lilonglong/tansci-boot
1
1
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

权限验证

Browse Source
This commit is contained in:
tanyp 2023-04-07 16:53:10 +08:00
parent d447ae83be
commit dec5f1a46d
6 changed files with 159 additions and 41 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

10
tansci-boot/src/main/java/com/tansci/common/constant/Constants.java
View File

@ -29,4 +29,14 @@ public class Constants {
public final static String UPDATE = "INSERT";
public final static String DELETE = "DELETE";
/**
* 权限校验
*/
public final static String PERMISSION_KEY = "permission-session";
/**
* 角色校验
*/
public final static String ROLE_KEY = "role-session";
}

52
tansci-boot/src/main/java/com/tansci/controller/SysMenuController.java
View File

@ -1,5 +1,6 @@
package com.tansci.controller;
import cn.dev33.satoken.annotation.SaCheckPermission;
import com.tansci.common.WrapMapper;
import com.tansci.common.Wrapper;
import com.tansci.common.annotation.Log;
@ -11,9 +12,7 @@ import io.swagger.annotations.Api;
import io.swagger.annotations.ApiOperation;
import lombok.extern.slf4j.Slf4j;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.web.bind.annotation.GetMapping;
import org.springframework.web.bind.annotation.RequestMapping;
import org.springframework.web.bind.annotation.RestController;
import org.springframework.web.bind.annotation.*;
import java.util.List;
@ -33,13 +32,6 @@ public class SysMenuController {
@Autowired
private SysMenuService sysMenuService;
@ApiOperation(value = "当前用户权限菜单树", notes = "当前用户权限菜单树")
@Log(modul = "菜单管理-当前用户权限菜单树", type = Constants.SELECT, desc = "当前用户权限菜单树")
@GetMapping("/tree")
public Wrapper<List<SysMenu>> tree(SysMenu menu) {
return WrapMapper.wrap(Wrapper.SUCCESS_CODE, Wrapper.SUCCESS_MESSAGE, sysMenuService.tree(menu));
}
@ApiOperation(value = "当前用户权限菜单列表", notes = "当前用户权限菜单列表")
@Log(modul = "菜单管理-当前用户权限菜单列表", type = Constants.SELECT, desc = "当前用户权限菜单列表")
@GetMapping("/menus")
@ -47,4 +39,44 @@ public class SysMenuController {
return WrapMapper.wrap(Wrapper.SUCCESS_CODE, Wrapper.SUCCESS_MESSAGE, sysMenuService.menus());
}
@ApiOperation(value = "菜单树", notes = "菜单树")
@Log(modul = "菜单管理-菜单树", type = Constants.SELECT, desc = "菜单树")
@GetMapping("/tree")
@SaCheckPermission("menu:list")
public Wrapper<List<SysMenu>> tree(SysMenu menu) {
return WrapMapper.wrap(Wrapper.SUCCESS_CODE, Wrapper.SUCCESS_MESSAGE, sysMenuService.tree(menu));
}
@ApiOperation(value = "详情", notes = "详情")
@Log(modul = "菜单管理-详情", type = Constants.SELECT, desc = "详情")
@GetMapping("/getById/{id}")
@SaCheckPermission("menu:view")
public Wrapper<SysMenu> getById(@PathVariable String id) {
return WrapMapper.wrap(Wrapper.SUCCESS_CODE, Wrapper.SUCCESS_MESSAGE, sysMenuService.getById(id));
}
@ApiOperation(value = "添加", notes = "添加")
@Log(modul = "菜单管理-添加", type = Constants.INSERT, desc = "添加")
@GetMapping("/save")
@SaCheckPermission("menu:save")
public Wrapper<Object> save(@RequestBody SysMenu menu) {
return WrapMapper.wrap(Wrapper.SUCCESS_CODE, Wrapper.SUCCESS_MESSAGE, sysMenuService.save(menu));
}
@ApiOperation(value = "删除", notes = "删除")
@Log(modul = "菜单管理-删除", type = Constants.DELETE, desc = "删除")
@GetMapping("/delete/{id}")
@SaCheckPermission("menu:delete")
public Wrapper<Object> delete(@PathVariable String id) {
return WrapMapper.wrap(Wrapper.SUCCESS_CODE, Wrapper.SUCCESS_MESSAGE, sysMenuService.removeById(id));
}
@ApiOperation(value = "修改", notes = "修改")
@Log(modul = "菜单管理-修改", type = Constants.UPDATE, desc = "修改")
@PostMapping("/update")
@SaCheckPermission("menu:update")
public Wrapper<Object> update(@RequestBody SysMenu menu) {
return WrapMapper.wrap(Wrapper.SUCCESS_CODE, Wrapper.SUCCESS_MESSAGE, sysMenuService.updateById(menu));
}
}

