TienChin 渠道管理-查看渠道接口

2023-10-12 14:39:02 浏览数 (1)

自定义 hasPermission 校验规则

自定义一个 Spring Security hasPermission 校验规则:

在 tienchin-framework 模块当中进行自定义,新建 CustomSecurityExpressionRoot.java 自定义 hasPermission 判断逻辑类:

代码语言:javascript复制
/**
 * @author BNTang
 * @version 1.0
 * @description 自定义 hasPermission 判断逻辑
 * @since 2023-08-26
 **/
public class CustomSecurityExpressionRoot
        extends SecurityExpressionRoot
        implements MethodSecurityExpressionOperations {

    private Object filterObject;
    private Object returnObject;
    private final AntPathMatcher antPathMatcher = new AntPathMatcher();

    /**
     * Creates a new instance
     *
     * @param authentication the {@link Authentication} to use. Cannot be null.
     */
    public CustomSecurityExpressionRoot(Authentication authentication) {
        super(authentication);
    }

    /**
     * 判断当前对象是否具备某一个权限
     *
     * @param permission 权限
     * @return boolean
     * @author BNTang
     * @since 2023/08/26 08:43:56
     */
    public boolean hasPermission(String permission) {
        // 获取当前登录用户所具有的权限
        // 这里实际上调用到的是 top.it6666.common.core.domain.model.LoginUser.getAuthorities 方法的返回值
        Collection<? extends GrantedAuthority> authorities = authentication.getAuthorities();
        for (GrantedAuthority authority : authorities) {
            if (antPathMatcher.match(authority.getAuthority(), permission)) {
                return true;
            }
        }
        return false;
    }

    /**
     * 是否具备多个权限中的任意一个权限
     *
     * @param permissions 权限
     * @return boolean
     * @author BNTang
     * @since 2023/08/26 08:44:52
     */
    public boolean hasAnyPermissions(String... permissions) {
        if (permissions == null || permissions.length == 0) {
            return false;
        }
        Collection<? extends GrantedAuthority> authorities = authentication.getAuthorities();
        for (GrantedAuthority authority : authorities) {
            for (String permission : permissions) {
                if (antPathMatcher.match(authority.getAuthority(), permission)) {
                    return true;
                }
            }
        }
        return false;
    }

    /**
     * 是否具备拥有所有权限
     *
     * @param permissions 权限
     * @return boolean
     * @author BNTang
     * @since 2023/08/26 08:44:26
     */
    public boolean hasAllPermissions(String... permissions) {
        Collection<? extends GrantedAuthority> authorities = authentication.getAuthorities();
        if (permissions == null || permissions.length == 0) {
            return false;
        }
        for (String permission : permissions) {
            boolean flag = false;
            for (GrantedAuthority authority : authorities) {
                if (antPathMatcher.match(authority.getAuthority(), permission)) {
                    flag = true;
                }
            }
            if (!flag) {
                return false;
            }
        }
        return true;
    }

    @Override
    public void setFilterObject(Object filterObject) {
        this.filterObject = filterObject;
    }

    @Override
    public Object getFilterObject() {
        return filterObject;
    }

    @Override
    public void setReturnObject(Object returnObject) {
        this.returnObject = returnObject;
    }

    @Override
    public Object getReturnObject() {
        return returnObject;
    }

    @Override
    public Object getThis() {
        return this;
    }
}

新建自定义 hasPermission 判断逻辑处理器类:

代码语言:javascript复制
/**
 * @author BNTang
 * @version 1.0
 * @description 自定义 hasPermission 判断逻辑处理器
 * @since 2023-08-26
 **/
public class CustomMethodSecurityExpressionHandler
        extends DefaultMethodSecurityExpressionHandler {
    @Override
    protected MethodSecurityExpressionOperations createSecurityExpressionRoot(Authentication authentication,
                                                                              MethodInvocation invocation) {

        CustomSecurityExpressionRoot root = new CustomSecurityExpressionRoot(authentication);

        root.setTrustResolver(getTrustResolver());
        root.setPermissionEvaluator(getPermissionEvaluator());
        root.setRoleHierarchy(getRoleHierarchy());

        return root;
    }
}

注册一下自定义 hasPermission 判断逻辑处理器,更改 ResourcesConfig:

代码语言:javascript复制
/**
 * 自定义 hasPermission 判断逻辑处理器
 *
 * @return {@code CustomMethodSecurityExpressionHandler }
 * @author BNTang
 * @since 2023/08/26 08:57:19
 */
@Bean
CustomMethodSecurityExpressionHandler customMethodSecurityExpressionHandler() {
    return new CustomMethodSecurityExpressionHandler();
}

更改 LoginUser,完善一下 LoginUser 当中的 getAuthorities 方法:

代码语言:javascript复制
@Override
public Collection<? extends GrantedAuthority> getAuthorities() {
    if (permissions != null && !permissions.isEmpty()) {
        return permissions.stream()
                .map(SimpleGrantedAuthority::new)
                .collect(Collectors.toList());
    }
    return Collections.emptyList();
}

编写查询接口

更改 ChannelController:

代码语言:javascript复制
/**
 * <p>
 * 渠道管理表 前端控制器
 * </p>
 *
 * @author BNTang
 * @since 2023-08-22
 */
@RestController
@RequestMapping("/tienchin/channel")
public class ChannelController extends BaseController {

    @Resource
    private IChannelService iChannelService;

    @PreAuthorize("hasPermission('tienchin:channel:list')")
    @GetMapping("/list")
    TableDataInfo list() {
        startPage();
        return getDataTable(iChannelService.selectChannelList());
    }
}

更改 IChannelService:

代码语言:javascript复制
/**
 * <p>
 * 渠道管理表 服务类
 * </p>
 *
 * @author BNTang
 * @since 2023-08-22
 */
public interface IChannelService
        extends IService<Channel> {

    /**
     * 查询渠道列表
     *
     * @return {@code List<Channel> }
     * @author BNTang
     * @since 2023/08/26 09:32:57
     */
    List<Channel> selectChannelList();
}

更改 ChannelServiceImpl:

代码语言:javascript复制
/**
 * <p>
 * 渠道管理表 服务实现类
 * </p>
 *
 * @author BNTang
 * @since 2023-08-22
 */
@Service
public class ChannelServiceImpl
        extends ServiceImpl<ChannelMapper, Channel>
        implements IChannelService {

    @Resource
    private ChannelMapper channelMapper;

    @Override
    public List<Channel> selectChannelList() {
        return channelMapper.selectChannelList();
    }
}

更改 ChannelMapper:

代码语言:javascript复制
/**
 * <p>
 * 渠道管理表 Mapper 接口
 * </p>
 *
 * @author BNTang
 * @since 2023-08-22
 */
public interface ChannelMapper extends BaseMapper<Channel> {

    /**
     * 查询渠道列表
     *
     * @return {@code List<Channel> }
     * @author BNTang
     * @since 2023/08/26 09:33:46
     */
    List<Channel> selectChannelList();
}

更改 ChannelMapper.xml:

代码语言:javascript复制
<?xml version="1.0" encoding="UTF-8"?>
<!DOCTYPE mapper PUBLIC "-//mybatis.org//DTD Mapper 3.0//EN" "http://mybatis.org/dtd/mybatis-3-mapper.dtd">
<mapper namespace="top.it6666.channel.mapper.ChannelMapper">
    <select id="selectChannelList" resultType="top.it6666.channel.domain.Channel">
        SELECT channel_id,
               channel_name,
               status,
               remark,
               type,
               create_by,
               update_by,
               create_time,
               update_time,
               del_flag
        FROM tienchin_channel
        WHERE del_flag = 0
    </select>
</mapper>

全局将 @ss.hasPermi 替换为 hasPermission

0 人点赞