linweidong
/
besure_server
2
1
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

CRM-数据权限:完善数据团队操作-添加、编辑、移除团队成员,退出团队

Browse Source
plp
puhui999 2 years ago
parent 7a8ffd9ccb
commit 23cfbfe491
12 changed files with 312 additions and 27 deletions
Show Stats Download Patch File Download Diff File

3
yudao-module-crm/yudao-module-crm-api/src/main/java/cn/iocoder/yudao/module/crm/enums/ErrorCodeConstants.java
Unescape Escape View File

@ -38,7 +38,6 @@ public interface ErrorCodeConstants {
ErrorCode CRM_PERMISSION_NOT_EXISTS = new ErrorCode(1_020_007_000, "数据权限不存在");
ErrorCode CRM_PERMISSION_DENIED = new ErrorCode(1_020_007_001, "{}操作失败,原因:没有权限");
ErrorCode CRM_PERMISSION_MODEL_NOT_EXISTS = new ErrorCode(1_020_007_002, "{}不存在");
ErrorCode CRM_PERMISSION_MODEL_TRANSFER_FAIL_OWNER_USER_NOT_EXISTS = new ErrorCode(1_020_007_003, "{}操作失败,原因:负责人不存在");
ErrorCode CRM_PERMISSION_MODEL_TRANSFER_FAIL_OWNER_USER_EXISTS = new ErrorCode(1_020_007_004, "{}操作失败,原因:转移对象已经是该负责人");
ErrorCode CRM_PERMISSION_MODEL_TRANSFER_FAIL_OWNER_USER_EXISTS = new ErrorCode(1_020_007_003, "{}操作失败,原因:转移对象已经是该负责人");
}

1
yudao-module-crm/yudao-module-crm-biz/src/main/java/cn/iocoder/yudao/module/crm/controller/admin/business/CrmBusinessController.java
Unescape Escape View File

@ -95,5 +95,4 @@ public class CrmBusinessController {
return success(true);
}
}

146
yudao-module-crm/yudao-module-crm-biz/src/main/java/cn/iocoder/yudao/module/crm/controller/admin/permission/CrmPermissionController.java
Unescape Escape View File

@ -0,0 +1,146 @@
package cn.iocoder.yudao.module.crm.controller.admin.permission;
import cn.hutool.core.collection.CollUtil;
import cn.hutool.core.util.ObjUtil;
import cn.iocoder.yudao.framework.common.pojo.CommonResult;
import cn.iocoder.yudao.module.crm.controller.admin.permission.vo.CrmPermissionCreateReqVO;
import cn.iocoder.yudao.module.crm.controller.admin.permission.vo.CrmPermissionRespVO;
import cn.iocoder.yudao.module.crm.controller.admin.permission.vo.CrmPermissionUpdateReqVO;
import cn.iocoder.yudao.module.crm.convert.permission.CrmPermissionConvert;
import cn.iocoder.yudao.module.crm.dal.dataobject.permission.CrmPermissionDO;
import cn.iocoder.yudao.module.crm.framework.core.service.CrmPermissionValidateService;
import cn.iocoder.yudao.module.crm.service.permission.CrmPermissionService;
import cn.iocoder.yudao.module.system.api.user.AdminUserApi;
import cn.iocoder.yudao.module.system.api.user.dto.AdminUserRespDTO;
import io.swagger.v3.oas.annotations.Operation;
import io.swagger.v3.oas.annotations.Parameter;
import io.swagger.v3.oas.annotations.Parameters;
import io.swagger.v3.oas.annotations.tags.Tag;
import org.springframework.security.access.prepost.PreAuthorize;
import org.springframework.validation.annotation.Validated;
import org.springframework.web.bind.annotation.*;
import javax.annotation.Resource;
import javax.validation.Valid;
import java.util.Collections;
import java.util.List;
import static cn.iocoder.yudao.framework.common.exception.util.ServiceExceptionUtil.exception;
import static cn.iocoder.yudao.framework.common.pojo.CommonResult.success;
import static cn.iocoder.yudao.framework.common.util.collection.CollectionUtils.convertSet;
import static cn.iocoder.yudao.framework.security.core.util.SecurityFrameworkUtils.getLoginUserId;
import static cn.iocoder.yudao.module.crm.enums.ErrorCodeConstants.CRM_PERMISSION_DENIED;
import static cn.iocoder.yudao.module.crm.enums.ErrorCodeConstants.CRM_PERMISSION_MODEL_NOT_EXISTS;
import static cn.iocoder.yudao.module.crm.framework.enums.CrmBizTypeEnum.getNameByType;
import static cn.iocoder.yudao.module.crm.framework.enums.CrmPermissionLevelEnum.isOwner;
@Tag(name = "管理后台 - CRM 数据权限(数据团队成员操作)")
@RestController
@RequestMapping("/crm/permission")
@Validated
public class CrmPermissionController {
@Resource
private CrmPermissionService crmPermissionService;
@Resource
private AdminUserApi adminUserApi;
@Resource
private List<CrmPermissionValidateService> permissionValidateServices;
private void validatePermission(Integer bizType, Long bizId) {
// 1. TODO 校验是否为超级管理员
// 2. 防御一手,如果是超级管理员不校验权限还是得校验一下数据是否存在
permissionValidateServices.forEach(item -> {
if (!item.validateBizIdExists(bizType, bizId)) {
throw exception(CRM_PERMISSION_MODEL_NOT_EXISTS, getNameByType(bizType));
}
});
// 3. 校验数据权限 (如果存在则表示 bizId 也存在)
CrmPermissionDO permission = crmPermissionService.getPermissionByBizTypeAndBizIdAndUserId(
bizType, bizId, getLoginUserId());
if (isOwner(permission.getPermissionLevel())) { // 只有负责人才可以操作团队成员
return;
}
throw exception(CRM_PERMISSION_DENIED, getNameByType(bizType));
}
@PutMapping("/add")
@Operation(summary = "添加团队成员")
@PreAuthorize("@ss.hasPermission('crm:permission:create')")
public CommonResult<Boolean> addPermission(@Valid @RequestBody CrmPermissionCreateReqVO reqVO) {
// 1. 前置校验
validatePermission(reqVO.getBizType(), reqVO.getBizId());
// 2. 加入成员
crmPermissionService.createPermission(CrmPermissionConvert.INSTANCE.convert(reqVO));
return success(true);
}
@PutMapping("/update")
@Operation(summary = "编辑团队成员")
@PreAuthorize("@ss.hasPermission('crm:permission:update')")
public CommonResult<Boolean> updatePermission(@Valid @RequestBody CrmPermissionUpdateReqVO updateReqVO) {
// 1. 前置校验
validatePermission(updateReqVO.getBizType(), updateReqVO.getBizId());
// 2. 编辑团队成员
crmPermissionService.updatePermission(CrmPermissionConvert.INSTANCE.convert(updateReqVO));
return success(true);
}
@GetMapping("/delete")
@Operation(summary = "移除团队成员")
@Parameter(name = "id", description = "团队成员编号", required = true)
@PreAuthorize("@ss.hasPermission('crm:permission:delete')")
public CommonResult<Boolean> deletePermission(@RequestParam("bizType") Integer bizType,
@RequestParam("bizId") Long bizId,
@RequestParam("id") Long id) {
// 1. 前置校验
validatePermission(bizType, bizId);
// 2. 移除团队成员
crmPermissionService.deletePermission(id);
return success(true);
}
@GetMapping("/quit")
@Operation(summary = "退出团队")
@Parameters({
@Parameter(name = "bizType", description = "CRM 类型", required = true, example = "2"),
@Parameter(name = "bizId", description = "CRM 类型数据编号", required = true, example = "1024")
})
@PreAuthorize("@ss.hasPermission('crm:permission:delete')")
public CommonResult<Boolean> quitPermission(@RequestParam("bizType") Integer bizType,
@RequestParam("bizId") Long bizId) {
CrmPermissionDO permission = crmPermissionService.getPermissionByBizTypeAndBizIdAndUserId(
bizType, bizId, getLoginUserId());
if (permission == null) { // 没有就不是团队成员
return success(false);
}
crmPermissionService.deletePermission(permission.getId());
return success(true);
}
@GetMapping("/list")
@Operation(summary = "获取团队成员")
@Parameters({
@Parameter(name = "bizType", description = "CRM 类型", required = true, example = "2"),
@Parameter(name = "bizId", description = "CRM 类型数据编号", required = true, example = "1024")
})
@PreAuthorize("@ss.hasPermission('crm:permission:query')")
public CommonResult<List<CrmPermissionRespVO>> getPermissionList(@RequestParam("bizType") Integer bizType,
@RequestParam("bizId") Long bizId) {
List<CrmPermissionDO> permission = crmPermissionService.getPermissionByBizTypeAndBizId(bizType, bizId);
if (CollUtil.isEmpty(permission)) {
return success(Collections.emptyList());
}
permission.removeIf(item -> ObjUtil.equal(item.getUserId(), CrmPermissionDO.POOL_USER_ID)); // 排除
// 拼接数据
List<AdminUserRespDTO> userList = adminUserApi.getUserList(convertSet(permission, CrmPermissionDO::getUserId));
return success(CrmPermissionConvert.INSTANCE.convert(permission, userList));
}
}

38
yudao-module-crm/yudao-module-crm-biz/src/main/java/cn/iocoder/yudao/module/crm/controller/admin/permission/vo/CrmPermissionBaseVO.java
Unescape Escape View File

@ -0,0 +1,38 @@
package cn.iocoder.yudao.module.crm.controller.admin.permission.vo;
import cn.iocoder.yudao.framework.common.validation.InEnum;
import cn.iocoder.yudao.module.crm.framework.enums.CrmBizTypeEnum;
import cn.iocoder.yudao.module.crm.framework.enums.CrmPermissionLevelEnum;
import io.swagger.v3.oas.annotations.media.Schema;
import lombok.Data;
import javax.validation.constraints.NotNull;
/**
* Base VO VO 使
* VO Swagger
*
* @author HUIHUI
*/
@Data
public class CrmPermissionBaseVO {
@Schema(description = "用户编号", requiredMode = Schema.RequiredMode.REQUIRED, example = "123456")
@NotNull(message = "用户编号不能为空")
private Long userId;
@Schema(description = "Crm 类型", requiredMode = Schema.RequiredMode.REQUIRED, example = "2")
@InEnum(CrmBizTypeEnum.class)
@NotNull(message = "Crm 类型不能为空")
private Integer bizType;
@Schema(description = "Crm 类型数据编号", requiredMode = Schema.RequiredMode.REQUIRED, example = "1024")
@NotNull(message = "Crm 类型数据编号不能为空")
private Long bizId;
@Schema(description = "权限级别", requiredMode = Schema.RequiredMode.REQUIRED, example = "2")
@InEnum(CrmPermissionLevelEnum.class)
@NotNull(message = "权限级别不能为空")
private Integer permissionLevel;
}

14
yudao-module-crm/yudao-module-crm-biz/src/main/java/cn/iocoder/yudao/module/crm/controller/admin/permission/vo/CrmPermissionCreateReqVO.java
Unescape Escape View File

@ -0,0 +1,14 @@
package cn.iocoder.yudao.module.crm.controller.admin.permission.vo;
import io.swagger.v3.oas.annotations.media.Schema;
import lombok.Data;
import lombok.EqualsAndHashCode;
import lombok.ToString;
@Schema(description = "管理后台 - CRM 数据权限创建 Request VO")
@Data
@EqualsAndHashCode(callSuper = true)
@ToString(callSuper = true)
public class CrmPermissionCreateReqVO extends CrmPermissionBaseVO {
}

27
yudao-module-crm/yudao-module-crm-biz/src/main/java/cn/iocoder/yudao/module/crm/controller/admin/permission/vo/CrmPermissionRespVO.java
Unescape Escape View File

@ -0,0 +1,27 @@
package cn.iocoder.yudao.module.crm.controller.admin.permission.vo;
import io.swagger.v3.oas.annotations.media.Schema;
import lombok.Data;
import java.util.Set;
@Schema(description = "管理后台 - CRM 数据权限(团队成员) Response VO")
@Data
public class CrmPermissionRespVO extends CrmPermissionBaseVO {
@Schema(description = "数据权限编号", requiredMode = Schema.RequiredMode.REQUIRED, example = "13563")
private Long id;
@Schema(description = "团队级别", requiredMode = Schema.RequiredMode.REQUIRED, example = "负责人")
private String permissionLevelName;
@Schema(description = "部门编号", requiredMode = Schema.RequiredMode.REQUIRED, example = "1")
private Long deptId;
@Schema(description = "用户昵称", requiredMode = Schema.RequiredMode.REQUIRED, example = "芋艿")
private String nickname;
@Schema(description = "岗位编号数组", requiredMode = Schema.RequiredMode.REQUIRED, example = "[1,2,3]")
private Set<Long> postIds;
}

17
yudao-module-crm/yudao-module-crm-biz/src/main/java/cn/iocoder/yudao/module/crm/controller/admin/permission/vo/CrmPermissionUpdateReqVO.java
Unescape Escape View File

@ -0,0 +1,17 @@
package cn.iocoder.yudao.module.crm.controller.admin.permission.vo;
import io.swagger.v3.oas.annotations.media.Schema;
import lombok.Data;
import lombok.EqualsAndHashCode;
import lombok.ToString;
@Schema(description = "管理后台 - CRM 数据权限更新 Request VO")
@Data
@EqualsAndHashCode(callSuper = true)
@ToString(callSuper = true)
public class CrmPermissionUpdateReqVO extends CrmPermissionBaseVO {
@Schema(description = "数据权限编号", requiredMode = Schema.RequiredMode.REQUIRED, example = "13563")
private Long id;
}

28
yudao-module-crm/yudao-module-crm-biz/src/main/java/cn/iocoder/yudao/module/crm/convert/permission/CrmPermissionConvert.java
Unescape Escape View File

@ -1,11 +1,22 @@
package cn.iocoder.yudao.module.crm.convert.permission;
import cn.iocoder.yudao.framework.common.util.collection.CollectionUtils;
import cn.iocoder.yudao.framework.common.util.collection.MapUtils;
import cn.iocoder.yudao.module.crm.controller.admin.permission.vo.CrmPermissionCreateReqVO;
import cn.iocoder.yudao.module.crm.controller.admin.permission.vo.CrmPermissionRespVO;
import cn.iocoder.yudao.module.crm.controller.admin.permission.vo.CrmPermissionUpdateReqVO;
import cn.iocoder.yudao.module.crm.dal.dataobject.permission.CrmPermissionDO;
import cn.iocoder.yudao.module.crm.service.permission.bo.CrmPermissionCreateReqBO;
import cn.iocoder.yudao.module.crm.service.permission.bo.CrmPermissionUpdateReqBO;
import cn.iocoder.yudao.module.system.api.user.dto.AdminUserRespDTO;
import org.mapstruct.Mapper;
import org.mapstruct.factory.Mappers;
import java.util.List;
import java.util.Map;
import static cn.iocoder.yudao.module.crm.framework.enums.CrmPermissionLevelEnum.getNameByLevel;
/**
* Crm Convert
*
@ -20,4 +31,21 @@ public interface CrmPermissionConvert {
CrmPermissionDO convert(CrmPermissionUpdateReqBO updateBO);
CrmPermissionCreateReqBO convert(CrmPermissionCreateReqVO reqVO);
CrmPermissionUpdateReqBO convert(CrmPermissionUpdateReqVO updateReqVO);
List<CrmPermissionRespVO> convert(List<CrmPermissionDO> permission);
default List<CrmPermissionRespVO> convert(List<CrmPermissionDO> permission, List<AdminUserRespDTO> userList) {
Map<Long, AdminUserRespDTO> userMap = CollectionUtils.convertMap(userList, AdminUserRespDTO::getId);
return CollectionUtils.convertList(convert(permission), item -> {
MapUtils.findAndThen(userMap, item.getId(), user -> {
item.setNickname(user.getNickname()).setDeptId(user.getDeptId()).setPostIds(user.getPostIds())
.setPermissionLevelName(getNameByLevel(item.getPermissionLevel()));
});
return item;
});
}
}

13
yudao-module-crm/yudao-module-crm-biz/src/main/java/cn/iocoder/yudao/module/crm/dal/mysql/permission/CrmPermissionMapper.java
Unescape Escape View File

@ -46,19 +46,6 @@ public interface CrmPermissionMapper extends BaseMapperX<CrmPermissionDO> {
.eq(CrmPermissionDO::getBizId, bizId));
}
/**
* x
*
* @param bizType {@link CrmBizTypeEnum}
* @param userId
* @return Crm
*/
default List<CrmPermissionDO> selectByBizTypeAndUserId(Integer bizType, Long userId) {
return selectList(new LambdaQueryWrapperX<CrmPermissionDO>()
.eq(CrmPermissionDO::getBizType, bizType)
.eq(CrmPermissionDO::getUserId, userId));
}
default PageResult<CrmPermissionDO> selectPage(CrmPermissionPageReqBO pageReqBO) {
return selectPage(pageReqBO, new LambdaQueryWrapperX<CrmPermissionDO>()
.eq(CrmPermissionDO::getBizType, pageReqBO.getBizType())

20
yudao-module-crm/yudao-module-crm-biz/src/main/java/cn/iocoder/yudao/module/crm/framework/core/service/CrmPermissionValidateService.java
Unescape Escape View File

@ -0,0 +1,20 @@
package cn.iocoder.yudao.module.crm.framework.core.service;
/**
* service
* TODO 使
*
* @author HUIHUI
*/
public interface CrmPermissionValidateService {
/**
*
*
* @param bizType CRM
* @param bizId
* @return /
*/
boolean validateBizIdExists(Integer bizType, Long bizId);
}

