Symfony Profiler

<?php
namespace CorporateTrainingBundle\Biz\ManagePermission\Service\Impl;
use AppBundle\Common\ArrayToolkit;
use Biz\BaseService;
use Biz\ResourceManage\Type\BaseType;
use CorporateTrainingBundle\Biz\ManagePermission\Dao\ManagePermissionOrgDao;
use CorporateTrainingBundle\Biz\ManagePermission\Service\ManagePermissionOrgService;
use CorporateTrainingBundle\Biz\Org\Service\Impl\OrgServiceImpl;
use CorporateTrainingBundle\Biz\ResourceUsePermissionShared\Service\ResourceUsePermissionSharedService;
use CorporateTrainingBundle\Biz\User\Service\UserService;
class ManagePermissionOrgServiceImpl extends BaseService implements ManagePermissionOrgService
{
protected $orgManageArr = [
'pluginTestPaper' => 'testpaper',
];
public function createOrgRecord($fields)
{
if (!ArrayToolkit::requireds($fields, ['userId', 'orgId'])) {
throw $this->createServiceException('parameter is invalid!');
}
$fields['createdUserId'] = $this->getCurrentUser()->getId();
$fields = $this->filterFields($fields);
return $this->getManagePermissionOrgDao()->create($fields);
}
public function updateOrgRecord($id, $fields)
{
return $this->getManagePermissionOrgDao()->update($id, $fields);
}
/**
* 判断设置部门是否超出管理员的管理范围
*
* @param $newSettingOrgIds '新设置的部门Ids'
* @param $oldSettingOrgIds '原设置的部门Ids'
*
* @return bool
*/
public function checkOrgManagePermission($newSettingOrgIds, $oldSettingOrgIds)
{
$newSettingOrgIds = $this->getOrgService()->wipeOffChildrenOrgIds($newSettingOrgIds);
$oldSettingOrgIds = $this->getOrgService()->wipeOffChildrenOrgIds($oldSettingOrgIds);
$deleteOrgIds = array_diff($oldSettingOrgIds, $newSettingOrgIds);
$addOrgIds = array_diff($newSettingOrgIds, $oldSettingOrgIds);
$diffOrgIds = array_merge($deleteOrgIds, $addOrgIds);
$currentUserOrgIds = $this->getCurrentUser()->getManageOrgIdsRecursively();
$diffOrgIds = array_diff($diffOrgIds, $currentUserOrgIds);
return empty($diffOrgIds);
}
public function setUserManagePermissionOrgsByCodes($userId, $codes)
{
$orgs = $this->getOrgService()->findOrgsByCodes($codes);
if (empty($orgs)) {
return;
}
return $this->setUserManagePermissionOrgs($userId, array_column($orgs, 'id'));
}
public function setUserManagePermissionOrgs($userId, $orgIds)
{
$this->beginTransaction();
try {
if (!empty($orgIds)) {
$orgIds = $this->getOrgService()->wipeOffChildrenOrgIds($orgIds);
}
$this->deleteOrgRecordsByUserId($userId);
$fields = ['userId' => $userId];
foreach ($orgIds as $orgId) {
$fields['orgId'] = $orgId;
$this->createOrgRecord($fields);
}
$this->commit();
} catch (\Exception $e) {
$this->rollback();
throw $e;
}
}
/**
* 获取用户能管理的orgIds
*
* @param $userId
*
* @return array
*/
public function getUserPermissionSelectOrgIds($userId)
{
$userOrgCodes = $this->findUserManageOrgCodesByUserId($userId);
if (empty($userOrgCodes)) {
return [];
}
$orgIds = $this->getOrgService()->findOrgsByPrefixOrgCodes($userOrgCodes, ['id']);
return ArrayToolkit::column($orgIds, 'id');
}
/**
* @param $userId
*
* @return array 获取用户有权限管理的OrgIds
*/
public function findUserManageOrgIdsByUserId($userId)
{
$records = $this->getManagePermissionOrgDao()->findByUserId($userId);
if (empty($records)) {
return [];
}
$orgIds = ArrayToolkit::column($records, 'orgId');
return $this->checkPermissionOrgHasChange($userId, $orgIds);
}
/**
* @param $userId
*
* @return array 获取用户设置的管理范围OrgCodes
*/
public function findUserManageOrgCodesByUserId($userId)
{
$records = $this->getManagePermissionOrgDao()->findByUserId($userId);
if (empty($records)) {
return [];
}
$orgIds = ArrayToolkit::column($records, 'orgId');
$permissionOrgIds = $this->checkPermissionOrgHasChange($userId, $orgIds);
$orgs = $this->getOrgService()->findOrgsByIds($permissionOrgIds);
return ArrayToolkit::column($orgs, 'orgCode');
}
public function deleteOrgRecord($id)
{
return $this->getManagePermissionOrgDao()->delete($id);
}
public function deleteOrgRecordsByUserId($userId)
{
return $this->getManagePermissionOrgDao()->deleteByUserId($userId);
}
public function searchOrgRecords($conditions, $orderBys, $start, $limit, $columns = [])
{
return $this->getManagePermissionOrgDao()->search($conditions, $orderBys, $start, $limit, $columns);
}
public function findOrgRecordsByUserId($userId)
{
return $this->getManagePermissionOrgDao()->findByUserId($userId);
}
/**
* @param $menu
* @param $orgCode
* 反查有某个列表管理权限且能管某个组织机构的管理员
*/
public function findMangeUsersByMenuCodeAndOrgCode($menu, $orgCode): array
{
$roles = $this->getRoleService()->searchRoles([], [], 0, PHP_INT_MAX);
$users = [];
foreach ($roles as $role) {
if (in_array($menu, $role['data'])) {
$roleUsers = $this->getUserService()->searchUsers(['roles' => "{$role['code']}"], [], 0, PHP_INT_MAX, ['id']);
$users = array_merge($users, ArrayToolkit::column($roleUsers, 'id'));
}
}
$users = array_values(array_unique($users));
if (empty($users)) {
return [];
}
$orgIds = explode('.', $orgCode);
$userIds = $this->searchOrgRecords(['orgIds' => empty($orgIds) ? [-1] : $orgIds, 'userIds' => $users], [], 0, PHP_INT_MAX, ['userId']);
if (empty($userIds)) {
return [];
}
$userIds = array_diff(ArrayToolkit::column($userIds, 'userId'), [1]);
return array_values(array_unique($userIds));
}
/**
* @param string $type 使用授权类型
* @param int $resourceId 资源Id
* @param int $resourceOrgId 资源orgId
*
* @return bool
* // 判断资源是否能够被当前用户使用
*/
public function checkResourceUsePermission($type, $resourceId, $resourceOrgId = 0): bool
{
if (empty($resourceId)) {
return false;
}
if ($this->getResourceUsePermissionSharedService()->checkResourceUseShared($type, $resourceId, $this->getCurrentUser()->getId())) {
return true;
}
if (!empty($this->orgManageArr[$type])) {
return $this->getResourceManageClass($this->orgManageArr[$type])->tryManageResourceByResourceId($resourceId);
}
if ($resourceOrgId) {
$org = $this->getOrgService()->getOrg($resourceOrgId);
return !empty($org) && $this->getCurrentUser()->hasManagePermissionWithOrgCode($org['orgCode']);
}
return false;
}
public function diffCanbeAddOrgIds($newSettingOrgIds, $oldSettingOrgIds): array
{
$newSettingOrgIds = $this->getOrgService()->wipeOffChildrenOrgIds($newSettingOrgIds);
$oldSettingOrgIds = $this->getOrgService()->wipeOffChildrenOrgIds($oldSettingOrgIds);
$currentUserOrgIds = $this->getCurrentUser()->getManageOrgIdsRecursively();
$notManageableOrgIds = array_diff($oldSettingOrgIds, $currentUserOrgIds);
$diffOrgIds = array_intersect($currentUserOrgIds, $newSettingOrgIds);
return array_merge($notManageableOrgIds, $diffOrgIds);
}
/**
* @param $userId
*
* @return mixed
*
* 判断管理范围是否有过跨级的更改
*/
protected function checkPermissionOrgHasChange($userId, array $orgIds)
{
$permissionOrgIds = $this->getOrgService()->wipeOffChildrenOrgIds($orgIds);
$diff = array_diff($orgIds, $permissionOrgIds);
if (!empty($diff)) {
$this->setUserManagePermissionOrgs($userId, $permissionOrgIds);
}
return $permissionOrgIds;
}
protected function filterFields($fields)
{
return ArrayToolkit::parts(
$fields,
[
'userId',
'orgId',
'createdUserId',
]
);
}
/**
* @return ResourceUsePermissionSharedService
*/
protected function getResourceUsePermissionSharedService()
{
return $this->createService('ResourceUsePermissionShared:ResourceUsePermissionSharedService');
}
/**
* @return OrgServiceImpl
*/
protected function getOrgService()
{
return $this->createService('Org:OrgService');
}
/**
* @return ManagePermissionOrgDao
*/
protected function getManagePermissionOrgDao()
{
return $this->createDao('CorporateTrainingBundle:ManagePermission:ManagePermissionOrgDao');
}
/**
* @return \CorporateTrainingBundle\Biz\Role\Service\Impl\RoleServiceImpl
*/
protected function getRoleService()
{
return $this->createService('CorporateTrainingBundle:Role:RoleService');
}
/**
* @return UserService
*/
protected function getUserService()
{
return $this->createService('User:UserService');
}
protected function getResourceManageClass($type): BaseType
{
return $this->biz->offsetGet('resource_manage.'.$type);
}
}

src/CorporateTrainingBundle/Biz/ManagePermission/Service/Impl/ManagePermissionOrgServiceImpl.php line 114