ruoyi
/
RuoYi
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

权限功能完善

This commit is contained in:
RuoYi 2018-02-23 16:01:46 +08:00
parent e23b549197
commit e9ac8ab9b8
21 changed files with 413 additions and 122 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

46
new_intall_20180222.sql
View File

@ -105,32 +105,32 @@ create table sys_menu (
insert into sys_menu values('1', '系统管理', '0', '1', '#', 'M', '0', 'system', 'fa fa-gear', '2018-01-01', '', 'system', '系统管理目录');
insert into sys_menu values('2', '系统监控', '0', '2', '#', 'M', '0', 'monitor', 'fa fa-video-camera', '2018-01-01', '', 'system', '系统监控目录');
-- 二级菜单
insert into sys_menu values('3', '用户管理', '1', '1', '/system/userView.action', 'C', '0', 'system:user', '#', '2018-01-01', '', 'system', '用户管理菜单');
insert into sys_menu values('4', '角色管理', '1', '2', '/system/roleView.action', 'C', '0', 'system:role', '#', '2018-01-01', '', 'system', '角色管理菜单');
insert into sys_menu values('5', '菜单管理', '1', '3', '/system/menuView.action', 'C', '0', 'system:menu', '#', '2018-01-01', '', 'system', '菜单管理菜单');
insert into sys_menu values('6', '操作日志', '1', '4', '/system/operlogView.action', 'C', '0', 'system:operlog', '#', '2018-01-01', '', 'system', '操作日志菜单');
insert into sys_menu values('7', '登录日志', '1', '5', '/system/userlogView.action', 'C', '0', 'system:userlog', '#', '2018-01-01', '', 'system', '登录日志菜单');
insert into sys_menu values('8', '数据监控', '2', '1', '/monitor/druid/index.html', 'C', '0', 'monitor:druid', '#', '2018-01-01', '', 'system', '数据监控菜单');
insert into sys_menu values('3', '用户管理', '1', '1', '/system/user/userList', 'C', '0', 'system:user:list', '#', '2018-01-01', '', 'system', '用户管理菜单');
insert into sys_menu values('4', '角色管理', '1', '2', '/system/role/roleList', 'C', '0', 'system:role:list', '#', '2018-01-01', '', 'system', '角色管理菜单');
insert into sys_menu values('5', '菜单管理', '1', '3', '/system/menu/menuList', 'C', '0', 'system:menu:list', '#', '2018-01-01', '', 'system', '菜单管理菜单');
insert into sys_menu values('6', '操作日志', '1', '4', '/system/operlog/operlogList', 'C', '0', 'system:operlog:list', '#', '2018-01-01', '', 'system', '操作日志菜单');
insert into sys_menu values('7', '登录日志', '1', '5', '/system/userlog/userlogList', 'C', '0', 'system:userlog:list', '#', '2018-01-01', '', 'system', '登录日志菜单');
insert into sys_menu values('8', '数据监控', '2', '1', '/monitor/druid/index.html', 'C', '0', 'monitor:druid:list', '#', '2018-01-01', '', 'system', '数据监控菜单');
--- 三级用户按钮
insert into sys_menu values('9', '用户新增', '3', '1', '/system/user/add.action', 'F', '0', 'sys:user:add', '#', '2018-01-01', '', 'system', '用户管理新增按钮');
insert into sys_menu values('10', '用户修改', '3', '2', '/system/user/update.action', 'F', '0', 'sys:user:update', '#', '2018-01-01', '', 'system', '用户管理修改按钮');
insert into sys_menu values('11', '用户删除', '3', '3', '/system/user/delete.action', 'F', '0', 'sys:user:delete', '#', '2018-01-01', '', 'system', '用户管理删除按钮');
insert into sys_menu values('12', '用户查询', '3', '4', '/system/user/select.action', 'F', '0', 'sys:user:select', '#', '2018-01-01', '', 'system', '用户管理查询按钮');
insert into sys_menu values('13', '密码修改', '3', '5', '/system/user/pwdUpdate.action', 'F', '0', 'sys:user:pwdUpdate', '#', '2018-01-01', '', 'system', '用户密码修改按钮');
insert into sys_menu values('9', '用户新增', '3', '1', '/system/user/add', 'F', '0', 'sys:user:add', '#', '2018-01-01', '', 'system', '用户管理新增按钮');
insert into sys_menu values('10', '用户修改', '3', '2', '/system/user/update', 'F', '0', 'sys:user:update', '#', '2018-01-01', '', 'system', '用户管理修改按钮');
insert into sys_menu values('11', '用户删除', '3', '3', '/system/user/delete', 'F', '0', 'sys:user:delete', '#', '2018-01-01', '', 'system', '用户管理删除按钮');
insert into sys_menu values('12', '用户查询', '3', '4', '/system/user/select', 'F', '0', 'sys:user:select', '#', '2018-01-01', '', 'system', '用户管理查询按钮');
insert into sys_menu values('13', '密码修改', '3', '5', '/system/user/pwdUpdate', 'F', '0', 'sys:user:pwdUpdate', '#', '2018-01-01', '', 'system', '用户密码修改按钮');
