package com.skua.modules.system.controller;
import com.alibaba.fastjson.JSONArray;
import com.alibaba.fastjson.JSONObject;
import com.baomidou.mybatisplus.core.conditions.query.LambdaQueryWrapper;
import com.baomidou.mybatisplus.core.conditions.query.QueryWrapper;
import com.skua.common.constant.CacheConstant;
import com.skua.core.api.vo.Result;
import com.skua.core.api.vo.TransTreeModel;
import com.skua.core.api.vo.TreeData;
import com.skua.core.aspect.annotation.AutoLog;
import com.skua.core.constant.CommonConstant;
import com.skua.core.context.BaseContextHandler;
import com.skua.core.entity.SysPermissionDataRule;
import com.skua.core.util.ConvertUtils;
import com.skua.core.util.JwtUtil;
import com.skua.core.util.encryption.MD5Util;
import com.skua.modules.system.entity.SysPermission;
import com.skua.modules.system.entity.SysRole;
import com.skua.modules.system.entity.SysRolePermission;
import com.skua.modules.system.model.SysPermissionTree;
import com.skua.modules.system.model.TreeModel;
import com.skua.modules.system.service.ISysPermissionDataRuleService;
import com.skua.modules.system.service.ISysPermissionService;
import com.skua.modules.system.service.ISysRolePermissionService;
import com.skua.modules.system.service.ISysRoleService;
import com.skua.modules.system.util.PermissionDataUtil;
import com.skua.modules.system.vo.SysReportPermissionVO;
import io.swagger.annotations.Api;
import lombok.extern.slf4j.Slf4j;
import org.apache.shiro.authz.annotation.RequiresRoles;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.cache.annotation.CacheEvict;
import org.springframework.web.bind.annotation.*;
import java.util.*;
import java.util.stream.Collectors;
/**
* 菜单权限表 前端控制器
*/
@Slf4j
@Api(tags = "菜单")
@RestController
@RequestMapping("/sys/permission")
public class SysPermissionController {
@Autowired
private ISysPermissionService sysPermissionService;
@Autowired
private ISysRolePermissionService sysRolePermissionService;
@Autowired
private ISysPermissionDataRuleService sysPermissionDataRuleService;
@Autowired
private ISysRoleService sysRoleService;
/**
* 加载数据节点
*
* @return
*/
@RequestMapping(value = "/list", method = RequestMethod.GET)
public Result<List<SysPermissionTree>> list() {
Result<List<SysPermissionTree>> result = new Result<>();
try {
List<SysPermission> list = sysPermissionService.getlist();
List<SysPermissionTree> treeList = new ArrayList<>();
getTreeList(treeList, list, null);
result.setResult(treeList);
result.setSuccess(true);
} catch (Exception e) {
log.error(e.getMessage(), e);
}
return result;
}
/**
* 查询用户拥有的菜单权限和按钮权限(根据TOKEN)
*
* @return
*/
@RequestMapping(value = "/getUserPermissionByToken", method = RequestMethod.GET)
public Result<?> getUserPermissionByToken(@RequestParam(name = "token", required = true) String token) {
Result<JSONObject> result = new Result<JSONObject>();
try {
if (ConvertUtils.isEmpty(token)) {
return Result.error("TOKEN不允许为空!");
}
log.info(" ------ 通过令牌获取用户拥有的访问菜单 ---- TOKEN ------ " + token);
String username = JwtUtil.getUsername(token);
List<SysPermission> metaList = sysPermissionService.queryByUser(username,BaseContextHandler.getOrgCode());
List<SysRole> roleList = sysRoleService.queryUserRolesByUserName(username);
// PermissionDataUtil.addIndexPage(metaList);
JSONObject json = new JSONObject();
JSONArray menujsonArray = new JSONArray();
//获取菜单的机构名称和机构类型
List<Map<String,Object>> permissionDepartDataList = sysPermissionService.getPermissionDepartData();
Map<String,String> permissionDepartDataMap = new HashMap<>();
