oneos-v5/backend
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

1. 完成 auth 鉴权逻辑

Browse Source 
2. 完成 admin 获取 Admin 上下文
3. 完成 user 获取 User 上下文
This commit is contained in:
YunaiV
2020-04-23 21:18:48 +08:00
parent a545d673ab
commit eb86ae7cbc
104 changed files with 815 additions and 1256 deletions
Download Patch File Download Diff File Expand all files Collapse all files

52
system/system-biz/src/main/java/cn/iocoder/mall/system/biz/bo/authorization/ResourceBO.java Normal file
View File

@@ -0,0 +1,52 @@
package cn.iocoder.mall.system.biz.bo.authorization;
import lombok.Data;
import lombok.experimental.Accessors;
import java.util.Date;
/**
* 授权模块 - 资源信息 BO
*/
@Data
@Accessors(chain = true)
public class ResourceBO {
/**
* 资源编号
*/
private Integer id;
/**
* 菜单名
*/
private String name;
/**
* 权限标识
*/
private String permission;
/**
* 资源类型
*/
private Integer type;
/**
* 排序
*/
private Integer sort;
/**
* 父级资源编号
*/
private Integer pid;
/**
* 前端路由
*/
private String route;
/**
* 菜单图标
*/
private String icon;
/**
* 创建时间
*/
private Date createTime;
}

32
system/system-biz/src/main/java/cn/iocoder/mall/system/biz/bo/authorization/RoleBO.java Normal file
View File

@@ -0,0 +1,32 @@
package cn.iocoder.mall.system.biz.bo.authorization;
import lombok.Data;
import lombok.experimental.Accessors;
import java.util.Date;
/**
* 授权模块 - 角色信息 BO
*/
@Data
@Accessors(chain = true)
public class RoleBO {
/**
* 角色编号
*/
private Integer id;
/**
* 角色名字
*/
private String name;
/**
* 角色编码
*/
private String code;
/**
* 添加时间
*/
private Date createTime;
}

2
system/system-biz/src/main/java/cn/iocoder/mall/system/biz/bo/user/UserBO.java
View File

@@ -4,7 +4,7 @@ import lombok.Data;
import lombok.experimental.Accessors;
/**
* TODO 注释
* User 模块 - User 信息 BO
*/
@Data
@Accessors(chain = true)

4
system/system-biz/src/main/java/cn/iocoder/mall/system/biz/convert/SmsSignConvert.java
View File

@@ -21,9 +21,9 @@ public interface SmsSignConvert {
SmsSignConvert INSTANCE = Mappers.getMapper(SmsSignConvert.class);
@Mappings({})
SmsSignBO convert(SmsSignDO smsSignDO);
SmsSignBO convert(SmsSignDO bean);
@Mappings({})
List<ListSmsSignBO> convert(List<SmsSignDO> smsSignDOList);
List<ListSmsSignBO> convert(List<SmsSignDO> beans);
}

4
system/system-biz/src/main/java/cn/iocoder/mall/system/biz/convert/account/AccountConvert.java
View File

@@ -11,8 +11,8 @@ public interface AccountConvert {
AccountConvert INSTANCE = Mappers.getMapper(AccountConvert.class);
AccountBO convert(AccountDO accountDO);
AccountBO convert(AccountDO bean);
AccountDO convert(AccountCreateDTO accountCreateDTO);
AccountDO convert(AccountCreateDTO bean);
}

2
system/system-biz/src/main/java/cn/iocoder/mall/system/biz/convert/admin/AdminConvert.java
View File

@@ -10,6 +10,6 @@ public interface AdminConvert {
AdminConvert INSTANCE = Mappers.getMapper(AdminConvert.class);
AdminBO convert(AdminDO adminDO);
AdminBO convert(AdminDO bean);
}

19
system/system-biz/src/main/java/cn/iocoder/mall/system/biz/convert/authorization/ResourceConvert.java Normal file
View File

@@ -0,0 +1,19 @@
package cn.iocoder.mall.system.biz.convert.authorization;
import cn.iocoder.mall.system.biz.bo.authorization.ResourceBO;
import cn.iocoder.mall.system.biz.dataobject.authorization.ResourceDO;
import org.mapstruct.Mapper;
import org.mapstruct.factory.Mappers;
import java.util.List;
@Mapper
public interface ResourceConvert {
ResourceConvert INSTANCE = Mappers.getMapper(ResourceConvert.class);
ResourceBO convert(ResourceDO bean);
List<ResourceBO> convertList(List<ResourceDO> beans);
}

