优化

8a2ca63e · tangyi · 06a9c8fd · 8a2ca63e · 8a2ca63e · 8a2ca63e
Commit 8a2ca63e authored Apr 08, 2019 by tangyi
9 changed files
--- a/common/common-core/src/main/java/com/github/tangyi/common/core/constant/CommonConstant.java
+++ b/common/common-core/src/main/java/com/github/tangyi/common/core/constant/CommonConstant.java
@@ -138,5 +138,10 @@ public class CommonConstant {
     */
    public static final String DEFAULT_CODE_KEY = "DEFAULT_CODE_KEY";

+    /**
+     * Bearer
+     */
+    public static final String AUTHORIZATION_BEARER = "Bearer ";
+
 }

--- a/config-service/src/main/resources/config/auth-service.yml
+++ b/config-service/src/main/resources/config/auth-service.yml
@@ -77,6 +77,7 @@ ignore:
    - /actuator/**
    - /hystrix.sender
    - /v1/user/findUserByUsername/**
+    - /v1/menu/findMenuByRole/**
    - /v1/code/**
    - /v1/attachment/download
    - /v1/log/**

--- a/config-service/src/main/resources/config/exam-service.yml
+++ b/config-service/src/main/resources/config/exam-service.yml
@@ -91,6 +91,7 @@ ignore:
    - /actuator/**
    - /hystrix.sender
    - /v1/user/findUserByUsername/**
+    - /v1/menu/findMenuByRole/**
    - /v1/code/**
    - /v1/attachment/download
    - /v1/log/**

--- a/config-service/src/main/resources/config/user-service.yml
+++ b/config-service/src/main/resources/config/user-service.yml
@@ -109,6 +109,7 @@ ignore:
    - /actuator/**
    - /hystrix.sender
    - /v1/user/findUserByUsername/**
+    - /v1/menu/findMenuByRole/**
    - /v1/user/register
    - /v1/code/**
    - /v1/attachment/download

--- a/service-api-impl/auth-service/src/main/java/com/github/tangyi/auth/controller/AuthenticationController.java
+++ b/service-api-impl/auth-service/src/main/java/com/github/tangyi/auth/controller/AuthenticationController.java
 package com.github.tangyi.auth.controller;

-import com.github.tangyi.common.security.constant.SecurityConstant;
+import com.github.tangyi.common.core.constant.CommonConstant;
 import com.github.tangyi.common.core.model.ResponseBean;
 import com.github.tangyi.common.core.web.BaseController;
 import org.springframework.beans.factory.annotation.Autowired;
 import org.springframework.beans.factory.annotation.Qualifier;
-import org.springframework.cache.annotation.CacheEvict;
 import org.springframework.security.core.Authentication;
 import org.springframework.security.oauth2.provider.token.ConsumerTokenServices;
 import org.springframework.web.bind.annotation.PostMapping;
+import org.springframework.web.bind.annotation.RequestHeader;
 import org.springframework.web.bind.annotation.RequestMapping;
 import org.springframework.web.bind.annotation.RestController;

@@ -44,8 +44,9 @@ public class AuthenticationController extends BaseController {
     * @return ReturnT
     */
    @PostMapping("/removeToken")
-    @CacheEvict(value = SecurityConstant.TOKEN_USER_DETAIL, key = "#accesstoken")
-    public ResponseBean<Boolean> removeToken(String accesstoken) {
+    public ResponseBean<Boolean> removeToken(@RequestHeader("Authorization") String accesstoken) {
+        if (accesstoken.startsWith(CommonConstant.AUTHORIZATION_BEARER))
+            accesstoken = accesstoken.split(CommonConstant.AUTHORIZATION_BEARER)[1];
        return new ResponseBean<>(consumerTokenServices.revokeToken(accesstoken));
    }
 }
--- a/service-api-impl/auth-service/src/main/java/com/github/tangyi/auth/service/UserDetailsServiceImpl.java
+++ b/service-api-impl/auth-service/src/main/java/com/github/tangyi/auth/service/UserDetailsServiceImpl.java
@@ -5,6 +5,7 @@ import com.github.tangyi.common.core.vo.UserVo;
 import com.github.tangyi.common.security.core.GrantedAuthorityImpl;
 import com.github.tangyi.common.security.core.UserDetailsImpl;
 import com.github.tangyi.user.api.feign.UserServiceClient;
+import com.github.tangyi.user.api.module.Menu;
 import org.apache.commons.collections4.CollectionUtils;
 import org.slf4j.Logger;
 import org.slf4j.LoggerFactory;
@@ -16,6 +17,7 @@ import org.springframework.security.core.userdetails.UsernameNotFoundException;
 import org.springframework.stereotype.Service;

 import java.util.HashSet;
+import java.util.List;
 import java.util.Set;

 /**
@@ -62,11 +64,22 @@ public class UserDetailsServiceImpl implements UserDetailsService {
     * @date 2019/03/17 14:41
     */
    private Set<GrantedAuthority> getAuthority(UserVo userVo) {
+        // 权限集合
        Set<GrantedAuthority> authorities = new HashSet<>();
-        if (CollectionUtils.isNotEmpty(userVo.getRoleList())) {
-            for (Role role : userVo.getRoleList()) {
+        // 角色
+        List<Role> roleList = userVo.getRoleList();
+        if (CollectionUtils.isNotEmpty(roleList)) {
+            for (Role role : roleList) {
                // 权限如果前缀是ROLE_，security就会认为这是个角色信息，而不是权限，例如ROLE_ADMIN就是ADMIN角色，MENU:ADD就是MENU:ADD权限
                authorities.add(new GrantedAuthorityImpl(role.getRoleCode().toUpperCase()));
+                // 根据角色查找菜单权限
+                List<Menu> menuList = userServiceClient.findMenuByRole(role.getRoleCode());
+                if (CollectionUtils.isNotEmpty(menuList)) {
+                    for (Menu menu : menuList) {
+                        // 菜单权限
+                        authorities.add(new GrantedAuthorityImpl(menu.getPermission()));
+                    }
+                }
            }
        }
        return authorities;

--- a/service-api-impl/user-service/src/main/java/com/github/tangyi/user/service/UserService.java
+++ b/service-api-impl/user-service/src/main/java/com/github/tangyi/user/service/UserService.java
@@ -173,8 +173,7 @@ public class UserService extends CrudService<UserMapper, User> {
     */
    @Cacheable(value = "user", key = "#username")
    public UserVo selectUserVoByUsername(String username) {
-        UserVo userVo = userMapper.selectUserVoByUsername(username);
-        return userVo;
+        return userMapper.selectUserVoByUsername(username);
    }

    /**

--- a/service-api/user-api/src/main/java/com/github/tangyi/user/api/feign/UserServiceClient.java
+++ b/service-api/user-api/src/main/java/com/github/tangyi/user/api/feign/UserServiceClient.java
@@ -9,6 +9,7 @@ import com.github.tangyi.common.core.vo.UserVo;
 import com.github.tangyi.common.feign.config.CustomFeignConfig;
 import com.github.tangyi.user.api.dto.UserInfoDto;
 import com.github.tangyi.user.api.feign.factory.UserServiceClientFallbackFactory;
+import com.github.tangyi.user.api.module.Menu;
 import org.springframework.cloud.openfeign.FeignClient;
 import org.springframework.web.bind.annotation.*;

@@ -92,4 +93,15 @@ public interface UserServiceClient {
     */
    @PostMapping("/v1/log")
    ResponseBean<Boolean> saveLog(@RequestBody Log log);
+
+    /**
+     * 根据角色查找菜单
+     *
+     * @param role 角色
+     * @return List
+     * @author tangyi
+     * @date 2019/04/08 20:42
+     */
+    @GetMapping("/v1/menu/findMenuByRole/{role}")
+    List<Menu> findMenuByRole(@PathVariable("role") String role);
 }
--- a/service-api/user-api/src/main/java/com/github/tangyi/user/api/feign/fallback/UserServiceClientFallbackImpl.java
+++ b/service-api/user-api/src/main/java/com/github/tangyi/user/api/feign/fallback/UserServiceClientFallbackImpl.java
@@ -7,6 +7,7 @@ import com.github.tangyi.common.core.vo.DeptVo;
 import com.github.tangyi.common.core.vo.UserVo;
 import com.github.tangyi.user.api.dto.UserInfoDto;
 import com.github.tangyi.user.api.feign.UserServiceClient;
+import com.github.tangyi.user.api.module.Menu;
 import org.slf4j.Logger;
 import org.slf4j.LoggerFactory;
 import org.springframework.stereotype.Component;
@@ -111,6 +112,18 @@ public class UserServiceClientFallbackImpl implements UserServiceClient {
        return null;
    }

+    /**
+     * 根据角色查找菜单
+     *
+     * @param role 角色
+     * @return List
+     */
+    @Override
+    public List<Menu> findMenuByRole(String role) {
+        logger.error("feign 获取角色菜单失败,{}", throwable);
+        return new ArrayList<>();
+    }
+
    public Throwable getThrowable() {
        return throwable;
    }