权限中台

client/src/main/java/com/pica/cloud/permission/permission/client/PermissionServiceClient.java

+package com.pica.cloud.permission.permission.client;
+
+import com.pica.cloud.foundation.entity.PicaResponse;
+import com.pica.cloud.permission.permission.common.dto.AuthDto;
+import com.pica.cloud.permission.permission.common.dto.AuthResultDto;
+import com.pica.cloud.permission.permission.common.dto.GrantDto;
+import com.pica.cloud.permission.permission.common.dto.UserRoleDto;
+import org.springframework.cloud.netflix.feign.FeignClient;
+import org.springframework.web.bind.annotation.PostMapping;
+import org.springframework.web.bind.annotation.PutMapping;
+import org.springframework.web.bind.annotation.RequestBody;
+
+/**
+ * @author andong
+ * @create 2019/9/9
+ */
+@FeignClient(name = "13501-pica-cloud-permission")
+public interface PermissionServiceClient {
+
+    //授权
+    @PostMapping("/permission/permission/user-role")
+    PicaResponse grant(@RequestBody UserRoleDto userRoleDto);
+
+    //业务场景授权
+    @PostMapping("/permission/permission/grant")
+    PicaResponse grant(@RequestBody GrantDto grantDto);
+
+    //取消权限
+    @PutMapping("/permission/permission/user-role")
+    PicaResponse revoke(@RequestBody UserRoleDto userRoleDto);
+
+    //鉴权
+    @PostMapping("/permission/permission/auth")
+    PicaResponse<AuthResultDto> auth(@RequestBody AuthDto authDto);
+}

server/pom.xml

@@ -117,35 +117,6 @@
         </dependencies>
     </dependencyManagement>
 
-    <repositories>
-        <repository>
-            <id>nexus</id>
-            <url>http://192.168.110.42:8082/repository/maven-public/</url>
-            <releases>
-                <enabled>true</enabled>
-                <updatePolicy>never</updatePolicy>
-            </releases>
-            <snapshots>
-                <enabled>true</enabled>
-                <updatePolicy>always</updatePolicy>
-            </snapshots>
-        </repository>
-    </repositories>
-    <pluginRepositories>
-        <pluginRepository>
-            <id>nexus</id>
-            <url>http://192.168.110.42:8082/repository/maven-public/</url>
-            <releases>
-                <enabled>true</enabled>
-                <updatePolicy>never</updatePolicy>
-            </releases>
-            <snapshots>
-                <enabled>true</enabled>
-                <updatePolicy>always</updatePolicy>
-            </snapshots>
-        </pluginRepository>
-    </pluginRepositories>
-
     <build>
         <finalName>pica-cloud-permission-server</finalName>
 
@@ -161,23 +132,6 @@
                     </execution>
                 </executions>
             </plugin>
-            <plugin>
-                <groupId>org.mybatis.generator</groupId>
-                <artifactId>mybatis-generator-maven-plugin</artifactId>
-                <version>1.3.5</version>
-                <dependencies>
-                    <dependency>
-                        <groupId>org.mybatis.generator</groupId>
-                        <artifactId>mybatis-generator-core</artifactId>
-                        <version>1.3.2</version>
-                    </dependency>
-                </dependencies>
-                <configuration>
-                    <verbose>true</verbose>
-                    <overwrite>true</overwrite>
-                    <configurationFile>src/main/resources/mybatis-generator.xml</configurationFile>
-                </configuration>
-            </plugin>
         </plugins>
     </build>
 </project>

server/src/main/java/com/pica/cloud/permission/permission/server/controller/PermissionController.java

@@ -32,10 +32,11 @@ public class PermissionController {
     @PostMapping("/grant")
     public PicaResponse grant(@RequestBody GrantDto grantDto) {
         PermissionValidation.grantValidate(grantDto);
-        return null;
+        permissionService.grant(grantDto);
+        return PicaResponse.toResponse();
     }
 
-    @ApiOperation("授权")
+    @ApiOperation("鉴权")
     @PostMapping("/auth")
     public PicaResponse<AuthResultDto> auth(@RequestBody AuthDto authDto) {
         PermissionValidation.authValidate(authDto);

server/src/main/java/com/pica/cloud/permission/permission/server/mapper/UserRoleMapper.java

@@ -9,6 +9,8 @@ import java.util.List;
 @Mapper
 public interface UserRoleMapper {
 
+    UserRole selectByPrimaryKey(int id);
+
     int insertSelective(UserRole userRole);
 
     List<UserRoleDto> getByUserId(@Param("userId") int userId, @Param("productType") int productType);

server/src/main/java/com/pica/cloud/permission/permission/server/service/impl/PermissionServiceImpl.java

