forked from apache/shenyu
-
Notifications
You must be signed in to change notification settings - Fork 0
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
[apache#1255] data permission complete (apache#1349)
* add data_permission SQL and store userId and userName to token * Use aop to implement data permission interception * modify aop * delete Slf4j * install complete * merged data permission mvc code merged data permission mvc code * modify data permission code * modify data permission code * refactor: delete unuse method and split method about data permission * fix: fix unit test pass not pass * modify admin constants * reactor code * merged plutokaito code * feat: create api for query data permissions * feat: refactor create and delete api that included selector/rule data permission * fix bug for empty selector and rule * add selector check data permission * Update fontend resource deal with data access for soul-admin apache#1255 (apache#18) * data permission complete * data permission complete * add user info error code * Update frontend resource with data access for soul-admin apache#1255 (apache#19) * Update fontend resource deal with data access for soul-admin apache#1255 * Update frontend resource with data access for soul-admin apache#1255 * delete common error code 401 * update soul-dashboard * modify code Co-authored-by: kaitoShy <[email protected]> Co-authored-by: fengzhenbing <[email protected]>
- Loading branch information
3 people
authored
Apr 28, 2021
1 parent
9dfdfe7
commit 9130d47
Showing
41 changed files
with
1,465 additions
and
75 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
145 changes: 145 additions & 0 deletions
145
soul-admin/src/main/java/org/dromara/soul/admin/controller/DataPermissionController.java
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,145 @@ | ||
| /* | ||
| * Licensed to the Apache Software Foundation (ASF) under one or more | ||
| * contributor license agreements. See the NOTICE file distributed with | ||
| * this work for additional information regarding copyright ownership. | ||
| * The ASF licenses this file to You under the Apache License, Version 2.0 | ||
| * (the "License"); you may not use this file except in compliance with | ||
| * the License. You may obtain a copy of the License at | ||
| * | ||
| * http://www.apache.org/licenses/LICENSE-2.0 | ||
| * | ||
| * Unless required by applicable law or agreed to in writing, software | ||
| * distributed under the License is distributed on an "AS IS" BASIS, | ||
| * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. | ||
| * See the License for the specific language governing permissions and | ||
| * limitations under the License. | ||
| */ | ||
|
|
||
| package org.dromara.soul.admin.controller; | ||
|
|
||
| import org.dromara.soul.admin.model.dto.DataPermissionDTO; | ||
| import org.dromara.soul.admin.model.page.CommonPager; | ||
| import org.dromara.soul.admin.model.page.PageParameter; | ||
| import org.dromara.soul.admin.model.query.RuleQuery; | ||
| import org.dromara.soul.admin.model.query.SelectorQuery; | ||
| import org.dromara.soul.admin.model.result.SoulAdminResult; | ||
| import org.dromara.soul.admin.model.vo.DataPermissionPageVO; | ||
| import org.dromara.soul.admin.service.DataPermissionService; | ||
| import org.dromara.soul.admin.utils.SoulResultMessage; | ||
| import org.springframework.beans.factory.annotation.Autowired; | ||
| import org.springframework.web.bind.annotation.DeleteMapping; | ||
| import org.springframework.web.bind.annotation.GetMapping; | ||
| import org.springframework.web.bind.annotation.PostMapping; | ||
| import org.springframework.web.bind.annotation.RequestBody; | ||
| import org.springframework.web.bind.annotation.RequestMapping; | ||
| import org.springframework.web.bind.annotation.RequestParam; | ||
| import org.springframework.web.bind.annotation.RestController; | ||
|
|
||
| import java.util.Optional; | ||
|
|
||
|
|
||
| /** | ||
| * this is dataPermission controller. | ||
| * | ||
| * @author kaitoShy | ||
| */ | ||
| @RestController | ||
| @RequestMapping("/data-permission") | ||
| public class DataPermissionController { | ||
|
|
||
| private final DataPermissionService dataPermissionService; | ||
|
|
||
| @Autowired(required = false) | ||
| public DataPermissionController(final DataPermissionService dataPermissionService) { | ||
| this.dataPermissionService = dataPermissionService; | ||
| } | ||
|
|
||
| /** | ||
| * Query paginated selectors with data permission. | ||
| * @param currentPage current page | ||
| * @param pageSize page size | ||
| * @param userId user id | ||
| * @param pluginId plugin id | ||
| * @return {@linkplain SoulAdminResult} | ||
| */ | ||
| @GetMapping("/selector") | ||
