update 整合 satoken 权限、鉴权一体化框架

疯狂的狮子li

2021-09-23 553c29ab8a46c9a07e3657fdd36a81a6bfde1afe

update 整合 satoken 权限、鉴权一体化框架

 pom.xml

@@ -25,7 +25,7 @@
        <poi.version>4.1.2</poi.version>
        <easyexcel.version>2.2.11</easyexcel.version>
        <velocity.version>1.7</velocity.version>
        <jwt.version>0.9.1</jwt.version>
        <satoken.version>1.26.0</satoken.version>
        <mybatis-plus.version>3.4.3.3</mybatis-plus.version>
        <p6spy.version>3.9.1</p6spy.version>
        <hutool.version>5.7.13</hutool.version>
@@ -121,11 +121,23 @@
                <version>${velocity.version}</version>
            </dependency>

            <!-- Token生成与解析-->
            <!-- Sa-Token æƒé™è®¤è¯, åœ¨çº¿æ–‡æ¡£ï¼šhttp://sa-token.dev33.cn/ -->
            <dependency>
                <groupId>io.jsonwebtoken</groupId>
                <artifactId>jjwt</artifactId>
                <version>${jwt.version}</version>
                <groupId>cn.dev33</groupId>
                <artifactId>sa-token-spring-boot-starter</artifactId>
                <version>${satoken.version}</version>
            </dependency>
            <!-- Sa-Token æ•´åˆ Redis ï¼ˆä½¿ç”¨jackson序列化方式） -->
            <dependency>
                <groupId>cn.dev33</groupId>
                <artifactId>sa-token-dao-redis-jackson</artifactId>
                <version>${satoken.version}</version>
            </dependency>
            <!-- Sa-Token整合SpringAOP实现注解鉴权 -->
            <dependency>
                <groupId>cn.dev33</groupId>
                <artifactId>sa-token-spring-aop</artifactId>
                <version>${satoken.version}</version>
            </dependency>

            <!-- dynamic-datasource å¤šæ•°æ®æº-->

 ruoyi-admin/src/main/java/com/ruoyi/web/controller/monitor/CacheController.java

@@ -1,11 +1,11 @@
package com.ruoyi.web.controller.monitor;

import com.ruoyi.common.utils.StringUtils;
import cn.dev33.satoken.annotation.SaCheckPermission;
import com.ruoyi.common.core.domain.AjaxResult;
import com.ruoyi.common.utils.StringUtils;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.data.redis.core.RedisCallback;
import org.springframework.data.redis.core.RedisTemplate;
import org.springframework.security.access.prepost.PreAuthorize;
import org.springframework.web.bind.annotation.GetMapping;
import org.springframework.web.bind.annotation.RequestMapping;
import org.springframework.web.bind.annotation.RestController;
@@ -24,7 +24,7 @@
    @Autowired
    private RedisTemplate<String, String> redisTemplate;

    @PreAuthorize("@ss.hasPermi('monitor:cache:list')")
    @SaCheckPermission("monitor:cache:list")
    @GetMapping()
    public AjaxResult getInfo() throws Exception
    {

 ruoyi-admin/src/main/java/com/ruoyi/web/controller/monitor/SysLogininforController.java

@@ -1,5 +1,6 @@
package com.ruoyi.web.controller.monitor;

import cn.dev33.satoken.annotation.SaCheckPermission;
import com.ruoyi.common.annotation.Log;
import com.ruoyi.common.core.controller.BaseController;
import com.ruoyi.common.core.domain.AjaxResult;
@@ -9,7 +10,6 @@
import com.ruoyi.system.domain.SysLogininfor;
import com.ruoyi.system.service.ISysLogininforService;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.security.access.prepost.PreAuthorize;
import org.springframework.web.bind.annotation.*;

import javax.servlet.http.HttpServletResponse;
@@ -27,7 +27,7 @@
    @Autowired
    private ISysLogininforService logininforService;

    @PreAuthorize("@ss.hasPermi('monitor:logininfor:list')")
    @SaCheckPermission("monitor:logininfor:list")
    @GetMapping("/list")
    public TableDataInfo list(SysLogininfor logininfor)
    {
@@ -35,7 +35,7 @@
    }

    @Log(title = "登录日志", businessType = BusinessType.EXPORT)
    @PreAuthorize("@ss.hasPermi('monitor:logininfor:export')")
    @SaCheckPermission("monitor:logininfor:export")
    @GetMapping("/export")
    public void export(SysLogininfor logininfor, HttpServletResponse response)
    {
@@ -43,7 +43,7 @@
        ExcelUtil.exportExcel(list, "登录日志", SysLogininfor.class, response);
    }

    @PreAuthorize("@ss.hasPermi('monitor:logininfor:remove')")
    @SaCheckPermission("monitor:logininfor:remove")
    @Log(title = "登录日志", businessType = BusinessType.DELETE)
    @DeleteMapping("/{infoIds}")
    public AjaxResult remove(@PathVariable Long[] infoIds)
@@ -51,7 +51,7 @@
        return toAjax(logininforService.deleteLogininforByIds(infoIds));
    }

    @PreAuthorize("@ss.hasPermi('monitor:logininfor:remove')")
    @SaCheckPermission("monitor:logininfor:remove")
    @Log(title = "登录日志", businessType = BusinessType.CLEAN)
    @DeleteMapping("/clean")
    public AjaxResult clean()

 ruoyi-admin/src/main/java/com/ruoyi/web/controller/monitor/SysOperlogController.java

@@ -1,5 +1,6 @@
package com.ruoyi.web.controller.monitor;

import cn.dev33.satoken.annotation.SaCheckPermission;
import com.ruoyi.common.annotation.Log;
import com.ruoyi.common.core.controller.BaseController;
import com.ruoyi.common.core.domain.AjaxResult;
@@ -9,7 +10,6 @@
import com.ruoyi.system.domain.SysOperLog;
import com.ruoyi.system.service.ISysOperLogService;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.security.access.prepost.PreAuthorize;
import org.springframework.web.bind.annotation.*;

import javax.servlet.http.HttpServletResponse;
@@ -27,7 +27,7 @@
    @Autowired
    private ISysOperLogService operLogService;

    @PreAuthorize("@ss.hasPermi('monitor:operlog:list')")
    @SaCheckPermission("monitor:operlog:list")
    @GetMapping("/list")
    public TableDataInfo list(SysOperLog operLog)
    {
@@ -35,7 +35,7 @@
    }

    @Log(title = "操作日志", businessType = BusinessType.EXPORT)
    @PreAuthorize("@ss.hasPermi('monitor:operlog:export')")
    @SaCheckPermission("monitor:operlog:export")
    @GetMapping("/export")
    public void export(SysOperLog operLog, HttpServletResponse response)
    {
@@ -44,7 +44,7 @@
    }

    @Log(title = "操作日志", businessType = BusinessType.DELETE)
    @PreAuthorize("@ss.hasPermi('monitor:operlog:remove')")
    @SaCheckPermission("monitor:operlog:remove")
    @DeleteMapping("/{operIds}")
    public AjaxResult remove(@PathVariable Long[] operIds)
    {
@@ -52,7 +52,7 @@
    }

    @Log(title = "操作日志", businessType = BusinessType.CLEAN)
    @PreAuthorize("@ss.hasPermi('monitor:operlog:remove')")
    @SaCheckPermission("monitor:operlog:remove")
    @DeleteMapping("/clean")
    public AjaxResult clean()
    {

 ruoyi-admin/src/main/java/com/ruoyi/web/controller/monitor/SysUserOnlineController.java

@@ -1,25 +1,27 @@
package com.ruoyi.web.controller.monitor;

import cn.dev33.satoken.annotation.SaCheckPermission;
import cn.dev33.satoken.exception.NotLoginException;
import cn.dev33.satoken.stp.StpUtil;
import cn.hutool.core.bean.BeanUtil;
import com.ruoyi.common.annotation.Log;
import com.ruoyi.common.constant.Constants;
import com.ruoyi.common.core.controller.BaseController;
import com.ruoyi.common.core.domain.AjaxResult;
import com.ruoyi.common.core.domain.model.LoginUser;
import com.ruoyi.common.core.domain.dto.UserOnlineDTO;
import com.ruoyi.common.core.page.TableDataInfo;
import com.ruoyi.common.enums.BusinessType;
import com.ruoyi.common.utils.PageUtils;
import com.ruoyi.common.utils.RedisUtils;
import com.ruoyi.common.utils.StringUtils;
import com.ruoyi.system.domain.SysUserOnline;
import com.ruoyi.system.service.ISysUserOnlineService;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.security.access.prepost.PreAuthorize;
import org.springframework.web.bind.annotation.*;

import java.util.ArrayList;
import java.util.Collection;
import java.util.Collections;
import java.util.List;
import java.util.stream.Collectors;

/**
 * åœ¨çº¿ç”¨æˆ·ç›‘控
@@ -28,60 +30,47 @@
 */
@RestController
@RequestMapping("/monitor/online")
public class SysUserOnlineController extends BaseController
{
    @Autowired
    private ISysUserOnlineService userOnlineService;
public class SysUserOnlineController extends BaseController {

    @PreAuthorize("@ss.hasPermi('monitor:online:list')")
    @SaCheckPermission("monitor:online:list")
    @GetMapping("/list")
    public TableDataInfo list(String ipaddr, String userName)
    {
        Collection<String> keys = RedisUtils.keys(Constants.LOGIN_TOKEN_KEY + "*");
        List<SysUserOnline> userOnlineList = new ArrayList<SysUserOnline>();
        for (String key : keys)
        {
            LoginUser user = RedisUtils.getCacheObject(key);
            if (StringUtils.isNotEmpty(ipaddr) && StringUtils.isNotEmpty(userName))
            {
                if (StringUtils.equals(ipaddr, user.getIpaddr()) && StringUtils.equals(userName, user.getUsername()))
                {
                    userOnlineList.add(userOnlineService.selectOnlineByInfo(ipaddr, userName, user));
    public TableDataInfo list(String ipaddr, String userName) {
        Collection<String> keys = RedisUtils.keys(Constants.ONLINE_TOKEN_KEY + "*");
        List<UserOnlineDTO> userOnlineDTOList = new ArrayList<>();
        for (String key : keys) {
            userOnlineDTOList.add(RedisUtils.getCacheObject(key));
                }
        if (StringUtils.isNotEmpty(ipaddr) && StringUtils.isNotEmpty(userName)) {
            userOnlineDTOList = userOnlineDTOList.stream().filter(userOnline ->
                    StringUtils.equals(ipaddr, userOnline.getIpaddr()) &&
                            StringUtils.equals(userName, userOnline.getUserName())
            ).collect(Collectors.toList());
        } else if (StringUtils.isNotEmpty(ipaddr)) {
            userOnlineDTOList = userOnlineDTOList.stream().filter(userOnline ->
                    StringUtils.equals(ipaddr, userOnline.getIpaddr()))
                    .collect(Collectors.toList());
        } else if (StringUtils.isNotEmpty(userName)) {
            userOnlineDTOList = userOnlineDTOList.stream().filter(userOnline ->
                    StringUtils.equals(userName, userOnline.getUserName())
            ).collect(Collectors.toList());
            }
            else if (StringUtils.isNotEmpty(ipaddr))
            {
                if (StringUtils.equals(ipaddr, user.getIpaddr()))
                {
                    userOnlineList.add(userOnlineService.selectOnlineByIpaddr(ipaddr, user));
                }
            }
            else if (StringUtils.isNotEmpty(userName) && StringUtils.isNotNull(user.getUser()))
            {
                if (StringUtils.equals(userName, user.getUsername()))
                {
                    userOnlineList.add(userOnlineService.selectOnlineByUserName(userName, user));
                }
            }
            else
            {
                userOnlineList.add(userOnlineService.loginUserToUserOnline(user));
            }
        }
        Collections.reverse(userOnlineList);
        userOnlineList.removeAll(Collections.singleton(null));
        Collections.reverse(userOnlineDTOList);
        userOnlineDTOList.removeAll(Collections.singleton(null));
        List<SysUserOnline> userOnlineList = BeanUtil.copyToList(userOnlineDTOList, SysUserOnline.class);
        return PageUtils.buildDataInfo(userOnlineList);
    }

    /**
     * å¼ºé€€ç”¨æˆ·
     */
    @PreAuthorize("@ss.hasPermi('monitor:online:forceLogout')")
    @SaCheckPermission("monitor:online:forceLogout")
    @Log(title = "在线用户", businessType = BusinessType.FORCE)
    @DeleteMapping("/{tokenId}")
    public AjaxResult forceLogout(@PathVariable String tokenId)
    {
        RedisUtils.deleteObject(Constants.LOGIN_TOKEN_KEY + tokenId);
    public AjaxResult forceLogout(@PathVariable String tokenId) {
        try {
            StpUtil.logoutByTokenValue(tokenId);
        } catch (NotLoginException e) {
        }
        return AjaxResult.success();
    }
}

 ruoyi-admin/src/main/java/com/ruoyi/web/controller/system/SysConfigController.java

@@ -1,5 +1,6 @@
package com.ruoyi.web.controller.system;

import cn.dev33.satoken.annotation.SaCheckPermission;
import com.ruoyi.common.annotation.Log;
import com.ruoyi.common.annotation.RepeatSubmit;
import com.ruoyi.common.constant.UserConstants;
@@ -11,7 +12,6 @@
import com.ruoyi.system.domain.SysConfig;
import com.ruoyi.system.service.ISysConfigService;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.security.access.prepost.PreAuthorize;
import org.springframework.validation.annotation.Validated;
import org.springframework.web.bind.annotation.*;

@@ -33,7 +33,7 @@
    /**
     * èŽ·å–参数配置列表
     */
    @PreAuthorize("@ss.hasPermi('system:config:list')")
    @SaCheckPermission("system:config:list")
    @GetMapping("/list")
    public TableDataInfo list(SysConfig config)
    {
@@ -41,7 +41,7 @@
    }

    @Log(title = "参数管理", businessType = BusinessType.EXPORT)
    @PreAuthorize("@ss.hasPermi('system:config:export')")
    @SaCheckPermission("system:config:export")
    @GetMapping("/export")
    public void export(SysConfig config, HttpServletResponse response)
    {
@@ -52,7 +52,7 @@
    /**
     * æ ¹æ®å‚数编号获取详细信息
     */
    @PreAuthorize("@ss.hasPermi('system:config:query')")
    @SaCheckPermission("system:config:query")
    @GetMapping(value = "/{configId}")
    public AjaxResult getInfo(@PathVariable Long configId)
    {
@@ -71,7 +71,7 @@
    /**
     * æ–°å¢žå‚数配置
     */
    @PreAuthorize("@ss.hasPermi('system:config:add')")
    @SaCheckPermission("system:config:add")
    @Log(title = "参数管理", businessType = BusinessType.INSERT)
    @PostMapping
    @RepeatSubmit
@@ -81,14 +81,13 @@
        {
            return AjaxResult.error("新增参数'" + config.getConfigName() + "'失败，参数键名已存在");
        }
        config.setCreateBy(getUsername());
        return toAjax(configService.insertConfig(config));
    }

