添加satoken权限控制

guoyuji

2024-04-28 cf781983869a96d92069b20f6d2dfd4287d541fc

添加satoken权限控制

 north-glass-erp/northglass-erp/src/layout/MainErpView.vue

@@ -15,12 +15,17 @@
const store=userInfo()

const router = useRouter()
const user = null
const userStore = useUserInfoStore()
const user = userStore.user.userName
watch(()=>userStore.responseCode,(newVal) => {
    switch (newVal){
      case 401:{
        ElMessage.warning(t('error.Code_401'))
        if(userStore.msg.split('.')[1] === 'search'){
          router.push({path:'/main/order/notPermission'});
        }else{
          ElMessage.warning(t('error.Code_401'))
        }
        userStore.responseCode=null
        break
      }
      case 402:{
@@ -34,7 +39,7 @@
    }
  }
)
//userStore.user.userName

store.createWebSocket();
function quit(){
  userStore.$patch({

 north-glass-erp/northglass-erp/src/router/index.js

@@ -82,6 +82,11 @@
          component: () => import('../views/sd/order/Order.vue'),
          children:[
            {
              path: 'notPermission',
              name: 'notPermission',
              component: () => import('../views/sd/order/NotPermission.vue'),
            },
            {
              path: 'selectOrder',
              name: 'selectOrder',
              component: () => import('../views/sd/order/SelectOrder.vue'),

 north-glass-erp/northglass-erp/src/stores/userInfo.js

@@ -8,14 +8,16 @@
                userName:null,
                userId:null
            }),
            responseCode:null
            responseCode:null,
            msg:null
    }),
    actions:{
        createWebSocket(){
            createWebSocket(global_callback1)
        },
        setResponseCode(cede){
        setResponseCode(cede,msg){
            this.responseCode=cede
            this.msg = msg
        }

    },

 north-glass-erp/northglass-erp/src/utils/request.js

@@ -29,7 +29,7 @@
    response => {
        let res = response.data
        //传递报错信息，把报错信息传递到pinia中
        userStore.setResponseCode(parseInt(res.code))
        userStore.setResponseCode(parseInt(res.code),res.msg)
        if(res.code!=='200'){
            return Promise.reject(res.code)
        }

 north-glass-erp/northglass-erp/src/views/LoginView.vue

@@ -58,11 +58,10 @@
          userForm).then((res) => {
        if(res['code']==200 && res['data']){
          store.$patch({user:res.data})

          router.push('/main')
          ElMessage.success(t('login.loginSuccessful'))
        } else {
          ElMessage.error(res['msg'])
          ElMessage.error(t('login.loginErr'))
          loginLoadings.value=false
          return false
        }

 north-glass-erp/northglass-erp/src/views/RegisterView.vue

@@ -15,7 +15,7 @@
  const register = reactive({
    userName: '',
    // loginName: '',
    passWord: '',
    password: '',
    confirmPassword:''
  })

@@ -43,7 +43,7 @@
  const checkConfirmPassword = (rule: any, value: any, callback: any) => {
    if (value.trim() === '') {
      callback(new Error('确认密码不能为空'))
    }else if(value !== register.passWord){
    }else if(value !== register.password){
      callback(new Error('两次密码不相同'))
    }else if(value.length>16 || value.length<6){
      callback(new Error('密码长度不能低于6或超过16'))
@@ -55,7 +55,7 @@
  const ruleFormRef  = ref<FormInstance>()
  const rules = reactive<FormRules<typeof register>>({
    userName: [{ validator: checkName, trigger: 'blur' }],
    passWord:[{ validator: checkPassword, trigger: 'blur' }],
    password:[{ validator: checkPassword, trigger: 'blur' }],
    confirmPassword:[{ validator: checkConfirmPassword, trigger: 'blur' }],
    // loginName: [{ validator: validateString, trigger: 'blur' }]
  })
@@ -65,7 +65,7 @@
    formEl.validate((valid) => {
      if (valid) {
        loginLoadings.value=true
        register.passWord = btoa(register.passWord)
        register.password = btoa(register.password)
        request.post('/user/register',
            register).then((res) => {
          if(res['code']==200){
@@ -131,8 +131,8 @@
<!--        <el-form-item label="登陆名：" prop="loginName">-->
<!--          <el-input v-model="register.loginName" />-->
<!--        </el-form-item>-->
        <el-form-item label="密码：" prop="passWord">
          <el-input type="password" v-model="register.passWord" />
        <el-form-item label="密码：" prop="password">
          <el-input type="password" v-model="register.password" />
        </el-form-item>
        <el-form-item label="确认密码：" prop="confirmPassword">
          <el-input type="password" v-model="register.confirmPassword" />

