From bf2c5143c92c9241e25dd5386455f7cc94029477 Mon Sep 17 00:00:00 2001 From: none Date: Thu, 23 Feb 2023 22:20:22 +0800 Subject: [PATCH] =?UTF-8?q?=E8=B6=85=E7=BA=A7=E7=AE=A1=E7=90=86=E5=91=98?= =?UTF-8?q?=E8=A7=92=E8=89=B2?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- .../java/xyz/playedu/api/bus/BackendBus.java | 27 ++++++++++--- .../playedu/api/checks/AdminRoleCheck.java | 39 +++++++++++++++++++ .../playedu/api/constant/BackendConstant.java | 2 + .../backend/AdminRoleController.java | 17 +++++++- .../api/service/AdminPermissionService.java | 2 + .../playedu/api/service/AdminRoleService.java | 2 + .../impl/AdminPermissionServiceImpl.java | 11 ++++++ .../service/impl/AdminRoleServiceImpl.java | 14 ++++--- 8 files changed, 102 insertions(+), 12 deletions(-) create mode 100644 src/main/java/xyz/playedu/api/checks/AdminRoleCheck.java diff --git a/src/main/java/xyz/playedu/api/bus/BackendBus.java b/src/main/java/xyz/playedu/api/bus/BackendBus.java index 71667de..9501624 100644 --- a/src/main/java/xyz/playedu/api/bus/BackendBus.java +++ b/src/main/java/xyz/playedu/api/bus/BackendBus.java @@ -3,10 +3,13 @@ package xyz.playedu.api.bus; import org.springframework.beans.factory.annotation.Autowired; import org.springframework.stereotype.Component; import xyz.playedu.api.constant.BackendConstant; +import xyz.playedu.api.domain.AdminRole; import xyz.playedu.api.service.AdminPermissionService; import xyz.playedu.api.service.AdminRolePermissionService; +import xyz.playedu.api.service.AdminRoleService; import xyz.playedu.api.service.AdminUserRoleService; +import java.util.ArrayList; import java.util.HashMap; import java.util.List; @@ -22,6 +25,9 @@ public class BackendBus { @Autowired private AdminPermissionService permissionService; + @Autowired + private AdminRoleService adminRoleService; + public static boolean inUnAuthWhitelist(String uri) { for (int i = 0; i < BackendConstant.UN_AUTH_URI_WHITELIST.length; i++) { if (uri.equals(BackendConstant.UN_AUTH_URI_WHITELIST[i])) { @@ -32,15 +38,26 @@ public class BackendBus { } public HashMap adminUserPermissions(Integer userId) { - HashMap permissons = new HashMap<>(); + // 读取超级管理角色 + AdminRole superRole = adminRoleService.getBySlug(BackendConstant.SUPER_ADMIN_ROLE); + + HashMap permissions = new HashMap<>(); List roleIds = adminUserRoleService.getRoleIdsByUserId(userId); if (roleIds.size() == 0) { - return permissons; + return permissions; } - List permissionIds = rolePermissionService.getPermissionIdsByRoleIds(roleIds); - if (permissionIds.size() == 0) { - return permissons; + + List permissionIds; + + if (roleIds.contains(superRole.getId())) {//包含超级管理角色的话返回全部权限 + permissionIds = permissionService.allIds(); + } else {//根据相应的roleIds读取权限 + permissionIds = rolePermissionService.getPermissionIdsByRoleIds(roleIds); + if (permissionIds.size() == 0) { + return permissions; + } } + return permissionService.getSlugsByIds(permissionIds); } diff --git a/src/main/java/xyz/playedu/api/checks/AdminRoleCheck.java b/src/main/java/xyz/playedu/api/checks/AdminRoleCheck.java new file mode 100644 index 0000000..b0e9426 --- /dev/null +++ b/src/main/java/xyz/playedu/api/checks/AdminRoleCheck.java @@ -0,0 +1,39 @@ +package xyz.playedu.api.checks; + +import org.springframework.beans.factory.annotation.Autowired; +import org.springframework.boot.ApplicationArguments; +import org.springframework.boot.ApplicationRunner; +import org.springframework.stereotype.Component; +import xyz.playedu.api.constant.BackendConstant; +import xyz.playedu.api.domain.AdminRole; +import xyz.playedu.api.service.AdminRoleService; + +import java.util.Date; + +/** + * @Author 杭州白书科技有限公司 + * @create 2023/2/23 22:09 + */ +@Component +public class AdminRoleCheck implements ApplicationRunner { + + @Autowired + private AdminRoleService adminRoleService; + + @Override + public void run(ApplicationArguments args) throws Exception { + AdminRole adminRole = adminRoleService.getBySlug(BackendConstant.SUPER_ADMIN_ROLE); + if (adminRole != null) {//已存在超级管理权限 + return; + } + adminRole = new AdminRole(); + + adminRole.setName("超级管理角色"); + adminRole.setSlug(BackendConstant.SUPER_ADMIN_ROLE); + adminRole.setCreatedAt(new Date()); + adminRole.setUpdatedAt(new Date()); + + adminRoleService.save(adminRole); + } + +} diff --git a/src/main/java/xyz/playedu/api/constant/BackendConstant.java b/src/main/java/xyz/playedu/api/constant/BackendConstant.java index 130b36a..b4cca91 100644 --- a/src/main/java/xyz/playedu/api/constant/BackendConstant.java +++ b/src/main/java/xyz/playedu/api/constant/BackendConstant.java @@ -1,6 +1,8 @@ package xyz.playedu.api.constant; public class BackendConstant { + public final static String