From d5d48015789b80e0c3358e1df0ef64cba4d8827f Mon Sep 17 00:00:00 2001 From: dqjdda <201507802@qq.com> Date: Tue, 29 Oct 2019 21:39:02 +0800 Subject: [PATCH] =?UTF-8?q?=E8=A7=92=E8=89=B2=E8=8F=9C=E5=8D=95=E6=94=B9?= =?UTF-8?q?=E9=80=A0=E5=AE=8C=E6=88=90=EF=BC=8C=E5=8E=BB=E9=99=A4=E6=9D=83?= =?UTF-8?q?=E9=99=90=E7=AE=A1=E7=90=86=EF=BC=8C=E9=87=87=E7=94=A8=E6=8C=89?= =?UTF-8?q?=E9=92=AE=E6=96=B9=E5=BC=8F=E6=98=BE=E7=A4=BA=E5=9C=A8=E8=8F=9C?= =?UTF-8?q?=E5=8D=95=E7=AE=A1=E7=90=86=E4=B8=AD?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- .../zhengjie/config/ElPermissionConfig.java | 21 +++ .../java/me/zhengjie/rest/LogController.java | 6 +- .../modules/monitor/rest/RedisController.java | 6 +- .../quartz/rest/QuartzJobController.java | 14 +- .../security/rest/OnlineController.java | 4 +- .../service/JwtPermissionService.java | 13 +- .../modules/system/domain/Permission.java | 48 ----- .../zhengjie/modules/system/domain/Role.java | 4 - .../repository/PermissionRepository.java | 17 -- .../system/repository/RoleRepository.java | 4 - .../modules/system/rest/DeptController.java | 8 +- .../modules/system/rest/DictController.java | 8 +- .../system/rest/DictDetailController.java | 6 +- .../modules/system/rest/JobController.java | 8 +- .../modules/system/rest/MenuController.java | 10 +- .../system/rest/PermissionController.java | 89 --------- .../modules/system/rest/RoleController.java | 23 +-- .../modules/system/rest/UserController.java | 17 +- .../system/service/PermissionService.java | 32 ---- .../modules/system/service/RoleService.java | 4 - .../system/service/dto/PermissionDTO.java | 28 --- .../service/dto/PermissionQueryCriteria.java | 15 -- .../modules/system/service/dto/RoleDTO.java | 2 - .../service/impl/PermissionServiceImpl.java | 169 ------------------ .../system/service/impl/RoleServiceImpl.java | 15 -- .../service/mapper/PermissionMapper.java | 16 -- .../system/service/mapper/RoleMapper.java | 2 +- .../template/generator/admin/Controller.ftl | 8 +- .../template/generator/front/index.ftl | 8 +- .../zhengjie/rest/LocalStorageController.java | 8 +- .../me/zhengjie/rest/PictureController.java | 8 +- 31 files changed, 95 insertions(+), 526 deletions(-) create mode 100644 eladmin-common/src/main/java/me/zhengjie/config/ElPermissionConfig.java delete mode 100644 eladmin-system/src/main/java/me/zhengjie/modules/system/domain/Permission.java delete mode 100644 eladmin-system/src/main/java/me/zhengjie/modules/system/repository/PermissionRepository.java delete mode 100644 eladmin-system/src/main/java/me/zhengjie/modules/system/rest/PermissionController.java delete mode 100644 eladmin-system/src/main/java/me/zhengjie/modules/system/service/PermissionService.java delete mode 100644 eladmin-system/src/main/java/me/zhengjie/modules/system/service/dto/PermissionDTO.java delete mode 100644 eladmin-system/src/main/java/me/zhengjie/modules/system/service/dto/PermissionQueryCriteria.java delete mode 100644 eladmin-system/src/main/java/me/zhengjie/modules/system/service/impl/PermissionServiceImpl.java delete mode 100644 eladmin-system/src/main/java/me/zhengjie/modules/system/service/mapper/PermissionMapper.java diff --git a/eladmin-common/src/main/java/me/zhengjie/config/ElPermissionConfig.java b/eladmin-common/src/main/java/me/zhengjie/config/ElPermissionConfig.java new file mode 100644 index 00000000..a5b1aaf1 --- /dev/null +++ b/eladmin-common/src/main/java/me/zhengjie/config/ElPermissionConfig.java @@ -0,0 +1,21 @@ +package me.zhengjie.config; + +import me.zhengjie.utils.SecurityUtils; +import org.springframework.security.core.GrantedAuthority; +import org.springframework.stereotype.Service; +import java.util.Arrays; +import java.util.List; +import java.util.stream.Collectors; + +@Service(value = "el") +public class ElPermissionConfig { + + public Boolean check(String ...permissions){ + List elPermissions = SecurityUtils.getUserDetails().getAuthorities().stream().map(GrantedAuthority::getAuthority).collect(Collectors.toList()); + List list = Arrays.stream(permissions).filter(elPermissions::contains).map(s -> s).collect(Collectors.toList()); + if(elPermissions.contains("admin") || list.size() != 0){ + return true; + } + return false; + } +} diff --git a/eladmin-logging/src/main/java/me/zhengjie/rest/LogController.java b/eladmin-logging/src/main/java/me/zhengjie/rest/LogController.java index 670a3d80..f52bdb19 100644 --- a/eladmin-logging/src/main/java/me/zhengjie/rest/LogController.java +++ b/eladmin-logging/src/main/java/me/zhengjie/rest/LogController.java @@ -31,7 +31,7 @@ public class LogController { @GetMapping @ApiOperation("日志查询") - @PreAuthorize("hasAnyRole('admin')") + @PreAuthorize("@el.check()") public ResponseEntity getLogs(LogQueryCriteria criteria, Pageable pageable){ criteria.setLogType("INFO"); return new ResponseEntity<>(logService.queryAll(criteria,pageable), HttpStatus.OK); @@ -47,7 +47,7 @@ public class LogController { @GetMapping(value = "/error") @ApiOperation("错误日志查询") - @PreAuthorize("hasAnyRole('admin')") + @PreAuthorize("@el.check()") public ResponseEntity getErrorLogs(LogQueryCriteria criteria, Pageable pageable){ criteria.setLogType("ERROR"); return new ResponseEntity<>(logService.queryAll(criteria,pageable), HttpStatus.OK); @@ -55,7 +55,7 @@ public class LogController { @GetMapping(value = "/error/{id}") @ApiOperation("日志异常详情查询") - @PreAuthorize("hasAnyRole('admin')") + @PreAuthorize("@el.check()") public ResponseEntity getErrorLogs(@PathVariable Long id){ return new ResponseEntity<>(logService.findByErrDetail(id), HttpStatus.OK); } diff --git a/eladmin-system/src/main/java/me/zhengjie/modules/monitor/rest/RedisController.java b/eladmin-system/src/main/java/me/zhengjie/modules/monitor/rest/RedisController.java index 85eb1bc3..e487316d 100644 --- a/eladmin-system/src/main/java/me/zhengjie/modules/monitor/rest/RedisController.java +++ b/eladmin-system/src/main/java/me/zhengjie/modules/monitor/rest/RedisController.java @@ -29,7 +29,7 @@ public class RedisController { @Log("查询Redis缓存") @GetMapping @ApiOperation("查询Redis缓存") - @PreAuthorize("hasAnyRole('admin','REDIS_ALL','REDIS_SELECT')") + @PreAuthorize("@el.check('redis:list')") public ResponseEntity getRedis(String key, Pageable pageable){ return new ResponseEntity<>(redisService.findByKey(key,pageable), HttpStatus.OK); } @@ -37,7 +37,7 @@ public class RedisController { @Log("删除Redis缓存") @DeleteMapping @ApiOperation("删除Redis缓存") - @PreAuthorize("hasAnyRole('admin','REDIS_ALL','REDIS_DELETE')") + @PreAuthorize("@el.check('redis:del')") public