Skip to content

O
online-edu-backend
Commit 1ed893a2 authored by liuyang's avatar liuyang
Browse files
Options

updated

parent 7bbe84e0
Show whitespace changes
Inline Side-by-side
Showing with 76 additions and 18 deletions
src/main/java/com/qkdata/biz/common/BizConstants.java 0 → 100644
View file @ 1ed893a2
package com.qkdata.biz.common;
public class BizConstants {
/**
* 系统管理员
*/
public static final String ROLE_ADMIN = "ADMIN";
/**
* 运营人员
*/
public static final String ROLE_OPERATOR = "OPERATOR";
/**
* 企业管理员
*/
public static final String ROLE_ENTERPRISE_ADMIN = "ENTERPRISE_ADMIN";
/**
* 培训机构管理员
*/
public static final String ROLE_INSTITUTION_ADMIN = "INSTITUTION_ADMIN";
/**
* 普通用户
*/
public static final String ROLE_USER = "USER";
}
src/main/java/com/qkdata/biz/sys/controller/SysUserController.java
View file @ 1ed893a2
package com.qkdata.biz.sys.controller;
import com.qkdata.biz.common.BizConstants;
import com.qkdata.biz.sys.entity.SysUserPO;
import com.qkdata.biz.sys.service.SysUserService;
import com.qkdata.biz.sys.vo.PasswordModel;
......@@ -17,6 +18,7 @@ import io.swagger.annotations.Api;
import io.swagger.annotations.ApiOperation;
import org.apache.commons.lang3.ArrayUtils;
import org.apache.shiro.authz.annotation.RequiresPermissions;
import org.apache.shiro.authz.annotation.RequiresRoles;
import org.springframework.beans.BeanUtils;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.validation.annotation.Validated;
......@@ -34,7 +36,7 @@ public class SysUserController {
@ApiOperation("查询用户列表")
@PostMapping("/list")
@RequiresPermissions("sys:user:list")
@RequiresRoles(value = {"ADMIN"})
public PageResult<SysUserModel> list(@RequestBody QueryUserModel queryUserModel){
return sysUserService.queryPageList(queryUserModel);
}
......@@ -50,7 +52,7 @@ public class SysUserController {
}
@ApiOperation("获取某个用户信息")
@GetMapping("/info/{id}")
@RequiresPermissions("sys:user:info")
@RequiresRoles(value = {"ADMIN"})
public Result<SysUserModel> infoById(@PathVariable Long id){
SysUserPO sysUserPO = sysUserService.getById(id);
SysUserModel dto = new SysUserModel();
......@@ -61,7 +63,7 @@ public class SysUserController {
@ApiOperation("保存用户信息")
@SysLog("保存用户信息")
@PostMapping("/save")
@RequiresPermissions("sys:user:save")
@RequiresRoles(value = {"ADMIN"})
public Result<String> save(@RequestBody @Validated(AddGroup.class) SysUserModel sysUserModel){
sysUserService.saveUser(sysUserModel);
return Result.succeed("ok");
......@@ -69,7 +71,7 @@ public class SysUserController {
@ApiOperation("修改用户信息")
@SysLog("修改用户信息")
@PostMapping("/update")
@RequiresPermissions("sys:user:update")
@RequiresRoles(value = {BizConstants.ROLE_ADMIN})
public Result<String> update(@RequestBody @Validated(UpdateGroup.class) SysUserModel sysUserModel){
sysUserService.updateUser(sysUserModel);
return Result.succeed("ok");
......@@ -94,7 +96,7 @@ public class SysUserController {
@ApiOperation("删除用户")
@SysLog("删除用户")
@PostMapping("/delete")
@RequiresPermissions("sys:user:delete")
@RequiresRoles(value = {"ADMIN"})
public Result<String> delete(@RequestBody Long[] userIds){
if(ArrayUtils.contains(userIds, 1L)){
throw new BusinessException("系统管理员不能删除");
......
src/main/java/com/qkdata/biz/sys/mapper/SysRoleMapper.java
View file @ 1ed893a2
......@@ -4,6 +4,7 @@ import com.baomidou.mybatisplus.core.mapper.BaseMapper;
import com.baomidou.mybatisplus.extension.plugins.pagination.Page;
import com.qkdata.biz.sys.entity.SysRolePO;
import com.qkdata.biz.sys.vo.QueryRoleModel;
import com.qkdata.biz.sys.vo.SysRoleModel;
import org.apache.ibatis.annotations.Mapper;
import org.apache.ibatis.annotations.Param;
......@@ -12,4 +13,6 @@ import java.util.List;
@Mapper
public interface SysRoleMapper extends BaseMapper<SysRolePO> {
List<SysRolePO> queryPageList(Page<SysRolePO> page, @Param("p") QueryRoleModel queryRoleModel);
List<SysRoleModel> findUserRoles(Long userId);
}
src/main/java/com/qkdata/biz/sys/service/ShiroService.java
View file @ 1ed893a2
package com.qkdata.biz.sys.service;
import cn.hutool.core.date.DateUtil;
import com.fasterxml.jackson.core.JsonProcessingException;
import com.fasterxml.jackson.databind.ObjectMapper;
import com.google.common.collect.Maps;
......@@ -7,6 +8,7 @@ import com.qkdata.biz.enums.AccountStatusEnum;
import com.qkdata.biz.sys.entity.SysMenuPO;
import com.qkdata.biz.sys.entity.SysUserPO;
import com.qkdata.biz.sys.vo.LoginUserInfo;
import com.qkdata.biz.sys.vo.SysRoleModel;
import com.qkdata.common.base.exception.BusinessException;
import com.qkdata.common.jwt.JWTService;
import com.qkdata.common.oauth.AuthorizedUser;
......@@ -17,6 +19,7 @@ import org.springframework.stereotype.Service;
import org.springframework.util.StringUtils;
import java.util.*;
import java.util.stream.Collectors;
@Service
public class ShiroService {
......@@ -28,6 +31,8 @@ public class ShiroService {
private ObjectMapper objectMapper;
@Autowired
private JWTService jwtService;
@Autowired
private SysRoleService sysRoleService;
public Set<String> getUserPermissions(Long userId) {
List<String> permsList;
......@@ -61,10 +66,15 @@ public class ShiroService {
if (userPO.getStatus() == AccountStatusEnum.DISABLE){
throw new BusinessException("帐号已禁用");
}
if (userPO.getStatus() == AccountStatusEnum.UNACTIVATE){
userPO.setActivateTime(DateUtil.date());
sysUserService.updateById(userPO);
}
String token = generatorToken(userPO);
LoginUserInfo loginUser = new LoginUserInfo();
BeanUtils.copyProperties(userPO,loginUser);
loginUser.setAuthorization(token);
loginUser.setRoles(sysRoleService.getUserRoles(userPO.getId()));
return loginUser;
}
......@@ -81,4 +91,9 @@ public class ShiroService {
public SysUserPO getUserByUserName(String username) {
return sysUserService.getByUsername(username);
}
public Set<String> getUserRoles(Long userId) {
List<SysRoleModel> roles = sysRoleService.getUserRoles(userId);
return roles.stream().map(SysRoleModel::getCode).collect(Collectors.toSet());
}
}
src/main/java/com/qkdata/biz/sys/service/SysRoleService.java
View file @ 1ed893a2
......@@ -59,4 +59,8 @@ public class SysRoleService extends BaseServiceImpl<SysRoleMapper, SysRolePO> {
sysRoleMenuService.saveOrUpdateRoleMenu(po.getId(),sysRoleModel.getMenuIdList());
}
public List<SysRoleModel> getUserRoles(Long userId) {
return baseMapper.findUserRoles(userId);
}
}
src/main/java/com/qkdata/biz/sys/vo/LoginUserInfo.java
View file @ 1ed893a2
......@@ -2,11 +2,13 @@ package com.qkdata.biz.sys.vo;
import lombok.Data;
import java.util.List;
@Data
public class LoginUserInfo {
private Long id;
private String username;
private String email;
private String mobile;
private String nickName;
private String authorization;
private List<SysRoleModel> roles;
}
src/main/java/com/qkdata/common/config/Swagger2Config.java
View file @ 1ed893a2
......@@ -26,34 +26,30 @@ public class Swagger2Config {
*/
@Bean
public Docket createRestApi() {
// ParameterBuilder ticketPar = new ParameterBuilder();
// List<Parameter> pars = new ArrayList<>();
// ticketPar.name(HttpHeaders.AUTHORIZATION).description("user token")
// .modelRef(new ModelRef("string")).parameterType("header")
// .required(false).build();
// pars.add(ticketPar.build());
return new Docket(DocumentationType.SWAGGER_2).apiInfo(apiInfo()).select()
.apis(RequestHandlerSelectors.basePackage("com.qkdata"))
.paths(PathSelectors.any()).build()
.securitySchemes(securitySchemes()).securityContexts(securityContexts());
// .globalOperationParameters(pars);
}
private List<ApiKey> securitySchemes() {
List<ApiKey> apiKeys = new ArrayList<>(1);
ApiKey apiKey = new ApiKey("Authorization","Authorization","header");
ApiKey apiKey = new ApiKey("Authorization", "Authorization", "header");
apiKeys.add(apiKey);
return apiKeys;
}
private List<SecurityContext> securityContexts() {
List<SecurityContext> contexts = new ArrayList<>(1);
SecurityContext securityContext = SecurityContext.builder()
.securityReferences(defaultAuth())
//.forPaths(PathSelectors.regex("^(?!auth).*$"))
.build();
contexts.add(securityContext);
return contexts;
}
private List<SecurityReference> defaultAuth() {
AuthorizationScope authorizationScope = new AuthorizationScope("global", "accessEverything");
AuthorizationScope[] authorizationScopes = new AuthorizationScope[1];
......
src/main/java/com/qkdata/common/oauth/OAuthRealm.java
View file @ 1ed893a2
......@@ -19,6 +19,7 @@ import org.apache.shiro.subject.PrincipalCollection;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.stereotype.Component;
import javax.sound.sampled.Line;
import java.io.IOException;
import java.util.HashSet;
import java.util.Set;
......@@ -48,10 +49,15 @@ public class OAuthRealm extends AuthorizingRealm {
SysUserPO user = (SysUserPO) principals.getPrimaryPrincipal();
Long userId = user.getId();
//用户角色
Set<String> roles = shiroService.getUserRoles(userId);
//用户权限列表
Set<String> permsSet = new HashSet<>();
permsSet.add("all");
Set<String> permsSet = shiroService.getUserPermissions(userId);
// Set<String> permsSet = new HashSet<>();
// permsSet.add("all");
SimpleAuthorizationInfo info = new SimpleAuthorizationInfo();
info.setRoles(roles);
info.setStringPermissions(permsSet);
return info;
}
......
src/main/resources/db/migration/V1.0.0__init.sql
View file @ 1ed893a2
......@@ -394,6 +394,7 @@ CREATE TABLE `sys_user_role` (
PRIMARY KEY (`id`)
) ENGINE=InnoDB AUTO_INCREMENT=2 DEFAULT CHARSET=utf8mb4 COMMENT='用户角色关联表';
INSERT INTO `sys_user_role` VALUES (1,1,1);
-- ----------------------------
-- Table structure for teacher
......
src/main/resources/mappers/SysRoleMapper.xml
View file @ 1ed893a2
......@@ -10,4 +10,8 @@
</if>
order by id desc
</select>
<select id="findUserRoles" resultType="com.qkdata.biz.sys.vo.SysRoleModel">
SELECT r.id,r.code,r.name from sys_role r INNER JOIN sys_user_role t on r.id = t.role_id
WHERE t.user_id=#{userId}
</select>
</mapper>
\ No newline at end of file
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment