admin/lx-admin-backend
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Merge branch 'master' of https://gitee.com/y_project/RuoYi-Vue into dev

Browse Source 
 Conflicts:
	ruoyi-admin/src/main/java/com/ruoyi/web/controller/system/SysLoginController.java
	ruoyi-admin/src/main/java/com/ruoyi/web/controller/system/SysProfileController.java
	ruoyi-admin/src/main/java/com/ruoyi/web/controller/system/SysRoleController.java
	ruoyi-admin/src/main/java/com/ruoyi/web/controller/system/SysUserController.java
	ruoyi-common/src/main/java/com/ruoyi/common/constant/Constants.java
	ruoyi-framework/src/main/java/com/ruoyi/framework/aspectj/DataScopeAspect.java
	ruoyi-framework/src/main/java/com/ruoyi/framework/aspectj/LogAspect.java
	ruoyi-framework/src/main/java/com/ruoyi/framework/web/service/PermissionService.java
	ruoyi-quartz/src/main/java/com/ruoyi/quartz/controller/SysJobController.java
	ruoyi-ui/src/layout/index.vue
This commit is contained in:
疯狂的狮子li 2021-08-19 17:33:46 +08:00
commit c380b77617
10 changed files with 33 additions and 38 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

9
ruoyi-admin/src/main/java/com/ruoyi/web/controller/system/SysLoginController.java
View File

@ -5,12 +5,9 @@ import com.ruoyi.common.core.domain.AjaxResult;
import com.ruoyi.common.core.domain.entity.SysMenu;
import com.ruoyi.common.core.domain.entity.SysUser;
import com.ruoyi.common.core.domain.model.LoginBody;
import com.ruoyi.common.core.domain.model.LoginUser;
import com.ruoyi.common.utils.SecurityUtils;
import com.ruoyi.common.utils.ServletUtils;
import com.ruoyi.framework.web.service.SysLoginService;
import com.ruoyi.framework.web.service.SysPermissionService;
import com.ruoyi.framework.web.service.TokenService;
import com.ruoyi.system.service.ISysMenuService;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.web.bind.annotation.GetMapping;
@ -40,9 +37,6 @@ public class SysLoginController
@Autowired
private SysPermissionService permissionService;
@Autowired
private TokenService tokenService;
/**
* 登录方法
*
@ -68,8 +62,7 @@ public class SysLoginController
@GetMapping("getInfo")
public AjaxResult getInfo()
{
LoginUser loginUser = tokenService.getLoginUser(ServletUtils.getRequest());
SysUser user = loginUser.getUser();
SysUser user = SecurityUtils.getLoginUser().getUser();
// 角色集合
Set<String> roles = permissionService.getRolePermission(user);
// 权限集合

17
ruoyi-admin/src/main/java/com/ruoyi/web/controller/system/SysProfileController.java
View File

@ -8,7 +8,6 @@ import com.ruoyi.common.core.domain.entity.SysUser;
import com.ruoyi.common.core.domain.model.LoginUser;
import com.ruoyi.common.enums.BusinessType;
import com.ruoyi.common.utils.SecurityUtils;
import com.ruoyi.common.utils.ServletUtils;
import com.ruoyi.common.utils.StringUtils;
import com.ruoyi.framework.web.service.TokenService;
import com.ruoyi.system.domain.SysOss;
@ -46,7 +45,7 @@ public class SysProfileController extends BaseController
@GetMapping
public AjaxResult profile()
{
LoginUser loginUser = tokenService.getLoginUser(ServletUtils.getRequest());
LoginUser loginUser = getLoginUser();
SysUser user = loginUser.getUser();
Map<String,Object> ajax = new HashMap<>();
ajax.put("user", user);
@ -72,17 +71,17 @@ public class SysProfileController extends BaseController
{
return AjaxResult.error("修改用户'" + user.getUserName() + "'失败,邮箱账号已存在");
}
LoginUser loginUser = tokenService.getLoginUser(ServletUtils.getRequest());
LoginUser loginUser = getLoginUser();
SysUser sysUser = loginUser.getUser();
user.setUserId(sysUser.getUserId());
user.setPassword(null);
if (userService.updateUserProfile(user) > 0)
{
// 更新缓存用户信息
loginUser.getUser().setNickName(user.getNickName());
loginUser.getUser().setPhonenumber(user.getPhonenumber());
loginUser.getUser().setEmail(user.getEmail());
loginUser.getUser().setSex(user.getSex());
sysUser.setNickName(user.getNickName());
sysUser.setPhonenumber(user.getPhonenumber());
sysUser.setEmail(user.getEmail());
sysUser.setSex(user.getSex());
tokenService.setLoginUser(loginUser);
return AjaxResult.success();
}
@ -96,7 +95,7 @@ public class SysProfileController extends BaseController
@PutMapping("/updatePwd")
public AjaxResult updatePwd(String oldPassword, String newPassword)
{
LoginUser loginUser = tokenService.getLoginUser(ServletUtils.getRequest());
LoginUser loginUser = getLoginUser();
String userName = loginUser.getUsername();
String password = loginUser.getPassword();
if (!SecurityUtils.matchesPassword(oldPassword, password))
@ -126,7 +125,7 @@ public class SysProfileController extends BaseController
{
if (!file.isEmpty())
{
LoginUser loginUser = tokenService.getLoginUser(ServletUtils.getRequest());
LoginUser loginUser = getLoginUser();
SysOss oss = iSysOssService.upload(file);
String avatar = oss.getUrl();
if (userService.updateUserAvatar(loginUser.getUsername(), avatar))

3
ruoyi-admin/src/main/java/com/ruoyi/web/controller/system/SysRoleController.java
View File

@ -9,7 +9,6 @@ import com.ruoyi.common.core.domain.entity.SysUser;
import com.ruoyi.common.core.domain.model.LoginUser;
import com.ruoyi.common.core.page.TableDataInfo;
import com.ruoyi.common.enums.BusinessType;
import com.ruoyi.common.utils.ServletUtils;
import com.ruoyi.common.utils.StringUtils;
import com.ruoyi.common.utils.poi.ExcelUtil;
import com.ruoyi.framework.web.service.SysPermissionService;
@ -115,7 +114,7 @@ public class SysRoleController extends BaseController
if (roleService.updateRole(role) > 0)
{
// 更新缓存用户权限
LoginUser loginUser = tokenService.getLoginUser(ServletUtils.getRequest());
LoginUser loginUser = getLoginUser();
if (StringUtils.isNotNull(loginUser.getUser()) && !loginUser.getUser().isAdmin())
{
loginUser.setPermissions(permissionService.getMenuPermission(loginUser.getUser()));

8
ruoyi-admin/src/main/java/com/ruoyi/web/controller/system/SysUserController.java
View File

@ -10,11 +10,9 @@ import com.ruoyi.common.core.domain.AjaxResult;
import com.ruoyi.common.core.domain.entity.SysDept;
import com.ruoyi.common.core.domain.entity.SysRole;
import com.ruoyi.common.core.domain.entity.SysUser;
import com.ruoyi.common.core.domain.model.LoginUser;
import com.ruoyi.common.core.page.TableDataInfo;
import com.ruoyi.common.enums.BusinessType;
import com.ruoyi.common.utils.SecurityUtils;
import com.ruoyi.common.utils.ServletUtils;
import com.ruoyi.common.utils.StringUtils;
import com.ruoyi.common.utils.poi.ExcelUtil;
import com.ruoyi.framework.web.service.TokenService;
@ -54,9 +52,6 @@ public class SysUserController extends BaseController
@Autowired
private ISysPostService postService;
@Autowired
private TokenService tokenService;
/**
* 获取用户列表
*/
@ -92,8 +87,7 @@ public class SysUserController extends BaseController
{
List<SysUserImportVo> userListVo = ExcelUtil.importExcel(file.getInputStream(), SysUserImportVo.class);
List<SysUser> userList = BeanUtil.copyToList(userListVo, SysUser.class);
LoginUser loginUser = tokenService.getLoginUser(ServletUtils.getRequest());
String operName = loginUser.getUsername();
String operName = getUsername();
String message = userService.importUser(userList, updateSupport, operName);
return AjaxResult.success(message);
}

4
ruoyi-common/src/main/java/com/ruoyi/common/constant/Constants.java
View File

@ -139,4 +139,8 @@ public class Constants
*/
public static final String LOOKUP_RMI = "rmi://";
/**
* LDAP 远程方法调用
*/
public static final String LOOKUP_LDAP = "ldap://";
}

4
ruoyi-framework/src/main/java/com/ruoyi/framework/aspectj/DataScopeAspect.java
View File

@ -5,10 +5,10 @@ import com.ruoyi.common.core.domain.BaseEntity;
import com.ruoyi.common.core.domain.entity.SysRole;
import com.ruoyi.common.core.domain.entity.SysUser;
import com.ruoyi.common.core.domain.model.LoginUser;
import com.ruoyi.common.utils.ServletUtils;
import com.ruoyi.common.utils.StringUtils;
import com.ruoyi.common.utils.reflect.ReflectUtils;
import com.ruoyi.common.utils.spring.SpringUtils;
import com.ruoyi.common.utils.SecurityUtils;
import com.ruoyi.framework.web.service.TokenService;
import org.aspectj.lang.JoinPoint;
import org.aspectj.lang.Signature;
@ -78,7 +78,7 @@ public class DataScopeAspect {
return;
}
// 获取当前的用户
LoginUser loginUser = SpringUtils.getBean(TokenService.class).getLoginUser(ServletUtils.getRequest());
LoginUser loginUser = SecurityUtils.getLoginUser();
if (StringUtils.isNotNull(loginUser)) {
SysUser currentUser = loginUser.getUser();
// 如果是超级管理员则不过滤数据

3
ruoyi-framework/src/main/java/com/ruoyi/framework/aspectj/LogAspect.java
View File

@ -8,6 +8,7 @@ import com.ruoyi.common.utils.JsonUtils;
import com.ruoyi.common.utils.ServletUtils;
import com.ruoyi.common.utils.StringUtils;
import com.ruoyi.common.utils.spring.SpringUtils;
import com.ruoyi.common.utils.ServletUtils;
import com.ruoyi.framework.web.service.AsyncService;
import com.ruoyi.framework.web.service.TokenService;
import com.ruoyi.system.domain.SysOperLog;
@ -83,7 +84,7 @@ public class LogAspect
}
// 获取当前的用户
LoginUser loginUser = SpringUtils.getBean(TokenService.class).getLoginUser(ServletUtils.getRequest());
LoginUser loginUser = SecurityUtils.getLoginUser();
// *========数据库日志=========*//
SysOperLog operLog = new SysOperLog();

12
ruoyi-framework/src/main/java/com/ruoyi/framework/web/service/PermissionService.java
View File

@ -1,6 +1,7 @@
package com.ruoyi.framework.web.service;
import com.ruoyi.common.utils.StringUtils;
import com.ruoyi.common.utils.SecurityUtils;
import com.ruoyi.common.core.domain.entity.SysRole;
import com.ruoyi.common.core.domain.model.LoginUser;
import com.ruoyi.common.utils.ServletUtils;
@ -28,9 +29,6 @@ public class PermissionService
private static final String PERMISSION_DELIMETER = ",";
@Autowired
private TokenService tokenService;
/**
* 验证用户是否具备某权限
*
@ -43,7 +41,7 @@ public class PermissionService
{
return false;
}
LoginUser loginUser = tokenService.getLoginUser(ServletUtils.getRequest());
LoginUser loginUser = SecurityUtils.getLoginUser();
if (StringUtils.isNull(loginUser) || CollectionUtils.isEmpty(loginUser.getPermissions()))
{
return false;
@ -74,7 +72,7 @@ public class PermissionService
{
return false;
}
LoginUser loginUser = tokenService.getLoginUser(ServletUtils.getRequest());
LoginUser loginUser = SecurityUtils.getLoginUser();
if (StringUtils.isNull(loginUser) || CollectionUtils.isEmpty(loginUser.getPermissions()))
{
return false;
@ -102,7 +100,7 @@ public class PermissionService
{
return false;
}
LoginUser loginUser = tokenService.getLoginUser(ServletUtils.getRequest());
LoginUser loginUser = SecurityUtils.getLoginUser();
if (StringUtils.isNull(loginUser) || CollectionUtils.isEmpty(loginUser.getUser().getRoles()))
{
return false;
@ -141,7 +139,7 @@ public class PermissionService
{
return false;
}
LoginUser loginUser = tokenService.getLoginUser(ServletUtils.getRequest());
LoginUser loginUser = SecurityUtils.getLoginUser();
if (StringUtils.isNull(loginUser) || CollectionUtils.isEmpty(loginUser.getUser().getRoles()))
{
return false;

8
ruoyi-quartz/src/main/java/com/ruoyi/quartz/controller/SysJobController.java
View File

@ -80,6 +80,10 @@ public class SysJobController extends BaseController
{
return error("新增任务'" + job.getJobName() + "'失败,目标字符串不允许'rmi://'调用");
}
else if (StringUtils.containsIgnoreCase(job.getInvokeTarget(), Constants.LOOKUP_LDAP))
{
return error("新增任务'" + job.getJobName() + "'失败,目标字符串不允许'ldap://'调用");
}
else if (StringUtils.containsAnyIgnoreCase(job.getInvokeTarget(), new String[] { Constants.HTTP, Constants.HTTPS }))
{
return error("新增任务'" + job.getJobName() + "'失败,目标字符串不允许'http(s)//'调用");
@ -104,6 +108,10 @@ public class SysJobController extends BaseController
{
return error("修改任务'" + job.getJobName() + "'失败,目标字符串不允许'rmi://'调用");
}
else if (StringUtils.containsIgnoreCase(job.getInvokeTarget(), Constants.LOOKUP_LDAP))
{
return error("修改任务'" + job.getJobName() + "'失败,目标字符串不允许'ldap://'调用");
}
else if (StringUtils.containsAnyIgnoreCase(job.getInvokeTarget(), new String[] { Constants.HTTP, Constants.HTTPS }))
{
return error("修改任务'" + job.getJobName() + "'失败,目标字符串不允许'http(s)//'调用");

3
ruoyi-ui/src/layout/index.vue
View File

@ -8,7 +8,7 @@
<tags-view v-if="needTagsView" />
</div>
<app-main />
<right-panel v-if="showSettings">
<right-panel>
<settings />
</right-panel>
</div>
@ -39,7 +39,6 @@ export default {
sideTheme: state => state.settings.sideTheme,
sidebar: state => state.app.sidebar,
device: state => state.app.device,
showSettings: state => state.settings.showSettings,
needTagsView: state => state.settings.tagsView,
fixedHeader: state => state.settings.fixedHeader
}),