Skip to content
体验新版
项目
组织
正在加载...
登录
切换导航
打开侧边栏
智布道
OneBlog
提交
968e543b
O
OneBlog
项目概览
智布道
/
OneBlog
10 个月 前同步成功
通知
11
Star
2
Fork
0
代码
文件
提交
分支
Tags
贡献者
分支图
Diff
Issue
0
列表
看板
标记
里程碑
合并请求
0
DevOps
流水线
流水线任务
计划
Wiki
0
Wiki
分析
仓库
DevOps
项目成员
Pages
O
OneBlog
项目概览
项目概览
详情
发布
仓库
仓库
文件
提交
分支
标签
贡献者
分支图
比较
Issue
0
Issue
0
列表
看板
标记
里程碑
合并请求
0
合并请求
0
Pages
DevOps
DevOps
流水线
流水线任务
计划
分析
分析
仓库分析
DevOps
Wiki
0
Wiki
成员
成员
收起侧边栏
关闭侧边栏
动态
分支图
创建新Issue
流水线任务
提交
Issue看板
前往新版Gitcode,体验更适合开发者的 AI 搜索 >>
提交
968e543b
编写于
5月 14, 2018
作者:
Y
yadong.zhang
浏览文件
操作
浏览文件
下载
电子邮件补丁
差异文件
修改角色信息时,动态刷新用户的权限
上级
f0446192
变更
17
隐藏空白更改
内联
并排
Showing
17 changed file
with
344 addition
and
100 deletion
+344
-100
blog-admin/src/main/java/com/zyd/blog/controller/ErrorPagesController.java
...in/java/com/zyd/blog/controller/ErrorPagesController.java
+194
-0
blog-admin/src/main/java/com/zyd/blog/controller/PassportController.java
...main/java/com/zyd/blog/controller/PassportController.java
+5
-1
blog-admin/src/main/java/com/zyd/blog/controller/RestArticleController.java
...n/java/com/zyd/blog/controller/RestArticleController.java
+2
-0
blog-admin/src/main/java/com/zyd/blog/controller/RestCommentController.java
...n/java/com/zyd/blog/controller/RestCommentController.java
+2
-0
blog-admin/src/main/java/com/zyd/blog/controller/RestResourcesController.java
...java/com/zyd/blog/controller/RestResourcesController.java
+0
-12
blog-admin/src/main/java/com/zyd/blog/controller/RestRoleController.java
...main/java/com/zyd/blog/controller/RestRoleController.java
+5
-1
blog-admin/src/main/java/com/zyd/blog/core/shiro/ShiroService.java
...n/src/main/java/com/zyd/blog/core/shiro/ShiroService.java
+44
-33
blog-admin/src/main/java/com/zyd/blog/core/shiro/credentials/RetryLimitCredentialsMatcher.java
.../core/shiro/credentials/RetryLimitCredentialsMatcher.java
+5
-7
blog-admin/src/main/java/com/zyd/blog/core/shiro/realm/ShiroRealm.java
...c/main/java/com/zyd/blog/core/shiro/realm/ShiroRealm.java
+5
-16
blog-admin/src/main/resources/static/assets/js/zhyd.core.js
blog-admin/src/main/resources/static/assets/js/zhyd.core.js
+1
-25
blog-admin/src/main/resources/templates/layout/sidebar.ftl
blog-admin/src/main/resources/templates/layout/sidebar.ftl
+18
-0
blog-core/src/main/java/com/zyd/blog/business/service/SysUserService.java
...in/java/com/zyd/blog/business/service/SysUserService.java
+10
-0
blog-core/src/main/java/com/zyd/blog/business/service/impl/SysRoleServiceImpl.java
...om/zyd/blog/business/service/impl/SysRoleServiceImpl.java
+4
-5
blog-core/src/main/java/com/zyd/blog/business/service/impl/SysUserServiceImpl.java
...om/zyd/blog/business/service/impl/SysUserServiceImpl.java
+19
-0
blog-core/src/main/java/com/zyd/blog/framework/tag/CustomTagDirective.java
...n/java/com/zyd/blog/framework/tag/CustomTagDirective.java
+16
-0
blog-core/src/main/java/com/zyd/blog/persistence/mapper/SysUserMapper.java
...n/java/com/zyd/blog/persistence/mapper/SysUserMapper.java
+2
-0
blog-core/src/main/resources/mybatis/SysUserMapper.xml
blog-core/src/main/resources/mybatis/SysUserMapper.xml
+12
-0
未找到文件。
blog-admin/src/main/java/com/zyd/blog/controller/ErrorPagesController.java
0 → 100644
浏览文件 @
968e543b
/**
* MIT License
* Copyright (c) 2018 yadong.zhang
* Permission is hereby granted, free of charge, to any person obtaining a copy
* of this software and associated documentation files (the "Software"), to deal
* in the Software without restriction, including without limitation the rights
* to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
* copies of the Software, and to permit persons to whom the Software is
* furnished to do so, subject to the following conditions:
* The above copyright notice and this permission notice shall be included in all
* copies or substantial portions of the Software.
* THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
* IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
* FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
* AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
* LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
* OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
* SOFTWARE.
*/
package
com.zyd.blog.controller
;
import
org.slf4j.Logger
;
import
org.slf4j.LoggerFactory
;
import
org.springframework.beans.factory.annotation.Autowired
;
import
org.springframework.boot.autoconfigure.web.ErrorAttributes
;
import
org.springframework.boot.autoconfigure.web.ErrorController
;
import
org.springframework.boot.autoconfigure.web.ErrorProperties
;
import
org.springframework.boot.autoconfigure.web.ServerProperties
;
import
org.springframework.boot.context.properties.EnableConfigurationProperties
;
import
org.springframework.http.HttpStatus
;
import
org.springframework.http.MediaType
;
import
org.springframework.stereotype.Controller
;
import
org.springframework.util.Assert
;
import
org.springframework.web.bind.annotation.RequestMapping
;
import
org.springframework.web.context.request.RequestAttributes
;
import
org.springframework.web.context.request.ServletRequestAttributes
;
import
org.springframework.web.servlet.ModelAndView
;
import
javax.servlet.http.HttpServletRequest
;
import
javax.servlet.http.HttpServletResponse
;
import
java.util.Map
;
/**
* 重写BasicErrorController,主要负责系统的异常页面的处理以及错误信息的显示
* <p/>
* 此处指需要记录
* @see org.springframework.boot.autoconfigure.web.BasicErrorController
* @see org.springframework.boot.autoconfigure.web.ErrorMvcAutoConfiguration
* <p/>
* 要注意,这个类里面的代码一定不能有异常或者潜在异常发生,否则可能会让程序陷入死循环。
* <p/>
*
* @author yadong.zhang (yadong.zhang0415(a)gmail.com)
* @website https://www.zhyd.me
* @version 1.0
* @date 2018/4/16 16:26
* @since 1.0
*/
@Controller
@RequestMapping
(
"/error"
)
@EnableConfigurationProperties
({
ServerProperties
.
class
})
public
class
ErrorPagesController
implements
ErrorController
{
private
static
final
Logger
LOG
=
LoggerFactory
.
getLogger
(
ErrorPagesController
.
class
);
private
ErrorAttributes
errorAttributes
;
@Autowired
private
ServerProperties
serverProperties
;
/**
* 初始化ExceptionController
*
* @param errorAttributes
*/
@Autowired
public
ErrorPagesController
(
ErrorAttributes
errorAttributes
)
{
Assert
.
notNull
(
errorAttributes
,
"ErrorAttributes must not be null"
);
this
.
errorAttributes
=
errorAttributes
;
}
@RequestMapping
(
"/404"
)
public
ModelAndView
errorHtml404
(
HttpServletRequest
request
,
HttpServletResponse
response
)
{
response
.
setStatus
(
HttpStatus
.
NOT_FOUND
.
value
());
Map
<
String
,
Object
>
model
=
getErrorAttributes
(
request
,
isIncludeStackTrace
(
request
,
MediaType
.
TEXT_HTML
));
return
new
ModelAndView
(
"error/404"
,
model
);
}
@RequestMapping
(
"/403"
)
public
ModelAndView
errorHtml403
(
HttpServletRequest
request
,
HttpServletResponse
response
)
{
response
.
setStatus
(
HttpStatus
.
FORBIDDEN
.
value
());
// 404拦截规则,如果是静态文件发生的404则不记录到DB
Map
<
String
,
Object
>
model
=
getErrorAttributes
(
request
,
isIncludeStackTrace
(
request
,
MediaType
.
TEXT_HTML
));
if
(!
String
.
valueOf
(
model
.
get
(
"path"
)).
contains
(
"."
))
{
model
.
put
(
"status"
,
HttpStatus
.
FORBIDDEN
.
value
());
}
return
new
ModelAndView
(
"error/403"
,
model
);
}
@RequestMapping
(
"/400"
)
public
ModelAndView
errorHtml400
(
HttpServletRequest
request
,
HttpServletResponse
response
)
{
response
.
setStatus
(
HttpStatus
.
BAD_REQUEST
.
value
());
Map
<
String
,
Object
>
model
=
getErrorAttributes
(
request
,
isIncludeStackTrace
(
request
,
MediaType
.
TEXT_HTML
));
return
new
ModelAndView
(
"error/400"
,
model
);
}
@RequestMapping
(
"/401"
)
public
ModelAndView
errorHtml401
(
HttpServletRequest
request
,
HttpServletResponse
response
)
{
response
.
setStatus
(
HttpStatus
.
UNAUTHORIZED
.
value
());
Map
<
String
,
Object
>
model
=
getErrorAttributes
(
request
,
isIncludeStackTrace
(
request
,
MediaType
.
TEXT_HTML
));
return
new
ModelAndView
(
"error/401"
,
model
);
}
@RequestMapping
(
"/500"
)
public
ModelAndView
errorHtml500
(
HttpServletRequest
request
,
HttpServletResponse
response
)
{
response
.
setStatus
(
HttpStatus
.
INTERNAL_SERVER_ERROR
.
value
());
Map
<
String
,
Object
>
model
=
getErrorAttributes
(
request
,
isIncludeStackTrace
(
request
,
MediaType
.
TEXT_HTML
));
return
new
ModelAndView
(
"error/500"
,
model
);
}
/**
* Determine if the stacktrace attribute should be included.
*
* @param request
* the source request
* @param produces
* the media type produced (or {@code MediaType.ALL})
* @return if the stacktrace attribute should be included
*/
protected
boolean
isIncludeStackTrace
(
HttpServletRequest
request
,
MediaType
produces
)
{
ErrorProperties
.
IncludeStacktrace
include
=
this
.
serverProperties
.
getError
().
getIncludeStacktrace
();
if
(
include
==
ErrorProperties
.
IncludeStacktrace
.
ALWAYS
)
{
return
true
;
}
return
include
==
ErrorProperties
.
IncludeStacktrace
.
ON_TRACE_PARAM
&&
getTraceParameter
(
request
);
}
/**
* 获取错误的信息
*
* @param request
* @param includeStackTrace
* @return
*/
private
Map
<
String
,
Object
>
getErrorAttributes
(
HttpServletRequest
request
,
boolean
includeStackTrace
)
{
RequestAttributes
requestAttributes
=
new
ServletRequestAttributes
(
request
);
return
this
.
errorAttributes
.
getErrorAttributes
(
requestAttributes
,
includeStackTrace
);
}
/**
* 是否包含trace
*
* @param request
* @return
*/
private
boolean
getTraceParameter
(
HttpServletRequest
request
)
{
String
parameter
=
request
.
getParameter
(
"trace"
);
return
parameter
!=
null
&&
!
"false"
.
equalsIgnoreCase
(
parameter
);
}
/**
* 获取错误编码
*
* @param request
* @return
*/
private
HttpStatus
getStatus
(
HttpServletRequest
request
)
{
Integer
statusCode
=
(
Integer
)
request
.
getAttribute
(
"javax.servlet.error.status_code"
);
if
(
statusCode
==
null
)
{
return
HttpStatus
.
INTERNAL_SERVER_ERROR
;
}
try
{
return
HttpStatus
.
valueOf
(
statusCode
);
}
catch
(
Exception
ex
)
{
LOG
.
error
(
"获取当前HttpStatus发生异常"
,
ex
);
return
HttpStatus
.
INTERNAL_SERVER_ERROR
;
}
}
/**
* 实现错误路径,暂时无用
*
* @return
*/
@Override
public
String
getErrorPath
()
{
return
""
;
}
}
blog-admin/src/main/java/com/zyd/blog/controller/PassportController.java
浏览文件 @
968e543b
...
...
@@ -20,8 +20,8 @@
package
com.zyd.blog.controller
;
import
com.zyd.blog.business.annotation.BussinessLog
;
import
com.zyd.blog.framework.property.AppProperties
;
import
com.zyd.blog.framework.object.ResponseVO
;
import
com.zyd.blog.framework.property.AppProperties
;
import
com.zyd.blog.util.ResultUtil
;
import
com.zyd.blog.util.SessionUtil
;
import
org.apache.shiro.SecurityUtils
;
...
...
@@ -60,6 +60,10 @@ public class PassportController {
@BussinessLog
(
"进入登录页面"
)
@GetMapping
(
"/login"
)
public
ModelAndView
login
(
Model
model
)
{
Subject
subject
=
SecurityUtils
.
getSubject
();
if
(
subject
.
isAuthenticated
()||
subject
.
isRemembered
()){
return
ResultUtil
.
redirect
(
"/index"
);
}
model
.
addAttribute
(
"enableKaptcha"
,
config
.
getEnableKaptcha
());
return
ResultUtil
.
view
(
"/login"
);
}
...
...
blog-admin/src/main/java/com/zyd/blog/controller/RestArticleController.java
浏览文件 @
968e543b
...
...
