权限调整
This commit is contained in:
andy
parent
8cf4369a5a
commit
a523fd90b7
@ -172,6 +172,9 @@ public class LoginServiceImpl implements LoginService {
|
||||
uv.setPermCodeList(permCodeList);
|
||||
redisUtil.lSet(HDConstant.LOGIN_CACHE_KEY_PREFIX + jti + ":perms", permUriList.toArray(new String[permUriList.size()]), tokenExp);
|
||||
}
|
||||
|
||||
//开始缓存权限信息
|
||||
redisUtil.set(HDConstant.LOGIN_CACHE_KEY_PREFIX + HDConstant.PermissionConstant.PERMISSION_AUTH_USER_UID+":"+user.getPkId(), user.getUid());
|
||||
if(rcodeList.contains(HDConstant.OPERATOR_ROLE_CODE)){
|
||||
BaseResponse<List<BatteryStation>> result = cloudService.loadBatteryStation(user.getBusinessCode());
|
||||
if(CodeMsg.SUCCESS.getCode().equals(result.getCode())){
|
||||
@ -182,6 +185,7 @@ public class LoginServiceImpl implements LoginService {
|
||||
pkIds = list.stream().map(BatteryStation::getPkId).map(String::valueOf).filter(com.alibaba.nacos.common.utils.StringUtils::isNotEmpty).collect(Collectors.joining(","));
|
||||
codes = list.stream().map(BatteryStation::getCode).filter(com.alibaba.nacos.common.utils.StringUtils::isNotEmpty).collect(Collectors.joining(","));
|
||||
}
|
||||
redisUtil.set(HDConstant.LOGIN_CACHE_KEY_PREFIX + HDConstant.PermissionConstant.PERMISSION_PROXY_CODE+":"+user.getPkId(), user.getBusinessCode());
|
||||
redisUtil.set(HDConstant.LOGIN_CACHE_KEY_PREFIX + HDConstant.PermissionConstant.PERMISSION_STATION_ID+":"+user.getPkId(), pkIds);
|
||||
redisUtil.set(HDConstant.LOGIN_CACHE_KEY_PREFIX + HDConstant.PermissionConstant.PERMISSION_STATION_CODE+":"+user.getPkId(), codes);
|
||||
}
|
||||
|
||||
@ -3,6 +3,8 @@ package com.evotech.hd.common.core.constant;
|
||||
public interface HDConstant {
|
||||
|
||||
public static final class PermissionConstant{
|
||||
public static final String PERMISSION_AUTH_USER_UID = "AUTH_USER_UID";
|
||||
public static final String PERMISSION_PROXY_CODE = "PROXY_CODE";
|
||||
public static final String PERMISSION_STATION_CODE = "STATION_CODE";
|
||||
public static final String PERMISSION_STATION_ID = "STATION_ID";
|
||||
public static final String PERMISSION_COMPANY_CODE = "COMPANY_CODE";
|
||||
|
||||
@ -1,12 +1,15 @@
|
||||
package com.evotech.hd.common.core.dao.resource;
|
||||
|
||||
import com.baomidou.mybatisplus.core.mapper.BaseMapper;
|
||||
import com.evotech.hd.common.core.constant.HDConstant;
|
||||
import com.evotech.hd.common.core.entity.resource.ProxyOperater;
|
||||
import com.evotech.hd.common.core.permission.DataScope;
|
||||
|
||||
/**
|
||||
* @author zrb
|
||||
* @since 2024-10-15
|
||||
*/
|
||||
@DataScope(permissionObject = HDConstant.OPERATOR_ROLE_CODE, permissionScopeName = "pocode", permissionScopeRedisKey = HDConstant.PermissionConstant.PERMISSION_PROXY_CODE)
|
||||
public interface ProxyOperaterDao extends BaseMapper<ProxyOperater> {
|
||||
|
||||
}
|
||||
|
||||
@ -1,12 +1,15 @@
|
||||
package com.evotech.hd.common.core.dao.resource.auth;
|
||||
|
||||
import com.baomidou.mybatisplus.core.mapper.BaseMapper;
|
||||
import com.evotech.hd.common.core.constant.HDConstant;
|
||||
import com.evotech.hd.common.core.entity.resource.auth.AuthRole;
|
||||
import com.evotech.hd.common.core.permission.DataScope;
|
||||
|
||||
/**
|
||||
* @author zrb
|
||||
* @since 2024-09-04
|
||||
*/
|
||||
@DataScope(permissionObject = HDConstant.OPERATOR_ROLE_CODE, permissionScopeName = "creater", permissionScopeRedisKey = HDConstant.PermissionConstant.PERMISSION_AUTH_USER_UID)
|
||||
public interface AuthRoleDao extends BaseMapper<AuthRole> {
|
||||
|
||||
}
|
||||
|
||||
@ -1,12 +1,15 @@
|
||||
package com.evotech.hd.common.core.dao.resource.auth;
|
||||
|
||||
import com.baomidou.mybatisplus.core.mapper.BaseMapper;
|
||||
import com.evotech.hd.common.core.constant.HDConstant;
|
||||
import com.evotech.hd.common.core.entity.resource.auth.AuthUser;
|
||||
import com.evotech.hd.common.core.permission.DataScope;
|
||||
|
||||
/**
|
||||
* @author zrb
|
||||
* @since 2024-09-04
|
||||
*/
|
||||
@DataScope(permissionObject = HDConstant.OPERATOR_ROLE_CODE, permissionScopeName = "creater", permissionScopeRedisKey = HDConstant.PermissionConstant.PERMISSION_AUTH_USER_UID)
|
||||
public interface AuthUserDao extends BaseMapper<AuthUser> {
|
||||
|
||||
}
|
||||
|
||||
@ -1,18 +1,14 @@
|
||||
package com.evotech.hd.common.core.entity.resource.auth;
|
||||
|
||||
import com.baomidou.mybatisplus.annotation.IdType;
|
||||
import com.baomidou.mybatisplus.annotation.TableId;
|
||||
import com.baomidou.mybatisplus.annotation.TableName;
|
||||
import com.baomidou.mybatisplus.annotation.*;
|
||||
import com.fasterxml.jackson.annotation.JsonFormat;
|
||||
|
||||
import java.io.Serializable;
|
||||
import java.util.Date;
|
||||
|
||||
import org.springframework.format.annotation.DateTimeFormat;
|
||||
|
||||
import io.swagger.v3.oas.annotations.media.Schema;
|
||||
import lombok.Getter;
|
||||
import lombok.Setter;
|
||||
import org.springframework.format.annotation.DateTimeFormat;
|
||||
|
||||
import java.io.Serializable;
|
||||
import java.util.Date;
|
||||
|
||||
/**
|
||||
* @author zrb
|
||||
@ -49,18 +45,22 @@ public class AuthRole implements Serializable {
|
||||
private Integer readonly;
|
||||
|
||||
@Schema(description = "创建人")
|
||||
@TableField(fill = FieldFill.INSERT)
|
||||
private String creater;
|
||||
|
||||
@Schema(description = "创建时间", hidden = true)
|
||||
@DateTimeFormat(pattern = "yyyy-MM-dd HH:mm:ss")
|
||||
@JsonFormat(pattern = "yyyy-MM-dd HH:mm:ss",timezone="GMT+8")
|
||||
@TableField(fill = FieldFill.INSERT)
|
||||
private Date ctime;
|
||||
|
||||
@Schema(description = "更新人", hidden = true)
|
||||
@TableField(fill = FieldFill.UPDATE)
|
||||
private String updater;
|
||||
|
||||
@Schema(description = "更新时间")
|
||||
@DateTimeFormat(pattern = "yyyy-MM-dd HH:mm:ss")
|
||||
@JsonFormat(pattern = "yyyy-MM-dd HH:mm:ss",timezone="GMT+8")
|
||||
@TableField(fill = FieldFill.UPDATE)
|
||||
private Date uptime;
|
||||
}
|
||||
|
||||
@ -1,9 +1,6 @@
|
||||
package com.evotech.hd.common.core.entity.resource.auth;
|
||||
|
||||
import com.baomidou.mybatisplus.annotation.IdType;
|
||||
import com.baomidou.mybatisplus.annotation.TableField;
|
||||
import com.baomidou.mybatisplus.annotation.TableId;
|
||||
import com.baomidou.mybatisplus.annotation.TableName;
|
||||
import com.baomidou.mybatisplus.annotation.*;
|
||||
import com.fasterxml.jackson.annotation.JsonFormat;
|
||||
import io.swagger.v3.oas.annotations.media.Schema;
|
||||
import io.swagger.v3.oas.annotations.media.Schema.RequiredMode;
|
||||
@ -94,19 +91,23 @@ public class AuthUser implements Serializable {
|
||||
private Date lastLoginTime;
|
||||
|
||||
@Schema(description = "创建人", hidden = true)
|
||||
@TableField(fill = FieldFill.INSERT)
|
||||
private String creater;
|
||||
|
||||
@Schema(description = "创建时间", hidden = true)
|
||||
@DateTimeFormat(pattern = "yyyy-MM-dd HH:mm:ss")
|
||||
@JsonFormat(pattern = "yyyy-MM-dd HH:mm:ss",timezone="GMT+8")
|
||||
@TableField(fill = FieldFill.INSERT)
|
||||
private Date ctime;
|
||||
|
||||
@Schema(description = "更新人", hidden = true)
|
||||
@TableField(fill = FieldFill.UPDATE)
|
||||
private String updater;
|
||||
|
||||
@Schema(description = "更新时间", hidden = true)
|
||||
@DateTimeFormat(pattern = "yyyy-MM-dd HH:mm:ss")
|
||||
@JsonFormat(pattern = "yyyy-MM-dd HH:mm:ss",timezone="GMT+8")
|
||||
@TableField(fill = FieldFill.UPDATE)
|
||||
private Date uptime;
|
||||
|
||||
@Schema(description = "角色编码", hidden = true)
|
||||
|
||||
76
base-commons/common-permission/pom.xml
Normal file
76
base-commons/common-permission/pom.xml
Normal file
@ -0,0 +1,76 @@
|
||||
<?xml version="1.0" encoding="UTF-8"?>
|
||||
<project xmlns="http://maven.apache.org/POM/4.0.0"
|
||||
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
|
||||
xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/xsd/maven-4.0.0.xsd">
|
||||
<modelVersion>4.0.0</modelVersion>
|
||||
<parent>
|
||||
<groupId>com.evotech.hd</groupId>
|
||||
<artifactId>base-commons</artifactId>
|
||||
<version>1.0.0-SNAPSHOT</version>
|
||||
</parent>
|
||||
|
||||
<artifactId>common-permission</artifactId>
|
||||
|
||||
<properties>
|
||||
<maven.compiler.source>17</maven.compiler.source>
|
||||
<maven.compiler.target>17</maven.compiler.target>
|
||||
<project.build.sourceEncoding>UTF-8</project.build.sourceEncoding>
|
||||
</properties>
|
||||
<dependencies>
|
||||
<dependency>
|
||||
<groupId>com.evotech.hd</groupId>
|
||||
<artifactId>common-redis</artifactId>
|
||||
<version>1.0.0-SNAPSHOT</version>
|
||||
</dependency>
|
||||
|
||||
|
||||
<dependency>
|
||||
<groupId>org.springframework</groupId>
|
||||
<artifactId>spring-tx</artifactId>
|
||||
</dependency>
|
||||
<dependency>
|
||||
<groupId>org.testng</groupId>
|
||||
<artifactId>testng</artifactId>
|
||||
<version>RELEASE</version>
|
||||
<scope>compile</scope>
|
||||
</dependency>
|
||||
<dependency>
|
||||
<groupId>com.baomidou</groupId>
|
||||
<artifactId>mybatis-plus-extension</artifactId>
|
||||
<version>3.5.7</version>
|
||||
<scope>compile</scope>
|
||||
</dependency>
|
||||
<dependency>
|
||||
<groupId>org.springframework</groupId>
|
||||
<artifactId>spring-context</artifactId>
|
||||
</dependency>
|
||||
<dependency>
|
||||
<groupId>com.evotech.hd</groupId>
|
||||
<artifactId>common-core</artifactId>
|
||||
<version>1.0.0-SNAPSHOT</version>
|
||||
<scope>compile</scope>
|
||||
</dependency>
|
||||
<dependency>
|
||||
<groupId>org.projectlombok</groupId>
|
||||
<artifactId>lombok</artifactId>
|
||||
<scope>provided</scope>
|
||||
</dependency>
|
||||
<dependency>
|
||||
<groupId>jakarta.servlet</groupId>
|
||||
<artifactId>jakarta.servlet-api</artifactId>
|
||||
</dependency>
|
||||
<dependency>
|
||||
<groupId>cn.hutool</groupId>
|
||||
<artifactId>hutool-jwt</artifactId>
|
||||
</dependency>
|
||||
<dependency>
|
||||
<groupId>org.springframework.security</groupId>
|
||||
<artifactId>spring-security-oauth2-jose</artifactId>
|
||||
</dependency>
|
||||
<dependency>
|
||||
<groupId>com.alibaba.nacos</groupId>
|
||||
<artifactId>nacos-client</artifactId>
|
||||
</dependency>
|
||||
</dependencies>
|
||||
|
||||
</project>
|
||||
@ -1,8 +1,8 @@
|
||||
package com.evotech.hd.cloud.config;
|
||||
package com.evotech.hd.common.permission.config.permission;
|
||||
|
||||
import com.baomidou.mybatisplus.extension.plugins.MybatisPlusInterceptor;
|
||||
import com.baomidou.mybatisplus.extension.plugins.inner.DataPermissionInterceptor;
|
||||
import com.evotech.hd.cloud.handler.DataScopeHandler;
|
||||
import com.evotech.hd.common.permission.handler.DataScopeHandler;
|
||||
import org.springframework.context.annotation.Bean;
|
||||
import org.springframework.context.annotation.Configuration;
|
||||
import org.springframework.transaction.annotation.EnableTransactionManagement;
|
||||
@ -17,9 +17,9 @@ import org.springframework.transaction.annotation.EnableTransactionManagement;
|
||||
*/
|
||||
@EnableTransactionManagement(proxyTargetClass = true)
|
||||
@Configuration
|
||||
public class PermissionCloudMybatisPlusConfig {
|
||||
public class PermissionMybatisPlusConfig {
|
||||
|
||||
@Bean("permissionCloudMybatisPlusInterceptor")
|
||||
@Bean("permissionMybatisPlusInterceptor")
|
||||
public MybatisPlusInterceptor mybatisPlusInterceptor() {
|
||||
|
||||
MybatisPlusInterceptor interceptor = new MybatisPlusInterceptor();
|
||||
@ -1,11 +1,12 @@
|
||||
package com.evotech.hd.resource.handler;
|
||||
package com.evotech.hd.common.permission.handler;
|
||||
|
||||
import com.alibaba.nacos.common.utils.CollectionUtils;
|
||||
import com.alibaba.nacos.common.utils.StringUtils;
|
||||
import com.baomidou.mybatisplus.core.toolkit.ObjectUtils;
|
||||
import com.baomidou.mybatisplus.extension.plugins.handler.MultiDataPermissionHandler;
|
||||
import com.evotech.hd.common.core.permission.DataScope;
|
||||
import com.evotech.hd.common.core.permission.DataScopes;
|
||||
import com.evotech.hd.resource.utils.RedisResourceUtils;
|
||||
import com.evotech.hd.common.permission.util.RedisPermissionUtils;
|
||||
import net.sf.jsqlparser.expression.Expression;
|
||||
import net.sf.jsqlparser.expression.Parenthesis;
|
||||
import net.sf.jsqlparser.expression.StringValue;
|
||||
@ -13,7 +14,6 @@ import net.sf.jsqlparser.expression.operators.relational.ExpressionList;
|
||||
import net.sf.jsqlparser.expression.operators.relational.InExpression;
|
||||
import net.sf.jsqlparser.schema.Column;
|
||||
import net.sf.jsqlparser.schema.Table;
|
||||
import org.apache.commons.lang3.ObjectUtils;
|
||||
|
||||
import java.util.Arrays;
|
||||
import java.util.stream.Collectors;
|
||||
@ -43,8 +43,8 @@ public class DataScopeHandler implements MultiDataPermissionHandler {
|
||||
@Override
|
||||
public Expression getSqlSegment(Table table, Expression where, String mappedStatementId) {
|
||||
try {
|
||||
if(table != null && CollectionUtils.isNotEmpty(table.getNameParts()) && !"1".equals(RedisResourceUtils.getRoleType())){
|
||||
String roleCode = RedisResourceUtils.getRoleCode();
|
||||
if(table != null && CollectionUtils.isNotEmpty(table.getNameParts()) && !"1".equals(RedisPermissionUtils.getRoleType())){
|
||||
String roleCode = RedisPermissionUtils.getRoleCode();
|
||||
Class<?> mapperClazz = Class.forName(mappedStatementId.substring(0, mappedStatementId.lastIndexOf(".")));
|
||||
//优先检查是不是单角色权限
|
||||
DataScope dataScope = mapperClazz.getAnnotation(DataScope.class);
|
||||
@ -80,7 +80,7 @@ public class DataScopeHandler implements MultiDataPermissionHandler {
|
||||
* @return
|
||||
*/
|
||||
