优化权限配置

hsweb-authorization/hsweb-authorization-api/src/main/java/org/hswebframework/web/authorization/listener/AuthorizationListenerDispatcher.java

@@ -35,15 +35,17 @@ public class AuthorizationListenerDispatcher {
     }
 
     @SuppressWarnings("unchecked")
-    public <E extends AuthorizationEvent> void doEvent(Class<E> eventType, E event) {
+    public <E extends AuthorizationEvent> int doEvent(Class<E> eventType, E event) {
         List<AuthorizationListener<E>> store = (List) listenerStore.get(eventType);
         if (null != store) {
             store.forEach(listener -> listener.on(event));
+            return store.size();
         }
+        return 0;
     }
 
     @SuppressWarnings("unchecked")
-    public <E extends AuthorizationEvent> void doEvent(E event) {
-        doEvent((Class<E>) event.getClass(), event);
+    public <E extends AuthorizationEvent> int doEvent(E event) {
+        return doEvent((Class<E>) event.getClass(), event);
     }
 }

hsweb-commons/hsweb-commons-entity/src/main/java/org/hswebframework/web/commons/entity/TreeSupportEntity.java

@@ -87,6 +87,12 @@ public interface TreeSupportEntity<PK> extends GenericEntity<PK> {
             parent.setPath(RandomUtil.randomChar(4));
             if (parent.getPath() != null)
                 parent.setLevel(parent.getPath().split("-").length);
+            if (parent instanceof SortSupportEntity) {
+                Long index = ((SortSupportEntity) parent).getSortIndex();
+                if (null == index) {
+                    ((SortSupportEntity) parent).setSortIndex(1L);
+                }
+            }
         }
         if (children != null) {
             PK pid = parent.getId();

hsweb-commons/hsweb-commons-service/hsweb-commons-service-simple/src/main/java/org/hswebframework/web/service/GenericEntityService.java

@@ -25,6 +25,7 @@ import org.hswebframework.web.id.IDGenerator;
 import org.hswebframework.utils.ClassUtils;
 import org.springframework.transaction.annotation.Transactional;
 
+import java.util.ArrayList;
 import java.util.List;
 
 /**
@@ -117,6 +118,7 @@ public abstract class GenericEntityService<E extends GenericEntity<PK>, PK>
 
     @Override
     public List<E> selectByPk(List<PK> id) {
+        if (id == null || id.isEmpty()) return new ArrayList<>();
         return createQuery().where().in(GenericEntity.id, id).listNoPaging();
     }
 }

hsweb-examples/hsweb-examples-simple/src/main/java/org/hswebframework/web/example/simple/SpringBootExample.java

@@ -89,7 +89,9 @@ import java.util.stream.Stream;
 @EnableCaching
 @EnableAspectJAutoProxy
 @EnableAccessLogger
-public class SpringBootExample implements CommandLineRunner {
+public class SpringBootExample
+//        implements CommandLineRunner
+{
 
     @Bean
     public AccessLoggerListener accessLoggerListener() {
@@ -172,7 +174,7 @@ public class SpringBootExample implements CommandLineRunner {
         SpringApplication.run(SpringBootExample.class);
     }
 
-    @Override
+//    @Override
     public void run(String... strings) throws Exception {
         //只能查询自己创建的数据
         DataAccessEntity accessEntity = new DataAccessEntity();
@@ -213,6 +215,7 @@ public class SpringBootExample implements CommandLineRunner {
 //        permission.setDataAccess(Arrays.asList(accessEntity, updateAccessEntity, denyUpdateFields, denyUpdateFields, onlyDepartmentData));
         permissionService.insert(permission);
 
+
         //角色
         BindPermissionRoleEntity<PermissionRoleEntity> roleEntity = entityFactory.newInstance(BindPermissionRoleEntity.class);
         SimplePermissionRoleEntity permissionRoleEntity = new SimplePermissionRoleEntity();

hsweb-examples/hsweb-examples-simple/src/main/resources/application.yml

@@ -4,7 +4,7 @@ spring:
         auto: true
         proxy-target-class: true
     datasource:
-       url : jdbc:h2:mem:examples
+       url : jdbc:h2:file:./data
        username : sa
        password :
        type: com.alibaba.druid.pool.DruidDataSource

hsweb-system/hsweb-system-authorization/hsweb-system-authorization-controller/src/main/java/org/hswebframework/web/controller/authorization/AuthorizationController.java

