欧阳子桐 / RuoYi · 提交

转到一个项目

作者 RuoYi
提交 d8255edf84d4bb935178f5c739ea588b1721f02a 1 个父辈 eff42d8b

新增编程式判断资源访问权限

内嵌 并排对比
正在显示 4 个修改的文件 包含 107 行增加15 行删除
@@ -63,7 +63,27 @@ public class Constants @@ -63,7 +63,27 @@ public class Constants
63 * 登录失败 63 * 登录失败
64 */ 64 */
65 public static final String LOGIN_FAIL = "Error"; 65 public static final String LOGIN_FAIL = "Error";
66 - 66 +
  67 + /**
  68 + * 所有权限标识
  69 + */
  70 + public static final String ALL_PERMISSION = "*:*:*";
  71 +
  72 + /**
  73 + * 管理员角色权限标识
  74 + */
  75 + public static final String SUPER_ADMIN = "admin";
  76 +
  77 + /**
  78 + * 角色权限分隔符
  79 + */
  80 + public static final String ROLE_DELIMETER = ",";
  81 +
  82 + /**
  83 + * 权限标识分隔符
  84 + */
  85 + public static final String PERMISSION_DELIMETER = ",";
  86 +
67 /** 87 /**
68 * 验证码有效期(分钟) 88 * 验证码有效期(分钟)
69 */ 89 */
1 package com.ruoyi.common.utils; 1 package com.ruoyi.common.utils;
2 2
  3 +import java.util.Collection;
  4 +import java.util.List;
  5 +import java.util.stream.Collectors;
3 import org.springframework.security.core.Authentication; 6 import org.springframework.security.core.Authentication;
4 import org.springframework.security.core.context.SecurityContextHolder; 7 import org.springframework.security.core.context.SecurityContextHolder;
5 import org.springframework.security.crypto.bcrypt.BCryptPasswordEncoder; 8 import org.springframework.security.crypto.bcrypt.BCryptPasswordEncoder;
  9 +import org.springframework.util.PatternMatchUtils;
  10 +import com.ruoyi.common.constant.Constants;
6 import com.ruoyi.common.constant.HttpStatus; 11 import com.ruoyi.common.constant.HttpStatus;
  12 +import com.ruoyi.common.core.domain.entity.SysRole;
7 import com.ruoyi.common.core.domain.model.LoginUser; 13 import com.ruoyi.common.core.domain.model.LoginUser;
8 import com.ruoyi.common.exception.ServiceException; 14 import com.ruoyi.common.exception.ServiceException;
9 15
@@ -117,4 +123,55 @@ public class SecurityUtils @@ -117,4 +123,55 @@ public class SecurityUtils
117 { 123 {
118 return userId != null && 1L == userId; 124 return userId != null && 1L == userId;
119 } 125 }
  126 +
  127 + /**
  128 + * 验证用户是否具备某权限
  129 + *
  130 + * @param permission 权限字符串
  131 + * @return 用户是否具备某权限
  132 + */
  133 + public static boolean hasPermi(String permission)
  134 + {
  135 + return hasPermi(getLoginUser().getPermissions(), permission);
  136 + }
  137 +
  138 + /**
  139 + * 判断是否包含权限
  140 + *
  141 + * @param authorities 权限列表
  142 + * @param permission 权限字符串
  143 + * @return 用户是否具备某权限
  144 + */
  145 + public static boolean hasPermi(Collection<String> authorities, String permission)
  146 + {
  147 + return authorities.stream().filter(StringUtils::hasText)
  148 + .anyMatch(x -> Constants.ALL_PERMISSION.contains(x) || PatternMatchUtils.simpleMatch(x, permission));
  149 + }
  150 +
  151 + /**
  152 + * 验证用户是否拥有某个角色
  153 + *
  154 + * @param role 角色标识
  155 + * @return 用户是否具备某角色
  156 + */
  157 + public static boolean hasRole(String role)
  158 + {
  159 + List<SysRole> roleList = getLoginUser().getUser().getRoles();
  160 + Collection<String> roles = roleList.stream().map(SysRole::getRoleKey).collect(Collectors.toSet());
  161 + return hasRole(roles, role);
  162 + }
  163 +
  164 + /**
  165 + * 判断是否包含角色
  166 + *
  167 + * @param roles 角色列表
  168 + * @param role 角色
  169 + * @return 用户是否具备某角色权限
  170 + */
  171 + public static boolean hasRole(Collection<String> roles, String role)
  172 + {
  173 + return roles.stream().filter(StringUtils::hasText)
  174 + .anyMatch(x -> Constants.SUPER_ADMIN.contains(x) || PatternMatchUtils.simpleMatch(x, role));
  175 + }
  176 +
120 } 177 }
@@ -239,6 +239,30 @@ public class StringUtils extends org.apache.commons.lang3.StringUtils @@ -239,6 +239,30 @@ public class StringUtils extends org.apache.commons.lang3.StringUtils
239 239
240 return str.substring(start, end); 240 return str.substring(start, end);
241 } 241 }
  242 +
  243 + /**
  244 + * 判断是否为空,并且不是空白字符
  245 + *
