feat:实现特殊情况的保存
This commit is contained in:
parent
38f90de292
commit
617098577e
@ -6,6 +6,7 @@ import com.flyfish.framework.domain.po.Department;
|
|||||||
import com.flyfish.framework.enums.UserType;
|
import com.flyfish.framework.enums.UserType;
|
||||||
import lombok.Getter;
|
import lombok.Getter;
|
||||||
import lombok.Setter;
|
import lombok.Setter;
|
||||||
|
import org.apache.commons.lang3.BooleanUtils;
|
||||||
import org.springframework.data.mongodb.core.query.Criteria;
|
import org.springframework.data.mongodb.core.query.Criteria;
|
||||||
|
|
||||||
import java.util.Collections;
|
import java.util.Collections;
|
||||||
@ -37,9 +38,15 @@ public abstract class AuthorizedQo<T extends AuthorizedDomain> extends NameLikeQ
|
|||||||
|
|
||||||
@Override
|
@Override
|
||||||
public CriteriaBuilder<T> criteriaBuilder() {
|
public CriteriaBuilder<T> criteriaBuilder() {
|
||||||
|
// 超级管理员拥有查看所有草稿的权限
|
||||||
if (user.getType() == UserType.SUPER_ADMIN) {
|
if (user.getType() == UserType.SUPER_ADMIN) {
|
||||||
return super.criteriaBuilder().with("published");
|
return super.criteriaBuilder().with("published");
|
||||||
}
|
}
|
||||||
|
// 查询草稿,只查询自己的
|
||||||
|
if (BooleanUtils.isFalse(published)) {
|
||||||
|
return super.criteriaBuilder().with("published").with(() -> Criteria.where("creatorId").is(user.getId()));
|
||||||
|
}
|
||||||
|
// 普通查询,根据权限配置查询
|
||||||
return super.criteriaBuilder()
|
return super.criteriaBuilder()
|
||||||
.with(() -> Criteria.where("$or").is(
|
.with(() -> Criteria.where("$or").is(
|
||||||
CriteriaBuilder.createCriteriaList(
|
CriteriaBuilder.createCriteriaList(
|
||||||
|
|||||||
@ -56,30 +56,31 @@ public final class DepartUtils {
|
|||||||
if (item instanceof AuthorizedVo) {
|
if (item instanceof AuthorizedVo) {
|
||||||
AuthorizedVo<?> vo = CastUtils.cast(item);
|
AuthorizedVo<?> vo = CastUtils.cast(item);
|
||||||
// 已发布的内容,谁都不能修改
|
// 已发布的内容,谁都不能修改
|
||||||
if (BooleanUtils.isTrue(po.getPublished())) {
|
vo.setReadonly(false);
|
||||||
vo.setReadonly(true);
|
// 获取当前用户
|
||||||
} else {
|
IUser user = po.getCurrentUser();
|
||||||
vo.setReadonly(false);
|
// 非超级管理员,才需要判定
|
||||||
// 获取当前用户
|
if (user.getType() != UserType.SUPER_ADMIN) {
|
||||||
IUser user = po.getCurrentUser();
|
// 用户所属部门
|
||||||
if (user.getType() != UserType.SUPER_ADMIN) {
|
Set<String> userDeparts = DepartUtils.mergeDeparts(user.getDepartments());
|
||||||
// 用户所属部门
|
// 实体归属部门
|
||||||
Set<String> userDeparts = DepartUtils.mergeDeparts(user.getDepartments());
|
String depart = po.getAuthorizeId();
|
||||||
// 实体归属部门
|
// 用户权限合集
|
||||||
String currentDepart = po.getAuthorizeId();
|
Set<Role.Authority> authorities = user.getRoles().stream()
|
||||||
// 用户权限合集
|
.flatMap(role -> null == role.getAuthorities() ? Stream.empty() : role.getAuthorities().stream())
|
||||||
Set<Role.Authority> authorities = user.getRoles().stream()
|
.collect(Collectors.toSet());
|
||||||
.flatMap(role -> null == role.getAuthorities() ? Stream.empty() : role.getAuthorities().stream())
|
// 取出权限,便于判定
|
||||||
.collect(Collectors.toSet());
|
boolean admin = authorities.contains(Role.Authority.ADMIN);
|
||||||
// 取出权限,便于判定
|
boolean edit = authorities.contains(Role.Authority.EDIT);
|
||||||
boolean admin = authorities.contains(Role.Authority.ADMIN);
|
boolean editChildren = authorities.contains(Role.Authority.EDIT_CHILDREN);