ResponseEntity delete(@RequestBody RedisVo resources){ redisService.delete(resources.getKey()); return new ResponseEntity(HttpStatus.OK); @@ -46,7 +46,7 @@ public class RedisController { @Log("清空Redis缓存") @DeleteMapping(value = "/all") @ApiOperation("清空Redis缓存") - @PreAuthorize("hasAnyRole('admin','REDIS_ALL','REDIS_DELETE')") + @PreAuthorize("@el.check('redis:del')") public ResponseEntity deleteAll(){ redisService.deleteAll(); return new ResponseEntity(HttpStatus.OK); diff --git a/eladmin-system/src/main/java/me/zhengjie/modules/quartz/rest/QuartzJobController.java b/eladmin-system/src/main/java/me/zhengjie/modules/quartz/rest/QuartzJobController.java index 08a9eeaf..8927db72 100644 --- a/eladmin-system/src/main/java/me/zhengjie/modules/quartz/rest/QuartzJobController.java +++ b/eladmin-system/src/main/java/me/zhengjie/modules/quartz/rest/QuartzJobController.java @@ -36,14 +36,14 @@ public class QuartzJobController { @Log("查询定时任务") @ApiOperation("查询定时任务") @GetMapping - @PreAuthorize("hasAnyRole('admin','JOB_ALL','JOB_SELECT')") + @PreAuthorize("@el.check('timing:list')") public ResponseEntity getJobs(JobQueryCriteria criteria, Pageable pageable){ return new ResponseEntity<>(quartzJobService.queryAll(criteria,pageable), HttpStatus.OK); } @ApiOperation("查询任务执行日志") @GetMapping(value = "/logs") - @PreAuthorize("hasAnyRole('admin','JOB_ALL','JOB_SELECT')") + @PreAuthorize("@el.check('timing:list')") public ResponseEntity getJobLogs(JobQueryCriteria criteria, Pageable pageable){ return new ResponseEntity<>(quartzJobService.queryAllLog(criteria,pageable), HttpStatus.OK); } @@ -51,7 +51,7 @@ public class QuartzJobController { @Log("新增定时任务") @ApiOperation("新增定时任务") @PostMapping - @PreAuthorize("hasAnyRole('admin','JOB_ALL','JOB_CREATE')") + @PreAuthorize("@el.check('timing:add')") public ResponseEntity create(@Validated @RequestBody QuartzJob resources){ if (resources.getId() != null) { throw new BadRequestException("A new "+ ENTITY_NAME +" cannot already have an ID"); @@ -62,7 +62,7 @@ public class QuartzJobController { @Log("修改定时任务") @ApiOperation("修改定时任务") @PutMapping - @PreAuthorize("hasAnyRole('admin','JOB_ALL','JOB_EDIT')") + @PreAuthorize("@el.check('timing:edit')") public ResponseEntity update(@Validated(QuartzJob.Update.class) @RequestBody QuartzJob resources){ quartzJobService.update(resources); return new ResponseEntity(HttpStatus.NO_CONTENT); @@ -71,7 +71,7 @@ public class QuartzJobController { @Log("更改定时任务状态") @ApiOperation("更改定时任务状态") @PutMapping(value = "/{id}") - @PreAuthorize("hasAnyRole('admin','JOB_ALL','JOB_EDIT')") + @PreAuthorize("@el.check('timing:edit')") public ResponseEntity updateIsPause(@PathVariable Long id){ quartzJobService.updateIsPause(quartzJobService.findById(id)); return new ResponseEntity(HttpStatus.NO_CONTENT); @@ -80,7 +80,7 @@ public class QuartzJobController { @Log("执行定时任务") @ApiOperation("执行定时任务") @PutMapping(value = "/exec/{id}") - @PreAuthorize("hasAnyRole('admin','JOB_ALL','JOB_EDIT')") + @PreAuthorize("@el.check('timing:edit')") public ResponseEntity execution(@PathVariable Long id){ quartzJobService.execution(quartzJobService.findById(id)); return new ResponseEntity(HttpStatus.NO_CONTENT); @@ -89,7 +89,7 @@ public class QuartzJobController { @Log("删除定时任务") @ApiOperation("删除定时任务") @DeleteMapping(value = "/{id}") - @PreAuthorize("hasAnyRole('admin','JOB_ALL','JOB_DELETE')") + @PreAuthorize("@el.check('timing:del')") public ResponseEntity delete(@PathVariable Long id){ quartzJobService.delete(quartzJobService.findById(id)); return new ResponseEntity(HttpStatus.OK); diff --git a/eladmin-system/src/main/java/me/zhengjie/modules/security/rest/OnlineController.java b/eladmin-system/src/main/java/me/zhengjie/modules/security/rest/OnlineController.java index 5d69bf2f..367f739c 100644 --- a/eladmin-system/src/main/java/me/zhengjie/modules/security/rest/OnlineController.java +++ b/eladmin-system/src/main/java/me/zhengjie/modules/security/rest/OnlineController.java @@ -22,14 +22,14 @@ public class OnlineController { @ApiOperation("查询在线用户") @GetMapping - @PreAuthorize("hasRole('ADMIN')") + @PreAuthorize("@el.check()") public ResponseEntity getAll(String filter, Pageable pageable){ return new ResponseEntity<>(onlineUserService.getAll(filter, pageable),HttpStatus.OK); } @ApiOperation("踢出用户") @DeleteMapping(value = "/{key}") - @PreAuthorize("hasRole('ADMIN')") + @PreAuthorize("@el.check()") public ResponseEntity delete(@PathVariable String key) throws Exception { onlineUserService.kickOut(key); return new ResponseEntity(HttpStatus.OK); diff --git a/eladmin-system/src/main/java/me/zhengjie/modules/security/service/JwtPermissionService.java b/eladmin-system/src/main/java/me/zhengjie/modules/security/service/JwtPermissionService.java index b1611655..461841ff 100644 --- a/eladmin-system/src/main/java/me/zhengjie/modules/security/service/JwtPermissionService.java +++ b/eladmin-system/src/main/java/me/zhengjie/modules/security/service/JwtPermissionService.java @@ -1,14 +1,17 @@ package me.zhengjie.modules.security.service; +import me.zhengjie.modules.system.domain.Menu; import me.zhengjie.modules.system.domain.Role; import me.zhengjie.modules.system.repository.RoleRepository; import me.zhengjie.modules.system.service.dto.UserDTO; +import me.zhengjie.utils.StringUtils; import org.springframework.cache.annotation.CacheConfig; import org.springframework.cache.annotation.Cacheable; import org.springframework.security.core.GrantedAuthority; import org.springframework.security.core.authority.SimpleGrantedAuthority; import org.springframework.stereotype.Service; import java.util.Collection; +import java.util.List; import java.util.Set; import java.util.stream.Collectors; @@ -33,9 +36,13 @@ public class JwtPermissionService { System.out.println("--------------------loadPermissionByUser:" + user.getUsername() + "---------------------"); Set roles = roleRepository.findByUsers_Id(user.getId()); - - return roles.stream().flatMap(role -> role.getPermissions().stream()) - .map(permission -> new SimpleGrantedAuthority(permission.getName())) + Set permissions = roles.stream().filter(role -> StringUtils.isNotBlank(role.getPermission())).map(Role::getPermission).collect(Collectors.toSet()); + permissions.addAll( + roles.stream().flatMap(role -> role.getMenus().stream()) + .filter(menu -> StringUtils.isNotBlank(menu.getPermission())) + .map(Menu::getPermission).collect(Collectors.toSet()) + ); + return permissions.stream().map(permission -> new SimpleGrantedAuthority(permission)) .collect(Collectors.toList()); } } diff --git a/eladmin-system/src/main/java/me/zhengjie/modules/system/domain/Permission.java b/eladmin-system/src/main/java/me/zhengjie/modules/system/domain/Permission.java deleted file mode 100644 index f23aa3e6..00000000 --- a/eladmin-system/src/main/java/me/zhengjie/modules/system/domain/Permission.java +++ /dev/null @@ -1,48 +0,0 @@ -package me.zhengjie.modules.system.domain; - -import com.fasterxml.jackson.annotation.JsonIgnore; -import lombok.Getter; -import lombok.Setter; -import org.hibernate.annotations.CreationTimestamp; -import javax.persistence.*; -import javax.validation.constraints.NotBlank; -import javax.validation.constraints.NotNull; -import java.sql.Timestamp; -import java.util.Set; - -/** - * @author Zheng Jie - * @date 2018-12-03 - */ -@Entity -@Getter -@Setter -@Table(name = "permission") -public class Permission{ - - @Id - @GeneratedValue(strategy = GenerationType.IDENTITY) - @NotNull(groups = {Update.class}) - private Long id; - - @NotBlank - private String name; - - // 上级类目 - @NotNull - @Column(name = "pid",nullable = false) - private Long pid; - - @NotBlank - private String alias; - - @Column(name = "create_time") - @CreationTimestamp - private Timestamp createTime; - - @JsonIgnore - @ManyToMany(mappedBy = "permissions") - private Set roles; - - public @interface Update {} -} diff --git a/eladmin-system/src/main/java/me/zhengjie/modules/system/domain/Role.java b/eladmin-system/src/main/java/me/zhengjie/modules/system/domain/Role.java index 51045e51..17e678f8 100644 --- a/eladmin-system/src/main/java/me/zhengjie/modules/system/domain/Role.java +++ b/eladmin-system/src/main/java/me/zhengjie/modules/system/domain/Role.java @@ -50,10 +50,6 @@ public class Role{ @ManyToMany(mappedBy = "roles") private Set users; - @ManyToMany - @JoinTable(name = "roles_permissions", joinColumns = {@JoinColumn(name = "role_id",referencedColumnName = "id")}, inverseJoinColumns = {@JoinColumn(name = "permission_id",referencedColumnName = "id")}) - private Set permissions; - @ManyToMany @JoinTable(name = "roles_menus", joinColumns = {@JoinColumn(name = "role_id",referencedColumnName = "id")}, inverseJoinColumns = {@JoinColumn(name = "menu_id",referencedColumnName = "id")}) private Set menus; diff --git a/eladmin-system/src/main/java/me/zhengjie/modules/system/repository/PermissionRepository.java b/eladmin-system/src/main/java/me/zhengjie/modules/system/repository/PermissionRepository.java deleted file mode 100644 index 0e8ba8f3..00000000 --- a/eladmin-system/src/main/java/me/zhengjie/modules/system/repository/PermissionRepository.java +++ /dev/null @@ -1,17 +0,0 @@ -package me.zhengjie.modules.system.repository; - -import me.zhengjie.modules.system.domain.Permission; -import org.springframework.data.jpa.repository.JpaRepository; -import org.springframework.data.jpa.repository.JpaSpecificationExecutor; -import java.util.List; - -/** - * @author Zheng Jie - * @date 2018-12-03 - */ -public interface PermissionRepository extends JpaRepository, JpaSpecificationExecutor { - - Permission findByName(String name); - - List findByPid(long pid); -} diff --git a/eladmin-system/src/main/java/me/zhengjie/modules/system/repository/RoleRepository.java b/eladmin-system/src/main/java/me/zhengjie/modules/system/repository/RoleRepository.java index 98edaed5..7731ade5 100644 --- a/eladmin-system/src/main/java/me/zhengjie/modules/system/repository/RoleRepository.java +++ b/eladmin-system/src/main/java/me/zhengjie/modules/system/repository/RoleRepository.java @@ -17,10 +17,6 @@ public interface RoleRepository extends JpaRepository, JpaSpecificat Set findByUsers_Id(Long id); - @Modifying - @Query(value = "delete from roles_permissions where permission_id = ?1",nativeQuery = true) - void untiedPermission(Long id); - @Modifying @Query(value = "delete from roles_menus where menu_id = ?1",nativeQuery = true) void untiedMenu(Long id); diff --git a/eladmin-system/src/main/java/me/zhengjie/modules/system/rest/DeptController.java b/eladmin-system/src/main/java/me/zhengjie/modules/system/rest/DeptController.java index 637d6535..e4f33e9f 100644 --- a/eladmin-system/src/main/java/me/zhengjie/modules/system/rest/DeptController.java +++ b/eladmin-system/src/main/java/me/zhengjie/modules/system/rest/DeptController.java @@ -40,7 +40,7 @@ public class DeptController { @Log("查询部门") @ApiOperation("查询部门") @GetMapping - @PreAuthorize("hasAnyRole('admin','user:all','user:select','DEPT_ALL','DEPT_SELECT')") + @PreAuthorize("@el.check('user:list','dept:list')") public ResponseEntity getDepts(DeptQueryCriteria criteria){ // 数据权限 criteria.setIds(dataScope.getDeptIds()); @@ -51,7 +51,7 @@ public class DeptController { @Log("新增部门") @ApiOperation("新增部门") @PostMapping - @PreAuthorize("hasAnyRole('admin','DEPT_ALL','DEPT_CREATE')") + @PreAuthorize("@el.check('dept:add')") public ResponseEntity create(@Validated @RequestBody Dept resources){ if (resources.getId() != null) { throw new BadRequestException("A new "+ ENTITY_NAME +" cannot already have an ID"); @@ -62,7 +62,7 @@ public class DeptController { @Log("修改部门") @ApiOperation("修改部门") @PutMapping - @PreAuthorize("hasAnyRole('admin','DEPT_ALL','DEPT_EDIT')") + @PreAuthorize("@el.check('dept:edit')") public ResponseEntity update(@Validated(Dept.Update.class) @RequestBody Dept resources){ deptService.update(resources); return new ResponseEntity(HttpStatus.NO_CONTENT); @@ -71,7 +71,7 @@ public class DeptController { @Log("删除部门") @ApiOperation("删除部门") @DeleteMapping(value = "/{id}") - @PreAuthorize("hasAnyRole('admin','DEPT_ALL','DEPT_DELETE')") + @PreAuthorize("@el.check('dept:del')") public ResponseEntity delete(@PathVariable Long id){ try { deptService.delete(id); diff --git a/eladmin-system/src/main/java/me/zhengjie/modules/system/rest/DictController.java b/eladmin-system/src/main/java/me/zhengjie/modules/system/rest/DictController.java index 7b309c02..bd3cfa80 100644 --- a/eladmin-system/src/main/java/me/zhengjie/modules/system/rest/DictController.java +++ b/eladmin-system/src/main/java/me/zhengjie/modules/system/rest/DictController.java @@ -34,7 +34,7 @@ public class DictController { @Log("查询字典") @ApiOperation("查询字典") @GetMapping - @PreAuthorize("hasAnyRole('admin','DICT_ALL','DICT_SELECT')") + @PreAuthorize("@el.check('dict:list')") public ResponseEntity getDicts(DictQueryCriteria resources, Pageable pageable){ return new ResponseEntity<>(dictService.queryAll(resources,pageable),HttpStatus.OK); } @@ -42,7 +42,7 @@ public class DictController { @Log("新增字典") @ApiOperation("新增字典") @PostMapping - @PreAuthorize("hasAnyRole('admin','DICT_ALL','DICT_CREATE')") + @PreAuthorize("@el.check('dict:add')") public ResponseEntity create(@Validated @RequestBody Dict resources){ if (resources.getId() != null) { throw new BadRequestException("A new "+ ENTITY_NAME +" cannot already have an ID"); @@ -53,7 +53,7 @@ public class DictController { @Log("修改字典") @ApiOperation("修改字典") @PutMapping - @PreAuthorize("hasAnyRole('admin','DICT_ALL','DICT_EDIT')") + @PreAuthorize("@el.check('dict:edit')") public ResponseEntity update(@Validated(Dict.Update.class) @RequestBody Dict resources){ dictService.update(resources); return new ResponseEntity(HttpStatus.NO_CONTENT); @@ -62,7 +62,7 @@ public class DictController { @Log("删除字典") @ApiOperation("删除字典") @DeleteMapping(value = "/{id}") - @PreAuthorize("hasAnyRole('admin','DICT_ALL','DICT_DELETE')") + @PreAuthorize("@el.check('dict:del')") public ResponseEntity delete(@PathVariable Long id){ dictService.delete(id); return new ResponseEntity(HttpStatus.OK); diff --git a/eladmin-system/src/main/java/me/zhengjie/modules/system/rest/DictDetailController.java b/eladmin-system/src/main/java/me/zhengjie/modules/system/rest/DictDetailController.java index d9d68967..0c463994 100644 --- a/eladmin-system/src/main/java/me/zhengjie/modules/system/rest/DictDetailController.java +++ b/eladmin-system/src/main/java/me/zhengjie/modules/system/rest/DictDetailController.java @@ -60,7 +60,7 @@ public class DictDetailController { @Log("新增字典详情") @ApiOperation("新增字典详情") @PostMapping - @PreAuthorize("hasAnyRole('admin','DICT_ALL','DICT_CREATE')") + @PreAuthorize("@el.check('dict:add')") public ResponseEntity create(@Validated @RequestBody DictDetail resources){ if (resources.getId() != null) { throw new BadRequestException("A new "+ ENTITY_NAME +" cannot already have an ID"); @@ -71,7 +71,7 @@ public class DictDetailController { @Log("修改字典详情") @ApiOperation("修改字典详情") @PutMapping - @PreAuthorize("hasAnyRole('admin','DICT_ALL','DICT_EDIT')") + @PreAuthorize("@el.check('dict:edit')") public ResponseEntity update(@Validated(DictDetail.Update.class) @RequestBody DictDetail resources){ dictDetailService.update(resources); return new ResponseEntity(HttpStatus.NO_CONTENT); @@ -80,7 +80,7 @@ public class DictDetailController { @Log("删除字典详情") @ApiOperation("删除字典详情") @DeleteMapping(value = "/{id}") - @PreAuthorize("hasAnyRole('admin','DICT_ALL','DICT_DELETE')") + @PreAuthorize("@el.check('dict:del')") public ResponseEntity delete(@PathVariable Long id){ dictDetailService.delete(id); return new ResponseEntity(HttpStatus.OK); diff --git a/eladmin-system/src/main/java/me/zhengjie/modules/system/rest/JobController.java b/eladmin-system/src/main/java/me/zhengjie/modules/system/rest/JobController.java index b7c2788a..fa26b899 100644 --- a/eladmin-system/src/main/java/me/zhengjie/modules/system/rest/JobController.java +++ b/eladmin-system/src/main/java/me/zhengjie/modules/system/rest/JobController.java @@ -39,7 +39,7 @@ public class JobController { @Log("查询岗位") @ApiOperation("查询岗位") @GetMapping - @PreAuthorize("hasAnyRole('admin','USERJOB_ALL','USERJOB_SELECT','user:all','user:select')") + @PreAuthorize("@el.check('job:list','user:list')") public ResponseEntity getJobs(JobQueryCriteria criteria, Pageable pageable){ // 数据权限 @@ -50,7 +50,7 @@ public class JobController { @Log("新增岗位") @ApiOperation("新增岗位") @PostMapping - @PreAuthorize("hasAnyRole('admin','USERJOB_ALL','USERJOB_CREATE')") + @PreAuthorize("@el.check('job:add')") public ResponseEntity create(@Validated @RequestBody Job resources){ if (resources.getId() != null) { throw new BadRequestException("A new "+ ENTITY_NAME +" cannot already have an ID"); @@ -61,7 +61,7 @@ public class JobController { @Log("修改岗位") @ApiOperation("修改岗位") @PutMapping - @PreAuthorize("hasAnyRole('admin','USERJOB_ALL','USERJOB_EDIT')") + @PreAuthorize("@el.check('job:edit')") public ResponseEntity update(@Validated(Job.Update.class) @RequestBody Job resources){ jobService.update(resources); return new ResponseEntity(HttpStatus.NO_CONTENT); @@ -70,7 +70,7 @@ public class JobController { @Log("删除岗位") @ApiOperation("删除岗位") @DeleteMapping(value = "/{id}") - @PreAuthorize("hasAnyRole('admin','USERJOB_ALL','USERJOB_DELETE')") + @PreAuthorize("@el.check('job:del')") public ResponseEntity delete(@PathVariable Long id){ try { jobService.delete(id); diff --git a/eladmin-system/src/main/java/me/zhengjie/modules/system/rest/MenuController.java b/eladmin-system/src/main/java/me/zhengjie/modules/system/rest/MenuController.java index e9ca1da9..af2195fc 100644 --- a/eladmin-system/src/main/java/me/zhengjie/modules/system/rest/MenuController.java +++ b/eladmin-system/src/main/java/me/zhengjie/modules/system/rest/MenuController.java @@ -56,7 +56,7 @@ public class MenuController { @ApiOperation("返回全部的菜单") @GetMapping(value = "/tree") - @PreAuthorize("hasAnyRole('admin','MENU_ALL','MENU_CREATE','MENU_EDIT','ROLES_SELECT','ROLES_ALL')") + @PreAuthorize("@el.check('menu:list','roles:list')") public ResponseEntity getMenuTree(){ return new ResponseEntity<>(menuService.getMenuTree(menuService.findByPid(0L)),HttpStatus.OK); } @@ -64,7 +64,7 @@ public class MenuController { @Log("查询菜单") @ApiOperation("查询菜单") @GetMapping - @PreAuthorize("hasAnyRole('admin','MENU_ALL','MENU_SELECT')") + @PreAuthorize("@el.check('menu:list')") public ResponseEntity getMenus(MenuQueryCriteria criteria){ List menuDTOList = menuService.queryAll(criteria); return new ResponseEntity<>(menuService.buildTree(menuDTOList),HttpStatus.OK); @@ -73,7 +73,7 @@ public class MenuController { @Log("新增菜单") @ApiOperation("新增菜单") @PostMapping - @PreAuthorize("hasAnyRole('admin','MENU_ALL','MENU_CREATE')") + @PreAuthorize("@el.check('menu:add')") public ResponseEntity create(@Validated @RequestBody Menu resources){ if (resources.getId() != null) { throw new BadRequestException("A new "+ ENTITY_NAME +" cannot already have an ID"); @@ -84,7 +84,7 @@ public class MenuController { @Log("修改菜单") @ApiOperation("修改菜单") @PutMapping - @PreAuthorize("hasAnyRole('admin','MENU_ALL','MENU_EDIT')") + @PreAuthorize("@el.check('menu:edit')") public ResponseEntity update(@Validated(Menu.Update.class) @RequestBody Menu resources){ menuService.update(resources); return new ResponseEntity(HttpStatus.NO_CONTENT); @@ -93,7 +93,7 @@ public