权限过滤2

4d3514d1 · 刘基明 · 0c221fdb · 4d3514d1 · 4d3514d1 · 4d3514d1
Commit 4d3514d1 authored Feb 22, 2022 by 刘基明
4 changed files
--- a/community-service/src/main/java/com/tanpu/community/manager/ThemeManager.java
+++ b/community-service/src/main/java/com/tanpu/community/manager/ThemeManager.java
@@ -506,7 +506,7 @@ public class ThemeManager {
            Set<String> userPermitTopics = topicService.getUserPermitTopics(userId);
            // 排序并去重
-            themes = RankUtils.sortThemeEntityByIds(themes, recmdIds,userPermitTopics).stream().limit(pageSize).collect(Collectors.toList());
+            themes = RankUtils.sortThemeEntityByIds(themes, recmdIds, userPermitTopics).stream().limit(pageSize).collect(Collectors.toList());
        } else if (ThemeListTypeEnum.FOLLOW.getCode().equals(req.getType())) {
@@ -516,7 +516,12 @@ public class ThemeManager {
            } else {
                // 根据关注列表查询，按时间倒序
                List<String> fansList = followRelService.queryIdolsByFansId(req.getUserId());
-                themes = themeService.queryByUserIdsCreateDesc(fansList, pageStart, pageSize);
+                // 权限控制，筛选出当前用户有权限的话题
+                Set<String> userPermitTopics = topicService.getUserPermitTopics(userId);
+                // 查库
+                themes = themeService.queryByUserIdsCreateDesc(fansList, pageStart, pageSize, userPermitTopics);
                if (CollectionUtils.isEmpty(excludeIds) && !themes.isEmpty()) {
                    // 说明是从头开始刷,则直接把最新的lastId放到redis中,保留一个月
@@ -555,7 +560,7 @@ public class ThemeManager {
        // 讨论区添加是否管理员，是否顶置
        if (ThemeListTypeEnum.TOPIC_LATEST.getCode().equals(req.getType())
                || ThemeListTypeEnum.TOPIC_HOT.getCode().equals(req.getType())) {
-            topicService.checkManager(req.getTopicId(),resp.themes);
+            topicService.checkManager(req.getTopicId(), resp.themes);
        }
        // 保存缓存、记录已浏览
@@ -672,22 +677,26 @@ public class ThemeManager {
    public List<ThemeQo> queryThemesByUser(QueryRecordThemeReq req, String userId) {
        List<ThemeEntity> themeEntities = Collections.emptyList();
+        // 权限控制，筛选出当前用户有权限的话题
+        Set<String> userPermitTopics = topicService.getUserPermitTopics(userId);
        switch (req.getRecordType()) {
            case 1://发布
-                themeEntities = themeService.queryThemesByUserIdCreateDesc(req.getUserId(), req.getLastId(), req.getPageSize());
+                themeEntities = themeService.queryThemesByUserIdCreateDesc(req.getUserId(), req.getLastId(), req.getPageSize(), userPermitTopics);
                break;
            case 2://回复
                List<ThemeQo> commentThemeList = getCommentThemeQos(req, userId);
                return commentThemeList;
            case 3://点赞
                List<String> likeThemeIds = collectionService.getListByUser(req.getUserId(), CollectionTypeEnum.LIKE_THEME, req.getLastId(), req.getPageSize());
-                themeEntities = themeService.queryByThemeIds(likeThemeIds);
+                themeEntities = themeService.queryByThemeIds(likeThemeIds, req.getLastId(), req.getPageSize(), userPermitTopics);
                themeEntities = RankUtils.sortThemeEntityByIds(themeEntities, likeThemeIds);
                break;
            case 4://收藏
                List<String> collectThemeIds = collectionService.getListByUser(req.getUserId(), CollectionTypeEnum.COLLECT_THEME, req.getLastId(), req.getPageSize());
-                themeEntities = themeService.queryByThemeIds(collectThemeIds, req.getLastId(), req.getPageSize());
+                themeEntities = themeService.queryByThemeIds(collectThemeIds, req.getLastId(), req.getPageSize(), userPermitTopics);
                themeEntities = RankUtils.sortThemeEntityByIds(themeEntities, collectThemeIds);
                break;
        }

--- a/community-service/src/main/java/com/tanpu/community/service/ThemeService.java
+++ b/community-service/src/main/java/com/tanpu/community/service/ThemeService.java
@@ -99,10 +99,11 @@ public class ThemeService {
    }
    //根据用户id查询主题list
-    public List<ThemeEntity> queryThemesByUserIdCreateDesc(String userId, String lastId, Integer pageSize) {
+    public List<ThemeEntity> queryThemesByUserIdCreateDesc(String userId, String lastId, Integer pageSize, Set<String> userPermitTopics) {
        LambdaQueryWrapper<ThemeEntity> queryWrapper = new LambdaQueryWrapper<ThemeEntity>()
                .eq(ThemeEntity::getAuthorId, userId)
                .eq(ThemeEntity::getDeleteTag, DeleteTagEnum.NOT_DELETED.getCode())
+                .in(ThemeEntity::getTopicId, userPermitTopics)
                .orderByDesc(ThemeEntity::getCreateTime);
        if (StringUtils.isNotEmpty(lastId)) {
            ThemeEntity lastEntity = queryByThemeId(lastId);
@@ -134,6 +135,26 @@ public class ThemeService {
        return themeMapper.selectList(queryWrapper);
    }
+    //根据ids返回主题详情,带分页
+    public List<ThemeEntity> queryByThemeIds(List<String> themeIds, String lastId, Integer pageSize, Set<String> userPermitTopics) {
+        if (CollectionUtils.isEmpty(themeIds)) {
+            return Collections.emptyList();
+        }
+        LambdaQueryWrapper<ThemeEntity> queryWrapper = new LambdaQueryWrapper<ThemeEntity>()
+                .in(ThemeEntity::getThemeId, themeIds)
+                .in(ThemeEntity::getTopicId, userPermitTopics)
+                .eq(ThemeEntity::getDeleteTag, DeleteTagEnum.NOT_DELETED.getCode());
+        if (StringUtils.isNotEmpty(lastId)) {
+            ThemeEntity lastEntity = queryByThemeId(lastId);
+            if (lastEntity == null) throw new BizException("主题未找到，id：" + lastId);
+            queryWrapper.lt(ThemeEntity::getCreateTime, lastEntity.getCreateTime());
+        }
+        if (pageSize != null) {
+            queryWrapper.last("limit " + pageSize);
+        }
+        return themeMapper.selectList(queryWrapper);
+    }
    /**
     * 根据主题Id查询列表
     *
@@ -189,14 +210,18 @@ public class ThemeService {
     * @param userIds
     * @param pageStart
     * @param pageSize
+     * @param userPermitTopics
     * @return
     */
-    public List<ThemeEntity> queryByUserIdsCreateDesc(List<String> userIds, Integer pageStart, Integer pageSize) {
+    public List<ThemeEntity> queryByUserIdsCreateDesc(List<String> userIds, Integer pageStart, Integer pageSize, Set<String> userPermitTopics) {
        if (CollectionUtils.isEmpty(userIds)) {
            return Collections.emptyList();
        }
+        // 权限控制，添加主题为空的情况
+        userPermitTopics.add("");
        LambdaQueryWrapper<ThemeEntity> queryWrapper = new LambdaQueryWrapper<ThemeEntity>()
                .in(ThemeEntity::getAuthorId, userIds)
+                .in(ThemeEntity::getTopicId, userPermitTopics)
                .last("limit " + pageStart + ", " + pageSize)
                .orderByDesc(ThemeEntity::getCreateTime)
                .eq(ThemeEntity::getDeleteTag, DeleteTagEnum.NOT_DELETED.getCode());

--- a/community-service/src/main/java/com/tanpu/community/service/TopicService.java
+++ b/community-service/src/main/java/com/tanpu/community/service/TopicService.java
@@ -302,6 +302,8 @@ public class TopicService {
        Set<String> openTopicIds = openTopics.stream().map(TopicEntity::getTopicId).collect(Collectors.toSet());
+        openTopicIds.add("");
        if (StringUtils.isBlank(userId)) {
            return openTopicIds;
        }

--- a/community-service/src/main/java/com/tanpu/community/util/RankUtils.java
+++ b/community-service/src/main/java/com/tanpu/community/util/RankUtils.java
@@ -45,8 +45,7 @@ public class RankUtils {
        List<ThemeEntity> themes = list.stream().filter(o -> {
            if (StringUtils.isBlank(o.getTopicId())) return true;
-            if (topicIds.contains(o.getTopicId())) return true;
+            return topicIds.contains(o.getTopicId());
-            return false;
        }).collect(Collectors.toList());
        return sortThemeEntityByIds(themes, recmdIds);
    }