mirror of
https://gitee.com/lab1024/smart-admin.git
synced 2025-09-23 05:46:40 +08:00
add sa-token
This commit is contained in:
lixiaodong
parent
c6d7ae9f46
commit
c894c3d934
@ -46,6 +46,7 @@
|
||||
<jjwt.version>0.9.1</jjwt.version>
|
||||
<jwks-rsa.version>0.9.0</jwks-rsa.version>
|
||||
<velocity-tools.version>3.1</velocity-tools.version>
|
||||
<sa-token-version>1.35.0.RC</sa-token-version>
|
||||
</properties>
|
||||
|
||||
<dependencyManagement>
|
||||
@ -109,6 +110,23 @@
|
||||
<version>${swagger.version}</version>
|
||||
</dependency>
|
||||
|
||||
<!-- Sa-Token 权限认证,在线文档:https://sa-token.cc -->
|
||||
<!-- 依赖下载失败 请看:https://sa-token.cc/doc.html#/start/maven-pull -->
|
||||
<dependency>
|
||||
<groupId>cn.dev33</groupId>
|
||||
<artifactId>sa-token-spring-boot-starter</artifactId>
|
||||
<version>${sa-token-version}</version>
|
||||
</dependency>
|
||||
|
||||
<!-- Sa-Token 整合 Redis (使用 jackson 序列化方式) -->
|
||||
<dependency>
|
||||
<groupId>cn.dev33</groupId>
|
||||
<artifactId>sa-token-redis-jackson</artifactId>
|
||||
<version>${sa-token-version}</version>
|
||||
</dependency>
|
||||
|
||||
<!-- sa-token end -->
|
||||
|
||||
<dependency>
|
||||
<groupId>com.alibaba</groupId>
|
||||
<artifactId>fastjson</artifactId>
|
||||
|
||||
@ -4,8 +4,6 @@ import net.lab1024.sa.common.common.domain.RequestUser;
|
||||
import net.lab1024.sa.common.common.util.SmartRequestUtil;
|
||||
import net.lab1024.sa.common.module.support.jwe.JweAspect;
|
||||
import net.lab1024.sa.common.module.support.jwe.JweUserKey;
|
||||
import net.lab1024.sa.common.module.support.operatelog.core.OperateLogAspect;
|
||||
import net.lab1024.sa.common.module.support.operatelog.core.OperateLogConfig;
|
||||
import org.springframework.context.annotation.Bean;
|
||||
import org.springframework.context.annotation.Configuration;
|
||||
|
||||
@ -27,7 +25,7 @@ public class JweAspectConfig {
|
||||
@Bean
|
||||
public JweAspect jweConfig() {
|
||||
return new JweAspect((request -> {
|
||||
RequestUser requestUser = SmartRequestUtil.getRequestUser();
|
||||
RequestUser requestUser = SmartRequestUtil.getUser();
|
||||
JweUserKey userKey = new JweUserKey();
|
||||
userKey.setUserId(requestUser.getUserId());
|
||||
userKey.setUserName(requestUser.getUserName());
|
||||
|
||||
@ -1,40 +0,0 @@
|
||||
package net.lab1024.sa.admin.config;
|
||||
|
||||
import net.lab1024.sa.admin.module.system.login.service.LoginService;
|
||||
import net.lab1024.sa.common.common.security.AbstractSecurityConfig;
|
||||
import org.springframework.beans.factory.annotation.Autowired;
|
||||
import org.springframework.context.annotation.Configuration;
|
||||
import org.springframework.security.core.userdetails.UserDetails;
|
||||
|
||||
import javax.servlet.http.HttpServletRequest;
|
||||
import java.util.function.BiFunction;
|
||||
|
||||
/**
|
||||
* 权限配置
|
||||
*
|
||||
* @Author 1024创新实验室: 罗伊
|
||||
* @Date 2022-05-30 21:22:12
|
||||
* @Wechat zhuoda1024
|
||||
* @Email lab1024@163.com
|
||||
* @Copyright 1024创新实验室 ( https://1024lab.net )
|
||||
*/
|
||||
@Configuration
|
||||
public class SecurityConfig extends AbstractSecurityConfig {
|
||||
/**
|
||||
* 获取TOKEN 解析类
|
||||
*/
|
||||
@Autowired
|
||||
private LoginService loginService;
|
||||
|
||||
@Override
|
||||
protected BiFunction<String, HttpServletRequest, UserDetails> userFunction() {
|
||||
return (token, request) -> loginService.getLoginUserDetail(token, request);
|
||||
}
|
||||
|
||||
@Override
|
||||
protected String[] getAuthenticatedUrlPatterns() {
|
||||
return new String[]{"/**"};
|
||||
}
|
||||
|
||||
|
||||
}
|
||||
@ -1,50 +0,0 @@
|
||||
package net.lab1024.sa.admin.config;
|
||||
|
||||
import net.lab1024.sa.admin.module.system.login.domain.LoginEmployeeDetail;
|
||||
import net.lab1024.sa.common.common.annoation.SaAuth;
|
||||
import net.lab1024.sa.common.common.security.SecurityMethodSource;
|
||||
import net.lab1024.sa.common.common.security.SecurityPermissionCheckService;
|
||||
import org.springframework.context.annotation.Bean;
|
||||
import org.springframework.security.access.expression.method.ExpressionBasedAnnotationAttributeFactory;
|
||||
import org.springframework.security.access.method.MethodSecurityMetadataSource;
|
||||
import org.springframework.security.config.annotation.method.configuration.EnableGlobalMethodSecurity;
|
||||
import org.springframework.security.config.annotation.method.configuration.GlobalMethodSecurityConfiguration;
|
||||
import org.springframework.security.core.Authentication;
|
||||
|
||||
/**
|
||||
* 1、以类名加方法名为权限字符串的校验模式 <br>
|
||||
* 2、重写MethodSecurityMetadataSource将优化security配置,只需在方法上加上@saAuth注解,方法上就会存在权限(权限字符串为类名加方法名),而无需另外手动设置,减轻后端开发成本<br>
|
||||
* 3、security将不再依据权限字符串进行权限控制,<br>
|
||||
* 4、security将依据对应权限字符串下的接口权限进行控制 <br>
|
||||
* 5、采用此配置原@PreAuthorize依然有效 <br>
|
||||
* 6、如若无需此配置,需将@EnableGlobalMethodSecurity注解添加至SecurityConfig类上
|
||||
*
|
||||
* @Author 1024创新实验室: 罗伊
|
||||
* @Date 2021-08-31 0:01
|
||||
* @Wechat zhuoda1024
|
||||
* @Email lab1024@163.com
|
||||
* @Copyright 1024创新实验室 ( https://1024lab.net )
|
||||
*/
|
||||
@EnableGlobalMethodSecurity(prePostEnabled = true)
|
||||
public class SecurityMethodConfig extends GlobalMethodSecurityConfiguration {
|
||||
|
||||
@Bean(SaAuth.saAuth)
|
||||
public SecurityPermissionCheckService securityPermissionCheckService() {
|
||||
return new SecurityPermissionCheckService() {
|
||||
@Override
|
||||
public boolean checkPermission(Authentication authentication, String permission) {
|
||||
LoginEmployeeDetail loginEmployeeDetail = (LoginEmployeeDetail) authentication.getPrincipal();
|
||||
if (loginEmployeeDetail.getAdministratorFlag()) {
|
||||
return true;
|
||||
}
|
||||
return super.permissionJudge(loginEmployeeDetail, permission);
|
||||
}
|
||||
};
|
||||
}
|
||||
|
||||
@Override
|
||||
public MethodSecurityMetadataSource customMethodSecurityMetadataSource() {
|
||||
ExpressionBasedAnnotationAttributeFactory attributeFactory = new ExpressionBasedAnnotationAttributeFactory(this.getExpressionHandler());
|
||||
return new SecurityMethodSource(attributeFactory, SaAuth.saAuth);
|
||||
}
|
||||
}
|
||||
@ -1,5 +1,6 @@
|
||||
package net.lab1024.sa.admin.module.business.goods.controller;
|
||||
|
||||
import cn.dev33.satoken.annotation.SaCheckPermission;
|
||||
import io.swagger.annotations.Api;
|
||||
import io.swagger.annotations.ApiOperation;
|
||||
import net.lab1024.sa.admin.common.AdminBaseController;
|
||||
@ -14,7 +15,6 @@ import net.lab1024.sa.common.common.domain.ResponseDTO;
|
||||
import net.lab1024.sa.common.common.domain.ValidateList;
|
||||
import net.lab1024.sa.common.module.support.operatelog.annoation.OperateLog;
|
||||
import org.springframework.beans.factory.annotation.Autowired;
|
||||
import org.springframework.security.access.prepost.PreAuthorize;
|
||||
import org.springframework.web.bind.annotation.*;
|
||||
|
||||
import javax.validation.Valid;
|
||||
@ -38,35 +38,35 @@ public class GoodsController extends AdminBaseController {
|
||||
|
||||
@ApiOperation("分页查询 @author 胡克")
|
||||
@PostMapping("/goods/query")
|
||||
@PreAuthorize("@saAuth.checkPermission('goods:query')")
|
||||
@SaCheckPermission("@saAuth.checkPermission('goods:query')")
|
||||
public ResponseDTO<PageResult<GoodsVO>> query(@RequestBody @Valid GoodsQueryForm queryForm) {
|
||||
return goodsService.query(queryForm);
|
||||
}
|
||||
|
||||
@ApiOperation("添加商品 @author 胡克")
|
||||
@PostMapping("/goods/add")
|
||||
@PreAuthorize("@saAuth.checkPermission('goods:add')")
|
||||
@SaCheckPermission("@saAuth.checkPermission('goods:add')")
|
||||
public ResponseDTO<String> add(@RequestBody @Valid GoodsAddForm addForm) {
|
||||
return goodsService.add(addForm);
|
||||
}
|
||||
|
||||
@ApiOperation("更新商品 @author 胡克")
|
||||
@PostMapping("/goods/update")
|
||||
@PreAuthorize("@saAuth.checkPermission('goods:update')")
|
||||
@SaCheckPermission("@saAuth.checkPermission('goods:update')")
|
||||
public ResponseDTO<String> update(@RequestBody @Valid GoodsUpdateForm updateForm) {
|
||||
return goodsService.update(updateForm);
|
||||
}
|
||||
|
||||
@ApiOperation("删除 @author 卓大")
|
||||
@GetMapping("/goods/delete/{goodsId}")
|
||||
@PreAuthorize("@saAuth.checkPermission('goods:delete')")
|
||||
@SaCheckPermission("@saAuth.checkPermission('goods:delete')")
|
||||
public ResponseDTO<String> delete(@PathVariable Long goodsId) {
|
||||
return goodsService.delete(goodsId);
|
||||
}
|
||||
|
||||
@ApiOperation("批量 @author 卓大")
|
||||
@PostMapping("/goods/batchDelete")
|
||||
@PreAuthorize("@saAuth.checkPermission('goods:batchDelete')")
|
||||
@SaCheckPermission("@saAuth.checkPermission('goods:batchDelete')")
|
||||
public ResponseDTO<String> batchDelete(@RequestBody @Valid ValidateList<Long> idList) {
|
||||
return goodsService.batchDelete(idList);
|
||||
}
|
||||
|
||||
@ -54,7 +54,7 @@ public class BankController {
|
||||
@ApiOperation(value = "新建银行信息 @author 善逸")
|
||||
@PostMapping("/oa/bank/create")
|
||||
public ResponseDTO<String> createBank(@RequestBody @Valid BankCreateForm createVO) {
|
||||
RequestUser requestUser = SmartRequestUtil.getRequestUser();
|
||||
RequestUser requestUser = SmartRequestUtil.getUser();
|
||||
createVO.setCreateUserId(requestUser.getUserId());
|
||||
createVO.setCreateUserName(requestUser.getUserName());
|
||||
return bankService.createBank(createVO);
|
||||
|
||||
@ -56,7 +56,7 @@ public class EnterpriseController {
|
||||
@PostMapping("/oa/enterprise/create")
|
||||
@SaAuth
|
||||
public ResponseDTO<String> createEnterprise(@RequestBody @Valid EnterpriseCreateForm createVO) {
|
||||
RequestUser requestUser = SmartRequestUtil.getRequestUser();
|
||||
RequestUser requestUser = SmartRequestUtil.getUser();
|
||||
createVO.setCreateUserId(requestUser.getUserId());
|
||||
createVO.setCreateUserName(requestUser.getUserName());
|
||||
return enterpriseService.createEnterprise(createVO);
|
||||
|
||||
@ -52,7 +52,7 @@ public class InvoiceController {
|
||||
@ApiOperation(value = "新建发票信息 @author 善逸")
|
||||
@PostMapping("/oa/invoice/create")
|
||||
public ResponseDTO<String> createInvoice(@RequestBody @Valid InvoiceAddForm createVO) {
|
||||
RequestUser requestUser = SmartRequestUtil.getRequestUser();
|
||||
RequestUser requestUser = SmartRequestUtil.getUser();
|
||||
createVO.setCreateUserId(requestUser.getUserId());
|
||||
createVO.setCreateUserName(requestUser.getUserName());
|
||||
return invoiceService.createInvoice(createVO);
|
||||
|
||||
@ -83,7 +83,7 @@ public class NoticeController {
|
||||
@RepeatSubmit
|
||||
@SaAuth
|
||||
public ResponseDTO<String> add(@RequestBody @Valid NoticeAddForm addForm) {
|
||||
addForm.setCreateUserId(SmartRequestUtil.getRequestUserId());
|
||||
addForm.setCreateUserId(SmartRequestUtil.getUserId());
|
||||
return noticeService.add(addForm);
|
||||
}
|
||||
|
||||
@ -114,7 +114,7 @@ public class NoticeController {
|
||||
@GetMapping("/oa/notice/employee/view/{noticeId}")
|
||||
public ResponseDTO<NoticeDetailVO> view(@PathVariable Long noticeId, HttpServletRequest request) {
|
||||
return noticeEmployeeService.view(
|
||||
SmartRequestUtil.getRequestUserId(),
|
||||
SmartRequestUtil.getUserId(),
|
||||
noticeId,
|
||||
ServletUtil.getClientIP(request),
|
||||
request.getHeader("User-Agent")
|
||||
@ -124,7 +124,7 @@ public class NoticeController {
|
||||
@ApiOperation("【员工】通知公告-查询全部 @author 卓大")
|
||||
@PostMapping("/oa/notice/employee/query")
|
||||
public ResponseDTO<PageResult<NoticeEmployeeVO>> queryEmployeeNotice(@RequestBody @Valid NoticeEmployeeQueryForm noticeEmployeeQueryForm) {
|
||||
return noticeEmployeeService.queryList(SmartRequestUtil.getRequestUserId(), noticeEmployeeQueryForm);
|
||||
return noticeEmployeeService.queryList(SmartRequestUtil.getUserId(), noticeEmployeeQueryForm);
|
||||
}
|
||||
|
||||
@ApiOperation("【员工】通知公告-查询 查看记录 @author 卓大")
|
||||
|
||||
@ -1,11 +1,11 @@
|
||||
package net.lab1024.sa.admin.module.system.datascope.service;
|
||||
|
||||
import lombok.extern.slf4j.Slf4j;
|
||||
import net.lab1024.sa.admin.module.system.datascope.DataScope;
|
||||
import net.lab1024.sa.admin.module.system.datascope.constant.DataScopeTypeEnum;
|
||||
import net.lab1024.sa.admin.module.system.datascope.constant.DataScopeViewTypeEnum;
|
||||
import net.lab1024.sa.admin.module.system.datascope.constant.DataScopeWhereInTypeEnum;
