1. 迁移角色相关逻辑
2. admin-web 接入角色新接口
This commit is contained in:
YunaiV
@@ -6,16 +6,16 @@ import lombok.experimental.Accessors;
|
||||
import java.util.Date;
|
||||
|
||||
/**
|
||||
* TODO 注释
|
||||
* 认证模块 - 认证结果 BO
|
||||
*/
|
||||
@Data
|
||||
@Accessors(chain = true)
|
||||
public class OAuth2AccessTokenBO {
|
||||
public class OAuth2AuthenticateBO {
|
||||
|
||||
/**
|
||||
* 访问令牌
|
||||
*/
|
||||
private String id;
|
||||
private String accessToken;
|
||||
/**
|
||||
* 刷新令牌
|
||||
*/
|
||||
@@ -1,6 +1,6 @@
|
||||
package cn.iocoder.mall.system.biz.bo.user;
|
||||
|
||||
import cn.iocoder.mall.system.biz.bo.ouath2.OAuth2AccessTokenBO;
|
||||
import cn.iocoder.mall.system.biz.bo.ouath2.OAuth2AuthenticateBO;
|
||||
import lombok.Data;
|
||||
import lombok.experimental.Accessors;
|
||||
|
||||
@@ -13,6 +13,6 @@ public class UserAuthenticateBO {
|
||||
|
||||
private UserBO user;
|
||||
|
||||
private OAuth2AccessTokenBO token;
|
||||
private OAuth2AuthenticateBO token;
|
||||
|
||||
}
|
||||
|
||||
@@ -1,6 +1,6 @@
|
||||
package cn.iocoder.mall.system.biz.convert.oauth2;
|
||||
|
||||
import cn.iocoder.mall.system.biz.bo.ouath2.OAuth2AccessTokenBO;
|
||||
import cn.iocoder.mall.system.biz.bo.ouath2.OAuth2AuthenticateBO;
|
||||
import cn.iocoder.mall.system.biz.dataobject.oauth2.OAuth2AccessTokenDO;
|
||||
import org.mapstruct.Mapper;
|
||||
import org.mapstruct.factory.Mappers;
|
||||
@@ -10,6 +10,6 @@ public interface OAuth2Convert {
|
||||
|
||||
OAuth2Convert INSTANCE = Mappers.getMapper(OAuth2Convert.class);
|
||||
|
||||
OAuth2AccessTokenBO convert(OAuth2AccessTokenDO bean);
|
||||
OAuth2AuthenticateBO convert(OAuth2AccessTokenDO bean);
|
||||
|
||||
}
|
||||
|
||||
@@ -1,6 +1,6 @@
|
||||
package cn.iocoder.mall.system.biz.convert.user;
|
||||
|
||||
import cn.iocoder.mall.system.biz.bo.ouath2.OAuth2AccessTokenBO;
|
||||
import cn.iocoder.mall.system.biz.bo.ouath2.OAuth2AuthenticateBO;
|
||||
import cn.iocoder.mall.system.biz.bo.user.UserAuthenticateBO;
|
||||
import cn.iocoder.mall.system.biz.bo.user.UserBO;
|
||||
import cn.iocoder.mall.system.biz.dataobject.user.UserDO;
|
||||
@@ -15,7 +15,7 @@ public interface UserConvert {
|
||||
|
||||
@Mapping(source = "userBO", target = "user")
|
||||
@Mapping(source = "accessTokenBO", target = "token")
|
||||
UserAuthenticateBO convert(UserBO userBO, OAuth2AccessTokenBO accessTokenBO);
|
||||
UserAuthenticateBO convert(UserBO userBO, OAuth2AuthenticateBO accessTokenBO);
|
||||
|
||||
UserBO convert(UserDO bean);
|
||||
|
||||
|
||||
@@ -30,6 +30,11 @@ public interface ResourceMapper extends BaseMapper<ResourceDO> {
|
||||
.eqIfPresent("type", type));
|
||||
}
|
||||
|
||||
default int selectCountByIdsAndType(Collection<Integer> ids, Integer type) {
