From 7ece014b7af23873532e3a9a4e0e8e2ad38bc6c4 Mon Sep 17 00:00:00 2001 From: ant Date: Fri, 31 May 2024 15:08:35 +0800 Subject: [PATCH] =?UTF-8?q?1.=20=E6=95=B4=E4=BD=93=E5=8E=BB=E9=99=A4?= =?UTF-8?q?=E7=A7=9F=E6=88=B7=E7=9B=B8=E5=85=B3=E6=A6=82=E5=BF=B5?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- .../chushang/common/core/util/JwtUtils.java | 16 --- .../datascope/annotation/DataScope.java | 6 + .../datascope/aspect/DataScopeAspect.java | 113 +++++++++--------- .../datascope/constants/ScopeConstants.java | 33 +++++ .../datascope/entity/DataScopeEntity.java | 9 ++ .../datascope/enums/ScopeKeyWord.java | 17 +++ .../mybatis/MybatisAutoConfiguration.java | 21 ---- .../security/aspect/InnerAuthAspect.java | 4 +- .../context/SecurityContextHolder.java | 7 -- .../security/entity/vo/LoginUser.java | 4 - .../feign/FeignRequestInterceptor.java | 5 - .../interceptor/HeaderInterceptor.java | 1 - .../security/service/TokenService.java | 3 - .../chushang/auth/service/UserService.java | 1 - .../chushang/gateway/filter/AuthFilter.java | 3 - .../chushang/system/entity/po/SysConfig.java | 5 - .../chushang/system/entity/po/SysDept.java | 5 - .../chushang/system/entity/po/SysRole.java | 6 - .../chushang/system/entity/po/SysTenant.java | 55 --------- .../system/entity/po/SysTenantPackage.java | 70 ----------- .../chushang/system/entity/po/SysUser.java | 6 - .../chushang/system/mapper/SysDeptMapper.java | 7 ++ .../system/mapper/SysTenantMapper.java | 10 -- .../system/mapper/SysTenantPackageMapper.java | 10 -- .../system/service/ISysDeptService.java | 9 ++ .../system/service/ISysPermissionService.java | 18 +-- .../service/SysTenantPackageService.java | 7 -- .../system/service/SysTenantService.java | 7 -- .../service/impl/SysDeptServiceImpl.java | 10 ++ .../impl/SysPermissionServiceImpl.java | 51 +++++++- .../impl/SysTenantPackageServiceImpl.java | 13 -- .../service/impl/SysTenantServiceImpl.java | 13 -- 32 files changed, 194 insertions(+), 351 deletions(-) create mode 100644 chushang-common/chushang-common-data-scope/src/main/java/com/chushang/datascope/constants/ScopeConstants.java create mode 100644 chushang-common/chushang-common-data-scope/src/main/java/com/chushang/datascope/enums/ScopeKeyWord.java delete mode 100644 chushang-modules/chushang-module-system/system-feign/src/main/java/com/chushang/system/entity/po/SysTenant.java delete mode 100644 chushang-modules/chushang-module-system/system-feign/src/main/java/com/chushang/system/entity/po/SysTenantPackage.java delete mode 100644 chushang-modules/chushang-module-system/system-service/src/main/java/com/chushang/system/mapper/SysTenantMapper.java delete mode 100644 chushang-modules/chushang-module-system/system-service/src/main/java/com/chushang/system/mapper/SysTenantPackageMapper.java delete mode 100644 chushang-modules/chushang-module-system/system-service/src/main/java/com/chushang/system/service/SysTenantPackageService.java delete mode 100644 chushang-modules/chushang-module-system/system-service/src/main/java/com/chushang/system/service/SysTenantService.java delete mode 100644 chushang-modules/chushang-module-system/system-service/src/main/java/com/chushang/system/service/impl/SysTenantPackageServiceImpl.java delete mode 100644 chushang-modules/chushang-module-system/system-service/src/main/java/com/chushang/system/service/impl/SysTenantServiceImpl.java diff --git a/chushang-common/chushang-common-core/src/main/java/com/chushang/common/core/util/JwtUtils.java b/chushang-common/chushang-common-core/src/main/java/com/chushang/common/core/util/JwtUtils.java index 0ab8bc5..fbf51d9 100644 --- a/chushang-common/chushang-common-core/src/main/java/com/chushang/common/core/util/JwtUtils.java +++ b/chushang-common/chushang-common-core/src/main/java/com/chushang/common/core/util/JwtUtils.java @@ -120,20 +120,4 @@ public class JwtUtils { return Convert.toStr(claims.get(key), ""); } - - public static String getTenantId(Claims claims) { - return getValue(claims, SecurityConstants.TENANT_ID); - } - - /** - * 根据令牌获取用户ID - * - * @param token 令牌 - * @return 用户ID - */ - public static String getTenantId(String token) - { - Claims claims = parseToken(token); - return getValue(claims, SecurityConstants.TENANT_ID); - } } diff --git a/chushang-common/chushang-common-data-scope/src/main/java/com/chushang/datascope/annotation/DataScope.java b/chushang-common/chushang-common-data-scope/src/main/java/com/chushang/datascope/annotation/DataScope.java index 50d641c..70f43dd 100644 --- a/chushang-common/chushang-common-data-scope/src/main/java/com/chushang/datascope/annotation/DataScope.java +++ b/chushang-common/chushang-common-data-scope/src/main/java/com/chushang/datascope/annotation/DataScope.java @@ -1,5 +1,8 @@ package com.chushang.datascope.annotation; +import com.baomidou.mybatisplus.core.enums.SqlKeyword; +import com.chushang.datascope.enums.ScopeKeyWord; + import java.lang.annotation.*; @Target(value = {ElementType.METHOD}) @@ -18,4 +21,7 @@ public @interface DataScope String userAlias() default ""; String permission() default ""; + + ScopeKeyWord scopeKey() default ScopeKeyWord.AND; + } \ No newline at end of file diff --git a/chushang-common/chushang-common-data-scope/src/main/java/com/chushang/datascope/aspect/DataScopeAspect.java b/chushang-common/chushang-common-data-scope/src/main/java/com/chushang/datascope/aspect/DataScopeAspect.java index b20d666..b0a05b3 100644 --- a/chushang-common/chushang-common-data-scope/src/main/java/com/chushang/datascope/aspect/DataScopeAspect.java +++ b/chushang-common/chushang-common-data-scope/src/main/java/com/chushang/datascope/aspect/DataScopeAspect.java @@ -7,7 +7,9 @@ import com.chushang.common.mybatis.page.CommonParam; import com.chushang.common.core.util.StringUtils; import com.chushang.common.mybatis.base.BaseEntity; import com.chushang.datascope.annotation.DataScope; +import com.chushang.datascope.constants.ScopeConstants; import com.chushang.datascope.entity.DataScopeEntity; +import com.chushang.datascope.enums.ScopeKeyWord; import com.chushang.security.context.SecurityContextHolder; import com.chushang.security.utils.SecurityUtils; import com.chushang.security.entity.vo.LoginUser; @@ -21,43 +23,13 @@ import org.springframework.stereotype.Component; import java.lang.reflect.Method; import java.sql.SQLException; -import java.util.ArrayList; -import java.util.List; -import java.util.Map; -import java.util.Set; +import java.util.*; +import java.util.stream.Collectors; @Aspect @Slf4j @Component public class DataScopeAspect { - /** - * 数据权限过滤关键字 - */ - public static final String DATA_SCOPE = "dataScope"; - /** - * 部门角色权限过滤 - */ - public static final String ROLE_SCOPE = "roleScope"; - /** - * 全部数据权限 - */ - public static final String DATA_SCOPE_ALL = "1"; - /** - * 自定数据权限 - */ - public static final String DATA_SCOPE_CUSTOM = "2"; - /** - * 部门数据权限 - */ - public static final String DATA_SCOPE_DEPT = "3"; - /** - * 部门及以下数据权限 - */ - public static final String DATA_SCOPE_DEPT_AND_CHILD = "4"; - /** - * 仅本人数据权限 - */ - public static final String DATA_SCOPE_SELF = "5"; @Pointcut("@annotation(com.chushang.datascope.annotation.DataScope)") public void dataScopePointCut() { } @@ -86,8 +58,9 @@ public class DataScopeAspect { method.getAnnotation(DataScope.class); String permission = StringUtils.defaultIfEmpty(dataScope.permission(), SecurityContextHolder.getPermission()); + ScopeKeyWord scopeKeyWord = dataScope.scopeKey(); dataScopeFilter(joinPoint, scopes, dataScope.deptAlias(), - dataScope.userAlias(), permission, userId); + dataScope.userAlias(), permission, userId, scopeKeyWord); } } } @@ -101,7 +74,7 @@ public class DataScopeAspect { * @param userAlias 用户别名 * @param userId 用户id */ - public void dataScopeFilter(JoinPoint joinPoint, List dataScopes, String deptAlias, String userAlias, String permission, Long userId) { + public void dataScopeFilter(JoinPoint joinPoint, List dataScopes, String deptAlias, String userAlias, String permission, Long userId, ScopeKeyWord scopeKeyWord) { StringBuilder dataScopeSqlString = new StringBuilder(); // 根据部门过滤role 显示 StringBuilder roleSqlString = new StringBuilder(); @@ -109,46 +82,72 @@ public class DataScopeAspect { for (DataScopeEntity scope : dataScopes) { String dataScope = scope.getScope(); Set permissions = scope.getPermissions(); - if (!DATA_SCOPE_CUSTOM.equals(dataScope) && conditions.contains(dataScope)) { + // 自定义 + if (!ScopeConstants.DATA_SCOPE_CUSTOM.equals(dataScope) && conditions.contains(dataScope)) { continue; } if (StringUtils.isNotEmpty(permission) && CollectionUtil.isNotEmpty(permissions) && !CollectionUtil.containsAny(permissions, Convert.toList(permission))) { continue; } - if (DATA_SCOPE_ALL.equals(dataScope)) { + // 全部 + if (ScopeConstants.DATA_SCOPE_ALL.equals(dataScope)) { dataScopeSqlString = new StringBuilder(); break; - } else if (DATA_SCOPE_CUSTOM.equals(dataScope)) { - dataScopeSqlString.append(StringUtils.format( - " OR {}.dept_id IN ( SELECT dept_id FROM sys_role_dept WHERE role_id = {} ) ", deptAlias, - scope.getRoleId())); - } else if (DATA_SCOPE_DEPT.equals(dataScope)) { + } + // 自定义 + else if (ScopeConstants.DATA_SCOPE_CUSTOM.equals(dataScope)) { + // 这个时候就会报错 + dataScopeSqlString + .append(ScopeKeyWord.OR.getCode()) + .append(StringUtils.format( + "{}.dept_id IN ({}) ", deptAlias, String.join(",",scope.getDeptIds()))); + } + // 部门数据 + else if (ScopeConstants.DATA_SCOPE_DEPT.equals(dataScope)) { dataScopeSqlString.append(StringUtils.format(" OR {}.dept_id = {} ", deptAlias, scope.getDeptId())); - - } else if (DATA_SCOPE_DEPT_AND_CHILD.equals(dataScope)) { - dataScopeSqlString.append(StringUtils.format( - " OR {}.dept_id IN ( SELECT dept_id FROM sys_dept WHERE dept_id = {} or find_in_set( {} , ancestors ) )", - deptAlias, scope.getDeptId(), scope.getDeptId())); - // 当且仅当用在角色列表页面, 并且角色为 部门及以下 - roleSqlString.append(StringUtils.format(" OR {}.dept_id IN ( SELECT dept_id FROM sys_dept WHERE dept_id = {} OR find_in_set( {}, ancestors ) ) ", - "r", scope.getDeptId(), scope.getDeptId())); - } else if (DATA_SCOPE_SELF.equals(dataScope)) { + } + // 部门及以下 + else if (ScopeConstants.DATA_SCOPE_DEPT_AND_CHILD.equals(dataScope)) { + dataScopeSqlString + .append(ScopeKeyWord.OR.getCode()) + .append(StringUtils.format( + "{}.dept_id IN ({})", + deptAlias, String.join(",",scope.getDeptIds()))); + // 当且仅当用在角色列表页面, 并且角色为 部门及以下 -- 用于控制 角色的显示, 每个部门下有自己的角色不同 + roleSqlString + .append(ScopeKeyWord.OR.getCode()) + .append(StringUtils.format("{}.dept_id IN ({}) ", + "r", String.join(",",scope.getDeptIds()))); + } + // 