资源权限提交

src/main/java/com/jz/common/constant/StatuConstant.java

+package com.jz.common.constant;
+
+/**常量
+ * @author ybz
+ *
+ */
+public class StatuConstant {
+	
+	public final static String SUCCESS_CODE = "200";
+	
+	public final static String FAILURE_CODE = "201";
+	
+	/*****************************************************************************/
+	//第三方请求返回结果码定义
+	public static String CODE_SUCCESS = "000";
+	public static String MSG_SUCCESS = "操作成功";
+	
+	public static String CODE_ERROR_REQUESTMETHOD = "100";
+	public static String MSG_ERROR_REQUESTMETHOD = "请求方式错误(只支持POST方式请求)";
+	
+	public static String CODE_ERROR_PARAMETER = "101";
+	public static String MSG_ERROR_PARAMETER = "参数不正确(格式不正确或必填参数为空)";
+	
+	public static String CODE_ERROR_CITYCODE = "102";
+	public static String MSG_ERROR_CITYCODE = "城市区域代码错误";
+	
+	public static String CODE_NOT_SIGNED = "103";
+	public static String MSG_NOT_SIGNED = "尚未登录或者登录已过期";
+	
+	public static String CODE_DATA_EXISTED = "106";
+	public static String MSG_DATA_EXISTED = "企业已备案，请勿重复备案";
+	
+	public static String CODE_ERROR_USERNAMEORPASSWD = "107";
+	public static String MSG_ERROR_USERNAMEORPASSWD = "用户名或密码错误";
+	
+	public static String CODE_USER_LOGGEDOFF = "108";
+	public static String MSG_USER_LOGGEDOFF = "用户已注销";
+	
+	public static String CODE_PERMISSION_NO = "109";
+	public static String MSG_PERMISSION_NO = "权限不足，请联系管理员";
+	
+	public static String CODE_DATA_NOTMEET = "201";
+	public static String MSG_DATA_NOTMEET = "数据不符合业务处理要求";
+	
+	public static String CODE_SYS_EXCEPTION = "500";
+	public static String MSG_SYS_EXCEPTION = "系统异常，请联系接口提供方";
+	
+}

src/main/java/com/jz/common/interceptor/MyInvocationSecurityMetadataSource.java

 package com.jz.common.interceptor;
 
+import java.util.ArrayList;
 import java.util.Collection;
 import java.util.HashMap;
+import java.util.List;
 import java.util.Map;
 import java.util.Map.Entry;
 
@@ -9,14 +11,17 @@ import javax.servlet.http.HttpServletRequest;
 
 import org.slf4j.Logger;
 import org.slf4j.LoggerFactory;
+import org.springframework.beans.factory.annotation.Autowired;
 import org.springframework.security.access.ConfigAttribute;
+import org.springframework.security.access.SecurityConfig;
 import org.springframework.security.web.FilterInvocation;
 import org.springframework.security.web.access.intercept.FilterInvocationSecurityMetadataSource;
 import org.springframework.security.web.util.matcher.AntPathRequestMatcher;
 import org.springframework.stereotype.Component;
 
-//import com.jz.dmp.web.ui.modules.sys.repository.domain.DmpSystemMenu;
-//import com.jz.dmp.web.ui.modules.sys.service.DmpSystemMenuService;
+import com.jz.dmp.modules.model.DmpPermission;
+import com.jz.dmp.modules.service.sys.DmpPermissionService;
+
 
 /** 
 * @ClassName: MyInvocationSecurityMetadataSource
@@ -32,8 +37,8 @@ public class MyInvocationSecurityMetadataSource implements FilterInvocationSecur
 	
 	private boolean isExpire;//加载资源是否过期
 	
-	//@Autowired
-	//private DmpSystemMenuService dspSystemMenuService;
+	@Autowired
+	private DmpPermissionService dmpPermissionService;
 	
 	private Map<String, Collection<ConfigAttribute>> map = null;
 	
@@ -44,18 +49,17 @@ public class MyInvocationSecurityMetadataSource implements FilterInvocationSecur
 		Collection<ConfigAttribute> configAttributes;
 		ConfigAttribute cfg;
 		
-		System.err.println("1234444444444444444--------------------");
-		/*List<DmpSystemMenu> resources = dspSystemMenuService.findAllList();
-		for (DmpSystemMenu dspSystemMenu : resources) {
+		List<DmpPermission> resources = dmpPermissionService.findAllList();
+		for (DmpPermission permission : resources) {
 			configAttributes = new ArrayList<>();
-			cfg = new SecurityConfig(dspSystemMenu.getMenuTarget());
+			cfg = new SecurityConfig(permission.getPermissionCode());
 			//此处只添加了用户的名字，其实还可以添加更多的权限信息，例如请求方法到ConfigAttribute的集合中去。
 			//此处添加的信息将会作为MyAccessDecisionManager类的decide的第三个参数。
 			configAttributes.add(cfg);
 			//用权限的getUrl()作为map的key，用configAttribute的集合作为value。
-			map.put(dspSystemMenu.getMenuHref(), configAttributes);
+			map.put(permission.getPermissionUrl(), configAttributes);
 			
-		}*/
+		}
 		
 	}
 

src/main/java/com/jz/dmp/config/SecurityConfiguration.java

@@ -16,6 +16,7 @@ import org.springframework.security.config.annotation.web.configuration.WebSecur
 import org.springframework.security.core.userdetails.UsernameNotFoundException;
 
 import com.alibaba.fastjson.JSONObject;
+import com.jz.common.constant.StatuConstant;
 import com.jz.common.interceptor.MyFilterSecurityInterceptor;
 
 @Configuration
@@ -33,8 +34,8 @@ public class SecurityConfiguration extends WebSecurityConfigurerAdapter {
 			response.setStatus(HttpServletResponse.SC_FORBIDDEN);
 			PrintWriter out = response.getWriter();
 			Map<String,Object> map = new HashMap<String,Object>();
-			map.put("code",403);
-			map.put("message","未登录");
+			map.put("code",StatuConstant.CODE_NOT_SIGNED);
+			map.put("message",StatuConstant.MSG_NOT_SIGNED);
 			out.write(JSONObject.toJSONString(map));
 			out.flush();
 			out.close();
@@ -50,9 +51,9 @@ public class SecurityConfiguration extends WebSecurityConfigurerAdapter {
 				response.setStatus(HttpServletResponse.SC_UNAUTHORIZED);
 				PrintWriter out = response.getWriter();
 				Map<String,Object> map = new HashMap<String,Object>();
-				map.put("code",401);
+				map.put("code",StatuConstant.CODE_ERROR_USERNAMEORPASSWD);
 				if (ex instanceof UsernameNotFoundException || ex instanceof BadCredentialsException) {
-					map.put("message","用户名或密码错误");
+					map.put("message",StatuConstant.MSG_ERROR_USERNAMEORPASSWD);
 				} else if (ex instanceof DisabledException) {
 					map.put("message","账户被禁用");
 				} else {
@@ -65,7 +66,7 @@ public class SecurityConfiguration extends WebSecurityConfigurerAdapter {
             //登录成功，返回json
 			.successHandler((request,response,authentication) -> {
 				Map<String,Object> map = new HashMap<String,Object>();
-				map.put("code",200);
+				map.put("code",StatuConstant.CODE_SUCCESS);
 				map.put("message","登录成功");
 				map.put("data",authentication);
 				response.setContentType("application/json;charset=utf-8");
@@ -84,8 +85,8 @@ public class SecurityConfiguration extends WebSecurityConfigurerAdapter {
 				response.setStatus(HttpServletResponse.SC_FORBIDDEN);
 				PrintWriter out = response.getWriter();
 				Map<String,Object> map = new HashMap<String,Object>();
-				map.put("code",403);
-				map.put("message", "权限不足");
+				map.put("code",StatuConstant.CODE_PERMISSION_NO);
+				map.put("message", StatuConstant.MSG_PERMISSION_NO);
 				out.write(JSONObject.toJSONString(map));
 				out.flush();
 				out.close();
@@ -95,7 +96,7 @@ public class SecurityConfiguration extends WebSecurityConfigurerAdapter {
 			//退出成功，返回json
 			.logoutSuccessHandler((request,response,authentication) -> {
 				Map<String,Object> map = new HashMap<String,Object>();
-				map.put("code",200);
+				map.put("code",StatuConstant.CODE_SUCCESS);
 				map.put("message","退出成功");
 				map.put("data",authentication);
 				response.setContentType("application/json;charset=utf-8");

src/main/java/com/jz/dmp/modules/controller/sys/bean/MyDmpPermissionConverter.java

+package com.jz.dmp.modules.controller.sys.bean;
+
+import java.util.ArrayList;
+import java.util.List;
+
+import org.springframework.beans.BeanUtils;
+
+import com.jz.dmp.modules.model.DmpPermission;
+
+public class MyDmpPermissionConverter {
+	
+	private static MyDmpPermissionConverter instance;
+	
+	private MyDmpPermissionConverter() {};
+	
+	public synchronized static MyDmpPermissionConverter INSTANCE() {
+		if (instance==null) {
+			instance = new MyDmpPermissionConverter();
+		}
+		
+		return instance;
+	}
+	
+	public DmpPermissionDto domain2dto(DmpPermission dmpPermission) {
+		DmpPermissionDto dmpPermissionDto = new DmpPermissionDto();
+		BeanUtils.copyProperties(dmpPermission, dmpPermissionDto);
+		
+		return dmpPermissionDto;
+	}
+	
+	public List<DmpPermissionDto> domain2dto(List<DmpPermission> dmpPermissions) {
+		List<DmpPermissionDto> dmpPermissionDtos = new ArrayList<DmpPermissionDto>();
+		dmpPermissions.stream().forEach(x -> {
+			dmpPermissionDtos.add(domain2dto(x));
+		});
+		
+		return dmpPermissionDtos;
+	}
+	
+	public DmpPermission dto2domain(DmpPermissionDto dmpPermissionDto) {
+		DmpPermission dmpPermission = new DmpPermission();
+		BeanUtils.copyProperties(dmpPermissionDto, dmpPermission);
+		
+		return dmpPermission;
+	}
+	
+	public List<DmpPermission> dto2domain(List<DmpPermissionDto> dmpPermissionDtos) {
+		List<DmpPermission> dmpPermissions = new ArrayList<DmpPermission>();
+		dmpPermissionDtos.stream().forEach(x -> {
+			dmpPermissions.add(domain2dto(x));
+		});
+		
+		return dmpPermissions;
+	}
+
+}

src/main/java/com/jz/dmp/modules/dao/sys/DmpPermissionMapper.java

@@ -88,4 +88,14 @@ public interface DmpPermissionMapper {
 	*/ 
 	public List<DmpPermission> findByRoles(@Param("dmpRoles")List<DmpRole> dmpRoles)throws Exception;
 
+	/**  
+	* @Title: findAllListWithUrlNotNull  
+	* @Description: TODO(获取所有url不为null资源)  
+	* @param @return
+	* @param @throws Exception    参数  
+	* @return List<DmpPermissionDto>    返回类型  
+	* @throws  
+	*/ 
+	public List<DmpPermissionDto> findAllListWithUrlNotNull()throws Exception;
+	
 }

src/main/java/com/jz/dmp/modules/service/sys/DmpPermissionService.java

@@ -80,4 +80,13 @@ public interface DmpPermissionService {
 	*/ 
 	public List<DmpPermission> findPermissionByRoles(List<DmpRole> dmpRoles);
 
+	/**  
+	* @Title: findAllList  
+	* @Description: TODO(获取所有可用资源)  
+	* @param @return    参数  
+	* @return List<DmpPermission>    返回类型  
+	* @throws  
+	*/ 
+	public List<DmpPermission> findAllList();
+
 }

src/main/java/com/jz/dmp/modules/service/sys/impl/DmpMemberServiceImpl.java

@@ -21,7 +21,6 @@ import com.github.pagehelper.PageInfo;
 import com.jz.common.bean.BaseBeanResponse;
 import com.jz.common.bean.BaseResponse;
 import com.jz.common.bean.PageInfoResponse;
-import com.jz.common.constant.Constants;
 import com.jz.common.constant.ResultCode;
 import com.jz.common.persistence.BaseService;
 import com.jz.dmp.modules.controller.sys.bean.DmpMemberBatch;

src/main/java/com/jz/dmp/modules/service/sys/impl/DmpPermissionServiceImpl.java

@@ -29,6 +29,7 @@ import com.jz.common.persistence.BaseService;
 import com.jz.dmp.modules.controller.sys.bean.DmpPermissionBatch;
 import com.jz.dmp.modules.controller.sys.bean.DmpPermissionDto;
 import com.jz.dmp.modules.controller.sys.bean.DmpPermissionRequest;
+import com.jz.dmp.modules.controller.sys.bean.MyDmpPermissionConverter;
 import com.jz.dmp.modules.dao.sys.DmpPermissionMapper;
 import com.jz.dmp.modules.model.DmpPermission;
 import com.jz.dmp.modules.model.DmpRole;
@@ -318,4 +319,25 @@ public class DmpPermissionServiceImpl extends BaseService implements DmpPermissi
 		return permission;
 	}
 
+
+	/**
+	 *获取所有资源
+	 */
+	@Override
+	public List<DmpPermission> findAllList() {
+		
+		List<DmpPermission> permissions = new ArrayList<DmpPermission>();
+		try {
+			List<DmpPermissionDto> permissionDtos = dmpPermissionMapper.findAllListWithUrlNotNull();
+			permissions = MyDmpPermissionConverter.INSTANCE().dto2domain(permissionDtos);
+			
+		} catch (Exception e) {
+			e.printStackTrace();
+			logger.info("获取所有资源接口异常：{}", e);
+		}
+		
+		
+		return permissions;
+	}
+	
 }

src/main/resources/mapper/sys/DmpPermissionMapper.xml

@@ -328,4 +328,12 @@
 	</choose>
   </select>
   
+  <!-- 条件查询URL不为null资源-->
+  <select id="findAllListWithUrlNotNull" resultMap="BaseDtoResultMap">
+    SELECT 
+  	  <include refid="BaseDto_Column_List"/>
+    FROM dmp_permission
+	WHERE permission_url IS NOT NULL
+  </select>
+	
 </mapper>