新增了增删改查权限校验省略配置
This commit is contained in:
parent
028c8492d1
commit
005b775a7c
@ -17,8 +17,17 @@ import java.util.List;
|
|||||||
@ConfigurationProperties(prefix = "access-control")
|
@ConfigurationProperties(prefix = "access-control")
|
||||||
public class AccessControlProperties {
|
public class AccessControlProperties {
|
||||||
|
|
||||||
|
private Boolean rolePermission;
|
||||||
private List<String> passPaths = new ArrayList<>(0);
|
private List<String> passPaths = new ArrayList<>(0);
|
||||||
|
|
||||||
|
public Boolean getRolePermission() {
|
||||||
|
return rolePermission == null ? true: rolePermission;
|
||||||
|
}
|
||||||
|
|
||||||
|
public void setRolePermission(Boolean rolePermission) {
|
||||||
|
this.rolePermission = rolePermission;
|
||||||
|
}
|
||||||
|
|
||||||
public List<String> getPassPaths() {
|
public List<String> getPassPaths() {
|
||||||
if (passPaths == null) {
|
if (passPaths == null) {
|
||||||
return new ArrayList<>();
|
return new ArrayList<>();
|
||||||
@ -33,7 +42,9 @@ public class AccessControlProperties {
|
|||||||
@Override
|
@Override
|
||||||
public String toString() {
|
public String toString() {
|
||||||
final StringBuilder sb = new StringBuilder("{");
|
final StringBuilder sb = new StringBuilder("{");
|
||||||
sb.append("\"passPaths\":")
|
sb.append("\"rolePermission\":")
|
||||||
|
.append(rolePermission);
|
||||||
|
sb.append(",\"passPaths\":")
|
||||||
.append(passPaths);
|
.append(passPaths);
|
||||||
sb.append('}');
|
sb.append('}');
|
||||||
return sb.toString();
|
return sb.toString();
|
||||||
|
|||||||
@ -32,6 +32,7 @@ public class RbacServiceImpl implements IRbacService {
|
|||||||
private static final Logger LOG = LoggerFactory.getLogger(RbacServiceImpl.class);
|
private static final Logger LOG = LoggerFactory.getLogger(RbacServiceImpl.class);
|
||||||
@Autowired
|
@Autowired
|
||||||
private AccessControlProperties accessControlProperties;
|
private AccessControlProperties accessControlProperties;
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* 根路径
|
* 根路径
|
||||||
*/
|
*/
|
||||||
@ -89,6 +90,11 @@ public class RbacServiceImpl implements IRbacService {
|
|||||||
hasPermission = true;
|
hasPermission = true;
|
||||||
break;
|
break;
|
||||||
}
|
}
|
||||||
|
if (!accessControlProperties.getRolePermission()) {
|
||||||
|
LOG.debug("不校验URI的增、删、改、查权限");
|
||||||
|
hasPermission = true;
|
||||||
|
break;
|
||||||
|
}
|
||||||
// 新增权限
|
// 新增权限
|
||||||
if (hasInsertPermission(contextPath, requestURI, roleGrantedAuthority, antPathMatcher)) {
|
if (hasInsertPermission(contextPath, requestURI, roleGrantedAuthority, antPathMatcher)) {
|
||||||
LOG.debug("权限校验URI:{},有新增权限", requestURI);
|
LOG.debug("权限校验URI:{},有新增权限", requestURI);
|
||||||
|
|||||||
@ -17,6 +17,8 @@ import ink.wgink.pojo.pos.DepartmentPO;
|
|||||||
import ink.wgink.pojo.pos.GroupPO;
|
import ink.wgink.pojo.pos.GroupPO;
|
||||||
import ink.wgink.pojo.pos.PositionPO;
|
import ink.wgink.pojo.pos.PositionPO;
|
||||||
import ink.wgink.pojo.pos.RolePO;
|
import ink.wgink.pojo.pos.RolePO;
|
||||||
|
import ink.wgink.properties.AccessControlProperties;
|
||||||
|
import ink.wgink.properties.BaseProperties;
|
||||||
import ink.wgink.service.department.service.IDepartmentUserService;
|
import ink.wgink.service.department.service.IDepartmentUserService;
|
||||||
import ink.wgink.service.user.pojo.pos.UserPO;
|
import ink.wgink.service.user.pojo.pos.UserPO;
|
||||||
