《人员权限一览表》《菜单权限一览表》手动迁移到病理版分支

ibps-model-root/modules/org-model/src/main/resources/com/lc/ibps/org/party/persistence/mapping/PartyRoleProvider.map.xml

@@ -9,4 +9,255 @@
     <update id="updateUserRoleJobByUserId" parameterType="string">
         update IBPS_PARTY_EMPLOYEE set JOB_ = #{job} where ID_ = #{userId}
     </update>
-</mapper>
+
+
+
+    <resultMap id="PartyRole" type="com.lc.ibps.org.party.persistence.entity.PartyRolePo">
+        <id property="id" column="ID_" jdbcType="VARCHAR"/>
+        <result property="name" column="NAME_" jdbcType="VARCHAR"/>
+        <result property="roleNote" column="ROLE_NOTE_" jdbcType="BLOB"/>
+        <result property="roleAlias" column="ROLE_ALIAS_" jdbcType="VARCHAR"/>
+        <result property="roleType" column="ROLE_TYPE_" jdbcType="VARCHAR"/>
+        <result property="subSystemName" column="SYSTEM_NAME_" jdbcType="VARCHAR"/>
+        <result property="subSystemId" column="SYSTEM_ID_" jdbcType="VARCHAR"/>
+        <result property="subSystemAlias" column="ALIAS_" jdbcType="VARCHAR"/>
+        <result property="tenantId" column="TENANT_ID_" jdbcType="VARCHAR"/>
+    </resultMap>
+
+    <select id="getRoleByName" resultMap="PartyRole" parameterType="string">
+        SELECT
+        t1.ID_,
+        t1.NAME_,
+        t1.ROLE_NOTE_,
+        t1.ROLE_ALIAS_,
+        t1.TENANT_ID_,
+        t1.ROLE_TYPE_,
+        t2.SYSTEM_ID_
+        FROM IBPS_PARTY_ROLE as t1
+        LEFT JOIN (
+            select
+            SYSTEM_ID_,
+            ROLE_ID_,
+            NAME_ as SYSTEM_NAME_
+            from IBPS_AUTH_ROLE_SYSTEM
+            left join  IBPS_AUTH_SUBSYS a on a.ID_ = SYSTEM_ID_
+        )as t2 on t2.ROLE_ID_ = t1.ID_
+        <if test="name != null and name != ''">
+            WHERE t1.NAME_ LIKE CONCAT('%',#{name},'%')
+        </if>
+    </select>
+
+
+    <resultMap id="Resources" type="com.lc.ibps.org.auth.persistence.entity.ResourcesPo">
+        <id property="id" column="ID_" jdbcType="VARCHAR"/>
+        <result property="name" column="NAME_" jdbcType="VARCHAR"/>
+        <result property="alias" column="ALIAS_" jdbcType="VARCHAR"/>
+        <result property="desc" column="DESC_" jdbcType="VARCHAR"/>
+        <result property="sn" column="SN_" jdbcType="NUMERIC"/>
+        <result property="icon" column="ICON_" jdbcType="VARCHAR"/>
+        <result property="resourceType" column="RESOURCE_TYPE_" jdbcType="VARCHAR"/>
+        <result property="parentId" column="PARENT_ID_" jdbcType="VARCHAR"/>
+        <result property="defaultUrl" column="DEFAULT_URL_" jdbcType="VARCHAR"/>
+        <result property="isFolder" column="IS_FOLDER_" jdbcType="CHAR"/>
+        <result property="displayInMenu" column="DISPLAY_IN_MENU_" jdbcType="CHAR"/>
+        <result property="isOpen" column="IS_OPEN_" jdbcType="CHAR"/>
+        <result property="systemId" column="SYSTEM_ID_" jdbcType="VARCHAR"/>
+        <result property="path" column="PATH_" jdbcType="VARCHAR"/>
+        <result property="tenantId" column="TENANT_ID_" jdbcType="VARCHAR"/>
+        <result property="tenantType" column="TENANT_TYPE_" jdbcType="VARCHAR"/>
+        <result property="createBy" column="CREATE_BY_" jdbcType="VARCHAR"/>
+        <result property="createTime" column="CREATE_TIME_" jdbcType="TIMESTAMP"/>
+    </resultMap>
+
+    <select id="getResourcesByName" resultMap="Resources" parameterType="string">
+        SELECT
+        DISTINCT r.*
+        FROM IBPS_AUTH_RES AS r
+        <choose>
+            <when test="name != null and name != ''">
+                WHERE (
+                    EXISTS (
+                        SELECT 1
+                        FROM ibps_auth_res m
+                        WHERE m.NAME_ LIKE CONCAT('%',#{name},'%')
+                        AND m.ID_ NOT IN (
+                            select ID_ from IBPS_AUTH_RES 
+                            where PATH_ LIKE CONCAT('%', (select ID_ from IBPS_AUTH_RES where NAME_ = '系统管理' limit 1), '%')
+                        )
+                        AND (
+                            r.PATH_ LIKE CONCAT('%', m.ID_, '%')
+                            OR
+                            m.PATH_ LIKE CONCAT('%', r.ID_, '%')
+                        )
+                    )
+                )
+            </when>
+            <otherwise>
+                where 1=1
+            </otherwise>
+        </choose>
+        AND DISPLAY_IN_MENU_ = 'Y'
+        AND ID_ NOT IN (select ID_ from IBPS_AUTH_RES where PATH_ LIKE CONCAT('%', (select ID_ from IBPS_AUTH_RES where NAME_ = '系统管理' limit 1), '%'))
+        ORDER BY SN_
+    </select>
+
+    <select id="getRoleIdsByResourcesId" parameterType="string" resultType="string">
+        SELECT ROLE_ID_ FROM IBPS_AUTH_ROLE_RES
+        WHERE RES_ID_ = #{id}
+    </select>
+
+
+    <delete id="deleteRoleResourcesByResourcesId" parameterType="string">
+        DELETE FROM IBPS_AUTH_ROLE_RES
+        WHERE RES_ID_ = #{pageId}
+        AND ROLE_ID_ = (select ID_ from IBPS_PARTY_ROLE where NAME_ = #{roleName} LIMIT 1)
+    </delete>
+
+    <insert id="insertRoleResources" parameterType="string">
+        insert into IBPS_AUTH_ROLE_RES (ID_, ROLE_ID_, RES_ID_,SYSTEM_ID_)
+        values
+        (
+            (select max(CONVERT(ID_, SIGNED))+1 from IBPS_AUTH_ROLE_RES as t1),
+            (select ID_ from IBPS_PARTY_ROLE where NAME_ = #{roleName} LIMIT 1),
+            #{resId},
+            (select SYSTEM_ID_ from IBPS_AUTH_ROLE_SYSTEM where ROLE_ID_ = (select ID_ from IBPS_PARTY_ROLE where NAME_ = #{roleName} LIMIT 1))
+        )
+    </insert>
+
+
+
+    <!-- RoleDO 结果映射 -->
+    <resultMap id="RoleDOMap" type="com.lc.ibps.org.party.persistence.entity.RoleDO">
+        <id property="id" column="ID_" jdbcType="VARCHAR"/>
+        <result property="name" column="NAME_" jdbcType="VARCHAR"/>
+    </resultMap>
+
+    <!-- 查询所有角色 -->
+    <select id="getAllRoles" resultMap="RoleDOMap">
+        SELECT
+        ID_,
+        NAME_
+        FROM IBPS_PARTY_ROLE
+        ORDER BY NAME_
+    </select>
+
+    <!-- 查询有效资源并构建显示名称和排序路径，同时过滤父级不显示的菜单 -->
+    <select id="getResourcesWithPathPaging" resultType="com.lc.ibps.org.party.persistence.entity.ResourceDO">
+        SELECT
+        r.ID_          AS id,
+        r.NAME_        AS name,
+        r.SN_          AS sn,
+        r.PARENT_ID_   AS parentId,
+        r.PATH_        AS path,
+        (
+        SELECT GROUP_CONCAT(parent.NAME_ ORDER BY FIND_IN_SET(parent.ID_, REPLACE(r.PATH_, '.', ',')) SEPARATOR '/')
+        FROM IBPS_AUTH_RES parent
+        WHERE FIND_IN_SET(parent.ID_, REPLACE(r.PATH_, '.', ','))
+        ) AS displayName,
+        (
+        SELECT GROUP_CONCAT(LPAD(parent.SN_, 10, '0') ORDER BY FIND_IN_SET(parent.ID_, REPLACE(r.PATH_, '.', ',')) SEPARATOR '.')
+        FROM IBPS_AUTH_RES parent
+        WHERE FIND_IN_SET(parent.ID_, REPLACE(r.PATH_, '.', ','))
+        ) AS sortPath
+        FROM IBPS_AUTH_RES r
+        WHERE r.DISPLAY_IN_MENU_ = 'Y'
+        AND NOT EXISTS (
+        SELECT 1
+        FROM (
+        SELECT
+        SUBSTRING_INDEX(SUBSTRING_INDEX(r.PATH_, '.', numbers.n), '.', -1) AS pid
+        FROM (
+        SELECT 1 n UNION SELECT 2 UNION SELECT 3 UNION SELECT 4 UNION SELECT 5
+        UNION SELECT 6 UNION SELECT 7 UNION SELECT 8 UNION SELECT 9 UNION SELECT 10
+        ) numbers
+        WHERE numbers.n <![CDATA[ <= ]]> (LENGTH(r.PATH_) - LENGTH(REPLACE(r.PATH_, '.', '')) + 1)
+        ) path_ids
+        LEFT JOIN IBPS_AUTH_RES parent_res ON parent_res.ID_ = path_ids.pid
+        WHERE parent_res.ID_ IS NULL OR parent_res.DISPLAY_IN_MENU_ != 'Y'
+        )
+        <if test="resourceNameFilter != null and resourceNameFilter != ''">
+            AND displayName LIKE CONCAT('%', #{resourceNameFilter}, '%')
+        </if>
+        ORDER BY sortPath
+        LIMIT #{offset}, #{limit}
+    </select>
+
+    <!-- 统计有效资源总数 -->
+    <select id="countResources" resultType="int">
+        SELECT COUNT(*)
+        FROM (
+        SELECT
+        r.ID_,
+        (
+        SELECT GROUP_CONCAT(parent.NAME_ ORDER BY FIND_IN_SET(parent.ID_, REPLACE(r.PATH_, '.', ',')) SEPARATOR '/')
+        FROM IBPS_AUTH_RES parent
+        WHERE FIND_IN_SET(parent.ID_, REPLACE(r.PATH_, '.', ','))
+        ) AS displayName
+        FROM IBPS_AUTH_RES r
+        WHERE r.DISPLAY_IN_MENU_ = 'Y'
+        AND NOT EXISTS (
+        SELECT 1
+        FROM (
+        SELECT
+        SUBSTRING_INDEX(SUBSTRING_INDEX(r.PATH_, '.', numbers.n), '.', -1) AS pid
+        FROM (
+        SELECT 1 n UNION SELECT 2 UNION SELECT 3 UNION SELECT 4 UNION SELECT 5
+        UNION SELECT 6 UNION SELECT 7 UNION SELECT 8 UNION SELECT 9 UNION SELECT 10
+        ) numbers
+        WHERE numbers.n <![CDATA[ <= ]]> (LENGTH(r.PATH_) - LENGTH(REPLACE(r.PATH_, '.', '')) + 1)
+        ) path_ids
+        LEFT JOIN IBPS_AUTH_RES parent_res ON parent_res.ID_ = path_ids.pid
+        WHERE parent_res.ID_ IS NULL OR parent_res.DISPLAY_IN_MENU_ != 'Y'
+        )
+        ) t
+        <if test="resourceNameFilter != null and resourceNameFilter != ''">
+            WHERE t.displayName LIKE CONCAT('%', #{resourceNameFilter}, '%')
+        </if>
+    </select>
+
+    <!-- 查询有效的角色-资源权限关系 -->
+    <select id="getValidRoleResources" resultType="com.lc.ibps.org.party.persistence.entity.RoleResourceDO">
+        SELECT DISTINCT
+        rr.ROLE_ID_ AS roleId,
+        rr.RES_ID_  AS resId
+        FROM IBPS_AUTH_ROLE_RES rr
+        WHERE EXISTS (
+        SELECT 1 FROM IBPS_PARTY_ROLE r WHERE r.ID_ = rr.ROLE_ID_
+        )
+        AND EXISTS (
+        SELECT 1 FROM IBPS_AUTH_RES r WHERE r.ID_ = rr.RES_ID_ AND r.DISPLAY_IN_MENU_ = 'Y'
+        )
+    </select>
+
+
+    <select id="getAllDisplayableResources" resultType="com.lc.ibps.org.party.persistence.entity.ResourceRawDO">
+        SELECT
+        ID_             AS id,
+        NAME_           AS name,
+        SN_             AS sn,
+        PARENT_ID_      AS parentId,
+        PATH_           AS path,
+        DISPLAY_IN_MENU_ AS displayInMenu
+        FROM IBPS_AUTH_RES
+        WHERE DISPLAY_IN_MENU_ = 'Y'
+        AND ID_ NOT IN (
+            select ID_ from IBPS_AUTH_RES 
+            where PATH_ LIKE CONCAT('%', (select ID_ from IBPS_AUTH_RES where NAME_ = '系统管理' limit 1), '%')
+        )
+    </select>
+
+
+    <select id="getAllUsers" resultType="com.lc.ibps.org.party.persistence.entity.UserDO">
+        SELECT
+        ID_   AS id,
+        NAME_ AS name,
+        JOB_  AS job
+        FROM IBPS_PARTY_EMPLOYEE
+        WHERE STATUS_ != 'deleted'
+        <if test="userName != null and userName != ''">
+            AND NAME_ LIKE CONCAT('%', #{userName}, '%')
+        </if>
+        ORDER BY NAME_
+    </select>
+
+</mapper>

