Skip to content

R
RuoYi-Cloud-Docker

多鱼的夏天 / RuoYi-Cloud-Docker

通知 210
Star 7
Fork 6
R
RuoYi-Cloud-Docker

体验新版 GitCode,发现更多精彩内容 >>

提交 d8da1b79 编写于 作者: R RuoYi
浏览文件
操作

优化权限认证注解

上级 e2dfdb22
隐藏空白更改
内联 并排
Showing with 850 addition and 401 deletion
ruoyi-common/ruoyi-common-core/src/main/java/com/ruoyi/common/core/exception/auth/NotLoginException.java 0 → 100644
浏览文件 @ d8da1b79
package com.ruoyi.common.core.exception.auth;
/**
* 未能通过的登录认证异常
*
* @author ruoyi
*/
public class NotLoginException extends RuntimeException
{
private static final long serialVersionUID = 1L;
public NotLoginException(String message)
{
super(message);
}
}
ruoyi-common/ruoyi-common-core/src/main/java/com/ruoyi/common/core/exception/auth/NotPermissionException.java 0 → 100644
浏览文件 @ d8da1b79
package com.ruoyi.common.core.exception.auth;
import org.apache.commons.lang3.StringUtils;
/**
* 未能通过的权限认证异常
*
* @author ruoyi
*/
public class NotPermissionException extends RuntimeException
{
private static final long serialVersionUID = 1L;
public NotPermissionException(String permission)
{
super(permission);
}
public NotPermissionException(String[] permissions)
{
super(StringUtils.join(permissions, ","));
}
}
ruoyi-common/ruoyi-common-core/src/main/java/com/ruoyi/common/core/exception/auth/NotRoleException.java 0 → 100644
浏览文件 @ d8da1b79
package com.ruoyi.common.core.exception.auth;
import org.apache.commons.lang3.StringUtils;
/**
* 未能通过的角色认证异常
*
* @author ruoyi
*/
public class NotRoleException extends RuntimeException
{
private static final long serialVersionUID = 1L;
public NotRoleException(String role)
{
super(role);
}
public NotRoleException(String[] roles)
{
super(StringUtils.join(roles, ","));
}
}
ruoyi-common/ruoyi-common-core/src/main/java/com/ruoyi/common/core/utils/SecurityUtils.java
浏览文件 @ d8da1b79
......@@ -42,18 +42,20 @@ public class SecurityUtils
*/
public static String getToken(HttpServletRequest request)
{
// 从header获取token标识
String token = request.getHeader(SecurityConstants.TOKEN_AUTHENTICATION);
return replaceTokenPrefix(token);
}
/**
* 替换token前缀
* 裁剪token前缀
*/
public static String replaceTokenPrefix(String token)
{
// 如果前端设置了令牌前缀,则裁剪掉前缀
if (StringUtils.isNotEmpty(token) && token.startsWith(SecurityConstants.TOKEN_PREFIX))
{
token = token.replace(SecurityConstants.TOKEN_PREFIX, "");
token = token.replaceFirst(SecurityConstants.TOKEN_PREFIX, "");
}
return token;
}
......
ruoyi-common/ruoyi-common-security/src/main/java/com/ruoyi/common/security/annotation/Logical.java 0 → 100644
浏览文件 @ d8da1b79
package com.ruoyi.common.security.annotation;
/**
* 权限注解的验证模式
*
* @author ruoyi
*
*/
public enum Logical
{
/**
* 必须具有所有的元素
*/
AND,
/**
* 只需具有其中一个元素
*/
OR
}
ruoyi-common/ruoyi-common-security/src/main/java/com/ruoyi/common/security/annotation/PreAuthorize.java 已删除 100644 → 0
浏览文件 @ e2dfdb22
package com.ruoyi.common.security.annotation;
import java.lang.annotation.ElementType;
import java.lang.annotation.Retention;
import java.lang.annotation.RetentionPolicy;
import java.lang.annotation.Target;
/**
* 权限注解
*
* @author ruoyi
*/
@Target({ ElementType.TYPE, ElementType.METHOD })
@Retention(RetentionPolicy.RUNTIME)
public @interface PreAuthorize
{
/**
* 验证用户是否具备某权限
*/
public String hasPermi() default "";
/**
* 验证用户是否不具备某权限,与 hasPermi逻辑相反
*/
public String lacksPermi() default "";
/**
* 验证用户是否具有以下任意一个权限
*/
public String[] hasAnyPermi() default {};
/**
* 判断用户是否拥有某个角色
*/
public String hasRole() default "";
/**
* 验证用户是否不具备某角色,与 isRole逻辑相反
*/
public String lacksRole() default "";
/**
* 验证用户是否具有以下任意一个角色
*/
public String[] hasAnyRoles() default {};
}
\ No newline at end of file
ruoyi-common/ruoyi-common-security/src/main/java/com/ruoyi/common/security/annotation/RequiresLogin.java 0 → 100644
浏览文件 @ d8da1b79
package com.ruoyi.common.security.annotation;
import java.lang.annotation.ElementType;
import java.lang.annotation.Retention;
import java.lang.annotation.RetentionPolicy;
import java.lang.annotation.Target;
/**
* 登录认证:只有登录之后才能进入该方法
*
* @author ruoyi
*
*/
@Retention(RetentionPolicy.RUNTIME)
@Target({ ElementType.METHOD, ElementType.TYPE })
public @interface RequiresLogin
{
}
ruoyi-common/ruoyi-common-security/src/main/java/com/ruoyi/common/security/annotation/RequiresPermissions.java 0 → 100644
浏览文件 @ d8da1b79
package com.ruoyi.common.security.annotation;
import java.lang.annotation.ElementType;
import java.lang.annotation.Retention;
import java.lang.annotation.RetentionPolicy;
import java.lang.annotation.Target;
/**
* 权限认证:必须具有指定权限才能进入该方法
*
* @author ruoyi
*
*/
@Retention(RetentionPolicy.RUNTIME)
@Target({ ElementType.METHOD, ElementType.TYPE })
public @interface RequiresPermissions
{
/**
* 需要校验的权限码
*/
String[] value() default {};
/**
* 验证模式:AND | OR,默认AND
*/
Logical logical() default Logical.AND;
}
ruoyi-common/ruoyi-common-security/src/main/java/com/ruoyi/common/security/annotation/RequiresRoles.java 0 → 100644
浏览文件 @ d8da1b79
package com.ruoyi.common.security.annotation;
import java.lang.annotation.ElementType;
import java.lang.annotation.Retention;
import java.lang.annotation.RetentionPolicy;
import java.lang.annotation.Target;
/**
* 角色认证:必须具有指定角色标识才能进入该方法
*
* @author ruoyi
*/
@Retention(RetentionPolicy.RUNTIME)
@Target({ ElementType.METHOD, ElementType.TYPE })
public @interface RequiresRoles
{
/**
* 需要校验的角色标识
*/
String[] value() default {};
/**
* 验证逻辑:AND | OR,默认AND
*/
Logical logical() default Logical.AND;
}
ruoyi-common/ruoyi-common-security/src/main/java/com/ruoyi/common/security/aspect/PreAuthorizeAspect.java
浏览文件 @ d8da1b79
package com.ruoyi.common.security.aspect;
import java.lang.reflect.Method;
import java.util.Collection;
import org.aspectj.lang.ProceedingJoinPoint;
import org.aspectj.lang.Signature;
import org.aspectj.lang.annotation.Around;
import org.aspectj.lang.annotation.Aspect;
import org.aspectj.lang.reflect.MethodSignature;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.stereotype.Component;
import org.springframework.util.CollectionUtils;
import org.springframework.util.PatternMatchUtils;
import com.ruoyi.common.core.exception.PreAuthorizeException;
import com.ruoyi.common.core.utils.StringUtils;
import com.ruoyi.common.security.annotation.PreAuthorize;
import com.ruoyi.common.security.service.TokenService;
import com.ruoyi.system.api.model.LoginUser;
/**
* 自定义权限实现
*
* @author ruoyi
*/
@Aspect
@Component
public class PreAuthorizeAspect
{
@Autowired
private TokenService tokenService;
/** 所有权限标识 */
private static final String ALL_PERMISSION = "*:*:*";
/** 管理员角色权限标识 */
private static final String SUPER_ADMIN = "admin";
/** 数组为0时 */
private static final Integer ARRAY_EMPTY = 0;
@Around("@annotation(com.ruoyi.common.security.annotation.PreAuthorize)")
public Object around(ProceedingJoinPoint point) throws Throwable
{
Signature signature = point.getSignature();
MethodSignature methodSignature = (MethodSignature) signature;
Method method = methodSignature.getMethod();
PreAuthorize annotation = method.getAnnotation(PreAuthorize.class);
if (annotation == null)
{
return point.proceed();
}
if (StringUtils.isNotEmpty(annotation.hasPermi()))
{
if (hasPermi(annotation.hasPermi()))
{
return point.proceed();
}
throw new PreAuthorizeException();
}
else if (StringUtils.isNotEmpty(annotation.lacksPermi()))
{
if (lacksPermi(annotation.lacksPermi()))
{
return point.proceed();
}
throw new PreAuthorizeException();
}
else if (ARRAY_EMPTY < annotation.hasAnyPermi().length)
