refactor: 移除接口注解的 Authorization 参数声明

c3e9deab · 郝先瑞 · 3c51373c · c3e9deab · c3e9deab · c3e9deab
11 changed file
--- a/mall-pms/pms-boot/src/main/java/com/youlai/mall/pms/service/impl/SkuServiceImpl.java
+++ b/mall-pms/pms-boot/src/main/java/com/youlai/mall/pms/service/impl/SkuServiceImpl.java
@@ -6,7 +6,7 @@ import cn.hutool.json.JSONUtil;
 import com.baomidou.mybatisplus.core.conditions.query.LambdaQueryWrapper;
 import com.baomidou.mybatisplus.core.conditions.update.LambdaUpdateWrapper;
 import com.baomidou.mybatisplus.extension.service.impl.ServiceImpl;
-import com.youlai.mall.pms.common.constant.ProductConstants;
+import com.youlai.mall.pms.constant.ProductConstants;
 import com.youlai.mall.pms.converter.SkuConverter;
 import com.youlai.mall.pms.mapper.PmsSkuMapper;
 import com.youlai.mall.pms.model.dto.LockedSkuDTO;

--- a/mall-pms/pms-boot/src/main/java/com/youlai/mall/pms/service/impl/SpuServiceImpl.java
+++ b/mall-pms/pms-boot/src/main/java/com/youlai/mall/pms/service/impl/SpuServiceImpl.java
@@ -10,8 +10,8 @@ import com.baomidou.mybatisplus.core.metadata.IPage;
 import com.baomidou.mybatisplus.extension.plugins.pagination.Page;
 import com.baomidou.mybatisplus.extension.service.impl.ServiceImpl;
 import com.youlai.common.security.util.SecurityUtils;
-import com.youlai.mall.pms.common.constant.ProductConstants;
+import com.youlai.mall.pms.constant.ProductConstants;
-import com.youlai.mall.pms.common.enums.AttributeTypeEnum;
+import com.youlai.mall.pms.enums.AttributeTypeEnum;
 import com.youlai.mall.pms.converter.SpuAttributeConverter;
 import com.youlai.mall.pms.converter.SpuConverter;
 import com.youlai.mall.pms.mapper.PmsSpuMapper;

--- a/youlai-common/common-file/src/main/java/com/youlai/common/file/controller/FileController.java
+++ b/youlai-common/common-file/src/main/java/com/youlai/common/file/controller/FileController.java
@@ -10,7 +10,7 @@ import lombok.RequiredArgsConstructor;
 import org.springframework.web.bind.annotation.*;
 import org.springframework.web.multipart.MultipartFile;
-@Tag(name = "文件接口")
+@Tag(name = "06.文件接口")
 @RestController
 @RequestMapping("/api/v1/files")
 @RequiredArgsConstructor

--- a/youlai-gateway/src/main/java/com/youlai/gateway/config/SecurityConfig.java
+++ b/youlai-gateway/src/main/java/com/youlai/gateway/config/SecurityConfig.java
 package com.youlai.gateway.config;
+import cn.hutool.core.collection.CollectionUtil;
 import cn.hutool.core.convert.Convert;
 import lombok.Setter;
 import lombok.extern.slf4j.Slf4j;
@@ -16,9 +17,8 @@ import org.springframework.web.util.pattern.PathPatternParser;
 import java.util.List;
 /**
- * OAuth Client Security 配置
+ * Spring Security 配置
 *
 * @author haoxr
 * @since 2022/8/28
@@ -30,23 +30,31 @@ import java.util.List;
 public class SecurityConfig {
    /**
-     * 禁止访问的URI集合(黑名单)
+     * 黑名单请求路径列表
     */
    @Setter
-    private List<String> forbiddenURIs;
+    private List<String> blacklistPaths;
    @Bean
-    public SecurityWebFilterChain securityFilterChain(ServerHttpSecurity  http) {
+    public SecurityWebFilterChain securityFilterChain(ServerHttpSecurity http) {
        http
-                .authorizeExchange(exchangeSpec ->
+                .authorizeExchange(exchange ->
-                        exchangeSpec
+                        {
-                                .pathMatchers(Convert.toStrArray(forbiddenURIs)).denyAll()
+                            if (CollectionUtil.isNotEmpty(blacklistPaths)) {
-                                .anyExchange().permitAll()
+                                exchange.pathMatchers(Convert.toStrArray(blacklistPaths)).authenticated();
+                            }
+                            exchange.anyExchange().permitAll();
+                        }
                )
                .csrf(ServerHttpSecurity.CsrfSpec::disable);
        return http.build();
    }
+    /**
+     * 跨域共享配置
+     *
+     * @return CorsConfigurationSource
+     */
    @Bean
    public CorsConfigurationSource corsConfigurationSource() {
        UrlBasedCorsConfigurationSource source = new UrlBasedCorsConfigurationSource(new PathPatternParser());

--- a/youlai-gateway/src/main/java/com/youlai/gateway/config/SentinelConfiguration.java
+++ b/youlai-gateway/src/main/java/com/youlai/gateway/config/SentinelConfiguration.java
@@ -18,15 +18,18 @@ import org.springframework.web.reactive.function.server.ServerResponse;
 * @since 2022/7/24
 */
 @Configuration
-public class SentinelConfiguration {
+public class SentinelConfig {
    @PostConstruct
    private void initBlockHandler() {
-        BlockRequestHandler blockRequestHandler = (exchange, t) ->
+        GatewayCallbackManager.setBlockHandler(
-                ServerResponse.status(HttpStatus.TOO_MANY_REQUESTS)
+                (exchange, t) ->
-                        .contentType(MediaType.APPLICATION_JSON)
+                        ServerResponse
-                        .body(BodyInserters.fromValue(ResultCode.FLOW_LIMITING.toString())
+                                .status(HttpStatus.TOO_MANY_REQUESTS)
-                        );
+                                .contentType(MediaType.APPLICATION_JSON)
-        GatewayCallbackManager.setBlockHandler(blockRequestHandler);
+                                .body(
+                                        BodyInserters.fromValue(ResultCode.FLOW_LIMITING.toString())
+                                )
+        );
    }
 }
--- a/youlai-system/system-boot/src/main/java/com/youlai/system/controller/SysDeptController.java
+++ b/youlai-system/system-boot/src/main/java/com/youlai/system/controller/SysDeptController.java
@@ -9,7 +9,6 @@ import com.youlai.common.web.model.Option;
 import com.youlai.system.service.SysDeptService;
 import io.swagger.v3.oas.annotations.Operation;
 import io.swagger.v3.oas.annotations.Parameter;
-import io.swagger.v3.oas.annotations.security.SecurityRequirement;
 import io.swagger.v3.oas.annotations.tags.Tag;
 import jakarta.validation.Valid;
 import lombok.RequiredArgsConstructor;
@@ -25,13 +24,13 @@ import java.util.List;
 * @author haoxr
 * @since 2020/11/6
 */
-@Tag(name = "05.部门接口")
+@Tag(name = "04.部门接口")
 @RestController
 @RequestMapping("/api/v1/dept")
 @RequiredArgsConstructor
 public class SysDeptController {
    private final SysDeptService deptService;
-    @Operation(summary = "获取部门列表", security = {@SecurityRequirement(name = "Authorization")})
+    @Operation(summary = "获取部门列表")
    @GetMapping
    public Result<List<DeptVO>> listDepartments(
            @ParameterObject DeptQuery queryParams
@@ -40,14 +39,14 @@ public class SysDeptController {
        return Result.success(list);
    }
-    @Operation(summary = "获取部门下拉选项", security = {@SecurityRequirement(name = "Authorization")})
+    @Operation(summary = "获取部门下拉选项")
    @GetMapping("/options")
    public Result<List<Option>> listDeptOptions() {
        List<Option> list = deptService.listDeptOptions();
        return Result.success(list);
    }
-    @Operation(summary = "获取部门表单数据", security = {@SecurityRequirement(name = "Authorization")})
+    @Operation(summary = "获取部门表单数据")
    @GetMapping("/{deptId}/form")
    public Result<DeptForm> getDeptForm(
            @Parameter(description ="部门ID") @PathVariable Long deptId
@@ -56,7 +55,7 @@ public class SysDeptController {
        return Result.success(deptForm);
    }
-    @Operation(summary = "新增部门", security = {@SecurityRequirement(name = "Authorization")})
+    @Operation(summary = "新增部门")
    @PostMapping
    @PreAuthorize("@ss.hasPerm('sys:dept:add')")
    @PreventDuplicateResubmit
@@ -67,7 +66,7 @@ public class SysDeptController {
        return Result.success(id);
    }
-    @Operation(summary = "修改部门", security = {@SecurityRequirement(name = "Authorization")})
+    @Operation(summary = "修改部门")
    @PutMapping(value = "/{deptId}")
    @PreAuthorize("@ss.hasPerm('sys:dept:edit')")
    public Result updateDept(
@@ -78,7 +77,7 @@ public class SysDeptController {
        return Result.success(deptId);
    }
-    @Operation(summary = "删除部门", security = {@SecurityRequirement(name = "Authorization")})
+    @Operation(summary = "删除部门")
    @DeleteMapping("/{ids}")
    @PreAuthorize("@ss.hasPerm('sys:dept:delete')")
    public Result deleteDepartments(

--- a/youlai-system/system-boot/src/main/java/com/youlai/system/controller/SysDictController.java
+++ b/youlai-system/system-boot/src/main/java/com/youlai/system/controller/SysDictController.java
@@ -24,7 +24,7 @@ import org.springframework.web.bind.annotation.*;
 import java.util.List;
-@Tag(name = "06.字典接口")
+@Tag(name = "05.字典接口")
 @RestController
 @RequestMapping("/api/v1/dict")
 @RequiredArgsConstructor
@@ -34,7 +34,7 @@ public class SysDictController {
    private final SysDictTypeService dictTypeService;
-    @Operation(summary = "字典分页列表", security = {@SecurityRequirement(name = "Authorization")})
+    @Operation(summary = "字典分页列表")
    @GetMapping("/page")
    public PageResult<DictPageVO> getDictPage(
            @ParameterObject DictPageQuery queryParams
@@ -43,7 +43,7 @@ public class SysDictController {
        return PageResult.success(result);
    }
-    @Operation(summary = "字典数据表单数据", security = {@SecurityRequirement(name = "Authorization")})
+    @Operation(summary = "字典数据表单数据")
    @GetMapping("/{id}/form")
    public Result<DictForm> getDictForm(
            @Parameter(description ="字典ID") @PathVariable Long id
@@ -52,7 +52,7 @@ public class SysDictController {
        return Result.success(formData);
    }
-    @Operation(summary = "新增字典", security = {@SecurityRequirement(name = "Authorization")})
+    @Operation(summary = "新增字典")
    @PostMapping
    @PreAuthorize("@ss.hasPerm('sys:dict:add')")
    @PreventDuplicateResubmit
@@ -63,7 +63,7 @@ public class SysDictController {
        return Result.judge(result);
    }
-    @Operation(summary = "修改字典", security = {@SecurityRequirement(name = "Authorization")})
+    @Operation(summary = "修改字典")
    @PutMapping("/{id}")
    @PreAuthorize("@ss.hasPerm('sys:dict:edit')")
    public Result updateDict(
@@ -74,7 +74,7 @@ public class SysDictController {
        return Result.judge(status);
    }
-    @Operation(summary = "删除字典", security = {@SecurityRequirement(name = "Authorization")})
+    @Operation(summary = "删除字典")
    @DeleteMapping("/{ids}")
    @PreAuthorize("@ss.hasPerm('sys:dict:delete')")
    public Result deleteDict(
@@ -85,7 +85,7 @@ public class SysDictController {
    }
-    @Operation(summary = "字典下拉列表", security = {@SecurityRequirement(name = "Authorization")})
+    @Operation(summary = "字典下拉列表")
    @GetMapping("/options")
    public Result<List<Option>> listDictOptions(
            @Parameter(description ="字典类型编码") @RequestParam String typeCode
@@ -96,7 +96,7 @@ public class SysDictController {
    /*----------------------------------------------------*/
-    @Operation(summary = "字典类型分页列表", security = {@SecurityRequirement(name = "Authorization")})
+    @Operation(summary = "字典类型分页列表")
    @GetMapping("/types/page")
    public PageResult<DictTypePageVO> getDictTypePage(
            @ParameterObject DictTypePageQuery queryParams
@@ -105,7 +105,7 @@ public class SysDictController {
        return PageResult.success(result);
    }
-    @Operation(summary = "字典类型表单数据", security = {@SecurityRequirement(name = "Authorization")})
+    @Operation(summary = "字典类型表单数据")
    @GetMapping("/types/{id}/form")
    public Result<DictTypeForm> getDictTypeForm(
            @Parameter(description ="字典ID") @PathVariable Long id
@@ -114,7 +114,7 @@ public class SysDictController {
        return Result.success(dictTypeForm);
    }
-    @Operation(summary = "新增字典类型", security = {@SecurityRequirement(name = "Authorization")})
+    @Operation(summary = "新增字典类型")
    @PostMapping("/types")
    @PreAuthorize("@ss.hasPerm('sys:dict_type:add')")
    @PreventDuplicateResubmit
@@ -123,7 +123,7 @@ public class SysDictController {
        return Result.judge(result);
    }
-    @Operation(summary = "修改字典类型", security = {@SecurityRequirement(name = "Authorization")})
+    @Operation(summary = "修改字典类型")
    @PutMapping("/types/{id}")
    @PreAuthorize("@ss.hasPerm('sys:dict_type:edit')")
    public Result updateDictType(@PathVariable Long id, @RequestBody DictTypeForm dictTypeForm) {
@@ -131,7 +131,7 @@ public class SysDictController {
        return Result.judge(status);
    }
-    @Operation(summary = "删除字典类型", security = {@SecurityRequirement(name = "Authorization")})
+    @Operation(summary = "删除字典类型")
    @DeleteMapping("/types/{ids}")
    @PreAuthorize("@ss.hasPerm('sys:dict_type:delete')")
    public Result deleteDictTypes(

--- a/youlai-system/system-boot/src/main/java/com/youlai/system/controller/SysMenuController.java
+++ b/youlai-system/system-boot/src/main/java/com/youlai/system/controller/SysMenuController.java
@@ -27,7 +27,7 @@ import java.util.List;
 * @author haoxr
 * @since  2020/11/06
 */
-@Tag(name = "04.菜单接口")
+@Tag(name = "03.菜单接口")
 @RestController
 @RequestMapping("/api/v1/menus")
 @RequiredArgsConstructor

--- a/youlai-system/system-boot/src/main/java/com/youlai/system/controller/SysRoleController.java
+++ b/youlai-system/system-boot/src/main/java/com/youlai/system/controller/SysRoleController.java
@@ -21,7 +21,7 @@ import org.springframework.web.bind.annotation.*;
 import java.util.List;
-@Tag(name = "03.角色接口")
+@Tag(name = "02.角色接口")
 @RestController
 @RequestMapping("/api/v1/roles")
 @RequiredArgsConstructor

--- a/youlai-system/system-boot/src/main/java/com/youlai/system/controller/SysUserController.java
+++ b/youlai-system/system-boot/src/main/java/com/youlai/system/controller/SysUserController.java
@@ -9,7 +9,6 @@ import com.youlai.common.result.PageResult;
 import com.youlai.common.result.Result;
 import com.youlai.common.web.annotation.PreventDuplicateResubmit;
 import com.youlai.system.dto.UserAuthInfo;
-import com.youlai.system.listener.excel.MyAnalysisEventListener;
 import com.youlai.system.listener.excel.UserImportListener;
 import com.youlai.system.model.entity.SysUser;
 import com.youlai.system.model.form.UserForm;
@@ -21,7 +20,6 @@ import com.youlai.system.model.vo.UserPageVO;
 import com.youlai.system.service.SysUserService;
 import io.swagger.v3.oas.annotations.Operation;
 import io.swagger.v3.oas.annotations.Parameter;
-import io.swagger.v3.oas.annotations.security.SecurityRequirement;
 import io.swagger.v3.oas.annotations.tags.Tag;
 import jakarta.servlet.ServletOutputStream;
 import jakarta.servlet.http.HttpServletResponse;
@@ -45,7 +43,7 @@ import java.util.List;
 * @author haoxr
 * @since 2022/10/16
 */
-@Tag(name = "02.用户接口")
+@Tag(name = "01.用户接口")
 @RestController
 @RequestMapping("/api/v1/users")
 @RequiredArgsConstructor
@@ -53,7 +51,7 @@ public class SysUserController {
    private final SysUserService userService;
-    @Operation(summary = "用户分页列表", security = {@SecurityRequirement(name = "Authorization")})
+    @Operation(summary = "用户分页列表")
    @GetMapping("/page")
    public PageResult<UserPageVO> getUserPage(
            @ParameterObject UserPageQuery queryParams
@@ -62,7 +60,7 @@ public class SysUserController {
        return PageResult.success(result);
    }
-    @Operation(summary = "新增用户", security = {@SecurityRequirement(name = "Authorization")})
+    @Operation(summary = "新增用户")
    @PostMapping
    @PreAuthorize("@ss.hasPerm('sys:user:add')")
    @PreventDuplicateResubmit
@@ -73,7 +71,7 @@ public class SysUserController {
        return Result.judge(result);
    }
-    @Operation(summary = "用户表单数据", security = {@SecurityRequirement(name = "Authorization")})
+    @Operation(summary = "用户表单数据")
    @GetMapping("/{userId}/form")
    public Result<UserForm> getUserForm(
            @Parameter(description = "用户ID") @PathVariable Long userId
@@ -82,7 +80,7 @@ public class SysUserController {
        return Result.success(formData);
    }
-    @Operation(summary = "修改用户", security = {@SecurityRequirement(name = "Authorization")})
+    @Operation(summary = "修改用户")
    @PutMapping(value = "/{userId}")
    @PreAuthorize("@ss.hasPerm('sys:user:edit')")
    public Result updateUser(
@@ -92,7 +90,7 @@ public class SysUserController {
        return Result.judge(result);
    }
-    @Operation(summary = "删除用户", security = {@SecurityRequirement(name = "Authorization")})
+    @Operation(summary = "删除用户")
    @DeleteMapping("/{ids}")
    @PreAuthorize("@ss.hasPerm('sys:user:delete')")
    public Result deleteUsers(
@@ -102,7 +100,7 @@ public class SysUserController {
        return Result.judge(result);
    }
-    @Operation(summary = "修改用户密码", security = {@SecurityRequirement(name = "Authorization")})
+    @Operation(summary = "修改用户密码")
    @PatchMapping(value = "/{userId}/password")
    @PreAuthorize("@ss.hasPerm('sys:user:reset_pwd')")
    public Result updatePassword(
@@ -113,7 +111,7 @@ public class SysUserController {
        return Result.judge(result);
    }
-    @Operation(summary = "修改用户状态", security = {@SecurityRequirement(name = "Authorization")})
+    @Operation(summary = "修改用户状态")
    @PatchMapping(value = "/{userId}/status")
    public Result updateUserStatus(
            @Parameter(description = "用户ID") @PathVariable Long userId,
@@ -135,14 +133,14 @@ public class SysUserController {
        return Result.success(userAUthInfo);
    }
-    @Operation(summary = "获取当前登录用户信息", security = {@SecurityRequirement(name = "Authorization")})
+    @Operation(summary = "获取登录用户信息")
    @GetMapping("/me")
    public Result<UserInfoVO> getUserLoginInfo() {
        UserInfoVO userInfoVO = userService.getUserLoginInfo();
        return Result.success(userInfoVO);
    }
-    @Operation(summary = "注销登出", security = {@SecurityRequirement(name = "Authorization")})
+    @Operation(summary = "用户注销")
    @DeleteMapping("/logout")
    public Result logout() {
        boolean result = userService.logout();
@@ -150,7 +148,7 @@ public class SysUserController {
    }
-    @Operation(summary = "用户导入模板下载", security = {@SecurityRequirement(name = "Authorization")})
+    @Operation(summary = "用户导入模板下载")
    @GetMapping("/template")
    public void downloadTemplate(HttpServletResponse response) throws IOException {
        String fileName = "用户导入模板.xlsx";
@@ -166,7 +164,7 @@ public class SysUserController {
        excelWriter.finish();
    }
-    @Operation(summary = "导入用户", security = {@SecurityRequirement(name = "Authorization")})
+    @Operation(summary = "导入用户")
    @PostMapping("/_import")
    public Result importUsers(@Parameter(description = "部门ID") Long deptId, MultipartFile file) throws IOException {
        UserImportListener listener = new UserImportListener(deptId);
@@ -175,7 +173,7 @@ public class SysUserController {
        return Result.success(msg);
    }
-    @Operation(summary = "导出用户", security = {@SecurityRequirement(name = "Authorization")})
+    @Operation(summary = "导出用户")
    @GetMapping("/_export")
    public void exportUsers(UserPageQuery queryParams, HttpServletResponse response) throws IOException {
        String fileName = "用户列表.xlsx";

--- a/youlai-system/system-boot/src/main/java/com/youlai/system/service/impl/SysMenuServiceImpl.java
+++ b/youlai-system/system-boot/src/main/java/com/youlai/system/service/impl/SysMenuServiceImpl.java
@@ -2,6 +2,7 @@ package com.youlai.system.service.impl;
 import cn.hutool.core.collection.CollectionUtil;
 import cn.hutool.core.util.NumberUtil;
+import cn.hutool.core.util.ObjectUtil;
 import cn.hutool.core.util.StrUtil;
 import com.baomidou.mybatisplus.core.conditions.query.LambdaQueryWrapper;
 import com.baomidou.mybatisplus.core.conditions.update.LambdaUpdateWrapper;
@@ -80,7 +81,7 @@ public class SysMenuServiceImpl extends ServiceImpl<SysMenuMapper, SysMenu> impl
        MenuTypeEnum menuType = menuForm.getType();  // 菜单类型
        switch (menuType) {
            case CATALOG -> { // 目录
-                if (NumberUtil.equals(menuForm.getParentId(), 0) && !path.startsWith("/")) {
+                if (ObjectUtil.equal(menuForm.getParentId(), 0) && !path.startsWith("/")) {
                    menuForm.setPath("/" + path); // 一级目录需以 / 开头
                }
                menuForm.setComponent("Layout");