@gingkoo/base-server 0.0.1-alpha.0 → 0.0.1-alpha.10

package/backend/common/services/permission.js

@@ -0,0 +1,500 @@
+'use strict';
+const { sqlExecutor, checkTableFilterFields, queryParamsBuilder } = require('@gingkoo/node-tools');
+const { logger } = require('../logger/index');
+const entity = require('../entity');
+const { permission: permissionConstant } = require('../enum');
+const rolesService = require('../services/roles');
+// const requirementService = require('@requirement/services/requirement');
+
+module.exports = {
+  // 根据操作对象查询权限
+  checkOperPermission: async function (operType, operId, perm, filter) {
+    if (Array.isArray(operId) && operId.length === 0) return [];
+    let sql = `select * from ${entity.IDM_PERMISSIONS} where ORG_ID=? and STATUS='00'`;
+    let params = [global.orgid];
+    if (operType === permissionConstant.OPER_TYPE.USER) {
+      sql += ` and (OPER_TYPE in (?, ?, ?) and (OPER_ID in (select GROUP_ID from ${entity.IDM_GROUP_MEMBERS} where USER_ID=?) or OPER_ID in (select DEPT_NO from ${entity.IDM_USERS} where USER_ID=?) or OPER_ID=?))`;
+      params = [
+        global.orgid,
+        permissionConstant.OPER_TYPE.DEPT,
+        permissionConstant.OPER_TYPE.GROUP,
+        permissionConstant.OPER_TYPE.USER,
+        operId,
+        operId,
+        operId,
+      ];
+    } else if (operType === permissionConstant.OPER_TYPE.GROUP) {
+      sql += ` and (OPER_TYPE in (?, ?) and OPER_ID in ((select DEPT_ID from ${entity.IDM_GROUPS} where GROUP_ID=?), ?))`;
+      params = [global.orgid, operType, permissionConstant.OPER_TYPE.DEPT, operId, operId];
+    } else if (operType === permissionConstant.OPER_TYPE.DEPT) {
+      sql += ` and OPER_TYPE=? and OPER_ID=?`;
+      params = [global.orgid, operType, operId];
+    } else if (operType === permissionConstant.OPER_TYPE.ROLE) {
+      if (typeof operId === 'string') {
+        sql += ` and OPER_TYPE=? and OPER_ID=?`;
+        params = [global.orgid, operType, operId];
+      }
+      if (Array.isArray(operId) && operId.length) {
+        params.push(operType);
+        let operSql = operId
+          .reduce((mo, id) => {
+            mo.push('?');
+            params.push(id);
+            return mo;
+          }, [])
+          .join(',');
+        sql += ` and OPER_TYPE=? and OPER_ID in (${operSql})`;
+      }
+    }
+    if (perm && typeof perm === 'string' && perm.trim().length) {
+      let permSql = perm
+        .split(',')
+        .map((item) => {
+          return `(RES_RANGE like '%,${item},%' or RES_RANGE like '${item}' or RES_RANGE like '%,${item}' or RES_RANGE like '${item},%')`;
+        })
+        .join(' or ');
+      sql += ` and (${permSql})`;
+    }
+    if (Array.isArray(perm) && perm.length) {
+      let permSql = perm
+        .map((item) => {
+          return `(RES_RANGE like '%,${item},%' or RES_RANGE like '${item}' or RES_RANGE like '%,${item}' or RES_RANGE like '${item},%')`;
+        })
+        .join(' or ');
+      sql += ` and (${permSql})`;
+    }
+    let newFilter = await checkTableFilterFields(filter, entity.IDM_PERMISSIONS);
+    if (newFilter && Object.keys(newFilter).length) {
+      let queryParam = queryParamsBuilder(newFilter, null, null);
+      sql = sql + ' and ' + queryParam.sql;
+      params = params.concat(queryParam.params);
+    }
+    let { error, results } = await sqlExecutor(sql, params);
+    if (error) {
+      logger.error(error);
+      return null;
+    }
+    return results;
+  },
+
+  /**
+   *
+   * @param {*} userId 用户ID
+   * @param {*} navId 导航ID
+   * @param {*} resType 权限应用类型
+   * @returns 获取用户角色在此导航的功能权限
+   */
