feat:实现特殊情况的保存

This commit is contained in:
wangyu 2022-01-03 20:27:19 +08:00
parent 38f90de292
commit 617098577e
4 changed files with 46 additions and 25 deletions

View File

@ -6,6 +6,7 @@ import com.flyfish.framework.domain.po.Department;
import com.flyfish.framework.enums.UserType;
import lombok.Getter;
import lombok.Setter;
import org.apache.commons.lang3.BooleanUtils;
import org.springframework.data.mongodb.core.query.Criteria;
import java.util.Collections;
@ -37,9 +38,15 @@ public abstract class AuthorizedQo<T extends AuthorizedDomain> extends NameLikeQ
@Override
public CriteriaBuilder<T> criteriaBuilder() {
// 超级管理员拥有查看所有草稿的权限
if (user.getType() == UserType.SUPER_ADMIN) {
return super.criteriaBuilder().with("published");
}
// 查询草稿只查询自己的
if (BooleanUtils.isFalse(published)) {
return super.criteriaBuilder().with("published").with(() -> Criteria.where("creatorId").is(user.getId()));
}
// 普通查询根据权限配置查询
return super.criteriaBuilder()
.with(() -> Criteria.where("$or").is(
CriteriaBuilder.createCriteriaList(

View File

@ -56,17 +56,15 @@ public final class DepartUtils {
if (item instanceof AuthorizedVo) {
AuthorizedVo<?> vo = CastUtils.cast(item);
// 已发布的内容谁都不能修改
if (BooleanUtils.isTrue(po.getPublished())) {
vo.setReadonly(true);
} else {
vo.setReadonly(false);
// 获取当前用户
IUser user = po.getCurrentUser();
// 非超级管理员才需要判定
if (user.getType() != UserType.SUPER_ADMIN) {
// 用户所属部门
Set<String> userDeparts = DepartUtils.mergeDeparts(user.getDepartments());
// 实体归属部门
String currentDepart = po.getAuthorizeId();
String depart = po.getAuthorizeId();
// 用户权限合集
Set<Role.Authority> authorities = user.getRoles().stream()
.flatMap(role -> null == role.getAuthorities() ? Stream.empty() : role.getAuthorities().stream())
@ -75,11 +73,14 @@ public final class DepartUtils {
boolean admin = authorities.contains(Role.Authority.ADMIN);
boolean edit = authorities.contains(Role.Authority.EDIT);
boolean editChildren = authorities.contains(Role.Authority.EDIT_CHILDREN);
// 开始判定只读情况管理员权限或者创建者均具有读写权限
if (!admin && !po.getCreatorId().equals(user.getId())) {
vo.setReadonly(!edit && userDeparts.contains(currentDepart) ||
!editChildren && !userDeparts.contains(currentDepart));
}
// 开始判定只读情况已发布仅有编辑权限的用户可编辑管理员权限或者相应部门可编辑权限才具有读写权限
if (BooleanUtils.isTrue(po.getPublished())) {
vo.setReadonly(!admin && (
!edit && userDeparts.contains(depart) || !editChildren && !userDeparts.contains(depart)
));
} else {
// 草稿状态仅创建者可编辑其余任何人不可编辑除了超级管理员
vo.setReadonly(!po.getCreatorId().equals(user.getId()));
}
}
}

View File

@ -42,6 +42,12 @@ public abstract class ReactiveBaseController<T extends Domain, Q extends Qo<T>>
return reactiveService.count(qo).map(Result::accept);
}
@PostMapping(value = "", headers = "Draft=1")
@Operation.Create
public Mono<Result<T>> createDraft(@RequestBody T entity) {
return reactiveService.create(entity).map(Result::accept);
}
@PostMapping("")
@Operation.Create
public Mono<Result<T>> create(@ValidRequestBody T entity) {
@ -53,6 +59,12 @@ public abstract class ReactiveBaseController<T extends Domain, Q extends Qo<T>>
return reactiveService.getById(id).map(Result::accept).defaultIfEmpty(Result.notFound());
}
@PutMapping(value = "{id}", headers = "Draft=1")
@Operation.Update
public Mono<Result<T>> updateDraft(@RequestBody T entity) {
return reactiveService.updateSelectiveById(entity).map(Result::accept).defaultIfEmpty(Result.notFound());
}
@PutMapping("{id}")
@Operation.Update
public Mono<Result<T>> update(@ValidRequestBody T entity) {

View File

@ -24,6 +24,7 @@ import reactor.core.publisher.Flux;
import reactor.core.publisher.Mono;
import java.util.ArrayList;
import java.util.Collections;
import java.util.List;
import java.util.Objects;
import java.util.stream.Collectors;
@ -348,7 +349,7 @@ public class BaseReactiveServiceImpl<T extends Domain> implements BaseReactiveSe
.flatMapMany(list -> repository.saveAll(list))
.flatMap(this::post);
}
return Flux.fromIterable(entities);
return Flux.fromIterable(Collections.emptyList());
}
/**