ibps-provider-base-root/modules/provider-platform-api/src/main/java/com/lc/ibps/org/api/IPartyRoleService.java

@@ -12,6 +12,8 @@ package com.lc.ibps.org.api;
 import java.util.List;
 import java.util.Map;
 
+import com.lc.ibps.cloud.entity.PermissionPageList;
+import com.lc.ibps.org.party.persistence.entity.*;
 import org.hibernate.validator.constraints.NotBlank;
 import org.hibernate.validator.constraints.NotEmpty;
 import org.springframework.validation.annotation.Validated;
@@ -293,5 +295,41 @@ public interface IPartyRoleService {
 	@RequestMapping(value = "/transfer", method = { RequestMethod.POST })
 	public APIResult<Map<String, Map<String, String>>> transfer(
 			@RequestBody(required = true) IdKeyVo idKeyVo);
-	
+
+
+	/**
+	 * 页面资源权限一览表 查询
+	 * @param
+	 * @return
+	 */
+	@RequestMapping(value = "/getPagePermission", method = RequestMethod.POST )
+	public APIResult<PermissionPageList<PermissionViewDTO>> getPagePermission(@RequestBody(required = true) APIRequest request);
+
+	/**
+	 * 页面资源权限一览表  保存
+	 * @param
+	 * @return
+	 */
+	@RequestMapping(value = "/savePagePermission", method = RequestMethod.POST )
+	public APIResult<Void> savePagePermission(@RequestBody(required = true) PermissionSaveDTO permissionSaveDTO);
+	/**
+	 * 页面资源权限一览表 查询 返回文件流
+	 * @param
+	 * @return
+	 */
+	@RequestMapping(value = "/getFilePermission", method = RequestMethod.POST )
+	public void getFileStreamPermission(@RequestBody(required = true) APIRequest request);
+	//public APIResult<PermissionPageList<PermissionViewDTO>> getFileStreamPermission(@RequestBody(required = true) APIRequest request);
+
+
+
+	/**
+	 * 人员权限一览表 查询
+	 * @param
+	 * @return
+	 */
+	@RequestMapping(value = "/getPeoplePermission", method = RequestMethod.POST )
+	public APIResult<PermissionPageList<PermissionViewDTO>> getPeoplePermission(@RequestBody(required = true) APIRequest request);
+
+
 }

ibps-provider-root/modules/provider-platform-default/pom.xml

@@ -85,6 +85,19 @@
 		    <groupId>javax.servlet</groupId>
 			<artifactId>javax.servlet-api</artifactId>
 		</dependency>
+		
+		<!-- Apache POI for Excel export -->
+		<dependency>
+			<groupId>org.apache.poi</groupId>
+			<artifactId>poi</artifactId>
+			<version>3.17</version>
+		</dependency>
+		
+		<!-- Apache Commons Lang3 -->
+		<dependency>
+			<groupId>org.apache.commons</groupId>
+			<artifactId>commons-lang3</artifactId>
+		</dependency>
 		<dependency>
 			<groupId>javax</groupId>
 			<artifactId>javaee-api</artifactId>

ibps-provider-root/modules/provider-platform-default/src/main/java/com/lc/ibps/org/provider/PartyRoleProvider.java

@@ -32,10 +32,7 @@ import com.lc.ibps.base.core.util.string.StringUtil;
 import com.lc.ibps.base.framework.request.signature.annotation.Signature;
 import com.lc.ibps.base.framework.utils.PageUtil;
 import com.lc.ibps.base.web.context.ContextUtil;
-import com.lc.ibps.cloud.entity.APIPageList;
-import com.lc.ibps.cloud.entity.APIRequest;
-import com.lc.ibps.cloud.entity.APIRequestParameter;
-import com.lc.ibps.cloud.entity.APIResult;
+import com.lc.ibps.cloud.entity.*;
 import com.lc.ibps.cloud.provider.GenericProvider;
 import com.lc.ibps.cloud.utils.RequestUtil;
 import com.lc.ibps.org.api.IPartyRoleMgrService;
@@ -46,12 +43,7 @@ import com.lc.ibps.org.auth.repository.RoleSystemRepository;
 import com.lc.ibps.org.auth.repository.SubSystemRepository;
 import com.lc.ibps.org.party.builder.PartyRoleBaseBuilder;
 import com.lc.ibps.org.party.domain.PartyRole;
-import com.lc.ibps.org.party.persistence.entity.DefaultPartyRolePo;
-import com.lc.ibps.org.party.persistence.entity.PartyOrgAuthPo;
-import com.lc.ibps.org.party.persistence.entity.PartyOrgPo;
-import com.lc.ibps.org.party.persistence.entity.PartyPositionPo;
-import com.lc.ibps.org.party.persistence.entity.PartyRolePo;
-import com.lc.ibps.org.party.persistence.entity.PartyRoleTreePo;
+import com.lc.ibps.org.party.persistence.entity.*;
 import com.lc.ibps.org.party.repository.DefaultPartyRoleRepository;
 import com.lc.ibps.org.party.repository.PartyEntityRepository;
 import com.lc.ibps.org.party.repository.PartyRoleRepository;
@@ -63,6 +55,12 @@ import io.swagger.annotations.ApiOperation;
 import io.swagger.annotations.ApiParam;
 import io.swagger.annotations.Extension;
 import io.swagger.annotations.ExtensionProperty;
+import org.apache.poi.hssf.usermodel.HSSFRow;
+import org.apache.poi.hssf.usermodel.HSSFSheet;
+import org.apache.poi.hssf.usermodel.HSSFWorkbook;
+
+import javax.servlet.http.HttpServletResponse;
+import java.net.URLEncoder;
 
