[Feature][scaleph-security] add user and role relation api (#645)

* feature: add user and role relation api

* feature: add user and role relation api

scaleph-api/src/main/java/cn/sliew/scaleph/api/controller/admin/SecAuthorizeController.java

@@ -22,11 +22,9 @@
 import cn.sliew.scaleph.security.service.SecAuthorizeService;
 import cn.sliew.scaleph.security.service.dto.SecResourceWebWithAuthorizeDTO;
 import cn.sliew.scaleph.security.service.dto.SecRoleDTO;
+import cn.sliew.scaleph.security.service.dto.SecUserDTO;
 import cn.sliew.scaleph.security.service.dto.UmiRoute;
-import cn.sliew.scaleph.security.service.param.SecResourceWebBatchAuthorizeForRoleParam;
-import cn.sliew.scaleph.security.service.param.SecResourceWebListByRoleParam;
-import cn.sliew.scaleph.security.service.param.SecRoleBatchAuthorizeForResourceWebParam;
-import cn.sliew.scaleph.security.service.param.SecRoleListByResourceWebParam;
+import cn.sliew.scaleph.security.service.param.*;
 import cn.sliew.scaleph.system.model.ResponseVO;
 import com.baomidou.mybatisplus.extension.plugins.pagination.Page;
 import io.swagger.v3.oas.annotations.Operation;
@@ -111,4 +109,68 @@ public ResponseEntity<ResponseVO> unauthorize(@Valid @RequestBody SecResourceWeb
         return new ResponseEntity<>(ResponseVO.success(), HttpStatus.OK);
     }
 
+    @Logging
+    @GetMapping("role/authorized-users")
+    @Operation(summary = "查询角色绑定用户列表", description = "查询角色绑定用户列表")
+    public ResponseEntity<Page<SecUserDTO>> listAuthorizedUsersByRoleId(@Valid SecUserListByRoleParam param) {
+        Page<SecUserDTO> result = secAuthorizeService.listAuthorizedUsersByRoleId(param);
+        return new ResponseEntity<>(result, HttpStatus.OK);
+    }
+
+    @Logging
+    @GetMapping("role/unauthorized-users")
+    @Operation(summary = "查询角色未绑定用户列表", description = "查询角色未绑定用户列表")
+    public ResponseEntity<Page<SecUserDTO>> listUnauthorizedUsersByRoleId(@Valid SecUserListByRoleParam param) {
+        Page<SecUserDTO> result = secAuthorizeService.listUnauthorizedUsersByRoleId(param);
+        return new ResponseEntity<>(result, HttpStatus.OK);
+    }
+
+    @Logging
+    @PutMapping("role/users")
+    @Operation(summary = "批量为角色绑定用户", description = "批量为角色绑定用户")
+    public ResponseEntity<ResponseVO> authorize(@Valid @RequestBody SecUserBatchAuthorizeForRoleParam param) {
+        secAuthorizeService.authorize(param);
+        return new ResponseEntity<>(ResponseVO.success(), HttpStatus.OK);
+    }
+
+    @Logging
+    @DeleteMapping("role/users")
+    @Operation(summary = "批量为角色解除用户绑定", description = "批量为角色解除用户绑定")
+    public ResponseEntity<ResponseVO> unauthorize(@Valid @RequestBody SecUserBatchAuthorizeForRoleParam param) {
+        secAuthorizeService.unauthorize(param);
+        return new ResponseEntity<>(ResponseVO.success(), HttpStatus.OK);
+    }
+
+    @Logging
+    @GetMapping("user/authorized-roles")
+    @Operation(summary = "查询用户绑定角色列表", description = "查询用户绑定角色列表")
+    public ResponseEntity<List<SecRoleDTO>> listAuthorizedRolesByUserId(@Valid SecRoleListByUserParam param) {
+        List<SecRoleDTO> result = secAuthorizeService.listAuthorizedRolesByUserId(param);
+        return new ResponseEntity<>(result, HttpStatus.OK);
+    }
+
+    @Logging
+    @GetMapping("user/unauthorized-roles")
+    @Operation(summary = "查询用户未绑定角色列表", description = "查询用户未绑定角色列表")
+    public ResponseEntity<List<SecRoleDTO>> listUnauthorizedRolesByUserId(@Valid SecRoleListByUserParam param) {
+        List<SecRoleDTO> result = secAuthorizeService.listUnauthorizedRolesByUserId(param);
+        return new ResponseEntity<>(result, HttpStatus.OK);
+    }
+
+    @Logging
+    @PutMapping("user/roles")
+    @Operation(summary = "批量为用户绑定角色", description = "批量为用户绑定角色")
+    public ResponseEntity<ResponseVO> authorize(@Valid @RequestBody SecRoleBatchAuthorizeForUserParam param) {
+        secAuthorizeService.authorize(param);
+        return new ResponseEntity<>(ResponseVO.success(), HttpStatus.OK);
+    }
+
+    @Logging
+    @DeleteMapping("user/roles")
+    @Operation(summary = "批量为用户解除角色绑定", description = "批量为用户解除角色绑定")
+    public ResponseEntity<ResponseVO> unauthorize(@Valid @RequestBody SecRoleBatchAuthorizeForUserParam param) {
+        secAuthorizeService.unauthorize(param);
+        return new ResponseEntity<>(ResponseVO.success(), HttpStatus.OK);
+    }
+
 }

