修复无权限
This commit is contained in:
LionCity
@ -42,7 +42,7 @@ public class OnlineController {
|
|||||||
|
|
||||||
@ApiOperation("查询在线用户")
|
@ApiOperation("查询在线用户")
|
||||||
@GetMapping
|
@GetMapping
|
||||||
@PreAuthorize("@el.check()")
|
@PreAuthorize("@el.check('auth_online')")
|
||||||
public ResponseEntity<Object> getAll(@RequestParam(value = "filter",defaultValue = "") String filter,
|
public ResponseEntity<Object> getAll(@RequestParam(value = "filter",defaultValue = "") String filter,
|
||||||
@RequestParam(value = "type",defaultValue = "0") int type,
|
@RequestParam(value = "type",defaultValue = "0") int type,
|
||||||
Pageable pageable){
|
Pageable pageable){
|
||||||
|
|||||||
@ -12,11 +12,7 @@ import co.yixiang.common.service.impl.BaseServiceImpl;
|
|||||||
import co.yixiang.common.utils.QueryHelpPlus;
|
import co.yixiang.common.utils.QueryHelpPlus;
|
||||||
import co.yixiang.dozer.service.IGenerator;
|
import co.yixiang.dozer.service.IGenerator;
|
||||||
import co.yixiang.exception.EntityExistException;
|
import co.yixiang.exception.EntityExistException;
|
||||||
import co.yixiang.modules.system.domain.Dept;
|
import co.yixiang.modules.system.domain.*;
|
||||||
import co.yixiang.modules.system.domain.Menu;
|
|
||||||
import co.yixiang.modules.system.domain.Role;
|
|
||||||
import co.yixiang.modules.system.domain.RolesDepts;
|
|
||||||
import co.yixiang.modules.system.domain.RolesMenus;
|
|
||||||
import co.yixiang.modules.system.service.RoleService;
|
import co.yixiang.modules.system.service.RoleService;
|
||||||
import co.yixiang.modules.system.service.RolesDeptsService;
|
import co.yixiang.modules.system.service.RolesDeptsService;
|
||||||
import co.yixiang.modules.system.service.RolesMenusService;
|
import co.yixiang.modules.system.service.RolesMenusService;
|
||||||
@ -42,14 +38,7 @@ import org.springframework.transaction.annotation.Transactional;
|
|||||||
|
|
||||||
import javax.servlet.http.HttpServletResponse;
|
import javax.servlet.http.HttpServletResponse;
|
||||||
import java.io.IOException;
|
import java.io.IOException;
|
||||||
import java.util.ArrayList;
|
import java.util.*;
|
||||||
import java.util.Collection;
|
|
||||||
import java.util.Collections;
|
|
||||||
import java.util.HashSet;
|
|
||||||
import java.util.LinkedHashMap;
|
|
||||||
import java.util.List;
|
|
||||||
import java.util.Map;
|
|
||||||
import java.util.Set;
|
|
||||||
import java.util.stream.Collectors;
|
import java.util.stream.Collectors;
|
||||||
|
|
||||||
// 默认不使用缓存
|
// 默认不使用缓存
|
||||||
@ -243,6 +232,7 @@ public class RoleServiceImpl extends BaseServiceImpl<RoleMapper, Role> implement
|
|||||||
role.setPermission(resources.getPermission());
|
role.setPermission(resources.getPermission());
|
||||||
this.saveOrUpdate(role);
|
this.saveOrUpdate(role);
|
||||||
}
|
}
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* 获取用户权限信息
|
* 获取用户权限信息
|
||||||
*
|
*
|
||||||
@ -260,11 +250,20 @@ public class RoleServiceImpl extends BaseServiceImpl<RoleMapper, Role> implement
|
|||||||
role.setDepts(deptSet);
|
role.setDepts(deptSet);
|
||||||
}
|
}
|
||||||
Set<String> permissions = roles.stream().filter(role -> StringUtils.isNotBlank(role.getPermission())).map(Role::getPermission).collect(Collectors.toSet());
|
Set<String> permissions = roles.stream().filter(role -> StringUtils.isNotBlank(role.getPermission())).map(Role::getPermission).collect(Collectors.toSet());
|
||||||
permissions.addAll(
|
// permissions.addAll(
|
||||||
|
// roles.stream().flatMap(role -> role.getMenus().stream())
|
||||||
|
// .filter(menu -> StringUtils.isNotBlank(menu.getPermission()))
|
||||||
|
// .map(Menu::getPermission).collect(Collectors.toSet())
|
||||||
|
// );
|
||||||
roles.stream().flatMap(role -> role.getMenus().stream())
|
roles.stream().flatMap(role -> role.getMenus().stream())
|
||||||
.filter(menu -> StringUtils.isNotBlank(menu.getPermission()))
|
.filter(menu -> StringUtils.isNotBlank(menu.getPermission()))
|
||||||
.map(Menu::getPermission).collect(Collectors.toSet())
|
.forEach(menu -> {
|
||||||
);
|
