java
/
emrais


			
							123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201202203204205206207208209210211212213214215216217218219220221222223224225226227228229230231232233234235236237238239240241242243244245246247248249250251252253254255256257258259260261262263264265266267268269270271272273274275276277278279280281282283284285286287288289290291292293294295296297298299300301302303304305306307308309310311312313314315316317318319320321322323324325326327328329330331332333334335336337338339340341342343344345346347348349350351352353354355356357358359360361362363364365366367368369370371372373374375376377378379380381382383384385386387388389390391392393394395396397398399400401402403404405406407408409410411412413414415416417418419420421422423424425426427428429430431432433434435436437438439440441442443444445446447448449450451452453454455
							package com.lantone.security.facade;

import com.baomidou.mybatisplus.core.conditions.query.QueryWrapper;
import com.baomidou.mybatisplus.core.conditions.update.UpdateWrapper;
import com.baomidou.mybatisplus.core.metadata.IPage;
import com.lantone.common.dto.DataAuthDetailDTO;
import com.lantone.common.dto.GetDataAuthByIdDTO;
import com.lantone.common.dto.GetDataAuthDeptDTO;
import com.lantone.common.dto.GetDataAuthDetailDTO;
import com.lantone.common.dto.GetDataAuthDoctorDTO;
import com.lantone.common.dto.GetDataAuthHospitalDTO;
import com.lantone.common.dto.GetDataAuthPageDTO;
import com.lantone.common.dto.GetDataAuthRoleDTO;
import com.lantone.common.dto.GetDataAuthSoftwareDTO;
import com.lantone.common.dto.GetDoctorPageDTO;
import com.lantone.common.dto.SoftwareDataAuthDetail;
import com.lantone.common.exception.Asserts;
import com.lantone.common.service.RedisService;
import com.lantone.common.util.DateUtil;
import com.lantone.common.util.EntityUtil;
import com.lantone.common.util.ListUtil;
import com.lantone.common.util.SysUserUtils;
import com.lantone.common.vo.AddAuthSoftwareVO;
import com.lantone.common.vo.AddAuthVO;
import com.lantone.common.vo.GetDataAuthPageVO;
import com.lantone.common.vo.GetDoctorPageVO;
import com.lantone.common.vo.UpdateAuthVO;
import com.lantone.dblayermbg.entity.DataAuth;
import com.lantone.dblayermbg.entity.DataAuthDetail;
import com.lantone.dblayermbg.entity.DeptUser;
import com.lantone.dblayermbg.entity.RoleSoftwareDataAuth;
import com.lantone.dblayermbg.entity.SoftwareDataAuth;
import com.lantone.dblayermbg.facade.DataAuthDetailFacade;
import com.lantone.dblayermbg.facade.DataAuthFacade;
import com.lantone.dblayermbg.facade.DeptFacade;
import com.lantone.dblayermbg.facade.DeptUserFacade;
import com.lantone.dblayermbg.facade.DoctorFacade;
import com.lantone.dblayermbg.facade.HospitalFacade;
import com.lantone.dblayermbg.facade.HospitalUserFacade;
import com.lantone.dblayermbg.facade.MedoupDoctorFacade;
import com.lantone.dblayermbg.facade.RoleSoftwareDataAuthFacade;
import com.lantone.dblayermbg.facade.SoftwareDataAuthFacade;
import com.lantone.dblayermbg.facade.UserFacade;
import com.lantone.dblayermbg.service.impl.DataAuthDetailServiceImpl;
import com.lantone.dblayermbg.service.impl.RoleSoftwareDataAuthServiceImpl;
import com.lantone.security.enums.DataAuthDataTypeEnum;
import com.lantone.security.enums.DataAuthDetailTypeEnum;
import com.lantone.common.enums.IsDeleteEnum;
import com.lantone.security.enums.SoftwareEnum;
import org.springframework.beans.BeanUtils;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.scheduling.annotation.Async;
import org.springframework.stereotype.Component;

import java.util.ArrayList;
import java.util.HashMap;
import java.util.List;
import java.util.Map;
import java.util.concurrent.atomic.AtomicBoolean;
import java.util.stream.Collectors;


/**
 * @Description:数据权限操作facade
 * @Author songxl
 * @Date 2021/7/21
 */
@Component
public class DataAuthManagementFacade {
    @Autowired
    private DataAuthFacade dataAuthFacade;
    @Autowired
    private SoftwareDataAuthFacade softwareDataAuthFacade;
    @Autowired
    private RoleSoftwareDataAuthFacade roleSoftwareDataAuthFacade;
    @Autowired
    private DataAuthDetailFacade dataAuthDetailFacade;
    @Autowired
    private HospitalFacade hospitalFacade;
    @Autowired
    private DeptFacade deptFacade;
    @Autowired
    private DoctorFacade doctorFacade;
    @Autowired
    private HospitalUserFacade hospitalUserFacade;
    @Autowired
    private RedisService redisService;
    @Autowired
    private DeptUserFacade deptUserFacade;
    @Autowired
    private UserFacade userFacade;
    @Autowired
    private MedoupDoctorFacade medoupDoctorFacade;


    /**
     * @param Id
     * @param status
     * @Description禁用启用数据权限
     * @Return boolean
     */
    public boolean disableDataAuth(Long Id, String status) {
        return dataAuthFacade.update(new UpdateWrapper<DataAuth>()
                .set("status", status)
                .eq("id", Id)
                .eq("is_deleted", IsDeleteEnum.N.getKey()));
    }

    /**
     * @Description修改数据权限
     * @Param [softwareDataAuthVO]
     * @Return boolean
     */
    public boolean updateDataAuth(UpdateAuthVO updateAuthVO) {

        //1.修改数据权限
        boolean dataAuthUpdate = dataAuthFacade.update(new UpdateWrapper<DataAuth>()
                .set("name", updateAuthVO.getUpdateDataAuthVO().getName())
                .eq("id", updateAuthVO.getUpdateDataAuthVO().getId())
                .eq("is_deleted", IsDeleteEnum.N.getKey()));
        if (dataAuthUpdate) {
            //2.获取该权限 系统与数据权限信息关联表（sys_service_data_auth）的关联id
            List<Long> serviceDataAuthIDS = softwareDataAuthFacade.list(new QueryWrapper<SoftwareDataAuth>()
                    .eq("data_auth_id", updateAuthVO.getUpdateDataAuthVO().getId())
                    .eq("is_deleted", IsDeleteEnum.N.getKey())).stream().map(SoftwareDataAuth::getId).collect(Collectors.toList());
            //3.通过serviceDataAuthIDS 删除sys_role_service_data_auth和sys_service_data_auth和sys_data_auth_detail 对应关系
            if (ListUtil.isNotEmpty(serviceDataAuthIDS)) {
                if (!deleteServiceDataAuth(serviceDataAuthIDS)) {
                    Asserts.fail("数据权限与系统关系删除失败");
                }
            }
            //4.插入新建数据权限与系统的关系
            return saveServiceDataAuth(updateAuthVO.getUpdateDataAuthVO().getSoftwareVOS(), updateAuthVO.getRoles(), updateAuthVO.getUpdateDataAuthVO().getId());
        } else {
            Asserts.fail("数据权限修改失败");
        }
        return false;
    }

    /**
     * @Description通过serviceDataAuthIDS删除sys_role_service_data_auth和sys_service_data_auth和sys_data_auth_detail对应关系
     * @Param [serviceDataAuthIDS]
     * @Return void
     */
    public boolean deleteServiceDataAuth(List<Long> serviceDataAuthIDS) {
        if (dataAuthDetailFacade.remove(new UpdateWrapper<DataAuthDetail>()
                .in("software_data_auth_id", serviceDataAuthIDS)
                .eq("is_deleted", IsDeleteEnum.N.getKey()))) {
            if (roleSoftwareDataAuthFacade.remove(new UpdateWrapper<RoleSoftwareDataAuth>()
                    .in("software_data_auth_id", serviceDataAuthIDS)
                    .eq("is_deleted", IsDeleteEnum.N.getKey()))) {
                return softwareDataAuthFacade.remove(new UpdateWrapper<SoftwareDataAuth>()
                        .in("id", serviceDataAuthIDS)
                        .eq("is_deleted", IsDeleteEnum.N.getKey()));
            } else {
                Asserts.fail("数据权限与系统、角色关联关系删除失败");
            }
        } else {
            Asserts.fail("系统数据权限与数据权限明细关联关系删除失败");
        }
        return false;
    }

