权限中台

8ff6bfe4 · dong.an · 14cacf54 · 8ff6bfe4 · 8ff6bfe4 · 8ff6bfe4
--- a/common/src/main/java/com/pica/cloud/permission/permission/common/constants/RoleCodeEnum.java
+++ b/common/src/main/java/com/pica/cloud/permission/permission/common/constants/RoleCodeEnum.java
+package com.pica.cloud.permission.permission.common.constants;
+
+/**
+ * @author andong
+ * @create 2019/9/16
+ */
+public enum RoleCodeEnum {
+
+    GUEST("R001", "游客"), MEMBER("R002", "注册医生"), INVITER("R003", "邀请码用户"),
+    CERTIFY("R004", "认证用户"), HOSPITAL("R005", "注册有机构"), NON_HOSPITAL("R006", "认证无机构"),
+    MAIN_ADMIN("R010", "主管理员"), ADMIN("R011", "管理员"), VIRTUAL("R999", "虚拟账号");
+
+    private String code;
+    private String desc;
+
+    RoleCodeEnum(String code, String desc) {
+        this.code = code;
+        this.desc = desc;
+    }
+
+    public String code() {
+        return code;
+    }
+
+    public String desc() {
+        return desc;
+    }
+}
--- a/common/src/main/java/com/pica/cloud/permission/permission/common/dto/AuthDto.java
+++ b/common/src/main/java/com/pica/cloud/permission/permission/common/dto/AuthDto.java
@@ -16,6 +16,8 @@ public class AuthDto {
    private boolean dataAuth;
    private String sysCode;

+    public AuthDto() {}
+
    public AuthDto(int productType, int userId, int authType, List<String> roleCodes, String url, boolean dataAuth, String sysCode) {
        this.productType = productType;
        this.userId = userId;

--- a/common/src/main/java/com/pica/cloud/permission/permission/common/dto/AuthResultDto.java
+++ b/common/src/main/java/com/pica/cloud/permission/permission/common/dto/AuthResultDto.java
@@ -11,6 +11,8 @@ public class AuthResultDto {
    private boolean access;
    private List<DataPrivilegeDto> dataPrivileges;

+    public AuthResultDto() {}
+
    public AuthResultDto(boolean access, List<DataPrivilegeDto> dataPrivileges) {
        this.access = access;
        this.dataPrivileges = dataPrivileges;

--- a/common/src/main/java/com/pica/cloud/permission/permission/common/dto/DataPrivilegeDto.java
+++ b/common/src/main/java/com/pica/cloud/permission/permission/common/dto/DataPrivilegeDto.java
@@ -9,6 +9,8 @@ public class DataPrivilegeDto {
    private String config;
    private String configExt;

+    public DataPrivilegeDto() {}
+
    public DataPrivilegeDto(String config, String configExt) {
        this.config = config;
        this.configExt = configExt;

--- a/common/src/main/java/com/pica/cloud/permission/permission/common/dto/GrantDto.java
+++ b/common/src/main/java/com/pica/cloud/permission/permission/common/dto/GrantDto.java
@@ -6,18 +6,17 @@ package com.pica.cloud.permission.permission.common.dto;
 */
 public class GrantDto {

-    private int productType;
    private int userId;
    private String grantCode;
    private int createdId;
    private String sysCode;

-    public int getProductType() {
-        return productType;
-    }
+    public GrantDto() {}

-    public void setProductType(int productType) {
-        this.productType = productType;
+    public GrantDto(int userId, String grantCode, int createdId) {
+        this.userId = userId;
+        this.grantCode = grantCode;
+        this.createdId = createdId;
    }

    public int getUserId() {

--- a/common/src/main/java/com/pica/cloud/permission/permission/common/dto/UserRoleDto.java
+++ b/common/src/main/java/com/pica/cloud/permission/permission/common/dto/UserRoleDto.java
@@ -15,6 +15,15 @@ public class UserRoleDto {
    private Integer createdId;
    private Integer modifiedId;

+    public UserRoleDto() {}
+
+    public UserRoleDto(Integer productType, Integer userId, String roleCode, Integer createdId) {
+        this.productType = productType;
+        this.userId = userId;
+        this.roleCode = roleCode;
+        this.createdId = createdId;
+    }
+
    public Integer getId() {
        return id;
    }

