From d73a27a86793bfbe03abacb48879f844cbf6d303 Mon Sep 17 00:00:00 2001 From: wenc000 <450292408@qq.com> Date: Thu, 28 May 2020 23:16:32 +0800 Subject: [PATCH] =?UTF-8?q?=E6=96=B0=E5=A2=9Eapi=E6=8E=A5=E5=8F=A3?= =?UTF-8?q?=E6=9D=83=E9=99=90=E6=8E=A7=E5=88=B6?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- .../rbac/impl/ClientRbacServiceImpl.java | 25 +++++++ .../com/cm/common/pojo/bos/PermissionBO.java | 46 ++++++++++++ .../java/com/cm/common/pojo/bos/RoleBO.java | 44 ++++++++++++ .../common/pojo/bos/RoleGrantedAuthority.java | 70 ++++++++++++++++--- 4 files changed, 174 insertions(+), 11 deletions(-) create mode 100644 cloud-common/src/main/java/com/cm/common/pojo/bos/PermissionBO.java diff --git a/cloud-common-plugin-oauth/src/main/java/com/cm/common/plugin/oauth/service/rbac/impl/ClientRbacServiceImpl.java b/cloud-common-plugin-oauth/src/main/java/com/cm/common/plugin/oauth/service/rbac/impl/ClientRbacServiceImpl.java index f630512..8fb2169 100644 --- a/cloud-common-plugin-oauth/src/main/java/com/cm/common/plugin/oauth/service/rbac/impl/ClientRbacServiceImpl.java +++ b/cloud-common-plugin-oauth/src/main/java/com/cm/common/plugin/oauth/service/rbac/impl/ClientRbacServiceImpl.java @@ -2,6 +2,7 @@ package com.cm.common.plugin.oauth.service.rbac.impl; import com.cm.common.config.properties.AccessControl; import com.cm.common.plugin.oauth.service.rbac.IClientRbacService; +import com.cm.common.pojo.bos.PermissionBO; import com.cm.common.pojo.bos.RoleGrantedAuthority; import com.cm.common.pojo.bos.RoleMenuBO; import org.apache.commons.lang3.StringUtils; @@ -121,6 +122,12 @@ public class ClientRbacServiceImpl implements IClientRbacService { * @return */ private boolean hasSavePermission(String contextPath, String uri, RoleGrantedAuthority roleGrantedAuthority, AntPathMatcher antPathMatcher) { + // 匹配接口权限 + for (PermissionBO permissionBO : roleGrantedAuthority.getPermissionInsert()) { + if (antPathMatcher.match(permissionBO.getPermissionUrl(), uri)) { + return true; + } + } List savePaths = accessControl.getSavePaths(); // 匹配接口 for (RoleMenuBO roleMenuBO : roleGrantedAuthority.getApiSaveMenu()) { @@ -158,6 +165,12 @@ public class ClientRbacServiceImpl implements IClientRbacService { * @return */ private boolean hasDeletePermission(String contextPath, String uri, RoleGrantedAuthority roleGrantedAuthority, AntPathMatcher antPathMatcher) { + // 匹配接口权限 + for (PermissionBO permissionBO : roleGrantedAuthority.getPermissionDelete()) { + if (antPathMatcher.match(permissionBO.getPermissionUrl(), uri)) { + return true; + } + } List deletePaths = accessControl.getDeletePaths(); // 匹配接口 for (RoleMenuBO roleMenuBO : roleGrantedAuthority.getApiDeleteMenu()) { @@ -187,6 +200,12 @@ public class ClientRbacServiceImpl implements IClientRbacService { * @return */ private boolean hasUpdatePermission(String contextPath, String uri, RoleGrantedAuthority roleGrantedAuthority, AntPathMatcher antPathMatcher) { + // 匹配接口权限 + for (PermissionBO permissionBO : roleGrantedAuthority.getPermissionUpdate()) { + if (antPathMatcher.match(permissionBO.getPermissionUrl(), uri)) { + return true; + } + } List updatePaths = accessControl.getUpdatePaths(); // 匹配接口 for (RoleMenuBO roleMenuBO : roleGrantedAuthority.getApiUpdateMenu()) { @@ -224,6 +243,12 @@ public class ClientRbacServiceImpl implements IClientRbacService { * @return */ private boolean hasQueryPermission(String contextPath, String uri, RoleGrantedAuthority roleGrantedAuthority, AntPathMatcher antPathMatcher) { + // 