1、增加人才信息查看权限控制

menduner/menduner-system-biz/src/main/java/com/citu/module/menduner/system/controller/app/recruit/person/AppRecruitPersonCvController.java

@@ -15,6 +15,7 @@ import com.citu.module.menduner.system.service.job.JobCvRelService;
 import com.citu.module.menduner.system.service.job.JobIntegrationService;
 import com.citu.module.menduner.system.service.person.PersonIntegrationService;
 import com.citu.module.menduner.system.service.unfit.UnfitCandidateService;
+import com.citu.module.menduner.system.util.RedisUtils;
 import io.swagger.v3.oas.annotations.Operation;
 import io.swagger.v3.oas.annotations.tags.Tag;
 import org.springframework.validation.annotation.Validated;
@@ -23,7 +24,9 @@ import org.springframework.web.bind.annotation.*;
 import javax.annotation.Resource;
 import javax.validation.Valid;
 
+import static com.citu.framework.common.exception.util.ServiceExceptionUtil.exception;
 import static com.citu.framework.common.pojo.CommonResult.success;
+import static com.citu.module.menduner.system.enums.ErrorCodeConstants.MDE_REQUEST_ILLEGAL;
 
 @Tag(name = "招聘端 - 人才简历")
 @RestController
@@ -46,6 +49,8 @@ public class AppRecruitPersonCvController {
     @Resource
     private InterviewInviteService interviewInviteService;
 
+    @Resource
+    private RedisUtils redisUtils;
 
     @PreAuthenticated
     @GetMapping("/page")
@@ -68,6 +73,9 @@ public class AppRecruitPersonCvController {
     @ApiSignature(timeout = 30)
     @Operation(summary = "获取人才在线简历详情")
     public CommonResult<AppRecruitPersonDetailRespVO> detail(@RequestParam("userId") Long userId) {
+        if (!redisUtils.checkEnterpriseUserLookPersonPermission(userId)) {
+            throw exception(MDE_REQUEST_ILLEGAL);
+        }
         return success(personIntegrationService.detail(userId));
     }
 

menduner/menduner-system-biz/src/main/java/com/citu/module/menduner/system/dal/redis/RedisKeyConstants.java

@@ -161,4 +161,9 @@ public interface RedisKeyConstants {
      * VALUE 数据类型：String
      **/
     String MDE_AUTH_ENTERPRISE_USER_PWD_LOCK = "mde_auth_enterprise_user_pwd_lock:%s";
+
+    /**
+     * 企业用户查看人才权限
+     **/
+    String MDE_AUTH_ENTERPRISE_USER_VIEW_PERMISSION = "mde_auth_enterprise_user_look_person_permission:%s-%s";
 }

menduner/menduner-system-biz/src/main/java/com/citu/module/menduner/system/service/interview/InterviewInviteServiceImpl.java

@@ -1,6 +1,7 @@
 package com.citu.module.menduner.system.service.interview;
 
 
+import cn.hutool.core.collection.CollUtil;
 import com.baomidou.dynamic.datasource.annotation.DSTransactional;
 import com.citu.framework.common.pojo.PageResult;
 import com.citu.framework.common.util.object.BeanUtils;
@@ -9,6 +10,7 @@ import com.citu.module.menduner.common.util.LoginUserContext;
 import com.citu.module.menduner.system.controller.app.jobhunt.interview.vo.AppInterviewInvitePageReqVO;
 import com.citu.module.menduner.system.controller.app.jobhunt.interview.vo.AppInterviewInviteRespVO;
 import com.citu.module.menduner.system.controller.app.recruit.interview.vo.*;
+import com.citu.module.menduner.system.controller.app.recruit.unfit.AppRecruitUnfitCandidateRespVO;
 import com.citu.module.menduner.system.controller.base.CommonRespVO;
 import com.citu.module.menduner.system.controller.base.analysis.RecruitAnalysisPageReqVO;
 import com.citu.module.menduner.system.controller.base.analysis.RecruitInterviewInviteAnalysisRespVO;
@@ -26,6 +28,7 @@ import com.citu.module.menduner.system.service.enterprise.bind.EnterpriseUserBin
 import com.citu.module.menduner.system.service.hire.HireCommissionRatioService;
 import com.citu.module.menduner.system.service.job.JobAdvertisedService;
 import com.citu.module.menduner.system.service.job.JobCvRelService;
+import com.citu.module.menduner.system.util.RedisUtils;
 import com.citu.module.pay.api.wallet.PayWalletApi;
 import com.citu.module.pay.api.wallet.dto.PayWalletAddBalanceDTO;
 import com.citu.module.pay.enums.wallet.PayWalletBizTypeEnum;
@@ -39,6 +42,7 @@ import java.math.RoundingMode;
 import java.time.LocalDateTime;
 import java.util.Collections;
 import java.util.List;
+import java.util.stream.Collectors;
 
 import static com.citu.framework.common.exception.util.ServiceExceptionUtil.exception;
 import static com.citu.framework.common.util.validation.ValidationUtils.isMobile;
@@ -71,6 +75,8 @@ public class InterviewInviteServiceImpl implements InterviewInviteService {
     private JobCvRelService jobCvRelService;
     @Resource
     private JobAdvertisedService jobAdvertisedService;
+    @Resource
+    private RedisUtils redisUtils;
 
     /**
      * 计算佣金
@@ -205,11 +211,18 @@ public class InterviewInviteServiceImpl implements InterviewInviteService {
     @Override
     public PageResult<AppRecruitInterviewInviteRespVO> page(AppRecruitInterviewInviteReqPageVO reqVO) {
         LoginUser loginUser = LoginUserContext.get();
-        return mapper.page(
+        PageResult<AppRecruitInterviewInviteRespVO> result= mapper.page(
                 reqVO,
                 LoginUserContext.getEnterpriseId(loginUser),
                 LoginUserContext.getUserId(loginUser)
         );
+        if (CollUtil.isEmpty(result.getList())) {
+            return PageResult.empty();
+        }
+        redisUtils.setEnterpriseUserLookPersonPermission(result.getList().stream()
+                .map(AppRecruitInterviewInviteRespVO::getUserId)
+                .collect(Collectors.toSet()));
+        return result;
     }
 
     @Override

menduner/menduner-system-biz/src/main/java/com/citu/module/menduner/system/service/job/JobIntegrationServiceImpl.java

@@ -39,6 +39,7 @@ import com.citu.module.menduner.system.service.area.AreaService;
 import com.citu.module.menduner.system.service.enterprise.bind.EnterpriseUserBindService;
 import com.citu.module.menduner.system.service.interview.InterviewInviteService;
 import com.citu.module.menduner.system.util.ESQueryBuildUtils;
+import com.citu.module.menduner.system.util.RedisUtils;
 import lombok.extern.slf4j.Slf4j;
 import org.elasticsearch.index.query.BoolQueryBuilder;
 import org.elasticsearch.search.fetch.subphase.highlight.HighlightBuilder;
@@ -99,6 +100,8 @@ public class JobIntegrationServiceImpl implements JobIntegrationService {
 
     @Resource
     private ElasticsearchRestTemplate elasticsearchTemplate;
+    @Resource
+    private RedisUtils redisUtils;
 
 
     /**
@@ -327,6 +330,9 @@ public class JobIntegrationServiceImpl implements JobIntegrationService {
         if (CollUtil.isEmpty(pageResult.getList())) {
             return PageResult.empty();
         }
+        redisUtils.setEnterpriseUserLookPersonPermission(pageResult.getList().stream()
+                .map(AppRecruitJobCvRelRespVO::getUserId)
+                .collect(Collectors.toSet()));
         return pageResult;
 
     }
@@ -338,6 +344,9 @@ public class JobIntegrationServiceImpl implements JobIntegrationService {
         if (CollUtil.isEmpty(pageResult.getList())) {
             return PageResult.empty();
         }
+        redisUtils.setEnterpriseUserLookPersonPermission(pageResult.getList().stream()
+                .map(AppRecruitUnfitCandidateRespVO::getUserId)
+                .collect(Collectors.toSet()));
         return pageResult;
     }
 

menduner/menduner-system-biz/src/main/java/com/citu/module/menduner/system/service/person/PersonIntegrationServiceImpl.java

@@ -35,6 +35,7 @@ import com.citu.module.menduner.system.dal.mysql.workexp.WorkExpMapper;
 import com.citu.module.menduner.system.enums.sync.SyncConstants;
 import com.citu.module.menduner.system.mq.producer.GraphProducer;
 import com.citu.module.menduner.system.service.area.AreaService;
+import com.citu.module.menduner.system.util.RedisUtils;
 import org.springframework.stereotype.Service;
 import org.springframework.util.StringUtils;
 import org.springframework.validation.annotation.Validated;
@@ -44,6 +45,7 @@ import java.util.ArrayList;
 import java.util.Arrays;
 import java.util.List;
 import java.util.Set;
+import java.util.stream.Collectors;
 
 import static com.citu.module.menduner.system.enums.DictTypeConstants.*;
 
@@ -84,6 +86,9 @@ public class PersonIntegrationServiceImpl implements PersonIntegrationService {
     @Resource
     private AreaService areaService;
 
+    @Resource
+    private RedisUtils redisUtils;
+
 
     @Override
     public AppRecruitPersonDetailRespVO detail(Long userId) {
@@ -236,7 +241,13 @@ public class PersonIntegrationServiceImpl implements PersonIntegrationService {
 //            return PageResult.empty();
 //        }
 
-        return personInfoMapper.queryPage(reqVO, ids, LoginUserContext.getEnterpriseId());
+        PageResult<PersonInfoRespVO> result = personInfoMapper.queryPage(reqVO, ids, LoginUserContext.getEnterpriseId());
+
+        redisUtils.setEnterpriseUserLookPersonPermission(
+                result.getList().stream()
+                        .map(PersonInfoRespVO::getUserId)
+                        .collect(Collectors.toSet()));
+        return result;
     }
 
     @Override
@@ -253,7 +264,12 @@ public class PersonIntegrationServiceImpl implements PersonIntegrationService {
                 reqVO.setAreaIds(areaIdList);
             }
         }
-        return personInfoMapper.queryPage(reqVO, LoginUserContext.getEnterpriseId());
+        PageResult<PersonInfoRespVO> result = personInfoMapper.queryPage(reqVO, LoginUserContext.getEnterpriseId());
+        redisUtils.setEnterpriseUserLookPersonPermission(
+                result.getList().stream()
+                        .map(PersonInfoRespVO::getUserId)
+                        .collect(Collectors.toSet()));
+        return result;
     }
 
     @Override
@@ -270,14 +286,23 @@ public class PersonIntegrationServiceImpl implements PersonIntegrationService {
                 e.printStackTrace();
             }
         }
-        return personInfoMapper.queryPageById(null == ids ? null : Arrays.asList(ids),
+        PageResult<PersonInfoRespVO> result = personInfoMapper.queryPageById(null == ids ? null : Arrays.asList(ids),
                 LoginUserContext.getEnterpriseId(),
                 reqVO);
+        redisUtils.setEnterpriseUserLookPersonPermission(
+                result.getList().stream()
+                        .map(PersonInfoRespVO::getUserId)
+                        .collect(Collectors.toSet()));
+        return result;
     }
 
     @Override
     public PageResult<PersonInfoRespVO> selectEnterpriseTalentPoolPage(PersonInfoPageReqVO reqVO) {
-        return personInfoMapper.selectEnterpriseTalentPoolPage(LoginUserContext.getEnterpriseId(), reqVO);
+        PageResult<PersonInfoRespVO> result = personInfoMapper.selectEnterpriseTalentPoolPage(LoginUserContext.getEnterpriseId(), reqVO);
+        redisUtils.setEnterpriseUserLookPersonPermission(result.getList().stream()
+                .map(PersonInfoRespVO::getUserId)
+                .collect(Collectors.toSet()));
+        return result;
     }
 
     @Override

menduner/menduner-system-biz/src/main/java/com/citu/module/menduner/system/util/RedisUtils.java

@@ -0,0 +1,63 @@
+package com.citu.module.menduner.system.util;
+
+import com.citu.module.menduner.common.util.LoginUserContext;
+import org.springframework.data.redis.core.RedisTemplate;
+import org.springframework.stereotype.Component;
+
+import javax.annotation.Resource;
+import java.util.HashSet;
+import java.util.Set;
+import java.util.concurrent.TimeUnit;
+
+import static com.citu.module.menduner.system.dal.redis.RedisKeyConstants.MDE_AUTH_ENTERPRISE_USER_VIEW_PERMISSION;
+
+/**
+ * redis 公共操作
+ **/
+@Component
+public class RedisUtils {
+
+    @Resource
+    private RedisTemplate<String, Object> redisTemplate;
+
+
+    /**
+     * 设置人才在线简历查看权限
+     *
+     * @param userIds 人才id集合
+     */
+    public void setEnterpriseUserLookPersonPermission(Set<Long> userIds) {
+        if (null == userIds) {
+            return;
+        }
+        Set<Long> ids = (Set<Long>)
+                redisTemplate.opsForValue().get(
+                        String.format(MDE_AUTH_ENTERPRISE_USER_VIEW_PERMISSION, LoginUserContext.getEnterpriseId(),
+                                LoginUserContext.getUserId())
+                );
+        if (null == ids) {
+            ids = new HashSet<>();
+        }
+        // 将新的 Set<Long> 追加到已有的 Set<Long> 中
+        ids.addAll(userIds);
+        redisTemplate.opsForValue()
+                .set(
+                        String.format(MDE_AUTH_ENTERPRISE_USER_VIEW_PERMISSION, LoginUserContext.getEnterpriseId(), LoginUserContext.getUserId()),
+                        ids, 2, TimeUnit.HOURS);
+    }
+
+
+    /**
+     * 效验是否有权限查看该人才数据
+     *
+     * @param userId 人才id
+     */
+    public boolean checkEnterpriseUserLookPersonPermission(Long userId) {
+        Set<Long> ids = (Set<Long>) redisTemplate.opsForValue()
+                .get(
+                        String.format(MDE_AUTH_ENTERPRISE_USER_VIEW_PERMISSION,
+                                LoginUserContext.getEnterpriseId(), LoginUserContext.getUserId())
+                );
+        return null != ids && ids.contains(userId);
+    }
+}