diff --git a/src/main/java/com/labelsys/backend/dto/response/DataRecordResponse.java b/src/main/java/com/labelsys/backend/dto/response/DataRecordResponse.java deleted file mode 100644 index fbdcdb4..0000000 --- a/src/main/java/com/labelsys/backend/dto/response/DataRecordResponse.java +++ /dev/null @@ -1,24 +0,0 @@ -package com.labelsys.backend.dto.response; - -import com.labelsys.backend.entity.BizDataRecord; -import com.labelsys.backend.enums.UserRole; -import io.swagger.v3.oas.annotations.media.Schema; - -@Schema(description = "数据记录响应") -public record DataRecordResponse( - @Schema(description = "记录ID") Long id, - @Schema(description = "公司ID") Long companyId, - @Schema(description = "创建人ID") Long creatorId, - @Schema(description = "创建人角色,枚举值:EMPLOYEE员工、MANAGER部门经理、ENGINEER总工程师") UserRole creatorRole, - @Schema(description = "记录名称") String recordName -) { - public static DataRecordResponse from(BizDataRecord record) { - return new DataRecordResponse( - record.getId(), - record.getCompanyId(), - record.getCreatorId(), - record.getCreatorRole(), - record.getRecordName() - ); - } -} diff --git a/src/main/java/com/labelsys/backend/entity/BizDataRecord.java b/src/main/java/com/labelsys/backend/entity/BizDataRecord.java deleted file mode 100644 index 7d2a7ee..0000000 --- a/src/main/java/com/labelsys/backend/entity/BizDataRecord.java +++ /dev/null @@ -1,27 +0,0 @@ -package com.labelsys.backend.entity; - -import com.baomidou.mybatisplus.annotation.IdType; -import com.baomidou.mybatisplus.annotation.TableId; -import com.baomidou.mybatisplus.annotation.TableName; -import com.labelsys.backend.enums.UserRole; -import java.time.LocalDateTime; -import lombok.AllArgsConstructor; -import lombok.Builder; -import lombok.Data; -import lombok.NoArgsConstructor; - -@Data -@Builder -@NoArgsConstructor -@AllArgsConstructor -@TableName("biz_data_record") -public class BizDataRecord { - @TableId(type = IdType.INPUT) - private Long id; - private Long companyId; - private Long creatorId; - private UserRole creatorRole; - private String recordName; - private LocalDateTime createdAt; - private LocalDateTime updatedAt; -} diff --git a/src/main/java/com/labelsys/backend/mapper/BizDataRecordMapper.java b/src/main/java/com/labelsys/backend/mapper/BizDataRecordMapper.java deleted file mode 100644 index 7f68e16..0000000 --- a/src/main/java/com/labelsys/backend/mapper/BizDataRecordMapper.java +++ /dev/null @@ -1,15 +0,0 @@ -package com.labelsys.backend.mapper; - -import com.baomidou.mybatisplus.core.mapper.BaseMapper; -import com.labelsys.backend.entity.BizDataRecord; -import java.util.List; -import org.apache.ibatis.annotations.Param; - -public interface BizDataRecordMapper extends BaseMapper { - - List listVisibleByEmployee(@Param("companyId") Long companyId, @Param("creatorId") Long creatorId); - - List listVisibleByManager(@Param("companyId") Long companyId); - - List listVisibleByEngineer(@Param("companyId") Long companyId); -} diff --git a/src/main/java/com/labelsys/backend/service/DataPermissionService.java b/src/main/java/com/labelsys/backend/service/DataPermissionService.java index 64a31c8..d674f8f 100644 --- a/src/main/java/com/labelsys/backend/service/DataPermissionService.java +++ b/src/main/java/com/labelsys/backend/service/DataPermissionService.java @@ -1,30 +1,15 @@ package com.labelsys.backend.service; import com.labelsys.backend.context.LoginUser; -import