Commit ff367eff by zzrdark

1.增加权限

parent d6276f17
...@@ -4,6 +4,7 @@ import org.mybatis.spring.annotation.MapperScan; ...@@ -4,6 +4,7 @@ import org.mybatis.spring.annotation.MapperScan;
import org.springframework.boot.SpringApplication; import org.springframework.boot.SpringApplication;
import org.springframework.boot.autoconfigure.SpringBootApplication; import org.springframework.boot.autoconfigure.SpringBootApplication;
import org.springframework.cloud.netflix.eureka.EnableEurekaClient; import org.springframework.cloud.netflix.eureka.EnableEurekaClient;
import org.springframework.cloud.openfeign.EnableFeignClients;
/** /**
* @ClassName AuthorizaitonApplication * @ClassName AuthorizaitonApplication
...@@ -13,6 +14,7 @@ import org.springframework.cloud.netflix.eureka.EnableEurekaClient; ...@@ -13,6 +14,7 @@ import org.springframework.cloud.netflix.eureka.EnableEurekaClient;
**/ **/
@SpringBootApplication @SpringBootApplication
@EnableEurekaClient @EnableEurekaClient
@EnableFeignClients
@MapperScan("com.mx.cneeds.server.dao") @MapperScan("com.mx.cneeds.server.dao")
public class AuthorizaitonApplication { public class AuthorizaitonApplication {
......
package com.mx.cneeds.server.anthorization.client;
import com.mx.cneeds.common.dto.*;
import org.springframework.cloud.openfeign.FeignClient;
import org.springframework.web.bind.annotation.PostMapping;
import org.springframework.web.bind.annotation.RequestBody;
import org.springframework.web.bind.annotation.RequestParam;
import java.util.List;
/**
* @ClassName UserClient
* @Author zzrdark
* @Date 2020-03-09 15:21
* @Description TODO
**/
@FeignClient(name = "CNEEDS-SERVER-USER")
public interface UserClient {
/**
*
* @param page
* @param pageSize
* @param order
* @param orderField
* @return
*/
@PostMapping("/sys/func/list")
PageDto funcList(@RequestParam Integer page,
@RequestParam("limit") Integer pageSize,
@RequestParam("sidx") String orderField,
@RequestParam("order") String order);
@PostMapping("/sys/func/listAll")
List<FuncDto> funcListAll();
/**
*
* @param page
* @param pageSize
* @param orderField
* @param order
* @return
*/
@PostMapping("/sys/dept/list")
PageDto deptList(@RequestParam Integer page,
@RequestParam("limit") Integer pageSize,
@RequestParam("sidx") String orderField,
@RequestParam("order") String order,
@RequestParam("name") String name);
/**
* 获取部门列表
* @return
*/
@PostMapping("/sys/dept/listAll")
List<DepartmentDto> deptListAll();
@PostMapping("/sys/dept/save")
void addDept(@RequestBody DepartmentDto dto);
@PostMapping("/sys/dept/update")
void updateDept(@RequestBody DepartmentDto dto);
@PostMapping("/sys/dept/delete")
void deleteDept(@RequestBody List<Long> ids);
@PostMapping("/sys/dept/info")
DepartmentDto deptInfo(@RequestBody Long deptId);
/**
*
* @param page
* @param pageSize
* @param order
* @param orderField
* @return
*/
@PostMapping("/sys/role/list")
PageDto roleList(@RequestParam Integer page,
@RequestParam("limit") Integer pageSize,
@RequestParam("sidx") String orderField,
@RequestParam("order") String order,
@RequestParam("roleName") String roleName);
@PostMapping("/sys/role/info")
RoleDto infoRole(@RequestParam Long roleId);
@PostMapping("/sys/role/save")
void addRole(@RequestBody RoleDto dto);
@PostMapping("/sys/role/update")
void updateRole(@RequestBody RoleDto dto);
@PostMapping("/sys/role/delete")
void deleteRole(@RequestBody List<Long> ids);
@PostMapping("/sys/role/listAll")
List<RoleDto> roleListAll();
/**
*
* @param page
* @param pageSize
* @param order
* @param orderField
* @return
*/
@PostMapping("/sys/user/list")
PageDto userList(@RequestParam Integer page,
@RequestParam("limit") Integer pageSize,
@RequestParam("sidx") String orderField,
@RequestParam("order") String order,
@RequestParam("username") String username);
@PostMapping("/sys/user/userinfo")
UserDto userInfo(@RequestParam String username);
@PostMapping("/sys/user/save")
