权限点初始化逻辑优化

eco-common/com-security/src/main/java/org/eco/vip/security/core/domain/SecurityPermissionBO.java

@@ -24,6 +24,11 @@ import java.io.Serializable;
 @AllArgsConstructor
 public class SecurityPermissionBO implements Serializable {
 
+    /**
+     * 唯一标识
+     */
+    private String id;
+
     /**
      * 名称
      */

eco-common/com-security/src/main/java/org/eco/vip/security/core/domain/SecurityPermissionVO.java

@@ -18,6 +18,11 @@ import java.io.Serializable;
 @Data
 public class SecurityPermissionVO implements Serializable {
 
+    /**
+     * 唯一标识
+     */
+    private String id;
+
     /**
      * 名称
      */

eco-common/com-security/src/main/java/org/eco/vip/security/core/service/ISecurityPermissionService.java

@@ -19,6 +19,7 @@ import java.util.List;
 public interface ISecurityPermissionService {
     boolean addPermission(SecurityPermissionBO permissionBO);
     boolean addPermissionBatch(List<SecurityPermissionBO> permissionBOList);
+    boolean delPermissionBatch(List<SecurityPermissionBO> permissionBOList);
 
     List<SecurityPermissionVO> selectListAll();
 }

eco-common/com-security/src/main/java/org/eco/vip/security/handler/PermissionHandler.java

@@ -7,10 +7,13 @@ package org.eco.vip.security.handler;
 import cn.dev33.satoken.annotation.SaCheckPermission;
 import jakarta.annotation.Resource;
 import lombok.extern.slf4j.Slf4j;
+import org.eco.vip.orm.utils.BeanUtils;
 import org.eco.vip.orm.utils.CollUtils;
 import org.eco.vip.orm.utils.ObjUtils;
+import org.eco.vip.orm.utils.StrUtils;
 import org.eco.vip.security.annotation.PermissionsResource;
 import org.eco.vip.security.core.domain.SecurityPermissionBO;
+import org.eco.vip.security.core.domain.SecurityPermissionVO;
 import org.eco.vip.security.core.service.ISecurityPermissionService;
 import org.springframework.boot.context.event.ApplicationReadyEvent;
 import org.springframework.context.ApplicationContext;
@@ -51,7 +54,11 @@ public class PermissionHandler implements ApplicationListener<ApplicationReadyEv
             log.info("无权限编码配置!");
             return;
         }
+        List<SecurityPermissionVO> permissionVoList = securityPermissionService.selectListAll();
+
+        // 所有权限集合
         List<SecurityPermissionBO> permissionBoList = new ArrayList<>();
+
         for (Object controller : controllers.values()) {
             Class<?> clazz = controller.getClass();
             // 获取类上的资源名称
@@ -63,20 +70,73 @@ public class PermissionHandler implements ApplicationListener<ApplicationReadyEv
                 if (ObjUtils.isNotNull(permission)) {
                     String[] perms = permission.value();
                     for (String perm : perms) {
-                        SecurityPermissionBO permissionBO = SecurityPermissionBO.builder().name(resourceName).code(perm).build();
-                        permissionBoList.add(permissionBO);
+                        SecurityPermissionBO bo = SecurityPermissionBO.builder().name(resourceName).code(perm).build();
+                        permissionBoList.add(bo);
                     }
                 }
             }
         }
-        boolean result = securityPermissionService.addPermissionBatch(permissionBoList);
-        if (!result) {
-            log.error("权限加载失败!");
+
+        // 全局无注解的权限并且权限表无数据，直接返回
+        if (CollUtils.isEmpty(permissionBoList) && CollUtils.isEmpty(permissionVoList)) {
+            log.info("无权限编码配置!");
+            return;
+        }
+
+        // 全局无注解的权限，直接删除表已有的
+        if (CollUtils.isEmpty(permissionBoList) && CollUtils.isNotEmpty(permissionVoList)) {
+            boolean isSuccess = securityPermissionService.delPermissionBatch(BeanUtils.convertList(permissionVoList, SecurityPermissionBO.class));
+            errorLog(isSuccess);
+            log.info("删除冗余权限点！");
+            return;
+        }
+        // 全局有注解的权限，表里无数据，直接新增
+        if (CollUtils.isEmpty(permissionVoList) && CollUtils.isNotEmpty(permissionBoList)) {
+            boolean isSuccess = securityPermissionService.addPermissionBatch(permissionBoList);
+            errorLog(isSuccess);
+            log.info("直接新增权限点！");
             return;
         }
+
+        // 需要新增的集合
+        List<SecurityPermissionBO> addPermissionBoList = new ArrayList<>();
+        // 需要删除的集合
+        List<SecurityPermissionBO> delPermissionBoList = new ArrayList<>();
+        permissionBoList.forEach(bo -> {
+            boolean result = permissionVoList.stream().anyMatch(vo -> StrUtils.equals(vo.getCode().concat(vo.getName()), bo.getCode().concat(bo.getName())));
+            if (!result) {
+                addPermissionBoList.add(bo);
+            }
+        });
+        permissionVoList.forEach(vo -> {
+            boolean result = permissionBoList.stream().noneMatch(bo -> StrUtils.equals(vo.getCode().concat(vo.getName()), bo.getCode().concat(bo.getName())));
+            if (result) {
+                SecurityPermissionBO delPermissionBo = BeanUtils.copyProperties(vo, SecurityPermissionBO.class);
+                delPermissionBoList.add(delPermissionBo);
+            }
+
+        });
+        addPermissionBoList.forEach(bo -> log.info("新增权限编码:{}", bo.getCode().concat(bo.getName())));
+        delPermissionBoList.forEach(bo -> log.info("删除权限编码:{}", bo.getCode().concat(bo.getName())));
+        // 新增
+        if (CollUtils.isNotEmpty(addPermissionBoList)) {
+            boolean isSuccess = securityPermissionService.addPermissionBatch(addPermissionBoList);
+            errorLog(isSuccess);
+        }
+        // 删除
+        if (CollUtils.isNotEmpty(delPermissionBoList)) {
+            boolean isSuccess = securityPermissionService.delPermissionBatch(delPermissionBoList);
+            errorLog(isSuccess);
+        }
         log.info("权限加载完成");
     }
 
