diff --git a/ruoyi-admin/src/main/java/com/ruoyi/web/controller/system/SysRoleController.java b/ruoyi-admin/src/main/java/com/ruoyi/web/controller/system/SysRoleController.java index 1a178148f..9ddb2178d 100644 --- a/ruoyi-admin/src/main/java/com/ruoyi/web/controller/system/SysRoleController.java +++ b/ruoyi-admin/src/main/java/com/ruoyi/web/controller/system/SysRoleController.java @@ -108,7 +108,7 @@ public class SysRoleController extends BaseController { LoginUser loginUser = getLoginUser(); SysUser sysUser = userService.selectUserById(loginUser.getUserId()); if (StringUtils.isNotNull(sysUser) && !sysUser.isAdmin()) { - loginUser.setPermissions(permissionService.getMenuPermission(sysUser)); + loginUser.setMenuPermissions(permissionService.getMenuPermission(sysUser)); tokenService.setLoginUser(loginUser); } return AjaxResult.success(); diff --git a/ruoyi-common/src/main/java/com/ruoyi/common/core/domain/model/LoginUser.java b/ruoyi-common/src/main/java/com/ruoyi/common/core/domain/model/LoginUser.java index b138c529a..0506883b2 100644 --- a/ruoyi-common/src/main/java/com/ruoyi/common/core/domain/model/LoginUser.java +++ b/ruoyi-common/src/main/java/com/ruoyi/common/core/domain/model/LoginUser.java @@ -69,9 +69,14 @@ public class LoginUser implements UserDetails { private String os; /** - * 权限列表 + * 菜单权限 */ - private Set permissions; + private Set menuPermissions; + + /** + * 角色权限 + */ + private Set rolePermissions; /** * 用户名 @@ -83,20 +88,6 @@ public class LoginUser implements UserDetails { */ private String password; - public LoginUser(String username, String password, Set permissions) { - this.username = username; - this.password = password; - this.permissions = permissions; - } - - public LoginUser(Long userId, Long deptId, String username, String password, Set permissions) { - this.userId = userId; - this.deptId = deptId; - this.username = username; - this.password = password; - this.permissions = permissions; - } - @JsonIgnore @Override public String getPassword() { diff --git a/ruoyi-framework/src/main/java/com/ruoyi/framework/web/service/PermissionService.java b/ruoyi-framework/src/main/java/com/ruoyi/framework/web/service/PermissionService.java index 614451e04..0e97b92f0 100644 --- a/ruoyi-framework/src/main/java/com/ruoyi/framework/web/service/PermissionService.java +++ b/ruoyi-framework/src/main/java/com/ruoyi/framework/web/service/PermissionService.java @@ -1,12 +1,8 @@ package com.ruoyi.framework.web.service; -import com.ruoyi.common.core.domain.entity.SysRole; -import com.ruoyi.common.core.domain.entity.SysUser; import com.ruoyi.common.core.domain.model.LoginUser; -import com.ruoyi.common.core.service.UserService; import com.ruoyi.common.utils.SecurityUtils; import com.ruoyi.common.utils.StringUtils; -import com.ruoyi.common.utils.spring.SpringUtils; import org.springframework.stereotype.Service; import org.springframework.util.CollectionUtils; @@ -44,10 +40,10 @@ public class PermissionService { return false; } LoginUser loginUser = SecurityUtils.getLoginUser(); - if (StringUtils.isNull(loginUser) || CollectionUtils.isEmpty(loginUser.getPermissions())) { + if (StringUtils.isNull(loginUser) || CollectionUtils.isEmpty(loginUser.getMenuPermissions())) { return false; } - return hasPermissions(loginUser.getPermissions(), permission); + return hasPermissions(loginUser.getMenuPermissions(), permission); } /** @@ -71,10 +67,10 @@ public class PermissionService { return false; } LoginUser loginUser = SecurityUtils.getLoginUser(); - if (StringUtils.isNull(loginUser) || CollectionUtils.isEmpty(loginUser.getPermissions())) { + if (StringUtils.isNull(loginUser) || CollectionUtils.isEmpty(loginUser.getMenuPermissions())) { return false; } - Set authorities = loginUser.getPermissions(); + Set authorities = loginUser.getMenuPermissions(); for (String permission : permissions.split(PERMISSION_DELIMETER)) { if (permission != null && hasPermissions(authorities, permission)) { return true; @@ -97,12 +93,11 @@ public class PermissionService { if (StringUtils.isNull(loginUser)) { return false; } - SysUser sysUser = SpringUtils.getBean(UserService.class).selectUserById(loginUser.getUserId()); - if (CollectionUtils.isEmpty(sysUser.getRoles())) { + Set rolePermissions = loginUser.getRolePermissions(); + if (CollectionUtils.isEmpty(rolePermissions)) { return false; } - for (SysRole sysRole : sysUser.getRoles()) { - String roleKey = sysRole.getRoleKey(); + for (String roleKey : rolePermissions) { if (SUPER_ADMIN.equals(roleKey) || roleKey.equals(StringUtils.trim(role))) { return true; } @@ -134,13 +129,15 @@ public class PermissionService { if (StringUtils.isNull(loginUser)) { return false; } - SysUser sysUser = SpringUtils.getBean(UserService.class).selectUserById(loginUser.getUserId()); - if (CollectionUtils.isEmpty(sysUser.getRoles())) { + Set rolePermissions = loginUser.getRolePermissions(); + if (CollectionUtils.isEmpty(rolePermissions)) { return false; } for (String role : roles.split(ROLE_DELIMETER)) { - if (hasRole(role)) { - return true; + for (String roleKey : rolePermissions) { + if (SUPER_ADMIN.equals(roleKey) || roleKey.equals(StringUtils.trim(role))) { + return true; + } } } return false; diff --git a/ruoyi-system/src/main/java/com/ruoyi/system/service/impl/UserDetailsServiceImpl.java b/ruoyi-system/src/main/java/com/ruoyi/system/service/impl/UserDetailsServiceImpl.java index 8472d685e..d4e30958d 100644 --- a/ruoyi-system/src/main/java/com/ruoyi/system/service/impl/UserDetailsServiceImpl.java +++ b/ruoyi-system/src/main/java/com/ruoyi/system/service/impl/UserDetailsServiceImpl.java @@ -47,6 +47,12 @@ public class UserDetailsServiceImpl implements UserDetailsService { } public UserDetails createLoginUser(SysUser user) { - return new LoginUser(user.getUserId(), user.getDeptId(), user.getUserName(), user.getPassword(), permissionService.getMenuPermission(user)); + return new LoginUser() + .setUserId(user.getUserId()) + .setDeptId(user.getDeptId()) + .setUsername(user.getUserName()) + .setPassword(user.getPassword()) + .setMenuPermissions(permissionService.getMenuPermission(user)) + .setRolePermissions(permissionService.getRolePermission(user)); } }