权限过滤2

community-service/src/main/java/com/tanpu/community/manager/ThemeManager.java

@@ -506,7 +506,7 @@ public class ThemeManager {
             Set<String> userPermitTopics = topicService.getUserPermitTopics(userId);
 
             // 排序并去重
-            themes = RankUtils.sortThemeEntityByIds(themes, recmdIds,userPermitTopics).stream().limit(pageSize).collect(Collectors.toList());
+            themes = RankUtils.sortThemeEntityByIds(themes, recmdIds, userPermitTopics).stream().limit(pageSize).collect(Collectors.toList());
 
 
         } else if (ThemeListTypeEnum.FOLLOW.getCode().equals(req.getType())) {
@@ -516,7 +516,12 @@ public class ThemeManager {
             } else {
                 // 根据关注列表查询，按时间倒序
                 List<String> fansList = followRelService.queryIdolsByFansId(req.getUserId());
-                themes = themeService.queryByUserIdsCreateDesc(fansList, pageStart, pageSize);
+
+                // 权限控制，筛选出当前用户有权限的话题
+                Set<String> userPermitTopics = topicService.getUserPermitTopics(userId);
+
+                // 查库
+                themes = themeService.queryByUserIdsCreateDesc(fansList, pageStart, pageSize, userPermitTopics);
 
                 if (CollectionUtils.isEmpty(excludeIds) && !themes.isEmpty()) {
                     // 说明是从头开始刷,则直接把最新的lastId放到redis中,保留一个月
@@ -555,7 +560,7 @@ public class ThemeManager {
         // 讨论区添加是否管理员，是否顶置
         if (ThemeListTypeEnum.TOPIC_LATEST.getCode().equals(req.getType())
                 || ThemeListTypeEnum.TOPIC_HOT.getCode().equals(req.getType())) {
-            topicService.checkManager(req.getTopicId(),resp.themes);
+            topicService.checkManager(req.getTopicId(), resp.themes);
         }
 
         // 保存缓存、记录已浏览
@@ -672,22 +677,26 @@ public class ThemeManager {
     public List<ThemeQo> queryThemesByUser(QueryRecordThemeReq req, String userId) {
 
         List<ThemeEntity> themeEntities = Collections.emptyList();
+
+        // 权限控制，筛选出当前用户有权限的话题
+        Set<String> userPermitTopics = topicService.getUserPermitTopics(userId);
+
         switch (req.getRecordType()) {
             case 1://发布
-                themeEntities = themeService.queryThemesByUserIdCreateDesc(req.getUserId(), req.getLastId(), req.getPageSize());
+                themeEntities = themeService.queryThemesByUserIdCreateDesc(req.getUserId(), req.getLastId(), req.getPageSize(), userPermitTopics);
                 break;
             case 2://回复
                 List<ThemeQo> commentThemeList = getCommentThemeQos(req, userId);
                 return commentThemeList;
             case 3://点赞
                 List<String> likeThemeIds = collectionService.getListByUser(req.getUserId(), CollectionTypeEnum.LIKE_THEME, req.getLastId(), req.getPageSize());
-                themeEntities = themeService.queryByThemeIds(likeThemeIds);
+                themeEntities = themeService.queryByThemeIds(likeThemeIds, req.getLastId(), req.getPageSize(), userPermitTopics);
                 themeEntities = RankUtils.sortThemeEntityByIds(themeEntities, likeThemeIds);
 
                 break;
             case 4://收藏
                 List<String> collectThemeIds = collectionService.getListByUser(req.getUserId(), CollectionTypeEnum.COLLECT_THEME, req.getLastId(), req.getPageSize());
-                themeEntities = themeService.queryByThemeIds(collectThemeIds, req.getLastId(), req.getPageSize());
+                themeEntities = themeService.queryByThemeIds(collectThemeIds, req.getLastId(), req.getPageSize(), userPermitTopics);
                 themeEntities = RankUtils.sortThemeEntityByIds(themeEntities, collectThemeIds);
                 break;
         }

community-service/src/main/java/com/tanpu/community/service/ThemeService.java

@@ -99,10 +99,11 @@ public class ThemeService {
     }
 
     //根据用户id查询主题list
-    public List<ThemeEntity> queryThemesByUserIdCreateDesc(String userId, String lastId, Integer pageSize) {
+    public List<ThemeEntity> queryThemesByUserIdCreateDesc(String userId, String lastId, Integer pageSize, Set<String> userPermitTopics) {
         LambdaQueryWrapper<ThemeEntity> queryWrapper = new LambdaQueryWrapper<ThemeEntity>()
                 .eq(ThemeEntity::getAuthorId, userId)
                 .eq(ThemeEntity::getDeleteTag, DeleteTagEnum.NOT_DELETED.getCode())
+                .in(ThemeEntity::getTopicId, userPermitTopics)
                 .orderByDesc(ThemeEntity::getCreateTime);
         if (StringUtils.isNotEmpty(lastId)) {
             ThemeEntity lastEntity = queryByThemeId(lastId);
@@ -134,6 +135,26 @@ public class ThemeService {
         return themeMapper.selectList(queryWrapper);
     }
 
+    //根据ids返回主题详情,带分页
+    public List<ThemeEntity> queryByThemeIds(List<String> themeIds, String lastId, Integer pageSize, Set<String> userPermitTopics) {
+        if (CollectionUtils.isEmpty(themeIds)) {
+            return Collections.emptyList();
+        }
+        LambdaQueryWrapper<ThemeEntity> queryWrapper = new LambdaQueryWrapper<ThemeEntity>()
+                .in(ThemeEntity::getThemeId, themeIds)
+                .in(ThemeEntity::getTopicId, userPermitTopics)
+                .eq(ThemeEntity::getDeleteTag, DeleteTagEnum.NOT_DELETED.getCode());
+        if (StringUtils.isNotEmpty(lastId)) {
+            ThemeEntity lastEntity = queryByThemeId(lastId);
+            if (lastEntity == null) throw new BizException("主题未找到，id：" + lastId);
+            queryWrapper.lt(ThemeEntity::getCreateTime, lastEntity.getCreateTime());
+        }
+        if (pageSize != null) {
+            queryWrapper.last("limit " + pageSize);
+        }
+        return themeMapper.selectList(queryWrapper);
+    }
+
     /**
      * 根据主题Id查询列表
      *
@@ -189,14 +210,18 @@ public class ThemeService {
      * @param userIds
      * @param pageStart
      * @param pageSize
+     * @param userPermitTopics
      * @return
      */
-    public List<ThemeEntity> queryByUserIdsCreateDesc(List<String> userIds, Integer pageStart, Integer pageSize) {
+    public List<ThemeEntity> queryByUserIdsCreateDesc(List<String> userIds, Integer pageStart, Integer pageSize, Set<String> userPermitTopics) {
         if (CollectionUtils.isEmpty(userIds)) {
             return Collections.emptyList();
         }
+        // 权限控制，添加主题为空的情况
+        userPermitTopics.add("");
         LambdaQueryWrapper<ThemeEntity> queryWrapper = new LambdaQueryWrapper<ThemeEntity>()
                 .in(ThemeEntity::getAuthorId, userIds)
+                .in(ThemeEntity::getTopicId, userPermitTopics)
                 .last("limit " + pageStart + ", " + pageSize)
                 .orderByDesc(ThemeEntity::getCreateTime)
                 .eq(ThemeEntity::getDeleteTag, DeleteTagEnum.NOT_DELETED.getCode());

community-service/src/main/java/com/tanpu/community/service/TopicService.java

@@ -302,6 +302,8 @@ public class TopicService {
 
         Set<String> openTopicIds = openTopics.stream().map(TopicEntity::getTopicId).collect(Collectors.toSet());
 
+        openTopicIds.add("");
+
         if (StringUtils.isBlank(userId)) {
             return openTopicIds;
         }

community-service/src/main/java/com/tanpu/community/util/RankUtils.java

@@ -45,8 +45,7 @@ public class RankUtils {
 
         List<ThemeEntity> themes = list.stream().filter(o -> {
             if (StringUtils.isBlank(o.getTopicId())) return true;
-            if (topicIds.contains(o.getTopicId())) return true;
-            return false;
+            return topicIds.contains(o.getTopicId());
         }).collect(Collectors.toList());
         return sortThemeEntityByIds(themes, recmdIds);
     }