button

src/main/java/com/huiju/estateagents/center/taUser/controller/TaButtonUriMapController.java

@@ -0,0 +1,149 @@
+package com.huiju.estateagents.center.taUser.controller;
+
+import com.baomidou.mybatisplus.core.conditions.query.QueryWrapper;
+import com.baomidou.mybatisplus.core.metadata.IPage;
+import com.baomidou.mybatisplus.extension.plugins.pagination.Page;
+import com.huiju.estateagents.base.BaseController;
+import com.huiju.estateagents.base.ResponseBean;
+import com.huiju.estateagents.center.taUser.entity.TaButtonUriMap;
+import com.huiju.estateagents.center.taUser.service.ITaButtonUriMapService;
+import org.slf4j.Logger;
+import org.slf4j.LoggerFactory;
+import org.springframework.beans.factory.annotation.Autowired;
+import org.springframework.web.bind.annotation.PathVariable;
+import org.springframework.web.bind.annotation.RequestBody;
+import org.springframework.web.bind.annotation.RequestMapping;
+import org.springframework.web.bind.annotation.RequestMethod;
+import org.springframework.web.bind.annotation.RequestParam;
+import org.springframework.web.bind.annotation.ResponseBody;
+import org.springframework.web.bind.annotation.RestController;
+
+/**
+ * <p>
+    * 按钮路由映射表  前端控制器
+    * </p>
+ *
+ * @author jobob
+ * @since 2019-09-26
+ */
+@RestController
+@RequestMapping("/")
+public class TaButtonUriMapController extends BaseController {
+
+    private final Logger logger = LoggerFactory.getLogger(TaButtonUriMapController.class);
+
+    @Autowired
+    public ITaButtonUriMapService iTaButtonUriMapService;
+
+
+    /**
+     * 分页查询列表
+     * @param pageNum
+     * @param pageSize
+     * @return
+     */
+    @RequestMapping(value="/taButtonUriMap",method= RequestMethod.GET)
+    public ResponseBean taButtonUriMapList(@RequestParam(value ="pageNum",defaultValue = "1") Integer pageNum,
+                                           @RequestParam(value ="pageSize",defaultValue = "10") Integer pageSize){
+        ResponseBean responseBean = new ResponseBean();
+        try {
+            //使用分页插件
+		    IPage<TaButtonUriMap> pg = new Page<>(pageNum, pageSize);
+            QueryWrapper<TaButtonUriMap> queryWrapper = new QueryWrapper<>();
+            queryWrapper.orderByDesc("create_date");
+
+            IPage<TaButtonUriMap> result = iTaButtonUriMapService.page(pg, queryWrapper);
+            responseBean.addSuccess(result);
+        }catch (Exception e){
+            e.printStackTrace();
+            logger.error("taButtonUriMapList -=- {}",e.toString());
+            responseBean.addError(e.getMessage());
+        }
+        return responseBean;
+    }
+
+    /**
+     * 保存对象
+     * @param taButtonUriMap 实体对象
+     * @return
+     */
+    @RequestMapping(value="/taButtonUriMap",method= RequestMethod.POST)
+    public ResponseBean taButtonUriMapAdd(@RequestBody TaButtonUriMap taButtonUriMap){
+        ResponseBean responseBean = new ResponseBean();
+        try {
+            if (iTaButtonUriMapService.save(taButtonUriMap)){
+                responseBean.addSuccess(taButtonUriMap);
+            }else {
+                responseBean.addError("fail");
+            }
+        }catch (Exception e){
+            e.printStackTrace();
+            logger.error("taButtonUriMapAdd -=- {}",e.toString());
+            responseBean.addError(e.getMessage());
+        }
+        return responseBean;
+    }
+
+    /**
+     * 根据id删除对象
+     * @param id  实体ID
+     */
+    @ResponseBody
+    @RequestMapping(value="/taButtonUriMap/{id}", method= RequestMethod.DELETE)
+    public ResponseBean taButtonUriMapDelete(@PathVariable Integer id){
+        ResponseBean responseBean = new ResponseBean();
+        try {
+            if(iTaButtonUriMapService.removeById(id)){
+                responseBean.addSuccess("success");
+            }else {
+                responseBean.addError("fail");
+            }
+        }catch (Exception e){
+            e.printStackTrace();
+            logger.error("taButtonUriMapDelete -=- {}",e.toString());
+            responseBean.addError(e.getMessage());
+        }
+        return responseBean;
+    }
+
+    /**
+     * 修改对象
+     * @param id  实体ID
+     * @param taButtonUriMap 实体对象
+     * @return
+     */
+    @RequestMapping(value="/taButtonUriMap/{id}",method= RequestMethod.PUT)
+    public ResponseBean taButtonUriMapUpdate(@PathVariable Integer id,
+                                        @RequestBody TaButtonUriMap taButtonUriMap){
+        ResponseBean responseBean = new ResponseBean();
+        try {
+            if (iTaButtonUriMapService.updateById(taButtonUriMap)){
+                responseBean.addSuccess(taButtonUriMap);
+            }else {
+                responseBean.addError("fail");
+            }
+        }catch (Exception e){
+            e.printStackTrace();
+            logger.error("taButtonUriMapUpdate -=- {}",e.toString());
+            responseBean.addError(e.getMessage());
+        }
+        return responseBean;
+    }
+
+    /**
+     * 根据id查询对象
+     * @param id  实体ID
+     */
+    @RequestMapping(value="/taButtonUriMap/{id}",method= RequestMethod.GET)
+    public ResponseBean taButtonUriMapGet(@PathVariable Integer id){
+        ResponseBean responseBean = new ResponseBean();
+        try {
+            responseBean.addSuccess(iTaButtonUriMapService.getById(id));
+        }catch (Exception e){
+            e.printStackTrace();
+            logger.error("taButtonUriMapDelete -=- {}",e.toString());
+            responseBean.addError(e.getMessage());
+        }
+        return responseBean;
+    }
+}

