修改权限
This commit is contained in:
parent
94c88f8eea
commit
43d3fb7ae0
@ -105,8 +105,8 @@ public class MenuController extends BaseController {
|
|||||||
params.put("menuStatus", menuVO.getMenuStatus());
|
params.put("menuStatus", menuVO.getMenuStatus());
|
||||||
|
|
||||||
if (StringUtils.isBlank(menuVO.getMenuUrl())) {
|
if (StringUtils.isBlank(menuVO.getMenuUrl())) {
|
||||||
params.put("menuUrl", "javascript:void(0);");
|
params.put("menuUrl", IMenuService.PARENT_MENU_URL);
|
||||||
} else if (StringUtils.equals(menuVO.getMenuUrl(), "javascript:void(0);")) {
|
} else if (StringUtils.equals(menuVO.getMenuUrl(), IMenuService.PARENT_MENU_URL)) {
|
||||||
params.put("menuUrl", menuVO.getMenuUrl());
|
params.put("menuUrl", menuVO.getMenuUrl());
|
||||||
} else {
|
} else {
|
||||||
params.put("menuUrl", addSlash(menuVO.getMenuUrl()));
|
params.put("menuUrl", addSlash(menuVO.getMenuUrl()));
|
||||||
|
|||||||
@ -11,7 +11,6 @@ import org.slf4j.LoggerFactory;
|
|||||||
import org.springframework.beans.factory.annotation.Autowired;
|
import org.springframework.beans.factory.annotation.Autowired;
|
||||||
import org.springframework.security.core.Authentication;
|
import org.springframework.security.core.Authentication;
|
||||||
import org.springframework.security.core.GrantedAuthority;
|
import org.springframework.security.core.GrantedAuthority;
|
||||||
import org.springframework.security.core.authority.SimpleGrantedAuthority;
|
|
||||||
import org.springframework.stereotype.Component;
|
import org.springframework.stereotype.Component;
|
||||||
import org.springframework.util.AntPathMatcher;
|
import org.springframework.util.AntPathMatcher;
|
||||||
|
|
||||||
@ -54,7 +53,7 @@ public class UserRbacServiceImpl implements IRbacService {
|
|||||||
String contextPath = request.getContextPath();
|
String contextPath = request.getContextPath();
|
||||||
for (GrantedAuthority grantedAuthority : grantedAuthorities) {
|
for (GrantedAuthority grantedAuthority : grantedAuthorities) {
|
||||||
// 权限类型错误,认证失败
|
// 权限类型错误,认证失败
|
||||||
if(!(grantedAuthority instanceof RoleGrantedAuthority)) {
|
if (!(grantedAuthority instanceof RoleGrantedAuthority)) {
|
||||||
return false;
|
return false;
|
||||||
}
|
}
|
||||||
RoleGrantedAuthority roleGrantedAuthority = (RoleGrantedAuthority) grantedAuthority;
|
RoleGrantedAuthority roleGrantedAuthority = (RoleGrantedAuthority) grantedAuthority;
|
||||||
@ -135,25 +134,15 @@ public class UserRbacServiceImpl implements IRbacService {
|
|||||||
}
|
}
|
||||||
List<String> savePaths = accessControl.getSavePaths();
|
List<String> savePaths = accessControl.getSavePaths();
|
||||||
// 匹配接口
|
// 匹配接口
|
||||||
for (RoleMenuBO roleMenuBO : roleGrantedAuthority.getApiSaveMenu()) {
|
for (RoleMenuBO roleMenuBO : roleGrantedAuthority.getSaveMenu()) {
|
||||||
for (String savePath : savePaths) {
|
for (String savePath : savePaths) {
|
||||||
if (antPathMatcher.match(contextPath + roleMenuBO.getApiPrefix() + savePath, uri)) {
|
if (!StringUtils.isBlank(roleMenuBO.getApiPrefix()) && antPathMatcher.match(contextPath + roleMenuBO.getApiPrefix() + savePath, uri)) {