import ink.wgink.service.user.service.IUserService;
|
import ink.wgink.service.user.service.IUserService;
|
||||||
@ -62,6 +64,8 @@ public class UserDetailServiceImpl implements UserDetailsService, IUserDetailChe
|
|||||||
private IDepartmentUserService departmentUserService;
|
private IDepartmentUserService departmentUserService;
|
||||||
@Autowired
|
@Autowired
|
||||||
private IUserService userService;
|
private IUserService userService;
|
||||||
|
@Autowired
|
||||||
|
private AccessControlProperties accessControlProperties;
|
||||||
|
|
||||||
public UserDetailServiceImpl() {
|
public UserDetailServiceImpl() {
|
||||||
super();
|
super();
|
||||||
@ -226,14 +230,22 @@ public class UserDetailServiceImpl implements UserDetailsService, IUserDetailChe
|
|||||||
private List<GrantedAuthority> loadRoleAuthority(List<RolePO> rolePOs) {
|
private List<GrantedAuthority> loadRoleAuthority(List<RolePO> rolePOs) {
|
||||||
List<GrantedAuthority> grantedAuthorities = new ArrayList<>();
|
List<GrantedAuthority> grantedAuthorities = new ArrayList<>();
|
||||||
if (null != rolePOs && !rolePOs.isEmpty()) {
|
if (null != rolePOs && !rolePOs.isEmpty()) {
|
||||||
|
// 设置菜单权限
|
||||||
rolePOs.forEach((rolePO) -> {
|
rolePOs.forEach((rolePO) -> {
|
||||||
List<String> menuUrls = roleMenuBaseService.listMenuUrl(rolePO.getRoleId());
|
List<String> menuUrls = roleMenuBaseService.listMenuUrl(rolePO.getRoleId());
|
||||||
List<String> inserts = rolePermissionService.listPermissionUrl(rolePO.getRoleId(), IRolePermissionBaseService.PERMISSION_INSERT);
|
List<String> inserts = new ArrayList<>();
|
||||||
List<String> deletes = rolePermissionService.listPermissionUrl(rolePO.getRoleId(), IRolePermissionBaseService.PERMISSION_DELETE);
|
List<String> deletes = new ArrayList<>();
|
||||||
List<String> updates = rolePermissionService.listPermissionUrl(rolePO.getRoleId(), IRolePermissionBaseService.PERMISSION_UPDATE);
|
List<String> updates = new ArrayList<>();
|
||||||
List<String> queries = rolePermissionService.listPermissionUrl(rolePO.getRoleId(), IRolePermissionBaseService.PERMISSION_QUERY);
|
List<String> queries = new ArrayList<>();
|
||||||
|
if (accessControlProperties.getRolePermission()) {
|
||||||
|
inserts.addAll(rolePermissionService.listPermissionUrl(rolePO.getRoleId(), IRolePermissionBaseService.PERMISSION_INSERT));
|
||||||
|
deletes.addAll(rolePermissionService.listPermissionUrl(rolePO.getRoleId(), IRolePermissionBaseService.PERMISSION_DELETE));
|
||||||
|
updates.addAll(rolePermissionService.listPermissionUrl(rolePO.getRoleId(), IRolePermissionBaseService.PERMISSION_UPDATE));
|
||||||
|
queries.addAll(rolePermissionService.listPermissionUrl(rolePO.getRoleId(), IRolePermissionBaseService.PERMISSION_QUERY));
|
||||||
|
}
|
||||||
grantedAuthorities.add(new RoleGrantedAuthorityBO(rolePO.getRoleId(), rolePO.getRoleName(), menuUrls, inserts, deletes, updates, queries));
|
grantedAuthorities.add(new RoleGrantedAuthorityBO(rolePO.getRoleId(), rolePO.getRoleName(), menuUrls, inserts, deletes, updates, queries));
|
||||||
});
|
});
|
||||||
|
|
||||||
}
|
}
|
||||||
return grantedAuthorities;
|
return grantedAuthorities;
|
||||||
}
|
}
|
||||||
|
|||||||
@ -1,7 +1,11 @@
|
|||||||
package ink.wgink.service.role.controller.route;
|
package ink.wgink.service.role.controller.route;
|
||||||
|
|
||||||
import ink.wgink.interfaces.consts.ISystemConstant;
|
import ink.wgink.interfaces.consts.ISystemConstant;
|
||||||
|
import ink.wgink.properties.AccessControlProperties;
|
||||||
|
import ink.wgink.properties.BaseProperties;
|
||||||
|
import ink.wgink.properties.ServerProperties;
|
||||||
import io.swagger.annotations.Api;
|
import io.swagger.annotations.Api;
|
||||||
|
import org.springframework.beans.factory.annotation.Autowired;
|
||||||
import org.springframework.stereotype.Controller;
|
import org.springframework.stereotype.Controller;
|
||||||
import org.springframework.web.bind.annotation.GetMapping;
|
import org.springframework.web.bind.annotation.GetMapping;
|
||||||
import org.springframework.web.bind.annotation.RequestMapping;
|
import org.springframework.web.bind.annotation.RequestMapping;
|
||||||
@ -22,6 +26,9 @@ import org.springframework.web.servlet.ModelAndView;
|
|||||||
@RequestMapping(ISystemConstant.ROUTE_PREFIX + "/role")
|
@RequestMapping(ISystemConstant.ROUTE_PREFIX + "/role")
|
||||||
public class RoleRouteController {
|
public class RoleRouteController {
|
||||||
|
|
||||||
|
@Autowired
|
||||||
|
private AccessControlProperties accessControlProperties;
|
||||||
|
|
||||||
@GetMapping("save")
|
@GetMapping("save")
|
||||||
public ModelAndView save() {
|
public ModelAndView save() {
|
||||||
return new ModelAndView("role/save");
|
return new ModelAndView("role/save");
|
||||||
@ -39,7 +46,9 @@ public class RoleRouteController {
|
|||||||
|
|
||||||
@GetMapping("list")
|
@GetMapping("list")
|
||||||
public ModelAndView list() {
|
public ModelAndView list() {
|
||||||
return new ModelAndView("role/list");
|
ModelAndView mv = new ModelAndView("role/list");
|
||||||
|
mv.addObject("rolePermission", accessControlProperties.getRolePermission());
|
||||||
|
return mv;
|
||||||
}
|
}
|
||||||
|
|
||||||
@GetMapping("data-authority")
|
@GetMapping("data-authority")
|
||||||
|
|||||||
@ -52,6 +52,7 @@
|
|||||||
</div>
|
</div>
|
||||||
</div>
|
</div>
|
||||||
</div>
|
</div>
|
||||||
|
<input type="hidden" id="rolePermission" th:value="${rolePermission}"/>
|
||||||
</div>
|
</div>
|
||||||
<script src="assets/layuiadmin/layui/layui.js"></script>
|
<script src="assets/layuiadmin/layui/layui.js"></script>
|
||||||
<script type="text/javascript">
|
<script type="text/javascript">
|
||||||
@ -70,6 +71,39 @@
|
|||||||
|
|
||||||
// 初始化表格
|
// 初始化表格
|
||||||
function initTable() {
|
function initTable() {
|
||||||
|
var col = [
|
||||||
|
{type:'checkbox', fixed: 'left'},
|
||||||
|
{field:'rowNum', width:80, title: '序号', fixed: 'left', align:'center', templet: '#rowNum'},
|
||||||
|
{field:'users', width:100, title: '人员列表', align:'center',
|
||||||
|
templet: function(item) {
|
||||||
|
return '<button type="button" class="layui-btn layui-btn-xs" lay-event="userEvent"><i class="fa fa-users"></i> 查看</button>';
|
||||||
|
}
|
||||||
|
},
|
||||||
|
{field:'roleName', width:170, title: '角色名称', align:'center',},
|
||||||
|
{field:'roleSummary', width:170, title: '角色说明', align:'center',},
|
||||||
|
{field:'roleCode', width:170, title: '角色编码', align:'center',},
|
||||||
|
|
||||||
|
]
|
||||||
|
if($('#rolePermission').val() == 'true') {
|
||||||
|
col.push({field:'permission', width:190, title: '接口权限', align:'center',
|
||||||
|
templet: function(item) {
|
||||||
|
return '<div class="layui-btn-group">' +
|
||||||
|
'<button type="button" class="layui-btn layui-btn-xs" lay-event="saveEvent"><i class="fa fa-plus"></i> 增</button>' +
|
||||||
|
'<button type="button" class="layui-btn layui-btn-danger layui-btn-xs" lay-event="removeEvent"><i class="fa fa-minus"></i> 删</button>' +
|
||||||
|
'<button type="button" class="layui-btn layui-btn-normal layui-btn-xs" lay-event="updateEvent"><i class="fa fa-pencil"></i> 改</button>' +
|
||||||
|
'<button type="button" class="layui-btn layui-btn-warm layui-btn-xs" lay-event="queryEvent"><i class="fa fa-search"></i> 查</button>'+
|
||||||
|
'</div>'
|
||||||
|
}
|
||||||
|
})
|
||||||
|
}
|
||||||
|
col.push({field:'jurisdiction', width:140, title: '其他权限', align:'center',
|
||||||
|
templet: function(item) {
|
||||||
|
return '<div class="layui-btn-group">' +
|
||||||
|
'<button type="button" class="layui-btn layui-btn-normal layui-btn-xs" lay-event="dataEvent"><i class="fa fa-database"></i> 数据</button>' +
|
||||||
|
'<button type="button" class="layui-btn layui-btn-normal layui-btn-xs" lay-event="menuEvent"><i class="fa fa-list"></i> 菜单</button>'+
|
||||||
|
'</div>'
|
||||||
|
}
|
||||||
|
});
|
||||||
table.render({
|
table.render({
|
||||||
elem: '#dataTable',
|
elem: '#dataTable',
|
||||||
id: 'dataTable',
|
id: 'dataTable',
|
||||||
@ -83,38 +117,7 @@
|
|||||||
pageName: 'page',
|
pageName: 'page',
|
||||||
limitName: 'rows'
|
limitName: 'rows'
|
||||||
},
|
},
|
||||||
cols: [
|
cols: [col],
|
||||||
[
|
|
||||||
{type:'checkbox', fixed: 'left'},
|
|
||||||
{field:'rowNum', width:80, title: '序号', fixed: 'left', align:'center', templet: '#rowNum'},
|
|
||||||
{field:'users', width:100, title: '人员列表', align:'center',
|
|
||||||
templet: function(item) {
|
|
||||||
return '<button type="button" class="layui-btn layui-btn-xs" lay-event="userEvent"><i class="fa fa-users"></i> 查看</button>';
|
|
||||||
}
|
|
||||||
},
|
|
||||||
{field:'roleName', width:170, title: '角色名称', align:'center',},
|
|
||||||
{field:'roleSummary', width:170, title: '角色说明', align:'center',},
|
|
||||||
{field:'roleCode', width:170, title: '角色编码', align:'center',},
|
|
||||||
{field:'jurisdiction', width:190, title: '接口权限', align:'center',
|
|
||||||
templet: function(item) {
|
|
||||||
return '<div class="layui-btn-group">' +
|
|
||||||
'<button type="button" class="layui-btn layui-btn-xs" lay-event="saveEvent"><i class="fa fa-plus"></i> 增</button>' +
|
|
||||||
'<button type="button" class="layui-btn layui-btn-danger layui-btn-xs" lay-event="removeEvent"><i class="fa fa-minus"></i> 删</button>' +
|
|
||||||
'<button type="button" class="layui-btn layui-btn-normal layui-btn-xs" lay-event="updateEvent"><i class="fa fa-pencil"></i> 改</button>' +
|
|
||||||
'<button type="button" class="layui-btn layui-btn-warm layui-btn-xs" lay-event="queryEvent"><i class="fa fa-search"></i> 查</button>'+
|
|
||||||
'</div>'
|
|
||||||
}
|
|
||||||
},
|
|
||||||
{field:'jurisdiction', width:140, title: '其他权限', align:'center',
|
|
||||||
templet: function(item) {
|
|
||||||
return '<div class="layui-btn-group">' +
|
|
||||||
'<button type="button" class="layui-btn layui-btn-normal layui-btn-xs" lay-event="dataEvent"><i class="fa fa-database"></i> 数据</button>' +
|
|
||||||
'<button type="button" class="layui-btn layui-btn-normal layui-btn-xs" lay-event="menuEvent"><i class="fa fa-list"></i> 菜单</button>'+
|
|
||||||
'</div>'
|
|
||||||
}
|
|
||||||
},
|
|
||||||
]
|
|
||||||
],
|
|
||||||
page: true,
|
page: true,
|
||||||
parseData: function(data) {
|
parseData: function(data) {
|
||||||
return {
|
return {
|
||||||
|
|||||||
Loading…
Reference in New Issue
Block a user