src/main/java/com/huiju/estateagents/center/taUser/entity/TaButtonUriMap.java

@@ -0,0 +1,40 @@
+package com.huiju.estateagents.center.taUser.entity;
+
+import lombok.Data;
+import lombok.EqualsAndHashCode;
+import lombok.experimental.Accessors;
+
+import java.io.Serializable;
+
+/**
+ * <p>
+ * 按钮路由映射表 
+ * </p>
+ *
+ * @author jobob
+ * @since 2019-09-26
+ */
+@Data
+@EqualsAndHashCode(callSuper = false)
+@Accessors(chain = true)
+public class TaButtonUriMap implements Serializable {
+
+    private static final long serialVersionUID = 1L;
+
+    /**
+     * 按钮
+     */
+    private String buttonCode;
+
+    /**
+     * uri
+     */
+    private String uri;
+
+    /**
+     * 说明
+     */
+    private String remark;
+
+
+}

src/main/java/com/huiju/estateagents/center/taUser/mapper/TaButtonUriMapMapper.java

@@ -0,0 +1,20 @@
+package com.huiju.estateagents.center.taUser.mapper;
+
+import com.baomidou.mybatisplus.core.mapper.BaseMapper;
+import com.huiju.estateagents.center.taUser.entity.TaButtonUriMap;
+import org.apache.ibatis.annotations.Mapper;
+import org.apache.ibatis.annotations.Param;
+
+/**
+ * <p>
+ * 按钮路由映射表  Mapper 接口
+ * </p>
+ *
+ * @author jobob
+ * @since 2019-09-26
+ */
+@Mapper
+public interface TaButtonUriMapMapper extends BaseMapper<TaButtonUriMap> {
+	
+	TaButtonUriMap getByURI(@Param("uri") String uri);
+}

src/main/java/com/huiju/estateagents/center/taUser/service/ITaButtonUriMapService.java

