添加Controller层的方法权限控制

在shiro的Realm里的doGetAuthorizationInfo方法里 添加权限名称的时候
过滤字符串为空的情况
全局异常增加权限控制异常
更换七牛的线上域名
显示日志列表的时候params字段 跟 response字段 都做ID显示 用script接收
优化了日志显示内容

src/main/java/com/mysiteforme/admin/config/ShiroConfig.java

@@ -82,14 +82,7 @@ public SecurityManager securityManager(@Qualifier("authRealm")AuthRealm authReal
         return defaultWebSecurityManager;
     }
 
-    /**
-     * 保证实现了Shiro内部lifecycle函数的bean执行
-     * @return
-     */
-    @Bean
-    public static LifecycleBeanPostProcessor lifecycleBeanPostProcessor(){
-        return new LifecycleBeanPostProcessor();
-    }
+
 
     @Bean
     public SimpleCookie rememberMeCookie(){
@@ -120,6 +113,15 @@ public DefaultAdvisorAutoProxyCreator defaultAdvisorAutoProxyCreator(){
         return creator;
     }
 
+    /**
+     * 保证实现了Shiro内部lifecycle函数的bean执行
+     * @return
+     */
+    @Bean
+    public static LifecycleBeanPostProcessor lifecycleBeanPostProcessor(){
+        return new LifecycleBeanPostProcessor();
+    }
+
     @Bean
     public AuthorizationAttributeSourceAdvisor authorizationAttributeSourceAdvisor(@Qualifier("authRealm")AuthRealm authRealm) {
         SecurityManager manager= securityManager(authRealm);

src/main/java/com/mysiteforme/admin/controller/BlogArticleController.java

@@ -10,6 +10,7 @@
 import com.mysiteforme.admin.lucene.LuceneSearch;
 import com.mysiteforme.admin.service.BlogChannelService;
 import com.xiaoleilu.hutool.date.DateUtil;
+import org.apache.shiro.authz.annotation.RequiresPermissions;
 import org.springframework.beans.factory.annotation.Autowired;
 import org.springframework.stereotype.Controller;
 import com.baomidou.mybatisplus.mapper.EntityWrapper;
@@ -56,9 +57,9 @@ public String list(){
         return "/admin/blogArticle/list";
     }
 
+    @RequiresPermissions("blog:article:list")
     @PostMapping("list")
     @ResponseBody
-    @SysLog("请求博客内容列表数据")
     public LayerData<BlogArticle> list(@RequestParam(value = "page",defaultValue = "1")Integer page,
                                       @RequestParam(value = "limit",defaultValue = "10")Integer limit,
                                       ServletRequest request){
@@ -106,7 +107,6 @@ public LayerData<BlogArticle> list(@RequestParam(value = "page",defaultValue = "
     }
 
     @GetMapping("add")
-    @SysLog("跳转新增博客内容页面")
     public String add(@RequestParam(value = "channelId",required = false)Long channelId, Model model){
         BlogChannel blogChannel = blogChannelService.selectById(channelId);
         if(blogChannel != null){
@@ -119,6 +119,7 @@ public String add(@RequestParam(value = "channelId",required = false)Long channe
         return "/admin/blogArticle/add";
     }
 
+    @RequiresPermissions("blog:article:add")
     @PostMapping("add")
     @SysLog("保存新增博客内容数据")
     @ResponseBody
@@ -152,7 +153,6 @@ public RestResponse add(@RequestBody BlogArticle blogArticle){
     }
 
     @GetMapping("edit")
-    @SysLog("跳转编辑博客内容页面")
     public String edit(Long id,Model model){
         BlogArticle blogArticle = blogArticleService.selectOneDetailById(id);
         model.addAttribute("blogArticle",blogArticle);
@@ -163,6 +163,7 @@ public String edit(Long id,Model model){
         return "/admin/blogArticle/edit";
     }
 
+    @RequiresPermissions("blog:article:edit")
     @PostMapping("edit")
     @ResponseBody
     @SysLog("保存编辑博客内容数据")
@@ -190,6 +191,7 @@ public RestResponse edit(@RequestBody BlogArticle blogArticle){
         return RestResponse.success();
     }
 
+    @RequiresPermissions("blog:article:delete")
     @PostMapping("delete")
     @ResponseBody
     @SysLog("删除博客内容数据")

src/main/java/com/mysiteforme/admin/controller/BlogChannelController.java

@@ -4,6 +4,7 @@
 import com.mysiteforme.admin.base.BaseController;
 import com.mysiteforme.admin.entity.Site;
 import com.mysiteforme.admin.entity.VO.ZtreeVO;
+import org.apache.shiro.authz.annotation.RequiresPermissions;
 import org.springframework.stereotype.Controller;
 import com.baomidou.mybatisplus.mapper.EntityWrapper;
 import com.mysiteforme.admin.entity.BlogChannel;
@@ -42,16 +43,15 @@ public String list(){
         return "/admin/blogChannel/list";
     }
 
+    @RequiresPermissions("blog:channel:list")
     @PostMapping("list")
     @ResponseBody
-    @SysLog("请求博客栏目列表数据")
     public RestResponse list(HttpServletRequest request){
         List<BlogChannel> blogChannels = blogChannelService.selectChannelList();
         return RestResponse.success().setData(blogChannels);
     }
 
     @GetMapping("add")
-    @SysLog("跳转新增博客栏目页面")
     public String add(@RequestParam(value = "parentId",required = false)Long parentId,Model model){
         if(parentId != null && parentId != 0){
             BlogChannel blogChannel = blogChannelService.selectById(parentId);
@@ -64,6 +64,7 @@ public String add(@RequestParam(value = "parentId",required = false)Long parentI
         return "/admin/blogChannel/add";
     }
 
+    @RequiresPermissions("blog:channel:add")
     @PostMapping("add")
     @SysLog("保存新增博客栏目数据")
     @ResponseBody
@@ -108,7 +109,6 @@ public RestResponse add(BlogChannel blogChannel){
     }
 
     @GetMapping("edit")
-    @SysLog("跳转编辑博客栏目页面")
     public String edit(Long id,Model model){
         BlogChannel blogChannel = blogChannelService.selectById(id);
         model.addAttribute("blogChannel",blogChannel);
@@ -120,6 +120,7 @@ public String edit(Long id,Model model){
         return "/admin/blogChannel/edit";
     }
 
+    @RequiresPermissions("blog:channel:edit")
     @PostMapping("edit")
     @ResponseBody
     @SysLog("保存编辑博客栏目数据")
@@ -143,6 +144,7 @@ public RestResponse edit(BlogChannel blogChannel){
         return RestResponse.success();
     }
 
+    @RequiresPermissions("blog:channel:delete")
     @PostMapping("delete")
     @ResponseBody
     @SysLog("删除博客栏目数据")

src/main/java/com/mysiteforme/admin/controller/BlogCommentController.java

@@ -2,6 +2,7 @@
 
 import com.mysiteforme.admin.util.ToolUtil;
 import com.xiaoleilu.hutool.date.DateUtil;
+import org.apache.shiro.authz.annotation.RequiresPermissions;
 import org.springframework.beans.factory.annotation.Autowired;
 import org.springframework.stereotype.Controller;
 import com.baomidou.mybatisplus.mapper.EntityWrapper;
@@ -51,9 +52,9 @@ public String list(){
         return "/admin/blogComment/list";
     }
 
+    @RequiresPermissions("blog:comment:list")
     @PostMapping("list")
     @ResponseBody
-    @SysLog("请求博客评论列表数据")
     public LayerData<BlogComment> list(@RequestParam(value = "page",defaultValue = "1")Integer page,
                                       @RequestParam(value = "limit",defaultValue = "10")Integer limit,
                                       ServletRequest request){
@@ -97,7 +98,6 @@ public LayerData<BlogComment> list(@RequestParam(value = "page",defaultValue = "
     }
 
