Home Explore Help
Register Sign In
chenwen
/
zl-opd-server
1
0
Fork 0
Files Issues 0 Pull Requests 0 Wiki
Browse Source

权限控制调整,增加权限分配接口

chenwen 2 years ago
parent
f30771e3a9
commit
5ebc99bc45
4 changed files with 74 additions and 18 deletions
Split View Show Diff Stats
  1. 2 1
      src/main/java/com/hb/proj/allconfig/APICallFilter.java
  2. 32 4
      src/main/java/com/hb/proj/auth/controller/AuthController.java
  3. 39 13
      src/main/java/com/hb/proj/auth/service/AuthService.java
  4. 1 0
      src/main/java/com/hb/proj/sys/service/RoleService.java

+ 2 - 1
src/main/java/com/hb/proj/allconfig/APICallFilter.java
View File 

@@ -73,7 +73,8 @@ public class APICallFilter extends OncePerRequestFilter {
 
 			return RespVOBuilder.unIdentify();
 
 		}
 
 		
-		return accessToken.verify(reqUri)?null:RespVOBuilder.noAuth("权限不足");
 
+		//return accessToken.verify(reqUri)?null:RespVOBuilder.noAuth("权限不足"); //暂不启用功能权限
 
+		return null;
 
 	}
 
     
     private boolean isExcludePath(String path)

+ 32 - 4
src/main/java/com/hb/proj/auth/controller/AuthController.java
View File 

@@ -1,5 +1,6 @@
 
 package com.hb.proj.auth.controller;
 
 
+import java.util.HashMap;
 
 import java.util.List;
 
 import java.util.Map;
 
 
@@ -40,7 +41,7 @@ public class AuthController {
 
 		if(token==null){
 
 			return RespVOBuilder.error("缺少登录信息");
 
 		}
 
-		return RespVOBuilder.ok(token.isSuperAdminIf()?service.loadAllMenus():service.loadMyMenus(token.getTokenId()));
 
+		return RespVOBuilder.ok(token.isSuperAdminIf()?service.loadAllMenus():service.loadMyRoleMenus(token.getTokenId()));
 
 		
 	}
 
 	
@@ -73,16 +74,43 @@ public class AuthController {
 
 		return RespVOBuilder.ok();
 
 	}
 
 	
+	
+	/**
 
+	 * 加载指定角色的菜单权限、数据权限
 
+	 * @param roleId
 
+	 * @param response
 
+	 * @return
 
+	 */
 
 	@RequestMapping("/loadRoleAuth")
 
 	public RespVO<Object> loadRoleAuth(@NotBlank(message = "缺少角色信息") String roleId,HttpServletResponse response){
 
-		return RespVOBuilder.ok(service.loadRoleAuth(roleId));
 
+		Map<String,Object> auth=new HashMap<String,Object>();
 
+		auth.put("menus",service.loadRoleMenus(roleId));
 
+		auth.put("authDatas",service.loadRoleDataAuth(roleId));
 
+		return RespVOBuilder.ok(auth);
 
 	}
 
 	
 	
+	/**
 
+	 * 权限分配结果保存
 
+	 * @param roleId
 
+	 * @param authIds
 
+	 * @param authType
 
+	 * @param token
 
+	 * @return
 
+	 */
 
 	@RequestMapping("/saveRoleAuth")
 
-	public RespVO<Object> saveRoleAuth(@NotBlank(message = "缺少角色信息") String roleId,@NotBlank(message = "缺少已分配数据") String authIds){
 
+	public RespVO<Object> saveRoleAuth(@NotBlank(message = "缺少角色信息") String roleId,
 
+			@NotBlank(message = "缺少已分配数据") String authIds,
 
+			@NotBlank(message = "缺少权限类型") String authType,
 
+			AccessToken token
 
+			){
 
+		if("menu".equals(authType)) {
 
+			service.saveRoleMenu(roleId, authIds,token.getUsName());
 
+		}
 
+		else if("data".equals(authType)) {
 
+			service.saveRoleData(roleId, authIds,token.getUsName());
 
+		}
 
 		
-		service.saveRoleAuth(roleId, authIds);
 
 		return RespVOBuilder.ok();
 
 	}
 
 }

+ 39 - 13
src/main/java/com/hb/proj/auth/service/AuthService.java
View File 

@@ -5,6 +5,7 @@ import java.util.Date;
 
 import java.util.HashMap;
 
 import java.util.List;
 
 import java.util.Map;
 
+import java.util.Set;
 
 
 import org.springframework.beans.factory.annotation.Autowired;
 
 import org.springframework.stereotype.Service;
 
@@ -40,13 +41,13 @@ public class AuthService {
 
 		StringBuilder sql=new StringBuilder();
 
 		
 		sql.append("select distinct tm.* from tsys_menu tm  inner join  ( ");
 
-		sql.append("select rm.menu_id,m.menu_name,m.assist_code from tsys_user_role ur  ");
 