@@ -81,7 +81,7 @@ public class PermissionServiceImpl implements PermissionService {
                     String[] datas = urlData.split(Constants.DATA_SPLIT);
                     if (authDto.getUrl().equals(datas[0])) {
                         access = true;
-                        list.add(new DataPrivilegeDto(datas[0], datas[2]));
+                        list.add(new DataPrivilegeDto(datas[1], datas[2]));
                     }
                 }
             }

server/src/main/java/com/pica/cloud/permission/permission/server/service/impl/RoleServiceImpl.java

@@ -52,6 +52,8 @@ public class RoleServiceImpl implements RoleService {
     @Override
     @Transactional
     public void updateRole(Role role) {
+        role.setProductType(null);  //不支持修改产品线类型
+        role.setCode(null);  //不支持修改角色编码
         role.setModifiedTime(new Date());
         roleMapper.updateByPrimaryKeySelective(role);
     }

server/src/main/java/com/pica/cloud/permission/permission/server/service/impl/UserRoleServiceImpl.java

@@ -8,6 +8,7 @@ import com.pica.cloud.permission.permission.server.entity.Role;
 import com.pica.cloud.permission.permission.server.entity.UserRole;
 import com.pica.cloud.permission.permission.server.mapper.RoleMapper;
 import com.pica.cloud.permission.permission.server.mapper.UserRoleMapper;
+import com.pica.cloud.permission.permission.server.service.PermissionCacheService;
 import com.pica.cloud.permission.permission.server.service.UserRoleService;
 import org.springframework.beans.BeanUtils;
 import org.springframework.beans.factory.annotation.Autowired;
@@ -23,6 +24,8 @@ import java.util.List;
 @Service
 public class UserRoleServiceImpl implements UserRoleService {
 
+    @Autowired
+    private PermissionCacheService permissionCacheService;
     @Autowired
     private UserRoleMapper userRoleMapper;
     @Autowired
@@ -51,6 +54,7 @@ public class UserRoleServiceImpl implements UserRoleService {
         userRole.setCreatedTime(new Date());
         userRole.setModifiedTime(userRole.getCreatedTime());
         userRoleMapper.insertSelective(userRole);
+        permissionCacheService.addUserRole(userRole);  //更新缓存信息
     }
 
     @Override
@@ -61,12 +65,14 @@ public class UserRoleServiceImpl implements UserRoleService {
     @Override
     @Transactional
     public void deleteById(int id, int modifiedId) {
+        UserRole origin = userRoleMapper.selectByPrimaryKey(id);
         UserRole userRole = new UserRole();
         userRole.setId(id);
         userRole.setDeleteFlag(Constants.DELETE_FLAG_INVALID);
         userRole.setModifiedId(modifiedId);
         userRole.setModifiedTime(new Date());
         userRoleMapper.updateByPrimaryKeySelective(userRole);
+        permissionCacheService.deleteUserRole(origin);  //更新缓存信息
     }
 
     @Override
@@ -82,5 +88,6 @@ public class UserRoleServiceImpl implements UserRoleService {
             userRole.setRoleId(role.getId());
         }
         userRoleMapper.deleteUserRole(userRole);
+        permissionCacheService.deleteUserRole(userRole);  //更新缓存信息
     }
 }

server/src/main/java/com/pica/cloud/permission/permission/server/validation/RoleValidation.java

@@ -33,8 +33,8 @@ public class RoleValidation {
         if (role.getModifiedId() == null) {
             throw new PicaException(PicaResultCode.PARAM_IS_BLANK.code(), "操作人ID为空");
         }
-        if (role.getProductType() == null && StringUtils.isBlank(role.getCode()) && StringUtils.isBlank(role.getName())) {
-            throw new PicaException(PicaResultCode.PARAM_IS_BLANK.code(), "缺少必要参数");
+        if (StringUtils.isBlank(role.getName())) {
+            throw new PicaException(PicaResultCode.PARAM_IS_BLANK.code(), "角色名称为空");
         }
     }
 }

server/src/main/resources/mybatis/UserRoleMapper.xml

@@ -19,6 +19,13 @@
     modified_time
   </sql>
 
+  <select id="selectByPrimaryKey" parameterType="java.lang.Integer" resultMap="BaseResultMap">
+    select
+    <include refid="Base_Column_List" />
+    from perm_user_role
+    where id = #{id,jdbcType=INTEGER} and delete_flag = 1
+  </select>
+
   <select id="getByUserId" resultType="com.pica.cloud.permission.permission.common.dto.UserRoleDto">
     select ur.id, ur.product_type as productType, ur.user_id as userId, ur.role_id as roleId,
       r.code as roleCode, r.name as roleName