    /**
     * ä¿®æ”¹å‚数配置
     */
    @PreAuthorize("@ss.hasPermi('system:config:edit')")
    @SaCheckPermission("system:config:edit")
    @Log(title = "参数管理", businessType = BusinessType.UPDATE)
    @PutMapping
    public AjaxResult edit(@Validated @RequestBody SysConfig config)
@@ -97,14 +96,13 @@
        {
            return AjaxResult.error("修改参数'" + config.getConfigName() + "'失败，参数键名已存在");
        }
        config.setUpdateBy(getUsername());
        return toAjax(configService.updateConfig(config));
    }

    /**
     * åˆ é™¤å‚数配置
     */
    @PreAuthorize("@ss.hasPermi('system:config:remove')")
    @SaCheckPermission("system:config:remove")
    @Log(title = "参数管理", businessType = BusinessType.DELETE)
    @DeleteMapping("/{configIds}")
    public AjaxResult remove(@PathVariable Long[] configIds)
@@ -116,7 +114,7 @@
    /**
     * åˆ·æ–°å‚数缓存
     */
    @PreAuthorize("@ss.hasPermi('system:config:remove')")
    @SaCheckPermission("system:config:remove")
    @Log(title = "参数管理", businessType = BusinessType.CLEAN)
    @DeleteMapping("/refreshCache")
    public AjaxResult refreshCache()

 ruoyi-admin/src/main/java/com/ruoyi/web/controller/system/SysDeptController.java

@@ -1,5 +1,6 @@
package com.ruoyi.web.controller.system;

import cn.dev33.satoken.annotation.SaCheckPermission;
import cn.hutool.core.util.ArrayUtil;
import com.ruoyi.common.annotation.Log;
import com.ruoyi.common.constant.UserConstants;
@@ -10,7 +11,6 @@
import com.ruoyi.common.utils.StringUtils;
import com.ruoyi.system.service.ISysDeptService;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.security.access.prepost.PreAuthorize;
import org.springframework.validation.annotation.Validated;
import org.springframework.web.bind.annotation.*;

@@ -34,7 +34,7 @@
    /**
     * èŽ·å–部门列表
     */
    @PreAuthorize("@ss.hasPermi('system:dept:list')")
    @SaCheckPermission("system:dept:list")
    @GetMapping("/list")
    public AjaxResult list(SysDept dept)
    {
@@ -45,7 +45,7 @@
    /**
     * æŸ¥è¯¢éƒ¨é—¨åˆ—表（排除节点）
     */
    @PreAuthorize("@ss.hasPermi('system:dept:list')")
    @SaCheckPermission("system:dept:list")
    @GetMapping("/list/exclude/{deptId}")
    public AjaxResult excludeChild(@PathVariable(value = "deptId", required = false) Long deptId)
    {
@@ -66,7 +66,7 @@
    /**
     * æ ¹æ®éƒ¨é—¨ç¼–号获取详细信息
     */
    @PreAuthorize("@ss.hasPermi('system:dept:query')")
    @SaCheckPermission("system:dept:query")
    @GetMapping(value = "/{deptId}")
    public AjaxResult getInfo(@PathVariable Long deptId)
    {
@@ -100,7 +100,7 @@
    /**
     * æ–°å¢žéƒ¨é—¨
     */
    @PreAuthorize("@ss.hasPermi('system:dept:add')")
    @SaCheckPermission("system:dept:add")
    @Log(title = "部门管理", businessType = BusinessType.INSERT)
    @PostMapping
    public AjaxResult add(@Validated @RequestBody SysDept dept)
@@ -109,14 +109,13 @@
        {
            return AjaxResult.error("新增部门'" + dept.getDeptName() + "'失败，部门名称已存在");
        }
        dept.setCreateBy(getUsername());
        return toAjax(deptService.insertDept(dept));
    }

    /**
     * ä¿®æ”¹éƒ¨é—¨
     */
    @PreAuthorize("@ss.hasPermi('system:dept:edit')")
    @SaCheckPermission("system:dept:edit")
    @Log(title = "部门管理", businessType = BusinessType.UPDATE)
    @PutMapping
    public AjaxResult edit(@Validated @RequestBody SysDept dept)
@@ -134,14 +133,13 @@
        {
            return AjaxResult.error("该部门包含未停用的子部门！");
        }
        dept.setUpdateBy(getUsername());
        return toAjax(deptService.updateDept(dept));
    }

    /**
     * åˆ é™¤éƒ¨é—¨
     */
    @PreAuthorize("@ss.hasPermi('system:dept:remove')")
    @SaCheckPermission("system:dept:remove")
    @Log(title = "部门管理", businessType = BusinessType.DELETE)
    @DeleteMapping("/{deptId}")
    public AjaxResult remove(@PathVariable Long deptId)

 ruoyi-admin/src/main/java/com/ruoyi/web/controller/system/SysDictDataController.java

@@ -1,5 +1,6 @@
package com.ruoyi.web.controller.system;

import cn.dev33.satoken.annotation.SaCheckPermission;
import com.ruoyi.common.annotation.Log;
import com.ruoyi.common.core.controller.BaseController;
import com.ruoyi.common.core.domain.AjaxResult;
@@ -11,7 +12,6 @@
import com.ruoyi.system.service.ISysDictDataService;
import com.ruoyi.system.service.ISysDictTypeService;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.security.access.prepost.PreAuthorize;
import org.springframework.validation.annotation.Validated;
import org.springframework.web.bind.annotation.*;

@@ -34,7 +34,7 @@
    @Autowired
    private ISysDictTypeService dictTypeService;

    @PreAuthorize("@ss.hasPermi('system:dict:list')")
    @SaCheckPermission("system:dict:list")
    @GetMapping("/list")
    public TableDataInfo list(SysDictData dictData)
    {
@@ -42,7 +42,7 @@
    }

    @Log(title = "字典数据", businessType = BusinessType.EXPORT)
    @PreAuthorize("@ss.hasPermi('system:dict:export')")
    @SaCheckPermission("system:dict:export")
    @GetMapping("/export")
    public void export(SysDictData dictData, HttpServletResponse response)
    {
@@ -53,7 +53,7 @@
    /**
     * æŸ¥è¯¢å­—典数据详细
     */
    @PreAuthorize("@ss.hasPermi('system:dict:query')")
    @SaCheckPermission("system:dict:query")
    @GetMapping(value = "/{dictCode}")
    public AjaxResult getInfo(@PathVariable Long dictCode)
    {
@@ -77,31 +77,29 @@
    /**
     * æ–°å¢žå­—典类型
     */
    @PreAuthorize("@ss.hasPermi('system:dict:add')")
    @SaCheckPermission("system:dict:add")
    @Log(title = "字典数据", businessType = BusinessType.INSERT)
    @PostMapping
    public AjaxResult add(@Validated @RequestBody SysDictData dict)
    {
        dict.setCreateBy(getUsername());
        return toAjax(dictDataService.insertDictData(dict));
    }

    /**
     * ä¿®æ”¹ä¿å­˜å­—典类型
     */
    @PreAuthorize("@ss.hasPermi('system:dict:edit')")
    @SaCheckPermission("system:dict:edit")
    @Log(title = "字典数据", businessType = BusinessType.UPDATE)
    @PutMapping
    public AjaxResult edit(@Validated @RequestBody SysDictData dict)
    {
        dict.setUpdateBy(getUsername());
        return toAjax(dictDataService.updateDictData(dict));
    }

    /**
     * åˆ é™¤å­—典类型
     */
    @PreAuthorize("@ss.hasPermi('system:dict:remove')")
    @SaCheckPermission("system:dict:remove")
    @Log(title = "字典类型", businessType = BusinessType.DELETE)
    @DeleteMapping("/{dictCodes}")
    public AjaxResult remove(@PathVariable Long[] dictCodes)

 ruoyi-admin/src/main/java/com/ruoyi/web/controller/system/SysDictTypeController.java

@@ -1,5 +1,6 @@
package com.ruoyi.web.controller.system;

import cn.dev33.satoken.annotation.SaCheckPermission;
import com.ruoyi.common.annotation.Log;
import com.ruoyi.common.constant.UserConstants;
import com.ruoyi.common.core.controller.BaseController;
@@ -10,7 +11,6 @@
import com.ruoyi.common.utils.poi.ExcelUtil;
import com.ruoyi.system.service.ISysDictTypeService;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.security.access.prepost.PreAuthorize;
import org.springframework.validation.annotation.Validated;
import org.springframework.web.bind.annotation.*;

@@ -29,7 +29,7 @@
    @Autowired
    private ISysDictTypeService dictTypeService;

    @PreAuthorize("@ss.hasPermi('system:dict:list')")
    @SaCheckPermission("system:dict:list")
    @GetMapping("/list")
    public TableDataInfo list(SysDictType dictType)
    {
@@ -37,7 +37,7 @@
    }

    @Log(title = "字典类型", businessType = BusinessType.EXPORT)
    @PreAuthorize("@ss.hasPermi('system:dict:export')")
    @SaCheckPermission("system:dict:export")
    @GetMapping("/export")
    public void export(SysDictType dictType, HttpServletResponse response)
    {
@@ -48,7 +48,7 @@
    /**
     * æŸ¥è¯¢å­—典类型详细
     */
    @PreAuthorize("@ss.hasPermi('system:dict:query')")
    @SaCheckPermission("system:dict:query")
    @GetMapping(value = "/{dictId}")
    public AjaxResult getInfo(@PathVariable Long dictId)
    {
@@ -58,7 +58,7 @@
    /**
     * æ–°å¢žå­—典类型
     */
    @PreAuthorize("@ss.hasPermi('system:dict:add')")
    @SaCheckPermission("system:dict:add")
    @Log(title = "字典类型", businessType = BusinessType.INSERT)
    @PostMapping
    public AjaxResult add(@Validated @RequestBody SysDictType dict)
@@ -67,14 +67,13 @@
        {
            return AjaxResult.error("新增字典'" + dict.getDictName() + "'失败，字典类型已存在");
        }
        dict.setCreateBy(getUsername());
        return toAjax(dictTypeService.insertDictType(dict));
    }

    /**
     * ä¿®æ”¹å­—典类型
     */
    @PreAuthorize("@ss.hasPermi('system:dict:edit')")
    @SaCheckPermission("system:dict:edit")
    @Log(title = "字典类型", businessType = BusinessType.UPDATE)
    @PutMapping
    public AjaxResult edit(@Validated @RequestBody SysDictType dict)
@@ -83,14 +82,13 @@
        {
            return AjaxResult.error("修改字典'" + dict.getDictName() + "'失败，字典类型已存在");
        }
        dict.setUpdateBy(getUsername());
        return toAjax(dictTypeService.updateDictType(dict));
    }

    /**
     * åˆ é™¤å­—典类型
     */
    @PreAuthorize("@ss.hasPermi('system:dict:remove')")
    @SaCheckPermission("system:dict:remove")
    @Log(title = "字典类型", businessType = BusinessType.DELETE)
    @DeleteMapping("/{dictIds}")
    public AjaxResult remove(@PathVariable Long[] dictIds)
@@ -102,7 +100,7 @@
    /**
     * åˆ·æ–°å­—典缓存
     */
    @PreAuthorize("@ss.hasPermi('system:dict:remove')")
    @SaCheckPermission("system:dict:remove")
    @Log(title = "字典类型", businessType = BusinessType.CLEAN)
    @DeleteMapping("/refreshCache")
    public AjaxResult refreshCache()

 ruoyi-admin/src/main/java/com/ruoyi/web/controller/system/SysLoginController.java

@@ -1,14 +1,17 @@
package com.ruoyi.web.controller.system;

import cn.dev33.satoken.exception.NotLoginException;
import cn.dev33.satoken.stp.StpUtil;
import com.ruoyi.common.constant.Constants;
import com.ruoyi.common.core.domain.AjaxResult;
import com.ruoyi.common.core.domain.entity.SysMenu;
import com.ruoyi.common.core.domain.entity.SysUser;
import com.ruoyi.common.core.domain.model.LoginBody;
import com.ruoyi.common.utils.SecurityUtils;
import com.ruoyi.system.service.ISysMenuService;
import com.ruoyi.system.service.ISysUserService;
import com.ruoyi.system.service.SysLoginService;
import com.ruoyi.system.service.SysPermissionService;
import com.ruoyi.system.service.ISysMenuService;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.web.bind.annotation.GetMapping;
import org.springframework.web.bind.annotation.PostMapping;
@@ -37,6 +40,9 @@
    @Autowired
    private SysPermissionService permissionService;

    @Autowired
    private ISysUserService iSysUserService;

    /**
     * ç™»å½•æ–¹æ³•
     *
@@ -54,6 +60,15 @@
        return AjaxResult.success(ajax);
    }

    @PostMapping("/logout")
    public AjaxResult logout(){
        try {
            StpUtil.logout();
        } catch (NotLoginException e) {
        }
        return AjaxResult.success("退出成功");
    }

    /**
     * èŽ·å–用户信息
     *
@@ -62,7 +77,7 @@
    @GetMapping("getInfo")
    public AjaxResult getInfo()
    {
        SysUser user = SecurityUtils.getLoginUser().getUser();
        SysUser user = SecurityUtils.getUser();
        // è§’色集合
        Set<String> roles = permissionService.getRolePermission(user);
        // æƒé™é›†åˆ
@@ -82,8 +97,7 @@
    @GetMapping("getRouters")
    public AjaxResult getRouters()
    {
        Long userId = SecurityUtils.getUserId();
        List<SysMenu> menus = menuService.selectMenuTreeByUserId(userId);
        List<SysMenu> menus = menuService.selectMenuTreeByUserId(SecurityUtils.getUserId());
        return AjaxResult.success(menuService.buildMenus(menus));
    }
}

 ruoyi-admin/src/main/java/com/ruoyi/web/controller/system/SysMenuController.java

@@ -1,5 +1,6 @@
package com.ruoyi.web.controller.system;

import cn.dev33.satoken.annotation.SaCheckPermission;
import com.ruoyi.common.annotation.Log;
import com.ruoyi.common.constant.UserConstants;
import com.ruoyi.common.core.controller.BaseController;
@@ -9,7 +10,6 @@
import com.ruoyi.common.utils.StringUtils;
import com.ruoyi.system.service.ISysMenuService;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.security.access.prepost.PreAuthorize;
import org.springframework.validation.annotation.Validated;
import org.springframework.web.bind.annotation.*;

