crm-数据权限：完善数据权限

yudao-module-crm/yudao-module-crm-biz/src/main/java/cn/iocoder/yudao/module/crm/controller/admin/permission/CrmPermissionController.java

@@ -1,7 +1,6 @@
 package cn.iocoder.yudao.module.crm.controller.admin.permission;
 
 import cn.hutool.core.collection.CollUtil;
-import cn.hutool.core.util.ObjUtil;
 import cn.iocoder.yudao.framework.common.pojo.CommonResult;
 import cn.iocoder.yudao.framework.common.util.collection.CollectionUtils;
 import cn.iocoder.yudao.module.crm.controller.admin.permission.vo.CrmPermissionCreateReqVO;
@@ -30,11 +29,9 @@ import javax.annotation.Resource;
 import javax.validation.Valid;
 import java.util.*;
 
-import static cn.iocoder.yudao.framework.common.exception.util.ServiceExceptionUtil.exception;
 import static cn.iocoder.yudao.framework.common.pojo.CommonResult.success;
 import static cn.iocoder.yudao.framework.common.util.collection.CollectionUtils.convertSet;
 import static cn.iocoder.yudao.framework.security.core.util.SecurityFrameworkUtils.getLoginUserId;
-import static cn.iocoder.yudao.module.crm.enums.ErrorCodeConstants.*;
 
 @Tag(name = "管理后台 - CRM 数据权限")
 @RestController
@@ -71,59 +68,21 @@ public class CrmPermissionController {
         return success(true);
     }
 
-    // TODO @puhui999：这个要不要放到 Service 实现，让 Controller 还轻一点；
     @DeleteMapping("/delete")
     @Operation(summary = "删除数据权限")
     @Parameter(name = "ids", description = "数据权限编号", required = true, example = "1024")
     @PreAuthorize("@ss.hasPermission('crm:permission:delete')")
     public CommonResult<Boolean> deletePermission(@RequestParam("ids") Collection<Long> ids) {
-        List<CrmPermissionDO> permissions = permissionService.getPermissionList(ids);
-        if (CollUtil.isEmpty(permissions)) {
-            throw exception(CRM_PERMISSION_NOT_EXISTS);
-        }
-        Set<Long> bizIds = convertSet(permissions, CrmPermissionDO::getBizId);
-        if (bizIds.size() > 1) { // 情况一：数据权限的模块数据编号是一致的不可能存在两个 TODO @puhui999：这里可以额外说明下原因，就是批量删除权限的时候，只能属于同一个 bizId 下；
-            throw exception(CRM_PERMISSION_DELETE_FAIL);
-        }
-        // TODO @puhui999：下面 2 个，可以忽略。简单点哈；
-        if (permissions.size() != ids.size()) { // 情况二：期望数量和实际结果不一致
-            throw exception(CRM_PERMISSION_NOT_EXISTS);
-        }
-        // 情况三：不能包含负责人
-        // TODO @puhui999：isOwner 可以直接放到判断里，不用单独取个变量名
-        boolean isOwner = CollectionUtils.anyMatch(permissions, item -> ObjUtil.equal(item.getLevel(), CrmPermissionLevelEnum.OWNER.getLevel()));
-        if (isOwner) {
-            throw exception(CRM_PERMISSION_DELETE_FAIL_EXIST_OWNER);
-        }
-        // 校验操作人是否为负责人
-        CrmPermissionDO permission = permissionService.getPermission(permissions.get(0).getBizId(), getLoginUserId());
-        if (!CrmPermissionLevelEnum.isOwner(permission.getLevel())) {
-            throw exception(CRM_PERMISSION_DELETE_DENIED);
-        }
-        // 删除数据权限
-        permissionService.deletePermission(ids);
+        permissionService.deletePermissionBatch(ids, getLoginUserId());
         return success(true);
     }
 
-    // TODO @puhui999：这个要不要放到 Service 实现，让 Controller 还轻一点；
-    // TODO @puhui999：delete-self 就可以啦。方法名叫 deleteSelfPermission
-    @DeleteMapping("/deleteSelfPermission")
+    @DeleteMapping("/delete-self")
     @Operation(summary = "删除自己的数据权限")
     @Parameter(name = "id", description = "数据权限编号", required = true, example = "1024")
-    @PreAuthorize("@ss.hasPermission('crm:permission:delete')")
-    public CommonResult<Boolean> deletePermission(@RequestParam("id") Long id) {
-        // 校验数据存在且是自己
-        CrmPermissionDO permission = permissionService.getPermission(id, getLoginUserId());
-        if (permission == null) {
-            throw exception(CRM_PERMISSION_NOT_EXISTS);
-        }
-        // 校验是否是负责人
-        if (CrmPermissionLevelEnum.isOwner(permission.getLevel())) {
-            throw exception(CRM_PERMISSION_DELETE_SELF_PERMISSION_FAIL_EXIST_OWNER);
-        }
-
-        // 删除
-        permissionService.deletePermission(Collections.singletonList(id));
+    @PreAuthorize("@ss.hasPermission('crm:permission:delete')") // TODO puhui999: 数据权限在页面上只是已团队成员组件的形式出现，那么这个权限怎么分配？
+    public CommonResult<Boolean> deleteSelfPermission(@RequestParam("id") Long id) {
+        permissionService.deleteSelfPermission(id, getLoginUserId());
         return success(true);
     }
 