{
if (hasAnyPermi(annotation.hasAnyPermi()))
{
return point.proceed();
}
throw new PreAuthorizeException();
}
else if (StringUtils.isNotEmpty(annotation.hasRole()))
{
if (hasRole(annotation.hasRole()))
{
return point.proceed();
}
throw new PreAuthorizeException();
}
else if (StringUtils.isNotEmpty(annotation.lacksRole()))
{
if (lacksRole(annotation.lacksRole()))
{
return point.proceed();
}
throw new PreAuthorizeException();
}
else if (ARRAY_EMPTY < annotation.hasAnyRoles().length)
{
if (hasAnyRoles(annotation.hasAnyRoles()))
{
return point.proceed();
}
throw new PreAuthorizeException();
}
return point.proceed();
}
/**
* 验证用户是否具备某权限
*
* @param permission 权限字符串
* @return 用户是否具备某权限
*/
public boolean hasPermi(String permission)
{
LoginUser userInfo = tokenService.getLoginUser();
if (StringUtils.isNull(userInfo) || CollectionUtils.isEmpty(userInfo.getPermissions()))
{
return false;
}
return hasPermissions(userInfo.getPermissions(), permission);
}
/**
* 验证用户是否不具备某权限,与 hasPermi逻辑相反
*
* @param permission 权限字符串
* @return 用户是否不具备某权限
*/
public boolean lacksPermi(String permission)
{
return hasPermi(permission) != true;
}
/**
* 验证用户是否具有以下任意一个权限
*
* @param permissions 权限列表
* @return 用户是否具有以下任意一个权限
*/
public boolean hasAnyPermi(String[] permissions)
{
LoginUser userInfo = tokenService.getLoginUser();
if (StringUtils.isNull(userInfo) || CollectionUtils.isEmpty(userInfo.getPermissions()))
{
return false;
}
Collection<String> authorities = userInfo.getPermissions();
for (String permission : permissions)
{
if (permission != null && hasPermissions(authorities, permission))
{
return true;
}
}
return false;
}
/**
* 判断用户是否拥有某个角色
*
* @param role 角色字符串
* @return 用户是否具备某角色
*/
public boolean hasRole(String role)
{
LoginUser userInfo = tokenService.getLoginUser();
if (StringUtils.isNull(userInfo) || CollectionUtils.isEmpty(userInfo.getRoles()))
{
return false;
}
for (String roleKey : userInfo.getRoles())
{
if (SUPER_ADMIN.equals(roleKey) || roleKey.equals(role))
{
return true;
}
}
return false;
}
/**
* 验证用户是否不具备某角色,与 isRole逻辑相反。
*
* @param role 角色名称
* @return 用户是否不具备某角色
*/
public boolean lacksRole(String role)
{
return hasRole(role) != true;
}
/**
* 验证用户是否具有以下任意一个角色
*
* @param roles 角色列表
* @return 用户是否具有以下任意一个角色
*/
public boolean hasAnyRoles(String[] roles)
{
LoginUser userInfo = tokenService.getLoginUser();
if (StringUtils.isNull(userInfo) || CollectionUtils.isEmpty(userInfo.getRoles()))
{
return false;
}
for (String role : roles)
{
if (hasRole(role))
{
return true;
}
}
return false;
}
/**
* 判断是否包含权限
*
* @param authorities 权限列表
* @param permission 权限字符串
* @return 用户是否具备某权限
*/
private boolean hasPermissions(Collection<String> authorities, String permission)
{
return authorities.stream().filter(StringUtils::hasText)
.anyMatch(x -> ALL_PERMISSION.contains(x) || PatternMatchUtils.simpleMatch(x, permission));
}
}
package com.ruoyi.common.security.aspect;
import java.lang.reflect.Method;
import org.aspectj.lang.ProceedingJoinPoint;
import org.aspectj.lang.annotation.Around;
import org.aspectj.lang.annotation.Aspect;
import org.aspectj.lang.annotation.Pointcut;
import org.aspectj.lang.reflect.MethodSignature;
import org.springframework.stereotype.Component;
import com.ruoyi.common.security.annotation.RequiresLogin;
import com.ruoyi.common.security.annotation.RequiresPermissions;
import com.ruoyi.common.security.annotation.RequiresRoles;
import com.ruoyi.common.security.auth.AuthUtil;
/**
* 基于 Spring Aop 的注解鉴权
*
* @author kong
*/
@Aspect
@Component
public class PreAuthorizeAspect
{
/**
* 构建
*/
public PreAuthorizeAspect()
{
}
/**
* 定义AOP签名 (切入所有使用鉴权注解的方法)
*/
public static final String POINTCUT_SIGN = " @annotation(com.ruoyi.common.security.annotation.RequiresLogin) || "
+ "@annotation(com.ruoyi.common.security.annotation.RequiresPermissions) || "
+ "@annotation(com.ruoyi.common.security.annotation.RequiresRoles)";
/**
* 声明AOP签名
*/
@Pointcut(POINTCUT_SIGN)
public void pointcut()
{
}
/**
* 环绕切入
*
* @param joinPoint 切面对象
* @return 底层方法执行后的返回值
* @throws Throwable 底层方法抛出的异常
*/
@Around("pointcut()")
public Object around(ProceedingJoinPoint joinPoint) throws Throwable
{
// 注解鉴权
MethodSignature signature = (MethodSignature) joinPoint.getSignature();
checkMethodAnnotation(signature.getMethod());
try
{
// 执行原有逻辑
Object obj = joinPoint.proceed();
return obj;
}
catch (Throwable e)
{
throw e;
}
}
/**
* 对一个Method对象进行注解检查
*/
public void checkMethodAnnotation(Method method)
{
// 校验 @RequiresLogin 注解
RequiresLogin requiresLogin = method.getAnnotation(RequiresLogin.class);
if (requiresLogin != null)
{
AuthUtil.checkLogin();
}
// 校验 @RequiresRoles 注解
RequiresRoles requiresRoles = method.getAnnotation(RequiresRoles.class);
if (requiresRoles != null)
{
AuthUtil.checkRole(requiresRoles);
}
// 校验 @RequiresPermissions 注解
RequiresPermissions requiresPermissions = method.getAnnotation(RequiresPermissions.class);
if (requiresPermissions != null)
{
AuthUtil.checkPermi(requiresPermissions);
}
}
}
ruoyi-common/ruoyi-common-security/src/main/java/com/ruoyi/common/security/auth/AuthLogic.java 0 → 100644
浏览文件 @ d8da1b79
package com.ruoyi.common.security.auth;
import java.util.Collection;
import java.util.HashSet;
import java.util.Set;
import org.springframework.util.PatternMatchUtils;
import com.ruoyi.common.core.exception.auth.NotLoginException;
import com.ruoyi.common.core.exception.auth.NotPermissionException;
import com.ruoyi.common.core.exception.auth.NotRoleException;
import com.ruoyi.common.core.utils.SecurityUtils;
import com.ruoyi.common.core.utils.SpringUtils;
import com.ruoyi.common.core.utils.StringUtils;
import com.ruoyi.common.security.annotation.Logical;
import com.ruoyi.common.security.annotation.RequiresLogin;
import com.ruoyi.common.security.annotation.RequiresPermissions;
import com.ruoyi.common.security.annotation.RequiresRoles;
import com.ruoyi.common.security.service.TokenService;
import com.ruoyi.system.api.model.LoginUser;
/**
* Token 权限验证,逻辑实现类
*
* @author ruoyi
*/
public class AuthLogic
{
/** 所有权限标识 */
private static final String ALL_PERMISSION = "*:*:*";
/** 管理员角色权限标识 */
private static final String SUPER_ADMIN = "admin";
public TokenService tokenService = SpringUtils.getBean(TokenService.class);
/**
* 检验用户是否已经登录,如未登录,则抛出异常
*/
public void checkLogin()
{
getLoginUser();
}
/**
* 获取当前用户缓存信息, 如果未登录,则抛出异常
*
* @return 用户缓存信息
*/
public LoginUser getLoginUser()
{
String token = SecurityUtils.getToken();
if (token == null)
{
throw new NotLoginException("未提供token");
}
LoginUser loginUser = tokenService.getLoginUser(token);
if (loginUser == null)
{
throw new NotLoginException("无效的token");
}
return loginUser;
}
/**
* 验证用户是否具备某权限
*
* @param permission 权限字符串
* @return 用户是否具备某权限
*/
public boolean hasPermi(String permission)
{
return hasPermi(getPermiList(), permission);
}
/**
* 验证用户是否具备某权限, 如果验证未通过,则抛出异常: NotPermissionException
*
* @param permission 权限字符串
* @return 用户是否具备某权限
*/
public void checkPermi(String permission)
{
if (!hasPermi(getPermiList(), permission))
{
throw new NotPermissionException(permission);
}
}
/**
* 根据注解(@RequiresPermissions)鉴权, 如果验证未通过,则抛出异常: NotPermissionException
*
* @param requiresPermissions 注解对象
*/
public void checkPermi(RequiresPermissions requiresPermissions)
{
if (requiresPermissions.logical() == Logical.AND)
{
checkPermiAnd(requiresPermissions.value());
}
else
{
checkPermiOr(requiresPermissions.value());
}
}
/**
* 验证用户是否含有指定权限,必须全部拥有
