From 617098577e787f6c16df8273f385ba5ff3bba5cd Mon Sep 17 00:00:00 2001
From: wangyu <727842003@qq.com>
Date: Mon, 3 Jan 2022 20:27:19 +0800
Subject: [PATCH] =?UTF-8?q?feat=EF=BC=9A=E5=AE=9E=E7=8E=B0=E7=89=B9?=
 =?UTF-8?q?=E6=AE=8A=E6=83=85=E5=86=B5=E7=9A=84=E4=BF=9D=E5=AD=98?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

---
 .../domain/authorized/AuthorizedQo.java       |  7 +++
 .../flyfish/framework/utils/DepartUtils.java  | 49 ++++++++++---------
 .../reactive/ReactiveBaseController.java      | 12 +++++
 .../service/impl/BaseReactiveServiceImpl.java |  3 +-
 4 files changed, 46 insertions(+), 25 deletions(-)

diff --git a/flyfish-data/src/main/java/com/flyfish/framework/domain/authorized/AuthorizedQo.java b/flyfish-data/src/main/java/com/flyfish/framework/domain/authorized/AuthorizedQo.java
index 4227709..20816d7 100644
--- a/flyfish-data/src/main/java/com/flyfish/framework/domain/authorized/AuthorizedQo.java
+++ b/flyfish-data/src/main/java/com/flyfish/framework/domain/authorized/AuthorizedQo.java
@@ -6,6 +6,7 @@ import com.flyfish.framework.domain.po.Department;
 import com.flyfish.framework.enums.UserType;
 import lombok.Getter;
 import lombok.Setter;
+import org.apache.commons.lang3.BooleanUtils;
 import org.springframework.data.mongodb.core.query.Criteria;
 
 import java.util.Collections;
@@ -37,9 +38,15 @@ public abstract class AuthorizedQo<T extends AuthorizedDomain> extends NameLikeQ
 
     @Override
     public CriteriaBuilder<T> criteriaBuilder() {
+        // 超级管理员拥有查看所有草稿的权限
         if (user.getType() == UserType.SUPER_ADMIN) {
             return super.criteriaBuilder().with("published");
         }
+        // 查询草稿，只查询自己的
+        if (BooleanUtils.isFalse(published)) {
+            return super.criteriaBuilder().with("published").with(() -> Criteria.where("creatorId").is(user.getId()));
+        }
+        // 普通查询，根据权限配置查询
         return super.criteriaBuilder()
                 .with(() -> Criteria.where("$or").is(
                         CriteriaBuilder.createCriteriaList(
diff --git a/flyfish-data/src/main/java/com/flyfish/framework/utils/DepartUtils.java b/flyfish-data/src/main/java/com/flyfish/framework/utils/DepartUtils.java
index 825c2fb..bfa0c58 100644
--- a/flyfish-data/src/main/java/com/flyfish/framework/utils/DepartUtils.java
+++ b/flyfish-data/src/main/java/com/flyfish/framework/utils/DepartUtils.java
@@ -56,30 +56,31 @@ public final class DepartUtils {
         if (item instanceof AuthorizedVo) {
             AuthorizedVo<?> vo = CastUtils.cast(item);
             // 已发布的内容，谁都不能修改
-            if (BooleanUtils.isTrue(po.getPublished())) {
-                vo.setReadonly(true);
-            } else {
-                vo.setReadonly(false);
-                // 获取当前用户
-                IUser user = po.getCurrentUser();
-                if (user.getType() != UserType.SUPER_ADMIN) {
-                    // 用户所属部门
-                    Set<String> userDeparts = DepartUtils.mergeDeparts(user.getDepartments());
-                    // 实体归属部门
-                    String currentDepart = po.getAuthorizeId();
-                    // 用户权限合集
-                    Set<Role.Authority> authorities = user.getRoles().stream()
-                            .flatMap(role -> null == role.getAuthorities() ? Stream.empty() : role.getAuthorities().stream())
-                            .collect(Collectors.toSet());
-                    // 取出权限，便于判定
-                    boolean admin = authorities.contains(Role.Authority.ADMIN);
-                    boolean edit = authorities.contains(Role.Authority.EDIT);
-                    boolean editChildren = authorities.contains(Role.Authority.EDIT_CHILDREN);
-                    // 开始判定只读情况，管理员权限或者创建者，均具有读写权限
-                    if (!admin && !po.getCreatorId().equals(user.getId())) {
-                        vo.setReadonly(!edit && userDeparts.contains(currentDepart) ||
-                                !editChildren && !userDeparts.contains(currentDepart));
-                    }
+            vo.setReadonly(false);
+            // 获取当前用户
+            IUser user = po.getCurrentUser();
+            // 非超级管理员，才需要判定
+            if (user.getType() != UserType.SUPER_ADMIN) {
+                // 用户所属部门
+                Set<String> userDeparts = DepartUtils.mergeDeparts(user.getDepartments());
+                // 实体归属部门
+                String depart = po.getAuthorizeId();
+                // 用户权限合集
+                Set<Role.Authority> authorities = user.getRoles().stream()
+                        .flatMap(role -> null == role.getAuthorities() ? Stream.empty() : role.getAuthorities().stream())
+                        .collect(Collectors.toSet());
+                // 取出权限，便于判定
+                boolean admin = authorities.contains(Role.Authority.ADMIN);
+                boolean edit = authorities.contains(Role.Authority.EDIT);
+                boolean editChildren = authorities.contains(Role.Authority.EDIT_CHILDREN);
+                // 开始判定只读情况，已发布，仅有编辑权限的用户可编辑，管理员权限或者相应部门可编辑权限，才具有读写权限
+                if (BooleanUtils.isTrue(po.getPublished())) {
+                    vo.setReadonly(!admin && (
+                            !edit && userDeparts.contains(depart) || !editChildren && !userDeparts.contains(depart)
+                    ));
+                } else {
+                    // 草稿状态，仅创建者可编辑，其余任何人不可编辑（除了超级管理员）
+                    vo.setReadonly(!po.getCreatorId().equals(user.getId()));
                 }
             }
         }
diff --git a/flyfish-web/src/main/java/com/flyfish/framework/controller/reactive/ReactiveBaseController.java b/flyfish-web/src/main/java/com/flyfish/framework/controller/reactive/ReactiveBaseController.java
index 00cf291..4e4287a 100644
--- a/flyfish-web/src/main/java/com/flyfish/framework/controller/reactive/ReactiveBaseController.java
+++ b/flyfish-web/src/main/java/com/flyfish/framework/controller/reactive/ReactiveBaseController.java
@@ -42,6 +42,12 @@ public abstract class ReactiveBaseController<T extends Domain, Q extends Qo<T>>
         return reactiveService.count(qo).map(Result::accept);
     }
 
