updated

1ed893a2 · liuyang · 7bbe84e0 · 1ed893a2 · 1ed893a2 · 1ed893a2
Commit 1ed893a2 authored Apr 26, 2021 by liuyang
10 changed files
--- a/src/main/java/com/qkdata/biz/common/BizConstants.java
+++ b/src/main/java/com/qkdata/biz/common/BizConstants.java
+package com.qkdata.biz.common;
+public class BizConstants {
+    /**
+     * 系统管理员
+     */
+    public static final String ROLE_ADMIN = "ADMIN";
+    /**
+     * 运营人员
+     */
+    public static final String ROLE_OPERATOR = "OPERATOR";
+    /**
+     * 企业管理员
+     */
+    public static final String ROLE_ENTERPRISE_ADMIN = "ENTERPRISE_ADMIN";
+    /**
+     * 培训机构管理员
+     */
+    public static final String ROLE_INSTITUTION_ADMIN = "INSTITUTION_ADMIN";
+    /**
+     * 普通用户
+     */
+    public static final String ROLE_USER = "USER";
+}
--- a/src/main/java/com/qkdata/biz/sys/controller/SysUserController.java
+++ b/src/main/java/com/qkdata/biz/sys/controller/SysUserController.java
 package com.qkdata.biz.sys.controller;
+import com.qkdata.biz.common.BizConstants;
 import com.qkdata.biz.sys.entity.SysUserPO;
 import com.qkdata.biz.sys.service.SysUserService;
 import com.qkdata.biz.sys.vo.PasswordModel;
@@ -17,6 +18,7 @@ import io.swagger.annotations.Api;
 import io.swagger.annotations.ApiOperation;
 import org.apache.commons.lang3.ArrayUtils;
 import org.apache.shiro.authz.annotation.RequiresPermissions;
+import org.apache.shiro.authz.annotation.RequiresRoles;
 import org.springframework.beans.BeanUtils;
 import org.springframework.beans.factory.annotation.Autowired;
 import org.springframework.validation.annotation.Validated;
@@ -34,7 +36,7 @@ public class SysUserController {
    @ApiOperation("查询用户列表")
    @PostMapping("/list")
-    @RequiresPermissions("sys:user:list")
+    @RequiresRoles(value = {"ADMIN"})
    public PageResult<SysUserModel> list(@RequestBody QueryUserModel queryUserModel){
        return sysUserService.queryPageList(queryUserModel);
    }
@@ -50,7 +52,7 @@ public class SysUserController {
    }
    @ApiOperation("获取某个用户信息")
    @GetMapping("/info/{id}")
-    @RequiresPermissions("sys:user:info")
+    @RequiresRoles(value = {"ADMIN"})
    public Result<SysUserModel> infoById(@PathVariable Long id){
        SysUserPO sysUserPO = sysUserService.getById(id);
        SysUserModel dto = new SysUserModel();
@@ -61,7 +63,7 @@ public class SysUserController {
    @ApiOperation("保存用户信息")
    @SysLog("保存用户信息")
    @PostMapping("/save")
-    @RequiresPermissions("sys:user:save")
+    @RequiresRoles(value = {"ADMIN"})
    public Result<String> save(@RequestBody @Validated(AddGroup.class) SysUserModel sysUserModel){
        sysUserService.saveUser(sysUserModel);
        return Result.succeed("ok");
@@ -69,7 +71,7 @@ public class SysUserController {
    @ApiOperation("修改用户信息")
    @SysLog("修改用户信息")
    @PostMapping("/update")
-    @RequiresPermissions("sys:user:update")
+    @RequiresRoles(value = {BizConstants.ROLE_ADMIN})
    public Result<String> update(@RequestBody @Validated(UpdateGroup.class) SysUserModel sysUserModel){
        sysUserService.updateUser(sysUserModel);
        return Result.succeed("ok");
@@ -94,7 +96,7 @@ public class SysUserController {
    @ApiOperation("删除用户")
    @SysLog("删除用户")
    @PostMapping("/delete")
-    @RequiresPermissions("sys:user:delete")
+    @RequiresRoles(value = {"ADMIN"})
    public Result<String> delete(@RequestBody Long[] userIds){
        if(ArrayUtils.contains(userIds, 1L)){
            throw new BusinessException("系统管理员不能删除");