匹配接口权限 + for (PermissionBO permissionBO : roleGrantedAuthority.getPermissionQuery()) { + if (antPathMatcher.match(permissionBO.getPermissionUrl(), uri)) { + return true; + } + } List queryPaths = accessControl.getQueryPaths(); // 匹配接口 for (RoleMenuBO roleMenuBO : roleGrantedAuthority.getApiQueryMenu()) { diff --git a/cloud-common/src/main/java/com/cm/common/pojo/bos/PermissionBO.java b/cloud-common/src/main/java/com/cm/common/pojo/bos/PermissionBO.java new file mode 100644 index 0000000..2e13180 --- /dev/null +++ b/cloud-common/src/main/java/com/cm/common/pojo/bos/PermissionBO.java @@ -0,0 +1,46 @@ +package com.cm.common.pojo.bos; + +import io.swagger.annotations.ApiModelProperty; + +/** + * When you feel like quitting. Think about why you started + * 当你想要放弃的时候,想想当初你为何开始 + * + * @ClassName: PermissionBO + * @Description: 权限业务 + * @Author: WangGeng + * @Date: 2020/5/28 10:32 下午 + * @Version: 1.0 + **/ +public class PermissionBO { + + private String permissionType; + private String permissionUrl; + + public String getPermissionType() { + return permissionType == null ? "" : permissionType.trim(); + } + + public void setPermissionType(String permissionType) { + this.permissionType = permissionType; + } + + public String getPermissionUrl() { + return permissionUrl == null ? "" : permissionUrl.trim(); + } + + public void setPermissionUrl(String permissionUrl) { + this.permissionUrl = permissionUrl; + } + + @Override + public String toString() { + final StringBuilder sb = new StringBuilder("{"); + sb.append("\"permissionType\":") + .append("\"").append(permissionType).append("\""); + sb.append(",\"permissionUrl\":") + .append("\"").append(permissionUrl).append("\""); + sb.append('}'); + return sb.toString(); + } +} diff --git a/cloud-common/src/main/java/com/cm/common/pojo/bos/RoleBO.java b/cloud-common/src/main/java/com/cm/common/pojo/bos/RoleBO.java index f45cae6..0cf0075 100644 --- a/cloud-common/src/main/java/com/cm/common/pojo/bos/RoleBO.java +++ b/cloud-common/src/main/java/com/cm/common/pojo/bos/RoleBO.java @@ -27,6 +27,10 @@ public class RoleBO { private List routeSaveMenu = new ArrayList<>(); private List routeUpdateMenu = new ArrayList<>(); private List routeQueryMenu = new ArrayList<>(); + private List permissionInsert = new ArrayList<>(); + private List permissionDelete = new ArrayList<>(); + private List permissionUpdate = new ArrayList<>(); + private List permissionQuery = new ArrayList<>(); public String getRoleId() { return roleId == null ? "" : roleId.trim(); @@ -148,6 +152,38 @@ public class RoleBO { this.routeQueryMenu = routeQueryMenu; } + public List getPermissionInsert() { + return permissionInsert; + } + + public void setPermissionInsert(List permissionInsert) { + this.permissionInsert = permissionInsert; + } + + public List getPermissionDelete() { + return permissionDelete; + } + + public void setPermissionDelete(List permissionDelete) { + this.permissionDelete = permissionDelete; + } + + public List getPermissionUpdate() { + return permissionUpdate; + } + + public void setPermissionUpdate(List permissionUpdate) { + this.permissionUpdate = permissionUpdate; + } + + public List getPermissionQuery() { + return permissionQuery; + } + + public void setPermissionQuery(List permissionQuery) { + this.permissionQuery = permissionQuery; + } + @Override public String toString() { final StringBuilder sb = new StringBuilder("{"); @@ -181,6 +217,14 @@ public class RoleBO { .append(routeUpdateMenu); sb.append(",\"routeQueryMenu\":") .append(routeQueryMenu); + sb.append(",\"permissionInsert\":") + .append(permissionInsert); + sb.append(",\"permissionDelete\":") + .append(permissionDelete); + sb.append(",\"permissionUpdate\":") + .append(permissionUpdate); + sb.append(",\"permissionQuery\":") + .append(permissionQuery); sb.append('}'); return sb.toString(); } diff --git a/cloud-common/src/main/java/com/cm/common/pojo/bos/RoleGrantedAuthority.java b/cloud-common/src/main/java/com/cm/common/pojo/bos/RoleGrantedAuthority.java index db3716a..b2ab029 100644 --- a/cloud-common/src/main/java/com/cm/common/pojo/bos/RoleGrantedAuthority.java +++ b/cloud-common/src/main/java/com/cm/common/pojo/bos/RoleGrantedAuthority.java @@ -17,17 +17,21 @@ public class RoleGrantedAuthority implements GrantedAuthority { private String role; private String roleId; private String roleName; - List apiSaveMenu; - List apiDeleteMenu; - List apiUpdateMenu; - List apiQueryMenu; - List resourceSaveMenu; - List resourceDeleteMenu; - List resourceUpdateMenu; - List resourceQueryMenu; - List routeSaveMenu; - List routeUpdateMenu; - List routeQueryMenu; + private List apiSaveMenu; + private List apiDeleteMenu; + private List apiUpdateMenu; + private List apiQueryMenu; + private List resourceSaveMenu; + private List resourceDeleteMenu; + private List resourceUpdateMenu; + private List resourceQueryMenu; + private List routeSaveMenu; + private List routeUpdateMenu; + private List routeQueryMenu; + private List permissionInsert; + private List permissionDelete; + private List permissionUpdate; + private List permissionQuery; public RoleGrantedAuthority(String role) { this.role = role; @@ -48,6 +52,10 @@ public class RoleGrantedAuthority implements GrantedAuthority { this.routeSaveMenu = roleBO.getRouteSaveMenu(); this.routeUpdateMenu = roleBO.getRouteUpdateMenu(); this.routeQueryMenu = roleBO.getRouteQueryMenu(); + this.permissionInsert = roleBO.getPermissionInsert(); + this.permissionDelete = roleBO.getPermissionDelete(); + this.permissionUpdate = roleBO.getPermissionUpdate(); + this.permissionQuery = roleBO.getPermissionQuery(); } @Override @@ -173,6 +181,38 @@ public class RoleGrantedAuthority implements GrantedAuthority { this.routeQueryMenu = routeQueryMenu; } + public List getPermissionInsert() { + return permissionInsert; + } + + public void setPermissionInsert(List permissionInsert) { + this.permissionInsert = permissionInsert; + } + + public List getPermissionDelete() { + return permissionDelete; + } + + public void setPermissionDelete(List permissionDelete) { + this.permissionDelete = permissionDelete; + } + + public List getPermissionUpdate() { + return permissionUpdate; + } + + public void setPermissionUpdate(List permissionUpdate) { + this.permissionUpdate = permissionUpdate; + } + + public List getPermissionQuery() { + return permissionQuery; + } + + public void setPermissionQuery(List permissionQuery) { + this.permissionQuery = permissionQuery; + } + @Override public String toString() { final StringBuilder sb = new StringBuilder("{"); @@ -204,6 +244,14 @@ public class RoleGrantedAuthority implements GrantedAuthority { .append(routeUpdateMenu); sb.append(",\"routeQueryMenu\":") .append(routeQueryMenu); + sb.append(",\"permissionInsert\":") + .append(permissionInsert); + sb.append(",\"permissionDelete\":") + .append(permissionDelete); + sb.append(",\"permissionUpdate\":") + .append(permissionUpdate); + sb.append(",\"permissionQuery\":") + .append(permissionQuery); sb.append('}'); return sb.toString(); }