v2.0

authorize-api-service/src/main/java/com/xy/annotation/CheckSysId.java

@@ -0,0 +1,20 @@
+package com.xy.annotation;
+
+import java.lang.annotation.*;
+
+/**
+ * 检查系统是否属于当前登录人
+ *
+ * @author lijin
+ */
+@Target({ElementType.METHOD})
+@Retention(RetentionPolicy.RUNTIME)
+@Documented
+public @interface CheckSysId {
+
+    /**
+     * 系统id属性名
+     */
+    String value() default "systemId,sysId";
+
+}

authorize-api-service/src/main/java/com/xy/annotation/IsAdmin.java

@@ -0,0 +1,15 @@
+package com.xy.annotation;
+
+import java.lang.annotation.*;
+
+/**
+ * 检查当前登录人是否是管理员
+ *
+ * @author lijin
+ */
+@Target({ElementType.METHOD})
+@Retention(RetentionPolicy.RUNTIME)
+@Documented
+public @interface IsAdmin {
+
+}

authorize-api-service/src/main/java/com/xy/annotation/aspet/CommAset.java

@@ -0,0 +1,57 @@
+package com.xy.annotation.aspet;
+
+import com.xy.annotation.CheckSysId;
+import com.xy.annotation.IsAdmin;
+import com.xy.error.CommRuntimeException;
+import com.xy.redis.RedisCache;
+import com.xy.utils.Reflect;
+import com.xy.utils.Tuple;
+import org.aspectj.lang.ProceedingJoinPoint;
+import org.aspectj.lang.annotation.Around;
+import org.aspectj.lang.annotation.Aspect;
+import org.springframework.stereotype.Component;
+
+import java.util.Arrays;
+import java.util.List;
+
+@Aspect
+@Component
+public class CommAset {
+
+    @Around("@annotation(checkSysId)")
+    public Object checkSysId(ProceedingJoinPoint joinPoint, CheckSysId checkSysId) throws Throwable {
+        Object[] args = joinPoint.getArgs();
+        Object result;
+        String value = checkSysId.value();
+        try {
+            String[] split = value.split(",");
+            for (String s : split) {
+                Tuple.Tuple3<String, Object, Class<?>> property = Reflect.PropertyReflect.getProperty(args[0], s);
+                if (property.getV2() != null) {
+                    List list = property.getV3().equals(List.class) ? (List) property.getV2() : Arrays.asList(property.getV2());
+                    list.forEach(o -> RedisCache.checkSystemIdByException(Long.parseLong(o.toString())));
+                    break;
+                }
+            }
+            result = joinPoint.proceed(args);
+        } catch (Exception e) {
+            throw e;
+        }
+        return result;
+    }
+
+    @Around("@annotation(isAdmin)")
+    public Object isAdmin(ProceedingJoinPoint joinPoint, IsAdmin isAdmin) throws Throwable {
+        Object[] args = joinPoint.getArgs();
+        Object result;
+        try {
+            if (!RedisCache.isAdmin()) {
+                throw new CommRuntimeException("权限不足");
+            }
+            result = joinPoint.proceed(args);
+        } catch (Exception e) {
+            throw e;
+        }
+        return result;
+    }
+}

authorize-api-service/src/main/java/com/xy/config/SaTokenInterceptorImpl.java

@@ -0,0 +1,54 @@
+package com.xy.config;
+
+import cn.dev33.satoken.stp.StpUtil;
+import com.xy.ServerWebConfig;
+import com.xy.enums.SaTokenEnum;
+import com.xy.error.CommRuntimeException;
+import com.xy.swagger.Knife4jConfig;
+import com.xy.utils.Emptys;
+import lombok.AllArgsConstructor;
+import org.springframework.stereotype.Component;
+import org.springframework.web.servlet.config.annotation.InterceptorRegistry;
+import org.springframework.web.servlet.config.annotation.WebMvcConfigurer;
+import org.springframework.web.servlet.handler.HandlerInterceptorAdapter;
+
+import javax.servlet.http.HttpServletRequest;
+import javax.servlet.http.HttpServletResponse;
+import java.util.List;
+
+/**
+ * 权限系统权限拦截器
+ */
+@Component
+@AllArgsConstructor
+public class SaTokenInterceptorImpl extends HandlerInterceptorAdapter implements WebMvcConfigurer {
+
+    private SaTokenAuthorizeConfig saTokenAuthorizeConfig;
+
+    /**
+     * 方法执行前
+     */
+    @Override
+    public boolean preHandle(HttpServletRequest request, HttpServletResponse response, Object handler) {
+        String satoken = request.getHeader(saTokenAuthorizeConfig.getTokenName());
+        if (!Emptys.check(satoken)) {
+            throw new CommRuntimeException(SaTokenEnum.NO_LOGIN.getKey(), SaTokenEnum.NO_LOGIN.getName());
+        }
+        Object loginIdByToken = StpUtil.getLoginIdByToken(satoken);
+        if (loginIdByToken == null) {
+            throw new CommRuntimeException(SaTokenEnum.NO_LOGIN.getKey(), SaTokenEnum.NO_LOGIN.getName());
+        }
+        return true;
+    }
+
+    @Override
+    public void addInterceptors(InterceptorRegistry registry) {
+        List<String> excludePaths = saTokenAuthorizeConfig.getExcludePaths();
+        excludePaths.addAll(Knife4jConfig.swaggerExcludes);
+        excludePaths.addAll(ServerWebConfig.serverWebExcludes);
+        registry.addInterceptor(this)
+                .excludePathPatterns(excludePaths)
+                .addPathPatterns("/**");
+    }
+
+}

authorize-api-service/src/main/java/com/xy/consts/CommConsts.java

@@ -0,0 +1,15 @@
+package com.xy.consts;
+
+public class CommConsts {
+
+    /**
+     * 管理员角色code编码
+     */
+    public static final String ADMIN_ROLE_CODE = "xy_admin";
+
+    /**
+     * 管理员角色ID号
+     */
+    public static final Long ADMIN_ROLE_ID = 1L;
+
+}

