Examples with RequiresPermissions - com.ruoyi.common.security.annotation.RequiresPermissions

Example 1 with RequiresPermissions

use of com.ruoyi.common.security.annotation.RequiresPermissions in project RuoYi-Cloud by yangzongzhuan.

the class PreAuthorizeAspect method checkMethodAnnotation.

/**
 * 对一个Method对象进行注解检查
 */
public void checkMethodAnnotation(Method method) {
    // 校验 @RequiresLogin 注解
    RequiresLogin requiresLogin = method.getAnnotation(RequiresLogin.class);
    if (requiresLogin != null) {
        AuthUtil.checkLogin();
    }
    // 校验 @RequiresRoles 注解
    RequiresRoles requiresRoles = method.getAnnotation(RequiresRoles.class);
    if (requiresRoles != null) {
        AuthUtil.checkRole(requiresRoles);
    }
    // 校验 @RequiresPermissions 注解
    RequiresPermissions requiresPermissions = method.getAnnotation(RequiresPermissions.class);
    if (requiresPermissions != null) {
        AuthUtil.checkPermi(requiresPermissions);
    }
}

Also used : RequiresPermissions(com.ruoyi.common.security.annotation.RequiresPermissions) RequiresLogin(com.ruoyi.common.security.annotation.RequiresLogin) RequiresRoles(com.ruoyi.common.security.annotation.RequiresRoles)

Example 2 with RequiresPermissions

use of com.ruoyi.common.security.annotation.RequiresPermissions in project RuoYi-Cloud by yangzongzhuan.

the class SysUserController method getInfo.

/**
 * 根据用户编号获取详细信息
 */
@RequiresPermissions("system:user:query")
@GetMapping(value = { "/", "/{userId}" })
public AjaxResult getInfo(@PathVariable(value = "userId", required = false) Long userId) {
    userService.checkUserDataScope(userId);
    AjaxResult ajax = AjaxResult.success();
    List<SysRole> roles = roleService.selectRoleAll();
    ajax.put("roles", SysUser.isAdmin(userId) ? roles : roles.stream().filter(r -> !r.isAdmin()).collect(Collectors.toList()));
    ajax.put("posts", postService.selectPostAll());
    if (StringUtils.isNotNull(userId)) {
        SysUser sysUser = userService.selectUserById(userId);
        ajax.put(AjaxResult.DATA_TAG, sysUser);
        ajax.put("postIds", postService.selectPostListByUserId(userId));
        ajax.put("roleIds", sysUser.getRoles().stream().map(SysRole::getRoleId).collect(Collectors.toList()));
    }
    return ajax;
}

Also used : R(com.ruoyi.common.core.domain.R) PathVariable(org.springframework.web.bind.annotation.PathVariable) Log(com.ruoyi.common.log.annotation.Log) SysRole(com.ruoyi.system.api.domain.SysRole) Autowired(org.springframework.beans.factory.annotation.Autowired) RequestMapping(org.springframework.web.bind.annotation.RequestMapping) ArrayUtils(org.apache.commons.lang3.ArrayUtils) InnerAuth(com.ruoyi.common.security.annotation.InnerAuth) TableDataInfo(com.ruoyi.common.core.web.page.TableDataInfo) RequiresPermissions(com.ruoyi.common.security.annotation.RequiresPermissions) RequestBody(org.springframework.web.bind.annotation.RequestBody) ISysConfigService(com.ruoyi.system.service.ISysConfigService) BaseController(com.ruoyi.common.core.web.controller.BaseController) PutMapping(org.springframework.web.bind.annotation.PutMapping) ISysRoleService(com.ruoyi.system.service.ISysRoleService) GetMapping(org.springframework.web.bind.annotation.GetMapping) DeleteMapping(org.springframework.web.bind.annotation.DeleteMapping) BusinessType(com.ruoyi.common.log.enums.BusinessType) LoginUser(com.ruoyi.system.api.model.LoginUser) ISysPermissionService(com.ruoyi.system.service.ISysPermissionService) PostMapping(org.springframework.web.bind.annotation.PostMapping) Validated(org.springframework.validation.annotation.Validated) HttpServletResponse(javax.servlet.http.HttpServletResponse) Set(java.util.Set) IOException(java.io.IOException) AjaxResult(com.ruoyi.common.core.web.domain.AjaxResult) StringUtils(com.ruoyi.common.core.utils.StringUtils) SysUser(com.ruoyi.system.api.domain.SysUser) Collectors(java.util.stream.Collectors) RestController(org.springframework.web.bind.annotation.RestController) List(java.util.List) ISysUserService(com.ruoyi.system.service.ISysUserService) MultipartFile(org.springframework.web.multipart.MultipartFile) UserConstants(com.ruoyi.common.core.constant.UserConstants) ExcelUtil(com.ruoyi.common.core.utils.poi.ExcelUtil) ISysPostService(com.ruoyi.system.service.ISysPostService) SecurityUtils(com.ruoyi.common.security.utils.SecurityUtils) AjaxResult(com.ruoyi.common.core.web.domain.AjaxResult) SysUser(com.ruoyi.system.api.domain.SysUser) SysRole(com.ruoyi.system.api.domain.SysRole) RequiresPermissions(com.ruoyi.common.security.annotation.RequiresPermissions) GetMapping(org.springframework.web.bind.annotation.GetMapping)

Example 3 with RequiresPermissions

use of com.ruoyi.common.security.annotation.RequiresPermissions in project RuoYi-Cloud-Oracle by yangzongzhuan.

the class SysUserController method authRole.

