feat：增加权限管控

flyfish-data/src/main/java/com/flyfish/framework/domain/base/IUser.java

@@ -67,6 +67,10 @@ public interface IUser {
 
     void setOpenId(String openId);
 
+    String getAuthority();
+
+    void setAuthority(String authority);
+
     Object getDetail();
 
     void setDetail(Object detail);

flyfish-data/src/main/java/com/flyfish/framework/repository/ReactiveQueryModelExecutor.java

@@ -0,0 +1,94 @@
+package com.flyfish.framework.repository;
+
+import com.flyfish.framework.domain.base.Qo;
+import org.springframework.data.domain.Page;
+import org.springframework.data.domain.Pageable;
+import org.springframework.data.domain.Sort;
+import reactor.core.publisher.Flux;
+import reactor.core.publisher.Mono;
+
+import java.util.List;
+import java.util.Optional;
+
+/**
+ * 查询模型支持
+ *
+ * @author wangyu
+ * 基于repo的公共扩展
+ */
+public interface ReactiveQueryModelExecutor<T> {
+
+    /**
+     * 通过名称查找一个
+     *
+     * @param name 名称
+     * @return 结果
+     */
+    Mono<T> findByName(String name);
+
+    /**
+     * Returns a single entity matching the given {@link Qo} or {@link Optional#empty()} if none was found.
+     *
+     * @param query must not be {@literal null}.
+     * @return a single entity matching the given {@link Qo} or {@link Optional#empty()} if none was found.
+     * @throws org.springframework.dao.IncorrectResultSizeDataAccessException if the Qo yields more than one
+     *                                                                        result.
+     */
+    Mono<T> findOne(Qo<T> query);
+
+    /**
+     * Returns all entities matching the given {@link Qo}. In case no match could be found an empty
+     * {@link Iterable} is returned.
+     *
+     * @param query must not be {@literal null}.
+     * @return all entities matching the given {@link Qo}.
+     */
+    Flux<T> findAll(Qo<T> query);
+
+    /**
+     * Returns all entities matching the given {@link Qo} applying the given {@link Sort}. In case no match could
+     * be found an empty {@link Iterable} is returned.
+     *
+     * @param query must not be {@literal null}.
+     * @param sort  the {@link Sort} specification to sort the results by, may be {@link Sort#empty()}, must not be
+     *              {@literal null}.
+     * @return all entities matching the given {@link Qo}.
+     * @since 1.10
+     */
+    Flux<T> findAll(Qo<T> query, Sort sort);
+
+    /**
+     * Returns a {@link Page} of entities matching the given {@link Qo}. In case no match could be found, an empty
+     * {@link Page} is returned.
+     *
+     * @param query    must not be {@literal null}.
+     * @param pageable may be {@link Pageable#unpaged()}, must not be {@literal null}.
+     * @return a {@link Page} of entities matching the given {@link Qo}.
+     */
+    Page<T> findAll(Qo<T> query, Pageable pageable);
+
+    /**
+     * Returns the number of instances matching the given {@link Qo}.
+     *
+     * @param query the {@link Qo} to count instances for, must not be {@literal null}.
+     * @return the number of instances matching the {@link Qo}.
+     */
+    long count(Qo<T> query);
+
+    /**
+     * 通过特定键的集合查询
+     *
+     * @param key    键
+     * @param values 集合
+     * @return 结果
+     */
+    List<T> findAllByValues(String key, List<Object> values);
+
+    /**
+     * Checks whether the data store contains elements that match the given {@link Qo}.
+     *
+     * @param query the {@link Qo} to use for the existence check, must not be {@literal null}.
+     * @return {@literal true} if the data store contains elements that match the given {@link Qo}.
+     */
+    boolean exists(Qo<T> query);
+}

flyfish-data/src/main/java/com/flyfish/framework/repository/impl/DefaultReactiveRepositoryImpl.java

@@ -0,0 +1,4 @@
+package com.flyfish.framework.repository.impl;
+
+public class DefaultReactiveRepositoryImpl {
+}

flyfish-user/src/main/java/com/flyfish/framework/controller/UserController.java

@@ -9,6 +9,7 @@ import com.flyfish.framework.domain.base.IUser;
 import com.flyfish.framework.domain.po.Role;
 import com.flyfish.framework.domain.po.User;
 import com.flyfish.framework.enums.UserStatus;
+import com.flyfish.framework.service.ReactiveUserService;
 import com.flyfish.framework.service.UserService;
 import com.flyfish.framework.utils.Assert;
 import com.flyfish.framework.utils.StrengthUtils;
@@ -85,4 +86,19 @@ public class UserController extends BaseController<User, UserQo> {
                 .map(context -> (IUser) context.getAuthentication().getPrincipal())
                 .map(Result::ok);
     }
+
+    @PatchMapping("/status")
+    public Mono<Result<User>> updateStatus(String authorize) {
+        ReactiveUserService reactiveService = (ReactiveUserService) this.reactiveService;
+        return ReactiveSecurityContextHolder.getContext()
+                .map(context -> (IUser) context.getAuthentication().getPrincipal())
+                .flatMap(user -> {
+                    user.setAuthority(authorize);
+                    User updating = new User();
+                    updating.setId(user.getId());
+                    updating.setAuthority(user.getAuthority());
+                    return reactiveService.updateSelectiveById(updating);
+                })
+                .map(Result::ok);
+    }
 }

flyfish-user/src/main/java/com/flyfish/framework/domain/AdminUserDetails.java

@@ -146,6 +146,7 @@ public class AdminUserDetails implements UserDetails, IUser {
         return CopyUtils.copyProps(this, new User());
     }
 
+    @Override
     public String getAuthority() {
         if (StringUtils.isBlank(authority) && null != departments) {
             authority = departments.stream().findFirst().map(Domain::getId).orElse(null);

flyfish-user/src/main/java/com/flyfish/framework/domain/authorized/AuthorizedDomain.java

@@ -1,5 +1,6 @@
 package com.flyfish.framework.domain.authorized;
 
+import com.flyfish.framework.annotations.Property;
 import com.flyfish.framework.context.UserContext;
 import com.flyfish.framework.domain.base.AuditDomain;
 import com.flyfish.framework.domain.po.Department;
@@ -18,6 +19,7 @@ public abstract class AuthorizedDomain extends AuditDomain {
 
     // 作用域id，一般是部门。用户存储时插入
     @NotBlank(message = "请选择当前部")
+    @Property(readonly = true)
     private String authorizeId;
 
     public String getAuthorizeId() {

flyfish-user/src/main/java/com/flyfish/framework/domain/authorized/AuthorizedQo.java

@@ -4,15 +4,15 @@ import com.flyfish.framework.builder.CriteriaBuilder;
 import com.flyfish.framework.context.SpringContext;
 import com.flyfish.framework.domain.base.NameLikeQo;
 import com.flyfish.framework.domain.po.Department;
-import com.flyfish.framework.domain.po.User;
+import com.flyfish.framework.enums.UserType;
 import com.flyfish.framework.service.DepartmentService;
 import lombok.Getter;
 import lombok.Setter;
-import org.springframework.security.core.parameters.P;
+import lombok.val;
+import org.apache.commons.collections4.CollectionUtils;
 
 import java.util.Collections;
 import java.util.List;
-import java.util.Optional;
 import java.util.stream.Collectors;
 
 /**
@@ -33,11 +33,21 @@ public abstract class AuthorizedQo<T extends AuthorizedDomain> extends NameLikeQ
      * @return 结果
      */
     public List<String> getAuthorizedIds() {
-        return Optional.ofNullable(this.user)
+        if (null != user) {
-                .map(User::getDepartments)
+            // 是超级管理员，放行，返回null
-                .map(departs -> departs.stream().map(Department::getId).collect(Collectors.toList()))
+            if (user.getType() == UserType.SUPER_ADMIN) {
-                .map(this::getSubAuthorities)
+                return null;
-                .orElse(Collections.singletonList(Department.PUBLIC));
+            }
+            if (CollectionUtils.isNotEmpty(user.getDepartments())) {
+                val departs = user.getDepartments().stream().map(Department::getId)
+                        .collect(Collectors.toList());
+                val result = getSubAuthorities(departs);
+                if (CollectionUtils.isNotEmpty(result)) {
+                    return result;
+                }
+            }
+        }
+        return Collections.singletonList(Department.PUBLIC);
     }
 
     @Override

flyfish-web/src/main/java/com/flyfish/framework/service/impl/BaseReactiveServiceImpl.java

@@ -1,5 +1,8 @@
 package com.flyfish.framework.service.impl;
 
+import com.flyfish.framework.auditor.BeanAuditor;
+import com.flyfish.framework.auditor.BeanPoster;
+import com.flyfish.framework.domain.base.AuditDomain;
 import com.flyfish.framework.domain.base.Domain;
 import com.flyfish.framework.domain.base.Qo;
 import com.flyfish.framework.repository.DefaultReactiveRepository;
@@ -28,6 +31,13 @@ public class BaseReactiveServiceImpl<T extends Domain> implements BaseReactiveSe
 
     @Autowired
     protected DefaultReactiveRepository<T> repository;
+    @Autowired(required = false)
+    protected BeanAuditor<T> auditor;
+    @Autowired(required = false)
+    protected BeanPoster<T> poster;
+    @Autowired
+    private BeanAuditor<AuditDomain> operationAuditor;
+
 
     /**
      * 查询
@@ -213,10 +223,9 @@ public class BaseReactiveServiceImpl<T extends Domain> implements BaseReactiveSe
     @Override
     public Mono<T> updateSelectiveById(T entity) {
         Assert.hasText(entity.getId(), "更新的主键不可为空！");
-        Mono<T> saved = repository.findById(entity.getId());
+        return repository.findById(entity.getId())
-//        Assert.isTrue(saved.isPresent(), "要更新的信息不存在！");
+                .map(saved -> CopyUtils.copyProps(entity, saved))
-        return repository.saveAll(saved.filter(Objects::nonNull)
+                .flatMap(this::updateById);
-                .map(t -> CopyUtils.copyProps(entity, t)).flux()).single();
     }
 
     /**
@@ -250,5 +259,35 @@ public class BaseReactiveServiceImpl<T extends Domain> implements BaseReactiveSe
 //                .collect(Collectors.toList());
         return repository.saveAll(entities);
     }
+
+    /**
+     * 对象审查
+     *
+     * @param entity 实体
+     */
+    protected void audit(T entity) {
+        // 用户审查
+        if (entity instanceof AuditDomain) {
+            operationAuditor.audit((AuditDomain) entity);
+        }
+        // 自定义审查
+        if (auditor != null) {
+            auditor.audit(entity);
+        }
+    }
+
+    /**
+     * 后置审查
+     *
+     * @param entity 实体
+     * @return 结果
+     */
+    protected T post(T entity) {
+        if (null != poster) {
+            poster.post(entity);
+        }
+        return entity;
+    }
+
 }