parent
0763551d6d
commit
e4048f8716
|
@ -2,9 +2,9 @@ import { message } from 'antd';
|
||||||
import { arrayToStringParams } from '../../utils/request.qs';
|
import { arrayToStringParams } from '../../utils/request.qs';
|
||||||
import { buildTreeNode, findAllNodes, findCheckedKeys } from '../../utils/tree.utils';
|
import { buildTreeNode, findAllNodes, findCheckedKeys } from '../../utils/tree.utils';
|
||||||
import {
|
import {
|
||||||
queryRoleResourceTree,
|
authorizationRoleResourceTree,
|
||||||
roleAssignResource,
|
authorizationRoleAssignResource,
|
||||||
} from '../../services/admin';
|
} from '../../services/system';
|
||||||
import {
|
import {
|
||||||
rolePage,
|
rolePage,
|
||||||
roleAdd,
|
roleAdd,
|
||||||
|
@ -83,9 +83,9 @@ export default {
|
||||||
payload: true,
|
payload: true,
|
||||||
});
|
});
|
||||||
|
|
||||||
const response = yield call(queryRoleResourceTree, payload);
|
const response = yield call(authorizationRoleResourceTree, payload);
|
||||||
const roleResourceTree = response.data;
|
const roleResourceTree = response.data;
|
||||||
const roleTreeData = buildTreeNode(roleResourceTree, 'displayName', 'id');
|
const roleTreeData = buildTreeNode(roleResourceTree, 'name', 'id');
|
||||||
const checkedKeys = findCheckedKeys(roleResourceTree);
|
const checkedKeys = findCheckedKeys(roleResourceTree);
|
||||||
|
|
||||||
yield put({
|
yield put({
|
||||||
|
@ -102,13 +102,13 @@ export default {
|
||||||
});
|
});
|
||||||
},
|
},
|
||||||
*roleAssignResource({ payload }, { call }) {
|
*roleAssignResource({ payload }, { call }) {
|
||||||
const { id, resourceIds, roleTreeData } = payload;
|
const { roleId, resourceIds, roleTreeData } = payload;
|
||||||
const assignNodes = findAllNodes(resourceIds, roleTreeData);
|
const assignNodes = findAllNodes(resourceIds, roleTreeData);
|
||||||
const params = {
|
const params = {
|
||||||
id,
|
roleId,
|
||||||
resourceIds: arrayToStringParams(assignNodes),
|
resourceIds: arrayToStringParams(assignNodes),
|
||||||
};
|
};
|
||||||
const response = yield call(roleAssignResource, params);
|
const response = yield call(authorizationRoleAssignResource, params);
|
||||||
if (response.code === 0) {
|
if (response.code === 0) {
|
||||||
message.info('操作成功!');
|
message.info('操作成功!');
|
||||||
}
|
}
|
||||||
|
|
|
@ -168,7 +168,7 @@ class RoleList extends PureComponent {
|
||||||
dispatch({
|
dispatch({
|
||||||
type: 'roleList/queryRoleAssign',
|
type: 'roleList/queryRoleAssign',
|
||||||
payload: {
|
payload: {
|
||||||
id: record.id,
|
roleId: record.id,
|
||||||
},
|
},
|
||||||
});
|
});
|
||||||
this.setState({
|
this.setState({
|
||||||
|
@ -200,7 +200,7 @@ class RoleList extends PureComponent {
|
||||||
dispatch({
|
dispatch({
|
||||||
type: 'roleList/roleAssignResource',
|
type: 'roleList/roleAssignResource',
|
||||||
payload: {
|
payload: {
|
||||||
id: roleAssignRecord.id,
|
roleId: roleAssignRecord.id,
|
||||||
resourceIds: data.checkedKeys,
|
resourceIds: data.checkedKeys,
|
||||||
roleTreeData: data.roleTreeData,
|
roleTreeData: data.roleTreeData,
|
||||||
},
|
},
|
||||||
|
|
|
@ -82,28 +82,14 @@ export async function deptTreeAll() {
|
||||||
});
|
});
|
||||||
}
|
}
|
||||||
|
|
||||||
// resource
|
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
// role
|
// role
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
export async function queryRoleResourceTree(params) {
|
|
||||||
return request(`/admin-api/admins/role/resource_tree?${stringify(params)}`, {
|
|
||||||
method: 'GET',
|
|
||||||
});
|
|
||||||
}
|
|
||||||
|
|
||||||
export async function roleAssignResource(params) {
|
|
||||||
return request(`/admin-api/admins/role/assign_resource?${stringify(params)}`, {
|
|
||||||
method: 'POST',
|
|
||||||
body: {
|
|
||||||
...params,
|
|
||||||
},
|
|
||||||
});
|
|
||||||
}
|
|
||||||
|
|
||||||
// dictionary
|
// dictionary
|
||||||
|
|
||||||
|
|
|
@ -24,6 +24,19 @@ export async function authorizationResourcePermissions(params) {
|
||||||
});
|
});
|
||||||
}
|
}
|
||||||
|
|
||||||
|
export async function authorizationRoleResourceTree(params) {
|
||||||
|
return request(`/system-api/admins/authorization/role_resource_tree?${stringify(params)}`, {
|
||||||
|
method: 'GET',
|
||||||
|
});
|
||||||
|
}
|
||||||
|
|
||||||
|
export async function authorizationRoleAssignResource(params) {
|
||||||
|
return request(`/system-api/admins/authorization/assign_role_resource?${stringify(params)}`, {
|
||||||
|
method: 'POST',
|
||||||
|
body: {},
|
||||||
|
});
|
||||||
|
}
|
||||||
|
|
||||||
// ========== Resource 模块 ==========
|
// ========== Resource 模块 ==========
|
||||||
|
|
||||||
export async function resourceTree(params) {
|
export async function resourceTree(params) {
|
||||||
|
|
|
@ -7,7 +7,7 @@ import java.io.Serializable;
|
||||||
|
|
||||||
public final class CommonResult<T> implements Serializable {
|
public final class CommonResult<T> implements Serializable {
|
||||||
|
|
||||||
public static Integer CODE_SUCCESS = 0;
|
private static Integer CODE_SUCCESS = 0;
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* 错误码
|
* 错误码
|
||||||
|
@ -93,4 +93,5 @@ public final class CommonResult<T> implements Serializable {
|
||||||
", data=" + data +
|
", data=" + data +
|
||||||
'}';
|
'}';
|
||||||
}
|
}
|
||||||
|
|
||||||
}
|
}
|
||||||
|
|
|
@ -52,7 +52,6 @@ public enum SystemErrorCodeEnum implements ServiceExceptionUtil.Enumerable {
|
||||||
ROLE_NOT_EXISTS(1002004000, "角色不存在"),
|
ROLE_NOT_EXISTS(1002004000, "角色不存在"),
|
||||||
ROLE_NAME_DUPLICATE(1002004001, "已经存在名为【{}}】的角色"),
|
ROLE_NAME_DUPLICATE(1002004001, "已经存在名为【{}}】的角色"),
|
||||||
ROLE_CODE_DUPLICATE(1002004002, "已经存在编码为【{}}】的角色"),
|
ROLE_CODE_DUPLICATE(1002004002, "已经存在编码为【{}}】的角色"),
|
||||||
// ROLE_ASSIGN_RESOURCE_NOT_EXISTS(1002004001, "分配角色资源时,有资源不存在"),
|
|
||||||
|
|
||||||
// ========== 数据字典模块 1002005000 ==========
|
// ========== 数据字典模块 1002005000 ==========
|
||||||
// DATA_DICT_EXISTS(1002005000, "该数据字典已经存在"),
|
// DATA_DICT_EXISTS(1002005000, "该数据字典已经存在"),
|
||||||
|
@ -77,6 +76,7 @@ public enum SystemErrorCodeEnum implements ServiceExceptionUtil.Enumerable {
|
||||||
// ========== 授权模块 1002008000 ==========
|
// ========== 授权模块 1002008000 ==========
|
||||||
AUTHORIZATION_PERMISSION_DENY(1002008001, "没有该操作权限"),
|
AUTHORIZATION_PERMISSION_DENY(1002008001, "没有该操作权限"),
|
||||||
AUTHORIZATION_DEMO_PERMISSION_DENY(1002008002, "演示账号,暂不允许写操作。欢迎加入我们的交流群:http://t.cn/EKEr5WE"),
|
AUTHORIZATION_DEMO_PERMISSION_DENY(1002008002, "演示账号,暂不允许写操作。欢迎加入我们的交流群:http://t.cn/EKEr5WE"),
|
||||||
|
AUTHORIZATION_ROLE_ASSIGN_RESOURCE_NOT_EXISTS(1002004001, "分配角色资源时,有资源不存在"),
|
||||||
|
|
||||||
;
|
