去掉演示数据bizdata
This commit is contained in:
wh
@@ -1,30 +1,15 @@
|
||||
package com.labelsys.backend.service;
|
||||
|
||||
import com.labelsys.backend.context.LoginUser;
|
||||
import com.labelsys.backend.entity.BizDataRecord;
|
||||
import com.labelsys.backend.enums.UserRole;
|
||||
import com.labelsys.backend.mapper.BizDataRecordMapper;
|
||||
import java.util.List;
|
||||
import java.util.function.Function;
|
||||
import java.util.stream.Collectors;
|
||||
|
||||
import lombok.RequiredArgsConstructor;
|
||||
import org.springframework.stereotype.Service;
|
||||
|
||||
@Service
|
||||
@RequiredArgsConstructor
|
||||
public class DataPermissionService {
|
||||
|
||||
private final BizDataRecordMapper bizDataRecordMapper;
|
||||
|
||||
public List<BizDataRecord> listVisibleRecords(LoginUser currentUser) {
|
||||
return switch (currentUser.role()) {
|
||||
case EMPLOYEE -> bizDataRecordMapper.listVisibleByEmployee(currentUser.companyId(), currentUser.userId());
|
||||
case MANAGER -> bizDataRecordMapper.listVisibleByManager(currentUser.companyId());
|
||||
case ENGINEER -> bizDataRecordMapper.listVisibleByEngineer(currentUser.companyId());
|
||||
};
|
||||
}
|
||||
|
||||
public boolean canAccessCreator(LoginUser currentUser, Long creatorId, UserRole creatorRole) {
|
||||
return switch (currentUser.role()) {
|
||||
case EMPLOYEE -> currentUser.userId().equals(creatorId);
|
||||
@@ -34,21 +19,14 @@ public class DataPermissionService {
|
||||
}
|
||||
|
||||
/**
|
||||
* 通用数据过滤方法(内存过滤,适用于已加载的数据)
|
||||
*
|
||||
* @param currentUser 当前登录用户
|
||||
* @param allRecords 待过滤的全量数据列表
|
||||
* @param roleExtractor 从数据对象中提取"关联角色"或"创建者角色"的函数
|
||||
* @param ownerIdExtractor 从数据对象中提取"所有者ID"的函数(用于员工只能看自己的情况)
|
||||
* @param <T> 数据类型
|
||||
* @return 过滤后的数据列表
|
||||
* Generic in-memory role-based data filter for records already loaded in memory.
|
||||
*/
|
||||
public <T> List<T> filterByRole(
|
||||
LoginUser currentUser,
|
||||
List<T> allRecords,
|
||||
Function<T, UserRole> roleExtractor,
|
||||
Function<T, Long> ownerIdExtractor) {
|
||||
|
||||
|
||||
if (allRecords == null || allRecords.isEmpty()) {
|
||||
return List.of();
|
||||
}
|
||||
@@ -62,49 +40,29 @@ public class DataPermissionService {
|
||||
Long recordOwnerId = ownerIdExtractor.apply(record);
|
||||
|
||||
return switch (currentRole) {
|
||||
case EMPLOYEE ->
|
||||
currentUserId.equals(recordOwnerId);
|
||||
|
||||
case MANAGER ->
|
||||
recordRole == UserRole.EMPLOYEE || recordRole == UserRole.MANAGER;
|
||||
|
||||
case ENGINEER ->
|
||||
true;
|
||||
case EMPLOYEE -> currentUserId.equals(recordOwnerId);
|
||||
case MANAGER -> recordRole == UserRole.EMPLOYEE || recordRole == UserRole.MANAGER;
|
||||
case ENGINEER -> true;
|
||||
};
|
||||
})
|
||||
.collect(Collectors.toList());
|
||||
}
|
||||
|
||||
/**
|
||||
* 针对 BizDataRecord 的便捷调用方法
|
||||
*/
|
||||
public List<BizDataRecord> listVisibleRecordsGeneric(LoginUser currentUser, List<BizDataRecord> allRecords) {
|
||||
return filterByRole(
|
||||
currentUser,
|
||||
allRecords,
|
||||
BizDataRecord::getCreatorRole,
|
||||
BizDataRecord::getCreatorId
|
||||
);
|
||||
}
|
||||
|
||||
/**
|
||||
* 获取当前用户允许查看的角色列表(用于构建 SQL 查询条件)
|
||||
*
|
||||
* @param currentUser 当前登录用户
|
||||
* @return 允许查看的角色列表
|
||||
* Returns the creator roles visible to the current user for SQL-side filtering.
|
||||
*/
|
||||
public List<String> getAllowedRoles(LoginUser currentUser) {
|
||||
return switch (currentUser.role()) {
|
||||
case EMPLOYEE -> List.of(); // 员工通过 userId 过滤,不需要角色列表
|
||||
case EMPLOYEE -> List.of();
|
||||
case MANAGER -> List.of("EMPLOYEE", "MANAGER");
|
||||
case ENGINEER -> List.of("EMPLOYEE", "MANAGER", "ENGINEER");
|
||||
};
|
||||
}
|
||||
|
||||
/**
|
||||
* 判断当前用户是否应该通过 userId 过滤(员工专属)
|
||||
* Whether SQL queries should additionally restrict by creator/user id.
|
||||
*/
|
||||
public boolean shouldFilterByUserId(LoginUser currentUser) {
|
||||
return currentUser.role() == UserRole.EMPLOYEE;
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
Reference in New Issue
Block a user