梁超
2 tygodni temu
7 zmienionych plików z 133 dodań i 6 usunięć
+ 3
- 1
gly-base-core/src/main/java/cn/com/taiji/core/repo/jpa/user/UserPermRepo.java
Wyświetl plik
| @@ -2,7 +2,6 @@ package cn.com.taiji.core.repo.jpa.user; | |||
| import cn.com.taiji.common.repo.jpa.AbstractJpaRepo; | |||
| import cn.com.taiji.core.entity.dict.user.RbacStatus; | |||
| import cn.com.taiji.core.entity.user.UserMenu; | |||
| import cn.com.taiji.core.entity.user.UserPerm; | |||
| import org.springframework.data.jpa.repository.Query; | |||
| @@ -67,4 +66,7 @@ public interface UserPermRepo extends AbstractJpaRepo<UserPerm, String> { | |||
| @Query(value = " from UserPerm where status='ENABLE' and id in ( select permId from UserRoleMenuPerm where roleId in (?1)) ") | |||
| List<UserPerm> listBy(List<String> roleIds); | |||
| @Query(value = " from UserPerm where status='ENABLE' and id in ( select permId from UserRoleMenuPerm where roleId in (?1) and menuId=?2) ") | |||
| List<UserPerm> listBy(List<String> roleIds, String menuId); | |||
| } | |||
+ 13
- 2
zhywpt-app-userw/src/main/java/cn/com/taiji/userw/api/rbac/RabcSystemTypeController.java
Wyświetl plik
| @@ -6,6 +6,7 @@ import cn.com.taiji.common.web.ApiResponse; | |||
| import cn.com.taiji.userw.api.MyValidController; | |||
| import cn.com.taiji.userw.dto.rbac.*; | |||
| import cn.com.taiji.userw.manager.rbac.RbacMenuManger; | |||
| import cn.com.taiji.userw.manager.rbac.RbacPermManager; | |||
| import cn.com.taiji.userw.manager.rbac.RbacSystemTypeManager; | |||
| import io.swagger.annotations.Api; | |||
| import io.swagger.annotations.ApiOperation; | |||
| @@ -15,6 +16,7 @@ import org.springframework.web.bind.annotation.RequestMapping; | |||
| import org.springframework.web.bind.annotation.RestController; | |||
| import javax.annotation.Resource; | |||
| import javax.validation.Valid; | |||
| /** | |||
| * @Author ChenChao | |||
| @@ -29,6 +31,8 @@ public class RabcSystemTypeController extends MyValidController { | |||
| @Resource | |||
| private RbacMenuManger rbacMenuManger; | |||
| @Resource | |||
| private RbacPermManager rbacPermManger; | |||
| @Resource | |||
| private RbacSystemTypeManager rbacSystemTypeManager; | |||
| @ApiOperation(value = "根据系统类型获取菜单列表") | |||
| @@ -47,13 +51,20 @@ public class RabcSystemTypeController extends MyValidController { | |||
| @ApiOperation(value = "根据系统类别获取所属系统列表") | |||
| @PostMapping(value = "/systemTypeByAccountRole") | |||
| public ApiResponse<RbacSystemTypeByOpenIdResponseDTO> systemTypeByAccountRole(@RequestBody RbacSystemTypeByOpenIdRequestDTO dto) throws ServiceHandleException { | |||
| return ApiResponse.of(rbacSystemTypeManager.systemTypeByOpneId(dto)).setMessage("获取小程序系统下的所有角色成功"); | |||
| return ApiResponse.of(rbacSystemTypeManager.systemTypeByOpneId(dto)).setMessage("操作成功"); | |||
| } | |||
| @ApiOperation(value = "根据系统类型和openId获取菜单列表") | |||
| @PostMapping(value = "/menuListBySystemTypeAndOpenId") | |||
| public ApiResponse<RbacMenuListBySystemTypeAndOpenIdResponseDTO> systemTypeByAccountRole(@RequestBody RbacMenuListBySystemTypeAndOpenIdRequestDTO dto) throws ServiceHandleException { | |||
| return ApiResponse.of(rbacMenuManger.menuListBySystemTypeAndOpenId(dto)).setMessage("获取小程序系统下的所有角色成功"); | |||
| return ApiResponse.of(rbacMenuManger.menuListBySystemTypeAndOpenId(dto)).setMessage("操作成功"); | |||
| } | |||
| @ApiOperation(value = "根据openId和菜单id,获取用户在该菜单下的权限标识") | |||
| @PostMapping(value = "/permsByOpenIdAndMenuId") | |||
| public ApiResponse<RbacPermListByOpenIdAndMenuIdResponseDTO> permsByOpenIdAndMenuId(@Valid @RequestBody RbacPermListByOpenIdAndMenuIdRequestDTO dto) throws ManagerException { | |||
| RbacPermListByOpenIdAndMenuIdResponseDTO res = rbacPermManger.listByOpenIdAndMenuId(dto); | |||
| return ApiResponse.of(res).setMessage("操作成功"); | |||
| } | |||
| } | |||
+ 16
- 0
zhywpt-app-userw/src/main/java/cn/com/taiji/userw/dto/rbac/RbacPermListByOpenIdAndMenuIdRequestDTO.java
Wyświetl plik
| @@ -0,0 +1,16 @@ | |||
| package cn.com.taiji.userw.dto.rbac; | |||
| import cn.com.taiji.core.dto.AbstractBizRequestDTO; | |||
| import lombok.Getter; | |||
| import lombok.Setter; | |||
| import lombok.experimental.Accessors; | |||
| import javax.validation.constraints.NotBlank; | |||
| @Getter | |||
| @Setter | |||
| @Accessors(chain = true) | |||
| public class RbacPermListByOpenIdAndMenuIdRequestDTO extends AbstractBizRequestDTO { | |||
| @NotBlank(message = "菜单id不能为空") | |||
| private String menuId; | |||
| } | |||
+ 15
- 0
zhywpt-app-userw/src/main/java/cn/com/taiji/userw/dto/rbac/RbacPermListByOpenIdAndMenuIdResponseDTO.java
Wyświetl plik
| @@ -0,0 +1,15 @@ | |||
| package cn.com.taiji.userw.dto.rbac; | |||
| import cn.com.taiji.common.model.BaseModel; | |||
| import lombok.Getter; | |||
| import lombok.Setter; | |||
| import lombok.experimental.Accessors; | |||
| import java.util.List; | |||
| @Getter | |||
| @Setter | |||
| @Accessors(chain = true) | |||
| public class RbacPermListByOpenIdAndMenuIdResponseDTO extends BaseModel { | |||
| private List<String> data; | |||
| } | |||
+ 3
- 3
zhywpt-app-userw/src/main/java/cn/com/taiji/userw/manager/rbac/RbacMenuMangerImpl.java
Wyświetl plik
| @@ -30,9 +30,9 @@ import java.util.stream.Collectors; | |||
| @Service | |||
| public class RbacMenuMangerImpl extends RedisCacheManager implements RbacMenuManger { | |||
| private final static String appBaseRoleId = "d1eb3eebfac846d39aea7d39aea7s365"; | |||
| private final static String miniProgramBaseRoleId = "d1eb3eebfac846d39aea7d39aea7s124"; | |||
| private final static String zfbMiniProgramBaseRoleId = "7acb029592c84738a8f509af6e179ffc"; | |||
| private final String appBaseRoleId = "d1eb3eebfac846d39aea7d39aea7s365"; | |||
| private final String miniProgramBaseRoleId = "d1eb3eebfac846d39aea7d39aea7s124"; | |||
| private final String zfbMiniProgramBaseRoleId = "7acb029592c84738a8f509af6e179ffc"; | |||
| @Resource | |||
| private AccountUserRoleRepo accountUserRoleRepo; | |||
+ 9
- 0
zhywpt-app-userw/src/main/java/cn/com/taiji/userw/manager/rbac/RbacPermManager.java
Wyświetl plik
| @@ -0,0 +1,9 @@ | |||
| package cn.com.taiji.userw.manager.rbac; | |||
| import cn.com.taiji.common.manager.net.http.ServiceHandleException; | |||
| import cn.com.taiji.userw.dto.rbac.RbacPermListByOpenIdAndMenuIdRequestDTO; | |||
| import cn.com.taiji.userw.dto.rbac.RbacPermListByOpenIdAndMenuIdResponseDTO; | |||
| public interface RbacPermManager { | |||
| RbacPermListByOpenIdAndMenuIdResponseDTO listByOpenIdAndMenuId(RbacPermListByOpenIdAndMenuIdRequestDTO dto) throws ServiceHandleException; | |||
| } | |||
+ 74
- 0
zhywpt-app-userw/src/main/java/cn/com/taiji/userw/manager/rbac/RbacPermManagerImpl.java
Wyświetl plik
| @@ -0,0 +1,74 @@ | |||
| package cn.com.taiji.userw.manager.rbac; | |||
| import cn.com.taiji.common.manager.net.http.ServiceHandleException; | |||
| import cn.com.taiji.core.entity.dict.basic.SourceType; | |||
| import cn.com.taiji.core.entity.dict.user.SystemType; | |||
| import cn.com.taiji.core.entity.user.UserMenu; | |||
| import cn.com.taiji.core.entity.user.UserPerm; | |||
| import cn.com.taiji.core.manager.cache.RedisCacheManager; | |||
| import cn.com.taiji.core.model.comm.protocol.valid.GlyServiceError; | |||
| import cn.com.taiji.core.repo.jpa.user.AccountUserRoleRepo; | |||
| import cn.com.taiji.core.repo.jpa.user.UserMenuRepo; | |||
| import cn.com.taiji.core.repo.jpa.user.UserPermRepo; | |||
| import cn.com.taiji.userw.dto.rbac.RbacPermListByOpenIdAndMenuIdRequestDTO; | |||
| import cn.com.taiji.userw.dto.rbac.RbacPermListByOpenIdAndMenuIdResponseDTO; | |||
| import com.google.common.collect.Lists; | |||
| import org.springframework.stereotype.Service; | |||
| import javax.annotation.Resource; | |||
| import java.util.List; | |||
| import java.util.stream.Collectors; | |||
| @Service | |||
| public class RbacPermManagerImpl extends RedisCacheManager implements RbacPermManager { | |||
| private final String appBaseRoleId = "d1eb3eebfac846d39aea7d39aea7s365"; | |||
| private final String miniProgramBaseRoleId = "d1eb3eebfac846d39aea7d39aea7s124"; | |||
| private final String zfbMiniProgramBaseRoleId = "7acb029592c84738a8f509af6e179ffc"; | |||
| @Resource | |||
| private AccountUserRoleRepo accountUserRoleRepo; | |||
| @Resource | |||
| private UserMenuRepo userMenuRepo; | |||
| @Resource | |||
| private UserPermRepo userPermRepo; | |||
| @Override | |||
| public RbacPermListByOpenIdAndMenuIdResponseDTO listByOpenIdAndMenuId(RbacPermListByOpenIdAndMenuIdRequestDTO dto) throws ServiceHandleException { | |||
| String openId = findOpenIdByToken(dto.getAccessToken()); | |||
| UserMenu menu = userMenuRepo.findMenuById(dto.getMenuId()); | |||
| if (menu == null) throw GlyServiceError.BUSINESS_VALIDATE_ERR.toHandleException("菜单不存在"); | |||
| SourceType loginSource = SourceType.findByCode(dto.getLoginSource()); | |||
| if (loginSource == null) throw GlyServiceError.BUSINESS_VALIDATE_ERR.toHandleException("来源错误"); | |||
| if (!isMatch(loginSource, menu.getSystemType())) | |||
| throw GlyServiceError.BUSINESS_VALIDATE_ERR.toHandleException("登录来源方与菜单所属系统不匹配,请核实入参!"); | |||
| List<String> roleIds = accountUserRoleRepo.findRoleByOpenIdAndSystemType(openId, menu.getSystemType()); | |||
| if (isEmpty(roleIds)) | |||
| throw GlyServiceError.BUSINESS_VALIDATE_ERR.toHandleException("该账号在该系统中没有分配角色,无法访问该系统!"); | |||
| if (loginSource == SourceType.SERVICE_HALL) roleIds.add(appBaseRoleId);// APP | |||
| if (loginSource == SourceType.WECHAT) roleIds.add(miniProgramBaseRoleId);// 微信小程序 | |||
| if (loginSource == SourceType.ALI) roleIds.add(zfbMiniProgramBaseRoleId);// 支付宝小程序 | |||
| if (loginSource == SourceType.WEB && roleIds.size() > 1) | |||
| throw GlyServiceError.BUSINESS_VALIDATE_ERR.toHandleException("该账号在一个系统中只能分配一个角色,该账户在该系统中分配了多个角色,暂时无法访问,请联系管理员处理!"); | |||
| List<UserPerm> perms = userPermRepo.listBy(roleIds, menu.getId()); | |||
| List<String> permIdentitys = perms.stream().map(UserPerm::getPermIdentity).distinct().collect(Collectors.toList()); | |||
| RbacPermListByOpenIdAndMenuIdResponseDTO res = new RbacPermListByOpenIdAndMenuIdResponseDTO(); | |||
| res.setData(permIdentitys); | |||
| return res; | |||
| } | |||
| private boolean isMatch(SourceType loginSource, SystemType systemType) { | |||
| switch (loginSource) { | |||
| case SERVICE_HALL: | |||
| return systemType == SystemType.APP; | |||
| case ALI: | |||
| return systemType == SystemType.ZFB_MINI_PROGRAM; | |||
| case WECHAT: | |||
| return systemType == SystemType.MINI_PROGRAM; | |||
| case WEB: | |||
| return !Lists.newArrayList(SystemType.APP, SystemType.ZFB_MINI_PROGRAM, SystemType.MINI_PROGRAM).contains(systemType); | |||
| default: | |||
| return false; | |||
| } | |||
| } | |||
| } | |||
Ładowanie…