+  checkRoleApiPerm: async function (userId, navId, resType, proId) {
+    let userRoles = await rolesService.getRoleMembers(null, {
+      USER_ID: userId,
+      ROLE_TYPE: permissionConstant.ROLE_TYPE.MANAGER,
+    });
+    if (
+      proId &&
+      [
+        permissionConstant.RES_TYPE.PROJECT_NAV,
+        permissionConstant.RES_TYPE.REQUIREMENT_NAV,
+      ].includes(resType)
+    ) {
+      userRoles = await this.getUserProjectRole({ USER_ID: userId, PROJECT_ID: proId });
+    }
+    if (!Array.isArray(userRoles)) return null;
+    userRoles = userRoles.map((role) => role.ROLE_ID || role.MEM_ROLE);
+
+    let navPerms = await this.checkOperPermission('role', userRoles, null, {
+      RES_KIND: permissionConstant.RES_KIND.API,
+      RES_TYPE: resType,
+      RES_RANGE: navId,
+    });
+    if (!Array.isArray(navPerms)) return null;
+    let permItem = navPerms.reduce((mo, item) => {
+      let items = [];
+      try {
+        items = JSON.parse(item['PROPS']);
+      } catch (error) {}
+      mo = mo
+        .concat(items)
+        .map((v) => v.feature)
+        .filter((v, i, arr) => arr.indexOf(v) === i)
+        .map((v) => {
+          return {
+            feature: v,
+          };
+        });
+      return mo;
+    }, []);
+    return permItem;
+  },
+
+  /**
+   *
+   * @param {*} userId 用户ID
+   * @param {*} navId 导航ID
+   * @param {*} resType 权限应用类型
+   * @returns 获取用户在此导航的功能权限
+   */
+  checkUserApiPerm: async function (userId, navId, resType) {
+    let navPerms = await this.checkOperPermission('user', userId, null, {
+      RES_KIND: permissionConstant.RES_KIND.API,
+      RES_TYPE: resType,
+      RES_RANGE: navId,
+    });
+    if (!Array.isArray(navPerms)) return null;
+    let permItem = navPerms.reduce((mo, item) => {
+      let items = [];
+      try {
+        items = JSON.parse(item['PROPS']);
+      } catch (error) {}
+      mo = mo
+        .concat(items)
+        .map((v) => v.feature)
+        .filter((v, i, arr) => arr.indexOf(v) === i)
+        .map((v) => {
+          return {
+            feature: v,
+          };
+        });
+      return mo;
+    }, []);
+
+    return permItem;
+  },
+  formptBtns: function (btns, permFeatures) {
+    if (!Array.isArray(btns) || !Array.isArray(permFeatures)) return null;
+    let resultBtns = btns.filter((btn) => {
+      return !btn.feature || permFeatures.includes(btn.feature);
+    });
+    return resultBtns;
+  },
+
+  // 对某些特殊接口过滤 如 columnApi , 特殊接口的功能目前只是编辑edit
+  formptApis: function (feature, perms) {
+    if (!Array.isArray(perms)) return null;
+    let permFeatures = perms.map((per) => per['feature']);
+    return permFeatures.includes(feature);
+  },
+
+  /**
+   *
+   * @param {*} userId 用户ID
+   * @param {*} navId 导航ID
+   * @param {*} schema JSON数据
+   * @returns 查询用户角色在此导航的功能权限，删除没有权限的button
+   * schema中的 filterOptions.leftAction.action 和 filterOptions.leftAction.actionMore 和 oprBtns, 目前只对这三个
+   * json中对于 "columnApi": "********"  类的api，也做权限校验
+   */
+  formatPermHtml: async function (userId, navId, schema, resType, proId) {
+    // userId为undefined会报错，所以此处直接return
+    if (!navId || !userId) return schema;
+    let newSchema = [];
+    try {
+      newSchema = JSON.parse(JSON.stringify(schema));
+    } catch (error) {}
+    let newBody = newSchema?.body[0] || null;
+    if (!newBody) return schema;
+    let navPerm = await this.checkRoleApiPerm(userId, navId, resType, proId);
+    let specialApis = ['columnApi', 'saveOrderApi'];
+    if (!navPerm || !Array.isArray(navPerm)) return schema;
+
+    let permFeatures = navPerm.map((per) => per['feature']);
+
+    if (Array.isArray(newBody.oprBtns) && newBody.oprBtns.length) {
+      let newBtns = this.formptBtns(newBody.oprBtns, permFeatures);
+      newBody.oprBtns = newBtns;
+    }
+    if (
+      Array.isArray(newBody?.filterOptions?.leftAction?.action) &&
+      newBody.filterOptions.leftAction.action.length
+    ) {
+      let newBtns = this.formptBtns(newBody.filterOptions.leftAction.action, permFeatures);
+      newBody.filterOptions.leftAction.action = newBtns;
+    }
+    if (
+      Array.isArray(newBody?.filterOptions?.leftAction?.actionMore) &&
+      newBody.filterOptions.leftAction.actionMore.length
+    ) {
+      let newBtns = this.formptBtns(newBody.filterOptions.leftAction.actionMore, permFeatures);
+      newBody.filterOptions.leftAction.actionMore = newBtns;
+    }
+    if (newBody?.rowInfo && newBody?.rowInfo?.feature === 'edit' && Array.isArray(permFeatures)) {
+      let quickStatic = permFeatures.includes(newBody?.rowInfo?.feature) ? false : true;
+      newBody.rowInfo = { ...newBody.rowInfo, quickStatic };
+      Reflect.deleteProperty(newBody.rowInfo, 'feature');
+    }
+    if (
+      Array.isArray(newBody?.rowInfo?.moreBtn) &&
+      newBody?.rowInfo?.moreBtn?.length &&
+      Array.isArray(permFeatures)
+    ) {
+      let newMoreBtn = newBody?.rowInfo?.moreBtn
+        .filter(
+          (btn) => !btn.feature || permFeatures.includes(btn.feature) || btn.type === 'button',
+        )
+        .map((btn) => {
+          if (!btn.feature) return btn;
+          if (permFeatures.includes(btn.feature)) return btn;
+          if (!permFeatures.includes(btn.feature))
+            return {
+              ...btn,
+              disabled: true,
+            };
+        });
+      newBody.rowInfo = { ...newBody.rowInfo, moreBtn: newMoreBtn };
+    }
+    specialApis.forEach((apiKey) => {
+      if (newBody[apiKey]) {
+        let flag = this.formptApis(permissionConstant.PERMISSION_FEATURE_KIND.EDIT, navPerm);
+        !flag && Reflect.deleteProperty(newBody, apiKey);
+        apiKey === 'saveOrderApi' &&
+          !flag &&
+          Reflect.deleteProperty(newBody['filterOptions'], 'draggable');
+      }
+    });
+    newSchema['body'][0] = newBody;
+    return newSchema;
+  },
+
+  //
+  formatLayout: async function (userid, schema, proId, layout) {
+    if (!userid) return schema;
+    let newSchema = [];
+    let newData = [];
+    try {
+      newSchema = JSON.parse(JSON.stringify(schema));
+      newData = JSON.parse(JSON.stringify(layout));
+    } catch (error) {}
+    // layout中的ASSIGNEE和FORWARD_TO_PROJECT两个字段
+    // 前提如果是研发人员，整个layout不可编辑，只有这两个字段可以编辑，需要给这两个字段设置quickStatic: false
+    let newLayout = newSchema?.body?.[0]?.rowInfo?.layoutSet || newData || null;
+    // let prdRoles = await requirementService.getRequirementRoles();
+
+    // if (!Array.isArray(prdRoles) || !newLayout) return newSchema;
+
+    // let prdRoleInfo = prdRoles.reduce((mo, role) => {
+    //   mo[role.ROLE_NAME] = role.ROLE_ID;
+    //   return mo;
+    // }, {});
+
+    // let userRole = await requirementService.getMemberUser(null, null, {
+    //   PROJECT_ID: proId,
+    //   USER_ID: userid,
+    // });
+
+    // 需求模块 需求页面 研发人员没有编辑权限，但可以编辑产品所属项目和产品负责人这两个字段
+    // 需求模块 需求页面 研发人员没有编辑权限，但可以新建关联工作项和关联工作项
+    // if (userRole?.[0]?.MEM_ROLE === prdRoleInfo['研发人员'] && Array.isArray(newLayout)) {
+    //   newLayout = newLayout.map((item) => {
+    //     if (item.type === 'tab' && Array.isArray(item.children)) {
+    //       let newChildren = item.children.map((child) => {
+    //         if (child.title === '详情' && Array.isArray(child.children)) {
+    //           let aChildren = child.children.map((aChild) => {
