角色权限菜单

一、数据库表

菜单表字段

二、层级菜单

   @Override
    public PagerBean<MenuBean> findPager(MenuBean menuBean, PagerBean pagerBean) {
        menuBean.setParentCode("0");
        //父节点
        List<MenuBean> menuBeans = this.findAll(menuBean, pagerBean);

        //层级关系
        if (CollectionUtils.isNotEmpty(menuBeans)) {
            for (MenuBean menu : menuBeans) {
                List<MenuBean> childMenu = this.findAll(MenuBean.builder().parentCode(menu.getCode()).build(), pagerBean);

                if (CollectionUtils.isNotEmpty(childMenu)) {
                    menu.setChildMenu(childMenu);

                    for (MenuBean menu2 : childMenu) {
                        List<MenuBean> childMenu2 = this.findAll(MenuBean.builder().parentCode(menu2.getCode()).build(), pagerBean);

                        if (CollectionUtils.isNotEmpty(childMenu2)) {
                            menu2.setChildMenu(childMenu2);
                        }
                    }
                }
            }
        }

        Long count = this.countAll(menuBean, pagerBean.getImpl());
        PagerBean<MenuBean> menuPageBean = new PagerBean<>();
        BeanUtils.copyProperties(pagerBean, menuPageBean);
        menuPageBean.setItemCount(count.intValue());
        menuPageBean.init();
        menuPageBean.setItems(menuBeans);
        return menuPageBean;
    }

三、角色权限菜单

1.权限注解

/**
 * @Author Askin
 * 权限注解
 */
@Target({ElementType.TYPE, ElementType.METHOD})
@Retention(RetentionPolicy.RUNTIME)
public @interface CheckPermissions {

    String value() default "";
}

2.自定义异常

/**
 * @Author Askin
 */
//更改状态码
@ResponseStatus(HttpStatus.BAD_GATEWAY)
public class CommonException extends RuntimeException {

    //状态码
    private Integer status;

    public CommonException(String message) {
        super(message);
    }

}

3.注解拦截切面

Aop @Aspect资料

package com.askin.menuAuth.corerestful.handler.core;

import com.alibaba.dubbo.common.utils.CollectionUtils;
import com.alibaba.fastjson.JSONObject;
import com.askin.menuAuth.corerestful.annotation.core.CheckPermissions;
import com.askin.menuAuth.coreservice.dao.core.MenuDao;
import com.askin.menuAuth.coreservice.dao.core.RoleMenuDao;
import com.askin.menuAuth.coreservice.dao.core.UserRoleDao;
import com.askin.menuAuth.coreservice.domain.core.Menu;
import com.askin.menuAuth.coreservice.domain.core.RoleMenu;
import com.askin.menuAuth.coreservice.domain.core.UserRole;
import io.github.admin4j.http.util.HttpJsonUtil;
import io.github.admin4j.http.util.HttpUtil;
import okhttp3.Response;
import org.apache.commons.lang3.StringUtils;
import org.aspectj.lang.JoinPoint;
import org.aspectj.lang.annotation.Aspect;
import org.aspectj.lang.annotation.Before;
import org.aspectj.lang.annotation.Pointcut;
import org.aspectj.lang.reflect.MethodSignature;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.stereotype.Component;

import javax.servlet.http.HttpServletRequest;
import java.lang.reflect.Field;
import java.lang.reflect.Method;
import java.util.List;
import java.util.Objects;

/**
 * @Author Askin
 */
@Component
//定义切面类
@Aspect
public class CheckPermissionsAspect {

    @Autowired
    MenuDao menuDao;
    @Autowired
    UserRoleDao userRoleDao;
    @Autowired
    RoleMenuDao roleMenuDao;

    //定义切点，切点指定注解
    @Pointcut("@annotation(com.askin.menuAuth.corerestful.annotation.core.CheckPermissions)")
    public void checkPermissions() {
    }

    /**
     * @param joinPoint:JoinPoint为连接点对象， 它可以获取当前切入的方法的参数、代理类等信息，
     *                                   因此可以记录一些信息，验证一些信息等；
     */
    @Before("checkPermissions()")
    public void doBefore(JoinPoint joinPoint) throws RuntimeException, NoSuchFieldException, IllegalAccessException, NoSuchMethodException {
        String userCode = null;

        //拿到方法参数
        Object[] args = joinPoint.getArgs();

        Object parobj = args[0];

        if (!Objects.isNull(parobj)) {
            //Bean
            Class userCla = parobj.getClass();
            //调用Bean.userCode
            Field field = userCla.getDeclaredField("userCode");
            //设置可以访问private变量的变量值
            field.setAccessible(true);
            //获取Bean中的userCode
            userCode = (String) field.get(parobj);
        }
        if (!Objects.isNull(userCode)) {
            //获取方法上有CheckPermissions注解的参数

            //类名
            Class clazz = joinPoint.getTarget().getClass();
            //方法名
            String methodName = joinPoint.getSignature().getName();
            Class[] parameterTypes = ((MethodSignature) joinPoint.getSignature()).getMethod().getParameterTypes();
            Method method = clazz.getMethod(methodName, parameterTypes);
            if (method.getAnnotation(CheckPermissions.class) != null) {
                CheckPermissions annotation = method.getAnnotation(CheckPermissions.class);
                //获取注解值
                String menuCode = annotation.value();
                if (StringUtils.isNotBlank(menuCode)) {
                    boolean check = false;

                    List<UserRole> userRoles = userRoleDao.findAllByUserCodeAndValid(userCode, (short) 1);

                    //第一个角色
                    if (CollectionUtils.isNotEmpty(userRoles)) {
                        UserRole userRole = userRoles.get(0);
                        List<RoleMenu> roleMenus = roleMenuDao.findAllByRoleCodeAndValid(userRole.getRoleCode(), (short) 1);
                        if (CollectionUtils.isNotEmpty(roleMenus)) {
                            for (RoleMenu roleMenu : roleMenus) {
                                Menu menu = menuDao.findByCodeAndValid(roleMenu.getMenuCode(), (short) 1);
                                if (menu.getMenuCode().equals(menuCode)) {
                                    check = true;
                                }
                            }
                        }
                    }

                    if (check == false) {
                        throw new CommonException("您没有此权限!");
                    }
                }
            }
        }
    }

}

4.测试匹配menuCode字段是否相等

5.没有权限响应