|
||||
return selectCount(new QueryWrapperX<ResourceDO>().inIfPresent("id", ids)
|
||||
.eqIfPresent("type", type));
|
||||
}
|
||||
|
||||
default int selectCountByPid(Integer pid) {
|
||||
return selectCount(new QueryWrapper<ResourceDO>().eq("pid", pid));
|
||||
}
|
||||
|
||||
@@ -0,0 +1,27 @@
|
||||
package cn.iocoder.mall.system.biz.dto.authorization;
|
||||
|
||||
import lombok.Data;
|
||||
import lombok.experimental.Accessors;
|
||||
|
||||
import javax.validation.constraints.NotNull;
|
||||
import java.util.Set;
|
||||
|
||||
/**
|
||||
* 授权模块 - 分配角色资源 DTO
|
||||
*/
|
||||
@Data
|
||||
@Accessors(chain = true)
|
||||
public class AuthorizationAssignRoleResourceDTO {
|
||||
|
||||
@NotNull(message = "管理员编号不能为空")
|
||||
private Integer adminId;
|
||||
|
||||
@NotNull(message = "角色编号不能为空")
|
||||
private Integer roleId;
|
||||
|
||||
/**
|
||||
* 资源编号数组
|
||||
*/
|
||||
private Set<Integer> resourceIds;
|
||||
|
||||
}
|
||||
@@ -0,0 +1,25 @@
|
||||
package cn.iocoder.mall.system.biz.dto.authorization;
|
||||
|
||||
import lombok.Data;
|
||||
import lombok.experimental.Accessors;
|
||||
|
||||
import java.util.Collection;
|
||||
|
||||
/**
|
||||
* 资源模块 - 获得资源总数 DTO
|
||||
*/
|
||||
@Data
|
||||
@Accessors(chain = true)
|
||||
public class ResourceCountDTO {
|
||||
|
||||
/**
|
||||
* 资源编号数组
|
||||
*/
|
||||
private Collection<Integer> ids;
|
||||
|
||||
/**
|
||||
* 资源类型
|
||||
*/
|
||||
private Integer type;
|
||||
|
||||
}
|
||||
@@ -3,6 +3,7 @@ package cn.iocoder.mall.system.biz.service.authorization;
|
||||
import cn.iocoder.common.framework.exception.ServiceException;
|
||||
import cn.iocoder.mall.system.biz.bo.authorization.ResourceBO;
|
||||
import cn.iocoder.mall.system.biz.bo.authorization.ResourceTreeNodeBO;
|
||||
import cn.iocoder.mall.system.biz.dto.authorization.AuthorizationAssignRoleResourceDTO;
|
||||
import cn.iocoder.mall.system.biz.dto.authorization.AuthorizationCheckPermissionsDTO;
|
||||
import cn.iocoder.mall.system.biz.dto.authorization.AuthorizationGetResourcesByAccountIdDTO;
|
||||
import cn.iocoder.mall.system.biz.dto.authorization.AuthorizationGetRoleResourcesDTO;
|
||||
@@ -50,4 +51,10 @@ public interface AuthorizationService {
|
||||
*/
|
||||
Set<Integer> getRoleResources(AuthorizationGetRoleResourcesDTO getRoleResourcesDTO);
|
||||
|
||||
/**
|
||||
* 给指定权限授予权限。如果更新失败,则抛出 {@link ServiceException} 异常
|
||||
*
|
||||
* @param assignRoleResourceDTO 授予权限 DTO
|
||||
*/
|
||||
void assignRoleResource(AuthorizationAssignRoleResourceDTO assignRoleResourceDTO);
|
||||
}
|
||||
|
||||
@@ -2,6 +2,7 @@ package cn.iocoder.mall.system.biz.service.authorization;
|
||||
|
||||
import cn.iocoder.common.framework.util.CollectionUtil;
|
||||
import cn.iocoder.common.framework.util.ServiceExceptionUtil;
|
||||
import cn.iocoder.mall.mybatis.enums.DeletedStatusEnum;
|
||||
import cn.iocoder.mall.system.biz.bo.authorization.ResourceBO;
|
||||
import cn.iocoder.mall.system.biz.bo.authorization.ResourceTreeNodeBO;
|
||||
import cn.iocoder.mall.system.biz.dao.authorization.AccountRoleMapper;
|
||||
@@ -9,6 +10,7 @@ import cn.iocoder.mall.system.biz.dao.authorization.RoleResourceMapper;
|
||||
import cn.iocoder.mall.system.biz.dataobject.authorization.AccountRoleDO;
|
||||
import cn.iocoder.mall.system.biz.dataobject.authorization.RoleResourceDO;
|
||||
import cn.iocoder.mall.system.biz.dto.authorization.*;
|
||||
import cn.iocoder.mall.system.biz.enums.SystemErrorCodeEnum;
|
||||
import cn.iocoder.mall.system.biz.event.authorization.ResourceDeleteEvent;
|
||||
import lombok.extern.slf4j.Slf4j;
|
||||
import org.springframework.beans.factory.annotation.Autowired;
|
||||
@@ -16,6 +18,7 @@ import org.springframework.context.event.EventListener;
|
||||
import org.springframework.stereotype.Service;
|
||||
|
||||
import java.util.*;
|
||||
import java.util.stream.Collectors;
|
||||
|
||||
import static cn.iocoder.mall.system.biz.enums.SystemErrorCodeEnum.AUTHORIZATION_PERMISSION_DENY;
|
||||
|
||||
@@ -128,6 +131,37 @@ public class AuthorizationServiceImpl implements AuthorizationService {
|
||||
return CollectionUtil.convertSet(roleResourceDOs, RoleResourceDO::getResourceId);
|
||||
}
|
||||
|
||||
@Override
|
||||
public void assignRoleResource(AuthorizationAssignRoleResourceDTO assignRoleResourceDTO) {
|
||||
Integer roleId = assignRoleResourceDTO.getRoleId();
|
||||
Set<Integer> resourceIds = assignRoleResourceDTO.getResourceIds();
|
||||
// 校验角色是否存在
|
||||
if (roleService.getRole(roleId) == null) {
|
||||
throw ServiceExceptionUtil.exception(SystemErrorCodeEnum.ROLE_NOT_EXISTS.getCode());
|
||||
}
|
||||
// 校验是否有不存在的资源
|
||||
if (!CollectionUtil.isEmpty(resourceIds)) {
|
||||
int dbResourceSize = resourceService.countResource(new ResourceCountDTO().setIds(resourceIds));
|
||||
if (resourceIds.size() != dbResourceSize) {
|
||||
throw ServiceExceptionUtil.exception(SystemErrorCodeEnum.AUTHORIZATION_ROLE_ASSIGN_RESOURCE_NOT_EXISTS.getCode());
|
||||
}
|
||||
}
|
||||
// TODO 芋艿,这里先简单实现。即方式是,删除老的分配的资源关系,然后添加新的分配的资源关系
|
||||
// 标记角色原资源关系都为删除
|
||||
roleResourceMapper.deleteByRoleId(roleId);
|
||||
// 创建 RoleResourceDO 数组,并插入到数据库
|
||||
if (!CollectionUtil.isEmpty(resourceIds)) {
|
||||
List<RoleResourceDO> roleResources = resourceIds.stream().map(resourceId -> {
|
||||
RoleResourceDO roleResource = new RoleResourceDO().setRoleId(roleId).setResourceId(resourceId);
|
||||
roleResource.setCreateTime(new Date());
|
||||
roleResource.setDeleted(DeletedStatusEnum.DELETED_NO.getValue());
|
||||
return roleResource;
|
||||
}).collect(Collectors.toList());
|
||||
roleResourceMapper.insertList(roleResources);
|
||||
}
|
||||
// TODO 插入操作日志
|
||||
}
|
||||
|
||||
@EventListener
|
||||
public void handleResourceDeleteEvent(ResourceDeleteEvent event) {
|
||||
roleResourceMapper.deleteByResourceId(event.getId());
|
||||
|
||||
@@ -17,6 +17,8 @@ public interface ResourceService {
|
||||
|
||||
List<ResourceBO> getResources(ResourceGetListDTO getListDTO);
|
||||
|
||||
int countResource(ResourceCountDTO countDTO);
|
||||
|
||||
/**
|
||||
* 获得资源树
|
||||
*
|
||||
|
||||
@@ -43,6 +43,11 @@ public class ResourceServiceImpl implements ResourceService {
|
||||
return ResourceConvert.INSTANCE.convertList(resourceDOs);
|
||||
}
|
||||
|
||||
@Override
|
||||
public int countResource(ResourceCountDTO countDTO) {
|
||||
return resourceMapper.selectCountByIdsAndType(countDTO.getIds(), countDTO.getType());
|
||||
}
|
||||
|
||||
@Override
|
||||
public List<ResourceTreeNodeBO> getResourceTree(ResourceGetTreeDTO getTreeDTO) {
|
||||
// 获得对应的资源列表
|
||||
|
||||
@@ -15,6 +15,8 @@ import java.util.List;
|
||||
*/
|
||||
public interface RoleService {
|
||||
|
||||
RoleBO getRole(Integer id);
|
||||
|
||||
List<RoleBO> getRoleList(Collection<Integer> ids);
|
||||
|
||||
PageResult<RoleBO> getRolePage(RolePageDTO pageDTO);
|
||||
|
||||
@@ -15,7 +15,6 @@ import cn.iocoder.mall.system.biz.dto.authorization.RoleUpdateDTO;
|
||||
import cn.iocoder.mall.system.biz.enums.SystemErrorCodeEnum;
|
||||
import cn.iocoder.mall.system.biz.enums.authorization.RoleCodeEnum;
|
||||
import cn.iocoder.mall.system.biz.event.authorization.ResourceDeleteEvent;
|
||||
import com.baomidou.mybatisplus.core.metadata.IPage;
|
||||
import org.springframework.beans.factory.annotation.Autowired;
|
||||
import org.springframework.context.ApplicationEventPublisher;
|
||||
import org.springframework.stereotype.Service;
|
||||
@@ -34,16 +33,19 @@ public class RoleServiceImpl implements RoleService {
|
||||
@Autowired
|
||||
private RoleMapper roleMapper;
|
||||
|
||||
@Override
|
||||
public RoleBO getRole(Integer id) {
|
||||
return RoleConvert.INSTANCE.convert(roleMapper.selectById(id));
|
||||
}
|
||||
|
||||
@Override
|
||||
public List<RoleBO> getRoleList(Collection<Integer> ids) {
|
||||
List<RoleDO> roleDOs = roleMapper.selectBatchIds(ids);
|
||||
return RoleConvert.INSTANCE.convertList(roleDOs);
|
||||
return RoleConvert.INSTANCE.convertList(roleMapper.selectBatchIds(ids));
|
||||
}
|
||||
|
||||
@Override
|
||||
public PageResult<RoleBO> getRolePage(RolePageDTO pageDTO) {
|
||||
IPage<RoleDO> pageResult = roleMapper.selectPage(pageDTO);
|
||||
