优化角色的功能权限的分配逻辑
This commit is contained in:
jishenghua
@@ -4,13 +4,11 @@ import com.alibaba.fastjson.JSONArray;
|
||||
import com.alibaba.fastjson.JSONObject;
|
||||
import com.jsh.erp.base.BaseController;
|
||||
import com.jsh.erp.base.TableDataInfo;
|
||||
import com.jsh.erp.datasource.entities.Function;
|
||||
import com.jsh.erp.datasource.entities.FunctionEx;
|
||||
import com.jsh.erp.datasource.entities.SystemConfig;
|
||||
import com.jsh.erp.datasource.entities.UserBusiness;
|
||||
import com.jsh.erp.datasource.entities.*;
|
||||
import com.jsh.erp.service.FunctionService;
|
||||
import com.jsh.erp.service.SystemConfigService;
|
||||
import com.jsh.erp.service.UserBusinessService;
|
||||
import com.jsh.erp.service.UserService;
|
||||
import com.jsh.erp.utils.*;
|
||||
import io.swagger.annotations.Api;
|
||||
import io.swagger.annotations.ApiOperation;
|
||||
@@ -41,6 +39,9 @@ public class FunctionController extends BaseController {
|
||||
@Resource
|
||||
private FunctionService functionService;
|
||||
|
||||
@Resource
|
||||
private UserService userService;
|
||||
|
||||
@Resource
|
||||
private UserBusinessService userBusinessService;
|
||||
|
||||
@@ -171,7 +172,9 @@ public class FunctionController extends BaseController {
|
||||
}
|
||||
List<Function> dataList = functionService.getRoleFunction(pNumber);
|
||||
if (dataList.size() != 0) {
|
||||
dataArray = getMenuByFunction(dataList, fc, approvalFlag);
|
||||
//获取当前用户所属的租户所拥有的功能id的map
|
||||
Map<Long, Long> funIdMap = functionService.getCurrentTenantFunIdMap();
|
||||
dataArray = getMenuByFunction(dataList, fc, approvalFlag, funIdMap);
|
||||
//增加首页菜单项
|
||||
JSONObject homeItem = new JSONObject();
|
||||
homeItem.put("id", 0);
|
||||
@@ -187,29 +190,32 @@ public class FunctionController extends BaseController {
|
||||
return dataArray;
|
||||
}
|
||||
|
||||
public JSONArray getMenuByFunction(List<Function> dataList, String fc, String approvalFlag) throws Exception {
|
||||
public JSONArray getMenuByFunction(List<Function> dataList, String fc, String approvalFlag, Map<Long, Long> funIdMap) throws Exception {
|
||||
JSONArray dataArray = new JSONArray();
|
||||
for (Function function : dataList) {
|
||||
//如果关闭多级审核,遇到任务审核菜单直接跳过
|
||||
if("0".equals(approvalFlag) && "/workflow".equals(function.getUrl())) {
|
||||
continue;
|
||||
}
|
||||
JSONObject item = new JSONObject();
|
||||
List<Function> newList = functionService.getRoleFunction(function.getNumber());
|
||||
item.put("id", function.getId());
|
||||
item.put("text", function.getName());
|
||||
item.put("icon", function.getIcon());
|
||||
item.put("url", function.getUrl());
|
||||
item.put("component", function.getComponent());
|
||||
if (newList.size()>0) {
|
||||
JSONArray childrenArr = getMenuByFunction(newList, fc, approvalFlag);
|
||||
if(childrenArr.size()>0) {
|
||||
item.put("children", childrenArr);
|
||||
dataArray.add(item);
|
||||
//如果funIdMap有值(说明不是租户)需要校验,防止分配下级用户的功能权限,大于租户的权限
|
||||
if(funIdMap == null || funIdMap.get(function.getId())!=null) {
|
||||
//如果关闭多级审核,遇到任务审核菜单直接跳过
|
||||
if("0".equals(approvalFlag) && "/workflow".equals(function.getUrl())) {
|
||||
continue;
|
||||
}
|
||||
} else {
|
||||
if (fc.indexOf("[" + function.getId().toString() + "]") != -1) {
|
||||
dataArray.add(item);
|
||||
JSONObject item = new JSONObject();
|
||||
List<Function> newList = functionService.getRoleFunction(function.getNumber());
|
||||
item.put("id", function.getId());
|
||||
item.put("text", function.getName());
|
||||
item.put("icon", function.getIcon());
|
||||
item.put("url", function.getUrl());
|
||||
item.put("component", function.getComponent());
|
||||
if (newList.size()>0) {
|
||||
JSONArray childrenArr = getMenuByFunction(newList, fc, approvalFlag, funIdMap);
|
||||
if(childrenArr.size()>0) {
|
||||
item.put("children", childrenArr);
