fix[litemall-admin, litemall-admin-api]: 修复后台系统角色权限传递问题 #403

b62c88b0 · linlinjava · 21ac9ac1 · b62c88b0 · b62c88b0 · b62c88b0
Commit b62c88b0 authored Mar 30, 2022 by linlinjava
--- a/litemall-admin-api/src/main/java/org/linlinjava/litemall/admin/web/AdminRoleController.java
+++ b/litemall-admin-api/src/main/java/org/linlinjava/litemall/admin/web/AdminRoleController.java
 package org.linlinjava.litemall.admin.web;
+import io.swagger.models.auth.In;
 import org.apache.commons.logging.Log;
 import org.apache.commons.logging.LogFactory;
+import org.apache.shiro.SecurityUtils;
 import org.apache.shiro.authz.annotation.RequiresPermissions;
+import org.apache.shiro.subject.Subject;
 import org.linlinjava.litemall.admin.annotation.RequiresPermissionsDesc;
 import org.linlinjava.litemall.admin.util.AdminResponseCode;
 import org.linlinjava.litemall.admin.util.Permission;
@@ -25,10 +28,10 @@ import org.springframework.validation.annotation.Validated;
 import org.springframework.web.bind.annotation.*;
 import javax.validation.constraints.NotNull;
+import java.security.Security;
 import java.util.*;
-import static org.linlinjava.litemall.admin.util.AdminResponseCode.ROLE_NAME_EXIST;
+import static org.linlinjava.litemall.admin.util.AdminResponseCode.*;
-import static org.linlinjava.litemall.admin.util.AdminResponseCode.ROLE_USER_EXIST;
 @RestController
 @RequestMapping("/admin/role")
@@ -159,15 +162,15 @@ public class AdminRoleController {
        return systemPermissions;
    }
-    private Set<String> getAssignedPermissions(Integer roleId) {
+    private Set<String> getAssignedPermissions(List<Integer> roleIds) {
        // 这里需要注意的是，如果存在超级权限*，那么这里需要转化成当前所有系统权限。
        // 之所以这么做，是因为前端不能识别超级权限，所以这里需要转换一下。
        Set<String> assignedPermissions = null;
-        if (permissionService.checkSuperPermission(roleId)) {
+        if (permissionService.checkSuperPermission(roleIds)) {
            getSystemPermissions();
            assignedPermissions = systemPermissionsString;
        } else {
-            assignedPermissions = permissionService.queryByRoleId(roleId);
+            assignedPermissions = permissionService.queryByRoleId(roleIds);
        }
        return assignedPermissions;
@@ -176,18 +179,38 @@ public class AdminRoleController {
    /**
     * 管理员的权限情况
     *
-     * @return 系统所有权限列表和管理员已分配权限
+     * @return 系统所有权限列表、角色权限、管理员已分配权限
     */
    @RequiresPermissions("admin:role:permission:get")
    @RequiresPermissionsDesc(menu = {"系统管理", "角色管理"}, button = "权限详情")
    @GetMapping("/permissions")
    public Object getPermissions(Integer roleId) {
        List<PermVo> systemPermissions = getSystemPermissions();
-        Set<String> assignedPermissions = getAssignedPermissions(roleId);
+        // 这里需要注意的是，如果存在超级权限*，那么这里需要转化成当前所有系统权限。
+        // 之所以这么做，是因为前端不能识别超级权限，所以这里需要转换一下。
+        Set<String> assignedPermissions = null;
+        if (permissionService.checkSuperPermission(roleId)) {
+            getSystemPermissions();
+            assignedPermissions = systemPermissionsString;
+        } else {
+            assignedPermissions = permissionService.queryByRoleId(roleId);
+        }
+        Subject currentUser = SecurityUtils.getSubject();
+        LitemallAdmin currentAdmin = (LitemallAdmin) currentUser.getPrincipal();
+        Integer[] roles = currentAdmin.getRoleIds();
+        List<Integer> roleIds = Arrays.asList(roles);
+        Set<String> curPermissions = null;
+        if (!permissionService.checkSuperPermission(roleIds)) {
+            curPermissions = permissionService.queryByRoleId(roleIds);
+        }
        Map<String, Object> data = new HashMap<>();
        data.put("systemPermissions", systemPermissions);
        data.put("assignedPermissions", assignedPermissions);
+        data.put("curPermissions", curPermissions);
        return ResponseUtil.ok(data);
    }

--- a/litemall-admin/src/views/sys/role.vue
+++ b/litemall-admin/src/views/sys/role.vue
@@ -225,6 +225,25 @@ export default {
        .then(response => {
          this.systemPermissions = response.data.data.systemPermissions
          this.assignedPermissions = response.data.data.assignedPermissions
+          var _curPermissions = response.data.data.curPermissions
+          if (_curPermissions) {
+            var _map = {}
+            _curPermissions.forEach(r => {
+              _map[r] = true
+            })
+            this.systemPermissions.forEach(i => {
+              i.children.forEach(j => {
+                j.children.forEach(k => {
+                  if (_map[k.id]) {
+                    k.disabled = false
+                  } else {
+                    k.disabled = true
+                  }
+                })
+              })
+            })
+          }
        })
    },
    updatePermission() {

--- a/litemall-db/src/main/java/org/linlinjava/litemall/db/service/LitemallPermissionService.java
+++ b/litemall-db/src/main/java/org/linlinjava/litemall/db/service/LitemallPermissionService.java
@@ -55,6 +55,23 @@ public class LitemallPermissionService {
        return permissions;
    }
+    public Set<String> queryByRoleId(List<Integer> roleIds) {
+        Set<String> permissions = new HashSet<String>();
+        if(roleIds == null || roleIds.isEmpty()){
+            return permissions;
+        }
+        LitemallPermissionExample example = new LitemallPermissionExample();
+        example.or().andRoleIdIn(roleIds).andDeletedEqualTo(false);
+        List<LitemallPermission> permissionList = permissionMapper.selectByExample(example);
+        for(LitemallPermission permission : permissionList){
+            permissions.add(permission.getPermission());
+        }
+        return permissions;
+    }
    public boolean checkSuperPermission(Integer roleId) {
        if(roleId == null){
            return false;
@@ -65,6 +82,16 @@ public class LitemallPermissionService {
        return permissionMapper.countByExample(example) != 0;
    }
+    public boolean checkSuperPermission(List<Integer> roleIds) {
+        if(roleIds == null || roleIds.isEmpty()){
+            return false;
+        }
+        LitemallPermissionExample example = new LitemallPermissionExample();
+        example.or().andRoleIdIn(roleIds).andPermissionEqualTo("*").andDeletedEqualTo(false);
+        return permissionMapper.countByExample(example) != 0;
+    }
    public void deleteByRoleId(Integer roleId) {
        LitemallPermissionExample example = new LitemallPermissionExample();
        example.or().andRoleIdEqualTo(roleId).andDeletedEqualTo(false);