+    @PostMapping(value = "", headers = "Draft=1")
+    @Operation.Create
+    public Mono<Result<T>> createDraft(@RequestBody T entity) {
+        return reactiveService.create(entity).map(Result::accept);
+    }
+
     @PostMapping("")
     @Operation.Create
     public Mono<Result<T>> create(@ValidRequestBody T entity) {
@@ -53,6 +59,12 @@ public abstract class ReactiveBaseController<T extends Domain, Q extends Qo<T>>
         return reactiveService.getById(id).map(Result::accept).defaultIfEmpty(Result.notFound());
     }
 
+    @PutMapping(value = "{id}", headers = "Draft=1")
+    @Operation.Update
+    public Mono<Result<T>> updateDraft(@RequestBody T entity) {
+        return reactiveService.updateSelectiveById(entity).map(Result::accept).defaultIfEmpty(Result.notFound());
+    }
+
     @PutMapping("{id}")
     @Operation.Update
     public Mono<Result<T>> update(@ValidRequestBody T entity) {
diff --git a/flyfish-web/src/main/java/com/flyfish/framework/service/impl/BaseReactiveServiceImpl.java b/flyfish-web/src/main/java/com/flyfish/framework/service/impl/BaseReactiveServiceImpl.java
index b86969c..2201f24 100644
--- a/flyfish-web/src/main/java/com/flyfish/framework/service/impl/BaseReactiveServiceImpl.java
+++ b/flyfish-web/src/main/java/com/flyfish/framework/service/impl/BaseReactiveServiceImpl.java
@@ -24,6 +24,7 @@ import reactor.core.publisher.Flux;
 import reactor.core.publisher.Mono;
 
 import java.util.ArrayList;
+import java.util.Collections;
 import java.util.List;
 import java.util.Objects;
 import java.util.stream.Collectors;
@@ -348,7 +349,7 @@ public class BaseReactiveServiceImpl<T extends Domain> implements BaseReactiveSe
                     .flatMapMany(list -> repository.saveAll(list))
                     .flatMap(this::post);
         }
-        return Flux.fromIterable(entities);
+        return Flux.fromIterable(Collections.emptyList());
     }
 
     /**