diff --git a/.gitignore b/.gitignore index 8562ef429a7f7115cbeb7a60f21ea2ed18bd6712..a9d12aacca1a0a0809f91335ce4f706390e3d36e 100644 --- a/.gitignore +++ b/.gitignore @@ -19,3 +19,5 @@ rebel.xml /.apt_generated/ /bin/ /.apt_generated_tests/ +/.settings/ + diff --git a/pom.xml b/pom.xml index 2296d63325bd430e183aab45d1d7809ab86b1c3e..579d03d4ab45d0c219a9bb850d25696eb2b454f0 100644 --- a/pom.xml +++ b/pom.xml @@ -95,21 +95,22 @@ druid-spring-boot-starter 1.2.6 - - - org.apache.shiro - shiro-spring - 1.7.0 - org.springframework.boot spring-boot-starter-aop - + + + + cn.dev33 + sa-token-spring-boot-starter + 1.26.0 + + - com.github.theborakompanioni - thymeleaf-extras-shiro - 2.0.0 + cn.dev33 + sa-token-dao-redis-jackson + 1.26.0 diff --git a/src/main/java/com/fc/v2/common/conf/oss/OssEndpoint.java b/src/main/java/com/fc/v2/common/conf/oss/OssEndpoint.java index 2f7666050dca1ff7d17502cf1c648deeaf1c73d5..2af107420a78163cb52d11d7f8abccfe0fa41d44 100644 --- a/src/main/java/com/fc/v2/common/conf/oss/OssEndpoint.java +++ b/src/main/java/com/fc/v2/common/conf/oss/OssEndpoint.java @@ -1,6 +1,23 @@ package com.fc.v2.common.conf.oss; +import java.util.Date; +import java.util.HashMap; +import java.util.List; +import java.util.Map; + +import org.springframework.beans.factory.annotation.Autowired; +import org.springframework.http.HttpStatus; +import org.springframework.web.bind.annotation.DeleteMapping; +import org.springframework.web.bind.annotation.GetMapping; +import org.springframework.web.bind.annotation.PathVariable; +import org.springframework.web.bind.annotation.PostMapping; +import org.springframework.web.bind.annotation.RequestBody; +import org.springframework.web.bind.annotation.RequestMapping; +import org.springframework.web.bind.annotation.ResponseStatus; +import org.springframework.web.bind.annotation.RestController; +import org.springframework.web.multipart.MultipartFile; + import com.amazonaws.services.s3.model.Bucket; import com.amazonaws.services.s3.model.PutObjectResult; import com.amazonaws.services.s3.model.S3Object; @@ -8,17 +25,9 @@ import com.amazonaws.services.s3.model.S3ObjectSummary; import com.fc.v2.common.domain.AjaxResult; import com.fc.v2.model.auto.SysFile; import com.fc.v2.model.auto.TsysUser; +import com.fc.v2.satoken.SaTokenUtil; import com.fc.v2.service.SysFileService; -import com.fc.v2.shiro.util.ShiroUtils; import com.fc.v2.util.SnowflakeIdWorker; -import org.springframework.beans.factory.annotation.Autowired; -import org.springframework.http.HttpStatus; -import org.springframework.web.bind.annotation.*; -import org.springframework.web.multipart.MultipartFile; -import java.util.Date; -import java.util.HashMap; -import java.util.List; -import java.util.Map; /** * aws 对外提供服务端点 @@ -98,10 +107,10 @@ public class OssEndpoint { String fileSuffixName=uuid+suffixName; PutObjectResult putObjectResult=template.putObject(bucketName, fileSuffixName, object.getInputStream(), object.getSize(), object.getContentType()); if(putObjectResult!=null){ - TsysUser tsysUser=ShiroUtils.getUser(); + TsysUser tsysUser=SaTokenUtil.getUser(); SysFile sysFile=null; if(tsysUser!=null) { - sysFile=new SysFile(uuid, fileSuffixName, bucketName, object.getSize(), object.getContentType(),ShiroUtils.getUserId(), ShiroUtils.getLoginName(), new Date(),null, null, null); + sysFile=new SysFile(uuid, fileSuffixName, bucketName, object.getSize(), object.getContentType(),SaTokenUtil.getUserId(), SaTokenUtil.getLoginName(), new Date(),null, null, null); }else { sysFile=new SysFile(uuid, fileSuffixName, bucketName, object.getSize(), object.getContentType(),"-", "-", new Date(),null, null, null); } @@ -200,8 +209,8 @@ public class OssEndpoint { PutObjectResult putObjectResult=template.putObject(bucketName, fileSuffixName, object.getInputStream(), object.getSize(), object.getContentType()); if(putObjectResult!=null){ oldSysFile.setFileSize(object.getSize()); - oldSysFile.setUpdateUserId(ShiroUtils.getUserId()); - oldSysFile.setUpdateUserName(ShiroUtils.getLoginName()); + oldSysFile.setUpdateUserId(SaTokenUtil.getUserId()); + oldSysFile.setUpdateUserName(SaTokenUtil.getLoginName()); oldSysFile.setUpdateTime(new Date()); oldSysFile.setFileName(fileSuffixName); oldSysFile.setBucketName(bucketName); @@ -232,10 +241,10 @@ public class OssEndpoint { String fileSuffixName=uuid+suffixName; PutObjectResult putObjectResult=template.putObject(bucketName, fileSuffixName, file.getInputStream(), file.getSize(), file.getContentType()); if(putObjectResult!=null){ - TsysUser tsysUser=ShiroUtils.getUser(); + TsysUser tsysUser=SaTokenUtil.getUser(); SysFile sysFile=null; if(tsysUser!=null) { - sysFile=new SysFile(uuid, fileSuffixName, bucketName, file.getSize(), file.getContentType(),ShiroUtils.getUserId(), ShiroUtils.getLoginName(), new Date(),null, null, null); + sysFile=new SysFile(uuid, fileSuffixName, bucketName, file.getSize(), file.getContentType(),SaTokenUtil.getUserId(), SaTokenUtil.getLoginName(), new Date(),null, null, null); }else { sysFile=new SysFile(uuid, fileSuffixName, bucketName, file.getSize(), file.getContentType(),"-", "-", new Date(),null, null, null); } diff --git a/src/main/java/com/fc/v2/common/exception/GlobalExceptionResolver.java b/src/main/java/com/fc/v2/common/exception/GlobalExceptionResolver.java index 821cd854523ead392b7b78d3a7c914725ee26625..f06dbfebd865c21ef410e0605937fd686f959a99 100644 --- a/src/main/java/com/fc/v2/common/exception/GlobalExceptionResolver.java +++ b/src/main/java/com/fc/v2/common/exception/GlobalExceptionResolver.java @@ -1,11 +1,7 @@ package com.fc.v2.common.exception; -import com.fc.v2.common.domain.AjaxResult; -import com.fc.v2.common.exception.demo.DemoModeException; -import com.fc.v2.util.ServletUtils; -import org.apache.shiro.authz.AuthorizationException; -import org.apache.shiro.authz.UnauthenticatedException; -import org.apache.shiro.authz.UnauthorizedException; +import javax.servlet.http.HttpServletRequest; + import org.slf4j.Logger; import org.slf4j.LoggerFactory; import org.springframework.validation.BindException; @@ -14,7 +10,15 @@ import org.springframework.web.bind.annotation.ExceptionHandler; import org.springframework.web.bind.annotation.RestControllerAdvice; import org.springframework.web.servlet.ModelAndView; -import javax.servlet.http.HttpServletRequest; +import com.fc.v2.common.domain.AjaxResult; +import com.fc.v2.common.exception.demo.DemoModeException; +import com.fc.v2.util.ServletUtils; + +import cn.dev33.satoken.exception.NotLoginException; +import cn.dev33.satoken.exception.NotPermissionException; +import cn.dev33.satoken.exception.NotRoleException; +import cn.dev33.satoken.exception.NotSafeException; +import cn.dev33.satoken.exception.SaTokenException; /** * 全局异常处理 @@ -25,13 +29,11 @@ import javax.servlet.http.HttpServletRequest; public class GlobalExceptionResolver{ private static Logger logger = LoggerFactory.getLogger(GlobalExceptionResolver.class); - - - /** + /** * 权限校验失败 如果请求为ajax返回json,普通请求跳转页面 */ - @ExceptionHandler(AuthorizationException.class) - public Object handleAuthorizationException(HttpServletRequest request, AuthorizationException e) + @ExceptionHandler(SaTokenException.class) + public Object handleAuthorizationException(HttpServletRequest request, SaTokenException e) { //开发环境打印异常,正式环境请注销 logger.error(" 权限校验异常》》"+e.getMessage(), e); @@ -41,26 +43,21 @@ public class GlobalExceptionResolver{ } else { - ModelAndView mv; - //shiro异常拦截 - if(e instanceof UnauthorizedException){ - //未授权异常 - mv = new ModelAndView("/error/403"); - return mv; - }else if(e instanceof UnauthenticatedException){ - //未认证异常 - mv = new ModelAndView("/error/403"); - return mv; - } - else { - mv = new ModelAndView(); - return mv; - - } + // 登录认证异常 + if(e instanceof NotLoginException){ + return new ModelAndView("/login"); + } + // 权限认证异常 + else if (e instanceof NotPermissionException || e instanceof NotRoleException || e instanceof NotSafeException){ + return new ModelAndView("/error/403"); + } + // 其它异常 + else { + return new ModelAndView("/error/403"); + } } } - /** diff --git a/src/main/java/com/fc/v2/common/interceptor/MyWebAppConfigurer.java b/src/main/java/com/fc/v2/common/interceptor/MyWebAppConfigurer.java index 7f0342798ac14ce888033d3d746311ba3ca0bc47..00f3cafba9ee771da672466b4c3f1b7a3f8e2f66 100644 --- a/src/main/java/com/fc/v2/common/interceptor/MyWebAppConfigurer.java +++ b/src/main/java/com/fc/v2/common/interceptor/MyWebAppConfigurer.java @@ -1,14 +1,9 @@ package com.fc.v2.common.interceptor; import org.springframework.context.annotation.Configuration; -import org.springframework.web.servlet.config.annotation.ContentNegotiationConfigurer; -import org.springframework.web.servlet.config.annotation.CorsRegistry; -import org.springframework.web.servlet.config.annotation.DefaultServletHandlerConfigurer; import org.springframework.web.servlet.config.annotation.InterceptorRegistry; import org.springframework.web.servlet.config.annotation.ResourceHandlerRegistry; -import org.springframework.web.servlet.config.annotation.ViewControllerRegistry; -import org.springframework.web.servlet.config.annotation.ViewResolverRegistry; -import org.springframework.web.servlet.config.annotation.WebMvcConfigurationSupport; +import org.springframework.web.servlet.config.annotation.WebMvcConfigurer; /** * 拦截器 @@ -18,59 +13,17 @@ import org.springframework.web.servlet.config.annotation.WebMvcConfigurationSupp * */ @Configuration -public class MyWebAppConfigurer extends WebMvcConfigurationSupport { - - //private static Logger logger=LoggerFactory.getLogger(WebMvcConfigurationSupport.class); - - /** 解决跨域问题 **/ - @Override - public void addCorsMappings(CorsRegistry registry){ - /* - registry.addMapping("/**") - // 设置允许跨域请求的域名 - .allowedOriginPatterns("*") - // 是否允许证书 - .allowCredentials(true) - // 设置允许的方法 - .allowedMethods("GET", "POST", "DELETE", "PUT") - // 设置允许的header属性 - .allowedHeaders("*") - // 跨域允许时间 - .maxAge(3600); - super.addCorsMappings(registry); - */ - } +public class MyWebAppConfigurer implements WebMvcConfigurer { /** 添加拦截器 **/ @Override - protected void addInterceptors(InterceptorRegistry registry){ + public void addInterceptors(InterceptorRegistry registry){ registry.addInterceptor(new MyInterceptor()); - super.addInterceptors(registry); - } - - /** 这里配置视图解析器 **/ - @Override - protected void configureViewResolvers(ViewResolverRegistry registry){ - super.configureViewResolvers(registry); - } - - /** 配置内容裁决的一些选项 **/ - @Override - protected void configureContentNegotiation(ContentNegotiationConfigurer configurer){ - super.configureContentNegotiation(configurer); - } - - /** 视图跳转控制器 **/ - @Override - protected void addViewControllers(ViewControllerRegistry registry) { - - super.addViewControllers(registry); } - /** 静态资源处理 **/ @Override - protected void addResourceHandlers(ResourceHandlerRegistry registry) { + public void addResourceHandlers(ResourceHandlerRegistry registry) { //配置虚拟路径为项目得static下面 registry.addResourceHandler("/static/**").addResourceLocations("classpath:/static/"); //添加swagger @@ -82,18 +35,6 @@ public class MyWebAppConfigurer extends WebMvcConfigurationSupport { registry.addResourceHandler("doc.html").addResourceLocations("classpath:/META-INF/resources/"); registry.addResourceHandler("/webjars/**").addResourceLocations("classpath:/META-INF/resources/webjars/"); - super.addResourceHandlers(registry); - } - /** 默认静态资源处理器 **/ - - protected void configureDefaultServletHandling(DefaultServletHandlerConfigurer configurer) { - //super.configureDefaultServletHandling(configurer); - //configurer.enable("stati"); - super.configureDefaultServletHandling(configurer); - } - - - - -} + +} \ No newline at end of file diff --git a/src/main/java/com/fc/v2/common/log/LogAspect.java b/src/main/java/com/fc/v2/common/log/LogAspect.java index 43650d6f0db90c173680946886ded03217513b73..ef2ff477e8336d4d467a68aa69ef4ad468790d9b 100644 --- a/src/main/java/com/fc/v2/common/log/LogAspect.java +++ b/src/main/java/com/fc/v2/common/log/LogAspect.java @@ -1,12 +1,9 @@ package com.fc.v2.common.log; -import com.fc.v2.model.auto.TsysOperLog; -import com.fc.v2.model.auto.TsysUser; -import com.fc.v2.service.SysOperLogService; -import com.fc.v2.shiro.util.ShiroUtils; -import com.fc.v2.util.ServletUtils; -import com.fc.v2.util.StringUtils; -import com.google.gson.Gson; +import java.lang.reflect.Method; +import java.util.Date; +import java.util.Map; + import org.aspectj.lang.JoinPoint; import org.aspectj.lang.Signature; import org.aspectj.lang.annotation.AfterReturning; @@ -21,9 +18,13 @@ import org.springframework.scheduling.annotation.Async; import org.springframework.scheduling.annotation.EnableAsync; import org.springframework.stereotype.Component; -import java.lang.reflect.Method; -import java.util.Date; -import java.util.Map; +import com.fc.v2.model.auto.TsysOperLog; +import com.fc.v2.model.auto.TsysUser; +import com.fc.v2.satoken.SaTokenUtil; +import com.fc.v2.service.SysOperLogService; +import com.fc.v2.util.ServletUtils; +import com.fc.v2.util.StringUtils; +import com.google.gson.Gson; /** * 操作日志记录处理 @@ -82,13 +83,13 @@ public class LogAspect } // 获取当前的用户 - TsysUser currentUser = ShiroUtils.getUser(); + TsysUser currentUser = SaTokenUtil.getUser(); // *========数据库日志=========*// TsysOperLog operLog = new TsysOperLog(); //赋值操作 - /*String ip = ShiroUtils.getIp(); + /*String ip = SaTokenUtil.getIp(); operLog.setOperIp(ip);*/ // 操作地点 //operLog.setOperLocation(AddressUtils.getRealAddressByIP(ip)); diff --git a/src/main/java/com/fc/v2/controller/AdminController.java b/src/main/java/com/fc/v2/controller/AdminController.java index 38b902fe1ff0004940d86875e4173bffbb564201..53d122fc6354d26df6d61eba352e5325f2c63d1d 100644 --- a/src/main/java/com/fc/v2/controller/AdminController.java +++ b/src/main/java/com/fc/v2/controller/AdminController.java @@ -1,20 +1,13 @@ package com.fc.v2.controller; -import com.fc.v2.common.base.BaseController; -import com.fc.v2.common.domain.AjaxResult; -import com.fc.v2.model.auto.SysNotice; -import com.fc.v2.model.auto.TsysUser; -import com.fc.v2.model.custom.SysMenu; -import com.fc.v2.shiro.util.ShiroUtils; -import com.fc.v2.util.StringUtils; -import com.wf.captcha.utils.CaptchaUtil; -import io.swagger.annotations.ApiOperation; -import org.apache.shiro.SecurityUtils; -import org.apache.shiro.authc.*; -import org.apache.shiro.authz.annotation.RequiresPermissions; -import org.apache.shiro.subject.Subject; +import java.util.List; + +import javax.servlet.http.HttpServletRequest; +import javax.servlet.http.HttpServletResponse; + import org.slf4j.Logger; import org.slf4j.LoggerFactory; +import org.springframework.beans.factory.annotation.Autowired; import org.springframework.stereotype.Controller; import org.springframework.ui.ModelMap; import org.springframework.web.bind.annotation.GetMapping; @@ -22,9 +15,22 @@ import org.springframework.web.bind.annotation.PostMapping; import org.springframework.web.bind.annotation.RequestMapping; import org.springframework.web.bind.annotation.ResponseBody; import org.springframework.web.servlet.mvc.support.RedirectAttributes; -import javax.servlet.http.HttpServletRequest; -import javax.servlet.http.HttpServletResponse; -import java.util.List; + +import com.fc.v2.common.base.BaseController; +import com.fc.v2.common.domain.AjaxResult; +import com.fc.v2.mapper.custom.TsysUserDao; +import com.fc.v2.model.auto.SysNotice; +import com.fc.v2.model.auto.TsysUser; +import com.fc.v2.model.custom.SysMenu; +import com.fc.v2.satoken.SaTokenUtil; +import com.fc.v2.util.ServletUtils; +import com.fc.v2.util.StringUtils; +import com.wf.captcha.utils.CaptchaUtil; + +import cn.dev33.satoken.annotation.SaCheckPermission; +import cn.dev33.satoken.secure.SaSecureUtil; +import cn.dev33.satoken.stp.StpUtil; +import io.swagger.annotations.ApiOperation; /** * 后台方法 @@ -40,13 +46,16 @@ public class AdminController extends BaseController { private static Logger logger = LoggerFactory.getLogger(AdminController.class); private String prefix = "admin"; - + + @Autowired + private TsysUserDao tsysUserDao; + @ApiOperation(value = "首页", notes = "首页") @GetMapping({"", "/index"}) public String index(HttpServletRequest request) { - request.getSession().setAttribute("sessionUserName", ShiroUtils.getUser().getNickname()); + request.getSession().setAttribute("sessionUserName", SaTokenUtil.getUser().getNickname()); // 获取公告信息 - List notices = sysNoticeService.getuserNoticeNotRead(ShiroUtils.getUser(), 0); + List notices = sysNoticeService.getuserNoticeNotRead(SaTokenUtil.getUser(), 0); request.getSession().setAttribute("notices", notices); return prefix + "/index"; } @@ -58,7 +67,7 @@ public class AdminController extends BaseController { @GetMapping("/getUserMenu") @ResponseBody public List getUserMenu(){ - List sysMenus=sysPermissionService.getSysMenus(ShiroUtils.getUserId()); + List sysMenus=sysPermissionService.getSysMenus(SaTokenUtil.getUserId()); return sysMenus; } @@ -75,7 +84,7 @@ public class AdminController extends BaseController { @GetMapping("/login") public String login(ModelMap modelMap) { try { - if ((null != SecurityUtils.getSubject() && SecurityUtils.getSubject().isAuthenticated()) || SecurityUtils.getSubject().isRemembered()) { + if (StpUtil.isLogin()) { return "redirect:/" + prefix + "/index"; } else { System.out.println("--进行登录验证..验证开始"); @@ -119,44 +128,26 @@ public class AdminController extends BaseController { // 判断验证码 if (yz) { String userName = user.getUsername(); - Subject currentUser = SecurityUtils.getSubject(); // 是否验证通过 - if (!currentUser.isAuthenticated()) { - UsernamePasswordToken token = new UsernamePasswordToken(userName, user.getPassword()); - try { - if (rememberMe) { - token.setRememberMe(true); - } - // 存入用户 - currentUser.login(token); - if (StringUtils.isNotNull(ShiroUtils.getUser())) { - // 若为前后端分离版本,则可把sessionId返回,作为分离版本的请求头authToken - // String authToken = ShiroUtils.getSessionId(); - // return AjaxResult.successData(200, authToken); - return AjaxResult.success(); - } else { - return AjaxResult.error(500, "未知账户"); - } - } catch (UnknownAccountException uae) { + if (!StpUtil.isLogin()) { + TsysUser queryUser = tsysUserDao.queryUserName(userName); + // 各种校验 + if (queryUser == null) { logger.info("对用户[" + userName + "]进行登录验证..验证未通过,未知账户"); return AjaxResult.error(500, "未知账户"); - } catch (IncorrectCredentialsException ice) { + } + if (!SaSecureUtil.md5(user.getPassword()).equals(queryUser.getPassword())) { logger.info("对用户[" + userName + "]进行登录验证..验证未通过,错误的凭证"); return AjaxResult.error(500, "用户名或密码不正确"); - } catch (LockedAccountException lae) { - logger.info("对用户[" + userName + "]进行登录验证..验证未通过,账户已锁定"); - return AjaxResult.error(500, "账户已锁定"); - } catch (ExcessiveAttemptsException eae) { - logger.info("对用户[" + userName + "]进行登录验证..验证未通过,错误次数过多"); - return AjaxResult.error(500, "用户名或密码错误次数过多"); - } catch (AuthenticationException ae) { - // 通过处理Shiro的运行时AuthenticationException就可以控制用户登录失败或密码错误时的情景 - logger.info("对用户[" + userName + "]进行登录验证..验证未通过,堆栈轨迹如下"); - ae.printStackTrace(); - return AjaxResult.error(500, "用户名或密码不正确"); } + + // 校验通过,开始登录 + StpUtil.login(queryUser.getId(), rememberMe); + SaTokenUtil.setUser(queryUser); + StpUtil.getTokenSession().set("ip", ServletUtils.getIP(request)); + return AjaxResult.success().put("tokenInfo", StpUtil.getTokenInfo()); } else { - if (StringUtils.isNotNull(ShiroUtils.getUser())) { + if (StringUtils.isNotNull(SaTokenUtil.getUser())) { // 跳转到 get请求的登陆方法 // view.setViewName("redirect:/"+prefix+"/index"); return AjaxResult.success(); @@ -164,6 +155,7 @@ public class AdminController extends BaseController { return AjaxResult.error(500, "未知账户"); } } + } else { return AjaxResult.error(500, "验证码不正确!"); } @@ -197,48 +189,29 @@ public class AdminController extends BaseController { // 判断验证码 if (yz) { String userName = user.getUsername(); - Subject currentUser = SecurityUtils.getSubject(); // 是否验证通过 - if (!currentUser.isAuthenticated()) { - UsernamePasswordToken token = new UsernamePasswordToken(userName, user.getPassword()); - try { - if (rememberMe) { - token.setRememberMe(true); - } - // 存入用户 - currentUser.login(token); - if (StringUtils.isNotNull(ShiroUtils.getUser())) { - // 若为前后端分离版本,则可把sessionId返回,作为分离版本的请求头authToken - String authToken = ShiroUtils.getSessionId(); - return AjaxResult.successData(200, authToken); - //return AjaxResult.success(); - } else { - return AjaxResult.error(500, "未知账户"); - } - } catch (UnknownAccountException uae) { + if (!StpUtil.isLogin()) { + TsysUser queryUser = tsysUserDao.queryUserName(userName); + // 各种校验 + if (queryUser == null) { logger.info("对用户[" + userName + "]进行登录验证..验证未通过,未知账户"); return AjaxResult.error(500, "未知账户"); - } catch (IncorrectCredentialsException ice) { + } + if (SaSecureUtil.md5(user.getPassword()).equals(queryUser.getPassword())) { logger.info("对用户[" + userName + "]进行登录验证..验证未通过,错误的凭证"); return AjaxResult.error(500, "用户名或密码不正确"); - } catch (LockedAccountException lae) { - logger.info("对用户[" + userName + "]进行登录验证..验证未通过,账户已锁定"); - return AjaxResult.error(500, "账户已锁定"); - } catch (ExcessiveAttemptsException eae) { - logger.info("对用户[" + userName + "]进行登录验证..验证未通过,错误次数过多"); - return AjaxResult.error(500, "用户名或密码错误次数过多"); - } catch (AuthenticationException ae) { - // 通过处理Shiro的运行时AuthenticationException就可以控制用户登录失败或密码错误时的情景 - logger.info("对用户[" + userName + "]进行登录验证..验证未通过,堆栈轨迹如下"); - ae.printStackTrace(); - return AjaxResult.error(500, "用户名或密码不正确"); } + + // 校验通过,开始登录 + StpUtil.login(queryUser.getId(), rememberMe); + SaTokenUtil.setUser(queryUser); + StpUtil.getTokenSession().set("ip", ServletUtils.getIP(request)); + return AjaxResult.success().put("tokenInfo", StpUtil.getTokenInfo()); } else { - if (StringUtils.isNotNull(ShiroUtils.getUser())) { + if (StringUtils.isNotNull(SaTokenUtil.getUser())) { // 跳转到 get请求的登陆方法 // view.setViewName("redirect:/"+prefix+"/index"); - String authToken = ShiroUtils.getSessionId(); - return AjaxResult.successData(200, authToken); + return AjaxResult.successData(200, StpUtil.getTokenValue()); } else { return AjaxResult.error(500, "未知账户"); } @@ -259,9 +232,9 @@ public class AdminController extends BaseController { @ResponseBody public AjaxResult LoginOut(HttpServletRequest request, HttpServletResponse response) { // 在这里执行退出系统前需要清空的数据 - Subject subject = SecurityUtils.getSubject(); + // ... // 注销 - subject.logout(); + StpUtil.logout(); return success(); } @@ -296,7 +269,7 @@ public class AdminController extends BaseController { */ @ApiOperation(value = "权限测试跳转页面", notes = "权限测试跳转页面") @GetMapping("Outqx") - @RequiresPermissions("system:user:asd") + @SaCheckPermission("system:user:asd") public String Outqx(HttpServletRequest request, HttpServletResponse response) { return "redirect:/error/500"; diff --git a/src/main/java/com/fc/v2/controller/admin/AutoCodeController.java b/src/main/java/com/fc/v2/controller/admin/AutoCodeController.java index 5540a011808e4b231664addfa1ae3ab3291bc488..0b1527ee32375fecd7dd488980eeed2a89095b76 100644 --- a/src/main/java/com/fc/v2/controller/admin/AutoCodeController.java +++ b/src/main/java/com/fc/v2/controller/admin/AutoCodeController.java @@ -6,9 +6,19 @@ import java.util.ArrayList; import java.util.List; import java.util.Map; import java.util.zip.ZipOutputStream; + import javax.servlet.http.HttpServletResponse; -import io.swagger.annotations.Api; -import io.swagger.annotations.ApiOperation; + +import org.apache.commons.io.IOUtils; +import org.springframework.beans.factory.annotation.Autowired; +import org.springframework.stereotype.Controller; +import org.springframework.ui.ModelMap; +import org.springframework.web.bind.annotation.GetMapping; +import org.springframework.web.bind.annotation.PostMapping; +import org.springframework.web.bind.annotation.RequestBody; +import org.springframework.web.bind.annotation.RequestMapping; +import org.springframework.web.bind.annotation.ResponseBody; + import com.fc.v2.common.base.BaseController; import com.fc.v2.common.domain.AjaxResult; import com.fc.v2.common.domain.ResuTree; @@ -24,16 +34,10 @@ import com.fc.v2.service.DictService; import com.fc.v2.service.GeneratorService; import com.fc.v2.service.SysDictTypeService; import com.fc.v2.util.AutoCode.AutoCodeUtil; -import org.apache.commons.io.IOUtils; -import org.apache.shiro.authz.annotation.RequiresPermissions; -import org.springframework.beans.factory.annotation.Autowired; -import org.springframework.stereotype.Controller; -import org.springframework.ui.ModelMap; -import org.springframework.web.bind.annotation.GetMapping; -import org.springframework.web.bind.annotation.PostMapping; -import org.springframework.web.bind.annotation.RequestBody; -import org.springframework.web.bind.annotation.RequestMapping; -import org.springframework.web.bind.annotation.ResponseBody; + +import cn.dev33.satoken.annotation.SaCheckPermission; +import io.swagger.annotations.Api; +import io.swagger.annotations.ApiOperation; /** * 代码自动生成 @@ -69,7 +73,7 @@ public class AutoCodeController extends BaseController { */ @ApiOperation(value = " 代码自动生成全局配置", notes = "代码自动生成全局配置") @GetMapping("/global") - @RequiresPermissions("system:autocode:global") + @SaCheckPermission("system:autocode:global") public String global(ModelMap modelMap) { modelMap.put("author", AutoCodeConfig.getConfig().getProperty("author")); diff --git a/src/main/java/com/fc/v2/controller/admin/DictDataController.java b/src/main/java/com/fc/v2/controller/admin/DictDataController.java index 3e3b331e1fa7de909a2339288aad90bf7ee02768..87e421fb3b325f8f9fe61a1dc7a9ea1cc86da4ef 100644 --- a/src/main/java/com/fc/v2/controller/admin/DictDataController.java +++ b/src/main/java/com/fc/v2/controller/admin/DictDataController.java @@ -1,5 +1,18 @@ package com.fc.v2.controller.admin; +import org.springframework.beans.factory.annotation.Autowired; +import org.springframework.stereotype.Controller; +import org.springframework.ui.Model; +import org.springframework.ui.ModelMap; +import org.springframework.web.bind.annotation.DeleteMapping; +import org.springframework.web.bind.annotation.GetMapping; +import org.springframework.web.bind.annotation.PathVariable; +import org.springframework.web.bind.annotation.PostMapping; +import org.springframework.web.bind.annotation.PutMapping; +import org.springframework.web.bind.annotation.RequestBody; +import org.springframework.web.bind.annotation.RequestMapping; +import org.springframework.web.bind.annotation.ResponseBody; + import com.fc.v2.common.base.BaseController; import com.fc.v2.common.domain.AjaxResult; import com.fc.v2.model.auto.TSysDictData; @@ -7,14 +20,10 @@ import com.fc.v2.model.custom.Tablepar; import com.fc.v2.service.SysDictDataService; import com.fc.v2.service.SysDictTypeService; import com.github.pagehelper.PageInfo; + +import cn.dev33.satoken.annotation.SaCheckPermission; import io.swagger.annotations.Api; import io.swagger.annotations.ApiOperation; -import org.apache.shiro.authz.annotation.RequiresPermissions; -import org.springframework.beans.factory.annotation.Autowired; -import org.springframework.stereotype.Controller; -import org.springframework.ui.Model; -import org.springframework.ui.ModelMap; -import org.springframework.web.bind.annotation.*; /** * 字典表Controller @@ -41,7 +50,7 @@ public class DictDataController extends BaseController{ */ @ApiOperation(value = "分页跳转", notes = "分页跳转") @GetMapping("/view") - @RequiresPermissions("system:dictData:view") + @SaCheckPermission("system:dictData:view") public String view(ModelMap model,String dictId) { model.addAttribute("dictId",dictId); @@ -58,7 +67,7 @@ public class DictDataController extends BaseController{ //@Log(title = "字典数据表集合查询", action = "1") @ApiOperation(value = "分页查询", notes = "分页查询") @GetMapping("/list") - @RequiresPermissions("system:dictData:list") + @SaCheckPermission("system:dictData:list") @ResponseBody public Object list(Tablepar tablepar,String searchText,String dictId){ PageInfo page=tSysDictDataService.list(tablepar,searchText,dictId) ; @@ -88,7 +97,7 @@ public class DictDataController extends BaseController{ //@Log(title = "字典数据表新增", action = "1") @ApiOperation(value = "新增", notes = "新增") @PostMapping("/add") - @RequiresPermissions("system:dictData:add") + @SaCheckPermission("system:dictData:add") @ResponseBody public AjaxResult add(TSysDictData tSysDictData, Model model){ int b=tSysDictDataService.insertSelective(tSysDictData); @@ -107,7 +116,7 @@ public class DictDataController extends BaseController{ //@Log(title = "字典数据表删除", action = "1") @ApiOperation(value = "删除", notes = "删除") @DeleteMapping("/remove") - @RequiresPermissions("system:dictData:remove") + @SaCheckPermission("system:dictData:remove") @ResponseBody public AjaxResult remove(String ids){ int b=tSysDictDataService.deleteByPrimaryKey(ids); @@ -156,7 +165,7 @@ public class DictDataController extends BaseController{ */ //@Log(title = "字典数据表修改", action = "1") @ApiOperation(value = "修改保存", notes = "修改保存") - @RequiresPermissions("system:dictData:edit") + @SaCheckPermission("system:dictData:edit") @PostMapping("/edit") @ResponseBody public AjaxResult editSave(TSysDictData record) diff --git a/src/main/java/com/fc/v2/controller/admin/DictTypeController.java b/src/main/java/com/fc/v2/controller/admin/DictTypeController.java index c9c96888b0ed0e32b0d3cd7eacea5fbda63a5bae..87abd21dd5f1f52ab9a558baf895355b67307eb8 100644 --- a/src/main/java/com/fc/v2/controller/admin/DictTypeController.java +++ b/src/main/java/com/fc/v2/controller/admin/DictTypeController.java @@ -9,7 +9,7 @@ import com.fc.v2.service.SysDictTypeService; import com.github.pagehelper.PageInfo; import io.swagger.annotations.Api; import io.swagger.annotations.ApiOperation; -import org.apache.shiro.authz.annotation.RequiresPermissions; +import cn.dev33.satoken.annotation.SaCheckPermission; import org.springframework.beans.factory.annotation.Autowired; import org.springframework.stereotype.Controller; import org.springframework.ui.Model; @@ -39,7 +39,7 @@ public class DictTypeController extends BaseController{ */ @ApiOperation(value = "分页跳转", notes = "分页跳转") @GetMapping("/view") - @RequiresPermissions("system:dictType:view") + @SaCheckPermission("system:dictType:view") public String view(ModelMap model) { return prefix + "/list"; @@ -54,7 +54,7 @@ public class DictTypeController extends BaseController{ //@Log(title = "字典类型表集合查询", action = "111") @ApiOperation(value = "分页查询", notes = "分页查询") @GetMapping("/list") - @RequiresPermissions("system:dictType:list") + @SaCheckPermission("system:dictType:list") @ResponseBody public ResultTable list(Tablepar tablepar, String searchText){ PageInfo page=tSysDictTypeService.list(tablepar,searchText) ; @@ -82,7 +82,7 @@ public class DictTypeController extends BaseController{ //@Log(title = "字典类型表新增", action = "111") @ApiOperation(value = "新增", notes = "新增") @PostMapping("/add") - @RequiresPermissions("system:dictType:add") + @SaCheckPermission("system:dictType:add") @ResponseBody public AjaxResult add(TSysDictType tSysDictType,Model model){ int b=tSysDictTypeService.insertSelective(tSysDictType); @@ -101,7 +101,7 @@ public class DictTypeController extends BaseController{ //@Log(title = "字典类型表删除", action = "111") @ApiOperation(value = "删除", notes = "删除") @DeleteMapping("/remove") - @RequiresPermissions("system:dictType:remove") + @SaCheckPermission("system:dictType:remove") @ResponseBody public AjaxResult remove(String ids){ int b=tSysDictTypeService.deleteByPrimaryKey(ids); @@ -149,7 +149,7 @@ public class DictTypeController extends BaseController{ */ //@Log(title = "字典类型表修改", action = "111") @ApiOperation(value = "修改保存", notes = "修改保存") - @RequiresPermissions("system:dictType:edit") + @SaCheckPermission("system:dictType:edit") @PostMapping("/edit") @ResponseBody public AjaxResult editSave(TSysDictType record) diff --git a/src/main/java/com/fc/v2/controller/admin/EmailController.java b/src/main/java/com/fc/v2/controller/admin/EmailController.java index 94ddc464b1367e890434baceb28a34c8b309cbbc..77dc36c7bfec9615774d18f05c7a56f769632166 100644 --- a/src/main/java/com/fc/v2/controller/admin/EmailController.java +++ b/src/main/java/com/fc/v2/controller/admin/EmailController.java @@ -11,7 +11,7 @@ import com.fc.v2.util.SimpleEmailUtil; import com.github.pagehelper.PageInfo; import io.swagger.annotations.Api; import io.swagger.annotations.ApiOperation; -import org.apache.shiro.authz.annotation.RequiresPermissions; +import cn.dev33.satoken.annotation.SaCheckPermission; import org.springframework.beans.factory.annotation.Autowired; import org.springframework.stereotype.Controller; import org.springframework.ui.Model; @@ -45,7 +45,7 @@ public class EmailController extends BaseController{ */ @ApiOperation(value = "分页跳转", notes = "分页跳转") @GetMapping("/view") - @RequiresPermissions("system:email:view") + @SaCheckPermission("system:email:view") public String view(ModelMap model) { return prefix + "/list"; @@ -59,7 +59,7 @@ public class EmailController extends BaseController{ */ @ApiOperation(value = "分页查询", notes = "分页查询") @GetMapping("/list") - @RequiresPermissions("system:email:list") + @SaCheckPermission("system:email:list") @ResponseBody public ResultTable list(Tablepar tablepar, String searchText){ PageInfo page=tSysEmailService.list(tablepar,searchText) ; @@ -88,7 +88,7 @@ public class EmailController extends BaseController{ //@Log(title = "新增邮件", action = "1") @ApiOperation(value = "新增", notes = "新增") @PostMapping("/add") - @RequiresPermissions("system:email:add") + @SaCheckPermission("system:email:add") @ResponseBody public AjaxResult add(@RequestBody TSysEmail tSysEmail,Model model) throws Exception{ int b=tSysEmailService.insertSelective(tSysEmail); @@ -109,7 +109,7 @@ public class EmailController extends BaseController{ //@Log(title = "删除邮件", action = "1") @ApiOperation(value = "删除", notes = "删除") @DeleteMapping("/remove") - @RequiresPermissions("system:email:remove") + @SaCheckPermission("system:email:remove") @ResponseBody public AjaxResult remove(String ids){ int b=tSysEmailService.deleteByPrimaryKey(ids); diff --git a/src/main/java/com/fc/v2/controller/admin/FileController.java b/src/main/java/com/fc/v2/controller/admin/FileController.java index 6d458b3a6a889588cdd1ed483bed082991b3c449..00d074f4ceb62e628c06b38581e4893e3f02ef46 100644 --- a/src/main/java/com/fc/v2/controller/admin/FileController.java +++ b/src/main/java/com/fc/v2/controller/admin/FileController.java @@ -5,7 +5,7 @@ import com.fc.v2.common.domain.AjaxResult; import com.fc.v2.model.auto.SysFile; import io.swagger.annotations.Api; import io.swagger.annotations.ApiOperation; -import org.apache.shiro.authz.annotation.RequiresPermissions; +import cn.dev33.satoken.annotation.SaCheckPermission; import org.springframework.beans.factory.annotation.Autowired; import org.springframework.stereotype.Controller; import org.springframework.ui.ModelMap; @@ -39,7 +39,7 @@ public class FileController extends BaseController{ */ @ApiOperation(value = "分页跳转", notes = "分页跳转") @GetMapping("/view") - @RequiresPermissions("system:file:view") + @SaCheckPermission("system:file:view") public String view(ModelMap model) { model.put("bucketURL",template.getOssProperties().getEndpoint()+"/"+template.getOssProperties().getBucketName()); @@ -54,7 +54,7 @@ public class FileController extends BaseController{ */ @ApiOperation(value = "分页查询", notes = "分页查询") @GetMapping("/list") - @RequiresPermissions("system:file:list") + @SaCheckPermission("system:file:list") @ResponseBody public Object list(Tablepar tablepar,String searchText){ PageInfo page=sysFileService.list(tablepar,searchText) ; @@ -118,7 +118,7 @@ public class FileController extends BaseController{ //@Log(title = "删除日志", action = "1") @ApiOperation(value = "删除", notes = "删除") @DeleteMapping("/remove") - @RequiresPermissions("system:file:remove") + @SaCheckPermission("system:file:remove") @ResponseBody public AjaxResult remove(String ids){ int b=sysFileService.deleteByPrimaryKey(ids); diff --git a/src/main/java/com/fc/v2/controller/admin/LogController.java b/src/main/java/com/fc/v2/controller/admin/LogController.java index 5c745b801b8c963287c3fea7ad2a950c3a8ade18..e257b8cd7f15f52b2a5599826abb797069705ee7 100644 --- a/src/main/java/com/fc/v2/controller/admin/LogController.java +++ b/src/main/java/com/fc/v2/controller/admin/LogController.java @@ -8,7 +8,7 @@ import com.fc.v2.model.custom.Tablepar; import com.github.pagehelper.PageInfo; import io.swagger.annotations.Api; import io.swagger.annotations.ApiOperation; -import org.apache.shiro.authz.annotation.RequiresPermissions; +import cn.dev33.satoken.annotation.SaCheckPermission; import org.springframework.stereotype.Controller; import org.springframework.ui.ModelMap; import org.springframework.web.bind.annotation.*; @@ -33,7 +33,7 @@ public class LogController extends BaseController{ */ @ApiOperation(value = "分页跳转", notes = "分页跳转") @GetMapping("/view") - @RequiresPermissions("system:log:view") + @SaCheckPermission("system:log:view") public String view(ModelMap model) { return prefix + "/list"; @@ -47,7 +47,7 @@ public class LogController extends BaseController{ */ @ApiOperation(value = "分页查询", notes = "分页查询") @GetMapping("/list") - @RequiresPermissions("system:log:list") + @SaCheckPermission("system:log:list") @ResponseBody public ResultTable list(Tablepar tablepar, String searchText){ PageInfo page=sysOperLogService.list(tablepar,searchText) ; @@ -63,7 +63,7 @@ public class LogController extends BaseController{ //@Log(title = "删除日志", action = "1") @ApiOperation(value = "删除", notes = "删除") @DeleteMapping("/remove") - @RequiresPermissions("system:log:remove") + @SaCheckPermission("system:log:remove") @ResponseBody public AjaxResult remove(String ids){ int b=sysOperLogService.deleteByPrimaryKey(ids); diff --git a/src/main/java/com/fc/v2/controller/admin/PermissionController.java b/src/main/java/com/fc/v2/controller/admin/PermissionController.java index 53bbcab20713771d329b32cea02888a4bf6d5dbd..2228456b62486178ed696b69f68c471f4dacfcce 100644 --- a/src/main/java/com/fc/v2/controller/admin/PermissionController.java +++ b/src/main/java/com/fc/v2/controller/admin/PermissionController.java @@ -1,21 +1,31 @@ package com.fc.v2.controller.admin; +import java.util.List; + +import org.springframework.stereotype.Controller; +import org.springframework.ui.Model; +import org.springframework.ui.ModelMap; +import org.springframework.web.bind.annotation.DeleteMapping; +import org.springframework.web.bind.annotation.GetMapping; +import org.springframework.web.bind.annotation.PathVariable; +import org.springframework.web.bind.annotation.PostMapping; +import org.springframework.web.bind.annotation.PutMapping; +import org.springframework.web.bind.annotation.RequestBody; +import org.springframework.web.bind.annotation.RequestMapping; +import org.springframework.web.bind.annotation.ResponseBody; + import com.fc.v2.common.base.BaseController; import com.fc.v2.common.domain.AjaxResult; import com.fc.v2.common.domain.ResuTree; import com.fc.v2.common.domain.ResultTable; import com.fc.v2.model.auto.TsysPermission; import com.fc.v2.model.custom.Tablepar; -import com.fc.v2.shiro.util.ShiroUtils; import com.github.pagehelper.PageInfo; + +import cn.dev33.satoken.annotation.SaCheckPermission; +import cn.dev33.satoken.session.SaSessionCustomUtil; import io.swagger.annotations.Api; import io.swagger.annotations.ApiOperation; -import org.apache.shiro.authz.annotation.RequiresPermissions; -import org.springframework.stereotype.Controller; -import org.springframework.ui.Model; -import org.springframework.ui.ModelMap; -import org.springframework.web.bind.annotation.*; -import java.util.List; /** * 权限Controller @@ -39,7 +49,7 @@ public class PermissionController extends BaseController{ */ @ApiOperation(value = "分页跳转", notes = "分页跳转") @GetMapping("/view") - @RequiresPermissions("system:permission:view") + @SaCheckPermission("system:permission:view") public String view(ModelMap model) { return prefix + "/list"; @@ -53,7 +63,7 @@ public class PermissionController extends BaseController{ */ @ApiOperation(value = "分页查询", notes = "分页查询") @PostMapping("/list") - @RequiresPermissions("system:permission:list") + @SaCheckPermission("system:permission:list") @ResponseBody public ResultTable list(Tablepar tablepar,String searchText){ PageInfo page= sysPermissionService.list(tablepar, searchText) ; @@ -80,7 +90,7 @@ public class PermissionController extends BaseController{ //@Log(title = "权限添加", action = "1") @ApiOperation(value = "新增", notes = "新增") @PostMapping("/add") - @RequiresPermissions("system:permission:add") + @SaCheckPermission("system:permission:add") @ResponseBody public AjaxResult add(@RequestBody TsysPermission tsysPermission){ int b= sysPermissionService.insertSelective(tsysPermission); @@ -99,7 +109,7 @@ public class PermissionController extends BaseController{ //@Log(title = "删除权限", action = "1") @ApiOperation(value = "删除", notes = "删除") @DeleteMapping("/remove") - @RequiresPermissions("system:permission:remove") + @SaCheckPermission("system:permission:remove") @ResponseBody public AjaxResult remove(String ids){ int b= sysPermissionService.deleteByPrimaryKey(ids); @@ -189,7 +199,7 @@ public class PermissionController extends BaseController{ */ //@Log(title = "修改保存权限", action = "1") @ApiOperation(value = "修改保存", notes = "修改保存") - @RequiresPermissions("system:permission:edit") + @SaCheckPermission("system:permission:edit") @PostMapping("/edit") @ResponseBody public AjaxResult editSave(@RequestBody TsysPermission TsysPermission) @@ -233,7 +243,7 @@ public class PermissionController extends BaseController{ */ //@Log(title = "修改保存角色", action = "1") @ApiOperation(value = "授权保存", notes = "授权保存") - @RequiresPermissions("system:role:edit") + @SaCheckPermission("system:role:edit") @PutMapping("/saveRolePower") @ResponseBody public AjaxResult saveRolePower(String roleId,String powerIds) @@ -241,7 +251,7 @@ public class PermissionController extends BaseController{ int i=sysRoleService.updateRoleAndPrem(roleId,powerIds); if(i>0) { //大于0刷新权限 - ShiroUtils.clearCachedAuthorizationInfo(); + SaSessionCustomUtil.getSessionById("role-" + roleId).delete("Permission_List"); } return toAjax(i); } diff --git a/src/main/java/com/fc/v2/controller/admin/QuartzJobController.java b/src/main/java/com/fc/v2/controller/admin/QuartzJobController.java index b4e465f3a9780ed03ea39ad707b550738217047c..77883a77929d20543020c5d4606c7f546014129a 100644 --- a/src/main/java/com/fc/v2/controller/admin/QuartzJobController.java +++ b/src/main/java/com/fc/v2/controller/admin/QuartzJobController.java @@ -9,7 +9,7 @@ import com.fc.v2.service.SysQuartzJobService; import com.github.pagehelper.PageInfo; import io.swagger.annotations.Api; import io.swagger.annotations.ApiOperation; -import org.apache.shiro.authz.annotation.RequiresPermissions; +import cn.dev33.satoken.annotation.SaCheckPermission; import org.quartz.SchedulerException; import org.springframework.beans.factory.annotation.Autowired; import org.springframework.stereotype.Controller; @@ -40,7 +40,7 @@ public class QuartzJobController extends BaseController{ */ @ApiOperation(value = "分页跳转", notes = "分页跳转") @GetMapping("/view") - @RequiresPermissions("gen:sysQuartzJob:view") + @SaCheckPermission("gen:sysQuartzJob:view") public String view(ModelMap model) { return prefix + "/list"; @@ -54,7 +54,7 @@ public class QuartzJobController extends BaseController{ //@Log(title = "定时任务调度表集合查询", action = "111") @ApiOperation(value = "定时任务调度list", notes = "定时任务调度list") @GetMapping("/list") - @RequiresPermissions("gen:sysQuartzJob:list") + @SaCheckPermission("gen:sysQuartzJob:list") @ResponseBody public ResultTable list(Tablepar tablepar, String searchText){ PageInfo page=sysQuartzJobService.list(tablepar,searchText) ; @@ -83,7 +83,7 @@ public class QuartzJobController extends BaseController{ //@Log(title = "定时任务调度表新增", action = "111") @ApiOperation(value = "新增", notes = "新增") @PostMapping("/add") - @RequiresPermissions("gen:sysQuartzJob:add") + @SaCheckPermission("gen:sysQuartzJob:add") @ResponseBody public AjaxResult add(SysQuartzJob sysQuartzJob){ int b=sysQuartzJobService.insertSelective(sysQuartzJob); @@ -102,7 +102,7 @@ public class QuartzJobController extends BaseController{ //@Log(title = "定时任务调度表删除", action = "111") @ApiOperation(value = "删除", notes = "删除") @DeleteMapping("/remove") - @RequiresPermissions("gen:sysQuartzJob:remove") + @SaCheckPermission("gen:sysQuartzJob:remove") @ResponseBody public AjaxResult remove(String ids){ int b=sysQuartzJobService.deleteByPrimaryKey(ids); @@ -151,7 +151,7 @@ public class QuartzJobController extends BaseController{ */ //@Log(title = "定时任务调度表修改", action = "111") @ApiOperation(value = "修改保存", notes = "修改保存") - @RequiresPermissions("gen:sysQuartzJob:edit") + @SaCheckPermission("gen:sysQuartzJob:edit") @PostMapping("/edit") @ResponseBody public AjaxResult editSave(SysQuartzJob record) diff --git a/src/main/java/com/fc/v2/controller/admin/QuartzJobLogController.java b/src/main/java/com/fc/v2/controller/admin/QuartzJobLogController.java index f4765f05974db0bd050614a655a940380eb4af3f..778aab5f3d2f6a9c3f2b985743abef315e09cf2c 100644 --- a/src/main/java/com/fc/v2/controller/admin/QuartzJobLogController.java +++ b/src/main/java/com/fc/v2/controller/admin/QuartzJobLogController.java @@ -9,7 +9,7 @@ import com.fc.v2.service.SysQuartzJobLogService; import com.github.pagehelper.PageInfo; import io.swagger.annotations.Api; import io.swagger.annotations.ApiOperation; -import org.apache.shiro.authz.annotation.RequiresPermissions; +import cn.dev33.satoken.annotation.SaCheckPermission; import org.springframework.beans.factory.annotation.Autowired; import org.springframework.stereotype.Controller; import org.springframework.ui.ModelMap; @@ -39,7 +39,7 @@ public class QuartzJobLogController extends BaseController{ */ @ApiOperation(value = "分页跳转", notes = "分页跳转") @GetMapping("/view") - @RequiresPermissions("gen:sysQuartzJobLog:view") + @SaCheckPermission("gen:sysQuartzJobLog:view") public String view(ModelMap model) { return prefix + "/list"; @@ -56,7 +56,7 @@ public class QuartzJobLogController extends BaseController{ //@Log(title = "定时任务调度日志表集合查询", action = "111") @ApiOperation(value = "分页查询", notes = "分页查询") @GetMapping("/list") - @RequiresPermissions("gen:sysQuartzJobLog:list") + @SaCheckPermission("gen:sysQuartzJobLog:list") @ResponseBody public ResultTable list(Tablepar tablepar, String searchText){ PageInfo page=sysQuartzJobLogService.list(tablepar,searchText) ; @@ -91,7 +91,7 @@ public class QuartzJobLogController extends BaseController{ //@Log(title = "定时任务调度日志表删除", action = "111") @ApiOperation(value = "定时任务日志删除", notes = "定时任务日志删除") @DeleteMapping("/remove") - @RequiresPermissions("gen:sysQuartzJobLog:remove") + @SaCheckPermission("gen:sysQuartzJobLog:remove") @ResponseBody public AjaxResult remove(String ids){ int b=sysQuartzJobLogService.deleteByPrimaryKey(ids); diff --git a/src/main/java/com/fc/v2/controller/admin/RoleController.java b/src/main/java/com/fc/v2/controller/admin/RoleController.java index c82770f6780dc3c9204a28baa6d715abca1989fd..88e3a3637a43344882a7e1702918e26f8533155d 100644 --- a/src/main/java/com/fc/v2/controller/admin/RoleController.java +++ b/src/main/java/com/fc/v2/controller/admin/RoleController.java @@ -8,7 +8,7 @@ import com.fc.v2.model.custom.Tablepar; import com.github.pagehelper.PageInfo; import io.swagger.annotations.Api; import io.swagger.annotations.ApiOperation; -import org.apache.shiro.authz.annotation.RequiresPermissions; +import cn.dev33.satoken.annotation.SaCheckPermission; import org.springframework.stereotype.Controller; import org.springframework.ui.ModelMap; import org.springframework.web.bind.annotation.*; @@ -36,7 +36,7 @@ public class RoleController extends BaseController{ */ @ApiOperation(value = "分页跳转", notes = "分页跳转") @GetMapping("/view") - @RequiresPermissions("system:role:view") + @SaCheckPermission("system:role:view") public String view(ModelMap model) { return prefix + "/list"; @@ -50,7 +50,7 @@ public class RoleController extends BaseController{ */ @ApiOperation(value = "分页查询", notes = "分页查询") @GetMapping("/list") - @RequiresPermissions("system:role:list") + @SaCheckPermission("system:role:list") @ResponseBody public ResultTable list(Tablepar tablepar){ PageInfo page=sysRoleService.list(tablepar) ; @@ -76,7 +76,7 @@ public class RoleController extends BaseController{ //@Log(title = "角色添加", action = "1") @ApiOperation(value = "新增", notes = "新增") @PostMapping("/add") - @RequiresPermissions("system:role:add") + @SaCheckPermission("system:role:add") @ResponseBody public AjaxResult add(@RequestBody TsysRole role){ int b=sysRoleService.insertSelective(role); @@ -95,7 +95,7 @@ public class RoleController extends BaseController{ //@Log(title = "删除角色", action = "1") @ApiOperation(value = "删除", notes = "删除") @DeleteMapping("/remove") - @RequiresPermissions("system:role:remove") + @SaCheckPermission("system:role:remove") @ResponseBody public AjaxResult remove(String ids){ int b=sysRoleService.deleteByPrimaryKey(ids); @@ -145,7 +145,7 @@ public class RoleController extends BaseController{ */ //@Log(title = "修改保存角色", action = "1") @ApiOperation(value = "修改保存", notes = "修改保存") - @RequiresPermissions("system:role:edit") + @SaCheckPermission("system:role:edit") @PutMapping("/edit") @ResponseBody public AjaxResult editSave(@RequestBody TsysRole tsysRole) diff --git a/src/main/java/com/fc/v2/controller/admin/ServiceController.java b/src/main/java/com/fc/v2/controller/admin/ServiceController.java index 2eb3a596fbd47f9629fc9e2cc248ae729371630d..302239761d25ed8b4d4dba85ac544a1c0f1c7e2f 100644 --- a/src/main/java/com/fc/v2/controller/admin/ServiceController.java +++ b/src/main/java/com/fc/v2/controller/admin/ServiceController.java @@ -6,7 +6,7 @@ import com.fc.v2.model.auto.TsysOperLog; import com.fc.v2.model.custom.Service; import io.swagger.annotations.Api; import io.swagger.annotations.ApiOperation; -import org.apache.shiro.authz.annotation.RequiresPermissions; +import cn.dev33.satoken.annotation.SaCheckPermission; import org.springframework.stereotype.Controller; import org.springframework.ui.ModelMap; import org.springframework.web.bind.annotation.GetMapping; @@ -39,7 +39,7 @@ public class ServiceController extends BaseController{ */ @ApiOperation(value = "展示页面", notes = "展示页面") @GetMapping("/view") - @RequiresPermissions("system:service:view") + @SaCheckPermission("system:service:view") public String view(ModelMap model) { List sysNotices= sysNoticeService.getNEW(); diff --git a/src/main/java/com/fc/v2/controller/admin/SysAreaController.java b/src/main/java/com/fc/v2/controller/admin/SysAreaController.java index 374daaf061b69b1dc0932670622faa460b4b2beb..74c55e8254e6d2e05eefd1364c8a0e504906e294 100644 --- a/src/main/java/com/fc/v2/controller/admin/SysAreaController.java +++ b/src/main/java/com/fc/v2/controller/admin/SysAreaController.java @@ -13,7 +13,7 @@ import io.swagger.annotations.ApiOperation; import java.util.List; -import org.apache.shiro.authz.annotation.RequiresPermissions; +import cn.dev33.satoken.annotation.SaCheckPermission; import org.springframework.beans.factory.annotation.Autowired; import org.springframework.stereotype.Controller; import org.springframework.ui.ModelMap; @@ -46,7 +46,7 @@ public class SysAreaController extends BaseController{ */ @ApiOperation(value = "分页跳转", notes = "分页跳转") @GetMapping("/view") - @RequiresPermissions("gen:sysArea:view") + @SaCheckPermission("gen:sysArea:view") public String view(ModelMap model) { return prefix + "/list"; @@ -63,7 +63,7 @@ public class SysAreaController extends BaseController{ //@Log(title = "地区设置集合查询", action = "111") @ApiOperation(value = "分页跳转", notes = "分页跳转") @GetMapping("/list") - @RequiresPermissions("gen:sysArea:list") + @SaCheckPermission("gen:sysArea:list") @ResponseBody public Object list(Tablepar tablepar,String searchText){ PageInfo page=sysAreaService.list(tablepar,searchText) ; @@ -92,7 +92,7 @@ public class SysAreaController extends BaseController{ //@Log(title = "地区设置新增", action = "111") @ApiOperation(value = "新增", notes = "新增") @PostMapping("/add") - @RequiresPermissions("gen:sysArea:add") + @SaCheckPermission("gen:sysArea:add") @ResponseBody public AjaxResult add(SysArea sysArea){ int b=sysAreaService.insertSelective(sysArea); @@ -111,7 +111,7 @@ public class SysAreaController extends BaseController{ //@Log(title = "地区设置删除", action = "111") @ApiOperation(value = "删除", notes = "删除") @DeleteMapping("/remove") - @RequiresPermissions("gen:sysArea:remove") + @SaCheckPermission("gen:sysArea:remove") @ResponseBody public AjaxResult remove(String ids){ int b=sysAreaService.deleteByPrimaryKey(ids); @@ -161,7 +161,7 @@ public class SysAreaController extends BaseController{ */ //@Log(title = "地区设置修改", action = "111") @ApiOperation(value = "修改保存", notes = "修改保存") - @RequiresPermissions("gen:sysArea:edit") + @SaCheckPermission("gen:sysArea:edit") @PostMapping("/edit") @ResponseBody public AjaxResult editSave(SysArea record) diff --git a/src/main/java/com/fc/v2/controller/admin/SysCityController.java b/src/main/java/com/fc/v2/controller/admin/SysCityController.java index 87fe6b7c52809732c06192d415d01f580765838c..08d9fccd61414bdcfb42007336a20bae0a168fb2 100644 --- a/src/main/java/com/fc/v2/controller/admin/SysCityController.java +++ b/src/main/java/com/fc/v2/controller/admin/SysCityController.java @@ -2,7 +2,7 @@ package com.fc.v2.controller.admin; import java.util.List; -import org.apache.shiro.authz.annotation.RequiresPermissions; +import cn.dev33.satoken.annotation.SaCheckPermission; import org.springframework.beans.factory.annotation.Autowired; import org.springframework.stereotype.Controller; import org.springframework.ui.ModelMap; @@ -45,7 +45,7 @@ public class SysCityController extends BaseController{ */ @ApiOperation(value = "分页跳转", notes = "分页跳转") @GetMapping("/view") - @RequiresPermissions("gen:sysCity:view") + @SaCheckPermission("gen:sysCity:view") public String view(ModelMap model) { return prefix + "/list"; @@ -60,7 +60,7 @@ public class SysCityController extends BaseController{ //@Log(title = "城市设置集合查询", action = "111") @ApiOperation(value = "分页查询", notes = "分页查询") @GetMapping("/list") - @RequiresPermissions("gen:sysCity:list") + @SaCheckPermission("gen:sysCity:list") @ResponseBody public Object list(Tablepar tablepar,String searchText){ PageInfo page=sysCityService.list(tablepar,searchText) ; @@ -88,7 +88,7 @@ public class SysCityController extends BaseController{ //@Log(title = "城市设置新增", action = "111") @ApiOperation(value = "新增", notes = "新增") @PostMapping("/add") - @RequiresPermissions("gen:sysCity:add") + @SaCheckPermission("gen:sysCity:add") @ResponseBody public AjaxResult add(SysCity sysCity){ int b=sysCityService.insertSelective(sysCity); @@ -107,7 +107,7 @@ public class SysCityController extends BaseController{ //@Log(title = "城市设置删除", action = "111") @ApiOperation(value = "删除", notes = "删除") @DeleteMapping("/remove") - @RequiresPermissions("gen:sysCity:remove") + @SaCheckPermission("gen:sysCity:remove") @ResponseBody public AjaxResult remove(String ids){ int b=sysCityService.deleteByPrimaryKey(ids); @@ -157,7 +157,7 @@ public class SysCityController extends BaseController{ */ //@Log(title = "城市设置修改", action = "111") @ApiOperation(value = "修改保存", notes = "修改保存") - @RequiresPermissions("gen:sysCity:edit") + @SaCheckPermission("gen:sysCity:edit") @PostMapping("/edit") @ResponseBody public AjaxResult editSave(SysCity record) diff --git a/src/main/java/com/fc/v2/controller/admin/SysDepartmentController.java b/src/main/java/com/fc/v2/controller/admin/SysDepartmentController.java index 2f66b7dd7977cfed2b9c7c1d8a0bca3f98cb22de..dbc89ac1d6fe6d4d2d36326d8a2464cbf3c14399 100644 --- a/src/main/java/com/fc/v2/controller/admin/SysDepartmentController.java +++ b/src/main/java/com/fc/v2/controller/admin/SysDepartmentController.java @@ -11,7 +11,7 @@ import com.fc.v2.common.domain.ResuTree; import com.github.pagehelper.PageInfo; import io.swagger.annotations.Api; import io.swagger.annotations.ApiOperation; -import org.apache.shiro.authz.annotation.RequiresPermissions; +import cn.dev33.satoken.annotation.SaCheckPermission; import org.springframework.beans.factory.annotation.Autowired; import org.springframework.stereotype.Controller; import org.springframework.ui.ModelMap; @@ -36,7 +36,7 @@ public class SysDepartmentController extends BaseController{ */ @ApiOperation(value = "分页跳转", notes = "分页跳转") @GetMapping("/view") - @RequiresPermissions("gen:sysDepartment:view") + @SaCheckPermission("gen:sysDepartment:view") public String view(ModelMap model) { return prefix + "/list"; @@ -53,7 +53,7 @@ public class SysDepartmentController extends BaseController{ //@Log(title = "部门表集合查询", action = "111") @ApiOperation(value = "分页查询", notes = "分页查询") @GetMapping("/list") - @RequiresPermissions("gen:sysDepartment:list") + @SaCheckPermission("gen:sysDepartment:list") @ResponseBody public ResultTable list(Tablepar tablepar, String searchText){ PageInfo page=sysDepartmentService.list(tablepar,searchText); @@ -80,7 +80,7 @@ public class SysDepartmentController extends BaseController{ //@Log(title = "部门表新增", action = "111") @ApiOperation(value = "新增", notes = "新增") @PostMapping("/add") - @RequiresPermissions("gen:sysDepartment:add") + @SaCheckPermission("gen:sysDepartment:add") @ResponseBody public AjaxResult add(@RequestBody SysDepartment sysDepartment){ int b=sysDepartmentService.insertSelective(sysDepartment); @@ -99,7 +99,7 @@ public class SysDepartmentController extends BaseController{ //@Log(title = "部门表删除", action = "111") @ApiOperation(value = "删除", notes = "删除") @DeleteMapping("/remove") - @RequiresPermissions("gen:sysDepartment:remove") + @SaCheckPermission("gen:sysDepartment:remove") @ResponseBody public AjaxResult remove(String ids){ int b=sysDepartmentService.deleteByPrimaryKey(ids); @@ -150,7 +150,7 @@ public class SysDepartmentController extends BaseController{ */ //@Log(title = "部门表修改", action = "111") @ApiOperation(value = "修改保存", notes = "修改保存") - @RequiresPermissions("gen:sysDepartment:edit") + @SaCheckPermission("gen:sysDepartment:edit") @PutMapping("/edit") @ResponseBody public AjaxResult editSave(@RequestBody SysDepartment record) diff --git a/src/main/java/com/fc/v2/controller/admin/SysInterUrlController.java b/src/main/java/com/fc/v2/controller/admin/SysInterUrlController.java index 291bdb89e348dff9320358e0881c93031db097cb..04768f5dccd80080c3bf1e5e795c81a121542633 100644 --- a/src/main/java/com/fc/v2/controller/admin/SysInterUrlController.java +++ b/src/main/java/com/fc/v2/controller/admin/SysInterUrlController.java @@ -1,7 +1,7 @@ package com.fc.v2.controller.admin; import com.fc.v2.common.domain.ResultTable; -import org.apache.shiro.authz.annotation.RequiresPermissions; +import cn.dev33.satoken.annotation.SaCheckPermission; import org.springframework.beans.factory.annotation.Autowired; import org.springframework.stereotype.Controller; import org.springframework.ui.ModelMap; @@ -33,7 +33,7 @@ public class SysInterUrlController extends BaseController{ */ @ApiOperation(value = "分页跳转", notes = "分页跳转") @GetMapping("/view") - @RequiresPermissions("gen:sysInterUrl:view") + @SaCheckPermission("gen:sysInterUrl:view") public String view(ModelMap model) { return prefix + "/list"; @@ -50,7 +50,7 @@ public class SysInterUrlController extends BaseController{ //@Log(title = "拦截url表集合查询", action = "111") @ApiOperation(value = "分页查询", notes = "分页查询") @GetMapping("/list") - @RequiresPermissions("gen:sysInterUrl:list") + @SaCheckPermission("gen:sysInterUrl:list") @ResponseBody public ResultTable list(Tablepar tablepar, String searchText){ PageInfo page=sysInterUrlService.list(tablepar,searchText) ; @@ -77,7 +77,7 @@ public class SysInterUrlController extends BaseController{ //@Log(title = "拦截url表新增", action = "1") @ApiOperation(value = "新增", notes = "新增") @PostMapping("/add") - @RequiresPermissions("gen:sysInterUrl:add") + @SaCheckPermission("gen:sysInterUrl:add") @ResponseBody public AjaxResult add(SysInterUrl sysInterUrl){ int b=sysInterUrlService.insertSelective(sysInterUrl); @@ -98,7 +98,7 @@ public class SysInterUrlController extends BaseController{ //@Log(title = "复制", action = "1") @ApiOperation(value = "复制", notes = "复制") @GetMapping("/copy/{id}") - @RequiresPermissions("gen:sysInterUrl:add") + @SaCheckPermission("gen:sysInterUrl:add") @ResponseBody public AjaxResult copy(@PathVariable("id") String id){ SysInterUrl sysInterUrl= sysInterUrlService.selectByPrimaryKey(id); @@ -120,7 +120,7 @@ public class SysInterUrlController extends BaseController{ //@Log(title = "拦截url表删除", action = "111") @ApiOperation(value = "删除", notes = "删除") @DeleteMapping("/remove") - @RequiresPermissions("gen:sysInterUrl:remove") + @SaCheckPermission("gen:sysInterUrl:remove") @ResponseBody public AjaxResult remove(String ids){ int b=sysInterUrlService.deleteByPrimaryKey(ids); @@ -169,7 +169,7 @@ public class SysInterUrlController extends BaseController{ */ //@Log(title = "拦截url表修改", action = "1") @ApiOperation(value = "修改保存", notes = "修改保存") - @RequiresPermissions("gen:sysInterUrl:edit") + @SaCheckPermission("gen:sysInterUrl:edit") @PostMapping("/edit") @ResponseBody public AjaxResult editSave(SysInterUrl record) diff --git a/src/main/java/com/fc/v2/controller/admin/SysNoticeController.java b/src/main/java/com/fc/v2/controller/admin/SysNoticeController.java index 9536279ed58c2337d00169a7b8ed83eb009284cc..08db3075d8a9c881b2fc63ec89bd99e62f0337fe 100644 --- a/src/main/java/com/fc/v2/controller/admin/SysNoticeController.java +++ b/src/main/java/com/fc/v2/controller/admin/SysNoticeController.java @@ -1,20 +1,27 @@ package com.fc.v2.controller.admin; +import org.springframework.beans.factory.annotation.Autowired; +import org.springframework.stereotype.Controller; +import org.springframework.ui.ModelMap; +import org.springframework.web.bind.annotation.DeleteMapping; +import org.springframework.web.bind.annotation.GetMapping; +import org.springframework.web.bind.annotation.PathVariable; +import org.springframework.web.bind.annotation.PostMapping; +import org.springframework.web.bind.annotation.RequestMapping; +import org.springframework.web.bind.annotation.ResponseBody; + import com.fc.v2.common.base.BaseController; import com.fc.v2.common.domain.AjaxResult; import com.fc.v2.common.domain.ResultTable; import com.fc.v2.model.auto.SysNotice; import com.fc.v2.model.custom.Tablepar; +import com.fc.v2.satoken.SaTokenUtil; import com.fc.v2.service.SysNoticeService; -import com.fc.v2.shiro.util.ShiroUtils; import com.github.pagehelper.PageInfo; + +import cn.dev33.satoken.annotation.SaCheckPermission; import io.swagger.annotations.Api; import io.swagger.annotations.ApiOperation; -import org.apache.shiro.authz.annotation.RequiresPermissions; -import org.springframework.beans.factory.annotation.Autowired; -import org.springframework.stereotype.Controller; -import org.springframework.ui.ModelMap; -import org.springframework.web.bind.annotation.*; /** * 公告Controller @@ -41,7 +48,7 @@ public class SysNoticeController extends BaseController{ */ @ApiOperation(value = "分页跳转", notes = "分页跳转") @GetMapping("/view") - @RequiresPermissions("gen:sysNotice:view") + @SaCheckPermission("gen:sysNotice:view") public String view(ModelMap model) { return prefix + "/list"; @@ -57,7 +64,7 @@ public class SysNoticeController extends BaseController{ //@Log(title = "公告集合查询", action = "111") @ApiOperation(value = "分页查询", notes = "分页查询") @GetMapping("/list") - @RequiresPermissions("gen:sysNotice:list") + @SaCheckPermission("gen:sysNotice:list") @ResponseBody public ResultTable list(Tablepar tablepar, String searchText){ PageInfo page=sysNoticeService.list(tablepar,searchText) ; @@ -89,7 +96,7 @@ public class SysNoticeController extends BaseController{ @ResponseBody public ResultTable viewUserlist(Tablepar tablepar,String searchText) { - PageInfo page=sysNoticeService.list(ShiroUtils.getUser(), tablepar, searchText); + PageInfo page=sysNoticeService.list(SaTokenUtil.getUser(), tablepar, searchText); return pageTable(page.getList(),page.getTotal()); } @@ -114,7 +121,7 @@ public class SysNoticeController extends BaseController{ //@Log(title = "公告新增", action = "111") @ApiOperation(value = "新增", notes = "新增") @PostMapping("/add") - @RequiresPermissions("gen:sysNotice:add") + @SaCheckPermission("gen:sysNotice:add") @ResponseBody public AjaxResult add(SysNotice sysNotice){ int b=sysNoticeService.insertSelective(sysNotice); @@ -133,7 +140,7 @@ public class SysNoticeController extends BaseController{ //@Log(title = "公告删除", action = "111") @ApiOperation(value = "删除", notes = "删除") @DeleteMapping("/remove") - @RequiresPermissions("gen:sysNotice:remove") + @SaCheckPermission("gen:sysNotice:remove") @ResponseBody public AjaxResult remove(String ids){ int b=sysNoticeService.deleteByPrimaryKey(ids); @@ -200,7 +207,7 @@ public class SysNoticeController extends BaseController{ */ //@Log(title = "公告修改", action = "111") @ApiOperation(value = "修改保存", notes = "修改保存") - @RequiresPermissions("gen:sysNotice:edit") + @SaCheckPermission("gen:sysNotice:edit") @PostMapping("/edit") @ResponseBody public AjaxResult editSave(SysNotice record) diff --git a/src/main/java/com/fc/v2/controller/admin/SysPositionController.java b/src/main/java/com/fc/v2/controller/admin/SysPositionController.java index ecf7154640f05193d3bc51c95c1356c4c8bcd6bf..ebef3b7f7aa8c468225f80e73858ef9616abb247 100644 --- a/src/main/java/com/fc/v2/controller/admin/SysPositionController.java +++ b/src/main/java/com/fc/v2/controller/admin/SysPositionController.java @@ -9,7 +9,7 @@ import com.fc.v2.service.SysPositionService; import com.github.pagehelper.PageInfo; import io.swagger.annotations.Api; import io.swagger.annotations.ApiOperation; -import org.apache.shiro.authz.annotation.RequiresPermissions; +import cn.dev33.satoken.annotation.SaCheckPermission; import org.springframework.beans.factory.annotation.Autowired; import org.springframework.stereotype.Controller; import org.springframework.ui.ModelMap; @@ -29,7 +29,7 @@ public class SysPositionController extends BaseController{ */ @ApiOperation(value = "分页跳转", notes = "分页跳转") @GetMapping("/view") - @RequiresPermissions("gen:sysPosition:view") + @SaCheckPermission("gen:sysPosition:view") public String view(ModelMap model) { return prefix + "/list"; @@ -41,7 +41,7 @@ public class SysPositionController extends BaseController{ //@Log(title = "岗位表集合查询", action = "111") @ApiOperation(value = "分页查询", notes = "分页查询") @PostMapping("/list") - @RequiresPermissions("gen:sysPosition:list") + @SaCheckPermission("gen:sysPosition:list") @ResponseBody public ResultTable list(Tablepar tablepar, String searchText){ PageInfo page=sysPositionService.list(tablepar,searchText) ; @@ -64,7 +64,7 @@ public class SysPositionController extends BaseController{ //@Log(title = "岗位表新增", action = "111") @ApiOperation(value = "新增", notes = "新增") @PostMapping("add") - @RequiresPermissions("gen:sysPosition:add") + @SaCheckPermission("gen:sysPosition:add") @ResponseBody public AjaxResult add(SysPosition sysPosition){ int b=sysPositionService.insertSelective(sysPosition); @@ -83,7 +83,7 @@ public class SysPositionController extends BaseController{ //@Log(title = "岗位表删除", action = "111") @ApiOperation(value = "删除", notes = "删除") @DeleteMapping("/remove") - @RequiresPermissions("gen:sysPosition:remove") + @SaCheckPermission("gen:sysPosition:remove") @ResponseBody public AjaxResult remove(String ids){ int b=sysPositionService.deleteByPrimaryKey(ids); @@ -132,7 +132,7 @@ public class SysPositionController extends BaseController{ */ //@Log(title = "岗位表修改", action = "111") @ApiOperation(value = "修改保存", notes = "修改保存") - @RequiresPermissions("gen:sysPosition:edit") + @SaCheckPermission("gen:sysPosition:edit") @PostMapping("/edit") @ResponseBody public AjaxResult editSave(SysPosition record) diff --git a/src/main/java/com/fc/v2/controller/admin/SysProvinceController.java b/src/main/java/com/fc/v2/controller/admin/SysProvinceController.java index 18cb6274b31d66820c6ae347fcd8a05fed9e3fe1..4216effa5004b7a2010408aeb79f522bb01517a2 100644 --- a/src/main/java/com/fc/v2/controller/admin/SysProvinceController.java +++ b/src/main/java/com/fc/v2/controller/admin/SysProvinceController.java @@ -1,6 +1,6 @@ package com.fc.v2.controller.admin; -import org.apache.shiro.authz.annotation.RequiresPermissions; +import cn.dev33.satoken.annotation.SaCheckPermission; import org.springframework.beans.factory.annotation.Autowired; import org.springframework.stereotype.Controller; import org.springframework.ui.ModelMap; @@ -37,7 +37,7 @@ public class SysProvinceController extends BaseController{ */ @ApiOperation(value = "分页跳转", notes = "分页跳转") @GetMapping("/view") - @RequiresPermissions("gen:sysProvince:view") + @SaCheckPermission("gen:sysProvince:view") public String view(ModelMap model) { return prefix + "/list"; @@ -53,7 +53,7 @@ public class SysProvinceController extends BaseController{ //@Log(title = "省份表集合查询", action = "111") @ApiOperation(value = "分页查询", notes = "分页查询") @GetMapping("/list") - @RequiresPermissions("gen:sysProvince:list") + @SaCheckPermission("gen:sysProvince:list") @ResponseBody public Object list(Tablepar tablepar,String searchText){ PageInfo page=sysProvinceService.list(tablepar,searchText) ; @@ -83,7 +83,7 @@ public class SysProvinceController extends BaseController{ //@Log(title = "省份表新增", action = "111") @ApiOperation(value = "新增", notes = "新增") @PostMapping("/add") - @RequiresPermissions("gen:sysProvince:add") + @SaCheckPermission("gen:sysProvince:add") @ResponseBody public AjaxResult add(SysProvince sysProvince){ int b=sysProvinceService.insertSelective(sysProvince); @@ -102,7 +102,7 @@ public class SysProvinceController extends BaseController{ //@Log(title = "省份表删除", action = "111") @ApiOperation(value = "删除", notes = "删除") @DeleteMapping("/remove") - @RequiresPermissions("gen:sysProvince:remove") + @SaCheckPermission("gen:sysProvince:remove") @ResponseBody public AjaxResult remove(String ids){ int b=sysProvinceService.deleteByPrimaryKey(ids); @@ -151,7 +151,7 @@ public class SysProvinceController extends BaseController{ */ //@Log(title = "省份表修改", action = "111") @ApiOperation(value = "修改保存", notes = "修改保存") - @RequiresPermissions("gen:sysProvince:edit") + @SaCheckPermission("gen:sysProvince:edit") @PostMapping("/edit") @ResponseBody public AjaxResult editSave(SysProvince record) diff --git a/src/main/java/com/fc/v2/controller/admin/SysStreetController.java b/src/main/java/com/fc/v2/controller/admin/SysStreetController.java index d1d3b49d79198602297c6a8ccfe1c60154e3f0e9..20804f535706bafc914f4a707c7af36f554f055e 100644 --- a/src/main/java/com/fc/v2/controller/admin/SysStreetController.java +++ b/src/main/java/com/fc/v2/controller/admin/SysStreetController.java @@ -2,7 +2,7 @@ package com.fc.v2.controller.admin; import java.util.List; -import org.apache.shiro.authz.annotation.RequiresPermissions; +import cn.dev33.satoken.annotation.SaCheckPermission; import org.springframework.beans.factory.annotation.Autowired; import org.springframework.stereotype.Controller; import org.springframework.ui.ModelMap; @@ -42,7 +42,7 @@ public class SysStreetController extends BaseController{ */ @ApiOperation(value = "分页跳转", notes = "分页跳转") @GetMapping("/view") - @RequiresPermissions("gen:sysStreet:view") + @SaCheckPermission("gen:sysStreet:view") public String view(ModelMap model) { return prefix + "/list"; @@ -57,7 +57,7 @@ public class SysStreetController extends BaseController{ //@Log(title = "街道设置集合查询", action = "111") @ApiOperation(value = "分页查询", notes = "分页查询") @GetMapping("/list") - @RequiresPermissions("gen:sysStreet:list") + @SaCheckPermission("gen:sysStreet:list") @ResponseBody public Object list(Tablepar tablepar,String searchText){ PageInfo page=sysStreetService.list(tablepar,searchText); @@ -88,7 +88,7 @@ public class SysStreetController extends BaseController{ //@Log(title = "街道设置新增", action = "111") @ApiOperation(value = "新增", notes = "新增") @PostMapping("/add") - @RequiresPermissions("gen:sysStreet:add") + @SaCheckPermission("gen:sysStreet:add") @ResponseBody public AjaxResult add(SysStreet sysStreet){ int b=sysStreetService.insertSelective(sysStreet); @@ -107,7 +107,7 @@ public class SysStreetController extends BaseController{ //@Log(title = "街道设置删除", action = "111") @ApiOperation(value = "删除", notes = "删除") @DeleteMapping("/remove") - @RequiresPermissions("gen:sysStreet:remove") + @SaCheckPermission("gen:sysStreet:remove") @ResponseBody public AjaxResult remove(String ids){ int b=sysStreetService.deleteByPrimaryKey(ids); @@ -158,7 +158,7 @@ public class SysStreetController extends BaseController{ */ //@Log(title = "街道设置修改", action = "111") @ApiOperation(value = "修改保存", notes = "修改保存") - @RequiresPermissions("gen:sysStreet:edit") + @SaCheckPermission("gen:sysStreet:edit") @PostMapping("/edit") @ResponseBody public AjaxResult editSave(SysStreet record) diff --git a/src/main/java/com/fc/v2/controller/admin/UserController.java b/src/main/java/com/fc/v2/controller/admin/UserController.java index 3a77f2da6ea6672a9215afcad872df07b77fc238..70839dd294218de98fe8db8e67b985ca3c87cb20 100644 --- a/src/main/java/com/fc/v2/controller/admin/UserController.java +++ b/src/main/java/com/fc/v2/controller/admin/UserController.java @@ -2,7 +2,7 @@ package com.fc.v2.controller.admin; import java.util.List; import com.fc.v2.common.domain.ResultTable; -import org.apache.shiro.authz.annotation.RequiresPermissions; +import cn.dev33.satoken.annotation.SaCheckPermission; import org.springframework.beans.factory.annotation.Autowired; import org.springframework.stereotype.Controller; import org.springframework.ui.ModelMap; @@ -52,7 +52,7 @@ public class UserController extends BaseController{ */ @ApiOperation(value = "分页跳转", notes = "分页跳转") @GetMapping("/view") - @RequiresPermissions("system:user:view") + @SaCheckPermission("system:user:view") public String view(ModelMap model) { return prefix + "/list"; @@ -70,7 +70,7 @@ public class UserController extends BaseController{ //@Log(title = "分页查询", action = "1") @ApiOperation(value = "分页查询", notes = "分页查询") @GetMapping("/list") - @RequiresPermissions("system:user:list") + @SaCheckPermission("system:user:list") @ResponseBody public ResultTable list(Tablepar tablepar){ PageInfo page=sysUserService.list(tablepar) ; @@ -113,7 +113,7 @@ public class UserController extends BaseController{ @Log(title = "用户新增", action = "111") @ApiOperation(value = "新增", notes = "新增") @PostMapping("/add") - @RequiresPermissions("system:user:add") + @SaCheckPermission("system:user:add") @ResponseBody public AjaxResult add(TsysUser user,@RequestParam(value="roleIds", required = false)String roleIds){ int b=sysUserService.insertUserRoles(user,roleIds); @@ -132,7 +132,7 @@ public class UserController extends BaseController{ //@Log(title = "删除用户", action = "1") @ApiOperation(value = "删除", notes = "删除") @DeleteMapping("/remove") - @RequiresPermissions("system:user:remove") + @SaCheckPermission("system:user:remove") @ResponseBody public AjaxResult remove(String ids){ int b=sysUserService.deleteByPrimaryKey(ids); @@ -187,7 +187,7 @@ public class UserController extends BaseController{ */ //@Log(title = "修改保存用户", action = "1") @ApiOperation(value = "修改保存用户", notes = "修改保存用户") - @RequiresPermissions("system:user:edit") + @SaCheckPermission("system:user:edit") @PostMapping("/edit") @ResponseBody public AjaxResult editSave(TsysUser tsysUser,@RequestParam(value="roleIds", required = false)String roleIds) @@ -216,7 +216,7 @@ public class UserController extends BaseController{ */ //@Log(title = "修改用户密码", action = "1") @ApiOperation(value = "修改用户密码", notes = "修改用户密码") - @RequiresPermissions("system:user:editPwd") + @SaCheckPermission("system:user:editPwd") @PostMapping("/editPwd") @ResponseBody public AjaxResult editPwdSave(TsysUser tsysUser) diff --git a/src/main/java/com/fc/v2/mapper/custom/PermissionDao.java b/src/main/java/com/fc/v2/mapper/custom/PermissionDao.java index 698f620cca639889e7f3fdca27de6e6273cbf95f..baf51b22f0a377ac251654cbc38fb896f585f76e 100644 --- a/src/main/java/com/fc/v2/mapper/custom/PermissionDao.java +++ b/src/main/java/com/fc/v2/mapper/custom/PermissionDao.java @@ -24,6 +24,13 @@ public interface PermissionDao { * @return */ List queryRoleId(String roleid); + + /** + * 根据角色id查询权限码集合 + * @param roleid + * @return + */ + List queryPermsList(String roleid); diff --git a/src/main/java/com/fc/v2/mapper/custom/RoleDao.java b/src/main/java/com/fc/v2/mapper/custom/RoleDao.java index dfcbf9282fe86c5a0b962b2dc0bdb83683fb4cf6..1d3f8102b060033f111ff4a7430f3e0940424c4f 100644 --- a/src/main/java/com/fc/v2/mapper/custom/RoleDao.java +++ b/src/main/java/com/fc/v2/mapper/custom/RoleDao.java @@ -17,4 +17,12 @@ public interface RoleDao { * @return */ public List queryUserRole(String userid); + + /** + * 根据用户id查询角色id + * @param userid + * @return + */ + public List queryUserRoleId(String userid); + } diff --git a/src/main/java/com/fc/v2/satoken/SaTokenConfigure.java b/src/main/java/com/fc/v2/satoken/SaTokenConfigure.java new file mode 100644 index 0000000000000000000000000000000000000000..f3425b5c5c9ab64203d76f6ae635f6e66bbc928d --- /dev/null +++ b/src/main/java/com/fc/v2/satoken/SaTokenConfigure.java @@ -0,0 +1,111 @@ +package com.fc.v2.satoken; + +import org.springframework.context.annotation.Bean; +import org.springframework.context.annotation.Configuration; +import org.springframework.web.servlet.config.annotation.InterceptorRegistry; +import org.springframework.web.servlet.config.annotation.WebMvcConfigurer; + +import com.alibaba.fastjson.JSON; +import com.fc.v2.common.domain.AjaxResult; +import com.fc.v2.satoken.dialect.SaTokenDialect; + +import cn.dev33.satoken.context.SaHolder; +import cn.dev33.satoken.exception.NotLoginException; +import cn.dev33.satoken.filter.SaServletFilter; +import cn.dev33.satoken.interceptor.SaAnnotationInterceptor; +import cn.dev33.satoken.router.SaRouter; +import cn.dev33.satoken.stp.StpUtil; + +/** + * Sa-Token 配置 + * @author kong + * + */ +@Configuration +public class SaTokenConfigure implements WebMvcConfigurer { + + /** + * 注册 Sa-Token 的注解拦截器,打开注解式鉴权功能 + */ + @Override + public void addInterceptors(InterceptorRegistry registry) { + registry.addInterceptor(new SaAnnotationInterceptor()).addPathPatterns("/**"); + } + + /** + * 注册 [Sa-Token全局过滤器] + */ + @Bean + public SaServletFilter getSaServletFilter() { + return new SaServletFilter() + + // 指定 拦截路由 + .addInclude("/**") + + // 指定 放行路由 + .addExclude( + "/favicon.ico", "/static/**", + // 对所有用户认证 + "/admin/login", + //手机登录 + "/admin/API/login", + // 放验证码 + "/captcha/**", + // 释放 druid 监控画面 + "/druid/**", + // 释放websocket请求 + "/websocket", + // 前端 + "/", "/index", + // 任务调度暂时放开 + "/quartz/**", + // 开放APicontroller + "/ApiController/**", + "/oss/**", "/druid/**" + ) + + // 