implement more sample-tom api (#78)

1bac55e8 · sinat_25235033 · GitHub · 793f488a · 1bac55e8 · 1bac55e8
8 changed file
--- a/sample-tom/src/main/java/com/usthe/sureness/sample/tom/controller/RoleController.java
+++ b/sample-tom/src/main/java/com/usthe/sureness/sample/tom/controller/RoleController.java
@@ -38,7 +38,7 @@ public class RoleController {
    private RoleService roleService;


-    @GetMapping("/api/{roleId}/{currentPage}/{pageSize}")
+    @GetMapping("/resource/{roleId}/{currentPage}/{pageSize}")
    public ResponseEntity<Message> getResourceOwnByRole(@PathVariable @NotBlank Long roleId, @PathVariable Integer currentPage, @PathVariable Integer pageSize) {
        if (currentPage == null){
            currentPage = 1;
@@ -51,6 +51,19 @@ public class RoleController {
        return ResponseEntity.ok().body(message);
    }

+    @GetMapping("/resource/-/{roleId}/{currentPage}/{pageSize}")
+    public ResponseEntity<Message> getResourceNotOwnByRole(@PathVariable @NotBlank Long roleId, @PathVariable Integer currentPage, @PathVariable Integer pageSize) {
+        if (currentPage == null){
+            currentPage = 1;
+        }
+        if (pageSize == null) {
+            pageSize = 10;
+        }
+        Page<AuthResourceDO> resourcePage = roleService.getPageResourceNotOwnRole(roleId, currentPage, pageSize);
+        Message message = Message.builder().data(resourcePage).build();
+        return ResponseEntity.ok().body(message);
+    }
+
    @PostMapping("/authority/resource/{roleId}/{resourceId}")
    public ResponseEntity<Message> authorityRoleResource(@PathVariable @NotBlank Long roleId,
                                                         @PathVariable @NotBlank Long resourceId) {