void addUser(@RequestBody UserDto dto);
@PostMapping("/sys/user/update")
void updateUser(@RequestBody UserDto dto);
@PostMapping("/sys/user/delete")
void deleteUser(@RequestBody List<Long> ids);
}
package com.mx.cneeds.server.anthorization.service; package com.mx.cneeds.server.anthorization.service;
import com.mx.cneeds.common.dto.UserDto;
import com.mx.cneeds.server.anthorization.client.UserClient;
import com.mx.cneeds.server.entity.SysUserEntity; import com.mx.cneeds.server.entity.SysUserEntity;
import org.springframework.beans.factory.annotation.Autowired; import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.security.core.authority.AuthorityUtils; import org.springframework.security.core.GrantedAuthority;
import org.springframework.security.core.authority.SimpleGrantedAuthority;
import org.springframework.security.core.userdetails.User; import org.springframework.security.core.userdetails.User;
import org.springframework.security.core.userdetails.UserDetails; import org.springframework.security.core.userdetails.UserDetails;
import org.springframework.security.core.userdetails.UserDetailsService; import org.springframework.security.core.userdetails.UserDetailsService;
...@@ -10,6 +13,9 @@ import org.springframework.security.core.userdetails.UsernameNotFoundException; ...@@ -10,6 +13,9 @@ import org.springframework.security.core.userdetails.UsernameNotFoundException;
import org.springframework.security.crypto.password.PasswordEncoder; import org.springframework.security.crypto.password.PasswordEncoder;
import org.springframework.stereotype.Component; import org.springframework.stereotype.Component;
import java.util.ArrayList;
import java.util.List;
@Component @Component
public class MyUserDetailsService implements UserDetailsService { public class MyUserDetailsService implements UserDetailsService {
...@@ -18,6 +24,9 @@ public class MyUserDetailsService implements UserDetailsService { ...@@ -18,6 +24,9 @@ public class MyUserDetailsService implements UserDetailsService {
@Autowired @Autowired
private SysUserService sysUserService; private SysUserService sysUserService;
@Autowired
private UserClient userClient;
/** (non-Javadoc) /** (non-Javadoc)
* @see UserDetailsService#loadUserByUsername(String) * @see UserDetailsService#loadUserByUsername(String)
...@@ -29,8 +38,25 @@ public class MyUserDetailsService implements UserDetailsService { ...@@ -29,8 +38,25 @@ public class MyUserDetailsService implements UserDetailsService {
if (sysUserEntity == null){ if (sysUserEntity == null){
return null; return null;
} }
return new User(username, sysUserEntity.getPassword(),
AuthorityUtils.commaSeparatedStringToAuthorityList("ROLE_admin")); UserDto userDto = userClient.userInfo(username);
List<GrantedAuthority> authorities = new ArrayList<>();
if (sysUserEntity.getUserId() == 1){
authorities.add(new SimpleGrantedAuthority("ROLE_admin"));
}else {
List<String> funcPerms = userDto.getFuncPerms();
funcPerms.forEach( str -> {
authorities.add(new SimpleGrantedAuthority(str));
});
}
return new User(username, sysUserEntity.getPassword(), authorities);
} }
} }
\ No newline at end of file
...@@ -7,10 +7,11 @@ import com.mx.cneeds.common.pager.PageUtils; ...@@ -7,10 +7,11 @@ import com.mx.cneeds.common.pager.PageUtils;
import com.mx.cneeds.common.pager.Query; import com.mx.cneeds.common.pager.Query;
import com.mx.cneeds.server.anthorization.service.SysUserService; import com.mx.cneeds.server.anthorization.service.SysUserService;
import com.mx.cneeds.server.dao.SysUserDao; import com.mx.cneeds.server.dao.SysUserDao;
import com.mx.cneeds.server.entity.SysFuncEntity;
import com.mx.cneeds.server.entity.SysUserEntity; import com.mx.cneeds.server.entity.SysUserEntity;
import org.springframework.stereotype.Service; import org.springframework.stereotype.Service;
import java.util.Map; import java.util.*;
@Service("sysUserService") @Service("sysUserService")
......
