Skip to content

W
white-jotter

qq_45598856 / white-jotter
与 Fork 源项目一致

从无法访问的项目Fork

通知 2
Star 0
Fork 0
W
white-jotter

前往新版Gitcode,体验更适合开发者的 AI 搜索 >>

未验证 提交 e71e24f5 编写于 作者: E Evan 提交者: GitHub
浏览文件
操作

Merge pull request #72 from Antabot/dev 

feat: permissions assignment function
上级 e5efd45d 4b368cf5
隐藏空白更改
内联 并排
Showing with 174 addition and 59 deletion
wj-vue/src/components/admin/content/BookManagement.vue
浏览文件 @ e71e24f5
......@@ -112,7 +112,7 @@
type: 'warning'
}).then(() => {
this.$axios
.post('/delete', {id: id}).then(resp => {
.post('/admin/content/books/delete', {id: id}).then(resp => {
if (resp && resp.status === 200) {
this.loadBooks()
}
......
wj-vue/src/components/admin/content/EditForm.vue
浏览文件 @ e71e24f5
......@@ -88,7 +88,7 @@
},
onSubmit () {
this.$axios
.post('/books', {
.post('/admin/content/books', {
id: this.form.id,
cover: this.form.cover,
title: this.form.title,
......
wj-vue/src/components/admin/content/ImgUpload.vue
浏览文件 @ e71e24f5
......@@ -2,7 +2,7 @@
<el-upload
class="img-upload"
ref="upload"
action="http://localhost:8443/api/covers"
action="http://localhost:8443/api/admin/content/books/covers"
:on-preview="handlePreview"
:on-remove="handleRemove"
:before-remove="beforeRemove"
......
wj-vue/src/components/admin/user/UserRole.vue wj-vue/src/components/admin/user/Role.vue
浏览文件 @ e71e24f5
<template>
<div>
<el-dialog
title="修改角色信息"
:visible.sync="dialogFormVisible">
<el-form v-model="selectedRole" style="text-align: left" ref="dataForm">
<el-form-item label="角色名" label-width="120px" prop="username">
<el-input v-model="selectedRole.name" autocomplete="off"></el-input>
</el-form-item>
<el-form-item label="角色描述" label-width="120px" prop="name">
<el-input v-model="selectedRole.nameZh" autocomplete="off"></el-input>
</el-form-item>
<el-form-item label="功能配置" label-width="120px" prop="perms">
<el-checkbox-group v-model="selectedPerms">
<el-checkbox v-for="(perm,i) in perms" :key="i" :label="perm.id">{{perm.desc_}}</el-checkbox>
</el-checkbox-group>
</el-form-item>
<el-form-item label="菜单配置" label-width="120px" prop="menus">
<el-checkbox-group v-model="selectedMenus">
<el-checkbox v-for="(menu,i) in menus" :key="i" :label="perm.id">{{menu.nameZh}}</el-checkbox>
</el-checkbox-group>
</el-form-item>
</el-form>
<div slot="footer" class="dialog-footer">
<el-button @click="dialogFormVisible = false">取 消</el-button>
<el-button type="primary" @click="onSubmit(selectedRole)">确 定</el-button>
</div>
</el-dialog>
<el-row style="margin: 18px 0px 0px 18px ">
<el-breadcrumb separator-class="el-icon-arrow-right">
<el-breadcrumb-item :to="{ path: '/admin/dashboard' }">管理中心</el-breadcrumb-item>
......@@ -41,7 +67,7 @@
active-color="#13ce66"
inactive-color="#ff4949"
@click.native="beforeUpdate"
@change="(value) => commitChange(value, scope.row)">
@change="(value) => commitStatusChange(value, scope.row)">
</el-switch>
</template>
</el-table-column>
......@@ -50,13 +76,12 @@
width="120">
<template slot-scope="scope">
<el-button
@click.native.prevent="editBook(scope.row)"
type="text"
size="small">
size="small"
@click="editRole(scope.row)">
编辑
</el-button>
<el-button
@click.native.prevent="deleteBook(scope.row.id)"
type="text"
size="small">
移除
......@@ -77,11 +102,18 @@
name: 'UserRole',
data () {
return {
roles: []
dialogFormVisible: false,
roles: [],
perms: [],
menus: [],
selectedRole: [],
selectedPerms: [],
selectedMenus: []
}
},
mounted () {
this.listRoles()
this.listPerms()
},
computed: {
tableHeight () {
......@@ -97,16 +129,22 @@
}
})
},
beforeUpdate () {
listPerms () {
var _this = this
this.$axios.get('/admin/perm').then(resp => {
if (resp && resp.status === 200) {
_this.perms = resp.data
}
})
},
commitChange (value, role) {
commitStatusChange (value, role) {
if (role.id !== 1) {
this.$confirm('是否更改角色状态?', '提示', {
confirmButtonText: '确定',
cancelButtonText: '取消',
type: 'warning'
}).then(() => {
this.$axios.put('/admin/role', {
this.$axios.put('/admin/role/status', {
enabled: value,
id: role.id
}).then(resp => {
......@@ -129,6 +167,40 @@
role.enabled = true
this.$alert('无法禁用系统管理员!')
}
},
