feature: 对接审计修改

dcuc-auth-api/src/main/java/com/dragoninfo/dcuc/auth/auth/facade/IStaffAssignAuthInfoFacade.java

@@ -4,6 +4,7 @@ import com.dragoninfo.dcuc.auth.auth.dto.AppDataSensitiveLevelDTO;
 import com.dragoninfo.dcuc.auth.auth.dto.StaffAssignDTO;
 import com.dragoninfo.dcuc.auth.auth.dto.StaffRoleOperateDTO;
 import com.dragoninfo.dcuc.auth.auth.entity.StaffAssignAuthInfo;
+import com.dragoninfo.dcuc.auth.auth.vo.ApiAppAuthVo;
 import com.dragoninfo.dcuc.auth.auth.vo.StaffRoleAuthApiVo;
 import com.dragoninfo.dcuc.auth.auth.vo.StaffRoleAuthReqVo;
 import com.dragonsoft.duceap.base.entity.http.ResponseStatus;
@@ -12,6 +13,7 @@ import org.springframework.cloud.openfeign.FeignClient;
 import org.springframework.data.domain.Page;
 import org.springframework.web.bind.annotation.*;
 
+import javax.validation.Valid;
 import java.util.List;
 
 /**
@@ -20,24 +22,6 @@ import java.util.List;
 @FeignClient(name = "dcuc-auth", path = "/dcuc/auth/staffAssignAuthInfoFacade")
 public interface IStaffAssignAuthInfoFacade {
 
-//    /**
-//     * 人员视图保存用户授权
-//     *
-//     * @param staffJson 人员json数据
-//     * @param appId     应用id
-//     * @param roleId    角色id
-//     * @param orgId     机构id
-//     * @param appOrgId  应用所属机构id
-//     * @param user      当前登录用户
-//     * @return ResponseStatus
-//     */
-//    @RequestMapping(value = "saveStaffRoleAuth1")
-//    ResponseStatus saveStaffRoleAuth(@RequestParam("staffJson") String staffJson,
-//                                     @RequestParam("appId") String appId,
-//                                     @RequestParam("roleId") String roleId,
-//                                     @RequestParam("orgId") String orgId,
-//                                     @RequestParam("appOrgId") String appOrgId,
-//                                     @RequestParam("user") SecurityUser user);
 
     /**
      * 角色视图保存用户授权
@@ -48,60 +32,6 @@ public interface IStaffAssignAuthInfoFacade {
     @PostMapping(value = "saveStaffRoleAuth")
     ResponseStatus saveStaffRoleAuth(@RequestBody StaffRoleOperateDTO dto);
 
-//    /**
-//     * 角色视图保存用户授权
-//     *
-//     * @param roleJson 角色json数据
-//     * @param appId    应用id
-//     * @param staffId  人员id
-//     * @param orgId    机构id
-//     * @param appOrgId 应用所属机构id
-//     * @param user     当前登录用户
-//     * @return ResponseStatus
-//     */
-//    @RequestMapping(value = "saveRoleStaffAuth1")
-//    ResponseStatus saveRoleStaffAuth(@RequestParam("roleJson") String roleJson,
-//                                     @RequestParam("appId") String appId,
-//                                     @RequestParam("staffId") String staffId,
-//                                     @RequestParam("orgId") String orgId,
-//                                     @RequestParam("appOrgId") String appOrgId,
-//                                     @RequestParam("user") SecurityUser user);
-
-//    /**
-//     * @param roleJson    保存角色
-//     * @param delRoleJson 删除角色
-//     * @param appId
-//     * @param staffId
-//     * @param orgId
-//     * @param appOrgId
-//     * @param user
-//     * @return
-//     */
-//    @RequestMapping(value = "saveRoleStaffAuth2")
-//    ResponseStatus saveRoleStaffAuth(@RequestParam("roleJson") String roleJson,
-//                                     @RequestParam("delRoleJson") String delRoleJson,
-//                                     @RequestParam("appId") String appId,
-//                                     @RequestParam("staffId") String staffId,
-//                                     @RequestParam("orgId") String orgId,
-//                                     @RequestParam("appOrgId") String appOrgId,
-//                                     @RequestParam("user") SecurityUser user);
-
-//    /**
-//     * 角色授权给用户
-//     *
-//     * @return ResponseStatus
-//     */
-//    @RequestMapping(value = "saveStaffRole")
-//    ResponseStatus saveStaffRole(@RequestBody SaveStaffRoleVO staffRoleVO);
-
-//    /**
-//     * 取消用户的角色授权
-//     *
-//     * @return ResponseStatus
-//     */
-//    @PostMapping(value = "deleteStaffRole")
-//    ResponseStatus deleteStaffRole(@RequestBody SaveStaffRoleVO staffRoleVO);
-
     /**
      * 取消用户的所有角色授权
      *
@@ -111,34 +41,6 @@ public interface IStaffAssignAuthInfoFacade {
     @RequestMapping(value = "deleteAllStaffRole")
     ResponseStatus deleteAllStaffRole(@RequestParam("staffId") String staffId);
 
-
-//    /**
-//     * 授权到期自动回收监控
-//     *
-//     * @param user 系统用户
-//     */
-//    @PostMapping(value = "authMonitor")
-//    void authMonitor(@RequestBody SecurityUser user);
-
-//    /**
-//     * 根据应用代码和用户身份证获取该用户在该应用所拥有的角色
-//     *
-//     * @param appCode
-//     * @param idcard
-//     * @return
-//     */
-//    @RequestMapping(value = "getUserRoles")
-//    List<StaffAssignAuthInfo> getUserRoles(@RequestParam("appCode") String appCode,
-//                                           @RequestParam("idcard") String idcard);
-
-//    /**
-//     * 根据map的条件查询所有数据
-//     *
-//     * @return
-//     */
-//    @PostMapping(value = "staffAssignAuthInfoList")
-//    List<StaffAssignAuthInfo> staffAssignAuthInfoList(@RequestBody Map map);
-
     /**
      * 查询列表
      *
@@ -175,44 +77,14 @@ public interface IStaffAssignAuthInfoFacade {
     @GetMapping("getByStaffId")
     List<StaffAssignAuthInfo> getByStaffId(@RequestParam("staffId") String staffId);
 
-//    /**
-//     * 根据应用ID获取授权数量
-//     *
-//     * @param appId 应用ID
-//     * @return 授权人员数量
-//     */
-//    @GetMapping("getAppIdNumber")
-//    Integer getAppIdNumber(@RequestParam("appId") String appId);
-
-//    /**
-//     * 根据机构ID获取授权数量
-//     *
-//     * @param orgId  机构ID
-//     * @param roleId 角色ID
-//     * @return 授权人员数量
-//     */
-//    @GetMapping("getOrgIdRoleIdNumber")
-//    Integer getOrgIdRoleIdNumber(@RequestParam("orgId") String orgId, @RequestParam("roleId") String roleId);
-//
-//
-//    /**
-//     * 根据功能ID获取授权数量
-//     *
-//     * @param appId  应用ID
-//     * @param funcId 功能ID
-//     * @return 授权人员数量
-//     */
-//    @GetMapping("getFuncNumber")
-//    Integer getFuncNumber(@RequestParam("appId") String appId, @RequestParam("funcId") String funcId);
-
     /**
      * 根据用户 ID 获取应用列表
      *
      * @param userId 用户id
      * @return 应用列表
      */
-    @GetMapping("getAppLitByUserId")
-    List<AppDataSensitiveLevelDTO> getAppLitByUserId(@RequestParam("userId") String userId);
+    @PostMapping("apiAppAuth")
+    List<AppDataSensitiveLevelDTO> apiAppAuth(@Valid @RequestBody ApiAppAuthVo userId);
 
     /**
      * 应用下的角色授权列表

dcuc-auth-model/src/main/java/com/dragoninfo/dcuc/auth/auth/dto/data/DataAuthV2ReqDTO.java

@@ -22,4 +22,12 @@ public class DataAuthV2ReqDTO {
     @ApiModelProperty("鉴权人身份证号")
     private String idcard;
 
+    @ApiModelProperty(value = "应用令牌")
+    private String appToken;
+
+    @ApiModelProperty(value = "人员令牌")
+    private String userToken;
+
+    @ApiModelProperty(value = "请求的应用code")
+    private String requestAppCode;
 }

dcuc-auth-model/src/main/java/com/dragoninfo/dcuc/auth/auth/vo/ApiAppAuthVo.java

@@ -0,0 +1,34 @@
+package com.dragoninfo.dcuc.auth.auth.vo;
+
+import com.dragoninfo.dcuc.auth.sub.vo.AuthUserVo;
+import lombok.AllArgsConstructor;
+import lombok.Builder;
+import lombok.Data;
+import lombok.NoArgsConstructor;
+
+import javax.validation.constraints.NotBlank;
+import javax.validation.constraints.NotNull;
+
+/**
+ * @author mazq
+ * @date 2023/3/31
+ */
+@Builder
+@NoArgsConstructor
+@AllArgsConstructor
+@Data
+public class ApiAppAuthVo {
+
+    private String requestAppCode;
+
+    private String userToken;
+
+    private String appToken;
+
+    @NotBlank
+    private String terminalIp;
+
+    @NotNull
+    private AuthUserVo userInfo;
+
+}

dcuc-auth-service/src/main/java/com/dragoninfo/dcuc/auth/audit/service/log/AppAuthLogHandler.java

@@ -0,0 +1,78 @@
+package com.dragoninfo.dcuc.auth.audit.service.log;
+
+import com.dragoninfo.dcuc.app.entity.ApplyInfo;
+import com.dragoninfo.dcuc.app.facade.IApplyInfoFacade;
+import com.dragoninfo.dcuc.auth.audit.dto.*;
+import com.dragoninfo.dcuc.auth.audit.enums.AuthResultEnum;
+import com.dragoninfo.dcuc.auth.audit.enums.AuthenticationTypeEnum;
+import com.dragoninfo.dcuc.auth.audit.service.LogSendService;
+import com.dragoninfo.dcuc.auth.auth.dto.AppDataSensitiveLevelDTO;
+import com.dragoninfo.dcuc.auth.auth.vo.ApiAppAuthVo;
+import com.dragoninfo.dcuc.auth.sub.entity.AuthUserInfo;
+import com.dragoninfo.dcuc.auth.sub.vo.AuthUserVo;
+import org.slf4j.Logger;
+import org.slf4j.LoggerFactory;
+import org.springframework.beans.factory.annotation.Autowired;
+import org.springframework.stereotype.Component;
+
+import java.util.Date;
+import java.util.List;
+import java.util.stream.Collectors;
+
+/**
+ * @Author: qiuyu
+ * @Date: 2021/6/8 17:28
+ * @Description:
+ */
+@Component
+public class AppAuthLogHandler {
+
+    private Logger logger = LoggerFactory.getLogger(AppAuthLogHandler.class);
+
+    @Autowired
+    private LogSendService logSendService;
+
+    @Autowired
+    private IApplyInfoFacade applyInfoFacade;
+
+    /**
+     * 应用鉴权日志
+     *
+     * @param apiAppAuthVo 鉴权参数
+     * @param appLitByUserId 有权限的应用
+     * @param resultEnum 鉴权结果
+     */
+    public void sendAuthenticationLog(ApiAppAuthVo apiAppAuthVo, List<AppDataSensitiveLevelDTO> appLitByUserId, AuthResultEnum resultEnum) {
+        AuthUserVo userInfo = apiAppAuthVo.getUserInfo();
+
+        List<AuthenticationContentDto> contentDtos = appLitByUserId.stream().map(e -> {
+            AuthenticationContentDto authenticationContentDto = new AuthenticationContentDto();
+            authenticationContentDto.setContentId(e.getCode());
+            authenticationContentDto.setContentName(e.getName());
+            return authenticationContentDto;
+        }).collect(Collectors.toList());
+
+        AuthenticationLogDto authenticationLogDto = new AuthenticationLogDto();
+        authenticationLogDto.setUserId(userInfo.getId());
+        authenticationLogDto.setUserName(userInfo.getName());
+        authenticationLogDto.setUserIdcard(userInfo.getIdcard());
+        authenticationLogDto.setCreateTime(new Date());
+        authenticationLogDto.setAuthenticationType(AuthenticationTypeEnum.YYJJQ.getValue());
+        authenticationLogDto.setState(resultEnum.getValue());
+        authenticationLogDto.setContent(contentDtos);
+
+        ApplyInfo applyInfo = applyInfoFacade.getAppByCode(apiAppAuthVo.getRequestAppCode());
+        if (null != applyInfo) {
+            authenticationLogDto.setRequesterId(applyInfo.getApplyCode());
+            authenticationLogDto.setRequesterName(applyInfo.getApplyName());
+        }
+
+        authenticationLogDto.setTerminalId(apiAppAuthVo.getTerminalIp());
+        authenticationLogDto.setUserToken(apiAppAuthVo.getUserToken());
+        authenticationLogDto.setUserOrgCode(userInfo.getOrgCode());
+        authenticationLogDto.setUserOrgName(userInfo.getOrgName());
+        authenticationLogDto.setAppToken(apiAppAuthVo.getAppToken());
+
+        logSendService.sendAuthenticationLog(authenticationLogDto);
+    }
+}

dcuc-auth-service/src/main/java/com/dragoninfo/dcuc/auth/audit/service/log/LogInfoFillService.java

@@ -2,6 +2,7 @@ package com.dragoninfo.dcuc.auth.audit.service.log;
 
 import com.dragoninfo.dcuc.auth.audit.config.AuditConfig;
 import com.dragoninfo.dcuc.auth.audit.enums.AuthResultEnum;
+import com.dragoninfo.dcuc.auth.auth.dto.AppDataSensitiveLevelDTO;
 import com.dragoninfo.dcuc.auth.auth.dto.DataItemsCheckDto;
 import com.dragoninfo.dcuc.auth.auth.dto.RoleApiDto;
 import com.dragoninfo.dcuc.auth.auth.dto.StaffAssignDTO;
@@ -9,6 +10,7 @@ import com.dragoninfo.dcuc.auth.auth.dto.data.SubDataDTO;
 import com.dragoninfo.dcuc.auth.auth.entity.DataAuth;
 import com.dragoninfo.dcuc.auth.auth.entity.ServiceAuthResult;
 import com.dragoninfo.dcuc.auth.auth.entity.StaffAssignAuthInfo;
+import com.dragoninfo.dcuc.auth.auth.vo.ApiAppAuthVo;
 import com.dragoninfo.dcuc.auth.auth.vo.RoleAppFunVO;
 import org.slf4j.Logger;
 import org.slf4j.LoggerFactory;
@@ -42,6 +44,9 @@ public class LogInfoFillService {
     @Autowired
     private FunAuthLogHandler funAuthLogHandler;
 
+    @Autowired
+    private AppAuthLogHandler appAuthLogHandler;
+
     @Autowired
     private AuditConfig auditConfig;
 
@@ -235,4 +240,8 @@ public class LogInfoFillService {
         dataAuthLogHandler.sendAuthenticationLog(state, dataItemsCheckDto, ip, appToken, userToken);
     }
 
+    @Async
+    public void sendAppAuthenticationLog(ApiAppAuthVo apiAppAuthVo, List<AppDataSensitiveLevelDTO> appLitByUserId, AuthResultEnum resultEnum) {
+        appAuthLogHandler.sendAuthenticationLog(apiAppAuthVo, appLitByUserId, resultEnum);
+    }
 }

dcuc-auth-service/src/main/java/com/dragoninfo/dcuc/auth/auth/facade/StaffAssignAuthInfoFacade.java

@@ -7,6 +7,7 @@ import com.dragoninfo.dcuc.auth.auth.dto.StaffRoleOperateDTO;
 import com.dragoninfo.dcuc.auth.auth.entity.StaffAssignAuthInfo;
 import com.dragoninfo.dcuc.auth.auth.enumresources.PermissionEventTypeEnum;
 import com.dragoninfo.dcuc.auth.auth.service.IStaffAssignAuthInfoService;
+import com.dragoninfo.dcuc.auth.auth.vo.ApiAppAuthVo;
 import com.dragoninfo.dcuc.auth.auth.vo.StaffRoleAuthApiVo;
 import com.dragoninfo.dcuc.auth.auth.vo.StaffRoleAuthReqVo;
 import com.dragonsoft.duceap.base.entity.http.ResponseStatus;
@@ -61,9 +62,9 @@ public class StaffAssignAuthInfoFacade implements IStaffAssignAuthInfoFacade {
 
 
     @Override
-    public List<AppDataSensitiveLevelDTO> getAppLitByUserId(String userId) {
+    public List<AppDataSensitiveLevelDTO> apiAppAuth(ApiAppAuthVo apiAppAuthVo) {
 
-        return staffAssignAuthInfoService.getAppLitByUserId(userId);
+        return staffAssignAuthInfoService.apiAppAuth(apiAppAuthVo);
     }
 
     @Override

dcuc-auth-service/src/main/java/com/dragoninfo/dcuc/auth/auth/facade/api/ApiDataAuthFacade.java

@@ -1,5 +1,8 @@
 package com.dragoninfo.dcuc.auth.auth.facade.api;
 
+import com.dragoninfo.dcuc.auth.audit.enums.AuthResultEnum;
+import com.dragoninfo.dcuc.auth.audit.service.LogSendService;
+import com.dragoninfo.dcuc.auth.audit.service.log.LogInfoFillService;
 import com.dragoninfo.dcuc.auth.auth.api.IApiDataAuthFacade;
 import com.dragoninfo.dcuc.auth.auth.business.IDataAuthBusiness;
 import com.dragoninfo.dcuc.auth.auth.dto.DataItemsCheckDto;
@@ -10,11 +13,14 @@ import com.dragoninfo.dcuc.auth.auth.dto.data.DataAuthV2RespDTO;
 import com.dragoninfo.dcuc.auth.auth.vo.DataAuthV2ReqVO;
 import com.dragoninfo.dcuc.common.utils.ResponseUtil;
 import com.dragonsoft.duceap.base.entity.http.ResponseDTO;
+import com.dragonsoft.duceap.commons.util.ip.IpUtils;
 import org.apache.commons.lang.StringUtils;
 import org.springframework.beans.factory.annotation.Autowired;
 import org.springframework.web.bind.annotation.RestController;
 
+import java.util.List;
 import java.util.Set;
+import java.util.stream.Collectors;
 
 /**
  * 代码千万行,注释第一行,编码不规范,同事两行泪
@@ -30,6 +36,8 @@ public class ApiDataAuthFacade implements IApiDataAuthFacade {
     private IDataAuthService dataAuthService;
     @Autowired
     private IDataAuthBusiness dataAuthBusiness;
+    @Autowired
+    private LogInfoFillService logInfoFillService;
 
     /**
      * 查询是否拥有数据项权限接口
@@ -55,6 +63,22 @@ public class ApiDataAuthFacade implements IApiDataAuthFacade {
         DataAuthV2RespDTO dataAuthV2RespVO = new DataAuthV2RespDTO();
         dataAuthV2RespVO.setResourceId(authV2ReqDTO.getResourceId());
         dataAuthV2RespVO.setItemIdentifier(stringSet);
+
+        DataItemsCheckDto dto = new DataItemsCheckDto();
+        dto.setCurrentAppCode(authV2ReqDTO.getRequestAppCode());
+        dto.setCurrentIdcard(authV2ReqDTO.getIdcard());
+        dto.setIdcard(authV2ReqDTO.getIdcard());
+
+        List<DataItemsDto> collect = stringSet.stream().map(e -> {
+            DataItemsDto dataItemsDto = new DataItemsDto();
+            dataItemsDto.setResourceCode(authV2ReqDTO.getResourceId());
+            dataItemsDto.setDataItemCode(e);
+            return dataItemsDto;
+        }).collect(Collectors.toList());
+
+        dto.setDataItemsDtoList(collect);
+        logInfoFillService.sendDataAuthenticationLog(AuthResultEnum.SUC, dto, IpUtils.getIp(), authV2ReqDTO.getAppToken(), authV2ReqDTO.getUserToken());
+
         return ResponseUtil.newInstance(dataAuthV2RespVO);
     }
 

dcuc-auth-service/src/main/java/com/dragoninfo/dcuc/auth/auth/service/IStaffAssignAuthInfoService.java

@@ -5,6 +5,7 @@ import com.dragoninfo.dcuc.auth.auth.dto.AppDataSensitiveLevelDTO;
 import com.dragoninfo.dcuc.auth.auth.dto.StaffAssignDTO;
 import com.dragoninfo.dcuc.auth.auth.dto.StaffRoleOperateDTO;
 import com.dragoninfo.dcuc.auth.auth.entity.StaffAssignAuthInfo;
+import com.dragoninfo.dcuc.auth.auth.vo.ApiAppAuthVo;
 import com.dragoninfo.dcuc.auth.auth.vo.StaffRoleAuthApiVo;
 import com.dragoninfo.dcuc.auth.auth.vo.StaffRoleAuthReqVo;
 import com.dragonsoft.duceap.base.entity.http.ResponseStatus;
@@ -95,14 +96,6 @@ public interface IStaffAssignAuthInfoService  {
      */
     List<String> searchIdacrdByApiId(String apiId);
 
-    /**
-     * 根据用户 ID 获取应用列表
-     *
-     * @param userId 用户id
-     * @return 应用列表
-     */
-    List<AppDataSensitiveLevelDTO> getAppLitByUserId(String userId);
-
     /**
      * 保存
      *
@@ -144,6 +137,14 @@ public interface IStaffAssignAuthInfoService  {
      */
     List<String> getAllRoleIds(String userId);
 
+    /**
+     * 根据用户 ID 获取应用列表
+     *
+     * @param apiAppAuthVo 鉴权Vo
+     * @return 应用列表
+     */
+    List<AppDataSensitiveLevelDTO> apiAppAuth(ApiAppAuthVo apiAppAuthVo);
+
     /**
      * 应用下的角色授权列表
      * API对外接口使用

dcuc-auth-service/src/main/java/com/dragoninfo/dcuc/auth/auth/service/impl/ServiceAuthResultServiceImpl.java

@@ -334,11 +334,6 @@ public class ServiceAuthResultServiceImpl implements IServiceAuthResultService {
      */
     @Override
     public List<ServiceAuthenticationResVO> serviceAuthentication(String idcard, String appCode, String userToken, String appToken) {
-//        String redisKey = DcucConstantsUtil.AUTHENTICATION_SPACE + appCode;
-//        //PermissionUpdateService已存入鉴权结果
-//        Object redisValue = redisTemplate.opsForValue().get(redisKey);
-//        //当缓存找不到时候去数据库查询
-//        if (redisValue == null) {
         List<ServiceAuthResult> results = serviceAuthResultBPO.serviceAuthResultList(appCode);
         List<ServiceAuthenticationResVO> list = new ArrayList<>();
         for (ServiceAuthResult result : results) {
@@ -346,17 +341,13 @@ public class ServiceAuthResultServiceImpl implements IServiceAuthResultService {
             serviceAuthenticationResVO.setServiceCode(result.getServiceCode());
             list.add(serviceAuthenticationResVO);
         }
-        //鉴权结果存到缓存
-        //   permissionUpdateService.setAuthtionResultToRedis(appCode, list);
 
         //fixme 因为返回所有列表，所以不会有失败的情况
         String ip = IpUtils.getRealIpAdrress(RequestUtils.getRequest());
         logInfoFillService.sendServiceAuthenticationLog(AuthResultEnum.SUC, idcard, appCode, userToken, appToken, results, ip);
 
         return list;
-//        } else {
-//            return redisValue;
-//        }
+
     }
 
     @Override

dcuc-auth-service/src/main/java/com/dragoninfo/dcuc/auth/auth/service/impl/StaffAssignAuthInfoService.java

@@ -22,6 +22,7 @@ import com.dragoninfo.dcuc.auth.auth.service.IOrgQuotaAuthService;
 import com.dragoninfo.dcuc.auth.auth.service.IRoleInfoService;
 import com.dragoninfo.dcuc.auth.auth.service.IStaffAssignAuthInfoService;
 import com.dragoninfo.dcuc.auth.auth.service.IStaffAssignAuthLogService;
+import com.dragoninfo.dcuc.auth.auth.vo.ApiAppAuthVo;
 import com.dragoninfo.dcuc.auth.auth.vo.StaffRoleAuthApiVo;
 import com.dragoninfo.dcuc.auth.auth.vo.StaffRoleAuthReqVo;
 import com.dragoninfo.dcuc.auth.sub.dto.AuthUserDTO;
@@ -674,11 +675,6 @@ public class StaffAssignAuthInfoService implements IStaffAssignAuthInfoService {
         return staffAssignAuthInfoBPO.searchIdacrdByApiId(apiId);
     }
 
-    @Override
-    public List<AppDataSensitiveLevelDTO> getAppLitByUserId(String userId) {
-        return staffAssignAuthInfoBPO.getAppLitByUserId(userId);
-    }
-
     @Override
     public void save(StaffAssignAuthInfo staffAssignAuthInfo) {
         staffAssignAuthInfoBPO.save(staffAssignAuthInfo);
@@ -714,6 +710,14 @@ public class StaffAssignAuthInfoService implements IStaffAssignAuthInfoService {
         return staffAssignAuthInfoBPO.getAllRoleIds(userId);
     }
 
+    @Override
+    public List<AppDataSensitiveLevelDTO> apiAppAuth(ApiAppAuthVo apiAppAuthVo) {
+        List<AppDataSensitiveLevelDTO> appLitByUserId = staffAssignAuthInfoBPO.getAppLitByUserId(apiAppAuthVo.getUserInfo().getId());
+
+        logInfoFillService.sendAppAuthenticationLog(apiAppAuthVo, appLitByUserId, AuthResultEnum.SUC);
+        return appLitByUserId;
+    }
+
     @Override
     public Page<StaffRoleAuthApiVo> apiStaffRoleAuthResult(SearchDTO searchDTO) {
         Searchable searchable = Searchable.toSearchable(searchDTO);