mirror of
				https://github.com/continew-org/continew-admin.git
				synced 2025-10-25 18:57:11 +08:00 
			
		
		
		
	feat: 重构 CRUD API 权限控制,新增 CrudApiPermissionPrefixCache 缓存权限前缀
- 新增 CrudApiPermissionPrefixCache 类用于缓存 CRUD API权限前缀 - 修改 SaTokenConfiguration,为使用 @CrudRequestMapping 注解的 Controller缓存权限前缀 - 重构 BaseController 中的权限校验逻辑,使用缓存的权限前缀 - 更新 SmsConfigController 和 SmsLogController 中的 @CrudRequestMapping 注解路径
This commit is contained in:
		| @@ -22,11 +22,9 @@ import cn.dev33.satoken.context.model.SaRequest; | ||||
| import cn.dev33.satoken.sign.template.SaSignTemplate; | ||||
| import cn.dev33.satoken.stp.StpUtil; | ||||
| import cn.hutool.core.annotation.AnnotationUtil; | ||||
| import cn.hutool.core.text.CharSequenceUtil; | ||||
| import top.continew.admin.common.base.service.BaseService; | ||||
| import top.continew.starter.core.constant.StringConstants; | ||||
| import top.continew.admin.common.config.crud.CrudApiPermissionPrefixCache; | ||||
| import top.continew.starter.extension.crud.annotation.CrudApi; | ||||
| import top.continew.starter.extension.crud.annotation.CrudRequestMapping; | ||||
| import top.continew.starter.extension.crud.controller.AbstractCrudController; | ||||
| import top.continew.starter.extension.crud.enums.Api; | ||||
|  | ||||
| @@ -64,11 +62,9 @@ public class BaseController<S extends BaseService<L, D, Q, C>, L, D, Q, C> exten | ||||
|             return; | ||||
|         } | ||||
|         // 校验权限,例如:创建用户接口(POST /system/user) => 校验 system:user:create 权限 | ||||
|         CrudRequestMapping crudRequestMapping = targetClass.getDeclaredAnnotation(CrudRequestMapping.class); | ||||
|         String path = crudRequestMapping.value(); | ||||
|         String prefix = String.join(StringConstants.COLON, CharSequenceUtil.splitTrim(path, StringConstants.SLASH)); | ||||
|         String permissionPrefix = CrudApiPermissionPrefixCache.get(targetClass); | ||||
|         String apiName = getApiName(crudApi.value()); | ||||
|         StpUtil.checkPermission("%s:%s".formatted(prefix, apiName.toLowerCase())); | ||||
|         StpUtil.checkPermission("%s:%s".formatted(permissionPrefix, apiName.toLowerCase())); | ||||
|     } | ||||
|  | ||||
|     /** | ||||
|   | ||||
| @@ -0,0 +1,85 @@ | ||||
| /* | ||||
|  * Copyright (c) 2022-present Charles7c Authors. All Rights Reserved. | ||||
|  * | ||||
|  * Licensed under the Apache License, Version 2.0 (the "License"); | ||||
|  * you may not use this file except in compliance with the License. | ||||
|  * You may obtain a copy of the License at | ||||
|  * | ||||
|  *     http://www.apache.org/licenses/LICENSE-2.0 | ||||
|  * | ||||
|  * Unless required by applicable law or agreed to in writing, software | ||||
|  * distributed under the License is distributed on an "AS IS" BASIS, | ||||
|  * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. | ||||
|  * See the License for the specific language governing permissions and | ||||
|  * limitations under the License. | ||||
|  */ | ||||
|  | ||||
| package top.continew.admin.common.config.crud; | ||||
|  | ||||
| import cn.hutool.core.util.StrUtil; | ||||
| import top.continew.starter.core.constant.StringConstants; | ||||
|  | ||||
| import java.util.HashMap; | ||||
| import java.util.List; | ||||
| import java.util.Map; | ||||
|  | ||||
| /** | ||||
|  * CRUD API 权限前缀缓存 | ||||
|  * | ||||
|  * @author Charles7c | ||||
|  * @since 2025/7/24 22:14 | ||||
|  */ | ||||
| public class CrudApiPermissionPrefixCache { | ||||
|  | ||||
|     private static final Map<Class<?>, String> PERMISSION_PREFIX_CACHE = new HashMap<>(); | ||||
|  | ||||
|     /** | ||||
|      * 存储CRUD API权限前缀 | ||||
|      * | ||||
|      * @param controllerClazz 控制器类 | ||||
|      * @param path            路径 | ||||
|      */ | ||||
|     public static void put(Class<?> controllerClazz, String path) { | ||||
|         String permissionPrefix = parsePermissionPrefix(path); | ||||
|         PERMISSION_PREFIX_CACHE.put(controllerClazz, permissionPrefix); | ||||
|     } | ||||
|  | ||||
|     /** | ||||
|      * 获取CRUD API权限前缀 | ||||
|      * | ||||
|      * @param controllerClazz 控制器类 | ||||
|      * @return 权限前缀 | ||||
|      */ | ||||
|     public static String get(Class<?> controllerClazz) { | ||||
