From d8da1b796c0bc63c917ce7ece9f2a4da2325b394 Mon Sep 17 00:00:00 2001 From: RuoYi Date: Sat, 16 Oct 2021 18:28:38 +0800 Subject: [PATCH] =?UTF-8?q?=E4=BC=98=E5=8C=96=E6=9D=83=E9=99=90=E8=AE=A4?= =?UTF-8?q?=E8=AF=81=E6=B3=A8=E8=A7=A3?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- .../exception/auth/NotLoginException.java | 16 + .../auth/NotPermissionException.java | 23 ++ .../core/exception/auth/NotRoleException.java | 23 ++ .../common/core/utils/SecurityUtils.java | 6 +- .../common/security/annotation/Logical.java | 20 ++ .../security/annotation/PreAuthorize.java | 46 --- .../security/annotation/RequiresLogin.java | 18 + .../annotation/RequiresPermissions.java | 27 ++ .../security/annotation/RequiresRoles.java | 26 ++ .../security/aspect/PreAuthorizeAspect.java | 322 ++++++----------- .../ruoyi/common/security/auth/AuthLogic.java | 329 ++++++++++++++++++ .../ruoyi/common/security/auth/AuthUtil.java | 127 +++++++ .../handler/GlobalExceptionHandler.java | 24 +- .../ruoyi/gen/controller/GenController.java | 24 +- .../main/resources/vm/java/controller.java.vm | 14 +- .../job/controller/SysJobController.java | 18 +- .../job/controller/SysJobLogController.java | 12 +- .../controller/SysConfigController.java | 14 +- .../system/controller/SysDeptController.java | 14 +- .../controller/SysDictDataController.java | 14 +- .../controller/SysDictTypeController.java | 16 +- .../controller/SysLogininforController.java | 10 +- .../system/controller/SysMenuController.java | 12 +- .../controller/SysNoticeController.java | 12 +- .../controller/SysOperlogController.java | 10 +- .../system/controller/SysPostController.java | 14 +- .../system/controller/SysRoleController.java | 30 +- .../system/controller/SysUserController.java | 24 +- .../controller/SysUserOnlineController.java | 6 +- 29 files changed, 850 insertions(+), 401 deletions(-) create mode 100644 ruoyi-common/ruoyi-common-core/src/main/java/com/ruoyi/common/core/exception/auth/NotLoginException.java create mode 100644 ruoyi-common/ruoyi-common-core/src/main/java/com/ruoyi/common/core/exception/auth/NotPermissionException.java create mode 100644 ruoyi-common/ruoyi-common-core/src/main/java/com/ruoyi/common/core/exception/auth/NotRoleException.java create mode 100644 ruoyi-common/ruoyi-common-security/src/main/java/com/ruoyi/common/security/annotation/Logical.java delete mode 100644 ruoyi-common/ruoyi-common-security/src/main/java/com/ruoyi/common/security/annotation/PreAuthorize.java create mode 100644 ruoyi-common/ruoyi-common-security/src/main/java/com/ruoyi/common/security/annotation/RequiresLogin.java create mode 100644 ruoyi-common/ruoyi-common-security/src/main/java/com/ruoyi/common/security/annotation/RequiresPermissions.java create mode 100644 ruoyi-common/ruoyi-common-security/src/main/java/com/ruoyi/common/security/annotation/RequiresRoles.java create mode 100644 ruoyi-common/ruoyi-common-security/src/main/java/com/ruoyi/common/security/auth/AuthLogic.java create mode 100644 ruoyi-common/ruoyi-common-security/src/main/java/com/ruoyi/common/security/auth/AuthUtil.java diff --git a/ruoyi-common/ruoyi-common-core/src/main/java/com/ruoyi/common/core/exception/auth/NotLoginException.java b/ruoyi-common/ruoyi-common-core/src/main/java/com/ruoyi/common/core/exception/auth/NotLoginException.java new file mode 100644 index 000000000..eb6c3ae9e --- /dev/null +++ b/ruoyi-common/ruoyi-common-core/src/main/java/com/ruoyi/common/core/exception/auth/NotLoginException.java @@ -0,0 +1,16 @@ +package com.ruoyi.common.core.exception.auth; + +/** + * 未能通过的登录认证异常 + * + * @author ruoyi + */ +public class NotLoginException extends RuntimeException +{ + private static final long serialVersionUID = 1L; + + public NotLoginException(String message) + { + super(message); + } +} diff --git a/ruoyi-common/ruoyi-common-core/src/main/java/com/ruoyi/common/core/exception/auth/NotPermissionException.java b/ruoyi-common/ruoyi-common-core/src/main/java/com/ruoyi/common/core/exception/auth/NotPermissionException.java new file mode 100644 index 000000000..a578a42ec --- /dev/null +++ b/ruoyi-common/ruoyi-common-core/src/main/java/com/ruoyi/common/core/exception/auth/NotPermissionException.java @@ -0,0 +1,23 @@ +package com.ruoyi.common.core.exception.auth; + +import org.apache.commons.lang3.StringUtils; + +/** + * 未能通过的权限认证异常 + * + * @author ruoyi + */ +public class NotPermissionException extends RuntimeException +{ + private static final long serialVersionUID = 1L; + + public NotPermissionException(String permission) + { + super(permission); + } + + public NotPermissionException(String[] permissions) + { + super(StringUtils.join(permissions, ",")); + } +} diff --git a/ruoyi-common/ruoyi-common-core/src/main/java/com/ruoyi/common/core/exception/auth/NotRoleException.java b/ruoyi-common/ruoyi-common-core/src/main/java/com/ruoyi/common/core/exception/auth/NotRoleException.java new file mode 100644 index 000000000..d07118fba --- /dev/null +++ b/ruoyi-common/ruoyi-common-core/src/main/java/com/ruoyi/common/core/exception/auth/NotRoleException.java @@ -0,0 +1,23 @@ +package com.ruoyi.common.core.exception.auth; + +import org.apache.commons.lang3.StringUtils; + +/** + * 未能通过的角色认证异常 + * + * @author ruoyi + */ +public class NotRoleException extends RuntimeException +{ + private static final long serialVersionUID = 1L; + + public NotRoleException(String role) + { + super(role); + } + + public NotRoleException(String[] roles) + { + super(StringUtils.join(roles, ",")); + } +} diff --git a/ruoyi-common/ruoyi-common-core/src/main/java/com/ruoyi/common/core/utils/SecurityUtils.java b/ruoyi-common/ruoyi-common-core/src/main/java/com/ruoyi/common/core/utils/SecurityUtils.java index 59995d906..895610d1f 100644 --- a/ruoyi-common/ruoyi-common-core/src/main/java/com/ruoyi/common/core/utils/SecurityUtils.java +++ b/ruoyi-common/ruoyi-common-core/src/main/java/com/ruoyi/common/core/utils/SecurityUtils.java @@ -42,18 +42,20 @@ public class SecurityUtils */ public static String getToken(HttpServletRequest request) { + // 从header获取token标识 String token = request.getHeader(SecurityConstants.TOKEN_AUTHENTICATION); return replaceTokenPrefix(token); } /** - * 替换token前缀 + * 裁剪token前缀 */ public static String replaceTokenPrefix(String token) { + // 如果前端设置了令牌前缀,则裁剪掉前缀 if (StringUtils.isNotEmpty(token) && token.startsWith(SecurityConstants.TOKEN_PREFIX)) { - token = token.replace(SecurityConstants.TOKEN_PREFIX, ""); + token = token.replaceFirst(SecurityConstants.TOKEN_PREFIX, ""); } return token; } diff --git a/ruoyi-common/ruoyi-common-security/src/main/java/com/ruoyi/common/security/annotation/Logical.java b/ruoyi-common/ruoyi-common-security/src/main/java/com/ruoyi/common/security/annotation/Logical.java new file mode 100644 index 000000000..e88f56cb6 --- /dev/null +++ b/ruoyi-common/ruoyi-common-security/src/main/java/com/ruoyi/common/security/annotation/Logical.java @@ -0,0 +1,20 @@ +package com.ruoyi.common.security.annotation; + +/** + * 权限注解的验证模式 + * + * @author ruoyi + * + */ +public enum Logical +{ + /** + * 必须具有所有的元素 + */ + AND, + + /** + * 只需具有其中一个元素 + */ + OR +} diff --git a/ruoyi-common/ruoyi-common-security/src/main/java/com/ruoyi/common/security/annotation/PreAuthorize.java b/ruoyi-common/ruoyi-common-security/src/main/java/com/ruoyi/common/security/annotation/PreAuthorize.java deleted file mode 100644 index c9f10b6d3..000000000 --- a/ruoyi-common/ruoyi-common-security/src/main/java/com/ruoyi/common/security/annotation/PreAuthorize.java +++ /dev/null @@ -1,46 +0,0 @@ -package com.ruoyi.common.security.annotation; - -import java.lang.annotation.ElementType; -import java.lang.annotation.Retention; -import java.lang.annotation.RetentionPolicy; -import java.lang.annotation.Target; - -/** - * 权限注解 - * - * @author ruoyi - */ -@Target({ ElementType.TYPE, ElementType.METHOD }) -@Retention(RetentionPolicy.RUNTIME) -public @interface PreAuthorize -{ - /** - * 验证用户是否具备某权限 - */ - public String hasPermi() default ""; - - /** - * 验证用户是否不具备某权限,与 hasPermi逻辑相反 - */ - public String lacksPermi() default ""; - - /** - * 验证用户是否具有以下任意一个权限 - */ - public String[] hasAnyPermi() default {}; - - /** - * 判断用户是否拥有某个角色 - */ - public String hasRole() default ""; - - /** - * 验证用户是否不具备某角色,与 isRole逻辑相反 - */ - public String lacksRole() default ""; - - /** - * 验证用户是否具有以下任意一个角色 - */ - public String[] hasAnyRoles() default {}; -} \ No newline at end of file diff --git a/ruoyi-common/ruoyi-common-security/src/main/java/com/ruoyi/common/security/annotation/RequiresLogin.java b/ruoyi-common/ruoyi-common-security/src/main/java/com/ruoyi/common/security/annotation/RequiresLogin.java new file mode 100644 index 000000000..0910b1290 --- /dev/null +++ b/ruoyi-common/ruoyi-common-security/src/main/java/com/ruoyi/common/security/annotation/RequiresLogin.java @@ -0,0 +1,18 @@ +package com.ruoyi.common.security.annotation; + +import java.lang.annotation.ElementType; +import java.lang.annotation.Retention; +import java.lang.annotation.RetentionPolicy; +import java.lang.annotation.Target; + +/** + * 登录认证:只有登录之后才能进入该方法 + * + * @author ruoyi + * + */ +@Retention(RetentionPolicy.RUNTIME) +@Target({ ElementType.METHOD, ElementType.TYPE }) +public @interface RequiresLogin +{ +} diff --git a/ruoyi-common/ruoyi-common-security/src/main/java/com/ruoyi/common/security/annotation/RequiresPermissions.java b/ruoyi-common/ruoyi-common-security/src/main/java/com/ruoyi/common/security/annotation/RequiresPermissions.java new file mode 100644 index 000000000..4adf4df8a --- /dev/null +++ b/ruoyi-common/ruoyi-common-security/src/main/java/com/ruoyi/common/security/annotation/RequiresPermissions.java @@ -0,0 +1,27 @@ +package com.ruoyi.common.security.annotation; + +import java.lang.annotation.ElementType; +import