Skip to content

S
spring-microservice-exam
Commit e39e6152 by tangyi
Options

优化

parent 4b812ef1
Showing with 615 additions and 552 deletions
common/common-security/src/main/java/com/github/tangyi/common/security/annotations/AdminAuthorization.java 0 → 100644
package com.github.tangyi.common.security.annotations;
import org.springframework.security.access.prepost.PreAuthorize;
import java.lang.annotation.*;
/**
* 超级管理员权限注解
*
* @author tangyi
* @date 2019/11/02 12:33
*/
@Target({ElementType.METHOD, ElementType.TYPE})
@Retention(RetentionPolicy.RUNTIME)
@Inherited
@PreAuthorize("hasRole(T(com.github.tangyi.common.security.enums.Roles).ROLE_ADMIN)")
public @interface AdminAuthorization {
}
common/common-security/src/main/java/com/github/tangyi/common/security/annotations/AdminTenantTeacherAuthorization.java 0 → 100644
package com.github.tangyi.common.security.annotations;
import org.springframework.security.access.prepost.PreAuthorize;
import java.lang.annotation.*;
/**
* 租户或超管权限
*
* @author tangyi
* @date 2019/11/02 12:40
*/
@Target({ElementType.METHOD, ElementType.TYPE})
@Retention(RetentionPolicy.RUNTIME)
@Inherited
@PreAuthorize("hasRole(T(com.github.tangyi.common.security.enums.Roles).ROLE_ADMIN) or hasRole(T(com.github.tangyi.common.security.enums.Roles).ROLE_TENANT_ADMIN) or hasRole(T(com.github.tangyi.common.security.enums.Roles).ROLE_TEACHER)")
public @interface AdminTenantTeacherAuthorization {
}
common/common-security/src/main/java/com/github/tangyi/common/security/annotations/UserAuthorization.java 0 → 100644
package com.github.tangyi.common.security.annotations;
import org.springframework.security.access.prepost.PreAuthorize;
import java.lang.annotation.*;
/**
* 普通用户权限
*
* @author tangyi
* @date 2019/11/02 12:44
*/
@Target({ElementType.METHOD, ElementType.TYPE})
@Retention(RetentionPolicy.RUNTIME)
@Inherited
@PreAuthorize("hasRole(T(com.github.tangyi.common.security.enums.Roles).ROLE_USER)")
public @interface UserAuthorization {
}
common/common-security/src/main/java/com/github/tangyi/common/security/enums/Roles.java 0 → 100644
package com.github.tangyi.common.security.enums;
import org.springframework.security.core.GrantedAuthority;
/**
* 角色枚举
*
* @author tangyi
* @date 2019/11/02 12:30
*/
public enum Roles implements GrantedAuthority {
/**
* 普通用户
*/
ROLE_USER,
/**
* 超级管理员
*/
ROLE_ADMIN,
/**
* 租户管理员
*/
ROLE_TENANT_ADMIN,
/**
* 老师
*/
ROLE_TEACHER;
@Override
public String getAuthority() {
return name();
}
}
frontend/spring-microservice-exam-web/package-lock.json 0 → 100644
This source diff could not be displayed because it is too large. You can view the blob instead.
modules/auth-service-parent/auth-service/src/main/java/com/github/tangyi/auth/config/CustomAuthorizationServerConfigurer.java
package com.github.tangyi.auth.config;
import com.github.tangyi.auth.filter.CustomTokenEndpointAuthenticationFilter;
import com.github.tangyi.auth.security.CustomTokenConverter;
import com.github.tangyi.common.security.core.ClientDetailsServiceImpl;
import com.github.tangyi.common.security.exceptions.CustomOauthException;
import com.github.tangyi.user.api.feign.UserServiceClient;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.cloud.bootstrap.encrypt.KeyProperties;
import org.springframework.context.annotation.Bean;
import org.springframework.context.annotation.Configuration;
import org.springframework.core.annotation.Order;
import org.springframework.data.redis.connection.RedisConnectionFactory;
import org.springframework.http.ResponseEntity;
import org.springframework.security.authentication.AuthenticationManager;
import org.springframework.security.crypto.bcrypt.BCryptPasswordEncoder;
import org.springframework.security.oauth2.common.exceptions.OAuth2Exception;
import org.springframework.security.oauth2.config.annotation.configurers.ClientDetailsServiceConfigurer;
......@@ -19,7 +17,6 @@ import org.springframework.security.oauth2.config.annotation.web.configuration.A
import org.springframework.security.oauth2.config.annotation.web.configurers.AuthorizationServerEndpointsConfigurer;
import org.springframework.security.oauth2.config.annotation.web.configurers.AuthorizationServerSecurityConfigurer;
import org.springframework.security.oauth2.provider.ClientDetailsService;
import org.springframework.security.oauth2.provider.OAuth2RequestFactory;
import org.springframework.security.oauth2.provider.token.TokenStore;
import org.springframework.security.oauth2.provider.token.store.JwtAccessTokenConverter;
import org.springframework.security.oauth2.provider.token.store.KeyStoreKeyFactory;
......@@ -37,11 +34,6 @@ import javax.sql.DataSource;
public class CustomAuthorizationServerConfigurer extends AuthorizationServerConfigurerAdapter {
/**
* 认证管理器
*/
private final AuthenticationManager authenticationManager;
/**
* redis连接工厂
*/
private final RedisConnectionFactory redisConnectionFactory;
......@@ -56,21 +48,13 @@ public class CustomAuthorizationServerConfigurer extends AuthorizationServerConf
*/
private final KeyProperties keyProperties;
private final UserServiceClient userServiceClient;
private OAuth2RequestFactory oAuth2RequestFactory;
@Autowired
public CustomAuthorizationServerConfigurer(AuthenticationManager authenticationManager,
RedisConnectionFactory redisConnectionFactory,
DataSource dataSource,
KeyProperties keyProperties,
UserServiceClient userServiceClient) {
this.authenticationManager = authenticationManager;
public CustomAuthorizationServerConfigurer(RedisConnectionFactory redisConnectionFactory,
DataSource dataSource,
KeyProperties keyProperties) {
this.redisConnectionFactory = redisConnectionFactory;
this.dataSource = dataSource;
this.keyProperties = keyProperties;
this.userServiceClient = userServiceClient;
}
/**
......@@ -123,14 +107,11 @@ public class CustomAuthorizationServerConfigurer extends AuthorizationServerConf
*/
@Override
public void configure(AuthorizationServerEndpointsConfigurer endpoints) {
oAuth2RequestFactory = endpoints.getOAuth2RequestFactory();
endpoints
endpoints
// 将token存储到redis
.tokenStore(tokenStore())
// token增强
.tokenEnhancer(jwtTokenEnhancer())
// 认证管理器
.authenticationManager(authenticationManager)
// 异常处理
.exceptionTranslator(e -> {
if (e instanceof OAuth2Exception) {
......@@ -158,7 +139,8 @@ public class CustomAuthorizationServerConfigurer extends AuthorizationServerConf
// 开启/oauth/check_token验证端口认证权限访问
.checkTokenAccess("isAuthenticated()")
.allowFormAuthenticationForClients();
//.addTokenEndpointAuthenticationFilter(new CustomTokenEndpointAuthenticationFilter(authenticationManager, oAuth2RequestFactory, userServiceClient));
}
}
modules/auth-service-parent/auth-service/src/main/java/com/github/tangyi/auth/config/SecurityConfig.java
......@@ -12,7 +12,9 @@ import org.springframework.security.config.annotation.method.configuration.Enabl
import org.springframework.security.config.annotation.web.builders.HttpSecurity;
import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity;
import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter;
import org.springframework.security.core.userdetails.UserDetailsService;
import org.springframework.security.crypto.bcrypt.BCryptPasswordEncoder;
import org.springframework.security.oauth2.config.annotation.web.configuration.AuthorizationServerEndpointsConfiguration;
/**
* Spring Security配置
......@@ -28,6 +30,9 @@ public class SecurityConfig extends WebSecurityConfigurerAdapter {
@Autowired
private CustomUserDetailsService userDetailsService;
@Autowired
private AuthorizationServerEndpointsConfiguration endpoints;
@Override
protected void configure(HttpSecurity http) throws Exception {
http
......@@ -35,6 +40,12 @@ public class SecurityConfig extends WebSecurityConfigurerAdapter {
.csrf().disable()
.authorizeRequests()
.anyRequest().authenticated();
if (!endpoints.getEndpointsConfigurer().isUserDetailsServiceOverride()) {
UserDetailsService userDetailsService = http.getSharedObject(UserDetailsService.class);
endpoints.getEndpointsConfigurer().userDetailsService(userDetailsService);
}
// 认证管理器
endpoints.getEndpointsConfigurer().authenticationManager(authenticationManager());
}
@Bean
......
modules/auth-service-parent/auth-service/src/main/java/com/github/tangyi/auth/controller/OauthClientDetailsController.java
......@@ -9,7 +9,7 @@ import com.github.tangyi.common.core.utils.PageUtil;
import com.github.tangyi.common.core.utils.SysUtil;
import com.github.tangyi.common.core.web.BaseController;
import com.github.tangyi.common.log.annotation.Log;
import com.github.tangyi.common.security.constant.SecurityConstant;
import com.github.tangyi.common.security.annotations.AdminAuthorization;
import io.swagger.annotations.Api;
import io.swagger.annotations.ApiImplicitParam;
import io.swagger.annotations.ApiImplicitParams;
......@@ -17,7 +17,6 @@ import io.swagger.annotations.ApiOperation;
import lombok.AllArgsConstructor;
import lombok.extern.slf4j.Slf4j;
import org.apache.commons.lang.ArrayUtils;
import org.springframework.security.access.prepost.PreAuthorize;
import org.springframework.security.crypto.bcrypt.BCryptPasswordEncoder;
import org.springframework.web.bind.annotation.*;
......@@ -113,7 +112,7 @@ public class OauthClientDetailsController extends BaseController {
* @date 2019/03/30 16:57
*/
@PostMapping
@PreAuthorize("hasAuthority('sys:client:add') or hasAnyRole('" + SecurityConstant.ROLE_ADMIN + "')")
@AdminAuthorization
@ApiOperation(value = "创建客户端", notes = "创建客户端")
@ApiImplicitParam(name = "oauthClientDetails", value = "客户端实体oauthClientDetails", required = true, dataType = "OauthClientDetails")
@Log("新增客户端")
......@@ -133,7 +132,7 @@ public class OauthClientDetailsController extends BaseController {
* @date 2019/03/30 16:56
*/
@PutMapping
@PreAuthorize("hasAuthority('sys:client:edit') or hasAnyRole('" + SecurityConstant.ROLE_ADMIN + "')")
@AdminAuthorization
@ApiOperation(value = "更新客户端信息", notes = "根据客户端id更新客户端的基本信息")
@ApiImplicitParam(name = "oauthClientDetails", value = "客户端实体oauthClientDetails", required = true, dataType = "OauthClientDetails")
@Log("修改客户端")
......@@ -155,7 +154,7 @@ public class OauthClientDetailsController extends BaseController {
* @date 2019/03/30 16:59
*/
@DeleteMapping("/{id}")
@PreAuthorize("hasAuthority('sys:client:del') or hasAnyRole('" + SecurityConstant.ROLE_ADMIN + "')")
@AdminAuthorization
@ApiOperation(value = "删除客户端", notes = "根据ID删除客户端")
@ApiImplicitParam(name = "id", value = "客户端ID", required = true, paramType = "path")
@Log("删除客户端")
......@@ -176,7 +175,7 @@ public class OauthClientDetailsController extends BaseController {
* @date 2019/03/30 17:01
*/
@PostMapping("deleteAll")
@PreAuthorize("hasAuthority('sys:client:del') or hasAnyRole('" + SecurityConstant.ROLE_ADMIN + "')")
@AdminAuthorization
@ApiOperation(value = "批量删除客户端", notes = "根据客户端id批量删除客户端")
@ApiImplicitParam(name = "oauthClientDetails", value = "客户端信息", dataType = "OauthClientDetails")
@Log("批量删除客户端")
......
modules/auth-service-parent/auth-service/src/main/java/com/github/tangyi/auth/filter/CustomTokenEndpointAuthenticationFilter.java
......@@ -8,7 +8,6 @@ import com.github.tangyi.common.core.utils.SysUtil;
import com.github.tangyi.user.api.feign.UserServiceClient;
import lombok.extern.slf4j.Slf4j;
import org.springframework.http.HttpHeaders;
import org.springframework.http.HttpMethod;
import org.springframework.scheduling.annotation.Async;
import org.springframework.security.authentication.AuthenticationManager;
import org.springframework.security.core.Authentication;
......
modules/auth-service-parent/auth-service/src/main/java/com/github/tangyi/auth/security/CustomUserDetailsServiceImpl.java
......@@ -9,24 +9,18 @@ import com.github.tangyi.common.core.exceptions.CommonException;
import com.github.tangyi.common.core.exceptions.ServiceException;
import com.github.tangyi.common.core.exceptions.TenantNotFoundException;
import com.github.tangyi.common.core.model.ResponseBean;
import com.github.tangyi.common.core.properties.SysProperties;
import com.github.tangyi.common.core.utils.DateUtils;
import com.github.tangyi.common.core.utils.ResponseUtil;
import com.github.tangyi.common.core.vo.RoleVo;
import com.github.tangyi.common.core.vo.UserVo;
import com.github.tangyi.common.security.core.CustomUserDetailsService;
import com.github.tangyi.common.security.core.GrantedAuthorityImpl;
import com.github.tangyi.common.security.mobile.MobileUser;
import com.github.tangyi.common.security.wx.WxUser;
import com.github.tangyi.user.api.constant.MenuConstant;
import com.github.tangyi.user.api.dto.UserDto;
import com.github.tangyi.user.api.enums.IdentityType;
import com.github.tangyi.user.api.feign.UserServiceClient;
import com.github.tangyi.user.api.module.Menu;
import com.github.tangyi.user.api.module.Tenant;
import com.google.common.collect.Lists;
import lombok.AllArgsConstructor;
import org.apache.commons.collections4.CollectionUtils;
import org.apache.commons.lang.StringUtils;
import org.springframework.beans.BeanUtils;
import org.springframework.security.core.GrantedAuthority;
......@@ -35,8 +29,6 @@ import org.springframework.security.core.userdetails.UsernameNotFoundException;
import org.springframework.stereotype.Service;
import java.time.LocalDateTime;
import java.util.HashSet;
import java.util.List;
import java.util.Set;
import java.util.stream.Collectors;
......@@ -52,8 +44,6 @@ public class CustomUserDetailsServiceImpl implements CustomUserDetailsService {
private final UserServiceClient userServiceClient;
private final SysProperties sysProperties;
private final WxSessionService wxService;
/**
......@@ -67,12 +57,12 @@ public class CustomUserDetailsServiceImpl implements CustomUserDetailsService {
public UserDetails loadUserByIdentifierAndTenantCode(String username, String tenantCode) throws UsernameNotFoundException, TenantNotFoundException {
long start = System.currentTimeMillis();
Tenant tenant = this.validateTenantCode(tenantCode);
ResponseBean<UserVo> userVoResponseBean = userServiceClient.findUserByIdentifier(username, tenantCode);
if (!ResponseUtil.isSuccess(userVoResponseBean))
ResponseBean<UserVo> userVoResponseBean = userServiceClient.findUserByIdentifier(username, tenantCode);
if (!ResponseUtil.isSuccess(userVoResponseBean))
throw new ServiceException("查询用户信息失败: " + userVoResponseBean.getMsg());
UserVo userVo = userVoResponseBean.getData();
if (userVo == null)
throw new UsernameNotFoundException("用户不存在.");
UserVo userVo = userVoResponseBean.getData();
if (userVo == null)
throw new UsernameNotFoundException("用户不存在.");
return new CustomUserDetails(username, userVo.getCredential(), CommonConstant.STATUS_NORMAL.equals(userVo.getStatus()), getAuthority(userVo), userVo.getTenantCode(), start, LoginType.PWD);
}
......@@ -90,11 +80,11 @@ public class CustomUserDetailsServiceImpl implements CustomUserDetailsService {
public UserDetails loadUserBySocialAndTenantCode(String social, String tenantCode, MobileUser mobileUser) throws UsernameNotFoundException {
long start = System.currentTimeMillis();
Tenant tenant = this.validateTenantCode(tenantCode);
ResponseBean<UserVo> userVoResponseBean = userServiceClient.findUserByIdentifier(social, IdentityType.PHONE_NUMBER.getValue(), tenantCode);
if (!ResponseUtil.isSuccess(userVoResponseBean))
throw new ServiceException("查询用户信息失败: " + userVoResponseBean.getMsg());
UserVo userVo = userVoResponseBean.getData();
// 第一次登录
ResponseBean<UserVo> userVoResponseBean = userServiceClient.findUserByIdentifier(social, IdentityType.PHONE_NUMBER.getValue(), tenantCode);
if (!ResponseUtil.isSuccess(userVoResponseBean))
throw new ServiceException("查询用户信息失败: " + userVoResponseBean.getMsg());
UserVo userVo = userVoResponseBean.getData();
// 第一次登录
if (userVo == null) {
UserDto userDto = new UserDto();
// 用户的基本信息
......@@ -106,13 +96,13 @@ public class CustomUserDetailsServiceImpl implements CustomUserDetailsService {
userDto.setLoginTime(DateUtils.asDate(LocalDateTime.now()));
// 注册账号
ResponseBean<Boolean> response = userServiceClient.registerUser(userDto);
if (!ResponseUtil.isSuccess(response))
if (!ResponseUtil.isSuccess(response))
throw new ServiceException("自动注册用户失败: " + response.getMsg());
// 重新获取用户信息
userVoResponseBean = userServiceClient.findUserByIdentifier(social, IdentityType.PHONE_NUMBER.getValue(), tenantCode);
if (!ResponseUtil.isSuccess(userVoResponseBean))
throw new ServiceException("查询用户信息失败: " + userVoResponseBean.getMsg());
userVo = userVoResponseBean.getData();
userVoResponseBean = userServiceClient.findUserByIdentifier(social, IdentityType.PHONE_NUMBER.getValue(), tenantCode);
if (!ResponseUtil.isSuccess(userVoResponseBean))
throw new ServiceException("查询用户信息失败: " + userVoResponseBean.getMsg());
userVo = userVoResponseBean.getData();
} else {
// TODO 记录登录时间,IP等信息
UserDto userDto = new UserDto();
......@@ -144,9 +134,9 @@ public class CustomUserDetailsServiceImpl implements CustomUserDetailsService {
throw new CommonException("获取openId失败.");
// 获取用户信息
ResponseBean<UserVo> userVoResponseBean = userServiceClient.findUserByIdentifier(wxSession.getOpenId(), IdentityType.WE_CHAT.getValue(), tenantCode);
if (!ResponseUtil.isSuccess(userVoResponseBean))
throw new ServiceException("查询用户信息失败: " + userVoResponseBean.getMsg());
UserVo userVo = userVoResponseBean.getData();
if (!ResponseUtil.isSuccess(userVoResponseBean))
throw new ServiceException("查询用户信息失败: " + userVoResponseBean.getMsg());
UserVo userVo = userVoResponseBean.getData();
// 为空说明是第一次登录,需要将用户信息增加到数据库里
if (userVo == null) {
UserDto userDto = new UserDto();
......@@ -163,9 +153,9 @@ public class CustomUserDetailsServiceImpl implements CustomUserDetailsService {
throw new ServiceException("自动注册用户失败: " + response.getMsg());
// 重新获取用户信息
userVoResponseBean = userServiceClient.findUserByIdentifier(wxSession.getOpenId(), IdentityType.WE_CHAT.getValue(), tenantCode);
if (!ResponseUtil.isSuccess(userVoResponseBean))
throw new ServiceException("查询用户信息失败: " + userVoResponseBean.getMsg());
userVo = userVoResponseBean.getData();
if (!ResponseUtil.isSuccess(userVoResponseBean))
throw new ServiceException("查询用户信息失败: " + userVoResponseBean.getMsg());
userVo = userVoResponseBean.getData();
} else {
// TODO 更新sessionKey,记录登录时间,IP等信息
UserDto userDto = new UserDto();
......@@ -187,10 +177,10 @@ public class CustomUserDetailsServiceImpl implements CustomUserDetailsService {
if (StringUtils.isBlank(tenantCode))
throw new TenantNotFoundException("租户code不能为空.");
// 先获取租户信息
ResponseBean<Tenant> tenantResponseBean = userServiceClient.findTenantByTenantCode(tenantCode);
if (!ResponseUtil.isSuccess(tenantResponseBean))
throw new ServiceException("查询租户信息失败: " + tenantResponseBean.getMsg());
Tenant tenant = tenantResponseBean.getData();
ResponseBean<Tenant> tenantResponseBean = userServiceClient.findTenantByTenantCode(tenantCode);
if (!ResponseUtil.isSuccess(tenantResponseBean))
throw new ServiceException("查询租户信息失败: " + tenantResponseBean.getMsg());
Tenant tenant = tenantResponseBean.getData();
if (tenant == null)
throw new TenantNotFoundException("租户不存在.");
return tenant;
......@@ -205,43 +195,9 @@ public class CustomUserDetailsServiceImpl implements CustomUserDetailsService {
* @date 2019/03/17 14:41
*/
private Set<GrantedAuthority> getAuthority(UserVo userVo) {
// 权限集合
Set<GrantedAuthority> authorities = new HashSet<>();
// 根据角色查找菜单权限
List<Menu> menus = Lists.newArrayList();
// 判断是否是管理员,是则查找所有菜单权限
if (userVo.getIdentifier().equals(sysProperties.getAdminUser())) {
// 查找所有菜单权限,因为角色一般是一个,这里只会执行一次
ResponseBean<List<Menu>> menusResponseBean = userServiceClient.findAllMenu(userVo.getTenantCode());
if (!ResponseUtil.isSuccess(menusResponseBean)) {
throw new ServiceException("查询所有菜单失败: " + menusResponseBean.getMsg());
}
menus = menusResponseBean.getData();
} else {
// 根据角色查询菜单权限
List<RoleVo> roleList = userVo.getRoleList();
if (CollectionUtils.isNotEmpty(roleList)) {
for (RoleVo role : roleList) {
// 根据角色查找菜单权限
ResponseBean<List<Menu>> roleMenusResponseBean = userServiceClient.findMenuByRole(role.getRoleCode(), userVo.getTenantCode());
if (!ResponseUtil.isSuccess(roleMenusResponseBean)) {
throw new ServiceException("查询角色菜单失败: " + roleMenusResponseBean.getMsg());
}
List<Menu> roleMenus = roleMenusResponseBean.getData();
if (CollectionUtils.isNotEmpty(roleMenus))
menus.addAll(roleMenus);
// 权限如果前缀是ROLE_,security就会认为这是个角色信息,而不是权限,例如ROLE_ADMIN就是ADMIN角色,MENU:ADD就是MENU:ADD权限
authorities.add(new GrantedAuthorityImpl(role.getRoleCode()));
}
}
}
if (CollectionUtils.isNotEmpty(menus)) {
// 菜单权限
List<GrantedAuthority> authorityList = menus.stream()
.filter(menu -> MenuConstant.MENU_TYPE_PERMISSION.equals(menu.getType()))
.map(menu -> new GrantedAuthorityImpl(menu.getPermission())).collect(Collectors.toList());
authorities.addAll(authorityList);
}
return authorities;
return userVo.getRoleList()
.stream()
.map(role -> new GrantedAuthorityImpl(role.getRoleCode().toUpperCase()))
.collect(Collectors.toSet());
}
}
modules/exam-service-parent/exam-service/src/main/java/com/github/tangyi/exam/controller/CourseController.java
......@@ -7,7 +7,7 @@ import com.github.tangyi.common.core.utils.PageUtil;
import com.github.tangyi.common.core.utils.SysUtil;
import com.github.tangyi.common.core.web.BaseController;
import com.github.tangyi.common.log.annotation.Log;
import com.github.tangyi.common.security.constant.SecurityConstant;
import com.github.tangyi.common.security.annotations.AdminTenantTeacherAuthorization;
