From b2364d7c11aea1b2a512184102036517fccd1385 Mon Sep 17 00:00:00 2001
From: liurunyu <lry9898@163.com>
Date: 星期二, 07 十一月 2023 10:26:50 +0800
Subject: [PATCH] 用户登录,获取登录用户权限,权限验证
---
pipIrr-platform/pipIrr-global/src/main/resources/sql/ba_power.sql | 2
pipIrr-platform/pipIrr-web/pipIrr-web-sso/src/main/java/com/dy/sso/busi/LoginVo.java | 5 ++
pipIrr-platform/pipIrr-web/pipIrr-web-sso/src/main/java/com/dy/sso/busi/SsoCtrl.java | 71 ++++++++++++++++++++++++++++++++---
pipIrr-platform/pipIrr-web/pipIrr-web-sso/src/main/java/com/dy/sso/busi/SsoSv.java | 16 +++++++-
pipIrr-platform/pipIrr-global/src/main/resources/mapper/BaPrivilegeMapper.xml | 12 +++---
5 files changed, 91 insertions(+), 15 deletions(-)
diff --git a/pipIrr-platform/pipIrr-global/src/main/resources/mapper/BaPrivilegeMapper.xml b/pipIrr-platform/pipIrr-global/src/main/resources/mapper/BaPrivilegeMapper.xml
index c52b2eb..f7cef6d 100644
--- a/pipIrr-platform/pipIrr-global/src/main/resources/mapper/BaPrivilegeMapper.xml
+++ b/pipIrr-platform/pipIrr-global/src/main/resources/mapper/BaPrivilegeMapper.xml
@@ -4,7 +4,7 @@
<resultMap id="BaseResultMap" type="com.dy.pipIrrGlobal.pojoBa.BaPrivilege">
<!--@mbg.generated-->
- <!--@Table ba_priviledge-->
+ <!--@Table ba_privilege-->
<result column="id" jdbcType="BIGINT" property="id" />
<result column="num" jdbcType="INTEGER" property="num" />
<result column="name" jdbcType="VARCHAR" property="name" />
@@ -19,12 +19,12 @@
<select id="selectAll" resultMap="BaseResultMap">
select
<include refid="Base_Column_List" />
- from ba_priviledge
+ from ba_privilege
</select>
<select id="selectPrivilegeByUserId" resultType="Integer">
select p.num
- from ba_priviledge p
+ from ba_privilege p
inner join ba_role_privilege rp on p.id = rp.privilegeId
inner join ba_user_role ur on rp.roleId = ur.roleId
inner join ba_role r on ur.roleId = r.id
@@ -36,7 +36,7 @@
<select id="selectPrivilegeByRoleId" resultType="Integer">
select p.num
- from ba_priviledge p
+ from ba_privilege p
inner join ba_role_privilege rp on p.id = rp.privilegeId
<if test="roleId != null">
where rp.roleId = #{roleId, jdbcType=BIGINT}
@@ -45,7 +45,7 @@
<insert id="insert" parameterType="com.dy.pipIrrGlobal.pojoBa.BaPrivilege">
<!--@mbg.generated-->
- insert into ba_priviledge (id, num, name, type
+ insert into ba_privilege (id, num, name, type
)
values (#{id,jdbcType=BIGINT},
#{num,jdbcType=INTEGER},
@@ -56,7 +56,7 @@
<insert id="insertSelective" parameterType="com.dy.pipIrrGlobal.pojoBa.BaPrivilege">
<!--@mbg.generated-->
- insert into ba_priviledge
+ insert into ba_privilege
<trim prefix="(" suffix=")" suffixOverrides=",">
<if test="id != null">
id,
diff --git a/pipIrr-platform/pipIrr-global/src/main/resources/sql/ba_power.sql b/pipIrr-platform/pipIrr-global/src/main/resources/sql/ba_power.sql
index 315fe52..3a72530 100644
--- a/pipIrr-platform/pipIrr-global/src/main/resources/sql/ba_power.sql
+++ b/pipIrr-platform/pipIrr-global/src/main/resources/sql/ba_power.sql
@@ -8,4 +8,4 @@
PRIMARY KEY (id)
)ENGINE=InnoDB DEFAULT CHARSET=utf8mb4 COMMENT 'ba_power';
-ALTER TABLE ba_priviledge COMMENT '鏉冮檺琛�';
\ No newline at end of file
+ALTER TABLE ba_privilege COMMENT '鏉冮檺琛�';
\ No newline at end of file
diff --git a/pipIrr-platform/pipIrr-web/pipIrr-web-sso/src/main/java/com/dy/sso/busi/LoginVo.java b/pipIrr-platform/pipIrr-web/pipIrr-web-sso/src/main/java/com/dy/sso/busi/LoginVo.java
index 253858b..93a465b 100644
--- a/pipIrr-platform/pipIrr-web/pipIrr-web-sso/src/main/java/com/dy/sso/busi/LoginVo.java
+++ b/pipIrr-platform/pipIrr-web/pipIrr-web-sso/src/main/java/com/dy/sso/busi/LoginVo.java
@@ -28,5 +28,10 @@
@NotEmpty(message = "瀵嗙爜涓嶈兘涓虹┖") //涓嶈兘涓虹┖涔熶笉鑳戒负null
@Length(message = "瀵嗙爜蹇呴』{min}浣�", min = 6, max = 6)
public String password ;
+
+ @Schema(description = "缁勭粐鍗曚綅", requiredMode = Schema.RequiredMode.REQUIRED)
+ @NotEmpty(message = "缁勭粐鍗曚綅涓嶈兘涓虹┖") //涓嶈兘涓虹┖涔熶笉鑳戒负null
+ @Length(message = "缁勭粐鍗曚綅鏍囩蹇呴』澶т簬{min}浣�", min = 2)
+ public String orgTag ;
}
diff --git a/pipIrr-platform/pipIrr-web/pipIrr-web-sso/src/main/java/com/dy/sso/busi/SsoCtrl.java b/pipIrr-platform/pipIrr-web/pipIrr-web-sso/src/main/java/com/dy/sso/busi/SsoCtrl.java
index 321f2c2..957ef19 100644
--- a/pipIrr-platform/pipIrr-web/pipIrr-web-sso/src/main/java/com/dy/sso/busi/SsoCtrl.java
+++ b/pipIrr-platform/pipIrr-web/pipIrr-web-sso/src/main/java/com/dy/sso/busi/SsoCtrl.java
@@ -1,6 +1,7 @@
package com.dy.sso.busi;
import com.dy.common.aop.SsoVo;
+import com.dy.common.multiDataSource.DataSourceContext;
import com.dy.common.webUtil.BaseResponse;
import com.dy.common.webUtil.BaseResponseUtils;
import com.dy.common.webUtil.ResultCodeMsg;
@@ -44,7 +45,6 @@
//@Autowired
//private CacheManager cacheManager ;
-
@Autowired
public void setSv(SsoSv sv ){
this.sv = sv ;
@@ -54,6 +54,7 @@
/**
* 瀹㈡埛绔姹傜敤鎴风櫥褰曪紝瀹㈡埛绔彁浜son鏁版嵁
* @param vo 鐢ㄦ埛鐧诲綍鍊煎璞�
+ * @param bindingResult 杈撳叆楠岃瘉
* @return 鐧诲綍鐢ㄦ埛鍊煎璞�
*/
@Operation(summary = "鍗曠偣鐧诲綍", description = "鎻愪氦鐧诲綍鐢ㄦ埛鍊煎璞★紙json鏍煎紡锛夛紝杩涜鍗曠偣鐧诲綍")
@@ -119,6 +120,11 @@
if(bindingResult != null && bindingResult.hasErrors()){
return BaseResponseUtils.buildFail(Objects.requireNonNull(bindingResult.getFieldError()).getDefaultMessage());
}
+ if(vo.orgTag == null || vo.orgTag.trim().length() == 0){
+ return BaseResponseUtils.buildFail("鏈�夋嫨缁勭粐鍗曚綅");
+ }
+ //鎶婄粍缁囧崟浣嶆爣绛句綔涓烘暟鎹簮鍚嶇О
+ DataSourceContext.set(vo.orgTag);
String uuid ;
BaUser userPo ;
@@ -182,19 +188,72 @@
* 姝ゆ柟娉曚緵瀛愭ā鍧楃郴缁熻皟鐢紝鎵�浠ヤ笉鍏紑鍦ˋPI鎺ュ彛涓�
* 鏂规硶鍔熻兘锛氶獙璇佹槸鍚﹀凡缁忕櫥褰曪紝濡傛灉鐧诲綍浜嗭紝鍐嶉獙璇佹潈闄�
* @param token 鐧诲綍鐢ㄦ埛token
- * @param power 楠岃瘉涓�涓潈闄�
- * @param allPower 楠岃瘉鎵�鏈夋潈闄�
- * @param anyPower 楠岃瘉浠讳綍涓�涓潈闄�
+ * @param privilege 楠岃瘉涓�涓潈闄�
+ * @param allPrivilege 楠岃瘉鎵�鏈夋潈闄�
+ * @param anyPrivilege 楠岃瘉浠讳綍涓�涓潈闄�
* @return SsoVo
*/
@Hidden
@GetMapping(path = "ssoCheck")
- public SsoVo ssoCheck(String token, String power, String[] allPower, String[] anyPower){
+ public SsoVo ssoCheck(String token, String privilege, String[] allPrivilege, String[] anyPrivilege){
BaUser userPo = this.sv.getByUuid(token) ;
SsoVo vo = new SsoVo();
if(userPo != null){
vo.logined = true ;
- vo.hasPower = true ;
+ vo.hasPower = false ;//榛樿鏄棤鏉冮檺
+ if(userPo.supperAdmin != null && userPo.supperAdmin == 1){
+ vo.hasPower = true ;
+ }else{
+ if(userPo.privileges != null && userPo.privileges.size() > 0){
+ if(privilege != null && !privilege.trim().equals("")){
+ int intPri = Integer.parseInt(privilege) ;
+ for(Integer pri : userPo.privileges){
+ if(pri == intPri){
+ vo.hasPower = true ;
+ break ;
+ }
+ }
+ }else{
+ if(allPrivilege != null && allPrivilege.length > 0){
+ int intPri ;
+ boolean ok = false ;
+ boolean allOk = true ;
+ for(String strPri : allPrivilege){
+ intPri = Integer.parseInt(strPri) ;
+ for(Integer pri : userPo.privileges){
+ if(pri == intPri){
+ ok = true ;
+ break ;
+ }
+ }
+ if(!ok){
+ allOk = false ;
+ break ;
+ }
+ }
+ if(allOk){
+ vo.hasPower = true ;
+ }
+ }else{
+ int intPri ;
+ if(anyPrivilege != null && anyPrivilege.length > 0){
+ for(String strPri : anyPrivilege){
+ intPri = Integer.parseInt(strPri) ;
+ for(Integer pri : userPo.privileges){
+ if(pri == intPri){
+ vo.hasPower = true ;
+ break ;
+ }
+ }
+ if(vo.hasPower){
+ break ;
+ }
+ }
+ }
+ }
+ }
+ }
+ }
vo.dataSourceName = userPo.getOrgTag() ;
}else{
vo.logined = false ;
diff --git a/pipIrr-platform/pipIrr-web/pipIrr-web-sso/src/main/java/com/dy/sso/busi/SsoSv.java b/pipIrr-platform/pipIrr-web/pipIrr-web-sso/src/main/java/com/dy/sso/busi/SsoSv.java
index 249facb..6822356 100644
--- a/pipIrr-platform/pipIrr-web/pipIrr-web-sso/src/main/java/com/dy/sso/busi/SsoSv.java
+++ b/pipIrr-platform/pipIrr-web/pipIrr-web-sso/src/main/java/com/dy/sso/busi/SsoSv.java
@@ -1,5 +1,6 @@
package com.dy.sso.busi;
+import com.dy.pipIrrGlobal.daoBa.BaPrivilegeMapper;
import com.dy.pipIrrGlobal.daoBa.BaUserMapper;
import com.dy.pipIrrGlobal.pojoBa.BaUser;
import lombok.extern.slf4j.Slf4j;
@@ -7,23 +8,34 @@
import org.springframework.cache.annotation.CacheEvict;
import org.springframework.cache.annotation.Cacheable;
import org.springframework.stereotype.Service;
+import org.springframework.transaction.annotation.Transactional;
@Slf4j
@Service
public class SsoSv {
private BaUserMapper baUserMapper;
+ private BaPrivilegeMapper baPrivilegeMapper;
@Autowired
private void setBaUserMapper(BaUserMapper baUserMapper){
this.baUserMapper = baUserMapper ;
}
+ @Autowired
+ private void setBaPrivilegeMapper(BaPrivilegeMapper baPrivilegeMapper){
+ this.baPrivilegeMapper = baPrivilegeMapper ;
+ }
+
//褰撴湭娉ㄨВ@Transactional鏃讹紝浼氳緭鍑烘棩蹇楋細SqlSession [org.apache.ibatis.session.defaults.DefaultSqlSession@46727a0c] was not registered for synchronization because synchronization is not active
- //@Transactional
+ @Transactional
@Cacheable(cacheNames=CacheConstants.cacheNames, key="'" + CacheConstants.loginUserKeyPrefix + "' + #uuid", sync=true)
public BaUser login(String uuid, String phone, String password){
- return this.baUserMapper.login(phone, password) ;
+ BaUser baUser = this.baUserMapper.login(phone, password) ;
+ if(baUser != null && baUser.id != null){
+ baUser.privileges = this.baPrivilegeMapper.selectPrivilegeByUserId(baUser.id) ;
+ }
+ return baUser;
}
@CacheEvict(cacheNames=CacheConstants.cacheNames, key="'" + CacheConstants.loginUserKeyPrefix + "' + #uuid")
--
Gitblit v1.8.0