example = "1024")
|
||||
})
|
||||
@PreAuthorize("@ss.hasPermission('crm:permission:delete')")
|
||||
@ -143,6 +149,7 @@ public class CrmPermissionController {
|
||||
}
|
||||
// TODO @puhui999:池子的逻辑;
|
||||
// 判断是否是公海数据
|
||||
// TODO @puhui999:这段逻辑,可以删除么?
|
||||
Predicate<CrmPermissionDO> filter = item -> ObjUtil.equal(item.getUserId(), CrmPermissionDO.POOL_USER_ID);
|
||||
if (anyMatch(permission, filter)) {
|
||||
permission.removeIf(filter); // 排除
|
||||
@ -151,6 +158,7 @@ public class CrmPermissionController {
|
||||
// 拼接数据
|
||||
List<AdminUserRespDTO> userList = adminUserApi.getUserList(convertSet(permission, CrmPermissionDO::getUserId));
|
||||
Map<Long, DeptRespDTO> deptMap = deptApi.getDeptMap(convertSet(userList, AdminUserRespDTO::getDeptId));
|
||||
// TODO @puhui999:CollectionUtils.convertSetByFlatMap() 看看可以不
|
||||
Set<Long> postIds = userList.stream().flatMap(item -> item.getPostIds().stream()).collect(Collectors.toSet());
|
||||
Map<Long, PostRespDTO> postMap = postApi.getPostMap(postIds);
|
||||
return success(CrmPermissionConvert.INSTANCE.convert(permission, userList, deptMap, postMap));
|
||||
|
||||
@ -21,13 +21,13 @@ public class CrmPermissionBaseVO {
|
||||
@NotNull(message = "用户编号不能为空")
|
||||
private Long userId;
|
||||
|
||||
@Schema(description = "Crm 类型", requiredMode = Schema.RequiredMode.REQUIRED, example = "2")
|
||||
@Schema(description = "CRM 类型", requiredMode = Schema.RequiredMode.REQUIRED, example = "2")
|
||||
@InEnum(CrmBizTypeEnum.class)
|
||||
@NotNull(message = "Crm 类型不能为空")
|
||||
@NotNull(message = "CRM 类型不能为空")
|
||||
private Integer bizType;
|
||||
|
||||
@Schema(description = "Crm 类型数据编号", requiredMode = Schema.RequiredMode.REQUIRED, example = "1024")
|
||||
@NotNull(message = "Crm 类型数据编号不能为空")
|
||||
@Schema(description = "CRM 类型数据编号", requiredMode = Schema.RequiredMode.REQUIRED, example = "1024")
|
||||
@NotNull(message = "CRM 类型数据编号不能为空")
|
||||
private Long bizId;
|
||||
|
||||
@Schema(description = "权限级别", requiredMode = Schema.RequiredMode.REQUIRED, example = "2")
|
||||
|
||||
@ -13,12 +13,12 @@ public class CrmPermissionRespVO extends CrmPermissionBaseVO {
|
||||
@Schema(description = "数据权限编号", requiredMode = Schema.RequiredMode.REQUIRED, example = "13563")
|
||||
private Long id;
|
||||
|
||||
@Schema(description = "部门名称", requiredMode = Schema.RequiredMode.REQUIRED, example = "研发部")
|
||||
private String deptName;
|
||||
|
||||
@Schema(description = "用户昵称", requiredMode = Schema.RequiredMode.REQUIRED, example = "芋艿")
|
||||
private String nickname;
|
||||
|
||||
@Schema(description = "部门名称", requiredMode = Schema.RequiredMode.REQUIRED, example = "研发部")
|
||||
private String deptName;
|
||||
|
||||
