refactor: 优化权限合并逻辑

Author: zhou-hao

hsweb-authorization/hsweb-authorization-api/src/main/java/org/hswebframework/web/authorization/Authentication.java

@@ -204,10 +204,8 @@ default boolean hasPermission(String permissionId, String... actions) {
 
     default boolean hasPermission(String permissionId, Collection<String> actions) {
         for (Permission permission : getPermissions()) {
-            if (Objects.equals(permission.getId(), "*")) {
-                return true;
-            }
-            if (Objects.equals(permissionId, permission.getId())) {
+            if (Objects.equals(permission.getId(), "*") ||
+                Objects.equals(permissionId, permission.getId())) {
                 return actions.isEmpty()
                     || permission.getActions().containsAll(actions)
                     || permission.getActions().contains("*");

hsweb-authorization/hsweb-authorization-api/src/main/java/org/hswebframework/web/authorization/AuthenticationHolder.java

@@ -65,8 +65,8 @@ private static Optional<Authentication> get(Function<AuthenticationSupplier, Opt
         if (size == 1) {
             return function.apply(suppliers.get(0));
         }
-        ReactiveAuthenticationHolder.AuthenticationMerging merging
-            = new ReactiveAuthenticationHolder.AuthenticationMerging();
+        AuthenticationUtils.AuthenticationMerging merging
+            = new AuthenticationUtils.AuthenticationMerging();
         for (AuthenticationSupplier supplier : suppliers) {
             function.apply(supplier).ifPresent(merging::merge);
         }

hsweb-authorization/hsweb-authorization-api/src/main/java/org/hswebframework/web/authorization/AuthenticationUtils.java

@@ -1,14 +1,48 @@
 package org.hswebframework.web.authorization;
 
+import org.hswebframework.web.authorization.simple.SimpleAuthentication;
 import org.springframework.util.ObjectUtils;
 import org.springframework.util.StringUtils;
+import reactor.core.publisher.Flux;
+import reactor.core.publisher.Mono;
 
 /**
  * @author zhouhao
  * @since 3.0
  */
 public class AuthenticationUtils {
 
+
+    public static Mono<Authentication> merge(Flux<Authentication> authenticationFlux){
+        return authenticationFlux
+            .collect(AuthenticationMerging::new, AuthenticationMerging::merge)
+            .mapNotNull(AuthenticationMerging::get);
+    }
+
+    static class AuthenticationMerging {
+
+        private Authentication auth;
+        private int count;
+
+        public synchronized void merge(Authentication auth) {
+            if (this.auth == null || this.auth == auth) {
+                this.auth = auth;
+            } else {
+                if (count++ == 0) {
+                    SimpleAuthentication newAuth = new SimpleAuthentication();
+                    newAuth.merge(this.auth);
+                    this.auth = newAuth;
+                }
+                this.auth.merge(auth);
+            }
+        }
+
+        Authentication get() {
+            return auth;
+        }
+    }
+
+
     public static AuthenticationPredicate createPredicate(String expression) {
         if (ObjectUtils.isEmpty(expression)) {
             return (authentication -> false);

hsweb-authorization/hsweb-authorization-api/src/main/java/org/hswebframework/web/authorization/ReactiveAuthenticationHolder.java

@@ -46,10 +46,9 @@ public final class ReactiveAuthenticationHolder {
     private static final List<ReactiveAuthenticationSupplier> suppliers = new CopyOnWriteArrayList<>();
 
     private static Mono<Authentication> get(Function<ReactiveAuthenticationSupplier, Mono<Authentication>> function) {
-        return Flux
-            .merge(Lists.transform(suppliers, function::apply))
-            .collect(AuthenticationMerging::new, AuthenticationMerging::merge)
-            .mapNotNull(AuthenticationMerging::get);
+        return AuthenticationUtils
+            .merge(Flux.merge(Lists.transform(suppliers, function::apply)))
+            ;
     }
 
     /**
@@ -85,27 +84,5 @@ public static void setSupplier(ReactiveAuthenticationSupplier supplier) {
     }
 
 
-    static class AuthenticationMerging {
-
-        private Authentication auth;
-        private int count;
-
-        public synchronized void merge(Authentication auth) {
-            if (this.auth == null || this.auth == auth) {
-                this.auth = auth;
-            } else {
-                if (count++ == 0) {
-                    SimpleAuthentication newAuth = new SimpleAuthentication();
-                    newAuth.merge(this.auth);
-                    this.auth = newAuth;
-                }
-                this.auth.merge(auth);
-            }
-        }
-
-        Authentication get() {
-            return auth;
-        }
-    }
 
 }

hsweb-authorization/hsweb-authorization-api/src/main/java/org/hswebframework/web/authorization/define/ResourcesDefinition.java

@@ -22,9 +22,10 @@ public class ResourcesDefinition {
 
     private Phased phased = Phased.before;
 