// 添加基于Permission的权限信息
|
||||||
|
for (String permission : StringUtils.split(menu.getPermission(), ",")) {
|
||||||
|
permissions.add(permission);
|
||||||
|
}
|
||||||
|
});
|
||||||
|
|
||||||
return permissions.stream().map(SimpleGrantedAuthority::new)
|
return permissions.stream().map(SimpleGrantedAuthority::new)
|
||||||
.collect(Collectors.toList());
|
.collect(Collectors.toList());
|
||||||
}
|
}
|
||||||
|
|||||||
@ -49,7 +49,7 @@ public class LocalStorageController {
|
|||||||
@Log("导出数据")
|
@Log("导出数据")
|
||||||
@ApiOperation("导出数据")
|
@ApiOperation("导出数据")
|
||||||
@GetMapping(value = "/download")
|
@GetMapping(value = "/download")
|
||||||
@PreAuthorize("@el.check('admin','localStorage:list')")
|
@PreAuthorize("@el.check('admin','storage:list')")
|
||||||
public void download(HttpServletResponse response, LocalStorageQueryCriteria criteria) throws IOException {
|
public void download(HttpServletResponse response, LocalStorageQueryCriteria criteria) throws IOException {
|
||||||
localStorageService.download(generator.convert(localStorageService.queryAll(criteria), LocalStorageDto.class), response);
|
localStorageService.download(generator.convert(localStorageService.queryAll(criteria), LocalStorageDto.class), response);
|
||||||
}
|
}
|
||||||
@ -57,7 +57,7 @@ public class LocalStorageController {
|
|||||||
@GetMapping
|
@GetMapping
|
||||||
@Log("查询文件")
|
@Log("查询文件")
|
||||||
@ApiOperation("查询文件")
|
@ApiOperation("查询文件")
|
||||||
@PreAuthorize("@el.check('admin','localStorage:list')")
|
@PreAuthorize("@el.check('admin','storage:list')")
|
||||||
public ResponseEntity<Object> getLocalStorages(LocalStorageQueryCriteria criteria, Pageable pageable){
|
public ResponseEntity<Object> getLocalStorages(LocalStorageQueryCriteria criteria, Pageable pageable){
|
||||||
return new ResponseEntity<>(localStorageService.queryAll(criteria,pageable),HttpStatus.OK);
|
return new ResponseEntity<>(localStorageService.queryAll(criteria,pageable),HttpStatus.OK);
|
||||||
}
|
}
|
||||||
@ -65,7 +65,7 @@ public class LocalStorageController {
|
|||||||
@PostMapping
|
@PostMapping
|
||||||
@Log("新增文件")
|
@Log("新增文件")
|
||||||
@ApiOperation("新增文件")
|
@ApiOperation("新增文件")
|
||||||
@PreAuthorize("@el.check('admin','localStorage:add')")
|
@PreAuthorize("@el.check('admin','storage:add')")
|
||||||
public ResponseEntity<Object> create(@RequestParam String name, @RequestParam("file") MultipartFile file){
|
public ResponseEntity<Object> create(@RequestParam String name, @RequestParam("file") MultipartFile file){
|
||||||
return new ResponseEntity<>(localStorageService.create(name,file),HttpStatus.CREATED);
|
return new ResponseEntity<>(localStorageService.create(name,file),HttpStatus.CREATED);
|
||||||
}
|
}
|
||||||
@ -73,7 +73,7 @@ public class LocalStorageController {
|
|||||||
@PutMapping
|
@PutMapping
|
||||||
@Log("修改文件")
|
@Log("修改文件")
|
||||||
@ApiOperation("修改文件")
|
@ApiOperation("修改文件")
|
||||||
@PreAuthorize("@el.check('admin','localStorage:edit')")
|
@PreAuthorize("@el.check('admin','storage:edit')")
|
||||||
public ResponseEntity<Object> update(@Validated @RequestBody LocalStorageDto resources){
|
public ResponseEntity<Object> update(@Validated @RequestBody LocalStorageDto resources){
|
||||||
localStorageService.updateLocalStorage(resources);
|
localStorageService.updateLocalStorage(resources);
|
||||||
return new ResponseEntity<>(HttpStatus.NO_CONTENT);
|
return new ResponseEntity<>(HttpStatus.NO_CONTENT);
|
||||||
@ -81,7 +81,7 @@ public class LocalStorageController {
|
|||||||
|
|
||||||
@Log("删除文件")
|
@Log("删除文件")
|
||||||
@ApiOperation("删除文件")
|
@ApiOperation("删除文件")
|
||||||
@PreAuthorize("@el.check('admin','localStorage:del')")
|
@PreAuthorize("@el.check('admin','storage:del')")
|
||||||
@DeleteMapping
|
@DeleteMapping
|
||||||
public ResponseEntity<Object> deleteAll(@RequestBody Long[] ids) {
|
public ResponseEntity<Object> deleteAll(@RequestBody Long[] ids) {
|
||||||
Arrays.asList(ids).forEach(id->{
|
Arrays.asList(ids).forEach(id->{
|
||||||
|
|||||||
Reference in New Issue
Block a user