前端权限控制:前端菜单控制
本文共 19399 字,大约阅读时间需要 64 分钟。
package com.learn.system.controller;import com.learn.common.controller.BaseController;import com.learn.common.entity.PageResult;import com.learn.common.entity.Result;import com.learn.common.entity.ResultCode;import com.learn.common.exception.CommonException;import com.learn.common.utils.JwtUtils;import com.learn.common.utils.PermissionConstants;import com.learn.domain.system.Permission;import com.learn.domain.system.Role;import com.learn.domain.system.response.ProfileResult;import com.learn.domain.system.User;import com.learn.domain.system.response.UserResult;import com.learn.system.service.PermissionService;import com.learn.system.service.RoleService;import com.learn.system.service.UserService;import io.jsonwebtoken.Claims;import org.springframework.beans.factory.annotation.Autowired;import org.springframework.data.domain.Page;import org.springframework.util.StringUtils;import org.springframework.web.bind.annotation.*;import javax.servlet.http.HttpServletRequest;import java.util.HashMap;import java.util.List;import java.util.Map;//1.解决跨域@CrossOrigin//2.声明restContoller@RestController//3.设置父路径@RequestMapping(value="/sys")public class UserController extends BaseController { @Autowired private UserService userService; @Autowired private PermissionService permissionService; @Autowired private JwtUtils jwtUtils; /** * 分配角色 */ @RequestMapping(value = "/user/assignRoles", method = RequestMethod.PUT) public Result assignRoles(@RequestBody Map map) { //1.获取被分配的用户id String userId = (String) map.get("id"); //2.获取到角色的id列表 List roleIds = (List ) map.get("roleIds"); //3.调用service完成角色分配 userService.assignRoles(userId,roleIds); return new Result(ResultCode.SUCCESS); } /** * 保存 */ @RequestMapping(value = "/user", method = RequestMethod.POST) public Result save(@RequestBody User user) { //1.设置保存的企业id user.setCompanyId(companyId); user.setCompanyName(companyName); //2.调用service完成保存企业 userService.save(user); //3.构造返回结果 return new Result(ResultCode.SUCCESS); } /** * 查询企业的部门列表 * 指定企业id */ @RequestMapping(value = "/user", method = RequestMethod.GET) public Result findAll(int page, int size, @RequestParam Map map) { //1.获取当前的企业id map.put("companyId",companyId); //2.完成查询 Page pageUser = userService.findAll(map,page,size); //3.构造返回结果 PageResult pageResult = new PageResult(pageUser.getTotalElements(),pageUser.getContent()); return new Result(ResultCode.SUCCESS, pageResult); } /** * 根据ID查询user */ @RequestMapping(value = "/user/{id}", method = RequestMethod.GET) public Result findById(@PathVariable(value = "id") String id) { // 添加 roleIds (用户已经具有的角色id数组) User user = userService.findById(id); UserResult userResult = new UserResult(user); return new Result(ResultCode.SUCCESS, userResult); } /** * 修改User */ @RequestMapping(value = "/user/{id}", method = RequestMethod.PUT) public Result update(@PathVariable(value = "id") String id, @RequestBody User user) { //1.设置修改的部门id user.setId(id); //2.调用service更新 userService.update(user); return new Result(ResultCode.SUCCESS); } /** * 根据id删除 */ @RequestMapping(value = "/user/{id}", method = RequestMethod.DELETE,name = "API-USER-DELETE") public Result delete(@PathVariable(value = "id") String id) { userService.deleteById(id); return new Result(ResultCode.SUCCESS); } /** * 用户登录 * 1.通过service根据mobile查询用户 * 2.比较password * 3.生成jwt信息 * */ @RequestMapping(value="/login",method = RequestMethod.POST) public Result login(@RequestBody Map loginMap) { String mobile = loginMap.get("mobile"); String password = loginMap.get("password"); User user = userService.findByMobile(mobile); //登录失败 if(user == null || !user.getPassword().equals(password)) { return new Result(ResultCode.MOBILEORPASSWORDERROR); }else { //登录成功 //api权限字符串 StringBuilder sb = new StringBuilder(); //获取到所有的可访问API权限 for (Role role : user.getRoles()) { for (Permission perm : role.getPermissions()) { if(perm.getType() == PermissionConstants.PERMISSION_API) { sb.append(perm.getCode()).append(","); } } } Map map = new HashMap<>(); map.put("apis",sb.toString());//可访问的api权限字符串 map.put("companyId",user.getCompanyId()); map.put("companyName",user.getCompanyName()); String token = jwtUtils.createJwt(user.getId(), user.getUsername(), map); return new Result(ResultCode.SUCCESS,token); } } /** * 用户登录成功之后,获取用户信息 * 1.