19
system/system-biz/src/main/java/cn/iocoder/mall/system/biz/convert/authorization/RoleConvert.java Normal file
View File

@@ -0,0 +1,19 @@
package cn.iocoder.mall.system.biz.convert.authorization;
import cn.iocoder.mall.system.biz.bo.authorization.RoleBO;
import cn.iocoder.mall.system.biz.dataobject.authorization.RoleDO;
import org.mapstruct.Mapper;
import org.mapstruct.factory.Mappers;
import java.util.List;
@Mapper
public interface RoleConvert {
RoleConvert INSTANCE = Mappers.getMapper(RoleConvert.class);
RoleBO convert(RoleDO bean);
List<RoleBO> convertList(List<RoleDO> beans);
}

2
system/system-biz/src/main/java/cn/iocoder/mall/system/biz/convert/oauth2/OAuth2Convert.java
View File

@@ -10,6 +10,6 @@ public interface OAuth2Convert {
OAuth2Convert INSTANCE = Mappers.getMapper(OAuth2Convert.class);
OAuth2AccessTokenBO convert(OAuth2AccessTokenDO accessTokenDO);
OAuth2AccessTokenBO convert(OAuth2AccessTokenDO bean);
}

4
system/system-biz/src/main/java/cn/iocoder/mall/system/biz/convert/systemlog/SystemLogConvert.java
View File

@@ -12,8 +12,8 @@ public interface SystemLogConvert {
SystemLogConvert INSTANCE = Mappers.getMapper(SystemLogConvert.class);
AccessLogDO convert(AccessLogAddDTO accessLogAddDTO);
AccessLogDO convert(AccessLogAddDTO bean);
ExceptionLogDO convert(ExceptionLogAddDTO exceptionLogAddDTO);
ExceptionLogDO convert(ExceptionLogAddDTO bean);
}

2
system/system-biz/src/main/java/cn/iocoder/mall/system/biz/convert/user/UserConvert.java
View File

@@ -17,6 +17,6 @@ public interface UserConvert {
@Mapping(source = "accessTokenBO", target = "token")
UserAuthenticateBO convert(UserBO userBO, OAuth2AccessTokenBO accessTokenBO);
UserBO convert(UserDO userDO);
UserBO convert(UserDO bean);
}

7
system/system-biz/src/main/java/cn/iocoder/mall/system/biz/dao/admin/AdminMapper.java
View File

@@ -1,10 +1,17 @@
package cn.iocoder.mall.system.biz.dao.admin;
import cn.iocoder.mall.system.biz.dataobject.admin.AdminDO;
import com.baomidou.mybatisplus.core.conditions.query.QueryWrapper;
import com.baomidou.mybatisplus.core.mapper.BaseMapper;
import org.springframework.stereotype.Repository;
@Repository
public interface AdminMapper extends BaseMapper<AdminDO> {
default AdminDO selectByAccountId(Integer accountId) {
return selectOne(new QueryWrapper<AdminDO>()
.eq("account_id", accountId)
);
}
}

38
system/system-biz/src/main/java/cn/iocoder/mall/system/biz/dao/authorization/AccountRoleMapper.java Normal file
View File

@@ -0,0 +1,38 @@
package cn.iocoder.mall.system.biz.dao.authorization;
import cn.iocoder.mall.system.biz.dataobject.authorization.AccountRoleDO;
import com.baomidou.mybatisplus.core.conditions.query.QueryWrapper;
import com.baomidou.mybatisplus.core.mapper.BaseMapper;
import org.apache.ibatis.annotations.Param;
import org.springframework.stereotype.Repository;
import java.util.Collection;
import java.util.List;
@Repository
public interface AccountRoleMapper extends BaseMapper<AccountRoleDO> {
default List<AccountRoleDO> selectByAccountId( Integer accountId) {
return selectList(new QueryWrapper<AccountRoleDO>().eq("account_id", accountId));
}
default List<AccountRoleDO> selectListByAccountIds(Collection<Integer> accountIds) {
return selectList(new QueryWrapper<AccountRoleDO>().in("account_id", accountIds));
}
default int deleteByAccountId(Integer accountId) {
return delete(new QueryWrapper<AccountRoleDO>().eq("account_id", accountId));
}
default int deleteByRoleId(Integer roleId) {
return delete(new QueryWrapper<AccountRoleDO>().eq("role_id", roleId));
}
/**
* 批量插入。因为 MyBaits Plus 的批量插入是基于 Service 实现,所以只好写 XML
*
* @param accountRoleDOs 数组
*/
int insertList(@Param("accountRoleDOs") List<AccountRoleDO> accountRoleDOs);
}

37
system/system-biz/src/main/java/cn/iocoder/mall/system/biz/dao/authorization/ResourceMapper.java Normal file
View File

@@ -0,0 +1,37 @@
package cn.iocoder.mall.system.biz.dao.authorization;
import cn.iocoder.common.framework.mybatis.QueryWrapperX;
import cn.iocoder.mall.system.biz.dataobject.authorization.ResourceDO;
import com.baomidou.mybatisplus.core.conditions.query.QueryWrapper;
import com.baomidou.mybatisplus.core.mapper.BaseMapper;
import org.apache.ibatis.annotations.Param;
import org.springframework.stereotype.Repository;
import java.util.Collection;
import java.util.List;
import java.util.Set;
@Repository
public interface ResourceMapper extends BaseMapper<ResourceDO> {
// TODO 芋艿,后续改造。
List<ResourceDO> selectListByTypeAndRoleIds(@Param("type") Integer type,
@Param("roleIds") Set<Integer> roleIds);
default ResourceDO selectByPermission(String permission) {
return selectOne(new QueryWrapper<ResourceDO>().eq("permission", permission));
}
default List<ResourceDO> selectListByPermissions(Collection<String> permissions) {
return selectList(new QueryWrapper<ResourceDO>().in("permission", permissions));
}
default List<ResourceDO> selectListByType(Integer type) {
return selectList(new QueryWrapperX<ResourceDO>().eqIfPresent("type", type));
}
default int selectCountByPid(Integer pid) {
return selectCount(new QueryWrapper<ResourceDO>().eq("pid", pid));
}
}

26
system/system-biz/src/main/java/cn/iocoder/mall/system/biz/dao/authorization/RoleMapper.java Normal file
View File

@@ -0,0 +1,26 @@
package cn.iocoder.mall.system.biz.dao.authorization;
import cn.iocoder.common.framework.mybatis.QueryWrapperX;
import cn.iocoder.mall.system.biz.dataobject.authorization.RoleDO;
import cn.iocoder.mall.system.biz.dto.authorization.RolePageDTO;
import com.baomidou.mybatisplus.core.conditions.query.QueryWrapper;
import com.baomidou.mybatisplus.core.mapper.BaseMapper;
import com.baomidou.mybatisplus.core.metadata.IPage;
import com.baomidou.mybatisplus.extension.plugins.pagination.Page;
import org.springframework.stereotype.Repository;
import java.util.List;
@Repository
public interface RoleMapper extends BaseMapper<RoleDO> {
default List<RoleDO> selectList() {
return selectList(new QueryWrapper<>());
}
default IPage<RoleDO> selectPage(RolePageDTO rolePageDTO) {
return selectPage(new Page<>(rolePageDTO.getPageNo(), rolePageDTO.getPageSize()),
new QueryWrapperX<RoleDO>().likeIfPresent("name", rolePageDTO.getName()));
}
}

38
system/system-biz/src/main/java/cn/iocoder/mall/system/biz/dao/authorization/RoleResourceMapper.java Normal file
View File

@@ -0,0 +1,38 @@
package cn.iocoder.mall.system.biz.dao.authorization;
import cn.iocoder.mall.system.biz.dataobject.authorization.RoleResourceDO;
import com.baomidou.mybatisplus.core.conditions.query.QueryWrapper;
import com.baomidou.mybatisplus.core.mapper.BaseMapper;
import org.apache.ibatis.annotations.Param;
import org.springframework.stereotype.Repository;
import java.util.Collection;
import java.util.List;
@Repository
public interface RoleResourceMapper extends BaseMapper<RoleResourceDO> {
/**
* 批量插入。因为 MyBaits Plus 的批量插入是基于 Service 实现,所以只好写 XML
*
* @param roleResources 数组
*/
int insertList(@Param("roleResources") List<RoleResourceDO> roleResources);
default List<RoleResourceDO> selectListByResourceId(Integer resourceId) {
return selectList(new QueryWrapper<RoleResourceDO>().eq("resource_id", resourceId));
}
default List<RoleResourceDO> selectListByResourceIds(Collection<Integer> resourceIds) {
return selectList(new QueryWrapper<RoleResourceDO>().in("resource_id", resourceIds));
}
default int deleteByResourceId(Integer resourceId) {
return delete(new QueryWrapper<RoleResourceDO>().eq("resource_id", resourceId));
}
default int deleteByRoleId(Integer roleId) {
return delete(new QueryWrapper<RoleResourceDO>().eq("role_id", roleId));
}
}