    /**
     * @param Id
     * @Description删除数据权限
     * @Return boolean
     */
    public boolean deleteDataAuth(Long Id) {
        //1.删除数据权限
        boolean dataAuthdelete = dataAuthFacade.update(new UpdateWrapper<DataAuth>()
                .set("is_deleted", IsDeleteEnum.Y.getKey())
                .eq("id", Id));
        if (dataAuthdelete) {
//            //2.获取该权限 系统与数据权限信息关联表（sys_service_data_auth）的关联id
//            List<Long> serviceDataAuthIDS = softwareDataAuthFacade.list(new QueryWrapper<SoftwareDataAuth>()
//                    .eq("data_auth_id", Id)
//                    .eq("is_deleted", IsDeleteEnum.N.getKey())).stream().map(SoftwareDataAuth::getId).collect(Collectors.toList());
//            //3.通过serviceDataAuthIDS 删除sys_role_service_data_auth和sys_service_data_auth和sys_data_auth_detail 对应关系
//            if (ListUtil.isNotEmpty(serviceDataAuthIDS)) {
//                if (deleteServiceDataAuth(serviceDataAuthIDS)) {
//                    return true;
//                } else {
//                    Asserts.fail("数据权限与系统关系删除失败");
//                }
//            }
            return true;
        } else {
            Asserts.fail("数据权限删除失败");
        }
        return false;
    }

    /**
     * @param addAuthVO
     * @Description添加数据权限
     * @Return boolean
     */
    public boolean addDataAuth(AddAuthVO addAuthVO) {
        //1.插入新建数据权限
        DataAuth dataAuth = new DataAuth();
        BeanUtils.copyProperties(addAuthVO.getAddDataAuthVO(), dataAuth);
        dataAuth.setGmtCreate(DateUtil.now());
        dataAuth.setCreator(SysUserUtils.getCurrentPrincipleId() + "");
        if (dataAuthFacade.save(dataAuth)) {
            //2.插入新建数据权限与系统的关系 sys_software_data_auth
            return saveServiceDataAuth(addAuthVO.getAddDataAuthVO().getSoftwareVOS(), addAuthVO.getRoles(), dataAuth.getId());
        } else {
            Asserts.fail("数据权限插入失败");
        }
        return false;

    }

    /**
     * @param softwareVOS
     * @param roles
     * @param dataAuthId
     * @Description插入新建数据权限与系统的关系
     * @Return void
     */
    private boolean saveServiceDataAuth(List<AddAuthSoftwareVO> softwareVOS, List<Long> roles, Long dataAuthId) {
        AtomicBoolean out = new AtomicBoolean(false);
        softwareVOS.stream().forEach(softwareVO -> {
            SoftwareDataAuth softwareDataAuth = new SoftwareDataAuth();
            softwareDataAuth.setSoftwareId(softwareVO.getId());
            softwareDataAuth.setDataAuthId(dataAuthId);
            softwareDataAuth.setGmtCreate(DateUtil.now());
            softwareDataAuth.setCreator(SysUserUtils.getCurrentPrincipleId() + "");
            if (softwareDataAuthFacade.save(softwareDataAuth)) {
                //2.插入数据权限系统关联表与角色管理sys_role_service_data_auth
                List<RoleSoftwareDataAuth> roleSoftwareDataAuths = new ArrayList<>();
                for (Long roleId : roles) {
                    RoleSoftwareDataAuth roleServiceDataAuth = new RoleSoftwareDataAuth();
                    roleServiceDataAuth.setRoleId(roleId);
                    roleServiceDataAuth.setSoftwareDataAuthId(softwareDataAuth.getId());
                    roleServiceDataAuth.setGmtCreate(DateUtil.now());
                    roleServiceDataAuth.setCreator(SysUserUtils.getCurrentPrincipleId() + "");
                    roleSoftwareDataAuths.add(roleServiceDataAuth);
                }
                if (new RoleSoftwareDataAuthServiceImpl().saveBatch(roleSoftwareDataAuths)) {
                    //3.插入数据权限详细信息。sys_data_auth_detail
                    //自定义时
                    List<DataAuthDetail> dataAuthDetails = new ArrayList<>();
                    if (ListUtil.isNotEmpty(softwareVO.getDataAuthDetails())) {
                        softwareVO.getDataAuthDetails().stream().forEach(dataAuthDetailVO -> {
                            DataAuthDetail dataAuthDetail = new DataAuthDetail();
                            BeanUtils.copyProperties(dataAuthDetailVO, dataAuthDetail);
                            dataAuthDetail.setGmtCreate(DateUtil.now());
                            dataAuthDetail.setCreator(SysUserUtils.getCurrentPrincipleId() + "");
                            dataAuthDetail.setSoftwareDataAuthId(softwareDataAuth.getId());
                            dataAuthDetails.add(dataAuthDetail);
                        });
                    }
                    if (new DataAuthDetailServiceImpl().saveBatch(dataAuthDetails)) {
                        out.set(true);
                    } else {
                        Asserts.fail("数据权限详情插入失败");
                    }
                } else {
                    Asserts.fail("角色对应服务数据权限关系插入失败");
                }

            } else {
                Asserts.fail("服务对应数据权限关系插入失败");
            }
        });
        return out.get();
    }

    /**
     * @Description通过数据权限id获取数据权限详情
     * @Param [serviceDataAuthVO]
     * @Return com.lantone.security.dto.DataAuthDTO
     */
    public GetDataAuthByIdDTO getDataAuthById(Long Id) {
        GetDataAuthByIdDTO dataAuthDTO = new GetDataAuthByIdDTO();
        //1.获取数据权限基本信息
        DataAuth dataAuth = dataAuthFacade.getById(Id);
        if (dataAuth == null) {
            Asserts.fail("该数据权限不存在,请重试");
        }
        BeanUtils.copyProperties(dataAuth, dataAuthDTO);
        List<SoftwareDataAuth> softwareDataAuths = softwareDataAuthFacade.list(new QueryWrapper<SoftwareDataAuth>()
                .eq("data_auth_id", Id)
                .eq("is_deleted", IsDeleteEnum.N.getKey()));
        if (ListUtil.isEmpty(softwareDataAuths)) {
            Asserts.fail("该数据权限无系统信息，请联系管理员");
        }
        List<Long> softwareDataAuthIds = softwareDataAuths.stream().map(SoftwareDataAuth::getId).collect(Collectors.toList());
        //2.系统-(角色、数据权限详情）信息组装
        List<GetDataAuthSoftwareDTO> softwares = new ArrayList<>();
        softwareDataAuths.stream().forEach(softwareDataAuth -> {
            //2.1获取系统信息
            GetDataAuthSoftwareDTO software = new GetDataAuthSoftwareDTO();
            software.setId(softwareDataAuth.getSoftwareId());
            software.setName(SoftwareEnum.getName(softwareDataAuth.getSoftwareId().intValue()));