class MenuController { @Log("删除菜单") @ApiOperation("删除菜单") @DeleteMapping(value = "/{id}") - @PreAuthorize("hasAnyRole('admin','MENU_ALL','MENU_DELETE')") + @PreAuthorize("@el.check('menu:del')") public ResponseEntity delete(@PathVariable Long id){ List menuList = menuService.findByPid(id); Set menuSet = new HashSet<>(); diff --git a/eladmin-system/src/main/java/me/zhengjie/modules/system/rest/PermissionController.java b/eladmin-system/src/main/java/me/zhengjie/modules/system/rest/PermissionController.java deleted file mode 100644 index a7a7577a..00000000 --- a/eladmin-system/src/main/java/me/zhengjie/modules/system/rest/PermissionController.java +++ /dev/null @@ -1,89 +0,0 @@ -package me.zhengjie.modules.system.rest; - -import io.swagger.annotations.Api; -import io.swagger.annotations.ApiOperation; -import me.zhengjie.aop.log.Log; -import me.zhengjie.modules.system.domain.Permission; -import me.zhengjie.exception.BadRequestException; -import me.zhengjie.modules.system.service.PermissionService; -import me.zhengjie.modules.system.service.dto.PermissionDTO; -import me.zhengjie.modules.system.service.dto.PermissionQueryCriteria; -import me.zhengjie.modules.system.service.mapper.PermissionMapper; -import org.springframework.http.HttpStatus; -import org.springframework.http.ResponseEntity; -import org.springframework.security.access.prepost.PreAuthorize; -import org.springframework.validation.annotation.Validated; -import org.springframework.web.bind.annotation.*; -import java.util.HashSet; -import java.util.List; -import java.util.Set; - -/** - * @author Zheng Jie - * @date 2018-12-03 - */ -@Api(tags = "系统:权限管理") -@RestController -@RequestMapping("/api/permissions") -public class PermissionController { - - private final PermissionService permissionService; - - private final PermissionMapper permissionMapper; - - private static final String ENTITY_NAME = "permission"; - - public PermissionController(PermissionService permissionService, PermissionMapper permissionMapper) { - this.permissionService = permissionService; - this.permissionMapper = permissionMapper; - } - - @ApiOperation("返回全部的权限,新增角色时下拉选择") - @GetMapping(value = "/tree") - @PreAuthorize("hasAnyRole('admin','PERMISSION_ALL','PERMISSION_CREATE','PERMISSION_EDIT','ROLES_SELECT','ROLES_ALL')") - public ResponseEntity getTree(){ - return new ResponseEntity<>(permissionService.getPermissionTree(permissionService.findByPid(0L)),HttpStatus.OK); - } - - @Log("查询权限") - @ApiOperation("查询权限") - @GetMapping - @PreAuthorize("hasAnyRole('admin','PERMISSION_ALL','PERMISSION_SELECT')") - public ResponseEntity getPermissions(PermissionQueryCriteria criteria){ - List permissionDTOS = permissionService.queryAll(criteria); - return new ResponseEntity<>(permissionService.buildTree(permissionDTOS),HttpStatus.OK); - } - - @Log("新增权限") - @ApiOperation("新增权限") - @PostMapping - @PreAuthorize("hasAnyRole('admin','PERMISSION_ALL','PERMISSION_CREATE')") - public ResponseEntity create(@Validated @RequestBody Permission resources){ - if (resources.getId() != null) { - throw new BadRequestException("A new "+ ENTITY_NAME +" cannot already have an ID"); - } - return new ResponseEntity<>(permissionService.create(resources),HttpStatus.CREATED); - } - - @Log("修改权限") - @ApiOperation("修改权限") - @PutMapping - @PreAuthorize("hasAnyRole('admin','PERMISSION_ALL','PERMISSION_EDIT')") - public ResponseEntity update(@Validated(Permission.Update.class) @RequestBody Permission resources){ - permissionService.update(resources); - return new ResponseEntity(HttpStatus.NO_CONTENT); - } - - @Log("删除权限") - @ApiOperation("删除权限") - @DeleteMapping(value = "/{id}") - @PreAuthorize("hasAnyRole('admin','PERMISSION_ALL','PERMISSION_DELETE')") - public ResponseEntity delete(@PathVariable Long id){ - List permissions = permissionService.findByPid(id); - Set permissionSet = new HashSet<>(); - permissionSet.add(permissionMapper.toEntity(permissionService.findById(id))); - permissionSet = permissionService.getDeletePermission(permissions, permissionSet); - permissionService.delete(permissionSet); - return new ResponseEntity(HttpStatus.OK); - } -} diff --git a/eladmin-system/src/main/java/me/zhengjie/modules/system/rest/RoleController.java b/eladmin-system/src/main/java/me/zhengjie/modules/system/rest/RoleController.java index 97e54103..c4548450 100644 --- a/eladmin-system/src/main/java/me/zhengjie/modules/system/rest/RoleController.java +++ b/eladmin-system/src/main/java/me/zhengjie/modules/system/rest/RoleController.java @@ -42,14 +42,14 @@ public class RoleController { @ApiOperation("获取单个role") @GetMapping(value = "/{id}") - @PreAuthorize("hasAnyRole('admin','ROLES_ALL','ROLES_SELECT')") + @PreAuthorize("@el.check('roles:list')") public ResponseEntity getRoles(@PathVariable Long id){ return new ResponseEntity<>(roleService.findById(id), HttpStatus.OK); } @ApiOperation("返回全部的角色") @GetMapping(value = "/all") - @PreAuthorize("hasAnyRole('admin','ROLES_ALL','user:all','user:add','user:edit')") + @PreAuthorize("@el.check('roles:list','user:add','user:edit')") public ResponseEntity getAll(@PageableDefault(value = 2000, sort = {"level"}, direction = Sort.Direction.ASC) Pageable pageable){ return new ResponseEntity<>(roleService.queryAll(pageable),HttpStatus.OK); } @@ -57,7 +57,7 @@ public class RoleController { @Log("查询角色") @ApiOperation("查询角色") @GetMapping - @PreAuthorize("hasAnyRole('admin','ROLES_ALL','ROLES_SELECT')") + @PreAuthorize("@el.check('roles:list')") public ResponseEntity getRoles(RoleQueryCriteria criteria, Pageable pageable){ return new ResponseEntity<>(roleService.queryAll(criteria,pageable),HttpStatus.OK); } @@ -72,7 +72,7 @@ public class RoleController { @Log("新增角色") @ApiOperation("新增角色") @PostMapping - @PreAuthorize("hasAnyRole('admin','ROLES_ALL','ROLES_CREATE')") + @PreAuthorize("@el.check('roles:add')") public ResponseEntity create(@Validated @RequestBody Role resources){ if (resources.getId() != null) { throw new BadRequestException("A new "+ ENTITY_NAME +" cannot already have an ID"); @@ -83,25 +83,16 @@ public class RoleController { @Log("修改角色") @ApiOperation("修改角色") @PutMapping - @PreAuthorize("hasAnyRole('admin','ROLES_ALL','ROLES_EDIT')") + @PreAuthorize("@el.check('roles:edit')") public ResponseEntity update(@Validated(Role.Update.class) @RequestBody Role resources){ roleService.update(resources); return new ResponseEntity(HttpStatus.NO_CONTENT); } - @Log("修改角色权限") - @ApiOperation("修改角色权限") - @PutMapping(value = "/permission") - @PreAuthorize("hasAnyRole('admin','ROLES_ALL','ROLES_EDIT')") - public ResponseEntity updatePermission(@RequestBody Role resources){ - roleService.updatePermission(resources,roleService.findById(resources.getId())); - return new ResponseEntity(HttpStatus.NO_CONTENT); - } - @Log("修改角色菜单") @ApiOperation("修改角色菜单") @PutMapping(value = "/menu") - @PreAuthorize("hasAnyRole('admin','ROLES_ALL','ROLES_EDIT')") + @PreAuthorize("@el.check('roles:edit')") public ResponseEntity updateMenu(@RequestBody Role resources){ roleService.updateMenu(resources,roleService.findById(resources.getId())); return new ResponseEntity(HttpStatus.NO_CONTENT); @@ -110,7 +101,7 @@ public class RoleController { @Log("删除角色") @ApiOperation("删除角色") @DeleteMapping(value = "/{id}") - @PreAuthorize("hasAnyRole('admin','ROLES_ALL','ROLES_DELETE')") + @PreAuthorize("@el.check('roles:del')") public ResponseEntity delete(@PathVariable Long id){ try { roleService.delete(id); diff --git a/eladmin-system/src/main/java/me/zhengjie/modules/system/rest/UserController.java b/eladmin-system/src/main/java/me/zhengjie/modules/system/rest/UserController.java index 78bddc05..9dac0a48 100644 --- a/eladmin-system/src/main/java/me/zhengjie/modules/system/rest/UserController.java +++ b/eladmin-system/src/main/java/me/zhengjie/modules/system/rest/UserController.java @@ -60,7 +60,7 @@ public class UserController { @Log("导出用户数据") @ApiOperation("导出用户数据") @GetMapping(value = "/download") - @PreAuthorize("hasAnyRole('admin','user:all','user:select')") + @PreAuthorize("@el.check('user:list')") public void update(HttpServletResponse response, UserQueryCriteria criteria) throws IOException { userService.download(userService.queryAll(criteria), response); } @@ -68,26 +68,21 @@ public class UserController { @Log("查询用户") @ApiOperation("查询用户") @GetMapping - @PreAuthorize("hasAnyRole('admin','user:all','user:select')") + @PreAuthorize("@el.check('user:list')") public ResponseEntity getUsers(UserQueryCriteria criteria, Pageable pageable){ Set deptSet = new HashSet<>(); Set result = new HashSet<>(); - if (!ObjectUtils.isEmpty(criteria.getDeptId())) { deptSet.add(criteria.getDeptId()); deptSet.addAll(dataScope.getDeptChildren(deptService.findByPid(criteria.getDeptId()))); } - // 数据权限 Set deptIds = dataScope.getDeptIds(); - // 查询条件不为空并且数据权限不为空则取交集 if (!CollectionUtils.isEmpty(deptIds) && !CollectionUtils.isEmpty(deptSet)){ - // 取交集 result.addAll(deptSet); result.retainAll(deptIds); - // 若无交集,则代表无数据权限 criteria.setDeptIds(result); if(result.size() == 0){ @@ -105,7 +100,7 @@ public class UserController { @Log("新增用户") @ApiOperation("新增用户") @PostMapping - @PreAuthorize("hasAnyRole('admin','user:all','user:add')") + @PreAuthorize("@el.check('user:add')") public ResponseEntity create(@Validated @RequestBody User resources){ checkLevel(resources); return new ResponseEntity<>(userService.create(resources),HttpStatus.CREATED); @@ -114,7 +109,7 @@ public class UserController { @Log("修改用户") @ApiOperation("修改用户") @PutMapping - @PreAuthorize("hasAnyRole('admin','user:all','user:edit')") + @PreAuthorize("@el.check('user:edit')") public ResponseEntity update(@Validated(User.Update.class) @RequestBody User resources){ checkLevel(resources); userService.update(resources); @@ -124,7 +119,7 @@ public class UserController { @Log("删除用户") @ApiOperation("删除用户") @DeleteMapping(value = "/{id}") - @PreAuthorize("hasAnyRole('admin','user:all','user:del')") + @PreAuthorize("@el.check('user:del')") public ResponseEntity delete(@PathVariable Long id){ Integer currentLevel = Collections.min(roleService.findByUsers_Id(SecurityUtils.getUserId()).stream().map(RoleSmallDTO::getLevel).collect(Collectors.toList())); Integer optLevel = Collections.min(roleService.findByUsers_Id(id).stream().map(RoleSmallDTO::getLevel).collect(Collectors.toList())); @@ -171,8 +166,6 @@ public class UserController { return new ResponseEntity(HttpStatus.OK); } - - /** * 如果当前用户的角色级别低于创建用户的角色级别,则抛出权限不足的错误 * @param resources / diff --git a/eladmin-system/src/main/java/me/zhengjie/modules/system/service/PermissionService.java b/eladmin-system/src/main/java/me/zhengjie/modules/system/service/PermissionService.java deleted file mode 100644 index e83b9df6..00000000 --- a/eladmin-system/src/main/java/me/zhengjie/modules/system/service/PermissionService.java +++ /dev/null @@ -1,32 +0,0 @@ -package me.zhengjie.modules.system.service; - -import me.zhengjie.modules.system.domain.Permission; -import me.zhengjie.modules.system.service.dto.PermissionDTO; -import me.zhengjie.modules.system.service.dto.PermissionQueryCriteria; -import java.util.List; -import java.util.Set; - -/** - * @author Zheng Jie - * @date 2018-12-08 - */ -public interface PermissionService { - - PermissionDTO findById(long id); - - PermissionDTO create(Permission resources); - - void update(Permission resources); - - void delete(Set permissions); - - Object getPermissionTree(List permissions); - - List findByPid(long pid); - - Object buildTree(List permissionDTOS); - - List queryAll(PermissionQueryCriteria criteria); - - Set getDeletePermission(List permissions, Set permissionSet); -} diff --git a/eladmin-system/src/main/java/me/zhengjie/modules/system/service/RoleService.java b/eladmin-system/src/main/java/me/zhengjie/modules/system/service/RoleService.java index c65be1fb..91ee0405 100644 --- a/eladmin-system/src/main/java/me/zhengjie/modules/system/service/RoleService.java +++ b/eladmin-system/src/main/java/me/zhengjie/modules/system/service/RoleService.java @@ -26,8 +26,6 @@ public interface RoleService { Integer findByRoles(Set roles); - void updatePermission(Role resources, RoleDTO roleDTO); - void updateMenu(Role resources, RoleDTO roleDTO); void untiedMenu(Long id); @@ -37,6 +35,4 @@ public interface RoleService { Object queryAll(RoleQueryCriteria criteria, Pageable pageable); List queryAll(RoleQueryCriteria criteria); - - void untiedPermission(Long id); } diff --git a/eladmin-system/src/main/java/me/zhengjie/modules/system/service/dto/PermissionDTO.java b/eladmin-system/src/main/java/me/zhengjie/modules/system/service/dto/PermissionDTO.java deleted file mode 100644 index 38a36076..00000000 --- a/eladmin-system/src/main/java/me/zhengjie/modules/system/service/dto/PermissionDTO.java +++ /dev/null @@ -1,28 +0,0 @@ -package me.zhengjie.modules.system.service.dto; - -import lombok.Getter; -import lombok.Setter; - -import java.sql.Timestamp; -import java.util.List; - -/** - * @author Zheng Jie - * @date 2018-12-03 - */ -@Getter -@Setter -public class PermissionDTO{ - - private Long id; - - private String name; - - private Long pid; - - private String alias; - - private List children; - - private Timestamp createTime; -} diff --git a/eladmin-system/src/main/java/me/zhengjie/modules/system/service/dto/PermissionQueryCriteria.java b/eladmin-system/src/main/java/me/zhengjie/modules/system/service/dto/PermissionQueryCriteria.java deleted file mode 100644 index 055b0ec4..00000000 --- a/eladmin-system/src/main/java/me/zhengjie/modules/system/service/dto/PermissionQueryCriteria.java +++ /dev/null @@ -1,15 +0,0 @@ -package me.zhengjie.modules.system.service.dto; - -import lombok.Data; -import me.zhengjie.annotation.Query; - -/** - * 公共查询类 - */ -@Data -public class PermissionQueryCriteria { - - // 多字段模糊 - @Query(blurry = "name,alias") - private String blurry; -} diff --git a/eladmin-system/src/main/java/me/zhengjie/modules/system/service/dto/RoleDTO.java b/eladmin-system/src/main/java/me/zhengjie/modules/system/service/dto/RoleDTO.java index 59417329..56da5449 100644 --- a/eladmin-system/src/main/java/me/zhengjie/modules/system/service/dto/RoleDTO.java +++ b/eladmin-system/src/main/java/me/zhengjie/modules/system/service/dto/RoleDTO.java @@ -26,8 +26,6 @@ public class RoleDTO{ private String permission; - private Set permissions; - private Set menus; private Set depts; diff --git a/eladmin-system/src/main/java/me/zhengjie/modules/system/service/impl/PermissionServiceImpl.java b/eladmin-system/src/main/java/me/zhengjie/modules/system/service/impl/PermissionServiceImpl.java deleted file mode 100644 index 552b3f20..00000000 --- a/eladmin-system/src/main/java/me/zhengjie/modules/system/service/impl/PermissionServiceImpl.java +++ /dev/null @@ -1,169 +0,0 @@ -package me.zhengjie.modules.system.service.impl; - -import me.zhengjie.modules.system.domain.Permission; -import me.zhengjie.exception.BadRequestException; -import me.zhengjie.exception.EntityExistException; -import me.zhengjie.modules.system.repository.PermissionRepository; -import me.zhengjie.modules.system.service.PermissionService; -import me.zhengjie.modules.system.service.RoleService; -import me.zhengjie.modules.system.service.dto.PermissionDTO; -import me.zhengjie.modules.system.service.dto.PermissionQueryCriteria; -import me.zhengjie.modules.system.service.mapper.PermissionMapper; -import me.zhengjie.utils.QueryHelp; -import me.zhengjie.utils.ValidationUtil; -import org.springframework.cache.annotation.CacheConfig; -import org.springframework.cache.annotation.CacheEvict; -import org.springframework.cache.annotation.Cacheable; -import org.springframework.data.domain.Sort; -import org.springframework.stereotype.Service; -import org.springframework.transaction.annotation.Propagation; -import org.springframework.transaction.annotation.Transactional; -import java.util.*; - -/** - * @author Zheng Jie - * @date 2018-12-03 - */ -@Service -@CacheConfig(cacheNames = "permission") -@Transactional(propagation = Propagation.SUPPORTS, readOnly = true, rollbackFor = Exception.class) -public class PermissionServiceImpl implements PermissionService { - - private final PermissionRepository permissionRepository; - - private final PermissionMapper permissionMapper; - - private final RoleService roleService; - - public PermissionServiceImpl(PermissionRepository permissionRepository, PermissionMapper permissionMapper, RoleService roleService) { - this.permissionRepository = permissionRepository; - this.permissionMapper = permissionMapper; - this.roleService = roleService; - } - - @Override - @Cacheable - public List queryAll(PermissionQueryCriteria criteria) { -// Sort sort = new Sort(Sort.Direction.DESC,"id"); - return permissionMapper.toDto(permissionRepository.findAll((root, criteriaQuery, criteriaBuilder) -> QueryHelp.getPredicate(root,criteria,criteriaBuilder))); - } - - @Override - @Cacheable(key = "#p0") - public PermissionDTO findById(long id) { - Permission permission = permissionRepository.findById(id).orElseGet(Permission::new); - ValidationUtil.isNull(permission.getId(),"Permission","id",id); - return permissionMapper.toDto(permission); - } - - @Override - @CacheEvict(allEntries = true) - @Transactional(rollbackFor = Exception.class) - public PermissionDTO create(Permission resources) { - if(permissionRepository.findByName(resources.getName()) != null){ - throw new EntityExistException(Permission.class,"name",resources.getName()); - } - return permissionMapper.toDto(permissionRepository.save(resources)); - } - - @Override - @CacheEvict(allEntries = true) - @Transactional(rollbackFor = Exception.class) - public void update(Permission resources) { - Permission permission = permissionRepository.findById(resources.getId()).orElseGet(Permission::new); - if(resources.getId().equals(resources.getPid())) { - throw new BadRequestException("上级不能为自己"); - } - ValidationUtil.isNull(permission.getId(),"Permission","id",resources.getId()); - - Permission permission1 = permissionRepository.findByName(resources.getName()); - - if(permission1 != null && !permission1.getId().equals(permission.getId())){ - throw new EntityExistException(Permission.class,"name",resources.getName()); - } - - permission.setName(resources.getName()); - permission.setAlias(resources.getAlias()); - permission.setPid(resources.getPid()); - permissionRepository.save(permission); - } - - @Override - public Set getDeletePermission(List permissions, Set permissionSet) { - // 递归找出待删除的菜单 - for (Permission permission : permissions) { - permissionSet.add(permission); - List permissionList = permissionRepository.findByPid(permission.getId()); - if(permissionList!=null && permissionList.size()!=0){ - getDeletePermission(permissionList, permissionSet); - } - } - return permissionSet; - } - - @Override - @CacheEvict(allEntries = true) - @Transactional(rollbackFor = Exception.class) - public void delete(Set permissions) { - for (Permission permission : permissions) { - roleService.untiedPermission(permission.getId()); - permissionRepository.delete(permission); - } - } - - @Override - @Cacheable(key = "'tree'") - public Object getPermissionTree(List permissions) { - List> list = new LinkedList<>(); - permissions.forEach(permission -> { - if (permission!=null){ - List permissionList = permissionRepository.findByPid(permission.getId()); - Map map = new HashMap<>(); - map.put("id",permission.getId()); - map.put("label",permission.getAlias()); - if(permissionList!=null && permissionList.size()!