UserServiceImpl.java 45 KB
Newer Older
eddie.woo's avatar
eddie.woo committed
1 2
package pwc.taxtech.atms.service.impl;

3
import com.alibaba.fastjson.JSON;
eddie.woo's avatar
eddie.woo committed
4 5 6 7
import org.apache.commons.lang3.BooleanUtils;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.springframework.beans.factory.annotation.Autowired;
8
import org.springframework.beans.factory.annotation.Value;
eddie.woo's avatar
eddie.woo committed
9 10 11
import org.springframework.stereotype.Service;
import org.springframework.util.Assert;
import org.springframework.util.StringUtils;
12 13 14 15 16 17 18 19 20
import pwc.taxtech.atms.common.AuthUserHelper;
import pwc.taxtech.atms.common.CheckState;
import pwc.taxtech.atms.common.CommonConstants;
import pwc.taxtech.atms.common.CommonUtils;
import pwc.taxtech.atms.common.OperateLogType;
import pwc.taxtech.atms.common.OperationAction;
import pwc.taxtech.atms.common.OperationModule;
import pwc.taxtech.atms.common.UserLoginType;
import pwc.taxtech.atms.common.UserStatus;
eddie.woo's avatar
eddie.woo committed
21 22 23 24
import pwc.taxtech.atms.common.message.UserMessage;
import pwc.taxtech.atms.constant.DimensionConstant;
import pwc.taxtech.atms.constant.PermissionCode;
import pwc.taxtech.atms.constant.PermissionUrl;
25 26 27 28 29 30 31 32 33 34 35 36 37 38
import pwc.taxtech.atms.dao.PermissionMapper;
import pwc.taxtech.atms.dao.RoleMapper;
import pwc.taxtech.atms.dao.RolePermissionMapper;
import pwc.taxtech.atms.dao.UserMapper;
import pwc.taxtech.atms.dao.UserOrganizationMapper;
import pwc.taxtech.atms.dao.UserRoleMapper;
import pwc.taxtech.atms.dpo.RoleInfo;
import pwc.taxtech.atms.dpo.UserDto;
import pwc.taxtech.atms.dpo.UserRoleInfo;
import pwc.taxtech.atms.dto.AtmsTokenDto;
import pwc.taxtech.atms.dto.LoginInputDto;
import pwc.taxtech.atms.dto.LoginOutputDto;
import pwc.taxtech.atms.dto.OperationResultDto;
import pwc.taxtech.atms.dto.UpdateLogParams;
eddie.woo's avatar
eddie.woo committed
39 40
import pwc.taxtech.atms.dto.organization.DimensionRoleDto;
import pwc.taxtech.atms.dto.organization.SimpleRoleDto;
41 42 43 44 45 46 47 48 49 50
import pwc.taxtech.atms.dto.permission.OrganizationPermissionDto;
import pwc.taxtech.atms.dto.permission.OrganizationPermissionKeyDto;
import pwc.taxtech.atms.dto.permission.PermissionDto;
import pwc.taxtech.atms.dto.permission.PermissionKeyDto;
import pwc.taxtech.atms.dto.permission.UserPermissionDto;
import pwc.taxtech.atms.dto.permission.UserPermissionKeyDto;
import pwc.taxtech.atms.dto.user.UserAndUserRoleSaveDto;
import pwc.taxtech.atms.dto.user.UserRoleDimensionValueDto;
import pwc.taxtech.atms.dto.user.VMUser;
import pwc.taxtech.atms.dto.user.WebUserDto;
51 52
import pwc.taxtech.atms.entity.*;
import pwc.taxtech.atms.entity.UserRoleExample.Criteria;
53
import pwc.taxtech.atms.exception.ApplicationException;
eddie.woo's avatar
eddie.woo committed
54 55 56
import pwc.taxtech.atms.security.AtmsPasswordEncoder;
import pwc.taxtech.atms.security.JwtUtil;
import pwc.taxtech.atms.security.LdapAuthenticationProvider;
57 58 59 60 61 62 63 64 65 66 67

import java.util.ArrayList;
import java.util.Date;
import java.util.List;
import java.util.Objects;
import java.util.stream.Collectors;

import static java.util.stream.Collectors.toList;

/**
 */
eddie.woo's avatar
eddie.woo committed
68
@Service
69
public class UserServiceImpl extends AbstractService {
eddie.woo's avatar
eddie.woo committed
70 71 72 73 74 75 76 77 78 79 80 81 82 83
    private static final Logger logger = LoggerFactory.getLogger(UserServiceImpl.class);
    @Autowired
    private UserMapper userMapper;
    @Autowired
    private UserRoleMapper userRoleMapper;
    @Autowired
    private RolePermissionMapper rolePermissionMapper;
    @Autowired
    private PermissionMapper permissionMapper;
    @Autowired
    private AtmsPasswordEncoder atmsPasswordEncoder;
    @Autowired
    private JwtUtil jwtUtil;
    @Autowired
84
    private RoleServiceImpl roleService;
eddie.woo's avatar
eddie.woo committed
85
    @Autowired
86
    private MenuServiceImpl menuService;
eddie.woo's avatar
eddie.woo committed
87
    @Autowired
88
    private UserAccountServiceImpl userAccountService;
eddie.woo's avatar
eddie.woo committed
89 90 91 92 93 94 95 96 97
    @Autowired
    private LdapAuthenticationProvider ldapAuthenticationProvider;
    @Autowired
    private AuthUserHelper authUserHelper;
    @Autowired
    private RoleMapper roleMapper;
    @Autowired
    private UserOrganizationMapper userOrganizationMapper;
    @Autowired
98
    private OperationLogServiceImpl operationLogService;
eddie.woo's avatar
eddie.woo committed
99
    @Autowired
100
    private OrganizationServiceImpl organizationService;
eddie.woo's avatar
eddie.woo committed
101
    @Autowired
102
    private UserRoleServiceImpl userRoleService;
eddie.woo's avatar
eddie.woo committed
103

104 105 106
    @Value("${api.url}")
    private String apiUrl;

eddie.woo's avatar
eddie.woo committed
107 108 109 110 111 112
    public UserPermissionDto getUserPermission(String userName) {
        User user = userMapper.selectByUserNameIgnoreCase(userName);
        if (user == null) {
            return new UserPermissionDto();
        }
        UserPermissionDto userPermission = new UserPermissionDto();
113
        userPermission.setId(user.getId());
eddie.woo's avatar
eddie.woo committed
114 115 116 117 118 119 120 121 122
        userPermission.setIsAdmin(user.getIsAdmin());
        userPermission.setIsSuperAdmin(user.getIsSuperAdmin());
        userPermission.setUserName(userName);

        List<OrganizationPermissionDto> organizationPermissionDtos = new ArrayList<>();
        userPermission.setOrganizationPermissionList(organizationPermissionDtos);
        List<PermissionDto> permissionDtos = new ArrayList<>();
        userPermission.setPermissionList(permissionDtos);

123
        List<UserRole> urList = findUserRolesByUserId(user.getId());
eddie.woo's avatar
eddie.woo committed
124 125 126 127 128 129
        List<RolePermission> rolePermissionList = findAllRolePermissions();
        List<Permission> permissionList = findPermissionsByIsActive(CommonConstants.ACTIVE_STATUS);

        List<RolePermission> newRolePermissions = new ArrayList<>();
        List<Permission> newPermissions = new ArrayList<>();
        for (UserRole userRole : urList) {
130
            if (userRole.getRoleId() == null) {
eddie.woo's avatar
eddie.woo committed
131 132 133
                continue;
            }
            for (RolePermission rolePermission : rolePermissionList) {
134
                if (rolePermission.getRoleId() != null && rolePermission.getRoleId().equals(userRole.getRoleId())) {
eddie.woo's avatar
eddie.woo committed
135 136 137 138 139
                    newRolePermissions.add(rolePermission);
                }
            }
        }
        for (RolePermission rolePermission : newRolePermissions) {
140
            if (rolePermission.getPermissionId() == null) {
eddie.woo's avatar
eddie.woo committed
141 142 143
                continue;
            }
            for (Permission permission : permissionList) {
144
                if (permission.getId().equals(rolePermission.getPermissionId())) {
eddie.woo's avatar
eddie.woo committed
145 146 147 148 149 150 151 152 153 154 155 156
                    newPermissions.add(permission);
                }
            }
        }
        // 把原始的角色信息加上
        List<PermissionDto> userRoleList = newPermissions.stream().map(this::rotatePermissionToPermissionDto).distinct()
                .collect(Collectors.toList());

        // 获取机构权限列表
        userPermission
                .setOrganizationPermissionList(getOrganizationPermissionList(user, rolePermissionList, permissionList));

157 158 159
        List<String> menuIdList = userRoleList.stream()
                .filter(oneUserRole -> StringUtils.hasText(oneUserRole.getMenuId()))
                .map(oneUserRole -> oneUserRole.getMenuId()).collect(Collectors.toList());
eddie.woo's avatar
eddie.woo committed
160 161 162 163

        List<Menu> menuList = menuService.findByIsActive(CommonConstants.ACTIVE_STATUS);
        userPermission.setPermissionList(userRoleList);
        List<String> urls = new ArrayList<>();
164
        for (String item : menuIdList) {
eddie.woo's avatar
eddie.woo committed
165 166 167 168 169 170 171 172 173 174 175 176 177 178 179 180 181 182 183 184 185 186 187 188 189 190 191 192 193 194 195 196
            List<String> temp = getNavigationUrl(item, menuList);
            urls.addAll(temp);
        }

        if (!urls.isEmpty()) {
            // 把Admin首页地址加上
            urls.add(CommonConstants.AdminHomePage);
        }
        userPermission.setNavigationUrlList(urls);

        // 查看用户
        if (userRoleList.stream().anyMatch(oneUserRole -> PermissionCode.QueryUserCode.equals(oneUserRole.getCode()))) {
            userPermission.getNavigationUrlList().addAll(PermissionUrl.ExtraQueryUseList);
        }

        // 查看机构
        if (userRoleList.stream()
                .anyMatch(oneUserRole -> PermissionCode.QueryOranizationCode.equals(oneUserRole.getCode()))) {
            userPermission.getNavigationUrlList().addAll(PermissionUrl.ExtraQueryOranizationList);
        }

        // 查看事业部、区域、机构、自定义维度dashboard 特殊处理
        if (userRoleList.stream()
                .anyMatch(oneUserRole -> PermissionCode.DimensionPermissionCodeList.contains(oneUserRole.getCode()))) {
            userPermission.getNavigationUrlList().addAll(PermissionUrl.ExtraQueryBusinessUnit);
        }

        userPermission.setNavigationUrlList(
                userPermission.getNavigationUrlList().stream().distinct().collect(Collectors.toList()));
        return userPermission;
    }

197
    private List<String> getNavigationUrl(String menuId, List<Menu> menuList) {
eddie.woo's avatar
eddie.woo committed
198
        List<String> retlist = new ArrayList<>();
199
        List<Menu> findMenus = menuList.stream().filter(oneMenu -> menuId.equals(oneMenu.getId()))
eddie.woo's avatar
eddie.woo committed
200 201 202 203 204
                .collect(Collectors.toList());
        if (findMenus.isEmpty()) {
            return retlist;
        }
        Menu findMenu = findMenus.get(0);
205 206
        if (StringUtils.hasText(findMenu.getParentId())) {
            List<String> tempList = getNavigationUrl(findMenu.getParentId(), menuList);
eddie.woo's avatar
eddie.woo committed
207 208 209
            retlist.addAll(tempList);
        }
        if (StringUtils.hasText(findMenu.getNavigationUrl())) {
210
            if (CommonConstants.BasicDataManageMenu.equals(findMenu.getId())) {
eddie.woo's avatar
eddie.woo committed
211 212 213 214 215 216 217 218 219 220 221 222 223 224 225 226
                return retlist;
            }
            retlist.add(findMenu.getNavigationUrl());
            return retlist;
        }
        return retlist;
    }

    private List<Permission> findPermissionsByIsActive(Boolean isActive) {
        PermissionExample permissionExample = new PermissionExample();
        permissionExample.createCriteria().andIsActiveEqualTo(isActive);
        return permissionMapper.selectByExample(permissionExample);
    }

    private List<UserRole> findUserRolesByUserId(String userId) {
        UserRoleExample userRoleExample = new UserRoleExample();
227
        userRoleExample.createCriteria().andUserIdEqualTo(userId);
eddie.woo's avatar
eddie.woo committed
228 229 230 231 232 233 234 235 236 237
        return userRoleMapper.selectByExample(userRoleExample);
    }

    private List<RolePermission> findAllRolePermissions() {
        return rolePermissionMapper.selectByExample(new RolePermissionExample());
    }

    private PermissionDto rotatePermissionToPermissionDto(Permission permission) {
        PermissionDto permissionDto = new PermissionDto();
        permissionDto.setCode(permission.getCode());
238
        permissionDto.setId(permission.getId());
eddie.woo's avatar
eddie.woo committed
239
        permissionDto.setName(permission.getName());
240 241
        permissionDto.setParentId(permission.getParentId());
        permissionDto.setMenuId(permission.getMenuId());
eddie.woo's avatar
eddie.woo committed
242 243 244 245 246 247 248 249 250 251
        return permissionDto;
    }

