ganzi/ganzi-api
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

工作要务接口,authority_key 权限表,登陆查询权限表完成权限功能

Browse Source
This commit is contained in:
79493 2022-10-08 17:33:31 +08:00
parent 7aa891969a
commit cfd3e38c05
14 changed files with 728 additions and 25 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

26
inventory-dao/src/main/java/com/rzyc/mapper/AuthorityKeyMapper.java Normal file
View File

@ -0,0 +1,26 @@
package com.rzyc.mapper;
import com.rzyc.model.AuthorityKey;
import com.baomidou.mybatisplus.core.mapper.BaseMapper;
import org.springframework.stereotype.Repository;
import java.util.List;
/**
* <p>
* Mapper 接口
* </p>
*
* @author
* @since 2022-10-08
*/
@Repository
public interface AuthorityKeyMapper extends BaseMapper<AuthorityKey> {
/**
* 查询所有权限
* @return AuthorityKey 所有权限的key
* */
List<AuthorityKey>allAuthorizations();
}

30
inventory-dao/src/main/java/com/rzyc/mapper/EntPostListMapper.java Normal file
View File

@ -0,0 +1,30 @@
package com.rzyc.mapper;
import com.rzyc.model.EntPostList;
import com.baomidou.mybatisplus.core.mapper.BaseMapper;
import org.apache.ibatis.annotations.Param;
import org.springframework.stereotype.Repository;
import java.util.List;
/**
* <p>
* 工作要务清单 Mapper 接口
* </p>
*
* @author
* @since 2022-10-08
*/
@Repository
public interface EntPostListMapper extends BaseMapper<EntPostList> {
/**
* 查询企业用户工作要务
* @param enterpriseId 企业id
* @param entUserId 企业用户id
* @param postId 岗位id
* @return EntPostList 企业用户工作要务
* */
List<EntPostList>selectEntPostList(@Param("enterpriseId") String enterpriseId,@Param("entUserId") String entUserId,@Param("postId")String postId);
}

97
inventory-dao/src/main/java/com/rzyc/model/AuthorityKey.java Normal file
View File

@ -0,0 +1,97 @@
package com.rzyc.model;
import com.baomidou.mybatisplus.annotation.TableName;
import java.util.Date;
import com.baomidou.mybatisplus.annotation.TableId;
import com.baomidou.mybatisplus.annotation.TableField;
import java.io.Serializable;
import io.swagger.annotations.ApiModel;
import io.swagger.annotations.ApiModelProperty;
/**
* <p>
*
* </p>
*
* @author
* @since 2022-10-08
*/
@TableName("authority_key")
@ApiModel(value="AuthorityKey对象", description="")
public class AuthorityKey implements Serializable {
private static final long serialVersionUID = 1L;
@TableId("id")
private String id;
@TableField("parent_resource")
private String parentResource;
@TableField("auth_key")
private String authKey;
@TableField("create_time")
private Date createTime;
@TableField("modify_time")
private Date modifyTime;
@TableField("category")
private String category;
public String getId() {
return id;
}
public void setId(String id) {
this.id = id;
}
public String getParentResource() {
return parentResource;
}
public void setParentResource(String parentResource) {
this.parentResource = parentResource;
}
public String getAuthKey() {
return authKey;
}
public void setAuthKey(String authKey) {
this.authKey = authKey;
}
public Date getCreateTime() {
return createTime;
}
public void setCreateTime(Date createTime) {
this.createTime = createTime;
}
public Date getModifyTime() {
return modifyTime;
}
public void setModifyTime(Date modifyTime) {
this.modifyTime = modifyTime;
}
public String getCategory() {
return category;
}
public void setCategory(String category) {
this.category = category;
}
@Override
public String toString() {
return "AuthorityKey{" +
"id=" + id +
", parentResource=" + parentResource +
", authKey=" + authKey +
", createTime=" + createTime +
", modifyTime=" + modifyTime +
", category=" + category +
"}";
}
}

282
inventory-dao/src/main/java/com/rzyc/model/EntPostList.java Normal file
View File