authorize-api-service/src/main/java/com/xy/mapper/SysSystemUserMapper.java

@@ -1,16 +0,0 @@
-package com.xy.mapper;
-
-import com.xy.entity.SysSystemUser;
-import com.baomidou.mybatisplus.core.mapper.BaseMapper;
-
-/**
- * <p>
- * 权限用户表 Mapper 接口
- * </p>
- *
- * @author lijin
- * @since 2022-12-09
- */
-public interface SysSystemUserMapper extends BaseMapper<SysSystemUser> {
-
-}

authorize-api-service/src/main/java/com/xy/redis/RedisCache.java

@@ -5,16 +5,15 @@ import com.baomidou.mybatisplus.core.toolkit.support.SFunction;
 import com.xy.collections.list.JArrayList;
 import com.xy.collections.list.JList;
 import com.xy.collections.map.JMap;
+import com.xy.consts.CommConsts;
 import com.xy.entity.*;
 import com.xy.entity.join.SysMenuJoinSysRoleMenu;
+import com.xy.error.CommRuntimeException;
 import com.xy.mapper.SysDeptMapper;
 import com.xy.mapper.SysMenuMapper;
 import com.xy.mapper.SysRoleMapper;
 import com.xy.mapper.SysSystemMapper;
-import com.xy.utils.Beans;
-import com.xy.utils.Emptys;
-import com.xy.utils.RedisService;
-import com.xy.utils.SpringBeanUtils;
+import com.xy.utils.*;
 import icu.mhb.mybatisplus.plugln.core.JoinLambdaWrapper;
 import lombok.Data;
 import lombok.experimental.Accessors;
@@ -26,6 +25,7 @@ import javax.servlet.http.HttpServletRequest;
 import java.util.ArrayList;
 import java.util.List;
 import java.util.Map;
+import java.util.concurrent.atomic.AtomicReference;
 
 /**
  * 权限系统redis工具类
@@ -55,7 +55,8 @@ public class RedisCache {
         //获取登录人所有系统
         JoinLambdaWrapper<SysSystem> sysSystemsJoinLambdaWrapper = new JoinLambdaWrapper<>(SysSystem.class)
                 .eq(SysSystem::getStatus, true)
-                .innerJoin(SysUserRole.class, SysUserRole::getRoleId, SysRole::getId)
+                .innerJoin(SysUserRole.class, SysUserRole::getSysId, SysSystem::getId)
+                .eq(SysUserRole::getWorkUserId, loginId)
                 .end();
         List<SysSystem> sysSystems = sysSystemMapper.joinSelectList(sysSystemsJoinLambdaWrapper, SysSystem.class);
         if (!Emptys.check(sysSystems)) {
@@ -112,6 +113,7 @@ public class RedisCache {
             sysRoles.forEach(sysRole -> {
                 RedisCache.CacheEntity cacheEntity = new RedisCache.CacheEntity()
                         .setRoleId(sysRole.getId())
+                        .setRoleCode(sysRole.getCode())
                         .setList(sysMenuMaps.get(sysRole.getId()));
                 cacheEntitys.add(cacheEntity);
             });
@@ -140,10 +142,21 @@ public class RedisCache {
         return sysMenuJoinSysRoleMenus;
     }
 
+    /**
+     * 获取菜单
+     *
+     * @param systemId 系统id
+     * @return
+     */
+    public static List<SysMenuJoinSysRoleMenu> getMenu(Long systemId) {
+        return getMenu(SaTokenUtils.getId(Long.class), systemId);
+    }
+
     /**
      * 获取菜单树
      *
-     * @param loginId 登录id
+     * @param loginId  登录id
+     * @param systemId 系统id
      * @return
      */
     public static List<SysMenuJoinSysRoleMenu> getMenuTree(Long loginId, Long systemId) {
@@ -158,6 +171,16 @@ public class RedisCache {
         return tops;
     }
 
+    /**
+     * 获取菜单树
+     *
+     * @param systemId 系统id
+     * @return
+     */
+    public static List<SysMenuJoinSysRoleMenu> getMenuTree(Long systemId) {
+        return getMenuTree(SaTokenUtils.getId(Long.class), systemId);
+    }
+
     /**
      * 判断数据查询权限
      *
@@ -187,7 +210,18 @@ public class RedisCache {
     }
 
     /**
-     * 判断数据查询权限（引用传递，业务系统无法使用）
+     * 判断数据查询权限
+     *
+     * @param systemId 系统id
+     * @param systemId 接口uri
+     * @return true=管理员数据查询权限 false=普通查询权限
+     */
+    public static boolean getDataAuth(Long systemId, String uri) {
+        return getDataAuth(SaTokenUtils.getId(Long.class), systemId, uri);
+    }
+
+    /**
+     * 判断数据查询权限
      *
      * @param loginId            登录id
      * @param lambdaQueryWrapper 查询构造器
@@ -203,6 +237,17 @@ public class RedisCache {
         return false;
     }
 
+    /**
+     * 判断数据查询权限
+     *
+     * @param lambdaQueryWrapper 查询构造器
+     * @param function           普通查询权限时，条件lambda引用字段
+     * @return true=管理员数据查询权限 false=普通查询权限
+     */
+    public static <T> boolean getDataAuth(Long systemId, LambdaQueryWrapper<T> lambdaQueryWrapper, SFunction<T, ?> function) {
+        return getDataAuth(SaTokenUtils.getId(Long.class), systemId, lambdaQueryWrapper, function);
+    }
+
     /**
      * 获取所有系统ID
      *
@@ -219,21 +264,66 @@ public class RedisCache {
         return list;
     }
 
