From 3e6c4eb92f7b5e703c17df4d24d497d2f0d37f97 Mon Sep 17 00:00:00 2001
From: DaxPay <xxm1995@outlook.com>
Date: Thu, 10 Oct 2024 18:36:53 +0800
Subject: [PATCH] =?UTF-8?q?fix=20=E8=A7=92=E8=89=B2=E5=88=86=E9=85=8D?=
 =?UTF-8?q?=E5=88=A4=E6=96=AD=E6=98=AF=E5=90=A6=E8=B6=8A=E6=9D=83=E6=9C=AA?=
 =?UTF-8?q?=E8=80=83=E8=99=91=E5=88=B0=E5=AD=90=E5=AD=99=E8=A7=92=E8=89=B2?=
 =?UTF-8?q?,=20=E8=A1=A5=E5=85=85=E4=B8=80=E4=BA=9B=E8=AF=B7=E6=B1=82?=
 =?UTF-8?q?=E6=9D=83=E9=99=90=E6=B3=A8=E8=A7=A3?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

---
 .../cache/manager/CachingConfiguration.java   |  4 +--
 .../iam/service/upms/UserRoleService.java     | 32 ++++++++++---------
 daxpay-single-server/pom.xml                  |  2 +-
 .../src/main/resources/application-demo.yml   |  5 ++-
 .../allocation/AllocGroupController.java      | 19 ++++++++++-
 .../allocation/AllocReceiverController.java   | 12 +++++--
 .../config/PlatformConfigController.java      | 11 +++++--
 7 files changed, 60 insertions(+), 25 deletions(-)

diff --git a/bootx-platform/bootx-platform-common/common-cache/src/main/java/cn/bootx/platform/common/cache/manager/CachingConfiguration.java b/bootx-platform/bootx-platform-common/common-cache/src/main/java/cn/bootx/platform/common/cache/manager/CachingConfiguration.java
index 72e8b3de..f967c099 100644
--- a/bootx-platform/bootx-platform-common/common-cache/src/main/java/cn/bootx/platform/common/cache/manager/CachingConfiguration.java
+++ b/bootx-platform/bootx-platform-common/common-cache/src/main/java/cn/bootx/platform/common/cache/manager/CachingConfiguration.java
@@ -7,7 +7,7 @@ import org.springframework.boot.autoconfigure.condition.ConditionalOnClass;
 import org.springframework.boot.autoconfigure.condition.ConditionalOnProperty;
 import org.springframework.boot.context.properties.EnableConfigurationProperties;
 import org.springframework.cache.CacheManager;
-import org.springframework.cache.annotation.CachingConfigurerSupport;
+import org.springframework.cache.annotation.CachingConfigurer;
 import org.springframework.cache.annotation.EnableCaching;
 import org.springframework.cache.interceptor.KeyGenerator;
 import org.springframework.context.annotation.Bean;
@@ -31,7 +31,7 @@ import java.time.Duration;
 @EnableConfigurationProperties(CachingProperties.class)
 @ConditionalOnClass(CacheManager.class)
 @ConditionalOnProperty(prefix = "bootx-platform.cache", value = "enabled", havingValue = "true", matchIfMissing = true)
-public class CachingConfiguration extends CachingConfigurerSupport {
+public class CachingConfiguration implements CachingConfigurer {
 
     private final CachingProperties cachingProperties;
 
diff --git a/bootx-platform/bootx-platform-service/service-iam/src/main/java/cn/bootx/platform/iam/service/upms/UserRoleService.java b/bootx-platform/bootx-platform-service/service-iam/src/main/java/cn/bootx/platform/iam/service/upms/UserRoleService.java
index a7bf6ea5..f1737e8f 100644
--- a/bootx-platform/bootx-platform-service/service-iam/src/main/java/cn/bootx/platform/iam/service/upms/UserRoleService.java
+++ b/bootx-platform/bootx-platform-service/service-iam/src/main/java/cn/bootx/platform/iam/service/upms/UserRoleService.java
@@ -4,13 +4,14 @@ import cn.bootx.platform.common.mybatisplus.util.MpUtil;
 import cn.bootx.platform.core.entity.UserDetail;
 import cn.bootx.platform.core.exception.BizException;
 import cn.bootx.platform.core.exception.ValidationFailedException;
+import cn.bootx.platform.core.util.TreeBuildUtil;
 import cn.bootx.platform.iam.dao.role.RoleManager;
 import cn.bootx.platform.iam.dao.upms.UserRoleManager;
 import cn.bootx.platform.iam.dao.user.UserInfoManager;
-import cn.bootx.platform.iam.entity.role.Role;
 import cn.bootx.platform.iam.entity.upms.UserRole;
 import cn.bootx.platform.iam.entity.user.UserInfo;
 import cn.bootx.platform.iam.result.role.RoleResult;
+import cn.bootx.platform.iam.service.role.RoleQueryService;
 import cn.bootx.platform.starter.auth.util.SecurityUtil;
 import cn.hutool.core.collection.CollUtil;
 import lombok.RequiredArgsConstructor;
@@ -36,6 +37,8 @@ public class UserRoleService {
 
     private final RoleManager roleManager;
 
+    private final RoleQueryService roleQueryService;
+
     private final UserInfoManager userInfoManager;
 
     private final UserRoleManager userRoleManager;
@@ -46,7 +49,12 @@ public class UserRoleService {
     @Transactional(rollbackFor = Exception.class)
     public void saveAssign(Long userId, List<Long> roleIds) {
         // 判断是否越权
-        List<Long> roleIdsByUser = this.findRoleIdsByUser();
+        List<RoleResult> roleTree = roleQueryService.tree();
+        List<Long> roleIdsByUser = TreeBuildUtil.unfold(roleTree, RoleResult::getChildren)
+                .stream()
+                .distinct()
+                .map(RoleResult::getId)
+                .toList();
         if (!CollUtil.containsAll(roleIdsByUser, roleIds)){
             throw new ValidationFailedException("角色分配超出了可分配的范围");
         }
@@ -63,7 +71,13 @@ public class UserRoleService {
      */
     @Transactional(rollbackFor = Exception.class)
     public void saveAssignBatch(List<Long> userIds, List<Long> roleIds) {
-        List<Long> roleIdsByUser = this.findRoleIdsByUser();
+        // 判断是否越权
+        List<RoleResult> roleTree = roleQueryService.tree();
+        List<Long> roleIdsByUser = TreeBuildUtil.unfold(roleTree, RoleResult::getChildren)
+                .stream()
+                .distinct()
+                .map(RoleResult::getId)
+                .toList();
         if (!CollUtil.containsAll(roleIdsByUser, roleIds)){
             throw new ValidationFailedException("角色分配超出了可分配的范围");
         }
@@ -106,18 +120,6 @@ public class UserRoleService {
             .toList();
     }
 
-    /**
-     * 查询用户关联的角色, 超级管理员返回全部
-     */
-    private List<Long> findRoleIdsByUser() {
-        UserDetail user = SecurityUtil.getUser();
-        if (user.isAdmin()){
-            return roleManager.findAll().stream().map(Role::getId).toList();
-        } else {
-            return findRoleIdsByUser(user.getId());
-        }
-    }
-
     /**
      * 判断当前登录用户和指定角色是否为符合下列条件
      * 1. 为超级管理员
diff --git a/daxpay-single-server/pom.xml b/daxpay-single-server/pom.xml
index 33043888..f11f4947 100644
--- a/daxpay-single-server/pom.xml
+++ b/daxpay-single-server/pom.xml
@@ -106,7 +106,7 @@
     </dependencies>
 
