diff --git a/src/main/java/com/jsl/oa/aspect/AuthControllerAspect.java b/src/main/java/com/jsl/oa/aspect/AuthControllerAspect.java
index 923d863..51bf162 100755
--- a/src/main/java/com/jsl/oa/aspect/AuthControllerAspect.java
+++ b/src/main/java/com/jsl/oa/aspect/AuthControllerAspect.java
@@ -71,7 +71,11 @@ public class AuthControllerAspect {
"&& !execution(* com.jsl.oa.controllers.AuthController.authLoginByEmail(..))" +
"&& !execution(* com.jsl.oa.controllers.AuthController.authForgetPassword(..))" +
"&& !execution(* com.jsl.oa.controllers.AuthController.authLogin(..))" +
- "&& !execution(* com.jsl.oa.controllers.AuthController.authRegister(..))")
+ "&& !execution(* com.jsl.oa.controllers.AuthController.authRegister(..)) " +
+ "&& !execution(* com.jsl.oa.controllers.IndexController.*(..)) " +
+ "&& !execution(* com.jsl.oa.controllers.CustomController.*(..)) " +
+ "&& !execution(* com.jsl.oa.controllers.InfoController.infoGetHeaderImage(..)) " +
+ "&& !execution(* com.jsl.oa.controllers.InfoController.infoGetHeaderUser(..))")
public Object tokenControllerAround(ProceedingJoinPoint pjp) throws Throwable {
// 获取 HttpServletRequest 对象
HttpServletRequest request = ((ServletRequestAttributes) Objects.requireNonNull(RequestContextHolder.getRequestAttributes())).getRequest();
diff --git a/src/main/java/com/jsl/oa/common/constant/BusinessConstants.java b/src/main/java/com/jsl/oa/common/constant/BusinessConstants.java
index 25cfd8b..48006c6 100644
--- a/src/main/java/com/jsl/oa/common/constant/BusinessConstants.java
+++ b/src/main/java/com/jsl/oa/common/constant/BusinessConstants.java
@@ -3,11 +3,19 @@ package com.jsl.oa.common.constant;
import lombok.Getter;
/**
+ * 业务常量
+ *
+ * 业务常量
*
+ * @since v1.1.0
+ * @version v1.1.0
+ * @author xiao_lfeng
*/
@Getter
public enum BusinessConstants {
BUSINESS_LOGIN("login:", "登陆实现"),
+ ALL_PERMISSION("all:", "所有权限"),
+ USER("user:", "用户"),
NONE("", "null");
private final String value;
diff --git a/src/main/java/com/jsl/oa/dao/PermissionDAO.java b/src/main/java/com/jsl/oa/dao/PermissionDAO.java
index fc4a9e5..2ac5210 100644
--- a/src/main/java/com/jsl/oa/dao/PermissionDAO.java
+++ b/src/main/java/com/jsl/oa/dao/PermissionDAO.java
@@ -5,7 +5,7 @@ import com.google.gson.reflect.TypeToken;
import com.jsl.oa.common.constant.BusinessConstants;
import com.jsl.oa.mapper.PermissionMapper;
import com.jsl.oa.model.doData.PermissionDO;
-import com.jsl.oa.utils.redis.PermissionRedisUtil;
+import com.jsl.oa.utils.redis.RoleRedisUtil;
import lombok.RequiredArgsConstructor;
import lombok.extern.slf4j.Slf4j;
import org.jetbrains.annotations.NotNull;
@@ -28,7 +28,7 @@ import java.util.List;
@RequiredArgsConstructor
public class PermissionDAO {
private final PermissionMapper permissionMapper;
- private final PermissionRedisUtil permissionRedisUtil;
+ private final RoleRedisUtil roleRedisUtil;
private final Gson gson;
/**
@@ -42,27 +42,14 @@ public class PermissionDAO {
public List getPermission(@NotNull Long uid) {
log.info("\t> 执行 DAO 层 PermissionDAO.getPermission 方法");
List getPermissionForString;
- String permissionRedisString = permissionRedisUtil.getData(BusinessConstants.NONE, uid.toString());
+ String permissionRedisString = roleRedisUtil.getData(BusinessConstants.NONE, uid.toString());
if (permissionRedisString == null) {
log.info("\t\t> 从 MySQL 获取数据");
List permissionList = permissionMapper.permissionUserPid(uid);
getPermissionForString = new ArrayList<>();
- for (PermissionDO permission : permissionList) {
