Tenlion/wg-basic
5
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

修复了角色、权限、菜单等问题

Browse Source
This commit is contained in:
wanggeng888 2021-04-07 23:10:07 +08:00
parent f205e4652c
commit ad2824c6dd
17 changed files with 264 additions and 34 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

6
basic-app/src/main/java/ink/wgink/app/filter/AppTokenFilter.java
View File

@ -65,11 +65,11 @@ public class AppTokenFilter extends GenericFilterBean implements InitializingBea
/**
* APP下载
*/
private static final String URL_DOWNLOAD_APP = "/**/app/appversion/downloadapp/**";
private static final String URL_DOWNLOAD_APP = "/**/app/appversion/download/**";
/**
* APP版本号
*/
private static final String URL_APP_VERSION_NUM = "/**/app/appversion/getappversionnumber/**";
private static final String URL_APP_VERSION_NUM = "/**/app/appversion/getnumber/**";
/**
* APP放行
*/
@ -85,7 +85,7 @@ public class AppTokenFilter extends GenericFilterBean implements InitializingBea
HttpServletResponse response = (HttpServletResponse) servletResponse;
String requestUri = request.getRequestURI();
// 非app 放行
boolean appMatcher = antPathMatcher.match("/**/app*/**", requestUri);
boolean appMatcher = antPathMatcher.match("/**/app/**", requestUri);
if (!appMatcher) {
filterChain.doFilter(request, response);
return;

14
basic-interface/src/main/java/ink/wgink/interfaces/app/IAppSignBaseService.java Normal file
View File

@ -0,0 +1,14 @@
package ink.wgink.interfaces.app;
/**
* When you feel like quitting. Think about why you started
* 当你想要放弃的时候想想当初你为何开始
*
* @ClassName: IAppSignBaseService
* @Description: app登录
* @Author: wanggeng
* @Date: 2021/4/7 7:09 下午
* @Version: 1.0
*/
public interface IAppSignBaseService {
}

17
basic-interface/src/main/java/ink/wgink/interfaces/role/IRolePermissionBaseService.java
View File

@ -17,6 +17,23 @@ import java.util.Map;
**/
public interface IRolePermissionBaseService {
/**
* 新增权限
*/
String PERMISSION_INSERT = "insert";
/**
* 删除权限
*/
String PERMISSION_DELETE = "delete";
/**
* 修改权限
*/
String PERMISSION_UPDATE = "update";
/**
* 查询权限
*/
String PERMISSION_QUERY = "query";
/**
* 权限列表
*

2
common/src/main/java/ink/wgink/common/handler/AccessDenyHandler.java
View File

@ -1,6 +1,7 @@
package ink.wgink.common.handler;
import com.alibaba.fastjson.JSONObject;
import ink.wgink.interfaces.consts.ISystemConstant;
import ink.wgink.pojo.result.ErrorResult;
import org.springframework.http.HttpStatus;
import org.springframework.http.MediaType;
@ -23,6 +24,7 @@ public class AccessDenyHandler implements AccessDeniedHandler {
@Override
public void handle(HttpServletRequest request, HttpServletResponse response, AccessDeniedException accessDeniedException) throws IOException, ServletException {
response.setCharacterEncoding(ISystemConstant.CHARSET_UTF8);
String contentType = request.getContentType();
if (contentType != null && contentType.contains(MediaType.APPLICATION_JSON_VALUE)) {
response.setContentType(MediaType.APPLICATION_JSON_VALUE);

24
common/src/main/java/ink/wgink/common/service/rbac/impl/RbacServiceImpl.java
View File