4
system/system-biz/src/main/java/cn/iocoder/mall/system/biz/dataobject/authorization/AccountRoleDO.java
View File

@@ -4,14 +4,16 @@ import cn.iocoder.common.framework.dataobject.DeletableDO;
import cn.iocoder.mall.system.biz.dataobject.account.AccountDO;
import com.baomidou.mybatisplus.annotation.TableName;
import lombok.Data;
import lombok.EqualsAndHashCode;
import lombok.experimental.Accessors;
/**
* {@link AccountDO} 和 {@link RoleDO} 的关联表
*/
@TableName("admin_role")
@Data
@EqualsAndHashCode(callSuper = true)
@Accessors(chain = true)
@TableName("account_role")
public class AccountRoleDO extends DeletableDO {
/**

20
system/system-biz/src/main/java/cn/iocoder/mall/system/biz/dataobject/authorization/ResourceDO.java
View File

@@ -1,6 +1,7 @@
package cn.iocoder.mall.system.biz.dataobject.authorization;
import cn.iocoder.common.framework.dataobject.DeletableDO;
import cn.iocoder.mall.system.biz.enums.authorization.ResourceTypeEnum;
import com.baomidou.mybatisplus.annotation.TableName;
import lombok.Data;
import lombok.EqualsAndHashCode;
@@ -37,7 +38,7 @@ public class ResourceDO extends DeletableDO {
/**
* 资源类型
*
* 关联 {@link Resource}
* 关联 {@link ResourceTypeEnum}
*/
private Integer type;
/**
@@ -51,23 +52,16 @@ public class ResourceDO extends DeletableDO {
*/
private Integer pid;
/**
* 前端路由
*
*
* 目前当且仅当资源类型为【菜单】时,才会生效,即 handler 配置为界面 URL ,或者前端组件名,或者前端的路由。
* 目前当且仅当资源类型为 {@link ResourceTypeEnum#MENU} 时,才会生效
*/
private String handler;
private String route;
/**
* 图标
* 菜单图标
*
* 目前当且仅当资源类型为【菜单】时,才会生效
* 目前当且仅当资源类型为 {@link ResourceTypeEnum#MENU} 时,才会生效
*/
private String icon;
/**
* 权限标识数组,使用逗号分隔。
*
* 例如system:admin:add
* 推荐格式为 ${系统}:${模块}:${操作}
*/
private String permissions;
}

8
system/system-biz/src/main/java/cn/iocoder/mall/system/biz/dataobject/authorization/RoleDO.java
View File

@@ -3,14 +3,16 @@ package cn.iocoder.mall.system.biz.dataobject.authorization;
import cn.iocoder.common.framework.dataobject.DeletableDO;
import com.baomidou.mybatisplus.annotation.TableName;
import lombok.Data;
import lombok.EqualsAndHashCode;
import lombok.experimental.Accessors;
/**
* 角色实体
*/
@TableName("role")
@Data
@EqualsAndHashCode(callSuper = true)
@Accessors(chain = true)
@TableName("role")
public class RoleDO extends DeletableDO {
/**
@@ -21,5 +23,9 @@ public class RoleDO extends DeletableDO {
* 角色名
*/
private String name;
/**
* 角色编码
*/
private String code;
}

4
system/system-biz/src/main/java/cn/iocoder/mall/system/biz/dataobject/authorization/RoleResourceDO.java
View File

