fix : 非管理员用户登录有权限错误
This commit is contained in:
clay
@@ -70,8 +70,9 @@ public class MenuController {
|
|||||||
return Result.ok(optionMenuVo);
|
return Result.ok(optionMenuVo);
|
||||||
}
|
}
|
||||||
|
|
||||||
@ApiOperation("获取树形接口的option")
|
@ApiOperation("菜单详情")
|
||||||
@GetMapping("/info/{menuId}")
|
@GetMapping("/info/{menuId}")
|
||||||
|
@PreAuthorize("@ss.hasPermission('admin:menu:info')")
|
||||||
public Result<MenuVo> info(@PathVariable Long menuId) {
|
public Result<MenuVo> info(@PathVariable Long menuId) {
|
||||||
ObjectUtils.checkPk(menuId);
|
ObjectUtils.checkPk(menuId);
|
||||||
MenuVo menu = menuService.searchByMenuId(menuId);
|
MenuVo menu = menuService.searchByMenuId(menuId);
|
||||||
|
|||||||
@@ -76,7 +76,7 @@ public class UserController {
|
|||||||
return Result.ok(userChooseList);
|
return Result.ok(userChooseList);
|
||||||
}
|
}
|
||||||
|
|
||||||
@ApiOperation("获取用户列表")
|
@ApiOperation("获取用户详情")
|
||||||
@GetMapping("/info/{userId}")
|
@GetMapping("/info/{userId}")
|
||||||
@PreAuthorize("@ss.hasPermission('admin:user:info')")
|
@PreAuthorize("@ss.hasPermission('admin:user:info')")
|
||||||
public Result<UserDetailVo> info(@PathVariable Long userId) {
|
public Result<UserDetailVo> info(@PathVariable Long userId) {
|
||||||
@@ -200,7 +200,7 @@ public class UserController {
|
|||||||
}
|
}
|
||||||
|
|
||||||
|
|
||||||
@ApiOperation("建立角色用户绑定关系")
|
@ApiOperation("建立岗位用户绑定关系")
|
||||||
@PutMapping("/bind/post")
|
@PutMapping("/bind/post")
|
||||||
@PreAuthorize("@ss.hasPermission('admin:user:bindPost')")
|
@PreAuthorize("@ss.hasPermission('admin:user:bindPost')")
|
||||||
@Log(title = "建立角色用户绑定关系", businessType = BusinessType.UPDATE)
|
@Log(title = "建立角色用户绑定关系", businessType = BusinessType.UPDATE)
|
||||||
|
|||||||
@@ -1,5 +1,6 @@
|
|||||||
package cn.fateverse.admin.service.impl;
|
package cn.fateverse.admin.service.impl;
|
||||||
|
|
||||||
|
import cn.fateverse.admin.entity.Dept;
|
||||||
import cn.fateverse.common.core.entity.PageInfo;
|
import cn.fateverse.common.core.entity.PageInfo;
|
||||||
import cn.fateverse.common.core.result.page.TableDataInfo;
|
import cn.fateverse.common.core.result.page.TableDataInfo;
|
||||||
import cn.fateverse.common.core.utils.TableSupport;
|
import cn.fateverse.common.core.utils.TableSupport;
|
||||||
@@ -35,7 +36,7 @@ public class OnlineUserServiceImpl implements OnlineUserService {
|
|||||||
* todo 现阶段一次性将所有用户全部返回,后期想办法进行分页操作
|
* todo 现阶段一次性将所有用户全部返回,后期想办法进行分页操作
|
||||||
*
|
*
|
||||||
* @param place
|
* @param place
|
||||||
* @param username
|
* @param username 用户名
|
||||||
* @return
|
* @return
|
||||||
*/
|
*/
|
||||||
@Override
|
@Override
|
||||||
@@ -76,16 +77,21 @@ public class OnlineUserServiceImpl implements OnlineUserService {
|
|||||||
}
|
}
|
||||||
|
|
||||||
private OnlineUser toOnlineUser(LoginUser user) {
|
private OnlineUser toOnlineUser(LoginUser user) {
|
||||||
return OnlineUser.builder()
|
OnlineUser onlineUser = OnlineUser.builder()
|
||||||
.tokenId(user.getUuid())
|
.tokenId(user.getUuid())
|
||||||
.username(user.getUsername())
|
.username(user.getUsername())
|
||||||
.deptName(user.getUser().getDept().getDeptName())
|
|
||||||
.ipAddr(user.getIpddr())
|
.ipAddr(user.getIpddr())
|
||||||
.loginLocation(user.getLoginLocation())
|
.loginLocation(user.getLoginLocation())
|
||||||
.browser(user.getBrowser())
|
.browser(user.getBrowser())
|
||||||
.os(user.getOs())
|
.os(user.getOs())
|
||||||
.loginTime(new Date(user.getLoginTime()))
|
.loginTime(new Date(user.getLoginTime()))
|
||||||
.build();
|
.build();
|
||||||
|
|
||||||
|
Dept dept = user.getUser().getDept();
|
||||||
|
if (dept != null) {
|
||||||
|
onlineUser.setDeptName(dept.getDeptName());
|
||||||
|
}
|
||||||
|
return onlineUser;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
||||||
|
|||||||
@@ -61,13 +61,38 @@
|
|||||||
</select>
|
</select>
|
||||||
|
|
||||||
<select id="selectListByUserId" resultType="cn.fateverse.admin.entity.Menu">
|
<select id="selectListByUserId" resultType="cn.fateverse.admin.entity.Menu">
|
||||||
<include refid="selectMenuVo"/>
|
select distinct m.menu_id,
|
||||||
|
m.menu_name,
|
||||||
|
m.parent_id,
|
||||||
|
m.order_num,
|
||||||
|
m.path,
|
||||||
|
m.path_params,
|
||||||
|
m.component,
|
||||||
|
m.no_redirect,
|
||||||
|
m.breadcrumb,
|
||||||
|
m.is_frame,
|
||||||
|
m.is_cache,
|
||||||
|
m.menu_type,
|
||||||
|
m.visible,
|
||||||
|
m.state,
|
||||||
|
m.order_num,
|
||||||
|
ifnull(m.perms, '') as perms,
|
||||||
|
m.icon,
|
||||||
|
m.create_by,
|
||||||
|
m.create_time,
|
||||||
|
m.update_by,
|
||||||
|
m.update_time,
|
||||||
|
m.remark
|
||||||
|
from sys_menu m
|
||||||
|
left join sys_role_menu rm on rm.menu_id = m.menu_id
|
||||||
|
left join sys_role r on r.role_id = rm.role_id
|
||||||
|
left join sys_user_role ur on ur.role_id = r.role_id
|
||||||
<where>
|
<where>
|
||||||
<if test="userId != null">and user_id = #{userId}</if>
|
<if test="userId != null">and ur.role_id = #{userId}</if>
|
||||||
<if test="menuName != null and menuName != ''">and menu_name like concat('%',#{menuName},'%')</if>
|
<if test="menuName != null and menuName != ''">and m.menu_name like concat('%',#{menuName},'%')</if>
|
||||||
<if test="state != null and state != ''">and state = #{state}</if>
|
<if test="state != null and state != ''">and m.state = #{state}</if>
|
||||||
<if test="excludeId != null ">and menu_id != #{excludeId} and parent_id != #{excludeId}</if>
|
<if test="excludeId != null ">and m.menu_id != #{excludeId} and parent_id != #{excludeId}</if>
|
||||||
<if test="button">and menu_type in ('D', 'M')</if>
|
<if test="button">and m.menu_type in ('D', 'M')</if>
|
||||||
</where>
|
</where>
|
||||||
</select>
|
</select>
|
||||||
|
|
||||||
|
|||||||
@@ -85,17 +85,17 @@ public class LoginServiceImpl implements LoginService {
|
|||||||
@Override
|
@Override
|
||||||
public String login(LoginBody login) {
|
public String login(LoginBody login) {
|
||||||
log.info("用户:{},于:{}登录系统", login.getUsername(), DateUtil.format(new Date(), DateConstants.YYYY_MM_DD_HH_MM_SS));
|
log.info("用户:{},于:{}登录系统", login.getUsername(), DateUtil.format(new Date(), DateConstants.YYYY_MM_DD_HH_MM_SS));
|
||||||
String uuid = CacheConstants.CAPTCHA_CODE_KEY + login.getUuid();
|
// String uuid = CacheConstants.CAPTCHA_CODE_KEY + login.getUuid();
|
||||||
String code = String.valueOf(redisTemplate.opsForValue().get(uuid));
|
// String code = String.valueOf(redisTemplate.opsForValue().get(uuid));
|
||||||
if (null == code) {
|
// if (null == code) {
|
||||||
publishEvent(login.getUsername(), "验证码已过期!", Boolean.FALSE, null);
|
// publishEvent(login.getUsername(), "验证码已过期!", Boolean.FALSE, null);
|
||||||
throw new CustomException("验证码已过期!");
|
// throw new CustomException("验证码已过期!");
|
||||||
}
|
// }
|
||||||
if (!code.equals(login.getCode())) {
|
// if (!code.equals(login.getCode())) {
|
||||||
publishEvent(login.getUsername(), "验证码错误!", Boolean.FALSE, null);
|
// publishEvent(login.getUsername(), "验证码错误!", Boolean.FALSE, null);
|
||||||
throw new CustomException("验证码错误!");
|
// throw new CustomException("验证码错误!");
|
||||||
}
|
// }
|
||||||
redisTemplate.delete(uuid);
|
// redisTemplate.delete(uuid);
|
||||||
//用户验证
|
//用户验证
|
||||||
Authentication authentication = null;
|
Authentication authentication = null;
|
||||||
try {
|
try {
|
||||||
|
|||||||
@@ -118,6 +118,7 @@ public class TokenService {
|
|||||||
if (!StrUtil.isEmpty(token)) {
|
if (!StrUtil.isEmpty(token)) {
|
||||||
String userKey = getTokenKey(token);
|
String userKey = getTokenKey(token);
|
||||||
redisTemplate.delete(userKey);
|
redisTemplate.delete(userKey);
|
||||||
|
redisTemplate.delete(CacheConstants.ROUTE_CACHE_KEY + token);
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|||||||
Reference in New Issue
Block a user