@@ -33,6 +33,7 @@ import com.zyd.blog.framework.object.ResponseVO;
import
com.zyd.blog.util.FileUtil
;
import
com.zyd.blog.util.ResultUtil
;
import
com.zyd.blog.util.SessionUtil
;
import
org.apache.shiro.authz.annotation.RequiresPermissions
;
import
org.springframework.beans.factory.annotation.Autowired
;
import
org.springframework.transaction.annotation.Transactional
;
import
org.springframework.web.bind.annotation.PathVariable
;
...
...
@@ -58,6 +59,7 @@ public class RestArticleController {
@Autowired
private
BizArticleTagsService
articleTagsService
;
@RequiresPermissions
(
"articles"
)
@PostMapping
(
"/list"
)
public
PageResult
list
(
ArticleConditionVO
vo
)
{
PageHelper
.
startPage
(
vo
.
getPageNumber
()
-
1
,
vo
.
getPageSize
());
...
...
blog-admin/src/main/java/com/zyd/blog/controller/RestCommentController.java
浏览文件 @
968e543b
...
...
@@ -36,6 +36,7 @@ import com.zyd.blog.framework.object.PageResult;
import
com.zyd.blog.framework.object.ResponseVO
;
import
com.zyd.blog.util.ResultUtil
;
import
com.zyd.blog.util.SessionUtil
;
import
org.apache.shiro.authz.annotation.RequiresPermissions
;
import
org.springframework.beans.factory.annotation.Autowired
;
import
org.springframework.web.bind.annotation.PathVariable
;
import
org.springframework.web.bind.annotation.PostMapping
;
...
...
@@ -61,6 +62,7 @@ public class RestCommentController {
@Autowired
private
MailService
mailService
;
@RequiresPermissions
(
"comments"
)
@PostMapping
(
"/list"
)
public
PageResult
list
(
CommentConditionVO
vo
)
{
PageHelper
.
startPage
(
vo
.
getPageNumber
()
-
1
,
vo
.
getPageSize
());
...
...
blog-admin/src/main/java/com/zyd/blog/controller/RestResourcesController.java
浏览文件 @
968e543b
...
...
@@ -29,7 +29,6 @@ import com.zyd.blog.core.shiro.ShiroService;
import
com.zyd.blog.framework.object.PageResult
;
import
com.zyd.blog.framework.object.ResponseVO
;
import
com.zyd.blog.util.ResultUtil
;
import
com.zyd.blog.util.SessionUtil
;
import
org.springframework.beans.factory.annotation.Autowired
;
import
org.springframework.cache.annotation.CacheEvict
;
import
org.springframework.web.bind.annotation.PathVariable
;
...
...
@@ -37,9 +36,7 @@ import org.springframework.web.bind.annotation.PostMapping;
import
org.springframework.web.bind.annotation.RequestMapping
;
import
org.springframework.web.bind.annotation.RestController
;
import
java.util.HashMap
;
import
java.util.List
;
import
java.util.Map
;
/**
* 系统资源管理
...
...
@@ -71,15 +68,6 @@ public class RestResourcesController {
return
ResultUtil
.
success
(
null
,
resourcesService
.
queryResourcesListWithSelected
(
rid
));
}
@PostMapping
(
"/loadMenu"
)
public
List
<
Resources
>
loadMenu
()
{
Map
<
String
,
Object
>
map
=
new
HashMap
<>();
Long
userId
=
SessionUtil
.
getUser
().
getId
();
map
.
put
(
"type"
,
"menu"
);
map
.
put
(
"userId"
,
userId
);
return
resourcesService
.
listUserResources
(
map
);
}
@PostMapping
(
"/listParents"
)
public
List
<
Resources
>
listParents
()
{
return
resourcesService
.
listAllParentResource
();
...
...
blog-admin/src/main/java/com/zyd/blog/controller/RestRoleController.java
浏览文件 @
968e543b
...
...
@@ -26,6 +26,7 @@ import com.zyd.blog.business.enums.ResponseStatus;
import
com.zyd.blog.business.service.SysRoleResourcesService
;
import
com.zyd.blog.business.service.SysRoleService
;
import
com.zyd.blog.business.vo.RoleConditionVO
;
import
com.zyd.blog.core.shiro.ShiroService
;
import
com.zyd.blog.framework.object.PageResult
;
import
com.zyd.blog.framework.object.ResponseVO
;
import
com.zyd.blog.util.ResultUtil
;
...
...
@@ -54,6 +55,8 @@ public class RestRoleController {
private
SysRoleService
roleService
;
@Autowired
private
SysRoleResourcesService
roleResourcesService
;
@Autowired
private
ShiroService
shiroService
;
@PostMapping
(
"/list"
)
public
PageResult
getAll
(
RoleConditionVO
vo
)
{
...
