Skip to content
项目
群组
代码片段
帮助
正在加载...
帮助
提交反馈
为 GitLab 提交贡献
登录
切换导航
I
ibzuaa
项目
项目
详情
动态
版本
周期分析
仓库
仓库
文件
提交
分支
标签
贡献者
分支图
比较
统计图
议题
0
议题
0
列表
看板
标记
里程碑
合并请求
0
合并请求
0
CI / CD
CI / CD
流水线
作业
计划
统计图
Wiki
Wiki
代码片段
代码片段
成员
成员
收起侧边栏
关闭侧边栏
动态
分支图
统计图
创建新议题
作业
提交
议题看板
打开侧边栏
ibiz4jteam
ibzuaa
提交
7b7d83fd
提交
7b7d83fd
编写于
4年前
作者:
sq3536
浏览文件
操作
浏览文件
下载
差异文件
Merge remote-tracking branch 'origin/master'
上级
b44fa6f2
9fbf01bd
变更
16
展开全部
隐藏空白字符变更
内嵌
并排
正在显示
16 个修改的文件
包含
201 行增加
和
394 行删除
+201
-394
package.json
app_web/package.json
+1
-1
ibiz-group-picker.vue
...eb/src/components/ibiz-group-picker/ibiz-group-picker.vue
+1
-1
ibiz-group-select.vue
...eb/src/components/ibiz-group-select/ibiz-group-select.vue
+11
-1
sys-role-permissioncustom-view.vue
...-permissioncustom-view/sys-role-permissioncustom-view.vue
+29
-7
DevBootSecurityConfig.java
...rc/main/java/cn/ibizlab/config/DevBootSecurityConfig.java
+2
-0
SysStructure.java
...a/cn/ibizlab/core/uaa/extensions/domain/SysStructure.java
+0
-1
systemResource.json
...aa-core/src/main/resources/permission/systemResource.json
+2
-1
apiSecurityConfig.java
...rc/main/java/cn/ibizlab/api/config/apiSecurityConfig.java
+2
-0
SysPSSystemResource.java
...rc/main/java/cn/ibizlab/api/rest/SysPSSystemResource.java
+1
-1
ClientAuthenticationResource.java
...lab/api/rest/extensions/ClientAuthenticationResource.java
+15
-206
IBZUAAFallback.java
.../src/main/java/cn/ibizlab/util/client/IBZUAAFallback.java
+2
-2
IBZUAAFeignClient.java
...c/main/java/cn/ibizlab/util/client/IBZUAAFeignClient.java
+4
-5
PermissionSyncJob.java
.../src/main/java/cn/ibizlab/util/job/PermissionSyncJob.java
+6
-2
AppController.java
...til/src/main/java/cn/ibizlab/util/rest/AppController.java
+22
-13
AuthPermissionEvaluator.java
...ava/cn/ibizlab/util/security/AuthPermissionEvaluator.java
+99
-153
IBZUSERServiceImpl.java
...main/java/cn/ibizlab/util/service/IBZUSERServiceImpl.java
+4
-0
未找到文件。
app_web/package.json
浏览文件 @
7b7d83fd
...
...
@@ -25,7 +25,7 @@
"file-saver"
:
"^2.0.2"
,
"font-awesome"
:
"^4.7.0"
,
"ibiz-gantt-elastic"
:
"^1.0.12"
,
"ibiz-vue-lib"
:
"^0.1.
6
"
,
"ibiz-vue-lib"
:
"^0.1.
7
"
,
"interactjs"
:
"^1.9.4"
,
"moment"
:
"^2.24.0"
,
"path-to-regexp"
:
"^6.1.0"
,
...
...
This diff is collapsed.
Click to expand it.
app_web/src/components/ibiz-group-picker/ibiz-group-picker.vue
浏览文件 @
7b7d83fd
...
...
