sx/map
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

添加权限判断

Browse Source
This commit is contained in:
houwei 2024-06-26 15:25:06 +08:00
parent 4c0123db96
commit 2625c01f05
11 changed files with 183 additions and 4 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

8
das/src/main/java/com/das/common/config/SessionUtil.java Normal file
View File

@ -0,0 +1,8 @@
package com.das.common.config;
/**
* Session 变量定义
*/
public class SessionUtil {
public static final String SESSION_USER_KEY = "current_user";
}

43
das/src/main/java/com/das/common/config/StpInterfaceImpl.java Normal file
View File

@ -0,0 +1,43 @@
package com.das.common.config;
import cn.dev33.satoken.stp.StpInterface;
import cn.dev33.satoken.stp.StpUtil;
import org.springframework.stereotype.Component;
import com.das.modules.auth.domain.vo.SysUserVo;
import java.util.ArrayList;
import java.util.Collection;
import java.util.Collections;
import java.util.List;
/**
* 自定义权限验证接口扩展
*/
@Component // 保证此类被springboot扫描完成sa-token的自定义权限验证扩展
public class StpInterfaceImpl implements StpInterface {
@Override
public List<String> getPermissionList(Object loginId, String s) {
SysUserVo currentUser = (SysUserVo) StpUtil.getTokenSession().get(SessionUtil.SESSION_USER_KEY);
if(currentUser==null){
return Collections.emptyList();
}else{
List<String> list = new ArrayList<>();
currentUser.getAuthorities().forEach(item->{
list.add(item.toString());
});
return list;
}
}
/**
* 权限判断这块 全部采用权限Permission 判断不采用角色Role判断
* @param loginId
* @param s
* @return
*/
@Override
public List<String> getRoleList(Object loginId, String s) {
return Collections.emptyList();
}
}

24
das/src/main/java/com/das/modules/auth/controller/SysMenusController.java
View File

@ -1,15 +1,21 @@
package com.das.modules.auth.controller;
import cn.dev33.satoken.annotation.SaCheckPermission;
import cn.dev33.satoken.stp.StpUtil;
import com.das.common.config.SessionUtil;
import com.das.common.config.SysAuthorityIds;
import com.das.common.result.R;
import com.das.common.utils.PageDataInfo;
import com.das.common.utils.PageQuery;
import com.das.modules.auth.domain.dto.DeleteDto;
import com.das.modules.auth.domain.dto.SysMenuDto;
import com.das.modules.auth.domain.dto.SysMenuQueryDto;
import com.das.modules.auth.domain.vo.SysUserVo;
import com.das.modules.auth.entity.SysMenu;
import com.das.modules.auth.service.SysMenuService;
import lombok.extern.slf4j.Slf4j;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.util.StringUtils;
import org.springframework.web.bind.annotation.PostMapping;
import org.springframework.web.bind.annotation.RequestBody;
import org.springframework.web.bind.annotation.RequestMapping;
@ -32,6 +38,12 @@ public class SysMenusController {
*/
@PostMapping("/add")
public R<?> createMenu(@RequestBody SysMenuDto sysMenuDto) {
//判断是否有权限
boolean hasPermission = StpUtil.hasPermission(SysAuthorityIds.SYS_AUTHORITY_ID_ADMIN.toString());
if(!hasPermission){
return R.fail("没有系统管理权限");
}
return R.success(sysMenuService.createMenu(sysMenuDto));
}
@ -41,6 +53,12 @@ public class SysMenusController {
*/
@PostMapping("/update")
public R<?> updateMenu(@RequestBody SysMenuDto sysMenuDto) {
//判断是否有权限
boolean hasPermission = StpUtil.hasPermission(SysAuthorityIds.SYS_AUTHORITY_ID_ADMIN.toString());
if(!hasPermission){
return R.fail("没有系统管理权限");
}
sysMenuService.updateMenu(sysMenuDto);
return R.success();
}
@ -51,6 +69,12 @@ public class SysMenusController {
*/
@PostMapping("/delete")
public R<?> deleteMenu(@RequestBody DeleteDto deleteDto) {
//判断是否有权限
boolean hasPermission = StpUtil.hasPermission(SysAuthorityIds.SYS_AUTHORITY_ID_ADMIN.toString());
if(!hasPermission){
return R.fail("没有系统管理权限");
}
sysMenuService.deleteMenu(deleteDto);
return R.success();
}

20
das/src/main/java/com/das/modules/auth/controller/SysOrgController.java
View File

@ -1,5 +1,7 @@
package com.das.modules.auth.controller;
import cn.dev33.satoken.stp.StpUtil;
import com.das.common.config.SysAuthorityIds;
import com.das.common.result.R;
import com.das.common.utils.PageDataInfo;
import com.das.common.utils.PageQuery;
@ -32,6 +34,12 @@ public class SysOrgController {
*/
@PostMapping("/add")
public R<?> createOrg(@RequestBody SysOrgDto sysOrgDto) {
//判断是否有权限
boolean hasPermission = StpUtil.hasPermission(SysAuthorityIds.SYS_AUTHORITY_ID_ADMIN.toString());
if(!hasPermission){
return R.fail("没有系统管理权限");
}
return R.success(sysOrgService.createOrg(sysOrgDto));
}
@ -41,6 +49,12 @@ public class SysOrgController {
*/
@PostMapping("/update")
public R<?> updateOrg(@RequestBody SysOrgDto sysOrgDto) {
//判断是否有权限
boolean hasPermission = StpUtil.hasPermission(SysAuthorityIds.SYS_AUTHORITY_ID_ADMIN.toString());
if(!hasPermission){
return R.fail("没有系统管理权限");
}
sysOrgService.updateOrg(sysOrgDto);
return R.success();
}
@ -51,6 +65,12 @@ public class SysOrgController {
*/
@PostMapping("/delete")
public R<?> deleteOrg(@RequestBody DeleteDto deleteDto) {
//判断是否有权限
boolean hasPermission = StpUtil.hasPermission(SysAuthorityIds.SYS_AUTHORITY_ID_ADMIN.toString());
if(!hasPermission){
return R.fail("没有系统管理权限");
}
sysOrgService.deleteOrg(deleteDto);
return R.success();
}

20
das/src/main/java/com/das/modules/auth/controller/SysRoleController.java
View File

@ -1,5 +1,7 @@
package com.das.modules.auth.controller;
import cn.dev33.satoken.stp.StpUtil;
import com.das.common.config.SysAuthorityIds;
import com.das.common.result.R;
import com.das.common.utils.PageDataInfo;
import com.das.common.utils.PageQuery;
@ -32,6 +34,12 @@ public class SysRoleController {
*/
@PostMapping("/add")
public R<?> createRole(@RequestBody SysRoleDto sysRoleDto) {
//判断是否有权限
boolean hasPermission = StpUtil.hasPermission(SysAuthorityIds.SYS_AUTHORITY_ID_ADMIN.toString());
if(!hasPermission){
return R.fail("没有系统管理权限");
}
return R.success(sysRoleService.createRole(sysRoleDto));
}
@ -41,6 +49,12 @@ public class SysRoleController {
*/
@PostMapping("/update")
public R<?> updateRole(@RequestBody SysRoleDto sysRoleDto) {
//判断是否有权限
boolean hasPermission = StpUtil.hasPermission(SysAuthorityIds.SYS_AUTHORITY_ID_ADMIN.toString());
if(!hasPermission){
return R.fail("没有系统管理权限");
}
return R.success(sysRoleService.updateRole(sysRoleDto));
}
@ -50,6 +64,12 @@ public class SysRoleController {
*/
@PostMapping("/delete")
public R<?> deleteRole(@RequestBody DeleteDto deleteDto) {
//判断是否有权限
boolean hasPermission = StpUtil.hasPermission(SysAuthorityIds.SYS_AUTHORITY_ID_ADMIN.toString());
if(!hasPermission){
return R.fail("没有系统管理权限");
}
sysRoleService.deleteRole(deleteDto);
return R.success();
}

20
das/src/main/java/com/das/modules/auth/controller/SysUserController.java
View File

@ -1,5 +1,7 @@
package com.das.modules.auth.controller;
import cn.dev33.satoken.stp.StpUtil;
import com.das.common.config.SysAuthorityIds;
import com.das.common.result.R;
import com.das.common.utils.PageDataInfo;
import com.das.common.utils.PageQuery;
@ -32,6 +34,12 @@ public class SysUserController {
*/
@PostMapping("/add")
public R<?> createUser(@RequestBody SysUserDto sysUserDto) {
//判断是否有权限
boolean hasPermission = StpUtil.hasPermission(SysAuthorityIds.SYS_AUTHORITY_ID_ADMIN.toString());
if(!hasPermission){
return R.fail("没有系统管理权限");
}
return R.success(sysUserService.createUser(sysUserDto));
}
@ -41,6 +49,12 @@ public class SysUserController {
*/
@PostMapping("/update")
public R<?> updateUser(@RequestBody SysUserDto sysUserDto) {
//判断是否有权限
boolean hasPermission = StpUtil.hasPermission(SysAuthorityIds.SYS_AUTHORITY_ID_ADMIN.toString());
if(!hasPermission){
return R.fail("没有系统管理权限");
}
sysUserService.updateUser(sysUserDto);
return R.success();
}
@ -51,6 +65,12 @@ public class SysUserController {
*/
@PostMapping("/delete")
public R<?> deleteUser(@RequestBody DeleteDto deleteDto) {
//判断是否有权限
boolean hasPermission = StpUtil.hasPermission(SysAuthorityIds.SYS_AUTHORITY_ID_ADMIN.toString());
if(!hasPermission){
return R.fail("没有系统管理权限");
}
sysUserService.deleteUser(deleteDto);
return R.success();
}