获取用户id * 2.根据用户id查询用户 * 3.构建返回值对象 * 4.响应 */ @RequestMapping(value="/profile",method = RequestMethod.POST) public Result profile(HttpServletRequest request) throws Exception { String userid = claims.getId(); //获取用户信息 User user = userService.findById(userid); //根据不同的用户级别获取用户权限 ProfileResult result = null; if("user".equals(user.getLevel())) { result = new ProfileResult(user); }else { Map map = new HashMap(); if("coAdmin".equals(user.getLevel())) { map.put("enVisible","1"); } List list = permissionService.findAll(map); result = new ProfileResult(user,list); } return new Result(ResultCode.SUCCESS,result); }} package com.learn.common.controller;import io.jsonwebtoken.Claims;import org.springframework.web.bind.annotation.ModelAttribute;import javax.servlet.http.HttpServletRequest;import javax.servlet.http.HttpServletResponse;public class BaseController { protected HttpServletRequest request; protected HttpServletResponse response; protected String companyId; protected String companyName; protected Claims claims; @ModelAttribute public void setResAnReq(HttpServletRequest request,HttpServletResponse response) { this.request = request; this.response = response; Object obj = request.getAttribute("user_claims"); if(obj != null) { this.claims = (Claims) obj; this.companyId = (String)claims.get("companyId"); this.companyName = (String)claims.get("companyName"); } }} package com.learn.domain.system.response;import com.learn.domain.system.Permission;import com.learn.domain.system.Role;import com.learn.domain.system.User;import lombok.Getter;import lombok.Setter;import java.util.*;//@Setter//@Getterpublic class ProfileResult { private String mobile; private String username; private String company; private Map roles = new HashMap<>(); public ProfileResult() { } /** * * @param user */ public ProfileResult(User user, List list) { this.mobile = user.getMobile(); this.username = user.getUsername(); this.company = user.getCompanyName(); Set menus = new HashSet<>(); Set points = new HashSet<>(); Set apis = new HashSet<>(); for (Permission perm : list) { String code = perm.getCode(); if(perm.getType() == 1) { menus.add(code); }else if(perm.getType() == 2) { points.add(code); }else { apis.add(code); } } this.roles.put("menus",menus); this.roles.put("points",points); this.roles.put("apis",apis); } public ProfileResult(User user) { this.mobile = user.getMobile(); this.username = user.getUsername(); this.company = user.getCompanyName(); Set roles = user.getRoles(); Set menus = new HashSet<>(); Set points = new HashSet<>(); Set apis = new HashSet<>(); for (Role role : roles) { Set perms = role.getPermissions(); for (Permission perm : perms) { String code = perm.getCode(); if(perm.getType() == 1) { menus.add(code); }else if(perm.getType() == 2) { points.add(code); }else { apis.add(code); } } } this.roles.put("menus",menus); this.roles.put("points",points); this.roles.put("apis",apis); } public String getMobile() { return mobile; } public void setMobile(String mobile) { this.mobile = mobile; } public String getUsername() { return username; } public void setUsername(String username) { this.username = username; } public String getCompany() { return company; } public void setCompany(String company) { this.company = company; } public Map getRoles() { return roles; } public void setRoles(Map roles) { this.roles = roles; }} package com.learn.domain.system;import com.fasterxml.jackson.annotation.JsonIgnore;import lombok.Getter;import lombok.Setter;import javax.persistence.*;import java.io.Serializable;import java.util.Date;import java.util.HashSet;import java.util.Set;/** * 用户实体类 */@Entity@Table(name = "bs_user")//@Getter//@Setterpublic class User implements Serializable { private static final long serialVersionUID = 4297464181093070302L; /** * ID */ @Id private String id; /** * 手机号码 */ private String mobile; /** * 用户名称 */ private String username; /** * 密码 */ private String password; /** * 启用状态 0为禁用 1为启用 */ private Integer enableState; /** * 创建时间 */ private Date createTime; private String companyId; private String companyName; /** * 部门ID */ private String departmentId; /** * 入职时间 */ private Date timeOfEntry; /** * 聘用形式 */ private Integer formOfEmployment; /** * 工号 */ private String workNumber; /** * 管理形式 */ private String formOfManagement; /** * 工作城市 */ private String workingCity; /** * 转正时间 */ private Date correctionTime; /** * 在职状态 1.