com.labelsys.backend.entity.BizDataRecord; import com.labelsys.backend.enums.UserRole; -import com.labelsys.backend.mapper.BizDataRecordMapper; import java.util.List; import java.util.function.Function; import java.util.stream.Collectors; - -import lombok.RequiredArgsConstructor; import org.springframework.stereotype.Service; @Service -@RequiredArgsConstructor public class DataPermissionService { - private final BizDataRecordMapper bizDataRecordMapper; - - public List listVisibleRecords(LoginUser currentUser) { - return switch (currentUser.role()) { - case EMPLOYEE -> bizDataRecordMapper.listVisibleByEmployee(currentUser.companyId(), currentUser.userId()); - case MANAGER -> bizDataRecordMapper.listVisibleByManager(currentUser.companyId()); - case ENGINEER -> bizDataRecordMapper.listVisibleByEngineer(currentUser.companyId()); - }; - } - public boolean canAccessCreator(LoginUser currentUser, Long creatorId, UserRole creatorRole) { return switch (currentUser.role()) { case EMPLOYEE -> currentUser.userId().equals(creatorId); @@ -34,21 +19,14 @@ public class DataPermissionService { } /** - * 通用数据过滤方法(内存过滤,适用于已加载的数据) - * - * @param currentUser 当前登录用户 - * @param allRecords 待过滤的全量数据列表 - * @param roleExtractor 从数据对象中提取"关联角色"或"创建者角色"的函数 - * @param ownerIdExtractor 从数据对象中提取"所有者ID"的函数(用于员工只能看自己的情况) - * @param 数据类型 - * @return 过滤后的数据列表 + * Generic in-memory role-based data filter for records already loaded in memory. */ public List filterByRole( LoginUser currentUser, List allRecords, Function roleExtractor, Function ownerIdExtractor) { - + if (allRecords == null || allRecords.isEmpty()) { return List.of(); } @@ -62,49 +40,29 @@ public class DataPermissionService { Long recordOwnerId = ownerIdExtractor.apply(record); return switch (currentRole) { - case EMPLOYEE -> - currentUserId.equals(recordOwnerId); - - case MANAGER -> - recordRole == UserRole.EMPLOYEE || recordRole == UserRole.MANAGER; - - case ENGINEER -> - true; + case EMPLOYEE -> currentUserId.equals(recordOwnerId); + case MANAGER -> recordRole == UserRole.EMPLOYEE || recordRole == UserRole.MANAGER; + case ENGINEER -> true; }; }) .collect(Collectors.toList()); } /** - * 针对 BizDataRecord 的便捷调用方法 - */ - public List listVisibleRecordsGeneric(LoginUser currentUser, List allRecords) { - return filterByRole( - currentUser, - allRecords, - BizDataRecord::getCreatorRole, - BizDataRecord::getCreatorId - ); - } - - /** - * 获取当前用户允许查看的角色列表(用于构建 SQL 查询条件) - * - * @param currentUser 当前登录用户 - * @return 允许查看的角色列表 + * Returns the creator roles visible to the current user for SQL-side filtering. */ public List getAllowedRoles(LoginUser currentUser) { return switch (currentUser.role()) { - case EMPLOYEE -> List.of(); // 员工通过 userId 过滤,不需要角色列表 + case EMPLOYEE -> List.of(); case MANAGER -> List.of("EMPLOYEE", "MANAGER"); case ENGINEER -> List.of("EMPLOYEE", "MANAGER", "ENGINEER"); }; } /** - * 判断当前用户是否应该通过 userId 过滤(员工专属) + * Whether SQL queries should additionally restrict by creator/user id. */ public boolean shouldFilterByUserId(LoginUser currentUser) { return currentUser.role() == UserRole.EMPLOYEE; } -} \ No newline at end of file +} diff --git a/src/main/resources/mapper/BizDataRecordMapper.xml b/src/main/resources/mapper/BizDataRecordMapper.xml deleted file mode 100644 index bd3a0bd..0000000 --- a/src/main/resources/mapper/BizDataRecordMapper.xml +++ /dev/null @@ -1,40 +0,0 @@ - - - - - - - - - - - - - - - id, company_id, creator_id, creator_role, record_name, created_at, updated_at - - - - - - - - diff --git a/src/main/resources/sql/data.sql b/src/main/resources/sql/data.sql index 0ea5129..a7a7511 100644 --- a/src/main/resources/sql/data.sql +++ b/src/main/resources/sql/data.sql @@ -55,12 +55,6 @@ INSERT INTO sys_config ( '{"provider":"rustfs","defaultBucket":"source-data"}', 'ENABLED', 2) ON CONFLICT DO NOTHING; -INSERT INTO biz_data_record (id, company_id, creator_id, creator_role, record_name) VALUES - (501, 2, 3, 'EMPLOYEE', '员工创建的数据'), - (502, 2, 5, 'MANAGER', '经理创建的数据'), - (503, 2, 6, 'ENGINEER', '总工程师创建的数据') -ON CONFLICT DO NOTHING; - INSERT INTO source_resource ( id, company_id, creator_id, creator_role, resource_name, resource_type, bucket_name, file_path, file_size, source_status, storage_provider, remark diff --git a/src/main/resources/sql/schema.sql b/src/main/resources/sql/schema.sql index 5e65adc..f5afeef 100644 --- a/src/main/resources/sql/schema.sql +++ b/src/main/resources/sql/schema.sql @@ -10,7 +10,6 @@ DROP TABLE IF EXISTS annotation_result CASCADE; DROP TABLE IF EXISTS annotation_task_resource CASCADE; DROP TABLE IF EXISTS annotation_task CASCADE; DROP TABLE IF EXISTS source_resource CASCADE; -DROP TABLE IF EXISTS biz_data_record CASCADE; DROP TABLE IF EXISTS sys_config CASCADE; DROP TABLE IF EXISTS sys_menu CASCADE; DROP TABLE IF EXISTS sys_user CASCADE; @@ -117,27 +116,6 @@ COMMENT ON COLUMN sys_config.creator_id IS '创建人用户ID。'; COMMENT ON COLUMN sys_config.created_at IS '创建时间。'; COMMENT ON COLUMN sys_config.updated_at IS '更新时间。'; -CREATE TABLE IF NOT EXISTS biz_data_record ( - id BIGINT PRIMARY KEY, - company_id BIGINT NOT NULL, - creator_id BIGINT NOT NULL, - creator_role VARCHAR(32) NOT NULL DEFAULT 'EMPLOYEE', - record_name VARCHAR(255) NOT NULL, - created_at TIMESTAMP DEFAULT CURRENT_TIMESTAMP, - updated_at TIMESTAMP DEFAULT CURRENT_TIMESTAMP, - CONSTRAINT fk_biz_data_record_company FOREIGN KEY (company_id) REFERENCES sys_company(id), - CONSTRAINT fk_biz_data_record_creator FOREIGN KEY (creator_id) REFERENCES sys_user(id) -); - -COMMENT ON TABLE biz_data_record IS '一期数据权限演示表。'; -COMMENT ON COLUMN biz_data_record.id IS '演示记录主键ID。'; -COMMENT ON COLUMN biz_data_record.company_id IS '所属公司ID。'; -COMMENT ON COLUMN biz_data_record.creator_id IS '创建人用户ID。'; -COMMENT ON COLUMN biz_data_record.creator_role IS '创建人数据权限角色,默认 EMPLOYEE。'; -COMMENT ON COLUMN biz_data_record.record_name IS '演示记录名称。'; -COMMENT ON COLUMN biz_data_record.created_at IS '创建时间。'; -COMMENT ON COLUMN biz_data_record.updated_at IS '更新时间。'; - CREATE TABLE IF NOT EXISTS source_resource ( id BIGINT PRIMARY KEY, company_id BIGINT NOT NULL, @@ -416,7 +394,6 @@ CREATE INDEX IF NOT EXISTS idx_sys_user_role ON sys_user(company_id, role); CREATE INDEX IF NOT EXISTS idx_sys_user_position ON sys_user(company_id, position); CREATE INDEX IF NOT EXISTS idx_sys_menu_company_sort ON sys_menu(company_id, sort_order); CREATE INDEX IF NOT EXISTS idx_sys_config_company_type ON sys_config(company_id, config_type); -CREATE INDEX IF NOT EXISTS idx_biz_data_record_company_role ON biz_data_record(company_id, creator_role); CREATE INDEX IF NOT EXISTS idx_source_resource_company_type ON source_resource(company_id, resource_type); CREATE INDEX IF NOT EXISTS idx_source_resource_company_status ON source_resource(company_id, source_status); CREATE INDEX IF NOT EXISTS idx_source_resource_creator ON source_resource(company_id, creator_id);