     @GetMapping("add")
-    @SysLog("跳转新增博客评论页面")
     public String add(){
         return "/admin/blogComment/add";
     }
@@ -113,7 +113,6 @@ public RestResponse add(BlogComment blogComment, HttpServletRequest request){
     }
 
     @GetMapping("edit")
-    @SysLog("跳转编辑博客评论页面")
     public String edit(Long id,Model model){
         BlogComment blogComment = blogCommentService.selectById(id);
         model.addAttribute("blogComment",blogComment);
@@ -122,7 +121,6 @@ public String edit(Long id,Model model){
 
     @PostMapping("edit")
     @ResponseBody
-    @SysLog("保存编辑博客评论数据")
     public RestResponse edit(BlogComment blogComment){
         if(null == blogComment.getId() || 0 == blogComment.getId()){
             return RestResponse.failure("ID不能为空");
@@ -134,6 +132,7 @@ public RestResponse edit(BlogComment blogComment){
         return RestResponse.success();
     }
 
+    @RequiresPermissions("blog:comment:delete")
     @PostMapping("delete")
     @ResponseBody
     @SysLog("删除博客评论数据")
@@ -147,6 +146,7 @@ public RestResponse delete(@RequestParam(value = "id",required = false)Long id){
         return RestResponse.success();
     }
 
+    @RequiresPermissions("blog:comment:reply")
     @PostMapping("adminReplay")
     @ResponseBody
     @SysLog("管理员回复")

src/main/java/com/mysiteforme/admin/controller/QuartzTaskController.java

@@ -1,6 +1,7 @@
 package com.mysiteforme.admin.controller;
 
 import com.xiaoleilu.hutool.date.DateUtil;
+import org.apache.shiro.authz.annotation.RequiresPermissions;
 import org.springframework.beans.factory.annotation.Autowired;
 import org.springframework.stereotype.Controller;
 import com.baomidou.mybatisplus.mapper.EntityWrapper;
@@ -40,6 +41,7 @@
 public class QuartzTaskController {
     private static final Logger LOGGER = LoggerFactory.getLogger(QuartzTaskController.class);
 
+
     @Autowired
     private QuartzTaskService quartzTaskService;
 
@@ -49,9 +51,9 @@ public String list(){
         return "/admin/quartzTask/list";
     }
 
+    @RequiresPermissions("quartz:task:list")
     @PostMapping("list")
     @ResponseBody
-    @SysLog("请求定时任务列表数据")
     public LayerData<QuartzTask> list(@RequestParam(value = "page",defaultValue = "1")Integer page,
                                       @RequestParam(value = "limit",defaultValue = "10")Integer limit,
                                       ServletRequest request){
@@ -82,11 +84,11 @@ public LayerData<QuartzTask> list(@RequestParam(value = "page",defaultValue = "1
     }
 
     @GetMapping("add")
-    @SysLog("跳转新增定时任务页面")
     public String add(){
         return "/admin/quartzTask/add";
     }
 
+    @RequiresPermissions("quartz:task:add")
     @PostMapping("add")
     @SysLog("保存新增定时任务数据")
     @ResponseBody
@@ -96,13 +98,13 @@ public RestResponse add(QuartzTask quartzTask){
     }
 
     @GetMapping("edit")
-    @SysLog("跳转编辑定时任务页面")
     public String edit(Long id,Model model){
         QuartzTask quartzTask = quartzTaskService.selectById(id);
         model.addAttribute("quartzTask",quartzTask);
         return "/admin/quartzTask/edit";
     }
 
+    @RequiresPermissions("quartz:task:edit")
     @PostMapping("edit")
     @ResponseBody
     @SysLog("保存编辑定时任务数据")
@@ -114,6 +116,7 @@ public RestResponse edit(QuartzTask quartzTask){
         return RestResponse.success();
     }
 
+    @RequiresPermissions("quartz:task:delete")
     @PostMapping("delete")
     @ResponseBody
     @SysLog("删除定时任务数据")
@@ -130,6 +133,7 @@ public RestResponse delete(@RequestParam(value = "ids[]",required = false)List<L
      * @param ids 任务ID List
      * @return
      */
+    @RequiresPermissions("quartz:task:paush")
     @PostMapping("paush")
     @ResponseBody
     public RestResponse paush(@RequestParam(value = "ids[]",required = false)List<Long> ids){
@@ -145,6 +149,7 @@ public RestResponse paush(@RequestParam(value = "ids[]",required = false)List<Lo
      * @param ids 任务ID List
      * @return
      */
+    @RequiresPermissions("quartz:task:resume")
     @PostMapping("resume")
     @ResponseBody
     public RestResponse resume(@RequestParam(value = "ids[]",required = false)List<Long> ids){
@@ -160,6 +165,7 @@ public RestResponse resume(@RequestParam(value = "ids[]",required = false)List<L
      * @param ids 任务ID List
      * @return
      */
+    @RequiresPermissions("quartz:task:run")
     @PostMapping("run")
     @ResponseBody
     public RestResponse run(@RequestParam(value = "ids[]",required = false)List<Long> ids){

src/main/java/com/mysiteforme/admin/controller/QuartzTaskLogController.java

@@ -1,6 +1,7 @@
 package com.mysiteforme.admin.controller;
 
 import com.xiaoleilu.hutool.date.DateUtil;
+import org.apache.shiro.authz.annotation.RequiresPermissions;
 import org.springframework.beans.factory.annotation.Autowired;
 import org.springframework.stereotype.Controller;
 import com.baomidou.mybatisplus.mapper.EntityWrapper;
@@ -49,9 +50,9 @@ public String list(){
         return "/admin/quartzTaskLog/list";
     }
 
+    @RequiresPermissions("quartz:log:list")
     @PostMapping("list")
     @ResponseBody
-    @SysLog("请求任务执行日志列表数据")
     public LayerData<QuartzTaskLog> list(@RequestParam(value = "page",defaultValue = "1")Integer page,
                                       @RequestParam(value = "limit",defaultValue = "10")Integer limit,
                                       ServletRequest request){
@@ -75,21 +76,18 @@ public LayerData<QuartzTaskLog> list(@RequestParam(value = "page",defaultValue =
     }
 
     @GetMapping("add")
-    @SysLog("跳转新增任务执行日志页面")
     public String add(){
         return "/admin/quartzTaskLog/add";
     }
 
     @PostMapping("add")
-    @SysLog("保存新增任务执行日志数据")
     @ResponseBody
     public RestResponse add(QuartzTaskLog quartzTaskLog){
         quartzTaskLogService.insert(quartzTaskLog);
         return RestResponse.success();
     }
 
     @GetMapping("edit")
-    @SysLog("跳转编辑任务执行日志页面")
     public String edit(Long id,Model model){
         QuartzTaskLog quartzTaskLog = quartzTaskLogService.selectById(id);
         model.addAttribute("quartzTaskLog",quartzTaskLog);
@@ -98,7 +96,6 @@ public String edit(Long id,Model model){
 
     @PostMapping("edit")
     @ResponseBody
-    @SysLog("保存编辑任务执行日志数据")
     public RestResponse edit(QuartzTaskLog quartzTaskLog){
         if(null == quartzTaskLog.getId() || 0 == quartzTaskLog.getId()){
             return RestResponse.failure("ID不能为空");
@@ -107,6 +104,7 @@ public RestResponse edit(QuartzTaskLog quartzTaskLog){
         return RestResponse.success();
     }
 
+    @RequiresPermissions("quartz:log:delete")
     @PostMapping("delete")
     @ResponseBody
     @SysLog("删除任务执行日志数据")