ContiNew/continew-admin
1
1
Fork 0
mirror of https://github.com/continew-org/continew-admin.git synced 2025-10-31 00:57:13 +08:00
Code Issues Packages Projects Releases Wiki Activity

新增:新增功能权限适配及校验

Browse Source 
1.后端 API 注解鉴权使用方式:@SaCheckPermission("system:user:add")
2.前端全局指令函数使用方式:v-permission="['system:user:add']"
3.前端权限判断函数使用方式:checkPermission(['system:user:add'])
This commit is contained in:
Charles7c
2023-03-02 23:39:22 +08:00
parent 843cac4e54
commit 94be1f9553
51 changed files with 548 additions and 149 deletions
Download Patch File Download Diff File Expand all files Collapse all files

24
continew-admin-common/src/main/java/top/charles7c/cnadmin/common/base/BaseController.java
View File

@@ -30,8 +30,11 @@ import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.validation.annotation.Validated;
import org.springframework.web.bind.annotation.*;
import cn.dev33.satoken.stp.StpUtil;
import cn.hutool.core.lang.tree.Tree;
import cn.hutool.core.util.StrUtil;
import top.charles7c.cnadmin.common.annotation.CrudRequestMapping;
import top.charles7c.cnadmin.common.model.query.PageQuery;
import top.charles7c.cnadmin.common.model.query.SortQuery;
import top.charles7c.cnadmin.common.model.vo.PageDataVO;
@@ -72,6 +75,7 @@ public abstract class BaseController<S extends BaseService<V, D, Q, C>, V, D, Q,
@ResponseBody
@GetMapping
protected R<PageDataVO<V>> page(@Validated Q query, @Validated PageQuery pageQuery) {
this.checkPermission("list");
PageDataVO<V> pageDataVO = baseService.page(query, pageQuery);
return R.ok(pageDataVO);
}
@@ -89,6 +93,7 @@ public abstract class BaseController<S extends BaseService<V, D, Q, C>, V, D, Q,
@ResponseBody
@GetMapping("/tree")
protected R<List<Tree<Long>>> tree(@Validated Q query, @Validated SortQuery sortQuery) {
this.checkPermission("list");
List<Tree<Long>> list = baseService.tree(query, sortQuery, false);
return R.ok(list);
}
@@ -106,6 +111,7 @@ public abstract class BaseController<S extends BaseService<V, D, Q, C>, V, D, Q,
@ResponseBody
@GetMapping("/list")
protected R<List<V>> list(@Validated Q query, @Validated SortQuery sortQuery) {
this.checkPermission("list");
List<V> list = baseService.list(query, sortQuery);
return R.ok(list);
}
@@ -122,6 +128,7 @@ public abstract class BaseController<S extends BaseService<V, D, Q, C>, V, D, Q,
@ResponseBody
@GetMapping("/{id}")
protected R<D> get(@PathVariable Long id) {
this.checkPermission("list");
D detail = baseService.get(id);
return R.ok(detail);
}
@@ -137,6 +144,7 @@ public abstract class BaseController<S extends BaseService<V, D, Q, C>, V, D, Q,
@ResponseBody
@PostMapping
protected R<Long> add(@Validated(BaseRequest.Add.class) @RequestBody C request) {
this.checkPermission("add");
Long id = baseService.add(request);
return R.ok("新增成功", id);
}
@@ -152,6 +160,7 @@ public abstract class BaseController<S extends BaseService<V, D, Q, C>, V, D, Q,
@ResponseBody
@PutMapping
protected R update(@Validated(BaseRequest.Update.class) @RequestBody C request) {
this.checkPermission("update");
baseService.update(request);
return R.ok("修改成功");
}
@@ -168,6 +177,7 @@ public abstract class BaseController<S extends BaseService<V, D, Q, C>, V, D, Q,
@ResponseBody
@DeleteMapping("/{ids}")
protected R delete(@PathVariable List<Long> ids) {
this.checkPermission("delete");
baseService.delete(ids);
return R.ok("删除成功");
}
@@ -185,6 +195,20 @@ public abstract class BaseController<S extends BaseService<V, D, Q, C>, V, D, Q,
@Operation(summary = "导出数据")
@GetMapping("/export")
protected void export(@Validated Q query, @Validated SortQuery sortQuery, HttpServletResponse response) {
this.checkPermission("export");
baseService.export(query, sortQuery, response);
}
/**
* 权限认证
*
* @param subPermission
* 部分权限码
*/
private void checkPermission(String subPermission) {
CrudRequestMapping crudRequestMapping = this.getClass().getDeclaredAnnotation(CrudRequestMapping.class);
String path = crudRequestMapping.value();
String permissionPrefix = String.join(":", StrUtil.splitTrim(path, "/"));
StpUtil.checkPermission(String.format("%s:%s", permissionPrefix, subPermission));
}
}

10
continew-admin-common/src/main/java/top/charles7c/cnadmin/common/base/BaseServiceImpl.java
View File

@@ -41,6 +41,7 @@ import com.baomidou.mybatisplus.extension.conditions.update.UpdateChainWrapper;
import com.baomidou.mybatisplus.extension.toolkit.ChainWrappers;
import cn.hutool.core.bean.BeanUtil;
import cn.hutool.core.bean.copier.CopyOptions;
import cn.hutool.core.collection.CollUtil;
import cn.hutool.core.convert.Convert;
import cn.hutool.core.lang.Opt;
@@ -165,7 +166,10 @@ public abstract class BaseServiceImpl<M extends BaseMapper<T>, T, V, D, Q, C ext
@Override
@Transactional(rollbackFor = Exception.class)
public void update(C request) {
T entity = BeanUtil.copyProperties(request, entityClass);
String idName = this.currentEntityIdName();
Object idValue = ReflectUtil.getFieldValue(request, idName);
T entity = this.getById(idValue);
BeanUtil.copyProperties(request, entity, CopyOptions.create().ignoreNullValue());
baseMapper.updateById(entity);
}
@@ -211,8 +215,8 @@ public abstract class BaseServiceImpl<M extends BaseMapper<T>, T, V, D, Q, C ext
* ID
* @return 实体信息
*/
protected T getById(Long id) {
T entity = baseMapper.selectById(id);
protected T getById(Object id) {
T entity = baseMapper.selectById(Convert.toStr(id));
CheckUtils.throwIfNull(entity, String.format("ID为 [%s] 的记录已不存在", id));
return entity;
}

7
continew-admin-common/src/main/java/top/charles7c/cnadmin/common/consts/Constants.java
View File

@@ -31,7 +31,12 @@ public class Constants {
/**
* 超级管理员角色编码
*/
public static final String ADMIN_ROLE_CODE = "admin";
public static final String SUPER_ADMIN = "admin";
/**
* 全部权限标识
*/
public static final String ALL_PERMISSION = "*";
/**
* 默认密码

42
continew-admin-common/src/main/java/top/charles7c/cnadmin/common/handler/GlobalExceptionHandler.java
View File

@@ -36,6 +36,8 @@ import org.springframework.web.method.annotation.MethodArgumentTypeMismatchExcep
import org.springframework.web.multipart.MaxUploadSizeExceededException;
import cn.dev33.satoken.exception.NotLoginException;
import cn.dev33.satoken.exception.NotPermissionException;
import cn.dev33.satoken.exception.NotRoleException;
import cn.hutool.core.util.NumberUtil;
import cn.hutool.core.util.StrUtil;
@@ -163,7 +165,20 @@ public class GlobalExceptionHandler {
}
/**
* 拦截认证异常-未登录异常
* 拦截文件上传异常-超过上传大小限制
*/
@ResponseStatus(HttpStatus.BAD_REQUEST)
@ExceptionHandler(MaxUploadSizeExceededException.class)
public R handleMaxUploadSizeExceededException(MaxUploadSizeExceededException e, HttpServletRequest request) {
log.error("请求地址'{}',上传文件失败,文件大小超过限制", request.getRequestURI(), e);
String sizeLimit = StrUtil.subBetween(e.getMessage(), "The maximum size ", " for");
String errorMsg = String.format("请上传小于 %s MB 的文件", NumberUtil.parseLong(sizeLimit) / 1024 / 1024);
LogContextHolder.setErrorMsg(errorMsg);
return R.fail(HttpStatus.BAD_REQUEST.value(), errorMsg);
}
/**
* 认证异常-登录认证
*/
@ResponseStatus(HttpStatus.UNAUTHORIZED)
@ExceptionHandler(NotLoginException.class)
@@ -188,15 +203,22 @@ public class GlobalExceptionHandler {
}
/**
* 拦截文件上传异常-超过上传大小限制
* 认证异常-权限认证
*/
@ResponseStatus(HttpStatus.BAD_REQUEST)
@ExceptionHandler(MaxUploadSizeExceededException.class)
public R handleMaxUploadSizeExceededException(MaxUploadSizeExceededException e, HttpServletRequest request) {
log.error("请求地址'{}'上传文件失败,文件大小超过限制", request.getRequestURI(), e);
String sizeLimit = StrUtil.subBetween(e.getMessage(), "The maximum size ", " for");
String errorMsg = String.format("请上传小于 %s MB 的文件", NumberUtil.parseLong(sizeLimit) / 1024 / 1024);
LogContextHolder.setErrorMsg(errorMsg);
return R.fail(HttpStatus.BAD_REQUEST.value(), errorMsg);
@ResponseStatus(HttpStatus.FORBIDDEN)
@ExceptionHandler(NotPermissionException.class)
public R handleNotPermissionException(NotPermissionException e, HttpServletRequest request) {
log.error("请求地址'{}'权限码校验失败'{}'", request.getRequestURI(), e);
return R.fail(HttpStatus.FORBIDDEN.value(), "没有访问权限,请联系管理员授权");
}
/**
* 认证异常-角色认证
*/
@ResponseStatus(HttpStatus.FORBIDDEN)
@ExceptionHandler(NotRoleException.class)
public R handleNotRoleException(NotRoleException e, HttpServletRequest request) {
log.error("请求地址'{}',角色权限校验失败'{}'", request.getRequestURI(), e);
return R.fail(HttpStatus.FORBIDDEN.value(), "没有访问权限,请联系管理员授权");
}
}

11
continew-admin-common/src/main/java/top/charles7c/cnadmin/common/model/dto/LoginUser.java
View File

@@ -18,6 +18,7 @@ package top.charles7c.cnadmin.common.model.dto;
import java.io.Serializable;
import java.time.LocalDateTime;
import java.util.Set;
import lombok.Data;
@@ -118,4 +119,14 @@ public class LoginUser implements Serializable {
* 登录时间
*/
private LocalDateTime loginTime;
/**
* 权限码集合
*/
private Set<String> permissions;
/**
* 角色编码集合
*/
private Set<String> roles;
}

20
continew-admin-system/src/main/java/top/charles7c/cnadmin/auth/config/satoken/SaTokenConfiguration.java
View File

@@ -24,8 +24,10 @@ import org.springframework.context.annotation.Configuration;
import org.springframework.web.servlet.config.annotation.InterceptorRegistry;
import org.springframework.web.servlet.config.annotation.WebMvcConfigurer;
import cn.dev33.satoken.dao.SaTokenDao;
import cn.dev33.satoken.interceptor.SaInterceptor;
import cn.dev33.satoken.jwt.StpLogicJwtForSimple;
import cn.dev33.satoken.stp.StpInterface;
import cn.dev33.satoken.stp.StpLogic;
import cn.dev33.satoken.stp.StpUtil;
@@ -53,7 +55,23 @@ public class SaTokenConfiguration implements WebMvcConfigurer {
* Sa-Token 整合 JWT简单模式
*/
@Bean
public StpLogic getStpLogicJwt() {
public StpLogic stpLogic() {
return new StpLogicJwtForSimple();
}
/**
* Sa-Token 持久层本地 Redis 适配
*/
@Bean
public SaTokenDao saTokenDao() {
return new SaTokenRedisDaoImpl();
}
/**
* Sa-Token 权限认证适配
*/
@Bean
public StpInterface stpInterface() {
return new SaTokenPermissionImpl();
}
}

46
continew-admin-system/src/main/java/top/charles7c/cnadmin/auth/config/satoken/SaTokenPermissionImpl.java Normal file
View File

@@ -0,0 +1,46 @@
/*
* Copyright (c) 2022-present Charles7c Authors. All Rights Reserved.
*
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
* You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and
* limitations under the License.
*/
package top.charles7c.cnadmin.auth.config.satoken;
import java.util.ArrayList;
import java.util.List;
import cn.dev33.satoken.stp.StpInterface;
import top.charles7c.cnadmin.common.model.dto.LoginUser;
import top.charles7c.cnadmin.common.util.helper.LoginHelper;
/**
* Sa-Token 权限认证适配
*
* @author Charles7c
* @since 2023/3/1 22:28
*/
public class SaTokenPermissionImpl implements StpInterface {
@Override
public List<String> getPermissionList(Object loginId, String loginType) {
LoginUser loginUser = LoginHelper.getLoginUser();
return new ArrayList<>(loginUser.getPermissions());
}
@Override
public List<String> getRoleList(Object loginId, String loginType) {
LoginUser loginUser = LoginHelper.getLoginUser();
return new ArrayList<>(loginUser.getRoles());
}
}

5
continew-admin-system/src/main/java/top/charles7c/cnadmin/auth/config/satoken/SaTokenRedisDaoImpl.java
View File

@@ -21,20 +21,17 @@ import java.util.ArrayList;
import java.util.Collection;
import java.util.List;
import org.springframework.stereotype.Component;
import cn.dev33.satoken.dao.SaTokenDao;
import cn.dev33.satoken.util.SaFoxUtil;
import top.charles7c.cnadmin.common.util.RedisUtils;
/**
* SaTokenDao 的本地 Redis 适配参考Sa-Token/sa-token-plugin/sa-token-dao-redisx/SaTokenDaoOfRedis.java
* Sa-Token 持久层本地 Redis 适配参考Sa-Token/sa-token-plugin/sa-token-dao-redisx/SaTokenDaoOfRedis.java
*
* @author Charles7c
* @since 2022/12/28 22:55
*/
@Component
public class SaTokenRedisDaoImpl implements SaTokenDao {
@Override

12
continew-admin-system/src/main/java/top/charles7c/cnadmin/auth/model/vo/UserInfoVO.java
View File

