派生自 HangZhouMes
hangzhoumesParent/common/servicebase/src/main/java/com/mes/common/config/Const.java
New file @@ -0,0 +1,11 @@ package com.mes.common.config; /** * @Author : zhoush * @Date: 2024/4/24 10:33 * @Description: */ public class Const { public static final String DEFULT_PASSWORD = "123456"; public static final Long DEFULT_ROLE = 1L; } hangzhoumesParent/common/springsecurity/src/main/java/com/mes/base/BaseController.java
New file @@ -0,0 +1,53 @@ package com.mes.base; import com.baomidou.mybatisplus.extension.plugins.pagination.Page; import com.mes.common.utils.RedisUtil; import com.mes.menu.service.SysMenuService; import com.mes.role.service.SysRoleMenuService; import com.mes.role.service.SysRoleService; import com.mes.userinfo.service.SysUserRoleService; import com.mes.userinfo.service.SysUserService; import org.springframework.beans.factory.annotation.Autowired; import org.springframework.web.bind.ServletRequestUtils; import javax.servlet.http.HttpServletRequest; /** * @Author : zhoush * @Date: 2024/4/24 10:00 * @Description: */ public class BaseController { @Autowired public HttpServletRequest req; @Autowired public RedisUtil redisUtil; @Autowired public SysUserService sysUserService; @Autowired public SysRoleService sysRoleService; @Autowired public SysMenuService sysMenuService; @Autowired public SysUserRoleService sysUserRoleService; @Autowired public SysRoleMenuService sysRoleMenuService; /** * 获取页面 * * @return */ public Page getPage() { int current = ServletRequestUtils.getIntParameter(req, "cuurent", 1); int size = ServletRequestUtils.getIntParameter(req, "size", 10); return new Page(current, size); } } hangzhoumesParent/common/springsecurity/src/main/java/com/mes/menu/controller/SysMenuController.java
@@ -1,16 +1,23 @@ package com.mes.menu.controller; import cn.hutool.core.map.MapUtil; import com.baomidou.mybatisplus.core.conditions.query.QueryWrapper; import com.mes.base.BaseController; import com.mes.menu.entity.SysMenu; import com.mes.menu.service.SysMenuService; import com.mes.role.entity.SysRoleMenu; import com.mes.userinfo.entity.SysUser; import com.mes.utils.Result; import io.swagger.annotations.ApiModel; import io.swagger.annotations.ApiOperation; import org.springframework.beans.factory.annotation.Autowired; import org.springframework.web.bind.annotation.GetMapping; import org.springframework.web.bind.annotation.RequestMapping; import org.springframework.web.bind.annotation.RestController; import org.springframework.security.access.prepost.PreAuthorize; import org.springframework.util.StringUtils; import org.springframework.validation.annotation.Validated; import org.springframework.web.bind.annotation.*; import java.time.LocalDateTime; import java.util.List; /** @@ -24,16 +31,102 @@ @ApiModel("获取菜单信息") @RestController @RequestMapping("/menu/sysMenu") public class SysMenuController { public class SysMenuController extends BaseController { @Autowired SysMenuService sysMenuService; @ApiOperation("获取用户有权限的所有菜单") @GetMapping("/list") public Result<List<SysMenu>> getMenuTree() { public Result<List<SysMenu>> getMenuTree(String userName) { return Result.success(sysMenuService.getMenuTree()); } @ApiOperation("获取用户的权限") @GetMapping("/getAuthorityInfo") public Result<List<String>> getAuthorityInfo(String userName) { return Result.success(sysMenuService.getAuthorityInfo(userName)); } /** * 用户当前用户的菜单和权限信息 * * @param userName * @return */ @GetMapping("/nav") public Result nav(String userName) { SysUser sysUser = sysUserService.getByUsername(userName); // 获取权限信息 String authorityInfo = sysUserService.getUserAuthorityInfo(sysUser.getId());// ROLE_admin,ROLE_normal,sys:user:list,.... String[] authorityInfoArray = StringUtils.tokenizeToStringArray(authorityInfo, ","); // 获取导航栏信息 List<SysMenuDto> navs = sysMenuService.getCurrentUserNav(); return Result.success(MapUtil.builder() .put("authoritys", authorityInfoArray) .put("nav", navs) .map() ); } @GetMapping("/info/{id}") @PreAuthorize("hasAuthority('sys:menu:list')") public Result info(@PathVariable(name = "id") Long id) { return Result.success(sysMenuService.getById(id)); } @GetMapping("/list") @PreAuthorize("hasAuthority('sys:menu:list')") public Result list() { List<SysMenu> menus = sysMenuService.tree(); return Result.success(menus); } @PostMapping("/save") @PreAuthorize("hasAuthority('sys:menu:save')") public Result save(@Validated @RequestBody SysMenu sysMenu) { sysMenu.setCreated(LocalDateTime.now()); sysMenuService.save(sysMenu); return Result.success(sysMenu); } @PostMapping("/update") @PreAuthorize("hasAuthority('sys:menu:update')") public Result update(@Validated @RequestBody SysMenu sysMenu) { sysMenu.setUpdated(LocalDateTime.now()); sysMenuService.updateById(sysMenu); // 清除所有与该菜单相关的权限缓存 sysUserService.clearUserAuthorityInfoByMenuId(sysMenu.getId()); return Result.success(sysMenu); } @PostMapping("/delete/{id}") @PreAuthorize("hasAuthority('sys:menu:delete')") public Result delete(@PathVariable("id") Long id) { int count = sysMenuService.count(new QueryWrapper<SysMenu>().eq("parent_id", id)); if (count > 0) { return Result.fail("请先删除子菜单"); } // 清除所有与该菜单相关的权限缓存 sysUserService.clearUserAuthorityInfoByMenuId(id); sysMenuService.removeById(id); // 同步删除中间关联表 sysRoleMenuService.remove(new QueryWrapper<SysRoleMenu>().eq("menu_id", id)); return Result.success(""); } }
@@ -15,5 +15,18 @@ */ public interface SysMenuService extends IService<SysMenu> { /** * 获取用户有权限的菜单树 * * @return */ List<SysMenu> getMenuTree(); /** * 获取用户的权限 * * @param userName * @return */ List<String> getAuthorityInfo(String userName); } hangzhoumesParent/common/springsecurity/src/main/java/com/mes/menu/service/impl/SysMenuServiceImpl.java
@@ -1,13 +1,21 @@ package com.mes.menu.service.impl; import cn.hutool.json.JSONUtil; import com.baomidou.mybatisplus.core.conditions.query.QueryWrapper; import com.baomidou.mybatisplus.extension.service.impl.ServiceImpl; import com.mes.menu.entity.SysMenu; import com.mes.menu.mapper.SysMenuMapper; import com.mes.menu.service.SysMenuService; import com.mes.userinfo.entity.SysUser; import com.mes.userinfo.mapper.SysUserMapper; import com.mes.userinfo.service.SysUserService; import lombok.extern.slf4j.Slf4j; import org.springframework.beans.factory.annotation.Autowired; import org.springframework.security.core.context.SecurityContextHolder; import org.springframework.stereotype.Service; import org.springframework.util.StringUtils; import java.util.ArrayList; import java.util.List; import java.util.stream.Collectors; @@ -23,10 +31,23 @@ @Slf4j public class SysMenuServiceImpl extends ServiceImpl<SysMenuMapper, SysMenu> implements SysMenuService { @Autowired SysUserService sysUserService; @Override public List<SysMenu> getMenuTree() { //todo:需要先获取用户的角色,角色下的菜单权限,拿到菜单id获取所有菜单 List<SysMenu> menuList = this.baseMapper.selectList(null); return create(menuList); } @Override public List<String> getAuthorityInfo(String userName) { SysUser sysUser = sysUserService.listByUserName(userName); // 获取权限信息 String authorityInfo = sysUserService.getUserAuthorityInfo(sysUser.getId());// ROLE_admin,ROLE_normal,sys:user:list,.... String[] authorityInfoArray = StringUtils.tokenizeToStringArray(authorityInfo, ","); } @@ -64,4 +85,79 @@ return res; } @Autowired SysUserMapper sysUserMapper; @Override public List<SysMenuDto> getCurrentUserNav() { String username = (String) SecurityContextHolder.getContext().getAuthentication().getPrincipal(); SysUser