*
* @param permissions 权限列表
*/
public void checkPermiAnd(String... permissions)
{
Set<String> permissionList = getPermiList();
for (String permission : permissions)
{
if (!hasPermi(permissionList, permission))
{
throw new NotPermissionException(permission);
}
}
}
/**
* 验证用户是否含有指定权限,只需包含其中一个
*
* @param permissions 权限码数组
*/
public void checkPermiOr(String... permissions)
{
Set<String> permissionList = getPermiList();
for (String permission : permissions)
{
if (hasPermi(permissionList, permission))
{
return;
}
}
if (permissions.length > 0)
{
throw new NotPermissionException(permissions);
}
}
/**
* 判断用户是否拥有某个角色
*
* @param role 角色标识
* @return 用户是否具备某角色
*/
public boolean hasRole(String role)
{
return hasRole(getRoleList(), role);
}
/**
* 判断用户是否拥有某个角色, 如果验证未通过,则抛出异常: NotRoleException
*
* @param role 角色标识
*/
public void checkRole(String role)
{
if (!hasRole(role))
{
throw new NotRoleException(role);
}
}
/**
* 根据注解(@RequiresRoles)鉴权
*
* @param requiresRoles 注解对象
*/
public void checkRole(RequiresRoles requiresRoles)
{
if (requiresRoles.logical() == Logical.AND)
{
checkRoleAnd(requiresRoles.value());
}
else
{
checkRoleOr(requiresRoles.value());
}
}
/**
* 验证用户是否含有指定角色,必须全部拥有
*
* @param roles 角色标识数组
*/
public void checkRoleAnd(String... roles)
{
Set<String> roleList = getRoleList();
for (String role : roles)
{
if (!hasRole(roleList, role))
{
throw new NotRoleException(role);
}
}
}
/**
* 验证用户是否含有指定角色,只需包含其中一个
*
* @param roles 角色标识数组
*/
public void checkRoleOr(String... roles)
{
Set<String> roleList = getRoleList();
for (String role : roles)
{
if (hasRole(roleList, role))
{
return;
}
}
if (roles.length > 0)
{
throw new NotRoleException(roles);
}
}
/**
* 根据注解(@RequiresLogin)鉴权
*
* @param at 注解对象
*/
public void checkByAnnotation(RequiresLogin at)
{
this.checkLogin();
}
/**
* 根据注解(@RequiresRoles)鉴权
*
* @param at 注解对象
*/
public void checkByAnnotation(RequiresRoles at)
{
String[] roleArray = at.value();
if (at.logical() == Logical.AND)
{
this.checkRoleAnd(roleArray);
}
else
{
this.checkRoleOr(roleArray);
}
}
/**
* 根据注解(@RequiresPermissions)鉴权
*
* @param at 注解对象
*/
public void checkByAnnotation(RequiresPermissions at)
{
String[] permissionArray = at.value();
if (at.logical() == Logical.AND)
{
this.checkPermiAnd(permissionArray);
}
else
{
this.checkPermiOr(permissionArray);
}
}
/**
* 获取当前账号的角色列表
*
* @return 角色列表
*/
public Set<String> getRoleList()
{
try
{
LoginUser loginUser = getLoginUser();
return loginUser.getRoles();
}
catch (Exception e)
{
return new HashSet<>();
}
}
/**
* 获取当前账号的权限列表
*
* @return 权限列表
*/
public Set<String> getPermiList()
{
try
{
LoginUser loginUser = getLoginUser();
return loginUser.getPermissions();
}
catch (Exception e)
{
return new HashSet<>();
}
}
/**
* 判断是否包含权限
*
* @param authorities 权限列表
* @param permission 权限字符串
* @return 用户是否具备某权限
*/
public boolean hasPermi(Collection<String> authorities, String permission)
{
return authorities.stream().filter(StringUtils::hasText)
.anyMatch(x -> ALL_PERMISSION.contains(x) || PatternMatchUtils.simpleMatch(x, permission));
}
/**
* 判断是否包含角色
*
* @param roles 角色列表
* @param role 角色
* @return 用户是否具备某角色权限
*/
public boolean hasRole(Collection<String> roles, String role)
{
return roles.stream().filter(StringUtils::hasText)
.anyMatch(x -> SUPER_ADMIN.contains(x) || PatternMatchUtils.simpleMatch(x, role));
}
}
ruoyi-common/ruoyi-common-security/src/main/java/com/ruoyi/common/security/auth/AuthUtil.java 0 → 100644
浏览文件 @ d8da1b79
package com.ruoyi.common.security.auth;
import com.ruoyi.common.security.annotation.RequiresPermissions;
import com.ruoyi.common.security.annotation.RequiresRoles;
/**
* Token 权限验证工具类
*
* @author ruoyi
*/
public class AuthUtil
{
/**
* 底层的 AuthLogic 对象
*/
public static AuthLogic authLogic = new AuthLogic();
/**
* 检验当前会话是否已经登录,如未登录,则抛出异常
*/
public static void checkLogin()
{
authLogic.checkLogin();
}
/**
* 当前账号是否含有指定角色标识, 返回true或false
*
* @param role 角色标识
* @return 是否含有指定角色标识
*/
public static boolean hasRole(String role)
{
return authLogic.hasRole(role);
}
/**
* 当前账号是否含有指定角色标识, 如果验证未通过,则抛出异常: NotRoleException
*
* @param role 角色标识
*/
public static void checkRole(String role)
{
authLogic.checkRole(role);
}
/**
* 根据注解传入参数鉴权, 如果验证未通过,则抛出异常: NotRoleException
*
* @param requiresRoles 角色权限注解
*/
public static void checkRole(RequiresRoles requiresRoles)
{
authLogic.checkRole(requiresRoles);
}
/**
* 当前账号是否含有指定角色标识 [指定多个,必须全部验证通过]
*
* @param roles 角色标识数组
*/
public static void checkRoleAnd(String... roles)
{
authLogic.checkRoleAnd(roles);
}
/**
* 当前账号是否含有指定角色标识 [指定多个,只要其一验证通过即可]
*
* @param roles 角色标识数组
*/
public static void checkRoleOr(String... roles)
{
authLogic.checkRoleOr(roles);
}
/**
* 当前账号是否含有指定权限, 返回true或false
*
* @param permission 权限码
* @return 是否含有指定权限
*/
public static boolean hasPermi(String permission)
{
return authLogic.hasPermi(permission);
}
/**
* 当前账号是否含有指定权限, 如果验证未通过,则抛出异常: NotPermissionException
*
* @param permission 权限码
*/
public static void checkPermi(String permission)
{
authLogic.checkPermi(permission);
}
/**
* 根据注解传入参数鉴权, 如果验证未通过,则抛出异常: NotPermissionException
*
* @param requiresPermissions 权限注解
*/
public static void checkPermi(RequiresPermissions requiresPermissions)
{
authLogic.checkPermi(requiresPermissions);
}
/**
* 当前账号是否含有指定权限 [指定多个,必须全部验证通过]
*
* @param permissions 权限码数组
*/
public static void checkPermiAnd(String... permissions)
{
authLogic.checkPermiAnd(permissions);
}
/**
* 当前账号是否含有指定权限 [指定多个,只要其一验证通过即可]
*
* @param permissions 权限码数组
*/
public static void checkPermiOr(String... permissions)
{
authLogic.checkPermiOr(permissions);
}
}
ruoyi-common/ruoyi-common-security/src/main/java/com/ruoyi/common/security/handler/GlobalExceptionHandler.java
浏览文件 @ d8da1b79
......@@ -11,8 +11,9 @@ import org.springframework.web.bind.annotation.RestControllerAdvice;
import com.ruoyi.common.core.constant.HttpStatus;
import com.ruoyi.common.core.exception.DemoModeException;
import com.ruoyi.common.core.exception.InnerAuthException;
import com.ruoyi.common.core.exception.PreAuthorizeException;
import com.ruoyi.common.core.exception.ServiceException;
import com.ruoyi.common.core.exception.auth.NotPermissionException;
import com.ruoyi.common.core.exception.auth.NotRoleException;
import com.ruoyi.common.core.utils.StringUtils;
import com.ruoyi.common.core.web.domain.AjaxResult;
......@@ -27,14 +28,25 @@ public class GlobalExceptionHandler
private static final Logger log = LoggerFactory.getLogger(GlobalExceptionHandler.class);
/**
* 权限异常
* 权限异常
*/
@ExceptionHandler(PreAuthorizeException.class)
public AjaxResult handlePreAuthorizeException(PreAuthorizeException e, HttpServletRequest request)
@ExceptionHandler(NotPermissionException.class)
public AjaxResult handleNotPermissionException(NotPermissionException e, HttpServletRequest request)
{
String requestURI = request.getRequestURI();
log.error("请求地址'{}',权限校验失败'{}'", requestURI, e.getMessage());
return AjaxResult.error(HttpStatus.FORBIDDEN, "没有权限,请联系管理员授权");
log.error("请求地址'{}',权限码校验失败'{}'", requestURI, e.getMessage());
return AjaxResult.error(HttpStatus.FORBIDDEN, "没有访问权限,请联系管理员授权");
}
/**
* 角色权限异常
*/
@ExceptionHandler(NotRoleException.class)
public AjaxResult handleNotRoleException(NotRoleException e, HttpServletRequest request)
{
String requestURI = request.getRequestURI();
log.error("请求地址'{}',角色权限校验失败'{}'", requestURI, e.getMessage());
return AjaxResult.error(HttpStatus.FORBIDDEN, "没有访问权限,请联系管理员授权");
}
/**
......
ruoyi-modules/ruoyi-gen/src/main/java/com/ruoyi/gen/controller/GenController.java
浏览文件 @ d8da1b79
......@@ -22,7 +22,7 @@ import com.ruoyi.common.core.web.domain.AjaxResult;
import com.ruoyi.common.core.web.page.TableDataInfo;
import com.ruoyi.common.log.annotation.Log;
import com.ruoyi.common.log.enums.BusinessType;
import com.ruoyi.common.security.annotation.PreAuthorize;
import com.ruoyi.common.security.annotation.RequiresPermissions;
import com.ruoyi.gen.domain.GenTable;
import com.ruoyi.gen.domain.GenTableColumn;
import com.ruoyi.gen.service.IGenTableColumnService;
......@@ -46,7 +46,7 @@ public class GenController extends BaseController
/**
* 查询代码生成列表
*/
@PreAuthorize(hasPermi = "tool:gen:list")
@RequiresPermissions("tool:gen:list")
@GetMapping("/list")
public TableDataInfo genList(GenTable genTable)
{
......@@ -58,7 +58,7 @@ public class GenController extends BaseController
/**
* 修改代码生成业务
*/
@PreAuthorize(hasPermi = "tool:gen:query")
@RequiresPermissions("tool:gen:query")
@GetMapping(value = "/{talbleId}")
public AjaxResult getInfo(@PathVariable Long talbleId)
{
......@@ -75,7 +75,7 @@ public class GenController extends BaseController
/**
* 查询数据库列表
*/
@PreAuthorize(hasPermi = "tool:gen:list")
@RequiresPermissions("tool:gen:list")
@GetMapping("/db/list")
public TableDataInfo dataList(GenTable genTable)
{
......@@ -100,7 +100,7 @@ public class GenController extends BaseController
/**
* 导入表结构(保存)
*/
@PreAuthorize(hasPermi = "tool:gen:import")
@RequiresPermissions("tool:gen:import")
@Log(title = "代码生成", businessType = BusinessType.IMPORT)
@PostMapping("/importTable")
public AjaxResult importTableSave(String tables)
......@@ -115,7 +115,7 @@ public class GenController extends BaseController
/**
* 修改保存代码生成业务
*/
@PreAuthorize(hasPermi = "tool:gen:edit")
@RequiresPermissions("tool:gen:edit")
@Log(title = "代码生成", businessType = BusinessType.UPDATE)
@PutMapping
public AjaxResult editSave(@Validated @RequestBody GenTable genTable)
......@@ -128,7 +128,7 @@ public class GenController extends BaseController
/**
* 删除代码生成
*/
@PreAuthorize(hasPermi = "tool:gen:remove")
@RequiresPermissions("tool:gen:remove")
@Log(title = "代码生成", businessType = BusinessType.DELETE)
@DeleteMapping("/{tableIds}")
public AjaxResult remove(@PathVariable Long[] tableIds)
......@@ -140,7 +140,7 @@ public class GenController extends BaseController
/**
* 预览代码
*/
@PreAuthorize(hasPermi = "tool:gen:preview")
@RequiresPermissions("tool:gen:preview")
@GetMapping("/preview/{tableId}")
public AjaxResult preview(@PathVariable("tableId") Long tableId) throws IOException
{
......@@ -151,7 +151,7 @@ public class GenController extends BaseController
/**
* 生成代码(下载方式)
*/
@PreAuthorize(hasPermi = "tool:gen:code")
@RequiresPermissions("tool:gen:code")
@Log(title = "代码生成", businessType = BusinessType.GENCODE)
@GetMapping("/download/{tableName}")
public void download(HttpServletResponse response, @PathVariable("tableName") String tableName) throws IOException
......@@ -163,7 +163,7 @@ public class GenController extends BaseController
/**
* 生成代码(自定义路径)
*/
@PreAuthorize(hasPermi = "tool:gen:code")
@RequiresPermissions("tool:gen:code")
@Log(title = "代码生成", businessType = BusinessType.GENCODE)
@GetMapping("/genCode/{tableName}")
public AjaxResult genCode(@PathVariable("tableName") String tableName)
......@@ -175,7 +175,7 @@ public class GenController extends BaseController
/**
* 同步数据库
*/
@PreAuthorize(hasPermi = "tool:gen:edit")
@RequiresPermissions("tool:gen:edit")
@Log(title = "代码生成", businessType = BusinessType.UPDATE)
@GetMapping("/synchDb/{tableName}")
public AjaxResult synchDb(@PathVariable("tableName") String tableName)
......@@ -187,7 +187,7 @@ public class GenController extends BaseController
/**
* 批量生成代码
*/
@PreAuthorize(hasPermi = "tool:gen:code")
@RequiresPermissions("tool:gen:code")
@Log(title = "代码生成", businessType = BusinessType.GENCODE)
@GetMapping("/batchGenCode")
public void batchGenCode(HttpServletResponse response, String tables) throws IOException
......
ruoyi-modules/ruoyi-gen/src/main/resources/vm/java/controller.java.vm
浏览文件 @ d8da1b79
......@@ -14,7 +14,7 @@ import org.springframework.web.bind.annotation.RequestMapping;
import org.springframework.web.bind.annotation.RestController;
import com.ruoyi.common.log.annotation.Log;
import com.ruoyi.common.log.enums.BusinessType;
import com.ruoyi.common.security.annotation.PreAuthorize;
import com.ruoyi.common.security.annotation.RequiresPermissions;
import ${packageName}.domain.${ClassName};
import ${packageName}.service.I${ClassName}Service;
import com.ruoyi.common.core.web.controller.BaseController;
......@@ -41,7 +41,7 @@ public class ${ClassName}Controller extends BaseController
/**
* 查询${functionName}列表
*/
@PreAuthorize(hasPermi = "${permissionPrefix}:list")
@RequiresPermissions("${permissionPrefix}:list")
@GetMapping("/list")
#if($table.crud || $table.sub)
public TableDataInfo list(${ClassName} ${className})
......@@ -61,7 +61,7 @@ public class ${ClassName}Controller extends BaseController
/**
* 导出${functionName}列表
*/
@PreAuthorize(hasPermi = "${permissionPrefix}:export")
@RequiresPermissions("${permissionPrefix}:export")
@Log(title = "${functionName}", businessType = BusinessType.EXPORT)
@PostMapping("/export")
public void export(HttpServletResponse response, ${ClassName} ${className}) throws IOException
......@@ -74,7 +74,7 @@ public class ${ClassName}Controller extends BaseController
/**
* 获取${functionName}详细信息
*/
@PreAuthorize(hasPermi = "${permissionPrefix}:query")
@RequiresPermissions("${permissionPrefix}:query")
@GetMapping(value = "/{${pkColumn.javaField}}")
public AjaxResult getInfo(@PathVariable("${pkColumn.javaField}") ${pkColumn.javaType} ${pkColumn.javaField})
{
......@@ -84,7 +84,7 @@ public class ${ClassName}Controller extends BaseController
/**
* 新增${functionName}
*/
@PreAuthorize(hasPermi = "${permissionPrefix}:add")
@RequiresPermissions("${permissionPrefix}:add")
@Log(title = "${functionName}", businessType = BusinessType.INSERT)
@PostMapping
public AjaxResult add(@RequestBody ${ClassName} ${className})
......@@ -95,7 +95,7 @@ public class ${ClassName}Controller extends BaseController
/**
* 修改${functionName}
*/
@PreAuthorize(hasPermi = "${permissionPrefix}:edit")
@RequiresPermissions("${permissionPrefix}:edit")
@Log(title = "${functionName}", businessType = BusinessType.UPDATE)
@PutMapping
public AjaxResult edit(@RequestBody ${ClassName} ${className})
......@@ -106,7 +106,7 @@ public class ${ClassName}Controller extends BaseController
/**
* 删除${functionName}
*/
@PreAuthorize(hasPermi = "${permissionPrefix}:remove")
@RequiresPermissions("${permissionPrefix}:remove")
@Log(title = "${functionName}", businessType = BusinessType.DELETE)
@DeleteMapping("/{${pkColumn.javaField}s}")
public AjaxResult remove(@PathVariable ${pkColumn.javaType}[] ${pkColumn.javaField}s)
......
ruoyi-modules/ruoyi-job/src/main/java/com/ruoyi/job/controller/SysJobController.java
浏览文件 @ d8da1b79
......@@ -23,7 +23,7 @@ import com.ruoyi.common.core.web.domain.AjaxResult;
import com.ruoyi.common.core.web.page.TableDataInfo;
import com.ruoyi.common.log.annotation.Log;
import com.ruoyi.common.log.enums.BusinessType;
import com.ruoyi.common.security.annotation.PreAuthorize;
import com.ruoyi.common.security.annotation.RequiresPermissions;
import com.ruoyi.job.domain.SysJob;
import com.ruoyi.job.service.ISysJobService;
import com.ruoyi.job.util.CronUtils;
......@@ -43,7 +43,7 @@ public class SysJobController extends BaseController
/**
* 查询定时任务列表
*/
@PreAuthorize(hasPermi = "monitor:job:list")
@RequiresPermissions("monitor:job:list")
@GetMapping("/list")
public TableDataInfo list(SysJob sysJob)
{
......@@ -55,7 +55,7 @@ public class SysJobController extends BaseController
/**
* 导出定时任务列表
*/
@PreAuthorize(hasPermi = "monitor:job:export")
@RequiresPermissions("monitor:job:export")
@Log(title = "定时任务", businessType = BusinessType.EXPORT)
@PostMapping("/export")
public void export(HttpServletResponse response, SysJob sysJob) throws IOException
......@@ -68,7 +68,7 @@ public class SysJobController extends BaseController
/**
* 获取定时任务详细信息
*/
@PreAuthorize(hasPermi = "monitor:job:query")
@RequiresPermissions("monitor:job:query")
@GetMapping(value = "/{jobId}")
public AjaxResult getInfo(@PathVariable("jobId") Long jobId)
{
......@@ -78,7 +78,7 @@ public class SysJobController extends BaseController
/**
* 新增定时任务
*/
@PreAuthorize(hasPermi = "monitor:job:add")
@RequiresPermissions("monitor:job:add")
@Log(title = "定时任务", businessType = BusinessType.INSERT)
@PostMapping
public AjaxResult add(@RequestBody SysJob job) throws SchedulerException, TaskException
......@@ -106,7 +106,7 @@ public class SysJobController extends BaseController
/**
* 修改定时任务
*/
@PreAuthorize(hasPermi = "monitor:job:edit")
@RequiresPermissions("monitor:job:edit")
@Log(title = "定时任务", businessType = BusinessType.UPDATE)
@PutMapping
public AjaxResult edit(@RequestBody SysJob job) throws SchedulerException, TaskException
......@@ -134,7 +134,7 @@ public class SysJobController extends BaseController
/**
* 定时任务状态修改
*/
@PreAuthorize(hasPermi = "monitor:job:changeStatus")
@RequiresPermissions("monitor:job:changeStatus")
@Log(title = "定时任务", businessType = BusinessType.UPDATE)
@PutMapping("/changeStatus")
public AjaxResult changeStatus(@RequestBody SysJob job) throws SchedulerException
......@@ -147,7 +147,7 @@ public class SysJobController extends BaseController
/**
* 定时任务立即执行一次
*/
@PreAuthorize(hasPermi = "monitor:job:changeStatus")
@RequiresPermissions("monitor:job:changeStatus")
@Log(title = "定时任务", businessType = BusinessType.UPDATE)
@PutMapping("/run")
public AjaxResult run(@RequestBody SysJob job) throws SchedulerException
......@@ -159,7 +159,7 @@ public class SysJobController extends BaseController
/**
* 删除定时任务
*/
@PreAuthorize(hasPermi = "monitor:job:remove")
@RequiresPermissions("monitor:job:remove")
@Log(title = "定时任务", businessType = BusinessType.DELETE)
@DeleteMapping("/{jobIds}")
public AjaxResult remove(@PathVariable Long[] jobIds) throws SchedulerException, TaskException
......