yudao-module-crm/yudao-module-crm-biz/src/main/java/cn/iocoder/yudao/module/crm/convert/permission/CrmPermissionConvert.java

@@ -61,4 +61,6 @@ public interface CrmPermissionConvert {
                 id -> new CrmPermissionDO().setId(id).setLevel(updateReqVO.getLevel()));
     }
 
+    List<CrmPermissionDO> convertList(List<CrmPermissionCreateReqBO> createBOs);
+
 }

yudao-module-crm/yudao-module-crm-biz/src/main/java/cn/iocoder/yudao/module/crm/service/permission/CrmPermissionService.java

@@ -28,6 +28,13 @@ public interface CrmPermissionService {
     Long createPermission(@Valid CrmPermissionCreateReqBO createBO);
 
     /**
+     * 创建数据权限
+     *
+     * @param createBOs 创建信息
+     */
+    void createPermissionBatch(@Valid List<CrmPermissionCreateReqBO> createBOs);
+
+    /**
      * 更新数据权限
      *
      * @param updateReqVO 更新信息
@@ -44,13 +51,6 @@ public interface CrmPermissionService {
     /**
      * 删除数据权限
      *
-     * @param ids 编号
-     */
-    void deletePermission(Collection<Long> ids);
-
-    /**
-     * 删除数据权限
-     *
      * @param bizType 数据类型，关联 {@link CrmBizTypeEnum}
      * @param bizId   数据编号，关联 {@link CrmBizTypeEnum} 对应模块 DO#getId()
      * @param level   数据权限级别，关联 {@link CrmPermissionLevelEnum}
@@ -58,13 +58,19 @@ public interface CrmPermissionService {
     void deletePermission(Integer bizType, Long bizId, Integer level);
 
     /**
-     * 获取用户数据权限通过 权限编号 x 用户编号
+     * 批量删除数据权限
+     *
+     * @param ids 权限编号
+     */
+    void deletePermissionBatch(Collection<Long> ids, Long userId);
+
+    /**
+     * 删除指定用户数据权限
      *
      * @param id     权限编号
      * @param userId 用户编号
-     * @return 数据权限
      */
-    CrmPermissionDO getPermission(Long id, Long userId);
+    void deleteSelfPermission(Long id, Long userId);
 
     /**
      * 获取数据权限列表，通过 数据类型 x 某个数据
@@ -76,14 +82,6 @@ public interface CrmPermissionService {
     List<CrmPermissionDO> getPermissionListByBiz(Integer bizType, Long bizId);
 
     /**
-     * 获得数据权限列表
-     *
-     * @param ids 数据权限编号列表
-     * @return 数据权限列表
-     */
-    List<CrmPermissionDO> getPermissionList(Collection<Long> ids);
-
-    /**
      * 获取用户参与的模块数据列表
      *
      * @param bizType 模块类型

yudao-module-crm/yudao-module-crm-biz/src/main/java/cn/iocoder/yudao/module/crm/service/permission/CrmPermissionServiceImpl.java

@@ -19,6 +19,7 @@ import javax.annotation.Resource;
 import java.util.Collection;
 import java.util.Collections;
 import java.util.List;
+import java.util.Set;
 
 import static cn.iocoder.yudao.framework.common.exception.util.ServiceExceptionUtil.exception;
 import static cn.iocoder.yudao.framework.common.util.collection.CollectionUtils.convertSet;
@@ -53,6 +54,16 @@ public class CrmPermissionServiceImpl implements CrmPermissionService {
     }
 
     @Override
+    public void createPermissionBatch(List<CrmPermissionCreateReqBO> createBOs) {
+        // 1. 校验用户是否存在
+        adminUserApi.validateUserList(convertSet(createBOs, CrmPermissionCreateReqBO::getUserId));
+
+        // 2. 创建
+        List<CrmPermissionDO> permissions = CrmPermissionConvert.INSTANCE.convertList(createBOs);
+        crmPermissionMapper.insertBatch(permissions);
+    }
+
+    @Override
     @Transactional(rollbackFor = Exception.class)
     public void updatePermission(CrmPermissionUpdateReqVO updateReqVO) {
         // 1. 校验存在
@@ -112,16 +123,6 @@ public class CrmPermissionServiceImpl implements CrmPermissionService {
 
     @Override
     @Transactional(rollbackFor = Exception.class)
-    public void deletePermission(Collection<Long> ids) {
-        // 校验存在
-        validateCrmPermissionExists(ids);
-
-        // 删除
-        crmPermissionMapper.deleteBatchIds(ids);
-    }
-
-    @Override
-    @Transactional(rollbackFor = Exception.class)
     public void deletePermission(Integer bizType, Long bizId, Integer level) {
         List<CrmPermissionDO> permissions = crmPermissionMapper.selectListByBizTypeAndBizIdAndLevel(
                 bizType, bizId, level);
@@ -135,21 +136,44 @@ public class CrmPermissionServiceImpl implements CrmPermissionService {
     }
 
     @Override
-    public CrmPermissionDO getPermission(Long id, Long userId) {
-        return crmPermissionMapper.selectByIdAndUserId(id, userId);
+    public void deletePermissionBatch(Collection<Long> ids, Long userId) {
+        List<CrmPermissionDO> permissions = crmPermissionMapper.selectBatchIds(ids);
+        if (CollUtil.isEmpty(permissions)) {
+            throw exception(CRM_PERMISSION_NOT_EXISTS);
+        }
+        Set<Long> bizIds = convertSet(permissions, CrmPermissionDO::getBizId);
+        if (bizIds.size() > 1) { // 情况一：数据权限的模块数据编号是一致的不可能存在两个
+            throw exception(CRM_PERMISSION_DELETE_FAIL);
+        }
+        // 校验操作人是否为负责人
+        CrmPermissionDO permission = crmPermissionMapper.selectByIdAndUserId(permissions.get(0).getBizId(), userId);
+        if (!CrmPermissionLevelEnum.isOwner(permission.getLevel())) {
+            throw exception(CRM_PERMISSION_DELETE_DENIED);
+        }
+
+        // 删除数据权限
+        crmPermissionMapper.deleteBatchIds(ids);
     }
 
     @Override
-    public List<CrmPermissionDO> getPermissionListByBiz(Integer bizType, Long bizId) {
-        return crmPermissionMapper.selectByBizTypeAndBizId(bizType, bizId);
+    public void deleteSelfPermission(Long id, Long userId) {
+        // 校验数据存在且是自己
+        CrmPermissionDO permission = crmPermissionMapper.selectByIdAndUserId(id, userId);
+        if (permission == null) {
+            throw exception(CRM_PERMISSION_NOT_EXISTS);
+        }
+        // 校验是否是负责人
+        if (CrmPermissionLevelEnum.isOwner(permission.getLevel())) {
+            throw exception(CRM_PERMISSION_DELETE_SELF_PERMISSION_FAIL_EXIST_OWNER);
+        }
+
+        // 删除
+        crmPermissionMapper.deleteById(id);
     }
 
     @Override
-    public List<CrmPermissionDO> getPermissionList(Collection<Long> ids) {
-        if (CollUtil.isEmpty(ids)) {
-            return Collections.emptyList();
-        }
-        return crmPermissionMapper.selectBatchIds(ids);
+    public List<CrmPermissionDO> getPermissionListByBiz(Integer bizType, Long bizId) {
+        return crmPermissionMapper.selectByBizTypeAndBizId(bizType, bizId);
     }
 
     @Override

yudao-module-crm/yudao-module-crm-biz/src/main/java/cn/iocoder/yudao/module/crm/util/CrmPermissionUtils.java

@@ -1,27 +0,0 @@
-package cn.iocoder.yudao.module.crm.util;
-
-import cn.hutool.core.util.StrUtil;
-import com.github.yulichang.wrapper.MPJLambdaWrapper;
-
-// TODO @puhui999：这个类还要哇？
-/**
- * 数据权限工具类
- *
- * @author HUIHUI
- */
-public class CrmPermissionUtils {
-
-    /**
-     * 构建用户可查看数据连表条件
-     *
-     * @param mpjLambdaWrapper 多表查询 wrapper
-     * @param bizTyp           模块类型
-     * @param userId           用户
-     */
-    public static void builderRightJoinQuery(MPJLambdaWrapper<?> mpjLambdaWrapper, Integer bizTyp, Long userId) {
-        String querySql = "(SELECT t1.biz_id FROM crm_permission t1 WHERE (t1.biz_type = {} AND t1.user_id = {})) t2 on t.id = t2.biz_id";
-        // 默认主表别名是 t
-        mpjLambdaWrapper.rightJoin(StrUtil.format(querySql, bizTyp, userId));
-    }
-
-}