cxc/yshopb2c
1
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity

修复无权限

Browse Source
This commit is contained in:
LionCity
2020-08-06 23:17:42 +08:00
parent 8d7fd7df85
commit f769413425
3 changed files with 60 additions and 61 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
yshop-admin/src/main/java/co/yixiang/modules/security/rest/OnlineController.java
View File

@ -42,7 +42,7 @@ public class OnlineController {
@ApiOperation("查询在线用户")
@GetMapping
@PreAuthorize("@el.check()")
@PreAuthorize("@el.check('auth_online')")
public ResponseEntity<Object> getAll(@RequestParam(value = "filter",defaultValue = "") String filter,
@RequestParam(value = "type",defaultValue = "0") int type,
Pageable pageable){

109
yshop-admin/src/main/java/co/yixiang/modules/system/service/impl/RoleServiceImpl.java
View File

@ -1,22 +1,18 @@
/**
* Copyright (C) 2018-2020
* All rights reserved, Designed By www.yixiang.co
* 注意:
* 本软件为www.yixiang.co开发研制未经购买不得使用
* 购买后可获得全部源代码禁止转卖、分享、上传到码云、github等开源平台
* 一经发现盗用、分享等行为,将追究法律责任,后果自负
*/
* Copyright (C) 2018-2020
* All rights reserved, Designed By www.yixiang.co
* 注意:
* 本软件为www.yixiang.co开发研制未经购买不得使用
* 购买后可获得全部源代码禁止转卖、分享、上传到码云、github等开源平台
* 一经发现盗用、分享等行为,将追究法律责任,后果自负
*/
package co.yixiang.modules.system.service.impl;
import co.yixiang.common.service.impl.BaseServiceImpl;
import co.yixiang.common.utils.QueryHelpPlus;
import co.yixiang.dozer.service.IGenerator;
import co.yixiang.exception.EntityExistException;
import co.yixiang.modules.system.domain.Dept;
import co.yixiang.modules.system.domain.Menu;
import co.yixiang.modules.system.domain.Role;
import co.yixiang.modules.system.domain.RolesDepts;
import co.yixiang.modules.system.domain.RolesMenus;
import co.yixiang.modules.system.domain.*;
import co.yixiang.modules.system.service.RoleService;
import co.yixiang.modules.system.service.RolesDeptsService;
import co.yixiang.modules.system.service.RolesMenusService;
@ -42,14 +38,7 @@ import org.springframework.transaction.annotation.Transactional;
import javax.servlet.http.HttpServletResponse;
import java.io.IOException;
import java.util.ArrayList;
import java.util.Collection;
import java.util.Collections;
import java.util.HashSet;
import java.util.LinkedHashMap;
import java.util.List;
import java.util.Map;
import java.util.Set;
import java.util.*;
import java.util.stream.Collectors;
// 默认不使用缓存
@ -58,9 +47,9 @@ import java.util.stream.Collectors;
//import org.springframework.cache.annotation.Cacheable;
/**
* @author hupeng
* @date 2020-05-14
*/
* @author hupeng
* @date 2020-05-14
*/
@Service
@AllArgsConstructor
@Transactional(propagation = Propagation.SUPPORTS, readOnly = true, rollbackFor = Exception.class)
@ -71,7 +60,7 @@ public class RoleServiceImpl extends BaseServiceImpl<RoleMapper, Role> implement
private final MenuMapper menuMapper;
private final DeptMapper deptMapper;
private final RolesMenusService rolesMenusService;
private final RolesDeptsService rolesDeptsService;
private final RolesDeptsService rolesDeptsService;
@Override
public Map<String, Object> queryAll(RoleQueryCriteria criteria, Pageable pageable) {
@ -90,15 +79,15 @@ public class RoleServiceImpl extends BaseServiceImpl<RoleMapper, Role> implement
* @return Object
*/
@Override
public Object queryAlls(RoleQueryCriteria criteria,Pageable pageable) {
List<Role> roleList = baseMapper.selectList(QueryHelpPlus.getPredicate(Role.class, criteria));
public Object queryAlls(RoleQueryCriteria criteria, Pageable pageable) {
List<Role> roleList = baseMapper.selectList(QueryHelpPlus.getPredicate(Role.class, criteria));
return roleList;
}
@Override
public List<Role> queryAll(RoleQueryCriteria criteria){
List<Role> roleList = baseMapper.selectList(QueryHelpPlus.getPredicate(Role.class, criteria));
public List<Role> queryAll(RoleQueryCriteria criteria) {
List<Role> roleList = baseMapper.selectList(QueryHelpPlus.getPredicate(Role.class, criteria));
for (Role role : roleList) {
role.setMenus(menuMapper.findMenuByRoleId(role.getId()));
role.setDepts(deptMapper.findDeptByRoleId(role.getId()));
@ -111,7 +100,7 @@ public class RoleServiceImpl extends BaseServiceImpl<RoleMapper, Role> implement
public void download(List<RoleDto> all, HttpServletResponse response) throws IOException {
List<Map<String, Object>> list = new ArrayList<>();
for (RoleDto role : all) {
Map<String,Object> map = new LinkedHashMap<>();
Map<String, Object> map = new LinkedHashMap<>();
map.put("名称", role.getName());
map.put("备注", role.getRemark());
map.put("数据权限", role.getDataScope());
@ -133,7 +122,7 @@ public class RoleServiceImpl extends BaseServiceImpl<RoleMapper, Role> implement
@Override
public List<RoleSmallDto> findByUsersId(Long id) {
List<Role> roles = roleMapper.selectListByUserId(id);
return generator.convert(roles,RoleSmallDto.class);
return generator.convert(roles, RoleSmallDto.class);
}
/**
@ -174,14 +163,14 @@ public class RoleServiceImpl extends BaseServiceImpl<RoleMapper, Role> implement
@Override
// @CacheEvict(allEntries = true)
public void updateMenu(Role resources, RoleDto roleDto) {
if(resources.getMenus().size()>0){
List<RolesMenus> rolesMenusList = resources.getMenus().stream().map(i ->{
if (resources.getMenus().size() > 0) {
List<RolesMenus> rolesMenusList = resources.getMenus().stream().map(i -> {
RolesMenus rolesMenus = new RolesMenus();
rolesMenus.setRoleId(resources.getId());
rolesMenus.setMenuId(i.getId());
return rolesMenus;
