Skip to content

G
guns-vip
Commit f0806d2f by fsn
Options

修改权限管理

parent 8ded0f54
Showing with 87 additions and 29 deletions
sql/guns.sql
This source diff could not be displayed because it is too large. You can view the blob instead.
src/main/java/com/stylefeng/guns/common/exception/BizExceptionEnum.java
......@@ -23,7 +23,7 @@ public enum BizExceptionEnum {
* 权限和数据问题
*/
DB_RESOURCE_NULL(400,"数据库中没有该资源"),
NO_PERMITION(405, "无权访问该资源"),
NO_PERMITION(405, "权限异常"),
REQUEST_INVALIDATE(400,"请求数据格式不正确"),
/**
......
src/main/java/com/stylefeng/guns/core/aop/GlobalExceptionHandler.java
......@@ -16,7 +16,9 @@ import org.springframework.web.bind.annotation.ControllerAdvice;
import org.springframework.web.bind.annotation.ExceptionHandler;
import org.springframework.web.bind.annotation.ResponseBody;
import org.springframework.web.bind.annotation.ResponseStatus;
import javax.naming.NoPermissionException;
import java.lang.reflect.UndeclaredThrowableException;
import static com.stylefeng.guns.core.support.HttpKit.getIp;
import static com.stylefeng.guns.core.support.HttpKit.getRequest;
......@@ -47,21 +49,6 @@ public class GlobalExceptionHandler {
}
/**
* 拦截未知的运行时异常
*
* @author fengshuonan
*/
@ExceptionHandler(RuntimeException.class)
@ResponseStatus(HttpStatus.INTERNAL_SERVER_ERROR)
@ResponseBody
public ErrorTip notFount(RuntimeException e) {
LogManager.me().executeLog(LogTaskFactory.exceptionLog(ShiroKit.getUser().getId(), e));
getRequest().setAttribute("tip", "服务器未知运行时异常");
log.error("运行时异常:",e);
return new ErrorTip(BizExceptionEnum.SERVER_ERROR);
}
/**
* 用户未登录
*
* @author fengshuonan
......@@ -106,12 +93,27 @@ public class GlobalExceptionHandler {
*
* @author fengshuonan
*/
@ExceptionHandler(NoPermissionException.class)
@ExceptionHandler(UndeclaredThrowableException.class)
@ResponseStatus(HttpStatus.UNAUTHORIZED)
@ResponseBody
public ErrorTip credentials(NoPermissionException e, Model model) {
public ErrorTip credentials(UndeclaredThrowableException e) {
getRequest().setAttribute("tip", "权限异常");
return new ErrorTip(BizExceptionEnum.NO_PERMITION);
}
/**
* 拦截未知的运行时异常
*
* @author fengshuonan
*/
@ExceptionHandler(RuntimeException.class)
@ResponseStatus(HttpStatus.INTERNAL_SERVER_ERROR)
@ResponseBody
public ErrorTip notFount(RuntimeException e) {
LogManager.me().executeLog(LogTaskFactory.exceptionLog(ShiroKit.getUser().getId(), e));
getRequest().setAttribute("tip", "服务器未知运行时异常");
log.error("运行时异常:",e);
return new ErrorTip(BizExceptionEnum.SERVER_ERROR);
}
}
src/main/java/com/stylefeng/guns/modular/system/controller/DeptController.java
package com.stylefeng.guns.modular.system.controller;
import com.stylefeng.guns.common.annotion.Permission;
import com.stylefeng.guns.common.annotion.log.BussinessLog;
import com.stylefeng.guns.common.constant.Const;
import com.stylefeng.guns.common.constant.factory.ConstantFactory;
import com.stylefeng.guns.common.controller.BaseController;
import com.stylefeng.guns.common.exception.BizExceptionEnum;
......@@ -85,6 +87,7 @@ public class DeptController extends BaseController {
@BussinessLog("添加部门")
@RequestMapping(value = "/add")
@ResponseBody
@Permission(Const.ADMIN_NAME)
public Object add(Dept dept) {
if (ToolUtil.isOneEmpty(dept, dept.getSimplename())) {
throw new BussinessException(BizExceptionEnum.REQUEST_NULL);
......@@ -117,6 +120,7 @@ public class DeptController extends BaseController {
@BussinessLog("修改部门")
@RequestMapping(value = "/update")
@ResponseBody
@Permission(Const.ADMIN_NAME)
public Object update(Dept dept) {
if (ToolUtil.isEmpty(dept) || dept.getId() == null) {
throw new BussinessException(BizExceptionEnum.REQUEST_NULL);
......@@ -131,6 +135,7 @@ public class DeptController extends BaseController {
@BussinessLog(value = "删除部门", key = "deptId")
@RequestMapping(value = "/delete/{deptId}")
@ResponseBody
@Permission(Const.ADMIN_NAME)
public Object delete(@PathVariable("deptId") Integer deptId) {
deptMapper.deleteById(deptId);
return SUCCESS_TIP;
......
