mirror of
https://github.com/hs-web/hsweb-framework.git
synced 2026-06-01 10:21:26 +08:00
优化权限配置
This commit is contained in:
zhouhao
@@ -35,15 +35,17 @@ public class AuthorizationListenerDispatcher {
|
||||
}
|
||||
|
||||
@SuppressWarnings("unchecked")
|
||||
public <E extends AuthorizationEvent> void doEvent(Class<E> eventType, E event) {
|
||||
public <E extends AuthorizationEvent> int doEvent(Class<E> eventType, E event) {
|
||||
List<AuthorizationListener<E>> store = (List) listenerStore.get(eventType);
|
||||
if (null != store) {
|
||||
store.forEach(listener -> listener.on(event));
|
||||
return store.size();
|
||||
}
|
||||
return 0;
|
||||
}
|
||||
|
||||
@SuppressWarnings("unchecked")
|
||||
public <E extends AuthorizationEvent> void doEvent(E event) {
|
||||
doEvent((Class<E>) event.getClass(), event);
|
||||
public <E extends AuthorizationEvent> int doEvent(E event) {
|
||||
return doEvent((Class<E>) event.getClass(), event);
|
||||
}
|
||||
}
|
||||
|
||||
@@ -87,6 +87,12 @@ public interface TreeSupportEntity<PK> extends GenericEntity<PK> {
|
||||
parent.setPath(RandomUtil.randomChar(4));
|
||||
if (parent.getPath() != null)
|
||||
parent.setLevel(parent.getPath().split("-").length);
|
||||
if (parent instanceof SortSupportEntity) {
|
||||
Long index = ((SortSupportEntity) parent).getSortIndex();
|
||||
if (null == index) {
|
||||
((SortSupportEntity) parent).setSortIndex(1L);
|
||||
}
|
||||
}
|
||||
}
|
||||
if (children != null) {
|
||||
PK pid = parent.getId();
|
||||
|
||||
@@ -25,6 +25,7 @@ import org.hswebframework.web.id.IDGenerator;
|
||||
import org.hswebframework.utils.ClassUtils;
|
||||
import org.springframework.transaction.annotation.Transactional;
|
||||
|
||||
import java.util.ArrayList;
|
||||
import java.util.List;
|
||||
|
||||
/**
|
||||
@@ -117,6 +118,7 @@ public abstract class GenericEntityService<E extends GenericEntity<PK>, PK>
|
||||
|
||||
@Override
|
||||
public List<E> selectByPk(List<PK> id) {
|
||||
if (id == null || id.isEmpty()) return new ArrayList<>();
|
||||
return createQuery().where().in(GenericEntity.id, id).listNoPaging();
|
||||
}
|
||||
}
|
||||
|
||||
@@ -89,7 +89,9 @@ import java.util.stream.Stream;
|
||||
@EnableCaching
|
||||
@EnableAspectJAutoProxy
|
||||
@EnableAccessLogger
|
||||
public class SpringBootExample implements CommandLineRunner {
|
||||
public class SpringBootExample
|
||||
// implements CommandLineRunner
|
||||
{
|
||||
|
||||
@Bean
|
||||
public AccessLoggerListener accessLoggerListener() {
|
||||
@@ -172,7 +174,7 @@ public class SpringBootExample implements CommandLineRunner {
|
||||
SpringApplication.run(SpringBootExample.class);
|
||||
}
|
||||
|
||||
@Override
|
||||
// @Override
|
||||
public void run(String... strings) throws Exception {
|
||||
//只能查询自己创建的数据
|
||||
DataAccessEntity accessEntity = new DataAccessEntity();
|
||||
@@ -213,6 +215,7 @@ public class SpringBootExample implements CommandLineRunner {
|
||||
// permission.setDataAccess(Arrays.asList(accessEntity, updateAccessEntity, denyUpdateFields, denyUpdateFields, onlyDepartmentData));
|
||||
permissionService.insert(permission);
|
||||
|
||||
|
||||
//角色
|
||||
BindPermissionRoleEntity<PermissionRoleEntity> roleEntity = entityFactory.newInstance(BindPermissionRoleEntity.class);
|
||||
SimplePermissionRoleEntity permissionRoleEntity = new SimplePermissionRoleEntity();
|
||||
|
||||
@@ -4,7 +4,7 @@ spring:
|
||||
auto: true
|
||||
proxy-target-class: true
|
||||
datasource:
|
||||
url : jdbc:h2:mem:examples
|
||||
url : jdbc:h2:file:./data
|
||||
username : sa
|
||||
password :
|
||||
type: com.alibaba.druid.pool.DruidDataSource
|
||||
|
||||
@@ -32,6 +32,8 @@ import org.hswebframework.web.controller.message.ResponseMessage;
|
||||
import org.hswebframework.web.entity.authorization.UserEntity;
