From b89d0c482f084f8b77cb07031a55ce90d97d9181 Mon Sep 17 00:00:00 2001 From: Junling Bu Date: Thu, 31 Jan 2019 22:39:05 +0800 Subject: [PATCH] =?UTF-8?q?chore[litemall-admin-api]=EF=BC=9A=20=E6=9D=83?= =?UTF-8?q?=E9=99=90=E4=BB=A3=E7=A0=81=E5=BE=AE=E8=B0=83?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- .../litemall/admin/util/PermissionUtil.java | 61 ++++++++++++------- .../admin/web/AdminCouponController.java | 2 +- .../admin/web/AdminGoodsController.java | 22 +++---- .../admin/web/AdminGrouponController.java | 2 +- .../admin/web/AdminIssueController.java | 8 +-- .../admin/web/AdminKeywordController.java | 10 +-- .../admin/web/AdminOrderController.java | 10 +-- .../admin/web/AdminRoleController.java | 19 +++--- .../admin/web/AdminUserController.java | 2 - 9 files changed, 75 insertions(+), 61 deletions(-) diff --git a/litemall-admin-api/src/main/java/org/linlinjava/litemall/admin/util/PermissionUtil.java b/litemall-admin-api/src/main/java/org/linlinjava/litemall/admin/util/PermissionUtil.java index 41002578..b6d1f8ec 100644 --- a/litemall-admin-api/src/main/java/org/linlinjava/litemall/admin/util/PermissionUtil.java +++ b/litemall-admin-api/src/main/java/org/linlinjava/litemall/admin/util/PermissionUtil.java @@ -13,32 +13,33 @@ import org.springframework.web.bind.annotation.PostMapping; import org.springframework.web.bind.annotation.RequestMapping; import java.lang.reflect.Method; -import java.util.*; -import java.util.stream.Collectors; +import java.util.ArrayList; +import java.util.List; +import java.util.Map; public class PermissionUtil { public static List listPermissions(ApplicationContext context, String basicPackage) { List root = new ArrayList<>(); List permissions = findPermissions(context, basicPackage); - for(Permission permission : permissions) { + for (Permission permission : permissions) { RequiresPermissions requiresPermissions = permission.getRequiresPermissions(); RequiresPermissionsDesc requiresPermissionsDesc = permission.getRequiresPermissionsDesc(); String api = permission.getApi(); String[] menus = requiresPermissionsDesc.menu(); - if(menus.length != 2){ + if (menus.length != 2) { throw new RuntimeException("目前只支持两级菜单"); } String menu1 = menus[0]; PermVo perm1 = null; - for(PermVo permVo : root){ - if(permVo.getLabel().equals(menu1)){ + for (PermVo permVo : root) { + if (permVo.getLabel().equals(menu1)) { perm1 = permVo; break; } } - if(perm1 == null){ + if (perm1 == null) { perm1 = new PermVo(); perm1.setId(menu1); perm1.setLabel(menu1); @@ -47,13 +48,13 @@ public class PermissionUtil { } String menu2 = menus[1]; PermVo perm2 = null; - for(PermVo permVo : perm1.getChildren()){ - if(permVo.getLabel().equals(menu2)){ + for (PermVo permVo : perm1.getChildren()) { + if (permVo.getLabel().equals(menu2)) { perm2 = permVo; break; } } - if(perm2 == null){ + if (perm2 == null) { perm2 = new PermVo(); perm2.setId(menu2); perm2.setLabel(menu2); @@ -61,12 +62,28 @@ public class PermissionUtil { perm1.getChildren().add(perm2); } - PermVo leftPerm = new PermVo(); - leftPerm.setId(requiresPermissions.value()[0]); - leftPerm.setLabel(requiresPermissionsDesc.button()); - leftPerm.setApi(api); + String button = requiresPermissionsDesc.button(); + PermVo leftPerm = null; + for (PermVo permVo : perm2.getChildren()) { + if (permVo.getLabel().equals(button)) { + leftPerm = permVo; + break; + } + } + if (leftPerm == null) { + leftPerm = new PermVo(); + leftPerm.setId(requiresPermissions.value()[0]); + leftPerm.setLabel(requiresPermissionsDesc.button()); + leftPerm.setApi(api); + perm2.getChildren().add(leftPerm); + } + else{ + // TODO + // 目前限制Controller里面每个方法的RequiresPermissionsDesc注解是唯一的 + // 如果允许相同,可能会造成内部权限不一致。 + throw new RuntimeException("权限已经存在,不能添加新权限"); + } - perm2.getChildren().add(leftPerm); } return root; } @@ -74,9 +91,9 @@ public class PermissionUtil { public static List findPermissions(ApplicationContext context, String basicPackage) { Map map = context.getBeansWithAnnotation(Controller.class); List permissions = new ArrayList<>(); - for(Map.Entry entry : map.entrySet()){ + for (Map.Entry entry : map.entrySet()) { Object bean = entry.getValue(); - if(!StringUtils.contains(ClassUtils.getPackageName(bean.getClass()), basicPackage)){ + if (!StringUtils.contains(ClassUtils.getPackageName(bean.getClass()), basicPackage)) { continue; } @@ -84,21 +101,21 @@ public class PermissionUtil { Class controllerClz = clz.getSuperclass(); RequestMapping clazzRequestMapping = AnnotationUtils.findAnnotation(controllerClz, RequestMapping.class); List methods = MethodUtils.getMethodsListWithAnnotation(controllerClz, RequiresPermissions.class); - for(Method method : methods){ + for (Method method : methods) { RequiresPermissions requiresPermissions = AnnotationUtils.getAnnotation(method, RequiresPermissions.class); RequiresPermissionsDesc requiresPermissionsDesc = AnnotationUtils.getAnnotation(method, RequiresPermissionsDesc.class); - if(requiresPermissions == null || requiresPermissionsDesc == null){ + if (requiresPermissions == null || requiresPermissionsDesc == null) { continue; } String api = ""; - if(clazzRequestMapping != null){ + if (clazzRequestMapping != null) { api = clazzRequestMapping.value()[0]; } PostMapping postMapping = AnnotationUtils.getAnnotation(method, PostMapping.class); - if(postMapping != null){ + if (postMapping != null) { api = "POST " + api + postMapping.value()[0]; Permission permission = new Permission(); @@ -109,7 +126,7 @@ public class PermissionUtil { continue; } GetMapping getMapping = AnnotationUtils.getAnnotation(method, GetMapping.class); - if(getMapping != null){ + if (getMapping != null) { api = "GET " + api + getMapping.value()[0]; Permission permission = new Permission(); permission.setRequiresPermissions(requiresPermissions); diff --git a/litemall-admin-api/src/main/java/org/linlinjava/litemall/admin/web/AdminCouponController.java b/litemall-admin-api/src/main/java/org/linlinjava/litemall/admin/web/AdminCouponController.java index d38bef20..808af414 100644 --- a/litemall-admin-api/src/main/java/org/linlinjava/litemall/admin/web/AdminCouponController.java +++ b/litemall-admin-api/src/main/java/org/linlinjava/litemall/admin/web/AdminCouponController.java @@ -51,7 +51,7 @@ public class AdminCouponController { } @RequiresPermissions("admin:coupon:list") - @RequiresPermissionsDesc(menu={"推广管理" , "优惠券管理"}, button="查询") + @RequiresPermissionsDesc(menu={"推广管理" , "优惠券管理"}, button="查询用户") @GetMapping("/listuser") public Object listuser(Integer userId, Integer couponId, Short status, @RequestParam(defaultValue = "1") Integer page, diff --git a/litemall-admin-api/src/main/java/org/linlinjava/litemall/admin/web/AdminGoodsController.java b/litemall-admin-api/src/main/java/org/linlinjava/litemall/admin/web/AdminGoodsController.java index 9f8240b7..120f5ec1 100644 --- a/litemall-admin-api/src/main/java/org/linlinjava/litemall/admin/web/AdminGoodsController.java +++ b/litemall-admin-api/src/main/java/org/linlinjava/litemall/admin/web/AdminGoodsController.java @@ -36,7 +36,7 @@ public class AdminGoodsController { * @return */ @RequiresPermissions("admin:goods:list") - @RequiresPermissionsDesc(menu = {"商品管理", "商品列表"}, button = "查询") + @RequiresPermissionsDesc(menu = {"商品管理", "商品管理"}, button = "查询") @GetMapping("/list") public Object list(String goodsSn, String name, @RequestParam(defaultValue = "1") Integer page, @@ -46,6 +46,11 @@ public class AdminGoodsController { return adminGoodsService.list(goodsSn, name, page, limit, sort, order); } + @GetMapping("/catAndBrand") + public Object list2() { + return adminGoodsService.list2(); + } + /** * 编辑商品 * @@ -53,7 +58,7 @@ public class AdminGoodsController { * @return */ @RequiresPermissions("admin:goods:update") - @RequiresPermissionsDesc(menu = {"商品管理", "商品列表"}, button = "编辑") + @RequiresPermissionsDesc(menu = {"商品管理", "商品管理"}, button = "编辑") @PostMapping("/update") public Object update(@RequestBody GoodsAllinone goodsAllinone) { return adminGoodsService.update(goodsAllinone); @@ -66,7 +71,7 @@ public class AdminGoodsController { * @return */ @RequiresPermissions("admin:goods:delete") - @RequiresPermissionsDesc(menu = {"商品管理", "商品列表"}, button = "删除") + @RequiresPermissionsDesc(menu = {"商品管理", "商品管理"}, button = "删除") @PostMapping("/delete") public Object delete(@RequestBody LitemallGoods goods) { return adminGoodsService.delete(goods); @@ -79,19 +84,12 @@ public class AdminGoodsController { * @return */ @RequiresPermissions("admin:goods:create") - @RequiresPermissionsDesc(menu = {"商品管理", "商品上架"}, button = "上架") + @RequiresPermissionsDesc(menu = {"商品管理", "商品管理"}, button = "上架") @PostMapping("/create") public Object create(@RequestBody GoodsAllinone goodsAllinone) { return adminGoodsService.create(goodsAllinone); } - @RequiresPermissions("admin:goods:list") - @RequiresPermissionsDesc(menu = {"商品管理", "商品列表"}, button = "查询") - @GetMapping("/catAndBrand") - public Object list2() { - return adminGoodsService.list2(); - } - /** * 商品详情 * @@ -99,7 +97,7 @@ public class AdminGoodsController { * @return */ @RequiresPermissions("admin:goods:read") - @RequiresPermissionsDesc(menu = {"商品管理", "商品列表"}, button = "编辑") + @RequiresPermissionsDesc(menu = {"商品管理", "商品管理"}, button = "详情") @GetMapping("/detail") public Object detail(@NotNull Integer id) { return adminGoodsService.detail(id); diff --git a/litemall-admin-api/src/main/java/org/linlinjava/litemall/admin/web/AdminGrouponController.java b/litemall-admin-api/src/main/java/org/linlinjava/litemall/admin/web/AdminGrouponController.java index db81996e..7d092b71 100644 --- a/litemall-admin-api/src/main/java/org/linlinjava/litemall/admin/web/AdminGrouponController.java +++ b/litemall-admin-api/src/main/java/org/linlinjava/litemall/admin/web/AdminGrouponController.java @@ -38,7 +38,7 @@ public class AdminGrouponController { private LitemallGrouponService grouponService; @RequiresPermissions("admin:groupon:read") - @RequiresPermissionsDesc(menu={"推广管理" , "团购管理"}, button="查询") + @RequiresPermissionsDesc(menu={"推广管理" , "团购管理"}, button="详情") @GetMapping("/listRecord") public Object listRecord(String grouponId, @RequestParam(defaultValue = "1") Integer page, diff --git a/litemall-admin-api/src/main/java/org/linlinjava/litemall/admin/web/AdminIssueController.java b/litemall-admin-api/src/main/java/org/linlinjava/litemall/admin/web/AdminIssueController.java index 54708b0b..9eb26c7a 100644 --- a/litemall-admin-api/src/main/java/org/linlinjava/litemall/admin/web/AdminIssueController.java +++ b/litemall-admin-api/src/main/java/org/linlinjava/litemall/admin/web/AdminIssueController.java @@ -29,7 +29,7 @@ public class AdminIssueController { private LitemallIssueService issueService; @RequiresPermissions("admin:issue:list") - @RequiresPermissionsDesc(menu={"商城管理" , "通用问题"}, button="查询") + @RequiresPermissionsDesc(menu={"商场管理" , "通用问题"}, button="查询") @GetMapping("/list") public Object list(String question, @RequestParam(defaultValue = "1") Integer page, @@ -58,7 +58,7 @@ public class AdminIssueController { } @RequiresPermissions("admin:issue:create") - @RequiresPermissionsDesc(menu={"商城管理" , "通用问题"}, button="添加") + @RequiresPermissionsDesc(menu={"商场管理" , "通用问题"}, button="添加") @PostMapping("/create") public Object create(@RequestBody LitemallIssue issue) { Object error = validate(issue); @@ -77,7 +77,7 @@ public class AdminIssueController { } @RequiresPermissions("admin:issue:update") - @RequiresPermissionsDesc(menu={"商城管理" , "通用问题"}, button="编辑") + @RequiresPermissionsDesc(menu={"商场管理" , "通用问题"}, button="编辑") @PostMapping("/update") public Object update(@RequestBody LitemallIssue issue) { Object error = validate(issue); @@ -92,7 +92,7 @@ public class AdminIssueController { } @RequiresPermissions("admin:issue:delete") - @RequiresPermissionsDesc(menu={"商城管理" , "通用问题"}, button="删除") + @RequiresPermissionsDesc(menu={"商场管理" , "通用问题"}, button="删除") @PostMapping("/delete") public Object delete(@RequestBody LitemallIssue issue) { Integer id = issue.getId(); diff --git a/litemall-admin-api/src/main/java/org/linlinjava/litemall/admin/web/AdminKeywordController.java b/litemall-admin-api/src/main/java/org/linlinjava/litemall/admin/web/AdminKeywordController.java index eca48483..1261e468 100644 --- a/litemall-admin-api/src/main/java/org/linlinjava/litemall/admin/web/AdminKeywordController.java +++ b/litemall-admin-api/src/main/java/org/linlinjava/litemall/admin/web/AdminKeywordController.java @@ -29,7 +29,7 @@ public class AdminKeywordController { private LitemallKeywordService keywordService; @RequiresPermissions("admin:keyword:list") - @RequiresPermissionsDesc(menu={"商城管理" , "关键词"}, button="查询") + @RequiresPermissionsDesc(menu={"商场管理" , "关键词"}, button="查询") @GetMapping("/list") public Object list(String keyword, String url, @RequestParam(defaultValue = "1") Integer page, @@ -58,7 +58,7 @@ public class AdminKeywordController { } @RequiresPermissions("admin:keyword:create") - @RequiresPermissionsDesc(menu={"商城管理" , "关键词"}, button="添加") + @RequiresPermissionsDesc(menu={"商场管理" , "关键词"}, button="添加") @PostMapping("/create") public Object create(@RequestBody LitemallKeyword keywords) { Object error = validate(keywords); @@ -70,7 +70,7 @@ public class AdminKeywordController { } @RequiresPermissions("admin:keyword:read") - @RequiresPermissionsDesc(menu={"商城管理" , "关键词"}, button="详情") + @RequiresPermissionsDesc(menu={"商场管理" , "关键词"}, button="详情") @GetMapping("/read") public Object read(@NotNull Integer id) { LitemallKeyword brand = keywordService.findById(id); @@ -78,7 +78,7 @@ public class AdminKeywordController { } @RequiresPermissions("admin:keyword:update") - @RequiresPermissionsDesc(menu={"商城管理" , "关键词"}, button="编辑") + @RequiresPermissionsDesc(menu={"商场管理" , "关键词"}, button="编辑") @PostMapping("/update") public Object update(@RequestBody LitemallKeyword keywords) { Object error = validate(keywords); @@ -92,7 +92,7 @@ public class AdminKeywordController { } @RequiresPermissions("admin:keyword:delete") - @RequiresPermissionsDesc(menu={"商城管理" , "关键词"}, button="删除") + @RequiresPermissionsDesc(menu={"商场管理" , "关键词"}, button="删除") @PostMapping("/delete") public Object delete(@RequestBody LitemallKeyword keyword) { Integer id = keyword.getId(); diff --git a/litemall-admin-api/src/main/java/org/linlinjava/litemall/admin/web/AdminOrderController.java b/litemall-admin-api/src/main/java/org/linlinjava/litemall/admin/web/AdminOrderController.java index 567d8c34..6545116c 100644 --- a/litemall-admin-api/src/main/java/org/linlinjava/litemall/admin/web/AdminOrderController.java +++ b/litemall-admin-api/src/main/java/org/linlinjava/litemall/admin/web/AdminOrderController.java @@ -36,7 +36,7 @@ public class AdminOrderController { * @return */ @RequiresPermissions("admin:order:list") - @RequiresPermissionsDesc(menu = {"商城管理", "订单管理"}, button = "查询") + @RequiresPermissionsDesc(menu = {"商场管理", "订单管理"}, button = "查询") @GetMapping("/list") public Object list(Integer userId, String orderSn, @RequestParam(required = false) List orderStatusArray, @@ -54,7 +54,7 @@ public class AdminOrderController { * @return */ @RequiresPermissions("admin:order:read") - @RequiresPermissionsDesc(menu = {"商城管理", "订单管理"}, button = "详情") + @RequiresPermissionsDesc(menu = {"商场管理", "订单管理"}, button = "详情") @GetMapping("/detail") public Object detail(@NotNull Integer id) { return adminOrderService.detail(id); @@ -67,7 +67,7 @@ public class AdminOrderController { * @return 订单退款操作结果 */ @RequiresPermissions("admin:order:refund") - @RequiresPermissionsDesc(menu = {"商城管理", "订单管理"}, button = "订单退款") + @RequiresPermissionsDesc(menu = {"商场管理", "订单管理"}, button = "订单退款") @PostMapping("refund") public Object refund(@RequestBody String body) { return adminOrderService.refund(body); @@ -80,7 +80,7 @@ public class AdminOrderController { * @return 订单操作结果 */ @RequiresPermissions("admin:order:ship") - @RequiresPermissionsDesc(menu = {"商城管理", "订单管理"}, button = "订单发货") + @RequiresPermissionsDesc(menu = {"商场管理", "订单管理"}, button = "订单发货") @PostMapping("ship") public Object ship(@RequestBody String body) { return adminOrderService.ship(body); @@ -94,7 +94,7 @@ public class AdminOrderController { * @return 订单操作结果 */ @RequiresPermissions("admin:order:reply") - @RequiresPermissionsDesc(menu = {"商城管理", "订单管理"}, button = "订单商品回复") + @RequiresPermissionsDesc(menu = {"商场管理", "订单管理"}, button = "订单商品回复") @PostMapping("reply") public Object reply(@RequestBody String body) { return adminOrderService.reply(body); diff --git a/litemall-admin-api/src/main/java/org/linlinjava/litemall/admin/web/AdminRoleController.java b/litemall-admin-api/src/main/java/org/linlinjava/litemall/admin/web/AdminRoleController.java index d882dcf5..2ff76ffd 100644 --- a/litemall-admin-api/src/main/java/org/linlinjava/litemall/admin/web/AdminRoleController.java +++ b/litemall-admin-api/src/main/java/org/linlinjava/litemall/admin/web/AdminRoleController.java @@ -42,7 +42,7 @@ public class AdminRoleController { private LitemallPermissionService permissionService; @RequiresPermissions("admin:role:list") - @RequiresPermissionsDesc(menu={"系统管理" , "角色管理"}, button="查询") + @RequiresPermissionsDesc(menu={"系统管理" , "角色管理"}, button="角色查询") @GetMapping("/list") public Object list(String name, @RequestParam(defaultValue = "1") Integer page, @@ -58,8 +58,6 @@ public class AdminRoleController { return ResponseUtil.ok(data); } - @RequiresPermissions("admin:role:list") - @RequiresPermissionsDesc(menu={"系统管理" , "角色管理"}, button="查询") @GetMapping("/options") public Object options(){ List roleList = roleService.queryAll(); @@ -76,7 +74,7 @@ public class AdminRoleController { } @RequiresPermissions("admin:role:read") - @RequiresPermissionsDesc(menu={"系统管理" , "角色管理"}, button="详情") + @RequiresPermissionsDesc(menu={"系统管理" , "角色管理"}, button="角色详情") @GetMapping("/read") public Object read(@NotNull Integer id) { LitemallRole role = roleService.findById(id); @@ -94,7 +92,7 @@ public class AdminRoleController { } @RequiresPermissions("admin:role:create") - @RequiresPermissionsDesc(menu={"系统管理" , "角色管理"}, button="添加") + @RequiresPermissionsDesc(menu={"系统管理" , "角色管理"}, button="角色添加") @PostMapping("/create") public Object create(@RequestBody LitemallRole role) { Object error = validate(role); @@ -112,7 +110,7 @@ public class AdminRoleController { } @RequiresPermissions("admin:role:update") - @RequiresPermissionsDesc(menu={"系统管理" , "角色管理"}, button="编辑") + @RequiresPermissionsDesc(menu={"系统管理" , "角色管理"}, button="角色编辑") @PostMapping("/update") public Object update(@RequestBody LitemallRole role) { Object error = validate(role); @@ -125,7 +123,7 @@ public class AdminRoleController { } @RequiresPermissions("admin:role:delete") - @RequiresPermissionsDesc(menu={"系统管理" , "角色管理"}, button="删除") + @RequiresPermissionsDesc(menu={"系统管理" , "角色管理"}, button="角色删除") @PostMapping("/delete") public Object delete(@RequestBody LitemallRole role) { Integer id = role.getId(); @@ -178,7 +176,7 @@ public class AdminRoleController { * @return 系统所有权限列表和管理员已分配权限 */ @RequiresPermissions("admin:role:permission") - @RequiresPermissionsDesc(menu={"系统管理" , "角色管理"}, button="授权") + @RequiresPermissionsDesc(menu={"系统管理" , "角色管理"}, button="权限详情") @GetMapping("/permissions") public Object getPermissions(Integer roleId) { List systemPermissions = getSystemPermissions(); @@ -198,11 +196,14 @@ public class AdminRoleController { * @return */ @RequiresPermissions("admin:role:permission") - @RequiresPermissionsDesc(menu={"系统管理" , "角色管理"}, button="授权") + @RequiresPermissionsDesc(menu={"系统管理" , "角色管理"}, button="权限变更") @PostMapping("/permissions") public Object updatePermissions(@RequestBody String body) { Integer roleId = JacksonUtil.parseInteger(body, "roleId"); List permissions = JacksonUtil.parseStringList(body, "permissions"); + if(roleId == null || permissions == null){ + return ResponseUtil.badArgument(); + } // 如果修改的角色是超级权限,则拒绝修改。 if(permissionService.checkSuperPermission(roleId)){ diff --git a/litemall-admin-api/src/main/java/org/linlinjava/litemall/admin/web/AdminUserController.java b/litemall-admin-api/src/main/java/org/linlinjava/litemall/admin/web/AdminUserController.java index 2a0eeb19..e50b6d66 100644 --- a/litemall-admin-api/src/main/java/org/linlinjava/litemall/admin/web/AdminUserController.java +++ b/litemall-admin-api/src/main/java/org/linlinjava/litemall/admin/web/AdminUserController.java @@ -49,8 +49,6 @@ public class AdminUserController { return ResponseUtil.ok(data); } - @RequiresPermissions("admin:user:list") - @RequiresPermissionsDesc(menu={"用户管理" , "会员管理"}, button="查询") @GetMapping("/username") public Object username(@NotEmpty String username) { int total = userService.countSeletive(username, null, null, null, null, null);