;
|
||||||
|
|
||||||
|
|
|
@ -6,16 +6,16 @@ import lombok.experimental.Accessors;
|
||||||
import java.util.Date;
|
import java.util.Date;
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* TODO 注释
|
* 认证模块 - 认证结果 BO
|
||||||
*/
|
*/
|
||||||
@Data
|
@Data
|
||||||
@Accessors(chain = true)
|
@Accessors(chain = true)
|
||||||
public class OAuth2AccessTokenBO {
|
public class OAuth2AuthenticateBO {
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* 访问令牌
|
* 访问令牌
|
||||||
*/
|
*/
|
||||||
private String id;
|
private String accessToken;
|
||||||
/**
|
/**
|
||||||
* 刷新令牌
|
* 刷新令牌
|
||||||
*/
|
*/
|
|
@ -1,6 +1,6 @@
|
||||||
package cn.iocoder.mall.system.biz.bo.user;
|
package cn.iocoder.mall.system.biz.bo.user;
|
||||||
|
|
||||||
import cn.iocoder.mall.system.biz.bo.ouath2.OAuth2AccessTokenBO;
|
import cn.iocoder.mall.system.biz.bo.ouath2.OAuth2AuthenticateBO;
|
||||||
import lombok.Data;
|
import lombok.Data;
|
||||||
import lombok.experimental.Accessors;
|
import lombok.experimental.Accessors;
|
||||||
|
|
||||||
|
@ -13,6 +13,6 @@ public class UserAuthenticateBO {
|
||||||
|
|
||||||
private UserBO user;
|
private UserBO user;
|
||||||
|
|
||||||
private OAuth2AccessTokenBO token;
|
private OAuth2AuthenticateBO token;
|
||||||
|
|
||||||
}
|
}
|
||||||
|
|
|
@ -1,6 +1,6 @@
|
||||||
package cn.iocoder.mall.system.biz.convert.oauth2;
|
package cn.iocoder.mall.system.biz.convert.oauth2;
|
||||||
|
|
||||||
import cn.iocoder.mall.system.biz.bo.ouath2.OAuth2AccessTokenBO;
|
import cn.iocoder.mall.system.biz.bo.ouath2.OAuth2AuthenticateBO;
|
||||||
import cn.iocoder.mall.system.biz.dataobject.oauth2.OAuth2AccessTokenDO;
|
import cn.iocoder.mall.system.biz.dataobject.oauth2.OAuth2AccessTokenDO;
|
||||||
import org.mapstruct.Mapper;
|
import org.mapstruct.Mapper;
|
||||||
import org.mapstruct.factory.Mappers;
|
import org.mapstruct.factory.Mappers;
|
||||||
|
@ -10,6 +10,6 @@ public interface OAuth2Convert {
|
||||||
|
|
||||||
OAuth2Convert INSTANCE = Mappers.getMapper(OAuth2Convert.class);
|
OAuth2Convert INSTANCE = Mappers.getMapper(OAuth2Convert.class);
|
||||||
|
|
||||||
OAuth2AccessTokenBO convert(OAuth2AccessTokenDO bean);
|
OAuth2AuthenticateBO convert(OAuth2AccessTokenDO bean);
|
||||||
|
|
||||||
}
|
}
|
||||||
|
|
|
@ -1,6 +1,6 @@
|
||||||
package cn.iocoder.mall.system.biz.convert.user;
|
package cn.iocoder.mall.system.biz.convert.user;
|
||||||
|
|
||||||
import cn.iocoder.mall.system.biz.bo.ouath2.OAuth2AccessTokenBO;
|
import cn.iocoder.mall.system.biz.bo.ouath2.OAuth2AuthenticateBO;
|
||||||
import cn.iocoder.mall.system.biz.bo.user.UserAuthenticateBO;
|
import cn.iocoder.mall.system.biz.bo.user.UserAuthenticateBO;
|
||||||
import cn.iocoder.mall.system.biz.bo.user.UserBO;
|
import cn.iocoder.mall.system.biz.bo.user.UserBO;
|
||||||
import cn.iocoder.mall.system.biz.dataobject.user.UserDO;
|
import cn.iocoder.mall.system.biz.dataobject.user.UserDO;
|
||||||
|
@ -15,7 +15,7 @@ public interface UserConvert {
|
||||||
|
|
||||||
@Mapping(source = "userBO", target = "user")
|
@Mapping(source = "userBO", target = "user")
|
||||||
@Mapping(source = "accessTokenBO", target = "token")
|
@Mapping(source = "accessTokenBO", target = "token")
|
||||||
UserAuthenticateBO convert(UserBO userBO, OAuth2AccessTokenBO accessTokenBO);
|
UserAuthenticateBO convert(UserBO userBO, OAuth2AuthenticateBO accessTokenBO);
|
||||||
|
|
||||||
UserBO convert(UserDO bean);
|
UserBO convert(UserDO bean);
|
||||||
|
|
||||||
|
|
|
@ -30,6 +30,11 @@ public interface ResourceMapper extends BaseMapper<ResourceDO> {
|
||||||
.eqIfPresent("type", type));
|
.eqIfPresent("type", type));
|
||||||
}
|
}
|
||||||
|
|
||||||
|
default int selectCountByIdsAndType(Collection<Integer> ids, Integer type) {
|
||||||
|
return selectCount(new QueryWrapperX<ResourceDO>().inIfPresent("id", ids)
|
||||||
|
.eqIfPresent("type", type));
|
||||||
|
}
|
||||||
|
|
||||||
default int selectCountByPid(Integer pid) {
|
default int selectCountByPid(Integer pid) {
|
||||||
return selectCount(new QueryWrapper<ResourceDO>().eq("pid", pid));
|
return selectCount(new QueryWrapper<ResourceDO>().eq("pid", pid));
|
||||||
}
|
}
|
||||||
|
|
|
@ -0,0 +1,27 @@
|
||||||
|
package cn.iocoder.mall.system.biz.dto.authorization;
|
||||||
|
|
||||||
|
import lombok.Data;
|
||||||
|
import lombok.experimental.Accessors;
|
||||||
|
|
||||||
|
import javax.validation.constraints.NotNull;
|
||||||
|
import java.util.Set;
|
||||||
|
|
||||||
|
/**
|
||||||
|
* 授权模块 - 分配角色资源 DTO
|
||||||
|
*/
|
||||||
|
@Data
|
||||||
|
@Accessors(chain = true)
|
||||||
|
public class AuthorizationAssignRoleResourceDTO {
|
||||||
|
|
||||||
|
@NotNull(message = "管理员编号不能为空")
|
||||||
|
private Integer adminId;
|
||||||
|
|
||||||
|
@NotNull(message = "角色编号不能为空")
|
||||||
|
private Integer roleId;
|
||||||
|
|
||||||
|
/**
|
||||||
|
* 资源编号数组
|
||||||
|
*/
|
||||||
|
private Set<Integer> resourceIds;
|
||||||
|
|
||||||
|
}
|
|
@ -0,0 +1,25 @@
|
||||||
|
package cn.iocoder.mall.system.biz.dto.authorization;
|
||||||
|
|
||||||
|
import lombok.Data;
|
||||||
|
import lombok.experimental.Accessors;
|
||||||
|
|
||||||
|
import java.util.Collection;
|
||||||
|
|
||||||
|
/**
|
||||||
|
* 资源模块 - 获得资源总数 DTO
|
||||||
|
*/
|
||||||
|
@Data
|
||||||
|
@Accessors(chain = true)
|
||||||
|
public class ResourceCountDTO {
|
||||||
|
|
||||||
|
/**
|
||||||
|
* 资源编号数组
|
||||||
|
*/
|
||||||
|
private Collection<Integer> ids;
|
||||||
|
|
||||||
|
/**
|
||||||
|
* 资源类型
|
||||||
|
*/
|
||||||
|
private Integer type;
|
||||||
|
|
||||||
|
}
|
|
@ -3,6 +3,7 @@ package cn.iocoder.mall.system.biz.service.authorization;
|
||||||
import cn.iocoder.common.framework.exception.ServiceException;
|
import cn.iocoder.common.framework.exception.ServiceException;
|
||||||
import cn.iocoder.mall.system.biz.bo.authorization.ResourceBO;
|
import cn.iocoder.mall.system.biz.bo.authorization.ResourceBO;
|
||||||
import cn.iocoder.mall.system.biz.bo.authorization.ResourceTreeNodeBO;
|
import cn.iocoder.mall.system.biz.bo.authorization.ResourceTreeNodeBO;
|
||||||
|
import cn.iocoder.mall.system.biz.dto.authorization.AuthorizationAssignRoleResourceDTO;
|
||||||
import cn.iocoder.mall.system.biz.dto.authorization.AuthorizationCheckPermissionsDTO;
|
import cn.iocoder.mall.system.biz.dto.authorization.AuthorizationCheckPermissionsDTO;
|
||||||
import cn.iocoder.mall.system.biz.dto.authorization.AuthorizationGetResourcesByAccountIdDTO;
|
import cn.iocoder.mall.system.biz.dto.authorization.AuthorizationGetResourcesByAccountIdDTO;
|
||||||
import cn.iocoder.mall.system.biz.dto.authorization.AuthorizationGetRoleResourcesDTO;
|
