diff --git a/src/main/java/com/weaver/seconddev/entry/action/PermissionDetailAction.java b/src/main/java/com/weaver/seconddev/entry/action/PermissionDetailAction.java new file mode 100644 index 0000000..77c1a55 --- /dev/null +++ b/src/main/java/com/weaver/seconddev/entry/action/PermissionDetailAction.java @@ -0,0 +1,176 @@ +package com.weaver.seconddev.entry.action; + +import cn.hutool.core.convert.Convert; +import cn.hutool.http.HttpRequest; +import com.alibaba.fastjson.JSON; +import com.alibaba.fastjson.JSONArray; +import com.alibaba.fastjson.JSONObject; +import com.weaver.common.base.entity.result.WeaResult; +import com.weaver.esb.api.rpc.EsbServerlessRpcRemoteInterface; +import com.weaver.seconddev.entry.entity.PermissionTransferModule; +import com.weaver.seconddev.entry.entity.RoleDetail; +import com.weaver.seconddev.portal.constant.ApplicationConfigConstant; +import com.weaver.seconddev.portal.util.PapiUtil; +import lombok.extern.slf4j.Slf4j; +import org.springframework.stereotype.Service; + +import java.util.ArrayList; +import java.util.HashMap; +import java.util.List; +import java.util.Map; + +/** + * @author:dxfeng + * @createTime: 2025/08/04 + * @version: 1.0 + */ +@Slf4j +@Service("PermissionDetailAction") +public class PermissionDetailAction implements EsbServerlessRpcRemoteInterface { + @Override + public WeaResult> execute(Map params) { + Map returnMap = new HashMap<>(); + // 离职员工ID + String employeeId = Convert.toStr(params.get("employeeId"), null); + + // 权限转移操作人员ID + String optUserId = Convert.toStr(params.get("optUserId"), null); + + String papiCode = PapiUtil.getPapiCode(ApplicationConfigConstant.APP_URL, ApplicationConfigConstant.CORP_ID, "B2b"); + String papiToken = PapiUtil.getPapiToken(ApplicationConfigConstant.APP_URL, ApplicationConfigConstant.ORGANIZATION_APP_KEY, ApplicationConfigConstant.ORGANIZATION_APP_SECRET, papiCode); + + // 查询某个人员组织的可以转移的权限数据 + JSONObject jsonObject = new JSONObject(); + // {"type":"resource","opt":"1","targetId":"959466419596591105"} + jsonObject.put("type", "resource"); + jsonObject.put("opt", "1"); + jsonObject.put("targetId", employeeId); + jsonObject.put("access_token", papiToken); + + log.error("jsonObject===" + jsonObject); + String response = HttpRequest.post(ApplicationConfigConstant.APP_URL + "/papi/openapi/api/architecture/permission/transfer/query/v1/module") + .header("Content-Type", "application/json") + .header("optUserId", optUserId) + .body(jsonObject.toJSONString()) + .execute() + .body(); + log.error("response===" + response); + + JSONObject responseJson = JSONObject.parseObject(response); + if (responseJson.getIntValue("code") != 200) { + // 请求失败直接响应失败数据 + return WeaResult.fail(response, true); + } + JSONObject data = responseJson.getJSONObject("data"); + List permissionTransferModuleList = new ArrayList<>(); + PermissionTransferModule roleModule = null; + if (data != null) { + JSONArray permissionTransferModules = data.getJSONArray("permissionTransferModules"); + for (Object permissionTransferModule : permissionTransferModules) { + JSONObject permissionTransferModuleJson = (JSONObject) permissionTransferModule; + PermissionTransferModule module = PermissionTransferModule.builder() + .deleteType(permissionTransferModuleJson.getInteger("deleteType")) + .opt(permissionTransferModuleJson.getInteger("opt")) + .module(permissionTransferModuleJson.getString("module")) + .moduleName(permissionTransferModuleJson.getString("moduleName")) + .subModule(permissionTransferModuleJson.getString("subModule")) + .subModuleName(permissionTransferModuleJson.getString("subModuleName")) + .type(permissionTransferModuleJson.getString("type")) + .content(permissionTransferModuleJson.getString("content")) + .count(permissionTransferModuleJson.getInteger("count")) + .build(); + if ("hrm_role".equals(module.getSubModule())) { + roleModule = module; + } else { + permissionTransferModuleList.add(module); + } + } + } + + // 查询角色明细数据 + List roleDetailList = new ArrayList<>(); + getRoleDetail(employeeId, optUserId, 1, roleDetailList); + + returnMap.put("permissionTransferModuleList", permissionTransferModuleList); + returnMap.put("roleDetailList", roleDetailList); + log.error("returnMap==" + JSON.toJSONString(returnMap)); + return WeaResult.success(returnMap); + } + + + /** + * 获取角色明细数据 + * + * @param employeeId 员工ID + * @param optUserId 操作用户ID + * @param pageNum 当前页码 + * @param roleDetailList 角色明细列表 + * @param roleDetailList + */ + private void getRoleDetail(String employeeId, String optUserId, int pageNum, List roleDetailList) { + String papiCode = PapiUtil.getPapiCode(ApplicationConfigConstant.APP_URL, ApplicationConfigConstant.CORP_ID, "B3b"); + String papiToken = PapiUtil.getPapiToken(ApplicationConfigConstant.APP_URL, ApplicationConfigConstant.ORGANIZATION_APP_KEY, ApplicationConfigConstant.ORGANIZATION_APP_SECRET, papiCode); + + JSONObject jsonObject = new JSONObject(); + jsonObject.put("access_token", papiToken); + jsonObject.put("pageNum", pageNum); + jsonObject.put("pageSize", 10); + jsonObject.put("targetId", employeeId); + jsonObject.put("param", new JSONObject()); + jsonObject.put("opt", "1"); + jsonObject.put("module", "hrm"); + jsonObject.put("subModule", "hrm_role"); + jsonObject.put("type", "resource"); + log.error("getRoleDetail>>jsonObject===" + jsonObject); + String response = HttpRequest.post(ApplicationConfigConstant.APP_URL + "/papi/openapi/api/architecture/permission/transfer/query/v1/module/content") + .header("Content-Type", "application/json") + .header("optUserId", optUserId) + .body(jsonObject.toJSONString()) + .execute() + .body(); + log.error("getRoleDetail>>response===" + response); + + JSONObject responseJson = JSONObject.parseObject(response); + if (responseJson.getIntValue("code") != 200) { + // 请求失败直接响应失败数据 + log.error("response==" + response); + roleDetailList = new ArrayList<>(); + return; + } + JSONObject data = responseJson.getJSONObject("data"); + if (data != null) { + JSONObject page = data.getJSONObject("page"); + JSONArray records = page.getJSONArray("records"); + if (records.size() > 0) { + for (Object record : records) { + JSONObject recordJson = (JSONObject) record; + JSONArray columnValueList = recordJson.getJSONArray("columnValueList"); + if (columnValueList.size() > 0) { + JSONObject columnValue = columnValueList.getJSONObject(0); + RoleDetail roleDetail = RoleDetail.builder() + .sourceId(columnValue.getString("sourceId")) + .roleName(columnValue.getString("dataIndex_0")) + .functionCount(columnValue.getInteger("dataIndex_1")) + .memberCount(columnValue.getInteger("dataIndex_2")) + .build(); + roleDetailList.add(roleDetail); + } + } + } + + int pages = page.getIntValue("pages"); + if (pages > pageNum) { + getRoleDetail(employeeId, optUserId, pageNum + 1, roleDetailList); + } + } + } + + public static void main(String[] args) { + Map params = new HashMap<>(); + params.put("employeeId", "1147262704872284161"); + params.put("optUserId", "1147262704872284161"); + PermissionTransferAction permissionTransferAction = new PermissionTransferAction(); + WeaResult> execute = permissionTransferAction.execute(params); + System.out.println(JSON.toJSONString(execute)); + } +} \ No newline at end of file diff --git a/src/main/java/com/weaver/seconddev/entry/action/PermissionTransferAction.java b/src/main/java/com/weaver/seconddev/entry/action/PermissionTransferAction.java index 8941dc6..3751cc1 100644 --- a/src/main/java/com/weaver/seconddev/entry/action/PermissionTransferAction.java +++ b/src/main/java/com/weaver/seconddev/entry/action/PermissionTransferAction.java @@ -8,13 +8,15 @@ import com.alibaba.fastjson.JSONObject; import com.weaver.common.base.entity.result.WeaResult; import com.weaver.esb.api.rpc.EsbServerlessRpcRemoteInterface; import com.weaver.seconddev.entry.entity.PermissionTransferModule; -import com.weaver.seconddev.entry.entity.RoleDetail; +import com.weaver.seconddev.entry.mapper.ResignationApplyMapper; import com.weaver.seconddev.portal.constant.ApplicationConfigConstant; +import com.weaver.seconddev.portal.entity.param.BaseParam; +import com.weaver.seconddev.portal.util.DateUtil; import com.weaver.seconddev.portal.util.PapiUtil; import lombok.extern.slf4j.Slf4j; +import org.springframework.beans.factory.annotation.Autowired; import org.springframework.stereotype.Service; -import java.util.ArrayList; import java.util.HashMap; import java.util.List; import java.util.Map; @@ -27,150 +29,173 @@ import java.util.Map; @Slf4j @Service("PermissionTransferAction") public class PermissionTransferAction implements EsbServerlessRpcRemoteInterface { + + @Autowired + ResignationApplyMapper resignationApplyMapper; + @Override public WeaResult> execute(Map params) { - Map returnMap = new HashMap<>(); - // 离职员工ID - String employeeId = Convert.toStr(params.get("employeeId"), null); - + log.error("开始执行权限转移操作:{}", DateUtil.getCurrentDateTimeStr()); // 权限转移操作人员ID String optUserId = Convert.toStr(params.get("optUserId"), null); - String papiCode = PapiUtil.getPapiCode(ApplicationConfigConstant.APP_URL, ApplicationConfigConstant.CORP_ID, "B2b"); + Map returnMap = new HashMap<>(); + BaseParam baseParam = new BaseParam(); + // 查询已经提交的离职申请流程,且权限转移生效时间在今天之前的数据 + List permissionTransferModuleList = resignationApplyMapper.getPermissionTransferModuleList(baseParam, DateUtil.getCurrentDateStr()); + // 遍历数据 执行权限转移操作,并反写权限转移结果 + for (PermissionTransferModule permissionTransferModule : permissionTransferModuleList) { + log.error("permissionTransferModule==={}", JSON.toJSONString(permissionTransferModule)); + // 转移该模块全部数据权限 + transferPermission(permissionTransferModule, optUserId, "0"); + // 更新 数据 存储权限转移结果 + resignationApplyMapper.updatePermissionTransferModule(baseParam, permissionTransferModule); + } + + + // 查询角色权限转移数据 + List roleTransferModuleList = resignationApplyMapper.getRoleTransferModuleList(baseParam, DateUtil.getCurrentDateStr()); + for (PermissionTransferModule roleTransferModule : roleTransferModuleList) { + log.error("roleTransferModule==={}", JSON.toJSONString(roleTransferModule)); + transferPermission(roleTransferModule, optUserId, roleTransferModule.getSourceId()); + resignationApplyMapper.updatePermissionTransferModule(baseParam, roleTransferModule); + } + + log.error("结束执行权限转移操作:{}", DateUtil.getCurrentDateTimeStr()); + return WeaResult.success(returnMap); + } + + /** + * 权限转移 + * + * @param permissionTransferModule + * @param optUserId + * @param sourceId + */ + private static void transferPermission(PermissionTransferModule permissionTransferModule, String optUserId, String sourceId) { + String papiCode = PapiUtil.getPapiCode(ApplicationConfigConstant.APP_URL, ApplicationConfigConstant.CORP_ID, "C3c"); String papiToken = PapiUtil.getPapiToken(ApplicationConfigConstant.APP_URL, ApplicationConfigConstant.ORGANIZATION_APP_KEY, ApplicationConfigConstant.ORGANIZATION_APP_SECRET, papiCode); // 查询某个人员组织的可以转移的权限数据 JSONObject jsonObject = new JSONObject(); - // {"type":"resource","opt":"1","targetId":"959466419596591105"} + jsonObject.put("access_token", papiToken); + jsonObject.put("module", permissionTransferModule.getModule()); + jsonObject.put("subModule", permissionTransferModule.getSubModule()); + jsonObject.put("transferId", sourceId); jsonObject.put("type", "resource"); jsonObject.put("opt", "1"); - jsonObject.put("targetId", employeeId); - jsonObject.put("access_token", papiToken); + jsonObject.put("targetIdFrom", permissionTransferModule.getEmployeeId()); + jsonObject.put("targetIdTo", permissionTransferModule.getHandoverId()); - log.error("jsonObject===" + jsonObject); - String response = HttpRequest.post(ApplicationConfigConstant.APP_URL + "/papi/openapi/api/architecture/permission/transfer/query/v1/module") + JSONArray array = new JSONArray(); + array.add(jsonObject); + + log.error("array===" + array); + String response = HttpRequest.post(ApplicationConfigConstant.APP_URL + "/papi/openapi/api/architecture/permission/transfer/module/v1/opt/extend?access_token=" + papiToken) .header("Content-Type", "application/json") .header("optUserId", optUserId) - .body(jsonObject.toJSONString()) + .body(array.toJSONString()) .execute() .body(); log.error("response===" + response); JSONObject responseJson = JSONObject.parseObject(response); if (responseJson.getIntValue("code") != 200) { - // 请求失败直接响应失败数据 - return WeaResult.fail(response, true); + log.error("权限转移失败,接口响应结果=={}", response); + permissionTransferModule.setSuccessCount(-1); + permissionTransferModule.setFailReason("权限转移失败,接口响应结果:" + response); + return; } + JSONObject data = responseJson.getJSONObject("data"); - List permissionTransferModuleList = new ArrayList<>(); - PermissionTransferModule roleModule = null; if (data != null) { - JSONArray permissionTransferModules = data.getJSONArray("permissionTransferModules"); - for (Object permissionTransferModule : permissionTransferModules) { - JSONObject permissionTransferModuleJson = (JSONObject) permissionTransferModule; - PermissionTransferModule module = PermissionTransferModule.builder() - .deleteType(permissionTransferModuleJson.getInteger("deleteType")) - .opt(permissionTransferModuleJson.getInteger("opt")) - .module(permissionTransferModuleJson.getString("module")) - .moduleName(permissionTransferModuleJson.getString("moduleName")) - .subModule(permissionTransferModuleJson.getString("subModule")) - .subModuleName(permissionTransferModuleJson.getString("subModuleName")) - .type(permissionTransferModuleJson.getString("type")) - .content(permissionTransferModuleJson.getString("content")) - .count(permissionTransferModuleJson.getInteger("count")) - .build(); - if ("hrm_role".equals(module.getSubModule())) { - roleModule = module; - } else { - permissionTransferModuleList.add(module); - } - } + String transferId = data.getString("transferId"); + log.error("transferId===" + transferId); + // 查询权限转移执行结果 + queryPermissionTransferResult(permissionTransferModule, optUserId, transferId); } - // 查询角色明细数据 - List roleDetailList = new ArrayList<>(); - getRoleDetail(employeeId, optUserId, 1, roleDetailList); - returnMap.put("permissionTransferModuleList", permissionTransferModuleList); - returnMap.put("roleDetailList", roleDetailList); - log.error("returnMap==" + JSON.toJSONString(returnMap)); - return WeaResult.success(returnMap); } /** - * 获取角色明细数据 - * - * @param employeeId 员工ID - * @param optUserId 操作用户ID - * @param pageNum 当前页码 - * @param roleDetailList 角色明细列表 - * @param roleDetailList + * 查询权限转移执行结果 */ - private void getRoleDetail(String employeeId, String optUserId, int pageNum, List roleDetailList) { - String papiCode = PapiUtil.getPapiCode(ApplicationConfigConstant.APP_URL, ApplicationConfigConstant.CORP_ID, "B3b"); + private static void queryPermissionTransferResult(PermissionTransferModule permissionTransferModule, String optUserId, String transferId) { + queryPermissionTransferResult(permissionTransferModule, optUserId, transferId, 0); + } + + private static void queryPermissionTransferResult(PermissionTransferModule permissionTransferModule, String optUserId, String transferId, int retryCount) { + // 限制重试次数,防止无限递归 + if (retryCount >= 5) { + log.error("权限转移查询超过最大重试次数"); + permissionTransferModule.setSuccessCount(-1); + permissionTransferModule.setFailReason("权限转移查询超过最大重试次数"); + return; + } + + String papiCode = PapiUtil.getPapiCode(ApplicationConfigConstant.APP_URL, ApplicationConfigConstant.CORP_ID, "D4d"); String papiToken = PapiUtil.getPapiToken(ApplicationConfigConstant.APP_URL, ApplicationConfigConstant.ORGANIZATION_APP_KEY, ApplicationConfigConstant.ORGANIZATION_APP_SECRET, papiCode); JSONObject jsonObject = new JSONObject(); jsonObject.put("access_token", papiToken); - jsonObject.put("pageNum", pageNum); - jsonObject.put("pageSize", 10); - jsonObject.put("targetId", employeeId); - jsonObject.put("param", new JSONObject()); - jsonObject.put("opt", "1"); - jsonObject.put("module", "hrm"); - jsonObject.put("subModule", "hrm_role"); - jsonObject.put("type", "resource"); - log.error("getRoleDetail>>jsonObject===" + jsonObject); - String response = HttpRequest.post(ApplicationConfigConstant.APP_URL + "/papi/openapi/api/architecture/permission/transfer/query/v1/module/content") - .header("Content-Type", "application/json") - .header("optUserId", optUserId) - .body(jsonObject.toJSONString()) - .execute() - .body(); - log.error("getRoleDetail>>response===" + response); - JSONObject responseJson = JSONObject.parseObject(response); - if (responseJson.getIntValue("code") != 200) { - // 请求失败直接响应失败数据 - log.error("response==" + response); - roleDetailList = new ArrayList<>(); - return; - } - JSONObject data = responseJson.getJSONObject("data"); - if (data != null) { - JSONObject page = data.getJSONObject("page"); - JSONArray records = page.getJSONArray("records"); - if (records.size() > 0) { - for (Object record : records) { - JSONObject recordJson = (JSONObject) record; - JSONArray columnValueList = recordJson.getJSONArray("columnValueList"); - if (columnValueList.size() > 0) { - JSONObject columnValue = columnValueList.getJSONObject(0); - RoleDetail roleDetail = RoleDetail.builder() - .sourceId(columnValue.getString("sourceId")) - .roleName(columnValue.getString("dataIndex_0")) - .functionCount(columnValue.getInteger("dataIndex_1")) - .memberCount(columnValue.getInteger("dataIndex_2")) - .build(); - roleDetailList.add(roleDetail); - } - } - } + log.error("jsonObject===" + jsonObject); - int pages = page.getIntValue("pages"); - if (pages > pageNum) { - getRoleDetail(employeeId, optUserId, pageNum + 1, roleDetailList); + try { + String response = HttpRequest.post(ApplicationConfigConstant.APP_URL + "/papi/openapi/api/architecture/permission/transfer/module/v1/opt/extend/refresh?transferId=" + transferId) + .header("Content-Type", "application/json") + .header("optUserId", optUserId) + .body(jsonObject.toJSONString()) + .timeout(10000) + .execute() + .body(); + log.error("response===" + response); + + JSONObject responseJson = JSONObject.parseObject(response); + if (responseJson.getIntValue("code") != 200) { + log.error("权限转移失败,接口响应结果=={}", response); + permissionTransferModule.setSuccessCount(-1); + permissionTransferModule.setFailReason("权限转移失败," + response); + return; } + JSONObject data = responseJson.getJSONObject("data"); + JSONArray dataSource = data.getJSONArray("dataSource"); + if (dataSource != null && dataSource.size() > 0) { + JSONObject dataSourceObj = dataSource.getJSONObject(0); + Integer success = dataSourceObj.getInteger("success"); + Integer fail = dataSourceObj.getInteger("fail"); + String cause = dataSourceObj.getString("cause"); + permissionTransferModule.setSuccessCount(success); + permissionTransferModule.setFailCount(fail); + permissionTransferModule.setFailReason(cause); + } else if ("false".equals(data.getString("finished"))) { + // 没有返回dataSource数组,重复调用,增加重试计数 + Thread.sleep(1000); + queryPermissionTransferResult(permissionTransferModule, optUserId, transferId, retryCount + 1); + } else { + log.error("权限转移查询异常,接口响应:" + response); + permissionTransferModule.setSuccessCount(-1); + permissionTransferModule.setFailReason("权限转移查询异常,接口响应:" + response); + } + } catch (Exception e) { + log.error("权限转移查询异常", e); + permissionTransferModule.setSuccessCount(-1); + permissionTransferModule.setFailReason("权限转移查询异常: " + e.getMessage()); } } - public static void main(String[] args) { - Map params = new HashMap<>(); - params.put("employeeId", "1147262704872284161"); - params.put("optUserId", "1147262704872284161"); - PermissionTransferAction permissionTransferAction = new PermissionTransferAction(); - WeaResult> execute = permissionTransferAction.execute(params); - System.out.println(JSON.toJSONString(execute)); - } + //public static void main(String[] args) { + // // + // PermissionTransferModule permissionTransferModule = new PermissionTransferModule(); + // permissionTransferModule.setModule("doc"); + // permissionTransferModule.setSubModule("doc_doc_author_permission"); + // permissionTransferModule.setEmployeeId("1160242985059614723"); + // permissionTransferModule.setHandoverId("1155098662311870470"); + // //transferPermission(permissionTransferModule, "1147262704872284161", "0"); + // + // queryPermissionTransferResult(permissionTransferModule, "1147262704872284161", "1164707182682865680"); + //} + } diff --git a/src/main/java/com/weaver/seconddev/entry/entity/PermissionTransferModule.java b/src/main/java/com/weaver/seconddev/entry/entity/PermissionTransferModule.java index 4592047..a146a8d 100644 --- a/src/main/java/com/weaver/seconddev/entry/entity/PermissionTransferModule.java +++ b/src/main/java/com/weaver/seconddev/entry/entity/PermissionTransferModule.java @@ -25,4 +25,43 @@ public class PermissionTransferModule { private String content; private Integer count; + /** + * 交接人 + */ + private String handoverId; + /** + * 生效类型 + */ + private Integer effectType; + /** + * 生效日期 + */ + private String effectDate; + /** + * 离职员工 + */ + private String employeeId; + /** + * 最后工作日 + */ + private String lastWorkDate; + /** + * 明细表ID + */ + private Long detailId; + /** + * 主表ID + */ + private Long formDataId; + + /** + * 角色数据ID + */ + private String sourceId; + + private Integer successCount; + private Integer failCount; + private String failReason; + + } diff --git a/src/main/java/com/weaver/seconddev/entry/mapper/ResignationApplyMapper.java b/src/main/java/com/weaver/seconddev/entry/mapper/ResignationApplyMapper.java new file mode 100644 index 0000000..bebff4b --- /dev/null +++ b/src/main/java/com/weaver/seconddev/entry/mapper/ResignationApplyMapper.java @@ -0,0 +1,24 @@ +package com.weaver.seconddev.entry.mapper; + +import com.weaver.seconddev.entry.entity.PermissionTransferModule; +import com.weaver.seconddev.portal.entity.param.BaseParam; +import org.apache.ibatis.annotations.Mapper; +import org.apache.ibatis.annotations.Param; + +import java.util.List; + +/** + * @author:dxfeng + * @createTime: 2025/08/05 + * @version: 1.0 + */ +@Mapper +public interface ResignationApplyMapper { + + List getPermissionTransferModuleList(@Param("param") BaseParam param, @Param("currentDate") String currentDate); + + List getRoleTransferModuleList(@Param("param") BaseParam param, @Param("currentDate") String currentDate); + + + int updatePermissionTransferModule(@Param("param") BaseParam param, @Param("module") PermissionTransferModule module); +} diff --git a/src/main/resources/mapper/entry/mapper/ResignationApplyMapper.xml b/src/main/resources/mapper/entry/mapper/ResignationApplyMapper.xml new file mode 100644 index 0000000..50ef70e --- /dev/null +++ b/src/main/resources/mapper/entry/mapper/ResignationApplyMapper.xml @@ -0,0 +1,44 @@ + + + + + + + + + + + + + + + + + + + + update ${param.e10_common}.uf_jcl_lzs_mxb1 set cgs = + #{module.successCount},sbs=#{module.failCount},yy=#{module.failReason} + where id = #{module.detailId} + + + + + + + +