+    /**
+     * 获取所有系统ID
+     *
+     * @return
+     */
+    public static List<Long> getSystemIds() {
+        return getSystemIds(SaTokenUtils.getId(Long.class));
+    }
+
     /**
      * 检验系统ID是否属于当前登录人
      *
-     * @param loginId 登录id
+     * @param loginId  登录id
+     * @param systemId 系统id
      * @return
      */
     public static Boolean checkSystemId(Long loginId, Long systemId) {
         Map<String, List<CacheEntity>> map = getRedisService().getMap(getKey(loginId));
-        return map.containsKey(systemId);
+        return map.containsKey(systemId.toString());
+    }
+
+    /**
+     * 检验系统ID是否属于当前登录人
+     *
+     * @param systemId 系统id
+     * @return
+     */
+    public static Boolean checkSystemId(Long systemId) {
+        return checkSystemId(SaTokenUtils.getId(Long.class), systemId);
+    }
+
+    /**
+     * 检验系统ID是否属于当前登录人并抛出异常
+     *
+     * @param loginId  登录id
+     * @param systemId 系统id
+     * @return
+     */
+    public static void checkSystemIdByException(Long loginId, Long systemId) {
+        Boolean aBoolean = checkSystemId(loginId, systemId);
+        if (!aBoolean) {
+            throw new CommRuntimeException("系统不存在");
+        }
+    }
+
+    /**
+     * 检验系统ID是否属于当前登录人并抛出异常
+     *
+     * @param systemId 系统id
+     * @return
+     */
+    public static void checkSystemIdByException(Long systemId) {
+        checkSystemIdByException(SaTokenUtils.getId(Long.class), systemId);
     }
 
     /**
      * 获取所有角色ID
      *
-     * @param loginId 登录id
+     * @param loginId  登录id
+     * @param systemId 系统id
      * @return
      */
     public static List<Long> getRoleIds(Long loginId, Long systemId) {
@@ -246,6 +336,47 @@ public class RedisCache {
         return list;
     }
 
+    /**
+     * 获取所有角色ID
+     *
+     * @param systemId 系统id
+     * @return
+     */
+    public static List<Long> getRoleIds(Long systemId) {
+        return getRoleIds(SaTokenUtils.getId(Long.class), systemId);
+    }
+
+    /**
+     * 是否是管理员
+     *
+     * @param loginId 登录id
+     * @return
+     */
+    public static Boolean isAdmin(Long loginId) {
+        AtomicReference<Boolean> result = new AtomicReference<>(false);
+        Map<String, List<CacheEntity>> map = getRedisService().getMap(getKey(loginId));
+        map.forEach((s, cacheEntities) -> {
+            if (!Emptys.check(cacheEntities)) {
+                return;
+            }
+            for (CacheEntity cacheEntity : cacheEntities) {
+                if (CommConsts.ADMIN_ROLE_CODE.equals(cacheEntity.getRoleCode())) {
+                    result.set(true);
+                }
+            }
+        });
+        return result.get();
+    }
+
+    /**
+     * 是否是管理员
+     *
+     * @return
+     */
+    public static Boolean isAdmin() {
+        return isAdmin(SaTokenUtils.getId(Long.class));
+    }
+
     /**
      * 获取所有菜单接口uri
      *
@@ -271,6 +402,16 @@ public class RedisCache {
         return list.comparing();
     }
 
+    /**
+     * 获取所有菜单接口uri
+     *
+     * @param systemId 系统id
+     * @return
+     */
+    public static List<String> getMenuInterfaceUri(Long systemId) {
+        return getMenuInterfaceUri(SaTokenUtils.getId(Long.class), systemId);
+    }
+
     @Data
     @Accessors(chain = true)
     public static class CacheEntity {
@@ -280,6 +421,11 @@ public class RedisCache {
          */
         private Long roleId;
 
+        /**
+         * 角色标识
+         */
+        private String roleCode;
+
         /**
          * 菜单集合
          */

authorize-api-service/src/main/java/com/xy/service/PublicInterfaceImpl.java

@@ -1,83 +0,0 @@
-package com.xy.service;
-
-import com.xy.dto.SysMenuDto;
-import com.xy.dto.SysSystemValueDto;
-import com.xy.dto.SysWorkUser.AddDto;
-import com.xy.dto.SysWorkUser.AuthByInterface;
-import com.xy.dto.SysWorkUser.LoginDto;
-import com.xy.dto.SysWorkUser.UpdateDto;
-import com.xy.utils.PageBean;
-import com.xy.utils.R;
-import io.swagger.annotations.Api;
-import io.swagger.annotations.ApiOperation;
-import lombok.AllArgsConstructor;
-import org.springframework.stereotype.Service;
-
-import javax.validation.Valid;
-import java.util.List;
-
-@Service
-@AllArgsConstructor
-@Api(tags = "统一对外接口")
-public class PublicInterfaceImpl implements PublicInterface {
-
-    private SysSystemValueService sysSystemValueService;
-
-    private SysWorkUserService sysWorkUserService;
-
-    private SysMenuService sysMenuService;
-
-    @Override
-    @ApiOperation("系统属性分页查询")
-    public R<PageBean<SysSystemValueDto.Vo>> page(SysSystemValueDto.Select select) {
-        return sysSystemValueService.page(select);
-    }
-
-    @Override
-    @ApiOperation("业务用户注册")
-    public R<Long> register(@Valid AddDto addDto) {
-        return sysWorkUserService.register(addDto);
-    }
-
-    @Override
-    @ApiOperation("业务用户登录")
-    public R<String> login(LoginDto loginDto) {
-        return sysWorkUserService.login(loginDto);
-    }
-
-    @Override
-    @ApiOperation("业务用户登出")
-    public R logout() {
-        return sysWorkUserService.logout();
-    }
-
-    @Override
-    @ApiOperation("业务用户修改")
-    public R<Boolean> update(@Valid UpdateDto updateDto) {
-        return sysWorkUserService.update(updateDto);
-    }
-
-    @Override
-    @ApiOperation("业务用户登录鉴权")
-    public R<Boolean> authByLogin() {
-        return sysWorkUserService.authByLogin();
-    }
-
-    @Override
-    @ApiOperation("业务用户接口鉴权")
-    public R<Boolean> authByInterface(AuthByInterface authByInterface) {
-        return sysWorkUserService.authByInterface(authByInterface);
-    }
-
-    @Override
-    @ApiOperation("业务用户数据鉴权")
-    public R<Boolean> authByData(AuthByInterface authByInterface) {
-        return sysWorkUserService.authByData(authByInterface);
-    }
-
-    @Override
-    @ApiOperation("业务用户菜单树")
-    public R<List<SysMenuDto.Vo>> workMenu(SysMenuDto.WorkMenu workMenu) {
-        return sysMenuService.workMenu(workMenu);
-    }
-}

authorize-api-service/src/main/java/com/xy/service/impl/SysMenuServiceImpl.java

@@ -1,22 +1,35 @@
 package com.xy.service.impl;
 