--- 三级角色按钮
insert into sys_menu values('14', '角色新增', '4', '1', '/system/role/add.action', 'F', '0', 'sys:role:add', '#', '2018-01-01', '', 'system', '角色管理新增按钮');
insert into sys_menu values('15', '角色修改', '4', '2', '/system/role/update.action', 'F', '0', 'sys:role:update', '#', '2018-01-01', '', 'system', '角色管理修改按钮');
insert into sys_menu values('16', '角色删除', '4', '3', '/system/role/delete.action', 'F', '0', 'sys:role:delete', '#', '2018-01-01', '', 'system', '角色管理删除按钮');
insert into sys_menu values('17', '角色查询', '4', '4', '/system/role/select.action', 'F', '0', 'sys:role:select', '#', '2018-01-01', '', 'system', '角色管理查询按钮');
insert into sys_menu values('18', '角色授权', '4', '5', '/system/role/auth.action', 'F', '0', 'sys:role:auth', '#', '2018-01-01', '', 'system', '角色管理授权按钮');
insert into sys_menu values('14', '角色新增', '4', '1', '/system/role/add', 'F', '0', 'sys:role:add', '#', '2018-01-01', '', 'system', '角色管理新增按钮');
insert into sys_menu values('15', '角色修改', '4', '2', '/system/role/update', 'F', '0', 'sys:role:update', '#', '2018-01-01', '', 'system', '角色管理修改按钮');
insert into sys_menu values('16', '角色删除', '4', '3', '/system/role/delete', 'F', '0', 'sys:role:delete', '#', '2018-01-01', '', 'system', '角色管理删除按钮');
insert into sys_menu values('17', '角色查询', '4', '4', '/system/role/select', 'F', '0', 'sys:role:select', '#', '2018-01-01', '', 'system', '角色管理查询按钮');
insert into sys_menu values('18', '角色授权', '4', '5', '/system/role/auth', 'F', '0', 'sys:role:auth', '#', '2018-01-01', '', 'system', '角色管理授权按钮');
--- 三级菜单按钮
insert into sys_menu values('19', '菜单新增', '5', '1', '/system/role/add.action', 'F', '0', 'sys:menu:add', '#', '2018-01-01', '', 'system', '菜单管理新增按钮');
insert into sys_menu values('20', '菜单修改', '5', '2', '/system/role/update.action', 'F', '0', 'sys:menu:update', '#', '2018-01-01', '', 'system', '菜单管理修改按钮');
insert into sys_menu values('21', '菜单删除', '5', '3', '/system/role/delete.action', 'F', '0', 'sys:menu:delete', '#', '2018-01-01', '', 'system', '菜单管理删除按钮');
insert into sys_menu values('22', '菜单查询', '5', '4', '/system/role/select.action', 'F', '0', 'sys:menu:select', '#', '2018-01-01', '', 'system', '菜单管理查询按钮');
insert into sys_menu values('19', '菜单新增', '5', '1', '/system/menu/add', 'F', '0', 'sys:menu:add', '#', '2018-01-01', '', 'system', '菜单管理新增按钮');
insert into sys_menu values('20', '菜单修改', '5', '2', '/system/menu/update', 'F', '0', 'sys:menu:update', '#', '2018-01-01', '', 'system', '菜单管理修改按钮');
insert into sys_menu values('21', '菜单删除', '5', '3', '/system/menu/delete', 'F', '0', 'sys:menu:delete', '#', '2018-01-01', '', 'system', '菜单管理删除按钮');
insert into sys_menu values('22', '菜单查询', '5', '4', '/system/menu/select', 'F', '0', 'sys:menu:select', '#', '2018-01-01', '', 'system', '菜单管理查询按钮');
--- 三级日志按钮
insert into sys_menu values('23', '操作日志查询', '4', '5', '/system/operlog/auth.action', 'F', '0', 'sys:operlog:select', '#', '2018-01-01', '', 'system', '操作日志查询按钮');
insert into sys_menu values('24', '登录日志查询', '4', '5', '/system/userlog/auth.action', 'F', '0', 'sys:userlog:select', '#', '2018-01-01', '', 'system', '登录日志查询按钮');
insert into sys_menu values('23', '操作日志查询', '4', '5', '/system/operlog/auth', 'F', '0', 'sys:operlog:select', '#', '2018-01-01', '', 'system', '操作日志查询按钮');
insert into sys_menu values('24', '登录日志查询', '4', '5', '/system/userlog/auth', 'F', '0', 'sys:userlog:select', '#', '2018-01-01', '', 'system', '登录日志查询按钮');
-- ----------------------------
@ -191,7 +191,7 @@ create table oper_log (
primary key (operid)
) engine=innodb auto_increment=100 default charset=utf8;
insert into oper_log values(1, 'admin', '2018-01-01', '系统管理-启用/停用-用户', 'delete.do?id=1', '127.0.0.1', 'system/changeUserStatus.action', '0', '');
insert into oper_log values(1, 'admin', '2018-01-01', '系统管理-启用/停用-用户', 'delete.do?id=1', '127.0.0.1', 'system/changeUserStatus', '0', '');
-- ----------------------------
-- 8、创建数据字典表