private Expression buildDataScopeByAnnotation(DataScope dataScope) {
|
||||
Expression expression = buildDataScopeExpression(dataScope, RedisResourceUtils.getPermissionValue(dataScope.permissionScopeRedisKey()));
|
||||
Expression expression = buildDataScopeExpression(dataScope, RedisPermissionUtils.getPermissionValue(dataScope.permissionScopeRedisKey()));
|
||||
return expression == null ? null : new Parenthesis(expression);
|
||||
}
|
||||
|
||||
@ -0,0 +1,67 @@
|
||||
package com.evotech.hd.common.permission.handler;
|
||||
|
||||
import cn.hutool.core.bean.BeanUtil;
|
||||
import cn.hutool.json.JSONUtil;
|
||||
import com.baomidou.mybatisplus.core.handlers.MetaObjectHandler;
|
||||
import com.evotech.hd.common.core.entity.resource.auth.AuthUser;
|
||||
import com.evotech.hd.common.permission.util.RedisPermissionUtils;
|
||||
import lombok.extern.slf4j.Slf4j;
|
||||
import org.apache.ibatis.reflection.MetaObject;
|
||||
import org.springframework.stereotype.Component;
|
||||
|
||||
import java.util.Date;
|
||||
|
||||
/**
|
||||
* @desc: 修改和新增自定义注解
|
||||
* @ClassName:InsertAndUpdateMybatisHandler
|
||||
* @date: 2025年04月17日 9:03
|
||||
* @author: andy.shi
|
||||
* @contact: 17330188597
|
||||
* @remark: 开发人员联系方式 1042025947@qq.com/微信同步
|
||||
*/
|
||||
@Component
|
||||
@Slf4j
|
||||
public class InsertAndUpdateMybatisHandler implements MetaObjectHandler {
|
||||
@Override
|
||||
public void insertFill(MetaObject metaObject) {
|
||||
try {
|
||||
AuthUser user = RedisPermissionUtils.getUser();
|
||||
if(BeanUtil.isEmpty(user)){
|
||||
log.info("当前操作位登录, 无需执行");
|
||||
return;
|
||||
}
|
||||
if(BeanUtil.isNotEmpty(metaObject)){
|
||||
mySetFieldValByName("creater",user.getUid(),metaObject);
|
||||
mySetFieldValByName("ctime",new Date(),metaObject);
|
||||
}
|
||||
} catch (Exception e) {
|
||||
log.error("自动填充拦截器异常=====insert,对象信息:{}, 异常信息:{}", JSONUtil.toJsonStr(metaObject), e.getMessage());
|
||||
}
|
||||
|
||||
}
|
||||
|
||||
private void mySetFieldValByName(String filedName, Object fieldVal, MetaObject metaObject) {
|
||||
Object createType = getFieldValByName(filedName,metaObject);
|
||||
if(BeanUtil.isEmpty(createType)){
|
||||
setFieldValByName(filedName,fieldVal,metaObject);
|
||||
}
|
||||
}
|
||||
|
||||
|
||||
@Override
|
||||
public void updateFill(MetaObject metaObject) {
|
||||
try {
|
||||
AuthUser user = RedisPermissionUtils.getUser();
|
||||
if(BeanUtil.isEmpty(user)){
|
||||
log.info("当前操作未登录, 无需执行");
|
||||
return;
|
||||
}
|
||||
if(BeanUtil.isNotEmpty(metaObject)){
|
||||
mySetFieldValByName("updater",user.getUid(),metaObject);
|
||||
mySetFieldValByName("uptime",new Date(),metaObject);
|
||||
}
|
||||
} catch (Exception e) {
|
||||
log.error("自动填充拦截器异常=====update,对象信息:{}, 异常信息:{}", JSONUtil.toJsonStr(metaObject),e.getMessage());
|
||||
}
|
||||
}
|
||||
}
|
||||
@ -1,10 +1,8 @@
|
||||
package com.evotech.hd.cloud.utils;
|
||||
package com.evotech.hd.common.permission.util;
|
||||
|
||||
import com.evotech.hd.common.core.constant.HDConstant;
|
||||
import com.evotech.hd.common.core.entity.resource.auth.AuthUser;
|
||||
import com.evotech.hd.common.redis.utils.RedisUtil;
|
||||
import com.evotech.hd.common.web.util.RequestContextUtil;
|
||||
import com.evotech.hd.common.web.util.SpringUtil;
|
||||
import lombok.extern.slf4j.Slf4j;
|
||||
import org.springframework.util.ObjectUtils;
|
||||
import org.springframework.util.StringUtils;
|
||||
@ -19,7 +17,7 @@ import org.springframework.util.StringUtils;
|
||||
*/
|
||||
|
||||
@Slf4j
|
||||
public class RedisCloudUtils {
|
||||
public class RedisPermissionUtils {
|
||||
|
||||
public static AuthUser getUser(){
|
||||
AuthUser user = (AuthUser)getRedisObjectValue("user");
|
||||
@ -58,7 +56,7 @@ public class RedisCloudUtils {
|
||||
|
||||
private static Integer getUserPkId(){
|
||||
AuthUser user = getUser();
|
||||
if(org.apache.commons.lang3.ObjectUtils.isEmpty(user) || user.getPkId() == null){
|
||||
if(ObjectUtils.isEmpty(user) || user.getPkId() == null){
|
||||
return null;
|
||||
}
|
||||
return user.getPkId();
|
||||
@ -105,7 +103,7 @@ public class RedisCloudUtils {
|
||||
}
|
||||
|
||||
private static Boolean isAuthority(String checkParamRoles, String paramRoleCode){
|
||||
if(org.apache.commons.lang3.StringUtils.isNotEmpty(checkParamRoles)){
|
||||
if(!StringUtils.isEmpty(checkParamRoles)){
|
||||
return checkParamRoles.lastIndexOf(paramRoleCode) != -1;
|
||||
}
|
||||
return getRoleCode().lastIndexOf(paramRoleCode) != -1;
|
||||
@ -127,7 +125,7 @@ public class RedisCloudUtils {
|
||||
* @return
|
||||
*/
|
||||
private static Object getRedisObjectValue(String key) {
|
||||
String token = RequestContextUtil.getToken();
|
||||
String token = SpringUtil.getToken();
|
||||
if(StringUtils.isEmpty(token)){
|
||||
log.error("SpringUtil.getRedisValue========== token is null");
|
||||
return null;
|
||||
@ -1,5 +1,6 @@
|
||||
package com.evotech.hd.common.web.util;
|
||||
package com.evotech.hd.common.permission.util;
|
||||
|
||||
import com.evotech.hd.common.core.constant.HDConstant;
|
||||
import jakarta.servlet.http.HttpServletRequest;
|
||||
import jakarta.servlet.http.HttpServletResponse;
|
||||
import lombok.extern.slf4j.Slf4j;
|
||||
@ -7,6 +8,7 @@ import org.springframework.beans.BeansException;
|
||||
import org.springframework.context.ApplicationContext;
|
||||
import org.springframework.context.ApplicationContextAware;
|
||||
import org.springframework.stereotype.Component;
|
||||
import org.springframework.util.StringUtils;
|
||||
import org.springframework.web.context.request.RequestAttributes;
|
||||
import org.springframework.web.context.request.RequestContextHolder;
|
||||
import org.springframework.web.context.request.ServletRequestAttributes;
|
||||
@ -39,6 +41,14 @@ public class SpringUtil implements ApplicationContextAware {
|
||||
return applicationContext;
|
||||
}
|
||||
|
||||
public static String getToken() {
|
||||
String authorization = getRequest().getHeader(HDConstant.AUTHORIZATION_KEY);
|
||||
if (StringUtils.hasLength(authorization) && authorization.contains(HDConstant.JWT_PREFIX)) {
|
||||
return authorization.substring(HDConstant.JWT_PREFIX.length());
|
||||
}
|
||||
return null;
|
||||
}
|
||||
|
||||
public static Object getBean(String name) {
|
||||
return getApplicationContext().getBean(name);
|
||||
}
|
||||
@ -1,4 +1,4 @@
|
||||
package com.evotech.hd.resource.utils;
|
||||
package com.evotech.hd.common.permission.util;
|
||||
|
||||
import cn.hutool.core.date.DateUtil;
|
||||
import cn.hutool.jwt.JWT;
|
||||
@ -14,5 +14,6 @@
|
||||
<module>common-web</module>
|
||||
<module>common-mybatis</module>
|
||||
<module>common-redis</module>
|
||||
<module>common-permission</module>
|
||||
</modules>
|
||||
</project>
|
||||
@ -26,13 +26,11 @@
|
||||
<artifactId>common-mybatis</artifactId>
