FatttSnake/oxygen-api
1
0
Fork 0
Code Pull Requests Activity

Complete core functions #9

Merged
FatttSnake merged 171 commits from FatttSnake into dev 2024-02-23 11:56:35 +08:00
Conversation 0 Commits 171 Files Changed 381 +113 -41
8 changed files with 113 additions and 41 deletions
Download Patch File Download Diff File Expand all files Collapse all files
Showing only changes of commit 4fcbceb149 - Show all commits

25
src/main/kotlin/top/fatweb/api/controller/permission/GroupController.kt
View File

@@ -3,6 +3,7 @@ package top.fatweb.api.controller.permission
import io.swagger.v3.oas.annotations.Operation
import io.swagger.v3.oas.annotations.tags.Tag
import jakarta.validation.Valid
import org.springframework.security.access.prepost.PreAuthorize
import org.springframework.web.bind.annotation.*
import top.fatweb.api.entity.common.ResponseCode
import top.fatweb.api.entity.common.ResponseResult
@@ -24,24 +25,27 @@ import top.fatweb.api.vo.permission.GroupWithRoleVo
class GroupController(
val groupService: IGroupService
) {
@Operation(summary = "获取用户组")
@GetMapping
fun get(@Valid groupGetParam: GroupGetParam?): ResponseResult<PageVo<GroupWithRoleVo>> {
return ResponseResult.databaseSuccess(
data = groupService.getPage(groupGetParam)
)
}
@Operation(summary = "获取单个用户组")
@GetMapping("/{id}")
@PreAuthorize("hasAnyAuthority('system:group:query:one')")
fun getOne(@PathVariable id: Long): ResponseResult<GroupWithRoleVo> {
return ResponseResult.databaseSuccess(
data = groupService.getOne(id)
)
}
@Operation(summary = "获取用户组")
@GetMapping
@PreAuthorize("hasAnyAuthority('system:group:query:all')")
fun get(@Valid groupGetParam: GroupGetParam?): ResponseResult<PageVo<GroupWithRoleVo>> {
return ResponseResult.databaseSuccess(
data = groupService.getPage(groupGetParam)
)
}
@Operation(summary = "获取用户组列表")
@GetMapping("/list")
@PreAuthorize("hasAnyAuthority('system:group:query:list', 'system:user:add:one', 'system:user:modify:one')")
fun list(): ResponseResult<List<GroupVo>> {
return ResponseResult.databaseSuccess(
data = groupService.listAll()
@@ -50,6 +54,7 @@ class GroupController(
@Operation(summary = "添加用户组")
@PostMapping
@PreAuthorize("hasAnyAuthority('system:group:add:one')")
fun add(@Valid @RequestBody groupAddParam: GroupAddParam): ResponseResult<GroupVo> {
return groupService.add(groupAddParam)?.let {
ResponseResult.databaseSuccess(
@@ -60,6 +65,7 @@ class GroupController(
@Operation(summary = "修改用户组")
@PutMapping
@PreAuthorize("hasAnyAuthority('system:group:modify:one')")
fun update(@Valid @RequestBody groupUpdateParam: GroupUpdateParam): ResponseResult<GroupVo> {
return groupService.update(groupUpdateParam)?.let {
ResponseResult.databaseSuccess(
@@ -70,6 +76,7 @@ class GroupController(
@Operation(summary = "修改用户组状态")
@PatchMapping
@PreAuthorize("hasAnyAuthority('system:group:modify:status')")
fun changStatus(@Valid @RequestBody groupChangeStatusParam: GroupChangeStatusParam): ResponseResult<Nothing> {
return if (groupService.changeStatus(groupChangeStatusParam)) {
ResponseResult.databaseSuccess(ResponseCode.DATABASE_UPDATE_SUCCESS)
@@ -80,6 +87,7 @@ class GroupController(
@Operation(summary = "删除角色")
@DeleteMapping("/{id}")
@PreAuthorize("hasAnyAuthority('system:group:delete:one')")
fun delete(@PathVariable id: Long): ResponseResult<Nothing> {
groupService.deleteOne(id)
return ResponseResult.databaseSuccess(ResponseCode.DATABASE_DELETE_SUCCESS)
@@ -87,6 +95,7 @@ class GroupController(
@Operation(summary = "批量删除角色")
@DeleteMapping
@PreAuthorize("hasAnyAuthority('system:group:delete:multiple')")
fun deleteList(@Valid @RequestBody groupDeleteParam: GroupDeleteParam): ResponseResult<Nothing> {
groupService.delete(groupDeleteParam)
return ResponseResult.databaseSuccess(ResponseCode.DATABASE_DELETE_SUCCESS)

2
src/main/kotlin/top/fatweb/api/controller/permission/PowerController.kt
View File

@@ -2,6 +2,7 @@ package top.fatweb.api.controller.permission
import io.swagger.v3.oas.annotations.Operation
import io.swagger.v3.oas.annotations.tags.Tag
import org.springframework.security.access.prepost.PreAuthorize
import org.springframework.web.bind.annotation.GetMapping
import org.springframework.web.bind.annotation.RequestMapping
import org.springframework.web.bind.annotation.RestController
@@ -22,5 +23,6 @@ class PowerController(
) {
@Operation(summary = "获取权限列表")
@GetMapping("/list")
@PreAuthorize("hasAnyAuthority('system:power:query:list', 'system:role:add:one', 'system:role:modify:one')")
fun getList() = ResponseResult.databaseSuccess(data = powerService.getList())
}

27
src/main/kotlin/top/fatweb/api/controller/permission/RoleController.kt
View File

@@ -3,14 +3,15 @@ package top.fatweb.api.controller.permission
import io.swagger.v3.oas.annotations.Operation
import io.swagger.v3.oas.annotations.tags.Tag
import jakarta.validation.Valid
import org.springframework.security.access.prepost.PreAuthorize
import org.springframework.web.bind.annotation.*
import top.fatweb.api.entity.common.ResponseCode
import top.fatweb.api.entity.common.ResponseResult
import top.fatweb.api.param.permission.role.*
import top.fatweb.api.service.permission.IRoleService
import top.fatweb.api.vo.PageVo
import top.fatweb.api.vo.permission.base.RoleVo
import top.fatweb.api.vo.permission.RoleWithPowerVo
import top.fatweb.api.vo.permission.base.RoleVo
/**
* Role controller
@@ -24,24 +25,27 @@ import top.fatweb.api.vo.permission.RoleWithPowerVo
class RoleController(
private val roleService: IRoleService
) {
@Operation(summary = "获取角色")
@GetMapping
fun get(roleGetParam: RoleGetParam?): ResponseResult<PageVo<RoleWithPowerVo>> {
return ResponseResult.databaseSuccess(
data = roleService.getPage(roleGetParam)
)
}
@Operation(summary = "获取单个角色")
@GetMapping("/{id}")
@PreAuthorize("hasAnyAuthority('system:role:query:one')")
fun getOne(@PathVariable id: Long): ResponseResult<RoleWithPowerVo> {
return ResponseResult.databaseSuccess(
data = roleService.getOne(id)
)
}
@Operation(summary = "获取角色")
@GetMapping
@PreAuthorize("hasAnyAuthority('system:role:query:all')")
fun get(roleGetParam: RoleGetParam?): ResponseResult<PageVo<RoleWithPowerVo>> {
return ResponseResult.databaseSuccess(
data = roleService.getPage(roleGetParam)
)
}
@Operation(summary = "获取角色列表")
@GetMapping("/list")
@PreAuthorize("hasAnyAuthority('system:role:query:list', 'system:group:add:one', 'system:group:modify:one', 'system:user:add:one', 'system:user:modify:one')")
fun list(): ResponseResult<List<RoleVo>> {
return ResponseResult.databaseSuccess(
data = roleService.listAll()
@@ -50,6 +54,7 @@ class RoleController(
@Operation(summary = "添加角色")
@PostMapping
@PreAuthorize("hasAnyAuthority('system:role:add:one')")
fun add(@Valid @RequestBody roleAddParam: RoleAddParam): ResponseResult<RoleVo> {
return roleService.add(roleAddParam)?.let {
ResponseResult.databaseSuccess(
@@ -60,6 +65,7 @@ class RoleController(
@Operation(summary = "修改角色")
@PutMapping
@PreAuthorize("hasAnyAuthority('system:role:modify:one')")
fun update(@Valid @RequestBody roleUpdateParam: RoleUpdateParam): ResponseResult<RoleVo> {
return roleService.update(roleUpdateParam)?.let {
ResponseResult.databaseSuccess(
@@ -70,6 +76,7 @@ class RoleController(
@Operation(summary = "修改角色状态")
@PatchMapping
@PreAuthorize("hasAnyAuthority('system:role:modify:status')")
fun changStatus(@Valid @RequestBody roleChangeStatusParam: RoleChangeStatusParam): ResponseResult<Nothing> {
return if (roleService.changeStatus(roleChangeStatusParam)) {
ResponseResult.databaseSuccess(ResponseCode.DATABASE_UPDATE_SUCCESS)
@@ -80,6 +87,7 @@ class RoleController(
@Operation(summary = "删除角色")
@DeleteMapping("/{id}")
@PreAuthorize("hasAnyAuthority('system:role:delete:one')")
fun delete(@PathVariable id: Long): ResponseResult<Nothing> {
roleService.deleteOne(id)
return ResponseResult.databaseSuccess(ResponseCode.DATABASE_DELETE_SUCCESS)
@@ -87,6 +95,7 @@ class RoleController(
@Operation(summary = "批量删除角色")
@DeleteMapping
@PreAuthorize("hasAnyAuthority('system:role:delete:multiple')")
fun deleteList(@Valid @RequestBody roleDeleteParam: RoleDeleteParam): ResponseResult<Nothing> {
roleService.delete(roleDeleteParam)
return ResponseResult.databaseSuccess(ResponseCode.DATABASE_DELETE_SUCCESS)

24
src/main/kotlin/top/fatweb/api/controller/permission/UserController.kt
View File

@@ -3,6 +3,7 @@ package top.fatweb.api.controller.permission
import io.swagger.v3.oas.annotations.Operation
import io.swagger.v3.oas.annotations.tags.Tag
import jakarta.validation.Valid
import org.springframework.security.access.prepost.PreAuthorize
import org.springframework.web.bind.annotation.*
import top.fatweb.api.entity.common.ResponseCode
import top.fatweb.api.entity.common.ResponseResult
@@ -34,16 +35,9 @@ class UserController(
} ?: let { return ResponseResult.databaseFail() }
}
@Operation(summary = "获取用户")
@GetMapping
fun get(@Valid userGetParam: UserGetParam?): ResponseResult<PageVo<UserWithRoleInfoVo>> {
return ResponseResult.databaseSuccess(
data = userService.getPage(userGetParam)
)
}
@Operation(summary = "获取单个用户")
@GetMapping("/{id}")
@PreAuthorize("hasAnyAuthority('system:user:query:one')")
fun getOne(@PathVariable id: Long): ResponseResult<UserWithRoleInfoVo> {
return userService.getOne(id)?.let {
ResponseResult.databaseSuccess(data = it)
@@ -52,8 +46,18 @@ class UserController(
}
}
@Operation(summary = "获取用户")
@GetMapping
@PreAuthorize("hasAnyAuthority('system:user:query:all')")
fun get(@Valid userGetParam: UserGetParam?): ResponseResult<PageVo<UserWithRoleInfoVo>> {
return ResponseResult.databaseSuccess(
data = userService.getPage(userGetParam)
)
}
@Operation(summary = "添加用户")
@PostMapping
@PreAuthorize("hasAnyAuthority('system:user:add:one')")
fun add(@Valid @RequestBody userAddParam: UserAddParam): ResponseResult<UserWithPasswordRoleInfoVo> {
return userService.add(userAddParam)?.let {
ResponseResult.databaseSuccess(
@@ -64,6 +68,7 @@ class UserController(
@Operation(summary = "修改用户")
@PutMapping
@PreAuthorize("hasAnyAuthority('system:user:modify:one')")
fun update(@Valid @RequestBody userUpdateParam: UserUpdateParam): ResponseResult<UserWithRoleInfoVo> {
return userService.update(userUpdateParam)?.let {
ResponseResult.databaseSuccess(
@@ -74,6 +79,7 @@ class UserController(
@Operation(summary = "修改密码")
@PatchMapping
@PreAuthorize("hasAnyAuthority('system:user:modify:password')")
fun changePassword(@Valid @RequestBody userChangePasswordParam: UserChangePasswordParam): ResponseResult<Nothing> {
userService.changePassword(userChangePasswordParam)
return ResponseResult.databaseSuccess(ResponseCode.DATABASE_UPDATE_SUCCESS)
@@ -81,6 +87,7 @@ class UserController(
@Operation(summary = "删除用户")
@DeleteMapping("/{id}")
@PreAuthorize("hasAnyAuthority('system:user:delete:one')")
fun delete(@PathVariable id: Long): ResponseResult<Nothing> {
userService.deleteOne(id)
return ResponseResult.databaseSuccess(ResponseCode.DATABASE_DELETE_SUCCESS)
@@ -88,6 +95,7 @@ class UserController(
@Operation(summary = "批量删除用户")
@DeleteMapping
@PreAuthorize("hasAnyAuthority('system:user:delete:multiple')")
fun deleteList(@Valid @RequestBody userDeleteParam: UserDeleteParam): ResponseResult<Nothing> {
userService.delete(userDeleteParam)
return ResponseResult.databaseSuccess(ResponseCode.DATABASE_DELETE_SUCCESS)

2
src/main/kotlin/top/fatweb/api/controller/system/SysLogController.kt
View File

@@ -3,6 +3,7 @@ package top.fatweb.api.controller.system
import io.swagger.v3.oas.annotations.Operation
import io.swagger.v3.oas.annotations.tags.Tag
import jakarta.validation.Valid
import org.springframework.security.access.prepost.PreAuthorize
import org.springframework.web.bind.annotation.GetMapping
import org.springframework.web.bind.annotation.RequestMapping
import org.springframework.web.bind.annotation.RestController
@@ -28,6 +29,7 @@ class SysLogController(
) {
@Operation(summary = "获取")
@GetMapping
@PreAuthorize("hasAnyAuthority('system:log:query:all')")
fun get(@Valid sysLogGetParam: SysLogGetParam?): ResponseResult<PageVo<SysLogVo>> {
return ResponseResult.success(
ResponseCode.DATABASE_SELECT_SUCCESS, data = SysLogConverter.sysLogPageToSysLogPageVo(

3
src/main/kotlin/top/fatweb/api/entity/permission/LoginUser.kt
View File

@@ -3,6 +3,7 @@ package top.fatweb.api.entity.permission
import com.fasterxml.jackson.annotation.JsonIgnore
import com.fasterxml.jackson.annotation.JsonTypeInfo
import org.springframework.security.core.GrantedAuthority
import org.springframework.security.core.authority.SimpleGrantedAuthority
import org.springframework.security.core.userdetails.UserDetails
import java.time.LocalDateTime
import java.time.ZoneOffset
@@ -27,7 +28,7 @@ class LoginUser() : UserDetails {
@JsonIgnore
override fun getAuthorities(): List<GrantedAuthority> {
authorities?.let { return it }
authorities = emptyList()
authorities = user.operations?.map { SimpleGrantedAuthority(it.code) } ?: emptyList()
return authorities as List<GrantedAuthority>
}

6
src/main/kotlin/top/fatweb/api/handler/ExceptionHandler.kt
View File

@@ -8,6 +8,7 @@ import org.slf4j.LoggerFactory
import org.springframework.dao.DuplicateKeyException
import org.springframework.http.converter.HttpMessageNotReadableException
import org.springframework.jdbc.BadSqlGrammarException
import org.springframework.security.access.AccessDeniedException
import org.springframework.security.authentication.*
import org.springframework.web.HttpRequestMethodNotSupportedException
import org.springframework.web.bind.MethodArgumentNotValidException
@@ -106,6 +107,11 @@ class ExceptionHandler {
ResponseResult.fail(ResponseCode.PERMISSION_TOKEN_HAS_EXPIRED, e.localizedMessage, null)
}
is AccessDeniedException -> {
logger.debug(e.localizedMessage, e)
ResponseResult.fail(ResponseCode.PERMISSION_ACCESS_DENIED, "Access Denied", null)
}
is BadSqlGrammarException -> {
logger.debug(e.localizedMessage, e)
ResponseResult.fail(ResponseCode.DATABASE_EXECUTE_ERROR, "Incorrect SQL syntax", null)

65
src/main/resources/db/migration/R__Basic_data.sql
View File

@@ -11,9 +11,11 @@ insert into t_power (id, type_id)
(1010000, 2),
(1020000, 2),
(1030000, 2),
(1040000, 2),
(1010100, 3),
(1010200, 3),
(1010300, 3),
(1010400, 3),
(1020100, 3),
(1020200, 3),
(1020300, 3),
@@ -22,18 +24,32 @@ insert into t_power (id, type_id)
(1030200, 3),
(1030300, 3),
(1030400, 3),
(1040100, 3),
(1010101, 4),
(1010102, 4),
(1010103, 4),
(1010201, 4),
(1010301, 4),
(1010302, 4),
(1010401, 4),
(1010402, 4),
(1020101, 4),
(1020102, 4),
(1020103, 4),
(1020201, 4),
(1020301, 4),
(1020302, 4),
(1020401, 4),
(1020402, 4),
(1030101, 4),
(1030102, 4),
(1030103, 4),
(1030201, 4),
(1030301, 4),
(1030401, 4)
(1030302, 4),
(1030401, 4),
(1030402, 4),
(1040103, 4)
as new_value
on duplicate key update type_id = new_value.type_id;
@@ -45,7 +61,9 @@ insert into t_menu (id, name, url, parent_id, module_id)
values (1990000, '系统管理', '/system', null, 1000000),
(1010000, '用户管理', '/system/user', 1990000, 1000000),
(1020000, '角色管理', '/system/role', 1990000, 1000000),
(1030000, '用户组管理', '/system/group', 1990000, 1000000) as new_value
(1030000, '用户组管理', '/system/group', 1990000, 1000000),
(1040000, '权限管理', '/system/power', 1990000, 1000000),
(1510000, '日志管理', '/system/log', 1990000, 1000000) as new_value
on duplicate key update name =new_value.name,
url =new_value.url,
parent_id =new_value.parent_id;
@@ -54,6 +72,7 @@ insert into t_element(id, name, menu_id, parent_id)
values (1010100, '查询', 1010000, null),
(1010200, '增加', 1010000, null),
(1010300, '修改', 1010000, null),
(1010400, '删除', 1010000, null),
(1020100, '查询', 1020000, null),
(1020200, '增加', 1020000, null),
(1020300, '修改', 1020000, null),
@@ -61,24 +80,40 @@ insert into t_element(id, name, menu_id, parent_id)
(1030100, '查询', 1030000, null),
(1030200, '增加', 1030000, null),
(1030300, '修改', 1030000, null),
(1030400, '删除', 1030000, null) as new_value
(1030400, '删除', 1030000, null),
(1040100, '查询', 1040000, null),
(1510100, '查询', 1510000, null) as new_value
on duplicate key update name = new_value.name,
menu_id = new_value.menu_id,
parent_id = new_value.parent_id;
insert into t_operation(id, name, code, element_id)
values (1010101, '全部', 'system:user:query:all', 1010100),
(1010102, '单个', 'system:user:query:one', 1010100),
(1010201, '全部', 'system:user:add:all', 1010200),
(1010301, '全部', 'system:user:modify:all', 1010300),
(1020101, '全部', 'system:role:query:all', 1020100),
(1020201, '全部', 'system:role:add:all', 1020200),
(1020301, '全部', 'system:role:modify:all', 1020300),
(1020401, '全部', 'system:role:delete:all', 1020400),
(1030101, '全部', 'system:group:query:all', 1030100),
(1030201, '全部', 'system:group:add:all', 1030200),
(1030301, '全部', 'system:group:modify:all', 1030300),
(1030401, '全部', 'system:group:delete:all', 1030400) as new_value
values (1010101, '单个', 'system:user:query:one', 1010100),
(1010102, '全部', 'system:user:query:all', 1010100),
(1010103, '列表', 'system:user:query:list', 1010100),
(1010201, '单个', 'system:user:add:one', 1010200),
(1010301, '单个', 'system:user:modify:one', 1010300),
(1010302, '密码', 'system:user:modify:password', 1010300),
(1010401, '单个', 'system:user:delete:one', 1010400),
(1010402, '多个', 'system:user:delete:multiple', 1010400),
(1020101, '单个', 'system:role:query:one', 1020100),
(1020102, '全部', 'system:role:query:all', 1020100),
(1020103, '列表', 'system:role:query:list', 1020100),
(1020201, '单个', 'system:role:add:one', 1020200),
(1020301, '单个', 'system:role:modify:one', 1020300),
(1020302, '状态', 'system:role:modify:status', 1020300),
(1020401, '单个', 'system:role:delete:one', 1020400),
(1020402, '多个', 'system:role:delete:multiple', 1020400),
(1030101, '单个', 'system:group:query:one', 1030100),
(1030102, '全部', 'system:group:query:all', 1030100),
(1030103, '列表', 'system:group:query:list', 1030100),
(1030201, '单个', 'system:group:add:one', 1030200),
(1030301, '单个', 'system:group:modify:one', 1030300),
(1030302, '状态', 'system:group:modify:status', 1030300),
(1030401, '单个', 'system:group:delete:one', 1030400),
(1030402, '多个', 'system:group:delete:multiple', 1030400),
(1040103, '列表', 'system:power:query:list', 1040100),
(1510101, '列表', 'system:log:query:all', 1510100) as new_value
on duplicate key update name=new_value.name,
code=new_value.code,
element_id=new_value.element_id;