src/main/java/com/stylefeng/guns/modular/system/controller/DictController.java
package com.stylefeng.guns.modular.system.controller;
import com.baomidou.mybatisplus.mapper.EntityWrapper;
import com.stylefeng.guns.common.annotion.Permission;
import com.stylefeng.guns.common.annotion.log.BussinessLog;
import com.stylefeng.guns.common.constant.Const;
import com.stylefeng.guns.common.controller.BaseController;
import com.stylefeng.guns.common.exception.BizExceptionEnum;
import com.stylefeng.guns.common.exception.BussinessException;
......@@ -79,6 +81,7 @@ public class DictController extends BaseController {
*/
@BussinessLog(value = "添加字典记录", key = "dictName")
@RequestMapping(value = "/add")
@Permission(Const.ADMIN_NAME)
@ResponseBody
public Object add(String dictName, String dictValues) {
if (ToolUtil.isOneEmpty(dictName, dictValues)) {
......@@ -112,6 +115,7 @@ public class DictController extends BaseController {
*/
@BussinessLog("修改字典")
@RequestMapping(value = "/update")
@Permission(Const.ADMIN_NAME)
@ResponseBody
public Object update(Integer dictId, String dictName, String dictValues) {
if (ToolUtil.isOneEmpty(dictId,dictName,dictValues)) {
......@@ -126,6 +130,7 @@ public class DictController extends BaseController {
*/
@BussinessLog(value = "删除字典记录", key = "dictId")
@RequestMapping(value = "/delete/{dictId}")
@Permission(Const.ADMIN_NAME)
@ResponseBody
public Object delete(@PathVariable("dictId") Integer dictId) {
this.dictService.delteDict(dictId);
......
src/main/java/com/stylefeng/guns/modular/system/controller/LogController.java
......@@ -2,6 +2,8 @@ package com.stylefeng.guns.modular.system.controller;
import com.baomidou.mybatisplus.mapper.SqlRunner;
import com.baomidou.mybatisplus.plugins.Page;
import com.stylefeng.guns.common.annotion.Permission;
import com.stylefeng.guns.common.constant.Const;
import com.stylefeng.guns.common.constant.factory.PageFactory;
import com.stylefeng.guns.common.constant.state.BizLogType;
import com.stylefeng.guns.common.controller.BaseController;
......@@ -73,6 +75,7 @@ public class LogController extends BaseController {
* 清空日志
*/
@RequestMapping("/delLog")
@Permission(Const.ADMIN_NAME)
@ResponseBody
public Object delLog() {
SqlRunner.db().delete("delete from _operation_log");
......
src/main/java/com/stylefeng/guns/modular/system/controller/RoleController.java
......@@ -116,9 +116,9 @@ public class RoleController extends BaseController {
/**
* 角色新增
*/
@Permission(Const.ADMIN_NAME)
@RequestMapping(value = "/add")
@BussinessLog("添加角色")
@Permission(Const.ADMIN_NAME)
@ResponseBody
public Tip add(@Valid Role role, BindingResult result) {
if (result.hasErrors()) {
......@@ -132,9 +132,9 @@ public class RoleController extends BaseController {
/**
* 角色修改
*/
@Permission(Const.ADMIN_NAME)
@RequestMapping(value = "/edit")
@BussinessLog("修改角色")
@Permission(Const.ADMIN_NAME)
@ResponseBody
public Tip edit(@Valid Role role, BindingResult result) {
if (result.hasErrors()) {
......@@ -150,9 +150,9 @@ public class RoleController extends BaseController {
/**
* 删除角色
*/
@Permission(Const.ADMIN_NAME)
@RequestMapping(value = "/remove/{roleId}")
@BussinessLog(value = "删除角色",key = "roleId")
@Permission(Const.ADMIN_NAME)
@ResponseBody
public Tip remove(@PathVariable Integer roleId) {
if (ToolUtil.isEmpty(roleId)) {
......@@ -184,9 +184,9 @@ public class RoleController extends BaseController {
/**
* 配置权限
*/
@Permission(Const.ADMIN_NAME)
@RequestMapping("/setAuthority")
@BussinessLog(value = "配置权限",key = "roleId")
@Permission(Const.ADMIN_NAME)
@ResponseBody
public Tip setAuthority(@RequestParam("roleId") Integer roleId, @RequestParam("ids") String ids) {
if (ToolUtil.isOneEmpty(roleId)) {
......