    private PermissionKeyDto rotatePermissionToPermissionKeyDto(Permission permission) {
        PermissionKeyDto permissionKeyDto = new PermissionKeyDto();
        CommonUtils.copyProperties(permission, permissionKeyDto);
        return permissionKeyDto;
    }

    private List<OrganizationPermissionDto> getOrganizationPermissionList(User user,
252
                                                                          List<RolePermission> rolePermissionList, List<Permission> permissionList) {
eddie.woo's avatar
eddie.woo committed
253
        VMUser vmUser = new VMUser();
254
        vmUser.setId(user.getId());
eddie.woo's avatar
eddie.woo committed
255 256
        vmUser.setEmail(user.getEmail());
        vmUser.setIsAdmin(CommonConstants.ADMIN_STATUS.equals(user.getIsAdmin()));
257
        vmUser.setOrganizationId(user.getOrganizationId());
eddie.woo's avatar
eddie.woo committed
258 259 260 261 262 263 264 265
        List<OrganizationPermissionDto> retList = new ArrayList<>();
        if (user.getIsSuperAdmin()) {
            return retList;
        }
        List<UserRoleInfo> result = roleService.getUserRoleByUser(vmUser);
        if (result != null && !result.isEmpty()) {
            for (UserRoleInfo org : result) {
                OrganizationPermissionDto orgPermission = new OrganizationPermissionDto();
266
                orgPermission.setId(org.getOrganizationId());
eddie.woo's avatar
eddie.woo committed
267 268 269 270 271 272 273
                orgPermission.setName(org.getOrganizationName());
                List<PermissionDto> permissionDtos = new ArrayList<>();
                orgPermission.setPermissionList(permissionDtos);

                List<RolePermission> rolePermissions = new ArrayList<>();
                for (RoleInfo roleInfo : org.getRoleInfoList()) {
                    for (RolePermission rolePermission : rolePermissionList) {
274
                        if (roleInfo.getId().equals(rolePermission.getRoleId())) {
eddie.woo's avatar
eddie.woo committed
275 276 277 278 279 280 281
                            rolePermissions.add(rolePermission);
                        }
                    }
                }

                List<Permission> permissions = new ArrayList<>();
                for (RolePermission rolePermission : rolePermissions) {
282
                    if (rolePermission.getPermissionId() == null) {
eddie.woo's avatar
eddie.woo committed
283 284 285
                        continue;
                    }
                    for (Permission permission : permissionList) {
286
                        if (rolePermission.getPermissionId().equals(permission.getId())) {
eddie.woo's avatar
eddie.woo committed
287 288 289 290 291 292 293 294 295 296 297 298 299 300
                            permissions.add(permission);
                        }
                    }
                }
                List<PermissionDto> permissionDtoList = permissions.stream().map(this::rotatePermissionToPermissionDto)
                        .distinct().collect(Collectors.toList());
                orgPermission.setPermissionList(permissionDtoList);
                retList.add(orgPermission);
            }
        }
        return retList;
    }

    private List<OrganizationPermissionKeyDto> getOrganizationPermissionKeyList(User user,
301
                                                                                List<RolePermission> rolePermissionList, List<Permission> permissionList) {
eddie.woo's avatar
eddie.woo committed
302
        VMUser vmUser = new VMUser();
303
        vmUser.setId(user.getId());
eddie.woo's avatar
eddie.woo committed
304 305
        vmUser.setEmail(user.getEmail());
        vmUser.setIsAdmin(CommonConstants.ADMIN_STATUS.equals(user.getIsAdmin()));
306
        vmUser.setOrganizationId(user.getOrganizationId());
eddie.woo's avatar
eddie.woo committed
307 308 309 310 311 312 313 314 315
        List<OrganizationPermissionKeyDto> retList = new ArrayList<>();
        if (CommonConstants.ADMIN_STATUS.equals(user.getIsAdmin())) {
            // 如果是admin,则拥有所有权限
            return retList;
        }
        List<UserRoleInfo> result = roleService.getUserRoleByUser(vmUser);
        if (result != null && !result.isEmpty()) {
            for (UserRoleInfo org : result) {
                OrganizationPermissionKeyDto orgPermission = new OrganizationPermissionKeyDto();
316
                orgPermission.setId(org.getOrganizationId());
eddie.woo's avatar
eddie.woo committed
317 318 319 320 321 322 323
                orgPermission.setName(org.getOrganizationName());
                List<PermissionKeyDto> permissionDtos = new ArrayList<>();
                orgPermission.setPermissionList(permissionDtos);

                List<RolePermission> rolePermissions = new ArrayList<>();
                for (RoleInfo roleInfo : org.getRoleInfoList()) {
                    for (RolePermission rolePermission : rolePermissionList) {
324
                        if (roleInfo.getId().equals(rolePermission.getRoleId())) {
eddie.woo's avatar
eddie.woo committed
325 326 327 328 329 330 331
                            rolePermissions.add(rolePermission);
                        }
                    }
                }

                List<Permission> permissions = new ArrayList<>();
                for (RolePermission rolePermission : rolePermissions) {
332
                    if (rolePermission.getPermissionId() == null) {
eddie.woo's avatar
eddie.woo committed
333 334 335
                        continue;
                    }
                    for (Permission permission : permissionList) {
336
                        if (rolePermission.getPermissionId().equals(permission.getId())) {
eddie.woo's avatar
eddie.woo committed
337 338 339 340 341 342 343 344 345 346 347 348 349 350 351
                            permissions.add(permission);
                        }
                    }
                }
                List<PermissionKeyDto> permissionDtoList = permissions.stream()
                        .map(this::rotatePermissionToPermissionKeyDto).distinct().collect(Collectors.toList());
                orgPermission.setPermissionList(permissionDtoList);
                retList.add(orgPermission);
            }
        }
        return retList;
    }

    private OrganizationPermissionDto rotateUserRoleInfoToOrganizationPermissionDto(UserRoleInfo userRoleInfo) {
        OrganizationPermissionDto organizationPermissionDto = new OrganizationPermissionDto();
352
        organizationPermissionDto.setId(userRoleInfo.getOrganizationId());
eddie.woo's avatar
eddie.woo committed
353 354 355 356 357 358 359 360 361 362 363 364 365 366 367 368 369 370 371 372 373 374 375 376 377 378 379 380 381 382 383 384 385 386 387 388 389 390 391
        organizationPermissionDto.setName(userRoleInfo.getOrganizationName());
        List<PermissionDto> permissionDtos = new ArrayList<>();
        organizationPermissionDto.setPermissionList(permissionDtos);
        return organizationPermissionDto;
    }

    public User getUser(String id) {
        return userMapper.selectByPrimaryKey(id);
    }

    public OperationResultDto<LoginOutputDto> login(LoginInputDto input) {
        // return dummyLogin(input);
        return doLogin(input);
    }

    private OperationResultDto<LoginOutputDto> doLogin(LoginInputDto input) {
        logger.debug("doLogin start");
        Assert.notNull(input, "Null input");
        final String inputLoginName = input.getEmail();
        Assert.hasText(inputLoginName, "empty email");
        Assert.hasText(input.getPassword(), "empty password");
        logger.debug("ready to call userMapper.selectByUserNameIgnoreCase");
        // 查找用户时需要忽略大小写
        User tempUser = userMapper.selectByUserNameIgnoreCase(inputLoginName);
        logger.debug("print tempUser is null?:{}", tempUser == null);