+import com.baomidou.mybatisplus.core.conditions.query.LambdaQueryWrapper;
 import com.baomidou.mybatisplus.extension.service.impl.ServiceImpl;
+import com.xy.annotation.CheckSysId;
+import com.xy.annotation.IsAdmin;
+import com.xy.collections.list.JArrayList;
+import com.xy.collections.list.JList;
+import com.xy.consts.CommConsts;
 import com.xy.dto.SysMenuDto;
 import com.xy.entity.SysMenu;
+import com.xy.entity.SysRole;
+import com.xy.entity.SysRoleMenu;
 import com.xy.entity.join.SysMenuJoinSysRoleMenu;
 import com.xy.mapper.SysMenuMapper;
+import com.xy.mapper.SysRoleMapper;
+import com.xy.mapper.SysRoleMenuMapper;
 import com.xy.redis.RedisCache;
 import com.xy.service.SysMenuService;
+import com.xy.service.SysRoleMenuService;
 import com.xy.utils.R;
 import com.xy.utils.SaTokenUtils;
 import io.swagger.annotations.Api;
 import io.swagger.annotations.ApiOperation;
+import lombok.AllArgsConstructor;
 import org.springframework.stereotype.Service;
 
 import java.util.ArrayList;
 import java.util.List;
 
 import static com.xy.utils.Beans.copy;
+import static com.xy.utils.Beans.tree;
 
 /**
  * <p>
@@ -27,11 +40,15 @@ import static com.xy.utils.Beans.copy;
  * @since 2022-12-09
  */
 @Service
+@AllArgsConstructor
 @Api(tags = "菜单接口")
 public class SysMenuServiceImpl extends ServiceImpl<SysMenuMapper, SysMenu> implements SysMenuService {
 
+    private SysRoleMenuMapper sysRoleMenuMapper;
+
     @Override
-    @ApiOperation("业务用户菜单树")
+    @CheckSysId
+    @ApiOperation("用户菜单树")
     public R<List<SysMenuDto.Vo>> workMenu(SysMenuDto.WorkMenu workMenu) {
         List<SysMenuDto.Vo> list = new ArrayList<>();
         Long longId = SaTokenUtils.getId(Long.class);
@@ -44,16 +61,54 @@ public class SysMenuServiceImpl extends ServiceImpl<SysMenuMapper, SysMenu> impl
         return R.ok(list);
     }
 
+    @IsAdmin
+    @Override
+    @ApiOperation("全部菜单树")
+    public R<List<SysMenuDto.Vo>> menu(SysMenuDto.WorkMenu workMenu) {
+        List<SysMenuDto.Vo> vos = copy(SysMenuDto.Vo.class, list());
+        JList<SysMenuDto.Vo> list = new JArrayList<>(vos).filter().isNull(SysMenuDto.Vo::getPaterId).list();
+        for (SysMenuDto.Vo vo : list) {
+            List<SysMenuDto.Vo> tree = tree(vo, vos, SysMenuDto.Vo::getId, SysMenuDto.Vo::getPaterId, SysMenuDto.Vo::getSonSysMenu);
+            vo.setSonSysMenu(tree);
+        }
+        return R.ok(list);
+    }
+
+    @IsAdmin
     @Override
     @ApiOperation("添加菜单")
     public R save(SysMenuDto.Save save) {
+        //校验重复
         Long longId = SaTokenUtils.getId(Long.class);
-        List<Long> systemIds = RedisCache.getSystemIds(longId);
-        if (!systemIds.contains(save.getSystemId())) {
-            return R.fail("系统不存在");
+        long count = count(new LambdaQueryWrapper<SysMenu>()
+                .eq(SysMenu::getCode, save.getCode())
+                .eq(SysMenu::getSysId, save.getSysId())
+        );
+        if (count > 0) {
+            return R.fail("标识已存在");
         }
+        //添加菜单
+        SysMenu sysMenu = copy(SysMenu.class, save)
+                .create(longId);
+        save(sysMenu);
+        //角色赋予管理员
+        SysRoleMenu sysRoleMenu = new SysRoleMenu()
+                .createId()
+                .setMenuId(sysMenu.getId())
+                .setRoleId(CommConsts.ADMIN_ROLE_ID)
+                .setSelectIsAdmin(true);
+        sysRoleMenuMapper.insert(sysRoleMenu);
+        return R.ok();
+    }
 
-
-        return null;
+    @IsAdmin
+    @Override
+    @ApiOperation("修改菜单")
+    public R update(SysMenuDto.Update update) {
+        Long longId = SaTokenUtils.getId(Long.class);
+        SysMenu sysMenu = copy(SysMenu.class, update)
+                .update(longId);
+        updateById(sysMenu);
+        return R.ok();
     }
 }

authorize-api-service/src/main/java/com/xy/service/impl/SysSystemServiceImpl.java

@@ -1,13 +1,17 @@
 package com.xy.service.impl;
 
 import com.baomidou.mybatisplus.core.conditions.query.LambdaQueryWrapper;
+import com.baomidou.mybatisplus.core.metadata.IPage;
 import com.baomidou.mybatisplus.extension.service.impl.ServiceImpl;
+import com.xy.annotation.CheckSysId;
+import com.xy.annotation.IsAdmin;
 import com.xy.dto.SysSystemDto;
 import com.xy.entity.SysSystem;
 import com.xy.mapper.SysSystemMapper;
 import com.xy.redis.RedisCache;
 import com.xy.service.SysSystemService;
 import com.xy.utils.MybatisPlusQuery;
+import com.xy.utils.PageBean;
 import com.xy.utils.R;
 import com.xy.utils.SaTokenUtils;
 import io.swagger.annotations.Api;
@@ -21,6 +25,8 @@ import org.springframework.web.bind.annotation.RequestBody;
 import java.util.List;
 
 import static com.xy.utils.Beans.copy;
+import static com.xy.utils.PlusBeans.toIPage;
+import static com.xy.utils.PlusBeans.toPageBean;
 
 /**
  * <p>
@@ -35,6 +41,7 @@ import static com.xy.utils.Beans.copy;
 @AllArgsConstructor
 public class SysSystemServiceImpl extends ServiceImpl<SysSystemMapper, SysSystem> implements SysSystemService {
 
+    @IsAdmin
     @PostMapping("save")
     @ApiOperation("添加系统")
     public R<Long> save(@RequestBody @Validated SysSystemDto.Save save) {
@@ -49,8 +56,17 @@ public class SysSystemServiceImpl extends ServiceImpl<SysSystemMapper, SysSystem
         return R.ok(sysSystem.getId());
     }
 
+    @IsAdmin
+    @PostMapping("update")
+    @ApiOperation("修改系统")
+    public R update(@RequestBody @Validated SysSystemDto.Update update) {
+        SysSystem sysSystem = copy(SysSystem.class, update).update(Long.parseLong(SaTokenUtils.getId().toString()));
+        updateById(sysSystem);
+        return R.ok();
+    }
+
     @PostMapping("list")
-    @ApiOperation("列表查询")
+    @ApiOperation("登录人所属系统列表")
     public R<List<SysSystemDto.Vo>> list(@RequestBody SysSystemDto.Select select) {
         List<Long> systemIds = RedisCache.getSystemIds(SaTokenUtils.getId(Long.class));
         LambdaQueryWrapper<SysSystem> lambdaQueryWrapper = new MybatisPlusQuery().eqWrapper(select, SysSystem.class)
@@ -63,11 +79,18 @@ public class SysSystemServiceImpl extends ServiceImpl<SysSystemMapper, SysSystem
         return R.ok(copy(SysSystemDto.Vo.class, list));
     }
 
-    @PostMapping("update")
-    @ApiOperation("修改系统")
-    public R update(@RequestBody @Validated SysSystemDto.Update update) {
-        SysSystem sysSystem = copy(SysSystem.class, update).update(Long.parseLong(SaTokenUtils.getId().toString()));
-        updateById(sysSystem);
-        return R.ok();
+    @IsAdmin
+    @PostMapping("page")
+    @ApiOperation("分页查询")
+    public R<PageBean<SysSystemDto.Vo>> page(@RequestBody @Validated SysSystemDto.PageSelect pageSelect) {
+        LambdaQueryWrapper<SysSystem> lambdaQueryWrapper = new MybatisPlusQuery().eqWrapper(pageSelect, SysSystem.class)
+                .ge(SysSystem::getCreateTime, pageSelect.getBeginCreateTime())
+                .le(SysSystem::getCreateTime, pageSelect.getEndCreateTime())
+                .like(SysSystem::getName)
+                .build();
+        //数据权限
+        RedisCache.getDataAuth(SaTokenUtils.getId(Long.class), pageSelect.getSystemId(), lambdaQueryWrapper, SysSystem::getCreateUser);
+        IPage<SysSystem> page = page(toIPage(pageSelect.getPage()), lambdaQueryWrapper);
+        return R.ok(toPageBean(SysSystemDto.Vo.class, page));
     }
 }

authorize-api-service/src/main/java/com/xy/service/impl/SysSystemValueServiceImpl.java

@@ -3,6 +3,7 @@ package com.xy.service.impl;
 import com.baomidou.mybatisplus.core.conditions.query.LambdaQueryWrapper;
 import com.baomidou.mybatisplus.core.metadata.IPage;
 import com.baomidou.mybatisplus.extension.service.impl.ServiceImpl;
+import com.xy.annotation.IsAdmin;
 import com.xy.dto.SysSystemValueDto;
 import com.xy.entity.SysSystemValue;
 import com.xy.mapper.SysSystemValueMapper;
@@ -35,6 +36,7 @@ import static com.xy.utils.PlusBeans.toPageBean;
 @Api(tags = "系统属性接口")
 public class SysSystemValueServiceImpl extends ServiceImpl<SysSystemValueMapper, SysSystemValue> implements SysSystemValueService {
 
+    @IsAdmin
     @PostMapping("save")
     @ApiOperation("添加")
     public R<Boolean> save(@RequestBody @Validated SysSystemValueDto.Save save) {
@@ -51,6 +53,7 @@ public class SysSystemValueServiceImpl extends ServiceImpl<SysSystemValueMapper,
         return R.ok();
     }
 
+    @IsAdmin
     @Override
     @ApiOperation("分页查询")
     public R<PageBean<SysSystemValueDto.Vo>> page(SysSystemValueDto.Select select) {
@@ -62,6 +65,7 @@ public class SysSystemValueServiceImpl extends ServiceImpl<SysSystemValueMapper,
         return R.ok(toPageBean(SysSystemValueDto.Vo.class, page));
     }
 
+    @IsAdmin
     @PostMapping("update")
     @ApiOperation("修改")
     public R update(@RequestBody @Validated SysSystemValueDto.Update update) {
@@ -70,6 +74,7 @@ public class SysSystemValueServiceImpl extends ServiceImpl<SysSystemValueMapper,
         return R.ok();
     }
 
+    @IsAdmin
     @PostMapping("del")
     @ApiOperation("删除")
     public R del(@RequestBody @Validated SysSystemValueDto.Del del) {

authorize-api-service/src/main/java/com/xy/service/impl/SysWorkUserServiceImpl.java

