安全检查授权调试

soc-api/soc-api-system/src/main/java/com/xunmei/system/api/RemoteOrgService.java

@@ -133,7 +133,7 @@ public interface RemoteOrgService {
 
     @GetMapping("/extend/selectSysOrgExtendById")
     SysOrgExtend selectSysOrgExtendById(@RequestParam("orgId") Long orgId, @RequestHeader(SecurityConstants.FROM_SOURCE) String source);
-    @GetMapping("/extend/findByOrgTypeAndParent")
+    @GetMapping("/dept/findByOrgTypeAndParent")
     List<SysOrg> findByOrgTypeAndParent(@RequestParam("orgType")Integer orgType,@RequestParam("path") String path, @RequestHeader(SecurityConstants.FROM_SOURCE) String source);
 
     @PostMapping("/dept/deptTree/hangshewhole")

soc-api/soc-api-system/src/main/java/com/xunmei/system/api/RemoteUserService.java

@@ -4,6 +4,7 @@ import com.xunmei.common.core.constant.SecurityConstants;
 import com.xunmei.common.core.constant.ServiceNameConstants;
 import com.xunmei.common.core.domain.R;
 import com.xunmei.common.core.domain.message.domain.CoreAnnouncementNotificationToRole;
+import com.xunmei.common.core.vo.IdNameVo;
 import com.xunmei.system.api.dto.SysRoleOrgDTO;
 import com.xunmei.system.api.domain.SysUser;
 import com.xunmei.system.api.factory.RemoteUserFallbackFactory;
@@ -72,4 +73,13 @@ public interface RemoteUserService {
 
     @PostMapping("/user/userListByRoleAndOrg")
     public List<SysUser> userListByRoleAndOrg(@RequestBody SysRoleOrgDTO sysRoleOrgDTO, @RequestHeader(SecurityConstants.FROM_SOURCE) String source) ;
+
+    /**
+     * 获取用户的角色id及名称
+     * @param userId
+     * @param source
+     * @return
+     */
+    @GetMapping("/user/getroleinfoofuser")
+    List<IdNameVo> getRoleInfoOfUser(@RequestParam("userId") Long userId, @RequestHeader(SecurityConstants.FROM_SOURCE) String source);
 }

soc-api/soc-api-system/src/main/java/com/xunmei/system/api/factory/RemoteUserFallbackFactory.java

@@ -1,7 +1,9 @@
 package com.xunmei.system.api.factory;
 
+import com.xunmei.common.core.constant.SecurityConstants;
 import com.xunmei.common.core.domain.R;
 import com.xunmei.common.core.domain.message.domain.CoreAnnouncementNotificationToRole;
+import com.xunmei.common.core.vo.IdNameVo;
 import com.xunmei.system.api.RemoteUserService;
 import com.xunmei.system.api.domain.SysUser;
 import com.xunmei.system.api.dto.SysRoleOrgDTO;
@@ -10,6 +12,8 @@ import org.slf4j.Logger;
 import org.slf4j.LoggerFactory;
 import org.springframework.cloud.openfeign.FallbackFactory;
 import org.springframework.stereotype.Component;
+import org.springframework.web.bind.annotation.PathVariable;
+import org.springframework.web.bind.annotation.RequestHeader;
 
 import java.util.ArrayList;
 import java.util.Date;
@@ -72,6 +76,10 @@ public class RemoteUserFallbackFactory implements FallbackFactory<RemoteUserServ
                 return null;
             }
 
+            @Override
+            public  List<IdNameVo> getRoleInfoOfUser(@PathVariable Long userId, @RequestHeader(SecurityConstants.FROM_SOURCE) String source){
+                return null;
+            }
         };
     }
 }

soc-modules/soc-modules-core/src/main/java/com/xunmei/core/safetyCheck/service/impl/SafetyCheckRegisterSericeImpl.java

@@ -12,6 +12,7 @@ import com.xunmei.common.core.exception.ServiceException;
 import com.xunmei.common.core.utils.IDHelper;
 import com.xunmei.common.core.utils.StringUtils;
 import com.xunmei.common.core.utils.bean.BeanUtils;
+import com.xunmei.common.core.vo.IdNameVo;
 import com.xunmei.common.core.web.page.TableDataInfo;
 import com.xunmei.common.security.utils.SecurityUtils;
 import com.xunmei.core.question.QuestionSrcType;
@@ -31,7 +32,9 @@ import com.xunmei.core.safetyCheck.vo.regsiter.*;
 import com.xunmei.system.api.Eto.RoleConditionEto;
 import com.xunmei.system.api.RemoteOrgService;
 import com.xunmei.system.api.RemoteRoleService;
+import com.xunmei.system.api.RemoteUserService;
 import com.xunmei.system.api.domain.SysOrg;
+import com.xunmei.system.api.model.LoginUser;
 import lombok.extern.slf4j.Slf4j;
 import org.springframework.beans.factory.annotation.Autowired;
 import org.springframework.stereotype.Service;
@@ -73,6 +76,9 @@ public class SafetyCheckRegisterSericeImpl extends ServiceImpl<CoreSafetyTaskMap
     @Resource
     RemoteOrgService remoteOrgService;
 
