增加部分权限校验

src/main/java/com/winhc/repal/annotation/RolePermission.java

@@ -0,0 +1,25 @@
+package com.winhc.repal.annotation;
+
+import java.lang.annotation.*;
+
+/**
+ * @Description: Permission
+ * @Author: xda
+ * @Date: 2022/4/28 14:16
+ */
+@Target(ElementType.METHOD)
+@Retention(RetentionPolicy.RUNTIME)
+@Documented
+public @interface RolePermission {
+
+//    /**
+//     * 权限codeList
+//     */
+//    String[] permission() default {};
+
+    /**
+     * 权限code
+     */
+    String permission();
+
+}

src/main/java/com/winhc/repal/config/ControllerAspect.java

@@ -1,8 +1,15 @@
-package com.winhc.repal.config;
+package com.winhc.repal.aspect;
 
 
 import cn.hutool.core.util.StrUtil;
 import com.alibaba.fastjson.JSON;
+import com.winhc.common.enums.CodeMsg;
+import com.winhc.common.exception.CommonException;
+import com.winhc.repal.annotation.RolePermission;
+import com.winhc.repal.constant.Constant;
+import com.winhc.repal.service.RepalRolePermissionService;
+import com.winhc.repal.util.RedisUtil;
+import com.winhc.repal.util.UserContextUtil;
 import org.aspectj.lang.ProceedingJoinPoint;
 import org.aspectj.lang.Signature;
 import org.aspectj.lang.annotation.Around;
@@ -11,6 +18,8 @@ import org.aspectj.lang.annotation.Pointcut;
 import org.aspectj.lang.reflect.MethodSignature;
 import org.slf4j.Logger;
 import org.slf4j.LoggerFactory;
+import org.springframework.beans.factory.annotation.Autowired;
+import org.springframework.core.annotation.Order;
 import org.springframework.stereotype.Component;
 import org.springframework.web.bind.annotation.*;
 
@@ -23,12 +32,19 @@ import java.lang.reflect.Method;
  */
 @Aspect
 @Component
+@Order(Integer.MIN_VALUE)
 public class ControllerAspect {
 
     private static final long TIME_OUT = 800L;
 
     private static final Logger LOGGER = LoggerFactory.getLogger(ControllerAspect.class);
 
+    @Autowired
+    private RedisUtil redisUtil;
+
+    @Autowired
+    private RepalRolePermissionService repalRolePermissionService;
+
     @Pointcut("execution(* com.winhc.repal.controller.*Controller.*(..))")
     public void validAspect() {
 
@@ -72,6 +88,21 @@ public class ControllerAspect {
                 mappingRoute.append(((DeleteMapping) a).value().length > 0 ? ((DeleteMapping) a).value()[0] : ((DeleteMapping) a).path()[0]);
                 methodName = "DELETE";
             }
+            if (a instanceof RolePermission) {
+                // 获取注解的值
+                String userKey = Constant.USER_PERMISSION_KEY + UserContextUtil.getUser().getUserId();
+                if (redisUtil.hasKey(userKey)) {
+                    if (!redisUtil.sIsMember(userKey, ((RolePermission)a).permission())) {
+                        LOGGER.error("user permission error, ======>>>>>>userId:[{}], ======>>>>>>permissionCode:[{}]", UserContextUtil.getUser().getUserId(), ((RolePermission)a).permission());
+                        throw new CommonException(CodeMsg.FAILED, "没有相关权限");
+                    }
+                } else {
+                    if (!repalRolePermissionService.checkUserPermission(UserContextUtil.getUser().getUserId(), ((RolePermission)a).permission())) {
+                        LOGGER.error("user permission error, ======>>>>>>userId:[{}], ======>>>>>>permissionCode:[{}]", UserContextUtil.getUser().getUserId(), ((RolePermission)a).permission());
+                        throw new CommonException(CodeMsg.FAILED, "没有相关权限");
+                    }
+                }
+            }
         }
         String requestInfo = "======>>>>>>requestInfo:" + mappingRoute + ",method:[" + methodName + "]" + "(" + StrUtil.repeatAndJoin("{}", params.length, ",") + ")";
         LOGGER.info(requestInfo, params);

src/main/java/com/winhc/repal/config/BeanConfig.java

@@ -13,6 +13,7 @@ import org.springframework.context.annotation.Bean;
 import org.springframework.context.annotation.Configuration;
 import org.springframework.data.redis.connection.RedisConnectionFactory;
 import org.springframework.data.redis.core.RedisTemplate;
+import org.springframework.data.redis.core.StringRedisTemplate;
 import org.springframework.data.redis.serializer.StringRedisSerializer;
 import springfox.documentation.builders.ApiInfoBuilder;
 import springfox.documentation.builders.PathSelectors;
@@ -85,20 +86,18 @@ public class BeanConfig {
     }
 
     @Bean
-    public RedisTemplate<String, Object> redisTemplate(RedisConnectionFactory factory) {
-        RedisTemplate<String, Object> redisTemplate = new RedisTemplate<>();
-        redisTemplate.setConnectionFactory(factory);
-        // fastjson
-        FastJsonRedisSerializer<String> fastJsonRedisSerializer = new FastJsonRedisSerializer<>(String.class);
-        // value
-        redisTemplate.setValueSerializer(fastJsonRedisSerializer);
-        redisTemplate.setHashValueSerializer(fastJsonRedisSerializer);
+    public StringRedisTemplate stringRedisTemplate(RedisConnectionFactory factory) {
+        StringRedisTemplate stringRedisTemplate = new StringRedisTemplate();
+        stringRedisTemplate.setConnectionFactory(factory);
         // key
         StringRedisSerializer stringRedisSerializer = new StringRedisSerializer();
-        redisTemplate.setKeySerializer(stringRedisSerializer);
-        redisTemplate.setHashKeySerializer(stringRedisSerializer);
-        redisTemplate.afterPropertiesSet();
-        return redisTemplate;
+        // value
+        stringRedisTemplate.setValueSerializer(stringRedisSerializer);
+        stringRedisTemplate.setHashValueSerializer(stringRedisSerializer);
+        stringRedisTemplate.setKeySerializer(stringRedisSerializer);
+        stringRedisTemplate.setHashKeySerializer(stringRedisSerializer);
+        stringRedisTemplate.afterPropertiesSet();
+        return stringRedisTemplate;
     }
 
     @Value("${spring.application.name}")

src/main/java/com/winhc/repal/config/CharlesRequestInterceptor.java

@@ -23,7 +23,7 @@ public class CharlesRequestInterceptor implements RequestInterceptor {
     @Override
     public void apply(RequestTemplate template) {
         // feign 不支持 GET 方法传 POJO, json body转query
-        if ("GET".equals(template.method()) && template.body() != null) {
+        if ("GET".equals(template.method()) && template.requestBody() != null) {
             try {
                 JsonNode jsonNode = objectMapper.readTree(template.body());
 

src/main/java/com/winhc/repal/constant/Constant.java

@@ -0,0 +1,16 @@
+package com.winhc.repal.constant;
+
+/**
+ * @Description: Constant
+ * @Author: xda
+ * @Date: 2022/4/28 15:04
+ */
+public class Constant {
+
+    /**
+     *  用户权限code
+     */
+    public static final String USER_PERMISSION_KEY = "winhc:repal:userPermission:";
+
+
+}

src/main/java/com/winhc/repal/controller/RepalBillController.java

@@ -2,11 +2,10 @@ package com.winhc.repal.controller;
 
 import com.winhc.common.base.BeanResponse;
 import com.winhc.common.enums.CodeMsg;
-import com.winhc.common.model.base.VOPage;
+import com.winhc.repal.annotation.RolePermission;
 import com.winhc.repal.model.dto.*;
 import com.winhc.repal.model.vo.RepalBillDetailVO;
 import com.winhc.repal.model.vo.RepalBillInfoVO;
-import com.winhc.repal.model.vo.RepalBillPageVO;
 import com.winhc.repal.service.RepalBillService;
 import io.swagger.annotations.Api;
 import io.swagger.annotations.ApiOperation;

src/main/java/com/winhc/repal/model/bo/UserContextBO.java

@@ -20,8 +20,17 @@ public class UserContextBO {
 
     private String appPackageName;
 
+//    /**
+//     *  是否超级管理员
+//     */
+//    private Boolean root;
+
 
     public static UserContextBO builderBO(Long userId, String appVersion, String appPackageName) {
         return new UserContextBO(userId, appVersion, appPackageName);
     }
+//
+//    public static UserContextBO builderBO(Long userId, String appVersion, String appPackageName, Boolean root) {
+//        return new UserContextBO(userId, appVersion, appPackageName, root);
+//    }
 }

src/main/java/com/winhc/repal/repository/RepalRolePermissionMapper.java

@@ -2,12 +2,27 @@ package com.winhc.repal.repository;
 
 import com.winhc.repal.entity.RepalRolePermission;
 import com.baomidou.mybatisplus.core.mapper.BaseMapper;
+import org.springframework.stereotype.Repository;
+
+import java.util.Set;
 
