优化对象转换

hsweb-authorization/hsweb-authorization-api/src/main/java/org/hswebframework/web/authorization/Authentication.java

@@ -37,6 +37,10 @@ import java.util.Optional;
  */
 public interface Authentication extends Serializable {
 
+    static Optional<Authentication> current() {
+        return Optional.ofNullable(AuthenticationHolder.get());
+    }
+
     /**
      * @return 用户信息
      */

hsweb-authorization/hsweb-authorization-api/src/main/java/org/hswebframework/web/authorization/AuthenticationHolder.java

@@ -18,6 +18,8 @@
 
 package org.hswebframework.web.authorization;
 
+import org.hswebframework.web.ThreadLocalUtils;
+
 /**
  * 权限获取器,用于静态方式获取当前登录用户的权限信息.
  * 例如:
@@ -36,6 +38,8 @@ package org.hswebframework.web.authorization;
 public final class AuthenticationHolder {
     private static AuthenticationSupplier supplier;
 
+    public static final String CURRENT_USER_ID_KEY = Authentication.class.getName() + "_current_id";
+
     /**
      * @return 当前登录的用户权限信息
      */
@@ -43,6 +47,10 @@ public final class AuthenticationHolder {
         if (null == supplier) {
             throw new UnsupportedOperationException("supplier is null!");
         }
+        String currentId = ThreadLocalUtils.get(CURRENT_USER_ID_KEY);
+        if (currentId != null) {
+            return supplier.get(currentId);
+        }
         return supplier.get();
     }
 
@@ -68,4 +76,8 @@ public final class AuthenticationHolder {
         if (null == AuthenticationHolder.supplier)
             AuthenticationHolder.supplier = supplier;
     }
+
+    public static void setCureentUserId(String id) {
+        ThreadLocalUtils.put(AuthenticationHolder.CURRENT_USER_ID_KEY, id);
+    }
 }

hsweb-commons/hsweb-commons-entity/pom.xml

@@ -53,5 +53,9 @@
             <artifactId>swagger-annotations</artifactId>
             <scope>compile</scope>
         </dependency>
+        <dependency>
+            <groupId>org.slf4j</groupId>
+            <artifactId>slf4j-api</artifactId>
+        </dependency>
     </dependencies>
 </project>

hsweb-commons/hsweb-commons-entity/src/main/java/org/hswebframework/web/commons/entity/factory/EntityFactory.java

@@ -32,11 +32,25 @@ public interface EntityFactory {
      * 根据类型创建实体,类型必须为{@link Entity}的子类。
      *
      * @param entityClass 类型
-     * @param <T>       泛型,需实现{@link Entity}
-     * @return 实体
+     * @param <T>         泛型,需实现{@link Entity}
+     * @return 创建结果
      */
     <T> T newInstance(Class<T> entityClass);
 
+    /**
+     * 创建实体并设置默认的属性
+     *
+     * @param entityClass       实体类型
+     * @param defaultProperties 默认属性
+     * @param <S>               默认属性的类型
+     * @param <T>               实体类型
+     * @return 创建结果
+     * @see EntityFactory#copyProperties(Object, Object)
+     */
+    default <S, T> T newInstance(Class<T> entityClass, S defaultProperties) {
+        return copyProperties(defaultProperties, newInstance(entityClass));
+    }
+
     /**
      * 根据类型获取实体的真实的实体类型,
      * 可通过此方法获取获取已拓展的实体类型，如:<br>
@@ -45,8 +59,19 @@ public interface EntityFactory {
      * </code>
      *
      * @param entityClass 类型
-     * @param <T>       泛型
+     * @param <T>         泛型
      * @return 实体类型
      */
     <T> Class<T> getInstanceType(Class<T> entityClass);
+
+    /**
+     * 拷贝对象的属性
+     *
+     * @param source 要拷贝到的对象
+     * @param target 被拷贝的对象
+     * @param <S>    要拷贝对象的类型
+     * @param <T>    被拷贝对象的类型
+     * @return 被拷贝的对象
+     */
+    <S, T> T copyProperties(S source, T target);
 }

hsweb-commons/hsweb-commons-entity/src/main/java/org/hswebframework/web/commons/entity/factory/MapperEntityFactory.java

@@ -18,8 +18,10 @@
 
 package org.hswebframework.web.commons.entity.factory;
 