@Schema(description = "岗位名称数组", requiredMode = Schema.RequiredMode.REQUIRED, example = "[BOOS,经理]")
|
||||
private Set<String> postNames;
|
||||
|
||||
|
||||
@ -81,6 +81,7 @@ public interface CrmCustomerConvert {
|
||||
|
||||
PageResult<CrmCustomerRespVO> convertPage(PageResult<CrmCustomerDO> page);
|
||||
|
||||
// TODO @puhui999:两个 convertPage 的逻辑,合并下;
|
||||
default PageResult<CrmCustomerRespVO> convertPage(PageResult<CrmCustomerDO> pageResult, Map<Long, CrmPermissionDO> ownerMap,
|
||||
Map<Long, AdminUserRespDTO> userMap, Map<Long, DeptRespDTO> deptMap) {
|
||||
PageResult<CrmCustomerRespVO> result = convertPage(pageResult);
|
||||
|
||||
@ -56,6 +56,7 @@ public interface CrmPermissionConvert {
|
||||
}
|
||||
|
||||
default List<CrmPermissionDO> convertList(CrmPermissionUpdateReqVO updateReqVO) {
|
||||
// TODO @puhui999:CollectionUtils.convert
|
||||
List<CrmPermissionDO> permissions = new ArrayList<>();
|
||||
updateReqVO.getIds().forEach(id -> {
|
||||
permissions.add(new CrmPermissionDO().setId(id).setLevel(updateReqVO.getLevel()));
|
||||
|
||||
@ -24,6 +24,7 @@ import lombok.*;
|
||||
public class CrmPermissionDO extends BaseDO {
|
||||
|
||||
// TODO puhui999:是不是公海的数据,就不插入了;这样方便获取公海数据鸭
|
||||
// TODO @puhui999:每个数据那的负责人,我想了下,还是存储的;
|
||||
/**
|
||||
* 当数据变为公海数据时,也就是数据团队成员中没有负责人的时候,将原本的负责人 userId 设置为 POOL_USER_ID 方便查询公海数据。
|
||||
* 也就是说每条数据到最后都有一个负责人,如果有人领取则 userId 为领取人
|
||||
|
||||
@ -26,6 +26,7 @@ public interface CrmBusinessMapper extends BaseMapperX<CrmBusinessDO> {
|
||||
.orderByDesc(CrmBusinessDO::getId));
|
||||
}
|
||||
|
||||
// TODO @puhui999:selectList 噢;
|
||||
default List<CrmBusinessDO> selectPage(CrmBusinessExportReqVO reqVO) {
|
||||
return selectList(new LambdaQueryWrapperX<CrmBusinessDO>()
|
||||
.likeIfPresent(CrmBusinessDO::getName, reqVO.getName())
|
||||
|
||||
@ -12,7 +12,7 @@ import static java.lang.annotation.ElementType.ANNOTATION_TYPE;
|
||||
import static java.lang.annotation.ElementType.METHOD;
|
||||
|
||||
/**
|
||||
* Crm 数据操作权限校验 AOP 注解
|
||||
* CRM 数据操作权限校验 AOP 注解
|
||||
*
|
||||
* @author HUIHUI
|
||||
*/
|
||||
@ -22,18 +22,19 @@ import static java.lang.annotation.ElementType.METHOD;
|
||||
public @interface CrmPermission {
|
||||
|
||||
/**
|
||||
* crm 类型
|
||||
* CRM 类型
|
||||
*/
|
||||
CrmBizTypeEnum bizType();
|
||||
|
||||
/**
|
||||
* crm 类型扩展
|
||||
* 用于 CrmPermissionController 团队权限校验
|
||||
* CRM 类型扩展,通过 Spring EL 表达式获取到 {@link #bizType()}
|
||||
*
|
||||
* 目的:用于 CrmPermissionController 团队权限校验
|
||||
*/
|
||||
String bizTypeValue() default "";
|
||||
|
||||
/**
|
||||
* 数据编号,通过 spring el 表达式获取
|
||||
* 数据编号,通过 Spring EL 表达式获取
|
||||
* TODO 数据权限完成后去除 default ""
|
||||
*/
|
||||
String bizId() default "";
|
||||