|
||||
import net.lab1024.sa.admin.module.system.datascope.domain.DataScopeSqlConfig;
|
||||
import net.lab1024.sa.admin.module.system.datascope.DataScope;
|
||||
import net.lab1024.sa.admin.module.system.datascope.strategy.DataScopePowerStrategy;
|
||||
import net.lab1024.sa.common.common.util.SmartRequestUtil;
|
||||
import org.apache.commons.collections4.CollectionUtils;
|
||||
@ -108,7 +108,7 @@ public class DataScopeSqlConfigService {
|
||||
public String getJoinSql(Map<String, Object> paramMap, DataScopeSqlConfig sqlConfigDTO) {
|
||||
DataScopeTypeEnum dataScopeTypeEnum = sqlConfigDTO.getDataScopeType();
|
||||
String joinSql = sqlConfigDTO.getJoinSql();
|
||||
Long employeeId = SmartRequestUtil.getRequestUserId();
|
||||
Long employeeId = SmartRequestUtil.getUserId();
|
||||
if (employeeId == null) {
|
||||
return "";
|
||||
}
|
||||
|
||||
@ -1,5 +1,6 @@
|
||||
package net.lab1024.sa.admin.module.system.department.controller;
|
||||
|
||||
import cn.dev33.satoken.annotation.SaCheckPermission;
|
||||
import io.swagger.annotations.Api;
|
||||
import io.swagger.annotations.ApiOperation;
|
||||
import net.lab1024.sa.admin.common.AdminBaseController;
|
||||
@ -12,7 +13,6 @@ import net.lab1024.sa.admin.module.system.department.service.DepartmentService;
|
||||
import net.lab1024.sa.common.common.domain.ResponseDTO;
|
||||
import net.lab1024.sa.common.module.support.operatelog.annoation.OperateLog;
|
||||
import org.springframework.beans.factory.annotation.Autowired;
|
||||
import org.springframework.security.access.prepost.PreAuthorize;
|
||||
import org.springframework.web.bind.annotation.*;
|
||||
|
||||
import javax.validation.Valid;
|
||||
@ -43,21 +43,21 @@ public class DepartmentController extends AdminBaseController {
|
||||
|
||||
@ApiOperation(value = "添加部门 @author 卓大")
|
||||
@PostMapping("/department/add")
|
||||
@PreAuthorize("@saAuth.checkPermission('system:department:add')")
|
||||
@SaCheckPermission("@saAuth.checkPermission('system:department:add')")
|
||||
public ResponseDTO<String> addDepartment(@Valid @RequestBody DepartmentAddForm createDTO) {
|
||||
return departmentService.addDepartment(createDTO);
|
||||
}
|
||||
|
||||
@ApiOperation(value = "更新部门 @author 卓大")
|
||||
@PostMapping("/department/update")
|
||||
@PreAuthorize("@saAuth.checkPermission('system:department:update')")
|
||||
@SaCheckPermission("@saAuth.checkPermission('system:department:update')")
|
||||
public ResponseDTO<String> updateDepartment(@Valid @RequestBody DepartmentUpdateForm updateDTO) {
|
||||
return departmentService.updateDepartment(updateDTO);
|
||||
}
|
||||
|
||||
@ApiOperation(value = "删除部门 @author 卓大")
|
||||
@GetMapping("/department/delete/{departmentId}")
|
||||
@PreAuthorize("@saAuth.checkPermission('system:department:delete')")
|
||||
@SaCheckPermission("@saAuth.checkPermission('system:department:delete')")
|
||||
public ResponseDTO<String> deleteDepartment(@PathVariable Long departmentId) {
|
||||
return departmentService.deleteDepartment(departmentId);
|
||||
}
|
||||
|
||||
@ -1,5 +1,6 @@
|
||||
package net.lab1024.sa.admin.module.system.employee.controller;
|
||||
|
||||
import cn.dev33.satoken.annotation.SaCheckPermission;
|
||||
import io.swagger.annotations.Api;
|
||||
import io.swagger.annotations.ApiOperation;
|
||||
import net.lab1024.sa.admin.common.AdminBaseController;
|
||||
@ -12,7 +13,6 @@ import net.lab1024.sa.common.common.domain.ResponseDTO;
|
||||
import net.lab1024.sa.common.common.util.SmartRequestUtil;
|
||||
import net.lab1024.sa.common.module.support.operatelog.annoation.OperateLog;
|
||||
import org.springframework.beans.factory.annotation.Autowired;
|
||||
import org.springframework.security.access.prepost.PreAuthorize;
|
||||
import org.springframework.web.bind.annotation.*;
|
||||
|
||||
import javax.validation.Valid;
|
||||
@ -43,35 +43,35 @@ public class EmployeeController extends AdminBaseController {
|
||||
|
||||
@ApiOperation(value = "添加员工(返回添加员工的密码) @author 卓大")
|
||||
@PostMapping("/employee/add")
|
||||
@PreAuthorize("@saAuth.checkPermission('system:employee:add')")
|
||||
@SaCheckPermission("@saAuth.checkPermission('system:employee:add')")
|
||||
public ResponseDTO<String> addEmployee(@Valid @RequestBody EmployeeAddForm employeeAddForm) {
|
||||
return employeeService.addEmployee(employeeAddForm);
|
||||
}
|
||||
|
||||
@ApiOperation(value = "更新员工 @author 卓大")
|
||||
@PostMapping("/employee/update")
|
||||
@PreAuthorize("@saAuth.checkPermission('system:employee:update')")
|
||||
@SaCheckPermission("@saAuth.checkPermission('system:employee:update')")
|
||||
public ResponseDTO<String> updateEmployee(@Valid @RequestBody EmployeeUpdateForm employeeUpdateForm) {
|
||||
return employeeService.updateEmployee(employeeUpdateForm);
|
||||
}
|
||||
|
||||
@ApiOperation(value = "更新员工禁用/启用状态 @author 卓大")
|
||||
@GetMapping("/employee/update/disabled/{employeeId}")
|
||||
@PreAuthorize("@saAuth.checkPermission('system:employee:disabled')")
|
||||
@SaCheckPermission("@saAuth.checkPermission('system:employee:disabled')")
|
||||
public ResponseDTO<String> updateDisableFlag(@PathVariable Long employeeId) {
|
||||
return employeeService.updateDisableFlag(employeeId);
|
||||
}
|
||||
|
||||
@ApiOperation(value = "批量删除员工 @author 卓大")
|
||||
@PostMapping("/employee/update/batch/delete")
|
||||
@PreAuthorize("@saAuth.checkPermission('system:employee:delete')")
|
||||
@SaCheckPermission("@saAuth.checkPermission('system:employee:delete')")
|
||||
public ResponseDTO<String> batchUpdateDeleteFlag(@RequestBody List<Long> employeeIdList) {
|
||||
return employeeService.batchUpdateDeleteFlag(employeeIdList);
|
||||
}
|
||||
|
||||
@ApiOperation(value = "批量调整员工部门 @author 卓大")
|
||||
@PostMapping("/employee/update/batch/department")
|
||||
@PreAuthorize("@saAuth.checkPermission('system:employee:department:update')")
|
||||
@SaCheckPermission("@saAuth.checkPermission('system:employee:department:update')")
|
||||
public ResponseDTO<String> batchUpdateDepartment(@Valid @RequestBody EmployeeBatchUpdateDepartmentForm batchUpdateDepartmentForm) {
|
||||
return employeeService.batchUpdateDepartment(batchUpdateDepartmentForm);
|
||||
}
|
||||
@ -79,13 +79,13 @@ public class EmployeeController extends AdminBaseController {
|
||||
@ApiOperation(value = "修改密码 @author 卓大")
|
||||
@PostMapping("/employee/update/password")
|
||||
public ResponseDTO<String> updatePassword(@Valid @RequestBody EmployeeUpdatePasswordForm updatePasswordForm) {
|
||||
updatePasswordForm.setEmployeeId(SmartRequestUtil.getRequestUserId());
|
||||
updatePasswordForm.setEmployeeId(SmartRequestUtil.getUserId());
|
||||
return employeeService.updatePassword(updatePasswordForm);
|
||||
}
|
||||
|
||||
@ApiOperation(value = "重置员工密码 @author 卓大")
|
||||
@GetMapping("/employee/update/password/reset/{employeeId}")
|
||||
@PreAuthorize("@saAuth.checkPermission('system:employee:password:reset')")
|
||||
@SaCheckPermission("@saAuth.checkPermission('system:employee:password:reset')")
|
||||
public ResponseDTO<String> resetPassword(@PathVariable Integer employeeId) {
|
||||
return employeeService.resetPassword(employeeId);
|
||||
}
|
||||
|
||||
@ -1,19 +1,12 @@
|
||||
package net.lab1024.sa.admin.module.system.employee.service;
|
||||
|
||||
import net.lab1024.sa.admin.module.system.menu.constant.MenuPermsTypeEnum;
|
||||
import net.lab1024.sa.admin.module.system.menu.domain.vo.MenuVO;
|
||||
import net.lab1024.sa.admin.module.system.role.service.RoleEmployeeService;
|
||||
import net.lab1024.sa.admin.module.system.role.service.RoleMenuService;
|
||||
import org.apache.commons.lang3.StringUtils;
|
||||
import org.springframework.beans.factory.annotation.Autowired;
|
||||
import org.springframework.security.core.GrantedAuthority;
|
||||
import org.springframework.security.core.authority.SimpleGrantedAuthority;
|
||||
import org.springframework.stereotype.Service;
|
||||
|
||||
import java.util.HashSet;
|
||||
import java.util.List;
|
||||
import java.util.Set;
|
||||
import java.util.stream.Collectors;
|
||||
|
||||
/**
|
||||
* 员工权限校验
|
||||
@ -33,40 +26,6 @@ public class EmployeePermissionService {
|
||||
@Autowired
|
||||
private RoleMenuService roleMenuService;
|
||||
|
||||
/**
|
||||
* 构建权限集合
|
||||
*
|
||||
* @param menuAndPointsList
|
||||
*/
|
||||
public Set<? extends GrantedAuthority> buildAuthorities(List<MenuVO> menuAndPointsList) {
|
||||
HashSet<String> permissionList = new HashSet<>();
|
||||
for (MenuVO menu : menuAndPointsList) {
|
||||
if(menu.getPermsType() == null){
|
||||
continue;
|
||||
}
|
||||
|
||||
String perms = null;
|
||||
if(menu.getPermsType().equals(MenuPermsTypeEnum.SPRING_SECURITY.getValue())){
|
||||
perms = menu.getWebPerms();
|
||||
}else{
|
||||
perms = menu.getApiPerms();
|
||||
}
|
||||
|
||||
if (StringUtils.isEmpty(perms)) {
|
||||
continue;
|
||||
}
|
||||
//接口权限
|
||||
String[] split = perms.split(",");
|
||||
for (String perm : split) {
|
||||
permissionList.add(perm);
|
||||
}
|
||||
}
|
||||
|
||||
Set<GrantedAuthority> authorities = new HashSet<>();
|
||||
authorities.addAll(permissionList.stream().map(SimpleGrantedAuthority::new).collect(Collectors.toSet()));
|
||||
return authorities;
|
||||
}
|
||||
|
||||
/**
|
||||
* 查询用户拥有的前端菜单项 用于登陆返回 前端动态路由配置
|
||||
*
|
||||
|
||||
@ -211,7 +211,7 @@ public class EmployeeService {
|
||||
employeeDao.updateDisableFlag(employeeId, disableFlag);
|
||||
|
||||
if (employeeEntity.getDisabledFlag()) {
|
||||
tokenService.batchRemoveRedisToken(employeeId, UserTypeEnum.ADMIN_EMPLOYEE);
|
||||
tokenService.removeToken(employeeId, UserTypeEnum.ADMIN_EMPLOYEE);
|
||||
}
|
||||
|
||||
return ResponseDTO.ok();
|
||||
@ -240,9 +240,7 @@ public class EmployeeService {
|
||||
}).collect(Collectors.toList());
|
||||
employeeManager.updateBatchById(deleteList);
|
||||
|
||||
for (Long employeeId : employeeIdList) {
|
||||
tokenService.batchRemoveRedisToken(employeeId, UserTypeEnum.ADMIN_EMPLOYEE);
|
||||
}
|
||||
tokenService.removeToken(employeeIdList, UserTypeEnum.ADMIN_EMPLOYEE);
|
||||
return ResponseDTO.ok();
|
||||
}
|
||||
|
||||
|
||||
@ -8,17 +8,15 @@ import net.lab1024.sa.admin.module.system.login.domain.LoginEmployeeDetail;
|
||||
import net.lab1024.sa.admin.module.system.login.domain.LoginForm;
|
||||
import net.lab1024.sa.admin.module.system.login.service.LoginService;
|
||||
import net.lab1024.sa.common.common.annoation.NoNeedLogin;
|
||||
import net.lab1024.sa.common.common.code.UserErrorCode;
|
||||
import net.lab1024.sa.common.common.constant.RequestHeaderConst;
|
||||
import net.lab1024.sa.common.common.domain.ResponseDTO;
|
||||
import net.lab1024.sa.common.common.util.SmartRequestUtil;
|
||||
import net.lab1024.sa.common.module.support.captcha.domain.CaptchaVO;
|
||||
import org.springframework.beans.factory.annotation.Autowired;
|
||||
import org.springframework.security.core.Authentication;
|
||||
import org.springframework.security.core.context.SecurityContextHolder;
|
||||
import org.springframework.web.bind.annotation.*;
|
||||
import org.springframework.web.context.request.RequestContextHolder;
|
||||
import org.springframework.web.context.request.ServletRequestAttributes;
|
||||
import org.springframework.web.bind.annotation.GetMapping;
|
||||
import org.springframework.web.bind.annotation.PostMapping;
|
||||
import org.springframework.web.bind.annotation.RequestBody;
|
||||
import org.springframework.web.bind.annotation.RestController;
|
||||
|
||||
import javax.servlet.http.HttpServletRequest;
|
||||
import javax.validation.Valid;
|
||||
@ -40,26 +38,25 @@ public class LoginController {
|
||||
private LoginService loginService;
|
||||
|
||||
@NoNeedLogin
|
||||
@PostMapping("/login")
|
||||
@ApiOperation("登录 @author 卓大")
|
||||
public ResponseDTO<LoginEmployeeDetail> login(@Valid @RequestBody LoginForm loginForm) {
|
||||
HttpServletRequest request = ((ServletRequestAttributes) RequestContextHolder.getRequestAttributes()).getRequest();
|
||||
@PostMapping("/login")
|
||||
public ResponseDTO<LoginEmployeeDetail> login(@Valid @RequestBody LoginForm loginForm, HttpServletRequest request) {
|
||||
String ip = ServletUtil.getClientIP(request);
|
||||
String userAgent = ServletUtil.getHeaderIgnoreCase(request, RequestHeaderConst.USER_AGENT);
|
||||
return loginService.login(loginForm, ip, userAgent);
|
||||
}
|
||||
|
||||
@GetMapping("/login/refresh")
|
||||
@ApiOperation("刷新用户信息(包含用户基础信息、权限信息等等) @author 卓大")
|
||||
@GetMapping("/login/refresh")
|
||||
public ResponseDTO<String> refresh() {
|
||||
loginService.removeLoginUserDetailCache(SmartRequestUtil.getRequestUserId());
|
||||
loginService.removeLoginUserDetailCache(SmartRequestUtil.getUserId());
|
||||
return ResponseDTO.ok();
|
||||
}
|
||||
|
||||
@GetMapping("/login/getLoginInfo")
|
||||
@ApiOperation("获取登录结果信息 @author 卓大")
|
||||
@GetMapping("/login/getLoginInfo")
|
||||
public ResponseDTO<LoginEmployeeDetail> getLoginInfo() {
|
||||
Authentication authentication = SecurityContextHolder.getContext().getAuthentication();
|
||||
/* Authentication authentication = SecurityContextHolder.getContext().getAuthentication();
|
||||
if (authentication == null) {
|
||||
return ResponseDTO.error(UserErrorCode.LOGIN_STATE_INVALID);
|
||||
}
|
||||
@ -71,18 +68,19 @@ public class LoginController {
|
||||
|
||||
LoginEmployeeDetail loginEmployeeDetail = (LoginEmployeeDetail) authentication.getPrincipal();
|
||||
loginEmployeeDetail.setLoginPassword(null);
|
||||
return ResponseDTO.ok(loginEmployeeDetail);
|
||||
return ResponseDTO.ok(loginEmployeeDetail);*/
|
||||
return ResponseDTO.ok();
|
||||
}
|
||||
|
||||
@ApiOperation("退出登陆 @author 卓大")
|
||||
@ApiOperation("退出登录 @author 卓大")
|
||||
@GetMapping("/login/logout")
|
||||
public ResponseDTO<String> logout(@RequestHeader(value = RequestHeaderConst.TOKEN, required = false) String token) {
|
||||
return loginService.logout(token, SmartRequestUtil.getRequestUser());
|
||||
public ResponseDTO<String> logout() {
|
||||
return loginService.logout(SmartRequestUtil.getUser());
|
||||
}
|
||||
|
||||
@NoNeedLogin
|
||||
@ApiOperation("获取验证码 @author 卓大")
|
||||
@GetMapping("/login/getCaptcha")
|
||||
@NoNeedLogin
|
||||
public ResponseDTO<CaptchaVO> getCaptcha() {
|
||||
return loginService.getCaptcha();
|
||||
}
|
||||
|
||||
@ -8,13 +8,9 @@ import net.lab1024.sa.common.common.domain.RequestUser;
|
||||
import net.lab1024.sa.common.common.enumeration.GenderEnum;
|
||||
import net.lab1024.sa.common.common.enumeration.UserTypeEnum;
|
||||
import net.lab1024.sa.common.common.swagger.ApiModelPropertyEnum;
|
||||
import org.springframework.security.core.GrantedAuthority;
|
||||
import org.springframework.security.core.userdetails.UserDetails;
|
||||
|
||||
import java.time.LocalDateTime;
|
||||
import java.util.Collection;
|
||||
import java.util.List;
|
||||
import java.util.Set;
|
||||
|
||||
/**
|
||||
* 员工登录
|
||||
@ -26,7 +22,7 @@ import java.util.Set;
|
||||
* @Copyright 1024创新实验室 ( https://1024lab.net ),2012-2022
|
||||
*/
|
||||
@Data
|
||||
public class LoginEmployeeDetail implements UserDetails, RequestUser {
|
||||
public class LoginEmployeeDetail implements RequestUser {
|
||||
|
||||
@ApiModelProperty("token")
|
||||
private String token;
|
||||
@ -79,65 +75,6 @@ public class LoginEmployeeDetail implements UserDetails, RequestUser {
|
||||
@ApiModelProperty("请求user-agent")
|
||||
private String userAgent;
|
||||
|
||||
/**
|
||||
* security 权限串
|
||||
*/
|
||||
private Set<? extends GrantedAuthority> authorities;
|
||||
|
||||
@Override
|
||||
public Collection<? extends GrantedAuthority> getAuthorities() {
|
||||
return authorities;
|
||||
}
|
||||
|
||||
@Override
|
||||
@JsonIgnore
|
||||
public String getPassword() {
|
||||
return this.loginPassword;
|
||||
}
|
||||
|
||||
@Override
|
||||
public String getUsername() {
|
||||
return this.getLoginName();
|
||||
}
|
||||
|
||||
/**
|
||||
* 账户是否未过期,过期无法验证
|
||||
*/
|
||||
@Override
|
||||
public boolean isAccountNonExpired() {
|
||||
return true;
|
||||
}
|
||||
|
||||
/**
|
||||
* 指定用户是否解锁,锁定的用户无法进行身份验证
|
||||
*
|
||||
* @return
|
||||
*/
|
||||
@Override
|
||||
public boolean isAccountNonLocked() {
|
||||
return true;
|
||||
}
|
||||
|
||||
/**
|
||||
* 指示是否已过期的用户的凭据(密码),过期的凭据防止认证
|
||||
*
|
||||
* @return
|
||||
*/
|
||||
@Override
|
||||
public boolean isCredentialsNonExpired() {
|
||||
return true;
|
||||
}
|
||||
|
||||
/**
|
||||
* 是否可用 ,禁用的用户不能身份验证
|
||||
*
|
||||
* @return
|
||||
*/
|
||||
@Override
|
||||
public boolean isEnabled() {
|
||||
return true;
|
||||
}
|
||||
|
||||
@Override
|
||||
public Long getUserId() {
|
||||
return employeeId;
|
||||
@ -147,19 +84,4 @@ public class LoginEmployeeDetail implements UserDetails, RequestUser {
|
||||
public String getUserName() {
|
||||
return actualName;
|
||||
}
|
||||
|
||||
@Override
|
||||
public UserTypeEnum getUserType() {
|
||||
return userType;
|
||||
}
|
||||
|
||||
@Override
|
||||
public String getIp() {
|
||||
return this.ip;
|
||||
}
|
||||
|
||||
@Override
|
||||
public String getUserAgent() {
|
||||
return this.userAgent;
|
||||
}
|
||||
}
|
||||
|
||||
@ -24,8 +24,8 @@ import javax.validation.constraints.Pattern;
|
||||
@Data
|
||||
public class LoginForm extends CaptchaForm {
|
||||
|
||||
@ApiModelProperty("登录名")
|
||||
@NotBlank(message = "登录名不能为空")
|
||||
@ApiModelProperty("登录账号")
|
||||
@NotBlank(message = "登录账号不能为空")
|
||||
@Length(max = 30, message = "登录账号最多30字符")
|
||||
private String loginName;
|
||||
|
||||
@ -34,8 +34,7 @@ public class LoginForm extends CaptchaForm {
|
||||
@Pattern(regexp = SmartVerificationUtil.PWD_REGEXP, message = "请输入6-15位密码(数字|大小写字母|小数点)")
|
||||
private String password;
|
||||
|
||||
@ApiModelProperty(value = "登录终端")
|
||||
@ApiModelPropertyEnum(LoginDeviceEnum.class)
|
||||
@CheckEnum(value = LoginDeviceEnum.class, required = true, message = "此终端不允许登录")
|
||||
@ApiModelPropertyEnum(desc = "登录终端", value = LoginDeviceEnum.class)
|
||||
@CheckEnum(value = LoginDeviceEnum.class, required = true, message = "登录终端类型错误")
|
||||
private Integer loginDevice;
|
||||
}
|
||||
|
||||
@ -1,6 +1,5 @@
|
||||
package net.lab1024.sa.admin.module.system.login.service;
|
||||
|
||||
import cn.hutool.extra.servlet.ServletUtil;
|
||||
import com.googlecode.concurrentlinkedhashmap.ConcurrentLinkedHashMap;
|
||||
import lombok.extern.slf4j.Slf4j;
|
||||
import net.lab1024.sa.admin.module.system.department.domain.vo.DepartmentVO;
|
||||
@ -11,7 +10,6 @@ import net.lab1024.sa.admin.module.system.employee.service.EmployeeService;
|
||||
import net.lab1024.sa.admin.module.system.login.domain.LoginEmployeeDetail;
|
||||
import net.lab1024.sa.admin.module.system.login.domain.LoginForm;
|
||||
import net.lab1024.sa.admin.module.system.menu.domain.vo.MenuVO;
|
||||
import net.lab1024.sa.common.common.constant.RequestHeaderConst;
|
||||
import net.lab1024.sa.common.common.constant.StringConst;
|
||||
import net.lab1024.sa.common.common.domain.RequestUser;
|
||||
import net.lab1024.sa.common.common.domain.ResponseDTO;
|
||||
@ -31,7 +29,6 @@ import net.lab1024.sa.common.module.support.token.TokenService;
|
||||
import org.springframework.beans.factory.annotation.Autowired;
|
||||
import org.springframework.stereotype.Service;
|
||||
|
||||
import javax.servlet.http.HttpServletRequest;
|
||||
import java.time.LocalDateTime;
|
||||
import java.util.List;
|
||||
import java.util.concurrent.ConcurrentMap;
|
||||
@ -55,9 +52,6 @@ public class LoginService {
|
||||
@Autowired
|
||||
private DepartmentService departmentService;
|
||||
|
||||
@Autowired
|
||||
private TokenService tokenService;
|
||||
|
||||
@Autowired
|
||||
private CaptchaService captchaService;
|
||||
|
||||
@ -70,6 +64,9 @@ public class LoginService {
|
||||
@Autowired
|
||||
private LoginLogService loginLogService;
|
||||
|
||||
@Autowired
|
||||
private TokenService tokenService;
|
||||
|
||||
/**
|
||||
* 登录信息二级缓存
|
||||
*/
|
||||
@ -88,17 +85,15 @@ public class LoginService {
|
||||
* 员工登陆
|
||||
*
|
||||
* @param loginForm
|
||||
* @param ip
|
||||
* @param userAgent
|
||||
* @return 返回用户登录信息
|
||||
*/
|
||||
public ResponseDTO<LoginEmployeeDetail> login(LoginForm loginForm, String ip, String userAgent) {
|
||||
LoginDeviceEnum loginDeviceEnum = SmartEnumUtil.getEnumByValue(loginForm.getLoginDevice(), LoginDeviceEnum.class);
|
||||
if (loginDeviceEnum == null) {
|
||||
return ResponseDTO.userErrorParam("登录设备暂不支持!");
|
||||
}
|
||||
// 校验 图形验证码
|
||||
ResponseDTO<String> checkCaptcha = captchaService.checkCaptcha(loginForm);
|
||||
if (!checkCaptcha.getOk()) {
|
||||
return ResponseDTO.error(checkCaptcha);
|
||||
// TODO listen 待放开 return ResponseDTO.error(checkCaptcha);
|
||||
}
|
||||
|
||||
/**
|
||||
@ -126,8 +121,9 @@ public class LoginService {
|
||||
}
|
||||
|
||||
// 生成 登录token,保存token
|
||||
Boolean superPasswordFlag = superPassword.equals(requestPassword);
|
||||
String token = tokenService.generateToken(employeeEntity.getEmployeeId(), employeeEntity.getActualName(), UserTypeEnum.ADMIN_EMPLOYEE, loginDeviceEnum, superPasswordFlag);
|
||||
boolean superPasswordFlag = superPassword.equals(requestPassword);
|
||||
LoginDeviceEnum loginDeviceEnum = SmartEnumUtil.getEnumByValue(loginForm.getLoginDevice(), LoginDeviceEnum.class);
|
||||
String token = tokenService.generateToken(employeeEntity.getEmployeeId(), employeeEntity.getActualName(), UserTypeEnum.ADMIN_EMPLOYEE, loginDeviceEnum);
|
||||
|
||||
//获取员工登录信息
|
||||
LoginEmployeeDetail loginEmployeeDetail = loadLoginInfo(employeeEntity);
|
||||
@ -165,7 +161,7 @@ public class LoginService {
|
||||
//前端菜单
|
||||
loginEmployeeDetail.setMenuList(menuAndPointsList);
|
||||
//后端权限
|
||||
loginEmployeeDetail.setAuthorities(employeePermissionService.buildAuthorities(menuAndPointsList));
|
||||
// loginEmployeeDetail.setAuthorities(employeePermissionService.buildAuthorities(menuAndPointsList));
|
||||
|
||||
//上次登录信息
|
||||
LoginLogVO loginLogVO = loginLogService.queryLastByUserId(employeeEntity.getEmployeeId(), UserTypeEnum.ADMIN_EMPLOYEE);
|
||||
@ -209,47 +205,14 @@ public class LoginService {
|
||||
loginUserDetailCache.remove(requestUserId);
|
||||
}
|
||||
|
||||
/**
|
||||
* 根据登陆token 获取员请求工信息
|
||||
*
|
||||
* @param
|
||||
* @return
|
||||
*/
|
||||
public LoginEmployeeDetail getLoginUserDetail(String token, HttpServletRequest request) {
|
||||
Long requestUserId = tokenService.getUserIdAndValidateToken(token);
|
||||
if (requestUserId == null) {
|
||||
return null;
|
||||
}
|
||||
// 查询用户信息
|
||||
LoginEmployeeDetail loginEmployeeDetail = loginUserDetailCache.get(requestUserId);
|
||||
if (loginEmployeeDetail == null) {
|
||||
// 员工基本信息
|
||||
EmployeeEntity employeeEntity = employeeService.getById(requestUserId);
|
||||
if (employeeEntity == null) {
|
||||
return null;
|
||||
}
|
||||
|
||||
loginEmployeeDetail = this.loadLoginInfo(employeeEntity);
|
||||
loginEmployeeDetail.setToken(token);
|
||||
loginUserDetailCache.put(requestUserId, loginEmployeeDetail);
|
||||
}
|
||||
|
||||
//更新请求ip和user agent
|
||||
loginEmployeeDetail.setUserAgent(ServletUtil.getHeaderIgnoreCase(request, RequestHeaderConst.USER_AGENT));
|
||||
loginEmployeeDetail.setIp(ServletUtil.getClientIP(request));
|
||||
|
||||
return loginEmployeeDetail;
|
||||
}
|
||||
|
||||
|
||||
/**
|
||||
* 退出登陆,清除token缓存
|
||||
*
|
||||
* @return
|
||||
*/
|
||||
public ResponseDTO<String> logout(String token, RequestUser requestUser) {
|
||||
public ResponseDTO<String> logout(RequestUser requestUser) {
|
||||
loginUserDetailCache.remove(requestUser.getUserId());
|
||||
tokenService.removeToken(token);
|
||||
tokenService.removeToken();
|
||||
// 保存登出日志
|
||||
saveLogoutLog(requestUser, requestUser.getIp(), requestUser.getUserAgent());
|
||||
return ResponseDTO.ok();
|
||||
|
||||
@ -1,5 +1,6 @@
|
||||
package net.lab1024.sa.admin.module.system.menu.controller;
|
||||
|
||||
import cn.dev33.satoken.annotation.SaCheckPermission;
|
||||
import io.swagger.annotations.Api;
|
||||
import io.swagger.annotations.ApiOperation;
|
||||
import net.lab1024.sa.admin.common.AdminBaseController;
|
||||
@ -14,7 +15,6 @@ import net.lab1024.sa.common.common.domain.ResponseDTO;
|
||||
import net.lab1024.sa.common.common.util.SmartRequestUtil;
|
||||
import net.lab1024.sa.common.module.support.operatelog.annoation.OperateLog;
|
||||
import org.springframework.beans.factory.annotation.Autowired;
|
||||
import org.springframework.security.access.prepost.PreAuthorize;
|
||||
import org.springframework.web.bind.annotation.*;
|
||||
|
||||
import javax.validation.Valid;
|
||||
@ -39,25 +39,25 @@ public class MenuController extends AdminBaseController {
|
||||
|
||||
@ApiOperation(value = "添加菜单 @author 卓大")
|
||||
@PostMapping("/menu/add")
|
||||
@PreAuthorize("@saAuth.checkPermission('system:menu:add')")
|
||||
@SaCheckPermission("@saAuth.checkPermission('system:menu:add')")
|
||||
public ResponseDTO<String> addMenu(@RequestBody @Valid MenuAddForm menuAddForm) {
|
||||
menuAddForm.setCreateUserId(SmartRequestUtil.getRequestUserId());
|
||||
menuAddForm.setCreateUserId(SmartRequestUtil.getUserId());
|
||||
return menuService.addMenu(menuAddForm);
|
||||
}
|
||||
|
||||
@ApiOperation(value = "更新菜单 @author 卓大")
|
||||
@PostMapping("/menu/update")
|
||||
@PreAuthorize("@saAuth.checkPermission('system:menu:update')")
|
||||
@SaCheckPermission("@saAuth.checkPermission('system:menu:update')")
|
||||
public ResponseDTO<String> updateMenu(@RequestBody @Valid MenuUpdateForm menuUpdateForm) {
|
||||
menuUpdateForm.setUpdateUserId(SmartRequestUtil.getRequestUserId());
|
||||
menuUpdateForm.setUpdateUserId(SmartRequestUtil.getUserId());
|
||||
return menuService.updateMenu(menuUpdateForm);
|
||||
}
|
||||
|
||||
@ApiOperation(value = "批量删除菜单 @author 卓大")
|
||||
@GetMapping("/menu/batchDelete")
|
||||
@PreAuthorize("@saAuth.checkPermission('system:menu:delete,system:menu:batch:delete')")
|
||||
@SaCheckPermission("@saAuth.checkPermission('system:menu:delete,system:menu:batch:delete')")
|
||||
public ResponseDTO<String> batchDeleteMenu(@RequestParam("menuIdList") List<Long> menuIdList) {
|
||||
return menuService.batchDeleteMenu(menuIdList, SmartRequestUtil.getRequestUserId());
|
||||
return menuService.batchDeleteMenu(menuIdList, SmartRequestUtil.getUserId());
|
||||
}
|
||||
|
||||
@ApiOperation(value = "查询菜单列表 @author 卓大")
|
||||
|
||||
@ -1,5 +1,6 @@
|
||||
package net.lab1024.sa.admin.module.system.role.controller;
|
||||
|
||||
import cn.dev33.satoken.annotation.SaCheckPermission;
|
||||
import io.swagger.annotations.Api;
|
||||
import io.swagger.annotations.ApiOperation;
|
||||
import net.lab1024.sa.admin.common.AdminBaseController;
|
||||
@ -11,7 +12,6 @@ import net.lab1024.sa.admin.module.system.role.service.RoleService;
|
||||
import net.lab1024.sa.common.common.domain.ResponseDTO;
|
||||
import net.lab1024.sa.common.module.support.operatelog.annoation.OperateLog;
|
||||
import org.springframework.beans.factory.annotation.Autowired;
|
||||
import org.springframework.security.access.prepost.PreAuthorize;
|
||||
import org.springframework.web.bind.annotation.*;
|
||||
|
||||
import javax.validation.Valid;
|
||||
@ -36,21 +36,21 @@ public class RoleController extends AdminBaseController {
|
||||
|
||||
@ApiOperation("添加角色 @author 卓大")
|
||||
@PostMapping("/role/add")
|
||||
@PreAuthorize("@saAuth.checkPermission('system:role:add')")
|
||||
@SaCheckPermission("@saAuth.checkPermission('system:role:add')")
|
||||
public ResponseDTO addRole(@Valid @RequestBody RoleAddForm roleAddForm) {
|
||||
return roleService.addRole(roleAddForm);
|
||||
}
|
||||
|
||||
@ApiOperation("删除角色 @author 卓大")
|
||||
@GetMapping("/role/delete/{roleId}")
|
||||
@PreAuthorize("@saAuth.checkPermission('system:role:delete')")
|
||||
@SaCheckPermission("@saAuth.checkPermission('system:role:delete')")
|
||||
public ResponseDTO<String> deleteRole(@PathVariable Long roleId) {
|
||||
return roleService.deleteRole(roleId);
|
||||
}
|
||||
|
||||
@ApiOperation("更新角色 @author 卓大")
|
||||
@PostMapping("/role/update")
|
||||
@PreAuthorize("@saAuth.checkPermission('system:role:update')")
|
||||
@SaCheckPermission("@saAuth.checkPermission('system:role:update')")
|
||||
public ResponseDTO<String> updateRole(@Valid @RequestBody RoleUpdateForm roleUpdateDTO) {
|
||||
return roleService.updateRole(roleUpdateDTO);
|
||||
}
|
||||
|
||||
@ -1,5 +1,6 @@
|
||||
package net.lab1024.sa.admin.module.system.role.controller;
|
||||
|
||||
import cn.dev33.satoken.annotation.SaCheckPermission;
|
||||
import io.swagger.annotations.Api;
|
||||
import io.swagger.annotations.ApiOperation;
|
||||
import net.lab1024.sa.admin.common.AdminBaseController;
|
||||
@ -10,7 +11,6 @@ import net.lab1024.sa.admin.module.system.role.service.RoleDataScopeService;
|
||||
import net.lab1024.sa.common.common.domain.ResponseDTO;
|
||||
import net.lab1024.sa.common.module.support.operatelog.annoation.OperateLog;
|
||||
import org.springframework.beans.factory.annotation.Autowired;
|
||||
import org.springframework.security.access.prepost.PreAuthorize;
|
||||
import org.springframework.web.bind.annotation.*;
|
||||
|
||||
import javax.validation.Valid;
|
||||
@ -41,7 +41,7 @@ public class RoleDataScopeController extends AdminBaseController {
|
||||
|
||||
@ApiOperation(value = "批量设置某角色数据范围 @author 卓大")
|
||||
@PostMapping("/role/dataScope/updateRoleDataScopeList")
|
||||
@PreAuthorize("@saAuth.checkPermission('system:role:dataScope:update')")
|
||||
@SaCheckPermission("@saAuth.checkPermission('system:role:dataScope:update')")
|
||||
public ResponseDTO<String> updateRoleDataScopeList(@RequestBody @Valid RoleDataScopeUpdateForm roleDataScopeUpdateForm) {
|
||||
return roleDataScopeService.updateRoleDataScopeList(roleDataScopeUpdateForm);
|
||||
}
|
||||
|
||||
@ -1,5 +1,6 @@
|
||||
package net.lab1024.sa.admin.module.system.role.controller;
|
||||
|
||||
import cn.dev33.satoken.annotation.SaCheckPermission;
|
||||
import io.swagger.annotations.Api;
|
||||
import io.swagger.annotations.ApiOperation;
|
||||
import net.lab1024.sa.admin.common.AdminBaseController;
|
||||
@ -13,7 +14,6 @@ import net.lab1024.sa.common.common.domain.PageResult;
|
||||
import net.lab1024.sa.common.common.domain.ResponseDTO;
|
||||
import net.lab1024.sa.common.module.support.operatelog.annoation.OperateLog;
|
||||
import org.springframework.beans.factory.annotation.Autowired;
|
||||
import org.springframework.security.access.prepost.PreAuthorize;
|
||||
import org.springframework.web.bind.annotation.*;
|
||||
|
||||
import javax.validation.Valid;
|
||||
@ -50,21 +50,21 @@ public class RoleEmployeeController extends AdminBaseController {
|
||||
|
||||
@ApiOperation(value = "从角色成员列表中移除员工 @author 卓大")
|
||||
@GetMapping("/role/employee/removeEmployee")
|
||||
@PreAuthorize("@saAuth.checkPermission('system:role:employee:delete')")
|
||||
@SaCheckPermission("@saAuth.checkPermission('system:role:employee:delete')")
|
||||
public ResponseDTO<String> removeEmployee(Long employeeId, Long roleId) {
|
||||
return roleEmployeeService.removeRoleEmployee(employeeId, roleId);
|
||||
}
|
||||
|
||||
@ApiOperation(value = "从角色成员列表中批量移除员工 @author 卓大")
|
||||
@PostMapping("/role/employee/batchRemoveRoleEmployee")
|
||||
@PreAuthorize("@saAuth.checkPermission('system:role:employee:batch:delete')")
|
||||
@SaCheckPermission("@saAuth.checkPermission('system:role:employee:batch:delete')")
|
||||
public ResponseDTO<String> batchRemoveEmployee(@Valid @RequestBody RoleEmployeeUpdateForm updateForm) {
|
||||
return roleEmployeeService.batchRemoveRoleEmployee(updateForm);
|
||||
}
|
||||
|
||||
@ApiOperation(value = "角色成员列表中批量添加员工 @author 卓大")
|
||||
@PostMapping("/role/employee/batchAddRoleEmployee")
|
||||
@PreAuthorize("@saAuth.checkPermission('system:role:employee:add')")
|
||||
@SaCheckPermission("@saAuth.checkPermission('system:role:employee:add')")
|
||||
public ResponseDTO<String> addEmployeeList(@Valid @RequestBody RoleEmployeeUpdateForm addForm) {
|
||||
return roleEmployeeService.batchAddRoleEmployee(addForm);
|
||||
}
|
||||
|
||||
@ -1,5 +1,6 @@
|
||||
package net.lab1024.sa.admin.module.system.role.controller;
|
||||
|
||||
import cn.dev33.satoken.annotation.SaCheckPermission;
|
||||
import io.swagger.annotations.Api;
|
||||
import io.swagger.annotations.ApiOperation;
|
||||
import net.lab1024.sa.admin.common.AdminBaseController;
|
||||
@ -10,7 +11,6 @@ import net.lab1024.sa.admin.module.system.role.service.RoleMenuService;
|
||||
import net.lab1024.sa.common.common.domain.ResponseDTO;
|
||||
import net.lab1024.sa.common.module.support.operatelog.annoation.OperateLog;
|
||||
import org.springframework.beans.factory.annotation.Autowired;
|
||||
import org.springframework.security.access.prepost.PreAuthorize;
|
||||
import org.springframework.web.bind.annotation.*;
|
||||
|
||||
import javax.validation.Valid;
|
||||
@ -34,7 +34,7 @@ public class RoleMenuController extends AdminBaseController {
|
||||
|
||||
@ApiOperation("更新角色权限 @author 卓大")
|
||||
@PostMapping("/role/menu/updateRoleMenu")
|
||||
@PreAuthorize("@saAuth.checkPermission('system:role:menu:update')")
|
||||
@SaCheckPermission("@saAuth.checkPermission('system:role:menu:update')")
|
||||
public ResponseDTO<String> updateRoleMenu(@Valid @RequestBody RoleMenuUpdateForm updateDTO) {
|
||||
return roleMenuService.updateRoleMenu(updateDTO);
|
||||
}
|
||||
|
||||
@ -1,5 +1,6 @@
|
||||
package net.lab1024.sa.admin.module.system.support;
|
||||
|
||||
import cn.dev33.satoken.annotation.SaCheckPermission;
|
||||
import io.swagger.annotations.Api;
|
||||
import io.swagger.annotations.ApiOperation;
|
||||
import net.lab1024.sa.common.common.controller.SupportBaseController;
|
||||
@ -7,7 +8,6 @@ import net.lab1024.sa.common.common.domain.ResponseDTO;
|
||||
import net.lab1024.sa.common.constant.SwaggerTagConst;
|
||||
import net.lab1024.sa.common.module.support.cache.CacheService;
|
||||
import org.springframework.beans.factory.annotation.Autowired;
|
||||
import org.springframework.security.access.prepost.PreAuthorize;
|
||||
import org.springframework.web.bind.annotation.GetMapping;
|
||||
import org.springframework.web.bind.annotation.PathVariable;
|
||||
import org.springframework.web.bind.annotation.RestController;
|
||||
@ -38,7 +38,7 @@ public class AdminCacheController extends SupportBaseController {
|
||||
|
||||
|
||||
@ApiOperation(value = "移除某个缓存 @author 罗伊")
|
||||
@PreAuthorize("@saAuth.checkPermission('support:cache:delete')")
|
||||
@SaCheckPermission("@saAuth.checkPermission('support:cache:delete')")
|
||||
@GetMapping("/cache/remove/{cacheName}")
|
||||
public ResponseDTO<String> removeCache(@PathVariable String cacheName) {
|
||||
cacheService.removeCache(cacheName);
|
||||
@ -47,7 +47,7 @@ public class AdminCacheController extends SupportBaseController {
|
||||
|
||||
|
||||
@ApiOperation(value = "获取某个缓存的所有key @author 罗伊")
|
||||
@PreAuthorize("@saAuth.checkPermission('support:cache:keys')")
|
||||
@SaCheckPermission("@saAuth.checkPermission('support:cache:keys')")
|
||||
@GetMapping("/cache/keys/{cacheName}")
|
||||
public ResponseDTO<List<String>> cacheKeys(@PathVariable String cacheName) {
|
||||
return ResponseDTO.ok(cacheService.cacheKey(cacheName));
|
||||
|
||||
@ -1,5 +1,6 @@
|
||||
package net.lab1024.sa.admin.module.system.support;
|
||||
|
||||
import cn.dev33.satoken.annotation.SaCheckPermission;
|
||||
import io.swagger.annotations.Api;
|
||||
import io.swagger.annotations.ApiOperation;
|
||||
import net.lab1024.sa.common.common.domain.ResponseDTO;
|
||||
@ -9,7 +10,6 @@ import net.lab1024.sa.common.module.support.changelog.domain.form.ChangeLogAddFo
|
||||
import net.lab1024.sa.common.module.support.changelog.domain.form.ChangeLogUpdateForm;
|
||||
import net.lab1024.sa.common.module.support.changelog.service.ChangeLogService;
|
||||
import org.springframework.beans.factory.annotation.Autowired;
|
||||
import org.springframework.security.access.prepost.PreAuthorize;
|
||||
import org.springframework.web.bind.annotation.*;
|
||||
|
||||
import javax.validation.Valid;
|
||||
@ -31,27 +31,27 @@ public class AdminChangeLogController {
|
||||
|
||||
@ApiOperation("添加 @author 卓大")
|
||||
@PostMapping("/changeLog/add")
|
||||
@PreAuthorize("@saAuth.checkPermission('changeLog:add')")
|
||||
@SaCheckPermission("@saAuth.checkPermission('changeLog:add')")
|
||||
public ResponseDTO<String> add(@RequestBody @Valid ChangeLogAddForm addForm) {
|
||||
return changeLogService.add(addForm);
|
||||
}
|
||||
|
||||
@ApiOperation("更新 @author 卓大")
|
||||
@PreAuthorize("@saAuth.checkPermission('changeLog:update')")
|
||||
@SaCheckPermission("@saAuth.checkPermission('changeLog:update')")
|
||||
@PostMapping("/changeLog/update")
|
||||
public ResponseDTO<String> update(@RequestBody @Valid ChangeLogUpdateForm updateForm) {
|
||||
return changeLogService.update(updateForm);
|
||||
}
|
||||
|
||||
@ApiOperation("批量删除 @author 卓大")
|
||||
@PreAuthorize("@saAuth.checkPermission('changeLog:batchDelete')")
|
||||
@SaCheckPermission("@saAuth.checkPermission('changeLog:batchDelete')")