import com.github.tangyi.exam.api.module.Course;
import com.github.tangyi.exam.service.CourseService;
import io.swagger.annotations.Api;
......@@ -17,7 +17,6 @@ import io.swagger.annotations.ApiOperation;
import lombok.AllArgsConstructor;
import lombok.extern.slf4j.Slf4j;
import org.apache.commons.lang.ArrayUtils;
import org.springframework.security.access.prepost.PreAuthorize;
import org.springframework.web.bind.annotation.*;
import javax.validation.Valid;
......@@ -93,7 +92,7 @@ public class CourseController extends BaseController {
* @date 2018/11/10 21:31
*/
@PostMapping
@PreAuthorize("hasAuthority('exam:course:add') or hasAnyRole('" + SecurityConstant.ROLE_ADMIN + "')")
@AdminTenantTeacherAuthorization
@ApiOperation(value = "创建课程", notes = "创建课程")
@ApiImplicitParam(name = "course", value = "课程实体course", required = true, dataType = "Course")
@Log("新增课程")
......@@ -111,7 +110,7 @@ public class CourseController extends BaseController {
* @date 2018/11/10 21:31
*/
@PutMapping
@PreAuthorize("hasAuthority('exam:course:edit') or hasAnyRole('" + SecurityConstant.ROLE_ADMIN + "')")
@AdminTenantTeacherAuthorization
@ApiOperation(value = "更新课程信息", notes = "根据课程id更新课程的基本信息")
@ApiImplicitParam(name = "course", value = "课程实体course", required = true, dataType = "Course")
@Log("更新课程")
......@@ -129,7 +128,7 @@ public class CourseController extends BaseController {
* @date 2018/11/10 21:32
*/
@DeleteMapping("{id}")
@PreAuthorize("hasAuthority('exam:course:del') or hasAnyRole('" + SecurityConstant.ROLE_ADMIN + "')")
@AdminTenantTeacherAuthorization
@ApiOperation(value = "删除课程", notes = "根据ID删除课程")
@ApiImplicitParam(name = "id", value = "课程ID", required = true, paramType = "path")
@Log("删除课程")
......@@ -158,7 +157,7 @@ public class CourseController extends BaseController {
* @date 2018/12/4 11:26
*/
@PostMapping("deleteAll")
@PreAuthorize("hasAuthority('exam:course:del') or hasAnyRole('" + SecurityConstant.ROLE_ADMIN + "')")
@AdminTenantTeacherAuthorization
@ApiOperation(value = "批量删除课程", notes = "根据课程id批量删除课程")
@ApiImplicitParam(name = "ids", value = "课程ID", dataType = "Long")
@Log("批量删除课程")
......
modules/exam-service-parent/exam-service/src/main/java/com/github/tangyi/exam/controller/ExamRecordController.java
......@@ -4,11 +4,9 @@ import com.github.pagehelper.PageInfo;
import com.github.tangyi.common.core.constant.CommonConstant;
import com.github.tangyi.common.core.model.ResponseBean;
import com.github.tangyi.common.core.utils.*;
import com.github.tangyi.common.core.vo.DeptVo;
import com.github.tangyi.common.core.vo.UserVo;
import com.github.tangyi.common.core.web.BaseController;
import com.github.tangyi.common.log.annotation.Log;
import com.github.tangyi.common.security.constant.SecurityConstant;
import com.github.tangyi.common.security.annotations.AdminTenantTeacherAuthorization;
import com.github.tangyi.exam.api.dto.ExaminationRecordDto;
import com.github.tangyi.exam.api.dto.StartExamDto;
import com.github.tangyi.exam.api.enums.SubmitStatusEnum;
......@@ -18,7 +16,6 @@ import com.github.tangyi.exam.service.AnswerService;
import com.github.tangyi.exam.service.ExamRecordService;
import com.github.tangyi.exam.service.ExaminationService;
import com.github.tangyi.exam.utils.ExamRecordUtil;
import com.github.tangyi.user.api.feign.UserServiceClient;
import io.swagger.annotations.Api;
import io.swagger.annotations.ApiImplicitParam;
import io.swagger.annotations.ApiImplicitParams;
......@@ -29,7 +26,6 @@ import org.apache.commons.collections4.CollectionUtils;
import org.apache.commons.lang.ArrayUtils;
import org.springframework.beans.BeanUtils;
import org.springframework.http.HttpHeaders;
import org.springframework.security.access.prepost.PreAuthorize;
import org.springframework.web.bind.annotation.*;
import javax.servlet.http.HttpServletRequest;
......@@ -58,8 +54,6 @@ public class ExamRecordController extends BaseController {
private final ExaminationService examinationService;
private final UserServiceClient userServiceClient;
private final AnswerService answerService;
/**
......@@ -113,55 +107,30 @@ public class ExamRecordController extends BaseController {
if (CollectionUtils.isNotEmpty(examRecordPageInfo.getList())) {
// 查询考试信息
List<Examination> examinations = examinationService.findListById(examRecordPageInfo.getList().stream().map(ExaminationRecord::getExaminationId).distinct().toArray(Long[]::new));
// 查询用户信息
ResponseBean<List<UserVo>> returnT = userServiceClient.findUserById(examRecordPageInfo.getList().stream().map(ExaminationRecord::getUserId).distinct().toArray(Long[]::new));
if (returnT != null && CollectionUtils.isNotEmpty(returnT.getData())) {
examRecordPageInfo.getList().forEach(tempExamRecord -> {
// 找到考试记录所属的考试信息
Examination examinationRecordExamination = examinations.stream()
.filter(tempExamination -> tempExamRecord.getExaminationId().equals(tempExamination.getId()))
.findFirst().orElse(null);
// 转换成ExamRecordDto
if (examinationRecordExamination != null) {
ExaminationRecordDto examRecordDto = new ExaminationRecordDto();
BeanUtils.copyProperties(examinationRecordExamination, examRecordDto);
examRecordDto.setId(tempExamRecord.getId());
examRecordDto.setStartTime(tempExamRecord.getStartTime());
examRecordDto.setEndTime(tempExamRecord.getEndTime());
examRecordDto.setScore(tempExamRecord.getScore());
examRecordDto.setUserId(tempExamRecord.getUserId());
examRecordDto.setExaminationId(tempExamRecord.getExaminationId());
// 正确题目数
examRecordDto.setCorrectNumber(tempExamRecord.getCorrectNumber());
examRecordDto.setInCorrectNumber(tempExamRecord.getInCorrectNumber());
// 提交状态
examRecordDto.setSubmitStatus(tempExamRecord.getSubmitStatus());
examRecordDtoList.add(examRecordDto);
}
});
// 查询部门信息
ResponseBean<List<DeptVo>> deptResponseBean = userServiceClient.findDeptById(returnT.getData().stream().map(UserVo::getDeptId).distinct().toArray(Long[]::new));
examRecordDtoList.forEach(tempExamRecordDto -> {
// 查询、设置用户信息
UserVo examRecordDtoUserVo = returnT.getData().stream()
.filter(tempUserVo -> tempExamRecordDto.getUserId().equals(tempUserVo.getId()))
.findFirst().orElse(null);
if (examRecordDtoUserVo != null) {
// 设置用户名
tempExamRecordDto.setUserName(examRecordDtoUserVo.getName());
// 查询、设置部门信息
if (deptResponseBean != null && CollectionUtils.isNotEmpty(deptResponseBean.getData())) {
DeptVo examRecordDtoDeptVo = deptResponseBean.getData().stream()
// 根据部门ID过滤
.filter(tempDept -> tempDept.getId().equals(examRecordDtoUserVo.getDeptId()))
.findFirst().orElse(null);
// 设置部门名称
if (examRecordDtoDeptVo != null)
tempExamRecordDto.setDeptName(examRecordDtoDeptVo.getDeptName());
}
}
});
}
examRecordPageInfo.getList().forEach(tempExamRecord -> {
// 找到考试记录所属的考试信息
Examination examinationRecordExamination = examinations.stream()
.filter(tempExamination -> tempExamRecord.getExaminationId().equals(tempExamination.getId()))
.findFirst().orElse(null);
// 转换成ExamRecordDto
if (examinationRecordExamination != null) {
ExaminationRecordDto examRecordDto = new ExaminationRecordDto();
BeanUtils.copyProperties(examinationRecordExamination, examRecordDto);
examRecordDto.setId(tempExamRecord.getId());
examRecordDto.setStartTime(tempExamRecord.getStartTime());
examRecordDto.setEndTime(tempExamRecord.getEndTime());
examRecordDto.setScore(tempExamRecord.getScore());
examRecordDto.setUserId(tempExamRecord.getUserId());
examRecordDto.setExaminationId(tempExamRecord.getExaminationId());
// 正确题目数
examRecordDto.setCorrectNumber(tempExamRecord.getCorrectNumber());
examRecordDto.setInCorrectNumber(tempExamRecord.getInCorrectNumber());
// 提交状态
examRecordDto.setSubmitStatus(tempExamRecord.getSubmitStatus());
examRecordDtoList.add(examRecordDto);
}
});
examRecordService.fillExamUserInfo(examRecordDtoList, examRecordPageInfo.getList().stream().map(ExaminationRecord::getUserId).distinct().toArray(Long[]::new));
}
examRecordDtoPageInfo.setTotal(examRecordPageInfo.getTotal());
examRecordDtoPageInfo.setPages(examRecordPageInfo.getPages());
......@@ -184,10 +153,6 @@ public class ExamRecordController extends BaseController {
@ApiImplicitParam(name = "examRecord", value = "考试记录实体examRecord", required = true, dataType = "ExamRecord")
@Log("新增考试记录")
public ResponseBean<ExaminationRecord> addExamRecord(@RequestBody @Valid ExaminationRecord examRecord) {
Examination examination = new Examination();
examination.setId(examRecord.getExaminationId());
// 查找考试信息
examination = examinationService.get(examination);
examRecord.setCommonValue(SysUtil.getUser(), SysUtil.getSysCode(), SysUtil.getTenantCode());
examRecord.setStartTime(examRecord.getCreateDate());
examRecordService.insert(examRecord);
......@@ -245,7 +210,7 @@ public class ExamRecordController extends BaseController {
* @date 2018/12/31 22:28
*/
@PostMapping("export")
@PreAuthorize("hasAuthority('exam:examRecord:export') or hasAnyRole('" + SecurityConstant.ROLE_ADMIN + "')")
@AdminTenantTeacherAuthorization
@ApiOperation(value = "导出考试成绩", notes = "根据成绩id导出成绩")
@ApiImplicitParam(name = "ids", value = "成绩ID", required = true, dataType = "Long")
@Log("导出考试记录")
......@@ -292,30 +257,7 @@ public class ExamRecordController extends BaseController {
examRecordDtoList.add(recordDto);
}
});
// 查询用户信息
ResponseBean<List<UserVo>> returnT = userServiceClient.findUserById(userIdSet.toArray(new Long[0]));
if (returnT != null && CollectionUtils.isNotEmpty(returnT.getData())) {
// 获取部门信息
ResponseBean<List<DeptVo>> deptResponseBean = userServiceClient.findDeptById(returnT.getData().stream().map(UserVo::getDeptId).distinct().toArray(Long[]::new));
examRecordDtoList.forEach(tempExamRecordDto -> {
// 查询用户信息
UserVo examRecordDtoUserVo = returnT.getData().stream().filter(tempUserVo -> tempExamRecordDto.getUserId().equals(tempUserVo.getId()))
.findFirst().orElse(null);
if (examRecordDtoUserVo != null) {
tempExamRecordDto.setUserName(examRecordDtoUserVo.getName());
// 查询部门信息
if (deptResponseBean != null && CollectionUtils.isNotEmpty(deptResponseBean.getData())) {
// 查找用户所属部门
DeptVo examRecordDtoDeptVo = deptResponseBean.getData().stream()
.filter(tempDept -> tempDept.getId().equals(examRecordDtoUserVo.getDeptId()))
.findFirst().orElse(null);
// 设置所属部门名称
if (examRecordDtoDeptVo != null)
tempExamRecordDto.setDeptName(examRecordDtoDeptVo.getDeptName());
}
}
});
}
examRecordService.fillExamUserInfo(examRecordDtoList, userIdSet.toArray(new Long[0]));
// 导出
ExcelToolUtil.exportExcel(request.getInputStream(), response.getOutputStream(), MapUtil.java2Map(examRecordDtoList), ExamRecordUtil.getExamRecordDtoMap());
}
......
modules/exam-service-parent/exam-service/src/main/java/com/github/tangyi/exam/controller/ExaminationController.java
......@@ -7,8 +7,7 @@ import com.github.tangyi.common.core.utils.PageUtil;
import com.github.tangyi.common.core.utils.SysUtil;
import com.github.tangyi.common.core.web.BaseController;
import com.github.tangyi.common.log.annotation.Log;
import com.github.tangyi.common.security.constant.SecurityConstant;
import com.github.tangyi.exam.api.dto.AnswerCartDto;
import com.github.tangyi.common.security.annotations.AdminTenantTeacherAuthorization;
import com.github.tangyi.exam.api.dto.ExaminationDto;
import com.github.tangyi.exam.api.dto.SubjectDto;
import com.github.tangyi.exam.api.module.Course;
......@@ -25,7 +24,6 @@ import lombok.extern.slf4j.Slf4j;
import org.apache.commons.collections4.CollectionUtils;
import org.apache.commons.lang.ArrayUtils;
import org.springframework.beans.BeanUtils;
import org.springframework.security.access.prepost.PreAuthorize;
import org.springframework.web.bind.annotation.*;
import javax.validation.Valid;
......@@ -152,7 +150,7 @@ public class ExaminationController extends BaseController {
* @date 2018/11/10 21:14
*/
@PostMapping
@PreAuthorize("hasAuthority('exam:exam:add') or hasAnyRole('" + SecurityConstant.ROLE_ADMIN + "')")
@AdminTenantTeacherAuthorization
@ApiOperation(value = "创建考试", notes = "创建考试")
@ApiImplicitParam(name = "examinationDto", value = "考试实体examinationDto", required = true, dataType = "ExaminationDto")
@Log("新增考试")
......@@ -173,7 +171,7 @@ public class ExaminationController extends BaseController {
* @date 2018/11/10 21:15
*/
@PutMapping
@PreAuthorize("hasAuthority('exam:exam:edit') or hasAnyRole('" + SecurityConstant.ROLE_ADMIN + "')")
@AdminTenantTeacherAuthorization
@ApiOperation(value = "更新考试信息", notes = "根据考试id更新考试的基本信息")
@ApiImplicitParam(name = "examinationDto", value = "考试实体answer", required = true, dataType = "ExaminationDto")
@Log("更新考试")
......@@ -195,7 +193,7 @@ public class ExaminationController extends BaseController {
* @date 2018/11/10 21:20
*/
@DeleteMapping("{id}")
@PreAuthorize("hasAuthority('exam:exam:del') or hasAnyRole('" + SecurityConstant.ROLE_ADMIN + "')")
@AdminTenantTeacherAuthorization
@ApiOperation(value = "删除考试", notes = "根据ID删除考试")
@ApiImplicitParam(name = "id", value = "考试ID", required = true, paramType = "path")
@Log("删除考试")
......@@ -224,7 +222,7 @@ public class ExaminationController extends BaseController {
* @date 2018/12/03 22:03
*/
@PostMapping("deleteAll")
@PreAuthorize("hasAuthority('exam:exam:del') or hasAnyRole('" + SecurityConstant.ROLE_ADMIN + "')")
@AdminTenantTeacherAuthorization
@ApiOperation(value = "批量删除考试", notes = "根据考试id批量删除考试")
@ApiImplicitParam(name = "ids", value = "考试ID", dataType = "Long")
@Log("批量删除考试")
......
modules/exam-service-parent/exam-service/src/main/java/com/github/tangyi/exam/controller/SubjectCategoryController.java
......@@ -7,7 +7,7 @@ import com.github.tangyi.common.core.utils.SysUtil;
import com.github.tangyi.common.core.utils.TreeUtil;
import com.github.tangyi.common.core.web.BaseController;
import com.github.tangyi.common.log.annotation.Log;
import com.github.tangyi.common.security.constant.SecurityConstant;
import com.github.tangyi.common.security.annotations.AdminTenantTeacherAuthorization;
import com.github.tangyi.exam.api.constants.ExamSubjectConstant;
import com.github.tangyi.exam.api.dto.SubjectCategoryDto;
import com.github.tangyi.exam.api.module.SubjectCategory;
......@@ -17,7 +17,6 @@ import io.swagger.annotations.ApiImplicitParam;
import io.swagger.annotations.ApiOperation;
import lombok.AllArgsConstructor;
import org.apache.commons.collections4.CollectionUtils;
import org.springframework.security.access.prepost.PreAuthorize;
import org.springframework.web.bind.annotation.*;
import javax.validation.Valid;
......@@ -89,7 +88,7 @@ public class SubjectCategoryController extends BaseController {
* @date 2018/12/04 22:00
*/
@PostMapping
@PreAuthorize("hasAuthority('exam:subject:category:add') or hasAnyRole('" + SecurityConstant.ROLE_ADMIN + "')")
@AdminTenantTeacherAuthorization
@ApiOperation(value = "创建分类", notes = "创建分类")
@ApiImplicitParam(name = "subjectCategory", value = "分类实体subjectCategory", required = true, dataType = "SubjectCategory")
@Log("新增题目分类")
......@@ -108,7 +107,7 @@ public class SubjectCategoryController extends BaseController {
* @date 2018/12/04 22:01
*/
@PutMapping
@PreAuthorize("hasAuthority('exam:subject:category:edit') or hasAnyRole('" + SecurityConstant.ROLE_ADMIN + "')")
@AdminTenantTeacherAuthorization
@ApiOperation(value = "更新分类信息", notes = "根据分类id更新分类的基本信息")
@ApiImplicitParam(name = "subjectCategory", value = "分类实体subjectCategory", required = true, dataType = "SubjectCategory")
@Log("更新题目分类")
......@@ -126,7 +125,7 @@ public class SubjectCategoryController extends BaseController {
* @date 2018/12/04 22:02
*/
@DeleteMapping("/{id}")
@PreAuthorize("hasAuthority('exam:subject:category:del') or hasAnyRole('" + SecurityConstant.ROLE_ADMIN + "')")
@AdminTenantTeacherAuthorization
@ApiOperation(value = "删除分类", notes = "根据ID删除分类")
@ApiImplicitParam(name = "id", value = "分类ID", required = true, paramType = "path")
@Log("删除题目分类")
......
modules/exam-service-parent/exam-service/src/main/java/com/github/tangyi/exam/controller/SubjectController.java
......@@ -7,7 +7,7 @@ import com.github.tangyi.common.core.model.ResponseBean;
import com.github.tangyi.common.core.utils.*;
import com.github.tangyi.common.core.web.BaseController;
import com.github.tangyi.common.log.annotation.Log;
import com.github.tangyi.common.security.constant.SecurityConstant;
import com.github.tangyi.common.security.annotations.AdminTenantTeacherAuthorization;
import com.github.tangyi.exam.api.dto.SubjectDto;
import com.github.tangyi.exam.service.AnswerService;
import com.github.tangyi.exam.service.SubjectService;
......@@ -17,7 +17,6 @@ import io.swagger.annotations.*;
import lombok.AllArgsConstructor;
import lombok.extern.slf4j.Slf4j;
import org.apache.commons.collections4.CollectionUtils;
import org.springframework.security.access.prepost.PreAuthorize;
import org.springframework.web.bind.annotation.*;
import org.springframework.web.multipart.MultipartFile;
......@@ -101,7 +100,7 @@ public class SubjectController extends BaseController {
* @date 2018/11/10 21:43
*/
@PostMapping
@PreAuthorize("hasAuthority('exam:exam:subject:add') or hasAnyRole('" + SecurityConstant.ROLE_ADMIN + "')")
@AdminTenantTeacherAuthorization
@ApiOperation(value = "创建题目", notes = "创建题目")
@ApiImplicitParam(name = "subject", value = "题目信息", required = true, dataType = "SubjectDto")
@Log("新增题目")
......@@ -119,7 +118,7 @@ public class SubjectController extends BaseController {
* @date 2018/11/10 21:43
*/
@PutMapping
@PreAuthorize("hasAuthority('exam:exam:subject:edit') or hasAnyRole('" + SecurityConstant.ROLE_ADMIN + "')")
@AdminTenantTeacherAuthorization
@ApiOperation(value = "更新题目信息", notes = "根据题目id更新题目的基本信息")
@ApiImplicitParam(name = "subject", value = "角色实体subject", required = true, dataType = "Subject")
@Log("更新题目")
......@@ -137,7 +136,7 @@ public class SubjectController extends BaseController {
* @date 2018/11/10 21:43
*/
@DeleteMapping("{id}")
@PreAuthorize("hasAuthority('exam:exam:subject:del') or hasAnyRole('" + SecurityConstant.ROLE_ADMIN + "')")
@AdminTenantTeacherAuthorization
@ApiOperation(value = "删除题目", notes = "根据ID删除题目")
@ApiImplicitParams({
@ApiImplicitParam(name = "id", value = "题目ID", required = true, dataType = "Long", paramType = "path"),
......@@ -161,7 +160,7 @@ public class SubjectController extends BaseController {
* @date 2018/11/28 12:53
*/
@PostMapping("export")
@PreAuthorize("hasAuthority('exam:exam:subject:export') or hasAnyRole('" + SecurityConstant.ROLE_ADMIN + "')")
@AdminTenantTeacherAuthorization
@ApiOperation(value = "导出题目", notes = "根据分类id导出题目")
@ApiImplicitParams({
@ApiImplicitParam(name = "ids", value = "题目ID", required = true, dataType = "Long"),
......@@ -200,7 +199,7 @@ public class SubjectController extends BaseController {
* @date 2018/11/28 12:59
*/
@RequestMapping("import")
@PreAuthorize("hasAuthority('exam:exam:subject:import') or hasAnyRole('" + SecurityConstant.ROLE_ADMIN + "')")
@AdminTenantTeacherAuthorization
@ApiOperation(value = "导入题目", notes = "导入题目")
@ApiImplicitParams({
@ApiImplicitParam(name = "examinationId", value = "考试ID", dataType = "Long"),
......@@ -232,7 +231,7 @@ public class SubjectController extends BaseController {
* @date 2018/12/04 9:55
*/
@PostMapping("deleteAll")
@PreAuthorize("hasAuthority('exam:exam:subject:del') or hasAnyRole('" + SecurityConstant.ROLE_ADMIN + "')")
@AdminTenantTeacherAuthorization
@ApiOperation(value = "批量删除题目", notes = "根据题目id批量删除题目")
@ApiImplicitParam(name = "ids", value = "题目ID", dataType = "Long")
@Log("批量删除题目")
......
modules/exam-service-parent/exam-service/src/main/java/com/github/tangyi/exam/service/ExamRecordService.java
package com.github.tangyi.exam.service;
import com.github.tangyi.common.core.constant.CommonConstant;
import com.github.tangyi.common.core.model.ResponseBean;
import com.github.tangyi.common.core.service.CrudService;
import com.github.tangyi.common.core.utils.ResponseUtil;
import com.github.tangyi.common.core.vo.DeptVo;
import com.github.tangyi.common.core.vo.UserVo;
import com.github.tangyi.exam.api.dto.ExaminationRecordDto;
import com.github.tangyi.exam.api.module.ExaminationRecord;
import com.github.tangyi.exam.mapper.ExamRecordMapper;
import com.github.tangyi.user.api.feign.UserServiceClient;
import lombok.AllArgsConstructor;
import org.apache.commons.collections4.CollectionUtils;
import org.springframework.cache.annotation.CacheEvict;
import org.springframework.cache.annotation.Cacheable;
import org.springframework.stereotype.Service;
import org.springframework.transaction.annotation.Transactional;
import java.util.List;
/**
* 考试记录service
*
......@@ -20,6 +29,8 @@ import org.springframework.transaction.annotation.Transactional;
@Service
public class ExamRecordService extends CrudService<ExamRecordMapper, ExaminationRecord> {
private final UserServiceClient userServiceClient;
/**
* 查询考试记录
*
......@@ -90,4 +101,40 @@ public class ExamRecordService extends CrudService<ExamRecordMapper, Examination
public int deleteAll(Long[] ids) {
return super.deleteAll(ids);
}
/**
* 获取用户、部门相关信息
* @param examRecordDtoList examRecordDtoList
* @param userIds userIds
*/
public void fillExamUserInfo(List<ExaminationRecordDto> examRecordDtoList, Long[] userIds) {
// 查询用户信息
ResponseBean<List<UserVo>> returnT = userServiceClient.findUserById(userIds);
if (ResponseUtil.isSuccess(returnT)) {
// 查询部门信息
ResponseBean<List<DeptVo>> deptResponseBean = userServiceClient.findDeptById(returnT.getData().stream().map(UserVo::getDeptId).distinct().toArray(Long[]::new));
if (ResponseUtil.isSuccess(deptResponseBean)) {
examRecordDtoList.forEach(tempExamRecordDto -> {
// 查询、设置用户信息
UserVo examRecordDtoUserVo = returnT.getData().stream()
.filter(tempUserVo -> tempExamRecordDto.getUserId().equals(tempUserVo.getId()))
.findFirst().orElse(null);
if (examRecordDtoUserVo != null) {
// 设置用户名
tempExamRecordDto.setUserName(examRecordDtoUserVo.getName());
// 查询、设置部门信息
if (CollectionUtils.isNotEmpty(deptResponseBean.getData())) {
DeptVo examRecordDtoDeptVo = deptResponseBean.getData().stream()
// 根据部门ID过滤
.filter(tempDept -> tempDept.getId().equals(examRecordDtoUserVo.getDeptId()))
.findFirst().orElse(null);
// 设置部门名称
if (examRecordDtoDeptVo != null)
tempExamRecordDto.setDeptName(examRecordDtoDeptVo.getDeptName());
}
}
});
}
}
}
}
modules/exam-service-parent/exam-service/src/main/java/com/github/tangyi/exam/service/ExaminationService.java
......@@ -5,7 +5,6 @@ import com.github.tangyi.common.core.constant.CommonConstant;
import com.github.tangyi.common.core.service.CrudService;
import com.github.tangyi.common.core.utils.PageUtil;
import com.github.tangyi.common.core.utils.SysUtil;
import com.github.tangyi.exam.api.dto.AnswerCartDto;
import com.github.tangyi.exam.api.dto.SubjectDto;
import com.github.tangyi.exam.api.module.Examination;
import com.github.tangyi.exam.api.module.ExaminationSubject;
......
modules/exam-service-parent/exam-service/src/main/java/com/github/tangyi/exam/service/SubjectService.java
......@@ -23,7 +23,6 @@ import java.util.HashMap;
import java.util.List;
import java.util.Map;
import java.util.stream.Collectors;
import java.util.stream.Stream;
/**
* 题目service
......
modules/user-service-parent/user-service-api/src/main/java/com/github/tangyi/user/api/constant/MenuConstant.java
......@@ -45,5 +45,28 @@ public class MenuConstant {
* 修改
*/
public static final String PERMISSION_SUFFIX_MODIFY = ":edit";
public static final String MENU_SYS = "sys";
/**
* 终端管理
*/
public static final String MENU_CLIENT = "sys:client";
/**
* 路由管理
*/
public static final String MENU_ROUTE = "sys:route";
/**
* 租户中心
*/
public static final String MENU_TENANT = "tenant";
/**
* 系统监控
*/
public static final String MENU_MONITOR = "monitor";
}
modules/user-service-parent/user-service/src/main/java/com/github/tangyi/user/controller/DeptController.java
......@@ -8,7 +8,7 @@ import com.github.tangyi.common.core.utils.TreeUtil;
import com.github.tangyi.common.core.vo.DeptVo;
import com.github.tangyi.common.core.web.BaseController;
import com.github.tangyi.common.log.annotation.Log;
import com.github.tangyi.common.security.constant.SecurityConstant;
import com.github.tangyi.common.security.annotations.AdminTenantTeacherAuthorization;
import com.github.tangyi.user.api.dto.DeptDto;
import com.github.tangyi.user.api.module.Dept;
import com.github.tangyi.user.service.DeptService;
......@@ -17,7 +17,6 @@ import io.swagger.annotations.ApiImplicitParam;
import io.swagger.annotations.ApiOperation;
import lombok.AllArgsConstructor;
import org.springframework.beans.BeanUtils;
import org.springframework.security.access.prepost.PreAuthorize;
import org.springframework.web.bind.annotation.*;
import javax.validation.Valid;
......@@ -91,7 +90,7 @@ public class DeptController extends BaseController {
* @date 2018/8/28 10:15
*/
@PostMapping
@PreAuthorize("hasAuthority('sys:dept:add') or hasAnyRole('" + SecurityConstant.ROLE_ADMIN + "')")
@AdminTenantTeacherAuthorization
@ApiOperation(value = "创建部门", notes = "创建部门")
@ApiImplicitParam(name = "dept", value = "部门实体", required = true, dataType = "Dept")
@Log("新增部门")
......@@ -109,7 +108,7 @@ public class DeptController extends BaseController {
* @date 2018/8/28 10:16
*/
@DeleteMapping("/{id}")
@PreAuthorize("hasAuthority('sys:dept:del') or hasAnyRole('" + SecurityConstant.ROLE_ADMIN + "')")
@AdminTenantTeacherAuthorization
@ApiOperation(value = "删除部门", notes = "根据ID删除部门")
@ApiImplicitParam(name = "id", value = "部门ID", required = true, paramType = "path")
@Log("删除部门")
......@@ -129,7 +128,7 @@ public class DeptController extends BaseController {
* @date 2018/8/28 10:22
*/
@PutMapping
@PreAuthorize("hasAuthority('sys:dept:edit') or hasAnyRole('" + SecurityConstant.ROLE_ADMIN + "')")
@AdminTenantTeacherAuthorization
@ApiOperation(value = "更新部门信息", notes = "根据部门id更新部门的基本信息")
@ApiImplicitParam(name = "dept", value = "部门实体", required = true, dataType = "Dept")
@Log("更新部门")
......
modules/user-service-parent/user-service/src/main/java/com/github/tangyi/user/controller/LogController.java
......@@ -7,7 +7,7 @@ import com.github.tangyi.common.core.model.ResponseBean;
import com.github.tangyi.common.core.utils.PageUtil;
import com.github.tangyi.common.core.utils.SysUtil;
import com.github.tangyi.common.core.web.BaseController;
import com.github.tangyi.common.security.constant.SecurityConstant;
import com.github.tangyi.common.security.annotations.AdminAuthorization;
import com.github.tangyi.user.service.LogService;
import io.swagger.annotations.Api;
import io.swagger.annotations.ApiImplicitParam;
......@@ -16,7 +16,6 @@ import io.swagger.annotations.ApiOperation;
import lombok.AllArgsConstructor;
import lombok.extern.slf4j.Slf4j;
import org.apache.commons.lang.ArrayUtils;
import org.springframework.security.access.prepost.PreAuthorize;
import org.springframework.web.bind.annotation.*;
import javax.validation.Valid;
......@@ -115,7 +114,7 @@ public class LogController extends BaseController {
* @date 2018/10/31 21:27
*/
@DeleteMapping("/{id}")
@PreAuthorize("hasAuthority('monitor:log:del') or hasAnyRole('" + SecurityConstant.ROLE_ADMIN + "')")
@AdminAuthorization
@ApiOperation(value = "删除日志", notes = "根据ID删除日志")
@ApiImplicitParam(name = "id", value = "日志ID", required = true, paramType = "path")
public ResponseBean<Boolean> delete(@PathVariable Long id) {
......@@ -133,7 +132,7 @@ public class LogController extends BaseController {
* @date 2018/12/4 10:12
*/
@PostMapping("deleteAll")
@PreAuthorize("hasAuthority('monitor:log:del') or hasAnyRole('" + SecurityConstant.ROLE_ADMIN + "')")
@AdminAuthorization
@ApiOperation(value = "批量删除日志", notes = "根据日志ids批量删除日志")
@ApiImplicitParam(name = "ids", value = "日志ID", dataType = "Long")
public ResponseBean<Boolean> deleteAllLog(@RequestBody Long[] ids) {
......
