为用户和账号以及角色关联关系的增加、更改、删除增加统一的事务处理

This commit is contained in:
Zhaoyang 2020-02-04 14:19:38 +08:00
parent c32bb43ead
commit 433230e483
6 changed files with 208 additions and 3 deletions

View File

@ -0,0 +1,27 @@
package com.diboot.iam.dto;
import com.diboot.iam.entity.IamUser;
import lombok.Data;
import lombok.Getter;
import lombok.Setter;
import lombok.experimental.Accessors;
import java.util.List;
/**
* 用户表单信息接收类
* @author mazc@dibo.ltd
* @version v2.0
* @date 2019/12/18
*/
@Getter
@Setter
@Accessors(chain = true)
public class IamUserAccountDTO extends IamUser {
private String username;
private String password;
private List<Long> roleIdList;
}

View File

@ -30,4 +30,13 @@ public interface IamUserRoleService extends BaseIamService<IamUserRole> {
*/ */
boolean createUserRoleRelations(String userType, Long userId, List<Long> roleIds); boolean createUserRoleRelations(String userType, Long userId, List<Long> roleIds);
/***
* 批量更新用户-角色的关系
* @param userType
* @param userId
* @param roleIds
* @return
*/
boolean updateUserRoleRelations(String userType, Long userId, List<Long> roleIds);
} }

View File

@ -1,5 +1,6 @@
package com.diboot.iam.service; package com.diboot.iam.service;
import com.diboot.iam.dto.IamUserAccountDTO;
import com.diboot.iam.entity.IamUser; import com.diboot.iam.entity.IamUser;
import com.diboot.iam.vo.IamRoleVO; import com.diboot.iam.vo.IamRoleVO;
@ -33,4 +34,26 @@ public interface IamUserService extends BaseIamService<IamUser> {
*/ */
void attachExtraPermissions(List<IamRoleVO> roleVOList); void attachExtraPermissions(List<IamRoleVO> roleVOList);
/***
* 添加用户和账号
* @param userAccountDTO
* @return
*/
boolean createUserAndAccount(IamUserAccountDTO userAccountDTO);
/***
* 更新用户和账号
* @param userAccountDTO
* @return
*/
boolean updateUserAndAccount(IamUserAccountDTO userAccountDTO) throws Exception;
/***
* 删除用户和账号
* @param id
* @return
* @throws Exception
*/
boolean deleteUserAndAccount(Long id) throws Exception;
} }

View File

@ -1,12 +1,14 @@
package com.diboot.iam.service.impl; package com.diboot.iam.service.impl;
import com.baomidou.mybatisplus.core.conditions.query.LambdaQueryWrapper; import com.baomidou.mybatisplus.core.conditions.query.LambdaQueryWrapper;
import com.baomidou.mybatisplus.core.toolkit.Wrappers;
import com.diboot.core.util.BeanUtils; import com.diboot.core.util.BeanUtils;
import com.diboot.core.util.ContextHelper; import com.diboot.core.util.ContextHelper;
import com.diboot.core.util.V; import com.diboot.core.util.V;
import com.diboot.iam.auth.IamExtensible; import com.diboot.iam.auth.IamExtensible;
import com.diboot.iam.config.Cons; import com.diboot.iam.config.Cons;
import com.diboot.iam.entity.IamRole; import com.diboot.iam.entity.IamRole;
import com.diboot.iam.entity.IamUser;
import com.diboot.iam.entity.IamUserRole; import com.diboot.iam.entity.IamUserRole;
import com.diboot.iam.exception.PermissionException; import com.diboot.iam.exception.PermissionException;
import com.diboot.iam.mapper.IamUserRoleMapper; import com.diboot.iam.mapper.IamUserRoleMapper;
@ -21,6 +23,7 @@ import org.springframework.transaction.annotation.Transactional;
import java.util.ArrayList; import java.util.ArrayList;
import java.util.Collection; import java.util.Collection;
import java.util.List; import java.util.List;
import java.util.stream.Collectors;
/** /**
* 用户角色关联相关Service实现 * 用户角色关联相关Service实现
@ -94,6 +97,7 @@ public class IamUserRoleServiceImpl extends BaseIamServiceImpl<IamUserRoleMapper
} }
@Override @Override
@Transactional(rollbackFor = Exception.class)
public boolean createUserRoleRelations(String userType, Long userId, List<Long> roleIds) { public boolean createUserRoleRelations(String userType, Long userId, List<Long> roleIds) {
if(V.isEmpty(roleIds)){ if(V.isEmpty(roleIds)){
return true; return true;
@ -110,6 +114,44 @@ public class IamUserRoleServiceImpl extends BaseIamServiceImpl<IamUserRoleMapper
return super.createEntities(entityList); return super.createEntities(entityList);
} }
@Override
@Transactional(rollbackFor = Exception.class)
public boolean updateUserRoleRelations(String userType, Long userId, List<Long> roleIds) {
if (V.isEmpty(roleIds)){
return true;
}
// 需要先获取旧的角色列表来进行超级管理员权限判定
List<IamUserRole> oldUserRoleList = this.getEntityList(
Wrappers.<IamUserRole>lambdaQuery()
.eq(IamUserRole::getUserType, userType)
.eq(IamUserRole::getUserId, userId)
);
List oldRoleIds = new ArrayList();
if (V.notEmpty(oldUserRoleList)){
oldRoleIds = oldUserRoleList.stream()
.map(IamUserRole::getRoleId)
.collect(Collectors.toList());
}
Long superAdminRoleId = getSuperAdminRoleId();
// 给用户赋予了超级管理员需确保当前用户为超级管理员权限
if(superAdminRoleId != null && (roleIds.contains(superAdminRoleId) || oldRoleIds.contains(superAdminRoleId))){
checkSuperAdminIdentity();
}
// 删除旧的用户-角色关联关系
this.deleteEntities(
Wrappers.<IamUserRole>lambdaQuery()
.eq(IamUserRole::getUserId, userId)
.eq(IamUserRole::getUserType, userType)
);
List<IamUserRole> entityList = new ArrayList<>();
for(Long roleId : roleIds){
entityList.add(new IamUserRole(userType, userId, roleId));
}
return super.createEntities(entityList);
}
/** /**
* 获取超级管理员角色ID * 获取超级管理员角色ID
* @return * @return

View File

@ -1,21 +1,26 @@
package com.diboot.iam.service.impl; package com.diboot.iam.service.impl;
import com.baomidou.mybatisplus.core.toolkit.Wrappers;
import com.diboot.core.binding.RelationsBinder; import com.diboot.core.binding.RelationsBinder;
import com.diboot.core.exception.BusinessException;
import com.diboot.core.util.BeanUtils; import com.diboot.core.util.BeanUtils;
import com.diboot.core.util.S; import com.diboot.core.util.S;
import com.diboot.core.util.V; import com.diboot.core.util.V;
import com.diboot.core.vo.Status;
import com.diboot.iam.config.Cons; import com.diboot.iam.config.Cons;
import com.diboot.iam.entity.IamPermission; import com.diboot.iam.dto.IamUserAccountDTO;
import com.diboot.iam.entity.IamRole; import com.diboot.iam.entity.*;
import com.diboot.iam.entity.IamUser;
import com.diboot.iam.mapper.IamUserMapper; import com.diboot.iam.mapper.IamUserMapper;
import com.diboot.iam.service.IamAccountService;
import com.diboot.iam.service.IamPermissionService; import com.diboot.iam.service.IamPermissionService;
import com.diboot.iam.service.IamUserRoleService; import com.diboot.iam.service.IamUserRoleService;
import com.diboot.iam.service.IamUserService; import com.diboot.iam.service.IamUserService;
import com.diboot.iam.util.IamSecurityUtils;
import com.diboot.iam.vo.IamRoleVO; import com.diboot.iam.vo.IamRoleVO;
import lombok.extern.slf4j.Slf4j; import lombok.extern.slf4j.Slf4j;
import org.springframework.beans.factory.annotation.Autowired; import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.stereotype.Service; import org.springframework.stereotype.Service;
import org.springframework.transaction.annotation.Transactional;
import java.util.ArrayList; import java.util.ArrayList;
import java.util.List; import java.util.List;
@ -36,6 +41,9 @@ public class IamUserServiceImpl extends BaseIamServiceImpl<IamUserMapper, IamUse
@Autowired @Autowired
private IamPermissionService iamPermissionService; private IamPermissionService iamPermissionService;
@Autowired
private IamAccountService iamAccountService;
@Override @Override
public IamRoleVO buildRoleVo4FrontEnd(IamUser iamUser) { public IamRoleVO buildRoleVo4FrontEnd(IamUser iamUser) {
List<IamRoleVO> roleVOList = getAllRoleVOList(iamUser); List<IamRoleVO> roleVOList = getAllRoleVOList(iamUser);
@ -84,4 +92,89 @@ public class IamUserServiceImpl extends BaseIamServiceImpl<IamUserMapper, IamUse
} }
} }
@Override
@Transactional(rollbackFor = Exception.class)
public boolean createUserAndAccount(IamUserAccountDTO userAccountDTO) {
// 创建用户信息
boolean userSuccess = this.createEntity(userAccountDTO);
// 创建账号信息
IamAccount iamAccount = new IamAccount();
iamAccount
.setUserType(IamUser.class.getSimpleName())
.setUserId(userAccountDTO.getId())
.setAuthAccount(userAccountDTO.getUsername())
.setAuthSecret(userAccountDTO.getPassword())
.setAuthType(Cons.DICTCODE_AUTH_TYPE.PWD.name())
.setStatus(userAccountDTO.getStatus());
// 设置密码
IamSecurityUtils.encryptPwd(iamAccount);
boolean accountSuccess = iamAccountService.createEntity(iamAccount);
// 批量创建角色关联关系
boolean relationsSuccess = iamUserRoleService.createUserRoleRelations(iamAccount.getUserType(), iamAccount.getUserId(), userAccountDTO.getRoleIdList());
if (!userSuccess || !accountSuccess || !relationsSuccess){
throw new BusinessException(Status.FAIL_OPERATION, "创建用户失败");
}
return true;
}
@Override
@Transactional(rollbackFor = Exception.class)
public boolean updateUserAndAccount(IamUserAccountDTO userAccountDTO) {
// 更新用户信息
boolean userSuccess = this.updateEntity(userAccountDTO);
// 更新账号信息
IamAccount iamAccount = iamAccountService.getSingleEntity(
Wrappers.<IamAccount>lambdaQuery()
.eq(IamAccount::getUserType, IamUser.class.getSimpleName())
.eq(IamAccount::getUserId, userAccountDTO.getId())
);
iamAccount.setAuthAccount(userAccountDTO.getUsername())
.setStatus(userAccountDTO.getStatus());
// 设置密码
if (V.notEmpty(userAccountDTO.getPassword())){
iamAccount.setAuthSecret(userAccountDTO.getPassword());
IamSecurityUtils.encryptPwd(iamAccount);
}
boolean accountSuccess = iamAccountService.updateEntity(iamAccount);
// 批量更新角色关联关系
boolean relationsSuccess = iamUserRoleService.updateUserRoleRelations(iamAccount.getUserType(), iamAccount.getUserId(), userAccountDTO.getRoleIdList());
if (!userSuccess || !accountSuccess || !relationsSuccess){
throw new BusinessException(Status.FAIL_OPERATION, "更新用户失败");
}
return true;
}
@Override
@Transactional(rollbackFor = Exception.class)
public boolean deleteUserAndAccount(Long id) throws Exception {
IamUser iamUser = this.getEntity(id);
if (iamUser == null){
throw new BusinessException(Status.FAIL_OPERATION, "删除的记录不存在");
}
// 删除用户信息
boolean userSuccess = this.deleteEntity(id);
// 删除账号信息
boolean accountSuccess = iamAccountService.deleteEntities(
Wrappers.<IamAccount>lambdaQuery()
.eq(IamAccount::getUserType, IamUser.class.getSimpleName())
.eq(IamAccount::getUserId, id)
);
// 删除用户角色关联关系列表
boolean relationsSuccess = iamUserRoleService.deleteEntities(
Wrappers.<IamUserRole>lambdaQuery()
.eq(IamUserRole::getUserType, IamUser.class.getSimpleName())
.eq(IamUserRole::getUserId, id)
);
if (!userSuccess || !accountSuccess || !relationsSuccess){
throw new BusinessException(Status.FAIL_OPERATION, "删除用户失败");
}
return true;
}
} }

View File

@ -1,9 +1,14 @@
package com.diboot.iam.vo; package com.diboot.iam.vo;
import com.diboot.core.binding.annotation.BindDict; import com.diboot.core.binding.annotation.BindDict;
import com.diboot.core.binding.annotation.BindEntityList;
import com.diboot.iam.entity.IamPermission;
import com.diboot.iam.entity.IamRole;
import com.diboot.iam.entity.IamUser; import com.diboot.iam.entity.IamUser;
import lombok.Data; import lombok.Data;
import java.util.List;
/** /**
* 系统用户 VO定义 * 系统用户 VO定义
* @author mazc@dibo.ltd * @author mazc@dibo.ltd
@ -14,9 +19,15 @@ import lombok.Data;
public class IamUserVO extends IamUser { public class IamUserVO extends IamUser {
private static final long serialVersionUID = 7571698765478647277L; private static final long serialVersionUID = 7571698765478647277L;
private String username;
@BindDict(type="GENDER", field = "gender") @BindDict(type="GENDER", field = "gender")
private String genderLabel; private String genderLabel;
@BindDict(type="USER_STATUS", field = "status") @BindDict(type="USER_STATUS", field = "status")
private String statusLabel; private String statusLabel;
// 字段关联this.id=iam_user_role.user_id AND iam_user_role.role_id=id
@BindEntityList(entity = IamRole.class, condition = "this.id=iam_user_role.user_id AND iam_user_role.role_id=id AND iam_user_role.is_deleted=0")
private List<IamRole> roleList;
} }