@@ -0,0 +1,17 @@
+package com.huiju.estateagents.center.taUser.service;
+
+import com.baomidou.mybatisplus.extension.service.IService;
+import com.huiju.estateagents.center.taUser.entity.TaButtonUriMap;
+
+/**
+ * <p>
+ * 按钮路由映射表  服务类
+ * </p>
+ *
+ * @author jobob
+ * @since 2019-09-26
+ */
+public interface ITaButtonUriMapService extends IService<TaButtonUriMap> {
+	
+	TaButtonUriMap getByURI(String uri);
+}

src/main/java/com/huiju/estateagents/center/taUser/service/impl/TaButtonUriMapServiceImpl.java

@@ -0,0 +1,28 @@
+package com.huiju.estateagents.center.taUser.service.impl;
+
+import com.baomidou.mybatisplus.extension.service.impl.ServiceImpl;
+import com.huiju.estateagents.center.taUser.entity.TaButtonUriMap;
+import com.huiju.estateagents.center.taUser.mapper.TaButtonUriMapMapper;
+import com.huiju.estateagents.center.taUser.service.ITaButtonUriMapService;
+import org.springframework.beans.factory.annotation.Autowired;
+import org.springframework.stereotype.Service;
+
+/**
+ * <p>
+ * 按钮路由映射表  服务实现类
+ * </p>
+ *
+ * @author jobob
+ * @since 2019-09-26
+ */
+@Service
+public class TaButtonUriMapServiceImpl extends ServiceImpl<TaButtonUriMapMapper, TaButtonUriMap> implements ITaButtonUriMapService {
+	
+	@Autowired
+	private TaButtonUriMapMapper taButtonUriMapMapper;
+	
+	@Override
+	public TaButtonUriMap getByURI(String uri) {
+		return taButtonUriMapMapper.getByURI(uri);
+	}
+}

src/main/java/com/huiju/estateagents/entity/SysButtonInMenu.java

@@ -47,6 +47,8 @@ public class SysButtonInMenu implements Serializable {
     private Integer status;
 
     private String code;
+    
+    private String remark;
 
     @TableField(exist = false)
     private List<Integer> roles;

src/main/java/com/huiju/estateagents/interceptor/AccessInterceptor.java

@@ -1,10 +1,20 @@
 package com.huiju.estateagents.interceptor;
 
 import com.alibaba.fastjson.JSONObject;
+import com.baomidou.mybatisplus.core.conditions.query.QueryWrapper;
 import com.huiju.estateagents.base.ResponseBean;
 import com.huiju.estateagents.center.sysUser.entity.SysToken;
 import com.huiju.estateagents.center.sysUser.service.ISysTokenService;
+import com.huiju.estateagents.center.taUser.entity.TaButtonUriMap;
+import com.huiju.estateagents.center.taUser.entity.TaUserRole;
+import com.huiju.estateagents.center.taUser.service.ITaButtonUriMapService;
+import com.huiju.estateagents.center.taUser.service.ITaUserRoleService;
 import com.huiju.estateagents.common.JWTUtils;
+import com.huiju.estateagents.common.StringUtils;
+import com.huiju.estateagents.entity.SysButtonInMenu;
+import com.huiju.estateagents.entity.TaRoleButton;
+import com.huiju.estateagents.service.ISysButtonInMenuService;
+import com.huiju.estateagents.service.ITaRoleButtonService;
 import io.jsonwebtoken.*;
 import org.springframework.beans.factory.annotation.Autowired;
 import org.springframework.stereotype.Component;
@@ -13,6 +23,8 @@ import org.springframework.web.servlet.ModelAndView;
 
 import javax.servlet.http.HttpServletRequest;
 import javax.servlet.http.HttpServletResponse;
+import java.util.List;
+import java.util.Map;
 
 @Component
 public class AccessInterceptor implements HandlerInterceptor {
@@ -20,6 +32,18 @@ public class AccessInterceptor implements HandlerInterceptor {
     @Autowired
     private ISysTokenService sysTokenService;
     
+    @Autowired
+    private ITaUserRoleService taUserRoleService;
+    
+    @Autowired
+    private ITaRoleButtonService taRoleButtonService;
+    
+    @Autowired
+    private ISysButtonInMenuService sysButtonInMenuService;
+    
+    @Autowired
+    private ITaButtonUriMapService taButtonUriMapService;
+    
     private String[] whiteList = {
             "/wx/chat", // 聊天暂时不鉴权
             "/api/wx/login",
@@ -112,9 +136,64 @@ public class AccessInterceptor implements HandlerInterceptor {
             return false;
         }
         
+        //按钮权限校验
+        boolean state = checkButtonRole(request);
+        if (!state){
+            ResponseBean resp = ResponseBean.error("权限验证非法" , ResponseBean.ERROR_AUTH_FAIL);
+        
+            response.addHeader("Content-type", "application/json");
+            response.getOutputStream().write(JSONObject.toJSONBytes(resp));
+            return false;
+        }
+        
         return true;
     }
-
+    
+    //检验按钮权限
+    private boolean checkButtonRole(HttpServletRequest request) {
+        if(StringUtils.isEmpty(request.getHeader("x-action"))){
+            return false;
+        }
+        //根据路径匹配code 一致继续 否则无权限
+        String requestURI = request.getRequestURI();
+        String method = request.getMethod();
+        TaButtonUriMap taButtonUriMap = taButtonUriMapService.getByURI(method+":"+requestURI);
+        if (null == taButtonUriMap){
+            return true;
+        }
+        
+        if (!taButtonUriMap.getButtonCode().equals(request.getHeader("x-action"))){
+            return false;
+        }
+        
+        //根据code查询按钮权限
+        Map map = JWTUtils.getUserIdAndOrgId(request);
+        QueryWrapper<SysButtonInMenu> sysButtonInMenuQueryWrapper = new QueryWrapper<>();
+        sysButtonInMenuQueryWrapper.eq("code",request.getHeader("x-action"));
+        SysButtonInMenu sysButtonInMenu = sysButtonInMenuService.getOne(sysButtonInMenuQueryWrapper);
+        if (null == sysButtonInMenu){
+            return false;
+        }
+        //查询角色
+        QueryWrapper<TaRoleButton> taRoleButtonQueryWrapper = new QueryWrapper<>();
+        taRoleButtonQueryWrapper.eq("btn_id",sysButtonInMenu.getBtnId());
+        List<TaRoleButton> taRoleButtonList = taRoleButtonService.list(taRoleButtonQueryWrapper);
+        if (taRoleButtonList.size() < 1){
+            return true;
+        }
+        //查询用户
+        QueryWrapper<TaUserRole> taUserRoleQueryWrapper = new QueryWrapper<>();
+        taUserRoleQueryWrapper.eq("user_id",map.get("userId"));
+        TaUserRole taUserRole = taUserRoleService.getOne(taUserRoleQueryWrapper);
+        for (TaRoleButton taRoleButton : taRoleButtonList){
+            if (taRoleButton.getRoleId().equals(taUserRole.getRoleId())){
+                return true;
+            }
+        }
+        
+        return false;
+    }
+    
     private boolean checkMiniApp(HttpServletRequest request) {
         String requestURI = request.getRequestURI();
 

src/main/java/com/huiju/estateagents/mapper/SysButtonInMenuMapper.java

@@ -2,7 +2,11 @@ package com.huiju.estateagents.mapper;
 
 import com.baomidou.mybatisplus.core.mapper.BaseMapper;
 import com.huiju.estateagents.entity.SysButtonInMenu;
+import com.huiju.estateagents.entity.TaRoleButton;
 import org.apache.ibatis.annotations.Mapper;
+import org.apache.ibatis.annotations.Param;
+
+import java.util.List;
 
 /**
  * <p>
@@ -14,5 +18,6 @@ import org.apache.ibatis.annotations.Mapper;
  */
 @Mapper
 public interface SysButtonInMenuMapper extends BaseMapper<SysButtonInMenu> {
-
+	
+	List<SysButtonInMenu> getButtonList(@Param("roleId") Integer roleId);
 }

src/main/java/com/huiju/estateagents/service/ISysButtonInMenuService.java

@@ -2,6 +2,9 @@ package com.huiju.estateagents.service;
 
 import com.baomidou.mybatisplus.extension.service.IService;
 import com.huiju.estateagents.entity.SysButtonInMenu;
+import com.huiju.estateagents.entity.TaRoleButton;
+
+import java.util.List;
 
 /**
  * <p>
@@ -12,5 +15,6 @@ import com.huiju.estateagents.entity.SysButtonInMenu;
  * @since 2019-09-11
  */
 public interface ISysButtonInMenuService extends IService<SysButtonInMenu> {
-
+	
+	List<SysButtonInMenu> getButtonList(Integer roleId);
 }

src/main/java/com/huiju/estateagents/service/impl/SysButtonInMenuServiceImpl.java

@@ -2,10 +2,14 @@ package com.huiju.estateagents.service.impl;
 
 import com.baomidou.mybatisplus.extension.service.impl.ServiceImpl;
 import com.huiju.estateagents.entity.SysButtonInMenu;
+import com.huiju.estateagents.entity.TaRoleButton;
 import com.huiju.estateagents.mapper.SysButtonInMenuMapper;
 import com.huiju.estateagents.service.ISysButtonInMenuService;
+import org.springframework.beans.factory.annotation.Autowired;
 import org.springframework.stereotype.Service;
 
+import java.util.List;
+
 /**
  * <p>
  * 菜单按钮表  服务实现类
@@ -16,5 +20,12 @@ import org.springframework.stereotype.Service;
  */
 @Service
 public class SysButtonInMenuServiceImpl extends ServiceImpl<SysButtonInMenuMapper, SysButtonInMenu> implements ISysButtonInMenuService {
-
+	
+	@Autowired
+	private SysButtonInMenuMapper sysButtonInMenuMapper;
+	
+	@Override
+	public List<SysButtonInMenu> getButtonList(Integer roleId) {
+		return sysButtonInMenuMapper.getButtonList(roleId);
+	}
 }

src/main/resources/mapper/SysButtonInMenuMapper.xml

@@ -2,4 +2,14 @@
 <!DOCTYPE mapper PUBLIC "-//mybatis.org//DTD Mapper 3.0//EN" "http://mybatis.org/dtd/mybatis-3-mapper.dtd">
 <mapper namespace="com.huiju.estateagents.mapper.SysButtonInMenuMapper">
 
+    <select id="getButtonList" resultType="com.huiju.estateagents.entity.SysButtonInMenu">
+        SELECT
+            t.serial_no,
+            s.*
+        FROM
+            ta_role_button t
+            LEFT JOIN sys_button_in_menu s ON t.btn_id = s.btn_id
+        WHERE
+            t.role_id = #{roleId}
+    </select>
 </mapper>

src/main/resources/mapper/TaButtonUriMapMapper.xml

@@ -0,0 +1,13 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<!DOCTYPE mapper PUBLIC "-//mybatis.org//DTD Mapper 3.0//EN" "http://mybatis.org/dtd/mybatis-3-mapper.dtd">
+<mapper namespace="com.huiju.estateagents.center.taUser.mapper.TaButtonUriMapMapper">
+
+    <select id="getByURI" resultType="com.huiju.estateagents.center.taUser.entity.TaButtonUriMap">
+        SELECT
+            *
+        FROM
+            ta_button_uri_map
+        WHERE
+            #{uri} REGEXP uri
+    </select>
+</mapper>