权限管理- winSecurity

作者:Saber 分类: 原创 发布于:2018-12-10 14:20 ė476次浏览 60条评论

winSecurity

适用基于springboot或spring创建的项目,依赖spring-data-jpa、shiro,与springboot集成较方便

git地址: https://gitee.com/UnlimitedBladeWorks_123/spring-biz-module/tree/master/win-security

  •   提供权限管理相关的接口
  •  winSecurity提供的接口可动态配置,默认全部提供
  •  用户、角色信息支持扩展
  •   关键业务逻辑支持扩展
  •   使用shiro对请求进行拦截处理, 支持扩展
  •   请求拦截规则:对配置的请求做拦截,未配置的请求默认都可以访问;特殊: winSecurity提供的接口未配置时, 只有用户登录后才能访问
  •  不提供登录、登出接口



SPRINGBOOT项目集成方法


 引入jar包

 compile("com.winbaoxian.module:win-security:1.0.0-SNAPSHOT")


 创建表

   使用jar包中security.sql创建相关表,用户、角色、资源及关系表

 

Application加上注解@EnableWinSecurity

 @EnableWinSecurity(entityManagerFactoryRef = "entityManagerFactoryTob",
 transactionManagerRef = "transactionManagerTob")

说明

entityManagerFactoryRef jpa相关配置的EntityManagerFactory

 transactionManagerRef 事务管理


系统接口改造


  • 登录接口增加代码
WinSecurityAccessService.login(String userName);
  • 注销接口增加代码
WinSecurityAccessService.logout();


相关接口文档

http://doc.suiyiwen.com/win-security/



扩展


表前缀设置

  • @EnableWinSecurity设置tablePrefix
  • 创建表加上前缀


Controller暴露接口控制

可分别控制用户管理、资源管理、角色管理、登录用户数据接口,默认全部生效

  • @EnableWinSecurity设置controllerScopes
  •     NONE: 全部失效
  •     ALL: 全部生效
  •     USER: 用户管理
  •     ROLE: 角色管理
  •     RESOURCE: 资源管理
  •     ACCESS: 登录用户数据接口


用户扩展

  • @EnableWinSecurity设置extensionUserDTO、extensionUserEntity


  • extensionUserDTO 用户前端请求对象
@Data
    public class BrokerageAdminUserDTO extends WinSecurityBaseUserDTO {
        @JsonIgnore
        private String password;
        private String token;
        private Long topDepartmentId;
        private Long subDepartmentId;
        private String position;
        private String logoImg;
        private Integer sex;
        private Date entryTime;
        private String idCard;
        private String cityName;
        private Long cityId;
        private String storeCode;
        private String ossUserName;
        private String remark;
        private Integer type;
        private Integer serviceCount;
        private Integer bindingCount;
        private Boolean isPerson;
        private Boolean isCar;
    }

    

  • extensionUserEntity entity实体
 @Entity
    @DynamicInsert
    @DynamicUpdate
    @Data
    public class BrokerageAdminUserEntity extends WinSecurityBaseUserEntity {
        @Column(name = "password")
        private String password;
        @Column(name = "token")
        private String token;
        @Column(name = "top_department_id")
        private Long topDepartmentId;
        @Column(name = "sub_department_id")
        private Long subDepartmentId;
        @Column(name = "position")
        private String position;
        @Column(name = "logo_img")
        private String logoImg;
        @Column(name = "sex")
        private Integer sex;
        @Column(name = "entry_time")
        private Date entryTime;
        @Column(name = "id_card")
        private String idCard;
        @Column(name = "city_name")
        private String cityName;
        @Column(name = "city_id")
        private Long cityId;
        @Column(name = "store_code")
        private String storeCode;
        @Column(name = "oss_user_name")
        private String ossUserName;
        @Column(name = "remark")
        private String remark;
        @Column(name = "type")
        private Integer type;
        @Column(name = "service_count")
        private Integer serviceCount;
        @Column(name = "binding_count")
        private Integer bindingCount;
        @Column(name = "is_person")
        private Boolean isPerson;
        @Column(name = "is_car")
        private Boolean isCar;  
    }

   

角色扩展


  • @EnableWinSecurity设置extensionRoleDTO、extensionRoleEntity
  • extensionRoleDTO 角色前端请求对象
@Data
    public class BrokerageAdminRoleDTO extends WinSecurityBaseRoleDTO {
        private Integer departmentLevel;
    }

    

  • extensionRoleEntity entity实体
@Entity
    @DynamicInsert
    @DynamicUpdate
    @Data
    public class BrokerageAdminRoleEntity extends WinSecurityBaseRoleEntity {  
        @Column(name = "DEPARTMENT_LEVEL")
        private Integer departmentLevel;  
    }

    

业务处理扩展 

  • @EnableWinSecurity设置extensionServiceProcessors

支持四种场景的业务扩展,需要实现特定的接口

  • 增加用户(IUserAddProcessor)
  • 更新用户(IUserUpdateProcessor)
  • 增加角色(IRoleAddProcessor)
  • 更新角色(IRoleUpdateProcessor)

  

例:

@Slf4j
    public class UserAddProcessorImpl implements IUserAddProcessor<BrokerageAdminUserDTO, BrokerageAdminUserEntity> {
        @Resource
        private OrgDepartmentService orgDepartmentService;
        @Resource
        private BrokerageAdminService brokerageAdminService;
        @Override
        public void preProcess(BrokerageAdminUserDTO dto) throws WinSecurityException {
        }
        @Override
        public void customValidateAfterCommon(BrokerageAdminUserDTO dto) throws WinSecurityException {
            if (dto.getSubDepartmentId() == null) {
                throw new WinSecurityException("未选择机构");
            }
            BrokerageOrgDepartment selectDepartment = orgDepartmentService.findById(dto.getSubDepartmentId());
            if (!CollectionUtils.isEmpty(dto.getRoleIdList())) {
                for (Long roleId : dto.getRoleIdList()) {
                    BrokerageAdminRoleDTO selectRole = brokerageAdminService.getRoleById(roleId);
                    if (!selectDepartment.getLevel().equals(selectRole.getDepartmentLevel())) {
                        throw new WinSecurityException("机构等级与角色等级不符");
                    }
                }
            }
        }
        @Override
        public void customMappingAfterCommon(BrokerageAdminUserDTO dto, BrokerageAdminUserEntity entity) throws WinSecurityException {
            if (StringUtils.isNotBlank(dto.getPassword())) {
                entity.setPassword(DigestUtils.md5Hex(dto.getUserName() + dto.getPassword()));
            }
        }
        @Override
        public void postProcess(BrokerageAdminUserDTO dto) throws WinSecurityException {
        }
    }

    



Spring项目集成方法


引入jar包

compile("com.winbaoxian.module:win-security:1.0.0-SNAPSHOT")


  • jar包版本升级


compile('org.hibernate:hibernate-core:5.0.12.Final')    
compile('org.aspectj:aspectjrt:1.8.13')    
compile('org.aspectj:aspectjweaver:1.8.13')
spring版本升级到4.3.19.RELEASE,其他版本兼容也可以


创建表


   使用jar包中security.sql创建相关表,用户、角色、资源及关系表


增加配置文件

@Configuration
  @EnableWinSecurity(transactionManagerRef = "transactionManagerWinSecurity", entityManagerFactoryRef = "entityManagerFactoryWinSecurity", tablePrefix = "security")
  public class WinSecurityConfiguration {
      @Resource
      private DataSource dataSource;
      @Resource
      private SessionFactoryImpl sessionFactory;
      @Bean
      public LocalContainerEntityManagerFactoryBean entityManagerFactoryWinSecurity() {
          LocalContainerEntityManagerFactoryBean factoryBean = new LocalContainerEntityManagerFactoryBean();
          factoryBean.setDataSource(dataSource);
          factoryBean.setPackagesToScan(new String[]{});
          factoryBean.setPersistenceUnitName("winSecurity");
          factoryBean.setJpaProperties(sessionFactory.getProperties());
          factoryBean.setPersistenceProviderClass(HibernatePersistenceProvider.class);
          return factoryBean;
      }
      @Bean
      PlatformTransactionManager transactionManagerWinSecurity() {
          return new JpaTransactionManager(entityManagerFactoryWinSecurity().getObject());
      }
  } 


修改spring配置文件 *.xml


  • 将org.springframework.orm.hibernate**4**.* 改成 org.springframework.orm.hibernate**5**.*
  • spring-mvc.xml增加 
 <bean class="org.springframework.web.servlet.mvc.method.annotation.RequestMappingHandlerMapping">
        <property name="detectHandlerMethodsInAncestorContexts">
            <value>true</value>
        </property>
    </bean>

   

系统接口改造


  • 登录接口增加代码
WinSecurityAccessService.login(String userName);


  • 注销接口增加代码
WinSecurityAccessService.logout();

   

相关接口文档

http://doc.suiyiwen.com/win-security/

  

本文出自 轩的博客,转载时请注明出处及相应链接。

发表评论

电子邮件地址不会被公开。必填项已用*标注


Ɣ回顶部