From 27e0937235e2f28e70f4b02ff58b1a8ecc4be9c1 Mon Sep 17 00:00:00 2001
From: RuoYi <yzz_ivy@163.com>
Date: 星期一, 22 八月 2022 12:03:51 +0800
Subject: [PATCH] 支持多权限字符匹配角色数据权限
---
ruoyi-framework/src/main/java/com/ruoyi/framework/web/service/PermissionService.java | 19 +++++++++----------
1 files changed, 9 insertions(+), 10 deletions(-)
diff --git a/ruoyi-framework/src/main/java/com/ruoyi/framework/web/service/PermissionService.java b/ruoyi-framework/src/main/java/com/ruoyi/framework/web/service/PermissionService.java
index 2b7ad7e..8fed7fb 100644
--- a/ruoyi-framework/src/main/java/com/ruoyi/framework/web/service/PermissionService.java
+++ b/ruoyi-framework/src/main/java/com/ruoyi/framework/web/service/PermissionService.java
@@ -1,13 +1,13 @@
package com.ruoyi.framework.web.service;
import java.util.Set;
-import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.stereotype.Service;
import org.springframework.util.CollectionUtils;
import com.ruoyi.common.core.domain.entity.SysRole;
import com.ruoyi.common.core.domain.model.LoginUser;
-import com.ruoyi.common.utils.ServletUtils;
+import com.ruoyi.common.utils.SecurityUtils;
import com.ruoyi.common.utils.StringUtils;
+import com.ruoyi.framework.security.context.PermissionContextHolder;
/**
* RuoYi首创 自定义权限实现,ss取自SpringSecurity首字母
@@ -27,9 +27,6 @@
private static final String PERMISSION_DELIMETER = ",";
- @Autowired
- private TokenService tokenService;
-
/**
* 验证用户是否具备某权限
*
@@ -42,11 +39,12 @@
{
return false;
}
- LoginUser loginUser = tokenService.getLoginUser(ServletUtils.getRequest());
+ LoginUser loginUser = SecurityUtils.getLoginUser();
if (StringUtils.isNull(loginUser) || CollectionUtils.isEmpty(loginUser.getPermissions()))
{
return false;
}
+ PermissionContextHolder.setContext(permission);
return hasPermissions(loginUser.getPermissions(), permission);
}
@@ -73,11 +71,12 @@
{
return false;
}
- LoginUser loginUser = tokenService.getLoginUser(ServletUtils.getRequest());
+ LoginUser loginUser = SecurityUtils.getLoginUser();
if (StringUtils.isNull(loginUser) || CollectionUtils.isEmpty(loginUser.getPermissions()))
{
return false;
}
+ PermissionContextHolder.setContext(permissions);
Set<String> authorities = loginUser.getPermissions();
for (String permission : permissions.split(PERMISSION_DELIMETER))
{
@@ -101,7 +100,7 @@
{
return false;
}
- LoginUser loginUser = tokenService.getLoginUser(ServletUtils.getRequest());
+ LoginUser loginUser = SecurityUtils.getLoginUser();
if (StringUtils.isNull(loginUser) || CollectionUtils.isEmpty(loginUser.getUser().getRoles()))
{
return false;
@@ -109,7 +108,7 @@
for (SysRole sysRole : loginUser.getUser().getRoles())
{
String roleKey = sysRole.getRoleKey();
- if (SUPER_ADMIN.contains(roleKey) || roleKey.contains(StringUtils.trim(role)))
+ if (SUPER_ADMIN.equals(roleKey) || roleKey.equals(StringUtils.trim(role)))
{
return true;
}
@@ -140,7 +139,7 @@
{
return false;
}
- LoginUser loginUser = tokenService.getLoginUser(ServletUtils.getRequest());
+ LoginUser loginUser = SecurityUtils.getLoginUser();
if (StringUtils.isNull(loginUser) || CollectionUtils.isEmpty(loginUser.getUser().getRoles()))
{
return false;
--
Gitblit v1.9.2