  246 + * @param str 要判断的value
  247 + * @return 结果
  248 + */
  249 + public static boolean hasText(String str)
  250 + {
  251 + return (str != null && !str.isEmpty() && containsText(str));
  252 + }
  253 +
  254 + private static boolean containsText(CharSequence str)
  255 + {
  256 + int strLen = str.length();
  257 + for (int i = 0; i < strLen; i++)
  258 + {
  259 + if (!Character.isWhitespace(str.charAt(i)))
  260 + {
  261 + return true;
  262 + }
  263 + }
  264 + return false;
  265 + }
242 266
243 /** 267 /**
244 * 格式化文本, {} 表示占位符<br> 268 * 格式化文本, {} 表示占位符<br>
@@ -3,6 +3,7 @@ package com.ruoyi.framework.web.service; @@ -3,6 +3,7 @@ package com.ruoyi.framework.web.service;
3 import java.util.Set; 3 import java.util.Set;
4 import org.springframework.stereotype.Service; 4 import org.springframework.stereotype.Service;
5 import org.springframework.util.CollectionUtils; 5 import org.springframework.util.CollectionUtils;
  6 +import com.ruoyi.common.constant.Constants;
6 import com.ruoyi.common.core.domain.entity.SysRole; 7 import com.ruoyi.common.core.domain.entity.SysRole;
7 import com.ruoyi.common.core.domain.model.LoginUser; 8 import com.ruoyi.common.core.domain.model.LoginUser;
8 import com.ruoyi.common.utils.SecurityUtils; 9 import com.ruoyi.common.utils.SecurityUtils;
@@ -17,16 +18,6 @@ import com.ruoyi.framework.security.context.PermissionContextHolder; @@ -17,16 +18,6 @@ import com.ruoyi.framework.security.context.PermissionContextHolder;
17 @Service("ss") 18 @Service("ss")
18 public class PermissionService 19 public class PermissionService
19 { 20 {
20 - /** 所有权限标识 */  
21 - private static final String ALL_PERMISSION = "*:*:*";  
22 -  
23 - /** 管理员角色权限标识 */  
24 - private static final String SUPER_ADMIN = "admin";  
25 -  
26 - private static final String ROLE_DELIMETER = ",";  
27 -  
28 - private static final String PERMISSION_DELIMETER = ",";  
29 -  
30 /** 21 /**
31 * 验证用户是否具备某权限 22 * 验证用户是否具备某权限
32 * 23 *
@@ -78,7 +69,7 @@ public class PermissionService @@ -78,7 +69,7 @@ public class PermissionService
78 } 69 }
79 PermissionContextHolder.setContext(permissions); 70 PermissionContextHolder.setContext(permissions);
80 Set<String> authorities = loginUser.getPermissions(); 71 Set<String> authorities = loginUser.getPermissions();
81 - for (String permission : permissions.split(PERMISSION_DELIMETER)) 72 + for (String permission : permissions.split(Constants.PERMISSION_DELIMETER))
82 { 73 {
83 if (permission != null && hasPermissions(authorities, permission)) 74 if (permission != null && hasPermissions(authorities, permission))
84 { 75 {
@@ -108,7 +99,7 @@ public class PermissionService @@ -108,7 +99,7 @@ public class PermissionService
108 for (SysRole sysRole : loginUser.getUser().getRoles()) 99 for (SysRole sysRole : loginUser.getUser().getRoles())
109 { 100 {
110 String roleKey = sysRole.getRoleKey(); 101 String roleKey = sysRole.getRoleKey();
111 - if (SUPER_ADMIN.equals(roleKey) || roleKey.equals(StringUtils.trim(role))) 102 + if (Constants.SUPER_ADMIN.equals(roleKey) || roleKey.equals(StringUtils.trim(role)))
112 { 103 {
113 return true; 104 return true;
114 } 105 }
@@ -144,7 +135,7 @@ public class PermissionService @@ -144,7 +135,7 @@ public class PermissionService
144 { 135 {
145 return false; 136 return false;
146 } 137 }
147 - for (String role : roles.split(ROLE_DELIMETER)) 138 + for (String role : roles.split(Constants.ROLE_DELIMETER))
148 { 139 {
149 if (hasRole(role)) 140 if (hasRole(role))
150 { 141 {
@@ -163,6 +154,6 @@ public class PermissionService @@ -163,6 +154,6 @@ public class PermissionService
163 */ 154 */
164 private boolean hasPermissions(Set<String> permissions, String permission) 155 private boolean hasPermissions(Set<String> permissions, String permission)
165 { 156 {
166 - return permissions.contains(ALL_PERMISSION) || permissions.contains(StringUtils.trim(permission)); 157 + return permissions.contains(Constants.ALL_PERMISSION) || permissions.contains(StringUtils.trim(permission));
167 } 158 }
168 } 159 }