cxc/yshopb2c
1
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity

修复无权限

Browse Source
This commit is contained in:
LionCity
2020-08-06 23:17:42 +08:00
parent 8d7fd7df85
commit f769413425
3 changed files with 60 additions and 61 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
yshop-admin/src/main/java/co/yixiang/modules/security/rest/OnlineController.java
View File

@ -42,7 +42,7 @@ public class OnlineController {
@ApiOperation("查询在线用户") @ApiOperation("查询在线用户")
@GetMapping @GetMapping
@PreAuthorize("@el.check()") @PreAuthorize("@el.check('auth_online')")
public ResponseEntity<Object> getAll(@RequestParam(value = "filter",defaultValue = "") String filter, public ResponseEntity<Object> getAll(@RequestParam(value = "filter",defaultValue = "") String filter,
@RequestParam(value = "type",defaultValue = "0") int type, @RequestParam(value = "type",defaultValue = "0") int type,
Pageable pageable){ Pageable pageable){

109
yshop-admin/src/main/java/co/yixiang/modules/system/service/impl/RoleServiceImpl.java
View File

@ -1,22 +1,18 @@
/** /**
* Copyright (C) 2018-2020 * Copyright (C) 2018-2020
* All rights reserved, Designed By www.yixiang.co * All rights reserved, Designed By www.yixiang.co
* 注意: * 注意:
* 本软件为www.yixiang.co开发研制未经购买不得使用 * 本软件为www.yixiang.co开发研制未经购买不得使用
* 购买后可获得全部源代码禁止转卖、分享、上传到码云、github等开源平台 * 购买后可获得全部源代码禁止转卖、分享、上传到码云、github等开源平台
* 一经发现盗用、分享等行为,将追究法律责任,后果自负 * 一经发现盗用、分享等行为,将追究法律责任,后果自负
*/ */
package co.yixiang.modules.system.service.impl; package co.yixiang.modules.system.service.impl;
import co.yixiang.common.service.impl.BaseServiceImpl; import co.yixiang.common.service.impl.BaseServiceImpl;
import co.yixiang.common.utils.QueryHelpPlus; import co.yixiang.common.utils.QueryHelpPlus;
import co.yixiang.dozer.service.IGenerator; import co.yixiang.dozer.service.IGenerator;
import co.yixiang.exception.EntityExistException; import co.yixiang.exception.EntityExistException;
import co.yixiang.modules.system.domain.Dept; import co.yixiang.modules.system.domain.*;
import co.yixiang.modules.system.domain.Menu;
import co.yixiang.modules.system.domain.Role;
import co.yixiang.modules.system.domain.RolesDepts;
import co.yixiang.modules.system.domain.RolesMenus;
import co.yixiang.modules.system.service.RoleService; import co.yixiang.modules.system.service.RoleService;
import co.yixiang.modules.system.service.RolesDeptsService; import co.yixiang.modules.system.service.RolesDeptsService;
import co.yixiang.modules.system.service.RolesMenusService; import co.yixiang.modules.system.service.RolesMenusService;
@ -42,14 +38,7 @@ import org.springframework.transaction.annotation.Transactional;
import javax.servlet.http.HttpServletResponse; import javax.servlet.http.HttpServletResponse;
import java.io.IOException; import java.io.IOException;
import java.util.ArrayList; import java.util.*;
import java.util.Collection;
import java.util.Collections;
import java.util.HashSet;
import java.util.LinkedHashMap;
import java.util.List;
import java.util.Map;
import java.util.Set;
import java.util.stream.Collectors; import java.util.stream.Collectors;
// 默认不使用缓存 // 默认不使用缓存
@ -58,9 +47,9 @@ import java.util.stream.Collectors;
//import org.springframework.cache.annotation.Cacheable; //import org.springframework.cache.annotation.Cacheable;
/** /**
* @author hupeng * @author hupeng
* @date 2020-05-14 * @date 2020-05-14
*/ */
@Service @Service
@AllArgsConstructor @AllArgsConstructor
@Transactional(propagation = Propagation.SUPPORTS, readOnly = true, rollbackFor = Exception.class) @Transactional(propagation = Propagation.SUPPORTS, readOnly = true, rollbackFor = Exception.class)
@ -71,7 +60,7 @@ public class RoleServiceImpl extends BaseServiceImpl<RoleMapper, Role> implement
private final MenuMapper menuMapper; private final MenuMapper menuMapper;
private final DeptMapper deptMapper; private final DeptMapper deptMapper;
private final RolesMenusService rolesMenusService; private final RolesMenusService rolesMenusService;
private final RolesDeptsService rolesDeptsService; private final RolesDeptsService rolesDeptsService;
@Override @Override
public Map<String, Object> queryAll(RoleQueryCriteria criteria, Pageable pageable) { public Map<String, Object> queryAll(RoleQueryCriteria criteria, Pageable pageable) {
@ -90,15 +79,15 @@ public class RoleServiceImpl extends BaseServiceImpl<RoleMapper, Role> implement
* @return Object * @return Object
*/ */
@Override @Override
public Object queryAlls(RoleQueryCriteria criteria,Pageable pageable) { public Object queryAlls(RoleQueryCriteria criteria, Pageable pageable) {
List<Role> roleList = baseMapper.selectList(QueryHelpPlus.getPredicate(Role.class, criteria)); List<Role> roleList = baseMapper.selectList(QueryHelpPlus.getPredicate(Role.class, criteria));
return roleList; return roleList;
} }
@Override @Override
public List<Role> queryAll(RoleQueryCriteria criteria){ public List<Role> queryAll(RoleQueryCriteria criteria) {
List<Role> roleList = baseMapper.selectList(QueryHelpPlus.getPredicate(Role.class, criteria)); List<Role> roleList = baseMapper.selectList(QueryHelpPlus.getPredicate(Role.class, criteria));
for (Role role : roleList) { for (Role role : roleList) {
role.setMenus(menuMapper.findMenuByRoleId(role.getId())); role.setMenus(menuMapper.findMenuByRoleId(role.getId()));
role.setDepts(deptMapper.findDeptByRoleId(role.getId())); role.setDepts(deptMapper.findDeptByRoleId(role.getId()));
@ -111,7 +100,7 @@ public class RoleServiceImpl extends BaseServiceImpl<RoleMapper, Role> implement
public void download(List<RoleDto> all, HttpServletResponse response) throws IOException { public void download(List<RoleDto> all, HttpServletResponse response) throws IOException {
List<Map<String, Object>> list = new ArrayList<>(); List<Map<String, Object>> list = new ArrayList<>();
for (RoleDto role : all) { for (RoleDto role : all) {
Map<String,Object> map = new LinkedHashMap<>(); Map<String, Object> map = new LinkedHashMap<>();
map.put("名称", role.getName()); map.put("名称", role.getName());
map.put("备注", role.getRemark()); map.put("备注", role.getRemark());
map.put("数据权限", role.getDataScope()); map.put("数据权限", role.getDataScope());
@ -133,7 +122,7 @@ public class RoleServiceImpl extends BaseServiceImpl<RoleMapper, Role> implement
@Override @Override
public List<RoleSmallDto> findByUsersId(Long id) { public List<RoleSmallDto> findByUsersId(Long id) {
List<Role> roles = roleMapper.selectListByUserId(id); List<Role> roles = roleMapper.selectListByUserId(id);
return generator.convert(roles,RoleSmallDto.class); return generator.convert(roles, RoleSmallDto.class);
} }
/** /**
@ -174,14 +163,14 @@ public class RoleServiceImpl extends BaseServiceImpl<RoleMapper, Role> implement
@Override @Override
// @CacheEvict(allEntries = true) // @CacheEvict(allEntries = true)
public void updateMenu(Role resources, RoleDto roleDto) { public void updateMenu(Role resources, RoleDto roleDto) {
if(resources.getMenus().size()>0){ if (resources.getMenus().size() > 0) {
List<RolesMenus> rolesMenusList = resources.getMenus().stream().map(i ->{ List<RolesMenus> rolesMenusList = resources.getMenus().stream().map(i -> {
RolesMenus rolesMenus = new RolesMenus(); RolesMenus rolesMenus = new RolesMenus();
rolesMenus.setRoleId(resources.getId()); rolesMenus.setRoleId(resources.getId());
rolesMenus.setMenuId(i.getId()); rolesMenus.setMenuId(i.getId());
return rolesMenus; return rolesMenus;
}).collect(Collectors.toList()); }).collect(Collectors.toList());
rolesMenusService.remove(new LambdaQueryWrapper<RolesMenus>().eq(RolesMenus::getRoleId,resources.getId())); rolesMenusService.remove(new LambdaQueryWrapper<RolesMenus>().eq(RolesMenus::getRoleId, resources.getId()));
rolesMenusService.saveBatch(rolesMenusList); rolesMenusService.saveBatch(rolesMenusList);
} }
} }
@ -191,16 +180,16 @@ public class RoleServiceImpl extends BaseServiceImpl<RoleMapper, Role> implement
// @CacheEvict(allEntries = true) // @CacheEvict(allEntries = true)
@Transactional(rollbackFor = Exception.class) @Transactional(rollbackFor = Exception.class)
public RoleDto create(Role resources) { public RoleDto create(Role resources) {
if(this.getOne(new QueryWrapper<Role>().lambda().eq(Role::getName,resources.getName())) != null){ if (this.getOne(new QueryWrapper<Role>().lambda().eq(Role::getName, resources.getName())) != null) {
throw new EntityExistException(Role.class,"username",resources.getName()); throw new EntityExistException(Role.class, "username", resources.getName());
} }
if(this.getOne(new QueryWrapper<Role>().lambda().eq(Role::getName,resources.getName())) != null){ if (this.getOne(new QueryWrapper<Role>().lambda().eq(Role::getName, resources.getName())) != null) {
throw new EntityExistException(Role.class,"username",resources.getName()); throw new EntityExistException(Role.class, "username", resources.getName());
} }
this.save(resources); this.save(resources);
if(resources.getDepts().size()>0){ if (resources.getDepts().size() > 0) {
List<RolesDepts> rolesDeptsList = resources.getDepts().stream().map(i ->{ List<RolesDepts> rolesDeptsList = resources.getDepts().stream().map(i -> {
RolesDepts rolesDepts = new RolesDepts(); RolesDepts rolesDepts = new RolesDepts();
rolesDepts.setRoleId(resources.getId()); rolesDepts.setRoleId(resources.getId());
rolesDepts.setDeptId(i.getId()); rolesDepts.setDeptId(i.getId());
@ -208,7 +197,7 @@ public class RoleServiceImpl extends BaseServiceImpl<RoleMapper, Role> implement
}).collect(Collectors.toList()); }).collect(Collectors.toList());
rolesDeptsService.saveBatch(rolesDeptsList); rolesDeptsService.saveBatch(rolesDeptsList);
} }
return generator.convert(resources,RoleDto.class); return generator.convert(resources, RoleDto.class);
} }
@Override @Override
@ -217,32 +206,33 @@ public class RoleServiceImpl extends BaseServiceImpl<RoleMapper, Role> implement
public void update(Role resources) { public void update(Role resources) {
Role role = this.getById(resources.getId()); Role role = this.getById(resources.getId());
Role role1 = this.getOne(new QueryWrapper<Role>().lambda().eq(Role::getName,resources.getName())); Role role1 = this.getOne(new QueryWrapper<Role>().lambda().eq(Role::getName, resources.getName()));
if(role1 != null && !role1.getId().equals(role.getId())){ if (role1 != null && !role1.getId().equals(role.getId())) {
throw new EntityExistException(Role.class,"username",resources.getName()); throw new EntityExistException(Role.class, "username", resources.getName());
} }
role1 = this.getOne(new QueryWrapper<Role>().lambda().eq(Role::getPermission,resources.getPermission())); role1 = this.getOne(new QueryWrapper<Role>().lambda().eq(Role::getPermission, resources.getPermission()));
if(role1 != null && !role1.getId().equals(role.getId())){ if (role1 != null && !role1.getId().equals(role.getId())) {
throw new EntityExistException(Role.class,"permission",resources.getPermission()); throw new EntityExistException(Role.class, "permission", resources.getPermission());
} }
role.setName(resources.getName()); role.setName(resources.getName());
role.setRemark(resources.getRemark()); role.setRemark(resources.getRemark());
role.setDataScope(resources.getDataScope()); role.setDataScope(resources.getDataScope());
if(resources.getDepts().size()>0){ if (resources.getDepts().size() > 0) {
List<RolesDepts> rolesDeptsList = resources.getDepts().stream().map(i ->{ List<RolesDepts> rolesDeptsList = resources.getDepts().stream().map(i -> {
RolesDepts rolesDepts = new RolesDepts(); RolesDepts rolesDepts = new RolesDepts();
rolesDepts.setRoleId(resources.getId()); rolesDepts.setRoleId(resources.getId());
rolesDepts.setDeptId(i.getId()); rolesDepts.setDeptId(i.getId());
return rolesDepts; return rolesDepts;
}).collect(Collectors.toList()); }).collect(Collectors.toList());
rolesDeptsService.remove(new LambdaQueryWrapper<RolesDepts>().eq(RolesDepts::getRoleId,resources.getId())); rolesDeptsService.remove(new LambdaQueryWrapper<RolesDepts>().eq(RolesDepts::getRoleId, resources.getId()));
rolesDeptsService.saveBatch(rolesDeptsList); rolesDeptsService.saveBatch(rolesDeptsList);
} }
role.setLevel(resources.getLevel()); role.setLevel(resources.getLevel());
role.setPermission(resources.getPermission()); role.setPermission(resources.getPermission());
this.saveOrUpdate(role); this.saveOrUpdate(role);
} }
/** /**
* 获取用户权限信息 * 获取用户权限信息
* *
@ -260,11 +250,20 @@ public class RoleServiceImpl extends BaseServiceImpl<RoleMapper, Role> implement
role.setDepts(deptSet); role.setDepts(deptSet);
} }
Set<String> permissions = roles.stream().filter(role -> StringUtils.isNotBlank(role.getPermission())).map(Role::getPermission).collect(Collectors.toSet()); Set<String> permissions = roles.stream().filter(role -> StringUtils.isNotBlank(role.getPermission())).map(Role::getPermission).collect(Collectors.toSet());
permissions.addAll( // permissions.addAll(
roles.stream().flatMap(role -> role.getMenus().stream()) // roles.stream().flatMap(role -> role.getMenus().stream())
.filter(menu -> StringUtils.isNotBlank(menu.getPermission())) // .filter(menu -> StringUtils.isNotBlank(menu.getPermission()))
.map(Menu::getPermission).collect(Collectors.toSet()) // .map(Menu::getPermission).collect(Collectors.toSet())
); // );
roles.stream().flatMap(role -> role.getMenus().stream())
.filter(menu -> StringUtils.isNotBlank(menu.getPermission()))
.forEach(menu -> {
// 添加基于Permission的权限信息
for (String permission : StringUtils.split(menu.getPermission(), ",")) {
permissions.add(permission);
}
});
return permissions.stream().map(SimpleGrantedAuthority::new) return permissions.stream().map(SimpleGrantedAuthority::new)
.collect(Collectors.toList()); .collect(Collectors.toList());
} }
@ -274,7 +273,7 @@ public class RoleServiceImpl extends BaseServiceImpl<RoleMapper, Role> implement
public void delete(Set<Long> ids) { public void delete(Set<Long> ids) {
for (Long id : ids) { for (Long id : ids) {
rolesMenusService.lambdaUpdate().eq(RolesMenus::getRoleId, id).remove(); rolesMenusService.lambdaUpdate().eq(RolesMenus::getRoleId, id).remove();