2
src/main/java/com/ruoyi/RuoYiApplication.java
View File

@ -9,10 +9,8 @@ import org.springframework.boot.autoconfigure.jdbc.DataSourceAutoConfiguration;
@EnableAutoConfiguration(exclude = { DataSourceAutoConfiguration.class })
public class RuoYiApplication
{
public static void main(String[] args)
{
SpringApplication.run(RuoYiApplication.class, args);
}
}

21
src/main/java/com/ruoyi/framework/config/BaseConfig.java Normal file
View File

@ -0,0 +1,21 @@
package com.ruoyi.framework.config;
import org.springframework.context.annotation.Configuration;
import org.springframework.core.Ordered;
import org.springframework.web.servlet.config.annotation.ViewControllerRegistry;
import org.springframework.web.servlet.config.annotation.WebMvcConfigurerAdapter;
@Configuration
public class BaseConfig extends WebMvcConfigurerAdapter
{
/**
* 默认首页的设置当输入域名是可以自动跳转到默认指定的网页
*/
@Override
public void addViewControllers(ViewControllerRegistry registry)
{
registry.addViewController("/").setViewName("forward:/index");
registry.setOrder(Ordered.HIGHEST_PRECEDENCE);
super.addViewControllers(registry);
}
}

76
src/main/java/com/ruoyi/framework/config/ShiroConfig.java
View File

@ -8,12 +8,15 @@ import org.apache.shiro.session.mgt.eis.SessionDAO;
import org.apache.shiro.spring.LifecycleBeanPostProcessor;
import org.apache.shiro.spring.security.interceptor.AuthorizationAttributeSourceAdvisor;
import org.apache.shiro.spring.web.ShiroFilterFactoryBean;
import org.apache.shiro.web.filter.authc.LogoutFilter;
import org.apache.shiro.web.mgt.DefaultWebSecurityManager;
import org.springframework.aop.framework.autoproxy.DefaultAdvisorAutoProxyCreator;
import org.springframework.beans.factory.annotation.Qualifier;
import org.springframework.context.annotation.Bean;
import org.springframework.context.annotation.Configuration;
import com.ruoyi.common.utils.spring.SpringUtils;
import com.ruoyi.project.shiro.realm.UserRealm;
import com.ruoyi.project.system.menu.service.MenuService;
import at.pollux.thymeleaf.shiro.dialect.ShiroDialect;
/**
@ -24,14 +27,22 @@ import at.pollux.thymeleaf.shiro.dialect.ShiroDialect;
@Configuration
public class ShiroConfig
{
public static final String PREMISSION_STRING = "perms[\"{0}\"]";
/**
* 缓存管理器 使用Ehcache实现
*/
@Bean
public EhCacheManager getEhCacheManager()
{
EhCacheManager em = new EhCacheManager();
em.setCacheManagerConfigFile("classpath:config/ehcache.xml");
em.setCacheManagerConfigFile("classpath:ehcache/ehcache-shiro.xml");
return em;
}
/**
* 自定义Realm
*/
@Bean
UserRealm userRealm(EhCacheManager cacheManager)
{
@ -40,6 +51,9 @@ public class ShiroConfig
return userRealm;
}
/**
* 会话管理器
*/
@Bean
SessionDAO sessionDAO()
{
@ -47,6 +61,9 @@ public class ShiroConfig
return sessionDAO;
}
/**
* 安全管理器
*/
@Bean
SecurityManager securityManager(UserRealm userRealm)
{
@ -56,39 +73,56 @@ public class ShiroConfig
return manager;
}
/**
* Shiro过滤器配置
*/
@Bean
ShiroFilterFactoryBean shiroFilterFactoryBean(SecurityManager securityManager)
{
ShiroFilterFactoryBean shiroFilterFactoryBean = new ShiroFilterFactoryBean();
// Shiro的核心安全接口,这个属性是必须的
shiroFilterFactoryBean.setSecurityManager(securityManager);
// shiroFilterFactoryBean.setLoginUrl("/login");
// shiroFilterFactoryBean.setSuccessUrl("/index");
// shiroFilterFactoryBean.setUnauthorizedUrl("/403");
// 身份认证失败则跳转到登录页面的配置
shiroFilterFactoryBean.setLoginUrl("/login");
// 权限认证失败则跳转到指定页面
shiroFilterFactoryBean.setUnauthorizedUrl("/unauth");
// 注销成功则跳转到指定页面
LogoutFilter logoutFilter = new LogoutFilter();
logoutFilter.setRedirectUrl("/login");
// Shiro连接约束配置即过滤链的定义
LinkedHashMap<String, String> filterChainDefinitionMap = new LinkedHashMap<>();
// filterChainDefinitionMap.put("/css/**", "anon");
// filterChainDefinitionMap.put("/js/**", "anon");
// filterChainDefinitionMap.put("/fonts/**", "anon");
// filterChainDefinitionMap.put("/img/**", "anon");
// filterChainDefinitionMap.put("/docs/**", "anon");
// filterChainDefinitionMap.put("/druid/**", "anon");
// filterChainDefinitionMap.put("/upload/**", "anon");
// filterChainDefinitionMap.put("/files/**", "anon");
// filterChainDefinitionMap.put("/logout", "logout");
// filterChainDefinitionMap.put("/", "anon");
// filterChainDefinitionMap.put("/blog", "anon");
// filterChainDefinitionMap.put("/blog/open/**", "anon");
// filterChainDefinitionMap.put("/**", "authc");
// 对静态资源设置匿名访问
filterChainDefinitionMap.put("/css/**", "anon");
filterChainDefinitionMap.put("/docs/**", "anon");
filterChainDefinitionMap.put("/fonts/**", "anon");
filterChainDefinitionMap.put("/img/**", "anon");
filterChainDefinitionMap.put("/js/**", "anon");
filterChainDefinitionMap.put("/druid/**", "anon");
// 不需要拦截的访问
filterChainDefinitionMap.put("/login", "anon");
// 退出 logout地址shiro去清除session
filterChainDefinitionMap.put("/logout", "logout");
// 系统权限列表
MenuService menuService = SpringUtils.getBean(MenuService.class);
filterChainDefinitionMap.putAll(menuService.findAllPerms());
// 所有请求需要认证
filterChainDefinitionMap.put("/**", "authc");
shiroFilterFactoryBean.setFilterChainDefinitionMap(filterChainDefinitionMap);
return shiroFilterFactoryBean;
}
/**
* 保证实现了Shiro内部lifecycle函数的bean执行
*/
@Bean("lifecycleBeanPostProcessor")
public LifecycleBeanPostProcessor lifecycleBeanPostProcessor()
{
return new LifecycleBeanPostProcessor();
}
/**
* 开启Shiro代理
*/
@Bean
public DefaultAdvisorAutoProxyCreator defaultAdvisorAutoProxyCreator()
{
@ -97,12 +131,18 @@ public class ShiroConfig
return proxyCreator;
}
/**
* thymeleaf模板引擎和shiro框架的整合
*/
@Bean
public ShiroDialect shiroDialect()
{
return new ShiroDialect();
}
/**
* 开启Shiro注解通知器
*/
@Bean
public AuthorizationAttributeSourceAdvisor authorizationAttributeSourceAdvisor(
@Qualifier("securityManager") SecurityManager securityManager)

15
src/main/java/com/ruoyi/framework/core/dao/DynamicObjectBaseDao.java
View File

@ -129,7 +129,20 @@ public class DynamicObjectBaseDao
}
/**
* 查找对象
* 查找对象 - 无条件
*
* @param str
* @param obj
* @return
* @throws Exception
*/
public Object findForList(String str) throws Exception
{
return sqlSessionTemplate.selectList(str);
}
/**
* 查找对象 - 有条件
*
* @param str
* @param obj

4
src/main/java/com/ruoyi/project/shiro/common/UserConstants.java
View File

@ -23,8 +23,8 @@ public class UserConstants
/**
* 用户名长度限制
*/
public static final int USERNAME_MIN_LENGTH = 5;
public static final int USERNAME_MAX_LENGTH = 20;
public static final int USERNAME_MIN_LENGTH = 2;
public static final int USERNAME_MAX_LENGTH = 10;
/**
* 密码长度限制