ruoyi-modules/ruoyi-job/src/main/java/com/ruoyi/job/controller/SysJobLogController.java
浏览文件 @ d8da1b79
......@@ -16,7 +16,7 @@ import com.ruoyi.common.core.web.domain.AjaxResult;
import com.ruoyi.common.core.web.page.TableDataInfo;
import com.ruoyi.common.log.annotation.Log;
import com.ruoyi.common.log.enums.BusinessType;
import com.ruoyi.common.security.annotation.PreAuthorize;
import com.ruoyi.common.security.annotation.RequiresPermissions;
import com.ruoyi.job.domain.SysJobLog;
import com.ruoyi.job.service.ISysJobLogService;
......@@ -35,7 +35,7 @@ public class SysJobLogController extends BaseController
/**
* 查询定时任务调度日志列表
*/
@PreAuthorize(hasPermi = "monitor:job:list")
@RequiresPermissions("monitor:job:list")
@GetMapping("/list")
public TableDataInfo list(SysJobLog sysJobLog)
{
......@@ -47,7 +47,7 @@ public class SysJobLogController extends BaseController
/**
* 导出定时任务调度日志列表
*/
@PreAuthorize(hasPermi = "monitor:job:export")
@RequiresPermissions("monitor:job:export")
@Log(title = "任务调度日志", businessType = BusinessType.EXPORT)
@PostMapping("/export")
public void export(HttpServletResponse response, SysJobLog sysJobLog) throws IOException
......@@ -60,7 +60,7 @@ public class SysJobLogController extends BaseController
/**
* 根据调度编号获取详细信息
*/
@PreAuthorize(hasPermi = "monitor:job:query")
@RequiresPermissions("monitor:job:query")
@GetMapping(value = "/{configId}")
public AjaxResult getInfo(@PathVariable Long jobLogId)
{
......@@ -70,7 +70,7 @@ public class SysJobLogController extends BaseController
/**
* 删除定时任务调度日志
*/
@PreAuthorize(hasPermi = "monitor:job:remove")
@RequiresPermissions("monitor:job:remove")
@Log(title = "定时任务调度日志", businessType = BusinessType.DELETE)
@DeleteMapping("/{jobLogIds}")
public AjaxResult remove(@PathVariable Long[] jobLogIds)
......@@ -81,7 +81,7 @@ public class SysJobLogController extends BaseController
/**
* 清空定时任务调度日志
*/
@PreAuthorize(hasPermi = "monitor:job:remove")
@RequiresPermissions("monitor:job:remove")
@Log(title = "调度日志", businessType = BusinessType.CLEAN)
@DeleteMapping("/clean")
public AjaxResult clean()
......
ruoyi-modules/ruoyi-system/src/main/java/com/ruoyi/system/controller/SysConfigController.java
浏览文件 @ d8da1b79
......@@ -21,7 +21,7 @@ import com.ruoyi.common.core.web.domain.AjaxResult;
import com.ruoyi.common.core.web.page.TableDataInfo;
import com.ruoyi.common.log.annotation.Log;
import com.ruoyi.common.log.enums.BusinessType;
import com.ruoyi.common.security.annotation.PreAuthorize;
import com.ruoyi.common.security.annotation.RequiresPermissions;
import com.ruoyi.system.domain.SysConfig;
import com.ruoyi.system.service.ISysConfigService;
......@@ -40,7 +40,7 @@ public class SysConfigController extends BaseController
/**
* 获取参数配置列表
*/
@PreAuthorize(hasPermi = "system:config:list")
@RequiresPermissions("system:config:list")
@GetMapping("/list")
public TableDataInfo list(SysConfig config)
{
......@@ -50,7 +50,7 @@ public class SysConfigController extends BaseController
}
@Log(title = "参数管理", businessType = BusinessType.EXPORT)
@PreAuthorize(hasPermi = "system:config:export")
@RequiresPermissions("system:config:export")
@PostMapping("/export")
public void export(HttpServletResponse response, SysConfig config) throws IOException
{
......@@ -80,7 +80,7 @@ public class SysConfigController extends BaseController
/**
* 新增参数配置
*/
@PreAuthorize(hasPermi = "system:config:add")
@RequiresPermissions("system:config:add")
@Log(title = "参数管理", businessType = BusinessType.INSERT)
@PostMapping
public AjaxResult add(@Validated @RequestBody SysConfig config)
......@@ -96,7 +96,7 @@ public class SysConfigController extends BaseController
/**
* 修改参数配置
*/
@PreAuthorize(hasPermi = "system:config:edit")
@RequiresPermissions("system:config:edit")
@Log(title = "参数管理", businessType = BusinessType.UPDATE)
@PutMapping
public AjaxResult edit(@Validated @RequestBody SysConfig config)
......@@ -112,7 +112,7 @@ public class SysConfigController extends BaseController
/**
* 删除参数配置
*/
@PreAuthorize(hasPermi = "system:config:remove")
@RequiresPermissions("system:config:remove")
@Log(title = "参数管理", businessType = BusinessType.DELETE)
@DeleteMapping("/{configIds}")
public AjaxResult remove(@PathVariable Long[] configIds)
......@@ -124,7 +124,7 @@ public class SysConfigController extends BaseController
/**
* 刷新参数缓存
*/
@PreAuthorize(hasPermi = "system:config:remove")
@RequiresPermissions("system:config:remove")
@Log(title = "参数管理", businessType = BusinessType.CLEAN)
@DeleteMapping("/refreshCache")
public AjaxResult refreshCache()
......
ruoyi-modules/ruoyi-system/src/main/java/com/ruoyi/system/controller/SysDeptController.java
浏览文件 @ d8da1b79
......@@ -20,7 +20,7 @@ import com.ruoyi.common.core.web.controller.BaseController;
import com.ruoyi.common.core.web.domain.AjaxResult;
import com.ruoyi.common.log.annotation.Log;
import com.ruoyi.common.log.enums.BusinessType;
import com.ruoyi.common.security.annotation.PreAuthorize;
import com.ruoyi.common.security.annotation.RequiresPermissions;
import com.ruoyi.system.api.domain.SysDept;
import com.ruoyi.system.service.ISysDeptService;
......@@ -39,7 +39,7 @@ public class SysDeptController extends BaseController
/**
* 获取部门列表
*/
@PreAuthorize(hasPermi = "system:dept:list")
@RequiresPermissions("system:dept:list")
@GetMapping("/list")
public AjaxResult list(SysDept dept)
{
......@@ -50,7 +50,7 @@ public class SysDeptController extends BaseController
/**
* 查询部门列表(排除节点)
*/
@PreAuthorize(hasPermi = "system:dept:list")
@RequiresPermissions("system:dept:list")
@GetMapping("/list/exclude/{deptId}")
public AjaxResult excludeChild(@PathVariable(value = "deptId", required = false) Long deptId)
{
......@@ -71,7 +71,7 @@ public class SysDeptController extends BaseController
/**
* 根据部门编号获取详细信息
*/
@PreAuthorize(hasPermi = "system:dept:query")
@RequiresPermissions("system:dept:query")
@GetMapping(value = "/{deptId}")
public AjaxResult getInfo(@PathVariable Long deptId)
{
......@@ -105,7 +105,7 @@ public class SysDeptController extends BaseController
/**
* 新增部门
*/
@PreAuthorize(hasPermi = "system:dept:add")
@RequiresPermissions("system:dept:add")
@Log(title = "部门管理", businessType = BusinessType.INSERT)
@PostMapping
public AjaxResult add(@Validated @RequestBody SysDept dept)
......@@ -121,7 +121,7 @@ public class SysDeptController extends BaseController
/**
* 修改部门
*/
@PreAuthorize(hasPermi = "system:dept:edit")
@RequiresPermissions("system:dept:edit")
@Log(title = "部门管理", businessType = BusinessType.UPDATE)
@PutMapping
public AjaxResult edit(@Validated @RequestBody SysDept dept)
......@@ -146,7 +146,7 @@ public class SysDeptController extends BaseController
/**
* 删除部门
*/
@PreAuthorize(hasPermi = "system:dept:remove")
@RequiresPermissions("system:dept:remove")
@Log(title = "部门管理", businessType = BusinessType.DELETE)
@DeleteMapping("/{deptId}")
public AjaxResult remove(@PathVariable Long deptId)
......
ruoyi-modules/ruoyi-system/src/main/java/com/ruoyi/system/controller/SysDictDataController.java
浏览文件 @ d8da1b79
......@@ -22,7 +22,7 @@ import com.ruoyi.common.core.web.domain.AjaxResult;
import com.ruoyi.common.core.web.page.TableDataInfo;
import com.ruoyi.common.log.annotation.Log;
import com.ruoyi.common.log.enums.BusinessType;
import com.ruoyi.common.security.annotation.PreAuthorize;
import com.ruoyi.common.security.annotation.RequiresPermissions;
import com.ruoyi.system.api.domain.SysDictData;
import com.ruoyi.system.service.ISysDictDataService;
import com.ruoyi.system.service.ISysDictTypeService;
......@@ -42,7 +42,7 @@ public class SysDictDataController extends BaseController
@Autowired
private ISysDictTypeService dictTypeService;
@PreAuthorize(hasPermi = "system:dict:list")
@RequiresPermissions("system:dict:list")
@GetMapping("/list")
public TableDataInfo list(SysDictData dictData)
{
......@@ -52,7 +52,7 @@ public class SysDictDataController extends BaseController
}
@Log(title = "字典数据", businessType = BusinessType.EXPORT)
@PreAuthorize(hasPermi = "system:dict:export")
@RequiresPermissions("system:dict:export")
@PostMapping("/export")
public void export(HttpServletResponse response, SysDictData dictData) throws IOException
{
......@@ -64,7 +64,7 @@ public class SysDictDataController extends BaseController
/**
* 查询字典数据详细
*/
@PreAuthorize(hasPermi = "system:dict:query")
@RequiresPermissions("system:dict:query")
@GetMapping(value = "/{dictCode}")
public AjaxResult getInfo(@PathVariable Long dictCode)
{
......@@ -88,7 +88,7 @@ public class SysDictDataController extends BaseController
/**
* 新增字典类型
*/
@PreAuthorize(hasPermi = "system:dict:add")
@RequiresPermissions("system:dict:add")
@Log(title = "字典数据", businessType = BusinessType.INSERT)
@PostMapping
public AjaxResult add(@Validated @RequestBody SysDictData dict)
......@@ -100,7 +100,7 @@ public class SysDictDataController extends BaseController
/**
* 修改保存字典类型
*/
@PreAuthorize(hasPermi = "system:dict:edit")
@RequiresPermissions("system:dict:edit")
@Log(title = "字典数据", businessType = BusinessType.UPDATE)
@PutMapping
public AjaxResult edit(@Validated @RequestBody SysDictData dict)
......@@ -112,7 +112,7 @@ public class SysDictDataController extends BaseController
/**
* 删除字典类型
*/
@PreAuthorize(hasPermi = "system:dict:remove")
@RequiresPermissions("system:dict:remove")
@Log(title = "字典类型", businessType = BusinessType.DELETE)
@DeleteMapping("/{dictCodes}")
public AjaxResult remove(@PathVariable Long[] dictCodes)
......
ruoyi-modules/ruoyi-system/src/main/java/com/ruoyi/system/controller/SysDictTypeController.java
浏览文件 @ d8da1b79
......@@ -21,7 +21,7 @@ import com.ruoyi.common.core.web.domain.AjaxResult;
import com.ruoyi.common.core.web.page.TableDataInfo;
import com.ruoyi.common.log.annotation.Log;
import com.ruoyi.common.log.enums.BusinessType;
import com.ruoyi.common.security.annotation.PreAuthorize;
import com.ruoyi.common.security.annotation.RequiresPermissions;
import com.ruoyi.system.api.domain.SysDictType;
import com.ruoyi.system.service.ISysDictTypeService;
......@@ -37,7 +37,7 @@ public class SysDictTypeController extends BaseController
@Autowired
private ISysDictTypeService dictTypeService;
@PreAuthorize(hasPermi = "system:dict:list")
@RequiresPermissions("system:dict:list")
@GetMapping("/list")
public TableDataInfo list(SysDictType dictType)
{
......@@ -47,7 +47,7 @@ public class SysDictTypeController extends BaseController
}
@Log(title = "字典类型", businessType = BusinessType.EXPORT)
@PreAuthorize(hasPermi = "system:dict:export")
@RequiresPermissions("system:dict:export")
@PostMapping("/export")
public void export(HttpServletResponse response, SysDictType dictType) throws IOException
{
......@@ -59,7 +59,7 @@ public class SysDictTypeController extends BaseController
/**
* 查询字典类型详细
*/
@PreAuthorize(hasPermi = "system:dict:query")
@RequiresPermissions("system:dict:query")
@GetMapping(value = "/{dictId}")
public AjaxResult getInfo(@PathVariable Long dictId)
{
......@@ -69,7 +69,7 @@ public class SysDictTypeController extends BaseController
/**
* 新增字典类型
*/
@PreAuthorize(hasPermi = "system:dict:add")
@RequiresPermissions("system:dict:add")
@Log(title = "字典类型", businessType = BusinessType.INSERT)
@PostMapping
public AjaxResult add(@Validated @RequestBody SysDictType dict)
......@@ -85,7 +85,7 @@ public class SysDictTypeController extends BaseController
/**
* 修改字典类型
*/
@PreAuthorize(hasPermi = "system:dict:edit")
@RequiresPermissions("system:dict:edit")
@Log(title = "字典类型", businessType = BusinessType.UPDATE)
@PutMapping
public AjaxResult edit(@Validated @RequestBody SysDictType dict)
......@@ -101,7 +101,7 @@ public class SysDictTypeController extends BaseController
/**
* 删除字典类型
*/
@PreAuthorize(hasPermi = "system:dict:remove")
@RequiresPermissions("system:dict:remove")
@Log(title = "字典类型", businessType = BusinessType.DELETE)
@DeleteMapping("/{dictIds}")
public AjaxResult remove(@PathVariable Long[] dictIds)
......@@ -113,7 +113,7 @@ public class SysDictTypeController extends BaseController
/**
* 刷新字典缓存
*/
@PreAuthorize(hasPermi = "system:dict:remove")
@RequiresPermissions("system:dict:remove")
@Log(title = "字典类型", businessType = BusinessType.CLEAN)
@DeleteMapping("/refreshCache")
public AjaxResult refreshCache()
......
ruoyi-modules/ruoyi-system/src/main/java/com/ruoyi/system/controller/SysLogininforController.java
浏览文件 @ d8da1b79
......@@ -18,7 +18,7 @@ import com.ruoyi.common.core.web.page.TableDataInfo;
import com.ruoyi.common.log.annotation.Log;
import com.ruoyi.common.log.enums.BusinessType;
import com.ruoyi.common.security.annotation.InnerAuth;
import com.ruoyi.common.security.annotation.PreAuthorize;
import com.ruoyi.common.security.annotation.RequiresPermissions;
import com.ruoyi.system.api.domain.SysLogininfor;
import com.ruoyi.system.service.ISysLogininforService;
......@@ -34,7 +34,7 @@ public class SysLogininforController extends BaseController
@Autowired
private ISysLogininforService logininforService;
@PreAuthorize(hasPermi = "system:logininfor:list")
@RequiresPermissions("system:logininfor:list")
@GetMapping("/list")
public TableDataInfo list(SysLogininfor logininfor)
{
......@@ -44,7 +44,7 @@ public class SysLogininforController extends BaseController
}
@Log(title = "登录日志", businessType = BusinessType.EXPORT)
@PreAuthorize(hasPermi = "system:logininfor:export")
@RequiresPermissions("system:logininfor:export")
@PostMapping("/export")
public void export(HttpServletResponse response, SysLogininfor logininfor) throws IOException
{
......@@ -53,7 +53,7 @@ public class SysLogininforController extends BaseController
util.exportExcel(response, list, "登录日志");
}
@PreAuthorize(hasPermi = "system:logininfor:remove")
@RequiresPermissions("system:logininfor:remove")
@Log(title = "登录日志", businessType = BusinessType.DELETE)
@DeleteMapping("/{infoIds}")
public AjaxResult remove(@PathVariable Long[] infoIds)
......@@ -61,7 +61,7 @@ public class SysLogininforController extends BaseController
return toAjax(logininforService.deleteLogininforByIds(infoIds));
}
@PreAuthorize(hasPermi = "system:logininfor:remove")
@RequiresPermissions("system:logininfor:remove")
@Log(title = "登录日志", businessType = BusinessType.DELETE)
@DeleteMapping("/clean")
public AjaxResult clean()
......
ruoyi-modules/ruoyi-system/src/main/java/com/ruoyi/system/controller/SysMenuController.java
浏览文件 @ d8da1b79
......@@ -18,7 +18,7 @@ import com.ruoyi.common.core.web.controller.BaseController;
import com.ruoyi.common.core.web.domain.AjaxResult;
import com.ruoyi.common.log.annotation.Log;
import com.ruoyi.common.log.enums.BusinessType;
import com.ruoyi.common.security.annotation.PreAuthorize;
import com.ruoyi.common.security.annotation.RequiresPermissions;
import com.ruoyi.system.domain.SysMenu;
import com.ruoyi.system.service.ISysMenuService;
......@@ -37,7 +37,7 @@ public class SysMenuController extends BaseController
/**
* 获取菜单列表
*/
@PreAuthorize(hasPermi = "system:menu:list")
@RequiresPermissions("system:menu:list")
@GetMapping("/list")
public AjaxResult list(SysMenu menu)
{
......@@ -49,7 +49,7 @@ public class SysMenuController extends BaseController
/**
* 根据菜单编号获取详细信息
*/
@PreAuthorize(hasPermi = "system:menu:query")
@RequiresPermissions("system:menu:query")
@GetMapping(value = "/{menuId}")
public AjaxResult getInfo(@PathVariable Long menuId)
{
......@@ -84,7 +84,7 @@ public class SysMenuController extends BaseController
/**
* 新增菜单
*/
@PreAuthorize(hasPermi = "system:menu:add")
@RequiresPermissions("system:menu:add")
@Log(title = "菜单管理", businessType = BusinessType.INSERT)
@PostMapping
public AjaxResult add(@Validated @RequestBody SysMenu menu)
......@@ -104,7 +104,7 @@ public class SysMenuController extends BaseController
/**
* 修改菜单
*/
@PreAuthorize(hasPermi = "system:menu:edit")
@RequiresPermissions("system:menu:edit")
@Log(title = "菜单管理", businessType = BusinessType.UPDATE)
@PutMapping
public AjaxResult edit(@Validated @RequestBody SysMenu menu)
......@@ -128,7 +128,7 @@ public class SysMenuController extends BaseController
/**
* 删除菜单
*/
@PreAuthorize(hasPermi = "system:menu:remove")
@RequiresPermissions("system:menu:remove")
@Log(title = "菜单管理", businessType = BusinessType.DELETE)
@DeleteMapping("/{menuId}")
public AjaxResult remove(@PathVariable("menuId") Long menuId)
......
ruoyi-modules/ruoyi-system/src/main/java/com/ruoyi/system/controller/SysNoticeController.java
浏览文件 @ d8da1b79
......@@ -17,7 +17,7 @@ import com.ruoyi.common.core.web.domain.AjaxResult;
import com.ruoyi.common.core.web.page.TableDataInfo;
import com.ruoyi.common.log.annotation.Log;
import com.ruoyi.common.log.enums.BusinessType;
import com.ruoyi.common.security.annotation.PreAuthorize;
import com.ruoyi.common.security.annotation.RequiresPermissions;
import com.ruoyi.system.domain.SysNotice;
import com.ruoyi.system.service.ISysNoticeService;
......@@ -36,7 +36,7 @@ public class SysNoticeController extends BaseController
/**
* 获取通知公告列表
*/
@PreAuthorize(hasPermi = "system:notice:list")
@RequiresPermissions("system:notice:list")
@GetMapping("/list")
public TableDataInfo list(SysNotice notice)
{
......@@ -48,7 +48,7 @@ public class SysNoticeController extends BaseController
/**
* 根据通知公告编号获取详细信息
*/
@PreAuthorize(hasPermi = "system:notice:query")
@RequiresPermissions("system:notice:query")
@GetMapping(value = "/{noticeId}")
public AjaxResult getInfo(@PathVariable Long noticeId)
{
......@@ -58,7 +58,7 @@ public class SysNoticeController extends BaseController
/**
* 新增通知公告
*/
@PreAuthorize(hasPermi = "system:notice:add")
@RequiresPermissions("system:notice:add")
@Log(title = "通知公告", businessType = BusinessType.INSERT)
@PostMapping
public AjaxResult add(@Validated @RequestBody SysNotice notice)
......@@ -70,7 +70,7 @@ public class SysNoticeController extends BaseController
/**
* 修改通知公告
*/
@PreAuthorize(hasPermi = "system:notice:edit")
@RequiresPermissions("system:notice:edit")
@Log(title = "通知公告", businessType = BusinessType.UPDATE)
@PutMapping
public AjaxResult edit(@Validated @RequestBody SysNotice notice)
......@@ -82,7 +82,7 @@ public class SysNoticeController extends BaseController
/**
* 删除通知公告
*/
@PreAuthorize(hasPermi = "system:notice:remove")
@RequiresPermissions("system:notice:remove")
@Log(title = "通知公告", businessType = BusinessType.DELETE)
@DeleteMapping("/{noticeIds}")
public AjaxResult remove(@PathVariable Long[] noticeIds)
......
ruoyi-modules/ruoyi-system/src/main/java/com/ruoyi/system/controller/SysOperlogController.java
浏览文件 @ d8da1b79
......@@ -18,7 +18,7 @@ import com.ruoyi.common.core.web.page.TableDataInfo;
import com.ruoyi.common.log.annotation.Log;
import com.ruoyi.common.log.enums.BusinessType;
import com.ruoyi.common.security.annotation.InnerAuth;
import com.ruoyi.common.security.annotation.PreAuthorize;
import com.ruoyi.common.security.annotation.RequiresPermissions;
import com.ruoyi.system.api.domain.SysOperLog;
import com.ruoyi.system.service.ISysOperLogService;
......@@ -34,7 +34,7 @@ public class SysOperlogController extends BaseController
@Autowired
private ISysOperLogService operLogService;
@PreAuthorize(hasPermi = "system:operlog:list")
@RequiresPermissions("system:operlog:list")
@GetMapping("/list")
public TableDataInfo list(SysOperLog operLog)
{
......@@ -44,7 +44,7 @@ public class SysOperlogController extends BaseController
}
@Log(title = "操作日志", businessType = BusinessType.EXPORT)
@PreAuthorize(hasPermi = "system:operlog:export")
@RequiresPermissions("system:operlog:export")
@PostMapping("/export")
public void export(HttpServletResponse response, SysOperLog operLog) throws IOException
{
......@@ -54,14 +54,14 @@ public class SysOperlogController extends BaseController
}
@Log(title = "操作日志", businessType = BusinessType.DELETE)
@PreAuthorize(hasPermi = "system:operlog:remove")
@RequiresPermissions("system:operlog:remove")
@DeleteMapping("/{operIds}")
public AjaxResult remove(@PathVariable Long[] operIds)
{
return toAjax(operLogService.deleteOperLogByIds(operIds));
}
@PreAuthorize(hasPermi = "system:operlog:remove")
@RequiresPermissions("system:operlog:remove")
@Log(title = "操作日志", businessType = BusinessType.CLEAN)
@DeleteMapping("/clean")
public AjaxResult clean()
......
ruoyi-modules/ruoyi-system/src/main/java/com/ruoyi/system/controller/SysPostController.java
浏览文件 @ d8da1b79
......@@ -21,7 +21,7 @@ import com.ruoyi.common.core.web.domain.AjaxResult;
import com.ruoyi.common.core.web.page.TableDataInfo;
import com.ruoyi.common.log.annotation.Log;
import com.ruoyi.common.log.enums.BusinessType;
import com.ruoyi.common.security.annotation.PreAuthorize;
import com.ruoyi.common.security.annotation.RequiresPermissions;
import com.ruoyi.system.domain.SysPost;
import com.ruoyi.system.service.ISysPostService;
......@@ -40,7 +40,7 @@ public class SysPostController extends BaseController
/**
* 获取岗位列表
*/
@PreAuthorize(hasPermi = "system:post:list")
@RequiresPermissions("system:post:list")
@GetMapping("/list")
public TableDataInfo list(SysPost post)
{
......@@ -50,7 +50,7 @@ public class SysPostController extends BaseController
}
@Log(title = "岗位管理", businessType = BusinessType.EXPORT)
@PreAuthorize(hasPermi = "system:post:export")
@RequiresPermissions("system:post:export")
@PostMapping("/export")
public void export(HttpServletResponse response, SysPost post) throws IOException
{
......@@ -62,7 +62,7 @@ public class SysPostController extends BaseController
/**
* 根据岗位编号获取详细信息
*/
@PreAuthorize(hasPermi = "system:post:query")
@RequiresPermissions("system:post:query")
@GetMapping(value = "/{postId}")
public AjaxResult getInfo(@PathVariable Long postId)
{
......@@ -72,7 +72,7 @@ public class SysPostController extends BaseController
/**
* 新增岗位
*/
@PreAuthorize(hasPermi = "system:post:add")
@RequiresPermissions("system:post:add")
@Log(title = "岗位管理", businessType = BusinessType.INSERT)
@PostMapping
public AjaxResult add(@Validated @RequestBody SysPost post)
......@@ -92,7 +92,7 @@ public class SysPostController extends BaseController
/**
* 修改岗位
*/
@PreAuthorize(hasPermi = "system:post:edit")
@RequiresPermissions("system:post:edit")
@Log(title = "岗位管理", businessType = BusinessType.UPDATE)
@PutMapping
public AjaxResult edit(@Validated @RequestBody SysPost post)
......@@ -112,7 +112,7 @@ public class SysPostController extends BaseController
/**
* 删除岗位
*/
@PreAuthorize(hasPermi = "system:post:remove")
@RequiresPermissions("system:post:remove")
@Log(title = "岗位管理", businessType = BusinessType.DELETE)
@DeleteMapping("/{postIds}")
public AjaxResult remove(@PathVariable Long[] postIds)
......
ruoyi-modules/ruoyi-system/src/main/java/com/ruoyi/system/controller/SysRoleController.java
浏览文件 @ d8da1b79
......@@ -21,7 +21,7 @@ import com.ruoyi.common.core.web.domain.AjaxResult;
import com.ruoyi.common.core.web.page.TableDataInfo;
import com.ruoyi.common.log.annotation.Log;
import com.ruoyi.common.log.enums.BusinessType;
import com.ruoyi.common.security.annotation.PreAuthorize;
import com.ruoyi.common.security.annotation.RequiresPermissions;
import com.ruoyi.system.api.domain.SysRole;
import com.ruoyi.system.api.domain.SysUser;
import com.ruoyi.system.domain.SysUserRole;
......@@ -43,7 +43,7 @@ public class SysRoleController extends BaseController
@Autowired
private ISysUserService userService;
@PreAuthorize(hasPermi = "system:role:list")
@RequiresPermissions("system:role:list")
@GetMapping("/list")
public TableDataInfo list(SysRole role)
{
......@@ -53,7 +53,7 @@ public class SysRoleController extends BaseController
}
@Log(title = "角色管理", businessType = BusinessType.EXPORT)
@PreAuthorize(hasPermi = "system:role:export")
@RequiresPermissions("system:role:export")
@PostMapping("/export")
public void export(HttpServletResponse response, SysRole role) throws IOException
{
......@@ -65,7 +65,7 @@ public class SysRoleController extends BaseController
/**
* 根据角色编号获取详细信息
*/
@PreAuthorize(hasPermi = "system:role:query")
@RequiresPermissions("system:role:query")
@GetMapping(value = "/{roleId}")
public AjaxResult getInfo(@PathVariable Long roleId)
{
......@@ -76,7 +76,7 @@ public class SysRoleController extends BaseController
/**
* 新增角色
*/
@PreAuthorize(hasPermi = "system:role:add")
@RequiresPermissions("system:role:add")
@Log(title = "角色管理", businessType = BusinessType.INSERT)
@PostMapping
public AjaxResult add(@Validated @RequestBody SysRole role)
......@@ -97,7 +97,7 @@ public class SysRoleController extends BaseController
/**
* 修改保存角色
*/
@PreAuthorize(hasPermi = "system:role:edit")
@RequiresPermissions("system:role:edit")
@Log(title = "角色管理", businessType = BusinessType.UPDATE)
@PutMapping
public AjaxResult edit(@Validated @RequestBody SysRole role)
......@@ -118,7 +118,7 @@ public class SysRoleController extends BaseController
/**
* 修改保存数据权限
*/
@PreAuthorize(hasPermi = "system:role:edit")
@RequiresPermissions("system:role:edit")
@Log(title = "角色管理", businessType = BusinessType.UPDATE)
@PutMapping("/dataScope")
public AjaxResult dataScope(@RequestBody SysRole role)
......@@ -130,7 +130,7 @@ public class SysRoleController extends BaseController
/**
* 状态修改
*/
@PreAuthorize(hasPermi = "system:role:edit")
@RequiresPermissions("system:role:edit")
@Log(title = "角色管理", businessType = BusinessType.UPDATE)
@PutMapping("/changeStatus")
public AjaxResult changeStatus(@RequestBody SysRole role)
......@@ -143,7 +143,7 @@ public class SysRoleController extends BaseController
/**
* 删除角色
*/
@PreAuthorize(hasPermi = "system:role:remove")
@RequiresPermissions("system:role:remove")
@Log(title = "角色管理", businessType = BusinessType.DELETE)
@DeleteMapping("/{roleIds}")
public AjaxResult remove(@PathVariable Long[] roleIds)
......@@ -154,7 +154,7 @@ public class SysRoleController extends BaseController
/**
* 获取角色选择框列表
*/
@PreAuthorize(hasPermi = "system:role:query")
@RequiresPermissions("system:role:query")
@GetMapping("/optionselect")
public AjaxResult optionselect()
{
......@@ -163,7 +163,7 @@ public class SysRoleController extends BaseController
/**
* 查询已分配用户角色列表
*/
@PreAuthorize(hasPermi = "system:role:list")
@RequiresPermissions("system:role:list")
@GetMapping("/authUser/allocatedList")
public TableDataInfo allocatedList(SysUser user)
{
......@@ -175,7 +175,7 @@ public class SysRoleController extends BaseController
/**
* 查询未分配用户角色列表
*/
@PreAuthorize(hasPermi = "system:role:list")
@RequiresPermissions("system:role:list")
@GetMapping("/authUser/unallocatedList")
public TableDataInfo unallocatedList(SysUser user)
{
......@@ -187,7 +187,7 @@ public class SysRoleController extends BaseController
/**
* 取消授权用户
*/
@PreAuthorize(hasPermi = "system:role:edit")
@RequiresPermissions("system:role:edit")
@Log(title = "角色管理", businessType = BusinessType.GRANT)
@PutMapping("/authUser/cancel")
public AjaxResult cancelAuthUser(@RequestBody SysUserRole userRole)
......@@ -198,7 +198,7 @@ public class SysRoleController extends BaseController
/**
* 批量取消授权用户
*/
@PreAuthorize(hasPermi = "system:role:edit")
@RequiresPermissions("system:role:edit")
@Log(title = "角色管理", businessType = BusinessType.GRANT)
@PutMapping("/authUser/cancelAll")
public AjaxResult cancelAuthUserAll(Long roleId, Long[] userIds)
......@@ -209,7 +209,7 @@ public class SysRoleController extends BaseController
/**
* 批量选择用户授权
*/
@PreAuthorize(hasPermi = "system:role:edit")
@RequiresPermissions("system:role:edit")
@Log(title = "角色管理", businessType = BusinessType.GRANT)
@PutMapping("/authUser/selectAll")
public AjaxResult selectAuthUserAll(Long roleId, Long[] userIds)
......
ruoyi-modules/ruoyi-system/src/main/java/com/ruoyi/system/controller/SysUserController.java
浏览文件 @ d8da1b79
......@@ -28,7 +28,7 @@ import com.ruoyi.common.core.web.page.TableDataInfo;
import com.ruoyi.common.log.annotation.Log;
import com.ruoyi.common.log.enums.BusinessType;
import com.ruoyi.common.security.annotation.InnerAuth;
import com.ruoyi.common.security.annotation.PreAuthorize;
import com.ruoyi.common.security.annotation.RequiresPermissions;
import com.ruoyi.system.api.domain.SysRole;
import com.ruoyi.system.api.domain.SysUser;
import com.ruoyi.system.api.model.LoginUser;
......@@ -65,7 +65,7 @@ public class SysUserController extends BaseController
/**
* 获取用户列表
*/
@PreAuthorize(hasPermi = "system:user:list")
@RequiresPermissions("system:user:list")
@GetMapping("/list")
public TableDataInfo list(SysUser user)
{
......@@ -75,7 +75,7 @@ public class SysUserController extends BaseController
}
@Log(title = "用户管理", businessType = BusinessType.EXPORT)
@PreAuthorize(hasPermi = "system:user:export")
@RequiresPermissions("system:user:export")
@PostMapping("/export")
public void export(HttpServletResponse response, SysUser user) throws IOException
{
......@@ -85,7 +85,7 @@ public class SysUserController extends BaseController
}
@Log(title = "用户管理", businessType = BusinessType.IMPORT)
@PreAuthorize(hasPermi = "system:user:import")
@RequiresPermissions("system:user:import")
@PostMapping("/importData")
public AjaxResult importData(MultipartFile file, boolean updateSupport) throws Exception
{
......@@ -168,7 +168,7 @@ public class SysUserController extends BaseController
/**
* 根据用户编号获取详细信息
*/
@PreAuthorize(hasPermi = "system:user:query")
@RequiresPermissions("system:user:query")
@GetMapping(value = { "/", "/{userId}" })
public AjaxResult getInfo(@PathVariable(value = "userId", required = false) Long userId)
{
......@@ -189,7 +189,7 @@ public class SysUserController extends BaseController
/**
* 新增用户
*/
@PreAuthorize(hasPermi = "system:user:add")
@RequiresPermissions("system:user:add")
@Log(title = "用户管理", businessType = BusinessType.INSERT)
@PostMapping
public AjaxResult add(@Validated @RequestBody SysUser user)
......@@ -216,7 +216,7 @@ public class SysUserController extends BaseController
/**
* 修改用户
*/
@PreAuthorize(hasPermi = "system:user:edit")
@RequiresPermissions("system:user:edit")
@Log(title = "用户管理", businessType = BusinessType.UPDATE)
@PutMapping
public AjaxResult edit(@Validated @RequestBody SysUser user)
......@@ -239,7 +239,7 @@ public class SysUserController extends BaseController
/**
* 删除用户
*/
@PreAuthorize(hasPermi = "system:user:remove")
@RequiresPermissions("system:user:remove")
@Log(title = "用户管理", businessType = BusinessType.DELETE)
@DeleteMapping("/{userIds}")
public AjaxResult remove(@PathVariable Long[] userIds)
......@@ -254,7 +254,7 @@ public class SysUserController extends BaseController
/**
* 重置密码
*/
@PreAuthorize(hasPermi = "system:user:edit")
@RequiresPermissions("system:user:edit")
@Log(title = "用户管理", businessType = BusinessType.UPDATE)
@PutMapping("/resetPwd")
public AjaxResult resetPwd(@RequestBody SysUser user)
......@@ -268,7 +268,7 @@ public class SysUserController extends BaseController
/**
* 状态修改
*/
@PreAuthorize(hasPermi = "system:user:edit")
@RequiresPermissions("system:user:edit")
@Log(title = "用户管理", businessType = BusinessType.UPDATE)
@PutMapping("/changeStatus")
public AjaxResult changeStatus(@RequestBody SysUser user)
......@@ -281,7 +281,7 @@ public class SysUserController extends BaseController
/**
* 根据用户编号获取授权角色
*/
@PreAuthorize(hasPermi = "system:user:query")
@RequiresPermissions("system:user:query")
@GetMapping("/authRole/{userId}")
public AjaxResult authRole(@PathVariable("userId") Long userId)
{
......@@ -296,7 +296,7 @@ public class SysUserController extends BaseController
/**
* 用户授权角色
*/
@PreAuthorize(hasPermi = "system:user:edit")
@RequiresPermissions("system:user:edit")
@Log(title = "用户管理", businessType = BusinessType.GRANT)
@PutMapping("/authRole")
public AjaxResult insertAuthRole(Long userId, Long[] roleIds)
......
ruoyi-modules/ruoyi-system/src/main/java/com/ruoyi/system/controller/SysUserOnlineController.java
浏览文件 @ d8da1b79
......@@ -18,7 +18,7 @@ import com.ruoyi.common.core.web.page.TableDataInfo;
import com.ruoyi.common.log.annotation.Log;
import com.ruoyi.common.log.enums.BusinessType;
import com.ruoyi.common.redis.service.RedisService;
import com.ruoyi.common.security.annotation.PreAuthorize;
import com.ruoyi.common.security.annotation.RequiresPermissions;
import com.ruoyi.system.api.model.LoginUser;
import com.ruoyi.system.domain.SysUserOnline;
import com.ruoyi.system.service.ISysUserOnlineService;
......@@ -38,7 +38,7 @@ public class SysUserOnlineController extends BaseController
@Autowired
private RedisService redisService;
@PreAuthorize(hasPermi = "monitor:online:list")
@RequiresPermissions("monitor:online:list")
@GetMapping("/list")
public TableDataInfo list(String ipaddr, String userName)
{
......@@ -81,7 +81,7 @@ public class SysUserOnlineController extends BaseController
/**
* 强退用户
*/
@PreAuthorize(hasPermi = "monitor:online:forceLogout")
@RequiresPermissions("monitor:online:forceLogout")
@Log(title = "在线用户", businessType = BusinessType.FORCE)
@DeleteMapping("/{tokenId}")
public AjaxResult forceLogout(@PathVariable String tokenId)
......
Markdown is supported
0% .
You are about to add 0 people to the discussion. Proceed with caution.
先完成此消息的编辑!
想要评论请 注册