分离不同系统的资源鉴权

auth-center/auth-spring-boot-autoconfigure/src/main/java/com/peng/auth/spring/boot/autoconfigure/config/AccessDecisionManagerIml.java

@@ -4,6 +4,7 @@
 import com.peng.main.api.mapper.model.BaseModuleResources;
 import com.peng.main.api.mapper.model.BaseRole;
 import org.springframework.beans.factory.annotation.Autowired;
+import org.springframework.beans.factory.annotation.Value;
 import org.springframework.boot.context.properties.ConfigurationProperties;
 import org.springframework.security.access.AccessDecisionManager;
 import org.springframework.security.access.AccessDeniedException;
@@ -29,6 +30,9 @@ public class AccessDecisionManagerIml  implements AccessDecisionManager {
 
     private String[] ignoreds;
 
+    @Value("${spring.application.name}")
+    private String applicationName;
+
     private String url;
 
     private String httpMethod;
@@ -86,16 +90,19 @@ private boolean checkSubModule(List<BaseModuleResources> modules) {
         while (iterator.hasNext())
         {
             BaseModuleResources e = iterator.next();
-            if (e.getIsOperating() == 1 && e.getModulePath() != null && !"".equals(e.getModulePath())) {
-                if (matchUrl(url, e.getModulePath()) && httpMethod.toUpperCase().equals(e.getHttpMethod().toUpperCase())) {
-                    return true;
+            // 匹配当前应用的资源
+            if(applicationName.equals(e.getProjectName())) {
+                if (e.getIsOperating() == 1 && e.getModulePath() != null && !"".equals(e.getModulePath())) {
+                    if (matchUrl(url, e.getModulePath()) && httpMethod.toUpperCase().equals(e.getHttpMethod().toUpperCase())) {
+                        return true;
+                    }
                 }
-            }
 
-            // 递归检查子模块的权限
-            if (e.getSubModules().size() > 0) {
-                if (checkSubModule(e.getSubModules())) {
-                    return true;
+                // 递归检查子模块的权限
+                if (e.getSubModules().size() > 0) {
+                    if (checkSubModule(e.getSubModules())) {
+                        return true;
+                    }
                 }
             }
         }

main-data/main-data-api/src/main/java/com/peng/main/api/mapper/model/BaseModuleResources.java

@@ -53,9 +53,18 @@ public class BaseModuleResources implements Serializable {
     @Column(name = "UPDATE_DATE")
     private Date updateDate;
 
+    /**
+     * 资源子项
+     */
     @Transient
     private List<BaseModuleResources> subModules;
 
+    /**
+     * 资源所属系统
+     */
+    @Transient
+    private String projectName;
+
     /**
      * @return ID
      */
@@ -249,4 +258,12 @@ public List<BaseModuleResources> getSubModules() {
     public void setSubModules(List<BaseModuleResources> subModules) {
         this.subModules = subModules;
     }
+
+    public String getProjectName() {
+        return projectName;
+    }
+
+    public void setProjectName(String projectName) {
+        this.projectName = projectName;
+    }
 }

main-data/main-data-api/src/main/java/com/peng/main/api/mapper/model/BaseSystem.java

@@ -12,12 +12,6 @@ public class BaseSystem implements Serializable {
     @Column(name = "ID")
     private String id;
 
-    @Column(name = "IP_ADDRESS")
-    private String ipAddress;
-
-    @Column(name = "PORT")
-    private String port;
-
     @Column(name = "SYSTEM_NAME")
     private String systemName;
 
@@ -53,34 +47,6 @@ public void setId(String id) {
         this.id = id;
     }
 
-    /**
-     * @return IP_ADDRESS
-     */
-    public String getIpAddress() {
-        return ipAddress;
-    }
-
-    /**
-     * @param ipAddress
-     */
-    public void setIpAddress(String ipAddress) {
-        this.ipAddress = ipAddress;
-    }
-
-    /**
-     * @return PORT
-     */
-    public String getPort() {
-        return port;
-    }
-
-    /**
-     * @param port
-     */
-    public void setPort(String port) {
-        this.port = port;
-    }
-
     /**
      * @return SYSTEM_NAME
      */

main-data/main-data-provider/src/main/resources/mybatis/mapper/BaseModuleResourcesMapper.xml

@@ -57,6 +57,7 @@
     <result column="ACTIVE" property="active" jdbcType="INTEGER" />
     <result column="CREATE_DATE" property="createDate" jdbcType="TIMESTAMP" />
     <result column="UPDATE_DATE" property="updateDate" jdbcType="TIMESTAMP" />
+    <result column="PROJECT_NAME" property="projectName" jdbcType="VARCHAR" />
     <collection  column="{ID=ID,USER_ID=USER_ID}" property="subModules" select="selectModuleByParentId" />
   </resultMap>
 
@@ -75,15 +76,17 @@
   </select>
 
   <select id="selectModuleByRoleId" resultMap="rolesMap">
-    SELECT bmr.*, bur.user_id as USER_ID FROM base_role_module brm
+    SELECT bmr.*, bur.user_id as USER_ID, bs.PROJECT_NAME FROM base_role_module brm
     LEFT JOIN base_module_resources bmr on brm.MODULE_ID = bmr.ID
     LEFT JOIN base_user_role bur ON bur.role_id = brm.role_id
+    LEFT JOIN base_system bs ON  bmr.SYSTEM_ID = bs.ID
     WHERE brm.ROLE_ID = #{ID} and bur.user_id = #{USER_ID} and bmr.parent_id is null
   </select>
   <select id="selectModuleByParentId" resultMap="rolesMap">
-    SELECT DISTINCT bmr.*, bur.user_id as USER_ID FROM base_user_role bur
+    SELECT DISTINCT bmr.*, bur.user_id as USER_ID, bs.PROJECT_NAME FROM base_user_role bur
     LEFT JOIN base_role_module brm ON bur.role_id = brm.role_id
     LEFT JOIN base_module_resources bmr ON brm.module_id = bmr.id
+    LEFT JOIN base_system bs ON  bmr.SYSTEM_ID = bs.ID
     WHERE bur.user_id = #{USER_ID} AND bmr.parent_id = #{ID}
   </select>
 </mapper>

main-data/main-data-provider/src/main/resources/mybatis/mapper/BaseSystemMapper.xml

@@ -6,13 +6,12 @@
       WARNING - @mbggenerated
     -->
     <id column="ID" property="id" jdbcType="VARCHAR" />
-    <result column="IP_ADDRESS" property="ipAddress" jdbcType="VARCHAR" />
-    <result column="PORT" property="port" jdbcType="VARCHAR" />
     <result column="SYSTEM_NAME" property="systemName" jdbcType="VARCHAR" />
     <result column="PROJECT_NAME" property="projectName" jdbcType="VARCHAR" />
     <result column="ACTIVE" property="active" jdbcType="INTEGER" />
     <result column="SORT" property="sort" jdbcType="INTEGER" />
     <result column="CREATE_DATE" property="createDate" jdbcType="TIMESTAMP" />
     <result column="UPDATE_DATE" property="updateDate" jdbcType="TIMESTAMP" />
   </resultMap>
+
 </mapper>

web-app/src/components/module/ModuleManaged.vue

@@ -0,0 +1,189 @@
+<template lang="html">
+  <div>
+  <!--查尋條件-->
+    <el-row>
+    <el-form :inline="true" :model="form" class="demo-form-inline">
+    <el-form-item label="角色编码">
+      <el-input v-model="form.roleCode" placeholder="角色编码"></el-input>
+    </el-form-item>
+    <el-form-item label="角色名称">
+      <el-input v-model="form.roleName" placeholder="角色名称"></el-input>
+    </el-form-item>
+    <el-form-item>
+      <el-button type="primary" @click="query">查询</el-button>
+    </el-form-item>
+    </el-form>
+    </el-row>
+    <el-row style="margin-bottom: 20px">
+    <el-button type="primary" icon="el-icon-add" @click="showAddDialog">新增</el-button>
+    <el-button type="danger" icon="el-icon-delete" @click="showDeleteDialog">删除</el-button>
+    </el-row>
+
+    <el-table
+      :data="tableData"
+      v-loading="tableLoading"
+      element-loading-text="加载中"
+      @selection-change="handleSelectionChange"
+      style="width: 100%; margin-top: 10px">
+       <el-table-column
+        type="selection"
+        width="55">
+      </el-table-column>
+      <el-table-column
+        prop="roleCode"
+        label="角色编码"
+        >
+      </el-table-column>
+      <el-table-column
+        prop="roleName"
+        label="角色名称"
+        >
+      </el-table-column>
+      <el-table-column
+        fixed="right"
+        label="操作"
+        width="300">
+        <template scope="scope" >
+          <el-button size="small" @click="showEditDialog(scope.row)">编辑</el-button>
+          <el-button type="warning" size="small" @click="showRoleSetDialog(scope.row)">权限配置</el-button>
+        </template>
+      </el-table-column>
+    </el-table>
+
+    <el-row style="text-align: center; margin-top: 20px">
+    <el-col :span="24">
+      <el-pagination
+        @size-change="handleSizeChange"
+        @current-change="handleCurrentChange"
+        :current-page="form.pageNum"
+        :page-sizes="[5, 10, 20, 50]"
+        :page-size="form.pageSize"
+        layout="total, sizes, prev, pager, next, jumper"
+        :total="tableTotal">
+      </el-pagination>
+    </el-col>
+    </el-row>
+    <!--删除角色-->
+    <el-dialog
+      title="提示"
+      :visible.sync="deleteDialogShow"
+      width="30%">
+      <span>确定删除选中角色？</span>
+      <span slot="footer" class="dialog-footer">
+            <el-button @click="deleteDialogShow = false">取 消</el-button>
+            <el-button type="danger" :loading="deleteDialogLoading" @click="deleteDialogClick">确 定</el-button>
+          </span>
+    </el-dialog>
+    <!--新增角色表单-->
+    <add-role ref="addRole" @success="loadTable"></add-role>
+    <!--编辑角色表单-->
+    <edit-role ref="editRole" @success="loadTable"></edit-role>
+<!--&lt;!&ndash;设置角色权限&ndash;&gt;
+<role-set ref="roleSetting"></role-set>-->
+  </div>
+</template>
+
+<script>
+import {DataMainApi, Status} from '../ApiConstant'
+import RoleAdd from './RoleAdd.vue'
+import RoleEdit from './RoleEdit.vue'
+export default {
+  components: {
+    'add-role': RoleAdd,
+    'edit-role': RoleEdit
+  },
+  created () {
+    // 加载表格数据
+    this.loadTable()
+  },
+  data () {
+    return {
+      form: {
+        roleCode: null,
+        roleName: null,
+        pageNum: 1,
+        pageSize: 10
+      },
+      // 表格数据
+      tableData: [],
+      tableTotal: 0,
+      tableLoading: false,
+      // 删除框
+      deleteDialogShow: false,
+      // 删除按钮loading
+      deleteDialogLoading: false,
+      // 选中行
+      selectData: []
+    }
+  },
+  methods: {
+    // 查询数据
+    query () {
+      this.loadTable()
+    },
+    // 加载表格数据
+    loadTable () {
+      var self = this
+      self.tableLoading = true
+      this.$http.post(DataMainApi + '/role/table', self.form)
+        .then(res => {
+          if (res.data.code === Status.success) {
+            self.tableData = res.data.data.rows
+            self.tableTotal = res.data.data.total
+          }
+          setTimeout(function () {
+            self.tableLoading = false
+          }, 500)
+        })
+    },
+    showDeleteDialog () {
+      this.deleteDialogShow = true
+    },
+    // 表格多选
+    handleSelectionChange (row) {
+      this.selectData = row
+    },
+    showAddDialog () {
+      this.$refs.addRole.show()
+    },
+    handleSizeChange (val) {
+      this.form.pageSize = val
+      this.loadTable()
+    },
+    handleCurrentChange (val) {
+      this.form.pageNum = val
+      this.loadTable()
+    },
+    showEditDialog (row) {
+      this.$refs.editRole.show(row)
+    },
+    showRoleSetDialog (row) {
+      this.$refs.roleSetting.show(row)
+    },
+    // 删除角色
+    deleteDialogClick () {
+      var self = this
+      if (this.selectData.length > 0) {
+        this.deleteDialogLoading = true
+        this.$http.delete(`${DataMainApi}/role`, {data: self.selectData})
+          .then(res => {
+            if (res.data.code === Status.success) {
+              self.$notify.success('删除角色成功')
+              self.loadTable()
+              self.deleteDialogShow = false
+            } else {
+              self.$notify.error('删除角色失败')
+            }
+            self.deleteDialogLoading = false
+          })
+          .catch(() => {
+            self.deleteDialogLoading = false
+          })
+      } else {
+        self.$notify.warning('请选择需要删除的角色')
+        self.deleteDialogShow = false
+      }
+    }
+  }
+}
+</script>