权限过滤

0c221fdb · 刘基明 · 20365d17 · 0c221fdb · 0c221fdb · 0c221fdb
Commit 0c221fdb authored Feb 22, 2022 by 刘基明
5 changed files
--- a/community-service/src/main/java/com/tanpu/community/manager/CommentManager.java
+++ b/community-service/src/main/java/com/tanpu/community/manager/CommentManager.java
@@ -24,6 +24,7 @@ import com.tanpu.community.service.CommentService;
 import com.tanpu.community.service.NotificationService;
 import com.tanpu.community.service.ReportLogService;
 import com.tanpu.community.service.ThemeService;
+import com.tanpu.community.service.TopicService;
 import com.tanpu.community.util.ConvertUtil;
 import org.apache.commons.lang3.StringUtils;
 import org.springframework.beans.factory.annotation.Autowired;
@@ -62,6 +63,8 @@ public class CommentManager {
    @Autowired
    private ThemeService themeService;
+    @Resource
+    private TopicService topicService;
    // 评论（对主题）
    // 发表评论（对主题）
@@ -124,6 +127,9 @@ public class CommentManager {
        } else {
            likeCommentList = Sets.newHashSetWithExpectedSize(0);
        }
+        // 查询管理员
+        ThemeEntity themeEntity = themeService.queryByThemeId(themeId);
+        String managerId = topicService.getManagerId(themeEntity.getTopicId());
        for (CommentQo commentQo : commentQos) {
            // 封装用户信息
@@ -133,7 +139,13 @@ public class CommentManager {
            commentQo.setHasLiked(likeCommentList.contains(commentId));
            Integer countByTypeAndId = collectionService.getCountByTypeAndId(commentId, CollectionTypeEnum.LIKE_COMMENT);
            commentQo.setLikeCount(countByTypeAndId);
+            // 是否管理员
+            if (commentQo.getAuthorId().equals(managerId)) {
                commentQo.setManager(true);
+            } else {
+                commentQo.setManager(false);
+            }
        }
        //排序：点赞降序+时间降序
@@ -157,7 +169,7 @@ public class CommentManager {
            commentQo.setBelongUserOrgName(userInfo.getBelongUserOrgName());
        }
        // 回复用户名
-        if (StringUtils.isNotBlank(commentQo.getReplyUserId())){
+        if (StringUtils.isNotBlank(commentQo.getReplyUserId())) {
            UserInfoResp replyUser = redisCache.getObject(StringUtils.joinWith("_", CACHE_FEIGN_USER_INFO, authorId),
                    60, () -> this.getUserInfo(commentQo.getReplyUserId()), UserInfoResp.class);
            if (replyUser != null) {

--- a/community-service/src/main/java/com/tanpu/community/manager/ThemeManager.java
+++ b/community-service/src/main/java/com/tanpu/community/manager/ThemeManager.java
@@ -467,8 +467,7 @@ public class ThemeManager {
    /**
     * 查询主题列表：推荐/关注/热门/最新
     */
-    // 查询主题列表：推荐/关注/热门/最新
+    public ThemeListResp queryList(ThemeListReq req, String userId) {
-    public ThemeListResp queryList(ThemeListReq req, String userId111) {
        List<String> excludeIds = new ArrayList<>();
        LocalDateTime firstThemeTime = LocalDateTime.now();
        if (req.page.pageNumber > 1) {
@@ -492,6 +491,7 @@ public class ThemeManager {
            // 需要筛掉用户访问过详情的 & 最近出现在列表页过的.
            List<String> visitedIds = StringUtils.isEmpty(req.getUserId()) ? Lists.newArrayListWithCapacity(0) : visitLogService.queryUserRecentVisited(req.getUserId());
            List<String> excludes = ListUtils.union(excludeIds, visitedIds);
+            // 计算推荐列表
            List<String> recmdIds = recommendService.getRecommendThemes(pageStart, pageSize, req.getUserId(), excludes, firstThemeTime);
            // 加载第一页时，为防止首页显示空列表,从推荐池中再捞出已看过帖子
@@ -501,8 +501,12 @@ public class ThemeManager {
            }
            themes = themeService.queryByThemeIds(recmdIds);
+            // 权限控制，筛选出当前用户有权限的话题
+            Set<String> userPermitTopics = topicService.getUserPermitTopics(userId);
            // 排序并去重
-            themes = RankUtils.sortThemeEntityByIds(themes, recmdIds).stream().limit(pageSize).collect(Collectors.toList());
+            themes = RankUtils.sortThemeEntityByIds(themes, recmdIds,userPermitTopics).stream().limit(pageSize).collect(Collectors.toList());
        } else if (ThemeListTypeEnum.FOLLOW.getCode().equals(req.getType())) {

--- a/community-service/src/main/java/com/tanpu/community/manager/TopicManager.java
+++ b/community-service/src/main/java/com/tanpu/community/manager/TopicManager.java
@@ -56,7 +56,11 @@ public class TopicManager {
    // 首页-话题标签
    public List<TopicRankQo> getTop4TopicTitles() {
-        return rankService.getRankTopicListTop4();
+        List<TopicRankQo> rankTopicListTop4 = rankService.getRankTopicListTop4();
+        //检查权限
+        topicService.batchCheckPermission(rankTopicListTop4, userHolder.getUserId());
+        return rankTopicListTop4;
    }
    // 话题列表
@@ -98,6 +102,7 @@ public class TopicManager {
        topicFollowQos.stream().forEach(o -> {
            TopicRankQo topicRankQo = topicMap.get(o.getTopicId());
            BeanUtils.copyProperties(topicRankQo, o);
+            o.setHasPermission(true);
        });

