权限中台

151a1d66 · dong.an · fe56512d · 151a1d66 · 151a1d66 · 151a1d66
--- a/client/src/main/java/com/pica/cloud/permission/permission/client/PermissionServiceClient.java
+++ b/client/src/main/java/com/pica/cloud/permission/permission/client/PermissionServiceClient.java
+package com.pica.cloud.permission.permission.client;
+
+import com.pica.cloud.foundation.entity.PicaResponse;
+import com.pica.cloud.permission.permission.common.dto.AuthDto;
+import com.pica.cloud.permission.permission.common.dto.AuthResultDto;
+import com.pica.cloud.permission.permission.common.dto.GrantDto;
+import com.pica.cloud.permission.permission.common.dto.UserRoleDto;
+import org.springframework.cloud.netflix.feign.FeignClient;
+import org.springframework.web.bind.annotation.PostMapping;
+import org.springframework.web.bind.annotation.PutMapping;
+import org.springframework.web.bind.annotation.RequestBody;
+
+/**
+ * @author andong
+ * @create 2019/9/9
+ */
+@FeignClient(name = "13501-pica-cloud-permission")
+public interface PermissionServiceClient {
+
+    //授权
+    @PostMapping("/permission/permission/user-role")
+    PicaResponse grant(@RequestBody UserRoleDto userRoleDto);
+
+    //业务场景授权
+    @PostMapping("/permission/permission/grant")
+    PicaResponse grant(@RequestBody GrantDto grantDto);
+
+    //取消权限
+    @PutMapping("/permission/permission/user-role")
+    PicaResponse revoke(@RequestBody UserRoleDto userRoleDto);
+
+    //鉴权
+    @PostMapping("/permission/permission/auth")
+    PicaResponse<AuthResultDto> auth(@RequestBody AuthDto authDto);
+}
--- a/server/pom.xml
+++ b/server/pom.xml
@@ -117,35 +117,6 @@
        </dependencies>
    </dependencyManagement>

-    <repositories>
-        <repository>
-            <id>nexus</id>
-            <url>http://192.168.110.42:8082/repository/maven-public/</url>
-            <releases>
-                <enabled>true</enabled>
-                <updatePolicy>never</updatePolicy>
-            </releases>
-            <snapshots>
-                <enabled>true</enabled>
-                <updatePolicy>always</updatePolicy>
-            </snapshots>
-        </repository>
-    </repositories>
-    <pluginRepositories>
-        <pluginRepository>
-            <id>nexus</id>
-            <url>http://192.168.110.42:8082/repository/maven-public/</url>
-            <releases>
-                <enabled>true</enabled>
-                <updatePolicy>never</updatePolicy>
-            </releases>
-            <snapshots>
-                <enabled>true</enabled>
-                <updatePolicy>always</updatePolicy>
-            </snapshots>
-        </pluginRepository>
-    </pluginRepositories>
-
    <build>
        <finalName>pica-cloud-permission-server</finalName>

@@ -161,23 +132,6 @@
                    </execution>
                </executions>
            </plugin>
-            <plugin>
-                <groupId>org.mybatis.generator</groupId>
-                <artifactId>mybatis-generator-maven-plugin</artifactId>
-                <version>1.3.5</version>
-                <dependencies>
-                    <dependency>
-                        <groupId>org.mybatis.generator</groupId>
-                        <artifactId>mybatis-generator-core</artifactId>
-                        <version>1.3.2</version>
-                    </dependency>
-                </dependencies>
-                <configuration>
-                    <verbose>true</verbose>
-                    <overwrite>true</overwrite>
-                    <configurationFile>src/main/resources/mybatis-generator.xml</configurationFile>
-                </configuration>
-            </plugin>
        </plugins>
    </build>
 </project>
--- a/server/src/main/java/com/pica/cloud/permission/permission/server/controller/PermissionController.java
+++ b/server/src/main/java/com/pica/cloud/permission/permission/server/controller/PermissionController.java
@@ -32,10 +32,11 @@ public class PermissionController {
    @PostMapping("/grant")
    public PicaResponse grant(@RequestBody GrantDto grantDto) {
        PermissionValidation.grantValidate(grantDto);
-        return null;
+        permissionService.grant(grantDto);
+        return PicaResponse.toResponse();
    }

-    @ApiOperation("授权")
+    @ApiOperation("鉴权")
    @PostMapping("/auth")
    public PicaResponse<AuthResultDto> auth(@RequestBody AuthDto authDto) {
        PermissionValidation.authValidate(authDto);

--- a/server/src/main/java/com/pica/cloud/permission/permission/server/mapper/UserRoleMapper.java
+++ b/server/src/main/java/com/pica/cloud/permission/permission/server/mapper/UserRoleMapper.java
@@ -9,6 +9,8 @@ import java.util.List;
 @Mapper
 public interface UserRoleMapper {

+    UserRole selectByPrimaryKey(int id);
+
    int insertSelective(UserRole userRole);

    List<UserRoleDto> getByUserId(@Param("userId") int userId, @Param("productType") int productType);

--- a/server/src/main/java/com/pica/cloud/permission/permission/server/service/impl/PermissionServiceImpl.java
+++ b/server/src/main/java/com/pica/cloud/permission/permission/server/service/impl/PermissionServiceImpl.java
@@ -81,7 +81,7 @@ public class PermissionServiceImpl implements PermissionService {
                    String[] datas = urlData.split(Constants.DATA_SPLIT);
                    if (authDto.getUrl().equals(datas[0])) {
                        access = true;
-                        list.add(new DataPrivilegeDto(datas[0], datas[2]));
+                        list.add(new DataPrivilegeDto(datas[1], datas[2]));
                    }
                }
            }

--- a/server/src/main/java/com/pica/cloud/permission/permission/server/service/impl/RoleServiceImpl.java
+++ b/server/src/main/java/com/pica/cloud/permission/permission/server/service/impl/RoleServiceImpl.java
@@ -52,6 +52,8 @@ public class RoleServiceImpl implements RoleService {
    @Override
    @Transactional
    public void updateRole(Role role) {
+        role.setProductType(null);  //不支持修改产品线类型
+        role.setCode(null);  //不支持修改角色编码
        role.setModifiedTime(new Date());
        roleMapper.updateByPrimaryKeySelective(role);
    }

--- a/server/src/main/java/com/pica/cloud/permission/permission/server/service/impl/UserRoleServiceImpl.java
+++ b/server/src/main/java/com/pica/cloud/permission/permission/server/service/impl/UserRoleServiceImpl.java
@@ -8,6 +8,7 @@ import com.pica.cloud.permission.permission.server.entity.Role;
 import com.pica.cloud.permission.permission.server.entity.UserRole;
 import com.pica.cloud.permission.permission.server.mapper.RoleMapper;
 import com.pica.cloud.permission.permission.server.mapper.UserRoleMapper;
+import com.pica.cloud.permission.permission.server.service.PermissionCacheService;
 import com.pica.cloud.permission.permission.server.service.UserRoleService;
 import org.springframework.beans.BeanUtils;
 import org.springframework.beans.factory.annotation.Autowired;
@@ -23,6 +24,8 @@ import java.util.List;
 @Service
 public class UserRoleServiceImpl implements UserRoleService {

+    @Autowired
+    private PermissionCacheService permissionCacheService;
    @Autowired
    private UserRoleMapper userRoleMapper;
    @Autowired
@@ -51,6 +54,7 @@ public class UserRoleServiceImpl implements UserRoleService {
        userRole.setCreatedTime(new Date());
        userRole.setModifiedTime(userRole.getCreatedTime());
        userRoleMapper.insertSelective(userRole);
+        permissionCacheService.addUserRole(userRole);  //更新缓存信息
    }

    @Override
@@ -61,12 +65,14 @@ public class UserRoleServiceImpl implements UserRoleService {
    @Override
    @Transactional
    public void deleteById(int id, int modifiedId) {
+        UserRole origin = userRoleMapper.selectByPrimaryKey(id);
        UserRole userRole = new UserRole();
        userRole.setId(id);
        userRole.setDeleteFlag(Constants.DELETE_FLAG_INVALID);
        userRole.setModifiedId(modifiedId);
        userRole.setModifiedTime(new Date());
        userRoleMapper.updateByPrimaryKeySelective(userRole);
+        permissionCacheService.deleteUserRole(origin);  //更新缓存信息
    }

    @Override
@@ -82,5 +88,6 @@ public class UserRoleServiceImpl implements UserRoleService {
            userRole.setRoleId(role.getId());
        }
        userRoleMapper.deleteUserRole(userRole);
+        permissionCacheService.deleteUserRole(userRole);  //更新缓存信息
    }
 }
--- a/server/src/main/java/com/pica/cloud/permission/permission/server/validation/RoleValidation.java
+++ b/server/src/main/java/com/pica/cloud/permission/permission/server/validation/RoleValidation.java
@@ -33,8 +33,8 @@ public class RoleValidation {
        if (role.getModifiedId() == null) {
            throw new PicaException(PicaResultCode.PARAM_IS_BLANK.code(), "操作人ID为空");
        }
-        if (role.getProductType() == null && StringUtils.isBlank(role.getCode()) && StringUtils.isBlank(role.getName())) {
-            throw new PicaException(PicaResultCode.PARAM_IS_BLANK.code(), "缺少必要参数");
+        if (StringUtils.isBlank(role.getName())) {
+            throw new PicaException(PicaResultCode.PARAM_IS_BLANK.code(), "角色名称为空");
        }
    }
 }
--- a/server/src/main/resources/mybatis/UserRoleMapper.xml
+++ b/server/src/main/resources/mybatis/UserRoleMapper.xml
@@ -19,6 +19,13 @@
    modified_time
  </sql>

+  <select id="selectByPrimaryKey" parameterType="java.lang.Integer" resultMap="BaseResultMap">
+    select
+    <include refid="Base_Column_List" />
+    from perm_user_role
+    where id = #{id,jdbcType=INTEGER} and delete_flag = 1
+  </select>
+
  <select id="getByUserId" resultType="com.pica.cloud.permission.permission.common.dto.UserRoleDto">
    select ur.id, ur.product_type as productType, ur.user_id as userId, ur.role_id as roleId,
      r.code as roleCode, r.name as roleName