@ -0,0 +1,282 @@
package com.rzyc.model;
import com.baomidou.mybatisplus.annotation.TableName;
import java.util.Date;
import com.baomidou.mybatisplus.annotation.TableId;
import com.baomidou.mybatisplus.annotation.TableField;
import java.io.Serializable;
import io.swagger.annotations.ApiModel;
import io.swagger.annotations.ApiModelProperty;
/**
* <p>
* 工作要务清单
* </p>
*
* @author
* @since 2022-10-08
*/
@TableName("ent_post_list")
@ApiModel(value="EntPostList对象", description="工作要务清单")
public class EntPostList implements Serializable {
private static final long serialVersionUID = 1L;
@ApiModelProperty(value = "岗位清单id")
@TableId("post_list_id")
private String postListId;
@ApiModelProperty(value = "岗位id")
@TableField("post_id")
private String postId;
@ApiModelProperty(value = "企业用户id")
@TableField("ent_user_id")
private String entUserId;
@ApiModelProperty(value = "企业id")
@TableField("enterprise_id")
private String enterpriseId;
@ApiModelProperty(value = "企业清单项id")
@TableField("ent_list_id")
private String entListId;
@ApiModelProperty(value = "清单id")
@TableField("list_id")
private String listId;
@ApiModelProperty(value = "清单标题")
@TableField("item_title")
private String itemTitle;
@ApiModelProperty(value = "清单内容")
@TableField("item_content")
private String itemContent;
@ApiModelProperty(value = "排序")
@TableField("sort_id")
private Integer sortId;
@ApiModelProperty(value = "年份")
@TableField("year_num")
private Integer yearNum;
@ApiModelProperty(value = "考核指标 1:每年 2每半年 4每季度 12:每月")
@TableField("standard")
private Integer standard;
@ApiModelProperty(value = "频率")
@TableField("frequency")
private Integer frequency;
@ApiModelProperty(value = "完成状态 1未完成 2已完成")
@TableField("finish_state")
private Integer finishState;
@ApiModelProperty(value = "红色提醒天数")
@TableField("red_alert")
private Integer redAlert;
@ApiModelProperty(value = "黄色提醒天数")
@TableField("yellow_alert")
private Integer yellowAlert;
@ApiModelProperty(value = "删除状态 1正常 2:已删除")
@TableField("del_state")
private Integer delState;
@ApiModelProperty(value = "创建时间")
@TableField("create_time")
private Date createTime;
@ApiModelProperty(value = "创建人")
@TableField("create_by")
private String createBy;
@ApiModelProperty(value = "修改时间")
@TableField("modify_time")
private Date modifyTime;
@ApiModelProperty(value = "修改人")
@TableField("modify_by")
private String modifyBy;
@TableField(exist = false)
private Integer finishCount;
public Integer getFinishCount() {
return finishCount;
}
public void setFinishCount(Integer finishCount) {
this.finishCount = finishCount;
}
public String getPostListId() {
return postListId;
}
public void setPostListId(String postListId) {
this.postListId = postListId;
}
public String getPostId() {
return postId;
}
public void setPostId(String postId) {
this.postId = postId;
}
public String getEntUserId() {
return entUserId;
}
public void setEntUserId(String entUserId) {
this.entUserId = entUserId;
}
public String getEnterpriseId() {
return enterpriseId;
}
public void setEnterpriseId(String enterpriseId) {
this.enterpriseId = enterpriseId;
}
public String getEntListId() {
return entListId;
}
public void setEntListId(String entListId) {
this.entListId = entListId;
}
public String getListId() {
return listId;
}
public void setListId(String listId) {
this.listId = listId;
}
public String getItemTitle() {
return itemTitle;
}
public void setItemTitle(String itemTitle) {
this.itemTitle = itemTitle;
}
public String getItemContent() {
return itemContent;
}
public void setItemContent(String itemContent) {
this.itemContent = itemContent;
}
public Integer getSortId() {
return sortId;
}
public void setSortId(Integer sortId) {
this.sortId = sortId;
}
public Integer getYearNum() {
return yearNum;
}
public void setYearNum(Integer yearNum) {
this.yearNum = yearNum;
}
public Integer getStandard() {
return standard;
}
public void setStandard(Integer standard) {
this.standard = standard;
}
public Integer getFrequency() {
return frequency;
}
public void setFrequency(Integer frequency) {
this.frequency = frequency;
}
public Integer getFinishState() {
return finishState;
}
public void setFinishState(Integer finishState) {
this.finishState = finishState;
}
public Integer getRedAlert() {
return redAlert;
}
public void setRedAlert(Integer redAlert) {
this.redAlert = redAlert;
}
public Integer getYellowAlert() {
return yellowAlert;
}
public void setYellowAlert(Integer yellowAlert) {
this.yellowAlert = yellowAlert;
}
public Integer getDelState() {
return delState;
}
public void setDelState(Integer delState) {
this.delState = delState;
}
public Date getCreateTime() {
return createTime;
}
public void setCreateTime(Date createTime) {
this.createTime = createTime;
}
public String getCreateBy() {
return createBy;
}
public void setCreateBy(String createBy) {
this.createBy = createBy;
}
public Date getModifyTime() {
return modifyTime;
}
public void setModifyTime(Date modifyTime) {
this.modifyTime = modifyTime;
}
public String getModifyBy() {
return modifyBy;
}
public void setModifyBy(String modifyBy) {
this.modifyBy = modifyBy;
}
@Override
public String toString() {
return "EntPostList{" +
"postListId=" + postListId +
", postId=" + postId +
", entUserId=" + entUserId +
", enterpriseId=" + enterpriseId +
", entListId=" + entListId +
", listId=" + listId +
", itemTitle=" + itemTitle +
", itemContent=" + itemContent +
", sortId=" + sortId +
", yearNum=" + yearNum +
", standard=" + standard +
", frequency=" + frequency +
", finishState=" + finishState +
", redAlert=" + redAlert +
", yellowAlert=" + yellowAlert +
", delState=" + delState +
", createTime=" + createTime +
", createBy=" + createBy +
", modifyTime=" + modifyTime +
", modifyBy=" + modifyBy +
"}";
}
}

24
inventory-dao/src/main/resources/mapper/AuthorityKeyMapper.xml Normal file
View File

@ -0,0 +1,24 @@
<?xml version="1.0" encoding="UTF-8"?>
<!DOCTYPE mapper PUBLIC "-//mybatis.org//DTD Mapper 3.0//EN" "http://mybatis.org/dtd/mybatis-3-mapper.dtd">
<mapper namespace="com.rzyc.mapper.AuthorityKeyMapper">
<!-- 通用查询映射结果 -->
<resultMap id="BaseResultMap" type="com.rzyc.model.AuthorityKey">
<id column="id" property="id" />
<result column="parent_resource" property="parentResource" />
<result column="auth_key" property="authKey" />
<result column="create_time" property="createTime" />
<result column="modify_time" property="modifyTime" />
<result column="category" property="category" />
</resultMap>
<!-- 通用查询结果列 -->
<sql id="Base_Column_List">
id, parent_resource, auth_key, create_time, modify_time, category
</sql>
<select id="allAuthorizations" resultMap="BaseResultMap">
select category,auth_key from authority_key
</select>
</mapper>

44
inventory-dao/src/main/resources/mapper/EntPostListMapper.xml Normal file
View File

@ -0,0 +1,44 @@
<?xml version="1.0" encoding="UTF-8"?>
<!DOCTYPE mapper PUBLIC "-//mybatis.org//DTD Mapper 3.0//EN" "http://mybatis.org/dtd/mybatis-3-mapper.dtd">
<mapper namespace="com.rzyc.mapper.EntPostListMapper">
<!-- 通用查询映射结果 -->
<resultMap id="BaseResultMap" type="com.rzyc.model.EntPostList">
<id column="post_list_id" property="postListId" />
<result column="post_id" property="postId" />
<result column="ent_user_id" property="entUserId" />
<result column="enterprise_id" property="enterpriseId" />
<result column="ent_list_id" property="entListId" />
<result column="list_id" property="listId" />
<result column="item_title" property="itemTitle" />
<result column="item_content" property="itemContent" />
<result column="sort_id" property="sortId" />
<result column="year_num" property="yearNum" />
<result column="standard" property="standard" />
<result column="frequency" property="frequency" />
<result column="finish_state" property="finishState" />
<result column="red_alert" property="redAlert" />
<result column="yellow_alert" property="yellowAlert" />
<result column="del_state" property="delState" />
<result column="create_time" property="createTime" />
<result column="create_by" property="createBy" />
<result column="modify_time" property="modifyTime" />
<result column="modify_by" property="modifyBy" />
<result column="finishCount" property="finishCount"/>
</resultMap>
<!-- 通用查询结果列 -->
<sql id="Base_Column_List">
post_list_id, post_id, ent_user_id, enterprise_id, ent_list_id, list_id, item_title, item_content, sort_id, year_num, standard, frequency, finish_state, red_alert, yellow_alert, del_state, create_time, create_by, modify_time, modify_by
</sql>
<select id="selectEntPostList" resultMap="BaseResultMap">
select epl.*,sum(case when task_state = 2 then 1 else 0 end)as finishCount from ent_post_list epl left join ent_post_task ept on epl.post_list_id = ept.post_list_id
where epl.enterprise_id = #{enterpriseId} and epl.ent_user_id = #{entUserId}
<if test="null !=postId and '' != postId">
and epl.post_id = #{postId}
</if>
group by epl.post_list_id
</select>
</mapper>

23
inventory-ent/src/main/java/com/rzyc/config/MethodAnnotation.java Normal file
View File

@ -0,0 +1,23 @@
package com.rzyc.config;
import java.lang.annotation.*;
/**
* 注解参数插入数据库
* @author Xuwanxin
* @date 2022/10/8
* */
@Documented
@Retention(RetentionPolicy.RUNTIME)
@Inherited
@Target(ElementType.METHOD)//注解作用于方法
public @interface MethodAnnotation {
String[] authorizations()default {"no authorization"};
String authorization()default "no authorization";
}

99
inventory-ent/src/main/java/com/rzyc/config/MethodSignature.java Normal file
View File

@ -0,0 +1,99 @@
package com.rzyc.config;
import com.common.utils.DateUtils;
import com.common.utils.RandomNumber;
import com.rzyc.config.MethodAnnotation;
import com.rzyc.controller.PersonalController;
import com.zaxxer.hikari.HikariConfig;
import com.zaxxer.hikari.HikariDataSource;
import java.lang.reflect.Method;
import java.sql.*;
/**
* 获取方法中的注解参数插入数据库
*
* @author Xuwanxin
* @date 2022/10/8
*/
public class MethodSignature {
public static void main(String[] args) {
//反射获取所有方法
Method[] methods = PersonalController.class.getMethods();
insertAnnotation(methods);
}
private static HikariDataSource buildingSource() {
//配置文件
HikariConfig hikariConfig = new HikariConfig();
//mysql
hikariConfig.setJdbcUrl("jdbc:mysql://121.40.106.103:3306/inventory_db?useUnicode=true&characterEncoding=UTF-8&serverTimezone=GMT%2B8&useSSL=false");
hikariConfig.setDriverClassName("com.mysql.cj.jdbc.Driver");
hikariConfig.setUsername("rzyc");
hikariConfig.setPassword("admin@rzyc2022.com##");
hikariConfig.addDataSourceProperty("minimumIdle", "3");
hikariConfig.addDataSourceProperty("maximumPoolSize", "10");
hikariConfig.addDataSourceProperty("maxLifetime", "30000");
HikariDataSource ds = new HikariDataSource(hikariConfig);
return ds;
}
private static void insertAnnotation(Method[] methods) {
try {
//创建connection
Connection con = buildingSource().getConnection();
Statement statement = con.createStatement();
PreparedStatement preparedStatement = con.prepareStatement("INSERT INTO `authority_key`(id,parent_resource,auth_key,category,create_time,modify_time) VALUES (?,?,?,?,?,?);");
con.setAutoCommit(false);
long startTime = System.currentTimeMillis();
if (methods.length>0){
statement.execute("truncate table authority_key");
}
//遍历所有方法
for (Method m : methods) {
//判断方法是否有MethodAnnotation注解
if (m.isAnnotationPresent(MethodAnnotation.class)) {
MethodAnnotation annotation = m.getAnnotation(MethodAnnotation.class);
for (String name : annotation.authorizations()) {
String str = name.substring(name.indexOf(":")+1,name.length());
/* ResultSet rs = statement.executeQuery("select auth_key from authority_key where auth_key ='"+str+"'");
//取数据
if (rs.next()) {
} else {}*/
String category = name.substring(0,name.indexOf(":"));
preparedStatement.setString(1, RandomNumber.getUUid());
preparedStatement.setString(2,null);
preparedStatement.setString(3,str);
preparedStatement.setString(4,category);
preparedStatement.setString(5, DateUtils.getNowDateTimeStr());
preparedStatement.setString(6,DateUtils.getNowDateTimeStr());
preparedStatement.addBatch();
}
preparedStatement.executeBatch();
}
}
long endTime = System.currentTimeMillis();
con.commit();
System.out.println("用时:" + (endTime-startTime));
//关闭connection
con.close();
} catch (SQLException e) {
e.printStackTrace();
}
}
}

7
inventory-ent/src/main/java/com/rzyc/config/SecurityConfig.java
View File

@ -4,19 +4,14 @@ import com.rzyc.filter.JwtAuthenticationTokenFiler;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.context.annotation.Bean;
import org.springframework.context.annotation.Configuration;
import org.springframework.security.authentication.AuthenticationManager;
import org.springframework.security.config.annotation.authentication.builders.AuthenticationManagerBuilder;
import org.springframework.security.config.annotation.method.configuration.EnableGlobalMethodSecurity;
import org.springframework.security.config.annotation.web.builders.HttpSecurity;
import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity;
import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter;
import org.springframework.security.config.http.SessionCreationPolicy;
import org.springframework.security.core.userdetails.UserDetailsService;
import org.springframework.security.crypto.bcrypt.BCryptPasswordEncoder;
import org.springframework.security.crypto.password.PasswordEncoder;
import org.springframework.security.web.authentication.UsernamePasswordAuthenticationFilter;
@ -69,7 +64,7 @@ public class SecurityConfig extends WebSecurityConfigurerAdapter {
http
.authorizeRequests()
// 对于登录接口 允许匿名访问
.antMatchers("/personal/login","/personal/entlogin").permitAll()
.antMatchers("/personal/login","/personal/entlogin").anonymous()
//放行swagger
.antMatchers("/swagger-ui.html","/swagger-resources/**","/webjars/**","/v2/**","/api/**").permitAll()
// 除上面外的所有请求全部需要鉴权认证,配置退出路径

20
inventory-ent/src/main/java/com/rzyc/config/UserDetailsServiceImpl.java
View File

@ -1,6 +1,8 @@
package com.rzyc.config;
import com.rzyc.mapper.AuthorityKeyMapper;
import com.rzyc.mapper.ent.EntUserMapper;
import com.rzyc.model.AuthorityKey;
import com.rzyc.model.ent.EntUser;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.security.core.GrantedAuthority;
@ -24,6 +26,8 @@ import java.util.Objects;
@Service("userService")
public class UserDetailsServiceImpl implements UserDetailsService {
/**
* 内存过程密码加密
* */
@ -34,12 +38,13 @@ public class UserDetailsServiceImpl implements UserDetailsService {
* */
private EntUserMapper entUserMapper;
private AuthorityKeyMapper authorityKeyMapper;
@Autowired
public void UserDetailsServiceImplFinder(PasswordEncoder passwordEncoder,EntUserMapper entUserMapper) {
public void UserDetailsServiceImplFinder(PasswordEncoder passwordEncoder,EntUserMapper entUserMapper,AuthorityKeyMapper authorityKeyMapper) {
this.passwordEncoder = passwordEncoder;
this.entUserMapper = entUserMapper;
this.authorityKeyMapper = authorityKeyMapper;
}
@ -52,12 +57,13 @@ public class UserDetailsServiceImpl implements UserDetailsService {
if (Objects.isNull(entUser)){
throw new UsernameNotFoundException("用户名或密码错误");
}
// 获取用户权限
List<GrantedAuthority> authority= new ArrayList<GrantedAuthority>();
//给通过登陆的进行role权限也可以根据业务调整
authority.add(new SimpleGrantedAuthority("ROLE_ADMIN"));
List<AuthorityKey>authorizations = authorityKeyMapper.allAuthorizations();
StringBuilder stringBuilder = new StringBuilder();
for (AuthorityKey s:authorizations) {
stringBuilder.append(s.getCategory() +":"+s.getAuthKey());
authority.add(new SimpleGrantedAuthority(stringBuilder.toString()));
}
return new EntUserDetails(entUser.getName(), passwordEncoder.encode(entUser.getPasswd()), authority,entUser.getEntUserId());
}

4
inventory-ent/src/main/java/com/rzyc/controller/BaseController.java
View File

@ -458,6 +458,10 @@ public class BaseController {
@Autowired
protected EntPostMapper entPostMapper;
//企业用户工作要务
@Autowired
protected EntPostListMapper entPostListMapper;
/**
* 新都文件地址处理
* @param url

51
inventory-ent/src/main/java/com/rzyc/controller/PersonalController.java
View File

@ -14,6 +14,7 @@ import com.rzyc.service.UserLoginService;
import com.rzyc.bean.user.dto.WeChartLoginDto;
import com.rzyc.model.ent.SysEnterprise;
import com.rzyc.model.user.SysUser;
import com.rzyc.config.MethodAnnotation;
import io.swagger.annotations.Api;
import io.swagger.annotations.ApiImplicitParam;
import io.swagger.annotations.ApiImplicitParams;
@ -154,14 +155,62 @@ public class PersonalController extends BaseController{
@ApiImplicitParam(name = "enterpriseId", value = "公司id", required = true, dataType = "string"),
@ApiImplicitParam(name = "postId", value = "企业用户岗位id",required = false, dataType = "string"),
})
@PostMapping(value = "/entUserTree")
@GetMapping(value = "/entUserTree")
@PreAuthorize("hasAnyAuthority('PERSONAL:ENTUSERTREE','PERSONAL:ENTUSERTREE:UPDATE')")
@MethodAnnotation(authorizations = {"PERSONAL:ENTUSERTREE","PERSONAL:ENTUSERTREE:UPDATE"})
@ResponseBody
public SingleResult<List<EntUser>> entUserTree(String enterpriseId, String postId)throws Exception{
return pcBusinessService.entUserTree(enterpriseId,postId);
}
/**
* 企业用户工作要务
* @param enterpriseId 企业id
* @param entUserId 企业用户id
* @param postId 企业用户岗位id
* @return 企业用户工作要务
* @throws Exception
*/
@ApiOperation(value = "企业用户工作要务", notes = "企业用户工作要务")
@ApiImplicitParams({
@ApiImplicitParam(name = "enterpriseId", value = "公司id", required = true, dataType = "string"),
@ApiImplicitParam(name = "entUserId", value = "企业用户id", required = true, dataType = "string"),
@ApiImplicitParam(name = "postId", value = "企业用户岗位id",required = false, dataType = "string"),
})
@GetMapping(value = "/entUserPostList")
@PreAuthorize("hasAnyAuthority('PERSONAL:ENTUSERPOSTLIST','PERSONAL:ENTUSERPOSTLIST:UPDATE')")
@MethodAnnotation(authorizations = {"PERSONAL:ENTUSERPOSTLIST","PERSONAL:ENTUSERPOSTLIST:UPDATE"})
@ResponseBody
public SingleResult entUserPostList(String enterpriseId, String entUserId,String postId)throws Exception{
return pcBusinessService.entUserPostList(enterpriseId,entUserId,postId);
}
/**
* 企业用户工作清单
* @param enterpriseId 企业id
* @param postId 岗位id
* @param listId 清单id
* @param entUserId 企业用户id
* @return 企业用户工作清单
* @throws Exception
*/
@ApiOperation(value = "企业用户工作清单", notes = "企业用户工作清单")
@ApiImplicitParams({
@ApiImplicitParam(name = "enterpriseId", value = "公司id", required = true, dataType = "string"),
@ApiImplicitParam(name = "entUserId", value = "企业用户id", required = true, dataType = "string"),
@ApiImplicitParam(name = "listId", value = "清单类型Id", required = true, dataType = "string"),
@ApiImplicitParam(name = "postId", value = "企业用户岗位id",required = false, dataType = "string"),
})
@GetMapping(value = "/entUserPostList")
@PreAuthorize("hasAnyAuthority('PERSONAL:ENTUSERPOSTTASK','PERSONAL:ENTUSERPOSTTASK:UPDATE')")
@MethodAnnotation(authorizations = {"PERSONAL:ENTUSERPOSTTASK","PERSONAL:ENTUSERPOSTTASK:UPDATE"})
@ResponseBody
public SingleResult entUserPostTask(String enterpriseId, String entUserId,String postId,String listId)throws Exception{
return pcBusinessService.entUserPostTask(enterpriseId,entUserId,postId,listId);
}

30
inventory-ent/src/main/java/com/rzyc/filter/JwtAuthenticationTokenFiler.java
View File

@ -2,7 +2,10 @@ package com.rzyc.filter;
import com.common.utils.jwt.JwtUtil;
import com.rzyc.advice.CustomException;
import com.rzyc.mapper.AuthorityKeyMapper;
import com.rzyc.model.AuthorityKey;
import lombok.extern.slf4j.Slf4j;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.security.access.AccessDeniedException;
import org.springframework.security.authentication.UsernamePasswordAuthenticationToken;
import org.springframework.security.core.GrantedAuthority;
@ -30,16 +33,18 @@ import java.util.List;
@Component
@Slf4j
public class JwtAuthenticationTokenFiler extends OncePerRequestFilter {
@Autowired
AuthorityKeyMapper authorityKeyMapper;
@Override
protected void doFilterInternal(HttpServletRequest request, HttpServletResponse response, FilterChain filterChain) throws ServletException, IOException {
//获取token
String token = request.getHeader("userToken");
// if (!StringUtils.hasText(token)) {
// //放行
// filterChain.doFilter(request, response);
// return;
// }
String token = request.getHeader("token");
if (!StringUtils.hasText(token)) {
//放行
filterChain.doFilter(request, response);
return;
}
try {
String userId = JwtUtil.getTokenMsg(token);
@ -49,14 +54,17 @@ public class JwtAuthenticationTokenFiler extends OncePerRequestFilter {
}
try {
//角色权限和操作权限
List<GrantedAuthority> authoritys = new ArrayList<GrantedAuthority>();
//这里暂时写死的测试后面以redis来暂时存储role权限
authoritys.add(new SimpleGrantedAuthority("ROLE_ADMIN"));
List<AuthorityKey>authorizations = authorityKeyMapper.allAuthorizations();
List<GrantedAuthority> authority= new ArrayList<GrantedAuthority>();
StringBuilder stringBuilder = new StringBuilder();
for (AuthorityKey s:authorizations) {
stringBuilder.append(s.getCategory() +":"+s.getAuthKey());
authority.add(new SimpleGrantedAuthority(stringBuilder.toString()));
}
// 获取权限信息封装到Authentication中
UsernamePasswordAuthenticationToken authenticationToken =
new UsernamePasswordAuthenticationToken(null,null,authoritys);
new UsernamePasswordAuthenticationToken(null,null,authority);
SecurityContextHolder.getContext().setAuthentication(authenticationToken);

16
inventory-ent/src/main/java/com/rzyc/service/PcBusinessService.java
View File

@ -7,6 +7,7 @@ import com.common.utils.TypeConversion;
import com.common.utils.model.SingleResult;
import com.rzyc.bean.emergency.PlanList;
import com.rzyc.controller.BaseController;
import com.rzyc.model.EntPostList;
import com.rzyc.model.ent.EntPost;
import com.rzyc.model.ent.EntUser;
import com.rzyc.model.ent.SysEnterprise;
@ -73,5 +74,20 @@ public class PcBusinessService extends BaseController {
}
public SingleResult entUserPostList(String enterpriseId,String entUserId,String postId){
SingleResult singleResult = new SingleResult();
List<EntPostList>list = entPostListMapper.selectEntPostList(enterpriseId,entUserId,postId);
singleResult.setData(list);
return singleResult;
}
public SingleResult entUserPostTask(String enterpriseId, String entUserId,String postId,String listId){
SingleResult singleResult = new SingleResult();
//EntPostTask
return singleResult;
}
}