删除无用代码

添加自定义角色

README.md

@@ -1,6 +1,10 @@
 # cms_celebrity_sc
 
 成都名人馆java后端代码
+    权限设计：
+        1. 一个用户只有一个角色
+        2. sys_user_role 没有使用
+        3. 所有资源给回前端，通过authority判断
 
 
 ##sit

gis_domain/src/main/java/com/gis/domain/dto/AnswerRequest.java

@@ -23,7 +23,8 @@ public class AnswerRequest implements Serializable {
     @ApiModelProperty(value = "是否答案,1:是，0：否", required = true)
     private Integer correct;
 
-    @ApiModelProperty(value = "排序")
+    @NotNull(message = "排号不能为空， 用1,2,3,4排序")
+    @ApiModelProperty(value = "排序", required = true)
     private Integer sort;
 
 

gis_domain/src/main/java/com/gis/domain/dto/CommentPageRequest.java

@@ -1,19 +0,0 @@
-package com.gis.domain.dto;
-
-import io.swagger.annotations.ApiModelProperty;
-import lombok.Data;
-
-import javax.validation.constraints.NotBlank;
-
-/**
- * Created by owen on 2020/6/10 0010 17:39
- */
-@Data
-public class CommentPageRequest extends PageRequest {
-
-    @NotBlank(message = "藏品Id不能为空")
-    @ApiModelProperty(value = "藏品Id", required = true)
-    private String goodsId;
-
-
-}

gis_domain/src/main/java/com/gis/domain/dto/DeptRequest.java

@@ -1,23 +0,0 @@
-package com.gis.domain.dto;
-
-import io.swagger.annotations.ApiModelProperty;
-import lombok.Data;
-
-import javax.validation.constraints.NotNull;
-
-/**
- * Created by owen on 2020/5/9 0009 12:20
- */
-@Data
-public class DeptRequest {
-
-    @ApiModelProperty(value = "id, 修改时必须传，新增忽略", name = "id")
-    private Long id;
-
-    @NotNull(message = "部门名称")
-    @ApiModelProperty(value = "部门名称", required = true)
-    private String name;
-
-    @ApiModelProperty(value = "上级部门id")
-    private Long parentId;
-}

gis_domain/src/main/java/com/gis/domain/dto/QuestionRequest.java

@@ -5,6 +5,7 @@ import lombok.Data;
 
 import javax.validation.constraints.NotBlank;
 import javax.validation.constraints.NotNull;
+import java.util.List;
 
 /**
  * Created by owen on 2020/6/10 0010 17:39
@@ -38,6 +39,9 @@ public class QuestionRequest {
     @ApiModelProperty(value = "相关知识点")
     private String related;
 
+//    @ApiModelProperty(value = "答案", required = true)
+//    private List<AnswerRequest> answers;
+
 
 
 }

gis_domain/src/main/java/com/gis/domain/dto/RoleAccreditRequest.java

@@ -3,24 +3,34 @@ package com.gis.domain.dto;
 import io.swagger.annotations.ApiModelProperty;
 import lombok.Data;
 
+import javax.validation.constraints.NotBlank;
 import javax.validation.constraints.NotNull;
 import java.util.Set;
 
 /**
  * Created by owen on 2020/5/9 0009 12:20
- * 角色授权
  */
 @Data
-public class RoleAccreditRequest {
+public class RoleDto {
 
-    @NotNull(message = "角色Id不能为空")
-    @ApiModelProperty(value = "roleId", required = true)
+    @ApiModelProperty(value = "id, 修改时必须传，新增忽略", name = "id")
     private Long id;
 
+
+    @NotBlank(message = "角色名称不能为空")
+    @ApiModelProperty(value = "角色名称", required = true)
+    private String roleName;
+
     @ApiModelProperty(value = "角色描述")
     private String roleDesc;
 
+    @NotNull(message = "是否启用不能为空")
+    @ApiModelProperty(value = "状态，1：启用，0：停用")
+    private Integer status ;
+
     @NotNull(message = "权限不能为空")
     @ApiModelProperty(value = "资源id, 多个id用“，”隔开，例如：1,2,3", required = true)
     private Set<Long> resources;
+
+
 }

gis_domain/src/main/java/com/gis/domain/dto/RoleRequest.java

@@ -1,30 +0,0 @@
-package com.gis.domain.dto;
-
-import io.swagger.annotations.ApiModelProperty;
-import lombok.Data;
-
-import javax.validation.constraints.NotBlank;
-
-/**
- * Created by owen on 2020/5/9 0009 12:20
- */
-@Data
-public class RoleRequest {
-
-    @ApiModelProperty(value = "id, 修改时必须传，新增忽略", name = "id")
-    private Long id;
-
-//    @NotBlank(message = "角色key不能为空")
-//    @ApiModelProperty(value = "角色key", required = true)
-//    private String roleKey;
-
-    @NotBlank(message = "角色key不能为空")
-    @ApiModelProperty(value = "角色名称", required = true)
-    private String roleName;
-
-    @ApiModelProperty(value = "角色描述")
-    private String roleDesc;
-
-    @ApiModelProperty(value = "数据范围，1：所有数据，2：部门数据，3：个人数据")
-    private Integer dataScope ;
-}

gis_domain/src/main/java/com/gis/domain/dto/UserRequest.java

@@ -3,22 +3,26 @@ package com.gis.domain.dto;
 import io.swagger.annotations.ApiModelProperty;
 import lombok.Data;
 
+import javax.validation.constraints.NotBlank;
 import javax.validation.constraints.NotNull;
 
 /**
  * Created by owen on 2020/5/28 0028 16:36
  */
 @Data
-public class UserRequest {
+public class UserDto {
 
     @ApiModelProperty(value = "id, 修改时必须传，新增忽略", name = "id")
     private Long id;
 
-    @NotNull(message = "用户名不能为空")
+    @NotBlank(message = "用户名不能为空")
     @ApiModelProperty(value = "用户名", name = "userName", required = true)
     private String userName;
 
-    @NotNull(message = "手机号不能为空")
+    @ApiModelProperty(value = "真实姓名")
+    private String realName;
+
+    @NotBlank(message = "手机号不能为空")
     @ApiModelProperty(value = "手机号", name = "phone", required = true)
     private String phone;
 
@@ -26,15 +30,15 @@ public class UserRequest {
     @ApiModelProperty(value = "状态， 0:启用  1：停用 2：注销", name = "status", required = true)
     private Integer status;
 
-//    @NotNull(message = "角色不能为空")
-//    @ApiModelProperty(value = "角色：只有两种 admin normal", name = "role", required = true)
-//    private String role;
+    @NotNull(message = "角色id不能为空")
+    @ApiModelProperty(value = "角色id")
+    private Long roleId;
 
-    @NotNull(message = "头像不能为空")
+    @NotBlank(message = "头像不能为空")
     @ApiModelProperty(value = "头像url", required = true)
     private String icon;
 