@@ -19,6 +19,7 @@ package top.charles7c.cnadmin.auth.model.vo;
import java.io.Serializable;
import java.time.LocalDate;
import java.time.LocalDateTime;
import java.util.Set;
import lombok.Data;
import lombok.experimental.Accessors;
@@ -123,9 +124,16 @@ public class UserInfoVO implements Serializable {
private String deptName;
/**
* 用户角色(临时 mock 用,写完角色体系后移除)
* 权限码集合
*/
private String role = "admin";
@Schema(description = "权限码集合")
private Set<String> permissions;
/**
* 角色编码集合
*/
@Schema(description = "角色编码集合")
private Set<String> roles;
public String getPhone() {
return DesensitizedUtil.mobilePhone(phone);

46
continew-admin-system/src/main/java/top/charles7c/cnadmin/auth/service/PermissionService.java Normal file
View File

@@ -0,0 +1,46 @@
/*
* Copyright (c) 2022-present Charles7c Authors. All Rights Reserved.
*
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
* You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and
* limitations under the License.
*/
package top.charles7c.cnadmin.auth.service;
import java.util.Set;
/**
* 权限业务接口
*
* @author Charles7c
* @since 2023/3/2 20:40
*/
public interface PermissionService {
/**
* 根据用户 ID 查询权限码
*
* @param userId
* 用户 ID
* @return 权限码集合
*/
Set<String> listPermissionsByUserId(Long userId);
/**
* 根据用户 ID 查询角色编码
*
* @param userId
* 用户 ID
* @return 角色编码集合
*/
Set<String> listRoleCodesByUserId(Long userId);
}

4
continew-admin-system/src/main/java/top/charles7c/cnadmin/auth/service/impl/LoginServiceImpl.java
View File

@@ -24,6 +24,7 @@ import cn.dev33.satoken.stp.StpUtil;
import cn.hutool.core.bean.BeanUtil;
import top.charles7c.cnadmin.auth.service.LoginService;
import top.charles7c.cnadmin.auth.service.PermissionService;
import top.charles7c.cnadmin.common.enums.DisEnableStatusEnum;
import top.charles7c.cnadmin.common.model.dto.LoginUser;
import top.charles7c.cnadmin.common.util.ExceptionUtils;
@@ -46,6 +47,7 @@ public class LoginServiceImpl implements LoginService {
private final UserService userService;
private final DeptService deptService;
private final PermissionService permissionService;
@Override
public String login(String username, String password) {
@@ -58,6 +60,8 @@ public class LoginServiceImpl implements LoginService {
// 登录
LoginUser loginUser = BeanUtil.copyProperties(userDO, LoginUser.class);
loginUser.setDeptName(ExceptionUtils.exToNull(() -> deptService.get(loginUser.getDeptId()).getDeptName()));
loginUser.setPermissions(permissionService.listPermissionsByUserId(userId));
loginUser.setRoles(permissionService.listRoleCodesByUserId(userId));
LoginHelper.login(loginUser);
// 返回令牌

59
continew-admin-system/src/main/java/top/charles7c/cnadmin/auth/service/impl/PermissionServiceImpl.java Normal file
View File

@@ -0,0 +1,59 @@
/*
* Copyright (c) 2022-present Charles7c Authors. All Rights Reserved.
*
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
* You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and
* limitations under the License.
*/
package top.charles7c.cnadmin.auth.service.impl;
import java.util.Set;
import lombok.RequiredArgsConstructor;
import org.springframework.stereotype.Service;
import cn.hutool.core.collection.CollUtil;
import top.charles7c.cnadmin.auth.service.PermissionService;
import top.charles7c.cnadmin.common.consts.Constants;
import top.charles7c.cnadmin.system.service.MenuService;
import top.charles7c.cnadmin.system.service.RoleService;
/**
* 权限业务实现类
*
* @author Charles7c
* @since 2023/3/2 20:40
*/
@Service
@RequiredArgsConstructor
public class PermissionServiceImpl implements PermissionService {
private final MenuService menuService;
private final RoleService roleService;
@Override
public Set<String> listPermissionsByUserId(Long userId) {
Set<String> roleCodeSet = this.listRoleCodesByUserId(userId);
// 超级管理员赋予全部权限
if (roleCodeSet.contains(Constants.SUPER_ADMIN)) {
return CollUtil.newHashSet(Constants.ALL_PERMISSION);
}
return menuService.listPermissionsByUserId(userId);
}
@Override
public Set<String> listRoleCodesByUserId(Long userId) {
return roleService.listRoleCodesByUserId(userId);
}
}

16
continew-admin-system/src/main/java/top/charles7c/cnadmin/system/mapper/MenuMapper.java
View File

@@ -16,6 +16,10 @@
package top.charles7c.cnadmin.system.mapper;
import java.util.Set;
import org.apache.ibatis.annotations.Param;
import top.charles7c.cnadmin.common.base.BaseMapper;
import top.charles7c.cnadmin.system.model.entity.MenuDO;
@@ -25,4 +29,14 @@ import top.charles7c.cnadmin.system.model.entity.MenuDO;
* @author Charles7c
* @since 2023/2/15 20:30
*/
public interface MenuMapper extends BaseMapper<MenuDO> {}
public interface MenuMapper extends BaseMapper<MenuDO> {
/**
* 根据 ID 查询权限码
*
* @param userId
* 用户 ID
* @return 权限码集合
*/
Set<String> selectPermissionsByUserId(@Param("userId") Long userId);
}

12
continew-admin-system/src/main/java/top/charles7c/cnadmin/system/mapper/RoleMenuMapper.java
View File

@@ -18,9 +18,6 @@ package top.charles7c.cnadmin.system.mapper;
import java.util.List;
import org.apache.ibatis.annotations.Param;
import org.apache.ibatis.annotations.Select;
import top.charles7c.cnadmin.common.base.BaseMapper;
import top.charles7c.cnadmin.system.model.entity.RoleMenuDO;
@@ -33,12 +30,11 @@ import top.charles7c.cnadmin.system.model.entity.RoleMenuDO;
public interface RoleMenuMapper extends BaseMapper<RoleMenuDO> {
/**
* 根据角色 ID 查询
* 根据角色 ID 列表查询
*
* @param roleId
* 角色 ID
* @param roleIds
* 角色 ID 列表
* @return 菜单 ID 列表
*/
@Select("SELECT `menu_id` FROM `sys_role_menu` WHERE `role_id` = #{roleId}")
List<Long> selectMenuIdsByRoleId(@Param("roleId") Long roleId);
List<Long> selectMenuIdsByRoleIds(List<Long> roleIds);
}

18
continew-admin-system/src/main/java/top/charles7c/cnadmin/system/mapper/UserRoleMapper.java
View File

@@ -16,6 +16,11 @@
package top.charles7c.cnadmin.system.mapper;
import java.util.List;
import org.apache.ibatis.annotations.Param;
import org.apache.ibatis.annotations.Select;
import top.charles7c.cnadmin.common.base.BaseMapper;
import top.charles7c.cnadmin.system.model.entity.UserRoleDO;
@@ -25,4 +30,15 @@ import top.charles7c.cnadmin.system.model.entity.UserRoleDO;
* @author Charles7c
* @since 2023/2/13 23:13
*/
public interface UserRoleMapper extends BaseMapper<UserRoleDO> {}
public interface UserRoleMapper extends BaseMapper<UserRoleDO> {
/**
* 根据用户 ID 查询
*
* @param userId
* 用户 ID
* @return 角色 ID 列表
*/
@Select("SELECT `role_id` FROM `sys_user_role` WHERE `user_id` = #{userId}")
List<Long> selectRoleIdsByUserId(@Param("userId") Long userId);
}

2
continew-admin-system/src/main/java/top/charles7c/cnadmin/system/model/request/UserRequest.java
View File

@@ -104,13 +104,11 @@ public class UserRequest extends BaseRequest {
* 部门 ID
*/
@Schema(description = "所属部门")
@NotNull(message = "所属部门不能为空")
private Long deptId;
/**
* 角色 ID 列表
*/
@Schema(description = "所属角色")
@NotEmpty(message = "所属角色不能为空")
private List<Long> roleIds;
}

2
continew-admin-system/src/main/java/top/charles7c/cnadmin/system/model/vo/RoleVO.java
View File

@@ -90,7 +90,7 @@ public class RoleVO extends BaseVO {
private Boolean disabled;
public Boolean getDisabled() {
if (Constants.ADMIN_ROLE_CODE.equals(roleCode)) {
if (Constants.SUPER_ADMIN.equals(roleCode)) {
return true;
}
return disabled;

14
continew-admin-system/src/main/java/top/charles7c/cnadmin/system/service/MenuService.java
View File

@@ -16,6 +16,8 @@
package top.charles7c.cnadmin.system.service;
import java.util.Set;
import top.charles7c.cnadmin.common.base.BaseService;
import top.charles7c.cnadmin.system.model.query.MenuQuery;
import top.charles7c.cnadmin.system.model.request.MenuRequest;
@@ -27,4 +29,14 @@ import top.charles7c.cnadmin.system.model.vo.MenuVO;
* @author Charles7c
* @since 2023/2/15 20:30
*/
public interface MenuService extends BaseService<MenuVO, MenuVO, MenuQuery, MenuRequest> {}
public interface MenuService extends BaseService<MenuVO, MenuVO, MenuQuery, MenuRequest> {
/**
* 根据用户 ID 查询
*
* @param userId
* 用户 ID
* @return 权限码集合
*/
Set<String> listPermissionsByUserId(Long userId);
}

6
continew-admin-system/src/main/java/top/charles7c/cnadmin/system/service/RoleMenuService.java
View File

@@ -39,9 +39,9 @@ public interface RoleMenuService {
/**
* 根据角色 ID 查询
*
* @param roleId
* 角色 ID
* @param roleIds
* 角色 ID 列表
* @return 菜单 ID 列表
*/
List<Long> listMenuIdByRoleId(Long roleId);
List<Long> listMenuIdByRoleIds(List<Long> roleIds);
}

10
continew-admin-system/src/main/java/top/charles7c/cnadmin/system/service/RoleService.java
View File

@@ -17,6 +17,7 @@
package top.charles7c.cnadmin.system.service;
import java.util.List;
import java.util.Set;
import top.charles7c.cnadmin.common.base.BaseService;
import top.charles7c.cnadmin.common.model.vo.LabelValueVO;
@@ -50,4 +51,13 @@ public interface RoleService extends BaseService<RoleVO, RoleDetailVO, RoleQuery
* @return 角色名称列表
*/
List<String> listRoleNamesByRoleIds(List<Long> roleIds);
/**
* 根据用户 ID 查询角色编码
*
* @param userId
* 用户 ID
* @return 角色编码集合
*/
Set<String> listRoleCodesByUserId(Long userId);
}

7
continew-admin-system/src/main/java/top/charles7c/cnadmin/system/service/impl/MenuServiceImpl.java
View File

@@ -16,7 +16,7 @@
package top.charles7c.cnadmin.system.service.impl;
import java.util.List;
import java.util.*;
import lombok.RequiredArgsConstructor;
@@ -89,4 +89,9 @@ public class MenuServiceImpl extends BaseServiceImpl<MenuMapper, MenuDO, MenuVO,
return super.lambdaQuery().eq(MenuDO::getMenuName, name).eq(MenuDO::getParentId, parentId)
.ne(id != null, MenuDO::getMenuId, id).exists();
}
@Override
public Set<String> listPermissionsByUserId(Long userId) {
return baseMapper.selectPermissionsByUserId(userId);
}
}

8
continew-admin-system/src/main/java/top/charles7c/cnadmin/system/service/impl/RoleMenuServiceImpl.java
View File

@@ -16,6 +16,7 @@
package top.charles7c.cnadmin.system.service.impl;
import java.util.Collections;
import java.util.List;
import java.util.stream.Collectors;
@@ -57,7 +58,10 @@ public class RoleMenuServiceImpl implements RoleMenuService {
}
@Override
public List<Long> listMenuIdByRoleId(Long roleId) {
return roleMenuMapper.selectMenuIdsByRoleId(roleId);
public List<Long> listMenuIdByRoleIds(List<Long> roleIds) {
if (CollUtil.isEmpty(roleIds)) {
return Collections.emptyList();
}
return roleMenuMapper.selectMenuIdsByRoleIds(roleIds);
}
}

42
continew-admin-system/src/main/java/top/charles7c/cnadmin/system/service/impl/RoleServiceImpl.java
View File

@@ -18,6 +18,7 @@ package top.charles7c.cnadmin.system.service.impl;
import java.util.Collections;
import java.util.List;
import java.util.Set;
import java.util.stream.Collectors;
import lombok.RequiredArgsConstructor;
@@ -61,8 +62,11 @@ public class RoleServiceImpl extends BaseServiceImpl<RoleMapper, RoleDO, RoleVO,
@Transactional(rollbackFor = Exception.class)
public Long add(RoleRequest request) {
String roleName = request.getRoleName();
boolean isExists = this.checkNameExists(roleName, request.getRoleId());
CheckUtils.throwIf(() -> isExists, String.format("新增失败,'%s'已存在", roleName));
CheckUtils.throwIf(() -> this.checkNameExists(roleName, request.getRoleId()),
String.format("新增失败,'%s'已存在", roleName));
String roleCode = request.getRoleCode();
CheckUtils.throwIf(() -> this.checkCodeExists(roleCode, request.getRoleId()),
String.format("新增失败,'%s'已存在", roleCode));
// 新增角色
request.setStatus(DisEnableStatusEnum.ENABLE);
@@ -78,8 +82,11 @@ public class RoleServiceImpl extends BaseServiceImpl<RoleMapper, RoleDO, RoleVO,
@Transactional(rollbackFor = Exception.class)
public void update(RoleRequest request) {
String roleName = request.getRoleName();
boolean isExists = this.checkNameExists(roleName, request.getRoleId());
CheckUtils.throwIf(() -> isExists, String.format("修改失败,'%s'已存在", roleName));
CheckUtils.throwIf(() -> this.checkNameExists(roleName, request.getRoleId()),
String.format("修改失败,'%s'已存在", roleName));
String roleCode = request.getRoleCode();
CheckUtils.throwIf(() -> this.checkCodeExists(roleCode, request.getRoleId()),
String.format("修改失败,'%s'已存在", roleCode));
// 更新角色
super.update(request);
@@ -110,18 +117,31 @@ public class RoleServiceImpl extends BaseServiceImpl<RoleMapper, RoleDO, RoleVO,
return super.lambdaQuery().eq(RoleDO::getRoleName, name).ne(id != null, RoleDO::getRoleId, id).exists();
}
/**
* 检查编码是否存在
*
* @param code
* 编码
* @param id
* ID
* @return 是否存在
*/
private boolean checkCodeExists(String code, Long id) {
return super.lambdaQuery().eq(RoleDO::getRoleCode, code).ne(id != null, RoleDO::getRoleId, id).exists();
}
@Override
public void fillDetail(Object detailObj) {
super.fillDetail(detailObj);
if (detailObj instanceof RoleDetailVO) {
RoleDetailVO detailVO = (RoleDetailVO)detailObj;
Long roleId = detailVO.getRoleId();
if (Constants.ADMIN_ROLE_CODE.equals(detailVO.getRoleCode())) {
if (Constants.SUPER_ADMIN.equals(detailVO.getRoleCode())) {
List<MenuVO> list = menuService.list(null, null);
List<Long> menuIds = list.stream().map(MenuVO::getMenuId).collect(Collectors.toList());
detailVO.setMenuIds(menuIds);
} else {
detailVO.setMenuIds(roleMenuService.listMenuIdByRoleId(roleId));
detailVO.setMenuIds(roleMenuService.listMenuIdByRoleIds(Collections.singletonList(roleId)));
}
detailVO.setDeptIds(roleDeptService.listDeptIdByRoleId(roleId));
}
@@ -143,4 +163,14 @@ public class RoleServiceImpl extends BaseServiceImpl<RoleMapper, RoleDO, RoleVO,
}
return roleList.stream().map(RoleDO::getRoleName).collect(Collectors.toList());
}
@Override
public Set<String> listRoleCodesByUserId(Long userId) {
List<Long> roleIds = userRoleService.listRoleIdsByUserId(userId);
List<RoleDO> roleList = super.lambdaQuery().select(RoleDO::getRoleCode).in(RoleDO::getRoleId, roleIds).list();
if (CollUtil.isEmpty(roleList)) {
return Collections.emptySet();
}
return roleList.stream().map(RoleDO::getRoleCode).collect(Collectors.toSet());
}
}

8
continew-admin-system/src/main/java/top/charles7c/cnadmin/system/service/impl/UserRoleServiceImpl.java
View File

@@ -16,7 +16,6 @@
package top.charles7c.cnadmin.system.service.impl;
import java.util.Collections;
import java.util.List;
import java.util.stream.Collectors;
@@ -64,11 +63,6 @@ public class UserRoleServiceImpl implements UserRoleService {
@Override
public List<Long> listRoleIdsByUserId(Long userId) {
List<UserRoleDO> userRoleList = userRoleMapper.selectList(
Wrappers.<UserRoleDO>lambdaQuery().select(UserRoleDO::getRoleId).eq(UserRoleDO::getUserId, userId));
if (CollUtil.isEmpty(userRoleList)) {
return Collections.emptyList();
}
return userRoleList.stream().map(UserRoleDO::getRoleId).collect(Collectors.toList());
return userRoleMapper.selectRoleIdsByUserId(userId);
}
}

12
continew-admin-system/src/main/resources/mapper/MenuMapper.xml
View File

@@ -1,4 +1,16 @@
<?xml version="1.0" encoding="UTF-8" ?>
<!DOCTYPE mapper PUBLIC "-//mybatis.org//DTD Mapper 3.0//EN" "http://mybatis.org/dtd/mybatis-3-mapper.dtd" >
<mapper namespace="top.charles7c.cnadmin.system.mapper.MenuMapper">
<select id="selectPermissionsByUserId" resultType="java.lang.String">
SELECT DISTINCT m.`permission`
FROM `sys_menu` m
LEFT JOIN `sys_role_menu` rm ON rm.`menu_id` = m.`menu_id`
LEFT JOIN `sys_role` r ON r.`role_id` = rm.`role_id`
LEFT JOIN `sys_user_role` ur ON ur.`role_id` = rm.`role_id`
LEFT JOIN `sys_user` u ON u.`user_id` = ur.`user_id`
WHERE u.`user_id` = #{userId}
AND m.`menu_type` IN (2, 3)
AND m.`status` = 1
AND r.`status` = 1
</select>
</mapper>

15
continew-admin-system/src/main/resources/mapper/RoleMenuMapper.xml Normal file
View File

@@ -0,0 +1,15 @@
<?xml version="1.0" encoding="UTF-8" ?>
<!DOCTYPE mapper PUBLIC "-//mybatis.org//DTD Mapper 3.0//EN" "http://mybatis.org/dtd/mybatis-3-mapper.dtd" >
<mapper namespace="top.charles7c.cnadmin.system.mapper.RoleMenuMapper">
<select id="selectMenuIdsByRoleIds" resultType="java.lang.Long">
SELECT
`menu_id`
FROM `sys_role_menu`
<where>
`role_id` IN
<foreach collection="list" item="roleId" open="(" close=")" separator=",">
#{roleId}
</foreach>
</where>
</select>
</mapper>

1
continew-admin-ui/src/components/message-box/locale/en-US.ts
View File

@@ -6,7 +6,6 @@ export default {
'messageBox.allRead': 'All Read',
'messageBox.viewMore': 'View More',
'messageBox.noContent': 'No Content',
'messageBox.switchRoles': 'Switch Roles',
'messageBox.userCenter': 'User Center',
'messageBox.logout': 'Logout',
};

1
continew-admin-ui/src/components/message-box/locale/zh-CN.ts
View File

@@ -6,7 +6,6 @@ export default {
'messageBox.allRead': '全部已读',
'messageBox.viewMore': '查看更多',
'messageBox.noContent': '暂无内容',
'messageBox.switchRoles': '切换角色',
'messageBox.userCenter': '个人中心',
'messageBox.logout': '退出登录',
};

13
continew-admin-ui/src/components/navbar/index.vue
View File

@@ -150,14 +150,6 @@
<img alt="avatar" :src="getAvatar(loginStore.avatar, loginStore.gender)" />
</a-avatar>
<template #content>
<a-doption>
<a-space @click="switchRoles">
<icon-tag />
<span>
{{ $t('messageBox.switchRoles') }}
</span>
</a-space>
</a-doption>
<a-doption>
<a-space @click="$router.push({ name: 'UserCenter' })">
<icon-settings />
@@ -183,7 +175,6 @@
<script lang="ts" setup>
import { computed, ref, inject } from 'vue';
import { Message } from '@arco-design/web-vue';
import { useDark, useToggle, useFullscreen } from '@vueuse/core';
import { useAppStore, useLoginStore } from '@/store';
import { LOCALE_OPTIONS } from '@/locale';
@@ -242,10 +233,6 @@
});
triggerBtn.value.dispatchEvent(event);
};
const switchRoles = async () => {
const res = await loginStore.switchRoles();
Message.success(res as string);
};
const toggleDrawerMenu = inject('toggleDrawerMenu') as () => void;
</script>

27
continew-admin-ui/src/directive/permission/index.ts
View File

@@ -4,19 +4,30 @@ import { useLoginStore } from '@/store';
function checkPermission(el: HTMLElement, binding: DirectiveBinding) {
const { value } = binding;
const loginStore = useLoginStore();
const { role } = loginStore;
const { permissions, roles } = loginStore;
const superAdmin = 'admin';
const allPermission = '*';
if (Array.isArray(value)) {
if (value.length > 0) {
if (Array.isArray(value) && value.length > 0) {
const permissionValues = value;
const hasPermission = permissionValues.includes(role);
if (!hasPermission && el.parentNode) {
// 校验权限码
const hasPermission = permissions.some((permission: string) => {
return (
allPermission === permission || permissionValues.includes(permission)
);
});
// 检验角色编码
const hasRole = roles.some((role: string) => {
return superAdmin === role || permissionValues.includes(role);
});
// 如果没有权限,移除元素
if (!hasPermission && !hasRole && el.parentNode) {
el.parentNode.removeChild(el);
}
}
} else {
throw new Error(`need roles! Like v-permission="['admin','user']"`);
throw new Error(
`need roles! Like v-permission="['admin','system:user:add']"`
);
}
}

2
continew-admin-ui/src/hooks/permission.ts
View File

@@ -9,7 +9,7 @@ export default function usePermission() {
!route.meta?.requiresAuth ||
!route.meta?.roles ||
route.meta?.roles?.includes('*') ||
route.meta?.roles?.includes(loginStore.role)
route.meta?.roles?.includes(loginStore.roles[0])
);
},
findFirstPermissionRoute(_routers: any, role = 'admin') {

2
continew-admin-ui/src/layout/default-layout.vue
View File

@@ -88,7 +88,7 @@
appStore.updateSettings({ menuCollapse: val });
};
watch(
() => loginStore.role,
() => loginStore.roles,
(roleValue) => {
if (roleValue && !permission.accessRouter(route))
router.push({ name: 'notFound' });

2
continew-admin-ui/src/router/guard/permission.ts
View File

@@ -45,7 +45,7 @@ export default function setupPermissionGuard(router: Router) {
if (permissionsAllow) next();
else {
const destination =
Permission.findFirstPermissionRoute(appRoutes, loginStore.role) ||
Permission.findFirstPermissionRoute(appRoutes, loginStore.roles[0]) ||
NOT_FOUND;
next(destination);
}

2
continew-admin-ui/src/router/guard/userLoginInfo.ts
View File

@@ -9,7 +9,7 @@ export default function setupUserLoginInfoGuard(router: Router) {
NProgress.start();
const loginStore = useLoginStore();
if (isLogin()) {
if (loginStore.role) {
if (loginStore.roles[0]) {
next();
} else {
try {

2
continew-admin-ui/src/router/routes/modules/arco-design/exception.ts
View File

@@ -19,7 +19,7 @@ const EXCEPTION: AppRouteRecordRaw = {
meta: {
locale: 'menu.exception.403',
requiresAuth: true,
roles: ['admin'],
roles: ['*'],
},
},
{

4
continew-admin-ui/src/router/routes/modules/arco-design/form.ts
View File

@@ -19,7 +19,7 @@ const FORM: AppRouteRecordRaw = {
meta: {
locale: 'menu.form.step',
requiresAuth: true,
roles: ['admin'],
roles: ['*'],
},
},
{
@@ -29,7 +29,7 @@ const FORM: AppRouteRecordRaw = {
meta: {
locale: 'menu.form.group',
requiresAuth: true,
roles: ['admin'],
roles: ['*'],
},
},
],

2
continew-admin-ui/src/router/routes/modules/arco-design/profile.ts
View File

@@ -19,7 +19,7 @@ const PROFILE: AppRouteRecordRaw = {
meta: {
locale: 'menu.profile.basic',
requiresAuth: true,
roles: ['admin'],
roles: ['*'],
},
},
],

4
continew-admin-ui/src/router/routes/modules/arco-design/result.ts
View File

@@ -19,7 +19,7 @@ const RESULT: AppRouteRecordRaw = {
meta: {
locale: 'menu.result.success',
requiresAuth: true,
roles: ['admin'],
roles: ['*'],
},
},
{
@@ -29,7 +29,7 @@ const RESULT: AppRouteRecordRaw = {
meta: {
locale: 'menu.result.error',
requiresAuth: true,
roles: ['admin'],
roles: ['*'],
},
},
],

6
continew-admin-ui/src/router/routes/modules/arco-design/visualization.ts
View File

@@ -19,7 +19,7 @@ const VISUALIZATION: AppRouteRecordRaw = {
meta: {
locale: 'menu.visualization.dataAnalysis',
requiresAuth: true,
roles: ['admin'],
roles: ['*'],
},
},
{
@@ -30,7 +30,7 @@ const VISUALIZATION: AppRouteRecordRaw = {
meta: {
locale: 'menu.visualization.multiDimensionDataAnalysis',
requiresAuth: true,
roles: ['admin'],
roles: ['*'],
},
},
{
@@ -40,7 +40,7 @@ const VISUALIZATION: AppRouteRecordRaw = {
meta: {
locale: 'menu.dashboard.monitor',
requiresAuth: true,
roles: ['admin'],
roles: ['*'],
},
},
],

18
continew-admin-ui/src/store/modules/login/index.ts
View File

@@ -25,14 +25,8 @@ const useLoginStore = defineStore('user', {
registrationDate: undefined,
deptId: 0,
deptName: '',
job: 'backend',
jobName: '后端艺术家',
location: 'beijing',
locationName: '北京',
introduction: '低调星人',
personalWebsite: 'https://blog.charles7c.top',
role: '',
permissions: [],
roles: [],
}),
getters: {
@@ -87,14 +81,6 @@ const useLoginStore = defineStore('user', {
resetInfo() {
this.$reset();
},
// 切换角色
switchRoles() {
return new Promise((resolve) => {
this.role = this.role === 'user' ? 'admin' : 'user';
resolve(this.role);
});
},
},
});

11
continew-admin-ui/src/store/modules/login/types.ts
View File

@@ -1,4 +1,3 @@
export type RoleType = '' | '*' | 'admin' | 'user';
export interface UserState {
userId: number;
username: string;
@@ -12,12 +11,6 @@ export interface UserState {
registrationDate?: string;
deptId?: number;
deptName?: string;
job?: string;
jobName?: string;
location?: string;
locationName?: string;
introduction?: string;
personalWebsite?: string;
role: RoleType;
permissions: Array<string>;
roles: Array<string>;
}

32
continew-admin-ui/src/utils/permission.ts Normal file
View File

@@ -0,0 +1,32 @@
import { useLoginStore } from '@/store';
/**
* 权限判断
*
* @param value 权限码列表
* @return true 有权限false 没有权限
*/
export default function checkPermission(value: Array<string>) {
const loginStore = useLoginStore();
const { permissions, roles } = loginStore;
const superAdmin = 'admin';
const allPermission = '*';
if (Array.isArray(value) && value.length > 0) {
const permissionValues = value;
// 校验权限码
const hasPermission = permissions.some((permission: string) => {
return (
allPermission === permission || permissionValues.includes(permission)
);
});
// 检验角色编码
const hasRole = roles.some((role: string) => {
return superAdmin === role || permissionValues.includes(role);
});
return hasPermission || hasRole;
}
throw new Error(
`need roles! Like v-permission="['admin','system:user:add']"`
);
}

4
continew-admin-ui/src/views/monitor/log/system/index.vue
View File

@@ -74,10 +74,10 @@
<a-table-column title="创建时间" data-index="createTime" />
<a-table-column title="操作" align="center">
<template #cell="{ record }">
<a-button v-permission="['admin']" type="text" size="small" title="查看详情" @click="toDetail(record.logId)">
<a-button type="text" size="small" title="查看详情" @click="toDetail(record.logId)">
<template #icon><icon-eye /></template>详情
</a-button>
<a-button v-if="record.exceptionDetail" v-permission="['admin']" type="text" size="small" title="查看异常详情" @click="toExceptionDetail(record)">
<a-button v-if="record.exceptionDetail" type="text" size="small" title="查看异常详情" @click="toExceptionDetail(record)">
<template #icon><icon-bug /></template>异常
</a-button>
</template>

2
continew-admin-ui/src/views/monitor/online/index.vue
View File

@@ -70,7 +70,7 @@
<template #cell="{ record }">
<a-popconfirm content="确定要强退该用户吗?" type="warning" @ok="handleKickout(record.token)">
<a-button
v-permission="['admin']"
v-permission="['monitor:online:user:delete']"
type="text"
size="small"
:disabled="currentToken === record.token"

15
continew-admin-ui/src/views/system/dept/index.vue
View File

@@ -42,10 +42,15 @@
<a-row>
<a-col :span="12">
<a-space>
<a-button type="primary" @click="toAdd">
<a-button
v-permission="['system:dept:add']"
type="primary"
@click="toAdd"
>
<template #icon><icon-plus /></template>新增
</a-button>
<a-button
v-permission="['system:dept:update']"
type="primary"
status="success"
:disabled="single"
@@ -55,6 +60,7 @@
<template #icon><icon-edit /></template>修改
</a-button>
<a-button
v-permission="['system:dept:delete']"
type="primary"
status="danger"
:disabled="multiple"
@@ -64,6 +70,7 @@
<template #icon><icon-delete /></template>删除
</a-button>
<a-button
v-permission="['system:dept:export']"
:loading="exportLoading"
type="primary"
status="warning"
@@ -122,6 +129,7 @@
v-model="record.status"
:checked-value="1"
:unchecked-value="2"
:disabled="!checkPermission(['system:dept:update'])"
@change="handleChangeStatus(record)"
/>
</template>
@@ -132,7 +140,7 @@
<a-table-column title="操作" align="center">
<template #cell="{ record }">
<a-button
v-permission="['admin']"
v-permission="['system:dept:update']"
type="text"
size="small"
title="修改"
@@ -146,7 +154,7 @@
@ok="handleDelete([record.deptId])"
>
<a-button
v-permission="['admin']"
v-permission="['system:dept:delete']"
type="text"
size="small"
title="删除"
@@ -293,6 +301,7 @@
deleteDept,
} from '@/api/system/dept';
import { listDeptTree } from '@/api/common';
import checkPermission from '@/utils/permission';
const { proxy } = getCurrentInstance() as any;
const { DisEnableStatusEnum } = proxy.useDict('DisEnableStatusEnum');

15
continew-admin-ui/src/views/system/menu/index.vue
View File

@@ -42,10 +42,15 @@
<a-row>
<a-col :span="12">
<a-space>
<a-button type="primary" @click="toAdd">
<a-button
v-permission="['system:menu:add']"
type="primary"
@click="toAdd"
>
<template #icon><icon-plus /></template>新增
</a-button>
<a-button
v-permission="['system:menu:update']"
type="primary"
status="success"
:disabled="single"
@@ -55,6 +60,7 @@
<template #icon><icon-edit /></template>修改
</a-button>
<a-button
v-permission="['system:menu:delete']"
type="primary"
status="danger"
:disabled="multiple"
@@ -64,6 +70,7 @@
<template #icon><icon-delete /></template>删除
</a-button>
<a-button
v-permission="['system:menu:export']"
:loading="exportLoading"
type="primary"
status="warning"
@@ -122,6 +129,7 @@
v-model="record.status"
:checked-value="1"
:unchecked-value="2"
:disabled="!checkPermission(['system:menu:update'])"
@change="handleChangeStatus(record)"
/>
</template>
@@ -148,7 +156,7 @@
<a-table-column title="操作" align="center">
<template #cell="{ record }">
<a-button
v-permission="['admin']"
v-permission="['system:menu:update']"
type="text"
size="small"
title="修改"
@@ -162,7 +170,7 @@
@ok="handleDelete([record.menuId])"
>
<a-button
v-permission="['admin']"
v-permission="['system:menu:delete']"
type="text"
size="small"
title="删除"
@@ -346,6 +354,7 @@
deleteMenu,
} from '@/api/system/menu';
import { listMenuTree } from '@/api/common';
import checkPermission from '@/utils/permission';
const { proxy } = getCurrentInstance() as any;
const { DisEnableStatusEnum } = proxy.useDict('DisEnableStatusEnum');

32
continew-admin-ui/src/views/system/role/index.vue
View File

@@ -42,10 +42,15 @@
<a-row>
<a-col :span="12">
<a-space>
<a-button type="primary" @click="toAdd">
<a-button
v-permission="['system:role:add']"
type="primary"
@click="toAdd"
>
<template #icon><icon-plus /></template>新增
</a-button>
<a-button
v-permission="['system:role:update']"
type="primary"
status="success"
:disabled="single"
@@ -55,6 +60,7 @@
<template #icon><icon-edit /></template>修改
</a-button>
<a-button
v-permission="['system:role:delete']"
type="primary"
status="danger"
:disabled="multiple"
@@ -64,6 +70,7 @@
<template #icon><icon-delete /></template>删除
</a-button>
<a-button
v-permission="['system:role:export']"
:loading="exportLoading"
type="primary"
status="warning"
@@ -137,7 +144,7 @@
v-model="record.status"
:checked-value="1"
:unchecked-value="2"
:disabled="record.disabled"
:disabled="record.disabled || !checkPermission(['system:role:update'])"
@change="handleChangeStatus(record)"
/>
</template>
@@ -148,7 +155,7 @@
<a-table-column title="操作" align="center">
<template #cell="{ record }">
<a-button
v-permission="['admin']"
v-permission="['system:role:update']"
type="text"
size="small"
title="修改"
@@ -163,7 +170,7 @@
@ok="handleDelete([record.roleId])"
>
<a-button
v-permission="['admin']"
v-permission="['system:role:delete']"
type="text"
size="small"
title="删除"
@@ -389,9 +396,13 @@
deleteRole,
} from '@/api/system/role';
import { listMenuTree, listDeptTree } from '@/api/common';
import checkPermission from '@/utils/permission';
const { proxy } = getCurrentInstance() as any;
const { DataScopeEnum, DisEnableStatusEnum } = proxy.useDict('DataScopeEnum', 'DisEnableStatusEnum');
const { DataScopeEnum, DisEnableStatusEnum } = proxy.useDict(
'DataScopeEnum',
'DisEnableStatusEnum'
);
const roleList = ref<RoleRecord[]>([]);
const role = ref<RoleRecord>({
@@ -572,7 +583,9 @@
// 获取半选中的菜单
const halfCheckedNodes = proxy.$refs.menuRef.getHalfCheckedNodes();
const halfCheckedKeys = halfCheckedNodes.map((item: TreeNodeData) => item.key);
const halfCheckedKeys = halfCheckedNodes.map(
(item: TreeNodeData) => item.key
);
// eslint-disable-next-line prefer-spread
checkedKeys.unshift.apply(checkedKeys, halfCheckedKeys);
return checkedKeys;
@@ -582,13 +595,18 @@
* 获取所有选中的部门
*/
const getDeptAllCheckedKeys = () => {
if (!proxy.$refs.deptRef) {
return [];
}
// 获取目前被选中的部门
const checkedNodes = proxy.$refs.deptRef.getCheckedNodes();
const checkedKeys = checkedNodes.map((item: TreeNodeData) => item.key);
// 获取半选中的部门
const halfCheckedNodes = proxy.$refs.deptRef.getHalfCheckedNodes();
const halfCheckedKeys = halfCheckedNodes.map((item: TreeNodeData) => item.key);
const halfCheckedKeys = halfCheckedNodes.map(
(item: TreeNodeData) => item.key
);
// eslint-disable-next-line prefer-spread
checkedKeys.unshift.apply(checkedKeys, halfCheckedKeys);
return checkedKeys;

20
continew-admin-ui/src/views/system/user/index.vue
View File

@@ -62,10 +62,15 @@
<a-row>
<a-col :span="12">
<a-space>
<a-button type="primary" @click="toAdd">
<a-button
v-permission="['system:user:add']"
type="primary"
@click="toAdd"
>
<template #icon><icon-plus /></template>新增
</a-button>
<a-button
v-permission="['system:user:update']"
type="primary"
status="success"
:disabled="single"
@@ -75,6 +80,7 @@
<template #icon><icon-edit /></template>修改
</a-button>
<a-button
v-permission="['system:user:delete']"
type="primary"
status="danger"
:disabled="multiple"
@@ -84,6 +90,7 @@
<template #icon><icon-delete /></template>删除
</a-button>
<a-button
v-permission="['system:user:export']"
:loading="exportLoading"
type="primary"
status="warning"
@@ -166,7 +173,7 @@
v-model="record.status"
:checked-value="1"
:unchecked-value="2"
:disabled="record.disabled"
:disabled="record.disabled || !checkPermission(['system:user:update'])"
@change="handleChangeStatus(record)"
/>
</template>
@@ -186,7 +193,7 @@
>
<template #cell="{ record }">
<a-button
v-permission="['admin']"
v-permission="['system:user:update']"
type="text"
size="small"
title="修改"
@@ -200,7 +207,7 @@
@ok="handleDelete([record.userId])"
>
<a-button
v-permission="['admin']"
v-permission="['system:user:delete']"
type="text"
size="small"
title="删除"
@@ -215,7 +222,7 @@
@ok="handleResetPassword(record.userId)"
>
<a-button
v-permission="['admin']"
v-permission="['system:user:password:reset']"
type="text"
size="small"
title="重置密码"
@@ -224,7 +231,7 @@
</a-button>
</a-popconfirm>
<a-button
v-permission="['admin']"
v-permission="['system:user:role:update']"
type="text"
size="small"
title="分配角色"
@@ -475,6 +482,7 @@
import { listDeptTree, listRoleDict } from '@/api/common';
import { LabelValueState } from '@/store/modules/dict/types';
import getAvatar from '@/utils/avatar';
import checkPermission from '@/utils/permission';
const { proxy } = getCurrentInstance() as any;
const { DisEnableStatusEnum } = proxy.useDict('DisEnableStatusEnum');

3
continew-admin-webapi/src/main/java/top/charles7c/cnadmin/webapi/controller/monitor/OnlineUserController.java
View File

@@ -29,6 +29,7 @@ import io.swagger.v3.oas.annotations.tags.Tag;
import org.springframework.validation.annotation.Validated;
import org.springframework.web.bind.annotation.*;
import cn.dev33.satoken.annotation.SaCheckPermission;
import cn.dev33.satoken.dao.SaTokenDao;
import cn.dev33.satoken.session.SaSession;
import cn.dev33.satoken.stp.StpUtil;
@@ -59,6 +60,7 @@ import top.charles7c.cnadmin.monitor.model.vo.*;
public class OnlineUserController {
@Operation(summary = "分页查询列表")
@SaCheckPermission("monitor:online:user:list")
@GetMapping
public R<PageDataVO<OnlineUserVO>> page(@Validated OnlineUserQuery query, @Validated PageQuery pageQuery) {
List<LoginUser> loginUserList = new ArrayList<>();
@@ -113,6 +115,7 @@ public class OnlineUserController {
}
@Operation(summary = "强退在线用户")
@SaCheckPermission("monitor:online:user:delete")
@DeleteMapping("/{token}")
public R kickout(@PathVariable String token) {
String currentToken = StpUtil.getTokenValue();

5
continew-admin-webapi/src/main/java/top/charles7c/cnadmin/webapi/controller/system/UserController.java
View File

@@ -25,6 +25,8 @@ import org.springframework.web.bind.annotation.PathVariable;
import org.springframework.web.bind.annotation.RequestBody;
import org.springframework.web.bind.annotation.RestController;
import cn.dev33.satoken.annotation.SaCheckPermission;
import top.charles7c.cnadmin.common.annotation.CrudRequestMapping;
import top.charles7c.cnadmin.common.base.BaseController;
import top.charles7c.cnadmin.common.base.BaseRequest;
@@ -50,12 +52,14 @@ import top.charles7c.cnadmin.system.service.UserService;
public class UserController extends BaseController<UserService, UserVO, UserDetailVO, UserQuery, UserRequest> {
@Override
@SaCheckPermission("system:user:add")
protected R<Long> add(@Validated(BaseRequest.Add.class) @RequestBody UserRequest request) {
Long id = baseService.add(request);
return R.ok(String.format("新增成功,请牢记默认密码:%s", Constants.DEFAULT_PASSWORD), id);
}
@Operation(summary = "重置密码", description = "重置用户登录密码为默认密码")
@SaCheckPermission("system:user:password:reset")
@PatchMapping("/{userId}/password")
public R resetPassword(@PathVariable Long userId) {
baseService.resetPassword(userId);
@@ -63,6 +67,7 @@ public class UserController extends BaseController<UserService, UserVO, UserDeta
}
@Operation(summary = "分配角色", description = "为用户新增或移除角色")
@SaCheckPermission("system:user:role:update")
@PatchMapping("/{userId}/role")
public R updateUserRole(@PathVariable Long userId, @Validated @RequestBody UpdateUserRoleRequest request) {
baseService.updateUserRole(request, userId);

10
continew-admin-webapi/src/main/resources/db/changelog/v0.0.1/continew-admin_data.sql
View File

@@ -59,16 +59,6 @@ INSERT IGNORE INTO `sys_role_menu` VALUES (2, 1011);
INSERT IGNORE INTO `sys_role_menu` VALUES (2, 1012);
INSERT IGNORE INTO `sys_role_menu` VALUES (2, 1013);
INSERT IGNORE INTO `sys_role_menu` VALUES (2, 1014);
INSERT IGNORE INTO `sys_role_menu` VALUES (2, 1030);
INSERT IGNORE INTO `sys_role_menu` VALUES (2, 1031);
INSERT IGNORE INTO `sys_role_menu` VALUES (2, 1032);
INSERT IGNORE INTO `sys_role_menu` VALUES (2, 1033);
INSERT IGNORE INTO `sys_role_menu` VALUES (2, 1034);
INSERT IGNORE INTO `sys_role_menu` VALUES (2, 1050);
INSERT IGNORE INTO `sys_role_menu` VALUES (2, 1051);
INSERT IGNORE INTO `sys_role_menu` VALUES (2, 1052);
INSERT IGNORE INTO `sys_role_menu` VALUES (2, 1053);
INSERT IGNORE INTO `sys_role_menu` VALUES (2, 1054);
-- 初始化默认角色和部门关联数据
INSERT IGNORE INTO `sys_role_dept` VALUES (2, 5);