Skip to content

P
pica-cloud-permission
提交 6fc7a470 编写于 作者: dong.an's avatar dong.an
浏览文件
操作

权限中台

上级 9b669876
隐藏空白字符变更
内嵌 并排
正在显示 包含 988 行增加73 行删除
common/src/main/java/com/pica/cloud/permission/permission/common/constants/AuthTypeEnum.java 0 → 100644
浏览文件 @ 6fc7a470
package com.pica.cloud.permission.permission.common.constants;
/**
* @author andong
* @create 2019/9/5
*/
@SuppressWarnings("unused")
public enum AuthTypeEnum {
ROLE(1, "角色鉴权"), URL(2, "url鉴权");
private int code;
private String desc;
AuthTypeEnum(int code, String desc) {
this.code = code;
this.desc = desc;
}
public int code() {
return this.code;
}
public String desc() {
return this.desc;
}
}
common/src/main/java/com/pica/cloud/permission/permission/common/constants/GrantCodeEnum.java 0 → 100644
浏览文件 @ 6fc7a470
package com.pica.cloud.permission.permission.common.constants;
/**
* @author andong
* @create 2019/9/4
*/
@SuppressWarnings("unused")
public enum GrantCodeEnum {
REGISTER, //注册
JOIN_HOSPITAL, //加入机构
QUIT_HOSPITAL, //退出(移除)机构
MAIN_ADMIN, //成为机构主管理员
ADMIN, //成为机构管理员
REMOVE_MAIN_ADMIN, //移除机构主管理员
REMOVE_ADMIN, //移除机构管理员
CERTIFY; //认证通过
}
common/src/main/java/com/pica/cloud/permission/permission/common/constants/ProductTypeEnum.java 0 → 100644
浏览文件 @ 6fc7a470
package com.pica.cloud.permission.permission.common.constants;
/**
* @author andong
* @create 2019/9/4
*/
@SuppressWarnings("unused")
public enum ProductTypeEnum {
DOCTOR(1, "云鹊医"), HEALTH(2, "云鹊健康"), ADMIN(3, "admin");
private int code;
private String desc;
ProductTypeEnum(int code, String desc) {
this.code = code;
this.desc = desc;
}
public int code() {
return this.code;
}
public String desc() {
return this.desc;
}
}
common/src/main/java/com/pica/cloud/permission/permission/common/dto/AuthDto.java 0 → 100644
浏览文件 @ 6fc7a470
package com.pica.cloud.permission.permission.common.dto;
import com.pica.cloud.permission.permission.common.constants.AuthTypeEnum;
/**
* @author andong
* @create 2019/9/5
*/
public class AuthDto {
private Integer productType;
private Integer userId;
private AuthTypeEnum authType;
private String roleCode;
private String url;
private boolean dataAuth = false;
public Integer getProductType() {
return productType;
}
public void setProductType(Integer productType) {
this.productType = productType;
}
public Integer getUserId() {
return userId;
}
public void setUserId(Integer userId) {
this.userId = userId;
}
public AuthTypeEnum getAuthType() {
return authType;
}
public void setAuthType(AuthTypeEnum authType) {
this.authType = authType;
}
public String getRoleCode() {
return roleCode;
}
public void setRoleCode(String roleCode) {
this.roleCode = roleCode;
}
public String getUrl() {
return url;
}
public void setUrl(String url) {
this.url = url;
}
public boolean isDataAuth() {
return dataAuth;
}
public void setDataAuth(boolean dataAuth) {
this.dataAuth = dataAuth;
}
}
common/src/main/java/com/pica/cloud/permission/permission/common/dto/AuthResultDto.java 0 → 100644
浏览文件 @ 6fc7a470
package com.pica.cloud.permission.permission.common.dto;
import java.util.List;
/**
* @author andong
* @create 2019/9/5
*/
public class AuthResultDto {
private boolean access;
private List<DataPrivilegeDto> dataPrivileges;
public AuthResultDto(boolean access, List<DataPrivilegeDto> dataPrivileges) {
this.access = access;
this.dataPrivileges = dataPrivileges;
}
public boolean isAccess() {
return access;
}
public void setAccess(boolean access) {
this.access = access;
}
public List<DataPrivilegeDto> getDataPrivileges() {
return dataPrivileges;
}
public void setDataPrivileges(List<DataPrivilegeDto> dataPrivileges) {
this.dataPrivileges = dataPrivileges;
}
}
common/src/main/java/com/pica/cloud/permission/permission/common/dto/DataPrivilegeDto.java 0 → 100644
浏览文件 @ 6fc7a470
package com.pica.cloud.permission.permission.common.dto;
/**
* @author andong
* @create 2019/9/5
*/
public class DataPrivilegeDto {
private String config;
private String configExt;
public DataPrivilegeDto(String config, String configExt) {
this.config = config;
this.configExt = configExt;
}
public String getConfig() {
return config;
}
public void setConfig(String config) {
this.config = config;
}
public String getConfigExt() {
return configExt;
}
public void setConfigExt(String configExt) {
this.configExt = configExt;
}
}
common/src/main/java/com/pica/cloud/permission/permission/common/dto/GrantDto.java 0 → 100644
浏览文件 @ 6fc7a470
package com.pica.cloud.permission.permission.common.dto;
import com.pica.cloud.permission.permission.common.constants.GrantCodeEnum;
/**
* @author andong
* @create 2019/9/4
*/
public class GrantDto {
private Integer productType;
private Integer userId;
private GrantCodeEnum grantCode;
private Integer createdId;
public Integer getProductType() {
return productType;
}
public void setProductType(Integer productType) {
this.productType = productType;
}
public Integer getUserId() {
return userId;
}
public void setUserId(Integer userId) {
this.userId = userId;
}
public GrantCodeEnum getGrantCode() {
return grantCode;
}
public void setGrantCode(GrantCodeEnum grantCode) {
this.grantCode = grantCode;
}
public Integer getCreatedId() {
return createdId;
}
public void setCreatedId(Integer createdId) {
this.createdId = createdId;
}
}
common/src/main/java/com/pica/cloud/permission/permission/common/dto/RoleResourceDto.java 0 → 100644
浏览文件 @ 6fc7a470
package com.pica.cloud.permission.permission.common.dto;
/**
* @author andong
* @create 2019/9/3
*/
public class RoleResourceDto {
private Integer roleId;
private String roleCode;
private String roleName;
private Integer resourceId;
private String resourceCode;
private String resourceName;
private String url;
private Integer dataPrivilegeId;
private String description;
private String config;
private String configExt;
