Tenlion/cm-cloud
5
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

新增api接口权限控制

Browse Source
This commit is contained in:
wenc000 2020-05-28 23:16:32 +08:00
parent d8b42a2f34
commit d73a27a867
4 changed files with 174 additions and 11 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

25
cloud-common-plugin-oauth/src/main/java/com/cm/common/plugin/oauth/service/rbac/impl/ClientRbacServiceImpl.java
View File

@ -2,6 +2,7 @@ package com.cm.common.plugin.oauth.service.rbac.impl;
import com.cm.common.config.properties.AccessControl; import com.cm.common.config.properties.AccessControl;
import com.cm.common.plugin.oauth.service.rbac.IClientRbacService; import com.cm.common.plugin.oauth.service.rbac.IClientRbacService;
import com.cm.common.pojo.bos.PermissionBO;
import com.cm.common.pojo.bos.RoleGrantedAuthority; import com.cm.common.pojo.bos.RoleGrantedAuthority;
import com.cm.common.pojo.bos.RoleMenuBO; import com.cm.common.pojo.bos.RoleMenuBO;
import org.apache.commons.lang3.StringUtils; import org.apache.commons.lang3.StringUtils;
@ -121,6 +122,12 @@ public class ClientRbacServiceImpl implements IClientRbacService {
* @return * @return
*/ */
private boolean hasSavePermission(String contextPath, String uri, RoleGrantedAuthority roleGrantedAuthority, AntPathMatcher antPathMatcher) { private boolean hasSavePermission(String contextPath, String uri, RoleGrantedAuthority roleGrantedAuthority, AntPathMatcher antPathMatcher) {
// 匹配接口权限
for (PermissionBO permissionBO : roleGrantedAuthority.getPermissionInsert()) {
if (antPathMatcher.match(permissionBO.getPermissionUrl(), uri)) {
return true;
}
}
List<String> savePaths = accessControl.getSavePaths(); List<String> savePaths = accessControl.getSavePaths();
// 匹配接口 // 匹配接口
for (RoleMenuBO roleMenuBO : roleGrantedAuthority.getApiSaveMenu()) { for (RoleMenuBO roleMenuBO : roleGrantedAuthority.getApiSaveMenu()) {
@ -158,6 +165,12 @@ public class ClientRbacServiceImpl implements IClientRbacService {
* @return * @return
*/ */
private boolean hasDeletePermission(String contextPath, String uri, RoleGrantedAuthority roleGrantedAuthority, AntPathMatcher antPathMatcher) { private boolean hasDeletePermission(String contextPath, String uri, RoleGrantedAuthority roleGrantedAuthority, AntPathMatcher antPathMatcher) {
// 匹配接口权限
for (PermissionBO permissionBO : roleGrantedAuthority.getPermissionDelete()) {
if (antPathMatcher.match(permissionBO.getPermissionUrl(), uri)) {
return true;
}
}
List<String> deletePaths = accessControl.getDeletePaths(); List<String> deletePaths = accessControl.getDeletePaths();
// 匹配接口 // 匹配接口
for (RoleMenuBO roleMenuBO : roleGrantedAuthority.getApiDeleteMenu()) { for (RoleMenuBO roleMenuBO : roleGrantedAuthority.getApiDeleteMenu()) {
@ -187,6 +200,12 @@ public class ClientRbacServiceImpl implements IClientRbacService {
* @return * @return
*/ */
private boolean hasUpdatePermission(String contextPath, String uri, RoleGrantedAuthority roleGrantedAuthority, AntPathMatcher antPathMatcher) { private boolean hasUpdatePermission(String contextPath, String uri, RoleGrantedAuthority roleGrantedAuthority, AntPathMatcher antPathMatcher) {
// 匹配接口权限
for (PermissionBO permissionBO : roleGrantedAuthority.getPermissionUpdate()) {
if (antPathMatcher.match(permissionBO.getPermissionUrl(), uri)) {
return true;
}
}
List<String> updatePaths = accessControl.getUpdatePaths(); List<String> updatePaths = accessControl.getUpdatePaths();
// 匹配接口 // 匹配接口
for (RoleMenuBO roleMenuBO : roleGrantedAuthority.getApiUpdateMenu()) { for (RoleMenuBO roleMenuBO : roleGrantedAuthority.getApiUpdateMenu()) {
@ -224,6 +243,12 @@ public class ClientRbacServiceImpl implements IClientRbacService {
* @return * @return
*/ */
private boolean hasQueryPermission(String contextPath, String uri, RoleGrantedAuthority roleGrantedAuthority, AntPathMatcher antPathMatcher) { private boolean hasQueryPermission(String contextPath, String uri, RoleGrantedAuthority roleGrantedAuthority, AntPathMatcher antPathMatcher) {
// 匹配接口权限
for (PermissionBO permissionBO : roleGrantedAuthority.getPermissionQuery()) {
if (antPathMatcher.match(permissionBO.getPermissionUrl(), uri)) {
return true;
}
}
List<String> queryPaths = accessControl.getQueryPaths(); List<String> queryPaths = accessControl.getQueryPaths();
// 匹配接口 // 匹配接口
for (RoleMenuBO roleMenuBO : roleGrantedAuthority.getApiQueryMenu()) { for (RoleMenuBO roleMenuBO : roleGrantedAuthority.getApiQueryMenu()) {