     <build>
-        <finalName>daxpay-admin</finalName>
+        <finalName>daxpay-server</finalName>
         <plugins>
             <!-- spring-boot -->
             <plugin>
diff --git a/daxpay-single-server/src/main/resources/application-demo.yml b/daxpay-single-server/src/main/resources/application-demo.yml
index 2fed2445..6a8bd6fb 100644
--- a/daxpay-single-server/src/main/resources/application-demo.yml
+++ b/daxpay-single-server/src/main/resources/application-demo.yml
@@ -49,7 +49,10 @@ bootx-platform:
           - org.dromara.daxpay.channel
   starter:
     auth:
-      enable-admin: true
+      # 是否启用超级管理员登录
+      enable-admin: false
+      # 用户管理列表中是否显示超级管理员
+      admin-in-list: false
       ignore-urls:
         - '/actuator/**'
         - '/swagger-resources/**'
diff --git a/daxpay-single/daxpay-single-service/src/main/java/org/dromara/daxpay/service/controller/allocation/AllocGroupController.java b/daxpay-single/daxpay-single-service/src/main/java/org/dromara/daxpay/service/controller/allocation/AllocGroupController.java
index 24079a3c..6378faad 100644
--- a/daxpay-single/daxpay-single-service/src/main/java/org/dromara/daxpay/service/controller/allocation/AllocGroupController.java
+++ b/daxpay-single/daxpay-single-service/src/main/java/org/dromara/daxpay/service/controller/allocation/AllocGroupController.java
@@ -1,5 +1,7 @@
 package org.dromara.daxpay.service.controller.allocation;
 
+import cn.bootx.platform.core.annotation.RequestGroup;
+import cn.bootx.platform.core.annotation.RequestPath;
 import cn.bootx.platform.core.rest.Res;
 import cn.bootx.platform.core.rest.param.PageParam;
 import cn.bootx.platform.core.rest.result.PageResult;
@@ -15,6 +17,7 @@ import org.dromara.daxpay.service.param.allocation.group.AllocGroupUnbindParam;
 import org.dromara.daxpay.service.result.allocation.AllocGroupReceiverResult;
 import org.dromara.daxpay.service.result.allocation.AllocGroupResult;
 import org.dromara.daxpay.service.service.allocation.AllocGroupService;
+import org.springframework.validation.annotation.Validated;
 import org.springframework.web.bind.annotation.*;
 
 import java.math.BigDecimal;
@@ -25,38 +28,44 @@ import java.util.List;
  * @author xxm
  * @since 2024/4/2
  */
+@Validated
 @Tag(name = "分账组")
 @RestController
 @RequestMapping("/allocation/group")
+@RequestGroup(groupCode = "AllocGroup", groupName = "分账组", moduleCode = "Alloc", moduleName = "分账管理" )
 @RequiredArgsConstructor
 public class AllocGroupController {
     private final AllocGroupService allocGroupService;
 
+    @RequestPath("分页")
     @Operation(summary = "分页")
     @GetMapping("/page")
     public Result<PageResult<AllocGroupResult>> page(PageParam pageParam, AllocGroupQuery query){
         return Res.ok(allocGroupService.page(pageParam,query));
     }
 
+    @RequestPath("查询详情")
     @Operation(summary = "查询详情")
     @GetMapping("/findById")
     public Result<AllocGroupResult> findById(Long id){
         return Res.ok(allocGroupService.findById(id));
     }
 
-
+    @RequestPath("编码是否存在")
     @Operation(summary = "编码是否存在")
     @GetMapping("/existsByGroupNo")
     public Result<Boolean> existsByGroupNo(String groupNo, String appId){
         return Res.ok(allocGroupService.existsByGroupNo(groupNo, appId));
     }
 
+    @RequestPath("查询分账接收方信息")
     @Operation(summary = "查询分账接收方信息")
     @GetMapping("/findReceiversByGroups")
     public Result<List<AllocGroupReceiverResult>> findReceiversByGroups(Long groupId){
         return Res.ok(allocGroupService.findReceiversByGroups(groupId));
     }
 
+    @RequestPath("添加")
     @Operation(summary = "创建")
     @PostMapping("/create")
     public Result<Void> create(@RequestBody AllocGroupParam param){
@@ -64,6 +73,7 @@ public class AllocGroupController {
         return Res.ok();
     }
 
+    @RequestPath("修改")
     @Operation(summary = "修改")
     @PostMapping("/update")
     public Result<Void> update(@RequestBody AllocGroupParam param){
@@ -71,6 +81,7 @@ public class AllocGroupController {
         return Res.ok();
     }
 