仅本人 + else if (ScopeConstants.DATA_SCOPE_SELF.equals(dataScope)) { if (StringUtils.isNotBlank(userAlias)) { - dataScopeSqlString.append(StringUtils.format(" OR {}.user_id = {} ", userAlias, userId)); + dataScopeSqlString + .append(ScopeKeyWord.OR.getCode()) + .append(StringUtils.format("{}.user_id = {} ", userAlias, userId)); } else { // 数据权限为仅本人且没有userAlias别名不查询任何数据 - dataScopeSqlString.append(StringUtils.format(" OR {}.dept_id = {} ", deptAlias, scope.getDeptId())); + dataScopeSqlString + .append(ScopeKeyWord.OR.getCode()) + .append(StringUtils.format("{}.dept_id = {} ", deptAlias, scope.getDeptId())); } } conditions.add(dataScope); } if (StringUtils.isNotBlank(dataScopeSqlString.toString())) { - String v = " AND (" + dataScopeSqlString.substring(4) + ")"; + String v; + if (scopeKeyWord.equals(ScopeKeyWord.AND)){ + v = ScopeKeyWord.AND.getCode(); + }else { + v = ScopeKeyWord.OR.getCode(); + } + // 会将 最前面的 OR 去除 + v += "(" + dataScopeSqlString.substring(4) + ")"; Map sqlParam = getSqlParam(joinPoint); if (null == sqlParam) return; - sqlParam.put(DATA_SCOPE, v); - sqlParam.put(ROLE_SCOPE, roleSqlString.toString()); + sqlParam.put(ScopeConstants.DATA_SCOPE, v); + sqlParam.put(ScopeConstants.ROLE_SCOPE, roleSqlString.toString()); } } @@ -158,8 +157,8 @@ public class DataScopeAspect { private void clearDataScope(final JoinPoint joinPoint) { Map sqlParam = getSqlParam(joinPoint); if (null == sqlParam) return; - sqlParam.put(DATA_SCOPE, ""); - sqlParam.put(ROLE_SCOPE, ""); + sqlParam.put(ScopeConstants.DATA_SCOPE, ""); + sqlParam.put(ScopeConstants.ROLE_SCOPE, ""); } private Map getSqlParam(final JoinPoint joinPoint){ diff --git a/chushang-common/chushang-common-data-scope/src/main/java/com/chushang/datascope/constants/ScopeConstants.java b/chushang-common/chushang-common-data-scope/src/main/java/com/chushang/datascope/constants/ScopeConstants.java new file mode 100644 index 0000000..0a8023f --- /dev/null +++ b/chushang-common/chushang-common-data-scope/src/main/java/com/chushang/datascope/constants/ScopeConstants.java @@ -0,0 +1,33 @@ +package com.chushang.datascope.constants; + +public interface ScopeConstants { + /** + * 全部数据权限 + */ + String DATA_SCOPE_ALL = "1"; + /** + * 自定数据权限 + */ + String DATA_SCOPE_CUSTOM = "2"; + /** + * 部门数据权限 + */ + String DATA_SCOPE_DEPT = "3"; + /** + * 部门及以下数据权限 + */ + String DATA_SCOPE_DEPT_AND_CHILD = "4"; + /** + * 仅本人数据权限 + */ + String DATA_SCOPE_SELF = "5"; + + /** + * 数据权限过滤关键字 + */ + String DATA_SCOPE = "dataScope"; + /** + * 部门角色权限过滤 + */ + String ROLE_SCOPE = "roleScope"; +} diff --git a/chushang-common/chushang-common-data-scope/src/main/java/com/chushang/datascope/entity/DataScopeEntity.java b/chushang-common/chushang-common-data-scope/src/main/java/com/chushang/datascope/entity/DataScopeEntity.java index 3fa2df0..f0e8c10 100644 --- a/chushang-common/chushang-common-data-scope/src/main/java/com/chushang/datascope/entity/DataScopeEntity.java +++ b/chushang-common/chushang-common-data-scope/src/main/java/com/chushang/datascope/entity/DataScopeEntity.java @@ -25,5 +25,14 @@ public class DataScopeEntity{ private String scope; private Set permissions; + /** + * 用于权限控制 -- 部门及以下 + * DATA_SCOPE_DEPT_AND_CHILD + * SELECT dept_id FROM sys_dept WHERE dept_id = {} or find_in_set( {} , ancestors ) + * + * DATA_SCOPE_CUSTOM + * SELECT dept_id FROM sys_role_dept WHERE role_id = {} + */ + private Set deptIds; } diff --git a/chushang-common/chushang-common-data-scope/src/main/java/com/chushang/datascope/enums/ScopeKeyWord.java b/chushang-common/chushang-common-data-scope/src/main/java/com/chushang/datascope/enums/ScopeKeyWord.java new file mode 100644 index 0000000..5f683b7 --- /dev/null +++ b/chushang-common/chushang-common-data-scope/src/main/java/com/chushang/datascope/enums/ScopeKeyWord.java @@ -0,0 +1,17 @@ +package com.chushang.datascope.enums; + +import lombok.AllArgsConstructor; +import lombok.Getter; + +/** + * scope 关键词连接 + */ +@Getter +@AllArgsConstructor +public enum ScopeKeyWord { + AND(" AND "), + OR(" OR "), + ; + + private final String code; +} diff --git a/chushang-common/chushang-common-mybatis/src/main/java/com/chushang/common/mybatis/MybatisAutoConfiguration.java b/chushang-common/chushang-common-mybatis/src/main/java/com/chushang/common/mybatis/MybatisAutoConfiguration.java index 4a5af01..49f5be0 100644 --- a/chushang-common/chushang-common-mybatis/src/main/java/com/chushang/common/mybatis/MybatisAutoConfiguration.java +++ b/chushang-common/chushang-common-mybatis/src/main/java/com/chushang/common/mybatis/MybatisAutoConfiguration.java @@ -80,27 +80,6 @@ public class MybatisAutoConfiguration implements WebMvcConfigurer { @Bean public MybatisPlusInterceptor mybatisPlusInterceptor() { MybatisPlusInterceptor interceptor = new MybatisPlusInterceptor(); - /** - * 新多租户插件配置,一缓和二缓遵循mybatis的规则,需要设置 MybatisConfiguration#useDeprecatedExecutor = false 避免缓存万一出现问题 - */ - interceptor.addInnerInterceptor(new TenantLineInnerInterceptor(new TenantLineHandler() { - @Override - public Expression getTenantId() { - String tenantId = ServletUtils.getRequest().getHeader(SecurityConstants.TENANT_ID); - // 租户id, 应当就是其 - return new LongValue(tenantId); - } - - // 这是 default 方法,默认返回 false 表示所有表都需要拼多租户条件 - @Override - public boolean ignoreTable(String tableName) { - log.info("tableName {}", tableName); - String tenantId = ServletUtils.getRequest().getHeader(SecurityConstants.TENANT_ID); - // 租户id 为空不拼接租户, 否则拼接租户id - return StringUtils.isEmpty(tenantId); - } - })); - // 分页插件, 对于单一数据库类型来说,都建议配置该值,避免每次分页都去抓取数据库类型 interceptor.addInnerInterceptor(new PaginationInnerInterceptor(DbType.MYSQL)); // 乐观锁 diff --git a/chushang-common/chushang-common-security/src/main/java/com/chushang/security/aspect/InnerAuthAspect.java b/chushang-common/chushang-common-security/src/main/java/com/chushang/security/aspect/InnerAuthAspect.java index fc00c3f..7952d5b 100644 --- a/chushang-common/chushang-common-security/src/main/java/com/chushang/security/aspect/InnerAuthAspect.java +++ b/chushang-common/chushang-common-security/src/main/java/com/chushang/security/aspect/InnerAuthAspect.java @@ -32,10 +32,8 @@ public class InnerAuthAspect implements Ordered String userid = ServletUtils.getRequest().getHeader(SecurityConstants.DETAILS_USER_ID); String username = ServletUtils.getRequest().getHeader(SecurityConstants.DETAILS_USERNAME); - // 设置租户id - String tenantId = ServletUtils.getRequest().getHeader(SecurityConstants.TENANT_ID); // 用户信息验证 - if (innerAuth.isUser() && (StringUtils.isEmpty(userid) || StringUtils.isEmpty(username) || StringUtils.isEmpty(tenantId))) + if (innerAuth.isUser() && (StringUtils.isEmpty(userid) || StringUtils.isEmpty(username))) { throw new InnerAuthException("没有设置用户信息,不允许访问 "); } diff --git a/chushang-common/chushang-common-security/src/main/java/com/chushang/security/context/SecurityContextHolder.java b/chushang-common/chushang-common-security/src/main/java/com/chushang/security/context/SecurityContextHolder.java index a2ee455..ce9c701 100644 --- a/chushang-common/chushang-common-security/src/main/java/com/chushang/security/context/SecurityContextHolder.java +++ b/chushang-common/chushang-common-security/src/main/java/com/chushang/security/context/SecurityContextHolder.java @@ -96,11 +96,4 @@ public class SecurityContextHolder { set(SecurityConstants.ROLE_PERMISSION, permissions); } - - public static void setTenantId(String tenantId){ - set(SecurityConstants.TENANT_ID, tenantId); - } - public static String getTenantId(){ - return get(SecurityConstants.TENANT_ID); - } } diff --git a/chushang-common/chushang-common-security/src/main/java/com/chushang/security/entity/vo/LoginUser.java b/chushang-common/chushang-common-security/src/main/java/com/chushang/security/entity/vo/LoginUser.java index 9593803..a52caa0 100644 --- a/chushang-common/chushang-common-security/src/main/java/com/chushang/security/entity/vo/LoginUser.java +++ b/chushang-common/chushang-common-security/src/main/java/com/chushang/security/entity/vo/LoginUser.java @@ -62,10 +62,6 @@ public class LoginUser implements Serializable * 用户信息 */ private T sysUser; - /** - * 租户ID - */ - private Long tenantId; /** * 当前用户对应的 数据权限 */ diff --git a/chushang-common/chushang-common-security/src/main/java/com/chushang/security/feign/FeignRequestInterceptor.java b/chushang-common/chushang-common-security/src/main/java/com/chushang/security/feign/FeignRequestInterceptor.java index d7b28df..8eb2ee4 100644 --- a/chushang-common/chushang-common-security/src/main/java/com/chushang/security/feign/FeignRequestInterceptor.java +++ b/chushang-common/chushang-common-security/src/main/java/com/chushang/security/feign/FeignRequestInterceptor.java @@ -47,11 +47,6 @@ public class FeignRequestInterceptor implements RequestInterceptor { requestTemplate.header(SecurityConstants.AUTHORIZATION_HEADER, authentication); } - // 租户id - String tenantId = headers.get(SecurityConstants.TENANT_ID); - if (StringUtils.isNotEmpty(tenantId)){ - requestTemplate.header(SecurityConstants.TENANT_ID, tenantId); - } // 配置客户端IP requestTemplate.header("X-Forwarded-For", IPUtils.clientIp(ServletUtils.getRequest())); } diff --git a/chushang-common/chushang-common-security/src/main/java/com/chushang/security/interceptor/HeaderInterceptor.java b/chushang-common/chushang-common-security/src/main/java/com/chushang/security/interceptor/HeaderInterceptor.java index cd3c9a1..186c660 100644 --- a/chushang-common/chushang-common-security/src/main/java/com/chushang/security/interceptor/HeaderInterceptor.java +++ b/chushang-common/chushang-common-security/src/main/java/com/chushang/security/interceptor/HeaderInterceptor.java @@ -32,7 +32,6 @@ public class HeaderInterceptor implements AsyncHandlerInterceptor SecurityContextHolder.setUserId(ServletUtils.getHeader(request, SecurityConstants.DETAILS_USER_ID)); SecurityContextHolder.setUserName(ServletUtils.getHeader(request, SecurityConstants.DETAILS_USERNAME)); SecurityContextHolder.setUserKey(ServletUtils.getHeader(request, SecurityConstants.USER_KEY)); - SecurityContextHolder.setTenantId(ServletUtils.getHeader(request, SecurityConstants.TENANT_ID)); String token = SecurityUtils.getToken(); if (StringUtils.isNotEmpty(token)) diff --git a/chushang-common/chushang-common-security/src/main/java/com/chushang/security/service/TokenService.java b/chushang-common/chushang-common-security/src/main/java/com/chushang/security/service/TokenService.java index f6da4b8..8f51a6c 100644 --- a/chushang-common/chushang-common-security/src/main/java/com/chushang/security/service/TokenService.java +++ b/chushang-common/chushang-common-security/src/main/java/com/chushang/security/service/TokenService.java @@ -44,7 +44,6 @@ public class TokenService String token = IdUtils.getId(31); Long userId = loginUser.getUserId(); String username = loginUser.getUsername(); - Long tenantId = loginUser.getTenantId(); String tokenKey = token + "#" + userId; loginUser.setToken(tokenKey); loginUser.setIpaddr(IPUtils.clientIp(ServletUtils.getRequest())); @@ -56,8 +55,6 @@ public class TokenService claimsMap.put(SecurityConstants.USER_KEY, tokenKey); claimsMap.put(SecurityConstants.DETAILS_USER_ID, userId); claimsMap.put(SecurityConstants.DETAILS_USERNAME, username); - // 租户id - claimsMap.put(SecurityConstants.TENANT_ID, tenantId); // 接口返回信息 Map rspMap = new HashMap<>(); diff --git a/chushang-modules/chushang-module-auth/auth-service/src/main/java/com/chushang/auth/service/UserService.java b/chushang-modules/chushang-module-auth/auth-service/src/main/java/com/chushang/auth/service/UserService.java index 10a8738..44cc7da 100644 --- a/chushang-modules/chushang-module-auth/auth-service/src/main/java/com/chushang/auth/service/UserService.java +++ b/chushang-modules/chushang-module-auth/auth-service/src/main/java/com/chushang/auth/service/UserService.java @@ -65,7 +65,6 @@ public class UserService { } recordLoginInfo(username, LoginStatusEnum.LOGIN_SUCCESS, "登录成功"); loginUser.setSysUser(sysUser); - loginUser.setTenantId(sysUser.getTenantId()); return loginUser; } diff --git a/chushang-modules/chushang-module-gateway/src/main/java/com/chushang/gateway/filter/AuthFilter.java b/chushang-modules/chushang-module-gateway/src/main/java/com/chushang/gateway/filter/AuthFilter.java index 4faeea4..b61e11f 100644 --- a/chushang-modules/chushang-module-gateway/src/main/java/com/chushang/gateway/filter/AuthFilter.java +++ b/chushang-modules/chushang-module-gateway/src/main/java/com/chushang/gateway/filter/AuthFilter.java @@ -84,7 +84,6 @@ public class AuthFilter implements GlobalFilter, Ordered } String userid = JwtUtils.getUserId(claims); String username = JwtUtils.getUserName(claims); - String tenantId = JwtUtils.getTenantId(claims); if (StringUtils.isEmpty(userid) || StringUtils.isEmpty(username)) { return unauthorizedResponse(exchange, "令牌验证失败"); @@ -94,8 +93,6 @@ public class AuthFilter implements GlobalFilter, Ordered addHeader(mutate, SecurityConstants.USER_KEY, userkey); addHeader(mutate, SecurityConstants.DETAILS_USER_ID, userid); addHeader(mutate, SecurityConstants.DETAILS_USERNAME, username); - // 租户Id - addHeader(mutate, SecurityConstants.TENANT_ID, tenantId); // 内部请求来源参数清除 removeHeader(mutate); diff --git a/chushang-modules/chushang-module-system/system-feign/src/main/java/com/chushang/system/entity/po/SysConfig.java b/chushang-modules/chushang-module-system/system-feign/src/main/java/com/chushang/system/entity/po/SysConfig.java index 4d3bfcd..9eecd28 100644 --- a/chushang-modules/chushang-module-system/system-feign/src/main/java/com/chushang/system/entity/po/SysConfig.java +++ b/chushang-modules/chushang-module-system/system-feign/src/main/java/com/chushang/system/entity/po/SysConfig.java @@ -70,9 +70,4 @@ public class SysConfig extends BaseEntity @ExcelProperty(value = "修改人", index = 6) private String updateBy; - /** - * 租户Id - */ - @TableField(value = "tenant_id") - private Long tenantId; } diff --git a/chushang-modules/chushang-module-system/system-feign/src/main/java/com/chushang/system/entity/po/SysDept.java b/chushang-modules/chushang-module-system/system-feign/src/main/java/com/chushang/system/entity/po/SysDept.java index 0566138..71ee31a 100644 --- a/chushang-modules/chushang-module-system/system-feign/src/main/java/com/chushang/system/entity/po/SysDept.java +++ b/chushang-modules/chushang-module-system/system-feign/src/main/java/com/chushang/system/entity/po/SysDept.java @@ -73,9 +73,4 @@ public class SysDept extends BaseEntity ) private String updateBy; - /** - * 租户Id - */ - @TableField(value = "tenant_id") - private Long tenantId; } \ No newline at end of file diff --git a/chushang-modules/chushang-module-system/system-feign/src/main/java/com/chushang/system/entity/po/SysRole.java b/chushang-modules/chushang-module-system/system-feign/src/main/java/com/chushang/system/entity/po/SysRole.java index af3c079..65a20f5 100644 --- a/chushang-modules/chushang-module-system/system-feign/src/main/java/com/chushang/system/entity/po/SysRole.java +++ b/chushang-modules/chushang-module-system/system-feign/src/main/java/com/chushang/system/entity/po/SysRole.java @@ -120,10 +120,4 @@ public class SysRole extends BaseEntity { this.roleId = roleId; } - /** - * 租户Id - */ - @TableField(value = "tenant_id") - private Long tenantId; - } diff --git a/chushang-modules/chushang-module-system/system-feign/src/main/java/com/chushang/system/entity/po/SysTenant.java b/chushang-modules/chushang-module-system/system-feign/src/main/java/com/chushang/system/entity/po/SysTenant.java deleted file mode 100644 index 9e4f59b..0000000 --- a/chushang-modules/chushang-module-system/system-feign/src/main/java/com/chushang/system/entity/po/SysTenant.java +++ /dev/null @@ -1,55 +0,0 @@ -package com.chushang.system.entity.po; - -import com.baomidou.mybatisplus.annotation.