java.lang.annotation.Retention; +import java.lang.annotation.RetentionPolicy; +import java.lang.annotation.Target; + +/** + * 权限认证:必须具有指定权限才能进入该方法 + * + * @author ruoyi + * + */ +@Retention(RetentionPolicy.RUNTIME) +@Target({ ElementType.METHOD, ElementType.TYPE }) +public @interface RequiresPermissions +{ + /** + * 需要校验的权限码 + */ + String[] value() default {}; + + /** + * 验证模式:AND | OR,默认AND + */ + Logical logical() default Logical.AND; +} diff --git a/ruoyi-common/ruoyi-common-security/src/main/java/com/ruoyi/common/security/annotation/RequiresRoles.java b/ruoyi-common/ruoyi-common-security/src/main/java/com/ruoyi/common/security/annotation/RequiresRoles.java new file mode 100644 index 000000000..546620d21 --- /dev/null +++ b/ruoyi-common/ruoyi-common-security/src/main/java/com/ruoyi/common/security/annotation/RequiresRoles.java @@ -0,0 +1,26 @@ +package com.ruoyi.common.security.annotation; + +import java.lang.annotation.ElementType; +import java.lang.annotation.Retention; +import java.lang.annotation.RetentionPolicy; +import java.lang.annotation.Target; + +/** + * 角色认证:必须具有指定角色标识才能进入该方法 + * + * @author ruoyi + */ +@Retention(RetentionPolicy.RUNTIME) +@Target({ ElementType.METHOD, ElementType.TYPE }) +public @interface RequiresRoles +{ + /** + * 需要校验的角色标识 + */ + String[] value() default {}; + + /** + * 验证逻辑:AND | OR,默认AND + */ + Logical logical() default Logical.AND; +} diff --git a/ruoyi-common/ruoyi-common-security/src/main/java/com/ruoyi/common/security/aspect/PreAuthorizeAspect.java b/ruoyi-common/ruoyi-common-security/src/main/java/com/ruoyi/common/security/aspect/PreAuthorizeAspect.java index 20e20e3fc..7877820b4 100644 --- a/ruoyi-common/ruoyi-common-security/src/main/java/com/ruoyi/common/security/aspect/PreAuthorizeAspect.java +++ b/ruoyi-common/ruoyi-common-security/src/main/java/com/ruoyi/common/security/aspect/PreAuthorizeAspect.java @@ -1,225 +1,97 @@ -package com.ruoyi.common.security.aspect; - -import java.lang.reflect.Method; -import java.util.Collection; -import org.aspectj.lang.ProceedingJoinPoint; -import org.aspectj.lang.Signature; -import org.aspectj.lang.annotation.Around; -import org.aspectj.lang.annotation.Aspect; -import org.aspectj.lang.reflect.MethodSignature; -import org.springframework.beans.factory.annotation.Autowired; -import org.springframework.stereotype.Component; -import org.springframework.util.CollectionUtils; -import org.springframework.util.PatternMatchUtils; -import com.ruoyi.common.core.exception.PreAuthorizeException; -import com.ruoyi.common.core.utils.StringUtils; -import com.ruoyi.common.security.annotation.PreAuthorize; -import com.ruoyi.common.security.service.TokenService; -import com.ruoyi.system.api.model.LoginUser; - -/** - * 自定义权限实现 - * - * @author ruoyi - */ -@Aspect -@Component -public class PreAuthorizeAspect -{ - @Autowired - private TokenService tokenService; - - /** 所有权限标识 */ - private static final String ALL_PERMISSION = "*:*:*"; - - /** 管理员角色权限标识 */ - private static final String SUPER_ADMIN = "admin"; - - /** 数组为0时 */ - private static final Integer ARRAY_EMPTY = 0; - - @Around("@annotation(com.ruoyi.common.security.annotation.PreAuthorize)") - public Object around(ProceedingJoinPoint point) throws Throwable - { - Signature signature = point.getSignature(); - MethodSignature methodSignature = (MethodSignature) signature; - Method method = methodSignature.getMethod(); - PreAuthorize annotation = method.getAnnotation(PreAuthorize.class); - if (annotation == null) - { - return point.proceed(); - } - - if (StringUtils.isNotEmpty(annotation.hasPermi())) - { - if (hasPermi(annotation.hasPermi())) - { - return point.proceed(); - } - throw new PreAuthorizeException(); - } - else if (StringUtils.isNotEmpty(annotation.lacksPermi())) - { - if (lacksPermi(annotation.lacksPermi())) - { - return point.proceed(); - } - throw new PreAuthorizeException(); - } - else if (ARRAY_EMPTY < annotation.hasAnyPermi().length) - { - if (hasAnyPermi(annotation.hasAnyPermi())) - { - return point.proceed(); - } - throw new PreAuthorizeException(); - } - else if (StringUtils.isNotEmpty(annotation.hasRole())) - { - if (hasRole(annotation.hasRole())) - { - return point.proceed(); - } - throw new PreAuthorizeException(); - } - else if (StringUtils.isNotEmpty(annotation.lacksRole())) - { - if (lacksRole(annotation.lacksRole())) - { - return point.proceed(); - } - throw new PreAuthorizeException(); - } - else if (ARRAY_EMPTY < annotation.hasAnyRoles().length) - { - if (hasAnyRoles(annotation.hasAnyRoles())) - { - return point.proceed(); - } - throw new PreAuthorizeException(); - } - - return point.proceed(); - } - - /** - * 验证用户是否具备某权限 - * - * @param permission 权限字符串 - * @return 用户是否具备某权限 - */ - public boolean hasPermi(String permission) - { - LoginUser userInfo = tokenService.getLoginUser(); - if (StringUtils.isNull(userInfo) || CollectionUtils.isEmpty(userInfo.getPermissions())) - { - return false; - } - return hasPermissions(userInfo.getPermissions(), permission); - } - - /** - * 验证用户是否不具备某权限,与 hasPermi逻辑相反 - * - * @param permission 权限字符串 - * @return 用户是否不具备某权限 - */ - public boolean lacksPermi(String permission) - { - return hasPermi(permission) != true; - } - - /** - * 验证用户是否具有以下任意一个权限 - * - * @param permissions 权限列表 - * @return 用户是否具有以下任意一个权限 - */ - public boolean hasAnyPermi(String[] permissions) - { - LoginUser userInfo = tokenService.getLoginUser(); - if (StringUtils.isNull(userInfo) || CollectionUtils.isEmpty(userInfo.getPermissions())) - { - return false; - } - Collection authorities = userInfo.getPermissions(); - for (String permission : permissions) - { - if (permission != null && hasPermissions(authorities, permission)) - { - return true; - } - } - return false; - } - - /** - * 判断用户是否拥有某个角色 - * - * @param role 角色字符串 - * @return 用户是否具备某角色 - */ - public boolean hasRole(String role) - { - LoginUser userInfo = tokenService.getLoginUser(); - if (StringUtils.isNull(userInfo) || CollectionUtils.isEmpty(userInfo.getRoles())) - { - return false; - } - for (String roleKey : userInfo.getRoles()) - { - if (SUPER_ADMIN.equals(roleKey) || roleKey.equals(role)) - { - return true; - } - } - return false; - } - - /** - * 验证用户是否不具备某角色,与 isRole逻辑相反。 - * - * @param role 角色名称 - * @return 用户是否不具备某角色 - */ - public boolean lacksRole(String role) - { - return hasRole(role) != true; - } - - /** - * 验证用户是否具有以下任意一个角色 - * - * @param roles 角色列表 - * @return 用户是否具有以下任意一个角色 - */ - public boolean hasAnyRoles(String[] roles) - { - LoginUser userInfo = tokenService.getLoginUser(); - if (StringUtils.isNull(userInfo) || CollectionUtils.isEmpty(userInfo.getRoles())) - { - return false; - } - for (String role : roles) - { - if (hasRole(role)) - { - return true; - } - } - return false; - } - - /** - * 判断是否包含权限 - * - * @param authorities 权限列表 - * @param permission 权限字符串 - * @return 用户是否具备某权限 - */ - private boolean hasPermissions(Collection authorities, String permission) - { - return authorities.stream().filter(StringUtils::hasText) - .anyMatch(x -> ALL_PERMISSION.contains(x) || PatternMatchUtils.simpleMatch(x, permission)); - } -} +package com.ruoyi.common.security.aspect; + +import java.lang.reflect.Method; +import org.aspectj.lang.ProceedingJoinPoint; +import org.aspectj.lang.annotation.Around; +import org.aspectj.lang.annotation.Aspect; +import org.aspectj.lang.annotation.Pointcut; +import org.aspectj.lang.reflect.MethodSignature; +import org.springframework.stereotype.Component; +import com.ruoyi.common.security.annotation.RequiresLogin; +import com.ruoyi.common.security.annotation.RequiresPermissions; +import com.ruoyi.common.security.annotation.RequiresRoles; +import com.ruoyi.common.security.auth.AuthUtil; + +/** + * 基于 Spring Aop 的注解鉴权 + * + * @author kong + */ +@Aspect +@Component +public class PreAuthorizeAspect +{ + /** + * 构建 + */ + public PreAuthorizeAspect() + { + } + + /** + * 定义AOP签名 (切入所有使用鉴权注解的方法) + */ + public static final String POINTCUT_SIGN = " @annotation(com.ruoyi.common.security.annotation.RequiresLogin) || " + + "@annotation(com.ruoyi.common.security.annotation.RequiresPermissions) || " + + "@annotation(com.ruoyi.common.security.annotation.RequiresRoles)"; + + /** + * 声明AOP签名 + */ + @Pointcut(POINTCUT_SIGN) + public void pointcut() + { + } + + /** + * 环绕切入 + * + * @param joinPoint 切面对象 + * @return 底层方法执行后的返回值 + * @throws Throwable 底层方法抛出的异常 + */ + @Around("pointcut()") + public Object around(ProceedingJoinPoint joinPoint) throws Throwable + { + // 注解鉴权 + MethodSignature signature = (MethodSignature) joinPoint.getSignature(); + checkMethodAnnotation(signature.getMethod()); + try + { + // 执行原有逻辑 + Object obj = joinPoint.proceed(); + return obj; + } + catch (Throwable e) + { + throw e; + } + } + + /** + * 对一个Method对象进行注解检查 + */ + public void checkMethodAnnotation(Method method) + { + // 校验 @RequiresLogin 注解 + RequiresLogin requiresLogin = method.getAnnotation(RequiresLogin.class); + if (requiresLogin != null) + { + AuthUtil.checkLogin(); + } + + // 校验 @RequiresRoles 注解 + RequiresRoles requiresRoles = method.getAnnotation(RequiresRoles.class); + if (requiresRoles != null) + { + AuthUtil.checkRole(requiresRoles); + } + + // 校验 @RequiresPermissions 注解 + RequiresPermissions requiresPermissions = method.getAnnotation(RequiresPermissions.class); + if (requiresPermissions != null) + { + AuthUtil.checkPermi(requiresPermissions); + } + } +} diff --git a/ruoyi-common/ruoyi-common-security/src/main/java/com/ruoyi/common/security/auth/AuthLogic.java b/ruoyi-common/ruoyi-common-security/src/main/java/com/ruoyi/common/security/auth/AuthLogic.java new file mode 100644 index 000000000..d17c3bccb --- /dev/null +++ b/ruoyi-common/ruoyi-common-security/src/main/java/com/ruoyi/common/security/auth/AuthLogic.java @@ -0,0 +1,329 @@ +package com.ruoyi.common.security.auth; + +import java.util.Collection; +import java.util.HashSet; +import java.util.Set; +import org.springframework.util.PatternMatchUtils; +import com.ruoyi.common.core.exception.auth.NotLoginException; +import com.ruoyi.common.core.exception.auth.NotPermissionException; +import com.ruoyi.common.core.exception.auth.NotRoleException; +import com.ruoyi.common.core.utils.SecurityUtils; +import com.ruoyi.common.core.utils.SpringUtils; +import com.ruoyi.common.core.utils.StringUtils; +import com.ruoyi.common.security.annotation.Logical; +import com.ruoyi.common.security.annotation.RequiresLogin; +import com.ruoyi.common.security.annotation.RequiresPermissions; +import com.ruoyi.common.security.annotation.RequiresRoles; +import com.ruoyi.common.security.service.TokenService; +import com.ruoyi.system.api.model.LoginUser; + +/** + * Token 权限验证,逻辑实现类 + * + * @author ruoyi + */ +public class AuthLogic +{ + /** 所有权限标识 */ + private static final String ALL_PERMISSION = "*:*:*"; + + /** 管理员角色权限标识 */ + private static final String SUPER_ADMIN = "admin"; + + public TokenService tokenService = SpringUtils.getBean(TokenService.class); + + /** + * 检验用户是否已经登录,如未登录,则抛出异常 + */ + public void checkLogin() + { + getLoginUser(); + } + + /** + * 获取当前用户缓存信息, 如果未登录,则抛出异常 + * + * @return 用户缓存信息 + */ + public LoginUser getLoginUser() + { + String token = SecurityUtils.getToken(); + if (token == null) + { + throw new NotLoginException("未提供token"); + } + LoginUser loginUser = tokenService.getLoginUser(token); + if (loginUser == null) + { + throw new NotLoginException("无效的token"); + } + return loginUser; + } + + /** + * 验证用户是否具备某权限 + * + * @param permission 权限字符串 + * @return 用户是否具备某权限 + */ + public boolean hasPermi(String permission) + { + return hasPermi(getPermiList(), permission); + } + + /** + * 验证用户是否具备某权限, 如果验证未通过,则抛出异常: NotPermissionException + * + * @param permission 权限字符串 + * @return 用户是否具备某权限 + */ + public void checkPermi(String permission) + { + if (!hasPermi(getPermiList(), permission)) + { + throw new NotPermissionException(permission); + } + } + + /** + * 根据注解(@RequiresPermissions)鉴权, 如果验证未通过,则抛出异常: NotPermissionException + * + * @param requiresPermissions 注解对象 + */ + public void checkPermi(RequiresPermissions requiresPermissions) + { + if (requiresPermissions.logical() == Logical.AND) + { + checkPermiAnd(requiresPermissions.value()); + } + else + { + checkPermiOr(requiresPermissions.value()); + } + } + + /** + * 验证用户是否含有指定权限,必须全部拥有 + * + * @param permissions 权限列表 + */ + public void checkPermiAnd(String... permissions) + { + Set permissionList = getPermiList(); + for (String permission : permissions) + { + if (!hasPermi(permissionList, permission)) + { + throw new NotPermissionException(permission); + } + } + } + + /** + * 验证用户是否含有指定权限,只需包含其中一个 + * + * @param permissions 权限码数组 + */ + public void checkPermiOr(String... permissions) + { + Set permissionList = getPermiList(); + for (String permission : permissions) + { + if (hasPermi(permissionList, permission)) + { + return; + } + } + if (permissions.length > 0) + { + throw new NotPermissionException(permissions); + } + } + + /** + * 判断用户是否拥有某个角色 + * + * @param role 角色标识 + * @return 用户是否具备某角色 + */ + public boolean hasRole(String role) + { + return hasRole(getRoleList(), role); + } + + /** + * 判断用户是否拥有某个角色, 如果验证未通过,则抛出异常: NotRoleException + * + * @param role 角色标识 + */ + public void checkRole(String role) + { + if (!hasRole(role)) + { + throw new NotRoleException(role); + } + } + + /** + * 根据注解(@RequiresRoles)鉴权 + * + * @param requiresRoles 注解对象 + */ + public void checkRole(RequiresRoles requiresRoles) + { + if (requiresRoles.logical() == Logical.AND) + { + checkRoleAnd(requiresRoles.value()); + } + else + { + checkRoleOr(requiresRoles.value()); + } + } + + /** + * 验证用户是否含有指定角色,必须全部拥有 + * + * @param roles 角色标识数组 + */ + public void checkRoleAnd(String... roles) + { + Set roleList = getRoleList(); + for (String role : roles) + { + if (!hasRole(roleList, role)) + { + throw new NotRoleException(role); + } + } + } + + /** + * 验证用户是否含有指定角色,只需包含其中一个 + * + * @param roles 角色标识数组 + */ + public void checkRoleOr(String... roles) + { + Set roleList = getRoleList(); + for (String role : roles) + { + if (hasRole(roleList, role)) + { + return; + } + } + if (roles.length > 0) + { + throw new NotRoleException(roles); + } + } + + /** + * 根据注解(@RequiresLogin)鉴权 + * + * @param at 注解对象 + */ + public void checkByAnnotation(RequiresLogin at) + { + this.checkLogin(); + } + + /** + * 根据注解(@RequiresRoles)鉴权 + * + * @param at 注解对象 + */ + public void checkByAnnotation(RequiresRoles at) + { + String[] roleArray = at.value(); + if (at.logical() == Logical.AND) + { + this.checkRoleAnd(roleArray); + } + else + { + this.checkRoleOr(roleArray); + } + } + + /** + * 根据注解(@RequiresPermissions)鉴权 + * + * @param at 注解对象 + */ + public void checkByAnnotation(RequiresPermissions at) + { + String[] permissionArray = at.value(); + if (at.logical() == Logical.AND) + { + this.checkPermiAnd(permissionArray); + } + else + { + this.checkPermiOr(permissionArray); + } + } + + /** + * 获取当前账号的角色列表 + * + * @return 角色列表 + */ + public Set getRoleList() + { + try + { + LoginUser loginUser = getLoginUser(); + return loginUser.getRoles(); + } + catch (Exception e) + { + return new HashSet<>(); + } + } + + /** + * 获取当前账号的权限列表 + * + * @return 权限列表 + */ + public Set getPermiList() + { + try + { + LoginUser loginUser = getLoginUser(); + return loginUser.getPermissions(); + } + catch (Exception e) + { + return new HashSet<>(); + } + } + + /** + * 判断是否包含权限 + * + * @param authorities 权限列表 + * @param permission 权限字符串 + * @return 用户是否具备某权限 + */ + public boolean hasPermi(Collection authorities, String permission) + { + return authorities.stream().filter(StringUtils::hasText) + .anyMatch(x -> ALL_PERMISSION.contains(x) || PatternMatchUtils.simpleMatch(x, permission)); + } + + /** + * 判断是否包含角色 + * + * @param roles 角色列表 + * @param role 角色 + * @return 用户是否具备某角色权限 + */ + public boolean hasRole(Collection roles, String role) + { + return roles.stream().filter(StringUtils::hasText) + .anyMatch(x -> SUPER_ADMIN.contains(x) || PatternMatchUtils.simpleMatch(x, role)); + } +} diff --git a/ruoyi-common/ruoyi-common-security/src/main/java/com/ruoyi/common/security/auth/AuthUtil.java b/ruoyi-common/ruoyi-common-security/src/main/java/com/ruoyi/common/security/auth/AuthUtil.java new file mode 100644 index 000000000..0ce9c75c2 --- /dev/null +++ b/ruoyi-common/ruoyi-common-security/src/main/java/com/ruoyi/common/security/auth/AuthUtil.java @@ -0,0 +1,127 @@ +package com.ruoyi.common.security.auth; + +import com.ruoyi.common.security.annotation.RequiresPermissions; +import com.ruoyi.common.security.annotation.RequiresRoles; + +/** + * Token 权限验证工具类 + * + * @author ruoyi + */ +public class AuthUtil +{ + /** + * 底层的 AuthLogic 对象 + */ + public static AuthLogic authLogic = new AuthLogic(); + + /** + * 检验当前会话是否已经登录,如未登录,则抛出异常 + */ + public static void checkLogin() + { + authLogic.checkLogin(); + } + + /** + * 当前账号是否含有指定角色标识, 返回true或false + * + * @param role 角色标识 + * @return 是否含有指定角色标识 + */ + public static boolean hasRole(String role) + { + return authLogic.hasRole(role); + } + + /** + * 当前账号是否含有指定角色标识, 如果验证未通过,则抛出异常: NotRoleException + * + * @param role 角色标识 + */ + public static void checkRole(String role) + { + authLogic.checkRole(role); + } + + /** + * 根据注解传入参数鉴权, 如果验证未通过,则抛出异常: NotRoleException + * + * @param requiresRoles 角色权限注解 + */ + public static void checkRole(RequiresRoles requiresRoles) + { + authLogic.checkRole(requiresRoles); + } + + /** + * 当前账号是否含有指定角色标识 [指定多个,必须全部验证通过] + * + * @param roles 角色标识数组 + */ + public static void checkRoleAnd(String... roles) + { + authLogic.checkRoleAnd(roles); + } + + /** + * 当前账号是否含有指定角色标识 [指定多个,只要其一验证通过即可] + * + * @param roles 角色标识数组 + */ + public static void checkRoleOr(String... roles) + { + authLogic.checkRoleOr(roles); + } + + /** + * 当前账号是否含有指定权限, 返回true或false + * + * @param permission 权限码 + * @return 是否含有指定权限 + */ + public static boolean hasPermi(String permission) + { + return authLogic.hasPermi(permission); + } + + /** + * 当前账号是否含有指定权限, 如果验证未通过,则抛出异常: NotPermissionException + * + * @param permission 权限码 + */ + public static void checkPermi(String permission) + { + authLogic.checkPermi(permission); + } + + /** + * 根据注解传入参数鉴权, 如果验证未通过,则抛出异常: NotPermissionException + * + * @param requiresPermissions 权限注解 + */ + public static void checkPermi(RequiresPermissions requiresPermissions) + { + authLogic.checkPermi(requiresPermissions); + } + + /** + * 当前账号是否含有指定权限 [指定多个,必须全部验证通过] + * + * @param permissions 权限码数组 + */ + public static void checkPermiAnd(String... permissions) + { + authLogic.checkPermiAnd(permissions); + } + + /** + * 当前账号是否含有指定权限 [指定多个,只要其一验证通过即可] + * + * @param permissions 权限码数组 + */ + public static void checkPermiOr(String... permissions) + { + authLogic.checkPermiOr(permissions); + } +} diff --git a/ruoyi-common/ruoyi-common-security/src/main/java/com/ruoyi/common/security/handler/GlobalExceptionHandler.java b/ruoyi-common/ruoyi-common-security/src/main/java/com/ruoyi/common/security/handler/GlobalExceptionHandler.java index 08792ca43..998b78f57 100644 --- a/ruoyi-common/ruoyi-common-security/src/main/java/com/ruoyi/common/security/handler/GlobalExceptionHandler.java +++ b/ruoyi-common/ruoyi-common-security/src/main/java/com/ruoyi/common/security/handler/GlobalExceptionHandler.java @@ -11,8 +11,9 @@ import org.springframework.web.bind.annotation.RestControllerAdvice; import com.ruoyi.common.core.constant.HttpStatus; import com.ruoyi.common.core.exception.DemoModeException; import com.ruoyi.common.core.exception.InnerAuthException; -import com.ruoyi.common.core.exception.PreAuthorizeException; import com.ruoyi.common.core.exception.ServiceException; +import com.ruoyi.common.core.exception.auth.NotPermissionException; +import com.ruoyi.common.core.exception.auth.NotRoleException; import com.ruoyi.common.core.utils.StringUtils; import com.ruoyi.common.core.web.domain.AjaxResult; @@ -27,14 +28,25 @@ public class GlobalExceptionHandler private static final Logger log = LoggerFactory.getLogger(GlobalExceptionHandler.class); /** - * 权限异常 + * 权限码异常 */ - @ExceptionHandler(PreAuthorizeException.class) - public AjaxResult handlePreAuthorizeException(PreAuthorizeException e, HttpServletRequest request) + @ExceptionHandler(NotPermissionException.class) + public AjaxResult handleNotPermissionException(NotPermissionException e, HttpServletRequest request) { String requestURI = request.getRequestURI(); - log.error("请求地址'{}',权限校验失败'{}'", requestURI, e.getMessage()); - return AjaxResult.error(HttpStatus.FORBIDDEN, "没有权限,请联系管理员授权"); + log.error("请求地址'{}',权限码校验失败'{}'", requestURI, e.getMessage()); + return AjaxResult.error(HttpStatus.FORBIDDEN, "没有访问权限,请联系管理员授权"); + } + + /** + * 角色权限异常 + */ + @ExceptionHandler(NotRoleException.class) + public AjaxResult handleNotRoleException(NotRoleException e, HttpServletRequest request) + { + String requestURI = request.getRequestURI(); + log.error("请求地址'{}',角色权限校验失败'{}'", requestURI, e.getMessage()); + return AjaxResult.error(HttpStatus.FORBIDDEN, "没有访问权限,请联系管理员授权"); } /** diff --git a/ruoyi-modules/ruoyi-gen/src/main/java/com/ruoyi/gen/controller/GenController.java b/ruoyi-modules/ruoyi-gen/src/main/java/com/ruoyi/gen/controller/GenController.java index 3526bd9ca..367fa4b16 100644 --- a/ruoyi-modules/ruoyi-gen/src/main/java/com/ruoyi/gen/controller/GenController.java +++ b/ruoyi-modules/ruoyi-gen/src/main/java/com/ruoyi/gen/controller/GenController.java @@ -22,7 +22,7 @@ import com.ruoyi.common.core.web.domain.AjaxResult; import com.ruoyi.common.core.web.page.TableDataInfo; import com.ruoyi.common.log.annotation.Log; import com.ruoyi.common.log.enums.BusinessType; -import com.ruoyi.common.security.annotation.PreAuthorize; +import com.ruoyi.common.security.annotation.RequiresPermissions; import com.ruoyi.gen.domain.GenTable; import com.ruoyi.gen.domain.GenTableColumn; import com.ruoyi.gen.service.IGenTableColumnService; @@ -46,7 +46,7 @@ public class GenController extends BaseController /** * 查询代码生成列表 */ - @PreAuthorize(hasPermi = "tool:gen:list") + @RequiresPermissions("tool:gen:list") @GetMapping("/list") public TableDataInfo genList(GenTable genTable) { @@ -58,7 +58,7 @@ public class GenController extends BaseController /** * 修改代码生成业务 */ - @PreAuthorize(hasPermi = "tool:gen:query") + @RequiresPermissions("tool:gen:query") @GetMapping(value = "/{talbleId}") public AjaxResult getInfo(@PathVariable Long talbleId) { @@ -75,7 +75,7 @@ public class GenController extends BaseController /** * 查询数据库列表 */ - @PreAuthorize(hasPermi = "tool:gen:list") + @RequiresPermissions("tool:gen:list") @GetMapping("/db/list") public TableDataInfo dataList(GenTable genTable) { @@ -100,7 +100,7 @@ public class GenController extends BaseController /** * 导入表结构(保存) */ - @PreAuthorize(hasPermi = "tool:gen:import") + @RequiresPermissions("tool:gen:import") @Log(title = "代码生成", businessType = BusinessType.IMPORT) @PostMapping("/importTable") public AjaxResult importTableSave(String tables) @@ -115,7 +115,7 @@ public class GenController extends BaseController /** * 修改保存代码生成业务 */ - @PreAuthorize(hasPermi = "tool:gen:edit") + @RequiresPermissions("tool:gen:edit") @Log(title = "代码生成", businessType = BusinessType.UPDATE) @PutMapping public AjaxResult editSave(@Validated @RequestBody GenTable genTable) @@ -128,7 +128,7 @@ public class GenController extends BaseController /** * 删除代码生成 */ - @PreAuthorize(hasPermi = "tool:gen:remove") + @RequiresPermissions("tool:gen:remove") @Log(title = "代码生成", businessType = BusinessType.DELETE) @DeleteMapping("/{tableIds}") public AjaxResult remove(@PathVariable Long[] tableIds) @@ -140,7 +140,7 @@ public class GenController extends BaseController /** * 预览代码 */ - @PreAuthorize(hasPermi = "tool:gen:preview") + @RequiresPermissions("tool:gen:preview") @GetMapping("/preview/{tableId}") public AjaxResult preview(@PathVariable("tableId") Long tableId) throws IOException { @@ -151,7 +151,7 @@ public class GenController extends BaseController /** * 生成代码(下载方式) */ - @PreAuthorize(hasPermi = "tool:gen:code") + @RequiresPermissions("tool:gen:code") @Log(title = "代码生成", businessType = BusinessType.GENCODE) @GetMapping("/download/{tableName}") public void download(HttpServletResponse response, @PathVariable("tableName") String tableName) throws IOException @@ -163,7 +163,7 @@ public class GenController extends BaseController /** * 生成代码(自定义路径) */ - @PreAuthorize(hasPermi = "tool:gen:code") + @RequiresPermissions("tool:gen:code") @Log(title = "代码生成", businessType = BusinessType.GENCODE) @GetMapping("/genCode/{tableName}") public AjaxResult genCode(@PathVariable("tableName") String tableName) @@ -175,7 +175,7 @@ public class GenController extends BaseController /** * 同步数据库 */ - @PreAuthorize(hasPermi = "tool:gen:edit") + @RequiresPermissions("tool:gen:edit") @Log(title = "代码生成", businessType = BusinessType.UPDATE) @GetMapping("/synchDb/{tableName}") public AjaxResult synchDb(@PathVariable("tableName") String tableName) @@ -187,7 +187,7 @@ public class GenController extends BaseController /** * 批量生成代码 */ - @PreAuthorize(hasPermi = "tool:gen:code") + @RequiresPermissions("tool:gen:code") @Log(title = "代码生成", businessType = BusinessType.GENCODE) @GetMapping("/batchGenCode") public void batchGenCode(HttpServletResponse response, String tables) throws IOException diff --git a/ruoyi-modules/ruoyi-gen/src/main/resources/vm/java/controller.java.vm b/ruoyi-modules/ruoyi-gen/src/main/resources/vm/java/controller.java.vm index 62192bd5b..bc5d9bc65 100644 --- a/ruoyi-modules/ruoyi-gen/src/main/resources/vm/java/controller.java.vm +++ b/ruoyi-modules/ruoyi-gen/src/main/resources/vm/java/controller.java.vm @@ -14,7 +14,7 @@ import org.springframework.web.bind.annotation.RequestMapping; import org.springframework.web.bind.annotation.RestController; import com.ruoyi.common.log.annotation.Log; import com.ruoyi.common.log.enums.BusinessType; -import com.ruoyi.common.security.annotation.PreAuthorize; +import com.ruoyi.common.security.annotation.RequiresPermissions; import ${packageName}.domain.${ClassName}; import ${packageName}.service.I${ClassName}Service; import com.ruoyi.common.core.web.controller.BaseController; @@ -41,7 +41,7 @@ public class ${ClassName}Controller extends BaseController /** * 查询${functionName}列表 */ - @PreAuthorize(hasPermi = "${permissionPrefix}:list") + @RequiresPermissions("${permissionPrefix}:list") @GetMapping("/list") #if($table.crud || $table.sub) public TableDataInfo list(${ClassName} ${className}) @@ -61,7 +61,7 @@ public class ${ClassName}Controller extends BaseController /** * 导出${functionName}列表 */ - @PreAuthorize(hasPermi = "${permissionPrefix}:export") + @RequiresPermissions("${permissionPrefix}:export") @Log(title = "${functionName}", businessType = BusinessType.EXPORT) @PostMapping("/export") public void export(HttpServletResponse response, ${ClassName} ${className}) throws IOException @@ -74,7 +74,7 @@ public class ${ClassName}Controller extends BaseController /** * 获取${functionName}详细信息 */ - @PreAuthorize(hasPermi = "${permissionPrefix}:query") + @RequiresPermissions("${permissionPrefix}:query") @GetMapping(value = "/{${pkColumn.javaField}}") public AjaxResult getInfo(@PathVariable("${pkColumn.javaField}") ${pkColumn.javaType} ${pkColumn.javaField}) { @@ -84,7 +84,7 @@ public class ${ClassName}Controller extends BaseController /** * 新增${functionName} */ - @PreAuthorize(hasPermi = "${permissionPrefix}:add") + @RequiresPermissions("${permissionPrefix}:add") @Log(title = "${functionName}", businessType = BusinessType.INSERT) @PostMapping public AjaxResult add(@RequestBody ${ClassName} ${className}) @@ -95,7 +95,7 @@ public class ${ClassName}Controller extends BaseController /** * 修改${functionName} */ - @PreAuthorize(hasPermi = "${permissionPrefix}:edit") + @RequiresPermissions("${permissionPrefix}:edit") @Log(title = "${functionName}", businessType = BusinessType.UPDATE) @PutMapping public AjaxResult edit(@RequestBody ${ClassName} ${className}) @@ -106,7 +106,7 @@ public class ${ClassName}Controller extends BaseController /** * 删除${functionName} */ - @PreAuthorize(hasPermi = "${permissionPrefix}:remove") + @RequiresPermissions("${permissionPrefix}:remove") @Log(title = "${functionName}", businessType = BusinessType.DELETE) @DeleteMapping("/{${pkColumn.javaField}s}") public AjaxResult remove(@PathVariable ${pkColumn.javaType}[] ${pkColumn.javaField}s) diff --git a/ruoyi-modules/ruoyi-job/src/main/java/com/ruoyi/job/controller/SysJobController.java b/ruoyi-modules/ruoyi-job/src/main/java/com/ruoyi/job/controller/SysJobController.java index c4d40eb99..7e9c32155 100644 --- a/ruoyi-modules/ruoyi-job/src/main/java/com/ruoyi/job/controller/SysJobController.java +++ b/ruoyi-modules/ruoyi-job/src/main/java/com/ruoyi/job/controller/SysJobController.java @@ -23,7 +23,7 @@ import com.ruoyi.common.core.web.domain.AjaxResult; import com.ruoyi.common.core.web.page.TableDataInfo; import com.ruoyi.common.log.annotation.Log; import com.ruoyi.common.log.enums.BusinessType; -import com.ruoyi.common.security.annotation.PreAuthorize; +import com.ruoyi.common.security.annotation.RequiresPermissions; import com.ruoyi.job.domain.SysJob; import com.ruoyi.job.service.ISysJobService; import com.ruoyi.job.util.CronUtils; @@ -43,7 +43,7 @@ public class SysJobController extends BaseController /** * 查询定时任务列表 */ - @PreAuthorize(hasPermi = "monitor:job:list") + @RequiresPermissions("monitor:job:list") @GetMapping("/list") public