-    @NotNull(message = "角色不能为空")
-    @ApiModelProperty(value = "超级管理员，1：是， 0：否")
-    private Integer sysManager;
+//    @NotNull(message = "角色不能为空")
+//    @ApiModelProperty(value = "超级管理员，1：是， 0：否")
+//    private Integer sysManager;
 }

gis_domain/src/main/java/com/gis/domain/po/SysDeptEntity.java

@@ -1,28 +0,0 @@
-package com.gis.domain.po;
-
-import io.swagger.annotations.ApiModelProperty;
-import lombok.Data;
-
-import java.io.Serializable;
-
-/**
- * 部门表
- */
-@Data
-//@Table(name = "sys_dept")
-public class SysDeptEntity extends BaseEntity implements Serializable {
-
-
-//    @ApiModelProperty(value = "部门编号")
-//    private Integer num;
-
-
-    @ApiModelProperty(value = "部门名称")
-    private String name;
-
-    @ApiModelProperty(value = "上级部门id")
-    private Long parentId;
-
-
-
-}

gis_domain/src/main/java/com/gis/domain/po/SysResourceEntity.java

@@ -5,11 +5,12 @@ import io.swagger.annotations.ApiModelProperty;
 import lombok.Data;
 
 import javax.persistence.Column;
+import javax.persistence.Table;
 import javax.persistence.Transient;
 import java.io.Serializable;
 
 @Data
-//@Table(name = "sys_resource")
+@Table(name = "sys_resource")
 public class SysResourceEntity extends BaseEntity implements Serializable {
 
     private static final long serialVersionUID = -293343757324080501L;
@@ -30,10 +31,6 @@ public class SysResourceEntity extends BaseEntity implements Serializable {
     private String url;
 
 
-//    private String icon;
-
-
-
     // 前端需要传menu、button
     @ApiModelProperty(value = "邮箱")
     @Column(columnDefinition = "enum('menu','button')")

gis_domain/src/main/java/com/gis/domain/po/SysRoleEntity.java

@@ -3,16 +3,17 @@ package com.gis.domain.po;
 import io.swagger.annotations.ApiModelProperty;
 import lombok.Data;
 
+import javax.persistence.Table;
 import java.io.Serializable;
 
 @Data
-//@Table(name = "sys_role")
+@Table(name = "sys_role")
 public class SysRoleEntity extends BaseEntity implements Serializable {
 
     private static final long serialVersionUID = -8093446477843493946L;
 
-    @ApiModelProperty(value = "角色key")
-    private String roleKey;
+//    @ApiModelProperty(value = "角色key")
+//    private String roleKey;
 
     @ApiModelProperty(value = "角色名称")
     private String roleName;
@@ -23,7 +24,10 @@ public class SysRoleEntity extends BaseEntity implements Serializable {
     @ApiModelProperty(value = "排序")
     private Integer sort;
 
-    @ApiModelProperty(value = "数据范围，1：所有数据，2：部门数据，3：个人数据")
-    private Integer dataScope ;
+    @ApiModelProperty(value = "状态，1：启用，0：停用")
+    private Integer status ;
+
+//    @ApiModelProperty(value = "数据范围，1：所有数据，2：部门数据，3：个人数据")
+//    private Integer dataScope ;
 
 }

gis_domain/src/main/java/com/gis/domain/po/SysUserEntity.java

@@ -23,7 +23,8 @@ public class SysUserEntity extends BaseEntity implements Serializable {
     private String userName;
 
     /** 真实姓名 */
-//    private String realName;
+    @ApiModelProperty(value = "真实姓名")
+    private String realName;
 
     @JSONField(serialize = false)
     private String password;
@@ -39,14 +40,14 @@ public class SysUserEntity extends BaseEntity implements Serializable {
     @ApiModelProperty(value = "状态 0:启用  1：停用 2：注销")
     private Integer status;
 
-//    @ApiModelProperty(value = "角色：只有两种 admin:超级管理员， normal：普通管理员")
-//    private String role;
+    @ApiModelProperty(value = "角色id")
+    private Long roleId;
 
     @ApiModelProperty(value = "头像url")
     private String icon;
 
-    @ApiModelProperty(value = "超级管理员，1：是， 0：否")
-    private Integer sysManager;
+//    @ApiModelProperty(value = "超级管理员，1：是， 0：否")
+//    private Integer sysManager;
 
 
 

gis_domain/src/main/java/com/gis/domain/vo/UserVo.java

@@ -0,0 +1,55 @@
+package com.gis.domain.vo;
+
+import com.alibaba.fastjson.annotation.JSONField;
+import com.gis.domain.po.BaseEntity;
+import io.swagger.annotations.ApiModelProperty;
+import lombok.Data;
+
+import javax.persistence.Entity;
+import javax.persistence.Table;
+import java.io.Serializable;
+
+/**
+ * 用户表
+ */
+@Data
+public class UserVo extends BaseEntity implements Serializable {
+
+    private static final long serialVersionUID = -5191118184688236778L;
+
+    /** 用户名 */
+    @ApiModelProperty(value = "用户名")
+    private String userName;
+
+    /** 真实姓名 */
+//    private String realName;
+
+    @JSONField(serialize = false)
+    private String password;
+
+    /** 性别 0:男  1：女 */
+//    private Integer sex;
+
+    @ApiModelProperty(value = "电话")
+    private String phone;
+
+//    private String email;
+
+    @ApiModelProperty(value = "状态 0:启用  1：停用 2：注销")
+    private Integer status;
+
+    @ApiModelProperty(value = "角色id")
+    private Long roleId;
+
+    @ApiModelProperty(value = "角色名称")
+    private String roleName;
+
+    @ApiModelProperty(value = "头像url")
+    private String icon;
+
+//    @ApiModelProperty(value = "超级管理员，1：是， 0：否")
+//    private Integer sysManager;
+
+
+
+}

gis_mapper/src/main/java/com/gis/mapper/SysDeptMapper.java

@@ -1,15 +0,0 @@
-package com.gis.mapper;
-
-
-import com.gis.domain.po.SysDeptEntity;
-import org.apache.ibatis.annotations.Mapper;
-import org.apache.ibatis.annotations.Select;
-import org.springframework.stereotype.Component;
-
-@Component
-@Mapper
-public interface SysDeptMapper extends IBaseMapper<SysDeptEntity, Long> {
-
-    @Select(value = "select * from sys_dept where rec_status = 'A' AND dept_no = #{deptNo}")
-    SysDeptEntity findByDeptNo(String deptNo);
-}

gis_mapper/src/main/java/com/gis/mapper/SysUserMapper.java

@@ -3,6 +3,7 @@ package com.gis.mapper;
 
 import com.gis.domain.po.SysUserEntity;
 import com.gis.domain.dto.UserPageRequest;
+import com.gis.domain.vo.UserVo;
 import com.gis.mapper.provider.UserProvider;
 import org.apache.ibatis.annotations.Mapper;
 import org.apache.ibatis.annotations.Select;
@@ -15,16 +16,16 @@ import java.util.List;
 @Mapper
 public interface SysUserMapper extends IBaseMapper<SysUserEntity, Long> {
 
-//    @SelectProvider(type = UserProvider.class, method = "findAllBySearchKey")
-//    List<UserResponse> findAllBySearchKey(String searchKey);
-
     @Select(value = "select * from sys_user where rec_status = 'A' AND user_name= #{userName}")
     SysUserEntity findByUserName(String userName);
 
     @Select(value = "select * from sys_user where rec_status = 'A' AND phone = #{phone}")
     SysUserEntity findByPhone(String phone);
 
-
     @SelectProvider(type = UserProvider.class, method = "findBySearchKey")
-    List<SysUserEntity> findBySearchKey(UserPageRequest param);
+    List<UserVo> findBySearchKey(UserPageRequest param);
+
+    @Select("SELECT a.id, a.user_name, a.real_name, a.phone, a.status, a.icon, a.role_id , b.role_name as role_name " +
+            "FROM sys_user a left join sys_role b on b.id = a.role_id where a.rec_status = 'A' ORDER BY a.create_time DESC ")
+    List<UserVo> findByRoleId(Long roleId);
 }

gis_mapper/src/main/java/com/gis/mapper/provider/UserProvider.java

@@ -13,21 +13,22 @@ public class UserProvider {
 
     public String findBySearchKey(UserPageRequest param){
         StringBuffer sql = new StringBuffer(
-                "SELECT * FROM sys_user where rec_status = 'A' ");
+                "SELECT a.id, a.user_name, a.real_name, a.phone, a.status, a.icon, a.role_id , b.role_name as role_name " +
+                        "FROM sys_user a left join sys_role b on b.id = a.role_id where a.rec_status = 'A' ");
         String searchKey = param.getSearchKey();
         if(StrUtil.isNotBlank(searchKey)){
             sql.append(" and (");
-            sql.append(" user_name like '%").append(searchKey).append("%'");
-            sql.append(" or phone like '%").append(searchKey).append("%'");
+            sql.append(" a.user_name like '%").append(searchKey).append("%'");
+            sql.append(" or a.phone like '%").append(searchKey).append("%'");
             sql.append( ")");
         }
 
         Integer status = param.getStatus();
         if (status != null) {
-            sql.append("and status = ").append(status);
+            sql.append("and a.status = ").append(status);
         }
 
-        sql.append(" ORDER BY create_time DESC");
+        sql.append(" ORDER BY a.create_time DESC");
         log.info("sql: {}", sql.toString());
         return sql.toString();
     }

gis_service/src/main/java/com/gis/service/SysDeptService.java

@@ -1,14 +0,0 @@
-package com.gis.service;
-
-
-import com.gis.domain.po.SysDeptEntity;
-
-
-/**
- * Created by owen on 2020/3/11 0011 16:14
- */
-public interface SysDeptService extends IBaseService<SysDeptEntity, Long> {
-
-
-    SysDeptEntity findByDeptNo(String deptNo);
-}

gis_service/src/main/java/com/gis/service/SysResourceService.java

@@ -2,6 +2,7 @@ package com.gis.service;
 
 
 import com.gis.domain.po.SysResourceEntity;
+import com.gis.domain.po.SysUserEntity;
 import com.gis.service.util.ResourceTree;
 
 import java.util.List;
@@ -13,7 +14,15 @@ import java.util.List;
 public interface SysResourceService extends IBaseService<SysResourceEntity, Long> {
 
 
-    List<ResourceTree> getResourceByRoleId(Long roleId);
+//    List<ResourceTree> getResourceByRoleId(Long roleId);
 
     List<SysResourceEntity> findResourceByRoleId(Long roleId);
+
+
+    /**
+     * 把所有资源都给回前端，有权限的设置为true
+     * @param roleId
+     * @return
+     */
+    List<ResourceTree> getResourcesByUserPermission(Long roleId);
 }

gis_service/src/main/java/com/gis/service/SysUserService.java

@@ -3,6 +3,7 @@ package com.gis.service;
 
 import com.gis.domain.po.SysUserEntity;
 import com.gis.domain.dto.UserPageRequest;
+import com.gis.domain.vo.UserVo;
 
 import java.util.List;
 
@@ -12,11 +13,12 @@ import java.util.List;
  */
 public interface SysUserService extends IBaseService<SysUserEntity, Long> {
 
-//    List<UserResponse> findAllBySearchKey(PageDto param);
 
     SysUserEntity findByUserName(String userName);
 
     SysUserEntity findByPhone(String phone);
 
-    List<SysUserEntity> findBySearchKey(UserPageRequest param);
+    List<UserVo> findBySearchKey(UserPageRequest param);
+
+    List<UserVo> findByRoleId(Long id);
 }

gis_service/src/main/java/com/gis/service/impl/SysDeptServiceImpl.java

@@ -1,30 +0,0 @@
-package com.gis.service.impl;
-
-import com.gis.domain.po.SysDeptEntity;
-import com.gis.mapper.IBaseMapper;
-import com.gis.mapper.SysDeptMapper;
-import com.gis.service.SysDeptService;
-import org.springframework.beans.factory.annotation.Autowired;
-import org.springframework.stereotype.Service;
-
-
-/**
- * Created by owen on 2020/3/11 0011 16:16
- */
-@Service
-public class SysDeptServiceImpl extends IBaseServiceImpl<SysDeptEntity, Long> implements SysDeptService {
-
-    @Autowired
-    private SysDeptMapper entityMapper;
-
-    @Override
-    public IBaseMapper<SysDeptEntity, Long> getBaseMapper() {
-        return this.entityMapper;
-    }
-
-
-    @Override
-    public SysDeptEntity findByDeptNo(String deptNo) {
-        return entityMapper.findByDeptNo(deptNo);
-    }
-}

gis_service/src/main/java/com/gis/service/impl/SysResourceServiceImpl.java

@@ -1,19 +1,24 @@
 package com.gis.service.impl;
 
 import com.gis.domain.po.SysResourceEntity;
+import com.gis.domain.po.SysUserEntity;
 import com.gis.mapper.IBaseMapper;
 import com.gis.mapper.SysResourceMapper;
 import com.gis.service.SysResourceService;
 import com.gis.service.util.ResourceTree;
+import com.gis.service.util.ResourceTreeUtil;
+import lombok.extern.log4j.Log4j2;
 import org.springframework.beans.factory.annotation.Autowired;
 import org.springframework.stereotype.Service;
 
+import java.util.ArrayList;
 import java.util.List;
 
 
 /**
  * Created by owen on 2020/3/11 0011 16:16
  */
+@Log4j2
 @Service
 public class SysResourceServiceImpl extends IBaseServiceImpl<SysResourceEntity, Long> implements SysResourceService {
 
@@ -26,13 +31,43 @@ public class SysResourceServiceImpl extends IBaseServiceImpl<SysResourceEntity,
     }
 
 
-    @Override
-    public List<ResourceTree> getResourceByRoleId(Long roleId) {
-        return null;
-    }
+//    @Override
+//    public List<ResourceTree> getResourceByRoleId(Long roleId) {
+//        List<SysResourceEntity> entityList = findResourceByRoleId(roleId);
+//        ResourceTreeUtil tree = new ResourceTreeUtil(entityList);
+//        return tree.buildTree();
+//    }
 
     @Override
     public List<SysResourceEntity> findResourceByRoleId(Long roleId) {
         return entityMapper.findResourceByRoleId(roleId);
     }
+
+    @Override
+    public List<ResourceTree> getResourcesByUserPermission(Long roleId) {
+        List<SysResourceEntity> allList = findAll();
+
+        // 返回结果
+        List<SysResourceEntity> results = new ArrayList<>();
+
+
+        // 用户拥有的角色
+        List<SysResourceEntity> resourceUsers = findResourceByRoleId(roleId);
+
+        // 用来判断权限
+        for (SysResourceEntity entity: allList) {
+            for (SysResourceEntity j : resourceUsers) {
+                if (entity.getId().equals(j.getId())) {
+                    entity.setAuthority(true);
+                }
+            }
+            results.add(entity);
+        }
+
+        ResourceTreeUtil tree = new ResourceTreeUtil(results);
+
+        return tree.buildTree();
+    }
+
+
 }

gis_service/src/main/java/com/gis/service/impl/SysUserServiceImpl.java

@@ -2,6 +2,7 @@ package com.gis.service.impl;
 
 import com.gis.domain.po.SysUserEntity;
 import com.gis.domain.dto.UserPageRequest;
+import com.gis.domain.vo.UserVo;
 import com.gis.mapper.IBaseMapper;
 import com.gis.mapper.SysUserMapper;
 import com.gis.service.SysUserService;
@@ -25,12 +26,6 @@ public class SysUserServiceImpl extends IBaseServiceImpl<SysUserEntity, Long> im
         return this.entityMapper;
     }
 
-//    @Override
-//    public List<UserResponse> findAllBySearchKey(PageDto param) {
-//        PageHelper.startPage(param.getPageNum(), param.getPageSize());
-//        return entityMapper.findAllBySearchKey(param.getSearchKey());
-//    }
-
     @Override
     public SysUserEntity findByUserName(String userName) {
         return entityMapper.findByUserName(userName);
@@ -42,9 +37,14 @@ public class SysUserServiceImpl extends IBaseServiceImpl<SysUserEntity, Long> im
     }
 
     @Override
-    public List<SysUserEntity> findBySearchKey(UserPageRequest param) {
+    public List<UserVo> findBySearchKey(UserPageRequest param) {
         return entityMapper.findBySearchKey(param);
     }
 
+    @Override
+    public List<UserVo> findByRoleId(Long roleId) {
+        return entityMapper.findByRoleId(roleId);
+    }
+
 
 }

gis_web/src/main/java/com/gis/web/aop/WebLogAspect.java

@@ -48,8 +48,7 @@ public class WebLogAspect {
 
         // 获取token
         String token = request.getHeader("token");
-//        log.info( request.getRequestURI());
-        // 排查登录接口
+        // 排除登录接口
         boolean contains = request.getRequestURI().contains("/admin/login");
         if (contains) {
             return;
@@ -57,7 +56,7 @@ public class WebLogAspect {
 
         Long userId = null;
         if (token != null) {
-            userId = JwtUtil.getUserId(token);
+            userId = JwtUtil.getTokenLongValue(token, "id");
         }
 
 
@@ -82,7 +81,6 @@ public class WebLogAspect {
     @AfterReturning(returning = "ret", pointcut = "controllerLog()")
     public void doAfterReturning(Object ret) throws Throwable {
         // 处理完请求，返回内容
-//        log.info("响应RESPONSE : " + ret.toString());
         log.warn("end : {}", request.getRequestURI());
     }
 

gis_web/src/main/java/com/gis/web/controller/ApiController.java

@@ -27,92 +27,6 @@ import java.util.Map;
 public class ApiController extends BaseController {
 
 
-    @Autowired
-    private CelebrityService sceneService;
-
-    @ApiImplicitParams({
-            @ApiImplicitParam(name = "file", value = "文件", required = true),
-            @ApiImplicitParam(name = "savePath", value = "文件保存路径", required = true),
-    })
-    @ApiOperation("上传")
-    @PostMapping("upload")
-    public Result upload(MultipartFile file, String savePath) throws IOException {
-        if (StringUtils.isBlank(savePath)) {
-            log.error("保存路径不能为空");
-            return Result.failure("保存路径不能为空");
-        }
-
-        if (file == null) {
-            log.error("文件不能为空");
-            return Result.failure("文件不能为空");
-        }
-
-        savePath = FILE_PATH + savePath;
-        log.warn("savePath: {}", savePath);
-
-
-        boolean upload = FileUtils.upload(file, savePath);
-        return upload? Result.success() : Result.failure("上传失败");
-    }
-
-
-
-    @ApiOperation("Map表单上传多文件,指定保存路径，需要用postman测试")
-    @PostMapping("uploads")
-    public Result uploads(@RequestParam Map<String, MultipartFile> param) {
-        param.forEach((path, file)->{
-
-            if (StringUtils.isBlank(path)) {
-                log.error("保存路径不能为空");
-            }
-
-            if (file == null) {
-                log.error("文件不能为空");
-            }
-
-            path = FILE_PATH + path;
-            log.warn("savePath: {}", path);
-            try {
-                FileUtils.upload(file, path);
-            } catch (IOException e) {
-                e.printStackTrace();
-            }
-
-        });
-
-        return Result.success();
-    }
-
-
-//    @ApiOperation("获取场景码")
-//    @GetMapping("getSceneCode")
-//    public Result getSceneCode() {
-//        String sceneCode = RandomUtils.randowString(9);
-//        sceneCode = "ar_" +sceneCode;
-//
-//        SceneEntity entity = new SceneEntity();
-//        entity.setSceneCode(sceneCode);
-//        entity.setPath(FILE_PATH + sceneCode);
-//
-//        sceneService.save(entity);
-//
-//        return Result.success(entity.getSceneCode());
-//    }
-
-
-    /**
-     * 给算法查询服务器文件位置
-     * m 是场景码
-     */
-//    @ApiOperation("查询服务器文件夹")
-//    @GetMapping(value = "getFolder")
-//    @ApiImplicitParam(name = "m", value = "场景码", required = true)
-//    public Result getFolder(String m) {
-//        SceneEntity entity = sceneService.findBySceneCode(m);
-//        assert entity != null;
-//        log.info("filePath: {}", entity.getPath());
-//        return Result.success(entity.getPath());
-//    }
 
 
 

gis_web/src/main/java/com/gis/web/controller/BaseController.java

@@ -24,11 +24,6 @@ public class BaseController {
     @Autowired
     private LogService logService;
 
-//    @Autowired
-//    public FileService fileService;
-//
-//    @Autowired
-//    public TypeService typeService;
 
     @Value("${output.file.path}")
     public String OUT_PATH;
@@ -39,28 +34,6 @@ public class BaseController {
     @Value("${oss.domain}")
     public String OSS_DOMAIN;
 
-    /**
-     * 服务器保存文件路径前缀
-     */
-//    @Value("${file.path}")
-    public String FILE_PATH;
-
-    /** 获取用户名*/
-    String getTokenUserName(){
-        String token = getToken();
-        return JwtUtil.getUsername(token);
-    }
-
-    /** 获取用户id*/
-    Long getTokenUserId(){
-        return JwtUtil.getUserId(getToken());
-    }
-
-    /** 获取用户角色*/
-//    String getTokenUserRole(){
-//        return JwtUtil.getUserRole(getToken());
-//    }
-
 