46
cloud-common/src/main/java/com/cm/common/pojo/bos/PermissionBO.java Normal file
View File

@ -0,0 +1,46 @@
package com.cm.common.pojo.bos;
import io.swagger.annotations.ApiModelProperty;
/**
* When you feel like quitting. Think about why you started
* 当你想要放弃的时候想想当初你为何开始
*
* @ClassName: PermissionBO
* @Description: 权限业务
* @Author: WangGeng
* @Date: 2020/5/28 10:32 下午
* @Version: 1.0
**/
public class PermissionBO {
private String permissionType;
private String permissionUrl;
public String getPermissionType() {
return permissionType == null ? "" : permissionType.trim();
}
public void setPermissionType(String permissionType) {
this.permissionType = permissionType;
}
public String getPermissionUrl() {
return permissionUrl == null ? "" : permissionUrl.trim();
}
public void setPermissionUrl(String permissionUrl) {
this.permissionUrl = permissionUrl;
}
@Override
public String toString() {
final StringBuilder sb = new StringBuilder("{");
sb.append("\"permissionType\":")
.append("\"").append(permissionType).append("\"");
sb.append(",\"permissionUrl\":")
.append("\"").append(permissionUrl).append("\"");
sb.append('}');
return sb.toString();
}
}

44
cloud-common/src/main/java/com/cm/common/pojo/bos/RoleBO.java
View File

@ -27,6 +27,10 @@ public class RoleBO {
private List<RoleMenuBO> routeSaveMenu = new ArrayList<>(); private List<RoleMenuBO> routeSaveMenu = new ArrayList<>();
private List<RoleMenuBO> routeUpdateMenu = new ArrayList<>(); private List<RoleMenuBO> routeUpdateMenu = new ArrayList<>();
private List<RoleMenuBO> routeQueryMenu = new ArrayList<>(); private List<RoleMenuBO> routeQueryMenu = new ArrayList<>();
private List<PermissionBO> permissionInsert = new ArrayList<>();
private List<PermissionBO> permissionDelete = new ArrayList<>();
private List<PermissionBO> permissionUpdate = new ArrayList<>();
private List<PermissionBO> permissionQuery = new ArrayList<>();
public String getRoleId() { public String getRoleId() {
return roleId == null ? "" : roleId.trim(); return roleId == null ? "" : roleId.trim();
@ -148,6 +152,38 @@ public class RoleBO {
this.routeQueryMenu = routeQueryMenu; this.routeQueryMenu = routeQueryMenu;
} }
public List<PermissionBO> getPermissionInsert() {
return permissionInsert;
}
public void setPermissionInsert(List<PermissionBO> permissionInsert) {
this.permissionInsert = permissionInsert;
}
public List<PermissionBO> getPermissionDelete() {
return permissionDelete;
}
public void setPermissionDelete(List<PermissionBO> permissionDelete) {
this.permissionDelete = permissionDelete;
}
public List<PermissionBO> getPermissionUpdate() {
return permissionUpdate;
}
public void setPermissionUpdate(List<PermissionBO> permissionUpdate) {
this.permissionUpdate = permissionUpdate;
}
public List<PermissionBO> getPermissionQuery() {
return permissionQuery;
}
public void setPermissionQuery(List<PermissionBO> permissionQuery) {
this.permissionQuery = permissionQuery;
}
@Override @Override
public String toString() { public String toString() {
final StringBuilder sb = new StringBuilder("{"); final StringBuilder sb = new StringBuilder("{");
@ -181,6 +217,14 @@ public class RoleBO {
.append(routeUpdateMenu); .append(routeUpdateMenu);
sb.append(",\"routeQueryMenu\":") sb.append(",\"routeQueryMenu\":")
.append(routeQueryMenu); .append(routeQueryMenu);
sb.append(",\"permissionInsert\":")
.append(permissionInsert);
sb.append(",\"permissionDelete\":")
.append(permissionDelete);
sb.append(",\"permissionUpdate\":")
.append(permissionUpdate);
sb.append(",\"permissionQuery\":")
.append(permissionQuery);
sb.append('}'); sb.append('}');
return sb.toString(); return sb.toString();
} }

70
cloud-common/src/main/java/com/cm/common/pojo/bos/RoleGrantedAuthority.java
View File

@ -17,17 +17,21 @@ public class RoleGrantedAuthority implements GrantedAuthority {
private String role; private String role;
private String roleId; private String roleId;
private String roleName; private String roleName;
List<RoleMenuBO> apiSaveMenu; private List<RoleMenuBO> apiSaveMenu;
List<RoleMenuBO> apiDeleteMenu; private List<RoleMenuBO> apiDeleteMenu;
List<RoleMenuBO> apiUpdateMenu; private List<RoleMenuBO> apiUpdateMenu;
List<RoleMenuBO> apiQueryMenu; private List<RoleMenuBO> apiQueryMenu;
List<RoleMenuBO> resourceSaveMenu; private List<RoleMenuBO> resourceSaveMenu;
List<RoleMenuBO> resourceDeleteMenu; private List<RoleMenuBO> resourceDeleteMenu;
List<RoleMenuBO> resourceUpdateMenu; private List<RoleMenuBO> resourceUpdateMenu;
List<RoleMenuBO> resourceQueryMenu; private List<RoleMenuBO> resourceQueryMenu;
List<RoleMenuBO> routeSaveMenu; private List<RoleMenuBO> routeSaveMenu;
List<RoleMenuBO> routeUpdateMenu; private List<RoleMenuBO> routeUpdateMenu;
List<RoleMenuBO> routeQueryMenu; private List<RoleMenuBO> routeQueryMenu;
private List<PermissionBO> permissionInsert;
private List<PermissionBO> permissionDelete;
private List<PermissionBO> permissionUpdate;
private List<PermissionBO> permissionQuery;
public RoleGrantedAuthority(String role) { public RoleGrantedAuthority(String role) {
this.role = role; this.role = role;
@ -48,6 +52,10 @@ public class RoleGrantedAuthority implements GrantedAuthority {
this.routeSaveMenu = roleBO.getRouteSaveMenu(); this.routeSaveMenu = roleBO.getRouteSaveMenu();
this.routeUpdateMenu = roleBO.getRouteUpdateMenu(); this.routeUpdateMenu = roleBO.getRouteUpdateMenu();
this.routeQueryMenu = roleBO.getRouteQueryMenu(); this.routeQueryMenu = roleBO.getRouteQueryMenu();
this.permissionInsert = roleBO.getPermissionInsert();
this.permissionDelete = roleBO.getPermissionDelete();
this.permissionUpdate = roleBO.getPermissionUpdate();
this.permissionQuery = roleBO.getPermissionQuery();
} }
@Override @Override
@ -173,6 +181,38 @@ public class RoleGrantedAuthority implements GrantedAuthority {
this.routeQueryMenu = routeQueryMenu; this.routeQueryMenu = routeQueryMenu;
} }
public List<PermissionBO> getPermissionInsert() {
return permissionInsert;
}
public void setPermissionInsert(List<PermissionBO> permissionInsert) {
this.permissionInsert = permissionInsert;
}
public List<PermissionBO> getPermissionDelete() {
return permissionDelete;
}
public void setPermissionDelete(List<PermissionBO> permissionDelete) {
this.permissionDelete = permissionDelete;
}
public List<PermissionBO> getPermissionUpdate() {
return permissionUpdate;
}
public void setPermissionUpdate(List<PermissionBO> permissionUpdate) {
this.permissionUpdate = permissionUpdate;
}
public List<PermissionBO> getPermissionQuery() {
return permissionQuery;
}
public void setPermissionQuery(List<PermissionBO> permissionQuery) {
this.permissionQuery = permissionQuery;
}
@Override @Override
public String toString() { public String toString() {
final StringBuilder sb = new StringBuilder("{"); final StringBuilder sb = new StringBuilder("{");
@ -204,6 +244,14 @@ public class RoleGrantedAuthority implements GrantedAuthority {
.append(routeUpdateMenu); .append(routeUpdateMenu);
sb.append(",\"routeQueryMenu\":") sb.append(",\"routeQueryMenu\":")
.append(routeQueryMenu); .append(routeQueryMenu);
sb.append(",\"permissionInsert\":")
.append(permissionInsert);
sb.append(",\"permissionDelete\":")
.append(permissionDelete);
sb.append(",\"permissionUpdate\":")
.append(permissionUpdate);
sb.append(",\"permissionQuery\":")
.append(permissionQuery);
sb.append('}'); sb.append('}');
return sb.toString(); return sb.toString();
} }