admin权限

admin/src/main/java/com/kym/admin/config/StpInterfaceImpl.java

@@ -1,6 +1,9 @@
 package com.kym.admin.config;
 
 import cn.dev33.satoken.stp.StpInterface;
+import com.kym.entity.admin.vo.AdminUserVo;
+import com.kym.service.admin.AdminUserService;
+import org.springframework.stereotype.Component;
 
 import java.util.ArrayList;
 import java.util.List;
@@ -10,9 +13,14 @@ import java.util.List;
  * @description 权限控制
  * @date 2023-08-22 18:33
  */
-//@Component
+@Component
 public class StpInterfaceImpl implements StpInterface {
 
+    private final AdminUserService adminUserService;
+
+    public StpInterfaceImpl(AdminUserService adminUserService) {
+        this.adminUserService = adminUserService;
+    }
 
     /**
      * 返回一个账号所拥有的权限码集合
@@ -20,27 +28,13 @@ public class StpInterfaceImpl implements StpInterface {
     @Override
     public List<String> getPermissionList(Object userId, String loginType) {
         var permissions = new ArrayList<String>();
-
-        // 根据userId查询登录用户权限
-        permissions.add("101");
-        permissions.add("user.add");
-        permissions.add("user.update");
-        permissions.add("user.get");
-        // list.add("user.delete");
-        permissions.add("art.*");
+        adminUserService.listUserPermissions((Long) userId).stream().map(AdminUserVo::getPermissions).toList().forEach(permissions::addAll);
         return permissions;
     }
 
-    /**
-     * 返回一个账号所拥有的角色标识集合 (权限与角色可分开校验)
-     */
     @Override
     public List<String> getRoleList(Object loginId, String loginType) {
-        // 本 list 仅做模拟，实际项目中要根据具体业务逻辑来查询角色
-        var roles = new ArrayList<String>();
-        roles.add("admin");
-        roles.add("super-admin");
-        return roles;
+        return null;
     }
 
 }

admin/src/main/java/com/kym/admin/controller/AdminUserRoleController.java

@@ -9,7 +9,7 @@ import org.springframework.web.bind.annotation.RestController;
  * </p>
  *
  * @author skyline
- * @since 2023-07-12
+ * @since 2023-09-04
  */
 @RestController
 @RequestMapping("/admin-user-role")

admin/src/main/java/com/kym/admin/controller/CustomController.java

@@ -1,5 +1,6 @@
 package com.kym.admin.controller;
 
+import cn.dev33.satoken.annotation.SaCheckPermission;
 import com.kym.common.R;
 import com.kym.common.annotation.SysLog;
 import com.kym.entity.admin.queryParams.CommonQueryParam;
@@ -22,16 +23,15 @@ public class CustomController {
 
     private final UserService customUserService;
     private final ChargeOrderService customChargeOrders;
-    private final WalletDetailService customWalletDetailService;
     private final PayLogService payLogService;
 
     public CustomController(UserService customUserService, ChargeOrderService customChargeOrders, WalletDetailService customWalletDetailService, PayLogService payLogService) {
         this.customUserService = customUserService;
         this.customChargeOrders = customChargeOrders;
-        this.customWalletDetailService = customWalletDetailService;
         this.payLogService = payLogService;
     }
 
+    @SaCheckPermission("user.list")
     @SysLog("查询用户列表")
     @GetMapping("/listUser")
     public R listUser(@ModelAttribute CommonQueryParam params,

common/src/main/java/com/kym/common/constant/ResponseEnum.java

@@ -27,8 +27,9 @@ public enum ResponseEnum implements BusinessExceptionAssert {
     WX_PAY_AMOUNT_ERROR(300001,"微信支付金额异常"),
 
 
-    // 登录
+    // 登录 权限
     LOGIN_FAILED(10001, "用户名或密码错误"),
+    NO_PERMISSION(10002, "无访问权限"),
 