...
@@ -67,13 +70,14 @@ public class RestRoleController {
return
ResultUtil
.
success
(
null
,
roleService
.
queryRoleListWithSelected
(
uid
));
}
//分配角色
@PostMapping
(
"/saveRoleResources"
)
public
ResponseVO
saveRoleResources
(
Long
roleId
,
String
resourcesId
)
{
if
(
StringUtils
.
isEmpty
(
roleId
))
{
return
ResultUtil
.
error
(
"error"
);
}
roleResourcesService
.
addRoleResources
(
roleId
,
resourcesId
);
// 重新加载所有拥有roleId的用户的权限信息
shiroService
.
reloadAuthorizingByRoleId
(
roleId
);
return
ResultUtil
.
success
(
"成功"
);
}
...
...
blog-admin/src/main/java/com/zyd/blog/core/shiro/ShiroService.java
浏览文件 @
968e543b
...
...
@@ -20,14 +20,24 @@
package
com.zyd.blog.core.shiro
;
import
com.zyd.blog.business.entity.Resources
;
import
com.zyd.blog.business.entity.User
;
import
com.zyd.blog.business.service.SysResourcesService
;
import
com.zyd.blog.business.service.SysUserService
;
import
com.zyd.blog.core.shiro.realm.ShiroRealm
;
import
com.zyd.blog.framework.holder.SpringContextHolder
;
import
org.apache.shiro.SecurityUtils
;
import
org.apache.shiro.mgt.RealmSecurityManager
;
import
org.apache.shiro.spring.web.ShiroFilterFactoryBean
;
import
org.apache.shiro.subject.SimplePrincipalCollection
;
import
org.apache.shiro.subject.Subject
;
import
org.apache.shiro.web.filter.mgt.DefaultFilterChainManager
;
import
org.apache.shiro.web.filter.mgt.PathMatchingFilterChainResolver
;
import
org.apache.shiro.web.servlet.AbstractShiroFilter
;
import
org.slf4j.Logger
;
import
org.slf4j.LoggerFactory
;
import
org.springframework.beans.factory.annotation.Autowired
;
import
org.springframework.stereotype.Service
;
import
org.springframework.util.CollectionUtils
;
import
org.springframework.util.StringUtils
;
import
java.util.LinkedHashMap
;
...
...
@@ -45,8 +55,12 @@ import java.util.Map;
*/
@Service
public
class
ShiroService
{
private
static
final
Logger
LOG
=
LoggerFactory
.
getLogger
(
ShiroService
.
class
);
@Autowired
private
SysResourcesService
resourcesService
;
@Autowired
private
SysUserService
userService
;
/**
* 初始化权限
...
...
@@ -109,44 +123,41 @@ public class ShiroService {
String
chainDefinition
=
entry
.
getValue
().
trim
().
replace
(
" "
,
""
);
manager
.
createChain
(
url
,
chainDefinition
);
}
System
.
out
.
println
(
"更新权限成功!!"
);
}
}
/**
* 根据userId 清除当前session存在的用户的权限缓存
* @param userIds 已经修改了权限的userId
* 重新加载用户权限
*
* @param user
*/
/* public void clearUserAuthByUserId(List<Integer> userIds)
{
if(null == userIds || userIds.size() == 0) return
;
//获取所有session
Collection<Session> sessions = redisSessionDAO.getActiveSessions
();
//定义返回
List<SimplePrincipalCollection> list = new ArrayList<SimplePrincipalCollection>(
);
for (Session session:sessions){
//获取session登录信息。
Object obj = session.getAttribute(DefaultSubjectContext.PRINCIPALS_SESSION_KEY
);
if(null != obj && obj instanceof SimplePrincipalCollection){
//强转
SimplePrincipalCollection spc = (SimplePrincipalCollection)obj;
//判断用户,匹配用户ID。
obj = spc.getPrimaryPrincipal();
if(null != obj && obj instanceof User){
User user = (User) obj;
System.out.println("user:"+user);
//比较用户ID,符合即加入集合
if(null != user && userIds.contains(user.getId())){
list.add(spc);
}
}
}
public
void
reloadAuthorizingByUserId
(
User
user
)
{
RealmSecurityManager
rsm
=
(
RealmSecurityManager
)
SecurityUtils
.
getSecurityManager
()
;
ShiroRealm
shiroRealm
=
(
ShiroRealm
)
rsm
.
getRealms
().
iterator
().
next
();
Subject
subject
=
SecurityUtils
.
getSubject
();
String
realmName
=
subject
.
getPrincipals
().
getRealmNames
().
iterator
().
next
();
SimplePrincipalCollection
principals
=
new
SimplePrincipalCollection
(
user
.
getId
(),
realmName
);
subject
.
runAs
(
principals
);
shiroRealm
.
getAuthorizationCache
().
remove
(
subject
.
getPrincipals
());
subject
.
releaseRunAs
(
);
LOG
.
info
(
"用户[{}]的权限更新成功!!"
,
user
.
getUsername
());
}
/**
* 重新加载所有拥有roleId角色的用户的权限
*
* @param roleId
*/
public
void
reloadAuthorizingByRoleId
(
Long
roleId
)
{
List
<
User
>
userList
=
userService
.
listByRoleId
(
roleId
);
if
(
CollectionUtils
.
isEmpty
(
userList
))
{
return
;
}
RealmSecurityManager securityManager =
(RealmSecurityManager) SecurityUtils.getSecurityManager();
MyShiroRealm realm = (MyShiroRealm)securityManager.getRealms().iterator().next();
for (SimplePrincipalCollection simplePrincipalCollection : list) {
realm.clearCachedAuthorizationInfo(simplePrincipalCollection);
for
(
User
user
:
userList
)
{
reloadAuthorizingByUserId
(
user
);
}
}*/
}
}
blog-admin/src/main/java/com/zyd/blog/core/shiro/credentials/RetryLimitCredentialsMatcher.java
浏览文件 @
968e543b
...
...
@@ -19,7 +19,6 @@
*/
package
com.zyd.blog.core.shiro.credentials
;
import
com.alibaba.fastjson.JSONObject
;
import
com.zyd.blog.business.consts.SessionConst
;
import
com.zyd.blog.business.entity.User
;
import
com.zyd.blog.business.service.SysUserService
;
...
...
@@ -34,7 +33,6 @@ import org.springframework.beans.factory.annotation.Autowired;
import
org.springframework.data.redis.core.RedisTemplate
;
import
org.springframework.data.redis.core.ValueOperations
;
import
javax.annotation.Resource
;
import
java.util.concurrent.TimeUnit
;
/**
...
...
@@ -59,14 +57,14 @@ public class RetryLimitCredentialsMatcher extends CredentialsMatcher {
*/
private
static
final
String
SHIRO_IS_LOCK
=
"shiro_is_lock_"
;
@Autowired
RedisTemplate
redisTemplate
;
@
Resource
private
RedisTemplate
redisTemplate
;
@
Autowired
private
SysUserService
userService
;
@Override
public
boolean
doCredentialsMatch
(
AuthenticationToken
token
,
AuthenticationInfo
info
)
{
User
user
=
(
User
)
info
.
getPrincipals
().
getPrimaryPrincipal
();
LOGGER
.
info
(
"== 验证用户:{}"
,
JSONObject
.
toJSONString
(
user
)
);
Long
userId
=
(
Long
)
info
.
getPrincipals
().
getPrimaryPrincipal
();
User
user
=
userService
.
getByPrimaryKey
(
userId
);
String
username
=
user
.
getUsername
();
// 访问一次,计数一次
ValueOperations
<
String
,
String
>
opsForValue
=
redisTemplate
.
opsForValue
();
...
...
@@ -104,6 +102,6 @@ public class RetryLimitCredentialsMatcher extends CredentialsMatcher {
// 当验证都通过后,把用户信息放在session里
// 注:User必须实现序列化
SecurityUtils
.
getSubject
().
getSession
().
setAttribute
(
SessionConst
.
USER_SESSION_KEY
,
user
);
return
matches
;
return
true
;
}
}
blog-admin/src/main/java/com/zyd/blog/core/shiro/realm/ShiroRealm.java
浏览文件 @
968e543b
...
...
@@ -58,7 +58,6 @@ public class ShiroRealm extends AuthorizingRealm {
/**
* 提供账户信息返回认证信息(用户的角色信息集合)
*
*/
@Override
protected
AuthenticationInfo
doGetAuthenticationInfo
(
AuthenticationToken
token
)
throws
AuthenticationException
{
...
...
@@ -72,13 +71,13 @@ public class ShiroRealm extends AuthorizingRealm {
throw
new
LockedAccountException
(
"帐号已被锁定,禁止登录!"
);
}
SimpleAuthenticationInfo
authenticationInfo
=
new
SimpleAuthenticationInfo
(
user
,
// principal参数使用用户Id,方便动态刷新用户权限
return
new
SimpleAuthenticationInfo
(
user
.
getId
(),
user
.
getPassword
(),
ByteSource
.
Util
.
bytes
(
username
),
getName
()
);
return
authenticationInfo
;
}
/**
...
...