public Integer getRoleId() {
return roleId;
}
public void setRoleId(Integer roleId) {
this.roleId = roleId;
}
public String getRoleCode() {
return roleCode;
}
public void setRoleCode(String roleCode) {
this.roleCode = roleCode;
}
public String getRoleName() {
return roleName;
}
public void setRoleName(String roleName) {
this.roleName = roleName;
}
public Integer getResourceId() {
return resourceId;
}
public void setResourceId(Integer resourceId) {
this.resourceId = resourceId;
}
public String getResourceCode() {
return resourceCode;
}
public void setResourceCode(String resourceCode) {
this.resourceCode = resourceCode;
}
public String getResourceName() {
return resourceName;
}
public void setResourceName(String resourceName) {
this.resourceName = resourceName;
}
public String getUrl() {
return url;
}
public void setUrl(String url) {
this.url = url;
}
public Integer getDataPrivilegeId() {
return dataPrivilegeId;
}
public void setDataPrivilegeId(Integer dataPrivilegeId) {
this.dataPrivilegeId = dataPrivilegeId;
}
public String getDescription() {
return description;
}
public void setDescription(String description) {
this.description = description;
}
public String getConfig() {
return config;
}
public void setConfig(String config) {
this.config = config;
}
public String getConfigExt() {
return configExt;
}
public void setConfigExt(String configExt) {
this.configExt = configExt;
}
}
common/src/main/java/com/pica/cloud/permission/permission/common/dto/UserRoleDto.java 0 → 100644
浏览文件 @ 6fc7a470
package com.pica.cloud.permission.permission.common.dto;
/**
* @author andong
* @create 2019/9/3
*/
public class UserRoleDto {
private Integer id;
private Integer productType;
private Integer userId;
private Integer roleId;
private String roleCode;
private String roleName;
private Integer createdId;
private Integer modifiedId;
public Integer getId() {
return id;
}
public void setId(Integer id) {
this.id = id;
}
public Integer getProductType() {
return productType;
}
public void setProductType(Integer productType) {
this.productType = productType;
}
public Integer getUserId() {
return userId;
}
public void setUserId(Integer userId) {
this.userId = userId;
}
public Integer getRoleId() {
return roleId;
}
public void setRoleId(Integer roleId) {
this.roleId = roleId;
}
public String getRoleCode() {
return roleCode;
}
public void setRoleCode(String roleCode) {
this.roleCode = roleCode;
}
public String getRoleName() {
return roleName;
}
public void setRoleName(String roleName) {
this.roleName = roleName;
}
public Integer getCreatedId() {
return createdId;
}
public void setCreatedId(Integer createdId) {
this.createdId = createdId;
}
public Integer getModifiedId() {
return modifiedId;
}
public void setModifiedId(Integer modifiedId) {
this.modifiedId = modifiedId;
}
}
server/pom.xml
浏览文件 @ 6fc7a470
......@@ -89,6 +89,12 @@
<groupId>org.springframework.kafka</groupId>
<artifactId>spring-kafka</artifactId>
</dependency>
<dependency>
<groupId>com.pica.cloud.permission</groupId>
<artifactId>pica-cloud-permission-common</artifactId>
<version>1.0.0</version>
</dependency>
</dependencies>
<dependencyManagement>
......
server/src/main/java/com/pica/cloud/permission/permission/server/constants/Constants.java
浏览文件 @ 6fc7a470
......@@ -11,4 +11,12 @@ public class Constants {
public static final int DELETE_FLAG_VALID = 1;
public static final int DELETE_FLAG_INVALID = 2;
//缓存KEY
public static final String KEY_DOCTOR_ROLE = "perm_doctor_role_";
public static final String KEY_ROLE_URL = "perm_role_url_";
public static final String KEY_ROLE_DATA = "perm_role_data_";
//数据分割符
public static final String DATA_SPLIT = ";;;";
}
server/src/main/java/com/pica/cloud/permission/permission/server/controller/DataPrivilegeController.java
浏览文件 @ 6fc7a470
......@@ -5,6 +5,7 @@ import com.pica.cloud.permission.permission.server.entity.DataPrivilege;
import com.pica.cloud.permission.permission.server.service.DataPrivilegeService;
import com.pica.cloud.permission.permission.server.validation.DataPrivilegeValidation;
import io.swagger.annotations.Api;
import io.swagger.annotations.ApiOperation;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.web.bind.annotation.*;
import java.util.List;
......@@ -21,21 +22,21 @@ public class DataPrivilegeController {
@Autowired
private DataPrivilegeService dataPrivilegeService;
//根据ID获取数据权限
@ApiOperation("根据ID获取数据权限")
@GetMapping("/data-privilege/{id}")
public PicaResponse<DataPrivilege> getById(@PathVariable("id") int id) {
DataPrivilege dataPrivilege = dataPrivilegeService.getById(id);
return PicaResponse.toResponse(dataPrivilege);
}
//根据资源ID获取数据权限
@ApiOperation("根据资源ID获取数据权限")
@GetMapping("/data-privilege")
public PicaResponse<List<DataPrivilege>> getByResourceId(@RequestParam("resourceId") int resourceId) {
List<DataPrivilege> list = dataPrivilegeService.getByResourceId(resourceId);
return PicaResponse.toResponse(list);
}
//添加数据资源
@ApiOperation("添加数据资源")
@PostMapping("/data-privilege")
public PicaResponse addDataPrivilege(DataPrivilege dataPrivilege) {
DataPrivilegeValidation.addDataPrivilegeValidate(dataPrivilege);
......@@ -43,7 +44,7 @@ public class DataPrivilegeController {
return PicaResponse.toResponse();
}
//修改数据资源
@ApiOperation("修改数据资源")
@PutMapping("/data-privilege")
public PicaResponse updateDataPrivilege(DataPrivilege dataPrivilege) {
DataPrivilegeValidation.updateDataPrivilegeValidate(dataPrivilege);
......@@ -51,7 +52,7 @@ public class DataPrivilegeController {
return PicaResponse.toResponse();
}
//逻辑删除数据资源
@ApiOperation("逻辑删除数据资源")
@DeleteMapping("/data-privilege")
public PicaResponse deleteDataPrivilege(@RequestParam("id") int id, @RequestParam("modifiedId") int modifiedId) {
dataPrivilegeService.deleteDataPrivilege(id, modifiedId);
......
