用户菜单权限优化
wei.peng
6 years ago
parent
9ed732ca0e
commit
951b65e289
@ -0,0 +1,162 @@
|
||||
package cn.estsh.i3plus.core.apiservice.controller.base;
|
||||
|
||||
import cn.estsh.i3plus.core.api.iservice.base.ISystemLoginService;
|
||||
import cn.estsh.i3plus.core.api.iservice.busi.ICoreTreeService;
|
||||
import cn.estsh.i3plus.core.api.iservice.busi.ISysLocaleLanguageService;
|
||||
import cn.estsh.i3plus.core.api.iservice.busi.ISysMenuService;
|
||||
import cn.estsh.i3plus.core.api.iservice.busi.ISysUserService;
|
||||
import cn.estsh.i3plus.core.apiservice.controller.DemoAuthController;
|
||||
import cn.estsh.i3plus.core.apiservice.serviceimpl.busi.SysLocaleLanguageService;
|
||||
import cn.estsh.i3plus.platform.common.tool.ServletRequestTool;
|
||||
import cn.estsh.i3plus.platform.common.tool.TimeTool;
|
||||
import cn.estsh.i3plus.platform.common.util.CommonConstWords;
|
||||
import cn.estsh.i3plus.platform.common.util.PlatformConstWords;
|
||||
import cn.estsh.i3plus.pojo.base.enumutil.CommonEnumUtil;
|
||||
import cn.estsh.i3plus.pojo.base.enumutil.ResourceEnumUtil;
|
||||
import cn.estsh.i3plus.pojo.platform.bean.SessionUser;
|
||||
import cn.estsh.i3plus.pojo.platform.bean.SysLogUserLogin;
|
||||
import cn.estsh.impp.framework.base.controller.CoreBaseController;
|
||||
import cn.estsh.impp.framework.boot.auth.AuthUtil;
|
||||
import cn.estsh.impp.framework.boot.exception.ImppBusiException;
|
||||
import cn.estsh.impp.framework.boot.exception.ImppExceptionBuilder;
|
||||
import cn.estsh.impp.framework.boot.exception.ImppExceptionEnum;
|
||||
import cn.estsh.impp.framework.boot.util.ResultBean;
|
||||
import cn.estsh.impp.framework.boot.util.ValidatorBean;
|
||||
import io.swagger.annotations.Api;
|
||||
import io.swagger.annotations.ApiOperation;
|
||||
import org.apache.shiro.authc.*;
|
||||
import org.slf4j.Logger;
|
||||
import org.slf4j.LoggerFactory;
|
||||
import org.springframework.beans.factory.annotation.Autowired;
|
||||
import org.springframework.web.bind.annotation.GetMapping;
|
||||
import org.springframework.web.bind.annotation.RequestMapping;
|
||||
import org.springframework.web.bind.annotation.RestController;
|
||||
|
||||
import javax.servlet.http.HttpServletRequest;
|
||||
import java.util.List;
|
||||
|
||||
/**
|
||||
* @Description :
|
||||
* @Reference :
|
||||
* @Author : Adair Peng
|
||||
* @CreateDate : 2018-12-19 15:31
|
||||
* @Modify:
|
||||
**/
|
||||
@RestController
|
||||
@Api(description = "非权限服务")
|
||||
@RequestMapping("/impp-white")
|
||||
public class WhiteController extends CoreBaseController {
|
||||
|
||||
public static final Logger LOGGER = LoggerFactory.getLogger(WhiteController.class);
|
||||
|
||||
@Autowired
|
||||
private ISysLocaleLanguageService sysLocaleLanguageService;
|
||||
|
||||
@Autowired
|
||||
private ISystemLoginService systemLoginService;
|
||||
|
||||
@Autowired
|
||||
private ISysUserService userService;
|
||||
|
||||