return RoleConvert.INSTANCE.convertPage(pageResult);
|
||||
return RoleConvert.INSTANCE.convertPage(roleMapper.selectPage(pageDTO));
|
||||
}
|
||||
|
||||
@Override
|
||||
@@ -94,9 +96,9 @@ public class RoleServiceImpl implements RoleService {
|
||||
}
|
||||
// 更新到数据库,标记删除
|
||||
roleMapper.deleteById(roleDeleteDTO.getId());
|
||||
// TODO 插入操作日志
|
||||
// 发布角色删除事件,方便清理关联表
|
||||
eventPublisher.publishEvent(new ResourceDeleteEvent(this, roleDeleteDTO.getId()));
|
||||
// TODO 插入操作日志
|
||||
}
|
||||
|
||||
/**
|
||||
|
||||
@@ -1,6 +1,6 @@
|
||||
package cn.iocoder.mall.system.biz.service.oauth2;
|
||||
|
||||
import cn.iocoder.mall.system.biz.bo.ouath2.OAuth2AccessTokenBO;
|
||||
import cn.iocoder.mall.system.biz.bo.ouath2.OAuth2AuthenticateBO;
|
||||
import cn.iocoder.mall.system.biz.dto.oatuh2.OAuth2AccessTokenAuthenticateDTO;
|
||||
import cn.iocoder.mall.system.biz.dto.oatuh2.OAuth2MobileCodeAuthenticateDTO;
|
||||
import cn.iocoder.mall.system.biz.dto.oatuh2.OAuth2UsernameAuthenticateDTO;
|
||||
@@ -10,10 +10,10 @@ import cn.iocoder.mall.system.biz.dto.oatuh2.OAuth2UsernameAuthenticateDTO;
|
||||
*/
|
||||
public interface OAuth2Service {
|
||||
|
||||
OAuth2AccessTokenBO authenticate(OAuth2UsernameAuthenticateDTO authenticateDTO);
|
||||
OAuth2AuthenticateBO authenticate(OAuth2UsernameAuthenticateDTO authenticateDTO);
|
||||
|
||||
OAuth2AccessTokenBO authenticate(OAuth2MobileCodeAuthenticateDTO authenticateDTO);
|
||||
OAuth2AuthenticateBO authenticate(OAuth2MobileCodeAuthenticateDTO authenticateDTO);
|
||||
|
||||
OAuth2AccessTokenBO authenticate(OAuth2AccessTokenAuthenticateDTO authenticateDTO);
|
||||
OAuth2AuthenticateBO authenticate(OAuth2AccessTokenAuthenticateDTO authenticateDTO);
|
||||
|
||||
}
|
||||
|
||||
@@ -4,7 +4,7 @@ import cn.iocoder.common.framework.constant.SysErrorCodeEnum;
|
||||
import cn.iocoder.common.framework.util.ServiceExceptionUtil;
|
||||
import cn.iocoder.common.framework.util.ValidationUtil;
|
||||
import cn.iocoder.mall.system.biz.bo.account.AccountBO;
|
||||
import cn.iocoder.mall.system.biz.bo.ouath2.OAuth2AccessTokenBO;
|
||||
import cn.iocoder.mall.system.biz.bo.ouath2.OAuth2AuthenticateBO;
|
||||
import cn.iocoder.mall.system.biz.convert.oauth2.OAuth2Convert;
|
||||
import cn.iocoder.mall.system.biz.dao.oauth2.OAuth2AccessTokenMapper;
|
||||
import cn.iocoder.mall.system.biz.dao.oauth2.OAuth2RefreshTokenMapper;
|
||||
@@ -53,7 +53,7 @@ public class OAuth2ServiceImpl implements OAuth2Service {
|
||||
|
||||
@Override
|
||||
@Transactional
|
||||
public OAuth2AccessTokenBO authenticate(OAuth2UsernameAuthenticateDTO authenticateDTO) {
|
||||
public OAuth2AuthenticateBO authenticate(OAuth2UsernameAuthenticateDTO authenticateDTO) {
|
||||
// 获得账号
|
||||
AccountBO accountBO = accountService.getByUsername(authenticateDTO.getUsername());
|
||||
if (accountBO == null) {
|
||||
@@ -73,7 +73,7 @@ public class OAuth2ServiceImpl implements OAuth2Service {
|
||||
|
||||
@Override
|
||||
@Transactional
|
||||
public OAuth2AccessTokenBO authenticate(OAuth2MobileCodeAuthenticateDTO authenticateDTO) {
|
||||
public OAuth2AuthenticateBO authenticate(OAuth2MobileCodeAuthenticateDTO authenticateDTO) {
|
||||
// 校验手机格式
|
||||
if (!ValidationUtil.isMobile(authenticateDTO.getMobile())) {
|
||||
throw ServiceExceptionUtil.exception(SysErrorCodeEnum.VALIDATION_REQUEST_PARAM_ERROR.getCode(), "手机格式不正确"); // TODO 有点搓
|
||||
@@ -98,7 +98,7 @@ public class OAuth2ServiceImpl implements OAuth2Service {
|
||||
}
|
||||
|
||||
@Override
|
||||
public OAuth2AccessTokenBO authenticate(OAuth2AccessTokenAuthenticateDTO authenticateDTO) {
|
||||
public OAuth2AuthenticateBO authenticate(OAuth2AccessTokenAuthenticateDTO authenticateDTO) {
|
||||
OAuth2AccessTokenDO oauth2AccessTokenDO = oauth2AccessTokenMapper.selectById(authenticateDTO.getAccessToken());
|
||||
if (oauth2AccessTokenDO == null) { // 不存在
|
||||
throw ServiceExceptionUtil.exception(SystemErrorCodeEnum.OAUTH2_ACCESS_TOKEN_NOT_FOUND.getCode());
|
||||
|
||||
@@ -1,7 +1,7 @@
|
||||
package cn.iocoder.mall.system.biz.service.user;
|
||||
|
||||
import cn.iocoder.mall.mybatis.enums.DeletedStatusEnum;
|
||||
import cn.iocoder.mall.system.biz.bo.ouath2.OAuth2AccessTokenBO;
|
||||
import cn.iocoder.mall.system.biz.bo.ouath2.OAuth2AuthenticateBO;
|
||||
import cn.iocoder.mall.system.biz.bo.user.UserAuthenticateBO;
|
||||
import cn.iocoder.mall.system.biz.bo.user.UserBO;
|
||||
import cn.iocoder.mall.system.biz.convert.user.UserConvert;
|
||||
@@ -26,7 +26,7 @@ public class UserServiceImpl implements UserService {
|
||||
@Transactional
|
||||
public UserAuthenticateBO authenticate(OAuth2MobileCodeAuthenticateDTO authenticateDTO) {
|
||||
// 执行认证
|
||||
OAuth2AccessTokenBO accessTokenBO = oAuth2Service.authenticate(authenticateDTO);
|
||||
OAuth2AuthenticateBO accessTokenBO = oAuth2Service.authenticate(authenticateDTO);
|
||||
// 获得用户
|
||||
UserDO userDO = userMapper.selectById(accessTokenBO.getAccountId());
|
||||
if (userDO == null) {
|
||||
|
||||
@@ -1,6 +1,6 @@
|
||||
<?xml version="1.0" encoding="UTF-8"?>
|
||||
<!DOCTYPE mapper PUBLIC "-//mybatis.org//DTD Mapper 3.0//EN" "http://mybatis.org/dtd/mybatis-3-mapper.dtd">
|
||||
<mapper namespace="cn.iocoder.mall.admin.dao.RoleResourceMapper">
|
||||
<mapper namespace="cn.iocoder.mall.system.biz.dao.authorization.RoleResourceMapper">
|
||||
|
||||
<insert id="insertList">
|
||||
INSERT INTO role_resource (
|
||||
|
||||
Reference in New Issue
Block a user