新增编程式判断资源访问权限
This commit is contained in:
parent
eff42d8b0f
commit
d8255edf84
|
@ -64,6 +64,26 @@ public class Constants
|
||||||
*/
|
*/
|
||||||
public static final String LOGIN_FAIL = "Error";
|
public static final String LOGIN_FAIL = "Error";
|
||||||
|
|
||||||
|
/**
|
||||||
|
* 所有权限标识
|
||||||
|
*/
|
||||||
|
public static final String ALL_PERMISSION = "*:*:*";
|
||||||
|
|
||||||
|
/**
|
||||||
|
* 管理员角色权限标识
|
||||||
|
*/
|
||||||
|
public static final String SUPER_ADMIN = "admin";
|
||||||
|
|
||||||
|
/**
|
||||||
|
* 角色权限分隔符
|
||||||
|
*/
|
||||||
|
public static final String ROLE_DELIMETER = ",";
|
||||||
|
|
||||||
|
/**
|
||||||
|
* 权限标识分隔符
|
||||||
|
*/
|
||||||
|
public static final String PERMISSION_DELIMETER = ",";
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* 验证码有效期(分钟)
|
* 验证码有效期(分钟)
|
||||||
*/
|
*/
|
||||||
|
|
|
@ -1,9 +1,15 @@
|
||||||
package com.ruoyi.common.utils;
|
package com.ruoyi.common.utils;
|
||||||
|
|
||||||
|
import java.util.Collection;
|
||||||
|
import java.util.List;
|
||||||
|
import java.util.stream.Collectors;
|
||||||
import org.springframework.security.core.Authentication;
|
import org.springframework.security.core.Authentication;
|
||||||
import org.springframework.security.core.context.SecurityContextHolder;
|
import org.springframework.security.core.context.SecurityContextHolder;
|
||||||
import org.springframework.security.crypto.bcrypt.BCryptPasswordEncoder;
|
import org.springframework.security.crypto.bcrypt.BCryptPasswordEncoder;
|
||||||
|
import org.springframework.util.PatternMatchUtils;
|
||||||
|
import com.ruoyi.common.constant.Constants;
|
||||||
import com.ruoyi.common.constant.HttpStatus;
|
import com.ruoyi.common.constant.HttpStatus;
|
||||||
|
import com.ruoyi.common.core.domain.entity.SysRole;
|
||||||
import com.ruoyi.common.core.domain.model.LoginUser;
|
import com.ruoyi.common.core.domain.model.LoginUser;
|
||||||
import com.ruoyi.common.exception.ServiceException;
|
import com.ruoyi.common.exception.ServiceException;
|
||||||
|
|
||||||
|
@ -117,4 +123,55 @@ public class SecurityUtils
|
||||||
{
|
{
|
||||||
return userId != null && 1L == userId;
|
return userId != null && 1L == userId;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
/**
|
||||||
|
* 验证用户是否具备某权限
|
||||||
|
*
|
||||||
|
* @param permission 权限字符串
|
||||||
|
* @return 用户是否具备某权限
|
||||||
|
*/
|
||||||
|
public static boolean hasPermi(String permission)
|
||||||
|
{
|
||||||
|
return hasPermi(getLoginUser().getPermissions(), permission);
|
||||||
|
}
|
||||||
|
|
||||||
|
/**
|
||||||
|
* 判断是否包含权限
|
||||||
|
*
|
||||||
|
* @param authorities 权限列表
|
||||||
|
* @param permission 权限字符串
|
||||||
|
* @return 用户是否具备某权限
|
||||||
|
*/
|
||||||
|
public static boolean hasPermi(Collection<String> authorities, String permission)
|
||||||
|
{
|
||||||
|
return authorities.stream().filter(StringUtils::hasText)
|
||||||
|
.anyMatch(x -> Constants.ALL_PERMISSION.contains(x) || PatternMatchUtils.simpleMatch(x, permission));
|
||||||
|
}
|
||||||
|
|
||||||
|
/**
|
||||||
|
* 验证用户是否拥有某个角色
|
||||||
|
*
|
||||||
|
* @param role 角色标识
|
||||||
|
* @return 用户是否具备某角色
|
||||||
|
*/
|
||||||
|
public static boolean hasRole(String role)
|
||||||
|
{
|
||||||
|
List<SysRole> roleList = getLoginUser().getUser().getRoles();
|
||||||
|
Collection<String> roles = roleList.stream().map(SysRole::getRoleKey).collect(Collectors.toSet());
|
||||||
|
return hasRole(roles, role);
|
||||||
|
}
|
||||||
|
|
||||||
|
/**
|
||||||
|
* 判断是否包含角色
|
||||||
|
*
|
||||||
|
* @param roles 角色列表
|
||||||
|
* @param role 角色
|
||||||
|
* @return 用户是否具备某角色权限
|
||||||
|
*/
|
||||||
|
public static boolean hasRole(Collection<String> roles, String role)
|
||||||
|
{
|
||||||
|
return roles.stream().filter(StringUtils::hasText)
|
||||||
|
.anyMatch(x -> Constants.SUPER_ADMIN.contains(x) || PatternMatchUtils.simpleMatch(x, role));
|
||||||
|
}
|
||||||
|
|
||||||
}
|
}
|
||||||
|
|
|
@ -240,6 +240,30 @@ public class StringUtils extends org.apache.commons.lang3.StringUtils
|
||||||
return str.substring(start, end);
|
return str.substring(start, end);
|
||||||
}
|
}
|
||||||
|
|
||||||
|
/**
|
||||||
|
* 判断是否为空,并且不是空白字符