            //2.2获取角色信息
            List<GetDataAuthRoleDTO> roles = roleSoftwareDataAuthFacade.getBaseMapper().getRole(softwareDataAuth.getId());
            software.setRoles(roles);
            //2.3数据权限详情
            List<SoftwareDataAuthDetail> softwareDataAuthDetails = softwareDataAuthFacade.getBaseMapper().getDataAuthDetail(softwareDataAuth.getId());
            //--非自定义处理
            if (softwareDataAuthDetails.size() == 1 && softwareDataAuthDetails.get(0).getDataType() != DataAuthDataTypeEnum.CUSTOMIZE.getKey()) {
                software.setDataType(softwareDataAuthDetails.get(0).getDataType());
                //--自定义处理
            } else if (softwareDataAuthDetails.get(0).getDataType() == DataAuthDataTypeEnum.CUSTOMIZE.getKey()) {
                //按自定义类型分类
                Map<Integer, List<SoftwareDataAuthDetail>> softwareDataAuthDetailMap = EntityUtil.makeEntityListMap(softwareDataAuthDetails, "detailType");
                //自定义数据
                DataAuthDetailDTO dataAuthDetail = new DataAuthDetailDTO();
                softwareDataAuthDetailMap.keySet().stream().forEach(detailType -> {
                    List<Long> ids = softwareDataAuthDetailMap
                            .get(detailType).stream().map(SoftwareDataAuthDetail::getDetailId).collect(Collectors.toList());
                    //医院
                    if (DataAuthDetailTypeEnum.HOSPITAL.getKey() == detailType) {
                        dataAuthDetail.setHospitals(hospitalFacade.getBaseMapper().getHospitals(ids));
                    }
                    //科室
                    if (DataAuthDetailTypeEnum.DEPT.getKey() == detailType) {
                        dataAuthDetail.setDepts(deptFacade.getBaseMapper().getDepts(ids));
                    }
                    //医生
                    if (DataAuthDetailTypeEnum.DOCTOR.getKey() == detailType) {
                        dataAuthDetail.setDoctors(deptFacade.getBaseMapper().getDoctors(ids));
                    }
                });
                software.setDataAuthDetail(dataAuthDetail);
            }
            softwares.add(software);
        });
        dataAuthDTO.setSoftwares(softwares);
        return dataAuthDTO;
    }


    /**
     * @param getDoctorPageVO
     * @Description通过医院id或科室id获取医生列表
     * @Return com.baomidou.mybatisplus.core.metadata.IPage<com.lantone.common.dto.DoctorDTO>
     */
    public IPage<GetDoctorPageDTO> getDoctorPage(GetDoctorPageVO getDoctorPageVO) {
        return doctorFacade.getBaseMapper().getDoctorPage(getDoctorPageVO);
    }

    /**
     * @param getDataAuthPageVO
     * @Description获取数据权限列表
     * @Return com.baomidou.mybatisplus.core.metadata.IPage<com.lantone.common.dto.DataAuthDTO>
     */
    public IPage<GetDataAuthPageDTO> getDataAuthPage(GetDataAuthPageVO getDataAuthPageVO) {
        //数据权限的创建者不一定是当前登录用户，创建者应为当前登录用户所在医院所有用户
        getDataAuthPageVO.setCreator(SysUserUtils.getCurrentPrincipleId());
        return dataAuthFacade.getBaseMapper().getDataAuthPage(getDataAuthPageVO);
    }

    /**
     * @param
     * @Description获取用户数据权限
     * @Return void
     */
    @Async
    public void initUserDataAuth(Long userId, Long hospitalId,String softwareId) {
        //获取当前用户的数据权限
        List<GetDataAuthDetailDTO> dataAuthDetails = dataAuthFacade.getBaseMapper()
                .getDataAuth(userId, softwareId);
        Map<String, List<Long>> localDataAuthMap = new HashMap<>();
        List<Long> users = new ArrayList<>();
        List<Long> notUsers = new ArrayList<>();

        List<Long> doctors = new ArrayList<>();

        List<Long> depts = new ArrayList<>();
        List<Long> notDepts = new ArrayList<>();

        List<Long> hospitals = new ArrayList<>();
        List<Long> notHospitals = new ArrayList<>();

        if (ListUtil.isNotEmpty(dataAuthDetails)) {
            Map<Integer, List<GetDataAuthDetailDTO>> dataAuthDetailMap = dataAuthDetails.stream()
                    .collect(Collectors.groupingBy(GetDataAuthDetailDTO::getDataType));
            dataAuthDetailMap.keySet().stream().forEach(dataType -> {
                //1:全部组织,2:全部科室,3:全部科室除本科室外,4:本科室,5:本医疗组,6:本人,7:自定义
                //全部组织
                if (DataAuthDataTypeEnum.ALL_HOSPITAL.getKey() == dataType) {
                    //获取当前登录用户的医院id
                    hospitals.add(hospitalId);
                }
                //全部科室
                if (DataAuthDataTypeEnum.ALL_DEPT.getKey() == dataType) {
                    hospitals.add(hospitalId);
                    //获取所有科室
//                    depts.addAll(deptFacade.list(new QueryWrapper<Dept>()
//                            .in("hospital_id",hospitalId)
//                            .eq("is_deleted",IsDeleteEnum.N.getKey())).stream().map(Dept::getId).collect(Collectors.toList()));
                }
                //除了本科室外
                if (DataAuthDataTypeEnum.ALL_DEPT_NOT_SELF.getKey() == dataType) {
                    notDepts.addAll(deptUserFacade.list(new QueryWrapper<DeptUser>()
                            .eq("user_id", userId)
                            .eq("is_deleted", IsDeleteEnum.N.getKey())).stream()
                                .map(DeptUser::getDeptId).collect(Collectors.toList()));
                }
                //本科室
                if (DataAuthDataTypeEnum.ALL_SELF_DEPT.getKey() == dataType) {
                    depts.addAll(deptUserFacade.list(new QueryWrapper<DeptUser>()
                            .eq("user_id", userId)
                            .eq("is_deleted", IsDeleteEnum.N.getKey())).stream()
                            .map(DeptUser::getDeptId).collect(Collectors.toList()));
                }
                //本医疗组
                if (DataAuthDataTypeEnum.SELF_MEDOUP.getKey() == dataType) {
                    doctors.addAll(medoupDoctorFacade.getBaseMapper().getDoctorIdByMedoup(userId));
                }
                //本人
                if (DataAuthDataTypeEnum.SELF_MEDOUP.getKey() == dataType) {
                    users.add(userId);
                }
                //自定义
                if (DataAuthDataTypeEnum.CUSTOMIZE.getKey() == dataType) {
                    Map<Integer, List<GetDataAuthDetailDTO>> dataAuthDetailTypeMap = dataAuthDetailMap.get(dataType).stream()
                            .collect(Collectors.groupingBy(GetDataAuthDetailDTO::getDetailType));
                    dataAuthDetailTypeMap.keySet().stream().forEach(detailType -> {
                        List<Long> ids = dataAuthDetailTypeMap
                                .get(detailType).stream().map(GetDataAuthDetailDTO::getDetailId).collect(Collectors.toList());
                        //医院
                        if (DataAuthDetailTypeEnum.HOSPITAL.getKey() == detailType) {
                            hospitals.addAll(hospitalFacade.getBaseMapper().getHospitals(ids).stream()
                                    .map(GetDataAuthHospitalDTO::getId).collect(Collectors.toList()));
                        }
                        //科室
                        if (DataAuthDetailTypeEnum.DEPT.getKey() == detailType) {
                            depts.addAll(deptFacade.getBaseMapper().getDepts(ids).stream()
                                    .map(GetDataAuthDeptDTO::getId).collect(Collectors.toList()));
                        }
                        //医生
                        if (DataAuthDetailTypeEnum.DOCTOR.getKey() == detailType) {
                            doctors.addAll(deptFacade.getBaseMapper().getDoctors(ids).stream()
                                    .map(GetDataAuthDoctorDTO::getId).collect(Collectors.toList()));
                        }
                    });
                }
            });
            localDataAuthMap.put("users", users);
            localDataAuthMap.put("notUsers", notUsers);
            localDataAuthMap.put("doctors", doctors);
            localDataAuthMap.put("depts", depts);
            localDataAuthMap.put("notDepts", notDepts);
            localDataAuthMap.put("hospitals", hospitals);
            localDataAuthMap.put("notHospitals", notHospitals);
            redisService.hSetAll(hospitalId + "_" + userId + "_" + softwareId, localDataAuthMap);
        }
    }
}