权限v3

authorize-api-service/src/main/java/com/xy/config/SaTokenAuthorizeConfig.java

@@ -0,0 +1,17 @@
+package com.xy.config;
+
+import lombok.Data;
+import org.springframework.boot.context.properties.ConfigurationProperties;
+import org.springframework.stereotype.Component;
+
+@Data
+@Component
+@ConfigurationProperties(prefix = "sa-token")
+public class SaTokenAuthorizeConfig {
+
+    /**
+     * token名称
+     */
+    private String tokenName;
+
+}

authorize-api-service/src/main/java/com/xy/redis/RedisCache.java

@@ -111,40 +111,27 @@ public class RedisCache extends AuthorizeUtils {
     /**
      * 判断数据查询权限
      *
-     * @param token              登录id
      * @param lambdaQueryWrapper 查询构造器
      * @param function           普通查询权限时，条件lambda引用字段
      * @return true=管理员数据查询权限 false=普通查询权限
      */
-    public static <T> boolean getDataAuth(String token, Long systemId, LambdaQueryWrapper<T> lambdaQueryWrapper, SFunction<T, ?> function) {
+    public static <T> boolean getDataAuth(Long systemId, LambdaQueryWrapper<T> lambdaQueryWrapper, SFunction<T, ?> function) {
         HttpServletRequest request = ((ServletRequestAttributes) RequestContextHolder.getRequestAttributes()).getRequest();
-        boolean dataAuth = getDataAuth(token, systemId, request.getRequestURI());
+        boolean dataAuth = authByData(SaTokenUtils.getToken(), systemId, request.getRequestURI());
         if (!dataAuth) {
             lambdaQueryWrapper.eq(function, SaTokenUtils.getId(Long.class));
         }
         return false;
     }
 
-    /**
-     * 判断数据查询权限
-     *
-     * @param lambdaQueryWrapper 查询构造器
-     * @param function           普通查询权限时，条件lambda引用字段
-     * @return true=管理员数据查询权限 false=普通查询权限
-     */
-    public static <T> boolean getDataAuth(Long systemId, LambdaQueryWrapper<T> lambdaQueryWrapper, SFunction<T, ?> function) {
-        return getDataAuth(SaTokenUtils.getToken(), systemId, lambdaQueryWrapper, function);
-    }
-
     /**
      * 检验系统ID是否属于当前登录人
      *
-     * @param token    token
      * @param systemId 系统id
      * @return
      */
-    public static Boolean checkSystemId(String token, Long systemId) {
-        Map<String, List<CacheEntity>> map = getRedisService().getMap(getKey(getLoginId(token, Long.class)));
+    public static Boolean checkSystemId(Long systemId) {
+        Map<String, List<CacheEntity>> map = getRedisService().getMap(getKey(getLoginId(SaTokenUtils.getToken(), Long.class)));
         return map.containsKey(systemId.toString());
     }
 }

authorize-api-service/src/main/java/com/xy/service/impl/AuthorizeServiceImpl.java

@@ -28,13 +28,6 @@ public class AuthorizeServiceImpl implements AuthorizeService {
         return sysMenuService.workMenu(workMenu);
     }
 
-    @Override
-    @ApiOperation("判断数据查询权限")
-    public R<Boolean> getDataAuth(AuthorizeDto authorizeDto) {
-        boolean dataAuth = RedisCache.getDataAuth(SaTokenUtils.getToken(), authorizeDto.getSystemId(), authorizeDto.getUri());
-        return R.ok(dataAuth);
-    }
-
     @Override
     @ApiOperation("获取所有系统ID")
     public R<List<Long>> getSystemIds() {

authorize-api-service/src/main/java/com/xy/utils/SaTokenUtils.java

@@ -0,0 +1,78 @@
+package com.xy.utils;
+
+import cn.dev33.satoken.stp.StpUtil;
+import com.xy.config.SaTokenAuthorizeConfig;
+import org.springframework.beans.factory.annotation.Autowired;
+import org.springframework.boot.autoconfigure.condition.ConditionalOnMissingClass;
+import org.springframework.stereotype.Component;
+import org.springframework.web.context.request.RequestContextHolder;
+import org.springframework.web.context.request.ServletRequestAttributes;
+
+import javax.servlet.http.HttpServletRequest;
+import java.util.List;
+
+/**
+ * satoken工具类
+ */
+@Component
+@ConditionalOnMissingClass("com.xy.filter.SaTokenConfigure")
+public class SaTokenUtils {
+
+    private static SaTokenAuthorizeConfig saTokenAuthorizeConfig;
+
+    @Autowired(required = false)
+    private void setSaTokenAuthorizeConfig(SaTokenAuthorizeConfig saTokenAuthorizeConfig) {
+        SaTokenUtils.saTokenAuthorizeConfig = saTokenAuthorizeConfig;
+    }
+
+    /**
+     * 获取token
+     *
+     * @return
+     */
+    public static String getToken() {
+        HttpServletRequest request = ((ServletRequestAttributes) RequestContextHolder.getRequestAttributes()).getRequest();
+        return request.getHeader(saTokenAuthorizeConfig.getTokenName());
+    }
+
+    /**
+     * 获取登录id
+     *
+     * @return
+     */
+    public static Object getId() {
+        return StpUtil.getLoginIdByToken(getToken());
+    }
+
+    /**
+     * 获取登录id
+     *
+     * @return
+     */
+    public static <T> T getId(Class<T> tClass) {
+        Object id = getId();
+        String idStr = id.toString();
+        return tClass.equals(Long.class) ? (T) Long.valueOf(idStr)
+                : tClass.equals(Integer.class) ? (T) Integer.valueOf(idStr)
+                : tClass.equals(String.class) ? (T) idStr
+                : (T) id;
+    }
+
+    /**
+     * 获取菜单权限列表
+     *
+     * @return
+     */
+    public static List<String> getPermissions() {
+        return StpUtil.getPermissionList(getId());
+    }
+
+    /**
+     * 获取角色权限列表
+     *
+     * @return
+     */
+    public static List<String> getRoles() {
+        return StpUtil.getRoleList(getId());
+    }
+}

authorize-api/src/main/java/com/xy/service/AuthorizeService.java

@@ -24,15 +24,6 @@ public interface AuthorizeService {
     @PostMapping("workMenu")
     R<List<SysMenuDto.Vo>> workMenu(@RequestBody @Validated SysMenuDto.WorkMenu workMenu);
 
-    /**
-     * 判断数据查询权限
-     *
-     * @param authorizeDto
-     * @return
-     */
-    @PostMapping("getDataAuth")
-    R<Boolean> getDataAuth(@RequestBody AuthorizeDto authorizeDto);
-
     /**
      * 获取所有系统ID
      *

authorize-sdk/src/main/java/com/xy/config/AuthorizeConfig.java

@@ -22,7 +22,7 @@ public class AuthorizeConfig {
     private String url;
 
     /**
-     * 需要过滤的url
+     * 需要过滤的url，这里只提供存放，需业务系统在自己的拦截器自行处理
      */
     private List<String> excludePaths;
 }

authorize-sdk/src/main/java/com/xy/utils/AuthorizeUtils.java

@@ -152,56 +152,6 @@ public class AuthorizeUtils {
         return getMenuTree(tuple2.getV1(), tuple2.getV2());
     }
 
-    /**
-     * 判断数据查询权限
-     *
-     * @param systemId 系统id
-     * @param systemId 接口uri
-     * @return true=管理员数据查询权限 false=普通查询权限
-     */
-    public static boolean getDataAuth(String token, Long systemId, String uri) {
-        {
-            //远程调用
-            AuthorizeConfig authorizeConfig = getAuthorizeConfig();
-            if (!authorizeConfig.getIsNative()) {
-                JSONObject jsonObject = new JSONObject().set("systemId", systemId).set("uri", uri);
-                Object obj = send("/authorize/getDataAuth", token, jsonObject);
-                if (obj == null) {
-                    return false;
-                }
-                return Boolean.valueOf(obj.toString());
-            }
-        }
-        //获取redis缓存
-        List<AuthorizeUtils.CacheEntity> cacheEntities = getRedisService().getMap(getKey(getLoginId(token, Long.class)), systemId.toString());
-        if (!Emptys.check(cacheEntities)) {
-            return false;
-        }
-        //遍历角色
-        for (AuthorizeUtils.CacheEntity cacheEntity : cacheEntities) {
-            //根据 接口uri和管理员数据查询权限=true 查找角色菜单，找到则有管理员数据查询权限，反之普通查询权限
-            SysMenuJoinSysRoleMenu sysMenuJoinSysRoleMenu = new JArrayList<>(cacheEntity.getList()).filter()
-                    .eq(SysMenuJoinSysRoleMenu::getInterfaceUri, uri)
-                    .eq(SysMenuJoinSysRoleMenu::getSelectIsAdmin, true)
-                    .object();
-            if (sysMenuJoinSysRoleMenu != null) {
-                return true;
-            }
-        }
-        return false;
-    }
-
-    /**
-     * 判断数据查询权限
-     *
-     * @param uri
-     * @return
-     */
-    public static boolean getDataAuth(String uri) {
-        Tuple.Tuple2<String, Long> tuple2 = getHttpServletRequest();
-        return getDataAuth(tuple2.getV1(), tuple2.getV2(), uri);
-    }
-
     /**
      * 获取所有系统ID
      *
@@ -502,7 +452,23 @@ public class AuthorizeUtils {
                 return Boolean.valueOf(obj.toString());
             }
         }
-        return getDataAuth(token, systemId, uri);
+        //获取redis缓存
+        List<AuthorizeUtils.CacheEntity> cacheEntities = getRedisService().getMap(getKey(getLoginId(token, Long.class)), systemId.toString());
+        if (!Emptys.check(cacheEntities)) {
+            return false;
+        }
+        //遍历角色
+        for (AuthorizeUtils.CacheEntity cacheEntity : cacheEntities) {
+            //根据 接口uri和管理员数据查询权限=true 查找角色菜单，找到则有管理员数据查询权限，反之普通查询权限
+            SysMenuJoinSysRoleMenu sysMenuJoinSysRoleMenu = new JArrayList<>(cacheEntity.getList()).filter()
+                    .eq(SysMenuJoinSysRoleMenu::getInterfaceUri, uri)
+                    .eq(SysMenuJoinSysRoleMenu::getSelectIsAdmin, true)
+                    .object();
+            if (sysMenuJoinSysRoleMenu != null) {
+                return true;
+            }
+        }
+        return false;
     }
 
     /**