diff --git a/basic-app/src/main/java/ink/wgink/app/filter/AppTokenFilter.java b/basic-app/src/main/java/ink/wgink/app/filter/AppTokenFilter.java index 0848921f..823fe591 100644 --- a/basic-app/src/main/java/ink/wgink/app/filter/AppTokenFilter.java +++ b/basic-app/src/main/java/ink/wgink/app/filter/AppTokenFilter.java @@ -65,11 +65,11 @@ public class AppTokenFilter extends GenericFilterBean implements InitializingBea /** * APP下载 */ - private static final String URL_DOWNLOAD_APP = "/**/app/appversion/downloadapp/**"; + private static final String URL_DOWNLOAD_APP = "/**/app/appversion/download/**"; /** * APP版本号 */ - private static final String URL_APP_VERSION_NUM = "/**/app/appversion/getappversionnumber/**"; + private static final String URL_APP_VERSION_NUM = "/**/app/appversion/getnumber/**"; /** * APP放行 */ @@ -85,7 +85,7 @@ public class AppTokenFilter extends GenericFilterBean implements InitializingBea HttpServletResponse response = (HttpServletResponse) servletResponse; String requestUri = request.getRequestURI(); // 非app 放行 - boolean appMatcher = antPathMatcher.match("/**/app*/**", requestUri); + boolean appMatcher = antPathMatcher.match("/**/app/**", requestUri); if (!appMatcher) { filterChain.doFilter(request, response); return; diff --git a/basic-interface/src/main/java/ink/wgink/interfaces/app/IAppSignBaseService.java b/basic-interface/src/main/java/ink/wgink/interfaces/app/IAppSignBaseService.java new file mode 100644 index 00000000..70eabd53 --- /dev/null +++ b/basic-interface/src/main/java/ink/wgink/interfaces/app/IAppSignBaseService.java @@ -0,0 +1,14 @@ +package ink.wgink.interfaces.app; + +/** + * When you feel like quitting. Think about why you started + * 当你想要放弃的时候,想想当初你为何开始 + * + * @ClassName: IAppSignBaseService + * @Description: app登录 + * @Author: wanggeng + * @Date: 2021/4/7 7:09 下午 + * @Version: 1.0 + */ +public interface IAppSignBaseService { +} diff --git a/basic-interface/src/main/java/ink/wgink/interfaces/role/IRolePermissionBaseService.java b/basic-interface/src/main/java/ink/wgink/interfaces/role/IRolePermissionBaseService.java index 817d7ff5..8f2bcfb2 100644 --- a/basic-interface/src/main/java/ink/wgink/interfaces/role/IRolePermissionBaseService.java +++ b/basic-interface/src/main/java/ink/wgink/interfaces/role/IRolePermissionBaseService.java @@ -17,6 +17,23 @@ import java.util.Map; **/ public interface IRolePermissionBaseService { + /** + * 新增权限 + */ + String PERMISSION_INSERT = "insert"; + /** + * 删除权限 + */ + String PERMISSION_DELETE = "delete"; + /** + * 修改权限 + */ + String PERMISSION_UPDATE = "update"; + /** + * 查询权限 + */ + String PERMISSION_QUERY = "query"; + /** * 权限列表 * diff --git a/common/src/main/java/ink/wgink/common/handler/AccessDenyHandler.java b/common/src/main/java/ink/wgink/common/handler/AccessDenyHandler.java index 7e6eb5f5..0fd358b3 100644 --- a/common/src/main/java/ink/wgink/common/handler/AccessDenyHandler.java +++ b/common/src/main/java/ink/wgink/common/handler/AccessDenyHandler.java @@ -1,6 +1,7 @@ package ink.wgink.common.handler; import com.alibaba.fastjson.JSONObject; +import ink.wgink.interfaces.consts.ISystemConstant; import ink.wgink.pojo.result.ErrorResult; import org.springframework.http.HttpStatus; import org.springframework.http.MediaType; @@ -23,6 +24,7 @@ public class AccessDenyHandler implements AccessDeniedHandler { @Override public void handle(HttpServletRequest request, HttpServletResponse response, AccessDeniedException accessDeniedException) throws IOException, ServletException { + response.setCharacterEncoding(ISystemConstant.CHARSET_UTF8); String contentType = request.getContentType(); if (contentType != null && contentType.contains(MediaType.APPLICATION_JSON_VALUE)) { response.setContentType(MediaType.APPLICATION_JSON_VALUE); diff --git a/common/src/main/java/ink/wgink/common/service/rbac/impl/RbacServiceImpl.java b/common/src/main/java/ink/wgink/common/service/rbac/impl/RbacServiceImpl.java index 3df5b2b0..fd8b716a 100644 --- a/common/src/main/java/ink/wgink/common/service/rbac/impl/RbacServiceImpl.java +++ b/common/src/main/java/ink/wgink/common/service/rbac/impl/RbacServiceImpl.java @@ -49,7 +49,6 @@ public class RbacServiceImpl implements IRbacService { AntPathMatcher antPathMatcher = new AntPathMatcher(); String contextPath = request.getContextPath(); - // 校验权限 for (GrantedAuthority grantedAuthority : grantedAuthorities) { RoleGrantedAuthorityBO roleGrantedAuthority; @@ -85,6 +84,11 @@ public class RbacServiceImpl implements IRbacService { hasPermission = true; break; } + if (hasMenuPermission(contextPath, requestURI, roleGrantedAuthority, antPathMatcher)) { + LOG.debug("权限校验URI:{},有菜单权限", requestURI); + hasPermission = true; + break; + } // 新增权限 if (hasInsertPermission(contextPath, requestURI, roleGrantedAuthority, antPathMatcher)) { LOG.debug("权限校验URI:{},有新增权限", requestURI); @@ -134,6 +138,24 @@ public class RbacServiceImpl implements IRbacService { return false; } + /** + * 接口的菜单权限 + * + * @param uri + * @param roleGrantedAuthority + * @param antPathMatcher + * @return + */ + private boolean hasMenuPermission(String contextPath, String uri, RoleGrantedAuthorityBO roleGrantedAuthority, AntPathMatcher antPathMatcher) { + List menus = roleGrantedAuthority.getMenus(); + for (String menu : menus) { + if (antPathMatcher.match(contextPath + menu, uri)) { + return true; + } + } + return false; + } + /** * 接口的新增权限 * diff --git a/login-base/src/main/java/ink/wgink/login/base/controller/route/IndexRouteController.java b/login-base/src/main/java/ink/wgink/login/base/controller/route/IndexRouteController.java index c52f76cd..19f64ce8 100644 --- a/login-base/src/main/java/ink/wgink/login/base/controller/route/IndexRouteController.java +++ b/login-base/src/main/java/ink/wgink/login/base/controller/route/IndexRouteController.java @@ -93,7 +93,7 @@ public class IndexRouteController { } else { // 普通用户 List rolePOs = securityComponent.getCurrentUser().getRoles(); - if (!rolePOs.isEmpty()) { + if (rolePOs.isEmpty()) { menus = new ArrayList<>(); } else { List roleIds = new ArrayList<>(); @@ -101,7 +101,7 @@ public class IndexRouteController { roleIds.add(rolePO.getRoleId()); } List menuIds = roleMenuBaseService.listMenuId(roleIds); - menus = menuBaseService.listAllByParentIdAndIds("0", menuIds); + menus = menuBaseService.listAllByParentIdAndIds(IMenuBaseService.MENU_UNIFIED_USER, menuIds); } } mv.addObject("menus", menus); diff --git a/login-base/src/main/java/ink/wgink/login/base/controller/route/config/ConfigRouteController.java b/login-base/src/main/java/ink/wgink/login/base/controller/route/config/ConfigRouteController.java index 06136323..39ffcc3a 100644 --- a/login-base/src/main/java/ink/wgink/login/base/controller/route/config/ConfigRouteController.java +++ b/login-base/src/main/java/ink/wgink/login/base/controller/route/config/ConfigRouteController.java @@ -1,5 +1,6 @@ package ink.wgink.login.base.controller.route.config; +import ink.wgink.interfaces.app.IAppSignBaseService; import ink.wgink.interfaces.consts.ISystemConstant; import ink.wgink.login.base.manager.ConfigManager; import ink.wgink.login.base.service.IDingDingService; @@ -32,16 +33,21 @@ public class ConfigRouteController { private IUKeyService uKeyService; @Autowired(required = false) private IDingDingService dingDingService; + @Autowired(required = false) + private IAppSignBaseService appSignBaseService; @GetMapping("update") public ModelAndView update() { ModelAndView mv = new ModelAndView("config/update"); - if(uKeyService != null) { + if (uKeyService != null) { mv.addObject("uKeyLogin", "uKeyLogin"); } if (dingDingService != null) { mv.addObject("dingDingScanLogin", "dingDingScanLogin"); } + if (appSignBaseService != null) { + mv.addObject("appLogin", "appLogin"); + } return mv; } diff --git a/login-base/src/main/java/ink/wgink/login/base/service/BaseAppSignService.java b/login-base/src/main/java/ink/wgink/login/base/service/BaseAppSignService.java new file mode 100644 index 00000000..9977b596 --- /dev/null +++ b/login-base/src/main/java/ink/wgink/login/base/service/BaseAppSignService.java @@ -0,0 +1,116 @@ +package ink.wgink.login.base.service; + +import com.alibaba.fastjson.JSONObject; +import ink.wgink.common.base.DefaultBaseService; +import ink.wgink.interfaces.consts.ISystemConstant; +import ink.wgink.interfaces.group.IGroupUserBaseService; +import ink.wgink.interfaces.position.IPositionUserBaseService; +import ink.wgink.interfaces.role.IRoleUserBaseService; +import ink.wgink.pojo.pos.DepartmentPO; +import ink.wgink.pojo.pos.GroupPO; +import ink.wgink.pojo.pos.PositionPO; +import ink.wgink.pojo.pos.RolePO; +import ink.wgink.service.department.service.IDepartmentUserService; +import ink.wgink.service.user.pojo.pos.UserPO; +import ink.wgink.util.AesUtil; +import org.apache.commons.codec.binary.Base64; +import org.springframework.beans.factory.annotation.Autowired; +import org.springframework.stereotype.Service; + +import java.io.UnsupportedEncodingException; +import java.util.ArrayList; +import java.util.HashMap; +import java.util.List; +import java.util.Map; + +/** + * When you feel like quitting. Think about why you started + * 当你想要放弃的时候,想想当初你为何开始 + * + * @ClassName: BaseAppSignService + * @Description: APP登录基础业务 + * @Author: wanggeng + * @Date: 2021/4/7 5:40 下午 + * @Version: 1.0 + */ +@Service +public class BaseAppSignService extends DefaultBaseService { + + @Autowired + private IDepartmentUserService departmentUserService; + @Autowired(required = false) + private IRoleUserBaseService roleUserBaseService; + @Autowired(required = false) + private IPositionUserBaseService positionUserBaseService; + @Autowired(required = false) + private IGroupUserBaseService groupUserBaseService; + + /** + * 获取token + * + * @param userPO + * @return + * @throws Exception + */ + protected String getToken(UserPO userPO) throws UnsupportedEncodingException { + Map userInfo = new HashMap<>(8); + // 这个参数是token认证标识 + userInfo.put(ISystemConstant.APP_TOKEN_SIGN, ISystemConstant.APP_TOKEN_VERIFY + System.currentTimeMillis()); + userInfo.put("id", userPO.getUserId()); + userInfo.put("name", userPO.getUserName()); + userInfo.put("avatar", userPO.getUserAvatar()); + userInfo.put("username", userPO.getUserUsername()); + userInfo.put("phone", userPO.getUserPhone()); + userInfo.put("email", userPO.getUserEmail()); + + LOG.debug("人员部门列表"); + List departmentPOs = departmentUserService.listDepartmentPOByUserId(userPO.getUserId()); + List> departments = new ArrayList<>(); + for (DepartmentPO departmentPO : departmentPOs) { + Map departmentMap = new HashMap<>(4); + departmentMap.put("departmentId", departmentPO.getDepartmentId()); + departmentMap.put("departmentName", departmentPO.getDepartmentName()); + departments.add(departmentMap); + } + userInfo.put("departments", departments); + if (roleUserBaseService != null) { + LOG.debug("人员角色列表"); + List rolePOs = roleUserBaseService.listRolePOByUserId(userPO.getUserId()); + List> roles = new ArrayList<>(); + for (RolePO rolePO : rolePOs) { + Map roleMap = new HashMap<>(4); + roleMap.put("roleId", rolePO.getRoleId()); + roleMap.put("roleName", rolePO.getRoleName()); + roles.add(roleMap); + } + userInfo.put("roles", roles); + } + if (positionUserBaseService != null) { + LOG.debug("人员职位列表"); + List positionPOs = positionUserBaseService.listPositionPOByUserId(userPO.getUserId()); + List> positions = new ArrayList<>(); + for (PositionPO positionPO : positionPOs) { + Map positionMap = new HashMap<>(2); + positionMap.put("positionId", positionPO.getPositionId()); + positionMap.put("positionName", positionPO.getPositionName()); + positions.add(positionMap); + } + userInfo.put("positions", positions); + } + if (groupUserBaseService != null) { + LOG.debug("人员组列表"); + List groupPOs = groupUserBaseService.listGroupPOByUserId(userPO.getUserId()); + List> groups = new ArrayList<>(); + for (GroupPO groupPO : groupPOs) { + Map groupMap = new HashMap<>(2); + groupMap.put("groupId", groupPO.getGroupId()); + groupMap.put("groupName", groupPO.getGroupName()); + groups.add(groupMap); + } + userInfo.put("groups", groups); + } + LOG.debug("userInfo: " + userInfo); + return Base64.encodeBase64String(AesUtil.aesCommonEncoder(ISystemConstant.APP_TOKEN_AES_KEY, JSONObject.toJSONString(userInfo)).getBytes("UTF-8")); + } + +} diff --git a/login-base/src/main/java/ink/wgink/login/base/service/user/UserDetailServiceImpl.java b/login-base/src/main/java/ink/wgink/login/base/service/user/UserDetailServiceImpl.java index da12181f..55b84bd3 100644 --- a/login-base/src/main/java/ink/wgink/login/base/service/user/UserDetailServiceImpl.java +++ b/login-base/src/main/java/ink/wgink/login/base/service/user/UserDetailServiceImpl.java @@ -108,7 +108,7 @@ public class UserDetailServiceImpl implements UserDetailsService, IUserDetailChe } LOG.debug("设置部门状态"); - List departmentPOs = departmentUserService.listDepartmentPOBYUserId(userPO.getUserId()); + List departmentPOs = departmentUserService.listDepartmentPOByUserId(userPO.getUserId()); loginUser.setDepartments(departmentPOs); if (groupUserBaseService != null) { @@ -209,10 +209,10 @@ public class UserDetailServiceImpl implements UserDetailsService, IUserDetailChe if (null != rolePOs && !rolePOs.isEmpty()) { rolePOs.forEach((rolePO) -> { List menuUrls = roleMenuBaseService.listMenuUrl(rolePO.getRoleId()); - List inserts = rolePermissionService.listPermissionUrl(rolePO.getRoleId(), IPermissionBaseService.PERMISSION_INSERT); - List deletes = rolePermissionService.listPermissionUrl(rolePO.getRoleId(), IPermissionBaseService.PERMISSION_DELETE); - List updates = rolePermissionService.listPermissionUrl(rolePO.getRoleId(), IPermissionBaseService.PERMISSION_UPDATE); - List queries = rolePermissionService.listPermissionUrl(rolePO.getRoleId(), IPermissionBaseService.PERMISSION_QUERY); + List inserts = rolePermissionService.listPermissionUrl(rolePO.getRoleId(), IRolePermissionBaseService.PERMISSION_INSERT); + List deletes = rolePermissionService.listPermissionUrl(rolePO.getRoleId(), IRolePermissionBaseService.PERMISSION_DELETE); + List updates = rolePermissionService.listPermissionUrl(rolePO.getRoleId(), IRolePermissionBaseService.PERMISSION_UPDATE); + List queries = rolePermissionService.listPermissionUrl(rolePO.getRoleId(), IRolePermissionBaseService.PERMISSION_QUERY); grantedAuthorities.add(new RoleGrantedAuthorityBO(rolePO.getRoleId(), rolePO.getRoleName(), menuUrls, inserts, deletes, updates, queries)); }); } diff --git a/login-base/src/main/resources/templates/config/update.html b/login-base/src/main/resources/templates/config/update.html index 2f2f4147..01b1397c 100644 --- a/login-base/src/main/resources/templates/config/update.html +++ b/login-base/src/main/resources/templates/config/update.html @@ -166,7 +166,7 @@ -
+
APP允许绑定设备数量(0为不限制) @@ -181,6 +181,7 @@
+
diff --git a/service-department/src/main/java/ink/wgink/service/department/service/IDepartmentUserService.java b/service-department/src/main/java/ink/wgink/service/department/service/IDepartmentUserService.java index 55335aa0..be54e360 100644 --- a/service-department/src/main/java/ink/wgink/service/department/service/IDepartmentUserService.java +++ b/service-department/src/main/java/ink/wgink/service/department/service/IDepartmentUserService.java @@ -65,5 +65,5 @@ public interface IDepartmentUserService extends IDepartmentUserBaseService { * @param userId 用户ID * @return */ - List listDepartmentPOBYUserId(String userId); + List listDepartmentPOByUserId(String userId); } diff --git a/service-department/src/main/java/ink/wgink/service/department/service/impl/DepartmentUserServiceImpl.java b/service-department/src/main/java/ink/wgink/service/department/service/impl/DepartmentUserServiceImpl.java index 50cd92f2..6e0505aa 100644 --- a/service-department/src/main/java/ink/wgink/service/department/service/impl/DepartmentUserServiceImpl.java +++ b/service-department/src/main/java/ink/wgink/service/department/service/impl/DepartmentUserServiceImpl.java @@ -114,7 +114,7 @@ public class DepartmentUserServiceImpl extends DefaultBaseService implements IDe } @Override - public List listDepartmentPOBYUserId(String userId) { + public List listDepartmentPOByUserId(String userId) { Map params = getHashMap(2); params.put("userId", userId); List departmentIds = departmentUserDao.listDepartmentId(params); diff --git a/service-menu/src/main/java/ink/wgink/module/menu/startup/ServiceMenuStartUp.java b/service-menu/src/main/java/ink/wgink/module/menu/startup/ServiceMenuStartUp.java index 23911401..76def4bc 100644 --- a/service-menu/src/main/java/ink/wgink/module/menu/startup/ServiceMenuStartUp.java +++ b/service-menu/src/main/java/ink/wgink/module/menu/startup/ServiceMenuStartUp.java @@ -1,5 +1,6 @@ package ink.wgink.module.menu.startup; +import ink.wgink.interfaces.app.IAppSignBaseService; import ink.wgink.interfaces.config.ISystemConfigCheckService; import ink.wgink.interfaces.department.IDepartmentCheckService; import ink.wgink.interfaces.dictionary.IDictionaryCheckService; @@ -58,6 +59,8 @@ public class ServiceMenuStartUp implements ApplicationRunner { private IRoleCheckService roleCheckService; @Autowired(required = false) private IUserDetailCheckService userDetailCheckService; + @Autowired(required = false) + private IAppSignBaseService appSignBaseService; @Override public void run(ApplicationArguments args) throws Exception { @@ -130,6 +133,7 @@ public class ServiceMenuStartUp implements ApplicationRunner { initDataManager(params, menuId); initAreaManager(params, menuId); initConfigManager(params, menuId); + initAppVersionMenu(params, menuId); } /** @@ -245,6 +249,35 @@ public class ServiceMenuStartUp implements ApplicationRunner { } } + /** + * 初始化APP版本管理 + * + * @param params + * @param menuParentId + */ + public void initAppVersionMenu(Map params, String menuParentId) { + if (appSignBaseService == null) { + return; + } + LOG.debug("初始化菜单:APP版本管理"); + params.remove("menuId"); + params.put("menuCode", "000100010005"); + MenuDTO menuDTO = menuDao.getSimple(params); + if (menuDTO == null) { + params.put("menuId", UUIDUtil.getUUID()); + params.put("menuParentId", menuParentId); + params.put("menuName", "APP版本管理"); + params.put("menuSummary", "APP版本管理"); + params.put("menuUrl", "/route/appversion/list"); + params.put("menuType", "1"); + params.put("menuIcon", "fa-icon-color-white fa fa-tv"); + params.put("menuOrder", "5"); + params.put("menuStatus", "0"); + params.put("openType", "1"); + menuDao.save(params); + } + } + /** * 用户权限管理 * diff --git a/service-role/src/main/java/ink/wgink/service/role/dao/IRoleUserDao.java b/service-role/src/main/java/ink/wgink/service/role/dao/IRoleUserDao.java index 8aafe80e..01ff65b6 100644 --- a/service-role/src/main/java/ink/wgink/service/role/dao/IRoleUserDao.java +++ b/service-role/src/main/java/ink/wgink/service/role/dao/IRoleUserDao.java @@ -54,6 +54,14 @@ public interface IRoleUserDao { */ List listUserId(Map params) throws SearchException; + /** + * 角色列表 + * @param params + * @return + * @throws SearchException + */ + List listRoleId(Map params) throws SearchException; + /** * 用户ID列表 * diff --git a/service-role/src/main/java/ink/wgink/service/role/service/IRolePermissionService.java b/service-role/src/main/java/ink/wgink/service/role/service/IRolePermissionService.java index 5e221504..5ef6b950 100644 --- a/service-role/src/main/java/ink/wgink/service/role/service/IRolePermissionService.java +++ b/service-role/src/main/java/ink/wgink/service/role/service/IRolePermissionService.java @@ -19,23 +19,6 @@ import java.util.Map; **/ public interface IRolePermissionService extends IRolePermissionBaseService { - /** - * 新增权限 - */ - String PERMISSION_INSERT = "insert"; - /** - * 删除权限 - */ - String PERMISSION_DELETE = "delete"; - /** - * 修改权限 - */ - String PERMISSION_UPDATE = "update"; - /** - * 查询权限 - */ - String PERMISSION_QUERY = "query"; - /** * 更新权限 * diff --git a/service-role/src/main/java/ink/wgink/service/role/service/impl/RoleUserServiceImpl.java b/service-role/src/main/java/ink/wgink/service/role/service/impl/RoleUserServiceImpl.java index 2fcda8ab..30153233 100644 --- a/service-role/src/main/java/ink/wgink/service/role/service/impl/RoleUserServiceImpl.java +++ b/service-role/src/main/java/ink/wgink/service/role/service/impl/RoleUserServiceImpl.java @@ -9,6 +9,7 @@ import ink.wgink.pojo.dtos.user.UserDTO; import ink.wgink.pojo.pos.RolePO; import ink.wgink.pojo.result.SuccessResultList; import ink.wgink.service.role.dao.IRoleUserDao; +import ink.wgink.service.role.service.IRoleService; import ink.wgink.service.role.service.IRoleUserService; import org.apache.commons.lang3.StringUtils; import org.springframework.beans.factory.annotation.Autowired; @@ -35,6 +36,8 @@ public class RoleUserServiceImpl extends DefaultBaseService implements IRoleUser @Autowired private IRoleUserDao roleUserDao; @Autowired + private IRoleService roleService; + @Autowired private IUserBaseService userBaseService; @Override @@ -91,7 +94,13 @@ public class RoleUserServiceImpl extends DefaultBaseService implements IRoleUser @Override public List listRolePOByUserId(String userId) { - return null; + Map params = getHashMap(2); + params.put("userId", userId); + List roleIds = roleUserDao.listRoleId(params); + if (roleIds.isEmpty()) { + return new ArrayList<>(); + } + return roleService.listPO(roleIds); } diff --git a/service-role/src/main/resources/mybatis/mapper/role-user-mapper.xml b/service-role/src/main/resources/mybatis/mapper/role-user-mapper.xml index 74e24cad..cc6f24dd 100644 --- a/service-role/src/main/resources/mybatis/mapper/role-user-mapper.xml +++ b/service-role/src/main/resources/mybatis/mapper/role-user-mapper.xml @@ -69,8 +69,27 @@ + + + - SELECT user_id FROM