@kne/fastify-account 1.0.0-alpha.1 → 1.0.0-alpha.2

package/README.md

@@ -22,7 +22,7 @@ npm i --save @kne/fastify-account
 ### API
 
 ---
-title: "@kne/fastify-account v1.0.0-alpha.0"
+title: "@kne/fastify-account v1.0.0-alpha.1"
 language_tabs:
   - shell: Shell
   - http: HTTP
@@ -42,7 +42,7 @@ headingLevel: 2
 
 <!-- Generator: Widdershins v4.0.1 -->
 
-<h1 id="-kne-fastify-account">@kne/fastify-account v1.0.0-alpha.0</h1>
+<h1 id="-kne-fastify-account">@kne/fastify-account v1.0.0-alpha.1</h1>
 
 > Scroll down for code samples, example requests and responses. Select a language for code samples from the tabs above or the mobile navigation menu.
 
@@ -1938,11 +1938,25 @@ This operation does not require authentication
 This operation does not require authentication
 </aside>
 
-## get__api_v1_account_tenant_getUserCurrentTenant
+## get__api_v1_account_tenant_getTenantUserInfo
 
-`GET /api/v1/account/tenant/getUserCurrentTenant`
+`GET /api/v1/account/tenant/getTenantUserInfo`
 
-<h3 id="get__api_v1_account_tenant_getusercurrenttenant-responses">Responses</h3>
+<h3 id="get__api_v1_account_tenant_gettenantuserinfo-responses">Responses</h3>
+
+|Status|Meaning|Description|Schema|
+|---|---|---|---|
+|200|[OK](https://tools.ietf.org/html/rfc7231#section-6.3.1)|Default Response|None|
+
+<aside class="success">
+This operation does not require authentication
+</aside>
+
+## get__api_v1_account_tenant_orgList
+
+`GET /api/v1/account/tenant/orgList`
+
+<h3 id="get__api_v1_account_tenant_orglist-responses">Responses</h3>
 
 |Status|Meaning|Description|Schema|
 |---|---|---|---|
@@ -1966,6 +1980,43 @@ This operation does not require authentication
 This operation does not require authentication
 </aside>
 
+## post__api_v1_account_setCurrentTenantId
+
+`POST /api/v1/account/setCurrentTenantId`
+
+> Body parameter
+
+```json
+{
+  "type": "object",
+  "required": [
+    "tenantId"
+  ],
+  "properties": {
+    "tenantId": {
+      "type": "string"
+    }
+  }
+}
+```
+
+<h3 id="post__api_v1_account_setcurrenttenantid-parameters">Parameters</h3>
+
+|Name|In|Type|Required|Description|
+|---|---|---|---|---|
+|body|body|object|true|none|
+|» tenantId|body|string|true|none|
+
+<h3 id="post__api_v1_account_setcurrenttenantid-responses">Responses</h3>
+
+|Status|Meaning|Description|Schema|
+|---|---|---|---|
+|200|[OK](https://tools.ietf.org/html/rfc7231#section-6.3.1)|Default Response|None|
+
+<aside class="success">
+This operation does not require authentication
+</aside>
+
 # Schemas
 
 

package/libs/controllers/account.js

@@ -182,8 +182,8 @@ module.exports = fp(async (fastify, options) => {
     },
     async request => {
       const { username, password } = request.body;
-      const token = await fastify.account.services.account.login({ username, password, ip: request.ip });
-      return { token };
+      const { token, user } = await fastify.account.services.account.login({ username, password, ip: request.ip });
+      return { token, currentTenantId: user.currentTenantId };
     }
   );
 });

package/libs/controllers/tenant.js

@@ -11,7 +11,7 @@ module.exports = fp(async (fastify, options) => {
   );
 
   fastify.get(
-    `${options.prefix}/tenant/getUserCurrentTenant`,
+    `${options.prefix}/tenant/getTenantUserInfo`,
     {
       onRequest: [fastify.account.authenticate.user, fastify.account.authenticate.tenant]
     },
@@ -19,4 +19,15 @@ module.exports = fp(async (fastify, options) => {
       return request.tenantInfo;
     }
   );
+
+  fastify.get(
+    `${options.prefix}/tenant/orgList`,
+    {
+      onRequest: [fastify.account.authenticate.user, fastify.account.authenticate.tenant]
+    },
+    async request => {
+      const { tenantId } = request.tenantInfo;
+      return await fastify.account.services.tenant.getTenantOrgList({ tenantId });
+    }
+  );
 });

package/libs/controllers/user.js

@@ -9,4 +9,25 @@ module.exports = fp(async (fastify, options) => {
       return { userInfo: request.userInfo };
     }
   );
+
+  fastify.post(
+    `${options.prefix}/setCurrentTenantId`,
+    {
+      onRequest: [fastify.account.authenticate.user],
+      schema: {
+        body: {
+          type: 'object',
+          required: ['tenantId'],
+          properties: {
+            tenantId: { type: 'string' }
+          }
+        }
+      }
+    },
+    async request => {
+      const { tenantId } = request.body;
+      await fastify.account.services.user.setCurrentTenantId({ id: request.userInfo.id, tenantId });
+      return {};
+    }
+  );
 });

