修改调整后的权限获取策略，优化查询速度

548cc0eb · shiwenbo · 01bb76fc · 548cc0eb · 548cc0eb · 548cc0eb
Commit 548cc0eb authored Jul 16, 2021 by shiwenbo
6 changed files
--- a/backend/inz.authmgr/src/main/java/com/beecode/inz/authmgr/domain/RoleInfo.java
+++ b/backend/inz.authmgr/src/main/java/com/beecode/inz/authmgr/domain/RoleInfo.java
@@ -14,6 +14,7 @@ public class RoleInfo {
 	private String name;
 	private String title;
 	private String description;
+	private String orgId;
 	private Group group;
 	private List<StaffInfo> staffs;
 	private List<PrivilegeInfo> privilegeInfos;
@@ -62,6 +63,14 @@ public class RoleInfo {
+	public String getOrgId() {
+		return orgId;
+	}
+	public void setOrgId(String orgId) {
+		this.orgId = orgId;
+	}
 	public List<StaffInfo> getStaffs() {
 		return staffs;
 	}

--- a/backend/inz.authmgr/src/main/java/com/beecode/inz/authmgr/internal/service/FunctionTreeServiceImpl.java
+++ b/backend/inz.authmgr/src/main/java/com/beecode/inz/authmgr/internal/service/FunctionTreeServiceImpl.java
@@ -22,7 +22,6 @@ import com.beecode.bap.staff.BapContext;
 import com.beecode.bap.staff.service.StaffService;
 import com.beecode.bap2.common.license.LicenseProperty;
 import com.beecode.bap2.common.license.service.LicensePropertyService;
-import com.beecode.bcp.User;
 import com.beecode.bcp.authz.Privilege;
 import com.beecode.bcp.authz.Role;
 import com.beecode.bcp.authz.service.IdentityService;
@@ -34,7 +33,6 @@ import com.beecode.bcp.type.KClass;
 import com.beecode.bcp.type.KObject;
 import com.beecode.bcp.type.json.JSONObjectUtils;
 import com.beecode.inz.authmgr.domain.PrivilegeInfo;
-import com.beecode.inz.authmgr.domain.RoleGroupInfo;
 import com.beecode.inz.authmgr.exception.AuthDataMissingException;
 import com.beecode.inz.authmgr.service.AuthManagerService;
 import com.beecode.inz.authmgr.service.FunctionTreeService;
@@ -122,48 +120,30 @@ public class FunctionTreeServiceImpl implements FunctionTreeService {
 		List<Group> groups = groupService.getChildren(roleService.getRoleGroupCategoryId(), getRootGroup().getId());
 		if (groups != null) {
 			groups.forEach((children) -> {
-				RoleGroupInfo groupInfo = new RoleGroupInfo(children);
 				List<Role> roles = groupService.getItems(children.getId(), Role.class, null);
 				UUID currentRegionalCompany = getCurrentLoginRegionalCompany().getUuid("id");
 				for(int i = 0; i < roles.size(); i++) {
-					List<User> user = identityService.getUsers(roles.get(i).getCreateUser());
+					if(!roles.get(i).getOrgId().equals(currentRegionalCompany)){
-					KObject staff = staffService.getByUserId(user.get(0).getId());
-					List<String> ids = new ArrayList<String>();
-					ids.add(staff.getUuid("id").toString());
-					List<KObject> followingList = followerDao.loadByMemberIds("com.xyst.dinas.biz.follower.datamodel.OrganizationFollower", ids);
-					List<UUID> organizaitonList = new ArrayList<UUID>();
-					for(KObject following : followingList) {
-						organizaitonList.add(following.get("following").getUuid("id"));
-					}
-					if(!organizaitonList.contains(currentRegionalCompany)) {
 						roles.remove(i);
 						i--;
 					}
 				}
-				groupInfo.setRoles(roles);
 				//获取当前登录用户拥有的角色列表
 				KObject currentStaff = getCurrentStaff();
 				if(currentStaff != null) {
 					List<Role> staffRoleList = roleService.getByUser(currentStaff.get("user").getUuid("id"));
-					List<Role> commonRoleList = groupInfo.getRoles();
 					//以上两个List取交集，得到当前登录用户在该组织机构内所拥有的角色
-					List<Role> resultRoleList = new ArrayList<Role>();
 					for(int i = 0; i < staffRoleList.size(); i++) {
-						for(int j = 0; j < commonRoleList.size(); j++) {
+						for(int j = 0; j < roles.size(); j++) {
-							if(commonRoleList.get(j).getId().equals(staffRoleList.get(i).getId())) {
+							if(roles.get(j).getId().equals(staffRoleList.get(i).getId())) {
-								resultRoleList.add(staffRoleList.get(i));
+								result.addAll(authManagerService.getPrivilegeInfoByRole(staffRoleList.get(i).getId()));
 								break;
 							}
 						}
 					}
-					for(int i = 0; i < resultRoleList.size(); i++) {
-						result.addAll(authManagerService.getPrivilegeInfoByRole(resultRoleList.get(i).getId()));
-					}
 				}
 			});
 		}

--- a/backend/inz.authmgr/src/main/java/com/beecode/inz/authmgr/internal/service/RoleManagerServiceImpl.java
+++ b/backend/inz.authmgr/src/main/java/com/beecode/inz/authmgr/internal/service/RoleManagerServiceImpl.java
@@ -75,6 +75,7 @@ public class RoleManagerServiceImpl implements RoleManagerService {
 		role.setTitle(roleInfo.getTitle());
 		role.setDescription(roleInfo.getDescription());
+		role.setOrgId(UUID.fromString(roleInfo.getOrgId()));
 		UUID roleId = roleService.create(role);
 		//保存角色的权限信息

--- a/backend/inz.authmgr/src/main/java/com/beecode/inz/authmgr/vo/RolePara.java
+++ b/backend/inz.authmgr/src/main/java/com/beecode/inz/authmgr/vo/RolePara.java
@@ -23,6 +23,8 @@ public class RolePara {
 	@Size(max = 200, message = "长度必须小于{max}")
 	private String description;
+	private String orgId;
 	private boolean needCopyPrivilege;
 	private UUID targetRoleId;
@@ -54,6 +56,12 @@ public class RolePara {
 	public void setDescription(String description) {
 		this.description = description;
 	}
+	public String getOrgId() {
+		return orgId;
+	}
+	public void setOrgId(String orgId) {
+		this.orgId = orgId;
+	}
 	public boolean isNeedCopyPrivilege() {
 		return needCopyPrivilege;
 	}

--- a/backend/inz.authmgr/src/main/java/com/beecode/inz/authmgr/web/AuthMgrController.java
+++ b/backend/inz.authmgr/src/main/java/com/beecode/inz/authmgr/web/AuthMgrController.java
@@ -265,16 +265,7 @@ public class AuthMgrController {
 				}
 				for(int i = 0; i < roles.size(); i++) {
-					List<User> user = identityService.getUsers(roles.get(i).getCreateUser());
+					if(!roles.get(i).getOrgId().equals(currentRegionalCompany)){
-					KObject staff = staffService.getByUserId(user.get(0).getId());
-					List<String> ids = new ArrayList<String>();
-					ids.add(staff.getUuid("id").toString());
-					List<KObject> followingList = followerDao.loadByMemberIds("com.xyst.dinas.biz.follower.datamodel.OrganizationFollower", ids);
-					List<UUID> organizaitonList = new ArrayList<UUID>();
-					for(KObject following : followingList) {
-						organizaitonList.add(following.get("following").getUuid("id"));
-					}
-					if(!organizaitonList.contains(currentRegionalCompany)) {
 						roles.remove(i);
 						i--;
 					}

--- a/backend/inz.authmgr/src/main/java/com/beecode/inz/authmgr/web/RoleController.java
+++ b/backend/inz.authmgr/src/main/java/com/beecode/inz/authmgr/web/RoleController.java
@@ -89,6 +89,7 @@ public class RoleController {
 		roleInfo.setTitle(rolePara.getTitle());
 		roleInfo.setDescription(rolePara.getDescription());
 		roleInfo.setName(rolePara.getName());
+		roleInfo.setOrgId(rolePara.getOrgId());
 		roleInfo.setGroup(getRootGroup());