Tenlion/wg-basic
5
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

新增了增删改查权限校验省略配置

Browse Source
This commit is contained in:
wanggeng 2021-07-26 23:47:46 +08:00
parent 028c8492d1
commit 005b775a7c
5 changed files with 79 additions and 38 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

13
basic-properties/src/main/java/ink/wgink/properties/AccessControlProperties.java
View File

@ -17,8 +17,17 @@ import java.util.List;
@ConfigurationProperties(prefix = "access-control")
public class AccessControlProperties {
private Boolean rolePermission;
private List<String> passPaths = new ArrayList<>(0);
public Boolean getRolePermission() {
return rolePermission == null ? true: rolePermission;
}
public void setRolePermission(Boolean rolePermission) {
this.rolePermission = rolePermission;
}
public List<String> getPassPaths() {
if (passPaths == null) {
return new ArrayList<>();
@ -33,7 +42,9 @@ public class AccessControlProperties {
@Override
public String toString() {
final StringBuilder sb = new StringBuilder("{");
sb.append("\"passPaths\":")
sb.append("\"rolePermission\":")
.append(rolePermission);
sb.append(",\"passPaths\":")
.append(passPaths);
sb.append('}');
return sb.toString();

6
common/src/main/java/ink/wgink/common/service/rbac/impl/RbacServiceImpl.java
View File

@ -32,6 +32,7 @@ public class RbacServiceImpl implements IRbacService {
private static final Logger LOG = LoggerFactory.getLogger(RbacServiceImpl.class);
@Autowired
private AccessControlProperties accessControlProperties;
/**
* 根路径
*/
@ -89,6 +90,11 @@ public class RbacServiceImpl implements IRbacService {
hasPermission = true;
break;
}
if (!accessControlProperties.getRolePermission()) {
LOG.debug("不校验URI的增、删、改、查权限");
hasPermission = true;
break;
}
// 新增权限
if (hasInsertPermission(contextPath, requestURI, roleGrantedAuthority, antPathMatcher)) {
LOG.debug("权限校验URI{},有新增权限", requestURI);

20
login-base/src/main/java/ink/wgink/login/base/service/user/UserDetailServiceImpl.java
View File

@ -17,6 +17,8 @@ import ink.wgink.pojo.pos.DepartmentPO;
import ink.wgink.pojo.pos.GroupPO;
import ink.wgink.pojo.pos.PositionPO;
import ink.wgink.pojo.pos.RolePO;
import ink.wgink.properties.AccessControlProperties;
import ink.wgink.properties.BaseProperties;
import ink.wgink.service.department.service.IDepartmentUserService;
import ink.wgink.service.user.pojo.pos.UserPO;
import ink.wgink.service.user.service.IUserService;
@ -62,6 +64,8 @@ public class UserDetailServiceImpl implements UserDetailsService, IUserDetailChe
private IDepartmentUserService departmentUserService;
@Autowired
private IUserService userService;
@Autowired
private AccessControlProperties accessControlProperties;
public UserDetailServiceImpl() {
super();
@ -226,14 +230,22 @@ public class UserDetailServiceImpl implements UserDetailsService, IUserDetailChe
private List<GrantedAuthority> loadRoleAuthority(List<RolePO> rolePOs) {
List<GrantedAuthority> grantedAuthorities = new ArrayList<>();
if (null != rolePOs && !rolePOs.isEmpty()) {
// 设置菜单权限
rolePOs.forEach((rolePO) -> {
List<String> menuUrls = roleMenuBaseService.listMenuUrl(rolePO.getRoleId());
List<String> inserts = rolePermissionService.listPermissionUrl(rolePO.getRoleId(), IRolePermissionBaseService.PERMISSION_INSERT);
List<String> deletes = rolePermissionService.listPermissionUrl(rolePO.getRoleId(), IRolePermissionBaseService.PERMISSION_DELETE);
List<String> updates = rolePermissionService.listPermissionUrl(rolePO.getRoleId(), IRolePermissionBaseService.PERMISSION_UPDATE);
List<String> queries = rolePermissionService.listPermissionUrl(rolePO.getRoleId(), IRolePermissionBaseService.PERMISSION_QUERY);
List<String> inserts = new ArrayList<>();
List<String> deletes = new ArrayList<>();
List<String> updates = new ArrayList<>();
List<String> queries = new ArrayList<>();
if (accessControlProperties.getRolePermission()) {
inserts.addAll(rolePermissionService.listPermissionUrl(rolePO.getRoleId(), IRolePermissionBaseService.PERMISSION_INSERT));
deletes.addAll(rolePermissionService.listPermissionUrl(rolePO.getRoleId(), IRolePermissionBaseService.PERMISSION_DELETE));
updates.addAll(rolePermissionService.listPermissionUrl(rolePO.getRoleId(), IRolePermissionBaseService.PERMISSION_UPDATE));
queries.addAll(rolePermissionService.listPermissionUrl(rolePO.getRoleId(), IRolePermissionBaseService.PERMISSION_QUERY));
}
grantedAuthorities.add(new RoleGrantedAuthorityBO(rolePO.getRoleId(), rolePO.getRoleName(), menuUrls, inserts, deletes, updates, queries));
});
}
return grantedAuthorities;
}

11
service-role/src/main/java/ink/wgink/service/role/controller/route/RoleRouteController.java
View File