*; -import com.chushang.common.mybatis.base.BaseEntity; -import lombok.Data; -import lombok.EqualsAndHashCode; -import lombok.experimental.Accessors; - -/** - * 租户表 - */ -@Data -@EqualsAndHashCode(callSuper = false) -@Accessors(chain = true) -@TableName("sys_tenant") -public class SysTenant extends BaseEntity { - - /** - * 租户id - */ - @TableId(value = "tenant_id", type = IdType.ASSIGN_ID) - private Long tenantId; - /** - * 租户名称 - */ - private String tenantName; - /** - * 租户状态 - */ - private Boolean status; - /** - * 租户套餐Id - */ - private Long packageId; - - /** - * 租户排序 - */ - private Integer orderNum; - /** - * 创建人角色 - */ - @TableField(updateStrategy = FieldStrategy.NOT_NULL) - private String createBy; - /** - * 修改人 - */ - @TableField(updateStrategy = FieldStrategy.NOT_NULL) - private String updateBy; - /** - * 租户套餐 - */ - @TableField(exist = false) - private SysTenantPackage tenantPackage; -} diff --git a/chushang-modules/chushang-module-system/system-feign/src/main/java/com/chushang/system/entity/po/SysTenantPackage.java b/chushang-modules/chushang-module-system/system-feign/src/main/java/com/chushang/system/entity/po/SysTenantPackage.java deleted file mode 100644 index a148d43..0000000 --- a/chushang-modules/chushang-module-system/system-feign/src/main/java/com/chushang/system/entity/po/SysTenantPackage.java +++ /dev/null @@ -1,70 +0,0 @@ -package com.chushang.system.entity.po; - -import com.baomidou.mybatisplus.annotation.*; -import com.chushang.common.mybatis.base.BaseEntity; -import lombok.Data; -import lombok.EqualsAndHashCode; -import lombok.experimental.Accessors; - -import java.time.LocalDate; -import java.time.LocalDateTime; - -/** - * 租户套餐表 - */ -@Data -@EqualsAndHashCode(callSuper = false) -@Accessors(chain = true) -@TableName("sys_tenant_package") -public class SysTenantPackage extends BaseEntity { - /** - * 套餐Id - */ - @TableId(value = "package_id", type = IdType.ASSIGN_ID) - private Long packageId; - /** - * 套餐名称 - */ - private String packageName; - /** - * 备注信息 - */ - private String remark; - /** - * 套餐开始时间 - */ - private LocalDate startDate; - /** - * 套餐结束时间 - */ - private LocalDate endDate; - /** - * 套餐排序 - */ - private Integer orderNum; - - /** - * 创建人角色 - */ - @TableField(updateStrategy = FieldStrategy.NOT_NULL) - private String createBy; - - /** - * 修改人 - */ - @TableField(updateStrategy = FieldStrategy.NOT_NULL) - private String updateBy; - - /** - * 套餐状态 - */ - private Boolean status; - - /** - * 判断租户是否在有效期 - */ - public boolean isValid(){ - LocalDate now = LocalDate.now(); - return (this.startDate.isAfter(now) && this.endDate.isBefore(now) && status); - } -} diff --git a/chushang-modules/chushang-module-system/system-feign/src/main/java/com/chushang/system/entity/po/SysUser.java b/chushang-modules/chushang-module-system/system-feign/src/main/java/com/chushang/system/entity/po/SysUser.java index 9df7802..5f3d79b 100644 --- a/chushang-modules/chushang-module-system/system-feign/src/main/java/com/chushang/system/entity/po/SysUser.java +++ b/chushang-modules/chushang-module-system/system-feign/src/main/java/com/chushang/system/entity/po/SysUser.java @@ -134,10 +134,4 @@ public class SysUser extends BaseEntity { this.userId = userId; } - /** - * 租户Id - */ - @TableField(value = "tenant_id") - private Long tenantId; - } diff --git a/chushang-modules/chushang-module-system/system-service/src/main/java/com/chushang/system/mapper/SysDeptMapper.java b/chushang-modules/chushang-module-system/system-service/src/main/java/com/chushang/system/mapper/SysDeptMapper.java index ef5d5fc..21d9873 100644 --- a/chushang-modules/chushang-module-system/system-service/src/main/java/com/chushang/system/mapper/SysDeptMapper.java +++ b/chushang-modules/chushang-module-system/system-service/src/main/java/com/chushang/system/mapper/SysDeptMapper.java @@ -4,6 +4,7 @@ import com.baomidou.mybatisplus.core.mapper.BaseMapper; import com.chushang.system.entity.dto.ListDeptDTO; import com.chushang.system.entity.po.SysDept; import org.apache.ibatis.annotations.Param; +import org.apache.ibatis.annotations.Select; import java.util.List; @@ -23,4 +24,10 @@ public interface SysDeptMapper extends BaseMapper { @Param("deptCheckStrictly") boolean deptCheckStrictly); void updateDeptChildren(@Param("depts") List depts); + + @Select("SELECT dept_id FROM sys_role_dept WHERE role_id = #{roleId}") + List listScopeDeptIdByRoleId(@Param("roleId") Long roleId); + + @Select("SELECT dept_id FROM sys_dept WHERE dept_id = #{deptId} or find_in_set( #{deptId} , ancestors )") + List listScopeDeptIdByDeptId(@Param("deptId") Long deptId); } diff --git a/chushang-modules/chushang-module-system/system-service/src/main/java/com/chushang/system/mapper/SysTenantMapper.java b/chushang-modules/chushang-module-system/system-service/src/main/java/com/chushang/system/mapper/SysTenantMapper.java deleted file mode 100644 index 2fa7965..0000000 --- a/chushang-modules/chushang-module-system/system-service/src/main/java/com/chushang/system/mapper/SysTenantMapper.java +++ /dev/null @@ -1,10 +0,0 @@ -package com.chushang.system.mapper; - -import com.baomidou.mybatisplus.core.mapper.BaseMapper; -import com.chushang.system.entity.po.SysTenant; - -/** - * 租户 - */ -public interface SysTenantMapper extends BaseMapper { -} diff --git a/chushang-modules/chushang-module-system/system-service/src/main/java/com/chushang/system/mapper/SysTenantPackageMapper.java b/chushang-modules/chushang-module-system/system-service/src/main/java/com/chushang/system/mapper/SysTenantPackageMapper.java deleted file mode 100644 index a64f089..0000000 --- a/chushang-modules/chushang-module-system/system-service/src/main/java/com/chushang/system/mapper/SysTenantPackageMapper.java +++ /dev/null @@ -1,10 +0,0 @@ -package com.chushang.system.mapper; - -import com.baomidou.mybatisplus.core.mapper.BaseMapper; -import com.chushang.system.entity.po.SysTenantPackage; - -/** - * 租户套餐 - */ -public interface SysTenantPackageMapper extends BaseMapper { -} diff --git a/chushang-modules/chushang-module-system/system-service/src/main/java/com/chushang/system/service/ISysDeptService.java b/chushang-modules/chushang-module-system/system-service/src/main/java/com/chushang/system/service/ISysDeptService.java index d048fa7..bd15aa5 100644 --- a/chushang-modules/chushang-module-system/system-service/src/main/java/com/chushang/system/service/ISysDeptService.java +++ b/chushang-modules/chushang-module-system/system-service/src/main/java/com/chushang/system/service/ISysDeptService.java @@ -6,11 +6,16 @@ import com.chushang.common.core.exception.ResultException; import com.chushang.common.core.text.Convert; import com.chushang.common.core.util.StringUtils; import com.chushang.common.mybatis.enums.Operator; +import com.chushang.datascope.constants.ScopeConstants; +import com.chushang.datascope.enums.ScopeKeyWord; import com.chushang.system.entity.dto.ListDeptDTO; import com.chushang.system.entity.po.SysDept; import com.chushang.system.entity.vo.TreeSelect; +import java.util.HashMap; import java.util.List; +import java.util.Map; +import java.util.Set; /** *

@@ -119,4 +124,8 @@ public interface ISysDeptService extends IService { } void updateDeptChildren(List children); + + List listScopeDeptIdByRoleId(Long roleId); + + List listScopeDeptIdByDeptId(Long deptId); } diff --git a/chushang-modules/chushang-module-system/system-service/src/main/java/com/chushang/system/service/ISysPermissionService.java b/chushang-modules/chushang-module-system/system-service/src/main/java/com/chushang/system/service/ISysPermissionService.java index c75334f..b0717da 100644 --- a/chushang-modules/chushang-module-system/system-service/src/main/java/com/chushang/system/service/ISysPermissionService.java +++ b/chushang-modules/chushang-module-system/system-service/src/main/java/com/chushang/system/service/ISysPermissionService.java @@ -17,21 +17,5 @@ public interface ISysPermissionService { Set getMenuPermission(SysUser sysUser); - default List getDataScopes(SysUser sysUser){ - List roles = sysUser.getRoles(); - return roles.stream().map(role -> { - String dataScope = role.getDataScope(); - Long roleId = role.getRoleId(); - Long deptId = sysUser.getDeptId(); - Long userId = sysUser.getUserId(); - Set permissions = role.getPermissions(); - return DataScopeEntity.builder() - .scope(dataScope) - .roleId(roleId) - .userId(userId) - .deptId(deptId) - .permissions(permissions) - .build(); - }).collect(Collectors.toList()); - } + List getDataScopes(SysUser sysUser); } diff --git a/chushang-modules/chushang-module-system/system-service/src/main/java/com/chushang/system/service/SysTenantPackageService.java b/chushang-modules/chushang-module-system/system-service/src/main/java/com/chushang/system/service/SysTenantPackageService.java deleted file mode 100644 index c36f0c8..0000000 --- a/chushang-modules/chushang-module-system/system-service/src/main/java/com/chushang/system/service/SysTenantPackageService.java +++ /dev/null @@ -1,7 +0,0 @@ -package com.chushang.system.service; - -import com.baomidou.mybatisplus.extension.service.IService; -import com.chushang.system.entity.po.SysTenantPackage; - -public interface SysTenantPackageService extends IService { -} diff --git a/chushang-modules/chushang-module-system/system-service/src/main/java/com/chushang/system/service/SysTenantService.java b/chushang-modules/chushang-module-system/system-service/src/main/java/com/chushang/system/service/SysTenantService.java deleted file mode 100644 index 2762419..0000000 --- a/chushang-modules/chushang-module-system/system-service/src/main/java/com/chushang/system/service/SysTenantService.java +++ /dev/null @@ -1,7 +0,0 @@ -package com.chushang.system.service; - -import com.baomidou.mybatisplus.extension.service.IService; -import com.chushang.system.entity.po.SysTenant; - -public interface SysTenantService extends IService { -} diff --git a/chushang-modules/chushang-module-system/system-service/src/main/java/com/chushang/system/service/impl/SysDeptServiceImpl.java b/chushang-modules/chushang-module-system/system-service/src/main/java/com/chushang/system/service/impl/SysDeptServiceImpl.java index fb04001..1e23e28 100644 --- a/chushang-modules/chushang-module-system/system-service/src/main/java/com/chushang/system/service/impl/SysDeptServiceImpl.java +++ b/chushang-modules/chushang-module-system/system-service/src/main/java/com/chushang/system/service/impl/SysDeptServiceImpl.java @@ -106,6 +106,16 @@ public class SysDeptServiceImpl extends ServiceImpl impl baseMapper.updateDeptChildren(children); } + @Override + public List listScopeDeptIdByRoleId(Long roleId) { + return baseMapper.listScopeDeptIdByRoleId(roleId); + } + + @Override + public List listScopeDeptIdByDeptId(Long deptId) { + return baseMapper.listScopeDeptIdByDeptId(deptId); + } + /** * 递归列表 */ diff --git a/chushang-modules/chushang-module-system/system-service/src/main/java/com/chushang/system/service/impl/SysPermissionServiceImpl.java b/chushang-modules/chushang-module-system/system-service/src/main/java/com/chushang/system/service/impl/SysPermissionServiceImpl.java index 9307f26..c13967d 100644 --- a/chushang-modules/chushang-module-system/system-service/src/main/java/com/chushang/system/service/impl/SysPermissionServiceImpl.java +++ b/chushang-modules/chushang-module-system/system-service/src/main/java/com/chushang/system/service/impl/SysPermissionServiceImpl.java @@ -1,29 +1,33 @@ package com.chushang.system.service.impl; import cn.hutool.core.collection.CollectionUtil; +import com.chushang.datascope.constants.ScopeConstants; +import com.chushang.datascope.entity.DataScopeEntity; import com.chushang.security.auth.AuthUtil; import com.chushang.system.entity.po.SysRole; import com.chushang.system.entity.po.SysUser; +import com.chushang.system.service.ISysDeptService; import com.chushang.system.service.ISysMenuService; import com.chushang.system.service.ISysPermissionService; +import lombok.RequiredArgsConstructor; import lombok.extern.slf4j.Slf4j; import org.springframework.beans.factory.annotation.Autowired; import org.springframework.stereotype.Service; -import java.util.HashSet; -import java.util.List; -import java.util.Objects; -import java.util.Set; +import javax.annotation.Resource; +import java.util.*; +import java.util.stream.Collectors; /** * @author by zhaowenyuan create 2022/8/19 09:43 */ @Slf4j @Service +@RequiredArgsConstructor public class SysPermissionServiceImpl implements ISysPermissionService { - @Autowired - private ISysMenuService menuService; + private final ISysMenuService menuService; + private final ISysDeptService deptService; @Override public Set getRolePermission(SysUser sysUser) { @@ -70,4 +74,39 @@ public class SysPermissionServiceImpl implements ISysPermissionService { return perms; } + /** + * 这个会不会慢? 因为是 for 循环 + */ + public List getDataScopes(SysUser sysUser){ + List roles = sysUser.getRoles(); + return roles.parallelStream().map(role -> { + // 用于角色 控制, + String dataScope = role.getDataScope(); + Long roleId = role.getRoleId(); + Long deptId = sysUser.getDeptId(); + Long userId = sysUser.getUserId(); + Set permissions = role.getPermissions(); + Set deptIds = new HashSet<>(); + // 需要roleId + if (ScopeConstants.DATA_SCOPE_CUSTOM.equals(dataScope)) { + List longs = deptService.listScopeDeptIdByRoleId(roleId); + deptIds.addAll(longs); + } + // 部门及以下 + else if (ScopeConstants.DATA_SCOPE_DEPT_AND_CHILD.equals(dataScope)) { + List longs = deptService.listScopeDeptIdByDeptId(deptId); + deptIds.addAll(longs); + } + // 部门 为空时, 不让其看到全部的, -1 的部门id 必定不存在 + if (CollectionUtil.isEmpty(deptIds)) deptIds.add("-1"); + return DataScopeEntity.builder() + .scope(dataScope) + .roleId(roleId) + .userId(userId) + .deptId(deptId) + .permissions(permissions) + .deptIds(deptIds) + .build(); + }).collect(Collectors.toList()); + } } diff --git a/chushang-modules/chushang-module-system/system-service/src/main/java/com/chushang/system/service/impl/SysTenantPackageServiceImpl.java b/chushang-modules/chushang-module-system/system-service/src/main/java/com/chushang/system/service/impl/SysTenantPackageServiceImpl.java deleted file mode 100644 index 13b0be5..0000000 --- a/chushang-modules/chushang-module-system/system-service/src/main/java/com/chushang/system/service/impl/SysTenantPackageServiceImpl.java +++ /dev/null @@ -1,13 +0,0 @@ -package com.chushang.system.service.impl; - -import com.baomidou.mybatisplus.extension.service.impl.ServiceImpl; -import com.chushang.system.entity.po.SysTenantPackage; -import com.chushang.system.mapper.SysTenantPackageMapper; -import com.chushang.system.service.SysTenantPackageService; -import lombok.extern.slf4j.Slf4j; -import org.springframework.stereotype.Service; - -@Slf4j -@Service -public class SysTenantPackageServiceImpl extends ServiceImpl implements SysTenantPackageService { -} diff --git a/chushang-modules/chushang-module-system/system-service/src/main/java/com/chushang/system/service/impl/SysTenantServiceImpl.java b/chushang-modules/chushang-module-system/system-service/src/main/java/com/chushang/system/service/impl/SysTenantServiceImpl.java deleted file mode 100644 index 2619be2..0000000 --- a/chushang-modules/chushang-module-system/system-service/src/main/java/com/chushang/system/service/impl/SysTenantServiceImpl.java +++ /dev/null @@ -1,13 +0,0 @@ -package com.chushang.system.service.impl; - -import com.baomidou.mybatisplus.extension.service.impl.ServiceImpl; -import com.chushang.system.entity.po.SysTenant; -import com.chushang.system.mapper.SysTenantMapper; -import com.chushang.system.service.SysTenantService; -import lombok.extern.slf4j.Slf4j; -import org.springframework.stereotype.Service; - -@Slf4j -@Service -public class SysTenantServiceImpl extends ServiceImpl implements SysTenantService { -}