WxxyDeveloper/JSL_OrganizeInternalOA
9
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

feat: 权限控制

Browse Source
This commit is contained in:
筱锋xiao_lfeng 2024-01-22 18:20:32 +08:00
parent cc11295dc1
commit 9f82efd772
Signed by: XiaoLFeng
GPG Key ID: F693AA12AABBFA87
6 changed files with 138 additions and 31 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

10
src/main/java/com/jsl/oa/aspect/AuthControllerAspect.java
View File

@ -67,11 +67,11 @@ public class AuthControllerAspect {
* @throws Throwable 异常
*/
@Around("execution(* com.jsl.oa.controllers.*.*(..)) " +
"|| !execution(* com.jsl.oa.controllers.AuthController.authSendEmailCode(..))" +
"|| !execution(* com.jsl.oa.controllers.AuthController.authLoginByEmail(..))" +
"|| !execution(* com.jsl.oa.controllers.AuthController.authForgetPassword(..))" +
"|| !execution(* com.jsl.oa.controllers.AuthController.authLogin(..))" +
"|| !execution(* com.jsl.oa.controllers.AuthController.authRegister(..))")
"&& !execution(* com.jsl.oa.controllers.AuthController.authSendEmailCode(..))" +
"&& !execution(* com.jsl.oa.controllers.AuthController.authLoginByEmail(..))" +
"&& !execution(* com.jsl.oa.controllers.AuthController.authForgetPassword(..))" +
"&& !execution(* com.jsl.oa.controllers.AuthController.authLogin(..))" +
"&& !execution(* com.jsl.oa.controllers.AuthController.authRegister(..))")
public Object tokenControllerAround(ProceedingJoinPoint pjp) throws Throwable {
// 获取 HttpServletRequest 对象
HttpServletRequest request = ((ServletRequestAttributes) Objects.requireNonNull(RequestContextHolder.getRequestAttributes())).getRequest();

4
src/main/java/com/jsl/oa/controllers/PermissionController.java
View File

@ -38,7 +38,9 @@ public class PermissionController {
// 判断是否有参数错误
if (uid == null ) {
return ResultUtil.error(ErrorCode.PARAMETER_ERROR);
} else return permissionService.permissionUser(request,uid);
} else {
return permissionService.permissionUser(request,uid);
}
}
@GetMapping("/permission/get")

88
src/main/java/com/jsl/oa/dao/PermissionDAO.java Normal file
View File

@ -0,0 +1,88 @@
package com.jsl.oa.dao;
import com.jsl.oa.mapper.PermissionMapper;
import com.jsl.oa.model.doData.PermissionDO;
import lombok.RequiredArgsConstructor;
import lombok.extern.slf4j.Slf4j;
import org.springframework.stereotype.Component;
import java.util.ArrayList;
import java.util.List;
/**
* <h1>权限数据表</h1>
* <hr/>
* 内容进入自定义实体类
*
* @author xiao_lfeng
* @version v1.1.0
* @since v1.1.0
*/
@Slf4j
@Component
@RequiredArgsConstructor
public class PermissionDAO {
private final PermissionMapper permissionMapper;
public List<String> getPermission(Long uid) {
log.info("\t> 执行 DAO 层 PermissionDAO.getPermission 方法");
List<PermissionDO> permissionList = permissionMapper.permissionUserPid(uid);
List<String> getPermissionForString = new ArrayList<>();
for (PermissionDO permission : permissionList) {
// 寻找是否存在父亲
StringBuilder permissionString = new StringBuilder();
if (permission.getPid() != null) {
// 存在父亲
this.getFatherPermission(permissionString, permission.getPid());
// 寻找子类
this.getChildPermission(permissionString, permission.getId(), getPermissionForString);
getPermissionForString.add(permissionString.toString());
} else {
// 不存在父亲
permissionString.append(permission.getName());
this.getChildPermission(permissionString, permission.getId(), getPermissionForString);
getPermissionForString.add(permissionString.toString());
}
}
// 存入 Redis
return getPermissionForString;
}
private void getChildPermission(StringBuilder permissionString, Long id, List<String> getPermissionForString) {
// 获取子类权限信息
List<PermissionDO> permissionList = permissionMapper.getChildPermission(id);
// 判断是否存在子类
if (!permissionList.isEmpty()) {
// 存在子类
for (PermissionDO permission : permissionList) {
StringBuilder childPermissionString = new StringBuilder(permissionString);
// 遍历数据检查是否依旧存在子类
List<PermissionDO> childPermissionList = permissionMapper.getChildPermission(permission.getId());
if (!childPermissionList.isEmpty()) {
// 存在子类
permissionString.append(".").append(permission.getName());
this.getChildPermission(permissionString, permission.getId(), getPermissionForString);
} else {
// 不存在子类
permissionString.append(".").append(permission.getName());
getPermissionForString.add(permissionString.toString());
}
permissionString = childPermissionString;
}
}
}
public void getFatherPermission(StringBuilder permissionString, Long pid) {
// 获取权限信息
PermissionDO permissionDO = permissionMapper.getPermissionById(pid);
// 判断是否存在父亲
if (permissionDO.getPid() != null) {
// 存在父亲
this.getFatherPermission(permissionString, permissionDO.getPid());
} else {
// 不存在父亲
permissionString.append(permissionDO.getCode());
}
}
}

7
src/main/java/com/jsl/oa/exception/ProcessException.java
View File

@ -12,6 +12,7 @@ import org.springframework.web.HttpRequestMethodNotSupportedException;
import org.springframework.web.bind.MissingServletRequestParameterException;
import org.springframework.web.bind.annotation.ExceptionHandler;
import org.springframework.web.bind.annotation.RestControllerAdvice;
import org.springframework.web.method.annotation.MethodArgumentTypeMismatchException;
import java.util.Objects;
import java.util.regex.Matcher;
@ -66,4 +67,10 @@ public class ProcessException {
log.error(e.getMessage(), e);
return ResultUtil.error("ServerInternalError", 50001, "服务器内部错误");
}
@ExceptionHandler(value = MethodArgumentTypeMismatchException.class)
public ResponseEntity<BaseResponse> businessMethodArgumentTypeMismatchException(@NotNull MethodArgumentTypeMismatchException e) {
log.error(e.getMessage(), e);
return ResultUtil.error("ServerInternalError", 50002, "服务器内部错误");
}
}

21
src/main/java/com/jsl/oa/mapper/PermissionMapper.java
View File

@ -9,16 +9,16 @@ import java.util.List;
@Mapper
public interface PermissionMapper {
@Insert("insert into organize_oa.oa_role_permissions(rid, pid) VALUE (#{rid},#{pid})")
@Insert("INSERT INTO organize_oa.oa_role_permissions(rid, pid) VALUE (#{rid},#{pid})")
void permissionAdd(Long rid, Long pid);
@Select("select name from organize_oa.oa_permissions where id in(select pid " +
"from organize_oa.oa_role_permissions where rid=" +
"(select rid from organize_oa.oa_role_user where uid=#{uid}) )")
List<String> permissionUser(Long uid);
@Select("SELECT * FROM organize_oa.oa_permissions WHERE id IN " +
"(SELECT pid FROM organize_oa.oa_role_permissions WHERE rid IN " +
"(SELECT rid FROM organize_oa.oa_role_user WHERE uid = #{uid}))")
List<PermissionDO> permissionUserPid(Long uid);
@Select("SELECT * FROM organize_oa.oa_permissions where id=#{id}")
PermissionDO permissionGetById(Long id);
PermissionDO getPermissionById(Long id);
@Select("SELECT * FROM organize_oa.oa_role_permissions where pid=#{pid}")
RolePermissionDO rolePermissionGetByPid(Long pid);
@ -32,4 +32,13 @@ public interface PermissionMapper {
@Delete("DELETE FROM organize_oa.oa_permissions where id=#{pid}")
boolean deletePermission(Long pid);
@Select("SELECT * FROM organize_oa.oa_permissions WHERE id IN (#{permissionList})")
List<PermissionDO> permissionGet(String permissionList);
@Select("SELECT * FROM organize_oa.oa_permissions WHERE id = #{pid}")
PermissionDO getPermissionByPid(Long pid);
@Select("SELECT * FROM organize_oa.oa_permissions WHERE pid = #{id}")
List<PermissionDO> getChildPermission(Long id);
}