SUPER_ADMIN_ROLE = "super-role"; + public final static String[] UN_AUTH_URI_WHITELIST = {"/backend/v1/system/image-captcha", "/backend/v1/auth/login",}; public final static String[] RESOURCE_TYPE_WHITELIST = {"IMAGE", "PDF", "VIDEO", "WORD", "PPT"}; diff --git a/src/main/java/xyz/playedu/api/controller/backend/AdminRoleController.java b/src/main/java/xyz/playedu/api/controller/backend/AdminRoleController.java index dd5009f..ea39a29 100644 --- a/src/main/java/xyz/playedu/api/controller/backend/AdminRoleController.java +++ b/src/main/java/xyz/playedu/api/controller/backend/AdminRoleController.java @@ -5,6 +5,7 @@ import org.springframework.transaction.annotation.Transactional; import org.springframework.validation.annotation.Validated; import org.springframework.web.bind.annotation.*; import xyz.playedu.api.constant.BPermissionConstant; +import xyz.playedu.api.constant.BackendConstant; import xyz.playedu.api.domain.AdminPermission; import xyz.playedu.api.domain.AdminRole; import xyz.playedu.api.domain.AdminRolePermission; @@ -99,6 +100,9 @@ public class AdminRoleController { if (role == null) { return JsonResponse.error("管理角色不存在"); } + if (role.getSlug() == BackendConstant.SUPER_ADMIN_ROLE) { + return JsonResponse.error("超级管理权限无法编辑"); + } AdminRole newRole = new AdminRole(); newRole.setId(role.getId()); @@ -128,8 +132,17 @@ public class AdminRoleController { @DeleteMapping("/{id}") @Transactional public JsonResponse destroy(@PathVariable(name = "id") Integer id) { - rolePermissionService.removeRolePermissionsByRoleId(id); - roleService.removeById(id); + AdminRole role = roleService.getById(id); + if (role == null) { + return JsonResponse.error("角色不存在"); + } + if (role.getSlug() == BackendConstant.SUPER_ADMIN_ROLE) { + return JsonResponse.error("超级管理角色无法删除"); + } + + rolePermissionService.removeRolePermissionsByRoleId(role.getId()); + roleService.removeById(role.getId()); + return JsonResponse.success(); } diff --git a/src/main/java/xyz/playedu/api/service/AdminPermissionService.java b/src/main/java/xyz/playedu/api/service/AdminPermissionService.java index 569b690..3722b65 100644 --- a/src/main/java/xyz/playedu/api/service/AdminPermissionService.java +++ b/src/main/java/xyz/playedu/api/service/AdminPermissionService.java @@ -19,4 +19,6 @@ public interface AdminPermissionService extends IService { HashMap getSlugsByIds(List ids); + List allIds(); + } diff --git a/src/main/java/xyz/playedu/api/service/AdminRoleService.java b/src/main/java/xyz/playedu/api/service/AdminRoleService.java index 775a85e..a5a2bce 100644 --- a/src/main/java/xyz/playedu/api/service/AdminRoleService.java +++ b/src/main/java/xyz/playedu/api/service/AdminRoleService.java @@ -10,4 +10,6 @@ import com.baomidou.mybatisplus.extension.service.IService; */ public interface AdminRoleService extends IService { + AdminRole getBySlug(String slug); + } diff --git a/src/main/java/xyz/playedu/api/service/impl/AdminPermissionServiceImpl.java b/src/main/java/xyz/playedu/api/service/impl/AdminPermissionServiceImpl.java index 839ddfa..63a005a 100644 --- a/src/main/java/xyz/playedu/api/service/impl/AdminPermissionServiceImpl.java +++ b/src/main/java/xyz/playedu/api/service/impl/AdminPermissionServiceImpl.java @@ -6,6 +6,7 @@ import xyz.playedu.api.service.AdminPermissionService; import xyz.playedu.api.mapper.AdminPermissionMapper; import org.springframework.stereotype.Service; +import java.util.ArrayList; import java.util.HashMap; import java.util.List; @@ -41,6 +42,16 @@ public class AdminPermissionServiceImpl extends ServiceImpl allIds() { + List permissions = list(query().getWrapper().eq("1", "1").select("id")); + List ids = new ArrayList<>(); + for (AdminPermission permission : permissions) { + ids.add(permission.getId()); + } + return ids; + } } diff --git a/src/main/java/xyz/playedu/api/service/impl/AdminRoleServiceImpl.java b/src/main/java/xyz/playedu/api/service/impl/AdminRoleServiceImpl.java index 22e27a4..52970c4 100644 --- a/src/main/java/xyz/playedu/api/service/impl/AdminRoleServiceImpl.java +++ b/src/main/java/xyz/playedu/api/service/impl/AdminRoleServiceImpl.java @@ -7,14 +7,18 @@ import xyz.playedu.api.mapper.AdminRoleMapper; import org.springframework.stereotype.Service; /** -* @author tengteng -* @description 针对表【admin_roles】的数据库操作Service实现 -* @createDate 2023-02-21 15:53:27 -*/ + * @author tengteng + * @description 针对表【admin_roles】的数据库操作Service实现 + * @createDate 2023-02-21 15:53:27 + */ @Service public class AdminRoleServiceImpl extends ServiceImpl - implements AdminRoleService{ + implements AdminRoleService { + @Override + public AdminRole getBySlug(String slug) { + return getOne(query().getWrapper().eq("slug", slug)); + } }