server/src/main/java/com/pica/cloud/permission/permission/server/controller/PermissionController.java
浏览文件 @ 6fc7a470
package com.pica.cloud.permission.permission.server.controller;
import com.pica.cloud.foundation.entity.PicaResponse;
import com.pica.cloud.permission.permission.common.dto.AuthDto;
import com.pica.cloud.permission.permission.common.dto.AuthResultDto;
import com.pica.cloud.permission.permission.common.dto.GrantDto;
import com.pica.cloud.permission.permission.server.service.PermissionService;
import com.pica.cloud.permission.permission.server.validation.PermissionValidation;
import io.swagger.annotations.Api;
import org.springframework.web.bind.annotation.GetMapping;
import org.springframework.web.bind.annotation.RequestMapping;
import org.springframework.web.bind.annotation.RestController;
import io.swagger.annotations.ApiOperation;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.web.bind.annotation.*;
/**
* @author andong
......@@ -15,9 +20,27 @@ import org.springframework.web.bind.annotation.RestController;
@RequestMapping("/permission")
public class PermissionController {
@Autowired
private PermissionService permissionService;
@GetMapping("/test")
public PicaResponse<String> test() {
return PicaResponse.toResponse("test");
}
@ApiOperation("授权")
@PostMapping("/grant")
public PicaResponse grant(@RequestBody GrantDto grantDto) {
PermissionValidation.grantValidate(grantDto);
return null;
}
@ApiOperation("授权")
@PostMapping("/auth")
public PicaResponse<AuthResultDto> auth(@RequestBody AuthDto authDto) {
PermissionValidation.authValidate(authDto);
AuthResultDto result = permissionService.auth(authDto);
return PicaResponse.toResponse(result);
}
}
server/src/main/java/com/pica/cloud/permission/permission/server/controller/ResourceController.java
浏览文件 @ 6fc7a470
......@@ -5,6 +5,7 @@ import com.pica.cloud.permission.permission.server.entity.Resource;
import com.pica.cloud.permission.permission.server.service.ResourceService;
import com.pica.cloud.permission.permission.server.validation.ResourceValidation;
import io.swagger.annotations.Api;
import io.swagger.annotations.ApiOperation;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.web.bind.annotation.*;
import java.util.List;
......@@ -21,14 +22,14 @@ public class ResourceController {
@Autowired
private ResourceService resourceService;
//根据ID获取资源
@ApiOperation("根据ID获取资源")
@GetMapping("/resource/{id}")
public PicaResponse<Resource> getById(@PathVariable("id") int id) {
Resource resource = resourceService.getById(id);
return PicaResponse.toResponse(resource);
}
//根据条件获取资源
@ApiOperation("根据条件获取资源")
@GetMapping("/resource")
public PicaResponse<List<Resource>> getResource(@RequestParam(value = "productType", required = false) Integer productType,
@RequestParam(value = "category", required = false) Integer category,
......@@ -40,7 +41,7 @@ public class ResourceController {
return PicaResponse.toResponse(list);
}
//添加资源
@ApiOperation("添加资源")
@PostMapping("/resource")
public PicaResponse addResource(@RequestBody Resource resource) {
ResourceValidation.addResourceValidate(resource);
......@@ -48,7 +49,7 @@ public class ResourceController {
return PicaResponse.toResponse();
}
//修改资源
@ApiOperation("修改资源")
@PutMapping("/resource")
public PicaResponse updateResource(@RequestBody Resource resource) {
ResourceValidation.updateResourceValidate(resource);
......@@ -56,7 +57,7 @@ public class ResourceController {
return PicaResponse.toResponse();
}
//根据ID逻辑删除资源
@ApiOperation("根据ID逻辑删除资源")
@DeleteMapping("/resource")
public PicaResponse deleteResource(@RequestParam("id") int id, @RequestParam("modifiedId") int modifiedId) {
resourceService.deleteResource(id, modifiedId);
......
server/src/main/java/com/pica/cloud/permission/permission/server/controller/RoleController.java
浏览文件 @ 6fc7a470
......@@ -7,6 +7,7 @@ import com.pica.cloud.permission.permission.server.entity.Role;
import com.pica.cloud.permission.permission.server.service.RoleService;
import com.pica.cloud.permission.permission.server.validation.RoleValidation;
import io.swagger.annotations.Api;
import io.swagger.annotations.ApiOperation;
import org.apache.commons.lang.StringUtils;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.web.bind.annotation.*;
......@@ -23,14 +24,14 @@ public class RoleController {
@Autowired
private RoleService roleService;
//根据ID获取角色
@ApiOperation("根据ID获取角色")
@GetMapping("/role/{id}")
public PicaResponse<Role> getById(@PathVariable("id") int id) {
Role role = roleService.getById(id);
return PicaResponse.toResponse(role);
}
//根据角色编码或产品线类型获取角色
@ApiOperation("根据角色编码或产品线类型获取角色")
@GetMapping("/role")
public PicaResponse getByCode(@RequestParam(value = "code", required = false) String code,
@RequestParam(value = "productType", required = false) Integer productType) {
......@@ -43,7 +44,7 @@ public class RoleController {
throw new PicaException(PicaResultCode.PARAM_IS_BLANK.code(), "缺少查询参数");
}
//添加角色
@ApiOperation("添加角色")
@PostMapping("/role")
public PicaResponse addRole(@RequestBody Role role) {
RoleValidation.addRoleValidate(role);
......@@ -51,7 +52,7 @@ public class RoleController {
return PicaResponse.toResponse();
}
//修改角色
@ApiOperation("修改角色")
@PutMapping("/role")
public PicaResponse updateRole(@RequestBody Role role) {
RoleValidation.updateRoleValidate(role);
......@@ -59,7 +60,7 @@ public class RoleController {
return PicaResponse.toResponse();
}
//删除角色
@ApiOperation("逻辑删除角色")
@DeleteMapping("/role")
public PicaResponse deleteRole(@RequestParam("id") int id, @RequestParam("modifiedId") int modifiedId) {
roleService.deleteRole(id, modifiedId);
......