src/main/java/com/stylefeng/guns/modular/system/controller/UserMgrController.java
......@@ -156,9 +156,9 @@ public class UserMgrController extends BaseController {
/**
* 添加管理员
*/
@Permission(Const.ADMIN_NAME)
@RequestMapping("/add")
@BussinessLog("添加管理员")
@Permission(Const.ADMIN_NAME)
@ResponseBody
public Tip add(@Valid User user, BindingResult result) {
if (result.hasErrors()) {
......@@ -187,6 +187,7 @@ public class UserMgrController extends BaseController {
*/
@RequestMapping("/edit")
@BussinessLog("修改管理员")
@Permission(Const.ADMIN_NAME)
@ResponseBody
public Tip edit(@Valid User user, BindingResult result) throws NoPermissionException {
if (result.hasErrors()) {
......@@ -209,9 +210,9 @@ public class UserMgrController extends BaseController {
/**
* 删除管理员(逻辑删除)
*/
@Permission(Const.ADMIN_NAME)
@RequestMapping("/delete/{userId}")
@BussinessLog(value = "删除管理员", key = "userId")
@Permission(Const.ADMIN_NAME)
@ResponseBody
public Tip delete(@PathVariable Integer userId) {
if (ToolUtil.isEmpty(userId)) {
......@@ -236,9 +237,9 @@ public class UserMgrController extends BaseController {
/**
* 重置管理员的密码
*/
@Permission(Const.ADMIN_NAME)
@RequestMapping("/reset/{userId}")
@BussinessLog(value = "重置管理员密码", key = "userId")
@Permission(Const.ADMIN_NAME)
@ResponseBody
public Tip reset(@PathVariable Integer userId) {
if (ToolUtil.isEmpty(userId)) {
......@@ -254,9 +255,9 @@ public class UserMgrController extends BaseController {
/**
* 冻结用户
*/
@Permission(Const.ADMIN_NAME)
@RequestMapping("/freeze/{userId}")
@BussinessLog(value = "冻结用户", key = "userId")
@Permission(Const.ADMIN_NAME)
@ResponseBody
public Tip freeze(@PathVariable Integer userId) {
if (ToolUtil.isEmpty(userId)) {
......@@ -269,9 +270,9 @@ public class UserMgrController extends BaseController {
/**
* 解除冻结用户
*/
@Permission(Const.ADMIN_NAME)
@RequestMapping("/unfreeze/{userId}")
@BussinessLog(value = "解除冻结用户", key = "userId")
@Permission(Const.ADMIN_NAME)
@ResponseBody
public Tip unfreeze(@PathVariable Integer userId) {
if (ToolUtil.isEmpty(userId)) {
......@@ -284,9 +285,9 @@ public class UserMgrController extends BaseController {
/**
* 分配角色
*/
@Permission(Const.ADMIN_NAME)
@RequestMapping("/setRole")
@BussinessLog(value = "分配角色", key = "userId")
@Permission(Const.ADMIN_NAME)
@ResponseBody
public Tip setRole(@RequestParam("userId") Integer userId, @RequestParam("roleIds") String roleIds) {
if (ToolUtil.isOneEmpty(userId, roleIds)) {
......
src/main/webapp/WEB-INF/view/system/dept/dept.html
......@@ -17,9 +17,15 @@
</div>
</div>
<div class="hidden-xs" id="DeptTableToolbar" role="group">
@if(shiro.hasPermission("/dept/add")){
<#button name="添加" icon="fa-plus" clickFun="Dept.openAddDept()"/>
@}
@if(shiro.hasPermission("/dept/update")){
<#button name="修改" icon="fa-plus" clickFun="Dept.openDeptDetail()" space="true"/>
@}
@if(shiro.hasPermission("/dept/delete")){
<#button name="删除" icon="fa-plus" clickFun="Dept.delete()" space="true"/>
@}
</div>
<#table id="DeptTable"/>
</div>
......
src/main/webapp/WEB-INF/view/system/dict/dict.html
......@@ -17,9 +17,15 @@
</div>
</div>
<div class="hidden-xs" id="DictTableToolbar" role="group">
@if(shiro.hasPermission("/dict/add")){
<#button name="添加" icon="fa-plus" clickFun="Dict.openAddDict()"/>
@}
@if(shiro.hasPermission("/dict/update")){
<#button name="修改" icon="fa-plus" clickFun="Dict.openDictDetail()" space="true"/>
@}
@if(shiro.hasPermission("/dict/delete")){
<#button name="删除" icon="fa-plus" clickFun="Dict.delete()" space="true"/>
@}
</div>
<#table id="DictTable"/>
</div>
......
src/main/webapp/WEB-INF/view/system/log/log.html
......@@ -31,7 +31,9 @@
</div>
<div class="hidden-xs" id="OptLogTableToolbar" role="group">
<#button name="查看详情" icon="fa-plus" clickFun="OptLog.detail()"/>
@if(shiro.hasPermission("/log/delLog")){
<#button name="清空日志" icon="fa-plus" clickFun="OptLog.delLog()" space="true"/>
@}
</div>
<#table id="OptLogTable"/>
</div>
......
src/main/webapp/WEB-INF/view/system/menu/menu.html
......@@ -20,9 +20,15 @@
</div>
</div>
<div class="hidden-xs" id="menuTableToolbar" role="group">
@if(shiro.hasPermission("/menu/add")){
<#button name="添加" icon="fa-plus" clickFun="Menu.openAddMenu()"/>
@}
@if(shiro.hasPermission("/menu/edit")){
<#button name="修改" icon="fa-edit" clickFun="Menu.openChangeMenu()" space="true"/>
@}
@if(shiro.hasPermission("/menu/remove")){
<#button name="删除" icon="fa-remove" clickFun="Menu.delMenu()" space="true"/>
@}
</div>
<#table id="menuTable"/>
</div>
......
src/main/webapp/WEB-INF/view/system/role/role.html
......@@ -17,10 +17,18 @@
</div>
</div>
<div class="hidden-xs" id="roleTableToolbar" role="group">
@if(shiro.hasPermission("/role/add")){
<#button name="添加" icon="fa-plus" clickFun="Role.openAddRole()" />
@}
@if(shiro.hasPermission("/role/edit")){
<#button name="修改" icon="fa-edit" clickFun="Role.openChangeRole()" space="true"/>
@}
@if(shiro.hasPermission("/role/remove")){
<#button name="删除" icon="fa-remove" clickFun="Role.delRole()" space="true"/>
@}
@if(shiro.hasPermission("/role/setAuthority")){
<#button name="权限配置" icon="fa-user-secret" clickFun="Role.assign()" space="true"/>
@}
</div>
<#table id="roleTable"/>
</div>
......
src/main/webapp/WEB-INF/view/system/user/user.html
......@@ -23,13 +23,27 @@
</div>
</div>
<div class="hidden-xs" id="managerTableToolbar" role="group">
@if(shiro.hasPermission("/mgr/add")){
<#button name="添加" icon="fa-plus" clickFun="MgrUser.openAddMgr()"/>
@}
@if(shiro.hasPermission("/mgr/edit")){
<#button name="修改" icon="fa-edit" clickFun="MgrUser.openChangeUser()" space="true"/>
@}
@if(shiro.hasPermission("/mgr/delete")){
<#button name="删除" icon="fa-remove" clickFun="MgrUser.delMgrUser()" space="true"/>
@}
@if(shiro.hasPermission("/mgr/reset")){
<#button name="重置密码" icon="fa-refresh" clickFun="MgrUser.resetPwd()" space="true"/>
@}
@if(shiro.hasPermission("/mgr/freeze")){
<#button name="冻结" icon="fa-warning" clickFun="MgrUser.freezeAccount()" space="true"/>
@}
@if(shiro.hasPermission("/mgr/unfreeze")){
<#button name="解除冻结" icon="fa-check-circle" clickFun="MgrUser.unfreeze()" space="true"/>
@}
@if(shiro.hasPermission("/mgr/setRole")){
<#button name="角色分配" icon="fa-user-secret" clickFun="MgrUser.roleAssign()" space="true"/>
@}
</div>
<#table id="managerTable"/>
</div>
......
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment