优化权限解析

hsweb-authorization/hsweb-authorization-api/src/main/java/org/hswebframework/web/authorization/define/DataAccessDefinition.java

@@ -3,20 +3,18 @@ package org.hswebframework.web.authorization.define;
 import lombok.Getter;
 import lombok.Setter;
 
-import java.util.ArrayList;
-import java.util.List;
-import java.util.Optional;
+import java.util.*;
 
 @Getter
 @Setter
 public class DataAccessDefinition {
 
-    List<DataAccessTypeDefinition> dataAccessTypes=new ArrayList<>();
+    Set<DataAccessTypeDefinition> dataAccessTypes=new HashSet<>();
 
     public Optional<DataAccessTypeDefinition> getType(String typeId){
         return dataAccessTypes
                 .stream()
-                .filter(datd->datd.getId().equalsIgnoreCase(typeId))
+                .filter(type->type.getId().equalsIgnoreCase(typeId))
                 .findAny();
     }
 }

hsweb-authorization/hsweb-authorization-api/src/main/java/org/hswebframework/web/authorization/define/DataAccessTypeDefinition.java

@@ -1,12 +1,15 @@
 package org.hswebframework.web.authorization.define;
 
+import lombok.EqualsAndHashCode;
 import lombok.Getter;
 import lombok.Setter;
 import org.hswebframework.web.authorization.access.DataAccessController;
 import org.hswebframework.web.authorization.access.DataAccessType;
+import org.hswebframework.web.bean.FastBeanCopier;
 
 @Getter
 @Setter
+@EqualsAndHashCode(of = "id")
 public class DataAccessTypeDefinition implements DataAccessType {
     private String id;
 
@@ -15,4 +18,8 @@ public class DataAccessTypeDefinition implements DataAccessType {
     private String description;
 
     private Class<? extends DataAccessController> controller;
+
+    public DataAccessTypeDefinition copy(){
+        return FastBeanCopier.copy(this,DataAccessTypeDefinition::new);
+    }
 }

hsweb-authorization/hsweb-authorization-api/src/main/java/org/hswebframework/web/authorization/define/DimensionDefinition.java

@@ -1,26 +1,33 @@
 package org.hswebframework.web.authorization.define;
 
+import lombok.EqualsAndHashCode;
 import lombok.Getter;
 import lombok.Setter;
 import org.hswebframework.web.authorization.DimensionType;
 import org.hswebframework.web.authorization.annotation.Logical;
+import org.hswebframework.web.bean.FastBeanCopier;
 
 import java.util.HashSet;
 import java.util.Set;
 
 @Getter
 @Setter
+@EqualsAndHashCode(of = "typeId")
 public class DimensionDefinition {
 
     private String typeId;
 
     private String typeName;
 
-    private Set<String> dimensionId=new HashSet<>();
+    private Set<String> dimensionId = new HashSet<>();
 
-    private Logical logical=Logical.DEFAULT;
+    private Logical logical = Logical.DEFAULT;
 
-    public boolean hasDimension(String id){
+    public boolean hasDimension(String id) {
         return dimensionId.contains(id);
     }
+
+    public DimensionDefinition copy() {
+        return FastBeanCopier.copy(this, DimensionDefinition::new);
+    }
 }

hsweb-authorization/hsweb-authorization-api/src/main/java/org/hswebframework/web/authorization/define/DimensionsDefinition.java

@@ -7,13 +7,15 @@ import org.hswebframework.web.authorization.Dimension;
 import org.hswebframework.web.authorization.annotation.Logical;
 
 import java.util.ArrayList;
+import java.util.HashSet;
 import java.util.List;
+import java.util.Set;
 
 @Getter
 @Setter
 public class DimensionsDefinition {
 
-    private List<DimensionDefinition> dimensions = new ArrayList<>();
+    private Set<DimensionDefinition> dimensions = new HashSet<>();
 
     private Logical logical = Logical.DEFAULT;
 

hsweb-authorization/hsweb-authorization-api/src/main/java/org/hswebframework/web/authorization/define/MergedAuthorizeDefinition.java

@@ -0,0 +1,35 @@
+package org.hswebframework.web.authorization.define;
+
+import java.util.List;
+import java.util.Set;
+
+
+public class MergedAuthorizeDefinition {
+
+    private ResourcesDefinition resources = new ResourcesDefinition();
+
+    private DimensionsDefinition dimensions = new DimensionsDefinition();
+
+    public Set<ResourceDefinition> getResources() {
+        return resources.getResources();
+    }
+
+    public Set<DimensionDefinition> getDimensions() {
+        return dimensions.getDimensions();
+    }
+
+    public void addResource(ResourceDefinition resource) {
+        resources.addResource(resource, true);
+    }
+
+    public void addDimension(DimensionDefinition resource) {
+        dimensions.addDimension(resource);
+    }
+
+    public void merge(List<AuthorizeDefinition> definitions) {
+        for (AuthorizeDefinition definition : definitions) {
+            definition.getResources().getResources().forEach(this::addResource);
+            definition.getDimensions().getDimensions().forEach(this::addDimension);
+        }
+    }
+}

hsweb-authorization/hsweb-authorization-api/src/main/java/org/hswebframework/web/authorization/define/ResourceActionDefinition.java

@@ -1,12 +1,15 @@
 package org.hswebframework.web.authorization.define;
 
+import lombok.EqualsAndHashCode;
 import lombok.Getter;
 import lombok.Setter;
+import org.hswebframework.web.bean.FastBeanCopier;
 
 import java.util.List;
 
 @Getter
 @Setter
+@EqualsAndHashCode(of = "id")
 public class ResourceActionDefinition {
     private String id;
 
@@ -15,4 +18,9 @@ public class ResourceActionDefinition {
     private String description;
 
     private DataAccessDefinition dataAccess = new DataAccessDefinition();
+
+    public ResourceActionDefinition copy(){
+        return FastBeanCopier.copy(this,ResourceActionDefinition::new);
+    }
+
 }

hsweb-authorization/hsweb-authorization-api/src/main/java/org/hswebframework/web/authorization/define/ResourceDefinition.java

@@ -2,16 +2,20 @@ package org.hswebframework.web.authorization.define;
 
 import com.fasterxml.jackson.annotation.JsonIgnore;
 import lombok.AccessLevel;
+import lombok.EqualsAndHashCode;
 import lombok.Getter;
 import lombok.Setter;
 import org.apache.commons.collections.CollectionUtils;
 import org.hswebframework.web.authorization.annotation.Logical;
+import org.hswebframework.web.bean.FastBeanCopier;
 
+import java.io.Serializable;
 import java.util.*;
 import java.util.stream.Collectors;
 
 @Getter
 @Setter
+@EqualsAndHashCode(of = "id")
 public class ResourceDefinition {
     private String id;
 
@@ -19,7 +23,7 @@ public class ResourceDefinition {
 
     private String description;
 
-    private List<ResourceActionDefinition> actions = new ArrayList<>();
+    private Set<ResourceActionDefinition> actions = new HashSet<>();
 
     private List<String> group;
 
@@ -29,8 +33,35 @@ public class ResourceDefinition {
 
     private Logical logical = Logical.DEFAULT;
 
-    public void addAction(ResourceActionDefinition action) {
+    public static ResourceDefinition of(String id, String name) {
+        ResourceDefinition definition = new ResourceDefinition();
+        definition.setId(id);
+        definition.setName(name);
+        return definition;
+    }
+
+    public ResourceDefinition copy() {
+        ResourceDefinition definition = FastBeanCopier.copy(this, ResourceDefinition::new);
+        definition.setActions(actions.stream().map(ResourceActionDefinition::copy).collect(Collectors.toSet()));
+        return definition;
+    }
+
+    public ResourceDefinition addAction(String id, String name) {
+        ResourceActionDefinition action = new ResourceActionDefinition();
+        action.setId(id);
+        action.setName(name);
+        return addAction(action);
+    }
+
+    public synchronized ResourceDefinition addAction(ResourceActionDefinition action) {
+        actionIds = null;
+        ResourceActionDefinition old = getAction(action.getId()).orElse(null);
+        if (old != null) {
+            old.getDataAccess().getDataAccessTypes()
+                    .addAll(action.getDataAccess().getDataAccessTypes());
+        }
         actions.add(action);
+        return this;
     }
 
     public Optional<ResourceActionDefinition> getAction(String action) {

hsweb-authorization/hsweb-authorization-api/src/main/java/org/hswebframework/web/authorization/define/ResourcesDefinition.java

@@ -15,7 +15,7 @@ import java.util.stream.Collectors;
 @Setter
 public class ResourcesDefinition {
 
-    private List<ResourceDefinition> resources = new ArrayList<>();
+    private Set<ResourceDefinition> resources = new HashSet<>();
 
     private Logical logical = Logical.DEFAULT;
 
@@ -25,12 +25,15 @@ public class ResourcesDefinition {
         ResourceDefinition definition = getResource(resource.getId()).orElse(null);
         if (definition != null) {
             if (merge) {
-                resource.getActions().forEach(definition::addAction);
+                resource.getActions()
+                        .stream()
+                        .map(ResourceActionDefinition::copy)
+                        .forEach(definition::addAction);
             } else {
                 resources.remove(definition);
             }
         }
-        resources.add(resource);
+        resources.add(resource.copy());
 
     }
 

hsweb-authorization/hsweb-authorization-api/src/test/java/org/hswebframework/web/authorization/define/MergedAuthorizeDefinitionTest.java

@@ -0,0 +1,28 @@
+package org.hswebframework.web.authorization.define;
+
+import org.junit.Assert;
+import org.junit.Test;
+
+import java.util.Arrays;
+import java.util.Set;
+
+import static org.junit.Assert.*;
+
+public class MergedAuthorizeDefinitionTest {
+
+    @Test
+    public void test() {
+        MergedAuthorizeDefinition definition = new MergedAuthorizeDefinition();
+        definition.addResource(ResourceDefinition.of("test", "测试").addAction("create", "新增"));
+        definition.addResource(ResourceDefinition.of("test", "测试").addAction("update", "修改"));
+        definition.addResource(ResourceDefinition.of("test", "测试").addAction("update", "修改"));
+
+
+        Set<ResourceDefinition> definitions = definition.getResources();
+        Assert.assertEquals(definitions.size(), 1);
+        Assert.assertTrue(definitions.iterator().next().hasAction(Arrays.asList("create")));
+        Assert.assertTrue(definitions.iterator().next().hasAction(Arrays.asList("update")));
+
+    }
+
+}

hsweb-authorization/hsweb-authorization-basic/src/main/java/org/hswebframework/web/authorization/basic/define/MergedAuthorizeDefinition.java

@@ -0,0 +1,21 @@
+package org.hswebframework.web.authorization.basic.define;
+
+import lombok.Getter;
+import lombok.Setter;
+import org.hswebframework.web.authorization.define.AuthorizeDefinition;
+import org.hswebframework.web.authorization.define.DimensionsDefinition;
+import org.hswebframework.web.authorization.define.ResourcesDefinition;
+
+import java.io.Serializable;
+import java.util.List;
+
+@Getter
+@Setter
+public class MergedAuthorizeDefinition implements Serializable {
+
+    private ResourcesDefinition resources = new ResourcesDefinition();
+    private DimensionsDefinition dimensions = new DimensionsDefinition();
+
+
+
+}

hsweb-system/hsweb-system-authorization/hsweb-system-authorization-api/src/main/java/org/hswebframework/web/system/authorization/api/entity/ActionEntity.java

@@ -10,10 +10,13 @@ import java.util.Map;
 @Builder
 @NoArgsConstructor
 @AllArgsConstructor
+@EqualsAndHashCode(of = "action")
 public class ActionEntity implements Entity {
 
     private String action;
 
+    private String name;
+
     private String describe;
 
     private Map<String,Object> properties;

hsweb-system/hsweb-system-authorization/hsweb-system-authorization-api/src/main/java/org/hswebframework/web/system/authorization/api/entity/OptionalField.java

@@ -1,6 +1,7 @@
 package org.hswebframework.web.system.authorization.api.entity;
 
 import lombok.Data;
+import lombok.EqualsAndHashCode;
 import lombok.Getter;
 import lombok.Setter;
 import org.hswebframework.web.api.crud.entity.Entity;
@@ -8,6 +9,7 @@ import org.hswebframework.web.api.crud.entity.Entity;
 import java.util.Map;
 
 @Data
+@EqualsAndHashCode(of = "name")
 public class OptionalField implements Entity {
     private String name;
 

hsweb-system/hsweb-system-authorization/hsweb-system-authorization-default/pom.xml

@@ -30,6 +30,12 @@
             <artifactId>commons-codec</artifactId>
         </dependency>
 
+        <dependency>
+            <groupId>org.springframework</groupId>
+            <artifactId>spring-aspects</artifactId>
+            <scope>test</scope>
+        </dependency>
+
         <dependency>
             <groupId>org.springframework.boot</groupId>
             <artifactId>spring-boot-starter-test</artifactId>

hsweb-system/hsweb-system-authorization/hsweb-system-authorization-default/src/main/java/org/hswebframework/web/system/authorization/defaults/configuration/AuthorizationServiceAutoConfiguration.java

@@ -6,10 +6,7 @@ import org.hswebframework.web.authorization.ReactiveAuthenticationManagerProvide
 import org.hswebframework.web.authorization.simple.DefaultAuthorizationAutoConfiguration;
 import org.hswebframework.web.system.authorization.api.UserDimensionProvider;
 import org.hswebframework.web.system.authorization.api.service.reactive.ReactiveUserService;
-import org.hswebframework.web.system.authorization.defaults.service.DefaultDimensionService;
-import org.hswebframework.web.system.authorization.defaults.service.DefaultReactiveAuthenticationInitializeService;
-import org.hswebframework.web.system.authorization.defaults.service.DefaultReactiveAuthenticationManager;
-import org.hswebframework.web.system.authorization.defaults.service.DefaultReactiveUserService;
+import org.hswebframework.web.system.authorization.defaults.service.*;
 import org.springframework.boot.autoconfigure.AutoConfigureAfter;
 import org.springframework.boot.autoconfigure.AutoConfigureBefore;
 import org.springframework.boot.autoconfigure.condition.ConditionalOnBean;
@@ -22,7 +19,7 @@ public class AuthorizationServiceAutoConfiguration {
 
     @Configuration(proxyBeanMethods = false)
     @AutoConfigureBefore(DefaultAuthorizationAutoConfiguration.class)
-    static class ReactiveAuthorizationServiceAutoConfiguration{
+    static class ReactiveAuthorizationServiceAutoConfiguration {
         @ConditionalOnBean(ReactiveRepository.class)
         @Bean
         public ReactiveUserService reactiveUserService() {
@@ -41,13 +38,18 @@ public class AuthorizationServiceAutoConfiguration {
             return new DefaultReactiveAuthenticationInitializeService();
         }
 
+        @Bean
+        public PermissionSynchronization permissionSynchronization() {
+            return new PermissionSynchronization();
+        }
+
         @Bean
         public DefaultDimensionService defaultDimensionService() {
             return new DefaultDimensionService();
         }
 
         @Bean
-        public UserDimensionProvider userPermissionDimensionProvider(){
+        public UserDimensionProvider userPermissionDimensionProvider() {
             return new UserDimensionProvider();
         }
     }

hsweb-system/hsweb-system-authorization/hsweb-system-authorization-default/src/main/java/org/hswebframework/web/system/authorization/defaults/service/PermissionSynchronization.java

@@ -0,0 +1,85 @@
+package org.hswebframework.web.system.authorization.defaults.service;
+
+import lombok.extern.slf4j.Slf4j;
+import org.hswebframework.ezorm.rdb.mapping.ReactiveRepository;
+import org.hswebframework.web.authorization.define.*;
+import org.hswebframework.web.system.authorization.api.entity.ActionEntity;
+import org.hswebframework.web.system.authorization.api.entity.PermissionEntity;
+import org.springframework.beans.factory.annotation.Autowired;
+import org.springframework.boot.CommandLineRunner;
+import org.springframework.context.event.EventListener;
+import reactor.core.publisher.Flux;
+import reactor.core.publisher.Mono;
+
+import java.util.*;
+import java.util.function.Function;
+import java.util.stream.Collectors;
+
+@Slf4j
+public class PermissionSynchronization implements CommandLineRunner {
+
+    @Autowired
+    private ReactiveRepository<PermissionEntity, String> permissionRepository;
+
+    private MergedAuthorizeDefinition definition = new MergedAuthorizeDefinition();
+
+    @EventListener
+    public void handleResourceParseEvent(AuthorizeDefinitionInitializedEvent event) {
+        definition.merge(event.getAllDefinition());
+    }
+
+    protected PermissionEntity convert(Map<String, PermissionEntity> old, ResourceDefinition definition) {
+        PermissionEntity entity = old.getOrDefault(definition.getId(), PermissionEntity.builder()
+                .name(definition.getName())
+                .describe(definition.getDescription())
+                .status((byte) 1)
+                .build());
+
+
+        Map<String, ActionEntity> oldAction = new HashMap<>();
+        if (entity.getActions() != null) {
+            entity.getActions().forEach(a -> oldAction.put(a.getAction(), a));
+        }
+
+        for (ResourceActionDefinition definitionAction : definition.getActions()) {
+            ActionEntity action = oldAction.getOrDefault(definition.getId(),ActionEntity
+                    .builder()
+                    .action(definitionAction.getId())
+                    .name(definitionAction.getName())
+                    .describe(definitionAction.getName())
+                    .build());
+            Map<String, Object> properties = Optional.ofNullable(action.getProperties()).orElse(new HashMap<>());
+            Set<Object> types = Optional.of(properties.computeIfAbsent("supportDataAccessTypes", t -> new HashSet<>()))
+                    .filter(Collection.class::isInstance)
+                    .<Collection<Object>>map(Collection.class::cast)
+                    .<Set<Object>>map(HashSet::new)
+                    .orElseGet(HashSet::new);
+
+            types.addAll(definitionAction.getDataAccess().getDataAccessTypes().stream().map(DataAccessTypeDefinition::getId).collect(Collectors.toSet()));
+            action.setProperties(properties);
+            oldAction.put(action.getAction(),action);
+        }
+        entity.setActions(new ArrayList<>(oldAction.values()));
+
+
+        return entity;
+    }
+
+    @Override
+    public void run(String... args) throws Exception {
+        if (definition.getResources().isEmpty()) {
+            return;
+        }
+        permissionRepository.createQuery()
+                .fetch()
+                .collect(Collectors.toMap(PermissionEntity::getId, Function.identity()))
+                .flatMap(group -> Flux.fromIterable(definition.getResources())
+                        .map(d -> this.convert(group, d))
+                        .as(permissionRepository::save))
+                .doOnError(err -> log.warn("sync permission error", err))
+                .subscribe(l -> {
+                    log.warn("sync permission success:{}", l);
+                });
+
+    }
+}

hsweb-system/hsweb-system-authorization/hsweb-system-authorization-default/src/main/java/org/hswebframework/web/system/authorization/defaults/webflux/WebFluxPermissionController.java

@@ -8,6 +8,7 @@ import org.hswebframework.web.authorization.Permission;
 import org.hswebframework.web.authorization.annotation.Authorize;
 import org.hswebframework.web.authorization.annotation.QueryAction;
 import org.hswebframework.web.authorization.annotation.Resource;
+import org.hswebframework.web.crud.web.reactive.ReactiveCrudController;
 import org.hswebframework.web.exception.NotFoundException;
 import org.hswebframework.web.system.authorization.api.entity.PermissionEntity;
 import org.reactivestreams.Publisher;
@@ -22,40 +23,14 @@ import java.util.List;
 @RequestMapping("/permission")
 @Authorize
 @Resource(id = "permission",name = "权限管理",group = "system")
-public class WebFluxPermissionController {
+public class WebFluxPermissionController implements ReactiveCrudController<PermissionEntity,String> {
 
     @Autowired
     private ReactiveRepository<PermissionEntity, String> repository;
 
-    @GetMapping
-    @QueryAction
-    public Flux<PermissionEntity> findAllPermission(QueryParamEntity paramEntity) {
-        return repository.createQuery()
-                .setParam(paramEntity)
-                .fetch();
-    }
-
-    @GetMapping("/{id}")
-    @QueryAction
-    public Mono<PermissionEntity> getPermission(@PathVariable String id) {
-        return Mono.just(id)
-                .as(repository::findById)
-                .switchIfEmpty(Mono.error(NotFoundException::new));
-    }
-
-    @GetMapping("/count")
-    @QueryAction
-    public Mono<Integer> countAllPermission(QueryParamEntity paramEntity) {
-        return repository.createQuery()
-                .setParam(paramEntity)
-                .count()
-                .defaultIfEmpty(0);
-    }
-
-    @PatchMapping
-    @QueryAction
-    public Mono<SaveResult> savePermission(@RequestBody Publisher<PermissionEntity> paramEntity) {
-        return repository.save(paramEntity);
+    @Override
+    public ReactiveRepository<PermissionEntity, String> getRepository() {
+        return repository;
     }
 
     @PutMapping("/status/{status}")

hsweb-system/hsweb-system-authorization/hsweb-system-authorization-default/src/test/java/org/hswebframework/web/system/authorization/defaults/service/reactive/WebFluxPermissionControllerTest.java

@@ -5,11 +5,13 @@ import org.hswebframework.web.crud.configuration.EasyOrmConfiguration;
 import org.hswebframework.web.crud.configuration.JdbcSqlExecutorConfiguration;
 import org.hswebframework.web.crud.configuration.R2dbcSqlExecutorConfiguration;
 import org.hswebframework.web.system.authorization.api.entity.PermissionEntity;
+import org.hswebframework.web.system.authorization.defaults.configuration.AuthorizationServiceAutoConfiguration;
 import org.hswebframework.web.system.authorization.defaults.configuration.AuthorizationWebAutoConfiguration;
 import org.hswebframework.web.system.authorization.defaults.webflux.WebFluxPermissionController;
 import org.junit.Test;
 import org.junit.runner.RunWith;
 import org.springframework.beans.factory.annotation.Autowired;
+import org.springframework.boot.autoconfigure.EnableAutoConfiguration;
 import org.springframework.boot.autoconfigure.ImportAutoConfiguration;
 import org.springframework.boot.autoconfigure.data.r2dbc.R2dbcTransactionManagerAutoConfiguration;
 import org.springframework.boot.autoconfigure.r2dbc.ConnectionFactoryAutoConfiguration;
@@ -26,7 +28,9 @@ import reactor.core.publisher.Mono;
 @RunWith(SpringRunner.class)
 @WebFluxTest(WebFluxPermissionController.class)
 @ImportAutoConfiguration(value = {
-        AuthorizationWebAutoConfiguration.class, EasyOrmConfiguration.class,
+        AuthorizationWebAutoConfiguration.class,
+        AuthorizationServiceAutoConfiguration.class,
+        EasyOrmConfiguration.class,
         R2dbcSqlExecutorConfiguration.class, ConnectionFactoryAutoConfiguration.class,
         R2dbcTransactionManagerAutoConfiguration.class,
         ReactiveTransactionAutoConfiguration.class
@@ -34,7 +38,8 @@ import reactor.core.publisher.Mono;
         JdbcSqlExecutorConfiguration.class,
         TransactionAutoConfiguration.class
 })
-@EnableTransactionManagement
+@EnableTransactionManagement(proxyTargetClass = true)
+@EnableAutoConfiguration
 public class WebFluxPermissionControllerTest {
 
     @Autowired

hsweb-system/hsweb-system-authorization/hsweb-system-authorization-default/src/test/resources/application.yml

@@ -5,7 +5,12 @@ logging:
     org.springframework.data.r2dbc.connectionfactory: debug
 #spring:
 #  r2dbc:
-
+spring:
+  aop:
+    proxy-target-class: true
+hsweb:
+  authorize:
+    auto-parse: true
 easyorm:
   default-schema: PUBLIC
   dialect: h2