@@ -32,7 +32,7 @@
    /**
     * èŽ·å–菜单列表
     */
    @PreAuthorize("@ss.hasPermi('system:menu:list')")
    @SaCheckPermission("system:menu:list")
    @GetMapping("/list")
    public AjaxResult list(SysMenu menu)
    {
@@ -43,7 +43,7 @@
    /**
     * æ ¹æ®èœå•ç¼–号获取详细信息
     */
    @PreAuthorize("@ss.hasPermi('system:menu:query')")
    @SaCheckPermission("system:menu:query")
    @GetMapping(value = "/{menuId}")
    public AjaxResult getInfo(@PathVariable Long menuId)
    {
@@ -76,7 +76,7 @@
    /**
     * æ–°å¢žèœå•
     */
    @PreAuthorize("@ss.hasPermi('system:menu:add')")
    @SaCheckPermission("system:menu:add")
    @Log(title = "菜单管理", businessType = BusinessType.INSERT)
    @PostMapping
    public AjaxResult add(@Validated @RequestBody SysMenu menu)
@@ -89,14 +89,13 @@
        {
            return AjaxResult.error("新增菜单'" + menu.getMenuName() + "'失败，地址必须以http(s)://开头");
        }
        menu.setCreateBy(getUsername());
        return toAjax(menuService.insertMenu(menu));
    }

    /**
     * ä¿®æ”¹èœå•
     */
    @PreAuthorize("@ss.hasPermi('system:menu:edit')")
    @SaCheckPermission("system:menu:edit")
    @Log(title = "菜单管理", businessType = BusinessType.UPDATE)
    @PutMapping
    public AjaxResult edit(@Validated @RequestBody SysMenu menu)
@@ -113,14 +112,13 @@
        {
            return AjaxResult.error("修改菜单'" + menu.getMenuName() + "'失败，上级菜单不能选择自己");
        }
        menu.setUpdateBy(getUsername());
        return toAjax(menuService.updateMenu(menu));
    }

    /**
     * åˆ é™¤èœå•
     */
    @PreAuthorize("@ss.hasPermi('system:menu:remove')")
    @SaCheckPermission("system:menu:remove")
    @Log(title = "菜单管理", businessType = BusinessType.DELETE)
    @DeleteMapping("/{menuId}")
    public AjaxResult remove(@PathVariable("menuId") Long menuId)

 ruoyi-admin/src/main/java/com/ruoyi/web/controller/system/SysNoticeController.java

@@ -1,17 +1,6 @@
package com.ruoyi.web.controller.system;

import java.util.List;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.security.access.prepost.PreAuthorize;
import org.springframework.validation.annotation.Validated;
import org.springframework.web.bind.annotation.DeleteMapping;
import org.springframework.web.bind.annotation.GetMapping;
import org.springframework.web.bind.annotation.PathVariable;
import org.springframework.web.bind.annotation.PostMapping;
import org.springframework.web.bind.annotation.PutMapping;
import org.springframework.web.bind.annotation.RequestBody;
import org.springframework.web.bind.annotation.RequestMapping;
import org.springframework.web.bind.annotation.RestController;
import cn.dev33.satoken.annotation.SaCheckPermission;
import com.ruoyi.common.annotation.Log;
import com.ruoyi.common.core.controller.BaseController;
import com.ruoyi.common.core.domain.AjaxResult;
@@ -19,6 +8,9 @@
import com.ruoyi.common.enums.BusinessType;
import com.ruoyi.system.domain.SysNotice;
import com.ruoyi.system.service.ISysNoticeService;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.validation.annotation.Validated;
import org.springframework.web.bind.annotation.*;

/**
 * å…¬å‘Š ä¿¡æ¯æ“ä½œå¤„理
@@ -35,7 +27,7 @@
    /**
     * èŽ·å–通知公告列表
     */
    @PreAuthorize("@ss.hasPermi('system:notice:list')")
    @SaCheckPermission("system:notice:list")
    @GetMapping("/list")
    public TableDataInfo list(SysNotice notice)
    {
@@ -45,7 +37,7 @@
    /**
     * æ ¹æ®é€šçŸ¥å…¬å‘Šç¼–号获取详细信息
     */
    @PreAuthorize("@ss.hasPermi('system:notice:query')")
    @SaCheckPermission("system:notice:query")
    @GetMapping(value = "/{noticeId}")
    public AjaxResult getInfo(@PathVariable Long noticeId)
    {
@@ -55,31 +47,29 @@
    /**
     * æ–°å¢žé€šçŸ¥å…¬å‘Š
     */
    @PreAuthorize("@ss.hasPermi('system:notice:add')")
    @SaCheckPermission("system:notice:add")
    @Log(title = "通知公告", businessType = BusinessType.INSERT)
    @PostMapping
    public AjaxResult add(@Validated @RequestBody SysNotice notice)
    {
        notice.setCreateBy(getUsername());
        return toAjax(noticeService.insertNotice(notice));
    }

    /**
     * ä¿®æ”¹é€šçŸ¥å…¬å‘Š
     */
    @PreAuthorize("@ss.hasPermi('system:notice:edit')")
    @SaCheckPermission("system:notice:edit")
    @Log(title = "通知公告", businessType = BusinessType.UPDATE)
    @PutMapping
    public AjaxResult edit(@Validated @RequestBody SysNotice notice)
    {
        notice.setUpdateBy(getUsername());
        return toAjax(noticeService.updateNotice(notice));
    }

    /**
     * åˆ é™¤é€šçŸ¥å…¬å‘Š
     */
    @PreAuthorize("@ss.hasPermi('system:notice:remove')")
    @SaCheckPermission("system:notice:remove")
    @Log(title = "通知公告", businessType = BusinessType.DELETE)
    @DeleteMapping("/{noticeIds}")
    public AjaxResult remove(@PathVariable Long[] noticeIds)

 ruoyi-admin/src/main/java/com/ruoyi/web/controller/system/SysOssConfigController.java

@@ -1,5 +1,6 @@
package com.ruoyi.web.controller.system;

import cn.dev33.satoken.annotation.SaCheckPermission;
import com.ruoyi.common.annotation.Log;
import com.ruoyi.common.annotation.RepeatSubmit;
import com.ruoyi.common.core.controller.BaseController;
@@ -16,7 +17,6 @@
import io.swagger.annotations.ApiOperation;
import lombok.RequiredArgsConstructor;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.security.access.prepost.PreAuthorize;
import org.springframework.validation.annotation.Validated;
import org.springframework.web.bind.annotation.*;

@@ -44,7 +44,7 @@
     * æŸ¥è¯¢å¯¹è±¡å­˜å‚¨é…ç½®åˆ—表
     */
    @ApiOperation("查询对象存储配置列表")
    @PreAuthorize("@ss.hasPermi('system:oss:list')")
    @SaCheckPermission("system:oss:list")
    @GetMapping("/list")
    public TableDataInfo<SysOssConfigVo> list(@Validated(QueryGroup.class) SysOssConfigBo bo) {
        return iSysOssConfigService.queryPageList(bo);
@@ -54,7 +54,7 @@
     * èŽ·å–对象存储配置详细信息
     */
    @ApiOperation("获取对象存储配置详细信息")
    @PreAuthorize("@ss.hasPermi('system:oss:query')")
    @SaCheckPermission("system:oss:query")
    @GetMapping("/{ossConfigId}")
    public AjaxResult<SysOssConfigVo> getInfo(@NotNull(message = "主键不能为空")
                                              @PathVariable("ossConfigId") Integer ossConfigId) {
@@ -65,7 +65,7 @@
     * æ–°å¢žå¯¹è±¡å­˜å‚¨é…ç½®
     */
    @ApiOperation("新增对象存储配置")
    @PreAuthorize("@ss.hasPermi('system:oss:add')")
    @SaCheckPermission("system:oss:add")
    @Log(title = "对象存储配置", businessType = BusinessType.INSERT)
    @RepeatSubmit()
    @PostMapping()
@@ -77,7 +77,7 @@
     * ä¿®æ”¹å¯¹è±¡å­˜å‚¨é…ç½®
     */
    @ApiOperation("修改对象存储配置")
    @PreAuthorize("@ss.hasPermi('system:oss:edit')")
    @SaCheckPermission("system:oss:edit")
    @Log(title = "对象存储配置", businessType = BusinessType.UPDATE)
    @RepeatSubmit()
    @PutMapping()
@@ -89,7 +89,7 @@
     * åˆ é™¤å¯¹è±¡å­˜å‚¨é…ç½®
     */
    @ApiOperation("删除对象存储配置")
    @PreAuthorize("@ss.hasPermi('system:oss:remove')")
    @SaCheckPermission("system:oss:remove")
    @Log(title = "对象存储配置", businessType = BusinessType.DELETE)
    @DeleteMapping("/{ossConfigIds}")
    public AjaxResult<Void> remove(@NotEmpty(message = "主键不能为空")
@@ -100,7 +100,7 @@
    /**
     * çŠ¶æ€ä¿®æ”¹
     */
    @PreAuthorize("@ss.hasPermi('system:oss:edit')")
    @SaCheckPermission("system:oss:edit")
    @Log(title = "对象存储状态修改", businessType = BusinessType.UPDATE)
    @PutMapping("/changeStatus")
    public AjaxResult changeStatus(@RequestBody SysOssConfigBo bo) {

 ruoyi-admin/src/main/java/com/ruoyi/web/controller/system/SysOssController.java

@@ -1,6 +1,7 @@
package com.ruoyi.web.controller.system;


import cn.dev33.satoken.annotation.SaCheckPermission;
import cn.hutool.core.convert.Convert;
import cn.hutool.core.util.ObjectUtil;
import cn.hutool.http.HttpException;
@@ -30,7 +31,6 @@
import lombok.RequiredArgsConstructor;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.http.MediaType;
import org.springframework.security.access.prepost.PreAuthorize;
import org.springframework.validation.annotation.Validated;
import org.springframework.web.bind.annotation.*;
import org.springframework.web.multipart.MultipartFile;
@@ -63,7 +63,7 @@
     * æŸ¥è¯¢OSS对象存储列表
     */
    @ApiOperation("查询OSS对象存储列表")
    @PreAuthorize("@ss.hasPermi('system:oss:list')")
    @SaCheckPermission("system:oss:list")
    @GetMapping("/list")
    public TableDataInfo<SysOssVo> list(@Validated(QueryGroup.class) SysOssBo bo) {
        return iSysOssService.queryPageList(bo);
@@ -76,7 +76,7 @@
    @ApiImplicitParams({
        @ApiImplicitParam(name = "file", value = "文件", dataType = "java.io.File", required = true),
    })
    @PreAuthorize("@ss.hasPermi('system:oss:upload')")
    @SaCheckPermission("system:oss:upload")
    @Log(title = "OSS对象存储", businessType = BusinessType.INSERT)
    @RepeatSubmit
    @PostMapping("/upload")
@@ -92,7 +92,7 @@
    }

    @ApiOperation("下载OSS对象存储")
    @PreAuthorize("@ss.hasPermi('system:oss:download')")
    @SaCheckPermission("system:oss:download")
    @GetMapping("/download/{ossId}")
    public void download(@PathVariable Long ossId, HttpServletResponse response) throws IOException {
        SysOss sysOss = iSysOssService.getById(ossId);
@@ -121,7 +121,7 @@
     * åˆ é™¤OSS对象存储
     */
    @ApiOperation("删除OSS对象存储")
    @PreAuthorize("@ss.hasPermi('system:oss:remove')")
    @SaCheckPermission("system:oss:remove")
    @Log(title = "OSS对象存储" , businessType = BusinessType.DELETE)
    @DeleteMapping("/{ossIds}")
    public AjaxResult<Void> remove(@NotEmpty(message = "主键不能为空")
@@ -133,7 +133,7 @@
     * å˜æ›´å›¾ç‰‡åˆ—表预览状态
     */
    @ApiOperation("变更图片列表预览状态")
    @PreAuthorize("@ss.hasPermi('system:oss:edit')")
    @SaCheckPermission("system:oss:edit")
    @Log(title = "OSS对象存储" , businessType = BusinessType.UPDATE)
    @PutMapping("/changePreviewListResource")
    public AjaxResult<Void> changePreviewListResource(@RequestBody String body) {

 ruoyi-admin/src/main/java/com/ruoyi/web/controller/system/SysPostController.java

@@ -1,5 +1,6 @@
package com.ruoyi.web.controller.system;

import cn.dev33.satoken.annotation.SaCheckPermission;
import com.ruoyi.common.annotation.Log;
import com.ruoyi.common.constant.UserConstants;
import com.ruoyi.common.core.controller.BaseController;
@@ -10,7 +11,6 @@
import com.ruoyi.system.domain.SysPost;
import com.ruoyi.system.service.ISysPostService;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.security.access.prepost.PreAuthorize;
import org.springframework.validation.annotation.Validated;
import org.springframework.web.bind.annotation.*;

@@ -32,7 +32,7 @@
    /**
     * èŽ·å–岗位列表
     */
    @PreAuthorize("@ss.hasPermi('system:post:list')")
    @SaCheckPermission("system:post:list")
    @GetMapping("/list")
    public TableDataInfo list(SysPost post)
    {
@@ -40,7 +40,7 @@
    }

    @Log(title = "岗位管理", businessType = BusinessType.EXPORT)
    @PreAuthorize("@ss.hasPermi('system:post:export')")
    @SaCheckPermission("system:post:export")
    @GetMapping("/export")
    public void export(SysPost post, HttpServletResponse response)
    {
@@ -51,7 +51,7 @@
    /**
     * æ ¹æ®å²—位编号获取详细信息
     */
    @PreAuthorize("@ss.hasPermi('system:post:query')")
    @SaCheckPermission("system:post:query")
    @GetMapping(value = "/{postId}")
    public AjaxResult getInfo(@PathVariable Long postId)
    {
@@ -61,7 +61,7 @@
    /**
     * æ–°å¢žå²—位
     */
    @PreAuthorize("@ss.hasPermi('system:post:add')")
    @SaCheckPermission("system:post:add")
    @Log(title = "岗位管理", businessType = BusinessType.INSERT)
    @PostMapping
    public AjaxResult add(@Validated @RequestBody SysPost post)
@@ -74,14 +74,13 @@
        {
            return AjaxResult.error("新增岗位'" + post.getPostName() + "'失败，岗位编码已存在");
        }
        post.setCreateBy(getUsername());
        return toAjax(postService.insertPost(post));
    }

    /**
     * ä¿®æ”¹å²—位
     */
    @PreAuthorize("@ss.hasPermi('system:post:edit')")
    @SaCheckPermission("system:post:edit")
    @Log(title = "岗位管理", businessType = BusinessType.UPDATE)
    @PutMapping
    public AjaxResult edit(@Validated @RequestBody SysPost post)
@@ -94,14 +93,13 @@
        {
            return AjaxResult.error("修改岗位'" + post.getPostName() + "'失败，岗位编码已存在");
        }
        post.setUpdateBy(getUsername());
        return toAjax(postService.updatePost(post));
    }

    /**
     * åˆ é™¤å²—位
     */
    @PreAuthorize("@ss.hasPermi('system:post:remove')")
    @SaCheckPermission("system:post:remove")
    @Log(title = "岗位管理", businessType = BusinessType.DELETE)
    @DeleteMapping("/{postIds}")
    public AjaxResult remove(@PathVariable Long[] postIds)

 ruoyi-admin/src/main/java/com/ruoyi/web/controller/system/SysProfileController.java

@@ -5,9 +5,7 @@
import com.ruoyi.common.core.controller.BaseController;
import com.ruoyi.common.core.domain.AjaxResult;
import com.ruoyi.common.core.domain.entity.SysUser;
import com.ruoyi.common.core.domain.model.LoginUser;
import com.ruoyi.common.enums.BusinessType;
import com.ruoyi.common.core.service.TokenService;
import com.ruoyi.common.utils.SecurityUtils;
import com.ruoyi.common.utils.StringUtils;
import com.ruoyi.system.domain.SysOss;
@@ -34,9 +32,6 @@
    private ISysUserService userService;

    @Autowired
    private TokenService tokenService;

    @Autowired
    private ISysOssService iSysOssService;

    /**
@@ -45,12 +40,11 @@
    @GetMapping
    public AjaxResult profile()
    {
        LoginUser loginUser = getLoginUser();
        SysUser user = loginUser.getUser();
        SysUser user = userService.getById(getUserId());
        Map<String,Object> ajax = new HashMap<>();
        ajax.put("user", user);
        ajax.put("roleGroup", userService.selectUserRoleGroup(loginUser.getUsername()));
        ajax.put("postGroup", userService.selectUserPostGroup(loginUser.getUsername()));
        ajax.put("roleGroup", userService.selectUserRoleGroup(user.getUserName()));
        ajax.put("postGroup", userService.selectUserPostGroup(user.getUserName()));
        return AjaxResult.success(ajax);
    }

@@ -71,18 +65,10 @@
        {
            return AjaxResult.error("修改用户'" + user.getUserName() + "'失败，邮箱账号已存在");
        }
        LoginUser loginUser = getLoginUser();
        SysUser sysUser = loginUser.getUser();
        user.setUserId(sysUser.getUserId());
        user.setUserId(getUserId());
        user.setPassword(null);
        if (userService.updateUserProfile(user) > 0)
        {
            // æ›´æ–°ç¼“存用户信息
            sysUser.setNickName(user.getNickName());
            sysUser.setPhonenumber(user.getPhonenumber());
            sysUser.setEmail(user.getEmail());
            sysUser.setSex(user.getSex());
            tokenService.setLoginUser(loginUser);
            return AjaxResult.success();
        }
        return AjaxResult.error("修改个人信息异常，请联系管理员");
@@ -95,9 +81,9 @@
    @PutMapping("/updatePwd")
    public AjaxResult updatePwd(String oldPassword, String newPassword)
    {
        LoginUser loginUser = getLoginUser();
        String userName = loginUser.getUsername();
        String password = loginUser.getPassword();
        SysUser user = SecurityUtils.getUser();
        String userName = user.getUserName();
        String password = user.getPassword();
        if (!SecurityUtils.matchesPassword(oldPassword, password))
        {
            return AjaxResult.error("修改密码失败，旧密码错误");
@@ -108,9 +94,6 @@
        }
        if (userService.resetUserPwd(userName, SecurityUtils.encryptPassword(newPassword)) > 0)
        {
            // æ›´æ–°ç¼“存用户密码
            loginUser.getUser().setPassword(SecurityUtils.encryptPassword(newPassword));
            tokenService.setLoginUser(loginUser);
            return AjaxResult.success();
        }
        return AjaxResult.error("修改密码异常，请联系管理员");
@@ -125,16 +108,13 @@
    {
        if (!file.isEmpty())
        {
            LoginUser loginUser = getLoginUser();
            SysUser user = SecurityUtils.getUser();
            SysOss oss = iSysOssService.upload(file);
            String avatar = oss.getUrl();
            if (userService.updateUserAvatar(loginUser.getUsername(), avatar))
            if (userService.updateUserAvatar(user.getUserName(), avatar))
            {
                Map<String,Object> ajax = new HashMap<>();
                ajax.put("imgUrl", avatar);
                // æ›´æ–°ç¼“存用户头像
                loginUser.getUser().setAvatar(avatar);
                tokenService.setLoginUser(loginUser);
                return AjaxResult.success(ajax);
            }
        }

 ruoyi-admin/src/main/java/com/ruoyi/web/controller/system/SysRoleController.java

@@ -1,23 +1,19 @@
package com.ruoyi.web.controller.system;

import cn.dev33.satoken.annotation.SaCheckPermission;
import com.ruoyi.common.annotation.Log;
import com.ruoyi.common.constant.UserConstants;
import com.ruoyi.common.core.controller.BaseController;
import com.ruoyi.common.core.domain.AjaxResult;
import com.ruoyi.common.core.domain.entity.SysRole;
import com.ruoyi.common.core.domain.entity.SysUser;
import com.ruoyi.common.core.domain.model.LoginUser;
import com.ruoyi.common.core.page.TableDataInfo;
import com.ruoyi.common.enums.BusinessType;
import com.ruoyi.common.core.service.TokenService;
import com.ruoyi.common.utils.StringUtils;
import com.ruoyi.common.utils.poi.ExcelUtil;
import com.ruoyi.system.domain.SysUserRole;
import com.ruoyi.system.service.ISysRoleService;
import com.ruoyi.system.service.ISysUserService;
import com.ruoyi.system.service.SysPermissionService;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.security.access.prepost.PreAuthorize;
import org.springframework.validation.annotation.Validated;
import org.springframework.web.bind.annotation.*;

@@ -37,15 +33,9 @@
    private ISysRoleService roleService;

    @Autowired
    private TokenService tokenService;

    @Autowired
    private SysPermissionService permissionService;

    @Autowired
    private ISysUserService userService;

    @PreAuthorize("@ss.hasPermi('system:role:list')")
    @SaCheckPermission("system:role:list")
    @GetMapping("/list")
    public TableDataInfo list(SysRole role)
    {
@@ -53,7 +43,7 @@
    }

    @Log(title = "角色管理", businessType = BusinessType.EXPORT)
    @PreAuthorize("@ss.hasPermi('system:role:export')")
    @SaCheckPermission("system:role:export")
    @GetMapping("/export")
    public void export(SysRole role, HttpServletResponse response)
    {
@@ -64,7 +54,7 @@
    /**
     * æ ¹æ®è§’色编号获取详细信息
     */
    @PreAuthorize("@ss.hasPermi('system:role:query')")
    @SaCheckPermission("system:role:query")
    @GetMapping(value = "/{roleId}")
    public AjaxResult getInfo(@PathVariable Long roleId)
    {
@@ -75,7 +65,7 @@
    /**
     * æ–°å¢žè§’色
     */
    @PreAuthorize("@ss.hasPermi('system:role:add')")
    @SaCheckPermission("system:role:add")
    @Log(title = "角色管理", businessType = BusinessType.INSERT)
    @PostMapping
    public AjaxResult add(@Validated @RequestBody SysRole role)
@@ -88,7 +78,6 @@
        {
            return AjaxResult.error("新增角色'" + role.getRoleName() + "'失败，角色权限已存在");
        }
        role.setCreateBy(getUsername());
        return toAjax(roleService.insertRole(role));

    }
@@ -96,7 +85,7 @@
    /**
     * ä¿®æ”¹ä¿å­˜è§’色
     */
    @PreAuthorize("@ss.hasPermi('system:role:edit')")
    @SaCheckPermission("system:role:edit")
    @Log(title = "角色管理", businessType = BusinessType.UPDATE)
    @PutMapping
    public AjaxResult edit(@Validated @RequestBody SysRole role)
@@ -110,18 +99,9 @@
        {
            return AjaxResult.error("修改角色'" + role.getRoleName() + "'失败，角色权限已存在");
        }
        role.setUpdateBy(getUsername());

        if (roleService.updateRole(role) > 0)
        {
            // æ›´æ–°ç¼“存用户权限
            LoginUser loginUser = getLoginUser();
            if (StringUtils.isNotNull(loginUser.getUser()) && !loginUser.getUser().isAdmin())
            {
                loginUser.setPermissions(permissionService.getMenuPermission(loginUser.getUser()));
                loginUser.setUser(userService.selectUserByUserName(loginUser.getUser().getUserName()));
                tokenService.setLoginUser(loginUser);
            }
            return AjaxResult.success();
        }
        return AjaxResult.error("修改角色'" + role.getRoleName() + "'失败，请联系管理员");
@@ -130,7 +110,7 @@
    /**
     * ä¿®æ”¹ä¿å­˜æ•°æ®æƒé™
     */
    @PreAuthorize("@ss.hasPermi('system:role:edit')")
    @SaCheckPermission("system:role:edit")
    @Log(title = "角色管理", businessType = BusinessType.UPDATE)
    @PutMapping("/dataScope")
    public AjaxResult dataScope(@RequestBody SysRole role)
@@ -142,20 +122,19 @@
    /**
     * çŠ¶æ€ä¿®æ”¹
     */
    @PreAuthorize("@ss.hasPermi('system:role:edit')")
    @SaCheckPermission("system:role:edit")
    @Log(title = "角色管理", businessType = BusinessType.UPDATE)
    @PutMapping("/changeStatus")
    public AjaxResult changeStatus(@RequestBody SysRole role)
    {
        roleService.checkRoleAllowed(role);
        role.setUpdateBy(getUsername());
        return toAjax(roleService.updateRoleStatus(role));
    }

    /**
     * åˆ é™¤è§’色
     */
    @PreAuthorize("@ss.hasPermi('system:role:remove')")
    @SaCheckPermission("system:role:remove")
    @Log(title = "角色管理", businessType = BusinessType.DELETE)
    @DeleteMapping("/{roleIds}")
    public AjaxResult remove(@PathVariable Long[] roleIds)
@@ -166,7 +145,7 @@
    /**
     * èŽ·å–角色选择框列表
     */
    @PreAuthorize("@ss.hasPermi('system:role:query')")
    @SaCheckPermission("system:role:query")
    @GetMapping("/optionselect")
    public AjaxResult optionselect()
    {
@@ -176,7 +155,7 @@
    /**
     * æŸ¥è¯¢å·²åˆ†é…ç”¨æˆ·è§’色列表
     */
    @PreAuthorize("@ss.hasPermi('system:role:list')")
    @SaCheckPermission("system:role:list")
    @GetMapping("/authUser/allocatedList")
    public TableDataInfo allocatedList(SysUser user)
    {
@@ -186,7 +165,7 @@
    /**
     * æŸ¥è¯¢æœªåˆ†é…ç”¨æˆ·è§’色列表
     */
    @PreAuthorize("@ss.hasPermi('system:role:list')")
    @SaCheckPermission("system:role:list")
    @GetMapping("/authUser/unallocatedList")
    public TableDataInfo unallocatedList(SysUser user)
    {
@@ -196,7 +175,7 @@
    /**
     * å–消授权用户
     */
    @PreAuthorize("@ss.hasPermi('system:role:edit')")
    @SaCheckPermission("system:role:edit")
    @Log(title = "角色管理", businessType = BusinessType.GRANT)
    @PutMapping("/authUser/cancel")
    public AjaxResult cancelAuthUser(@RequestBody SysUserRole userRole)
@@ -207,7 +186,7 @@
    /**
     * æ‰¹é‡å–消授权用户
     */
    @PreAuthorize("@ss.hasPermi('system:role:edit')")
    @SaCheckPermission("system:role:edit")
    @Log(title = "角色管理", businessType = BusinessType.GRANT)
    @PutMapping("/authUser/cancelAll")
    public AjaxResult cancelAuthUserAll(Long roleId, Long[] userIds)
@@ -218,7 +197,7 @@
    /**
     * æ‰¹é‡é€‰æ‹©ç”¨æˆ·æŽˆæƒ
     */
    @PreAuthorize("@ss.hasPermi('system:role:edit')")
    @SaCheckPermission("system:role:edit")
    @Log(title = "角色管理", businessType = BusinessType.GRANT)
    @PutMapping("/authUser/selectAll")
    public AjaxResult selectAuthUserAll(Long roleId, Long[] userIds)

 ruoyi-admin/src/main/java/com/ruoyi/web/controller/system/SysUserController.java

@@ -1,5 +1,6 @@
package com.ruoyi.web.controller.system;

import cn.dev33.satoken.annotation.SaCheckPermission;
import cn.hutool.core.bean.BeanUtil;
import cn.hutool.core.util.ArrayUtil;
import cn.hutool.core.util.ObjectUtil;
@@ -21,7 +22,6 @@
import com.ruoyi.system.service.ISysRoleService;
import com.ruoyi.system.service.ISysUserService;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.security.access.prepost.PreAuthorize;
import org.springframework.validation.annotation.Validated;
import org.springframework.web.bind.annotation.*;
import org.springframework.web.multipart.MultipartFile;
@@ -54,7 +54,7 @@
    /**
     * èŽ·å–用户列表
     */
    @PreAuthorize("@ss.hasPermi('system:user:list')")
    @SaCheckPermission("system:user:list")
    @GetMapping("/list")
    public TableDataInfo list(SysUser user)
    {
@@ -62,7 +62,7 @@
    }

    @Log(title = "用户管理", businessType = BusinessType.EXPORT)
    @PreAuthorize("@ss.hasPermi('system:user:export')")
    @SaCheckPermission("system:user:export")
    @GetMapping("/export")
    public void export(SysUser user, HttpServletResponse response)
    {
@@ -80,13 +80,13 @@
    }

    @Log(title = "用户管理", businessType = BusinessType.IMPORT)
    @PreAuthorize("@ss.hasPermi('system:user:import')")
    @SaCheckPermission("system:user:import")
    @PostMapping("/importData")
    public AjaxResult importData(MultipartFile file, boolean updateSupport) throws Exception
    {
        List<SysUserImportVo> userListVo = ExcelUtil.importExcel(file.getInputStream(), SysUserImportVo.class);
        List<SysUser> userList = BeanUtil.copyToList(userListVo, SysUser.class);
        String operName = getUsername();
        String operName = userService.getById(getUserId()).getUserName();
        String message = userService.importUser(userList, updateSupport, operName);
        return AjaxResult.success(message);
    }
@@ -100,7 +100,7 @@
    /**
     * æ ¹æ®ç”¨æˆ·ç¼–号获取详细信息
     */
    @PreAuthorize("@ss.hasPermi('system:user:query')")
    @SaCheckPermission("system:user:query")
    @GetMapping(value = { "/", "/{userId}" })
    public AjaxResult getInfo(@PathVariable(value = "userId", required = false) Long userId)
    {
@@ -121,7 +121,7 @@
    /**
     * æ–°å¢žç”¨æˆ·
     */
    @PreAuthorize("@ss.hasPermi('system:user:add')")
    @SaCheckPermission("system:user:add")
    @Log(title = "用户管理", businessType = BusinessType.INSERT)
    @PostMapping
    public AjaxResult add(@Validated @RequestBody SysUser user)
@@ -140,7 +140,6 @@
        {
            return AjaxResult.error("新增用户'" + user.getUserName() + "'失败，邮箱账号已存在");
        }
        user.setCreateBy(getUsername());
        user.setPassword(SecurityUtils.encryptPassword(user.getPassword()));
        return toAjax(userService.insertUser(user));
    }
@@ -148,7 +147,7 @@
    /**
     * ä¿®æ”¹ç”¨æˆ·
     */
    @PreAuthorize("@ss.hasPermi('system:user:edit')")
    @SaCheckPermission("system:user:edit")
    @Log(title = "用户管理", businessType = BusinessType.UPDATE)
    @PutMapping
    public AjaxResult edit(@Validated @RequestBody SysUser user)
@@ -164,14 +163,13 @@
        {
            return AjaxResult.error("修改用户'" + user.getUserName() + "'失败，邮箱账号已存在");
        }
        user.setUpdateBy(getUsername());
        return toAjax(userService.updateUser(user));
    }

    /**
     * åˆ é™¤ç”¨æˆ·
     */
    @PreAuthorize("@ss.hasPermi('system:user:remove')")
    @SaCheckPermission("system:user:remove")
    @Log(title = "用户管理", businessType = BusinessType.DELETE)
    @DeleteMapping("/{userIds}")
    public AjaxResult remove(@PathVariable Long[] userIds)
@@ -186,34 +184,32 @@
    /**
     * é‡ç½®å¯†ç 
     */
    @PreAuthorize("@ss.hasPermi('system:user:resetPwd')")
    @SaCheckPermission("system:user:resetPwd")
    @Log(title = "用户管理", businessType = BusinessType.UPDATE)
    @PutMapping("/resetPwd")
    public AjaxResult resetPwd(@RequestBody SysUser user)
    {
        userService.checkUserAllowed(user);
        user.setPassword(SecurityUtils.encryptPassword(user.getPassword()));
        user.setUpdateBy(getUsername());
        return toAjax(userService.resetPwd(user));
    }

    /**
     * çŠ¶æ€ä¿®æ”¹
     */
    @PreAuthorize("@ss.hasPermi('system:user:edit')")
    @SaCheckPermission("system:user:edit")
    @Log(title = "用户管理", businessType = BusinessType.UPDATE)
    @PutMapping("/changeStatus")
    public AjaxResult changeStatus(@RequestBody SysUser user)
    {
        userService.checkUserAllowed(user);
        user.setUpdateBy(getUsername());
        return toAjax(userService.updateUserStatus(user));
    }

    /**
     * æ ¹æ®ç”¨æˆ·ç¼–号获取授权角色
     */
    @PreAuthorize("@ss.hasPermi('system:user:query')")
    @SaCheckPermission("system:user:query")
    @GetMapping("/authRole/{userId}")
    public AjaxResult authRole(@PathVariable("userId") Long userId)
    {
@@ -228,7 +224,7 @@
    /**
     * ç”¨æˆ·æŽˆæƒè§’色
     */
    @PreAuthorize("@ss.hasPermi('system:user:edit')")
    @SaCheckPermission("system:user:edit")
    @Log(title = "用户管理", businessType = BusinessType.GRANT)
    @PutMapping("/authRole")
    public AjaxResult insertAuthRole(Long userId, Long[] roleIds)

 ruoyi-admin/src/main/resources/application.yml

@@ -97,14 +97,24 @@
      # å…è®¸å¯¹è±¡å¿½ç•¥json中不存在的属性
      fail_on_unknown_properties: false

# token配置
token:
  # ä»¤ç‰Œè‡ªå®šä¹‰æ ‡è¯†
  header: Authorization
  # ä»¤ç‰Œå¯†é’¥
  secret: abcdefghijklmnopqrstuvwxyz
  # ä»¤ç‰Œæœ‰æ•ˆæœŸï¼ˆé»˜è®¤30分钟）
  expireTime: 30
# Sa-Token配置
sa-token:
  # token名称 (同时也是cookie名称)
  token-name: Authorization
  # token有效期，单位s é»˜è®¤30天, -1代表永不过期
  timeout: 2592000
  # token临时有效期 (指定时间内无操作就视为token过期) å•ä½: ç§’
  activity-timeout: 1800
  # æ˜¯å¦å…è®¸åŒä¸€è´¦å·å¹¶å‘登录 (为true时允许一起登录, ä¸ºfalse时新登录挤掉旧登录)
  is-concurrent: true
  # åœ¨å¤šäººç™»å½•åŒä¸€è´¦å·æ—¶ï¼Œæ˜¯å¦å…±ç”¨ä¸€ä¸ªtoken (为true时所有登录共用一个token, ä¸ºfalse时每次登录新建一个token)
  is-share: false
  # token前缀
  token-prefix: "Bearer"
  # token风格
  token-style: random-128
  # æ˜¯å¦è¾“出操作日志
  is-log: true

# é‡å¤æäº¤
repeat-submit:

 ruoyi-common/pom.xml

@@ -29,10 +29,20 @@
            <artifactId>spring-web</artifactId>
        </dependency>

        <!-- spring security å®‰å…¨è®¤è¯ -->
        <!-- Sa-Token æƒé™è®¤è¯, åœ¨çº¿æ–‡æ¡£ï¼šhttp://sa-token.dev33.cn/ -->
        <dependency>
            <groupId>org.springframework.boot</groupId>
            <artifactId>spring-boot-starter-security</artifactId>
            <groupId>cn.dev33</groupId>
            <artifactId>sa-token-spring-boot-starter</artifactId>
        </dependency>
        <!-- Sa-Token æ•´åˆ Redis ï¼ˆä½¿ç”¨jackson序列化方式） -->
        <dependency>
            <groupId>cn.dev33</groupId>
            <artifactId>sa-token-dao-redis-jackson</artifactId>
        </dependency>
        <!-- Sa-Token整合SpringAOP实现注解鉴权 -->
        <dependency>
            <groupId>cn.dev33</groupId>
            <artifactId>sa-token-spring-aop</artifactId>
        </dependency>

        <!-- è‡ªå®šä¹‰éªŒè¯æ³¨è§£ -->
@@ -70,11 +80,11 @@
            <artifactId>snakeyaml</artifactId>
        </dependency>

        <!--Token生成与解析-->
        <dependency>
            <groupId>io.jsonwebtoken</groupId>
            <artifactId>jjwt</artifactId>
        </dependency>
<!--        &lt;!&ndash;Token生成与解析&ndash;&gt;-->
<!--        <dependency>-->
<!--            <groupId>io.jsonwebtoken</groupId>-->
<!--            <artifactId>jjwt</artifactId>-->
<!--        </dependency>-->

        <!-- redis ç¼“存操作 -->
        <dependency>

 ruoyi-common/src/main/java/com/ruoyi/common/constant/Constants.java

@@ -1,7 +1,5 @@
package com.ruoyi.common.constant;

import io.jsonwebtoken.Claims;

/**
 * é€šç”¨å¸¸é‡ä¿¡æ¯
 *
@@ -70,6 +68,11 @@
    public static final String LOGIN_TOKEN_KEY = "login_tokens:";

    /**
     * åœ¨çº¿ç”¨æˆ· redis key
     */
    public static final String ONLINE_TOKEN_KEY = "online_tokens:";

    /**
     * é˜²é‡æäº¤ redis key
     */
    public static final String REPEAT_SUBMIT_KEY = "repeat_submit:";
@@ -92,37 +95,7 @@
    /**
     * ä»¤ç‰Œå‰ç¼€
     */
    public static final String TOKEN_PREFIX = "Bearer ";

    /**
     * ä»¤ç‰Œå‰ç¼€
     */
    public static final String LOGIN_USER_KEY = "login_user_key";

    /**
     * ç”¨æˆ·ID
     */
    public static final String JWT_USERID = "userid";

    /**
     * ç”¨æˆ·åç§°
     */
    public static final String JWT_USERNAME = Claims.SUBJECT;

    /**
     * ç”¨æˆ·å¤´åƒ
     */
    public static final String JWT_AVATAR = "avatar";

    /**
     * åˆ›å»ºæ—¶é—´
     */
    public static final String JWT_CREATED = "created";

    /**
     * ç”¨æˆ·æƒé™
     */
    public static final String JWT_AUTHORITIES = "authorities";

    /**
     * å‚数管理 cache key

 ruoyi-common/src/main/java/com/ruoyi/common/core/controller/BaseController.java

@@ -1,7 +1,7 @@
package com.ruoyi.common.core.controller;

import com.ruoyi.common.core.domain.AjaxResult;
import com.ruoyi.common.core.domain.model.LoginUser;
import com.ruoyi.common.core.domain.entity.SysUser;
import com.ruoyi.common.utils.SecurityUtils;
import com.ruoyi.common.utils.StringUtils;
import org.slf4j.Logger;
@@ -81,17 +81,16 @@
    /**
     * èŽ·å–用户缓存信息
     */
    public LoginUser getLoginUser()
    public SysUser getUser()
    {
        return SecurityUtils.getLoginUser();
        return SecurityUtils.getUser();
    }

    /**
     * èŽ·å–登录用户id
     */
    public Long getUserId()
    {
        return getLoginUser().getUserId();
    public Long getUserId() {
        return SecurityUtils.getUserId();
    }

    /**
@@ -99,7 +98,7 @@
     */
    public Long getDeptId()
    {
        return getLoginUser().getDeptId();
        return SecurityUtils.getDeptId();
    }

    /**
@@ -107,6 +106,6 @@
     */
    public String getUsername()
    {
        return getLoginUser().getUsername();
        return SecurityUtils.getUsername();
    }
}

 ruoyi-common/src/main/java/com/ruoyi/common/core/domain/dto/UserOnlineDTO.java

¶Ô±ÈÐÂÎļþ
@@ -0,0 +1,62 @@
package com.ruoyi.common.core.domain.dto;

import lombok.Data;
import lombok.NoArgsConstructor;
import lombok.experimental.Accessors;

import java.io.Serializable;

/**
 * å½“前在线会话
 *
 * @author ruoyi
 */

@Data
@NoArgsConstructor
@Accessors(chain = true)
public class UserOnlineDTO implements Serializable {

    private static final long serialVersionUID = 1L;

    /**
     * ä¼šè¯ç¼–号
     */
    private String tokenId;

    /**
     * éƒ¨é—¨åç§°
     */
    private String deptName;

    /**
     * ç”¨æˆ·åç§°
     */
    private String userName;

    /**
     * ç™»å½•IP地址
     */
    private String ipaddr;

    /**
     * ç™»å½•åœ°å€
     */
    private String loginLocation;

    /**
     * æµè§ˆå™¨ç±»åž‹
     */
    private String browser;

    /**
     * æ“ä½œç³»ç»Ÿ
     */
    private String os;

    /**
     * ç™»å½•æ—¶é—´
     */
    private Long loginTime;

}

 ruoyi-common/src/main/java/com/ruoyi/common/core/domain/model/LoginUser.java

ÎļþÒÑɾ³ý

 ruoyi-common/src/main/java/com/ruoyi/common/core/service/IUserService.java

¶Ô±ÈÐÂÎļþ
@@ -0,0 +1,28 @@
package com.ruoyi.common.core.service;

import com.ruoyi.common.core.domain.entity.SysUser;

/**
 * ç”¨æˆ· ä¸šåŠ¡å±‚
 *
 * @author ruoyi
 */
public interface IUserService {

    /**
     * é€šè¿‡ç”¨æˆ·åæŸ¥è¯¢ç”¨æˆ·
     *
     * @param userName ç”¨æˆ·å
     * @return ç”¨æˆ·å¯¹è±¡ä¿¡æ¯
     */
    public SysUser selectUserByUserName(String userName);

    /**
     * é€šè¿‡ç”¨æˆ·ID查询用户
     *
     * @param userId ç”¨æˆ·ID
     * @return ç”¨æˆ·å¯¹è±¡ä¿¡æ¯
     */
    public SysUser selectUserById(Long userId);

}

 ruoyi-common/src/main/java/com/ruoyi/common/core/service/TokenService.java

ÎļþÒÑɾ³ý

 ruoyi-common/src/main/java/com/ruoyi/common/properties/TokenProperties.java

ÎļþÒÑɾ³ý

 ruoyi-common/src/main/java/com/ruoyi/common/utils/SecurityUtils.java

@@ -1,11 +1,12 @@
package com.ruoyi.common.utils;

import cn.dev33.satoken.stp.StpUtil;
import cn.hutool.http.HttpStatus;
import org.springframework.security.core.Authentication;
import org.springframework.security.core.context.SecurityContextHolder;
import org.springframework.security.crypto.bcrypt.BCryptPasswordEncoder;
import com.ruoyi.common.core.domain.model.LoginUser;
import com.ruoyi.common.core.domain.entity.SysUser;
import com.ruoyi.common.core.service.IUserService;
import com.ruoyi.common.exception.ServiceException;
import com.ruoyi.common.utils.spring.SpringUtils;
import org.springframework.security.crypto.bcrypt.BCryptPasswordEncoder;

/**
 * å®‰å…¨æœåŠ¡å·¥å…·ç±»
@@ -19,14 +20,7 @@
     **/
    public static Long getUserId()
    {
        try
        {
            return getLoginUser().getUserId();
        }
        catch (Exception e)
        {
            throw new ServiceException("获取用户ID异常", HttpStatus.HTTP_UNAUTHORIZED);
        }
        return StpUtil.getLoginIdAsLong();
    }

    /**
@@ -36,7 +30,7 @@
    {
        try
        {
            return getLoginUser().getDeptId();
            return getUser().getDeptId();
        }
        catch (Exception e)
        {
@@ -51,7 +45,7 @@
    {
        try
        {
            return getLoginUser().getUsername();
            return getUser().getUserName();
        }
        catch (Exception e)
        {
@@ -62,24 +56,16 @@
    /**
     * èŽ·å–用户
     **/
    public static LoginUser getLoginUser()
    public static SysUser getUser()
    {
        try
        {
            return (LoginUser) getAuthentication().getPrincipal();
            return SpringUtils.getBean(IUserService.class).selectUserById(getUserId());
        }
        catch (Exception e)
        {
            throw new ServiceException("获取用户信息异常", HttpStatus.HTTP_UNAUTHORIZED);
        }
    }

    /**
     * èŽ·å–Authentication
     */
    public static Authentication getAuthentication()
    {
        return SecurityContextHolder.getContext().getAuthentication();
    }

    /**

 ruoyi-demo/src/main/java/com/ruoyi/demo/controller/TestDemoController.java

@@ -1,5 +1,6 @@
package com.ruoyi.demo.controller;

import cn.dev33.satoken.annotation.SaCheckPermission;
import com.ruoyi.common.annotation.Log;
import com.ruoyi.common.annotation.RepeatSubmit;
import com.ruoyi.common.core.controller.BaseController;
@@ -17,7 +18,6 @@
import io.swagger.annotations.ApiOperation;
import lombok.RequiredArgsConstructor;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.security.access.prepost.PreAuthorize;
import org.springframework.validation.annotation.Validated;
import org.springframework.web.bind.annotation.*;

@@ -47,7 +47,7 @@
     * æŸ¥è¯¢æµ‹è¯•å•è¡¨åˆ—表
     */
    @ApiOperation("查询测试单表列表")
    @PreAuthorize("@ss.hasPermi('demo:demo:list')")
    @SaCheckPermission("demo:demo:list")
    @GetMapping("/list")
    public TableDataInfo<TestDemoVo> list(@Validated(QueryGroup.class) TestDemoBo bo) {
        return iTestDemoService.queryPageList(bo);
@@ -57,7 +57,7 @@
     * è‡ªå®šä¹‰åˆ†é¡µæŸ¥è¯¢
     */
    @ApiOperation("自定义分页查询")
    @PreAuthorize("@ss.hasPermi('demo:demo:list')")
    @SaCheckPermission("demo:demo:list")
    @GetMapping("/page")
    public TableDataInfo<TestDemoVo> page(@Validated TestDemoBo bo) {
        return iTestDemoService.customPageList(bo);
@@ -67,7 +67,7 @@
     * å¯¼å‡ºæµ‹è¯•å•è¡¨åˆ—表
     */
    @ApiOperation("导出测试单表列表")
    @PreAuthorize("@ss.hasPermi('demo:demo:export')")
    @SaCheckPermission("demo:demo:export")
    @Log(title = "测试单表", businessType = BusinessType.EXPORT)
    @GetMapping("/export")
    public void export(@Validated TestDemoBo bo, HttpServletResponse response) {
@@ -83,7 +83,7 @@
     * èŽ·å–测试单表详细信息
     */
    @ApiOperation("获取测试单表详细信息")
    @PreAuthorize("@ss.hasPermi('demo:demo:query')")
    @SaCheckPermission("demo:demo:query")
    @GetMapping("/{id}")
    public AjaxResult<TestDemoVo> getInfo(@NotNull(message = "主键不能为空")
                                                  @PathVariable("id") Long id) {
@@ -94,7 +94,7 @@
     * æ–°å¢žæµ‹è¯•å•è¡¨
     */
    @ApiOperation("新增测试单表")
    @PreAuthorize("@ss.hasPermi('demo:demo:add')")
    @SaCheckPermission("demo:demo:add")
    @Log(title = "测试单表", businessType = BusinessType.INSERT)
    @RepeatSubmit(interval = 2, timeUnit = TimeUnit.SECONDS, message = "不允许重复提交")
    @PostMapping()
@@ -106,7 +106,7 @@
     * ä¿®æ”¹æµ‹è¯•å•è¡¨
     */
    @ApiOperation("修改测试单表")
    @PreAuthorize("@ss.hasPermi('demo:demo:edit')")
    @SaCheckPermission("demo:demo:edit")
    @Log(title = "测试单表", businessType = BusinessType.UPDATE)
    @RepeatSubmit
    @PutMapping()
@@ -118,7 +118,7 @@
     * åˆ é™¤æµ‹è¯•å•è¡¨
     */
    @ApiOperation("删除测试单表")
    @PreAuthorize("@ss.hasPermi('demo:demo:remove')")
    @SaCheckPermission("demo:demo:remove")
    @Log(title = "测试单表" , businessType = BusinessType.DELETE)
    @DeleteMapping("/{ids}")
    public AjaxResult<Void> remove(@NotEmpty(message = "主键不能为空")

 ruoyi-demo/src/main/java/com/ruoyi/demo/controller/TestTreeController.java

@@ -1,5 +1,6 @@
package com.ruoyi.demo.controller;

import cn.dev33.satoken.annotation.SaCheckPermission;
import com.ruoyi.common.annotation.Log;
import com.ruoyi.common.annotation.RepeatSubmit;
import com.ruoyi.common.core.controller.BaseController;
@@ -16,7 +17,6 @@
import io.swagger.annotations.ApiOperation;
import lombok.RequiredArgsConstructor;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.security.access.prepost.PreAuthorize;
import org.springframework.validation.annotation.Validated;
import org.springframework.web.bind.annotation.*;

@@ -45,7 +45,7 @@
     * æŸ¥è¯¢æµ‹è¯•æ ‘表列表
     */
    @ApiOperation("查询测试树表列表")
    @PreAuthorize("@ss.hasPermi('demo:tree:list')")
    @SaCheckPermission("demo:tree:list")
    @GetMapping("/list")
    public AjaxResult<List<TestTreeVo>> list(@Validated(QueryGroup.class) TestTreeBo bo) {
        List<TestTreeVo> list = iTestTreeService.queryList(bo);
@@ -56,7 +56,7 @@
     * å¯¼å‡ºæµ‹è¯•æ ‘表列表
     */
    @ApiOperation("导出测试树表列表")
    @PreAuthorize("@ss.hasPermi('demo:tree:export')")
    @SaCheckPermission("demo:tree:export")
    @Log(title = "测试树表", businessType = BusinessType.EXPORT)
    @GetMapping("/export")
    public void export(@Validated TestTreeBo bo, HttpServletResponse response) {
@@ -68,7 +68,7 @@
     * èŽ·å–测试树表详细信息
     */
    @ApiOperation("获取测试树表详细信息")
    @PreAuthorize("@ss.hasPermi('demo:tree:query')")
    @SaCheckPermission("demo:tree:query")
    @GetMapping("/{id}")
    public AjaxResult<TestTreeVo> getInfo(@NotNull(message = "主键不能为空")
                                                  @PathVariable("id") Long id) {
@@ -79,7 +79,7 @@
     * æ–°å¢žæµ‹è¯•æ ‘表
     */
    @ApiOperation("新增测试树表")
    @PreAuthorize("@ss.hasPermi('demo:tree:add')")
    @SaCheckPermission("demo:tree:add")
    @Log(title = "测试树表", businessType = BusinessType.INSERT)
    @RepeatSubmit
    @PostMapping()
@@ -91,7 +91,7 @@
     * ä¿®æ”¹æµ‹è¯•æ ‘表
     */
    @ApiOperation("修改测试树表")
    @PreAuthorize("@ss.hasPermi('demo:tree:edit')")
    @SaCheckPermission("demo:tree:edit")
    @Log(title = "测试树表", businessType = BusinessType.UPDATE)
    @RepeatSubmit
    @PutMapping()
@@ -103,7 +103,7 @@
     * åˆ é™¤æµ‹è¯•æ ‘表
     */
    @ApiOperation("删除测试树表")
    @PreAuthorize("@ss.hasPermi('demo:tree:remove')")
    @SaCheckPermission("demo:tree:remove")
    @Log(title = "测试树表" , businessType = BusinessType.DELETE)
    @DeleteMapping("/{ids}")
    public AjaxResult<Void> remove(@NotEmpty(message = "主键不能为空")

 ruoyi-framework/src/main/java/com/ruoyi/framework/aspectj/DataScopeAspect.java

@@ -4,7 +4,6 @@
import com.ruoyi.common.core.domain.BaseEntity;
import com.ruoyi.common.core.domain.entity.SysRole;
import com.ruoyi.common.core.domain.entity.SysUser;
import com.ruoyi.common.core.domain.model.LoginUser;
import com.ruoyi.common.utils.SecurityUtils;
import com.ruoyi.common.utils.StringUtils;
import com.ruoyi.common.utils.reflect.ReflectUtils;
@@ -62,14 +61,11 @@

    protected void handleDataScope(final JoinPoint joinPoint, DataScope controllerDataScope) {
        // èŽ·å–当前的用户
        LoginUser loginUser = SecurityUtils.getLoginUser();
        if (StringUtils.isNotNull(loginUser)) {
            SysUser currentUser = loginUser.getUser();
        SysUser currentUser = SecurityUtils.getUser();
            // å¦‚果是超级管理员，则不过滤数据
            if (StringUtils.isNotNull(currentUser) && !currentUser.isAdmin()) {
                dataScopeFilter(joinPoint, currentUser, controllerDataScope.deptAlias(),
                    controllerDataScope.userAlias(), controllerDataScope.isUser());
            }
        }
    }


 ruoyi-framework/src/main/java/com/ruoyi/framework/aspectj/LogAspect.java

@@ -2,7 +2,7 @@

import com.ruoyi.common.annotation.Log;
import com.ruoyi.common.core.domain.dto.OperLogDTO;
import com.ruoyi.common.core.domain.model.LoginUser;
import com.ruoyi.common.core.domain.entity.SysUser;
import com.ruoyi.common.core.service.OperLogService;
import com.ruoyi.common.enums.BusinessStatus;
import com.ruoyi.common.enums.HttpMethod;
@@ -61,7 +61,7 @@
        try {

            // èŽ·å–当前的用户
            LoginUser loginUser = SecurityUtils.getLoginUser();
            SysUser sysUser = SecurityUtils.getUser();

            // *========数据库日志=========*//
            OperLogDTO operLog = new OperLogDTO();
@@ -70,8 +70,8 @@
            String ip = ServletUtils.getClientIP();
            operLog.setOperIp(ip);
            operLog.setOperUrl(ServletUtils.getRequest().getRequestURI());
            if (loginUser != null) {
                operLog.setOperName(loginUser.getUsername());
            if (sysUser != null) {
                operLog.setOperName(sysUser.getUserName());
            }

            if (e != null) {

 ruoyi-framework/src/main/java/com/ruoyi/framework/aspectj/RepeatSubmitAspect.java

@@ -1,5 +1,6 @@
package com.ruoyi.framework.aspectj;

import cn.dev33.satoken.SaManager;
import cn.hutool.core.util.StrUtil;
import cn.hutool.crypto.SecureUtil;
import com.baomidou.lock.LockInfo;
@@ -7,7 +8,6 @@
import com.ruoyi.common.annotation.RepeatSubmit;
import com.ruoyi.common.constant.Constants;
import com.ruoyi.common.exception.ServiceException;
import com.ruoyi.common.properties.TokenProperties;
import com.ruoyi.common.utils.ServletUtils;
import com.ruoyi.common.utils.StringUtils;
import com.ruoyi.framework.config.properties.RepeatSubmitProperties;
@@ -32,7 +32,6 @@
@Component
public class RepeatSubmitAspect {

    private final TokenProperties tokenProperties;
    private final RepeatSubmitProperties repeatSubmitProperties;
    private final LockTemplate lockTemplate;

@@ -53,7 +52,7 @@
        String url = request.getRequestURI();

        // å”¯ä¸€å€¼ï¼ˆæ²¡æœ‰æ¶ˆæ¯å¤´åˆ™ä½¿ç”¨è¯·æ±‚地址）
        String submitKey = request.getHeader(tokenProperties.getHeader());
        String submitKey = request.getHeader(SaManager.getConfig().getTokenName());
        if (StringUtils.isEmpty(submitKey)) {
            submitKey = url;
        }

 ruoyi-framework/src/main/java/com/ruoyi/framework/config/AsyncConfig.java

ÎļþÒÑɾ³ý

 ruoyi-framework/src/main/java/com/ruoyi/framework/config/ResourcesConfig.java

@@ -1,12 +1,23 @@
package com.ruoyi.framework.config;

import cn.dev33.satoken.interceptor.SaAnnotationInterceptor;
import cn.dev33.satoken.interceptor.SaRouteInterceptor;
import cn.dev33.satoken.router.SaRouter;
import cn.dev33.satoken.stp.StpUtil;
import com.ruoyi.common.utils.SecurityUtils;
import com.ruoyi.common.utils.StringUtils;
import org.springframework.context.annotation.Bean;
import org.springframework.context.annotation.Configuration;
import org.springframework.web.cors.CorsConfiguration;
import org.springframework.web.cors.UrlBasedCorsConfigurationSource;
import org.springframework.web.filter.CorsFilter;
import org.springframework.web.servlet.config.annotation.InterceptorRegistry;
import org.springframework.web.servlet.config.annotation.ResourceHandlerRegistry;
import org.springframework.web.servlet.config.annotation.WebMvcConfigurer;

import java.util.Arrays;
import java.util.Collections;
import java.util.List;

/**
 * é€šç”¨é…ç½®
@@ -16,6 +27,49 @@
@Configuration
public class ResourcesConfig implements WebMvcConfigurer {

    // æ³¨å†Œsa-token的拦截器
    @Override
    public void addInterceptors(InterceptorRegistry registry) {
        List<String> urlPath = Arrays.asList(
                "/login",
                "/logout",
                "/captchaImage",
                "/*.html",
                "/**/*.html",
                "/**/*.css",
                "/**/*.js",
                "/profile/**",
                "/common/download**",
                "/common/download/resource**",
                "/swagger-ui.html",
                "/swagger-resources/**",
                "/webjars/**",
                "/*/api-docs",
                "/druid/**",
                "/actuator",
                "/actuator/**"
        );
        // æ³¨å†Œè·¯ç”±æ‹¦æˆªå™¨ï¼Œè‡ªå®šä¹‰éªŒè¯è§„则
        registry.addInterceptor(new SaRouteInterceptor((request, response, handler) -> {
            // ç™»å½•éªŒè¯ -- æŽ’除多个路径
            SaRouter.match(
                    //获取所有的
                    Collections.singletonList("/**"),
                    //排除下不需要拦截的
                    urlPath,
                    () -> {
                        Long userId = SecurityUtils.getUserId();
                        if(StringUtils.isNotNull(userId) ) {
                            long tokenTimeout = StpUtil.getTokenTimeout();
                            long tokenActivityTimeout = StpUtil.getTokenActivityTimeout();
                            System.out.println("剩余有效时间: " + tokenTimeout);
                            System.out.println("临时有效时间: " + tokenActivityTimeout);
                        }
                    });
        })).addPathPatterns("/**");
        registry.addInterceptor(new SaAnnotationInterceptor()).addPathPatterns("/**");
    }

    @Override
    public void addResourceHandlers(ResourceHandlerRegistry registry) {
    }

 ruoyi-framework/src/main/java/com/ruoyi/framework/config/SecurityConfig.java

ÎļþÒÑɾ³ý

 ruoyi-framework/src/main/java/com/ruoyi/framework/mybatisplus/CreateAndUpdateMetaObjectHandler.java

@@ -2,7 +2,7 @@

import cn.hutool.http.HttpStatus;
import com.baomidou.mybatisplus.core.handlers.MetaObjectHandler;
import com.ruoyi.common.core.domain.model.LoginUser;
import com.ruoyi.common.core.domain.entity.SysUser;
import com.ruoyi.common.exception.ServiceException;
import com.ruoyi.common.utils.SecurityUtils;
import lombok.extern.slf4j.Slf4j;
@@ -53,14 +53,14 @@
     * èŽ·å–登录用户名
     */
    private String getLoginUsername() {
        LoginUser loginUser;
        SysUser loginUser;
        try {
            loginUser = SecurityUtils.getLoginUser();
            loginUser = SecurityUtils.getUser();
        } catch (Exception e) {
            log.warn("自动注入警告 => ç”¨æˆ·æœªç™»å½•");
            return null;
        }
        return loginUser.getUsername();
        return loginUser.getUserName();
    }