     /**
      * 获取header token

gis_web/src/main/java/com/gis/web/controller/IndexController.java

@@ -4,8 +4,10 @@ import com.gis.common.constant.TypeCode;
 import com.gis.common.util.PasswordUtils;
 import com.gis.common.util.Result;
 import com.gis.domain.po.LogEntity;
+import com.gis.domain.po.SysRoleEntity;
 import com.gis.domain.po.SysUserEntity;
 import com.gis.domain.dto.LoginRequest;
+import com.gis.service.SysRoleService;
 import com.gis.service.SysUserService;
 import com.gis.web.shiro.JwtUtil;
 import io.swagger.annotations.Api;
@@ -46,6 +48,9 @@ public class IndexController extends BaseController {
     private SysUserService userService;
 
     @Autowired
+    private SysRoleService sysRoleService;
+
+    @Autowired
     private RedisTemplate<String, String> redisTemplate;
 
     @ApiOperation("登录")
@@ -71,11 +76,15 @@ public class IndexController extends BaseController {
             return Result.failure("账号已停用");
         }
 
+
+        // 获取用户角色, 目前的设计是一个用户只有一个角色
+//        SysRoleEntity roleEntity = sysRoleService.findUserRoleByUserId(userEntity.getId());
+
         // 创建新token
         HashMap<String, Object> tokenMap = new HashMap<>();
         tokenMap.put("userName", userEntity.getUserName());
         tokenMap.put("id", userEntity.getId());
-//        tokenMap.put("role", userEntity.getRole());
+        tokenMap.put("roleId", userEntity.getRoleId());
 
         // 创建新token
         String token = JwtUtil.createJWT(TOKEN_EXPIRE, tokenMap);
@@ -107,7 +116,7 @@ public class IndexController extends BaseController {
 
 
     @ApiIgnore
-    @GetMapping("test")
+    @GetMapping("admin/test")
     public String test(){
         return LocalDateTime.now().toString();
     }

gis_web/src/main/java/com/gis/web/controller/LogController.java

@@ -28,7 +28,7 @@ import org.springframework.web.bind.annotation.RestController;
 @RestController
 @RequestMapping("manage/log")
 @Transactional
-@RequiresRoles(value = {"sys_admin"}, logical = Logical.OR)
+//@RequiresRoles(value = {"sys_admin"}, logical = Logical.OR)
 public class LogController extends BaseController {
 
     @Autowired

gis_web/src/main/java/com/gis/web/controller/QuestionController.java

@@ -47,8 +47,8 @@ public class QuestionController extends BaseController {
         return Result.success(page);
     }
 
-    @WebControllerLog(description = "题库管理-新增/修改")
-    @ApiOperation("新增/修改")
+    @WebControllerLog(description = "题库管理-新增/修改问题")
+    @ApiOperation("新增/修改问题")
     @PostMapping(value = "save")
     public Result save(@Valid @RequestBody QuestionRequest param)  {
 
@@ -103,10 +103,10 @@ public class QuestionController extends BaseController {
     }
 
 
-    @WebControllerLog(description = "题库管理-更新答案")
+    @WebControllerLog(description = "题库管理-新增/修改答案")
     @ApiOperation("新增/修改答案")
-    @PostMapping("answer/update")
-    public Result updateAnswer(@RequestBody AnswerRequest param) {
+    @PostMapping("answer")
+    public Result answer(@RequestBody AnswerRequest param) {
 
         AnswerEntity entity = null;
 

gis_web/src/main/java/com/gis/web/controller/SysDeptController.java

@@ -1,86 +0,0 @@
-package com.gis.web.controller;
-
-
-import com.gis.common.util.Result;
-import com.gis.domain.po.SysDeptEntity;
-import com.gis.domain.dto.DeptRequest;
-import com.gis.domain.dto.PageRequest;
-import com.gis.service.SysDeptService;
-import com.github.pagehelper.PageInfo;
-import io.swagger.annotations.Api;
-import io.swagger.annotations.ApiOperation;
-import lombok.extern.log4j.Log4j2;
-import org.springframework.beans.BeanUtils;
-import org.springframework.beans.factory.annotation.Autowired;
-import org.springframework.web.bind.annotation.*;
-import springfox.documentation.annotations.ApiIgnore;
-
-import javax.validation.Valid;
-import java.util.Date;
-
-
-/**
- * Created by owen on 2020/2/18 0018 12:17
- *
- * 目前没有使用
- */
-@ApiIgnore
-@Log4j2
-@Api(tags = "部门管理")
-@RestController
-@RequestMapping("manage/dept")
-public class SysDeptController extends BaseController {
-
-    @Autowired
-    private SysDeptService sysDeptService;
-
-
-    @ApiOperation("部门列表")
-    @PostMapping("list")
-    public Result<SysDeptEntity> list(@RequestBody PageRequest param) {
-        startPage(param);
-        PageInfo<SysDeptEntity> page = new PageInfo<>(sysDeptService.findAll());
-        return Result.success(page);
-    }
-
-    @ApiOperation("新增/修改部信息")
-    @PostMapping("save")
-    public Result save(@Valid @RequestBody DeptRequest param) {
-
-        SysDeptEntity entity = null;
-        if (param.getId() == null) {
-            entity = new SysDeptEntity();
-            BeanUtils.copyProperties(param, entity);
-            sysDeptService.save(entity);
-        } else {
-            entity = sysDeptService.findById(param.getId());
-            if (entity == null) {
-                return Result.failure("对象id不存在");
-            }
-
-            BeanUtils.copyProperties(param, entity);
-            entity.setUpdateTime(new Date());
-            sysDeptService.update(entity);
-
-        }
-
-        return Result.success();
-    }
-
-
-    @ApiOperation("删除部门")
-    @GetMapping("removes/{ids}")
-    public Result detail(@PathVariable String ids) {
-        sysDeptService.deleteByIds(ids);
-
-        return Result.success();
-    }
-
-
-
-
-
-
-
-
-}

gis_web/src/main/java/com/gis/web/controller/SysRoleController.java

@@ -3,21 +3,25 @@ package com.gis.web.controller;
 
 import com.gis.common.util.Result;
 import com.gis.domain.po.SysRoleEntity;
-import com.gis.domain.dto.RoleRequest;
+import com.gis.domain.dto.RoleDto;
+import com.gis.domain.vo.UserVo;
 import com.gis.service.SysResourceService;
 import com.gis.service.SysRoleService;
+import com.gis.service.SysUserService;
+import com.gis.service.util.ResourceTree;
+import com.gis.service.util.ResourceTreeUtil;
+import com.gis.web.shiro.JwtUtil;
 import io.swagger.annotations.Api;
 import io.swagger.annotations.ApiOperation;
 import lombok.extern.log4j.Log4j2;
-import org.apache.shiro.authz.annotation.Logical;
-import org.apache.shiro.authz.annotation.RequiresRoles;
 import org.springframework.beans.BeanUtils;
 import org.springframework.beans.factory.annotation.Autowired;
 import org.springframework.web.bind.annotation.*;
-import springfox.documentation.annotations.ApiIgnore;
 
 import javax.validation.Valid;
 import java.util.Date;
+import java.util.HashMap;
+import java.util.List;
 
