|
|
@@ -9,6 +9,7 @@ import com.skyversation.xjcy.util.HashBasedLockManager;
|
|
|
import com.skyversation.xjcy.util.HttpUtil;
|
|
|
import com.skyversation.xjcy.util.MessageManage;
|
|
|
import com.skyversation.xjcy.util.ObfuscationUtils;
|
|
|
+import lombok.AllArgsConstructor;
|
|
|
import lombok.Getter;
|
|
|
import org.springframework.beans.factory.annotation.Value;
|
|
|
import org.springframework.stereotype.Service;
|
|
|
@@ -128,6 +129,11 @@ public class AuthService {
|
|
|
*/
|
|
|
private static final String RESPONSE_FIELD_ROLE_ID = "roleId";
|
|
|
|
|
|
+ @Value("${app.oauth.role-config}")
|
|
|
+ private String roleConfigJson;
|
|
|
+
|
|
|
+ private final Map<String, List<Role>> ROLE_CONFIG_MAP = new HashMap<>();
|
|
|
+
|
|
|
/**
|
|
|
* yyyy-MM-dd HH:mm:ss
|
|
|
*/
|
|
|
@@ -175,6 +181,13 @@ public class AuthService {
|
|
|
}
|
|
|
}
|
|
|
|
|
|
+ @Getter
|
|
|
+ @AllArgsConstructor
|
|
|
+ public final static class Role{
|
|
|
+ private final String roleId;
|
|
|
+ private final String serviceId;
|
|
|
+ }
|
|
|
+
|
|
|
// ============================ 实例变量 ============================
|
|
|
|
|
|
/**
|
|
|
@@ -235,6 +248,29 @@ public class AuthService {
|
|
|
throw new IllegalStateException("OAuth配置不完整: oauth.path必须配置");
|
|
|
}
|
|
|
account = new Account(loginName, password);
|
|
|
+
|
|
|
+ initRoleConfigMap();
|
|
|
+ }
|
|
|
+
|
|
|
+ /**
|
|
|
+ * 从JSON配置初始化角色映射
|
|
|
+ */
|
|
|
+ private void initRoleConfigMap() {
|
|
|
+ try {
|
|
|
+ JSONObject config = JSON.parseObject(roleConfigJson);
|
|
|
+ for (String key : config.keySet()) {
|
|
|
+ List<JSONObject> roleList = config.getJSONArray(key).toJavaList(JSONObject.class);
|
|
|
+ List<Role> roles = new ArrayList<>();
|
|
|
+ for (JSONObject roleJson : roleList) {
|
|
|
+ String roleId = roleJson.getString("roleId");
|
|
|
+ String serviceId = roleJson.getString("serviceId");
|
|
|
+ roles.add(new Role(roleId, serviceId));
|
|
|
+ }
|
|
|
+ ROLE_CONFIG_MAP.put(key, roles);
|
|
|
+ }
|
|
|
+ } catch (Exception e) {
|
|
|
+ throw new IllegalStateException("角色配置JSON解析失败: " + e.getMessage(), e);
|
|
|
+ }
|
|
|
}
|
|
|
|
|
|
// ============================ 公共方法 ============================
|
|
|
@@ -350,16 +386,18 @@ public class AuthService {
|
|
|
* 升级用户为企业用户权限组
|
|
|
*/
|
|
|
public void upgradeRoleEnterprise(JSONObject userContent) {
|
|
|
- updateRole(userContent, Collections.singletonList("40"), Collections.emptyList(), "11");
|
|
|
- updateRole(userContent, Collections.singletonList("44"), Collections.emptyList(), "12");
|
|
|
+ updateRoles(userContent, ROLE_CONFIG_MAP.get("ENTERPRISE_ROLE"), Collections.emptyList());
|
|
|
}
|
|
|
|
|
|
/**
|
|
|
* 降级用户使其失去企业用户权限组
|
|
|
*/
|
|
|
public void deUpgradeRoleEnterprise(JSONObject userContent) {
|
|
|
- updateRole(userContent, Collections.emptyList(), Collections.singletonList("40"), "11");
|
|
|
- updateRole(userContent, Collections.emptyList(), Collections.singletonList("44"), "12");
|
|
|
+ List<Role> removeRoles = Arrays.asList(
|
|
|
+ new Role("40", "11"),
|
|
|
+ new Role("44", "12")
|
|
|
+ );
|
|
|
+ updateRoles(userContent, ROLE_CONFIG_MAP.get("ENTERPRISE_ROLE"), removeRoles);
|
|
|
}
|
|
|
|
|
|
/**
|
|
|
@@ -450,6 +488,39 @@ public class AuthService {
|
|
|
return isSuccess(JSONObject.parseObject(response));
|
|
|
}
|
|
|
|
|
|
+ private boolean updateRoles(JSONObject userContent, Collection<Role> addRoleIds, Collection<Role> removeRoleIds){
|
|
|
+ Map<String, List<String>> addRolesByService = new HashMap<>();
|
|
|
+ Map<String, List<String>> removeRolesByService = new HashMap<>();
|
|
|
+
|
|
|
+ if (addRoleIds != null) {
|
|
|
+ for (Role role : addRoleIds) {
|
|
|
+ addRolesByService.computeIfAbsent(role.getServiceId(), k -> new ArrayList<>())
|
|
|
+ .add(role.getRoleId());
|
|
|
+ }
|
|
|
+ }
|
|
|
+
|
|
|
+ if (removeRoleIds != null) {
|
|
|
+ for (Role role : removeRoleIds) {
|
|
|
+ removeRolesByService.computeIfAbsent(role.getServiceId(), k -> new ArrayList<>())
|
|
|
+ .add(role.getRoleId());
|
|
|
+ }
|
|
|
+ }
|
|
|
+
|
|
|
+ Set<String> allServiceIds = new HashSet<>();
|
|
|
+ allServiceIds.addAll(addRolesByService.keySet());
|
|
|
+ allServiceIds.addAll(removeRolesByService.keySet());
|
|
|
+
|
|
|
+ boolean allSuccess = true;
|
|
|
+ for (String serviceId : allServiceIds) {
|
|
|
+ List<String> addIds = addRolesByService.getOrDefault(serviceId, Collections.emptyList());
|
|
|
+ List<String> removeIds = removeRolesByService.getOrDefault(serviceId, Collections.emptyList());
|
|
|
+ boolean success = updateRole(userContent, addIds, removeIds, serviceId);
|
|
|
+ allSuccess = allSuccess && success;
|
|
|
+ }
|
|
|
+
|
|
|
+ return allSuccess;
|
|
|
+ }
|
|
|
+
|
|
|
private void deleteUser(String userId) {
|
|
|
MultiValueMap<String, Object> params = new LinkedMultiValueMap<>();
|
|
|
params.add("userId", userId);
|
|
|
@@ -480,9 +551,8 @@ public class AuthService {
|
|
|
allSuccess = false;
|
|
|
}
|
|
|
}
|
|
|
- allSuccess = allSuccess && updateRole(userContent, Collections.singletonList("41"), Collections.emptyList(), "11");
|
|
|
- allSuccess = allSuccess && updateRole(userContent, Collections.singletonList("45"), Collections.emptyList(), "12");
|
|
|
- allSuccess = allSuccess && updateRole(userContent, Collections.singletonList("48"), Collections.emptyList(), "2");
|
|
|
+
|
|
|
+ allSuccess = allSuccess && updateRoles(userContent, ROLE_CONFIG_MAP.get("INIT_ROLE"), Collections.emptyList());
|
|
|
return allSuccess;
|
|
|
}
|
|
|
|
ximinghao