@@ -8,16 +8,14 @@ import com.baomidou.mybatisplus.core.toolkit.StringUtils;
 import com.baomidou.mybatisplus.core.toolkit.Wrappers;
 import com.baomidou.mybatisplus.extension.service.impl.ServiceImpl;
 import com.xy.config.SaTokenAuthorizeConfig;
-import com.xy.dto.SysWorkUser.AddDto;
-import com.xy.dto.SysWorkUser.AuthByInterface;
-import com.xy.dto.SysWorkUser.LoginDto;
-import com.xy.dto.SysWorkUser.UpdateDto;
+import com.xy.dto.SysWorkUser.*;
 import com.xy.entity.SysUserDept;
 import com.xy.entity.SysUserRole;
 import com.xy.entity.SysWorkUser;
+import com.xy.mapper.SysUserDeptMapper;
+import com.xy.mapper.SysUserRoleMapper;
 import com.xy.mapper.SysWorkUserMapper;
 import com.xy.redis.RedisCache;
-import com.xy.service.SysDeptRelationService;
 import com.xy.service.SysUserDeptService;
 import com.xy.service.SysUserRoleService;
 import com.xy.service.SysWorkUserService;
@@ -56,16 +54,21 @@ public class SysWorkUserServiceImpl extends ServiceImpl<SysWorkUserMapper, SysWo
 
     private final SaTokenAuthorizeConfig saTokenAuthorizeConfig;
 
+    private final SysUserRoleMapper sysUserRoleMapper;
+
+    private final SysUserDeptMapper sysUserDeptMapper;
+
     @Override
     @Transactional(rollbackFor = Exception.class)
     public R<Long> register(AddDto addDto) {
-        long longId = Long.parseLong(SaTokenUtils.getId().toString());
         //校验
         long count = count(new LambdaQueryWrapper<SysWorkUser>()
                 .eq(SysWorkUser::getAccount, addDto.getAccount())
+                .or()
+                .eq(SysWorkUser::getPhone, addDto.getPhone())
         );
         if (count > 0) {
-            return R.fail("账号已存在");
+            return R.fail("账号或手机已存在");
         }
         //新增业务用户
         SysWorkUser sysWorkUser = Beans.copy(SysWorkUser.class, addDto)
@@ -130,25 +133,42 @@ public class SysWorkUserServiceImpl extends ServiceImpl<SysWorkUserMapper, SysWo
         return R.ok(Boolean.TRUE);
     }
 
+    @Override
+    @Transactional(rollbackFor = Exception.class)
+    public R del(DelDto delDto) {
+        //删除用户角色
+        sysUserRoleMapper.delete(new LambdaQueryWrapper<SysUserRole>().in(SysUserRole::getWorkUserId, delDto.getId()));
+        //删除用户部门
+        sysUserDeptMapper.delete(new LambdaQueryWrapper<SysUserDept>().in(SysUserDept::getWorkUserId, delDto.getId()));
+        //删除用户
+        removeBatchByIds(delDto.getId());
+        return R.ok();
+    }
+
     @Override
     public R<String> login(LoginDto loginDto) {
-        long longId = Long.parseLong(SaTokenUtils.getId().toString());
+        SysWorkUser sysWorkUser;
         //手机短信登录
         if (!StringUtils.isEmpty(loginDto.getCode())) {
-
+            //todo 验证短信
+            if (false) {
+                return R.fail("短信验证码错误");
+            }
+            sysWorkUser = getOne(new LambdaQueryWrapper<SysWorkUser>().eq(SysWorkUser::getPhone, loginDto.getLoginName()));
+        } else {
+            //账号、邮箱、手机、密码登录
+            LambdaQueryWrapper<SysWorkUser> lambdaQueryWrapper = new LambdaQueryWrapper<SysWorkUser>()
+                    .and(sysWorkUserLambdaQueryWrapper -> sysWorkUserLambdaQueryWrapper
+                            .eq(SysWorkUser::getAccount, loginDto.getLoginName())
+                            .or()
+                            .eq(SysWorkUser::getEmail, loginDto.getLoginName())
+                            .or()
+                            .eq(SysWorkUser::getPhone, loginDto.getLoginName()))
+                    .eq(SysWorkUser::getPassword, SecureUtil.md5(loginDto.getPassword()));
+            sysWorkUser = getOne(lambdaQueryWrapper);
         }
-        //账号、邮箱、手机、密码登录
-        LambdaQueryWrapper<SysWorkUser> lambdaQueryWrapper = new LambdaQueryWrapper<SysWorkUser>()
-                .and(sysWorkUserLambdaQueryWrapper -> sysWorkUserLambdaQueryWrapper
-                        .eq(SysWorkUser::getAccount, loginDto.getLoginName())
-                        .or()
-                        .eq(SysWorkUser::getEmail, loginDto.getLoginName())
-                        .or()
-                        .eq(SysWorkUser::getPhone, loginDto.getLoginName()))
-                .eq(SysWorkUser::getPassword, SecureUtil.md5(loginDto.getPassword()));
-        SysWorkUser sysWorkUser = getOne(lambdaQueryWrapper);
         if (sysWorkUser == null) {
-            return R.fail("账号或密码错误");
+            return R.fail("登录名或密码错误");
         }
         if (!sysWorkUser.getStatus()) {
             return R.fail("账号已被封禁");

authorize-api/src/main/java/com/xy/dto/SysMenuDto.java

@@ -32,7 +32,7 @@ public class SysMenuDto {
 
         @NotNull(message = "systemId不能为空")
         @ApiModelProperty(value = "系统id", required = true)
-        private Long systemId;
+        private Long sysId;
 
         @NotBlank(message = "code不能为空")
         @ApiModelProperty(value = "标识", required = true)
@@ -54,6 +54,31 @@ public class SysMenuDto {
         private String webJson;
     }
 
+    @Data
+    @ApiModel("修改")
+    @Accessors(chain = true)
+    public static class Update {
+
+        @NotNull(message = "id不能为空")
+        @ApiModelProperty(value = "菜单id", required = true)
+        private Long id;
+
+        @ApiModelProperty(value = "名称")
+        private String name;
+
+        @ApiModelProperty(value = "类型 1=导航列 2=数据页 3=数据接口")
+        private Integer type;
+
+        @ApiModelProperty(value = "父菜单id")
+        private Long paterId;
+
+        @ApiModelProperty("数据接口uri")
+        private String interfaceUri;
+
+        @ApiModelProperty("前端参数")
+        private String webJson;
+    }
+
     @Data
     @ApiModel("返参类")
     @Accessors(chain = true)

authorize-api/src/main/java/com/xy/dto/SysSystemDto.java

@@ -68,6 +68,18 @@ public class SysSystemDto {
         }
     }
 
+    @Data
+    @Accessors(chain = true)
+    @ApiModel("分页查询交互")
+    public static class PageSelect extends Select {
+        @ApiModelProperty(value = "分页对象")
+        private PageBean page;
+
+        @NotNull(message = "systemId不能为空")
+        @ApiModelProperty(value = "系统id")
+        private Long systemId;
+    }
+
     @Data
     @Accessors(chain = true)
     @ApiModel("返参类")

authorize-api/src/main/java/com/xy/dto/SysWorkUser/AddDto.java

@@ -30,7 +30,7 @@ public class AddDto {
     @Pattern(regexp = "^(\\w+([-.][A-Za-z0-9]+)*){3,18}@\\w+([-.][A-Za-z0-9]+)*\\.\\w+([-.][A-Za-z0-9]+)*$", message = "email格式错误")
     private String email;
 
-
+    @NotBlank(message = "phone不能为空")
     @ApiModelProperty(value = "手机", required = true)
     @Pattern(regexp = "^((13[0-9])|(14[5|7])|(15([0-3]|[5-9]))|(17[013678])|(18[0,2-9]))\\d{8}$", message = "phone格式错误")
     private String phone;

authorize-api/src/main/java/com/xy/dto/SysWorkUser/DelDto.java

@@ -0,0 +1,19 @@
+package com.xy.dto.SysWorkUser;
+
+import io.swagger.annotations.ApiModel;
+import io.swagger.annotations.ApiModelProperty;
+import lombok.Data;
+import lombok.experimental.Accessors;
+
+import javax.validation.constraints.NotEmpty;
+import java.util.List;
+
+@Data
+@ApiModel("删除")
+@Accessors(chain = true)
+public class DelDto {
+
+    @ApiModelProperty(value = "业务用户ID", required = true)
+    @NotEmpty(message = "未选中用户")
+    private List<Long> id;
+}

authorize-api/src/main/java/com/xy/service/PublicInterface.java

@@ -1,101 +0,0 @@
-package com.xy.service;
-
-import com.xy.annotate.RestMappingController;
-import com.xy.dto.SysMenuDto;
-import com.xy.dto.SysSystemValueDto;
-import com.xy.dto.SysWorkUser.AddDto;
-import com.xy.dto.SysWorkUser.AuthByInterface;
-import com.xy.dto.SysWorkUser.LoginDto;
-import com.xy.dto.SysWorkUser.UpdateDto;
-import com.xy.utils.PageBean;
-import com.xy.utils.R;
-import org.springframework.validation.annotation.Validated;
-import org.springframework.web.bind.annotation.PostMapping;
-import org.springframework.web.bind.annotation.RequestBody;
-
-import javax.validation.Valid;
-import java.util.List;
-
-/**
- * 统一对外接口
- */
-@RestMappingController("public-interface")
-public interface PublicInterface {
-
-    /**
-     * 系统属性分页查询
-     *
-     * @param select
-     * @return
-     */
-    @PostMapping("sysSystemPage")
-    R<PageBean<SysSystemValueDto.Vo>> page(@RequestBody @Validated SysSystemValueDto.Select select);
-
-    /**
-     * 业务用户注册
-     *
-     * @param addDto
-     * @return
-     */
-    @PostMapping("workUserRegister")
-    R<Long> register(@Valid @RequestBody AddDto addDto);
-
-    /**
-     * 业务用户登录
-     *
-     * @param loginDto
-     * @return
-     */
-    @PostMapping("workUserLogin")
-    R<String> login(@RequestBody @Validated LoginDto loginDto);
-
-    /**
-     * 业务用户登出
-     *
-     * @return
-     */
-    @PostMapping("workUserLogout")
-    R logout();
-
-    /**
-     * 业务用户修改
-     *
-     * @return
-     */
-    @PostMapping("workUserUpdate")
-    R<Boolean> update(@Valid @RequestBody UpdateDto updateDto);
-
-    /**
-     * 业务用户登录鉴权
-     *
-     * @return
-     */
-    @PostMapping("workUserAuthByLogin")
-    R<Boolean> authByLogin();
-
-    /**
-     * 业务用户接口鉴权
-     *
-     * @return
-     */
-    @PostMapping("workUserAuthByInterface")
-    R<Boolean> authByInterface(@RequestBody @Validated AuthByInterface authByInterface);
-
-    /**
-     * 业务用户数据鉴权
-     *
-     * @param authByInterface
-     * @return
-     */
-    @PostMapping("workUserAuthByData")
-    R<Boolean> authByData(@RequestBody @Validated AuthByInterface authByInterface);
-
-    /**
-     * 业务用户菜单树
-     *
-     * @param workMenu
-     * @return
-     */
-    @PostMapping("workUserMenu")
-    R<List<SysMenuDto.Vo>> workMenu(@RequestBody @Validated SysMenuDto.WorkMenu workMenu);
-}

authorize-api/src/main/java/com/xy/service/SysMenuService.java

@@ -28,6 +28,14 @@ public interface SysMenuService {
     @PostMapping("workMenu")
     R<List<SysMenuDto.Vo>> workMenu(@RequestBody @Validated SysMenuDto.WorkMenu workMenu);
 
+    /**
+     * 全部菜单树
+     *
+     * @return
+     */
+    @PostMapping("menu")
+    R<List<SysMenuDto.Vo>> menu(@RequestBody @Validated SysMenuDto.WorkMenu workMenu);
+
     /**
      * 添加菜单
      *
@@ -36,4 +44,13 @@ public interface SysMenuService {
      */
     @PostMapping("save")
     R save(@RequestBody @Validated SysMenuDto.Save save);
+
+    /**
+     * 修改菜单
+     *
+     * @param update
+     * @return
+     */
+    @PostMapping("update")
+    R update(@RequestBody @Validated SysMenuDto.Update update);
 }

authorize-api/src/main/java/com/xy/service/SysWorkUserService.java

@@ -1,10 +1,7 @@
 package com.xy.service;
 
 import com.xy.annotate.RestMappingController;
-import com.xy.dto.SysWorkUser.AddDto;
-import com.xy.dto.SysWorkUser.AuthByInterface;
-import com.xy.dto.SysWorkUser.LoginDto;
-import com.xy.dto.SysWorkUser.UpdateDto;
+import com.xy.dto.SysWorkUser.*;
 import com.xy.utils.R;
 import io.swagger.annotations.ApiOperation;
 import org.springframework.validation.annotation.Validated;
@@ -26,10 +23,14 @@ public interface SysWorkUserService {
     @PostMapping("register")
     R<Long> register(@Valid @RequestBody AddDto addDto);
 
-    @ApiOperation(value = "更新业务用户信息", notes = "更新业务用户信息")
+    @ApiOperation(value = "修改", notes = "修改")
     @PostMapping("update")
     R<Boolean> update(@Valid @RequestBody UpdateDto updateDto);
 
+    @ApiOperation(value = "删除", notes = "删除")
+    @PostMapping("del")
+    R del(@RequestBody @Validated DelDto delDto);
+
     @PostMapping("login")
     @ApiOperation("登录")
     R<String> login(@RequestBody @Validated LoginDto loginDto);

authorize-start/src/main/resources/bootstrap.yml

@@ -36,8 +36,8 @@ sa-token:
   enablePermission: false
   # 需要过滤的url
   exclude-paths:
-    - /**/sys-system-user/login
-    - /**/sys-system-user/register
+    - /**/sysWorkUser/login
+    - /**/sysWorkUser/register
     - /**/actuator/dynamic-tp
 
 logging:

sql/init.sql

@@ -1,24 +1,24 @@
--- 新增权限系统管理员租户
-delete from sys_system_user where id = 1;
-insert into sys_system_user(id, account, password, create_time, update_time)
+-- 新增业务用户
+delete from sys_work_user where id = 1;
+insert into sys_work_user(id, account, password, create_time, update_time)
 values(1, 'xyadmin', 'e10adc3949ba59abbe56e057f20f883e', now(), now());
 
 -- 新增权限系统
 delete from sys_system where id = 1;
-insert into sys_system(id, sys_user_id, code, name, create_time, update_time)
-values(1, 1, 'xy_system', '兴元权限系统', now(), now());
+insert into sys_system(id, sys_user_id, code, name, create_time, update_time, create_user, update_user)
+values(1, 1, 'xy_system', '兴元权限系统', now(), now(), 1, 1);
 
--- 新增权限系统管理员角色
+-- 新增角色
 delete from sys_role where id = 1;
 insert into sys_role(id, sys_id, code, name, description, create_time, update_time)
-values(1, 1, 'xy_system_admin', '超级管理员', '超级管理员', now(), now());
+values(1, 1, 'xy_admin', '超级管理员', '超级管理员', now(), now());
 
--- 新增权限系统权限用户角色关联
-delete from sys_system_user_role where id = 1;
-insert into sys_system_user_role(id, system_user_id, role_id, sys_id)
+-- 新增业务用户角色关联
+delete from sys_user_role where id = 1;
+insert into sys_user_role(id, work_user_id, role_id, sys_id)
 values(1, 1, 1, 1);
 
--- 新增权限系统菜单
+-- 新增菜单
 delete from sys_menu where id in(1, 2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15, 16, 17, 18, 19, 20, 21, 22, 23);
 insert into sys_menu(id, pater_id, sys_id, code, name, type, interface_uri, web_json, create_time, update_time)
 values(1, null, 1, 'authorize', '权限管理', 1, null, null, now(), now());
@@ -50,7 +50,7 @@ values(12, 8, 1, 'role_edit', '编辑角色', 3, null, null, now(), now());
 insert into sys_menu(id, pater_id, sys_id, code, name, type, interface_uri, web_json, create_time, update_time)
 values(13, 1, 1, 'system', '系统管理', 1, null, null, now(), now());
 insert into sys_menu(id, pater_id, sys_id, code, name, type, interface_uri, web_json, create_time, update_time)
-values(14, 13, 1, 'system_data', '系统列表', 2, null, null, now(), now());
+values(14, 13, 1, 'system_data', '系统列表', 2, "/sys-system/page", null, now(), now());
 insert into sys_menu(id, pater_id, sys_id, code, name, type, interface_uri, web_json, create_time, update_time)
 values(15, 14, 1, 'system_add', '添加系统', 2, null, null, now(), now());
 insert into sys_menu(id, pater_id, sys_id, code, name, type, interface_uri, web_json, create_time, update_time)
@@ -71,7 +71,7 @@ values(22, 19, 1, 'dept_edit', '编辑部门', 2, null, null, now(), now());
 insert into sys_menu(id, pater_id, sys_id, code, name, type, interface_uri, web_json, create_time, update_time)
 values(23, 19, 1, 'dept_role', '分配角色', 2, null, null, now(), now());
 
--- 新增权限系统角色菜单关联
+-- 新增角色菜单关联
 delete from sys_role_menu where id in(1, 2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15, 16, 17, 18, 19, 20, 21, 22, 23);
 insert into sys_role_menu(id, role_id, menu_id, select_is_admin)
 values(1, 1, 1, true);