package com.sandu.ximon.admin.service;
|
|
import cn.hutool.core.collection.CollectionUtil;
|
import cn.hutool.core.util.StrUtil;
|
import com.baomidou.mybatisplus.core.toolkit.Wrappers;
|
import com.github.pagehelper.PageHelper;
|
import com.sandu.common.enums.RoleLevelStatus;
|
import com.sandu.common.execption.BusinessException;
|
import com.sandu.common.execption.EntityExistException;
|
import com.sandu.common.service.impl.BaseServiceImpl;
|
import com.sandu.common.util.BeanConvertUtil;
|
import com.sandu.ximon.admin.param.RoleParam;
|
import com.sandu.ximon.admin.security.SecurityUtils;
|
import com.sandu.ximon.dao.domain.*;
|
import com.sandu.ximon.dao.mapper.RoleMapper;
|
import lombok.AllArgsConstructor;
|
import org.springframework.security.core.GrantedAuthority;
|
import org.springframework.security.core.authority.SimpleGrantedAuthority;
|
import org.springframework.stereotype.Service;
|
import org.springframework.transaction.annotation.Transactional;
|
|
import java.util.*;
|
import java.util.stream.Collectors;
|
|
/**
|
* @author chenjiantian
|
* @date 2021/4/25 19:15
|
*/
|
@Service
|
@AllArgsConstructor
|
public class RoleService extends BaseServiceImpl<RoleMapper, Role> {
|
|
private final AdminRoleRelationService adminRoleRelationService;
|
private final RoleMenuRelationService roleMenuRelationService;
|
private final MenuService menuService;
|
|
/**
|
* 获取指定管理员的spring security权限认证列表
|
*/
|
public Collection<GrantedAuthority> mapToGrantedAuthorities(Long adminId) {
|
|
// 获取管理员的角色id
|
List<Role> roles = listByAdminId(adminId);
|
|
if (CollectionUtil.isEmpty(roles)) {
|
throw new BusinessException("当前用户没有角色");
|
}
|
List<Long> roleIdList = roles.stream().map(Role::getId).collect(Collectors.toList());
|
List<Long> menuIdList = roleMenuRelationService.list(Wrappers.lambdaQuery(RoleMenuRelation.class).in(RoleMenuRelation::getRoleId, roleIdList).select(RoleMenuRelation::getMenuId))
|
.stream().map(RoleMenuRelation::getMenuId).distinct().collect(Collectors.toList());
|
|
Set<String> menuPermissions = new HashSet<>();
|
// 菜单权限
|
if (CollectionUtil.isNotEmpty(menuIdList)) {
|
List<Menu> menus = menuService.listByIds(menuIdList);
|
Set<String> collect = menus.stream().filter(menu -> StrUtil.isNotBlank(menu.getPermission())).map(Menu::getPermission).collect(Collectors.toSet());
|
menuPermissions.addAll(collect);
|
}
|
|
// 角色专属权限
|
Set<String> rolePermissions = roles.stream().filter(role -> StrUtil.isNotBlank(role.getPermission())).map(Role::getPermission).collect(Collectors.toSet());
|
|
menuPermissions.addAll(rolePermissions);
|
|
return menuPermissions.stream().map(SimpleGrantedAuthority::new).collect(Collectors.toList());
|
}
|
|
|
/**
|
* 获取某个管理员的角色列表
|
*/
|
public List<Role> listByAdminId(Long adminId) {
|
// 获取管理员的角色id
|
List<AdminRoleRelation> list = adminRoleRelationService.list(Wrappers.lambdaQuery(AdminRoleRelation.class).eq(AdminRoleRelation::getAdminId, adminId).select(AdminRoleRelation::getRoleId));
|
List<Long> roleIdList = list.stream().map(AdminRoleRelation::getRoleId).collect(Collectors.toList());
|
if (CollectionUtil.isEmpty(roleIdList)) {
|
return null;
|
}
|
return listByIds(roleIdList);
|
}
|
|
@Transactional(rollbackFor = Exception.class)
|
public boolean addRole(RoleParam param) {
|
Role role = new Role();
|
role.setName(param.getName());
|
role.setRemark(param.getRemark());
|
role.setLevel(RoleLevelStatus.COMMON.getCode());
|
if(!save(role)){
|
throw new BusinessException("添加角色失败");
|
}
|
|
roleMenuRelationService.addRoleMenuList(role.getId(),param.getMenuIdList());
|
|
return true;
|
}
|
|
@Transactional(rollbackFor = Exception.class)
|
public boolean updateRole(Long roleId, RoleParam param) {
|
Role role = getById(roleId);
|
if (role == null) {
|
throw new BusinessException("找不到角色信息");
|
}
|
assertLevels(role.getLevel());
|
Role update = new Role();
|
update.setId(roleId);
|
update.setName(param.getName());
|
update.setRemark(param.getRemark());
|
if(!updateById(update)){
|
throw new BusinessException("编辑角色失败");
|
}
|
roleMenuRelationService.remove(Wrappers.lambdaQuery(RoleMenuRelation.class).eq(RoleMenuRelation::getRoleId,roleId));
|
|
roleMenuRelationService.addRoleMenuList(role.getId(),param.getMenuIdList());
|
return true;
|
}
|
|
|
/**
|
* 判断当前角色能不能操作目标用户 不行的话直接抛出异常
|
* @param roleLevel 目标用户的最高角色等级
|
* @return 操作人的最高角色等级
|
*/
|
public int assertLevels(Integer roleLevel) {
|
Long userId = SecurityUtils.getUserId();
|
List<Role> roles = listByAdminId(userId);
|
if(CollectionUtil.isEmpty(roles)){
|
throw new BusinessException("当前用户没有角色");
|
}
|
List<Integer> levels = roles.stream().map(Role::getLevel).collect(Collectors.toList());
|
int min = Collections.min(levels);
|
if (roleLevel != null) {
|
if (roleLevel < min) {
|
throw new BusinessException("权限不足,你的角色级别:" + min + ",低于操作的角色级别:" + roleLevel);
|
}
|
}
|
return min;
|
}
|
|
public boolean delRole(Long roleId) {
|
Role role = getById(roleId);
|
if (role == null) {
|
throw new BusinessException("找不到角色");
|
}
|
assertLevels(role.getLevel());
|
List<AdminRoleRelation> list = adminRoleRelationService.list(Wrappers.lambdaQuery(AdminRoleRelation.class).eq(AdminRoleRelation::getRoleId, role));
|
if(CollectionUtil.isNotEmpty(list)){
|
throw new BusinessException("当前角色有管理员使用,无法删除");
|
}
|
roleMenuRelationService.remove(Wrappers.lambdaQuery(RoleMenuRelation.class).eq(RoleMenuRelation::getRoleId,roleId));
|
return removeById(roleId);
|
}
|
|
public List<RoleDetail> listRole(int pageNo, int pageSize) {
|
PageHelper.startPage(pageNo, pageSize);
|
List<Long> roleIdList = list().stream().map(Role::getId).collect(Collectors.toList());
|
if(CollectionUtil.isEmpty(roleIdList)){
|
return null;
|
}
|
return baseMapper.listRole(roleIdList);
|
}
|
}
|
