From c0f3dff0f66553f9e9eedd1e4dd6149ce74ceb20 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?=E7=96=AF=E7=8B=82=E7=9A=84=E7=8B=AE=E5=AD=90li?= <15040126243@163.com> Date: Thu, 13 Jan 2022 11:27:09 +0800 Subject: [PATCH] =?UTF-8?q?update=20=E5=90=88=E5=B9=B6=20satoken=20?= =?UTF-8?q?=E8=A7=A3=E5=86=B3=E4=B8=8D=E5=85=BC=E5=AE=B9=E4=B8=8D=E5=88=86?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- .../system/SysProfileController.java | 10 +- .../controller/system/SysUserController.java | 2 +- .../demo/controller/TestDemoController.java | 18 +-- .../framework/aspectj/DataScopeAspect.java | 138 ------------------ .../CreateAndUpdateMetaObjectHandler.java | 24 +-- .../listener/UserActionListener.java | 24 +-- .../framework/satoken/dao/PlusSaTokenDao.java | 2 +- .../web/exception/GlobalExceptionHandler.java | 3 - .../src/main/resources/vm/vue/index.vue.vm | 2 +- .../ruoyi/system/service/SysLoginService.java | 5 +- .../service/impl/SysSensitiveServiceImpl.java | 3 +- 11 files changed, 45 insertions(+), 186 deletions(-) delete mode 100644 ruoyi-framework/src/main/java/com/ruoyi/framework/aspectj/DataScopeAspect.java diff --git a/ruoyi-admin/src/main/java/com/ruoyi/web/controller/system/SysProfileController.java b/ruoyi-admin/src/main/java/com/ruoyi/web/controller/system/SysProfileController.java index 5e432ab3e..a43562752 100644 --- a/ruoyi-admin/src/main/java/com/ruoyi/web/controller/system/SysProfileController.java +++ b/ruoyi-admin/src/main/java/com/ruoyi/web/controller/system/SysProfileController.java @@ -49,9 +49,9 @@ public class SysProfileController extends BaseController { @ApiOperation("个人信息") @GetMapping public AjaxResult> profile() { - SysUser user = userService.getById(getUserId()); - Map ajax = new HashMap<>(); - ajax.put("user", user); + SysUser user = userService.selectUserById(getUserId()); + Map ajax = new HashMap<>(); + ajax.put("user", user); ajax.put("roleGroup", userService.selectUserRoleGroup(user.getUserName())); ajax.put("postGroup", userService.selectUserPostGroup(user.getUserName())); return AjaxResult.success(ajax); @@ -119,8 +119,8 @@ public class SysProfileController extends BaseController { public AjaxResult> avatar(@RequestPart("avatarfile") MultipartFile file) { Map ajax = new HashMap<>(); if (!file.isEmpty()) { - SysOss oss = iSysOssService.upload(file); - String avatar = oss.getUrl(); + SysOss oss = iSysOssService.upload(file); + String avatar = oss.getUrl(); if (userService.updateUserAvatar(getUsername(), avatar)) { ajax.put("imgUrl", avatar); return AjaxResult.success(ajax); diff --git a/ruoyi-admin/src/main/java/com/ruoyi/web/controller/system/SysUserController.java b/ruoyi-admin/src/main/java/com/ruoyi/web/controller/system/SysUserController.java index c80bf802c..f969ea4b6 100644 --- a/ruoyi-admin/src/main/java/com/ruoyi/web/controller/system/SysUserController.java +++ b/ruoyi-admin/src/main/java/com/ruoyi/web/controller/system/SysUserController.java @@ -107,7 +107,7 @@ public class SysUserController extends BaseController { @SaCheckPermission("system:user:query") @GetMapping(value = {"/", "/{userId}" }) public AjaxResult> getInfo(@ApiParam("用户ID") @PathVariable(value = "userId", required = false) Long userId) { - userService.checkUserDataScope(userId); + userService.checkUserDataScope(userId); Map ajax = new HashMap<>(); List roles = roleService.selectRoleAll(); ajax.put("roles", SysUser.isAdmin(userId) ? roles : roles.stream().filter(r -> !r.isAdmin()).collect(Collectors.toList())); diff --git a/ruoyi-demo/src/main/java/com/ruoyi/demo/controller/TestDemoController.java