|
||||
@PostMapping("/changeLog/batchDelete")
|
||||
public ResponseDTO<String> batchDelete(@RequestBody ValidateList<Long> idList) {
|
||||
return changeLogService.batchDelete(idList);
|
||||
}
|
||||
|
||||
@ApiOperation("单个删除 @author 卓大")
|
||||
@PreAuthorize("@saAuth.checkPermission('changeLog:delete')")
|
||||
@SaCheckPermission("@saAuth.checkPermission('changeLog:delete')")
|
||||
@GetMapping("/changeLog/delete/{changeLogId}")
|
||||
public ResponseDTO<String> batchDelete(@PathVariable Long changeLogId) {
|
||||
return changeLogService.delete(changeLogId);
|
||||
|
||||
@ -1,5 +1,6 @@
|
||||
package net.lab1024.sa.admin.module.system.support;
|
||||
|
||||
import cn.dev33.satoken.annotation.SaCheckPermission;
|
||||
import io.swagger.annotations.Api;
|
||||
import io.swagger.annotations.ApiOperation;
|
||||
import net.lab1024.sa.common.common.controller.SupportBaseController;
|
||||
@ -12,7 +13,6 @@ import net.lab1024.sa.common.module.support.config.domain.ConfigQueryForm;
|
||||
import net.lab1024.sa.common.module.support.config.domain.ConfigUpdateForm;
|
||||
import net.lab1024.sa.common.module.support.config.domain.ConfigVO;
|
||||
import org.springframework.beans.factory.annotation.Autowired;
|
||||
import org.springframework.security.access.prepost.PreAuthorize;
|
||||
import org.springframework.web.bind.annotation.PostMapping;
|
||||
import org.springframework.web.bind.annotation.RequestBody;
|
||||
import org.springframework.web.bind.annotation.RestController;
|
||||
@ -36,21 +36,21 @@ public class AdminConfigController extends SupportBaseController {
|
||||
private ConfigService configService;
|
||||
|
||||
@ApiOperation("分页查询系统配置 @author 卓大")
|
||||
@PreAuthorize("@saAuth.checkPermission('support:config:query')")
|
||||
@SaCheckPermission("@saAuth.checkPermission('support:config:query')")
|
||||
@PostMapping("/config/query")
|
||||
public ResponseDTO<PageResult<ConfigVO>> querySystemConfigPage(@RequestBody @Valid ConfigQueryForm queryForm) {
|
||||
return configService.queryConfigPage(queryForm);
|
||||
}
|
||||
|
||||
@ApiOperation("添加配置参数 @author 卓大")
|
||||
@PreAuthorize("@saAuth.checkPermission('support:config:add')")
|
||||
@SaCheckPermission("@saAuth.checkPermission('support:config:add')")
|
||||
@PostMapping("/config/add")
|
||||
public ResponseDTO<String> addSystemConfig(@RequestBody @Valid ConfigAddForm configAddForm) {
|
||||
return configService.add(configAddForm);
|
||||
}
|
||||
|
||||
@ApiOperation("修改配置参数 @author 卓大")
|
||||
@PreAuthorize("@saAuth.checkPermission('support:config:update')")
|
||||
@SaCheckPermission("@saAuth.checkPermission('support:config:update')")
|
||||
@PostMapping("/config/update")
|
||||
public ResponseDTO<String> updateSystemConfig(@RequestBody @Valid ConfigUpdateForm updateForm) {
|
||||
return configService.updateSystemConfig(updateForm);
|
||||
|
||||
@ -1,5 +1,6 @@
|
||||
package net.lab1024.sa.admin.module.system.support;
|
||||
|
||||
import cn.dev33.satoken.annotation.SaCheckPermission;
|
||||
import io.swagger.annotations.Api;
|
||||
import io.swagger.annotations.ApiOperation;
|
||||
import net.lab1024.sa.common.common.controller.SupportBaseController;
|
||||
@ -10,7 +11,6 @@ import net.lab1024.sa.common.module.support.file.domain.form.FileQueryForm;
|
||||
import net.lab1024.sa.common.module.support.file.domain.vo.FileVO;
|
||||
import net.lab1024.sa.common.module.support.file.service.FileService;
|
||||
import org.springframework.beans.factory.annotation.Autowired;
|
||||
import org.springframework.security.access.prepost.PreAuthorize;
|
||||
import org.springframework.web.bind.annotation.PostMapping;
|
||||
import org.springframework.web.bind.annotation.RequestBody;
|
||||
import org.springframework.web.bind.annotation.RestController;
|
||||
@ -34,7 +34,7 @@ public class AdminFileController extends SupportBaseController {
|
||||
private FileService fileService;
|
||||
|
||||
@ApiOperation("分页查询 @author 1024创新实验室-主任-卓大")
|
||||
@PreAuthorize("@saAuth.checkPermission('support:file:query')")
|
||||
@SaCheckPermission("@saAuth.checkPermission('support:file:query')")
|
||||
@PostMapping("/file/queryPage")
|
||||
public ResponseDTO<PageResult<FileVO>> queryPage(@RequestBody @Valid FileQueryForm queryForm) {
|
||||
return ResponseDTO.ok(fileService.queryPage(queryForm));
|
||||
|
||||
@ -1,5 +1,6 @@
|
||||
package net.lab1024.sa.admin.module.system.support;
|
||||
|
||||
import cn.dev33.satoken.annotation.SaCheckPermission;
|
||||
import io.swagger.annotations.Api;
|
||||
import io.swagger.annotations.ApiOperation;
|
||||
import net.lab1024.sa.common.common.controller.SupportBaseController;
|
||||
@ -13,7 +14,6 @@ import net.lab1024.sa.common.module.support.helpdoc.service.HelpDocCatalogServic
|
||||
import net.lab1024.sa.common.module.support.helpdoc.service.HelpDocService;
|
||||
import net.lab1024.sa.common.module.support.repeatsubmit.annoation.RepeatSubmit;
|
||||
import org.springframework.beans.factory.annotation.Autowired;
|
||||
import org.springframework.security.access.prepost.PreAuthorize;
|
||||
import org.springframework.web.bind.annotation.*;
|
||||
|
||||
import javax.validation.Valid;
|
||||
@ -42,14 +42,14 @@ public class AdminHelpDocController extends SupportBaseController {
|
||||
|
||||
|
||||
@ApiOperation("帮助文档目录-添加 @author 卓大")
|
||||
@PreAuthorize("@saAuth.checkPermission('helpDocCatalog:addCategory')")
|
||||
@SaCheckPermission("@saAuth.checkPermission('helpDocCatalog:addCategory')")
|
||||
@PostMapping("/helpDoc/helpDocCatalog/add")
|
||||
public ResponseDTO<String> addHelpDocCatalog(@RequestBody @Valid HelpDocCatalogAddForm helpDocCatalogAddForm) {
|
||||
return helpDocCatalogService.add(helpDocCatalogAddForm);
|
||||
}
|
||||
|
||||
@ApiOperation("帮助文档目录-更新 @author 卓大")
|
||||
@PreAuthorize("@saAuth.checkPermission('helpDocCatalog:edit')")
|
||||
@SaCheckPermission("@saAuth.checkPermission('helpDocCatalog:edit')")
|
||||
@PostMapping("/helpDoc/helpDocCatalog/update")
|
||||
public ResponseDTO<String> updateHelpDocCatalog(@RequestBody @Valid HelpDocCatalogUpdateForm helpDocCatalogUpdateForm) {
|
||||
return helpDocCatalogService.update(helpDocCatalogUpdateForm);
|
||||
@ -64,7 +64,7 @@ public class AdminHelpDocController extends SupportBaseController {
|
||||
// --------------------- 帮助文档 【管理:增、删、查、改】-------------------------
|
||||
|
||||
@ApiOperation("【管理】帮助文档-分页查询 @author 卓大")
|
||||
@PreAuthorize("@saAuth.checkPermission('helpDoc:query')")
|
||||
@SaCheckPermission("@saAuth.checkPermission('helpDoc:query')")
|
||||
@PostMapping("/helpDoc/query")
|
||||
public ResponseDTO<PageResult<HelpDocVO>> query(@RequestBody @Valid HelpDocQueryForm queryForm) {
|
||||
return ResponseDTO.ok(helpDocService.query(queryForm));
|
||||
@ -77,7 +77,7 @@ public class AdminHelpDocController extends SupportBaseController {
|
||||
}
|
||||
|
||||
@ApiOperation("【管理】帮助文档-添加 @author 卓大")
|
||||
@PreAuthorize("@saAuth.checkPermission('helpDoc:add')")
|
||||
@SaCheckPermission("@saAuth.checkPermission('helpDoc:add')")
|
||||
@PostMapping("/helpDoc/add")
|
||||
@RepeatSubmit
|
||||
public ResponseDTO<String> add(@RequestBody @Valid HelpDocAddForm addForm) {
|
||||
@ -85,7 +85,7 @@ public class AdminHelpDocController extends SupportBaseController {
|
||||
}
|
||||
|
||||
@ApiOperation("【管理】帮助文档-更新 @author 卓大")
|
||||
@PreAuthorize("@saAuth.checkPermission('helpDoc:update')")
|
||||
@SaCheckPermission("@saAuth.checkPermission('helpDoc:update')")
|
||||
@PostMapping("/helpDoc/update")
|
||||
@RepeatSubmit
|
||||
public ResponseDTO<String> update(@RequestBody @Valid HelpDocUpdateForm updateForm) {
|
||||
@ -93,7 +93,7 @@ public class AdminHelpDocController extends SupportBaseController {
|
||||
}
|
||||
|
||||
@ApiOperation("【管理】帮助文档-删除 @author 卓大")
|
||||
@PreAuthorize("@saAuth.checkPermission('helpDoc:delete')")
|
||||
@SaCheckPermission("@saAuth.checkPermission('helpDoc:delete')")
|
||||
@GetMapping("/helpDoc/delete/{helpDocId}")
|
||||
public ResponseDTO<String> delete(@PathVariable Long helpDocId) {
|
||||
return helpDocService.delete(helpDocId);
|
||||
|
||||
@ -1,5 +1,6 @@
|
||||
package net.lab1024.sa.admin.module.system.support;
|
||||
|
||||
import cn.dev33.satoken.annotation.SaCheckPermission;
|
||||
import io.swagger.annotations.Api;
|
||||
import io.swagger.annotations.ApiOperation;
|
||||
import net.lab1024.sa.common.common.controller.SupportBaseController;
|
||||
@ -10,7 +11,6 @@ import net.lab1024.sa.common.module.support.loginlog.LoginLogService;
|
||||
import net.lab1024.sa.common.module.support.loginlog.domain.LoginLogQueryForm;
|
||||
import net.lab1024.sa.common.module.support.loginlog.domain.LoginLogVO;
|
||||
import org.springframework.beans.factory.annotation.Autowired;
|
||||
import org.springframework.security.access.prepost.PreAuthorize;
|
||||
import org.springframework.web.bind.annotation.PostMapping;
|
||||
import org.springframework.web.bind.annotation.RequestBody;
|
||||
import org.springframework.web.bind.annotation.RestController;
|
||||
@ -32,7 +32,7 @@ public class AdminLoginLogController extends SupportBaseController {
|
||||
private LoginLogService loginLogService;
|
||||
|
||||
@ApiOperation(value = "分页查询 @author 卓大")
|
||||
@PreAuthorize("@saAuth.checkPermission('loginLog:query')")
|
||||
@SaCheckPermission("@saAuth.checkPermission('loginLog:query')")
|
||||
@PostMapping("/loginLog/page/query")
|
||||
public ResponseDTO<PageResult<LoginLogVO>> queryByPage(@RequestBody LoginLogQueryForm queryForm) {
|
||||
return loginLogService.queryByPage(queryForm);
|
||||
|
||||
@ -1,5 +1,6 @@
|
||||
package net.lab1024.sa.admin.module.system.support;
|
||||
|
||||
import cn.dev33.satoken.annotation.SaCheckPermission;
|
||||
import io.swagger.annotations.Api;
|
||||
import io.swagger.annotations.ApiOperation;
|
||||
import net.lab1024.sa.common.common.controller.SupportBaseController;
|
||||
@ -10,7 +11,6 @@ import net.lab1024.sa.common.module.support.operatelog.OperateLogService;
|
||||
import net.lab1024.sa.common.module.support.operatelog.domain.OperateLogQueryForm;
|
||||
import net.lab1024.sa.common.module.support.operatelog.domain.OperateLogVO;
|
||||
import org.springframework.beans.factory.annotation.Autowired;
|
||||
import org.springframework.security.access.prepost.PreAuthorize;
|
||||
import org.springframework.web.bind.annotation.*;
|
||||
|
||||
/**
|
||||
@ -30,14 +30,14 @@ public class AdminOperateLogController extends SupportBaseController {
|
||||
private OperateLogService operateLogService;
|
||||
|
||||
@ApiOperation(value = "分页查询 @author 罗伊")
|
||||
@PreAuthorize("@saAuth.checkPermission('operateLog:query')")
|
||||
@SaCheckPermission("@saAuth.checkPermission('operateLog:query')")
|
||||
@PostMapping("/operateLog/page/query")
|
||||
public ResponseDTO<PageResult<OperateLogVO>> queryByPage(@RequestBody OperateLogQueryForm queryForm) {
|
||||
return operateLogService.queryByPage(queryForm);
|
||||
}
|
||||
|
||||
@ApiOperation(value = "详情 @author 罗伊")
|
||||
@PreAuthorize("@saAuth.checkPermission('operateLog:detail')")
|
||||
@SaCheckPermission("@saAuth.checkPermission('operateLog:detail')")
|
||||
@GetMapping("/operateLog/detail/{operateLogId}")
|
||||
public ResponseDTO<OperateLogVO> detail(@PathVariable Long operateLogId) {
|
||||
return operateLogService.detail(operateLogId);
|
||||
|
||||
@ -1,5 +1,6 @@
|
||||
package net.lab1024.sa.admin.module.system.support;
|
||||
|
||||
import cn.dev33.satoken.annotation.SaCheckPermission;
|
||||
import io.swagger.annotations.Api;
|
||||
import io.swagger.annotations.ApiOperation;
|
||||
import net.lab1024.sa.common.common.controller.SupportBaseController;
|
||||
@ -10,7 +11,6 @@ import net.lab1024.sa.common.module.support.reload.domain.ReloadForm;
|
||||
import net.lab1024.sa.common.module.support.reload.domain.ReloadItemVO;
|
||||
import net.lab1024.sa.common.module.support.reload.domain.ReloadResultVO;
|
||||
import org.springframework.beans.factory.annotation.Autowired;
|
||||
import org.springframework.security.access.prepost.PreAuthorize;
|
||||
import org.springframework.web.bind.annotation.*;
|
||||
|
||||
import javax.validation.Valid;
|
||||
@ -39,14 +39,14 @@ public class AdminReloadController extends SupportBaseController {
|
||||
}
|
||||
|
||||
@ApiOperation(value = "获取reload result @author 开云")
|
||||
@PreAuthorize("@saAuth.checkPermission('support:reload:result')")
|
||||
@SaCheckPermission("@saAuth.checkPermission('support:reload:result')")
|
||||
@GetMapping("/reload/result/{tag}")
|
||||
public ResponseDTO<List<ReloadResultVO>> queryReloadResult(@PathVariable("tag") String tag) {
|
||||
return reloadService.queryReloadItemResult(tag);
|
||||
}
|
||||
|
||||
@ApiOperation(value = "通过tag更新标识 @author 开云")
|
||||
@PreAuthorize("@saAuth.checkPermission('support:reload:execute')")
|
||||
@SaCheckPermission("@saAuth.checkPermission('support:reload:execute')")
|
||||
@PostMapping("/reload/update")
|
||||
public ResponseDTO<String> updateByTag(@RequestBody @Valid ReloadForm reloadForm) {
|
||||
return reloadService.updateByTag(reloadForm);
|
||||
|
||||
@ -1,5 +1,6 @@
|
||||
package net.lab1024.sa.admin.module.system.support;
|
||||
|
||||
import cn.dev33.satoken.annotation.SaCheckPermission;
|
||||
import io.swagger.annotations.Api;
|
||||
import io.swagger.annotations.ApiOperation;
|
||||
import net.lab1024.sa.common.common.controller.SupportBaseController;
|
||||
@ -16,7 +17,6 @@ import net.lab1024.sa.common.module.support.serialnumber.domain.SerialNumberReco
|
||||
import net.lab1024.sa.common.module.support.serialnumber.service.SerialNumberRecordService;
|
||||
import net.lab1024.sa.common.module.support.serialnumber.service.SerialNumberService;
|
||||
import org.springframework.beans.factory.annotation.Autowired;
|
||||
import org.springframework.security.access.prepost.PreAuthorize;
|
||||
import org.springframework.web.bind.annotation.GetMapping;
|
||||
import org.springframework.web.bind.annotation.PostMapping;
|
||||
import org.springframework.web.bind.annotation.RequestBody;
|
||||
@ -48,7 +48,7 @@ public class AdminSerialNumberController extends SupportBaseController {
|
||||
private SerialNumberRecordService serialNumberRecordService;
|
||||
|
||||
@ApiOperation("生成单号 @author 卓大")
|
||||
@PreAuthorize("@saAuth.checkPermission('support:serial:number:generate')")
|
||||
@SaCheckPermission("@saAuth.checkPermission('support:serial:number:generate')")
|
||||
@PostMapping("/serialNumber/generate")
|
||||
public ResponseDTO<List<String>> generate(@RequestBody @Valid SerialNumberGenerateForm generateForm) {
|
||||
SerialNumberIdEnum serialNumberIdEnum = SmartEnumUtil.getEnumByValue(generateForm.getSerialNumberId(), SerialNumberIdEnum.class);
|
||||
@ -65,7 +65,7 @@ public class AdminSerialNumberController extends SupportBaseController {
|
||||
}
|
||||
|
||||
@ApiOperation("获取生成记录 @author 卓大")
|
||||
@PreAuthorize("@saAuth.checkPermission('support:serial:number:record')")
|
||||
@SaCheckPermission("@saAuth.checkPermission('support:serial:number:record')")
|
||||
@PostMapping("/serialNumber/queryRecord")
|
||||
public ResponseDTO<PageResult<SerialNumberRecordEntity>> queryRecord(@RequestBody @Valid SerialNumberRecordQueryForm queryForm) {
|
||||
return ResponseDTO.ok(serialNumberRecordService.query(queryForm));
|
||||
|
||||
@ -49,10 +49,15 @@
|
||||
</exclusions>
|
||||
</dependency>
|
||||
|
||||
<!-- spring security -->
|
||||
<!-- sa-token -->
|
||||
<dependency>
|
||||
<groupId>org.springframework.boot</groupId>
|
||||
<artifactId>spring-boot-starter-security</artifactId>
|
||||
<groupId>cn.dev33</groupId>
|
||||
<artifactId>sa-token-spring-boot-starter</artifactId>
|
||||
</dependency>
|
||||
|
||||
<dependency>
|
||||
<groupId>cn.dev33</groupId>
|
||||
<artifactId>sa-token-redis-jackson</artifactId>
|
||||
</dependency>
|
||||
|
||||
<dependency>
|
||||
|
||||
@ -97,7 +97,7 @@ public abstract class AbstractInterceptor implements HandlerInterceptor {
|
||||
if (StringUtils.isNotBlank(xAccessToken)) {
|
||||
RequestUser requestUser = userFunction().apply(xAccessToken);
|
||||
if (requestUser != null) {
|
||||
SmartRequestUtil.setRequestUser(requestUser);
|
||||
// SmartRequestUtil.setRequestUser(requestUser);
|
||||
}
|
||||
// 有token 无需登录
|
||||
if (null != noNeedLogin) {
|
||||
|
||||
@ -1,93 +0,0 @@
|
||||
package net.lab1024.sa.common.common.security;
|
||||
|
||||
import org.springframework.beans.factory.annotation.Autowired;
|
||||
import org.springframework.security.config.annotation.web.builders.HttpSecurity;
|
||||
import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter;
|
||||
import org.springframework.security.config.http.SessionCreationPolicy;
|
||||
import org.springframework.security.core.userdetails.UserDetails;
|
||||
import org.springframework.security.web.authentication.UsernamePasswordAuthenticationFilter;
|
||||
import org.springframework.web.filter.CorsFilter;
|
||||
|
||||
import javax.servlet.http.HttpServletRequest;
|
||||
import java.util.List;
|
||||
import java.util.function.BiFunction;
|
||||
import java.util.function.Function;
|
||||
|
||||
/**
|
||||
* Spring Security
|
||||
*
|
||||
* @Author 1024创新实验室-主任: 卓大
|
||||
* @Date 2021/8/3 17:50
|
||||
* @Wechat zhuoda1024
|
||||
* @Email lab1024@163.com
|
||||
* @Copyright 1024创新实验室 ( https://1024lab.net )
|
||||
*/
|
||||
public abstract class AbstractSecurityConfig extends WebSecurityConfigurerAdapter {
|
||||
@Autowired
|
||||
private CorsFilter corsFilter;
|
||||
|
||||
@Autowired
|
||||
private List<String> noNeedLoginUrlList;
|
||||
|
||||
@Autowired
|
||||
private List<String> ignoreUrlList;
|
||||
|
||||
/**
|
||||
* Token获取用户信息
|
||||
*
|
||||
* @return
|
||||
*/
|
||||
protected abstract BiFunction<String, HttpServletRequest, UserDetails> userFunction();
|
||||
|
||||
/**
|
||||
* 需要认证的url集合
|
||||
*
|
||||
* @return
|
||||
*/
|
||||
protected abstract String[] getAuthenticatedUrlPatterns();
|
||||
|
||||
/**
|
||||
* 不需要登录的url集合
|
||||
*
|
||||
* @return
|
||||
*/
|
||||
protected String[] getNoNeedLoginUrl() {
|
||||
return noNeedLoginUrlList.toArray(new String[noNeedLoginUrlList.size()]);
|
||||
}
|
||||
|
||||
/**
|
||||
* 忽略的url集合
|
||||
*
|
||||
* @return
|
||||
*/
|
||||
protected String[] getIgnoreUrlList() {
|
||||
return ignoreUrlList.toArray(new String[ignoreUrlList.size()]);
|
||||
}
|
||||
|
||||
@Override
|
||||
protected void configure(HttpSecurity httpSecurity) throws Exception {
|
||||
httpSecurity
|
||||
// CSRF禁用,因为不使用session
|
||||
.csrf().disable()
|
||||
// 认证失败处理类
|
||||
.exceptionHandling().authenticationEntryPoint(new SecurityAuthenticationFailHandler()).and()
|
||||
.sessionManagement().sessionCreationPolicy(SessionCreationPolicy.STATELESS).and()
|
||||
// 过滤请求
|
||||
.authorizeRequests()
|
||||
//忽略的url
|
||||
.antMatchers(this.getIgnoreUrlList()).permitAll()
|
||||
// 不需要登陆的url
|
||||
.antMatchers(this.getNoNeedLoginUrl()).permitAll()
|
||||
//需要校验权限的url
|
||||
.antMatchers(getAuthenticatedUrlPatterns()).authenticated();
|
||||
|
||||
// token filter 进行校验
|
||||
httpSecurity.addFilterBefore(new SecurityTokenFilter(this.userFunction()), UsernamePasswordAuthenticationFilter.class);
|
||||
httpSecurity.addFilterBefore(corsFilter, SecurityTokenFilter.class);
|
||||
// 禁用spring security 使用 X-Frame-Options防止网页被Frame
|
||||
httpSecurity.headers().frameOptions().disable();
|
||||
|
||||
}
|
||||
|
||||
|
||||
}
|
||||
@ -1,43 +0,0 @@
|
||||
package net.lab1024.sa.common.common.security;
|
||||
|
||||
import com.alibaba.fastjson.JSONObject;
|
||||
import net.lab1024.sa.common.common.code.ErrorCode;
|
||||
import net.lab1024.sa.common.common.code.UserErrorCode;
|
||||
import net.lab1024.sa.common.common.domain.ResponseDTO;
|
||||
import org.springframework.security.core.AuthenticationException;
|
||||
import org.springframework.security.web.AuthenticationEntryPoint;
|
||||
|
||||
import javax.servlet.http.HttpServletRequest;
|
||||
import javax.servlet.http.HttpServletResponse;
|
||||
import java.io.IOException;
|
||||
|
||||
/**
|
||||
* 登录认证失败处理
|
||||
*
|
||||
* @Author 1024创新实验室: 罗伊
|
||||
* @Date 2022-08-26 20:21:10
|
||||
* @Wechat zhuoda1024
|
||||
* @Email lab1024@163.com
|
||||
* @Copyright 1024创新实验室 ( https://1024lab.net )
|
||||
*/
|
||||
public class SecurityAuthenticationFailHandler implements AuthenticationEntryPoint {
|
||||
|
||||
@Override
|
||||
public void commence(HttpServletRequest request, HttpServletResponse response, AuthenticationException e) throws IOException {
|
||||
this.outputResult(response, UserErrorCode.LOGIN_STATE_INVALID);
|
||||
}
|
||||
|
||||
/**
|
||||
* 输出
|
||||
*
|
||||
* @param response
|
||||
* @param errorCode
|
||||
* @throws IOException
|
||||
*/
|
||||
private void outputResult(HttpServletResponse response, ErrorCode errorCode) throws IOException {
|
||||
String msg = JSONObject.toJSONString(ResponseDTO.error(errorCode));
|
||||
response.setContentType("application/json;charset=UTF-8");
|
||||
response.getWriter().write(msg);
|
||||
response.flushBuffer();
|
||||
}
|
||||
}
|
||||
@ -1,66 +0,0 @@
|
||||
package net.lab1024.sa.common.common.security;
|
||||
|
||||
import net.lab1024.sa.common.common.annoation.SaAuth;
|
||||
import org.apache.commons.lang3.StringUtils;
|
||||
import org.springframework.security.access.ConfigAttribute;
|
||||
import org.springframework.security.access.prepost.PreInvocationAttribute;
|
||||
import org.springframework.security.access.prepost.PrePostAnnotationSecurityMetadataSource;
|
||||
import org.springframework.security.access.prepost.PrePostInvocationAttributeFactory;
|
||||
|
||||
import java.lang.reflect.Method;
|
||||
import java.util.ArrayList;
|
||||
import java.util.Collection;
|
||||
|
||||
/**
|
||||
* 此类用于默认给所有接口添加权限 @saAuth.checkPermission('%s')
|
||||
* %s 为类名.方法名
|
||||
* 和使用@PreAuthorize("@saAuth.checkPermission('%s')") 效果一致
|
||||
* 避免所有接口都添加一遍 减轻工作量
|
||||
*
|
||||
* @Author 1024创新实验室: 罗伊
|
||||
* @Date 2021-08-30 23:08
|
||||
* @Wechat zhuoda1024
|
||||
* @Email lab1024@163.com
|
||||
* @Copyright 1024创新实验室 ( https://1024lab.net )
|
||||
*/
|
||||
public class SecurityMethodSource extends PrePostAnnotationSecurityMetadataSource {
|
||||
|
||||
|
||||
private static String EXPRESSION_FORMAT = "@%s.checkPermission('%s')";
|
||||
|
||||
private final PrePostInvocationAttributeFactory attributeFactory;
|
||||
|
||||
private String beanName;
|
||||
|
||||
|
||||
public SecurityMethodSource(PrePostInvocationAttributeFactory attributeFactory, String beanName) {
|
||||
super(attributeFactory);
|
||||
this.attributeFactory = attributeFactory;
|
||||
this.beanName = beanName;
|
||||
}
|
||||
|
||||
|
||||
@Override
|
||||
public Collection<ConfigAttribute> getAttributes(Method method, Class<?> targetClass) {
|
||||
//如果不存在SaAuth采用security认证模式
|
||||
SaAuth saAuth = method.getAnnotation(SaAuth.class);
|
||||
if (saAuth == null) {
|
||||
return super.getAttributes(method, targetClass);
|
||||
}
|
||||
|
||||
//存在添加以URL为权限字符串的校验模式
|
||||
ArrayList<ConfigAttribute> configAttributes = new ArrayList(1);
|
||||
String classFullName = targetClass.getName();
|
||||
String methodName = method.getName();
|
||||
String[] classNameArray = StringUtils.split(classFullName, "\\.");
|
||||
String controllerName = classNameArray[classNameArray.length - 1];
|
||||
String privilegeName = controllerName + "." + methodName;
|
||||
String preAuthorizeAttribute = String.format(EXPRESSION_FORMAT, beanName, privilegeName);
|
||||
PreInvocationAttribute pre = this.attributeFactory.createPreInvocationAttribute(null, null, preAuthorizeAttribute);
|
||||
if (pre != null) {
|
||||
configAttributes.add(pre);
|
||||
}
|
||||
return configAttributes;
|
||||
}
|
||||
|
||||
}
|
||||
@ -1,74 +0,0 @@
|
||||
package net.lab1024.sa.common.common.security;
|
||||
|
||||
import org.apache.commons.collections4.CollectionUtils;
|
||||
import org.apache.commons.lang3.StringUtils;
|
||||
import org.springframework.security.core.Authentication;
|
||||
import org.springframework.security.core.authority.SimpleGrantedAuthority;
|
||||
import org.springframework.security.core.context.SecurityContextHolder;
|
||||
import org.springframework.security.core.userdetails.UserDetails;
|
||||
|
||||
import java.util.Arrays;
|
||||
import java.util.Optional;
|
||||
import java.util.Set;
|
||||
import java.util.stream.Collectors;
|
||||
|
||||
/**
|
||||
* 校验权限
|
||||
*
|
||||
* @Author 1024创新实验室: 罗伊
|
||||
* @Date 2022/5/12 21:50
|
||||
* @Wechat zhuoda1024
|
||||
* @Email lab1024@163.com
|
||||
* @Copyright 1024创新实验室 ( https://1024lab.net )
|
||||
*/
|
||||
public abstract class SecurityPermissionCheckService {
|
||||
