diff --git a/src/main/java/com/zh/project0512/aop/AdminCheckAuthorityAspect.java b/src/main/java/com/zh/project0512/aop/AdminCheckAuthorityAspect.java index a3e9850..3f12671 100644 --- a/src/main/java/com/zh/project0512/aop/AdminCheckAuthorityAspect.java +++ b/src/main/java/com/zh/project0512/aop/AdminCheckAuthorityAspect.java @@ -1,8 +1,13 @@ package com.zh.project0512.aop; import com.zh.project0512.annotation.AdminCheckAuthorityAnnotation; +import com.zh.project0512.model.Admin; +import com.zh.project0512.service.IAdminRoleService; +import com.zh.project0512.service.IAdminService; import com.zh.project0512.service.IUserService; +import com.zh.project0512.utils.BizException; import com.zh.project0512.utils.JwtUtil; +import com.zh.project0512.utils.result.HttpStatusEnum; import jdk.nashorn.internal.ir.annotations.Reference; import org.aspectj.lang.JoinPoint; import org.aspectj.lang.annotation.AfterReturning; @@ -37,7 +42,9 @@ public class AdminCheckAuthorityAspect { private final static Logger logger = LoggerFactory.getLogger(AdminCheckAuthorityAspect.class); @Resource - IUserService userService; + IAdminService adminService; + @Resource + IAdminRoleService adminRoleService; /** @@ -59,38 +66,36 @@ public class AdminCheckAuthorityAspect { //获取当前用户的信息 String tokenId = request.getHeader("token"); - Integer userId = userService.selByOpenid(new JwtUtil().parseOpenid(tokenId)).getId(); - -// //如果不是超级管理员,则判断是否有足够权限 -// if (manageUser.getType() != 1){//1.公司超级管理员 -// //1、查询【当前用户】所拥有的【角色】 -// String roleIdsStr = manageUser.getRoleId(); -// if (roleIdsStr != null){ -// String[] roleIds = roleIdsStr.split(","); -// -// HashSet jurisdictionIds = new HashSet<>(); -// for (String roleId : roleIds) { -// //2、根据【角色】查询对应的权限 -// List jurisdictionIdList = manageCheckAuthorityService.findJurisdictionByRoleId(roleId,sysCommunity); -// -// //3、将各个角色的权限 合在一起 并进行 去重操作 -// jurisdictionIds.addAll(jurisdictionIdList); -// } -// -// -// //4、获取该api所需权限 -// MethodSignature signature = (MethodSignature) joinPoint.getSignature(); -// ManageCheckAuthorityAnnotation annotation = signature.getMethod().getAnnotation(ManageCheckAuthorityAnnotation.class); -// String jurisdictionId = annotation.jurisdictionId(); -// -// //5、判断该用户是否存在该api所需权限,如果存在,则通过,不存在则抛出提示权限不足 -// if (!jurisdictionIds.contains(Integer.valueOf(jurisdictionId))){ -// throw new BizException(HttpStatusEnum.CUSTOM_EXCEPTION,"用户权限不足"); -// } -// }else { -// throw new BizException(HttpStatusEnum.CUSTOM_EXCEPTION,"用户权限不足"); -// } -// } + Integer id = Integer.valueOf(new JwtUtil().parseAdminJWT(tokenId).getId()); + + Admin admin = adminService.getById(id); + //1、查询【当前用户】所拥有的【角色】 + String roleIdsStr = admin.getRoleIds(); + if (roleIdsStr != null && !roleIdsStr.trim().equals("")){ + String[] roleIds = roleIdsStr.split(","); + + HashSet jurisdictionIds = new HashSet<>(); + for (String roleId : roleIds) { + //2、根据【角色】查询对应的权限 + List jurisdictionIdList = adminRoleService.findJurisdictionByRoleId(roleId); + + //3、将各个角色的权限 合在一起 并进行 去重操作 + jurisdictionIds.addAll(jurisdictionIdList); + } + + + //4、获取该api所需权限 + MethodSignature signature = (MethodSignature) joinPoint.getSignature(); + AdminCheckAuthorityAnnotation annotation = signature.getMethod().getAnnotation(AdminCheckAuthorityAnnotation.class); + String jurisdictionId = annotation.jurisdictionId(); + + //5、判断该用户是否存在该api所需权限,如果存在,则通过,不存在则抛出提示权限不足 + if (!jurisdictionIds.contains(Integer.valueOf(jurisdictionId))){ + throw new BizException(HttpStatusEnum.CUSTOM_EXCEPTION,"用户权限不足"); + } + }else { + throw new BizException(HttpStatusEnum.CUSTOM_EXCEPTION,"用户权限不足"); + } } diff --git a/src/main/java/com/zh/project0512/controller/manage/AdminJurisdictionController.java b/src/main/java/com/zh/project0512/controller/manage/AdminJurisdictionController.java index b484f48..4e04a2e 100644 --- a/src/main/java/com/zh/project0512/controller/manage/AdminJurisdictionController.java +++ b/src/main/java/com/zh/project0512/controller/manage/AdminJurisdictionController.java @@ -1,5 +1,6 @@ package com.zh.project0512.controller.manage; +import com.zh.project0512.annotation.AdminCheckAuthorityAnnotation; import com.zh.project0512.model.dto.OperationRoleJurisdictionDTO; import com.zh.project0512.model.dto.AdminJurisdictionFBIDTO; import com.zh.project0512.model.vo.AdminJurisdictionFBRIVo; @@ -34,6 +35,7 @@ public class AdminJurisdictionController { * @param operationRoleJurisdictionDTO 操作用户权限DTO * @return 操作结果 */ + @AdminCheckAuthorityAnnotation(jurisdictionId = "5") @Operation(summary = "操作角色权限") @PostMapping("/operationRoleJurisdiction") public Result operationRoleJurisdiction(@Validated @RequestBody OperationRoleJurisdictionDTO operationRoleJurisdictionDTO){ diff --git a/src/main/java/com/zh/project0512/model/Admin.java b/src/main/java/com/zh/project0512/model/Admin.java index a82ab41..ee67684 100644 --- a/src/main/java/com/zh/project0512/model/Admin.java +++ b/src/main/java/com/zh/project0512/model/Admin.java @@ -94,5 +94,10 @@ public class Admin extends Model { */ private Integer status; + /** + * 角色id,用,分隔 + */ + @TableField("roleIds") + private String roleIds; } diff --git a/src/main/java/com/zh/project0512/model/AdminJurisdiction.java b/src/main/java/com/zh/project0512/model/AdminJurisdiction.java index b984ab1..667b5bd 100644 --- a/src/main/java/com/zh/project0512/model/AdminJurisdiction.java +++ b/src/main/java/com/zh/project0512/model/AdminJurisdiction.java @@ -16,7 +16,7 @@ import java.io.Serializable; @Data @NoArgsConstructor @AllArgsConstructor -@TableName("userJurisdiction") +@TableName("adminJurisdiction") public class AdminJurisdiction implements Serializable { private static final long serialVersionUID = 1L; /** diff --git a/src/main/java/com/zh/project0512/model/AdminMenus.java b/src/main/java/com/zh/project0512/model/AdminMenus.java index 6dc2372..6b0ddb2 100644 --- a/src/main/java/com/zh/project0512/model/AdminMenus.java +++ b/src/main/java/com/zh/project0512/model/AdminMenus.java @@ -16,7 +16,7 @@ import java.io.Serializable; @Data @NoArgsConstructor @AllArgsConstructor -@TableName("userMenus") +@TableName("adminMenus") public class AdminMenus implements Serializable { private static final long serialVersionUID = 1L; diff --git a/src/main/java/com/zh/project0512/model/AdminOperation.java b/src/main/java/com/zh/project0512/model/AdminOperation.java index 4d25a73..3853e68 100644 --- a/src/main/java/com/zh/project0512/model/AdminOperation.java +++ b/src/main/java/com/zh/project0512/model/AdminOperation.java @@ -16,7 +16,7 @@ import java.io.Serializable; @Data @NoArgsConstructor @AllArgsConstructor -@TableName("userOperation") +@TableName("adminOperation") public class AdminOperation implements Serializable { private static final long serialVersionUID = 1L; diff --git a/src/main/java/com/zh/project0512/model/AdminRole.java b/src/main/java/com/zh/project0512/model/AdminRole.java index 94fb927..fa24449 100644 --- a/src/main/java/com/zh/project0512/model/AdminRole.java +++ b/src/main/java/com/zh/project0512/model/AdminRole.java @@ -17,7 +17,7 @@ import java.util.Date; @Data @NoArgsConstructor @AllArgsConstructor -@TableName("userRole") +@TableName("adminRole") public class AdminRole implements Serializable { private static final long serialVersionUID = 1L; diff --git a/src/main/java/com/zh/project0512/model/AdminRoleJurisdiction.java b/src/main/java/com/zh/project0512/model/AdminRoleJurisdiction.java index f707d64..dde1a8e 100644 --- a/src/main/java/com/zh/project0512/model/AdminRoleJurisdiction.java +++ b/src/main/java/com/zh/project0512/model/AdminRoleJurisdiction.java @@ -16,7 +16,7 @@ import java.io.Serializable; @Data @NoArgsConstructor @AllArgsConstructor -@TableName("userRoleJurisdiction") +@TableName("adminRoleJurisdiction") public class AdminRoleJurisdiction implements Serializable { private static final long serialVersionUID = 1L; diff --git a/src/main/java/com/zh/project0512/service/IAdminRoleService.java b/src/main/java/com/zh/project0512/service/IAdminRoleService.java index 3f2c8dd..a6356bf 100644 --- a/src/main/java/com/zh/project0512/service/IAdminRoleService.java +++ b/src/main/java/com/zh/project0512/service/IAdminRoleService.java @@ -6,6 +6,8 @@ import com.zh.project0512.model.dto.AdminRoleUpdateDTO; import com.zh.project0512.model.vo.AdminRoleListVo; import com.zh.project0512.utils.page.PageInfo; +import java.util.List; + public interface IAdminRoleService { /** * 查询用户角色 @@ -27,4 +29,11 @@ public interface IAdminRoleService { * @return 操作结果 */ boolean update(AdminRoleUpdateDTO adminRoleUpdateDTO); + + /** + * 根据【角色】查询对应的权限 + * @param roleId 角色主键id + * @return 对应的权限 + */ + List findJurisdictionByRoleId(String roleId); } diff --git a/src/main/java/com/zh/project0512/serviceImpl/AdminRoleServiceImpl.java b/src/main/java/com/zh/project0512/serviceImpl/AdminRoleServiceImpl.java index 66e05c5..7291fb9 100644 --- a/src/main/java/com/zh/project0512/serviceImpl/AdminRoleServiceImpl.java +++ b/src/main/java/com/zh/project0512/serviceImpl/AdminRoleServiceImpl.java @@ -3,8 +3,10 @@ package com.zh.project0512.serviceImpl; import com.baomidou.mybatisplus.core.conditions.query.QueryWrapper; import com.baomidou.mybatisplus.core.metadata.IPage; import com.baomidou.mybatisplus.extension.plugins.pagination.Page; +import com.zh.project0512.mapper.AdminRoleJurisdictionMapper; import com.zh.project0512.mapper.AdminRoleMapper; import com.zh.project0512.model.AdminRole; +import com.zh.project0512.model.AdminRoleJurisdiction; import com.zh.project0512.model.dto.AdminRoleInsertDTO; import com.zh.project0512.model.dto.AdminRoleListDTO; import com.zh.project0512.model.dto.AdminRoleUpdateDTO; @@ -27,6 +29,8 @@ import java.util.UUID; public class AdminRoleServiceImpl implements IAdminRoleService { @Resource AdminRoleMapper adminRoleMapper; + @Resource + AdminRoleJurisdictionMapper adminRoleJurisdictionMapper; @Override public PageInfo list(AdminRoleListDTO adminRoleListDTO) { @@ -69,4 +73,18 @@ public class AdminRoleServiceImpl implements IAdminRoleService { int update = adminRoleMapper.updateById(adminRole); return update > 0; } + + @Override + public List findJurisdictionByRoleId(String roleId) { + ArrayList jurisdictionIds = new ArrayList<>(); + + QueryWrapper queryWrapper = new QueryWrapper<>(); + queryWrapper.eq("role_id",roleId); + List adminRoleJurisdictionList = adminRoleJurisdictionMapper.selectList(queryWrapper); + for (AdminRoleJurisdiction adminRoleJurisdiction : adminRoleJurisdictionList) { + jurisdictionIds.add(adminRoleJurisdiction.getJurisdictionId()); + } + + return jurisdictionIds; + } }