超级管理员角色

This commit is contained in:
none 2023-02-23 22:20:22 +08:00
parent c7e0c8d466
commit bf2c5143c9
8 changed files with 102 additions and 12 deletions

View File

@ -3,10 +3,13 @@ package xyz.playedu.api.bus;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.stereotype.Component;
import xyz.playedu.api.constant.BackendConstant;
import xyz.playedu.api.domain.AdminRole;
import xyz.playedu.api.service.AdminPermissionService;
import xyz.playedu.api.service.AdminRolePermissionService;
import xyz.playedu.api.service.AdminRoleService;
import xyz.playedu.api.service.AdminUserRoleService;
import java.util.ArrayList;
import java.util.HashMap;
import java.util.List;
@ -22,6 +25,9 @@ public class BackendBus {
@Autowired
private AdminPermissionService permissionService;
@Autowired
private AdminRoleService adminRoleService;
public static boolean inUnAuthWhitelist(String uri) {
for (int i = 0; i < BackendConstant.UN_AUTH_URI_WHITELIST.length; i++) {
if (uri.equals(BackendConstant.UN_AUTH_URI_WHITELIST[i])) {
@ -32,15 +38,26 @@ public class BackendBus {
}
public HashMap<String, Boolean> adminUserPermissions(Integer userId) {
HashMap<String, Boolean> permissons = new HashMap<>();
// 读取超级管理角色
AdminRole superRole = adminRoleService.getBySlug(BackendConstant.SUPER_ADMIN_ROLE);
HashMap<String, Boolean> permissions = new HashMap<>();
List<Integer> roleIds = adminUserRoleService.getRoleIdsByUserId(userId);
if (roleIds.size() == 0) {
return permissons;
return permissions;
}
List<Integer> permissionIds = rolePermissionService.getPermissionIdsByRoleIds(roleIds);
if (permissionIds.size() == 0) {
return permissons;
List<Integer> permissionIds;
if (roleIds.contains(superRole.getId())) {//包含超级管理角色的话返回全部权限
permissionIds = permissionService.allIds();
} else {//根据相应的roleIds读取权限
permissionIds = rolePermissionService.getPermissionIdsByRoleIds(roleIds);
if (permissionIds.size() == 0) {
return permissions;
}
}
return permissionService.getSlugsByIds(permissionIds);
}

View File

@ -0,0 +1,39 @@
package xyz.playedu.api.checks;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.boot.ApplicationArguments;
import org.springframework.boot.ApplicationRunner;
import org.springframework.stereotype.Component;
import xyz.playedu.api.constant.BackendConstant;
import xyz.playedu.api.domain.AdminRole;
import xyz.playedu.api.service.AdminRoleService;
import java.util.Date;
/**
* @Author 杭州白书科技有限公司
* @create 2023/2/23 22:09
*/
@Component
public class AdminRoleCheck implements ApplicationRunner {
@Autowired
private AdminRoleService adminRoleService;
@Override
public void run(ApplicationArguments args) throws Exception {
AdminRole adminRole = adminRoleService.getBySlug(BackendConstant.SUPER_ADMIN_ROLE);
if (adminRole != null) {//已存在超级管理权限
return;
}
adminRole = new AdminRole();
adminRole.setName("超级管理角色");
adminRole.setSlug(BackendConstant.SUPER_ADMIN_ROLE);
adminRole.setCreatedAt(new Date());
adminRole.setUpdatedAt(new Date());
adminRoleService.save(adminRole);
}
}

View File

@ -1,6 +1,8 @@
package xyz.playedu.api.constant;
public class BackendConstant {
public final static String SUPER_ADMIN_ROLE = "super-role";
public final static String[] UN_AUTH_URI_WHITELIST = {"/backend/v1/system/image-captcha", "/backend/v1/auth/login",};
public final static String[] RESOURCE_TYPE_WHITELIST = {"IMAGE", "PDF", "VIDEO", "WORD", "PPT"};

View File

@ -5,6 +5,7 @@ import org.springframework.transaction.annotation.Transactional;
import org.springframework.validation.annotation.Validated;
import org.springframework.web.bind.annotation.*;
import xyz.playedu.api.constant.BPermissionConstant;
import xyz.playedu.api.constant.BackendConstant;
import xyz.playedu.api.domain.AdminPermission;
import xyz.playedu.api.domain.AdminRole;
import xyz.playedu.api.domain.AdminRolePermission;
@ -99,6 +100,9 @@ public class AdminRoleController {
if (role == null) {
return JsonResponse.error("管理角色不存在");
}
if (role.getSlug() == BackendConstant.SUPER_ADMIN_ROLE) {
return JsonResponse.error("超级管理权限无法编辑");
}
AdminRole newRole = new AdminRole();
newRole.setId(role.getId());
@ -128,8 +132,17 @@ public class AdminRoleController {
@DeleteMapping("/{id}")
@Transactional
public JsonResponse destroy(@PathVariable(name = "id") Integer id) {
rolePermissionService.removeRolePermissionsByRoleId(id);
roleService.removeById(id);
AdminRole role = roleService.getById(id);
if (role == null) {
return JsonResponse.error("角色不存在");
}
if (role.getSlug() == BackendConstant.SUPER_ADMIN_ROLE) {
return JsonResponse.error("超级管理角色无法删除");
}
rolePermissionService.removeRolePermissionsByRoleId(role.getId());
roleService.removeById(role.getId());
return JsonResponse.success();
}

View File

@ -19,4 +19,6 @@ public interface AdminPermissionService extends IService<AdminPermission> {
HashMap<String,Boolean> getSlugsByIds(List<Integer> ids);
List<Integer> allIds();
}

View File

@ -10,4 +10,6 @@ import com.baomidou.mybatisplus.extension.service.IService;
*/
public interface AdminRoleService extends IService<AdminRole> {
AdminRole getBySlug(String slug);
}

View File

@ -6,6 +6,7 @@ import xyz.playedu.api.service.AdminPermissionService;
import xyz.playedu.api.mapper.AdminPermissionMapper;
import org.springframework.stereotype.Service;
import java.util.ArrayList;
import java.util.HashMap;
import java.util.List;
@ -41,6 +42,16 @@ public class AdminPermissionServiceImpl extends ServiceImpl<AdminPermissionMappe
}
return map;
}
@Override
public List<Integer> allIds() {
List<AdminPermission> permissions = list(query().getWrapper().eq("1", "1").select("id"));
List<Integer> ids = new ArrayList<>();
for (AdminPermission permission : permissions) {
ids.add(permission.getId());
}
return ids;
}
}

View File

@ -7,14 +7,18 @@ import xyz.playedu.api.mapper.AdminRoleMapper;
import org.springframework.stereotype.Service;
/**
* @author tengteng
* @description 针对表admin_roles的数据库操作Service实现
* @createDate 2023-02-21 15:53:27
*/
* @author tengteng
* @description 针对表admin_roles的数据库操作Service实现
* @createDate 2023-02-21 15:53:27
*/
@Service
public class AdminRoleServiceImpl extends ServiceImpl<AdminRoleMapper, AdminRole>
implements AdminRoleService{
implements AdminRoleService {
@Override
public AdminRole getBySlug(String slug) {
return getOne(query().getWrapper().eq("slug", slug));
}
}