|
|
@@ -9,6 +9,8 @@ import org.apache.shiro.authc.UnknownAccountException;
|
|
|
import org.apache.shiro.authc.UsernamePasswordToken;
|
|
|
import org.apache.shiro.authz.annotation.RequiresAuthentication;
|
|
|
import org.apache.shiro.subject.Subject;
|
|
|
+import org.linlinjava.litemall.admin.util.Permission;
|
|
|
+import org.linlinjava.litemall.admin.util.PermissionUtil;
|
|
|
import org.linlinjava.litemall.core.util.JacksonUtil;
|
|
|
import org.linlinjava.litemall.core.util.ResponseUtil;
|
|
|
import org.linlinjava.litemall.db.domain.LitemallAdmin;
|
|
|
@@ -16,6 +18,7 @@ import org.linlinjava.litemall.db.service.LitemallAdminService;
|
|
|
import org.linlinjava.litemall.db.service.LitemallPermissionService;
|
|
|
import org.linlinjava.litemall.db.service.LitemallRoleService;
|
|
|
import org.springframework.beans.factory.annotation.Autowired;
|
|
|
+import org.springframework.context.ApplicationContext;
|
|
|
import org.springframework.util.StringUtils;
|
|
|
import org.springframework.validation.annotation.Validated;
|
|
|
import org.springframework.web.bind.annotation.*;
|
|
|
@@ -89,10 +92,44 @@ public class AdminAuthController {
|
|
|
Set<String> roles = roleService.queryByIds(roleIds);
|
|
|
Set<String> permissions = permissionService.queryByRoleIds(roleIds);
|
|
|
data.put("roles", roles);
|
|
|
- data.put("perms", permissions);
|
|
|
+ // NOTE
|
|
|
+ // 这里需要转换perms结构,因为对于前端而已API形式的权限更容易理解
|
|
|
+ data.put("perms", toAPI(permissions));
|
|
|
return ResponseUtil.ok(data);
|
|
|
}
|
|
|
|
|
|
+ @Autowired
|
|
|
+ private ApplicationContext context;
|
|
|
+ private HashMap<String, String> systemPermissionsMap = null;
|
|
|
+
|
|
|
+ private Collection<String> toAPI(Set<String> permissions) {
|
|
|
+ if (systemPermissionsMap == null) {
|
|
|
+ systemPermissionsMap = new HashMap<>();
|
|
|
+ final String basicPackage = "org.linlinjava.litemall.admin";
|
|
|
+ List<Permission> systemPermissions = PermissionUtil.listPermission(context, basicPackage);
|
|
|
+ for (Permission permission : systemPermissions) {
|
|
|
+ String perm = permission.getRequiresPermissions().value()[0];
|
|
|
+ String api = permission.getApi();
|
|
|
+ systemPermissionsMap.put(perm, api);
|
|
|
+ }
|
|
|
+ }
|
|
|
+
|
|
|
+ Collection<String> apis = new HashSet<>();
|
|
|
+ for (String perm : permissions) {
|
|
|
+ String api = systemPermissionsMap.get(perm);
|
|
|
+ apis.add(api);
|
|
|
+
|
|
|
+ if (perm.equals("*")) {
|
|
|
+ apis.clear();
|
|
|
+ apis.add("*");
|
|
|
+ return apis;
|
|
|
+// return systemPermissionsMap.values();
|
|
|
+
|
|
|
+ }
|
|
|
+ }
|
|
|
+ return apis;
|
|
|
+ }
|
|
|
+
|
|
|
@GetMapping("/401")
|
|
|
public Object page401() {
|
|
|
return ResponseUtil.unlogin();
|
Junling Bu