@ -49,7 +49,6 @@ public class RbacServiceImpl implements IRbacService {
AntPathMatcher antPathMatcher = new AntPathMatcher();
String contextPath = request.getContextPath();
// 校验权限
for (GrantedAuthority grantedAuthority : grantedAuthorities) {
RoleGrantedAuthorityBO roleGrantedAuthority;
@ -85,6 +84,11 @@ public class RbacServiceImpl implements IRbacService {
hasPermission = true;
break;
}
if (hasMenuPermission(contextPath, requestURI, roleGrantedAuthority, antPathMatcher)) {
LOG.debug("权限校验URI{},有菜单权限", requestURI);
hasPermission = true;
break;
}
// 新增权限
if (hasInsertPermission(contextPath, requestURI, roleGrantedAuthority, antPathMatcher)) {
LOG.debug("权限校验URI{},有新增权限", requestURI);
@ -134,6 +138,24 @@ public class RbacServiceImpl implements IRbacService {
return false;
}
/**
* 接口的菜单权限
*
* @param uri
* @param roleGrantedAuthority
* @param antPathMatcher
* @return
*/
private boolean hasMenuPermission(String contextPath, String uri, RoleGrantedAuthorityBO roleGrantedAuthority, AntPathMatcher antPathMatcher) {
List<String> menus = roleGrantedAuthority.getMenus();
for (String menu : menus) {
if (antPathMatcher.match(contextPath + menu, uri)) {
return true;
}
}
return false;
}
/**
* 接口的新增权限
*

4
login-base/src/main/java/ink/wgink/login/base/controller/route/IndexRouteController.java
View File

@ -93,7 +93,7 @@ public class IndexRouteController {
} else {
// 普通用户
List<RolePO> rolePOs = securityComponent.getCurrentUser().getRoles();
if (!rolePOs.isEmpty()) {
if (rolePOs.isEmpty()) {
menus = new ArrayList<>();
} else {
List<String> roleIds = new ArrayList<>();
@ -101,7 +101,7 @@ public class IndexRouteController {
roleIds.add(rolePO.getRoleId());
}
List<String> menuIds = roleMenuBaseService.listMenuId(roleIds);
menus = menuBaseService.listAllByParentIdAndIds("0", menuIds);
menus = menuBaseService.listAllByParentIdAndIds(IMenuBaseService.MENU_UNIFIED_USER, menuIds);
}
}
mv.addObject("menus", menus);

8
login-base/src/main/java/ink/wgink/login/base/controller/route/config/ConfigRouteController.java
View File

@ -1,5 +1,6 @@
package ink.wgink.login.base.controller.route.config;
import ink.wgink.interfaces.app.IAppSignBaseService;
import ink.wgink.interfaces.consts.ISystemConstant;
import ink.wgink.login.base.manager.ConfigManager;
import ink.wgink.login.base.service.IDingDingService;
@ -32,16 +33,21 @@ public class ConfigRouteController {
private IUKeyService uKeyService;
@Autowired(required = false)
private IDingDingService dingDingService;
@Autowired(required = false)
private IAppSignBaseService appSignBaseService;
@GetMapping("update")
public ModelAndView update() {
ModelAndView mv = new ModelAndView("config/update");
if(uKeyService != null) {
if (uKeyService != null) {
mv.addObject("uKeyLogin", "uKeyLogin");
}
if (dingDingService != null) {
mv.addObject("dingDingScanLogin", "dingDingScanLogin");
}
if (appSignBaseService != null) {
mv.addObject("appLogin", "appLogin");
}
return mv;
}

116
login-base/src/main/java/ink/wgink/login/base/service/BaseAppSignService.java Normal file
View File