|
||||||
return true;
|
return true;
|
||||||
}
|
}
|
||||||
}
|
if (!StringUtils.isBlank(roleMenuBO.getResourcePrefix()) && antPathMatcher.match(contextPath + roleMenuBO.getResourcePrefix() + savePath, uri)) {
|
||||||
}
|
|
||||||
// 匹配资源
|
|
||||||
for (RoleMenuBO roleMenuBO : roleGrantedAuthority.getResourceSaveMenu()) {
|
|
||||||
for (String savePath : savePaths) {
|
|
||||||
if (antPathMatcher.match(contextPath + roleMenuBO.getResourcePrefix() + savePath, uri)) {
|
|
||||||
return true;
|
return true;
|
||||||
}
|
}
|
||||||
}
|
if (!StringUtils.isBlank(roleMenuBO.getRoutePrefix()) && antPathMatcher.match(contextPath + roleMenuBO.getRoutePrefix() + savePath, uri)) {
|
||||||
}
|
|
||||||
// 匹配路由
|
|
||||||
for (RoleMenuBO roleMenuBO : roleGrantedAuthority.getRouteSaveMenu()) {
|
|
||||||
for (String savePath : savePaths) {
|
|
||||||
if (antPathMatcher.match(contextPath + roleMenuBO.getRoutePrefix() + savePath, uri)) {
|
|
||||||
return true;
|
return true;
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
@ -178,17 +167,12 @@ public class UserRbacServiceImpl implements IRbacService {
|
|||||||
}
|
}
|
||||||
List<String> deletePaths = accessControl.getDeletePaths();
|
List<String> deletePaths = accessControl.getDeletePaths();
|
||||||
// 匹配接口
|
// 匹配接口
|
||||||
for (RoleMenuBO roleMenuBO : roleGrantedAuthority.getApiDeleteMenu()) {
|
for (RoleMenuBO roleMenuBO : roleGrantedAuthority.getDeleteMenu()) {
|
||||||
for (String deletePath : deletePaths) {
|
for (String deletePath : deletePaths) {
|
||||||
if (antPathMatcher.match(contextPath + roleMenuBO.getApiPrefix() + deletePath, uri)) {
|
if (!StringUtils.isBlank(roleMenuBO.getApiPrefix()) && antPathMatcher.match(contextPath + roleMenuBO.getApiPrefix() + deletePath, uri)) {
|
||||||
return true;
|
return true;
|
||||||
}
|
}
|
||||||
}
|
if (!StringUtils.isBlank(roleMenuBO.getResourcePrefix()) && antPathMatcher.match(contextPath + roleMenuBO.getResourcePrefix() + deletePath, uri)) {
|
||||||
}
|
|
||||||
// 匹配资源
|
|
||||||
for (RoleMenuBO roleMenuBO : roleGrantedAuthority.getResourceDeleteMenu()) {
|
|
||||||
for (String deletePath : deletePaths) {
|
|
||||||
if (antPathMatcher.match(contextPath + roleMenuBO.getResourcePrefix() + deletePath, uri)) {
|
|
||||||
return true;
|
return true;
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
@ -213,25 +197,15 @@ public class UserRbacServiceImpl implements IRbacService {
|
|||||||
}
|
}
|
||||||
List<String> updatePaths = accessControl.getUpdatePaths();
|
List<String> updatePaths = accessControl.getUpdatePaths();
|
||||||
// 匹配接口
|
// 匹配接口
|
||||||
for (RoleMenuBO roleMenuBO : roleGrantedAuthority.getApiUpdateMenu()) {
|
for (RoleMenuBO roleMenuBO : roleGrantedAuthority.getUpdateMenu()) {
|
||||||
for (String updatePath : updatePaths) {
|
for (String updatePath : updatePaths) {
|
||||||
if (antPathMatcher.match(contextPath + roleMenuBO.getApiPrefix() + updatePath, uri)) {
|
if (!StringUtils.isBlank(roleMenuBO.getApiPrefix()) && antPathMatcher.match(contextPath + roleMenuBO.getApiPrefix() + updatePath, uri)) {
