From 7aabfec60410c44cb434eda0409b1237d1260c55 Mon Sep 17 00:00:00 2001
From: FatttSnake <fatttsnake@gmail.com>
Date: Wed, 24 May 2023 23:53:27 +0800
Subject: [PATCH] Added permission control for AffairManagement

---
 .../pinnacle/controller/AffairController.java |  8 +++
 .../controller/permission/UserController.java |  7 ++
 .../mapper/permission/UserMapper.java         |  2 +
 .../service/permission/IUserService.java      |  2 +
 .../permission/impl/UserServiceImpl.java      |  5 ++
 .../mapper/permission/UserMapper.xml          | 35 ++++++++++
 sql/Insert.sql                                | 65 +++++++++++++++++++
 ui/src/router/affair.ts                       |  6 +-
 8 files changed, 128 insertions(+), 2 deletions(-)

diff --git a/Pinnacle/src/main/java/com/cfive/pinnacle/controller/AffairController.java b/Pinnacle/src/main/java/com/cfive/pinnacle/controller/AffairController.java
index da0ee71..f3de387 100644
--- a/Pinnacle/src/main/java/com/cfive/pinnacle/controller/AffairController.java
+++ b/Pinnacle/src/main/java/com/cfive/pinnacle/controller/AffairController.java
@@ -9,6 +9,7 @@ import com.cfive.pinnacle.entity.common.ResponseResult;
 import com.cfive.pinnacle.service.IAffairService;
 import com.cfive.pinnacle.utils.WebUtil;
 import org.springframework.beans.factory.annotation.Autowired;
+import org.springframework.security.access.prepost.PreAuthorize;
 import org.springframework.web.bind.annotation.*;
 
 import java.util.List;
@@ -34,6 +35,7 @@ public class AffairController {
 
 
     @PostMapping("/add")
+    @PreAuthorize("hasAuthority('affair:self:add')")
     public ResponseResult<Boolean> addAffair(@RequestBody Affair affair) {
         return ResponseResult.build(ResponseCode.DATABASE_SAVE_OK, "success", affairService.save(affair));
     }
@@ -50,6 +52,7 @@ public class AffairController {
     }//获取当前用户
 
     @GetMapping("/personal_affairs")
+    @PreAuthorize("hasAuthority('affair:self:get')")
     public ResponseResult<List<Affair>> getPersonalAffairs() {
         LambdaQueryWrapper<Affair> wrapper = new LambdaQueryWrapper<>();
         wrapper.eq(Affair::getApplicantId, WebUtil.getLoginUser().getUser().getId());
@@ -59,6 +62,7 @@ public class AffairController {
 
 
     @GetMapping("/not_approved")
+    @PreAuthorize("hasAuthority('affair:manage:get')")
     public ResponseResult<List<Affair>> selectNotApproved() {
         LambdaQueryWrapper<Affair> wrapper = new LambdaQueryWrapper<>();
         wrapper.eq(Affair::getStatus, 0).eq(Affair::getInspectorId, WebUtil.getLoginUser().getUser().getId());
@@ -68,6 +72,7 @@ public class AffairController {
 
 
     @GetMapping("/approved")
+    @PreAuthorize("hasAuthority('affair:manage:get')")
     public ResponseResult<List<Affair>> selectApproved() {
         LambdaQueryWrapper<Affair> wrapper2 = new LambdaQueryWrapper<>();
         wrapper2.ne(Affair::getStatus, 0).eq(Affair::getInspectorId, WebUtil.getLoginUser().getUser().getId());
@@ -76,6 +81,7 @@ public class AffairController {
     }
 
     @PutMapping("/yes")
+    @PreAuthorize("hasAuthority('affair:manage:modify')")
     public ResponseResult updateAffairYes(@RequestBody Affair affair) {
         System.out.println(affair);
         return ResponseResult.build(ResponseCode.DATABASE_UPDATE_OK, "success", affairService.updateAffairYes(affair));
@@ -83,6 +89,7 @@ public class AffairController {
     }
 
     @PutMapping("/no")
+    @PreAuthorize("hasAuthority('affair:manage:modify')")
     public ResponseResult updateAffairNo(@RequestBody Affair affair) {
         return ResponseResult.build(ResponseCode.DATABASE_UPDATE_OK, "success", affairService.updateAffairNo(affair));
         //审批驳回
@@ -90,6 +97,7 @@ public class AffairController {
 
