shiro cookie优化,员工授权等其他

admin/src/main/java/com/cwhelp/admin/business/controller/BssDeptController.java

@@ -1,6 +1,7 @@
 package com.cwhelp.admin.business.controller;
 
 import com.cwhelp.admin.business.validator.BssDeptValid;
+import com.cwhelp.common.constant.AdminConst;
 import com.cwhelp.common.enums.StatusEnum;
 import com.cwhelp.common.utils.EntityBeanUtil;
 import com.cwhelp.common.utils.ResultVoUtil;
@@ -51,7 +52,7 @@ public class BssDeptController {
                 .withMatcher("name", match -> match.contains());
 
         User user = ShiroUtil.getSubject();
-        if (1 != user.getBssPlatform().getId()) {
+        if (AdminConst.ADMIN_PLATFORM_ID != user.getBssPlatform().getId()) {
             matcher.withMatcher("bssPlatform.id",match -> match.contains());
             BssPlatform bssPlatform = new BssPlatform();
             bssPlatform.setId(user.getBssPlatform().getId());

admin/src/main/java/com/cwhelp/admin/business/controller/BssEmployeeController.java

@@ -2,6 +2,7 @@ package com.cwhelp.admin.business.controller;
 
 
 import com.cwhelp.admin.business.validator.BssEmployeeValid;
+import com.cwhelp.common.constant.AdminConst;
 import com.cwhelp.common.enums.StatusEnum;
 import com.cwhelp.common.utils.EntityBeanUtil;
 import com.cwhelp.common.utils.ResultVoUtil;
@@ -53,7 +54,7 @@ public class BssEmployeeController {
 
         User user = ShiroUtil.getSubject();
         List<BssDept> bssDepts = null;
-        if (1 != user.getBssPlatform().getId()) {
+        if (AdminConst.ADMIN_PLATFORM_ID != user.getBssPlatform().getId()) {
             bssDepts = bssDeptService.findBssDeptByBssPlatformAndId(user.getBssPlatform());
         }
         Page<BssEmployee> list = bssEmployeeService.getPageList(bssDepts,bssEmployee);
@@ -99,7 +100,7 @@ public class BssEmployeeController {
      */
     private List<BssDept> getBssDepts(User user, BssPlatform bssPlatform) {
         List<BssDept> bssDepts = null;
-        if (1 != user.getBssPlatform().getId()) {
+        if (AdminConst.ADMIN_PLATFORM_ID != user.getBssPlatform().getId()) {
             bssDepts = bssDeptService.findBssDeptByBssPlatformAndId(bssPlatform);
         } else {
             bssDepts = bssDeptService.findAll();

admin/src/main/java/com/cwhelp/admin/business/controller/BssPlatformController.java

@@ -1,6 +1,7 @@
 package com.cwhelp.admin.business.controller;
 
 import com.cwhelp.admin.business.validator.BssPlatformValid;
+import com.cwhelp.common.constant.AdminConst;
 import com.cwhelp.common.enums.ResultEnum;
 import com.cwhelp.common.enums.StatusEnum;
 import com.cwhelp.common.utils.EntityBeanUtil;
@@ -52,7 +53,7 @@ public class BssPlatformController {
                 .withMatcher("email", match -> match.contains());
         User user = ShiroUtil.getSubject();
         // 判定当前用户的 所属平台 1为系统平台
-        if (1 != user.getBssPlatform().getId()) {
+        if (AdminConst.ADMIN_PLATFORM_ID != user.getBssPlatform().getId()) {
             matcher.withMatcher("id",match -> match.contains());
             bssPlatform.setId(user.getBssPlatform().getId());
         }

admin/src/main/java/com/cwhelp/admin/system/controller/LoginController.java

@@ -79,7 +79,6 @@ public class LoginController implements ErrorController {
 
         // 1.获取Subject主体对象
         Subject subject = SecurityUtils.getSubject();
-
         // 2.封装用户数据
         UsernamePasswordToken token = new UsernamePasswordToken(username, password);
 

admin/src/main/java/com/cwhelp/admin/system/controller/RoleController.java

@@ -2,6 +2,7 @@ package com.cwhelp.admin.system.controller;
 
 import com.cwhelp.admin.system.validator.RoleValid;
 import com.cwhelp.common.constant.AdminConst;
+import com.cwhelp.common.constant.RoleConst;
 import com.cwhelp.common.enums.ResultEnum;
 import com.cwhelp.common.enums.StatusEnum;
 import com.cwhelp.common.exception.ResultException;
@@ -14,17 +15,22 @@ import com.cwhelp.component.actionLog.action.StatusAction;
 import com.cwhelp.component.actionLog.annotation.ActionLog;
 import com.cwhelp.component.actionLog.annotation.EntityParam;
 import com.cwhelp.component.shiro.ShiroUtil;
+import com.cwhelp.modules.business.domain.BssEmployee;
 import com.cwhelp.modules.system.domain.Menu;
 import com.cwhelp.modules.system.domain.Role;
+import com.cwhelp.modules.system.domain.User;
 import com.cwhelp.modules.system.service.MenuService;
 import com.cwhelp.modules.system.service.RoleService;
+import com.cwhelp.modules.system.service.UserService;
 import org.apache.shiro.authz.annotation.RequiresPermissions;
 import org.springframework.beans.factory.annotation.Autowired;
 import org.springframework.data.domain.Example;
 import org.springframework.data.domain.ExampleMatcher;
 import org.springframework.data.domain.Page;
+import org.springframework.data.domain.Sort;
 import org.springframework.stereotype.Controller;
 import org.springframework.ui.Model;
+import org.springframework.util.ObjectUtils;
 import org.springframework.validation.annotation.Validated;
 import org.springframework.web.bind.annotation.*;
 
@@ -45,6 +51,8 @@ public class RoleController {
     @Autowired
     private MenuService menuService;
 
+    @Autowired
+    private UserService userService;
     /**
      * 列表页面
      */
@@ -66,6 +74,33 @@ public class RoleController {
         return "/system/role/index";
     }
 
+    /**
+     * 跳转到角色分配页面
+     */
+    @GetMapping("/rolePage")
+    @RequiresPermissions("system:user:role")
+    public String toRole(@RequestParam(value = "ids") BssEmployee bssEmployee, Model model) {
+        User user = userService.getByName(bssEmployee.getPhoneNum());
+        if (ObjectUtils.isEmpty(user)) {
+            throw new ResultException(ResultEnum.USER_NOE_EXIST);
+        }
+        // 获取指定用户角色列表
+        Set<Role> authRoles = user.getRoles();
+        Sort sort = new Sort(Sort.Direction.ASC, "createDate");
+        List<Role> list = null;
+        //如果当前用户是超级用户
+        if (user.getId() == AdminConst.ADMIN_ID) {
+            list = roleService.getListBySortOk(sort);
+        } else {
+            list = roleService.getListByType(sort, RoleConst.ROLE_ORDINARY_TYPE);
+        }
+
+        model.addAttribute("id", user.getId());
+        model.addAttribute("list", list);
+        model.addAttribute("authRoles", authRoles);
+        return "/system/user/role";
+    }
+
     /**
      * 跳转到添加页面
      */

admin/src/main/java/com/cwhelp/admin/system/controller/UserController.java

@@ -155,6 +155,11 @@ public class UserController {
             throw new ResultException(ResultEnum.USER_EXIST);
         }
 
+        // 判断手机号码是否重复
+        if (userService.repeatByPhone(user)) {
+            throw new ResultException(ResultEnum.USER_PHONE_EXIST);
+        }
+
         // 复制保留无需修改的数据
         if (user.getId() != null) {
             // 不允许操作超级管理员数据

admin/src/main/resources/templates/business/employee/index.html

@@ -38,13 +38,14 @@
                 <div class="pull-right screen-btn-group">
                     <button class="layui-btn open-popup" data-title="添加员工" th:attr="data-url=@{/bss/employee/add}" data-size="auto">
                         <i class="fa fa-plus"></i> 添加</button>
+                    <button class="layui-btn open-popup-param" data-type="radio" data-title="角色分配" th:attr="data-url=@{/system/role/rolePage}" data-size="480,400">
+                        <i class="fa fa-user-secret"></i> 授权</button>
                     <div class="btn-group">
                         <button class="layui-btn">操作<span class="caret"></span></button>
                         <dl class="layui-nav-child layui-anim layui-anim-upbit">
                             <dd><a class="ajax-status" th:href="@{/bss/employee/status/ok}">启用</a></dd>
                             <dd><a class="ajax-status" th:href="@{/bss/employee/status/freezed}">冻结</a></dd>
                             <dd><a class="ajax-status" th:href="@{/bss/employee/status/delete}">删除</a></dd>
-                            <dd><a class="ajax-status" th:href="@{/bss/employee/role}">授权</a></dd>
                         </dl>
                     </div>
                 </div>
@@ -88,7 +89,6 @@
                             <a class="open-popup" data-title="编辑员工" th:attr="data-url=@{'/bss/employee/edit/'+${item.id}}" data-size="auto" href="#">编辑</a>
                             <a class="open-popup" data-title="详细信息" th:attr="data-url=@{'/bss/employee/detail/'+${item.id}}" data-size="800,600" href="#">详细</a>
                             <a class="ajax-get" data-msg="您是否确认删除" th:href="@{/bss/employee/status/delete(ids=${item.id})}">删除</a>
-                            <a class="open-popup" th:href="@{/bss/employee/role}">授权</a>
                         </td>
                     </tr>
                     </tbody>

admin/src/main/resources/templates/main.html

@@ -54,7 +54,7 @@
                 <img class="layui-side-user-avatar open-popup" th:attr="data-url=@{/userInfo}" data-size="680,464"
                      th:src="@{'/system/user/picture?p='+${user.picture}}" alt="头像">
                 <div>
-                    <p class="layui-side-user-name" th:text="${user.nickname}">TIMO</p>
+                    <p class="layui-side-user-name" th:text="${user.nickname}"></p>
                     <p class="layui-side-user-designation">在线</p>
                 </div>
             </div>

admin/src/main/resources/templates/system/role/add.html

@@ -18,6 +18,12 @@
                 <input class="layui-input" type="text" name="title"  placeholder="请输入角色名称" th:value="${role?.title}">
             </div>
         </div>
+        <div class="layui-form-item">
+            <label class="layui-form-label required">类型</label>
+            <div class="layui-input-block">
+                <select class="layui-select" name="type" mo:dict="ROLE_TYPE" mo-selected="${role?.type}" mo-empty="" lay-type="type"></select>
+            </div>
+        </div>
         <div class="layui-form-item layui-form-text">
             <label class="layui-form-label">备注</label>
             <div class="layui-input-block">

admin/src/main/resources/templates/system/role/detail.html

@@ -13,6 +13,10 @@
                 <th width='100px'>角色编号名称</th>
                 <td>[[${role.title}]]（[[${role.name}]]）</td>
             </tr>
+            <tr>
+                <th>角色类型</th>
+                <td th:text="${#dicts.keyValue('ROLE_TYPE', role.type)}" colspan="3"></td>
+            </tr>
             <tr>
                 <th>创建用户</th>
                 <td th:text="${role.createBy?.nickname}"></td>

common/src/main/java/com/cwhelp/common/constant/AdminConst.java

@@ -9,21 +9,23 @@ public class AdminConst {
     /**
      * 超级管理员id
      */
-    public static Long ADMIN_ID = 1L;
+    public static final Long ADMIN_ID = 1L;
 
     /**
      * 超级管理员用户名
      */
-    public static String ADMIN_NAME = "admin";
+    public static final String ADMIN_NAME = "admin";
 
     /**
      * 超级管理员角色id
      */
-    public static Long ADMIN_ROLE_ID = 1L;
+    public static final Long ADMIN_ROLE_ID = 1L;
 
     /**
      * 超级管理员角色标识名称
      */
-    public static String ADMIN_ROLE_NAME = "admin";
+    public static final String ADMIN_ROLE_NAME = "admin";
+
+    public static final Long ADMIN_PLATFORM_ID = 1L;
 
 }

common/src/main/java/com/cwhelp/common/constant/RoleConst.java

@@ -0,0 +1,19 @@
+package com.cwhelp.common.constant;
+
+/**
+ * @author: yan.y
+ * @Description:
+ * @Date: Created in 1:12 2019/8/5
+ */
+public class RoleConst {
+
+    /**
+     * 角色平台类型
+     */
+    public static final String ROLE_PLATFORM_TYPE = "1";
+
+    /**
+     * 角色普通类型
+     */
+    public static final String ROLE_ORDINARY_TYPE = "2";
+}

common/src/main/java/com/cwhelp/common/enums/ResultEnum.java

@@ -26,6 +26,8 @@ public enum ResultEnum implements ResultInterface {
     USER_NAME_PWD_NULL(405, "用户名和密码不能为空"),
     USER_CAPTCHA_ERROR(406, "验证码错误"),
     USER_PWD_STRENGTH_ERROR(407, "密码强度不够"),
+    USER_PHONE_EXIST(408, "该用户手机号码已经存在"),
+    USER_NOE_EXIST(409, "该用户不存在"),
 
     /**
      * 平台

common/src/main/java/com/cwhelp/common/exception/advice/ExceptionAdvice.java

@@ -5,5 +5,5 @@ package com.cwhelp.common.exception.advice;
  * @author yan.y
  */
 public interface ExceptionAdvice {
-    public void run(RuntimeException e);
+    void run(RuntimeException e);
 }

common/src/main/java/com/cwhelp/common/exception/interfaces/ResultInterface.java

@@ -6,8 +6,8 @@ package com.cwhelp.common.exception.interfaces;
  */
 public interface ResultInterface {
 
-    public Integer getCode();
+    Integer getCode();
 
-    public String getMessage();
+    String getMessage();
 
 }

component/shiro/src/main/java/com/cwhelp/component/shiro/AuthRealm.java

@@ -36,8 +36,10 @@ public class AuthRealm extends AuthorizingRealm {
     @Override
     protected AuthorizationInfo doGetAuthorizationInfo(PrincipalCollection principal) {
         SimpleAuthorizationInfo info = new SimpleAuthorizationInfo();
+
+        Long userId = (Long) principal.getPrimaryPrincipal();
         // 获取用户Principal对象
-        User user = (User) principal.getPrimaryPrincipal();
+        User user = userService.getById(userId);
 
         // 管理员拥有所有权限
         if(user.getId().equals(AdminConst.ADMIN_ID)){
@@ -85,7 +87,7 @@ public class AuthRealm extends AuthorizingRealm {
          * 参数3：加盐处理
          * 参数4：固定写法
          */
-        return new SimpleAuthenticationInfo(user, user.getPassword(), salt, getName());
+        return new SimpleAuthenticationInfo(user.getId(), user.getPassword(), salt, getName());
     }
 
     /**

component/shiro/src/main/java/com/cwhelp/component/shiro/ICSecurityUtils.java

@@ -0,0 +1,11 @@
+package com.cwhelp.component.shiro;
+
+import org.apache.shiro.SecurityUtils;
+
+/**
+ * @author: yan.y
+ * @Description:
+ * @Date: Created in 0:28 2019/8/5
+ */
+public class ICSecurityUtils extends SecurityUtils {
+}

component/shiro/src/main/java/com/cwhelp/component/shiro/ShiroUtil.java

@@ -4,10 +4,13 @@ import com.cwhelp.common.utils.EncryptUtil;
 import com.cwhelp.common.utils.SpringContextUtil;
 import com.cwhelp.modules.system.domain.Role;
 import com.cwhelp.modules.system.domain.User;
+import com.cwhelp.modules.system.service.UserService;
 import org.apache.shiro.SecurityUtils;
 import org.apache.shiro.authc.SimpleAuthenticationInfo;
 import org.apache.shiro.authc.UsernamePasswordToken;
 import org.apache.shiro.mgt.RememberMeManager;
+import org.springframework.beans.factory.annotation.Autowired;
+import org.springframework.stereotype.Component;
 
 import java.util.Set;
 
@@ -15,8 +18,16 @@ import java.util.Set;
  * Shiro工具类
  * @author yan.y
  */
+@Component
 public class ShiroUtil {
 
+    private static UserService userService;
+
+    @Autowired
+    public void setUserService(UserService userService){
+        ShiroUtil.userService = userService;
+    }
+
     /**
      * 加密算法
      */
@@ -49,7 +60,8 @@ public class ShiroUtil {
      * 获取ShiroUser对象
      */
     public static User getSubject(){
-        return (User) SecurityUtils.getSubject().getPrincipal();
+        Long userId = (Long) SecurityUtils.getSubject().getPrincipal();
+        return userService.getById(userId);
     }
 
     /**

component/shiro/src/main/java/com/cwhelp/component/shiro/config/AuditorConfig.java

@@ -1,8 +1,10 @@
 package com.cwhelp.component.shiro.config;
 
 import com.cwhelp.modules.system.domain.User;
+import com.cwhelp.modules.system.service.UserService;
 import org.apache.shiro.SecurityUtils;
 import org.apache.shiro.subject.Subject;
+import org.springframework.beans.factory.annotation.Autowired;
 import org.springframework.context.annotation.Configuration;
 import org.springframework.data.domain.AuditorAware;
 
@@ -14,10 +16,15 @@ import java.util.Optional;
  */
 @Configuration
 public class AuditorConfig implements AuditorAware<User> {
+
+    @Autowired
+    private UserService userService;
+
     @Override
     public Optional<User> getCurrentAuditor() {
         Subject subject = SecurityUtils.getSubject();
-        User user = (User) subject.getPrincipal();
+        Long userId = (Long) subject.getPrincipal();
+        User user = userService.getById(userId);
         return Optional.ofNullable(user);
     }
 }

modules/system/src/main/java/com/cwhelp/modules/system/domain/Role.java

@@ -37,6 +37,7 @@ public class Role implements Serializable {
     private Long id;
     private String name;
     private String title;
+    private String type;
     private String remark;
     @CreatedDate
     private Date createDate;

modules/system/src/main/java/com/cwhelp/modules/system/repository/RoleRepository.java

@@ -26,6 +26,8 @@ public interface RoleRepository extends BaseRepository<Role,Long> {
      */
     List<Role> findAllByStatus(Sort sort, Byte status);
 
+    List<Role> findAllByType(Sort sort, String type);
+
     /**
      * 查询指定用户的角色列表
      * @param id 用户ID

modules/system/src/main/java/com/cwhelp/modules/system/repository/UserRepository.java

@@ -26,6 +26,14 @@ public interface UserRepository extends BaseRepository<User, Long>, JpaSpecifica
      */
     User findByUsernameAndIdNot(String username, Long id);
 
+    /**
+     * 根据手机号码查询用户数据,且排查指定ID的用户
+     * @param phone 用户手机号码
+     * @param id 排除的用户ID
+     * @return 用户数据
+     */
+    User findByPhoneAndIdNot(String phone, Long id);
+
     /**
      * 查找多个相应部门的用户列表
      */

modules/system/src/main/java/com/cwhelp/modules/system/service/RoleService.java

@@ -42,6 +42,14 @@ public interface RoleService {
      */
     Page<Role> getPageList(Example<Role> example);
 
+    /**
+     * 查询列表
+     * @param sort
+     * @param type
+     * @return
+     */
+    List<Role> getListByType(Sort sort, String type);
+
     /**
      * 获取角色列表数据
      * @param sort 排序对象

modules/system/src/main/java/com/cwhelp/modules/system/service/UserService.java

@@ -45,6 +45,13 @@ public interface UserService {
      */
     Boolean repeatByUsername(User user);
 
+    /**
+     * 手机号码是否重复
+     * @param user 用户对象
+     * @return 用户数据
+     */
+    Boolean repeatByPhone(User user);
+
     /**
      * 根据用户ID查询用户数据
      * @param id 用户ID

modules/system/src/main/java/com/cwhelp/modules/system/service/impl/RoleServiceImpl.java

@@ -68,6 +68,11 @@ public class RoleServiceImpl implements RoleService {
         return roleRepository.findAll(example, page);
     }
 
+    @Override
+    public List<Role> getListByType(Sort sort, String type) {
+        return roleRepository.findAllByType(sort, type);
+    }
+
     /**
      * 获取角色列表数据
      * @param sort 排序对象

modules/system/src/main/java/com/cwhelp/modules/system/service/impl/UserServiceImpl.java

@@ -1,5 +1,6 @@
 package com.cwhelp.modules.system.service.impl;
 
+import com.cwhelp.common.constant.AdminConst;
 import com.cwhelp.common.data.PageSort;
 import com.cwhelp.common.enums.StatusEnum;
 import com.cwhelp.modules.business.domain.BssPlatform;
@@ -57,6 +58,17 @@ public class UserServiceImpl implements UserService {
         return userRepository.findByUsernameAndIdNot(user.getUsername(), id) != null;
     }
 
+    /**
+     * 手机号码是否存在
+     * @param user 用户对象
+     * @return 用户数据
+     */
+    @Override
+    public Boolean repeatByPhone(User user) {
+        Long id = user.getId() != null ? user.getId() : Long.MIN_VALUE;
+        return userRepository.findByPhoneAndIdNot(user.getPhone(), id) != null;
+    }
+
     /**
      * 根据用户ID获取用户信息
      * @param id 用户ID
@@ -96,7 +108,7 @@ public class UserServiceImpl implements UserService {
                     preList.add(in);
                 }
                 // 1 为财务帮平台超级账号
-                if (1 != user.getBssPlatform().getId()) {
+                if (AdminConst.ADMIN_PLATFORM_ID != user.getBssPlatform().getId()) {
                     BssPlatform bssPlatform = user.getBssPlatform();
                     Join<User, BssPlatform> join = root.join("bssPlatform", JoinType.INNER);
                     Predicate eq = cb.equal(join.get("id").as(Long.class),bssPlatform.getId());