import cn.iocoder.mall.system.biz.dto.authorization.AuthorizationGetRoleResourcesDTO;
|
||||||
|
@ -50,4 +51,10 @@ public interface AuthorizationService {
|
||||||
*/
|
*/
|
||||||
Set<Integer> getRoleResources(AuthorizationGetRoleResourcesDTO getRoleResourcesDTO);
|
Set<Integer> getRoleResources(AuthorizationGetRoleResourcesDTO getRoleResourcesDTO);
|
||||||
|
|
||||||
|
/**
|
||||||
|
* 给指定权限授予权限。如果更新失败,则抛出 {@link ServiceException} 异常
|
||||||
|
*
|
||||||
|
* @param assignRoleResourceDTO 授予权限 DTO
|
||||||
|
*/
|
||||||
|
void assignRoleResource(AuthorizationAssignRoleResourceDTO assignRoleResourceDTO);
|
||||||
}
|
}
|
||||||
|
|
|
@ -2,6 +2,7 @@ package cn.iocoder.mall.system.biz.service.authorization;
|
||||||
|
|
||||||
import cn.iocoder.common.framework.util.CollectionUtil;
|
import cn.iocoder.common.framework.util.CollectionUtil;
|
||||||
import cn.iocoder.common.framework.util.ServiceExceptionUtil;
|
import cn.iocoder.common.framework.util.ServiceExceptionUtil;
|
||||||
|
import cn.iocoder.mall.mybatis.enums.DeletedStatusEnum;
|
||||||
import cn.iocoder.mall.system.biz.bo.authorization.ResourceBO;
|
import cn.iocoder.mall.system.biz.bo.authorization.ResourceBO;
|
||||||
import cn.iocoder.mall.system.biz.bo.authorization.ResourceTreeNodeBO;
|
import cn.iocoder.mall.system.biz.bo.authorization.ResourceTreeNodeBO;
|
||||||
import cn.iocoder.mall.system.biz.dao.authorization.AccountRoleMapper;
|
import cn.iocoder.mall.system.biz.dao.authorization.AccountRoleMapper;
|
||||||
|
@ -9,6 +10,7 @@ import cn.iocoder.mall.system.biz.dao.authorization.RoleResourceMapper;
|
||||||
import cn.iocoder.mall.system.biz.dataobject.authorization.AccountRoleDO;
|
import cn.iocoder.mall.system.biz.dataobject.authorization.AccountRoleDO;
|
||||||
import cn.iocoder.mall.system.biz.dataobject.authorization.RoleResourceDO;
|
import cn.iocoder.mall.system.biz.dataobject.authorization.RoleResourceDO;
|
||||||
import cn.iocoder.mall.system.biz.dto.authorization.*;
|
import cn.iocoder.mall.system.biz.dto.authorization.*;
|
||||||
|
import cn.iocoder.mall.system.biz.enums.SystemErrorCodeEnum;
|
||||||
import cn.iocoder.mall.system.biz.event.authorization.ResourceDeleteEvent;
|
import cn.iocoder.mall.system.biz.event.authorization.ResourceDeleteEvent;
|
||||||
import lombok.extern.slf4j.Slf4j;
|
import lombok.extern.slf4j.Slf4j;
|
||||||
import org.springframework.beans.factory.annotation.Autowired;
|
import org.springframework.beans.factory.annotation.Autowired;
|
||||||
|
@ -16,6 +18,7 @@ import org.springframework.context.event.EventListener;
|
||||||
import org.springframework.stereotype.Service;
|
import org.springframework.stereotype.Service;
|
||||||
|
|
||||||
import java.util.*;
|
import java.util.*;
|
||||||
|
import java.util.stream.Collectors;
|
||||||
|
|
||||||
import static cn.iocoder.mall.system.biz.enums.SystemErrorCodeEnum.AUTHORIZATION_PERMISSION_DENY;
|
import static cn.iocoder.mall.system.biz.enums.SystemErrorCodeEnum.AUTHORIZATION_PERMISSION_DENY;
|
||||||
|
|
||||||
|
@ -128,6 +131,37 @@ public class AuthorizationServiceImpl implements AuthorizationService {
|
||||||
return CollectionUtil.convertSet(roleResourceDOs, RoleResourceDO::getResourceId);
|
return CollectionUtil.convertSet(roleResourceDOs, RoleResourceDO::getResourceId);
|
||||||
}
|
}
|
||||||
|
|
||||||
|
@Override
|
||||||
|
public void assignRoleResource(AuthorizationAssignRoleResourceDTO assignRoleResourceDTO) {
|
||||||
|
Integer roleId = assignRoleResourceDTO.getRoleId();
|
||||||
|
Set<Integer> resourceIds = assignRoleResourceDTO.getResourceIds();
|
||||||
|
// 校验角色是否存在
|
||||||
|
if (roleService.getRole(roleId) == null) {
|
||||||
|
throw ServiceExceptionUtil.exception(SystemErrorCodeEnum.ROLE_NOT_EXISTS.getCode());
|
||||||
|
}
|
||||||
|
// 校验是否有不存在的资源
|
||||||
|
if (!CollectionUtil.isEmpty(resourceIds)) {
|
||||||
|
int dbResourceSize = resourceService.countResource(new ResourceCountDTO().setIds(resourceIds));
|
||||||
|
if (resourceIds.size() != dbResourceSize) {
|
||||||
|
throw ServiceExceptionUtil.exception(SystemErrorCodeEnum.AUTHORIZATION_ROLE_ASSIGN_RESOURCE_NOT_EXISTS.getCode());
|
||||||
|
}
|
||||||
|
}
|
||||||
|
// TODO 芋艿,这里先简单实现。即方式是,删除老的分配的资源关系,然后添加新的分配的资源关系
|
||||||
|
// 标记角色原资源关系都为删除
|
||||||
|
roleResourceMapper.deleteByRoleId(roleId);
|
||||||
|
// 创建 RoleResourceDO 数组,并插入到数据库
|
||||||
|
if (!CollectionUtil.isEmpty(resourceIds)) {
|
||||||
|
List<RoleResourceDO> roleResources = resourceIds.stream().map(resourceId -> {
|
||||||
|
RoleResourceDO roleResource = new RoleResourceDO().setRoleId(roleId).setResourceId(resourceId);
|
||||||
|
roleResource.setCreateTime(new Date());
|
||||||
|
roleResource.setDeleted(DeletedStatusEnum.DELETED_NO.getValue());
|
||||||
|
return roleResource;
|
||||||
|
}).collect(Collectors.toList());
|
||||||
|
roleResourceMapper.insertList(roleResources);
|
||||||
|
}
|
||||||
|
// TODO 插入操作日志
|
||||||
|
}
|
||||||
|
|
||||||
@EventListener
|
@EventListener
|
||||||
public void handleResourceDeleteEvent(ResourceDeleteEvent event) {
|
public void handleResourceDeleteEvent(ResourceDeleteEvent event) {
|
||||||
roleResourceMapper.deleteByResourceId(event.getId());
|
roleResourceMapper.deleteByResourceId(event.getId());
|
||||||
|
|
|
@ -17,6 +17,8 @@ public interface ResourceService {
|
||||||
|
|
||||||
List<ResourceBO> getResources(ResourceGetListDTO getListDTO);
|
List<ResourceBO> getResources(ResourceGetListDTO getListDTO);
|
||||||
|
|
||||||
|
int countResource(ResourceCountDTO countDTO);
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* 获得资源树
|
* 获得资源树
|
||||||
*
|
*
|
||||||
|
|
|
@ -43,6 +43,11 @@ public class ResourceServiceImpl implements ResourceService {
|
||||||
return ResourceConvert.INSTANCE.convertList(resourceDOs);
|
return ResourceConvert.INSTANCE.convertList(resourceDOs);
|
||||||
}
|
}
|
||||||
|
|
||||||
|
@Override
|
||||||
|
public int countResource(ResourceCountDTO countDTO) {
|
||||||
|
return resourceMapper.selectCountByIdsAndType(countDTO.getIds(), countDTO.getType());
|
||||||
|
}
|
||||||
|
|
||||||
@Override
|
@Override
|
||||||
public List<ResourceTreeNodeBO> getResourceTree(ResourceGetTreeDTO getTreeDTO) {
|
public List<ResourceTreeNodeBO> getResourceTree(ResourceGetTreeDTO getTreeDTO) {
|
||||||
// 获得对应的资源列表
|
// 获得对应的资源列表
|
||||||
|
|
|
@ -15,6 +15,8 @@ import java.util.List;
|
||||||
*/
|
*/
|
||||||
public interface RoleService {
|
public interface RoleService {
|
||||||
|
|
||||||
|
RoleBO getRole(Integer id);
|
||||||
|
|
||||||
List<RoleBO> getRoleList(Collection<Integer> ids);
|
List<RoleBO> getRoleList(Collection<Integer> ids);
|
||||||
|
|
||||||
PageResult<RoleBO> getRolePage(RolePageDTO pageDTO);
|
PageResult<RoleBO> getRolePage(RolePageDTO pageDTO);
|
||||||
|
|
|
@ -15,7 +15,6 @@ import cn.iocoder.mall.system.biz.dto.authorization.RoleUpdateDTO;
|
||||||
import cn.iocoder.mall.system.biz.enums.SystemErrorCodeEnum;
|
import cn.iocoder.mall.system.biz.enums.SystemErrorCodeEnum;
|
||||||
import cn.iocoder.mall.system.biz.enums.authorization.RoleCodeEnum;
|
import cn.iocoder.mall.system.biz.enums.authorization.RoleCodeEnum;
|
||||||
import cn.iocoder.mall.system.biz.event.authorization.ResourceDeleteEvent;
|
import cn.iocoder.mall.system.biz.event.authorization.ResourceDeleteEvent;
|
||||||
import com.baomidou.mybatisplus.core.metadata.IPage;
|
|
||||||
import org.springframework.beans.factory.annotation.Autowired;
|
import org.springframework.beans.factory.annotation.Autowired;
|
||||||
import org.springframework.context.ApplicationEventPublisher;
|
import org.springframework.context.ApplicationEventPublisher;
|
||||||
import org.springframework.stereotype.Service;
|
import org.springframework.stereotype.Service;
|
||||||
|
@ -34,16 +33,19 @@ public class RoleServiceImpl implements RoleService {
|
||||||
@Autowired
|
@Autowired
|
||||||
private RoleMapper roleMapper;
|
private RoleMapper roleMapper;
|
||||||
|
|
||||||
|
@Override
|
||||||
|
public RoleBO getRole(Integer id) {
|
||||||
|
return RoleConvert.INSTANCE.convert(roleMapper.selectById(id));
|
||||||
|
}
|
||||||
|
|
||||||
@Override
|
@Override
|
||||||
public List<RoleBO> getRoleList(Collection<Integer> ids) {
|
public List<RoleBO> getRoleList(Collection<Integer> ids) {
|
||||||
List<RoleDO> roleDOs = roleMapper.selectBatchIds(ids);
|
return RoleConvert.INSTANCE.convertList(roleMapper.selectBatchIds(ids));
|
||||||
return RoleConvert.INSTANCE.convertList(roleDOs);
|
|
||||||
}
|
}
|
||||||
|
|
||||||
@Override
|
@Override
|
||||||
public PageResult<RoleBO> getRolePage(RolePageDTO pageDTO) {
|
public PageResult<RoleBO> getRolePage(RolePageDTO pageDTO) {
|
||||||
IPage<RoleDO> pageResult = roleMapper.selectPage(pageDTO);
|
return RoleConvert.INSTANCE.convertPage(roleMapper.selectPage(pageDTO));
|
||||||
return RoleConvert.INSTANCE.convertPage(pageResult);
|
|
||||||
}
|
}
|
||||||
|
|
||||||
@Override
|
@Override
|
||||||
|
@ -94,9 +96,9 @@ public class RoleServiceImpl implements RoleService {
|
||||||
}
|
}
|
||||||
// 更新到数据库,标记删除
|
// 更新到数据库,标记删除
|
||||||
roleMapper.deleteById(roleDeleteDTO.getId());
|
roleMapper.deleteById(roleDeleteDTO.getId());
|
||||||
// TODO 插入操作日志
|
|
||||||
// 发布角色删除事件,方便清理关联表
|
// 发布角色删除事件,方便清理关联表
|
||||||
eventPublisher.publishEvent(new ResourceDeleteEvent(this, roleDeleteDTO.getId()));
|
eventPublisher.publishEvent(new ResourceDeleteEvent(this, roleDeleteDTO.getId()));
|
||||||
|
// TODO 插入操作日志
|
||||||
}
|
}
|
||||||
|
|
||||||
/**
|
/**
|
||||||
|
|
|
@ -1,6 +1,6 @@
|
||||||
package cn.iocoder.mall.system.biz.service.oauth2;
|
package cn.iocoder.mall.system.biz.service.oauth2;
|
||||||
|
|
||||||
import cn.iocoder.mall.system.biz.bo.ouath2.OAuth2AccessTokenBO;
|
import cn.iocoder.mall.system.biz.bo.ouath2.OAuth2AuthenticateBO;
|
||||||
import cn.iocoder.mall.system.biz.dto.oatuh2.OAuth2AccessTokenAuthenticateDTO;
|
import cn.iocoder.mall.system.biz.dto.oatuh2.OAuth2AccessTokenAuthenticateDTO;
|
||||||
import cn.iocoder.mall.system.biz.dto.oatuh2.OAuth2MobileCodeAuthenticateDTO;
|
import cn.iocoder.mall.system.biz.dto.oatuh2.OAuth2MobileCodeAuthenticateDTO;
|
||||||
import cn.iocoder.mall.system.biz.dto.oatuh2.OAuth2UsernameAuthenticateDTO;
|
import cn.iocoder.mall.system.biz.dto.oatuh2.OAuth2UsernameAuthenticateDTO;
|
||||||
|
@ -10,10 +10,10 @@ import cn.iocoder.mall.system.biz.dto.oatuh2.OAuth2UsernameAuthenticateDTO;
|
||||||
*/
|
*/
|
||||||
public interface OAuth2Service {
|
public interface OAuth2Service {
|
||||||
|
|
||||||
OAuth2AccessTokenBO authenticate(OAuth2UsernameAuthenticateDTO authenticateDTO);
|
OAuth2AuthenticateBO authenticate(OAuth2UsernameAuthenticateDTO authenticateDTO);
|
||||||
|
|
||||||
OAuth2AccessTokenBO authenticate(OAuth2MobileCodeAuthenticateDTO authenticateDTO);
|
OAuth2AuthenticateBO authenticate(OAuth2MobileCodeAuthenticateDTO authenticateDTO);
|
||||||
|
|
||||||
OAuth2AccessTokenBO authenticate(OAuth2AccessTokenAuthenticateDTO authenticateDTO);
|
OAuth2AuthenticateBO authenticate(OAuth2AccessTokenAuthenticateDTO authenticateDTO);
|
||||||
|
|
||||||
}
|
}
|
||||||
|
|
|
@ -4,7 +4,7 @@ import cn.iocoder.common.framework.constant.SysErrorCodeEnum;
|
||||||
import cn.iocoder.common.framework.util.ServiceExceptionUtil;
|
import cn.iocoder.common.framework.util.ServiceExceptionUtil;
|
||||||
import cn.iocoder.common.framework.util.ValidationUtil;
|
import cn.iocoder.common.framework.util.ValidationUtil;
|
||||||
import cn.iocoder.mall.system.biz.bo.account.AccountBO;
|
import cn.iocoder.mall.system.biz.bo.account.AccountBO;
|
||||||
import cn.iocoder.mall.system.biz.bo.ouath2.OAuth2AccessTokenBO;
|
import cn.iocoder.mall.system.biz.bo.ouath2.OAuth2AuthenticateBO;
|
||||||
import cn.iocoder.mall.system.biz.convert.oauth2.OAuth2Convert;
|
import cn.iocoder.mall.system.biz.convert.oauth2.OAuth2Convert;
|
||||||
import cn.iocoder.mall.system.biz.dao.oauth2.OAuth2AccessTokenMapper;
|
import cn.iocoder.mall.system.biz.dao.oauth2.OAuth2AccessTokenMapper;
|
||||||
import cn.iocoder.mall.system.biz.dao.oauth2.OAuth2RefreshTokenMapper;
|
import cn.iocoder.mall.system.biz.dao.oauth2.OAuth2RefreshTokenMapper;
|
||||||
|
@ -53,7 +53,7 @@ public class OAuth2ServiceImpl implements OAuth2Service {
|
||||||
|
|
||||||
@Override
|
@Override
|
||||||
@Transactional
|
@Transactional
|
||||||
public OAuth2AccessTokenBO authenticate(OAuth2UsernameAuthenticateDTO authenticateDTO) {
|
public OAuth2AuthenticateBO authenticate(OAuth2UsernameAuthenticateDTO authenticateDTO) {
|
||||||
// 获得账号
|
// 获得账号
|
||||||
AccountBO accountBO = accountService.getByUsername(authenticateDTO.getUsername());
|
AccountBO accountBO = accountService.getByUsername(authenticateDTO.getUsername());
|
||||||
if (accountBO == null) {
|
if (accountBO == null) {
|
||||||
|
@ -73,7 +73,7 @@ public class OAuth2ServiceImpl implements OAuth2Service {
|
||||||
|
|
||||||
@Override
|
@Override
|
||||||
@Transactional
|
@Transactional
|
||||||
public OAuth2AccessTokenBO authenticate(OAuth2MobileCodeAuthenticateDTO authenticateDTO) {
|
public OAuth2AuthenticateBO authenticate(OAuth2MobileCodeAuthenticateDTO authenticateDTO) {
|
||||||
// 校验手机格式
|
// 校验手机格式
|
||||||
if (!ValidationUtil.isMobile(authenticateDTO.getMobile())) {
|
if (!ValidationUtil.isMobile(authenticateDTO.getMobile())) {
|
||||||
throw ServiceExceptionUtil.exception(SysErrorCodeEnum.VALIDATION_REQUEST_PARAM_ERROR.getCode(), "手机格式不正确"); // TODO 有点搓
