新增：新增功能权限适配及校验

1.后端 API 注解鉴权使用方式：@SaCheckPermission("system:user:add")
2.前端全局指令函数使用方式：v-permission="['system:user:add']"
3.前端权限判断函数使用方式：checkPermission(['system:user:add'])

continew-admin-webapi/src/main/java/top/charles7c/cnadmin/webapi/controller/monitor/OnlineUserController.java

@@ -29,6 +29,7 @@ import io.swagger.v3.oas.annotations.tags.Tag;
 import org.springframework.validation.annotation.Validated;
 import org.springframework.web.bind.annotation.*;
 
+import cn.dev33.satoken.annotation.SaCheckPermission;
 import cn.dev33.satoken.dao.SaTokenDao;
 import cn.dev33.satoken.session.SaSession;
 import cn.dev33.satoken.stp.StpUtil;
@@ -59,6 +60,7 @@ import top.charles7c.cnadmin.monitor.model.vo.*;
 public class OnlineUserController {
 
     @Operation(summary = "分页查询列表")
+    @SaCheckPermission("monitor:online:user:list")
     @GetMapping
     public R<PageDataVO<OnlineUserVO>> page(@Validated OnlineUserQuery query, @Validated PageQuery pageQuery) {
         List<LoginUser> loginUserList = new ArrayList<>();
@@ -113,6 +115,7 @@ public class OnlineUserController {
     }
 
     @Operation(summary = "强退在线用户")
+    @SaCheckPermission("monitor:online:user:delete")
     @DeleteMapping("/{token}")
     public R kickout(@PathVariable String token) {
         String currentToken = StpUtil.getTokenValue();

continew-admin-webapi/src/main/java/top/charles7c/cnadmin/webapi/controller/system/UserController.java

@@ -25,6 +25,8 @@ import org.springframework.web.bind.annotation.PathVariable;
 import org.springframework.web.bind.annotation.RequestBody;
 import org.springframework.web.bind.annotation.RestController;
 
+import cn.dev33.satoken.annotation.SaCheckPermission;
+
 import top.charles7c.cnadmin.common.annotation.CrudRequestMapping;
 import top.charles7c.cnadmin.common.base.BaseController;
 import top.charles7c.cnadmin.common.base.BaseRequest;
@@ -50,12 +52,14 @@ import top.charles7c.cnadmin.system.service.UserService;
 public class UserController extends BaseController<UserService, UserVO, UserDetailVO, UserQuery, UserRequest> {
 
     @Override
+    @SaCheckPermission("system:user:add")
     protected R<Long> add(@Validated(BaseRequest.Add.class) @RequestBody UserRequest request) {
         Long id = baseService.add(request);
         return R.ok(String.format("新增成功，请牢记默认密码：%s", Constants.DEFAULT_PASSWORD), id);
     }
 
     @Operation(summary = "重置密码", description = "重置用户登录密码为默认密码")
+    @SaCheckPermission("system:user:password:reset")
     @PatchMapping("/{userId}/password")
     public R resetPassword(@PathVariable Long userId) {
         baseService.resetPassword(userId);
@@ -63,6 +67,7 @@ public class UserController extends BaseController<UserService, UserVO, UserDeta
     }
 
     @Operation(summary = "分配角色", description = "为用户新增或移除角色")
+    @SaCheckPermission("system:user:role:update")
     @PatchMapping("/{userId}/role")
     public R updateUserRole(@PathVariable Long userId, @Validated @RequestBody UpdateUserRoleRequest request) {
         baseService.updateUserRole(request, userId);

continew-admin-webapi/src/main/resources/db/changelog/v0.0.1/continew-admin_data.sql

@@ -59,16 +59,6 @@ INSERT IGNORE INTO `sys_role_menu` VALUES (2, 1011);
 INSERT IGNORE INTO `sys_role_menu` VALUES (2, 1012);
 INSERT IGNORE INTO `sys_role_menu` VALUES (2, 1013);
 INSERT IGNORE INTO `sys_role_menu` VALUES (2, 1014);
-INSERT IGNORE INTO `sys_role_menu` VALUES (2, 1030);
-INSERT IGNORE INTO `sys_role_menu` VALUES (2, 1031);
-INSERT IGNORE INTO `sys_role_menu` VALUES (2, 1032);
-INSERT IGNORE INTO `sys_role_menu` VALUES (2, 1033);
-INSERT IGNORE INTO `sys_role_menu` VALUES (2, 1034);
-INSERT IGNORE INTO `sys_role_menu` VALUES (2, 1050);
-INSERT IGNORE INTO `sys_role_menu` VALUES (2, 1051);
-INSERT IGNORE INTO `sys_role_menu` VALUES (2, 1052);
-INSERT IGNORE INTO `sys_role_menu` VALUES (2, 1053);
-INSERT IGNORE INTO `sys_role_menu` VALUES (2, 1054);
 
 -- 初始化默认角色和部门关联数据
 INSERT IGNORE INTO `sys_role_dept` VALUES (2, 5);