@@ -32,6 +32,8 @@ import org.hswebframework.web.controller.message.ResponseMessage;
 import org.hswebframework.web.entity.authorization.UserEntity;
 import org.hswebframework.web.logging.AccessLogger;
 import org.hswebframework.web.service.authorization.UserService;
+import org.slf4j.Logger;
+import org.slf4j.LoggerFactory;
 import org.springframework.beans.factory.annotation.Autowired;
 import org.springframework.web.bind.annotation.*;
 
@@ -49,6 +51,8 @@ import static org.hswebframework.web.controller.message.ResponseMessage.ok;
 @Api(tags = "hsweb-authorization", description = "提供基本的授权功能")
 public class AuthorizationController {
 
+    private Logger logger = LoggerFactory.getLogger(this.getClass());
+
     @Autowired
     private UserService userService;
 
@@ -107,7 +111,10 @@ public class AuthorizationController {
             // 验证通过
             Authentication authentication = authenticationInitializeService.initUserAuthorization(entity.getId());
             AuthorizationSuccessEvent event = new AuthorizationSuccessEvent(authentication, parameterGetter);
-            authorizationListenerDispatcher.doEvent(event);
+            int size = authorizationListenerDispatcher.doEvent(event);
+            if (size == 0) {
+                logger.warn("not found any AuthorizationSuccessEvent,access control maybe disabled!");
+            }
             return ok(entity.getId());
         } catch (Exception e) {
             AuthorizationFailedEvent failedEvent = new AuthorizationFailedEvent(username, password, parameterGetter, reason);

hsweb-system/hsweb-system-authorization/hsweb-system-authorization-controller/src/main/java/org/hswebframework/web/controller/authorization/AuthorizationSettingController.java

@@ -17,13 +17,18 @@
 
 package org.hswebframework.web.controller.authorization;
 
+import org.hswebframework.web.authorization.Permission;
 import org.hswebframework.web.authorization.annotation.Authorize;
 import org.hswebframework.web.commons.entity.param.QueryParamEntity;
 import org.hswebframework.web.controller.GenericEntityController;
+import org.hswebframework.web.controller.SimpleGenericEntityController;
+import org.hswebframework.web.controller.message.ResponseMessage;
 import org.hswebframework.web.entity.authorization.AuthorizationSettingEntity;
 import org.hswebframework.web.logging.AccessLogger;
 import org.hswebframework.web.service.authorization.AuthorizationSettingService;
 import org.springframework.beans.factory.annotation.Autowired;
+import org.springframework.web.bind.annotation.GetMapping;
+import org.springframework.web.bind.annotation.PathVariable;
 import org.springframework.web.bind.annotation.RequestMapping;
 import org.springframework.web.bind.annotation.RestController;
 
@@ -36,15 +41,10 @@ import org.springframework.web.bind.annotation.RestController;
 @RequestMapping("${hsweb.web.mappings.autz-setting:autz-setting}")
 @Authorize(permission = "autz-setting")
 @AccessLogger("权限设置")
-public class AuthorizationSettingController implements GenericEntityController<AuthorizationSettingEntity, String, QueryParamEntity, AuthorizationSettingEntity> {
+public class AuthorizationSettingController implements SimpleGenericEntityController<AuthorizationSettingEntity, String, QueryParamEntity> {
 
     private AuthorizationSettingService authorizationSettingService;
 
-    @Override
-    public AuthorizationSettingEntity modelToEntity(AuthorizationSettingEntity model, AuthorizationSettingEntity entity) {
-        return model;
-    }
-
     @Autowired
     public void setAuthorizationSettingService(AuthorizationSettingService authorizationSettingService) {
         this.authorizationSettingService = authorizationSettingService;
@@ -54,4 +54,11 @@ public class AuthorizationSettingController implements GenericEntityController<A
     public AuthorizationSettingService getService() {
         return authorizationSettingService;
     }
+
+    @GetMapping("/{type}/{settingFor}")
+    @Authorize(action = Permission.ACTION_GET)
+    @AccessLogger("根据type和settingFor获取配置")
+    public ResponseMessage<AuthorizationSettingEntity> select(@PathVariable String type, @PathVariable String settingFor) {
+        return ResponseMessage.ok(authorizationSettingService.select(type, settingFor));
+    }
 }

hsweb-system/hsweb-system-authorization/hsweb-system-authorization-controller/src/main/java/org/hswebframework/web/controller/authorization/MenuController.java