@@ -3,14 +3,16 @@ package cn.iocoder.mall.system.biz.dataobject.authorization;
import cn.iocoder.common.framework.dataobject.DeletableDO;
import com.baomidou.mybatisplus.annotation.TableName;
import lombok.Data;
import lombok.EqualsAndHashCode;
import lombok.experimental.Accessors;
/**
* {@link RoleDO} 和 {@link ResourceDO} 的关联表
*/
@TableName("role_resource")
@Data
@EqualsAndHashCode(callSuper = true)
@Accessors(chain = true)
@TableName("role_resource")
public class RoleResourceDO extends DeletableDO {
/**

4
system/system-biz/src/main/java/cn/iocoder/mall/system/biz/dataobject/user/UserDO.java
View File

@@ -1,6 +1,6 @@
package cn.iocoder.mall.system.biz.dataobject.user;
import cn.iocoder.common.framework.dataobject.BaseDO;
import cn.iocoder.common.framework.dataobject.DeletableDO;
import cn.iocoder.mall.system.biz.dataobject.account.AccountDO;
import com.baomidou.mybatisplus.annotation.TableName;
import lombok.Data;
@@ -14,7 +14,7 @@ import lombok.experimental.Accessors;
@Data
@EqualsAndHashCode(callSuper = true)
@Accessors(chain = true)
public class UserDO extends BaseDO {
public class UserDO extends DeletableDO {
/**
* 用户编号

11
system/system-biz/src/main/java/cn/iocoder/mall/system/biz/dto/authorization/AuthorizationCheckPermissionsDTO.java
View File

@@ -4,17 +4,18 @@ import lombok.Data;
import lombok.experimental.Accessors;
import javax.validation.constraints.NotNull;
import java.util.Collection;
/**
* OAuth2 模块 - 访问令牌认证 Request
* 授权模块 - 校验账号是否有权限 DTO
*/
@Data
@Accessors(chain = true)
public class AuthorizationCheckPermissionsDTO {
@NotNull(message = "访问令牌不能为空")
private String accessToken;
@NotNull(message = "IP 不能为空")
private String ip;
@NotNull(message = "账号编号不能为空")
private Integer accountId;
@NotNull(message = "权限不能为空")
private Collection<String> permissions;
}

17
system/system-biz/src/main/java/cn/iocoder/mall/system/biz/dto/authorization/RolePageDTO.java Normal file
View File

@@ -0,0 +1,17 @@
package cn.iocoder.mall.system.biz.dto.authorization;
import cn.iocoder.common.framework.vo.PageParam;
import io.swagger.annotations.ApiModel;
import io.swagger.annotations.ApiModelProperty;
import lombok.Data;
import lombok.experimental.Accessors;
@ApiModel("角色分页 DTO")
@Data
@Accessors(chain = true)
public class RolePageDTO extends PageParam {
@ApiModelProperty( value = "角色名,模糊匹配", example = "系统管理员")
private String name;
}

21
system/system-biz/src/main/java/cn/iocoder/mall/system/biz/enums/authorization/RoleCodeEnum.java Normal file
View File

@@ -0,0 +1,21 @@
package cn.iocoder.mall.system.biz.enums.authorization;
public enum RoleCodeEnum {
SUPER_ADMIN("SUPER_ADMIN"), // 超级管理员
;
/**
* 角色编码
*/
private final String code;
RoleCodeEnum(String code) {
this.code = code;
}
public String getCode() {
return code;
}
}

4
system/system-biz/src/main/java/cn/iocoder/mall/system/biz/service/admin/AdminService.java
View File

@@ -7,6 +7,8 @@ import cn.iocoder.mall.system.biz.bo.admin.AdminBO;
*/
public interface AdminService {
AdminBO get(Integer id);
AdminBO getAdmin(Integer id);
AdminBO getAdminByAccountId(Integer accountId);
}

9
system/system-biz/src/main/java/cn/iocoder/mall/system/biz/service/admin/AdminServiceImpl.java
View File

@@ -4,7 +4,6 @@ import cn.iocoder.mall.system.biz.bo.admin.AdminBO;
import cn.iocoder.mall.system.biz.convert.admin.AdminConvert;
import cn.iocoder.mall.system.biz.dao.admin.AdminMapper;
import cn.iocoder.mall.system.biz.dataobject.admin.AdminDO;
import cn.iocoder.mall.system.biz.service.admin.AdminService;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.stereotype.Service;
@@ -15,9 +14,15 @@ public class AdminServiceImpl implements AdminService {
private AdminMapper adminMapper;
@Override
public AdminBO get(Integer id) {
public AdminBO getAdmin(Integer id) {
AdminDO adminDO = adminMapper.selectById(id);
return AdminConvert.INSTANCE.convert(adminDO);
}
@Override
public AdminBO getAdminByAccountId(Integer accountId) {
AdminDO adminDO = adminMapper.selectByAccountId(accountId);
return AdminConvert.INSTANCE.convert(adminDO);
}
}