/**
 * 根据用户编号获取授权角色
 */
@RequiresPermissions("system:user:query")
@GetMapping("/authRole/{userId}")
public AjaxResult authRole(@PathVariable("userId") Long userId) {
    AjaxResult ajax = AjaxResult.success();
    SysUser user = userService.selectUserById(userId);
    List<SysRole> roles = roleService.selectRolesByUserId(userId);
    ajax.put("user", user);
    ajax.put("roles", SysUser.isAdmin(userId) ? roles : roles.stream().filter(r -> !r.isAdmin()).collect(Collectors.toList()));
    return ajax;
}

Example 4 with RequiresPermissions

use of com.ruoyi.common.security.annotation.RequiresPermissions in project RuoYi-Cloud-Oracle by yangzongzhuan.

the class SysDeptController method excludeChild.

/**
 * 查询部门列表（排除节点）
 */
@RequiresPermissions("system:dept:list")
@GetMapping("/list/exclude/{deptId}")
public AjaxResult excludeChild(@PathVariable(value = "deptId", required = false) Long deptId) {
    List<SysDept> depts = deptService.selectDeptList(new SysDept());
    Iterator<SysDept> it = depts.iterator();
    while (it.hasNext()) {
        SysDept d = (SysDept) it.next();
        if (d.getDeptId().intValue() == deptId || ArrayUtils.contains(StringUtils.split(d.getAncestors(), ","), deptId + "")) {
            it.remove();
        }
    }
    return AjaxResult.success(depts);
}

Also used : SysDept(com.ruoyi.system.api.domain.SysDept) RequiresPermissions(com.ruoyi.common.security.annotation.RequiresPermissions) GetMapping(org.springframework.web.bind.annotation.GetMapping)

Example 5 with RequiresPermissions

use of com.ruoyi.common.security.annotation.RequiresPermissions in project RuoYi-Cloud-Oracle by yangzongzhuan.

the class SysUserOnlineController method list.

@RequiresPermissions("monitor:online:list")
@GetMapping("/list")
public TableDataInfo list(String ipaddr, String userName) {
    Collection<String> keys = redisService.keys(CacheConstants.LOGIN_TOKEN_KEY + "*");
    List<SysUserOnline> userOnlineList = new ArrayList<SysUserOnline>();
    for (String key : keys) {
        LoginUser user = redisService.getCacheObject(key);
        if (StringUtils.isNotEmpty(ipaddr) && StringUtils.isNotEmpty(userName)) {
            if (StringUtils.equals(ipaddr, user.getIpaddr()) && StringUtils.equals(userName, user.getUsername())) {
                userOnlineList.add(userOnlineService.selectOnlineByInfo(ipaddr, userName, user));
            }
        } else if (StringUtils.isNotEmpty(ipaddr)) {
            if (StringUtils.equals(ipaddr, user.getIpaddr())) {
                userOnlineList.add(userOnlineService.selectOnlineByIpaddr(ipaddr, user));
            }
        } else if (StringUtils.isNotEmpty(userName)) {
            if (StringUtils.equals(userName, user.getUsername())) {
                userOnlineList.add(userOnlineService.selectOnlineByUserName(userName, user));
            }
        } else {
            userOnlineList.add(userOnlineService.loginUserToUserOnline(user));
        }
    }
    Collections.reverse(userOnlineList);
    userOnlineList.removeAll(Collections.singleton(null));
    return getDataTable(userOnlineList);
}

Also used : SysUserOnline(com.ruoyi.system.domain.SysUserOnline) ArrayList(java.util.ArrayList) LoginUser(com.ruoyi.system.api.model.LoginUser) RequiresPermissions(com.ruoyi.common.security.annotation.RequiresPermissions) GetMapping(org.springframework.web.bind.annotation.GetMapping)

Aggregations

RequiresPermissions (com.ruoyi.common.security.annotation.RequiresPermissions)14 GetMapping (org.springframework.web.bind.annotation.GetMapping)10 Log (com.ruoyi.common.log.annotation.Log)6 LoginUser (com.ruoyi.system.api.model.LoginUser)6 PutMapping (org.springframework.web.bind.annotation.PutMapping)6 UserConstants (com.ruoyi.common.core.constant.UserConstants)4 R (com.ruoyi.common.core.domain.R)4 StringUtils (com.ruoyi.common.core.utils.StringUtils)4 ExcelUtil (com.ruoyi.common.core.utils.poi.ExcelUtil)4 BaseController (com.ruoyi.common.core.web.controller.BaseController)4 AjaxResult (com.ruoyi.common.core.web.domain.AjaxResult)4 TableDataInfo (com.ruoyi.common.core.web.page.TableDataInfo)4 BusinessType (com.ruoyi.common.log.enums.BusinessType)4 InnerAuth (com.ruoyi.common.security.annotation.InnerAuth)4 SecurityUtils (com.ruoyi.common.security.utils.SecurityUtils)4 SysRole (com.ruoyi.system.api.domain.SysRole)4 SysUser (com.ruoyi.system.api.domain.SysUser)4 ISysConfigService (com.ruoyi.system.service.ISysConfigService)4 ISysPermissionService (com.ruoyi.system.service.ISysPermissionService)4 ISysPostService (com.ruoyi.system.service.ISysPostService)4