feat：OpenApi应用新增租户权限，涉及api新增openapiUser权限过滤

@@ -43,12 +43,8 @@ public class HomePageController extends BaseController {
   public HomeDeviceInfoDTO getOpenApiDeviceInfo()
           throws ThingsboardException, ExecutionException, InterruptedException {
     return homePageService.getOpenApiDeviceInfo(
-            getCurrentUser().isPtSysadmin(),
-            getCurrentUser().isPtAdmin(),
-            getCurrentUser().isPtTenantAdmin(),
-            getCurrentUser().isPtCommonTenant(),
             getCurrentUser().getCurrentTenantId(),
-            getCurrentUser().getCurrentUserId(), getCurrentUser().getCustomerId()==null?null:getCurrentUser().getCustomerId().getId().toString());
+            getCurrentUser().getCurrentUserId());
   }
 
 
@@ -57,12 +53,8 @@ public class HomePageController extends BaseController {
   public BaseHomePageTop getOpenApiAlarmInfo()
           throws ThingsboardException, ExecutionException, InterruptedException {
     return homePageService.getOpenApiAlarmInfo(
-            getCurrentUser().isPtSysadmin(),
-            getCurrentUser().isPtAdmin(),
-            getCurrentUser().isPtTenantAdmin(),
-            getCurrentUser().isPtCommonTenant(),
             getCurrentUser().getCurrentTenantId(),
-            getCurrentUser().getCurrentUserId(), getCurrentUser().getCustomerId()==null?null:getCurrentUser().getCustomerId().getId().toString());
+            getCurrentUser().getCurrentUserId());
   }
   @GetMapping("left/top")
   @ApiOperation(value = "获取左侧顶部信息")

@@ -118,9 +118,9 @@ public class ThingsModelController extends BaseController {
   @ApiOperation("修改物模型排序接口")
   @PreAuthorize("hasAnyAuthority('TENANT_ADMIN')")
   public ResponseEntity<Boolean> updateSort(
-          @RequestParam(value = "sortType: up向上，down向下，topUp置顶，bottomUp置底" ) String sortType,
+          @RequestParam(value = "sortType" ) String sortType,
           @RequestParam(value = "id") String id,
-          @RequestParam (value = "isCategory 是否品类") Boolean isCategory)
+          @RequestParam (value = "isCategory") Boolean isCategory)
           throws ThingsboardException {
     return ResponseEntity.ok(thingsModelService.updateSort(id,sortType,isCategory));
   }

@@ -74,7 +74,7 @@ public class TkAlarmInfoController extends BaseController {
       customerId = getCurrentUser().getCustomerId().getId();
     }
     List<String> orgIds = null;
-    if(getCurrentUser().isPtCommonTenant()){
+    if(getCurrentUser().isPtCommonTenant()||getCurrentUser().isOpenApiUser()){
       orgIds = commonTenantOrganizationAllIds();
     }
     return alarmInfoService.alarmPage(

@@ -263,8 +263,8 @@ public class TkDeviceController extends BaseController {
     if (getCurrentUser().isCustomerUser()) {
       queryMap.put("customerId", getCurrentUser().getCustomerId().getId());
     }
-    //如果当前用户是普通租户
-    if (getCurrentUser().isPtCommonTenant()) {
+    //如果当前用户是普通租户或者openapi用戶
+    if (getCurrentUser().isPtCommonTenant()||getCurrentUser().isOpenApiUser()) {
       List<String> organizationIds =commonTenantOrganizationAllIds();
       if(null!=organizationIds&&organizationIds.size()>0){
         queryMap.put("organizationIds", organizationIds);

@@ -68,6 +68,7 @@ public class TkOrganizationController extends BaseController {
             getCurrentUser().isPtTenantAdmin(),
             getCurrentUser().isCustomerUser(),
             getCurrentUser().isPtCommonTenant(),
+            getCurrentUser().isOpenApiUser(),
             getCurrentUser().getCurrentTenantId(),
             getCurrentUser().getCurrentUserId(),organizationId);
     return ResponseEntity.ok(result);