5
tansci-boot/src/main/java/com/tansci/domain/vo/SysUserSessionVo.java
View File

@ -7,8 +7,6 @@ import lombok.Builder;
import lombok.Data;
import lombok.NoArgsConstructor;
import java.util.List;
/**
* @ClassName SysUserSession.java
* @ClassPath com.tansci.domain.vo.SysUserSession.java
@ -35,7 +33,4 @@ public class SysUserSessionVo {
@ApiModelProperty(value = "用户类型1、管理员2、普通用户")
private Integer type;
@ApiModelProperty(value = "权限IDS")
private List<String> roleIds;
}

93
tansci-boot/src/main/java/com/tansci/handler/StpInterfaceHandler.java Normal file
View File

@ -0,0 +1,93 @@
package com.tansci.handler;
import cn.dev33.satoken.stp.StpInterface;
import cn.dev33.satoken.stp.StpUtil;
import com.baomidou.mybatisplus.core.toolkit.Wrappers;
import com.tansci.common.constant.Constants;
import com.tansci.domain.SysMenu;
import com.tansci.domain.SysRoleMenu;
import com.tansci.domain.SysUserRole;
import com.tansci.service.SysMenuService;
import com.tansci.service.SysRoleMenuService;
import com.tansci.service.SysUserRoleService;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.stereotype.Component;
import java.util.List;
import java.util.Objects;
import java.util.stream.Collectors;
/**
* @ClassName StpInterfaceHandler.java
* @ClassPath com.tansci.handler.StpInterfaceHandler.java
* @Description 自定义权限验证
* @Author tanyp
* @Date 2023/4/7 15:07
**/
@Component
public class StpInterfaceHandler implements StpInterface {
@Autowired
private SysUserRoleService sysUserRoleService;
@Autowired
private SysRoleMenuService sysRoleMenuService;
@Autowired
private SysMenuService sysMenuService;
/**
* @MonthName getPermissionList
* @Description 返回一个账号所拥有的权限码集合
* @Author tanyp
* @Date 2023/4/7 15:08
* @Param [o, s]
* @return java.util.List<java.lang.String>
**/
@Override
public List<String> getPermissionList(Object o, String s) {
if (Objects.nonNull(StpUtil.getSession().get(Constants.PERMISSION_KEY))) {
return (List<String>) StpUtil.getSession().get(Constants.PERMISSION_KEY);
} else {
List<SysUserRole> roles = sysUserRoleService.list(Wrappers.<SysUserRole>lambdaQuery().eq(SysUserRole::getUserId, StpUtil.getLoginId()));
if (Objects.nonNull(roles) && roles.size() > 0) {
List<String> roleIds = roles.stream().map(SysUserRole::getRoleId).collect(Collectors.toList());
List<SysRoleMenu> roleMenus = sysRoleMenuService.list(Wrappers.<SysRoleMenu>lambdaQuery().in(SysRoleMenu::getRoleId, roleIds));
if (Objects.nonNull(roleMenus) && roleMenus.size() > 0) {
List<SysMenu> menus = sysMenuService.list(
Wrappers.<SysMenu>lambdaQuery()
.in(SysMenu::getId, roleMenus.stream().map(SysRoleMenu::getMenuId).collect(Collectors.toList()))
.eq(SysMenu::getIsDel, Constants.NOT_DEL_FALG)
.ne(SysMenu::getPermission, "")
.isNotNull(SysMenu::getPermission)
);
List<String> permissions = menus.stream().map(SysMenu::getPermission).collect(Collectors.toList());
StpUtil.getSession().set(Constants.ROLE_KEY, permissions);
return permissions;
}
}
}
return null;
}
/**
* @MonthName getRoleList
* @Description 返回一个账号所拥有的角色标识集合 (权限与角色可分开校验)
* @Author tanyp
* @Date 2023/4/7 15:08
* @Param [o, s]
* @return java.util.List<java.lang.String>
**/
@Override
public List<String> getRoleList(Object o, String s) {
if (Objects.nonNull(StpUtil.getSession().get(Constants.ROLE_KEY))) {
return (List<String>) StpUtil.getSession().get(Constants.ROLE_KEY);
} else {
List<SysUserRole> roles = sysUserRoleService.list(Wrappers.<SysUserRole>lambdaQuery().eq(SysUserRole::getUserId, StpUtil.getLoginId()));
if (Objects.nonNull(roles) && roles.size() > 0) {
List<String> roleIds = roles.stream().map(SysUserRole::getRoleId).collect(Collectors.toList());
StpUtil.getSession().set(Constants.ROLE_KEY, roleIds);
return roleIds;
}
}
return null;
}
}

16
tansci-boot/src/main/java/com/tansci/service/impl/SysMenuServiceImpl.java
View File