35
src/main/java/com/ruoyi/project/shiro/realm/UserRealm.java
View File

@ -1,27 +1,32 @@
package com.ruoyi.project.shiro.realm;
import java.util.Set;
import org.apache.shiro.authc.AuthenticationException;
import org.apache.shiro.authc.AuthenticationInfo;
import org.apache.shiro.authc.AuthenticationToken;
import org.apache.shiro.authc.ExcessiveAttemptsException;
import org.apache.shiro.authc.IncorrectCredentialsException;
import org.apache.shiro.authc.LockedAccountException;
import org.apache.shiro.authc.SimpleAuthenticationInfo;
import org.apache.shiro.authc.UnknownAccountException;
import org.apache.shiro.authc.UsernamePasswordToken;
import org.apache.shiro.authz.AuthorizationInfo;
import org.apache.shiro.authz.SimpleAuthorizationInfo;
import org.apache.shiro.realm.AuthorizingRealm;
import org.apache.shiro.subject.PrincipalCollection;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.springframework.beans.factory.annotation.Autowired;
import com.ruoyi.common.tools.StringTools;
import com.ruoyi.common.utils.security.ShiroUtils;
import com.ruoyi.project.shiro.exception.JCaptchaException;
import com.ruoyi.project.shiro.exception.RoleBlockedException;
import com.ruoyi.project.shiro.exception.UserBlockedException;
import com.ruoyi.project.shiro.exception.UserNotExistsException;
import com.ruoyi.project.shiro.exception.UserPasswordNotMatchException;
import com.ruoyi.project.shiro.exception.UserPasswordRetryLimitExceedException;
import com.ruoyi.project.system.menu.service.IMenuService;
import com.ruoyi.project.system.user.domain.User;
import com.ruoyi.project.system.user.service.IUserService;
/**
* 自定义Realm 处理登录 权限
@ -34,23 +39,31 @@ public class UserRealm extends AuthorizingRealm
private static final Logger log = LoggerFactory.getLogger(LoginService.class);
@Autowired
private IUserService userService;
private IMenuService menuService;
@Autowired
private LoginService loginService;
/**
* 授权
*/
@Override
protected AuthorizationInfo doGetAuthorizationInfo(PrincipalCollection arg0)
{
// Long userId = ShiroUtils.getUserId();
// MenuService menuService = SpringUtils.getBean(MenuService.class);
// Set<String> perms = menuService.listPerms(userId);
// SimpleAuthorizationInfo info = new SimpleAuthorizationInfo();
// info.setStringPermissions(perms);
// return info;
return null;
Long userId = ShiroUtils.getUserId();
Set<String> perms = menuService.findPermsByUserId(userId);
SimpleAuthorizationInfo info = new SimpleAuthorizationInfo();
if (StringTools.isNotEmpty(perms))
{
// // 权限加入AuthorizationInfo认证对象
info.setStringPermissions(perms);
}
return info;
}
/**
* 登录认证
*/
@Override
protected AuthenticationInfo doGetAuthenticationInfo(AuthenticationToken token) throws AuthenticationException
{
@ -78,7 +91,7 @@ public class UserRealm extends AuthorizingRealm
}
catch (UserPasswordNotMatchException e)
{
throw new AuthenticationException(e.getMessage(), e);
throw new IncorrectCredentialsException(e.getMessage(), e);
}
catch (UserPasswordRetryLimitExceedException e)
{
@ -94,7 +107,7 @@ public class UserRealm extends AuthorizingRealm
}
catch (Exception e)
{
log.error("login error", e);
log.info("对用户[" + username + "]进行登录验证..验证未通过{}", e.getMessage());
throw new AuthenticationException(e.getMessage(), e);
}
SimpleAuthenticationInfo info = new SimpleAuthenticationInfo(user, password, getName());

1
src/main/java/com/ruoyi/project/shiro/service/PasswordService.java
View File

@ -80,5 +80,6 @@ public class PasswordService
public static void main(String[] args)
{
System.out.println(new PasswordService().encryptPassword("admin", "admin123", ""));
System.out.println(new PasswordService().encryptPassword("ry", "admin123", ""));
}
}

17
src/main/java/com/ruoyi/project/system/menu/dao/IMenuDao.java
View File

@ -12,11 +12,26 @@ public interface IMenuDao
{
/**
* 根据用户ID查询权限表
* 根据用户ID查询菜单
*
* @param userId 用户ID
* @return 菜单列表
*/
public List<Menu> findMenusByUserId(Long userId);
/**
* 根据用户ID查询权限
*
* @param userId 用户ID
* @return 权限列表
*/
public List<String> findPermsByUserId(Long userId);
/**
* 查询系统所有权限
*
* @return 权限列表
*/
public List<Menu> findAllPerms();
}

