修复shiro2.0.3组件bug
This commit is contained in:
parent
0b5c8d6633
commit
4d36d8aefe
21
build.gradle
21
build.gradle
|
@ -3,8 +3,10 @@ buildscript {
|
||||||
springBootVersion = '2.2.1.RELEASE'
|
springBootVersion = '2.2.1.RELEASE'
|
||||||
}
|
}
|
||||||
repositories {
|
repositories {
|
||||||
mavenLocal() //优先查找本地maven库,性能最好
|
// mavenLocal() //优先查找本地maven库,性能最好
|
||||||
maven{ url 'http://maven.aliyun.com/nexus/content/groups/public/'}
|
maven { url 'http://maven.diboot.com/repository/diboot' }
|
||||||
|
maven { url 'http://maven.aliyun.com/nexus/content/groups/public/' }
|
||||||
|
|
||||||
}
|
}
|
||||||
dependencies {
|
dependencies {
|
||||||
classpath("org.springframework.boot:spring-boot-gradle-plugin:${springBootVersion}")
|
classpath("org.springframework.boot:spring-boot-gradle-plugin:${springBootVersion}")
|
||||||
|
@ -26,11 +28,12 @@ subprojects {
|
||||||
|
|
||||||
sourceCompatibility = 1.8
|
sourceCompatibility = 1.8
|
||||||
targetCompatibility = 1.8
|
targetCompatibility = 1.8
|
||||||
|
|
||||||
[compileJava,compileTestJava,javadoc]*.options*.encoding = 'UTF-8'
|
[compileJava, compileTestJava, javadoc]*.options*.encoding = 'UTF-8'
|
||||||
repositories {
|
repositories {
|
||||||
mavenLocal() //优先查找本地maven库,性能最好
|
// mavenLocal() //优先查找本地maven库,性能最好
|
||||||
maven{ url 'http://maven.aliyun.com/nexus/content/groups/public/'}
|
maven { url 'http://maven.diboot.com/repository/diboot' }
|
||||||
|
maven { url 'http://maven.aliyun.com/nexus/content/groups/public/' }
|
||||||
}
|
}
|
||||||
ext {//依赖版本
|
ext {//依赖版本
|
||||||
springBootVersion = "2.2.1.RELEASE"
|
springBootVersion = "2.2.1.RELEASE"
|
||||||
|
@ -42,7 +45,7 @@ subprojects {
|
||||||
}
|
}
|
||||||
dependencies {
|
dependencies {
|
||||||
// Gradle 5.0及以上版本,使用如下方式
|
// Gradle 5.0及以上版本,使用如下方式
|
||||||
// annotationProcessor("org.projectlombok:lombok:$lombokVersion")
|
annotationProcessor("org.projectlombok:lombok:$lombokVersion")
|
||||||
//gradle 5.0版本以下,使用如下方式
|
//gradle 5.0版本以下,使用如下方式
|
||||||
compileOnly("org.projectlombok:lombok:$lombokVersion")
|
compileOnly("org.projectlombok:lombok:$lombokVersion")
|
||||||
|
|
||||||
|
@ -60,9 +63,9 @@ subprojects {
|
||||||
compile("org.hibernate.validator:hibernate-validator:$validatorVersion")
|
compile("org.hibernate.validator:hibernate-validator:$validatorVersion")
|
||||||
// Apache Commons
|
// Apache Commons
|
||||||
compile("org.apache.commons:commons-lang3:3.8.1",
|
compile("org.apache.commons:commons-lang3:3.8.1",
|
||||||
// "commons-fileupload:commons-fileupload:1.3.3",
|
// "commons-fileupload:commons-fileupload:1.3.3",
|
||||||
"commons-io:commons-io:2.6")
|
"commons-io:commons-io:2.6")
|
||||||
|
|
||||||
// 单元测试
|
// 单元测试
|
||||||
testCompile("org.springframework.boot:spring-boot-starter-test:$springBootVersion")
|
testCompile("org.springframework.boot:spring-boot-starter-test:$springBootVersion")
|
||||||
testCompile("junit:junit:4.12")
|
testCompile("junit:junit:4.12")
|
||||||
|
|
|
@ -1,7 +1,8 @@
|
||||||
|
|
||||||
dependencies {
|
dependencies {
|
||||||
compile project(":diboot-core")
|
compile 'com.diboot:diboot-core-spring-boot-starter:2.0.3-RC1'
|
||||||
|
// compile("com.diboot:diboot-core-spring-boot-starter:2.0.3-RC3")
|
||||||
|
|
||||||
compile("org.apache.shiro:shiro-spring:1.4.1")
|
compile("org.apache.shiro:shiro-spring:1.4.1")
|
||||||
compile("org.aspectj:aspectjweaver")
|
compile("org.aspectj:aspectjweaver")
|
||||||
compile("com.auth0:java-jwt:3.4.1",
|
compile("com.auth0:java-jwt:3.4.1",
|
||||||
|
@ -9,6 +10,10 @@ dependencies {
|
||||||
|
|
||||||
testCompile group: 'junit', name: 'junit', version: '4.12'
|
testCompile group: 'junit', name: 'junit', version: '4.12'
|
||||||
}
|
}
|
||||||
|
group 'com.diboot'
|
||||||
|
version '2.0.3'
|
||||||
|
apply plugin: 'idea'
|
||||||
|
jar.enabled = true
|
||||||
|
|
||||||
sourceSets {
|
sourceSets {
|
||||||
main {
|
main {
|
||||||
|
|
|
@ -15,7 +15,8 @@ public enum AuthType {
|
||||||
|
|
||||||
USERNAME_PASSWORD(1, true, "账号密码"),
|
USERNAME_PASSWORD(1, true, "账号密码"),
|
||||||
WX_MP(2, false, "公众号"),
|
WX_MP(2, false, "公众号"),
|
||||||
WX_CP(3, false, "企业微信");
|
WX_CP(3, false, "企业微信"),
|
||||||
|
WX_USERNAME_NO_PASSWORD(4, false, "微信绑定,用户免密登录"),;
|
||||||
|
|
||||||
private int code;
|
private int code;
|
||||||
private boolean requirePassword;
|
private boolean requirePassword;
|
||||||
|
|
|
@ -54,7 +54,7 @@ public class PermissionController extends BaseCrudRestController {
|
||||||
@GetMapping("/list")
|
@GetMapping("/list")
|
||||||
@AuthorizationWrapper(value = @RequiresPermissions("list"), name = "列表")
|
@AuthorizationWrapper(value = @RequiresPermissions("list"), name = "列表")
|
||||||
public JsonResult getVOList(PermissionDto permissionDto, Pagination pagination, HttpServletRequest request) throws Exception{
|
public JsonResult getVOList(PermissionDto permissionDto, Pagination pagination, HttpServletRequest request) throws Exception{
|
||||||
QueryWrapper<PermissionDto> queryWrapper = super.buildQueryWrapper(permissionDto, request);
|
QueryWrapper<PermissionDto> queryWrapper = super.buildQueryWrapper(permissionDto);
|
||||||
// 查询当前页的Entity主表数据
|
// 查询当前页的Entity主表数据
|
||||||
List<Permission> entityList = permissionService.getPermissionList(queryWrapper, pagination);
|
List<Permission> entityList = permissionService.getPermissionList(queryWrapper, pagination);
|
||||||
return new JsonResult(Status.OK, entityList).bindPagination(pagination);
|
return new JsonResult(Status.OK, entityList).bindPagination(pagination);
|
||||||
|
@ -81,13 +81,13 @@ public class PermissionController extends BaseCrudRestController {
|
||||||
*/
|
*/
|
||||||
@PostMapping("/")
|
@PostMapping("/")
|
||||||
@AuthorizationWrapper(value = @RequiresPermissions("create"), name = "新建")
|
@AuthorizationWrapper(value = @RequiresPermissions("create"), name = "新建")
|
||||||
public JsonResult createEntity(@ModelAttribute PermissionVO viewObject, HttpServletRequest request)
|
public JsonResult createEntity(@ModelAttribute PermissionVO viewObject, HttpServletRequest request, BindingResult result)
|
||||||
throws Exception{
|
throws Exception{
|
||||||
// 转换
|
// 转换
|
||||||
Permission entity = BeanUtils.convert(viewObject, Permission.class);
|
Permission entity = BeanUtils.convert(viewObject, Permission.class);
|
||||||
// 创建
|
// 创建
|
||||||
entity.setApplication(systemParamConfig.getApplication());
|
entity.setApplication(systemParamConfig.getApplication());
|
||||||
return super.createEntity(entity, request);
|
return super.createEntity(entity, result);
|
||||||
}
|
}
|
||||||
|
|
||||||
/***
|
/***
|
||||||
|
@ -99,9 +99,9 @@ public class PermissionController extends BaseCrudRestController {
|
||||||
@PutMapping("/{id}")
|
@PutMapping("/{id}")
|
||||||
@AuthorizationWrapper(value = @RequiresPermissions("update"), name = "更新")
|
@AuthorizationWrapper(value = @RequiresPermissions("update"), name = "更新")
|
||||||
public JsonResult updateModel(@PathVariable("id")Long id, @ModelAttribute Permission entity,
|
public JsonResult updateModel(@PathVariable("id")Long id, @ModelAttribute Permission entity,
|
||||||
HttpServletRequest request) throws Exception{
|
HttpServletRequest request, BindingResult result) throws Exception{
|
||||||
entity.setApplication(systemParamConfig.getApplication());
|
entity.setApplication(systemParamConfig.getApplication());
|
||||||
return super.updateEntity(id, entity, request);
|
return super.updateEntity(entity, result);
|
||||||
}
|
}
|
||||||
|
|
||||||
/***
|
/***
|
||||||
|
@ -113,7 +113,7 @@ public class PermissionController extends BaseCrudRestController {
|
||||||
@DeleteMapping("/{id}")
|
@DeleteMapping("/{id}")
|
||||||
@AuthorizationWrapper(value = @RequiresPermissions("delete"), name = "删除")
|
@AuthorizationWrapper(value = @RequiresPermissions("delete"), name = "删除")
|
||||||
public JsonResult deleteModel(@PathVariable("id")Long id, HttpServletRequest request) throws Exception{
|
public JsonResult deleteModel(@PathVariable("id")Long id, HttpServletRequest request) throws Exception{
|
||||||
return super.deleteEntity(id, request);
|
return super.deleteEntity(id);
|
||||||
}
|
}
|
||||||
|
|
||||||
@Override
|
@Override
|
||||||
|
|
|
@ -62,7 +62,7 @@ public class RoleController extends BaseCrudRestController {
|
||||||
@GetMapping("/list")
|
@GetMapping("/list")
|
||||||
@AuthorizationWrapper(value = @RequiresPermissions("list"), name = "列表")
|
@AuthorizationWrapper(value = @RequiresPermissions("list"), name = "列表")
|
||||||
public JsonResult getVOList(RoleDto roleDto, Pagination pagination, HttpServletRequest request) throws Exception{
|
public JsonResult getVOList(RoleDto roleDto, Pagination pagination, HttpServletRequest request) throws Exception{
|
||||||
QueryWrapper<RoleDto> queryWrapper = super.buildQueryWrapper(roleDto, request);
|
QueryWrapper<RoleDto> queryWrapper = super.buildQueryWrapper(roleDto);
|
||||||
// 获取结果
|
// 获取结果
|
||||||
List<RoleVO> voList = roleService.getRoleList(queryWrapper, pagination);
|
List<RoleVO> voList = roleService.getRoleList(queryWrapper, pagination);
|
||||||
// 返回结果
|
// 返回结果
|
||||||
|
@ -92,10 +92,6 @@ public class RoleController extends BaseCrudRestController {
|
||||||
@AuthorizationWrapper(value = @RequiresPermissions("update"), name = "更新")
|
@AuthorizationWrapper(value = @RequiresPermissions("update"), name = "更新")
|
||||||
public JsonResult updateModel(@PathVariable("id")Long id, @RequestBody Role entity, BindingResult result,
|
public JsonResult updateModel(@PathVariable("id")Long id, @RequestBody Role entity, BindingResult result,
|
||||||
HttpServletRequest request) throws Exception{
|
HttpServletRequest request) throws Exception{
|
||||||
// Model属性值验证结果
|
|
||||||
if(result.hasErrors()) {
|
|
||||||
return new JsonResult(Status.FAIL_INVALID_PARAM, V.getBindingError(result));
|
|
||||||
}
|
|
||||||
entity.setId(id);
|
entity.setId(id);
|
||||||
roleService.updateRole(entity);
|
roleService.updateRole(entity);
|
||||||
return new JsonResult(Status.OK);
|
return new JsonResult(Status.OK);
|
||||||
|
|
|
@ -12,8 +12,8 @@
|
||||||
<if test="ew.roleId">
|
<if test="ew.roleId">
|
||||||
AND role_id = #{ew.roleId}
|
AND role_id = #{ew.roleId}
|
||||||
</if>
|
</if>
|
||||||
<if test="ew.permission_id">
|
<if test="ew.permissionId">
|
||||||
AND user_type = #{ew.userType}
|
AND permission_id = #{ew.permissionId}
|
||||||
</if>
|
</if>
|
||||||
</when>
|
</when>
|
||||||
<otherwise>
|
<otherwise>
|
||||||
|
|
|
@ -51,7 +51,7 @@ public class RolePermissionServiceImpl extends BaseServiceImpl<RolePermissionMap
|
||||||
else if (entity.isDeleted()){
|
else if (entity.isDeleted()){
|
||||||
Map<String, Object> criteria = new HashMap(){{
|
Map<String, Object> criteria = new HashMap(){{
|
||||||
put("roleId", entity.getRoleId());
|
put("roleId", entity.getRoleId());
|
||||||
put("permissionId", entity.getId());
|
put("permissionId", entity.getPermissionId());
|
||||||
}};
|
}};
|
||||||
deletePhysics(criteria);
|
deletePhysics(criteria);
|
||||||
}
|
}
|
||||||
|
|
|
@ -317,7 +317,7 @@ public class RoleServiceImpl extends BaseServiceImpl<RoleMapper, Role> implement
|
||||||
role.getPermissionList()
|
role.getPermissionList()
|
||||||
.stream()
|
.stream()
|
||||||
.forEach(permission -> {
|
.forEach(permission -> {
|
||||||
if (!dbPermissionIdBuffer.toString().contains(S.join("_", role.getId(), "_"))) {
|
if (!dbPermissionIdBuffer.toString().contains(S.join("_", permission.getId(), "_"))) {
|
||||||
RolePermission entity = new RolePermission();
|
RolePermission entity = new RolePermission();
|
||||||
entity.setRoleId(role.getId());
|
entity.setRoleId(role.getId());
|
||||||
entity.setPermissionId(permission.getId());
|
entity.setPermissionId(permission.getId());
|
||||||
|
|
|
@ -147,10 +147,12 @@ public class SysUserServiceImpl extends BaseServiceImpl<SysUserMapper, SysUser>
|
||||||
put("userId", sysUser.getId());
|
put("userId", sysUser.getId());
|
||||||
put("userType", iUserType.getType());
|
put("userType", iUserType.getType());
|
||||||
}};
|
}};
|
||||||
|
try {
|
||||||
if (!userRoleService.deletePhysics(criteria)) {
|
userRoleService.deletePhysics(criteria);
|
||||||
throw new ShiroCustomException(Status.FAIL_VALIDATION, "删除用户失败!");
|
} catch (Exception e) {
|
||||||
|
log.error("删除用户绑定角色失败!");
|
||||||
}
|
}
|
||||||
|
|
||||||
return true;
|
return true;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
|
@ -0,0 +1,80 @@
|
||||||
|
package com.diboot.shiro.service.impl;
|
||||||
|
|
||||||
|
import com.baomidou.mybatisplus.core.conditions.query.LambdaQueryWrapper;
|
||||||
|
import com.baomidou.mybatisplus.core.conditions.query.QueryWrapper;
|
||||||
|
import com.baomidou.mybatisplus.core.toolkit.Wrappers;
|
||||||
|
import com.diboot.core.util.V;
|
||||||
|
import com.diboot.shiro.config.AuthType;
|
||||||
|
import com.diboot.shiro.entity.SysUser;
|
||||||
|
import com.diboot.shiro.jwt.BaseJwtAuthenticationToken;
|
||||||
|
import com.diboot.shiro.service.AuthWayService;
|
||||||
|
import com.diboot.shiro.service.SysUserService;
|
||||||
|
import com.diboot.shiro.util.AuthHelper;
|
||||||
|
import org.slf4j.Logger;
|
||||||
|
import org.slf4j.LoggerFactory;
|
||||||
|
import org.springframework.beans.factory.annotation.Autowired;
|
||||||
|
import org.springframework.stereotype.Service;
|
||||||
|
|
||||||
|
import java.util.List;
|
||||||
|
|
||||||
|
/***
|
||||||
|
* 用户名无密码认证实现
|
||||||
|
* @author Yangzhao
|
||||||
|
* @version v2.0
|
||||||
|
* @date 2019/6/6
|
||||||
|
*/
|
||||||
|
@Service
|
||||||
|
public class UsernameNoPasswordAuthWayServiceImpl implements AuthWayService {
|
||||||
|
|
||||||
|
private final Logger logger = LoggerFactory.getLogger(UsernameNoPasswordAuthWayServiceImpl.class);
|
||||||
|
|
||||||
|
@Autowired
|
||||||
|
private SysUserService sysUserService;
|
||||||
|
|
||||||
|
private AuthType authType = AuthType.WX_USERNAME_NO_PASSWORD;
|
||||||
|
|
||||||
|
private BaseJwtAuthenticationToken token;
|
||||||
|
|
||||||
|
@Override
|
||||||
|
public AuthType authType() {
|
||||||
|
return authType;
|
||||||
|
}
|
||||||
|
|
||||||
|
@Override
|
||||||
|
public void initByToken(BaseJwtAuthenticationToken token) {
|
||||||
|
this.token = token;
|
||||||
|
}
|
||||||
|
|
||||||
|
@Override
|
||||||
|
public SysUser getUser() {
|
||||||
|
logger.debug("【获取用户】==>当前登陆用户类型 - {},- 账号{}", token.getIUserType().getType(), token.getAccount());
|
||||||
|
LambdaQueryWrapper<SysUser> query = Wrappers.<SysUser>lambdaQuery()
|
||||||
|
.eq(SysUser::getUsername, token.getAccount())
|
||||||
|
.eq(SysUser::getUserType, token.getIUserType().getType());
|
||||||
|
List<SysUser> userList = sysUserService.getEntityList(query);
|
||||||
|
if (V.isEmpty(userList)){
|
||||||
|
return null;
|
||||||
|
}
|
||||||
|
return userList.get(0);
|
||||||
|
}
|
||||||
|
|
||||||
|
@Override
|
||||||
|
public boolean requirePassword() {
|
||||||
|
return authType.isRequirePassword();
|
||||||
|
}
|
||||||
|
|
||||||
|
@Override
|
||||||
|
public boolean isPasswordMatch() {
|
||||||
|
return true;
|
||||||
|
}
|
||||||
|
|
||||||
|
@Override
|
||||||
|
public boolean isPreliminaryVerified() {
|
||||||
|
return false;
|
||||||
|
}
|
||||||
|
|
||||||
|
@Override
|
||||||
|
public Long getExpiresInMinutes() {
|
||||||
|
return null;
|
||||||
|
}
|
||||||
|
}
|
|
@ -22,13 +22,11 @@ import java.util.Date;
|
||||||
public class JwtHelper {
|
public class JwtHelper {
|
||||||
private static final Logger logger = LoggerFactory.getLogger(JwtHelper.class);
|
private static final Logger logger = LoggerFactory.getLogger(JwtHelper.class);
|
||||||
|
|
||||||
private static final String ISSUER = V.notEmpty(BaseConfig.getProperty("diboot.shiro.jwt.issuer")) ? BaseConfig.getProperty("diboot.shiro.jwt.issuer") : "diboot.com";
|
private static final String ISSUER = V.notEmpty(BaseConfig.getProperty("diboot.shiro.jwt.issuer", new String[0])) ? BaseConfig.getProperty("diboot.shiro.jwt.issuer", new String[0]) : "diboot.com";
|
||||||
private static final String AUTH_HEADER = V.notEmpty(BaseConfig.getProperty("diboot.shiro.jwt.authz.header.key")) ? BaseConfig.getProperty("diboot.shiro.jwt.authz.header.key") : "authtoken";
|
private static final String AUTH_HEADER = V.notEmpty(BaseConfig.getProperty("diboot.shiro.jwt.authz.header.key", new String[0])) ? BaseConfig.getProperty("diboot.shiro.jwt.authz.header.key", new String[0]) : "authtoken";
|
||||||
private static final String TOKEN_PREFIX = V.notEmpty(BaseConfig.getProperty("diboot.shiro.jwt.token.prefix")) ? BaseConfig.getProperty("diboot.shiro.jwt.token.prefix") : "Bearer ";
|
private static final String TOKEN_PREFIX = V.notEmpty(BaseConfig.getProperty("diboot.shiro.jwt.token.prefix", new String[0])) ? BaseConfig.getProperty("diboot.shiro.jwt.token.prefix", new String[0]) : "Bearer ";
|
||||||
public static final String SIGN_KEY = V.notEmpty(BaseConfig.getProperty("diboot.shiro.jwt.signkey"))? BaseConfig.getProperty("diboot.shiro.jwt.signkey") : "Dibo2016Mazc";
|
public static final String SIGN_KEY = V.notEmpty(BaseConfig.getProperty("diboot.shiro.jwt.signkey", new String[0])) ? BaseConfig.getProperty("diboot.shiro.jwt.signkey", new String[0]) : "Dibo2016Mazc";
|
||||||
|
public static final int EXPIRES_IN_MINUTES = V.notEmpty(BaseConfig.getProperty("diboot.shiro.jwt.token.expires.hours", new String[0])) ? Integer.valueOf(BaseConfig.getProperty("diboot.shiro.jwt.token.expires.hours", new String[0])) * 60 : 120;
|
||||||
// 默认过期时间 2小时
|
|
||||||
public static final int EXPIRES_IN_MINUTES = V.notEmpty(BaseConfig.getProperty("diboot.shiro.jwt.token.expires.hours")) ? Integer.valueOf(BaseConfig.getProperty("diboot.shiro.jwt.token.expires.hours")) * 60 : 2 * 60;
|
|
||||||
private static final SignatureAlgorithm SIGNATURE_ALGORITHM = SignatureAlgorithm.HS256;
|
private static final SignatureAlgorithm SIGNATURE_ALGORITHM = SignatureAlgorithm.HS256;
|
||||||
|
|
||||||
/***
|
/***
|
||||||
|
|
Loading…
Reference in New Issue