...@@ -2,6 +2,7 @@ package com.mx.cneeds.server.datashow.config; ...@@ -2,6 +2,7 @@ package com.mx.cneeds.server.datashow.config;
import org.springframework.context.annotation.Bean; import org.springframework.context.annotation.Bean;
import org.springframework.context.annotation.Configuration; import org.springframework.context.annotation.Configuration;
import org.springframework.security.config.annotation.method.configuration.EnableGlobalMethodSecurity;
import org.springframework.security.config.annotation.web.builders.HttpSecurity; import org.springframework.security.config.annotation.web.builders.HttpSecurity;
import org.springframework.security.crypto.bcrypt.BCryptPasswordEncoder; import org.springframework.security.crypto.bcrypt.BCryptPasswordEncoder;
import org.springframework.security.oauth2.config.annotation.web.configuration.EnableResourceServer; import org.springframework.security.oauth2.config.annotation.web.configuration.EnableResourceServer;
...@@ -14,6 +15,7 @@ import org.springframework.security.oauth2.provider.token.store.JwtTokenStore; ...@@ -14,6 +15,7 @@ import org.springframework.security.oauth2.provider.token.store.JwtTokenStore;
// 资源服务配置 // 资源服务配置
@Configuration @Configuration
@EnableResourceServer @EnableResourceServer
@EnableGlobalMethodSecurity(prePostEnabled = true)
public class OAuth2ResourceServer extends ResourceServerConfigurerAdapter { public class OAuth2ResourceServer extends ResourceServerConfigurerAdapter {
@Override @Override
......
...@@ -16,6 +16,7 @@ import org.springframework.core.io.InputStreamResource; ...@@ -16,6 +16,7 @@ import org.springframework.core.io.InputStreamResource;
import org.springframework.http.HttpHeaders; import org.springframework.http.HttpHeaders;
import org.springframework.http.MediaType; import org.springframework.http.MediaType;
import org.springframework.http.ResponseEntity; import org.springframework.http.ResponseEntity;
import org.springframework.security.access.prepost.PreAuthorize;
import org.springframework.web.bind.annotation.*; import org.springframework.web.bind.annotation.*;
import java.io.FileNotFoundException; import java.io.FileNotFoundException;
...@@ -65,6 +66,7 @@ public class DeviceController { ...@@ -65,6 +66,7 @@ public class DeviceController {
return new R().put("data",channelVo); return new R().put("data",channelVo);
} }
@PreAuthorize("hasRole('configManagement:deviceChannel:add') or hasRole('admin')")
@PostMapping("/device/saveChannel") @PostMapping("/device/saveChannel")
public R saveChannel_nums(DeviceChannelVo channelVo){ public R saveChannel_nums(DeviceChannelVo channelVo){
DevicesDto devicesDto = new DevicesDto(); DevicesDto devicesDto = new DevicesDto();
...@@ -77,6 +79,7 @@ public class DeviceController { ...@@ -77,6 +79,7 @@ public class DeviceController {
@PreAuthorize("hasRole('configManagement:productSeries:list') or hasRole('admin')")
@PostMapping("/series/list") @PostMapping("/series/list")
public R seriesList(@RequestParam(required = false) Integer page, public R seriesList(@RequestParam(required = false) Integer page,
@RequestParam(required = false) Integer pageSize, @RequestParam(required = false) Integer pageSize,
...@@ -110,6 +113,7 @@ public class DeviceController { ...@@ -110,6 +113,7 @@ public class DeviceController {
return new R().put("data",pageDto); return new R().put("data",pageDto);
} }
@PreAuthorize("hasRole('configManagement:productSeries:list') or hasRole('admin')")
@PostMapping("/series/listAll") @PostMapping("/series/listAll")
public R selectSeries(){ public R selectSeries(){
List<SeriesDto> seriesDtos = deviceClient.seriesListAll(); List<SeriesDto> seriesDtos = deviceClient.seriesListAll();
...@@ -117,6 +121,7 @@ public class DeviceController { ...@@ -117,6 +121,7 @@ public class DeviceController {
return new R().put("data",seriesDtos); return new R().put("data",seriesDtos);
} }
@PreAuthorize("hasRole('configManagement:productSeries:add') or hasRole('admin')")
@PostMapping("/series/add") @PostMapping("/series/add")
public R addSeries(SeriesVo seriesVo){ public R addSeries(SeriesVo seriesVo){
SeriesDto querySeries = deviceClient.querySeries(seriesVo.getSeriesNum()); SeriesDto querySeries = deviceClient.querySeries(seriesVo.getSeriesNum());
...@@ -132,6 +137,7 @@ public class DeviceController { ...@@ -132,6 +137,7 @@ public class DeviceController {
} }
@PreAuthorize("hasRole('configManagement:productSeries:edit') or hasRole('admin')")
@PostMapping("/series/edit") @PostMapping("/series/edit")
public R editSeries(SeriesVo seriesVo){ public R editSeries(SeriesVo seriesVo){
...@@ -143,6 +149,7 @@ public class DeviceController { ...@@ -143,6 +149,7 @@ public class DeviceController {
} }
@PreAuthorize("hasRole('configManagement:productSeries:delete') or hasRole('admin')")
@PostMapping("/series/delete") @PostMapping("/series/delete")
public R deleteSeries(@RequestParam(value = "ids",required = false) List<Long> ids){ public R deleteSeries(@RequestParam(value = "ids",required = false) List<Long> ids){
deviceClient.deleteSeries(ids); deviceClient.deleteSeries(ids);
...@@ -151,6 +158,7 @@ public class DeviceController { ...@@ -151,6 +158,7 @@ public class DeviceController {
} }
@PreAuthorize("hasRole('deviceManagement:device:list') or hasRole('admin')")
@PostMapping("/device/list") @PostMapping("/device/list")
public R deviceList(@RequestParam(required = false) Integer page, public R deviceList(@RequestParam(required = false) Integer page,
@RequestParam(required = false) Integer pageSize, @RequestParam(required = false) Integer pageSize,
...@@ -183,6 +191,7 @@ public class DeviceController { ...@@ -183,6 +191,7 @@ public class DeviceController {
return new R().put("data",pageDto); return new R().put("data",pageDto);
} }
@PreAuthorize("hasRole('deviceManagement:device:add') or hasRole('admin')")
@PostMapping("/device/importDevice") @PostMapping("/device/importDevice")
public R importDevice(DevicesVo devicesVo){ public R importDevice(DevicesVo devicesVo){
DevicesDto devicesDto = new DevicesDto(); DevicesDto devicesDto = new DevicesDto();
...@@ -193,6 +202,7 @@ public class DeviceController { ...@@ -193,6 +202,7 @@ public class DeviceController {
} }
@PreAuthorize("hasRole('deviceManagement:device:edit') or hasRole('admin')")
@PostMapping("/device/updateDeviceSeriesBatch") @PostMapping("/device/updateDeviceSeriesBatch")
public R updateDeviceSeriesBatch(DevicesVo devicesVo){ public R updateDeviceSeriesBatch(DevicesVo devicesVo){
DevicesDto devicesDto = new DevicesDto(); DevicesDto devicesDto = new DevicesDto();
...@@ -203,6 +213,7 @@ public class DeviceController { ...@@ -203,6 +213,7 @@ public class DeviceController {
} }
@PreAuthorize("hasRole('deviceManagement:device:delete') or hasRole('admin')")
@PostMapping("/device/delete") @PostMapping("/device/delete")
public R deleteDevice(@RequestParam(value = "ids",required = false) List<Long> ids){ public R deleteDevice(@RequestParam(value = "ids",required = false) List<Long> ids){
deviceClient.deleteDevice(ids); deviceClient.deleteDevice(ids);
...@@ -210,6 +221,7 @@ public class DeviceController { ...@@ -210,6 +221,7 @@ public class DeviceController {
} }
@PreAuthorize("hasRole('deviceManagement:device:list') or hasRole('admin')")
@PostMapping("/device/queryDeviceByImei") @PostMapping("/device/queryDeviceByImei")
public R queryDeviceByImei(@RequestBody DeviceInfoDto dto){ public R queryDeviceByImei(@RequestBody DeviceInfoDto dto){
log.debug("queryDeviceByImei: imei:" + dto.getImei()); log.debug("queryDeviceByImei: imei:" + dto.getImei());
...@@ -221,6 +233,7 @@ public class DeviceController { ...@@ -221,6 +233,7 @@ public class DeviceController {
} }
@PreAuthorize("hasRole('configManagement:deviceChannel:list') or hasRole('admin')")
@PostMapping("/deviceChannel/list") @PostMapping("/deviceChannel/list")
public R deivceChannelList(@RequestParam(required = false) Integer page, public R deivceChannelList(@RequestParam(required = false) Integer page,
@RequestParam(required = false) Integer pageSize, @RequestParam(required = false) Integer pageSize,
...@@ -254,6 +267,7 @@ public class DeviceController { ...@@ -254,6 +267,7 @@ public class DeviceController {
return new R().put("data",pageDto); return new R().put("data",pageDto);
} }
@PreAuthorize("hasRole('configManagement:deviceChannel:add') or hasRole('admin')")
@PostMapping("/deviceChannel/add") @PostMapping("/deviceChannel/add")
public R addDeviceChannel(ChannelVo vo){ public R addDeviceChannel(ChannelVo vo){
DeviceChannelDto dto = deviceClient.queryDeviceChannel(vo.getChannelNum()); DeviceChannelDto dto = deviceClient.queryDeviceChannel(vo.getChannelNum());
...@@ -269,6 +283,7 @@ public class DeviceController { ...@@ -269,6 +283,7 @@ public class DeviceController {
} }
@PreAuthorize("hasRole('configManagement:deviceChannel:edit') or hasRole('admin')")
@PostMapping("/deviceChannel/edit") @PostMapping("/deviceChannel/edit")
public R editSeries(ChannelVo vo){ public R editSeries(ChannelVo vo){
DeviceChannelDto deviceChannelDto = new DeviceChannelDto(); DeviceChannelDto deviceChannelDto = new DeviceChannelDto();
...@@ -277,24 +292,28 @@ public class DeviceController { ...@@ -277,24 +292,28 @@ public class DeviceController {
return R.ok(); return R.ok();
} }
@PreAuthorize("hasRole('configManagement:deviceChannel:delete') or hasRole('admin')")
@PostMapping("/deviceChannel/delete") @PostMapping("/deviceChannel/delete")
public R deleteDeviceChannel(@RequestParam(value = "ids",required = false) List<Long> ids){ public R deleteDeviceChannel(@RequestParam(value = "ids",required = false) List<Long> ids){
deviceClient.deleteDeviceChannels(ids); deviceClient.deleteDeviceChannels(ids);
return R.ok(); return R.ok();
} }
@PreAuthorize("hasRole('configManagement:deviceChannel:list') or hasRole('admin')")
@PostMapping("/deviceChannel/queryDeviceChannelAll") @PostMapping("/deviceChannel/queryDeviceChannelAll")
public R queryDeviceChannelAll(){ public R queryDeviceChannelAll(){
List<DeviceChannelDto> deviceChannelDtos = deviceClient.queryDeviceChannelAll(); List<DeviceChannelDto> deviceChannelDtos = deviceClient.queryDeviceChannelAll();
return R.ok().put("data",deviceChannelDtos); return R.ok().put("data",deviceChannelDtos);
} }
@PreAuthorize("hasRole('configManagement:deviceChannel:delete') or hasRole('admin')")
@PostMapping("/deviceChannel/deleteSettingDeviceChannel") @PostMapping("/deviceChannel/deleteSettingDeviceChannel")
public R deleteSettingDeviceChannel(Long deviceId){ public R deleteSettingDeviceChannel(Long deviceId){
deviceClient.deleteSettingDeviceChannel(deviceId); deviceClient.deleteSettingDeviceChannel(deviceId);
return R.ok(); return R.ok();
} }
@PreAuthorize("hasRole('configManagement:deviceChannel:delete') or hasRole('admin')")
@PostMapping("/deviceChannel/updateSettingDeviceChannel") @PostMapping("/deviceChannel/updateSettingDeviceChannel")
public R updateSettingDeviceChannel(DeviceInfoVo vo){ public R updateSettingDeviceChannel(DeviceInfoVo vo){
DeviceInfoDto dto = new DeviceInfoDto(); DeviceInfoDto dto = new DeviceInfoDto();
...@@ -303,6 +322,7 @@ public class DeviceController { ...@@ -303,6 +322,7 @@ public class DeviceController {
return R.ok(); return R.ok();
} }
@PreAuthorize("hasRole('configManagement:deviceChannel:list') or hasRole('admin')")
@PostMapping("/deviceChannel/queryTotalStatisticsDeviceChannel") @PostMapping("/deviceChannel/queryTotalStatisticsDeviceChannel")
public R queryTotalStatisticsDeviceChannel(@RequestParam(value="channelIds", required = false) List<Long> channelIds){ public R queryTotalStatisticsDeviceChannel(@RequestParam(value="channelIds", required = false) List<Long> channelIds){
...@@ -320,6 +340,7 @@ public class DeviceController { ...@@ -320,6 +340,7 @@ public class DeviceController {
return R.ok().put("data",list); return R.ok().put("data",list);
} }
@PreAuthorize("hasRole('admin')")
@PostMapping("/device/uploadDeivceChannelExcel") @PostMapping("/device/uploadDeivceChannelExcel")
public R uploadDeivceChannelExcel(@RequestBody UploadDeviceChannelExcelVo vo){ public R uploadDeivceChannelExcel(@RequestBody UploadDeviceChannelExcelVo vo){
UploadDeviceChannelExcelDto dto = new UploadDeviceChannelExcelDto(); UploadDeviceChannelExcelDto dto = new UploadDeviceChannelExcelDto();
...@@ -356,6 +377,7 @@ public class DeviceController { ...@@ -356,6 +377,7 @@ public class DeviceController {
return response; return response;
} }
@PreAuthorize("hasRole('configManagement:deviceChannel:list') or hasRole('admin')")
@RequestMapping("/device/queryDeviceChannelSetting") @RequestMapping("/device/queryDeviceChannelSetting")
public R queryDeviceChannelSetting(@RequestBody List<String> imeis){ public R queryDeviceChannelSetting(@RequestBody List<String> imeis){
...@@ -367,6 +389,7 @@ public class DeviceController { ...@@ -367,6 +389,7 @@ public class DeviceController {
return R.error(ResultCode.PARAMERROR,"参数错误"); return R.error(ResultCode.PARAMERROR,"参数错误");
} }
@PreAuthorize("hasRole('configManagement:deviceChannel:delete') or hasRole('admin')")
@RequestMapping("/deviceChannel/deleteStatisticsDeviceChannel") @RequestMapping("/deviceChannel/deleteStatisticsDeviceChannel")
public R deleteStatisticsDeviceChannel(StatisticsDeviceChannelVo vo){ public R deleteStatisticsDeviceChannel(StatisticsDeviceChannelVo vo){
if (vo == null){ if (vo == null){
......
...@@ -12,6 +12,7 @@ import lombok.extern.slf4j.Slf4j; ...@@ -12,6 +12,7 @@ import lombok.extern.slf4j.Slf4j;
import org.apache.commons.lang.StringUtils; import org.apache.commons.lang.StringUtils;
import org.springframework.beans.BeanUtils; import org.springframework.beans.BeanUtils;
import org.springframework.beans.factory.annotation.Autowired; import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.security.access.prepost.PreAuthorize;
import org.springframework.security.crypto.bcrypt.BCryptPasswordEncoder; import org.springframework.security.crypto.bcrypt.BCryptPasswordEncoder;
import org.springframework.web.bind.annotation.*; import org.springframework.web.bind.annotation.*;
...@@ -43,6 +44,7 @@ public class SystemController { ...@@ -43,6 +44,7 @@ public class SystemController {
* @param sort * @param sort
* @return * @return
*/ */
@PreAuthorize("hasRole('sys:module:list') or hasRole('admin')")
@PostMapping("/module/list") @PostMapping("/module/list")
public R funcList(@RequestParam(required = false) Integer page, public R funcList(@RequestParam(required = false) Integer page,
@RequestParam(required = false) Integer pageSize, @RequestParam(required = false) Integer pageSize,
...@@ -78,6 +80,7 @@ public class SystemController { ...@@ -78,6 +80,7 @@ public class SystemController {
* 查询出角色关联的模块 * 查询出角色关联的模块
* @return * @return
*/ */
@PreAuthorize("hasRole('sys:module:list') or hasRole('admin')")
@PostMapping("/func/listAll") @PostMapping("/func/listAll")
public R selectTreeFunc(){ public R selectTreeFunc(){
List<FuncDto> dtos = userClient.funcListAll(); List<FuncDto> dtos = userClient.funcListAll();
...@@ -104,6 +107,7 @@ public class SystemController { ...@@ -104,6 +107,7 @@ public class SystemController {
* 查询出用户关联的模块 * 查询出用户关联的模块
* @return * @return
*/ */
@PreAuthorize("hasRole('sys:module:list') or hasRole('admin')")
@PostMapping("/func/user/listAll") @PostMapping("/func/user/listAll")
public R selectTreeFuncUser(){ public R selectTreeFuncUser(){
List<FuncDto> dtos = userClient.funcListAll(); List<FuncDto> dtos = userClient.funcListAll();
...@@ -133,6 +137,7 @@ public class SystemController { ...@@ -133,6 +137,7 @@ public class SystemController {
* @param sort * @param sort
* @return * @return
*/ */
@PreAuthorize("hasRole('sys:dept:list') or hasRole('admin')")
@PostMapping("/dept/list") @PostMapping("/dept/list")
public R deptList(@RequestParam(required = false) Integer page, public R deptList(@RequestParam(required = false) Integer page,
@RequestParam(required = false) Integer pageSize, @RequestParam(required = false) Integer pageSize,
...@@ -166,6 +171,7 @@ public class SystemController { ...@@ -166,6 +171,7 @@ public class SystemController {
return new R().put("data",pageDto); return new R().put("data",pageDto);
} }
@PreAuthorize("hasRole('sys:dept:add') or hasRole('admin')")
@PostMapping("/dept/add") @PostMapping("/dept/add")
public R addDept(DepartmentVo departmentVo){ public R addDept(DepartmentVo departmentVo){
DepartmentDto departmentDto = new DepartmentDto(); DepartmentDto departmentDto = new DepartmentDto();
...@@ -181,6 +187,7 @@ public class SystemController { ...@@ -181,6 +187,7 @@ public class SystemController {
* @param departmentVo * @param departmentVo
* @return * @return
*/ */
@PreAuthorize("hasRole('sys:dept:edit') or hasRole('admin')")
@PostMapping("/dept/edit") @PostMapping("/dept/edit")
public R editDept(DepartmentVo departmentVo){ public R editDept(DepartmentVo departmentVo){
...@@ -198,6 +205,7 @@ public class SystemController { ...@@ -198,6 +205,7 @@ public class SystemController {
* @param ids * @param ids
* @return * @return
*/ */
@PreAuthorize("hasRole('sys:dept:delete') or hasRole('admin')")
@PostMapping("/dept/delete") @PostMapping("/dept/delete")
public R deleteDept(@RequestParam(value = "ids",required = false) List<Long> ids){ public R deleteDept(@RequestParam(value = "ids",required = false) List<Long> ids){
userClient.deleteDept(ids); userClient.deleteDept(ids);
...@@ -209,6 +217,7 @@ public class SystemController { ...@@ -209,6 +217,7 @@ public class SystemController {
* 获取部门下拉框列表 * 获取部门下拉框列表
* @return 返回树形的列表 * @return 返回树形的列表
*/ */
@PreAuthorize("hasRole('sys:dept:list') or hasRole('admin')")
@PostMapping("/dept/listAll") @PostMapping("/dept/listAll")
public R selectDeptParent(){ public R selectDeptParent(){
UserDto userDto = userClient.userInfo(UserUtils.getUserName()); UserDto userDto = userClient.userInfo(UserUtils.getUserName());
...@@ -241,6 +250,7 @@ public class SystemController { ...@@ -241,6 +250,7 @@ public class SystemController {
* 获取部门下拉框列表 * 获取部门下拉框列表
* @return 返回树形的列表 * @return 返回树形的列表
*/ */
@PreAuthorize("hasRole('sys:dept:list') or hasRole('admin')")
@PostMapping("/dept/listAllTree") @PostMapping("/dept/listAllTree")
public R selectTreeDeptParent(){ public R selectTreeDeptParent(){
UserDto userDto = userClient.userInfo(UserUtils.getUserName()); UserDto userDto = userClient.userInfo(UserUtils.getUserName());
...@@ -266,6 +276,7 @@ public class SystemController { ...@@ -266,6 +276,7 @@ public class SystemController {
return new R().put("data",result); return new R().put("data",result);
} }
@PreAuthorize("hasRole('sys:user:list') or hasRole('admin')")
@PostMapping("/dept/user/listAllTree") @PostMapping("/dept/user/listAllTree")
public R selectTreeDeptUserParent(){ public R selectTreeDeptUserParent(){
UserDto userDto = userClient.userInfo(UserUtils.getUserName()); UserDto userDto = userClient.userInfo(UserUtils.getUserName());
...@@ -299,6 +310,7 @@ public class SystemController { ...@@ -299,6 +310,7 @@ public class SystemController {
* @param sort * @param sort
* @return * @return
*/ */
@PreAuthorize("hasRole('sys:role:list') or hasRole('admin')")
@PostMapping("/role/list") @PostMapping("/role/list")
public R roleList(@RequestParam(required = false) Integer page, public R roleList(@RequestParam(required = false) Integer page,
@RequestParam(required = false) Integer pageSize, @RequestParam(required = false) Integer pageSize,
...@@ -337,6 +349,7 @@ public class SystemController { ...@@ -337,6 +349,7 @@ public class SystemController {
* @param roleId * @param roleId
* @return * @return
*/ */
@PreAuthorize("hasRole('sys:role:list') or hasRole('admin')")
@RequestMapping("/role/info") @RequestMapping("/role/info")
public R infoRole(Long roleId){ public R infoRole(Long roleId){
RoleDto dto = userClient.infoRole(roleId); RoleDto dto = userClient.infoRole(roleId);
...@@ -349,6 +362,7 @@ public class SystemController { ...@@ -349,6 +362,7 @@ public class SystemController {
* @param vo * @param vo
* @return * @return
*/ */
@PreAuthorize("hasRole('sys:role:add') or hasRole('admin')")
@PostMapping("/role/add") @PostMapping("/role/add")
public R roleAdd(RoleVo vo){ public R roleAdd(RoleVo vo){
RoleDto dto = new RoleDto(); RoleDto dto = new RoleDto();
...@@ -363,6 +377,7 @@ public class SystemController { ...@@ -363,6 +377,7 @@ public class SystemController {
* @param vo * @param vo
* @return * @return
*/ */
@PreAuthorize("hasRole('sys:role:edit') or hasRole('admin')")
@PostMapping("/role/edit") @PostMapping("/role/edit")
public R editRole(RoleVo vo){ public R editRole(RoleVo vo){
...@@ -377,6 +392,7 @@ public class SystemController { ...@@ -377,6 +392,7 @@ public class SystemController {
* @param ids * @param ids
* @return * @return
*/ */
@PreAuthorize("hasRole('sys:role:delete') or hasRole('admin')")
@PostMapping("/role/delete") @PostMapping("/role/delete")
public R deleteRole(@RequestParam(value = "ids",required = false) List<Long> ids){ public R deleteRole(@RequestParam(value = "ids",required = false) List<Long> ids){
userClient.deleteRole(ids); userClient.deleteRole(ids);
...@@ -402,6 +418,8 @@ public class SystemController { ...@@ -402,6 +418,8 @@ public class SystemController {
* @param sort * @param sort
* @return * @return
*/ */
@PreAuthorize("hasRole('sys:user:list') or hasRole('admin')")
@PostMapping("/user/list") @PostMapping("/user/list")
public R userList(@RequestParam(required = false) Integer page, public R userList(@RequestParam(required = false) Integer page,
@RequestParam(required = false) Integer pageSize, @RequestParam(required = false) Integer pageSize,
...@@ -438,6 +456,7 @@ public class SystemController { ...@@ -438,6 +456,7 @@ public class SystemController {
* @param username * @param username
* @return * @return
*/ */
@PreAuthorize("hasRole('sys:user:list') or hasRole('admin')")
@RequestMapping("/user/info") @RequestMapping("/user/info")
public R infoRole(String username){ public R infoRole(String username){
UserDto dto = userClient.userInfo(username); UserDto dto = userClient.userInfo(username);
...@@ -449,6 +468,7 @@ public class SystemController { ...@@ -449,6 +468,7 @@ public class SystemController {
* @param vo * @param vo
* @return * @return
*/ */
@PreAuthorize("hasRole('sys:user:add') or hasRole('admin')")
@RequestMapping("/user/add") @RequestMapping("/user/add")
public R addUser(UserVo vo){ public R addUser(UserVo vo){
UserDto dto = new UserDto(); UserDto dto = new UserDto();
...@@ -463,6 +483,7 @@ public class SystemController { ...@@ -463,6 +483,7 @@ public class SystemController {
* @param vo * @param vo
* @return * @return
*/ */
@PreAuthorize("hasRole('sys:user:edit') or hasRole('admin')")
@PostMapping("/user/update") @PostMapping("/user/update")
public R editUser(UserVo vo){ public R editUser(UserVo vo){
UserDto dto = new UserDto(); UserDto dto = new UserDto();
...@@ -480,6 +501,7 @@ public class SystemController { ...@@ -480,6 +501,7 @@ public class SystemController {
* @param ids * @param ids
* @return * @return
*/ */
@PreAuthorize("hasRole('sys:user:delete') or hasRole('admin')")
@PostMapping("/user/delete") @PostMapping("/user/delete")
public R deleteUser(@RequestParam(value = "ids",required = false) List<Long> ids){ public R deleteUser(@RequestParam(value = "ids",required = false) List<Long> ids){
userClient.deleteUser(ids); userClient.deleteUser(ids);
......
...@@ -63,8 +63,8 @@ public class UserController { ...@@ -63,8 +63,8 @@ public class UserController {
userDto.getFuncPerms().forEach(perms -> { userDto.getFuncPerms().forEach(perms -> {
sb.append(perms+","); sb.append(perms+",");
}); });
sb.substring(0,sb.length()-2); String rolesStr = sb.substring(0, sb.length() - 1);
userInfoVo.setRoles(sb.toString()); userInfoVo.setRoles(rolesStr);
} }
userInfoVo.setName(userDto.getUsername()); userInfoVo.setName(userDto.getUsername());
...@@ -74,6 +74,4 @@ public class UserController { ...@@ -74,6 +74,4 @@ public class UserController {
} }
} }
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment