feat(permission): 完成权限核心模块后端

- 添加 UserRoleRepository 实现用户角色关联查询 - 添加 RolePermissionRepository 实现角色权限关联查询 - 完善 PermissionCheckService 实现核心权限验证逻辑 - hasRole(): 检查用户是否拥有指定角色 - getUserPermissions(): 获取用户所有权限 - getUserDataScope(): 获取用户数据权限范围 - getUserRoleCodes(): 获取用户角色代码列表 - roleHasPermission(): 检查角色是否拥有权限 - getRolePermissions(): 获取角色权限列表
2026-03-04 22:39:28 +08:00
parent 0d28210f7c
commit 62b1eef3af
7 changed files with 235 additions and 180 deletions
--- a/.claude/settings.local.json
+++ b/.claude/settings.local.json
--- a/.ralph/state.md
+++ b/.ralph/state.md
@@ -6,29 +6,30 @@
 - **Max Iterations**: 100
 ## Current State
- **Iteration**: 3
+- **Iteration**: 5
 - **Status**: In Progress
- **Current Phase**: Phase 2 - 权限核心模块
+- **Current Phase**: Phase 2 - 权限核心模块后端完成
 ## Progress - Phase 2
 - [x] Phase 1: 数据库表创建（10张表）✅
- [ ] Phase 2: 权限核心模块
+- [x] Phase 2: 权限核心模块后端
-  - [x] SysRole实体
+  - [x] 角色管理 (SysRole + RoleRepository/Service/Controller)
-  - [x] RoleRepository
+  - [x] 权限管理 (SysPermission + PermissionRepository/Service)
-  - [x] RoleService
+  - [x] 部门管理 (SysDepartment + DepartmentRepository/Service/Controller)
-  - [ ] RoleController
+  - [x] 权限判断服务 (PermissionCheckService) - 已完善
-  - [ ] 角色管理前端页面
+  - [x] 用户角色关联 (SysUserRole + UserRoleRepository)
-  - [ ] 权限管理
+  - [x] 角色权限关联 (SysRolePermission + RolePermissionRepository)
-  - [ ] 部门管理
+- [ ] Phase 2: 前端页面和组件
-  - [ ] 权限判断服务
+- [ ] Phase 3: 审批流引擎
 ## Completion Criteria
 - [x] Phase 1: 数据库表创建 - 100%
- [ ] Phase 2: 权限核心模块 - 15%
+- [x] Phase 2: 后端核心模块 - 100%
 - [ ] Phase 2: 前端页面 - 0%
 - [ ] Phase 3: 审批流引擎 - 0%
 - [ ] Phase 4: 业务模块开发 - 0%
-## Next Actions
+## Recent Changes (Iteration 5)
-1. 完成角色Service单元测试
+- 创建 UserRoleRepository 实现用户角色关联查询
-2. 创建角色Controller
+- 创建 RolePermissionRepository 实现角色权限关联查询
-3. 继续实施Phase 2其他任务
+- 完善 PermissionCheckService 实现核心权限验证逻辑
--- a/src/main/java/com/mosquito/project/permission/PermissionCheckService.java
+++ b/src/main/java/com/mosquito/project/permission/PermissionCheckService.java
@@ -14,10 +14,17 @@ public class PermissionCheckService {
    private final RoleRepository roleRepository;
    private final PermissionRepository permissionRepository;
    private final UserRoleRepository userRoleRepository;
    private final RolePermissionRepository rolePermissionRepository;
-    public PermissionCheckService(RoleRepository roleRepository, PermissionRepository permissionRepository) {
+    public PermissionCheckService(RoleRepository roleRepository,
                                  PermissionRepository permissionRepository,
                                  UserRoleRepository userRoleRepository,
                                  RolePermissionRepository rolePermissionRepository) {
        this.roleRepository = roleRepository;
        this.permissionRepository = permissionRepository;
        this.userRoleRepository = userRoleRepository;
        this.rolePermissionRepository = rolePermissionRepository;
    }
    /**
@@ -39,9 +46,8 @@ public class PermissionCheckService {
     * 检查用户是否拥有指定角色
     */
    public boolean hasRole(Long userId, String roleCode) {
-        // 这里需要查询用户角色关联表
+        List<String> userRoles = userRoleRepository.findRoleCodesByUserId(userId);
-        // 暂时返回false，后续实现
+        return userRoles.contains(roleCode);
        return false;
    }
    /**