package/libs/models/tenant-role-application.js

@@ -1,5 +1,5 @@
 module.exports = (sequelize, DataTypes) => {
-  return sequelize.define(
+  const tenantRoleApplication = sequelize.define(
     'tenantRoleApplication',
     {
       tenantId: {
@@ -30,4 +30,8 @@ module.exports = (sequelize, DataTypes) => {
       ]
     }
   );
+  tenantRoleApplication.associate = ({ tenantRoleApplication, application }) => {
+    tenantRoleApplication.belongsTo(application);
+  };
+  return tenantRoleApplication;
 };

package/libs/models/tenant-role-permission.js

@@ -1,5 +1,5 @@
 module.exports = (sequelize, DataTypes) => {
-  return sequelize.define(
+  const tenantRolePermission = sequelize.define(
     'tenantRolePermission',
     {
       tenantId: {
@@ -30,4 +30,10 @@ module.exports = (sequelize, DataTypes) => {
       ]
     }
   );
+
+  tenantRolePermission.associate = ({ tenantRolePermission, permission }) => {
+    tenantRolePermission.belongsTo(permission);
+  };
+
+  return tenantRolePermission;
 };

package/libs/services/account.js

@@ -43,7 +43,7 @@ module.exports = fp(async (fastify, options) => {
       ip
     });
 
-    return fastify.jwt.sign({ payload: { id: user.id } });
+    return { token: fastify.jwt.sign({ payload: { id: user.id } }), user };
   };
 
   const passwordAuthentication = async ({ accountId, password }) => {

package/libs/services/tenant.js

@@ -1,5 +1,9 @@
 const fp = require('fastify-plugin');
 const isNil = require('lodash/isNil');
+const { Unauthorized } = require('http-errors');
+const transform = require('lodash/transform');
+const groupBy = require('lodash/groupBy');
+const pick = require('lodash/pick');
 module.exports = fp(async (fastify, options) => {
   const getUserTenant = async authenticatePayload => {
     const user = await fastify.account.services.user.getUserInfo(authenticatePayload);
@@ -115,9 +119,129 @@ module.exports = fp(async (fastify, options) => {
     await tenantRole.destroy();
   };
 
+  const getTenantUserPermissionList = async ({ tenantRoleIds }) => {
+    const tenantRoleApplication = await fastify.account.models.tenantRoleApplication.findAll({
+      attributes: ['applicationId'],
+      where: {
+        roleId: {
+          [fastify.sequelize.Sequelize.Op.in]: tenantRoleIds
+        }
+      }
+    });
+
+    const applications = await fastify.account.models.application.findAll({
+      attributes: ['id', 'code', 'name'],
+      where: {
+        id: {
+          [fastify.sequelize.Sequelize.Op.in]: tenantRoleApplication.map(({ applicationId }) => applicationId)
+        }
+      }
+    });
+
+    const tenantRolePermission = await fastify.account.models.tenantRolePermission.findAll({
+      attributes: ['permissionId'],
+      include: {
+        attributes: ['code', 'name', 'isModule', 'paths'],
+        model: fastify.account.models.permission
+      },
+      where: {
+        roleId: {
+          [fastify.sequelize.Sequelize.Op.in]: tenantRoleIds
+        }
+      }
+    });
+
+    const permissions = await fastify.account.models.permission.findAll({
+      attributes: ['id', 'code', 'name', 'isModule', 'pid', 'applicationId', 'paths'],
+      where: {
+        [fastify.sequelize.Sequelize.Op.or]: [
+          {
+            id: {
+              [fastify.sequelize.Sequelize.Op.in]: tenantRolePermission.map(({ permissionId }) => permissionId)
+            }
+          },
+          {
+            isMust: true
+          }
+        ]
+      }
+    });
+
+    const permissionMapping = transform(
+      await fastify.account.models.permission.findAll({
+        where: {
+          id: {
+            [fastify.sequelize.Sequelize.Op.in]: permissions.map(({ paths }) => paths).reduce((list, item) => [...list, ...(item || [])], [])
+          }
+        }
+      }),
+      (result, value) => {
+        result[value.id] = { code: value.code, name: value.name };
+      },
+      {}
+    );
+
+    const applicationsMapping = transform(
+      applications,
+      (result, value) => {
+        result[value.id] = value;
+      },
+      {}
+    );
+
+    const findEndChildren = permissions => {
+      const output = [];
+      const core = (list, node) => {
+        const { children, other } = groupBy(list, item => (item.pid === node.id ? 'children' : 'other'));
+        if (!(other && other.length > 0)) {
+          return;
+        }
+        if (!(children && children.length > 0)) {
+          node.id !== 0 && output.push(node);
+          return;
+        }
+
+        children.forEach(node => {
+          core(other, node);
+        });
+        return output;
+      };
+      core(permissions, { id: 0 });
+      return output;
+    };
+
+    const userPermissionList = findEndChildren(permissions).map(({ code, applicationId, paths }) => {
+      return `${applicationsMapping[applicationId].code}${
+        paths && paths.length > 0
+          ? `:${paths
+              .map(id => {
+                return permissionMapping[id].code;
+              })
+              .join(':')}`
+          : ''
+      }:${code}`;
+    });
+
+    return {
+      applications: applications,
+      permissions: permissions.map(item =>
+        Object.assign(
+          {},
+          {
+            code: item.code,
+            name: item.name,
+            isModule: item.isModule,
+            paths: (item.paths || []).map(id => permissionMapping[id])
+          }
+        )
+      ),
+      userPermissionList
+    };
+  };
+
   const tenantUserAuthenticate = async user => {
     if (!user.currentTenantId) {
-      throw new Error('没有找到当前绑定租户');
+      throw new Unauthorized('没有找到当前绑定租户');
     }
     const tenant = await fastify.account.models.tenant.findByPk(user.currentTenantId, {
       where: {
@@ -129,6 +253,17 @@ module.exports = fp(async (fastify, options) => {
     }
 
     const tenantUser = await fastify.account.models.tenantUser.findOne({
+      attributes: ['id', 'avatar', 'description', 'phone', 'email'],
+      include: [
+        {
+          attributes: ['id', 'name'],
+          model: fastify.account.models.tenantOrg
+        },
+        {
+          attributes: ['id', 'name'],
+          model: fastify.account.models.tenantRole
+        }
+      ],
       where: {
         tenantId: tenant.id,
         userId: user.id,
@@ -136,13 +271,35 @@ module.exports = fp(async (fastify, options) => {
       }
     });
 
+    // 获取当前租户默认角色
+    const defaultTenant = await fastify.account.models.tenantRole.findOne({
+      where: {
+        type: 1,
+        tenantId: tenant.id
+      }
+    });
+
+    if (!defaultTenant) {
+      throw new Error('租户默认角色未设置，请联系管理员');
+    }
+
+    const tenantRoleIds = tenantUser.tenantRoles.map(({ id }) => id);
+    tenantRoleIds.push(defaultTenant.id);
+
+    const { userPermissionList } = await getTenantUserPermissionList({ tenantRoleIds });
     if (!tenantUser) {
       throw new Error('当前租户用户不存在或者已经被关闭');
     }
 
+    const outputTenantUser = Object.assign({}, tenantUser.get({ plain: true }));
+    outputTenantUser.tenantOrgs = outputTenantUser?.tenantOrgs.map(({ id, name }) => ({ id, name }));
+    outputTenantUser.tenantRoles = outputTenantUser?.tenantRoles.map(({ id, name }) => ({ id, name }));
     return {
-      tenant,
-      tenantUser
+      tenant: pick(tenant, ['id', 'name', 'description']),
+      tenantUser: Object.assign({}, outputTenantUser, {
+        permissions: userPermissionList
+      }),
+      user
     };
   };
 

package/libs/services/user.js

@@ -1,6 +1,7 @@
 const fp = require('fastify-plugin');
 const { Unauthorized } = require('http-errors');
 const get = require('lodash/get');
+const pick = require('lodash/pick');
 module.exports = fp(async (fastify, options) => {
   const getUserInfo = async authenticatePayload => {
     if (!(authenticatePayload && authenticatePayload.id)) {
@@ -10,10 +11,7 @@ module.exports = fp(async (fastify, options) => {
     if (!user) {
       throw new Unauthorized();
     }
-    const userInfo = user.get({ plain: true });
-    delete userInfo['userAccountId'];
-
-    return userInfo;
+    return pick(user, ['id', 'avatar', 'nickname', 'phone', 'email', 'gender', 'status', 'birthday', 'description', 'currentTenantId']);
   };
 
   const accountIsExists = async ({ email, phone }, currentUser) => {
@@ -97,12 +95,23 @@ module.exports = fp(async (fastify, options) => {
     await user.save();
   };
 
+  const setCurrentTenantId = async ({ id, tenantId }) => {
+    await fastify.account.services.tenant.getTenantInfo({ id: tenantId });
+    const user = await fastify.account.models.user.findByPk(id);
+
+    if (!user) {
+      throw new Error('用户不存在');
+    }
+    user.currentTenantId = tenantId;
+    await user.save();
+  };
   fastify.account.services.user = {
     getUserInfo,
     saveUser,
     accountIsExists,
     addUser,
     closeUser,
-    openUser
+    openUser,
+    setCurrentTenantId
   };
 });

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@kne/fastify-account",
-  "version": "1.0.0-alpha.1",
+  "version": "1.0.0-alpha.2",
   "description": "fastify的用户管理账号等实现",
   "main": "index.js",
   "scripts": {