diff --git a/others/database/initial_data.ddl b/others/database/initial_data.ddl index 2e15b37..cce8595 100644 --- a/others/database/initial_data.ddl +++ b/others/database/initial_data.ddl @@ -5,19 +5,23 @@ truncate user_privilege; -- admin, password is admin ( All privileges) insert into user_(id,guid,create_time,email,password,phone,username,default_user) values -(21,'29f6004fb1b0466f9572b02bf2ac1be8',now(),'admin@andaily.com','$2a$10$XWN7zOvSLDiyxQnX01KMXuf5NTkkuAUtt23YxUMWaIPURcR7bdULi','028-1234567','admin',true); +(21,'29f6004fb1b0466f9572b02bf2ac1be8',now(),'admin@andaily.com','$2a$10$XWN7zOvSLDiyxQnX01KMXuf5NTkkuAUtt23YxUMWaIPURcR7bdULi','028-1234567','admin',1); + +insert into user_privilege(user_id,privilege) values (21,'ADMIN'); +insert into user_privilege(user_id,privilege) values (21,'UNITY'); +insert into user_privilege(user_id,privilege) values (21,'MOBILE'); -- unity, password is unity ( ROLE_UNITY) insert into user_(id,guid,create_time,email,password,phone,username,default_user) values -(22,'55b713df1c6f423e842ad68668523c49',now(),'unity@andaily.com','$2a$10$gq3eUch/h.eHt20LpboSXeeZinzSLBk49K5KD.Ms4/1tOAJIsrrfq','','unity',false); +(22,'55b713df1c6f423e842ad68668523c49',now(),'unity@andaily.com','$2a$10$gq3eUch/h.eHt20LpboSXeeZinzSLBk49K5KD.Ms4/1tOAJIsrrfq','','unity',0); insert into user_privilege(user_id,privilege) values (22,'UNITY'); -- mobile, password is mobile ( ROLE_MOBILE) insert into user_(id,guid,create_time,email,password,phone,username,default_user) values -(23,'612025cb3f964a64a48bbdf77e53c2c1',now(),'mobile@andaily.com','$2a$10$BOmMzLDaoiIQ4Q1pCw6Z4u0gzL01B8bNL.0WUecJ2YxTtHVRIA8Zm','','mobile',false); +(23,'612025cb3f964a64a48bbdf77e53c2c1',now(),'mobile@andaily.com','$2a$10$BOmMzLDaoiIQ4Q1pCw6Z4u0gzL01B8bNL.0WUecJ2YxTtHVRIA8Zm','','mobile',0); insert into user_privilege(user_id,privilege) values (23,'MOBILE'); diff --git a/src/main/java/com/monkeyk/sos/config/WebSecurityConfigurer.java b/src/main/java/com/monkeyk/sos/config/WebSecurityConfigurer.java index 01aa6ec..2992628 100644 --- a/src/main/java/com/monkeyk/sos/config/WebSecurityConfigurer.java +++ b/src/main/java/com/monkeyk/sos/config/WebSecurityConfigurer.java @@ -55,7 +55,7 @@ public class WebSecurityConfigurer extends WebSecurityConfigurerAdapter { .antMatchers("/oauth2/rest_token*").permitAll() .antMatchers("/login*").permitAll() - .antMatchers("/admin/**").hasAnyRole("ADMIN") + .antMatchers("/user/**").hasAnyRole("ADMIN") .antMatchers(HttpMethod.GET, "/login*").anonymous() .anyRequest().authenticated() diff --git a/src/main/java/com/monkeyk/sos/domain/shared/security/WdcyUserDetails.java b/src/main/java/com/monkeyk/sos/domain/shared/security/SOSUserDetails.java similarity index 77% rename from src/main/java/com/monkeyk/sos/domain/shared/security/WdcyUserDetails.java rename to src/main/java/com/monkeyk/sos/domain/shared/security/SOSUserDetails.java index a22bbd3..47718d2 100644 --- a/src/main/java/com/monkeyk/sos/domain/shared/security/WdcyUserDetails.java +++ b/src/main/java/com/monkeyk/sos/domain/shared/security/SOSUserDetails.java @@ -13,7 +13,7 @@ import java.util.List; /** * @author Shengzhao Li */ -public class WdcyUserDetails implements UserDetails { +public class SOSUserDetails implements UserDetails { private static final long serialVersionUID = 3957586021470480642L; @@ -24,10 +24,10 @@ public class WdcyUserDetails implements UserDetails { protected List grantedAuthorities = new ArrayList<>(); - public WdcyUserDetails() { + public SOSUserDetails() { } - public WdcyUserDetails(User user) { + public SOSUserDetails(User user) { this.user = user; initialAuthorities(); } @@ -35,15 +35,10 @@ public class WdcyUserDetails implements UserDetails { private void initialAuthorities() { //Default, everyone have it this.grantedAuthorities.add(DEFAULT_USER_ROLE); - //default user have all privileges - if (user.defaultUser()) { - this.grantedAuthorities.add(new SimpleGrantedAuthority(ROLE_PREFIX + Privilege.UNITY.name())); - this.grantedAuthorities.add(new SimpleGrantedAuthority(ROLE_PREFIX + Privilege.MOBILE.name())); - } else { - final List privileges = user.privileges(); - for (Privilege privilege : privileges) { - this.grantedAuthorities.add(new SimpleGrantedAuthority(ROLE_PREFIX + privilege.name())); - } + + final List privileges = user.privileges(); + for (Privilege privilege : privileges) { + this.grantedAuthorities.add(new SimpleGrantedAuthority(ROLE_PREFIX + privilege.name())); } } diff --git a/src/main/java/com/monkeyk/sos/domain/user/Privilege.java b/src/main/java/com/monkeyk/sos/domain/user/Privilege.java index d11eab7..038c043 100644 --- a/src/main/java/com/monkeyk/sos/domain/user/Privilege.java +++ b/src/main/java/com/monkeyk/sos/domain/user/Privilege.java @@ -7,6 +7,7 @@ public enum Privilege { USER, //Default privilege + ADMIN, //admin UNITY, MOBILE } \ No newline at end of file diff --git a/src/main/java/com/monkeyk/sos/service/impl/UserServiceImpl.java b/src/main/java/com/monkeyk/sos/service/impl/UserServiceImpl.java index 164457a..6733d77 100644 --- a/src/main/java/com/monkeyk/sos/service/impl/UserServiceImpl.java +++ b/src/main/java/com/monkeyk/sos/service/impl/UserServiceImpl.java @@ -4,7 +4,7 @@ import com.monkeyk.sos.service.dto.UserDto; import com.monkeyk.sos.service.dto.UserFormDto; import com.monkeyk.sos.service.dto.UserJsonDto; import com.monkeyk.sos.service.dto.UserOverviewDto; -import com.monkeyk.sos.domain.shared.security.WdcyUserDetails; +import com.monkeyk.sos.domain.shared.security.SOSUserDetails; import com.monkeyk.sos.domain.user.User; import com.monkeyk.sos.domain.user.UserRepository; import com.monkeyk.sos.service.UserService; @@ -39,7 +39,7 @@ public class UserServiceImpl implements UserService { throw new UsernameNotFoundException("Not found any user for username[" + username + "]"); } - return new WdcyUserDetails(user); + return new SOSUserDetails(user); } @Override @@ -52,7 +52,7 @@ public class UserServiceImpl implements UserService { (principal instanceof String || principal instanceof org.springframework.security.core.userdetails.User)) { return loadOauthUserJsonDto((OAuth2Authentication) authentication); } else { - final WdcyUserDetails userDetails = (WdcyUserDetails) principal; + final SOSUserDetails userDetails = (SOSUserDetails) principal; return new UserJsonDto(userRepository.findByGuid(userDetails.user().guid())); } } diff --git a/src/main/webapp/WEB-INF/jsp/index.jsp b/src/main/webapp/WEB-INF/jsp/index.jsp index 48b8b23..4dfca9f 100644 --- a/src/main/webapp/WEB-INF/jsp/index.jsp +++ b/src/main/webapp/WEB-INF/jsp/index.jsp @@ -5,6 +5,7 @@ <%@ page contentType="text/html;charset=UTF-8" language="java" %> <%@ taglib prefix="c" uri="http://java.sun.com/jsp/jstl/core" %> +<%@ taglib prefix="sec" uri="http://www.springframework.org/security/tags" %> <%@ taglib tagdir="/WEB-INF/tags" prefix="tags" %> @@ -22,7 +23,7 @@ Logged: ${SPRING_SECURITY_CONTEXT.authentication.principal.username}
- +
@@ -79,11 +80,13 @@ client_details - 管理ClientDetails

-
  • -

    - User - 管理User -

    -
    • + +
  • +

    + User - 管理User +

    +
    • +

  • Unity - Unity 资源(resource), 需要具有 [ROLE_UNITY] 权限(resourceId: diff --git a/src/main/webapp/WEB-INF/jsp/login.jsp b/src/main/webapp/WEB-INF/jsp/login.jsp index 34380fa..facbdc1 100644 --- a/src/main/webapp/WEB-INF/jsp/login.jsp +++ b/src/main/webapp/WEB-INF/jsp/login.jsp @@ -65,14 +65,14 @@ Username Password - Privileges + Remark admin admin - All privileges, allow visit [Mobile] and [Unity] resources + All privileges, allow visit [Mobile] and [Unity] resources, manage user unity