10
system/system-biz/src/main/java/cn/iocoder/mall/system/biz/service/admin/AuthorizationService.java
View File

@@ -1,10 +0,0 @@
package cn.iocoder.mall.system.biz.service.admin;
/**
* 授权 Service 接口
*/
public class AuthorizationService {
}

56
system/system-biz/src/main/java/cn/iocoder/mall/system/biz/service/authorization/AuthorizationServiceImpl.java
View File

@@ -1,14 +1,68 @@
package cn.iocoder.mall.system.biz.service.authorization;
import cn.iocoder.common.framework.util.CollectionUtil;
import cn.iocoder.common.framework.util.ServiceExceptionUtil;
import cn.iocoder.mall.system.biz.bo.authorization.ResourceBO;
import cn.iocoder.mall.system.biz.dao.authorization.AccountRoleMapper;
import cn.iocoder.mall.system.biz.dao.authorization.RoleResourceMapper;
import cn.iocoder.mall.system.biz.dataobject.authorization.AccountRoleDO;
import cn.iocoder.mall.system.biz.dataobject.authorization.RoleResourceDO;
import cn.iocoder.mall.system.biz.dto.authorization.AuthorizationCheckPermissionsDTO;
import lombok.extern.slf4j.Slf4j;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.stereotype.Service;
import java.util.List;
import java.util.Map;
import java.util.Set;
import static cn.iocoder.mall.system.biz.enums.SystemErrorCodeEnum.AUTHORIZATION_PERMISSION_DENY;
@Service
@Slf4j
public class AuthorizationServiceImpl implements AuthorizationService {
@Autowired
private AccountRoleMapper accountRoleMapper;
@Autowired
private RoleResourceMapper roleResourceMapper;
@Autowired
private RoleService roleService;
@Autowired
private ResourceService resourceService;
@Override
public void checkPermissions(AuthorizationCheckPermissionsDTO checkPermissionsDTO) {
// 查询管理员拥有的角色关联数据
List<AccountRoleDO> accountRoleDOs = accountRoleMapper.selectByAccountId(checkPermissionsDTO.getAccountId());
if (CollectionUtil.isEmpty(accountRoleDOs)) { // 如果没有角色,默认无法访问
throw ServiceExceptionUtil.exception(AUTHORIZATION_PERMISSION_DENY);
}
Set<Integer> roleIds = CollectionUtil.convertSet(accountRoleDOs, AccountRoleDO::getRoleId);
// 判断是否为超管。若是超管,默认有所有权限
if (roleService.hasSuperAdmin(roleIds)) {
return;
}
// 查询权限对应资源
List<ResourceBO> resourceBOs = resourceService.getListByPermissions(checkPermissionsDTO.getPermissions());
if (CollectionUtil.isEmpty(resourceBOs)) { // 无对应资源,则认为无需权限验证
log.warn("[checkPermissions][permission({}) 未配置对应资源]", checkPermissionsDTO.getPermissions());
return;
}
Set<Integer> permissionIds = CollectionUtil.convertSet(resourceBOs, ResourceBO::getId);
// 权限验证
List<RoleResourceDO> roleResourceDOs = roleResourceMapper.selectListByResourceIds(permissionIds);
if (CollectionUtil.isEmpty(roleResourceDOs)) { // 资源未授予任何角色,必然权限验证不通过
throw ServiceExceptionUtil.exception(AUTHORIZATION_PERMISSION_DENY);
}
Map<Integer, List<Integer>> resourceRoleMap = CollectionUtil.convertMultiMap(roleResourceDOs,
RoleResourceDO::getResourceId, RoleResourceDO::getRoleId);
for (Map.Entry<Integer, List<Integer>> entry : resourceRoleMap.entrySet()) {
if (!CollectionUtil.containsAny(roleIds, entry.getValue())) { // 所以有任一不满足,就验证失败,抛出异常
throw ServiceExceptionUtil.exception(AUTHORIZATION_PERMISSION_DENY);
}
}
}
}