|
||||||
boolean edit = authorities.contains(Role.Authority.EDIT);
|
// 开始判定只读情况,已发布,仅有编辑权限的用户可编辑,管理员权限或者相应部门可编辑权限,才具有读写权限
|
||||||
boolean editChildren = authorities.contains(Role.Authority.EDIT_CHILDREN);
|
if (BooleanUtils.isTrue(po.getPublished())) {
|
||||||
// 开始判定只读情况,管理员权限或者创建者,均具有读写权限
|
vo.setReadonly(!admin && (
|
||||||
if (!admin && !po.getCreatorId().equals(user.getId())) {
|
!edit && userDeparts.contains(depart) || !editChildren && !userDeparts.contains(depart)
|
||||||
vo.setReadonly(!edit && userDeparts.contains(currentDepart) ||
|
));
|
||||||
!editChildren && !userDeparts.contains(currentDepart));
|
} else {
|
||||||
}
|
// 草稿状态,仅创建者可编辑,其余任何人不可编辑(除了超级管理员)
|
||||||
|
vo.setReadonly(!po.getCreatorId().equals(user.getId()));
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|||||||
@ -42,6 +42,12 @@ public abstract class ReactiveBaseController<T extends Domain, Q extends Qo<T>>
|
|||||||
return reactiveService.count(qo).map(Result::accept);
|
return reactiveService.count(qo).map(Result::accept);
|
||||||
}
|
}
|
||||||
|
|
||||||
|
@PostMapping(value = "", headers = "Draft=1")
|
||||||
|
@Operation.Create
|
||||||
|
public Mono<Result<T>> createDraft(@RequestBody T entity) {
|
||||||
|
return reactiveService.create(entity).map(Result::accept);
|
||||||
|
}
|
||||||
|
|
||||||
@PostMapping("")
|
@PostMapping("")
|
||||||
@Operation.Create
|
@Operation.Create
|
||||||
public Mono<Result<T>> create(@ValidRequestBody T entity) {
|
public Mono<Result<T>> create(@ValidRequestBody T entity) {
|
||||||
@ -53,6 +59,12 @@ public abstract class ReactiveBaseController<T extends Domain, Q extends Qo<T>>
|
|||||||
return reactiveService.getById(id).map(Result::accept).defaultIfEmpty(Result.notFound());
|
return reactiveService.getById(id).map(Result::accept).defaultIfEmpty(Result.notFound());
|
||||||
}
|
}
|
||||||
|
|
||||||
|
@PutMapping(value = "{id}", headers = "Draft=1")
|
||||||
|
@Operation.Update
|
||||||
|
public Mono<Result<T>> updateDraft(@RequestBody T entity) {
|
||||||
|
return reactiveService.updateSelectiveById(entity).map(Result::accept).defaultIfEmpty(Result.notFound());
|
||||||
|
}
|
||||||
|
|
||||||
@PutMapping("{id}")
|
@PutMapping("{id}")
|
||||||
@Operation.Update
|
@Operation.Update
|
||||||
public Mono<Result<T>> update(@ValidRequestBody T entity) {
|
public Mono<Result<T>> update(@ValidRequestBody T entity) {
|
||||||
|
|||||||
@ -24,6 +24,7 @@ import reactor.core.publisher.Flux;
|
|||||||
import reactor.core.publisher.Mono;
|
import reactor.core.publisher.Mono;
|
||||||
|
|
||||||
import java.util.ArrayList;
|
import java.util.ArrayList;
|
||||||
|
import java.util.Collections;
|
||||||
import java.util.List;
|
import java.util.List;
|
||||||
import java.util.Objects;
|
import java.util.Objects;
|
||||||
import java.util.stream.Collectors;
|
import java.util.stream.Collectors;
|
||||||
@ -348,7 +349,7 @@ public class BaseReactiveServiceImpl<T extends Domain> implements BaseReactiveSe
|
|||||||
.flatMapMany(list -> repository.saveAll(list))
|
.flatMapMany(list -> repository.saveAll(list))
|
||||||
.flatMap(this::post);
|
.flatMap(this::post);
|
||||||
}
|
}
|
||||||
return Flux.fromIterable(entities);
|
return Flux.fromIterable(Collections.emptyList());
|
||||||
}
|
}
|
||||||
|
|
||||||
/**
|
/**
|
||||||
|
|||||||
Loading…
Reference in New Issue
Block a user