diff --git a/rc-service/rc-service-other/other-adapter/src/main/java/com/red/circle/other/adapter/app/BdTeamRestController.java b/rc-service/rc-service-other/other-adapter/src/main/java/com/red/circle/other/adapter/app/BdTeamRestController.java index 0e8c309b..281e5368 100644 --- a/rc-service/rc-service-other/other-adapter/src/main/java/com/red/circle/other/adapter/app/BdTeamRestController.java +++ b/rc-service/rc-service-other/other-adapter/src/main/java/com/red/circle/other/adapter/app/BdTeamRestController.java @@ -1,6 +1,7 @@ package com.red.circle.other.adapter.app; import com.red.circle.common.business.dto.cmd.AppExtCommand; +import com.red.circle.other.app.dto.clientobject.BdPermissionCO; import com.red.circle.other.app.dto.clientobject.BdTeamMemberDetailCO; import com.red.circle.other.app.dto.clientobject.BdTeamOverviewCO; import com.red.circle.other.app.dto.clientobject.BdTeamSummaryCO; @@ -62,4 +63,15 @@ public class BdTeamRestController { public BdTeamSummaryCO queryTeamSummary(AppExtCommand cmd) { return bdTeamService.queryTeamSummary(cmd.getReqUserId()); } + + /** + * 检查BD权限 + *