8
system/system-biz/src/main/java/cn/iocoder/mall/system/biz/service/authorization/ResourceService.java
View File

@@ -1,4 +1,12 @@
package cn.iocoder.mall.system.biz.service.authorization;
import cn.iocoder.mall.system.biz.bo.authorization.ResourceBO;
import java.util.Collection;
import java.util.List;
public interface ResourceService {
List<ResourceBO> getListByPermissions(Collection<String> permissions);
}

25
system/system-biz/src/main/java/cn/iocoder/mall/system/biz/service/authorization/ResourceServiceImpl.java Normal file
View File

@@ -0,0 +1,25 @@
package cn.iocoder.mall.system.biz.service.authorization;
import cn.iocoder.mall.system.biz.bo.authorization.ResourceBO;
import cn.iocoder.mall.system.biz.convert.authorization.ResourceConvert;
import cn.iocoder.mall.system.biz.dao.authorization.ResourceMapper;
import cn.iocoder.mall.system.biz.dataobject.authorization.ResourceDO;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.stereotype.Service;
import java.util.Collection;
import java.util.List;
@Service
public class ResourceServiceImpl implements ResourceService {
@Autowired
private ResourceMapper resourceMapper;
@Override
public List<ResourceBO> getListByPermissions(Collection<String> permissions) {
List<ResourceDO> resourceDOs = resourceMapper.selectListByPermissions(permissions);
return ResourceConvert.INSTANCE.convertList(resourceDOs);
}
}

16
system/system-biz/src/main/java/cn/iocoder/mall/system/biz/service/authorization/RoleService.java
View File

@@ -1,4 +1,20 @@
package cn.iocoder.mall.system.biz.service.authorization;
import cn.iocoder.mall.system.biz.bo.authorization.RoleBO;
import java.util.Collection;
import java.util.List;
public interface RoleService {
List<RoleBO> getRoleList(Collection<Integer> ids);
/**
* 判断指定角色是否包含超级管理员角色
*
* @param ids 角色编号数组
* @return 是否有超级管理员角色
*/
boolean hasSuperAdmin(Collection<Integer> ids);
}

37
system/system-biz/src/main/java/cn/iocoder/mall/system/biz/service/authorization/RoleServiceImpl.java Normal file
View File

@@ -0,0 +1,37 @@
package cn.iocoder.mall.system.biz.service.authorization;
import cn.iocoder.mall.system.biz.bo.authorization.RoleBO;
import cn.iocoder.mall.system.biz.convert.authorization.RoleConvert;
import cn.iocoder.mall.system.biz.dao.authorization.RoleMapper;
import cn.iocoder.mall.system.biz.dataobject.authorization.RoleDO;
import cn.iocoder.mall.system.biz.enums.authorization.RoleCodeEnum;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.stereotype.Service;
import java.util.Collection;
import java.util.List;
@Service
public class RoleServiceImpl implements RoleService {
@Autowired
private RoleMapper roleMapper;
@Override
public List<RoleBO> getRoleList(Collection<Integer> ids) {
List<RoleDO> roleDOs = roleMapper.selectBatchIds(ids);
return RoleConvert.INSTANCE.convertList(roleDOs);
}
@Override
public boolean hasSuperAdmin(Collection<Integer> ids) {
List<RoleDO> roleDOs = roleMapper.selectBatchIds(ids);
for (RoleDO roleDO : roleDOs) {
if (RoleCodeEnum.SUPER_ADMIN.getCode().equals(roleDO.getCode())) {
return true;
}
}
return false;
}
}

3
system/system-biz/src/main/java/cn/iocoder/mall/system/biz/service/user/UserService.java
View File

@@ -1,6 +1,7 @@
package cn.iocoder.mall.system.biz.service.user;
import cn.iocoder.mall.system.biz.bo.user.UserAuthenticateBO;
import cn.iocoder.mall.system.biz.bo.user.UserBO;
import cn.iocoder.mall.system.biz.dto.oatuh2.OAuth2MobileCodeAuthenticateDTO;
/**
@@ -10,4 +11,6 @@ public interface UserService {
UserAuthenticateBO authenticate(OAuth2MobileCodeAuthenticateDTO authenticateDTO);
UserBO getUserByAccountId(Integer accountId);
}

8
system/system-biz/src/main/java/cn/iocoder/mall/system/biz/service/user/UserServiceImpl.java
View File

@@ -1,5 +1,6 @@
package cn.iocoder.mall.system.biz.service.user;
import cn.iocoder.common.framework.constant.DeletedStatusEnum;
import cn.iocoder.mall.system.biz.bo.ouath2.OAuth2AccessTokenBO;
import cn.iocoder.mall.system.biz.bo.user.UserAuthenticateBO;
import cn.iocoder.mall.system.biz.bo.user.UserBO;
@@ -36,9 +37,16 @@ public class UserServiceImpl implements UserService {
return UserConvert.INSTANCE.convert(userBO, accessTokenBO);
}
@Override
public UserBO getUserByAccountId(Integer accountId) {
UserDO userDO = userMapper.selectById(accountId);
return UserConvert.INSTANCE.convert(userDO);
}
private UserDO creatUser(Integer accountId) {
UserDO user = new UserDO();
user.setAccountId(accountId);
user.setDeleted(DeletedStatusEnum.DELETED_NO.getValue());
userMapper.insert(user);
return user;
}

1
system/system-biz/src/main/resources/biz.yaml
View File

@@ -17,4 +17,3 @@ mybatis-plus:
logic-not-delete-value: 0 # 逻辑未删除值(默认为 0)
mapper-locations: classpath*:mapper/*.xml
type-aliases-package: cn.iocoder.mall.system.biz.dataobject

14
system/system-biz/src/main/resources/mapper/AdminRoleMapper.xml Normal file
View File

@@ -0,0 +1,14 @@
<?xml version="1.0" encoding="UTF-8"?>
<!DOCTYPE mapper PUBLIC "-//mybatis.org//DTD Mapper 3.0//EN" "http://mybatis.org/dtd/mybatis-3-mapper.dtd">
<mapper namespace="cn.iocoder.mall.system.biz.dao.authorization.AccountRoleMapper">
<insert id="insertList">
INSERT INTO account_role (
account_id, role_id, create_time, deleted
) VALUES
<foreach collection="accountRoleDOs" item="accountRole" separator=",">
(#{accountRole.accountId}, #{accountRole.roleId}, #{accountRole.createTime}, #{accountRole.deleted})
</foreach>
</insert>
</mapper>

27
system/system-biz/src/main/resources/mapper/ResourceMapper.xml Normal file
View File

@@ -0,0 +1,27 @@
<?xml version="1.0" encoding="UTF-8"?>
<!DOCTYPE mapper PUBLIC "-//mybatis.org//DTD Mapper 3.0//EN" "http://mybatis.org/dtd/mybatis-3-mapper.dtd">
<mapper namespace="cn.iocoder.mall.admin.dao.ResourceMapper">
<sql id="FIELDS">
id, type, sort, display_name, icon, permissions,
create_time, pid, handler
</sql>
<select id="selectListByTypeAndRoleIds" resultType="ResourceDO">
SELECT
r.id, r.type, r.sort, r.display_name,
r.create_time, r.pid, r.handler
FROM resource r, role_resource rr
WHERE r.deleted = 0
AND rr.deleted = 0
<if test="type != null">
AND r.type = #{type}
</if>
AND rr.role_id IN
<foreach item="roleId" collection="roleIds" separator="," open="(" close=")" index="">
#{roleId}
</foreach>
AND r.id = rr.resource_id
</select>
</mapper>

14
system/system-biz/src/main/resources/mapper/RoleResourceMapper.xml Normal file
View File

@@ -0,0 +1,14 @@
<?xml version="1.0" encoding="UTF-8"?>
<!DOCTYPE mapper PUBLIC "-//mybatis.org//DTD Mapper 3.0//EN" "http://mybatis.org/dtd/mybatis-3-mapper.dtd">
<mapper namespace="cn.iocoder.mall.admin.dao.RoleResourceMapper">
<insert id="insertList">
INSERT INTO role_resource (
resource_id, role_id, create_time, deleted
) VALUES
<foreach collection="roleResources" item="roleResource" separator=",">
(#{roleResource.resourceId}, #{roleResource.roleId}, #{roleResource.createTime}, #{roleResource.deleted})
</foreach>
</insert>
</mapper>