        // 判断用户是否是正常状态
        final OperationResultDto<LoginOutputDto> loginResult = activeCheck(tempUser);
        final LoginOutputDto loginOutputDto = loginResult.getData();
        if (loginResult.getResult() != null && !loginResult.getResult()) {
            logger.debug(
                    "return loginResult after activeCheck due to loginResult.getResult():{}, loginOutputDto.getCheckState():{}",
                    loginResult.getResult(), loginOutputDto.getCheckState());
            return loginResult;
        }
        Assert.notNull(tempUser, "Null tempUser after calling activeCheck()");
        final boolean isExternalUser = UserLoginType.ExternalUser.equals(tempUser.getLoginType());
        logger.debug("print tempUser.getLoginType():{}", tempUser.getLoginType());
        loginOutputDto.setIsExternalUser(isExternalUser);
392 393
        logger.debug("print tempUser.getId():{}", tempUser.getId());
        loginOutputDto.setUserId(tempUser.getId());
eddie.woo's avatar
eddie.woo committed
394 395 396 397 398 399 400 401 402 403 404 405 406 407 408 409 410 411 412

        // 根据用户的登录类型选择不同的登录验证方式
        OperationResultDto<LoginOutputDto> newloginResult = null;
        if (isExternalUser) {
            newloginResult = externalUserLogin(tempUser, inputLoginName, input.getPassword());
        } else {
            newloginResult = internalUserLogin(tempUser, inputLoginName, input.getPassword());
        }

        final LoginOutputDto newloginOutputDto = newloginResult.getData();
        // 如果登录失败,则根据失败的次数增加尝试登录次数以及修改用户状态
        if (newloginResult.getResult() != null && !newloginResult.getResult()) {
            if (newloginOutputDto != null
                    && CheckState.WrongPassword.value().equals(newloginOutputDto.getCheckState())) {
                logger.debug("如果登录失败,则根据失败的次数增加尝试登录次数以及修改用户状态");
                userAccountService.dealWithWrongPassword(tempUser);
            }
            return newloginResult;
        }
413
        newloginOutputDto.setUserId(tempUser.getId());
eddie.woo's avatar
eddie.woo committed
414 415 416 417 418 419 420 421 422 423 424 425 426 427 428 429 430 431 432 433

        // 如果用户登录成功,且尝试登录次数不为0,则重置登录次数
        if (tempUser.getAttemptTimes() != null && tempUser.getAttemptTimes() > 0) {
            logger.debug("如果用户登录成功,且尝试登录次数不为0,则重置登录次数");
            userAccountService.resetAttemptTimes(tempUser);
        } else {
            logger.debug("如果用户登录成功,跳过重置登录次数");
        }

        // 原注释“如果用户为外部用户,且账户状态正常,则需要修改密码”
        // 但是以下的场景不可能发生,InActive的用户会被activeCheck方法拒绝登录
        if (isExternalUser && UserStatus.InActive.value().equals(tempUser.getStatus())) {
            needChangePassword(tempUser, newloginResult);
        }

        if (newloginResult.getResult() != null && newloginResult.getResult()) {
            newloginResult.getData().setMessage("Login success.");
            logger.debug("创建AtmsTokenDto");
            AtmsTokenDto token = new AtmsTokenDto();
            newloginResult.getData().setToken(token);
434
            String accessToken = jwtUtil.generateToken(inputLoginName, tempUser.getUserName(), tempUser.getId());
eddie.woo's avatar
eddie.woo committed
435 436 437 438 439
            token.setAccess_token(accessToken);
            token.setToken_type("bearer");
            token.setExpires_in(86400000L);
            // api_host可以由atms-web端来赋值
            token.setApi_host("NA");
440
            token.setVat_api_host(apiUrl);
441
            token.setTp_url(apiUrl);
eddie.woo's avatar
eddie.woo committed
442 443 444 445 446
            token.setVersion("1.0" + ".0.0");
            token.setUser_name(inputLoginName);
            token.setLocal_name(inputLoginName);
            token.setNeed_change_password(false);
            token.setIs_external_user(isExternalUser);
447
            token.setUser_id(tempUser.getId());
eddie.woo's avatar
eddie.woo committed
448 449 450
            logger.debug("创建UserDto");

            /// @see PwC.Tax.Tech.Atms.Web\Controllers\AccountController.cs
451
            /// C#代码:User = new UserDto { UniqueId = Guid.NewGuid().ToString(), LoginName =
eddie.woo's avatar
eddie.woo committed
452 453 454 455 456 457 458 459 460 461 462 463 464 465 466 467 468 469 470 471 472 473 474 475 476 477 478 479 480 481 482 483 484 485 486 487 488 489 490 491 492 493 494 495 496 497 498 499 500 501 502 503 504 505 506 507 508 509 510 511 512 513 514 515 516 517 518 519 520 521 522 523 524 525 526 527 528 529 530 531 532 533 534 535 536 537 538 539 540 541 542 543 544 545 546 547 548 549 550 551 552 553 554 555 556 557 558 559 560 561 562 563 564 565 566 567 568 569 570 571 572 573 574 575 576
            /// userName, Password = password },
            WebUserDto userDto = new WebUserDto();
            newloginResult.getData().setUser(userDto);
            userDto.setUniqueId(CommonUtils.getUUID());
            userDto.setLoginName(inputLoginName);
            // 参照C#代码设置password
            userDto.setPassword(input.getPassword());
            userDto.setHasValidPeriod(false);
        } else {
            logger.error("状态异常");
        }
        if (logger.isDebugEnabled()) {
            logger.debug("print return json:{}", JSON.toJSONString(newloginResult, true));
        }
        return newloginResult;
    }

    private void needChangePassword(User tempUser, OperationResultDto<LoginOutputDto> newloginResult) {
        // 这不可能发生,InActive的用户会被activeCheck方法拒绝登录
        throw new ApplicationException("Not happens");
    }

    private OperationResultDto<LoginOutputDto> internalUserLogin(User tempUser, String username, String password) {
        if (UserLoginType.ADUser.equals(tempUser.getLoginType())) {
            return adLoginCheck(username, password);
        } else {
            return passwordLoginCheck(tempUser, password);
        }
    }

    public OperationResultDto<LoginOutputDto> adLoginCheck(String username, String password) {
        boolean authenticated = ldapAuthenticationProvider.authenticate(username, password);
        if (authenticated) {
            logger.debug("LDAP server return true");
            OperationResultDto<LoginOutputDto> result = new OperationResultDto<>();
            result.setResult(true);
            LoginOutputDto data = new LoginOutputDto();
            data.setCheckState(CheckState.Success.value());
            result.setData(data);
            return result;
        } else {
            logger.debug("LDAP server return false");
            OperationResultDto<LoginOutputDto> result = new OperationResultDto<>();
            result.setResult(false);
            LoginOutputDto data = new LoginOutputDto();
            data.setCheckState(CheckState.WrongPassword.value());
            result.setData(data);
            return result;
        }

    }

    public OperationResultDto<LoginOutputDto> externalUserLogin(User tempUser, String email, String password) {
        return passwordLoginCheck(tempUser, password);
    }

    private OperationResultDto<LoginOutputDto> passwordLoginCheck(User tempUser, String password) {
        logger.debug("externalUserLogin start");
        boolean passwordMatch = atmsPasswordEncoder.matches(password, tempUser.getPassword());
        if (!passwordMatch) {
            logger.debug("密码错误");
            OperationResultDto<LoginOutputDto> result = new OperationResultDto<>();
            result.setResult(false);
            LoginOutputDto data = new LoginOutputDto();
            data.setCheckState(CheckState.WrongPassword.value());
            result.setData(data);
            return result;
        }
        logger.debug("密码校验成功");
        OperationResultDto<LoginOutputDto> result = new OperationResultDto<>();
        result.setResult(true);
        LoginOutputDto data = new LoginOutputDto();
        data.setCheckState(CheckState.Success.value());
        result.setData(data);
        return result;
    }

    public OperationResultDto<LoginOutputDto> activeCheck(User tempUser) {
        if (tempUser == null) {
            OperationResultDto<LoginOutputDto> result = new OperationResultDto<>();
            result.setResult(false);
            LoginOutputDto data = new LoginOutputDto();
            data.setCheckState(CheckState.UserNameNotExist.value());
            result.setData(data);
            return result;
        }
        boolean inactive = tempUser.getStatus() != null && tempUser.getStatus().equals(UserStatus.InActive.value());
        boolean locked = tempUser.getStatus() != null && tempUser.getStatus().equals(UserStatus.Locked.value());
        if (inactive || locked) {
            OperationResultDto<LoginOutputDto> result = new OperationResultDto<>();
            result.setResult(false);
            LoginOutputDto data = new LoginOutputDto();
            data.setCheckState(CheckState.Inactive.value());
            result.setData(data);
            return result;
        }

        OperationResultDto<LoginOutputDto> result = new OperationResultDto<>();
        result.setResult(true);
        LoginOutputDto data = new LoginOutputDto();
        data.setCheckState(CheckState.Success.value());
        result.setData(data);
        return result;
    }

    private OperationResultDto<LoginOutputDto> dummyLogin() {
        OperationResultDto<LoginOutputDto> operationResultDto = new OperationResultDto<>();
        operationResultDto.setResult(true);
        operationResultDto.setResultMsg("OK");
        operationResultDto.setReturnCode(200);
        LoginOutputDto loginOutputDto = new LoginOutputDto();
        operationResultDto.setData(loginOutputDto);
        loginOutputDto.setApiHost("apihost1");
        loginOutputDto.setCheckState(4);
        loginOutputDto.setToken(new AtmsTokenDto());
        return operationResultDto;
    }


    public UserPermissionKeyDto getUserPermissionKey(String userName) {
        User user = userMapper.selectByUserNameIgnoreCase(userName);
        if (user == null) {
            return new UserPermissionKeyDto();
        }
        UserPermissionKeyDto userPermission = new UserPermissionKeyDto();
577
        userPermission.setId(user.getId());
eddie.woo's avatar
eddie.woo committed
578 579 580 581 582 583 584 585 586
        userPermission.setIsAdmin(user.getIsAdmin());
        userPermission.setIsSuperAdmin(user.getIsSuperAdmin());
        userPermission.setUserName(userName);

        List<OrganizationPermissionKeyDto> organizationPermissionDtos = new ArrayList<>();
        userPermission.setOrganizationPermissionList(organizationPermissionDtos);
        List<PermissionKeyDto> permissionDtos = new ArrayList<>();
        userPermission.setPermissionList(permissionDtos);

587
        List<UserRole> urList = findUserRolesByUserId(user.getId());
eddie.woo's avatar
eddie.woo committed
588 589 590 591 592 593
        List<RolePermission> rolePermissionList = findAllRolePermissions();
        List<Permission> permissionList = findPermissionsByIsActive(CommonConstants.ACTIVE_STATUS);

        List<RolePermission> newRolePermissions = new ArrayList<>();
        List<Permission> newPermissions = new ArrayList<>();
        for (UserRole userRole : urList) {
594
            if (userRole.getRoleId() == null) {
eddie.woo's avatar
eddie.woo committed
595 596 597
                continue;
            }
            for (RolePermission rolePermission : rolePermissionList) {
598
                if (rolePermission.getRoleId() != null && rolePermission.getRoleId().equals(userRole.getRoleId())) {
eddie.woo's avatar
eddie.woo committed
599 600 601 602 603
                    newRolePermissions.add(rolePermission);
                }
            }
        }
        for (RolePermission rolePermission : newRolePermissions) {
604
            if (rolePermission.getPermissionId() == null) {
eddie.woo's avatar
eddie.woo committed
605 606 607
                continue;
            }
            for (Permission permission : permissionList) {
608
                if (permission.getId().equals(rolePermission.getPermissionId())) {
eddie.woo's avatar
eddie.woo committed
609 610 611 612 613 614 615 616 617 618 619 620
                    newPermissions.add(permission);
                }
            }
        }
        // 把原始的角色信息加上
        List<PermissionKeyDto> userRoleList = newPermissions.stream().map(this::rotatePermissionToPermissionKeyDto)
                .distinct().collect(Collectors.toList());

        // 获取机构权限列表
        userPermission.setOrganizationPermissionList(
                getOrganizationPermissionKeyList(user, rolePermissionList, permissionList));

621 622 623
        List<String> menuIdList = userRoleList.stream()
                .filter(oneUserRole -> StringUtils.hasText(oneUserRole.getMenuId()))
                .map(oneUserRole -> oneUserRole.getMenuId()).collect(Collectors.toList());
eddie.woo's avatar
eddie.woo committed
624 625 626 627

        List<Menu> menuList = menuService.findByIsActive(CommonConstants.ACTIVE_STATUS);
        userPermission.setPermissionList(userRoleList);
        List<String> urls = new ArrayList<>();
628
        for (String item : menuIdList) {
eddie.woo's avatar
eddie.woo committed
629 630 631 632 633 634 635 636 637 638 639 640 641 642 643 644 645 646 647 648 649 650 651 652 653 654 655 656 657 658 659
            List<String> temp = getNavigationUrl(item, menuList);
            urls.addAll(temp);
        }

        if (!urls.isEmpty()) {
            // 把Admin首页地址加上
            urls.add(CommonConstants.AdminHomePage);
        }
        userPermission.setNavigationUrlList(urls);

        // 查看用户
        if (userRoleList.stream().anyMatch(oneUserRole -> PermissionCode.QueryUserCode.equals(oneUserRole.getCode()))) {
            userPermission.getNavigationUrlList().addAll(PermissionUrl.ExtraQueryUseList);
        }

        // 查看机构
        if (userRoleList.stream()
                .anyMatch(oneUserRole -> PermissionCode.QueryOranizationCode.equals(oneUserRole.getCode()))) {
            userPermission.getNavigationUrlList().addAll(PermissionUrl.ExtraQueryOranizationList);
        }

        userPermission.setNavigationUrlList(
                userPermission.getNavigationUrlList().stream().distinct().collect(Collectors.toList()));
        return userPermission;
    }

    public List<User> findAllUsers() {
        UserExample userExample = new UserExample();
        return userMapper.selectByExample(userExample);
    }

660 661
    public UserDto getUserById(String userId) {
        List<UserDto> userDtos = userMapper.selectUserWithOrgInfoById(userId);
eddie.woo's avatar
eddie.woo committed
662 663 664 665 666 667 668
        if (userDtos != null && !userDtos.isEmpty()) {
            return userDtos.get(0);
        }
        return null;
    }

    public OperationResultDto<User> updateUser(UserAndUserRoleSaveDto userDto) {
669
        OperationResultDto<User> result = checkUserExist(userDto.getUserName(), userDto.getId());
eddie.woo's avatar
eddie.woo committed
670 671 672 673 674
        OperationResultDto<User> operationResultDto = new OperationResultDto<>();
        if (result != null && !BooleanUtils.isTrue(result.getResult())) {
            return result;
        }

675
        result = checkEmailExist(userDto.getEmail(), userDto.getId());
eddie.woo's avatar
eddie.woo committed
676 677 678
        if (result != null && !BooleanUtils.isTrue(result.getResult())) {
            return result;
        }
679
        User user = userMapper.selectByPrimaryKey(userDto.getId());
eddie.woo's avatar
eddie.woo committed
680 681
        Assert.notNull(user, "Null user");
        if (!Objects.equals(userDto.getIsAdmin(), BooleanUtils.isTrue(user.getIsAdmin()))) {
682
            String userName = authUserHelper.getCurrentAuditor().get();
eddie.woo's avatar
eddie.woo committed
683 684 685 686 687 688 689 690
            User operateUser = userMapper.selectByUserNameIgnoreCase(userName);
            if (operateUser != null && BooleanUtils.isFalse(operateUser.getIsAdmin())) {
                operationResultDto.setResult(false);
                operationResultDto.setResultMsg(UserMessage.HasNoPermission);
                return operationResultDto;
            }
        }

691 692
        if (userDto.getRoleIds() == null) {
            userDto.setRoleIds(new ArrayList<>());
eddie.woo's avatar
eddie.woo committed
693 694 695 696 697
        }
        User userOriginal = CommonUtils.copyProperties(user, new User());
        user.setUserName(userDto.getUserName());
        user.setEmail(userDto.getEmail());
        user.setIsAdmin(BooleanUtils.isTrue(userDto.getIsAdmin()));
698
        user.setOrganizationId(userDto.getOrganizationId());
eddie.woo's avatar
eddie.woo committed
699
        user.setUpdateTime(new Date());
700
        List<UserRole> oldUserRoleList = findUserRoleByUserIdWithoutProjectId(user.getId());
eddie.woo's avatar
eddie.woo committed
701 702
        List<UserRole> userRoleList = new ArrayList<>();
        List<UserRole> needDeleteList = oldUserRoleList.stream()
703
                .filter(p -> userDto.getRoleIds().stream().noneMatch(sa -> Objects.equals(sa, p.getRoleId())))
eddie.woo's avatar
eddie.woo committed
704 705
                .collect(Collectors.toList());
        for (UserRole userRole : needDeleteList) {
706 707
            logger.debug("Start to delete userRole [ {} ]", userRole.getId());
            userRoleMapper.deleteByPrimaryKey(userRole.getId());
eddie.woo's avatar
eddie.woo committed
708 709
        }
        List<Role> roleQuery = roleMapper.selectByExample(new RoleExample());
710 711
        for (String role : userDto.getRoleIds()) {
            if (oldUserRoleList.stream().anyMatch(sa -> Objects.equals(sa.getRoleId(), role))) {
eddie.woo's avatar
eddie.woo committed
712 713
                continue;
            }
714
            Role r = roleQuery.stream().filter(p -> Objects.equals(p.getId(), role)).findFirst().orElse(null);
eddie.woo's avatar
eddie.woo committed
715
            UserRole userRole = new UserRole();
716 717 718 719
            userRole.setId(CommonUtils.getUUID());
            userRole.setUserId(user.getId());
            userRole.setRoleId(role);
            userRole.setServiceTypeId(r != null ? r.getServiceTypeId() : "");
eddie.woo's avatar
eddie.woo committed
720
            userRoleList.add(userRole);
721
            logger.debug("Start to insert user role [ {} ] with roleId [ {} ]", userRole.getId(), role);
eddie.woo's avatar
eddie.woo committed
722
            userRoleMapper.insertSelective(userRole);
eddie.woo's avatar
eddie.woo committed
723 724
        }
        // 添加所属机构的访问权限
725 726
        UserOrganization userOrganization = findUserOrganizationByUserIdAndOrganizationId(user.getId(),
                user.getOrganizationId()).stream().findFirst().orElse(null);
eddie.woo's avatar
eddie.woo committed
727 728
        if (userOrganization == null) {
            userOrganization = new UserOrganization();
729 730
            userOrganization.setOrganizationId(user.getOrganizationId());
            userOrganization.setUserId(user.getId());
eddie.woo's avatar
eddie.woo committed
731
            userOrganization.setIsAccessible(CommonConstants.IsAccessible);
732
            userOrganization.setId(CommonUtils.getUUID());
eddie.woo's avatar
eddie.woo committed
733 734 735 736 737 738 739 740 741 742 743
            userOrganization.setHasOriginalRole(CommonConstants.HasOriginalRole);
            userOrganizationMapper.insert(userOrganization);
        } else if (BooleanUtils.isFalse(userOrganization.getHasOriginalRole())) {
            userOrganization.setHasOriginalRole(CommonConstants.HasOriginalRole);
            userOrganizationMapper.updateByPrimaryKey(userOrganization);
        }