onSubmit (role) {
let _this = this
// 根据视图绑定的角色 id 向后端传送角色信息
let perms = []
for (let i = 0; i < _this.selectedPerms.length; i++) {
for (let j = 0; j < _this.perms.length; j++) {
if (_this.selectedPerms[i] === _this.perms[j].id) {
perms.push(_this.perms[j])
}
}
}
this.$axios.put('/admin/role', {
id: role.id,
name: role.name,
nameZh: role.nameZh,
enabled: role.enabled,
perms: perms
}).then(resp => {
if (resp && resp.status === 200) {
this.$alert(resp.data.data)
this.dialogFormVisible = false
this.listRoles()
}
})
},
editRole (role) {
this.dialogFormVisible = true
this.selectedRole = role
let permIds = []
for (let i = 0; i < role.perms.length; i++) {
permIds.push(role.perms[i].id)
}
this.selectedPerms = permIds
}
}
}
......
wj-vue/src/components/admin/user/UserProfile.vue
浏览文件 @ e71e24f5
......@@ -100,7 +100,6 @@
编辑
</el-button>
<el-button
@click.native.prevent="deleteBook(scope.row.id)"
type="text"
size="small">
移除
......@@ -158,7 +157,7 @@
},
commitStatusChange (value, user) {
if (user.username !== 'admin') {
this.$axios.put('/admin/user-status', {
this.$axios.put('/admin/user/status', {
enabled: value,
username: user.username
}).then(resp => {
......@@ -211,7 +210,7 @@
this.selectedRoles = roleIds
},
resetPassword (username) {
this.$axios.put('/admin/password', {
this.$axios.put('/admin/user/password', {
username: username
}).then(resp => {
if (resp && resp.status === 200) {
......
wj/src/main/java/com/gm/wj/controller/LibraryController.java
浏览文件 @ e71e24f5
......@@ -19,24 +19,23 @@ public class LibraryController {
BookService bookService;
@GetMapping("/api/books")
public List<Book> listBooks() throws Exception {
public List<Book> listBooks() {
return bookService.list();
}
@PostMapping("/api/books")
public Book addOrUpdateBooks(@RequestBody Book book) throws Exception {
System.out.println(book.getCategory());
@PostMapping("/api/admin/content/books")
public Book addOrUpdateBooks(@RequestBody Book book) {
bookService.addOrUpdate(book);
return book;
}
@PostMapping("/api/delete")
public void deleteBook(@RequestBody Book book) throws Exception {
@PostMapping("/api/admin/content/books/delete")
public void deleteBook(@RequestBody Book book) {
bookService.deleteById(book.getId());
}
@PostMapping("/api/search")
public List<Book> searchResult(@RequestBody Search s) throws Exception {
public List<Book> searchResult(@RequestBody Search s) {
if ("".equals(s.getKeywords())) {
return bookService.list();
} else {
......@@ -45,7 +44,7 @@ public class LibraryController {
}
@GetMapping("/api/categories/{cid}/books")
public List<Book> listByCategory(@PathVariable("cid") int cid) throws Exception {
public List<Book> listByCategory(@PathVariable("cid") int cid) {
if (0 != cid) {
return bookService.listByCategory(cid);
} else {
......@@ -53,8 +52,8 @@ public class LibraryController {
}
}
@PostMapping("/api/covers")
public String coversUpload(MultipartFile file) throws Exception {
@PostMapping("/api/admin/content/books/covers")
public String coversUpload(MultipartFile file) {
String folder = "D:/workspace/img";
File imageFolder = new File(folder);
File f = new File(imageFolder, getRandomString(6) + file.getOriginalFilename()
......
wj/src/main/java/com/gm/wj/controller/UserController.java
浏览文件 @ e71e24f5
package com.gm.wj.controller;
import com.gm.wj.pojo.AdminPermission;
import com.gm.wj.pojo.AdminRole;
import com.gm.wj.pojo.User;
import com.gm.wj.result.Result;
import com.gm.wj.result.ResultFactory;
import com.gm.wj.service.AdminRoleService;
import com.gm.wj.service.AdminUserRoleService;
import com.gm.wj.service.UserService;
import com.gm.wj.service.*;
import org.apache.shiro.crypto.SecureRandomNumberGenerator;
import org.apache.shiro.crypto.hash.SimpleHash;
import org.springframework.beans.factory.annotation.Autowired;
......@@ -25,13 +24,17 @@ public class UserController {
AdminRoleService adminRoleService;
@Autowired
AdminUserRoleService adminUserRoleService;
@Autowired
AdminPermissionService adminPermissionService;
@Autowired
AdminRolePermissionService adminRolePermissionService;
@GetMapping("/api/admin/user")
public List<User> listUsers() throws Exception {
return userService.list();
}
@PutMapping("/api/admin/user-status")
@PutMapping("/api/admin/user/status")
public Result updateUserStatus(@RequestBody User requestUser) {
User user = userService.findByUserName(requestUser.getUsername());
user.setEnabled(requestUser.isEnabled());
......@@ -40,21 +43,16 @@ public class UserController {
return ResultFactory.buildSuccessResult(message);
}
@PutMapping("/api/admin/password")
@PutMapping("/api/admin/user/password")
public Result resetPassword(@RequestBody User requestUser) {
User user = userService.findByUserName(requestUser.getUsername());
String salt = new SecureRandomNumberGenerator().nextBytes().toString();
int times = 2;
user.setSalt(salt);
if (requestUser.getPassword() == null) {
String encodedPassword = new SimpleHash("md5", "123", salt, times).toString();
user.setPassword(encodedPassword);
} else {
String encodedPassword = new SimpleHash("md5", requestUser.getPassword(), salt, times).toString();
user.setPassword(encodedPassword);
}
String encodedPassword = new SimpleHash("md5", "123", salt, times).toString();
user.setPassword(encodedPassword);
userService.addOrUpdate(user);
String message = "修改密码成功";
String message = "重置密码成功";
return ResultFactory.buildSuccessResult(message);
}
......@@ -71,11 +69,11 @@ public class UserController {
}
@GetMapping("/api/admin/role")
public List<AdminRole> listRoles() throws Exception {
public List<AdminRole> listRoles(){
return adminRoleService.list();
}
@PutMapping("/api/admin/role")
@PutMapping("/api/admin/role/status")
public Result updateRoleStatus(@RequestBody AdminRole requestRole) {
AdminRole adminRole = adminRoleService.findById(requestRole.getId());
adminRole.setEnabled(requestRole.isEnabled());
......@@ -83,4 +81,17 @@ public class UserController {
String message = "用户" + adminRole.getNameZh() + "状态更新成功";
return ResultFactory.buildSuccessResult(message);
}
@PutMapping("/api/admin/role")
public Result editRole(@RequestBody AdminRole requestRole) {
adminRoleService.addOrUpdate(requestRole);
adminRolePermissionService.savePermChanges(requestRole.getId(), requestRole.getPerms());
String message = "修改角色信息成功";
return ResultFactory.buildSuccessResult(message);
}
@GetMapping("/api/admin/perm")
public List<AdminPermission> listPerms() {
return adminPermissionService.list();
}
}
wj/src/main/java/com/gm/wj/dao/AdminRolePermissionDAO.java
浏览文件 @ e71e24f5
......@@ -7,4 +7,5 @@ import java.util.List;
public interface AdminRolePermissionDAO extends JpaRepository<AdminRolePermission, Integer> {
List<AdminRolePermission> findAllByRid(int rid);
void deleteAllByRid(int rid);
}
wj/src/main/java/com/gm/wj/filter/URLPathMatchingFilter.java
浏览文件 @ e71e24f5
......@@ -53,7 +53,8 @@ public class URLPathMatchingFilter extends PathMatchingFilter {
String username = subject.getPrincipal().toString();
Set<String> permissionAPIs = adminPermissionService.listPermissionURLsByUser(username);
for (String api : permissionAPIs) {
if (api.equals(requestAPI)) {
// 匹配前缀
if (requestAPI.startsWith(api)) {
hasPermission = true;
break;
}
......
wj/src/main/java/com/gm/wj/pojo/AdminRole.java
浏览文件 @ e71e24f5
......@@ -3,6 +3,7 @@ package com.gm.wj.pojo;
import com.fasterxml.jackson.annotation.JsonIgnoreProperties;
import javax.persistence.*;
import java.util.List;
@Entity
@Table(name = "admin_role")
......@@ -12,12 +13,12 @@ public class AdminRole {
@GeneratedValue(strategy = GenerationType.IDENTITY)
@Column(name = "id")
int id;
String name;
@Column(name = "name_zh")
String nameZh;
boolean enabled;
@Transient
List<AdminPermission> perms;
public int getId() {
return id;
......@@ -50,4 +51,12 @@ public class AdminRole {
public void setEnabled(boolean enabled) {
this.enabled = enabled;
}
public List<AdminPermission> getPerms() {
return perms;
}
public void setPerms(List<AdminPermission> perms) {
this.perms = perms;
}
}
wj/src/main/java/com/gm/wj/service/AdminPermissionService.java
浏览文件 @ e71e24f5
......@@ -27,26 +27,32 @@ public class AdminPermissionService {
return adminPermissionDAO.findById(id);
}