|
||||||
return true;
|
return true;
|
||||||
}
|
}
|
||||||
}
|
if (!StringUtils.isBlank(roleMenuBO.getResourcePrefix()) && antPathMatcher.match(contextPath + roleMenuBO.getResourcePrefix() + updatePath, uri)) {
|
||||||
}
|
|
||||||
// 匹配资源
|
|
||||||
for (RoleMenuBO roleMenuBO : roleGrantedAuthority.getResourceUpdateMenu()) {
|
|
||||||
for (String updatePath : updatePaths) {
|
|
||||||
if (antPathMatcher.match(contextPath + roleMenuBO.getResourcePrefix() + updatePath, uri)) {
|
|
||||||
return true;
|
return true;
|
||||||
}
|
}
|
||||||
}
|
if (!StringUtils.isBlank(roleMenuBO.getRoutePrefix()) && antPathMatcher.match(contextPath + roleMenuBO.getRoutePrefix() + updatePath, uri)) {
|
||||||
}
|
|
||||||
// 匹配路由
|
|
||||||
for (RoleMenuBO roleMenuBO : roleGrantedAuthority.getRouteUpdateMenu()) {
|
|
||||||
for (String updatePath : updatePaths) {
|
|
||||||
if (antPathMatcher.match(contextPath + roleMenuBO.getRoutePrefix() + updatePath, uri)) {
|
|
||||||
return true;
|
return true;
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
@ -256,26 +230,15 @@ public class UserRbacServiceImpl implements IRbacService {
|
|||||||
}
|
}
|
||||||
List<String> queryPaths = accessControl.getQueryPaths();
|
List<String> queryPaths = accessControl.getQueryPaths();
|
||||||
// 匹配接口
|
// 匹配接口
|
||||||
for (RoleMenuBO roleMenuBO : roleGrantedAuthority.getApiQueryMenu()) {
|
for (RoleMenuBO roleMenuBO : roleGrantedAuthority.getQueryMenu()) {
|
||||||
for (String queryPath : queryPaths) {
|
for (String queryPath : queryPaths) {
|
||||||
String queryAntPath = contextPath + roleMenuBO.getApiPrefix() + queryPath;
|
if (!StringUtils.isBlank(roleMenuBO.getApiPrefix()) && antPathMatcher.match(contextPath + roleMenuBO.getApiPrefix() + queryPath, uri)) {
|
||||||
if (antPathMatcher.match(queryAntPath, uri)) {
|
|
||||||
return true;
|
return true;
|
||||||
}
|
}
|
||||||
}
|
if (!StringUtils.isBlank(roleMenuBO.getResourcePrefix()) && antPathMatcher.match(contextPath + roleMenuBO.getResourcePrefix() + queryPath, uri)) {
|
||||||
}
|
|
||||||
// 匹配资源
|
|
||||||
for (RoleMenuBO roleMenuBO : roleGrantedAuthority.getResourceQueryMenu()) {
|
|
||||||
for (String queryPath : queryPaths) {
|
|
||||||
if (antPathMatcher.match(contextPath + roleMenuBO.getResourcePrefix() + queryPath, uri)) {
|
|
||||||
return true;
|
return true;
|
||||||
}
|
}
|
||||||
}
|
if (!StringUtils.isBlank(roleMenuBO.getRoutePrefix()) && antPathMatcher.match(contextPath + roleMenuBO.getRoutePrefix() + queryPath, uri)) {
|
||||||
}
|
|
||||||
// 匹配路由
|
|
||||||
for (RoleMenuBO roleMenuBO : roleGrantedAuthority.getRouteQueryMenu()) {
|
|
||||||
for (String queryPath : queryPaths) {
|
|
||||||
if (antPathMatcher.match(contextPath + roleMenuBO.getRoutePrefix() + queryPath, uri)) {
|
|
||||||
return true;
|
return true;
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|||||||
@ -23,6 +23,8 @@ import java.util.Map;
|
|||||||
**/
|
**/
|
||||||
public interface IMenuService {
|
public interface IMenuService {
|
||||||
|
|
||||||
|
String PARENT_MENU_URL = "javascript:void(0);";