=0){ - map.put("children",getPermissionTree(permissionList)); - } - list.add(map); - } - } - ); - return list; - } - - @Override - @Cacheable(key = "'pid:'+#p0") - public List findByPid(long pid) { - return permissionRepository.findByPid(pid); - } - - @Override - @Cacheable - public Object buildTree(List permissionDTOS) { - - List trees = new ArrayList<>(); - - for (PermissionDTO permissionDTO : permissionDTOS) { - - if ("0".equals(permissionDTO.getPid().toString())) { - trees.add(permissionDTO); - } - - for (PermissionDTO it : permissionDTOS) { - if (it.getPid().equals(permissionDTO.getId())) { - if (permissionDTO.getChildren() == null) { - permissionDTO.setChildren(new ArrayList<>()); - } - permissionDTO.getChildren().add(it); - } - } - } - - Integer totalElements = permissionDTOS.size(); - - Map map = new HashMap<>(); - map.put("content",trees.size() == 0?permissionDTOS:trees); - map.put("totalElements",totalElements); - return map; - } -} diff --git a/eladmin-system/src/main/java/me/zhengjie/modules/system/service/impl/RoleServiceImpl.java b/eladmin-system/src/main/java/me/zhengjie/modules/system/service/impl/RoleServiceImpl.java index d1aaca57..2a1f1a2a 100644 --- a/eladmin-system/src/main/java/me/zhengjie/modules/system/service/impl/RoleServiceImpl.java +++ b/eladmin-system/src/main/java/me/zhengjie/modules/system/service/impl/RoleServiceImpl.java @@ -102,14 +102,6 @@ public class RoleServiceImpl implements RoleService { roleRepository.save(role); } - @Override - @CacheEvict(allEntries = true) - public void updatePermission(Role resources, RoleDTO roleDTO) { - Role role = roleMapper.toEntity(roleDTO); - role.setPermissions(resources.getPermissions()); - roleRepository.save(role); - } - @Override @CacheEvict(allEntries = true) public void updateMenu(Role resources, RoleDTO roleDTO) { @@ -125,13 +117,6 @@ public class RoleServiceImpl implements RoleService { roleRepository.untiedMenu(id); } - @Override - @CacheEvict(allEntries = true) - @Transactional(rollbackFor = Exception.class) - public void untiedPermission(Long id) { - roleRepository.untiedPermission(id); - } - @Override @CacheEvict(allEntries = true) @Transactional(rollbackFor = Exception.class) diff --git a/eladmin-system/src/main/java/me/zhengjie/modules/system/service/mapper/PermissionMapper.java b/eladmin-system/src/main/java/me/zhengjie/modules/system/service/mapper/PermissionMapper.java deleted file mode 100644 index 6d8f32f2..00000000 --- a/eladmin-system/src/main/java/me/zhengjie/modules/system/service/mapper/PermissionMapper.java +++ /dev/null @@ -1,16 +0,0 @@ -package me.zhengjie.modules.system.service.mapper; - -import me.zhengjie.modules.system.domain.Permission; -import me.zhengjie.base.BaseMapper; -import me.zhengjie.modules.system.service.dto.PermissionDTO; -import org.mapstruct.Mapper; -import org.mapstruct.ReportingPolicy; - -/** - * @author Zheng Jie - * @date 2018-11-23 - */ -@Mapper(componentModel = "spring",unmappedTargetPolicy = ReportingPolicy.IGNORE) -public interface PermissionMapper extends BaseMapper { - -} diff --git a/eladmin-system/src/main/java/me/zhengjie/modules/system/service/mapper/RoleMapper.java b/eladmin-system/src/main/java/me/zhengjie/modules/system/service/mapper/RoleMapper.java index 248b1ed0..d1533b0c 100644 --- a/eladmin-system/src/main/java/me/zhengjie/modules/system/service/mapper/RoleMapper.java +++ b/eladmin-system/src/main/java/me/zhengjie/modules/system/service/mapper/RoleMapper.java @@ -10,7 +10,7 @@ import org.mapstruct.ReportingPolicy; * @author Zheng Jie * @date 2018-11-23 */ -@Mapper(componentModel = "spring", uses = {PermissionMapper.class, MenuMapper.class, DeptMapper.class}, unmappedTargetPolicy = ReportingPolicy.IGNORE) +@Mapper(componentModel = "spring", uses = {MenuMapper.class, DeptMapper.class}, unmappedTargetPolicy = ReportingPolicy.IGNORE) public interface RoleMapper extends BaseMapper { } diff --git a/eladmin-system/src/main/resources/template/generator/admin/Controller.ftl b/eladmin-system/src/main/resources/template/generator/admin/Controller.ftl index 2734a481..7d4ada7e 100644 --- a/eladmin-system/src/main/resources/template/generator/admin/Controller.ftl +++ b/eladmin-system/src/main/resources/template/generator/admin/Controller.ftl @@ -30,7 +30,7 @@ public class ${className}Controller { @GetMapping @Log("查询${className}") @ApiOperation("查询${className}") - @PreAuthorize("hasAnyRole('admin','${upperCaseClassName}_ALL','${upperCaseClassName}_SELECT')") + @PreAuthorize("@el.check('${changeClassName}:list'") public ResponseEntity get${className}s(${className}QueryCriteria criteria, Pageable pageable){ return new ResponseEntity<>(${changeClassName}Service.queryAll(criteria,pageable),HttpStatus.OK); } @@ -38,7 +38,7 @@ public class ${className}Controller { @PostMapping @Log("新增${className}") @ApiOperation("新增${className}") - @PreAuthorize("hasAnyRole('admin','${upperCaseClassName}_ALL','${upperCaseClassName}_CREATE')") + @PreAuthorize("@el.check('${changeClassName}:add')") public ResponseEntity create(@Validated @RequestBody ${className} resources){ return new ResponseEntity<>(${changeClassName}Service.create(resources),HttpStatus.CREATED); } @@ -46,7 +46,7 @@ public class ${className}Controller { @PutMapping @Log("修改${className}") @ApiOperation("修改${className}") - @PreAuthorize("hasAnyRole('admin','${upperCaseClassName}_ALL','${upperCaseClassName}_EDIT')") + @PreAuthorize("@el.check('${changeClassName}:edit')") public ResponseEntity update(@Validated @RequestBody ${className} resources){ ${changeClassName}Service.update(resources); return new ResponseEntity(HttpStatus.NO_CONTENT); @@ -55,7 +55,7 @@ public class ${className}Controller { @DeleteMapping(value = "/{${pkChangeColName}}") @Log("删除${className}") @ApiOperation("删除${className}") - @PreAuthorize("hasAnyRole('admin','${upperCaseClassName}_ALL','${upperCaseClassName}_DELETE')") + @PreAuthorize("@el.check('${changeClassName}:del')") public ResponseEntity delete(@PathVariable ${pkColumnType} ${pkChangeColName}){ ${changeClassName}Service.delete(${pkChangeColName}); return new ResponseEntity(HttpStatus.OK); diff --git a/eladmin-system/src/main/resources/template/generator/front/index.ftl b/eladmin-system/src/main/resources/template/generator/front/index.ftl index c5e6ab88..725a8cbe 100644 --- a/eladmin-system/src/main/resources/template/generator/front/index.ftl +++ b/eladmin-system/src/main/resources/template/generator/front/index.ftl @@ -14,7 +14,7 @@
- +