@ -8,7 +8,6 @@ import com.tansci.common.constant.Constants;
import com.tansci.domain.SysMenu;
import com.tansci.domain.SysRoleMenu;
import com.tansci.domain.vo.SysMenuVo;
import com.tansci.domain.vo.SysUserSessionVo;
import com.tansci.mapper.SysMenuMapper;
import com.tansci.service.SysMenuService;
import com.tansci.service.SysRoleMenuService;
@ -35,12 +34,9 @@ public class SysMenuServiceImpl extends ServiceImpl<SysMenuMapper, SysMenu> impl
@Override
public List<SysMenu> tree(SysMenu menu) {
// 菜单权限
String userId = String.valueOf(StpUtil.getLoginId());
SysUserSessionVo sessionVo = (SysUserSessionVo) StpUtil.getSession().get(userId);
List<String> menuIds = Lists.newArrayList();
if (Objects.nonNull(sessionVo) && Objects.nonNull(sessionVo.getRoleIds()) && sessionVo.getRoleIds().size() > 0) {
List<SysRoleMenu> menus = sysRoleMenuService.list(Wrappers.<SysRoleMenu>lambdaQuery().eq(SysRoleMenu::getRoleId, sessionVo.getRoleIds()));
if (Objects.nonNull(StpUtil.getRoleList()) && StpUtil.getRoleList().size() > 0) {
List<SysRoleMenu> menus = sysRoleMenuService.list(Wrappers.<SysRoleMenu>lambdaQuery().eq(SysRoleMenu::getRoleId, StpUtil.getRoleList()));
menuIds.addAll(menus.stream().map(SysRoleMenu::getMenuId).collect(Collectors.toList()));
}
@ -63,18 +59,16 @@ public class SysMenuServiceImpl extends ServiceImpl<SysMenuMapper, SysMenu> impl
@Override
public List<SysMenuVo> menus() {
// 菜单权限
String userId = String.valueOf(StpUtil.getLoginId());
SysUserSessionVo sessionVo = (SysUserSessionVo) StpUtil.getSession().get(userId);
List<String> menuIds = Lists.newArrayList();
if (Objects.nonNull(sessionVo) && Objects.nonNull(sessionVo.getRoleIds()) && sessionVo.getRoleIds().size() > 0) {
List<SysRoleMenu> menus = sysRoleMenuService.list(Wrappers.<SysRoleMenu>lambdaQuery().eq(SysRoleMenu::getRoleId, sessionVo.getRoleIds()));
if (Objects.nonNull(StpUtil.getRoleList()) && StpUtil.getRoleList().size() > 0) {
List<SysRoleMenu> menus = sysRoleMenuService.list(Wrappers.<SysRoleMenu>lambdaQuery().eq(SysRoleMenu::getRoleId, StpUtil.getRoleList()));
menuIds.addAll(menus.stream().map(SysRoleMenu::getMenuId).collect(Collectors.toList()));
}
List<SysMenu> list = this.baseMapper.selectList(
Wrappers.<SysMenu>lambdaQuery()
.eq(SysMenu::getIsDel, Constants.NOT_DEL_FALG)
.eq(SysMenu::getIsShow, 1)
.eq(Objects.nonNull(menuIds) && menuIds.size() > 0, SysMenu::getId, menuIds)
);

24
tansci-boot/src/main/java/com/tansci/service/impl/SysUserServiceImpl.java
View File

@ -27,7 +27,6 @@ import javax.servlet.http.HttpServletRequest;
import java.time.LocalDateTime;
import java.util.List;
import java.util.Objects;
import java.util.stream.Collectors;
/**
* @ClassName SysUserServiceImpl.java
@ -131,22 +130,17 @@ public class SysUserServiceImpl extends ServiceImpl<SysUserMapper, SysUser> impl
// 生成token
StpUtil.login(sysUser.getId());
// 登录日志记录
loginLog.setToken(StpUtil.getTokenInfo().getTokenValue());
// 用户角色到session
List<SysUserRole> roles = sysUserRoleService.list(Wrappers.<SysUserRole>lambdaQuery().eq(SysUserRole::getUserId, sysUser.getId()));
if (Objects.nonNull(roles) && roles.size() > 0) {
StpUtil.getSession().set(sysUser.getId(),
SysUserSessionVo.builder()
.id(sysUser.getId())
.username(sysUser.getUsername())
.nickname(sysUser.getNickname())
.type(sysUser.getType())
.roleIds(roles.stream().map(SysUserRole::getRoleId).collect(Collectors.toList()))
.build()
);
}
// 存储session
StpUtil.getSession().set(sysUser.getId(),
SysUserSessionVo.builder()
.id(sysUser.getId())
.username(sysUser.getUsername())
.nickname(sysUser.getNickname())
.type(sysUser.getType())
.build()
);
return SysUserVo.builder()
.username(sysUser.getUsername())