modules/user-service-parent/user-service/src/main/java/com/github/tangyi/user/controller/MenuController.java
......@@ -7,7 +7,7 @@ import com.github.tangyi.common.core.model.ResponseBean;
import com.github.tangyi.common.core.utils.*;
import com.github.tangyi.common.core.web.BaseController;
import com.github.tangyi.common.log.annotation.Log;
import com.github.tangyi.common.security.constant.SecurityConstant;
import com.github.tangyi.common.security.annotations.AdminTenantTeacherAuthorization;
import com.github.tangyi.user.api.dto.MenuDto;
import com.github.tangyi.user.api.module.Menu;
import com.github.tangyi.user.service.MenuService;
......@@ -17,7 +17,6 @@ import io.swagger.annotations.*;
import lombok.AllArgsConstructor;
import lombok.extern.slf4j.Slf4j;
import org.apache.commons.lang3.ArrayUtils;
import org.springframework.security.access.prepost.PreAuthorize;
import org.springframework.web.bind.annotation.*;
import org.springframework.web.multipart.MultipartFile;
......@@ -90,7 +89,7 @@ public class MenuController extends BaseController {
* @date 2018/8/27 16:12
*/
@PostMapping
@PreAuthorize("hasAuthority('sys:menu:add') or hasAnyRole('" + SecurityConstant.ROLE_ADMIN + "')")
@AdminTenantTeacherAuthorization
@ApiOperation(value = "创建菜单", notes = "创建菜单")
@ApiImplicitParam(name = "menu", value = "角色实体menu", required = true, dataType = "Menu")
@Log("新增菜单")
......@@ -108,7 +107,7 @@ public class MenuController extends BaseController {
* @date 2018/10/24 16:34
*/
@PutMapping
@PreAuthorize("hasAuthority('sys:menu:edit') or hasAnyRole('" + SecurityConstant.ROLE_ADMIN + "')")
@AdminTenantTeacherAuthorization
@ApiOperation(value = "更新菜单信息", notes = "根据菜单id更新菜单的基本信息")
@ApiImplicitParam(name = "menu", value = "角色实体menu", required = true, dataType = "Menu")
@Log("更新菜单")
......@@ -126,7 +125,7 @@ public class MenuController extends BaseController {
* @date 2018/8/27 16:19
*/
@DeleteMapping("/{id}")
@PreAuthorize("hasAuthority('sys:menu:del') or hasAnyRole('" + SecurityConstant.ROLE_ADMIN + "')")
@AdminTenantTeacherAuthorization
@ApiOperation(value = "删除菜单", notes = "根据ID删除菜单")
@ApiImplicitParam(name = "id", value = "菜单ID", required = true, paramType = "path")
@Log("删除菜单")
......@@ -243,7 +242,7 @@ public class MenuController extends BaseController {
* @date 2018/11/28 12:46
*/
@PostMapping("export")
@PreAuthorize("hasAuthority('sys:menu:export') or hasAnyRole('" + SecurityConstant.ROLE_ADMIN + "')")
@AdminTenantTeacherAuthorization
@ApiOperation(value = "导出菜单", notes = "根据菜单id导出菜单")
@ApiImplicitParam(name = "ids", value = "菜单ID", required = true, dataType = "Long")
@Log("导出菜单")
......@@ -280,7 +279,7 @@ public class MenuController extends BaseController {
* @date 2018/11/28 12:51
*/
@PostMapping("import")
@PreAuthorize("hasAuthority('sys:menu:import') or hasAnyRole('" + SecurityConstant.ROLE_ADMIN + "')")
@AdminTenantTeacherAuthorization
@ApiOperation(value = "导入菜单", notes = "导入菜单")
@Log("导入菜单")
public ResponseBean<Boolean> importMenu(@ApiParam(value = "要上传的文件", required = true) MultipartFile file) {
......
modules/user-service-parent/user-service/src/main/java/com/github/tangyi/user/controller/RoleController.java
......@@ -7,7 +7,7 @@ import com.github.tangyi.common.core.utils.PageUtil;
import com.github.tangyi.common.core.utils.SysUtil;
import com.github.tangyi.common.core.web.BaseController;
import com.github.tangyi.common.log.annotation.Log;
import com.github.tangyi.common.security.constant.SecurityConstant;
import com.github.tangyi.common.security.annotations.AdminTenantTeacherAuthorization;
import com.github.tangyi.user.api.module.Role;
import com.github.tangyi.user.service.RoleMenuService;
import com.github.tangyi.user.service.RoleService;
......@@ -19,7 +19,6 @@ import lombok.AllArgsConstructor;
import lombok.extern.slf4j.Slf4j;
import org.apache.commons.lang.ArrayUtils;
import org.apache.commons.lang.StringUtils;
import org.springframework.security.access.prepost.PreAuthorize;
import org.springframework.web.bind.annotation.*;
import javax.validation.Valid;
......@@ -120,7 +119,7 @@ public class RoleController extends BaseController {
* @date 2018/9/14 18:22
*/
@PutMapping
@PreAuthorize("hasAuthority('sys:role:edit') or hasAnyRole('" + SecurityConstant.ROLE_ADMIN + "')")
@AdminTenantTeacherAuthorization
@ApiOperation(value = "更新角色信息", notes = "根据角色id更新角色的基本信息")
@ApiImplicitParam(name = "role", value = "角色实体role", required = true, dataType = "RoleVo")
@Log("修改角色")
......@@ -162,7 +161,7 @@ public class RoleController extends BaseController {
* @date 2018/9/14 18:23
*/
@PostMapping
@PreAuthorize("hasAuthority('sys:role:add') or hasAnyRole('" + SecurityConstant.ROLE_ADMIN + "')")
@AdminTenantTeacherAuthorization
@ApiOperation(value = "创建角色", notes = "创建角色")
@ApiImplicitParam(name = "role", value = "角色实体role", required = true, dataType = "RoleVo")
@Log("新增角色")
......@@ -180,7 +179,7 @@ public class RoleController extends BaseController {
* @date 2018/9/14 18:24
*/
@DeleteMapping("/{id}")
@PreAuthorize("hasAuthority('sys:role:del') or hasAnyRole('" + SecurityConstant.ROLE_ADMIN + "')")
@AdminTenantTeacherAuthorization
@ApiOperation(value = "删除角色", notes = "根据ID删除角色")
@ApiImplicitParam(name = "id", value = "角色ID", required = true, paramType = "path")
@Log("删除角色")
......@@ -201,7 +200,7 @@ public class RoleController extends BaseController {
* @date 2018/12/4 10:00
*/
@PostMapping("deleteAll")
@PreAuthorize("hasAuthority('sys:role:del') or hasAnyRole('" + SecurityConstant.ROLE_ADMIN + "')")
@AdminTenantTeacherAuthorization
@ApiOperation(value = "批量删除角色", notes = "根据角色id批量删除角色")
@ApiImplicitParam(name = "ids", value = "角色ID", dataType = "Long")
@Log("批量删除角色")
......
modules/user-service-parent/user-service/src/main/java/com/github/tangyi/user/controller/UserController.java
......@@ -8,6 +8,7 @@ import com.github.tangyi.common.core.utils.*;
import com.github.tangyi.common.core.vo.UserVo;
import com.github.tangyi.common.core.web.BaseController;
import com.github.tangyi.common.log.annotation.Log;
import com.github.tangyi.common.security.annotations.AdminTenantTeacherAuthorization;
import com.github.tangyi.common.security.constant.SecurityConstant;
import com.github.tangyi.user.api.dto.UserDto;
import com.github.tangyi.user.api.dto.UserInfoDto;
......@@ -26,7 +27,6 @@ import org.apache.commons.lang.ArrayUtils;
import org.apache.commons.lang3.StringUtils;
import org.springframework.beans.BeanUtils;
import org.springframework.http.HttpHeaders;
import org.springframework.security.access.prepost.PreAuthorize;
import org.springframework.security.oauth2.provider.OAuth2Authentication;
import org.springframework.web.bind.annotation.*;
import org.springframework.web.multipart.MultipartFile;
......@@ -175,7 +175,7 @@ public class UserController extends BaseController {
* @date 2018/8/26 14:34
*/
@PostMapping
@PreAuthorize("hasAuthority('sys:user:add') or hasAnyRole('" + SecurityConstant.ROLE_ADMIN + "')")
@AdminTenantTeacherAuthorization
@ApiOperation(value = "创建用户", notes = "创建用户")
@ApiImplicitParam(name = "userDto", value = "用户实体user", required = true, dataType = "UserDto")
@Log("新增用户")
......@@ -193,7 +193,7 @@ public class UserController extends BaseController {
* @date 2018/8/26 15:06
*/
@PutMapping("/{id:[a-zA-Z0-9,]+}")
@PreAuthorize("hasAuthority('sys:user:edit') or hasAnyRole('" + SecurityConstant.ROLE_ADMIN + "')")
@AdminTenantTeacherAuthorization
@ApiOperation(value = "更新用户信息", notes = "根据用户id更新用户的基本信息、角色信息")
@ApiImplicitParam(name = "userDto", value = "用户实体user", required = true, dataType = "UserDto")
@Log("修改用户")
......@@ -266,7 +266,7 @@ public class UserController extends BaseController {
* @date 2018/8/26 15:28
*/
@DeleteMapping("/{id}")
@PreAuthorize("hasAuthority('sys:user:del') or hasAnyRole('" + SecurityConstant.ROLE_ADMIN + "')")
@AdminTenantTeacherAuthorization
@ApiOperation(value = "删除用户", notes = "根据ID删除用户")
@ApiImplicitParam(name = "id", value = "用户ID", required = true, paramType = "path")
@Log("删除用户")
......@@ -291,7 +291,7 @@ public class UserController extends BaseController {
* @date 2018/11/26 22:11
*/
@PostMapping("export")
@PreAuthorize("hasAuthority('sys:user:export') or hasAnyRole('" + SecurityConstant.ROLE_ADMIN + "')")
@AdminTenantTeacherAuthorization
@ApiOperation(value = "导出用户", notes = "根据用户id导出用户")
@ApiImplicitParam(name = "userVo", value = "用户信息", required = true, dataType = "UserVo")
@Log("导出用户")
......@@ -339,7 +339,7 @@ public class UserController extends BaseController {
* @date 2018/11/28 12:44
*/
@PostMapping("import")
@PreAuthorize("hasAuthority('sys:user:import') or hasAnyRole('" + SecurityConstant.ROLE_ADMIN + "')")
@AdminTenantTeacherAuthorization
@ApiOperation(value = "导入数据", notes = "导入数据")
@Log("导入用户")
public ResponseBean<Boolean> importUser(@ApiParam(value = "要上传的文件", required = true) MultipartFile file, HttpServletRequest request) {
......@@ -365,7 +365,7 @@ public class UserController extends BaseController {
* @date 2018/12/4 9:58
*/
@PostMapping("deleteAll")
@PreAuthorize("hasAuthority('sys:user:del') or hasAnyRole('" + SecurityConstant.ROLE_ADMIN + "')")
@AdminTenantTeacherAuthorization
@ApiOperation(value = "批量删除用户", notes = "根据用户id批量删除用户")
@ApiImplicitParam(name = "ids", value = "用户信息", dataType = "Long")
@Log("批量删除用户")
......@@ -460,7 +460,7 @@ public class UserController extends BaseController {
* @date 2019/6/7 12:00
*/
@PutMapping("/resetPassword")
@PreAuthorize("hasAuthority('sys:user:edit') or hasAnyRole('" + SecurityConstant.ROLE_ADMIN + "')")
@AdminTenantTeacherAuthorization
@ApiOperation(value = "重置密码", notes = "根据用户id重置密码")
@ApiImplicitParam(name = "userDto", value = "用户实体user", required = true, dataType = "UserDto")
@Log("重置密码")
......
