Commit 432ce43d authored by 蔡镇泽's avatar 蔡镇泽

Merge remote-tracking branch 'origin/master'

parents f537184a 0f7e394b
......@@ -25,7 +25,7 @@ public class SystemResource {
private String resourceType;
private Long parentId;
private String resourceIcon;
private Date createTime;
private Date createdTime;
@TableField(exist = false)
private List<Long> roleIds;
......
......@@ -20,8 +20,8 @@ public class SystemRole {
private Long roleId;
private String roleName;
private String status;
private Date createTime;
private Date modifyTime;
private Date createdTime;
private Date updatedTime;
}
......@@ -14,6 +14,7 @@ public class MainMenuVO {
private Long parentId;
private String name;
private String icon;
private String path;
private List<MainMenuVO> children;
}
......@@ -26,75 +26,73 @@ import java.util.Set;
/**
* 鉴权管理器
*
* @author hubin
*/
@Component
@Slf4j
public class AuthorizationManager implements ReactiveAuthorizationManager<AuthorizationContext> {
private final RedisTemplate redisTemplate;
private final RedisTemplate redisTemplate;
@Autowired
public AuthorizationManager(RedisTemplate redisTemplate) {
this.redisTemplate = redisTemplate;
}
@Override
@SuppressWarnings("unchecked")
public Mono<AuthorizationDecision> check(Mono<Authentication> mono, AuthorizationContext authorizationContext) {
ServerHttpRequest request = authorizationContext.getExchange().getRequest();
String path = request.getMethodValue() + "_" + request.getURI().getPath();
log.info("请求,path={}", path);
PathMatcher pathMatcher = new AntPathMatcher();
// 对应跨域的预检请求直接放行
if (request.getMethod() == HttpMethod.OPTIONS) {
return Mono.just(new AuthorizationDecision(true));
@Autowired
public AuthorizationManager(RedisTemplate redisTemplate) {
this.redisTemplate = redisTemplate;
}
// 非管理端路径无需鉴权直接放行
if (!pathMatcher.match(AuthConstants.ADMIN_URL_PATTERN, path)) {
log.info("请求无需鉴权,path={}", path);
return Mono.just(new AuthorizationDecision(true));
@Override
@SuppressWarnings("unchecked")
public Mono<AuthorizationDecision> check(Mono<Authentication> mono, AuthorizationContext authorizationContext) {
ServerHttpRequest request = authorizationContext.getExchange().getRequest();
String path = request.getMethodValue() + "_" + request.getURI().getPath();
log.info("请求,path={}", path);
PathMatcher pathMatcher = new AntPathMatcher();
// 对应跨域的预检请求直接放行
if (request.getMethod() == HttpMethod.OPTIONS) {
return Mono.just(new AuthorizationDecision(true));
}
// token为空拒绝访问
String token = request.getHeaders().getFirst(AuthConstants.AUTHORIZATION_KEY);
log.info("请求token,token={}", token);
if (StrUtil.isBlank(token)) {
log.info("请求token为空拒绝访问,path={}", path);
return Mono.just(new AuthorizationDecision(false));
}
// 从缓存取资源权限角色关系列表
Map<Object, Object> permissionRoles = redisTemplate.opsForHash().entries(AuthConstants.PERMISSION_ROLES_KEY);
Iterator<Object> iterator = permissionRoles.keySet().iterator();
// 请求路径匹配到的资源需要的角色权限集合authorities统计
Set<String> authorities = new HashSet<>();
while (iterator.hasNext()) {
String pattern = (String) iterator.next();
if (pathMatcher.match(pattern, path)) {
authorities.addAll(Convert.toList(String.class, permissionRoles.get(pattern)));
}
}
log.info("require authorities:{}", authorities);
return mono
.filter(Authentication::isAuthenticated)
.flatMapIterable(Authentication::getAuthorities)
.map(GrantedAuthority::getAuthority)
.any(roleId -> {
// roleId是请求用户的角色(格式:ROLE_{roleId}),authorities是请求资源所需要角色的集合
log.info("访问路径:{}", path);
log.info("用户角色信息:{}", roleId);
log.info("资源需要权限authorities:{}", authorities);
//如果是管理员 直接放行
if ("ROLE_0".equals(roleId)) {
return true;
}
return authorities.contains(roleId);
})
.map(AuthorizationDecision::new)
.defaultIfEmpty(new AuthorizationDecision(false));
}
// token为空拒绝访问
String token = request.getHeaders().getFirst(AuthConstants.AUTHORIZATION_KEY);
log.info("请求token,token={}", token);
if (StrUtil.isBlank(token)) {
log.info("请求token为空拒绝访问,path={}", path);
return Mono.just(new AuthorizationDecision(false));
}
// 从缓存取资源权限角色关系列表
Map<Object, Object> permissionRoles = redisTemplate.opsForHash().entries(AuthConstants.PERMISSION_ROLES_KEY);
Iterator<Object> iterator = permissionRoles.keySet().iterator();
// 请求路径匹配到的资源需要的角色权限集合authorities统计
Set<String> authorities = new HashSet<>();
while (iterator.hasNext()) {
String pattern = (String) iterator.next();
if (pathMatcher.match(pattern, path)) {
authorities.addAll(Convert.toList(String.class, permissionRoles.get(pattern)));
}
}
log.info("require authorities:{}", authorities);
return mono
.filter(Authentication::isAuthenticated)
.flatMapIterable(Authentication::getAuthorities)
.map(GrantedAuthority::getAuthority)
.any(roleId -> {
// roleId是请求用户的角色(格式:ROLE_{roleId}),authorities是请求资源所需要角色的集合
log.info("访问路径:{}", path);
log.info("用户角色信息:{}", roleId);
log.info("资源需要权限authorities:{}", authorities);
return authorities.contains(roleId);
})
.map(AuthorizationDecision::new)
.defaultIfEmpty(new AuthorizationDecision(false));
}
}
......@@ -3,17 +3,17 @@ package com.hungraim.ltc.system.controller;
import cn.hutool.core.util.StrUtil;
import com.baomidou.mybatisplus.core.conditions.query.LambdaQueryWrapper;
import com.baomidou.mybatisplus.core.conditions.query.QueryWrapper;
import com.baomidou.mybatisplus.extension.plugins.pagination.Page;
import com.hungraim.ltc.pojo.entity.system.SystemResource;
import com.hungraim.ltc.pojo.entity.system.SystemRoleResource;
import com.hungraim.ltc.pojo.vo.system.MainMenuVO;
import com.hungraim.ltc.pojo.vo.system.ReqResource;
import com.hungraim.ltc.system.service.ISystemResourceService;
import com.hungraim.ltc.system.service.ISystemRoleResourceService;
import com.hungraim.ltc.util.Result;
import lombok.extern.slf4j.Slf4j;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.web.bind.annotation.GetMapping;
import org.springframework.web.bind.annotation.PostMapping;
import org.springframework.web.bind.annotation.RequestMapping;
import org.springframework.web.bind.annotation.RestController;
import org.springframework.web.bind.annotation.*;
import java.util.Date;
import java.util.List;
......@@ -30,6 +30,9 @@ public class ResourcesController {
@Autowired
private ISystemResourceService resourceService;
@Autowired
private ISystemRoleResourceService roleResourceService;
/**
* 获取主菜单信息
......@@ -46,6 +49,7 @@ public class ResourcesController {
mainMenuVO.setName(item.getResourceName());
mainMenuVO.setId(item.getResourceId());
mainMenuVO.setParentId(item.getParentId());
mainMenuVO.setPath(item.getResourceUrl());
return mainMenuVO;
}).collect(Collectors.toList());
//转成tree形式菜单数据
......@@ -84,21 +88,30 @@ public class ResourcesController {
systemResource.setResourceId(reqResource.getId());
systemResource.setResourceIcon(reqResource.getIcon());
systemResource.setParentId(reqResource.getParentId());
systemResource.setCreateTime(new Date());
systemResource.setCreatedTime(new Date());
resourceService.save(systemResource);
SystemRoleResource systemRoleResource = new SystemRoleResource();
systemRoleResource.setResourceId(systemResource.getResourceId());
systemRoleResource.setRoleId(0L);
roleResourceService.save(systemRoleResource);
return Result.success("插入成功");
}
@PostMapping("/queryResources")
public Result queryResources(ReqResource reqResource){
public Result queryResources(ReqResource reqResource,
@RequestParam(defaultValue = "1") int pageNum, @RequestParam(defaultValue = "20") int pageSize){
QueryWrapper<SystemResource> systemResourceQueryWrapper = new QueryWrapper<>();
if (StrUtil.isBlankIfStr(reqResource.getName())) {
systemResourceQueryWrapper.and(wrapper -> wrapper.lambda().like(SystemResource::getResourceName, reqResource.getName()));
if (!StrUtil.isBlankIfStr(reqResource.getName())) {
systemResourceQueryWrapper.or(wrapper -> wrapper.lambda().like(SystemResource::getResourceName, reqResource.getName()));
}
if (StrUtil.isBlankIfStr(reqResource.getUrl())) {
systemResourceQueryWrapper.and(wrapper -> wrapper.lambda().like(SystemResource::getResourceUrl, reqResource.getUrl()));
if (!StrUtil.isBlankIfStr(reqResource.getUrl())) {
systemResourceQueryWrapper.or(wrapper -> wrapper.lambda().like(SystemResource::getResourceUrl, reqResource.getUrl()));
}
return Result.success(resourceService.list(systemResourceQueryWrapper));
systemResourceQueryWrapper.orderByAsc("resource_id");
return Result.success(resourceService.page(new Page<>(pageNum, pageSize), systemResourceQueryWrapper));
}
......
......@@ -3,6 +3,7 @@ package com.hungraim.ltc.system.controller;
import cn.hutool.core.util.StrUtil;
import com.baomidou.mybatisplus.core.conditions.query.LambdaQueryWrapper;
import com.baomidou.mybatisplus.core.conditions.query.QueryWrapper;
import com.baomidou.mybatisplus.extension.plugins.pagination.Page;
import com.hungraim.ltc.pojo.entity.system.SystemRole;
import com.hungraim.ltc.pojo.entity.system.SystemRoleResource;
import com.hungraim.ltc.pojo.vo.system.ReqRoleInfo;
......@@ -13,6 +14,7 @@ import lombok.extern.slf4j.Slf4j;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.web.bind.annotation.*;
import java.util.ArrayList;
import java.util.Date;
import java.util.List;
import java.util.stream.Collectors;
......@@ -62,9 +64,11 @@ public class RoleController {
SystemRole systemRole = new SystemRole();
systemRole.setRoleName(reqRoleInfo.getName());
systemRole.setStatus(reqRoleInfo.getStatus());
systemRole.setCreateTime(new Date());
systemRole.setCreatedTime(new Date());
roleService.save(systemRole);
if(reqRoleInfo.getResource() == null){
reqRoleInfo.setResource(new ArrayList<>());
}
List<SystemRoleResource> roleResources = reqRoleInfo.getResource().stream().map(resourceId -> {
SystemRoleResource systemRoleResource = new SystemRoleResource();
systemRoleResource.setRoleId(reqRoleInfo.getId());
......@@ -98,11 +102,13 @@ public class RoleController {
/**
* 查询角色列表
*
* @param reqRoleInfo
* @return
*/
@PostMapping("/queryRoles")
public Result queryRoles(ReqRoleInfo reqRoleInfo) {
public Result queryRoles(ReqRoleInfo reqRoleInfo,
@RequestParam(defaultValue = "1") int pageNum, @RequestParam(defaultValue = "20") int pageSize) {
QueryWrapper<SystemRole> systemRoleQueryWrapper = new QueryWrapper<>();
if (!StrUtil.isBlankIfStr(reqRoleInfo.getName())) {
......@@ -111,11 +117,14 @@ public class RoleController {
if (!StrUtil.isBlankIfStr(reqRoleInfo.getStatus())) {
systemRoleQueryWrapper.and(wrapper -> wrapper.lambda().eq(SystemRole::getStatus, reqRoleInfo.getStatus()));
}
return Result.success(roleService.list(systemRoleQueryWrapper));
systemRoleQueryWrapper.orderByAsc("role_id");
return Result.success(roleService.page(new Page<>(pageNum, pageSize), systemRoleQueryWrapper));
}
/**
* 更新角色信息
*
* @param reqRoleInfo
* @return
*/
......@@ -138,26 +147,30 @@ public class RoleController {
flag = true;
}
if (flag) {
systemRole.setModifyTime(new Date());
systemRole.setUpdatedTime(new Date());
roleService.save(systemRole);
}
//查询该角色下所有的资源数据
List<SystemRoleResource> roleResources = roleResourceService.list(new LambdaQueryWrapper<SystemRoleResource>().eq(SystemRoleResource::getRoleId, reqRoleInfo.getId()));
if(reqRoleInfo.getResource()==null){
reqRoleInfo.setResource(new ArrayList<>());
}
List<SystemRoleResource> newRoleResources = reqRoleInfo.getResource().stream()
.filter(id -> {
for (SystemRoleResource r : roleResources) {
if (r.getResourceId().equals(id)) {
return false;
for (SystemRoleResource r : roleResources) {
if (r.getResourceId().equals(id)) {
return false;
}
}
}
return true;
}).map(resourceId -> {
SystemRoleResource systemRoleResource = new SystemRoleResource();
systemRoleResource.setResourceId(resourceId);
systemRoleResource.setRoleId(reqRoleInfo.getId());
return systemRoleResource;
}).collect(Collectors.toList());
return true;
}).map(resourceId -> {
SystemRoleResource systemRoleResource = new SystemRoleResource();
systemRoleResource.setResourceId(resourceId);
systemRoleResource.setRoleId(reqRoleInfo.getId());
return systemRoleResource;
}).collect(Collectors.toList());
roleResourceService.saveBatch(newRoleResources);
List<Long> deleteRoleResources = roleResources.stream()
......
......@@ -19,7 +19,7 @@ public interface SystemResourceMapper extends BaseMapper<SystemResource> {
*/
@Select("SELECT RESOURCE_ID,RESOURCE_NAME,RESOURCE_URL,METHOD FROM LTC_RESOURCE")
@Results({
@Result(property = "roleIds", column = "id",many = @Many(select = "com.hungraim.ltc.system.dao.SystemRoleResourceMapper.listRoleIds"))
@Result(property = "roleIds", column = "RESOURCE_ID",many = @Many(select = "com.hungraim.ltc.system.dao.SystemRoleResourceMapper.listRoleIds"))
})
List<SystemResource> listResourceRoles();
......
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment