diff --git a/inventory-ent/pom.xml b/inventory-ent/pom.xml
index 42f2986..3891f5e 100644
--- a/inventory-ent/pom.xml
+++ b/inventory-ent/pom.xml
@@ -211,7 +211,6 @@
compile
-
diff --git a/inventory-ent/src/main/java/com/rzyc/config/SecurityConfig.java b/inventory-ent/src/main/java/com/rzyc/config/SecurityConfig.java
index a785852..5c7218a 100644
--- a/inventory-ent/src/main/java/com/rzyc/config/SecurityConfig.java
+++ b/inventory-ent/src/main/java/com/rzyc/config/SecurityConfig.java
@@ -36,10 +36,6 @@ public class SecurityConfig extends WebSecurityConfigurerAdapter {
*/
private UserDetailsService userService;
- /**
- * 数据库用户连接
- */
- private PasswordEncoder passwordEncoder;
/**
* token jwt 验证拦截器
@@ -47,9 +43,8 @@ public class SecurityConfig extends WebSecurityConfigurerAdapter {
private JwtAuthenticationTokenFiler jwtAuthenticationTokenFiler;
@Autowired
- public void setSecurityConfigFinder(UserDetailsService userService,PasswordEncoder passwordEncoder,JwtAuthenticationTokenFiler jwtAuthenticationTokenFiler) {
+ public void setSecurityConfigFinder(UserDetailsService userService,JwtAuthenticationTokenFiler jwtAuthenticationTokenFiler) {
this.userService = userService;
- this.passwordEncoder = passwordEncoder;
this.jwtAuthenticationTokenFiler = jwtAuthenticationTokenFiler;
}
@@ -97,7 +92,7 @@ public class SecurityConfig extends WebSecurityConfigurerAdapter {
@Override
protected void configure(AuthenticationManagerBuilder auth) throws Exception {
// 配置数据库访问,认证步骤
- auth.userDetailsService(userService).passwordEncoder(passwordEncoder);
+ auth.userDetailsService(userService);
}
}
diff --git a/inventory-ent/src/main/java/com/rzyc/config/UserDetailsServiceImpl.java b/inventory-ent/src/main/java/com/rzyc/config/UserDetailsServiceImpl.java
index e354cad..47dc300 100644
--- a/inventory-ent/src/main/java/com/rzyc/config/UserDetailsServiceImpl.java
+++ b/inventory-ent/src/main/java/com/rzyc/config/UserDetailsServiceImpl.java
@@ -11,6 +11,7 @@ import org.springframework.security.core.userdetails.UsernameNotFoundException;
import org.springframework.security.crypto.password.PasswordEncoder;
import org.springframework.stereotype.Service;
import java.util.ArrayList;
+import java.util.Collection;
import java.util.List;
import java.util.Objects;
@@ -33,6 +34,8 @@ public class UserDetailsServiceImpl implements UserDetailsService {
* */
private EntUserMapper entUserMapper;
+
+
@Autowired
public void UserDetailsServiceImplFinder(PasswordEncoder passwordEncoder,EntUserMapper entUserMapper) {
this.passwordEncoder = passwordEncoder;
@@ -49,11 +52,13 @@ public class UserDetailsServiceImpl implements UserDetailsService {
if (Objects.isNull(entUser)){
throw new UsernameNotFoundException("用户名或密码错误");
}
+
// 获取用户权限
List authority= new ArrayList();
//给通过登陆的进行role权限,也可以根据业务调整
authority.add(new SimpleGrantedAuthority("ROLE_ADMIN"));
- return new EntUserDetails(entUser.getName(), passwordEncoder.encode(entUser.getPasswd()), authority,entUser.getEntUserId());
+
+ return new EntUserDetails(entUser.getName(), passwordEncoder.encode(entUser.getPasswd()), authority,entUser.getEntUserId());
}
}
diff --git a/inventory-ent/src/main/java/com/rzyc/controller/PersonalController.java b/inventory-ent/src/main/java/com/rzyc/controller/PersonalController.java
index cb8a6bf..d43b4f4 100644
--- a/inventory-ent/src/main/java/com/rzyc/controller/PersonalController.java
+++ b/inventory-ent/src/main/java/com/rzyc/controller/PersonalController.java
@@ -155,7 +155,7 @@ public class PersonalController extends BaseController{
@ApiImplicitParam(name = "postId", value = "企业用户岗位id",required = false, dataType = "string"),
})
@PostMapping(value = "/entUserTree")
- @PreAuthorize("hasRole('ADMIN')")
+ @PreAuthorize("hasAnyAuthority('PERSONAL:ENTUSERTREE','PERSONAL:ENTUSERTREE:UPDATE')")
@ResponseBody
public SingleResult> entUserTree(String enterpriseId, String postId)throws Exception{
return pcBusinessService.entUserTree(enterpriseId,postId);
diff --git a/inventory-ent/src/main/java/com/rzyc/filter/JwtAuthenticationTokenFiler.java b/inventory-ent/src/main/java/com/rzyc/filter/JwtAuthenticationTokenFiler.java
index e65b6b8..0d73027 100644
--- a/inventory-ent/src/main/java/com/rzyc/filter/JwtAuthenticationTokenFiler.java
+++ b/inventory-ent/src/main/java/com/rzyc/filter/JwtAuthenticationTokenFiler.java
@@ -64,7 +64,7 @@ public class JwtAuthenticationTokenFiler extends OncePerRequestFilter {
filterChain.doFilter(request, response);
}catch (AccessDeniedException e){
System.out.println("权限失败");
- throw new CustomException("无权限");
+ throw new CustomException("无权限操作");
}catch (Exception e){
e.printStackTrace();
}
diff --git a/inventory-gov/pom.xml b/inventory-gov/pom.xml
index 0e532e1..01491bc 100644
--- a/inventory-gov/pom.xml
+++ b/inventory-gov/pom.xml
@@ -193,6 +193,23 @@
+
+
+ org.springframework.security
+ spring-security-core
+ 5.2.2.RELEASE
+
+
+ org.springframework.security
+ spring-security-config
+ 5.2.2.RELEASE
+
+
+ org.springframework.security
+ spring-security-web
+ 5.7.3
+
+