为用户和账号以及角色关联关系的增加、更改、删除增加统一的事务处理

2020-02-04 14:19:38 +08:00 · 2020-02-04 14:19:38 +08:00 · 433230e483
parent c32bb43ead
commit 433230e483
6 changed files with 208 additions and 3 deletions
--- a/iam-base-starter/src/main/java/com/diboot/iam/dto/IamUserAccountDTO.java
+++ b/iam-base-starter/src/main/java/com/diboot/iam/dto/IamUserAccountDTO.java
@ -0,0 +1,27 @@
+package com.diboot.iam.dto;
+
+import com.diboot.iam.entity.IamUser;
+import lombok.Data;
+import lombok.Getter;
+import lombok.Setter;
+import lombok.experimental.Accessors;
+
+import java.util.List;
+
+/**
+ * 用户表单信息接收类
+ * @author mazc@dibo.ltd
+ * @version v2.0
+ * @date 2019/12/18
+ */
+@Getter
+@Setter
+@Accessors(chain = true)
+public class IamUserAccountDTO extends IamUser {
+
+    private String username;
+
+    private String password;
+
+    private List<Long> roleIdList;
+}
--- a/iam-base-starter/src/main/java/com/diboot/iam/service/IamUserRoleService.java
+++ b/iam-base-starter/src/main/java/com/diboot/iam/service/IamUserRoleService.java
@ -30,4 +30,13 @@ public interface IamUserRoleService extends BaseIamService<IamUserRole> {
     */
    boolean createUserRoleRelations(String userType, Long userId, List<Long> roleIds);

+    /***
+     * 批量更新用户-角色的关系
+     * @param userType
+     * @param userId
+     * @param roleIds
+     * @return
+     */
+    boolean updateUserRoleRelations(String userType, Long userId, List<Long> roleIds);
+
 }
--- a/iam-base-starter/src/main/java/com/diboot/iam/service/IamUserService.java
+++ b/iam-base-starter/src/main/java/com/diboot/iam/service/IamUserService.java
@ -1,5 +1,6 @@
 package com.diboot.iam.service;

+import com.diboot.iam.dto.IamUserAccountDTO;
 import com.diboot.iam.entity.IamUser;
 import com.diboot.iam.vo.IamRoleVO;

@ -33,4 +34,26 @@ public interface IamUserService extends BaseIamService<IamUser> {
     */
    void attachExtraPermissions(List<IamRoleVO> roleVOList);

+    /***
+     * 添加用户和账号
+     * @param userAccountDTO
+     * @return
+     */
+    boolean createUserAndAccount(IamUserAccountDTO userAccountDTO);
+
+    /***
+     * 更新用户和账号
+     * @param userAccountDTO
+     * @return
+     */
+    boolean updateUserAndAccount(IamUserAccountDTO userAccountDTO) throws Exception;
+
+    /***
+     * 删除用户和账号
+     * @param id
+     * @return
+     * @throws Exception
+     */
+    boolean deleteUserAndAccount(Long id) throws Exception;
+
 }
--- a/iam-base-starter/src/main/java/com/diboot/iam/service/impl/IamUserRoleServiceImpl.java
+++ b/iam-base-starter/src/main/java/com/diboot/iam/service/impl/IamUserRoleServiceImpl.java
@ -1,12 +1,14 @@
 package com.diboot.iam.service.impl;

 import com.baomidou.mybatisplus.core.conditions.query.LambdaQueryWrapper;
+import com.baomidou.mybatisplus.core.toolkit.Wrappers;
 import com.diboot.core.util.BeanUtils;
 import com.diboot.core.util.ContextHelper;
 import com.diboot.core.util.V;
 import com.diboot.iam.auth.IamExtensible;
 import com.diboot.iam.config.Cons;
 import com.diboot.iam.entity.IamRole;
+import com.diboot.iam.entity.IamUser;
 import com.diboot.iam.entity.IamUserRole;
 import com.diboot.iam.exception.PermissionException;
 import com.diboot.iam.mapper.IamUserRoleMapper;
@ -21,6 +23,7 @@ import org.springframework.transaction.annotation.Transactional;
 import java.util.ArrayList;
 import java.util.Collection;
 import java.util.List;
+import java.util.stream.Collectors;

 /**
 * 用户角色关联相关Service实现
@ -94,6 +97,7 @@ public class IamUserRoleServiceImpl extends BaseIamServiceImpl<IamUserRoleMapper
    }

    @Override
+    @Transactional(rollbackFor = Exception.class)
    public boolean createUserRoleRelations(String userType, Long userId, List<Long> roleIds) {
        if(V.isEmpty(roleIds)){
            return true;
@ -110,6 +114,44 @@ public class IamUserRoleServiceImpl extends BaseIamServiceImpl<IamUserRoleMapper
        return super.createEntities(entityList);
    }