     // 订单
     EQUIP_CONNECTOR_ID_ERROR(20000, "设备编码错误"),

common/src/main/java/com/kym/common/handler/GlobalExceptionHandler.java

@@ -1,12 +1,15 @@
 package com.kym.common.handler;
 
 import cn.dev33.satoken.exception.NotLoginException;
+import cn.dev33.satoken.exception.NotPermissionException;
+import cn.dev33.satoken.exception.NotRoleException;
 import com.kym.common.R;
 import com.kym.common.exception.BaseException;
 import com.kym.common.exception.BusinessException;
 import com.kym.common.exception.EnPushException;
 import jakarta.validation.ConstraintViolation;
 import jakarta.validation.ConstraintViolationException;
+import jakarta.validation.ValidationException;
 import org.apache.ibatis.jdbc.Null;
 import org.slf4j.Logger;
 import org.slf4j.LoggerFactory;
@@ -21,6 +24,7 @@ import org.springframework.web.bind.annotation.RestControllerAdvice;
 import java.util.stream.Collectors;
 
 import static com.kym.common.constant.ResponseEnum.LOGIN_FAILED;
+import static com.kym.common.constant.ResponseEnum.NO_PERMISSION;
 
 /**
  * 全局异常处理
@@ -41,7 +45,7 @@ public class GlobalExceptionHandler {
     @ExceptionHandler(value = BusinessException.class)
     @ResponseBody
     public R handleBusinessException(BaseException e) {
-        LOGGER.error(e.getMessage(),e);
+        LOGGER.error(e.getMessage(), e);
         return R.failed(e.getCode(), e.getMessage());
     }
 
@@ -55,7 +59,7 @@ public class GlobalExceptionHandler {
     @ResponseBody
     public R<Null> handleBaseException(BaseException e) {
 
-        LOGGER.error(e.getMessage(),e);
+        LOGGER.error(e.getMessage(), e);
         return R.failed();
     }
 
@@ -88,7 +92,7 @@ public class GlobalExceptionHandler {
         } else {
             message = NotLoginException.DEFAULT_MESSAGE;
         }
-        LOGGER.error("登录异常:"+ message,e);
+        LOGGER.error("登录异常:" + message, e);
         return R.failed(LOGIN_FAILED.getCode(), message);
     }
 
@@ -112,7 +116,7 @@ public class GlobalExceptionHandler {
      * @param e
      * @return
      */
-    @ExceptionHandler(value = Exception.class)
+    @ExceptionHandler(value = {BindException.class, ValidationException.class})
     public R handleValidatedException(Exception e) {
         String message = "";
         if (e instanceof MethodArgumentNotValidException) {
@@ -127,9 +131,15 @@ public class GlobalExceptionHandler {
             message = ((BindException) e).getAllErrors().stream().map(ObjectError::getDefaultMessage)
                     .collect(Collectors.joining("; "));
         }
-        LOGGER.error(e.getMessage(),e);
+        LOGGER.error(e.getMessage(), e);
         return R.failed(HttpStatus.BAD_REQUEST.value(), message);
     }
 
+    @ExceptionHandler(value = {NotRoleException.class, NotPermissionException.class})
+    public R handlerException(Exception e) {
+        LOGGER.info(e.getMessage(), e);
+        return R.failed(NO_PERMISSION);
+    }
+
 
 }

entity/src/main/java/com/kym/entity/admin/AdminUser.java

@@ -2,6 +2,7 @@ package com.kym.entity.admin;
 
 import com.baomidou.mybatisplus.annotation.TableName;
 import com.fasterxml.jackson.annotation.JsonFormat;
+import com.fasterxml.jackson.annotation.JsonIgnore;
 import com.kym.entity.BaseEntity;
 import lombok.Getter;
 import lombok.Setter;
@@ -35,8 +36,9 @@ public class AdminUser extends BaseEntity implements Serializable {
     private String username;
 
     /**
-     * 密码
+     * 密码 返回前端忽略
      */
+    @JsonIgnore
     private String password;
 
     /**

entity/src/main/java/com/kym/entity/admin/AdminUserRole.java

@@ -2,24 +2,22 @@ package com.kym.entity.admin;
 
 import com.baomidou.mybatisplus.annotation.TableName;
 import com.kym.entity.BaseEntity;
+import java.io.Serializable;
 import lombok.Getter;
 import lombok.Setter;
 
-import java.io.Serializable;
-import java.time.LocalDateTime;
-
 /**
  * <p>
  * 管理平台用户角色表
  * </p>
  *
  * @author skyline
- * @since 2023-07-12
+ * @since 2023-09-04
  */
 @Getter
 @Setter
 @TableName("t_admin_user_role")
-public class AdminUserRole extends BaseEntity implements Serializable {
+public class AdminUserRole extends BaseEntity {
 
     private static final long serialVersionUID = 1L;
 
@@ -37,5 +35,4 @@ public class AdminUserRole extends BaseEntity implements Serializable {
      * 角色id
      */
     private Long roleId;
-
 }

entity/src/main/java/com/kym/entity/admin/Role.java

@@ -43,4 +43,9 @@ public class Role extends BaseEntity implements Serializable {
      */
     private String roleDesc;
 
+    /**
+     * 权限
+     */
+    private String permissions;
+
 }

entity/src/main/java/com/kym/entity/admin/vo/AdminUserVo.java

@@ -0,0 +1,73 @@
+package com.kym.entity.admin.vo;
+
+import com.fasterxml.jackson.annotation.JsonFormat;
+import com.fasterxml.jackson.annotation.JsonIgnore;
+import com.kym.entity.BaseEntity;
+import lombok.Getter;
+import lombok.Setter;
+
+import java.io.Serializable;
+import java.time.LocalDateTime;
+import java.util.Arrays;
+import java.util.List;
+
+/**
+ * @author skyline
+ * @description
+ * @date 2023-09-05 00:01
+ */
+@Getter
+@Setter
+public class AdminUserVo extends BaseEntity implements Serializable {
+    private static final long serialVersionUID = 1L;
+
+    /**
+     * 公司id
+     */
+    private Long companyId;
+
+    /**
+     * 用户名
+     */
+    private String username;
+
+    /**
+     * 密码 返回前端忽略
+     */
+    @JsonIgnore
+    private String password;
+
+    /**
+     * 昵称
+     */
+    private String nickname;
+
+    /**
+     * 手机号
+     */
+    private String mobilePhone;
+
+    /**
+     * 头像
+     */
+    private String avatar;
+
+    /**
+     * 0:禁用 1:启用
+     */
+    private Integer status;
+
+    /**
+     * 最后登录时间
+     */
+    @JsonFormat(shape = JsonFormat.Shape.STRING, pattern = "yyyy-MM-dd HH:mm:ss", timezone = "GMT+8")
+    private LocalDateTime lastLoginTime;
+
+
+    private List<String> permissions;
+
+
+    public void setPermissions(String permissionsStr) {
+        this.permissions = Arrays.asList(permissionsStr.split("\\|"));
+    }
+}

mapper/src/main/java/com/kym/mapper/admin/AdminUserMapper.java

@@ -1,7 +1,12 @@
 package com.kym.mapper.admin;
 
-import com.kym.entity.admin.AdminUser;
 import com.baomidou.mybatisplus.core.mapper.BaseMapper;
+import com.kym.entity.admin.AdminUser;
+import com.kym.entity.admin.Role;
+import com.kym.entity.admin.vo.AdminUserVo;
+import org.apache.ibatis.annotations.Param;
+
+import java.util.List;
 
 /**
  * <p>
@@ -12,5 +17,5 @@ import com.baomidou.mybatisplus.core.mapper.BaseMapper;
  * @since 2023-07-11
  */
 public interface AdminUserMapper extends BaseMapper<AdminUser> {
-
+    List<AdminUserVo> listUserPermissions(@Param("userId") Long loginId);
 }

mapper/src/main/java/com/kym/mapper/admin/AdminUserRoleMapper.java

@@ -9,7 +9,7 @@ import com.baomidou.mybatisplus.core.mapper.BaseMapper;
  * </p>
  *
  * @author skyline
- * @since 2023-07-12
+ * @since 2023-09-04
  */
 public interface AdminUserRoleMapper extends BaseMapper<AdminUserRole> {
 

mapper/src/main/resources/mappers/admin/AdminUserMapper.xml

@@ -17,9 +17,45 @@
         <result column="last_login_time" property="lastLoginTime" />
     </resultMap>
 
+    <resultMap id="AdminUserVoMap" type="com.kym.entity.admin.vo.AdminUserVo">
+        <id column="id" property="id" />
+        <result column="company_id" property="companyId" />
+        <result column="username" property="username" />
+        <result column="password" property="password" />
+        <result column="nickname" property="nickname" />
+        <result column="mobile_phone" property="mobilePhone" />
+        <result column="avatar" property="avatar" />
+        <result column="status" property="status" />
+        <result column="create_time" property="createTime" />
+        <result column="update_time" property="updateTime" />
+        <result column="last_login_time" property="lastLoginTime" />
+        <result column="permissions" property="permissions" />
+    </resultMap>
+
     <!-- 通用查询结果列 -->
     <sql id="Base_Column_List">
         id, company_id, username, password, nickname, mobile_phone, avatar, status, create_time, update_time, last_login_time
     </sql>
 
+    <select id="listUserPermissions" resultMap="AdminUserVoMap" parameterType="java.lang.Long">
+        SELECT
+            t1.*,
+            t4.role_name,
+            t4.permissions
+        FROM
+            t_admin_user t1
+                LEFT JOIN
+            (SELECT
+                 t2.admin_user_id,
+                 t3.role_name,
+                 t3.permissions
+             FROM
+                 t_admin_user_role t2
+                     LEFT JOIN t_role t3
+                               ON t2.role_id = t3.id
+             WHERE t2.admin_user_id = #{userId}) t4
+            ON t1.id = t4.admin_user_id
+        WHERE t1.id = #{userId}
+    </select>
+
 </mapper>

mapper/src/main/resources/mappers/admin/AdminUserRoleMapper.xml

@@ -4,17 +4,14 @@
 
     <!-- 通用查询映射结果 -->
     <resultMap id="BaseResultMap" type="com.kym.entity.admin.AdminUserRole">
-        <id column="id" property="id" />
         <result column="company_id" property="companyId" />
         <result column="admin_user_id" property="adminUserId" />
         <result column="role_id" property="roleId" />
-        <result column="create_time" property="createTime" />
-        <result column="update_time" property="updateTime" />
     </resultMap>
 
     <!-- 通用查询结果列 -->
     <sql id="Base_Column_List">
-        id, company_id, admin_user_id, role_id, create_time, update_time
+        company_id, admin_user_id, role_id
     </sql>
 
 </mapper>

mapper/src/main/resources/mappers/admin/RoleMapper.xml

@@ -9,13 +9,14 @@
         <result column="parent_id" property="parentId" />
         <result column="role_name" property="roleName" />
         <result column="role_desc" property="roleDesc" />
+        <result column="permissions" property="permissions" />
         <result column="create_time" property="createTime" />
         <result column="update_time" property="updateTime" />
     </resultMap>
 
     <!-- 通用查询结果列 -->
     <sql id="Base_Column_List">
-        id, company_id, parent_id, role_name, role_desc, create_time, update_time
+        id, company_id, parent_id, role_name, role_desc, permissions,create_time, update_time
     </sql>
 
 </mapper>

service/src/main/java/com/kym/service/admin/AdminUserRoleService.java

@@ -9,7 +9,7 @@ import com.baomidou.mybatisplus.extension.service.IService;
  * </p>
  *
  * @author skyline
- * @since 2023-07-12
+ * @since 2023-09-04
  */
 public interface AdminUserRoleService extends IService<AdminUserRole> {
 

service/src/main/java/com/kym/service/admin/AdminUserService.java

@@ -3,6 +3,10 @@ package com.kym.service.admin;
 import com.kym.common.R;
 import com.kym.entity.admin.AdminUser;
 import com.baomidou.mybatisplus.extension.service.IService;
+import com.kym.entity.admin.Role;
+import com.kym.entity.admin.vo.AdminUserVo;
+
+import java.util.List;
 
 /**
  * <p>
@@ -20,4 +24,5 @@ public interface AdminUserService extends IService<AdminUser> {
 
     Object profile();
 
+    List<AdminUserVo> listUserPermissions(Long loginId);
 }

service/src/main/java/com/kym/service/admin/impl/AdminUserRoleServiceImpl.java

@@ -13,10 +13,10 @@ import org.springframework.stereotype.Service;
  * </p>
  *
  * @author skyline
- * @since 2023-07-12
+ * @since 2023-09-04
  */
 @Service
-@DS("db-admin")
+@DS("db_admin")
 public class AdminUserRoleServiceImpl extends ServiceImpl<AdminUserRoleMapper, AdminUserRole> implements AdminUserRoleService {
 
 }

service/src/main/java/com/kym/service/admin/impl/AdminUserServiceImpl.java

@@ -6,13 +6,11 @@ import cn.hutool.crypto.asymmetric.RSA;
 import cn.hutool.crypto.digest.DigestAlgorithm;
 import cn.hutool.crypto.digest.Digester;
 import com.baomidou.dynamic.datasource.annotation.DS;
-import com.baomidou.mybatisplus.extension.conditions.query.QueryChainWrapper;
 import com.baomidou.mybatisplus.extension.service.impl.ServiceImpl;
 import com.kym.common.R;
 import com.kym.common.constant.ResponseEnum;
-import com.kym.common.utils.CommUtil;
 import com.kym.entity.admin.AdminUser;
-import com.kym.entity.admin.AdminUserRole;
+import com.kym.entity.admin.vo.AdminUserVo;
 import com.kym.mapper.admin.AdminUserMapper;
 import com.kym.service.admin.AdminUserRoleService;
 import com.kym.service.admin.AdminUserService;
@@ -54,7 +52,7 @@ public class AdminUserServiceImpl extends ServiceImpl<AdminUserMapper, AdminUser
     private AdminUserRoleService adminUserRoleService;
 
     @Override
-    public R login(String mobilePhone, String password) {
+    public R<?> login(String mobilePhone, String password) {
         var user = lambdaQuery().eq(AdminUser::getMobilePhone, mobilePhone).one();
         RSA rsa = new RSA(privateKey, publicKey);
         password = rsa.decryptStr(password, KeyType.PrivateKey, StandardCharsets.UTF_8);
@@ -75,7 +73,7 @@ public class AdminUserServiceImpl extends ServiceImpl<AdminUserMapper, AdminUser
     }
 
     @Override
-    public R logout(Long id) {
+    public R<?> logout(Long id) {
         return logout(id);
     }
 
@@ -86,14 +84,12 @@ public class AdminUserServiceImpl extends ServiceImpl<AdminUserMapper, AdminUser
      */
     @Override
     public Object profile() {
-        long userId = CommUtil.null2Long(StpUtil.getSession().get("userId"));
-        AdminUser user = getById(userId);
-        user.setPassword(null);
-        user.setStatus(null);
+        long userId = StpUtil.getLoginIdAsLong();
+        return listUserPermissions(userId);
+    }
 
-        QueryChainWrapper<AdminUserRole> wrapper = new QueryChainWrapper<>(AdminUserRole.class);
-        wrapper.eq("admin_user_id",userId);
-        List<AdminUserRole> list = wrapper.list();
-        return Map.of("user",user,"roles",list);
+    @Override
+    public List<AdminUserVo> listUserPermissions(Long loginId) {
+        return baseMapper.listUserPermissions(loginId);
     }
 }