完善权限认证功能

2020-11-02 00:04:27 +08:00
parent e09d2db2b8
commit 27a070cb36
17 changed files with 151 additions and 41 deletions
--- a/src/zeus.app/src/main/kotlin/com/synebula/zeus/app/controller/rbac/resource/InterfaceApp.kt
+++ b/src/zeus.app/src/main/kotlin/com/synebula/zeus/app/controller/rbac/resource/InterfaceApp.kt
@@ -1,11 +1,14 @@
 package com.synebula.zeus.app.controller.rbac.resource
 import com.synebula.gaea.app.Application
 import com.synebula.gaea.app.component.HttpMessage
 import com.synebula.gaea.log.ILogger
 import com.synebula.zeus.domain.service.cmd.rbac.resource.InterfaceCmd
 import com.synebula.zeus.domain.service.contr.rbac.resource.IInterfaceService
-import com.synebula.zeus.query.impl.resouce.InterfaceQuery
+import com.synebula.zeus.query.contr.resouce.IInterfaceQuery
 import com.synebula.zeus.query.view.resource.InterfaceView
 import org.springframework.web.bind.annotation.GetMapping
 import org.springframework.web.bind.annotation.PathVariable
 import org.springframework.web.bind.annotation.RequestMapping
 import org.springframework.web.bind.annotation.RestController
@@ -13,9 +16,31 @@ import org.springframework.web.bind.annotation.RestController
@RequestMapping("/interfaces")
 class InterfaceApp(
    service: IInterfaceService,
-    query: InterfaceQuery,
+    logger: ILogger,
-    logger: ILogger
+    var interfaceQuery: IInterfaceQuery
 ) : Application<InterfaceCmd, InterfaceView, String>(
    "接口信息", InterfaceView::class.java,
-    service, query, logger
+    service, interfaceQuery, logger
-)
+) {
    @GetMapping("/in-system/{system}/permission/{role}")
    fun withSystemPermission(@PathVariable system: String, @PathVariable role: String): HttpMessage {
        return this.safeExecute("获取有权资源列表失败") { msg ->
            msg.data = this.interfaceQuery.withPermission(role, system)
        }
    }
    @GetMapping("/permission/{role}")
    fun withPermission(@PathVariable role: String): HttpMessage {
        return this.safeExecute("获取有权资源列表失败") { msg ->
            msg.data = this.interfaceQuery.withPermission(role)
        }
    }
    @GetMapping("/{api}/authentication/{role}")
    fun authentication(@PathVariable api: String, @PathVariable role: String): HttpMessage {
        return this.safeExecute("获取权限信息失败") { msg ->
            msg.data = this.interfaceQuery.authentication(api, role)
        }
    }
 }
--- a/src/zeus.app/src/main/kotlin/com/synebula/zeus/app/controller/rbac/resource/PageApp.kt
+++ b/src/zeus.app/src/main/kotlin/com/synebula/zeus/app/controller/rbac/resource/PageApp.kt
@@ -1,11 +1,14 @@
 package com.synebula.zeus.app.controller.rbac.resource
 import com.synebula.gaea.app.Application
 import com.synebula.gaea.app.component.HttpMessage
 import com.synebula.gaea.log.ILogger
 import com.synebula.zeus.domain.service.cmd.rbac.resource.PageCmd
 import com.synebula.zeus.domain.service.contr.rbac.resource.IPageService
 import com.synebula.zeus.query.contr.resouce.IPageQuery
 import com.synebula.zeus.query.view.resource.PageView
 import org.springframework.web.bind.annotation.GetMapping
 import org.springframework.web.bind.annotation.PathVariable
 import org.springframework.web.bind.annotation.RequestMapping
 import org.springframework.web.bind.annotation.RestController
@@ -13,9 +16,31 @@ import org.springframework.web.bind.annotation.RestController
@RequestMapping("/pages")
 class PageApp(
    service: IPageService,
-    query: IPageQuery,
+    logger: ILogger,
-    logger: ILogger
+    var pageQuery: IPageQuery
 ) : Application<PageCmd, PageView, String>(
    "页面信息", PageView::class.java,
-    service, query, logger
+    service, pageQuery, logger
-)
+) {
    @GetMapping("/in-system/{system}/permission/{role}")
    fun withSystemPermission(@PathVariable system: String, @PathVariable role: String): HttpMessage {
        return this.safeExecute("获取有权资源列表失败") { msg ->
            msg.data = this.pageQuery.withPermission(role, system)
        }
    }
    @GetMapping("/permission/{role}")
    fun withPermission(@PathVariable role: String): HttpMessage {
        return this.safeExecute("获取有权资源列表失败") { msg ->
            msg.data = this.pageQuery.withPermission(role)
        }
    }
    @GetMapping("/{page}/authentication/{role}")
    fun authentication(@PathVariable page: String, @PathVariable role: String): HttpMessage {
        return this.safeExecute("获取权限信息失败") { msg ->
            msg.data = this.pageQuery.authentication(page, role)
        }
    }
 }
--- a/src/zeus.app/src/main/kotlin/com/synebula/zeus/app/controller/rbac/resource/SystemApp.kt
+++ b/src/zeus.app/src/main/kotlin/com/synebula/zeus/app/controller/rbac/resource/SystemApp.kt
@@ -1,11 +1,14 @@
 package com.synebula.zeus.app.controller.rbac.resource
 import com.synebula.gaea.app.Application
 import com.synebula.gaea.app.component.HttpMessage
 import com.synebula.gaea.log.ILogger
 import com.synebula.zeus.domain.service.cmd.rbac.resource.SystemCmd
 import com.synebula.zeus.domain.service.contr.rbac.resource.ISystemService
 import com.synebula.zeus.query.contr.resouce.ISystemQuery
 import com.synebula.zeus.query.view.resource.SystemView
 import org.springframework.web.bind.annotation.GetMapping
 import org.springframework.web.bind.annotation.PathVariable
 import org.springframework.web.bind.annotation.RequestMapping
 import org.springframework.web.bind.annotation.RestController
@@ -13,9 +16,23 @@ import org.springframework.web.bind.annotation.RestController
@RequestMapping("/systems")
 class SystemApp(
    service: ISystemService,
-    query: ISystemQuery,
+    logger: ILogger,
-    logger: ILogger
+    var systemQuery: ISystemQuery
 ) : Application<SystemCmd, SystemView, String>(
    "系统信息", SystemView::class.java,
-    service, query, logger
+    service, systemQuery, logger
-)
+) {
    @GetMapping("/permission/{role}")
    fun withPermission(@PathVariable role: String): HttpMessage {
        return this.safeExecute("获取有权资源列表失败") { msg ->
            msg.data = this.systemQuery.withPermission(role)
        }
    }
    @GetMapping("/{system}/authentication/{role}")
    fun authentication(@PathVariable system: String, @PathVariable role: String): HttpMessage {
        return this.safeExecute("获取权限信息失败") { msg ->
            msg.data = this.systemQuery.authentication(system, role)
        }
    }
 }
--- a/src/zeus.domain/src/main/kotlin/com/synebula/zeus/domain/model/rbac/resource/Interface.kt
+++ b/src/zeus.domain/src/main/kotlin/com/synebula/zeus/domain/model/rbac/resource/Interface.kt
@@ -3,5 +3,6 @@ package com.synebula.zeus.domain.model.rbac.resource
 import com.synebula.gaea.domain.model.IAggregateRoot
 class Interface : Resource(), IAggregateRoot<String> {
    var system = ""
    override var alive = true
 }
--- a/src/zeus.domain/src/main/kotlin/com/synebula/zeus/domain/model/rbac/resource/Page.kt
+++ b/src/zeus.domain/src/main/kotlin/com/synebula/zeus/domain/model/rbac/resource/Page.kt
@@ -5,16 +5,16 @@ import com.synebula.gaea.domain.model.IAggregateRoot
 class Page : Resource(), IAggregateRoot<String> {
    // 上级页面
-    val supPage = 0
+    var parent = ""
    // 页面图标
-    val icon: String? = null
+    var icon: String? = null
    // 附加参数
-    val params: String? = null
+    var params: String? = null
    // 所属系统
-    val system = 0
+    var system = ""
    override var alive = true
--- a/src/zeus.domain/src/main/kotlin/com/synebula/zeus/domain/model/rbac/resource/Resource.kt
+++ b/src/zeus.domain/src/main/kotlin/com/synebula/zeus/domain/model/rbac/resource/Resource.kt
@@ -4,8 +4,8 @@ import com.synebula.gaea.domain.model.Entity
 abstract class Resource(override var id: String? = null) : Entity<String>() {
    var name = ""
-    var signature = ""
+    //资源定位符，唯一标识。可以是uil，也可以是别名
-    val uri: String? = null
+    var uri = ""
    var order = 0
-    var desc = ""
+    var desc: String? = null
 }
--- a/src/zeus.domain/src/main/kotlin/com/synebula/zeus/domain/service/cmd/rbac/resource/InterfaceCmd.kt
+++ b/src/zeus.domain/src/main/kotlin/com/synebula/zeus/domain/service/cmd/rbac/resource/InterfaceCmd.kt
@@ -1,5 +1,6 @@
 package com.synebula.zeus.domain.service.cmd.rbac.resource
 class InterfaceCmd : ResourceCmd() {
    var system = ""
    var alive = true
 }
--- a/src/zeus.domain/src/main/kotlin/com/synebula/zeus/domain/service/cmd/rbac/resource/PageCmd.kt
+++ b/src/zeus.domain/src/main/kotlin/com/synebula/zeus/domain/service/cmd/rbac/resource/PageCmd.kt
@@ -3,16 +3,16 @@ package com.synebula.zeus.domain.service.cmd.rbac.resource
 class PageCmd : ResourceCmd() {
    // 上级页面
-    val supPage = 0
+    var parent = ""
    // 页面图标
-    val icon: String? = null
+    var icon: String? = null
    // 附加参数
-    val params: String? = null
+    var params: String? = null
    // 所属系统
-    val system = 0
+    var system = ""
    var alive = true
--- a/src/zeus.domain/src/main/kotlin/com/synebula/zeus/domain/service/cmd/rbac/resource/ResourceCmd.kt
+++ b/src/zeus.domain/src/main/kotlin/com/synebula/zeus/domain/service/cmd/rbac/resource/ResourceCmd.kt
@@ -5,8 +5,8 @@ import com.synebula.gaea.domain.service.Command
 abstract class ResourceCmd(var id: String? = null) : Command() {
    var name = ""
-    var signature = ""
+    //资源定位符，唯一标识。可以是uil，也可以是别名
-    val uri: String? = null
+    var uri = ""
    var order = 0
-    var desc = ""
+    var desc: String? = null
 }
--- a/src/zeus.query/src/main/kotlin/com/synebula/zeus/query/contr/resouce/IInterfaceQuery.kt
+++ b/src/zeus.query/src/main/kotlin/com/synebula/zeus/query/contr/resouce/IInterfaceQuery.kt
@@ -8,5 +8,7 @@ interface IInterfaceQuery : IQuery {
    fun withPermission(role: String): List<InterfaceView>
    fun withPermission(role: String, system: String?): List<InterfaceView>
    fun authentication(resource: String, role: String): PermissionType
 }
--- a/src/zeus.query/src/main/kotlin/com/synebula/zeus/query/contr/resouce/IPageQuery.kt
+++ b/src/zeus.query/src/main/kotlin/com/synebula/zeus/query/contr/resouce/IPageQuery.kt
@@ -8,5 +8,7 @@ interface IPageQuery : IQuery {
    fun withPermission(role: String): List<PageView>
    fun withPermission(role: String, system: String? ): List<PageView>
    fun authentication(resource: String, role: String): PermissionType
 }
--- a/src/zeus.query/src/main/kotlin/com/synebula/zeus/query/impl/resouce/InterfaceQuery.kt
+++ b/src/zeus.query/src/main/kotlin/com/synebula/zeus/query/impl/resouce/InterfaceQuery.kt
@@ -4,17 +4,36 @@ import com.synebula.gaea.mongo.query.MongoQuery
 import com.synebula.zeus.env.PermissionType
 import com.synebula.zeus.env.ResourceType
 import com.synebula.zeus.query.contr.resouce.IInterfaceQuery
 import com.synebula.zeus.query.contr.resouce.IPermissionQuery
 import com.synebula.zeus.query.contr.resouce.ISystemQuery
 import com.synebula.zeus.query.view.resource.InterfaceView
 import org.springframework.data.mongodb.core.MongoTemplate
-class InterfaceQuery(template: MongoTemplate, var permissionQuery: PermissionQuery) : MongoQuery(template), IInterfaceQuery {
+class InterfaceQuery(template: MongoTemplate, var permissionQuery: IPermissionQuery, var systemQuery: ISystemQuery) :
    MongoQuery(template),
    IInterfaceQuery {
    private val clazz = InterfaceView::class.java
    override fun withPermission(role: String): List<InterfaceView> {
-        val interfaces = this.list(mapOf(), this.clazz)
+        return this.withPermission(role, null)
    }
    override fun withPermission(role: String, system: String?): List<InterfaceView> {
        if (system != null) {
            val permission = this.systemQuery.authentication(system, role)
            if (permission == PermissionType.Deny)
                return listOf()
        }
        val params = mutableMapOf<String, Any>()
        if (system != null) params["system"] = system
        val interfaces = this.list(params, this.clazz)
        val permissions = this.permissionQuery.resourcePermissions(ResourceType.Interface, role)
-        return interfaces.filter { i -> permissions.find { p -> i.id == p.resource }?.authorization == PermissionType.Allow }
+        return interfaces.filter { i ->
            val permission = permissions.find { p -> i.id == p.resource }
            permission == null || permission.authorization == PermissionType.Allow
        }
    }
    override fun authentication(resource: String, role: String): PermissionType {
--- a/src/zeus.query/src/main/kotlin/com/synebula/zeus/query/impl/resouce/PageQuery.kt
+++ b/src/zeus.query/src/main/kotlin/com/synebula/zeus/query/impl/resouce/PageQuery.kt
@@ -4,16 +4,33 @@ import com.synebula.gaea.mongo.query.MongoQuery
 import com.synebula.zeus.env.PermissionType
 import com.synebula.zeus.env.ResourceType
 import com.synebula.zeus.query.contr.resouce.IPageQuery
 import com.synebula.zeus.query.contr.resouce.IPermissionQuery
 import com.synebula.zeus.query.contr.resouce.ISystemQuery
 import com.synebula.zeus.query.view.resource.PageView
 import org.springframework.data.mongodb.core.MongoTemplate
-class PageQuery(template: MongoTemplate, var permissionQuery: PermissionQuery) : MongoQuery(template), IPageQuery {
+class PageQuery(template: MongoTemplate, var permissionQuery: IPermissionQuery, var systemQuery: ISystemQuery) :
    MongoQuery(template), IPageQuery {
    private val clazz = PageView::class.java
    override fun withPermission(role: String): List<PageView> {
-        val pages = this.list(mapOf(), this.clazz)
+        return this.withPermission(role, null)
    }
    override fun withPermission(role: String, system: String?): List<PageView> {
        if (system != null) {
            val permission = this.systemQuery.authentication(system, role)
            if (permission == PermissionType.Deny)
                return listOf()
        }
        val params = mutableMapOf<String, Any>()
        if (system != null) params["system"] = system
        val pages = this.list(params, this.clazz)
        val permissions = this.permissionQuery.resourcePermissions(ResourceType.Page, role)
-        return pages.filter { i -> permissions.find { p -> i.id == p.resource }?.authorization == PermissionType.Allow }
+        return pages.filter { i ->
            val permission = permissions.find { p -> i.id == p.resource }
            permission == null || permission.authorization == PermissionType.Allow
        }
    }
    override fun authentication(resource: String, role: String): PermissionType {
--- a/src/zeus.query/src/main/kotlin/com/synebula/zeus/query/impl/resouce/PermissionQuery.kt
+++ b/src/zeus.query/src/main/kotlin/com/synebula/zeus/query/impl/resouce/PermissionQuery.kt
@@ -16,7 +16,7 @@ class PermissionQuery(template: MongoTemplate) : MongoQuery(template), IPermissi
    override fun resourcePermissions(resourceType: ResourceType, role: String): List<PermissionView> {
        return this.template.find(
                Query.query(
-                        Criteria.where("resourceType").`is`(resourceType)
+                        Criteria.where("type").`is`(resourceType)
                                .and("role").`is`(role)
                ), this.clazz, this.collection)
    }
--- a/src/zeus.query/src/main/kotlin/com/synebula/zeus/query/view/resource/InterfaceView.kt
+++ b/src/zeus.query/src/main/kotlin/com/synebula/zeus/query/view/resource/InterfaceView.kt
@@ -1,5 +1,6 @@
 package com.synebula.zeus.query.view.resource
 class InterfaceView : ResourceView() {
    var system = ""
    var alive = true
 }
--- a/src/zeus.query/src/main/kotlin/com/synebula/zeus/query/view/resource/PageView.kt
+++ b/src/zeus.query/src/main/kotlin/com/synebula/zeus/query/view/resource/PageView.kt
@@ -3,16 +3,16 @@ package com.synebula.zeus.query.view.resource
 class PageView : ResourceView() {
    // 上级页面
-    val supPage = 0
+    var parent = ""
    // 页面图标
-    val icon: String? = null
+    var icon: String? = null
    // 附加参数
-    val params: String? = null
+    var params: String? = null
    // 所属系统
-    val system = 0
+    var system = ""
    var alive = true
--- a/src/zeus.query/src/main/kotlin/com/synebula/zeus/query/view/resource/ResourceView.kt
+++ b/src/zeus.query/src/main/kotlin/com/synebula/zeus/query/view/resource/ResourceView.kt
@@ -3,8 +3,8 @@ package com.synebula.zeus.query.view.resource
 abstract class ResourceView(var id: String? = null) {
    var name = ""
-    var signature = ""
+    //资源定位符，唯一标识。可以是uil，也可以是别名
-    val uri: String? = null
+    var uri = ""
    var order = 0
-    var desc = ""
+    var desc: String? = null
 }