}).collect(Collectors.toList());
rolesMenusService.remove(new LambdaQueryWrapper<RolesMenus>().eq(RolesMenus::getRoleId,resources.getId()));
rolesMenusService.remove(new LambdaQueryWrapper<RolesMenus>().eq(RolesMenus::getRoleId, resources.getId()));
rolesMenusService.saveBatch(rolesMenusList);
}
}
@ -191,16 +180,16 @@ public class RoleServiceImpl extends BaseServiceImpl<RoleMapper, Role> implement
// @CacheEvict(allEntries = true)
@Transactional(rollbackFor = Exception.class)
public RoleDto create(Role resources) {
if(this.getOne(new QueryWrapper<Role>().lambda().eq(Role::getName,resources.getName())) != null){
throw new EntityExistException(Role.class,"username",resources.getName());
if (this.getOne(new QueryWrapper<Role>().lambda().eq(Role::getName, resources.getName())) != null) {
throw new EntityExistException(Role.class, "username", resources.getName());
}
if(this.getOne(new QueryWrapper<Role>().lambda().eq(Role::getName,resources.getName())) != null){
throw new EntityExistException(Role.class,"username",resources.getName());
if (this.getOne(new QueryWrapper<Role>().lambda().eq(Role::getName, resources.getName())) != null) {
throw new EntityExistException(Role.class, "username", resources.getName());
}
this.save(resources);
if(resources.getDepts().size()>0){
List<RolesDepts> rolesDeptsList = resources.getDepts().stream().map(i ->{
if (resources.getDepts().size() > 0) {
List<RolesDepts> rolesDeptsList = resources.getDepts().stream().map(i -> {
RolesDepts rolesDepts = new RolesDepts();
rolesDepts.setRoleId(resources.getId());
rolesDepts.setDeptId(i.getId());
@ -208,7 +197,7 @@ public class RoleServiceImpl extends BaseServiceImpl<RoleMapper, Role> implement
}).collect(Collectors.toList());
rolesDeptsService.saveBatch(rolesDeptsList);
}
return generator.convert(resources,RoleDto.class);
return generator.convert(resources, RoleDto.class);
}
@Override
@ -217,32 +206,33 @@ public class RoleServiceImpl extends BaseServiceImpl<RoleMapper, Role> implement
public void update(Role resources) {
Role role = this.getById(resources.getId());
Role role1 = this.getOne(new QueryWrapper<Role>().lambda().eq(Role::getName,resources.getName()));
Role role1 = this.getOne(new QueryWrapper<Role>().lambda().eq(Role::getName, resources.getName()));
if(role1 != null && !role1.getId().equals(role.getId())){
throw new EntityExistException(Role.class,"username",resources.getName());
if (role1 != null && !role1.getId().equals(role.getId())) {
throw new EntityExistException(Role.class, "username", resources.getName());
}
role1 = this.getOne(new QueryWrapper<Role>().lambda().eq(Role::getPermission,resources.getPermission()));
if(role1 != null && !role1.getId().equals(role.getId())){
throw new EntityExistException(Role.class,"permission",resources.getPermission());
role1 = this.getOne(new QueryWrapper<Role>().lambda().eq(Role::getPermission, resources.getPermission()));
if (role1 != null && !role1.getId().equals(role.getId())) {
throw new EntityExistException(Role.class, "permission", resources.getPermission());
}
role.setName(resources.getName());
role.setRemark(resources.getRemark());
role.setDataScope(resources.getDataScope());
if(resources.getDepts().size()>0){
List<RolesDepts> rolesDeptsList = resources.getDepts().stream().map(i ->{
if (resources.getDepts().size() > 0) {
List<RolesDepts> rolesDeptsList = resources.getDepts().stream().map(i -> {
RolesDepts rolesDepts = new RolesDepts();
rolesDepts.setRoleId(resources.getId());
rolesDepts.setDeptId(i.getId());
return rolesDepts;
}).collect(Collectors.toList());
rolesDeptsService.remove(new LambdaQueryWrapper<RolesDepts>().eq(RolesDepts::getRoleId,resources.getId()));
rolesDeptsService.remove(new LambdaQueryWrapper<RolesDepts>().eq(RolesDepts::getRoleId, resources.getId()));
rolesDeptsService.saveBatch(rolesDeptsList);
}
role.setLevel(resources.getLevel());
role.setPermission(resources.getPermission());
this.saveOrUpdate(role);
}
/**
* 获取用户权限信息
*
@ -260,11 +250,20 @@ public class RoleServiceImpl extends BaseServiceImpl<RoleMapper, Role> implement
role.setDepts(deptSet);
}
Set<String> permissions = roles.stream().filter(role -> StringUtils.isNotBlank(role.getPermission())).map(Role::getPermission).collect(Collectors.toSet());
permissions.addAll(
roles.stream().flatMap(role -> role.getMenus().stream())
.filter(menu -> StringUtils.isNotBlank(menu.getPermission()))
.map(Menu::getPermission).collect(Collectors.toSet())
);
// permissions.addAll(
// roles.stream().flatMap(role -> role.getMenus().stream())
// .filter(menu -> StringUtils.isNotBlank(menu.getPermission()))
// .map(Menu::getPermission).collect(Collectors.toSet())
// );
roles.stream().flatMap(role -> role.getMenus().stream())
.filter(menu -> StringUtils.isNotBlank(menu.getPermission()))
.forEach(menu -> {
// 添加基于Permission的权限信息
for (String permission : StringUtils.split(menu.getPermission(), ",")) {
permissions.add(permission);
}
});
return permissions.stream().map(SimpleGrantedAuthority::new)
.collect(Collectors.toList());
}
@ -274,7 +273,7 @@ public class RoleServiceImpl extends BaseServiceImpl<RoleMapper, Role> implement
public void delete(Set<Long> ids) {
for (Long id : ids) {
rolesMenusService.lambdaUpdate().eq(RolesMenus::getRoleId, id).remove();
rolesDeptsService.lambdaUpdate().eq(RolesDepts::getRoleId,id).remove();
rolesDeptsService.lambdaUpdate().eq(RolesDepts::getRoleId, id).remove();
}
this.removeByIds(ids);
}

10
yshop-tools/src/main/java/co/yixiang/tools/rest/LocalStorageController.java
View File

@ -49,7 +49,7 @@ public class LocalStorageController {
@Log("导出数据")
@ApiOperation("导出数据")
@GetMapping(value = "/download")
@PreAuthorize("@el.check('admin','localStorage:list')")
@PreAuthorize("@el.check('admin','storage:list')")
public void download(HttpServletResponse response, LocalStorageQueryCriteria criteria) throws IOException {
localStorageService.download(generator.convert(localStorageService.queryAll(criteria), LocalStorageDto.class), response);
}
@ -57,7 +57,7 @@ public class LocalStorageController {
@GetMapping
@Log("查询文件")
@ApiOperation("查询文件")
@PreAuthorize("@el.check('admin','localStorage:list')")
@PreAuthorize("@el.check('admin','storage:list')")
public ResponseEntity<Object> getLocalStorages(LocalStorageQueryCriteria criteria, Pageable pageable){
return new ResponseEntity<>(localStorageService.queryAll(criteria,pageable),HttpStatus.OK);
}
@ -65,7 +65,7 @@ public class LocalStorageController {
@PostMapping
@Log("新增文件")
@ApiOperation("新增文件")
@PreAuthorize("@el.check('admin','localStorage:add')")
@PreAuthorize("@el.check('admin','storage:add')")
public ResponseEntity<Object> create(@RequestParam String name, @RequestParam("file") MultipartFile file){
return new ResponseEntity<>(localStorageService.create(name,file),HttpStatus.CREATED);
}
@ -73,7 +73,7 @@ public class LocalStorageController {
@PutMapping
@Log("修改文件")
@ApiOperation("修改文件")
@PreAuthorize("@el.check('admin','localStorage:edit')")
@PreAuthorize("@el.check('admin','storage:edit')")
public ResponseEntity<Object> update(@Validated @RequestBody LocalStorageDto resources){
localStorageService.updateLocalStorage(resources);
return new ResponseEntity<>(HttpStatus.NO_CONTENT);
@ -81,7 +81,7 @@ public class LocalStorageController {
@Log("删除文件")
@ApiOperation("删除文件")
@PreAuthorize("@el.check('admin','localStorage:del')")
@PreAuthorize("@el.check('admin','storage:del')")
@DeleteMapping
public ResponseEntity<Object> deleteAll(@RequestBody Long[] ids) {
Arrays.asList(ids).forEach(id->{