 /**
  * 角色管理
@@ -780,6 +778,100 @@ public class PartyRoleProvider extends GenericProvider implements IPartyRoleServ
 		return result;
 	}
 	
+	@Override
+	public APIResult<PermissionPageList<PermissionViewDTO>> getPagePermission(@RequestBody(required = true) APIRequest request) {
+		APIResult<PermissionPageList<PermissionViewDTO>> result = partyRoleProviderService.getPagePermission(request);
+		return result;
+	}
+
+	@Override
+	public APIResult<Void> savePagePermission(@RequestBody(required = true) PermissionSaveDTO permissionSaveDTO) {
+		APIResult<Void> result = new APIResult<Void>();
+		try {
+			partyRoleProviderService.savePagePermission(permissionSaveDTO);
+			result.setMessage("保存成功");
+		}catch (Exception e){
+			result.setMessage("保存失败");
+			setExceptionResult(result, StateEnum.ERROR.getCode(), I18nUtil.getMessage(StateEnum.ERROR_ROLE.getCode()+""), e);
+		}
+		return result;
+	}
+
+	@Override
+	public APIResult<PermissionPageList<PermissionViewDTO>> getPeoplePermission(@RequestBody(required = true) APIRequest request) {
+		APIResult<PermissionPageList<PermissionViewDTO>> result = partyRoleProviderService.getPeoplePermission(request);
+		return result;
+	}
+
+	@Override
+	public void getFileStreamPermission(APIRequest request) {
+		try {
+			HttpServletResponse response = this.getResponse();
+			APIResult<PermissionPageList<PermissionViewDTO>> result = null;
+			Boolean type = true;
+			if (request == null || request.getCustoms() == null || request.getCustoms().get("type") == null||request.getCustoms().get("type").equals("2")) {
+				type = false;
+			}
+			if(type){
+				 result = partyRoleProviderService.getPeoplePermission(request);
+			}else{
+				 result = partyRoleProviderService.getPagePermission(request);
+			}
+			if (result == null || result.getData() == null || result.getData().getData() == null) {
+				throw new RuntimeException("获取权限数据失败");
+			}
+			PermissionViewDTO permissionView = result.getData().getData();
+			List<String> roles = permissionView.getRoles();
+			List<PagePermissionDTO> permissions = permissionView.getPermissions();
+
+			response.setContentType("application/vnd.ms-excel");
+			response.setCharacterEncoding("utf-8");
+			String fileName = URLEncoder.encode("权限导出.xls", "UTF-8");
+			response.setHeader("Content-disposition", "attachment;filename=" + fileName);
+
+			HSSFWorkbook workbook = new HSSFWorkbook();
+			HSSFSheet sheet = workbook.createSheet("权限列表");
+
+			HSSFRow headerRow = sheet.createRow(0);
+			headerRow.createCell(0).setCellValue("页面名称");
+			for (int i = 0; i < roles.size(); i++) {
+				headerRow.createCell(i + 1).setCellValue(roles.get(i));
+			}
+
+			for (int i = 0; i < permissions.size(); i++) {
+				PagePermissionDTO page = permissions.get(i);
+				HSSFRow dataRow = sheet.createRow(i + 1);
+				dataRow.createCell(0).setCellValue(page.getPageName());
+
+				Map<String, Boolean> rolePerms = page.getRolePermissions();
+				for (int j = 0; j < roles.size(); j++) {
+					String role = roles.get(j);
+					Boolean hasPerm = rolePerms.get(role);
+					String cellValue = Boolean.TRUE.equals(hasPerm) ? "√" : "";
+					dataRow.createCell(j + 1).setCellValue(cellValue);
+				}
+			}
+
+			for (int i = 0; i <= roles.size(); i++) {
+				sheet.autoSizeColumn(i);
+			}
+
+			workbook.write(response.getOutputStream());
+			response.getOutputStream().flush();
+			workbook.close();
+
+		} catch (Exception e) {
+			logger.error("/upload/getFileStreamPermission", e);
+			try {
+				HttpServletResponse response = this.getResponse();
+				response.setContentType("application/json;charset=UTF-8");
+				response.getWriter().write("{\"code\":500,\"message\":\"导出失败：" + e.getMessage() + "\"}");
+			} catch (Exception ex) {
+				logger.error("返回错误信息失败", ex);
+			}
+		}
+	}
+
 	@ApiOperation(value = "查询角色树", notes = "查询角色树")
 	@Override
 	public APIResult<List<PartyRoleTreePo>> findTreeData(

ibps-provider-root/modules/provider-platform-default/src/main/java/com/lc/ibps/platform/dao/PartyRoleProviderDao.java

@@ -1,9 +1,12 @@
 package com.lc.ibps.platform.dao;
 
+import com.lc.ibps.org.auth.persistence.entity.ResourcesPo;
+import com.lc.ibps.org.party.persistence.entity.*;
 import org.apache.ibatis.annotations.Mapper;
 import org.apache.ibatis.annotations.Param;
 
 import java.util.List;
+import java.util.Map;
 
 @Mapper
 public interface PartyRoleProviderDao {
@@ -11,4 +14,64 @@ public interface PartyRoleProviderDao {
 
     void updateUserRoleJobByUserId(@Param("userId")String userId,@Param("job")String job);
 
+    List<PartyRolePo> getRoleByName(@Param("name")String name);
+
+    /**
+     * 该方法会查询出资源页面的所有上下级的资源
+     */
+    List<ResourcesPo> getResourcesByName(@Param("name")String name);
+
+    /**
+     * 根据资源ID获取关联的有相关权限的角色ID
+     * @param id
+     * @return
+     */
+    List<String> getRoleIdsByResourcesId(@Param("id")String id);
+
+    /**
+     * 根据资源ID删除角色资源关联关系
+     */
+    void deleteRoleResourcesByResourcesId(@Param("pageId")String pageId,@Param("roleName")String roleName);
+
+
+    /**
+     * 插入角色资源关联关系
+     */
+    int insertRoleResources(@Param("roleName")String roleName, @Param("resId")String resId);
+
+
+
+
+
+
+
+    /**
+     * 获取所有有效角色
+     */
+    List<RoleDO> getAllRoles();
+
+    /**
+     * 获取分页的有效页面资源，按排序路径排序，并过滤父级不显示的资源。
+     * @param offset 偏移量
+     * @param limit 每页数量
+     * @param resourceNameFilter 资源名称模糊过滤（可选）
+     */
+    List<ResourceDO> getResourcesWithPathPaging(@Param("offset") int offset,
+                                                @Param("limit") int limit,
+                                                @Param("resourceNameFilter") String resourceNameFilter);
+
+    /**
+     * 统计有效资源总数（用于分页）
+     * @param resourceNameFilter 资源名称模糊过滤（可选）
+     */
+    int countResources(@Param("resourceNameFilter") String resourceNameFilter);
+
+    /**
+     * 获取有效的角色-资源权限关系（排除垃圾数据）
+     */
+    List<RoleResourceDO> getValidRoleResources();
+
+    List<ResourceRawDO> getAllDisplayableResources();
+
+    List<UserDO> getAllUsers(@Param("userName") String userName);
 }

ibps-provider-root/modules/provider-platform-default/src/main/java/com/lc/ibps/platform/service/PartyRoleProviderService.java

@@ -4,13 +4,19 @@ package com.lc.ibps.platform.service;
 
 import com.lc.ibps.base.core.util.AppUtil;
 import com.lc.ibps.base.framework.table.ICommonDao;
+import com.lc.ibps.cloud.entity.*;
+import com.lc.ibps.org.auth.persistence.entity.ResourcesPo;
+import com.lc.ibps.org.party.persistence.entity.*;
 import com.lc.ibps.platform.dao.PartyRoleProviderDao;
+import org.apache.commons.lang3.StringUtils;
+import org.slf4j.Logger;
+import org.slf4j.LoggerFactory;
 import org.springframework.beans.factory.annotation.Autowired;
 import org.springframework.stereotype.Service;
+import org.springframework.transaction.annotation.Transactional;
+import org.springframework.util.CollectionUtils;
 
-import java.util.Arrays;
-import java.util.List;
-import java.util.Map;
+import java.util.*;
 import java.util.stream.Collectors;
 import java.util.stream.Stream;
 
@@ -24,6 +30,8 @@ public class PartyRoleProviderService {
 
     private ICommonDao<?> commonDao = AppUtil.getBean(ICommonDao.class);
 
+    protected static final Logger logger = LoggerFactory.getLogger(PartyRoleProviderService.class);
+
     /**
      * 增加用户角色
      * 仅限于更新IBPS_PARTY_EMPLOYEE表的JOB_字段内容
@@ -96,4 +104,503 @@ public class PartyRoleProviderService {
             partyRoleProviderDao.updateUserRoleJobByUserId(userId,jobs);
         }
     }
+
+
+    public APIResult<PermissionPageList<PermissionViewDTO>> getPagePermission(APIRequest request){
+
+        APIResult apiResult = new APIResult();
+        PermissionPageList apiPageList = new PermissionPageList();
+        List<PagePermissionMenuVO> allMenuList = new ArrayList<>();
+        List<String> roles = new ArrayList<>();
+        List<PagePermissionDTO> permissions = new ArrayList<>();
+
+        String roleName = (String) getCustomParamFormRequest(request, "roleName");
+        String pageName = (String) getCustomParamFormRequest(request, "pageName");
+
+
+        //查询角色
+        List<PartyRolePo> roleList = partyRoleProviderDao.getRoleByName(roleName);
+        //角色排序
+        roleList = roleList.stream().sorted(Comparator.comparing(PartyRolePo::getRoleNote)).collect(Collectors.toList());
+        //提取roleList中的name属性到排序后的List<String>
+        roles = roleList.stream().map(PartyRolePo::getName).collect(Collectors.toList());
+        
+        //查询页面资源（使用新的过滤逻辑）
+        List<ResourceRawDO> rawResources = partyRoleProviderDao.getAllDisplayableResources();
+        List<ResourceDO> validResources = buildValidResources(rawResources);
+        
+        //将ResourceDO转换为ResourcesPo格式以兼容后续逻辑
+        List<ResourcesPo> resourcesList = new ArrayList<>();
+        for(ResourceDO res : validResources){
+            ResourcesPo po = new ResourcesPo();
+            po.setId(res.getId());
+            po.setName(res.getName());
+            po.setSn(res.getSn());
+            po.setParentId(res.getParentId());
+            resourcesList.add(po);
+        }
+
+        //如果没有查询到角色或资源，则直接返回
+        if(CollectionUtils.isEmpty(roleList) || CollectionUtils.isEmpty(resourcesList)){
+            apiResult.setState(200);
+            apiResult.setMessage("没有符合条件的数据");
+            apiResult.setData(null);
+            return apiResult;
+
+        }
+
+        //对资源名称做层级处理
+        for(ResourcesPo resourcesPo:resourcesList){
+            allMenuList.add(new PagePermissionMenuVO(resourcesPo.getSn(), resourcesPo.getName(), resourcesPo.getId(), resourcesPo.getParentId(),resourcesPo.getChecked()));
+        }
+        List<PagePermissionMenuVO> result = getChildNode("0", allMenuList);
+        allMenuList = getFlatMenuList("",result);
+        
+        //应用pageName过滤（匹配的资源及其所有父级）
+        if(StringUtils.isNotBlank(pageName)){
+            //构建id到displayName的映射
+            Map<String, String> idToDisplayNameMap = new HashMap<>();
+            for(ResourceDO res : validResources){
+                idToDisplayNameMap.put(res.getId(), res.getDisplayName());
+            }
+            
+            //找出所有匹配的资源ID
+            Set<String> matchedIds = new HashSet<>();
+            for(PagePermissionMenuVO menu : allMenuList){
+                String displayName = idToDisplayNameMap.get(menu.getId());
+                if(displayName != null && displayName.contains(pageName)){
+                    matchedIds.add(menu.getId());
+                }
+            }
+            
+            //构建id到menu的映射
+            Map<String, PagePermissionMenuVO> idToMenuMap = new HashMap<>();
+            for(PagePermissionMenuVO menu : allMenuList){
+                idToMenuMap.put(menu.getId(), menu);
+            }
+            
+            //收集匹配资源及其所有父级
+            Set<String> resultIds = new HashSet<>();
+            for(String matchedId : matchedIds){
+                resultIds.add(matchedId);
+                //向上查找所有父级
+                PagePermissionMenuVO current = idToMenuMap.get(matchedId);
+                while(current != null && !"0".equals(current.getParentId())){
+                    resultIds.add(current.getParentId());
+                    current = idToMenuMap.get(current.getParentId());
+                }
+            }
+            
+            //过滤出结果
+            allMenuList = allMenuList.stream()
+                    .filter(menu -> resultIds.contains(menu.getId()))
+                    .collect(Collectors.toList());
+        }
+
+        //对页面资源进行分页处理
+        if(null != request.getRequestPage() && request.getRequestPage().getPageNo()>0 && request.getRequestPage().getLimit()>0){
+            APIRequestPage requestPage = request.getRequestPage();
+            apiPageList = paginateList(requestPage.getPageNo(), requestPage.getLimit(), allMenuList);
+        }else {
+            apiPageList = paginateList(1, 50, allMenuList);
+        }
+
+        //查询每个页面资源对应的角色权限
+        List<PagePermissionMenuVO> pageResourcesList = apiPageList.getDataResult();
+        for(PagePermissionMenuVO menuVO:pageResourcesList){
+            List<String> roleIdList = partyRoleProviderDao.getRoleIdsByResourcesId(menuVO.getId());
+            //封装每行的数据（每个页面的所有的角色权限标识）
+            PagePermissionDTO pagePermissionDTO = new PagePermissionDTO();
+            pagePermissionDTO.setPageId(menuVO.getId());
+            pagePermissionDTO.setPageName(menuVO.getParentCode() + "/" + menuVO.getMenuCode());
+            for(PartyRolePo rolePo:roleList){
+                pagePermissionDTO.setRolePermission(rolePo.getName(),roleIdList.contains(rolePo.getId())?true:false);
+            }
+            permissions.add(pagePermissionDTO);
+        }
+
+
+        //封装整体的返回数据
+        PermissionViewDTO permissionViewDTO = new PermissionViewDTO();
+        permissionViewDTO.setRoles(roles);
+        permissionViewDTO.setPermissions(permissions);
+
+        apiPageList.setData(permissionViewDTO);
+        apiPageList.setDataResult(null);
+        apiResult.setData(apiPageList);
+        apiResult.setMessage("查询成功");
+        return apiResult;
+    }
+
+    /**
+     * 对List进行分页切分
+     * @param pageno 起始页号(从1开始)
+     * @param pagesize 页数
+     * @param list 待分页的List
+     * @return PermissionPageList 包含分页数据和分页信息
+     */
+    public <T> PermissionPageList<T> paginateList(int pageno, int pagesize, List<T> list) {
+        PermissionPageList<T> result = new PermissionPageList<>();
+        
+        if (list == null || list.isEmpty() || pagesize <= 0 || pageno <= 0) {
+            result.setDataResult(list);
+            result.setPageResult(new APIPageResult(pageno, pagesize, list == null ? 0 : list.size()));
+            return result;
+        }
+        
+        int totalCount = list.size();
+        int startIndex = (pageno - 1) * pagesize;
+        int endIndex = Math.min(startIndex + pagesize, totalCount);
+        
+        List<T> pageData = startIndex >= totalCount ? list.subList(0, 0) : list.subList(startIndex, endIndex);
+        
+        result.setDataResult(pageData);
+        result.setPageResult(new APIPageResult(pageno, pagesize, totalCount));
+        
+        return result;
+    }
+
+    /**
+     * 从APIRequest的customs中提取参数
+     * @param request APIRequest对象
+     * @param paramName 参数名称
+     * @return 参数值，如果不存在则返回null
+     */
+    private Object getCustomParamFormRequest(APIRequest request, String paramName) {
+        if (request == null || request.getCustoms() == null || paramName == null) {
+            return null;
+        }
+        return request.getCustoms().get(paramName);
+    }
+
+
+    public List<PagePermissionMenuVO> getChildNode(String rootMenu, List<PagePermissionMenuVO> allMenuList) {
+
+        List<PagePermissionMenuVO> childMenu = new ArrayList<>();
+        for (PagePermissionMenuVO menu : allMenuList) {
+            if (menu.getParentId().compareTo(rootMenu) == 0) {
+                // 递归查询此节点下的所有子节点
+                List<PagePermissionMenuVO> childNode = getChildNode(menu.getId(), allMenuList);
+                menu.setChildNode(childNode);
+                childMenu.add(menu);
+            }
+        }
+        // 子节点进行排序
+        List<PagePermissionMenuVO> childSortMenu = Optional.ofNullable(childMenu)
+                .map(List::stream)
+                .orElseGet(Stream::empty)
+                .sorted(Comparator.comparing(PagePermissionMenuVO::getSn))
+                .collect(Collectors.toList());
+
+        return childSortMenu;
+    }
+
+
+    public List<PagePermissionMenuVO> getFlatMenuList(String parentCode,List<PagePermissionMenuVO> allMenuList){
+        List<PagePermissionMenuVO> menu = new ArrayList<>();
+        for (PagePermissionMenuVO m : allMenuList) {
+            m.setParentCode(parentCode);
+            menu.add(m);
+            menu.addAll(getFlatMenuList(parentCode+"/"+m.getMenuCode(),m.getChildNode()));
+        }
+        return menu;
+    }
+
+
+    
+    @Transactional(rollbackFor = Exception.class)
+    public void savePagePermission(PermissionSaveDTO permissionSaveDTO){
+        if( null == permissionSaveDTO || CollectionUtils.isEmpty(permissionSaveDTO.getPermissions())){
+            return;
+        }
+
+        //遍历每个页面的权限设置,把每个页面对应的角色权限进行更新(传入的角色删除，再把有权限(为true)的角色插入)
+        for(PagePermissionDTO pagePermissionDTO:permissionSaveDTO.getPermissions()){
+            String pageId = pagePermissionDTO.getPageId();
+            //获取该页面所有的角色列表
+            List<String> allRoleNameList = pagePermissionDTO.getAllRoles();
+            for(String roleName:allRoleNameList){
+                //删除该页面对应的角色权限
+                partyRoleProviderDao.deleteRoleResourcesByResourcesId(pageId,roleName);
+            }
+            //获取该页面有权限的角色列表
+            List<String> roleNameList = pagePermissionDTO.getRolesWithPermission();
+            for(String roleName:roleNameList){
+                //插入资源和角色的对应关系
+                partyRoleProviderDao.insertRoleResources(roleName, pageId);
+            }
+        }
+
+    }
+
+
+    /**
+     * 测试调用getRolePermissionMatrix方法
+     */
+    public void testGetRolePermissionMatrix(){
+        APIRequest request = new APIRequest();
+        Map<String, Object> customs = new HashMap<>();
+        //customs.put("pageName", "安全");
+
+        //customs.put("pageName", "风险评估计划");
+        //customs.put("peopleName", "李");
+
+        request.setCustoms(customs);
+        
+        APIRequestPage requestPage = new APIRequestPage();
+        requestPage.setPageNo(1);
+        requestPage.setLimit(50);
+        request.setRequestPage(requestPage);
+
+        APIResult<PermissionPageList<PermissionViewDTO>> response = getPeoplePermission(request);
+        System.out.println("------------------------------------------------------------");
+        System.out.println("------------------------------------------------------------");
+        System.out.println(response);
+
+    }
+
+
+
+
+    /**
+     * 人员权限一览表 查询（支持分页和模糊查询）
+     */
+    @Transactional(readOnly = true)
+    public APIResult<PermissionPageList<PermissionViewDTO>> getPeoplePermission(APIRequest request) {
+
+        String peopleName = (String) getCustomParamFormRequest(request, "roleName");
+        String pageName = (String) getCustomParamFormRequest(request, "pageName");
+
+        int page = 1;
+        int limit = 50;
+        if (null != request.getRequestPage() && request.getRequestPage().getPageNo() > 0 && request.getRequestPage().getLimit() > 0) {
+            page = request.getRequestPage().getPageNo();
+            limit = request.getRequestPage().getLimit();
+        }
+
+        // 1. 获取所有有效用户（按名称排序），并根据 peopleName 过滤
+        List<UserDO> rawUsers = partyRoleProviderDao.getAllUsers(peopleName);
+        // 按名称排序
+        rawUsers.sort(Comparator.comparing(UserDO::getName));
+
+        // 去重：若存在同名用户，保留第一个并记录警告（确保 roles 列表与权限 Map 的 key 数量一致）
+        Map<String, UserDO> uniqueUserMap = new LinkedHashMap<>();
+        for (UserDO user : rawUsers) {
+            if (uniqueUserMap.containsKey(user.getName())) {
+                logger.warn("发现重复的用户名称: {}, 已忽略其中一个", user.getName());
+            } else {
+                uniqueUserMap.put(user.getName(), user);
+            }
+        }
+        List<UserDO> allUsers = new ArrayList<>(uniqueUserMap.values());
+        List<String> userNames = allUsers.stream().map(UserDO::getName).collect(Collectors.toList());
+
+        // 2. 获取所有原始资源（DISPLAY_IN_MENU_ = 'Y'）
+        List<ResourceRawDO> rawResources = partyRoleProviderDao.getAllDisplayableResources();
+
+        // 3. 在内存中构建有效资源树，过滤父级不显示的，生成 displayName 和 sortPath
+        List<ResourceDO> validResources = buildValidResources(rawResources);
+
+        // 4. 应用资源名称过滤（匹配的资源及其所有父级）
+        if (StringUtils.isNotBlank(pageName)) {
+            //找出所有匹配的资源ID
+            Set<String> matchedIds = new HashSet<>();
+            for(ResourceDO res : validResources){
+                if(res.getDisplayName().contains(pageName)){
+                    matchedIds.add(res.getId());
+                }
+            }
+            
+            //构建id到ResourceDO的映射
+            Map<String, ResourceDO> idToResourceMap = new HashMap<>();
+            for(ResourceDO res : validResources){
+                idToResourceMap.put(res.getId(), res);
+            }
+            
+            //收集匹配资源及其所有父级
+            Set<String> resultIds = new HashSet<>();
+            for(String matchedId : matchedIds){
+                resultIds.add(matchedId);
+                //向上查找所有父级
+                ResourceDO current = idToResourceMap.get(matchedId);
+                while(current != null && StringUtils.isNotBlank(current.getParentId()) && !"0".equals(current.getParentId())){
+                    resultIds.add(current.getParentId());
+                    current = idToResourceMap.get(current.getParentId());
+                }
+            }
+            
+            //过滤出结果
+            validResources = validResources.stream()
+                    .filter(r -> resultIds.contains(r.getId()))
+                    .collect(Collectors.toList());
+        }
+
+        // 5. 总记录数（用于分页）
+        int totalCount = validResources.size();
+        int totalPages = (int) Math.ceil((double) totalCount / limit);
+        int offset = (page - 1) * limit;
+
+        // 6. 对资源进行分页
+        List<ResourceDO> pagedResources = validResources.stream()
+                .skip(offset)
+                .limit(limit)
+                .collect(Collectors.toList());
+
+        // 7. 获取角色-资源权限关系
+        List<RoleResourceDO> roleResources = partyRoleProviderDao.getValidRoleResources();
+        Map<String, Set<String>> roleResMap = new HashMap<>();
+        for (RoleResourceDO rr : roleResources) {
+            roleResMap.computeIfAbsent(rr.getRoleId(), k -> new HashSet<>()).add(rr.getResId());
+        }
+
+        // 8. 构建用户 -> 资源权限的映射（通过用户拥有的角色）
+        Map<String, Set<String>> userResMap = new HashMap<>();
+        for (UserDO user : allUsers) {
+            Set<String> userResIds = new HashSet<>();
+            if (StringUtils.isNotBlank(user.getJob())) {
+                String[] roleIds = user.getJob().split(",");
+                for (String roleId : roleIds) {
+                    Set<String> resSet = roleResMap.get(roleId);
+                    if (resSet != null) {
+                        userResIds.addAll(resSet);
+                    }
+                }
+            }
+            userResMap.put(user.getId(), userResIds);
+        }
+
+        // 9. 构建一个包含所有用户且默认值为 false 的 Map 模板
+        Map<String, Boolean> defaultUserPermissionMap = new LinkedHashMap<>();
+        for (UserDO user : allUsers) {
+            defaultUserPermissionMap.put(user.getName(), false);
+        }
+
+        // 10. 构建当前页的权限数据
+        List<PagePermissionDTO> permissionList = new ArrayList<>();
+        for (ResourceDO res : pagedResources) {
+            PagePermissionDTO dto = new PagePermissionDTO();
+            dto.setPageId(res.getId());
+            dto.setPageName(res.getDisplayName());
+
+            // 复制默认 map，然后为有权限的用户设置为 true
+            Map<String, Boolean> permissions = new LinkedHashMap<>(defaultUserPermissionMap);
+            for (UserDO user : allUsers) {
+                if (userResMap.getOrDefault(user.getId(), Collections.emptySet()).contains(res.getId())) {
+                    permissions.put(user.getName(), true);
+                }
+            }
+            dto.setRolePermissions(permissions);
+            permissionList.add(dto);
+        }
+
+        // 11. 构建返回对象
+        PermissionViewDTO viewDTO = new PermissionViewDTO(userNames, permissionList);
+        PermissionPageList<PermissionViewDTO> pageList = new PermissionPageList<>();
+        pageList.setData(viewDTO);
+        pageList.setPageResult(new APIPageResult(page, limit, totalCount));
+
+        APIResult<PermissionPageList<PermissionViewDTO>> result = new APIResult<>();
+        result.setState(200);
+        result.setMessage("查询成功");
+        result.setData(pageList);
+        return result;
+    }
+
+
+    /**
+     * 构建有效资源列表，过滤父级不显示的，并生成 displayName 和 sortPath
+     */
+    private List<ResourceDO> buildValidResources(List<ResourceRawDO> rawResources) {
+        // 构建 id -> ResourceRawDO 的映射
+        Map<String, ResourceRawDO> rawMap = rawResources.stream()
+                .collect(Collectors.toMap(ResourceRawDO::getId, r -> r));
+
+        // 过滤出所有父级都显示的资源 ID
+        Set<String> validIds = new HashSet<>();
+        for (ResourceRawDO res : rawResources) {
+            if (allParentsDisplay(res, rawMap)) {
+                validIds.add(res.getId());
+            }
+        }
+
+        // 对有效资源构建 displayName 和 sortPath
+        List<ResourceDO> result = new ArrayList<>();
+        for (ResourceRawDO res : rawResources) {
+            if (!validIds.contains(res.getId())) {
+                continue;
+            }
+            ResourceDO dto = new ResourceDO();
+            dto.setId(res.getId());
+            dto.setName(res.getName());
+            dto.setSn(res.getSn());
+            dto.setParentId(res.getParentId());
+            dto.setPath(res.getPath());
+            dto.setDisplayName(buildDisplayName(res, rawMap));
+            dto.setSortPath(buildSortPath(res, rawMap));
+            result.add(dto);
+        }
+
+        // 按 sortPath 排序
+        result.sort(Comparator.comparing(ResourceDO::getSortPath));
+        return result;
+    }
+
+
+    /**
+     * 检查资源的所有父级是否都显示
+     */
+    private boolean allParentsDisplay(ResourceRawDO res, Map<String, ResourceRawDO> rawMap) {
+        String path = res.getPath();
+        if (StringUtils.isBlank(path)) {
+            return true; // 根节点
+        }
+        String[] ids = path.split("\\.");
+        for (int i = 0; i < ids.length - 1; i++) { // 最后一个 ID 是自身，不检查
+            String pid = ids[i];
+            ResourceRawDO parent = rawMap.get(pid);
+            if (parent == null || !"Y".equals(parent.getDisplayInMenu())) {
+                return false;
+            }
+        }
+        return true;
+    }
+
+    /**
+     * 构建显示名称（如：设施环境管理/安全管理）
+     */
+    private String buildDisplayName(ResourceRawDO res, Map<String, ResourceRawDO> rawMap) {
+        String path = res.getPath();
+        if (StringUtils.isBlank(path)) {
+            return res.getName();
+        }
+        String[] ids = path.split("\\.");
+        List<String> names = new ArrayList<>();
+        for (String id : ids) {
+            ResourceRawDO node = rawMap.get(id);
+            if (node != null) {
+                names.add(node.getName());
+            }
+        }
+        return String.join("/", names);
+    }
+
+    /**
+     * 构建排序路径（各层 SN_ 左补零后拼接）
+     */
+    private String buildSortPath(ResourceRawDO res, Map<String, ResourceRawDO> rawMap) {
+        String path = res.getPath();
+        if (StringUtils.isBlank(path)) {
+            return String.format("%010d", res.getSn() != null ? res.getSn() : 0);
+        }
+        String[] ids = path.split("\\.");
+        List<String> snParts = new ArrayList<>();
+        for (String id : ids) {
+            ResourceRawDO node = rawMap.get(id);
+            if (node != null && node.getSn() != null) {
+                snParts.add(String.format("%010d", node.getSn()));
+            }
+        }
+        return String.join(".", snParts);
+    }
+
 }