From 360e671ba8048c0ea0f022ea23ed188f1b3dc14e Mon Sep 17 00:00:00 2001
From: D <3066417822@qq.com>
Date: Tue, 16 Apr 2024 06:16:29 +0800
Subject: [PATCH] =?UTF-8?q?online=20=E9=87=8D=E5=A4=A7bug=E4=BF=AE?=
=?UTF-8?q?=E6=94=B9=20=20=E6=A8=A1=E5=9D=97=E4=BE=9D=E8=B5=96=E5=85=B3?=
=?UTF-8?q?=E7=B3=BB=E8=B0=83=E6=95=B4=20=20=E6=B7=BB=E5=8A=A0=E6=A0=87?=
=?UTF-8?q?=E5=87=86=E9=89=B4=E6=9D=83=E8=A7=84=E5=88=99?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit
---
doc/模块依赖关系.drawio | 100 ++++++++++++++++++
ruoyi-common/pom.xml | 15 ++-
.../security/service/IPermissionService.java | 56 ++++++++++
.../web/service/PermissionService.java | 90 +++++-----------
ruoyi-oauth/pom.xml | 23 ----
ruoyi-oauth/ruoyi-oauth-common/pom.xml | 13 ---
ruoyi-oauth/ruoyi-oauth-starter/pom.xml | 18 ----
ruoyi-online/pom.xml | 9 +-
.../online/controller/OnLineController.java | 29 ++---
ruoyi-pay/ruoyi-pay-alipay/pom.xml | 3 +-
ruoyi-pay/ruoyi-pay-sqb/pom.xml | 14 ---
ruoyi-pay/ruoyi-pay-starter/pom.xml | 8 --
ruoyi-pay/ruoyi-pay-wx/pom.xml | 3 +-
13 files changed, 211 insertions(+), 170 deletions(-)
create mode 100644 doc/模块依赖关系.drawio
create mode 100644 ruoyi-common/src/main/java/com/ruoyi/common/core/security/service/IPermissionService.java
diff --git a/doc/模块依赖关系.drawio b/doc/模块依赖关系.drawio
new file mode 100644
index 0000000..6b2ebac
--- /dev/null
+++ b/doc/模块依赖关系.drawio
@@ -0,0 +1,100 @@
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
\ No newline at end of file
diff --git a/ruoyi-common/pom.xml b/ruoyi-common/pom.xml
index 4d5b195..62ab777 100644
--- a/ruoyi-common/pom.xml
+++ b/ruoyi-common/pom.xml
@@ -120,6 +120,12 @@
commons-pool2
+
+
+ org.apache.httpcomponents
+ httpclient
+
+
eu.bitwalker
@@ -131,10 +137,11 @@
jakarta.servlet-api
-
+
+
+ org.mybatis.spring.boot
+ mybatis-spring-boot-starter
+
diff --git a/ruoyi-common/src/main/java/com/ruoyi/common/core/security/service/IPermissionService.java b/ruoyi-common/src/main/java/com/ruoyi/common/core/security/service/IPermissionService.java
new file mode 100644
index 0000000..3d5ec22
--- /dev/null
+++ b/ruoyi-common/src/main/java/com/ruoyi/common/core/security/service/IPermissionService.java
@@ -0,0 +1,56 @@
+package com.ruoyi.common.core.security.service;
+
+public interface IPermissionService {
+
+ /**
+ * 验证用户是否具备某权限
+ *
+ * @param permission 权限字符串
+ * @return 用户是否具备某权限
+ */
+ boolean hasPermi(String permission);
+
+ /**
+ * 验证用户是否不具备某权限,与 hasPermi 逻辑相反
+ *
+ * @param permission 权限字符串
+ * @return 用户是否不具备某权限
+ */
+ default boolean lacksPermi(String permission) {
+ return !hasPermi(permission);
+ }
+
+ /**
+ * 验证用户是否具有以下任意一个权限
+ *
+ * @param permissions 以 PERMISSION_DELIMETER 为分隔符的权限列表
+ * @return 用户是否具有以下任意一个权限
+ */
+ boolean hasAnyPermi(String permissions);
+
+ /**
+ * 判断用户是否拥有某个角色
+ *
+ * @param role 角色字符串
+ * @return 用户是否具备某角色
+ */
+ boolean hasRole(String role);
+
+ /**
+ * 验证用户是否不具备某角色,与 hasRole 逻辑相反。
+ *
+ * @param role 角色名称
+ * @return 用户是否不具备某角色
+ */
+ default boolean lacksRole(String role) {
+ return !hasRole(role);
+ }
+
+ /**
+ * 验证用户是否具有以下任意一个角色
+ *
+ * @param roles 以 ROLE_DELIMETER 为分隔符的角色列表
+ * @return 用户是否具有以下任意一个角色
+ */
+ boolean hasAnyRoles(String roles);
+}
\ No newline at end of file
diff --git a/ruoyi-framework/src/main/java/com/ruoyi/framework/web/service/PermissionService.java b/ruoyi-framework/src/main/java/com/ruoyi/framework/web/service/PermissionService.java
index c2f97a1..65f1aea 100644
--- a/ruoyi-framework/src/main/java/com/ruoyi/framework/web/service/PermissionService.java
+++ b/ruoyi-framework/src/main/java/com/ruoyi/framework/web/service/PermissionService.java
@@ -1,22 +1,25 @@
package com.ruoyi.framework.web.service;
import java.util.Set;
+
import org.springframework.stereotype.Service;
import org.springframework.util.CollectionUtils;
+
import com.ruoyi.common.core.domain.entity.SysRole;
import com.ruoyi.common.core.domain.model.LoginUser;
+import com.ruoyi.common.core.security.service.IPermissionService;
import com.ruoyi.common.utils.SecurityUtils;
import com.ruoyi.common.utils.StringUtils;
import com.ruoyi.framework.security.context.PermissionContextHolder;
/**
* RuoYi首创 自定义权限实现,ss取自SpringSecurity首字母
+ * Geek改进 将自定义权限实现形成规范,提高扩展性
*
- * @author ruoyi
+ * @author ruoyi&&Dftre
*/
@Service("ss")
-public class PermissionService
-{
+public class PermissionService implements IPermissionService {
/** 所有权限标识 */
private static final String ALL_PERMISSION = "*:*:*";
@@ -33,55 +36,36 @@ public class PermissionService
* @param permission 权限字符串
* @return 用户是否具备某权限
*/
- public boolean hasPermi(String permission)
- {
- if (StringUtils.isEmpty(permission))
- {
+ public boolean hasPermi(String permission) {
+ if (StringUtils.isEmpty(permission)) {
return false;
}
LoginUser loginUser = SecurityUtils.getLoginUser();
- if (StringUtils.isNull(loginUser) || CollectionUtils.isEmpty(loginUser.getPermissions()))
- {
+ if (StringUtils.isNull(loginUser) || CollectionUtils.isEmpty(loginUser.getPermissions())) {
return false;
}
PermissionContextHolder.setContext(permission);
return hasPermissions(loginUser.getPermissions(), permission);
}
- /**
- * 验证用户是否不具备某权限,与 hasPermi逻辑相反
- *
- * @param permission 权限字符串
- * @return 用户是否不具备某权限
- */
- public boolean lacksPermi(String permission)
- {
- return hasPermi(permission) != true;
- }
-
/**
* 验证用户是否具有以下任意一个权限
*
* @param permissions 以 PERMISSION_NAMES_DELIMETER 为分隔符的权限列表
* @return 用户是否具有以下任意一个权限
*/
- public boolean hasAnyPermi(String permissions)
- {
- if (StringUtils.isEmpty(permissions))
- {
+ public boolean hasAnyPermi(String permissions) {
+ if (StringUtils.isEmpty(permissions)) {
return false;
}
LoginUser loginUser = SecurityUtils.getLoginUser();
- if (StringUtils.isNull(loginUser) || CollectionUtils.isEmpty(loginUser.getPermissions()))
- {
+ if (StringUtils.isNull(loginUser) || CollectionUtils.isEmpty(loginUser.getPermissions())) {
return false;
}
PermissionContextHolder.setContext(permissions);
Set authorities = loginUser.getPermissions();
- for (String permission : permissions.split(PERMISSION_DELIMETER))
- {
- if (permission != null && hasPermissions(authorities, permission))
- {
+ for (String permission : permissions.split(PERMISSION_DELIMETER)) {
+ if (permission != null && hasPermissions(authorities, permission)) {
return true;
}
}
@@ -94,60 +78,39 @@ public class PermissionService
* @param role 角色字符串
* @return 用户是否具备某角色
*/
- public boolean hasRole(String role)
- {
- if (StringUtils.isEmpty(role))
- {
+ public boolean hasRole(String role) {
+ if (StringUtils.isEmpty(role)) {
return false;
}
LoginUser loginUser = SecurityUtils.getLoginUser();
- if (StringUtils.isNull(loginUser) || CollectionUtils.isEmpty(loginUser.getUser().getRoles()))
- {
+ if (StringUtils.isNull(loginUser) || CollectionUtils.isEmpty(loginUser.getUser().getRoles())) {
return false;
}
- for (SysRole sysRole : loginUser.getUser().getRoles())
- {
+ for (SysRole sysRole : loginUser.getUser().getRoles()) {
String roleKey = sysRole.getRoleKey();
- if (SUPER_ADMIN.equals(roleKey) || roleKey.equals(StringUtils.trim(role)))
- {
+ if (SUPER_ADMIN.equals(roleKey) || roleKey.equals(StringUtils.trim(role))) {
return true;
}
}
return false;
}
- /**
- * 验证用户是否不具备某角色,与 isRole逻辑相反。
- *
- * @param role 角色名称
- * @return 用户是否不具备某角色
- */
- public boolean lacksRole(String role)
- {
- return hasRole(role) != true;
- }
-
/**
* 验证用户是否具有以下任意一个角色
*
* @param roles 以 ROLE_NAMES_DELIMETER 为分隔符的角色列表
* @return 用户是否具有以下任意一个角色
*/
- public boolean hasAnyRoles(String roles)
- {
- if (StringUtils.isEmpty(roles))
- {
+ public boolean hasAnyRoles(String roles) {
+ if (StringUtils.isEmpty(roles)) {
return false;
}
LoginUser loginUser = SecurityUtils.getLoginUser();
- if (StringUtils.isNull(loginUser) || CollectionUtils.isEmpty(loginUser.getUser().getRoles()))
- {
+ if (StringUtils.isNull(loginUser) || CollectionUtils.isEmpty(loginUser.getUser().getRoles())) {
return false;
}
- for (String role : roles.split(ROLE_DELIMETER))
- {
- if (hasRole(role))
- {
+ for (String role : roles.split(ROLE_DELIMETER)) {
+ if (hasRole(role)) {
return true;
}
}
@@ -158,11 +121,10 @@ public class PermissionService
* 判断是否包含权限
*
* @param permissions 权限列表
- * @param permission 权限字符串
+ * @param permission 权限字符串
* @return 用户是否具备某权限
*/
- private boolean hasPermissions(Set permissions, String permission)
- {
+ private boolean hasPermissions(Set permissions, String permission) {
return permissions.contains(ALL_PERMISSION) || permissions.contains(StringUtils.trim(permission));
}
}
diff --git a/ruoyi-oauth/pom.xml b/ruoyi-oauth/pom.xml
index 90f78e5..2d715d4 100644
--- a/ruoyi-oauth/pom.xml
+++ b/ruoyi-oauth/pom.xml
@@ -21,13 +21,6 @@
-
-
- com.ruoyi
- ruoyi-common
- ${ruoyi.version}
-
-
com.ruoyi
@@ -35,13 +28,6 @@
${ruoyi.version}
-
-
- com.ruoyi
- ruoyi-system
- ${ruoyi.version}
-
-
com.ruoyi
@@ -49,14 +35,6 @@
${ruoyi.version}
-
-
- org.apache.httpcomponents
- httpclient
- 4.5.2
-
-
-
me.zhyd.oauth
JustAuth
@@ -68,7 +46,6 @@
3.7.4.ALL
-
com.ruoyi
diff --git a/ruoyi-oauth/ruoyi-oauth-common/pom.xml b/ruoyi-oauth/ruoyi-oauth-common/pom.xml
index 330ffca..0c3aeff 100644
--- a/ruoyi-oauth/ruoyi-oauth-common/pom.xml
+++ b/ruoyi-oauth/ruoyi-oauth-common/pom.xml
@@ -17,12 +17,6 @@
-
-
- com.ruoyi
- ruoyi-common
-
-
com.ruoyi
@@ -30,13 +24,6 @@
${ruoyi.version}
-
-
- com.ruoyi
- ruoyi-system
- ${ruoyi.version}
-
-
org.apache.httpcomponents
diff --git a/ruoyi-oauth/ruoyi-oauth-starter/pom.xml b/ruoyi-oauth/ruoyi-oauth-starter/pom.xml
index 966c288..543936c 100644
--- a/ruoyi-oauth/ruoyi-oauth-starter/pom.xml
+++ b/ruoyi-oauth/ruoyi-oauth-starter/pom.xml
@@ -16,24 +16,6 @@
-
-
- com.ruoyi
- ruoyi-common
-
-
-
-
- com.ruoyi
- ruoyi-framework
-
-
-
-
- com.ruoyi
- ruoyi-system
-
-
com.ruoyi
diff --git a/ruoyi-online/pom.xml b/ruoyi-online/pom.xml
index 4327cd4..dbc8286 100644
--- a/ruoyi-online/pom.xml
+++ b/ruoyi-online/pom.xml
@@ -16,18 +16,11 @@
-
-
+
com.ruoyi
ruoyi-common
-
-
-
- com.ruoyi
- ruoyi-framework
-
\ No newline at end of file
diff --git a/ruoyi-online/src/main/java/com/ruoyi/online/controller/OnLineController.java b/ruoyi-online/src/main/java/com/ruoyi/online/controller/OnLineController.java
index d64b233..e38475e 100644
--- a/ruoyi-online/src/main/java/com/ruoyi/online/controller/OnLineController.java
+++ b/ruoyi-online/src/main/java/com/ruoyi/online/controller/OnLineController.java
@@ -17,13 +17,12 @@ import org.springframework.web.bind.annotation.RestController;
import com.ruoyi.common.annotation.Anonymous;
import com.ruoyi.common.core.controller.BaseController;
import com.ruoyi.common.core.domain.AjaxResult;
+import com.ruoyi.common.core.security.service.IPermissionService;
import com.ruoyi.common.utils.SecurityUtils;
-import com.ruoyi.framework.web.service.PermissionService;
import com.ruoyi.online.domain.OnlineMb;
import com.ruoyi.online.service.IOnlineMbService;
import com.ruoyi.online.utils.SqlMapper;
-import jakarta.annotation.Resource;
import jakarta.servlet.http.HttpServletRequest;
import jakarta.servlet.http.HttpServletResponse;
@@ -39,8 +38,9 @@ import jakarta.servlet.http.HttpServletResponse;
public class OnLineController extends BaseController {
@Autowired
private IOnlineMbService onlineMbService;
- @Resource(name = "ss")
- private PermissionService permissionService;
+
+ @Autowired
+ private IPermissionService permissionService;
