huangge1199/vue-pro
1
0
Fork 0
mirror of https://gitee.com/huangge1199_admin/vue-pro.git synced 2025-02-20 19:20:32 +08:00
Code Issues Actions Packages Projects Releases Wiki Activity

完善 CRM-客户 数据权限校验2

Browse Source
This commit is contained in:
puhui999 2023-10-31 17:42:44 +08:00
parent c6422dc657
commit a385a37c4a
12 changed files with 136 additions and 123 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

8
yudao-module-crm/yudao-module-crm-biz/src/main/java/cn/iocoder/yudao/module/crm/convert/permission/CrmPermissionConvert.java
View File

@ -1,8 +1,8 @@
package cn.iocoder.yudao.module.crm.convert.permission;
import cn.iocoder.yudao.module.crm.dal.dataobject.permission.CrmPermissionDO;
import cn.iocoder.yudao.module.crm.service.permission.bo.CrmPermissionCreateBO;
import cn.iocoder.yudao.module.crm.service.permission.bo.CrmPermissionUpdateBO;
import cn.iocoder.yudao.module.crm.service.permission.bo.CrmPermissionCreateReqBO;
import cn.iocoder.yudao.module.crm.service.permission.bo.CrmPermissionUpdateReqBO;
import org.mapstruct.Mapper;
import org.mapstruct.factory.Mappers;
@ -16,8 +16,8 @@ public interface CrmPermissionConvert {
CrmPermissionConvert INSTANCE = Mappers.getMapper(CrmPermissionConvert.class);
CrmPermissionDO convert(CrmPermissionCreateBO createBO);
CrmPermissionDO convert(CrmPermissionCreateReqBO createBO);
CrmPermissionDO convert(CrmPermissionUpdateBO updateBO);
CrmPermissionDO convert(CrmPermissionUpdateReqBO updateBO);
}

2
yudao-module-crm/yudao-module-crm-biz/src/main/java/cn/iocoder/yudao/module/crm/framework/core/aop/CrmPermissionAspect.java
View File

@ -81,7 +81,7 @@ public class CrmPermissionAspect {
}
if (isRead(permissionLevel)) { // 读权限
// 如果没有数据权限或没有负责人则表示此记录为公海数据所有人都有只读权限
if (CollUtil.isEmpty(bizPermissions) || !CollUtil.anyMatch(bizPermissions, item -> isOwner(item.getPermissionLevel()))) {
if (!CollUtil.anyMatch(bizPermissions, item -> isOwner(item.getPermissionLevel()))) {
return;
}
if (isRead(userPermission.getPermissionLevel())) { // 校验当前用户是否有读权限

7
yudao-module-crm/yudao-module-crm-biz/src/main/java/cn/iocoder/yudao/module/crm/service/business/CrmBusinessServiceImpl.java
View File

@ -11,7 +11,7 @@ import cn.iocoder.yudao.module.crm.framework.core.annotations.CrmPermission;
import cn.iocoder.yudao.module.crm.framework.enums.CrmBizTypeEnum;
import cn.iocoder.yudao.module.crm.framework.enums.CrmPermissionLevelEnum;
import cn.iocoder.yudao.module.crm.service.permission.CrmPermissionService;
import cn.iocoder.yudao.module.crm.service.permission.bo.CrmPermissionCreateBO;
import cn.iocoder.yudao.module.crm.service.permission.bo.CrmPermissionCreateReqBO;
import org.springframework.stereotype.Service;
import org.springframework.transaction.annotation.Transactional;
import org.springframework.validation.annotation.Validated;
@ -46,8 +46,8 @@ public class CrmBusinessServiceImpl implements CrmBusinessService {
businessMapper.insert(business);
// 创建数据权限
crmPermissionService.createCrmPermission(new CrmPermissionCreateBO().setCrmType(CrmBizTypeEnum.CRM_BUSINESS.getType())
.setCrmDataId(business.getId()).setOwnerUserId(userId)); // 设置当前操作的人为负责人
crmPermissionService.createPermission(new CrmPermissionCreateReqBO().setBizType(CrmBizTypeEnum.CRM_BUSINESS.getType())
.setBizId(business.getId()).setUserId(userId).setPermissionLevel(CrmPermissionLevelEnum.OWNER.getLevel())); // 设置当前操作的人为负责人
// 返回
return business.getId();
@ -117,6 +117,7 @@ public class CrmBusinessServiceImpl implements CrmBusinessService {
crmPermissionService.transferCrmPermission(
CrmBusinessConvert.INSTANCE.convert(reqVO, userId).setBizType(CrmBizTypeEnum.CRM_BUSINESS.getType()));
// 3. TODO 记录转移日志
}
}

10
yudao-module-crm/yudao-module-crm-biz/src/main/java/cn/iocoder/yudao/module/crm/service/contact/ContactServiceImpl.java
View File

@ -11,7 +11,7 @@ import cn.iocoder.yudao.module.crm.framework.core.annotations.CrmPermission;
import cn.iocoder.yudao.module.crm.framework.enums.CrmBizTypeEnum;
import cn.iocoder.yudao.module.crm.framework.enums.CrmPermissionLevelEnum;
import cn.iocoder.yudao.module.crm.service.permission.CrmPermissionService;
import cn.iocoder.yudao.module.crm.service.permission.bo.CrmPermissionCreateBO;
import cn.iocoder.yudao.module.crm.service.permission.bo.CrmPermissionCreateReqBO;
import org.springframework.stereotype.Service;
import org.springframework.transaction.annotation.Transactional;
import org.springframework.validation.annotation.Validated;
@ -46,8 +46,8 @@ public class ContactServiceImpl implements ContactService {
contactMapper.insert(contact);
// 创建数据权限
crmPermissionService.createCrmPermission(new CrmPermissionCreateBO().setCrmType(CrmBizTypeEnum.CRM_BUSINESS.getType())
.setCrmDataId(contact.getId()).setOwnerUserId(userId)); // 设置当前操作的人为负责人
crmPermissionService.createPermission(new CrmPermissionCreateReqBO().setBizType(CrmBizTypeEnum.CRM_CONTACTS.getType())
.setBizId(contact.getId()).setUserId(userId).setPermissionLevel(CrmPermissionLevelEnum.OWNER.getLevel())); // 设置当前操作的人为负责人
// 返回
return contact.getId();
@ -55,7 +55,8 @@ public class ContactServiceImpl implements ContactService {
@Override
@Transactional(rollbackFor = Exception.class)
@CrmPermission(bizType = CrmBizTypeEnum.CRM_CONTACTS, permissionLevel = CrmPermissionLevelEnum.WRITE)
@CrmPermission(bizType = CrmBizTypeEnum.CRM_CONTACTS, getIdFor = ContactUpdateReqVO.class,
permissionLevel = CrmPermissionLevelEnum.WRITE)
public void updateContact(ContactUpdateReqVO updateReqVO) {
// 校验存在
validateContactExists(updateReqVO.getId());
@ -117,6 +118,7 @@ public class ContactServiceImpl implements ContactService {
crmPermissionService.transferCrmPermission(
ContactConvert.INSTANCE.convert(reqVO, userId).setBizType(CrmBizTypeEnum.CRM_CONTACTS.getType()));
// 3. TODO 记录转移日志
}
}

10
yudao-module-crm/yudao-module-crm-biz/src/main/java/cn/iocoder/yudao/module/crm/service/contract/ContractServiceImpl.java
View File

@ -11,7 +11,7 @@ import cn.iocoder.yudao.module.crm.framework.core.annotations.CrmPermission;
import cn.iocoder.yudao.module.crm.framework.enums.CrmBizTypeEnum;
import cn.iocoder.yudao.module.crm.framework.enums.CrmPermissionLevelEnum;
import cn.iocoder.yudao.module.crm.service.permission.CrmPermissionService;
import cn.iocoder.yudao.module.crm.service.permission.bo.CrmPermissionCreateBO;
import cn.iocoder.yudao.module.crm.service.permission.bo.CrmPermissionCreateReqBO;
import org.springframework.stereotype.Service;
import org.springframework.transaction.annotation.Transactional;
import org.springframework.validation.annotation.Validated;
@ -45,8 +45,8 @@ public class ContractServiceImpl implements ContractService {
contractMapper.insert(contract);
// 创建数据权限
crmPermissionService.createCrmPermission(new CrmPermissionCreateBO().setCrmType(CrmBizTypeEnum.CRM_CONTRACT.getType())
.setCrmDataId(contract.getId()).setOwnerUserId(userId)); // 设置当前操作的人为负责人
crmPermissionService.createPermission(new CrmPermissionCreateReqBO().setBizType(CrmBizTypeEnum.CRM_CONTRACT.getType())
.setBizId(contract.getId()).setUserId(userId).setPermissionLevel(CrmPermissionLevelEnum.OWNER.getLevel())); // 设置当前操作的人为负责人
// 返回
return contract.getId();
@ -54,7 +54,8 @@ public class ContractServiceImpl implements ContractService {
@Override
@Transactional(rollbackFor = Exception.class)
@CrmPermission(bizType = CrmBizTypeEnum.CRM_CONTRACT, permissionLevel = CrmPermissionLevelEnum.WRITE)
@CrmPermission(bizType = CrmBizTypeEnum.CRM_CONTRACT, getIdFor = ContractUpdateReqVO.class,
permissionLevel = CrmPermissionLevelEnum.WRITE)
public void updateContract(ContractUpdateReqVO updateReqVO) {
// 校验存在
validateContractExists(updateReqVO.getId());
@ -115,6 +116,7 @@ public class ContractServiceImpl implements ContractService {
crmPermissionService.transferCrmPermission(
ContractConvert.INSTANCE.convert(reqVO, userId).setBizType(CrmBizTypeEnum.CRM_CONTRACT.getType()));
// 3. TODO 记录转移日志
}
}

12
yudao-module-crm/yudao-module-crm-biz/src/main/java/cn/iocoder/yudao/module/crm/service/customer/CrmCustomerServiceImpl.java
View File

@ -11,7 +11,7 @@ import cn.iocoder.yudao.module.crm.framework.core.annotations.CrmPermission;
import cn.iocoder.yudao.module.crm.framework.enums.CrmBizTypeEnum;
import cn.iocoder.yudao.module.crm.framework.enums.CrmPermissionLevelEnum;
import cn.iocoder.yudao.module.crm.service.permission.CrmPermissionService;
import cn.iocoder.yudao.module.crm.service.permission.bo.CrmPermissionCreateBO;
import cn.iocoder.yudao.module.crm.service.permission.bo.CrmPermissionCreateReqBO;
import cn.iocoder.yudao.module.system.api.dept.DeptApi;
import org.springframework.stereotype.Service;
import org.springframework.transaction.annotation.Transactional;
@ -48,8 +48,8 @@ public class CrmCustomerServiceImpl implements CrmCustomerService {
customerMapper.insert(customer);
// 创建数据权限
crmPermissionService.createCrmPermission(new CrmPermissionCreateBO().setCrmType(CrmBizTypeEnum.CRM_CUSTOMER.getType())
.setCrmDataId(customer.getId()).setOwnerUserId(userId)); // 设置当前操作的人为负责人
crmPermissionService.createPermission(new CrmPermissionCreateReqBO().setBizType(CrmBizTypeEnum.CRM_CUSTOMER.getType())
.setBizId(customer.getId()).setUserId(userId).setPermissionLevel(CrmPermissionLevelEnum.OWNER.getLevel())); // 设置当前操作的人为负责人
// 返回
return customer.getId();
@ -57,7 +57,8 @@ public class CrmCustomerServiceImpl implements CrmCustomerService {
@Override
@Transactional(rollbackFor = Exception.class)
@CrmPermission(bizType = CrmBizTypeEnum.CRM_CUSTOMER, permissionLevel = CrmPermissionLevelEnum.WRITE)
@CrmPermission(bizType = CrmBizTypeEnum.CRM_CUSTOMER, getIdFor = CrmCustomerUpdateReqVO.class,
permissionLevel = CrmPermissionLevelEnum.WRITE)
public void updateCustomer(CrmCustomerUpdateReqVO updateReqVO) {
// 校验存在
validateCustomerExists(updateReqVO.getId());
@ -112,6 +113,7 @@ public class CrmCustomerServiceImpl implements CrmCustomerService {
}
// TODO wanwanservice 接口已经注释实现类就不需要了
/**
* 校验客户是否存在
*
@ -136,6 +138,8 @@ public class CrmCustomerServiceImpl implements CrmCustomerService {
// 2. 数据权限转移
crmPermissionService.transferCrmPermission(
CrmCustomerConvert.INSTANCE.convert(reqVO, userId).setBizType(CrmBizTypeEnum.CRM_CUSTOMER.getType()));
// 3. TODO 记录转移日志
}
}

10
yudao-module-crm/yudao-module-crm-biz/src/main/java/cn/iocoder/yudao/module/crm/service/permission/CrmPermissionService.java
View File

@ -3,8 +3,8 @@ package cn.iocoder.yudao.module.crm.service.permission;
import cn.iocoder.yudao.module.crm.dal.dataobject.permission.CrmPermissionDO;
import cn.iocoder.yudao.module.crm.framework.enums.CrmBizTypeEnum;
import cn.iocoder.yudao.module.crm.service.permission.bo.CrmPermissionCreateBO;
import cn.iocoder.yudao.module.crm.service.permission.bo.CrmPermissionUpdateBO;
import cn.iocoder.yudao.module.crm.service.permission.bo.CrmPermissionCreateReqBO;
import cn.iocoder.yudao.module.crm.service.permission.bo.CrmPermissionUpdateReqBO;
import cn.iocoder.yudao.module.crm.service.permission.bo.CrmTransferPermissionReqBO;
import javax.validation.Valid;
@ -24,21 +24,21 @@ public interface CrmPermissionService {
* @param createBO 创建信息
* @return 编号
*/
Long createCrmPermission(@Valid CrmPermissionCreateBO createBO);
Long createPermission(@Valid CrmPermissionCreateReqBO createBO);
/**
* 更新数据权限
*
* @param updateBO 更新信息
*/
void updateCrmPermission(@Valid CrmPermissionUpdateBO updateBO);
void updatePermission(@Valid CrmPermissionUpdateReqBO updateBO);
/**
* 删除数据权限
*
* @param id 编号
*/
void deleteCrmPermission(Long id);
void deletePermission(Long id);
/**
* 获取用户数据权限通过 数据类型 x 某个数据 x 用户编号

10
yudao-module-crm/yudao-module-crm-biz/src/main/java/cn/iocoder/yudao/module/crm/service/permission/CrmPermissionServiceImpl.java
View File

@ -7,8 +7,8 @@ import cn.iocoder.yudao.module.crm.dal.dataobject.permission.CrmPermissionDO;
import cn.iocoder.yudao.module.crm.dal.mysql.permission.CrmPermissionMapper;
import cn.iocoder.yudao.module.crm.framework.enums.CrmBizTypeEnum;
import cn.iocoder.yudao.module.crm.framework.enums.CrmPermissionLevelEnum;
import cn.iocoder.yudao.module.crm.service.permission.bo.CrmPermissionCreateBO;
import cn.iocoder.yudao.module.crm.service.permission.bo.CrmPermissionUpdateBO;
import cn.iocoder.yudao.module.crm.service.permission.bo.CrmPermissionCreateReqBO;
import cn.iocoder.yudao.module.crm.service.permission.bo.CrmPermissionUpdateReqBO;
import cn.iocoder.yudao.module.crm.service.permission.bo.CrmTransferPermissionReqBO;
import cn.iocoder.yudao.module.system.api.user.AdminUserApi;
import cn.iocoder.yudao.module.system.api.user.dto.AdminUserRespDTO;
@ -40,7 +40,7 @@ public class CrmPermissionServiceImpl implements CrmPermissionService {
@Override
@Transactional(rollbackFor = Exception.class)
public Long createCrmPermission(CrmPermissionCreateBO createBO) {
public Long createPermission(CrmPermissionCreateReqBO createBO) {
CrmPermissionDO permission = CrmPermissionConvert.INSTANCE.convert(createBO);
crmPermissionMapper.insert(permission);
return permission.getId();
@ -48,7 +48,7 @@ public class CrmPermissionServiceImpl implements CrmPermissionService {
@Override
@Transactional(rollbackFor = Exception.class)
public void updateCrmPermission(CrmPermissionUpdateBO updateBO) {
public void updatePermission(CrmPermissionUpdateReqBO updateBO) {
validateCrmPermissionExists(updateBO.getId());
// 更新操作
CrmPermissionDO updateDO = CrmPermissionConvert.INSTANCE.convert(updateBO);
@ -57,7 +57,7 @@ public class CrmPermissionServiceImpl implements CrmPermissionService {
@Override
@Transactional(rollbackFor = Exception.class)
public void deleteCrmPermission(Long id) {
public void deletePermission(Long id) {
validateCrmPermissionExists(id);
// 删除
crmPermissionMapper.deleteById(id);

44
yudao-module-crm/yudao-module-crm-biz/src/main/java/cn/iocoder/yudao/module/crm/service/permission/bo/CrmPermissionCreateBO.java
View File

@ -1,44 +0,0 @@
package cn.iocoder.yudao.module.crm.service.permission.bo;
import cn.iocoder.yudao.module.crm.framework.enums.CrmBizTypeEnum;
import lombok.Data;
import javax.validation.constraints.NotNull;
import java.util.Set;
// TODO @puhui999一个是 Crm 前缀一个 Req 表示入参
/**
* crm 数据权限 Create BO
*
* @author HUIHUI
*/
@Data
public class CrmPermissionCreateBO {
// TODO @puhui999如果是关联字段换一行写它的注释不然看着略乱哈
/**
* Crm 类型 关联 {@link CrmBizTypeEnum}
*/
@NotNull(message = "Crm 类型不能为空")
private Integer crmType;
/**
* 数据编号 关联 {@link CrmBizTypeEnum} 对应模块 DO#getId()
*/
@NotNull(message = "Crm 数据编号不能为空")
private Long crmDataId;
/**
* 负责人的用户编号 关联 AdminUser#id, null 则为公海数据
*/
private Long ownerUserId;
/**
* 只读权限的用户编号数组
*/
private Set<Long> roUserIds;
/**
* 读写权限的用户编号数组
*/
private Set<Long> rwUserIds;
}

45
yudao-module-crm/yudao-module-crm-biz/src/main/java/cn/iocoder/yudao/module/crm/service/permission/bo/CrmPermissionCreateReqBO.java Normal file
View File