sysUser = sysUserService.getByUsername(username); List<Long> menuIds = sysUserMapper.getNavMenuIds(sysUser.getId()); List<SysMenu> menus = this.listByIds(menuIds); // 转树状结构 List<SysMenu> menuTree = buildTreeMenu(menus); // 实体转DTO return convert(menuTree); } @Override public List<SysMenu> tree() { // 获取所有菜单信息 List<SysMenu> sysMenus = this.list(new QueryWrapper<SysMenu>().orderByAsc("orderNum")); // 转成树状结构 return buildTreeMenu(sysMenus); } private List<SysMenuDto> convert(List<SysMenu> menuTree) { List<SysMenuDto> menuDtos = new ArrayList<>(); menuTree.forEach(m -> { SysMenuDto dto = new SysMenuDto(); dto.setId(m.getId()); dto.setName(m.getPerms()); dto.setTitle(m.getName()); dto.setComponent(m.getComponent()); dto.setPath(m.getPath()); if (m.getChildren().size() > 0) { // 子节点调用当前方法进行再次转换 dto.setChildren(convert(m.getChildren())); } menuDtos.add(dto); }); return menuDtos; } private List<SysMenu> buildTreeMenu(List<SysMenu> menus) { List<SysMenu> finalMenus = new ArrayList<>(); // 先各自寻找到各自的孩子 for (SysMenu menu : menus) { for (SysMenu e : menus) { if (menu.getId() == e.getParentId()) { menu.getChildren().add(e); } } // 提取出父节点 if (menu.getParentId() == 0L) { finalMenus.add(menu); } } System.out.println(JSONUtil.toJsonStr(finalMenus)); return finalMenus; } } hangzhoumesParent/common/springsecurity/src/main/java/com/mes/role/controller/SysRoleController.java
@@ -1,8 +1,23 @@ package com.mes.role.controller; import org.springframework.web.bind.annotation.RequestMapping; import org.springframework.web.bind.annotation.RestController; import cn.hutool.core.util.StrUtil; import com.baomidou.mybatisplus.core.conditions.query.QueryWrapper; import com.baomidou.mybatisplus.extension.plugins.pagination.Page; import com.mes.role.entity.SysRole; import com.mes.role.entity.SysRoleMenu; import com.mes.userinfo.entity.SysUserRole; import com.mes.utils.Result; import org.springframework.security.access.prepost.PreAuthorize; import org.springframework.transaction.annotation.Transactional; import org.springframework.validation.annotation.Validated; import org.springframework.web.bind.annotation.*; import java.time.LocalDateTime; import java.util.ArrayList; import java.util.Arrays; import java.util.List; import java.util.stream.Collectors; /** * <p> @@ -15,6 +30,100 @@ @RestController @RequestMapping("/role/sys-role") public class SysRoleController { @PreAuthorize("hasAuthority('sys:role:list')") @GetMapping("/info/{id}") public Result info(@PathVariable("id") Long id) { SysRole sysRole = sysRoleService.getById(id); // 获取角色相关联的菜单id List<SysRoleMenu> roleMenus = sysRoleMenuService.list(new QueryWrapper<SysRoleMenu>().eq("role_id", id)); List<Long> menuIds = roleMenus.stream().map(p -> p.getMenuId()).collect(Collectors.toList()); sysRole.setMenuIds(menuIds); return Result.success(sysRole); } @PreAuthorize("hasAuthority('sys:role:list')") @GetMapping("/list") public Result list(String name) { Page<SysRole> pageData = sysRoleService.page(getPage(), new QueryWrapper<SysRole>() .like(StrUtil.isNotBlank(name), "name", name) ); return Result.success(pageData); } @PostMapping("/save") @PreAuthorize("hasAuthority('sys:role:save')") public Result save(@Validated @RequestBody SysRole sysRole) { sysRole.setCreated(LocalDateTime.now()); sysRole.setStatu(Const.STATUS_ON); sysRoleService.save(sysRole); return Result.success(sysRole); } @PostMapping("/update") @PreAuthorize("hasAuthority('sys:role:update')") public Result update(@Validated @RequestBody SysRole sysRole) { sysRole.setUpdated(LocalDateTime.now()); sysRoleService.updateById(sysRole); // 更新缓存 sysUserService.clearUserAuthorityInfoByRoleId(sysRole.getId()); return Result.success(sysRole); } @PostMapping("/delete") @PreAuthorize("hasAuthority('sys:role:delete')") @Transactional public Result info(@RequestBody Long[] ids) { sysRoleService.removeByIds(Arrays.asList(ids)); // 删除中间表 sysUserRoleService.remove(new QueryWrapper<SysUserRole>().in("role_id", ids)); sysRoleMenuService.remove(new QueryWrapper<SysRoleMenu>().in("role_id", ids)); // 缓存同步删除 Arrays.stream(ids).forEach(id -> { // 更新缓存 sysUserService.clearUserAuthorityInfoByRoleId(id); }); return Result.success(""); } @Transactional @PostMapping("/perm/{roleId}") @PreAuthorize("hasAuthority('sys:role:perm')") public Result info(@PathVariable("roleId") Long roleId, @RequestBody Long[] menuIds) { List<SysRoleMenu> sysRoleMenus = new ArrayList<>(); Arrays.stream(menuIds).forEach(menuId -> { SysRoleMenu roleMenu = new SysRoleMenu(); roleMenu.setMenuId(menuId); roleMenu.setRoleId(roleId); sysRoleMenus.add(roleMenu); }); // 先删除原来的记录,再保存新的 sysRoleMenuService.remove(new QueryWrapper<SysRoleMenu>().eq("role_id", roleId)); sysRoleMenuService.saveBatch(sysRoleMenus); // 删除缓存 sysUserService.clearUserAuthorityInfoByRoleId(roleId); return Result.success(menuIds); } }
@@ -1,14 +1,14 @@ package com.mes.userinfo.controller; import com.mes.base.BaseController; import com.mes.userinfo.entity.SysUser; import com.mes.userinfo.entity.request.UserRequest; import com.mes.userinfo.entity.vo.SysUserVO; import com.mes.userinfo.service.SysUserService; import com.mes.utils.Result; import io.swagger.annotations.ApiModel; import io.swagger.annotations.ApiOperation; import org.springframework.beans.factory.annotation.Autowired; import org.springframework.validation.annotation.Validated; import org.springframework.web.bind.annotation.PostMapping; import org.springframework.web.bind.annotation.RequestBody; import org.springframework.web.bind.annotation.RequestMapping; @@ -28,10 +28,7 @@ @ApiModel("用户信息") @RestController @RequestMapping("/userinfo") public class SysUserController { @Autowired private SysUserService sysUserService; public class SysUserController extends BaseController { @ApiOperation("用户登录") @PostMapping("/login") @@ -47,28 +44,39 @@ @ApiOperation("新增用户信息") @PostMapping("/saveUser") public Result<SysUserVO> saveUser(@RequestBody SysUserVO sysUser) { // @PreAuthorize("hasAuthority('sys:user:save')") public Result<String> saveUser(@Validated @RequestBody SysUserVO sysUser) { return Result.success(sysUserService.saveUser(sysUser)); } @ApiOperation("更新用户信息") @PostMapping("/updateUser") // @PreAuthorize("hasAuthority('sys:user:update')") public Result<SysUserVO> updateUser(@Validated @RequestBody SysUserVO sysUser) { return Result.success(sysUserService.updateUser(sysUser)); } @PostMapping("/resetPassword") // @PreAuthorize("hasAuthority('sys:user:resetPassword')") public Result resetPassword(@RequestBody Long userId) { return Result.success(sysUserService.resetPassword(userId)); } @ApiOperation("获取用户列表") @PostMapping("/listByUserName") // @PreAuthorize("hasAuthority('sys:user:list')") public Result<List<SysUserVO>> listByUserName(@RequestBody UserRequest request) { return Result.success(sysUserService.listByUserName(request)); } @ApiOperation("更新用户信息") @PostMapping("/updateUser") public Result<SysUserVO> updateUser(@RequestBody SysUserVO sysUser) { return Result.success(sysUserService.updateUser(sysUser)); } @ApiOperation("删除用户信息") @PostMapping("/deleteUser") public Result<String> deleteUser(@RequestBody SysUserVO sysUser) { return Result.success(sysUserService.deleteUser(sysUser)); // @PreAuthorize("hasAuthority('sys:user:delete')") public Result<String> deleteUser(@RequestBody List<Long> ids) { return Result.success(sysUserService.deleteUser(ids)); } }