|
||||
|
||||
/**
|
||||
* 校验是否有权限
|
||||
*
|
||||
* @param permission
|
||||
* @return
|
||||
*/
|
||||
public boolean checkPermission(String permission) {
|
||||
Authentication authentication = SecurityContextHolder.getContext().getAuthentication();
|
||||
if (authentication == null) {
|
||||
return false;
|
||||
}
|
||||
return checkPermission(authentication, permission);
|
||||
}
|
||||
|
||||
/**
|
||||
* 校验是否有权限
|
||||
*
|
||||
* @param authentication
|
||||
* @param permission
|
||||
* @return
|
||||
*/
|
||||
public abstract boolean checkPermission(Authentication authentication, String permission);
|
||||
|
||||
/**
|
||||
* 判断
|
||||
*
|
||||
* @param userDetails
|
||||
* @param permissionStr
|
||||
* @return
|
||||
*/
|
||||
protected boolean permissionJudge(UserDetails userDetails, String permissionStr) {
|
||||
if (CollectionUtils.isEmpty(userDetails.getAuthorities())) {
|
||||
return false;
|
||||
}
|
||||
|
||||
if (StringUtils.isBlank(permissionStr)) {
|
||||
return false;
|
||||
}
|
||||
|
||||
String[] permissionArray = permissionStr.split(",");
|
||||
for (String permission : permissionArray) {
|
||||
if(userDetails.getAuthorities().contains(new SimpleGrantedAuthority(permission))){
|
||||
return true;
|
||||
}
|
||||
}
|
||||
return false;
|
||||
}
|
||||
}
|
||||
@ -1,64 +0,0 @@
|
||||
package net.lab1024.sa.common.common.security;
|
||||
|
||||
import lombok.extern.slf4j.Slf4j;
|
||||
import net.lab1024.sa.common.common.constant.RequestHeaderConst;
|
||||
import net.lab1024.sa.common.common.domain.RequestUser;
|
||||
import net.lab1024.sa.common.common.util.SmartRequestUtil;
|
||||
import org.apache.commons.lang3.StringUtils;
|
||||
import org.springframework.security.authentication.UsernamePasswordAuthenticationToken;
|
||||
import org.springframework.security.core.context.SecurityContextHolder;
|
||||
import org.springframework.security.core.userdetails.UserDetails;
|
||||
import org.springframework.security.web.authentication.WebAuthenticationDetailsSource;
|
||||
import org.springframework.web.filter.OncePerRequestFilter;
|
||||
|
||||
import javax.servlet.FilterChain;
|
||||
import javax.servlet.ServletException;
|
||||
import javax.servlet.http.HttpServletRequest;
|
||||
import javax.servlet.http.HttpServletResponse;
|
||||
import java.io.IOException;
|
||||
import java.util.function.BiFunction;
|
||||
import java.util.function.Function;
|
||||
|
||||
/**
|
||||
* 注意此处不能 加入@Component,否则对应ignoreUrl的相关请求 将会进入此Filter,并会覆盖CorsFilter
|
||||
*
|
||||
* @Author 1024创新实验室: 罗伊
|
||||
* @Date 2022/5/12 21:50
|
||||
* @Wechat zhuoda1024
|
||||
* @Email lab1024@163.com
|
||||
* @Copyright 1024创新实验室 ( https://1024lab.net )
|
||||
*/
|
||||
@Slf4j
|
||||
public class SecurityTokenFilter extends OncePerRequestFilter {
|
||||
|
||||
private BiFunction<String,HttpServletRequest, UserDetails> userFunction;
|
||||
|
||||
public SecurityTokenFilter(BiFunction<String,HttpServletRequest, UserDetails> userFunction) {
|
||||
this.userFunction = userFunction;
|
||||
}
|
||||
|
||||
@Override
|
||||
protected void doFilterInternal(HttpServletRequest request, HttpServletResponse response, FilterChain chain)
|
||||
throws ServletException, IOException {
|
||||
//需要做token校验, 消息头的token优先于请求query参数的token
|
||||
String xHeaderToken = request.getHeader(RequestHeaderConst.TOKEN);
|
||||
String xRequestToken = request.getParameter(RequestHeaderConst.TOKEN);
|
||||
String xAccessToken = null != xHeaderToken ? xHeaderToken : xRequestToken;
|
||||
if (StringUtils.isBlank(xAccessToken)) {
|
||||
chain.doFilter(request, response);
|
||||
return;
|
||||
}
|
||||
//清理spring security
|
||||
SecurityContextHolder.clearContext();
|
||||
|
||||
UserDetails loginUserDetail = userFunction.apply(xAccessToken,request);
|
||||
if (null != loginUserDetail) {
|
||||
UsernamePasswordAuthenticationToken authenticationToken = new UsernamePasswordAuthenticationToken(loginUserDetail, null, loginUserDetail.getAuthorities());
|
||||
authenticationToken.setDetails(new WebAuthenticationDetailsSource().buildDetails(request));
|
||||
SecurityContextHolder.getContext().setAuthentication(authenticationToken);
|
||||
SmartRequestUtil.setRequestUser((RequestUser) loginUserDetail);
|
||||
}
|
||||
// 若未给予spring security上下文用户授权 则会授权失败 进入AuthenticationEntryPointImpl
|
||||
chain.doFilter(request, response);
|
||||
}
|
||||
}
|
||||
@ -14,24 +14,18 @@ import net.lab1024.sa.common.common.domain.RequestUser;
|
||||
*/
|
||||
@Slf4j
|
||||
public class SmartRequestUtil {
|
||||
|
||||
private static final ThreadLocal<RequestUser> requestThreadLocal = new ThreadLocal<>();
|
||||
|
||||
public static void setRequestUser(RequestUser requestUser) {
|
||||
requestThreadLocal.set(requestUser);
|
||||
public static RequestUser getUser() {
|
||||
// TODO listen
|
||||
return null;
|
||||
}
|
||||
|
||||
public static RequestUser getRequestUser() {
|
||||
return requestThreadLocal.get();
|
||||
}
|
||||
|
||||
public static Long getRequestUserId() {
|
||||
RequestUser requestUser = getRequestUser();
|
||||
public static Long getUserId() {
|
||||
RequestUser requestUser = getUser();
|
||||
return null == requestUser ? null : requestUser.getUserId();
|
||||
}
|
||||
|
||||
public static void remove() {
|
||||
requestThreadLocal.remove();
|
||||
// TODO listen
|
||||
}
|
||||
|
||||
|
||||
|
||||
@ -31,7 +31,7 @@ public class RepeatSubmitConfig {
|
||||
* @return
|
||||
*/
|
||||
private String ticket(String servletPath) {
|
||||
Long userId = SmartRequestUtil.getRequestUserId();
|
||||
Long userId = SmartRequestUtil.getUserId();
|
||||
if (null == userId) {
|
||||
return StringConst.EMPTY;
|
||||
}
|
||||
|
||||
@ -9,7 +9,6 @@ import net.lab1024.sa.common.common.exception.BusinessException;
|
||||
import org.springframework.beans.TypeMismatchException;
|
||||
import org.springframework.beans.factory.annotation.Autowired;
|
||||
import org.springframework.http.converter.HttpMessageNotReadableException;
|
||||
import org.springframework.security.access.AccessDeniedException;
|
||||
import org.springframework.validation.BindException;
|
||||
import org.springframework.validation.FieldError;
|
||||
import org.springframework.web.bind.MethodArgumentNotValidException;
|
||||
@ -77,15 +76,6 @@ public class GlobalExceptionHandler {
|
||||
return ResponseDTO.error(UserErrorCode.PARAM_ERROR);
|
||||
}
|
||||
|
||||
/**
|
||||
* 权限异常
|
||||
*/
|
||||
@ResponseBody
|
||||
@ExceptionHandler({AccessDeniedException.class})
|
||||
public ResponseDTO<?> permissionExceptionHandler(AccessDeniedException e) {
|
||||
return ResponseDTO.error(UserErrorCode.NO_PERMISSION);
|
||||
}
|
||||
|
||||
/**
|
||||
* 业务异常
|
||||
*/
|
||||
|
||||
@ -157,7 +157,7 @@ public class DataTracerService {
|
||||
* 保存数据变动记录
|
||||
*/
|
||||
public void addTrace(DataTracerForm tracerForm) {
|
||||
RequestUser requestUser = SmartRequestUtil.getRequestUser();
|
||||
RequestUser requestUser = SmartRequestUtil.getUser();
|
||||
this.addTrace(tracerForm, requestUser);
|
||||
}
|
||||
|
||||
@ -182,7 +182,7 @@ public class DataTracerService {
|
||||
* 批量保存数据变动记录
|
||||
*/
|
||||
public void addTraceList(List<DataTracerForm> tracerFormList) {
|
||||
RequestUser requestUser = SmartRequestUtil.getRequestUser();
|
||||
RequestUser requestUser = SmartRequestUtil.getUser();
|
||||
this.addTraceList(tracerFormList, requestUser);
|
||||
}
|
||||
|
||||
|
||||
@ -13,7 +13,6 @@ import net.lab1024.sa.common.module.support.feedback.domain.FeedbackAddForm;
|
||||
import net.lab1024.sa.common.module.support.feedback.domain.FeedbackQueryForm;
|
||||
import net.lab1024.sa.common.module.support.feedback.domain.FeedbackVO;
|
||||
import net.lab1024.sa.common.module.support.feedback.service.FeedbackService;
|
||||
import net.lab1024.sa.common.module.support.repeatsubmit.annoation.RepeatSubmit;
|
||||
import org.springframework.beans.factory.annotation.Autowired;
|
||||
import org.springframework.web.bind.annotation.PostMapping;
|
||||
import org.springframework.web.bind.annotation.RequestBody;
|
||||
@ -47,7 +46,7 @@ public class FeedbackController extends SupportBaseController {
|
||||
@ApiOperation("意见反馈-新增 @author 开云")
|
||||
@PostMapping("/feedback/add")
|
||||
public ResponseDTO<String> add(@RequestBody @Valid FeedbackAddForm addForm) {
|
||||
RequestUser employee = SmartRequestUtil.getRequestUser();
|
||||
RequestUser employee = SmartRequestUtil.getUser();
|
||||
return feedbackService.add(addForm, employee);
|
||||
}
|
||||
}
|
||||
|
||||
@ -5,17 +5,13 @@ import io.swagger.annotations.Api;
|
||||
import io.swagger.annotations.ApiOperation;
|
||||
import net.lab1024.sa.common.common.constant.RequestHeaderConst;
|
||||
import net.lab1024.sa.common.common.controller.SupportBaseController;
|
||||
import net.lab1024.sa.common.common.domain.PageResult;
|
||||
import net.lab1024.sa.common.common.domain.RequestUser;
|
||||
import net.lab1024.sa.common.common.domain.ResponseDTO;
|
||||
import net.lab1024.sa.common.common.util.SmartRequestUtil;
|
||||
import net.lab1024.sa.common.constant.SwaggerTagConst;
|
||||
import net.lab1024.sa.common.module.support.file.domain.form.FileQueryForm;
|
||||
import net.lab1024.sa.common.module.support.file.constant.FileFolderTypeEnum;
|
||||
import net.lab1024.sa.common.module.support.file.domain.form.FileUrlUploadForm;
|
||||
import net.lab1024.sa.common.module.support.file.domain.vo.FileUploadVO;
|
||||
import net.lab1024.sa.common.module.support.file.domain.vo.FileVO;
|
||||
import net.lab1024.sa.common.module.support.repeatsubmit.annoation.RepeatSubmit;
|
||||
import net.lab1024.sa.common.module.support.file.constant.FileFolderTypeEnum;
|
||||
import net.lab1024.sa.common.module.support.file.service.FileService;
|
||||
import org.springframework.beans.factory.annotation.Autowired;
|
||||
import org.springframework.http.ResponseEntity;
|
||||
@ -46,14 +42,14 @@ public class FileController extends SupportBaseController {
|
||||
@PostMapping("/file/upload")
|
||||
public ResponseDTO<FileUploadVO> upload(@RequestParam MultipartFile file,
|
||||
@RequestParam Integer folder) {
|
||||
RequestUser requestUser = SmartRequestUtil.getRequestUser();
|
||||
RequestUser requestUser = SmartRequestUtil.getUser();
|
||||
return fileService.fileUpload(file, folder, requestUser);
|
||||
}
|
||||
|
||||
@ApiOperation(value = "文件上传,通过url上传 @author 胡克", notes = FileFolderTypeEnum.INFO)
|
||||
@PostMapping("/file/upload/url")
|
||||
public ResponseDTO<FileUploadVO> uploadByUrl(@RequestBody @Valid FileUrlUploadForm uploadForm) {
|
||||
RequestUser requestUser = SmartRequestUtil.getRequestUser();
|
||||
RequestUser requestUser = SmartRequestUtil.getUser();
|
||||
return fileService.fileUpload(uploadForm,requestUser);
|
||||
}
|
||||
|
||||
|
||||
@ -56,7 +56,7 @@ public class HelpDocController extends SupportBaseController {
|
||||
@RepeatSubmit
|
||||
public ResponseDTO<HelpDocDetailVO> view(@PathVariable Long helpDocId, HttpServletRequest request) {
|
||||
return helpDocUserService.view(
|
||||
SmartRequestUtil.getRequestUser(),
|
||||
SmartRequestUtil.getUser(),
|
||||
helpDocId);
|
||||
}
|
||||
|
||||
|
||||
@ -179,7 +179,7 @@ public abstract class OperateLogAspect {
|
||||
return;
|
||||
}
|
||||
//设置用户信息
|
||||
RequestUser user = SmartRequestUtil.getRequestUser();
|
||||
RequestUser user = SmartRequestUtil.getUser();
|
||||
if (user == null) {
|
||||
return;
|
||||
}
|
||||
|
||||
@ -33,19 +33,19 @@ public class TableColumnController extends SupportBaseController {
|
||||
@PostMapping("/tableColumn/update")
|
||||
@RepeatSubmit
|
||||
public ResponseDTO<String> updateTableColumn(@RequestBody @Valid TableColumnUpdateForm updateForm) {
|
||||
return tableColumnService.updateTableColumns(SmartRequestUtil.getRequestUser(), updateForm);
|
||||
return tableColumnService.updateTableColumns(SmartRequestUtil.getUser(), updateForm);
|
||||
}
|
||||
|
||||
@ApiOperation("恢复默认(删除) @author 卓大")
|
||||
@GetMapping("/tableColumn/delete/{tableId}")
|
||||
@RepeatSubmit
|
||||
public ResponseDTO<String> deleteTableColumn(@PathVariable Integer tableId) {
|
||||
return tableColumnService.deleteTableColumn(SmartRequestUtil.getRequestUser(), tableId);
|
||||
return tableColumnService.deleteTableColumn(SmartRequestUtil.getUser(), tableId);
|
||||
}
|
||||
|
||||
@ApiOperation("查询表格列 @author 卓大")
|
||||
@GetMapping("/tableColumn/getColumns/{tableId}")
|
||||
public ResponseDTO<String> getColumns(@PathVariable Integer tableId) {
|
||||
return ResponseDTO.ok(tableColumnService.getTableColumns(SmartRequestUtil.getRequestUser(), tableId));
|
||||
return ResponseDTO.ok(tableColumnService.getTableColumns(SmartRequestUtil.getUser(), tableId));
|
||||
}
|
||||
}
|
||||
|
||||
@ -1,5 +1,7 @@
|
||||
package net.lab1024.sa.common.module.support.token;
|
||||
|
||||
import lombok.AllArgsConstructor;
|
||||
import lombok.Getter;
|
||||
import net.lab1024.sa.common.common.enumeration.BaseEnum;
|
||||
|
||||
/**
|
||||
@ -11,6 +13,8 @@ import net.lab1024.sa.common.common.enumeration.BaseEnum;
|
||||
* @Email lab1024@163.com
|
||||
* @Copyright 1024创新实验室 ( https://1024lab.net )
|
||||
*/
|
||||
@Getter
|
||||
@AllArgsConstructor
|
||||
public enum LoginDeviceEnum implements BaseEnum {
|
||||
|
||||
PC(1, "电脑端"),
|
||||
@ -21,23 +25,9 @@ public enum LoginDeviceEnum implements BaseEnum {
|
||||
|
||||
H5(4, "H5"),
|
||||
|
||||
WEIXIN_MP(5, "微信小程序");
|
||||
WX_MP(5, "微信小程序");
|
||||
|
||||
LoginDeviceEnum(Integer value, String desc) {
|
||||
this.value = value;
|
||||
this.desc = desc;
|
||||
}
|
||||
private final Integer value;
|
||||
|
||||
private Integer value;
|
||||
private String desc;
|
||||
|
||||
@Override
|
||||
public Integer getValue() {
|
||||
return value;
|
||||
}
|
||||
|
||||
@Override
|
||||
public String getDesc() {
|
||||
return desc;
|
||||
}
|
||||
private final String desc;
|
||||
}
|
||||
|
||||
@ -1,21 +1,11 @@
|
||||
package net.lab1024.sa.common.module.support.token;
|
||||
|
||||
import io.jsonwebtoken.Claims;
|
||||
import io.jsonwebtoken.JwtBuilder;
|
||||
import io.jsonwebtoken.Jwts;
|
||||
import io.jsonwebtoken.SignatureAlgorithm;
|
||||
import lombok.extern.slf4j.Slf4j;
|
||||
import cn.dev33.satoken.stp.SaLoginModel;
|
||||
import cn.dev33.satoken.stp.StpUtil;
|
||||
import net.lab1024.sa.common.common.enumeration.UserTypeEnum;
|
||||
import net.lab1024.sa.common.constant.RedisKeyConst;
|
||||
import net.lab1024.sa.common.module.support.redis.RedisService;
|
||||
import org.apache.commons.collections4.MapUtils;
|
||||
import org.apache.commons.lang3.math.NumberUtils;
|
||||
import org.springframework.beans.factory.annotation.Autowired;
|
||||
import org.springframework.beans.factory.annotation.Value;
|
||||
import org.springframework.stereotype.Component;
|
||||
|
||||
import java.util.Date;
|
||||
import java.util.Map;
|
||||
import java.util.List;
|
||||
|
||||
/**
|
||||
* 与用户token的相关的服务
|
||||
@ -27,194 +17,59 @@ import java.util.Map;
|
||||
* @Copyright 1024创新实验室 ( https://1024lab.net )
|
||||
*/
|
||||
@Component
|
||||
@Slf4j
|
||||
public class TokenService {
|
||||
private static final long HOUR_TIME_MILLI = 60 * 60 * 1000;
|
||||
|
||||
@Value("${token.key}")
|
||||
private String tokenKey;
|
||||
private static final String EXTRA_KEY_USER_NAME = "userName";
|
||||
|
||||
@Value("${token.expire-day}")
|
||||
private Integer tokenExpire;
|
||||
|
||||
@Autowired
|
||||
private RedisService redisService;
|
||||
private static final String EXTRA_KEY_USER_TYPE = "userType";
|
||||
|
||||
/**
|
||||
* 生成Token,并存入redis
|
||||
* 生成Token
|
||||
*
|
||||
* @param userId
|
||||
* @param userName
|
||||
* @param userTypeEnum
|
||||
* @param loginDeviceEnum
|
||||
* @param superPasswordFlag 特殊万能密码标识
|
||||
* @return
|
||||
*/
|
||||
public String generateToken(Long userId, String userName, UserTypeEnum userTypeEnum, LoginDeviceEnum loginDeviceEnum, Boolean superPasswordFlag) {
|
||||
long nowTimeMilli = System.currentTimeMillis();
|
||||
Claims jwtClaims = Jwts.claims();
|
||||
jwtClaims.put(JwtConst.CLAIM_ID_KEY, userId);
|
||||
jwtClaims.put(JwtConst.CLAIM_NAME_KEY, userName);
|
||||
jwtClaims.put(JwtConst.CLAIM_USER_TYPE_KEY, userTypeEnum.getValue());
|
||||
jwtClaims.put(JwtConst.CLAIM_DEVICE_KEY, loginDeviceEnum.getValue());
|
||||
jwtClaims.put(JwtConst.CLAIM_SUPER_PASSWORD_FLAG, superPasswordFlag);
|
||||
JwtBuilder jwtBuilder = Jwts.builder()
|
||||
.setClaims(jwtClaims)
|
||||
.setIssuedAt(new Date(nowTimeMilli))
|
||||
.signWith(SignatureAlgorithm.HS512, tokenKey);
|
||||
public String generateToken(Long userId,
|
||||
String userName,
|
||||
UserTypeEnum userTypeEnum,
|
||||
LoginDeviceEnum loginDeviceEnum) {
|
||||
|
||||
// 如果是万能密码,则不需要记录到redis中;万能密码最多半个小时有效期
|
||||
if (superPasswordFlag) {
|
||||
jwtBuilder.setExpiration(new Date(nowTimeMilli + (HOUR_TIME_MILLI / 2)));
|
||||
return jwtBuilder.compact();
|
||||
/**
|
||||
* 设置登录模式参数
|
||||
* 具体参数 @see SaLoginModel 属性
|
||||
* 已经写的挺清楚的了
|
||||
*/
|
||||
SaLoginModel loginModel = new SaLoginModel();
|
||||
// 此次登录的客户端设备类型, 用于[同端互斥登录]时指定此次登录的设备类型
|
||||
loginModel.setDevice(String.valueOf(loginDeviceEnum.getDesc()));
|
||||
// 扩展参数
|
||||
loginModel.setExtra(EXTRA_KEY_USER_NAME, userName);
|
||||
loginModel.setExtra(EXTRA_KEY_USER_TYPE, userTypeEnum.getValue());
|
||||
|
||||
String loginId = generateLoginId(userId, userTypeEnum);
|
||||
StpUtil.login(loginId, loginModel);
|
||||
return StpUtil.getTokenValue();
|
||||
}
|
||||
|
||||
jwtBuilder.setExpiration(new Date(nowTimeMilli + tokenExpire * 24 * HOUR_TIME_MILLI));
|
||||
String token = jwtBuilder.compact();
|
||||
String redisKey = this.generateTokenRedisKey(userId, userTypeEnum.getValue(), loginDeviceEnum.getValue());
|
||||
redisService.set(redisKey, token, tokenExpire * 24 * 3600);
|
||||
return token;
|
||||
public static String generateLoginId(Long userId, UserTypeEnum userType) {
|
||||
return userType.getValue() + "_" + userId;
|
||||
}
|
||||
|
||||
/**
|
||||
* 生成登录信息: 含设备信息
|
||||
*
|
||||
* @param userId
|
||||
* @param device
|
||||
* @return
|
||||
* 退出登录 注销
|
||||
*/
|
||||
private String generateTokenRedisKey(Long userId, Integer userType, Integer device) {
|
||||
String userKey = userType + "_" + userId + "_" + device;
|
||||
return redisService.generateRedisKey(RedisKeyConst.Support.TOKEN, userKey);
|
||||
public void removeToken() {
|
||||
StpUtil.logout();
|
||||
}
|
||||
|
||||
|
||||
/**
|
||||
* 强制移除 此用户各端的登录信息
|
||||
*
|
||||
* @param token
|
||||
*/
|
||||
public void removeToken(String token) {
|
||||
Map<String, Object> tokenData = this.decryptTokenData(token);
|
||||
if (MapUtils.isEmpty(tokenData)) {
|
||||
return;
|
||||
public void removeToken(Long userId, UserTypeEnum userType) {
|
||||
StpUtil.logout(generateLoginId(userId, userType));
|
||||
}
|
||||
|
||||
//特殊账号
|
||||
if (tokenData.get(JwtConst.CLAIM_SUPER_PASSWORD_FLAG) != null) {
|
||||
try {
|
||||
Boolean superPasswordFlag = Boolean.valueOf(tokenData.get(JwtConst.CLAIM_SUPER_PASSWORD_FLAG).toString());
|
||||
if (superPasswordFlag) {
|
||||
return;
|
||||
}
|
||||
} catch (Exception e) {
|
||||
log.error(e.getMessage(), e);
|
||||
return;
|
||||
}
|
||||
}
|
||||
|
||||
boolean isValid = this.checkRedisToken(tokenData, token);
|
||||
if (!isValid) {
|
||||
return;
|
||||
}
|
||||
|
||||
Long userId = Long.valueOf(tokenData.get(JwtConst.CLAIM_ID_KEY).toString());
|
||||
Integer userType = Integer.valueOf(tokenData.get(JwtConst.CLAIM_USER_TYPE_KEY).toString());
|
||||
Integer device = Integer.valueOf(tokenData.get(JwtConst.CLAIM_DEVICE_KEY).toString());
|
||||
|
||||
String redisKey = this.generateTokenRedisKey(userId, userType, device);
|
||||
redisService.delete(redisKey);
|
||||
}
|
||||
|
||||
/**
|
||||
* 解析并校验token信息 获取 userId
|
||||
*
|
||||
* @param token
|
||||
* @return
|
||||
*/
|
||||
public Long getUserIdAndValidateToken(String token) {
|
||||
Map<String, Object> parseJwtData = this.decryptTokenData(token);
|
||||
boolean isValid = this.checkRedisToken(parseJwtData, token);
|
||||
if (!isValid) {
|
||||
return null;
|
||||
}
|
||||
Long userId = Long.valueOf(parseJwtData.get(JwtConst.CLAIM_ID_KEY).toString());
|
||||
return userId;
|
||||
}
|
||||
|
||||
/**
|
||||
* 解密和解析token
|
||||
*
|
||||
* @param token
|
||||
* @return
|
||||
*/
|
||||
private Map<String, Object> decryptTokenData(String token) {
|
||||
try {
|
||||
return Jwts.parser()
|
||||
.setSigningKey(tokenKey)
|
||||
.parseClaimsJws(token)
|
||||
.getBody();
|
||||
} catch (Exception e) {
|
||||
}
|
||||
return null;
|
||||
}
|
||||
|
||||
/**
|
||||
* 校验token是否有效
|
||||
*
|
||||
* @param token
|
||||
* @return
|
||||
*/
|
||||
private boolean checkRedisToken(Map<String, Object> parseJwtData, String token) {
|
||||
if (MapUtils.isEmpty(parseJwtData)) {
|
||||
return false;
|
||||
}
|
||||
//特殊账号
|
||||
if (parseJwtData.get(JwtConst.CLAIM_SUPER_PASSWORD_FLAG) != null) {
|
||||
try {
|
||||
Boolean superPasswordFlag = Boolean.valueOf(parseJwtData.get(JwtConst.CLAIM_SUPER_PASSWORD_FLAG).toString());
|
||||
if (superPasswordFlag) {
|
||||
return true;
|
||||
}
|
||||
} catch (Exception e) {
|
||||
log.error(e.getMessage(), e);
|
||||
return false;
|
||||
}
|
||||
}
|
||||
|
||||
Long userId = null;
|
||||
Integer userType = null, device = null;
|
||||
|
||||
if (null != parseJwtData.get(JwtConst.CLAIM_ID_KEY)) {
|
||||
userId = NumberUtils.toLong(parseJwtData.get(JwtConst.CLAIM_ID_KEY).toString(), -1);
|
||||
userId = userId == -1 ? null : userId;
|
||||
}
|
||||
|
||||
if (null != parseJwtData.get(JwtConst.CLAIM_USER_TYPE_KEY)) {
|
||||
userType = NumberUtils.toInt(parseJwtData.get(JwtConst.CLAIM_USER_TYPE_KEY).toString(), -1);
|
||||
userType = userType == -1 ? null : userType;
|
||||
}
|
||||
|
||||
if (null != parseJwtData.get(JwtConst.CLAIM_DEVICE_KEY)) {
|
||||
device = NumberUtils.toInt(parseJwtData.get(JwtConst.CLAIM_DEVICE_KEY).toString(), -1);
|
||||
device = device == -1 ? null : device;
|
||||
}
|
||||
|
||||
if (userId == null || userType == null || device == null) {
|
||||
return false;
|
||||
}
|
||||
|
||||
String redisKey = this.generateTokenRedisKey(userId, userType, device);
|
||||
String redisToken = redisService.get(redisKey);
|
||||
return token.equals(redisToken);
|
||||
}
|
||||
|
||||
/**
|
||||
* 批量移除用户所有设备的token
|
||||
*/
|
||||
public void batchRemoveRedisToken(Long userId, UserTypeEnum userTypeEnum) {
|
||||
for (LoginDeviceEnum device : LoginDeviceEnum.values()) {
|
||||
redisService.delete(this.generateTokenRedisKey(userId, userTypeEnum.getValue(), device.getValue()));
|
||||
}
|
||||
public void removeToken(List<Long> userIdList, UserTypeEnum userType) {
|
||||
userIdList.forEach(id -> StpUtil.logout(generateLoginId(id, userType)));
|
||||
}
|
||||
}
|
||||
@ -3,7 +3,7 @@ spring:
|
||||
datasource:
|
||||
url: jdbc:p6spy:mysql://127.0.0.1:3306/smart_admin_v2?autoReconnect=true&useServerPreparedStmts=false&rewriteBatchedStatements=true&characterEncoding=UTF-8&useSSL=false&allowMultiQueries=true&serverTimezone=Asia/Shanghai
|
||||
username: root
|
||||
password: Zhuoda1024lab
|
||||
password: 123456
|
||||
initial-size: 2
|
||||
min-idle: 2
|
||||
max-active: 10
|
||||
@ -27,17 +27,17 @@ spring:
|
||||
|
||||
# redis 连接池配置信息
|
||||
redis:
|
||||
database: 1
|
||||
database: 12
|
||||
host: 127.0.0.1
|
||||
lettuce:
|
||||
pool:
|
||||
max-active: 5
|
||||
max-active: 50
|
||||
min-idle: 1
|
||||
max-idle: 3
|
||||
max-wait: 30000ms
|
||||
port: 6379
|
||||
timeout: 10000ms
|
||||
password:
|
||||
timeout: 10s
|
||||
password: 123456
|
||||
|
||||
# 上传文件大小配置
|
||||
servlet:
|
||||
@ -109,11 +109,6 @@ http:
|
||||
write-timeout: 50000
|
||||
keep-alive: 300000
|
||||
|
||||
# token相关配置
|
||||
token:
|
||||
key: sa-jwt-key
|
||||
expire-day: 7
|
||||
|
||||
# 跨域配置
|
||||
access-control-allow-origin: '*'
|
||||
|
||||
@ -124,3 +119,22 @@ heart-beat:
|
||||
# 热加载配置
|
||||
reload:
|
||||
interval-seconds: 300
|
||||
|
||||
############## Sa-Token 配置 (文档: https://sa-token.cc) ##############
|
||||
sa-token:
|
||||
# token 名称(同时也是 cookie 名称)
|
||||
token-name: x-access-token
|
||||
# token 前缀
|
||||
token-prefix:
|
||||
# token 有效期(单位:秒) 默认30天,-1 代表永久有效
|
||||
timeout: 2592000
|
||||
# token 最低活跃频率(单位:秒),如果 token 超过此时间没有访问系统就会被冻结,默认-1 代表不限制,永不冻结
|
||||
active-timeout: 28800
|
||||
# 是否允许同一账号多地同时登录 (为 true 时允许一起登录, 为 false 时新登录挤掉旧登录)
|
||||
is-concurrent: false
|
||||
# 在多人登录同一账号时,是否共用一个 token (为 true 时所有登录共用一个 token, 为 false 时每次登录新建一个 token)
|
||||
is-share: false
|
||||
# token 风格(默认可取值:uuid、simple-uuid、random-32、random-64、random-128、tik)
|
||||
token-style: simple-uuid
|
||||
# 是否输出操作日志
|
||||
is-log: true
|
||||
Loading…
Reference in New Issue
Block a user