public List<AdminPermission> list() {return adminPermissionDAO.findAll();}
public boolean needFilter(String requestAPI) {
List<AdminPermission> ps = adminPermissionDAO.findAll();
for (AdminPermission p: ps) {
if (p.getUrl().equals(requestAPI)) {
// 这里我们进行前缀匹配,拥有父权限就拥有所有子权限
if (requestAPI.startsWith(p.getUrl())) {
return true;
}
}
return false;
}
public List<AdminPermission> listPermsByRole(int rid) {
List<AdminRolePermission> rps = adminRolePermissionService.findAllByRid(rid);
List<AdminPermission> perms = new ArrayList<>();
for (AdminRolePermission rp : rps) {
perms.add(adminPermissionDAO.findById(rp.getPid()));
}
return perms;
}
public Set<String> listPermissionURLsByUser(String username) {
List<AdminRole> roles = adminRoleService.listRolesByUser(username);
// List<AdminPermission> permissions = new ArrayList<>();
Set<String> URLs = new HashSet<>();
// List<AdminUserRole> urs = adminUserRoleService.listAllByUid(uid);
// for (AdminUserRole ur: urs) {
// roles.add(adminRoleService.findById(ur.getRid()));
// }
for (AdminRole role : roles) {
List<AdminRolePermission> rps = adminRolePermissionService.findAllByRid(role.getId());
for (AdminRolePermission rp : rps) {
......
wj/src/main/java/com/gm/wj/service/AdminRolePermissionService.java
浏览文件 @ e71e24f5
package com.gm.wj.service;
import com.gm.wj.dao.AdminRolePermissionDAO;
import com.gm.wj.pojo.AdminPermission;
import com.gm.wj.pojo.AdminRole;
import com.gm.wj.pojo.AdminRolePermission;
import com.gm.wj.pojo.AdminUserRole;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.data.jpa.repository.Modifying;
import org.springframework.stereotype.Service;
import org.springframework.transaction.annotation.Transactional;
import java.util.List;
......@@ -15,4 +20,16 @@ public class AdminRolePermissionService {
List<AdminRolePermission> findAllByRid(int rid) {
return adminRolePermissionDAO.findAllByRid(rid);
}
@Modifying
@Transactional
public void savePermChanges(int rid, List<AdminPermission> perms) {
adminRolePermissionDAO.deleteAllByRid(rid);
for (AdminPermission perm : perms) {
AdminRolePermission rp = new AdminRolePermission();
rp.setRid(rid);
rp.setPid(perm.getId());
adminRolePermissionDAO.save(rp);
}
}
}
wj/src/main/java/com/gm/wj/service/AdminRoleService.java
浏览文件 @ e71e24f5
......@@ -5,13 +5,10 @@ import com.gm.wj.pojo.AdminPermission;
import com.gm.wj.pojo.AdminRole;
import com.gm.wj.pojo.AdminUserRole;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.data.domain.Sort;
import org.springframework.stereotype.Service;
import java.util.ArrayList;
import java.util.HashSet;
import java.util.List;
import java.util.Set;
@Service
public class AdminRoleService {
......@@ -21,10 +18,17 @@ public class AdminRoleService {
UserService userService;
@Autowired
AdminUserRoleService adminUserRoleService;
@Autowired
AdminPermissionService adminPermissionService;
public List<AdminRole> list() {
Sort sort = new Sort(Sort.Direction.ASC, "id");
return adminRoleDAO.findAll(sort);
List<AdminRole> roles = adminRoleDAO.findAll();
List<AdminPermission> perms;
for (AdminRole role : roles) {
perms = adminPermissionService.listPermsByRole(role.getId());
role.setPerms(perms);
}
return roles;
}
public AdminRole findById(int id) {
......
wj/src/main/java/com/gm/wj/service/UserService.java
浏览文件 @ e71e24f5
......@@ -4,10 +4,8 @@ import com.gm.wj.dao.UserDAO;
import com.gm.wj.pojo.AdminRole;
import com.gm.wj.pojo.User;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.data.domain.Sort;
import org.springframework.stereotype.Service;
import java.util.ArrayList;
import java.util.List;
@Service
......@@ -18,14 +16,12 @@ public class UserService {
AdminRoleService adminRoleService;
public List<User> list() {
Sort sort = new Sort(Sort.Direction.ASC, "id");
List<User> users = userDAO.list();
List<AdminRole> roles = new ArrayList<>();
List<AdminRole> roles;
for (User user : users) {
roles = adminRoleService.listRolesByUser(user.getUsername());
user.setRoles(roles);
}
return users;
}
......
Markdown is supported
0% .
You are about to add 0 people to the discussion. Proceed with caution.
先完成此消息的编辑!
想要评论请 注册