File was deleted hangzhoumesParent/common/springsecurity/src/main/java/com/mes/userinfo/entity/SysUserRole.java
@@ -1,7 +1,6 @@ package com.mes.userinfo.entity; import com.baomidou.mybatisplus.annotation.IdType; import com.baomidou.mybatisplus.annotation.TableId; import lombok.AllArgsConstructor; import lombok.Data; import lombok.EqualsAndHashCode; @@ -17,6 +16,7 @@ */ @Data @EqualsAndHashCode(callSuper = false) @AllArgsConstructor public class SysUserRole implements Serializable { private static final long serialVersionUID = 1L; @@ -24,7 +24,6 @@ /** * 用户id */ @TableId(value = "user_id", type = IdType.AUTO) private Long userId; /** hangzhoumesParent/common/springsecurity/src/main/java/com/mes/userinfo/service/SysUserService.java
@@ -39,15 +39,23 @@ * @param user * @return */ SysUserVO saveUser(SysUserVO user); String saveUser(SysUserVO user); /** * 按名称获取用户信息 * 更新用户信息 * * @param sysUser * @return */ SysUserVO updateUser(SysUserVO sysUser); /** * 重置密码 * * @param userId * @return */ String resetPassword(Long userId); /** * 按名称获取用户信息 @@ -60,8 +68,8 @@ /** * 删除用户信息 * * @param user * @param ids * @return */ String deleteUser(SysUserVO user); String deleteUser(List<Long> ids); } hangzhoumesParent/common/springsecurity/src/main/java/com/mes/userinfo/service/impl/SysUserServiceImpl.java
@@ -1,15 +1,24 @@ package com.mes.userinfo.service.impl; import com.baomidou.mybatisplus.core.conditions.query.LambdaQueryWrapper; import com.baomidou.mybatisplus.core.conditions.query.QueryWrapper; import com.baomidou.mybatisplus.extension.service.impl.ServiceImpl; import com.github.yulichang.wrapper.MPJLambdaWrapper; import com.mes.common.config.Const; import com.mes.common.utils.JwtUtil; import com.mes.common.utils.RedisUtil; import com.mes.menu.mapper.SysMenuMapper; import com.mes.role.entity.SysRole; import com.mes.userinfo.entity.LoginUser; import com.mes.userinfo.entity.SysUser; import com.mes.userinfo.entity.SysUserRole; import com.mes.userinfo.entity.request.UserRequest; import com.mes.userinfo.entity.vo.SysUserVO; import com.mes.userinfo.mapper.SysUserMapper; import com.mes.userinfo.service.SysUserRoleService; import com.mes.userinfo.service.SysUserService; import com.mes.utils.Result; import lombok.extern.slf4j.Slf4j; import org.springframework.beans.BeanUtils; import org.springframework.beans.factory.annotation.Autowired; import org.springframework.security.authentication.AuthenticationManager; import org.springframework.security.authentication.UsernamePasswordAuthenticationToken; @@ -18,12 +27,15 @@ import org.springframework.security.core.userdetails.UserDetails; import org.springframework.security.core.userdetails.UserDetailsService; import org.springframework.security.core.userdetails.UsernameNotFoundException; import org.springframework.security.crypto.bcrypt.BCryptPasswordEncoder; import org.springframework.stereotype.Service; import org.springframework.transaction.annotation.Transactional; import org.springframework.util.CollectionUtils; import org.springframework.util.StringUtils; import javax.annotation.Resource; import java.util.HashMap; import java.util.List; import java.util.Objects; import java.util.*; import java.util.stream.Collectors; /** * <p> @@ -34,18 +46,26 @@ * @since 2024-04-11 */ @Service @Slf4j public class SysUserServiceImpl extends ServiceImpl<SysUserMapper, SysUser> implements SysUserService, UserDetailsService { @Autowired private AuthenticationManager authenticationManager; @Autowired private RedisUtil redisUtil; @Resource private SysMenuMapper sysMenuMapper; @Resource private SysUserRoleService sysUserRoleService; @Autowired BCryptPasswordEncoder passwordEncoder; @Override public Result login(SysUser user) { public Map<String, String> login(SysUser user) { UsernamePasswordAuthenticationToken authenticationToken = new UsernamePasswordAuthenticationToken(user.getUserName(), user.getPassword()); Authentication authenticate = authenticationManager.authenticate(authenticationToken); if (Objects.isNull(authenticate)) { @@ -54,24 +74,93 @@ //使用userid生成token LoginUser loginUser = (LoginUser) authenticate.getPrincipal(); String userId = loginUser.getUser().getId().toString(); String jwt = JwtUtil.generateToken(userId); String jwt = JwtUtil.createJWT(userId); //查询权限信息 // List<String> perms = sysMenuMapper.selectPermsByUserId(userId); //authenticate存入redis redisUtil.setCacheObject("login:" + userId, loginUser); redisUtil.setCacheObject("login:" + userId, loginUser.getAuthorities()); //把token响应给前端 HashMap<String, String> map = new HashMap<>(); map.put("token", jwt); return Result.success(map); return map; } @Override public Result logout() { public String logout() { Authentication authentication = SecurityContextHolder.getContext().getAuthentication(); LoginUser loginUser = (LoginUser) authentication.getPrincipal(); Long userid = loginUser.getUser().getId(); redisUtil.deleteObject("login:" + userid); return Result.success("退出成功"); return "注销成功"; } @Transactional @Override public String saveUser(SysUserVO user) { log.info("保存用户信息"); // 默认密码 String password = passwordEncoder.encode(Const.DEFULT_PASSWORD); user.setPassword(password); SysUser sysUser = new SysUser(); BeanUtils.copyProperties(user, sysUser); this.save(sysUser); saveUserRole(user.getRoleList(), sysUser.getId()); return "success"; } @Transactional @Override public SysUserVO updateUser(SysUserVO user) { log.info("更新用户信息"); SysUser sysUser = new SysUser(); BeanUtils.copyProperties(user, sysUser); this.updateById(sysUser); log.info("删除用户角色信息"); sysUserRoleService.removeByIds(user.getRoleList()); log.info("保存用户角色信息"); saveUserRole(user.getRoleList(), sysUser.getId()); return null; } @Override public String resetPassword(Long userId) { log.info("重置密码为{}", Const.DEFULT_PASSWORD); SysUser sysUser = new SysUser(); sysUser.setId(userId); String password = passwordEncoder.encode(Const.DEFULT_PASSWORD); sysUser.setPassword(password); this.updateById(sysUser); return "success"; } @Override public List<SysUserVO> listByUserName(UserRequest request) { MPJLambdaWrapper<SysUser> wrapper = new MPJLambdaWrapper<>(); wrapper.selectAll(SysUser.class) .selectCollection(SysRole.class, SysUserVO::getRoleList) .leftJoin(SysUserRole.class, SysUserRole::getUserId, SysUser::getId) .leftJoin(SysRole.class, SysRole::getId, SysUserRole::getRoleId) .like(StringUtils.hasText(request.getUserName()), SysUser::getUserName, request.getUserName()); return baseMapper.selectJoinList(SysUserVO.class, wrapper); } @Transactional @Override public String deleteUser(List<Long> ids) { this.removeByIds(ids); sysUserRoleService.remove(new QueryWrapper<SysUserRole>().in("user_id", ids)); return "success"; } /** * 实现UserDetailsService接口,从数据库内获取用户及权限信息 * * @param username * @return * @throws UsernameNotFoundException */ @Override public UserDetails loadUserByUsername(String username) throws UsernameNotFoundException { LambdaQueryWrapper<SysUser> lqw = new LambdaQueryWrapper<>(); @@ -86,4 +175,19 @@ return new LoginUser(user, perms); } private void saveUserRole(List<SysRole> roles, Long userId) { log.info("保存用户角色信息"); List<SysUserRole> userRoles = new ArrayList<>(); if (CollectionUtils.isEmpty(roles)) { log.info("保存用户角色信息为空,给默认普通用户角色"); userRoles.add(new SysUserRole(userId, Const.DEFULT_ROLE)); } else { log.info("保存用户角色信息"); userRoles = roles.stream().map(e -> new SysUserRole(userId, e.getId())).collect(Collectors.toList()); } sysUserRoleService.saveBatch(userRoles); } }
