admin/lx-admin-backend
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

update 合并 satoken 解决不兼容不分

Browse Source
This commit is contained in:
疯狂的狮子li 2022-01-13 11:27:09 +08:00
parent 6ca8535166
commit c0f3dff0f6
11 changed files with 45 additions and 186 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

10
ruoyi-admin/src/main/java/com/ruoyi/web/controller/system/SysProfileController.java
View File

@ -49,9 +49,9 @@ public class SysProfileController extends BaseController {
@ApiOperation("个人信息")
@GetMapping
public AjaxResult<Map<String, Object>> profile() {
SysUser user = userService.getById(getUserId());
Map<String, Object> ajax = new HashMap<>();
ajax.put("user", user);
SysUser user = userService.selectUserById(getUserId());
Map<String, Object> ajax = new HashMap<>();
ajax.put("user", user);
ajax.put("roleGroup", userService.selectUserRoleGroup(user.getUserName()));
ajax.put("postGroup", userService.selectUserPostGroup(user.getUserName()));
return AjaxResult.success(ajax);
@ -119,8 +119,8 @@ public class SysProfileController extends BaseController {
public AjaxResult<Map<String, Object>> avatar(@RequestPart("avatarfile") MultipartFile file) {
Map<String,Object> ajax = new HashMap<>();
if (!file.isEmpty()) {
SysOss oss = iSysOssService.upload(file);
String avatar = oss.getUrl();
SysOss oss = iSysOssService.upload(file);
String avatar = oss.getUrl();
if (userService.updateUserAvatar(getUsername(), avatar)) {
ajax.put("imgUrl", avatar);
return AjaxResult.success(ajax);

2
ruoyi-admin/src/main/java/com/ruoyi/web/controller/system/SysUserController.java
View File

@ -107,7 +107,7 @@ public class SysUserController extends BaseController {
@SaCheckPermission("system:user:query")
@GetMapping(value = {"/", "/{userId}" })
public AjaxResult<Map<String, Object>> getInfo(@ApiParam("用户ID") @PathVariable(value = "userId", required = false) Long userId) {
userService.checkUserDataScope(userId);
userService.checkUserDataScope(userId);
Map<String, Object> ajax = new HashMap<>();
List<SysRole> roles = roleService.selectRoleAll();
ajax.put("roles", SysUser.isAdmin(userId) ? roles : roles.stream().filter(r -> !r.isAdmin()).collect(Collectors.toList()));

18
ruoyi-demo/src/main/java/com/ruoyi/demo/controller/TestDemoController.java
View File

@ -59,15 +59,15 @@ public class TestDemoController extends BaseController {
return iTestDemoService.queryPageList(bo, pageQuery);
}
/**
* 自定义分页查询
*/
@ApiOperation("自定义分页查询")
@SaCheckPermission("demo:demo:list")
@GetMapping("/page")
public TableDataInfo<TestDemoVo> page(@Validated(QueryGroup.class) TestDemoBo bo, PageQuery pageQuery) {
return iTestDemoService.customPageList(bo, pageQuery);
}
/**
* 自定义分页查询
*/
@ApiOperation("自定义分页查询")
@SaCheckPermission("demo:demo:list")
@GetMapping("/page")
public TableDataInfo<TestDemoVo> page(@Validated(QueryGroup.class) TestDemoBo bo, PageQuery pageQuery) {
return iTestDemoService.customPageList(bo, pageQuery);
}
@ApiOperation("导入测试-校验")
@ApiImplicitParams({

138
ruoyi-framework/src/main/java/com/ruoyi/framework/aspectj/DataScopeAspect.java
View File