9
yudao-module-crm/yudao-module-crm-biz/src/main/java/cn/iocoder/yudao/module/crm/framework/enums/CrmPermissionLevelEnum.java
Unescape Escape View File

@ -47,4 +47,13 @@ public enum CrmPermissionLevelEnum implements IntArrayValuable {
return ObjUtil.equal(WRITE.level, level);
}
public static String getNameByLevel(Integer level) {
for (CrmPermissionLevelEnum levelEnum : CrmPermissionLevelEnum.values()) {
if (ObjUtil.equal(levelEnum.level, level)) {
return levelEnum.name;
}
}
return "";
}
}

23
yudao-module-crm/yudao-module-crm-biz/src/main/java/cn/iocoder/yudao/module/crm/service/permission/CrmPermissionServiceImpl.java
Unescape Escape View File

@ -13,12 +13,12 @@ import cn.iocoder.yudao.module.crm.service.permission.bo.CrmPermissionPageReqBO;
import cn.iocoder.yudao.module.crm.service.permission.bo.CrmPermissionUpdateReqBO;
import cn.iocoder.yudao.module.crm.service.permission.bo.CrmTransferPermissionReqBO;
import cn.iocoder.yudao.module.system.api.user.AdminUserApi;
import cn.iocoder.yudao.module.system.api.user.dto.AdminUserRespDTO;
import org.springframework.stereotype.Service;
import org.springframework.transaction.annotation.Transactional;
import org.springframework.validation.annotation.Validated;
import javax.annotation.Resource;
import java.util.Collections;
import java.util.List;
import static cn.iocoder.yudao.framework.common.exception.util.ServiceExceptionUtil.exception;
@ -43,6 +43,10 @@ public class CrmPermissionServiceImpl implements CrmPermissionService {
@Override
@Transactional(rollbackFor = Exception.class)
public Long createPermission(CrmPermissionCreateReqBO createBO) {
// 1. 校验用户是否存在
adminUserApi.validateUserList(Collections.singletonList(createBO.getUserId()));
// 2. 创建
CrmPermissionDO permission = CrmPermissionConvert.INSTANCE.convert(createBO);
crmPermissionMapper.insert(permission);
return permission.getId();
@ -51,7 +55,11 @@ public class CrmPermissionServiceImpl implements CrmPermissionService {
@Override
@Transactional(rollbackFor = Exception.class)
public void updatePermission(CrmPermissionUpdateReqBO updateBO) {
// 1. 校验用户是否存在
adminUserApi.validateUserList(Collections.singletonList(updateBO.getUserId()));
// 2. 校验存在
validateCrmPermissionExists(updateBO.getId());
// 更新操作
CrmPermissionDO updateDO = CrmPermissionConvert.INSTANCE.convert(updateBO);
crmPermissionMapper.updateById(updateDO);
@ -60,7 +68,9 @@ public class CrmPermissionServiceImpl implements CrmPermissionService {
@Override
@Transactional(rollbackFor = Exception.class)
public void deletePermission(Long id) {
// 校验存在
validateCrmPermissionExists(id);
// 删除
crmPermissionMapper.deleteById(id);
}
@ -75,11 +85,6 @@ public class CrmPermissionServiceImpl implements CrmPermissionService {
return crmPermissionMapper.selectByBizTypeAndBizId(bizType, bizId);
}
@Override
public List<CrmPermissionDO> getPermissionByBizTypeAndUserId(Integer bizType, Long userId) {
return crmPermissionMapper.selectByBizTypeAndUserId(bizType, userId);
}
private void validateCrmPermissionExists(Long id) {
if (crmPermissionMapper.selectById(id) == null) {
throw exception(CRM_PERMISSION_NOT_EXISTS);
@ -103,11 +108,7 @@ public class CrmPermissionServiceImpl implements CrmPermissionService {
throw exception(CRM_PERMISSION_MODEL_TRANSFER_FAIL_OWNER_USER_EXISTS, crmName);
}
// 2.1 校验新负责人是否存在
AdminUserRespDTO user = adminUserApi.getUser(transferReqBO.getNewOwnerUserId());
if (user == null) {
throw exception(CRM_PERMISSION_MODEL_TRANSFER_FAIL_OWNER_USER_NOT_EXISTS, crmName);
}
adminUserApi.validateUserList(Collections.singletonList(transferReqBO.getNewOwnerUserId()));
// 3. 权限转移
List<CrmPermissionDO> permissions = crmPermissionMapper.selectByBizTypeAndBizId(
transferReqBO.getBizType(), transferReqBO.getBizId()); // 获取所有团队成员

Write Preview
Loading…
Cancel
Save