for (Map<String, Object> map : permissionDepartDataList) {
permissionDepartDataMap.put(ConvertUtils.getString(map.get("sysPermissionId")),ConvertUtils.getString(map.get("permissionDepartName"))+
"_"+ConvertUtils.getString(map.get("permissionDepartType"))+"_"+ConvertUtils.getString(map.get("permissionChooseType")));
}
this.getPermissionJsonArray(menujsonArray, metaList, null,permissionDepartDataMap);
JSONArray authjsonArray = new JSONArray();
this.getAuthJsonArray(authjsonArray, metaList);
//查询所有的权限
LambdaQueryWrapper<SysPermission> query = new LambdaQueryWrapper<SysPermission>();
query.eq(SysPermission::getDelFlag, CommonConstant.DEL_FLAG_0);
query.eq(SysPermission::getMenuType, CommonConstant.MENU_TYPE_2);
//query.eq(SysPermission::getStatus, "1");
List<SysPermission> allAuthList = sysPermissionService.list(query);
JSONArray allauthjsonArray = new JSONArray();
this.getAllAuthJsonArray(allauthjsonArray, allAuthList);
json.put("menu", menujsonArray);
json.put("auth", authjsonArray);
json.put("allAuth", allauthjsonArray);
json.put("role",roleList);
result.setResult(json);
result.success("查询成功");
} catch (Exception e) {
result.error500("查询失败:" + e.getMessage());
log.error(e.getMessage(), e);
}
return result;
}
/**
* 获取移动端菜单资源
* @return
*/
@RequestMapping(value = "/getAppUserPermission", method = RequestMethod.GET)
public Result<?> getAppUserPermissionByToken() {
String token = BaseContextHandler.getToken();
Result<List<TreeData>> result = new Result<List<TreeData>>();
try {
if (ConvertUtils.isEmpty(token)) {
return Result.error("TOKEN不允许为空!");
}
log.info(" ------ 通过令牌获取用户拥有的访问菜单 ---- TOKEN ------ " + token);
String username = JwtUtil.getUsername(token);
List<TreeData> metaList = sysPermissionService.queryAppPermissionTreeByUser(username);
result.setResult(metaList);
result.success("查询成功");
} catch (Exception e) {
result.error500("查询失败:" + e.getMessage());
log.error(e.getMessage(), e);
}
return result;
}
/**
* 添加菜单
* @param permission
* @return
*/
@AutoLog(value = "添加菜单")
@RequiresRoles({ "admin" })
@RequestMapping(value = "/add", method = RequestMethod.POST)
public Result<SysPermission> add(@RequestBody SysPermission permission) {
Result<SysPermission> result = new Result<SysPermission>();
try {
permission = PermissionDataUtil.intelligentProcessData(permission);
sysPermissionService.addPermission(permission);
result.success("添加成功!");
} catch (Exception e) {
log.error(e.getMessage(), e);
result.error500("操作失败");
}
return result;
}
/**
* 编辑菜单
* @param permission
* @return
*/
@AutoLog(value = "编辑菜单")
@RequiresRoles({ "admin" })
@CacheEvict(value= CacheConstant.LOGIN_USER_RULES_CACHE, allEntries=true)
@RequestMapping(value = "/edit", method = { RequestMethod.PUT, RequestMethod.POST })
public Result<SysPermission> edit(@RequestBody SysPermission permission) {
Result<SysPermission> result = new Result<>();
try {
permission = PermissionDataUtil.intelligentProcessData(permission);
sysPermissionService.editPermission(permission);
result.success("修改成功!");
} catch (Exception e) {
log.error(e.getMessage(), e);
result.error500("操作失败");
}
return result;
}
/**
* 删除菜单
* @param id
* @return
*/
@AutoLog(value = "删除菜单")
@RequiresRoles({ "admin" })
@CacheEvict(value=CacheConstant.LOGIN_USER_RULES_CACHE, allEntries=true)
@RequestMapping(value = "/delete", method = RequestMethod.DELETE)
public Result<SysPermission> delete(@RequestParam(name = "id", required = true) String id) {
Result<SysPermission> result = new Result<>();
try {
sysPermissionService.deletePermission(id);
sysPermissionService.deletePermRuleByPermId(id);
result.success("删除成功!");
} catch (Exception e) {
log.error(e.getMessage(), e);
result.error500(e.getMessage());
}
return result;
}
/**
* 批量删除菜单
* @param ids
* @return
*/
@AutoLog(value = "批量删除菜单")
@RequiresRoles({ "admin" })
@CacheEvict(value=CacheConstant.LOGIN_USER_RULES_CACHE, allEntries=true)
@RequestMapping(value = "/deleteBatch", method = RequestMethod.DELETE)
public Result<SysPermission> deleteBatch(@RequestParam(name = "ids", required = true) String ids) {
Result<SysPermission> result = new Result<>();
try {
String[] arr = ids.split(",");
for (String id : arr) {
if (ConvertUtils.isNotEmpty(id)) {
sysPermissionService.deletePermission(id);
}
}
result.success("删除成功!");
} catch (Exception e) {
log.error(e.getMessage(), e);
result.error500("删除成功!");
}
return result;
}
/**
* 获取全部的权限树
*
* @return
*/
@RequestMapping(value = "/queryTreeList", method = RequestMethod.GET)
public Result<Map<String, Object>> queryTreeList() {
Result<Map<String, Object>> result = new Result<>();
// 全部权限ids
List<String> ids = new ArrayList<>();
try {
LambdaQueryWrapper<SysPermission> query = new LambdaQueryWrapper<SysPermission>();
query.eq(SysPermission::getDelFlag, CommonConstant.DEL_FLAG_0);
query.orderByAsc(SysPermission::getSortNo);
List<SysPermission> list = sysPermissionService.list(query);
for (SysPermission sysPer : list) {
ids.add(sysPer.getId());
}
List<TreeModel> treeList = new ArrayList<>();
getTreeModelList(treeList, list, null);
Map<String, Object> resMap = new HashMap<String, Object>();
resMap.put("treeList", treeList); // 全部树节点数据
resMap.put("ids", ids);// 全部树ids
result.setResult(resMap);
result.setSuccess(true);
} catch (Exception e) {
log.error(e.getMessage(), e);
}
return result;
}
/**
* 异步加载数据节点
*
* @return
*/
@RequestMapping(value = "/queryListAsync", method = RequestMethod.GET)
public Result<List<TreeModel>> queryAsync(@RequestParam(name = "pid", required = false) String parentId) {
Result<List<TreeModel>> result = new Result<>();
try {
List<TreeModel> list = sysPermissionService.queryListByParentId(parentId);
if (list == null || list.size() <= 0) {
result.error500("未找到角色信息");
} else {
result.setResult(list);
result.setSuccess(true);
}
} catch (Exception e) {
log.error(e.getMessage(), e);
}
return result;
}
/**
* 查询角色授权
*
* @return
*/
@RequestMapping(value = "/queryRolePermission", method = RequestMethod.GET)
public Result<List<String>> queryRolePermission(@RequestParam(name = "roleId", required = true) String roleId) {
Result<List<String>> result = new Result<>();
try {
List<SysRolePermission> list = sysRolePermissionService.list(new QueryWrapper<SysRolePermission>().lambda().eq(SysRolePermission::getRoleId, roleId));
result.setResult(list.stream().map(SysRolePermission -> String.valueOf(SysRolePermission.getPermissionId())).collect(Collectors.toList()));
result.setSuccess(true);
} catch (Exception e) {
log.error(e.getMessage(), e);
}
return result;
}
/**
* 保存角色授权
*
* @return
*/
// @RequiresRoles({ "admin" })
@AutoLog(value = "角色授权")
@RequestMapping(value = "/saveRolePermission", method = RequestMethod.POST)
public Result<String> saveRolePermission(@RequestBody JSONObject json) {
long start = System.currentTimeMillis();
Result<String> result = new Result<>();
try {
String roleId = json.getString("roleId");
String permissionIds = json.getString("permissionIds");
String lastPermissionIds = json.getString("lastpermissionIds");
this.sysRolePermissionService.saveRolePermission(roleId, permissionIds, lastPermissionIds);
result.success("保存成功!");
log.info("======角色授权成功=====耗时:" + (System.currentTimeMillis() - start) + "毫秒");
} catch (Exception e) {
result.error500("授权失败!");
log.error(e.getMessage(), e);
}
return result;
}
private void getTreeList(List<SysPermissionTree> treeList, List<SysPermission> metaList, SysPermissionTree temp) {
for (SysPermission permission : metaList) {
String tempPid = permission.getParentId();
SysPermissionTree tree = new SysPermissionTree(permission);
if (temp == null && ConvertUtils.isEmpty(tempPid)) {
treeList.add(tree);
if (!tree.getIsLeaf()) {
getTreeList(treeList, metaList, tree);
}
} else if (temp != null && tempPid != null && tempPid.equals(temp.getId())) {
temp.getChildren().add(tree);
if (!tree.getIsLeaf()) {
getTreeList(treeList, metaList, tree);
}
}
}
}
private void getTreeModelList(List<TreeModel> treeList, List<SysPermission> metaList, TreeModel temp) {
for (SysPermission permission : metaList) {
String tempPid = permission.getParentId();
TreeModel tree = new TreeModel(permission);
if (temp == null && ConvertUtils.isEmpty(tempPid)) {
treeList.add(tree);
if (!tree.getIsLeaf()) {
getTreeModelList(treeList, metaList, tree);
}
} else if (temp != null && tempPid != null && tempPid.equals(temp.getKey())) {
temp.getChildren().add(tree);
if (!tree.getIsLeaf()) {
getTreeModelList(treeList, metaList, tree);
}
}
}
}
/**
* 获取权限JSON数组
* @param jsonArray
* @param allList
*/
private void getAllAuthJsonArray(JSONArray jsonArray,List<SysPermission> allList) {
JSONObject json = null;
for (SysPermission permission : allList) {
json = new JSONObject();
json.put("action", permission.getPerms());
json.put("status", permission.getStatus());
json.put("type", permission.getPermsType());
json.put("describe", permission.getName());
jsonArray.add(json);
}
}
/**
* 获取权限JSON数组
* @param jsonArray
* @param metaList
*/
private void getAuthJsonArray(JSONArray jsonArray,List<SysPermission> metaList) {
for (SysPermission permission : metaList) {
if(permission.getMenuType()==null) {
continue;
}
JSONObject json = null;
if(permission.getMenuType().equals(CommonConstant.MENU_TYPE_2) &&CommonConstant.STATUS_1.equals(permission.getStatus())) {
json = new JSONObject();
json.put("action", permission.getPerms());
json.put("type", permission.getPermsType());
json.put("describe", permission.getName());
jsonArray.add(json);
}
}
}
/**
* 获取菜单JSON数组
* @param jsonArray
* @param metaList
* @param parentJson
*/
private void getPermissionJsonArray(JSONArray jsonArray, List<SysPermission> metaList, JSONObject parentJson,Map<String,String> permissionDepartDataMap) {
for (SysPermission permission : metaList) {
if (permission.getMenuType() == null) {
continue;
}
String tempPid = permission.getParentId();
JSONObject json = getPermissionJsonObject(permission,permissionDepartDataMap);
if(json==null) {
continue;
}
if (parentJson == null && ConvertUtils.isEmpty(tempPid)) {
jsonArray.add(json);
if (!permission.isLeaf()) {
getPermissionJsonArray(jsonArray, metaList, json,permissionDepartDataMap);
}
} else if (parentJson != null && ConvertUtils.isNotEmpty(tempPid) && tempPid.equals(parentJson.getString("id"))) {
// 类型( 0:一级菜单 1:子菜单 2:按钮 )
if (permission.getMenuType().equals(CommonConstant.MENU_TYPE_2)) {
JSONObject metaJson = parentJson.getJSONObject("meta");
if (metaJson.containsKey("permissionList")) {
metaJson.getJSONArray("permissionList").add(json);
} else {
JSONArray permissionList = new JSONArray();
permissionList.add(json);
metaJson.put("permissionList", permissionList);
}
// 类型( 0:一级菜单 1:子菜单 2:按钮 )
} else if (permission.getMenuType().equals(CommonConstant.MENU_TYPE_1) || permission.getMenuType().equals(CommonConstant.MENU_TYPE_0)) {
if (parentJson.containsKey("children")) {
parentJson.getJSONArray("children").add(json);
} else {
JSONArray children = new JSONArray();
children.add(json);
parentJson.put("children", children);
}
if (!permission.isLeaf()) {
getPermissionJsonArray(jsonArray, metaList, json,permissionDepartDataMap);
}
}
}
}
}
private JSONObject getPermissionJsonObject(SysPermission permission,Map<String,String> permissionDepartDataMap) {
JSONObject json = new JSONObject();
// 类型(0:一级菜单 1:子菜单 2:按钮)
if (permission.getMenuType().equals(CommonConstant.MENU_TYPE_2)) {
//json.put("action", permission.getPerms());
//json.put("type", permission.getPermsType());
//json.put("describe", permission.getName());
return null;
} else if (permission.getMenuType().equals(CommonConstant.MENU_TYPE_0) || permission.getMenuType().equals(CommonConstant.MENU_TYPE_1)) {
json.put("id", permission.getId());
if (permission.isRoute()) {
json.put("route", "1");// 表示生成路由
} else {
json.put("route", "0");// 表示不生成路由
}
if (permission.getCrumbDisplay() != null){
json.put("crumbDisplay", permission.getCrumbDisplay());
}else{
json.put("crumbDisplay", 1);
}
if (isWWWHttpUrl(permission.getUrl())) {
json.put("path", MD5Util.MD5Encode(permission.getUrl(), "utf-8"));
} else {
json.put("path", permission.getUrl());
}
// 重要规则:路由name (通过URL生成路由name,路由name供前端开发,页面跳转使用)
if (ConvertUtils.isNotEmpty(permission.getComponentName())) {
json.put("name", permission.getComponentName());
} else {
json.put("name", urlToRouteName(permission.getUrl()));
}
if (permissionDepartDataMap.get(permission.getId()) != null){
String permissionDepartName = permissionDepartDataMap.get(permission.getId()).split("_")[0];
String permissionDepartDepart = permissionDepartDataMap.get(permission.getId()).split("_")[1];
String permissionChooseType = permissionDepartDataMap.get(permission.getId()).split("_")[2];
json.put("permissionDepartName",permissionDepartName);
json.put("permissionDepartDepart",permissionDepartDepart);
json.put("permissionChooseType",permissionChooseType);
}
// 是否隐藏路由,默认都是显示的
if (permission.isHidden()) {
json.put("hidden", true);
}
// 聚合路由
if (permission.isAlwaysShow()) {
json.put("alwaysShow", true);
}
json.put("component", permission.getComponent());
JSONObject meta = new JSONObject();
// 由用户设置是否缓存页面 用布尔值
if (permission.isKeepAlive()) {
meta.put("keepAlive", true);
} else {
meta.put("keepAlive", false);
}
meta.put("title", permission.getName());
if (ConvertUtils.isEmpty(permission.getParentId())) {
// 一级菜单跳转地址
json.put("redirect", permission.getRedirect());
if (ConvertUtils.isNotEmpty(permission.getIcon())) {
meta.put("icon", permission.getIcon());
}
} else {
if (ConvertUtils.isNotEmpty(permission.getIcon())) {
meta.put("icon", permission.getIcon());
}
}
if (isWWWHttpUrl(permission.getUrl())) {
meta.put("url", permission.getUrl());
}
json.put("meta", meta);
}
return json;
}
/**
* 判断是否外网URL 例如: http://localhost:8080/jeecg-boot/swagger-ui.html#/ 支持特殊格式: {{
* window._CONFIG['domianURL'] }}/druid/ {{ JS代码片段 }},前台解析会自动执行JS代码片段
*
* @return
*/
private boolean isWWWHttpUrl(String url) {
if (url != null && (url.startsWith("http://") || url.startsWith("https://") || url.startsWith("{{"))) {
return true;
}
return false;
}
/**
* 通过URL生成路由name(去掉URL前缀斜杠,替换内容中的斜杠‘/’为-) 举例: URL = /isystem/role RouteName =
* isystem-role
*
* @return
*/
private String urlToRouteName(String url) {
if (ConvertUtils.isNotEmpty(url)) {
if (url.startsWith("/")) {
url = url.substring(1);
}
url = url.replace("/", "-");
// 特殊标记
url = url.replace(":", "@");
return url;
} else {
return null;
}
}
/**
* 根据菜单id来获取其对应的权限数据
*
* @param sysPermissionDataRule
* @return
*/
@RequestMapping(value = "/getPermRuleListByPermId", method = RequestMethod.GET)
public Result<List<SysPermissionDataRule>> getPermRuleListByPermId(SysPermissionDataRule sysPermissionDataRule) {
List<SysPermissionDataRule> permRuleList = sysPermissionDataRuleService.getPermRuleListByPermId(sysPermissionDataRule.getPermissionId());
Result<List<SysPermissionDataRule>> result = new Result<>();
result.setSuccess(true);
result.setResult(permRuleList);
return result;
}
/**
* 添加菜单权限数据
*
* @param sysPermissionDataRule
* @return
*/
@AutoLog(value = "添加菜单权限")
@RequestMapping(value = "/addPermissionRule", method = RequestMethod.POST)
public Result<SysPermissionDataRule> addPermissionRule(@RequestBody SysPermissionDataRule sysPermissionDataRule) {
Result<SysPermissionDataRule> result = new Result<SysPermissionDataRule>();
try {
sysPermissionDataRule.setCreateTime(new Date());
sysPermissionDataRuleService.savePermissionDataRule(sysPermissionDataRule);
result.success("添加成功!");
} catch (Exception e) {
log.error(e.getMessage(), e);
result.error500("操作失败");
}
return result;
}
@AutoLog(value = "编辑菜单权限")
@RequestMapping(value = "/editPermissionRule", method = { RequestMethod.PUT, RequestMethod.POST })
public Result<SysPermissionDataRule> editPermissionRule(@RequestBody SysPermissionDataRule sysPermissionDataRule) {
Result<SysPermissionDataRule> result = new Result<SysPermissionDataRule>();
try {
sysPermissionDataRuleService.saveOrUpdate(sysPermissionDataRule);
result.success("更新成功!");
} catch (Exception e) {
log.error(e.getMessage(), e);
result.error500("操作失败");
}
return result;
}
/**
* 删除菜单权限数据
*
* @param id
* @return
*/
@AutoLog(value = "删除菜单权限")
@RequestMapping(value = "/deletePermissionRule", method = RequestMethod.DELETE)
public Result<SysPermissionDataRule> deletePermissionRule(@RequestParam(name = "id", required = true) String id) {
Result<SysPermissionDataRule> result = new Result<SysPermissionDataRule>();
try {
sysPermissionDataRuleService.deletePermissionDataRule(id);
result.success("删除成功!");
} catch (Exception e) {
log.error(e.getMessage(), e);
result.error500("操作失败");
}
return result;
}
/**
* 查询菜单权限数据
*
* @param sysPermissionDataRule
* @return
*/
@RequestMapping(value = "/queryPermissionRule", method = RequestMethod.GET)
public Result<List<SysPermissionDataRule>> queryPermissionRule(SysPermissionDataRule sysPermissionDataRule) {
Result<List<SysPermissionDataRule>> result = new Result<>();
try {
List<SysPermissionDataRule> permRuleList = sysPermissionDataRuleService.queryPermissionRule(sysPermissionDataRule);
result.setResult(permRuleList);
result.success("查询成功!");
} catch (Exception e) {
log.error(e.getMessage(), e);
result.error500("操作失败");
}
return result;
}
/**
* 将SysReportPermissionVO对象数据填充到TransTreeModel中
* @param bo
* @return
*/
private TransTreeModel convertToTreeModel(SysReportPermissionVO bo) {
TransTreeModel transTreeModel = new TransTreeModel();
transTreeModel.setId(bo.getId());
transTreeModel.setPid(bo.getParentId());
transTreeModel.setTitle(bo.getMenuName());
Map<String,String> map=new HashMap<>(4);
map.put("nodeType", bo.getNodeType());
map.put("url", bo.getUrl());
map.put("component", bo.getComponent());
transTreeModel.setMap(map);
return transTreeModel;
}
}