- 后端:重构 oauth2 模块,方便后续 User 接入。
- 后端:重写 Admin 安全拦截器,实现类似 Shiro 的效果。
This commit is contained in:
YunaiV
@@ -17,6 +17,7 @@ import cn.iocoder.mall.admin.application.convert.ResourceConvert;
|
||||
import cn.iocoder.mall.admin.application.vo.admin.AdminMenuTreeNodeVO;
|
||||
import cn.iocoder.mall.admin.application.vo.admin.AdminRoleVO;
|
||||
import cn.iocoder.mall.admin.application.vo.admin.AdminVO;
|
||||
import cn.iocoder.mall.admin.sdk.annotation.RequiresPermissions;
|
||||
import cn.iocoder.mall.admin.sdk.context.AdminSecurityContextHolder;
|
||||
import io.swagger.annotations.Api;
|
||||
import io.swagger.annotations.ApiImplicitParam;
|
||||
@@ -86,6 +87,7 @@ public class AdminController {
|
||||
// =========== 管理员管理 API ===========
|
||||
|
||||
@GetMapping("/page")
|
||||
@RequiresPermissions("system.admin.page")
|
||||
@ApiOperation(value = "管理员分页")
|
||||
public CommonResult<PageResult<AdminVO>> page(AdminPageDTO adminPageDTO) {
|
||||
PageResult<AdminBO> page = adminService.getAdminPage(adminPageDTO);
|
||||
@@ -128,9 +130,10 @@ public class AdminController {
|
||||
@ApiOperation(value = "指定管理员拥有的角色列表")
|
||||
@ApiImplicitParam(name = "id", value = "管理员编号", required = true, example = "1")
|
||||
public CommonResult<List<AdminRoleVO>> roleList(@RequestParam("id") Integer id) {
|
||||
// 获得所有角色数组
|
||||
List<RoleBO> allRoleList = adminService.getRoleList(id);
|
||||
Set<Integer> adminRoleIdSet = CollectionUtil.convertSet(allRoleList, RoleBO::getId);
|
||||
// 获得所有角色列表
|
||||
List<RoleBO> allRoleList = roleService.getRoleList();
|
||||
// 获得管理员的角色数组
|
||||
Set<Integer> adminRoleIdSet = CollectionUtil.convertSet(adminService.getRoleList(id), RoleBO::getId);
|
||||
// 转换出返回结果
|
||||
List<AdminRoleVO> result = AdminConvert.INSTANCE.convert(allRoleList);
|
||||
// 设置每个角色是否赋予给改管理员
|
||||
|
||||
@@ -8,6 +8,7 @@ import cn.iocoder.mall.admin.api.dto.datadict.DataDictUpdateDTO;
|
||||
import cn.iocoder.mall.admin.application.convert.DataDictConvert;
|
||||
import cn.iocoder.mall.admin.application.vo.datadict.DataDictEnumVO;
|
||||
import cn.iocoder.mall.admin.application.vo.datadict.DataDictVO;
|
||||
import cn.iocoder.mall.admin.sdk.annotation.RequiresPermissions;
|
||||
import cn.iocoder.mall.admin.sdk.context.AdminSecurityContextHolder;
|
||||
import com.google.common.collect.ImmutableListMultimap;
|
||||
import com.google.common.collect.Multimaps;
|
||||
@@ -31,12 +32,14 @@ public class DataDictController {
|
||||
|
||||
@GetMapping("/list")
|
||||
@ApiOperation(value = "数据字典全列表")
|
||||
@RequiresPermissions("system.dataDict.list")
|
||||
public CommonResult<List<DataDictVO>> list() {
|
||||
CommonResult<List<DataDictBO>> result = dataDictService.selectDataDictList();
|
||||
return DataDictConvert.INSTANCE.convert(result);
|
||||
}
|
||||
|
||||
@GetMapping("/tree")
|
||||
@RequiresPermissions({}) // 因为是通用的接口,所以无需权限标识
|
||||
@ApiOperation(value = "数据字典树结构", notes = "该接口返回的信息更为精简。一般用于前端缓存数据字典到本地。")
|
||||
public CommonResult<List<DataDictEnumVO>> tree() {
|
||||
// 查询数据字典全列表
|
||||
@@ -57,6 +60,7 @@ public class DataDictController {
|
||||
}
|
||||
|
||||
@PostMapping("/add")
|
||||
@RequiresPermissions("system.dataDict.add")
|
||||
@ApiOperation(value = "创建数据字典")
|
||||
@ApiImplicitParams({
|
||||
@ApiImplicitParam(name = "enumValue", value = "大类枚举值", required = true, example = "gender"),
|
||||
@@ -80,6 +84,7 @@ public class DataDictController {
|
||||
}
|
||||
|
||||
@PostMapping("/update")
|
||||
@RequiresPermissions("system.dataDict.update")
|
||||
@ApiOperation(value = "更新数据字典")
|
||||
@ApiImplicitParams({
|
||||
@ApiImplicitParam(name = "id", value = "编号", required = true, example = "100"),
|
||||
@@ -101,6 +106,7 @@ public class DataDictController {
|
||||
}
|
||||
|
||||
@PostMapping("/delete")
|
||||
@RequiresPermissions("system.dataDict.delete")
|
||||
@ApiOperation(value = "删除数据字典")
|
||||
@ApiImplicitParam(name = "id", value = "编号", required = true, example = "100")
|
||||
public CommonResult<Boolean> delete(@RequestParam("id") Integer id) {
|
||||
|
||||
@@ -1,20 +1,19 @@
|
||||
package cn.iocoder.mall.admin.application.controller.admins;
|
||||
|
||||
import cn.iocoder.common.framework.vo.CommonResult;
|
||||
import cn.iocoder.mall.admin.api.AdminService;
|
||||
import cn.iocoder.mall.admin.api.OAuth2Service;
|
||||
import cn.iocoder.mall.admin.api.bo.oauth2.OAuth2AccessTokenBO;
|
||||
import cn.iocoder.mall.admin.application.convert.PassportConvert;
|
||||
import cn.iocoder.mall.admin.application.vo.PassportLoginVO;
|
||||
import cn.iocoder.mall.admin.api.bo.admin.AdminAuthenticationBO;
|
||||
import cn.iocoder.mall.admin.api.dto.admin.AdminAuthenticationDTO;
|
||||
import io.swagger.annotations.Api;
|
||||
import io.swagger.annotations.ApiImplicitParam;
|
||||
import io.swagger.annotations.ApiImplicitParams;
|
||||
import io.swagger.annotations.ApiOperation;
|
||||
import org.apache.dubbo.config.annotation.Reference;
|
||||
import org.springframework.web.bind.annotation.PostMapping;
|
||||
import org.springframework.web.bind.annotation.RequestMapping;
|
||||
import org.springframework.web.bind.annotation.RequestParam;
|
||||
import org.springframework.web.bind.annotation.RestController;
|
||||
|
||||
import static cn.iocoder.common.framework.vo.CommonResult.success;
|
||||
|
||||
@RestController
|
||||
@RequestMapping("admins/passport")
|
||||
@Api("Admin Passport 模块")
|
||||
@@ -23,16 +22,13 @@ public class PassportController {
|
||||
@Reference(validation = "true", version = "${dubbo.provider.OAuth2Service.version}")
|
||||
private OAuth2Service oauth2Service;
|
||||
|
||||
@Reference(validation = "true", version = "${dubbo.provider.AdminService.version}")
|
||||
private AdminService adminService;
|
||||
|
||||
@PostMapping("/login")
|
||||
@ApiOperation(value = "手机号 + 密码登陆")
|
||||
@ApiImplicitParams({
|
||||
@ApiImplicitParam(name = "username", value = "账号", required = true, example = "15601691300"),
|
||||
@ApiImplicitParam(name = "password", value = "密码", required = true, example = "future")
|
||||
})
|
||||
public CommonResult<PassportLoginVO> login(@RequestParam("username") String username,
|
||||
@RequestParam("password") String password) {
|
||||
CommonResult<OAuth2AccessTokenBO> result = oauth2Service.getAccessToken(username, password);
|
||||
return PassportConvert.INSTANCE.convert(result);
|
||||
public CommonResult<AdminAuthenticationBO> login(AdminAuthenticationDTO adminAuthenticationDTO) {
|
||||
return success(adminService.authentication(adminAuthenticationDTO));
|
||||
}
|
||||
|
||||
// TODO 功能 logout
|
||||
|
||||
@@ -17,7 +17,6 @@ import cn.iocoder.mall.admin.application.vo.role.RoleResourceTreeNodeVO;
|
||||
import cn.iocoder.mall.admin.sdk.context.AdminSecurityContextHolder;
|
||||
import io.swagger.annotations.Api;
|
||||
import io.swagger.annotations.ApiImplicitParam;
|
||||
import io.swagger.annotations.ApiImplicitParams;
|
||||
import io.swagger.annotations.ApiOperation;
|
||||
import org.apache.dubbo.config.annotation.Reference;
|
||||
import org.springframework.web.bind.annotation.*;
|
||||
@@ -101,10 +100,6 @@ public class RoleController {
|
||||
|
||||
@PostMapping("/assign_resource")
|
||||
@ApiOperation(value = "分配角色资源")
|
||||
@ApiImplicitParams({
|
||||
@ApiImplicitParam(name = "id", value = "角色编号", required = true, example = "1"),
|
||||
@ApiImplicitParam(name = "resourceIds", value = "资源数组", required = true, example = "1,2,3"),
|
||||
})
|
||||
public CommonResult<Boolean> assignResource(RoleAssignResourceDTO roleAssignResourceDTO) {
|
||||
return success(roleService.assignRoleResource(AdminSecurityContextHolder.getContext().getAdminId(), roleAssignResourceDTO));
|
||||
}
|
||||
|
||||
@@ -26,6 +26,7 @@ public class RoleResourceTreeNodeVO {
|
||||
private String displayName;
|
||||
@ApiModelProperty(value = "子节点数组")
|
||||
private List<RoleResourceTreeNodeVO> children;
|
||||
|
||||
@ApiModelProperty(value = "是否授权", required = true, example = "true")
|
||||
private Boolean assigned;
|
||||
|
||||
|
||||
Reference in New Issue
Block a user