modules/user-service-parent/user-service/src/main/java/com/github/tangyi/user/service/MenuService.java
......@@ -7,6 +7,7 @@ import com.github.tangyi.common.core.service.CrudService;
import com.github.tangyi.common.core.utils.SysUtil;
import com.github.tangyi.common.core.utils.TreeUtil;
import com.github.tangyi.common.security.constant.SecurityConstant;
import com.github.tangyi.common.security.enums.Roles;
import com.github.tangyi.common.security.utils.SecurityUtil;
import com.github.tangyi.user.api.constant.MenuConstant;
import com.github.tangyi.user.api.dto.MenuDto;
......@@ -38,322 +39,346 @@ import java.util.stream.Collectors;
@Service
public class MenuService extends CrudService<MenuMapper, Menu> {
private final MenuMapper menuMapper;
private final MenuMapper menuMapper;
private final RoleMenuService roleMenuService;
private final RoleMenuService roleMenuService;
private final SysProperties sysProperties;
private final SysProperties sysProperties;
/**
* 返回当前用户的树形菜单集合
*
* @return List
* @author tangyi
* @date 2019-09-14 14:41
*/
public List<MenuDto> findUserMenu() {
List<MenuDto> menuDtoList = new ArrayList<>();
String tenantCode = SysUtil.getTenantCode(), identifier = SysUtil.getUser();
List<Menu> userMenus;
// 查询默认租户的菜单
Menu condition = new Menu();
condition.setTenantCode(SecurityConstant.DEFAULT_TENANT_CODE);
condition.setApplicationCode(SysUtil.getSysCode());
condition.setType(MenuConstant.MENU_TYPE_MENU);
List<Menu> defaultMenus = findAllList(condition);
/**
* 返回当前用户的树形菜单集合
*
* @return List
* @author tangyi
* @date 2019-09-14 14:41
*/
public List<MenuDto> findUserMenu() {
List<MenuDto> menuDtoList = new ArrayList<>();
String tenantCode = SysUtil.getTenantCode(), identifier = SysUtil.getUser();
List<Menu> userMenus;
// 查询默认租户的菜单
Menu condition = new Menu();
condition.setTenantCode(SecurityConstant.DEFAULT_TENANT_CODE);
condition.setApplicationCode(SysUtil.getSysCode());
condition.setType(MenuConstant.MENU_TYPE_MENU);
List<Menu> defaultMenus = findAllList(condition);
// 超级管理员
if (identifier.equals(sysProperties.getAdminUser())) {
// 获取租户的菜单和默认租户的菜单,最后组装数据,租户的菜单优先
if (SecurityConstant.DEFAULT_TENANT_CODE.equals(tenantCode)) {
userMenus = defaultMenus;
} else {
// 获取角色的菜单
condition.setTenantCode(tenantCode);
condition.setApplicationCode(SysUtil.getSysCode());
condition.setType(MenuConstant.MENU_TYPE_MENU);
List<Menu> tenantMenus = findAllList(condition);
// 组装数据
userMenus = mergeMenu(defaultMenus, tenantMenus);
}
} else {
List<Role> roleList = SecurityUtil.getCurrentAuthentication().getAuthorities().stream()
// 按角色过滤
.filter(authority -> authority.getAuthority() != null && authority.getAuthority()
.startsWith("role_")).map(authority -> {
Role role = new Role();
role.setRoleCode(authority.getAuthority());
return role;
}).collect(Collectors.toList());
// 根据角色code批量查找菜单
List<Menu> tenantMenus = finMenuByRoleList(roleList, tenantCode);
// 组装数据
userMenus = mergeMenu(defaultMenus, tenantMenus);
}
if (CollectionUtils.isNotEmpty(userMenus)) {
userMenus.stream()
// 菜单类型
.filter(menu -> MenuConstant.MENU_TYPE_MENU.equals(menu.getType()))
// dto封装
.map(MenuDto::new)
// 去重
.distinct().forEach(menuDtoList::add);
// 排序、构建树形关系
return TreeUtil.buildTree(CollUtil.sort(menuDtoList, Comparator.comparingInt(MenuDto::getSort)), CommonConstant.ROOT);
}
return Lists.newArrayList();
}
// 超级管理员
if (identifier.equals(sysProperties.getAdminUser())) {
// 获取租户的菜单和默认租户的菜单,最后组装数据,租户的菜单优先
if (SecurityConstant.DEFAULT_TENANT_CODE.equals(tenantCode)) {
userMenus = defaultMenus;
} else {
// 获取角色的菜单
condition.setTenantCode(tenantCode);
condition.setApplicationCode(SysUtil.getSysCode());
condition.setType(MenuConstant.MENU_TYPE_MENU);
List<Menu> tenantMenus = findAllList(condition);
// 组装数据
userMenus = mergeMenu(defaultMenus, tenantMenus);
}
} else {
List<Role> roleList = SecurityUtil.getCurrentAuthentication().getAuthorities().stream()
// 按角色过滤
.filter(authority -> authority.getAuthority() != null && authority.getAuthority()
.startsWith("ROLE_")).map(authority -> {
Role role = new Role();
role.setRoleCode(authority.getAuthority());
return role;
}).collect(Collectors.toList());
// 根据角色code批量查找菜单
List<Menu> tenantMenus = finMenuByRoleList(roleList, tenantCode);
// 组装数据
userMenus = mergeMenu(getTenantMenus(defaultMenus), tenantMenus);
}
if (CollectionUtils.isNotEmpty(userMenus)) {
userMenus.stream()
// 菜单类型
.filter(menu -> MenuConstant.MENU_TYPE_MENU.equals(menu.getType()))
// dto封装
.map(MenuDto::new)
// 去重
.distinct().forEach(menuDtoList::add);
// 排序、构建树形关系
return TreeUtil.buildTree(CollUtil.sort(menuDtoList, Comparator.comparingInt(MenuDto::getSort)),
CommonConstant.ROOT);
}
return Lists.newArrayList();
}
/**
* 根据角色查找菜单
*
* @param role 角色标识
* @param tenantCode 租户标识
* @return List
* @author tangyi
* @date 2018/8/27 16:00
*/
@Cacheable(value = "menu#" + CommonConstant.CACHE_EXPIRE, key = "#role")
public List<Menu> findMenuByRole(String role, String tenantCode) {
List<Menu> menus = new ArrayList<>();
// 返回默认租户的角色菜单
if (!tenantCode.equals(SecurityConstant.DEFAULT_TENANT_CODE))
menus = menuMapper.findByRole(role, SecurityConstant.DEFAULT_TENANT_CODE);
List<Menu> tenantMenus = menuMapper.findByRole(role, tenantCode);
if (CollectionUtils.isNotEmpty(tenantMenus))
menus.addAll(tenantMenus);
return menus;
}
/**
* 根据角色查找菜单
*
* @param role 角色标识
* @param tenantCode 租户标识
* @return List
* @author tangyi
* @date 2018/8/27 16:00
*/
@Cacheable(value = "menu#" + CommonConstant.CACHE_EXPIRE, key = "#role")
public List<Menu> findMenuByRole(String role, String tenantCode) {
List<Menu> menus = new ArrayList<>();
// 返回默认租户的角色菜单
if (!tenantCode.equals(SecurityConstant.DEFAULT_TENANT_CODE))
menus = menuMapper.findByRole(role, SecurityConstant.DEFAULT_TENANT_CODE);
List<Menu> tenantMenus = menuMapper.findByRole(role, tenantCode);
if (CollectionUtils.isNotEmpty(tenantMenus))
menus.addAll(tenantMenus);
return menus;
}
/**
* 批量查询菜单
*
* @param roleList roleList
* @param tenantCode tenantCode
* @return List
* @author tangyi
* @date 2019/07/03 23:50:35
*/
private List<Menu> finMenuByRoleList(List<Role> roleList, String tenantCode) {
List<Menu> menus = Lists.newArrayList();
for (Role role : roleList) {
List<Menu> roleMenus = this.findMenuByRole(role.getRoleCode(), tenantCode);
if (CollectionUtils.isNotEmpty(roleMenus))
menus.addAll(roleMenus);
}
return menus;
}
/**
* 批量查询菜单
*
* @param roleList roleList
* @param tenantCode tenantCode
* @return List
* @author tangyi
* @date 2019/07/03 23:50:35
*/
private List<Menu> finMenuByRoleList(List<Role> roleList, String tenantCode) {
List<Menu> menus = Lists.newArrayList();
for (Role role : roleList) {
List<Menu> roleMenus = this.findMenuByRole(role.getRoleCode(), tenantCode);
if (CollectionUtils.isNotEmpty(roleMenus))
menus.addAll(roleMenus);
}
return menus;
}
/**
* 查询全部菜单,包括租户本身的菜单和默认租户的菜单
*
* @param menu menu
* @return List
* @author tangyi
* @date 2019/04/10 17:58
*/
@Override
public List<Menu> findAllList(Menu menu) {
List<Menu> menus = new ArrayList<>();
if (!menu.getTenantCode().equals(SecurityConstant.DEFAULT_TENANT_CODE)) {
Menu defaultMenu = new Menu();
defaultMenu.setApplicationCode(SysUtil.getSysCode());
defaultMenu.setTenantCode(SecurityConstant.DEFAULT_TENANT_CODE);
menus = menuMapper.findAllList(defaultMenu);
}
List<Menu> tenantMenus = menuMapper.findAllList(menu);
if (CollectionUtils.isNotEmpty(tenantMenus))
menus = mergeMenu(menus, tenantMenus);
return menus;
}
/**
* 查询全部菜单,包括租户本身的菜单和默认租户的菜单
*
* @param menu menu
* @return List
* @author tangyi
* @date 2019/04/10 17:58
*/
@Override
public List<Menu> findAllList(Menu menu) {
List<Menu> menus = new ArrayList<>();
if (!menu.getTenantCode().equals(SecurityConstant.DEFAULT_TENANT_CODE)) {
Menu defaultMenu = new Menu();
defaultMenu.setApplicationCode(SysUtil.getSysCode());
defaultMenu.setTenantCode(SecurityConstant.DEFAULT_TENANT_CODE);
menus = menuMapper.findAllList(defaultMenu);
}
List<Menu> tenantMenus = menuMapper.findAllList(menu);
if (CollectionUtils.isNotEmpty(tenantMenus))
menus = mergeMenu(menus, tenantMenus);
return menus;
}
/**
* 新增菜单
*
* @param menu menu
* @return int
* @author tangyi
* @date 2018/10/28 15:56
*/
@Transactional
@Override
@CacheEvict(value = {"menu", "user"}, allEntries = true)
public int insert(Menu menu) {
return super.insert(menu);
}
/**
* 新增菜单
*
* @param menu menu
* @return int
* @author tangyi
* @date 2018/10/28 15:56
*/
@Transactional
@Override
@CacheEvict(value = {"menu", "user"}, allEntries = true)
public int insert(Menu menu) {
return super.insert(menu);
}
/**
* 更新菜单,区分租户本身的菜单和默认租户的菜单
*
* @param menu menu
* @return int
* @author tangyi
* @date 2018/10/30 20:19
*/
@Transactional
@Override
@CacheEvict(value = {"menu", "user"}, allEntries = true)
public int update(Menu menu) {
String userCode = SysUtil.getUser();
String sysCode = SysUtil.getSysCode();
String tenantCode = SysUtil.getTenantCode();
