henryC
/
flyfish-framework
1
1
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity

feat:优化鉴权实体,增加用户权限标记

This commit is contained in:
wangyu 2021-12-05 11:59:47 +08:00
parent d4d80d2d55
commit 64ce96303b
4 changed files with 20 additions and 27 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
flyfish-data/src/main/java/com/flyfish/framework/domain/po/Department.java
View File

@ -17,6 +17,8 @@ import org.springframework.data.mongodb.core.mapping.Document;
@Builder @Builder
public class Department extends TreeDomain<Department> { public class Department extends TreeDomain<Department> {
public static final String PUBLIC = "public";
/** /**
* 默认选中 * 默认选中
*/ */

36
flyfish-user/src/main/java/com/flyfish/framework/domain/AdminUserDetails.java
View File

@ -35,17 +35,6 @@ public class AdminUserDetails implements UserDetails, IUser {
private static final long serialVersionUID = -2441854985340378429L; private static final long serialVersionUID = -2441854985340378429L;
private static final List<UserType> adminTypes = Arrays.asList(UserType.ADMIN, UserType.SUPER_ADMIN); private static final List<UserType> adminTypes = Arrays.asList(UserType.ADMIN, UserType.SUPER_ADMIN);
/**
* 判断是否是管理员
* @param user 用户
* @return 结果
*/
public static boolean isAdmin(User user) {
return adminTypes.contains(user.getType());
}
/** /**
* 主键 * 主键
*/ */
@ -58,74 +47,71 @@ public class AdminUserDetails implements UserDetails, IUser {
* 名称 * 名称
*/ */
protected String name; protected String name;
/** /**
* 用户类型 * 用户类型
*/ */
private UserType type; private UserType type;
/** /**
* 用户状态 * 用户状态
*/ */
private UserStatus status; private UserStatus status;
/** /**
* 冗余的电话号码 * 冗余的电话号码
*/ */
private String phone; private String phone;
/** /**
* 用户名 * 用户名
*/ */
private String username; private String username;
/** /**
* 密码 * 密码
*/ */
private String password; private String password;
/** /**
* 是否启用 * 是否启用
*/ */
private Boolean enable; private Boolean enable;
/** /**
* 能否登录移动端 * 能否登录移动端
*/ */
private Boolean app; private Boolean app;
/** /**
* 有效期 * 有效期
*/ */
@JsonFormat(pattern = "yyyy-MM-dd") @JsonFormat(pattern = "yyyy-MM-dd")
private Date validDate; private Date validDate;
/** /**
* 可操作校区 * 可操作校区
*/ */
private List<Department> departments; private List<Department> departments;
/** /**
* 所属角色 * 所属角色
*/ */
private List<Role> roles; private List<Role> roles;
/** /**
* 微信openId * 微信openId
*/ */
private String openId; private String openId;
/** /**
* 当前用户的鉴权标记 * 当前用户的鉴权标记
*/ */
@Getter(AccessLevel.NONE) @Getter(AccessLevel.NONE)
private String authority; private String authority;
/** /**
* 查询冗余标记用户信息 * 查询冗余标记用户信息
*/ */
private Object detail; private Object detail;
/**
* 判断是否是管理员
*
* @param user 用户
* @return 结果
*/
public static boolean isAdmin(User user) {
return adminTypes.contains(user.getType());
}
@Override @Override
@JsonIgnore @JsonIgnore
public Collection<? extends GrantedAuthority> getAuthorities() { public Collection<? extends GrantedAuthority> getAuthorities() {
@ -161,7 +147,7 @@ public class AdminUserDetails implements UserDetails, IUser {
} }
public String getAuthority() { public String getAuthority() {
if (StringUtils.isBlank(authority)) { if (StringUtils.isBlank(authority) && null != departments) {
authority = departments.stream().findFirst().map(Domain::getId).orElse(null); authority = departments.stream().findFirst().map(Domain::getId).orElse(null);
} }
return authority; return authority;

6
flyfish-user/src/main/java/com/flyfish/framework/domain/authorized/AuthorizedDomain.java
View File

@ -2,11 +2,14 @@ package com.flyfish.framework.domain.authorized;
import com.flyfish.framework.context.UserContext; import com.flyfish.framework.context.UserContext;
import com.flyfish.framework.domain.base.AuditDomain; import com.flyfish.framework.domain.base.AuditDomain;
import com.flyfish.framework.domain.po.Department;
import com.flyfish.framework.domain.po.User; import com.flyfish.framework.domain.po.User;
import com.flyfish.framework.exception.biz.InvalidBusinessException; import com.flyfish.framework.exception.biz.InvalidBusinessException;
import lombok.Setter; import lombok.Setter;
import org.apache.commons.lang3.StringUtils; import org.apache.commons.lang3.StringUtils;
import javax.validation.constraints.NotBlank;
/** /**
* 带鉴权的实体主要以部门隔绝 * 带鉴权的实体主要以部门隔绝
*/ */
@ -14,6 +17,7 @@ import org.apache.commons.lang3.StringUtils;
public abstract class AuthorizedDomain extends AuditDomain { public abstract class AuthorizedDomain extends AuditDomain {
// 作用域id一般是部门用户存储时插入 // 作用域id一般是部门用户存储时插入
@NotBlank(message = "请选择当前部")
private String authorizeId; private String authorizeId;
public String getAuthorizeId() { public String getAuthorizeId() {
@ -24,7 +28,7 @@ public abstract class AuthorizedDomain extends AuditDomain {
.map(UserContext::currentUser) .map(UserContext::currentUser)
.map(User::getAuthority) .map(User::getAuthority)
.filter(StringUtils::isNotBlank) .filter(StringUtils::isNotBlank)
.orElseThrow(() -> new InvalidBusinessException("您尚未选择所在部门!请确认您使用的部门身份!")); .orElse(Department.PUBLIC);
} }
} }
} }

3
flyfish-user/src/main/java/com/flyfish/framework/domain/authorized/AuthorizedQo.java
View File

@ -8,6 +8,7 @@ import com.flyfish.framework.domain.po.User;
import com.flyfish.framework.service.DepartmentService; import com.flyfish.framework.service.DepartmentService;
import lombok.Getter; import lombok.Getter;
import lombok.Setter; import lombok.Setter;
import org.springframework.security.core.parameters.P;
import java.util.Collections; import java.util.Collections;
import java.util.List; import java.util.List;
@ -36,7 +37,7 @@ public abstract class AuthorizedQo<T extends AuthorizedDomain> extends NameLikeQ
.map(User::getDepartments) .map(User::getDepartments)
.map(departs -> departs.stream().map(Department::getId).collect(Collectors.toList())) .map(departs -> departs.stream().map(Department::getId).collect(Collectors.toList()))
.map(this::getSubAuthorities) .map(this::getSubAuthorities)
.orElse(Collections.emptyList()); .orElse(Collections.singletonList(Department.PUBLIC));
} }
@Override @Override