+    //             if (aChild.label === '基础信息' && Array.isArray(aChild.children)) {
+    //               let bChildren = aChild.children.map((ren) => {
+    //                 if (
+    //                   ['ASSIGNEE', 'FORWARD_TO_PROJECT'].includes(ren) ||
+    //                   ['ASSIGNEE', 'FORWARD_TO_PROJECT'].includes(ren.name)
+    //                 ) {
+    //                   if (isPlainObject(ren)) return { ...ren, quickStatic: false };
+    //                   return {
+    //                     name: ren.name || ren,
+    //                     quickStatic: false,
+    //                   };
+    //                 }
+    //                 return ren;
+    //               });
+    //               return {
+    //                 ...aChild,
+    //                 children: bChildren,
+    //               };
+    //             }
+    //             return aChild;
+    //           });
+    //           return {
+    //             ...child,
+    //             children: aChildren,
+    //           };
+    //         }
+    //         if (child.title === '关联内容' && Array.isArray(child.children)) {
+    //           let aChildren = child.children.map((aChild) => {
+    //             if (aChild.name === 'linkIssues' && aChild.feature === 'edit') {
+    //               return {
+    //                 ...aChild,
+    //                 btns: ['add', 'associated'],
+    //                 quickStatic: false,
+    //               };
+    //             }
+    //             return aChild;
+    //           });
+    //           return {
+    //             ...child,
+    //             children: aChildren,
+    //           };
+    //         }
+    //         return child;
+    //       });
+    //       return {
+    //         ...item,
+    //         children: newChildren,
+    //       };
+    //     }
+    //     return item;
+    //   });
+    // }
+
+    if (!schema) return newLayout;
+
+    newSchema.body[0].rowInfo.layoutSet = newLayout;
+    return newSchema;
+  },
+
+  formatBugHtml: async function (userId, schema, proId) {
+    // userId为undefined会报错，所以此处直接return
+    if (!userId) return schema;
+
+    let btnKey = ['refuse', 'pass', 'confirm'];
+    let newSchema = [];
+    try {
+      newSchema = JSON.parse(JSON.stringify(schema));
+    } catch (error) {}
+
+    let newBody = newSchema?.body[0] || null;
+    if (!newBody) return schema;
+
+    // let prdRoles = await requirementService.getRequirementRoles();
+    // if (!Array.isArray(prdRoles)) return newSchema;
+
+    // let prdRoleInfo = prdRoles.reduce((mo, role) => {
+    //   mo[role.ROLE_NAME] = role.ROLE_ID;
+    //   return mo;
+    // }, {});
+    let userRole = await requirementService.getMemberUser(null, null, {
+      PROJECT_ID: proId,
+      USER_ID: userId,
+    });
+
+    // 需求模块 缺陷页面 研发实施都有编辑权限，但实施不能点击通过缺陷和拒绝缺陷这两个按钮
+    // if (userRole?.[0]?.MEM_ROLE === prdRoleInfo['实施人员']) {
+    //   if (Array.isArray(newBody?.rowInfo?.moreBtn)) {
+    //     let newMoreBtn = newBody.rowInfo.moreBtn.map((btn) => {
+    //       if (btnKey.includes(btn.key)) {
+    //         return {
+    //           ...btn,
+    //           disabled: true,
+    //         };
+    //       }
+    //       return btn;
+    //     });
+    //     newBody.rowInfo.moreBtn = newMoreBtn;
+    //   }
+    //   if (Array.isArray(newBody?.oprBtns)) {
+    //     let newOprBtns = newBody.oprBtns.map((action) => {
+    //       if (btnKey.includes(action.key)) {
+    //         return {
+    //           ...action,
+    //           disabled: true,
+    //         };
+    //       }
+    //       return action;