--- a/server/pom.xml
+++ b/server/pom.xml
@@ -92,14 +92,9 @@

        <dependency>
            <groupId>com.pica.cloud.permission</groupId>
-            <artifactId>pica-cloud-permission-client</artifactId>
+            <artifactId>pica-cloud-permission-common</artifactId>
            <version>1.0.0</version>
        </dependency>
-
-        <dependency>
-            <groupId>org.springframework.boot</groupId>
-            <artifactId>spring-boot-starter-aop</artifactId>
-        </dependency>
    </dependencies>

    <dependencyManagement>

--- a/server/src/main/java/com/pica/cloud/permission/permission/server/controller/DataPrivilegeController.java
+++ b/server/src/main/java/com/pica/cloud/permission/permission/server/controller/DataPrivilegeController.java
@@ -36,7 +36,7 @@ public class DataPrivilegeController {
        return PicaResponse.toResponse(list);
    }

-    @ApiOperation("添加数据资源")
+    @ApiOperation("添加数据权限")
    @PostMapping("/data-privilege")
    public PicaResponse addDataPrivilege(@RequestBody DataPrivilege dataPrivilege) {
        DataPrivilegeValidation.addDataPrivilegeValidate(dataPrivilege);
@@ -44,7 +44,7 @@ public class DataPrivilegeController {
        return PicaResponse.toResponse();
    }

-    @ApiOperation("修改数据资源")
+    @ApiOperation("修改数据权限")
    @PutMapping("/data-privilege")
    public PicaResponse updateDataPrivilege(@RequestBody DataPrivilege dataPrivilege) {
        DataPrivilegeValidation.updateDataPrivilegeValidate(dataPrivilege);
@@ -52,7 +52,7 @@ public class DataPrivilegeController {
        return PicaResponse.toResponse();
    }

-    @ApiOperation("逻辑删除数据资源")
+    @ApiOperation("逻辑删除数据权限")
    @DeleteMapping("/data-privilege")
    public PicaResponse deleteDataPrivilege(@RequestParam("id") int id, @RequestParam("modifiedId") int modifiedId) {
        dataPrivilegeService.deleteDataPrivilege(id, modifiedId);

--- a/server/src/main/java/com/pica/cloud/permission/permission/server/controller/PermissionController.java
+++ b/server/src/main/java/com/pica/cloud/permission/permission/server/controller/PermissionController.java
@@ -2,8 +2,6 @@ package com.pica.cloud.permission.permission.server.controller;

 import com.pica.cloud.foundation.entity.PicaResponse;
 import com.pica.cloud.foundation.redis.ICacheClient;
-import com.pica.cloud.permission.permission.client.PermissionServiceClient;
-import com.pica.cloud.permission.permission.common.annotation.Authentication;
 import com.pica.cloud.permission.permission.common.dto.AuthDto;
 import com.pica.cloud.permission.permission.common.dto.AuthResultDto;
 import com.pica.cloud.permission.permission.common.dto.GrantDto;
@@ -14,7 +12,6 @@ import io.swagger.annotations.Api;
 import io.swagger.annotations.ApiOperation;
 import org.springframework.beans.factory.annotation.Autowired;
 import org.springframework.web.bind.annotation.*;
-
 import java.util.Set;


@@ -34,10 +31,9 @@ public class PermissionController {
    @Autowired
    private ICacheClient cacheClient;

-    @Authentication
    @GetMapping("/test")
-    public PicaResponse test(@RequestParam("test") String test, @RequestParam("i") Integer i) {
-        return PicaResponse.toResponse(test + i);
+    public PicaResponse test() {
+        return PicaResponse.toResponse("OK");
    }

    @GetMapping("/cache")
@@ -46,6 +42,12 @@ public class PermissionController {
        return PicaResponse.toResponse(set);
    }

+    @PostMapping("/cache")
+    public PicaResponse cache(@RequestParam("key") String key, @RequestParam("value") String value) {
+        cacheClient.set(key, value);
+        return PicaResponse.toResponse();
+    }
+
    @ApiOperation("授权")
    @PostMapping("/grant")
    public PicaResponse grant(@RequestBody GrantDto grantDto) {

--- a/server/src/main/java/com/pica/cloud/permission/permission/server/service/impl/PermissionServiceImpl.java
+++ b/server/src/main/java/com/pica/cloud/permission/permission/server/service/impl/PermissionServiceImpl.java
@@ -3,17 +3,14 @@ package com.pica.cloud.permission.permission.server.service.impl;
 import com.pica.cloud.foundation.redis.ICacheClient;
 import com.pica.cloud.permission.permission.common.constants.AuthTypeEnum;
 import com.pica.cloud.permission.permission.common.constants.ProductTypeEnum;
-import com.pica.cloud.permission.permission.common.dto.AuthDto;
-import com.pica.cloud.permission.permission.common.dto.AuthResultDto;
-import com.pica.cloud.permission.permission.common.dto.DataPrivilegeDto;
-import com.pica.cloud.permission.permission.common.dto.GrantDto;
+import com.pica.cloud.permission.permission.common.constants.RoleCodeEnum;
+import com.pica.cloud.permission.permission.common.dto.*;
 import com.pica.cloud.permission.permission.server.constants.Constants;
 import com.pica.cloud.permission.permission.server.service.PermissionService;
+import com.pica.cloud.permission.permission.server.service.UserRoleService;
 import org.springframework.beans.factory.annotation.Autowired;
 import org.springframework.stereotype.Service;
 import org.springframework.util.CollectionUtils;
-import org.springframework.util.StringUtils;
-
 import java.util.ArrayList;
 import java.util.List;
 import java.util.Set;
@@ -27,10 +24,39 @@ public class PermissionServiceImpl implements PermissionService {

    @Autowired
    private ICacheClient cacheClient;
+    @Autowired
+    private UserRoleService userRoleService;

    @Override
    public void grant(GrantDto grantDto) {
-
+        UserRoleDto userRoleDto = new UserRoleDto(ProductTypeEnum.DOCTOR.code(), grantDto.getUserId(), null, grantDto.getCreatedId());
+        String grantCode = grantDto.getGrantCode();
+        switch (grantCode) {
+            case "REGISTER" :
+                break;
+            case "JOIN_HOSPITAL" :
+                break;
+            case "QUIT_HOSPITAL" :
+                break;
+            case "MAIN_ADMIN" :
+                userRoleDto.setRoleCode(RoleCodeEnum.MAIN_ADMIN.code());
+                userRoleService.addUserRole(userRoleDto);
+                break;
+            case "ADMIN" :
+                userRoleDto.setRoleCode(RoleCodeEnum.ADMIN.code());
+                userRoleService.addUserRole(userRoleDto);
+                break;
+            case "REMOVE_MAIN_ADMIN" :
+                userRoleDto.setRoleCode(RoleCodeEnum.MAIN_ADMIN.code());
+                userRoleService.deleteUserRole(userRoleDto);
+                break;
+            case "REMOVE_ADMIN" :
+                userRoleDto.setRoleCode(RoleCodeEnum.ADMIN.code());
+                userRoleService.deleteUserRole(userRoleDto);
+                break;
+            case "CERTIFY" :
+                break;
+        }
    }

    @Override

--- a/server/src/main/java/com/pica/cloud/permission/permission/server/validation/PermissionValidation.java
+++ b/server/src/main/java/com/pica/cloud/permission/permission/server/validation/PermissionValidation.java
@@ -16,11 +16,6 @@ import org.springframework.util.CollectionUtils;
 public class PermissionValidation {

    public static void grantValidate(GrantDto grantDto) {
-        int productType = grantDto.getProductType();
-        if (productType != ProductTypeEnum.DOCTOR.code() && productType != ProductTypeEnum.HEALTH.code()
-                && productType != ProductTypeEnum.ADMIN.code()) {
-            throw new PicaException(PicaResultCode.PARAM_IS_BLANK.code(), "产品线类型不正确");
-        }
        if (grantDto.getUserId() <= 0) {
            throw new PicaException(PicaResultCode.PARAM_IS_BLANK.code(), "用户ID不正确");
        }