-    public void clear(){
+    public void clear() {
         resources.clear();
     }
+
     public void addResource(ResourceDefinition resource, boolean merge) {
         ResourceDefinition definition = getResource(resource.getId()).orElse(null);
         if (definition != null) {
@@ -44,26 +45,26 @@ public void addResource(ResourceDefinition resource, boolean merge) {
 
     public Optional<ResourceDefinition> getResource(String id) {
         return resources
-                .stream()
-                .filter(resource -> resource.getId().equals(id))
-                .findAny();
+            .stream()
+            .filter(resource -> resource.getId().equals(id))
+            .findAny();
     }
 
     @JsonIgnore
     public List<ResourceDefinition> getDataAccessResources() {
         return resources
-                .stream()
-                .filter(ResourceDefinition::hasDataAccessAction)
-                .collect(Collectors.toList());
+            .stream()
+            .filter(ResourceDefinition::hasDataAccessAction)
+            .collect(Collectors.toList());
     }
 
     public boolean hasPermission(Permission permission) {
         if (CollectionUtils.isEmpty(resources)) {
             return true;
         }
         return getResource(permission.getId())
-                .filter(resource -> resource.hasAction(permission.getActions()))
-                .isPresent();
+            .filter(resource -> resource.hasAction(permission.getActions()))
+            .isPresent();
     }
 
     public boolean isEmpty() {
@@ -72,18 +73,27 @@ public boolean isEmpty() {
 
     public boolean hasPermission(Authentication authentication) {
 
-        if (CollectionUtils.isEmpty(resources)) {
+        int size = resources.size();
+        if (size == 0) {
             return true;
         }
+        if (size == 1) {
+            for (ResourceDefinition resource : resources) {
+                if (authentication.hasPermission(resource.getId(), resource.getActionIds())) {
+                    return true;
+                }
+            }
+            return false;
+        }
 
         if (logical == Logical.AND) {
             return resources
-                    .stream()
-                    .allMatch(resource -> authentication.hasPermission(resource.getId(), resource.getActionIds()));
+                .stream()
+                .allMatch(resource -> authentication.hasPermission(resource.getId(), resource.getActionIds()));
         }
 
         return resources
-                .stream()
-                .anyMatch(resource -> authentication.hasPermission(resource.getId(), resource.getActionIds()));
+            .stream()
+            .anyMatch(resource -> authentication.hasPermission(resource.getId(), resource.getActionIds()));
     }
 }

hsweb-authorization/hsweb-authorization-api/src/main/java/org/hswebframework/web/authorization/simple/CompositeReactiveAuthenticationManager.java

@@ -2,7 +2,6 @@
 
 import lombok.AllArgsConstructor;
 import lombok.extern.slf4j.Slf4j;
-import org.apache.commons.collections4.CollectionUtils;
 import org.hswebframework.web.authorization.*;
 import reactor.core.publisher.Flux;
 import reactor.core.publisher.Mono;
@@ -19,43 +18,38 @@ public class CompositeReactiveAuthenticationManager implements ReactiveAuthentic
 
     @Override
     public Mono<Authentication> authenticate(Mono<AuthenticationRequest> request) {
-        return Flux.concat(providers
-                                   .stream()
-                                   .map(manager -> manager
-                                           .authenticate(request)
-                                           .onErrorResume((err) -> {
-                                               log.warn("get user authenticate error", err);
-                                               return Mono.empty();
-                                           }))
-                                   .collect(Collectors.toList()))
-                   .take(1)
-                   .next();
+        return Flux
+            .concat(
+                providers
+                    .stream()
+                    .map(manager -> manager
+                        .authenticate(request)
+                        .onErrorResume((err) -> {
+                            log.warn("get user authenticate error", err);
+                            return Mono.empty();
+                        }))
+                    .collect(Collectors.toList()))
+            .take(1)
+            .next();
     }
 
     @Override
     public Mono<Authentication> getByUserId(String userId) {
+        if (providers.size() == 1) {
+            return providers.get(0).getByUserId(userId);
+        }
         return Flux
-                .fromStream(providers
-                                    .stream()
-                                    .map(manager -> manager
-                                            .getByUserId(userId)
-                                            .onErrorResume((err) -> {
-                                                log.warn("get user [{}] authentication error", userId, err);
-                                                return Mono.empty();
-                                            })
-                                    ))
-                .flatMap(Function.identity())
-                .collectList()
-                .filter(CollectionUtils::isNotEmpty)
-                .map(all -> {
-                    if (all.size() == 1) {
-                        return all.get(0);
-                    }
-                    SimpleAuthentication authentication = new SimpleAuthentication();
-                    for (Authentication auth : all) {
-                        authentication.merge(auth);
-                    }
-                    return authentication;
-                });
+            .fromStream(providers
+                            .stream()
+                            .map(manager -> manager
+                                .getByUserId(userId)
+                                .onErrorResume((err) -> {
+                                    log.warn("get user [{}] authentication error", userId, err);
+                                    return Mono.empty();
+                                })
+                            ))
+            .flatMap(Function.identity())
+            .as(AuthenticationUtils::merge);
     }
+
 }