在职 2.离职 */ private Integer inServiceStatus; private String departmentName; /** * level * String * saasAdmin:saas管理员具备所有权限 * coAdmin:企业管理(创建租户企业的时候添加) * user:普通用户(需要分配角色) */ private String level; /** * JsonIgnore * : 忽略json转化 */ @JsonIgnore @ManyToMany @JoinTable(name="pe_user_role",joinColumns={@JoinColumn(name="user_id",referencedColumnName="id")}, inverseJoinColumns={@JoinColumn(name="role_id",referencedColumnName="id")} ) private Set roles = new HashSet ();//用户与角色 多对多 public static long getSerialVersionUID() { return serialVersionUID; } public String getId() { return id; } public void setId(String id) { this.id = id; } public String getMobile() { return mobile; } public void setMobile(String mobile) { this.mobile = mobile; } public String getUsername() { return username; } public void setUsername(String username) { this.username = username; } public String getPassword() { return password; } public void setPassword(String password) { this.password = password; } public Integer getEnableState() { return enableState; } public void setEnableState(Integer enableState) { this.enableState = enableState; } public Date getCreateTime() { return createTime; } public void setCreateTime(Date createTime) { this.createTime = createTime; } public String getCompanyId() { return companyId; } public void setCompanyId(String companyId) { this.companyId = companyId; } public String getCompanyName() { return companyName; } public void setCompanyName(String companyName) { this.companyName = companyName; } public String getDepartmentId() { return departmentId; } public void setDepartmentId(String departmentId) { this.departmentId = departmentId; } public Date getTimeOfEntry() { return timeOfEntry; } public void setTimeOfEntry(Date timeOfEntry) { this.timeOfEntry = timeOfEntry; } public Integer getFormOfEmployment() { return formOfEmployment; } public void setFormOfEmployment(Integer formOfEmployment) { this.formOfEmployment = formOfEmployment; } public String getWorkNumber() { return workNumber; } public void setWorkNumber(String workNumber) { this.workNumber = workNumber; } public String getFormOfManagement() { return formOfManagement; } public void setFormOfManagement(String formOfManagement) { this.formOfManagement = formOfManagement; } public String getWorkingCity() { return workingCity; } public void setWorkingCity(String workingCity) { this.workingCity = workingCity; } public Date getCorrectionTime() { return correctionTime; } public void setCorrectionTime(Date correctionTime) { this.correctionTime = correctionTime; } public Integer getInServiceStatus() { return inServiceStatus; } public void setInServiceStatus(Integer inServiceStatus) { this.inServiceStatus = inServiceStatus; } public String getDepartmentName() { return departmentName; } public void setDepartmentName(String departmentName) { this.departmentName = departmentName; } public String getLevel() { return level; } public void setLevel(String level) { this.level = level; } public Set getRoles() { return roles; } public void setRoles(Set roles) { this.roles = roles; }} import Mock from 'mockjs'import TableAPI from './table'import ProfileAPI from './profile'import LoginAPI from './login'import CompanyAPI from './company'Mock.setup({ //timeout: '1000'})//如果发送请求的api路径匹配,拦截//第一个参数匹配的请求api路径,第二个参数匹配请求的方式,第三个参数相应数据如何替换Mock.mock(/\/table\/list\.*/, 'get', TableAPI.list)//获取用户信息//Mock.mock(/\/frame\/profile/, 'post', ProfileAPI.profile)//Mock.mock(/\/frame\/login/, 'post', LoginAPI.login)//配置模拟数据接口// /company/12//Mock.mock(/\/company\/+/, 'get', CompanyAPI.sassDetail)//根据id查询//Mock.mock(/\/company/, 'get', CompanyAPI.list) //访问企业列表 import {createAPI, createFormAPI} from '@/utils/request'//登录export const login = data => createAPI('/sys/login', 'post', data)//获取用户信息export const profile = data => createAPI('/sys/profile', 'post', data)export const registerStep1 = data => createAPI('/frame/register/step1', 'post', data)export const registerStep2 = data => createAPI('/frame/register/step2', 'post', data)export const regCode = data => createAPI('/frame/register/verification_code', 'post', data)export const logout = data => createAPI('/frame/logout', 'post', data)export const passwd = data => createAPI('/frame/passwd', 'post', data) import { login, logout, profile } from '@/api/base/frame'import { getToken, setToken, removeToken } from '@/utils/auth'const user = { state: { user: '', status: '', code: '', token: getToken(), name: '', avatar: '', introduction: '', roles: [], setting: { articlePlatform: [] }, approvals: {} }, mutations: { SET_CODE: (state, code) => { state.code = code }, SET_TOKEN: (state, token) => { state.token = token }, SET_INTRODUCTION: (state, introduction) => { state.introduction = introduction }, SET_SETTING: (state, setting) => { state.setting = setting }, SET_STATUS: (state, status) => { state.status = status }, SET_NAME: (state, name) => { state.name = name }, SET_AVATAR: (state, avatar) => { state.avatar = avatar || 'http://or45inefq.bkt.clouddn.com/itheima-avatar.png' }, SET_ROLES: (state, roles) => { state.roles = roles }, SET_APPROVALS: (state, approvals) => { state.approvals = approvals } }, actions: { // 用户名登录 LoginByUsername({ commit }, userInfo) { const username = userInfo.mobile.trim() return new Promise((resolve, reject) => { login({ mobile: username, password: userInfo.password }).then(response => { const data = response.data.data commit('SET_TOKEN', data) setToken(data) resolve() }).catch(error => { reject(error) }) }) }, // 获取用户信息 GetUserInfo({ commit, state }) { return new Promise((resolve, reject) => { profile().then(response => { const data = response.data.data commit('SET_ROLES', data.roles?data.roles:{menus:[],points:[]}) commit('SET_NAME', data.username) commit('SET_AVATAR', data.avatar) commit('SET_INTRODUCTION', data.company) commit('SET_APPROVALS', data.approvals) resolve(response) }).catch(error => { reject(error) }) }) }, // 第三方验证登录 // LoginByThirdparty({ commit, state }, code) { // return new Promise((resolve, reject) => { // commit('SET_CODE', code) // loginByThirdparty(state.status, state.email, state.code).then(response => { // commit('SET_TOKEN', response.data.token) // setToken(response.data.token) // resolve() // }).catch(error => { // reject(error) // }) // }) // }, // 登出 LogOut({ commit, state }) { return new Promise((resolve, reject) => { logout().then(() => { commit('SET_TOKEN', '') commit('SET_ROLES', []) removeToken() resolve() }).catch(error => { reject(error) }) }) }, // 前端 登出 FedLogOut({ commit }) { return new Promise(resolve => { commit('SET_TOKEN', '') removeToken() resolve() }) } }}export default user import { asyncRouterMap, constantRouterMap } from '@/router'import { hasPermission } from '@/utils/permission'/** * 递归过滤异步路由表,返回符合用户角色权限的路由表 * @param asyncRouterMap * @param roles */function filterAsyncRouter(asyncRouterMap, roles) { const accessedRouters = asyncRouterMap.filter(route => { if (hasPermission(roles, route)) { return true } return false }) return accessedRouters}const permission = { state: { routers: constantRouterMap, addRouters: [] }, mutations: { SET_ROUTERS: (state, routers) => { state.addRouters = routers state.routers = constantRouterMap.concat(routers) } }, actions: { GenerateRoutes({ commit }, data) { return new Promise(resolve => { const { roles } = data //动态构造权限列表 let accessedRouters = filterAsyncRouter(asyncRouterMap, roles) commit('SET_ROUTERS', accessedRouters) //commit('SET_ROUTERS', asyncRouterMap) // 调试开启全部路由 resolve() }) } }}export default permission
{ {$t('login.logIn')}} 还没有账号?立即注册 账号: (SaaS管理员) 密码:{ {$t('login.thirdpartyTips')}}
转载地址:http://olkzb.baihongyu.com/
你可能感兴趣的文章
剑指offer 23.从上往下打印二叉树
查看>>
剑指offer 25.二叉树中和为某一值的路径
查看>>
剑指offer 60. 不用加减乘除做加法
查看>>
Leetcode C++《热题 Hot 100-13》234.回文链表
查看>>
Leetcode C++《热题 Hot 100-14》283.移动零
查看>>
Leetcode C++《热题 Hot 100-15》437.路径总和III
查看>>
Leetcode C++《热题 Hot 100-17》461.汉明距离
查看>>
Leetcode C++《热题 Hot 100-18》538.把二叉搜索树转换为累加树
查看>>
Leetcode C++《热题 Hot 100-19》543.二叉树的直径
查看>>
Leetcode C++《热题 Hot 100-21》581.最短无序连续子数组
查看>>
Leetcode C++《热题 Hot 100-22》2.两数相加
查看>>
Leetcode C++《热题 Hot 100-23》3.无重复字符的最长子串
查看>>
Leetcode C++《热题 Hot 100-24》5.最长回文子串
查看>>
Leetcode C++《热题 Hot 100-26》15.三数之和
查看>>
Leetcode C++《热题 Hot 100-28》19.删除链表的倒数第N个节点
查看>>
Leetcode C++《热题 Hot 100-29》22.括号生成
查看>>
Leetcode C++《热题 Hot 100-44》102.二叉树的层次遍历
查看>>
Leetcode C++《热题 Hot 100-47》236.二叉树的最近公共祖先
查看>>
Leetcode C++《热题 Hot 100-48》406.根据身高重建队列
查看>>
《kubernetes权威指南·第四版》第二章:kubernetes安装配置指南
查看>>