家族授权接口和踢出接口处理
This commit is contained in:
parent
8b92c32af3
commit
e540f18ef6
@ -9,17 +9,11 @@ import com.red.circle.other.infra.database.rds.service.family.FamilyMemberInfoSe
|
||||
import com.red.circle.other.infra.enums.family.FamilyRoleEnum;
|
||||
import com.red.circle.other.inner.asserts.FamilyErrorCode;
|
||||
import java.util.Objects;
|
||||
import java.util.Optional;
|
||||
import lombok.RequiredArgsConstructor;
|
||||
import org.springframework.stereotype.Component;
|
||||
|
||||
/**
|
||||
* <p>
|
||||
* 授权用户家族权限.
|
||||
* </p>
|
||||
*
|
||||
* @author pengshigang
|
||||
* @since 2021-07-22
|
||||
*/
|
||||
@Component
|
||||
@RequiredArgsConstructor
|
||||
@ -29,75 +23,87 @@ public class FamilyGrantUserRoleExe {
|
||||
private final FamilyMemberInfoService familyMemberInfoService;
|
||||
|
||||
public void execute(FamilyGrantUserRoleCmd cmd) {
|
||||
ResponseAssert.isTrue(FamilyErrorCode.NOT_EXIST_FAMILY_INFO_DATA, getExistFamilyByUserId(cmd));
|
||||
ResponseAssert.isFalse(CommonErrorCode.INSUFFICIENT_PERMISSION, isGrantAdmin(cmd));
|
||||
ResponseAssert.isTrue(FamilyErrorCode.NOT_EXIST_FAMILY_INFO_DATA,
|
||||
familyCommon.isExistFamilyByUserId(cmd.getReqUserId()));
|
||||
FamilyRoleEnum familyRoleEnum = FamilyRoleEnum.valueOf(cmd.getRoleKey());
|
||||
|
||||
FamilyMemberInfo manageMember = getOperatorMember(cmd);
|
||||
ResponseAssert.notNull(FamilyErrorCode.NOT_EXIST_FAMILY_INFO_DATA, manageMember);
|
||||
FamilyMemberInfo member = getAuthorizedMember(cmd);
|
||||
ResponseAssert.notNull(FamilyErrorCode.NOT_EXIST_FAMILY_INFO_DATA, member);
|
||||
ResponseAssert
|
||||
.isFalse(CommonErrorCode.INSUFFICIENT_PERMISSION, isPermissionDenied(manageMember, member));
|
||||
ResponseAssert.isFalse(CommonErrorCode.OPERATION_CONFLICT,
|
||||
Objects.equals(member.getMemberUserId(), cmd.getReqUserId()));
|
||||
FamilyMemberInfo operator = familyMemberInfoService.getFamilyMemberByUserId(cmd.getReqUserId());
|
||||
ResponseAssert.notNull(FamilyErrorCode.NOT_EXIST_FAMILY_INFO_DATA, operator);
|
||||
|
||||
checkGrantManage(cmd, manageMember);
|
||||
FamilyMemberInfo target = familyMemberInfoService.geMemberByMemberId(cmd.getAuthorizedMemberId());
|
||||
ResponseAssert.notNull(FamilyErrorCode.NOT_EXIST_FAMILY_INFO_DATA, target);
|
||||
|
||||
updateRoleById(cmd);
|
||||
}
|
||||
validateBasicRules(cmd, operator, target);
|
||||
|
||||
private boolean isPermissionDenied(FamilyMemberInfo manageMember, FamilyMemberInfo member) {
|
||||
return Objects.equals(manageMember.getMemberRole(), member.getMemberRole()) && Objects
|
||||
.equals(manageMember.getMemberRole(), FamilyRoleEnum.MANAGE.getKey());
|
||||
}
|
||||
validatePermission(cmd, operator, target);
|
||||
|
||||
validateBusinessRules(cmd, operator);
|
||||
|
||||
private void checkGrantManage(FamilyGrantUserRoleCmd cmd, FamilyMemberInfo manageMember) {
|
||||
|
||||
ResponseAssert.isFalse(FamilyErrorCode.FAMILY_MANAGE_MAX,
|
||||
Objects.equals(manageMember.getMemberRole(), FamilyRoleEnum.MEMBER.getKey()));
|
||||
|
||||
if (!Objects.equals(cmd.getRoleKey(), FamilyRoleEnum.MANAGE.getKey())) {
|
||||
return;
|
||||
}
|
||||
ResponseAssert.isTrue(FamilyErrorCode.FAMILY_MANAGE_MAX, isAllowGrant(cmd, manageMember));
|
||||
}
|
||||
|
||||
private boolean isAllowGrant(FamilyGrantUserRoleCmd cmd, FamilyMemberInfo manageMember) {
|
||||
return getFamilyCurrentManagerCount(manageMember) < getFamilyLevelMaxManagerCount(cmd,
|
||||
manageMember);
|
||||
}
|
||||
|
||||
private Integer getFamilyCurrentManagerCount(FamilyMemberInfo manageMember) {
|
||||
return familyMemberInfoService.getManagerCount(manageMember.getFamilyId());
|
||||
}
|
||||
|
||||
private Integer getFamilyLevelMaxManagerCount(FamilyGrantUserRoleCmd cmd,
|
||||
FamilyMemberInfo manageMember) {
|
||||
return Optional.ofNullable(
|
||||
familyCommon.getFamilyDetails(cmd.getReqSysOrigin().getOrigin(), manageMember.getFamilyId())
|
||||
.getMaxManager()).orElse(0);
|
||||
}
|
||||
|
||||
private Boolean getExistFamilyByUserId(FamilyGrantUserRoleCmd cmd) {
|
||||
return familyCommon.isExistFamilyByUserId(cmd.getReqUserId());
|
||||
}
|
||||
|
||||
private void updateRoleById(FamilyGrantUserRoleCmd cmd) {
|
||||
familyMemberInfoService.updateRoleById(cmd.getAuthorizedMemberId(), cmd.getRoleKey());
|
||||
}
|
||||
|
||||
private boolean isGrantAdmin(FamilyGrantUserRoleCmd cmd) {
|
||||
return Objects.equals(FamilyRoleEnum.ADMIN.getKey(), cmd.getRoleKey());
|
||||
/**
|
||||
* 基础规则校验.
|
||||
*/
|
||||
private void validateBasicRules(FamilyGrantUserRoleCmd cmd, FamilyMemberInfo operator, FamilyMemberInfo target) {
|
||||
// 不能授予族长权限
|
||||
ResponseAssert.isFalse(CommonErrorCode.INSUFFICIENT_PERMISSION,
|
||||
FamilyRoleEnum.ADMIN.getKey().equals(cmd.getRoleKey()));
|
||||
|
||||
// 不能操作自己
|
||||
ResponseAssert.isFalse(CommonErrorCode.OPERATION_CONFLICT,
|
||||
Objects.equals(operator.getMemberUserId(), target.getMemberUserId()));
|
||||
|
||||
ResponseAssert.isFalse(CommonErrorCode.OPERATION_CONFLICT, Objects.equals(target.getMemberRole(), cmd.getRoleKey()));
|
||||
}
|
||||
|
||||
private FamilyMemberInfo getAuthorizedMember(FamilyGrantUserRoleCmd cmd) {
|
||||
return familyMemberInfoService
|
||||
.geMemberByMemberId(cmd.getAuthorizedMemberId());
|
||||
/**
|
||||
* 权限校验.
|
||||
*/
|
||||
private void validatePermission(FamilyGrantUserRoleCmd cmd, FamilyMemberInfo operator, FamilyMemberInfo target) {
|
||||
String operatorRole = operator.getMemberRole();
|
||||
String targetRole = target.getMemberRole();
|
||||
String newRole = cmd.getRoleKey();
|
||||
|
||||
// 操作者是族长
|
||||
if (FamilyRoleEnum.ADMIN.getKey().equals(operatorRole)) {
|
||||
return;
|
||||
}
|
||||
|
||||
// 操作者是管理员
|
||||
if (FamilyRoleEnum.MANAGE.getKey().equals(operatorRole)) {
|
||||
// 管理员不能操作族长
|
||||
ResponseAssert.isFalse(CommonErrorCode.INSUFFICIENT_PERMISSION,
|
||||
FamilyRoleEnum.ADMIN.getKey().equals(targetRole));
|
||||
|
||||
// 管理员不能操作同级管理员
|
||||
ResponseAssert.isFalse(CommonErrorCode.INSUFFICIENT_PERMISSION,
|
||||
FamilyRoleEnum.MANAGE.getKey().equals(targetRole));
|
||||
|
||||
// 管理员只能将成员降级,不能授予管理员权限
|
||||
ResponseAssert.isFalse(CommonErrorCode.INSUFFICIENT_PERMISSION,
|
||||
FamilyRoleEnum.MANAGE.getKey().equals(newRole));
|
||||
|
||||
return;
|
||||
}
|
||||
|
||||
// 操作者是普通成员 - 没有任何授权权限
|
||||
ResponseAssert.isTrue(CommonErrorCode.INSUFFICIENT_PERMISSION, false);
|
||||
}
|
||||
|
||||
private FamilyMemberInfo getOperatorMember(FamilyGrantUserRoleCmd cmd) {
|
||||
return familyMemberInfoService.getFamilyMemberByUserId(cmd.getReqUserId());
|
||||
}
|
||||
/**
|
||||
* 业务规则校验.
|
||||
*/
|
||||
private void validateBusinessRules(FamilyGrantUserRoleCmd cmd, FamilyMemberInfo operator) {
|
||||
// 如果要授予管理员权限,检查管理员数量限制
|
||||
if (FamilyRoleEnum.MANAGE.getKey().equals(cmd.getRoleKey())) {
|
||||
int currentManagerCount = familyMemberInfoService.getManagerCount(operator.getFamilyId());
|
||||
int maxManagerCount = familyCommon
|
||||
.getFamilyDetails(cmd.getReqSysOrigin().getOrigin(), operator.getFamilyId())
|
||||
.getMaxManager();
|
||||
|
||||
ResponseAssert.isTrue(FamilyErrorCode.FAMILY_MANAGE_MAX,
|
||||
currentManagerCount < maxManagerCount);
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
@ -146,13 +146,9 @@ public class FamilyServiceImpl implements FamilyService {
|
||||
@Override
|
||||
public void grantUserRole(FamilyGrantUserRoleCmd cmd) {
|
||||
if (Objects.equals(cmd.getRoleKey(), "REMOVE")) {
|
||||
|
||||
Long userId = familyMemberIdGetUserIdExe.execute(cmd.getAuthorizedMemberId());
|
||||
if (Objects.isNull(userId)) {
|
||||
return;
|
||||
}
|
||||
FamilyRemoveUserCmd removeUserCmd = new FamilyRemoveUserCmd();
|
||||
removeUserCmd.setRemoveMemberId(userId);
|
||||
removeUserCmd.setRemoveMemberId(cmd.getAuthorizedMemberId());
|
||||
removeUserCmd.setReqUserId(cmd.getReqUserId());
|
||||
familyRemoveUserExe.execute(removeUserCmd);
|
||||
return;
|
||||
}
|
||||
|
||||
@ -24,7 +24,7 @@ public class FamilyGrantUserRoleCmd extends AppExtCommand {
|
||||
private Long authorizedMemberId;
|
||||
|
||||
/**
|
||||
* 被授权成员ID.
|
||||
* MANAGE-管理员;MEMBER-用户
|
||||
*/
|
||||
private String roleKey;
|
||||
|
||||
|
||||
Loading…
x
Reference in New Issue
Block a user