server/src/main/java/com/pica/cloud/permission/permission/server/controller/RoleResourceController.java
浏览文件 @ 6fc7a470
package com.pica.cloud.permission.permission.server.controller;
import com.pica.cloud.foundation.entity.PicaResponse;
import com.pica.cloud.permission.permission.common.dto.RoleResourceDto;
import com.pica.cloud.permission.permission.server.entity.RoleResource;
import com.pica.cloud.permission.permission.server.service.RoleResourceService;
import com.pica.cloud.permission.permission.server.validation.RoleResourceValidation;
import io.swagger.annotations.Api;
import io.swagger.annotations.ApiOperation;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.web.bind.annotation.*;
import java.util.List;
......@@ -20,21 +23,22 @@ public class RoleResourceController {
@Autowired
private RoleResourceService roleResourceService;
//根据角色ID获取资源列表
@ApiOperation("根据角色ID获取资源列表")
@GetMapping("/role-resource")
public PicaResponse<List<RoleResource>> getByRoleId(@RequestParam("roleId") int roleId) {
List<RoleResource> list = roleResourceService.getByRoleId(roleId);
public PicaResponse<List<RoleResourceDto>> getByRoleId(@RequestParam("roleId") int roleId) {
List<RoleResourceDto> list = roleResourceService.getByRoleId(roleId);
return PicaResponse.toResponse(list);
}
//添加角色资源关系
@ApiOperation("添加角色资源关系")
@PostMapping("/role-resource")
public PicaResponse addRoleResource(@RequestBody RoleResource roleResource) {
RoleResourceValidation.addRoleResourceValidate(roleResource);
roleResourceService.addRoleResource(roleResource);
return PicaResponse.toResponse();
}
//删除角色资源关系
@ApiOperation("逻辑删除角色资源关系")
@DeleteMapping("/role-resource")
public PicaResponse deleteRoleResource(@RequestParam(value = "id", required = false) Integer id,
@RequestParam(value = "roleId", required = false) Integer roleId,
......
server/src/main/java/com/pica/cloud/permission/permission/server/controller/UserRoleController.java 0 → 100644
浏览文件 @ 6fc7a470
package com.pica.cloud.permission.permission.server.controller;
import com.pica.cloud.foundation.entity.PicaResponse;
import com.pica.cloud.permission.permission.common.dto.UserRoleDto;
import com.pica.cloud.permission.permission.server.service.UserRoleService;
import com.pica.cloud.permission.permission.server.validation.UserRoleValidation;
import io.swagger.annotations.Api;
import io.swagger.annotations.ApiOperation;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.web.bind.annotation.*;
import java.util.List;
/**
* @author andong
* @create 2019/9/3
*/
@Api(description = "用户-角色管理")
@RestController
@RequestMapping("/permission")
public class UserRoleController {
@Autowired
private UserRoleService userRoleService;
@ApiOperation("根据用户ID,产品线类型查询角色列表")
@GetMapping("/user-role")
public PicaResponse<List<UserRoleDto>> getByUserId(@RequestParam("userId") int userId, @RequestParam("productType") int productType) {
List<UserRoleDto> list = userRoleService.getByUserId(userId, productType);
return PicaResponse.toResponse(list);
}
@ApiOperation("添加用户角色关系")
@PostMapping("/user-role")
public PicaResponse addUserRole(@RequestBody UserRoleDto userRoleDto) {
UserRoleValidation.addUserRoleValidate(userRoleDto);
userRoleService.addUserRole(userRoleDto);
return PicaResponse.toResponse();
}
@ApiOperation("根据主键逻辑删除用户角色关系")
@DeleteMapping("/user-role")
public PicaResponse deleteById(@RequestParam("id") int id, @RequestParam("modifiedId") int modifiedId) {
userRoleService.deleteById(id, modifiedId);
return PicaResponse.toResponse();
}
@ApiOperation("逻辑删除用户角色关系")
@PutMapping("/user-role")
public PicaResponse deleteUserRole(@RequestBody UserRoleDto userRoleDto) {
UserRoleValidation.deleteUserRoleValidate(userRoleDto);
userRoleService.deleteUserRole(userRoleDto);
return PicaResponse.toResponse();
}
}
server/src/main/java/com/pica/cloud/permission/permission/server/mapper/RoleResourceMapper.java
浏览文件 @ 6fc7a470
package com.pica.cloud.permission.permission.server.mapper;
import com.pica.cloud.permission.permission.common.dto.RoleResourceDto;
import com.pica.cloud.permission.permission.server.entity.RoleResource;
import org.apache.ibatis.annotations.Mapper;
import org.apache.ibatis.annotations.Param;
import java.util.List;
@Mapper
......@@ -11,10 +11,12 @@ public interface RoleResourceMapper {
int insertSelective(RoleResource roleResource);
List<RoleResource> getByRoleId(int roleId);
List<RoleResourceDto> getByRoleId(int roleId);
int updateByPrimaryKeySelective(RoleResource roleResource);
int deleteAll(@Param("roleId") int roleId, @Param("modifiedId") int modifiedId);
int checkResourceUsed(int resourceId);
}
\ No newline at end of file
server/src/main/java/com/pica/cloud/permission/permission/server/mapper/UserRoleMapper.java
浏览文件 @ 6fc7a470
package com.pica.cloud.permission.permission.server.mapper;
import com.pica.cloud.permission.permission.common.dto.UserRoleDto;
import com.pica.cloud.permission.permission.server.entity.UserRole;
import org.apache.ibatis.annotations.Mapper;
import org.apache.ibatis.annotations.Param;
import java.util.List;
@Mapper
public interface UserRoleMapper {
int deleteByPrimaryKey(Integer id);
int insert(UserRole record);
int insertSelective(UserRole userRole);
int insertSelective(UserRole record);
List<UserRoleDto> getByUserId(@Param("userId") int userId, @Param("productType") int productType);
UserRole selectByPrimaryKey(Integer id);
int updateByPrimaryKeySelective(UserRole userRole);
int updateByPrimaryKeySelective(UserRole record);
int deleteUserRole(UserRole userRole);
int checkRoleUsed(int roleId);
int updateByPrimaryKey(UserRole record);
}
\ No newline at end of file
server/src/main/java/com/pica/cloud/permission/permission/server/service/PermissionCacheService.java 0 → 100644
浏览文件 @ 6fc7a470
package com.pica.cloud.permission.permission.server.service;
/**
* @author andong
* @create 2019/9/5
*/
public interface PermissionCacheService {
}
server/src/main/java/com/pica/cloud/permission/permission/server/service/PermissionService.java 0 → 100644
浏览文件 @ 6fc7a470
package com.pica.cloud.permission.permission.server.service;
import com.pica.cloud.permission.permission.common.dto.AuthDto;
import com.pica.cloud.permission.permission.common.dto.AuthResultDto;
import com.pica.cloud.permission.permission.common.dto.GrantDto;
/**
* @author andong
* @create 2019/9/5
*/
public interface PermissionService {
//业务场景授权
void grant(GrantDto grantDto);
//鉴权
AuthResultDto auth(AuthDto authDto);
}
server/src/main/java/com/pica/cloud/permission/permission/server/service/RoleResourceService.java
浏览文件 @ 6fc7a470
package com.pica.cloud.permission.permission.server.service;
import com.pica.cloud.permission.permission.common.dto.RoleResourceDto;
import com.pica.cloud.permission.permission.server.entity.RoleResource;
import java.util.List;
......@@ -13,7 +14,7 @@ public interface RoleResourceService {
void addRoleResource(RoleResource roleResource);
//根据角色ID查询角色资源关系
List<RoleResource> getByRoleId(int roleId);
List<RoleResourceDto> getByRoleId(int roleId);
//逻辑删除角色资源关系
void deleteRoleResource(int id, int modifiedId);
......
