diff --git a/authorization-server/src/main/java/com/evotech/hd/authorization/service/impl/LoginServiceImpl.java b/authorization-server/src/main/java/com/evotech/hd/authorization/service/impl/LoginServiceImpl.java index dc44deb..1b85f11 100644 --- a/authorization-server/src/main/java/com/evotech/hd/authorization/service/impl/LoginServiceImpl.java +++ b/authorization-server/src/main/java/com/evotech/hd/authorization/service/impl/LoginServiceImpl.java @@ -172,6 +172,9 @@ public class LoginServiceImpl implements LoginService { uv.setPermCodeList(permCodeList); redisUtil.lSet(HDConstant.LOGIN_CACHE_KEY_PREFIX + jti + ":perms", permUriList.toArray(new String[permUriList.size()]), tokenExp); } + + //开始缓存权限信息 + redisUtil.set(HDConstant.LOGIN_CACHE_KEY_PREFIX + HDConstant.PermissionConstant.PERMISSION_AUTH_USER_UID+":"+user.getPkId(), user.getUid()); if(rcodeList.contains(HDConstant.OPERATOR_ROLE_CODE)){ BaseResponse> result = cloudService.loadBatteryStation(user.getBusinessCode()); if(CodeMsg.SUCCESS.getCode().equals(result.getCode())){ @@ -182,6 +185,7 @@ public class LoginServiceImpl implements LoginService { pkIds = list.stream().map(BatteryStation::getPkId).map(String::valueOf).filter(com.alibaba.nacos.common.utils.StringUtils::isNotEmpty).collect(Collectors.joining(",")); codes = list.stream().map(BatteryStation::getCode).filter(com.alibaba.nacos.common.utils.StringUtils::isNotEmpty).collect(Collectors.joining(",")); } + redisUtil.set(HDConstant.LOGIN_CACHE_KEY_PREFIX + HDConstant.PermissionConstant.PERMISSION_PROXY_CODE+":"+user.getPkId(), user.getBusinessCode()); redisUtil.set(HDConstant.LOGIN_CACHE_KEY_PREFIX + HDConstant.PermissionConstant.PERMISSION_STATION_ID+":"+user.getPkId(), pkIds); redisUtil.set(HDConstant.LOGIN_CACHE_KEY_PREFIX + HDConstant.PermissionConstant.PERMISSION_STATION_CODE+":"+user.getPkId(), codes); } diff --git a/base-commons/common-core/src/main/java/com/evotech/hd/common/core/constant/HDConstant.java b/base-commons/common-core/src/main/java/com/evotech/hd/common/core/constant/HDConstant.java index 59f20ed..5e40de0 100644 --- a/base-commons/common-core/src/main/java/com/evotech/hd/common/core/constant/HDConstant.java +++ b/base-commons/common-core/src/main/java/com/evotech/hd/common/core/constant/HDConstant.java @@ -3,6 +3,8 @@ package com.evotech.hd.common.core.constant; public interface HDConstant { public static final class PermissionConstant{ + public static final String PERMISSION_AUTH_USER_UID = "AUTH_USER_UID"; + public static final String PERMISSION_PROXY_CODE = "PROXY_CODE"; public static final String PERMISSION_STATION_CODE = "STATION_CODE"; public static final String PERMISSION_STATION_ID = "STATION_ID"; public static final String PERMISSION_COMPANY_CODE = "COMPANY_CODE"; diff --git a/base-commons/common-core/src/main/java/com/evotech/hd/common/core/dao/resource/ProxyOperaterDao.java b/base-commons/common-core/src/main/java/com/evotech/hd/common/core/dao/resource/ProxyOperaterDao.java index 2a18845..52ee7b7 100644 --- a/base-commons/common-core/src/main/java/com/evotech/hd/common/core/dao/resource/ProxyOperaterDao.java +++ b/base-commons/common-core/src/main/java/com/evotech/hd/common/core/dao/resource/ProxyOperaterDao.java @@ -1,12 +1,15 @@ package com.evotech.hd.common.core.dao.resource; import com.baomidou.mybatisplus.core.mapper.BaseMapper; +import com.evotech.hd.common.core.constant.HDConstant; import com.evotech.hd.common.core.entity.resource.ProxyOperater; +import com.evotech.hd.common.core.permission.DataScope; /** * @author zrb * @since 2024-10-15 */ +@DataScope(permissionObject = HDConstant.OPERATOR_ROLE_CODE, permissionScopeName = "pocode", permissionScopeRedisKey = HDConstant.PermissionConstant.PERMISSION_PROXY_CODE) public interface ProxyOperaterDao extends BaseMapper { } diff --git a/base-commons/common-core/src/main/java/com/evotech/hd/common/core/dao/resource/auth/AuthRoleDao.java b/base-commons/common-core/src/main/java/com/evotech/hd/common/core/dao/resource/auth/AuthRoleDao.java index cff2009..4107ffb 100644 --- a/base-commons/common-core/src/main/java/com/evotech/hd/common/core/dao/resource/auth/AuthRoleDao.java +++ b/base-commons/common-core/src/main/java/com/evotech/hd/common/core/dao/resource/auth/AuthRoleDao.java @@ -1,12 +1,15 @@ package com.evotech.hd.common.core.dao.resource.auth; import com.baomidou.mybatisplus.core.mapper.BaseMapper; +import com.evotech.hd.common.core.constant.HDConstant; import com.evotech.hd.common.core.entity.resource.auth.AuthRole; +import com.evotech.hd.common.core.permission.DataScope; /** * @author zrb * @since 2024-09-04 */ +@DataScope(permissionObject = HDConstant.OPERATOR_ROLE_CODE, permissionScopeName = "creater", permissionScopeRedisKey = HDConstant.PermissionConstant.PERMISSION_AUTH_USER_UID) public interface AuthRoleDao extends BaseMapper { } diff --git a/base-commons/common-core/src/main/java/com/evotech/hd/common/core/dao/resource/auth/AuthUserDao.java b/base-commons/common-core/src/main/java/com/evotech/hd/common/core/dao/resource/auth/AuthUserDao.java index 848286f..3026ab7 100644 --- a/base-commons/common-core/src/main/java/com/evotech/hd/common/core/dao/resource/auth/AuthUserDao.java +++ b/base-commons/common-core/src/main/java/com/evotech/hd/common/core/dao/resource/auth/AuthUserDao.java @@ -1,12 +1,15 @@ package com.evotech.hd.common.core.dao.resource.auth; import com.baomidou.mybatisplus.core.mapper.BaseMapper; +import com.evotech.hd.common.core.constant.HDConstant; import com.evotech.hd.common.core.entity.resource.auth.AuthUser; +import com.evotech.hd.common.core.permission.DataScope; /** * @author zrb * @since 2024-09-04 */ +@DataScope(permissionObject = HDConstant.OPERATOR_ROLE_CODE, permissionScopeName = "creater", permissionScopeRedisKey = HDConstant.PermissionConstant.PERMISSION_AUTH_USER_UID) public interface AuthUserDao extends BaseMapper { } diff --git a/base-commons/common-core/src/main/java/com/evotech/hd/common/core/entity/resource/auth/AuthRole.java b/base-commons/common-core/src/main/java/com/evotech/hd/common/core/entity/resource/auth/AuthRole.java index f967976..e565178 100644 --- a/base-commons/common-core/src/main/java/com/evotech/hd/common/core/entity/resource/auth/AuthRole.java +++ b/base-commons/common-core/src/main/java/com/evotech/hd/common/core/entity/resource/auth/AuthRole.java @@ -1,18 +1,14 @@ package com.evotech.hd.common.core.entity.resource.auth; -import com.baomidou.mybatisplus.annotation.IdType; -import com.baomidou.mybatisplus.annotation.TableId; -import com.baomidou.mybatisplus.annotation.TableName; +import com.baomidou.mybatisplus.annotation.*; import com.fasterxml.jackson.annotation.JsonFormat; - -import java.io.Serializable; -import java.util.Date; - -import org.springframework.format.annotation.DateTimeFormat; - import io.swagger.v3.oas.annotations.media.Schema; import lombok.Getter; import lombok.Setter; +import org.springframework.format.annotation.DateTimeFormat; + +import java.io.Serializable; +import java.util.Date; /** * @author zrb @@ -49,18 +45,22 @@ public class AuthRole implements Serializable { private Integer readonly; @Schema(description = "创建人") + @TableField(fill = FieldFill.INSERT) private String creater; @Schema(description = "创建时间", hidden = true) @DateTimeFormat(pattern = "yyyy-MM-dd HH:mm:ss") @JsonFormat(pattern = "yyyy-MM-dd HH:mm:ss",timezone="GMT+8") + @TableField(fill = FieldFill.INSERT) private Date ctime; @Schema(description = "更新人", hidden = true) + @TableField(fill = FieldFill.UPDATE) private String updater; @Schema(description = "更新时间") @DateTimeFormat(pattern = "yyyy-MM-dd HH:mm:ss") @JsonFormat(pattern = "yyyy-MM-dd HH:mm:ss",timezone="GMT+8") + @TableField(fill = FieldFill.UPDATE) private Date uptime; } diff --git a/base-commons/common-core/src/main/java/com/evotech/hd/common/core/entity/resource/auth/AuthUser.java b/base-commons/common-core/src/main/java/com/evotech/hd/common/core/entity/resource/auth/AuthUser.java index 348f669..be0c824 100644 --- a/base-commons/common-core/src/main/java/com/evotech/hd/common/core/entity/resource/auth/AuthUser.java +++ b/base-commons/common-core/src/main/java/com/evotech/hd/common/core/entity/resource/auth/AuthUser.java @@ -1,9 +1,6 @@ package com.evotech.hd.common.core.entity.resource.auth; -import com.baomidou.mybatisplus.annotation.IdType; -import com.baomidou.mybatisplus.annotation.TableField; -import com.baomidou.mybatisplus.annotation.TableId; -import com.baomidou.mybatisplus.annotation.TableName; +import com.baomidou.mybatisplus.annotation.*; import com.fasterxml.jackson.annotation.JsonFormat; import io.swagger.v3.oas.annotations.media.Schema; import io.swagger.v3.oas.annotations.media.Schema.RequiredMode; @@ -94,19 +91,23 @@ public class AuthUser implements Serializable { private Date lastLoginTime; @Schema(description = "创建人", hidden = true) + @TableField(fill = FieldFill.INSERT) private String creater; @Schema(description = "创建时间", hidden = true) @DateTimeFormat(pattern = "yyyy-MM-dd HH:mm:ss") @JsonFormat(pattern = "yyyy-MM-dd HH:mm:ss",timezone="GMT+8") + @TableField(fill = FieldFill.INSERT) private Date ctime; @Schema(description = "更新人", hidden = true) + @TableField(fill = FieldFill.UPDATE) private String updater; @Schema(description = "更新时间", hidden = true) @DateTimeFormat(pattern = "yyyy-MM-dd HH:mm:ss") @JsonFormat(pattern = "yyyy-MM-dd HH:mm:ss",timezone="GMT+8") + @TableField(fill = FieldFill.UPDATE) private Date uptime; @Schema(description = "角色编码", hidden = true) diff --git a/base-commons/common-permission/pom.xml b/base-commons/common-permission/pom.xml new file mode 100644 index 0000000..dc4df2e --- /dev/null +++ b/base-commons/common-permission/pom.xml @@ -0,0 +1,76 @@ + + + 4.0.0 + + com.evotech.hd + base-commons + 1.0.0-SNAPSHOT + + + common-permission + + + 17 + 17 + UTF-8 + + + + com.evotech.hd + common-redis + 1.0.0-SNAPSHOT + + + + + org.springframework + spring-tx + + + org.testng + testng + RELEASE + compile + + + com.baomidou + mybatis-plus-extension + 3.5.7 + compile + + + org.springframework + spring-context + + + com.evotech.hd + common-core + 1.0.0-SNAPSHOT + compile + + + org.projectlombok + lombok + provided + + + jakarta.servlet + jakarta.servlet-api + + + cn.hutool + hutool-jwt + + + org.springframework.security + spring-security-oauth2-jose + + + com.alibaba.nacos + nacos-client + + + + \ No newline at end of file diff --git a/cloud-manage-server/src/main/java/com/evotech/hd/cloud/config/PermissionCloudMybatisPlusConfig.java b/base-commons/common-permission/src/main/java/com/evotech/hd/common/permission/config/permission/PermissionMybatisPlusConfig.java similarity index 81% rename from cloud-manage-server/src/main/java/com/evotech/hd/cloud/config/PermissionCloudMybatisPlusConfig.java rename to base-commons/common-permission/src/main/java/com/evotech/hd/common/permission/config/permission/PermissionMybatisPlusConfig.java index d96942d..a454ec8 100644 --- a/cloud-manage-server/src/main/java/com/evotech/hd/cloud/config/PermissionCloudMybatisPlusConfig.java +++ b/base-commons/common-permission/src/main/java/com/evotech/hd/common/permission/config/permission/PermissionMybatisPlusConfig.java @@ -1,8 +1,8 @@ -package com.evotech.hd.cloud.config; +package com.evotech.hd.common.permission.config.permission; import com.baomidou.mybatisplus.extension.plugins.MybatisPlusInterceptor; import com.baomidou.mybatisplus.extension.plugins.inner.DataPermissionInterceptor; -import com.evotech.hd.cloud.handler.DataScopeHandler; +import com.evotech.hd.common.permission.handler.DataScopeHandler; import org.springframework.context.annotation.Bean; import org.springframework.context.annotation.Configuration; import org.springframework.transaction.annotation.EnableTransactionManagement; @@ -17,9 +17,9 @@ import org.springframework.transaction.annotation.EnableTransactionManagement; */ @EnableTransactionManagement(proxyTargetClass = true) @Configuration -public class PermissionCloudMybatisPlusConfig { +public class PermissionMybatisPlusConfig { - @Bean("permissionCloudMybatisPlusInterceptor") + @Bean("permissionMybatisPlusInterceptor") public MybatisPlusInterceptor mybatisPlusInterceptor() { MybatisPlusInterceptor interceptor = new MybatisPlusInterceptor(); diff --git a/resource-server/src/main/java/com/evotech/hd/resource/handler/DataScopeHandler.java b/base-commons/common-permission/src/main/java/com/evotech/hd/common/permission/handler/DataScopeHandler.java similarity index 92% rename from resource-server/src/main/java/com/evotech/hd/resource/handler/DataScopeHandler.java rename to base-commons/common-permission/src/main/java/com/evotech/hd/common/permission/handler/DataScopeHandler.java index b52f9ce..0ed999d 100644 --- a/resource-server/src/main/java/com/evotech/hd/resource/handler/DataScopeHandler.java +++ b/base-commons/common-permission/src/main/java/com/evotech/hd/common/permission/handler/DataScopeHandler.java @@ -1,11 +1,12 @@ -package com.evotech.hd.resource.handler; +package com.evotech.hd.common.permission.handler; import com.alibaba.nacos.common.utils.CollectionUtils; import com.alibaba.nacos.common.utils.StringUtils; +import com.baomidou.mybatisplus.core.toolkit.ObjectUtils; import com.baomidou.mybatisplus.extension.plugins.handler.MultiDataPermissionHandler; import com.evotech.hd.common.core.permission.DataScope; import com.evotech.hd.common.core.permission.DataScopes; -import com.evotech.hd.resource.utils.RedisResourceUtils; +import com.evotech.hd.common.permission.util.RedisPermissionUtils; import net.sf.jsqlparser.expression.Expression; import net.sf.jsqlparser.expression.Parenthesis; import net.sf.jsqlparser.expression.StringValue; @@ -13,7 +14,6 @@ import net.sf.jsqlparser.expression.operators.relational.ExpressionList; import net.sf.jsqlparser.expression.operators.relational.InExpression; import net.sf.jsqlparser.schema.Column; import net.sf.jsqlparser.schema.Table; -import org.apache.commons.lang3.ObjectUtils; import java.util.Arrays; import java.util.stream.Collectors; @@ -43,8 +43,8 @@ public class DataScopeHandler implements MultiDataPermissionHandler { @Override public Expression getSqlSegment(Table table, Expression where, String mappedStatementId) { try { - if(table != null && CollectionUtils.isNotEmpty(table.getNameParts()) && !"1".equals(RedisResourceUtils.getRoleType())){ - String roleCode = RedisResourceUtils.getRoleCode(); + if(table != null && CollectionUtils.isNotEmpty(table.getNameParts()) && !"1".equals(RedisPermissionUtils.getRoleType())){ + String roleCode = RedisPermissionUtils.getRoleCode(); Class mapperClazz = Class.forName(mappedStatementId.substring(0, mappedStatementId.lastIndexOf("."))); //优先检查是不是单角色权限 DataScope dataScope = mapperClazz.getAnnotation(DataScope.class); @@ -80,7 +80,7 @@ public class DataScopeHandler implements MultiDataPermissionHandler { * @return */ private Expression buildDataScopeByAnnotation(DataScope dataScope) { - Expression expression = buildDataScopeExpression(dataScope, RedisResourceUtils.getPermissionValue(dataScope.permissionScopeRedisKey())); + Expression expression = buildDataScopeExpression(dataScope, RedisPermissionUtils.getPermissionValue(dataScope.permissionScopeRedisKey())); return expression == null ? null : new Parenthesis(expression); } diff --git a/base-commons/common-permission/src/main/java/com/evotech/hd/common/permission/handler/InsertAndUpdateMybatisHandler.java b/base-commons/common-permission/src/main/java/com/evotech/hd/common/permission/handler/InsertAndUpdateMybatisHandler.java new file mode 100644 index 0000000..6d02222 --- /dev/null +++ b/base-commons/common-permission/src/main/java/com/evotech/hd/common/permission/handler/InsertAndUpdateMybatisHandler.java @@ -0,0 +1,67 @@ +package com.evotech.hd.common.permission.handler; + +import cn.hutool.core.bean.BeanUtil; +import cn.hutool.json.JSONUtil; +import com.baomidou.mybatisplus.core.handlers.MetaObjectHandler; +import com.evotech.hd.common.core.entity.resource.auth.AuthUser; +import com.evotech.hd.common.permission.util.RedisPermissionUtils; +import lombok.extern.slf4j.Slf4j; +import org.apache.ibatis.reflection.MetaObject; +import org.springframework.stereotype.Component; + +import java.util.Date; + +/** + * @desc: 修改和新增自定义注解 + * @ClassName:InsertAndUpdateMybatisHandler + * @date: 2025年04月17日 9:03 + * @author: andy.shi + * @contact: 17330188597 + * @remark: 开发人员联系方式 1042025947@qq.com/微信同步 + */ +@Component +@Slf4j +public class InsertAndUpdateMybatisHandler implements MetaObjectHandler { + @Override + public void insertFill(MetaObject metaObject) { + try { + AuthUser user = RedisPermissionUtils.getUser(); + if(BeanUtil.isEmpty(user)){ + log.info("当前操作位登录, 无需执行"); + return; + } + if(BeanUtil.isNotEmpty(metaObject)){ + mySetFieldValByName("creater",user.getUid(),metaObject); + mySetFieldValByName("ctime",new Date(),metaObject); + } + } catch (Exception e) { + log.error("自动填充拦截器异常=====insert,对象信息:{}, 异常信息:{}", JSONUtil.toJsonStr(metaObject), e.getMessage()); + } + + } + + private void mySetFieldValByName(String filedName, Object fieldVal, MetaObject metaObject) { + Object createType = getFieldValByName(filedName,metaObject); + if(BeanUtil.isEmpty(createType)){ + setFieldValByName(filedName,fieldVal,metaObject); + } + } + + + @Override + public void updateFill(MetaObject metaObject) { + try { + AuthUser user = RedisPermissionUtils.getUser(); + if(BeanUtil.isEmpty(user)){ + log.info("当前操作未登录, 无需执行"); + return; + } + if(BeanUtil.isNotEmpty(metaObject)){ + mySetFieldValByName("updater",user.getUid(),metaObject); + mySetFieldValByName("uptime",new Date(),metaObject); + } + } catch (Exception e) { + log.error("自动填充拦截器异常=====update,对象信息:{}, 异常信息:{}", JSONUtil.toJsonStr(metaObject),e.getMessage()); + } + } +} diff --git a/cloud-manage-server/src/main/java/com/evotech/hd/cloud/utils/RedisCloudUtils.java b/base-commons/common-permission/src/main/java/com/evotech/hd/common/permission/util/RedisPermissionUtils.java similarity index 93% rename from cloud-manage-server/src/main/java/com/evotech/hd/cloud/utils/RedisCloudUtils.java rename to base-commons/common-permission/src/main/java/com/evotech/hd/common/permission/util/RedisPermissionUtils.java index f461029..55c4651 100644 --- a/cloud-manage-server/src/main/java/com/evotech/hd/cloud/utils/RedisCloudUtils.java +++ b/base-commons/common-permission/src/main/java/com/evotech/hd/common/permission/util/RedisPermissionUtils.java @@ -1,10 +1,8 @@ -package com.evotech.hd.cloud.utils; +package com.evotech.hd.common.permission.util; import com.evotech.hd.common.core.constant.HDConstant; import com.evotech.hd.common.core.entity.resource.auth.AuthUser; import com.evotech.hd.common.redis.utils.RedisUtil; -import com.evotech.hd.common.web.util.RequestContextUtil; -import com.evotech.hd.common.web.util.SpringUtil; import lombok.extern.slf4j.Slf4j; import org.springframework.util.ObjectUtils; import org.springframework.util.StringUtils; @@ -19,7 +17,7 @@ import org.springframework.util.StringUtils; */ @Slf4j -public class RedisCloudUtils { +public class RedisPermissionUtils { public static AuthUser getUser(){ AuthUser user = (AuthUser)getRedisObjectValue("user"); @@ -58,7 +56,7 @@ public class RedisCloudUtils { private static Integer getUserPkId(){ AuthUser user = getUser(); - if(org.apache.commons.lang3.ObjectUtils.isEmpty(user) || user.getPkId() == null){ + if(ObjectUtils.isEmpty(user) || user.getPkId() == null){ return null; } return user.getPkId(); @@ -105,7 +103,7 @@ public class RedisCloudUtils { } private static Boolean isAuthority(String checkParamRoles, String paramRoleCode){ - if(org.apache.commons.lang3.StringUtils.isNotEmpty(checkParamRoles)){ + if(!StringUtils.isEmpty(checkParamRoles)){ return checkParamRoles.lastIndexOf(paramRoleCode) != -1; } return getRoleCode().lastIndexOf(paramRoleCode) != -1; @@ -127,7 +125,7 @@ public class RedisCloudUtils { * @return */ private static Object getRedisObjectValue(String key) { - String token = RequestContextUtil.getToken(); + String token = SpringUtil.getToken(); if(StringUtils.isEmpty(token)){ log.error("SpringUtil.getRedisValue========== token is null"); return null; diff --git a/base-commons/common-web/src/main/java/com/evotech/hd/common/web/util/SpringUtil.java b/base-commons/common-permission/src/main/java/com/evotech/hd/common/permission/util/SpringUtil.java similarity index 85% rename from base-commons/common-web/src/main/java/com/evotech/hd/common/web/util/SpringUtil.java rename to base-commons/common-permission/src/main/java/com/evotech/hd/common/permission/util/SpringUtil.java index 7086f1f..8a53e3b 100644 --- a/base-commons/common-web/src/main/java/com/evotech/hd/common/web/util/SpringUtil.java +++ b/base-commons/common-permission/src/main/java/com/evotech/hd/common/permission/util/SpringUtil.java @@ -1,5 +1,6 @@ -package com.evotech.hd.common.web.util; +package com.evotech.hd.common.permission.util; +import com.evotech.hd.common.core.constant.HDConstant; import jakarta.servlet.http.HttpServletRequest; import jakarta.servlet.http.HttpServletResponse; import lombok.extern.slf4j.Slf4j; @@ -7,6 +8,7 @@ import org.springframework.beans.BeansException; import org.springframework.context.ApplicationContext; import org.springframework.context.ApplicationContextAware; import org.springframework.stereotype.Component; +import org.springframework.util.StringUtils; import org.springframework.web.context.request.RequestAttributes; import org.springframework.web.context.request.RequestContextHolder; import org.springframework.web.context.request.ServletRequestAttributes; @@ -39,6 +41,14 @@ public class SpringUtil implements ApplicationContextAware { return applicationContext; } + public static String getToken() { + String authorization = getRequest().getHeader(HDConstant.AUTHORIZATION_KEY); + if (StringUtils.hasLength(authorization) && authorization.contains(HDConstant.JWT_PREFIX)) { + return authorization.substring(HDConstant.JWT_PREFIX.length()); + } + return null; + } + public static Object getBean(String name) { return getApplicationContext().getBean(name); } diff --git a/resource-server/src/main/java/com/evotech/hd/resource/utils/TokenUtil.java b/base-commons/common-permission/src/main/java/com/evotech/hd/common/permission/util/TokenUtil.java similarity index 95% rename from resource-server/src/main/java/com/evotech/hd/resource/utils/TokenUtil.java rename to base-commons/common-permission/src/main/java/com/evotech/hd/common/permission/util/TokenUtil.java index 5f1e8a9..a5fc59f 100644 --- a/resource-server/src/main/java/com/evotech/hd/resource/utils/TokenUtil.java +++ b/base-commons/common-permission/src/main/java/com/evotech/hd/common/permission/util/TokenUtil.java @@ -1,4 +1,4 @@ -package com.evotech.hd.resource.utils; +package com.evotech.hd.common.permission.util; import cn.hutool.core.date.DateUtil; import cn.hutool.jwt.JWT; diff --git a/base-commons/pom.xml b/base-commons/pom.xml index 2f51d96..7da7e1d 100644 --- a/base-commons/pom.xml +++ b/base-commons/pom.xml @@ -14,5 +14,6 @@ common-web common-mybatis common-redis + common-permission \ No newline at end of file diff --git a/cloud-manage-server/pom.xml b/cloud-manage-server/pom.xml index a0979e2..5a38262 100644 --- a/cloud-manage-server/pom.xml +++ b/cloud-manage-server/pom.xml @@ -26,13 +26,11 @@ common-mybatis 1.0.0-SNAPSHOT - - com.evotech.hd - common-redis - 1.0.0-SNAPSHOT + com.evotech.hd + common-permission + 1.0.0-SNAPSHOT - org.springframework.cloud @@ -82,15 +80,6 @@ cn.hutool hutool-crypto - - cn.hutool - hutool-jwt - - - org.springframework.security - spring-security-oauth2-jose - - diff --git a/cloud-manage-server/src/main/java/com/evotech/hd/cloud/handler/DataScopeHandler.java b/cloud-manage-server/src/main/java/com/evotech/hd/cloud/handler/DataScopeHandler.java deleted file mode 100644 index 8440d72..0000000 --- a/cloud-manage-server/src/main/java/com/evotech/hd/cloud/handler/DataScopeHandler.java +++ /dev/null @@ -1,115 +0,0 @@ -package com.evotech.hd.cloud.handler; - -import com.alibaba.nacos.common.utils.CollectionUtils; -import com.alibaba.nacos.common.utils.StringUtils; -import com.baomidou.mybatisplus.extension.plugins.handler.MultiDataPermissionHandler; -import com.evotech.hd.cloud.utils.RedisCloudUtils; -import com.evotech.hd.common.core.permission.DataScope; -import com.evotech.hd.common.core.permission.DataScopes; -import net.sf.jsqlparser.expression.Expression; -import net.sf.jsqlparser.expression.Parenthesis; -import net.sf.jsqlparser.expression.StringValue; -import net.sf.jsqlparser.expression.operators.relational.ExpressionList; -import net.sf.jsqlparser.expression.operators.relational.InExpression; -import net.sf.jsqlparser.schema.Column; -import net.sf.jsqlparser.schema.Table; -import org.apache.commons.lang3.ObjectUtils; - -import java.util.Arrays; -import java.util.stream.Collectors; - -/** - * @desc: - * @ClassName:DataScopeHandler - * @date: 2025年04月14日 14:54 - * @author: andy.shi - * @contact: 17330188597 - * @remark: 开发人员联系方式 1042025947@qq.com/微信同步 - */ - -public class DataScopeHandler implements MultiDataPermissionHandler { - - /** - * 获取数据权限 SQL 片段。 - *

旧的 {@link MultiDataPermissionHandler#getSqlSegment(Expression, String)} 方法第一个参数包含所有的 where 条件信息,如果 return 了 null 会覆盖原有的 where 数据,

- *

新版的 {@link MultiDataPermissionHandler#getSqlSegment(Table, Expression, String)} 方法不能覆盖原有的 where 数据,如果 return 了 null 则表示不追加任何 where 条件

- * - * @param table 所执行的数据库表信息,可以通过此参数获取表名和表别名 - * @param where 原有的 where 条件信息 - * @param mappedStatementId Mybatis MappedStatement Id 根据该参数可以判断具体执行方法 - * @return JSqlParser 条件表达式,返回的条件表达式会拼接在原有的表达式后面(不会覆盖原有的表达式) - */ - - @Override - public Expression getSqlSegment(Table table, Expression where, String mappedStatementId) { - try { - if(table != null && CollectionUtils.isNotEmpty(table.getNameParts()) && !"1".equals(RedisCloudUtils.getRoleType())){ - String roleCode = RedisCloudUtils.getRoleCode(); - Class mapperClazz = Class.forName(mappedStatementId.substring(0, mappedStatementId.lastIndexOf("."))); - //优先检查是不是单角色权限 - DataScope dataScope = mapperClazz.getAnnotation(DataScope.class); - if (ObjectUtils.isNotEmpty(dataScope) && dataScope.enabled()) { - if(dataScope.permissionObject().equals(roleCode)){ - return buildDataScopeByAnnotation(dataScope); - } - } - //如果不是, 检查多角色权限 - DataScopes dataScopesList = mapperClazz.getAnnotation(DataScopes.class); - if (ObjectUtils.isNotEmpty(dataScopesList)) { - for (DataScope dataScopes :dataScopesList.value()){ - if(dataScopes.enabled()){ - if(dataScopes.permissionObject().equals(roleCode)){ - return buildDataScopeByAnnotation(dataScopes); - } - } - } - } - } - } catch (ClassNotFoundException e) { - e.printStackTrace(); - } - return null; - } - - - - /** - * DataScope注解方式,拼装数据权限 - * - * @param dataScope - * @return - */ - private Expression buildDataScopeByAnnotation(DataScope dataScope) { - Expression expression = buildDataScopeExpression(dataScope, RedisCloudUtils.getPermissionValue(dataScope.permissionScopeRedisKey())); - return expression == null ? null : new Parenthesis(expression); - } - - - private Expression buildDataScopeExpression(DataScope dataScope, String value) { - if(!"null".equals(value)){ - ExpressionList expressionList = new ExpressionList(Arrays.asList(value.split(",")).stream().map(StringValue::new).collect(Collectors.toList())); - // 设置左边的字段表达式,右边设置值。 - InExpression operatorInExpression = new InExpression(); - operatorInExpression.setLeftExpression(buildColumn(dataScope.tableAlias(), dataScope.permissionScopeName())); - operatorInExpression.setRightExpression(new Parenthesis(expressionList)); - return operatorInExpression; - - } - return null; - } - - /** - * 构建Column - * - * @param tableAlias 表别名 - * @param columnName 字段名称 - * @return 带表别名字段 - */ - private static Column buildColumn(String tableAlias, String columnName) { - if (StringUtils.isNotEmpty(tableAlias)) { - columnName = tableAlias + "." + columnName; - } - return new Column(columnName); - } - -} diff --git a/cloud-manage-server/src/main/java/com/evotech/hd/cloud/mqtt/message/processor/MqttMessageRequestExchangeProcessor.java b/cloud-manage-server/src/main/java/com/evotech/hd/cloud/mqtt/message/processor/MqttMessageRequestExchangeProcessor.java index 4b8cd5c..32ba68e 100644 --- a/cloud-manage-server/src/main/java/com/evotech/hd/cloud/mqtt/message/processor/MqttMessageRequestExchangeProcessor.java +++ b/cloud-manage-server/src/main/java/com/evotech/hd/cloud/mqtt/message/processor/MqttMessageRequestExchangeProcessor.java @@ -11,7 +11,7 @@ import com.evotech.hd.cloud.mqtt.message.MessageTopic; import com.evotech.hd.cloud.mqtt.message.MqttMessageHeader; import com.evotech.hd.cloud.mqtt.message.dto.newer.req.MqttResponse; import com.evotech.hd.cloud.mqtt.message.handle.MessageUtilService; -import com.evotech.hd.common.web.util.SpringUtil; +import com.evotech.hd.common.permission.util.SpringUtil; import org.slf4j.Logger; import org.slf4j.LoggerFactory; diff --git a/cloud-manage-server/src/main/java/com/evotech/hd/cloud/utils/TokenUtil.java b/cloud-manage-server/src/main/java/com/evotech/hd/cloud/utils/TokenUtil.java deleted file mode 100644 index cb1d10c..0000000 --- a/cloud-manage-server/src/main/java/com/evotech/hd/cloud/utils/TokenUtil.java +++ /dev/null @@ -1,56 +0,0 @@ -package com.evotech.hd.cloud.utils; - -import cn.hutool.core.date.DateUtil; -import cn.hutool.jwt.JWT; -import cn.hutool.jwt.JWTUtil; -import org.springframework.security.oauth2.jwt.JwtClaimNames; - -import java.util.Date; - -/** - * token解析工具类 - */ -public class TokenUtil { - - - public static JWT parseToJwt(String token) { - JWT parseToken = JWTUtil.parseToken(token); - return parseToken; - } - - - /** - * 从token中获取userId - */ - public static String getUserId(String token) { - String uid = parseToJwt(token).getPayloads().getStr("uid"); - return uid; - } - - /** - * 从token中获取rcodes - */ - public static String getRcodes(String token) { - String uid = parseToJwt(token).getPayloads().getStr("rcodes"); - return uid; - } - - - /** - * 从token中获取jti - */ - public static String getJti(String token) { - String jti = parseToJwt(token).getPayloads().getStr(JwtClaimNames.JTI).replaceAll("-", ""); - return jti; - } - - - /** - * 从token中获取过期时间 - */ - public static Date getExp(String token) { - String exp = parseToJwt(token).getPayloads().getStr(JwtClaimNames.EXP).toString(); - return DateUtil.date(Long.valueOf(exp) * 1000); - } - -} diff --git a/resource-server/pom.xml b/resource-server/pom.xml index aaee8fe..4d55f4a 100644 --- a/resource-server/pom.xml +++ b/resource-server/pom.xml @@ -22,7 +22,11 @@ common-web 1.0.0-SNAPSHOT - + + com.evotech.hd + common-permission + 1.0.0-SNAPSHOT + com.evotech.hd common-mybatis @@ -66,20 +70,6 @@ io.minio minio - - com.evotech.hd - common-redis - 1.0.0-SNAPSHOT - compile - - - cn.hutool - hutool-jwt - - - org.springframework.security - spring-security-oauth2-jose - diff --git a/resource-server/src/main/java/com/evotech/hd/resource/config/permission/PermissionResourceMybatisPlusConfig.java b/resource-server/src/main/java/com/evotech/hd/resource/config/permission/PermissionResourceMybatisPlusConfig.java deleted file mode 100644 index 595444c..0000000 --- a/resource-server/src/main/java/com/evotech/hd/resource/config/permission/PermissionResourceMybatisPlusConfig.java +++ /dev/null @@ -1,31 +0,0 @@ -package com.evotech.hd.resource.config.permission; - -import com.baomidou.mybatisplus.extension.plugins.MybatisPlusInterceptor; -import com.baomidou.mybatisplus.extension.plugins.inner.DataPermissionInterceptor; -import com.evotech.hd.resource.handler.DataScopeHandler; -import org.springframework.context.annotation.Bean; -import org.springframework.context.annotation.Configuration; -import org.springframework.transaction.annotation.EnableTransactionManagement; - -/** - * @desc: - * @ClassName:MybatisPlusConfig - * @date: 2025年04月14日 16:14 - * @author: andy.shi - * @contact: 17330188597 - * @remark: 开发人员联系方式 1042025947@qq.com/微信同步 - */ -@EnableTransactionManagement(proxyTargetClass = true) -@Configuration -public class PermissionResourceMybatisPlusConfig { - - @Bean("permissionResourceMybatisPlusInterceptor") - public MybatisPlusInterceptor mybatisPlusInterceptor() { - - MybatisPlusInterceptor interceptor = new MybatisPlusInterceptor(); - // 数据权限插件 - interceptor.addInnerInterceptor(new DataPermissionInterceptor(new DataScopeHandler())); - return interceptor; - } - -} diff --git a/resource-server/src/main/java/com/evotech/hd/resource/service/impl/MenuServiceImpl.java b/resource-server/src/main/java/com/evotech/hd/resource/service/impl/MenuServiceImpl.java index 73d3ced..95e23b7 100644 --- a/resource-server/src/main/java/com/evotech/hd/resource/service/impl/MenuServiceImpl.java +++ b/resource-server/src/main/java/com/evotech/hd/resource/service/impl/MenuServiceImpl.java @@ -1,12 +1,6 @@ package com.evotech.hd.resource.service.impl; -import java.util.ArrayList; -import java.util.Arrays; -import java.util.Date; -import java.util.List; -import org.springframework.stereotype.Service; -import org.springframework.util.StringUtils; - +import com.alibaba.nacos.common.utils.CollectionUtils; import com.baomidou.mybatisplus.core.conditions.query.QueryWrapper; import com.evotech.hd.common.core.constant.HDConstant; import com.evotech.hd.common.core.dao.resource.auth.AuthMenuDao; @@ -18,11 +12,20 @@ import com.evotech.hd.common.core.entity.resource.auth.AuthRoleResource; import com.evotech.hd.common.core.enums.CodeMsg; import com.evotech.hd.resource.service.MenuService; import com.evotech.hd.resource.utils.MenuUtil; - import jakarta.annotation.Resource; import jakarta.servlet.http.HttpServletRequest; +import lombok.extern.slf4j.Slf4j; +import org.springframework.stereotype.Service; +import org.springframework.util.StringUtils; + +import java.util.ArrayList; +import java.util.Arrays; +import java.util.Date; +import java.util.List; +import java.util.stream.Collectors; @Service +@Slf4j public class MenuServiceImpl implements MenuService { @Resource @@ -89,9 +92,35 @@ public class MenuServiceImpl implements MenuService { if (menuList.isEmpty()) { return new Result>().error(CodeMsg.DATABASE_RESULT_NULL); } + buildParentAuthMenu(menuList); menuList = MenuUtil.treeMenuList(menuList, 0); return new Result>().success(menuList); } + + + public List buildParentAuthMenu(List menuList){ + //初始化加载父级 + try { + List pkIds = menuList.stream().map(AuthMenu::getPkId).collect(Collectors.toList()); + List lodParentIds = new ArrayList<>(); + menuList.stream().map(AuthMenu::getParentId).forEach(parentId -> { + if(!pkIds.contains(parentId) && !lodParentIds.contains(parentId)) { + lodParentIds.add(parentId); + } + }); + if(CollectionUtils.isNotEmpty(lodParentIds)) { + List parentList = authMenuDao.selectList(new QueryWrapper().in("pk_id", lodParentIds)); + if(CollectionUtils.isNotEmpty(parentList)) { + menuList.addAll(parentList); + } + } + } catch (Exception e) { + log.error("加载父级菜单出现异常: {}", e.getMessage()); + } + + return menuList; + } + } diff --git a/resource-server/src/main/java/com/evotech/hd/resource/service/impl/RoleServiceImpl.java b/resource-server/src/main/java/com/evotech/hd/resource/service/impl/RoleServiceImpl.java index 7f760d8..13619b9 100644 --- a/resource-server/src/main/java/com/evotech/hd/resource/service/impl/RoleServiceImpl.java +++ b/resource-server/src/main/java/com/evotech/hd/resource/service/impl/RoleServiceImpl.java @@ -205,8 +205,18 @@ public class RoleServiceImpl implements RoleService { oldResourceIds.add(arr.getResourceId()); } } + List dictList = dictService.listDictByType(HDConstant.DEFAULT_MENU_TYPE); + List defaultIds = new ArrayList<>(); + if(CollectionUtils.isNotEmpty(dictList)) { + dictList.stream().forEach(dict -> { + defaultIds.add(dict.getDictValue()); + }); + } // 2. 删除原来的 - authRoleResourceDao.delete(new LambdaQueryWrapper().eq(AuthRoleResource::getRcode, rcode).in(AuthRoleResource::getResourceType, typeArr).in(CollectionUtils.isNotEmpty(oldResourceIds),AuthRoleResource::getResourceId, oldResourceIds)); + authRoleResourceDao.delete(new LambdaQueryWrapper().eq(AuthRoleResource::getRcode, rcode) + .notIn(CollectionUtils.isNotEmpty(defaultIds), AuthRoleResource::getResourceId, defaultIds) + .in(AuthRoleResource::getResourceType, typeArr).in(CollectionUtils.isNotEmpty(oldResourceIds) && darsr.getTypes().indexOf("MENU")< 0,AuthRoleResource::getResourceId, oldResourceIds) + ); return addRoleSource(list); } diff --git a/resource-server/src/main/java/com/evotech/hd/resource/utils/RedisResourceUtils.java b/resource-server/src/main/java/com/evotech/hd/resource/utils/RedisResourceUtils.java deleted file mode 100644 index 7960a80..0000000 --- a/resource-server/src/main/java/com/evotech/hd/resource/utils/RedisResourceUtils.java +++ /dev/null @@ -1,179 +0,0 @@ -package com.evotech.hd.resource.utils; - -import com.evotech.hd.common.core.constant.HDConstant; -import com.evotech.hd.common.core.entity.resource.auth.AuthUser; -import com.evotech.hd.common.redis.utils.RedisUtil; -import com.evotech.hd.common.web.util.RequestContextUtil; -import com.evotech.hd.common.web.util.SpringUtil; -import lombok.extern.slf4j.Slf4j; -import org.springframework.util.ObjectUtils; -import org.springframework.util.StringUtils; - -/** - * @desc: - * @ClassName:RedisCloudUtils - * @date: 2025年04月14日 15:24 - * @author: andy.shi - * @contact: 17330188597 - * @remark: 开发人员联系方式 1042025947@qq.com/微信同步 - */ - -@Slf4j -public class RedisResourceUtils { - - public static AuthUser getUser(){ - AuthUser user = (AuthUser)getRedisObjectValue("user"); - return (ObjectUtils.isEmpty(user) ? null : user); - } - - public static String getRoleCode(){ - String roles = getRedisStringValue("rcodes"); - return StringUtils.isEmpty(roles) ? "" : roles; - } - - public static String getPermissionValue(String key){ - return getStringValue(HDConstant.LOGIN_CACHE_KEY_PREFIX + key+":"+getUserPkId()); - } - - public static String getStationCode(){ - return getStringValue(HDConstant.LOGIN_CACHE_KEY_PREFIX + HDConstant.PermissionConstant.PERMISSION_STATION_CODE+":"+getUserPkId()); - } - public static String getStationId(){ - return getStringValue(HDConstant.LOGIN_CACHE_KEY_PREFIX + HDConstant.PermissionConstant.PERMISSION_STATION_ID+":"+getUserPkId()); - } - - public static String getCompanyCode(){ - return getStringValue(HDConstant.LOGIN_CACHE_KEY_PREFIX + HDConstant.PermissionConstant.PERMISSION_COMPANY_CODE+":"+getUserPkId()); - } - public static String getCompanyId(){ - return getStringValue(HDConstant.LOGIN_CACHE_KEY_PREFIX + HDConstant.PermissionConstant.PERMISSION_COMPANY_ID+":"+getUserPkId()); - } - - public static String getCarCode(){ - return getStringValue(HDConstant.LOGIN_CACHE_KEY_PREFIX + HDConstant.PermissionConstant.PERMISSION_CAR_CODE+":"+getUserPkId()); - } - public static String getCarId(){ - return getStringValue(HDConstant.LOGIN_CACHE_KEY_PREFIX + HDConstant.PermissionConstant.PERMISSION_CAR_ID+":"+getUserPkId()); - } - - private static Integer getUserPkId(){ - AuthUser user = getUser(); - if(org.apache.commons.lang3.ObjectUtils.isEmpty(user) || user.getPkId() == null){ - return null; - } - return user.getPkId(); - } - - -// public static Integer getCompanyScopeId(){ -// return getUser().getPkId(); -// } - - - /** - * 获取当前登录的角色信息, 0 站端, 1 管理员, 2 运营商, 3 公司, - * @author: andy.shi - * @contact: 17330188597 - * @date: 2025/4/14/周一 14:21 - * @return: * @return: java.lang.String - */ - public static String getRoleType(){ - String roles = getRoleCode(); - if(isAdmin(roles)){ - return "1"; - } - if(isOperator(roles)){ - return "2"; - } - if(isCompany(roles)){ - return "3"; - } - return "0"; - } - - //如果不等于-1 则证明为管理员 - public static Boolean isAdmin(String roles){ - return isAuthority(roles, HDConstant.SYSTEM_MANAGER_ROLE_CODE); - } - - public static Boolean isOperator(String roles){ - return isAuthority(roles,HDConstant.OPERATOR_ROLE_CODE); - } - - public static Boolean isCompany(String roles){ - return isAuthority(roles,HDConstant.COMPANY_ROLE_CODE); - } - - private static Boolean isAuthority(String checkParamRoles, String paramRoleCode){ - if(org.apache.commons.lang3.StringUtils.isNotEmpty(checkParamRoles)){ - return checkParamRoles.lastIndexOf(paramRoleCode) != -1; - } - return getRoleCode().lastIndexOf(paramRoleCode) != -1; - } - - - /*** - * 根据token拼接key, 获取String结果 - * @param key - * @return - */ - private static String getRedisStringValue(String key) { - return String.valueOf(getRedisObjectValue(key)); - } - - /*** - * 根据token拼接key, 获取Object结果 - * @param key - * @return - */ - private static Object getRedisObjectValue(String key) { - String token = RequestContextUtil.getToken(); - if(StringUtils.isEmpty(token)){ - log.error("SpringUtil.getRedisValue========== token is null"); - return null; - } - String jti = null; - try { - jti = TokenUtil.getJti(token); - if(StringUtils.isEmpty(jti)){ - log.error("SpringUtil.getRedisValue========== jtj is null"); - return null; - } - } catch (Exception e) { - log.error("SpringUtil.gegetRedisValuetUser========== jtj is null"); - return null; - } - return getValue(HDConstant.LOGIN_CACHE_KEY_PREFIX + jti + ":"+key); - } - - - /*** - * 根据key获取redis缓存 - * @param key - * @return - */ - private static String getStringValue(String key){ - Object obj = getValue(key); - return ObjectUtils.isEmpty(obj) ? null : String.valueOf(obj); - } - - /*** - * 根据key获取redis缓存 - * @param key - * @return - */ - private static Object getValue(String key){ - RedisUtil redisUtil = SpringUtil.getBean(RedisUtil.class); - if(ObjectUtils.isEmpty(redisUtil)){ - log.error("SpringUtil.getRedisValue========== redisUtil is null"); - } - Object obj = redisUtil.get(key); - if(ObjectUtils.isEmpty(obj)){ - log.error("SpringUtil.getRedisValue=={}========== obj is null",key); - return null; - } - log.info("SpringUtil.getRedisValue=={}===={}",key,String.valueOf(obj)); - return obj; - } - -} diff --git a/wechat-server/pom.xml b/wechat-server/pom.xml index 2f72c85..2c461ed 100644 --- a/wechat-server/pom.xml +++ b/wechat-server/pom.xml @@ -23,7 +23,7 @@ com.evotech.hd - common-redis + common-permission 1.0.0-SNAPSHOT @@ -80,16 +80,6 @@ core 3.5.3 - - org.springframework.security - spring-security-oauth2-jose - - - cn.hutool - hutool-jwt - - - diff --git a/wechat-server/src/main/java/com/evotech/hd/wechat/config/PermissionWechatMybatisPlusConfig.java b/wechat-server/src/main/java/com/evotech/hd/wechat/config/PermissionWechatMybatisPlusConfig.java deleted file mode 100644 index cc52e71..0000000 --- a/wechat-server/src/main/java/com/evotech/hd/wechat/config/PermissionWechatMybatisPlusConfig.java +++ /dev/null @@ -1,30 +0,0 @@ -package com.evotech.hd.wechat.config; - -import com.baomidou.mybatisplus.extension.plugins.MybatisPlusInterceptor; -import com.baomidou.mybatisplus.extension.plugins.inner.DataPermissionInterceptor; -import com.evotech.hd.wechat.handler.DataScopeHandler; -import org.springframework.context.annotation.Bean; -import org.springframework.context.annotation.Configuration; -import org.springframework.transaction.annotation.EnableTransactionManagement; - -/** - * @desc: - * @ClassName:MybatisPlusConfig - * @date: 2025年04月14日 16:14 - * @author: andy.shi - * @contact: 17330188597 - * @remark: 开发人员联系方式 1042025947@qq.com/微信同步 - */ -@EnableTransactionManagement(proxyTargetClass = true) -@Configuration -public class PermissionWechatMybatisPlusConfig { - - @Bean("permissionWechatMybatisPlusInterceptor") - public MybatisPlusInterceptor mybatisPlusInterceptor() { - MybatisPlusInterceptor interceptor = new MybatisPlusInterceptor(); - // 数据权限插件 - interceptor.addInnerInterceptor(new DataPermissionInterceptor(new DataScopeHandler())); - return interceptor; - } - -} diff --git a/wechat-server/src/main/java/com/evotech/hd/wechat/handler/DataScopeHandler.java b/wechat-server/src/main/java/com/evotech/hd/wechat/handler/DataScopeHandler.java deleted file mode 100644 index cea9a20..0000000 --- a/wechat-server/src/main/java/com/evotech/hd/wechat/handler/DataScopeHandler.java +++ /dev/null @@ -1,115 +0,0 @@ -package com.evotech.hd.wechat.handler; - -import com.alibaba.nacos.common.utils.CollectionUtils; -import com.alibaba.nacos.common.utils.StringUtils; -import com.baomidou.mybatisplus.extension.plugins.handler.MultiDataPermissionHandler; -import com.evotech.hd.common.core.permission.DataScope; -import com.evotech.hd.common.core.permission.DataScopes; -import com.evotech.hd.wechat.utils.permission.RedisWechatUtils; -import net.sf.jsqlparser.expression.Expression; -import net.sf.jsqlparser.expression.Parenthesis; -import net.sf.jsqlparser.expression.StringValue; -import net.sf.jsqlparser.expression.operators.relational.ExpressionList; -import net.sf.jsqlparser.expression.operators.relational.InExpression; -import net.sf.jsqlparser.schema.Column; -import net.sf.jsqlparser.schema.Table; -import org.apache.commons.lang3.ObjectUtils; - -import java.util.Arrays; -import java.util.stream.Collectors; - -/** - * @desc: - * @ClassName:DataScopeHandler - * @date: 2025年04月14日 14:54 - * @author: andy.shi - * @contact: 17330188597 - * @remark: 开发人员联系方式 1042025947@qq.com/微信同步 - */ - -public class DataScopeHandler implements MultiDataPermissionHandler { - - /** - * 获取数据权限 SQL 片段。 - *

旧的 {@link MultiDataPermissionHandler#getSqlSegment(Expression, String)} 方法第一个参数包含所有的 where 条件信息,如果 return 了 null 会覆盖原有的 where 数据,

- *

新版的 {@link MultiDataPermissionHandler#getSqlSegment(Table, Expression, String)} 方法不能覆盖原有的 where 数据,如果 return 了 null 则表示不追加任何 where 条件

- * - * @param table 所执行的数据库表信息,可以通过此参数获取表名和表别名 - * @param where 原有的 where 条件信息 - * @param mappedStatementId Mybatis MappedStatement Id 根据该参数可以判断具体执行方法 - * @return JSqlParser 条件表达式,返回的条件表达式会拼接在原有的表达式后面(不会覆盖原有的表达式) - */ - - @Override - public Expression getSqlSegment(Table table, Expression where, String mappedStatementId) { - try { - if(table != null && CollectionUtils.isNotEmpty(table.getNameParts()) && !"1".equals(RedisWechatUtils.getRoleType())){ - String roleCode = RedisWechatUtils.getRoleCode(); - Class mapperClazz = Class.forName(mappedStatementId.substring(0, mappedStatementId.lastIndexOf("."))); - //优先检查是不是单角色权限 - DataScope dataScope = mapperClazz.getAnnotation(DataScope.class); - if (ObjectUtils.isNotEmpty(dataScope) && dataScope.enabled()) { - if(dataScope.permissionObject().equals(roleCode)){ - return buildDataScopeByAnnotation(dataScope); - } - } - //如果不是, 检查多角色权限 - DataScopes dataScopesList = mapperClazz.getAnnotation(DataScopes.class); - if (ObjectUtils.isNotEmpty(dataScopesList)) { - for (DataScope dataScopes :dataScopesList.value()){ - if(dataScopes.enabled()){ - if(dataScopes.permissionObject().equals(roleCode)){ - return buildDataScopeByAnnotation(dataScopes); - } - } - } - } - } - } catch (ClassNotFoundException e) { - e.printStackTrace(); - } - return null; - } - - - - /** - * DataScope注解方式,拼装数据权限 - * - * @param dataScope - * @return - */ - private Expression buildDataScopeByAnnotation(DataScope dataScope) { - Expression expression = buildDataScopeExpression(dataScope, RedisWechatUtils.getPermissionValue(dataScope.permissionScopeRedisKey())); - return expression == null ? null : new Parenthesis(expression); - } - - - private Expression buildDataScopeExpression(DataScope dataScope, String value) { - if(!"null".equals(value)){ - ExpressionList expressionList = new ExpressionList(Arrays.asList(value.split(",")).stream().map(StringValue::new).collect(Collectors.toList())); - // 设置左边的字段表达式,右边设置值。 - InExpression operatorInExpression = new InExpression(); - operatorInExpression.setLeftExpression(buildColumn(dataScope.tableAlias(), dataScope.permissionScopeName())); - operatorInExpression.setRightExpression(new Parenthesis(expressionList)); - return operatorInExpression; - - } - return null; - } - - /** - * 构建Column - * - * @param tableAlias 表别名 - * @param columnName 字段名称 - * @return 带表别名字段 - */ - private static Column buildColumn(String tableAlias, String columnName) { - if (StringUtils.isNotEmpty(tableAlias)) { - columnName = tableAlias + "." + columnName; - } - return new Column(columnName); - } - -} diff --git a/wechat-server/src/main/java/com/evotech/hd/wechat/utils/permission/RedisWechatUtils.java b/wechat-server/src/main/java/com/evotech/hd/wechat/utils/permission/RedisWechatUtils.java deleted file mode 100644 index 2b477f0..0000000 --- a/wechat-server/src/main/java/com/evotech/hd/wechat/utils/permission/RedisWechatUtils.java +++ /dev/null @@ -1,179 +0,0 @@ -package com.evotech.hd.wechat.utils.permission; - -import com.evotech.hd.common.core.constant.HDConstant; -import com.evotech.hd.common.core.entity.resource.auth.AuthUser; -import com.evotech.hd.common.redis.utils.RedisUtil; -import com.evotech.hd.common.web.util.RequestContextUtil; -import com.evotech.hd.common.web.util.SpringUtil; -import lombok.extern.slf4j.Slf4j; -import org.springframework.util.ObjectUtils; -import org.springframework.util.StringUtils; - -/** - * @desc: - * @ClassName:RedisCloudUtils - * @date: 2025年04月14日 15:24 - * @author: andy.shi - * @contact: 17330188597 - * @remark: 开发人员联系方式 1042025947@qq.com/微信同步 - */ - -@Slf4j -public class RedisWechatUtils { - - public static AuthUser getUser(){ - AuthUser user = (AuthUser)getRedisObjectValue("user"); - return (ObjectUtils.isEmpty(user) ? null : user); - } - - public static String getRoleCode(){ - String roles = getRedisStringValue("rcodes"); - return StringUtils.isEmpty(roles) ? "" : roles; - } - - public static String getPermissionValue(String key){ - return getStringValue(HDConstant.LOGIN_CACHE_KEY_PREFIX + key+":"+getUserPkId()); - } - - public static String getStationCode(){ - return getStringValue(HDConstant.LOGIN_CACHE_KEY_PREFIX + HDConstant.PermissionConstant.PERMISSION_STATION_CODE+":"+getUserPkId()); - } - public static String getStationId(){ - return getStringValue(HDConstant.LOGIN_CACHE_KEY_PREFIX + HDConstant.PermissionConstant.PERMISSION_STATION_ID+":"+getUserPkId()); - } - - public static String getCompanyCode(){ - return getStringValue(HDConstant.LOGIN_CACHE_KEY_PREFIX + HDConstant.PermissionConstant.PERMISSION_COMPANY_CODE+":"+getUserPkId()); - } - public static String getCompanyId(){ - return getStringValue(HDConstant.LOGIN_CACHE_KEY_PREFIX + HDConstant.PermissionConstant.PERMISSION_COMPANY_ID+":"+getUserPkId()); - } - - public static String getCarCode(){ - return getStringValue(HDConstant.LOGIN_CACHE_KEY_PREFIX + HDConstant.PermissionConstant.PERMISSION_CAR_CODE+":"+getUserPkId()); - } - public static String getCarId(){ - return getStringValue(HDConstant.LOGIN_CACHE_KEY_PREFIX + HDConstant.PermissionConstant.PERMISSION_CAR_ID+":"+getUserPkId()); - } - - private static Integer getUserPkId(){ - AuthUser user = getUser(); - if(org.apache.commons.lang3.ObjectUtils.isEmpty(user) || user.getPkId() == null){ - return null; - } - return user.getPkId(); - } - - -// public static Integer getCompanyScopeId(){ -// return getUser().getPkId(); -// } - - - /** - * 获取当前登录的角色信息, 0 站端, 1 管理员, 2 运营商, 3 公司, - * @author: andy.shi - * @contact: 17330188597 - * @date: 2025/4/14/周一 14:21 - * @return: * @return: java.lang.String - */ - public static String getRoleType(){ - String roles = getRoleCode(); - if(isAdmin(roles)){ - return "1"; - } - if(isOperator(roles)){ - return "2"; - } - if(isCompany(roles)){ - return "3"; - } - return "0"; - } - - //如果不等于-1 则证明为管理员 - public static Boolean isAdmin(String roles){ - return isAuthority(roles, HDConstant.SYSTEM_MANAGER_ROLE_CODE); - } - - public static Boolean isOperator(String roles){ - return isAuthority(roles,HDConstant.OPERATOR_ROLE_CODE); - } - - public static Boolean isCompany(String roles){ - return isAuthority(roles,HDConstant.COMPANY_ROLE_CODE); - } - - private static Boolean isAuthority(String checkParamRoles, String paramRoleCode){ - if(org.apache.commons.lang3.StringUtils.isNotEmpty(checkParamRoles)){ - return checkParamRoles.lastIndexOf(paramRoleCode) != -1; - } - return getRoleCode().lastIndexOf(paramRoleCode) != -1; - } - - - /*** - * 根据token拼接key, 获取String结果 - * @param key - * @return - */ - private static String getRedisStringValue(String key) { - return String.valueOf(getRedisObjectValue(key)); - } - - /*** - * 根据token拼接key, 获取Object结果 - * @param key - * @return - */ - private static Object getRedisObjectValue(String key) { - String token = RequestContextUtil.getToken(); - if(StringUtils.isEmpty(token)){ - log.error("SpringUtil.getRedisValue========== token is null"); - return null; - } - String jti = null; - try { - jti = TokenUtil.getJti(token); - if(StringUtils.isEmpty(jti)){ - log.error("SpringUtil.getRedisValue========== jtj is null"); - return null; - } - } catch (Exception e) { - log.error("SpringUtil.gegetRedisValuetUser========== jtj is null"); - return null; - } - return getValue(HDConstant.LOGIN_CACHE_KEY_PREFIX + jti + ":"+key); - } - - - /*** - * 根据key获取redis缓存 - * @param key - * @return - */ - private static String getStringValue(String key){ - Object obj = getValue(key); - return ObjectUtils.isEmpty(obj) ? null : String.valueOf(obj); - } - - /*** - * 根据key获取redis缓存 - * @param key - * @return - */ - private static Object getValue(String key){ - RedisUtil redisUtil = SpringUtil.getBean(RedisUtil.class); - if(ObjectUtils.isEmpty(redisUtil)){ - log.error("SpringUtil.getRedisValue========== redisUtil is null"); - } - Object obj = redisUtil.get(key); - if(ObjectUtils.isEmpty(obj)){ - log.error("SpringUtil.getRedisValue=={}========== obj is null",key); - return null; - } - log.info("SpringUtil.getRedisValue=={}===={}",key,String.valueOf(obj)); - return obj; - } - -} diff --git a/wechat-server/src/main/java/com/evotech/hd/wechat/utils/permission/TokenUtil.java b/wechat-server/src/main/java/com/evotech/hd/wechat/utils/permission/TokenUtil.java deleted file mode 100644 index f85fa52..0000000 --- a/wechat-server/src/main/java/com/evotech/hd/wechat/utils/permission/TokenUtil.java +++ /dev/null @@ -1,56 +0,0 @@ -package com.evotech.hd.wechat.utils.permission; - -import cn.hutool.core.date.DateUtil; -import cn.hutool.jwt.JWT; -import cn.hutool.jwt.JWTUtil; -import org.springframework.security.oauth2.jwt.JwtClaimNames; - -import java.util.Date; - -/** - * token解析工具类 - */ -public class TokenUtil { - - - public static JWT parseToJwt(String token) { - JWT parseToken = JWTUtil.parseToken(token); - return parseToken; - } - - - /** - * 从token中获取userId - */ - public static String getUserId(String token) { - String uid = parseToJwt(token).getPayloads().getStr("uid"); - return uid; - } - - /** - * 从token中获取rcodes - */ - public static String getRcodes(String token) { - String uid = parseToJwt(token).getPayloads().getStr("rcodes"); - return uid; - } - - - /** - * 从token中获取jti - */ - public static String getJti(String token) { - String jti = parseToJwt(token).getPayloads().getStr(JwtClaimNames.JTI).replaceAll("-", ""); - return jti; - } - - - /** - * 从token中获取过期时间 - */ - public static Date getExp(String token) { - String exp = parseToJwt(token).getPayloads().getStr(JwtClaimNames.EXP).toString(); - return DateUtil.date(Long.valueOf(exp) * 1000); - } - -}