vertoryao/iot-gateway
2
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

feat(菜单模块): 整理了一些权限相关代码

Browse Source
This commit is contained in:
vertoryao 2024-12-05 17:18:55 +08:00
parent 992af01f8f
commit 4948086526
5 changed files with 44 additions and 21 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

15
src/main/java/com/zsc/edu/gateway/framework/mybatisplus/MyMetaObjectHandler.java
View File

@ -20,23 +20,18 @@ public class MyMetaObjectHandler implements MetaObjectHandler {
@Override
public void insertFill(MetaObject metaObject) {
UserDetailsImpl userInfo = SecurityUtil.getUserInfo();
if (userInfo.getUsername() == null) {
userInfo.setUsername( "system");
}
this.strictInsertFill(metaObject, "createTime", LocalDateTime.class, LocalDateTime.now());
this.strictInsertFill(metaObject, "createBy", String.class, userInfo.getUsername());
SecurityUtil.getCurrentAuditor().ifPresent(username ->
this.strictInsertFill(metaObject, "createBy", String.class, username));
;
}
@Override
public void updateFill(MetaObject metaObject) {
UserDetailsImpl userInfo = SecurityUtil.getUserInfo();
if (userInfo.getUsername() == null) {
userInfo.setUsername( "system");
}
this.strictUpdateFill(metaObject, "updateTime", LocalDateTime::now, LocalDateTime.class);
this.strictUpdateFill(metaObject, "updateBy", userInfo::getUsername, String.class);
SecurityUtil.getCurrentAuditor().ifPresent(username ->
this.strictInsertFill(metaObject, "updateBy", String.class, username));
}

8
src/main/java/com/zsc/edu/gateway/framework/security/SecurityBeanConfig.java
View File

@ -13,10 +13,10 @@ import org.springframework.security.web.session.HttpSessionEventPublisher;
*/
@Configuration
public class SecurityBeanConfig {
// @Bean
// public PasswordEncoder passwordEncoder() {
// return PasswordEncoderFactories.createDelegatingPasswordEncoder();
// }
@Bean
public PasswordEncoder passwordEncoder() {
return PasswordEncoderFactories.createDelegatingPasswordEncoder();
}
@Bean
public SessionRegistry sessionRegistry() {

20
src/main/java/com/zsc/edu/gateway/framework/security/SecurityUtil.java
View File

@ -1,9 +1,11 @@
package com.zsc.edu.gateway.framework.security;
import org.springframework.security.authentication.AnonymousAuthenticationToken;
import org.springframework.security.core.Authentication;
import org.springframework.security.core.context.SecurityContextHolder;
import java.util.Objects;
import java.util.Optional;
/**
* @author Yao
@ -18,4 +20,22 @@ public class SecurityUtil {
return (UserDetailsImpl) authentication.getPrincipal();
}
public static Optional<String> getCurrentAuditor() {
try {
Authentication authentication = SecurityContextHolder.getContext().getAuthentication();
if (authentication instanceof AnonymousAuthenticationToken) {
return Optional.of("system");
} else {
if (authentication == null) {
return Optional.of("system");
}
UserDetailsImpl user = (UserDetailsImpl) authentication.getPrincipal();
return Optional.of(user.getUsername());
}
} catch (Exception ex) {
// log.error("get user Authentication failed: " + ex.getMessage(), ex);
return Optional.of("system");
}
}
}

20
src/main/java/com/zsc/edu/gateway/framework/security/SpringSecurityConfig.java
View File

@ -8,6 +8,8 @@ import org.springframework.http.HttpMethod;
import org.springframework.security.authentication.AuthenticationManager;
import org.springframework.security.authentication.ProviderManager;
import org.springframework.security.authentication.dao.DaoAuthenticationProvider;
import org.springframework.security.authorization.AuthorizationDecision;
import org.springframework.security.config.annotation.method.configuration.EnableMethodSecurity;
import org.springframework.security.config.annotation.web.builders.HttpSecurity;
import org.springframework.security.core.session.SessionRegistry;
import org.springframework.security.core.userdetails.UserDetailsService;
@ -28,6 +30,7 @@ import javax.sql.DataSource;
* @author harry_yao
*/
@AllArgsConstructor
@EnableMethodSecurity
@Configuration
public class SpringSecurityConfig {
@ -42,23 +45,24 @@ public class SpringSecurityConfig {
@Resource
private final DataSource dataSource;
@Bean
public BCryptPasswordEncoder bCryptPasswordEncoder() {
return new BCryptPasswordEncoder();
};
// @Bean
// public BCryptPasswordEncoder bCryptPasswordEncoder() {
// return new BCryptPasswordEncoder();
// };
@Bean
public PersistentTokenRepository persistentTokenRepository() {
JdbcTokenRepositoryImpl tokenRepository = new JdbcTokenRepositoryImpl();
tokenRepository.setDataSource(dataSource);
return tokenRepository;
}
@Bean
AuthenticationManager authenticationManager() {
DaoAuthenticationProvider daoAuthenticationProvider = new DaoAuthenticationProvider();
daoAuthenticationProvider.setUserDetailsService(userDetailsService);
daoAuthenticationProvider.setPasswordEncoder(bCryptPasswordEncoder());
daoAuthenticationProvider.setPasswordEncoder(securityBeanConfig.passwordEncoder());
return new ProviderManager(daoAuthenticationProvider);
}
@ -81,7 +85,11 @@ public class SpringSecurityConfig {
.authorizeHttpRequests(auth -> auth
.requestMatchers(HttpMethod.GET, "/api/rest/user/me","/api/rest/user/register","/api/rest/user/send-email").permitAll()
.requestMatchers(HttpMethod.POST, "/api/rest/user/login","/api/rest/user/register").permitAll()
.requestMatchers("/api/**").authenticated())
.requestMatchers("/api/**").authenticated()
.requestMatchers("/api/**").access((authentication, object) -> {
return new AuthorizationDecision(true);
})
)
// 不用注解直接通过判断路径实现动态访问权限
// .requestMatchers("/api/**").access((authentication, object) -> {
// //表示请求的 URL 地址和数据库的地址是否匹配上了

2
src/main/java/com/zsc/edu/gateway/modules/system/entity/Menu.java
View File

@ -27,7 +27,7 @@ public class Menu extends BaseEntity {
/**
* 菜单类型
*/
private Type type = Type.PAGE;
private Type type;
/**
* 路由名称
*/