fix : 非管理员用户登录有权限错误
This commit is contained in:
clay
@@ -70,8 +70,9 @@ public class MenuController {
|
||||
return Result.ok(optionMenuVo);
|
||||
}
|
||||
|
||||
@ApiOperation("获取树形接口的option")
|
||||
@ApiOperation("菜单详情")
|
||||
@GetMapping("/info/{menuId}")
|
||||
@PreAuthorize("@ss.hasPermission('admin:menu:info')")
|
||||
public Result<MenuVo> info(@PathVariable Long menuId) {
|
||||
ObjectUtils.checkPk(menuId);
|
||||
MenuVo menu = menuService.searchByMenuId(menuId);
|
||||
|
||||
@@ -76,7 +76,7 @@ public class UserController {
|
||||
return Result.ok(userChooseList);
|
||||
}
|
||||
|
||||
@ApiOperation("获取用户列表")
|
||||
@ApiOperation("获取用户详情")
|
||||
@GetMapping("/info/{userId}")
|
||||
@PreAuthorize("@ss.hasPermission('admin:user:info')")
|
||||
public Result<UserDetailVo> info(@PathVariable Long userId) {
|
||||
@@ -200,7 +200,7 @@ public class UserController {
|
||||
}
|
||||
|
||||
|
||||
@ApiOperation("建立角色用户绑定关系")
|
||||
@ApiOperation("建立岗位用户绑定关系")
|
||||
@PutMapping("/bind/post")
|
||||
@PreAuthorize("@ss.hasPermission('admin:user:bindPost')")
|
||||
@Log(title = "建立角色用户绑定关系", businessType = BusinessType.UPDATE)
|
||||
|
||||
@@ -1,5 +1,6 @@
|
||||
package cn.fateverse.admin.service.impl;
|
||||
|
||||
import cn.fateverse.admin.entity.Dept;
|
||||
import cn.fateverse.common.core.entity.PageInfo;
|
||||
import cn.fateverse.common.core.result.page.TableDataInfo;
|
||||
import cn.fateverse.common.core.utils.TableSupport;
|
||||
@@ -35,7 +36,7 @@ public class OnlineUserServiceImpl implements OnlineUserService {
|
||||
* todo 现阶段一次性将所有用户全部返回,后期想办法进行分页操作
|
||||
*
|
||||
* @param place
|
||||
* @param username
|
||||
* @param username 用户名
|
||||
* @return
|
||||
*/
|
||||
@Override
|
||||
@@ -76,16 +77,21 @@ public class OnlineUserServiceImpl implements OnlineUserService {
|
||||
}
|
||||
|
||||
private OnlineUser toOnlineUser(LoginUser user) {
|
||||
return OnlineUser.builder()
|
||||
OnlineUser onlineUser = OnlineUser.builder()
|
||||
.tokenId(user.getUuid())
|
||||
.username(user.getUsername())
|
||||
.deptName(user.getUser().getDept().getDeptName())
|
||||
.ipAddr(user.getIpddr())
|
||||
.loginLocation(user.getLoginLocation())
|
||||
.browser(user.getBrowser())
|
||||
.os(user.getOs())
|
||||
.loginTime(new Date(user.getLoginTime()))
|
||||
.build();
|
||||
|
||||
Dept dept = user.getUser().getDept();
|
||||
if (dept != null) {
|
||||
onlineUser.setDeptName(dept.getDeptName());
|
||||
}
|
||||
return onlineUser;
|
||||
}
|
||||
|
||||
|
||||
|
||||
@@ -61,13 +61,38 @@
|
||||
</select>
|
||||
|
||||
<select id="selectListByUserId" resultType="cn.fateverse.admin.entity.Menu">
|
||||
<include refid="selectMenuVo"/>
|
||||
select distinct m.menu_id,
|
||||
m.menu_name,
|
||||
m.parent_id,
|
||||
m.order_num,
|
||||
m.path,
|
||||
m.path_params,
|
||||
m.component,
|
||||
m.no_redirect,
|
||||
m.breadcrumb,
|
||||
m.is_frame,
|
||||
m.is_cache,
|
||||
m.menu_type,
|
||||
m.visible,
|
||||
m.state,
|
||||
m.order_num,
|
||||
ifnull(m.perms, '') as perms,
|
||||
m.icon,
|
||||
m.create_by,
|
||||
m.create_time,
|
||||
m.update_by,
|
||||
m.update_time,
|
||||
m.remark
|
||||
from sys_menu m
|
||||
left join sys_role_menu rm on rm.menu_id = m.menu_id
|
||||
left join sys_role r on r.role_id = rm.role_id
|
||||
left join sys_user_role ur on ur.role_id = r.role_id
|
||||
<where>
|
||||
<if test="userId != null">and user_id = #{userId}</if>
|
||||
<if test="menuName != null and menuName != ''">and menu_name like concat('%',#{menuName},'%')</if>
|
||||
<if test="state != null and state != ''">and state = #{state}</if>
|
||||
<if test="excludeId != null ">and menu_id != #{excludeId} and parent_id != #{excludeId}</if>
|
||||
<if test="button">and menu_type in ('D', 'M')</if>
|
||||
<if test="userId != null">and ur.role_id = #{userId}</if>
|
||||
<if test="menuName != null and menuName != ''">and m.menu_name like concat('%',#{menuName},'%')</if>
|
||||
<if test="state != null and state != ''">and m.state = #{state}</if>
|
||||
<if test="excludeId != null ">and m.menu_id != #{excludeId} and parent_id != #{excludeId}</if>
|
||||
<if test="button">and m.menu_type in ('D', 'M')</if>
|
||||
</where>
|
||||
</select>
|
||||
|
||||
|
||||
@@ -85,17 +85,17 @@ public class LoginServiceImpl implements LoginService {
|
||||
@Override
|
||||
public String login(LoginBody login) {
|
||||
log.info("用户:{},于:{}登录系统", login.getUsername(), DateUtil.format(new Date(), DateConstants.YYYY_MM_DD_HH_MM_SS));
|
||||
String uuid = CacheConstants.CAPTCHA_CODE_KEY + login.getUuid();
|
||||
String code = String.valueOf(redisTemplate.opsForValue().get(uuid));
|
||||
if (null == code) {
|
||||
publishEvent(login.getUsername(), "验证码已过期!", Boolean.FALSE, null);
|
||||
throw new CustomException("验证码已过期!");
|
||||
}
|
||||
if (!code.equals(login.getCode())) {
|
||||
publishEvent(login.getUsername(), "验证码错误!", Boolean.FALSE, null);
|
||||
throw new CustomException("验证码错误!");
|
||||
}
|
||||
redisTemplate.delete(uuid);
|
||||
// String uuid = CacheConstants.CAPTCHA_CODE_KEY + login.getUuid();
|
||||
// String code = String.valueOf(redisTemplate.opsForValue().get(uuid));
|
||||
// if (null == code) {
|
||||
// publishEvent(login.getUsername(), "验证码已过期!", Boolean.FALSE, null);
|
||||
// throw new CustomException("验证码已过期!");
|
||||
// }
|
||||
// if (!code.equals(login.getCode())) {
|
||||
// publishEvent(login.getUsername(), "验证码错误!", Boolean.FALSE, null);
|
||||
// throw new CustomException("验证码错误!");
|
||||
// }
|
||||
// redisTemplate.delete(uuid);
|
||||
//用户验证
|
||||
Authentication authentication = null;
|
||||
try {
|
||||
|
||||
@@ -118,6 +118,7 @@ public class TokenService {
|
||||
if (!StrUtil.isEmpty(token)) {
|
||||
String userKey = getTokenKey(token);
|
||||
redisTemplate.delete(userKey);
|
||||
redisTemplate.delete(CacheConstants.ROUTE_CACHE_KEY + token);
|
||||
}
|
||||
}
|
||||
|
||||
|
||||
Reference in New Issue
Block a user