@Autowired
private SqlSessionFactory sqlSessionFactory;
@@ -71,15 +71,16 @@ public class OnLineController extends BaseController {
return object;
}
- public Boolean checkPermission(String permission) {
- if(permission == null) return true;
- return switch (permission) {
- case "hasPermi" -> permissionService.hasPermi(permission);
- case "lacksPermi" -> !permissionService.lacksPermi(permission);
- case "hasAnyPermi" -> permissionService.hasAnyPermi(permission);
- case "hasRole" -> permissionService.hasRole(permission);
- case "lacksRole" -> !permissionService.lacksRole(permission);
- case "hasAnyRoles" -> permissionService.hasAnyRoles(permission);
+ public Boolean checkPermission(String permissionType,String permissionValue) {
+ if (permissionType == null)
+ return true;
+ return switch (permissionType) {
+ case "hasPermi" -> permissionService.hasPermi(permissionValue);
+ case "lacksPermi" -> permissionService.lacksPermi(permissionValue);
+ case "hasAnyPermi" -> permissionService.hasAnyPermi(permissionValue);
+ case "hasRole" -> permissionService.hasRole(permissionValue);
+ case "lacksRole" -> permissionService.lacksRole(permissionValue);
+ case "hasAnyRoles" -> permissionService.hasAnyRoles(permissionValue);
default -> true;
};
}
@@ -118,7 +119,7 @@ public class OnLineController extends BaseController {
return AjaxResult.error(500, "系统错误,在线接口重复");
} else {
OnlineMb onlineMb = selectOnlineMbList.get(0);
- if (!checkPermission(onlineMb.getPermissionValue()))
+ if (!checkPermission(onlineMb.getPermissionType(),onlineMb.getPermissionValue()))
return AjaxResult.error(403, "没有权限,请联系管理员授权");
if (onlineMb.getDeptId() != null && onlineMb.getDeptId().equals("1")) {
diff --git a/ruoyi-pay/ruoyi-pay-alipay/pom.xml b/ruoyi-pay/ruoyi-pay-alipay/pom.xml
index 848d651..df1cbdf 100644
--- a/ruoyi-pay/ruoyi-pay-alipay/pom.xml
+++ b/ruoyi-pay/ruoyi-pay-alipay/pom.xml
@@ -17,10 +17,9 @@
-
com.ruoyi
- ruoyi-common
+ ruoyi-pay-common
diff --git a/ruoyi-pay/ruoyi-pay-sqb/pom.xml b/ruoyi-pay/ruoyi-pay-sqb/pom.xml
index c4036a2..10e57f0 100644
--- a/ruoyi-pay/ruoyi-pay-sqb/pom.xml
+++ b/ruoyi-pay/ruoyi-pay-sqb/pom.xml
@@ -17,25 +17,11 @@
-
-
- com.ruoyi
- ruoyi-common
-
-
-
com.ruoyi
ruoyi-pay-common
-
-
- org.apache.httpcomponents
- httpclient
- 4.5.2
-
-
\ No newline at end of file
diff --git a/ruoyi-pay/ruoyi-pay-starter/pom.xml b/ruoyi-pay/ruoyi-pay-starter/pom.xml
index e0912bd..dec6c9b 100644
--- a/ruoyi-pay/ruoyi-pay-starter/pom.xml
+++ b/ruoyi-pay/ruoyi-pay-starter/pom.xml
@@ -16,14 +16,6 @@
-
-
-
- com.ruoyi
- ruoyi-common
-
-
-
com.ruoyi
diff --git a/ruoyi-pay/ruoyi-pay-wx/pom.xml b/ruoyi-pay/ruoyi-pay-wx/pom.xml
index 6278989..8755f64 100644
--- a/ruoyi-pay/ruoyi-pay-wx/pom.xml
+++ b/ruoyi-pay/ruoyi-pay-wx/pom.xml
@@ -17,10 +17,9 @@
-
com.ruoyi
- ruoyi-common
+ ruoyi-pay-common