diff --git a/lms/nladmin-system/src/main/java/org/nl/sso/permission/rest/DataPermissionController.java b/lms/nladmin-system/src/main/java/org/nl/sso/permission/rest/DataPermissionController.java new file mode 100644 index 000000000..3122ea967 --- /dev/null +++ b/lms/nladmin-system/src/main/java/org/nl/sso/permission/rest/DataPermissionController.java @@ -0,0 +1,89 @@ + +package org.nl.sso.permission.rest; + +import com.alibaba.fastjson.JSONArray; +import com.alibaba.fastjson.JSONObject; +import org.nl.sso.permission.service.DataPermissionService; +import org.nl.sso.permission.service.dto.DataPermissionDto; +import org.springframework.data.domain.Pageable; +import lombok.RequiredArgsConstructor; +import org.nl.modules.logging.annotation.Log; +import org.springframework.http.HttpStatus; +import org.springframework.http.ResponseEntity; +import cn.dev33.satoken.annotation.SaCheckPermission; +import org.springframework.validation.annotation.Validated; +import org.springframework.web.bind.annotation.*; +import io.swagger.annotations.*; +import java.util.Map; +import lombok.extern.slf4j.Slf4j; + +/** +* @author lyd +* @date 2022-12-09 +**/ +@RestController +@RequiredArgsConstructor +@Api(tags = "数据权限管理") +@RequestMapping("/api/dataPermission") +@Slf4j +public class DataPermissionController { + + private final DataPermissionService dataPermissionService; + + @GetMapping + @Log("查询数据权限") + @ApiOperation("查询数据权限") + //@SaCheckPermission("@el.check('dataPermission:list')") + public ResponseEntity query(@RequestParam Map whereJson, Pageable page){ + return new ResponseEntity<>(dataPermissionService.queryAll(whereJson,page),HttpStatus.OK); + } + + @PostMapping + @Log("新增数据权限") + @ApiOperation("新增数据权限") + //@SaCheckPermission("@el.check('dataPermission:add')") + public ResponseEntity create(@Validated @RequestBody DataPermissionDto dto){ + dataPermissionService.create(dto); + return new ResponseEntity<>(HttpStatus.CREATED); + } + + @PutMapping + @Log("修改数据权限") + @ApiOperation("修改数据权限") + //@SaCheckPermission("@el.check('dataPermission:edit')") + public ResponseEntity update(@Validated @RequestBody DataPermissionDto dto){ + dataPermissionService.update(dto); + return new ResponseEntity<>(HttpStatus.NO_CONTENT); + } + + @Log("删除数据权限") + @ApiOperation("删除数据权限") + //@SaCheckPermission("@el.check('dataPermission:del')") + @DeleteMapping + public ResponseEntity delete(@RequestBody Long[] ids) { + dataPermissionService.deleteAll(ids); + return new ResponseEntity<>(HttpStatus.OK); + } + + @GetMapping("/scopeType") + @Log("获取数据权限范围") + @ApiOperation("获取数据权限范围") + public ResponseEntity getDataScopeType(){ + return new ResponseEntity<>(dataPermissionService.getDataScopeType(),HttpStatus.OK); + } + + @GetMapping("/dataPermissionOption") + @Log("获取数据权限下拉框") + @ApiOperation("获取数据权限下拉框") + public ResponseEntity getDataPermissionOption(){ + return new ResponseEntity<>(dataPermissionService.getDataPermissionOption(),HttpStatus.OK); + } + + @PostMapping("/saveDataPermission") + @Log("保存数据权限") + @ApiOperation("保存数据权限") + public ResponseEntity saveDataPermission(@RequestBody JSONObject datas){ + dataPermissionService.savePermission(datas); + return new ResponseEntity<>(HttpStatus.CREATED); + } +} diff --git a/lms/nladmin-system/src/main/java/org/nl/sso/permission/service/DataPermissionService.java b/lms/nladmin-system/src/main/java/org/nl/sso/permission/service/DataPermissionService.java new file mode 100644 index 000000000..e0f60c755 --- /dev/null +++ b/lms/nladmin-system/src/main/java/org/nl/sso/permission/service/DataPermissionService.java @@ -0,0 +1,84 @@ +package org.nl.sso.permission.service; + +import com.alibaba.fastjson.JSONArray; +import com.alibaba.fastjson.JSONObject; +import org.nl.sso.permission.service.dto.DataPermissionDto; +import org.springframework.data.domain.Pageable; +import java.util.Map; +import java.util.List; +import java.io.IOException; +import javax.servlet.http.HttpServletResponse; + +/** +* @description 服务接口 +* @author lyd +* @date 2022-12-09 +**/ +public interface DataPermissionService { + + /** + * 查询数据分页 + * @param whereJson 条件 + * @param page 分页参数 + * @return Map + */ + Map queryAll(Map whereJson, Pageable page); + + /** + * 查询所有数据不分页 + * @param whereJson 条件参数 + * @return List + */ + List queryAll(Map whereJson); + + /** + * 根据ID查询 + * @param permission_id ID + * @return DataPermission + */ + DataPermissionDto findById(Long permission_id); + + /** + * 根据编码查询 + * @param code code + * @return DataPermission + */ + DataPermissionDto findByCode(String code); + + + /** + * 创建 + * @param dto / + */ + void create(DataPermissionDto dto); + + /** + * 编辑 + * @param dto / + */ + void update(DataPermissionDto dto); + + /** + * 多选删除 + * @param ids / + */ + void deleteAll(Long[] ids); + + /** + * 获取数据权限 + * @return + */ + JSONArray getDataScopeType(); + + /** + * 获取数据权限下拉框 + * @return + */ + JSONArray getDataPermissionOption(); + + /** + * 保存数据权限 + * @param datas + */ + void savePermission(JSONObject datas); +} diff --git a/lms/nladmin-system/src/main/java/org/nl/sso/permission/service/dto/DataPermissionDto.java b/lms/nladmin-system/src/main/java/org/nl/sso/permission/service/dto/DataPermissionDto.java new file mode 100644 index 000000000..6b67f7c50 --- /dev/null +++ b/lms/nladmin-system/src/main/java/org/nl/sso/permission/service/dto/DataPermissionDto.java @@ -0,0 +1,54 @@ +package org.nl.sso.permission.service.dto; + +import lombok.Data; +import java.math.BigDecimal; +import java.io.Serializable; +import com.fasterxml.jackson.databind.annotation.JsonSerialize; +import com.fasterxml.jackson.databind.ser.std.ToStringSerializer; + +/** +* @description / +* @author lyd +* @date 2022-12-09 +**/ +@Data +public class DataPermissionDto implements Serializable { + + /** permission_id */ + /** 防止精度丢失 */ + @JsonSerialize(using= ToStringSerializer.class) + private Long permission_id; + + /** 编码 */ + private String code; + + /** 名称 */ + private String name; + + /** 排序 */ + private BigDecimal order_sort; + + /** 备注 */ + private String remark; + + /** 是否删除 */ + private String is_delete; + + /** 创建人标识 */ + private Long create_id; + + /** 创建人 */ + private String create_name; + + /** 修改时间 */ + private String update_time; + + /*创建时间*/ + private String create_time; + + /** 修改人标识 */ + private Long update_optid; + + /** 修改人 */ + private String update_optname; +} diff --git a/lms/nladmin-system/src/main/java/org/nl/sso/permission/service/impl/DataPermissionServiceImpl.java b/lms/nladmin-system/src/main/java/org/nl/sso/permission/service/impl/DataPermissionServiceImpl.java new file mode 100644 index 000000000..4b6e76c00 --- /dev/null +++ b/lms/nladmin-system/src/main/java/org/nl/sso/permission/service/impl/DataPermissionServiceImpl.java @@ -0,0 +1,213 @@ + +package org.nl.sso.permission.service.impl; + +import org.nl.modules.wql.WQL; +import org.nl.sso.permission.service.DataPermissionService; +import org.nl.sso.permission.service.dto.DataPermissionDto; +import com.alibaba.fastjson.JSON; +import lombok.RequiredArgsConstructor; +import org.nl.sso.tools.MapOf; +import org.nl.sso.tools.SecurityUtils; +import org.springframework.stereotype.Service; +import org.nl.modules.common.exception.BadRequestException; +import org.springframework.transaction.annotation.Transactional; + +import org.springframework.data.domain.Pageable; + +import java.util.HashSet; +import java.util.List; +import java.util.Map; +import java.util.Set; +import java.util.stream.Collectors; + +import cn.hutool.core.date.DateUtil; +import cn.hutool.core.util.IdUtil; +import com.alibaba.fastjson.JSONArray; +import com.alibaba.fastjson.JSONObject; +import org.nl.modules.wql.core.bean.ResultBean; +import org.nl.modules.wql.core.bean.WQLObject; +import org.nl.modules.wql.util.WqlUtil; +import lombok.extern.slf4j.Slf4j; +import cn.hutool.core.util.ObjectUtil; + +/** +* @description 服务实现 +* @author lyd +* @date 2022-12-09 +**/ +@Service +@RequiredArgsConstructor +@Slf4j +public class DataPermissionServiceImpl implements DataPermissionService { + + @Override + public Map queryAll(Map whereJson, Pageable page){ + WQLObject wo = WQLObject.getWQLObject("sys_data_permission"); + ResultBean rb = wo.pagequery(WqlUtil.getHttpContext(page), "1=1", "update_time desc"); + final JSONObject json = rb.pageResult(); + return json; + } + + @Override + public List queryAll(Map whereJson){ + WQLObject wo = WQLObject.getWQLObject("sys_data_permission"); + JSONArray arr = wo.query().getResultJSONArray(0); + if (ObjectUtil.isNotEmpty(arr)) return arr.toJavaList(DataPermissionDto.class); + return null; + } + + @Override + public DataPermissionDto findById(Long permission_id) { + WQLObject wo = WQLObject.getWQLObject("sys_data_permission"); + JSONObject json = wo.query("permission_id = '" + permission_id + "'").uniqueResult(0); + if (ObjectUtil.isNotEmpty(json)){ + return json.toJavaObject( DataPermissionDto.class); + } + return null; + } + + @Override + public DataPermissionDto findByCode(String code) { + WQLObject wo = WQLObject.getWQLObject("sys_data_permission"); + JSONObject json = wo.query("code ='" + code + "'").uniqueResult(0); + if (ObjectUtil.isNotEmpty(json)){ + return json.toJavaObject( DataPermissionDto.class); + } + return null; + } + + @Override + @Transactional(rollbackFor = Exception.class) + public void create(DataPermissionDto dto) { + Long currentUserId = SecurityUtils.getCurrentUserId(); + String nickName = SecurityUtils.getCurrentNickName(); + String now = DateUtil.now(); + + dto.setPermission_id(IdUtil.getSnowflake(1, 1).nextId()); + dto.setCreate_id(currentUserId); + dto.setCreate_name(nickName); + dto.setUpdate_optid(currentUserId); + dto.setUpdate_optname(nickName); + dto.setUpdate_time(now); + dto.setCreate_time(now); + + WQLObject wo = WQLObject.getWQLObject("sys_data_permission"); + JSONObject json = JSONObject.parseObject(JSON.toJSONString(dto)); + wo.insert(json); + } + + @Override + @Transactional(rollbackFor = Exception.class) + public void update(DataPermissionDto dto) { + DataPermissionDto entity = this.findById(dto.getPermission_id()); + if (entity == null) throw new BadRequestException("被删除或无权限,操作失败!"); + + Long currentUserId = SecurityUtils.getCurrentUserId(); + String nickName = SecurityUtils.getCurrentNickName(); + + String now = DateUtil.now(); + dto.setUpdate_time(now); + dto.setUpdate_optid(currentUserId); + dto.setUpdate_optname(nickName); + + WQLObject wo = WQLObject.getWQLObject("sys_data_permission"); + JSONObject json = JSONObject.parseObject(JSON.toJSONString(dto)); + wo.update(json); + } + + @Override + @Transactional(rollbackFor = Exception.class) + public void deleteAll(Long[] ids) { + Long currentUserId = SecurityUtils.getCurrentUserId(); + String nickName = SecurityUtils.getCurrentNickName(); + String now = DateUtil.now(); + + WQLObject wo = WQLObject.getWQLObject("sys_data_permission"); + for (Long permission_id: ids) { + JSONObject param = new JSONObject(); + param.put("permission_id", String.valueOf(permission_id)); + param.put("is_delete", "1"); + param.put("update_optid", currentUserId); + param.put("update_optname", nickName); + param.put("update_time", now); + wo.update(param); + } + } + + /** + * 获取数据权限 + * + * @return + */ + @Override + public JSONArray getDataScopeType() { + WQLObject wo = WQLObject.getWQLObject("sys_dict"); + JSONArray array = wo.query(" code = 'permission_scope_type'").getResultJSONArray(0); + return array; + } + + /** + * 获取数据权限下拉框 + * + * @return + */ + @Override + public JSONArray getDataPermissionOption() { + WQLObject wo = WQLObject.getWQLObject("sys_data_permission"); + JSONArray jsonArray = wo.query().getResultJSONArray(0); + return jsonArray; + } + + /** + * 保存数据权限 + * + * @param datas + */ + @Override + @Transactional(rollbackFor = Exception.class) + public void savePermission(JSONObject datas) { + String user_id = datas.getString("user_id"); + JSONArray data = datas.getJSONArray("datas"); + if (ObjectUtil.isEmpty(user_id)) throw new BadRequestException("用户不能为空"); + WQLObject permissionTab = WQLObject.getWQLObject("sys_user_data_permission"); // 用户数据权限表 + WQLObject scopeTab = WQLObject.getWQLObject("sys_data_scope"); // 用户数据权限表 + // 删除用户绑定的数据 + permissionTab.delete("user_id = '" + user_id + "'"); + scopeTab.delete("self_user_id = '" + user_id + "'"); + for (int i = 0; i < data.size(); i++) { + JSONObject scopeObj = data.getJSONObject(i); + String permission_scope_type = scopeObj.getString("value"); + String permission_id = scopeObj.getString("permission_id"); + // 保存用户数据权限 + permissionTab.insert(MapOf.of("user_id", user_id, + "permission_scope_type", permission_scope_type, + "permission_id", permission_id)); + JSONArray users = scopeObj.getJSONArray("users"); + if (ObjectUtil.isNotEmpty(users)) { // 如果是用户直接将用户的id绑定进去 + for (int j = 0; j < users.size(); j++) { + JSONObject user = users.getJSONObject(j); + String userId = user.getString("user_id"); + scopeTab.insert(MapOf.of("self_user_id", user_id, + "permission_scope_type", permission_scope_type, + "user_id", userId)); + } + } + JSONArray depts = scopeObj.getJSONArray("depts"); + if (ObjectUtil.isNotEmpty(depts)) { // 如果是部门,先根据部门id求出所有的用户id + for (int j = 0; j < depts.size(); j++) { + JSONObject dept = depts.getJSONObject(j); + JSONArray user_ids = WQL.getWO("Query").addParamMap( + MapOf.of("flag", "1","dept_id", dept.getString("dept_id"))) + .process().getResultJSONArray(0); + for (int k = 0; k < user_ids.size(); k++) { + String userId = user_ids.getJSONObject(k).getString("user_id"); + scopeTab.insert(MapOf.of("self_user_id", user_id, + "permission_scope_type", permission_scope_type, + "dept_id", dept.getString("dept_id"), + "user_id", userId)); + } + } + } + } + } +} diff --git a/lms/nladmin-system/src/main/java/org/nl/sso/permission/wql/Query.wql b/lms/nladmin-system/src/main/java/org/nl/sso/permission/wql/Query.wql new file mode 100644 index 000000000..e1b67a94f --- /dev/null +++ b/lms/nladmin-system/src/main/java/org/nl/sso/permission/wql/Query.wql @@ -0,0 +1,54 @@ +[交易说明] + 交易名: 数据权限相关查询 + 所属模块: + 功能简述: + 版权所有: + 表引用: + 版本经历: + +[数据库] + --指定数据库,为空采用默认值,默认为db.properties中列出的第一个库 + +[IO定义] + ################################################# + ## 表字段对应输入参数 + ################################################# + 输入.flag TYPEAS s_string + 输入.dept_id TYPEAS s_string + +[临时表] + --这边列出来的临时表就会在运行期动态创建 + +[临时变量] + --所有中间过程变量均可在此处定义 + +[业务过程] + + ########################################## + # 1、输入输出检查 # + ########################################## + + + ########################################## + # 2、主过程前处理 # + ########################################## + + + ########################################## + # 3、业务主过程 # + ########################################## + + IF 输入.flag = "1" + PAGEQUERY + SELECT + DISTINCT user_id + FROM + sys_user_dept + WHERE + 1 = 1 + OPTION 输入.dept_id <> "" + dept_id = 输入.dept_id + ENDOPTION + ENDSELECT + ENDPAGEQUERY + ENDIF diff --git a/lms/nladmin-ui/src/views/system/permission/dataPermission.js b/lms/nladmin-ui/src/views/system/permission/dataPermission.js new file mode 100644 index 000000000..234298dbf --- /dev/null +++ b/lms/nladmin-ui/src/views/system/permission/dataPermission.js @@ -0,0 +1,49 @@ +import request from '@/utils/request' + +export function add(data) { + return request({ + url: 'api/dataPermission', + method: 'post', + data + }) +} + +export function del(ids) { + return request({ + url: 'api/dataPermission/', + method: 'delete', + data: ids + }) +} + +export function edit(data) { + return request({ + url: 'api/dataPermission', + method: 'put', + data + }) +} + +export function getDataScopeType() { + return request({ + url: 'api/dataPermission/scopeType', + method: 'get' + }) +} + +export function getDataPermissionOption() { + return request({ + url: 'api/dataPermission/dataPermissionOption', + method: 'get' + }) +} + +export function saveDataPermission(data) { + return request({ + url: 'api/dataPermission/saveDataPermission', + method: 'post', + data + }) +} + +export default { add, edit, del, getDataScopeType, getDataPermissionOption, saveDataPermission } diff --git a/lms/nladmin-ui/src/views/system/permission/index.vue b/lms/nladmin-ui/src/views/system/permission/index.vue new file mode 100644 index 000000000..3f11c9e01 --- /dev/null +++ b/lms/nladmin-ui/src/views/system/permission/index.vue @@ -0,0 +1,109 @@ + + + + + diff --git a/lms/nladmin-ui/src/views/system/user/dialog/relevanceDeptDialog.vue b/lms/nladmin-ui/src/views/system/user/dialog/relevanceDeptDialog.vue new file mode 100644 index 000000000..99cb0aea4 --- /dev/null +++ b/lms/nladmin-ui/src/views/system/user/dialog/relevanceDeptDialog.vue @@ -0,0 +1,169 @@ + + + + + diff --git a/lms/nladmin-ui/src/views/system/user/dialog/relevanceUserDialog.vue b/lms/nladmin-ui/src/views/system/user/dialog/relevanceUserDialog.vue new file mode 100644 index 000000000..2a1559095 --- /dev/null +++ b/lms/nladmin-ui/src/views/system/user/dialog/relevanceUserDialog.vue @@ -0,0 +1,163 @@ + + + + + diff --git a/lms/nladmin-ui/src/views/system/user/index.vue b/lms/nladmin-ui/src/views/system/user/index.vue index b918ed772..ce82de28a 100644 --- a/lms/nladmin-ui/src/views/system/user/index.vue +++ b/lms/nladmin-ui/src/views/system/user/index.vue @@ -177,7 +177,9 @@ 部门权限 - 数据权限 + + 数据权限 + {{ enabledTypeOptions.find(item => {return item.key !== scope.row.is_used}).display_name }}账号 分配角色 @@ -219,14 +221,14 @@ /> - - + +
@@ -235,12 +237,65 @@
+ + + + + + + + + + + + + + + + + + + + + + + + + + +
+ 取消 + 确认 +
+ + +