mirror of https://github.com/elunez/eladmin
角色菜单改造完成,去除权限管理,采用按钮方式显示在菜单管理中
dqjdda
parent
e1366ee41a
commit
d5d4801578
|
|
@ -0,0 +1,21 @@
|
|||
package me.zhengjie.config;
|
||||
|
||||
import me.zhengjie.utils.SecurityUtils;
|
||||
import org.springframework.security.core.GrantedAuthority;
|
||||
import org.springframework.stereotype.Service;
|
||||
import java.util.Arrays;
|
||||
import java.util.List;
|
||||
import java.util.stream.Collectors;
|
||||
|
||||
@Service(value = "el")
|
||||
public class ElPermissionConfig {
|
||||
|
||||
public Boolean check(String ...permissions){
|
||||
List<String> elPermissions = SecurityUtils.getUserDetails().getAuthorities().stream().map(GrantedAuthority::getAuthority).collect(Collectors.toList());
|
||||
List<String> list = Arrays.stream(permissions).filter(elPermissions::contains).map(s -> s).collect(Collectors.toList());
|
||||
if(elPermissions.contains("admin") || list.size() != 0){
|
||||
return true;
|
||||
}
|
||||
return false;
|
||||
}
|
||||
}
|
||||
|
|
@ -31,7 +31,7 @@ public class LogController {
|
|||
|
||||
@GetMapping
|
||||
@ApiOperation("日志查询")
|
||||
@PreAuthorize("hasAnyRole('admin')")
|
||||
@PreAuthorize("@el.check()")
|
||||
public ResponseEntity getLogs(LogQueryCriteria criteria, Pageable pageable){
|
||||
criteria.setLogType("INFO");
|
||||
return new ResponseEntity<>(logService.queryAll(criteria,pageable), HttpStatus.OK);
|
||||
|
|
@ -47,7 +47,7 @@ public class LogController {
|
|||
|
||||
@GetMapping(value = "/error")
|
||||
@ApiOperation("错误日志查询")
|
||||
@PreAuthorize("hasAnyRole('admin')")
|
||||
@PreAuthorize("@el.check()")
|
||||
public ResponseEntity getErrorLogs(LogQueryCriteria criteria, Pageable pageable){
|
||||
criteria.setLogType("ERROR");
|
||||
return new ResponseEntity<>(logService.queryAll(criteria,pageable), HttpStatus.OK);
|
||||
|
|
@ -55,7 +55,7 @@ public class LogController {
|
|||
|
||||
@GetMapping(value = "/error/{id}")
|
||||
@ApiOperation("日志异常详情查询")
|
||||
@PreAuthorize("hasAnyRole('admin')")
|
||||
@PreAuthorize("@el.check()")
|
||||
public ResponseEntity getErrorLogs(@PathVariable Long id){
|
||||
return new ResponseEntity<>(logService.findByErrDetail(id), HttpStatus.OK);
|
||||
}
|
||||
|
|
|
|||
|
|
@ -29,7 +29,7 @@ public class RedisController {
|
|||
@Log("查询Redis缓存")
|
||||
@GetMapping
|
||||
@ApiOperation("查询Redis缓存")
|
||||
@PreAuthorize("hasAnyRole('admin','REDIS_ALL','REDIS_SELECT')")
|
||||
@PreAuthorize("@el.check('redis:list')")
|
||||
public ResponseEntity getRedis(String key, Pageable pageable){
|
||||
return new ResponseEntity<>(redisService.findByKey(key,pageable), HttpStatus.OK);
|
||||
}
|
||||
|
|
@ -37,7 +37,7 @@ public class RedisController {
|
|||
@Log("删除Redis缓存")
|
||||
@DeleteMapping
|
||||
@ApiOperation("删除Redis缓存")
|
||||
@PreAuthorize("hasAnyRole('admin','REDIS_ALL','REDIS_DELETE')")
|
||||
@PreAuthorize("@el.check('redis:del')")
|
||||
public ResponseEntity delete(@RequestBody RedisVo resources){
|
||||
redisService.delete(resources.getKey());
|
||||
return new ResponseEntity(HttpStatus.OK);
|
||||
|
|
@ -46,7 +46,7 @@ public class RedisController {
|
|||
@Log("清空Redis缓存")
|
||||
@DeleteMapping(value = "/all")
|
||||
@ApiOperation("清空Redis缓存")
|
||||
@PreAuthorize("hasAnyRole('admin','REDIS_ALL','REDIS_DELETE')")
|
||||
@PreAuthorize("@el.check('redis:del')")
|
||||
public ResponseEntity deleteAll(){
|
||||
redisService.deleteAll();
|
||||
return new ResponseEntity(HttpStatus.OK);
|
||||
|
|
|
|||
|
|
@ -36,14 +36,14 @@ public class QuartzJobController {
|
|||
@Log("查询定时任务")
|
||||
@ApiOperation("查询定时任务")
|
||||
@GetMapping
|
||||
@PreAuthorize("hasAnyRole('admin','JOB_ALL','JOB_SELECT')")
|
||||
@PreAuthorize("@el.check('timing:list')")
|
||||
public ResponseEntity getJobs(JobQueryCriteria criteria, Pageable pageable){
|
||||
return new ResponseEntity<>(quartzJobService.queryAll(criteria,pageable), HttpStatus.OK);
|
||||
}
|
||||
|
||||
@ApiOperation("查询任务执行日志")
|
||||
@GetMapping(value = "/logs")
|
||||
@PreAuthorize("hasAnyRole('admin','JOB_ALL','JOB_SELECT')")
|
||||
@PreAuthorize("@el.check('timing:list')")
|
||||
public ResponseEntity getJobLogs(JobQueryCriteria criteria, Pageable pageable){
|
||||
return new ResponseEntity<>(quartzJobService.queryAllLog(criteria,pageable), HttpStatus.OK);
|
||||
}
|
||||
|
|
@ -51,7 +51,7 @@ public class QuartzJobController {
|
|||
@Log("新增定时任务")
|
||||
@ApiOperation("新增定时任务")
|
||||
@PostMapping
|
||||
@PreAuthorize("hasAnyRole('admin','JOB_ALL','JOB_CREATE')")
|
||||
@PreAuthorize("@el.check('timing:add')")
|
||||
public ResponseEntity create(@Validated @RequestBody QuartzJob resources){
|
||||
if (resources.getId() != null) {
|
||||
throw new BadRequestException("A new "+ ENTITY_NAME +" cannot already have an ID");
|
||||
|
|
@ -62,7 +62,7 @@ public class QuartzJobController {
|
|||
@Log("修改定时任务")
|
||||
@ApiOperation("修改定时任务")
|
||||
@PutMapping
|
||||
@PreAuthorize("hasAnyRole('admin','JOB_ALL','JOB_EDIT')")
|
||||
@PreAuthorize("@el.check('timing:edit')")
|
||||
public ResponseEntity update(@Validated(QuartzJob.Update.class) @RequestBody QuartzJob resources){
|
||||
quartzJobService.update(resources);
|
||||
return new ResponseEntity(HttpStatus.NO_CONTENT);
|
||||
|
|
@ -71,7 +71,7 @@ public class QuartzJobController {
|
|||
@Log("更改定时任务状态")
|
||||
@ApiOperation("更改定时任务状态")
|
||||
@PutMapping(value = "/{id}")
|
||||
@PreAuthorize("hasAnyRole('admin','JOB_ALL','JOB_EDIT')")
|
||||
@PreAuthorize("@el.check('timing:edit')")
|
||||
public ResponseEntity updateIsPause(@PathVariable Long id){
|
||||
quartzJobService.updateIsPause(quartzJobService.findById(id));
|
||||
return new ResponseEntity(HttpStatus.NO_CONTENT);
|
||||
|
|
@ -80,7 +80,7 @@ public class QuartzJobController {
|
|||
@Log("执行定时任务")
|
||||
@ApiOperation("执行定时任务")
|
||||
@PutMapping(value = "/exec/{id}")
|
||||
@PreAuthorize("hasAnyRole('admin','JOB_ALL','JOB_EDIT')")
|
||||
@PreAuthorize("@el.check('timing:edit')")
|
||||
public ResponseEntity execution(@PathVariable Long id){
|
||||
quartzJobService.execution(quartzJobService.findById(id));
|
||||
return new ResponseEntity(HttpStatus.NO_CONTENT);
|
||||
|
|
@ -89,7 +89,7 @@ public class QuartzJobController {
|
|||