- // 寻找是否存在父亲
- StringBuilder permissionString = new StringBuilder();
- if (permission.getPid() != null) {
- // 存在父亲
- this.getFatherPermission(permissionString, permission.getPid());
- } else {
- // 不存在父亲
- permissionString.append(permission.getName());
- }
- // 寻找子类
- this.getChildPermission(permissionString, permission.getId(), getPermissionForString);
- getPermissionForString.add(permissionString.toString());
- }
+ forPermissionToBuildString(permissionList, getPermissionForString);
// 存入 Redis
- permissionRedisUtil.setData(BusinessConstants.NONE, uid.toString(), gson.toJson(getPermissionForString), 1440);
+ roleRedisUtil.setData(BusinessConstants.NONE, uid.toString(), gson.toJson(getPermissionForString), 1440);
} else {
log.info("\t\t> 从 Redis 获取数据");
getPermissionForString = gson.fromJson(permissionRedisString, new TypeToken>() {}.getType());
@@ -70,14 +57,83 @@ public class PermissionDAO {
return getPermissionForString;
}
+ public List getAllPermissionBuildString() {
+ log.info("\t> 执行 DAO 层 PermissionDAO.getPermission 方法");
+ List getPermissionForString;
+ String getRedisData = roleRedisUtil.getData(BusinessConstants.ALL_PERMISSION, "string");
+ if (getRedisData == null) {
+ log.info("\t\t> 从 MySQL 获取数据");
+ List permissionList = permissionMapper.getAllPermission();
+ permissionList.removeIf(it -> it.getPid() != null);
+ getPermissionForString = new ArrayList<>();
+ forPermissionToBuildString(permissionList, getPermissionForString);
+ // 存入 Redis
+ roleRedisUtil.setData(BusinessConstants.ALL_PERMISSION, "string", gson.toJson(getPermissionForString), 1440);
+ } else {
+ log.info("\t\t> 从 Redis 获取数据");
+ getPermissionForString = gson.fromJson(getRedisData, new TypeToken>() {}.getType());
+ }
+ return getPermissionForString;
+ }
+
+ public List getRootPermission() {
+ log.info("\t> 执行 DAO 层 PermissionDAO.getRootPermission 方法");
+ String getRedisData = roleRedisUtil.getData(BusinessConstants.ALL_PERMISSION, "all");
+ if (getRedisData == null) {
+ log.info("\t\t> 从 MySQL 获取数据");
+ List permissionList = permissionMapper.getAllPermission();
+ if (!permissionList.isEmpty()) {
+ List getPermissionList = new ArrayList<>();
+ for (PermissionDO permission : permissionList) {
+ if (permission.getPid() == null) {
+ getPermissionList.add(permission);
+ }
+ }
+ roleRedisUtil.setData(BusinessConstants.ALL_PERMISSION, "all", gson.toJson(getPermissionList), 1440);
+ return getPermissionList;
+ } else {
+ return null;
+ }
+ } else {
+ log.info("\t\t> 从 Redis 获取数据");
+ return gson.fromJson(getRedisData, new TypeToken>() {
+ }.getType());
+ }
+ }
+
+ /**
+ * 获取全部权限信息
+ *
+ * 获取全部权限信息
+ *
+ * @param permissionList 权限信息
+ * @param getPermissionForString 存储权限信息
+ */
+ private void forPermissionToBuildString(@NotNull List permissionList, List getPermissionForString) {
+ for (PermissionDO permission : permissionList) {
+ // 寻找是否存在父亲
+ StringBuilder permissionString = new StringBuilder();
+ if (permission.getPid() != null) {
+ // 存在父亲
+ this.getFatherPermission(permissionString, permission.getPid());
+ } else {
+ // 不存在父亲
+ permissionString.append(permission.getName());
+ }
+ // 寻找子类
+ this.getChildPermission(permissionString, permission.getId(), getPermissionForString);
+ getPermissionForString.add(permissionString.toString());
+ }
+ }
+
/**
* 获取子类权限信息
*
* 通过父类 ID 获取子类权限信息
* 递归调用
*
- * @param permissionString 父类权限信息
- * @param id 父类 ID
+ * @param permissionString 父类权限信息
+ * @param id 父类 ID
* @param getPermissionForString 存储权限信息
*/
private void getChildPermission(StringBuilder permissionString, Long id, List getPermissionForString) {
@@ -111,7 +167,7 @@ public class PermissionDAO {
* 递归调用
*
* @param permissionString 父类权限信息
- * @param pid 父类 ID
+ * @param pid 父类 ID
*/
public void getFatherPermission(StringBuilder permissionString, Long pid) {
// 获取权限信息
diff --git a/src/main/java/com/jsl/oa/dao/RoleDAO.java b/src/main/java/com/jsl/oa/dao/RoleDAO.java
index a526c73..69bff31 100644
--- a/src/main/java/com/jsl/oa/dao/RoleDAO.java
+++ b/src/main/java/com/jsl/oa/dao/RoleDAO.java
@@ -1,7 +1,12 @@
package com.jsl.oa.dao;
+import com.google.gson.Gson;
+import com.google.gson.reflect.TypeToken;
+import com.jsl.oa.common.constant.BusinessConstants;
import com.jsl.oa.mapper.RoleMapper;
import com.jsl.oa.model.doData.RoleDO;
+import com.jsl.oa.model.doData.RoleUserDO;
+import com.jsl.oa.utils.redis.RoleRedisUtil;
import lombok.RequiredArgsConstructor;
import lombok.extern.slf4j.Slf4j;
import org.springframework.stereotype.Component;
@@ -14,6 +19,8 @@ import java.util.List;
@RequiredArgsConstructor
public class RoleDAO {
public final RoleMapper roleMapper;
+ private final Gson gson;
+ private final RoleRedisUtil roleRedisUtil;
public void roleAddUser(Long uid, Long rid) {
log.info("\t> 执行 DAO 层 RoleDAO.roleAddUser 方法");
@@ -37,32 +44,67 @@ public class RoleDAO {
public RoleDO getRoleById(Long id) {
log.info("\t> 执行 DAO 层 RoleDAO.getRoleById 方法");
- log.info("\t\t> 从 MySQL 获取数据");
- return roleMapper.getRoleById(id);
+ String getRedisData = roleRedisUtil.getData(BusinessConstants.NONE, "all");
+ if (getRedisData == null) {
+ log.info("\t\t> 从 MySQL 获取数据");
+ return roleMapper.getRoleById(id);
+ } else {
+ log.info("\t\t> 从 Redis 获取数据");
+ List roleList = gson.fromJson(getRedisData, new TypeToken>() {}.getType());
+ for (RoleDO roleDO : roleList) {
+ if (roleDO.getId().equals(id)) {
+ return roleDO;
+ }
+ }
+ return null;
+ }
}
public List getRole() {
log.info("\t> 执行 DAO 层 RoleDAO.getRole 方法");
- log.info("\t\t> 从 MySQL 获取数据");
- return roleMapper.getRole();
+ String getRedisData = roleRedisUtil.getData(BusinessConstants.NONE, "all");
+ if (getRedisData == null) {
+ log.info("\t\t> 从 MySQL 获取数据");
+ List roleList = roleMapper.getRole();
+ roleRedisUtil.setData(BusinessConstants.NONE, "all", gson.toJson(roleList), 1440);
+ return roleList;
+ } else {
+ log.info("\t\t> 从 Redis 获取数据");
+ return gson.fromJson(getRedisData, new TypeToken>() {}.getType());
+ }
}
public void roleAdd(RoleDO roleDO) {
log.info("\t> 执行 DAO 层 RoleDAO.roleAdd 方法");
log.info("\t\t> 从 MySQL 获取数据");
roleMapper.roleAdd(roleDO);
+ List roleList = roleMapper.getRole();
+ roleRedisUtil.setData(BusinessConstants.NONE, "all", gson.toJson(roleList), 1440);
+
}
public boolean roleEdit(RoleDO getRole) {
log.info("\t> 执行 DAO 层 RoleDAO.roleEdit 方法");
log.info("\t\t> 从 MySQL 获取数据");
- return roleMapper.roleEdit(getRole);
+ if (roleMapper.roleEdit(getRole)) {
+ List roleList = roleMapper.getRole();
+ roleRedisUtil.setData(BusinessConstants.NONE, "all", gson.toJson(roleList), 1440);
+ return true;
+ } else {
+ return false;
+ }
}
public boolean roleDelete(Long id) {
log.info("\t> 执行 DAO 层 RoleDAO.roleDelete 方法");
log.info("\t\t> 从 MySQL 获取数据");
- return roleMapper.roleDelete(id);
+ if (roleMapper.roleDelete(id)) {
+ List roleList = roleMapper.getRole();
+ roleRedisUtil.setData(BusinessConstants.NONE, "all", gson.toJson(roleList), 1440);
+ return true;
+ } else {
+ return false;
+ }
}
public boolean isExistRoleByRoleName(String roleName) {
@@ -77,4 +119,10 @@ public class RoleDAO {
log.info("\t\t> 从 MySQL 获取数据");
return roleMapper.roleChangeUser(uid, rid);
}
+
+ public RoleUserDO getRoleUserByUid(Long uid) {
+ log.info("\t> 执行 DAO 层 RoleDAO.getRoleUserByUid 方法");
+ log.info("\t\t> 从 MySQL 获取数据");
+ return roleMapper.getRoleUserByUid(uid);
+ }
}
diff --git a/src/main/java/com/jsl/oa/dao/UserDAO.java b/src/main/java/com/jsl/oa/dao/UserDAO.java
index 9dea3e2..042e190 100755
--- a/src/main/java/com/jsl/oa/dao/UserDAO.java
+++ b/src/main/java/com/jsl/oa/dao/UserDAO.java
@@ -2,7 +2,6 @@ package com.jsl.oa.dao;
import com.google.gson.Gson;
import com.jsl.oa.common.constant.BusinessConstants;
-import com.jsl.oa.mapper.RoleMapper;
import com.jsl.oa.mapper.UserMapper;
import com.jsl.oa.model.doData.RoleDO;
import com.jsl.oa.model.doData.RoleUserDO;
@@ -26,7 +25,8 @@ import java.util.List;
public class UserDAO {
public final UserMapper userMapper;
- private final RoleMapper roleMapper;
+ private final RoleDAO roleDAO;
+ private final PermissionDAO permissionDAO;
private final Gson gson;
private final UserRedisUtil userRedisUtil;
@@ -126,7 +126,7 @@ public class UserDAO {
List userCurrentDO = userMapper.getAllUser(userAllCurrentVO);
List userCurrentDOList = new ArrayList<>();
userCurrentDO.forEach(it -> {
- userCurrentDOList.add(Processing.ReturnUserInfo(it, roleMapper));
+ userCurrentDOList.add(Processing.returnUserInfo(it, roleDAO, permissionDAO));
});
return userCurrentDOList;
@@ -138,7 +138,7 @@ public class UserDAO {
List userCurrentDO = userMapper.getAllUserBySearch(userAllCurrentVO);
List userCurrentDOList = new ArrayList<>();
userCurrentDO.forEach(it -> {
- userCurrentDOList.add(Processing.ReturnUserInfo(it, roleMapper));
+ userCurrentDOList.add(Processing.returnUserInfo(it, roleDAO, permissionDAO));
});
return userCurrentDOList;
}
diff --git a/src/main/java/com/jsl/oa/services/impl/AuthServiceImpl.java b/src/main/java/com/jsl/oa/services/impl/AuthServiceImpl.java
index efadf58..94e4b3e 100755
--- a/src/main/java/com/jsl/oa/services/impl/AuthServiceImpl.java
+++ b/src/main/java/com/jsl/oa/services/impl/AuthServiceImpl.java
@@ -1,7 +1,9 @@
package com.jsl.oa.services.impl;
+import com.jsl.oa.annotations.CheckUserAbleToUse;
import com.jsl.oa.common.constant.BusinessConstants;
-import com.jsl.oa.mapper.RoleMapper;
+import com.jsl.oa.dao.PermissionDAO;
+import com.jsl.oa.dao.RoleDAO;
import com.jsl.oa.mapper.UserMapper;
import com.jsl.oa.model.doData.RoleUserDO;
import com.jsl.oa.model.doData.UserDO;
@@ -19,7 +21,7 @@ import org.springframework.stereotype.Service;
import javax.servlet.http.HttpServletRequest;
import java.sql.Timestamp;
-import java.util.ArrayList;
+import java.util.List;
import java.util.regex.Pattern;
/**
@@ -30,13 +32,15 @@ import java.util.regex.Pattern;
* @version v1.1.0
* @see AuthService
* @since v1.0.0
+ * @author xiao_lfeng
*/
@Slf4j
@Service
@RequiredArgsConstructor
public class AuthServiceImpl implements AuthService {
private final UserMapper userMapper;
- private final RoleMapper roleMapper;
+ private final RoleDAO roleDAO;
+ private final PermissionDAO permissionDAO;
private final MailService mailService;
private final EmailRedisUtil emailRedisUtil;
@@ -167,6 +171,7 @@ public class AuthServiceImpl implements AuthService {
}
@Override
+ @CheckUserAbleToUse
public BaseResponse authChangePassword(HttpServletRequest request, @NotNull UserChangePasswordVO userChangePasswordVO) {
log.info("\t> 执行 Service 层 AuthService.authChangePassword 方法");
// 检查新密码输入无误
@@ -193,6 +198,7 @@ public class AuthServiceImpl implements AuthService {
}
@Override
+ @CheckUserAbleToUse
public BaseResponse authLogout(HttpServletRequest request) {
log.info("\t> 执行 Service 层 AuthService.authLogout 方法");
// 获取用户
@@ -206,7 +212,7 @@ public class AuthServiceImpl implements AuthService {
}
@Override
- public BaseResponse authForgetPassword(UserForgetPasswordVO userForgetPasswordVO) {
+ public BaseResponse authForgetPassword(@NotNull UserForgetPasswordVO userForgetPasswordVO) {
log.info("\t> 执行 Service 层 AuthService.authForgetPassword 方法");
// 获取验证码是否有效
Integer redisCode = emailRedisUtil.getData(BusinessConstants.BUSINESS_LOGIN, userForgetPasswordVO.getEmail());
@@ -242,8 +248,17 @@ public class AuthServiceImpl implements AuthService {
UserReturnBackVO userReturnBackVO = new UserReturnBackVO();
// Token 上传到 Redis
tokenRedisUtil.setData(BusinessConstants.BUSINESS_LOGIN, userDO.getId().toString(), token, 1440);
+ RoleUserDO roleUserDO = roleDAO.getRoleUserByUid(userDO.getId());
+ List getPermissionForString;
+ if (roleUserDO != null) {
+ // 获取全部根权限
+ getPermissionForString = permissionDAO.getAllPermissionBuildString();
+ } else {
+ // 获取权限列表信息
+ getPermissionForString = permissionDAO.getPermission(userDO.getId());
+ }
// 获取用户角色
- RoleUserDO getUserRole = roleMapper.getRoleUserByUid(userDO.getId());
+ RoleUserDO getUserRole = roleDAO.roleMapper.getRoleUserByUid(userDO.getId());
if (getUserRole == null) {
getUserRole = new RoleUserDO();
getUserRole.setRid(0L)
@@ -260,7 +275,7 @@ public class AuthServiceImpl implements AuthService {
.setRole(new UserReturnBackVO.ReturnUserRole()
.setRid(getUserRole.getRid()))
.setToken(token)
- .setPermission(new ArrayList<>());
+ .setPermission(getPermissionForString);
return ResultUtil.success("登陆成功", userReturnBackVO);
}
}
diff --git a/src/main/java/com/jsl/oa/services/impl/InfoServiceImpl.java b/src/main/java/com/jsl/oa/services/impl/InfoServiceImpl.java
index a33c9d6..8a3e03e 100644
--- a/src/main/java/com/jsl/oa/services/impl/InfoServiceImpl.java
+++ b/src/main/java/com/jsl/oa/services/impl/InfoServiceImpl.java
@@ -1,5 +1,6 @@
package com.jsl.oa.services.impl;
+import com.jsl.oa.annotations.CheckUserHasPermission;
import com.jsl.oa.dao.InfoDAO;
import com.jsl.oa.dao.UserDAO;
import com.jsl.oa.mapper.RoleMapper;
@@ -21,6 +22,15 @@ import java.sql.Timestamp;
import java.util.ArrayList;
import java.util.List;
+/**
+ * 信息服务层实现类
+ *
+ * 用于信息服务层的实现类
+ *
+ * @since v1.0.0
+ * @version v1.1.0
+ * @author xiao_lfeng
+ */
@Slf4j
@Service
@RequiredArgsConstructor
@@ -30,6 +40,7 @@ public class InfoServiceImpl implements InfoService {
private final UserDAO userDAO;
@Override
+ @CheckUserHasPermission("")
public BaseResponse addHeaderImage(HttpServletRequest request, CarouselVO carouselVO) {
log.info("\t> 执行 Service 层 InfoService.addHeaderImage 方法");
// 用户权限校验
diff --git a/src/main/java/com/jsl/oa/services/impl/PermissionServiceImpl.java b/src/main/java/com/jsl/oa/services/impl/PermissionServiceImpl.java
index 896fdf6..8c5ef92 100644
--- a/src/main/java/com/jsl/oa/services/impl/PermissionServiceImpl.java
+++ b/src/main/java/com/jsl/oa/services/impl/PermissionServiceImpl.java
@@ -1,10 +1,12 @@
package com.jsl.oa.services.impl;
+import com.jsl.oa.annotations.CheckUserHasPermission;
import com.jsl.oa.dao.PermissionDAO;
+import com.jsl.oa.dao.RoleDAO;
import com.jsl.oa.dao.UserDAO;
import com.jsl.oa.mapper.PermissionMapper;
-import com.jsl.oa.mapper.RoleMapper;
import com.jsl.oa.model.doData.PermissionDO;
+import com.jsl.oa.model.doData.RoleUserDO;
import com.jsl.oa.model.voData.PermissionContentVo;
import com.jsl.oa.model.voData.PermissionEditVO;
import com.jsl.oa.services.PermissionService;
@@ -19,32 +21,48 @@ import org.springframework.stereotype.Service;
import javax.servlet.http.HttpServletRequest;
import java.util.List;
+/**
+ * 权限服务层实现类
+ *
+ * 用于权限服务层的实现类,实现权限的增删改查,以及用户权限的获取
+ *
+ * @since v1.0.0
+ * @version v1.1.0
+ * @author xiao_lfeng | xiangZr-hhh | 176yunxuan
+ */
@Slf4j
@Service
@RequiredArgsConstructor
public class PermissionServiceImpl implements PermissionService {
private final PermissionMapper permissionMapper;
- private final RoleMapper roleMapper;
+ private final RoleDAO roleDAO;
private final PermissionDAO permissionDAO;
private final UserDAO userDAO;
@Override
+ @CheckUserHasPermission("permission.add")
public BaseResponse permissionAdd(HttpServletRequest request, Long rid, Long pid) {
log.info("\t> 执行 Service 层 PermissionService.permissionAdd 方法");
- if (!Processing.checkUserIsAdmin(request, roleMapper)) {
- return ResultUtil.error(ErrorCode.NOT_ADMIN);
- }
permissionMapper.permissionAdd(rid, pid);
return ResultUtil.success();
}
@Override
+ @CheckUserHasPermission("permission.user")
public BaseResponse permissionUser(HttpServletRequest request, Long uid) {
log.info("\t> 执行 Service 层 PermissionService.permissionUserPid 方法");
if (userDAO.isExistUser(uid)) {
- // 获取权限列表信息
- List getPermissionForString = permissionDAO.getPermission(uid);
+ // 此用户是否为管理员
+ RoleUserDO roleUserDO = roleDAO.getRoleUserByUid(uid);
+ List getPermissionForString;
+ if (roleUserDO != null) {
+ // 获取全部根权限
+ getPermissionForString = permissionDAO.getAllPermissionBuildString();
+ } else {
+ // 获取权限列表信息
+ getPermissionForString = permissionDAO.getPermission(uid);
+ }
return ResultUtil.success(getPermissionForString);
}
return ResultUtil.error(ErrorCode.USER_NOT_EXIST);
@@ -52,12 +70,9 @@ public class PermissionServiceImpl implements PermissionService {
@Override
+ @CheckUserHasPermission("permission.get")
public BaseResponse permissionGet(HttpServletRequest request) {
log.info("\t> 执行 Service 层 PermissionService.permissionGet 方法");
- //检验用户权限是否为管理员
- if (!Processing.checkUserIsAdmin(request, roleMapper)) {
- return ResultUtil.error(ErrorCode.NOT_ADMIN);
- }
//获取所有权限数据
List permissionDOList = permissionMapper.getAllPermission();
//将数据按父子类封装
@@ -67,12 +82,9 @@ public class PermissionServiceImpl implements PermissionService {
}
@Override
+ @CheckUserHasPermission("permission.edit")
public BaseResponse permissionEdit(PermissionEditVO permissionEditVo, HttpServletRequest request) {
log.info("\t> 执行 Service 层 PermissionService.permissionEdit 方法");
- //检验用户权限是否为管理员
- if (!Processing.checkUserIsAdmin(request, roleMapper)) {
- return ResultUtil.error(ErrorCode.NOT_ADMIN);
- }
//根据id获取对应permission数据
PermissionDO permissionDO = permissionMapper.getPermissionById(permissionEditVo.getId());
if (permissionDO == null) {
@@ -88,12 +100,9 @@ public class PermissionServiceImpl implements PermissionService {
}
@Override
+ @CheckUserHasPermission("permission.delete")
public BaseResponse permissionDelete(HttpServletRequest request, Long pid) {
log.info("\t> 执行 Service 层 PermissionService.permissionDelete 方法");
- //检验用户权限是否为管理员
- if (!Processing.checkUserIsAdmin(request, roleMapper)) {
- return ResultUtil.error(ErrorCode.NOT_ADMIN);
- }
//删除权限
if (!permissionMapper.deletePermission(pid)) {
return ResultUtil.error(ErrorCode.DATABASE_DELETE_ERROR);
diff --git a/src/main/java/com/jsl/oa/services/impl/UserServiceImpl.java b/src/main/java/com/jsl/oa/services/impl/UserServiceImpl.java
index 8d0cd37..a9c3c75 100755
--- a/src/main/java/com/jsl/oa/services/impl/UserServiceImpl.java
+++ b/src/main/java/com/jsl/oa/services/impl/UserServiceImpl.java
@@ -10,7 +10,10 @@ import com.jsl.oa.model.doData.RoleUserDO;
import com.jsl.oa.model.doData.UserDO;
import com.jsl.oa.model.voData.*;
import com.jsl.oa.services.UserService;
-import com.jsl.oa.utils.*;
+import com.jsl.oa.utils.BaseResponse;
+import com.jsl.oa.utils.ErrorCode;
+import com.jsl.oa.utils.Processing;
+import com.jsl.oa.utils.ResultUtil;
import lombok.RequiredArgsConstructor;
import lombok.extern.slf4j.Slf4j;
import org.jetbrains.annotations.NotNull;
@@ -134,7 +137,7 @@ public class UserServiceImpl implements UserService {
// Token获取信息
UserDO userDO = userDAO.getUserById(Processing.getAuthHeaderToUserId(request));
if (userDO != null) {
- return ResultUtil.success(Processing.ReturnUserInfo(userDO, roleDAO.roleMapper));
+ return ResultUtil.success(Processing.returnUserInfo(userDO, roleDAO, permissionDAO));
} else {
return ResultUtil.error(ErrorCode.USER_NOT_EXIST);
}
@@ -173,7 +176,7 @@ public class UserServiceImpl implements UserService {
}
// 返回结果
if (userDO != null) {
- return ResultUtil.success(Processing.ReturnUserInfo(userDO, roleDAO.roleMapper));
+ return ResultUtil.success(Processing.returnUserInfo(userDO, roleDAO, permissionDAO));
} else {
return ResultUtil.error(ErrorCode.USER_NOT_EXIST);
}
@@ -260,29 +263,4 @@ public class UserServiceImpl implements UserService {
userProfileVo.setSex(Processing.getSex(userDO.getSex()));
return ResultUtil.success(userProfileVo);
}
-
-
- /**
- * @Description: 判断用户是否为管理员
- * @Date: 2024/1/18
- * @Param request: 请求头
- **/
- public BaseResponse isManager(HttpServletRequest request) {
- //获取token
- String originalAuthorization = request.getHeader("Authorization");
- String token = originalAuthorization.replace("Bearer ", "");
- //获取操作用户的权限
- RoleUserDO roleUserDO = userDAO.getRoleFromUser(JwtUtil.getUserId(token));
- //用户权限不为空
- if (roleUserDO == null) {
- return ResultUtil.error(ErrorCode.USER_ROLE_NOT_EXIST);
- }
- //用户权限应为管理员
- if (!userDAO.isManagerByRoleId(roleUserDO.getRid())) {
- return ResultUtil.error(ErrorCode.USER_ROLE_NOT_MANAGER);
- }
- return ResultUtil.success();
- }
-
-
}
diff --git a/src/main/java/com/jsl/oa/utils/Processing.java b/src/main/java/com/jsl/oa/utils/Processing.java
index 63080d8..8cd23bd 100755
--- a/src/main/java/com/jsl/oa/utils/Processing.java
+++ b/src/main/java/com/jsl/oa/utils/Processing.java
@@ -1,5 +1,7 @@
package com.jsl.oa.utils;
+import com.jsl.oa.dao.PermissionDAO;
+import com.jsl.oa.dao.RoleDAO;
import com.jsl.oa.exception.ClassCopyException;
import com.jsl.oa.mapper.RoleMapper;
import com.jsl.oa.model.doData.PermissionDO;
@@ -257,10 +259,10 @@ public class Processing {
* @param userDO 用户信息
* @return {@link BaseResponse}
*/
- public static @NotNull UserCurrentBackVO ReturnUserInfo(@NotNull UserDO userDO, RoleMapper roleMapper) {
+ public static @NotNull UserCurrentBackVO returnUserInfo(@NotNull UserDO userDO, RoleDAO roleDAO, PermissionDAO permissionDAO) {
UserCurrentBackVO userCurrentBackVO = new UserCurrentBackVO();
// 获取用户角色
- RoleUserDO getUserRole = roleMapper.getRoleUserByUid(userDO.getId());
+ RoleUserDO getUserRole = roleDAO.getRoleUserByUid(userDO.getId());
if (getUserRole == null) {
getUserRole = new RoleUserDO();
getUserRole.setRid(0L)
@@ -268,6 +270,16 @@ public class Processing {
} else {
getUserRole.setUid(null);
}
+ // 获取用户权限
+ RoleUserDO roleUserDO = roleDAO.getRoleUserByUid(userDO.getId());
+ List getPermissionForString;
+ if (roleUserDO != null) {
+ // 获取全部根权限
+ getPermissionForString = permissionDAO.getAllPermissionBuildString();
+ } else {
+ // 获取权限列表信息
+ getPermissionForString = permissionDAO.getPermission(userDO.getId());
+ }
userCurrentBackVO.setUser(new UserCurrentBackVO.ReturnUser()
.setId(userDO.getId())
.setJobId(userDO.getJobId())
@@ -291,7 +303,7 @@ public class Processing {
.setIsDelete(userDO.getIsDelete()))
.setRole(new UserCurrentBackVO.ReturnUserRole()
.setRid(getUserRole.getRid()))
- .setPermission(new ArrayList<>());
+ .setPermission(getPermissionForString);
return userCurrentBackVO;
}
diff --git a/src/main/java/com/jsl/oa/utils/redis/RoleRedisUtil.java b/src/main/java/com/jsl/oa/utils/redis/RoleRedisUtil.java
new file mode 100644
index 0000000..aa3db0d
--- /dev/null
+++ b/src/main/java/com/jsl/oa/utils/redis/RoleRedisUtil.java
@@ -0,0 +1,62 @@
+package com.jsl.oa.utils.redis;
+
+import com.jsl.oa.common.constant.BusinessConstants;
+import com.jsl.oa.common.constant.RedisConstant;
+import com.jsl.oa.config.redis.RedisOperating;
+import lombok.extern.slf4j.Slf4j;
+import org.jetbrains.annotations.NotNull;
+import org.springframework.data.redis.core.RedisTemplate;
+import org.springframework.data.redis.core.StringRedisTemplate;
+import org.springframework.stereotype.Component;
+
+import java.util.concurrent.TimeUnit;
+
+/**
+ * 角色Redis工具类
+ *
+ * 角色Redis工具类
+ *
+ * @since v1.1.0
+ * @version v1.1.0
+ * @see com.jsl.oa.common.constant.RedisConstant
+ * @see com.jsl.oa.common.constant.BusinessConstants
+ * @see com.jsl.oa.config.redis.RedisOperating
+ * @author xiao_lfeng
+ */
+@Slf4j
+@Component
+public class RoleRedisUtil extends RedisOperating {
+ public RoleRedisUtil(RedisTemplate redisTemplate, StringRedisTemplate stringRedisTemplate) {
+ super(redisTemplate, stringRedisTemplate);
+ }
+
+ @Override
+ public Long getExpiredAt(@NotNull BusinessConstants businessConstants, String field) {
+ String key = RedisConstant.TYPE_AUTH + RedisConstant.TABLE_ROLE + businessConstants.getValue() + field;
+ log.info("\t\t> 读取 Redis 键为 {} 的过期时间", key);
+ return redisTemplate.getExpire(key);
+ }
+
+ @Override
+ public Boolean delData(@NotNull BusinessConstants businessConstants, String field) {
+ String key = RedisConstant.TYPE_AUTH + RedisConstant.TABLE_ROLE + businessConstants.getValue() + field;
+ log.info("\t\t> 删除 Redis 键为 {} 的数据", key);
+ return redisTemplate.delete(key);
+ }
+
+ @Override
+ public R getData(@NotNull BusinessConstants businessConstants, String field) {
+ String key = RedisConstant.TYPE_AUTH + RedisConstant.TABLE_ROLE + businessConstants.getValue() + field;
+ log.info("\t\t> 读取 Redis 键为 {} 的数据", key);
+ return redisTemplate.opsForValue().get(key);
+ }
+
+ @Override
+ public Boolean setData(@NotNull BusinessConstants businessConstants, String field, R value, Integer time) {
+ String key = RedisConstant.TYPE_AUTH + RedisConstant.TABLE_ROLE + businessConstants.getValue() + field;
+ log.info("\t\t> 写入 Redis 键为 {} 的数据", key);
+ redisTemplate.opsForValue().set(key, value);
+ redisTemplate.expire(key, time, TimeUnit.MINUTES);
+ return true;
+ }
+}
\ No newline at end of file