 
 /**
@@ -25,7 +29,6 @@ import java.util.Date;
  *
  * 目前没有使用
  */
-@ApiIgnore
 @Log4j2
 @Api(tags = "角色管理")
 @RestController
@@ -38,29 +41,30 @@ public class SysRoleController extends BaseController {
     @Autowired
     private SysResourceService sysResourceService;
 
+    @Autowired
+    private SysUserService sysUserService;
+
+
+
 
-    @RequiresRoles(value = {"sys_admin"}, logical = Logical.OR)
+//    @RequiresRoles(value = {"sys_admin"}, logical = Logical.OR)
     @ApiOperation("角色列表")
     @PostMapping("list")
-//    public Result<SysRoleEntity> list(@RequestBody PageRequest param) {
-//        startPage(param);
-//        PageInfo<SysRoleEntity> page = new PageInfo<>(sysRoleService.findAll());
-//        return Result.success(page);
-//    }
     public Result<SysRoleEntity> list() {
         return Result.success(sysRoleService.findAll());
     }
 
-    @RequiresRoles(value = {"sys_admin"}, logical = Logical.OR)
+//    @RequiresRoles(value = {"sys_admin"}, logical = Logical.OR)
     @ApiOperation("新增/修改部信息")
     @PostMapping("save")
-    public Result save(@Valid @RequestBody RoleRequest param) {
+    public Result save(@Valid @RequestBody RoleDto param) {
 
         SysRoleEntity entity = null;
         if (param.getId() == null) {
             entity = new SysRoleEntity();
             BeanUtils.copyProperties(param, entity);
             sysRoleService.save(entity);
+
         } else {
             entity = sysRoleService.findById(param.getId());
             if (entity == null) {
@@ -71,8 +75,17 @@ public class SysRoleController extends BaseController {
             entity.setUpdateTime(new Date());
             sysRoleService.update(entity);
 
+        // 每次修改时，删除角色资源表信息，重新添加
+        sysRoleService.deleteRoleResource(entity.getId());
+
+        }
+
+        // 添加角色资源信息
+        for (long i : param.getResources()) {
+            sysRoleService.saveRoleResource(entity.getId(), i);
         }
 
+
         return Result.success();
     }
 
@@ -98,20 +111,18 @@ public class SysRoleController extends BaseController {
 //    }
 
 
-//    @ApiOperation("角色详情")
-//    @GetMapping("detail/{id}")
-//    public Result detail(@PathVariable Long id) throws Exception {
-//        SysRoleEntity entity = sysRoleService.findById(id);
-//
-//        HashMap<Object, Object> resultMap = new HashMap<>();
-//
-//        List<SysResourceEntity> resource = sysResourceService.findResourceByRoleId(id);
-//
-//        resultMap.put("role", entity);
-//        resultMap.put("resource", resource);
-//
-//        return Result.success(resultMap);
-//    }
+    @ApiOperation("角色详情")
+    @GetMapping("detail/{id}")
+    public Result detail(@PathVariable Long id) throws Exception {
+        SysRoleEntity entity = sysRoleService.findById(id);
+        List<ResourceTree> resourceTrees = sysResourceService.getResourcesByUserPermission(id);
+
+        HashMap<Object, Object> resultMap = new HashMap<>();
+        resultMap.put("role", entity);
+        resultMap.put("resource", resourceTrees);
+
+        return Result.success(resultMap);
+    }
 
 
     @ApiOperation("删除角色")
@@ -122,30 +133,26 @@ public class SysRoleController extends BaseController {
     }
 
 
+    @ApiOperation(value = "获取用户资源", notes = "把所有资源都给回前端，有权限的设置为true")
+    @GetMapping("resourceUser")
+    public Result getResourceUser()  {
+        Long roleId = JwtUtil.getTokenLongValue(getToken(), "roleId");
+        List<ResourceTree> resourceTrees = sysResourceService.getResourcesByUserPermission(roleId);
+        return Result.success(resourceTrees);
+    }
 
-    /**
-     * 可能要改一下resourceKey 的值为sys
-     */
-//    @ApiOperation("获取资源")
-//    @GetMapping("get/resource")
-//    public Result getResource() throws Exception {
-//
-//        Condition condition = new Condition(SysResourceEntity.class);
-//        // 只查询普通角色
-//        condition.and().andNotEqualTo("resourceKey","admin");
-//        List<SysResourceEntity> result = sysResourceService.findAll(condition, "sort desc");
-//        ResourceTreeUtil tree = new ResourceTreeUtil(result);
-//        List<ResourceTree> resourceTrees = tree.buildTree();
-//
-//        return Result.success(resourceTrees);
-//    }
-
-
-
-
-
-
-
+    @ApiOperation(value = "获取全部资源")
+    @GetMapping("resource")
+    public Result getResource()  {
+        ResourceTreeUtil trees = new ResourceTreeUtil(sysResourceService.findAll());
+        return Result.success(trees.buildTree());
+    }
 
 
+    @ApiOperation(value = "角色用户列表")
+    @GetMapping("userList/{id}")
+    public Result userList(@PathVariable Long id)  {
+        List<UserVo> all = sysUserService.findByRoleId(id);
+        return Result.success(all);
+    }
 }

gis_web/src/main/java/com/gis/web/controller/SysUserController.java

@@ -6,7 +6,8 @@ import com.gis.common.util.Result;
 import com.gis.domain.po.SysUserEntity;
 import com.gis.domain.dto.PasswordRequest;
 import com.gis.domain.dto.UserPageRequest;
-import com.gis.domain.dto.UserRequest;
+import com.gis.domain.dto.UserDto;
+import com.gis.domain.vo.UserVo;
 import com.gis.service.SysUserService;
 import com.gis.web.aop.WebControllerLog;
 import com.gis.web.shiro.JwtUtil;
@@ -14,8 +15,6 @@ import com.github.pagehelper.PageInfo;
 import io.swagger.annotations.Api;
 import io.swagger.annotations.ApiOperation;
 import lombok.extern.log4j.Log4j2;
-import org.apache.shiro.authz.annotation.Logical;
-import org.apache.shiro.authz.annotation.RequiresRoles;
 import org.springframework.beans.BeanUtils;
 import org.springframework.beans.factory.annotation.Autowired;
 import org.springframework.data.redis.core.RedisTemplate;
@@ -39,24 +38,25 @@ public class SysUserController extends BaseController {
     @Autowired
     public SysUserService userService;
 
+
     @Autowired
     public RedisTemplate<Object, Object> redisTemplate;
     
 
-    @RequiresRoles(value = {"sys_admin"}, logical = Logical.OR)
+//    @RequiresRoles(value = {"sys_admin"}, logical = Logical.OR)
     @ApiOperation("用户列表")
     @PostMapping("list")
-    public Result<SysUserEntity> list(@RequestBody UserPageRequest param) {
+    public Result<UserVo> list(@RequestBody UserPageRequest param) {
         startPage(param);
-        PageInfo<SysUserEntity> page = new PageInfo<>(userService.findBySearchKey(param));
+        PageInfo<UserVo> page = new PageInfo<>(userService.findBySearchKey(param));
         return Result.success(page);
     }
 