@@ -159,7 +159,7 @@ export default class IBizGroupPicker extends Vue {
* @memberof IBizGroupPicker
*/
public
loadTree
()
{
let
orgid
=
this
.
viewParam
.
hasfilter
?
this
.
viewParam
.
filtervalue
:
'450000'
;
let
orgid
=
this
.
viewParam
.
filtervalue
?
this
.
viewParam
.
filtervalue
:
"alls"
;
let
get
=
Http
.
getInstance
().
get
(
`/ibzorganizations/
${
orgid
}
/suborg/ibzdepartments/picker`
,
true
);
get
.
then
((
response
:
any
)
=>
{
if
(
response
.
status
===
200
)
{
...
...
This diff is collapsed.
Click to expand it.
app_web/src/components/ibiz-group-select/ibiz-group-select.vue
浏览文件 @
7b7d83fd
...
...
@@ -166,10 +166,20 @@ export default class IBizGroupSelect extends Vue {
title
:
'分组选择'
};
const
context
:
any
=
JSON
.
parse
(
JSON
.
stringify
(
this
.
context
));
let
filtervalue
:
string
=
""
;
if
(
this
.
filter
){
if
(
this
.
data
[
this
.
filter
]){
filtervalue
=
this
.
data
[
this
.
filter
];
}
else
if
(
context
[
this
.
filter
]){
filtervalue
=
context
[
this
.
filter
];
}
else
{
filtervalue
=
context
.
srforgid
;
}
}
const
param
:
any
=
{};
Object
.
assign
(
param
,
{
hasfilter
:
this
.
filter
?
true
:
false
,
filtervalue
:
this
.
filter
?
this
.
data
[
this
.
filter
]
:
''
,
filtervalue
:
filtervalue
,
multiple
:
this
.
multiple
,
selects
:
this
.
selects
});
...
...
This diff is collapsed.
Click to expand it.
app_web/src/pages/uaa/sys-role-permissioncustom-view/sys-role-permissioncustom-view.vue
浏览文件 @
7b7d83fd
...
...
@@ -364,9 +364,13 @@
if
(
this
.
formDruipart
){
this
.
formDruipart
.
subscribe
((
res
:
any
)
=>
{
if
(
Object
.
is
(
res
.
action
,
'load'
)){
// 父数据保存时调用当前视图的
点击确定
事件
// 父数据保存时调用当前视图的事件
if
(
this
.
selectData
.
length
>
0
){
// 选中了数据
this
.
onClickOk
();
}
else
{
// 没选中数据
this
.
onClear
();
}
}
});
...
...
@@ -439,6 +443,10 @@
* @memberof SYS_ROLE_PERMISSIONCustomViewBase
*/
public
beforeDestroy
()
{
// 清空选中数据
this
.
selectData
=
{};
// 清空视图选中数据
this
.
viewSelections
=
[];
this
.
$store
.
commit
(
'viewaction/removeView'
,
this
.
viewtag
);
}
...
...
@@ -473,7 +481,6 @@
if
(
this
.
selectData
&&
this
.
selectData
.
length
>
0
)
{
// 判断选中的数据和初始数据
if
(
JSON
.
stringify
(
this
.
selectData
)
==
JSON
.
stringify
(
this
.
ininselectData
))
{
this
.
$emit
(
'close'
,
null
);
return
;
}
this
.
selectData
.
forEach
((
item
:
any
)
=>
{
...
...
@@ -498,15 +505,30 @@
}
}).
catch
((
e
)
=>
{
});
}
else
{
this
.
$Notice
.
error
({
title
:
'错误'
,
desc
:
'未选中数据!'
});
}
// 清空视图选中数据,避免重复添加
this
.
viewSelections
=
[];
}
/**
* 清除
*/
private
onClear
(){
// 未选中数据,即没有赋予任何权限,需要清除当前角色的所有权限
if
(
this
.
selectData
.
length
==
0
)
{
// 保存选中的权限信息
let
url
=
'/sysroles/'
+
this
.
srfparentkey
+
'/sysrolepermissions/refreshbatch'
;
this
.
$http
.
post
(
url
,[]).
then
((
response
:
any
)
=>
{
if
(
!
(
!
response
||
response
.
status
!==
200
))
{
}
else
{
this
.