认证函数: 每次请求执行 + .setAuth(r -> { + SaRouter.match("/**", () -> StpUtil.checkLogin()); + }) + + // 异常处理函数:每次认证函数发生异常时执行此函数 + .setError(e -> { + // e.printStackTrace(); + if(e instanceof NotLoginException) { + SaHolder.getResponse().redirect("/admin/login"); + } + return JSON.toJSONString(AjaxResult.error(e.getMessage())); + }) + + // 前置函数:在每次认证函数之前执行 + .setBeforeAuth(r -> { + // ---------- 设置跨域响应头 ---------- + SaHolder.getResponse() + // 允许指定域访问跨域资源 + .setHeader("Access-Control-Allow-Origin", "*") + // 允许所有请求方式 + .setHeader("Access-Control-Allow-Methods", "POST, GET, OPTIONS, DELETE") + // 有效时间 + .setHeader("Access-Control-Max-Age", "3600") + // 允许的header参数 + .setHeader("Access-Control-Allow-Headers", "x-requested-with,satoken"); + + // 如果是预检请求,直接返回 + if ("OPTIONS".equals(SaHolder.getRequest().getMethod())) { + System.out.println("=======================浏览器发来了OPTIONS预检请求=========="); + SaRouter.back(); + } + }) + ; + } + + /** + * 注册 Sa-Token 标签方言 + */ + @Bean + public SaTokenDialect saTokenDialect() { + return new SaTokenDialect(); + } + +} diff --git a/src/main/java/com/fc/v2/satoken/SaTokenUtil.java b/src/main/java/com/fc/v2/satoken/SaTokenUtil.java new file mode 100644 index 0000000000000000000000000000000000000000..43f8ca25a880fa6d580b2b5a6b60be4bbdcb0e53 --- /dev/null +++ b/src/main/java/com/fc/v2/satoken/SaTokenUtil.java @@ -0,0 +1,56 @@ +package com.fc.v2.satoken; + +import com.fc.v2.model.auto.TsysUser; + +import cn.dev33.satoken.stp.StpUtil; + +/** + * 封装 Sa-Token 常用操作 + * @author kong + * + */ +public class SaTokenUtil { + + /** + * 获取登录用户model + */ + public static TsysUser getUser() { + return (TsysUser)StpUtil.getSession().get("user"); + } + + /** + * set用户 + */ + public static void setUser(TsysUser user) { + StpUtil.getSession().set("user", user); + } + + /** + * 获取登录用户id + */ + public static String getUserId() { + return StpUtil.getLoginIdAsString(); + } + + /** + * 获取登录用户name + */ + public static String getLoginName() { + TsysUser tsysUser = getUser(); + if (tsysUser == null){ + throw new RuntimeException("用户不存在!"); + } + return tsysUser.getUsername(); + } + + /** + * 获取登录用户ip + * @return + * @author fuce + * @Date 2019年11月21日 上午9:58:26 + */ + public static String getIp() { + return StpUtil.getTokenSession().getString("login_ip"); + } + +} diff --git a/src/main/java/com/fc/v2/satoken/StpInterfaceImpl.java b/src/main/java/com/fc/v2/satoken/StpInterfaceImpl.java new file mode 100644 index 0000000000000000000000000000000000000000..568107821891897e794b40ca20e0b06d1bb7b1e2 --- /dev/null +++ b/src/main/java/com/fc/v2/satoken/StpInterfaceImpl.java @@ -0,0 +1,54 @@ +package com.fc.v2.satoken; + +import java.util.ArrayList; +import java.util.List; + +import org.springframework.beans.factory.annotation.Autowired; +import org.springframework.stereotype.Component; + +import com.fc.v2.mapper.custom.PermissionDao; +import com.fc.v2.mapper.custom.RoleDao; + +import cn.dev33.satoken.session.SaSession; +import cn.dev33.satoken.session.SaSessionCustomUtil; +import cn.dev33.satoken.stp.StpInterface; +import cn.dev33.satoken.stp.StpUtil; + +/** + * 自定义权限验证接口扩展 + */ +@Component +public class StpInterfaceImpl implements StpInterface { + + @Autowired + private PermissionDao permissionDao;//权限dao + + @Autowired + private RoleDao roleDao ;//角色dao + + /** + * 返回一个账号所拥有的权限码集合 + *

注:权限变动时需要清除缓存:SaSessionCustomUtil.getSessionById("role-" + roleId).delete("Permission_List"); + */ + @Override + public List getPermissionList(Object loginId, String loginType) { + List permList = new ArrayList<>(); + for (String roleId : getRoleList(loginId, loginType)) { + SaSession roleSession = SaSessionCustomUtil.getSessionById("role-" + roleId); + List list = roleSession.get("Permission_List", () -> permissionDao.queryPermsList(roleId)); + permList.addAll(list); + } + return permList; + } + + /** + * 返回一个账号所拥有的角色标识集合 (权限与角色可分开校验) + *

注:角色变动时需要清除缓存:StpUtil.getSessionByLoginId(userId).delete("Role_List"); + */ + @Override + public List getRoleList(Object loginId, String loginType) { + SaSession session = StpUtil.getSessionByLoginId(loginId); + return session.get("Role_List", () -> roleDao.queryUserRoleId(String.valueOf(loginId))); + } + +} \ No newline at end of file diff --git a/src/main/java/com/fc/v2/satoken/dialect/SaTokenDialect.java b/src/main/java/com/fc/v2/satoken/dialect/SaTokenDialect.java new file mode 100644 index 0000000000000000000000000000000000000000..9ca3651001cba437bcb9adef3c61df823241e45e --- /dev/null +++ b/src/main/java/com/fc/v2/satoken/dialect/SaTokenDialect.java @@ -0,0 +1,50 @@ +package com.fc.v2.satoken.dialect; + +import java.util.Arrays; +import java.util.HashSet; +import java.util.Set; + +import org.thymeleaf.dialect.AbstractProcessorDialect; +import org.thymeleaf.processor.IProcessor; + +import cn.dev33.satoken.stp.StpUtil; + +/** + * Sa-Token 标签方言 + *

参考:https://blog.csdn.net/whatlookingfor/article/details/78459649 + * @author kong + * + */ +public class SaTokenDialect extends AbstractProcessorDialect { + + /** + * 方言名称 + */ + private static final String DIALECT_NAME = "Sa-Token"; + + /** + * 方言前缀 + */ + public static final String DIALECT_PREFIX = "sa"; + + /** + * 优先级 + */ + public static final int PROCESSOR_PRECEDENCE = 1000; + + public SaTokenDialect() { + super(DIALECT_NAME, DIALECT_PREFIX, PROCESSOR_PRECEDENCE); + } + + /** + * 返回所有方言处理器 + */ + @Override + public Set getProcessors(final String prefix) { + return new HashSet(Arrays.asList( + new SaTokenTagProcessor(prefix, "hasRole", StpUtil::hasRole), + new SaTokenTagProcessor(prefix, "hasPermission", StpUtil::hasPermission) + )); + } + +} diff --git a/src/main/java/com/fc/v2/satoken/dialect/SaTokenTagProcessor.java b/src/main/java/com/fc/v2/satoken/dialect/SaTokenTagProcessor.java new file mode 100644 index 0000000000000000000000000000000000000000..bf472981a6d705d7c6b675570c37d805dc9eba57 --- /dev/null +++ b/src/main/java/com/fc/v2/satoken/dialect/SaTokenTagProcessor.java @@ -0,0 +1,45 @@ +package com.fc.v2.satoken.dialect; + +import java.util.function.Function; + +import org.thymeleaf.context.ITemplateContext; +import org.thymeleaf.engine.AttributeName; +import org.thymeleaf.model.IProcessableElementTag; +import org.thymeleaf.processor.element.AbstractAttributeTagProcessor; +import org.thymeleaf.processor.element.IElementTagStructureHandler; +import org.thymeleaf.templatemode.TemplateMode; + +/** + * 封装 Sa-Token 标签方言处理器 + * @author kong + * + */ +public class SaTokenTagProcessor extends AbstractAttributeTagProcessor { + + Function fun; + + public SaTokenTagProcessor(final String dialectPrefix, String arrtName, Function fun) { + super( + TemplateMode.HTML, // This processor will apply only to HTML mode + dialectPrefix, // Prefix to be applied to name for matching + null, // No tag name: match any tag name + false, // No prefix to be applied to tag name + arrtName, // Name of the attribute that will be matched + true, // Apply dialect prefix to attribute name + 10000, // Precedence (inside dialect's own precedence) + true); // Remove the matched attribute afterwards + this.fun = fun; + } + + @Override + protected void doProcess( + final ITemplateContext context, final IProcessableElementTag tag, + final AttributeName attributeName, final String attributeValue, + final IElementTagStructureHandler structureHandler) { + // 执行表达式返回值为false,则删除这个标签 + if(this.fun.apply(attributeValue) == false) { + structureHandler.removeElement(); + }; + } + +} \ No newline at end of file diff --git a/src/main/java/com/fc/v2/service/SysDictDataService.java b/src/main/java/com/fc/v2/service/SysDictDataService.java index 62784a22ba19cdd444f3c40e8a0d9ee4e05ef889..3d76ff39307a25316e99ba94d4b5e0d51806c79a 100644 --- a/src/main/java/com/fc/v2/service/SysDictDataService.java +++ b/src/main/java/com/fc/v2/service/SysDictDataService.java @@ -1,5 +1,11 @@ package com.fc.v2.service; +import java.util.Date; +import java.util.List; + +import org.springframework.beans.factory.annotation.Autowired; +import org.springframework.stereotype.Service; + import com.fc.v2.common.base.BaseService; import com.fc.v2.common.support.ConvertUtil; import com.fc.v2.mapper.auto.TSysDictDataMapper; @@ -8,15 +14,10 @@ import com.fc.v2.model.auto.TSysDictData; import com.fc.v2.model.auto.TSysDictDataExample; import com.fc.v2.model.auto.TSysDictType; import com.fc.v2.model.custom.Tablepar; -import com.fc.v2.shiro.util.ShiroUtils; +import com.fc.v2.satoken.SaTokenUtil; import com.fc.v2.util.SnowflakeIdWorker; import com.github.pagehelper.PageHelper; import com.github.pagehelper.PageInfo; -import org.springframework.beans.factory.annotation.Autowired; -import org.springframework.stereotype.Service; - -import java.util.Date; -import java.util.List; /** * 字典数据表Service @@ -75,7 +76,7 @@ public class SysDictDataService implements BaseService { @@ -64,9 +65,9 @@ public class SysFileService implements BaseService { //获取旧数据 SysFile old_data=sysFileMapper.selectByPrimaryKey(record.getId()); //插入修改人id - record.setUpdateUserId(ShiroUtils.getUserId()); + record.setUpdateUserId(SaTokenUtil.getUserId()); //插入修改人name - record.setUpdateUserName(ShiroUtils.getLoginName()); + record.setUpdateUserName(SaTokenUtil.getLoginName()); //插入修改时间 record.setUpdateTime(new Date()); return sysFileMapper.updateByPrimaryKey(old_data); diff --git a/src/main/java/com/fc/v2/service/SysNoticeService.java b/src/main/java/com/fc/v2/service/SysNoticeService.java index 52dba9f55e720b1660d4dc9b3ff82b03c4987870..684b5ca7f7f9680e5b0f45e79fac28b78b817e91 100644 --- a/src/main/java/com/fc/v2/service/SysNoticeService.java +++ b/src/main/java/com/fc/v2/service/SysNoticeService.java @@ -1,23 +1,29 @@ package com.fc.v2.service; +import java.util.ArrayList; +import java.util.Date; +import java.util.List; + +import org.springframework.beans.factory.annotation.Autowired; +import org.springframework.stereotype.Service; +import org.springframework.transaction.annotation.Transactional; + import com.fc.v2.common.base.BaseService; import com.fc.v2.common.support.ConvertUtil; import com.fc.v2.mapper.auto.SysNoticeMapper; import com.fc.v2.mapper.auto.SysNoticeUserMapper; -import com.fc.v2.model.auto.*; +import com.fc.v2.model.auto.SysNotice; +import com.fc.v2.model.auto.SysNoticeExample; +import com.fc.v2.model.auto.SysNoticeUser; +import com.fc.v2.model.auto.SysNoticeUserExample; import com.fc.v2.model.auto.SysNoticeUserExample.Criteria; +import com.fc.v2.model.auto.TsysUser; +import com.fc.v2.model.auto.TsysUserExample; import com.fc.v2.model.custom.Tablepar; -import com.fc.v2.shiro.util.ShiroUtils; +import com.fc.v2.satoken.SaTokenUtil; import com.fc.v2.util.SnowflakeIdWorker; import com.github.pagehelper.PageHelper; import com.github.pagehelper.PageInfo; -import org.springframework.beans.factory.annotation.Autowired; -import org.springframework.stereotype.Service; -import org.springframework.transaction.annotation.Transactional; - -import java.util.ArrayList; -import java.util.Date; -import java.util.List; /** * 公告 SysNoticeService @@ -130,9 +136,9 @@ public class SysNoticeService implements BaseService noticeUsers= sysNoticeUserMapper.selectByExample(sysNoticeUserExample); for (SysNoticeUser sysNoticeUser : noticeUsers) { sysNoticeUser.setState(1); diff --git a/src/main/java/com/fc/v2/service/SysQuartzJobService.java b/src/main/java/com/fc/v2/service/SysQuartzJobService.java index f7895ea75226042c627ac11aa371b5f07a5aef3a..bbf71ef3e459dc9bfdef1aeae551a4e2b0663b7f 100644 --- a/src/main/java/com/fc/v2/service/SysQuartzJobService.java +++ b/src/main/java/com/fc/v2/service/SysQuartzJobService.java @@ -162,7 +162,7 @@ public class SysQuartzJobService implements BaseService 0) { diff --git a/src/main/java/com/fc/v2/service/SysUserService.java b/src/main/java/com/fc/v2/service/SysUserService.java index 7087cf02f90b174dbb0558cbc0ac033914a97ced..0d46cf871da59fc62f80f6685712e507070e1dbc 100644 --- a/src/main/java/com/fc/v2/service/SysUserService.java +++ b/src/main/java/com/fc/v2/service/SysUserService.java @@ -1,5 +1,12 @@ package com.fc.v2.service; +import java.util.ArrayList; +import java.util.List; + +import org.springframework.beans.factory.annotation.Autowired; +import org.springframework.stereotype.Service; +import org.springframework.transaction.annotation.Transactional; + import com.fc.v2.common.base.BaseService; import com.fc.v2.common.support.ConvertUtil; import com.fc.v2.mapper.auto.TSysRoleUserMapper; @@ -7,7 +14,12 @@ import com.fc.v2.mapper.auto.TsysRoleMapper; import com.fc.v2.mapper.auto.TsysUserMapper; import com.fc.v2.mapper.custom.RoleDao; import com.fc.v2.mapper.custom.TsysUserDao; -import com.fc.v2.model.auto.*; +import com.fc.v2.model.auto.TSysRoleUser; +import com.fc.v2.model.auto.TSysRoleUserExample; +import com.fc.v2.model.auto.TsysRole; +import com.fc.v2.model.auto.TsysRoleExample; +import com.fc.v2.model.auto.TsysUser; +import com.fc.v2.model.auto.TsysUserExample; import com.fc.v2.model.custom.RoleVo; import com.fc.v2.model.custom.Tablepar; import com.fc.v2.util.MD5Util; @@ -15,12 +27,8 @@ import com.fc.v2.util.SnowflakeIdWorker; import com.fc.v2.util.StringUtils; import com.github.pagehelper.PageHelper; import com.github.pagehelper.PageInfo; -import org.springframework.beans.factory.annotation.Autowired; -import org.springframework.stereotype.Service; -import org.springframework.transaction.annotation.Transactional; -import java.util.ArrayList; -import java.util.List; +import cn.dev33.satoken.stp.StpUtil; /** * 系统用户 @@ -240,6 +248,9 @@ public class SysUserService implements BaseService{ tSysRoleUserMapper.insertSelective(tSysRoleUser); } } + // 清除此用户角色信息缓存 + StpUtil.getSessionByLoginId(record.getId()).delete("Role_List"); + //修改用户信息 return tsysUserMapper.updateByPrimaryKeySelective(record); } diff --git a/src/main/java/com/fc/v2/service/TSysEmailService.java b/src/main/java/com/fc/v2/service/TSysEmailService.java index 54a7e0fea3a27b4a3296014028a0204f73e0a44b..4e71033c23b99c19d488f1d9e62a53b9c168d563 100644 --- a/src/main/java/com/fc/v2/service/TSysEmailService.java +++ b/src/main/java/com/fc/v2/service/TSysEmailService.java @@ -2,18 +2,20 @@ package com.fc.v2.service; import java.util.Date; import java.util.List; + import org.springframework.beans.factory.annotation.Autowired; import org.springframework.stereotype.Service; -import com.github.pagehelper.PageHelper; -import com.github.pagehelper.PageInfo; + import com.fc.v2.common.base.BaseService; import com.fc.v2.common.support.ConvertUtil; import com.fc.v2.mapper.auto.TSysEmailMapper; import com.fc.v2.model.auto.TSysEmail; import com.fc.v2.model.auto.TSysEmailExample; import com.fc.v2.model.custom.Tablepar; -import com.fc.v2.shiro.util.ShiroUtils; +import com.fc.v2.satoken.SaTokenUtil; import com.fc.v2.util.SnowflakeIdWorker; +import com.github.pagehelper.PageHelper; +import com.github.pagehelper.PageInfo; /** * 电子邮件Service @@ -74,8 +76,8 @@ public class TSysEmailService implements BaseService customFilterMap = new LinkedHashMap<>(); - customFilterMap.put("corsAuthenticationFilter", new CORSAuthenticationFilter()); - shiroFilterFactoryBean.setFilters(customFilterMap); - - return shiroFilterFactoryBean; - } - - /** - * web应用管理配置 - * - * @param shiroRealm - * @param cacheManager - * @param manager - * @return - */ - @Bean - public DefaultWebSecurityManager securityManager(Realm shiroRealm, CacheManager cacheManager, - RememberMeManager manager) { - DefaultWebSecurityManager securityManager = new DefaultWebSecurityManager(); - securityManager.setCacheManager(cacheManager); - securityManager.setRememberMeManager(manager);// 记住Cookie - securityManager.setRealm(shiroRealm); - securityManager.setSessionManager(sessionManager()); - return securityManager; - } -// /** -// * session过期控制 -// * @return -// * @author fuce -// * @Date 2019年11月2日 下午12:49:49 -// */ -// @Bean -// public DefaultWebSessionManager sessionManager() { -// DefaultWebSessionManager defaultWebSessionManager=new DefaultWebSessionManager(); -// // 设置session过期时间3600s -// Long timeout=60L*1000*60;//毫秒级别 -// defaultWebSessionManager.setGlobalSessionTimeout(timeout); -// return defaultWebSessionManager; -// } - - /** - * 自定义的 shiro session 缓存管理器,用于跨域等情况下使用 token 进行验证,不依赖于sessionId - * - * @return - */ - @Bean - public SessionManager sessionManager() { - // 将我们继承后重写的shiro session 注册 - ShiroSession shiroSession = new ShiroSession(); - // 如果后续考虑多tomcat部署应用,可以使用shiro-redis开源插件来做session 的控制,或者nginx 的负载均衡 - EnterpriseCacheSessionDAO sessionDAO = new EnterpriseCacheSessionDAO(); - sessionDAO.setSessionIdGenerator(new UuidSessionIdGenerator()); - shiroSession.setSessionDAO(sessionDAO); - return shiroSession; - } - - /** - * 加密算法 - * - * @return - */ - @Bean - public HashedCredentialsMatcher hashedCredentialsMatcher() { - HashedCredentialsMatcher hashedCredentialsMatcher = new HashedCredentialsMatcher(); - hashedCredentialsMatcher.setHashAlgorithmName("MD5");// 采用MD5 进行加密 - hashedCredentialsMatcher.setHashIterations(1);// 加密次数 - return hashedCredentialsMatcher; - } - - /** - * 记住我的配置 - * - * @return - */ - @Bean - public RememberMeManager rememberMeManager() { - Cookie cookie = new SimpleCookie("rememberMe"); - cookie.setHttpOnly(true);// 通过js脚本将无法读取到cookie信息 - cookie.setMaxAge(60 * 60 * 24);// cookie保存一天 - CookieRememberMeManager manager = new CookieRememberMeManager(); - manager.setCookie(cookie); - return manager; - } - - /** - * 缓存配置 - * - * @return - */ - @Bean - public CacheManager cacheManager() { - MemoryConstrainedCacheManager cacheManager = new MemoryConstrainedCacheManager();// 使用内存缓存 - return cacheManager; - } - - /** - * 配置realm,用于认证和授权 - * - * @param hashedCredentialsMatcher - * @return - */ - @Bean - public AuthorizingRealm shiroRealm(HashedCredentialsMatcher hashedCredentialsMatcher) { - MyShiroRealm shiroRealm = new MyShiroRealm(); - // 校验密码用到的算法 - shiroRealm.setCredentialsMatcher(hashedCredentialsMatcher); - return shiroRealm; - } - - /** - * 启用shiro方言,这样能在页面上使用shiro标签 - * - * @return - */ - @Bean - public ShiroDialect shiroDialect() { - return new ShiroDialect(); - } - - /** - * 启用shiro注解 加入注解的使用,不加入这个注解不生效 - */ - @Bean - public AuthorizationAttributeSourceAdvisor getAuthorizationAttributeSourceAdvisor( - org.apache.shiro.mgt.SecurityManager securityManager) { - AuthorizationAttributeSourceAdvisor advisor = new AuthorizationAttributeSourceAdvisor(); - advisor.setSecurityManager(securityManager); - return advisor; - } - -} diff --git a/src/main/java/com/fc/v2/shiro/config/ShiroFilterMapFactory.java b/src/main/java/com/fc/v2/shiro/config/ShiroFilterMapFactory.java deleted file mode 100644 index 1a3ebeaa2ea686df85d3b74fabc16ccf15c85eb2..0000000000000000000000000000000000000000 --- a/src/main/java/com/fc/v2/shiro/config/ShiroFilterMapFactory.java +++ /dev/null @@ -1,69 +0,0 @@ -package com.fc.v2.shiro.config; - -import java.util.LinkedHashMap; -import java.util.Map; - -/** - * @ClassName: ShiroFilterMapFactory - * @author fuce - * @date 2018年8月26日 - * - */ -public class ShiroFilterMapFactory { - - /** - * anon:例子/admins/**=anon 没有参数,表示可以匿名使用。 - * - * authc:例如/admins/user/**=authc表示需要认证(登录)才能使用,没有参数 - * - * roles(角色):例子/admins/user/**=roles[admin],参数可以写多个,多个时必须加上引号,并且参数之间用逗号分割,当有多个参数时,例如admins/user/**=roles["admin,guest"],每个参数通过才算通过,相当于hasAllRoles()方法。 - * - * perms(权限):例子/admins/user/**=perms[user:add:*],参数可以写多个,多个时必须加上引号,并且参数之间用逗号分割,例如/admins/user/**=perms["user:add:*,user:modify:*"],当有多个参数时必须每个参数都通过才通过,想当于isPermitedAll()方法。 - * - * rest:例子/admins/user/**=rest[user],根据请求的方法,相当于/admins/user/**=perms[user:method] - * ,其中method为post,get,delete等。 - * - * port:例子/admins/user/**=port[8081],当请求的url的端口不是8081是跳转到schemal://serverName:8081?queryString,其中schmal是协议http或https等,serverName是你访问的host,8081是url配置里port的端口,queryString - * - * 是你访问的url里的?后面的参数。 - * - * authcBasic:例如/admins/user/**=authcBasic没有参数表示httpBasic认证 - * - * ssl:例子/admins/user/**=ssl没有参数,表示安全的url请求,协议为https - * - * user:例如/admins/user/**=user没有参数表示必须存在用户,当登入操作时不做检查 - * - */ - - public static Map shiroFilterMap() { -// 设置路径映射,注意这里要用LinkedHashMap 保证有序 - LinkedHashMap filterChainDefinitionMap = new LinkedHashMap<>(); - // 对所有用户认证 - filterChainDefinitionMap.put("/static/**", "anon"); - filterChainDefinitionMap.put("/admin/login", "anon"); - filterChainDefinitionMap.put("/admin/logout", "logout"); - //手机登录 - filterChainDefinitionMap.put("/admin/API/login", "anon"); - // 放验证码 - filterChainDefinitionMap.put("/captcha/**", "anon"); - // 释放 druid 监控画面 - filterChainDefinitionMap.put("/druid/**", "anon"); - // 释放websocket请求 - filterChainDefinitionMap.put("/websocket", "anon"); - // 前端 - filterChainDefinitionMap.put("/", "anon"); - filterChainDefinitionMap.put("/index", "anon"); - // 任务调度暂时放开 - filterChainDefinitionMap.put("/quartz/**", "anon"); - - // 开放APicontroller - filterChainDefinitionMap.put("/ApiController/**", "anon"); - - filterChainDefinitionMap.put("/oss/**", "anon"); - filterChainDefinitionMap.put("/druid/**", "anon"); - - // 对所有页面进行认证 - filterChainDefinitionMap.put("/**", "user"); - return filterChainDefinitionMap; - } -} diff --git a/src/main/java/com/fc/v2/shiro/service/CORSAuthenticationFilter.java b/src/main/java/com/fc/v2/shiro/service/CORSAuthenticationFilter.java deleted file mode 100644 index c2e01f9c610dfdfa0bdd2b7eaa8139e7fb2205de..0000000000000000000000000000000000000000 --- a/src/main/java/com/fc/v2/shiro/service/CORSAuthenticationFilter.java +++ /dev/null @@ -1,55 +0,0 @@ -package com.fc.v2.shiro.service; - -import cn.hutool.json.JSONUtil; -import com.fc.v2.common.domain.AjaxResult; -import org.apache.shiro.web.filter.authc.FormAuthenticationFilter; - -import javax.servlet.ServletRequest; -import javax.servlet.ServletResponse; -import javax.servlet.http.HttpServletRequest; -import javax.servlet.http.HttpServletResponse; -import java.io.PrintWriter; - -/** - * @author :LX - * 创建时间: 2019/5/31. 10:25 - * 地点:广州 - * 目的: 过滤OPTIONS请求 继承shiro 的form表单过滤器,对 - * OPTIONS 请求进行过滤。 前后端分离项目中,由于跨域,会导致复杂请求,即会发送preflighted - * request,这样会导致在GET/POST等请求之前会先发一个OPTIONS请求,但OPTIONS请求并不带shiro - * 的'authToken'字段(shiro的SessionId),即OPTIONS请求不能通过shiro验证,会返回未认证的信息。 - * - *备注说明: 需要在 shiroConfig 进行注册 - */ -public class CORSAuthenticationFilter extends FormAuthenticationFilter { - - /** - * 直接过滤可以访问的请求类型 - */ - private static final String REQUET_TYPE = "OPTIONS"; - - public CORSAuthenticationFilter() { - super(); - } - - @Override - public boolean isAccessAllowed(ServletRequest request, ServletResponse response, Object mappedValue) { - if (((HttpServletRequest) request).getMethod().toUpperCase().equals(REQUET_TYPE)) { - return true; - } - return super.isAccessAllowed(request, response, mappedValue); - } - - @Override - protected boolean onAccessDenied(ServletRequest request, ServletResponse response) throws Exception { - HttpServletResponse res = (HttpServletResponse) response; - res.setHeader("Access-Control-Allow-Origin", "*"); - res.setStatus(HttpServletResponse.SC_OK); - res.setCharacterEncoding("UTF-8"); - PrintWriter writer = res.getWriter(); -// ResultJson resultJson = new ResultJson(Constant.ERROR_CODE_NO_LOGIN, ResultEnum.ERROR.getStatus(), "请先登录系统!", null); - writer.write(JSONUtil.toJsonStr(AjaxResult.error(500, "请先登录系统!"))); - writer.close(); - return false; - } -} \ No newline at end of file diff --git a/src/main/java/com/fc/v2/shiro/service/ExtendRolesAuthorizationFilter.java b/src/main/java/com/fc/v2/shiro/service/ExtendRolesAuthorizationFilter.java deleted file mode 100644 index 5bb0e58c00a70aa7a86180633ad3e0439e814a98..0000000000000000000000000000000000000000 --- a/src/main/java/com/fc/v2/shiro/service/ExtendRolesAuthorizationFilter.java +++ /dev/null @@ -1,40 +0,0 @@ -package com.fc.v2.shiro.service; - -import org.apache.shiro.web.filter.authz.RolesAuthorizationFilter; - -import javax.servlet.http.HttpServletRequest; -import javax.servlet.http.HttpServletResponse; -import java.io.IOException; - -/** - * 通过角色验证权限 - * @ClassName: ExtendRolesAuthorizationFilter - * @author fuce - * @date 2018年8月26日 - * - */ -public class ExtendRolesAuthorizationFilter extends RolesAuthorizationFilter{ - - public boolean isAccessAllowed(HttpServletRequest request, HttpServletResponse response, Object mappedValue) throws IOException { -// -// System.out.println(ExtendRolesAuthorizationFilter.class.toString()); -// Subject subject = getSubject(request, response); -// String[] rolesArray = (String[]) mappedValue; -// -// if (rolesArray == null || rolesArray.length == 0) { -// //no roles specified, so nothing to check - allow access. -// return true; -// } -// //AbstractFilter -// Set roles = CollectionUtils.asSet(rolesArray); -// -// boolean flag=false; -// for(String role: roles){ -// if(subject.hasRole(role)){ -// flag=true; -// break; -// } -// } - return true; - } -} diff --git a/src/main/java/com/fc/v2/shiro/service/MyShiroRealm.java b/src/main/java/com/fc/v2/shiro/service/MyShiroRealm.java deleted file mode 100644 index ab265f1693bc9b0a7bbc1caf810ad69480b473bc..0000000000000000000000000000000000000000 --- a/src/main/java/com/fc/v2/shiro/service/MyShiroRealm.java +++ /dev/null @@ -1,116 +0,0 @@ -package com.fc.v2.shiro.service; - -import com.fc.v2.mapper.custom.PermissionDao; -import com.fc.v2.mapper.custom.RoleDao; -import com.fc.v2.mapper.custom.TsysUserDao; -import com.fc.v2.model.auto.TsysPermission; -import com.fc.v2.model.auto.TsysRole; -import com.fc.v2.model.auto.TsysUser; -import com.fc.v2.util.StringUtils; -import org.apache.shiro.SecurityUtils; -import org.apache.shiro.authc.AuthenticationException; -import org.apache.shiro.authc.AuthenticationInfo; -import org.apache.shiro.authc.AuthenticationToken; -import org.apache.shiro.authc.SimpleAuthenticationInfo; -import org.apache.shiro.authz.AuthorizationException; -import org.apache.shiro.authz.AuthorizationInfo; -import org.apache.shiro.authz.SimpleAuthorizationInfo; -import org.apache.shiro.realm.AuthorizingRealm; -import org.apache.shiro.subject.PrincipalCollection; -import org.springframework.beans.factory.annotation.Autowired; -import org.springframework.stereotype.Service; - -import java.util.List; - -/** - * 身份校验核心类 - * - * @ClassName: MyShiroRealm - * @author fuce - * @date 2018年8月25日 - * - */ -@Service -public class MyShiroRealm extends AuthorizingRealm { - - @Autowired - private TsysUserDao tsysUserDao; - - @Autowired - private PermissionDao permissionDao;//权限dao - - @Autowired - private RoleDao roleDao ;//角色dao - - - /** - * 认证登陆 - */ - @SuppressWarnings("unused") - @Override - protected AuthenticationInfo doGetAuthenticationInfo( - AuthenticationToken token) throws AuthenticationException { - - //加这一步的目的是在Post请求的时候会先进认证,然后在到请求 - if (token.getPrincipal() == null) { - return null; - } - String username = (String) token.getPrincipal(); - String password = new String((char[]) token.getCredentials()); - // 通过username从数据库中查找 User对象,如果找到,没找到. - // 实际项目中,这里可以根据实际情况做缓存,如果不做,Shiro自己也是有时间间隔机制,2分钟内不会重复执行该方法 - TsysUser userInfo = tsysUserDao.queryUserName(username); -// System.out.println(userInfo); -// System.out.println("----->>userInfo=" + userInfo.getUsername() + "---"+ userInfo.getPassword()); - if (userInfo == null) - return null; - else{ - SimpleAuthenticationInfo authenticationInfo = new SimpleAuthenticationInfo( - userInfo, // 用户对象 - userInfo.getPassword(), // 密码 - getName() // realm name - ); - return authenticationInfo; - } - - } - - /** - * 授权查询回调函数, 进行鉴权但缓存中无用户的授权信息时调用. - */ - @Override - protected AuthorizationInfo doGetAuthorizationInfo(PrincipalCollection principals) { - //System.out.println("权限配置-->MyShiroRealm.doGetAuthorizationInfo()"); - if(principals == null){ - throw new AuthorizationException("principals should not be null"); - } - SimpleAuthorizationInfo authorizationInfo = new SimpleAuthorizationInfo(); - TsysUser userinfo = (TsysUser)principals.getPrimaryPrincipal(); - String uid=userinfo.getId(); - List tsysRoles= roleDao.queryUserRole(uid); - for(TsysRole userrole:tsysRoles){ - //System.out.println("角色名字:"+gson.toJson(userrole)); - String rolid=userrole.getId();//角色id - authorizationInfo.addRole(userrole.getName());//添加角色名字 - List permissions=permissionDao.queryRoleId(rolid); - for(TsysPermission p:permissions){ - //System.out.println("角色下面的权限:"+gson.toJson(p)); - if(StringUtils.isNotEmpty(p.getPerms())){ - authorizationInfo.addStringPermission(p.getPerms()); - } - - } - } - - return authorizationInfo; - } - - /** - * 清理缓存权限 - */ - public void clearCachedAuthorizationInfo() - { - this.clearCachedAuthorizationInfo(SecurityUtils.getSubject().getPrincipals()); - } - -} diff --git a/src/main/java/com/fc/v2/shiro/service/ShiroSession.java b/src/main/java/com/fc/v2/shiro/service/ShiroSession.java deleted file mode 100644 index 80e2c41a1ad8f4c0d485dfcce27073ec9c5d5c92..0000000000000000000000000000000000000000 --- a/src/main/java/com/fc/v2/shiro/service/ShiroSession.java +++ /dev/null @@ -1,67 +0,0 @@ -package com.fc.v2.shiro.service; - -import org.apache.shiro.web.servlet.ShiroHttpServletRequest; -import org.apache.shiro.web.session.mgt.DefaultWebSessionManager; -import org.apache.shiro.web.util.WebUtils; -import cn.hutool.core.util.StrUtil; -import javax.servlet.ServletRequest; -import javax.servlet.ServletResponse; -import java.io.Serializable; - -/** - * 原文链接:https://my.oschina.net/sprouting/blog/3059282 - * - * @author :LX - * 创建时间: 2019/5/30. 18:08 - * 地点:广州 - * 目的: shiro 的 session 管理 - * 自定义session规则,实现前后分离,在跨域等情况下使用token 方式进行登录验证才需要,否则没必须使用本类。 shiro默认使用 - * ServletContainerSessionManager 来做 session 管理,它是依赖于浏览器的 cookie 来维护 - * session 的,调用 storeSessionId 方法保存sesionId 到 cookie中 为了支持无状态会话,我们就需要继承 - * DefaultWebSessionManager 自定义生成sessionId 则要实现 SessionIdGenerator - * 备注说明: - */ -public class ShiroSession extends DefaultWebSessionManager { - - /** - * 定义的请求头中使用的标记key,用来传递 token - */ - private static final String AUTH_TOKEN = "authToken"; - - private static final String REFERENCED_SESSION_ID_SOURCE = "Stateless request"; - - public ShiroSession() { - super(); - // 设置 shiro session 失效时间,默认为30分钟,这里现在设置为15分钟 - setGlobalSessionTimeout(MILLIS_PER_MINUTE * 30); - } - - /** - * 获取sessionId,原本是根据sessionKey来获取一个sessionId - * 重写的部分多了一个把获取到的token设置到request的部分。这是因为app调用登陆接口的时候,是没有token的,登陆成功后,产生了token,我们把它放到request中,返回结 - * 果给客户端的时候,把它从request中取出来,并且传递给客户端,客户端每次带着这个token过来,就相当于是浏览器的cookie的作用,也就能维护会话了 - * - * @param request - * @param response - * @return - */ - @Override - protected Serializable getSessionId(ServletRequest request, ServletResponse response) { - // 获取请求头中的 AUTH_TOKEN 的值,如果请求头中有 AUTH_TOKEN 则其值为sessionId。