-    @WebControllerLog(description = "用户管理-新增/修改用户信息")
-    @RequiresRoles(value = {"sys_admin"}, logical = Logical.OR)
-    @ApiOperation("新增/修改用户信息")
+    @WebControllerLog(description = "用户管理-新增/修改信息")
+//    @RequiresRoles(value = {"sys_admin"}, logical = Logical.OR)
+    @ApiOperation("新增/修改信息")
     @PostMapping("save")
-    public Result save(@Valid @RequestBody UserRequest param) {
+    public Result save(@Valid @RequestBody UserDto param) {
 
         SysUserEntity user = null;
         if (param.getId() == null) {
@@ -100,7 +100,7 @@ public class SysUserController extends BaseController {
     @PostMapping("updatePwd")
     public Result updatePwd(@Valid @RequestBody PasswordRequest param) {
 
-        SysUserEntity user = userService.findByUserName(JwtUtil.getUsername(getToken()));
+        SysUserEntity user = userService.findByUserName(JwtUtil.getTokenStringValue(getToken(), "userName"));
 
         // 验证原密码
         Boolean isBoolean = PasswordUtils.decrypt(user.getPassword(), param.getOldPassword(), PasswordUtils.getStaticSalt());
@@ -116,7 +116,7 @@ public class SysUserController extends BaseController {
     }
 
     @WebControllerLog(description = "用户管理-重置密码")
-    @RequiresRoles(value = {"sys_admin"}, logical = Logical.OR)
+//    @RequiresRoles(value = {"sys_admin"}, logical = Logical.OR)
     @ApiOperation("重置密码")
     @GetMapping("resetPass/{id}")
     public Result resetPass(@PathVariable Long id) {
@@ -134,7 +134,7 @@ public class SysUserController extends BaseController {
     }
 
     @WebControllerLog(description = "用户管理-启用、停用、注销账户")
-    @RequiresRoles(value = {"sys_admin"}, logical = Logical.OR)
+//    @RequiresRoles(value = {"sys_admin"}, logical = Logical.OR)
     @ApiOperation("启用、停用、注销账户")
     @GetMapping("setStatus/{id}/{status}")
     public Result setStatus(@PathVariable Long id, @PathVariable Integer status) {
@@ -146,10 +146,10 @@ public class SysUserController extends BaseController {
         }
 
         // 管理员账号不能停用
-        if (entity.getSysManager() == 1) {
-            log.error("管理员账户不能停用/注销： {}", id);
-            return Result.failure("管理员账户不能停用/注销");
-        }
+//        if (entity.getSysManager() == 1) {
+//            log.error("管理员账户不能停用/注销： {}", id);
+//            return Result.failure("管理员账户不能停用/注销");
+//        }
 
         entity.setStatus(status);
         entity.setUpdateTime(new Date());
@@ -158,4 +158,7 @@ public class SysUserController extends BaseController {
     }
 
 
+
+
+
 }

gis_web/src/main/java/com/gis/web/controller/WebController.java

@@ -68,7 +68,7 @@ public class WebController extends BaseController {
                     List<AnswerEntity> answers = answerService.findByQuestionId(entity.getId());
                     entity.setAnswers(answers);
                     result.add(entity);
-                    System.out.println("得到的第" + n +"个随du机数为：" + temp + " rtemp:"+r[temp] );
+//                    System.out.println("得到的第" + n +"个随du机数为：" + temp + " rtemp:"+r[temp] );
                     n ++;
                     // 修改下标值
                     r[temp] = true;

gis_web/src/main/java/com/gis/web/shiro/JwtUtil.java

@@ -3,6 +3,7 @@ package com.gis.web.shiro;
 import com.auth0.jwt.JWT;
 import com.auth0.jwt.interfaces.Claim;
 import com.auth0.jwt.interfaces.DecodedJWT;
+import com.gis.common.exception.BaseRuntimeException;
 import io.jsonwebtoken.Claims;
 import io.jsonwebtoken.JwtBuilder;
 import io.jsonwebtoken.Jwts;
@@ -109,38 +110,58 @@ public class JwtUtil {
      *
      * @return token中包含的用户名
      */
-    public static String getUsername(String token) {
-        DecodedJWT jwt = JWT.decode(token);
-        Claim userName = jwt.getClaim("userName");
-        Assert.notNull(userName, "token userName is null ");
-        return userName.asString();
+    public static String getTokenStringValue(String token, String key) {
+        Claim claim = getTokenClaim(token, key);
+        return claim.asString();
+    }
+
+    public static List getTokenListValue(String token, String key) {
+        Claim claim = getTokenClaim(token, key);
+        return claim.as(List.class);
+    }
+
+    public static Long getTokenLongValue(String token, String key) {
+        Claim claim = getTokenClaim(token, key);
+        return claim.asLong();
     }
 
 
-    public static List getUserRole(String token) {
+    private static Claim getTokenClaim(String token, String key) {
         DecodedJWT jwt = JWT.decode(token);
-        Claim role = jwt.getClaim("role");
-        Assert.notNull(role, "token role is null ");
-        return role.as(List.class);
+        Claim claim = jwt.getClaim(key);
+        if (claim == null) {
+            log.error("token key is null : {}", key);
+            throw new BaseRuntimeException("token key is null : " +  key);
+        }
+        return claim;
     }
 
 
+//    public static List getUserRole(String token) {
+//        DecodedJWT jwt = JWT.decode(token);
+//        Claim role = jwt.getClaim("role");
+//        Assert.notNull(role, "token role is null ");
+//        return role.as(List.class);
+//    }
+
+
     public static String createJWT(long ttlMillis, Map<String, Object> paramMap) {
         //指定签名的时候使用的签名算法，也就是header那部分，jjwt已经将这部分内容封装好了。
         SignatureAlgorithm signatureAlgorithm = SignatureAlgorithm.HS256;
 
         String userName = paramMap.get("userName").toString();
 
+        //创建payload的私有声明（根据特定的业务需要添加，如果要拿这个做验证，一般是需要和jwt的接收方提前沟通好验证方式的）
+        Map<String, Object> claims = new HashMap<String, Object>();
+        Set<String> mapKey = paramMap.keySet();
+        for (String key : mapKey) {
+            claims.put(key, paramMap.get(key));
+        }
+
         //生成JWT的时间
         long nowMillis = System.currentTimeMillis();
         Date now = new Date(nowMillis);
 
-        //创建payload的私有声明（根据特定的业务需要添加，如果要拿这个做验证，一般是需要和jwt的接收方提前沟通好验证方式的）
-        Map<String, Object> claims = new HashMap<String, Object>();
-        claims.put("userName", userName);
-        claims.put("id", paramMap.get("id"));
-        claims.put("role", paramMap.get("role"));
-        claims.put("manager", paramMap.get("manager"));
 
         //下面就是在为payload添加各种标准声明和私有声明了
         //这里其实就是new一个JwtBuilder，设置jwt的body
@@ -172,12 +193,12 @@ public class JwtUtil {
     /**
      * 获取用户id
      */
-    public static Long getUserId(String token) {
-        DecodedJWT jwt = JWT.decode(token);
-        Claim id = jwt.getClaim("id");
-        Assert.notNull(id, "token id is null ");
-        return id.asLong();
-    }
+//    public static Long getUserId(String token) {
+//        DecodedJWT jwt = JWT.decode(token);
+//        Claim id = jwt.getClaim("id");
+//        Assert.notNull(id, "token id is null ");
+//        return id.asLong();
+//    }
 
