增加接口权限相关代码

common/src/main/java/com/jpsoft/employment/modules/sys/dao/PermissionDAO.java

@@ -0,0 +1,20 @@
+package com.jpsoft.employment.modules.sys.dao;
+
+import com.jpsoft.employment.modules.common.dto.Sort;
+import com.jpsoft.employment.modules.sys.entity.Permission;
+import org.apache.ibatis.annotations.Param;
+import org.springframework.stereotype.Repository;
+import java.util.List;
+import java.util.Map;
+
+@Repository
+public interface PermissionDAO {
+	int insert(Permission entity);
+	int update(Permission entity);
+	int exist(@Param("path") String path,@Param("method") String method);
+	Permission get(String id);
+	int delete(String id);
+	List<Permission> list();
+	List<Permission> search(Map<String,Object> searchParams,List<Sort> sortList);
+    int hasPermitted(@Param("userId") String userId,@Param("path") String path,@Param("method") String method);
+}

common/src/main/java/com/jpsoft/employment/modules/sys/dao/RolePermissionDAO.java

@@ -0,0 +1,20 @@
+package com.jpsoft.employment.modules.sys.dao;
+
+import com.jpsoft.employment.modules.common.dto.Sort;
+import com.jpsoft.employment.modules.sys.entity.RolePermission;
+import org.springframework.stereotype.Repository;
+import java.util.List;
+import java.util.Map;
+
+@Repository
+public interface RolePermissionDAO {
+	int insert(RolePermission entity);
+	int update(RolePermission entity);
+	int exist(String id);
+	RolePermission get(String id);
+	int delete(String id);
+	List<RolePermission> list();
+	List<RolePermission> search(Map<String,Object> searchParams, List<Sort> sortList);
+    List<RolePermission> findByRoleId(String roleId);
+	int deleteByRoleId(String roleId);
+}

common/src/main/java/com/jpsoft/employment/modules/sys/entity/Permission.java

@@ -0,0 +1,143 @@
+package com.jpsoft.employment.modules.sys.entity;
+
+import com.fasterxml.jackson.annotation.JsonFormat;
+import org.springframework.format.annotation.DateTimeFormat;
+
+import java.util.Date;
+
+/**
+ 描述:sys_permission的实体类
+ */
+public class Permission {
+	private String id;
+	private String path;
+	private String method;
+	private String summary;
+	private Boolean delFlag;
+	private String createBy;
+	private String updateBy;
+	private Date createTime;
+	private Date updateTime;
+
+	/**
+	 *获取主键
+	 */
+	public String getId(){
+		return id;
+	}
+
+	/**
+	 *设置主键
+	 */
+	public void setId(String id){
+		this.id = id;
+	}
+	/**
+	 *获取访问路径
+	 */
+	public String getPath(){
+		return path;
+	}
+
+	/**
+	 *设置访问路径
+	 */
+	public void setPath(String path){
+		this.path = path;
+	}
+	/**
+	 *获取访问方式
+	 */
+	public String getMethod(){
+		return method;
+	}
+
+	/**
+	 *设置访问方式
+	 */
+	public void setMethod(String method){
+		this.method = method;
+	}
+	/**
+	 *获取简介
+	 */
+	public String getSummary(){
+		return summary;
+	}
+
+	/**
+	 *设置简介
+	 */
+	public void setSummary(String summary){
+		this.summary = summary;
+	}
+	/**
+	 *获取是否删除
+	 */
+	public Boolean getDelFlag(){
+		return delFlag;
+	}
+
+	/**
+	 *设置是否删除
+	 */
+	public void setDelFlag(Boolean delFlag){
+		this.delFlag = delFlag;
+	}
+	/**
+	 *获取创建人
+	 */
+	public String getCreateBy(){
+		return createBy;
+	}
+
+	/**
+	 *设置创建人
+	 */
+	public void setCreateBy(String createBy){
+		this.createBy = createBy;
+	}
+	/**
+	 *获取更新人
+	 */
+	public String getUpdateBy(){
+		return updateBy;
+	}
+
+	/**
+	 *设置更新人
+	 */
+	public void setUpdateBy(String updateBy){
+		this.updateBy = updateBy;
+	}
+	@DateTimeFormat(pattern="yyyy-MM-dd HH:mm")
+	@JsonFormat(pattern = "yyyy-MM-dd HH:mm",timezone ="GMT+8")
+	/**
+	 *获取创建时间
+	 */
+	public Date getCreateTime(){
+		return createTime;
+	}
+
+	/**
+	 *设置创建时间
+	 */
+	public void setCreateTime(Date createTime){
+		this.createTime = createTime;
+	}
+	@DateTimeFormat(pattern="yyyy-MM-dd HH:mm")
+	@JsonFormat(pattern = "yyyy-MM-dd HH:mm",timezone ="GMT+8")
+	/**
+	 *获取更新时间
+	 */
+	public Date getUpdateTime(){
+		return updateTime;
+	}
+
+	/**
+	 *设置更新时间
+	 */
+	public void setUpdateTime(Date updateTime){
+		this.updateTime = updateTime;
+	}
+}

common/src/main/java/com/jpsoft/employment/modules/sys/entity/RolePermission.java

@@ -0,0 +1,129 @@
+package com.jpsoft.employment.modules.sys.entity;
+
+import com.fasterxml.jackson.annotation.JsonFormat;
+import org.springframework.format.annotation.DateTimeFormat;
+
+import java.util.Date;
+
+/**
+  描述:sys_role_permission的实体类
+ */
+public class RolePermission {
+	private String id;
+	private String permId;
+	private String roleId;
+	private Boolean delFlag;
+	private String createBy;
+	private String updateBy;
+	private Date createTime;
+	private Date updateTime;
+	
+		/**
+	 *获取
+	 */
+	public String getId(){
+		return id;
+	}
+	
+	/**
+	 *设置
+	 */
+	public void setId(String id){
+		this.id = id;
+	}
+		/**
+	 *获取
+	 */
+	public String getPermId(){
+		return permId;
+	}
+	
+	/**
+	 *设置
+	 */
+	public void setPermId(String permId){
+		this.permId = permId;
+	}
+		/**
+	 *获取
+	 */
+	public String getRoleId(){
+		return roleId;
+	}
+	
+	/**
+	 *设置
+	 */
+	public void setRoleId(String roleId){
+		this.roleId = roleId;
+	}
+		/**
+	 *获取是否删除
+	 */
+	public Boolean getDelFlag(){
+		return delFlag;
+	}
+	
+	/**
+	 *设置是否删除
+	 */
+	public void setDelFlag(Boolean delFlag){
+		this.delFlag = delFlag;
+	}
+		/**
+	 *获取创建人
+	 */
+	public String getCreateBy(){
+		return createBy;
+	}
+	
+	/**
+	 *设置创建人
+	 */
+	public void setCreateBy(String createBy){
+		this.createBy = createBy;
+	}
+		/**
+	 *获取更新人
+	 */
+	public String getUpdateBy(){
+		return updateBy;
+	}
+	
+	/**
+	 *设置更新人
+	 */
+	public void setUpdateBy(String updateBy){
+		this.updateBy = updateBy;
+	}
+		@DateTimeFormat(pattern="yyyy-MM-dd HH:mm")
+	@JsonFormat(pattern = "yyyy-MM-dd HH:mm",timezone ="GMT+8")
+		/**
+	 *获取创建时间
+	 */
+	public Date getCreateTime(){
+		return createTime;
+	}
+	
+	/**
+	 *设置创建时间
+	 */
+	public void setCreateTime(Date createTime){
+		this.createTime = createTime;
+	}
+		@DateTimeFormat(pattern="yyyy-MM-dd HH:mm")
+	@JsonFormat(pattern = "yyyy-MM-dd HH:mm",timezone ="GMT+8")
+		/**
+	 *获取更新时间
+	 */
+	public Date getUpdateTime(){
+		return updateTime;
+	}
+	
+	/**
+	 *设置更新时间
+	 */
+	public void setUpdateTime(Date updateTime){
+		this.updateTime = updateTime;
+	}
+}

common/src/main/java/com/jpsoft/employment/modules/sys/service/PermissionService.java

@@ -0,0 +1,18 @@
+package com.jpsoft.employment.modules.sys.service;
+
+import com.github.pagehelper.Page;
+import com.jpsoft.employment.modules.common.dto.Sort;
+import com.jpsoft.employment.modules.sys.entity.Permission;
+import java.util.List;
+import java.util.Map;
+
+public interface PermissionService {
+	Permission get(String id);
+	boolean exist(String path, String method);
+	int insert(Permission model);
+	int update(Permission model);
+	int delete(String id);
+	List<Permission> list();
+	Page<Permission> pageSearch(Map<String, Object> searchParams, int pageNum, int pageSize, List<Sort> sortList);
+    boolean hasPermitted(String userId, String path, String method);
+}

common/src/main/java/com/jpsoft/employment/modules/sys/service/RolePermissionService.java

@@ -0,0 +1,22 @@
+package com.jpsoft.employment.modules.sys.service;
+
+import com.github.pagehelper.Page;
+import com.jpsoft.employment.modules.common.dto.Sort;
+import com.jpsoft.employment.modules.sys.entity.RolePermission;
+
+import java.util.List;
+import java.util.Map;
+
+public interface RolePermissionService {
+	RolePermission get(String id);
+	boolean exist(String id);
+	int insert(RolePermission model);
+	int update(RolePermission model);
+	int delete(String id);
+	List<RolePermission> list();
+	Page<RolePermission> pageSearch(Map<String, Object> searchParams, int pageNum, int pageSize, List<Sort> sortList);
+
+    List<RolePermission> findByRoleId(String roleId);
+
+	int deleteByRoleId(String roleId);
+}

common/src/main/resources/mapper/sys/Permission.xml

@@ -0,0 +1,108 @@
+<?xml version="1.0" encoding="UTF-8" ?>
+<!DOCTYPE mapper PUBLIC "-//mybatis.org//DTD Mapper 3.0//EN"
+        "http://mybatis.org/dtd/mybatis-3-mapper.dtd">
+<!-- namespace必须指向DAO接口 -->
+<mapper namespace="com.jpsoft.employment.modules.sys.dao.PermissionDAO">
+    <resultMap id="PermissionMap" type="com.jpsoft.employment.modules.sys.entity.Permission">
+        <id property="id" column="id_"/>
+        <result property="path" column="path_"/>
+        <result property="method" column="method_"/>
+        <result property="summary" column="summary_"/>
+        <result property="delFlag" column="del_flag"/>
+        <result property="createBy" column="create_by"/>
+        <result property="updateBy" column="update_by"/>
+        <result property="createTime" column="create_time"/>
+        <result property="updateTime" column="update_time"/>
+    </resultMap>
+    <insert id="insert" parameterType="com.jpsoft.employment.modules.sys.entity.Permission">
+        <!--
+        <selectKey resultType="java.lang.String" order="BEFORE" keyProperty="id">
+            select sys_guid() from dual
+        </selectKey>
+        -->
+        <![CDATA[
+		insert into sys_permission
+	    (id_,path_,method_,summary_,del_flag,create_by,update_by,create_time,update_time)
+		values
+		(
+            #{id,jdbcType=VARCHAR}
+            ,#{path,jdbcType=VARCHAR}
+            ,#{method,jdbcType=VARCHAR}
+            ,#{summary,jdbcType=VARCHAR}
+            ,#{delFlag,jdbcType= NUMERIC }
+            ,#{createBy,jdbcType=VARCHAR}
+            ,#{updateBy,jdbcType=VARCHAR}
+            ,#{createTime,jdbcType= TIMESTAMP }
+            ,#{updateTime,jdbcType= TIMESTAMP }
+		)
+	]]>
+    </insert>
+    <delete id="delete" parameterType="string">
+        delete from sys_permission where id_=#{id,jdbcType=VARCHAR}
+    </delete>
+    <update id="update" parameterType="com.jpsoft.employment.modules.sys.entity.Permission">
+        update sys_permission
+        <set>
+            <if test="path!=null">
+                path_=#{path,jdbcType=VARCHAR},
+            </if>
+            <if test="method!=null">
+                method_=#{method,jdbcType=VARCHAR},
+            </if>
+            <if test="summary!=null">
+                summary_=#{summary,jdbcType=VARCHAR},
+            </if>
+            <if test="delFlag!=null">
+                del_flag=#{delFlag,jdbcType= NUMERIC },
+            </if>
+            <if test="createBy!=null">
+                create_by=#{createBy,jdbcType=VARCHAR},
+            </if>
+            <if test="updateBy!=null">
+                update_by=#{updateBy,jdbcType=VARCHAR},
+            </if>
+            <if test="createTime!=null">
+                create_time=#{createTime,jdbcType= TIMESTAMP },
+            </if>
+            <if test="updateTime!=null">
+                update_time=#{updateTime,jdbcType= TIMESTAMP },
+            </if>
+        </set>
+        where id_=#{id}
+    </update>
+    <select id="get" parameterType="string" resultMap="PermissionMap">
+        select
+        id_,path_,method_,summary_,del_flag,create_by,update_by,create_time,update_time from sys_permission where
+        id_=#{0}
+    </select>
+    <select id="exist" parameterType="string" resultType="int">
+        select count(*) from sys_permission where path_=#{path} and method_=#{method} and del_flag=0
+    </select>
+    <select id="list" resultMap="PermissionMap">
+        select * from sys_permission where del_flag=0
+    </select>
+    <select id="search" parameterType="hashmap" resultMap="PermissionMap">
+        <![CDATA[
+			select * from sys_permission
+		]]>
+        where del_flag=0
+        <if test="searchParams.path != null">
+            and path_ like #{searchParams.path}
+        </if>
+        <foreach item="sort" collection="sortList" open="order by" separator=",">
+            ${sort.name} ${sort.order}
+        </foreach>
+    </select>
+    <select id="hasPermitted" parameterType="string" resultType="int">
+        select count(*) from
+        sys_user u,sys_user_role ur,sys_role_permission rp,sys_permission p
+        where u.id_=#{userId}
+        and u.id_=ur.user_id
+        and ur.role_id = rp.role_id
+        and rp.perm_id = p.id_
+        and p.path_ = #{path}
+        <if test="method != null">
+            and p.method_ = #{method}
+        </if>
+    </select>
+</mapper>

common/src/main/resources/mapper/sys/RolePermission.xml

@@ -0,0 +1,96 @@
+<?xml version="1.0" encoding="UTF-8" ?>
+<!DOCTYPE mapper PUBLIC "-//mybatis.org//DTD Mapper 3.0//EN"
+"http://mybatis.org/dtd/mybatis-3-mapper.dtd">
+<!-- namespace必须指向DAO接口 -->
+<mapper namespace="com.jpsoft.employment.modules.sys.dao.RolePermissionDAO">
+	<resultMap id="RolePermissionMap" type="com.jpsoft.employment.modules.sys.entity.RolePermission">
+		<id property="id" column="id_" />
+			<result property="permId" column="perm_id" />
+			<result property="roleId" column="role_id" />
+			<result property="delFlag" column="del_flag" />
+			<result property="createBy" column="create_by" />
+			<result property="updateBy" column="update_by" />
+			<result property="createTime" column="create_time" />
+			<result property="updateTime" column="update_time" />
+			</resultMap>
+	<insert id="insert" parameterType="com.jpsoft.employment.modules.sys.entity.RolePermission">
+	<!--
+	<selectKey resultType="java.lang.String" order="BEFORE" keyProperty="id">
+		select sys_guid() from dual
+	</selectKey>
+	-->
+	<![CDATA[
+		insert into sys_role_permission
+	    (id_,perm_id,role_id,del_flag,create_by,update_by,create_time,update_time)
+		values
+		(
+#{id,jdbcType=VARCHAR}
+,#{permId,jdbcType=VARCHAR}
+,#{roleId,jdbcType=VARCHAR}
+,#{delFlag,jdbcType= NUMERIC }
+,#{createBy,jdbcType=VARCHAR}
+,#{updateBy,jdbcType=VARCHAR}
+,#{createTime,jdbcType= TIMESTAMP }
+,#{updateTime,jdbcType= TIMESTAMP }
+		)
+	]]>
+	</insert>
+	<delete id="delete" parameterType="string">
+		delete from sys_role_permission where id_=#{id,jdbcType=VARCHAR}
+	</delete>
+	<delete id="deleteByRoleId" parameterType="string">
+		delete from sys_role_permission where role_id=#{0}
+	</delete>
+	<update id="update" parameterType="com.jpsoft.employment.modules.sys.entity.RolePermission">
+		update sys_role_permission
+		<set>
+				<if test="permId!=null">
+		perm_id=#{permId,jdbcType=VARCHAR},
+		</if>
+				<if test="roleId!=null">
+		role_id=#{roleId,jdbcType=VARCHAR},
+		</if>
+				<if test="delFlag!=null">
+		del_flag=#{delFlag,jdbcType= NUMERIC },
+		</if>
+				<if test="createBy!=null">
+		create_by=#{createBy,jdbcType=VARCHAR},
+		</if>
+				<if test="updateBy!=null">
+		update_by=#{updateBy,jdbcType=VARCHAR},
+		</if>
+				<if test="createTime!=null">
+		create_time=#{createTime,jdbcType= TIMESTAMP },
+		</if>
+				<if test="updateTime!=null">
+		update_time=#{updateTime,jdbcType= TIMESTAMP },
+		</if>
+		</set>
+	where id_=#{id}
+	</update>
+	<select id="get" parameterType="string" resultMap="RolePermissionMap">
+		select * from sys_role_permission where id_=#{0}
+	</select>
+	<select id="exist" parameterType="string" resultType="int">
+		select count(*) from sys_role_permission where id_=#{0}
+	</select>
+	<select id="list" resultMap="RolePermissionMap">
+		select * from sys_role_permission
+	</select>
+	<select id="search" parameterType="hashmap" resultMap="RolePermissionMap">
+		<![CDATA[
+			select * from sys_role_permission
+		]]>
+		<where>
+			<if test="searchParams.id != null">
+				and ID_ like #{searchParams.id}
+			</if>
+		</where>
+		<foreach item="sort" collection="sortList"  open="order by" separator=",">
+	        ${sort.name} ${sort.order}
+	 	</foreach>
+	</select>
+	<select id="findByRoleId" parameterType="string" resultMap="RolePermissionMap">
+		select * from sys_role_permission where role_id=#{0}
+	</select>
+</mapper>

web/src/main/java/com/jpsoft/employment/modules/sys/controller/PermissionController.java

@@ -0,0 +1,310 @@
+package com.jpsoft.employment.modules.sys.controller;
+
+import com.github.pagehelper.Page;
+import com.jpsoft.employment.modules.common.dto.MessageResult;
+import com.jpsoft.employment.modules.common.dto.Sort;
+import com.jpsoft.employment.modules.common.utils.PojoUtils;
+import com.jpsoft.employment.modules.sys.entity.Permission;
+import com.jpsoft.employment.modules.sys.service.PermissionService;
+import com.jpsoft.employment.modules.sys.service.RolePermissionService;
+import io.swagger.annotations.ApiOperation;
+import org.apache.commons.lang3.StringUtils;
+import org.slf4j.Logger;
+import org.slf4j.LoggerFactory;
+import org.springframework.beans.factory.annotation.Autowired;
+import org.springframework.web.bind.annotation.*;
+
+import java.util.*;
+
+@RestController
+@RequestMapping("/sys/permission")
+public class PermissionController {
+    private Logger logger = LoggerFactory.getLogger(getClass());
+
+    @Autowired
+    private PermissionService permissionService;
+
+    @Autowired
+    private RolePermissionService rolePermissionService;
+
+    @ApiOperation(value="创建空记录")
+    @GetMapping("create")
+    public MessageResult<Permission> create(){
+        MessageResult<Permission> msgResult = new MessageResult<>();
+
+        Permission permission = new Permission();
+
+        msgResult.setData(permission);
+        msgResult.setResult(true);
+
+        return msgResult;
+    }
+
+    @ApiOperation(value="批量导入")
+    @PostMapping("batchImport")
+    public MessageResult<Integer> batchImport(@RequestBody List<Permission> permList,@RequestAttribute String subject){
+        MessageResult<Integer> msgResult = new MessageResult<>();
+
+        try {
+            int affectCount = 0;
+
+            for (Permission permission : permList) {
+                if(!permissionService.exist(permission.getPath(),permission.getMethod())){
+                    permission.setId(UUID.randomUUID().toString());
+                    permission.setDelFlag(false);
+                    permission.setCreateBy(subject);
+                    permission.setCreateTime(new Date());
+
+                    affectCount += permissionService.insert(permission);
+                }
+            }
+
+            if (affectCount > 0) {
+                msgResult.setResult(true);
+                msgResult.setData(affectCount);
+            } else {
+                msgResult.setResult(false);
+                msgResult.setMessage("未导入新记录!");
+            }
+        }
+        catch(Exception ex){
+            logger.error(ex.getMessage(),ex);
+
+            msgResult.setResult(false);
+            msgResult.setMessage(ex.getMessage());
+        }
+
+        return msgResult;
+    }
+    
+    @ApiOperation(value="添加信息")
+    @PostMapping("add")
+    public MessageResult<Permission> add(@RequestBody Permission permission,@RequestAttribute String subject){
+        MessageResult<Permission> msgResult = new MessageResult<>();
+
+        try {
+            permission.setId(UUID.randomUUID().toString());
+            permission.setDelFlag(false);
+            permission.setCreateBy(subject);
+            permission.setCreateTime(new Date());
+            
+            int affectCount = permissionService.insert(permission);
+
+            if (affectCount > 0) {
+                msgResult.setResult(true);
+                msgResult.setData(permission);
+            } else {
+                msgResult.setResult(false);
+                msgResult.setMessage("数据库添加失败");
+            }
+        }
+        catch(Exception ex){
+            logger.error(ex.getMessage(),ex);
+
+            msgResult.setResult(false);
+            msgResult.setMessage(ex.getMessage());
+        }
+
+        return msgResult;
+    }
+
+    @ApiOperation(value="获取信息")
+    @GetMapping("edit/{id}")
+    public MessageResult<Permission> edit(@PathVariable("id") String id){
+        MessageResult<Permission> msgResult = new MessageResult<>();
+
+        try {
+            Permission permission = permissionService.get(id);
+
+            if (permission != null) {
+                msgResult.setResult(true);
+                msgResult.setData(permission);
+            } else {
+                msgResult.setResult(false);
+                msgResult.setMessage("数据库不存在该记录!");
+            }
+        }
+        catch(Exception ex){
+            logger.error(ex.getMessage(),ex);
+
+            msgResult.setResult(false);
+            msgResult.setMessage(ex.getMessage());
+        }
+
+        return msgResult;
+    }
+
+    @ApiOperation(value="更新用户")
+    @PostMapping("update")
+    public MessageResult<Permission> update(@RequestBody Permission permission,@RequestAttribute String subject){
+        MessageResult<Permission> msgResult = new MessageResult<>();
+
+        try {
+            permission.setUpdateBy(subject);
+            permission.setUpdateTime(new Date());
+            
+            int affectCount = permissionService.update(permission);
+
+            if (affectCount > 0) {
+                msgResult.setResult(true);
+                msgResult.setData(permission);
+            } else {
+                msgResult.setResult(false);
+                msgResult.setMessage("数据库更新失败");
+            }
+        }
+        catch(Exception ex){
+            logger.error(ex.getMessage(),ex);
+
+            msgResult.setResult(false);
+            msgResult.setMessage(ex.getMessage());
+        }
+
+        return msgResult;
+    }
+
+	@ApiOperation(value="删除")
+    @PostMapping("delete/{id}")
+    public MessageResult<Integer> delete(@PathVariable("id") String id,@RequestAttribute String subject){
+        MessageResult<Integer> msgResult = new MessageResult<>();
+
+        try {
+            Permission permission = permissionService.get(id);
+            permission.setDelFlag(true);
+            permission.setUpdateBy(subject);
+            permission.setUpdateTime(new Date());
+
+            int affectCount = permissionService.update(permission);
+
+            if (affectCount > 0) {
+                msgResult.setResult(true);
+                msgResult.setData(affectCount);
+            } else {
+                msgResult.setResult(false);
+                msgResult.setMessage("删除失败");
+            }
+        }
+        catch(Exception ex){
+            logger.error(ex.getMessage(),ex);
+
+            msgResult.setResult(false);
+            msgResult.setMessage(ex.getMessage());
+        }
+
+        return msgResult;
+    }
+
+    @ApiOperation(value="获取所有权限")
+    @GetMapping(value = "selectAll")
+    public MessageResult<List> selectAll(){
+        MessageResult<List> msgResult = new MessageResult<>();
+
+        try {
+            List<Permission> perms = permissionService.list();
+
+            msgResult.setResult(true);
+            msgResult.setData(perms);
+        }
+        catch(Exception ex){
+            logger.error(ex.getMessage(),ex);
+
+            msgResult.setResult(false);
+            msgResult.setMessage(ex.getMessage());
+        }
+
+        return msgResult;
+    }
+
+    @ApiOperation(value="批量删除")
+    @PostMapping("batchDelete")
+    public MessageResult<Integer> batchDelete(@RequestBody List<String> idList,@RequestAttribute String subject){
+        MessageResult<Integer> msgResult = new MessageResult<>();
+
+        try {
+            int affectCount = 0;
+
+            for (String id : idList) {
+                Permission permission = permissionService.get(id);
+                permission.setDelFlag(true);
+                permission.setUpdateBy(subject);
+                permission.setUpdateTime(new Date());
+
+                affectCount += permissionService.update(permission);
+            }
+
+            if (affectCount > 0) {
+                msgResult.setResult(true);
+                msgResult.setData(affectCount);
+            } else {
+                msgResult.setResult(false);
+                msgResult.setMessage("删除失败");
+            }
+        }
+        catch(Exception ex){
+            logger.error(ex.getMessage(),ex);
+
+            msgResult.setResult(false);
+            msgResult.setMessage(ex.getMessage());
+        }
+
+        return msgResult;
+    }
+
+    @ApiOperation(value="列表")
+    @RequestMapping(value = "pageList",method = RequestMethod.POST)
+    public MessageResult<Map> pageList(
+            String path,
+            @RequestParam(name="pageIndex",defaultValue = "1") int pageIndex,
+            @RequestParam(name="pageSize",defaultValue = "10") int pageSize,
+            @RequestAttribute String subject){
+
+        //当前用户ID
+        System.out.println(subject);
+
+        MessageResult<Map> msgResult = new MessageResult<>();
+
+        Map<String,Object> searchParams = new HashMap<>();
+
+        List<Sort> sortList = new ArrayList<>();
+        sortList.add(new Sort("path_","asc"));
+
+        if (StringUtils.isNotEmpty(path)) {
+            searchParams.put("path","%" + path + "%");
+        }
+
+        Page<Permission> page = permissionService.pageSearch(searchParams,pageIndex,pageSize,sortList);
+
+        msgResult.setResult(true);
+        msgResult.setData(PojoUtils.pageWrapper(page));
+
+        return msgResult;
+    }
+
+    @PostMapping("hasPermission")
+    @ApiOperation(value="是否拥有权限")
+    public MessageResult<String> hasPermission(String path,String method,@RequestAttribute String subject){
+        MessageResult<String> messageResult = new MessageResult<>();
+
+        try {
+            String data = null;
+
+            String userId = subject;
+
+            boolean permitted = permissionService.hasPermitted(userId, path, method);
+
+            messageResult.setResult(permitted);
+
+            if (!permitted){
+                messageResult.setMessage("当前用户无权限访问该接口!");
+            }
+        }
+        catch (Exception ex){
+            logger.error(ex.getMessage(),ex);
+
+            messageResult.setResult(false);
+            messageResult.setMessage(ex.getMessage());
+        }
+
+        return messageResult;
+    }
+}