tieshengkeji/tiesheng-springboot
1
1
Fork 0
Code Pull Requests Actions Packages Releases Activity

feat:增加权限校验

Browse Source
This commit is contained in:
曾文豪
2024-08-07 19:02:54 +08:00
parent 1ee4b4af30
commit 0f5cdb49c0
12 changed files with 285 additions and 17 deletions
Download Patch File Download Diff File Expand all files Collapse all files

3
springboot-ademo/src/main/java/com/tiesheng/demo/config/DemoWebConfigurer.java
View File

@@ -26,7 +26,7 @@ public class DemoWebConfigurer implements TieshengWebConfigurer, TsLoginConfigur
if (Objects.equals(tokenBean.getId(), "1")) {
return info;
}
return null;
return info;
}
public TokenBean login(CorePlatformUnique platformUnique) {
@@ -36,6 +36,7 @@ public class DemoWebConfigurer implements TieshengWebConfigurer, TsLoginConfigur
} else if (Objects.equals(platformUnique.getUniqueId(), "1110290049")) {
tokenBean = new TokenBean("1", "", globalConfig.getService());
tokenBean.setExtra("1110290049");
tokenBean.setRoleId("super");
}
return tokenBean;

5
springboot-ademo/src/main/resources/application-test.yml
View File

@@ -26,11 +26,12 @@ tiesheng:
token:
test-map:
"1111":
id: "1111"
role-id: "student_bks"
id: "1"
role-id: "super"
global:
version: 2
host: http://localhost:8100
service: demo
aliyun:
access-key-id: LTAI5tJtbgBCnTY5eS4SmrTf
access-key-secret: JIHqpRUFffCHhXaJEVvWN31WcexWqG

33
springboot-annotation/src/main/java/com/tiesheng/annotation/role/RoleAuthority.java Normal file
View File

@@ -0,0 +1,33 @@
package com.tiesheng.annotation.role;
import java.lang.annotation.*;
@Target({ElementType.METHOD, ElementType.TYPE})
@Documented
@Retention(RetentionPolicy.RUNTIME)
public @interface RoleAuthority {
/**
* 编号
*
* @return
*/
String value();
/**
* 平台类型
*
* @return
*/
String platform() default "web";
/**
* 分组
*
* @return
*/
String[] group() default {};
}

7
springboot-role/pom.xml
View File

@@ -22,6 +22,13 @@
<groupId>com.tiesheng.springboot-parent</groupId>
<artifactId>springboot-util</artifactId>
</dependency>
<!-- aspect -->
<dependency>
<groupId>org.springframework.boot</groupId>
<artifactId>spring-boot-starter-aop</artifactId>
</dependency>
</dependencies>
</project>

72
springboot-role/src/main/java/com/tiesheng/role/config/HasAuthorityAspect.java Normal file
View File

@@ -0,0 +1,72 @@
package com.tiesheng.role.config;
import cn.hutool.core.collection.CollUtil;
import cn.hutool.core.util.StrUtil;
import com.tiesheng.annotation.role.RoleAuthority;
import com.tiesheng.role.mapper.CoreRoleUserMapper;
import com.tiesheng.role.pojos.dao.CoreRoleAuthority;
import com.tiesheng.util.ServletKit;
import com.tiesheng.util.config.TsTokenConfig;
import com.tiesheng.util.exception.ApiException;
import com.tiesheng.util.pojos.TokenBean;
import com.tiesheng.util.service.TsCacheService;
import org.aspectj.lang.JoinPoint;
import org.aspectj.lang.annotation.Aspect;
import org.aspectj.lang.annotation.Before;
import org.aspectj.lang.reflect.MethodSignature;
import org.springframework.stereotype.Component;
import javax.annotation.Resource;
import javax.servlet.http.HttpServletRequest;
import java.util.List;
import java.util.stream.Collectors;
@Aspect
@Component
public class HasAuthorityAspect {
public static final String CACHE_HAS_AUTHORITY = "CACHE:HAS_AUTHORITY:{}";
@Resource
CoreRoleUserMapper coreRoleUserMapper;
@Resource
TsTokenConfig tsTokenConfig;
/**
* 获取
*/
@Before("@annotation(com.tiesheng.annotation.role.RoleAuthority)")
public void before(JoinPoint joinPoint) {
MethodSignature signature = (MethodSignature) joinPoint.getSignature();
RoleAuthority classAnnotation = joinPoint.getTarget().getClass().getAnnotation(RoleAuthority.class);
RoleAuthority annotation = signature.getMethod().getAnnotation(RoleAuthority.class);
if (classAnnotation == null || annotation == null) {
return;
}
HttpServletRequest request = ServletKit.getRequest();
TokenBean tokenBean = tsTokenConfig.validToken(request, true);
String authority = StrUtil.join("_", classAnnotation.group(),
classAnnotation.value(), annotation.value());
String cacheKey = StrUtil.format(CACHE_HAS_AUTHORITY, tokenBean.getId());
List<String> authorityList = StrUtil.split(TsCacheService.of().get(cacheKey), ";")
.stream().filter(StrUtil::isNotEmpty).collect(Collectors.toList());
if (CollUtil.isEmpty(authorityList)) {
List<CoreRoleAuthority> list = coreRoleUserMapper.getOwnerAuthorityLeafList(tokenBean.getId(),
tokenBean.getRoleId());
authorityList = list.stream().map(CoreRoleAuthority::getNo).collect(Collectors.toList());
if (CollUtil.isNotEmpty(authorityList)) {
TsCacheService.of().put(cacheKey, StrUtil.join(";", authorityList));
}
}
if (!CollUtil.contains(authorityList, authority)) {
throw new ApiException(403, "您无权访问");
}
}
}

12
springboot-role/src/main/java/com/tiesheng/role/controller/RoleController.java
View File

@@ -4,6 +4,7 @@ import cn.hutool.core.collection.CollUtil;
import cn.hutool.core.util.StrUtil;
import com.baomidou.mybatisplus.core.conditions.query.QueryWrapper;
import com.baomidou.mybatisplus.extension.plugins.pagination.Page;
import com.tiesheng.annotation.role.RoleAuthority;
import com.tiesheng.role.pojos.dao.*;
import com.tiesheng.role.pojos.dto.GroupRxUpdateDTO;
import com.tiesheng.role.pojos.dto.MenuListDTO;
@@ -29,6 +30,7 @@ import java.util.stream.Collectors;
@RestController
@RequestMapping("/role")
@RoleAuthority(value = "role", group = "role")
public class RoleController {
@Resource
@@ -41,6 +43,7 @@ public class RoleController {
* @return
*/
@GetMapping("/group/list")
@RoleAuthority(value = "groupList")
public ApiResp<List<CoreRoleGroup>> groupList(@Valid GroupTypeDTO dto) {
return ApiResp.respOK(coreRoleService.list(
new QueryWrapper<CoreRoleGroup>()
@@ -58,6 +61,7 @@ public class RoleController {
* @return
*/
@PostMapping("/group/update")
@RoleAuthority(value = "groupUpdate")
public ApiResp<String> groupUpdate(@RequestBody CoreRoleGroup roleGroup) {
if (StrUtil.isNotEmpty(roleGroup.getId())) {
@@ -76,6 +80,7 @@ public class RoleController {
* @return
*/
@PostMapping("/group/deleted")
@RoleAuthority(value = "groupDeleted")
public ApiResp<String> groupDeleted(@RequestBody @Valid IdDTO dto) {
CoreRoleGroup byId = coreRoleService.getById(dto.getId());
@@ -117,6 +122,7 @@ public class RoleController {
* @return
*/
@PostMapping("/group/rx/update")
@RoleAuthority(value = "groupRxUpdate")
public ApiResp<String> groupRxUpdate(@RequestBody @Valid GroupRxUpdateDTO dto) {
coreRoleService.updateGroupRx(dto);
return ApiResp.respOK("");
@@ -129,6 +135,7 @@ public class RoleController {
* @return
*/
@GetMapping("/user/page")
@RoleAuthority(value = "userPage")
public ApiResp<List<RoleUserPageVO>> userPage(PageDTO dto) {
QueryWrapper<CoreRoleUser> queryWrapper = new QueryWrapper<>();
@@ -149,6 +156,7 @@ public class RoleController {
* @return
*/
@PostMapping("/user/update")
@RoleAuthority(value = "userUpdate")
public ApiResp<String> userUpdate(@RequestBody CoreRoleUser roleUser) {
if (StrUtil.isNotEmpty(roleUser.getId())) {
coreRoleService.getUserMapper().updateById(roleUser);
@@ -165,6 +173,7 @@ public class RoleController {
* @return
*/
@PostMapping("/user/deleted")
@RoleAuthority(value = "userDeleted")
public ApiResp<String> userDeleted(@RequestBody @Valid IdDTO dto) {
CoreRoleUser coreRoleUser = new CoreRoleUser();
coreRoleUser.setId(dto.getId());
@@ -180,6 +189,7 @@ public class RoleController {
* @return
*/
@GetMapping("/server/list")
@RoleAuthority(value = "serverList")
public ApiResp<List<CoreRoleServer>> list() {
return ApiResp.respOK(coreRoleService.getServerMapper().selectList(new QueryWrapper<CoreRoleServer>()
.eq(CoreRoleServer.IS_DELETED, 0)
@@ -195,6 +205,7 @@ public class RoleController {
* @return
*/
@PostMapping("/server/update")
@RoleAuthority(value = "serverUpdate")
public ApiResp<String> update(@RequestBody CoreRoleServer coreService) {
if (StrUtil.isNotEmpty(coreService.getId())) {
coreRoleService.getServerMapper().updateById(coreService);
@@ -232,6 +243,7 @@ public class RoleController {
* @return
*/
@PostMapping("/authority/update")
@RoleAuthority(value = "authorityUpdate")
public ApiResp<String> menuUpdate(@RequestBody CoreRoleAuthority serviceMenu) {
serviceMenu.setParent(StrUtil.emptyToDefault(serviceMenu.getParent(), null));
if (StrUtil.isEmpty(serviceMenu.getId())) {

13
springboot-role/src/main/java/com/tiesheng/role/mapper/CoreRoleAuthorityMapper.java
View File

@@ -3,5 +3,16 @@ package com.tiesheng.role.mapper;
import com.baomidou.mybatisplus.core.mapper.BaseMapper;
import com.tiesheng.role.pojos.dao.CoreRoleAuthority;
import java.util.List;
public interface CoreRoleAuthorityMapper extends BaseMapper<CoreRoleAuthority> {
}
/**
* 批量插入数据
*
* @param coreRoleAuthorities
*/
void batchInsert(List<CoreRoleAuthority> coreRoleAuthorities);
}

109
springboot-role/src/main/java/com/tiesheng/role/service/CoreRoleService.java
View File

@@ -1,9 +1,11 @@
package com.tiesheng.role.service;
import cn.hutool.core.annotation.AnnotationUtil;
import cn.hutool.core.bean.BeanUtil;
import cn.hutool.core.collection.CollUtil;
import cn.hutool.core.util.StrUtil;
import com.baomidou.mybatisplus.core.conditions.query.QueryWrapper;
import com.tiesheng.annotation.role.RoleAuthority;
import com.tiesheng.role.mapper.*;
import com.tiesheng.role.pojos.dao.CoreRoleAuthority;
import com.tiesheng.role.pojos.dao.CoreRoleGroup;
@@ -11,11 +13,17 @@ import com.tiesheng.role.pojos.dao.CoreRoleGroupRx;
import com.tiesheng.role.pojos.dto.GroupRxUpdateDTO;
import com.tiesheng.role.pojos.dto.OwnerMenuDTO;
import com.tiesheng.role.pojos.vo.ServiceMenuVO;
import com.tiesheng.util.config.GlobalConfig;
import com.tiesheng.util.service.TsServiceBase;
import org.springframework.aop.support.AopUtils;
import org.springframework.context.ApplicationContext;
import org.springframework.context.ApplicationListener;
import org.springframework.context.event.ContextRefreshedEvent;
import org.springframework.stereotype.Service;
import org.springframework.transaction.annotation.Transactional;
import javax.annotation.Resource;
import java.lang.reflect.Method;
import java.util.ArrayList;
import java.util.List;
import java.util.Map;
@@ -23,20 +31,19 @@ import java.util.Objects;
import java.util.stream.Collectors;
@Service
public class CoreRoleService extends TsServiceBase<CoreRoleGroupMapper, CoreRoleGroup> {
public class CoreRoleService extends TsServiceBase<CoreRoleGroupMapper, CoreRoleGroup>
implements ApplicationListener<ContextRefreshedEvent> {
@Resource
CoreRoleUserMapper coreRoleUserMapper;
@Resource
CoreRoleGroupRxMapper coreRoleGroupRxMapper;
@Resource
CoreRoleAuthorityMapper coreRoleAuthorityMapper;
@Resource
CoreRoleServerMapper coreRoleServerMapper;
@Resource
GlobalConfig globalConfig;
public CoreRoleServerMapper getServerMapper() {
return coreRoleServerMapper;
@@ -155,4 +162,96 @@ public class CoreRoleService extends TsServiceBase<CoreRoleGroupMapper, CoreRole
.collect(Collectors.toList()), null);
}
@Override
public void onApplicationEvent(ContextRefreshedEvent event) {
ApplicationContext applicationContext = event.getApplicationContext();
Map<String, Object> beansOfType = applicationContext.getBeansWithAnnotation(RoleAuthority.class);
for (Map.Entry<String, Object> entry : beansOfType.entrySet()) {
Class<?> targetClass = AopUtils.getTargetClass(entry.getValue());
RoleAuthority menu = targetClass.getAnnotation(RoleAuthority.class);
List<RoleAuthority> points = new ArrayList<>();
Method[] methods = targetClass.getDeclaredMethods();
for (Method method : methods) {
RoleAuthority methodAuthority = AnnotationUtil.getAnnotation(method, RoleAuthority.class);
if (methodAuthority != null) {
points.add(methodAuthority);
}
}
addOrUpdateAuthority(menu, points);
}
}
/**
* 添加权限
*
* @param menu
* @param points
*/
private void addOrUpdateAuthority(RoleAuthority menu, List<RoleAuthority> points) {
if (menu.group().length == 0 || CollUtil.isEmpty(points)) {
return;
}
List<CoreRoleAuthority> list = new ArrayList<>();
// 分组
CoreRoleAuthority groupAuthority = new CoreRoleAuthority();
groupAuthority.setLevel(0);
for (String group : menu.group()) {
String parentId = groupAuthority.getParent();
int level = groupAuthority.getLevel() + 1;
String no = group;
if (StrUtil.isNotEmpty(groupAuthority.getNo())) {
no = StrUtil.join("_", groupAuthority.getNo(), group);
}
groupAuthority = new CoreRoleAuthority();
groupAuthority.setNo(no);
groupAuthority.setName(group);
groupAuthority.setService(globalConfig.getService());
groupAuthority.setType("group");
groupAuthority.setLevel(level);
groupAuthority.setPlatform(menu.platform());
groupAuthority.setParent(parentId);
groupAuthority.setId(StrUtil.join("_", groupAuthority.getService(), groupAuthority.getNo()));
list.add(groupAuthority);
}
// 菜单
CoreRoleAuthority menuAuthority = new CoreRoleAuthority();
menuAuthority.setNo(StrUtil.join("_", menu.group(), menu.value()));
menuAuthority.setName(menu.value());
menuAuthority.setService(globalConfig.getService());
menuAuthority.setType("menu");
menuAuthority.setLevel(groupAuthority.getLevel() + 1);
menuAuthority.setParent(groupAuthority.getId());
menuAuthority.setPlatform(menu.platform());
menuAuthority.setId(StrUtil.join("_", menuAuthority.getService(), menuAuthority.getNo()));
list.add(menuAuthority);
// 功能点
for (RoleAuthority authority : points) {
CoreRoleAuthority point = new CoreRoleAuthority();
point.setNo(StrUtil.join("_", menuAuthority.getNo(), authority.value()));
point.setName(authority.value());
point.setService(globalConfig.getService());
point.setType("point");
point.setLevel(menuAuthority.getLevel() + 1);
point.setParent(menuAuthority.getId());
point.setPlatform(StrUtil.emptyToDefault(authority.platform(), menu.platform()));
point.setId(StrUtil.join("_", point.getService(), point.getNo()));
list.add(point);
}
coreRoleAuthorityMapper.batchInsert(list);
}
}

28
springboot-role/src/main/resources/mapper/CoreRoleAuthorityMapper.xml
View File

@@ -25,7 +25,31 @@
</resultMap>
<sql id="Base_Column_List">
<!--@mbg.generated-->
id, create_time, update_time, is_deleted, service, `no`, `name`, sort, `level`, parent,
id, create_time, update_time, is_deleted, service, `no`, `name`, sort, `level`, parent,
remark, is_open, `type`, link, platform, ext1, ext2, ext3
</sql>
</mapper>
<insert id="batchInsert">
insert into core_role_authority(id, create_time, update_time, is_deleted, service, no, name, level, parent,
type, platform, is_open)
values
<foreach collection="list" separator="," item="item">
(#{item.id}, now(), now(), 0,
#{item.service},
#{item.no},
#{item.name},
#{item.level},
#{item.parent},
#{item.type},
#{item.platform}, 1)
</foreach>
on duplicate key update update_time=now(),
is_deleted=0,
level=values(level),
parent=values(parent),
type=values(type),
platform=values(platform)
</insert>
</mapper>

2
springboot-util/src/main/java/com/tiesheng/util/config/TsTokenConfig.java
View File

@@ -26,7 +26,7 @@ public class TsTokenConfig {
/**
* 用户登录的KEY
*/
public static String CACHE_REQUEST_LOGIN_KEY = "request:login:{}";
public static String CACHE_REQUEST_LOGIN_KEY = "CACHE:LOGIN:{}";
/**

9
springboot-web/src/main/java/com/tiesheng/web/controller/ConfigController.java
View File

@@ -4,16 +4,17 @@ package com.tiesheng.web.controller;
import cn.hutool.core.util.StrUtil;
import com.baomidou.mybatisplus.core.conditions.query.QueryWrapper;
import com.baomidou.mybatisplus.extension.plugins.pagination.Page;
import com.tiesheng.annotation.role.RoleAuthority;
import com.tiesheng.annotation.token.TokenIgnore;
import com.tiesheng.util.exception.ApiException;
import com.tiesheng.util.pojos.ApiResp;
import com.tiesheng.util.pojos.PageDTO;
import com.tiesheng.web.pojos.dao.CoreConfigEnum;
import com.tiesheng.web.pojos.dao.CoreConfigSystem;
import com.tiesheng.web.pojos.dto.config.ConfigSystemDTO;
import com.tiesheng.web.pojos.dto.config.EnumTypeDTO;
import com.tiesheng.web.service.CoreConfigService;
import com.tiesheng.web.service.TieshengWebConfigurer;
import com.tiesheng.util.exception.ApiException;
import com.tiesheng.util.pojos.ApiResp;
import com.tiesheng.util.pojos.PageDTO;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.web.bind.annotation.*;
@@ -24,6 +25,7 @@ import java.util.List;
*/
@RestController
@RequestMapping("/config")
@RoleAuthority(value = "config", group = "system")
public class ConfigController {
@Autowired
@@ -59,6 +61,7 @@ public class ConfigController {
* @return
*/
@PostMapping("/system/update")
@RoleAuthority(value = "systemUpdate")
public ApiResp<String> systemUpdate(@RequestBody ConfigSystemDTO dto) {
CoreConfigSystem configKey = coreConfigService.getOneByColumn("config_key", dto.getConfigKey());

9
springboot-web/src/main/java/com/tiesheng/web/controller/LogController.java
View File

@@ -3,10 +3,11 @@ package com.tiesheng.web.controller;
import cn.hutool.core.util.StrUtil;
import com.baomidou.mybatisplus.core.conditions.query.QueryWrapper;
import com.baomidou.mybatisplus.extension.plugins.pagination.Page;
import com.tiesheng.annotation.role.RoleAuthority;
import com.tiesheng.login.pojos.dao.CoreLogLogin;
import com.tiesheng.util.pojos.ApiResp;
import com.tiesheng.util.pojos.PageDTO;
import com.tiesheng.web.pojos.dao.CoreLogApi;
import com.tiesheng.login.pojos.dao.CoreLogLogin;
import com.tiesheng.web.pojos.dao.CoreLogOperation;
import com.tiesheng.web.pojos.dao.CoreLogProcess;
import com.tiesheng.web.pojos.vo.ProcessDetailVo;
@@ -24,6 +25,7 @@ import java.util.List;
*/
@RestController
@RequestMapping("/manager/log")
@RoleAuthority(value = "log", group = "system")
public class LogController {
@Autowired
@@ -36,6 +38,7 @@ public class LogController {
* @return
*/
@GetMapping("/operation/page")
@RoleAuthority(value = "operation")
public ApiResp<List<CoreLogOperation>> operationPage(@Valid PageDTO dto) {
QueryWrapper<CoreLogOperation> queryWrapper = new QueryWrapper<>();
@@ -56,6 +59,7 @@ public class LogController {
* @return
*/
@GetMapping("/login/page")
@RoleAuthority(value = "login")
public ApiResp<List<CoreLogLogin>> loginPage(@Valid PageDTO dto) {
QueryWrapper<CoreLogLogin> queryWrapper = new QueryWrapper<>();
@@ -75,7 +79,8 @@ public class LogController {
* @return
*/
@GetMapping("/api/page")
public ApiResp<List<CoreLogApi>> messagePage(String result, @Valid PageDTO dto) {
@RoleAuthority(value = "api")
public ApiResp<List<CoreLogApi>> apiPage(String result, @Valid PageDTO dto) {
QueryWrapper<CoreLogApi> queryWrapper = new QueryWrapper<>();
queryWrapper.eq("is_deleted", 0);