+    private static void errorLog(boolean isSuccess) {
+        if (!isSuccess) {
+            log.error("权限加载失败!");
+        }
+    }
+
     private String getResourceName(Class<?> clazz) {
         // 这里可以自定义获取模块名的逻辑，比如通过自定义注解
         PermissionsResource moduleAnnotation = AnnotationUtils.findAnnotation(clazz, PermissionsResource.class);

eco-nexus-core/auth-biz/src/main/java/org/eco/vip/auth/controller/org/OrgController.java

@@ -44,7 +44,6 @@ public class OrgController {
     }
 
     @GetMapping("/list")
-    @SaCheckPermission("system:org:list")
     public CommonResult<List<OrgVO>> list(OrgBO orgBO) {
         return success(orgService.selectList(orgBO));
     }

eco-nexus-core/auth-biz/src/main/java/org/eco/vip/auth/service/permission/PermissionService.java

@@ -48,12 +48,18 @@ public class PermissionService extends BaseService<PermissionMapper, Permission>
     @Override
     public boolean addPermissionBatch(List<SecurityPermissionBO> permissionBOList) {
         // 全量删除
-        QueryWrapper queryWrapper = new QueryWrapper().where("1=1");
-        this.remove(queryWrapper);
+//        QueryWrapper queryWrapper = new QueryWrapper().where("1=1");
+//        this.remove(queryWrapper);
         List<Permission> permissionList = BeanUtils.convertList(permissionBOList, Permission.class);
         return this.saveBatch(permissionList, 100);
     }
 
+    @Override
+    public boolean delPermissionBatch(List<SecurityPermissionBO> permissionBOList) {
+        List<String> ids = permissionBOList.stream().map(SecurityPermissionBO::getId).toList();
+        return this.removeByIds(ids);
+    }
+
     @Override
     public List<SecurityPermissionVO> selectListAll() {
         QueryWrapper queryWrapper = new QueryWrapper();