|
||||
@ -108,6 +108,8 @@ public class CrmPermissionAspect {
|
||||
throw exception(CRM_PERMISSION_DENIED, crmPermission.bizType().getName());
|
||||
}
|
||||
|
||||
|
||||
// TODO @puhui999:这块看看能不能用 SpringExpressionUtils 工具类;
|
||||
private KeyValue<Long, Integer> getBizIdAndBizType(JoinPoint joinPoint, CrmPermission crmPermission) throws NoSuchMethodException {
|
||||
Method method = getMethod(joinPoint);
|
||||
// 1. 获取方法的参数值
|
||||
|
||||
@ -4,6 +4,7 @@ import org.springframework.context.annotation.Bean;
|
||||
import org.springframework.context.annotation.Configuration;
|
||||
import org.springframework.expression.spel.standard.SpelExpressionParser;
|
||||
|
||||
// TODO @puhui999:SpringExpressionUtils
|
||||
/**
|
||||
* 注册 Spel 所需 Bean
|
||||
*
|
||||
|
||||
@ -17,6 +17,7 @@ import java.util.Arrays;
|
||||
@Getter
|
||||
public enum CrmBizTypeEnum implements IntArrayValuable {
|
||||
|
||||
// TODO @puhui999:如果类似 CrmBizPermission 的 bizType 需要为空,可以设置它是数组,参考 Telephone 的 payload
|
||||
CRM_PERMISSION(0, "团队"), // CrmPermissionController 中使用
|
||||
CRM_LEADS(1, "线索"),
|
||||
CRM_CUSTOMER(2, "客户"),
|
||||
|
||||
@ -103,6 +103,7 @@ public class CrmBusinessServiceImpl implements CrmBusinessService {
|
||||
@Override
|
||||
public PageResult<CrmBusinessDO> getBusinessPage(CrmBusinessPageReqVO pageReqVO, Long userId) {
|
||||
// 1. 获取当前用户能看的分页数据
|
||||
// TODO @puhui999:如果业务的数据量比较大,in 太多可能有性能问题噢;看看是不是搞成 join 连表了;可以微信讨论下;
|
||||
List<CrmPermissionDO> permissions = crmPermissionService.getPermissionListByBizTypeAndUserId(
|
||||
CrmBizTypeEnum.CRM_BUSINESS.getType(), userId);
|
||||
Set<Long> ids = convertSet(permissions, CrmPermissionDO::getBizId);
|
||||
|
||||
@ -100,6 +100,7 @@ public class CrmCustomerServiceImpl implements CrmCustomerService {
|
||||
return customerMapper.selectPage(pageReqVO, Collections.emptyList());
|
||||
}
|
||||
// 1.2 获取当前用户能看的分页数据
|
||||
// TODO @puhui999:如果业务的数据量比较大,in 太多可能有性能问题噢;看看是不是搞成 join 连表了;可以微信讨论下;
|
||||
List<CrmPermissionDO> permissions = crmPermissionService.getPermissionListByBizTypeAndUserId(
|
||||
CrmBizTypeEnum.CRM_CUSTOMER.getType(), userId);
|
||||
// 1.3 TODO 场景数据过滤
|
||||
|
||||
@ -24,8 +24,9 @@ import static cn.iocoder.yudao.framework.common.exception.util.ServiceExceptionU
|
||||
import static cn.iocoder.yudao.module.crm.enums.ErrorCodeConstants.*;
|
||||
import static cn.iocoder.yudao.module.crm.framework.enums.CrmPermissionLevelEnum.isOwner;
|
||||
|
||||
// TODO @puhui999:尽量规避用“团队”这个词哈;这个只是我们给前端展示用的;
|
||||
/**
|
||||
* crm 数据权限 Service 接口实现类
|
||||
* CRM 数据权限 Service 接口实现类
|
||||
*
|
||||
* @author HUIHUI
|
||||
*/
|
||||
@ -117,6 +118,7 @@ public class CrmPermissionServiceImpl implements CrmPermissionService {