@@ -86,9 +85,9 @@ public class ShiroRealm extends AuthorizingRealm {
*/
@Override
protected
AuthorizationInfo
doGetAuthorizationInfo
(
PrincipalCollection
principalCollection
)
{
User
user
=
(
User
)
SecurityUtils
.
getSubject
().
getPrincipal
();
Long
userId
=
(
Long
)
SecurityUtils
.
getSubject
().
getPrincipal
();
Map
<
String
,
Object
>
map
=
new
HashMap
<
String
,
Object
>();
map
.
put
(
"userId"
,
user
.
getId
()
);
map
.
put
(
"userId"
,
user
Id
);
List
<
Resources
>
resourcesList
=
resourcesService
.
listUserResources
(
map
);
// 权限信息对象info,用来存放查出的用户的所有的角色(role)及权限(permission)
SimpleAuthorizationInfo
info
=
new
SimpleAuthorizationInfo
();
...
...
@@ -111,14 +110,4 @@ public class ShiroRealm extends AuthorizingRealm {
return
info
;
}
/**
* 指定principalCollection 清除
*/
/* public void clearCachedAuthorizationInfo(PrincipalCollection principalCollection) {
SimplePrincipalCollection principals = new SimplePrincipalCollection(
principalCollection, getName());
super.clearCachedAuthorizationInfo(principals);
}
*/
}
blog-admin/src/main/resources/static/assets/js/zhyd.core.js
浏览文件 @
968e543b
...
...
@@ -205,31 +205,7 @@ $.fn.popover.Constructor.prototype.leave = function (a) {
// zhyd.initSidebar();
zhyd
.
initDaterangepicker
();
zhyd
.
initValidator
();
var
menuHtml
=
localStorage
.
getItem
(
"
menu
"
);
if
(
menuHtml
)
{
$
(
"
.side-menu
"
).
append
(
menuHtml
);
zhyd
.
initSidebar
();
}
else
{
$
.
ajax
({
cache
:
true
,
type
:
"
POST
"
,
url
:
'
/resources/loadMenu
'
,
dataType
:
"
json
"
,
success
:
function
(
data
)
{
var
html
=
""
;
$
.
each
(
data
,
function
(
index
)
{
console
.
log
(
this
);
this
.
hasNodes
=
this
.
nodes
&&
this
.
nodes
.
length
>
0
;
var
tpl
=
'
{{#hasNodes}}<li><a><i class="{{icon}}"></i> {{name}}<span class="fa fa-chevron-down"></span></a><ul class="nav child_menu">{{#nodes}}<li><a href="{{url}}"><i class="{{icon}}"></i>{{name}}</a></li>{{/nodes}}</ul></li>{{/hasNodes}}
'
;
tpl
+=
'
{{^hasNodes}}<li><a href="{{url}}"><i class="{{icon}}"></i> {{name}}</a></li>{{/hasNodes}}
'
;
html
+=
Mustache
.
render
(
tpl
,
this
);
});
localStorage
.
setItem
(
"
menu
"
,
html
);
$
(
"
.side-menu
"
).
append
(
html
);
zhyd
.
initSidebar
();
}
});
}
zhyd
.
initSidebar
();
$
.
ajax
({
cache
:
false
,
...
...
blog-admin/src/main/resources/templates/layout/sidebar.ftl
浏览文件 @
968e543b
...
...
@@ -2,6 +2,24 @@
<div id="sidebar-menu" class="main_menu_side hidden-print main_menu">
<div class="menu_section">
<ul class="nav side-menu">
<@zhydTag method="menus" userId="${user.id}">
<#if menus?? && menus?size gt 0>
<#list menus as item>
<#if item.nodes?? && item.nodes?size gt 0>
<li>
<a><i class="${item.icon?if_exists}"></i> ${item.name?if_exists}<span class="fa fa-chevron-down"></span></a>
<ul class="nav child_menu">
<#list item.nodes as node>
<li><a href="${node.url?if_exists}"><i class="${node.icon?if_exists}"></i>${node.name?if_exists}</a></li>
</#list>
</ul>
</li>
<#else>
<li><a href="${item.url?if_exists}"><i class="${item.icon?if_exists}"></i>${item.name?if_exists}</a></li>
</#if>
</#list>
</#if>
</@zhydTag>
</ul>
</div>
</div>
...
...
blog-core/src/main/java/com/zyd/blog/business/service/SysUserService.java
浏览文件 @
968e543b
...
...
@@ -25,6 +25,8 @@ import com.zyd.blog.business.entity.User;
import
com.zyd.blog.business.vo.UserConditionVO
;
import
com.zyd.blog.framework.object.AbstractService
;
import
java.util.List
;
/**
* 用户
*
...
...
@@ -60,4 +62,12 @@ public interface SysUserService extends AbstractService<User, Long> {
*/
User
getByUserName
(
String
userName
);
/**
* 通过角色Id获取用户列表
*
* @param roleId
* @return
*/
List
<
User
>
listByRoleId
(
Long
roleId
);
}
blog-core/src/main/java/com/zyd/blog/business/service/impl/SysRoleServiceImpl.java
浏览文件 @
968e543b
...
...
@@ -121,11 +121,10 @@ public class SysRoleServiceImpl implements SysRoleService {
public
void
insertList
(
List
<
Role
>
entities
)
{
Assert
.
notNull
(
entities
,
"entities不可为空!"
);
List
<
SysRole
>
sysRole
=
new
ArrayList
<>();
String
regIp
=
IpUtil
.
getRealIp
(
RequestHolder
.
getRequest
());
for
(
Role
Role
:
entities
)
{
Role
.
setUpdateTime
(
new
Date
());
Role
.
setCreateTime
(
new
Date
());
sysRole
.
add
(
Role
.
getSysRole
());
for
(
Role
role
:
entities
)
{
role
.
setUpdateTime
(
new
Date
());
role
.
setCreateTime
(
new
Date
());
sysRole
.
add
(
role
.
getSysRole
());
}
roleMapper
.
insertList
(
sysRole
);
}
...
...
blog-core/src/main/java/com/zyd/blog/business/service/impl/SysUserServiceImpl.java
浏览文件 @
968e543b
...
...
@@ -250,4 +250,23 @@ public class SysUserServiceImpl implements SysUserService {
return
getOneByEntity
(
user
);
}
/**
* 通过角色Id获取用户列表
*
* @param roleId
* @return
*/
@Override
public
List
<
User
>
listByRoleId
(
Long
roleId
)
{
List
<
SysUser
>
sysUsers
=
sysUserMapper
.
listByRoleId
(
roleId
);
if
(
CollectionUtils
.
isEmpty
(
sysUsers
))
{
return
null
;
}
List
<
User
>
users
=
new
ArrayList
<>();
for
(
SysUser
su
:
sysUsers
)
{
users
.
add
(
new
User
(
su
));
}
return
users
;
}
}
blog-core/src/main/java/com/zyd/blog/framework/tag/CustomTagDirective.java
浏览文件 @
968e543b
...
...
@@ -28,8 +28,10 @@ import freemarker.core.Environment;
import
freemarker.template.*
;
import
org.springframework.beans.factory.annotation.Autowired
;
import
org.springframework.stereotype.Component
;
import
org.springframework.util.StringUtils
;
import
java.io.IOException
;
import
java.util.HashMap
;
import
java.util.Map
;
/**
...
...
@@ -85,6 +87,20 @@ public class CustomTagDirective implements TemplateDirectiveModel {
// 站点属性
environment
.
setVariable
(
"siteInfo"
,
builder
.
build
().
wrap
(
configService
.
getSiteInfo
()));
break
;
case
"menus"
:
Integer
userId
=
null
;
if
(
map
.
containsKey
(
"userId"
))
{
String
userIdStr
=
map
.
get
(
"userId"
).
toString
();
if
(
StringUtils
.
isEmpty
(
userIdStr
)){
return
;
}
userId
=
Integer
.
parseInt
(
userIdStr
);
}
Map
<
String
,
Object
>
params
=
new
HashMap
<>(
2
);
params
.
put
(
"type"
,
"menu"
);
params
.
put
(
"userId"
,
userId
);
environment
.
setVariable
(
"menus"
,
builder
.
build
().
wrap
(
resourcesService
.
listUserResources
(
params
)));
break
;
default
:
break
;
}
...
...
blog-core/src/main/java/com/zyd/blog/persistence/mapper/SysUserMapper.java
浏览文件 @
968e543b
...
...
@@ -42,4 +42,6 @@ public interface SysUserMapper extends BaseMapper<SysUser> {
List
<
SysUser
>
findPageBreakByCondition
(
UserConditionVO
vo
);
List
<
SysUser
>
listByRoleId
(
Long
roleId
);
}
blog-core/src/main/resources/mybatis/SysUserMapper.xml
浏览文件 @
968e543b
...
...
@@ -80,5 +80,17 @@
s.create_time DESC
</select>
<select
id=
"listByRoleId"
parameterType=
"Long"
resultMap=
"rm"
>
SELECT
s.id,
s.username,
s.nickname
FROM
sys_user s
INNER JOIN sys_user_role sur ON sur.user_id = s.id
WHERE
sur.role_id = #{roleId}
</select>
</mapper>
编辑
预览
Markdown
is supported
0%
请重试
或
添加新附件
.
添加附件
取消
You are about to add
0
people
to the discussion. Proceed with caution.
先完成此消息的编辑!
取消
想要评论请
注册
或
登录