7
das/src/main/java/com/das/modules/auth/domain/vo/SysUserVo.java
View File

@ -4,6 +4,8 @@ import lombok.Data;
import java.io.Serial;
import java.io.Serializable;
import java.util.ArrayList;
import java.util.List;
/**
* 账号信息
@ -45,5 +47,8 @@ public class SysUserVo implements Serializable {
*/
private Long orgId;
/**
*权限列表
*/
private List<Integer> authorities=new ArrayList<>();
}

10
das/src/main/java/com/das/modules/auth/mapper/SysUserMapper.java
View File

@ -2,10 +2,13 @@ package com.das.modules.auth.mapper;
import com.baomidou.mybatisplus.core.metadata.IPage;
import com.das.modules.auth.domain.dto.SysUserQueryDto;
import com.das.modules.auth.entity.SysOrg;
import com.das.modules.auth.entity.SysUser;
import com.baomidou.mybatisplus.core.mapper.BaseMapper;
import org.apache.ibatis.annotations.Param;
import java.util.List;
/**
* <p>
* 用户信息 Mapper 接口
@ -15,4 +18,11 @@ import org.apache.ibatis.annotations.Param;
*/
public interface SysUserMapper extends BaseMapper<SysUser> {
IPage<SysUser> queryUserList(IPage<SysUser> page, @Param("sysUser") SysUserQueryDto sysUserQueryDto);
/**
* 根据用户id查询权限列表
* @param userId 用户id
* @return 该用户拥有的权限id列表
*/
List<Integer> queryAuthoritiesByUserId(@Param("userId") Long userId);
}

9
das/src/main/java/com/das/modules/auth/service/impl/LoginServiceImpl.java
View File

@ -7,6 +7,7 @@ import com.baomidou.mybatisplus.core.conditions.query.LambdaQueryWrapper;
import com.baomidou.mybatisplus.core.toolkit.Wrappers;
import com.das.common.captcha.CaptchaUtils;
import com.das.common.config.SaTokenProperties;
import com.das.common.config.SessionUtil;
import com.das.common.utils.AdminRedisTemplate;
import com.das.modules.auth.domain.vo.LoginUserDetailsVo;
import com.das.modules.auth.domain.dto.LoginDto;
@ -75,10 +76,18 @@ public class LoginServiceImpl implements LoginService {
sysUserVo.setEmail(sysUser.getEmail());
sysUserVo.setOrgId(sysUser.getOrgId());
//查询用户权限列表
sysUserVo.setAuthorities(sysUserMapper.queryAuthoritiesByUserId(sysUser.getId()));
loginInfo.setSysUser(sysUserVo); // 存储用户信息到会话
loginInfo.setToken(token);
loginInfo.setRefreshToken(refreshTokenUuid);
adminRedisTemplate.setEx(refreshToken, loginInfo, Duration.ofSeconds(saTokenProperties.getRefreshExpireTime()));
//将登录用户信息存入 Session
StpUtil.getTokenSession().set(SessionUtil.SESSION_USER_KEY, sysUserVo);
return loginInfo;
}

6
das/src/main/java/com/das/modules/auth/service/impl/SysAuthorityServiceImpl.java
View File

@ -30,9 +30,9 @@ public class SysAuthorityServiceImpl implements SysAuthorityService {
@PostConstruct
public void init() {
List<SysAuthority> list = new ArrayList<>();
list.add(new SysAuthority(SysAuthorityIds.SYS_AUTHORITY_ID_ADMIN,"systemMgr","系统管理权限",1));
list.add(new SysAuthority(SysAuthorityIds.SYS_AUTHORITY_ID_DEVICE_MGR,"equipmentLedgerManagement","设备台账维护权限",1));
list.add(new SysAuthority(SysAuthorityIds.SYS_AUTHORITY_ID_DEVICE_VIEW,"equipmentLedgerView","设备台账浏览权限",1));
list.add(new SysAuthority(SysAuthorityIds.SYS_AUTHORITY_ID_ADMIN,"SYS_AUTHORITY_ID_ADMIN","系统管理权限",1));
list.add(new SysAuthority(SysAuthorityIds.SYS_AUTHORITY_ID_DEVICE_MGR,"SYS_AUTHORITY_ID_DEVICE_MGR","设备台账维护权限",1));
list.add(new SysAuthority(SysAuthorityIds.SYS_AUTHORITY_ID_DEVICE_VIEW,"SYS_AUTHORITY_ID_DEVICE_VIEW","设备台账浏览权限",1));
try {
// 性能优化先查询所有需要的权限是否存在减少数据库访问次数

20
das/src/main/resources/mapper/SysUserMapper.xml
View File

@ -30,4 +30,24 @@
</where>
</select>
<select id="queryAuthoritiesByUserId" resultType="java.lang.Integer" parameterType="java.lang.Long">
select
t2.id
from
sys_authority t2
where
t2.id in(
select
t1.authority_id
from
sys_r_role_authority t1
where
t1.role_id in(
select
t.role_id
from
sys_r_user_role t
where
t.user_id = #{userId}))
</select>
</mapper>