ldeyun/RUOYI-geek
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

online 重大bug修改 模块依赖关系调整 添加标准鉴权规则

Browse Source
This commit is contained in:
D 2024-04-16 06:16:29 +08:00
parent 541f34be57
commit 360e671ba8
13 changed files with 211 additions and 170 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

100
doc/模块依赖关系.drawio Normal file
View File

@ -0,0 +1,100 @@
<mxfile host="65bd71144e">
<diagram id="TvbLNUR7pZR6Xx6IZirq" name="第 1 页">
<mxGraphModel dx="1050" dy="563" grid="1" gridSize="10" guides="1" tooltips="1" connect="1" arrows="1" fold="1" page="1" pageScale="1" pageWidth="827" pageHeight="1169" math="0" shadow="0">
<root>
<mxCell id="0"/>
<mxCell id="1" parent="0"/>
<mxCell id="2" value="ruoyi-admin" style="html=1;" parent="1" vertex="1">
<mxGeometry x="380" y="780" width="110" height="50" as="geometry"/>
</mxCell>
<mxCell id="4" style="edgeStyle=none;html=1;" parent="1" source="3" target="5" edge="1">
<mxGeometry relative="1" as="geometry"/>
</mxCell>
<mxCell id="10" style="edgeStyle=none;html=1;" edge="1" parent="1" source="3" target="9">
<mxGeometry relative="1" as="geometry"/>
</mxCell>
<mxCell id="28" style="edgeStyle=none;html=1;" edge="1" parent="1" source="3" target="26">
<mxGeometry relative="1" as="geometry"/>
</mxCell>
<mxCell id="34" style="edgeStyle=none;html=1;" edge="1" parent="1" source="3" target="31">
<mxGeometry relative="1" as="geometry"/>
</mxCell>
<mxCell id="3" value="ruoyi-common" style="html=1;" parent="1" vertex="1">
<mxGeometry x="380" y="320" width="110" height="50" as="geometry"/>
</mxCell>
<mxCell id="7" style="edgeStyle=none;html=1;" edge="1" parent="1" source="5" target="6">
<mxGeometry relative="1" as="geometry"/>
</mxCell>
<mxCell id="5" value="ruoyi-system" style="html=1;" vertex="1" parent="1">
<mxGeometry x="380" y="440" width="110" height="50" as="geometry"/>
</mxCell>
<mxCell id="8" style="edgeStyle=none;html=1;entryX=0.5;entryY=0;entryDx=0;entryDy=0;" edge="1" parent="1" source="6" target="2">
<mxGeometry relative="1" as="geometry"/>
</mxCell>
<mxCell id="13" style="edgeStyle=none;html=1;" edge="1" parent="1" source="6" target="12">
<mxGeometry relative="1" as="geometry"/>
</mxCell>
<mxCell id="24" style="edgeStyle=none;html=1;" edge="1" parent="1" source="6" target="20">
<mxGeometry relative="1" as="geometry"/>
</mxCell>
<mxCell id="6" value="ruoyi-framework" style="html=1;" vertex="1" parent="1">
<mxGeometry x="380" y="560" width="110" height="50" as="geometry"/>
</mxCell>
<mxCell id="11" style="edgeStyle=none;html=1;" edge="1" parent="1" source="9" target="2">
<mxGeometry relative="1" as="geometry"/>
</mxCell>
<mxCell id="9" value="ruoyi-quartz" style="html=1;" vertex="1" parent="1">
<mxGeometry x="260" y="585" width="110" height="50" as="geometry"/>
</mxCell>
<mxCell id="14" style="edgeStyle=none;html=1;" edge="1" parent="1" source="12" target="2">
<mxGeometry relative="1" as="geometry"/>
</mxCell>
<mxCell id="12" value="ruoyi-online" style="html=1;" vertex="1" parent="1">
<mxGeometry x="520" y="585" width="110" height="50" as="geometry"/>
</mxCell>
<mxCell id="18" style="edgeStyle=none;html=1;" edge="1" parent="1" source="15" target="2">
<mxGeometry relative="1" as="geometry"/>
</mxCell>
<mxCell id="15" value="ruoyi-oauth-starter" style="html=1;" vertex="1" parent="1">
<mxGeometry x="590" y="700" width="110" height="50" as="geometry"/>
</mxCell>
<mxCell id="17" style="edgeStyle=none;html=1;" edge="1" parent="1" source="16" target="2">
<mxGeometry relative="1" as="geometry"/>
</mxCell>
<mxCell id="16" value="ruoyi-pay-stater" style="html=1;" vertex="1" parent="1">
<mxGeometry x="180" y="730" width="110" height="50" as="geometry"/>
</mxCell>
<mxCell id="23" style="edgeStyle=none;html=1;" edge="1" parent="1" source="19" target="15">
<mxGeometry relative="1" as="geometry"/>
</mxCell>
<mxCell id="19" value="ruoyi-oauth-xx" style="html=1;" vertex="1" parent="1">
<mxGeometry x="660" y="585" width="110" height="50" as="geometry"/>
</mxCell>
<mxCell id="22" style="edgeStyle=none;html=1;" edge="1" parent="1" source="20" target="19">
<mxGeometry relative="1" as="geometry"/>
</mxCell>
<mxCell id="20" value="ruoyi-oauth-common" style="html=1;" vertex="1" parent="1">
<mxGeometry x="660" y="370" width="110" height="50" as="geometry"/>
</mxCell>
<mxCell id="30" style="edgeStyle=none;html=1;" edge="1" parent="1" source="25" target="16">
<mxGeometry relative="1" as="geometry"/>
</mxCell>
<mxCell id="25" value="ruoyi-pay-xx" style="html=1;" vertex="1" parent="1">
<mxGeometry x="20" y="585" width="110" height="50" as="geometry"/>
</mxCell>
<mxCell id="29" style="edgeStyle=none;html=1;" edge="1" parent="1" source="26" target="25">
<mxGeometry relative="1" as="geometry"/>
</mxCell>
<mxCell id="26" value="ruoyi-pay-common" style="html=1;" vertex="1" parent="1">
<mxGeometry x="20" y="400" width="110" height="50" as="geometry"/>
</mxCell>
<mxCell id="33" style="edgeStyle=none;html=1;" edge="1" parent="1" source="31" target="2">
<mxGeometry relative="1" as="geometry"/>
</mxCell>
<mxCell id="31" value="ruoyi-generator" style="html=1;" vertex="1" parent="1">
<mxGeometry x="140" y="585" width="110" height="50" as="geometry"/>
</mxCell>
</root>
</mxGraphModel>
</diagram>
</mxfile>

15
ruoyi-common/pom.xml
View File

@ -120,6 +120,12 @@
<artifactId>commons-pool2</artifactId>
</dependency>
<!--httpclient-->
<dependency>
<groupId>org.apache.httpcomponents</groupId>
<artifactId>httpclient</artifactId>
</dependency>
<!-- 解析客户端操作系统、浏览器等 -->
<dependency>
<groupId>eu.bitwalker</groupId>
@ -131,10 +137,11 @@
<artifactId>jakarta.servlet-api</artifactId>
</dependency>
<!-- <dependency>
<groupId>org.mybatis</groupId>
<artifactId>mybatis</artifactId>
</dependency> -->
<!-- mybatis 简化JDBC -->
<dependency>
<groupId>org.mybatis.spring.boot</groupId>
<artifactId>mybatis-spring-boot-starter</artifactId>
</dependency>
<!-- mybatis-plus 增强CRUD -->
<dependency>

56
ruoyi-common/src/main/java/com/ruoyi/common/core/security/service/IPermissionService.java Normal file
View File

@ -0,0 +1,56 @@
package com.ruoyi.common.core.security.service;
public interface IPermissionService {
/**
* 验证用户是否具备某权限
*
* @param permission 权限字符串
* @return 用户是否具备某权限
*/
boolean hasPermi(String permission);
/**
* 验证用户是否不具备某权限 hasPermi 逻辑相反
*
* @param permission 权限字符串
* @return 用户是否不具备某权限
*/
default boolean lacksPermi(String permission) {
return !hasPermi(permission);
}
/**
* 验证用户是否具有以下任意一个权限
*
* @param permissions PERMISSION_DELIMETER 为分隔符的权限列表
* @return 用户是否具有以下任意一个权限
*/
boolean hasAnyPermi(String permissions);
/**
* 判断用户是否拥有某个角色
*
* @param role 角色字符串
* @return 用户是否具备某角色
*/
boolean hasRole(String role);
/**
* 验证用户是否不具备某角色 hasRole 逻辑相反
*
* @param role 角色名称
* @return 用户是否不具备某角色
*/
default boolean lacksRole(String role) {
return !hasRole(role);
}
/**
* 验证用户是否具有以下任意一个角色
*
* @param roles ROLE_DELIMETER 为分隔符的角色列表
* @return 用户是否具有以下任意一个角色
*/
boolean hasAnyRoles(String roles);
}

88
ruoyi-framework/src/main/java/com/ruoyi/framework/web/service/PermissionService.java
View File

@ -1,22 +1,25 @@
package com.ruoyi.framework.web.service;
import java.util.Set;
import org.springframework.stereotype.Service;
import org.springframework.util.CollectionUtils;
import com.ruoyi.common.core.domain.entity.SysRole;
import com.ruoyi.common.core.domain.model.LoginUser;
import com.ruoyi.common.core.security.service.IPermissionService;
import com.ruoyi.common.utils.SecurityUtils;
import com.ruoyi.common.utils.StringUtils;
import com.ruoyi.framework.security.context.PermissionContextHolder;
/**
* RuoYi首创 自定义权限实现ss取自SpringSecurity首字母
* Geek改进 将自定义权限实现形成规范提高扩展性
*
* @author ruoyi
* @author ruoyi&&Dftre
*/
@Service("ss")
public class PermissionService
{
public class PermissionService implements IPermissionService {
/** 所有权限标识 */
private static final String ALL_PERMISSION = "*:*:*";
@ -33,55 +36,36 @@ public class PermissionService
* @param permission 权限字符串
* @return 用户是否具备某权限
*/
public boolean hasPermi(String permission)
{
if (StringUtils.isEmpty(permission))
{
public boolean hasPermi(String permission) {
if (StringUtils.isEmpty(permission)) {
return false;
}
LoginUser loginUser = SecurityUtils.getLoginUser();
if (StringUtils.isNull(loginUser) || CollectionUtils.isEmpty(loginUser.getPermissions()))
{
if (StringUtils.isNull(loginUser) || CollectionUtils.isEmpty(loginUser.getPermissions())) {
return false;
}
PermissionContextHolder.setContext(permission);
return hasPermissions(loginUser.getPermissions(), permission);
}
/**
* 验证用户是否不具备某权限 hasPermi逻辑相反
*
* @param permission 权限字符串
* @return 用户是否不具备某权限
*/
public boolean lacksPermi(String permission)
{
return hasPermi(permission) != true;
}
/**
* 验证用户是否具有以下任意一个权限
*
* @param permissions PERMISSION_NAMES_DELIMETER 为分隔符的权限列表
* @return 用户是否具有以下任意一个权限
*/
public boolean hasAnyPermi(String permissions)
{
if (StringUtils.isEmpty(permissions))
{
public boolean hasAnyPermi(String permissions) {
if (StringUtils.isEmpty(permissions)) {
return false;
}
LoginUser loginUser = SecurityUtils.getLoginUser();
if (StringUtils.isNull(loginUser) || CollectionUtils.isEmpty(loginUser.getPermissions()))
{
if (StringUtils.isNull(loginUser) || CollectionUtils.isEmpty(loginUser.getPermissions())) {
return false;
}
PermissionContextHolder.setContext(permissions);
Set<String> authorities = loginUser.getPermissions();
for (String permission : permissions.split(PERMISSION_DELIMETER))
{
if (permission != null && hasPermissions(authorities, permission))
{
for (String permission : permissions.split(PERMISSION_DELIMETER)) {
if (permission != null && hasPermissions(authorities, permission)) {
return true;
}
}
@ -94,60 +78,39 @@ public class PermissionService
* @param role 角色字符串
* @return 用户是否具备某角色
*/
public boolean hasRole(String role)
{
if (StringUtils.isEmpty(role))
{
public boolean hasRole(String role) {
if (StringUtils.isEmpty(role)) {
return false;
}
LoginUser loginUser = SecurityUtils.getLoginUser();
if (StringUtils.isNull(loginUser) || CollectionUtils.isEmpty(loginUser.getUser().getRoles()))
{
if (StringUtils.isNull(loginUser) || CollectionUtils.isEmpty(loginUser.getUser().getRoles())) {
return false;
}
for (SysRole sysRole : loginUser.getUser().getRoles())
{
for (SysRole sysRole : loginUser.getUser().getRoles()) {
String roleKey = sysRole.getRoleKey();
if (SUPER_ADMIN.equals(roleKey) || roleKey.equals(StringUtils.trim(role)))
{
if (SUPER_ADMIN.equals(roleKey) || roleKey.equals(StringUtils.trim(role))) {
return true;
}
}
return false;
}
/**
* 验证用户是否不具备某角色 isRole逻辑相反
*
* @param role 角色名称
* @return 用户是否不具备某角色
*/
public boolean lacksRole(String role)
{
return hasRole(role) != true;
}
/**
* 验证用户是否具有以下任意一个角色
*
* @param roles ROLE_NAMES_DELIMETER 为分隔符的角色列表
* @return 用户是否具有以下任意一个角色
*/
public boolean hasAnyRoles(String roles)
{
if (StringUtils.isEmpty(roles))
{
public boolean hasAnyRoles(String roles) {
if (StringUtils.isEmpty(roles)) {
return false;
}
LoginUser loginUser = SecurityUtils.getLoginUser();
if (StringUtils.isNull(loginUser) || CollectionUtils.isEmpty(loginUser.getUser().getRoles()))
{
if (StringUtils.isNull(loginUser) || CollectionUtils.isEmpty(loginUser.getUser().getRoles())) {
return false;
}
for (String role : roles.split(ROLE_DELIMETER))
{
if (hasRole(role))
{
for (String role : roles.split(ROLE_DELIMETER)) {
if (hasRole(role)) {
return true;
}
}
@ -161,8 +124,7 @@ public class PermissionService
* @param permission 权限字符串
* @return 用户是否具备某权限
*/
private boolean hasPermissions(Set<String> permissions, String permission)
{
private boolean hasPermissions(Set<String> permissions, String permission) {
return permissions.contains(ALL_PERMISSION) || permissions.contains(StringUtils.trim(permission));
}
}