 
     @DeleteMapping("/{id}")
+    @PreAuthorize("hasAuthority('affair:manage:delete')")
     public ResponseResult deleteAffairApproved(@PathVariable Long id) {
         System.out.println("affair");
         return ResponseResult.build(ResponseCode.DATABASE_DELETE_OK, "success", affairService.removeById(id));
diff --git a/Pinnacle/src/main/java/com/cfive/pinnacle/controller/permission/UserController.java b/Pinnacle/src/main/java/com/cfive/pinnacle/controller/permission/UserController.java
index 4bcb9d6..ecf2229 100644
--- a/Pinnacle/src/main/java/com/cfive/pinnacle/controller/permission/UserController.java
+++ b/Pinnacle/src/main/java/com/cfive/pinnacle/controller/permission/UserController.java
@@ -39,6 +39,13 @@ public class UserController {
         return ResponseResult.databaseSelectSuccess(userService.getInfo());
     }
 
+    @GetMapping("/affair")
+    @PreAuthorize("hasAuthority('affair:self:add')")
+    @Operation(summary = "获取拥有审批权限的用户")
+    public ResponseResult<List<User>> getAffairUser() {
+        return ResponseResult.databaseSelectSuccess(userService.getAffairUser());
+    }
+
     @GetMapping
     @PreAuthorize("hasAnyAuthority('system:user:all', 'system:user:add', 'system:user:modify')")
     @Operation(summary = "获取所有用户（权限管理相关）")
diff --git a/Pinnacle/src/main/java/com/cfive/pinnacle/mapper/permission/UserMapper.java b/Pinnacle/src/main/java/com/cfive/pinnacle/mapper/permission/UserMapper.java
index 8db2756..3ffee60 100644
--- a/Pinnacle/src/main/java/com/cfive/pinnacle/mapper/permission/UserMapper.java
+++ b/Pinnacle/src/main/java/com/cfive/pinnacle/mapper/permission/UserMapper.java
@@ -19,6 +19,8 @@ import java.util.List;
 public interface UserMapper extends BaseMapper<User> {
     List<User> getAll();
 
+    List<User> getAllAffairUser();
+
     User getOneById(@Param("id") long id);
 
     User getOneWithPowerByUsername(@Param("username") String username);
diff --git a/Pinnacle/src/main/java/com/cfive/pinnacle/service/permission/IUserService.java b/Pinnacle/src/main/java/com/cfive/pinnacle/service/permission/IUserService.java
index 153392e..2239787 100644
--- a/Pinnacle/src/main/java/com/cfive/pinnacle/service/permission/IUserService.java
+++ b/Pinnacle/src/main/java/com/cfive/pinnacle/service/permission/IUserService.java
@@ -17,6 +17,8 @@ public interface IUserService extends IService<User> {
 
     User getInfo();
 
+    List<User> getAffairUser();
+
     List<User> getAllUser();
 
     User getUser(long id);
diff --git a/Pinnacle/src/main/java/com/cfive/pinnacle/service/permission/impl/UserServiceImpl.java b/Pinnacle/src/main/java/com/cfive/pinnacle/service/permission/impl/UserServiceImpl.java
index 066be4d..07519c2 100644
--- a/Pinnacle/src/main/java/com/cfive/pinnacle/service/permission/impl/UserServiceImpl.java
+++ b/Pinnacle/src/main/java/com/cfive/pinnacle/service/permission/impl/UserServiceImpl.java
@@ -73,6 +73,11 @@ public class UserServiceImpl extends ServiceImpl<UserMapper, User> implements IU
         return WebUtil.getLoginUser().getUser();
     }
 
+    @Override
+    public List<User> getAffairUser() {
+        return userMapper.getAllAffairUser();
+    }
+
     @Override
     public List<User> getAllUser() {
         List<User> users = userMapper.getAll();
diff --git a/Pinnacle/src/main/resources/mapper/permission/UserMapper.xml b/Pinnacle/src/main/resources/mapper/permission/UserMapper.xml
index fe7e775..ddf7691 100644
--- a/Pinnacle/src/main/resources/mapper/permission/UserMapper.xml
+++ b/Pinnacle/src/main/resources/mapper/permission/UserMapper.xml
@@ -106,6 +106,41 @@
         where t_user.deleted = 0
           and t_user.username = #{username};
     </select>
+    <select id="getAllAffairUser" resultMap="userMap">
+        select t_user.id            as user_id,
+               t_user.username      as user_username,
+               t_user.department_id as user_department_id,
+               t_user.enable        as user_enable,
+               t_user.deleted       as user_deleted,
+               t_user.version       as user_version,
+               ts.id                as staff_id,
+               ts.first_name        as staff_first_name,
+               ts.last_name         as staff_last_name,
+               ts.deleted           as staff_deleted,
+               ts.version           as staff_version,
+               tr.id                as role_id,
+               tr.enable            as role_enable,
+               tr.name              as role_name,
+               tr.deleted           as role_deleted,
+               tr.version           as role_version,
+               tg.id                as group_id,
+               tg.name              as group_name,
+               tg.enable            as group_enable,
+               tg.deleted           as group_deleted,
+               tg.version           as group_version
+        from t_user
+                 left join (select * from t_staff where deleted = 0) as ts on ts.user_id = t_user.id
+                 left join (select * from t_user_role where deleted = 0) as tur on t_user.id = tur.user_id
+                 left join (select * from t_role where deleted = 0) as tr on tr.id = tur.role_id
+                 left join (select * from t_user_group where deleted = 0) as tug on t_user.id = tug.user_id
+                 left join (select * from t_group where deleted = 0) as tg on tg.id = tug.group_id
+                 left join (select * from t_power_role where deleted = 0) as tpr on tpr.role_id = tr.id
+                 left join t_power as tp on tp.id = tpr.power_id
+                 left join (select * from t_operation) as t on t.power_id = tp.id
+        where t_user.deleted = 0
+          and t_user.id != 1
+          and t.code = 'affair:manage:modify';
+    </select>
 
     <resultMap id="userMap" type="user">
         <id property="id" column="user_id"/>
diff --git a/sql/Insert.sql b/sql/Insert.sql
index 9ff6189..1a169c0 100644
--- a/sql/Insert.sql
+++ b/sql/Insert.sql
@@ -150,6 +150,71 @@ commit;
 
 
 
+begin;
+insert into t_power (id, type_id)
+values (5010000, 1);
+insert into t_menu (id, name, url, power_id, parent_id)
+VALUES (5010000, '我的事务', '/affair/personalAffairs', id, null);
+commit;
+
+begin;
+insert into t_power(id, type_id)
+VALUES (5010100, 2);
+insert into t_element(id, name, power_id, menu_id)
+VALUES (5010100, '列表', id, 5010000);
+commit;
+
+begin;
+insert into t_power(id, type_id)
+values (5010101, 3);
+insert into t_operation(id, name, code, power_id, element_id, parent_id)
+VALUES (5010101, '获取个人事务', 'affair:self:get', id, 5010100, null);
+commit;
+
+begin;
+insert into t_power(id, type_id)
+values (5010102, 3);
+insert into t_operation(id, name, code, power_id, element_id, parent_id)
+VALUES (5010102, '创建事务', 'affair:self:add', id, 5010100, null);
+commit;
+
+begin;
+insert into t_power (id, type_id)
+values (5020000, 1);
+insert into t_menu (id, name, url, power_id, parent_id)
+VALUES (5020000, '事务管理', '/affair/manage', id, null);
+commit;
+
+begin;
+insert into t_power(id, type_id)
+VALUES (5020100, 2);
+insert into t_element(id, name, power_id, menu_id)
+VALUES (5020100, '列表', id, 5020000);
+commit;
+
+begin;
+insert into t_power(id, type_id)
+values (5020101, 3);
+insert into t_operation(id, name, code, power_id, element_id, parent_id)
+VALUES (5020101, '获取审批事务', 'affair:manage:get', id, 5020100, null);
+commit;
+
+begin;
+insert into t_power(id, type_id)
+values (5020102, 3);
+insert into t_operation(id, name, code, power_id, element_id, parent_id)
+VALUES (5020102, '修改审批事务', 'affair:manage:modify', id, 5020100, null);
+commit;
+
+begin;
+insert into t_power(id, type_id)
+values (5020103, 3);
+insert into t_operation(id, name, code, power_id, element_id, parent_id)
+VALUES (5020103, '删除审批事务', 'affair:manage:delete', id, 5020100, null);
+commit;
+
+
+
 begin;
 insert into t_power (id, type_id)
 values (101010000, 1);
diff --git a/ui/src/router/affair.ts b/ui/src/router/affair.ts
index 75bd2b4..48b7c62 100644
--- a/ui/src/router/affair.ts
+++ b/ui/src/router/affair.ts
@@ -22,7 +22,8 @@ const affairRouter = {
                 title: '我的事务',
                 requiresMenu: true,
                 requiresScrollbar: true,
-                requiresPadding: true
+                requiresPadding: true,
+                requiresAuth: true
             }
         },
         {
@@ -33,7 +34,8 @@ const affairRouter = {
                 title: '事务审批',
                 requiresMenu: true,
                 requiresScrollbar: true,
-                requiresPadding: true
+                requiresPadding: true,
+                requiresAuth: true
             }
         },
         {