--- a/community-service/src/main/java/com/tanpu/community/service/TopicService.java
+++ b/community-service/src/main/java/com/tanpu/community/service/TopicService.java
@@ -11,9 +11,9 @@ import com.tanpu.community.api.beans.qo.TopicPageDetailQo;
 import com.tanpu.community.api.beans.qo.TopicRankQo;
 import com.tanpu.community.api.beans.req.topic.TopicDiscussionReq;
 import com.tanpu.community.api.beans.resp.CoursePackageSimpleResp;
-import com.tanpu.community.api.beans.vo.feign.product.FundCompanyVO;
 import com.tanpu.community.api.beans.vo.feign.activity.OfflineActivitySimpleResp;
 import com.tanpu.community.api.beans.vo.feign.fatools.UserInfoResp;
+import com.tanpu.community.api.beans.vo.feign.product.FundCompanyVO;
 import com.tanpu.community.api.beans.vo.feign.product.ProductInfoVO;
 import com.tanpu.community.api.enums.DeleteTagEnum;
 import com.tanpu.community.api.enums.StatusEnum;
@@ -37,7 +37,9 @@ import java.time.LocalDateTime;
 import java.util.ArrayList;
 import java.util.Arrays;
 import java.util.Collections;
+import java.util.HashSet;
 import java.util.List;
+import java.util.Set;
 import java.util.stream.Collectors;
@@ -248,6 +250,10 @@ public class TopicService {
    }
    public String getManagerId(String topicId) {
+        if (StringUtils.isBlank(topicId)) {
+            return "";
+        }
        List<TopicManagerEntity> topicManagerEntities = topicManagerMapper.selectList(new LambdaQueryWrapper<TopicManagerEntity>().eq(TopicManagerEntity::getTopicId, topicId));
        List<String> managerIds = topicManagerEntities.stream().map(TopicManagerEntity::getUserId).collect(Collectors.toList());
@@ -265,6 +271,7 @@ public class TopicService {
    /**
     * 查询资源关联的话题
+     *
     * @param req
     * @return
     */
@@ -274,7 +281,7 @@ public class TopicService {
                .eq(TopicSubjectEntity::getSubjectType, req.getSubjectType())
                .orderByDesc(TopicSubjectEntity::getCreateTime));
-        if (CollectionUtils.isEmpty(topicSubjectEntities)){
+        if (CollectionUtils.isEmpty(topicSubjectEntities)) {
            return null;
        }
        String topicId = topicSubjectEntities.get(0).getTopicId();
@@ -285,4 +292,24 @@ public class TopicService {
    }
+    public Set<String> getUserPermitTopics(String userId) {
+        // 公开权限的话题
+        List<TopicEntity> openTopics = topicMapper.selectList(new LambdaQueryWrapper<TopicEntity>()
+                .eq(TopicEntity::getSpecialPermission, StatusEnum.TRUE.getCode())
+                .eq(TopicEntity::getDeleteTag, StatusEnum.FALSE.getCode())
+                .eq(TopicEntity::getIsConceal, StatusEnum.FALSE.getCode()));
+        Set<String> openTopicIds = openTopics.stream().map(TopicEntity::getTopicId).collect(Collectors.toSet());
+        if (StringUtils.isBlank(userId)) {
+            return openTopicIds;
+        }
+        // 拥有权限的话题
+        List<String> followTopics = topicFollowRelMapper.selectTopicIdByUserId(userId);
+        HashSet<String> res = new HashSet<>(followTopics);
+        res.addAll(openTopicIds);
+        return res;
+    }
 }
--- a/community-service/src/main/java/com/tanpu/community/util/RankUtils.java
+++ b/community-service/src/main/java/com/tanpu/community/util/RankUtils.java
 package com.tanpu.community.util;
 import com.tanpu.community.dao.entity.community.ThemeEntity;
+import org.apache.commons.lang3.StringUtils;
 import java.util.Comparator;
 import java.util.HashMap;
 import java.util.List;
+import java.util.Set;
 import java.util.stream.Collectors;
 public class RankUtils {
@@ -31,4 +33,21 @@ public class RankUtils {
                .collect(Collectors.toList());
        return collect;
    }
+    /**
+     * 根据id排序主题对象（同时过滤权限）
+     * @param list
+     * @param recmdIds
+     * @param topicIds
+     * @return
+     */
+    public static List<ThemeEntity> sortThemeEntityByIds(List<ThemeEntity> list, List<String> recmdIds, Set<String> topicIds){
+        List<ThemeEntity> themes = list.stream().filter(o -> {
+            if (StringUtils.isBlank(o.getTopicId())) return true;
+            if (topicIds.contains(o.getTopicId())) return true;
+            return false;
+        }).collect(Collectors.toList());
+        return sortThemeEntityByIds(themes, recmdIds);
+    }
 }