|
throw ServiceExceptionUtil.exception(SysErrorCodeEnum.VALIDATION_REQUEST_PARAM_ERROR.getCode(), "手机格式不正确"); // TODO 有点搓
|
||||||
|
@ -98,7 +98,7 @@ public class OAuth2ServiceImpl implements OAuth2Service {
|
||||||
}
|
}
|
||||||
|
|
||||||
@Override
|
@Override
|
||||||
public OAuth2AccessTokenBO authenticate(OAuth2AccessTokenAuthenticateDTO authenticateDTO) {
|
public OAuth2AuthenticateBO authenticate(OAuth2AccessTokenAuthenticateDTO authenticateDTO) {
|
||||||
OAuth2AccessTokenDO oauth2AccessTokenDO = oauth2AccessTokenMapper.selectById(authenticateDTO.getAccessToken());
|
OAuth2AccessTokenDO oauth2AccessTokenDO = oauth2AccessTokenMapper.selectById(authenticateDTO.getAccessToken());
|
||||||
if (oauth2AccessTokenDO == null) { // 不存在
|
if (oauth2AccessTokenDO == null) { // 不存在
|
||||||
throw ServiceExceptionUtil.exception(SystemErrorCodeEnum.OAUTH2_ACCESS_TOKEN_NOT_FOUND.getCode());
|
throw ServiceExceptionUtil.exception(SystemErrorCodeEnum.OAUTH2_ACCESS_TOKEN_NOT_FOUND.getCode());
|
||||||
|
|
|
@ -1,7 +1,7 @@
|
||||||
package cn.iocoder.mall.system.biz.service.user;
|
package cn.iocoder.mall.system.biz.service.user;
|
||||||
|
|
||||||
import cn.iocoder.mall.mybatis.enums.DeletedStatusEnum;
|
import cn.iocoder.mall.mybatis.enums.DeletedStatusEnum;
|
||||||
import cn.iocoder.mall.system.biz.bo.ouath2.OAuth2AccessTokenBO;
|
import cn.iocoder.mall.system.biz.bo.ouath2.OAuth2AuthenticateBO;
|
||||||
import cn.iocoder.mall.system.biz.bo.user.UserAuthenticateBO;
|
import cn.iocoder.mall.system.biz.bo.user.UserAuthenticateBO;
|
||||||
import cn.iocoder.mall.system.biz.bo.user.UserBO;
|
import cn.iocoder.mall.system.biz.bo.user.UserBO;
|
||||||
import cn.iocoder.mall.system.biz.convert.user.UserConvert;
|
import cn.iocoder.mall.system.biz.convert.user.UserConvert;
|
||||||
|
@ -26,7 +26,7 @@ public class UserServiceImpl implements UserService {
|
||||||
@Transactional
|
@Transactional
|
||||||
public UserAuthenticateBO authenticate(OAuth2MobileCodeAuthenticateDTO authenticateDTO) {
|
public UserAuthenticateBO authenticate(OAuth2MobileCodeAuthenticateDTO authenticateDTO) {
|
||||||
// 执行认证
|
// 执行认证
|
||||||
OAuth2AccessTokenBO accessTokenBO = oAuth2Service.authenticate(authenticateDTO);
|
OAuth2AuthenticateBO accessTokenBO = oAuth2Service.authenticate(authenticateDTO);
|
||||||
// 获得用户
|
// 获得用户
|
||||||
UserDO userDO = userMapper.selectById(accessTokenBO.getAccountId());
|
UserDO userDO = userMapper.selectById(accessTokenBO.getAccountId());
|
||||||
if (userDO == null) {
|
if (userDO == null) {
|
||||||
|
|
|
@ -1,6 +1,6 @@
|
||||||
<?xml version="1.0" encoding="UTF-8"?>
|
<?xml version="1.0" encoding="UTF-8"?>
|
||||||
<!DOCTYPE mapper PUBLIC "-//mybatis.org//DTD Mapper 3.0//EN" "http://mybatis.org/dtd/mybatis-3-mapper.dtd">
|
<!DOCTYPE mapper PUBLIC "-//mybatis.org//DTD Mapper 3.0//EN" "http://mybatis.org/dtd/mybatis-3-mapper.dtd">
|
||||||
<mapper namespace="cn.iocoder.mall.admin.dao.RoleResourceMapper">
|
<mapper namespace="cn.iocoder.mall.system.biz.dao.authorization.RoleResourceMapper">
|
||||||
|
|
||||||
<insert id="insertList">
|
<insert id="insertList">
|
||||||
INSERT INTO role_resource (
|
INSERT INTO role_resource (
|
||||||
|
|
|
@ -5,6 +5,7 @@ import cn.iocoder.common.framework.vo.CommonResult;
|
||||||
import cn.iocoder.mall.security.core.context.AdminSecurityContextHolder;
|
import cn.iocoder.mall.security.core.context.AdminSecurityContextHolder;
|
||||||
import cn.iocoder.mall.system.biz.bo.authorization.ResourceBO;
|
import cn.iocoder.mall.system.biz.bo.authorization.ResourceBO;
|
||||||
import cn.iocoder.mall.system.biz.bo.authorization.ResourceTreeNodeBO;
|
import cn.iocoder.mall.system.biz.bo.authorization.ResourceTreeNodeBO;
|
||||||
|
import cn.iocoder.mall.system.biz.dto.authorization.AuthorizationAssignRoleResourceDTO;
|
||||||
import cn.iocoder.mall.system.biz.dto.authorization.AuthorizationGetResourcesByAccountIdDTO;
|
import cn.iocoder.mall.system.biz.dto.authorization.AuthorizationGetResourcesByAccountIdDTO;
|
||||||
import cn.iocoder.mall.system.biz.dto.authorization.AuthorizationGetRoleResourcesDTO;
|
import cn.iocoder.mall.system.biz.dto.authorization.AuthorizationGetRoleResourcesDTO;
|
||||||
import cn.iocoder.mall.system.biz.dto.authorization.ResourceGetTreeDTO;
|
import cn.iocoder.mall.system.biz.dto.authorization.ResourceGetTreeDTO;
|
||||||
|
@ -12,6 +13,7 @@ import cn.iocoder.mall.system.biz.enums.authorization.ResourceTypeEnum;
|
||||||
import cn.iocoder.mall.system.biz.service.authorization.AuthorizationService;
|
import cn.iocoder.mall.system.biz.service.authorization.AuthorizationService;
|
||||||
import cn.iocoder.mall.system.biz.service.authorization.ResourceService;
|
import cn.iocoder.mall.system.biz.service.authorization.ResourceService;
|
||||||
import cn.iocoder.mall.system.rest.convert.authorization.AdminsAuthorizationConvert;
|
import cn.iocoder.mall.system.rest.convert.authorization.AdminsAuthorizationConvert;
|
||||||
|
import cn.iocoder.mall.system.rest.request.authorization.AdminsAuthorizationAssignRoleResourceRequest;
|
||||||
import cn.iocoder.mall.system.rest.response.authorization.AdminsAuthorizationMenuTreeResponse;
|
import cn.iocoder.mall.system.rest.response.authorization.AdminsAuthorizationMenuTreeResponse;
|
||||||
import cn.iocoder.mall.system.rest.response.authorization.AdminsAuthorizationRoleResourceTreeResponse;
|
import cn.iocoder.mall.system.rest.response.authorization.AdminsAuthorizationRoleResourceTreeResponse;
|
||||||
import io.swagger.annotations.Api;
|
import io.swagger.annotations.Api;
|
||||||
|
@ -19,10 +21,7 @@ import io.swagger.annotations.ApiImplicitParam;
|
||||||
import io.swagger.annotations.ApiOperation;
|
import io.swagger.annotations.ApiOperation;
|
||||||
import lombok.extern.slf4j.Slf4j;
|
import lombok.extern.slf4j.Slf4j;
|
||||||
import org.springframework.beans.factory.annotation.Autowired;
|
import org.springframework.beans.factory.annotation.Autowired;
|
||||||
import org.springframework.web.bind.annotation.GetMapping;
|
import org.springframework.web.bind.annotation.*;
|
||||||
import org.springframework.web.bind.annotation.RequestMapping;
|
|
||||||
import org.springframework.web.bind.annotation.RequestParam;
|
|
||||||
import org.springframework.web.bind.annotation.RestController;
|
|
||||||
|
|
||||||
import java.util.List;
|
import java.util.List;
|
||||||
import java.util.Set;
|
import java.util.Set;
|
||||||
|
@ -55,10 +54,10 @@ public class AdminsAuthorizationController {
|
||||||
return CommonResult.success(resources.stream().map(ResourceBO::getRoute).collect(Collectors.toSet()));
|
return CommonResult.success(resources.stream().map(ResourceBO::getRoute).collect(Collectors.toSet()));
|
||||||
}
|
}
|
||||||
|
|
||||||
@GetMapping("/role_tree")
|
@GetMapping("/role_resource_tree")
|
||||||
@ApiOperation(value = "获得角色拥有的菜单权限", notes = "以树结构返回。注意,返回的资源树是完整的结构,会标记每个资源节点是否被角色所拥有")
|
@ApiOperation(value = "获得角色拥有的菜单权限", notes = "以树结构返回。注意,返回的资源树是完整的结构,会标记每个资源节点是否被角色所拥有")
|
||||||
@ApiImplicitParam(name = "roleId", value = "角色编号", required = true, example = "1")
|
@ApiImplicitParam(name = "roleId", value = "角色编号", required = true, example = "1")
|
||||||
public CommonResult<List<AdminsAuthorizationRoleResourceTreeResponse>> roleTree(@RequestParam("roleId") Integer roleId) {
|
public CommonResult<List<AdminsAuthorizationRoleResourceTreeResponse>> roleResourceTree(@RequestParam("roleId") Integer roleId) {
|
||||||
// 1. 获得完整的资源树
|
// 1. 获得完整的资源树
|
||||||
List<ResourceTreeNodeBO> resourceTreeNodeBOs = resourceService.getResourceTree(new ResourceGetTreeDTO());
|
List<ResourceTreeNodeBO> resourceTreeNodeBOs = resourceService.getResourceTree(new ResourceGetTreeDTO());
|
||||||
// 2. 获得角色拥有的子树
|
// 2. 获得角色拥有的子树
|
||||||
|
@ -67,4 +66,13 @@ public class AdminsAuthorizationController {
|
||||||
return CommonResult.success(AdminsAuthorizationConvert.INSTANCE.convertList(resourceTreeNodeBOs, roleResourceIds));
|
return CommonResult.success(AdminsAuthorizationConvert.INSTANCE.convertList(resourceTreeNodeBOs, roleResourceIds));
|
||||||
}
|
}
|
||||||
|
|
||||||
|
@PostMapping("/assign_role_resource")
|
||||||
|
@ApiOperation(value = "分配角色资源")
|
||||||
|
public CommonResult<Boolean> assignRoleResource(AdminsAuthorizationAssignRoleResourceRequest request) {
|
||||||
|
AuthorizationAssignRoleResourceDTO authorizationAssignRoleResourceDTO = AdminsAuthorizationConvert.INSTANCE.convert(request)
|
||||||
|
.setAdminId(AdminSecurityContextHolder.getAdminId());
|
||||||
|
authorizationService.assignRoleResource(authorizationAssignRoleResourceDTO);
|
||||||
|
return CommonResult.success(true);
|
||||||
|
}
|
||||||
|
|
||||||
}
|
}
|
||||||
|
|
|
@ -70,11 +70,6 @@ public class AdminsRoleController {
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
||||||
//
|
|
||||||
// @PostMapping("/assign_role")
|
|
||||||
// @ApiOperation(value = "分配角色资源")
|
|
||||||
// public CommonResult<Boolean> assignRole(RoleAssignRoleDTO roleAssignRoleDTO) {
|
|
||||||
// return success(roleService.assignRoleRole(AdminSecurityContextHolder.getContext().getAdminId(), roleAssignRoleDTO));
|
|
||||||
// }
|
|
||||||
|
|
||||||
}
|
}
|
||||||
|
|
|
@ -5,7 +5,7 @@ import cn.iocoder.common.framework.util.ServiceExceptionUtil;
|
||||||
import cn.iocoder.common.framework.vo.CommonResult;
|
import cn.iocoder.common.framework.vo.CommonResult;
|
||||||
import cn.iocoder.mall.security.core.annotation.RequiresNone;
|
import cn.iocoder.mall.security.core.annotation.RequiresNone;
|
||||||
import cn.iocoder.mall.system.biz.bo.admin.AdminBO;
|
import cn.iocoder.mall.system.biz.bo.admin.AdminBO;
|
||||||
import cn.iocoder.mall.system.biz.bo.ouath2.OAuth2AccessTokenBO;
|
import cn.iocoder.mall.system.biz.bo.ouath2.OAuth2AuthenticateBO;
|
||||||
import cn.iocoder.mall.system.biz.dto.oatuh2.OAuth2UsernameAuthenticateDTO;
|
import cn.iocoder.mall.system.biz.dto.oatuh2.OAuth2UsernameAuthenticateDTO;
|
||||||
import cn.iocoder.mall.system.biz.service.admin.AdminService;
|
import cn.iocoder.mall.system.biz.service.admin.AdminService;
|
||||||
import cn.iocoder.mall.system.biz.service.oauth2.OAuth2Service;
|
import cn.iocoder.mall.system.biz.service.oauth2.OAuth2Service;
|
||||||
|
@ -37,7 +37,7 @@ public class AdminsOAuth2Controller {
|
||||||
public CommonResult<AdminsOAuth2AuthenticateResponse> usernameAuthenticate(AdminsOAuth2UsernameAuthenticateRequest request) {
|
public CommonResult<AdminsOAuth2AuthenticateResponse> usernameAuthenticate(AdminsOAuth2UsernameAuthenticateRequest request) {
|
||||||
// 执行认证
|
// 执行认证
|
||||||
OAuth2UsernameAuthenticateDTO authenticateDTO = AdminsOAuth2Convert.INSTANCE.convert(request);
|
OAuth2UsernameAuthenticateDTO authenticateDTO = AdminsOAuth2Convert.INSTANCE.convert(request);
|
||||||
OAuth2AccessTokenBO accessTokenBO = oauth2Service.authenticate(authenticateDTO);
|
OAuth2AuthenticateBO accessTokenBO = oauth2Service.authenticate(authenticateDTO);
|
||||||
// 获得 Admin 信息
|
// 获得 Admin 信息
|
||||||
AdminBO adminBO = adminService.getAdmin(accessTokenBO.getAccountId());
|
AdminBO adminBO = adminService.getAdmin(accessTokenBO.getAccountId());
|
||||||
if (adminBO == null) {
|
if (adminBO == null) {
|
||||||
|
|
|
@ -2,6 +2,8 @@ package cn.iocoder.mall.system.rest.convert.authorization;
|
||||||
|
|
||||||
import cn.iocoder.mall.system.biz.bo.authorization.ResourceBO;
|
import cn.iocoder.mall.system.biz.bo.authorization.ResourceBO;
|
||||||
import cn.iocoder.mall.system.biz.bo.authorization.ResourceTreeNodeBO;
|
import cn.iocoder.mall.system.biz.bo.authorization.ResourceTreeNodeBO;
|
||||||
|
import cn.iocoder.mall.system.biz.dto.authorization.AuthorizationAssignRoleResourceDTO;
|
||||||
|
import cn.iocoder.mall.system.rest.request.authorization.AdminsAuthorizationAssignRoleResourceRequest;
|
||||||
import cn.iocoder.mall.system.rest.response.authorization.AdminsAuthorizationMenuTreeResponse;
|
import cn.iocoder.mall.system.rest.response.authorization.AdminsAuthorizationMenuTreeResponse;
|
||||||
import cn.iocoder.mall.system.rest.response.authorization.AdminsAuthorizationRoleResourceTreeResponse;
|
import cn.iocoder.mall.system.rest.response.authorization.AdminsAuthorizationRoleResourceTreeResponse;
|
||||||
import org.mapstruct.Mapper;
|
import org.mapstruct.Mapper;
|
||||||
|
@ -32,18 +34,22 @@ public interface AdminsAuthorizationConvert {
|
||||||
List<AdminsAuthorizationMenuTreeResponse> convertList(List<ResourceTreeNodeBO> beans);
|
List<AdminsAuthorizationMenuTreeResponse> convertList(List<ResourceTreeNodeBO> beans);
|
||||||
|
|
||||||
default List<AdminsAuthorizationRoleResourceTreeResponse> convertList(List<ResourceTreeNodeBO> beans, Set<Integer> roleResourceIds) {
|
default List<AdminsAuthorizationRoleResourceTreeResponse> convertList(List<ResourceTreeNodeBO> beans, Set<Integer> roleResourceIds) {
|
||||||
|
if (beans == null) {
|
||||||
|
return null;
|
||||||
|
}
|
||||||
List<AdminsAuthorizationRoleResourceTreeResponse> responses = new ArrayList<>(beans.size());
|
List<AdminsAuthorizationRoleResourceTreeResponse> responses = new ArrayList<>(beans.size());
|
||||||
for (ResourceTreeNodeBO bean : beans) {
|
for (ResourceTreeNodeBO bean : beans) {
|
||||||
// 转换
|
// 转换
|
||||||
AdminsAuthorizationRoleResourceTreeResponse response = this.convert2(bean);
|
AdminsAuthorizationRoleResourceTreeResponse response = this.convert2(bean);
|
||||||
response.setAssign(roleResourceIds.contains(bean.getNode().getId()));
|
response.setAssigned(roleResourceIds.contains(bean.getNode().getId()));
|
||||||
// 递归子节点
|
// 递归子节点
|
||||||
this.convertList(bean.getChildren(), roleResourceIds);
|
response.setChildren(this.convertList(bean.getChildren(), roleResourceIds));
|
||||||
// 添加到结果
|
// 添加到结果
|
||||||
responses.add(response);
|
responses.add(response);
|
||||||
}
|
}
|
||||||
return responses;
|
return responses;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
AuthorizationAssignRoleResourceDTO convert(AdminsAuthorizationAssignRoleResourceRequest request);
|
||||||
|
|
||||||
}
|
}
|
||||||
|
|
|
@ -1,7 +1,7 @@
|
||||||
package cn.iocoder.mall.system.rest.convert.oauth2;
|
package cn.iocoder.mall.system.rest.convert.oauth2;
|
||||||
|
|
||||||
import cn.iocoder.mall.system.biz.bo.admin.AdminBO;
|
import cn.iocoder.mall.system.biz.bo.admin.AdminBO;
|
||||||
import cn.iocoder.mall.system.biz.bo.ouath2.OAuth2AccessTokenBO;
|
import cn.iocoder.mall.system.biz.bo.ouath2.OAuth2AuthenticateBO;
|
||||||
import cn.iocoder.mall.system.biz.dto.oatuh2.OAuth2UsernameAuthenticateDTO;
|
import cn.iocoder.mall.system.biz.dto.oatuh2.OAuth2UsernameAuthenticateDTO;
|
||||||
import cn.iocoder.mall.system.rest.request.oauth2.AdminsOAuth2UsernameAuthenticateRequest;
|
import cn.iocoder.mall.system.rest.request.oauth2.AdminsOAuth2UsernameAuthenticateRequest;
|
||||||
import cn.iocoder.mall.system.rest.response.oauth2.AdminsOAuth2AuthenticateResponse;
|
import cn.iocoder.mall.system.rest.response.oauth2.AdminsOAuth2AuthenticateResponse;
|
||||||
|
@ -20,6 +20,6 @@ public interface AdminsOAuth2Convert {
|
||||||
@Mapping(source = "accessTokenBO.id", target = "token.accessToken")
|
@Mapping(source = "accessTokenBO.id", target = "token.accessToken")
|
||||||
@Mapping(source = "accessTokenBO.refreshToken", target = "token.refreshToken")
|
@Mapping(source = "accessTokenBO.refreshToken", target = "token.refreshToken")
|
||||||
@Mapping(source = "accessTokenBO.expiresTime", target = "token.expiresTime")
|
@Mapping(source = "accessTokenBO.expiresTime", target = "token.expiresTime")
|
||||||
AdminsOAuth2AuthenticateResponse convert(AdminBO adminBO, OAuth2AccessTokenBO accessTokenBO);
|
AdminsOAuth2AuthenticateResponse convert(AdminBO adminBO, OAuth2AuthenticateBO accessTokenBO);
|
||||||
|
|
||||||
}
|
}
|
||||||
|
|
|
@ -0,0 +1,23 @@
|
||||||
|
package cn.iocoder.mall.system.rest.request.authorization;
|
||||||
|
|
||||||
|
import io.swagger.annotations.ApiModel;
|
||||||
|
import io.swagger.annotations.ApiModelProperty;
|
||||||
|
import lombok.Data;
|
||||||
|
import lombok.experimental.Accessors;
|
||||||
|
|
||||||
|
import javax.validation.constraints.NotNull;
|
||||||
|
import java.util.Set;
|
||||||
|
|
||||||
|
@ApiModel(value = "管理员 - 授权模块 - 分配角色资源 Request")
|
||||||
|
@Data
|
||||||
|
@Accessors(chain = true)
|
||||||
|
public class AdminsAuthorizationAssignRoleResourceRequest {
|
||||||
|
|
||||||
|
@ApiModelProperty(value = "角色编号", required = true, example = "1")
|
||||||
|
@NotNull(message = "角色编号不能为空")
|
||||||
|
private Integer roleId;
|
||||||
|
|
||||||
|
@ApiModelProperty(value = "资源编号数组", example = "1,2")
|
||||||
|
private Set<Integer> resourceIds;
|
||||||
|
|
||||||
|
}
|
|
@ -1,27 +0,0 @@
|
||||||
package cn.iocoder.mall.system.rest.request.authorization;
|
|
||||||
|
|
||||||
import io.swagger.annotations.ApiModel;
|
|
||||||
import io.swagger.annotations.ApiModelProperty;
|
|
||||||
import lombok.Data;
|
|
||||||
import lombok.experimental.Accessors;
|
|
||||||
|
|
||||||
import javax.validation.constraints.NotEmpty;
|
|
||||||
import javax.validation.constraints.NotNull;
|
|
||||||
|
|
||||||
@ApiModel("管理员 - 角色模块 - 修改角色 Request")
|
|
||||||
@Data
|
|
||||||
@Accessors(chain = true)
|
|
||||||
public class RoleUpdateDTO {
|
|
||||||
|
|
||||||
@ApiModelProperty(value = "角色编号", required = true, example = "123")
|
|
||||||
@NotNull(message = "角色编号不能为空")
|
|
||||||
private Integer id;
|
|
||||||
|
|
||||||
@ApiModelProperty(value = "角色名字", required = true, example = "系统管理员")
|
|
||||||
@NotEmpty(message = "角色名字不能为空")
|
|
||||||
private String name;
|
|
||||||
|
|
||||||
@ApiModelProperty(value = "角色编码", example = "SUPER_ADMIN")
|
|
||||||
private String code;
|
|
||||||
|
|
||||||
}
|
|
|
@ -7,7 +7,7 @@ import lombok.experimental.Accessors;
|
||||||
|
|
||||||
import java.util.List;
|
import java.util.List;
|
||||||
|
|
||||||
@ApiModel(value = "管理员 - 授权模块 - 菜单资源树", description = "一般用于首页菜单树")
|
@ApiModel(value = "管理员 - 授权模块 - 菜单资源树 Response", description = "一般用于首页菜单树")
|
||||||
@Data
|
@Data
|
||||||
@Accessors(chain = true)
|
@Accessors(chain = true)
|
||||||
public class AdminsAuthorizationMenuTreeResponse {
|
public class AdminsAuthorizationMenuTreeResponse {
|
||||||
|
|
|
@ -7,7 +7,7 @@ import lombok.experimental.Accessors;
|
||||||
|
|
||||||
import java.util.List;
|
import java.util.List;
|
||||||
|
|
||||||
@ApiModel(value = "管理员 - 授权模块 - 角色拥有的资源树")
|
@ApiModel(value = "管理员 - 授权模块 - 角色拥有的资源树 Response")
|
||||||
@Data
|
@Data
|
||||||
@Accessors(chain = true)
|
@Accessors(chain = true)
|
||||||
public class AdminsAuthorizationRoleResourceTreeResponse {
|
public class AdminsAuthorizationRoleResourceTreeResponse {
|
||||||
|
@ -17,7 +17,7 @@ public class AdminsAuthorizationRoleResourceTreeResponse {
|
||||||
@ApiModelProperty(value = "菜单名", required = true, example = "商品管理")
|
@ApiModelProperty(value = "菜单名", required = true, example = "商品管理")
|
||||||
private String name;
|
private String name;
|
||||||
@ApiModelProperty(value = "是否分配", required = true, notes = "即角色是否拥有该资源")
|
@ApiModelProperty(value = "是否分配", required = true, notes = "即角色是否拥有该资源")
|
||||||
private Boolean assign;
|
private Boolean assigned;
|
||||||
/**
|
/**
|
||||||
* 子节点数组
|
* 子节点数组
|
||||||
*/
|
*/
|
||||||
|
|
|
@ -7,7 +7,7 @@ import lombok.experimental.Accessors;
|
||||||
|
|
||||||
import java.util.List;
|
import java.util.List;
|
||||||
|
|
||||||
@ApiModel("管理员 - 授权模块 - 菜单资源树")
|
@ApiModel("管理员 - 授权模块 - 菜单资源树 Response")
|
||||||
@Data
|
@Data
|
||||||
@Accessors(chain = true)
|
@Accessors(chain = true)
|
||||||
public class AdminsResourceTreeResponse {
|
public class AdminsResourceTreeResponse {
|
||||||
|
|
|
@ -1,6 +1,6 @@
|
||||||
package cn.iocoder.mall.system.rpc.convert.oauth2;
|
package cn.iocoder.mall.system.rpc.convert.oauth2;
|
||||||
|
|
||||||
import cn.iocoder.mall.system.biz.bo.ouath2.OAuth2AccessTokenBO;
|
import cn.iocoder.mall.system.biz.bo.ouath2.OAuth2AuthenticateBO;
|
||||||
import cn.iocoder.mall.system.biz.dto.oatuh2.OAuth2AccessTokenAuthenticateDTO;
|
import cn.iocoder.mall.system.biz.dto.oatuh2.OAuth2AccessTokenAuthenticateDTO;
|
||||||
import cn.iocoder.mall.system.rpc.request.oauth2.OAuth2AccessTokenAuthenticateRequest;
|
import cn.iocoder.mall.system.rpc.request.oauth2.OAuth2AccessTokenAuthenticateRequest;
|
||||||
import cn.iocoder.mall.system.rpc.response.oauth2.OAuth2AccessTokenResponse;
|
import cn.iocoder.mall.system.rpc.response.oauth2.OAuth2AccessTokenResponse;
|
||||||
|
@ -14,6 +14,6 @@ public interface OAuth2Convert {
|
||||||
|
|
||||||
OAuth2AccessTokenAuthenticateDTO convert(OAuth2AccessTokenAuthenticateRequest authenticateRequest);
|
OAuth2AccessTokenAuthenticateDTO convert(OAuth2AccessTokenAuthenticateRequest authenticateRequest);
|
||||||
|
|
||||||
OAuth2AccessTokenResponse convert(OAuth2AccessTokenBO bean);
|
OAuth2AccessTokenResponse convert(OAuth2AuthenticateBO bean);
|
||||||
|
|
||||||
}
|
}
|
||||||
|
|
|
@ -1,7 +1,7 @@
|
||||||
package cn.iocoder.mall.system.rpc.rpc.oauth2;
|
package cn.iocoder.mall.system.rpc.rpc.oauth2;
|
||||||
|
|
||||||
import cn.iocoder.common.framework.vo.CommonResult;
|
import cn.iocoder.common.framework.vo.CommonResult;
|
||||||
import cn.iocoder.mall.system.biz.bo.ouath2.OAuth2AccessTokenBO;
|
import cn.iocoder.mall.system.biz.bo.ouath2.OAuth2AuthenticateBO;
|
||||||
import cn.iocoder.mall.system.biz.dto.oatuh2.OAuth2AccessTokenAuthenticateDTO;
|
import cn.iocoder.mall.system.biz.dto.oatuh2.OAuth2AccessTokenAuthenticateDTO;
|
||||||
import cn.iocoder.mall.system.biz.service.oauth2.OAuth2Service;
|
import cn.iocoder.mall.system.biz.service.oauth2.OAuth2Service;
|
||||||
import cn.iocoder.mall.system.rpc.api.oauth2.OAuth2RPC;
|
import cn.iocoder.mall.system.rpc.api.oauth2.OAuth2RPC;
|
||||||
|
@ -21,7 +21,7 @@ public class OAuth2RPCImpl implements OAuth2RPC {
|
||||||
public CommonResult<OAuth2AccessTokenResponse> authenticate(OAuth2AccessTokenAuthenticateRequest authenticateRequest) {
|
public CommonResult<OAuth2AccessTokenResponse> authenticate(OAuth2AccessTokenAuthenticateRequest authenticateRequest) {
|
||||||
// 执行认证
|
// 执行认证
|
||||||
OAuth2AccessTokenAuthenticateDTO authenticateDTO = OAuth2Convert.INSTANCE.convert(authenticateRequest);
|
OAuth2AccessTokenAuthenticateDTO authenticateDTO = OAuth2Convert.INSTANCE.convert(authenticateRequest);
|
||||||
OAuth2AccessTokenBO accessTokenBO = oauth2Service.authenticate(authenticateDTO);
|
OAuth2AuthenticateBO accessTokenBO = oauth2Service.authenticate(authenticateDTO);
|
||||||
// 返回结果
|
// 返回结果
|
||||||
OAuth2AccessTokenResponse accessTokenResponse = OAuth2Convert.INSTANCE.convert(accessTokenBO);
|
OAuth2AccessTokenResponse accessTokenResponse = OAuth2Convert.INSTANCE.convert(accessTokenBO);
|
||||||
return CommonResult.success(accessTokenResponse);
|
return CommonResult.success(accessTokenResponse);
|
||||||
|
|
|
@ -1,79 +0,0 @@
|
||||||
package cn.iocoder.mall.admin.service;
|
|
||||||
|
|
||||||
import cn.iocoder.common.framework.constant.DeletedStatusEnum;
|
|
||||||
import cn.iocoder.common.framework.util.CollectionUtil;
|
|
||||||
import cn.iocoder.common.framework.util.ServiceExceptionUtil;
|
|
||||||
import cn.iocoder.common.framework.vo.PageResult;
|
|
||||||
import cn.iocoder.mall.system.api.RoleService;
|
|
||||||
import cn.iocoder.mall.system.api.bo.role.RoleBO;
|
|
||||||
import cn.iocoder.mall.system.api.constant.AdminErrorCodeEnum;
|
|
||||||
import cn.iocoder.mall.system.api.dto.role.RoleAddDTO;
|
|
||||||
import cn.iocoder.mall.system.api.dto.role.RoleAssignResourceDTO;
|
|
||||||
import cn.iocoder.mall.system.api.dto.role.RoleUpdateDTO;
|
|
||||||
import cn.iocoder.mall.admin.convert.RoleConvert;
|
|
||||||
import org.springframework.beans.factory.annotation.Autowired;
|
|
||||||
import org.springframework.stereotype.Service;
|
|
||||||
import org.springframework.transaction.annotation.Transactional;
|
|
||||||
|
|
||||||
import java.util.*;
|
|
||||||
import java.util.stream.Collectors;
|
|
||||||
|
|
||||||
@Service
|
|
||||||
@org.apache.dubbo.config.annotation.Service(validation = "true", version = "${dubbo.provider.RoleService.version}")
|
|
||||||
public class RoleServiceImpl implements RoleService {
|
|
||||||
|
|
||||||
@Autowired
|
|
||||||
private RoleResourceMapper roleResourceMapper;
|
|
||||||
@Autowired
|
|
||||||
private AdminRoleMapper adminRoleMapper;
|
|
||||||
|
|
||||||
|
|
||||||
@Autowired
|
|
||||||
private ResourceServiceImpl resourceService;
|
|
||||||
|
|
||||||
public List<RoleResourceDO> getRoleByResourceId(Integer resourceId) {
|
|
||||||
return roleResourceMapper.selectListByResourceId(resourceId);
|
|
||||||
}
|
|
||||||
|
|
||||||
@Override
|
|
||||||
@Transactional
|
|
||||||
public Boolean assignRoleResource(Integer adminId, RoleAssignResourceDTO roleAssignResourceDTO) {
|
|
||||||
Integer roleId = roleAssignResourceDTO.getId();
|
|
||||||
Set<Integer> resourceIds = roleAssignResourceDTO.getResourceIds();
|
|
||||||
// 校验角色是否存在
|
|
||||||
if (roleMapper.selectById(roleAssignResourceDTO.getId()) == null) {
|
|
||||||
throw ServiceExceptionUtil.exception(AdminErrorCodeEnum.RESOURCE_NOT_EXISTS.getCode());
|
|
||||||
}
|
|
||||||
// 校验是否有不存在的资源
|
|
||||||
if (!CollectionUtil.isEmpty(resourceIds)) {
|
|
||||||
List<ResourceDO> resources = resourceService.getResources(resourceIds);
|
|
||||||
if (resources.size() != resourceIds.size()) {
|
|
||||||
throw ServiceExceptionUtil.exception(AdminErrorCodeEnum.ROLE_ASSIGN_RESOURCE_NOT_EXISTS.getCode());
|
|
||||||
}
|
|
||||||
}
|
|
||||||
// TODO 芋艿,这里先简单实现。即方式是,删除老的分配的资源关系,然后添加新的分配的资源关系
|
|
||||||
// 标记角色原资源关系都为删除
|
|
||||||
roleResourceMapper.deleteByRoleId(roleId);
|
|
||||||
// 创建 RoleResourceDO 数组,并插入到数据库
|
|
||||||
if (!CollectionUtil.isEmpty(resourceIds)) {
|
|
||||||
List<RoleResourceDO> roleResources = resourceIds.stream().map(resourceId -> {
|
|
||||||
RoleResourceDO roleResource = new RoleResourceDO().setRoleId(roleId).setResourceId(resourceId);
|
|
||||||
roleResource.setCreateTime(new Date());
|
|
||||||
roleResource.setDeleted(DeletedStatusEnum.DELETED_NO.getValue());
|
|
||||||
return roleResource;
|
|
||||||
}).collect(Collectors.toList());
|
|
||||||
roleResourceMapper.insertList(roleResources);
|
|
||||||
}
|
|
||||||
// TODO 插入操作日志
|
|
||||||
// 返回成功
|
|
||||||
return true;
|
|
||||||
}
|
|
||||||
|
|
||||||
public List<RoleDO> getRoles(Set<Integer> roleIds) {
|
|
||||||
if (CollectionUtil.isEmpty(roleIds)) {
|
|
||||||
return Collections.emptyList();
|
|
||||||
}
|
|
||||||
return roleMapper.selectBatchIds(roleIds);
|
|
||||||
}
|
|
||||||
|
|
||||||
}
|
|
Loading…
Reference in New Issue