-		sql.append("inner join  tsys_role_menu rm on ur.role_id=rm.role_id ");
 
-		sql.append("inner join tsys_menu m  on rm.menu_id=m.menu_id ");
 
-		sql.append("where ur.user_id=? ");
 
-		sql.append(") tf on tf.assist_code like concat(tm.assist_code,'%') ");
 
+		sql.append(" select rm.menu_id,m.menu_name,m.assist_code from tsys_user_role ur  ");
 
+		sql.append(" inner join  tsys_role_menu rm on ur.role_id=rm.role_id ");
 
+		sql.append(" inner join tsys_menu m  on rm.menu_id=m.menu_id ");
 
+		sql.append(" where ur.user_id=? ");
 
+		sql.append(" ) tf on tf.assist_code like concat(tm.assist_code,'%') ");
 
 		sql.append(" where tm.del_if=false");
 
-		sql.append("order by display_num ");
 
+		sql.append(" order by display_num ");
 
 				
 		return dao.queryForList(sql.toString(), usId);
 
 	}
 
@@ -95,29 +96,54 @@ public class AuthService {
 
 		dao.executeBatchUpdate(datas, preSQL);
 
 	}
 
 	
-	public List<Map<String,Object>>  loadRoleAuth(String roleId){
 
-		String sql="select menu_id id from tsys_role_menu where role_id=? and del_if=false";
 
-		return dao.queryForList(sql,roleId);
 
+	public Set<String>  loadRoleMenus(String roleId){
 
+		String sql="select menu_id,role_id  from tsys_role_menu where role_id=?";
 
+		Map<String,Object> mapping=dao.queryForMapping(sql, "menu_id", "role_id", roleId);
 
+		return mapping!=null&&mapping.size()>0?mapping.keySet():null;
 
 	}
 
 	
-	public void saveRoleAuth(String roleId,String authIds){
 
+	public Set<String>  loadRoleDataAuth(String roleId){
 
+		String sql="select data_id,role_id  from tsys_role_data_auth where role_id=?";
 
+		Map<String,Object> mapping=dao.queryForMapping(sql, "data_id", "role_id", roleId);
 
+		return mapping!=null&&mapping.size()>0?mapping.keySet():null;
 
+	}
 
+	
+	public void saveRoleMenu(String roleId,String authIds,String curUsName){
 
 		String sql="delete from tsys_role_menu where role_id=?";
 
-		dao.getJdbcTemplate().update(sql, roleId);
 
+		dao.exeUpdate(sql, roleId);
 
 		String[] ids=authIds.split(",");
 
 		List<Map<String,Object>> datas=new ArrayList<Map<String,Object>>(ids.length);
 
 		UUIDHexGenerator uuid=UUIDHexGenerator.getInstance();
 
 		Map<String,Object> d=null;
 
-		SessionUser su=SessionThreadLocal.getSessionUser();
 
 		for(String id : ids){
 
 			d=new HashMap<String,Object>();
 
 			d.put("recordId", uuid.generate());
 
 			d.put("roleId", roleId);
 
 			d.put("menuId", id);
 
 			d.put("modifyTime", new Date());
 
-			d.put("modifyBy", su!=null?su.getUserName():null);
 
+			d.put("modifyBy",curUsName);
 
 			datas.add(d);
 
 		}
 
 		PreparedSQLArgs preSQL=UpdateHandler.getInsertPreparedSQL(datas.get(0), "tsys_role_menu");
 
 		dao.executeBatchUpdate(datas, preSQL);
 
 	}
 
+	
+	public void saveRoleData(String roleId,String authIds,String curUsName){
 
+		dao.exeUpdate("delete from tsys_role_data_auth where role_id=?", roleId);
 
+		String[] ids=authIds.split(",");
 
+		List<Map<String,Object>> datas=new ArrayList<Map<String,Object>>(ids.length);
 
+		UUIDHexGenerator uuid=UUIDHexGenerator.getInstance();
 
+		Map<String,Object> d=null;
 
+		for(String id : ids){
 
+			d=new HashMap<String,Object>();
 
+			d.put("recordId", uuid.generate());
 
+			d.put("roleId", roleId);
 
+			d.put("dataId", id);
 
+			d.put("modifyTime", new Date());
 
+			d.put("modifyBy", curUsName);
 
+			datas.add(d);
 
+		}
 
+		PreparedSQLArgs preSQL=UpdateHandler.getInsertPreparedSQL(datas.get(0), "tsys_role_data_auth");
 
+		dao.executeBatchUpdate(datas, preSQL);
 
+	}
 
 }

+ 1 - 0
src/main/java/com/hb/proj/sys/service/RoleService.java
View File 

@@ -18,6 +18,7 @@ public class RoleService {
 
 
 	@Autowired
 
 	private SpringJdbcDAO  dao;
 
+	
 	public List<RoleVO>  loadAll(){
 
 		return dao.queryForList("select * from tsys_role where del_if=false",RoleVO.class);
 
 	}