server/src/main/java/com/pica/cloud/permission/permission/server/service/UserRoleService.java 0 → 100644
浏览文件 @ 6fc7a470
package com.pica.cloud.permission.permission.server.service;
import com.pica.cloud.permission.permission.common.dto.UserRoleDto;
import java.util.List;
/**
* @author andong
* @create 2019/9/3
*/
public interface UserRoleService {
//添加用户角色关系
void addUserRole(UserRoleDto userRoleDto);
//根据用户ID,产品限类型查询角色列表
List<UserRoleDto> getByUserId(int userId, int productType);
//逻辑删除用户角色关系
void deleteById(int id, int modifiedId);
void deleteUserRole(UserRoleDto userRoleDto);
}
server/src/main/java/com/pica/cloud/permission/permission/server/service/impl/PermissionCacheServiceImpl.java 0 → 100644
浏览文件 @ 6fc7a470
package com.pica.cloud.permission.permission.server.service.impl;
import com.pica.cloud.permission.permission.server.service.PermissionCacheService;
/**
* @author andong
* @create 2019/9/5
*/
public class PermissionCacheServiceImpl implements PermissionCacheService {
}
server/src/main/java/com/pica/cloud/permission/permission/server/service/impl/PermissionServiceImpl.java 0 → 100644
浏览文件 @ 6fc7a470
package com.pica.cloud.permission.permission.server.service.impl;
import com.pica.cloud.foundation.redis.ICacheClient;
import com.pica.cloud.permission.permission.common.constants.AuthTypeEnum;
import com.pica.cloud.permission.permission.common.constants.ProductTypeEnum;
import com.pica.cloud.permission.permission.common.dto.AuthDto;
import com.pica.cloud.permission.permission.common.dto.AuthResultDto;
import com.pica.cloud.permission.permission.common.dto.DataPrivilegeDto;
import com.pica.cloud.permission.permission.common.dto.GrantDto;
import com.pica.cloud.permission.permission.server.constants.Constants;
import com.pica.cloud.permission.permission.server.service.PermissionService;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.stereotype.Service;
import org.springframework.util.CollectionUtils;
import java.util.ArrayList;
import java.util.List;
import java.util.Set;
/**
* @author andong
* @create 2019/9/5
*/
@Service
public class PermissionServiceImpl implements PermissionService {
@Autowired
private ICacheClient cacheClient;
@Override
public void grant(GrantDto grantDto) {
}
@Override
public AuthResultDto auth(AuthDto authDto) {
if (authDto.getAuthType() == AuthTypeEnum.ROLE) { //判断用户是否具有角色
if (authDto.getProductType().intValue() == ProductTypeEnum.DOCTOR.code()) {
return this.doctorRoleAuth(authDto);
} else {
//TODO
}
} else if (authDto.getAuthType() == AuthTypeEnum.URL) { //判断用户是否具有该url访问权限
if (authDto.getProductType().intValue() == ProductTypeEnum.DOCTOR.code()) {
return this.doctorUrlAuth(authDto);
} else {
//TODO
}
}
return new AuthResultDto(false, null);
}
//医生角色鉴权
private AuthResultDto doctorRoleAuth(AuthDto authDto) {
boolean access = cacheClient.sismember(Constants.KEY_DOCTOR_ROLE + authDto.getUserId().toString(), authDto.getRoleCode());
return new AuthResultDto(access, null);
}
//医生url鉴权
private AuthResultDto doctorUrlAuth(AuthDto authDto) {
Set<String> roleCodes = cacheClient.smembers(Constants.KEY_DOCTOR_ROLE + authDto.getUserId().toString());
if (CollectionUtils.isEmpty(roleCodes)) { //用户无任何角色
return new AuthResultDto(false, null);
}
if (!authDto.isDataAuth()) { //仅url鉴权
for (String roleCode : roleCodes) {
Set<String> urls = cacheClient.smembers(Constants.KEY_ROLE_URL + roleCode);
for (String url : urls) {
if (authDto.getUrl().equals(url)) {
return new AuthResultDto(true, null);
}
}
}
return new AuthResultDto(false, null); //用户无该url访问权限
} else { //url+数据权限鉴权
boolean access = false;
List<DataPrivilegeDto> list = new ArrayList();
for (String roleCode : roleCodes) {
Set<String> urls = cacheClient.smembers(Constants.KEY_ROLE_DATA + roleCode);
for (String urlData : urls) {
String[] datas = urlData.split(Constants.DATA_SPLIT);
if (authDto.getUrl().equals(datas[0])) {
access = true;
list.add(new DataPrivilegeDto(datas[0], datas[2]));
}
}
}
return new AuthResultDto(access, list);
}
}
}
server/src/main/java/com/pica/cloud/permission/permission/server/service/impl/ResourceServiceImpl.java
浏览文件 @ 6fc7a470
package com.pica.cloud.permission.permission.server.service.impl;
import com.pica.cloud.foundation.entity.PicaException;
import com.pica.cloud.foundation.entity.PicaResultCode;
import com.pica.cloud.permission.permission.server.constants.Constants;
import com.pica.cloud.permission.permission.server.entity.Resource;
import com.pica.cloud.permission.permission.server.mapper.ResourceMapper;
import com.pica.cloud.permission.permission.server.mapper.RoleResourceMapper;
import com.pica.cloud.permission.permission.server.service.ResourceService;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.stereotype.Service;
......@@ -19,6 +22,8 @@ public class ResourceServiceImpl implements ResourceService {
@Autowired
private ResourceMapper resourceMapper;
@Autowired
private RoleResourceMapper roleResourceMapper;
@Override
@Transactional
......@@ -49,6 +54,10 @@ public class ResourceServiceImpl implements ResourceService {
@Override
@Transactional
public void deleteResource(int id, int modifiedId) {
Integer pk = roleResourceMapper.checkResourceUsed(id);
if (pk != null) {
throw new PicaException(PicaResultCode.DATA_EXCEPTION.code(), "资源已被使用,无法删除");
}
Resource resource = new Resource();
resource.setId(id);
resource.setDeleteFlag(Constants.DELETE_FLAG_INVALID);
......
server/src/main/java/com/pica/cloud/permission/permission/server/service/impl/RoleResourceServiceImpl.java
浏览文件 @ 6fc7a470
package com.pica.cloud.permission.permission.server.service.impl;
import com.pica.cloud.permission.permission.common.dto.RoleResourceDto;
import com.pica.cloud.permission.permission.server.constants.Constants;
import com.pica.cloud.permission.permission.server.entity.RoleResource;
import com.pica.cloud.permission.permission.server.mapper.RoleResourceMapper;
......@@ -30,7 +31,7 @@ public class RoleResourceServiceImpl implements RoleResourceService {
}
@Override
public List<RoleResource> getByRoleId(int roleId) {
public List<RoleResourceDto> getByRoleId(int roleId) {
return roleResourceMapper.getByRoleId(roleId);
}
......
server/src/main/java/com/pica/cloud/permission/permission/server/service/impl/RoleServiceImpl.java
浏览文件 @ 6fc7a470
package com.pica.cloud.permission.permission.server.service.impl;
import com.pica.cloud.foundation.entity.PicaException;
import com.pica.cloud.foundation.entity.PicaResultCode;
import com.pica.cloud.permission.permission.server.constants.Constants;
import com.pica.cloud.permission.permission.server.entity.Role;
import com.pica.cloud.permission.permission.server.mapper.RoleMapper;
import com.pica.cloud.permission.permission.server.mapper.UserRoleMapper;
import com.pica.cloud.permission.permission.server.service.RoleService;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.stereotype.Service;
......@@ -19,6 +22,8 @@ public class RoleServiceImpl implements RoleService {
@Autowired
private RoleMapper roleMapper;
@Autowired
private UserRoleMapper userRoleMapper;
@Override
@Transactional
......@@ -54,6 +59,10 @@ public class RoleServiceImpl implements RoleService {
@Override
@Transactional
public void deleteRole(int id, int modifiedId) {
Integer pk = userRoleMapper.checkRoleUsed(id);
if (pk != null) {
throw new PicaException(PicaResultCode.DATA_EXCEPTION.code(), "角色已被使用,无法删除");
}
Role role = new Role();
role.setId(id);
role.setDeleteFlag(Constants.DELETE_FLAG_INVALID);
......
server/src/main/java/com/pica/cloud/permission/permission/server/service/impl/UserRoleServiceImpl.java 0 → 100644
浏览文件 @ 6fc7a470
package com.pica.cloud.permission.permission.server.service.impl;
import com.pica.cloud.foundation.entity.PicaException;
import com.pica.cloud.foundation.entity.PicaResultCode;
import com.pica.cloud.permission.permission.common.dto.UserRoleDto;
import com.pica.cloud.permission.permission.server.constants.Constants;
import com.pica.cloud.permission.permission.server.entity.Role;
import com.pica.cloud.permission.permission.server.entity.UserRole;
import com.pica.cloud.permission.permission.server.mapper.RoleMapper;
import com.pica.cloud.permission.permission.server.mapper.UserRoleMapper;
import com.pica.cloud.permission.permission.server.service.UserRoleService;
import org.springframework.beans.BeanUtils;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.stereotype.Service;
import org.springframework.transaction.annotation.Transactional;
import java.util.Date;
import java.util.List;
/**
* @author andong
* @create 2019/9/3
*/
@Service
public class UserRoleServiceImpl implements UserRoleService {
@Autowired
private UserRoleMapper userRoleMapper;
@Autowired
private RoleMapper roleMapper;
@Override
@Transactional
public void addUserRole(UserRoleDto userRoleDto) {
UserRole userRole = new UserRole();
BeanUtils.copyProperties(userRoleDto, userRole);
if (userRoleDto.getRoleId() == null) {
Role role = roleMapper.getByCode(userRoleDto.getRoleCode());
if (role == null) {
throw new PicaException(PicaResultCode.RESULE_DATA_NONE.code(), "角色编码不存在");
}
userRole.setRoleId(role.getId());
}
userRole.setModifiedId(userRole.getCreatedId());
userRole.setCreatedTime(new Date());
userRole.setModifiedTime(userRole.getCreatedTime());
userRoleMapper.insertSelective(userRole);
}
@Override
public List<UserRoleDto> getByUserId(int userId, int productType) {
return userRoleMapper.getByUserId(userId, productType);
}
@Override
@Transactional
public void deleteById(int id, int modifiedId) {
UserRole userRole = new UserRole();
userRole.setId(id);
userRole.setDeleteFlag(Constants.DELETE_FLAG_INVALID);
userRole.setModifiedId(modifiedId);
userRole.setModifiedTime(new Date());
userRoleMapper.updateByPrimaryKeySelective(userRole);
}
@Override
@Transactional
public void deleteUserRole(UserRoleDto userRoleDto) {
UserRole userRole = new UserRole();
BeanUtils.copyProperties(userRoleDto, userRole);
if (userRoleDto.getRoleId() == null) {
Role role = roleMapper.getByCode(userRoleDto.getRoleCode());
if (role == null) {
return;
}
userRole.setRoleId(role.getId());
}
userRoleMapper.deleteUserRole(userRole);
}
}
server/src/main/java/com/pica/cloud/permission/permission/server/validation/PermissionValidation.java 0 → 100644
浏览文件 @ 6fc7a470
package com.pica.cloud.permission.permission.server.validation;
import com.pica.cloud.foundation.entity.PicaException;
import com.pica.cloud.foundation.entity.PicaResultCode;
import com.pica.cloud.permission.permission.common.constants.AuthTypeEnum;
import com.pica.cloud.permission.permission.common.dto.AuthDto;
import com.pica.cloud.permission.permission.common.dto.GrantDto;
import org.apache.commons.lang.StringUtils;
/**
* @author andong
* @create 2019/9/5
*/
public class PermissionValidation {
public static void grantValidate(GrantDto grantDto) {
if (grantDto.getProductType() == null) {
throw new PicaException(PicaResultCode.PARAM_IS_BLANK.code(), "产品线类型为空");
}
if (grantDto.getUserId() == null) {
throw new PicaException(PicaResultCode.PARAM_IS_BLANK.code(), "用户ID为空");
}
if (grantDto.getGrantCode() == null) {
throw new PicaException(PicaResultCode.PARAM_IS_BLANK.code(), "授权场景编码为空");
}
if (grantDto.getCreatedId() == null) {
throw new PicaException(PicaResultCode.PARAM_IS_BLANK.code(), "操作人ID为空");
}
}
public static void authValidate(AuthDto authDto) {
if (authDto.getProductType() == null) {
throw new PicaException(PicaResultCode.PARAM_IS_BLANK.code(), "产品线类型为空");
}
if (authDto.getUserId() == null) {
throw new PicaException(PicaResultCode.PARAM_IS_BLANK.code(), "用户ID为空");
}
if (authDto.getAuthType() == null) {
throw new PicaException(PicaResultCode.PARAM_IS_BLANK.code(), "鉴权类型为空");
}
if (authDto.getAuthType() == AuthTypeEnum.ROLE && StringUtils.isBlank(authDto.getRoleCode())) {
throw new PicaException(PicaResultCode.PARAM_IS_BLANK.code(), "角色编码为空");
}
if (authDto.getAuthType() == AuthTypeEnum.URL && StringUtils.isBlank(authDto.getUrl())) {
throw new PicaException(PicaResultCode.PARAM_IS_BLANK.code(), "资源url为空");
}
}
}
server/src/main/java/com/pica/cloud/permission/permission/server/validation/RoleResourceValidation.java 0 → 100644
浏览文件 @ 6fc7a470
package com.pica.cloud.permission.permission.server.validation;
import com.pica.cloud.foundation.entity.PicaException;
import com.pica.cloud.foundation.entity.PicaResultCode;
import com.pica.cloud.permission.permission.server.entity.RoleResource;
/**
* @author andong
* @create 2019/9/3
*/
public class RoleResourceValidation {
public static void addRoleResourceValidate(RoleResource roleResource) {
if (roleResource.getRoleId() == null) {
throw new PicaException(PicaResultCode.PARAM_IS_BLANK.code(), "角色ID为空");
}
if (roleResource.getResourceId() == null) {
throw new PicaException(PicaResultCode.PARAM_IS_BLANK.code(), "资源ID为空");
}
if (roleResource.getCreatedId() == null) {
throw new PicaException(PicaResultCode.PARAM_IS_BLANK.code(), "操作人ID为空");
}
}
}
server/src/main/java/com/pica/cloud/permission/permission/server/validation/UserRoleValidation.java 0 → 100644
浏览文件 @ 6fc7a470
package com.pica.cloud.permission.permission.server.validation;
import com.pica.cloud.foundation.entity.PicaException;
import com.pica.cloud.foundation.entity.PicaResultCode;
import com.pica.cloud.permission.permission.common.dto.UserRoleDto;
import org.apache.commons.lang.StringUtils;
/**
* @author andong
* @create 2019/9/3
*/
public class UserRoleValidation {
public static void addUserRoleValidate(UserRoleDto userRoleDto) {
if (userRoleDto.getProductType() == null) {
throw new PicaException(PicaResultCode.PARAM_IS_BLANK.code(), "产品线类型为空");
}
if (userRoleDto.getUserId() == null) {
throw new PicaException(PicaResultCode.PARAM_IS_BLANK.code(), "用户ID为空");
}
if (userRoleDto.getRoleId() == null && StringUtils.isBlank(userRoleDto.getRoleCode())) {
throw new PicaException(PicaResultCode.PARAM_IS_BLANK.code(), "角色ID或角色编码为空");
}
if (userRoleDto.getCreatedId() == null) {
throw new PicaException(PicaResultCode.PARAM_IS_BLANK.code(), "操作人ID为空");
}
}
public static void deleteUserRoleValidate(UserRoleDto userRoleDto) {
if (userRoleDto.getProductType() == null) {
throw new PicaException(PicaResultCode.PARAM_IS_BLANK.code(), "产品线类型为空");
}
if (userRoleDto.getUserId() == null) {
throw new PicaException(PicaResultCode.PARAM_IS_BLANK.code(), "用户ID为空");
}
if (userRoleDto.getRoleId() == null && StringUtils.isBlank(userRoleDto.getRoleCode())) {
throw new PicaException(PicaResultCode.PARAM_IS_BLANK.code(), "角色ID或角色编码为空");
}
if (userRoleDto.getModifiedId() == null) {
throw new PicaException(PicaResultCode.PARAM_IS_BLANK.code(), "操作人ID为空");
}
}
}
server/src/main/resources/mybatis/RoleResourceMapper.xml
浏览文件 @ 6fc7a470
......@@ -19,11 +19,15 @@
modified_id, modified_time
</sql>
<select id="getByRoleId" parameterType="java.lang.Integer" resultMap="BaseResultMap">
select
<include refid="Base_Column_List" />
from perm_role_resource
where role_id = #{roleId,jdbcType=INTEGER} and delete_flag = 1
<select id="getByRoleId" resultType="com.pica.cloud.permission.permission.common.dto.RoleResourceDto" parameterType="java.lang.Integer">
select rr.role_id as roleId, r.code as roleCode, r.name as roleName,