+import org.apache.commons.beanutils.BeanUtils;
 import org.hswebframework.web.NotFoundException;
-import org.hswebframework.web.commons.entity.Entity;
+import org.slf4j.Logger;
+import org.slf4j.LoggerFactory;
 
 import java.lang.reflect.Modifier;
 import java.util.HashMap;
@@ -27,13 +29,12 @@ import java.util.Map;
 import java.util.function.Supplier;
 
 /**
- * TODO 完成注释
- *
  * @author zhouhao
  * @since 3.0
  */
 public class MapperEntityFactory implements EntityFactory {
     private Map<Class, Mapper> realTypeMapper = new HashMap<>();
+    private Logger             logger         = LoggerFactory.getLogger(this.getClass());
 
     public MapperEntityFactory() {
     }
@@ -47,6 +48,17 @@ public class MapperEntityFactory implements EntityFactory {
         return this;
     }
 
+    @Override
+    public <S, T> T copyProperties(S source, T target) {
+        try {
+            // TODO: 17-3-30 应该设计为可自定义
+            BeanUtils.copyProperties(target, source);
+        } catch (Exception e) {
+            logger.warn("copy properties error", e);
+        }
+        return target;
+    }
+
     @Override
     @SuppressWarnings("unchecked")
     public <T> T newInstance(Class<T> beanClass) {

hsweb-examples/hsweb-examples-simple/pom.xml

@@ -108,11 +108,11 @@
             <artifactId>hsweb-system-explorer-starter</artifactId>
             <version>${project.version}</version>
         </dependency>
-        <dependency>
-            <groupId>org.hswebframework.web</groupId>
-            <artifactId>hsweb-authorization-shiro</artifactId>
-            <version>${project.version}</version>
-        </dependency>
+        <!--<dependency>-->
+            <!--<groupId>org.hswebframework.web</groupId>-->
+            <!--<artifactId>hsweb-authorization-shiro</artifactId>-->
+            <!--<version>${project.version}</version>-->
+        <!--</dependency>-->
         <dependency>
             <groupId>org.hswebframework.web</groupId>
             <artifactId>hsweb-authorization-oauth2-server-starter</artifactId>

hsweb-examples/hsweb-examples-simple/src/main/java/org/hswebframework/web/example/simple/TestController.java

@@ -1,7 +1,6 @@
 package org.hswebframework.web.example.simple;
 
 import io.swagger.annotations.ApiOperation;
-import org.apache.shiro.authz.annotation.RequiresRoles;
 import org.hswebframework.web.authorization.Authentication;
 import org.hswebframework.web.authorization.AuthenticationHolder;
 import org.hswebframework.web.authorization.Permission;
@@ -18,12 +17,8 @@ import org.hswebframework.web.entity.authorization.UserEntity;
 import org.hswebframework.web.model.authorization.UserModel;
 import org.hswebframework.web.service.QueryByEntityService;
 import org.hswebframework.web.service.QueryService;
-import org.hswebframework.web.service.authorization.UserService;
-import org.springframework.cache.CacheManager;
-import org.springframework.cache.annotation.Cacheable;
 import org.springframework.web.bind.annotation.*;
 
-import javax.annotation.Resource;
 import java.util.List;
 
 /**
@@ -44,7 +39,7 @@ public class TestController implements QueryController<UserEntity, String, Query
     }
 
     @GetMapping("/test2")
-    @RequiresRoles("admin")
+//    @RequiresRoles("admin")
     public ResponseMessage test2(Authentication authentication) {
         return ResponseMessage.ok(authentication);
     }

hsweb-system/hsweb-system-authorization/hsweb-system-authorization-controller/src/main/java/org/hswebframework/web/controller/authorization/RoleController.java

@@ -65,103 +65,19 @@ public class RoleController implements QueryController<RoleEntity, String, Query
 
     @SuppressWarnings("unchecked")
     public BindPermissionRoleEntity<PermissionRoleEntity> modelToEntity(RoleModel roleModel) {
-        BindPermissionRoleEntity<PermissionRoleEntity> roleEntity = entityFactory.newInstance(BindPermissionRoleEntity.class);
-        roleEntity.setId(roleModel.getId());
-        roleEntity.setName(roleModel.getName());
-        roleEntity.setDescribe(roleModel.getDescribe());
-        List<PermissionRoleEntity> permissionRoleEntities =
-                roleModel.getPermissions().stream()
-                        .map(model -> {
-                            PermissionRoleEntity entity = entityFactory.newInstance(PermissionRoleEntity.class);
-                            entity.setActions(model.getActions());
-                            entity.setPermissionId(model.getPermissionId());
-                            entity.setRoleId(roleModel.getId());
-                            //copy field accesses
-                            entity.setFieldAccesses(model.getFieldAccesses().stream().map(accessModel -> {
-                                FieldAccessEntity accessEntity = new FieldAccessEntity();
-                                accessEntity.setField(accessEntity.getField());
-                                accessEntity.setDescribe(accessEntity.getDescribe());
-                                accessEntity.setActions(accessModel.getActions().stream().map(actionModel -> {
-                                    ActionEntity actionEntity = new ActionEntity();
-                                    actionEntity.setAction(actionModel.getAction());
-                                    actionEntity.setDescribe(actionModel.getDescribe());
-                                    actionEntity.setDefaultCheck(actionModel.isDefaultCheck());
-                                    return actionEntity;
-                                }).collect(Collectors.toList()));
-                                return accessEntity;
-                            }).collect(Collectors.toList()));
-                            //copy data accesses
-                            entity.setDataAccesses(model.getDataAccesses().stream().map(accessModel -> {
-                                DataAccessEntity dataAccessEntity = new DataAccessEntity();
-                                dataAccessEntity.setConfig(accessModel.getConfig());
-                                dataAccessEntity.setType(accessModel.getType());
-                                dataAccessEntity.setDescribe(accessModel.getDescribe());
-                                dataAccessEntity.setAction(accessModel.getAction());
-                                return dataAccessEntity;
-                            }).collect(Collectors.toList()));
-                            return entity;
-                        }).collect(Collectors.toList());
-        roleEntity.setPermissions(permissionRoleEntities);
-        return roleEntity;
+        return entityFactory.newInstance(BindPermissionRoleEntity.class, roleModel);
     }
 
     protected RoleModel entityToModel(RoleEntity roleEntity) {
-        RoleModel roleModel = entityFactory.newInstance(RoleModel.class);
-        roleModel.setId(roleEntity.getId());
-        roleModel.setDescribe(roleEntity.getDescribe());
-        roleModel.setName(roleEntity.getName());
-        if (roleEntity instanceof BindPermissionRoleEntity) {
-            BindPermissionRoleEntity<PermissionRoleEntity> permissionRoleEntity = (BindPermissionRoleEntity) roleEntity;
-            List<PermissionRoleEntity> roleEntities = permissionRoleEntity.getPermissions();
-            if (CollectionUtils.isNotEmpty(roleEntities)) {
-                List<PermissionRoleModel> roleModels = roleEntities.stream().map(entity -> {
-                    PermissionRoleModel model = entityFactory.newInstance(PermissionRoleModel.class);
-                    model.setActions(entity.getActions());
-                    model.setPermissionId(entity.getPermissionId());
-                    //copy field accesses
-                    model.setFieldAccesses(entity.getFieldAccesses().stream().map(accessEntity -> {
-                        FieldAccessModel accessModel = new FieldAccessModel();
-                        accessModel.setField(accessModel.getField());
-                        accessModel.setDescribe(accessModel.getDescribe());
-                        accessModel.setActions(accessModel.getActions().stream().map(actionEntity -> {
-                            ActionModel actionModel = new ActionModel();
-                            actionModel.setAction(actionEntity.getAction());
-                            actionModel.setDescribe(actionEntity.getDescribe());
-                            actionModel.setDefaultCheck(actionEntity.isDefaultCheck());
-                            return actionModel;
-                        }).collect(Collectors.toList()));
-                        return accessModel;
-                    }).collect(Collectors.toList()));
-                    //copy data accesses
-                    model.setDataAccesses(model.getDataAccesses().stream().map(accessesEntity -> {
-                        DataAccessModel dataAccessModel = new DataAccessModel();
-                        dataAccessModel.setConfig(accessesEntity.getConfig());
-                        dataAccessModel.setType(accessesEntity.getType());
-                        dataAccessModel.setDescribe(accessesEntity.getDescribe());
-                        dataAccessModel.setAction(accessesEntity.getAction());
-                        return dataAccessModel;
-                    }).collect(Collectors.toList()));
-                    return model;
-                }).collect(Collectors.toList());
-                roleModel.setPermissions(roleModels);
-            }
-        }
-
-        return roleModel;
+        return entityFactory.newInstance(RoleModel.class, roleEntity);
     }
 
     @Authorize(action = Permission.ACTION_GET)
     @GetMapping(path = "/{id:.+}/detail")
     @AccessLogger("{get_by_id}")
     @ApiOperation("根据主键查询完整数据")
-    @ApiResponses({
-            @ApiResponse(code = 200, message = "查询成功"),
-            @ApiResponse(code = 401, message = "未授权"),
-            @ApiResponse(code = 403, message = "无权限"),
-            @ApiResponse(code = 404, message = "数据不存在")
-    })
     public ResponseMessage<RoleModel> getDetailByPrimaryKey(@PathVariable String id) {
-        return ok(entityToModel(assertNotNull(getService().selectByPk(id))));
+        return ok(entityToModel(assertNotNull(getService().selectDetailByPk(id))));
     }
 
     @PostMapping
@@ -175,7 +91,7 @@ public class RoleController implements QueryController<RoleEntity, String, Query
     @PutMapping("/{id:.+}")
     @Authorize(action = Permission.ACTION_UPDATE)
     @AccessLogger("{update}")
-    @ApiModelProperty("修改角色")
+    @ApiOperation("修改角色")
     public ResponseMessage updateRole(@PathVariable String id, @RequestBody RoleModel roleModel) {
         roleModel.setId(id);
         roleService.updateByPrimaryKey(modelToEntity(roleModel));
@@ -185,7 +101,7 @@ public class RoleController implements QueryController<RoleEntity, String, Query
     @PutMapping("/disable/{id:.+}")
     @Authorize(action = Permission.ACTION_DISABLE)
     @AccessLogger("{disable}")
-    @ApiModelProperty("禁用角色")
+    @ApiOperation("禁用角色")
     public ResponseMessage disable(@PathVariable String id) {
         roleService.disable(id);
         return ok();
@@ -194,7 +110,7 @@ public class RoleController implements QueryController<RoleEntity, String, Query
     @PutMapping("/enable/{id}")
     @Authorize(action = Permission.ACTION_ENABLE)
     @AccessLogger("{disable}")
-    @ApiModelProperty("启用角色")
+    @ApiOperation("启用角色")
     public ResponseMessage enable(@PathVariable String id) {
         roleService.enable(id);
         return ok();

hsweb-system/hsweb-system-authorization/hsweb-system-authorization-controller/src/main/java/org/hswebframework/web/controller/authorization/UserController.java

@@ -31,6 +31,7 @@ import org.hswebframework.web.controller.message.ResponseMessage;
 import org.hswebframework.web.entity.authorization.UserEntity;
 import org.hswebframework.web.logging.AccessLogger;
 import org.hswebframework.web.model.authorization.UserModel;
+import org.hswebframework.web.service.AbstractService;
 import org.hswebframework.web.service.authorization.UserService;
 import org.springframework.beans.factory.annotation.Autowired;
 import org.springframework.util.Assert;
@@ -75,6 +76,7 @@ public class UserController implements
 
     @Override
     public ResponseMessage<PagerResult<UserEntity>> list(QueryParamEntity param) {
+        param.excludes("password", "salt");
         return QueryController.super.list(param)
                 .exclude(UserEntity.class, "password", "salt");
     }
@@ -90,7 +92,7 @@ public class UserController implements
     @AccessLogger("{update_by_primary_key}")
     @ApiOperation("根据ID修改用户信息")
     public ResponseMessage<Void> updateByPrimaryKey(@PathVariable String id,
-                                              @RequestBody UserModel userModel) {
+                                                    @RequestBody UserModel userModel) {
         getService().update(id, modelToEntity(userModel, getService().createEntity()));
         return ok();
     }
@@ -100,9 +102,8 @@ public class UserController implements
     @AccessLogger("{update_password_login_user}")
     @ApiOperation("修改当前用户的密码")
     public ResponseMessage<Void> updateLoginUserPassword(@RequestParam String password,
-                                                   @RequestParam String oldPassword) {
-        Authentication authentication = AuthenticationHolder.get();
-        Assert.notNull(authentication);
+                                                         @RequestParam String oldPassword) {
+        Authentication authentication = Authentication.current().get();
         getService().updatePassword(authentication.getUser().getId(), oldPassword, password);
         return ok();
     }
@@ -112,8 +113,8 @@ public class UserController implements
     @AccessLogger("{update_password_by_id}")
     @ApiOperation("修改指定用户的密码")
     public ResponseMessage<Void> updateByPasswordPrimaryKey(@PathVariable String id,
-                                                      @RequestParam String password,
-                                                      @RequestParam String oldPassword) {
+                                                            @RequestParam String password,
+                                                            @RequestParam String oldPassword) {
         getService().updatePassword(id, oldPassword, password);
         return ok();
     }

hsweb-system/hsweb-system-authorization/hsweb-system-authorization-model/src/main/java/org/hswebframework/web/model/authorization/FieldAccessModel.java

@@ -25,7 +25,6 @@ import java.util.Collections;
 import java.util.List;
 
 /**
- * TODO 完成注释
  *
  * @author zhouhao
  */

hsweb-system/hsweb-system-authorization/hsweb-system-authorization-model/src/main/java/org/hswebframework/web/model/authorization/PermissionRoleModel.java

@@ -25,7 +25,6 @@ import org.hswebframework.web.commons.model.Model;
 import java.util.List;
 
 /**
- * TODO 完成注释
  *
  * @author zhouhao
  */

hsweb-system/hsweb-system-authorization/hsweb-system-authorization-model/src/main/java/org/hswebframework/web/model/authorization/SimpleRoleModel.java

@@ -64,6 +64,7 @@ public class SimpleRoleModel implements RoleModel {
 
     @Override
     public List<PermissionRoleModel> getPermissions() {
+        if (null == permissions) permissions = new ArrayList<>();
         return new ArrayList<>(permissions);
     }
 

hsweb-system/hsweb-system-authorization/hsweb-system-authorization-service/hsweb-system-authorization-service-api/src/main/java/org/hswebframework/web/service/authorization/RoleService.java

@@ -27,4 +27,6 @@ public interface RoleService extends
 
     RoleEntity selectByPk(String roleId);
 
+    <T extends PermissionRoleEntity> BindPermissionRoleEntity<T> selectDetailByPk(String roleId);
+
 }

hsweb-system/hsweb-system-authorization/hsweb-system-authorization-service/hsweb-system-authorization-service-simple/src/main/java/org/hswebframework/web/service/authorization/simple/SimpleRoleService.java

@@ -34,6 +34,7 @@ import org.springframework.stereotype.Service;
 import org.springframework.transaction.annotation.Transactional;
 import org.springframework.util.StringUtils;
 
+import java.util.ArrayList;
 import java.util.List;
 
 import static org.hswebframework.web.service.authorization.simple.CacheConstants.USER_AUTH_CACHE_NAME;
@@ -102,11 +103,19 @@ public class SimpleRoleService extends AbstractService<RoleEntity, String>
     @Override
     @SuppressWarnings("unchecked")
     public RoleEntity selectByPk(String roleId) {
+        return createQuery().where(RoleEntity.id, roleId).single();
+    }
+
+    @Override
+    @SuppressWarnings("unchecked")
+    public <T extends PermissionRoleEntity> BindPermissionRoleEntity<T> selectDetailByPk(String roleId) {
         RoleEntity entity = createQuery().where(RoleEntity.id, roleId).single();
         if (entity == null) return null;
-        BindPermissionRoleEntity<PermissionRoleEntity> bindPermissionRoleEntity = entityFactory.newInstance(BindPermissionRoleEntity.class);
-        bindPermissionRoleEntity.setPermissions(permissionRoleDao.selectByRoleId(roleId));
-        return entity;
+        BindPermissionRoleEntity<T> bindPermissionRoleEntity =
+                entityFactory.newInstance(BindPermissionRoleEntity.class, entity);
+
+        bindPermissionRoleEntity.setPermissions(new ArrayList(permissionRoleDao.selectByRoleId(roleId)));
+        return bindPermissionRoleEntity;
     }
 
     @Override

hsweb-system/hsweb-system-authorization/hsweb-system-authorization-service/hsweb-system-authorization-service-simple/src/main/java/org/hswebframework/web/service/authorization/simple/SimpleUserService.java

@@ -105,7 +105,7 @@ public class SimpleUserService extends AbstractService<UserEntity, String>
     @Transactional(readOnly = true)
     public UserEntity selectByPk(String id) {
         Assert.notNull(id, "id:{not_be_null}");
-        return createQuery().where(GenericEntity.id, id).single();
+        return createQuery().selectExcludes("password", "salt").where(GenericEntity.id, id).single();
     }
 
     @Override