43
src/main/java/com/ruoyi/project/system/menu/dao/MenuDao.java
View File

@ -15,7 +15,7 @@ public class MenuDao extends DynamicObjectBaseDao implements IMenuDao
{
/**
* 根据用户ID查询权限表
* 根据用户ID查询菜单
*
* @param userId 用户ID
* @return 菜单列表
@ -35,4 +35,45 @@ public class MenuDao extends DynamicObjectBaseDao implements IMenuDao
return permsList;
}
/**
* 根据用户ID查询权限
*
* @param userId 用户ID
* @return 菜单列表
*/
@SuppressWarnings("unchecked")
public List<String> findPermsByUserId(Long userId)
{
List<String> permsList = null;
try
{
permsList = (List<String>) this.findForList("SystemMenuMapper.findPermsByUserId", userId);
}
catch (Exception e)
{
e.printStackTrace();
}
return permsList;
}
/**
* 查询系统所有权限
*
* @return 权限列表
*/
@SuppressWarnings("unchecked")
public List<Menu> findAllPerms()
{
List<Menu> permsList = null;
try
{
permsList = (List<Menu>) this.findForList("SystemMenuMapper.findAllPerms");
}
catch (Exception e)
{
e.printStackTrace();
}
return permsList;
}
}

19
src/main/java/com/ruoyi/project/system/menu/service/IMenuService.java
View File

@ -1,6 +1,8 @@
package com.ruoyi.project.system.menu.service;
import java.util.List;
import java.util.Map;
import java.util.Set;
import com.ruoyi.project.system.menu.domain.Menu;
/**
@ -12,11 +14,26 @@ public interface IMenuService
{
/**
* 根据用户ID查询权限表
* 根据用户ID查询菜单
*
* @param userId 用户ID
* @return 菜单列表
*/
public List<Menu> findMenusByUserId(Long userId);
/**
* 根据用户ID查询权限
*
* @param userId 用户ID
* @return 权限列表
*/
public Set<String> findPermsByUserId(Long userId);
/**
* 查询系统所有权限
*
* @return 权限列表
*/
public Map<String, String> findAllPerms();
}

52
src/main/java/com/ruoyi/project/system/menu/service/MenuService.java
View File

@ -1,10 +1,17 @@
package com.ruoyi.project.system.menu.service;
import java.text.MessageFormat;
import java.util.Arrays;
import java.util.HashSet;
import java.util.LinkedHashMap;
import java.util.List;
import java.util.Set;
import org.apache.commons.lang3.StringUtils;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.stereotype.Service;
import com.ruoyi.common.tools.StringTools;
import com.ruoyi.project.system.menu.dao.IMenuDao;
import com.ruoyi.project.system.menu.domain.Menu;
import com.ruoyi.project.util.TreeUtil;
@ -17,20 +24,63 @@ import com.ruoyi.project.util.TreeUtil;
@Service("menuService")
public class MenuService implements IMenuService
{
public static final String PREMISSION_STRING = "perms[\"{0}\"]";
@Autowired
private IMenuDao menuDao;
/**
* 根据用户ID查询权限表
* 根据用户ID查询菜单
*
* @param userId 用户ID
* @return 菜单列表
*/
@Override
public List<Menu> findMenusByUserId(Long userId)
{
List<Menu> menus = menuDao.findMenusByUserId(userId);
return TreeUtil.getChildPerms(menus, 0);
}
/**
* 根据用户ID查询权限
*
* @param userId 用户ID
* @return 权限列表
*/
@Override
public Set<String> findPermsByUserId(Long userId)
{
List<String> perms = menuDao.findPermsByUserId(userId);
Set<String> permsSet = new HashSet<>();
for (String perm : perms)
{
if (StringUtils.isNotBlank(perm))
{
permsSet.addAll(Arrays.asList(perm.trim().split(",")));
}
}
return permsSet;
}
/**
* 查询系统所有权限
*
* @return 权限列表
*/
@Override
public LinkedHashMap<String, String> findAllPerms()
{
LinkedHashMap<String, String> section = new LinkedHashMap<>();
List<Menu> permissions = menuDao.findAllPerms();
if (StringTools.isNotEmpty(permissions))
{
for (Menu menu : permissions)
{
section.put(menu.getUrl(), MessageFormat.format(PREMISSION_STRING, menu.getPerms()));
}
}
return section;
}
}

17
src/main/java/com/ruoyi/project/system/user/controller/IndexController.java
View File

@ -1,17 +1,14 @@
package com.ruoyi.project.system.user.controller;
import java.util.List;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.stereotype.Controller;
import org.springframework.ui.Model;
import org.springframework.web.bind.annotation.RequestMapping;
import org.springframework.web.bind.annotation.GetMapping;
import com.ruoyi.framework.core.controller.BaseController;
import com.ruoyi.project.system.menu.domain.Menu;
import com.ruoyi.project.system.menu.service.IMenuService;
import com.ruoyi.project.system.user.domain.User;
import com.ruoyi.project.system.user.service.IUserService;
/**
* 首页 业务处理
@ -21,16 +18,12 @@ import com.ruoyi.project.system.user.service.IUserService;
@Controller
public class IndexController extends BaseController
{
@Autowired
private IUserService userService;
@Autowired
private IMenuService menuService;
// 系统首页
@RequestMapping("/index")
public String index(Model model) throws Exception
@GetMapping("/index")
public String index(Model model)
{
// 取身份信息
User user = getUser();
@ -42,8 +35,8 @@ public class IndexController extends BaseController
}
// 系统介绍
@RequestMapping("/main")
public String main() throws Exception
@GetMapping("/main")
public String main()
{
return "main";
}