--- a/src/main/java/com/qkdata/biz/sys/mapper/SysRoleMapper.java
+++ b/src/main/java/com/qkdata/biz/sys/mapper/SysRoleMapper.java
@@ -4,6 +4,7 @@ import com.baomidou.mybatisplus.core.mapper.BaseMapper;
 import com.baomidou.mybatisplus.extension.plugins.pagination.Page;
 import com.qkdata.biz.sys.entity.SysRolePO;
 import com.qkdata.biz.sys.vo.QueryRoleModel;
+import com.qkdata.biz.sys.vo.SysRoleModel;
 import org.apache.ibatis.annotations.Mapper;
 import org.apache.ibatis.annotations.Param;
@@ -12,4 +13,6 @@ import java.util.List;
 @Mapper
 public interface SysRoleMapper extends BaseMapper<SysRolePO> {
    List<SysRolePO> queryPageList(Page<SysRolePO> page, @Param("p") QueryRoleModel queryRoleModel);
+    List<SysRoleModel> findUserRoles(Long userId);
 }
--- a/src/main/java/com/qkdata/biz/sys/service/ShiroService.java
+++ b/src/main/java/com/qkdata/biz/sys/service/ShiroService.java
 package com.qkdata.biz.sys.service;
+import cn.hutool.core.date.DateUtil;
 import com.fasterxml.jackson.core.JsonProcessingException;
 import com.fasterxml.jackson.databind.ObjectMapper;
 import com.google.common.collect.Maps;
@@ -7,6 +8,7 @@ import com.qkdata.biz.enums.AccountStatusEnum;
 import com.qkdata.biz.sys.entity.SysMenuPO;
 import com.qkdata.biz.sys.entity.SysUserPO;
 import com.qkdata.biz.sys.vo.LoginUserInfo;
+import com.qkdata.biz.sys.vo.SysRoleModel;
 import com.qkdata.common.base.exception.BusinessException;
 import com.qkdata.common.jwt.JWTService;
 import com.qkdata.common.oauth.AuthorizedUser;
@@ -17,6 +19,7 @@ import org.springframework.stereotype.Service;
 import org.springframework.util.StringUtils;
 import java.util.*;
+import java.util.stream.Collectors;
 @Service
 public class ShiroService {
@@ -28,6 +31,8 @@ public class ShiroService {
    private ObjectMapper objectMapper;
    @Autowired
    private JWTService jwtService;
+    @Autowired
+    private SysRoleService sysRoleService;
    public Set<String> getUserPermissions(Long userId) {
        List<String> permsList;
@@ -61,10 +66,15 @@ public class ShiroService {
        if (userPO.getStatus() == AccountStatusEnum.DISABLE){
            throw new BusinessException("帐号已禁用");
        }
+        if (userPO.getStatus() == AccountStatusEnum.UNACTIVATE){
+            userPO.setActivateTime(DateUtil.date());
+            sysUserService.updateById(userPO);
+        }
        String token = generatorToken(userPO);
        LoginUserInfo loginUser = new LoginUserInfo();
        BeanUtils.copyProperties(userPO,loginUser);
        loginUser.setAuthorization(token);
+        loginUser.setRoles(sysRoleService.getUserRoles(userPO.getId()));
        return loginUser;
    }
@@ -81,4 +91,9 @@ public class ShiroService {
    public SysUserPO getUserByUserName(String username) {
        return sysUserService.getByUsername(username);
    }
+    public Set<String> getUserRoles(Long userId) {
+        List<SysRoleModel> roles = sysRoleService.getUserRoles(userId);
+        return roles.stream().map(SysRoleModel::getCode).collect(Collectors.toSet());
+    }
 }
--- a/src/main/java/com/qkdata/biz/sys/service/SysRoleService.java
+++ b/src/main/java/com/qkdata/biz/sys/service/SysRoleService.java
@@ -59,4 +59,8 @@ public class SysRoleService extends BaseServiceImpl<SysRoleMapper, SysRolePO> {
        sysRoleMenuService.saveOrUpdateRoleMenu(po.getId(),sysRoleModel.getMenuIdList());
    }
+    public List<SysRoleModel> getUserRoles(Long userId) {
+        return baseMapper.findUserRoles(userId);
+    }
 }
--- a/src/main/java/com/qkdata/biz/sys/vo/LoginUserInfo.java
+++ b/src/main/java/com/qkdata/biz/sys/vo/LoginUserInfo.java
@@ -2,11 +2,13 @@ package com.qkdata.biz.sys.vo;
 import lombok.Data;
+import java.util.List;
 @Data
 public class LoginUserInfo {
    private Long id;
    private String username;
-    private String email;
+    private String nickName;
-    private String mobile;
    private String authorization;
+    private List<SysRoleModel> roles;
 }
--- a/src/main/java/com/qkdata/common/config/Swagger2Config.java
+++ b/src/main/java/com/qkdata/common/config/Swagger2Config.java
@@ -26,34 +26,30 @@ public class Swagger2Config {
     */
    @Bean
    public Docket createRestApi() {
-//        ParameterBuilder ticketPar = new ParameterBuilder();
-//        List<Parameter> pars = new ArrayList<>();
-//        ticketPar.name(HttpHeaders.AUTHORIZATION).description("user token")
-//                .modelRef(new ModelRef("string")).parameterType("header")
-//                .required(false).build();
-//        pars.add(ticketPar.build());
        return new Docket(DocumentationType.SWAGGER_2).apiInfo(apiInfo()).select()
-            .apis(RequestHandlerSelectors.basePackage("com.qkdata"))
+                .apis(RequestHandlerSelectors.basePackage("com.qkdata"))
-            .paths(PathSelectors.any()).build()
+                .paths(PathSelectors.any()).build()
                .securitySchemes(securitySchemes()).securityContexts(securityContexts());
-//                .globalOperationParameters(pars);
    }
    private List<ApiKey> securitySchemes() {
        List<ApiKey> apiKeys = new ArrayList<>(1);
-        ApiKey apiKey = new ApiKey("Authorization","Authorization","header");
+        ApiKey apiKey = new ApiKey("Authorization", "Authorization", "header");
        apiKeys.add(apiKey);
        return apiKeys;
    }
    private List<SecurityContext> securityContexts() {
        List<SecurityContext> contexts = new ArrayList<>(1);
        SecurityContext securityContext = SecurityContext.builder()
                .securityReferences(defaultAuth())
-                //.forPaths(PathSelectors.regex("^(?!auth).*$"))
                .build();
        contexts.add(securityContext);
        return contexts;
    }
    private List<SecurityReference> defaultAuth() {
        AuthorizationScope authorizationScope = new AuthorizationScope("global", "accessEverything");
        AuthorizationScope[] authorizationScopes = new AuthorizationScope[1];

--- a/src/main/java/com/qkdata/common/oauth/OAuthRealm.java
+++ b/src/main/java/com/qkdata/common/oauth/OAuthRealm.java
@@ -19,6 +19,7 @@ import org.apache.shiro.subject.PrincipalCollection;
 import org.springframework.beans.factory.annotation.Autowired;
 import org.springframework.stereotype.Component;
+import javax.sound.sampled.Line;
 import java.io.IOException;
 import java.util.HashSet;
 import java.util.Set;
@@ -48,10 +49,15 @@ public class OAuthRealm extends AuthorizingRealm {
        SysUserPO user = (SysUserPO) principals.getPrimaryPrincipal();
        Long userId = user.getId();
+        //用户角色
+        Set<String> roles = shiroService.getUserRoles(userId);
        //用户权限列表
-        Set<String> permsSet = new HashSet<>();
+        Set<String> permsSet = shiroService.getUserPermissions(userId);
-        permsSet.add("all");
+//        Set<String> permsSet = new HashSet<>();
+//        permsSet.add("all");
        SimpleAuthorizationInfo info = new SimpleAuthorizationInfo();
+        info.setRoles(roles);
        info.setStringPermissions(permsSet);
        return info;
    }

--- a/src/main/resources/db/migration/V1.0.0__init.sql
+++ b/src/main/resources/db/migration/V1.0.0__init.sql
@@ -394,6 +394,7 @@ CREATE TABLE `sys_user_role` (
  PRIMARY KEY (`id`)
 ) ENGINE=InnoDB AUTO_INCREMENT=2 DEFAULT CHARSET=utf8mb4 COMMENT='用户角色关联表';
+INSERT INTO `sys_user_role` VALUES (1,1,1);
 -- ----------------------------
 -- Table structure for teacher

--- a/src/main/resources/mappers/SysRoleMapper.xml
+++ b/src/main/resources/mappers/SysRoleMapper.xml
@@ -10,4 +10,8 @@
        </if>
        order by id desc
    </select>
+    <select id="findUserRoles" resultType="com.qkdata.biz.sys.vo.SysRoleModel">
+        SELECT r.id,r.code,r.name from sys_role r INNER JOIN sys_user_role t on r.id = t.role_id
+        WHERE t.user_id=#{userId}
+    </select>
 </mapper>
\ No newline at end of file