menu = this.get(menu);
// 默认租户的用户更新菜单或更新本租户的菜单,直接更新
if (tenantCode.equals(SecurityConstant.DEFAULT_TENANT_CODE) || tenantCode.equals(menu.getTenantCode())) {
return super.update(menu);
} else {
// 其它租户更新默认租户的菜单,copy一份原始菜单的数据
Long originalId = menu.getId();
String originalTenantCode = menu.getTenantCode();
// 重新初始化ID
menu.setId(null);
menu.setCommonValue(userCode, sysCode, tenantCode);
this.insert(menu);
// copy子菜单
Long newMenuId = menu.getId();
Menu condition = new Menu();
condition.setParentId(originalId);
condition.setTenantCode(originalTenantCode);
// 查询子菜单
List<Menu> childrenMenus = findList(condition);
// 子菜单ID列表
List<Long> childrenMenuIds = new ArrayList<>();
if (CollectionUtils.isNotEmpty(childrenMenus)) {
childrenMenus.forEach(children -> {
childrenMenuIds.add(children.getId());
// 重新初始化ID
children.setId(null);
children.setCommonValue(userCode, sysCode, tenantCode);
// 重新绑定父菜单
children.setParentId(newMenuId);
});
// 批量插入
insertBatch(childrenMenus);
}
// 更新权限数据roleMenu
updateRoleMenu(originalId, childrenMenuIds, userCode, sysCode, tenantCode);
}
return super.update(menu);
}
/**
* 更新菜单,区分租户本身的菜单和默认租户的菜单
*
* @param menu menu
* @return int
* @author tangyi
* @date 2018/10/30 20:19
*/
@Transactional
@Override
@CacheEvict(value = {"menu", "user"}, allEntries = true)
public int update(Menu menu) {
String userCode = SysUtil.getUser();
String sysCode = SysUtil.getSysCode();
String tenantCode = SysUtil.getTenantCode();
menu = this.get(menu);
// 默认租户的用户更新菜单或更新本租户的菜单,直接更新
if (tenantCode.equals(SecurityConstant.DEFAULT_TENANT_CODE) || tenantCode.equals(menu.getTenantCode())) {
return super.update(menu);
} else {
// 其它租户更新默认租户的菜单,copy一份原始菜单的数据
Long originalId = menu.getId();
String originalTenantCode = menu.getTenantCode();
// 重新初始化ID
menu.setId(null);
menu.setCommonValue(userCode, sysCode, tenantCode);
this.insert(menu);
// copy子菜单
Long newMenuId = menu.getId();
Menu condition = new Menu();
condition.setParentId(originalId);
condition.setTenantCode(originalTenantCode);
// 查询子菜单
List<Menu> childrenMenus = findList(condition);
// 子菜单ID列表
List<Long> childrenMenuIds = new ArrayList<>();
if (CollectionUtils.isNotEmpty(childrenMenus)) {
childrenMenus.forEach(children -> {
childrenMenuIds.add(children.getId());
// 重新初始化ID
children.setId(null);
children.setCommonValue(userCode, sysCode, tenantCode);
// 重新绑定父菜单
children.setParentId(newMenuId);
});
// 批量插入
insertBatch(childrenMenus);
}
// 更新权限数据roleMenu
updateRoleMenu(originalId, childrenMenuIds, userCode, sysCode, tenantCode);
}
return super.update(menu);
}
/**
* 删除菜单
*
* @param menu menu
* @return int
* @author tangyi
* @date 2018/8/27 16:22
*/
@Override
@Transactional
@CacheEvict(value = {"menu", "user"}, allEntries = true)
public int delete(Menu menu) {
// 删除当前菜单
super.delete(menu);
// 删除父节点为当前节点的菜单
Menu parentMenu = new Menu();
parentMenu.setParentId(menu.getId());
parentMenu.setNewRecord(false);
parentMenu.setCommonValue(SysUtil.getUser(), SysUtil.getSysCode(), SysUtil.getTenantCode());
parentMenu.setDelFlag(CommonConstant.DEL_FLAG_DEL);
return super.update(parentMenu);
}
/**
* 删除菜单
*
* @param menu menu
* @return int
* @author tangyi
* @date 2018/8/27 16:22
*/
@Override
@Transactional
@CacheEvict(value = {"menu", "user"}, allEntries = true)
public int delete(Menu menu) {
// 删除当前菜单
super.delete(menu);
// 删除父节点为当前节点的菜单
Menu parentMenu = new Menu();
parentMenu.setParentId(menu.getId());
parentMenu.setNewRecord(false);
parentMenu.setCommonValue(SysUtil.getUser(), SysUtil.getSysCode(), SysUtil.getTenantCode());
parentMenu.setDelFlag(CommonConstant.DEL_FLAG_DEL);
return super.update(parentMenu);
}
/**
* 批量插入
*
* @param menus menus
* @return int
* @author tangyi
* @date 2019-09-03 12:19
*/
@Transactional
public int insertBatch(List<Menu> menus) {
return dao.insertBatch(menus);
}
/**
* 批量插入
*
* @param menus menus
* @return int
* @author tangyi
* @date 2019-09-03 12:19
*/
@Transactional
public int insertBatch(List<Menu> menus) {
return dao.insertBatch(menus);
}
/**
* 合并默认租户和租户的菜单,租户菜单优先
*
* @param defaultMenus defaultMenus
* @param tenantMenus tenantMenus
* @return List
* @author tangyi
* @date 2019-09-14 14:45
*/
private List<Menu> mergeMenu(List<Menu> defaultMenus, List<Menu> tenantMenus) {
if (CollectionUtils.isEmpty(tenantMenus))
return defaultMenus;
List<Menu> userMenus = new ArrayList<>();
// 默认菜单
defaultMenus.forEach(defaultMenu -> {
Optional<Menu> menu = tenantMenus.stream()
.filter(tenantMenu -> tenantMenu.getName().equals(defaultMenu.getName())).findFirst();
if (menu.isPresent()) {
userMenus.add(menu.get());
} else {
userMenus.add(defaultMenu);
}
});
// 租户菜单
tenantMenus.forEach(tenantMenu -> {
Optional<Menu> exist = userMenus.stream()
.filter(userMenu -> userMenu.getName().equals(tenantMenu.getName()) && userMenu.getParentId().equals(tenantMenu.getParentId())).findFirst();
if (!exist.isPresent()) {
userMenus.add(tenantMenu);
}
});
return userMenus;
}
/**
* 合并默认租户和租户的菜单,租户菜单优先
*
* @param defaultMenus defaultMenus
* @param tenantMenus tenantMenus
* @return List
* @author tangyi
* @date 2019-09-14 14:45
*/
private List<Menu> mergeMenu(List<Menu> defaultMenus, List<Menu> tenantMenus) {
if (CollectionUtils.isEmpty(tenantMenus))
return defaultMenus;
List<Menu> userMenus = new ArrayList<>();
// 默认菜单
defaultMenus.forEach(defaultMenu -> {
Optional<Menu> menu = tenantMenus.stream()
.filter(tenantMenu -> tenantMenu.getName().equals(defaultMenu.getName())).findFirst();
if (menu.isPresent()) {
userMenus.add(menu.get());
} else {
userMenus.add(defaultMenu);
}
});
// 租户菜单
tenantMenus.forEach(tenantMenu -> {
Optional<Menu> exist = userMenus.stream()
.filter(userMenu -> userMenu.getName().equals(tenantMenu.getName()) && userMenu.getParentId()
.equals(tenantMenu.getParentId())).findFirst();
if (!exist.isPresent()) {
userMenus.add(tenantMenu);
}
});
return userMenus;
}
/**
* 更新权限数据
*
* @param menuId menuId
* @param childrenMenuIds childrenMenuIds
* @param userCode userCode
* @param sysCode sysCode
* @param tenantCode tenantCode
* @return
* @author tangyi
* @date 2019-09-14 15:57
*/
@Transactional
public void updateRoleMenu(Long menuId, List<Long> childrenMenuIds, String userCode, String sysCode,
String tenantCode) {
List<RoleMenu> condition = new ArrayList<>();
RoleMenu roleMenu = new RoleMenu();
roleMenu.setMenuId(menuId);
// 主菜单
condition.add(roleMenu);
// 子菜单
if (CollectionUtils.isNotEmpty(childrenMenuIds)) {
childrenMenuIds.forEach(childrenMenuId -> {
RoleMenu childRoleMenu = new RoleMenu();
childRoleMenu.setMenuId(childrenMenuId);
condition.add(childRoleMenu);
});
}
// 查询
List<RoleMenu> roleMenus = roleMenuService.getByMenuIds(condition);
if (CollectionUtils.isNotEmpty(roleMenus)) {
roleMenus.forEach(tempRoleMenu -> {
// 重新初始化ID
tempRoleMenu.setId(null);
tempRoleMenu.setCommonValue(userCode, sysCode, tenantCode);
});
// 批量插入
roleMenuService.insertBatch(roleMenus);
}
}
/**
* 更新权限数据
*
* @param menuId menuId
* @param childrenMenuIds childrenMenuIds
* @param userCode userCode
* @param sysCode sysCode
* @param tenantCode tenantCode
* @return
* @author tangyi
* @date 2019-09-14 15:57
*/
@Transactional
public void updateRoleMenu(Long menuId, List<Long> childrenMenuIds, String userCode, String sysCode,
String tenantCode) {
List<RoleMenu> condition = new ArrayList<>();
RoleMenu roleMenu = new RoleMenu();
roleMenu.setMenuId(menuId);
// 主菜单
condition.add(roleMenu);
// 子菜单
if (CollectionUtils.isNotEmpty(childrenMenuIds)) {
childrenMenuIds.forEach(childrenMenuId -> {
RoleMenu childRoleMenu = new RoleMenu();
childRoleMenu.setMenuId(childrenMenuId);
condition.add(childRoleMenu);
});
}
// 查询
List<RoleMenu> roleMenus = roleMenuService.getByMenuIds(condition);
if (CollectionUtils.isNotEmpty(roleMenus)) {
roleMenus.forEach(tempRoleMenu -> {
// 重新初始化ID
tempRoleMenu.setId(null);
tempRoleMenu.setCommonValue(userCode, sysCode, tenantCode);
});
// 批量插入
roleMenuService.insertBatch(roleMenus);
}
}
/**
* 根据租户code删除
* @param menu menu
* @return int
*/
@Transactional
public int deleteByTenantCode(Menu menu) {
return this.dao.deleteByTenantCode(menu);
}
/**
* 根据租户code删除
*
* @param menu menu
* @return int
*/
@Transactional
public int deleteByTenantCode(Menu menu) {
return this.dao.deleteByTenantCode(menu);
}
/**
* 获取租户权限的菜单
* @param defaultMenus defaultMenus
* @return List
*/
private List<Menu> getTenantMenus(List<Menu> defaultMenus) {
List<Menu> tenantMenus = new ArrayList<>();
if (CollectionUtils.isNotEmpty(defaultMenus)) {
defaultMenus.forEach(menu -> {
String permission = menu.getPermission();
// 过滤客户端管理、路由管理、系统监控菜单
if (!permission.equals(MenuConstant.MENU_CLIENT) && !permission.equals(MenuConstant.MENU_ROUTE)
&& !permission.equals(MenuConstant.MENU_TENANT) && !permission
.equals(MenuConstant.MENU_MONITOR)) {
tenantMenus.add(menu);
}
});
}
return tenantMenus;
}
}
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment