blame | history | patch | commit | commitdiff | ignore whitespace
935090232@qq.com
2022-02-22 bbe0a2fd03063316e50cf141986bda984599bbda 
 zq-erp/src/main/java/com/matrix/system/app/authority/AppAuthorityManager.java


@@ -1,5 +1,6 @@


package com.matrix.system.app.authority;




import cn.hutool.crypto.SecureUtil;


import com.matrix.core.constance.MatrixConstance;


import com.matrix.core.pojo.AjaxResult;


import com.matrix.core.tools.StringUtils;


@@ -10,6 +11,7 @@


import com.matrix.system.common.bean.SysFunction;


import com.matrix.system.common.bean.SysUsers;


import com.matrix.system.common.constance.AppConstance;


import com.matrix.system.common.init.LocalCache;


import com.matrix.system.common.service.SysFunctionService;


import org.apache.commons.collections.CollectionUtils;


import org.springframework.beans.factory.annotation.Autowired;


@@ -17,6 +19,7 @@




import java.util.*;


import java.util.Map.Entry;


import java.util.stream.Collectors;




/**


 * DefaultAuthorityManager 实现了权限控制接口


@@ -30,8 +33,11 @@




    private static final int DEFAULT_2 = 2;






    @Autowired


    SysFunctionService sysFunctionService;




    public static final String USER_POWER_REDISKEY_APP = "USER_POWER_APP";




    public static final String USERFUNCTION = "userFunction";


    /** 用户所有路径权限的记录 **/


@@ -91,11 +97,24 @@


        List<String> userUrlMapping = new ArrayList<>();






        // 获取用户所有权限


        getUserFunction(user,userFunction, userUrlMapping);


        String redisKey = USER_POWER_REDISKEY_APP + SecureUtil.md5(user.getSuId()+"");


        Map<String, Object> cachePowerMap = LocalCache.get(redisKey);


        if (Objects.nonNull(cachePowerMap)) {




            userFunction = (Map<String, SysFunction>) cachePowerMap.get(USERFUNCTION);




        // TODO 这里的用户权限应该放到redis缓存中,在拦截器中做权限拦截


            userUrlMapping = (List<String>) cachePowerMap.get(USER_URL_MAPPING);




        } else {


            // 获取用户所有权限


            getUserFunction(user,userFunction, userUrlMapping);




            Map<String ,Object> powerMap=new HashMap<>();


            powerMap.put(USERFUNCTION, userFunction);


            powerMap.put(USER_URL_MAPPING, userUrlMapping);


            LocalCache.save(redisKey,powerMap);


        }




        WebUtil.setSessionAttribute(USERFUNCTION, userFunction);


        WebUtil.setSessionAttribute(USER_URL_MAPPING, userUrlMapping);


        result.putInMap(USERFUNCTION, userFunction);


@@ -129,11 +148,17 @@


            // 普通员工账号只拥有自己所拥有的权限


            List<SysFunction> userFunctionList = sysFunctionService.findFunctionByRoleIds(sysUser.getRoleIds());


            for (SysFunction sysFunction : userFunctionList) {




                sysFunction.setSysFnBtnRel(


                        sysFunction.getSysFnBtnRel().stream().filter(item->StringUtils.isContentSet(item.getBtnValue(),sysFunction.getRpfBns())).collect(Collectors.toList())


                );




                // TODO注册访问路径


                registerUrlMapping(userUrlMapping, sysFunction,false);


                if (userFunctionMap.containsKey(sysFunction.getFnCode())) {


                    // 如果功能已经被添加到集合中则追加权限按钮


                    SysFunction oneFunctionInMap = userFunctionMap.get(sysFunction.getFnCode());




                    // 为了方便判断所以用字符串记录一下


                    if (StringUtils.isBlank(oneFunctionInMap.getRpfBns())) {


                        oneFunctionInMap.setRpfBns(sysFunction.getRpfBns());