优化权限。增加权限管理

hsweb-system/hsweb-system-authorization/hsweb-system-authorization-dao/hsweb-system-authorization-dao-mybatis/src/main/resources/org/hswebframework/web/dao/mybatis/mappers/authorization/PermissionMapper.xml

@@ -29,6 +29,7 @@
         <result property="actions" column="actions" javaType="java.util.List" jdbcType="VARCHAR"/>
         <result property="optionalFields" column="optional_fields" javaType="java.util.List" jdbcType="CLOB"/>
         <result property="supportDataAccessTypes" column="spt_da_types" javaType="java.util.List" jdbcType="CLOB"/>
+        <!--<result property="parents" column="parents" javaType="java.util.List" jdbcType="CLOB"/>-->
     </resultMap>
 
     <!--用于动态生成sql所需的配置-->

hsweb-system/hsweb-system-authorization/hsweb-system-authorization-entity/src/main/java/org/hswebframework/web/entity/authorization/ActionEntity.java

@@ -14,6 +14,8 @@ import java.util.stream.Collectors;
 @NoArgsConstructor
 public class ActionEntity implements CloneableEntity {
 
+    private static final long serialVersionUID = -5756333786703175612L;
+
     private String action;
 
     private String describe;

hsweb-system/hsweb-system-authorization/hsweb-system-authorization-entity/src/main/java/org/hswebframework/web/entity/authorization/ParentPermission.java

@@ -0,0 +1,22 @@
+package org.hswebframework.web.entity.authorization;
+
+import lombok.AllArgsConstructor;
+import lombok.Getter;
+import lombok.NoArgsConstructor;
+import lombok.Setter;
+import org.hswebframework.web.commons.entity.Entity;
+
+import java.util.Set;
+
+@Getter
+@Setter
+@AllArgsConstructor
+@NoArgsConstructor
+public class ParentPermission implements Entity {
+
+    private static final long serialVersionUID = -7099575758680437572L;
+
+    private String permission;
+
+    private Set<String> actions;
+}

hsweb-system/hsweb-system-authorization/hsweb-system-authorization-entity/src/main/java/org/hswebframework/web/entity/authorization/PermissionEntity.java

@@ -24,8 +24,6 @@ import javax.validation.constraints.Pattern;
 import java.util.List;
 
 /**
- * TODO 完成注释
- *
  * @author zhouhao
  */
 public interface PermissionEntity extends GenericEntity<String> {
@@ -62,4 +60,7 @@ public interface PermissionEntity extends GenericEntity<String> {
 
     List<OptionalField> getOptionalFields();
 
+    //直接关联其他权限
+    List<ParentPermission> getParents();
+
 }

hsweb-system/hsweb-system-authorization/hsweb-system-authorization-entity/src/main/java/org/hswebframework/web/entity/authorization/SimplePermissionEntity.java

@@ -35,6 +35,9 @@ public class SimplePermissionEntity extends SimpleGenericEntity<String> implemen
 
     private List<OptionalField> optionalFields;
 
+    //直接关联其他权限
+    private List<ParentPermission> parents;
+
     @Override
     public SimplePermissionEntity clone() {
         SimplePermissionEntity target = (SimplePermissionEntity) super.clone();

hsweb-system/hsweb-system-authorization/hsweb-system-authorization-service/hsweb-system-authorization-service-simple/src/main/java/org/hswebframework/web/service/authorization/simple/SimpleAuthorizationSettingService.java

@@ -319,6 +319,7 @@ public class SimpleAuthorizationSettingService extends GenericEntityService<Auth
                 permissionService.selectByPk(permissionIds)
                         .stream()
                         .collect(Collectors.toMap(PermissionEntity::getId, Function.identity()));
+
         //防止越权
         detailList = detailList.stream().filter(detail -> {
             PermissionEntity entity = permissionEntityCache.get(detail.getPermissionId());
@@ -353,6 +354,12 @@ public class SimpleAuthorizationSettingService extends GenericEntityService<Auth
                 .collect(Collectors.groupingBy(AuthorizationSettingDetailEntity::getPermissionId));
 
         List<Permission> permissions = new ArrayList<>();
+        //获取关联的权限信息
+        Map<String, List<ParentPermission>> parentsPermissions = permissionEntityCache.values().stream()
+                .map(PermissionEntity::getParents)
+                .filter(Objects::nonNull)
+                .flatMap(Collection::stream)
+                .collect(Collectors.groupingBy(ParentPermission::getPermission));
 
         settings.forEach((permissionId, details) -> {
             SimplePermission permission = new SimplePermission();
@@ -379,10 +386,32 @@ public class SimpleAuthorizationSettingService extends GenericEntityService<Auth
                             .collect(Collectors.toSet()));
                 }
             }
+            //是否有其他权限关联了此权限
+            List<ParentPermission> parents = parentsPermissions.get(permissionId);
+            if (parents != null) {
+                actions.addAll(parents.stream()
+                        .map(ParentPermission::getActions)
+                        .filter(Objects::nonNull)
+                        .flatMap(Collection::stream)
+                        .collect(Collectors.toSet()));
+                parentsPermissions.remove(permissionId);
+            }
             permission.setActions(actions);
             permission.setDataAccesses(dataAccessConfigs);
             permissions.add(permission);
         });
+
+        //关联权限
+        parentsPermissions.forEach((per, all) -> {
+            SimplePermission permission = new SimplePermission();
+            permission.setId(per);
+            permission.setActions(all.stream()
+                    .map(ParentPermission::getActions)
+                    .filter(Objects::nonNull)
+                    .flatMap(Collection::stream)
+                    .collect(Collectors.toSet()));
+            permissions.add(permission);
+        });
         authentication.setPermissions(permissions);
         return authentication;
     }

hsweb-system/hsweb-system-authorization/hsweb-system-authorization-starter/src/main/resources/hsweb-starter.js

@@ -34,6 +34,7 @@ var versions = [
     // }
 ];
 var JDBCType = java.sql.JDBCType;
+
 function install(context) {
     var database = context.database;
     database.createOrAlter("s_user")
@@ -64,6 +65,7 @@ function install(context) {
         .addColumn().name("actions").clob().notNull().comment("可选操作(按钮)").commit()
         .addColumn().name("spt_da_types").clob().comment("支持的数据权限类型").commit()
         .addColumn().name("optional_fields").clob().comment("可选字段").commit()
+        .addColumn().name("parents").clob().comment("关联其他权限").commit()
         .comment("权限表").commit();
 
     database.createOrAlter("s_permission_role")