| | |
|---|
| | | |
|---|
| | | import cn.hutool.core.collection.CollectionUtil; |
|---|
| | | import cn.hutool.core.util.StrUtil; |
|---|
| | | import cn.hutool.system.UserInfo; |
|---|
| | | import com.baomidou.mybatisplus.core.toolkit.Wrappers; |
|---|
| | | import com.github.pagehelper.PageHelper; |
|---|
| | | import com.sandu.common.enums.RoleLevelStatus; |
|---|
| | |
|---|
| | | import com.sandu.ximon.admin.param.RoleParam; |
|---|
| | | import com.sandu.ximon.admin.security.SecurityUtils; |
|---|
| | | import com.sandu.ximon.dao.domain.*; |
|---|
| | | import com.sandu.ximon.dao.enums.AdministratorEnums; |
|---|
| | | import com.sandu.ximon.dao.mapper.MenuMapper; |
|---|
| | | import com.sandu.ximon.dao.mapper.RoleMapper; |
|---|
| | | import lombok.AllArgsConstructor; |
|---|
| | | import org.springframework.security.core.GrantedAuthority; |
|---|
| | |
|---|
| | | public class RoleService extends BaseServiceImpl<RoleMapper, Role> { |
|---|
| | | |
|---|
| | | private final AdminRoleRelationService adminRoleRelationService; |
|---|
| | | private final ClientRoleRelationService clientRoleRelationService; |
|---|
| | | private final RoleMenuRelationService roleMenuRelationService; |
|---|
| | | private final MenuService menuService; |
|---|
| | | private final MenuMapper menuMapper; |
|---|
| | | |
|---|
| | | |
|---|
| | | /** |
|---|
| | | * 获取指定管理员的spring security权限认证列表 |
|---|
| | | */ |
|---|
| | | public Collection<GrantedAuthority> mapToGrantedAuthorities(Long adminId) { |
|---|
| | | |
|---|
| | | // 获取管理员的角色id |
|---|
| | | List<Role> roles = listByAdminId(adminId); |
|---|
| | | public Collection<GrantedAuthority> mapToGrantedAuthorities(Long adminId, boolean flag) { |
|---|
| | | List<Role> roles; |
|---|
| | | if (flag) { |
|---|
| | | // 获取管理员的角色id |
|---|
| | | roles = listByAdminId(adminId); |
|---|
| | | } else { |
|---|
| | | roles = listByClientId(adminId); |
|---|
| | | } |
|---|
| | | |
|---|
| | | if (CollectionUtil.isEmpty(roles)) { |
|---|
| | | throw new BusinessException("当前用户没有角色"); |
|---|
| | |
|---|
| | | */ |
|---|
| | | public List<Role> listByAdminId(Long adminId) { |
|---|
| | | // 获取管理员的角色id |
|---|
| | | List<AdminRoleRelation> list = adminRoleRelationService.list(Wrappers.lambdaQuery(AdminRoleRelation.class).eq(AdminRoleRelation::getAdminId, adminId).select(AdminRoleRelation::getRoleId)); |
|---|
| | | List<AdminRoleRelation> list = adminRoleRelationService.list(Wrappers.lambdaQuery(AdminRoleRelation.class) |
|---|
| | | .eq(AdminRoleRelation::getAdminId, adminId).select(AdminRoleRelation::getRoleId)); |
|---|
| | | List<Long> roleIdList = list.stream().map(AdminRoleRelation::getRoleId).collect(Collectors.toList()); |
|---|
| | | if (CollectionUtil.isEmpty(roleIdList)) { |
|---|
| | | return null; |
|---|
| | | } |
|---|
| | | return listByIds(roleIdList); |
|---|
| | | } |
|---|
| | | |
|---|
| | | /** |
|---|
| | | * 获取某个普通用户的角色列表 |
|---|
| | | */ |
|---|
| | | public List<Role> listByClientId(Long clientId) { |
|---|
| | | // 获取普通用户的角色id |
|---|
| | | List<ClientRoleRelation> list = clientRoleRelationService.list(Wrappers.lambdaQuery(ClientRoleRelation.class).eq(ClientRoleRelation::getClientId, clientId).select(ClientRoleRelation::getRoleId)); |
|---|
| | | List<Long> roleIdList = list.stream().map(ClientRoleRelation::getRoleId).collect(Collectors.toList()); |
|---|
| | | if (CollectionUtil.isEmpty(roleIdList)) { |
|---|
| | | return null; |
|---|
| | | } |
|---|
| | |
|---|
| | | |
|---|
| | | @Transactional(rollbackFor = Exception.class) |
|---|
| | | public boolean addRole(RoleParam param) { |
|---|
| | | if(param.getMenuIdList().isEmpty()){ |
|---|
| | | if (param.getMenuIdList().isEmpty()) { |
|---|
| | | throw new BusinessException("权限参数异常"); |
|---|
| | | } |
|---|
| | | Role role = new Role(); |
|---|
| | | role.setName(param.getName()); |
|---|
| | | role.setRemark(param.getRemark()); |
|---|
| | | role.setLevel(RoleLevelStatus.COMMON.getCode()); |
|---|
| | | if(!save(role)){ |
|---|
| | | //设置角色权限等级 |
|---|
| | | if (param.getLevel() != null) { |
|---|
| | | if (param.getLevel().equals(RoleLevelStatus.SUPER.getCode())) { |
|---|
| | | throw new BusinessException("无法添加超级管理员角色"); |
|---|
| | | } else if (param.getLevel().equals(RoleLevelStatus.COMMON.getCode())) { |
|---|
| | | role.setLevel(RoleLevelStatus.COMMON.getCode()); |
|---|
| | | } else if (param.getLevel().equals(RoleLevelStatus.NORMAL.getCode())) { |
|---|
| | | role.setLevel(RoleLevelStatus.NORMAL.getCode()); |
|---|
| | | } else if (param.getLevel().equals(RoleLevelStatus.NORMAL2.getCode())) { |
|---|
| | | role.setLevel(RoleLevelStatus.NORMAL2.getCode()); |
|---|
| | | } else { |
|---|
| | | role.setLevel(RoleLevelStatus.NORMAL.getCode()); |
|---|
| | | } |
|---|
| | | } else { |
|---|
| | | role.setLevel(RoleLevelStatus.NORMAL.getCode()); |
|---|
| | | } |
|---|
| | | |
|---|
| | | if (!save(role)) { |
|---|
| | | throw new BusinessException("添加角色失败"); |
|---|
| | | } |
|---|
| | | |
|---|
| | | roleMenuRelationService.addRoleMenuList(role.getId(),param.getMenuIdList()); |
|---|
| | | roleMenuRelationService.addRoleMenuList(role.getId(), param.getMenuIdList()); |
|---|
| | | |
|---|
| | | return true; |
|---|
| | | } |
|---|
| | |
|---|
| | | if (role == null) { |
|---|
| | | throw new BusinessException("找不到角色信息"); |
|---|
| | | } |
|---|
| | | //判断是有权限修改 |
|---|
| | | assertLevels(role.getLevel()); |
|---|
| | | Role update = new Role(); |
|---|
| | | update.setId(roleId); |
|---|
| | | update.setName(param.getName()); |
|---|
| | | update.setRemark(param.getRemark()); |
|---|
| | | if(!updateById(update)){ |
|---|
| | | |
|---|
| | | role.setName(param.getName()); |
|---|
| | | role.setRemark(param.getRemark()); |
|---|
| | | |
|---|
| | | if (!role.getLevel().equals(RoleLevelStatus.SUPER.getCode())) { |
|---|
| | | //设置角色权限等级 |
|---|
| | | if (param.getLevel() != null) { |
|---|
| | | if (param.getLevel().equals(RoleLevelStatus.SUPER.getCode())) { |
|---|
| | | throw new BusinessException("无法修改成超级管理员角色"); |
|---|
| | | } else if (param.getLevel().equals(RoleLevelStatus.COMMON.getCode())) { |
|---|
| | | role.setLevel(RoleLevelStatus.COMMON.getCode()); |
|---|
| | | } else if (param.getLevel().equals(RoleLevelStatus.NORMAL.getCode())) { |
|---|
| | | role.setLevel(RoleLevelStatus.NORMAL.getCode()); |
|---|
| | | } else if (param.getLevel().equals(RoleLevelStatus.NORMAL2.getCode())) { |
|---|
| | | role.setLevel(RoleLevelStatus.NORMAL2.getCode()); |
|---|
| | | } else { |
|---|
| | | role.setLevel(RoleLevelStatus.NORMAL.getCode()); |
|---|
| | | } |
|---|
| | | } else { |
|---|
| | | role.setLevel(RoleLevelStatus.NORMAL.getCode()); |
|---|
| | | } |
|---|
| | | } else if (!param.getLevel().equals(RoleLevelStatus.SUPER.getCode())) { |
|---|
| | | throw new BusinessException("超级管理员角色等级无法修改!"); |
|---|
| | | } |
|---|
| | | |
|---|
| | | |
|---|
| | | if (!updateById(role)) { |
|---|
| | | throw new BusinessException("编辑角色失败"); |
|---|
| | | } |
|---|
| | | roleMenuRelationService.remove(Wrappers.lambdaQuery(RoleMenuRelation.class).eq(RoleMenuRelation::getRoleId,roleId)); |
|---|
| | | roleMenuRelationService.remove(Wrappers.lambdaQuery(RoleMenuRelation.class).eq(RoleMenuRelation::getRoleId, roleId)); |
|---|
| | | |
|---|
| | | roleMenuRelationService.addRoleMenuList(role.getId(),param.getMenuIdList()); |
|---|
| | | roleMenuRelationService.addRoleMenuList(role.getId(), param.getMenuIdList()); |
|---|
| | | return true; |
|---|
| | | } |
|---|
| | | |
|---|
| | | |
|---|
| | | /** |
|---|
| | | * 判断当前角色能不能操作目标用户 不行的话直接抛出异常 |
|---|
| | | * |
|---|
| | | * @param roleLevel 目标用户的最高角色等级 |
|---|
| | | * @return 操作人的最高角色等级 |
|---|
| | | */ |
|---|
| | | public int assertLevels(Integer roleLevel) { |
|---|
| | | Long userId = SecurityUtils.getUserId(); |
|---|
| | | List<Role> roles = listByAdminId(userId); |
|---|
| | | if(CollectionUtil.isEmpty(roles)){ |
|---|
| | | if (CollectionUtil.isEmpty(roles)) { |
|---|
| | | throw new BusinessException("当前用户没有角色"); |
|---|
| | | } |
|---|
| | | List<Integer> levels = roles.stream().map(Role::getLevel).collect(Collectors.toList()); |
|---|
| | |
|---|
| | | if (role == null) { |
|---|
| | | throw new BusinessException("找不到角色"); |
|---|
| | | } |
|---|
| | | //超级管理员不能删除 |
|---|
| | | if (RoleLevelStatus.SUPER.getCode().equals(role.getLevel())) { |
|---|
| | | throw new BusinessException("当前角色为超级管理员,无法删除"); |
|---|
| | | } |
|---|
| | | |
|---|
| | | assertLevels(role.getLevel()); |
|---|
| | | List<AdminRoleRelation> list = adminRoleRelationService.list(Wrappers.lambdaQuery(AdminRoleRelation.class).eq(AdminRoleRelation::getRoleId, role)); |
|---|
| | | if(CollectionUtil.isNotEmpty(list)){ |
|---|
| | | if (CollectionUtil.isNotEmpty(list)) { |
|---|
| | | throw new BusinessException("当前角色有管理员使用,无法删除"); |
|---|
| | | } |
|---|
| | | roleMenuRelationService.remove(Wrappers.lambdaQuery(RoleMenuRelation.class).eq(RoleMenuRelation::getRoleId,roleId)); |
|---|
| | | List<ClientRoleRelation> listClient = clientRoleRelationService.list(Wrappers.lambdaQuery(ClientRoleRelation.class).eq(ClientRoleRelation::getRoleId, role)); |
|---|
| | | if (CollectionUtil.isNotEmpty(listClient)) { |
|---|
| | | throw new BusinessException("当前角色有用户使用,无法删除"); |
|---|
| | | } |
|---|
| | | roleMenuRelationService.remove(Wrappers.lambdaQuery(RoleMenuRelation.class).eq(RoleMenuRelation::getRoleId, roleId)); |
|---|
| | | return removeById(roleId); |
|---|
| | | } |
|---|
| | | |
|---|
| | | public List<RoleDetail> listRole(int pageNo, int pageSize) { |
|---|
| | | PageHelper.startPage(pageNo, pageSize); |
|---|
| | | List<Long> roleIdList = list().stream().map(Role::getId).collect(Collectors.toList()); |
|---|
| | | if(CollectionUtil.isEmpty(roleIdList)){ |
|---|
| | | if (CollectionUtil.isEmpty(roleIdList)) { |
|---|
| | | return null; |
|---|
| | | } |
|---|
| | | return baseMapper.listRole(roleIdList); |
|---|
| | | |
|---|
| | | List<RoleDetail> list = baseMapper.listRole(roleIdList); |
|---|
| | | |
|---|
| | | return list; |
|---|
| | | } |
|---|
| | | } |
|---|