@@ -14,18 +14,17 @@ import org.thingsboard.server.common.data.StringUtils;
 import org.thingsboard.server.common.data.exception.ThingsboardException;
 import org.thingsboard.server.common.data.yunteng.core.exception.TkDataValidationException;
 import org.thingsboard.server.common.data.yunteng.core.message.ErrorMessage;
-import org.thingsboard.server.common.data.yunteng.dto.ApplicationDTO;
-import org.thingsboard.server.common.data.yunteng.dto.OpenApiContrlooerDTO;
-import org.thingsboard.server.common.data.yunteng.dto.OpenApiDTO;
-import org.thingsboard.server.common.data.yunteng.dto.UserDTO;
+import org.thingsboard.server.common.data.yunteng.dto.*;
 import org.thingsboard.server.common.data.yunteng.utils.i18n.MessageUtils;
 import org.thingsboard.server.controller.BaseController;
 import org.thingsboard.server.controller.yunteng.TkThirdPlatformController;
 import org.thingsboard.server.controller.yunteng.TkUserController;
+import org.thingsboard.server.dao.exception.DataValidationException;
 import org.thingsboard.server.dao.yunteng.entities.TkOpenApiRecordEntity;
 import org.thingsboard.server.dao.yunteng.service.ApplicationService;
 import org.thingsboard.server.dao.yunteng.service.OpenApiRecordService;
 import org.thingsboard.server.dao.yunteng.service.OpenApiService;
+import org.thingsboard.server.dao.yunteng.service.TkOrganizationService;
 import org.thingsboard.server.queue.util.TbCoreComponent;
 import org.thingsboard.server.service.security.auth.yunteng.TkLoginResponse;
 import org.thingsboard.server.utils.MiscUtils;
@@ -34,6 +33,7 @@ import javax.servlet.http.HttpServletRequest;
 import java.time.LocalDateTime;
 import java.util.List;
 import java.util.Map;
+import java.util.stream.Collectors;
 
 @Api(tags = "OpenApi接口")
 @RestController
@@ -49,6 +49,7 @@ public class OpenApiController extends BaseController {
   private final RestTemplate restTemplate = new RestTemplate();
   private final OpenApiService openApiService;
   private final OpenApiRecordService openApiRecordService;
+  private final TkOrganizationService tKOrganizationService;
 
 
   @GetMapping("/getToken")
@@ -59,6 +60,8 @@ public class OpenApiController extends BaseController {
     //如果第一次获取token则新建用户并且返回token
     if(StringUtils.isEmpty(app.getUserId())){
       UserDTO userDTO = new UserDTO().newOpenApiUser(app.getTenantId(),app.getKey());
+      List<String> OrgIdS= tKOrganizationService.organizationAllIds(app.getTenantId(),app.getOrganizationId());
+      userDTO.setOrganizationIds(OrgIdS.toArray(new String[0]));
       tkUserController.saveTenant(userDTO,true);
       userId =userDTO.getId();
       app.setUserId(userId);
@@ -84,8 +87,8 @@ public class OpenApiController extends BaseController {
       ApplicationDTO appDto = applicationService.getDtoByUserId(getCurrentUser().getCurrentUserId());
       //记录日志
       setRecord(api,appDto,record);
-      if (!appDto.getApiList().contains(api.getId())) {
-        throw new TkDataValidationException(String.format(MessageUtils.message(ErrorMessage.
+      if (null==appDto.getApiList()||!appDto.getApiList().contains(api.getId())) {
+        throw new DataValidationException(String.format(MessageUtils.message(ErrorMessage.
                 NOT_HAVE_PERMISSION.getI18nCode())));
       }
       // 构建URL

@@ -50,6 +50,7 @@ public class SecurityUser extends User {
 	@Getter @Setter private boolean ptTenantAdmin = false;
 	@Getter @Setter private boolean ptAdmin = false;
     @Getter @Setter private boolean ptCommonTenant = false;
+    @Getter @Setter private boolean openApiUser = false;
 	@Getter @Setter private Set<String> roles;
 	@Getter @Setter private String platformUserName;
 
@@ -87,9 +88,12 @@ public class SecurityUser extends User {
 	                this.ptAdmin =
 	                    this.roles.stream()
 	                        .anyMatch(role -> role.equals(RoleEnum.PLATFORM_ADMIN.name()));
-                this.ptCommonTenant =
+                    this.ptCommonTenant =
                         this.roles.stream().anyMatch(role -> role.equals(RoleEnum.TENANT_ADMIN.name()))
                                 &user.getUserDetailsDTO().getLevel()== FastIotConstants.MagicNumber.FOUR;
+                    this.openApiUser =
+                          this.roles.stream().anyMatch(role -> role.equals(RoleEnum.OPENAPI_USER.name()))
+                                  &user.getUserDetailsDTO().getLevel()== FastIotConstants.MagicNumber.FIVE;
 	                return roleDTOS;
 	              });
 	    }

@@ -66,6 +66,7 @@ public class JwtTokenFactory {
     private static final String CURRENT_TENANT_ID = "currentTenantId";
     private static final String PLATFORM_USER_NAME = "platformUserName";
     private static final String IS_COMMON_TENANT = "isCommonTenant";
+    private static final String IS_OPENAPI_USER = "isOpenApiUser";
 
     private final JwtSettingsService jwtSettingsService;
 
@@ -86,6 +87,7 @@ public class JwtTokenFactory {
                 .claim(ENABLED, securityUser.isEnabled())
 				//thingskit
 				.claim(IS_COMMON_TENANT,securityUser.isPtCommonTenant())
+                .claim(IS_OPENAPI_USER,securityUser.isOpenApiUser())
 				.claim(CURRENT_USER_ID,securityUser.getCurrentUserId())
 				.claim(PLATFORM_USER_NAME,securityUser.getPlatformUserName())
 				.claim(ROLE,securityUser.getRoles())
@@ -126,6 +128,7 @@ public class JwtTokenFactory {
            securityUser.setPtTenantAdmin(securityUser.getRoles().stream().anyMatch(role -> role.equals(RoleEnum.TENANT_ADMIN.name()))&!isCommonTenant);
            securityUser.setPtAdmin(securityUser.getRoles().stream().anyMatch(role -> role.equals(RoleEnum.PLATFORM_ADMIN.name())));
            securityUser.setPtCommonTenant(isCommonTenant);
+           securityUser.setOpenApiUser(securityUser.getRoles().stream().anyMatch(role -> role.equals(RoleEnum.OPENAPI_USER.name())));
        }
         securityUser.setCurrentUserId(claims.get(CURRENT_USER_ID, String.class));
 		securityUser.setPlatformUserName(claims.get(PLATFORM_USER_NAME,String.class));

@@ -7,11 +7,11 @@ import lombok.RequiredArgsConstructor;
 import lombok.extern.slf4j.Slf4j;
 import org.springframework.stereotype.Service;
 import org.springframework.transaction.annotation.Transactional;
-import org.thingsboard.server.common.data.yunteng.core.exception.TkDataValidationException;
 import org.thingsboard.server.common.data.yunteng.core.message.ErrorMessage;
 import org.thingsboard.server.common.data.yunteng.dto.ApplicationDTO;
 import org.thingsboard.server.common.data.yunteng.utils.i18n.MessageUtils;
 import org.thingsboard.server.common.data.yunteng.utils.tools.TkPageData;
+import org.thingsboard.server.dao.exception.DataValidationException;
 import org.thingsboard.server.dao.yunteng.entities.TkApplicationApiEntity;
 import org.thingsboard.server.dao.yunteng.entities.TkApplicationEntity;
 import org.thingsboard.server.dao.yunteng.entities.TkOrganizationEntity;
@@ -131,7 +131,7 @@ public class ApplicationServiceImpl extends AbstractBaseService<ApplicationMappe
                     .eq(TkApplicationEntity::getKey, key)
                     .eq(TkApplicationEntity::getSecret,secret));
     if(null == entity){
-      throw new TkDataValidationException(String.format(MessageUtils.message(ErrorMessage.
+      throw new DataValidationException(String.format(MessageUtils.message(ErrorMessage.
               OPENAPI_APP_ISNULL.getI18nCode())));
     }
     ApplicationDTO dto  = new ApplicationDTO();
@@ -145,7 +145,7 @@ public class ApplicationServiceImpl extends AbstractBaseService<ApplicationMappe
             new LambdaQueryWrapper<TkApplicationEntity>()
                     .eq(TkApplicationEntity::getUserId, userId));
     if(null == entity){
-      throw new TkDataValidationException(String.format(MessageUtils.message(ErrorMessage.
+      throw new DataValidationException(String.format(MessageUtils.message(ErrorMessage.
               OPENAPI_APP_ISNULL.getI18nCode())));
     }
     ApplicationDTO dto = new ApplicationDTO();