+    @RequestPath("删除")
     @Operation(summary = "删除")
     @PostMapping("/delete")
     public Result<Void> delete(Long id){
@@ -78,6 +89,7 @@ public class AllocGroupController {
         return Res.ok();
     }
 
+    @RequestPath("批量绑定接收者")
     @Operation(summary = "批量绑定接收者")
     @PostMapping("/bindReceivers")
     public Result<Void> bindReceivers(@RequestBody AllocGroupBindParam param){
@@ -86,6 +98,7 @@ public class AllocGroupController {
         return Res.ok();
     }
 
+    @RequestPath("批量取消绑定接收者")
     @Operation(summary = "批量取消绑定接收者")
     @PostMapping("/unbindReceivers")
     public Result<Void> unbindReceivers(@RequestBody AllocGroupUnbindParam param){
@@ -93,6 +106,7 @@ public class AllocGroupController {
         return Res.ok();
     }
 
+    @RequestPath("取消绑定接收者")
     @Operation(summary = "取消绑定接收者")
     @PostMapping("/unbindReceiver")
     public Result<Void> unbindReceiver(Long receiverId){
@@ -100,6 +114,7 @@ public class AllocGroupController {
         return Res.ok();
     }
 
+    @RequestPath("修改分账比例")
     @Operation(summary = "修改分账比例")
     @PostMapping("/updateRate")
     public Result<Void> updateRate(Long receiverId, BigDecimal rate){
@@ -107,6 +122,7 @@ public class AllocGroupController {
         return Res.ok();
     }
 
+    @RequestPath("设置默认分账组")
     @Operation(summary = "设置默认分账组")
     @PostMapping("/setDefault")
     public Result<Void> setDefault(Long id){
@@ -114,6 +130,7 @@ public class AllocGroupController {
         return Res.ok();
     }
 
+    @RequestPath("清除默认分账组")
     @Operation(summary = "清除默认分账组")
     @PostMapping("/clearDefault")
     public Result<Void> clearDefault(Long id){
diff --git a/daxpay-single/daxpay-single-service/src/main/java/org/dromara/daxpay/service/controller/allocation/AllocReceiverController.java b/daxpay-single/daxpay-single-service/src/main/java/org/dromara/daxpay/service/controller/allocation/AllocReceiverController.java
index 1497b2b3..4c80eb28 100644
--- a/daxpay-single/daxpay-single-service/src/main/java/org/dromara/daxpay/service/controller/allocation/AllocReceiverController.java
+++ b/daxpay-single/daxpay-single-service/src/main/java/org/dromara/daxpay/service/controller/allocation/AllocReceiverController.java
@@ -1,5 +1,7 @@
 package org.dromara.daxpay.service.controller.allocation;
 
+import cn.bootx.platform.core.annotation.RequestGroup;
+import cn.bootx.platform.core.annotation.RequestPath;
 import cn.bootx.platform.core.rest.Res;
 import cn.bootx.platform.core.rest.dto.LabelValue;
 import cn.bootx.platform.core.rest.param.PageParam;
@@ -28,6 +30,7 @@ import java.util.List;
 @Validated
 @Tag(name = "分账接收方控制器")
 @RestController
+@RequestGroup(groupCode = "AllocReceiver", groupName = "分账接收方", moduleCode = "Alloc", moduleName = "分账管理" )
 @RequestMapping("/allocation/receiver")
 @RequiredArgsConstructor
 public class AllocReceiverController {
@@ -35,26 +38,28 @@ public class AllocReceiverController {
     private final AllocReceiverService receiverService;
     private final PaymentAssistService paymentAssistService;
 
-
+    @RequestPath("分页")
     @Operation(summary = "分页")
     @GetMapping("/page")
     public Result<PageResult<AllocReceiverResult>> page(PageParam pageParam, AllocReceiverQuery query){
         return Res.ok(receiverService.page(pageParam, query));
     }
 
+    @RequestPath("查询详情")
     @Operation(summary = "查询详情")
     @GetMapping("/findById")
     public Result<AllocReceiverResult> findById(Long id){
         return Res.ok(receiverService.findById(id));
     }
 
+    @RequestPath("编码是否存在")
     @Operation(summary = "编码是否存在")
     @GetMapping("/existsByReceiverNo")
     public Result<Boolean> existsByReceiverNo(@NotBlank(message = "接收者编号必填") String receiverNo,@NotBlank(message = "商户应用ID必填") String appId){
         return Res.ok(receiverService.existsByReceiverNo(receiverNo, appId));
     }
 
-
+    @RequestPath("添加")
     @Operation(summary = "添加")
     @PostMapping("/add")
     public Result<Void> add(@RequestBody @Validated AllocReceiverAddParam param){
@@ -63,6 +68,7 @@ public class AllocReceiverController {
         return Res.ok();
     }
 
+    @RequestPath("删除")
     @Operation(summary = "删除")
     @PostMapping("/delete")
     public Result<Void> delete(@RequestBody @Validated AllocReceiverRemoveParam param){
@@ -71,12 +77,14 @@ public class AllocReceiverController {
         return Res.ok();
     }
 
+    @RequestPath("可分账的通道列表")
     @Operation(summary = "可分账的通道列表")
     @GetMapping("/findChannels")
     public Result<List<LabelValue>> findChannels(){
         return Res.ok(receiverService.findChannels());
     }
 
+    @RequestPath("根据通道获取分账接收方类型")
     @Operation(summary = "根据通道获取分账接收方类型")
     @GetMapping("/findReceiverTypeByChannel")
     public Result<List<LabelValue>> findReceiverTypeByChannel(String channel){
diff --git a/daxpay-single/daxpay-single-service/src/main/java/org/dromara/daxpay/service/controller/config/PlatformConfigController.java b/daxpay-single/daxpay-single-service/src/main/java/org/dromara/daxpay/service/controller/config/PlatformConfigController.java
index e2810c52..36c177ff 100644
--- a/daxpay-single/daxpay-single-service/src/main/java/org/dromara/daxpay/service/controller/config/PlatformConfigController.java
+++ b/daxpay-single/daxpay-single-service/src/main/java/org/dromara/daxpay/service/controller/config/PlatformConfigController.java
@@ -1,13 +1,15 @@
 package org.dromara.daxpay.service.controller.config;
 
+import cn.bootx.platform.core.annotation.RequestGroup;
+import cn.bootx.platform.core.annotation.RequestPath;
 import cn.bootx.platform.core.rest.Res;
 import cn.bootx.platform.core.rest.result.Result;
-import org.dromara.daxpay.service.param.config.PlatformConfigParam;
-import org.dromara.daxpay.service.result.config.PlatformConfigResult;
-import org.dromara.daxpay.service.service.config.PlatformConfigService;
 import io.swagger.v3.oas.annotations.Operation;
 import io.swagger.v3.oas.annotations.tags.Tag;
 import lombok.RequiredArgsConstructor;
+import org.dromara.daxpay.service.param.config.PlatformConfigParam;
+import org.dromara.daxpay.service.result.config.PlatformConfigResult;
+import org.dromara.daxpay.service.service.config.PlatformConfigService;
 import org.springframework.web.bind.annotation.*;
 
 /**
@@ -17,17 +19,20 @@ import org.springframework.web.bind.annotation.*;
  */
 @Tag(name = "平台配置")
 @RestController
+@RequestGroup(groupCode = "PlatformConfig", groupName = "平台配置", moduleCode = "PayConfig")
 @RequestMapping("/platform/config")
 @RequiredArgsConstructor
 public class PlatformConfigController {
     private final PlatformConfigService platformConfigService;
 
+    @RequestPath("获取配置")
     @Operation(summary = "获取配置")
     @GetMapping("/get")
     public Result<PlatformConfigResult> get() {
         return Res.ok(platformConfigService.getConfig().toResult());
     }
 
+    @RequestPath("更新配置")
     @Operation(summary = "更新配置")
     @PostMapping("/update")
     public Result<Void> update(@RequestBody PlatformConfigParam param) {