From 005b775a7c6d07d2688ecd33b73b0ce3ed928ba5 Mon Sep 17 00:00:00 2001
From: wanggeng <450292408@qq.com>
Date: Mon, 26 Jul 2021 23:47:46 +0800
Subject: [PATCH] =?UTF-8?q?=E6=96=B0=E5=A2=9E=E4=BA=86=E5=A2=9E=E5=88=A0?=
 =?UTF-8?q?=E6=94=B9=E6=9F=A5=E6=9D=83=E9=99=90=E6=A0=A1=E9=AA=8C=E7=9C=81?=
 =?UTF-8?q?=E7=95=A5=E9=85=8D=E7=BD=AE?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

---
 .../properties/AccessControlProperties.java   | 13 +++-
 .../service/rbac/impl/RbacServiceImpl.java    |  6 ++
 .../service/user/UserDetailServiceImpl.java   | 20 ++++--
 .../controller/route/RoleRouteController.java | 11 ++-
 .../main/resources/templates/role/list.html   | 67 ++++++++++---------
 5 files changed, 79 insertions(+), 38 deletions(-)

diff --git a/basic-properties/src/main/java/ink/wgink/properties/AccessControlProperties.java b/basic-properties/src/main/java/ink/wgink/properties/AccessControlProperties.java
index d5217f73..9b898705 100644
--- a/basic-properties/src/main/java/ink/wgink/properties/AccessControlProperties.java
+++ b/basic-properties/src/main/java/ink/wgink/properties/AccessControlProperties.java
@@ -17,8 +17,17 @@ import java.util.List;
 @ConfigurationProperties(prefix = "access-control")
 public class AccessControlProperties {
 
+    private Boolean rolePermission;
     private List<String> passPaths = new ArrayList<>(0);
 
+    public Boolean getRolePermission() {
+        return rolePermission == null ? true: rolePermission;
+    }
+
+    public void setRolePermission(Boolean rolePermission) {
+        this.rolePermission = rolePermission;
+    }
+
     public List<String> getPassPaths() {
         if (passPaths == null) {
             return new ArrayList<>();
@@ -33,7 +42,9 @@ public class AccessControlProperties {
     @Override
     public String toString() {
         final StringBuilder sb = new StringBuilder("{");
-        sb.append("\"passPaths\":")
+        sb.append("\"rolePermission\":")
+                .append(rolePermission);
+        sb.append(",\"passPaths\":")
                 .append(passPaths);
         sb.append('}');
         return sb.toString();
diff --git a/common/src/main/java/ink/wgink/common/service/rbac/impl/RbacServiceImpl.java b/common/src/main/java/ink/wgink/common/service/rbac/impl/RbacServiceImpl.java
index b99af821..e33a3847 100644
--- a/common/src/main/java/ink/wgink/common/service/rbac/impl/RbacServiceImpl.java
+++ b/common/src/main/java/ink/wgink/common/service/rbac/impl/RbacServiceImpl.java
@@ -32,6 +32,7 @@ public class RbacServiceImpl implements IRbacService {
     private static final Logger LOG = LoggerFactory.getLogger(RbacServiceImpl.class);
     @Autowired
     private AccessControlProperties accessControlProperties;
+
     /**
      * 根路径
      */
@@ -89,6 +90,11 @@ public class RbacServiceImpl implements IRbacService {
                 hasPermission = true;
                 break;
             }
+            if (!accessControlProperties.getRolePermission()) {
+                LOG.debug("不校验URI的增、删、改、查权限");
+                hasPermission = true;
+                break;
+            }
             // 新增权限
             if (hasInsertPermission(contextPath, requestURI, roleGrantedAuthority, antPathMatcher)) {
                 LOG.debug("权限校验URI：{}，有新增权限", requestURI);
diff --git a/login-base/src/main/java/ink/wgink/login/base/service/user/UserDetailServiceImpl.java b/login-base/src/main/java/ink/wgink/login/base/service/user/UserDetailServiceImpl.java
index 9dc9e623..a3a0bf77 100644
--- a/login-base/src/main/java/ink/wgink/login/base/service/user/UserDetailServiceImpl.java
+++ b/login-base/src/main/java/ink/wgink/login/base/service/user/UserDetailServiceImpl.java
@@ -17,6 +17,8 @@ import ink.wgink.pojo.pos.DepartmentPO;
 import ink.wgink.pojo.pos.GroupPO;
 import ink.wgink.pojo.pos.PositionPO;
 import ink.wgink.pojo.pos.RolePO;
+import ink.wgink.properties.AccessControlProperties;
+import ink.wgink.properties.BaseProperties;
 import ink.wgink.service.department.service.IDepartmentUserService;
 import ink.wgink.service.user.pojo.pos.UserPO;
 import ink.wgink.service.user.service.IUserService;
@@ -62,6 +64,8 @@ public class UserDetailServiceImpl implements UserDetailsService, IUserDetailChe
     private IDepartmentUserService departmentUserService;
     @Autowired
     private IUserService userService;
+    @Autowired
+    private AccessControlProperties accessControlProperties;
 
     public UserDetailServiceImpl() {
         super();
@@ -226,14 +230,22 @@ public class UserDetailServiceImpl implements UserDetailsService, IUserDetailChe
     private List<GrantedAuthority> loadRoleAuthority(List<RolePO> rolePOs) {
         List<GrantedAuthority> grantedAuthorities = new ArrayList<>();
         if (null != rolePOs && !rolePOs.isEmpty()) {
+            // 设置菜单权限
             rolePOs.forEach((rolePO) -> {
                 List<String> menuUrls = roleMenuBaseService.listMenuUrl(rolePO.getRoleId());
-                List<String> inserts = rolePermissionService.listPermissionUrl(rolePO.getRoleId(), IRolePermissionBaseService.PERMISSION_INSERT);
-                List<String> deletes = rolePermissionService.listPermissionUrl(rolePO.getRoleId(), IRolePermissionBaseService.PERMISSION_DELETE);
-                List<String> updates = rolePermissionService.listPermissionUrl(rolePO.getRoleId(), IRolePermissionBaseService.PERMISSION_UPDATE);
-                List<String> queries = rolePermissionService.listPermissionUrl(rolePO.getRoleId(), IRolePermissionBaseService.PERMISSION_QUERY);
+                List<String> inserts = new ArrayList<>();
+                List<String> deletes = new ArrayList<>();
+                List<String> updates = new ArrayList<>();
+                List<String> queries = new ArrayList<>();
+                if (accessControlProperties.getRolePermission()) {
+                    inserts.addAll(rolePermissionService.listPermissionUrl(rolePO.getRoleId(), IRolePermissionBaseService.PERMISSION_INSERT));
+                    deletes.addAll(rolePermissionService.listPermissionUrl(rolePO.getRoleId(), IRolePermissionBaseService.PERMISSION_DELETE));
+                    updates.addAll(rolePermissionService.listPermissionUrl(rolePO.getRoleId(), IRolePermissionBaseService.PERMISSION_UPDATE));
+                    queries.addAll(rolePermissionService.listPermissionUrl(rolePO.getRoleId(), IRolePermissionBaseService.PERMISSION_QUERY));
+                }
                 grantedAuthorities.add(new RoleGrantedAuthorityBO(rolePO.getRoleId(), rolePO.getRoleName(), menuUrls, inserts, deletes, updates, queries));
             });
+
         }
         return grantedAuthorities;
     }
diff --git a/service-role/src/main/java/ink/wgink/service/role/controller/route/RoleRouteController.java b/service-role/src/main/java/ink/wgink/service/role/controller/route/RoleRouteController.java
index b97d94bc..47fc9ce5 100644
--- a/service-role/src/main/java/ink/wgink/service/role/controller/route/RoleRouteController.java
+++ b/service-role/src/main/java/ink/wgink/service/role/controller/route/RoleRouteController.java
@@ -1,7 +1,11 @@
 package ink.wgink.service.role.controller.route;
 
 import ink.wgink.interfaces.consts.ISystemConstant;
+import ink.wgink.properties.AccessControlProperties;
+import ink.wgink.properties.BaseProperties;
+import ink.wgink.properties.ServerProperties;
 import io.swagger.annotations.Api;
+import org.springframework.beans.factory.annotation.Autowired;
 import org.springframework.stereotype.Controller;
 import org.springframework.web.bind.annotation.GetMapping;
 import org.springframework.web.bind.annotation.RequestMapping;
@@ -22,6 +26,9 @@ import org.springframework.web.servlet.ModelAndView;
 @RequestMapping(ISystemConstant.ROUTE_PREFIX + "/role")
 public class RoleRouteController {
 
+    @Autowired
+    private AccessControlProperties accessControlProperties;
+
     @GetMapping("save")
     public ModelAndView save() {
         return new ModelAndView("role/save");
@@ -39,7 +46,9 @@ public class RoleRouteController {
 
     @GetMapping("list")
     public ModelAndView list() {
-        return new ModelAndView("role/list");
+        ModelAndView mv = new ModelAndView("role/list");
+        mv.addObject("rolePermission", accessControlProperties.getRolePermission());
+        return mv;
     }
 
     @GetMapping("data-authority")
diff --git a/service-role/src/main/resources/templates/role/list.html b/service-role/src/main/resources/templates/role/list.html
index eb75b18f..cec3b348 100644
--- a/service-role/src/main/resources/templates/role/list.html
+++ b/service-role/src/main/resources/templates/role/list.html
@@ -52,6 +52,7 @@
             </div>
         </div>
     </div>
+    <input type="hidden" id="rolePermission" th:value="${rolePermission}"/>
 </div>
 <script src="assets/layuiadmin/layui/layui.js"></script>
 <script type="text/javascript">
@@ -70,6 +71,39 @@
 
         // 初始化表格
         function initTable() {
+            var col = [
+                {type:'checkbox', fixed: 'left'},
+                {field:'rowNum', width:80, title: '序号', fixed: 'left', align:'center', templet: '#rowNum'},
+                {field:'users', width:100, title: '人员列表', align:'center',
+                    templet: function(item) {
+                        return '<button type="button" class="layui-btn layui-btn-xs" lay-event="userEvent"><i class="fa fa-users"></i> 查看</button>';
+                    }
+                },
+                {field:'roleName', width:170, title: '角色名称', align:'center',},
+                {field:'roleSummary', width:170, title: '角色说明', align:'center',},
+                {field:'roleCode', width:170, title: '角色编码', align:'center',},
+
+            ]
+            if($('#rolePermission').val() == 'true') {
+                col.push({field:'permission', width:190, title: '接口权限', align:'center',
+                    templet: function(item) {
+                        return '<div class="layui-btn-group">' +
+                            '<button type="button" class="layui-btn layui-btn-xs" lay-event="saveEvent"><i class="fa fa-plus"></i> 增</button>' +
+                            '<button type="button" class="layui-btn layui-btn-danger layui-btn-xs" lay-event="removeEvent"><i class="fa fa-minus"></i> 删</button>' +
+                            '<button type="button" class="layui-btn layui-btn-normal layui-btn-xs" lay-event="updateEvent"><i class="fa fa-pencil"></i> 改</button>' +
+                            '<button type="button" class="layui-btn layui-btn-warm layui-btn-xs" lay-event="queryEvent"><i class="fa fa-search"></i> 查</button>'+
+                            '</div>'
+                    }
+                })
+            }
+            col.push({field:'jurisdiction', width:140, title: '其他权限', align:'center',
+                templet: function(item) {
+                    return '<div class="layui-btn-group">' +
+                        '<button type="button" class="layui-btn layui-btn-normal layui-btn-xs" lay-event="dataEvent"><i class="fa fa-database"></i> 数据</button>' +
+                        '<button type="button" class="layui-btn layui-btn-normal layui-btn-xs" lay-event="menuEvent"><i class="fa fa-list"></i> 菜单</button>'+
+                        '</div>'
+                }
+            });
             table.render({
                 elem: '#dataTable',
                 id: 'dataTable',
@@ -83,38 +117,7 @@
                     pageName: 'page',
                     limitName: 'rows'
                 },
-                cols: [
-                    [
-                        {type:'checkbox', fixed: 'left'},
-                        {field:'rowNum', width:80, title: '序号', fixed: 'left', align:'center', templet: '#rowNum'},
-                        {field:'users', width:100, title: '人员列表', align:'center',
-                            templet: function(item) {
-                                return '<button type="button" class="layui-btn layui-btn-xs" lay-event="userEvent"><i class="fa fa-users"></i> 查看</button>';
-                            }
-                        },
-                        {field:'roleName', width:170, title: '角色名称', align:'center',},
-                        {field:'roleSummary', width:170, title: '角色说明', align:'center',},
-                        {field:'roleCode', width:170, title: '角色编码', align:'center',},
-                        {field:'jurisdiction', width:190, title: '接口权限', align:'center',
-                            templet: function(item) {
-                                return '<div class="layui-btn-group">' +
-                                    '<button type="button" class="layui-btn layui-btn-xs" lay-event="saveEvent"><i class="fa fa-plus"></i> 增</button>' +
-                                    '<button type="button" class="layui-btn layui-btn-danger layui-btn-xs" lay-event="removeEvent"><i class="fa fa-minus"></i> 删</button>' +
-                                    '<button type="button" class="layui-btn layui-btn-normal layui-btn-xs" lay-event="updateEvent"><i class="fa fa-pencil"></i> 改</button>' +
-                                    '<button type="button" class="layui-btn layui-btn-warm layui-btn-xs" lay-event="queryEvent"><i class="fa fa-search"></i> 查</button>'+
-                                    '</div>'
-                            }
-                        },
-                        {field:'jurisdiction', width:140, title: '其他权限', align:'center',
-                            templet: function(item) {
-                                return '<div class="layui-btn-group">' +
-                                    '<button type="button" class="layui-btn layui-btn-normal layui-btn-xs" lay-event="dataEvent"><i class="fa fa-database"></i> 数据</button>' +
-                                    '<button type="button" class="layui-btn layui-btn-normal layui-btn-xs" lay-event="menuEvent"><i class="fa fa-list"></i> 菜单</button>'+
-                                    '</div>'
-                            }
-                        },
-                    ]
-                ],
+                cols: [col],
                 page: true,
                 parseData: function(data) {
                     return {