From 9ed5b521d613edb51b160cca931ee680019e2896 Mon Sep 17 00:00:00 2001
From: 疯狂的狮子Li <15040126243@163.com>
Date: 星期二, 07 三月 2023 22:26:13 +0800
Subject: [PATCH] fix 修复 用户密码暴露问题
---
ruoyi-modules/ruoyi-system/src/main/java/com/ruoyi/system/controller/system/SysMenuController.java | 78 ++++++++++++++++++++++++++++++---------
1 files changed, 60 insertions(+), 18 deletions(-)
diff --git a/ruoyi-modules/ruoyi-system/src/main/java/com/ruoyi/system/controller/system/SysMenuController.java b/ruoyi-modules/ruoyi-system/src/main/java/com/ruoyi/system/controller/system/SysMenuController.java
index 457f44b..8a19b5d 100644
--- a/ruoyi-modules/ruoyi-system/src/main/java/com/ruoyi/system/controller/system/SysMenuController.java
+++ b/ruoyi-modules/ruoyi-system/src/main/java/com/ruoyi/system/controller/system/SysMenuController.java
@@ -1,22 +1,26 @@
package com.ruoyi.system.controller.system;
import cn.dev33.satoken.annotation.SaCheckPermission;
+import cn.dev33.satoken.annotation.SaCheckRole;
+import cn.dev33.satoken.annotation.SaMode;
import cn.hutool.core.lang.tree.Tree;
+import com.ruoyi.common.core.constant.TenantConstants;
import com.ruoyi.common.core.constant.UserConstants;
import com.ruoyi.common.core.domain.R;
import com.ruoyi.common.core.utils.StringUtils;
-import com.ruoyi.common.web.core.BaseController;
import com.ruoyi.common.log.annotation.Log;
import com.ruoyi.common.log.enums.BusinessType;
import com.ruoyi.common.satoken.utils.LoginHelper;
-import com.ruoyi.system.domain.SysMenu;
+import com.ruoyi.common.web.core.BaseController;
+import com.ruoyi.system.domain.bo.SysMenuBo;
+import com.ruoyi.system.domain.vo.MenuTreeSelectVo;
+import com.ruoyi.system.domain.vo.SysMenuVo;
import com.ruoyi.system.service.ISysMenuService;
import lombok.RequiredArgsConstructor;
import org.springframework.validation.annotation.Validated;
import org.springframework.web.bind.annotation.*;
import java.util.List;
-import java.util.Map;
/**
* 鑿滃崟淇℃伅
@@ -34,10 +38,14 @@
/**
* 鑾峰彇鑿滃崟鍒楄〃
*/
+ @SaCheckRole(value = {
+ TenantConstants.SUPER_ADMIN_ROLE_KEY,
+ TenantConstants.TENANT_ADMIN_ROLE_KEY
+ }, mode = SaMode.OR)
@SaCheckPermission("system:menu:list")
@GetMapping("/list")
- public R<List<SysMenu>> list(SysMenu menu) {
- List<SysMenu> menus = menuService.selectMenuList(menu, LoginHelper.getUserId());
+ public R<List<SysMenuVo>> list(SysMenuBo menu) {
+ List<SysMenuVo> menus = menuService.selectMenuList(menu, LoginHelper.getUserId());
return R.ok(menus);
}
@@ -46,18 +54,27 @@
*
* @param menuId 鑿滃崟ID
*/
+ @SaCheckRole(value = {
+ TenantConstants.SUPER_ADMIN_ROLE_KEY,
+ TenantConstants.TENANT_ADMIN_ROLE_KEY
+ }, mode = SaMode.OR)
@SaCheckPermission("system:menu:query")
@GetMapping(value = "/{menuId}")
- public R<SysMenu> getInfo(@PathVariable Long menuId) {
+ public R<SysMenuVo> getInfo(@PathVariable Long menuId) {
return R.ok(menuService.selectMenuById(menuId));
}
/**
* 鑾峰彇鑿滃崟涓嬫媺鏍戝垪琛�
*/
+ @SaCheckRole(value = {
+ TenantConstants.SUPER_ADMIN_ROLE_KEY,
+ TenantConstants.TENANT_ADMIN_ROLE_KEY
+ }, mode = SaMode.OR)
+ @SaCheckPermission("system:menu:query")
@GetMapping("/treeselect")
- public R<List<Tree<Long>>> treeselect(SysMenu menu) {
- List<SysMenu> menus = menuService.selectMenuList(menu, LoginHelper.getUserId());
+ public R<List<Tree<Long>>> treeselect(SysMenuBo menu) {
+ List<SysMenuVo> menus = menuService.selectMenuList(menu, LoginHelper.getUserId());
return R.ok(menuService.buildMenuTreeSelect(menus));
}
@@ -66,23 +83,45 @@
*
* @param roleId 瑙掕壊ID
*/
+ @SaCheckRole(value = {
+ TenantConstants.SUPER_ADMIN_ROLE_KEY,
+ TenantConstants.TENANT_ADMIN_ROLE_KEY
+ }, mode = SaMode.OR)
+ @SaCheckPermission("system:menu:query")
@GetMapping(value = "/roleMenuTreeselect/{roleId}")
- public R<Map<String, Object>> roleMenuTreeselect(@PathVariable("roleId") Long roleId) {
- List<SysMenu> menus = menuService.selectMenuList(LoginHelper.getUserId());
- return R.ok(Map.of(
- "checkedKeys", menuService.selectMenuListByRoleId(roleId),
- "menus", menuService.buildMenuTreeSelect(menus)
- ));
+ public R<MenuTreeSelectVo> roleMenuTreeselect(@PathVariable("roleId") Long roleId) {
+ List<SysMenuVo> menus = menuService.selectMenuList(LoginHelper.getUserId());
+ MenuTreeSelectVo selectVo = new MenuTreeSelectVo();
+ selectVo.setCheckedKeys(menuService.selectMenuListByRoleId(roleId));
+ selectVo.setMenus(menuService.buildMenuTreeSelect(menus));
+ return R.ok(selectVo);
+ }
+
+ /**
+ * 鍔犺浇瀵瑰簲绉熸埛濂楅鑿滃崟鍒楄〃鏍�
+ *
+ * @param packageId 绉熸埛濂楅ID
+ */
+ @SaCheckRole(TenantConstants.SUPER_ADMIN_ROLE_KEY)
+ @SaCheckPermission("system:menu:query")
+ @GetMapping(value = "/tenantPackageMenuTreeselect/{packageId}")
+ public R<MenuTreeSelectVo> tenantPackageMenuTreeselect(@PathVariable("packageId") Long packageId) {
+ List<SysMenuVo> menus = menuService.selectMenuList(LoginHelper.getUserId());
+ MenuTreeSelectVo selectVo = new MenuTreeSelectVo();
+ selectVo.setCheckedKeys(menuService.selectMenuListByPackageId(packageId));
+ selectVo.setMenus(menuService.buildMenuTreeSelect(menus));
+ return R.ok(selectVo);
}
/**
* 鏂板鑿滃崟
*/
+ @SaCheckRole(TenantConstants.SUPER_ADMIN_ROLE_KEY)
@SaCheckPermission("system:menu:add")
@Log(title = "鑿滃崟绠$悊", businessType = BusinessType.INSERT)
@PostMapping
- public R<Void> add(@Validated @RequestBody SysMenu menu) {
- if (UserConstants.NOT_UNIQUE.equals(menuService.checkMenuNameUnique(menu))) {
+ public R<Void> add(@Validated @RequestBody SysMenuBo menu) {
+ if (!menuService.checkMenuNameUnique(menu)) {
return R.fail("鏂板鑿滃崟'" + menu.getMenuName() + "'澶辫触锛岃彍鍗曞悕绉板凡瀛樺湪");
} else if (UserConstants.YES_FRAME.equals(menu.getIsFrame()) && !StringUtils.ishttp(menu.getPath())) {
return R.fail("鏂板鑿滃崟'" + menu.getMenuName() + "'澶辫触锛屽湴鍧�蹇呴』浠ttp(s)://寮�澶�");
@@ -93,11 +132,12 @@
/**
* 淇敼鑿滃崟
*/
+ @SaCheckRole(TenantConstants.SUPER_ADMIN_ROLE_KEY)
@SaCheckPermission("system:menu:edit")
@Log(title = "鑿滃崟绠$悊", businessType = BusinessType.UPDATE)
@PutMapping
- public R<Void> edit(@Validated @RequestBody SysMenu menu) {
- if (UserConstants.NOT_UNIQUE.equals(menuService.checkMenuNameUnique(menu))) {
+ public R<Void> edit(@Validated @RequestBody SysMenuBo menu) {
+ if (!menuService.checkMenuNameUnique(menu)) {
return R.fail("淇敼鑿滃崟'" + menu.getMenuName() + "'澶辫触锛岃彍鍗曞悕绉板凡瀛樺湪");
} else if (UserConstants.YES_FRAME.equals(menu.getIsFrame()) && !StringUtils.ishttp(menu.getPath())) {
return R.fail("淇敼鑿滃崟'" + menu.getMenuName() + "'澶辫触锛屽湴鍧�蹇呴』浠ttp(s)://寮�澶�");
@@ -112,6 +152,7 @@
*
* @param menuId 鑿滃崟ID
*/
+ @SaCheckRole(TenantConstants.SUPER_ADMIN_ROLE_KEY)
@SaCheckPermission("system:menu:remove")
@Log(title = "鑿滃崟绠$悊", businessType = BusinessType.DELETE)
@DeleteMapping("/{menuId}")
@@ -124,4 +165,5 @@
}
return toAjax(menuService.deleteMenuById(menuId));
}
+
}
--
Gitblit v1.9.3