perf($auth-center): add PermissionTypeList for remote API

[skip ci]
johnnymillergh · Jan 13, 2021 · 6928368 · 6928368
1 parent a2a183e
commit 6928368
Show file tree

Hide file tree

Showing 7 changed files with 39 additions and 24 deletions.
diff --git a/api-gateway/src/main/java/com/jmsoftware/maf/apigateway/remoteapi/AuthCenterRemoteApi.java b/api-gateway/src/main/java/com/jmsoftware/maf/apigateway/remoteapi/AuthCenterRemoteApi.java
@@ -2,6 +2,7 @@
 
 import com.jmsoftware.maf.common.bean.ResponseBodyBean;
 import com.jmsoftware.maf.common.domain.authcenter.permission.GetPermissionListByRoleIdListResponse;
+import com.jmsoftware.maf.common.domain.authcenter.permission.PermissionType;
 import com.jmsoftware.maf.common.domain.authcenter.role.GetRoleListByUserIdResponse;
 import com.jmsoftware.maf.common.domain.authcenter.security.ParseJwtPayload;
 import com.jmsoftware.maf.common.domain.authcenter.security.ParseJwtResponse;
@@ -49,12 +50,14 @@ public interface AuthCenterRemoteApi {
     /**
      * Get permission list by role id list
      *
-     * @param roleIdList the role id list
+     * @param roleIdList         the role id list
+     * @param permissionTypeList the permission type list
      * @return the response body bean
      */
     @RequestMapping(value = "/permission-remote-api/permissions", method = GET)
     Mono<ResponseBodyBean<GetPermissionListByRoleIdListResponse>> getPermissionListByRoleIdList(
-            @Valid @RequestParam("roleIdList") List<@NotNull Long> roleIdList);
+            @Valid @RequestParam("roleIdList") List<@NotNull Long> roleIdList,
+            @Valid @RequestParam("permissionTypeList") List<@NotNull PermissionType> permissionTypeList);
 
     /**
      * Parse mono.

diff --git a/...ava/com/jmsoftware/maf/apigateway/security/impl/RbacReactiveAuthorizationManagerImpl.java b/...ava/com/jmsoftware/maf/apigateway/security/impl/RbacReactiveAuthorizationManagerImpl.java
@@ -1,6 +1,7 @@
 package com.jmsoftware.maf.apigateway.security.impl;
 
 import cn.hutool.core.util.StrUtil;
+import com.google.common.collect.Lists;
 import com.jmsoftware.maf.apigateway.remoteapi.AuthCenterRemoteApi;
 import com.jmsoftware.maf.common.bean.ResponseBodyBean;
 import com.jmsoftware.maf.common.domain.authcenter.permission.GetPermissionListByRoleIdListPayload;
@@ -86,10 +87,12 @@ private Mono<List<GetPermissionListByRoleIdListResponse.Permission>> retrievePer
         // auth-center will respond /** for role "admin"
         return roleIdListMono.flatMap(
                 roleIdList -> {
-                    GetPermissionListByRoleIdListPayload payload = new GetPermissionListByRoleIdListPayload();
+                    val payload = new GetPermissionListByRoleIdListPayload();
                     payload.setRoleIdList(roleIdList);
-                    return authCenterRemoteApi.getPermissionListByRoleIdList(payload.getRoleIdList()).map(
-                            ResponseBodyBean::getData);
+                    payload.setPermissionTypeList(Lists.newArrayList(PermissionType.BUTTON));
+                    return authCenterRemoteApi.getPermissionListByRoleIdList(payload.getRoleIdList(),
+                                                                             payload.getPermissionTypeList())
+                            .map(ResponseBodyBean::getData);
                 }).map(GetPermissionListByRoleIdListResponse::getPermissionList)
                 .switchIfEmpty(Mono.error(new SecurityException(HttpStatus.FORBIDDEN, "Permission not found!")));
     }
@@ -100,14 +103,12 @@ public Mono<AuthorizationDecision> check(Mono<Authentication> authentication, Au
         val userPrincipalMono = authentication.map(auth -> (UserPrincipal) auth.getPrincipal());
         val roleFlux = this.retrieveRoles(userPrincipalMono);
         val roleIdListMono = this.mapRole(roleFlux);
-        val permissionListMono = this.retrievePermissions(
-                roleIdListMono);
+        val permissionListMono = this.retrievePermissions(roleIdListMono);
         // Aggregate 2 Mono
         val zip = Mono.zip(permissionListMono, userPrincipalMono);
         return zip.map(mapper -> {
             val permissionList = mapper.getT1();
             val buttonPermissionList = permissionList.stream()
-                    .filter(permission -> PermissionType.BUTTON.getType().equals(permission.getType()))
                     .filter(permission -> StrUtil.isNotBlank(permission.getUrl()))
                     .filter(permission -> StrUtil.isNotBlank(permission.getMethod()))
                     .collect(Collectors.toList());

diff --git a/...enter/src/main/java/com/jmsoftware/maf/authcenter/permission/mapper/PermissionMapper.java b/...enter/src/main/java/com/jmsoftware/maf/authcenter/permission/mapper/PermissionMapper.java
@@ -2,7 +2,9 @@
 
 import com.baomidou.mybatisplus.core.mapper.BaseMapper;
 import com.jmsoftware.maf.authcenter.permission.entity.PermissionPersistence;
+import com.jmsoftware.maf.common.domain.authcenter.permission.PermissionType;
 import org.apache.ibatis.annotations.Mapper;
+import org.apache.ibatis.annotations.Param;
 
 import java.util.List;
 
@@ -19,8 +21,10 @@ public interface PermissionMapper extends BaseMapper<PermissionPersistence> {
     /**
      * Select permission list by role id list list.
      *
-     * @param roleIdList the role id list
+     * @param roleIdList         the role id list
+     * @param permissionTypeList the permission type list
      * @return the list
      */
-    List<PermissionPersistence> selectPermissionListByRoleIdList(List<Long> roleIdList);
+    List<PermissionPersistence> selectPermissionListByRoleIdList(@Param("roleIdList") List<Long> roleIdList,
+                                                                 @Param("permissionTypeList") List<PermissionType> permissionTypeList);
 }
diff --git a/...ter/src/main/java/com/jmsoftware/maf/authcenter/permission/service/PermissionService.java b/...ter/src/main/java/com/jmsoftware/maf/authcenter/permission/service/PermissionService.java
@@ -5,6 +5,7 @@
 import com.jmsoftware.maf.authcenter.permission.entity.PermissionPersistence;
 import com.jmsoftware.maf.common.domain.authcenter.permission.GetPermissionListByRoleIdListPayload;
 import com.jmsoftware.maf.common.domain.authcenter.permission.GetPermissionListByRoleIdListResponse;
+import com.jmsoftware.maf.common.domain.authcenter.permission.PermissionType;
 import com.jmsoftware.maf.common.exception.BusinessException;
 import org.springframework.validation.annotation.Validated;
 
@@ -33,15 +34,18 @@ public interface PermissionService extends IService<PermissionPersistence> {
     /**
      * Gets permission list by role id list.
      *
-     * @param roleIdList the role id list
+     * @param roleIdList         the role id list
+     * @param permissionTypeList the permission type list
      * @return the permission list by role id list
      */
-    List<PermissionPersistence> getPermissionListByRoleIdList(@NotEmpty List<Long> roleIdList);
+    List<PermissionPersistence> getPermissionListByRoleIdList(@NotEmpty List<Long> roleIdList,
+                                                              @NotEmpty List<PermissionType> permissionTypeList);
 
     /**
      * Gets services info.
      *
      * @return the services info
+     * @throws BusinessException the business exception
      */
     GetServicesInfoResponse getServicesInfo() throws BusinessException;
 }
diff --git a/...ain/java/com/jmsoftware/maf/authcenter/permission/service/impl/PermissionServiceImpl.java b/...ain/java/com/jmsoftware/maf/authcenter/permission/service/impl/PermissionServiceImpl.java
@@ -17,7 +17,6 @@
 import com.jmsoftware.maf.common.domain.springbootstarter.HttpApiResourcesResponse;
 import com.jmsoftware.maf.common.exception.BusinessException;
 import com.jmsoftware.maf.springbootstarter.configuration.MafProjectProperty;
-import lombok.NonNull;
 import lombok.RequiredArgsConstructor;
 import lombok.extern.slf4j.Slf4j;
 import lombok.val;
@@ -26,7 +25,7 @@
 import org.springframework.web.client.RestTemplate;
 
 import javax.validation.Valid;
-import java.util.Collections;
+import javax.validation.constraints.NotEmpty;
 import java.util.List;
 import java.util.Optional;
 
@@ -61,7 +60,8 @@ public GetPermissionListByRoleIdListResponse getPermissionListByRoleIdList(@Vali
             response.getPermissionList().add(permission);
             return response;
         }
-        val permissionList = this.getPermissionListByRoleIdList(payload.getRoleIdList());
+        val permissionList = this.getPermissionListByRoleIdList(payload.getRoleIdList(),
+                                                                payload.getPermissionTypeList());
         permissionList.forEach(permissionPersistence -> {
             val permission = new GetPermissionListByRoleIdListResponse.Permission();
             BeanUtil.copyProperties(permissionPersistence, permission);
@@ -71,11 +71,9 @@ public GetPermissionListByRoleIdListResponse getPermissionListByRoleIdList(@Vali
     }
 
     @Override
-    public List<PermissionPersistence> getPermissionListByRoleIdList(@NonNull List<Long> roleIdList) {
-        if (CollUtil.isEmpty(roleIdList)) {
-            return Collections.emptyList();
-        }
-        return this.getBaseMapper().selectPermissionListByRoleIdList(roleIdList);
+    public List<PermissionPersistence> getPermissionListByRoleIdList(@NotEmpty List<Long> roleIdList,
+                                                                     @NotEmpty List<PermissionType> permissionTypeList) {
+        return this.getBaseMapper().selectPermissionListByRoleIdList(roleIdList, permissionTypeList);
     }
 
     @Override
@@ -97,9 +95,8 @@ public GetServicesInfoResponse getServicesInfo() throws BusinessException {
                     .orElseThrow(() -> new BusinessException("Internal service mustn't respond null"));
             val data = Optional.of(responseBodyBean.getData())
                     .orElseThrow(() -> new BusinessException("HttpApiResourcesResponse mustn't be null"));
-            HttpApiResourcesResponse httpApiResourcesResponse = mapper.convertValue(data,
-                    HttpApiResourcesResponse.class);
-            GetServicesInfoResponse.ServiceInfo serviceInfo = new GetServicesInfoResponse.ServiceInfo();
+            val httpApiResourcesResponse = mapper.convertValue(data, HttpApiResourcesResponse.class);
+            val serviceInfo = new GetServicesInfoResponse.ServiceInfo();
             serviceInfo.setServiceId(serviceId);
             serviceInfo.setHttpApiResources(httpApiResourcesResponse);
             response.getList().add(serviceInfo);

diff --git a/auth-center/src/main/resources/mapper/permission/PermissionMapper.xml b/auth-center/src/main/resources/mapper/permission/PermissionMapper.xml
@@ -32,8 +32,12 @@
                LEFT JOIN role_permission ON permission.id = role_permission.permission_id
                LEFT JOIN role ON role.id = role_permission.role_id
         WHERE role.id IN
-        <foreach item="item" index="index" collection="list" open="(" separator="," close=")">
+        <foreach item="item" collection="roleIdList" open="(" separator="," close=")">
             #{item}
         </foreach>
+        AND permission.type IN
+        <foreach item="item" collection="permissionTypeList" open="(" separator="," close=")">
+            #{item.type}
+        </foreach>
     </select>
 </mapper>
diff --git a/...oftware/maf/common/domain/authcenter/permission/GetPermissionListByRoleIdListPayload.java b/...oftware/maf/common/domain/authcenter/permission/GetPermissionListByRoleIdListPayload.java
@@ -20,4 +20,6 @@ public class GetPermissionListByRoleIdListPayload {
      */
     @NotEmpty
     private List<Long> roleIdList;
+    @NotEmpty
+    private List<PermissionType> permissionTypeList;
 }