@ -1,7 +1,11 @@
package ink.wgink.service.role.controller.route;
import ink.wgink.interfaces.consts.ISystemConstant;
import ink.wgink.properties.AccessControlProperties;
import ink.wgink.properties.BaseProperties;
import ink.wgink.properties.ServerProperties;
import io.swagger.annotations.Api;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.stereotype.Controller;
import org.springframework.web.bind.annotation.GetMapping;
import org.springframework.web.bind.annotation.RequestMapping;
@ -22,6 +26,9 @@ import org.springframework.web.servlet.ModelAndView;
@RequestMapping(ISystemConstant.ROUTE_PREFIX + "/role")
public class RoleRouteController {
@Autowired
private AccessControlProperties accessControlProperties;
@GetMapping("save")
public ModelAndView save() {
return new ModelAndView("role/save");
@ -39,7 +46,9 @@ public class RoleRouteController {
@GetMapping("list")
public ModelAndView list() {
return new ModelAndView("role/list");
ModelAndView mv = new ModelAndView("role/list");
mv.addObject("rolePermission", accessControlProperties.getRolePermission());
return mv;
}
@GetMapping("data-authority")

67
service-role/src/main/resources/templates/role/list.html
View File

@ -52,6 +52,7 @@
</div>
</div>
</div>
<input type="hidden" id="rolePermission" th:value="${rolePermission}"/>
</div>
<script src="assets/layuiadmin/layui/layui.js"></script>
<script type="text/javascript">
@ -70,6 +71,39 @@
// 初始化表格
function initTable() {
var col = [
{type:'checkbox', fixed: 'left'},
{field:'rowNum', width:80, title: '序号', fixed: 'left', align:'center', templet: '#rowNum'},
{field:'users', width:100, title: '人员列表', align:'center',
templet: function(item) {
return '<button type="button" class="layui-btn layui-btn-xs" lay-event="userEvent"><i class="fa fa-users"></i> 查看</button>';
}
},
{field:'roleName', width:170, title: '角色名称', align:'center',},
{field:'roleSummary', width:170, title: '角色说明', align:'center',},
{field:'roleCode', width:170, title: '角色编码', align:'center',},
]
if($('#rolePermission').val() == 'true') {
col.push({field:'permission', width:190, title: '接口权限', align:'center',
templet: function(item) {
return '<div class="layui-btn-group">' +
'<button type="button" class="layui-btn layui-btn-xs" lay-event="saveEvent"><i class="fa fa-plus"></i></button>' +
'<button type="button" class="layui-btn layui-btn-danger layui-btn-xs" lay-event="removeEvent"><i class="fa fa-minus"></i></button>' +
'<button type="button" class="layui-btn layui-btn-normal layui-btn-xs" lay-event="updateEvent"><i class="fa fa-pencil"></i></button>' +
'<button type="button" class="layui-btn layui-btn-warm layui-btn-xs" lay-event="queryEvent"><i class="fa fa-search"></i></button>'+
'</div>'
}
})
}
col.push({field:'jurisdiction', width:140, title: '其他权限', align:'center',
templet: function(item) {
return '<div class="layui-btn-group">' +
'<button type="button" class="layui-btn layui-btn-normal layui-btn-xs" lay-event="dataEvent"><i class="fa fa-database"></i> 数据</button>' +
'<button type="button" class="layui-btn layui-btn-normal layui-btn-xs" lay-event="menuEvent"><i class="fa fa-list"></i> 菜单</button>'+
'</div>'
}
});
table.render({
elem: '#dataTable',
id: 'dataTable',
@ -83,38 +117,7 @@
pageName: 'page',
limitName: 'rows'
},
cols: [
[
{type:'checkbox', fixed: 'left'},
{field:'rowNum', width:80, title: '序号', fixed: 'left', align:'center', templet: '#rowNum'},
{field:'users', width:100, title: '人员列表', align:'center',
templet: function(item) {
return '<button type="button" class="layui-btn layui-btn-xs" lay-event="userEvent"><i class="fa fa-users"></i> 查看</button>';
}
},
{field:'roleName', width:170, title: '角色名称', align:'center',},
{field:'roleSummary', width:170, title: '角色说明', align:'center',},
{field:'roleCode', width:170, title: '角色编码', align:'center',},
{field:'jurisdiction', width:190, title: '接口权限', align:'center',
templet: function(item) {
return '<div class="layui-btn-group">' +
'<button type="button" class="layui-btn layui-btn-xs" lay-event="saveEvent"><i class="fa fa-plus"></i></button>' +
'<button type="button" class="layui-btn layui-btn-danger layui-btn-xs" lay-event="removeEvent"><i class="fa fa-minus"></i></button>' +
'<button type="button" class="layui-btn layui-btn-normal layui-btn-xs" lay-event="updateEvent"><i class="fa fa-pencil"></i></button>' +
'<button type="button" class="layui-btn layui-btn-warm layui-btn-xs" lay-event="queryEvent"><i class="fa fa-search"></i></button>'+
'</div>'
}
},
{field:'jurisdiction', width:140, title: '其他权限', align:'center',
templet: function(item) {
return '<div class="layui-btn-group">' +
'<button type="button" class="layui-btn layui-btn-normal layui-btn-xs" lay-event="dataEvent"><i class="fa fa-database"></i> 数据</button>' +
'<button type="button" class="layui-btn layui-btn-normal layui-btn-xs" lay-event="menuEvent"><i class="fa fa-list"></i> 菜单</button>'+
'</div>'
}
},
]
],
cols: [col],
page: true,
parseData: function(data) {
return {