@@ -7,15 +7,14 @@ import lombok.RequiredArgsConstructor;
 import lombok.extern.slf4j.Slf4j;
 import org.springframework.stereotype.Service;
 import org.springframework.transaction.annotation.Transactional;
-import org.thingsboard.server.common.data.yunteng.core.exception.TkDataValidationException;
 import org.thingsboard.server.common.data.yunteng.core.message.ErrorMessage;
-import org.thingsboard.server.common.data.yunteng.dto.DeviceDTO;
 import org.thingsboard.server.common.data.yunteng.dto.OpenApiContrlooerDTO;
 import org.thingsboard.server.common.data.yunteng.dto.OpenApiDTO;
 import org.thingsboard.server.common.data.yunteng.dto.ApiMenuDTO;
 import org.thingsboard.server.common.data.yunteng.utils.CopyUtils;
 import org.thingsboard.server.common.data.yunteng.utils.i18n.MessageUtils;
 import org.thingsboard.server.common.data.yunteng.utils.tools.TkPageData;
+import org.thingsboard.server.dao.exception.DataValidationException;
 import org.thingsboard.server.dao.yunteng.entities.TkOpenApiEntity;
 import org.thingsboard.server.dao.yunteng.mapper.OpenApiMapper;
 import org.thingsboard.server.dao.yunteng.service.AbstractBaseService;
@@ -35,7 +34,7 @@ public class OpenApiImpl extends AbstractBaseService<OpenApiMapper, TkOpenApiEnt
   public OpenApiDTO getDto(String id) {
     TkOpenApiEntity entity  = baseMapper.selectById(id);
     if(null == entity){
-      throw new TkDataValidationException(String.format(MessageUtils.message(ErrorMessage.
+      throw new DataValidationException(String.format(MessageUtils.message(ErrorMessage.
               OPENAPI_API_ISNULL.getI18nCode())));
     }
     OpenApiDTO dto = new OpenApiDTO();
@@ -82,7 +81,7 @@ public class OpenApiImpl extends AbstractBaseService<OpenApiMapper, TkOpenApiEnt
             .in(TkOpenApiEntity::getId,apiIds));
     list.stream().forEach(entity ->{
       if(!entity.getTenantId().equals(tenantId)){
-        throw new TkDataValidationException(String.format(MessageUtils.message(ErrorMessage.
+        throw new DataValidationException(String.format(MessageUtils.message(ErrorMessage.
                 NOT_HAVE_PERMISSION.getI18nCode())));
       }
     });
@@ -94,7 +93,7 @@ public class OpenApiImpl extends AbstractBaseService<OpenApiMapper, TkOpenApiEnt
   public OpenApiDTO update(OpenApiDTO dto, String tenantId) {
     TkOpenApiEntity openApi = baseMapper.selectById(dto.getId());
     if(!openApi.getTenantId().equals(tenantId)){
-      throw new TkDataValidationException(String.format(MessageUtils.message(ErrorMessage.
+      throw new DataValidationException(String.format(MessageUtils.message(ErrorMessage.
               NOT_HAVE_PERMISSION.getI18nCode())));
     }
     dto.copyToEntity(openApi);

@@ -185,11 +185,12 @@ public class TkHomePageServiceImpl implements HomePageService {
   }
 
   @Override
-  public HomeDeviceInfoDTO getOpenApiDeviceInfo(boolean isPtSysAdmin, boolean isPtAdmin, boolean isTenantAdmin,
-                                                boolean isPtCommonTenant, String tenantId, String currentUserId, String customerId){
+  public HomeDeviceInfoDTO getOpenApiDeviceInfo( String tenantId, String currentUserId){
     long zero = FastIotConstants.MagicNumber.ZERO;
     HomeDeviceInfoDTO  homeDeviceInfo = new HomeDeviceInfoDTO(zero);
     Map<String, Object> queryMap = new HashMap<>();
+    List<String> orgIds = sysUserOrganizationMappingServiceImpl.getOrganizationIdsByUserId(currentUserId);
+    queryMap.put("organizationIds",orgIds);
     queryMap.put("tenantId", UUID.fromString(tenantId));
     List<TkDeviceEntity>  deviceList = deviceMapper.findDevices(queryMap);
     if (null != deviceList) {
@@ -199,17 +200,20 @@ public class TkHomePageServiceImpl implements HomePageService {
   }
 
   @Override
-  public BaseHomePageTop getOpenApiAlarmInfo(boolean isPtSysAdmin, boolean isPtAdmin, boolean isTenantAdmin,
-                                             boolean isPtCommonTenant, String tenantId, String currentUserId,
-                                             String customerId) throws ExecutionException, InterruptedException {
-    Map<String, Object> queryMap = new HashMap<>();
-    queryMap.put("tenantId", UUID.fromString(tenantId));
+  public BaseHomePageTop getOpenApiAlarmInfo( String tenantId, String currentUserId) throws ExecutionException, InterruptedException {
+    List<BaseHomePageTop> alarmList;
     long zero = FastIotConstants.MagicNumber.ZERO;
-    TenantId currentTenantId = TenantId.fromUUID(UUID.fromString(tenantId));
-    HomePageTopMessage messageInfo = new HomePageTopMessage(zero);
     BaseHomePageTop alarm = new BaseHomePageTop(zero);
-    ApiUsageState apiUsageState = apiUsageStateService.findTenantApiUsageState(currentTenantId);
-    setAllAlarmAndMessageInfo(currentTenantId, apiUsageState.getId(), messageInfo, alarm);
+    List<String> orgIds = sysUserOrganizationMappingServiceImpl.getOrganizationIdsByUserId(currentUserId);
+    LocalDateTime todayBegin = LocalDateTime.of(LocalDateTime.now().toLocalDate(), LocalTime.MIN);
+    long startTs = todayBegin.toInstant(ZoneOffset.of("+8")).toEpochMilli();
+    alarmList = deviceMapper.findDeviceAlarmInfoByCustomer(startTs, null,orgIds);
+    if (alarmList.size() > zero) {
+      BaseHomePageTop baseHomePageTop = alarmList.get(0);
+      alarm.setSumCount(baseHomePageTop.getSumCount());
+      alarm.setTodayAdd(
+              baseHomePageTop.getTodayAdd() == null ? zero : baseHomePageTop.getTodayAdd());
+    }
     return alarm;
 
   }

@@ -73,7 +73,7 @@ public class TkOrganizationServiceImpl extends AbstractBaseService<OrganizationM
     if (isCustomerOrPlatform) {
       if (StringUtils.isEmpty(parentId)) {
         // 获取当前用户的最顶级组织ID的父ID
-        List<OrganizationDTO> myOrganizations = getMyOrganizations(false, false, false,false,tenantId, userId,null);
+        List<OrganizationDTO> myOrganizations = getMyOrganizations(false, false, false,false,false,tenantId, userId,null);
         if (null != myOrganizations && myOrganizations.size() > 0) {
           OrganizationDTO organizationDto = myOrganizations.get(0);
           organization.setParentId(organizationDto.getParentId());
@@ -291,14 +291,14 @@ public class TkOrganizationServiceImpl extends AbstractBaseService<OrganizationM
 
   @Override
   public List<OrganizationDTO> getMyOrganizations(
-      boolean isPtSysAdmin, boolean isPtTenantAdmin,boolean isCustomer, boolean isPtCommonTenant, String tenantId, String currentUserId,String organizationId) {
+      boolean isPtSysAdmin, boolean isPtTenantAdmin,boolean isCustomer, boolean isPtCommonTenant,boolean isOpenApiUser, String tenantId, String currentUserId,String organizationId) {
     //如果传入上级组织id直接查询该组织及以下
     if(null != organizationId){
       List<String> organizationIds = StringUtils.isEmpty(organizationId)?null:List.of(organizationId);
       return findOrganizationTree(tenantId,organizationIds);
     }
     // 如果是租户管理员,则返回该租户id下的所有组织
-    if (isPtTenantAdmin || isPtSysAdmin || (!isCustomer && !isPtCommonTenant)) {
+    if (isPtTenantAdmin || isPtSysAdmin || (!isCustomer && !isPtCommonTenant&&!isOpenApiUser)) {
       return findOrganizationTree(tenantId,null);
     } else {
       // 返回当前用户组织id集

@@ -37,23 +37,13 @@ public interface HomePageService {
       throws ExecutionException, InterruptedException;
 
   HomeDeviceInfoDTO getOpenApiDeviceInfo(
-          boolean isPtSysAdmin,
-          boolean isPtAdmin,
-          boolean isTenantAdmin,
-          boolean isPtCommonTenant,
           String tenantId,
-          String currentUserId,
-          String customerId)
+          String currentUserId)
           throws ExecutionException, InterruptedException;
 
   BaseHomePageTop getOpenApiAlarmInfo(
-          boolean isPtSysAdmin,
-          boolean isPtAdmin,
-          boolean isTenantAdmin,
-          boolean isPtCommonTenant,
           String tenantId,
-          String currentUserId,
-          String customerId)
+          String currentUserId)
           throws ExecutionException, InterruptedException;
 
   /**

@@ -14,7 +14,7 @@ public interface TkOrganizationService extends BaseService<TkOrganizationEntity>
   boolean deleteOrganizations(DeleteDTO deleteDTO,String tenantId);
 
   List<OrganizationDTO> getMyOrganizations(
-          boolean isPtSysAdmin,boolean isPtTenantAdmin,boolean isCustomer, boolean isPtCommonTenant,String tenantId, String currentUserId,String organizationId);
+          boolean isPtSysAdmin,boolean isPtTenantAdmin,boolean isCustomer, boolean isPtCommonTenant,boolean isOpenApiUser,String tenantId, String currentUserId,String organizationId);
 
   OrganizationDTO updateOrganization(OrganizationDTO organizationDTO, String tenantId,boolean isCustomerOrPlatform,String userId);