|
||||
// 1.2 校验新负责人是否存在
|
||||
adminUserApi.validateUserList(Collections.singletonList(transferReqBO.getNewOwnerUserId()));
|
||||
|
||||
// TODO @puhui999:2. 和 2.1 合并成 2;2.2 单独成 3;说白了,就是 2. 修改新负责人的权限;3. 修改老负责人的权限;这样整体注释会简洁一点,也清晰一点;
|
||||
// 2. 权限转移
|
||||
List<CrmPermissionDO> permissions = crmPermissionMapper.selectByBizTypeAndBizId(
|
||||
transferReqBO.getBizType(), transferReqBO.getBizId()); // 获取所有团队成员
|
||||
@ -127,7 +129,6 @@ public class CrmPermissionServiceImpl implements CrmPermissionService {
|
||||
crmPermissionMapper.insert(new CrmPermissionDO().setBizType(transferReqBO.getBizType())
|
||||
.setBizId(transferReqBO.getBizId()).setUserId(transferReqBO.getNewOwnerUserId())
|
||||
.setLevel(CrmPermissionLevelEnum.OWNER.getLevel()));
|
||||
|
||||
} else { // 存在则修改权限级别
|
||||
crmPermissionMapper.updateById(new CrmPermissionDO().setId(permission.getId())
|
||||
.setLevel(CrmPermissionLevelEnum.OWNER.getLevel()));
|
||||
@ -138,7 +139,7 @@ public class CrmPermissionServiceImpl implements CrmPermissionService {
|
||||
.setLevel(transferReqBO.getOldOwnerPermissionLevel())); // 设置加入团队后的级别
|
||||
return;
|
||||
}
|
||||
crmPermissionMapper.deleteById(oldPermission.getId()); // 移除
|
||||
crmPermissionMapper.deleteById(oldPermission.getId());
|
||||
}
|
||||
|
||||
@Override
|
||||
@ -164,7 +165,7 @@ public class CrmPermissionServiceImpl implements CrmPermissionService {
|
||||
if (permission == null) { // 不存在则模块数据也不存在
|
||||
throw exception(CRM_PERMISSION_MODEL_NOT_EXISTS, CrmBizTypeEnum.getNameByType(bizType));
|
||||
}
|
||||
|
||||
// 更新
|
||||
crmPermissionMapper.updateById(new CrmPermissionDO().setId(permission.getId()).setUserId(CrmPermissionDO.POOL_USER_ID));
|
||||
}
|
||||
|
||||
|
||||
@ -22,7 +22,7 @@ public class CrmPermissionTransferReqBO {
|
||||
private Long userId;
|
||||
|
||||
/**
|
||||
* Crm 类型
|
||||
* CRM 类型
|
||||
*/
|
||||
@NotNull(message = "Crm 类型不能为空")
|
||||
@InEnum(CrmBizTypeEnum.class)
|
||||
@ -30,7 +30,7 @@ public class CrmPermissionTransferReqBO {
|
||||
/**
|
||||
* 数据编号
|
||||
*/
|
||||
@NotNull(message = "Crm 数据编号不能为空")
|
||||
@NotNull(message = "CRM 数据编号不能为空")
|
||||
private Long bizId;
|
||||
|
||||
/**
|
||||
@ -41,6 +41,7 @@ public class CrmPermissionTransferReqBO {
|
||||
|
||||
/**
|
||||
* 老负责人加入团队后的权限级别。如果 null 说明移除
|
||||
*
|
||||
* 关联 {@link CrmPermissionLevelEnum}
|
||||
*/
|
||||
private Integer oldOwnerPermissionLevel;
|
||||
|
||||
@ -17,7 +17,7 @@ public class CrmPermissionUpdateReqBO {
|
||||
/**
|
||||
* 数据权限编号
|
||||
*/
|
||||
@NotNull(message = "Crm 数据权限编号不能为空")
|
||||
@NotNull(message = "数据权限编号不能为空")
|
||||
private Long id;
|
||||
|
||||
/**
|
||||
|
||||
Loading…
Reference in New Issue
Block a user