12
src/main/java/com/ruoyi/project/system/user/controller/LoginController.java
View File

@ -9,7 +9,6 @@ import org.springframework.web.bind.annotation.GetMapping;
import org.springframework.web.bind.annotation.PostMapping;
import org.springframework.web.bind.annotation.ResponseBody;
import com.ruoyi.common.tools.StringTools;
import com.ruoyi.common.utils.security.ShiroUtils;
import com.ruoyi.framework.core.controller.BaseController;
import com.ruoyi.framework.core.domain.R;
@ -24,14 +23,14 @@ public class LoginController extends BaseController
{
@GetMapping("/login")
String login()
public String login()
{
return "login";
}
@PostMapping("/login")
@ResponseBody
R ajaxLogin(String username, String password)
public R ajaxLogin(String username, String password)
{
UsernamePasswordToken token = new UsernamePasswordToken(username, password);
Subject subject = SecurityUtils.getSubject();
@ -51,10 +50,9 @@ public class LoginController extends BaseController
}
}
@GetMapping("/logout")
String logout()
@GetMapping("/unauth")
public String unauth()
{
ShiroUtils.logout();
return "redirect:/login";
return "/error/unauth";
}
}

9
src/main/java/com/ruoyi/project/system/user/controller/UserController.java
View File

@ -2,15 +2,14 @@ package com.ruoyi.project.system.user.controller;
import java.util.List;
import java.util.Map;
import org.apache.shiro.authz.annotation.RequiresPermissions;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.stereotype.Controller;
import org.springframework.web.bind.annotation.GetMapping;
import org.springframework.web.bind.annotation.RequestMapping;
import org.springframework.web.bind.annotation.RequestMethod;
import org.springframework.web.bind.annotation.RequestParam;
import org.springframework.web.bind.annotation.ResponseBody;
import com.ruoyi.common.utils.TableDataInfo;
import com.ruoyi.common.utils.security.ShiroUtils;
import com.ruoyi.framework.core.controller.BaseController;
import com.ruoyi.project.system.user.domain.User;
import com.ruoyi.project.system.user.service.IUserService;
@ -39,11 +38,11 @@ public class UserController extends BaseController
return tableDataInfo;
}
@RequestMapping(value = "/test", method = RequestMethod.GET)
public String test()
@RequiresPermissions("system:user:list")
@GetMapping("/userList")
public String userList()
{
return prefix + "/test";
}
}

0
src/main/resources/config/ehcache.xml → src/main/resources/ehcache/ehcache-shiro.xml
View File

12
src/main/resources/mybatis/system/SystemMenuMapper.xml
View File

@ -29,4 +29,16 @@ PUBLIC "-//mybatis.org//DTD Mapper 3.0//EN"
order by m.order_num
</select>
<select id="findPermsByUserId" parameterType="Long" resultType="String">
select distinct m.perms
from sys_menu m
left join sys_role_menu rm on m.menu_id = rm.menu_id
left join sys_user_role ur on rm.role_id = ur.role_id
where ur.user_id = #{userId}
</select>
<select id="findAllPerms" resultMap="MenuResult">
select * from sys_menu m
</select>
</mapper>

38
src/main/resources/templates/error/404.html Normal file
View File

@ -0,0 +1,38 @@
<!DOCTYPE html>
<html>
<head>
<meta charset="utf-8">
<meta name="viewport" content="width=device-width, initial-scale=1.0">
<title>RuoYi - 404</title>
<link href="css/bootstrap.min.css" rel="stylesheet">
<link href="font-awesome/css/font-awesome.css" rel="stylesheet">
<link href="css/animate.css" rel="stylesheet">
<link href="css/style.css" rel="stylesheet">
</head>
<body class="gray-bg">
<div class="middle-box text-center animated fadeInDown">
<h1>404</h1>
<h3 class="font-bold">找不到网页!</h3>
<div class="error-desc">
对不起您正在寻找的页面已经找到。尝试检查URL的错误然后按浏览器上的刷新按钮或尝试在我们的应用程序中找到其他内容。
<a href="/" class="btn btn-primary m-t">主页</a>
</div>
</div>
<!-- Mainly scripts -->
<script src="js/jquery-3.1.1.min.js"></script>
<script src="js/bootstrap.min.js"></script>
</body>
</html>

