WendyYang
3 miesięcy temu
4 zmienionych plików z 22 dodań i 5 usunięć
-
+3 -0hz-pm-api/src/main/java/com/hz/pm/api/App.java
-
+4 -0hz-pm-api/src/main/java/com/hz/pm/api/sys/controller/MenuController.java
-
+6 -2hz-pm-api/src/main/java/com/hz/pm/api/sys/controller/RoleController.java
-
+9 -3hz-pm-api/src/main/java/com/hz/pm/api/user/security/model/UserInfoDetails.java
+ 3
- 0
hz-pm-api/src/main/java/com/hz/pm/api/App.java
Wyświetl plik
| @@ -11,6 +11,8 @@ import org.springframework.context.annotation.ComponentScan; | |||
| import org.springframework.context.annotation.EnableAspectJAutoProxy; | |||
| import org.springframework.scheduling.annotation.EnableAsync; | |||
| import org.springframework.scheduling.annotation.EnableScheduling; | |||
| import org.springframework.security.config.annotation.method.configuration.EnableGlobalMethodSecurity; | |||
| import org.springframework.security.config.annotation.method.configuration.EnableMethodSecurity; | |||
| import org.springframework.security.core.context.SecurityContextHolder; | |||
| import org.springframework.transaction.annotation.EnableTransactionManagement; | |||
| @@ -21,6 +23,7 @@ import org.springframework.transaction.annotation.EnableTransactionManagement; | |||
| @EnableAsync | |||
| @MapperScan(App.MAPPER_PACKAGES) | |||
| @EnableScheduling | |||
| @EnableMethodSecurity | |||
| @EnableTransactionManagement | |||
| @EnableAspectJAutoProxy(exposeProxy = true) | |||
| @ComponentScan(basePackages = {"com.hz.pm", "com.ningdatech.irs"}) | |||
+ 4
- 0
hz-pm-api/src/main/java/com/hz/pm/api/sys/controller/MenuController.java
Wyświetl plik
| @@ -21,6 +21,7 @@ import io.swagger.annotations.Api; | |||
| import io.swagger.annotations.ApiOperation; | |||
| import lombok.RequiredArgsConstructor; | |||
| import lombok.extern.slf4j.Slf4j; | |||
| import org.springframework.security.access.prepost.PreAuthorize; | |||
| import org.springframework.validation.annotation.Validated; | |||
| import org.springframework.web.bind.annotation.*; | |||
| @@ -92,6 +93,7 @@ public class MenuController { | |||
| @ApiOperation(value = "保存新菜单", notes = "保存新菜单") | |||
| @PostMapping("/save") | |||
| @WebLog("保存菜单") | |||
| @PreAuthorize("hasAuthority('SUPER_ADMIN')") | |||
| public MenuVO handlerSave(@Valid @RequestBody MenuSaveDTO data) { | |||
| menuService.save(data, LoginUserUtil.getUserId()); | |||
| return BeanUtil.toBean(data, MenuVO.class); | |||
| @@ -100,6 +102,7 @@ public class MenuController { | |||
| @ApiOperation(value = "编辑菜单", notes = "编辑菜单") | |||
| @PostMapping("/modify") | |||
| @WebLog("编辑菜单") | |||
| @PreAuthorize("hasAuthority('SUPER_ADMIN')") | |||
| public MenuVO handlerUpdate(@RequestBody MenuUpdateDTO data) { | |||
| menuService.update(data, LoginUserUtil.getUserId()); | |||
| return BeanUtil.toBean(data, MenuVO.class); | |||
| @@ -108,6 +111,7 @@ public class MenuController { | |||
| @ApiOperation(value = "删除菜单", notes = "删除菜单") | |||
| @PostMapping("/remove") | |||
| @WebLog("删除菜单") | |||
| @PreAuthorize("hasAuthority('SUPER_ADMIN')") | |||
| public Boolean handlerDelete(@RequestBody List<Long> ids) { | |||
| return menuService.removeByIdWithCache(ids); | |||
| } | |||
+ 6
- 2
hz-pm-api/src/main/java/com/hz/pm/api/sys/controller/RoleController.java
Wyświetl plik
| @@ -2,8 +2,6 @@ package com.hz.pm.api.sys.controller; | |||
| import cn.hutool.core.bean.BeanUtil; | |||
| import cn.hutool.core.lang.Assert; | |||
| import com.ningdatech.basic.model.PageVo; | |||
| import com.ningdatech.log.annotation.WebLog; | |||
| import com.hz.pm.api.common.util.BizUtils; | |||
| import com.hz.pm.api.sys.manage.RoleManage; | |||
| import com.hz.pm.api.sys.model.dto.MenuDataScopeDTO; | |||
| @@ -14,10 +12,13 @@ import com.hz.pm.api.sys.model.req.RolePageReq; | |||
| import com.hz.pm.api.sys.model.vo.RoleVO; | |||
| import com.hz.pm.api.sys.service.IRoleService; | |||
| import com.hz.pm.api.user.util.LoginUserUtil; | |||
| import com.ningdatech.basic.model.PageVo; | |||
| import com.ningdatech.log.annotation.WebLog; | |||
| import io.swagger.annotations.Api; | |||
| import io.swagger.annotations.ApiOperation; | |||
| import lombok.RequiredArgsConstructor; | |||
| import lombok.extern.slf4j.Slf4j; | |||
| import org.springframework.security.access.prepost.PreAuthorize; | |||
| import org.springframework.validation.annotation.Validated; | |||
| import org.springframework.web.bind.annotation.*; | |||
| @@ -73,6 +74,7 @@ public class RoleController { | |||
| @ApiOperation(value = "保存新角色", notes = "保存新角色") | |||
| @PostMapping("/save") | |||
| @WebLog("保存新角色") | |||
| @PreAuthorize("hasAuthority('SUPER_ADMIN')") | |||
| public RoleVO handlerSave(@Valid @RequestBody RoleSaveDTO data) { | |||
| roleService.saveRole(data, LoginUserUtil.getUserId()); | |||
| return BeanUtil.toBean(data, RoleVO.class); | |||
| @@ -81,6 +83,7 @@ public class RoleController { | |||
| @ApiOperation(value = "编辑角色", notes = "编辑角色") | |||
| @PostMapping("/modify") | |||
| @WebLog("编辑角色") | |||
| @PreAuthorize("hasAuthority('SUPER_ADMIN')") | |||
| public RoleVO handlerUpdate(@Valid @RequestBody RoleUpdateDTO data) { | |||
| roleService.updateRole(data, LoginUserUtil.getUserId()); | |||
| return BeanUtil.toBean(data, RoleVO.class); | |||
| @@ -89,6 +92,7 @@ public class RoleController { | |||
| @ApiOperation(value = "删除角色", notes = "删除角色") | |||
| @PostMapping("/remove") | |||
| @WebLog("删除角色") | |||
| @PreAuthorize("hasAuthority('SUPER_ADMIN')") | |||
| public Boolean handlerDelete(@Valid @RequestBody List<Long> ids) { | |||
| return roleService.removeByIdWithCache(ids); | |||
| } | |||
+ 9
- 3
hz-pm-api/src/main/java/com/hz/pm/api/user/security/model/UserInfoDetails.java
Wyświetl plik
| @@ -1,7 +1,7 @@ | |||
| package com.hz.pm.api.user.security.model; | |||
| import cn.hutool.core.collection.CollUtil; | |||
| import cn.hutool.core.collection.CollectionUtil; | |||
| import cn.hutool.core.util.StrUtil; | |||
| import com.hz.pm.api.sys.model.entity.Role; | |||
| import com.hz.pm.api.user.model.enumeration.RoleEnum; | |||
| import com.ningdatech.basic.auth.AbstractLoginUser; | |||
| @@ -75,7 +75,13 @@ public class UserInfoDetails extends AbstractLoginUser implements UserDetails { | |||
| if (CollUtil.isNotEmpty(this.userRoleList)) { | |||
| List<SimpleGrantedAuthority> authorities = new ArrayList<>(); | |||
| for (Role role : this.userRoleList) { | |||
| authorities.add(new SimpleGrantedAuthority(role.getCode())); | |||
| String roleCode; | |||
| if (StrUtil.isBlank(role.getCode())) { | |||
| roleCode = String.valueOf(role.getId()); | |||
| } else { | |||
| roleCode = role.getCode(); | |||
| } | |||
| authorities.add(new SimpleGrantedAuthority(roleCode)); | |||
| } | |||
| return authorities; | |||
| } | |||
| @@ -149,7 +155,7 @@ public class UserInfoDetails extends AbstractLoginUser implements UserDetails { | |||
| return Boolean.FALSE; | |||
| } | |||
| public List<Long> getRoleIds(){ | |||
| public List<Long> getRoleIds() { | |||
| if (this.userRoleList != null && !this.userRoleList.isEmpty()) { | |||
| return this.userRoleList.stream().map(Role::getId).collect(Collectors.toList()); | |||
| } | |||