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* 菜单列表
|
* 菜单列表
|
||||||
*
|
*
|
||||||
|
|||||||
@ -18,11 +18,11 @@ import com.cm.serviceusercenter.pojo.dtos.RoleDTO;
|
|||||||
import com.cm.serviceusercenter.pojo.dtos.permission.PermissionRoleDTO;
|
import com.cm.serviceusercenter.pojo.dtos.permission.PermissionRoleDTO;
|
||||||
import com.cm.serviceusercenter.pojo.dtos.role.RoleDataAuthorityDTO;
|
import com.cm.serviceusercenter.pojo.dtos.role.RoleDataAuthorityDTO;
|
||||||
import com.cm.serviceusercenter.pojo.dtos.role.RoleDataAuthorityTypeDTO;
|
import com.cm.serviceusercenter.pojo.dtos.role.RoleDataAuthorityTypeDTO;
|
||||||
import com.cm.serviceusercenter.pojo.vos.permission.PermissionRoleVO;
|
|
||||||
import com.cm.serviceusercenter.pojo.vos.role.RoleDataAuthorityVO;
|
import com.cm.serviceusercenter.pojo.vos.role.RoleDataAuthorityVO;
|
||||||
import com.cm.serviceusercenter.pojo.vos.role.RoleUserAuthorityVO;
|
import com.cm.serviceusercenter.pojo.vos.role.RoleUserAuthorityVO;
|
||||||
import com.cm.serviceusercenter.service.BaseService;
|
import com.cm.serviceusercenter.service.BaseService;
|
||||||
import com.cm.serviceusercenter.service.permission.IPermissionService;
|
import com.cm.serviceusercenter.service.permission.IPermissionService;
|
||||||
|
import com.cm.serviceusercenter.service.system.menu.IMenuService;
|
||||||
import com.cm.serviceusercenter.service.system.role.IRoleService;
|
import com.cm.serviceusercenter.service.system.role.IRoleService;
|
||||||
import com.cm.serviceusercenter.service.system.user.IUserService;
|
import com.cm.serviceusercenter.service.system.user.IUserService;
|
||||||
import com.github.pagehelper.PageHelper;
|
import com.github.pagehelper.PageHelper;
|
||||||
@ -166,19 +166,10 @@ public class RoleServiceImpl extends BaseService implements IRoleService {
|
|||||||
params.put("roleId", roleId);
|
params.put("roleId", roleId);
|
||||||
List<RoleMenuBO> roleMenuBOs = listRoleMenuDetail(params);
|
List<RoleMenuBO> roleMenuBOs = listRoleMenuDetail(params);
|
||||||
|
|
||||||
List<RoleMenuBO> apiSaveMenu = new ArrayList<>(0);
|
List<RoleMenuBO> saveMenu = new ArrayList<>(0);
|
||||||
List<RoleMenuBO> apiDeleteMenu = new ArrayList<>(0);
|
List<RoleMenuBO> deleteMenu = new ArrayList<>(0);
|
||||||
List<RoleMenuBO> apiUpdateMenu = new ArrayList<>(0);
|
List<RoleMenuBO> updateMenu = new ArrayList<>(0);
|
||||||
List<RoleMenuBO> apiQueryMenu = new ArrayList<>(0);
|
List<RoleMenuBO> queryMenu = new ArrayList<>(0);
|
||||||
|
|
||||||
List<RoleMenuBO> resourceSaveMenu = new ArrayList<>(0);
|
|
||||||
List<RoleMenuBO> resourceDeleteMenu = new ArrayList<>(0);
|
|
||||||
List<RoleMenuBO> resourceUpdateMenu = new ArrayList<>(0);
|
|
||||||
List<RoleMenuBO> resourceQueryMenu = new ArrayList<>(0);
|
|
||||||
|
|
||||||
List<RoleMenuBO> routeSaveMenu = new ArrayList<>(0);
|
|
||||||
List<RoleMenuBO> routeUpdateMenu = new ArrayList<>(0);
|
|
||||||
List<RoleMenuBO> routeQueryMenu = new ArrayList<>(0);
|
|
||||||
|
|
||||||
List<PermissionBO> permissionInsert = new ArrayList<>(0);
|