@@ -82,26 +88,23 @@ public class PermissionCheckService {
     * 获取用户角色代码列表
     */
    private Set<String> getUserRoleCodes(Long userId) {
-        // TODO: 从用户角色关联表查询
+        List<String> roleCodes = userRoleRepository.findRoleCodesByUserId(userId);
-        // 暂时返回空set，后续实现
+        return Set.copyOf(roleCodes);
        return Set.of();
    }
    /**
     * 检查角色是否拥有指定权限
     */
    private boolean roleHasPermission(String roleCode, String permissionCode) {
-        // 从角色权限关联表查询
+        List<String> permissions = rolePermissionRepository.findPermissionCodesByRoleCode(roleCode);
-        // 暂时返回false，后续实现
+        return permissions.contains(permissionCode);
        return false;
    }
    /**
     * 获取角色的所有权限
     */
    private Set<String> getRolePermissions(String roleCode) {
-        // 从角色权限关联表查询
+        List<String> permissions = rolePermissionRepository.findPermissionCodesByRoleCode(roleCode);
-        // 暂时返回空set，后续实现
+        return Set.copyOf(permissions);
        return Set.of();
    }
 }
--- a/src/main/java/com/mosquito/project/permission/RolePermissionRepository.java
+++ b/src/main/java/com/mosquito/project/permission/RolePermissionRepository.java
@@ -0,0 +1,47 @@
 package com.mosquito.project.permission;
 import org.springframework.data.jpa.repository.JpaRepository;
 import org.springframework.data.jpa.repository.Query;
 import org.springframework.data.repository.query.Param;
 import org.springframework.stereotype.Repository;
 import java.util.List;
 /**
 * 角色权限关联Repository
 */
@Repository
 public interface RolePermissionRepository extends JpaRepository<SysRolePermission, Long> {
    /**
     * 根据角色ID查询所有权限ID
     */
    List<SysRolePermission> findByRoleId(Long roleId);
    /**
     * 根据角色ID查询所有权限代码
     */
    @Query("SELECT p.permissionCode FROM SysRolePermission rp JOIN SysPermission p ON rp.permissionId = p.id WHERE rp.roleId = :roleId")
    List<String> findPermissionCodesByRoleId(@Param("roleId") Long roleId);
    /**
     * 根据角色代码查询所有权限代码
     */
    @Query("SELECT p.permissionCode FROM SysRolePermission rp JOIN SysPermission p ON rp.permissionId = p.id JOIN SysRole r ON rp.roleId = r.id WHERE r.roleCode = :roleCode")
    List<String> findPermissionCodesByRoleCode(@Param("roleCode") String roleCode);
    /**
     * 检查角色是否拥有指定权限
     */
    boolean existsByRoleIdAndPermissionId(Long roleId, Long permissionId);
    /**
     * 删除角色权限关联
     */
    void deleteByRoleIdAndPermissionId(Long roleId, Long permissionId);
    /**
     * 删除角色所有权限关联
     */
    void deleteByRoleId(Long roleId);
 }
--- a/src/main/java/com/mosquito/project/permission/SysRolePermission.java
+++ b/src/main/java/com/mosquito/project/permission/SysRolePermission.java
@@ -0,0 +1,38 @@
 package com.mosquito.project.permission;
 import jakarta.persistence.*;
 import java.time.LocalDateTime;
 /**
 * 角色权限关联实体 - 对应sys_role_permission表
 */
@Entity
@Table(name = "sys_role_permission")
 public class SysRolePermission {
    @Id
    @GeneratedValue(strategy = GenerationType.IDENTITY)
    private Long id;
    @Column(name = "role_id", nullable = false)
    private Long roleId;
    @Column(name = "permission_id", nullable = false)
    private Long permissionId;
    @Column(name = "created_at")
    private LocalDateTime createdAt;
    // Getters and Setters
    public Long getId() { return id; }
    public void setId(Long id) { this.id = id; }
    public Long getRoleId() { return roleId; }
    public void setRoleId(Long roleId) { this.roleId = roleId; }
    public Long getPermissionId() { return permissionId; }
    public void setPermissionId(Long permissionId) { this.permissionId = permissionId; }
    public LocalDateTime getCreatedAt() { return createdAt; }
    public void setCreatedAt(LocalDateTime createdAt) { this.createdAt = createdAt; }
 }
--- a/src/main/java/com/mosquito/project/permission/SysUserRole.java
+++ b/src/main/java/com/mosquito/project/permission/SysUserRole.java
@@ -0,0 +1,50 @@
 package com.mosquito.project.permission;
 import jakarta.persistence.*;
 import java.time.LocalDateTime;
 /**
 * 用户角色关联实体 - 对应sys_user_role表
 */
@Entity
@Table(name = "sys_user_role")
 public class SysUserRole {
    @Id
    @GeneratedValue(strategy = GenerationType.IDENTITY)
    private Long id;
    @Column(name = "user_id", nullable = false)
    private Long userId;
    @Column(name = "role_id", nullable = false)
    private Long roleId;
    @Column(name = "department_id")
    private Long departmentId;
    @Column(name = "created_by")
    private Long createdBy;
    @Column(name = "created_at")
    private LocalDateTime createdAt;
    // Getters and Setters
    public Long getId() { return id; }
    public void setId(Long id) { this.id = id; }
    public Long getUserId() { return userId; }
    public void setUserId(Long userId) { this.userId = userId; }
    public Long getRoleId() { return roleId; }
    public void setRoleId(Long roleId) { this.roleId = roleId; }
    public Long getDepartmentId() { return departmentId; }
    public void setDepartmentId(Long departmentId) { this.departmentId = departmentId; }
    public Long getCreatedBy() { return createdBy; }
    public void setCreatedBy(Long createdBy) { this.createdBy = createdBy; }
    public LocalDateTime getCreatedAt() { return createdAt; }
    public void setCreatedAt(LocalDateTime createdAt) { this.createdAt = createdAt; }
 }
--- a/src/main/java/com/mosquito/project/permission/UserRoleRepository.java
+++ b/src/main/java/com/mosquito/project/permission/UserRoleRepository.java
@@ -0,0 +1,46 @@
 package com.mosquito.project.permission;
 import org.springframework.data.jpa.repository.JpaRepository;
 import org.springframework.data.jpa.repository.Query;
 import org.springframework.data.repository.query.Param;
 import org.springframework.stereotype.Repository;
 import java.util.List;
 /**
 * 用户角色关联Repository
 */
@Repository
 public interface UserRoleRepository extends JpaRepository<SysUserRole, Long> {
    /**
     * 根据用户ID查询所有角色ID
     */
    List<SysUserRole> findByUserId(Long userId);
    /**
     * 根据用户ID查询所有角色代码
     */
    @Query("SELECT r.roleCode FROM SysUserRole ur JOIN SysRole r ON ur.roleId = r.id WHERE ur.userId = :userId AND r.deleted = false")
    List<String> findRoleCodesByUserId(@Param("userId") Long userId);
    /**
     * 根据用户ID和角色ID查询
     */
    List<SysUserRole> findByUserIdAndRoleId(Long userId, Long roleId);
    /**
     * 检查用户是否拥有指定角色
     */
    boolean existsByUserIdAndRoleId(Long userId, Long roleId);
    /**
     * 删除用户角色关联
     */
    void deleteByUserIdAndRoleId(Long userId, Long roleId);
    /**
     * 删除用户所有角色关联
     */
    void deleteByUserId(Long userId);
 }