 
     /**
@@ -200,11 +221,11 @@ public class JwtUtil {
         System.out.println(exp);
     }
 
-    public static void test2() {
-        String token = "eyJhbGciOiJIUzI1NiJ9.eyJzdWIiOiJhZG1pbiIsInJvbGUiOlsiYWRtaW4iLCJyb290Il0sImlkIjoxLCJ1c2VyTmFtZSI6ImFkbWluIiwiaWF0IjoxNTgzODA5MzkzLCJqdGkiOiJkNjZiZTFkYi00MTQ0LTQxMTYtYTNlNi01ZDBjNjhlNTI3ODAifQ.-4AdsVP2RwmPS2grtO4aC8ov9PwkilzaGdThGetBJok";
-        System.out.println(getUserRole(token));
-
-    }
+//    public static void test2() {
+//        String token = "eyJhbGciOiJIUzI1NiJ9.eyJzdWIiOiJhZG1pbiIsInJvbGUiOlsiYWRtaW4iLCJyb290Il0sImlkIjoxLCJ1c2VyTmFtZSI6ImFkbWluIiwiaWF0IjoxNTgzODA5MzkzLCJqdGkiOiJkNjZiZTFkYi00MTQ0LTQxMTYtYTNlNi01ZDBjNjhlNTI3ODAifQ.-4AdsVP2RwmPS2grtO4aC8ov9PwkilzaGdThGetBJok";
+//        System.out.println(getUserRole(token));
+//
+//    }
 
     public static void test3() {
         HashMap<String, Object> map = new HashMap<>();
@@ -232,10 +253,10 @@ public class JwtUtil {
     }
 
 //    @Test
-    public void test1(){
-        String token = "eyJhbGciOiJIUzI1NiJ9.eyJzdWIiOiJhZG1pbiIsInJvbGUiOm51bGwsIm1hbmFnZXIiOm51bGwsImlkIjoxLCJ1c2VyTmFtZSI6ImFkbWluIiwiaWF0IjoxNTkwNzIzMDg3LCJqdGkiOiJmMzk5ODg1NC0xYTU3LTQzNmYtYmEwMC04MmVkNDZlOWJlMWYifQ.G6Or9DmW32_Q3pKGB1WCrTZgpRWQhUnZ1043gggEj1M";
-        String username = getUsername(token);
-        System.out.println(username);
-    }
+//    public void test1(){
+//        String token = "eyJhbGciOiJIUzI1NiJ9.eyJzdWIiOiJhZG1pbiIsInJvbGUiOm51bGwsIm1hbmFnZXIiOm51bGwsImlkIjoxLCJ1c2VyTmFtZSI6ImFkbWluIiwiaWF0IjoxNTkwNzIzMDg3LCJqdGkiOiJmMzk5ODg1NC0xYTU3LTQzNmYtYmEwMC04MmVkNDZlOWJlMWYifQ.G6Or9DmW32_Q3pKGB1WCrTZgpRWQhUnZ1043gggEj1M";
+//        String username = getUsername(token);
+//        System.out.println(username);
+//    }
 
 }

gis_web/src/main/java/com/gis/web/shiro/MyRealm.java

@@ -1,7 +1,10 @@
 package com.gis.web.shiro;
 
+import com.gis.common.constant.TypeCode;
 import com.gis.common.exception.JwtAuthenticationException;
+import com.gis.domain.po.SysResourceEntity;
 import com.gis.domain.po.SysUserEntity;
+import com.gis.service.SysResourceService;
 import com.gis.service.SysRoleService;
 import com.gis.service.SysUserService;
 import lombok.extern.log4j.Log4j2;
@@ -18,6 +21,10 @@ import org.springframework.beans.factory.annotation.Autowired;
 import org.springframework.data.redis.core.RedisTemplate;
 import org.springframework.stereotype.Service;
 
+import java.util.HashSet;
+import java.util.List;
+import java.util.Set;
+
 /**
  * 配置不校验的话，是不会走这个方法的
  */
@@ -36,6 +43,9 @@ public class MyRealm extends AuthorizingRealm {
     @Autowired
     private SysRoleService sysRoleService;
 
+    @Autowired
+    private SysResourceService sysResourceService;
+
 
 
     /**
@@ -56,19 +66,33 @@ public class MyRealm extends AuthorizingRealm {
      */
     @Override
     protected AuthorizationInfo doGetAuthorizationInfo(PrincipalCollection principals) {
-        String username = JwtUtil.getUsername(principals.toString());
-
-        SysUserEntity dbUserEntity = userService.findByUserName(username);
+        String token = principals.toString();
 
         SimpleAuthorizationInfo simpleAuthorizationInfo = new SimpleAuthorizationInfo();
 
+        // 获取用户权限
+        Set<String> permissions = new HashSet<>();
 
-//        SysRoleEntity roleEntity = sysRoleService.findUserRoleByUserId(dbUserEntity.getId());
-//        Assert.notNull(roleEntity, "用户角色不存在");
+
+
+
+//        List<SysResourceEntity> all = null;
         // 设置角色、权限
-        if (dbUserEntity.getSysManager() == 1) {
-            simpleAuthorizationInfo.addRole("sys_admin");
+//        if (dbUserEntity.getSysManager() == 1) {
+//            all = sysResourceService.findAll();
+//        } else {
+//            Long roleId = JwtUtil.getTokenLongValue(token, "roleId");
+//            all = sysResourceService.findResourceByRoleId(roleId);
+//
+//        }
+
+        Long roleId = JwtUtil.getTokenLongValue(token, "roleId");
+        List<SysResourceEntity> all = sysResourceService.findResourceByRoleId(roleId);
+
+        for (SysResourceEntity i : all) {
+            permissions.add(i.getResourceKey());
         }
+        simpleAuthorizationInfo.addStringPermissions(permissions);
         return simpleAuthorizationInfo;
     }
 
@@ -87,7 +111,7 @@ public class MyRealm extends AuthorizingRealm {
 
 
         // 解密获得username，用于和数据库进行对比
-        String username = JwtUtil.getUsername(token);
+        String username = JwtUtil.getTokenStringValue(token, "userName");
         if (username == null) {
             log.error("error token username");
             throw new JwtAuthenticationException(5001, "token invalid");
@@ -100,12 +124,12 @@ public class MyRealm extends AuthorizingRealm {
         }
 
         // 校验请求token是否跟redis token一致
-//        String redisToken = redisTemplate.opsForValue().get(TypeCode.REDIS_TOKEN + token);
-//        if (!token.equals(redisToken)) {
-//            log.error("redis token is null");
-//            throw new JwtAuthenticationException(5001, "redis token is null");
-//
-//        }
+        String redisToken = redisTemplate.opsForValue().get(TypeCode.REDIS_LOGIN_TOKEN + token);
+        if (!token.equals(redisToken)) {
+            log.error("redis token is null");
+            throw new JwtAuthenticationException(5001, "redis token is null");
+
+        }
 
 
         if (! JwtUtil.isVerify(token, username)) {