23
ruoyi-oauth/pom.xml
View File

@ -21,13 +21,6 @@
<dependencyManagement>
<dependencies>
<!-- 通用工具-->
<dependency>
<groupId>com.ruoyi</groupId>
<artifactId>ruoyi-common</artifactId>
<version>${ruoyi.version}</version>
</dependency>
<!-- 核心模块-->
<dependency>
<groupId>com.ruoyi</groupId>
@ -35,13 +28,6 @@
<version>${ruoyi.version}</version>
</dependency>
<!-- 系统模块-->
<dependency>
<groupId>com.ruoyi</groupId>
<artifactId>ruoyi-system</artifactId>
<version>${ruoyi.version}</version>
</dependency>
<!-- 第三方认证通用工具-->
<dependency>
<groupId>com.ruoyi</groupId>
@ -49,14 +35,6 @@
<version>${ruoyi.version}</version>
</dependency>
<!--httpclient-->
<dependency>
<groupId>org.apache.httpcomponents</groupId>
<artifactId>httpclient</artifactId>
<version>4.5.2</version>
</dependency>
<dependency>
<groupId>me.zhyd.oauth</groupId>
<artifactId>JustAuth</artifactId>
@ -68,7 +46,6 @@
<version>3.7.4.ALL</version>
</dependency>
<!-- justauth通用认证 -->
<dependency>
<groupId>com.ruoyi</groupId>

13
ruoyi-oauth/ruoyi-oauth-common/pom.xml
View File

@ -17,12 +17,6 @@
<dependencies>
<!-- 通用工具-->
<dependency>
<groupId>com.ruoyi</groupId>
<artifactId>ruoyi-common</artifactId>
</dependency>
<!-- 核心模块-->
<dependency>
<groupId>com.ruoyi</groupId>
@ -30,13 +24,6 @@
<version>${ruoyi.version}</version>
</dependency>
<!-- 系统模块-->
<dependency>
<groupId>com.ruoyi</groupId>
<artifactId>ruoyi-system</artifactId>
<version>${ruoyi.version}</version>
</dependency>
<!--httpclient-->
<dependency>
<groupId>org.apache.httpcomponents</groupId>

18
ruoyi-oauth/ruoyi-oauth-starter/pom.xml
View File

@ -16,24 +16,6 @@
</description>
<dependencies>
<!-- 通用工具-->
<dependency>
<groupId>com.ruoyi</groupId>
<artifactId>ruoyi-common</artifactId>
</dependency>
<!-- 核心模块-->
<dependency>
<groupId>com.ruoyi</groupId>
<artifactId>ruoyi-framework</artifactId>
</dependency>
<!-- 系统模块-->
<dependency>
<groupId>com.ruoyi</groupId>
<artifactId>ruoyi-system</artifactId>
</dependency>
<!-- 第三方认证通用工具-->
<dependency>
<groupId>com.ruoyi</groupId>

9
ruoyi-online/pom.xml
View File

@ -16,18 +16,11 @@
</description>
<dependencies>
<!-- 通用工具-->
<!-- 系统框架 -->
<dependency>
<groupId>com.ruoyi</groupId>
<artifactId>ruoyi-common</artifactId>
</dependency>
<!-- 系统框架 -->
<dependency>
<groupId>com.ruoyi</groupId>
<artifactId>ruoyi-framework</artifactId>
</dependency>
</dependencies>
</project>

29
ruoyi-online/src/main/java/com/ruoyi/online/controller/OnLineController.java
View File

@ -17,13 +17,12 @@ import org.springframework.web.bind.annotation.RestController;
import com.ruoyi.common.annotation.Anonymous;
import com.ruoyi.common.core.controller.BaseController;
import com.ruoyi.common.core.domain.AjaxResult;
import com.ruoyi.common.core.security.service.IPermissionService;
import com.ruoyi.common.utils.SecurityUtils;
import com.ruoyi.framework.web.service.PermissionService;
import com.ruoyi.online.domain.OnlineMb;
import com.ruoyi.online.service.IOnlineMbService;
import com.ruoyi.online.utils.SqlMapper;
import jakarta.annotation.Resource;
import jakarta.servlet.http.HttpServletRequest;
import jakarta.servlet.http.HttpServletResponse;
@ -39,8 +38,9 @@ import jakarta.servlet.http.HttpServletResponse;
public class OnLineController extends BaseController {
@Autowired
private IOnlineMbService onlineMbService;
@Resource(name = "ss")
private PermissionService permissionService;
@Autowired
private IPermissionService permissionService;
@Autowired
private SqlSessionFactory sqlSessionFactory;
@ -71,15 +71,16 @@ public class OnLineController extends BaseController {
return object;
}
public Boolean checkPermission(String permission) {
if(permission == null) return true;
return switch (permission) {
case "hasPermi" -> permissionService.hasPermi(permission);
case "lacksPermi" -> !permissionService.lacksPermi(permission);
case "hasAnyPermi" -> permissionService.hasAnyPermi(permission);
case "hasRole" -> permissionService.hasRole(permission);
case "lacksRole" -> !permissionService.lacksRole(permission);
case "hasAnyRoles" -> permissionService.hasAnyRoles(permission);
public Boolean checkPermission(String permissionType,String permissionValue) {
if (permissionType == null)
return true;
return switch (permissionType) {
case "hasPermi" -> permissionService.hasPermi(permissionValue);
case "lacksPermi" -> permissionService.lacksPermi(permissionValue);
case "hasAnyPermi" -> permissionService.hasAnyPermi(permissionValue);
case "hasRole" -> permissionService.hasRole(permissionValue);
case "lacksRole" -> permissionService.lacksRole(permissionValue);
case "hasAnyRoles" -> permissionService.hasAnyRoles(permissionValue);
default -> true;
};
}
@ -118,7 +119,7 @@ public class OnLineController extends BaseController {
return AjaxResult.error(500, "系统错误,在线接口重复");
} else {
OnlineMb onlineMb = selectOnlineMbList.get(0);
if (!checkPermission(onlineMb.getPermissionValue()))
if (!checkPermission(onlineMb.getPermissionType(),onlineMb.getPermissionValue()))
return AjaxResult.error(403, "没有权限,请联系管理员授权");
if (onlineMb.getDeptId() != null && onlineMb.getDeptId().equals("1")) {

3
ruoyi-pay/ruoyi-pay-alipay/pom.xml
View File

@ -17,10 +17,9 @@
<dependencies>
<!-- 通用工具-->
<dependency>
<groupId>com.ruoyi</groupId>
<artifactId>ruoyi-common</artifactId>
<artifactId>ruoyi-pay-common</artifactId>
</dependency>
</dependencies>

14
ruoyi-pay/ruoyi-pay-sqb/pom.xml
View File

@ -17,25 +17,11 @@
<dependencies>
<!-- 通用工具-->
<dependency>
<groupId>com.ruoyi</groupId>
<artifactId>ruoyi-common</artifactId>
</dependency>
<!-- 支付基础模块-->
<dependency>
<groupId>com.ruoyi</groupId>
<artifactId>ruoyi-pay-common</artifactId>
</dependency>
<!--httpclient-->
<dependency>
<groupId>org.apache.httpcomponents</groupId>
<artifactId>httpclient</artifactId>
<version>4.5.2</version>
</dependency>
</dependencies>
</project>

8
ruoyi-pay/ruoyi-pay-starter/pom.xml
View File

@ -16,14 +16,6 @@
</description>
<dependencies>
<!-- 通用工具-->
<dependency>
<groupId>com.ruoyi</groupId>
<artifactId>ruoyi-common</artifactId>
</dependency>
<!-- 支付基础模块 -->
<dependency>
<groupId>com.ruoyi</groupId>

3
ruoyi-pay/ruoyi-pay-wx/pom.xml
View File

@ -17,10 +17,9 @@
<dependencies>
<!-- 通用工具-->
<dependency>
<groupId>com.ruoyi</groupId>
<artifactId>ruoyi-common</artifactId>
<artifactId>ruoyi-pay-common</artifactId>
</dependency>
</dependencies>