re.id as resourceId, re.code as resourceCode, re.name as resourceName, re.url,
dp.id as dataPrivilegeId, dp.description, dp.config, dp.config_ext as configExt
from perm_role_resource rr
join perm_role r on rr.role_id = r.id and r.delete_flag = 1
join perm_resource re on rr.resource_id = re.id and re.delete_flag = 1
left join perm_data_privilege dp on rr.data_privilege_id = dp.id and dp.delete_flag = 1
where rr.role_id = #{roleId} and rr.delete_flag = 1
</select>
<insert id="insertSelective" parameterType="com.pica.cloud.permission.permission.server.entity.RoleResource">
......@@ -118,4 +122,11 @@
where role_id = #{roleId}
</update>
<select id="checkResourceUsed" resultType="java.lang.Integer" parameterType="java.lang.Integer">
select id
from perm_role_resource
where resource_id = #{resourceId} and delete_flag = 1
limit 1
</select>
</mapper>
\ No newline at end of file
server/src/main/resources/mybatis/UserRoleMapper.xml
浏览文件 @ 6fc7a470
<?xml version="1.0" encoding="UTF-8"?>
<!DOCTYPE mapper PUBLIC "-//mybatis.org//DTD Mapper 3.0//EN" "http://mybatis.org/dtd/mybatis-3-mapper.dtd">
<mapper namespace="com.pica.cloud.permission.permission.server.mapper.UserRoleMapper">
<resultMap id="BaseResultMap" type="com.pica.cloud.permission.permission.server.entity.UserRole">
<id column="id" jdbcType="INTEGER" property="id" />
<result column="product_type" jdbcType="INTEGER" property="productType" />
......@@ -12,36 +13,24 @@
<result column="modified_id" jdbcType="INTEGER" property="modifiedId" />
<result column="modified_time" jdbcType="TIMESTAMP" property="modifiedTime" />
</resultMap>
<sql id="Base_Column_List">
id, product_type, user_id, role_id, delete_flag, created_id, created_time, modified_id,
modified_time
</sql>
<select id="selectByPrimaryKey" parameterType="java.lang.Integer" resultMap="BaseResultMap">
select
<include refid="Base_Column_List" />
from perm_user_role
where id = #{id,jdbcType=INTEGER}
<select id="getByUserId" resultType="com.pica.cloud.permission.permission.common.dto.UserRoleDto">
select ur.id, ur.product_type as productType, ur.user_id as userId, ur.role_id as roleId,
r.code as roleCode, r.name as roleName
from perm_user_role ur
join perm_role r on ur.role_id = r.id
where ur.user_id = #{userId} and ur.product_type = #{productType}
and ur.delete_flag = 1 and r.delete_flag = 1
</select>
<delete id="deleteByPrimaryKey" parameterType="java.lang.Integer">
delete from perm_user_role
where id = #{id,jdbcType=INTEGER}
</delete>
<insert id="insert" parameterType="com.pica.cloud.permission.permission.server.entity.UserRole">
insert into perm_user_role (id, product_type, user_id,
role_id, delete_flag, created_id,
created_time, modified_id, modified_time
)
values (#{id,jdbcType=INTEGER}, #{productType,jdbcType=INTEGER}, #{userId,jdbcType=INTEGER},
#{roleId,jdbcType=INTEGER}, #{deleteFlag,jdbcType=INTEGER}, #{createdId,jdbcType=INTEGER},
#{createdTime,jdbcType=TIMESTAMP}, #{modifiedId,jdbcType=INTEGER}, #{modifiedTime,jdbcType=TIMESTAMP}
)
</insert>
<insert id="insertSelective" parameterType="com.pica.cloud.permission.permission.server.entity.UserRole">
insert into perm_user_role
<trim prefix="(" suffix=")" suffixOverrides=",">
<if test="id != null">
id,
</if>
<if test="productType != null">
product_type,
</if>
......@@ -68,9 +57,6 @@
</if>
</trim>
<trim prefix="values (" suffix=")" suffixOverrides=",">
<if test="id != null">
#{id,jdbcType=INTEGER},
</if>
<if test="productType != null">
#{productType,jdbcType=INTEGER},
</if>
......@@ -97,6 +83,7 @@
</if>
</trim>
</insert>
<update id="updateByPrimaryKeySelective" parameterType="com.pica.cloud.permission.permission.server.entity.UserRole">
update perm_user_role
<set>
......@@ -127,16 +114,18 @@
</set>
where id = #{id,jdbcType=INTEGER}
</update>
<update id="updateByPrimaryKey" parameterType="com.pica.cloud.permission.permission.server.entity.UserRole">
<update id="deleteUserRole" parameterType="com.pica.cloud.permission.permission.server.entity.UserRole">
update perm_user_role
set product_type = #{productType,jdbcType=INTEGER},
user_id = #{userId,jdbcType=INTEGER},
role_id = #{roleId,jdbcType=INTEGER},
delete_flag = #{deleteFlag,jdbcType=INTEGER},
created_id = #{createdId,jdbcType=INTEGER},
created_time = #{createdTime,jdbcType=TIMESTAMP},
modified_id = #{modifiedId,jdbcType=INTEGER},
modified_time = #{modifiedTime,jdbcType=TIMESTAMP}
where id = #{id,jdbcType=INTEGER}
set delete_flag = 2, modified_time = now(), modified_id = #{modifiedId}
where product_type = #{productType} and user_id = #{userId} and role_id = #{roleId}
</update>
<select id="checkRoleUsed" resultType="java.lang.Integer" parameterType="java.lang.Integer">
select id
from perm_user_role
where role_id = #{roleId} and delete_flag = 1
limit 1
</select>
</mapper>
\ No newline at end of file
Markdown 格式
0% or
您添加了 0 到此讨论。请谨慎行事。
先完成此消息的编辑!
想要评论请 注册