 north-glass-erp/northglass-erp/src/views/sd/order/CreateOrder.vue

@@ -517,7 +517,11 @@
  request.post(`/order/cancelOrder/${titleUploadData.value.orderId}`).then((res) =>{
    if (res.code== 200){
      ElMessage.success(t('order.msg.updateOrderState'))
      router.push({path:'/main/order/createOrder',query:{orderId:titleUploadData.value.orderId,random:Math.random()}})
      router.push({
        path:'/main/order/createOrder',
        query:{
          orderId:titleUploadData.value.orderId,
          random:Math.random()}})
    }else{
      ElMessage.error(res.msg)
    }

 north-glass-erp/northglass-erp/src/views/sd/order/NotPermission.vue

New file
@@ -0,0 +1,13 @@
<script setup>

</script>

<template>
<div>
  无此页面权限
</div>
</template>

<style scoped>

</style>

 north-glass-erp/src/main/java/com/example/erp/config/StpInterfaceImpl.java

@@ -43,11 +43,6 @@
     */
    @Override
    public List<String> getRoleList(Object loginId, String loginType) {
        // 本list仅做模拟，实际项目中要根据具体业务逻辑来查询角色
        List<String> list = new ArrayList<String>();
        list.add("admin");
        list.add("super-admin");
        list.add("tao");
        return list;
        return permissionRoleService.getUserRole(Integer.parseInt((String) loginId));
    }
}

 north-glass-erp/src/main/java/com/example/erp/controller/sd/OrderController.java

@@ -1,5 +1,6 @@
package com.example.erp.controller.sd;

import cn.dev33.satoken.annotation.SaCheckPermission;
import com.example.erp.common.Constants;
import com.example.erp.common.Result;
import com.example.erp.entity.sd.Order;
@@ -40,6 +41,7 @@
        }
    }
    @ApiOperation("订单分页筛选查询")
    @SaCheckPermission("selectOrder.search")
    @PostMapping("/getOrderList/{pageNum}/{pageSize}/{orderType}/{selectDate}")
    public Result getOrderList(@PathVariable Integer pageNum, @PathVariable Integer pageSize,@PathVariable Integer orderType, @PathVariable List<String> selectDate, @RequestBody Order order)  {
        return Result.seccess(orderService.getOrderList(pageNum, pageSize, selectDate, order,orderType));

 north-glass-erp/src/main/java/com/example/erp/entity/userInfo/User.java

@@ -14,7 +14,6 @@
    private  String userName;
    private  String address;
    private  String phone;
    private  Integer roleId;
    private  String createTime;
    private  String updateTime;
    private  Integer state;

 north-glass-erp/src/main/java/com/example/erp/exception/GlobalExceptionHandle.java

@@ -9,6 +9,8 @@
import org.springframework.web.bind.annotation.ExceptionHandler;
import org.springframework.web.bind.annotation.ResponseBody;

import java.util.Arrays;

@ControllerAdvice
public class GlobalExceptionHandle {
    /**
@@ -23,7 +25,7 @@
    @ExceptionHandler(NotPermissionException.class)
    @ResponseBody
    public Result handlerException(NotPermissionException e) {
        return Result.error(Constants.Code_401,"This user has no permission to access this resource");
        return Result.error(Constants.Code_401,e.getPermission());
    }

    // 拦截：未登录异常

 north-glass-erp/src/main/java/com/example/erp/mapper/userInfo/PermissionRoleMapper.java

@@ -1,10 +1,12 @@
package com.example.erp.mapper.userInfo;

import com.baomidou.mybatisplus.core.mapper.BaseMapper;
import com.example.erp.entity.userInfo.PermissionRole;
import org.apache.ibatis.annotations.Mapper;

import java.util.List;

@Mapper
public interface PermissionRoleMapper {
public interface PermissionRoleMapper extends BaseMapper<PermissionRole> {
    List<String> getUserPermission(Integer loginId);
}

 north-glass-erp/src/main/java/com/example/erp/mapper/userInfo/UserMapper.java

@@ -26,4 +26,6 @@


    Boolean register(User user);

    List<String> getUserRole(Integer id);
}

 north-glass-erp/src/main/java/com/example/erp/service/userInfo/PermissionRoleService.java

@@ -2,7 +2,7 @@

import com.baomidou.dynamic.datasource.annotation.DS;
import com.example.erp.mapper.userInfo.PermissionRoleMapper;
import org.springframework.beans.factory.annotation.Autowired;
import com.example.erp.mapper.userInfo.UserMapper;
import org.springframework.stereotype.Service;

import java.util.List;
@@ -11,13 +11,19 @@
@Service
public class PermissionRoleService {
    private final PermissionRoleMapper permissionRoleMapper;
    private final UserMapper userMapper;

    public PermissionRoleService(PermissionRoleMapper permissionRoleMapper) {
    public PermissionRoleService(PermissionRoleMapper permissionRoleMapper, UserMapper userMapper) {
        this.permissionRoleMapper = permissionRoleMapper;
        this.userMapper = userMapper;
    }

    public List<String> getUserPermission(Integer loginId) {
        // 调用数据库查询用户权限
        return permissionRoleMapper.getUserPermission(loginId);
    }

    public List<String> getUserRole(Integer id) {
        return userMapper.getUserRole(id);
    }
}

 north-glass-erp/src/main/resources/mapper/userInfo/PermissionRoleMapper.xml

New file
@@ -0,0 +1,25 @@
<?xml version="1.0" encoding="UTF-8" ?>
<!DOCTYPE mapper
        PUBLIC "-//mybatis.org//DTD Mapper 3.0//EN"
        "http://mybatis.org/dtd/mybatis-3-mapper.dtd">
<mapper namespace="com.example.erp.mapper.userInfo.PermissionRoleMapper">
    <select id="getUserPermission">
        select
            concat(
                if(d.page=null || d.page='','',concat(d.page, '.')),
                d.permission
                ) as 'permission'
        from user as a
        left join user_role as e
            on e.user_id = a.id
        left join role as b
            on e.role_id = b.id
        left join permission_role as c
            on b.id = c.role_id
        left join permission_basic d
            on  d.id = c.permission_id
        where a.id = #{loginId}
            and d.state = 1
    </select>

</mapper>

 north-glass-erp/src/main/resources/mapper/userInfo/User.xml

@@ -24,7 +24,20 @@
        insert erp_user_info.user
            (password,user_name)
        values (
                 #{passWord} ,#{userName}
                 #{password} ,#{userName}
               )
    </insert>

    <select id="getUserRole">
        SELECT
            c.role
        from
            user as a
        left join user_role as b
            on a.id = b.user_id
        left join role as c
            on b.role_id = c.id
        where a.id = #{loginId}

    </select>
</mapper>

 north-glass-erp/target/classes/mapper/userInfo/User.xml

@@ -24,7 +24,20 @@
        insert erp_user_info.user
            (password,user_name)
        values (
                 #{passWord} ,#{userName}
                 #{password} ,#{userName}
               )
    </insert>

    <select id="getUserRole">
        SELECT
            c.role
        from
            user as a
        left join user_role as b
            on a.id = b.user_id
        left join role as c
            on b.role_id = c.id
        where a.id = #{loginId}

    </select>
</mapper>