@@ -55,8 +55,6 @@ public class MenuController implements SimpleGenericEntityController<MenuEntity,
 
     private MenuService menuService;
 
-    private MenuGroupService menuGroupService;
-
     private UserMenuManagerService userMenuManagerService;
 
     @Autowired
@@ -64,11 +62,6 @@ public class MenuController implements SimpleGenericEntityController<MenuEntity,
         this.menuService = menuService;
     }
 
-    @Autowired
-    public void setMenuGroupService(MenuGroupService menuGroupService) {
-        this.menuGroupService = menuGroupService;
-    }
-
     @Autowired
     public void setUserMenuManagerService(UserMenuManagerService userMenuManagerService) {
         this.userMenuManagerService = userMenuManagerService;

hsweb-system/hsweb-system-authorization/hsweb-system-authorization-dao/hsweb-system-authorization-dao-mybatis/src/main/resources/org/hswebframework/web/dao/mybatis/mappers/authorization/AuthorizationSettingDetailMapper.xml

@@ -45,6 +45,10 @@
         delete from s_autz_detail where u_id =#{id}
     </delete>
 
+    <select id="selectBySettingId" parameterType="String" resultMap="AuthorizationSettingDetailResultMap">
+        select * from s_autz_detail where setting_id =#{setting_id}
+    </select>
+
     <delete id="delete" parameterType="org.hswebframework.web.commons.entity.Entity">
         <include refid="config"/>
         <include refid="BasicMapper.buildDeleteSql"/>

hsweb-system/hsweb-system-authorization/hsweb-system-authorization-dao/hsweb-system-authorization-dao-mybatis/src/main/resources/org/hswebframework/web/dao/mybatis/mappers/authorization/AuthorizationSettingMapper.xml

@@ -21,10 +21,12 @@
 <mapper namespace="org.hswebframework.web.dao.authorization.AuthorizationSettingDao">
     <resultMap id="AuthorizationSettingResultMap" type="org.hswebframework.web.entity.authorization.SimpleAuthorizationSettingEntity">
         <id property="id" column="u_id" javaType="string" jdbcType="VARCHAR"/>
-            <result property="type" column="type" javaType="String" jdbcType="VARCHAR"/>
-            <result property="settingFor" column="setting_for" javaType="String" jdbcType="VARCHAR"/>
-            <result property="status" column="status" javaType="Byte" jdbcType="DECIMAL"/>
-            <result property="describe" column="describe" javaType="String" jdbcType="VARCHAR"/>
+        <result property="type" column="type" javaType="String" jdbcType="VARCHAR"/>
+        <result property="settingFor" column="setting_for" javaType="String" jdbcType="VARCHAR"/>
+        <result property="status" column="status" javaType="Byte" jdbcType="DECIMAL"/>
+        <result property="describe" column="describe" javaType="String" jdbcType="VARCHAR"/>
+        <collection property="menus" column="u_id" select="org.hswebframework.web.dao.authorization.AuthorizationSettingMenuDao.selectBySettingId"/>
+        <collection property="details" column="u_id" select="org.hswebframework.web.dao.authorization.AuthorizationSettingDetailDao.selectBySettingId"/>
     </resultMap>
 
     <!--用于动态生成sql所需的配置-->
@@ -32,8 +34,8 @@
         <bind name="resultMapId" value="'AuthorizationSettingResultMap'"/>
         <bind name="tableName" value="'s_autz_setting'"/>
     </sql>
-  
-    <insert id="insert" parameterType="org.hswebframework.web.entity.authorization.SimpleAuthorizationSettingEntity" >
+
+    <insert id="insert" parameterType="org.hswebframework.web.entity.authorization.SimpleAuthorizationSettingEntity">
         <include refid="config"/>
         <include refid="BasicMapper.buildInsertSql"/>
     </insert>

hsweb-system/hsweb-system-authorization/hsweb-system-authorization-dao/hsweb-system-authorization-dao-mybatis/src/main/resources/org/hswebframework/web/dao/mybatis/mappers/authorization/AuthorizationSettingMenuMapper.xml

@@ -46,6 +46,11 @@
         delete from s_autz_menu where u_id =#{id}
     </delete>
 
