优化权限api

hsweb-authorization/hsweb-authorization-api/src/main/java/org/hswebframework/web/authorization/Authorization.java

@@ -0,0 +1,49 @@
+/*
+ * Copyright 2016 http://www.hswebframework.org
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *       http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ *  WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ *  See the License for the specific language governing permissions and
+ *  limitations under the License.
+ *
+ */
+
+package org.hswebframework.web.authorization;
+
+import java.io.Serializable;
+import java.util.List;
+import java.util.Map;
+import java.util.function.Supplier;
+
+/**
+ * TODO 完成注释
+ *
+ * @author zhouhao
+ */
+public interface Authorization extends Serializable {
+    User getUser();
+
+    List<Role> getRoles();
+
+    List<Permission> getPermissions();
+
+    <T extends Serializable> T getAttribute(String name);
+
+    <T extends Serializable> T getAttribute(String name, T defaultValue);
+
+    <T extends Serializable> T getAttribute(String name, Supplier<T> supplier);
+
+    void setAttribute(String name, Serializable object);
+
+    void setAttributes(Map<String, Serializable> attributes);
+
+    Map<String, Serializable> getAttributes();
+
+}

hsweb-authorization/hsweb-authorization-api/src/main/java/org/hswebframework/web/authorization/AuthorizationHolder.java

@@ -0,0 +1,19 @@
+package org.hswebframework.web.authorization;
+
+/**
+ * TODO 完成注释
+ *
+ * @author zhouhao
+ */
+public final class AuthorizationHolder {
+    private static AuthorizationSupplier supplier;
+
+    public Authorization get() {
+        return supplier.get();
+    }
+
+    public static void setSupplier(AuthorizationSupplier supplier) {
+        if (null == AuthorizationHolder.supplier)
+            AuthorizationHolder.supplier = supplier;
+    }
+}

hsweb-authorization/hsweb-authorization-api/src/main/java/org/hswebframework/web/authorization/AuthorizationSupplier.java

@@ -0,0 +1,28 @@
+/*
+ * Copyright 2016 http://www.hswebframework.org
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *       http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ *  WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ *  See the License for the specific language governing permissions and
+ *  limitations under the License.
+ *
+ */
+
+package org.hswebframework.web.authorization;
+
+import java.util.function.Supplier;
+
+/**
+ * TODO 完成注释
+ *
+ * @author zhouhao
+ */
+public interface AuthorizationSupplier extends Supplier<Authorization> {
+}

hsweb-authorization/hsweb-authorization-api/src/main/java/org/hswebframework/web/authorization/Logical.java

@@ -1,30 +0,0 @@
-/*
- *
- *  * Copyright 2016 http://www.hswebframework.org
- *  *
- *  * Licensed under the Apache License, Version 2.0 (the "License");
- *  * you may not use this file except in compliance with the License.
- *  * You may obtain a copy of the License at
- *  *
- *  *     http://www.apache.org/licenses/LICENSE-2.0
- *  *
- *  * Unless required by applicable law or agreed to in writing, software
- *  * distributed under the License is distributed on an "AS IS" BASIS,
- *  * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- *  * See the License for the specific language governing permissions and
- *  * limitations under the License.
- *
- */
-
-package org.hswebframework.web.authorization;
-
-enum Logical {
-    /**
-     * 并集，需要满足所有验证条件
-     */
-    AND,
-    /**
-     * 交集，满足其中一个验证条件
-     */
-    OR
-}

hsweb-authorization/hsweb-authorization-api/src/main/java/org/hswebframework/web/authorization/Permission.java

@@ -0,0 +1,32 @@
+/*
+ * Copyright 2016 http://www.hswebframework.org
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *       http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ *  WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ *  See the License for the specific language governing permissions and
+ *  limitations under the License.
+ *
+ */
+
+package org.hswebframework.web.authorization;
+
+import java.io.Serializable;
+import java.util.List;
+
+/**
+ * TODO 完成注释
+ *
+ * @author zhouhao
+ */
+public interface Permission extends Serializable {
+    String getId();
+
+    List<String> getActions();
+}

hsweb-authorization/hsweb-authorization-api/src/main/java/org/hswebframework/web/authorization/Role.java

@@ -0,0 +1,31 @@
+/*
+ * Copyright 2016 http://www.hswebframework.org
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *       http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ *  WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ *  See the License for the specific language governing permissions and
+ *  limitations under the License.
+ *
+ */
+
+package org.hswebframework.web.authorization;
+
+import java.io.Serializable;
+
+/**
+ * TODO 完成注释
+ *
+ * @author zhouhao
+ */
+public interface Role extends Serializable {
+    String getId();
+
+    String getName();
+}

hsweb-authorization/hsweb-authorization-api/src/main/java/org/hswebframework/web/authorization/User.java

@@ -0,0 +1,33 @@
+/*
+ * Copyright 2016 http://www.hswebframework.org
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *       http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ *  WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ *  See the License for the specific language governing permissions and
+ *  limitations under the License.
+ *
+ */
+
+package org.hswebframework.web.authorization;
+
+import java.io.Serializable;
+
+/**
+ * TODO 完成注释
+ *
+ * @author zhouhao
+ */
+public interface User extends Serializable {
+    String getId();
+
+    String getUsername();
+
+    String getName();
+}

hsweb-authorization/hsweb-authorization-api/src/main/java/org/hswebframework/web/authorization/UserSubject.java

@@ -1,36 +0,0 @@
-/*
- *
- *  * Copyright 2016 http://www.hswebframework.org
- *  *
- *  * Licensed under the Apache License, Version 2.0 (the "License");
- *  * you may not use this file except in compliance with the License.
- *  * You may obtain a copy of the License at
- *  *
- *  *     http://www.apache.org/licenses/LICENSE-2.0
- *  *
- *  * Unless required by applicable law or agreed to in writing, software
- *  * distributed under the License is distributed on an "AS IS" BASIS,
- *  * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- *  * See the License for the specific language governing permissions and
- *  * limitations under the License.
- *
- */
-
-package org.hswebframework.web.authorization;
-
-import java.util.Set;
-
-/**
- * @author zhouhao
- */
-public interface UserSubject {
-
-    String getUsername();
-
-    boolean hasRoles(Set<String> roles);
-
-    boolean hasRole(String... roleId);
-
-    boolean hasModule(String moduleId, String... actions);
-
-}

hsweb-authorization/hsweb-authorization-api/src/main/java/org/hswebframework/web/authorization/UserSubjectUtils.java

@@ -1,38 +0,0 @@
-/*
- *
- *  * Copyright 2016 http://www.hswebframework.org
- *  *
- *  * Licensed under the Apache License, Version 2.0 (the "License");
- *  * you may not use this file except in compliance with the License.
- *  * You may obtain a copy of the License at
- *  *
- *  *     http://www.apache.org/licenses/LICENSE-2.0
- *  *
- *  * Unless required by applicable law or agreed to in writing, software
- *  * distributed under the License is distributed on an "AS IS" BASIS,
- *  * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- *  * See the License for the specific language governing permissions and
- *  * limitations under the License.
- *
- */
-
-package org.hswebframework.web.authorization;
-
-/**
- * @author zhouhao
- */
-public abstract class UserSubjectUtils {
-    private volatile static UserSubjectUtils instance;
-
-    public abstract UserSubject getUser();
-
-    public static UserSubject get() {
-        if (instance == null) return null;
-        return instance.getUser();
-    }
-
-    public synchronized static void setInstance(UserSubjectUtils instance) {
-        if (null == UserSubjectUtils.instance)
-            UserSubjectUtils.instance = instance;
-    }
-}

hsweb-authorization/hsweb-authorization-api/src/main/java/org/hswebframework/web/authorization/annotation/AuthInfo.java

@@ -0,0 +1,31 @@
+/*
+ * Copyright 2016 http://www.hswebframework.org
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *       http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ *  WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ *  See the License for the specific language governing permissions and
+ *  limitations under the License.
+ *
+ */
+
+package org.hswebframework.web.authorization.annotation;
+
+import java.lang.annotation.*;
+
+/**
+ * TODO 完成注释
+ *
+ * @author zhouhao
+ */
+@Target(ElementType.PARAMETER)
+@Retention(RetentionPolicy.RUNTIME)
+@Documented
+public @interface AuthInfo {
+}

hsweb-authorization/hsweb-authorization-api/src/main/java/org/hswebframework/web/authorization/Authorize.java

@@ -16,7 +16,7 @@
  *
  */
 
-package org.hswebframework.web.authorization;
+package org.hswebframework.web.authorization.annotation;
 
 import java.lang.annotation.*;
 

hsweb-authorization/hsweb-authorization-api/src/main/java/org/hswebframework/web/authorization/annotation/Logical.java

@@ -0,0 +1,29 @@
+/*
+ * Copyright 2016 http://www.hswebframework.org
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *       http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ *  WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ *  See the License for the specific language governing permissions and
+ *  limitations under the License.
+ *
+ */
+
+package org.hswebframework.web.authorization.annotation;
+
+enum Logical {
+    /**
+     * 并集，需要满足所有验证条件
+     */
+    AND,
+    /**
+     * 交集，满足其中一个验证条件
+     */
+    OR
+}

hsweb-authorization/hsweb-authorization-api/src/main/java/org/hswebframework/web/authorization/annotation/RequiresExpression.java

@@ -0,0 +1,49 @@
+/*
+ * Copyright 2016 http://www.hswebframework.org
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *       http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ *  WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ *  See the License for the specific language governing permissions and
+ *  limitations under the License.
+ *
+ */
+
+package org.hswebframework.web.authorization.annotation;
+
+import java.lang.annotation.ElementType;
+import java.lang.annotation.Retention;
+import java.lang.annotation.RetentionPolicy;
+import java.lang.annotation.Target;
+
+/**
+ * 使用表达式进行验证,默认支持spel,ognl表达式。
+ *
+ * @author zhouhao
+ */
+@Target({ElementType.TYPE, ElementType.METHOD})
+@Retention(RetentionPolicy.RUNTIME)
+public @interface RequiresExpression {
+
+    /**
+     * 表达式内容,表达式可以调用方法的参数值以及当前的用户信息和spring管理的bean
+     * 例如:
+     * <code>
+     * <p>
+     * &#064;ReuqestMapping<br>
+     * &#064;RequiresExpression("#param!=null")<br>
+     * public ResponseMessage requestHandle(String param){ <br/>
+     * //...<br>
+     * }<br>
+     * </code>
+     */
+    String value();
+
+    String language() default "spel";
+}

hsweb-authorization/hsweb-authorization-api/src/main/java/org/hswebframework/web/authorization/listener/UserAuthorizationConfigRegister.java

@@ -0,0 +1,27 @@
+/*
+ * Copyright 2016 http://www.hswebframework.org
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *       http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ *  WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ *  See the License for the specific language governing permissions and
+ *  limitations under the License.
+ *
+ */
+
+package org.hswebframework.web.authorization.listener;
+
+/**
+ * TODO 完成注释
+ *
+ * @author zhouhao
+ */
+public interface UserAuthorizationConfigRegister {
+    void setUseVerifyCode(boolean useVerifyCode);
+}

hsweb-authorization/hsweb-authorization-api/src/main/java/org/hswebframework/web/authorization/listener/UserAuthorizationListener.java

@@ -0,0 +1,40 @@
+/*
+ * Copyright 2016 http://www.hswebframework.org
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *       http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ *  WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ *  See the License for the specific language governing permissions and
+ *  limitations under the License.
+ *
+ */
+
+package org.hswebframework.web.authorization.listener;
+
+
+import org.hswebframework.web.authorization.Authorization;
+
+/**
+ * TODO 完成注释
+ *
+ * @author zhouhao
+ */
+public interface UserAuthorizationListener {
+
+    default void onConfig(String username, UserAuthorizationConfigRegister configHolder) {
+    }
+
+    default void onAuthorizeBefore(String username) {
+    }
+
+    default void onAuthorizeFail(String username) {
+    }
+
+    void onAuthorizeSuccess(boolean isRemembered, Authorization authorization);
+}

hsweb-system/hsweb-system-authorization/hsweb-system-authorization-entity/src/main/java/org/hswebframework/web/entity/authorization/Authorization.java

@@ -1,18 +0,0 @@
-package org.hswebframework.web.entity.authorization;
-
-import java.util.List;
-
-/**
- * TODO 完成注释
- *
- * @author zhouhao
- */
-public interface Authorization {
-
-    UserReadEntity getUser();
-
-    List<PermissionRoleReadEntity> getRoles();
-
-    List<PermissionReadEntity<ActionEntity>> getPermissions();
-
-}