List<PermissionBO> permissionInsert = new ArrayList<>(0);
|
||||||
List<PermissionBO> permissionDelete = new ArrayList<>(0);
|
List<PermissionBO> permissionDelete = new ArrayList<>(0);
|
||||||
@ -187,41 +178,29 @@ public class RoleServiceImpl extends BaseService implements IRoleService {
|
|||||||
|
|
||||||
LOG.debug("角色菜单权限");
|
LOG.debug("角色菜单权限");
|
||||||
for (RoleMenuBO roleMenuBO : roleMenuBOs) {
|
for (RoleMenuBO roleMenuBO : roleMenuBOs) {
|
||||||
roleMenuBO.setApiPrefix(roleMenuBO.getApiPrefix());
|
if(StringUtils.equals(roleMenuBO.getMenuUrl(), IMenuService.PARENT_MENU_URL)) {
|
||||||
roleMenuBO.setResourcePrefix(roleMenuBO.getResourcePrefix());
|
roleMenuBO.setApiPrefix(null);
|
||||||
roleMenuBO.setRoutePrefix(roleMenuBO.getRoutePrefix());
|
roleMenuBO.setResourcePrefix(null);
|
||||||
|
roleMenuBO.setRoutePrefix(null);
|
||||||
|
}
|
||||||
if (IRoleService.ROLE_INSERT.equals(roleMenuBO.getRoleType())) {
|
if (IRoleService.ROLE_INSERT.equals(roleMenuBO.getRoleType())) {
|
||||||
apiSaveMenu.add(roleMenuBO);
|
saveMenu.add(roleMenuBO);
|
||||||
resourceSaveMenu.add(roleMenuBO);
|
|
||||||
routeSaveMenu.add(roleMenuBO);
|
|
||||||
} else if (IRoleService.ROLE_DELETE.equals(roleMenuBO.getRoleType())) {
|
} else if (IRoleService.ROLE_DELETE.equals(roleMenuBO.getRoleType())) {
|
||||||
apiDeleteMenu.add(roleMenuBO);
|
deleteMenu.add(roleMenuBO);
|
||||||
resourceDeleteMenu.add(roleMenuBO);
|
|
||||||
} else if (IRoleService.ROLE_UPDATE.equals(roleMenuBO.getRoleType())) {
|
} else if (IRoleService.ROLE_UPDATE.equals(roleMenuBO.getRoleType())) {
|
||||||
apiUpdateMenu.add(roleMenuBO);
|
updateMenu.add(roleMenuBO);
|
||||||
resourceUpdateMenu.add(roleMenuBO);
|
|
||||||
routeUpdateMenu.add(roleMenuBO);
|
|
||||||
} else if (IRoleService.ROLE_QUERY.equals(roleMenuBO.getRoleType())) {
|
} else if (IRoleService.ROLE_QUERY.equals(roleMenuBO.getRoleType())) {
|
||||||
apiQueryMenu.add(roleMenuBO);
|
queryMenu.add(roleMenuBO);
|
||||||
resourceQueryMenu.add(roleMenuBO);
|
|
||||||
routeQueryMenu.add(roleMenuBO);
|
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
LOG.debug("角色接口权限");
|
LOG.debug("角色接口权限");
|
||||||
setApiPermission(roleId, permissionInsert, permissionDelete, permissionUpdate, permissionQuery);
|
setApiPermission(roleId, permissionInsert, permissionDelete, permissionUpdate, permissionQuery);
|
||||||
RoleBO roleBO = new RoleBO();
|
RoleBO roleBO = new RoleBO();
|
||||||
roleBO.setRoleId(roleId);
|
roleBO.setRoleId(roleId);
|
||||||
roleBO.setApiSaveMenu(apiSaveMenu);
|
roleBO.setSaveMenu(saveMenu);
|
||||||
roleBO.setApiDeleteMenu(apiDeleteMenu);
|
roleBO.setDeleteMenu(deleteMenu);
|
||||||
roleBO.setApiUpdateMenu(apiUpdateMenu);
|
roleBO.setUpdateMenu(updateMenu);
|
||||||
roleBO.setApiQueryMenu(apiQueryMenu);
|
roleBO.setQueryMenu(queryMenu);
|
||||||
roleBO.setResourceSaveMenu(resourceSaveMenu);
|
|
||||||
roleBO.setResourceDeleteMenu(resourceDeleteMenu);
|
|
||||||
roleBO.setResourceUpdateMenu(resourceUpdateMenu);
|
|
||||||
roleBO.setResourceQueryMenu(resourceQueryMenu);
|
|
||||||
roleBO.setRouteSaveMenu(routeSaveMenu);
|
|
||||||
roleBO.setRouteUpdateMenu(routeUpdateMenu);
|
|
||||||
roleBO.setRouteQueryMenu(routeQueryMenu);
|
|
||||||
roleBO.setPermissionInsert(permissionInsert);
|
roleBO.setPermissionInsert(permissionInsert);
|
||||||
roleBO.setPermissionDelete(permissionDelete);
|
roleBO.setPermissionDelete(permissionDelete);
|
||||||
roleBO.setPermissionUpdate(permissionUpdate);
|
roleBO.setPermissionUpdate(permissionUpdate);
|
||||||
@ -304,17 +283,10 @@ public class RoleServiceImpl extends BaseService implements IRoleService {
|
|||||||
@Override
|
@Override
|
||||||
public void setRoleMenu(RoleBO roleBO) throws SearchException {
|
public void setRoleMenu(RoleBO roleBO) throws SearchException {
|
||||||
RoleBO role = getRoleBOByRoleId(roleBO.getRoleId());
|
RoleBO role = getRoleBOByRoleId(roleBO.getRoleId());
|
||||||
roleBO.setApiSaveMenu(role.getApiSaveMenu());
|
roleBO.setSaveMenu(role.getSaveMenu());
|
||||||
roleBO.setApiDeleteMenu(role.getApiDeleteMenu());
|
roleBO.setDeleteMenu(role.getDeleteMenu());
|
||||||
roleBO.setApiUpdateMenu(role.getApiUpdateMenu());
|
roleBO.setUpdateMenu(role.getUpdateMenu());
|
||||||
roleBO.setApiQueryMenu(role.getApiQueryMenu());
|
roleBO.setQueryMenu(role.getQueryMenu());
|
||||||
roleBO.setResourceSaveMenu(role.getResourceSaveMenu());
|
|
||||||
roleBO.setResourceDeleteMenu(role.getResourceDeleteMenu());
|
|
||||||
roleBO.setResourceUpdateMenu(role.getResourceUpdateMenu());
|
|
||||||
roleBO.setResourceQueryMenu(role.getResourceQueryMenu());
|
|
||||||
roleBO.setRouteSaveMenu(role.getRouteSaveMenu());
|
|
||||||
roleBO.setRouteUpdateMenu(role.getRouteUpdateMenu());
|
|
||||||
roleBO.setRouteQueryMenu(role.getRouteQueryMenu());
|
|
||||||
roleBO.setPermissionInsert(role.getPermissionInsert());
|
roleBO.setPermissionInsert(role.getPermissionInsert());
|
||||||
roleBO.setPermissionDelete(role.getPermissionDelete());
|
roleBO.setPermissionDelete(role.getPermissionDelete());
|
||||||
roleBO.setPermissionUpdate(role.getPermissionUpdate());
|
roleBO.setPermissionUpdate(role.getPermissionUpdate());
|
||||||
|
|||||||
@ -40,6 +40,7 @@
|
|||||||
<result property="apiPrefix" column="api_prefix"/>
|
<result property="apiPrefix" column="api_prefix"/>
|
||||||
<result property="resourcePrefix" column="resource_prefix"/>
|
<result property="resourcePrefix" column="resource_prefix"/>
|
||||||
<result property="routePrefix" column="route_prefix"/>
|
<result property="routePrefix" column="route_prefix"/>
|
||||||
|
<result property="menuUrl" column="menu_url"/>
|
||||||
</resultMap>
|
</resultMap>
|
||||||
|
|
||||||
<resultMap id="roleZTreeDTO" type="com.cm.common.pojo.dtos.ZTreeDTO">
|
<resultMap id="roleZTreeDTO" type="com.cm.common.pojo.dtos.ZTreeDTO">
|
||||||
@ -327,7 +328,8 @@
|
|||||||
t1.*,
|
t1.*,
|
||||||
t2.api_prefix,
|
t2.api_prefix,
|
||||||
t2.resource_prefix,
|
t2.resource_prefix,
|
||||||
t2.route_prefix
|
t2.route_prefix,
|
||||||
|
t2.menu_url
|
||||||
FROM
|
FROM
|
||||||
sys_role_menu t1
|
sys_role_menu t1
|
||||||
LEFT JOIN
|
LEFT JOIN
|
||||||
|
|||||||
Loading…
Reference in New Issue
Block a user