| public SoulAdminResult listPageSelectorDataPermissions(@RequestParam("currentPage") final Integer currentPage, | ||
| @RequestParam("pageSize") final Integer pageSize, | ||
| @RequestParam("userId") final String userId, | ||
| @RequestParam("pluginId") final String pluginId) { | ||
| CommonPager<DataPermissionPageVO> selectorList = dataPermissionService.listSelectorsByPage( | ||
| new SelectorQuery(pluginId, new PageParameter(currentPage, pageSize)), userId); | ||
| return SoulAdminResult.success(SoulResultMessage.QUERY_SUCCESS, selectorList); | ||
| } | ||
|
|
||
|
|
||
| /** | ||
| * Query paginated rules with data permission. | ||
| * @param currentPage current page | ||
| * @param pageSize page size | ||
| * @param userId user id | ||
| * @param selectorId selector id | ||
| * @return {@linkplain SoulAdminResult} | ||
| */ | ||
| @GetMapping("/rules") | ||
| public SoulAdminResult listPageRuleDataPermissions(@RequestParam("currentPage") final Integer currentPage, | ||
| @RequestParam("pageSize") final Integer pageSize, | ||
| @RequestParam("userId") final String userId, | ||
| @RequestParam("selectorId") final String selectorId) { | ||
| CommonPager<DataPermissionPageVO> selectorList = dataPermissionService.listRulesByPage( | ||
| new RuleQuery(selectorId, new PageParameter(currentPage, pageSize)), userId); | ||
| return SoulAdminResult.success(SoulResultMessage.QUERY_SUCCESS, selectorList); | ||
| } | ||
|
|
||
|
|
||
| /** | ||
| * create selector data permission. | ||
| * @param dataPermissionDTO {@linkplain DataPermissionDTO} | ||
| * @return effect rows count | ||
| */ | ||
| @PostMapping("/selector") | ||
| public SoulAdminResult saveSelector(@RequestBody final DataPermissionDTO dataPermissionDTO) { | ||
| return Optional.ofNullable(dataPermissionDTO) | ||
| .map(item -> SoulAdminResult.success(SoulResultMessage.SAVE_SUCCESS, dataPermissionService.createSelector(dataPermissionDTO))) | ||
| .orElse(SoulAdminResult.error(SoulResultMessage.SAVE_FAILED)); | ||
|
|
||
| } | ||
|
|
||
| /** | ||
| * Delete selector data permission. | ||
| * @param dataPermissionDTO {@linkplain DataPermissionDTO} | ||
| * @return effect rows count | ||
| */ | ||
| @DeleteMapping("/selector") | ||
| public SoulAdminResult deleteSelector(@RequestBody final DataPermissionDTO dataPermissionDTO) { | ||
| return Optional.ofNullable(dataPermissionDTO) | ||
| .map(item -> SoulAdminResult.success(SoulResultMessage.DELETE_SUCCESS, dataPermissionService.deleteSelector(dataPermissionDTO))) | ||
| .orElse(SoulAdminResult.error(SoulResultMessage.DELETE_SUCCESS)); | ||
|
|
||
| } | ||
|
|
||
| /** | ||
| * Delete rule data permission. | ||
| * @param dataPermissionDTO {@linkplain DataPermissionDTO} | ||
| * @return effect rows count | ||
| */ | ||
| @PostMapping("/rule") | ||
| public SoulAdminResult saveRule(@RequestBody final DataPermissionDTO dataPermissionDTO) { | ||
| return Optional.ofNullable(dataPermissionDTO) | ||
| .map(item -> SoulAdminResult.success(SoulResultMessage.SAVE_SUCCESS, dataPermissionService.createRule(dataPermissionDTO))) | ||
| .orElse(SoulAdminResult.error(SoulResultMessage.SAVE_FAILED)); | ||
| } | ||
|
|
||
| /** | ||
| * Delete selector data permission. | ||
| * @param dataPermissionDTO {@linkplain DataPermissionDTO} | ||
| * @return effect rows count | ||
| */ | ||
| @DeleteMapping("/rule") | ||
| public SoulAdminResult deleteRule(@RequestBody final DataPermissionDTO dataPermissionDTO) { | ||
| return Optional.ofNullable(dataPermissionDTO) | ||
| .map(item -> SoulAdminResult.success(SoulResultMessage.DELETE_SUCCESS, dataPermissionService.deleteRule(dataPermissionDTO))) | ||
| .orElse(SoulAdminResult.error(SoulResultMessage.DELETE_SUCCESS)); | ||
|
|
||
| } | ||
| } |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
95 changes: 95 additions & 0 deletions
95
soul-admin/src/main/java/org/dromara/soul/admin/interceptor/DataPermissionInterceptor.java
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,95 @@ | ||
| /* | ||
| * Licensed to the Apache Software Foundation (ASF) under one or more | ||
| * contributor license agreements. See the NOTICE file distributed with | ||
| * this work for additional information regarding copyright ownership. | ||
| * The ASF licenses this file to You under the Apache License, Version 2.0 | ||
| * (the "License"); you may not use this file except in compliance with | ||
| * the License. You may obtain a copy of the License at | ||
| * | ||
| * http://www.apache.org/licenses/LICENSE-2.0 | ||
| * | ||
| * Unless required by applicable law or agreed to in writing, software | ||
| * distributed under the License is distributed on an "AS IS" BASIS, | ||
| * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. | ||
| * See the License for the specific language governing permissions and | ||
| * limitations under the License. | ||
| */ | ||
|
|
||
| package org.dromara.soul.admin.interceptor; | ||
|
|
||
| import lombok.SneakyThrows; | ||
| import org.aspectj.lang.ProceedingJoinPoint; | ||
| import org.aspectj.lang.annotation.Around; | ||
| import org.aspectj.lang.annotation.Aspect; | ||
| import org.aspectj.lang.annotation.Pointcut; | ||
| import org.aspectj.lang.reflect.MethodSignature; | ||
| import org.dromara.soul.admin.interceptor.annotation.DataPermission; | ||
| import org.dromara.soul.admin.model.query.RuleQuery; | ||
| import org.dromara.soul.admin.model.query.SelectorQuery; | ||
| import org.dromara.soul.admin.service.DataPermissionService; | ||
| import org.dromara.soul.admin.utils.JwtUtils; | ||
| import org.dromara.soul.common.constant.AdminConstants; | ||
| import org.springframework.stereotype.Component; | ||
|
|
||
| import java.util.List; | ||
|
|
||
| /** | ||
| * data permission aop interceptor. | ||
| * | ||
| * @author nuo-promise | ||
| */ | ||
| @Aspect | ||
| @Component | ||
| public class DataPermissionInterceptor { | ||
|
|
||
| private final DataPermissionService dataPermissionService; | ||
|
|
||
| public DataPermissionInterceptor(final DataPermissionService dataPermissionService) { | ||
| this.dataPermissionService = dataPermissionService; | ||
| } | ||
|
|
||
| /** | ||
| * define data permission aop point cut. | ||
| */ | ||
| @Pointcut("@annotation(org.dromara.soul.admin.interceptor.annotation.DataPermission)") | ||
| public void dataPermissionCut() { } | ||
|
|
||
|
|
||
| /** | ||
| * Real method processing around. | ||
| * | ||
| * @param point point {@link ProceedingJoinPoint} | ||
| * @return result {@link Object} | ||
| */ | ||
| @SneakyThrows | ||
| @Around("dataPermissionCut()") | ||
| public Object around(final ProceedingJoinPoint point) { | ||
| return point.proceed(getFilterSQLData(point)); | ||
| } | ||
|
|
||
| /** | ||
| * Organize SQL parameters with data permissions. | ||
| * | ||
| * @param point {@link ProceedingJoinPoint} | ||
| * @return args {@link List} | ||
| */ | ||
| private Object[] getFilterSQLData(final ProceedingJoinPoint point) { | ||
| Object[] args = point.getArgs(); | ||
| List<String> dataPermissionList = dataPermissionService.getDataPermission(JwtUtils.getUserId()); | ||
| if (dataPermissionList.size() > 0) { | ||
| DataPermission dataPermission = ((MethodSignature) point.getSignature()).getMethod().getAnnotation(DataPermission.class); | ||
| if (dataPermission != null && args != null) { | ||
| if (dataPermission.dataType().equals(AdminConstants.DATA_PERMISSION_SELECTOR)) { | ||
| SelectorQuery selectorQuery = (SelectorQuery) args[0]; | ||
| selectorQuery.setFilterIds(dataPermissionList); | ||
| args[0] = selectorQuery; | ||
| } else if (dataPermission.dataType().equals(AdminConstants.DATA_PERMISSION_RULE)) { | ||
| RuleQuery ruleQuery = (RuleQuery) args[0]; | ||
| ruleQuery.setFilterIds(dataPermissionList); | ||
| args[0] = ruleQuery; | ||
| } | ||
| } | ||
| } | ||
| return args; | ||
| } | ||
| } |
41 changes: 41 additions & 0 deletions
41
soul-admin/src/main/java/org/dromara/soul/admin/interceptor/annotation/DataPermission.java
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,41 @@ | ||
| /* | ||
| * Licensed to the Apache Software Foundation (ASF) under one or more | ||
| * contributor license agreements. See the NOTICE file distributed with | ||
| * this work for additional information regarding copyright ownership. | ||
| * The ASF licenses this file to You under the Apache License, Version 2.0 | ||
| * (the "License"); you may not use this file except in compliance with | ||
| * the License. You may obtain a copy of the License at | ||
| * | ||
| * http://www.apache.org/licenses/LICENSE-2.0 | ||
| * | ||
| * Unless required by applicable law or agreed to in writing, software | ||
| * distributed under the License is distributed on an "AS IS" BASIS, | ||
| * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. | ||
| * See the License for the specific language governing permissions and | ||
| * limitations under the License. | ||
| */ | ||
|
|
||
| package org.dromara.soul.admin.interceptor.annotation; | ||
|
|
||
| import java.lang.annotation.ElementType; | ||
| import java.lang.annotation.Retention; | ||
| import java.lang.annotation.RetentionPolicy; | ||
| import java.lang.annotation.Target; | ||
|
|
||
| /** | ||
| * data permission annotation type. | ||
| * | ||
| * @author nuo-promise | ||
| */ | ||
| @Target(ElementType.METHOD) | ||
| @Retention(RetentionPolicy.RUNTIME) | ||
| public @interface DataPermission { | ||
|
|
||
| /** | ||
| * record data type. | ||
| * | ||
| * @return dataType {@link String} | ||
| */ | ||
| String dataType() default ""; | ||
|
|
||
| } |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Oops, something went wrong.