rolesDeptsService.lambdaUpdate().eq(RolesDepts::getRoleId,id).remove(); rolesDeptsService.lambdaUpdate().eq(RolesDepts::getRoleId, id).remove();
} }
this.removeByIds(ids); this.removeByIds(ids);
} }

10
yshop-tools/src/main/java/co/yixiang/tools/rest/LocalStorageController.java
View File

@ -49,7 +49,7 @@ public class LocalStorageController {
@Log("导出数据") @Log("导出数据")
@ApiOperation("导出数据") @ApiOperation("导出数据")
@GetMapping(value = "/download") @GetMapping(value = "/download")
@PreAuthorize("@el.check('admin','localStorage:list')") @PreAuthorize("@el.check('admin','storage:list')")
public void download(HttpServletResponse response, LocalStorageQueryCriteria criteria) throws IOException { public void download(HttpServletResponse response, LocalStorageQueryCriteria criteria) throws IOException {
localStorageService.download(generator.convert(localStorageService.queryAll(criteria), LocalStorageDto.class), response); localStorageService.download(generator.convert(localStorageService.queryAll(criteria), LocalStorageDto.class), response);
} }
@ -57,7 +57,7 @@ public class LocalStorageController {
@GetMapping @GetMapping
@Log("查询文件") @Log("查询文件")
@ApiOperation("查询文件") @ApiOperation("查询文件")
@PreAuthorize("@el.check('admin','localStorage:list')") @PreAuthorize("@el.check('admin','storage:list')")
public ResponseEntity<Object> getLocalStorages(LocalStorageQueryCriteria criteria, Pageable pageable){ public ResponseEntity<Object> getLocalStorages(LocalStorageQueryCriteria criteria, Pageable pageable){
return new ResponseEntity<>(localStorageService.queryAll(criteria,pageable),HttpStatus.OK); return new ResponseEntity<>(localStorageService.queryAll(criteria,pageable),HttpStatus.OK);
} }
@ -65,7 +65,7 @@ public class LocalStorageController {
@PostMapping @PostMapping
@Log("新增文件") @Log("新增文件")
@ApiOperation("新增文件") @ApiOperation("新增文件")
@PreAuthorize("@el.check('admin','localStorage:add')") @PreAuthorize("@el.check('admin','storage:add')")
public ResponseEntity<Object> create(@RequestParam String name, @RequestParam("file") MultipartFile file){ public ResponseEntity<Object> create(@RequestParam String name, @RequestParam("file") MultipartFile file){
return new ResponseEntity<>(localStorageService.create(name,file),HttpStatus.CREATED); return new ResponseEntity<>(localStorageService.create(name,file),HttpStatus.CREATED);
} }
@ -73,7 +73,7 @@ public class LocalStorageController {
@PutMapping @PutMapping
@Log("修改文件") @Log("修改文件")
@ApiOperation("修改文件") @ApiOperation("修改文件")
@PreAuthorize("@el.check('admin','localStorage:edit')") @PreAuthorize("@el.check('admin','storage:edit')")
public ResponseEntity<Object> update(@Validated @RequestBody LocalStorageDto resources){ public ResponseEntity<Object> update(@Validated @RequestBody LocalStorageDto resources){
localStorageService.updateLocalStorage(resources); localStorageService.updateLocalStorage(resources);
return new ResponseEntity<>(HttpStatus.NO_CONTENT); return new ResponseEntity<>(HttpStatus.NO_CONTENT);
@ -81,7 +81,7 @@ public class LocalStorageController {
@Log("删除文件") @Log("删除文件")
@ApiOperation("删除文件") @ApiOperation("删除文件")
@PreAuthorize("@el.check('admin','localStorage:del')") @PreAuthorize("@el.check('admin','storage:del')")
@DeleteMapping @DeleteMapping
public ResponseEntity<Object> deleteAll(@RequestBody Long[] ids) { public ResponseEntity<Object> deleteAll(@RequestBody Long[] ids) {
Arrays.asList(ids).forEach(id->{ Arrays.asList(ids).forEach(id->{