|
||||
<version>1.0.0-SNAPSHOT</version>
|
||||
</dependency>
|
||||
|
||||
<dependency>
|
||||
<groupId>com.evotech.hd</groupId>
|
||||
<artifactId>common-redis</artifactId>
|
||||
<version>1.0.0-SNAPSHOT</version>
|
||||
<groupId>com.evotech.hd</groupId>
|
||||
<artifactId>common-permission</artifactId>
|
||||
<version>1.0.0-SNAPSHOT</version>
|
||||
</dependency>
|
||||
|
||||
<!-- openfein -->
|
||||
<dependency>
|
||||
<groupId>org.springframework.cloud</groupId>
|
||||
@ -82,15 +80,6 @@
|
||||
<groupId>cn.hutool</groupId>
|
||||
<artifactId>hutool-crypto</artifactId>
|
||||
</dependency>
|
||||
<dependency>
|
||||
<groupId>cn.hutool</groupId>
|
||||
<artifactId>hutool-jwt</artifactId>
|
||||
</dependency>
|
||||
<dependency>
|
||||
<groupId>org.springframework.security</groupId>
|
||||
<artifactId>spring-security-oauth2-jose</artifactId>
|
||||
</dependency>
|
||||
|
||||
</dependencies>
|
||||
|
||||
<build>
|
||||
|
||||
@ -1,115 +0,0 @@
|
||||
package com.evotech.hd.cloud.handler;
|
||||
|
||||
import com.alibaba.nacos.common.utils.CollectionUtils;
|
||||
import com.alibaba.nacos.common.utils.StringUtils;
|
||||
import com.baomidou.mybatisplus.extension.plugins.handler.MultiDataPermissionHandler;
|
||||
import com.evotech.hd.cloud.utils.RedisCloudUtils;
|
||||
import com.evotech.hd.common.core.permission.DataScope;
|
||||
import com.evotech.hd.common.core.permission.DataScopes;
|
||||
import net.sf.jsqlparser.expression.Expression;
|
||||
import net.sf.jsqlparser.expression.Parenthesis;
|
||||
import net.sf.jsqlparser.expression.StringValue;
|
||||
import net.sf.jsqlparser.expression.operators.relational.ExpressionList;
|
||||
import net.sf.jsqlparser.expression.operators.relational.InExpression;
|
||||
import net.sf.jsqlparser.schema.Column;
|
||||
import net.sf.jsqlparser.schema.Table;
|
||||
import org.apache.commons.lang3.ObjectUtils;
|
||||
|
||||
import java.util.Arrays;
|
||||
import java.util.stream.Collectors;
|
||||
|
||||
/**
|
||||
* @desc:
|
||||
* @ClassName:DataScopeHandler
|
||||
* @date: 2025年04月14日 14:54
|
||||
* @author: andy.shi
|
||||
* @contact: 17330188597
|
||||
* @remark: 开发人员联系方式 1042025947@qq.com/微信同步
|
||||
*/
|
||||
|
||||
public class DataScopeHandler implements MultiDataPermissionHandler {
|
||||
|
||||
/**
|
||||
* 获取数据权限 SQL 片段。
|
||||
* <p>旧的 {@link MultiDataPermissionHandler#getSqlSegment(Expression, String)} 方法第一个参数包含所有的 where 条件信息,如果 return 了 null 会覆盖原有的 where 数据,</p>
|
||||
* <p>新版的 {@link MultiDataPermissionHandler#getSqlSegment(Table, Expression, String)} 方法不能覆盖原有的 where 数据,如果 return 了 null 则表示不追加任何 where 条件</p>
|
||||
*
|
||||
* @param table 所执行的数据库表信息,可以通过此参数获取表名和表别名
|
||||
* @param where 原有的 where 条件信息
|
||||
* @param mappedStatementId Mybatis MappedStatement Id 根据该参数可以判断具体执行方法
|
||||
* @return JSqlParser 条件表达式,返回的条件表达式会拼接在原有的表达式后面(不会覆盖原有的表达式)
|
||||
*/
|
||||
|
||||
@Override
|
||||
public Expression getSqlSegment(Table table, Expression where, String mappedStatementId) {
|
||||
try {
|
||||
if(table != null && CollectionUtils.isNotEmpty(table.getNameParts()) && !"1".equals(RedisCloudUtils.getRoleType())){
|
||||
String roleCode = RedisCloudUtils.getRoleCode();
|
||||
Class<?> mapperClazz = Class.forName(mappedStatementId.substring(0, mappedStatementId.lastIndexOf(".")));
|
||||
//优先检查是不是单角色权限
|
||||
DataScope dataScope = mapperClazz.getAnnotation(DataScope.class);
|
||||
if (ObjectUtils.isNotEmpty(dataScope) && dataScope.enabled()) {
|
||||
if(dataScope.permissionObject().equals(roleCode)){
|
||||
return buildDataScopeByAnnotation(dataScope);
|
||||
}
|
||||
}
|
||||
//如果不是, 检查多角色权限
|
||||
DataScopes dataScopesList = mapperClazz.getAnnotation(DataScopes.class);
|
||||
if (ObjectUtils.isNotEmpty(dataScopesList)) {
|
||||
for (DataScope dataScopes :dataScopesList.value()){
|
||||
if(dataScopes.enabled()){
|
||||
if(dataScopes.permissionObject().equals(roleCode)){
|
||||
return buildDataScopeByAnnotation(dataScopes);
|
||||
}
|
||||
}
|
||||
}
|
||||
}
|
||||
}
|
||||
} catch (ClassNotFoundException e) {
|
||||
e.printStackTrace();
|
||||
}
|
||||
return null;
|
||||
}
|
||||
|
||||
|
||||
|
||||
/**
|
||||
* DataScope注解方式,拼装数据权限
|
||||
*
|
||||
* @param dataScope
|
||||
* @return
|
||||
*/
|
||||
private Expression buildDataScopeByAnnotation(DataScope dataScope) {
|
||||
Expression expression = buildDataScopeExpression(dataScope, RedisCloudUtils.getPermissionValue(dataScope.permissionScopeRedisKey()));
|
||||
return expression == null ? null : new Parenthesis(expression);
|
||||
}
|
||||
|
||||
|
||||
private Expression buildDataScopeExpression(DataScope dataScope, String value) {
|
||||
if(!"null".equals(value)){
|
||||
ExpressionList expressionList = new ExpressionList(Arrays.asList(value.split(",")).stream().map(StringValue::new).collect(Collectors.toList()));
|
||||
// 设置左边的字段表达式,右边设置值。
|
||||
InExpression operatorInExpression = new InExpression();
|
||||
operatorInExpression.setLeftExpression(buildColumn(dataScope.tableAlias(), dataScope.permissionScopeName()));
|
||||
operatorInExpression.setRightExpression(new Parenthesis(expressionList));
|
||||
return operatorInExpression;
|
||||
|
||||
}
|
||||
return null;
|
||||
}
|
||||
|
||||
/**
|
||||
* 构建Column
|
||||
*
|
||||
* @param tableAlias 表别名
|
||||
* @param columnName 字段名称
|
||||
* @return 带表别名字段
|
||||
*/
|
||||
private static Column buildColumn(String tableAlias, String columnName) {
|
||||
if (StringUtils.isNotEmpty(tableAlias)) {
|
||||
columnName = tableAlias + "." + columnName;
|
||||
}
|
||||
return new Column(columnName);
|
||||
}
|
||||
|
||||
}
|
||||
@ -11,7 +11,7 @@ import com.evotech.hd.cloud.mqtt.message.MessageTopic;
|
||||
import com.evotech.hd.cloud.mqtt.message.MqttMessageHeader;
|
||||
import com.evotech.hd.cloud.mqtt.message.dto.newer.req.MqttResponse;
|
||||
import com.evotech.hd.cloud.mqtt.message.handle.MessageUtilService;
|
||||
import com.evotech.hd.common.web.util.SpringUtil;
|
||||
import com.evotech.hd.common.permission.util.SpringUtil;
|
||||
import org.slf4j.Logger;
|
||||
import org.slf4j.LoggerFactory;
|
||||
|
||||
|
||||
@ -1,56 +0,0 @@
|
||||
package com.evotech.hd.cloud.utils;
|
||||
|
||||
import cn.hutool.core.date.DateUtil;
|
||||
import cn.hutool.jwt.JWT;
|
||||
import cn.hutool.jwt.JWTUtil;
|
||||
import org.springframework.security.oauth2.jwt.JwtClaimNames;
|
||||
|
||||
import java.util.Date;
|
||||
|
||||
/**
|
||||
* token解析工具类
|
||||
*/
|
||||
public class TokenUtil {
|
||||
|
||||
|
||||
public static JWT parseToJwt(String token) {
|
||||
JWT parseToken = JWTUtil.parseToken(token);
|
||||
return parseToken;
|
||||
}
|
||||
|
||||
|
||||
/**
|
||||
* 从token中获取userId
|
||||
*/
|
||||
public static String getUserId(String token) {
|
||||
String uid = parseToJwt(token).getPayloads().getStr("uid");
|
||||
return uid;
|
||||
}
|
||||
|
||||
/**
|
||||
* 从token中获取rcodes
|
||||
*/
|
||||
public static String getRcodes(String token) {
|
||||
String uid = parseToJwt(token).getPayloads().getStr("rcodes");
|
||||
return uid;
|
||||
}
|
||||
|
||||
|
||||
/**
|
||||
* 从token中获取jti
|
||||
*/
|
||||
public static String getJti(String token) {
|
||||
String jti = parseToJwt(token).getPayloads().getStr(JwtClaimNames.JTI).replaceAll("-", "");
|
||||
return jti;
|
||||
}
|
||||
|
||||
|
||||
/**
|
||||
* 从token中获取过期时间
|
||||
*/
|
||||
public static Date getExp(String token) {
|
||||
String exp = parseToJwt(token).getPayloads().getStr(JwtClaimNames.EXP).toString();
|
||||
return DateUtil.date(Long.valueOf(exp) * 1000);
|
||||
}
|
||||
|
||||
}
|
||||
@ -22,7 +22,11 @@
|
||||
<artifactId>common-web</artifactId>
|
||||
<version>1.0.0-SNAPSHOT</version>
|
||||
</dependency>
|
||||
|
||||
<dependency>
|
||||
<groupId>com.evotech.hd</groupId>
|
||||
<artifactId>common-permission</artifactId>
|
||||
<version>1.0.0-SNAPSHOT</version>
|
||||
</dependency>
|
||||
<dependency>
|
||||
<groupId>com.evotech.hd</groupId>
|
||||
<artifactId>common-mybatis</artifactId>
|
||||
@ -66,20 +70,6 @@
|
||||
<groupId>io.minio</groupId>
|
||||
<artifactId>minio</artifactId>
|
||||
</dependency>
|
||||
<dependency>
|
||||
<groupId>com.evotech.hd</groupId>
|
||||
<artifactId>common-redis</artifactId>
|
||||
<version>1.0.0-SNAPSHOT</version>
|
||||
<scope>compile</scope>
|
||||
</dependency>
|
||||
<dependency>
|
||||
<groupId>cn.hutool</groupId>
|
||||
<artifactId>hutool-jwt</artifactId>
|
||||
</dependency>
|
||||
<dependency>
|
||||
<groupId>org.springframework.security</groupId>
|
||||
<artifactId>spring-security-oauth2-jose</artifactId>
|
||||
</dependency>
|
||||
</dependencies>
|
||||
|
||||
<build>
|
||||
|
||||
@ -1,31 +0,0 @@
|
||||
package com.evotech.hd.resource.config.permission;
|
||||
|
||||
import com.baomidou.mybatisplus.extension.plugins.MybatisPlusInterceptor;
|
||||
import com.baomidou.mybatisplus.extension.plugins.inner.DataPermissionInterceptor;
|
||||
import com.evotech.hd.resource.handler.DataScopeHandler;
|
||||
import org.springframework.context.annotation.Bean;
|
||||
import org.springframework.context.annotation.Configuration;
|
||||
import org.springframework.transaction.annotation.EnableTransactionManagement;
|
||||
|
||||
/**
|
||||
* @desc:
|
||||
* @ClassName:MybatisPlusConfig
|
||||
* @date: 2025年04月14日 16:14
|
||||
* @author: andy.shi
|
||||
* @contact: 17330188597
|
||||
* @remark: 开发人员联系方式 1042025947@qq.com/微信同步
|
||||
*/
|
||||
@EnableTransactionManagement(proxyTargetClass = true)
|
||||
@Configuration
|
||||
public class PermissionResourceMybatisPlusConfig {
|
||||
|
||||
@Bean("permissionResourceMybatisPlusInterceptor")
|
||||
public MybatisPlusInterceptor mybatisPlusInterceptor() {
|
||||
|
||||
MybatisPlusInterceptor interceptor = new MybatisPlusInterceptor();
|
||||
// 数据权限插件
|
||||
interceptor.addInnerInterceptor(new DataPermissionInterceptor(new DataScopeHandler()));
|
||||
return interceptor;
|
||||
}
|
||||
|
||||
}
|
||||
@ -1,12 +1,6 @@
|
||||
package com.evotech.hd.resource.service.impl;
|
||||
|
||||
import java.util.ArrayList;
|
||||
import java.util.Arrays;
|
||||
import java.util.Date;
|
||||
import java.util.List;
|
||||
import org.springframework.stereotype.Service;
|
||||
import org.springframework.util.StringUtils;
|
||||
|
||||
import com.alibaba.nacos.common.utils.CollectionUtils;
|
||||
import com.baomidou.mybatisplus.core.conditions.query.QueryWrapper;
|
||||
import com.evotech.hd.common.core.constant.HDConstant;
|
||||
import com.evotech.hd.common.core.dao.resource.auth.AuthMenuDao;
|
||||
@ -18,11 +12,20 @@ import com.evotech.hd.common.core.entity.resource.auth.AuthRoleResource;
|
||||
import com.evotech.hd.common.core.enums.CodeMsg;
|
||||
import com.evotech.hd.resource.service.MenuService;
|
||||
import com.evotech.hd.resource.utils.MenuUtil;
|
||||
|
||||
import jakarta.annotation.Resource;
|
||||
import jakarta.servlet.http.HttpServletRequest;
|
||||
import lombok.extern.slf4j.Slf4j;
|
||||
import org.springframework.stereotype.Service;
|
||||
import org.springframework.util.StringUtils;
|
||||
|
||||
import java.util.ArrayList;
|
||||
import java.util.Arrays;
|
||||
import java.util.Date;
|
||||
import java.util.List;
|
||||
import java.util.stream.Collectors;
|
||||
|
||||
@Service
|
||||
@Slf4j
|
||||
public class MenuServiceImpl implements MenuService {
|
||||
|
||||
@Resource
|
||||
@ -89,9 +92,35 @@ public class MenuServiceImpl implements MenuService {
|
||||
if (menuList.isEmpty()) {
|
||||
return new Result<List<AuthMenu>>().error(CodeMsg.DATABASE_RESULT_NULL);
|
||||
}
|
||||
buildParentAuthMenu(menuList);
|
||||
menuList = MenuUtil.treeMenuList(menuList, 0);
|
||||
return new Result<List<AuthMenu>>().success(menuList);
|
||||
}
|
||||
|
||||
|
||||
public List<AuthMenu> buildParentAuthMenu(List<AuthMenu> menuList){
|
||||
//初始化加载父级
|
||||
try {
|
||||
List<Integer> pkIds = menuList.stream().map(AuthMenu::getPkId).collect(Collectors.toList());
|
||||
List<Integer> lodParentIds = new ArrayList<>();
|
||||
menuList.stream().map(AuthMenu::getParentId).forEach(parentId -> {
|
||||
if(!pkIds.contains(parentId) && !lodParentIds.contains(parentId)) {
|
||||
lodParentIds.add(parentId);
|
||||
}
|
||||
});
|
||||
if(CollectionUtils.isNotEmpty(lodParentIds)) {
|
||||
List<AuthMenu> parentList = authMenuDao.selectList(new QueryWrapper<AuthMenu>().in("pk_id", lodParentIds));
|
||||
if(CollectionUtils.isNotEmpty(parentList)) {
|
||||
menuList.addAll(parentList);
|
||||
}
|
||||
}
|
||||
} catch (Exception e) {
|
||||
log.error("加载父级菜单出现异常: {}", e.getMessage());
|
||||
}
|
||||
|
||||
return menuList;
|
||||
}
|
||||
|
||||
|
||||
|
||||
}
|
||||
|
||||
@ -205,8 +205,18 @@ public class RoleServiceImpl implements RoleService {
|
||||
oldResourceIds.add(arr.getResourceId());
|
||||
}
|
||||
}
|
||||
List<Dict> dictList = dictService.listDictByType(HDConstant.DEFAULT_MENU_TYPE);
|
||||
List<String> defaultIds = new ArrayList<>();
|
||||
if(CollectionUtils.isNotEmpty(dictList)) {
|
||||
dictList.stream().forEach(dict -> {
|
||||
defaultIds.add(dict.getDictValue());
|
||||
});
|
||||
}
|
||||
// 2. 删除原来的
|
||||
authRoleResourceDao.delete(new LambdaQueryWrapper<AuthRoleResource>().eq(AuthRoleResource::getRcode, rcode).in(AuthRoleResource::getResourceType, typeArr).in(CollectionUtils.isNotEmpty(oldResourceIds),AuthRoleResource::getResourceId, oldResourceIds));
|
||||
authRoleResourceDao.delete(new LambdaQueryWrapper<AuthRoleResource>().eq(AuthRoleResource::getRcode, rcode)
|
||||
.notIn(CollectionUtils.isNotEmpty(defaultIds), AuthRoleResource::getResourceId, defaultIds)
|
||||
.in(AuthRoleResource::getResourceType, typeArr).in(CollectionUtils.isNotEmpty(oldResourceIds) && darsr.getTypes().indexOf("MENU")< 0,AuthRoleResource::getResourceId, oldResourceIds)
|
||||
);
|
||||
|
||||
return addRoleSource(list);
|
||||
}
|
||||
|
||||
@ -1,179 +0,0 @@
|
||||
package com.evotech.hd.resource.utils;
|
||||
|
||||
import com.evotech.hd.common.core.constant.HDConstant;
|
||||
import com.evotech.hd.common.core.entity.resource.auth.AuthUser;
|
||||
import com.evotech.hd.common.redis.utils.RedisUtil;
|
||||
import com.evotech.hd.common.web.util.RequestContextUtil;
|
||||
import com.evotech.hd.common.web.util.SpringUtil;
|
||||
import lombok.extern.slf4j.Slf4j;
|
||||
import org.springframework.util.ObjectUtils;
|
||||
import org.springframework.util.StringUtils;
|
||||
|
||||
/**
|
||||
* @desc:
|
||||
* @ClassName:RedisCloudUtils
|
||||
* @date: 2025年04月14日 15:24
|
||||
* @author: andy.shi
|
||||
* @contact: 17330188597
|
||||
* @remark: 开发人员联系方式 1042025947@qq.com/微信同步
|
||||
*/
|
||||
|
||||
@Slf4j
|
||||
public class RedisResourceUtils {
|
||||
|
||||
public static AuthUser getUser(){
|
||||
AuthUser user = (AuthUser)getRedisObjectValue("user");
|
||||
return (ObjectUtils.isEmpty(user) ? null : user);
|
||||
}
|
||||
|
||||
public static String getRoleCode(){
|
||||
String roles = getRedisStringValue("rcodes");
|
||||
return StringUtils.isEmpty(roles) ? "" : roles;
|
||||
}
|
||||
|
||||
public static String getPermissionValue(String key){
|
||||
return getStringValue(HDConstant.LOGIN_CACHE_KEY_PREFIX + key+":"+getUserPkId());
|
||||
}
|
||||
|
||||
public static String getStationCode(){
|
||||
return getStringValue(HDConstant.LOGIN_CACHE_KEY_PREFIX + HDConstant.PermissionConstant.PERMISSION_STATION_CODE+":"+getUserPkId());
|
||||
}
|
||||
public static String getStationId(){
|
||||
return getStringValue(HDConstant.LOGIN_CACHE_KEY_PREFIX + HDConstant.PermissionConstant.PERMISSION_STATION_ID+":"+getUserPkId());
|
||||
}
|
||||
|
||||
public static String getCompanyCode(){
|
||||
return getStringValue(HDConstant.LOGIN_CACHE_KEY_PREFIX + HDConstant.PermissionConstant.PERMISSION_COMPANY_CODE+":"+getUserPkId());
|
||||
}
|
||||
public static String getCompanyId(){
|
||||
return getStringValue(HDConstant.LOGIN_CACHE_KEY_PREFIX + HDConstant.PermissionConstant.PERMISSION_COMPANY_ID+":"+getUserPkId());
|
||||
}
|
||||
|
||||
public static String getCarCode(){
|
||||
return getStringValue(HDConstant.LOGIN_CACHE_KEY_PREFIX + HDConstant.PermissionConstant.PERMISSION_CAR_CODE+":"+getUserPkId());
|
||||
}
|
||||
public static String getCarId(){
|
||||
return getStringValue(HDConstant.LOGIN_CACHE_KEY_PREFIX + HDConstant.PermissionConstant.PERMISSION_CAR_ID+":"+getUserPkId());
|
||||
}
|
||||
|
||||
private static Integer getUserPkId(){
|
||||
AuthUser user = getUser();
|
||||
if(org.apache.commons.lang3.ObjectUtils.isEmpty(user) || user.getPkId() == null){
|
||||
return null;
|
||||
}
|
||||
return user.getPkId();
|
||||
}
|
||||
|
||||
|
||||
// public static Integer getCompanyScopeId(){
|
||||
// return getUser().getPkId();
|
||||
// }
|
||||
|
||||
|
||||
/**
|
||||
* 获取当前登录的角色信息, 0 站端, 1 管理员, 2 运营商, 3 公司,
|
||||
* @author: andy.shi
|
||||
* @contact: 17330188597
|
||||
* @date: 2025/4/14/周一 14:21
|
||||
* @return: * @return: java.lang.String
|
||||
*/
|
||||
public static String getRoleType(){
|
||||
String roles = getRoleCode();
|
||||
if(isAdmin(roles)){
|
||||
return "1";
|
||||
}
|
||||
if(isOperator(roles)){
|
||||
return "2";
|
||||
}
|
||||
if(isCompany(roles)){
|
||||
return "3";
|
||||
}
|
||||
return "0";
|
||||
}
|
||||
|
||||
//如果不等于-1 则证明为管理员
|
||||
public static Boolean isAdmin(String roles){
|
||||
return isAuthority(roles, HDConstant.SYSTEM_MANAGER_ROLE_CODE);
|
||||
}
|
||||
|
||||
public static Boolean isOperator(String roles){
|
||||
return isAuthority(roles,HDConstant.OPERATOR_ROLE_CODE);
|
||||
}
|
||||
|
||||
public static Boolean isCompany(String roles){
|
||||
return isAuthority(roles,HDConstant.COMPANY_ROLE_CODE);
|
||||
}
|
||||
|
||||
private static Boolean isAuthority(String checkParamRoles, String paramRoleCode){
|
||||
if(org.apache.commons.lang3.StringUtils.isNotEmpty(checkParamRoles)){
|
||||
return checkParamRoles.lastIndexOf(paramRoleCode) != -1;
|
||||
}
|
||||
return getRoleCode().lastIndexOf(paramRoleCode) != -1;
|
||||
}
|
||||
|
||||
|
||||
/***
|
||||
* 根据token拼接key, 获取String结果
|
||||
* @param key
|
||||
* @return
|
||||
*/
|
||||
private static String getRedisStringValue(String key) {
|
||||
return String.valueOf(getRedisObjectValue(key));
|
||||
}
|
||||
|
||||
/***
|
||||
* 根据token拼接key, 获取Object结果
|
||||
* @param key
|
||||
* @return
|
||||
*/
|
||||
private static Object getRedisObjectValue(String key) {
|
||||
String token = RequestContextUtil.getToken();
|
||||
if(StringUtils.isEmpty(token)){
|
||||
log.error("SpringUtil.getRedisValue========== token is null");
|
||||
return null;
|
||||
}
|
||||
String jti = null;
|
||||
try {
|
||||
jti = TokenUtil.getJti(token);
|
||||
if(StringUtils.isEmpty(jti)){
|
||||
log.error("SpringUtil.getRedisValue========== jtj is null");
|
||||
return null;
|
||||
}
|
||||
} catch (Exception e) {
|
||||
log.error("SpringUtil.gegetRedisValuetUser========== jtj is null");
|
||||
return null;
|
||||
}
|
||||
return getValue(HDConstant.LOGIN_CACHE_KEY_PREFIX + jti + ":"+key);
|
||||
}
|
||||
|
||||
|
||||
/***
|
||||
* 根据key获取redis缓存
|
||||
* @param key
|
||||
* @return
|
||||
*/
|
||||
private static String getStringValue(String key){
|
||||
Object obj = getValue(key);
|
||||
return ObjectUtils.isEmpty(obj) ? null : String.valueOf(obj);
|
||||
}
|
||||
|
||||
/***
|
||||
* 根据key获取redis缓存
|
||||
* @param key
|
||||
* @return
|
||||
*/
|
||||
private static Object getValue(String key){
|
||||
RedisUtil redisUtil = SpringUtil.getBean(RedisUtil.class);
|
||||
if(ObjectUtils.isEmpty(redisUtil)){
|
||||
log.error("SpringUtil.getRedisValue========== redisUtil is null");
|
||||
}
|
||||
Object obj = redisUtil.get(key);
|
||||
if(ObjectUtils.isEmpty(obj)){
|
||||
log.error("SpringUtil.getRedisValue=={}========== obj is null",key);
|
||||
return null;
|
||||
}
|
||||
log.info("SpringUtil.getRedisValue=={}===={}",key,String.valueOf(obj));
|
||||
return obj;
|
||||
}
|
||||
|
||||
}
|
||||
@ -23,7 +23,7 @@
|
||||
</dependency>
|
||||
<dependency>
|
||||
<groupId>com.evotech.hd</groupId>
|
||||
<artifactId>common-redis</artifactId>
|
||||
<artifactId>common-permission</artifactId>
|
||||
<version>1.0.0-SNAPSHOT</version>
|
||||
</dependency>
|
||||
|
||||
@ -80,16 +80,6 @@
|
||||
<artifactId>core</artifactId>
|
||||
<version>3.5.3</version>
|
||||
</dependency>
|
||||
<dependency>
|
||||
<groupId>org.springframework.security</groupId>
|
||||
<artifactId>spring-security-oauth2-jose</artifactId>
|
||||
</dependency>
|
||||
<dependency>
|
||||
<groupId>cn.hutool</groupId>
|
||||
<artifactId>hutool-jwt</artifactId>
|
||||
</dependency>
|
||||
|
||||
|
||||
</dependencies>
|
||||
|
||||
<build>
|
||||
|
||||
@ -1,30 +0,0 @@
|
||||
package com.evotech.hd.wechat.config;
|
||||
|
||||
import com.baomidou.mybatisplus.extension.plugins.MybatisPlusInterceptor;
|
||||
import com.baomidou.mybatisplus.extension.plugins.inner.DataPermissionInterceptor;
|
||||
import com.evotech.hd.wechat.handler.DataScopeHandler;
|
||||
import org.springframework.context.annotation.Bean;
|
||||
import org.springframework.context.annotation.Configuration;
|
||||
import org.springframework.transaction.annotation.EnableTransactionManagement;
|
||||
|
||||
/**
|
||||
* @desc:
|
||||
* @ClassName:MybatisPlusConfig
|
||||
* @date: 2025年04月14日 16:14
|
||||
* @author: andy.shi
|
||||
* @contact: 17330188597
|
||||
* @remark: 开发人员联系方式 1042025947@qq.com/微信同步
|
||||
*/
|
||||
@EnableTransactionManagement(proxyTargetClass = true)
|
||||
@Configuration
|
||||
public class PermissionWechatMybatisPlusConfig {
|
||||
|
||||
@Bean("permissionWechatMybatisPlusInterceptor")
|
||||
public MybatisPlusInterceptor mybatisPlusInterceptor() {
|
||||
MybatisPlusInterceptor interceptor = new MybatisPlusInterceptor();
|
||||
// 数据权限插件
|
||||
interceptor.addInnerInterceptor(new DataPermissionInterceptor(new DataScopeHandler()));
|
||||
return interceptor;
|
||||
}
|
||||
|
||||
}
|
||||
@ -1,115 +0,0 @@
|
||||
package com.evotech.hd.wechat.handler;
|
||||
|
||||
import com.alibaba.nacos.common.utils.CollectionUtils;
|
||||
import com.alibaba.nacos.common.utils.StringUtils;
|
||||
import com.baomidou.mybatisplus.extension.plugins.handler.MultiDataPermissionHandler;
|
||||
import com.evotech.hd.common.core.permission.DataScope;
|
||||
import com.evotech.hd.common.core.permission.DataScopes;
|
||||
import com.evotech.hd.wechat.utils.permission.RedisWechatUtils;
|
||||
import net.sf.jsqlparser.expression.Expression;
|
||||
import net.sf.jsqlparser.expression.Parenthesis;
|
||||
import net.sf.jsqlparser.expression.StringValue;
|
||||
import net.sf.jsqlparser.expression.operators.relational.ExpressionList;
|
||||
import net.sf.jsqlparser.expression.operators.relational.InExpression;
|
||||
import net.sf.jsqlparser.schema.Column;
|
||||
import net.sf.jsqlparser.schema.Table;
|
||||
import org.apache.commons.lang3.ObjectUtils;
|
||||
|
||||
import java.util.Arrays;
|
||||
import java.util.stream.Collectors;
|
||||
|
||||
/**
|
||||
* @desc:
|
||||
* @ClassName:DataScopeHandler
|
||||
* @date: 2025年04月14日 14:54
|
||||
* @author: andy.shi
|
||||
* @contact: 17330188597
|
||||
* @remark: 开发人员联系方式 1042025947@qq.com/微信同步
|
||||
*/
|
||||
|
||||
public class DataScopeHandler implements MultiDataPermissionHandler {
|
||||
|
||||
/**
|
||||
* 获取数据权限 SQL 片段。
|
||||
* <p>旧的 {@link MultiDataPermissionHandler#getSqlSegment(Expression, String)} 方法第一个参数包含所有的 where 条件信息,如果 return 了 null 会覆盖原有的 where 数据,</p>
|
||||
* <p>新版的 {@link MultiDataPermissionHandler#getSqlSegment(Table, Expression, String)} 方法不能覆盖原有的 where 数据,如果 return 了 null 则表示不追加任何 where 条件</p>
|
||||
*
|
||||
* @param table 所执行的数据库表信息,可以通过此参数获取表名和表别名
|
||||
* @param where 原有的 where 条件信息
|
||||
* @param mappedStatementId Mybatis MappedStatement Id 根据该参数可以判断具体执行方法
|
||||
* @return JSqlParser 条件表达式,返回的条件表达式会拼接在原有的表达式后面(不会覆盖原有的表达式)
|
||||
*/
|
||||
|
||||
@Override
|
||||
public Expression getSqlSegment(Table table, Expression where, String mappedStatementId) {
|
||||
try {
|
||||
if(table != null && CollectionUtils.isNotEmpty(table.getNameParts()) && !"1".equals(RedisWechatUtils.getRoleType())){
|
||||
String roleCode = RedisWechatUtils.getRoleCode();
|
||||
Class<?> mapperClazz = Class.forName(mappedStatementId.substring(0, mappedStatementId.lastIndexOf(".")));
|
||||
//优先检查是不是单角色权限
|
||||
DataScope dataScope = mapperClazz.getAnnotation(DataScope.class);
|
||||
if (ObjectUtils.isNotEmpty(dataScope) && dataScope.enabled()) {
|
||||
if(dataScope.permissionObject().equals(roleCode)){
|
||||
return buildDataScopeByAnnotation(dataScope);
|
||||
}
|
||||
}
|
||||
//如果不是, 检查多角色权限
|
||||
DataScopes dataScopesList = mapperClazz.getAnnotation(DataScopes.class);
|
||||
if (ObjectUtils.isNotEmpty(dataScopesList)) {
|
||||
for (DataScope dataScopes :dataScopesList.value()){
|
||||
if(dataScopes.enabled()){
|
||||
if(dataScopes.permissionObject().equals(roleCode)){
|
||||
return buildDataScopeByAnnotation(dataScopes);
|
||||
}
|
||||
}
|
||||
}
|
||||
}
|
||||
}
|
||||
} catch (ClassNotFoundException e) {
|
||||
e.printStackTrace();
|
||||
}
|
||||
return null;
|
||||
}
|
||||
|
||||
|
||||
|
||||
/**
|
||||
* DataScope注解方式,拼装数据权限
|
||||
*
|
||||
* @param dataScope
|
||||
* @return
|
||||
*/
|
||||
private Expression buildDataScopeByAnnotation(DataScope dataScope) {
|
||||
Expression expression = buildDataScopeExpression(dataScope, RedisWechatUtils.getPermissionValue(dataScope.permissionScopeRedisKey()));
|
||||
return expression == null ? null : new Parenthesis(expression);
|
||||
}
|
||||
|
||||
|
||||
private Expression buildDataScopeExpression(DataScope dataScope, String value) {
|
||||
if(!"null".equals(value)){
|
||||
ExpressionList expressionList = new ExpressionList(Arrays.asList(value.split(",")).stream().map(StringValue::new).collect(Collectors.toList()));
|
||||
// 设置左边的字段表达式,右边设置值。
|
||||
InExpression operatorInExpression = new InExpression();
|
||||
operatorInExpression.setLeftExpression(buildColumn(dataScope.tableAlias(), dataScope.permissionScopeName()));
|
||||
operatorInExpression.setRightExpression(new Parenthesis(expressionList));
|
||||
return operatorInExpression;
|
||||
|
||||
}
|
||||
return null;
|
||||
}
|
||||
|
||||
/**
|
||||
* 构建Column
|
||||
*
|
||||
* @param tableAlias 表别名
|
||||
* @param columnName 字段名称
|
||||
* @return 带表别名字段
|
||||
*/
|
||||
private static Column buildColumn(String tableAlias, String columnName) {
|
||||
if (StringUtils.isNotEmpty(tableAlias)) {
|
||||
columnName = tableAlias + "." + columnName;
|
||||
}
|
||||
return new Column(columnName);
|
||||
}
|
||||
|
||||
}
|
||||
@ -1,179 +0,0 @@
|
||||
package com.evotech.hd.wechat.utils.permission;
|
||||
|
||||
import com.evotech.hd.common.core.constant.HDConstant;
|
||||
import com.evotech.hd.common.core.entity.resource.auth.AuthUser;
|
||||
import com.evotech.hd.common.redis.utils.RedisUtil;
|
||||
import com.evotech.hd.common.web.util.RequestContextUtil;
|
||||
import com.evotech.hd.common.web.util.SpringUtil;
|
||||
import lombok.extern.slf4j.Slf4j;
|
||||
import org.springframework.util.ObjectUtils;
|
||||
import org.springframework.util.StringUtils;
|
||||
|
||||
/**
|
||||
* @desc:
|
||||
* @ClassName:RedisCloudUtils
|
||||
* @date: 2025年04月14日 15:24
|
||||
* @author: andy.shi
|
||||
* @contact: 17330188597
|
||||
* @remark: 开发人员联系方式 1042025947@qq.com/微信同步
|
||||
*/
|
||||
|
||||
@Slf4j
|
||||
public class RedisWechatUtils {
|
||||
|
||||
public static AuthUser getUser(){
|
||||
AuthUser user = (AuthUser)getRedisObjectValue("user");
|
||||
return (ObjectUtils.isEmpty(user) ? null : user);
|
||||
}
|
||||
|
||||
public static String getRoleCode(){
|
||||
String roles = getRedisStringValue("rcodes");
|
||||
return StringUtils.isEmpty(roles) ? "" : roles;
|
||||
}
|
||||
|
||||
public static String getPermissionValue(String key){
|
||||
return getStringValue(HDConstant.LOGIN_CACHE_KEY_PREFIX + key+":"+getUserPkId());
|
||||
}
|
||||
|
||||
public static String getStationCode(){
|
||||
return getStringValue(HDConstant.LOGIN_CACHE_KEY_PREFIX + HDConstant.PermissionConstant.PERMISSION_STATION_CODE+":"+getUserPkId());
|
||||
}
|
||||
public static String getStationId(){
|
||||
return getStringValue(HDConstant.LOGIN_CACHE_KEY_PREFIX + HDConstant.PermissionConstant.PERMISSION_STATION_ID+":"+getUserPkId());
|
||||
}
|
||||
|
||||
public static String getCompanyCode(){
|
||||
return getStringValue(HDConstant.LOGIN_CACHE_KEY_PREFIX + HDConstant.PermissionConstant.PERMISSION_COMPANY_CODE+":"+getUserPkId());
|
||||
}
|
||||
public static String getCompanyId(){
|
||||
return getStringValue(HDConstant.LOGIN_CACHE_KEY_PREFIX + HDConstant.PermissionConstant.PERMISSION_COMPANY_ID+":"+getUserPkId());
|
||||
}
|
||||
|
||||
public static String getCarCode(){
|
||||
return getStringValue(HDConstant.LOGIN_CACHE_KEY_PREFIX + HDConstant.PermissionConstant.PERMISSION_CAR_CODE+":"+getUserPkId());
|
||||
}
|
||||
public static String getCarId(){
|
||||
return getStringValue(HDConstant.LOGIN_CACHE_KEY_PREFIX + HDConstant.PermissionConstant.PERMISSION_CAR_ID+":"+getUserPkId());
|
||||
}
|
||||
|
||||
private static Integer getUserPkId(){
|
||||
AuthUser user = getUser();
|
||||
if(org.apache.commons.lang3.ObjectUtils.isEmpty(user) || user.getPkId() == null){
|
||||
return null;
|
||||
}
|
||||
return user.getPkId();
|
||||
}
|
||||
|
||||
|
||||
// public static Integer getCompanyScopeId(){
|
||||
// return getUser().getPkId();
|
||||
// }
|
||||
|
||||
|
||||
/**
|
||||
* 获取当前登录的角色信息, 0 站端, 1 管理员, 2 运营商, 3 公司,
|
||||
* @author: andy.shi
|
||||
* @contact: 17330188597
|
||||
* @date: 2025/4/14/周一 14:21
|
||||
* @return: * @return: java.lang.String
|
||||
*/
|
||||
public static String getRoleType(){
|
||||
String roles = getRoleCode();
|
||||
if(isAdmin(roles)){
|
||||
return "1";
|
||||
}
|
||||
if(isOperator(roles)){
|
||||
return "2";
|
||||
}
|
||||
if(isCompany(roles)){
|
||||
return "3";
|
||||
}
|
||||
return "0";
|
||||
}
|
||||
|
||||
//如果不等于-1 则证明为管理员
|
||||
public static Boolean isAdmin(String roles){
|
||||
return isAuthority(roles, HDConstant.SYSTEM_MANAGER_ROLE_CODE);
|
||||
}
|
||||
|
||||
public static Boolean isOperator(String roles){
|
||||
return isAuthority(roles,HDConstant.OPERATOR_ROLE_CODE);
|
||||
}
|
||||
|
||||
public static Boolean isCompany(String roles){
|
||||
return isAuthority(roles,HDConstant.COMPANY_ROLE_CODE);
|
||||
}
|
||||
|
||||
private static Boolean isAuthority(String checkParamRoles, String paramRoleCode){
|
||||
if(org.apache.commons.lang3.StringUtils.isNotEmpty(checkParamRoles)){
|
||||
return checkParamRoles.lastIndexOf(paramRoleCode) != -1;
|
||||
}
|
||||
return getRoleCode().lastIndexOf(paramRoleCode) != -1;
|
||||
}
|
||||
|
||||
|
||||
/***
|
||||
* 根据token拼接key, 获取String结果
|
||||
* @param key
|
||||
* @return
|
||||
*/
|
||||
private static String getRedisStringValue(String key) {
|
||||
return String.valueOf(getRedisObjectValue(key));
|
||||
}
|
||||
|
||||
/***
|
||||
* 根据token拼接key, 获取Object结果
|
||||
* @param key
|
||||
* @return
|
||||
*/
|
||||
private static Object getRedisObjectValue(String key) {
|
||||
String token = RequestContextUtil.getToken();
|
||||
if(StringUtils.isEmpty(token)){
|
||||
log.error("SpringUtil.getRedisValue========== token is null");
|
||||
return null;
|
||||
}
|
||||
String jti = null;
|
||||
try {
|
||||
jti = TokenUtil.getJti(token);
|
||||
if(StringUtils.isEmpty(jti)){
|
||||
log.error("SpringUtil.getRedisValue========== jtj is null");
|
||||
return null;
|
||||
}
|
||||
} catch (Exception e) {
|
||||
log.error("SpringUtil.gegetRedisValuetUser========== jtj is null");
|
||||
return null;
|
||||
}
|
||||
return getValue(HDConstant.LOGIN_CACHE_KEY_PREFIX + jti + ":"+key);
|
||||
}
|
||||
|
||||
|
||||
/***
|
||||
* 根据key获取redis缓存
|
||||
* @param key
|
||||
* @return
|
||||
*/
|
||||
private static String getStringValue(String key){
|
||||
Object obj = getValue(key);
|
||||
return ObjectUtils.isEmpty(obj) ? null : String.valueOf(obj);
|
||||
}
|
||||
|
||||
/***
|
||||
* 根据key获取redis缓存
|
||||
* @param key
|
||||
* @return
|
||||
*/
|
||||
private static Object getValue(String key){
|
||||
RedisUtil redisUtil = SpringUtil.getBean(RedisUtil.class);
|
||||
if(ObjectUtils.isEmpty(redisUtil)){
|
||||
log.error("SpringUtil.getRedisValue========== redisUtil is null");
|
||||
}
|
||||
Object obj = redisUtil.get(key);
|
||||
if(ObjectUtils.isEmpty(obj)){
|
||||
log.error("SpringUtil.getRedisValue=={}========== obj is null",key);
|
||||
return null;
|
||||
}
|
||||
log.info("SpringUtil.getRedisValue=={}===={}",key,String.valueOf(obj));
|
||||
return obj;
|
||||
}
|
||||
|
||||
}
|
||||
@ -1,56 +0,0 @@
|
||||
package com.evotech.hd.wechat.utils.permission;
|
||||
|
||||
import cn.hutool.core.date.DateUtil;
|
||||
import cn.hutool.jwt.JWT;
|
||||
import cn.hutool.jwt.JWTUtil;
|
||||
import org.springframework.security.oauth2.jwt.JwtClaimNames;
|
||||
|
||||
import java.util.Date;
|
||||
|
||||
/**
|
||||
* token解析工具类
|
||||
*/
|
||||
public class TokenUtil {
|
||||
|
||||
|
||||
public static JWT parseToJwt(String token) {
|
||||
JWT parseToken = JWTUtil.parseToken(token);
|
||||
return parseToken;
|
||||
}
|
||||
|
||||
|
||||
/**
|
||||
* 从token中获取userId
|
||||
*/
|
||||
public static String getUserId(String token) {
|
||||
String uid = parseToJwt(token).getPayloads().getStr("uid");
|
||||
return uid;
|
||||
}
|
||||
|
||||
/**
|
||||
* 从token中获取rcodes
|
||||
*/
|
||||
public static String getRcodes(String token) {
|
||||
String uid = parseToJwt(token).getPayloads().getStr("rcodes");
|
||||
return uid;
|
||||
}
|
||||
|
||||
|
||||
/**
|
||||
* 从token中获取jti
|
||||
*/
|
||||
public static String getJti(String token) {
|
||||
String jti = parseToJwt(token).getPayloads().getStr(JwtClaimNames.JTI).replaceAll("-", "");
|
||||
return jti;
|
||||
}
|
||||
|
||||
|
||||
/**
|
||||
* 从token中获取过期时间
|
||||
*/
|
||||
public static Date getExp(String token) {
|
||||
String exp = parseToJwt(token).getPayloads().getStr(JwtClaimNames.EXP).toString();
|
||||
return DateUtil.date(Long.valueOf(exp) * 1000);
|
||||
}
|
||||
|
||||
}
|
||||
Loading…
Reference in New Issue
Block a user