@ -0,0 +1,45 @@
package cn.iocoder.yudao.module.crm.service.permission.bo;
import cn.iocoder.yudao.framework.common.validation.InEnum;
import cn.iocoder.yudao.module.crm.framework.enums.CrmBizTypeEnum;
import cn.iocoder.yudao.module.crm.framework.enums.CrmPermissionLevelEnum;
import lombok.Data;
import javax.validation.constraints.NotNull;
/**
* crm 数据权限 Create Req BO
*
* @author HUIHUI
*/
@Data
public class CrmPermissionCreateReqBO {
/**
* 当前登录用户编号
*/
@NotNull(message = "用户编号不能为空")
private Long userId;
/**
* Crm 类型
*/
@NotNull(message = "Crm 类型不能为空")
@InEnum(CrmBizTypeEnum.class)
private Integer bizType;
/**
* 数据编号
*/
@NotNull(message = "Crm 数据编号不能为空")
private Long bizId;
/**
* 权限级别
* 关联 {@link CrmPermissionLevelEnum}
*/
@NotNull(message = "权限级别不能为空")
@InEnum(CrmPermissionLevelEnum.class)
private Integer permissionLevel;
}

49
yudao-module-crm/yudao-module-crm-biz/src/main/java/cn/iocoder/yudao/module/crm/service/permission/bo/CrmPermissionUpdateBO.java
View File

@ -1,49 +0,0 @@
package cn.iocoder.yudao.module.crm.service.permission.bo;
import cn.iocoder.yudao.module.crm.dal.dataobject.permission.CrmPermissionDO;
import cn.iocoder.yudao.module.crm.framework.enums.CrmBizTypeEnum;
import lombok.Data;
import javax.validation.constraints.NotNull;
import java.util.Set;
// TODO @puhui999一个是 Crm 前缀一个 Req 表示入参
/**
* crm 数据权限 Update BO
*
* @author HUIHUI
*/
@Data
public class CrmPermissionUpdateBO {
// TODO @puhui999id crmType + crmDataId 是不是重叠了
/**
* 数据权限编号 {@link CrmPermissionDO#getId()}
*/
@NotNull(message = "Crm 数据权限编号不能为空")
private Long id;
/**
* Crm 类型 关联 {@link CrmBizTypeEnum}
*/
@NotNull(message = "Crm 类型不能为空")
private Integer crmType;
/**
* 数据编号 关联 {@link CrmBizTypeEnum} 对应模块 DO#getId()
*/
@NotNull(message = "Crm 数据编号不能为空")
private Long crmDataId;
/**
* 负责人的用户编号 关联 AdminUser#id, null 则为公海数据
*/
private Long ownerUserId;
/**
* 只读权限的用户编号数组
*/
private Set<Long> roUserIds;
/**
* 读写权限的用户编号数组
*/
private Set<Long> rwUserIds;
}

52
yudao-module-crm/yudao-module-crm-biz/src/main/java/cn/iocoder/yudao/module/crm/service/permission/bo/CrmPermissionUpdateReqBO.java Normal file
View File

@ -0,0 +1,52 @@
package cn.iocoder.yudao.module.crm.service.permission.bo;
import cn.iocoder.yudao.framework.common.validation.InEnum;
import cn.iocoder.yudao.module.crm.dal.dataobject.permission.CrmPermissionDO;
import cn.iocoder.yudao.module.crm.framework.enums.CrmBizTypeEnum;
import cn.iocoder.yudao.module.crm.framework.enums.CrmPermissionLevelEnum;
import lombok.Data;
import javax.validation.constraints.NotNull;
/**
* crm 数据权限 Update Req BO
*
* @author HUIHUI
*/
@Data
public class CrmPermissionUpdateReqBO {
/**
* 数据权限编号 {@link CrmPermissionDO#getId()}
*/
@NotNull(message = "Crm 数据权限编号不能为空")
private Long id;
/**
* 当前登录用户编号
*/
@NotNull(message = "用户编号不能为空")
private Long userId;
/**
* Crm 类型
*/
@NotNull(message = "Crm 类型不能为空")
@InEnum(CrmBizTypeEnum.class)
private Integer bizType;
/**
* 数据编号
*/
@NotNull(message = "Crm 数据编号不能为空")
private Long bizId;
/**
* 权限级别
* 关联 {@link CrmPermissionLevelEnum}
*/
@NotNull(message = "权限级别不能为空")
@InEnum(CrmPermissionLevelEnum.class)
private Integer permissionLevel;
}