@ -1,138 +0,0 @@
package com.ruoyi.framework.aspectj;
import com.ruoyi.common.annotation.DataScope;
import com.ruoyi.common.core.domain.BaseEntity;
import com.ruoyi.common.core.domain.entity.SysRole;
import com.ruoyi.common.core.domain.entity.SysUser;
import com.ruoyi.common.core.service.UserService;
import com.ruoyi.common.utils.LoginUtils;
import com.ruoyi.common.utils.StringUtils;
import com.ruoyi.common.utils.spring.SpringUtils;
import org.aspectj.lang.JoinPoint;
import org.aspectj.lang.annotation.Aspect;
import org.aspectj.lang.annotation.Before;
import org.springframework.stereotype.Component;
/**
* 数据过滤处理
*
* @author Lion Li
* @deprecated 3.6.0 移除 {@link com.ruoyi.framework.handler.PlusDataPermissionHandler}
*/
@Aspect
@Component
@Deprecated
public class DataScopeAspect {
/**
* 全部数据权限
*/
public static final String DATA_SCOPE_ALL = "1";
/**
* 自定数据权限
*/
public static final String DATA_SCOPE_CUSTOM = "2";
/**
* 部门数据权限
*/
public static final String DATA_SCOPE_DEPT = "3";
/**
* 部门及以下数据权限
*/
public static final String DATA_SCOPE_DEPT_AND_CHILD = "4";
/**
* 仅本人数据权限
*/
public static final String DATA_SCOPE_SELF = "5";
/**
* 数据权限过滤关键字
*/
public static final String DATA_SCOPE = "dataScope";
@Before("@annotation(controllerDataScope)")
public void doBefore(JoinPoint point, DataScope controllerDataScope) throws Throwable {
clearDataScope(point);
handleDataScope(point, controllerDataScope);
}
protected void handleDataScope(final JoinPoint joinPoint, DataScope controllerDataScope) {
// 获取当前的用户
SysUser currentUser = SpringUtils.getBean(UserService.class).selectUserById(LoginUtils.getUserId());
// 如果是超级管理员则不过滤数据
if (StringUtils.isNotNull(currentUser) && !currentUser.isAdmin()) {
dataScopeFilter(joinPoint, currentUser, controllerDataScope.deptAlias(),
controllerDataScope.userAlias(), controllerDataScope.isUser());
}
}
/**
* 数据范围过滤
*
* @param joinPoint 切点
* @param user 用户
* @param userAlias 别名
*/
public static void dataScopeFilter(JoinPoint joinPoint, SysUser user, String deptAlias, String userAlias, boolean isUser) {
StringBuilder sqlString = new StringBuilder();
// "." 提取出,不写别名为单表查询,写别名为多表查询
deptAlias = StringUtils.isNotBlank(deptAlias) ? deptAlias + "." : "";
userAlias = StringUtils.isNotBlank(userAlias) ? userAlias + "." : "";
for (SysRole role : user.getRoles()) {
String dataScope = role.getDataScope();
if (DATA_SCOPE_ALL.equals(dataScope)) {
sqlString = new StringBuilder();
break;
} else if (DATA_SCOPE_CUSTOM.equals(dataScope)) {
sqlString.append(StringUtils.format(
" OR {}dept_id IN ( SELECT dept_id FROM sys_role_dept WHERE role_id = {} ) ",
deptAlias, role.getRoleId()));
} else if (DATA_SCOPE_DEPT.equals(dataScope)) {
sqlString.append(StringUtils.format(" OR {}dept_id = {} ",
deptAlias, user.getDeptId()));
} else if (DATA_SCOPE_DEPT_AND_CHILD.equals(dataScope)) {
sqlString.append(StringUtils.format(
" OR {}dept_id IN ( SELECT dept_id FROM sys_dept WHERE dept_id = {} or find_in_set( {} , ancestors ) )",
deptAlias, user.getDeptId(), user.getDeptId()));
} else if (DATA_SCOPE_SELF.equals(dataScope)) {
if (isUser) {
sqlString.append(StringUtils.format(" OR {}user_id = {} ",
userAlias, user.getUserId()));
} else {
// 数据权限为仅本人且没有userAlias别名不查询任何数据
sqlString.append(" OR 1=0 ");
}
}
}
if (StringUtils.isNotBlank(sqlString.toString())) {
putDataScope(joinPoint, sqlString.substring(4));
}
}
/**
* 拼接权限sql前先清空params.dataScope参数防止注入
*/
private void clearDataScope(final JoinPoint joinPoint) {
Object params = joinPoint.getArgs()[0];
if (StringUtils.isNotNull(params)) {
putDataScope(joinPoint, "");
}
}
private static void putDataScope(JoinPoint joinPoint, String sql) {
Object params = joinPoint.getArgs()[0];
if (StringUtils.isNotNull(params)) {
if (params instanceof BaseEntity) {
BaseEntity baseEntity = (BaseEntity) params;
baseEntity.getParams().put(DATA_SCOPE, sql);
}
}
}
}

24
ruoyi-framework/src/main/java/com/ruoyi/framework/handler/CreateAndUpdateMetaObjectHandler.java
View File

@ -72,18 +72,18 @@ public class CreateAndUpdateMetaObjectHandler implements MetaObjectHandler {
}
}
/**
* 获取登录用户名
*/
private String getLoginUsername() {
LoginUser loginUser;
try {
/**
* 获取登录用户名
*/
private String getLoginUsername() {
LoginUser loginUser;
try {
loginUser = LoginUtils.getLoginUser();
} catch (Exception e) {
log.warn("自动注入警告 => 用户未登录");
return null;
}
return loginUser.getUsername();
}
} catch (Exception e) {
log.warn("自动注入警告 => 用户未登录");
return null;
}
return loginUser.getUsername();
}
}

24
ruoyi-framework/src/main/java/com/ruoyi/framework/listener/UserActionListener.java
View File

@ -12,10 +12,10 @@ import com.ruoyi.common.core.domain.entity.SysUser;
import com.ruoyi.common.core.service.UserService;
import com.ruoyi.common.enums.UserType;
import com.ruoyi.common.utils.LoginUtils;
import com.ruoyi.common.utils.RedisUtils;
import com.ruoyi.common.utils.ServletUtils;
import com.ruoyi.common.utils.StringUtils;
import com.ruoyi.common.utils.ip.AddressUtils;
import com.ruoyi.common.utils.redis.RedisUtils;
import com.ruoyi.common.utils.spring.SpringUtils;
import lombok.extern.slf4j.Slf4j;
import org.springframework.beans.factory.annotation.Autowired;
@ -45,18 +45,18 @@ public class UserActionListener implements SaTokenListener {
SysUser user = SpringUtils.getBean(UserService.class).selectUserById(LoginUtils.getUserId());
String tokenValue = StpUtil.getTokenValue();
UserOnlineDTO userOnlineDTO = new UserOnlineDTO()
.setIpaddr(ip)
.setLoginLocation(AddressUtils.getRealAddressByIP(ip))
.setBrowser(userAgent.getBrowser().getName())
.setOs(userAgent.getOs().getName())
.setLoginTime(System.currentTimeMillis())
.setTokenId(tokenValue)
.setUserName(user.getUserName());
.setIpaddr(ip)
.setLoginLocation(AddressUtils.getRealAddressByIP(ip))
.setBrowser(userAgent.getBrowser().getName())
.setOs(userAgent.getOs().getName())
.setLoginTime(System.currentTimeMillis())
.setTokenId(tokenValue)
.setUserName(user.getUserName());
if (StringUtils.isNotNull(user.getDept())) {
userOnlineDTO.setDeptName(user.getDept().getDeptName());
}
RedisUtils.setCacheObject(Constants.ONLINE_TOKEN_KEY + tokenValue, userOnlineDTO, saTokenConfig.getTimeout(), TimeUnit.SECONDS);
log.info("user doLogin, useId:{}, token:{}", loginId, tokenValue);
log.info("user doLogin, useId:{}, token:{}" , loginId, tokenValue);
} else if (userType == UserType.APP_USER) {
// app端 自行根据业务编写
}
@ -68,7 +68,7 @@ public class UserActionListener implements SaTokenListener {
@Override
public void doLogout(String loginType, Object loginId, String tokenValue) {
RedisUtils.deleteObject(Constants.ONLINE_TOKEN_KEY + tokenValue);
log.info("user doLogout, useId:{}, token:{}", loginId, tokenValue);
log.info("user doLogout, useId:{}, token:{}" , loginId, tokenValue);
}
/**
@ -77,7 +77,7 @@ public class UserActionListener implements SaTokenListener {
@Override
public void doKickout(String loginType, Object loginId, String tokenValue) {
RedisUtils.deleteObject(Constants.ONLINE_TOKEN_KEY + tokenValue);
log.info("user doLogoutByLoginId, useId:{}, token:{}", loginId, tokenValue);
log.info("user doLogoutByLoginId, useId:{}, token:{}" , loginId, tokenValue);
}
/**
@ -86,7 +86,7 @@ public class UserActionListener implements SaTokenListener {
@Override
public void doReplaced(String loginType, Object loginId, String tokenValue) {
RedisUtils.deleteObject(Constants.ONLINE_TOKEN_KEY + tokenValue);
log.info("user doReplaced, useId:{}, token:{}", loginId, tokenValue);
log.info("user doReplaced, useId:{}, token:{}" , loginId, tokenValue);
}
/**

2
ruoyi-framework/src/main/java/com/ruoyi/framework/satoken/dao/PlusSaTokenDao.java
View File

@ -2,7 +2,7 @@ package com.ruoyi.framework.satoken.dao;
import cn.dev33.satoken.dao.SaTokenDao;
import cn.dev33.satoken.util.SaFoxUtil;
import com.ruoyi.common.utils.RedisUtils;
import com.ruoyi.common.utils.redis.RedisUtils;
import org.springframework.stereotype.Component;
import java.util.ArrayList;

3
ruoyi-framework/src/main/java/com/ruoyi/framework/web/exception/GlobalExceptionHandler.java
View File

@ -3,13 +3,10 @@ package com.ruoyi.framework.web.exception;
import cn.dev33.satoken.exception.NotLoginException;
import cn.dev33.satoken.exception.NotPermissionException;
import cn.dev33.satoken.exception.NotRoleException;
import cn.dev33.satoken.stp.StpUtil;
import cn.hutool.http.HttpStatus;
import com.ruoyi.common.constant.Constants;
import com.ruoyi.common.core.domain.AjaxResult;
import com.ruoyi.common.exception.DemoModeException;
import com.ruoyi.common.exception.ServiceException;
import com.ruoyi.common.utils.RedisUtils;
import com.ruoyi.common.utils.StringUtils;
import lombok.extern.slf4j.Slf4j;
import org.springframework.context.support.DefaultMessageSourceResolvable;

2
ruoyi-generator/src/main/resources/vm/vue/index.vue.vm
View File

@ -541,7 +541,7 @@ export default {
});
},
#if($table.sub)
/** ${subTable.functionName}序号 */
/** ${subTable.functionName}序号 */
row${subClassName}Index({ row, rowIndex }) {
row.index = rowIndex + 1;
},

5
ruoyi-system/src/main/java/com/ruoyi/system/service/SysLoginService.java
View File

@ -9,13 +9,13 @@ import com.ruoyi.common.core.service.LogininforService;
import com.ruoyi.common.enums.DeviceType;
import com.ruoyi.common.enums.UserStatus;
import com.ruoyi.common.enums.UserType;
import com.ruoyi.common.exception.ServiceException;
import com.ruoyi.common.exception.user.CaptchaException;
import com.ruoyi.common.exception.user.CaptchaExpireException;
import com.ruoyi.common.exception.user.UserException;
import com.ruoyi.common.utils.*;
import lombok.extern.slf4j.Slf4j;
import com.ruoyi.common.utils.redis.RedisUtils;
import lombok.RequiredArgsConstructor;
import lombok.extern.slf4j.Slf4j;
import org.springframework.stereotype.Service;
import javax.servlet.http.HttpServletRequest;
@ -110,7 +110,6 @@ public class SysLoginService {
* @param username 用户名
* @param code 验证码
* @param uuid 唯一标识
* @return 结果
*/
public void validateCaptcha(String username, String code, String uuid, HttpServletRequest request) {
String verifyKey = Constants.CAPTCHA_CODE_KEY + uuid;

3
ruoyi-system/src/main/java/com/ruoyi/system/service/impl/SysSensitiveServiceImpl.java
View File

@ -1,6 +1,7 @@
package com.ruoyi.system.service.impl;
import com.ruoyi.common.core.service.SensitiveService;
import com.ruoyi.common.utils.LoginUtils;
import com.ruoyi.common.utils.SecurityUtils;
import org.springframework.stereotype.Service;
@ -20,7 +21,7 @@ public class SysSensitiveServiceImpl implements SensitiveService {
*/
@Override
public boolean isSensitive() {
return SecurityUtils.isAdmin(SecurityUtils.getUserId());
return SecurityUtils.isAdmin(LoginUtils.getUserId());
}
}