feat: 菜单、角色、字典、部门添加接口权限控制
This commit is contained in:
haoxr
@@ -4,14 +4,14 @@ package com.youlai.system.common.constant;
|
||||
* 系统常量
|
||||
*
|
||||
* @author haoxr
|
||||
* @date 2022/10/22
|
||||
* @since 2022/10/22
|
||||
*/
|
||||
public interface SystemConstants {
|
||||
|
||||
/**
|
||||
* 根节点ID
|
||||
*/
|
||||
Long ROOT_NODE_ID = 0l;
|
||||
Long ROOT_NODE_ID = 0L;
|
||||
|
||||
|
||||
/**
|
||||
|
||||
@@ -1,5 +1,6 @@
|
||||
package com.youlai.system.controller;
|
||||
|
||||
import com.youlai.system.framework.resubmit.Resubmit;
|
||||
import com.youlai.system.pojo.vo.Option;
|
||||
import com.youlai.system.common.result.Result;
|
||||
import com.youlai.system.pojo.form.DeptForm;
|
||||
@@ -12,6 +13,7 @@ import io.swagger.v3.oas.annotations.tags.Tag;
|
||||
import io.swagger.v3.oas.annotations.Operation;
|
||||
import lombok.RequiredArgsConstructor;
|
||||
import org.springdoc.core.annotations.ParameterObject;
|
||||
import org.springframework.security.access.prepost.PreAuthorize;
|
||||
import org.springframework.web.bind.annotation.*;
|
||||
|
||||
import jakarta.validation.Valid;
|
||||
@@ -21,7 +23,7 @@ import java.util.List;
|
||||
* 部门控制器
|
||||
*
|
||||
* @author haoxr
|
||||
* @date 2020/11/6
|
||||
* @since 2020/11/6
|
||||
*/
|
||||
@Tag(name = "05.部门接口")
|
||||
@RestController
|
||||
@@ -56,6 +58,8 @@ public class SysDeptController {
|
||||
|
||||
@Operation(summary = "新增部门", security = {@SecurityRequirement(name = "Authorization")})
|
||||
@PostMapping
|
||||
@PreAuthorize("@ss.hasPerm('sys:dept:add')")
|
||||
@Resubmit
|
||||
public Result saveDept(
|
||||
@Valid @RequestBody DeptForm formData
|
||||
) {
|
||||
@@ -65,6 +69,7 @@ public class SysDeptController {
|
||||
|
||||
@Operation(summary = "修改部门", security = {@SecurityRequirement(name = "Authorization")})
|
||||
@PutMapping(value = "/{deptId}")
|
||||
@PreAuthorize("@ss.hasPerm('sys:dept:edit')")
|
||||
public Result updateDept(
|
||||
@PathVariable Long deptId,
|
||||
@Valid @RequestBody DeptForm formData
|
||||
@@ -75,6 +80,7 @@ public class SysDeptController {
|
||||
|
||||
@Operation(summary = "删除部门", security = {@SecurityRequirement(name = "Authorization")})
|
||||
@DeleteMapping("/{ids}")
|
||||
@PreAuthorize("@ss.hasPerm('sys:dept:delete')")
|
||||
public Result deleteDepartments(
|
||||
@Parameter(description ="部门ID,多个以英文逗号(,)分割") @PathVariable("ids") String ids
|
||||
) {
|
||||
|
||||
@@ -1,24 +1,24 @@
|
||||
package com.youlai.system.controller;
|
||||
|
||||
import com.youlai.system.pojo.form.MenuForm;
|
||||
import com.youlai.system.pojo.vo.Option;
|
||||
import com.youlai.system.common.result.Result;
|
||||
import com.youlai.system.pojo.entity.SysMenu;
|
||||
import com.youlai.system.framework.resubmit.Resubmit;
|
||||
import com.youlai.system.pojo.form.MenuForm;
|
||||
import com.youlai.system.pojo.query.MenuQuery;
|
||||
import com.youlai.system.pojo.vo.MenuVO;
|
||||
import com.youlai.system.pojo.vo.Option;
|
||||
import com.youlai.system.pojo.vo.RouteVO;
|
||||
import com.youlai.system.service.SysMenuService;
|
||||
import io.swagger.v3.oas.annotations.Operation;
|
||||
import io.swagger.v3.oas.annotations.Parameter;
|
||||
import io.swagger.v3.oas.annotations.security.SecurityRequirement;
|
||||
import io.swagger.v3.oas.annotations.tags.Tag;
|
||||
import io.swagger.v3.oas.annotations.Operation;
|
||||
import lombok.RequiredArgsConstructor;
|
||||
import lombok.extern.slf4j.Slf4j;
|
||||
import org.springdoc.core.annotations.ParameterObject;
|
||||
import org.springframework.cache.annotation.CacheEvict;
|
||||
import org.springframework.security.access.prepost.PreAuthorize;
|
||||
import org.springframework.web.bind.annotation.*;
|
||||
|
||||
import java.util.Arrays;
|
||||
import java.util.List;
|
||||
|
||||
/**
|
||||
@@ -68,6 +68,8 @@ public class SysMenuController {
|
||||
|
||||
@Operation(summary = "新增菜单",security = {@SecurityRequirement(name = "Authorization")})
|
||||
@PostMapping
|
||||
@PreAuthorize("@ss.hasPerm('sys:menu:add')")
|
||||
@Resubmit
|
||||
@CacheEvict(cacheNames = "system", key = "'routes'")
|
||||
public Result addMenu(@RequestBody MenuForm menuForm) {
|
||||
boolean result = menuService.saveMenu(menuForm);
|
||||
@@ -76,6 +78,7 @@ public class SysMenuController {
|
||||
|
||||
@Operation(summary = "修改菜单",security = {@SecurityRequirement(name = "Authorization")})
|
||||
@PutMapping(value = "/{id}")
|
||||
@PreAuthorize("@ss.hasPerm('sys:menu:edit')")
|
||||
@CacheEvict(cacheNames = "system", key = "'routes'")
|
||||
public Result updateMenu(
|
||||
@RequestBody MenuForm menuForm
|
||||
@@ -86,6 +89,7 @@ public class SysMenuController {
|
||||
|
||||
@Operation(summary = "删除菜单",security = {@SecurityRequirement(name = "Authorization")})
|
||||
@DeleteMapping("/{id}")
|
||||
@PreAuthorize("@ss.hasPerm('sys:menu:delete')")
|
||||
@CacheEvict(cacheNames = "system", key = "'routes'")
|
||||
public Result deleteMenu(
|
||||
@Parameter(description ="菜单ID,多个以英文(,)分割") @PathVariable("id") Long id
|
||||
|
||||
@@ -1,6 +1,7 @@
|
||||
package com.youlai.system.controller;
|
||||
|
||||
import com.baomidou.mybatisplus.extension.plugins.pagination.Page;
|
||||
import com.youlai.system.framework.resubmit.Resubmit;
|
||||
import com.youlai.system.pojo.vo.Option;
|
||||
import com.youlai.system.common.result.PageResult;
|
||||
import com.youlai.system.common.result.Result;
|
||||
@@ -14,6 +15,7 @@ import io.swagger.v3.oas.annotations.tags.Tag;
|
||||
import io.swagger.v3.oas.annotations.Operation;
|
||||
import lombok.RequiredArgsConstructor;
|
||||
import org.springdoc.core.annotations.ParameterObject;
|
||||
import org.springframework.security.access.prepost.PreAuthorize;
|
||||
import org.springframework.web.bind.annotation.*;
|
||||
|
||||
import jakarta.validation.Valid;
|
||||
@@ -45,6 +47,8 @@ public class SysRoleController {
|
||||
|
||||
@Operation(summary = "新增角色",security = {@SecurityRequirement(name = "Authorization")})
|
||||
@PostMapping
|
||||
@PreAuthorize("@ss.hasPerm('sys:role:add')")
|
||||
@Resubmit
|
||||
public Result addRole(@Valid @RequestBody RoleForm roleForm) {
|
||||
boolean result = roleService.saveRole(roleForm);
|
||||
return Result.judge(result);
|
||||
@@ -61,6 +65,7 @@ public class SysRoleController {
|
||||
|
||||
@Operation(summary = "修改角色",security = {@SecurityRequirement(name = "Authorization")})
|
||||
@PutMapping(value = "/{id}")
|
||||
@PreAuthorize("@ss.hasPerm('sys:role:edit')")
|
||||
public Result updateRole(@Valid @RequestBody RoleForm roleForm) {
|
||||
boolean result = roleService.saveRole(roleForm);
|
||||
return Result.judge(result);
|
||||
@@ -68,6 +73,7 @@ public class SysRoleController {
|
||||
|
||||
@Operation(summary = "删除角色",security = {@SecurityRequirement(name = "Authorization")})
|
||||
@DeleteMapping("/{ids}")
|
||||
@PreAuthorize("@ss.hasPerm('sys:role:delete')")
|
||||
public Result deleteRoles(
|
||||
@Parameter(description ="删除角色,多个以英文逗号(,)分割") @PathVariable String ids
|
||||
) {
|
||||
|
||||
@@ -104,6 +104,7 @@ public class SysUserController {
|
||||
|
||||
@Operation(summary = "修改用户密码", security = {@SecurityRequirement(name = "Authorization")})
|
||||
@PatchMapping(value = "/{userId}/password")
|
||||
@PreAuthorize("@ss.hasPerm('sys:user:reset_pwd')")
|
||||
public Result updatePassword(
|
||||
@Parameter(description = "用户ID") @PathVariable Long userId,
|
||||
@RequestParam String password
|
||||
|
||||
@@ -2,13 +2,13 @@ package com.youlai.system.service.impl;
|
||||
|
||||
import cn.hutool.core.collection.CollectionUtil;
|
||||
import cn.hutool.core.lang.Assert;
|
||||
import cn.hutool.core.util.RandomUtil;
|
||||
import cn.hutool.core.util.StrUtil;
|
||||
import com.baomidou.mybatisplus.core.conditions.query.LambdaQueryWrapper;
|
||||
import com.baomidou.mybatisplus.core.conditions.update.LambdaUpdateWrapper;
|
||||
import com.baomidou.mybatisplus.core.metadata.IPage;
|
||||
import com.baomidou.mybatisplus.extension.plugins.pagination.Page;
|
||||
import com.baomidou.mybatisplus.extension.service.impl.ServiceImpl;
|
||||
import com.youlai.system.common.constant.SecurityConstants;
|
||||
import com.youlai.system.common.constant.SystemConstants;
|
||||
import com.youlai.system.converter.UserConverter;
|
||||
import com.youlai.system.framework.security.util.SecurityUtils;
|
||||
@@ -17,7 +17,6 @@ import com.youlai.system.pojo.bo.UserAuthInfo;
|
||||
import com.youlai.system.pojo.bo.UserBO;
|
||||
import com.youlai.system.pojo.bo.UserFormBO;
|
||||
import com.youlai.system.pojo.entity.SysUser;
|
||||
import com.youlai.system.pojo.form.RoleForm;
|
||||
import com.youlai.system.pojo.form.UserForm;
|
||||
import com.youlai.system.pojo.query.UserPageQuery;
|
||||
import com.youlai.system.pojo.vo.UserExportVO;
|
||||
@@ -182,24 +181,21 @@ public class SysUserServiceImpl extends ServiceImpl<SysUserMapper, SysUser> impl
|
||||
*
|
||||
* @param userId 用户ID
|
||||
* @param password 用户密码
|
||||
* @return
|
||||
* @return true|false
|
||||
*/
|
||||
@Override
|
||||
public boolean updatePassword(Long userId, String password) {
|
||||
String encryptedPassword = passwordEncoder.encode(password);
|
||||
boolean result = this.update(new LambdaUpdateWrapper<SysUser>()
|
||||
return this.update(new LambdaUpdateWrapper<SysUser>()
|
||||
.eq(SysUser::getId, userId)
|
||||
.set(SysUser::getPassword, encryptedPassword)
|
||||
.set(SysUser::getPassword, passwordEncoder.encode(password))
|
||||
);
|
||||
|
||||
return result;
|
||||
}
|
||||
|
||||
/**
|
||||
* 根据用户名获取认证信息
|
||||
*
|
||||
* @param username
|
||||
* @return
|
||||
* @param username 用户名
|
||||
* @return 用户认证信息 {@link UserAuthInfo}
|
||||
*/
|
||||
@Override
|
||||
public UserAuthInfo getUserAuthInfo(String username) {
|
||||
@@ -255,7 +251,7 @@ public class SysUserServiceImpl extends ServiceImpl<SysUserMapper, SysUser> impl
|
||||
userInfoVO.setRoles(roles);
|
||||
|
||||
// 用户权限集合
|
||||
Set<String> perms = (Set<String>) redisTemplate.opsForValue().get("USER_PERMS:" + user.getId());
|
||||
Set<String> perms = (Set<String>) redisTemplate.opsForValue().get(SecurityConstants.USER_PERMS_CACHE_PREFIX+ user.getId());
|
||||
userInfoVO.setPerms(perms);
|
||||
|
||||
return userInfoVO;
|
||||
|
||||
Reference in New Issue
Block a user