+ * 返回用户是否有User Editing和Room Editing权限,以及具体的权限列表 + *

+ */ + @PostMapping("/permission/check") + public BdPermissionCO checkPermission(AppExtCommand cmd) { + return bdTeamService.checkPermission(cmd.getReqUserId()); + } } diff --git a/rc-service/rc-service-other/other-application/src/main/java/com/red/circle/other/app/command/bd/query/BdPermissionCheckQryExe.java b/rc-service/rc-service-other/other-application/src/main/java/com/red/circle/other/app/command/bd/query/BdPermissionCheckQryExe.java new file mode 100644 index 00000000..020b96cf --- /dev/null +++ b/rc-service/rc-service-other/other-application/src/main/java/com/red/circle/other/app/command/bd/query/BdPermissionCheckQryExe.java @@ -0,0 +1,80 @@ +package com.red.circle.other.app.command.bd.query; + +import com.red.circle.other.app.dto.clientobject.BdPermissionCO; +import com.red.circle.other.app.enums.violation.ViolationTypeEnum; +import com.red.circle.other.infra.database.rds.service.sys.AdministratorAuthService; +import com.red.circle.other.infra.database.rds.service.sys.AdministratorService; +import com.red.circle.tool.core.collection.CollectionUtils; +import lombok.RequiredArgsConstructor; +import lombok.extern.slf4j.Slf4j; +import org.springframework.stereotype.Component; + +import java.util.Arrays; +import java.util.List; +import java.util.Set; +import java.util.stream.Collectors; + +/** + * BD权限检查执行器 + */ +@Slf4j +@Component +@RequiredArgsConstructor +public class BdPermissionCheckQryExe { + + private final AdministratorService administratorService; + private final AdministratorAuthService administratorAuthService; + + /** + * 执行权限检查 + */ + public BdPermissionCO execute(Long userId) { + BdPermissionCO result = new BdPermissionCO(); + + // 检查是否是管理员 + boolean isAdmin = administratorService.existsAdmin(userId); + + if (!isAdmin) { + // 不是管理员,没有任何权限 + result.setHasUserEditingPermission(false); + result.setHasRoomEditingPermission(false); + result.setPermissions(List.of()); + return result; + } + + // 获取用户的所有权限 + List allAuthResources = administratorAuthService.listAuthResources(userId); + + if (CollectionUtils.isEmpty(allAuthResources)) { + result.setHasUserEditingPermission(false); + result.setHasRoomEditingPermission(false); + result.setPermissions(List.of()); + return result; + } + + // 过滤出属于 ViolationTypeEnum 的权限 + Set validViolationTypes = Arrays.stream(ViolationTypeEnum.values()) + .map(Enum::name) + .collect(Collectors.toSet()); + + List userPermissions = allAuthResources.stream() + .filter(validViolationTypes::contains) + .collect(Collectors.toList()); + + result.setPermissions(userPermissions); + + // 检查 User Editing 权限(USER_NICKNAME | USER_AVATAR) + boolean hasUserEditingPermission = userPermissions.contains(ViolationTypeEnum.USER_NICKNAME.name()) + || userPermissions.contains(ViolationTypeEnum.USER_AVATAR.name()); + result.setHasUserEditingPermission(hasUserEditingPermission); + + // 检查 Room Editing 权限(ROOM_NICKNAME | ROOM_COVER | ROOM_NOTICE | ROOM_THEME) + boolean hasRoomEditingPermission = userPermissions.contains(ViolationTypeEnum.ROOM_NICKNAME.name()) + || userPermissions.contains(ViolationTypeEnum.ROOM_COVER.name()) + || userPermissions.contains(ViolationTypeEnum.ROOM_NOTICE.name()) + || userPermissions.contains(ViolationTypeEnum.ROOM_THEME.name()); + result.setHasRoomEditingPermission(hasRoomEditingPermission); + + return result; + } +} diff --git a/rc-service/rc-service-other/other-application/src/main/java/com/red/circle/other/app/service/BdTeamServiceImpl.java b/rc-service/rc-service-other/other-application/src/main/java/com/red/circle/other/app/service/BdTeamServiceImpl.java index a6061035..a1d69176 100644 --- a/rc-service/rc-service-other/other-application/src/main/java/com/red/circle/other/app/service/BdTeamServiceImpl.java +++ b/rc-service/rc-service-other/other-application/src/main/java/com/red/circle/other/app/service/BdTeamServiceImpl.java @@ -1,8 +1,10 @@ package com.red.circle.other.app.service; +import com.red.circle.other.app.command.bd.query.BdPermissionCheckQryExe; import com.red.circle.other.app.command.bd.query.BdTeamMemberDetailQryExe; import com.red.circle.other.app.command.bd.query.BdTeamQryExe; import com.red.circle.other.app.command.bd.query.BdTeamSummaryQryExe; +import com.red.circle.other.app.dto.clientobject.BdPermissionCO; import com.red.circle.other.app.dto.clientobject.BdTeamMemberDetailCO; import com.red.circle.other.app.dto.clientobject.BdTeamOverviewCO; import com.red.circle.other.app.dto.clientobject.BdTeamSummaryCO; @@ -23,6 +25,7 @@ public class BdTeamServiceImpl implements BdTeamService { private final BdTeamQryExe bdTeamQryExe; private final BdTeamMemberDetailQryExe bdTeamMemberDetailQryExe; private final BdTeamSummaryQryExe bdTeamSummaryQryExe; + private final BdPermissionCheckQryExe bdPermissionCheckQryExe; @Override public BdTeamOverviewCO queryTeamOverview(BdTeamQueryCmd cmd) { @@ -38,4 +41,9 @@ public class BdTeamServiceImpl implements BdTeamService { public BdTeamSummaryCO queryTeamSummary(Long userId) { return bdTeamSummaryQryExe.execute(userId); } + + @Override + public BdPermissionCO checkPermission(Long userId) { + return bdPermissionCheckQryExe.execute(userId); + } } diff --git a/rc-service/rc-service-other/other-client/src/main/java/com/red/circle/other/app/dto/clientobject/BdPermissionCO.java b/rc-service/rc-service-other/other-client/src/main/java/com/red/circle/other/app/dto/clientobject/BdPermissionCO.java new file mode 100644 index 00000000..f92993e5 --- /dev/null +++ b/rc-service/rc-service-other/other-client/src/main/java/com/red/circle/other/app/dto/clientobject/BdPermissionCO.java @@ -0,0 +1,27 @@ +package com.red.circle.other.app.dto.clientobject; + +import lombok.Data; + +import java.util.List; + +/** + * BD权限检查结果 + */ +@Data +public class BdPermissionCO { + + /** + * 是否有 User Editing 权限 + */ + private Boolean hasUserEditingPermission; + + /** + * 是否有 Room Editing 权限 + */ + private Boolean hasRoomEditingPermission; + + /** + * 用户拥有的权限列表(ViolationTypeEnum) + */ + private List permissions; +} diff --git a/rc-service/rc-service-other/other-client/src/main/java/com/red/circle/other/app/service/BdTeamService.java b/rc-service/rc-service-other/other-client/src/main/java/com/red/circle/other/app/service/BdTeamService.java index cd2801e0..33c3ea82 100644 --- a/rc-service/rc-service-other/other-client/src/main/java/com/red/circle/other/app/service/BdTeamService.java +++ b/rc-service/rc-service-other/other-client/src/main/java/com/red/circle/other/app/service/BdTeamService.java @@ -1,5 +1,6 @@ package com.red.circle.other.app.service; +import com.red.circle.other.app.dto.clientobject.BdPermissionCO; import com.red.circle.other.app.dto.clientobject.BdTeamMemberDetailCO; import com.red.circle.other.app.dto.clientobject.BdTeamOverviewCO; import com.red.circle.other.app.dto.clientobject.BdTeamSummaryCO; @@ -45,4 +46,15 @@ public interface BdTeamService { * @return 团队总览 */ BdTeamSummaryCO queryTeamSummary(Long userId); + + /** + * 检查BD权限 + *

+ * 返回用户是否有User Editing和Room Editing权限 + *

+ * + * @param userId 用户ID + * @return 权限检查结果 + */ + BdPermissionCO checkPermission(Long userId); }