@Log("删除定时任务")
|
||||
@ApiOperation("删除定时任务")
|
||||
@DeleteMapping(value = "/{id}")
|
||||
@PreAuthorize("hasAnyRole('admin','JOB_ALL','JOB_DELETE')")
|
||||
@PreAuthorize("@el.check('timing:del')")
|
||||
public ResponseEntity delete(@PathVariable Long id){
|
||||
quartzJobService.delete(quartzJobService.findById(id));
|
||||
return new ResponseEntity(HttpStatus.OK);
|
||||
|
|
|
|||
|
|
@ -22,14 +22,14 @@ public class OnlineController {
|
|||
|
||||
@ApiOperation("查询在线用户")
|
||||
@GetMapping
|
||||
@PreAuthorize("hasRole('ADMIN')")
|
||||
@PreAuthorize("@el.check()")
|
||||
public ResponseEntity getAll(String filter, Pageable pageable){
|
||||
return new ResponseEntity<>(onlineUserService.getAll(filter, pageable),HttpStatus.OK);
|
||||
}
|
||||
|
||||
@ApiOperation("踢出用户")
|
||||
@DeleteMapping(value = "/{key}")
|
||||
@PreAuthorize("hasRole('ADMIN')")
|
||||
@PreAuthorize("@el.check()")
|
||||
public ResponseEntity delete(@PathVariable String key) throws Exception {
|
||||
onlineUserService.kickOut(key);
|
||||
return new ResponseEntity(HttpStatus.OK);
|
||||
|
|
|
|||
|
|
@ -1,14 +1,17 @@
|
|||
package me.zhengjie.modules.security.service;
|
||||
|
||||
import me.zhengjie.modules.system.domain.Menu;
|
||||
import me.zhengjie.modules.system.domain.Role;
|
||||
import me.zhengjie.modules.system.repository.RoleRepository;
|
||||
import me.zhengjie.modules.system.service.dto.UserDTO;
|
||||
import me.zhengjie.utils.StringUtils;
|
||||
import org.springframework.cache.annotation.CacheConfig;
|
||||
import org.springframework.cache.annotation.Cacheable;
|
||||
import org.springframework.security.core.GrantedAuthority;
|
||||
import org.springframework.security.core.authority.SimpleGrantedAuthority;
|
||||
import org.springframework.stereotype.Service;
|
||||
import java.util.Collection;
|
||||
import java.util.List;
|
||||
import java.util.Set;
|
||||
import java.util.stream.Collectors;
|
||||
|
||||
|
|
@ -33,9 +36,13 @@ public class JwtPermissionService {
|
|||
System.out.println("--------------------loadPermissionByUser:" + user.getUsername() + "---------------------");
|
||||
|
||||
Set<Role> roles = roleRepository.findByUsers_Id(user.getId());
|
||||
|
||||
return roles.stream().flatMap(role -> role.getPermissions().stream())
|
||||
.map(permission -> new SimpleGrantedAuthority(permission.getName()))
|
||||
Set<String> permissions = roles.stream().filter(role -> StringUtils.isNotBlank(role.getPermission())).map(Role::getPermission).collect(Collectors.toSet());
|
||||
permissions.addAll(
|
||||
roles.stream().flatMap(role -> role.getMenus().stream())
|
||||
.filter(menu -> StringUtils.isNotBlank(menu.getPermission()))
|
||||
.map(Menu::getPermission).collect(Collectors.toSet())
|
||||
);
|
||||
return permissions.stream().map(permission -> new SimpleGrantedAuthority(permission))
|
||||
.collect(Collectors.toList());
|
||||
}
|
||||
}
|
||||
|
|
|
|||
|
|
@ -1,48 +0,0 @@
|
|||
package me.zhengjie.modules.system.domain;
|
||||
|
||||
import com.fasterxml.jackson.annotation.JsonIgnore;
|
||||
import lombok.Getter;
|
||||
import lombok.Setter;
|
||||
import org.hibernate.annotations.CreationTimestamp;
|
||||
import javax.persistence.*;
|
||||
import javax.validation.constraints.NotBlank;
|
||||
import javax.validation.constraints.NotNull;
|
||||
import java.sql.Timestamp;
|
||||
import java.util.Set;
|
||||
|
||||
/**
|
||||
* @author Zheng Jie
|
||||
* @date 2018-12-03
|
||||
*/
|
||||
@Entity
|
||||
@Getter
|
||||
@Setter
|
||||
@Table(name = "permission")
|
||||
public class Permission{
|
||||
|
||||
@Id
|
||||
@GeneratedValue(strategy = GenerationType.IDENTITY)
|
||||
@NotNull(groups = {Update.class})
|
||||
private Long id;
|
||||
|
||||
@NotBlank
|
||||
private String name;
|
||||
|
||||
// 上级类目
|
||||
@NotNull
|
||||
@Column(name = "pid",nullable = false)
|
||||
private Long pid;
|
||||
|
||||
@NotBlank
|
||||
private String alias;
|
||||
|
||||
@Column(name = "create_time")
|
||||
@CreationTimestamp
|
||||
private Timestamp createTime;
|
||||
|
||||
@JsonIgnore
|
||||
@ManyToMany(mappedBy = "permissions")
|
||||
private Set<Role> roles;
|
||||
|
||||
public @interface Update {}
|
||||
}
|
||||
|
|
@ -50,10 +50,6 @@ public class Role{
|
|||
@ManyToMany(mappedBy = "roles")
|
||||
private Set<User> users;
|
||||
|
||||
@ManyToMany
|
||||
@JoinTable(name = "roles_permissions", joinColumns = {@JoinColumn(name = "role_id",referencedColumnName = "id")}, inverseJoinColumns = {@JoinColumn(name = "permission_id",referencedColumnName = "id")})
|
||||
private Set<Permission> permissions;
|
||||
|
||||
@ManyToMany
|
||||
@JoinTable(name = "roles_menus", joinColumns = {@JoinColumn(name = "role_id",referencedColumnName = "id")}, inverseJoinColumns = {@JoinColumn(name = "menu_id",referencedColumnName = "id")})
|
||||
private Set<Menu> menus;
|
||||
|
|
|
|||
|
|
@ -1,17 +0,0 @@
|
|||
package me.zhengjie.modules.system.repository;
|
||||
|
||||
import me.zhengjie.modules.system.domain.Permission;
|
||||
import org.springframework.data.jpa.repository.JpaRepository;
|
||||
import org.springframework.data.jpa.repository.JpaSpecificationExecutor;
|
||||
import java.util.List;
|
||||
|
||||
/**
|
||||
* @author Zheng Jie
|
||||
* @date 2018-12-03
|
||||
*/
|
||||
public interface PermissionRepository extends JpaRepository<Permission, Long>, JpaSpecificationExecutor<Permission> {
|
||||
|
||||
Permission findByName(String name);
|
||||
|
||||
List<Permission> findByPid(long pid);
|
||||
}
|
||||
|
|
@ -17,10 +17,6 @@ public interface RoleRepository extends JpaRepository<Role, Long>, JpaSpecificat
|
|||
|
||||
Set<Role> findByUsers_Id(Long id);
|
||||
|
||||
@Modifying
|
||||
@Query(value = "delete from roles_permissions where permission_id = ?1",nativeQuery = true)
|
||||
void untiedPermission(Long id);
|
||||
|
||||
@Modifying
|
||||
@Query(value = "delete from roles_menus where menu_id = ?1",nativeQuery = true)
|
||||
void untiedMenu(Long id);
|
||||
|
|
|
|||
|
|
@ -40,7 +40,7 @@ public class DeptController {
|
|||
@Log("查询部门")
|
||||
@ApiOperation("查询部门")
|
||||
@GetMapping
|
||||
@PreAuthorize("hasAnyRole('admin','user:all','user:select','DEPT_ALL','DEPT_SELECT')")
|
||||
@PreAuthorize("@el.check('user:list','dept:list')")
|
||||
public ResponseEntity getDepts(DeptQueryCriteria criteria){
|
||||
// 数据权限
|
||||
criteria.setIds(dataScope.getDeptIds());
|
||||
|
|
@ -51,7 +51,7 @@ public class DeptController {
|
|||
@Log("新增部门")
|
||||
@ApiOperation("新增部门")
|
||||
@PostMapping
|
||||
@PreAuthorize("hasAnyRole('admin','DEPT_ALL','DEPT_CREATE')")
|
||||
@PreAuthorize("@el.check('dept:add')")
|
||||
public ResponseEntity create(@Validated @RequestBody Dept resources){
|
||||
if (resources.getId() != null) {
|
||||
throw new BadRequestException("A new "+ ENTITY_NAME +" cannot already have an ID");
|
||||
|
|
@ -62,7 +62,7 @@ public class DeptController {
|
|||
@Log("修改部门")
|
||||
@ApiOperation("修改部门")
|
||||
@PutMapping
|
||||
@PreAuthorize("hasAnyRole('admin','DEPT_ALL','DEPT_EDIT')")
|
||||
@PreAuthorize("@el.check('dept:edit')")
|
||||
public ResponseEntity update(@Validated(Dept.Update.class) @RequestBody Dept resources){
|
||||
deptService.update(resources);
|
||||
return new ResponseEntity(HttpStatus.NO_CONTENT);
|
||||
|
|
@ -71,7 +71,7 @@ public class DeptController {
|
|||
@Log("删除部门")
|
||||
@ApiOperation("删除部门")
|
||||
@DeleteMapping(value = "/{id}")
|
||||
@PreAuthorize("hasAnyRole('admin','DEPT_ALL','DEPT_DELETE')")
|
||||
@PreAuthorize("@el.check('dept:del')")
|
||||
public ResponseEntity delete(@PathVariable Long id){
|
||||
try {
|
||||
deptService.delete(id);
|
||||
|
|
|
|||
|
|
@ -34,7 +34,7 @@ public class DictController {
|
|||
@Log("查询字典")
|
||||
@ApiOperation("查询字典")
|
||||
@GetMapping
|
||||
@PreAuthorize("hasAnyRole('admin','DICT_ALL','DICT_SELECT')")
|
||||
@PreAuthorize("@el.check('dict:list')")
|
||||
public ResponseEntity getDicts(DictQueryCriteria resources, Pageable pageable){
|
||||
return new ResponseEntity<>(dictService.queryAll(resources,pageable),HttpStatus.OK);
|
||||
}
|
||||
|
|
@ -42,7 +42,7 @@ public class DictController {
|
|||
@Log("新增字典")
|
||||
@ApiOperation("新增字典")
|
||||
@PostMapping
|
||||
@PreAuthorize("hasAnyRole('admin','DICT_ALL','DICT_CREATE')")
|
||||
@PreAuthorize("@el.check('dict:add')")
|
||||
public ResponseEntity create(@Validated @RequestBody Dict resources){
|
||||
if (resources.getId() != null) {
|
||||
throw new BadRequestException("A new "+ ENTITY_NAME +" cannot already have an ID");
|
||||
|
|
@ -53,7 +53,7 @@ public class DictController {
|
|||
@Log("修改字典")
|
||||
@ApiOperation("修改字典")
|
||||
@PutMapping
|
||||
@PreAuthorize("hasAnyRole('admin','DICT_ALL','DICT_EDIT')")
|
||||
@PreAuthorize("@el.check('dict:edit')")
|
||||
public ResponseEntity update(@Validated(Dict.Update.class) @RequestBody Dict resources){
|
||||
dictService.update(resources);
|
||||
return new ResponseEntity(HttpStatus.NO_CONTENT);
|
||||
|
|
@ -62,7 +62,7 @@ public class DictController {
|
|||
@Log("删除字典")
|
||||
@ApiOperation("删除字典")
|
||||
@DeleteMapping(value = "/{id}")
|
||||
@PreAuthorize("hasAnyRole('admin','DICT_ALL','DICT_DELETE')")
|
||||
@PreAuthorize("@el.check('dict:del')")
|
||||
public ResponseEntity delete(@PathVariable Long id){
|
||||
dictService.delete(id);
|
||||
return new ResponseEntity(HttpStatus.OK);
|
||||
|
|
|
|||
|
|
@ -60,7 +60,7 @@ public class DictDetailController {
|
|||
@Log("新增字典详情")
|
||||
@ApiOperation("新增字典详情")
|
||||
@PostMapping
|
||||
@PreAuthorize("hasAnyRole('admin','DICT_ALL','DICT_CREATE')")
|
||||
@PreAuthorize("@el.check('dict:add')")
|
||||
public ResponseEntity create(@Validated @RequestBody DictDetail resources){
|
||||
if (resources.getId() != null) {
|
||||
throw new BadRequestException("A new "+ ENTITY_NAME +" cannot already have an ID");
|
||||
|
|
@ -71,7 +71,7 @@ public class DictDetailController {
|
|||
@Log("修改字典详情")
|
||||
@ApiOperation("修改字典详情")
|
||||
@PutMapping
|
||||
@PreAuthorize("hasAnyRole('admin','DICT_ALL','DICT_EDIT')")
|
||||
@PreAuthorize("@el.check('dict:edit')")
|
||||
public ResponseEntity update(@Validated(DictDetail.Update.class) @RequestBody DictDetail resources){
|
||||
dictDetailService.update(resources);
|
||||
return new ResponseEntity(HttpStatus.NO_CONTENT);
|
||||
|
|
@ -80,7 +80,7 @@ public class DictDetailController {
|
|||
@Log("删除字典详情")
|
||||
@ApiOperation("删除字典详情")
|
||||
@DeleteMapping(value = "/{id}")
|
||||
@PreAuthorize("hasAnyRole('admin','DICT_ALL','DICT_DELETE')")
|
||||
@PreAuthorize("@el.check('dict:del')")
|
||||
public ResponseEntity delete(@PathVariable Long id){
|
||||
dictDetailService.delete(id);
|
||||
return new ResponseEntity(HttpStatus.OK);
|
||||
|
|
|
|||
|
|
@ -39,7 +39,7 @@ public class JobController {
|
|||
@Log("查询岗位")
|
||||
@ApiOperation("查询岗位")
|
||||
@GetMapping
|
||||
@PreAuthorize("hasAnyRole('admin','USERJOB_ALL','USERJOB_SELECT','user:all','user:select')")
|
||||
@PreAuthorize("@el.check('job:list','user:list')")
|
||||
public ResponseEntity getJobs(JobQueryCriteria criteria,
|
||||
Pageable pageable){
|
||||
// 数据权限
|
||||
|
|
@ -50,7 +50,7 @@ public class JobController {
|
|||
@Log("新增岗位")
|
||||
@ApiOperation("新增岗位")
|
||||
@PostMapping
|
||||
@PreAuthorize("hasAnyRole('admin','USERJOB_ALL','USERJOB_CREATE')")
|
||||
@PreAuthorize("@el.check('job:add')")
|
||||
public ResponseEntity create(@Validated @RequestBody Job resources){
|
||||
if (resources.getId() != null) {
|
||||
throw new BadRequestException("A new "+ ENTITY_NAME +" cannot already have an ID");
|
||||
|
|
@ -61,7 +61,7 @@ public class JobController {
|
|||
@Log("修改岗位")
|
||||
@ApiOperation("修改岗位")
|
||||
@PutMapping
|
||||
@PreAuthorize("hasAnyRole('admin','USERJOB_ALL','USERJOB_EDIT')")
|
||||
@PreAuthorize("@el.check('job:edit')")
|
||||
public ResponseEntity update(@Validated(Job.Update.class) @RequestBody Job resources){
|
||||
jobService.update(resources);
|
||||
return new ResponseEntity(HttpStatus.NO_CONTENT);
|
||||
|
|
@ -70,7 +70,7 @@ public class JobController {
|
|||
@Log("删除岗位")
|
||||
@ApiOperation("删除岗位")
|
||||
@DeleteMapping(value = "/{id}")
|
||||
@PreAuthorize("hasAnyRole('admin','USERJOB_ALL','USERJOB_DELETE')")
|
||||
@PreAuthorize("@el.check('job:del')")
|
||||
public ResponseEntity delete(@PathVariable Long id){
|
||||
try {
|
||||
jobService.delete(id);
|
||||
|
|
|
|||
|
|
@ -56,7 +56,7 @@ public class MenuController {
|
|||
|
||||
@ApiOperation("返回全部的菜单")
|
||||
@GetMapping(value = "/tree")
|
||||
@PreAuthorize("hasAnyRole('admin','MENU_ALL','MENU_CREATE','MENU_EDIT','ROLES_SELECT','ROLES_ALL')")
|
||||
@PreAuthorize("@el.check('menu:list','roles:list')")
|
||||
public ResponseEntity getMenuTree(){
|
||||
return new ResponseEntity<>(menuService.getMenuTree(menuService.findByPid(0L)),HttpStatus.OK);
|
||||
}
|
||||
|
|
@ -64,7 +64,7 @@ public class MenuController {
|
|||
@Log("查询菜单")
|
||||
@ApiOperation("查询菜单")
|
||||
@GetMapping
|
||||
@PreAuthorize("hasAnyRole('admin','MENU_ALL','MENU_SELECT')")
|
||||
@PreAuthorize("@el.check('menu:list')")
|
||||
public ResponseEntity getMenus(MenuQueryCriteria criteria){
|
||||
List<MenuDTO> menuDTOList = menuService.queryAll(criteria);
|
||||
return new ResponseEntity<>(menuService.buildTree(menuDTOList),HttpStatus.OK);
|
||||
|
|
@ -73,7 +73,7 @@ public class MenuController {
|
|||
@Log("新增菜单")
|
||||
@ApiOperation("新增菜单")
|
||||
@PostMapping
|
||||
@PreAuthorize("hasAnyRole('admin','MENU_ALL','MENU_CREATE')")
|
||||
@PreAuthorize("@el.check('menu:add')")
|
||||
public ResponseEntity create(@Validated @RequestBody Menu resources){
|
||||
if (resources.getId() != null) {
|
||||
throw new BadRequestException("A new "+ ENTITY_NAME +" cannot already have an ID");
|
||||
|
|
@ -84,7 +84,7 @@ public class MenuController {
|
|||
@Log("修改菜单")
|
||||
@ApiOperation("修改菜单")
|
||||
@PutMapping
|
||||
@PreAuthorize("hasAnyRole('admin','MENU_ALL','MENU_EDIT')")
|
||||
@PreAuthorize("@el.check('menu:edit')")
|
||||
public ResponseEntity update(@Validated(Menu.Update.class) @RequestBody Menu resources){
|
||||
menuService.update(resources);
|
||||
return new ResponseEntity(HttpStatus.NO_CONTENT);
|
||||
|
|
@ -93,7 +93,7 @@ public class MenuController {
|
|||
@Log("删除菜单")
|
||||
@ApiOperation("删除菜单")
|
||||
@DeleteMapping(value = "/{id}")
|
||||
@PreAuthorize("hasAnyRole('admin','MENU_ALL','MENU_DELETE')")
|
||||
@PreAuthorize("@el.check('menu:del')")
|
||||
public ResponseEntity delete(@PathVariable Long id){
|
||||
List<Menu> menuList = menuService.findByPid(id);
|
||||
Set<Menu> menuSet = new HashSet<>();
|
||||
|
|
|
|||
|
|
@ -1,89 +0,0 @@
|
|||
package me.zhengjie.modules.system.rest;
|
||||
|
||||
import io.swagger.annotations.Api;
|
||||
import io.swagger.annotations.ApiOperation;
|
||||
import me.zhengjie.aop.log.Log;
|
||||
import me.zhengjie.modules.system.domain.Permission;
|
||||
import me.zhengjie.exception.BadRequestException;
|
||||
import me.zhengjie.modules.system.service.PermissionService;
|
||||
import me.zhengjie.modules.system.service.dto.PermissionDTO;
|
||||
import me.zhengjie.modules.system.service.dto.PermissionQueryCriteria;
|
||||
import me.zhengjie.modules.system.service.mapper.PermissionMapper;
|
||||
import org.springframework.http.HttpStatus;
|
||||
import org.springframework.http.ResponseEntity;
|
||||
import org.springframework.security.access.prepost.PreAuthorize;
|
||||
import org.springframework.validation.annotation.Validated;
|
||||
import org.springframework.web.bind.annotation.*;
|
||||
import java.util.HashSet;
|
||||
import java.util.List;
|
||||
import java.util.Set;
|
||||
|
||||
/**
|
||||
* @author Zheng Jie
|
||||
* @date 2018-12-03
|
||||
*/
|
||||
@Api(tags = "系统:权限管理")
|
||||
@RestController
|
||||
@RequestMapping("/api/permissions")
|
||||
public class PermissionController {
|
||||
|
||||
private final PermissionService permissionService;
|
||||
|
||||
private final PermissionMapper permissionMapper;
|
||||
|
||||
private static final String ENTITY_NAME = "permission";
|
||||
|
||||
public PermissionController(PermissionService permissionService, PermissionMapper permissionMapper) {
|
||||
this.permissionService = permissionService;
|
||||
this.permissionMapper = permissionMapper;
|
||||
}
|
||||
|
||||
@ApiOperation("返回全部的权限,新增角色时下拉选择")
|
||||
@GetMapping(value = "/tree")
|
||||
@PreAuthorize("hasAnyRole('admin','PERMISSION_ALL','PERMISSION_CREATE','PERMISSION_EDIT','ROLES_SELECT','ROLES_ALL')")
|
||||
public ResponseEntity getTree(){
|
||||
return new ResponseEntity<>(permissionService.getPermissionTree(permissionService.findByPid(0L)),HttpStatus.OK);
|
||||
}
|
||||
|
||||
@Log("查询权限")
|
||||
@ApiOperation("查询权限")
|
||||
@GetMapping
|
||||
@PreAuthorize("hasAnyRole('admin','PERMISSION_ALL','PERMISSION_SELECT')")
|
||||
public ResponseEntity getPermissions(PermissionQueryCriteria criteria){
|
||||
List<PermissionDTO> permissionDTOS = permissionService.queryAll(criteria);
|
||||
return new ResponseEntity<>(permissionService.buildTree(permissionDTOS),HttpStatus.OK);
|
||||
}
|
||||
|
||||
@Log("新增权限")
|
||||
@ApiOperation("新增权限")
|
||||
@PostMapping
|
||||
@PreAuthorize("hasAnyRole('admin','PERMISSION_ALL','PERMISSION_CREATE')")
|
||||
public ResponseEntity create(@Validated @RequestBody Permission resources){
|
||||
if (resources.getId() != null) {
|
||||
throw new BadRequestException("A new "+ ENTITY_NAME +" cannot already have an ID");
|
||||
}
|
||||
return new ResponseEntity<>(permissionService.create(resources),HttpStatus.CREATED);
|
||||
}
|
||||
|
||||
@Log("修改权限")
|
||||
@ApiOperation("修改权限")
|
||||
@PutMapping
|
||||
@PreAuthorize("hasAnyRole('admin','PERMISSION_ALL','PERMISSION_EDIT')")
|
||||
public ResponseEntity update(@Validated(Permission.Update.class) @RequestBody Permission resources){
|
||||
permissionService.update(resources);
|
||||
return new ResponseEntity(HttpStatus.NO_CONTENT);
|
||||
}
|
||||
|
||||
@Log("删除权限")
|
||||
@ApiOperation("删除权限")
|
||||
@DeleteMapping(value = "/{id}")
|
||||
@PreAuthorize("hasAnyRole('admin','PERMISSION_ALL','PERMISSION_DELETE')")
|
||||
public ResponseEntity delete(@PathVariable Long id){
|
||||
List<Permission> permissions = permissionService.findByPid(id);
|
||||
Set<Permission> permissionSet = new HashSet<>();
|
||||
permissionSet.add(permissionMapper.toEntity(permissionService.findById(id)));
|
||||
permissionSet = permissionService.getDeletePermission(permissions, permissionSet);
|
||||
permissionService.delete(permissionSet);
|
||||
return new ResponseEntity(HttpStatus.OK);
|
||||
}
|
||||
}
|
||||
|
|
@ -42,14 +42,14 @@ public class RoleController {
|
|||
|
||||
@ApiOperation("获取单个role")
|
||||
@GetMapping(value = "/{id}")
|
||||
@PreAuthorize("hasAnyRole('admin','ROLES_ALL','ROLES_SELECT')")
|
||||
@PreAuthorize("@el.check('roles:list')")
|
||||
public ResponseEntity getRoles(@PathVariable Long id){
|
||||
return new ResponseEntity<>(roleService.findById(id), HttpStatus.OK);
|
||||
}
|
||||
|
||||
@ApiOperation("返回全部的角色")
|
||||
@GetMapping(value = "/all")
|
||||
@PreAuthorize("hasAnyRole('admin','ROLES_ALL','user:all','user:add','user:edit')")
|
||||
@PreAuthorize("@el.check('roles:list','user:add','user:edit')")
|
||||
public ResponseEntity getAll(@PageableDefault(value = 2000, sort = {"level"}, direction = Sort.Direction.ASC) Pageable pageable){
|
||||
return new ResponseEntity<>(roleService.queryAll(pageable),HttpStatus.OK);
|
||||
}
|
||||
|
|
@ -57,7 +57,7 @@ public class RoleController {
|
|||
@Log("查询角色")
|
||||
@ApiOperation("查询角色")
|
||||
@GetMapping
|
||||
@PreAuthorize("hasAnyRole('admin','ROLES_ALL','ROLES_SELECT')")
|
||||
@PreAuthorize("@el.check('roles:list')")
|
||||
public ResponseEntity getRoles(RoleQueryCriteria criteria, Pageable pageable){
|
||||
return new ResponseEntity<>(roleService.queryAll(criteria,pageable),HttpStatus.OK);
|
||||
}
|
||||
|
|
@ -72,7 +72,7 @@ public class RoleController {
|
|||
@Log("新增角色")
|
||||
@ApiOperation("新增角色")
|
||||
@PostMapping
|
||||
@PreAuthorize("hasAnyRole('admin','ROLES_ALL','ROLES_CREATE')")
|
||||
@PreAuthorize("@el.check('roles:add')")
|
||||
public ResponseEntity create(@Validated @RequestBody Role resources){
|
||||
if (resources.getId() != null) {
|
||||
throw new BadRequestException("A new "+ ENTITY_NAME +" cannot already have an ID");
|
||||
|
|
@ -83,25 +83,16 @@ public class RoleController {
|
|||
@Log("修改角色")
|
||||
@ApiOperation("修改角色")
|
||||
@PutMapping
|
||||
@PreAuthorize("hasAnyRole('admin','ROLES_ALL','ROLES_EDIT')")
|
||||
@PreAuthorize("@el.check('roles:edit')")
|
||||
public ResponseEntity update(@Validated(Role.Update.class) @RequestBody Role resources){
|
||||
roleService.update(resources);
|
||||
return new ResponseEntity(HttpStatus.NO_CONTENT);
|
||||
}
|
||||
|
||||
@Log("修改角色权限")
|
||||
@ApiOperation("修改角色权限")
|
||||
@PutMapping(value = "/permission")
|
||||
@PreAuthorize("hasAnyRole('admin','ROLES_ALL','ROLES_EDIT')")
|
||||
public ResponseEntity updatePermission(@RequestBody Role resources){
|
||||
roleService.updatePermission(resources,roleService.findById(resources.getId()));
|
||||
return new ResponseEntity(HttpStatus.NO_CONTENT);
|
||||
}
|
||||
|
||||
@Log("修改角色菜单")
|
||||
@ApiOperation("修改角色菜单")
|
||||
@PutMapping(value = "/menu")
|
||||
@PreAuthorize("hasAnyRole('admin','ROLES_ALL','ROLES_EDIT')")
|
||||
@PreAuthorize("@el.check('roles:edit')")
|
||||
public ResponseEntity updateMenu(@RequestBody Role resources){
|
||||
roleService.updateMenu(resources,roleService.findById(resources.getId()));
|
||||
return new ResponseEntity(HttpStatus.NO_CONTENT);
|
||||
|
|
@ -110,7 +101,7 @@ public class RoleController {
|
|||
@Log("删除角色")
|
||||
@ApiOperation("删除角色")
|
||||
@DeleteMapping(value = "/{id}")
|
||||
@PreAuthorize("hasAnyRole('admin','ROLES_ALL','ROLES_DELETE')")
|
||||
@PreAuthorize("@el.check('roles:del')")
|
||||
public ResponseEntity delete(@PathVariable Long id){
|
||||
try {
|
||||
roleService.delete(id);
|
||||
|
|
|
|||
|
|
@ -60,7 +60,7 @@ public class UserController {
|
|||
@Log("导出用户数据")
|
||||
@ApiOperation("导出用户数据")
|
||||
@GetMapping(value = "/download")
|
||||
@PreAuthorize("hasAnyRole('admin','user:all','user:select')")
|
||||
@PreAuthorize("@el.check('user:list')")
|
||||
public void update(HttpServletResponse response, UserQueryCriteria criteria) throws IOException {
|
||||
userService.download(userService.queryAll(criteria), response);
|
||||
}
|
||||
|
|
@ -68,26 +68,21 @@ public class UserController {
|
|||
@Log("查询用户")
|
||||
@ApiOperation("查询用户")
|
||||
@GetMapping
|
||||
@PreAuthorize("hasAnyRole('admin','user:all','user:select')")
|
||||
@PreAuthorize("@el.check('user:list')")
|
||||
public ResponseEntity getUsers(UserQueryCriteria criteria, Pageable pageable){
|
||||
Set<Long> deptSet = new HashSet<>();
|
||||
Set<Long> result = new HashSet<>();
|
||||
|
||||
if (!ObjectUtils.isEmpty(criteria.getDeptId())) {
|
||||
deptSet.add(criteria.getDeptId());
|
||||
deptSet.addAll(dataScope.getDeptChildren(deptService.findByPid(criteria.getDeptId())));
|
||||
}
|
||||
|
||||
// 数据权限
|
||||
Set<Long> deptIds = dataScope.getDeptIds();
|
||||
|
||||
// 查询条件不为空并且数据权限不为空则取交集
|
||||
if (!CollectionUtils.isEmpty(deptIds) && !CollectionUtils.isEmpty(deptSet)){
|
||||
|
||||
// 取交集
|
||||
result.addAll(deptSet);
|
||||
result.retainAll(deptIds);
|
||||
|
||||
// 若无交集,则代表无数据权限
|
||||
criteria.setDeptIds(result);
|
||||
if(result.size() == 0){
|
||||
|
|
@ -105,7 +100,7 @@ public class UserController {
|
|||
@Log("新增用户")
|
||||
@ApiOperation("新增用户")
|
||||
@PostMapping
|
||||
@PreAuthorize("hasAnyRole('admin','user:all','user:add')")
|
||||
@PreAuthorize("@el.check('user:add')")
|
||||
public ResponseEntity create(@Validated @RequestBody User resources){
|
||||
checkLevel(resources);
|
||||
return new ResponseEntity<>(userService.create(resources),HttpStatus.CREATED);
|
||||
|
|
@ -114,7 +109,7 @@ public class UserController {
|
|||
@Log("修改用户")
|
||||
@ApiOperation("修改用户")
|
||||
@PutMapping
|
||||
@PreAuthorize("hasAnyRole('admin','user:all','user:edit')")
|
||||
@PreAuthorize("@el.check('user:edit')")
|
||||
public ResponseEntity update(@Validated(User.Update.class) @RequestBody User resources){
|
||||
checkLevel(resources);
|
||||
userService.update(resources);
|
||||
|
|
@ -124,7 +119,7 @@ public class UserController {
|
|||
@Log("删除用户")
|
||||
@ApiOperation("删除用户")
|
||||
@DeleteMapping(value = "/{id}")
|
||||
@PreAuthorize("hasAnyRole('admin','user:all','user:del')")
|
||||
@PreAuthorize("@el.check('user:del')")
|
||||
public ResponseEntity delete(@PathVariable Long id){
|
||||
Integer currentLevel = Collections.min(roleService.findByUsers_Id(SecurityUtils.getUserId()).stream().map(RoleSmallDTO::getLevel).collect(Collectors.toList()));
|
||||
Integer optLevel = Collections.min(roleService.findByUsers_Id(id).stream().map(RoleSmallDTO::getLevel).collect(Collectors.toList()));
|
||||
|
|
@ -171,8 +166,6 @@ public class UserController {
|
|||
return new ResponseEntity(HttpStatus.OK);
|
||||
}
|
||||
|
||||
|
||||
|
||||
/**
|
||||
* 如果当前用户的角色级别低于创建用户的角色级别,则抛出权限不足的错误
|
||||
* @param resources /
|
||||
|
|
|
|||
|
|
@ -1,32 +0,0 @@
|
|||
package me.zhengjie.modules.system.service;
|
||||
|
||||
import me.zhengjie.modules.system.domain.Permission;
|
||||
import me.zhengjie.modules.system.service.dto.PermissionDTO;
|
||||
import me.zhengjie.modules.system.service.dto.PermissionQueryCriteria;
|
||||
import java.util.List;
|
||||
import java.util.Set;
|
||||
|
||||
/**
|
||||
* @author Zheng Jie
|
||||
* @date 2018-12-08
|
||||
*/
|
||||
public interface PermissionService {
|
||||
|
||||
PermissionDTO findById(long id);
|
||||
|
||||
PermissionDTO create(Permission resources);
|
||||
|
||||
void update(Permission resources);
|
||||
|
||||
void delete(Set<Permission> permissions);
|
||||
|
||||
Object getPermissionTree(List<Permission> permissions);
|
||||
|
||||
List<Permission> findByPid(long pid);
|
||||
|
||||
Object buildTree(List<PermissionDTO> permissionDTOS);
|
||||
|
||||
List<PermissionDTO> queryAll(PermissionQueryCriteria criteria);
|
||||
|
||||
Set<Permission> getDeletePermission(List<Permission> permissions, Set<Permission> permissionSet);
|
||||
}
|
||||
|
|
@ -26,8 +26,6 @@ public interface RoleService {
|
|||
|
||||
Integer findByRoles(Set<Role> roles);
|
||||
|
||||
void updatePermission(Role resources, RoleDTO roleDTO);
|
||||
|
||||
void updateMenu(Role resources, RoleDTO roleDTO);
|
||||
|
||||
void untiedMenu(Long id);
|
||||
|
|
@ -37,6 +35,4 @@ public interface RoleService {
|
|||
Object queryAll(RoleQueryCriteria criteria, Pageable pageable);
|
||||
|
||||
List<RoleDTO> queryAll(RoleQueryCriteria criteria);
|
||||
|
||||
void untiedPermission(Long id);
|
||||
}
|
||||
|
|
|
|||
|
|
@ -1,28 +0,0 @@
|
|||
package me.zhengjie.modules.system.service.dto;
|
||||
|
||||
import lombok.Getter;
|
||||
import lombok.Setter;
|
||||
|
||||
import java.sql.Timestamp;
|
||||
import java.util.List;
|
||||
|
||||
/**
|
||||
* @author Zheng Jie
|
||||
* @date 2018-12-03
|
||||
*/
|
||||
@Getter
|
||||
@Setter
|
||||
public class PermissionDTO{
|
||||
|
||||
private Long id;
|
||||
|
||||
private String name;
|
||||
|
||||
private Long pid;
|
||||
|
||||
private String alias;
|
||||
|
||||
private List<PermissionDTO> children;
|
||||
|
||||
private Timestamp createTime;
|
||||
}
|
||||
|
|
@ -1,15 +0,0 @@
|
|||
package me.zhengjie.modules.system.service.dto;
|
||||
|
||||
import lombok.Data;
|
||||
import me.zhengjie.annotation.Query;
|
||||
|
||||
/**
|
||||
* 公共查询类
|
||||
*/
|
||||
@Data
|
||||
public class PermissionQueryCriteria {
|
||||
|
||||
// 多字段模糊
|
||||
@Query(blurry = "name,alias")
|
||||
private String blurry;
|
||||
}
|
||||
|
|
@ -26,8 +26,6 @@ public class RoleDTO{
|
|||
|
||||
private String permission;
|
||||
|
||||
private Set<PermissionDTO> permissions;
|
||||
|
||||
private Set<MenuDTO> menus;
|
||||
|
||||
private Set<DeptDTO> depts;
|
||||
|
|
|
|||
|
|
@ -1,169 +0,0 @@
|
|||
package me.zhengjie.modules.system.service.impl;
|
||||
|
||||
import me.zhengjie.modules.system.domain.Permission;
|
||||
import me.zhengjie.exception.BadRequestException;
|
||||
import me.zhengjie.exception.EntityExistException;
|
||||
import me.zhengjie.modules.system.repository.PermissionRepository;
|
||||
import me.zhengjie.modules.system.service.PermissionService;
|
||||
import me.zhengjie.modules.system.service.RoleService;
|
||||
import me.zhengjie.modules.system.service.dto.PermissionDTO;
|
||||
import me.zhengjie.modules.system.service.dto.PermissionQueryCriteria;
|
||||
import me.zhengjie.modules.system.service.mapper.PermissionMapper;
|
||||
import me.zhengjie.utils.QueryHelp;
|
||||
import me.zhengjie.utils.ValidationUtil;
|
||||
import org.springframework.cache.annotation.CacheConfig;
|
||||
import org.springframework.cache.annotation.CacheEvict;
|
||||
import org.springframework.cache.annotation.Cacheable;
|
||||
import org.springframework.data.domain.Sort;
|
||||
import org.springframework.stereotype.Service;
|
||||
import org.springframework.transaction.annotation.Propagation;
|
||||
import org.springframework.transaction.annotation.Transactional;
|
||||
import java.util.*;
|
||||
|
||||
/**
|
||||
* @author Zheng Jie
|
||||
* @date 2018-12-03
|
||||
*/
|
||||
@Service
|
||||
@CacheConfig(cacheNames = "permission")
|
||||
@Transactional(propagation = Propagation.SUPPORTS, readOnly = true, rollbackFor = Exception.class)
|
||||
public class PermissionServiceImpl implements PermissionService {
|
||||
|
||||
private final PermissionRepository permissionRepository;
|
||||
|
||||
private final PermissionMapper permissionMapper;
|
||||
|
||||
private final RoleService roleService;
|
||||
|
||||
public PermissionServiceImpl(PermissionRepository permissionRepository, PermissionMapper permissionMapper, RoleService roleService) {
|
||||
this.permissionRepository = permissionRepository;
|
||||
this.permissionMapper = permissionMapper;
|
||||
this.roleService = roleService;
|
||||
}
|
||||
|
||||
@Override
|
||||
@Cacheable
|
||||
public List<PermissionDTO> queryAll(PermissionQueryCriteria criteria) {
|
||||
// Sort sort = new Sort(Sort.Direction.DESC,"id");
|
||||
return permissionMapper.toDto(permissionRepository.findAll((root, criteriaQuery, criteriaBuilder) -> QueryHelp.getPredicate(root,criteria,criteriaBuilder)));
|
||||
}
|
||||
|
||||
@Override
|
||||
@Cacheable(key = "#p0")
|
||||
public PermissionDTO findById(long id) {
|
||||
Permission permission = permissionRepository.findById(id).orElseGet(Permission::new);
|
||||
ValidationUtil.isNull(permission.getId(),"Permission","id",id);
|
||||
return permissionMapper.toDto(permission);
|
||||
}
|
||||
|
||||
@Override
|
||||
@CacheEvict(allEntries = true)
|
||||
@Transactional(rollbackFor = Exception.class)
|
||||
public PermissionDTO create(Permission resources) {
|
||||
if(permissionRepository.findByName(resources.getName()) != null){
|
||||
throw new EntityExistException(Permission.class,"name",resources.getName());
|
||||
}
|
||||
return permissionMapper.toDto(permissionRepository.save(resources));
|
||||
}
|
||||
|
||||
@Override
|
||||
@CacheEvict(allEntries = true)
|
||||
@Transactional(rollbackFor = Exception.class)
|
||||
public void update(Permission resources) {
|
||||
Permission permission = permissionRepository.findById(resources.getId()).orElseGet(Permission::new);
|
||||
if(resources.getId().equals(resources.getPid())) {
|
||||
throw new BadRequestException("上级不能为自己");
|
||||
}
|
||||
ValidationUtil.isNull(permission.getId(),"Permission","id",resources.getId());
|
||||
|
||||
Permission permission1 = permissionRepository.findByName(resources.getName());
|
||||
|
||||
if(permission1 != null && !permission1.getId().equals(permission.getId())){
|
||||
throw new EntityExistException(Permission.class,"name",resources.getName());
|
||||
}
|
||||
|
||||
permission.setName(resources.getName());
|
||||
permission.setAlias(resources.getAlias());
|
||||
permission.setPid(resources.getPid());
|
||||
permissionRepository.save(permission);
|
||||
}
|
||||
|
||||
@Override
|
||||
public Set<Permission> getDeletePermission(List<Permission> permissions, Set<Permission> permissionSet) {
|
||||
// 递归找出待删除的菜单
|
||||
for (Permission permission : permissions) {
|
||||
permissionSet.add(permission);
|
||||
List<Permission> permissionList = permissionRepository.findByPid(permission.getId());
|
||||
if(permissionList!=null && permissionList.size()!=0){
|
||||
getDeletePermission(permissionList, permissionSet);
|
||||
}
|
||||
}
|
||||
return permissionSet;
|
||||
}
|
||||
|
||||
@Override
|
||||
@CacheEvict(allEntries = true)
|
||||
@Transactional(rollbackFor = Exception.class)
|
||||
public void delete(Set<Permission> permissions) {
|
||||
for (Permission permission : permissions) {
|
||||
roleService.untiedPermission(permission.getId());
|
||||
permissionRepository.delete(permission);
|
||||
}
|
||||
}
|
||||
|
||||
@Override
|
||||
@Cacheable(key = "'tree'")
|
||||
public Object getPermissionTree(List<Permission> permissions) {
|
||||
List<Map<String,Object>> list = new LinkedList<>();
|
||||
permissions.forEach(permission -> {
|
||||
if (permission!=null){
|
||||
List<Permission> permissionList = permissionRepository.findByPid(permission.getId());
|
||||
Map<String,Object> map = new HashMap<>();
|
||||
map.put("id",permission.getId());
|
||||
map.put("label",permission.getAlias());
|
||||
if(permissionList!=null && permissionList.size()!=0){
|
||||
map.put("children",getPermissionTree(permissionList));
|
||||
}
|
||||
list.add(map);
|
||||
}
|
||||
}
|
||||
);
|
||||
return list;
|
||||
}
|
||||
|
||||
@Override
|
||||
@Cacheable(key = "'pid:'+#p0")
|
||||
public List<Permission> findByPid(long pid) {
|
||||
return permissionRepository.findByPid(pid);
|
||||
}
|
||||
|
||||
@Override
|
||||
@Cacheable
|
||||
public Object buildTree(List<PermissionDTO> permissionDTOS) {
|
||||
|
||||
List<PermissionDTO> trees = new ArrayList<>();
|
||||
|
||||
for (PermissionDTO permissionDTO : permissionDTOS) {
|
||||
|
||||
if ("0".equals(permissionDTO.getPid().toString())) {
|
||||
trees.add(permissionDTO);
|
||||
}
|
||||
|
||||
for (PermissionDTO it : permissionDTOS) {
|
||||
if (it.getPid().equals(permissionDTO.getId())) {
|
||||
if (permissionDTO.getChildren() == null) {
|
||||
permissionDTO.setChildren(new ArrayList<>());
|
||||
}
|
||||
permissionDTO.getChildren().add(it);
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
Integer totalElements = permissionDTOS.size();
|
||||
|
||||
Map<String,Object> map = new HashMap<>();
|
||||
map.put("content",trees.size() == 0?permissionDTOS:trees);
|
||||
map.put("totalElements",totalElements);
|
||||
return map;
|
||||
}
|
||||
}
|
||||
|
|
@ -102,14 +102,6 @@ public class RoleServiceImpl implements RoleService {
|
|||
roleRepository.save(role);
|
||||
}
|
||||
|
||||
@Override
|
||||
@CacheEvict(allEntries = true)
|
||||
public void updatePermission(Role resources, RoleDTO roleDTO) {
|
||||
Role role = roleMapper.toEntity(roleDTO);
|
||||
role.setPermissions(resources.getPermissions());
|
||||
roleRepository.save(role);
|
||||
}
|
||||
|
||||
@Override
|
||||
@CacheEvict(allEntries = true)
|
||||
public void updateMenu(Role resources, RoleDTO roleDTO) {
|
||||
|
|
@ -125,13 +117,6 @@ public class RoleServiceImpl implements RoleService {
|
|||
roleRepository.untiedMenu(id);
|
||||
}
|
||||
|
||||
@Override
|
||||
@CacheEvict(allEntries = true)
|
||||
@Transactional(rollbackFor = Exception.class)
|
||||
public void untiedPermission(Long id) {
|
||||
roleRepository.untiedPermission(id);
|
||||
}
|
||||
|
||||
@Override
|
||||
@CacheEvict(allEntries = true)
|
||||
@Transactional(rollbackFor = Exception.class)
|
||||
|
|
|
|||
|
|
@ -1,16 +0,0 @@
|
|||
package me.zhengjie.modules.system.service.mapper;
|
||||
|
||||
import me.zhengjie.modules.system.domain.Permission;
|
||||
import me.zhengjie.base.BaseMapper;
|
||||
import me.zhengjie.modules.system.service.dto.PermissionDTO;
|
||||
import org.mapstruct.Mapper;
|
||||
import org.mapstruct.ReportingPolicy;
|
||||
|
||||
/**
|
||||
* @author Zheng Jie
|
||||
* @date 2018-11-23
|
||||
*/
|
||||
@Mapper(componentModel = "spring",unmappedTargetPolicy = ReportingPolicy.IGNORE)
|
||||
public interface PermissionMapper extends BaseMapper<PermissionDTO, Permission> {
|
||||
|
||||
}
|
||||
|
|
@ -10,7 +10,7 @@ import org.mapstruct.ReportingPolicy;
|
|||
* @author Zheng Jie
|
||||
* @date 2018-11-23
|
||||
*/
|
||||
@Mapper(componentModel = "spring", uses = {PermissionMapper.class, MenuMapper.class, DeptMapper.class}, unmappedTargetPolicy = ReportingPolicy.IGNORE)
|
||||
@Mapper(componentModel = "spring", uses = {MenuMapper.class, DeptMapper.class}, unmappedTargetPolicy = ReportingPolicy.IGNORE)
|
||||
public interface RoleMapper extends BaseMapper<RoleDTO, Role> {
|
||||
|
||||
}
|
||||
|
|
|
|||
|
|
@ -30,7 +30,7 @@ public class ${className}Controller {
|
|||
@GetMapping
|
||||
@Log("查询${className}")
|
||||
@ApiOperation("查询${className}")
|
||||
@PreAuthorize("hasAnyRole('admin','${upperCaseClassName}_ALL','${upperCaseClassName}_SELECT')")
|
||||
@PreAuthorize("@el.check('${changeClassName}:list'")
|
||||
public ResponseEntity get${className}s(${className}QueryCriteria criteria, Pageable pageable){
|
||||
return new ResponseEntity<>(${changeClassName}Service.queryAll(criteria,pageable),HttpStatus.OK);
|
||||
}
|
||||
|
|
@ -38,7 +38,7 @@ public class ${className}Controller {
|
|||
@PostMapping
|
||||
@Log("新增${className}")
|
||||
@ApiOperation("新增${className}")
|
||||
@PreAuthorize("hasAnyRole('admin','${upperCaseClassName}_ALL','${upperCaseClassName}_CREATE')")
|
||||
@PreAuthorize("@el.check('${changeClassName}:add')")
|
||||
public ResponseEntity create(@Validated @RequestBody ${className} resources){
|
||||
return new ResponseEntity<>(${changeClassName}Service.create(resources),HttpStatus.CREATED);
|
||||
}
|
||||
|
|
@ -46,7 +46,7 @@ public class ${className}Controller {
|
|||
@PutMapping
|
||||
@Log("修改${className}")
|
||||
@ApiOperation("修改${className}")
|
||||
@PreAuthorize("hasAnyRole('admin','${upperCaseClassName}_ALL','${upperCaseClassName}_EDIT')")
|
||||
@PreAuthorize("@el.check('${changeClassName}:edit')")
|
||||
public ResponseEntity update(@Validated @RequestBody ${className} resources){
|
||||
${changeClassName}Service.update(resources);
|
||||
return new ResponseEntity(HttpStatus.NO_CONTENT);
|
||||
|
|
@ -55,7 +55,7 @@ public class ${className}Controller {
|
|||
@DeleteMapping(value = "/{${pkChangeColName}}")
|
||||
@Log("删除${className}")
|
||||
@ApiOperation("删除${className}")
|
||||
@PreAuthorize("hasAnyRole('admin','${upperCaseClassName}_ALL','${upperCaseClassName}_DELETE')")
|
||||
@PreAuthorize("@el.check('${changeClassName}:del')")
|
||||
public ResponseEntity delete(@PathVariable ${pkColumnType} ${pkChangeColName}){
|
||||
${changeClassName}Service.delete(${pkChangeColName});
|
||||
return new ResponseEntity(HttpStatus.OK);
|
||||
|
|
|
|||
|
|
@ -14,7 +14,7 @@
|
|||
<!-- 新增 -->
|
||||
<div style="display: inline-block;margin: 0px 2px;">
|
||||
<el-button
|
||||
v-permission="['ADMIN','${upperCaseClassName}_ALL','${upperCaseClassName}_CREATE']"
|
||||
v-permission="['admin','${changeClassName}:add']"
|
||||
class="filter-item"
|
||||
size="mini"
|
||||
type="primary"
|
||||
|
|
@ -41,11 +41,11 @@
|
|||
</#if>
|
||||
</#list>
|
||||
</#if>
|
||||
<el-table-column v-if="checkPermission(['ADMIN','${upperCaseClassName}_ALL','${upperCaseClassName}_EDIT','${upperCaseClassName}_DELETE'])" label="操作" width="150px" align="center">
|
||||
<el-table-column v-if="checkPermission(['admin','${changeClassName}:edit','${changeClassName}:del'])" label="操作" width="150px" align="center">
|
||||
<template slot-scope="scope">
|
||||
<el-button v-permission="['ADMIN','${upperCaseClassName}_ALL','${upperCaseClassName}_EDIT']" size="mini" type="primary" icon="el-icon-edit" @click="edit(scope.row)"/>
|
||||
<el-button v-permission="['admin','${changeClassName}:edit']" size="mini" type="primary" icon="el-icon-edit" @click="edit(scope.row)"/>
|
||||
<el-popover
|
||||
v-permission="['ADMIN','${upperCaseClassName}_ALL','${upperCaseClassName}_DELETE']"
|
||||
v-permission="['admin','${changeClassName}:del']"
|
||||
:ref="scope.row.${pkChangeColName}"
|
||||
placement="top"
|
||||
width="180">
|
||||
|
|
|
|||
|
|
@ -30,21 +30,21 @@ public class LocalStorageController {
|
|||
|
||||
@ApiOperation("查询文件")
|
||||
@GetMapping
|
||||
@PreAuthorize("hasAnyRole('admin','LOCALSTORAGE_ALL','LOCALSTORAGE_SELECT')")
|
||||
@PreAuthorize("@el.check('storage:list')")
|
||||
public ResponseEntity getLocalStorages(LocalStorageQueryCriteria criteria, Pageable pageable){
|
||||
return new ResponseEntity<>(localStorageService.queryAll(criteria,pageable),HttpStatus.OK);
|
||||
}
|
||||
|
||||
@ApiOperation("上传文件")
|
||||
@PostMapping
|
||||
@PreAuthorize("hasAnyRole('admin','LOCALSTORAGE_ALL','LOCALSTORAGE_CREATE')")
|
||||
@PreAuthorize("@el.check('storage:add')")
|
||||
public ResponseEntity create(@RequestParam String name, @RequestParam("file") MultipartFile file){
|
||||
return new ResponseEntity<>(localStorageService.create(name, file),HttpStatus.CREATED);
|
||||
}
|
||||
|
||||
@ApiOperation("修改文件")
|
||||
@PutMapping
|
||||
@PreAuthorize("hasAnyRole('admin','LOCALSTORAGE_ALL','LOCALSTORAGE_EDIT')")
|
||||
@PreAuthorize("@el.check('storage:edit')")
|
||||
public ResponseEntity update(@Validated @RequestBody LocalStorage resources){
|
||||
localStorageService.update(resources);
|
||||
return new ResponseEntity(HttpStatus.NO_CONTENT);
|
||||
|
|
@ -52,7 +52,7 @@ public class LocalStorageController {
|
|||
|
||||
@ApiOperation("删除文件")
|
||||
@DeleteMapping(value = "/{id}")
|
||||
@PreAuthorize("hasAnyRole('admin','LOCALSTORAGE_ALL','LOCALSTORAGE_DELETE')")
|
||||
@PreAuthorize("@el.check('storage:del')")
|
||||
public ResponseEntity delete(@PathVariable Long id){
|
||||
localStorageService.delete(id);
|
||||
return new ResponseEntity(HttpStatus.OK);
|
||||
|
|
|
|||
|
|
@ -32,7 +32,7 @@ public class PictureController {
|
|||
}
|
||||
|
||||
@Log("查询图片")
|
||||
@PreAuthorize("hasAnyRole('admin','PICTURE_ALL','PICTURE_SELECT')")
|
||||
@PreAuthorize("@el.check('pictures:list')")
|
||||
@GetMapping
|
||||
@ApiOperation("查询图片")
|
||||
public ResponseEntity getRoles(PictureQueryCriteria criteria, Pageable pageable){
|
||||
|
|
@ -40,7 +40,7 @@ public class PictureController {
|
|||
}
|
||||
|
||||
@Log("上传图片")
|
||||
@PreAuthorize("hasAnyRole('admin','PICTURE_ALL','PICTURE_UPLOAD')")
|
||||
@PreAuthorize("@el.check('pictures:add')")
|
||||
@PostMapping
|
||||
@ApiOperation("上传图片")
|
||||
public ResponseEntity upload(@RequestParam MultipartFile file){
|
||||
|
|
@ -55,7 +55,7 @@ public class PictureController {
|
|||
|
||||
@Log("删除图片")
|
||||
@ApiOperation("删除图片")
|
||||
@PreAuthorize("hasAnyRole('admin','PICTURE_ALL','PICTURE_DELETE')")
|
||||
@PreAuthorize("@el.check('pictures:del')")
|
||||
@DeleteMapping(value = "/{id}")
|
||||
public ResponseEntity delete(@PathVariable Long id) {
|
||||
pictureService.delete(pictureService.findById(id));
|
||||
|
|
@ -64,7 +64,7 @@ public class PictureController {
|
|||
|
||||
@Log("多选删除图片")
|
||||
@ApiOperation("多选删除图片")
|
||||
@PreAuthorize("hasAnyRole('admin','PICTURE_ALL','PICTURE_DELETE')")
|
||||
@PreAuthorize("@el.check('pictures:del')")
|
||||
@DeleteMapping
|
||||
public ResponseEntity deleteAll(@RequestBody Long[] ids) {
|
||||
pictureService.deleteAll(ids);
|
||||
|
|
|
|||
Loading…
Reference in New Issue