--- a/sample-tom/src/main/java/com/usthe/sureness/sample/tom/controller/UserController.java
+++ b/sample-tom/src/main/java/com/usthe/sureness/sample/tom/controller/UserController.java
+package com.usthe.sureness.sample.tom.controller;
+
+import com.usthe.sureness.sample.tom.pojo.dto.Message;
+import com.usthe.sureness.sample.tom.service.AccountService;
+import com.usthe.sureness.subject.SubjectSum;
+import com.usthe.sureness.util.SurenessContextHolder;
+import org.slf4j.Logger;
+import org.slf4j.LoggerFactory;
+import org.springframework.beans.factory.annotation.Autowired;
+import org.springframework.http.HttpStatus;
+import org.springframework.http.ResponseEntity;
+import org.springframework.web.bind.annotation.*;
+
+import java.util.List;
+
+/**
+ *
+ * @author tomsun28
+ * @date 21:05 2018/3/17
+ */
+@RestController
+@RequestMapping("/user")
+public class UserController {
+
+    private static final Logger LOGGER = LoggerFactory.getLogger(UserController.class);
+
+    @Autowired
+    private AccountService accountService;
+
+
+    @GetMapping("/role")
+    public ResponseEntity<Message> getUserRoles() {
+        SubjectSum subject = SurenessContextHolder.getBindSubject();
+        if (subject == null || subject.getPrincipal() == null) {
+            return ResponseEntity.status(HttpStatus.FORBIDDEN).build();
+        }
+        String appId = (String) subject.getPrincipal();
+        List<String> roles = accountService.loadAccountRoles(appId);
+        return ResponseEntity.ok(Message.builder().data(roles).build());
+    }
+
+    @PostMapping("/authority/role/{appId}/{roleId}")
+    public ResponseEntity<Message> authorityUserRole(@PathVariable String appId, @PathVariable Long roleId) {
+        SubjectSum subject = SurenessContextHolder.getBindSubject();
+        if (subject == null || subject.getPrincipal() == null) {
+            return ResponseEntity.status(HttpStatus.FORBIDDEN).build();
+        }
+        String principal = (String) subject.getPrincipal();
+        if (!principal.equals(appId)) {
+            return ResponseEntity.status(HttpStatus.FORBIDDEN).build();
+        }
+
+        boolean flag = accountService.authorityUserRole(appId, roleId);
+        return flag ? ResponseEntity.ok().build() : ResponseEntity.status(HttpStatus.CONFLICT).build();
+    }
+
+    @DeleteMapping("/authority/role/{appId}/{roleId}")
+    public ResponseEntity<Message> deleteAuthorityUserRole(@PathVariable String appId, @PathVariable Long roleId) {
+        SubjectSum subject = SurenessContextHolder.getBindSubject();
+        if (subject == null || subject.getPrincipal() == null) {
+            return ResponseEntity.status(HttpStatus.FORBIDDEN).build();
+        }
+        String principal = (String) subject.getPrincipal();
+        if (!principal.equals(appId)) {
+            return ResponseEntity.status(HttpStatus.FORBIDDEN).build();
+        }
+
+        return accountService.deleteAuthorityUserRole(appId, roleId) ?
+                ResponseEntity.ok().build() : ResponseEntity.status(HttpStatus.CONFLICT).build();
+    }
+}
--- a/sample-tom/src/main/java/com/usthe/sureness/sample/tom/dao/AuthResourceDao.java
+++ b/sample-tom/src/main/java/com/usthe/sureness/sample/tom/dao/AuthResourceDao.java
@@ -46,7 +46,19 @@ public interface AuthResourceDao extends JpaRepository<AuthResourceDO, Long> {
     */
    @Query("select distinct resource from AuthResourceDO resource " +
            "left join AuthRoleResourceBindDO bind on bind.resourceId = resource.id " +
-            "where bind.roleId = :roleId and resource.status = 1 " +
+            "where bind.roleId = :roleId " +
            "order by resource.id asc")
    Page<AuthResourceDO> findRoleOwnResource(@Param("roleId") Long roleId, Pageable request);
+
+    /**
+     * Get the available API resources owned by the current role in the form of paging
+     * @param roleId roleId
+     * @param request page
+     * @return api resource list
+     */
+    @Query("select distinct resource from AuthResourceDO resource " +
+            " where resource.id not in " +
+            "(select distinct bind.resourceId from AuthRoleResourceBindDO bind where bind.roleId = :roleId) " +
+            "order by resource.id asc ")
+    Page<AuthResourceDO> findRoleNotOwnResource(@Param("roleId") Long roleId, Pageable request);
 }
--- a/sample-tom/src/main/java/com/usthe/sureness/sample/tom/dao/AuthUserRoleBindDao.java
+++ b/sample-tom/src/main/java/com/usthe/sureness/sample/tom/dao/AuthUserRoleBindDao.java
@@ -22,4 +22,13 @@ public interface AuthUserRoleBindDao extends JpaRepository<AuthUserRoleBindDO, L
    @Query("select ar from AuthRoleDO ar, AuthUserRoleBindDO bind " +
            "where ar.id = bind.roleId and bind.userId = :userId")
    List<AuthRoleDO> findUserBindRoleList(@Param("userId") Long userId);
+
+    /**
+     * delete record which roleId and userId equals this
+     * @param roleId roleID
+     * @param userId userId
+     */
+    @Query("delete from AuthUserRoleBindDO bind " +
+            "where bind.roleId = :roleId and bind.userId = :userId")
+    void deleteRoleResourceBind(@Param("roleId") Long roleId,@Param("userId") Long userId);
 }
--- a/sample-tom/src/main/java/com/usthe/sureness/sample/tom/service/AccountService.java
+++ b/sample-tom/src/main/java/com/usthe/sureness/sample/tom/service/AccountService.java
@@ -44,4 +44,20 @@ public interface AccountService {
     * @return account
     */
    SurenessAccount loadAccount(String username);
+
+    /**
+     * authority User Role by username and roleId
+     * @param appId account username
+     * @param roleId roleId
+     * @return success-true failed-false
+     */
+    boolean authorityUserRole(String appId, Long roleId);
+
+    /**
+     * delete authority User Role by username and roleId
+     * @param appId account username
+     * @param roleId roleId
+     * @return success-true failed-false
+     */
+    boolean deleteAuthorityUserRole(String appId, Long roleId);
 }
--- a/sample-tom/src/main/java/com/usthe/sureness/sample/tom/service/RoleService.java
+++ b/sample-tom/src/main/java/com/usthe/sureness/sample/tom/service/RoleService.java
@@ -64,6 +64,15 @@ public interface RoleService {
     */
    Page<AuthResourceDO> getPageResourceOwnRole(Long roleId, Integer currentPage, Integer pageSize);

+    /**
+     * get pageable resources which this role not owned
+     * @param roleId role ID
+     * @param currentPage current page
+     * @param pageSize page size
+     * @return Page of resources
+     */
+    Page<AuthResourceDO> getPageResourceNotOwnRole(Long roleId, Integer currentPage, Integer pageSize);
+
    /**
     * authority this resource to this role
     * @param roleId role ID
@@ -77,4 +86,5 @@ public interface RoleService {
     * @param resourceId resource ID
     */
    void deleteAuthorityRoleResource(Long roleId, Long resourceId);
+
 }
--- a/sample-tom/src/main/java/com/usthe/sureness/sample/tom/service/impl/AccountServiceImpl.java
+++ b/sample-tom/src/main/java/com/usthe/sureness/sample/tom/service/impl/AccountServiceImpl.java
@@ -3,8 +3,10 @@ package com.usthe.sureness.sample.tom.service.impl;
 import com.usthe.sureness.provider.DefaultAccount;
 import com.usthe.sureness.provider.SurenessAccount;
 import com.usthe.sureness.sample.tom.dao.AuthUserDao;
+import com.usthe.sureness.sample.tom.dao.AuthUserRoleBindDao;
 import com.usthe.sureness.sample.tom.pojo.dto.Account;
 import com.usthe.sureness.sample.tom.pojo.entity.AuthUserDO;
+import com.usthe.sureness.sample.tom.pojo.entity.AuthUserRoleBindDO;
 import com.usthe.sureness.sample.tom.service.AccountService;
 import com.usthe.sureness.util.Md5Util;
 import com.usthe.sureness.util.SurenessCommonUtil;
@@ -27,6 +29,8 @@ public class AccountServiceImpl implements AccountService {
    @Autowired
    private AuthUserDao authUserDao;

+    private AuthUserRoleBindDao userRoleBindDao;
+
    @Override
    public boolean authenticateAccount(Account account) {
        Optional<AuthUserDO> authUserOptional = authUserDao.findAuthUserByUsername(account.getUsername());
@@ -89,4 +93,29 @@ public class AccountServiceImpl implements AccountService {
            return null;
        }
    }
+
+    @Override
+    public boolean authorityUserRole(String appId, Long roleId) {
+        Optional<AuthUserDO> optional = authUserDao.findAuthUserByUsername(appId);
+        if (!optional.isPresent()) {
+            return false;
+        }
+        Long userId = optional.get().getId();
+        AuthUserRoleBindDO userRoleBindDO = AuthUserRoleBindDO.builder().userId(userId).roleId(roleId).build();
+
+        userRoleBindDao.save(userRoleBindDO);
+        return true;
+    }
+
+    @Override
+    public boolean deleteAuthorityUserRole(String appId, Long roleId) {
+        Optional<AuthUserDO> optional = authUserDao.findAuthUserByUsername(appId);
+        if (!optional.isPresent()) {
+            return false;
+        }
+        Long userId = optional.get().getId();
+        userRoleBindDao.deleteRoleResourceBind(roleId, userId);
+        return true;
+    }
+
 }
--- a/sample-tom/src/main/java/com/usthe/sureness/sample/tom/service/impl/RoleServiceImpl.java
+++ b/sample-tom/src/main/java/com/usthe/sureness/sample/tom/service/impl/RoleServiceImpl.java
@@ -94,6 +94,12 @@ public class RoleServiceImpl implements RoleService {
        return authResourceDao.findRoleOwnResource(roleId, pageRequest);
    }

+    @Override
+    public Page<AuthResourceDO> getPageResourceNotOwnRole(Long roleId, Integer currentPage, Integer pageSize) {
+        PageRequest pageRequest = PageRequest.of(currentPage, pageSize, Sort.Direction.ASC, "id");
+        return authResourceDao.findRoleNotOwnResource(roleId, pageRequest);
+    }
+
    @Override
    public void authorityRoleResource(Long roleId, Long resourceId) {
        // Determine whether this resource and role exist