+    <select id="selectBySettingId" parameterType="String" resultMap="AuthorizationSettingMenuResultMap">
+        select * from s_autz_menu where setting_id =#{setting_id}
+    </select>
+
+
     <delete id="delete" parameterType="org.hswebframework.web.commons.entity.Entity">
         <include refid="config"/>
         <include refid="BasicMapper.buildDeleteSql"/>

hsweb-system/hsweb-system-authorization/hsweb-system-authorization-entity/src/main/java/org/hswebframework/web/entity/authorization/AuthorizationSettingMenuEntity.java

@@ -16,7 +16,6 @@
  */
 package org.hswebframework.web.entity.authorization;
 
-import org.hswebframework.web.commons.entity.GenericEntity;
 import org.hswebframework.web.commons.entity.TreeSortSupportEntity;
 
 import java.util.List;

hsweb-system/hsweb-system-authorization/hsweb-system-authorization-entity/src/main/java/org/hswebframework/web/entity/authorization/SimpleAuthorizationSettingMenuEntity.java

@@ -100,7 +100,7 @@ public class SimpleAuthorizationSettingMenuEntity extends SimpleTreeSortSupportE
     }
 
     @Override
-    public void setChildren(List<AuthorizationSettingMenuEntity> chidren) {
+    public void setChildren(List<AuthorizationSettingMenuEntity> children) {
         this.children = children;
     }
 }

hsweb-system/hsweb-system-authorization/hsweb-system-authorization-service/hsweb-system-authorization-service-simple/src/main/java/org/hswebframework/web/service/authorization/simple/SimpleAuthorizationSettingService.java

@@ -88,14 +88,15 @@ public class SimpleAuthorizationSettingService extends GenericEntityService<Auth
 
     @Override
     public AuthorizationSettingEntity select(String type, String settingFor) {
-        Objects.requireNonNull(type);
-        Objects.requireNonNull(settingFor);
+        tryValidateProperty(type != null, AuthorizationSettingEntity.type, "{can not be null}");
+        tryValidateProperty(settingFor != null, AuthorizationSettingEntity.settingFor, "{can not be null}");
         return createQuery().where(AuthorizationSettingEntity.type, type)
                 .and(AuthorizationSettingEntity.settingFor, settingFor)
                 .single();
     }
 
     @Override
+    @CacheEvict(allEntries = true)
     public String saveOrUpdate(AuthorizationSettingEntity entity) {
         AuthorizationSettingEntity old = select(entity.getType(), entity.getSettingFor());
         if (old != null) {
@@ -148,6 +149,7 @@ public class SimpleAuthorizationSettingService extends GenericEntityService<Auth
                     .where(AuthorizationSettingDetailEntity.settingId, id)
                     .exec();
             for (AuthorizationSettingDetailEntity detail : entity.getDetails()) {
+                detail.setId(getIDGenerator().generate());
                 detail.setSettingId(id);
                 detail.setStatus(DataStatus.STATUS_ENABLED);
                 authorizationSettingDetailDao.insert(detail);
@@ -180,7 +182,7 @@ public class SimpleAuthorizationSettingService extends GenericEntityService<Auth
                                 .where(type, entry.getKey())
                                 .and()
                                 .in(settingFor, entry.getValue().stream().map(SettingInfo::getSettingFor).collect(Collectors.toList()))
-                                .list())
+                                .listNoPaging())
                 .flatMap(List::stream)
                 .collect(Collectors.toList());
     }
@@ -204,25 +206,38 @@ public class SimpleAuthorizationSettingService extends GenericEntityService<Auth
                 .map(AuthorizationSettingMenuEntity::getMenuId)
                 .distinct()
                 .collect(Collectors.toList());
+        if (menuIdList.isEmpty()) return new ArrayList<>();
         //获取全部菜单,并创建缓存备用
         Map<String, MenuEntity> menuCache = menuService
                 .selectByPk(menuIdList)
                 .stream()
                 .collect(Collectors.toMap(MenuEntity::getId, Function.identity()));
+
         //根据配置,重新构造菜单结构
         List<UserMenuEntity> reBuildMenu = new LinkedList<>();
-        for (AuthorizationSettingMenuEntity entity : menuEntities) {
-            MenuEntity cache = menuCache.get(entity.getId());
-            if (null != cache && cache.getStatus() == 1) {
-                UserMenuEntity menu = entityFactory.newInstance(UserMenuEntity.class, cache);
-                menu.setSortIndex(entity.getSortIndex());
-                menu.setLevel(entity.getLevel());
-                menu.setId(entity.getId());
-                menu.setParentId(entity.getParentId());
-                menu.setMenuId(cache.getId());
-                reBuildMenu.add(menu);
-            }
+        for (MenuEntity menuEntity : menuCache.values()) {
+            UserMenuEntity menu = entityFactory.newInstance(UserMenuEntity.class, menuEntity);
+            menu.setSortIndex(menuEntity.getSortIndex());
+            menu.setLevel(menuEntity.getLevel());
+            menu.setId(menuEntity.getId());
+            menu.setParentId(menuEntity.getParentId());
+            menu.setMenuId(menuEntity.getId());
+            reBuildMenu.add(menu);
         }
+
+//        for (AuthorizationSettingMenuEntity entity : menuEntities) {
+//            MenuEntity cache = menuCache.get(entity.getMenuId());
+//            if (null != cache && DataStatus.STATUS_ENABLED.equals(cache.getStatus())) {
+//                UserMenuEntity menu = entityFactory.newInstance(UserMenuEntity.class, cache);
+//                menu.setSortIndex(entity.getSortIndex());
+//                menu.setLevel(entity.getLevel());
+//                menu.setId(entity.getId());
+//                menu.setParentId(entity.getParentId());
+//                menu.setMenuId(cache.getId());
+//                reBuildMenu.add(menu);
+//            }
+//        }
+        Collections.sort(reBuildMenu);
         return reBuildMenu;
     }
 
@@ -262,7 +277,7 @@ public class SimpleAuthorizationSettingService extends GenericEntityService<Auth
                 .createQuery(authorizationSettingDetailDao)
                 .where(AuthorizationSettingDetailEntity.status, STATE_OK)
                 .and().in(AuthorizationSettingDetailEntity.settingId, settingIdList)
-                .list();
+                .listNoPaging();
         //权限
         Map<String, List<AuthorizationSettingDetailEntity>> settings = detailList
                 .stream()

hsweb-system/hsweb-system-authorization/hsweb-system-authorization-service/hsweb-system-authorization-service-simple/src/main/java/org/hswebframework/web/service/authorization/simple/SimpleUserService.java

@@ -77,7 +77,14 @@ public class SimpleUserService extends AbstractService<UserEntity, String>
     @Transactional(readOnly = true)
     public UserEntity selectByPk(String id) {
         tryValidateProperty(StringUtils.hasLength(id), UserEntity.id, "id:{not_be_null}");
-        return createQuery().where(UserEntity.id, id).single();
+        UserEntity userEntity=createQuery().where(UserEntity.id, id).single();
+        if(null!=userEntity){
+            List<String> roleId= userRoleDao.selectByUserId(id).stream().map(UserRoleEntity::getRoleId).collect(Collectors.toList());
+            BindRoleUserEntity roleUserEntity=entityFactory.newInstance(BindRoleUserEntity.class,userEntity);
+            roleUserEntity.setRoles(roleId);
+            return roleUserEntity;
+        }
+        return null;
     }
 
     @Override

hsweb-system/hsweb-system-authorization/hsweb-system-authorization-starter/src/main/resources/hsweb-starter.js

@@ -69,8 +69,8 @@ function install(context) {
     database.createOrAlter("s_permission_role")
         .addColumn().name("role_id").varchar(32).notNull().comment("角色ID").commit()
         .addColumn().name("permission_id").varchar(32).notNull().comment("权限ID").commit()
-        .addColumn().name("actions").clob().notNull().comment("可选操作").commit()
-        .addColumn().name("data_access").clob().notNull().comment("数据级控制配置").commit()
+        .addColumn().name("actions").clob().comment("可选操作").commit()
+        .addColumn().name("data_access").clob().comment("数据级控制配置").commit()
         .comment("权限与角色关联表").commit();
 
     database.createOrAlter("s_user_role")
@@ -83,8 +83,8 @@ function install(context) {
         .addColumn().name("u_id").varchar(32).notNull().primaryKey().comment("uid").commit()
         .addColumn().name("type").varchar(32).notNull().comment("权限类型").commit()
         .addColumn().name("setting_for").varchar(64).notNull().comment("设置给谁").commit()
-        .addColumn().name("describe").varchar(256).notNull().comment("备注").commit()
-        .addColumn().name("status").number(4, 0).notNull().comment("设置给谁").commit()
+        .addColumn().name("describe").varchar(256).comment("备注").commit()
+        .addColumn().name("status").number(4, 0).comment("设置给谁").commit()
         .comment("权限设置表").commit();
 
     database.createOrAlter("s_autz_detail")