添加了资源权限验证

xiaoan-dao/src/main/java/com/xiaoan/dao/backend/ResourceRepository.java

@@ -2,12 +2,19 @@ package com.xiaoan.dao.backend;
 
 import com.xiaoan.domain.backend.ResourceEntity;
 import org.apache.ibatis.annotations.Mapper;
+import org.apache.ibatis.annotations.Select;
 import org.springframework.stereotype.Component;
 
+import java.util.List;
+
 /**
  * Created by owen on 2020/2/18 0018 11:13
  */
 @Mapper
 @Component
 public interface ResourceRepository extends IBaseRepository<ResourceEntity, Long> {
+
+    @Select(value = "select * from tb_role_resource z left join tb_resource r ON z.resource_id = r.id where z.role_id= #{userId}")
+    List<ResourceEntity> findRoleResourceByRoleId(Long id);
+
 }

xiaoan-dao/src/main/java/com/xiaoan/dao/backend/RoleRepository.java

@@ -1,12 +1,15 @@
 package com.xiaoan.dao.backend;
 
+import com.xiaoan.domain.backend.ResourceEntity;
 import com.xiaoan.domain.backend.RoleEntity;
+import com.xiaoan.domain.dto.response.ResourceResponse;
 import org.apache.ibatis.annotations.Mapper;
 import org.apache.ibatis.annotations.Select;
 import org.springframework.stereotype.Component;
 import org.springframework.transaction.annotation.Transactional;
 
 import java.math.BigInteger;
+import java.util.List;
 import java.util.Set;
 
 /**
@@ -25,4 +28,7 @@ public interface RoleRepository extends IBaseRepository<RoleEntity, Long> {
 
     @Select(value = "select resource_id from tb_role_resource where role_id= #{userId}")
     Set<BigInteger> findRoleResourceByRoleId(Long userId);
+
+    @Select(value = "select * from tb_role_resource z left join tb_resource r ON z.resource_id = r.id where z.role_id= #{userId}")
+    List<ResourceEntity> findDetailRoleResourceByRoleId(Long id);
 }

xiaoan-dao/src/main/java/com/xiaoan/dao/backend/provider/UserProvider.java

@@ -7,15 +7,20 @@ public class UserProvider {
 
     public String findAllBySearchKey(String searchKey){
         StringBuffer sql = new StringBuffer("SELECT a.id, a.real_name, a.sex, " +
-                "a.user_name, a.email, a.user_num, a.create_time, b.name as department_name, d.role_name " +
+                "a.user_name, a.email, a.user_num, a.create_time, a.phone, d.role_name, a.create_time, c.role_id, " +
+                "b.id as department_id, b.name as department_name, d.role_name " +
                 "FROM `tb_user` a LEFT JOIN `tb_department` b ON a.department_id = b.id " +
                 "LEFT JOIN `tb_user_role` c ON a.id = c.user_id " +
                 "LEFT JOIN `tb_role` d ON c.role_id = d.id where a.rec_status = 'A' ");
         if(searchKey != null){
             sql.append(" and(");
             sql.append(" a.real_name like '%").append(searchKey).append("%'");
+            sql.append(" or a.user_num like '%").append(searchKey).append("%'");
+            sql.append(" or a.email like '%").append(searchKey).append("%'");
+            sql.append(" or a.phone like '%").append(searchKey).append("%'");
             sql.append(" or b.name like '%").append(searchKey).append("%'");
             sql.append(" or d.role_name like '%").append(searchKey).append("%'");
+            sql.append(" or b.name like '%").append(searchKey).append("%'");
             sql.append( ")");
         }
         sql.append(" ORDER BY a.id DESC");

xiaoan-domain/src/main/java/com/xiaoan/domain/backend/ResourceEntity.java

@@ -41,7 +41,7 @@ public class ResourceEntity extends BaseModel implements Serializable {
     private String resourceType;
 
     @Column(length = 2)
-    private Byte sort;
+    private Integer sort;
 
     @Column(name = "parent_id")
     private Long parentId;

xiaoan-domain/src/main/java/com/xiaoan/domain/backend/RoleEntity.java

@@ -27,42 +27,4 @@ public class RoleEntity extends BaseModel implements Serializable {
 
     private String sort;
 
-//    @ManyToMany(fetch = FetchType.LAZY)
-
-//    @ManyToMany(fetch = FetchType.EAGER)
-//    @JoinTable(name = "tb_role_resource", joinColumns = {@JoinColumn(name = "role_id")}, inverseJoinColumns = {@JoinColumn(name = "resource_id")})
-//    @OrderBy("sort ASC")
-//    private Set<ResourceEntity> resources;
-
-//    public String getRoleName() {
-//        return roleName;
-//    }
-//
-//    public void setRoleName(String roleName) {
-//        this.roleName = roleName;
-//    }
-//
-//    public String getRoleDesc() {
-//        return roleDesc;
-//    }
-//
-//    public void setRoleDesc(String roleDesc) {
-//        this.roleDesc = roleDesc;
-//    }
-//
-//    public String getRoleKey() {
-//        return roleKey;
-//    }
-//
-//    public void setRoleKey(String roleKey) {
-//        this.roleKey = roleKey;
-//    }
-//
-//    public Set<ResourceEntity> getResources() {
-//        return resources;
-//    }
-//
-//    public void setResources(Set<ResourceEntity> resources) {
-//        this.resources = resources;
-//    }
 }

xiaoan-domain/src/main/java/com/xiaoan/domain/backend/UserEntity.java

@@ -46,5 +46,7 @@ public class UserEntity extends BaseModel implements Serializable {
     // 登录次数
     private Integer viewCount;
 
+    private String phone;
+
 
 }

xiaoan-domain/src/main/java/com/xiaoan/domain/dto/request/RoleRequest.java

@@ -20,9 +20,6 @@ public class RoleRequest {
 
     private String roleKey;
 
-    // 排序
-    private String sort;
-
     // 资源id
     private Set<Long> resources;
 }

xiaoan-domain/src/main/java/com/xiaoan/domain/dto/request/UserRequest.java

@@ -19,7 +19,7 @@ public class UserRequest{
      */
     private String userNum;
 
-    private byte sex; // 0:男  1：女
+    private int sex; // 0:男  1：女
 
     private String email;
 
@@ -27,5 +27,7 @@ public class UserRequest{
 
     private Long roleId; // 角色id
 
+    private String phone;
+
 //    private String searchKey; //搜索条件
 }

xiaoan-domain/src/main/java/com/xiaoan/domain/dto/response/ResourceResponse.java

@@ -0,0 +1,40 @@
+package com.xiaoan.domain.dto.response;
+
+import lombok.Data;
+
+import java.io.Serializable;
+import java.util.Date;
+
+/**
+ * Created by owen on 2020/3/18.
+ */
+@Data
+public class ResourceResponse implements Serializable {
+
+    private Long id;
+
+    private String roleKey;
+
+    private String roleDesc;
+
+    private String roleName;
+
+    private String userNum;
+
+    private int sex; // 0:男  1：女
+
+    private String email;
+
+    private String departmentName; //部门
+
+    private String phone;
+
+
+    private Date createTime;
+
+    // 角色id
+    private Long roleId;
+
+    // 部门id
+    private Long departmentId;
+}

xiaoan-domain/src/main/java/com/xiaoan/domain/dto/response/UserResponse.java

@@ -3,6 +3,7 @@ package com.xiaoan.domain.dto.response;
 import lombok.Data;
 
 import java.io.Serializable;
+import java.util.Date;
 
 /**
  * Created by Hb_zzZ on 2020/2/28.
@@ -20,9 +21,21 @@ public class UserResponse implements Serializable {
 
     private String userNum;
 
-    private byte sex; // 0:男  1：女
+    private int sex; // 0:男  1：女
 
     private String email;
 
     private String departmentName; //部门
+
+    private String phone;
+
+    private String roleName;
+
+    private Date createTime;
+
+    // 角色id
+    private Long roleId;
+
+    // 部门id
+    private Long departmentId;
 }

xiaoan-service/src/main/java/com/xiaoan/service/backend/ResourceService.java

@@ -16,6 +16,8 @@ public interface ResourceService extends IBaseService<ResourceEntity, Long> {
 
     List<ResourceTree> getResourcesTreeByUserPermission(UserEntity userEntity) throws Exception;
 
+    List<ResourceTree> getResourcesTreeByRolePermission(Long roleId) throws Exception;
+
     List<ResourceTree> getTree() throws Exception;
 
     List<ResourceEntity> getResourcesByUserPermission(UserEntity userEntity);

xiaoan-service/src/main/java/com/xiaoan/service/backend/RoleService.java

@@ -1,9 +1,12 @@
 package com.xiaoan.service.backend;
 
+import com.xiaoan.domain.backend.ResourceEntity;
 import com.xiaoan.domain.backend.RoleEntity;
+import com.xiaoan.domain.dto.response.ResourceResponse;
 import com.xiaoan.service.IBaseService;
 
 import java.math.BigInteger;
+import java.util.List;
 import java.util.Set;
 
 /**
@@ -16,4 +19,6 @@ public interface RoleService extends IBaseService<RoleEntity, Long> {
     void deleteRoleResource(Long roleId);
 
     Set<BigInteger> findRoleResourceByRoleId(Long id);
+
+    List<ResourceEntity> findDetailRoleResourceByRoleId(Long id);
 }

xiaoan-service/src/main/java/com/xiaoan/service/backend/impl/ResourceServiceImpl.java

@@ -85,6 +85,13 @@ public class ResourceServiceImpl extends BaseServiceImpl<ResourceEntity, Long> i
     }
 
     @Override
+    public List<ResourceTree> getResourcesTreeByRolePermission(Long roleId) throws Exception {
+        List<ResourceEntity> resources = resourceRepository.findRoleResourceByRoleId(roleId);
+        ResourceTreeUtil tree = new ResourceTreeUtil(resources);
+        return tree.buildTree();
+    }
+
+    @Override
 //    @Cacheable(value = "resourcesCache")
     public List<ResourceTree> getTree() throws Exception {
         List<ResourceEntity> resourceEntities = resourceRepository.selectAll();

xiaoan-service/src/main/java/com/xiaoan/service/backend/impl/RoleServiceImpl.java

@@ -2,7 +2,9 @@ package com.xiaoan.service.backend.impl;
 
 import com.xiaoan.dao.backend.IBaseRepository;
 import com.xiaoan.dao.backend.RoleRepository;
+import com.xiaoan.domain.backend.ResourceEntity;
 import com.xiaoan.domain.backend.RoleEntity;
+import com.xiaoan.domain.dto.response.ResourceResponse;
 import com.xiaoan.service.BaseServiceImpl;
 import com.xiaoan.service.backend.RoleService;
 import org.springframework.beans.factory.annotation.Autowired;
@@ -10,6 +12,7 @@ import org.springframework.stereotype.Service;
 import org.springframework.transaction.annotation.Transactional;
 
 import java.math.BigInteger;
+import java.util.List;
 import java.util.Set;
 
 
@@ -44,5 +47,10 @@ public class RoleServiceImpl extends BaseServiceImpl<RoleEntity, Long> implement
         return roleRepository.findRoleResourceByRoleId(id);
     }
 
+    @Override
+    public List<ResourceEntity> findDetailRoleResourceByRoleId(Long id) {
+        return roleRepository.findDetailRoleResourceByRoleId(id);
+    }
+
 
 }

xiaoan-web/src/main/java/com/xiaoan/web/backend/DepartmentController.java

@@ -13,6 +13,7 @@ import io.swagger.annotations.Api;
 import io.swagger.annotations.ApiOperation;
 import org.apache.commons.lang3.StringUtils;
 import org.apache.shiro.authz.annotation.Logical;
+import org.apache.shiro.authz.annotation.RequiresPermissions;
 import org.apache.shiro.authz.annotation.RequiresRoles;
 import org.springframework.beans.BeanUtils;
 import org.springframework.beans.factory.annotation.Autowired;
@@ -38,18 +39,19 @@ public class DepartmentController extends BaseController {
     @Autowired
     private DepartmentService departmentService;
 
-    @RequiresRoles(value = {"admin"}, logical = Logical.OR)
+    @RequiresPermissions("admin:department:list")
     @ApiOperation("分页获取部门列表/搜索")
     @WebControllerLog(description = "部门信息-查询列表")
     @PostMapping("list")
     public ResultJson list(@RequestBody PageDto param){
         Condition condition = new Condition(DepartmentEntity.class);
-        condition.and().andLike("name", "%" + param.getSearchKey()+ "%");
+        condition.or().andLike("name", "%" + param.getSearchKey()+ "%");
+        condition.or().andLike("num", "%" + param.getSearchKey()+ "%");
         PageInfo<DepartmentEntity> pageInfo = departmentService.findAll(condition, param.getPageNum(), param.getPageSize());
         return new ResultJson(MsgCode.SUCCESS_CODE, pageInfo);
     }
 
-    @RequiresRoles(value = {"admin"}, logical = Logical.OR)
+    @RequiresPermissions("admin:department:add")
     @ApiOperation("新增部门")
     @WebControllerLog(description = "部门信息-新增/修改部门")
     @PostMapping("save")
@@ -85,6 +87,7 @@ public class DepartmentController extends BaseController {
         return new ResultJson(MsgCode.SUCCESS_CODE, MsgCode.SUCCESS_MSG);
     }
 
+    @RequiresPermissions("admin:department:remove")
     @WebControllerLog(description = "部门信息-多部门删除")
     @RequiresRoles(value = {"admin"}, logical = Logical.OR)
     @ApiOperation("删除多部门")
@@ -94,7 +97,7 @@ public class DepartmentController extends BaseController {
         return new ResultJson(MsgCode.SUCCESS_CODE, MsgCode.SUCCESS_MSG);
     }
 
-    @RequiresRoles(value = {"admin"}, logical = Logical.OR)
+    @RequiresPermissions("admin:department:remove")
     @WebControllerLog(description = "部门信息-删除部门")
     @ApiOperation("部门信息-删除部门")
     @PostMapping("delete/{id}")

xiaoan-web/src/main/java/com/xiaoan/web/backend/IndexController.java

@@ -87,8 +87,8 @@ public class IndexController {
         HashMap<String, Object> result = new HashMap<>();
         result.put("user", userEntity);
         result.put("token", token);
-//        result.put("permission", resourcesTreeByUserPermission);
-        result.put("permission", resourcesByUserMenu);
+        result.put("permission", resourcesTreeByUserPermission);
+//        result.put("permission", resourcesByUserMenu);
         result.put("role", roles);
 
 

xiaoan-web/src/main/java/com/xiaoan/web/backend/IssueController.java

@@ -16,6 +16,7 @@ import com.xiaoan.web.shiro.JWTUtil;
 import io.swagger.annotations.Api;
 import io.swagger.annotations.ApiOperation;
 import org.apache.shiro.authz.annotation.Logical;
+import org.apache.shiro.authz.annotation.RequiresPermissions;
 import org.apache.shiro.authz.annotation.RequiresRoles;
 import org.springframework.beans.BeanUtils;
 import org.springframework.beans.factory.annotation.Autowired;
@@ -43,6 +44,7 @@ public class IssueController extends BaseController {
      * @param param
      * @return
      */
+    @RequiresPermissions("admin:issue:list")
     @WebControllerLog(description = "问题反馈-问题搜索/列表")
     @ApiOperation("搜索/列表共用")
     @PostMapping("list")
@@ -63,6 +65,7 @@ public class IssueController extends BaseController {
         return new ResultJson(MsgCode.SUCCESS_CODE, pageInfo);
     }
 
+    @RequiresPermissions("admin:issue:add")
     @WebControllerLog(description = "问题反馈-提交问题")
     @ApiOperation("提交问题")
     @PostMapping("save")
@@ -78,7 +81,7 @@ public class IssueController extends BaseController {
     /**
      * 只有管理员才能回复问题
      */
-    @RequiresRoles("admin")
+    @RequiresPermissions("admin:issue:reply")
     @WebControllerLog(description = "问题反馈-回复问题")
     @ApiOperation("回复问题")
     @GetMapping("reply/{id}/{item}")
@@ -100,7 +103,7 @@ public class IssueController extends BaseController {
     /**
      * 只有管理员才能删除问题
      */
-    @RequiresRoles("admin")
+    @RequiresPermissions("admin:issue:remove")
     @WebControllerLog(description = "问题反馈-删除问题")
     @ApiOperation("删除问题")
     @GetMapping("delete/{id}")
@@ -110,7 +113,7 @@ public class IssueController extends BaseController {
     }
 
     @WebControllerLog(description = "问题反馈-删除问题")
-    @RequiresRoles(value = {"admin"}, logical = Logical.OR)
+    @RequiresPermissions("admin:issue:remove")
     @ApiOperation("删除多问题")
     @GetMapping("delete/all/{id}")
     public ResultJson deleteAll(@PathVariable String id){

xiaoan-web/src/main/java/com/xiaoan/web/backend/LogController.java

@@ -10,6 +10,7 @@ import com.xiaoan.web.aop.WebControllerLog;
 import com.xiaoan.web.shiro.JWTUtil;
 import io.swagger.annotations.Api;
 import io.swagger.annotations.ApiOperation;
+import org.apache.shiro.authz.annotation.RequiresPermissions;
 import org.apache.shiro.authz.annotation.RequiresRoles;
 import org.springframework.beans.factory.annotation.Autowired;
 import org.springframework.transaction.annotation.Transactional;
@@ -38,7 +39,7 @@ public class LogController extends BaseController {
     /**
      * 疑问：搜索是否应该有个起始/结束时间
      */
-    @RequiresRoles("admin")
+    @RequiresPermissions("admin:log:list")
     @WebControllerLog(description = "操作日志-日志搜索/列表")
     @ApiOperation("搜索/列表共用")
     @PostMapping("list")

xiaoan-web/src/main/java/com/xiaoan/web/backend/PersonalCenterController.java

@@ -17,6 +17,7 @@ import com.xiaoan.web.shiro.JwtUtil2;
 import io.swagger.annotations.Api;
 import io.swagger.annotations.ApiOperation;
 import org.apache.commons.lang3.StringUtils;
+import org.apache.shiro.authz.annotation.RequiresPermissions;
 import org.springframework.beans.factory.annotation.Autowired;
 import org.springframework.transaction.annotation.Transactional;
 import org.springframework.web.bind.annotation.*;
@@ -39,6 +40,7 @@ public class PersonalCenterController extends BaseController {
     @Autowired
     private CameraService cameraService;
 
+    @RequiresPermissions("admin:scene:list")
     @WebControllerLog(description = "个人中心-我的场景/搜索")
     @ApiOperation("获取场景列表/搜索")
     @PostMapping("scene/list")
@@ -58,7 +60,7 @@ public class PersonalCenterController extends BaseController {
         return new ResultJson(MsgCode.SUCCESS_CODE, pageInfo);
     }
 
-
+    @RequiresPermissions("admin:scene:remove")
     @WebControllerLog(description = "个人中心-我的场景/删除")
     @ApiOperation("删除场景")
     @GetMapping("scene/delete/{id}")
@@ -72,6 +74,7 @@ public class PersonalCenterController extends BaseController {
      * @param id
      * @return
      */
+    @RequiresPermissions("admin:scene:edit")
     @WebControllerLog(description = "个人中心-我的场景/编辑")
     @ApiOperation("编辑场景")
     @GetMapping("scene/edit/{id}")
@@ -82,6 +85,7 @@ public class PersonalCenterController extends BaseController {
         return new ResultJson(MsgCode.SUCCESS_CODE, webSite);
     }
 
+    @RequiresPermissions("admin:camera:list")
     @WebControllerLog(description = "个人中心-我的相机/搜索")
     @ApiOperation("获取相机列表/搜索")
     @PostMapping("camera/list")
@@ -108,6 +112,7 @@ public class PersonalCenterController extends BaseController {
      * WiFi名称，跟mac地址一致
      * wifi密码：12345678
      */
+    @RequiresPermissions("admin:camera:add")
     @ApiOperation("新增相机")
     @WebControllerLog(description = "设备管理-新增相机")
     @GetMapping("camera/save/{code}")

xiaoan-web/src/main/java/com/xiaoan/web/backend/RoleController.java

@@ -7,9 +7,12 @@ import com.xiaoan.common.util.ResultJson;
 import com.xiaoan.dao.backend.RoleRepository;
 import com.xiaoan.dao.backend.UserRepository;
 import com.xiaoan.domain.backend.DepartmentEntity;
+import com.xiaoan.domain.backend.ResourceEntity;
 import com.xiaoan.domain.backend.RoleEntity;
 import com.xiaoan.domain.dto.request.RoleRequest;
+import com.xiaoan.service.backend.ResourceService;
 import com.xiaoan.service.backend.RoleService;
+import com.xiaoan.service.backend.dto.ResourceTree;
 import com.xiaoan.web.aop.WebControllerLog;
 import io.swagger.annotations.Api;
 import io.swagger.annotations.ApiOperation;
@@ -26,6 +29,7 @@ import springfox.documentation.annotations.ApiIgnore;
 import tk.mybatis.mapper.entity.Condition;
 
 import java.util.Date;
+import java.util.HashMap;
 import java.util.List;
 
 
@@ -38,13 +42,18 @@ import java.util.List;
 @RestController
 @RequestMapping("api/manage/role")
 @Transactional
-@RequiresRoles("admin") //需要admin角色才可以访问此controller
+//@RequiresRoles("admin") //需要admin角色才可以访问此controller
 public class RoleController extends BaseController {
 
     @Autowired
     private RoleService roleService;
 
-        @WebControllerLog(description = "角色权限-查询列表")
+    @Autowired
+    private ResourceService resourceService;
+
+//    @RequiresPermissions(logical = Logical.AND, value = {"view", "edit"})
+    @RequiresPermissions("admin:role:list")
+    @WebControllerLog(description = "角色权限-查询列表")
     @ApiOperation("分页获取角色列表/搜索")
     @PostMapping("list")
     public ResultJson list(@RequestBody PageDto param){
@@ -63,14 +72,29 @@ public class RoleController extends BaseController {
         return new ResultJson(MsgCode.SUCCESS_CODE, result);
     }
 
+    @ApiOperation("获取资源")
+    @GetMapping("find/resource")
+    public ResultJson findResource() throws Exception {
+        List<ResourceTree> listTree = resourceService.getTree();
+        return new ResultJson(MsgCode.SUCCESS_CODE, listTree);
+    }
+
 
 
 
     @ApiOperation("查询角色信息")
     @GetMapping("detail/{id}")
-    public ResultJson detail(@PathVariable Long id){
+    public ResultJson detail(@PathVariable Long id) throws Exception {
         RoleEntity roleEntity = roleService.findById(id);
-        return new ResultJson(MsgCode.SUCCESS_CODE, roleEntity);
+
+        HashMap<Object, Object> resultMap = new HashMap<>();
+
+        List<ResourceTree> permission = resourceService.getResourcesTreeByRolePermission(id);
+
+        resultMap.put("role", roleEntity);
+        resultMap.put("permission", permission);
+
+        return new ResultJson(MsgCode.SUCCESS_CODE, resultMap);
     }
 
 
@@ -102,51 +126,63 @@ public class RoleController extends BaseController {
     }
 
 
-    /**
-     * 角色直接从数据库管理，因为前端不做资源管理，所以不提供新增、修改、删除，只提供查询
-     */
-//    @ApiOperation("新增或修改角色信息")
-//    @PostMapping("save")
-//    public ResultJson save(@RequestBody RoleRequest param){
-//        RoleEntity roleEntity = roleService.findById(param.getId());
-//
-//        int n = 0;
-//
-//        if (roleEntity == null) {
-//            roleEntity = new RoleEntity();
-//            // 保存的时候，如果有id，会出错
-//            param.setId(null);
-//            BeanUtils.copyProperties(param, roleEntity);
-//            n = roleService.save(roleEntity);
-//
-//        } else {
-//            BeanUtils.copyProperties(param, roleEntity);
-//            roleEntity.setUpdateTime(new Date());
-//            n = roleService.update(roleEntity);
-//
-//            // 每次修改，删除角色资源表信息，重新添加
-//            roleService.deleteRoleResource(param.getId());
-//        }
-//
-//        if (n >= 0){
-//            if (param.getResources() != null){
-//                for (long i : param.getResources()) {
-//                    roleService.saveRoleResource(roleEntity.getId(), i);
-//                }
-//                return new ResultJson(MsgCode.SUCCESS_CODE, MsgCode.SUCCESS_MSG);
-//            }
-//        }
-//
-//        return new ResultJson(MsgCode.ERROR_CODE, MsgCode.ERROR_MSG);
-//    }
-
-//    @ApiOperation("删除角色")
-//    @GetMapping("delete/{id}")
-//    public ResultJson delete(@PathVariable Long id){
-//        roleService.deleteById(id);
-////        roleService.deleteRoleResource(id);
-//        return new ResultJson(MsgCode.SUCCESS_CODE, MsgCode.SUCCESS_MSG);
-//    }
+
+    @WebControllerLog(description = "角色权限-新增/修改")
+    @RequiresPermissions(value="admin:role:add")
+    @ApiOperation("新增或修改角色信息")
+    @PostMapping("save")
+    public ResultJson save(@RequestBody RoleRequest param){
+
+        RoleEntity roleEntity = null;
+        int n = 0;
+
+        if (param.getId() == null) {
+            roleEntity = new RoleEntity();
+            BeanUtils.copyProperties(param, roleEntity);
+            n = roleService.save(roleEntity);
+        } else {
+            roleEntity = roleService.findById(param.getId());
+            if (roleEntity == null) {
+                return new ResultJson(MsgCode.FAILURE_CODE_3002, MsgCode.FAILURE_MSG_3002);
+            }
+            BeanUtils.copyProperties(param, roleEntity);
+            roleEntity.setUpdateTime(new Date());
+            n = roleService.update(roleEntity);
+
+            // 每次修改，删除角色资源表信息，重新添加
+            roleService.deleteRoleResource(param.getId());
+        }
+
+        // 添加权限
+        if (n >= 0){
+            if (param.getResources() != null){
+                for (long i : param.getResources()) {
+                    roleService.saveRoleResource(roleEntity.getId(), i);
+                }
+                return new ResultJson(MsgCode.SUCCESS_CODE, MsgCode.SUCCESS_MSG);
+            }
+        }
+
+        return new ResultJson(MsgCode.ERROR_CODE, MsgCode.ERROR_MSG);
+    }
+
+    @WebControllerLog(description = "角色权限-角色删除")
+    @RequiresPermissions("admin:role:remove")
+    @ApiOperation("删除角色")
+    @GetMapping("delete/{id}")
+    public ResultJson delete(@PathVariable Long id){
+        roleService.deleteById(id);
+        return new ResultJson(MsgCode.SUCCESS_CODE, MsgCode.SUCCESS_MSG);
+    }
+
+    @WebControllerLog(description = "角色权限-多角色删除")
+    @RequiresPermissions("admin:role:remove")
+    @ApiOperation("多角色删除")
+    @GetMapping("delete/all/{ids}")
+    public ResultJson delete(@PathVariable String ids){
+        roleService.deleteByIds(ids);
+        return new ResultJson(MsgCode.SUCCESS_CODE, MsgCode.SUCCESS_MSG);
+    }
 
 
 

xiaoan-web/src/main/java/com/xiaoan/web/backend/SceneController.java

@@ -18,6 +18,7 @@ import com.xiaoan.web.shiro.JwtUtil2;
 import io.swagger.annotations.Api;
 import io.swagger.annotations.ApiOperation;
 import org.apache.commons.lang3.StringUtils;
+import org.apache.shiro.authz.annotation.RequiresPermissions;
 import org.springframework.beans.factory.annotation.Autowired;
 import org.springframework.beans.factory.annotation.Value;
 import org.springframework.transaction.annotation.Transactional;
@@ -69,6 +70,7 @@ public class SceneController extends BaseController {
      * 根据场景名称，拍摄人查询
      * 需要分角色
      */
+    @RequiresPermissions("admin:scene:list")
     @WebControllerLog(description = "场景管理-场景搜索/列表")
     @ApiOperation("获取场景列表")
     @PostMapping("list")
@@ -92,34 +94,34 @@ public class SceneController extends BaseController {
     /**
      * 本地后台修改场景名称
      */
-    @ApiOperation("下载场景")
-    @WebControllerLog(description = "场景管理-下载场景")
-    @GetMapping(value = "/downloadTexData/{sceneNum}")
-    public ResultJson downloadTexData(@PathVariable String sceneNum)  {
-
-        if(StringUtils.isEmpty(sceneNum)){
-            return new ResultJson(MsgCode.FAILURE_CODE_3001, MsgCode.FAILURE_MSG_3001);
-        }
-        SceneProEntity sceneProEntity = sceneService.findBySceneNum(sceneNum);
-        if(sceneProEntity == null){
-            return new ResultJson(MsgCode.FAILURE_CODE_3001, MsgCode.FAILURE_MSG_3001);
-        }
-
-        String dataPath = sceneProEntity.getDataSource() + "/caches/tex";
-        String saveZipPath = scenePath + "images/images" + sceneNum;
-//        FileUtils.createDir(saveZipPath);
-        FileUtil.mkdir(saveZipPath);
-
-        String sourcePath = "F:\\test\\test123";
-        ZipUtil.zip(sourcePath, saveZipPath+ "/tex.zip");
-
-//        return new ResultJson(MsgCode.SUCCESS_CODE,mainUrl + "scene/images/images" + sceneNum + "/tex.zip?t=" +System.currentTimeMillis());
-        return new ResultJson(MsgCode.SUCCESS_CODE,"");
-    }
-
-    public static void main(String[] args) {
-        String sourcePath = "F:\\test\\test123";
-        String saveZipPath = "F:\\test\\xiaoan\\";
-        ZipUtil.zip(sourcePath, saveZipPath+ "tex.zip");
-    }
+//    @ApiOperation("下载场景")
+//    @WebControllerLog(description = "场景管理-下载场景")
+//    @GetMapping(value = "/downloadTexData/{sceneNum}")
+//    public ResultJson downloadTexData(@PathVariable String sceneNum)  {
+//
+//        if(StringUtils.isEmpty(sceneNum)){
+//            return new ResultJson(MsgCode.FAILURE_CODE_3001, MsgCode.FAILURE_MSG_3001);
+//        }
+//        SceneProEntity sceneProEntity = sceneService.findBySceneNum(sceneNum);
+//        if(sceneProEntity == null){
+//            return new ResultJson(MsgCode.FAILURE_CODE_3001, MsgCode.FAILURE_MSG_3001);
+//        }
+//
+//        String dataPath = sceneProEntity.getDataSource() + "/caches/tex";
+//        String saveZipPath = scenePath + "images/images" + sceneNum;
+////        FileUtils.createDir(saveZipPath);
+//        FileUtil.mkdir(saveZipPath);
+//
+//        String sourcePath = "F:\\test\\test123";
+//        ZipUtil.zip(sourcePath, saveZipPath+ "/tex.zip");
+//
+////        return new ResultJson(MsgCode.SUCCESS_CODE,mainUrl + "scene/images/images" + sceneNum + "/tex.zip?t=" +System.currentTimeMillis());
+//        return new ResultJson(MsgCode.SUCCESS_CODE,"");
+//    }
+//
+//    public static void main(String[] args) {
+//        String sourcePath = "F:\\test\\test123";
+//        String saveZipPath = "F:\\test\\xiaoan\\";
+//        ZipUtil.zip(sourcePath, saveZipPath+ "tex.zip");
+//    }
 }

xiaoan-web/src/main/java/com/xiaoan/web/backend/StatisticsController.java

@@ -9,6 +9,7 @@ import io.swagger.annotations.Api;
 import io.swagger.annotations.ApiOperation;
 import lombok.extern.log4j.Log4j2;
 import org.apache.shiro.authz.annotation.Logical;
+import org.apache.shiro.authz.annotation.RequiresPermissions;
 import org.apache.shiro.authz.annotation.RequiresRoles;
 import org.springframework.beans.factory.annotation.Autowired;
 import org.springframework.transaction.annotation.Transactional;
@@ -37,7 +38,8 @@ public class StatisticsController {
     @Autowired
     private SceneService sceneService;
 
-    @RequiresRoles(value = {"admin"}, logical = Logical.OR)
+    @RequiresPermissions("admin:statistics:list")
+//    @RequiresRoles(value = {"admin"}, logical = Logical.OR)
     @WebControllerLog(description = "数据统计-获取数据")
     @ApiOperation("获取数据")
     @GetMapping

xiaoan-web/src/main/java/com/xiaoan/web/backend/UserController.java

@@ -23,10 +23,7 @@ import org.springframework.web.bind.annotation.*;
 import tk.mybatis.mapper.entity.Condition;
 
 import javax.servlet.http.HttpServletRequest;
-import java.util.ArrayList;
-import java.util.Date;
-import java.util.List;
-import java.util.Map;
+import java.util.*;
 
 
 /**
@@ -160,6 +157,7 @@ public class UserController extends BaseController {
         return new ResultJson(MsgCode.SUCCESS_CODE, MsgCode.SUCCESS_MSG);
     }
 
+    @WebControllerLog(description = "用户管理-重置密码")
     @RequiresRoles(value = {"admin"}, logical = Logical.OR)
     @ApiOperation("重置密码")
     @GetMapping("resetPass/{id}")
@@ -170,4 +168,32 @@ public class UserController extends BaseController {
         return new ResultJson(MsgCode.SUCCESS_CODE, MsgCode.SUCCESS_MSG);
     }
 
+    @WebControllerLog(description = "用户管理-多重置密码")
+    @RequiresRoles(value = {"admin"}, logical = Logical.OR)
+    @ApiOperation("多重置密码")
+    @GetMapping("resetPass/all/{ids}")
+    public ResultJson resetPassAll(@PathVariable String ids){
+        String[] split = ids.split(",");
+        if (split.length > 0) {
+            for (String s : split) {
+                UserEntity userEntity = userService.findById(Long.valueOf(s));
+                userEntity.setPassword(PasswordUtils.encrypt(userEntity.getUserName(), "123456", PasswordUtils.getStaticSalt()));
+                userService.update(userEntity);
+            }
+        }
+
+
+        return new ResultJson(MsgCode.SUCCESS_CODE, MsgCode.SUCCESS_MSG);
+    }
+
+    public static void main(String[] args) {
+
+        String ids = "1,2,3";
+
+        String[] split = ids.split(",");
+
+        System.out.println(Arrays.toString(split));
+    }
+
+
 }

xiaoan-web/src/main/java/com/xiaoan/web/shiro/MyRealm.java

@@ -129,7 +129,7 @@ public class MyRealm extends AuthorizingRealm {
         }
 
         // 校验请求token是否跟redis token一致
-        String redisToken = (String) redisTemplate.opsForValue().get(userEntity.getUserName());
+        String redisToken = redisTemplate.opsForValue().get(userEntity.getUserName());
 //        log.warn("redisToken: {}", redisToken);
         if (!token.equals(redisToken)) {
             log.info("error token redis");