|
||||||
|
*
|
||||||
|
* @param str 要判断的value
|
||||||
|
* @return 结果
|
||||||
|
*/
|
||||||
|
public static boolean hasText(String str)
|
||||||
|
{
|
||||||
|
return (str != null && !str.isEmpty() && containsText(str));
|
||||||
|
}
|
||||||
|
|
||||||
|
private static boolean containsText(CharSequence str)
|
||||||
|
{
|
||||||
|
int strLen = str.length();
|
||||||
|
for (int i = 0; i < strLen; i++)
|
||||||
|
{
|
||||||
|
if (!Character.isWhitespace(str.charAt(i)))
|
||||||
|
{
|
||||||
|
return true;
|
||||||
|
}
|
||||||
|
}
|
||||||
|
return false;
|
||||||
|
}
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* 格式化文本, {} 表示占位符<br>
|
* 格式化文本, {} 表示占位符<br>
|
||||||
* 此方法只是简单将占位符 {} 按照顺序替换为参数<br>
|
* 此方法只是简单将占位符 {} 按照顺序替换为参数<br>
|
||||||
|
|
|
@ -3,6 +3,7 @@ package com.ruoyi.framework.web.service;
|
||||||
import java.util.Set;
|
import java.util.Set;
|
||||||
import org.springframework.stereotype.Service;
|
import org.springframework.stereotype.Service;
|
||||||
import org.springframework.util.CollectionUtils;
|
import org.springframework.util.CollectionUtils;
|
||||||
|
import com.ruoyi.common.constant.Constants;
|
||||||
import com.ruoyi.common.core.domain.entity.SysRole;
|
import com.ruoyi.common.core.domain.entity.SysRole;
|
||||||
import com.ruoyi.common.core.domain.model.LoginUser;
|
import com.ruoyi.common.core.domain.model.LoginUser;
|
||||||
import com.ruoyi.common.utils.SecurityUtils;
|
import com.ruoyi.common.utils.SecurityUtils;
|
||||||
|
@ -17,16 +18,6 @@ import com.ruoyi.framework.security.context.PermissionContextHolder;
|
||||||
@Service("ss")
|
@Service("ss")
|
||||||
public class PermissionService
|
public class PermissionService
|
||||||
{
|
{
|
||||||
/** 所有权限标识 */
|
|
||||||
private static final String ALL_PERMISSION = "*:*:*";
|
|
||||||
|
|
||||||
/** 管理员角色权限标识 */
|
|
||||||
private static final String SUPER_ADMIN = "admin";
|
|
||||||
|
|
||||||
private static final String ROLE_DELIMETER = ",";
|
|
||||||
|
|
||||||
private static final String PERMISSION_DELIMETER = ",";
|
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* 验证用户是否具备某权限
|
* 验证用户是否具备某权限
|
||||||
*
|
*
|
||||||
|
@ -78,7 +69,7 @@ public class PermissionService
|
||||||
}
|
}
|
||||||
PermissionContextHolder.setContext(permissions);
|
PermissionContextHolder.setContext(permissions);
|
||||||
Set<String> authorities = loginUser.getPermissions();
|
Set<String> authorities = loginUser.getPermissions();
|
||||||
for (String permission : permissions.split(PERMISSION_DELIMETER))
|
for (String permission : permissions.split(Constants.PERMISSION_DELIMETER))
|
||||||
{
|
{
|
||||||
if (permission != null && hasPermissions(authorities, permission))
|
if (permission != null && hasPermissions(authorities, permission))
|
||||||
{
|
{
|
||||||
|
@ -108,7 +99,7 @@ public class PermissionService
|
||||||
for (SysRole sysRole : loginUser.getUser().getRoles())
|
for (SysRole sysRole : loginUser.getUser().getRoles())
|
||||||
{
|
{
|
||||||
String roleKey = sysRole.getRoleKey();
|
String roleKey = sysRole.getRoleKey();
|
||||||
if (SUPER_ADMIN.equals(roleKey) || roleKey.equals(StringUtils.trim(role)))
|
if (Constants.SUPER_ADMIN.equals(roleKey) || roleKey.equals(StringUtils.trim(role)))
|
||||||
{
|
{
|
||||||
return true;
|
return true;
|
||||||
}
|
}
|
||||||
|
@ -144,7 +135,7 @@ public class PermissionService
|
||||||
{
|
{
|
||||||
return false;
|
return false;
|
||||||
}
|
}
|
||||||
for (String role : roles.split(ROLE_DELIMETER))
|
for (String role : roles.split(Constants.ROLE_DELIMETER))
|
||||||
{
|
{
|
||||||
if (hasRole(role))
|
if (hasRole(role))
|
||||||
{
|
{
|
||||||
|
@ -163,6 +154,6 @@ public class PermissionService
|
||||||
*/
|
*/
|
||||||
private boolean hasPermissions(Set<String> permissions, String permission)
|
private boolean hasPermissions(Set<String> permissions, String permission)
|
||||||
{
|
{
|
||||||
return permissions.contains(ALL_PERMISSION) || permissions.contains(StringUtils.trim(permission));
|
return permissions.contains(Constants.ALL_PERMISSION) || permissions.contains(StringUtils.trim(permission));
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
Loading…
Reference in New Issue