38
src/main/resources/templates/error/500.html Normal file
View File

@ -0,0 +1,38 @@
<!DOCTYPE html>
<html>
<head>
<meta charset="utf-8">
<meta name="viewport" content="width=device-width, initial-scale=1.0">
<title>RuoYi - 500</title>
<link href="css/bootstrap.min.css" rel="stylesheet">
<link href="font-awesome/css/font-awesome.css" rel="stylesheet">
<link href="css/animate.css" rel="stylesheet">
<link href="css/style.css" rel="stylesheet">
</head>
<body class="gray-bg">
<div class="middle-box text-center animated fadeInDown">
<h1>500</h1>
<h3 class="font-bold">内部服务器错误!</h3>
<div class="error-desc">
服务器遇到意外事件,不允许完成请求。我们抱歉。您可以返回主页面。
<a href="/" class="btn btn-primary m-t">主页</a>
</div>
</div>
<!-- Mainly scripts -->
<script src="js/jquery-3.1.1.min.js"></script>
<script src="js/bootstrap.min.js"></script>
</body>
</html>

38
src/main/resources/templates/error/unauth.html Normal file
View File

@ -0,0 +1,38 @@
<!DOCTYPE html>
<html>
<head>
<meta charset="utf-8">
<meta name="viewport" content="width=device-width, initial-scale=1.0">
<title>RuoYi - 403</title>
<link href="css/bootstrap.min.css" rel="stylesheet">
<link href="font-awesome/css/font-awesome.css" rel="stylesheet">
<link href="css/animate.css" rel="stylesheet">
<link href="css/style.css" rel="stylesheet">
</head>
<body class="gray-bg">
<div class="middle-box text-center animated fadeInDown">
<h1>403</h1>
<h3 class="font-bold">您没有访问权限!</h3>
<div class="error-desc">
对不起您正在寻找的页面已经找到。尝试检查URL的错误然后按浏览器上的刷新按钮或尝试在我们的应用程序中找到其他内容。
<a href="/" class="btn btn-primary m-t">主页</a>
</div>
</div>
<!-- Mainly scripts -->
<script src="js/jquery-3.1.1.min.js"></script>
<script src="js/bootstrap.min.js"></script>
</body>
</html>

40
src/main/resources/templates/index.html
View File

@ -41,7 +41,7 @@
<li class="active">
<a href="index.html"><i class="fa fa-home"></i> <span class="nav-label">主页</span> <span class="fa arrow"></span></a>
<ul class="nav nav-second-level">
<li class="active"><a class="J_menuItem" href="main.html" th:href="@{/main}">了解若依</a></li>
<li class="active"><a class="J_menuItem" th:href="@{/main}">了解若依</a></li>
</ul>
</li>
<li th:each="menu : ${menus}">
@ -89,7 +89,7 @@
</button>
<nav class="page-tabs J_menuTabs">
<div class="page-tabs-content">
<a href="javascript:;" class="active J_menuTab" data-id="index_v1.html">首页</a>
<a href="javascript:;" class="active J_menuTab">首页</a>
</div>
</nav>
<button class="roll-nav roll-right J_tabRight">
@ -110,8 +110,7 @@
</div>
<div class="row J_mainContent" id="content-main">
<iframe class="J_iframe" name="iframe0" width="100%" height="100%"
src="" th:src="@{/main}" frameborder="0" data-id="index.html"
seamless></iframe>
th:src="@{/main}" frameborder="0" seamless></iframe>
</div>
<div class="footer">
<div class="pull-right">© 2018-2020 RuoYi Copyright</div>
@ -124,41 +123,8 @@
<script src="/js/bootstrap.min.js?v=3.3.6"></script>
<script src="/js/plugins/metisMenu/jquery.metisMenu.js"></script>
<script src="/js/plugins/slimscroll/jquery.slimscroll.min.js"></script>
<script src="/js/plugins/layer/layer.min.js"></script>
<!-- 自定义js -->
<script src="/js/app.js?v=4.1.0"></script>
<script type="text/javascript" src="/js/contabs.js"></script>
<!-- 第三方插件 -->
<script src="/js/plugins/pace/pace.min.js"></script>
<!-- vue -->
<script type="text/javascript" src="/js/vue.min.js"></script>
<script src="/js/appjs/oa/webSocket/sockjs.min.js"></script>
<script src="/js/appjs/oa/webSocket/stomp.min.js"></script>
<!-- Toastr script -->
<script src="/js/plugins/toastr/toastr.min.js"></script>
<script type="text/javascript">
var wrapper = new Vue({
el: '#wrapper',
data: {
total: '',
rows: '',
},
methods: {
personal: function () {
layer.open({
type: 2,
title: '个人设置',
maxmin: true,
shadeClose: false,
area: ['1024px', '720px'],
content: '/sys/user/personal'
});
}
},
created: function () {
this.notify()
}
})
</script>
</body>
</html>