权限管理

chenjiantian

2022-01-18 68fe223129de00d5370e5ab88e96be80d708a85f

 ximon-admin/src/main/java/com/sandu/ximon/admin/controller/AdminController.java

@@ -7,12 +7,15 @@
import com.baomidou.mybatisplus.core.toolkit.Wrappers;
import com.github.pagehelper.PageHelper;
import com.sandu.common.domain.ResponseVO;
import com.sandu.common.enums.AdminStatusStatus;
import com.sandu.common.enums.ResponseStatusEnums;
import com.sandu.common.execption.BusinessException;
import com.sandu.common.object.BaseConditionVO;
import com.sandu.common.security.LoginUserInfo;
import com.sandu.common.security.annotation.AnonymousAccess;
import com.sandu.common.security.config.SecurityProperties;
import com.sandu.common.security.jwt.JwtTokenProvider;
import com.sandu.common.security.token.TokenProvider;
import com.sandu.common.util.IpUtil;
import com.sandu.common.util.ResponseUtil;
import com.sandu.ximon.admin.dto.AdminJwtUser;
import com.sandu.ximon.admin.param.AdminLoginParam;
@@ -26,18 +29,13 @@
import com.sandu.ximon.dao.enums.AdministratorEnums;
import lombok.AllArgsConstructor;
import lombok.extern.slf4j.Slf4j;
import org.springframework.security.access.prepost.PreAuthorize;
import org.springframework.security.authentication.UsernamePasswordAuthenticationToken;
import org.springframework.security.core.context.SecurityContextHolder;
import org.springframework.security.core.GrantedAuthority;
import org.springframework.security.core.userdetails.UserDetails;
import org.springframework.security.crypto.password.PasswordEncoder;
import org.springframework.web.bind.annotation.*;

import java.time.LocalDateTime;
import java.util.Collections;
import java.util.HashMap;
import java.util.List;
import java.util.Map;
import java.util.*;
import java.util.stream.Collectors;

/**
@@ -48,7 +46,7 @@
@Slf4j
@RestController
@AllArgsConstructor
@RequestMapping("v1/admin")
@RequestMapping("/v1/admin")
public class AdminController {

    private final SecurityProperties properties;
@@ -56,7 +54,7 @@
    private final PasswordEncoder passwordEncoder;
    private final AdminService adminService;
    private final RoleService roleService;
    private final JwtTokenProvider tokenProvider;
    private final TokenProvider tokenProvider;


    @AnonymousAccess
@@ -69,17 +67,23 @@
        if (!passwordEncoder.matches(loginParam.getPassword(), admin.getPassword())) {
            return ResponseUtil.error(ResponseStatusEnums.BAD_CREDENTIALS.getCode(), ResponseStatusEnums.BAD_CREDENTIALS.getMessage());
        }
        UserDetails userJwtUser = new AdminJwtUser(admin, roleService.mapToGrantedAuthorities(admin.getId()));
        if(!userJwtUser.isEnabled()){
        if (AdminStatusStatus.DISABLE.getCode().equals(admin.getStatus())) {
            return ResponseUtil.error(ResponseStatusEnums.DISABLE_ACCOUNT.getCode(), ResponseStatusEnums.DISABLE_ACCOUNT.getMessage());
        }
        UsernamePasswordAuthenticationToken authentication = new UsernamePasswordAuthenticationToken(userJwtUser, AdministratorEnums.ADMIN.getCode(), userJwtUser.getAuthorities());

        SecurityContextHolder.getContext().setAuthentication(authentication);
        Collection<GrantedAuthority> grantedAuthorities = roleService.mapToGrantedAuthorities(admin.getId());

        LoginUserInfo loginUserInfo = new LoginUserInfo();
        loginUserInfo.setUserId(admin.getId());
        loginUserInfo.setName(admin.getNickName());
        loginUserInfo.setAccount(admin.getUsername());
        loginUserInfo.setStatus(admin.getStatus());
        loginUserInfo.setIp(IpUtil.getRealIp());
        loginUserInfo.setAdministratorType(AdministratorEnums.ADMIN.getCode());
        loginUserInfo.setPermission(grantedAuthorities.stream().map(GrantedAuthority::getAuthority).collect(Collectors.joining(",")));
        
        // 生成令牌
        String token = tokenProvider.createToken(authentication);
        final AdminJwtUser jwtUser = (AdminJwtUser) authentication.getPrincipal();
        String token = tokenProvider.createToken(loginUserInfo);

        // 更新最后登录时间
        Admin update = new Admin();
@@ -90,25 +94,23 @@
        // 返回 token 与 用户信息
        Map<String, Object> authInfo = new HashMap<String, Object>(2) {{
            put("token", properties.getTokenStartWith() + token);
            put("user", jwtUser);
            put("user", admin);
        }};
//        if (singleLogin) {
//            //踢掉之前已经登录的token
//            onlineUserService.checkLoginOnUser(authUser.getUsername(), token);
//        }
        return ResponseUtil.success(authInfo);
    }

    @GetMapping(value = "/info")
    public ResponseVO<Object> getUserInfo() {
        Integer administratorIdentity = SecurityUtils.getAdministratorIdentity();
        Long userId = SecurityUtils.getUserId();
        Admin admin = adminService.getById(userId);
        List<Role> roles = roleService.listByAdminId(admin.getId());
        if(CollectionUtil.isEmpty(roles)){
            return ResponseUtil.fail("用户没有角色，无法获取数据");
        }
        List<Menu> menus = menuService.listByRoleIds(roles.stream().map(Role::getId).collect(Collectors.toList()));
        MapBuilder<Object, Object> builder = MapUtil.builder().put("info", admin);
        if(CollectionUtil.isNotEmpty(menus)){
        List<Menu> collect = menus.stream().filter(menu -> menu.getType() == 0).collect(Collectors.toList());
        MapBuilder<Object, Object> builder = MapUtil.builder().put("admin", admin);
        if (CollectionUtil.isNotEmpty(menus)) {
            List<Menu> collect = menus.stream().filter(menu -> menu.getType() == 0 || menu.getType() == 1).collect(Collectors.toList());
            builder.put("menus", collect);
        }
        return ResponseUtil.success(builder.build());