scaleph-dao/src/main/java/cn/sliew/scaleph/dao/mapper/master/security/SecUserRoleMapper.java

@@ -18,10 +18,18 @@
 
 package cn.sliew.scaleph.dao.mapper.master.security;
 
+import cn.sliew.scaleph.common.dict.security.RoleStatus;
+import cn.sliew.scaleph.common.dict.security.UserStatus;
+import cn.sliew.scaleph.dao.entity.master.security.SecRole;
+import cn.sliew.scaleph.dao.entity.master.security.SecUser;
 import cn.sliew.scaleph.dao.entity.master.security.SecUserRole;
 import com.baomidou.mybatisplus.core.mapper.BaseMapper;
+import com.baomidou.mybatisplus.extension.plugins.pagination.Page;
+import org.apache.ibatis.annotations.Param;
 import org.springframework.stereotype.Repository;
 
+import java.util.List;
+
 /**
  * <p>
  * 用户角色关联表 Mapper 接口
@@ -33,4 +41,33 @@
 @Repository
 public interface SecUserRoleMapper extends BaseMapper<SecUserRole> {
 
+    /**
+     * 查询角色关联的用户
+     */
+    Page<SecUser> selectRelatedUsersByRole(Page page,
+                                           @Param("roleId") Long roleId,
+                                           @Param("status") UserStatus status,
+                                           @Param("userName") String userName);
+
+    /**
+     * 查询角色未关联的用户
+     */
+    Page<SecUser> selectUnrelatedUsersByRole(Page page,
+                                             @Param("roleId") Long roleId,
+                                             @Param("status") UserStatus status,
+                                             @Param("userName") String userName);
+
+    /**
+     * 查询用户关联的角色
+     */
+    List<SecRole> selectRelatedRolesByUser(@Param("userId") Long userId,
+                                           @Param("status") RoleStatus status,
+                                           @Param("name") String name);
+
+    /**
+     * 查询用户未关联的角色
+     */
+    List<SecRole> selectUnrelatedRolesByUser(@Param("userId") Long userId,
+                                             @Param("status") RoleStatus status,
+                                             @Param("name") String name);
 }

scaleph-dao/src/main/resources/cn/sliew/scaleph/dao/mapper/master/security/SecUserRoleMapper.xml

@@ -30,4 +30,76 @@
         <result column="role_id" property="roleId"/>
     </resultMap>
 