@GetMapping(value = "/sys-locale-language/list")
|
||||
@ApiOperation(value = "查询全部系统语言",notes = "查询全部系统语言")
|
||||
public ResultBean listSysLocaleLanguage(){
|
||||
try {
|
||||
List sysLocaleLanguageList = sysLocaleLanguageService.listSysLocaleLanguage();
|
||||
return ResultBean.success("查询成功").setCode(ResourceEnumUtil.MESSAGE.SUCCESS.getCode()).setResultList(sysLocaleLanguageList);
|
||||
}catch(ImppBusiException busExcep){
|
||||
return ResultBean.fail(busExcep);
|
||||
}catch(Exception e){
|
||||
return ImppExceptionBuilder.newInstance().buildExceptionResult(e);
|
||||
}
|
||||
}
|
||||
|
||||
@GetMapping(value="/auth/login")
|
||||
@ApiOperation(value="登陆",notes="登陆")
|
||||
public ResultBean login(HttpServletRequest request, String loginName, String loginPwd, String languageCode){
|
||||
LOGGER.info("用户登陆 loginName:{} loginPwd:{} languageCode:{}",loginName,loginPwd,languageCode);
|
||||
ResultBean result = null;
|
||||
try {
|
||||
ValidatorBean.checkNotNull(loginName,"用户名不能为空");
|
||||
ValidatorBean.checkNotNull(loginPwd,"密码不能为空");
|
||||
ValidatorBean.checkNotNull(languageCode,"语言不能为空");
|
||||
|
||||
SessionUser user = userService.queryUserLogin(loginName,loginPwd,languageCode);
|
||||
|
||||
String redisKey = CommonConstWords.USER_LOGIN_ERROR + "_" + user.getUser().getId();
|
||||
redisCore.deleteKey(redisKey);
|
||||
|
||||
LOGGER.info("会员登陆:{}",user);
|
||||
AuthUtil.setSessionObject("languageCode",languageCode);
|
||||
result = new ResultBean(true, AuthUtil.getSession().getId().toString(), AuthUtil.getSessionUser());
|
||||
result.setUrl("/");
|
||||
|
||||
// 记录登录记录
|
||||
recordSysUserLog(user.getUser().getUserInfoId(), loginName,CommonEnumUtil.USER_LOGIN_STATUS.LOGIN_SUCCESS.getValue(), request);
|
||||
} catch (IncorrectCredentialsException e) {
|
||||
// 密码错误
|
||||
Integer num = systemLoginService.doLoginPasswordError(loginName);
|
||||
num = CommonConstWords.USER_LOGIN_ERROR_MAX_NUM - num;
|
||||
result = ResultBean.fail(ImppExceptionEnum.LOGIN_EXCEPTION_USER_PASSWORD);
|
||||
if(num == 0){
|
||||
result.setErrorMsg("密码输入错误。用户已被锁定请联系管理员!");
|
||||
}else {
|
||||
result.setErrorMsg("密码输入错误。再输入错误"+ num +"次,用户将被锁定。");
|
||||
}
|
||||
|
||||
// 记录登录记录
|
||||
recordSysUserLog(null, loginName, CommonEnumUtil.USER_LOGIN_STATUS.WRONG_PASSWORD.getValue(), request);
|
||||
} catch (CredentialsException e) {
|
||||
// 用户名或密码错误
|
||||
result = ResultBean.fail(ImppExceptionEnum.LOGIN_EXCEPTION_USER_NAME);
|
||||
|
||||
// 记录登录记录
|
||||
recordSysUserLog(null, loginName,CommonEnumUtil.USER_LOGIN_STATUS.WRONG_USERNAME_OR_PASSWORD.getValue(), request);
|
||||
} catch (LockedAccountException e) {
|
||||
// 账号已锁定
|
||||
result = ResultBean.fail(ImppExceptionEnum.LOGIN_EXCEPTION_USER_LOCKING);
|
||||
|
||||
// 记录登录记录
|
||||
recordSysUserLog(null, loginName,CommonEnumUtil.USER_LOGIN_STATUS.USER_LOGIN_LOCKING.getValue(), request);
|
||||
} catch (UnknownAccountException e) {
|
||||
// 用户信息不存在
|
||||
result = ResultBean.fail(ImppExceptionEnum.LOGIN_EXCEPTION_USER_INFO_NULL);
|
||||
|
||||
// 记录登录记录
|
||||
recordSysUserLog(null, loginName,CommonEnumUtil.USER_LOGIN_STATUS.USER_INFO_NULL.getValue(), request);
|
||||
} catch (AuthenticationException e) {
|
||||
// 系统异常
|
||||
result = ResultBean.fail(e.getMessage()).setCode(ImppExceptionEnum.SYSTEM_EXCEPTION.getCode());
|
||||
result.setErrorMsg(e.getMessage());
|
||||
|
||||
// 记录登录记录
|
||||
recordSysUserLog(null, loginName,CommonEnumUtil.USER_LOGIN_STATUS.SYSTEM_ERROR.getValue(), request);
|
||||
} catch (ImppBusiException e) {
|
||||
result = ResultBean.fail(e);
|
||||
|
||||
// 记录登录记录
|
||||
recordSysUserLog(null, loginName,CommonEnumUtil.USER_LOGIN_STATUS.SYSTEM_ERROR.getValue(), request);
|
||||
} catch (Exception e) {
|
||||
result = ResultBean.fail(e.getMessage()).setCode(ImppExceptionEnum.SYSTEM_EXCEPTION.getCode())
|
||||
.setErrorMsg(ImppExceptionEnum.SYSTEM_EXCEPTION.getDescription());
|
||||
|
||||
// 记录登录记录
|
||||
recordSysUserLog(null, loginName,CommonEnumUtil.USER_LOGIN_STATUS.SYSTEM_ERROR.getValue(), request);
|
||||
}
|
||||
return result;
|
||||
}
|
||||
|
||||
private void recordSysUserLog(Long userId, String username,Integer userLoginStatus,HttpServletRequest request){
|
||||
SysLogUserLogin log = new SysLogUserLogin();
|
||||
|
||||
log.setUserId(userId);
|
||||
log.setLogLoginName(username);
|
||||
log.setLogLoginStatus(userLoginStatus);
|
||||
log.setLogLoginBrowser(ServletRequestTool.getRequestBrowser(request));
|
||||
log.setLogLoginHost(ServletRequestTool.getRequestHost(request));
|
||||
log.setLogLoginPlatform(CommonEnumUtil.LOG_LOGIN_PLATFORM.descOf(ServletRequestTool.getRequestOs(request)));
|
||||
log.setLogLoginDateTime(TimeTool.getNowTime(true));
|
||||
|
||||
userService.insertSysLogUserLogin(log);
|
||||
}
|
||||
}
|
||||
@ -0,0 +1,56 @@
|
||||
package cn.estsh.i3plus.core.apiservice.dao;
|
||||
|
||||
import cn.estsh.i3plus.pojo.platform.bean.SysMenu;
|
||||
import org.springframework.data.jpa.repository.Modifying;
|
||||
import org.springframework.data.jpa.repository.Query;
|
||||
import org.springframework.data.repository.CrudRepository;
|
||||
import org.springframework.data.repository.query.Param;
|
||||
import org.springframework.stereotype.Repository;
|
||||
|
||||
import java.util.List;
|
||||
|
||||
/**
|
||||
* @Description :
|
||||
* @Reference :
|
||||
* @Author : Adair Peng
|
||||
* @CreateDate : 2018-12-18 13:38
|
||||
* @Modify:
|
||||
**/
|
||||
public interface ISysMenuDao {
|
||||
|
||||
/**
|
||||
* 根据用户角色 ID 查询所有菜单
|
||||
* HQL:
|
||||
* select sm.*
|
||||
* from sys_menu as sm
|
||||
* left join sys_ref_role_menu as srrm on sm.id = srrm.menu_id and role_id = 200001
|
||||
* where sm.parent_id = 100003
|
||||
* @param parentId
|
||||
* @param roleId
|
||||
* @return
|
||||
*/
|
||||
// @Modifying
|
||||
// @Query(" select sm from SysMenu as sm " +
|
||||
// "left join SysRefRoleMenu as srrm on sm.id = srrm.menuId and srrm.roleId =:roleId " +
|
||||
// "where sm.parentId =:parentId")
|
||||
List<SysMenu> findByParentIdAndRoleId(Long parentId, Long roleId);
|
||||
|
||||
/**
|
||||
* 根据用户ID 查询所有菜单
|
||||
* HQL:
|
||||
* select sm.*
|
||||
* from sys_menu as sm
|
||||
* left join sys_ref_role_menu as srrm on sm.id = srrm.menu_id
|
||||
* left join sys_ref_user_role as srur on srur.role_id = srrm.role_id and srur.user_id = 400001
|
||||
* where sm.parent_id = 100003
|
||||
* @param parentId
|
||||
* @param userId
|
||||
* @return
|
||||
*/
|
||||
// @Query(" select sm from SysMenu as sm " +
|
||||
// "left join SysRefRoleMenu as srrm on sm.id = srrm.menuId " +
|
||||
// "left join SysRefUserRole as srur on sm.roleId = srrm.roleId and srur.userId =:userId " +
|
||||
// "where sm.parentId =:parentId")
|
||||
List<SysMenu> findByParentIdAndUserId(Long parentId, Long userId);
|
||||
|
||||
}
|
||||
@ -0,0 +1,55 @@
|
||||
package cn.estsh.i3plus.core.apiservice.daoimpl;
|
||||
|
||||
import cn.estsh.i3plus.core.apiservice.dao.ISysMenuDao;
|
||||
import cn.estsh.i3plus.pojo.platform.bean.SysMenu;
|
||||
import org.slf4j.Logger;
|
||||
import org.slf4j.LoggerFactory;
|
||||
import org.springframework.beans.factory.annotation.Autowired;
|
||||
import org.springframework.stereotype.Service;
|
||||
|
||||
import javax.persistence.EntityManager;
|
||||
import java.util.List;
|
||||
|
||||
/**
|
||||
* @Description :
|
||||
* @Reference :
|
||||
* @Author : Adair Peng
|
||||
* @CreateDate : 2018-12-18 15:39
|
||||
* @Modify:
|
||||
**/
|
||||
@Service
|
||||
public class SysMenuDaoImpl implements ISysMenuDao {
|
||||
|
||||
public static final Logger LOGGER = LoggerFactory.getLogger(SysMenuDaoImpl.class);
|
||||
|
||||
@Autowired
|
||||
private EntityManager entityManager;
|
||||
|
||||
@Override
|
||||
public List<SysMenu> findByParentIdAndRoleId(Long parentId, Long roleId) {
|
||||
LOGGER.info(" 根据角色ID 查询权限 parentId:{} roleId:{}",parentId,roleId);
|
||||
String hql = " select sm from SysMenu as sm " +
|
||||
"left join SysRefRoleMenu as srrm on sm.id = srrm.menuId and srrm.roleId =:roleId " +
|
||||
"where sm.parentId =:parentId";
|
||||
|
||||
return entityManager.createQuery(hql)
|
||||
.setParameter("parentId", parentId)
|
||||
.setParameter("roleId", roleId)
|
||||
.getResultList();
|
||||
}
|
||||
|
||||
@Override
|
||||
public List<SysMenu> findByParentIdAndUserId(Long parentId, Long userId) {
|
||||
LOGGER.info(" 根据账号ID 查询权限 parentId:{} userId:{}",parentId,userId);
|
||||
|
||||
String hql = " select sm from SysMenu as sm " +
|
||||
"left join SysRefRoleMenu as srrm on srrm.menuId = sm.id " +
|
||||
"left join SysRefUserRole as srur on srur.roleId = srrm.roleId and srur.userId =:userId " +
|
||||
"where sm.parentId =:parentId";
|
||||
|
||||
return entityManager.createQuery(hql)
|
||||
.setParameter("parentId", parentId)
|
||||
.setParameter("userId", userId)
|
||||
.getResultList();
|
||||
}
|
||||
}
|
||||
Loading…
Reference in New Issue