mirror of https://github.com/hs-web/hsweb-framework.git synced 2026-06-06 22:19:29 +08:00

Files

zhouhao a0d82967c5 Merge branch 'refs/heads/master' into spring-boot3

# Conflicts:
#	hsweb-authorization/hsweb-authorization-basic/src/main/java/org/hswebframework/web/authorization/basic/handler/access/DimensionDataAccessHandler.java
#	hsweb-authorization/hsweb-authorization-oauth2/src/main/java/org/hswebframework/web/oauth2/server/auth/ReactiveOAuth2AccessTokenParser.java
#	hsweb-authorization/hsweb-authorization-oauth2/src/test/java/org/hswebframework/web/oauth2/server/impl/RedisAccessTokenManagerTest.java
#	hsweb-commons/hsweb-commons-crud/src/main/java/org/hswebframework/web/crud/configuration/EasyormRepositoryRegistrar.java
#	hsweb-commons/hsweb-commons-crud/src/test/java/org/hswebframework/web/crud/CrudTests.java
#	hsweb-commons/hsweb-commons-crud/src/test/java/org/hswebframework/web/crud/service/GenericReactiveCacheSupportCrudServiceTest.java
#	hsweb-core/pom.xml
#	hsweb-logging/hsweb-access-logging-aop/src/main/java/org/hswebframework/web/logging/aop/ReactiveAopAccessLoggerSupport.java
#	hsweb-starter/src/main/java/org/hswebframework/web/starter/initialize/SystemInitialize.java
#	hsweb-starter/src/main/resources/META-INF/spring/org.springframework.boot.autoconfigure.AutoConfiguration.imports
#	hsweb-system/hsweb-system-authorization/hsweb-system-authorization-api/src/main/java/org/hswebframework/web/system/authorization/api/entity/UserEntity.java
#	hsweb-system/hsweb-system-authorization/hsweb-system-authorization-default/src/main/java/org/hswebframework/web/system/authorization/defaults/service/DefaultReactiveUserService.java
#	pom.xml

2024-07-04 16:17:22 +08:00

src

Merge branch 'refs/heads/master' into spring-boot3

2024-07-04 16:17:22 +08:00

custom-data-access.md

优化响应式数据权限

2019-11-16 12:18:26 +08:00

define.md

shiro被砍,basic顶替.

2017-08-18 17:55:11 +08:00

pom.xml

build: new version 5.0.0

2024-01-02 10:43:43 +08:00

README.md

shiro被砍,basic顶替.

2017-08-18 17:55:11 +08:00

token.md

shiro被砍,basic顶替.

2017-08-18 17:55:11 +08:00

README.md

权限控制API

用于权限控制的API接口,支持RBAC权限控制,支持数据级（控制到行,列）权限控制.

用户令牌管理

权限控制配置

介绍

以下讲到的类都是基于包:org.hswebframework.web.authorization

常用注解:

点击名称,查看源代码注释获得使用说明

注解名称	说明
`@Authorize`	RBAC方式权限控制注解
`@RequiresExpression`	表达式方式验证
`@RequiresDataAccess`	数据权限控制

自定义数据权限控制

常用类

点击名称,查看源代码注释获得使用说明

类名	说明
`Authentication`	用户的认证信息
`AuthenticationHolder`	用于获取当前登录用户的认证信息

Listener

api提供AuthorizationListener 来进行授权逻辑拓展，在授权前后执行可自定义的操作.如rsa解密帐号密码,验证码判断等。

默认事件列表():

类名	说明
`AuthorizationDecodeEvent`	接收到请求参数时
`AuthorizationBeforeEvent`	验证密码前触发
`AuthorizationFailedEvent`	授权验证失败时触发
`AuthorizationSuccessEvent`	授权成功时触发
`AuthorizationExitEvent`	用户注销时触发

例子:

@Component
public class CustomAuthorizationSuccessListener implements AuthorizationListener<AuthorizationSuccessEvent>{
        @Override
        public void on(AuthorizationSuccessEvent event) {
            Authentication authentication=event.getAuthentication();
            //....
            System.out.println(authentication.getUser().getName()+"登录啦");
        }
}