|
||||
dataArray.add(item);
|
||||
}
|
||||
} else {
|
||||
if (fc.indexOf("[" + function.getId().toString() + "]") != -1) {
|
||||
dataArray.add(item);
|
||||
}
|
||||
}
|
||||
}
|
||||
}
|
||||
@@ -227,7 +233,13 @@ public class FunctionController extends BaseController {
|
||||
HttpServletRequest request)throws Exception {
|
||||
JSONArray arr = new JSONArray();
|
||||
try {
|
||||
List<Function> dataListFun = functionService.findRoleFunction("0");
|
||||
User userInfo = userService.getCurrentUser();
|
||||
//获取当前用户所拥有的功能id列表
|
||||
List<Long> funIdList = functionService.getCurrentUserFunIdList();
|
||||
if("admin".equals(userInfo.getLoginName())) {
|
||||
funIdList = null;
|
||||
}
|
||||
List<Function> dataListFun = functionService.findRoleFunction("0", funIdList);
|
||||
//开始拼接json数据
|
||||
JSONObject outer = new JSONObject();
|
||||
outer.put("id", 0);
|
||||
@@ -252,7 +264,7 @@ public class FunctionController extends BaseController {
|
||||
dataList.add(fun);
|
||||
}
|
||||
}
|
||||
dataArray = getFunctionList(dataList, type, keyId);
|
||||
dataArray = getFunctionList(dataList, type, keyId, funIdList);
|
||||
outer.put("children", dataArray);
|
||||
}
|
||||
arr.add(outer);
|
||||
@@ -262,7 +274,7 @@ public class FunctionController extends BaseController {
|
||||
return arr;
|
||||
}
|
||||
|
||||
public JSONArray getFunctionList(List<Function> dataList, String type, String keyId) throws Exception {
|
||||
public JSONArray getFunctionList(List<Function> dataList, String type, String keyId, List<Long> funIdList) throws Exception {
|
||||
JSONArray dataArray = new JSONArray();
|
||||
//获取权限信息
|
||||
String ubValue = userBusinessService.getUBValueByTypeAndKeyId(type, keyId);
|
||||
@@ -274,9 +286,9 @@ public class FunctionController extends BaseController {
|
||||
item.put("value", function.getId());
|
||||
item.put("title", function.getName());
|
||||
item.put("attributes", function.getName());
|
||||
List<Function> funList = functionService.findRoleFunction(function.getNumber());
|
||||
List<Function> funList = functionService.findRoleFunction(function.getNumber(), funIdList);
|
||||
if(funList.size()>0) {
|
||||
JSONArray funArr = getFunctionList(funList, type, keyId);
|
||||
JSONArray funArr = getFunctionList(funList, type, keyId, funIdList);
|
||||
item.put("children", funArr);
|
||||
dataArray.add(item);
|
||||
} else {
|
||||
@@ -321,20 +333,25 @@ public class FunctionController extends BaseController {
|
||||
funIds = funIds.replace("][",",");
|
||||
List<Function> dataList = functionService.findByIds(funIds);
|
||||
JSONObject outer = new JSONObject();
|
||||
outer.put("total", dataList.size());
|
||||
User userInfo = userService.getCurrentUser();
|
||||
Map<Long, Long> funIdMap = functionService.getCurrentUserFunIdMap();
|
||||
//存放数据json数组
|
||||
JSONArray dataArray = new JSONArray();
|
||||
if (null != dataList) {
|
||||
for (Function function : dataList) {
|
||||
JSONObject item = new JSONObject();
|
||||
item.put("id", function.getId());
|
||||
item.put("name", function.getName());
|
||||
item.put("pushBtn", function.getPushBtn());
|
||||
item.put("btnStr", btnMap.get(function.getId()));
|
||||
dataArray.add(item);
|
||||
//如果不是超管需要校验,防止分配下级用户的按钮权限,大于自身的权限
|
||||
if("admin".equals(userInfo.getLoginName()) || funIdMap.get(function.getId())!=null) {
|
||||
JSONObject item = new JSONObject();
|
||||
item.put("id", function.getId());
|
||||
item.put("name", function.getName());
|
||||
item.put("pushBtn", function.getPushBtn());
|
||||
item.put("btnStr", btnMap.get(function.getId()));
|
||||
dataArray.add(item);
|
||||
}
|
||||
}
|
||||
}
|
||||
outer.put("rows", dataArray);
|
||||
outer.put("total", dataArray.size());
|
||||
res.code = 200;
|
||||
res.data = outer;
|
||||
}
|
||||
|
||||
Reference in New Issue
Block a user