 /**
  * @description RepalRolePermission Mapper 接口
  * @author Generator
  * @date 2022-04-13
  */
+@Repository
 public interface RepalRolePermissionMapper extends BaseMapper<RepalRolePermission> {
 
+
+    /**
+     * 获取用户所有的权限code集合
+     * @param userId userId
+     * @return java.util.Set<java.lang.String>
+     * @author xda
+     * @date 2022/4/28 17:45
+     */
+    Set<String> getUserPermissionCodeSet(Long userId);
+
+
 }

src/main/java/com/winhc/repal/service/RepalRolePermissionService.java

@@ -3,6 +3,8 @@ package com.winhc.repal.service;
 import com.baomidou.mybatisplus.extension.service.IService;
 import com.winhc.repal.entity.RepalRolePermission;
 
+import java.util.Set;
+
 
 /**
  * @description RepalRolePermission 接口类
@@ -12,5 +14,33 @@ import com.winhc.repal.entity.RepalRolePermission;
 public interface RepalRolePermissionService extends IService<RepalRolePermission> {
 
 
+    /**
+     * 校验用户权限
+     * @param userId userId
+     * @param code code
+     * @return boolean
+     * @author xda
+     * @date 2022/4/28 17:54
+     */
+    Boolean checkUserPermission(Long userId, String code);
+
+    /**
+     * 获取用户权限集合
+     * @param userId userId
+     * @return java.util.Set<java.lang.String>
+     * @author xda
+     * @date 2022/4/28 16:32
+     */
+    Set<String> getUserPermissionCodeSet(Long userId);
+
+    /**
+     * 用户权限放入redis
+     * @param userId userId
+     * @param codeSet codeSet
+     * @return java.lang.Boolean
+     * @author xda
+     * @date 2022/4/28 17:13
+     */
+    Boolean processUserPermissionCache(Long userId, Set<String> codeSet);
 
 }

src/main/java/com/winhc/repal/service/impl/RepalBillServiceImpl.java

@@ -95,6 +95,13 @@ public class RepalBillServiceImpl extends ServiceImpl<RepalBillMapper, RepalBill
         voPage.setPageSize(dto.getPageSize());
         voPage.setPageNum(dto.getPageNum());
         RepalBillInfoVO infoVO = new RepalBillInfoVO();
+        //infoVO.setTotalOverdueCount();
+        //infoVO.setTotalOverdueStr();
+
+        //infoVO.setTotalReceivableCount();
+        //infoVO.setTotalReceivableStr();
+
+
         // 管理员查看所有   todo
         LOGGER.info("角色:[]");
         Page<RepalBill> repalBillPage = new Page<>(dto.getPageNum(),dto.getPageSize());

src/main/java/com/winhc/repal/service/impl/RepalRolePermissionServiceImpl.java

@@ -1,11 +1,18 @@
 package com.winhc.repal.service.impl;
 
+import cn.hutool.core.collection.CollUtil;
 import com.baomidou.mybatisplus.extension.service.impl.ServiceImpl;
+import com.winhc.repal.constant.Constant;
 import com.winhc.repal.entity.RepalRolePermission;
 import com.winhc.repal.repository.RepalRolePermissionMapper;
 import com.winhc.repal.service.RepalRolePermissionService;
+import com.winhc.repal.util.RedisUtil;
+import org.springframework.beans.factory.annotation.Autowired;
 import org.springframework.stereotype.Service;
 
+import java.util.Set;
+import java.util.concurrent.TimeUnit;
+
 /**
  * @description RepalRolePermission 接口实现类
  * @author Generator
@@ -14,5 +21,32 @@ import org.springframework.stereotype.Service;
 @Service
 public class RepalRolePermissionServiceImpl extends ServiceImpl<RepalRolePermissionMapper, RepalRolePermission> implements RepalRolePermissionService {
 
+    @Autowired
+    private RedisUtil redisUtil;
+
+    @Autowired
+    private RepalRolePermissionMapper repalRolePermissionMapper;
+
+
+    @Override
+    public Boolean checkUserPermission(Long userId, String code) {
+        return getUserPermissionCodeSet(userId).contains(code);
+    }
+
+    @Override
+    public Set<String> getUserPermissionCodeSet(Long userId) {
+        Set<String> codeSet = redisUtil.setMembers(Constant.USER_PERMISSION_KEY + userId);
+        if (CollUtil.isEmpty(codeSet)) {
+            codeSet = repalRolePermissionMapper.getUserPermissionCodeSet(userId);
+            processUserPermissionCache(userId, codeSet);
+        }
+        return codeSet;
+    }
 
+    @Override
+    public Boolean processUserPermissionCache(Long userId, Set<String> codeSet) {
+        redisUtil.sAdd(Constant.USER_PERMISSION_KEY + userId, codeSet.toArray(new String[]{}));
+        redisUtil.expire(Constant.USER_PERMISSION_KEY + userId, 7, TimeUnit.DAYS);
+        return true;
+    }
 }

src/main/java/com/winhc/repal/util/MethodControlUtil.java

@@ -1,72 +0,0 @@
-//package com.winhc.returnmoney.util;
-//
-//import com.winhc.returnmoney.model.bo.AspectRequestBO;
-//import io.swagger.annotations.ApiOperation;
-//import org.aspectj.lang.Signature;
-//import org.aspectj.lang.reflect.MethodSignature;
-//import org.springframework.web.bind.annotation.*;
-//
-//import java.lang.annotation.Annotation;
-//
-///**
-// * @description: controller工具类
-// * @author: yujie
-// * @date 2019.11.27 14:47
-// */
-//public class MethodControlUtil {
-//
-//    /**
-//     * 获取Controller方法信息
-//     * @param signature
-//     * @return
-//     * @throws ClassNotFoundException
-//     */
-//    public static AspectRequestBO getMethod(Signature signature) throws ClassNotFoundException {
-//        String className = signature.getDeclaringTypeName();
-//        // 获取根路径
-//        String parentPath = "";
-//        Class cl = Class.forName(className);
-//        RequestMapping anno = (RequestMapping) cl.getAnnotation(RequestMapping.class);
-//        if (anno != null) {
-//            parentPath = getValues(anno.value());
-//        }
-//        // 获取请求方式
-//        MethodSignature methodSignature = (MethodSignature) signature;
-//        Annotation[] annotations = methodSignature.getMethod().getDeclaredAnnotations();
-//        String path = "",method="",des="";
-//        if (annotations != null) {
-//            for (Annotation n:annotations) {
-//                if (n instanceof GetMapping) {
-//                    GetMapping gn = (GetMapping)n;
-//                    path = parentPath + getValues(gn.value());
-//                    method = "GET";
-//                } else if (n instanceof PostMapping) {
-//                    PostMapping gn = (PostMapping)n;
-//                    path = parentPath + getValues(gn.value());
-//                    method = "POST";
-//                } else if (n instanceof PutMapping) {
-//                    PutMapping gn = (PutMapping)n;
-//                    path = parentPath + getValues(gn.value());
-//                    method = "PUT";
-//                } else if (n instanceof DeleteMapping) {
-//                    DeleteMapping gn = (DeleteMapping)n;
-//                    path = parentPath + getValues(gn.value());
-//                    method = "DELETE";
-//                }
-//                if (n instanceof ApiOperation) {
-//                    ApiOperation an = (ApiOperation)n;
-//                    des = an.value();
-//                }
-//            }
-//        }
-//        return new AspectRequestBO(method,path,des);
-//    }
-//
-//    private static String getValues(String[] values) {
-//        StringBuilder builder = new StringBuilder();
-//        for (String v : values) {
-//            builder.append(v);
-//        }
-//        return builder.toString();
-//    }
-//}

src/main/resources/mapper/RepalRolePermissionMapper.xml

@@ -2,4 +2,13 @@
 <!DOCTYPE mapper PUBLIC "-//mybatis.org//DTD Mapper 3.0//EN" "http://mybatis.org/dtd/mybatis-3-mapper.dtd">
 <mapper namespace="com.winhc.repal.repository.RepalRolePermissionMapper">
 
+
+    <select id="getUserPermissionCodeSet" parameterType="java.lang.Long" resultType="java.lang.String">
+        SELECT DISTINCT permission.PERMISSION_CODE FROM REPAL_GROUP_MEMBER AS member
+        LEFT JOIN REPAL_GROUP_ROLE AS groupRole ON groupRole.REPAL_GROUP_ID = member.REPAL_GROUP_ID
+        LEFT JOIN REPAL_ROLE_PERMISSION AS permission ON permission.REPAL_GROUP_ROLE_ID = groupRole.ID
+        WHERE member.USER_ID = #{userId}
+    </select>
+
+
 </mapper>