|         return PERMISSION_PREFIX_CACHE.get(controllerClazz); | ||||
|     } | ||||
|  | ||||
|     /** | ||||
|      * 清空缓存 | ||||
|      */ | ||||
|     public static void clear() { | ||||
|         PERMISSION_PREFIX_CACHE.clear(); | ||||
|     } | ||||
|  | ||||
|     /** | ||||
|      * 解析权限前缀(解析路径获取模块名和资源名) | ||||
|      * | ||||
|      * <p> | ||||
|      * 例如:/system/user => system:user <br> | ||||
|      * /system/dict/item => system:dictItem | ||||
|      * </p> | ||||
|      * | ||||
|      * @param path 路径 | ||||
|      * @return 权限前缀 | ||||
|      */ | ||||
|     private static String parsePermissionPrefix(String path) { | ||||
|         List<String> pathSegmentList = StrUtil.splitTrim(path, StringConstants.SLASH); | ||||
|         if (pathSegmentList.size() < 2) { | ||||
|             throw new IllegalArgumentException("无效的 @CrudRequestMapping 路径配置:" + path); | ||||
|         } | ||||
|         String moduleName = pathSegmentList.get(0); | ||||
|         String resourceName = StrUtil.toCamelCase(String.join(StringConstants.UNDERLINE, pathSegmentList | ||||
|             .subList(1, pathSegmentList.size()))); | ||||
|         return "%s:%s".formatted(moduleName, resourceName); | ||||
|     } | ||||
| } | ||||
| @@ -35,6 +35,7 @@ import org.springframework.context.annotation.Bean; | ||||
| import org.springframework.context.annotation.Configuration; | ||||
| import org.springframework.context.event.EventListener; | ||||
| import org.springframework.core.annotation.AnnotationUtils; | ||||
| import top.continew.admin.common.config.crud.CrudApiPermissionPrefixCache; | ||||
| import top.continew.admin.common.context.UserContext; | ||||
| import top.continew.admin.common.context.UserContextHolder; | ||||
| import top.continew.admin.open.sign.OpenApiSignTemplate; | ||||
| @@ -113,12 +114,16 @@ public class SaTokenConfiguration { | ||||
|             if (AopUtils.isAopProxy(bean)) { | ||||
|                 clazz = AopProxyUtils.ultimateTargetClass(bean); | ||||
|             } | ||||
|             // 使用 @CrudRequestMapping 的 Controller,如果使用了 @SaIgnore 注解,则表示忽略校验 | ||||
|             // 使用 @CrudRequestMapping 的 Controller,如果使用了 @SaIgnore 注解,则表示忽略认证和权限校验 | ||||
|             CrudRequestMapping crudRequestMapping = AnnotationUtils.findAnnotation(clazz, CrudRequestMapping.class); | ||||
|             SaIgnore saIgnore = AnnotationUtils.findAnnotation(clazz, SaIgnore.class); | ||||
|             if (crudRequestMapping != null && saIgnore != null) { | ||||
|             if (crudRequestMapping != null) { | ||||
|                 if (saIgnore != null) { | ||||
|                     return crudRequestMapping.value() + StringConstants.PATH_PATTERN; | ||||
|                 } | ||||
|                 // 缓存权限前缀 | ||||
|                 CrudApiPermissionPrefixCache.put(clazz, crudRequestMapping.value()); | ||||
|             } | ||||
|             return null; | ||||
|         }).filter(Objects::nonNull).toList(); | ||||
|         if (!additionalExcludes.isEmpty()) { | ||||
|   | ||||
| @@ -41,7 +41,7 @@ import top.continew.starter.extension.crud.enums.Api; | ||||
|  */ | ||||
| @Tag(name = "短信配置管理 API") | ||||
| @RestController | ||||
| @CrudRequestMapping(value = "/system/smsConfig", api = {Api.PAGE, Api.GET, Api.CREATE, Api.UPDATE, Api.BATCH_DELETE}) | ||||
| @CrudRequestMapping(value = "/system/sms/config", api = {Api.PAGE, Api.GET, Api.CREATE, Api.UPDATE, Api.BATCH_DELETE}) | ||||
| public class SmsConfigController extends BaseController<SmsConfigService, SmsConfigResp, SmsConfigResp, SmsConfigQuery, SmsConfigReq> { | ||||
|  | ||||
|     @Operation(summary = "设为默认配置", description = "设为默认配置") | ||||
|   | ||||
| @@ -35,6 +35,6 @@ import top.continew.starter.extension.crud.enums.Api; | ||||
|  */ | ||||
| @Tag(name = "短信日志管理 API") | ||||
| @RestController | ||||
| @CrudRequestMapping(value = "/system/smsLog", api = {Api.PAGE, Api.GET, Api.BATCH_DELETE, Api.EXPORT}) | ||||
| @CrudRequestMapping(value = "/system/sms/log", api = {Api.PAGE, Api.GET, Api.BATCH_DELETE, Api.EXPORT}) | ||||
| public class SmsLogController extends BaseController<SmsLogService, SmsLogResp, SmsLogResp, SmsLogQuery, SmsLogReq> { | ||||
| } | ||||
		Reference in New Issue
	
	Block a user