|
||||
import org.hswebframework.web.logging.AccessLogger;
|
||||
import org.hswebframework.web.service.authorization.UserService;
|
||||
import org.slf4j.Logger;
|
||||
import org.slf4j.LoggerFactory;
|
||||
import org.springframework.beans.factory.annotation.Autowired;
|
||||
import org.springframework.web.bind.annotation.*;
|
||||
|
||||
@@ -49,6 +51,8 @@ import static org.hswebframework.web.controller.message.ResponseMessage.ok;
|
||||
@Api(tags = "hsweb-authorization", description = "提供基本的授权功能")
|
||||
public class AuthorizationController {
|
||||
|
||||
private Logger logger = LoggerFactory.getLogger(this.getClass());
|
||||
|
||||
@Autowired
|
||||
private UserService userService;
|
||||
|
||||
@@ -107,7 +111,10 @@ public class AuthorizationController {
|
||||
// 验证通过
|
||||
Authentication authentication = authenticationInitializeService.initUserAuthorization(entity.getId());
|
||||
AuthorizationSuccessEvent event = new AuthorizationSuccessEvent(authentication, parameterGetter);
|
||||
authorizationListenerDispatcher.doEvent(event);
|
||||
int size = authorizationListenerDispatcher.doEvent(event);
|
||||
if (size == 0) {
|
||||
logger.warn("not found any AuthorizationSuccessEvent,access control maybe disabled!");
|
||||
}
|
||||
return ok(entity.getId());
|
||||
} catch (Exception e) {
|
||||
AuthorizationFailedEvent failedEvent = new AuthorizationFailedEvent(username, password, parameterGetter, reason);
|
||||
|
||||
@@ -17,13 +17,18 @@
|
||||
|
||||
package org.hswebframework.web.controller.authorization;
|
||||
|
||||
import org.hswebframework.web.authorization.Permission;
|
||||
import org.hswebframework.web.authorization.annotation.Authorize;
|
||||
import org.hswebframework.web.commons.entity.param.QueryParamEntity;
|
||||
import org.hswebframework.web.controller.GenericEntityController;
|
||||
import org.hswebframework.web.controller.SimpleGenericEntityController;
|
||||
import org.hswebframework.web.controller.message.ResponseMessage;
|
||||
import org.hswebframework.web.entity.authorization.AuthorizationSettingEntity;
|
||||
import org.hswebframework.web.logging.AccessLogger;
|
||||
import org.hswebframework.web.service.authorization.AuthorizationSettingService;
|
||||
import org.springframework.beans.factory.annotation.Autowired;
|
||||
import org.springframework.web.bind.annotation.GetMapping;
|
||||
import org.springframework.web.bind.annotation.PathVariable;
|
||||
import org.springframework.web.bind.annotation.RequestMapping;
|
||||
import org.springframework.web.bind.annotation.RestController;
|
||||
|
||||
@@ -36,15 +41,10 @@ import org.springframework.web.bind.annotation.RestController;
|
||||
@RequestMapping("${hsweb.web.mappings.autz-setting:autz-setting}")
|
||||
@Authorize(permission = "autz-setting")
|
||||
@AccessLogger("权限设置")
|
||||
public class AuthorizationSettingController implements GenericEntityController<AuthorizationSettingEntity, String, QueryParamEntity, AuthorizationSettingEntity> {
|
||||
public class AuthorizationSettingController implements SimpleGenericEntityController<AuthorizationSettingEntity, String, QueryParamEntity> {
|
||||
|
||||
private AuthorizationSettingService authorizationSettingService;
|
||||
|
||||
@Override
|
||||
public AuthorizationSettingEntity modelToEntity(AuthorizationSettingEntity model, AuthorizationSettingEntity entity) {
|
||||
return model;
|
||||
}
|
||||
|
||||
@Autowired
|
||||
public void setAuthorizationSettingService(AuthorizationSettingService authorizationSettingService) {
|
||||
this.authorizationSettingService = authorizationSettingService;
|
||||
@@ -54,4 +54,11 @@ public class AuthorizationSettingController implements GenericEntityController<A
|
||||
public AuthorizationSettingService getService() {
|
||||
return authorizationSettingService;
|
||||
}
|
||||
|
||||
@GetMapping("/{type}/{settingFor}")
|
||||
@Authorize(action = Permission.ACTION_GET)
|
||||
@AccessLogger("根据type和settingFor获取配置")
|
||||
public ResponseMessage<AuthorizationSettingEntity> select(@PathVariable String type, @PathVariable String settingFor) {
|
||||
return ResponseMessage.ok(authorizationSettingService.select(type, settingFor));
|
||||
}
|
||||
}
|
||||
|
||||
@@ -55,8 +55,6 @@ public class MenuController implements SimpleGenericEntityController<MenuEntity,
|
||||
|
||||
private MenuService menuService;
|
||||
|
||||
private MenuGroupService menuGroupService;
|
||||
|
||||
private UserMenuManagerService userMenuManagerService;
|
||||
|
||||
@Autowired
|
||||
@@ -64,11 +62,6 @@ public class MenuController implements SimpleGenericEntityController<MenuEntity,
|
||||
this.menuService = menuService;
|
||||
}
|
||||
|
||||
@Autowired
|
||||
public void setMenuGroupService(MenuGroupService menuGroupService) {
|
||||
this.menuGroupService = menuGroupService;
|
||||
}
|
||||
|
||||
@Autowired
|
||||
public void setUserMenuManagerService(UserMenuManagerService userMenuManagerService) {
|
||||
this.userMenuManagerService = userMenuManagerService;
|
||||
|
||||
@@ -45,6 +45,10 @@
|
||||
delete from s_autz_detail where u_id =#{id}
|
||||
</delete>
|
||||
|
||||
<select id="selectBySettingId" parameterType="String" resultMap="AuthorizationSettingDetailResultMap">
|
||||
select * from s_autz_detail where setting_id =#{setting_id}
|
||||
</select>
|
||||
|
||||
<delete id="delete" parameterType="org.hswebframework.web.commons.entity.Entity">
|
||||
<include refid="config"/>
|
||||
<include refid="BasicMapper.buildDeleteSql"/>
|
||||
|
||||
@@ -21,10 +21,12 @@
|
||||
<mapper namespace="org.hswebframework.web.dao.authorization.AuthorizationSettingDao">
|
||||
<resultMap id="AuthorizationSettingResultMap" type="org.hswebframework.web.entity.authorization.SimpleAuthorizationSettingEntity">
|
||||
<id property="id" column="u_id" javaType="string" jdbcType="VARCHAR"/>
|
||||
<result property="type" column="type" javaType="String" jdbcType="VARCHAR"/>
|
||||
<result property="settingFor" column="setting_for" javaType="String" jdbcType="VARCHAR"/>
|
||||
<result property="status" column="status" javaType="Byte" jdbcType="DECIMAL"/>
|
||||
<result property="describe" column="describe" javaType="String" jdbcType="VARCHAR"/>
|
||||
<result property="type" column="type" javaType="String" jdbcType="VARCHAR"/>
|
||||
<result property="settingFor" column="setting_for" javaType="String" jdbcType="VARCHAR"/>
|
||||
<result property="status" column="status" javaType="Byte" jdbcType="DECIMAL"/>
|
||||
<result property="describe" column="describe" javaType="String" jdbcType="VARCHAR"/>
|
||||
<collection property="menus" column="u_id" select="org.hswebframework.web.dao.authorization.AuthorizationSettingMenuDao.selectBySettingId"/>
|
||||
<collection property="details" column="u_id" select="org.hswebframework.web.dao.authorization.AuthorizationSettingDetailDao.selectBySettingId"/>
|
||||
</resultMap>
|
||||
|
||||
<!--用于动态生成sql所需的配置-->
|
||||
@@ -32,8 +34,8 @@
|
||||
<bind name="resultMapId" value="'AuthorizationSettingResultMap'"/>
|
||||
<bind name="tableName" value="'s_autz_setting'"/>
|
||||
</sql>
|
||||
|
||||
<insert id="insert" parameterType="org.hswebframework.web.entity.authorization.SimpleAuthorizationSettingEntity" >
|
||||
|
||||
<insert id="insert" parameterType="org.hswebframework.web.entity.authorization.SimpleAuthorizationSettingEntity">
|
||||
<include refid="config"/>
|
||||
<include refid="BasicMapper.buildInsertSql"/>
|
||||
</insert>
|
||||
|
||||
@@ -46,6 +46,11 @@
|
||||
delete from s_autz_menu where u_id =#{id}
|
||||
</delete>
|
||||
|
||||
<select id="selectBySettingId" parameterType="String" resultMap="AuthorizationSettingMenuResultMap">
|
||||
select * from s_autz_menu where setting_id =#{setting_id}
|
||||
</select>
|
||||
|
||||
|
||||
<delete id="delete" parameterType="org.hswebframework.web.commons.entity.Entity">
|
||||
<include refid="config"/>
|
||||
<include refid="BasicMapper.buildDeleteSql"/>
|
||||
|
||||
@@ -16,7 +16,6 @@
|
||||
*/
|
||||
package org.hswebframework.web.entity.authorization;
|
||||
|
||||
import org.hswebframework.web.commons.entity.GenericEntity;
|
||||
import org.hswebframework.web.commons.entity.TreeSortSupportEntity;
|
||||
|
||||
import java.util.List;
|
||||
|
||||
@@ -100,7 +100,7 @@ public class SimpleAuthorizationSettingMenuEntity extends SimpleTreeSortSupportE
|
||||
}
|
||||
|
||||
@Override
|
||||
public void setChildren(List<AuthorizationSettingMenuEntity> chidren) {
|
||||
public void setChildren(List<AuthorizationSettingMenuEntity> children) {
|
||||
this.children = children;
|
||||
}
|
||||
}
|
||||
@@ -88,14 +88,15 @@ public class SimpleAuthorizationSettingService extends GenericEntityService<Auth
|
||||
|
||||
@Override
|
||||
public AuthorizationSettingEntity select(String type, String settingFor) {
|
||||
Objects.requireNonNull(type);
|
||||
Objects.requireNonNull(settingFor);
|
||||
tryValidateProperty(type != null, AuthorizationSettingEntity.type, "{can not be null}");
|
||||
tryValidateProperty(settingFor != null, AuthorizationSettingEntity.settingFor, "{can not be null}");
|
||||
return createQuery().where(AuthorizationSettingEntity.type, type)
|
||||
.and(AuthorizationSettingEntity.settingFor, settingFor)
|
||||
.single();
|
||||
}
|
||||
|
||||
@Override
|
||||
@CacheEvict(allEntries = true)
|
||||
public String saveOrUpdate(AuthorizationSettingEntity entity) {
|
||||
AuthorizationSettingEntity old = select(entity.getType(), entity.getSettingFor());
|
||||
if (old != null) {
|
||||
@@ -148,6 +149,7 @@ public class SimpleAuthorizationSettingService extends GenericEntityService<Auth
|
||||
.where(AuthorizationSettingDetailEntity.settingId, id)
|
||||
.exec();
|
||||
for (AuthorizationSettingDetailEntity detail : entity.getDetails()) {
|
||||
detail.setId(getIDGenerator().generate());
|
||||
detail.setSettingId(id);
|
||||
detail.setStatus(DataStatus.STATUS_ENABLED);
|
||||
authorizationSettingDetailDao.insert(detail);
|
||||
@@ -180,7 +182,7 @@ public class SimpleAuthorizationSettingService extends GenericEntityService<Auth
|
||||
.where(type, entry.getKey())
|
||||
.and()
|
||||
.in(settingFor, entry.getValue().stream().map(SettingInfo::getSettingFor).collect(Collectors.toList()))
|
||||
.list())
|
||||
.listNoPaging())
|
||||
.flatMap(List::stream)
|
||||
.collect(Collectors.toList());
|
||||
}
|
||||
@@ -204,25 +206,38 @@ public class SimpleAuthorizationSettingService extends GenericEntityService<Auth
|
||||
.map(AuthorizationSettingMenuEntity::getMenuId)
|
||||
.distinct()
|
||||
.collect(Collectors.toList());
|
||||
if (menuIdList.isEmpty()) return new ArrayList<>();
|
||||
//获取全部菜单,并创建缓存备用
|
||||
Map<String, MenuEntity> menuCache = menuService
|
||||
.selectByPk(menuIdList)
|
||||
.stream()
|
||||
.collect(Collectors.toMap(MenuEntity::getId, Function.identity()));
|
||||
|
||||
//根据配置,重新构造菜单结构
|
||||
List<UserMenuEntity> reBuildMenu = new LinkedList<>();
|
||||
for (AuthorizationSettingMenuEntity entity : menuEntities) {
|
||||
MenuEntity cache = menuCache.get(entity.getId());
|
||||
if (null != cache && cache.getStatus() == 1) {
|
||||
UserMenuEntity menu = entityFactory.newInstance(UserMenuEntity.class, cache);
|
||||
menu.setSortIndex(entity.getSortIndex());
|
||||
menu.setLevel(entity.getLevel());
|
||||
menu.setId(entity.getId());
|
||||
menu.setParentId(entity.getParentId());
|
||||
menu.setMenuId(cache.getId());
|
||||
reBuildMenu.add(menu);
|
||||
}
|
||||
for (MenuEntity menuEntity : menuCache.values()) {
|
||||
UserMenuEntity menu = entityFactory.newInstance(UserMenuEntity.class, menuEntity);
|
||||
menu.setSortIndex(menuEntity.getSortIndex());
|
||||
menu.setLevel(menuEntity.getLevel());
|
||||
menu.setId(menuEntity.getId());
|
||||
menu.setParentId(menuEntity.getParentId());
|
||||
menu.setMenuId(menuEntity.getId());
|
||||
reBuildMenu.add(menu);
|
||||
}
|
||||
|
||||
// for (AuthorizationSettingMenuEntity entity : menuEntities) {
|
||||
// MenuEntity cache = menuCache.get(entity.getMenuId());
|
||||
// if (null != cache && DataStatus.STATUS_ENABLED.equals(cache.getStatus())) {
|
||||
// UserMenuEntity menu = entityFactory.newInstance(UserMenuEntity.class, cache);
|
||||
// menu.setSortIndex(entity.getSortIndex());
|
||||
// menu.setLevel(entity.getLevel());
|
||||
// menu.setId(entity.getId());
|
||||
// menu.setParentId(entity.getParentId());
|
||||
// menu.setMenuId(cache.getId());
|
||||
// reBuildMenu.add(menu);
|
||||
// }
|
||||
// }
|
||||
Collections.sort(reBuildMenu);
|
||||
return reBuildMenu;
|
||||
}
|
||||
|
||||
@@ -262,7 +277,7 @@ public class SimpleAuthorizationSettingService extends GenericEntityService<Auth
|
||||
.createQuery(authorizationSettingDetailDao)
|
||||
.where(AuthorizationSettingDetailEntity.status, STATE_OK)
|
||||
.and().in(AuthorizationSettingDetailEntity.settingId, settingIdList)
|
||||
.list();
|
||||
.listNoPaging();
|
||||
//权限
|
||||
Map<String, List<AuthorizationSettingDetailEntity>> settings = detailList
|
||||
.stream()
|
||||
|
||||
@@ -77,7 +77,14 @@ public class SimpleUserService extends AbstractService<UserEntity, String>
|
||||
@Transactional(readOnly = true)
|
||||
public UserEntity selectByPk(String id) {
|
||||
tryValidateProperty(StringUtils.hasLength(id), UserEntity.id, "id:{not_be_null}");
|
||||
return createQuery().where(UserEntity.id, id).single();
|
||||
UserEntity userEntity=createQuery().where(UserEntity.id, id).single();
|
||||
if(null!=userEntity){
|
||||
List<String> roleId= userRoleDao.selectByUserId(id).stream().map(UserRoleEntity::getRoleId).collect(Collectors.toList());
|
||||
BindRoleUserEntity roleUserEntity=entityFactory.newInstance(BindRoleUserEntity.class,userEntity);
|
||||
roleUserEntity.setRoles(roleId);
|
||||
return roleUserEntity;
|
||||
}
|
||||
return null;
|
||||
}
|
||||
|
||||
@Override
|
||||
|
||||
@@ -69,8 +69,8 @@ function install(context) {
|
||||
database.createOrAlter("s_permission_role")
|
||||
.addColumn().name("role_id").varchar(32).notNull().comment("角色ID").commit()
|
||||
.addColumn().name("permission_id").varchar(32).notNull().comment("权限ID").commit()
|
||||
.addColumn().name("actions").clob().notNull().comment("可选操作").commit()
|
||||
.addColumn().name("data_access").clob().notNull().comment("数据级控制配置").commit()
|
||||
.addColumn().name("actions").clob().comment("可选操作").commit()
|
||||
.addColumn().name("data_access").clob().comment("数据级控制配置").commit()
|
||||
.comment("权限与角色关联表").commit();
|
||||
|
||||
database.createOrAlter("s_user_role")
|
||||
@@ -83,8 +83,8 @@ function install(context) {
|
||||
.addColumn().name("u_id").varchar(32).notNull().primaryKey().comment("uid").commit()
|
||||
.addColumn().name("type").varchar(32).notNull().comment("权限类型").commit()
|
||||
.addColumn().name("setting_for").varchar(64).notNull().comment("设置给谁").commit()
|
||||
.addColumn().name("describe").varchar(256).notNull().comment("备注").commit()
|
||||
.addColumn().name("status").number(4, 0).notNull().comment("设置给谁").commit()
|
||||
.addColumn().name("describe").varchar(256).comment("备注").commit()
|
||||
.addColumn().name("status").number(4, 0).comment("设置给谁").commit()
|
||||
.comment("权限设置表").commit();
|
||||
|
||||
database.createOrAlter("s_autz_detail")
|
||||
|
||||
Reference in New Issue
Block a user