@ -0,0 +1,116 @@
package ink.wgink.login.base.service;
import com.alibaba.fastjson.JSONObject;
import ink.wgink.common.base.DefaultBaseService;
import ink.wgink.interfaces.consts.ISystemConstant;
import ink.wgink.interfaces.group.IGroupUserBaseService;
import ink.wgink.interfaces.position.IPositionUserBaseService;
import ink.wgink.interfaces.role.IRoleUserBaseService;
import ink.wgink.pojo.pos.DepartmentPO;
import ink.wgink.pojo.pos.GroupPO;
import ink.wgink.pojo.pos.PositionPO;
import ink.wgink.pojo.pos.RolePO;
import ink.wgink.service.department.service.IDepartmentUserService;
import ink.wgink.service.user.pojo.pos.UserPO;
import ink.wgink.util.AesUtil;
import org.apache.commons.codec.binary.Base64;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.stereotype.Service;
import java.io.UnsupportedEncodingException;
import java.util.ArrayList;
import java.util.HashMap;
import java.util.List;
import java.util.Map;
/**
* When you feel like quitting. Think about why you started
* 当你想要放弃的时候想想当初你为何开始
*
* @ClassName: BaseAppSignService
* @Description: APP登录基础业务
* @Author: wanggeng
* @Date: 2021/4/7 5:40 下午
* @Version: 1.0
*/
@Service
public class BaseAppSignService extends DefaultBaseService {
@Autowired
private IDepartmentUserService departmentUserService;
@Autowired(required = false)
private IRoleUserBaseService roleUserBaseService;
@Autowired(required = false)
private IPositionUserBaseService positionUserBaseService;
@Autowired(required = false)
private IGroupUserBaseService groupUserBaseService;
/**
* 获取token
*
* @param userPO
* @return
* @throws Exception
*/
protected String getToken(UserPO userPO) throws UnsupportedEncodingException {
Map<String, Object> userInfo = new HashMap<>(8);
// 这个参数是token认证标识
userInfo.put(ISystemConstant.APP_TOKEN_SIGN, ISystemConstant.APP_TOKEN_VERIFY + System.currentTimeMillis());
userInfo.put("id", userPO.getUserId());
userInfo.put("name", userPO.getUserName());
userInfo.put("avatar", userPO.getUserAvatar());
userInfo.put("username", userPO.getUserUsername());
userInfo.put("phone", userPO.getUserPhone());
userInfo.put("email", userPO.getUserEmail());
LOG.debug("人员部门列表");
List<DepartmentPO> departmentPOs = departmentUserService.listDepartmentPOByUserId(userPO.getUserId());
List<Map<String, Object>> departments = new ArrayList<>();
for (DepartmentPO departmentPO : departmentPOs) {
Map<String, Object> departmentMap = new HashMap<>(4);
departmentMap.put("departmentId", departmentPO.getDepartmentId());
departmentMap.put("departmentName", departmentPO.getDepartmentName());
departments.add(departmentMap);
}
userInfo.put("departments", departments);
if (roleUserBaseService != null) {
LOG.debug("人员角色列表");
List<RolePO> rolePOs = roleUserBaseService.listRolePOByUserId(userPO.getUserId());
List<Map<String, Object>> roles = new ArrayList<>();
for (RolePO rolePO : rolePOs) {
Map<String, Object> roleMap = new HashMap<>(4);
roleMap.put("roleId", rolePO.getRoleId());
roleMap.put("roleName", rolePO.getRoleName());
roles.add(roleMap);
}
userInfo.put("roles", roles);
}
if (positionUserBaseService != null) {
LOG.debug("人员职位列表");
List<PositionPO> positionPOs = positionUserBaseService.listPositionPOByUserId(userPO.getUserId());
List<Map<String, Object>> positions = new ArrayList<>();
for (PositionPO positionPO : positionPOs) {
Map<String, Object> positionMap = new HashMap<>(2);
positionMap.put("positionId", positionPO.getPositionId());
positionMap.put("positionName", positionPO.getPositionName());
positions.add(positionMap);
}
userInfo.put("positions", positions);
}
if (groupUserBaseService != null) {
LOG.debug("人员组列表");
List<GroupPO> groupPOs = groupUserBaseService.listGroupPOByUserId(userPO.getUserId());
List<Map<String, Object>> groups = new ArrayList<>();
for (GroupPO groupPO : groupPOs) {
Map<String, Object> groupMap = new HashMap<>(2);
groupMap.put("groupId", groupPO.getGroupId());
groupMap.put("groupName", groupPO.getGroupName());
groups.add(groupMap);
}
userInfo.put("groups", groups);
}
LOG.debug("userInfo: " + userInfo);
return Base64.encodeBase64String(AesUtil.aesCommonEncoder(ISystemConstant.APP_TOKEN_AES_KEY, JSONObject.toJSONString(userInfo)).getBytes("UTF-8"));
}
}

10
login-base/src/main/java/ink/wgink/login/base/service/user/UserDetailServiceImpl.java
View File

@ -108,7 +108,7 @@ public class UserDetailServiceImpl implements UserDetailsService, IUserDetailChe
}
LOG.debug("设置部门状态");
List<DepartmentPO> departmentPOs = departmentUserService.listDepartmentPOBYUserId(userPO.getUserId());
List<DepartmentPO> departmentPOs = departmentUserService.listDepartmentPOByUserId(userPO.getUserId());
loginUser.setDepartments(departmentPOs);
if (groupUserBaseService != null) {
@ -209,10 +209,10 @@ public class UserDetailServiceImpl implements UserDetailsService, IUserDetailChe
if (null != rolePOs && !rolePOs.isEmpty()) {
rolePOs.forEach((rolePO) -> {
List<String> menuUrls = roleMenuBaseService.listMenuUrl(rolePO.getRoleId());
List<String> inserts = rolePermissionService.listPermissionUrl(rolePO.getRoleId(), IPermissionBaseService.PERMISSION_INSERT);
List<String> deletes = rolePermissionService.listPermissionUrl(rolePO.getRoleId(), IPermissionBaseService.PERMISSION_DELETE);
List<String> updates = rolePermissionService.listPermissionUrl(rolePO.getRoleId(), IPermissionBaseService.PERMISSION_UPDATE);
List<String> queries = rolePermissionService.listPermissionUrl(rolePO.getRoleId(), IPermissionBaseService.PERMISSION_QUERY);
List<String> inserts = rolePermissionService.listPermissionUrl(rolePO.getRoleId(), IRolePermissionBaseService.PERMISSION_INSERT);
List<String> deletes = rolePermissionService.listPermissionUrl(rolePO.getRoleId(), IRolePermissionBaseService.PERMISSION_DELETE);
List<String> updates = rolePermissionService.listPermissionUrl(rolePO.getRoleId(), IRolePermissionBaseService.PERMISSION_UPDATE);
List<String> queries = rolePermissionService.listPermissionUrl(rolePO.getRoleId(), IRolePermissionBaseService.PERMISSION_QUERY);
grantedAuthorities.add(new RoleGrantedAuthorityBO(rolePO.getRoleId(), rolePO.getRoleName(), menuUrls, inserts, deletes, updates, queries));
});
}

3
login-base/src/main/resources/templates/config/update.html
View File

@ -166,7 +166,7 @@
</div>
</div>
</div>
<div class="layui-card">
<div class="layui-card" th:if="${appLogin eq 'appLogin'}">
<div class="layui-card-header">
<span class="layui-breadcrumb" lay-filter="breadcrumb" style="visibility: visible;">
<a href="javascript:void(0);"><cite>APP允许绑定设备数量0为不限制</cite></a>
@ -181,6 +181,7 @@
</div>
</div>
</div>
<input type="hidden" name="appDeviceCount" value="0" th:if="${appLogin ne 'appLogin'}">
<div class="layui-card">
<div class="layui-card-header">
<span class="layui-breadcrumb" lay-filter="breadcrumb" style="visibility: visible;">

2
service-department/src/main/java/ink/wgink/service/department/service/IDepartmentUserService.java
View File

@ -65,5 +65,5 @@ public interface IDepartmentUserService extends IDepartmentUserBaseService {
* @param userId 用户ID
* @return
*/
List<DepartmentPO> listDepartmentPOBYUserId(String userId);
List<DepartmentPO> listDepartmentPOByUserId(String userId);
}

2
service-department/src/main/java/ink/wgink/service/department/service/impl/DepartmentUserServiceImpl.java
View File

@ -114,7 +114,7 @@ public class DepartmentUserServiceImpl extends DefaultBaseService implements IDe
}
@Override
public List<DepartmentPO> listDepartmentPOBYUserId(String userId) {
public List<DepartmentPO> listDepartmentPOByUserId(String userId) {
Map<String, Object> params = getHashMap(2);
params.put("userId", userId);
List<String> departmentIds = departmentUserDao.listDepartmentId(params);

33
service-menu/src/main/java/ink/wgink/module/menu/startup/ServiceMenuStartUp.java
View File

@ -1,5 +1,6 @@
package ink.wgink.module.menu.startup;
import ink.wgink.interfaces.app.IAppSignBaseService;
import ink.wgink.interfaces.config.ISystemConfigCheckService;
import ink.wgink.interfaces.department.IDepartmentCheckService;
import ink.wgink.interfaces.dictionary.IDictionaryCheckService;
@ -58,6 +59,8 @@ public class ServiceMenuStartUp implements ApplicationRunner {
private IRoleCheckService roleCheckService;
@Autowired(required = false)
private IUserDetailCheckService userDetailCheckService;
@Autowired(required = false)
private IAppSignBaseService appSignBaseService;
@Override
public void run(ApplicationArguments args) throws Exception {
@ -130,6 +133,7 @@ public class ServiceMenuStartUp implements ApplicationRunner {
initDataManager(params, menuId);
initAreaManager(params, menuId);
initConfigManager(params, menuId);
initAppVersionMenu(params, menuId);
}
/**
@ -245,6 +249,35 @@ public class ServiceMenuStartUp implements ApplicationRunner {
}
}
/**
* 初始化APP版本管理
*
* @param params
* @param menuParentId
*/
public void initAppVersionMenu(Map<String, Object> params, String menuParentId) {
if (appSignBaseService == null) {
return;
}
LOG.debug("初始化菜单APP版本管理");
params.remove("menuId");
params.put("menuCode", "000100010005");
MenuDTO menuDTO = menuDao.getSimple(params);
if (menuDTO == null) {
params.put("menuId", UUIDUtil.getUUID());
params.put("menuParentId", menuParentId);
params.put("menuName", "APP版本管理");
params.put("menuSummary", "APP版本管理");
params.put("menuUrl", "/route/appversion/list");
params.put("menuType", "1");
params.put("menuIcon", "fa-icon-color-white fa fa-tv");
params.put("menuOrder", "5");
params.put("menuStatus", "0");
params.put("openType", "1");
menuDao.save(params);
}
}
/**
* 用户权限管理
*

8
service-role/src/main/java/ink/wgink/service/role/dao/IRoleUserDao.java
View File

@ -54,6 +54,14 @@ public interface IRoleUserDao {
*/
List<String> listUserId(Map<String, Object> params) throws SearchException;
/**
* 角色列表
* @param params
* @return
* @throws SearchException
*/
List<String> listRoleId(Map<String, Object> params) throws SearchException;
/**
* 用户ID列表
*

17
service-role/src/main/java/ink/wgink/service/role/service/IRolePermissionService.java
View File

@ -19,23 +19,6 @@ import java.util.Map;
**/
public interface IRolePermissionService extends IRolePermissionBaseService {
/**
* 新增权限
*/
String PERMISSION_INSERT = "insert";
/**
* 删除权限
*/
String PERMISSION_DELETE = "delete";
/**
* 修改权限
*/
String PERMISSION_UPDATE = "update";
/**
* 查询权限
*/
String PERMISSION_QUERY = "query";
/**
* 更新权限
*

11
service-role/src/main/java/ink/wgink/service/role/service/impl/RoleUserServiceImpl.java
View File

@ -9,6 +9,7 @@ import ink.wgink.pojo.dtos.user.UserDTO;
import ink.wgink.pojo.pos.RolePO;
import ink.wgink.pojo.result.SuccessResultList;
import ink.wgink.service.role.dao.IRoleUserDao;
import ink.wgink.service.role.service.IRoleService;
import ink.wgink.service.role.service.IRoleUserService;
import org.apache.commons.lang3.StringUtils;
import org.springframework.beans.factory.annotation.Autowired;
@ -35,6 +36,8 @@ public class RoleUserServiceImpl extends DefaultBaseService implements IRoleUser
@Autowired
private IRoleUserDao roleUserDao;
@Autowired
private IRoleService roleService;
@Autowired
private IUserBaseService userBaseService;
@Override
@ -91,7 +94,13 @@ public class RoleUserServiceImpl extends DefaultBaseService implements IRoleUser
@Override
public List<RolePO> listRolePOByUserId(String userId) {
return null;
Map<String, Object> params = getHashMap(2);
params.put("userId", userId);
List<String> roleIds = roleUserDao.listRoleId(params);
if (roleIds.isEmpty()) {
return new ArrayList<>();
}
return roleService.listPO(roleIds);
}

21
service-role/src/main/resources/mybatis/mapper/role-user-mapper.xml
View File

@ -69,8 +69,27 @@
</if>
</select>
<!-- 角色ID列表 -->
<select id="listRoleId" parameterType="map" resultType="java.lang.String" useCache="true">
SELECT
role_id
FROM
sys_role_user
WHERE
<if test="userId != null and userId != ''">
user_id = #{userId}
</if>
<if test="userIds != null and userIds.size > 0">
user_id IN (
<foreach collection="userIds" index="index" open="(" separator="," close=")">
#{userIds[${index}]}
</foreach>
)
</if>
</select>
<!-- 用户ID列表 -->
<select id="listRoleUserId" parameterType="map" resultType="java.lang.String" useCache="true">
<select id="listGroupUserId" parameterType="map" resultType="java.lang.String" useCache="true">
SELECT
user_id
FROM