shiro就是通过sessionId - // 来控制的 - String sessionId = WebUtils.toHttp(request).getHeader(AUTH_TOKEN); - if (StrUtil.isEmpty(sessionId)) { - // 如果没有携带id参数则按照父类的方式在cookie进行获取sessionId - return super.getSessionId(request, response); - - } else { - // 请求头中如果有 authToken, 则其值为sessionId - request.setAttribute(ShiroHttpServletRequest.REFERENCED_SESSION_ID_SOURCE, REFERENCED_SESSION_ID_SOURCE); - // sessionId - request.setAttribute(ShiroHttpServletRequest.REFERENCED_SESSION_ID, sessionId); - request.setAttribute(ShiroHttpServletRequest.REFERENCED_SESSION_ID_IS_VALID, Boolean.TRUE); - return sessionId; - } - } - -} diff --git a/src/main/java/com/fc/v2/shiro/service/URLPermissionsFilter.java b/src/main/java/com/fc/v2/shiro/service/URLPermissionsFilter.java deleted file mode 100644 index ae875aeaee3a245de02547438bd3d23e536ed28d..0000000000000000000000000000000000000000 --- a/src/main/java/com/fc/v2/shiro/service/URLPermissionsFilter.java +++ /dev/null @@ -1,47 +0,0 @@ -/** -* @Title: URLPermissionsFilter.java -* @Package com.fc.v2.shiro.service -* @author Administrator -* @date 2018年8月26日 -* @version V1.0 -*/ -package com.fc.v2.shiro.service; - -import org.apache.shiro.web.filter.authz.PermissionsAuthorizationFilter; - -import javax.servlet.http.HttpServletRequest; -import javax.servlet.http.HttpServletResponse; -import java.io.IOException; - -/** - * 通过字符串验证权限 - * @ClassName: URLPermissionsFilter - * @author fuce - * @date 2018年8月26日 - * - */ -public class URLPermissionsFilter extends PermissionsAuthorizationFilter { - /** - * mappedValue 访问该url时需要的权限 - * subject.isPermitted 判断访问的用户是否拥有mappedValue权限 - * 重写拦截器,只要符合配置的一个权限,即可通过 - */ - public boolean isAccessAllowed(HttpServletRequest request, HttpServletResponse response, Object mappedValue) - throws IOException { - /*System.out.println(URLPermissionsFilter.class.toString()); - Subject subject = getSubject(request, response); - // DefaultFilterChainManager - // PathMatchingFilterChainResolver - String[] perms = (String[]) mappedValue; - boolean isPermitted = false; - if (perms != null && perms.length > 0) { - for (String str : perms) { - if (subject.isPermitted(str)) { - isPermitted = true; - } - } - }*/ - - return true; - } -} diff --git a/src/main/java/com/fc/v2/shiro/service/UuidSessionIdGenerator.java b/src/main/java/com/fc/v2/shiro/service/UuidSessionIdGenerator.java deleted file mode 100644 index aed189bca3973f635b30f445121081c2edbfab38..0000000000000000000000000000000000000000 --- a/src/main/java/com/fc/v2/shiro/service/UuidSessionIdGenerator.java +++ /dev/null @@ -1,18 +0,0 @@ -package com.fc.v2.shiro.service; - -import org.apache.shiro.session.Session; -import org.apache.shiro.session.mgt.eis.JavaUuidSessionIdGenerator; -import org.apache.shiro.session.mgt.eis.SessionIdGenerator; - -import java.io.Serializable; - -public class UuidSessionIdGenerator implements SessionIdGenerator { - - @Override - public Serializable generateId(Session session) { - // TODO Auto-generated method stub - Serializable uuid = new JavaUuidSessionIdGenerator().generateId(session); - return uuid; - } - -} diff --git a/src/main/java/com/fc/v2/shiro/util/ShiroUtils.java b/src/main/java/com/fc/v2/shiro/util/ShiroUtils.java deleted file mode 100644 index 0472368c267ff07ec8f472f98735b0b8950de3dd..0000000000000000000000000000000000000000 --- a/src/main/java/com/fc/v2/shiro/util/ShiroUtils.java +++ /dev/null @@ -1,153 +0,0 @@ -package com.fc.v2.shiro.util; - -import org.apache.shiro.SecurityUtils; -import org.apache.shiro.mgt.RealmSecurityManager; -import org.apache.shiro.session.Session; -import org.apache.shiro.subject.PrincipalCollection; -import org.apache.shiro.subject.SimplePrincipalCollection; -import org.apache.shiro.subject.Subject; -import com.fc.v2.model.auto.TsysUser; -import com.fc.v2.shiro.service.MyShiroRealm; -import com.fc.v2.util.BeanUtils; -import com.fc.v2.util.StringUtils; - - -/** - * shiro 工具类 - * - * @author fuce - */ -public class ShiroUtils { - - private ShiroUtils(){} - - /** - * 获取shiro subject - * @return - * @author fuce - * @Date 2019年11月21日 上午10:00:55 - */ - public static Subject getSubjct() - { - return SecurityUtils.getSubject(); - } - - /** - * 获取登录session - * @return - * @author fuce - * @Date 2019年11月21日 上午10:00:41 - */ - public static Session getSession() - { - return SecurityUtils.getSubject().getSession(); - } - - /** - * 退出登录 - * @author fuce - * @Date 2019年11月21日 上午10:00:24 - */ - public static void logout() - { - getSubjct().logout(); - } - - /** - * 获取登录用户model - * @return - * @author fuce - * @Date 2019年11月21日 上午10:00:10 - */ - public static TsysUser getUser() - { - TsysUser user = null; - Object obj = getSubjct().getPrincipal(); - if (StringUtils.isNotNull(obj)) - { - user = new TsysUser(); - BeanUtils.copyBeanProp(user, obj); - } - return user; - } - - /** - * set用户 - * @param user - * @author fuce - * @Date 2019年11月21日 上午9:59:52 - */ - public static void setUser(TsysUser user) - { - Subject subject = getSubjct(); - PrincipalCollection principalCollection = subject.getPrincipals(); - String realmName = principalCollection.getRealmNames().iterator().next(); - PrincipalCollection newPrincipalCollection = new SimplePrincipalCollection(user, realmName); - // 重新加载Principal - subject.runAs(newPrincipalCollection); - } - - /** - * 清除授权信息 - * @author fuce - * @Date 2019年11月21日 上午9:59:37 - */ - public static void clearCachedAuthorizationInfo() - { - RealmSecurityManager rsm = (RealmSecurityManager) SecurityUtils.getSecurityManager(); - MyShiroRealm realm = (MyShiroRealm) rsm.getRealms().iterator().next(); - realm.clearCachedAuthorizationInfo(); - } - - /** - * 获取登录用户id - * @return - * @author fuce - * @Date 2019年11月21日 上午9:58:55 - */ - public static String getUserId() - { - TsysUser tsysUser = getUser(); - if (tsysUser == null || tsysUser.getId() == null){ - throw new RuntimeException("用户不存在!"); - } - return tsysUser.getId().trim(); - } - - /** - * 获取登录用户name - * @return - * @author fuce - * @Date 2019年11月21日 上午9:58:48 - */ - public static String getLoginName() - { - TsysUser tsysUser = getUser(); - if (tsysUser == null){ - throw new RuntimeException("用户不存在!"); - } - return tsysUser.getUsername(); - } - - /** - * 获取登录用户ip - * @return - * @author fuce - * @Date 2019年11月21日 上午9:58:26 - */ - public static String getIp() - { - return getSubjct().getSession().getHost(); - } - - /** - * 获取登录用户sessionid - * @return - * @author fuce - * @Date 2019年11月21日 上午9:58:37 - */ - public static String getSessionId() - { - return String.valueOf(getSubjct().getSession().getId()); - } -} diff --git a/src/main/java/com/fc/v2/util/ServletUtils.java b/src/main/java/com/fc/v2/util/ServletUtils.java index 8d9cee8f5ecb30de3481c4fbcc17ab5f6852d5a1..01317f7956257d3222a726d4256c78143a4b71c7 100644 --- a/src/main/java/com/fc/v2/util/ServletUtils.java +++ b/src/main/java/com/fc/v2/util/ServletUtils.java @@ -9,6 +9,8 @@ import javax.servlet.http.HttpSession; import org.springframework.web.context.request.RequestAttributes; import org.springframework.web.context.request.RequestContextHolder; import org.springframework.web.context.request.ServletRequestAttributes; + +import cn.dev33.satoken.util.SaFoxUtil; import cn.hutool.core.convert.Convert; /** @@ -136,4 +138,24 @@ public class ServletUtils return false; } + + + private static boolean checkIp(String ip) { + return !SaFoxUtil.isEmpty(ip) && !"unknown".equalsIgnoreCase(ip); + } + + /** + * 返回请求端的IP地址 + * @param request / + * @return ip + */ + public static String getIP(HttpServletRequest request) { + String ip = request.getHeader("x-forwarded-for"); + ip = checkIp(ip) ? ip : ( + checkIp(ip = request.getHeader("Proxy-Client-IP")) ? ip : ( + checkIp(ip = request.getHeader("WL-Proxy-Client-IP")) ? ip : + request.getRemoteAddr())); + return ip.equals("0:0:0:0:0:0:0:1") ? "127.0.0.1" : ip; + } + } diff --git a/src/main/resources/application.yml b/src/main/resources/application.yml index 7145aa220953c7e6561bc4e62343c5e44b11a017..4df8968cfec4d10ed0512260871f034a6f1004a3 100644 --- a/src/main/resources/application.yml +++ b/src/main/resources/application.yml @@ -27,7 +27,7 @@ server : # context-path : /demo tomcat : uri-encoding : UTF-8 - #shiro 报错修改的地方 + #xx 报错修改的地方 max-connections: 200000 max-http-form-post-size: 9000000 threads: @@ -45,7 +45,7 @@ spring : max-request-size: 100MB #单个文件大小 maxFileSize : 30MB - #shiro 报错修改的地方 + #xx 报错修改的地方 max-connections: 200000 max-http-post-size: 9000000 #热部署模块 diff --git a/src/main/resources/auto_code/controller/EntityController.java.vm b/src/main/resources/auto_code/controller/EntityController.java.vm index 7cb86889f9f02880a1f4027103b9bf0c6b59645c..379dc4bf7a48f9d846cfa2f34d218e2d6c20c7c4 100644 --- a/src/main/resources/auto_code/controller/EntityController.java.vm +++ b/src/main/resources/auto_code/controller/EntityController.java.vm @@ -9,7 +9,7 @@ import ${parentPack}.service.${tableInfo.javaTableName}Service; import com.github.pagehelper.PageInfo; import io.swagger.annotations.Api; import io.swagger.annotations.ApiOperation; -import org.apache.shiro.authz.annotation.RequiresPermissions; +import cn.dev33.satoken.annotation.SaCheckPermission; import org.springframework.beans.factory.annotation.Autowired; import org.springframework.stereotype.Controller; import org.springframework.ui.ModelMap; @@ -54,7 +54,7 @@ public class ${tableInfo.javaTableName}Controller extends BaseController{ */ @ApiOperation(value = "分页跳转", notes = "分页跳转") @GetMapping("/view") - @RequiresPermissions("gen:${tableInfo.javaTableName_a}:view") + @SaCheckPermission("gen:${tableInfo.javaTableName_a}:view") #if($isupload==true) @OssConfig #end @@ -72,7 +72,7 @@ public class ${tableInfo.javaTableName}Controller extends BaseController{ //@Log(title = "${tableInfo.tableComment}", action = "111") @ApiOperation(value = "分页跳转", notes = "分页跳转") @GetMapping("/list") - @RequiresPermissions("gen:${tableInfo.javaTableName_a}:list") + @SaCheckPermission("gen:${tableInfo.javaTableName_a}:list") @ResponseBody public ResultTable list(Tablepar tablepar,${tableInfo.javaTableName} ${tableInfo.javaTableName_a}){ PageInfo<${tableInfo.javaTableName}> page=${tableInfo.javaTableName_a}Service.list(tablepar,${tableInfo.javaTableName_a}) ; @@ -100,7 +100,7 @@ public class ${tableInfo.javaTableName}Controller extends BaseController{ //@Log(title = "${tableInfo.tableComment}新增", action = "111") @ApiOperation(value = "新增", notes = "新增") @PostMapping("/add") - @RequiresPermissions("gen:${tableInfo.javaTableName_a}:add") + @SaCheckPermission("gen:${tableInfo.javaTableName_a}:add") @ResponseBody public AjaxResult add(${tableInfo.javaTableName} ${tableInfo.javaTableName_a}){ int b=${tableInfo.javaTableName_a}Service.insertSelective(${tableInfo.javaTableName_a}); @@ -119,7 +119,7 @@ public class ${tableInfo.javaTableName}Controller extends BaseController{ //@Log(title = "${tableInfo.tableComment}删除", action = "111") @ApiOperation(value = "删除", notes = "删除") @DeleteMapping("/remove") - @RequiresPermissions("gen:${tableInfo.javaTableName_a}:remove") + @SaCheckPermission("gen:${tableInfo.javaTableName_a}:remove") @ResponseBody public AjaxResult remove(String ids){ int b=${tableInfo.javaTableName_a}Service.deleteByPrimaryKey(ids); @@ -154,7 +154,7 @@ public class ${tableInfo.javaTableName}Controller extends BaseController{ */ //@Log(title = "${tableInfo.tableComment}修改", action = "111") @ApiOperation(value = "修改保存", notes = "修改保存") - @RequiresPermissions("gen:${tableInfo.javaTableName_a}:edit") + @SaCheckPermission("gen:${tableInfo.javaTableName_a}:edit") @PostMapping("/edit") @ResponseBody public AjaxResult editSave(${tableInfo.javaTableName} ${tableInfo.javaTableName_a}) diff --git a/src/main/resources/auto_code/html/list.html.vm b/src/main/resources/auto_code/html/list.html.vm index 39bf1516c2c1e44efe25e31d7c3b6b64b3619867..238137bf76a2fc55e505075541dd7ce186b80218 100644 --- a/src/main/resources/auto_code/html/list.html.vm +++ b/src/main/resources/auto_code/html/list.html.vm @@ -1,5 +1,5 @@ - + @@ -32,21 +32,21 @@ diff --git a/src/main/resources/mybatis/custom/TsysPremissionMapper.xml b/src/main/resources/mybatis/custom/TsysPremissionMapper.xml index 114b4c4c95c3d68940a741dbabfa4c71d1b3e5c6..477b929e22bd1290536ee6527b5aa860cee67963 100644 --- a/src/main/resources/mybatis/custom/TsysPremissionMapper.xml +++ b/src/main/resources/mybatis/custom/TsysPremissionMapper.xml @@ -38,6 +38,13 @@ + + \ No newline at end of file diff --git a/src/main/resources/mybatis/custom/TsysRoleMapper.xml b/src/main/resources/mybatis/custom/TsysRoleMapper.xml index 82227eeac7aedbe2f2cd8e49a4c06c1e3bbc110b..75102a216cc03b5fd85feadfcd0ad8600f8683de 100644 --- a/src/main/resources/mybatis/custom/TsysRoleMapper.xml +++ b/src/main/resources/mybatis/custom/TsysRoleMapper.xml @@ -6,12 +6,20 @@ - - id, name - - select r.id,r.name from t_sys_role r LEFT JOIN t_sys_role_user ru ON r.id=ru.sys_role_id where ru.sys_user_id=#{userid} - + + + + \ No newline at end of file diff --git a/src/main/resources/templates/admin/dict_data/list.html b/src/main/resources/templates/admin/dict_data/list.html index 49a055cf130331c67d424bbfad368259b3c005e1..1ec872d2c3c483e2589c7204a3521c4ca3811cb4 100644 --- a/src/main/resources/templates/admin/dict_data/list.html +++ b/src/main/resources/templates/admin/dict_data/list.html @@ -1,5 +1,5 @@ - + @@ -32,25 +32,25 @@ diff --git a/src/main/resources/templates/admin/dict_type/list.html b/src/main/resources/templates/admin/dict_type/list.html index ffefe3f256985302265ef25f3430f77cb148b75e..ffc98971c3bf48c44b95a160405bb1cd44982535 100644 --- a/src/main/resources/templates/admin/dict_type/list.html +++ b/src/main/resources/templates/admin/dict_type/list.html @@ -1,5 +1,5 @@ - + @@ -32,11 +32,11 @@ diff --git a/src/main/resources/templates/admin/email/list.html b/src/main/resources/templates/admin/email/list.html index 21f0cfffeb4b73f6de65f9d9c60ec8ad648b5b07..44d4319c3cef0c3d2b6a0df9386d740a02078ee7 100644 --- a/src/main/resources/templates/admin/email/list.html +++ b/src/main/resources/templates/admin/email/list.html @@ -1,5 +1,5 @@ - + @@ -32,11 +32,11 @@ diff --git a/src/main/resources/templates/admin/permission/list.html b/src/main/resources/templates/admin/permission/list.html index a2d46002a263f68b69098589f0f62a98186e24f2..66681a4f6e3311a8895a0562c06df2a35ed75c1e 100644 --- a/src/main/resources/templates/admin/permission/list.html +++ b/src/main/resources/templates/admin/permission/list.html @@ -1,5 +1,5 @@ - + @@ -31,20 +31,20 @@ diff --git a/src/main/resources/templates/admin/province/list.html b/src/main/resources/templates/admin/province/list.html index 534c7c3ac18af9c0b73d3c946f73d009f20943e4..f745f7a2beae42bc68197256863dac12ae81af1a 100644 --- a/src/main/resources/templates/admin/province/list.html +++ b/src/main/resources/templates/admin/province/list.html @@ -1,5 +1,5 @@ - + diff --git a/src/main/resources/templates/admin/province/sysArea/list.html b/src/main/resources/templates/admin/province/sysArea/list.html index 68b0329d99130be697ae94af9ce4ebc077a955ac..f38ccc9258a8e2eb925f97de78ca4a551ffda1ba 100644 --- a/src/main/resources/templates/admin/province/sysArea/list.html +++ b/src/main/resources/templates/admin/province/sysArea/list.html @@ -1,5 +1,5 @@ - + @@ -32,11 +32,11 @@ diff --git a/src/main/resources/templates/admin/province/sysProvince/list.html b/src/main/resources/templates/admin/province/sysProvince/list.html index 53fa833f390d49fe7aadde457c9a1ca821c79e0f..4bf0d60b4676dcc6c7d8168305705670c2b612d0 100644 --- a/src/main/resources/templates/admin/province/sysProvince/list.html +++ b/src/main/resources/templates/admin/province/sysProvince/list.html @@ -1,5 +1,5 @@ - + @@ -32,11 +32,11 @@ diff --git a/src/main/resources/templates/admin/sysDepartment/list.html b/src/main/resources/templates/admin/sysDepartment/list.html index 3778268c766e7877ee8a4f164b3f8d52a19c00cd..0205dd9021646d2afdbc11e61ac38e1836aec9a4 100644 --- a/src/main/resources/templates/admin/sysDepartment/list.html +++ b/src/main/resources/templates/admin/sysDepartment/list.html @@ -1,5 +1,5 @@ - + @@ -31,20 +31,20 @@ diff --git a/src/main/resources/templates/admin/sysInterUrl/list.html b/src/main/resources/templates/admin/sysInterUrl/list.html index 501ef14f404723125720497266b303fa55cef97e..9ba5d20a706fd3ce602889ca10d1154392532951 100644 --- a/src/main/resources/templates/admin/sysInterUrl/list.html +++ b/src/main/resources/templates/admin/sysInterUrl/list.html @@ -1,5 +1,5 @@ - + @@ -32,11 +32,11 @@ diff --git a/src/main/resources/templates/admin/user/list.html b/src/main/resources/templates/admin/user/list.html index e324acf51c2f7f17065e1a3deddfcd6eaad3b7af..6e7b7557097549ecca15be809f129c0931cae600 100644 --- a/src/main/resources/templates/admin/user/list.html +++ b/src/main/resources/templates/admin/user/list.html @@ -1,5 +1,5 @@ - + @@ -32,11 +32,11 @@