        userMapper.updateByPrimaryKey(user);
        // 删除以前的用户角色数据日志
        List<UpdateLogParams> oldUserRoleLogs = new ArrayList<>();
        for (UserRole oldUserRole : oldUserRoleList) {
744
            Role role = roleQuery.stream().filter(sa -> Objects.equals(sa.getId(), oldUserRole.getRoleId())).findFirst()
eddie.woo's avatar
eddie.woo committed
745 746 747 748 749 750 751 752 753
                    .orElse(null);
            oldUserRoleLogs.add(generateUpdateLogParams(OperateLogType.OperationLogUser.value(),
                    role == null ? "" : role.getName(), userOriginal.getUserName(), OperationAction.Delete.value(),
                    OperationModule.UserRole.value()));
        }
        operationLogService.addOrDeleteDataAddLog(oldUserRoleLogs);
        // 新增新的用户角色数据日志
        List<UpdateLogParams> userRoleLogs = new ArrayList<>();
        for (UserRole userRole : userRoleList) {
754
            Role role = roleQuery.stream().filter(sa -> Objects.equals(sa.getId(), userRole.getRoleId())).findFirst()
eddie.woo's avatar
eddie.woo committed
755 756 757 758 759 760 761 762 763 764 765 766 767 768 769 770 771 772
                    .orElse(null);
            userRoleLogs.add(
                    generateUpdateLogParams(OperateLogType.OperationLogUser.value(), role == null ? "" : role.getName(),
                            userOriginal.getUserName(), OperationAction.New.value(), OperationModule.UserRole.value()));
        }
        operationLogService.addOrDeleteDataAddLog(userRoleLogs);
        // 更新用户信息日志
        UpdateLogParams updateLogParams = generateUpdateLogParams(OperateLogType.OperationLogUser.value(), "",
                userOriginal.getUserName(), OperationAction.Update.value(), OperationModule.User.value());
        updateLogParams.setComment("");
        updateLogParams.setUpdateState(user);
        updateLogParams.setOriginalState(userOriginal);
        operationLogService.updateDataAddLog(updateLogParams);
        operationResultDto.setResult(true);
        return operationResultDto;
    }

    private UpdateLogParams generateUpdateLogParams(Integer logType, String operationContent, String operationObject,
773
                                                    Integer action, Integer module) {
eddie.woo's avatar
eddie.woo committed
774 775 776 777 778 779 780 781 782
        UpdateLogParams updateLogParams = new UpdateLogParams();
        updateLogParams.setOperateLogType(logType);
        updateLogParams.setOperationContent(operationContent);
        updateLogParams.setOperationObject(operationObject);
        updateLogParams.setOperationAction(action);
        updateLogParams.setOperationModule(module);
        return updateLogParams;
    }

783
    public List<UserOrganization> findUserOrganizationByUserIdAndOrganizationId(String userId, String organizationId) {
eddie.woo's avatar
eddie.woo committed
784
        UserOrganizationExample userOrganizationExample = new UserOrganizationExample();
785
        pwc.taxtech.atms.entity.UserOrganizationExample.Criteria criteria = userOrganizationExample.createCriteria();
786 787
        criteria.andUserIdEqualTo(userId);
        criteria.andOrganizationIdEqualTo(organizationId);
eddie.woo's avatar
eddie.woo committed
788 789 790
        return userOrganizationMapper.selectByExample(userOrganizationExample);
    }

791 792 793 794 795
    public UserDto getUserByDto(UserDto userParam) {
        User user = userMapper.selectByUserName(userParam.getUserName());
        UserDto dto = null;
        if (user != null) {
            dto = new UserDto();
796
            CommonUtils.copyProperties(user, dto);
797 798 799 800
        }
        return dto;
    }

801
    private List<UserRole> findUserRoleByUserIdWithoutProjectId(String userId) {
eddie.woo's avatar
eddie.woo committed
802 803
        UserRoleExample userRoleExample = new UserRoleExample();
        Criteria criteria = userRoleExample.createCriteria();
804 805
        criteria.andUserIdEqualTo(userId);
        criteria.andProjectIdIsNull();
eddie.woo's avatar
eddie.woo committed
806 807 808
        return userRoleMapper.selectByExample(userRoleExample);
    }

809
    public OperationResultDto<User> checkUserExist(String userName, String userId) {
eddie.woo's avatar
eddie.woo committed
810 811
        User user = null;
        OperationResultDto<User> operationResultDto = new OperationResultDto<>();
812
        if (CommonConstants.EMPTY_UUID.equals(userId)) {
eddie.woo's avatar
eddie.woo committed
813 814 815
            user = userMapper.selectByUserNameIgnoreCase(userName);
        } else {
            UserDto userDto = new UserDto();
816
            userDto.setId(userId);
eddie.woo's avatar
eddie.woo committed
817 818 819
            userDto.setUserName(userName);
            user = userMapper.selectUserWithSameUserName(userDto);
        }
820
        if (user != null && user.getId() != null) {
eddie.woo's avatar
eddie.woo committed
821 822 823 824 825 826 827 828
            operationResultDto.setResult(false);
            operationResultDto.setResultMsg(UserMessage.UserExistsInfo);
            return operationResultDto;
        }
        operationResultDto.setResult(true);
        return operationResultDto;
    }

829
    public OperationResultDto<User> checkEmailExist(String email, String userId) {
eddie.woo's avatar
eddie.woo committed
830 831
        User user = null;
        OperationResultDto<User> operationResultDto = new OperationResultDto<>();
832
        if (CommonConstants.EMPTY_UUID.equals(userId)) {
eddie.woo's avatar
eddie.woo committed
833 834 835
            user = userMapper.selectByEmailIgnoreCase(email);
        } else {
            UserDto userDto = new UserDto();
836
            userDto.setId(userId);
eddie.woo's avatar
eddie.woo committed
837 838 839
            userDto.setEmail(email);
            user = userMapper.selectUserWithSameEmail(userDto);
        }
840
        if (user != null && user.getId() != null) {
eddie.woo's avatar
eddie.woo committed
841 842 843 844 845 846 847 848
            operationResultDto.setResult(false);
            operationResultDto.setResultMsg(UserMessage.EmailRegisted);
            return operationResultDto;
        }
        operationResultDto.setResult(true);
        return operationResultDto;
    }

849 850
    public void deleteUserDimensionValue(DimensionRoleDto dto, String userId) {
        if (dto == null || userId == null) {
eddie.woo's avatar
eddie.woo committed
851 852 853
            throw new ApplicationException(CommonConstants.JSONNULLOBJECT);
        }
        UserDimensionValueExample userDimensionValueExample = new UserDimensionValueExample();
854 855
        userDimensionValueExample.createCriteria().andUserIdEqualTo(userId).andDimensionIdEqualTo(dto.getDimensionId())
                .andDimensionValueIdEqualTo(dto.getDimensionValueId());
eddie.woo's avatar
eddie.woo committed
856 857 858
        UserDimensionValue userDimensionValue = userDimensionValueMapper.selectByExample(userDimensionValueExample)
                .stream().findFirst().orElse(null);
        if (userDimensionValue != null) {
859
            List<String> roleIdList = dto.getRoleList().stream().map(SimpleRoleDto::getRoleId).collect(toList());
eddie.woo's avatar
eddie.woo committed
860
            UserDimensionValueRoleExample userDimensionValueRoleExample = new UserDimensionValueRoleExample();
861 862
            userDimensionValueRoleExample.createCriteria().andUserDimensionValueIdEqualTo(userDimensionValue.getId())
                    .andRoleIdIn(roleIdList);
eddie.woo's avatar
eddie.woo committed
863 864
            List<UserDimensionValueRole> items = userDimensionValueRoleMapper
                    .selectByExample(userDimensionValueRoleExample);
865
            userDimensionValueMapper.deleteByPrimaryKey(userDimensionValue.getId());
eddie.woo's avatar
eddie.woo committed
866
            for (UserDimensionValueRole item : items) {
867 868
                logger.debug("Start to delete UserDimensionValueRole [ {} ]", item.getId());
                userDimensionValueRoleMapper.deleteByPrimaryKey(item.getId());
eddie.woo's avatar
eddie.woo committed
869 870 871 872 873 874 875 876 877 878 879 880 881 882 883
            }
        }
    }

    /**
     * 机构用户界面,弹框权限编辑卡片,做删除 如果是维度上的,修改可以继承,还是不可继承 删除,如果是附加原始角色,修改标记Hasorignialrole to
     * 0 删除,如果是附加附加角色,则删除
     */
    @SuppressWarnings("rawtypes")
    public OperationResultDto deleteUserOrg(List<UserRoleDimensionValueDto> userRoleList) {
        if (userRoleList == null) {
            throw new ApplicationException(CommonConstants.JSONNULLOBJECT);
        }
        for (UserRoleDimensionValueDto r : userRoleList) {
            // OrgCustomDto dimension =
884 885
            // organizationService.getDimensionValueName(r.getDimensionId(),
            // r.getDimensionValueId());
eddie.woo's avatar
eddie.woo committed
886 887 888
            // String dimensionName = dimension.getDimensionName();
            // String dimensionValueName = dimension.getDimensionValueName();

889 890
            String operateUserName = userRoleService.getUserDtoById(r.getUserId()).getUserName();
            String orgName = userRoleService.getOrgDtoById(r.getOrganizationId()).getName();
eddie.woo's avatar
eddie.woo committed
891
            // 如果角色是附加的,附加有附加原始,和附加额外的
892 893 894
            if (DimensionConstant.ExtraOrgDimensionId.equals(r.getDimensionId())) {
                UserOrganization userOrg = findUserOrganizationByUserIdAndOrganizationId(r.getUserId(),
                        r.getOrganizationId()).stream().findFirst().orElse(null);
eddie.woo's avatar
eddie.woo committed
895
                // 附加额外角色,删除
896
                if (DimensionConstant.ExtraOrgDimensionValueId.equals(r.getDimensionValueId()) && userOrg != null) {
eddie.woo's avatar
eddie.woo committed
897
                    UserOrganizationRoleExample userOrganizationRoleExample = new UserOrganizationRoleExample();
898
                    userOrganizationRoleExample.createCriteria().andUserOrganizationIdEqualTo(userOrg.getId());
eddie.woo's avatar
eddie.woo committed
899 900 901
                    List<UserOrganizationRole> target = userOrganizationRoleMapper
                            .selectByExample(userOrganizationRoleExample);
                    for (UserOrganizationRole oneTarget : target) {
902 903
                        logger.debug("Start to delete UserOrganizationRole [ {} ]", oneTarget.getId());
                        userOrganizationRoleMapper.deleteByPrimaryKey(oneTarget.getId());
eddie.woo's avatar
eddie.woo committed
904
                        // 添加日志
905
                        Role role = roleMapper.selectByPrimaryKey(oneTarget.getRoleId());
eddie.woo's avatar
eddie.woo committed
906 907 908 909 910 911 912 913 914 915
                        String roleName = role == null ? "" : role.getName();
                        operationLogService
                                .addOrDeleteDataAddLog(generateUpdateLogParams(OperateLogType.OperationLogUser.value(),
                                        orgName + CommonConstants.DashSignSeparator + operateUserName
                                                + CommonConstants.DashSignSeparator + roleName,
                                        operateUserName, OperationAction.Delete.value(),
                                        OperationModule.UserOrganizationRole.value()));
                    }
                }
                // 删除,附加原始角色 设置为不继承原始
916
                if (DimensionConstant.OriginalRoleDimensionValueId.equals(r.getDimensionValueId()) && userOrg != null) {
eddie.woo's avatar
eddie.woo committed
917 918 919 920 921 922 923 924 925 926 927 928 929 930 931 932 933 934 935 936 937 938
                    // UserOrganization old = CommonUtils.copyProperties(userOrg, new
                    // UserOrganization());
                    // 设置为不可继承原始角色
                    userOrg.setHasOriginalRole(CommonConstants.DEACTIVE_STATUS);
                    userOrganizationMapper.updateByPrimaryKey(userOrg);
                    // 添加日志
                    operationLogService
                            .updateDataAddLog(generateUpdateLogParams(OperateLogType.OperationLogUser.value(),
                                    orgName + CommonConstants.DashSignSeparator + operateUserName, operateUserName,
                                    OperationAction.Update.value(), OperationModule.UserOrganization.value()));
                }
            } else {
                // 机构在维度上的,设置可继承或者不可继承
                userRoleService.updateUserDimensionNonAccess(r);
            }
        }
        OperationResultDto operationResultDto = new OperationResultDto<>();
        operationResultDto.setResult(true);
        return operationResultDto;
    }

}