| src/main/java/com/ruoyi/common/constant/Constants.java | ●●●●● 补丁 | 查看 | 原始文档 | blame | 历史 | |
| src/main/java/com/ruoyi/common/utils/SecurityUtils.java | ●●●●● 补丁 | 查看 | 原始文档 | blame | 历史 | |
| src/main/java/com/ruoyi/common/utils/StringUtils.java | ●●●●● 补丁 | 查看 | 原始文档 | blame | 历史 | |
| src/main/java/com/ruoyi/framework/security/service/PermissionService.java | ●●●●● 补丁 | 查看 | 原始文档 | blame | 历史 |
src/main/java/com/ruoyi/common/constant/Constants.java
@@ -63,6 +63,26 @@ * 登录失败 */ public static final String LOGIN_FAIL = "Error"; /** * 所有权限标识 */ public static final String ALL_PERMISSION = "*:*:*"; /** * 管理员角色权限标识 */ public static final String SUPER_ADMIN = "admin"; /** * 角色权限分隔符 */ public static final String ROLE_DELIMETER = ","; /** * 权限标识分隔符 */ public static final String PERMISSION_DELIMETER = ","; /** * 验证码有效期(分钟) src/main/java/com/ruoyi/common/utils/SecurityUtils.java
@@ -1,11 +1,17 @@ package com.ruoyi.common.utils; import java.util.Collection; import java.util.List; import java.util.stream.Collectors; import org.springframework.security.core.Authentication; import org.springframework.security.core.context.SecurityContextHolder; import org.springframework.security.crypto.bcrypt.BCryptPasswordEncoder; import org.springframework.util.PatternMatchUtils; import com.ruoyi.common.constant.Constants; import com.ruoyi.common.constant.HttpStatus; import com.ruoyi.common.exception.ServiceException; import com.ruoyi.framework.security.LoginUser; import com.ruoyi.project.system.domain.SysRole; /** * 安全服务工具类 @@ -118,4 +124,54 @@ { return userId != null && 1L == userId; } /** * 验证用户是否具备某权限 * * @param permission 权限字符串 * @return 用户是否具备某权限 */ public static boolean hasPermi(String permission) { return hasPermi(getLoginUser().getPermissions(), permission); } /** * 判断是否包含权限 * * @param authorities 权限列表 * @param permission 权限字符串 * @return 用户是否具备某权限 */ public static boolean hasPermi(Collection<String> authorities, String permission) { return authorities.stream().filter(StringUtils::hasText) .anyMatch(x -> Constants.ALL_PERMISSION.contains(x) || PatternMatchUtils.simpleMatch(x, permission)); } /** * 验证用户是否拥有某个角色 * * @param role 角色标识 * @return 用户是否具备某角色 */ public static boolean hasRole(String role) { List<SysRole> roleList = getLoginUser().getUser().getRoles(); Collection<String> roles = roleList.stream().map(SysRole::getRoleKey).collect(Collectors.toSet()); return hasRole(roles, role); } /** * 判断是否包含角色 * * @param roles 角色列表 * @param role 角色 * @return 用户是否具备某角色权限 */ public static boolean hasRole(Collection<String> roles, String role) { return roles.stream().filter(StringUtils::hasText) .anyMatch(x -> Constants.SUPER_ADMIN.contains(x) || PatternMatchUtils.simpleMatch(x, role)); } } src/main/java/com/ruoyi/common/utils/StringUtils.java
@@ -241,6 +241,30 @@ } /** * 判断是否为空,并且不是空白字符 * * @param str 要判断的value * @return 结果 */ public static boolean hasText(String str) { return (str != null && !str.isEmpty() && containsText(str)); } private static boolean containsText(CharSequence str) { int strLen = str.length(); for (int i = 0; i < strLen; i++) { if (!Character.isWhitespace(str.charAt(i))) { return true; } } return false; } /** * 格式化文本, {} 表示占位符<br> * 此方法只是简单将占位符 {} 按照顺序替换为参数<br> * 如果想输出 {} 使用 \\转义 { 即可,如果想输出 {} 之前的 \ 使用双转义符 \\\\ 即可<br> src/main/java/com/ruoyi/framework/security/service/PermissionService.java
@@ -3,6 +3,7 @@ import java.util.Set; import org.springframework.stereotype.Service; import org.springframework.util.CollectionUtils; import com.ruoyi.common.constant.Constants; import com.ruoyi.common.utils.SecurityUtils; import com.ruoyi.common.utils.StringUtils; import com.ruoyi.framework.security.LoginUser; @@ -17,16 +18,6 @@ @Service("ss") public class PermissionService { /** 所有权限标识 */ private static final String ALL_PERMISSION = "*:*:*"; /** 管理员角色权限标识 */ private static final String SUPER_ADMIN = "admin"; private static final String ROLE_DELIMETER = ","; private static final String PERMISSION_DELIMETER = ","; /** * 验证用户是否具备某权限 * @@ -78,7 +69,7 @@ } PermissionContextHolder.setContext(permissions); Set<String> authorities = loginUser.getPermissions(); for (String permission : permissions.split(PERMISSION_DELIMETER)) for (String permission : permissions.split(Constants.PERMISSION_DELIMETER)) { if (permission != null && hasPermissions(authorities, permission)) { @@ -108,7 +99,7 @@ for (SysRole sysRole : loginUser.getUser().getRoles()) { String roleKey = sysRole.getRoleKey(); if (SUPER_ADMIN.equals(roleKey) || roleKey.equals(StringUtils.trim(role))) if (Constants.SUPER_ADMIN.equals(roleKey) || roleKey.equals(StringUtils.trim(role))) { return true; } @@ -144,7 +135,7 @@ { return false; } for (String role : roles.split(ROLE_DELIMETER)) for (String role : roles.split(Constants.ROLE_DELIMETER)) { if (hasRole(role)) { @@ -163,6 +154,6 @@ */ private boolean hasPermissions(Set<String> permissions, String permission) { return permissions.contains(ALL_PERMISSION) || permissions.contains(StringUtils.trim(permission)); return permissions.contains(Constants.ALL_PERMISSION) || permissions.contains(StringUtils.trim(permission)); } }