+    <select id="selectRelatedUsersByRole" resultMap="cn.sliew.scaleph.dao.mapper.master.security.SecUserMapper.BaseResultMap">
+        SELECT
+            t1.*
+        FROM
+            sec_user t1
+                JOIN sec_user_role t2 ON t1.id = t2.user_id
+        WHERE
+            t2.role_id = 1
+        <if test="status != null">
+            AND t1.`status` = #{status}
+        </if>
+        <if test="userName != null and userName != ''">
+            AND t1.`userName` like concat('%',#{userName},'%')
+        </if>
+        ORDER BY
+            t1.id
+    </select>
+
+    <select id="selectUnrelatedUsersByRole" resultMap="cn.sliew.scaleph.dao.mapper.master.security.SecUserMapper.BaseResultMap">
+        SELECT
+        t1.*
+        FROM
+        sec_user t1
+        <where>
+            <if test="status != null">
+                AND t1.`status` = #{status}
+            </if>
+            <if test="userName != null and userName != ''">
+                AND t1.`userName` like concat('%',#{userName},'%')
+            </if>
+            AND NOT EXISTS ( SELECT * FROM sec_user_role t2 WHERE t1.id = t2.user_id AND t2.role_id = #{roleId} )
+        </where>
+        ORDER BY
+        t1.id
+    </select>
+
+    <select id="selectRelatedRolesByUser" resultMap="cn.sliew.scaleph.dao.mapper.master.security.SecRoleMapper.SecRoleMap">
+        SELECT
+            t1.*
+        FROM
+            sec_role t1
+                JOIN sec_user_role t2 ON t1.id = t2.role_id
+        WHERE
+            t2.user_id = #{userId}
+        <if test="status != null">
+            AND t1.`status` = #{status}
+        </if>
+        <if test="name != null and name != ''">
+            AND t1.`name` like concat('%',#{name},'%')
+        </if>
+        ORDER BY
+            t1.id
+    </select>
+
+    <select id="selectUnrelatedRolesByUser" resultMap="cn.sliew.scaleph.dao.mapper.master.security.SecRoleMapper.SecRoleMap">
+        SELECT
+        t1.*
+        FROM
+        sec_role t1
+        <where>
+            <if test="status != null">
+                AND t1.`status` = #{status}
+            </if>
+            <if test="name != null and name != ''">
+                AND t1.`name` like concat('%',#{name},'%')
+            </if>
+            AND NOT EXISTS ( SELECT * FROM sec_user_role t2 WHERE t1.id = t2.role_id AND t2.user_id = #{userId} )
+        </where>
+        ORDER BY
+        t1.id
+    </select>
+
 </mapper>

scaleph-security/src/main/java/cn/sliew/scaleph/security/service/SecAuthorizeService.java

@@ -20,11 +20,9 @@
 
 import cn.sliew.scaleph.security.service.dto.SecResourceWebWithAuthorizeDTO;
 import cn.sliew.scaleph.security.service.dto.SecRoleDTO;
+import cn.sliew.scaleph.security.service.dto.SecUserDTO;
 import cn.sliew.scaleph.security.service.dto.UmiRoute;
-import cn.sliew.scaleph.security.service.param.SecResourceWebBatchAuthorizeForRoleParam;
-import cn.sliew.scaleph.security.service.param.SecResourceWebListByRoleParam;
-import cn.sliew.scaleph.security.service.param.SecRoleBatchAuthorizeForResourceWebParam;
-import cn.sliew.scaleph.security.service.param.SecRoleListByResourceWebParam;
+import cn.sliew.scaleph.security.service.param.*;
 import com.baomidou.mybatisplus.extension.plugins.pagination.Page;
 
 import java.util.List;
@@ -63,6 +61,7 @@ public interface SecAuthorizeService {
     // -------------------------------------------------------------------------------------------
     // role -> resource-web
     // -------------------------------------------------------------------------------------------
+
     /**
      * 查询所有 资源-web 和指定角色绑定状态
      */
@@ -78,4 +77,52 @@ public interface SecAuthorizeService {
      */
     void unauthorize(SecResourceWebBatchAuthorizeForRoleParam param);
 
+    // -------------------------------------------------------------------------------------------
+    // role -> user
+    // -------------------------------------------------------------------------------------------
+
+    /**
+     * 查询角色绑定用户列表
+     */
+    Page<SecUserDTO> listAuthorizedUsersByRoleId(SecUserListByRoleParam param);
+
+    /**
+     * 查询角色未绑定用户列表
+     */
+    Page<SecUserDTO> listUnauthorizedUsersByRoleId(SecUserListByRoleParam param);
+
+    /**
+     * 批量为角色绑定用户
+     */
+    void authorize(SecUserBatchAuthorizeForRoleParam param);
+
+    /**
+     * 批量为角色解除用户绑定
+     */
+    void unauthorize(SecUserBatchAuthorizeForRoleParam param);
+
+    // -------------------------------------------------------------------------------------------
+    // user -> role
+    // -------------------------------------------------------------------------------------------
+
+    /**
+     * 查询用户绑定角色列表
+     */
+    List<SecRoleDTO> listAuthorizedRolesByUserId(SecRoleListByUserParam param);
+
+    /**
+     * 查询用户未绑定角色列表
+     */
+    List<SecRoleDTO> listUnauthorizedRolesByUserId(SecRoleListByUserParam param);
+
+    /**
+     * 批量为用户绑定角色
+     */
+    void authorize(SecRoleBatchAuthorizeForUserParam param);
+
+    /**
+     * 批量为用户解除角色绑定
+     */
+    void unauthorize(SecRoleBatchAuthorizeForUserParam param);
+
 }