+    @Override
+    @Transactional(rollbackFor = Exception.class)
+    public boolean updateUserRoleRelations(String userType, Long userId, List<Long> roleIds) {
+        if (V.isEmpty(roleIds)){
+            return true;
+        }
+        // 需要先获取旧的角色列表，来进行超级管理员权限判定
+        List<IamUserRole> oldUserRoleList = this.getEntityList(
+                Wrappers.<IamUserRole>lambdaQuery()
+                        .eq(IamUserRole::getUserType, userType)
+                        .eq(IamUserRole::getUserId, userId)
+        );
+        List oldRoleIds = new ArrayList();
+        if (V.notEmpty(oldUserRoleList)){
+            oldRoleIds = oldUserRoleList.stream()
+                    .map(IamUserRole::getRoleId)
+                    .collect(Collectors.toList());
+        }
+
+        Long superAdminRoleId = getSuperAdminRoleId();
+        // 给用户赋予了超级管理员，需确保当前用户为超级管理员权限
+        if(superAdminRoleId != null && (roleIds.contains(superAdminRoleId) || oldRoleIds.contains(superAdminRoleId))){
+            checkSuperAdminIdentity();
+        }
+
+        // 删除旧的用户-角色关联关系
+        this.deleteEntities(
+                Wrappers.<IamUserRole>lambdaQuery()
+                        .eq(IamUserRole::getUserId, userId)
+                        .eq(IamUserRole::getUserType, userType)
+        );
+        List<IamUserRole> entityList = new ArrayList<>();
+        for(Long roleId : roleIds){
+            entityList.add(new IamUserRole(userType, userId, roleId));
+        }
+        return super.createEntities(entityList);
+    }
+
    /**
     * 获取超级管理员角色ID
     * @return
--- a/iam-base-starter/src/main/java/com/diboot/iam/service/impl/IamUserServiceImpl.java
+++ b/iam-base-starter/src/main/java/com/diboot/iam/service/impl/IamUserServiceImpl.java
@ -1,21 +1,26 @@
 package com.diboot.iam.service.impl;

+import com.baomidou.mybatisplus.core.toolkit.Wrappers;
 import com.diboot.core.binding.RelationsBinder;
+import com.diboot.core.exception.BusinessException;
 import com.diboot.core.util.BeanUtils;
 import com.diboot.core.util.S;
 import com.diboot.core.util.V;
+import com.diboot.core.vo.Status;
 import com.diboot.iam.config.Cons;
-import com.diboot.iam.entity.IamPermission;
-import com.diboot.iam.entity.IamRole;
-import com.diboot.iam.entity.IamUser;
+import com.diboot.iam.dto.IamUserAccountDTO;
+import com.diboot.iam.entity.*;
 import com.diboot.iam.mapper.IamUserMapper;
+import com.diboot.iam.service.IamAccountService;
 import com.diboot.iam.service.IamPermissionService;
 import com.diboot.iam.service.IamUserRoleService;
 import com.diboot.iam.service.IamUserService;
+import com.diboot.iam.util.IamSecurityUtils;
 import com.diboot.iam.vo.IamRoleVO;
 import lombok.extern.slf4j.Slf4j;
 import org.springframework.beans.factory.annotation.Autowired;
 import org.springframework.stereotype.Service;
+import org.springframework.transaction.annotation.Transactional;

 import java.util.ArrayList;
 import java.util.List;
@ -36,6 +41,9 @@ public class IamUserServiceImpl extends BaseIamServiceImpl<IamUserMapper, IamUse
    @Autowired
    private IamPermissionService iamPermissionService;

+    @Autowired
+    private IamAccountService iamAccountService;
+
    @Override
    public IamRoleVO buildRoleVo4FrontEnd(IamUser iamUser) {
        List<IamRoleVO> roleVOList = getAllRoleVOList(iamUser);
@ -84,4 +92,89 @@ public class IamUserServiceImpl extends BaseIamServiceImpl<IamUserMapper, IamUse
        }
    }

+    @Override
+    @Transactional(rollbackFor = Exception.class)
+    public boolean createUserAndAccount(IamUserAccountDTO userAccountDTO) {
+        // 创建用户信息
+        boolean userSuccess = this.createEntity(userAccountDTO);
+        // 创建账号信息
+        IamAccount iamAccount = new IamAccount();
+        iamAccount
+                .setUserType(IamUser.class.getSimpleName())
+                .setUserId(userAccountDTO.getId())
+                .setAuthAccount(userAccountDTO.getUsername())
+                .setAuthSecret(userAccountDTO.getPassword())
+                .setAuthType(Cons.DICTCODE_AUTH_TYPE.PWD.name())
+                .setStatus(userAccountDTO.getStatus());
+        // 设置密码
+        IamSecurityUtils.encryptPwd(iamAccount);
+        boolean accountSuccess = iamAccountService.createEntity(iamAccount);
+
+        // 批量创建角色关联关系
+        boolean relationsSuccess = iamUserRoleService.createUserRoleRelations(iamAccount.getUserType(), iamAccount.getUserId(), userAccountDTO.getRoleIdList());
+
+        if (!userSuccess || !accountSuccess || !relationsSuccess){
+            throw new BusinessException(Status.FAIL_OPERATION, "创建用户失败");
+        }
+        return true;
+    }
+
+    @Override
+    @Transactional(rollbackFor = Exception.class)
+    public boolean updateUserAndAccount(IamUserAccountDTO userAccountDTO) {
+        // 更新用户信息
+        boolean userSuccess = this.updateEntity(userAccountDTO);
+
+        // 更新账号信息
+        IamAccount iamAccount = iamAccountService.getSingleEntity(
+                Wrappers.<IamAccount>lambdaQuery()
+                        .eq(IamAccount::getUserType, IamUser.class.getSimpleName())
+                        .eq(IamAccount::getUserId, userAccountDTO.getId())
+        );
+        iamAccount.setAuthAccount(userAccountDTO.getUsername())
+                .setStatus(userAccountDTO.getStatus());
+        // 设置密码
+        if (V.notEmpty(userAccountDTO.getPassword())){
+            iamAccount.setAuthSecret(userAccountDTO.getPassword());
+            IamSecurityUtils.encryptPwd(iamAccount);
+        }
+        boolean accountSuccess = iamAccountService.updateEntity(iamAccount);
+
+        // 批量更新角色关联关系
+        boolean relationsSuccess = iamUserRoleService.updateUserRoleRelations(iamAccount.getUserType(), iamAccount.getUserId(), userAccountDTO.getRoleIdList());
+
+        if (!userSuccess || !accountSuccess || !relationsSuccess){
+            throw new BusinessException(Status.FAIL_OPERATION, "更新用户失败");
+        }
+        return true;
+    }
+
+    @Override
+    @Transactional(rollbackFor = Exception.class)
+    public boolean deleteUserAndAccount(Long id) throws Exception {
+        IamUser iamUser = this.getEntity(id);
+        if (iamUser == null){
+            throw new BusinessException(Status.FAIL_OPERATION, "删除的记录不存在");
+        }
+        // 删除用户信息
+        boolean userSuccess = this.deleteEntity(id);
+        // 删除账号信息
+        boolean accountSuccess = iamAccountService.deleteEntities(
+                Wrappers.<IamAccount>lambdaQuery()
+                        .eq(IamAccount::getUserType, IamUser.class.getSimpleName())
+                        .eq(IamAccount::getUserId, id)
+        );
+        // 删除用户角色关联关系列表
+        boolean relationsSuccess = iamUserRoleService.deleteEntities(
+                Wrappers.<IamUserRole>lambdaQuery()
+                        .eq(IamUserRole::getUserType, IamUser.class.getSimpleName())
+                        .eq(IamUserRole::getUserId, id)
+        );
+
+        if (!userSuccess || !accountSuccess || !relationsSuccess){
+            throw new BusinessException(Status.FAIL_OPERATION, "删除用户失败");
+        }
+        return true;
+    }
+
 }
--- a/iam-base-starter/src/main/java/com/diboot/iam/vo/IamUserVO.java
+++ b/iam-base-starter/src/main/java/com/diboot/iam/vo/IamUserVO.java
@ -1,9 +1,14 @@
 package com.diboot.iam.vo;

 import com.diboot.core.binding.annotation.BindDict;
+import com.diboot.core.binding.annotation.BindEntityList;
+import com.diboot.iam.entity.IamPermission;
+import com.diboot.iam.entity.IamRole;
 import com.diboot.iam.entity.IamUser;
 import lombok.Data;

+import java.util.List;
+
 /**
 * 系统用户 VO定义
 * @author mazc@dibo.ltd
@ -14,9 +19,15 @@ import lombok.Data;
 public class IamUserVO extends IamUser {
    private static final long serialVersionUID = 7571698765478647277L;

+    private String username;
+
    @BindDict(type="GENDER", field = "gender")
    private String genderLabel;

    @BindDict(type="USER_STATUS", field = "status")
    private String statusLabel;
+
+    // 字段关联：this.id=iam_user_role.user_id AND iam_user_role.role_id=id
+    @BindEntityList(entity = IamRole.class, condition = "this.id=iam_user_role.user_id AND iam_user_role.role_id=id AND iam_user_role.is_deleted=0")
+    private List<IamRole> roleList;
 }