+    //     });
+    //     newBody.oprBtns = newOprBtns;
+    //   }
+    // }
+
+    return newSchema;
+  },
+
+  // 获取项目navs
+  getModuleNavs: async function (module) {
+    let sql = `select NAV_ID, NAV_NAME, URL from ${entity.BASE_MODULE_NAV} where ORG_ID=? and MODULE_ID=? order by ORDER_NO`;
+    let params = [global.orgid, module];
+    let { error, results } = await sqlExecutor(sql, params);
+    if (error) {
+      logger.error(error);
+      return null;
+    }
+
+    return results;
+  },
+
+  // 获取用户在指定项目中的角色
+  getUserProjectRole: async function (filter) {
+    let sql = `select MEM_ROLE from ${entity.PROJECT_MEMBERS} where ORG_ID=?`;
+    let params = [global.orgid];
+    let newFilter = await checkTableFilterFields(filter, entity.PROJECT_MEMBERS);
+    if (newFilter && Object.keys(newFilter)) {
+      let queryParam = queryParamsBuilder(newFilter, null, null);
+      sql = sql + ' and ' + queryParam.sql;
+      params = params.concat(queryParam.params);
+    }
+
+    let { error, results } = await sqlExecutor(sql, params);
+    if (error) {
+      logger.error(error);
+      return null;
+    }
+
+    return results;
+  },
+
+  /**
+   * 根据系统页面活模块查询有权限的人员名单
+   * @param {*} navId 页面ID
+   * @param {*} feature 权限 add|del|edit   如果feature为undefined 则认为搜索查看页面的权限
+   */
+  getUserListByPagePermiss: async function (navId, feature) {
+    if (!navId) return false;
+    let sql = `select OPER_ID from ${entity.IDM_PERMISSIONS} where ORG_ID=? and OPER_TYPE='role' and RES_RANGE like '%${navId}%'`;
+    let params = [global.orgid];
+
+    if (['del', 'edit', 'add'].includes(feature)) {
+      sql += ` and RES_KIND='api' and PROPS like '%"${feature}"%'`;
+    } else {
+      sql += ` and RES_KIND='page' and ACTIONS='select'`;
+    }
+
+    let { error, results } = await sqlExecutor(sql, params);
+    if (error || !Array.isArray(results)) {
+      logger.error(error);
+      return null;
+    }
+    let roleList = results.map((item) => item.OPER_ID);
+
+    if (!roleList.length) {
+      return [];
+    }
+
+    let users = await rolesService.getRoleMembers(null, {
+      ROLE_ID: roleList,
+    });
+
+    if (!users || !Array.isArray(users)) return null;
+
+    users = users.map((item) => item.USER_ID).filter((id, index, arr) => arr.indexOf(id) === index);
+    return users;
+  },
+
+  // 获取系统页面数据
+  getSystemNavs: async function (filter, customSql) {
+    let sql = `select * from ${entity.BASE_SETUP_NAV} where ORG_ID=?`;
+    let params = [global.orgid];
+
+    let where = await checkTableFilterFields(filter, entity.BASE_SETUP_NAV);
+    if (where && Object.keys(where)) {
+      let queryParam = queryParamsBuilder(where, null, null, { NAV_NAME: 'like' });
+      sql = sql + ' and ' + queryParam.sql;
+      params = params.concat(queryParam.params);
+    }
+
+    if (customSql) {
+      sql += customSql;
+    }
+
+    let { error, results } = await sqlExecutor(sql, params);
+    if (error) {
+      logger.error(error);
+      return null;
+    }
+
+    return results;
+  },
+};

package/backend/common/services/roles.js

@@ -0,0 +1,57 @@
+'use strict';
+const { sqlExecutor, checkTableFilterFields, queryParamsBuilder } = require('@gingkoo/node-tools');
+const { logger } = require('../logger/index');
+const entity = require('../entity');
+
+const dictService = {
+  /**
+   * 根据类型获取角色 列表
+   * @param {MANAGER|PROJECT} type 指定 role_type 查询
+   */
+  async getRoles(type) {
+    let { error, results } = await sqlExecutor(
+      `select ROLE_ID, ROLE_NAME FROM ${entity.IDM_ROLES} where ORG_ID=? and ROLE_TYPE=?`,
+      [global.orgid, type],
+    );
+
+    if (error) {
+      logger.error(error);
+      return null;
+    }
+
+    return results;
+  },
+
+  async getRoleMembers(role, filter) {
+    let sql = `select a.ROLE_ID, a.ROLE_TYPE, a.USER_ID, a.REMARKS, b.USER_NAME, b.DEPT_NO from ${entity.IDM_ROLE_MEMBERS} a left join ${entity.IDM_USERS} b on a.USER_ID=b.USER_ID where a.ORG_ID=?`;
+    let params = [global.orgid];
+    if (typeof role === 'string' && role.trim().length) {
+      sql += ' and ROLE_ID=?';
+      params = params.concat(role);
+    }
+    let aFilter = await checkTableFilterFields(filter, entity.IDM_ROLE_MEMBERS);
+    if (aFilter && Object.keys(aFilter)) {
+      let sqlResult = queryParamsBuilder(aFilter, 'a');
+      sql += ' and ' + sqlResult.sql;
+      params = params.concat(sqlResult.params);
+    }
+    let bFilter = await checkTableFilterFields(filter, entity.IDM_USERS);
+    if (bFilter && Object.keys(bFilter)) {
+      let sqlResult = queryParamsBuilder(bFilter, 'b', null, {
+        USER_ID: 'like',
+        USER_NAME: 'like',
+      });
+      sql += ' and ' + sqlResult.sql;
+      params = params.concat(sqlResult.params);
+    }
+    let { error, results } = await sqlExecutor(sql, params);
+    if (error) {
+      logger.error(error);
+      return null;
+    }
+
+    return results;
+  },
+};
+
+module.exports = dictService;

package/backend/common/services/send-notice.js

@@ -0,0 +1,86 @@
+'use strict';
+const { v4: uuidv4 } = require('uuid');
+const { insertSqlBuilder, sqlExecutor } = require('@gingkoo/node-tools');
+const entity = require('./entity');
+const logger = require('./logger');
+const wxNotice = require('@wechat/services/notice');
+
+let NOTIF_TOPICS = {
+  ISSUE_ACTIVITI_LOG: {
+    title: '工作项变更通知',
+  },
+  ISSUE_DUE_ALERT: {
+    title: '工作项到期通知',
+  },
+  CHAT_MESSAGE_LOG: {
+    title: '聊天消息提醒通知',
+  },
+};
+
+module.exports = {
+  /**
+   * 发送通知
+   * @param {string[]} props.toUsers 通知的用户ids
+   * @param {string} props.content 通知的文案
+   * @param {string} props.link 通知跳转链接
+   * @param {ISSUE_ACTIVITI_LOG | ISSUE_DUE_ALERT} props.topic 消息主题
+   * @param {boolean} props.direct 直达消息
+   * @param {ISSUE} props.module 来源模块
+   *
+   */
+  async notify(props) {
+    let params = {
+      title: NOTIF_TOPICS[props['topic']]['title'],
+      content: props['content'],
+      link: props['link'],
+    };
+
+    let direct = 'N';
+    if (props['direct']) {
+      direct = 'Y';
+    }
+
+    let channel = 'qywx';
+    let toUsers = props['toUsers'] || [];
+    let sqlParams = {
+      ORG_ID: global.orgid,
+      MSG_ID: uuidv4().replaceAll('-', ''),
+      MSG_TYPE: props['msgtype'] || 'text',
+      TOPIC: props['topic'],
+      DIRECT: direct,
+      CHANNEL: channel,
+      TO_USERS: toUsers.join(','),
+      CONTENT: params['content'],
+      LINK: params['link'] || '',
+      STATUS: '00',
+      MODULE_ID: props['module'],
+    };
+
+    let sqlResult = insertSqlBuilder(entity.BASE_NOTIFI_MESSAGE, sqlParams);
+    let dbResult = await sqlExecutor(sqlResult.sql, sqlResult.params);
+    if (dbResult.error) {
+      logger.error(dbResult.error);
+      return;
+    }
+
+    // TODO. 这个channel 应该是查表 当前用户 开通的 通知方式
+    if (channel == 'qywx') {
+      await wxNotice.notice(toUsers, params);
+    }
+  },
+
+  /**
+   * @param {string[]} props.toUsers 通知的用户ids
+   * @param {string} props.content 通知的文案
+   * @param {string} props.link 通知跳转链接
+   */
+  async notmail(props) {
+    let { toUsers } = props;
+    let params = {
+      title: NOTIF_TOPICS[props['topic']]['title'],
+      content: props['content'],
+      link: props['link'],
+    };
+    await wxNotice.email(toUsers, params);
+  },
+};