$Notice
.
error
({
title
:
'错误'
,
desc
:
response
.
message
});
return
;
}
}).
catch
((
e
)
=>
{
});
}
}
}
</
script
>
...
...
This diff is collapsed.
Click to expand it.
ibzuaa-boot/src/main/java/cn/ibizlab/config/DevBootSecurityConfig.java
浏览文件 @
7b7d83fd
...
...
@@ -102,6 +102,8 @@ public class DevBootSecurityConfig extends WebSecurityConfigurerAdapter {
.
antMatchers
(
HttpMethod
.
POST
,
"/"
+
uaaLoginPath
).
permitAll
()
.
antMatchers
(
HttpMethod
.
POST
,
"/"
+
uaaLoginPath2
).
permitAll
()
.
antMatchers
(
"/syspssystems/**/permissiondata"
).
permitAll
()
//同步系统权限资源
.
antMatchers
(
"/syspssystems/save"
).
permitAll
()
.
antMatchers
(
"/uaa/login"
).
permitAll
()
.
anyRequest
().
authenticated
()
// 防止iframe 造成跨域
...
...
This diff is collapsed.
Click to expand it.
ibzuaa-core/src/main/java/cn/ibizlab/core/uaa/extensions/domain/SysStructure.java
浏览文件 @
7b7d83fd
...
...
@@ -7,7 +7,6 @@ import cn.ibizlab.core.uaa.extensions.domain.Structure.FuncItem;
import
cn.ibizlab.core.uaa.extensions.domain.Structure.UniResNode
;
import
com.alibaba.fastjson.annotation.JSONField
;
import
com.fasterxml.jackson.annotation.JsonProperty
;
import
liquibase.pro.packaged.S
;
import
lombok.Data
;
import
java.sql.Timestamp
;
...
...
This diff is collapsed.
Click to expand it.
ibzuaa-core/src/main/resources/permission/systemResource.json
浏览文件 @
7b7d83fd
{
"systemid"
:
"ibzuaa"
,
"unires"
:[
],
],
"entities"
:[
{
"dename"
:
"SysAuthLog"
,
...
...
This diff is collapsed.
Click to expand it.
ibzuaa-provider/ibzuaa-provider-api/src/main/java/cn/ibizlab/api/config/apiSecurityConfig.java
浏览文件 @
7b7d83fd
...
...
@@ -117,6 +117,8 @@ public class apiSecurityConfig extends WebSecurityConfigurerAdapter {
.
antMatchers
(
"/"
+
uploadpath
).
permitAll
()
.
antMatchers
(
"/"
+
previewpath
+
"/**"
).
permitAll
()
.
antMatchers
(
"/syspssystems/**/permissiondata"
).
permitAll
()
//同步系统权限资源
.
antMatchers
(
"/syspssystems/save"
).
permitAll
()
.
antMatchers
(
"/uaa/login"
).
permitAll
()
// 所有请求都需要认证
.
anyRequest
().
authenticated
()
...
...
This diff is collapsed.
Click to expand it.
ibzuaa-provider/ibzuaa-provider-api/src/main/java/cn/ibizlab/api/rest/SysPSSystemResource.java
浏览文件 @
7b7d83fd
...
...
@@ -105,7 +105,7 @@ public class SysPSSystemResource {
return
ResponseEntity
.
status
(
HttpStatus
.
OK
).
body
(
true
);
}
@PreAuthorize
(
"hasAnyAuthority('ROLE_SUPERADMIN','ibzuaa-SysPSSystem-Save-all')"
)
//
@PreAuthorize("hasAnyAuthority('ROLE_SUPERADMIN','ibzuaa-SysPSSystem-Save-all')")
@ApiOperation
(
value
=
"Save"
,
tags
=
{
"SysPSSystem"
},
notes
=
"Save"
)
@RequestMapping
(
method
=
RequestMethod
.
POST
,
value
=
"/syspssystems/save"
)
public
ResponseEntity
<
Boolean
>
save
(
@RequestBody
SysPSSystemDTO
syspssystemdto
)
{
...
...
This diff is collapsed.
Click to expand it.
ibzuaa-provider/ibzuaa-provider-api/src/main/java/cn/ibizlab/api/rest/extensions/ClientAuthenticationResource.java
浏览文件 @
7b7d83fd
此差异已折叠。
点击以展开。
ibzuaa-util/src/main/java/cn/ibizlab/util/client/IBZUAAFallback.java
浏览文件 @
7b7d83fd
...
...
@@ -9,8 +9,8 @@ import com.alibaba.fastjson.JSONObject;
public
class
IBZUAAFallback
implements
IBZUAAFeignClient
{
@Override
public
boolean
pushSystemPermissionData
(
String
systemid
,
JSONObject
systemPermissionData
)
{
return
false
;
public
Boolean
syncSysAuthority
(
JSONObject
system
)
{
return
null
;
}
@Override
...
...
This diff is collapsed.
Click to expand it.
ibzuaa-util/src/main/java/cn/ibizlab/util/client/IBZUAAFeignClient.java
浏览文件 @
7b7d83fd
...
...
@@ -10,13 +10,12 @@ import com.alibaba.fastjson.JSONObject;
public
interface
IBZUAAFeignClient
{
/**
* 推送系统权限数据到uaa
* @param systemid
* @param systemPermissionData
* 同步系统资源到uaa
* @param system 系统资源信息
* @return
*/
@PostMapping
(
"/syspssystems/
{systemid}/permissiondata
"
)
boolean
pushSystemPermissionData
(
@PathVariable
(
"systemid"
)
String
systemid
,
@RequestBody
JSONObject
systemPermissionData
);
@PostMapping
(
"/syspssystems/
save
"
)
Boolean
syncSysAuthority
(
@RequestBody
JSONObject
system
);
/**
* 用户登录
...
...
This diff is collapsed.
Click to expand it.
ibzuaa-util/src/main/java/cn/ibizlab/util/job/PermissionSyncJob.java
浏览文件 @
7b7d83fd
...
...
@@ -36,10 +36,14 @@ public class PermissionSyncJob implements ApplicationRunner {
Thread
.
sleep
(
10000
);
InputStream
permission
=
this
.
getClass
().
getResourceAsStream
(
"/permission/systemResource.json"
);
//获取当前系统所有实体资源能力
String
permissionResult
=
IOUtils
.
toString
(
permission
,
"UTF-8"
);
if
(
client
.
pushSystemPermissionData
(
systemId
,
JSONObject
.
parseObject
(
permissionResult
))){
JSONObject
system
=
new
JSONObject
();
system
.
put
(
"pssystemid"
,
systemId
);
system
.
put
(
"pssystemname"
,
systemId
);
system
.
put
(
"sysstructure"
,
JSONObject
.
parseObject
(
permissionResult
));
if
(
client
.
syncSysAuthority
(
system
)){
log
.
info
(
"向[UAA]同步系统资源成功"
);
}
else
{
log
.
info
(
String
.
format
(
"向[UAA]同步系统资源失败"
)
);
log
.
error
(
"向[UAA]同步系统资源失败"
);
}
}
catch
(
Exception
ex
)
{
...
...
This diff is collapsed.
Click to expand it.
ibzuaa-util/src/main/java/cn/ibizlab/util/rest/AppController.java
浏览文件 @
7b7d83fd
package
cn
.
ibizlab
.
util
.
rest
;
import
com.alibaba.fastjson.JSONArray
;
import
com.alibaba.fastjson.JSONObject
;
import
cn.ibizlab.util.security.AuthenticationUser
;
import
cn.ibizlab.util.service.AuthenticationUserService
;
import
org.springframework.beans.factory.annotation.Autowired
;
import
org.springframework.beans.factory.annotation.Value
;
import
org.springframework.http.HttpStatus
;
import
org.springframework.http.ResponseEntity
;
import
org.springframework.
util.ObjectUtils
;
import
org.springframework.
security.core.GrantedAuthority
;
import
org.springframework.web.bind.annotation.RequestMapping
;
import
org.springframework.web.bind.annotation.RequestMethod
;
import
org.springframework.web.bind.annotation.RestController
;
import
org.springframework.beans.factory.annotation.Value
;
import
org.springframework.beans.factory.annotation.Autowired
;
import
cn.ibizlab.util.security.AuthenticationUse
r
;
import
cn.ibizlab.util.service.AuthenticationUserService
;
import
java.util.Collection
;
import
java.util.HashSet
;
import
java.util.Iterato
r
;
import
java.util.Set
;
@RestController
@RequestMapping
(
value
=
""
)
...
...
@@ -27,14 +30,20 @@ public class AppController {
public
ResponseEntity
<
JSONObject
>
getAppData
()
{
JSONObject
appData
=
new
JSONObject
()
;
JSONArray
uniRes
=
new
JSONArray
();
JSONArray
appMenu
=
new
JSONArray
();
Set
<
String
>
appMenu
=
new
HashSet
();
Set
<
String
>
uniRes
=
new
HashSet
();
if
(
enablePermissionValid
){
JSONObject
userPermission
=
AuthenticationUser
.
getAuthenticationUser
().
getPermissionList
();
if
(!
ObjectUtils
.
isEmpty
(
userPermission
)){
uniRes
=
userPermission
.
getJSONArray
(
"unires"
);
appMenu
=
userPermission
.
getJSONArray
(
"appmenu"
);
}
Collection
<
GrantedAuthority
>
authorities
=
AuthenticationUser
.
getAuthenticationUser
().
getAuthorities
();
Iterator
it
=
authorities
.
iterator
();
while
(
it
.
hasNext
())
{
GrantedAuthority
authority
=
(
GrantedAuthority
)
it
.
next
();
String
strAuthority
=
authority
.
getAuthority
();
if
(
strAuthority
.
startsWith
(
"UNIRES"
))
uniRes
.
add
(
strAuthority
);
else
if
(
strAuthority
.
startsWith
(
"APPMENU"
))
appMenu
.
add
(
strAuthority
);
}
}
appData
.
put
(
"unires"
,
uniRes
);
appData
.
put
(
"appmenu"
,
appMenu
);
...
...
This diff is collapsed.
Click to expand it.
ibzuaa-util/src/main/java/cn/ibizlab/util/security/AuthPermissionEvaluator.java
浏览文件 @
7b7d83fd
此差异已折叠。
点击以展开。
ibzuaa-util/src/main/java/cn/ibizlab/util/service/IBZUSERServiceImpl.java
浏览文件 @
7b7d83fd
...
...
@@ -7,6 +7,7 @@ import cn.ibizlab.util.errors.BadRequestAlertException;
import
cn.ibizlab.util.helper.CachedBeanCopier
;
import
org.springframework.beans.factory.annotation.Value
;
import
org.springframework.context.annotation.Primary
;
import
org.springframework.security.core.authority.AuthorityUtils
;
import
org.springframework.security.core.userdetails.UsernameNotFoundException
;
import
org.springframework.stereotype.Service
;
import
cn.ibizlab.util.mapper.IBZUSERMapper
;
...
...
@@ -72,6 +73,9 @@ public class IBZUSERServiceImpl extends ServiceImpl<IBZUSERMapper, IBZUSER> impl
public
AuthenticationUser
createUserDetails
(
IBZUSER
user
)
{
AuthenticationUser
userdatail
=
new
AuthenticationUser
();
CachedBeanCopier
.
copy
(
user
,
userdatail
);
if
(
userdatail
.
getSuperuser
()==
1
){
userdatail
.
setAuthorities
(
AuthorityUtils
.
createAuthorityList
(
"ROLE_SUPERADMIN"
));
}
return
userdatail
;
}
}
\ No newline at end of file
This diff is collapsed.
Click to expand it.
编辑
预览
Markdown
格式
0%
请重试
or
添加新附件
添加附件
取消
您添加了
0
人
到此讨论。请谨慎行事。
先完成此消息的编辑!
取消
想要评论请
注册
或
登录