+    @Resource
+    RemoteUserService remoteUserService;
+
     @Override
     public TableDataInfo appList(AppPageDto dto) {
         Page<AppPageVo> page = dto.toPage();
@@ -443,7 +449,7 @@ public class SafetyCheckRegisterSericeImpl extends ServiceImpl<CoreSafetyTaskMap
     public Boolean grant(GrantDto dto) {
         LambdaQueryWrapper<CoreSafetyTask> wrapper = new LambdaQueryWrapper<>();
         wrapper.eq(CoreSafetyTask::getPlanId, dto.getPlanId())
-                .eq(CoreSafetyTask::getOrgId,dto.getBeCheckedOrgId())
+                .eq(CoreSafetyTask::getOrgId, dto.getBeCheckedOrgId())
                 .eq(CoreSafetyTask::getYmdDate, dto.getYmdDate());
         List<CoreSafetyTask> tasks = baseMapper.selectList(wrapper);
         Optional<CoreSafetyTask> taskOptional = tasks.stream().filter(t -> ObjectUtil.equal(t.getId(), dto.getTaskId())).findFirst();
@@ -454,16 +460,31 @@ public class SafetyCheckRegisterSericeImpl extends ServiceImpl<CoreSafetyTaskMap
         if (ObjectUtil.equal(taskOptional.get().getStatus(), SafetyCheckTaskStatus.Completed.getValue())) {
             throw new ServiceException("任务已完成");
         }
-
         Long loginUserId = SecurityUtils.getUserId();
+        if (ObjectUtil.isNotNull(dto.getUserId())) {
+            List<IdNameVo> roles = remoteUserService.getRoleInfoOfUser(dto.getUserId(), SecurityConstants.INNER);
+            if (CollectionUtil.isNotEmpty(roles)) {
+                LambdaQueryWrapper<CoreSafecheckPlanToRole> prWrapper = new LambdaQueryWrapper<>();
+                prWrapper.eq(CoreSafecheckPlanToRole::getPlanId, dto.getPlanId())
+                        .select(CoreSafecheckPlanToRole::getRoleId);
+                List<Long> planRoles = coreSafecheckPlanToRoleMapper.selectList(prWrapper).stream()
+                        .map(CoreSafecheckPlanToRole::getRoleId)
+                        .collect(Collectors.toList());
+
+                if (CollectionUtil.intersection(roles.stream().map(IdNameVo::getId).collect(Collectors.toList()), planRoles).size() > 0) {
+                    throw new ServiceException("用户已在检查角色中，无需授权");
+                }
+            }
+        }
+
         Long uncompletedCount = tasks.stream()
-                .filter(t -> !ObjectUtil.equal(t.getStatus(), SafetyCheckTaskStatus.Completed.getValue()))
+                .filter(t -> !ObjectUtil.equal(t.getStatus(), SafetyCheckTaskStatus.Completed.getValue()) && ObjectUtil.isNull(t.getGrantUserId()))
                 .count();
         Long selfCompletedCount = tasks.stream()
                 .filter(t -> ObjectUtil.equal(t.getStatus(), SafetyCheckTaskStatus.Completed.getValue()) && ObjectUtil.equal(t.getSubmitorId(), loginUserId))
                 .count();
         if (uncompletedCount <= 1 && selfCompletedCount == 0) {
-            throw new ServiceException("任务检查角色必须完成至少一次任务");
+            throw new ServiceException("至少完成一次任务");
         }
 
         LambdaUpdateWrapper<CoreSafetyTask> updateWrapper = new LambdaUpdateWrapper<>();

soc-modules/soc-modules-system/src/main/java/com/xunmei/system/controller/SysUserController.java

@@ -3,10 +3,12 @@ package com.xunmei.system.controller;
 import cn.hutool.core.util.ObjectUtil;
 import com.baomidou.mybatisplus.core.conditions.query.LambdaQueryWrapper;
 import com.baomidou.mybatisplus.core.conditions.query.QueryWrapper;
+import com.xunmei.common.core.constant.SecurityConstants;
 import com.xunmei.common.core.domain.R;
 import com.xunmei.common.core.domain.message.domain.CoreAnnouncementNotificationToRole;
 import com.xunmei.common.core.utils.DateUtils;
 import com.xunmei.common.core.utils.StringUtils;
+import com.xunmei.common.core.vo.IdNameVo;
 import com.xunmei.common.core.web.controller.BaseController;
 import com.xunmei.common.core.web.domain.AjaxResult;
 import com.xunmei.common.log.annotation.Log;
@@ -438,4 +440,23 @@ public class SysUserController extends BaseController {
     public List<SysUser> userListByRoleAndOrg(@RequestBody SysRoleOrgDTO sysRoleOrgDTO) {
         return userService.selectUserListByRoleAndOrg(sysRoleOrgDTO);
     }
+
+    /**
+     * 获取用户的角色id及名称
+     *
+     * @param
+     * @return
+     */
+    @ApiOperation(value = "获取用户的角色id及名称")
+    @InnerAuth
+    @GetMapping("/getroleinfoofuser")
+    public List<IdNameVo> getRoleInfoOfUser(@RequestParam Long userId) {
+        List<UserRoleVo> vos = sysUserRoleService.selectUserRoleVoList(userId);
+        return vos.stream().map(v -> {
+            IdNameVo vo = new IdNameVo();
+            vo.setId(v.getRoleId());
+            vo.setName(v.getRoleName());
+            return vo;
+        }).collect(Collectors.toList());
+    }
 }