}

 ruoyi-framework/src/main/java/com/ruoyi/framework/satoken/MySaTokenListener.java

¶Ô±ÈÐÂÎļþ
@@ -0,0 +1,106 @@
package com.ruoyi.framework.satoken;

import cn.dev33.satoken.listener.SaTokenListener;
import cn.dev33.satoken.stp.SaLoginModel;
import cn.dev33.satoken.stp.StpUtil;
import cn.hutool.http.useragent.UserAgent;
import cn.hutool.http.useragent.UserAgentUtil;
import com.ruoyi.common.constant.Constants;
import com.ruoyi.common.core.domain.dto.UserOnlineDTO;
import com.ruoyi.common.core.domain.entity.SysUser;
import com.ruoyi.common.utils.RedisUtils;
import com.ruoyi.common.utils.SecurityUtils;
import com.ruoyi.common.utils.ServletUtils;
import com.ruoyi.common.utils.StringUtils;
import com.ruoyi.common.utils.ip.AddressUtils;
import lombok.extern.slf4j.Slf4j;
import org.springframework.stereotype.Component;

/**
 * è‡ªå®šä¹‰ä¾¦å¬å™¨çš„实现
 */
@Component
@Slf4j
public class MySaTokenListener implements SaTokenListener {

    /**
     * æ¯æ¬¡ç™»å½•æ—¶è§¦å‘
     */
    @Override
    public void doLogin(String loginType, Object loginId, SaLoginModel loginModel) {
        UserAgent userAgent = UserAgentUtil.parse(ServletUtils.getRequest().getHeader("User-Agent"));
        String ip = ServletUtils.getClientIP();
        SysUser user = SecurityUtils.getUser();
        String tokenValue = StpUtil.getTokenValue();
        UserOnlineDTO userOnlineDTO = new UserOnlineDTO()
                .setIpaddr(ip)
                .setLoginLocation(AddressUtils.getRealAddressByIP(ip))
                .setBrowser(userAgent.getBrowser().getName())
                .setOs(userAgent.getOs().getName())
                .setLoginTime(System.currentTimeMillis())
                .setTokenId(tokenValue)
                .setUserName(user.getUserName());
        if (StringUtils.isNotNull(user.getDept())) {
            userOnlineDTO.setDeptName(user.getDept().getDeptName());
        }
        RedisUtils.setCacheObject(Constants.ONLINE_TOKEN_KEY + tokenValue, userOnlineDTO);
        log.info("user doLogin, useId:{}, token:{}", loginId, tokenValue);
    }

    /**
     * æ¯æ¬¡æ³¨é”€æ—¶è§¦å‘
     */
    @Override
    public void doLogout(String loginType, Object loginId, String tokenValue) {
        RedisUtils.deleteObject(Constants.ONLINE_TOKEN_KEY + tokenValue);
        log.info("user doLogout, useId:{}, token:{}", loginId, tokenValue);
    }

    /**
     * æ¯æ¬¡è¢«è¸¢ä¸‹çº¿æ—¶è§¦å‘
     */
    @Override
    public void doLogoutByLoginId(String loginType, Object loginId, String tokenValue, String device) {
        RedisUtils.deleteObject(Constants.ONLINE_TOKEN_KEY + tokenValue);
        log.info("user doLogoutByLoginId, useId:{}, token:{}", loginId, tokenValue);
    }

    /**
     * æ¯æ¬¡è¢«é¡¶ä¸‹çº¿æ—¶è§¦å‘
     */
    @Override
    public void doReplaced(String loginType, Object loginId, String tokenValue, String device) {
        RedisUtils.deleteObject(Constants.ONLINE_TOKEN_KEY + tokenValue);
        log.info("user doReplaced, useId:{}, token:{}", loginId, tokenValue);
    }

    /**
     * æ¯æ¬¡è¢«å°ç¦æ—¶è§¦å‘
     */
    @Override
    public void doDisable(String loginType, Object loginId, long disableTime) {
    }

    /**
     * æ¯æ¬¡è¢«è§£å°æ—¶è§¦å‘
     */
    @Override
    public void doUntieDisable(String loginType, Object loginId) {
    }

    /**
     * æ¯æ¬¡åˆ›å»ºSession时触发
     */
    @Override
    public void doCreateSession(String id) {
    }

    /**
     * æ¯æ¬¡æ³¨é”€Session时触发
     */
    @Override
    public void doLogoutSession(String id) {
    }


}

 ruoyi-framework/src/main/java/com/ruoyi/framework/security/filter/JwtAuthenticationTokenFilter.java

ÎļþÒÑɾ³ý

 ruoyi-framework/src/main/java/com/ruoyi/framework/security/handle/AuthenticationEntryPointImpl.java

ÎļþÒÑɾ³ý

 ruoyi-framework/src/main/java/com/ruoyi/framework/security/handle/LogoutSuccessHandlerImpl.java

ÎļþÒÑɾ³ý

 ruoyi-framework/src/main/java/com/ruoyi/framework/web/exception/GlobalExceptionHandler.java

@@ -1,5 +1,8 @@
package com.ruoyi.framework.web.exception;

import cn.dev33.satoken.exception.NotLoginException;
import cn.dev33.satoken.exception.NotPermissionException;
import cn.dev33.satoken.exception.NotRoleException;
import cn.hutool.http.HttpStatus;
import com.ruoyi.common.core.domain.AjaxResult;
import com.ruoyi.common.exception.DemoModeException;
@@ -7,7 +10,6 @@
import com.ruoyi.common.utils.StringUtils;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.springframework.security.access.AccessDeniedException;
import org.springframework.validation.BindException;
import org.springframework.web.HttpRequestMethodNotSupportedException;
import org.springframework.web.bind.MethodArgumentNotValidException;
@@ -30,8 +32,8 @@
    /**
     * æƒé™æ ¡éªŒå¼‚常
     */
    @ExceptionHandler(AccessDeniedException.class)
    public AjaxResult handleAccessDeniedException(AccessDeniedException e, HttpServletRequest request)
    @ExceptionHandler(NotPermissionException.class)
    public AjaxResult handleAccessDeniedException(NotPermissionException e, HttpServletRequest request)
    {
        String requestURI = request.getRequestURI();
        log.error("请求地址'{}',权限校验失败'{}'", requestURI, e.getMessage());
@@ -39,6 +41,28 @@
    }

    /**
     * è§’色校验异常
     */
    @ExceptionHandler(NotRoleException.class)
    public AjaxResult handleAccessDeniedException(NotRoleException e, HttpServletRequest request)
    {
        String requestURI = request.getRequestURI();
        log.error("请求地址'{}',角色校验失败'{}'", requestURI, e.getMessage());
        return AjaxResult.error(HttpStatus.HTTP_FORBIDDEN, "没有角色，请联系管理员授权");
    }

    /**
     * è®¤è¯å¤±è´¥
     */
    @ExceptionHandler(NotLoginException.class)
    public AjaxResult handleAccessDeniedException(NotLoginException e, HttpServletRequest request)
    {
        String requestURI = request.getRequestURI();
        log.error("请求访问：{}，认证失败，无法访问系统资源", requestURI, e.getMessage());
        return AjaxResult.error(HttpStatus.HTTP_UNAUTHORIZED, StringUtils.format("请求访问：{}，认证失败，无法访问系统资源", requestURI));
    }

    /**
     * è¯·æ±‚方式不支持
     */
    @ExceptionHandler(HttpRequestMethodNotSupportedException.class)

 ruoyi-generator/src/main/java/com/ruoyi/generator/controller/GenController.java

@@ -1,5 +1,6 @@
package com.ruoyi.generator.controller;

import cn.dev33.satoken.annotation.SaCheckPermission;
import cn.hutool.core.convert.Convert;
import com.ruoyi.common.annotation.Log;
import com.ruoyi.common.core.controller.BaseController;
@@ -12,7 +13,6 @@
import com.ruoyi.generator.service.IGenTableService;
import org.apache.commons.io.IOUtils;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.security.access.prepost.PreAuthorize;
import org.springframework.validation.annotation.Validated;
import org.springframework.web.bind.annotation.*;

@@ -40,7 +40,7 @@
    /**
     * æŸ¥è¯¢ä»£ç ç”Ÿæˆåˆ—表
     */
    @PreAuthorize("@ss.hasPermi('tool:gen:list')")
    @SaCheckPermission("tool:gen:list")
    @GetMapping("/list")
    public TableDataInfo genList(GenTable genTable)
    {
@@ -50,7 +50,7 @@
    /**
     * ä¿®æ”¹ä»£ç ç”Ÿæˆä¸šåŠ¡
     */
    @PreAuthorize("@ss.hasPermi('tool:gen:query')")
    @SaCheckPermission("tool:gen:query")
    @GetMapping(value = "/{talbleId}")
    public AjaxResult getInfo(@PathVariable Long talbleId)
    {
@@ -67,7 +67,7 @@
    /**
     * æŸ¥è¯¢æ•°æ®åº“列表
     */
    @PreAuthorize("@ss.hasPermi('tool:gen:list')")
    @SaCheckPermission("tool:gen:list")
    @GetMapping("/db/list")
    public TableDataInfo dataList(GenTable genTable)
    {
@@ -77,7 +77,7 @@
    /**
     * æŸ¥è¯¢æ•°æ®è¡¨å­—段列表
     */
    @PreAuthorize("@ss.hasPermi('tool:gen:list')")
    @SaCheckPermission("tool:gen:list")
    @GetMapping(value = "/column/{talbleId}")
    public TableDataInfo columnList(Long tableId)
    {
@@ -91,7 +91,7 @@
    /**
     * å¯¼å…¥è¡¨ç»“构（保存）
     */
    @PreAuthorize("@ss.hasPermi('tool:gen:import')")
    @SaCheckPermission("tool:gen:import")
    @Log(title = "代码生成", businessType = BusinessType.IMPORT)
    @PostMapping("/importTable")
    public AjaxResult importTableSave(String tables)
@@ -106,7 +106,7 @@
    /**
     * ä¿®æ”¹ä¿å­˜ä»£ç ç”Ÿæˆä¸šåŠ¡
     */
    @PreAuthorize("@ss.hasPermi('tool:gen:edit')")
    @SaCheckPermission("tool:gen:edit")
    @Log(title = "代码生成", businessType = BusinessType.UPDATE)
    @PutMapping
    public AjaxResult editSave(@Validated @RequestBody GenTable genTable)
@@ -119,7 +119,7 @@
    /**
     * åˆ é™¤ä»£ç ç”Ÿæˆ
     */
    @PreAuthorize("@ss.hasPermi('tool:gen:remove')")
    @SaCheckPermission("tool:gen:remove")
    @Log(title = "代码生成", businessType = BusinessType.DELETE)
    @DeleteMapping("/{tableIds}")
    public AjaxResult remove(@PathVariable Long[] tableIds)
@@ -131,7 +131,7 @@
    /**
     * é¢„览代码
     */
    @PreAuthorize("@ss.hasPermi('tool:gen:preview')")
    @SaCheckPermission("tool:gen:preview")
    @GetMapping("/preview/{tableId}")
    public AjaxResult preview(@PathVariable("tableId") Long tableId) throws IOException
    {
@@ -142,7 +142,7 @@
    /**
     * ç”Ÿæˆä»£ç ï¼ˆä¸‹è½½æ–¹å¼ï¼‰
     */
    @PreAuthorize("@ss.hasPermi('tool:gen:code')")
    @SaCheckPermission("tool:gen:code")
    @Log(title = "代码生成", businessType = BusinessType.GENCODE)
    @GetMapping("/download/{tableName}")
    public void download(HttpServletResponse response, @PathVariable("tableName") String tableName) throws IOException
@@ -154,7 +154,7 @@
    /**
     * ç”Ÿæˆä»£ç ï¼ˆè‡ªå®šä¹‰è·¯å¾„）
     */
    @PreAuthorize("@ss.hasPermi('tool:gen:code')")
    @SaCheckPermission("tool:gen:code")
    @Log(title = "代码生成", businessType = BusinessType.GENCODE)
    @GetMapping("/genCode/{tableName}")
    public AjaxResult genCode(@PathVariable("tableName") String tableName)
@@ -166,7 +166,7 @@
    /**
     * åŒæ­¥æ•°æ®åº“
     */
    @PreAuthorize("@ss.hasPermi('tool:gen:edit')")
    @SaCheckPermission("tool:gen:edit")
    @Log(title = "代码生成", businessType = BusinessType.UPDATE)
    @GetMapping("/synchDb/{tableName}")
    public AjaxResult synchDb(@PathVariable("tableName") String tableName)
@@ -178,7 +178,7 @@
    /**
     * æ‰¹é‡ç”Ÿæˆä»£ç 
     */
    @PreAuthorize("@ss.hasPermi('tool:gen:code')")
    @SaCheckPermission("tool:gen:code")
    @Log(title = "代码生成", businessType = BusinessType.GENCODE)
    @GetMapping("/batchGenCode")
    public void batchGenCode(HttpServletResponse response, String tables) throws IOException

 ruoyi-generator/src/main/resources/vm/java/controller.java.vm

@@ -49,7 +49,7 @@
     * æŸ¥è¯¢${functionName}列表
     */
    @ApiOperation("查询${functionName}列表")
    @PreAuthorize("@ss.hasPermi('${permissionPrefix}:list')")
    @SaCheckPermission("${permissionPrefix}:list")
    @GetMapping("/list")
#if($table.crud || $table.sub)
    public TableDataInfo<${ClassName}Vo> list(@Validated(QueryGroup.class) ${ClassName}Bo bo) {
@@ -66,7 +66,7 @@
     * å¯¼å‡º${functionName}列表
     */
    @ApiOperation("导出${functionName}列表")
    @PreAuthorize("@ss.hasPermi('${permissionPrefix}:export')")
    @SaCheckPermission("${permissionPrefix}:export")
    @Log(title = "${functionName}", businessType = BusinessType.EXPORT)
    @GetMapping("/export")
    public void export(@Validated ${ClassName}Bo bo, HttpServletResponse response) {
@@ -78,7 +78,7 @@
     * èŽ·å–${functionName}详细信息
     */
    @ApiOperation("获取${functionName}详细信息")
    @PreAuthorize("@ss.hasPermi('${permissionPrefix}:query')")
    @SaCheckPermission("${permissionPrefix}:query")
    @GetMapping("/{${pkColumn.javaField}}")
    public AjaxResult<${ClassName}Vo> getInfo(@NotNull(message = "主键不能为空")
                                                  @PathVariable("${pkColumn.javaField}") ${pkColumn.javaType} ${pkColumn.javaField}) {
@@ -89,7 +89,7 @@
     * æ–°å¢ž${functionName}
     */
    @ApiOperation("新增${functionName}")
    @PreAuthorize("@ss.hasPermi('${permissionPrefix}:add')")
    @SaCheckPermission("${permissionPrefix}:add")
    @Log(title = "${functionName}", businessType = BusinessType.INSERT)
    @RepeatSubmit()
    @PostMapping()
@@ -101,7 +101,7 @@
     * ä¿®æ”¹${functionName}
     */
    @ApiOperation("修改${functionName}")
    @PreAuthorize("@ss.hasPermi('${permissionPrefix}:edit')")
    @SaCheckPermission("${permissionPrefix}:edit")
    @Log(title = "${functionName}", businessType = BusinessType.UPDATE)
    @RepeatSubmit()
    @PutMapping()
@@ -113,7 +113,7 @@
     * åˆ é™¤${functionName}
     */
    @ApiOperation("删除${functionName}")
    @PreAuthorize("@ss.hasPermi('${permissionPrefix}:remove')")
    @SaCheckPermission("${permissionPrefix}:remove")
    @Log(title = "${functionName}" , businessType = BusinessType.DELETE)
    @DeleteMapping("/{${pkColumn.javaField}s}")
    public AjaxResult<Void> remove(@NotEmpty(message = "主键不能为空")

 ruoyi-quartz/src/main/java/com/ruoyi/quartz/controller/SysJobController.java

@@ -1,5 +1,6 @@
package com.ruoyi.quartz.controller;

import cn.dev33.satoken.annotation.SaCheckPermission;
import com.ruoyi.common.annotation.Log;
import com.ruoyi.common.constant.Constants;
import com.ruoyi.common.core.controller.BaseController;
@@ -14,7 +15,6 @@
import com.ruoyi.quartz.util.CronUtils;
import org.quartz.SchedulerException;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.security.access.prepost.PreAuthorize;
import org.springframework.web.bind.annotation.*;

import javax.servlet.http.HttpServletResponse;
@@ -35,7 +35,7 @@
    /**
     * æŸ¥è¯¢å®šæ—¶ä»»åŠ¡åˆ—表
     */
    @PreAuthorize("@ss.hasPermi('monitor:job:list')")
    @SaCheckPermission("monitor:job:list")
    @GetMapping("/list")
    public TableDataInfo list(SysJob sysJob)
    {
@@ -45,7 +45,7 @@
    /**
     * å¯¼å‡ºå®šæ—¶ä»»åŠ¡åˆ—表
     */
    @PreAuthorize("@ss.hasPermi('monitor:job:export')")
    @SaCheckPermission("monitor:job:export")
    @Log(title = "定时任务", businessType = BusinessType.EXPORT)
    @GetMapping("/export")
    public void export(SysJob sysJob, HttpServletResponse response)
@@ -57,7 +57,7 @@
    /**
     * èŽ·å–定时任务详细信息
     */
    @PreAuthorize("@ss.hasPermi('monitor:job:query')")
    @SaCheckPermission("monitor:job:query")
    @GetMapping(value = "/{jobId}")
    public AjaxResult getInfo(@PathVariable("jobId") Long jobId)
    {
@@ -67,7 +67,7 @@
    /**
     * æ–°å¢žå®šæ—¶ä»»åŠ¡
     */
    @PreAuthorize("@ss.hasPermi('monitor:job:add')")
    @SaCheckPermission("monitor:job:add")
    @Log(title = "定时任务", businessType = BusinessType.INSERT)
    @PostMapping
    public AjaxResult add(@RequestBody SysJob job) throws SchedulerException, TaskException
@@ -88,14 +88,13 @@
        {
            return error("新增任务'" + job.getJobName() + "'失败，目标字符串不允许'http(s)//'调用");
        }
        job.setCreateBy(getUsername());
        return toAjax(jobService.insertJob(job));
    }

    /**
     * ä¿®æ”¹å®šæ—¶ä»»åŠ¡
     */
    @PreAuthorize("@ss.hasPermi('monitor:job:edit')")
    @SaCheckPermission("monitor:job:edit")
    @Log(title = "定时任务", businessType = BusinessType.UPDATE)
    @PutMapping
    public AjaxResult edit(@RequestBody SysJob job) throws SchedulerException, TaskException
@@ -116,14 +115,13 @@
        {
            return error("修改任务'" + job.getJobName() + "'失败，目标字符串不允许'http(s)//'调用");
        }
        job.setUpdateBy(getUsername());
        return toAjax(jobService.updateJob(job));
    }

    /**
     * å®šæ—¶ä»»åŠ¡çŠ¶æ€ä¿®æ”¹
     */
    @PreAuthorize("@ss.hasPermi('monitor:job:changeStatus')")
    @SaCheckPermission("monitor:job:changeStatus")
    @Log(title = "定时任务", businessType = BusinessType.UPDATE)
    @PutMapping("/changeStatus")
    public AjaxResult changeStatus(@RequestBody SysJob job) throws SchedulerException
@@ -136,7 +134,7 @@
    /**
     * å®šæ—¶ä»»åŠ¡ç«‹å³æ‰§è¡Œä¸€æ¬¡
     */
    @PreAuthorize("@ss.hasPermi('monitor:job:changeStatus')")
    @SaCheckPermission("monitor:job:changeStatus")
    @Log(title = "定时任务", businessType = BusinessType.UPDATE)
    @PutMapping("/run")
    public AjaxResult run(@RequestBody SysJob job) throws SchedulerException
@@ -148,7 +146,7 @@
    /**
     * åˆ é™¤å®šæ—¶ä»»åŠ¡
     */
    @PreAuthorize("@ss.hasPermi('monitor:job:remove')")
    @SaCheckPermission("monitor:job:remove")
    @Log(title = "定时任务", businessType = BusinessType.DELETE)
    @DeleteMapping("/{jobIds}")
    public AjaxResult remove(@PathVariable Long[] jobIds) throws SchedulerException, TaskException

 ruoyi-quartz/src/main/java/com/ruoyi/quartz/controller/SysJobLogController.java

@@ -1,5 +1,6 @@
package com.ruoyi.quartz.controller;

import cn.dev33.satoken.annotation.SaCheckPermission;
import com.ruoyi.common.annotation.Log;
import com.ruoyi.common.core.controller.BaseController;
import com.ruoyi.common.core.domain.AjaxResult;
@@ -9,7 +10,6 @@
import com.ruoyi.quartz.domain.SysJobLog;
import com.ruoyi.quartz.service.ISysJobLogService;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.security.access.prepost.PreAuthorize;
import org.springframework.web.bind.annotation.*;

import javax.servlet.http.HttpServletResponse;
@@ -30,7 +30,8 @@
    /**
     * æŸ¥è¯¢å®šæ—¶ä»»åŠ¡è°ƒåº¦æ—¥å¿—列表
     */
    @PreAuthorize("@ss.hasPermi('monitor:job:list')")

    @SaCheckPermission("monitor:job:list")
    @GetMapping("/list")
    public TableDataInfo list(SysJobLog sysJobLog)
    {
@@ -40,7 +41,7 @@
    /**
     * å¯¼å‡ºå®šæ—¶ä»»åŠ¡è°ƒåº¦æ—¥å¿—列表
     */
    @PreAuthorize("@ss.hasPermi('monitor:job:export')")
    @SaCheckPermission("monitor:job:export")
    @Log(title = "任务调度日志", businessType = BusinessType.EXPORT)
    @GetMapping("/export")
    public void export(SysJobLog sysJobLog, HttpServletResponse response)
@@ -52,7 +53,7 @@
    /**
     * æ ¹æ®è°ƒåº¦ç¼–号获取详细信息
     */
    @PreAuthorize("@ss.hasPermi('monitor:job:query')")
    @SaCheckPermission("monitor:job:query")
    @GetMapping(value = "/{configId}")
    public AjaxResult getInfo(@PathVariable Long jobLogId)
    {
@@ -63,7 +64,7 @@
    /**
     * åˆ é™¤å®šæ—¶ä»»åŠ¡è°ƒåº¦æ—¥å¿—
     */
    @PreAuthorize("@ss.hasPermi('monitor:job:remove')")
    @SaCheckPermission("monitor:job:remove")
    @Log(title = "定时任务调度日志", businessType = BusinessType.DELETE)
    @DeleteMapping("/{jobLogIds}")
    public AjaxResult remove(@PathVariable Long[] jobLogIds)
@@ -74,7 +75,7 @@
    /**
     * æ¸…空定时任务调度日志
     */
    @PreAuthorize("@ss.hasPermi('monitor:job:remove')")
    @SaCheckPermission("monitor:job:remove")
    @Log(title = "调度日志", businessType = BusinessType.CLEAN)
    @DeleteMapping("/clean")
    public AjaxResult clean()

 ruoyi-system/src/main/java/com/ruoyi/system/service/ISysUserOnlineService.java

ÎļþÒÑɾ³ý

 ruoyi-system/src/main/java/com/ruoyi/system/service/ISysUserService.java

@@ -3,6 +3,7 @@
import com.baomidou.mybatisplus.extension.service.IService;
import com.ruoyi.common.core.domain.entity.SysUser;
import com.ruoyi.common.core.page.TableDataInfo;
import com.ruoyi.common.core.service.IUserService;

import java.util.List;

@@ -11,7 +12,7 @@
 *
 * @author ruoyi
 */
public interface ISysUserService extends IService<SysUser> {
public interface ISysUserService extends IService<SysUser>, IUserService {


    TableDataInfo<SysUser> selectPageUserList(SysUser user);

 ruoyi-system/src/main/java/com/ruoyi/system/service/PermissionService.java

ÎļþÒÑɾ³ý

 ruoyi-system/src/main/java/com/ruoyi/system/service/SysLoginService.java

@@ -1,26 +1,20 @@
package com.ruoyi.system.service;

import cn.dev33.satoken.stp.StpUtil;
import com.ruoyi.common.constant.Constants;
import com.ruoyi.common.core.domain.entity.SysUser;
import com.ruoyi.common.core.domain.model.LoginUser;
import com.ruoyi.common.core.service.LogininforService;
import com.ruoyi.common.core.service.TokenService;
import com.ruoyi.common.enums.UserStatus;
import com.ruoyi.common.exception.ServiceException;
import com.ruoyi.common.exception.user.CaptchaException;
import com.ruoyi.common.exception.user.CaptchaExpireException;
import com.ruoyi.common.exception.user.UserPasswordNotMatchException;
import com.ruoyi.common.utils.DateUtils;
import com.ruoyi.common.utils.MessageUtils;
import com.ruoyi.common.utils.RedisUtils;
import com.ruoyi.common.utils.ServletUtils;
import com.ruoyi.common.utils.*;
import lombok.extern.slf4j.Slf4j;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.security.authentication.AuthenticationManager;
import org.springframework.security.authentication.BadCredentialsException;
import org.springframework.security.authentication.UsernamePasswordAuthenticationToken;
import org.springframework.security.core.Authentication;
import org.springframework.security.crypto.bcrypt.BCryptPasswordEncoder;
import org.springframework.stereotype.Component;

import javax.annotation.Resource;
import javax.servlet.http.HttpServletRequest;

/**
@@ -28,14 +22,10 @@
 *
 * @author ruoyi
 */
@Slf4j
@Component
public class SysLoginService
{
    @Autowired
    private TokenService tokenService;

    @Resource
    private AuthenticationManager authenticationManager;

    @Autowired
    private ISysUserService userService;
@@ -64,32 +54,35 @@
        {
            validateCaptcha(username, code, uuid, request);
        }
        // ç”¨æˆ·éªŒè¯
        Authentication authentication = null;
        try
        SysUser user = userService.selectUserByUserName(username);
        if (StringUtils.isNull(user))
        {
            // è¯¥æ–¹æ³•ä¼šåŽ»è°ƒç”¨UserDetailsServiceImpl.loadUserByUsername
            authentication = authenticationManager
                    .authenticate(new UsernamePasswordAuthenticationToken(username, password));
            log.info("登录用户：{} ä¸å­˜åœ¨.", username);
            throw new ServiceException("登录用户：" + username + " ä¸å­˜åœ¨");
        }
        catch (Exception e)
        else if (UserStatus.DELETED.getCode().equals(user.getDelFlag()))
        {
            if (e instanceof BadCredentialsException)
            log.info("登录用户：{} å·²è¢«åˆ é™¤.", username);
            throw new ServiceException("对不起，您的账号：" + username + " å·²è¢«åˆ é™¤");
        }
        else if (UserStatus.DISABLE.getCode().equals(user.getStatus()))
        {
            log.info("登录用户：{} å·²è¢«åœç”¨.", username);
            throw new ServiceException("对不起，您的账号：" + username + " å·²åœç”¨");
        }
        BCryptPasswordEncoder passwordEncoder = new BCryptPasswordEncoder();
        String encodePassword = passwordEncoder.encode(password);
        if (SecurityUtils.matchesPassword(user.getPassword(), encodePassword))
            {
                asyncService.recordLogininfor(username, Constants.LOGIN_FAIL, MessageUtils.message("user.password.not.match"), request);
                throw new UserPasswordNotMatchException();
            }
            else
            {
                asyncService.recordLogininfor(username, Constants.LOGIN_FAIL, e.getMessage(), request);
                throw new ServiceException(e.getMessage());
            }
        }

        asyncService.recordLogininfor(username, Constants.LOGIN_SUCCESS, MessageUtils.message("user.login.success"), request);
        LoginUser loginUser = (LoginUser) authentication.getPrincipal();
        recordLoginInfo(loginUser.getUser());
        recordLoginInfo(user);
        // ç”Ÿæˆtoken
        return tokenService.createToken(loginUser);
        StpUtil.login(user.getUserId(), "PC");
        return StpUtil.getTokenValue();
    }

    /**

 ruoyi-system/src/main/java/com/ruoyi/system/service/impl/SaInterfaceImpl.java

¶Ô±ÈÐÂÎļþ
@@ -0,0 +1,36 @@
package com.ruoyi.system.service.impl;

import cn.dev33.satoken.stp.StpInterface;
import com.ruoyi.common.core.domain.entity.SysUser;
import com.ruoyi.system.service.ISysUserService;
import com.ruoyi.system.service.SysPermissionService;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.stereotype.Component;

import java.util.ArrayList;
import java.util.List;
import java.util.Set;

@Component
public class SaInterfaceImpl implements StpInterface {

    @Autowired
    private SysPermissionService sysPermissionService;
    @Autowired
    private ISysUserService iSysUserService;

    @Override
    public List<String> getPermissionList(Object loginId, String loginType) {
        SysUser user = iSysUserService.getById(loginId.toString());
        Set<String> menuPermission = sysPermissionService.getMenuPermission(user);
        //采用的是用户里自带的权限，实现一次性访问reids,进行判断是否可以访问
        return new ArrayList<>(menuPermission);
    }

    @Override
    public List<String> getRoleList(Object loginId, String loginType) {
        SysUser user = iSysUserService.getById(loginId.toString());
        Set<String> rolePermission = sysPermissionService.getRolePermission(user);
        return new ArrayList<>(rolePermission);
    }
}

 ruoyi-system/src/main/java/com/ruoyi/system/service/impl/SysUserOnlineServiceImpl.java

ÎļþÒÑɾ³ý

 ruoyi-system/src/main/java/com/ruoyi/system/service/impl/TokenServiceImpl.java

ÎļþÒÑɾ³ý

 ruoyi-system/src/main/java/com/ruoyi/system/service/impl/UserDetailsServiceImpl.java

ÎļþÒÑɾ³ý