修复shiro2.0.3组件bug

This commit is contained in:
wuy 2020-02-21 23:10:40 +08:00
parent 0b5c8d6633
commit 4d36d8aefe
11 changed files with 122 additions and 37 deletions

View File

@ -3,8 +3,10 @@ buildscript {
springBootVersion = '2.2.1.RELEASE' springBootVersion = '2.2.1.RELEASE'
} }
repositories { repositories {
mavenLocal() //maven库 // mavenLocal() //maven库
maven{ url 'http://maven.aliyun.com/nexus/content/groups/public/'} maven { url 'http://maven.diboot.com/repository/diboot' }
maven { url 'http://maven.aliyun.com/nexus/content/groups/public/' }
} }
dependencies { dependencies {
classpath("org.springframework.boot:spring-boot-gradle-plugin:${springBootVersion}") classpath("org.springframework.boot:spring-boot-gradle-plugin:${springBootVersion}")
@ -26,11 +28,12 @@ subprojects {
sourceCompatibility = 1.8 sourceCompatibility = 1.8
targetCompatibility = 1.8 targetCompatibility = 1.8
[compileJava,compileTestJava,javadoc]*.options*.encoding = 'UTF-8' [compileJava, compileTestJava, javadoc]*.options*.encoding = 'UTF-8'
repositories { repositories {
mavenLocal() //maven库 // mavenLocal() //maven库
maven{ url 'http://maven.aliyun.com/nexus/content/groups/public/'} maven { url 'http://maven.diboot.com/repository/diboot' }
maven { url 'http://maven.aliyun.com/nexus/content/groups/public/' }
} }
ext {// ext {//
springBootVersion = "2.2.1.RELEASE" springBootVersion = "2.2.1.RELEASE"
@ -42,7 +45,7 @@ subprojects {
} }
dependencies { dependencies {
// Gradle 5.0使 // Gradle 5.0使
// annotationProcessor("org.projectlombok:lombok:$lombokVersion") annotationProcessor("org.projectlombok:lombok:$lombokVersion")
//gradle 5.0使 //gradle 5.0使
compileOnly("org.projectlombok:lombok:$lombokVersion") compileOnly("org.projectlombok:lombok:$lombokVersion")
@ -60,9 +63,9 @@ subprojects {
compile("org.hibernate.validator:hibernate-validator:$validatorVersion") compile("org.hibernate.validator:hibernate-validator:$validatorVersion")
// Apache Commons // Apache Commons
compile("org.apache.commons:commons-lang3:3.8.1", compile("org.apache.commons:commons-lang3:3.8.1",
// "commons-fileupload:commons-fileupload:1.3.3", // "commons-fileupload:commons-fileupload:1.3.3",
"commons-io:commons-io:2.6") "commons-io:commons-io:2.6")
// //
testCompile("org.springframework.boot:spring-boot-starter-test:$springBootVersion") testCompile("org.springframework.boot:spring-boot-starter-test:$springBootVersion")
testCompile("junit:junit:4.12") testCompile("junit:junit:4.12")

View File

@ -1,7 +1,8 @@
dependencies { dependencies {
compile project(":diboot-core") compile 'com.diboot:diboot-core-spring-boot-starter:2.0.3-RC1'
// compile("com.diboot:diboot-core-spring-boot-starter:2.0.3-RC3")
compile("org.apache.shiro:shiro-spring:1.4.1") compile("org.apache.shiro:shiro-spring:1.4.1")
compile("org.aspectj:aspectjweaver") compile("org.aspectj:aspectjweaver")
compile("com.auth0:java-jwt:3.4.1", compile("com.auth0:java-jwt:3.4.1",
@ -9,6 +10,10 @@ dependencies {
testCompile group: 'junit', name: 'junit', version: '4.12' testCompile group: 'junit', name: 'junit', version: '4.12'
} }
group 'com.diboot'
version '2.0.3'
apply plugin: 'idea'
jar.enabled = true
sourceSets { sourceSets {
main { main {

View File

@ -15,7 +15,8 @@ public enum AuthType {
USERNAME_PASSWORD(1, true, "账号密码"), USERNAME_PASSWORD(1, true, "账号密码"),
WX_MP(2, false, "公众号"), WX_MP(2, false, "公众号"),
WX_CP(3, false, "企业微信"); WX_CP(3, false, "企业微信"),
WX_USERNAME_NO_PASSWORD(4, false, "微信绑定,用户免密登录"),;
private int code; private int code;
private boolean requirePassword; private boolean requirePassword;

View File

@ -54,7 +54,7 @@ public class PermissionController extends BaseCrudRestController {
@GetMapping("/list") @GetMapping("/list")
@AuthorizationWrapper(value = @RequiresPermissions("list"), name = "列表") @AuthorizationWrapper(value = @RequiresPermissions("list"), name = "列表")
public JsonResult getVOList(PermissionDto permissionDto, Pagination pagination, HttpServletRequest request) throws Exception{ public JsonResult getVOList(PermissionDto permissionDto, Pagination pagination, HttpServletRequest request) throws Exception{
QueryWrapper<PermissionDto> queryWrapper = super.buildQueryWrapper(permissionDto, request); QueryWrapper<PermissionDto> queryWrapper = super.buildQueryWrapper(permissionDto);
// 查询当前页的Entity主表数据 // 查询当前页的Entity主表数据
List<Permission> entityList = permissionService.getPermissionList(queryWrapper, pagination); List<Permission> entityList = permissionService.getPermissionList(queryWrapper, pagination);
return new JsonResult(Status.OK, entityList).bindPagination(pagination); return new JsonResult(Status.OK, entityList).bindPagination(pagination);
@ -81,13 +81,13 @@ public class PermissionController extends BaseCrudRestController {
*/ */
@PostMapping("/") @PostMapping("/")
@AuthorizationWrapper(value = @RequiresPermissions("create"), name = "新建") @AuthorizationWrapper(value = @RequiresPermissions("create"), name = "新建")
public JsonResult createEntity(@ModelAttribute PermissionVO viewObject, HttpServletRequest request) public JsonResult createEntity(@ModelAttribute PermissionVO viewObject, HttpServletRequest request, BindingResult result)
throws Exception{ throws Exception{
// 转换 // 转换
Permission entity = BeanUtils.convert(viewObject, Permission.class); Permission entity = BeanUtils.convert(viewObject, Permission.class);
// 创建 // 创建
entity.setApplication(systemParamConfig.getApplication()); entity.setApplication(systemParamConfig.getApplication());
return super.createEntity(entity, request); return super.createEntity(entity, result);
} }
/*** /***
@ -99,9 +99,9 @@ public class PermissionController extends BaseCrudRestController {
@PutMapping("/{id}") @PutMapping("/{id}")
@AuthorizationWrapper(value = @RequiresPermissions("update"), name = "更新") @AuthorizationWrapper(value = @RequiresPermissions("update"), name = "更新")
public JsonResult updateModel(@PathVariable("id")Long id, @ModelAttribute Permission entity, public JsonResult updateModel(@PathVariable("id")Long id, @ModelAttribute Permission entity,
HttpServletRequest request) throws Exception{ HttpServletRequest request, BindingResult result) throws Exception{
entity.setApplication(systemParamConfig.getApplication()); entity.setApplication(systemParamConfig.getApplication());
return super.updateEntity(id, entity, request); return super.updateEntity(entity, result);
} }
/*** /***
@ -113,7 +113,7 @@ public class PermissionController extends BaseCrudRestController {
@DeleteMapping("/{id}") @DeleteMapping("/{id}")
@AuthorizationWrapper(value = @RequiresPermissions("delete"), name = "删除") @AuthorizationWrapper(value = @RequiresPermissions("delete"), name = "删除")
public JsonResult deleteModel(@PathVariable("id")Long id, HttpServletRequest request) throws Exception{ public JsonResult deleteModel(@PathVariable("id")Long id, HttpServletRequest request) throws Exception{
return super.deleteEntity(id, request); return super.deleteEntity(id);
} }
@Override @Override

View File

@ -62,7 +62,7 @@ public class RoleController extends BaseCrudRestController {
@GetMapping("/list") @GetMapping("/list")
@AuthorizationWrapper(value = @RequiresPermissions("list"), name = "列表") @AuthorizationWrapper(value = @RequiresPermissions("list"), name = "列表")
public JsonResult getVOList(RoleDto roleDto, Pagination pagination, HttpServletRequest request) throws Exception{ public JsonResult getVOList(RoleDto roleDto, Pagination pagination, HttpServletRequest request) throws Exception{
QueryWrapper<RoleDto> queryWrapper = super.buildQueryWrapper(roleDto, request); QueryWrapper<RoleDto> queryWrapper = super.buildQueryWrapper(roleDto);
// 获取结果 // 获取结果
List<RoleVO> voList = roleService.getRoleList(queryWrapper, pagination); List<RoleVO> voList = roleService.getRoleList(queryWrapper, pagination);
// 返回结果 // 返回结果
@ -92,10 +92,6 @@ public class RoleController extends BaseCrudRestController {
@AuthorizationWrapper(value = @RequiresPermissions("update"), name = "更新") @AuthorizationWrapper(value = @RequiresPermissions("update"), name = "更新")
public JsonResult updateModel(@PathVariable("id")Long id, @RequestBody Role entity, BindingResult result, public JsonResult updateModel(@PathVariable("id")Long id, @RequestBody Role entity, BindingResult result,
HttpServletRequest request) throws Exception{ HttpServletRequest request) throws Exception{
// Model属性值验证结果
if(result.hasErrors()) {
return new JsonResult(Status.FAIL_INVALID_PARAM, V.getBindingError(result));
}
entity.setId(id); entity.setId(id);
roleService.updateRole(entity); roleService.updateRole(entity);
return new JsonResult(Status.OK); return new JsonResult(Status.OK);

View File

@ -12,8 +12,8 @@
<if test="ew.roleId"> <if test="ew.roleId">
AND role_id = #{ew.roleId} AND role_id = #{ew.roleId}
</if> </if>
<if test="ew.permission_id"> <if test="ew.permissionId">
AND user_type = #{ew.userType} AND permission_id = #{ew.permissionId}
</if> </if>
</when> </when>
<otherwise> <otherwise>

View File

@ -51,7 +51,7 @@ public class RolePermissionServiceImpl extends BaseServiceImpl<RolePermissionMap
else if (entity.isDeleted()){ else if (entity.isDeleted()){
Map<String, Object> criteria = new HashMap(){{ Map<String, Object> criteria = new HashMap(){{
put("roleId", entity.getRoleId()); put("roleId", entity.getRoleId());
put("permissionId", entity.getId()); put("permissionId", entity.getPermissionId());
}}; }};
deletePhysics(criteria); deletePhysics(criteria);
} }

View File

@ -317,7 +317,7 @@ public class RoleServiceImpl extends BaseServiceImpl<RoleMapper, Role> implement
role.getPermissionList() role.getPermissionList()
.stream() .stream()
.forEach(permission -> { .forEach(permission -> {
if (!dbPermissionIdBuffer.toString().contains(S.join("_", role.getId(), "_"))) { if (!dbPermissionIdBuffer.toString().contains(S.join("_", permission.getId(), "_"))) {
RolePermission entity = new RolePermission(); RolePermission entity = new RolePermission();
entity.setRoleId(role.getId()); entity.setRoleId(role.getId());
entity.setPermissionId(permission.getId()); entity.setPermissionId(permission.getId());

View File

@ -147,10 +147,12 @@ public class SysUserServiceImpl extends BaseServiceImpl<SysUserMapper, SysUser>
put("userId", sysUser.getId()); put("userId", sysUser.getId());
put("userType", iUserType.getType()); put("userType", iUserType.getType());
}}; }};
try {
if (!userRoleService.deletePhysics(criteria)) { userRoleService.deletePhysics(criteria);
throw new ShiroCustomException(Status.FAIL_VALIDATION, "删除用户失败!"); } catch (Exception e) {
log.error("删除用户绑定角色失败!");
} }
return true; return true;
} }

View File

@ -0,0 +1,80 @@
package com.diboot.shiro.service.impl;
import com.baomidou.mybatisplus.core.conditions.query.LambdaQueryWrapper;
import com.baomidou.mybatisplus.core.conditions.query.QueryWrapper;
import com.baomidou.mybatisplus.core.toolkit.Wrappers;
import com.diboot.core.util.V;
import com.diboot.shiro.config.AuthType;
import com.diboot.shiro.entity.SysUser;
import com.diboot.shiro.jwt.BaseJwtAuthenticationToken;
import com.diboot.shiro.service.AuthWayService;
import com.diboot.shiro.service.SysUserService;
import com.diboot.shiro.util.AuthHelper;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.stereotype.Service;
import java.util.List;
/***
* 用户名无密码认证实现
* @author Yangzhao
* @version v2.0
* @date 2019/6/6
*/
@Service
public class UsernameNoPasswordAuthWayServiceImpl implements AuthWayService {
private final Logger logger = LoggerFactory.getLogger(UsernameNoPasswordAuthWayServiceImpl.class);
@Autowired
private SysUserService sysUserService;
private AuthType authType = AuthType.WX_USERNAME_NO_PASSWORD;
private BaseJwtAuthenticationToken token;
@Override
public AuthType authType() {
return authType;
}
@Override
public void initByToken(BaseJwtAuthenticationToken token) {
this.token = token;
}
@Override
public SysUser getUser() {
logger.debug("【获取用户】==>当前登陆用户类型 - {}- 账号{}", token.getIUserType().getType(), token.getAccount());
LambdaQueryWrapper<SysUser> query = Wrappers.<SysUser>lambdaQuery()
.eq(SysUser::getUsername, token.getAccount())
.eq(SysUser::getUserType, token.getIUserType().getType());
List<SysUser> userList = sysUserService.getEntityList(query);
if (V.isEmpty(userList)){
return null;
}
return userList.get(0);
}
@Override
public boolean requirePassword() {
return authType.isRequirePassword();
}
@Override
public boolean isPasswordMatch() {
return true;
}
@Override
public boolean isPreliminaryVerified() {
return false;
}
@Override
public Long getExpiresInMinutes() {
return null;
}
}

View File

@ -22,13 +22,11 @@ import java.util.Date;
public class JwtHelper { public class JwtHelper {
private static final Logger logger = LoggerFactory.getLogger(JwtHelper.class); private static final Logger logger = LoggerFactory.getLogger(JwtHelper.class);
private static final String ISSUER = V.notEmpty(BaseConfig.getProperty("diboot.shiro.jwt.issuer")) ? BaseConfig.getProperty("diboot.shiro.jwt.issuer") : "diboot.com"; private static final String ISSUER = V.notEmpty(BaseConfig.getProperty("diboot.shiro.jwt.issuer", new String[0])) ? BaseConfig.getProperty("diboot.shiro.jwt.issuer", new String[0]) : "diboot.com";
private static final String AUTH_HEADER = V.notEmpty(BaseConfig.getProperty("diboot.shiro.jwt.authz.header.key")) ? BaseConfig.getProperty("diboot.shiro.jwt.authz.header.key") : "authtoken"; private static final String AUTH_HEADER = V.notEmpty(BaseConfig.getProperty("diboot.shiro.jwt.authz.header.key", new String[0])) ? BaseConfig.getProperty("diboot.shiro.jwt.authz.header.key", new String[0]) : "authtoken";
private static final String TOKEN_PREFIX = V.notEmpty(BaseConfig.getProperty("diboot.shiro.jwt.token.prefix")) ? BaseConfig.getProperty("diboot.shiro.jwt.token.prefix") : "Bearer "; private static final String TOKEN_PREFIX = V.notEmpty(BaseConfig.getProperty("diboot.shiro.jwt.token.prefix", new String[0])) ? BaseConfig.getProperty("diboot.shiro.jwt.token.prefix", new String[0]) : "Bearer ";
public static final String SIGN_KEY = V.notEmpty(BaseConfig.getProperty("diboot.shiro.jwt.signkey"))? BaseConfig.getProperty("diboot.shiro.jwt.signkey") : "Dibo2016Mazc"; public static final String SIGN_KEY = V.notEmpty(BaseConfig.getProperty("diboot.shiro.jwt.signkey", new String[0])) ? BaseConfig.getProperty("diboot.shiro.jwt.signkey", new String[0]) : "Dibo2016Mazc";
public static final int EXPIRES_IN_MINUTES = V.notEmpty(BaseConfig.getProperty("diboot.shiro.jwt.token.expires.hours", new String[0])) ? Integer.valueOf(BaseConfig.getProperty("diboot.shiro.jwt.token.expires.hours", new String[0])) * 60 : 120;
// 默认过期时间 2小时
public static final int EXPIRES_IN_MINUTES = V.notEmpty(BaseConfig.getProperty("diboot.shiro.jwt.token.expires.hours")) ? Integer.valueOf(BaseConfig.getProperty("diboot.shiro.jwt.token.expires.hours")) * 60 : 2 * 60;
private static final SignatureAlgorithm SIGNATURE_ALGORITHM = SignatureAlgorithm.HS256; private static final SignatureAlgorithm SIGNATURE_ALGORITHM = SignatureAlgorithm.HS256;
/*** /***