b/ruoyi-demo/src/main/java/com/ruoyi/demo/controller/TestDemoController.java index 9a8cf63c8..837d14826 100644 --- a/ruoyi-demo/src/main/java/com/ruoyi/demo/controller/TestDemoController.java +++ b/ruoyi-demo/src/main/java/com/ruoyi/demo/controller/TestDemoController.java @@ -59,15 +59,15 @@ public class TestDemoController extends BaseController { return iTestDemoService.queryPageList(bo, pageQuery); } - /** - * 自定义分页查询 - */ - @ApiOperation("自定义分页查询") - @SaCheckPermission("demo:demo:list") - @GetMapping("/page") - public TableDataInfo page(@Validated(QueryGroup.class) TestDemoBo bo, PageQuery pageQuery) { - return iTestDemoService.customPageList(bo, pageQuery); - } + /** + * 自定义分页查询 + */ + @ApiOperation("自定义分页查询") + @SaCheckPermission("demo:demo:list") + @GetMapping("/page") + public TableDataInfo page(@Validated(QueryGroup.class) TestDemoBo bo, PageQuery pageQuery) { + return iTestDemoService.customPageList(bo, pageQuery); + } @ApiOperation("导入测试-校验") @ApiImplicitParams({ diff --git a/ruoyi-framework/src/main/java/com/ruoyi/framework/aspectj/DataScopeAspect.java b/ruoyi-framework/src/main/java/com/ruoyi/framework/aspectj/DataScopeAspect.java deleted file mode 100644 index 58427da66..000000000 --- a/ruoyi-framework/src/main/java/com/ruoyi/framework/aspectj/DataScopeAspect.java +++ /dev/null @@ -1,138 +0,0 @@ -package com.ruoyi.framework.aspectj; - -import com.ruoyi.common.annotation.DataScope; -import com.ruoyi.common.core.domain.BaseEntity; -import com.ruoyi.common.core.domain.entity.SysRole; -import com.ruoyi.common.core.domain.entity.SysUser; -import com.ruoyi.common.core.service.UserService; -import com.ruoyi.common.utils.LoginUtils; -import com.ruoyi.common.utils.StringUtils; -import com.ruoyi.common.utils.spring.SpringUtils; -import org.aspectj.lang.JoinPoint; -import org.aspectj.lang.annotation.Aspect; -import org.aspectj.lang.annotation.Before; -import org.springframework.stereotype.Component; - -/** - * 数据过滤处理 - * - * @author Lion Li - * @deprecated 3.6.0 移除 {@link com.ruoyi.framework.handler.PlusDataPermissionHandler} - */ -@Aspect -@Component -@Deprecated -public class DataScopeAspect { - - /** - * 全部数据权限 - */ - public static final String DATA_SCOPE_ALL = "1"; - - /** - * 自定数据权限 - */ - public static final String DATA_SCOPE_CUSTOM = "2"; - - /** - * 部门数据权限 - */ - public static final String DATA_SCOPE_DEPT = "3"; - - /** - * 部门及以下数据权限 - */ - public static final String DATA_SCOPE_DEPT_AND_CHILD = "4"; - - /** - * 仅本人数据权限 - */ - public static final String DATA_SCOPE_SELF = "5"; - - /** - * 数据权限过滤关键字 - */ - public static final String DATA_SCOPE = "dataScope"; - - @Before("@annotation(controllerDataScope)") - public void doBefore(JoinPoint point, DataScope controllerDataScope) throws Throwable { - clearDataScope(point); - handleDataScope(point, controllerDataScope); - } - - protected void handleDataScope(final JoinPoint joinPoint, DataScope controllerDataScope) { - // 获取当前的用户 - SysUser currentUser = SpringUtils.getBean(UserService.class).selectUserById(LoginUtils.getUserId()); - // 如果是超级管理员,则不过滤数据 - if (StringUtils.isNotNull(currentUser) && !currentUser.isAdmin()) { - dataScopeFilter(joinPoint, currentUser, controllerDataScope.deptAlias(), - controllerDataScope.userAlias(), controllerDataScope.isUser()); - } - } - - /** - * 数据范围过滤 - * - * @param joinPoint 切点 - * @param user 用户 - * @param userAlias 别名 - */ - public static void dataScopeFilter(JoinPoint joinPoint, SysUser user, String deptAlias, String userAlias, boolean isUser) { - StringBuilder sqlString = new StringBuilder(); - - // 将 "." 提取出,不写别名为单表查询,写别名为多表查询 - deptAlias = StringUtils.isNotBlank(deptAlias) ? deptAlias + "." : ""; - userAlias = StringUtils.isNotBlank(userAlias) ? userAlias + "." : ""; - - for (SysRole role : user.getRoles()) { - String dataScope = role.getDataScope(); - if (DATA_SCOPE_ALL.equals(dataScope)) { - sqlString = new StringBuilder(); - break; - } else if (DATA_SCOPE_CUSTOM.equals(dataScope)) { - sqlString.append(StringUtils.format( - " OR {}dept_id IN ( SELECT dept_id FROM sys_role_dept WHERE role_id = {} ) ", - deptAlias, role.getRoleId())); - } else if (DATA_SCOPE_DEPT.equals(dataScope)) { - sqlString.append(StringUtils.format(" OR {}dept_id = {} ", - deptAlias, user.getDeptId())); - } else if (DATA_SCOPE_DEPT_AND_CHILD.equals(dataScope)) { - sqlString.append(StringUtils.format( - " OR {}dept_id IN ( SELECT dept_id FROM sys_dept WHERE dept_id = {} or find_in_set( {} , ancestors ) )", - deptAlias, user.getDeptId(), user.getDeptId())); - } else if (DATA_SCOPE_SELF.equals(dataScope)) { - if (isUser) { - sqlString.append(StringUtils.format(" OR {}user_id = {} ", - userAlias, user.getUserId())); - } else { - // 数据权限为仅本人且没有userAlias别名不查询任何数据 - sqlString.append(" OR 1=0 "); - } - } - } - - if (StringUtils.isNotBlank(sqlString.toString())) { - putDataScope(joinPoint, sqlString.substring(4)); - } - } - - /** - * 拼接权限sql前先清空params.dataScope参数防止注入 - */ - private void clearDataScope(final JoinPoint joinPoint) { - Object params = joinPoint.getArgs()[0]; - if (StringUtils.isNotNull(params)) { - putDataScope(joinPoint, ""); - } - } - - private static void putDataScope(JoinPoint joinPoint, String sql) { - Object params = joinPoint.getArgs()[0]; - if (StringUtils.isNotNull(params)) { - if (params instanceof BaseEntity) { - BaseEntity baseEntity = (BaseEntity) params; - baseEntity.getParams().put(DATA_SCOPE, sql); - } - } - } -} diff --git a/ruoyi-framework/src/main/java/com/ruoyi/framework/handler/CreateAndUpdateMetaObjectHandler.java b/ruoyi-framework/src/main/java/com/ruoyi/framework/handler/CreateAndUpdateMetaObjectHandler.java index 87781eb59..f311a65c1 100644 --- a/ruoyi-framework/src/main/java/com/ruoyi/framework/handler/CreateAndUpdateMetaObjectHandler.java +++ b/ruoyi-framework/src/main/java/com/ruoyi/framework/handler/CreateAndUpdateMetaObjectHandler.java @@ -72,18 +72,18 @@ public class CreateAndUpdateMetaObjectHandler implements MetaObjectHandler { } } - /** - * 获取登录用户名 - */ - private String getLoginUsername() { - LoginUser loginUser; - try { + /** + * 获取登录用户名 + */ + private String getLoginUsername() { + LoginUser loginUser; + try { loginUser = LoginUtils.getLoginUser(); - } catch (Exception e) { - log.warn("自动注入警告 => 用户未登录"); - return null; - } - return loginUser.getUsername(); - } + } catch (Exception e) { + log.warn("自动注入警告 => 用户未登录"); + return null; + } + return loginUser.getUsername(); + } } diff --git a/ruoyi-framework/src/main/java/com/ruoyi/framework/listener/UserActionListener.java b/ruoyi-framework/src/main/java/com/ruoyi/framework/listener/UserActionListener.java index 95837fe49..15b04d825 100644 --- a/ruoyi-framework/src/main/java/com/ruoyi/framework/listener/UserActionListener.java +++ b/ruoyi-framework/src/main/java/com/ruoyi/framework/listener/UserActionListener.java @@ -12,10 +12,10 @@ import com.ruoyi.common.core.domain.entity.SysUser; import com.ruoyi.common.core.service.UserService; import com.ruoyi.common.enums.UserType; import com.ruoyi.common.utils.LoginUtils; -import com.ruoyi.common.utils.RedisUtils; import com.ruoyi.common.utils.ServletUtils; import com.ruoyi.common.utils.StringUtils; import com.ruoyi.common.utils.ip.AddressUtils; +import com.ruoyi.common.utils.redis.RedisUtils; import com.ruoyi.common.utils.spring.SpringUtils; import lombok.extern.slf4j.Slf4j; import org.springframework.beans.factory.annotation.Autowired; @@ -45,18 +45,18 @@ public class UserActionListener implements SaTokenListener { SysUser user = SpringUtils.getBean(UserService.class).selectUserById(LoginUtils.getUserId()); String tokenValue = StpUtil.getTokenValue(); UserOnlineDTO userOnlineDTO = new UserOnlineDTO() - .setIpaddr(ip) - .setLoginLocation(AddressUtils.getRealAddressByIP(ip)) - .setBrowser(userAgent.getBrowser().getName()) - .setOs(userAgent.getOs().getName()) - .setLoginTime(System.currentTimeMillis()) - .setTokenId(tokenValue) - .setUserName(user.getUserName()); + .setIpaddr(ip) + .setLoginLocation(AddressUtils.getRealAddressByIP(ip)) + .setBrowser(userAgent.getBrowser().getName()) + .setOs(userAgent.getOs().getName()) + .setLoginTime(System.currentTimeMillis()) + .setTokenId(tokenValue) + .setUserName(user.getUserName()); if (StringUtils.isNotNull(user.getDept())) { userOnlineDTO.setDeptName(user.getDept().getDeptName()); } RedisUtils.setCacheObject(Constants.ONLINE_TOKEN_KEY + tokenValue, userOnlineDTO, saTokenConfig.getTimeout(), TimeUnit.SECONDS); - log.info("user doLogin, useId:{}, token:{}", loginId, tokenValue); + log.info("user doLogin, useId:{}, token:{}" , loginId, tokenValue); } else if (userType == UserType.APP_USER) { // app端 自行根据业务编写 } @@ -68,7 +68,7 @@ public class UserActionListener implements SaTokenListener { @Override public void doLogout(String loginType, Object loginId, String tokenValue) { RedisUtils.deleteObject(Constants.ONLINE_TOKEN_KEY + tokenValue); - log.info("user doLogout, useId:{}, token:{}", loginId, tokenValue); + log.info("user doLogout, useId:{}, token:{}" , loginId, tokenValue); } /** @@ -77,7 +77,7 @@ public class UserActionListener implements SaTokenListener { @Override public void doKickout(String loginType, Object loginId, String tokenValue) { RedisUtils.deleteObject(Constants.ONLINE_TOKEN_KEY + tokenValue); - log.info("user doLogoutByLoginId, useId:{}, token:{}", loginId, tokenValue); + log.info("user doLogoutByLoginId, useId:{}, token:{}" , loginId, tokenValue); } /** @@ -86,7 +86,7 @@ public class UserActionListener implements SaTokenListener { @Override public void doReplaced(String loginType, Object loginId, String tokenValue) { RedisUtils.deleteObject(Constants.ONLINE_TOKEN_KEY + tokenValue); - log.info("user doReplaced, useId:{}, token:{}", loginId, tokenValue); + log.info("user doReplaced, useId:{}, token:{}" , loginId, tokenValue); } /** diff --git a/ruoyi-framework/src/main/java/com/ruoyi/framework/satoken/dao/PlusSaTokenDao.java b/ruoyi-framework/src/main/java/com/ruoyi/framework/satoken/dao/PlusSaTokenDao.java index 556133c15..174cd0f84 100644 --- a/ruoyi-framework/src/main/java/com/ruoyi/framework/satoken/dao/PlusSaTokenDao.java +++ b/ruoyi-framework/src/main/java/com/ruoyi/framework/satoken/dao/PlusSaTokenDao.java @@ -2,7 +2,7 @@ package com.ruoyi.framework.satoken.dao; import cn.dev33.satoken.dao.SaTokenDao; import cn.dev33.satoken.util.SaFoxUtil; -import com.ruoyi.common.utils.RedisUtils; +import com.ruoyi.common.utils.redis.RedisUtils; import org.springframework.stereotype.Component; import java.util.ArrayList; diff --git a/ruoyi-framework/src/main/java/com/ruoyi/framework/web/exception/GlobalExceptionHandler.java b/ruoyi-framework/src/main/java/com/ruoyi/framework/web/exception/GlobalExceptionHandler.java index 60979dd0e..cfa724324 100644 --- a/ruoyi-framework/src/main/java/com/ruoyi/framework/web/exception/GlobalExceptionHandler.java +++ b/ruoyi-framework/src/main/java/com/ruoyi/framework/web/exception/GlobalExceptionHandler.java @@ -3,13 +3,10 @@ package com.ruoyi.framework.web.exception; import cn.dev33.satoken.exception.NotLoginException; import cn.dev33.satoken.exception.NotPermissionException; import cn.dev33.satoken.exception.NotRoleException; -import cn.dev33.satoken.stp.StpUtil; import cn.hutool.http.HttpStatus; -import com.ruoyi.common.constant.Constants; import com.ruoyi.common.core.domain.AjaxResult; import com.ruoyi.common.exception.DemoModeException; import com.ruoyi.common.exception.ServiceException; -import com.ruoyi.common.utils.RedisUtils; import com.ruoyi.common.utils.StringUtils; import lombok.extern.slf4j.Slf4j; import org.springframework.context.support.DefaultMessageSourceResolvable; diff --git a/ruoyi-generator/src/main/resources/vm/vue/index.vue.vm b/ruoyi-generator/src/main/resources/vm/vue/index.vue.vm index 279144d7d..02fe3ed5e 100644 --- a/ruoyi-generator/src/main/resources/vm/vue/index.vue.vm +++ b/ruoyi-generator/src/main/resources/vm/vue/index.vue.vm @@ -541,7 +541,7 @@ export default { }); }, #if($table.sub) - /** ${subTable.functionName}序号 */ + /** ${subTable.functionName}序号 */ row${subClassName}Index({ row, rowIndex }) { row.index = rowIndex + 1; }, diff --git a/ruoyi-system/src/main/java/com/ruoyi/system/service/SysLoginService.java b/ruoyi-system/src/main/java/com/ruoyi/system/service/SysLoginService.java index 3ef090090..0905ebc27 100644 --- a/ruoyi-system/src/main/java/com/ruoyi/system/service/SysLoginService.java +++ b/ruoyi-system/src/main/java/com/ruoyi/system/service/SysLoginService.java @@ -9,13 +9,13 @@ import com.ruoyi.common.core.service.LogininforService; import com.ruoyi.common.enums.DeviceType; import com.ruoyi.common.enums.UserStatus; import com.ruoyi.common.enums.UserType; -import com.ruoyi.common.exception.ServiceException; import com.ruoyi.common.exception.user.CaptchaException; import com.ruoyi.common.exception.user.CaptchaExpireException; import com.ruoyi.common.exception.user.UserException; import com.ruoyi.common.utils.*; -import lombok.extern.slf4j.Slf4j; +import com.ruoyi.common.utils.redis.RedisUtils; import lombok.RequiredArgsConstructor; +import lombok.extern.slf4j.Slf4j; import org.springframework.stereotype.Service; import javax.servlet.http.HttpServletRequest; @@ -110,7 +110,6 @@ public class SysLoginService { * @param username 用户名 * @param code 验证码 * @param uuid 唯一标识 - * @return 结果 */ public void validateCaptcha(String username, String code, String uuid, HttpServletRequest request) { String verifyKey = Constants.CAPTCHA_CODE_KEY + uuid; diff --git a/ruoyi-system/src/main/java/com/ruoyi/system/service/impl/SysSensitiveServiceImpl.java b/ruoyi-system/src/main/java/com/ruoyi/system/service/impl/SysSensitiveServiceImpl.java index 242befb0e..7062d9652 100644 --- a/ruoyi-system/src/main/java/com/ruoyi/system/service/impl/SysSensitiveServiceImpl.java +++ b/ruoyi-system/src/main/java/com/ruoyi/system/service/impl/SysSensitiveServiceImpl.java @@ -1,6 +1,7 @@ package com.ruoyi.system.service.impl; import com.ruoyi.common.core.service.SensitiveService; +import com.ruoyi.common.utils.LoginUtils; import com.ruoyi.common.utils.SecurityUtils; import org.springframework.stereotype.Service; @@ -20,7 +21,7 @@ public class SysSensitiveServiceImpl implements SensitiveService { */ @Override public boolean isSensitive() { - return SecurityUtils.isAdmin(SecurityUtils.getUserId()); + return SecurityUtils.isAdmin(LoginUtils.getUserId()); } }