39
src/main/java/com/jsl/oa/services/impl/PermissionServiceImpl.java
View File

@ -1,5 +1,6 @@
package com.jsl.oa.services.impl;
import com.jsl.oa.dao.PermissionDAO;
import com.jsl.oa.dao.UserDAO;
import com.jsl.oa.mapper.PermissionMapper;
import com.jsl.oa.mapper.RoleMapper;
@ -25,24 +26,26 @@ public class PermissionServiceImpl implements PermissionService {
private final PermissionMapper permissionMapper;
private final RoleMapper roleMapper;
private final PermissionDAO permissionDAO;
private final UserDAO userDAO;
@Override
public BaseResponse permissionAdd(HttpServletRequest request, Long rid, Long pid) {
log.info("\t> 执行 Service 层 PermissionService.permissionAdd 方法");
if(!Processing.checkUserIsAdmin(request,roleMapper)){
if (!Processing.checkUserIsAdmin(request, roleMapper)) {
return ResultUtil.error(ErrorCode.NOT_ADMIN);
}
permissionMapper.permissionAdd(rid,pid);
permissionMapper.permissionAdd(rid, pid);
return ResultUtil.success();
}
@Override
public BaseResponse permissionUser(HttpServletRequest request, Long uid) {
log.info("\t> 执行 Service 层 PermissionService.permissionUser 方法");
if(userDAO.isExistUser(uid)){
List<String> permission = permissionMapper.permissionUser(uid);
return ResultUtil.success(permission);
log.info("\t> 执行 Service 层 PermissionService.permissionUserPid 方法");
if (userDAO.isExistUser(uid)) {
// 获取权限列表信息
List<String> getPermissionForString = permissionDAO.getPermission(uid);
return ResultUtil.success(getPermissionForString);
}
return ResultUtil.error(ErrorCode.USER_NOT_EXIST);
}
@ -52,13 +55,13 @@ public class PermissionServiceImpl implements PermissionService {
public BaseResponse permissionGet(HttpServletRequest request) {
log.info("\t> 执行 Service 层 PermissionService.permissionGet 方法");
//检验用户权限是否为管理员
if(!Processing.checkUserIsAdmin(request,roleMapper)){
if (!Processing.checkUserIsAdmin(request, roleMapper)) {
return ResultUtil.error(ErrorCode.NOT_ADMIN);
}
//获取所有权限数据
List<PermissionDO> permissionDOS = permissionMapper.getAllPermission();
List<PermissionDO> permissionDOList = permissionMapper.getAllPermission();
//将数据按父子类封装
List<PermissionContentVo> permissionContentVos = Processing.convertToVoList(permissionDOS);
List<PermissionContentVo> permissionContentVos = Processing.convertToVoList(permissionDOList);
return ResultUtil.success(permissionContentVos);
}
@ -67,18 +70,18 @@ public class PermissionServiceImpl implements PermissionService {
public BaseResponse permissionEdit(PermissionEditVO permissionEditVo, HttpServletRequest request) {
log.info("\t> 执行 Service 层 PermissionService.permissionEdit 方法");
//检验用户权限是否为管理员
if(!Processing.checkUserIsAdmin(request,roleMapper)){
if (!Processing.checkUserIsAdmin(request, roleMapper)) {
return ResultUtil.error(ErrorCode.NOT_ADMIN);
}
//根据id获取对应permission数据
PermissionDO permissionDO = permissionMapper.permissionGetById(permissionEditVo.getId());
if(permissionDO == null){
PermissionDO permissionDO = permissionMapper.getPermissionById(permissionEditVo.getId());
if (permissionDO == null) {
return ResultUtil.error(ErrorCode.PERMISSION_NOT_EXIST);
}
//传递要编辑的数据
Processing.copyProperties(permissionEditVo,permissionDO);
Processing.copyProperties(permissionEditVo, permissionDO);
//更新permission
if(!permissionMapper.updatePermission(permissionDO)){
if (!permissionMapper.updatePermission(permissionDO)) {
return ResultUtil.error(ErrorCode.DATABASE_UPDATE_ERROR);
}
return ResultUtil.success();
@ -86,17 +89,15 @@ public class PermissionServiceImpl implements PermissionService {
@Override
public BaseResponse permissionDelete(HttpServletRequest request, Long pid) {
log.info("\t> 执行 Service 层 PermissionService.permissionDelete 方法");
//检验用户权限是否为管理员
if(!Processing.checkUserIsAdmin(request,roleMapper)){
if (!Processing.checkUserIsAdmin(request, roleMapper)) {
return ResultUtil.error(ErrorCode.NOT_ADMIN);
}
//删除权限
if(!permissionMapper.deletePermission(pid)){
if (!permissionMapper.deletePermission(pid)) {
return ResultUtil.error(ErrorCode.DATABASE_DELETE_ERROR);
}
return ResultUtil.success();
}
}