增加根据permission来设置权限

hsweb-system/hsweb-system-authorization/hsweb-system-authorization-api/src/main/java/org/hswebframework/web/entity/authorization/AuthorizationSettingEntity.java

@@ -32,7 +32,7 @@ public interface AuthorizationSettingEntity extends GenericEntity<String> {
     |                属性名常量                |
     ===========================================*/
     /**
-     * 设置类型,如: role
+     * 设置类型(维度),如: role
      *
      * @see org.hswebframework.web.service.authorization.AuthorizationSettingTypeSupplier
      */

hsweb-system/hsweb-system-authorization/hsweb-system-authorization-api/src/main/java/org/hswebframework/web/service/authorization/AuthorizationSettingService.java

@@ -41,6 +41,32 @@ public interface AuthorizationSettingService extends CrudService<AuthorizationSe
      */
     AuthorizationSettingEntity select(String type, String settingFor);
 
+    /**
+     * 根据权限ID获取所有维度的权限设置,{@link AuthorizationSettingEntity#getDetails()}中只包含对应权限的信息,不会包含全部信息
+     *
+     * @param permissionId 权限ID
+     * @return 配置了权限的全部权限设置信息
+     * @since 3.0.9
+     */
+    List<AuthorizationSettingEntity> selectByPermissionId(String permissionId);
+
+    /**
+     * 合并保存权限信息,如果权限信息不存在则新增,如果已存在,则合并,而不是覆盖
+     *
+     * @param settings 权限信息集合
+     * @since 3.0.9
+     */
+    void mergeSetting(List<AuthorizationSettingEntity> settings);
+
+    /**
+     * 删除权限设置的单个权限
+     *
+     * @param settingId    权限设置ID
+     * @param permissionId 权限ID
+     * @since 3.0.9
+     */
+    void deleteDetail(String settingId, String permissionId);
+
     /**
      * 根据类型和被设置者初始化对应的权限信息
      *

hsweb-system/hsweb-system-authorization/hsweb-system-authorization-local/src/main/java/org/hswebframework/web/service/authorization/simple/SimpleAuthorizationSettingService.java

@@ -26,14 +26,17 @@ import org.hswebframework.web.authorization.simple.SimpleAuthentication;
 import org.hswebframework.web.authorization.simple.SimplePermission;
 import org.hswebframework.web.authorization.simple.SimpleRole;
 import org.hswebframework.web.authorization.simple.SimpleUser;
+import org.hswebframework.web.bean.FastBeanCopier;
 import org.hswebframework.web.commons.entity.DataStatus;
 import org.hswebframework.web.commons.entity.TreeSupportEntity;
+import org.hswebframework.web.commons.entity.factory.EntityFactory;
 import org.hswebframework.web.dao.authorization.AuthorizationSettingDao;
 import org.hswebframework.web.dao.authorization.AuthorizationSettingDetailDao;
 import org.hswebframework.web.entity.authorization.*;
 import org.hswebframework.web.id.IDGenerator;
 import org.hswebframework.web.service.DefaultDSLDeleteService;
 import org.hswebframework.web.service.DefaultDSLQueryService;
+import org.hswebframework.web.service.DefaultDSLUpdateService;
 import org.hswebframework.web.service.GenericEntityService;
 import org.hswebframework.web.service.authorization.*;
 import org.hswebframework.web.service.authorization.AuthorizationSettingTypeSupplier.SettingInfo;
@@ -44,6 +47,7 @@ import org.springframework.cache.annotation.CacheEvict;
 import org.springframework.cache.annotation.Cacheable;
 import org.springframework.cache.annotation.Caching;
 import org.springframework.stereotype.Service;
+import org.springframework.transaction.annotation.Transactional;
 import org.springframework.transaction.event.TransactionalEventListener;
 import org.springframework.util.CollectionUtils;
 import org.springframework.util.StringUtils;
@@ -54,12 +58,14 @@ import java.util.function.Predicate;
 import java.util.stream.Collectors;
 import java.util.stream.Stream;
 
+import static java.util.Optional.*;
 import static org.apache.commons.collections.CollectionUtils.isEmpty;
 import static org.apache.commons.collections.CollectionUtils.isNotEmpty;
 import static org.hswebframework.web.commons.entity.DataStatus.STATUS_ENABLED;
 import static org.hswebframework.web.entity.authorization.AuthorizationSettingDetailEntity.*;
 import static org.hswebframework.web.entity.authorization.AuthorizationSettingEntity.settingFor;
 import static org.hswebframework.web.entity.authorization.AuthorizationSettingEntity.type;
+import static org.hswebframework.web.service.DefaultDSLDeleteService.*;
 import static org.hswebframework.web.service.authorization.simple.CacheConstants.USER_AUTH_CACHE_NAME;
 import static org.hswebframework.web.service.authorization.simple.CacheConstants.USER_MENU_CACHE_NAME;
 
@@ -181,6 +187,77 @@ public class SimpleAuthorizationSettingService extends GenericEntityService<Auth
         return super.deleteByPk(id);
     }
 
+    @Override
+    @CacheEvict(cacheNames = {CacheConstants.USER_AUTH_CACHE_NAME, CacheConstants.USER_MENU_CACHE_NAME}, allEntries = true)
+    public void deleteDetail(String settingId, String permissionId) {
+
+        DefaultDSLDeleteService.createDelete(authorizationSettingDetailDao)
+                .where(AuthorizationSettingDetailEntity.settingId, settingId)
+                .and(AuthorizationSettingDetailEntity.permissionId, permissionId)
+                .exec();
+    }
+
+    @Override
+    @CacheEvict(cacheNames = {CacheConstants.USER_AUTH_CACHE_NAME, CacheConstants.USER_MENU_CACHE_NAME}, allEntries = true)
+    public void mergeSetting(List<AuthorizationSettingEntity> settings) {
+        for (AuthorizationSettingEntity setting : settings) {
+            if (select(setting.getType(), setting.getSettingFor()) == null) {
+                insert(setting);
+                continue;
+            }
+            if (!CollectionUtils.isEmpty(setting.getDetails())) {
+                for (AuthorizationSettingDetailEntity detail : setting.getDetails()) {
+                    detail.setSettingId(setting.getId());
+                    int i = DefaultDSLUpdateService
+                            .createUpdate(authorizationSettingDetailDao, detail)
+                            .where(detail::getSettingId)
+                            .and(detail::getPermissionId)
+                            .exec();
+                    if (i == 0) {
+                        detail.setId(IDGenerator.MD5.generate());
+                        authorizationSettingDetailDao.insert(detail);
+                    }
+                }
+            } else if (!CollectionUtils.isEmpty(setting.getMenus())) {
+                for (AuthorizationSettingMenuEntity menu : setting.getMenus()) {
+                    menu.setSettingId(setting.getId());
+                    authorizationSettingMenuService.saveOrUpdate(menu);
+                }
+            }
+        }
+    }
+
+    @Transactional(readOnly = true)
+    public List<AuthorizationSettingEntity> selectByPermissionId(String permissionId) {
+        List<AuthorizationSettingDetailEntity> detailEntities = DefaultDSLQueryService
+                .createQuery(authorizationSettingDetailDao)
+                .where(AuthorizationSettingDetailEntity::getPermissionId, permissionId)
+                .listNoPaging();
+
+        if (CollectionUtils.isEmpty(detailEntities)) {
+            return new ArrayList<>();
+        }
+
+        List<String> settingIdList = detailEntities
+                .stream()
+                .map(AuthorizationSettingDetailEntity::getPermissionId)
+                .collect(Collectors.toList());
+
+        List<AuthorizationSettingEntity> allSettings = selectByPk(settingIdList)
+                .stream()
+                //复制为新对象,防止加载一些没用的信息
+                .map(entity -> FastBeanCopier.copy(entity, entityFactory.newInstance(AuthorizationSettingEntity.class), "details", "menus"))
+                .collect(Collectors.toList());
+
+        Map<String, List<AuthorizationSettingDetailEntity>> details = detailEntities.stream()
+                .collect(Collectors.groupingBy(AuthorizationSettingDetailEntity::getSettingId));
+
+        for (AuthorizationSettingEntity allSetting : allSettings) {
+            ofNullable(details.get(allSetting.getId())).ifPresent(allSetting::setDetails);
+        }
+
+        return allSettings;
+    }
 
     private List<AuthorizationSettingEntity> getUserSetting(String userId) {
         Map<String, List<SettingInfo>> settingInfo =

hsweb-system/hsweb-system-authorization/hsweb-system-authorization-web/src/main/java/org/hswebframework/web/authorization/controller/AuthorizationSettingController.java

@@ -1,18 +1,18 @@
 /*
  *  Copyright 2019 http://www.hswebframework.org
- *  
+ *
  *  Licensed under the Apache License, Version 2.0 (the "License");
  *  you may not use this file except in compliance with the License.
  *  You may obtain a copy of the License at
  *
  *        http://www.apache.org/licenses/LICENSE-2.0
- *  
+ *
  *  Unless required by applicable law or agreed to in writing, software
  *  distributed under the License is distributed on an "AS IS" BASIS,
  *  WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
  *  See the License for the specific language governing permissions and
  *  limitations under the License.
- *  
+ *
  */
 
 package org.hswebframework.web.authorization.controller;
@@ -27,10 +27,9 @@ import org.hswebframework.web.controller.message.ResponseMessage;
 import org.hswebframework.web.entity.authorization.AuthorizationSettingEntity;
 import org.hswebframework.web.service.authorization.AuthorizationSettingService;
 import org.springframework.beans.factory.annotation.Autowired;
-import org.springframework.web.bind.annotation.GetMapping;
-import org.springframework.web.bind.annotation.PathVariable;
-import org.springframework.web.bind.annotation.RequestMapping;
-import org.springframework.web.bind.annotation.RestController;
+import org.springframework.web.bind.annotation.*;
+
+import java.util.List;
 
 /**
  * 权限设置
@@ -39,8 +38,8 @@ import org.springframework.web.bind.annotation.RestController;
  */
 @RestController
 @RequestMapping("${hsweb.web.mappings.autz-setting:autz-setting}")
-@Authorize(permission = "autz-setting",description = "权限设置")
-@Api(tags = "权限-权限设置",value = "权限设置")
+@Authorize(permission = "autz-setting", description = "权限设置")
+@Api(tags = "权限-权限设置", value = "权限设置")
 public class AuthorizationSettingController implements SimpleGenericEntityController<AuthorizationSettingEntity, String, QueryParamEntity> {
 
     private AuthorizationSettingService authorizationSettingService;
@@ -61,4 +60,27 @@ public class AuthorizationSettingController implements SimpleGenericEntityContro
     public ResponseMessage<AuthorizationSettingEntity> select(@PathVariable String type, @PathVariable String settingFor) {
         return ResponseMessage.ok(authorizationSettingService.select(type, settingFor));
     }
+
+    @GetMapping("/permission/{permissionId}")
+    @Authorize(action = Permission.ACTION_GET)
+    @ApiOperation("根据权限ID获取对应的权限配置信息")
+    public ResponseMessage<List<AuthorizationSettingEntity>> selectByPermissionId(@PathVariable String permissionId) {
+        return ResponseMessage.ok(authorizationSettingService.selectByPermissionId(permissionId));
+    }
+
+    @PutMapping("/merge")
+    @Authorize(action = Permission.ACTION_UPDATE)
+    @ApiOperation("合并权限信息")
+    public ResponseMessage<Void> mergeSetting(@RequestBody List<AuthorizationSettingEntity> list) {
+        authorizationSettingService.mergeSetting(list);
+        return ResponseMessage.ok();
+    }
+
+    @DeleteMapping("/{settingId}/{permissionId}")
+    @Authorize(action = Permission.ACTION_UPDATE)
+    @ApiOperation("删除单个权限配置详情")
+    public ResponseMessage<Void> deleteDetail(@PathVariable String settingId, @PathVariable String permissionId) {
+        authorizationSettingService.deleteDetail(settingId, permissionId);
+        return ResponseMessage.ok();
+    }
 }