首页 发现 帮助
登录
iot
/
hsweb-framework
4
0
派生 0
文件 工单管理 0 合并请求 0 Wiki
浏览代码

增加根据permission来设置权限

zhou-hao 5 年之前
父节点
58bffcc9a6
当前提交
6c4b054563
共有 4 个文件被更改,包括 135 次插入10 次删除
分列视图 显示文件统计
  1. 1 1
      hsweb-system/hsweb-system-authorization/hsweb-system-authorization-api/src/main/java/org/hswebframework/web/entity/authorization/AuthorizationSettingEntity.java
  2. 26 0
      hsweb-system/hsweb-system-authorization/hsweb-system-authorization-api/src/main/java/org/hswebframework/web/service/authorization/AuthorizationSettingService.java
  3. 77 0
      hsweb-system/hsweb-system-authorization/hsweb-system-authorization-local/src/main/java/org/hswebframework/web/service/authorization/simple/SimpleAuthorizationSettingService.java
  4. 31 9
      hsweb-system/hsweb-system-authorization/hsweb-system-authorization-web/src/main/java/org/hswebframework/web/authorization/controller/AuthorizationSettingController.java

+ 1 - 1
hsweb-system/hsweb-system-authorization/hsweb-system-authorization-api/src/main/java/org/hswebframework/web/entity/authorization/AuthorizationSettingEntity.java
查看文件 

@@ -32,7 +32,7 @@ public interface AuthorizationSettingEntity extends GenericEntity<String> {
 
     |                属性名常量                |
 
     ===========================================*/
 
     /**
 
-     * 设置类型,如: role
 
+     * 设置类型(维度),如: role
 
      *
 
      * @see org.hswebframework.web.service.authorization.AuthorizationSettingTypeSupplier
 
      */

+ 26 - 0
hsweb-system/hsweb-system-authorization/hsweb-system-authorization-api/src/main/java/org/hswebframework/web/service/authorization/AuthorizationSettingService.java
查看文件 

@@ -41,6 +41,32 @@ public interface AuthorizationSettingService extends CrudService<AuthorizationSe
 
      */
 
     AuthorizationSettingEntity select(String type, String settingFor);
 
 
+    /**
 
+     * 根据权限ID获取所有维度的权限设置,{@link AuthorizationSettingEntity#getDetails()}中只包含对应权限的信息,不会包含全部信息
 
+     *
 
+     * @param permissionId 权限ID
 
+     * @return 配置了权限的全部权限设置信息
 
+     * @since 3.0.9
 
+     */
 
+    List<AuthorizationSettingEntity> selectByPermissionId(String permissionId);
 
+
 
+    /**
 
+     * 合并保存权限信息,如果权限信息不存在则新增,如果已存在,则合并,而不是覆盖
 
+     *
 
+     * @param settings 权限信息集合
 
+     * @since 3.0.9
 
+     */
 
+    void mergeSetting(List<AuthorizationSettingEntity> settings);
 
+
 
+    /**
 
+     * 删除权限设置的单个权限
 
+     *
 
+     * @param settingId    权限设置ID
 
+     * @param permissionId 权限ID
 
+     * @since 3.0.9
 
+     */
 
+    void deleteDetail(String settingId, String permissionId);
 
+
 
     /**
 
      * 根据类型和被设置者初始化对应的权限信息
 
      *

+ 77 - 0
hsweb-system/hsweb-system-authorization/hsweb-system-authorization-local/src/main/java/org/hswebframework/web/service/authorization/simple/SimpleAuthorizationSettingService.java
查看文件 

@@ -26,14 +26,17 @@ import org.hswebframework.web.authorization.simple.SimpleAuthentication;
 
 import org.hswebframework.web.authorization.simple.SimplePermission;
 
 import org.hswebframework.web.authorization.simple.SimpleRole;
 
 import org.hswebframework.web.authorization.simple.SimpleUser;
 
+import org.hswebframework.web.bean.FastBeanCopier;
 
 import org.hswebframework.web.commons.entity.DataStatus;
 
 import org.hswebframework.web.commons.entity.TreeSupportEntity;
 
+import org.hswebframework.web.commons.entity.factory.EntityFactory;
 
 import org.hswebframework.web.dao.authorization.AuthorizationSettingDao;
 
 import org.hswebframework.web.dao.authorization.AuthorizationSettingDetailDao;
 
 import org.hswebframework.web.entity.authorization.*;
 
 import org.hswebframework.web.id.IDGenerator;
 
 import org.hswebframework.web.service.DefaultDSLDeleteService;
 
 import org.hswebframework.web.service.DefaultDSLQueryService;
 
+import org.hswebframework.web.service.DefaultDSLUpdateService;
 
 import org.hswebframework.web.service.GenericEntityService;
 
 import org.hswebframework.web.service.authorization.*;
 
 import org.hswebframework.web.service.authorization.AuthorizationSettingTypeSupplier.SettingInfo;
 
@@ -44,6 +47,7 @@ import org.springframework.cache.annotation.CacheEvict;
 
 import org.springframework.cache.annotation.Cacheable;
 
 import org.springframework.cache.annotation.Caching;
 
 import org.springframework.stereotype.Service;
 
+import org.springframework.transaction.annotation.Transactional;
 
 import org.springframework.transaction.event.TransactionalEventListener;
 
 import org.springframework.util.CollectionUtils;
 
 import org.springframework.util.StringUtils;
 
@@ -54,12 +58,14 @@ import java.util.function.Predicate;
 
 import java.util.stream.Collectors;
 
 import java.util.stream.Stream;
 
 
+import static java.util.Optional.*;
 
 import static org.apache.commons.collections.CollectionUtils.isEmpty;
 
 import static org.apache.commons.collections.CollectionUtils.isNotEmpty;
 
 import static org.hswebframework.web.commons.entity.DataStatus.STATUS_ENABLED;
 
 import static org.hswebframework.web.entity.authorization.AuthorizationSettingDetailEntity.*;
 
 import static org.hswebframework.web.entity.authorization.AuthorizationSettingEntity.settingFor;
 
 import static org.hswebframework.web.entity.authorization.AuthorizationSettingEntity.type;
 
+import static org.hswebframework.web.service.DefaultDSLDeleteService.*;
 
 import static org.hswebframework.web.service.authorization.simple.CacheConstants.USER_AUTH_CACHE_NAME;
 
 import static org.hswebframework.web.service.authorization.simple.CacheConstants.USER_MENU_CACHE_NAME;
 
 
@@ -181,6 +187,77 @@ public class SimpleAuthorizationSettingService extends GenericEntityService<Auth
 
         return super.deleteByPk(id);
 
     }
 
 
+    @Override
 
+    @CacheEvict(cacheNames = {CacheConstants.USER_AUTH_CACHE_NAME, CacheConstants.USER_MENU_CACHE_NAME}, allEntries = true)
 
+    public void deleteDetail(String settingId, String permissionId) {
 
+
 
+        DefaultDSLDeleteService.createDelete(authorizationSettingDetailDao)
 
+                .where(AuthorizationSettingDetailEntity.settingId, settingId)
 
+                .and(AuthorizationSettingDetailEntity.permissionId, permissionId)
 
+                .exec();
 
+    }
 
+
 
+    @Override
 
+    @CacheEvict(cacheNames = {CacheConstants.USER_AUTH_CACHE_NAME, CacheConstants.USER_MENU_CACHE_NAME}, allEntries = true)
 
+    public void mergeSetting(List<AuthorizationSettingEntity> settings) {
 
+        for (AuthorizationSettingEntity setting : settings) {
 
+            if (select(setting.getType(), setting.getSettingFor()) == null) {
 
+                insert(setting);
 
+                continue;
 
+            }
 
+            if (!CollectionUtils.isEmpty(setting.getDetails())) {
 
+                for (AuthorizationSettingDetailEntity detail : setting.getDetails()) {
 
+                    detail.setSettingId(setting.getId());
 
+                    int i = DefaultDSLUpdateService
 
+                            .createUpdate(authorizationSettingDetailDao, detail)
 
+                            .where(detail::getSettingId)
 
+                            .and(detail::getPermissionId)
 
+                            .exec();
 
+                    if (i == 0) {
 
+                        detail.setId(IDGenerator.MD5.generate());
 
+                        authorizationSettingDetailDao.insert(detail);
 
+                    }
 
+                }
 
+            } else if (!CollectionUtils.isEmpty(setting.getMenus())) {
 
+                for (AuthorizationSettingMenuEntity menu : setting.getMenus()) {
 
+                    menu.setSettingId(setting.getId());
 
+                    authorizationSettingMenuService.saveOrUpdate(menu);
 
+                }
 
+            }
 
+        }
 
+    }
 
+
 
+    @Transactional(readOnly = true)
 
+    public List<AuthorizationSettingEntity> selectByPermissionId(String permissionId) {
 
+        List<AuthorizationSettingDetailEntity> detailEntities = DefaultDSLQueryService
 
+                .createQuery(authorizationSettingDetailDao)
 
+                .where(AuthorizationSettingDetailEntity::getPermissionId, permissionId)
 
+                .listNoPaging();
 
+
 
+        if (CollectionUtils.isEmpty(detailEntities)) {
 
+            return new ArrayList<>();
 
+        }
 
+
 
+        List<String> settingIdList = detailEntities
 
+                .stream()
 
+                .map(AuthorizationSettingDetailEntity::getPermissionId)
 
+                .collect(Collectors.toList());
 
+
 
+        List<AuthorizationSettingEntity> allSettings = selectByPk(settingIdList)
 
+                .stream()
 
+                //复制为新对象,防止加载一些没用的信息
 
+                .map(entity -> FastBeanCopier.copy(entity, entityFactory.newInstance(AuthorizationSettingEntity.class), "details", "menus"))
 
+                .collect(Collectors.toList());
 
+
 
+        Map<String, List<AuthorizationSettingDetailEntity>> details = detailEntities.stream()
 
+                .collect(Collectors.groupingBy(AuthorizationSettingDetailEntity::getSettingId));
 
+
 
+        for (AuthorizationSettingEntity allSetting : allSettings) {
 
+            ofNullable(details.get(allSetting.getId())).ifPresent(allSetting::setDetails);
 
+        }
 
+
 
+        return allSettings;
 
+    }
 
 
     private List<AuthorizationSettingEntity> getUserSetting(String userId) {
 
         Map<String, List<SettingInfo>> settingInfo =

+ 31 - 9
hsweb-system/hsweb-system-authorization/hsweb-system-authorization-web/src/main/java/org/hswebframework/web/authorization/controller/AuthorizationSettingController.java
查看文件 

@@ -1,18 +1,18 @@
 
 /*
 
  *  Copyright 2019 http://www.hswebframework.org
 
- *  
+ *
 
  *  Licensed under the Apache License, Version 2.0 (the "License");
 
  *  you may not use this file except in compliance with the License.
 
  *  You may obtain a copy of the License at
 
  *
 
  *        http://www.apache.org/licenses/LICENSE-2.0
 
- *  
+ *
 
  *  Unless required by applicable law or agreed to in writing, software
 
  *  distributed under the License is distributed on an "AS IS" BASIS,
 
  *  WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
 
  *  See the License for the specific language governing permissions and
 
  *  limitations under the License.
 
- *  
+ *
 
  */
 
 
 package org.hswebframework.web.authorization.controller;
 
@@ -27,10 +27,9 @@ import org.hswebframework.web.controller.message.ResponseMessage;
 
 import org.hswebframework.web.entity.authorization.AuthorizationSettingEntity;
 
 import org.hswebframework.web.service.authorization.AuthorizationSettingService;
 
 import org.springframework.beans.factory.annotation.Autowired;
 
-import org.springframework.web.bind.annotation.GetMapping;
 
-import org.springframework.web.bind.annotation.PathVariable;
 
-import org.springframework.web.bind.annotation.RequestMapping;
 
-import org.springframework.web.bind.annotation.RestController;
 
+import org.springframework.web.bind.annotation.*;
 
+
 
+import java.util.List;
 
 
 /**
 
  * 权限设置
 
@@ -39,8 +38,8 @@ import org.springframework.web.bind.annotation.RestController;
 
  */
 
 @RestController
 
 @RequestMapping("${hsweb.web.mappings.autz-setting:autz-setting}")
 
-@Authorize(permission = "autz-setting",description = "权限设置")
 
-@Api(tags = "权限-权限设置",value = "权限设置")
 
+@Authorize(permission = "autz-setting", description = "权限设置")
 
+@Api(tags = "权限-权限设置", value = "权限设置")
 
 public class AuthorizationSettingController implements SimpleGenericEntityController<AuthorizationSettingEntity, String, QueryParamEntity> {
 
 
     private AuthorizationSettingService authorizationSettingService;
 
@@ -61,4 +60,27 @@ public class AuthorizationSettingController implements SimpleGenericEntityContro
 
     public ResponseMessage<AuthorizationSettingEntity> select(@PathVariable String type, @PathVariable String settingFor) {
 
         return ResponseMessage.ok(authorizationSettingService.select(type, settingFor));
 
     }
 
+
 
+    @GetMapping("/permission/{permissionId}")
 
+    @Authorize(action = Permission.ACTION_GET)
 
+    @ApiOperation("根据权限ID获取对应的权限配置信息")
 
+    public ResponseMessage<List<AuthorizationSettingEntity>> selectByPermissionId(@PathVariable String permissionId) {
 
+        return ResponseMessage.ok(authorizationSettingService.selectByPermissionId(permissionId));
 
+    }
 
+
 
+    @PutMapping("/merge")
 
+    @Authorize(action = Permission.ACTION_UPDATE)
 
+    @ApiOperation("合并权限信息")
 
+    public ResponseMessage<Void> mergeSetting(@RequestBody List<AuthorizationSettingEntity> list) {
 
+        authorizationSettingService.mergeSetting(list);
 
+        return ResponseMessage.ok();
 
+    }
 
+
 
+    @DeleteMapping("/{settingId}/{permissionId}")
 
+    @Authorize(action = Permission.ACTION_UPDATE)
 
+    @ApiOperation("删除单个权限配置详情")
 
+    public ResponseMessage<Void> deleteDetail(@PathVariable String settingId, @PathVariable String permissionId) {
 
+        authorizationSettingService.deleteDetail(settingId, permissionId);
 
+        return ResponseMessage.ok();
 
+    }
 
 }