TableDataInfo list(SysJob sysJob) { @@ -55,7 +55,7 @@ public class SysJobController extends BaseController /** * 导出定时任务列表 */ - @PreAuthorize(hasPermi = "monitor:job:export") + @RequiresPermissions("monitor:job:export") @Log(title = "定时任务", businessType = BusinessType.EXPORT) @PostMapping("/export") public void export(HttpServletResponse response, SysJob sysJob) throws IOException @@ -68,7 +68,7 @@ public class SysJobController extends BaseController /** * 获取定时任务详细信息 */ - @PreAuthorize(hasPermi = "monitor:job:query") + @RequiresPermissions("monitor:job:query") @GetMapping(value = "/{jobId}") public AjaxResult getInfo(@PathVariable("jobId") Long jobId) { @@ -78,7 +78,7 @@ public class SysJobController extends BaseController /** * 新增定时任务 */ - @PreAuthorize(hasPermi = "monitor:job:add") + @RequiresPermissions("monitor:job:add") @Log(title = "定时任务", businessType = BusinessType.INSERT) @PostMapping public AjaxResult add(@RequestBody SysJob job) throws SchedulerException, TaskException @@ -106,7 +106,7 @@ public class SysJobController extends BaseController /** * 修改定时任务 */ - @PreAuthorize(hasPermi = "monitor:job:edit") + @RequiresPermissions("monitor:job:edit") @Log(title = "定时任务", businessType = BusinessType.UPDATE) @PutMapping public AjaxResult edit(@RequestBody SysJob job) throws SchedulerException, TaskException @@ -134,7 +134,7 @@ public class SysJobController extends BaseController /** * 定时任务状态修改 */ - @PreAuthorize(hasPermi = "monitor:job:changeStatus") + @RequiresPermissions("monitor:job:changeStatus") @Log(title = "定时任务", businessType = BusinessType.UPDATE) @PutMapping("/changeStatus") public AjaxResult changeStatus(@RequestBody SysJob job) throws SchedulerException @@ -147,7 +147,7 @@ public class SysJobController extends BaseController /** * 定时任务立即执行一次 */ - @PreAuthorize(hasPermi = "monitor:job:changeStatus") + @RequiresPermissions("monitor:job:changeStatus") @Log(title = "定时任务", businessType = BusinessType.UPDATE) @PutMapping("/run") public AjaxResult run(@RequestBody SysJob job) throws SchedulerException @@ -159,7 +159,7 @@ public class SysJobController extends BaseController /** * 删除定时任务 */ - @PreAuthorize(hasPermi = "monitor:job:remove") + @RequiresPermissions("monitor:job:remove") @Log(title = "定时任务", businessType = BusinessType.DELETE) @DeleteMapping("/{jobIds}") public AjaxResult remove(@PathVariable Long[] jobIds) throws SchedulerException, TaskException diff --git a/ruoyi-modules/ruoyi-job/src/main/java/com/ruoyi/job/controller/SysJobLogController.java b/ruoyi-modules/ruoyi-job/src/main/java/com/ruoyi/job/controller/SysJobLogController.java index 2908cf921..abe2b7f54 100644 --- a/ruoyi-modules/ruoyi-job/src/main/java/com/ruoyi/job/controller/SysJobLogController.java +++ b/ruoyi-modules/ruoyi-job/src/main/java/com/ruoyi/job/controller/SysJobLogController.java @@ -16,7 +16,7 @@ import com.ruoyi.common.core.web.domain.AjaxResult; import com.ruoyi.common.core.web.page.TableDataInfo; import com.ruoyi.common.log.annotation.Log; import com.ruoyi.common.log.enums.BusinessType; -import com.ruoyi.common.security.annotation.PreAuthorize; +import com.ruoyi.common.security.annotation.RequiresPermissions; import com.ruoyi.job.domain.SysJobLog; import com.ruoyi.job.service.ISysJobLogService; @@ -35,7 +35,7 @@ public class SysJobLogController extends BaseController /** * 查询定时任务调度日志列表 */ - @PreAuthorize(hasPermi = "monitor:job:list") + @RequiresPermissions("monitor:job:list") @GetMapping("/list") public TableDataInfo list(SysJobLog sysJobLog) { @@ -47,7 +47,7 @@ public class SysJobLogController extends BaseController /** * 导出定时任务调度日志列表 */ - @PreAuthorize(hasPermi = "monitor:job:export") + @RequiresPermissions("monitor:job:export") @Log(title = "任务调度日志", businessType = BusinessType.EXPORT) @PostMapping("/export") public void export(HttpServletResponse response, SysJobLog sysJobLog) throws IOException @@ -60,7 +60,7 @@ public class SysJobLogController extends BaseController /** * 根据调度编号获取详细信息 */ - @PreAuthorize(hasPermi = "monitor:job:query") + @RequiresPermissions("monitor:job:query") @GetMapping(value = "/{configId}") public AjaxResult getInfo(@PathVariable Long jobLogId) { @@ -70,7 +70,7 @@ public class SysJobLogController extends BaseController /** * 删除定时任务调度日志 */ - @PreAuthorize(hasPermi = "monitor:job:remove") + @RequiresPermissions("monitor:job:remove") @Log(title = "定时任务调度日志", businessType = BusinessType.DELETE) @DeleteMapping("/{jobLogIds}") public AjaxResult remove(@PathVariable Long[] jobLogIds) @@ -81,7 +81,7 @@ public class SysJobLogController extends BaseController /** * 清空定时任务调度日志 */ - @PreAuthorize(hasPermi = "monitor:job:remove") + @RequiresPermissions("monitor:job:remove") @Log(title = "调度日志", businessType = BusinessType.CLEAN) @DeleteMapping("/clean") public AjaxResult clean() diff --git a/ruoyi-modules/ruoyi-system/src/main/java/com/ruoyi/system/controller/SysConfigController.java b/ruoyi-modules/ruoyi-system/src/main/java/com/ruoyi/system/controller/SysConfigController.java index 08efa396d..2c37c96f4 100644 --- a/ruoyi-modules/ruoyi-system/src/main/java/com/ruoyi/system/controller/SysConfigController.java +++ b/ruoyi-modules/ruoyi-system/src/main/java/com/ruoyi/system/controller/SysConfigController.java @@ -21,7 +21,7 @@ import com.ruoyi.common.core.web.domain.AjaxResult; import com.ruoyi.common.core.web.page.TableDataInfo; import com.ruoyi.common.log.annotation.Log; import com.ruoyi.common.log.enums.BusinessType; -import com.ruoyi.common.security.annotation.PreAuthorize; +import com.ruoyi.common.security.annotation.RequiresPermissions; import com.ruoyi.system.domain.SysConfig; import com.ruoyi.system.service.ISysConfigService; @@ -40,7 +40,7 @@ public class SysConfigController extends BaseController /** * 获取参数配置列表 */ - @PreAuthorize(hasPermi = "system:config:list") + @RequiresPermissions("system:config:list") @GetMapping("/list") public TableDataInfo list(SysConfig config) { @@ -50,7 +50,7 @@ public class SysConfigController extends BaseController } @Log(title = "参数管理", businessType = BusinessType.EXPORT) - @PreAuthorize(hasPermi = "system:config:export") + @RequiresPermissions("system:config:export") @PostMapping("/export") public void export(HttpServletResponse response, SysConfig config) throws IOException { @@ -80,7 +80,7 @@ public class SysConfigController extends BaseController /** * 新增参数配置 */ - @PreAuthorize(hasPermi = "system:config:add") + @RequiresPermissions("system:config:add") @Log(title = "参数管理", businessType = BusinessType.INSERT) @PostMapping public AjaxResult add(@Validated @RequestBody SysConfig config) @@ -96,7 +96,7 @@ public class SysConfigController extends BaseController /** * 修改参数配置 */ - @PreAuthorize(hasPermi = "system:config:edit") + @RequiresPermissions("system:config:edit") @Log(title = "参数管理", businessType = BusinessType.UPDATE) @PutMapping public AjaxResult edit(@Validated @RequestBody SysConfig config) @@ -112,7 +112,7 @@ public class SysConfigController extends BaseController /** * 删除参数配置 */ - @PreAuthorize(hasPermi = "system:config:remove") + @RequiresPermissions("system:config:remove") @Log(title = "参数管理", businessType = BusinessType.DELETE) @DeleteMapping("/{configIds}") public AjaxResult remove(@PathVariable Long[] configIds) @@ -124,7 +124,7 @@ public class SysConfigController extends BaseController /** * 刷新参数缓存 */ - @PreAuthorize(hasPermi = "system:config:remove") + @RequiresPermissions("system:config:remove") @Log(title = "参数管理", businessType = BusinessType.CLEAN) @DeleteMapping("/refreshCache") public AjaxResult refreshCache() diff --git a/ruoyi-modules/ruoyi-system/src/main/java/com/ruoyi/system/controller/SysDeptController.java b/ruoyi-modules/ruoyi-system/src/main/java/com/ruoyi/system/controller/SysDeptController.java index 8b6a564f6..9fdb9b557 100644 --- a/ruoyi-modules/ruoyi-system/src/main/java/com/ruoyi/system/controller/SysDeptController.java +++ b/ruoyi-modules/ruoyi-system/src/main/java/com/ruoyi/system/controller/SysDeptController.java @@ -20,7 +20,7 @@ import com.ruoyi.common.core.web.controller.BaseController; import com.ruoyi.common.core.web.domain.AjaxResult; import com.ruoyi.common.log.annotation.Log; import com.ruoyi.common.log.enums.BusinessType; -import com.ruoyi.common.security.annotation.PreAuthorize; +import com.ruoyi.common.security.annotation.RequiresPermissions; import com.ruoyi.system.api.domain.SysDept; import com.ruoyi.system.service.ISysDeptService; @@ -39,7 +39,7 @@ public class SysDeptController extends BaseController /** * 获取部门列表 */ - @PreAuthorize(hasPermi = "system:dept:list") + @RequiresPermissions("system:dept:list") @GetMapping("/list") public AjaxResult list(SysDept dept) { @@ -50,7 +50,7 @@ public class SysDeptController extends BaseController /** * 查询部门列表(排除节点) */ - @PreAuthorize(hasPermi = "system:dept:list") + @RequiresPermissions("system:dept:list") @GetMapping("/list/exclude/{deptId}") public AjaxResult excludeChild(@PathVariable(value = "deptId", required = false) Long deptId) { @@ -71,7 +71,7 @@ public class SysDeptController extends BaseController /** * 根据部门编号获取详细信息 */ - @PreAuthorize(hasPermi = "system:dept:query") + @RequiresPermissions("system:dept:query") @GetMapping(value = "/{deptId}") public AjaxResult getInfo(@PathVariable Long deptId) { @@ -105,7 +105,7 @@ public class SysDeptController extends BaseController /** * 新增部门 */ - @PreAuthorize(hasPermi = "system:dept:add") + @RequiresPermissions("system:dept:add") @Log(title = "部门管理", businessType = BusinessType.INSERT) @PostMapping public AjaxResult add(@Validated @RequestBody SysDept dept) @@ -121,7 +121,7 @@ public class SysDeptController extends BaseController /** * 修改部门 */ - @PreAuthorize(hasPermi = "system:dept:edit") + @RequiresPermissions("system:dept:edit") @Log(title = "部门管理", businessType = BusinessType.UPDATE) @PutMapping public AjaxResult edit(@Validated @RequestBody SysDept dept) @@ -146,7 +146,7 @@ public class SysDeptController extends BaseController /** * 删除部门 */ - @PreAuthorize(hasPermi = "system:dept:remove") + @RequiresPermissions("system:dept:remove") @Log(title = "部门管理", businessType = BusinessType.DELETE) @DeleteMapping("/{deptId}") public AjaxResult remove(@PathVariable Long deptId) diff --git a/ruoyi-modules/ruoyi-system/src/main/java/com/ruoyi/system/controller/SysDictDataController.java b/ruoyi-modules/ruoyi-system/src/main/java/com/ruoyi/system/controller/SysDictDataController.java index b2ee73a40..b89a8702a 100644 --- a/ruoyi-modules/ruoyi-system/src/main/java/com/ruoyi/system/controller/SysDictDataController.java +++ b/ruoyi-modules/ruoyi-system/src/main/java/com/ruoyi/system/controller/SysDictDataController.java @@ -22,7 +22,7 @@ import com.ruoyi.common.core.web.domain.AjaxResult; import com.ruoyi.common.core.web.page.TableDataInfo; import com.ruoyi.common.log.annotation.Log; import com.ruoyi.common.log.enums.BusinessType; -import com.ruoyi.common.security.annotation.PreAuthorize; +import com.ruoyi.common.security.annotation.RequiresPermissions; import com.ruoyi.system.api.domain.SysDictData; import com.ruoyi.system.service.ISysDictDataService; import com.ruoyi.system.service.ISysDictTypeService; @@ -42,7 +42,7 @@ public class SysDictDataController extends BaseController @Autowired private ISysDictTypeService dictTypeService; - @PreAuthorize(hasPermi = "system:dict:list") + @RequiresPermissions("system:dict:list") @GetMapping("/list") public TableDataInfo list(SysDictData dictData) { @@ -52,7 +52,7 @@ public class SysDictDataController extends BaseController } @Log(title = "字典数据", businessType = BusinessType.EXPORT) - @PreAuthorize(hasPermi = "system:dict:export") + @RequiresPermissions("system:dict:export") @PostMapping("/export") public void export(HttpServletResponse response, SysDictData dictData) throws IOException { @@ -64,7 +64,7 @@ public class SysDictDataController extends BaseController /** * 查询字典数据详细 */ - @PreAuthorize(hasPermi = "system:dict:query") + @RequiresPermissions("system:dict:query") @GetMapping(value = "/{dictCode}") public AjaxResult getInfo(@PathVariable Long dictCode) { @@ -88,7 +88,7 @@ public class SysDictDataController extends BaseController /** * 新增字典类型 */ - @PreAuthorize(hasPermi = "system:dict:add") + @RequiresPermissions("system:dict:add") @Log(title = "字典数据", businessType = BusinessType.INSERT) @PostMapping public AjaxResult add(@Validated @RequestBody SysDictData dict) @@ -100,7 +100,7 @@ public class SysDictDataController extends BaseController /** * 修改保存字典类型 */ - @PreAuthorize(hasPermi = "system:dict:edit") + @RequiresPermissions("system:dict:edit") @Log(title = "字典数据", businessType = BusinessType.UPDATE) @PutMapping public AjaxResult edit(@Validated @RequestBody SysDictData dict) @@ -112,7 +112,7 @@ public class SysDictDataController extends BaseController /** * 删除字典类型 */ - @PreAuthorize(hasPermi = "system:dict:remove") + @RequiresPermissions("system:dict:remove") @Log(title = "字典类型", businessType = BusinessType.DELETE) @DeleteMapping("/{dictCodes}") public AjaxResult remove(@PathVariable Long[] dictCodes) diff --git a/ruoyi-modules/ruoyi-system/src/main/java/com/ruoyi/system/controller/SysDictTypeController.java b/ruoyi-modules/ruoyi-system/src/main/java/com/ruoyi/system/controller/SysDictTypeController.java index 281a0f363..060bc877e 100644 --- a/ruoyi-modules/ruoyi-system/src/main/java/com/ruoyi/system/controller/SysDictTypeController.java +++ b/ruoyi-modules/ruoyi-system/src/main/java/com/ruoyi/system/controller/SysDictTypeController.java @@ -21,7 +21,7 @@ import com.ruoyi.common.core.web.domain.AjaxResult; import com.ruoyi.common.core.web.page.TableDataInfo; import com.ruoyi.common.log.annotation.Log; import com.ruoyi.common.log.enums.BusinessType; -import com.ruoyi.common.security.annotation.PreAuthorize; +import com.ruoyi.common.security.annotation.RequiresPermissions; import com.ruoyi.system.api.domain.SysDictType; import com.ruoyi.system.service.ISysDictTypeService; @@ -37,7 +37,7 @@ public class SysDictTypeController extends BaseController @Autowired private ISysDictTypeService dictTypeService; - @PreAuthorize(hasPermi = "system:dict:list") + @RequiresPermissions("system:dict:list") @GetMapping("/list") public TableDataInfo list(SysDictType dictType) { @@ -47,7 +47,7 @@ public class SysDictTypeController extends BaseController } @Log(title = "字典类型", businessType = BusinessType.EXPORT) - @PreAuthorize(hasPermi = "system:dict:export") + @RequiresPermissions("system:dict:export") @PostMapping("/export") public void export(HttpServletResponse response, SysDictType dictType) throws IOException { @@ -59,7 +59,7 @@ public class SysDictTypeController extends BaseController /** * 查询字典类型详细 */ - @PreAuthorize(hasPermi = "system:dict:query") + @RequiresPermissions("system:dict:query") @GetMapping(value = "/{dictId}") public AjaxResult getInfo(@PathVariable Long dictId) { @@ -69,7 +69,7 @@ public class SysDictTypeController extends BaseController /** * 新增字典类型 */ - @PreAuthorize(hasPermi = "system:dict:add") + @RequiresPermissions("system:dict:add") @Log(title = "字典类型", businessType = BusinessType.INSERT) @PostMapping public AjaxResult add(@Validated @RequestBody SysDictType dict) @@ -85,7 +85,7 @@ public class SysDictTypeController extends BaseController /** * 修改字典类型 */ - @PreAuthorize(hasPermi = "system:dict:edit") + @RequiresPermissions("system:dict:edit") @Log(title = "字典类型", businessType = BusinessType.UPDATE) @PutMapping public AjaxResult edit(@Validated @RequestBody SysDictType dict) @@ -101,7 +101,7 @@ public class SysDictTypeController extends BaseController /** * 删除字典类型 */ - @PreAuthorize(hasPermi = "system:dict:remove") + @RequiresPermissions("system:dict:remove") @Log(title = "字典类型", businessType = BusinessType.DELETE) @DeleteMapping("/{dictIds}") public AjaxResult remove(@PathVariable Long[] dictIds) @@ -113,7 +113,7 @@ public class SysDictTypeController extends BaseController /** * 刷新字典缓存 */ - @PreAuthorize(hasPermi = "system:dict:remove") + @RequiresPermissions("system:dict:remove") @Log(title = "字典类型", businessType = BusinessType.CLEAN) @DeleteMapping("/refreshCache") public AjaxResult refreshCache() diff --git a/ruoyi-modules/ruoyi-system/src/main/java/com/ruoyi/system/controller/SysLogininforController.java b/ruoyi-modules/ruoyi-system/src/main/java/com/ruoyi/system/controller/SysLogininforController.java index 26863d9bf..0b890631d 100644 --- a/ruoyi-modules/ruoyi-system/src/main/java/com/ruoyi/system/controller/SysLogininforController.java +++ b/ruoyi-modules/ruoyi-system/src/main/java/com/ruoyi/system/controller/SysLogininforController.java @@ -18,7 +18,7 @@ import com.ruoyi.common.core.web.page.TableDataInfo; import com.ruoyi.common.log.annotation.Log; import com.ruoyi.common.log.enums.BusinessType; import com.ruoyi.common.security.annotation.InnerAuth; -import com.ruoyi.common.security.annotation.PreAuthorize; +import com.ruoyi.common.security.annotation.RequiresPermissions; import com.ruoyi.system.api.domain.SysLogininfor; import com.ruoyi.system.service.ISysLogininforService; @@ -34,7 +34,7 @@ public class SysLogininforController extends BaseController @Autowired private ISysLogininforService logininforService; - @PreAuthorize(hasPermi = "system:logininfor:list") + @RequiresPermissions("system:logininfor:list") @GetMapping("/list") public TableDataInfo list(SysLogininfor logininfor) { @@ -44,7 +44,7 @@ public class SysLogininforController extends BaseController } @Log(title = "登录日志", businessType = BusinessType.EXPORT) - @PreAuthorize(hasPermi = "system:logininfor:export") + @RequiresPermissions("system:logininfor:export") @PostMapping("/export") public void export(HttpServletResponse response, SysLogininfor logininfor) throws IOException { @@ -53,7 +53,7 @@ public class SysLogininforController extends BaseController util.exportExcel(response, list, "登录日志"); } - @PreAuthorize(hasPermi = "system:logininfor:remove") + @RequiresPermissions("system:logininfor:remove") @Log(title = "登录日志", businessType = BusinessType.DELETE) @DeleteMapping("/{infoIds}") public AjaxResult remove(@PathVariable Long[] infoIds) @@ -61,7 +61,7 @@ public class SysLogininforController extends BaseController return toAjax(logininforService.deleteLogininforByIds(infoIds)); } - @PreAuthorize(hasPermi = "system:logininfor:remove") + @RequiresPermissions("system:logininfor:remove") @Log(title = "登录日志", businessType = BusinessType.DELETE) @DeleteMapping("/clean") public AjaxResult clean() diff --git a/ruoyi-modules/ruoyi-system/src/main/java/com/ruoyi/system/controller/SysMenuController.java b/ruoyi-modules/ruoyi-system/src/main/java/com/ruoyi/system/controller/SysMenuController.java index a8be08ea1..835795732 100644 --- a/ruoyi-modules/ruoyi-system/src/main/java/com/ruoyi/system/controller/SysMenuController.java +++ b/ruoyi-modules/ruoyi-system/src/main/java/com/ruoyi/system/controller/SysMenuController.java @@ -18,7 +18,7 @@ import com.ruoyi.common.core.web.controller.BaseController; import com.ruoyi.common.core.web.domain.AjaxResult; import com.ruoyi.common.log.annotation.Log; import com.ruoyi.common.log.enums.BusinessType; -import com.ruoyi.common.security.annotation.PreAuthorize; +import com.ruoyi.common.security.annotation.RequiresPermissions; import com.ruoyi.system.domain.SysMenu; import com.ruoyi.system.service.ISysMenuService; @@ -37,7 +37,7 @@ public class SysMenuController extends BaseController /** * 获取菜单列表 */ - @PreAuthorize(hasPermi = "system:menu:list") + @RequiresPermissions("system:menu:list") @GetMapping("/list") public AjaxResult list(SysMenu menu) { @@ -49,7 +49,7 @@ public class SysMenuController extends BaseController /** * 根据菜单编号获取详细信息 */ - @PreAuthorize(hasPermi = "system:menu:query") + @RequiresPermissions("system:menu:query") @GetMapping(value = "/{menuId}") public AjaxResult getInfo(@PathVariable Long menuId) { @@ -84,7 +84,7 @@ public class SysMenuController extends BaseController /** * 新增菜单 */ - @PreAuthorize(hasPermi = "system:menu:add") + @RequiresPermissions("system:menu:add") @Log(title = "菜单管理", businessType = BusinessType.INSERT) @PostMapping public AjaxResult add(@Validated @RequestBody SysMenu menu) @@ -104,7 +104,7 @@ public class SysMenuController extends BaseController /** * 修改菜单 */ - @PreAuthorize(hasPermi = "system:menu:edit") + @RequiresPermissions("system:menu:edit") @Log(title = "菜单管理", businessType = BusinessType.UPDATE) @PutMapping public AjaxResult edit(@Validated @RequestBody SysMenu menu) @@ -128,7 +128,7 @@ public class SysMenuController extends BaseController /** * 删除菜单 */ - @PreAuthorize(hasPermi = "system:menu:remove") + @RequiresPermissions("system:menu:remove") @Log(title = "菜单管理", businessType = BusinessType.DELETE) @DeleteMapping("/{menuId}") public AjaxResult remove(@PathVariable("menuId") Long menuId) diff --git a/ruoyi-modules/ruoyi-system/src/main/java/com/ruoyi/system/controller/SysNoticeController.java b/ruoyi-modules/ruoyi-system/src/main/java/com/ruoyi/system/controller/SysNoticeController.java index 9b19c5222..d7cae018a 100644 --- a/ruoyi-modules/ruoyi-system/src/main/java/com/ruoyi/system/controller/SysNoticeController.java +++ b/ruoyi-modules/ruoyi-system/src/main/java/com/ruoyi/system/controller/SysNoticeController.java @@ -17,7 +17,7 @@ import com.ruoyi.common.core.web.domain.AjaxResult; import com.ruoyi.common.core.web.page.TableDataInfo; import com.ruoyi.common.log.annotation.Log; import com.ruoyi.common.log.enums.BusinessType; -import com.ruoyi.common.security.annotation.PreAuthorize; +import com.ruoyi.common.security.annotation.RequiresPermissions; import com.ruoyi.system.domain.SysNotice; import com.ruoyi.system.service.ISysNoticeService; @@ -36,7 +36,7 @@ public class SysNoticeController extends BaseController /** * 获取通知公告列表 */ - @PreAuthorize(hasPermi = "system:notice:list") + @RequiresPermissions("system:notice:list") @GetMapping("/list") public TableDataInfo list(SysNotice notice) { @@ -48,7 +48,7 @@ public class SysNoticeController extends BaseController /** * 根据通知公告编号获取详细信息 */ - @PreAuthorize(hasPermi = "system:notice:query") + @RequiresPermissions("system:notice:query") @GetMapping(value = "/{noticeId}") public AjaxResult getInfo(@PathVariable Long noticeId) { @@ -58,7 +58,7 @@ public class SysNoticeController extends BaseController /** * 新增通知公告 */ - @PreAuthorize(hasPermi = "system:notice:add") + @RequiresPermissions("system:notice:add") @Log(title = "通知公告", businessType = BusinessType.INSERT) @PostMapping public AjaxResult add(@Validated @RequestBody SysNotice notice) @@ -70,7 +70,7 @@ public class SysNoticeController extends BaseController /** * 修改通知公告 */ - @PreAuthorize(hasPermi = "system:notice:edit") + @RequiresPermissions("system:notice:edit") @Log(title = "通知公告", businessType = BusinessType.UPDATE) @PutMapping public AjaxResult edit(@Validated @RequestBody SysNotice notice) @@ -82,7 +82,7 @@ public class SysNoticeController extends BaseController /** * 删除通知公告 */ - @PreAuthorize(hasPermi = "system:notice:remove") + @RequiresPermissions("system:notice:remove") @Log(title = "通知公告", businessType = BusinessType.DELETE) @DeleteMapping("/{noticeIds}") public AjaxResult remove(@PathVariable Long[] noticeIds) diff --git a/ruoyi-modules/ruoyi-system/src/main/java/com/ruoyi/system/controller/SysOperlogController.java b/ruoyi-modules/ruoyi-system/src/main/java/com/ruoyi/system/controller/SysOperlogController.java index 2c81c8ead..e3babe6d7 100644 --- a/ruoyi-modules/ruoyi-system/src/main/java/com/ruoyi/system/controller/SysOperlogController.java +++ b/ruoyi-modules/ruoyi-system/src/main/java/com/ruoyi/system/controller/SysOperlogController.java @@ -18,7 +18,7 @@ import com.ruoyi.common.core.web.page.TableDataInfo; import com.ruoyi.common.log.annotation.Log; import com.ruoyi.common.log.enums.BusinessType; import com.ruoyi.common.security.annotation.InnerAuth; -import com.ruoyi.common.security.annotation.PreAuthorize; +import com.ruoyi.common.security.annotation.RequiresPermissions; import com.ruoyi.system.api.domain.SysOperLog; import com.ruoyi.system.service.ISysOperLogService; @@ -34,7 +34,7 @@ public class SysOperlogController extends BaseController @Autowired private ISysOperLogService operLogService; - @PreAuthorize(hasPermi = "system:operlog:list") + @RequiresPermissions("system:operlog:list") @GetMapping("/list") public TableDataInfo list(SysOperLog operLog) { @@ -44,7 +44,7 @@ public class SysOperlogController extends BaseController } @Log(title = "操作日志", businessType = BusinessType.EXPORT) - @PreAuthorize(hasPermi = "system:operlog:export") + @RequiresPermissions("system:operlog:export") @PostMapping("/export") public void export(HttpServletResponse response, SysOperLog operLog) throws IOException { @@ -54,14 +54,14 @@ public class SysOperlogController extends BaseController } @Log(title = "操作日志", businessType = BusinessType.DELETE) - @PreAuthorize(hasPermi = "system:operlog:remove") + @RequiresPermissions("system:operlog:remove") @DeleteMapping("/{operIds}") public AjaxResult remove(@PathVariable Long[] operIds) { return toAjax(operLogService.deleteOperLogByIds(operIds)); } - @PreAuthorize(hasPermi = "system:operlog:remove") + @RequiresPermissions("system:operlog:remove") @Log(title = "操作日志", businessType = BusinessType.CLEAN) @DeleteMapping("/clean") public AjaxResult clean() diff --git a/ruoyi-modules/ruoyi-system/src/main/java/com/ruoyi/system/controller/SysPostController.java b/ruoyi-modules/ruoyi-system/src/main/java/com/ruoyi/system/controller/SysPostController.java index 6da7a1dad..0ddd1c306 100644 --- a/ruoyi-modules/ruoyi-system/src/main/java/com/ruoyi/system/controller/SysPostController.java +++ b/ruoyi-modules/ruoyi-system/src/main/java/com/ruoyi/system/controller/SysPostController.java @@ -21,7 +21,7 @@ import com.ruoyi.common.core.web.domain.AjaxResult; import com.ruoyi.common.core.web.page.TableDataInfo; import com.ruoyi.common.log.annotation.Log; import com.ruoyi.common.log.enums.BusinessType; -import com.ruoyi.common.security.annotation.PreAuthorize; +import com.ruoyi.common.security.annotation.RequiresPermissions; import com.ruoyi.system.domain.SysPost; import com.ruoyi.system.service.ISysPostService; @@ -40,7 +40,7 @@ public class SysPostController extends BaseController /** * 获取岗位列表 */ - @PreAuthorize(hasPermi = "system:post:list") + @RequiresPermissions("system:post:list") @GetMapping("/list") public TableDataInfo list(SysPost post) { @@ -50,7 +50,7 @@ public class SysPostController extends BaseController } @Log(title = "岗位管理", businessType = BusinessType.EXPORT) - @PreAuthorize(hasPermi = "system:post:export") + @RequiresPermissions("system:post:export") @PostMapping("/export") public void export(HttpServletResponse response, SysPost post) throws IOException { @@ -62,7 +62,7 @@ public class SysPostController extends BaseController /** * 根据岗位编号获取详细信息 */ - @PreAuthorize(hasPermi = "system:post:query") + @RequiresPermissions("system:post:query") @GetMapping(value = "/{postId}") public AjaxResult getInfo(@PathVariable Long postId) { @@ -72,7 +72,7 @@ public class SysPostController extends BaseController /** * 新增岗位 */ - @PreAuthorize(hasPermi = "system:post:add") + @RequiresPermissions("system:post:add") @Log(title = "岗位管理", businessType = BusinessType.INSERT) @PostMapping public AjaxResult add(@Validated @RequestBody SysPost post) @@ -92,7 +92,7 @@ public class SysPostController extends BaseController /** * 修改岗位 */ - @PreAuthorize(hasPermi = "system:post:edit") + @RequiresPermissions("system:post:edit") @Log(title = "岗位管理", businessType = BusinessType.UPDATE) @PutMapping public AjaxResult edit(@Validated @RequestBody SysPost post) @@ -112,7 +112,7 @@ public class SysPostController extends BaseController /** * 删除岗位 */ - @PreAuthorize(hasPermi = "system:post:remove") + @RequiresPermissions("system:post:remove") @Log(title = "岗位管理", businessType = BusinessType.DELETE) @DeleteMapping("/{postIds}") public AjaxResult remove(@PathVariable Long[] postIds) diff --git a/ruoyi-modules/ruoyi-system/src/main/java/com/ruoyi/system/controller/SysRoleController.java b/ruoyi-modules/ruoyi-system/src/main/java/com/ruoyi/system/controller/SysRoleController.java index 3c75107c1..0fc42058e 100644 --- a/ruoyi-modules/ruoyi-system/src/main/java/com/ruoyi/system/controller/SysRoleController.java +++ b/ruoyi-modules/ruoyi-system/src/main/java/com/ruoyi/system/controller/SysRoleController.java @@ -21,7 +21,7 @@ import com.ruoyi.common.core.web.domain.AjaxResult; import com.ruoyi.common.core.web.page.TableDataInfo; import com.ruoyi.common.log.annotation.Log; import com.ruoyi.common.log.enums.BusinessType; -import com.ruoyi.common.security.annotation.PreAuthorize; +import com.ruoyi.common.security.annotation.RequiresPermissions; import com.ruoyi.system.api.domain.SysRole; import com.ruoyi.system.api.domain.SysUser; import com.ruoyi.system.domain.SysUserRole; @@ -43,7 +43,7 @@ public class SysRoleController extends BaseController @Autowired private ISysUserService userService; - @PreAuthorize(hasPermi = "system:role:list") + @RequiresPermissions("system:role:list") @GetMapping("/list") public TableDataInfo list(SysRole role) { @@ -53,7 +53,7 @@ public class SysRoleController extends BaseController } @Log(title = "角色管理", businessType = BusinessType.EXPORT) - @PreAuthorize(hasPermi = "system:role:export") + @RequiresPermissions("system:role:export") @PostMapping("/export") public void export(HttpServletResponse response, SysRole role) throws IOException { @@ -65,7 +65,7 @@ public class SysRoleController extends BaseController /** * 根据角色编号获取详细信息 */ - @PreAuthorize(hasPermi = "system:role:query") + @RequiresPermissions("system:role:query") @GetMapping(value = "/{roleId}") public AjaxResult getInfo(@PathVariable Long roleId) { @@ -76,7 +76,7 @@ public class SysRoleController extends BaseController /** * 新增角色 */ - @PreAuthorize(hasPermi = "system:role:add") + @RequiresPermissions("system:role:add") @Log(title = "角色管理", businessType = BusinessType.INSERT) @PostMapping public AjaxResult add(@Validated @RequestBody SysRole role) @@ -97,7 +97,7 @@ public class SysRoleController extends BaseController /** * 修改保存角色 */ - @PreAuthorize(hasPermi = "system:role:edit") + @RequiresPermissions("system:role:edit") @Log(title = "角色管理", businessType = BusinessType.UPDATE) @PutMapping public AjaxResult edit(@Validated @RequestBody SysRole role) @@ -118,7 +118,7 @@ public class SysRoleController extends BaseController /** * 修改保存数据权限 */ - @PreAuthorize(hasPermi = "system:role:edit") + @RequiresPermissions("system:role:edit") @Log(title = "角色管理", businessType = BusinessType.UPDATE) @PutMapping("/dataScope") public AjaxResult dataScope(@RequestBody SysRole role) @@ -130,7 +130,7 @@ public class SysRoleController extends BaseController /** * 状态修改 */ - @PreAuthorize(hasPermi = "system:role:edit") + @RequiresPermissions("system:role:edit") @Log(title = "角色管理", businessType = BusinessType.UPDATE) @PutMapping("/changeStatus") public AjaxResult changeStatus(@RequestBody SysRole role) @@ -143,7 +143,7 @@ public class SysRoleController extends BaseController /** * 删除角色 */ - @PreAuthorize(hasPermi = "system:role:remove") + @RequiresPermissions("system:role:remove") @Log(title = "角色管理", businessType = BusinessType.DELETE) @DeleteMapping("/{roleIds}") public AjaxResult remove(@PathVariable Long[] roleIds) @@ -154,7 +154,7 @@ public class SysRoleController extends BaseController /** * 获取角色选择框列表 */ - @PreAuthorize(hasPermi = "system:role:query") + @RequiresPermissions("system:role:query") @GetMapping("/optionselect") public AjaxResult optionselect() { @@ -163,7 +163,7 @@ public class SysRoleController extends BaseController /** * 查询已分配用户角色列表 */ - @PreAuthorize(hasPermi = "system:role:list") + @RequiresPermissions("system:role:list") @GetMapping("/authUser/allocatedList") public TableDataInfo allocatedList(SysUser user) { @@ -175,7 +175,7 @@ public class SysRoleController extends BaseController /** * 查询未分配用户角色列表 */ - @PreAuthorize(hasPermi = "system:role:list") + @RequiresPermissions("system:role:list") @GetMapping("/authUser/unallocatedList") public TableDataInfo unallocatedList(SysUser user) { @@ -187,7 +187,7 @@ public class SysRoleController extends BaseController /** * 取消授权用户 */ - @PreAuthorize(hasPermi = "system:role:edit") + @RequiresPermissions("system:role:edit") @Log(title = "角色管理", businessType = BusinessType.GRANT) @PutMapping("/authUser/cancel") public AjaxResult cancelAuthUser(@RequestBody SysUserRole userRole) @@ -198,7 +198,7 @@ public class SysRoleController extends BaseController /** * 批量取消授权用户 */ - @PreAuthorize(hasPermi = "system:role:edit") + @RequiresPermissions("system:role:edit") @Log(title = "角色管理", businessType = BusinessType.GRANT) @PutMapping("/authUser/cancelAll") public AjaxResult cancelAuthUserAll(Long roleId, Long[] userIds) @@ -209,7 +209,7 @@ public class SysRoleController extends BaseController /** * 批量选择用户授权 */ - @PreAuthorize(hasPermi = "system:role:edit") + @RequiresPermissions("system:role:edit") @Log(title = "角色管理", businessType = BusinessType.GRANT) @PutMapping("/authUser/selectAll") public AjaxResult selectAuthUserAll(Long roleId, Long[] userIds) diff --git a/ruoyi-modules/ruoyi-system/src/main/java/com/ruoyi/system/controller/SysUserController.java b/ruoyi-modules/ruoyi-system/src/main/java/com/ruoyi/system/controller/SysUserController.java index 753b5ab7d..3e7c05b8a 100644 --- a/ruoyi-modules/ruoyi-system/src/main/java/com/ruoyi/system/controller/SysUserController.java +++ b/ruoyi-modules/ruoyi-system/src/main/java/com/ruoyi/system/controller/SysUserController.java @@ -28,7 +28,7 @@ import com.ruoyi.common.core.web.page.TableDataInfo; import com.ruoyi.common.log.annotation.Log; import com.ruoyi.common.log.enums.BusinessType; import com.ruoyi.common.security.annotation.InnerAuth; -import com.ruoyi.common.security.annotation.PreAuthorize; +import com.ruoyi.common.security.annotation.RequiresPermissions; import com.ruoyi.system.api.domain.SysRole; import com.ruoyi.system.api.domain.SysUser; import com.ruoyi.system.api.model.LoginUser; @@ -65,7 +65,7 @@ public class SysUserController extends BaseController /** * 获取用户列表 */ - @PreAuthorize(hasPermi = "system:user:list") + @RequiresPermissions("system:user:list") @GetMapping("/list") public TableDataInfo list(SysUser user) { @@ -75,7 +75,7 @@ public class SysUserController extends BaseController } @Log(title = "用户管理", businessType = BusinessType.EXPORT) - @PreAuthorize(hasPermi = "system:user:export") + @RequiresPermissions("system:user:export") @PostMapping("/export") public void export(HttpServletResponse response, SysUser user) throws IOException { @@ -85,7 +85,7 @@ public class SysUserController extends BaseController } @Log(title = "用户管理", businessType = BusinessType.IMPORT) - @PreAuthorize(hasPermi = "system:user:import") + @RequiresPermissions("system:user:import") @PostMapping("/importData") public AjaxResult importData(MultipartFile file, boolean updateSupport) throws Exception { @@ -168,7 +168,7 @@ public class SysUserController extends BaseController /** * 根据用户编号获取详细信息 */ - @PreAuthorize(hasPermi = "system:user:query") + @RequiresPermissions("system:user:query") @GetMapping(value = { "/", "/{userId}" }) public AjaxResult getInfo(@PathVariable(value = "userId", required = false) Long userId) { @@ -189,7 +189,7 @@ public class SysUserController extends BaseController /** * 新增用户 */ - @PreAuthorize(hasPermi = "system:user:add") + @RequiresPermissions("system:user:add") @Log(title = "用户管理", businessType = BusinessType.INSERT) @PostMapping public AjaxResult add(@Validated @RequestBody SysUser user) @@ -216,7 +216,7 @@ public class SysUserController extends BaseController /** * 修改用户 */ - @PreAuthorize(hasPermi = "system:user:edit") + @RequiresPermissions("system:user:edit") @Log(title = "用户管理", businessType = BusinessType.UPDATE) @PutMapping public AjaxResult edit(@Validated @RequestBody SysUser user) @@ -239,7 +239,7 @@ public class SysUserController extends BaseController /** * 删除用户 */ - @PreAuthorize(hasPermi = "system:user:remove") + @RequiresPermissions("system:user:remove") @Log(title = "用户管理", businessType = BusinessType.DELETE) @DeleteMapping("/{userIds}") public AjaxResult remove(@PathVariable Long[] userIds) @@ -254,7 +254,7 @@ public class SysUserController extends BaseController /** * 重置密码 */ - @PreAuthorize(hasPermi = "system:user:edit") + @RequiresPermissions("system:user:edit") @Log(title = "用户管理", businessType = BusinessType.UPDATE) @PutMapping("/resetPwd") public AjaxResult resetPwd(@RequestBody SysUser user) @@ -268,7 +268,7 @@ public class SysUserController extends BaseController /** * 状态修改 */ - @PreAuthorize(hasPermi = "system:user:edit") + @RequiresPermissions("system:user:edit") @Log(title = "用户管理", businessType = BusinessType.UPDATE) @PutMapping("/changeStatus") public AjaxResult changeStatus(@RequestBody SysUser user) @@ -281,7 +281,7 @@ public class SysUserController extends BaseController /** * 根据用户编号获取授权角色 */ - @PreAuthorize(hasPermi = "system:user:query") + @RequiresPermissions("system:user:query") @GetMapping("/authRole/{userId}") public AjaxResult authRole(@PathVariable("userId") Long userId) { @@ -296,7 +296,7 @@ public class SysUserController extends BaseController /** * 用户授权角色 */ - @PreAuthorize(hasPermi = "system:user:edit") + @RequiresPermissions("system:user:edit") @Log(title = "用户管理", businessType = BusinessType.GRANT) @PutMapping("/authRole") public AjaxResult insertAuthRole(Long userId, Long[] roleIds) diff --git a/ruoyi-modules/ruoyi-system/src/main/java/com/ruoyi/system/controller/SysUserOnlineController.java b/ruoyi-modules/ruoyi-system/src/main/java/com/ruoyi/system/controller/SysUserOnlineController.java index 747e6714c..4863d3bb7 100644 --- a/ruoyi-modules/ruoyi-system/src/main/java/com/ruoyi/system/controller/SysUserOnlineController.java +++ b/ruoyi-modules/ruoyi-system/src/main/java/com/ruoyi/system/controller/SysUserOnlineController.java @@ -18,7 +18,7 @@ import com.ruoyi.common.core.web.page.TableDataInfo; import com.ruoyi.common.log.annotation.Log; import com.ruoyi.common.log.enums.BusinessType; import com.ruoyi.common.redis.service.RedisService; -import com.ruoyi.common.security.annotation.PreAuthorize; +import com.ruoyi.common.security.annotation.RequiresPermissions; import com.ruoyi.system.api.model.LoginUser; import com.ruoyi.system.domain.SysUserOnline; import com.ruoyi.system.service.ISysUserOnlineService; @@ -38,7 +38,7 @@ public class SysUserOnlineController extends BaseController @Autowired private RedisService redisService; - @PreAuthorize(hasPermi = "monitor:online:list") + @RequiresPermissions("monitor:online:list") @GetMapping("/list") public TableDataInfo list(String ipaddr, String userName) { @@ -81,7 +81,7 @@ public class SysUserOnlineController extends BaseController /** * 强退用户 */ - @PreAuthorize(hasPermi = "monitor:online:forceLogout") + @RequiresPermissions("monitor:online:forceLogout") @Log(title = "在线用户", businessType = BusinessType.FORCE) @DeleteMapping("/{tokenId}") public AjaxResult forceLogout(@PathVariable String tokenId)