app权限控制

bonus-modules/bonus-system/src/main/java/com/bonus/system/controller/SysUserController.java

@@ -269,10 +269,12 @@ public class SysUserController extends BaseController {
             Set<String> roles = permissionService.getRolePermission(user);
             // 权限集合
             Set<String> permissions = permissionService.getMenuPermission(user);
+            Set<String> urlPermissions = permissionService.getUrlPermissions(user);
             AjaxResult ajax = AjaxResult.success();
             ajax.put("user", user);
             ajax.put("roles", roles);
             ajax.put("permissions", permissions);
+            ajax.put("urlPermissions", urlPermissions);
             return ajax;
         } catch (Exception e) {
             logger.error(e.toString(), e);

bonus-modules/bonus-system/src/main/java/com/bonus/system/mapper/SysMenuMapper.java

@@ -44,6 +44,24 @@ public interface SysMenuMapper
      */
     public List<String> selectMenuPermsByRoleId(Long roleId);
 
+    /**
+     * 根据角色ID查询权限
+     *
+     * @param roleId 角色ID
+     * @return 权限列表
+     */
+    public List<String> selectMenuUrlPermsByRoleId(Long roleId);
+
+
+    /**
+     * 根据用户ID查询路由地址权限
+     *
+     * @param userId 用户ID
+     * @return 权限列表
+     */
+    public List<String> selectMenuUrlPermsByUserId(Long userId);
+
+
     /**
      * 根据用户ID查询权限
      * 

bonus-modules/bonus-system/src/main/java/com/bonus/system/service/ISysMenuService.java

@@ -40,6 +40,24 @@ public interface ISysMenuService
      */
     public Set<String> selectMenuPermsByUserId(Long userId);
 
+    /**
+     * 根据用户ID查询路由权限
+     *
+     * @param userId 用户ID
+     * @return 权限列表
+     */
+    public Set<String> selectMenuUrlPermsByUserId(Long userId);
+
+
+    /**
+     * 根据角色ID查询权限
+     *
+     * @param roleId 角色ID
+     * @return 权限列表
+     */
+    public Set<String> selectMenuUrlPermsByRoleId(Long roleId);
+
+
     /**
      * 根据角色ID查询权限
      * 

bonus-modules/bonus-system/src/main/java/com/bonus/system/service/ISysPermissionService.java

@@ -26,4 +26,13 @@ public interface ISysPermissionService
      * @return 菜单权限信息
      */
     public Set<String> getMenuPermission(SysUser user);
+
+
+    /**
+     * 获取菜单路由地址数据权限
+     *
+     * @param user 用户Id
+     * @return 菜单权限信息
+     */
+    public Set<String> getUrlPermissions(SysUser user);
 }

bonus-modules/bonus-system/src/main/java/com/bonus/system/service/impl/SysMenuServiceImpl.java

@@ -102,6 +102,44 @@ public class SysMenuServiceImpl implements ISysMenuService
         return permsSet;
     }
 
+    /**
+     * 根据用户ID查询路由地址权限
+     *
+     * @param userId 用户ID
+     * @return 权限列表
+     */
+    @Override
+    public Set<String> selectMenuUrlPermsByUserId(Long userId)
+    {
+        List<String> perms = menuMapper.selectMenuUrlPermsByUserId(userId);
+        Set<String> permsSet = new HashSet<>();
+        for (String perm : perms)
+        {
+            if (StringUtils.isNotEmpty(perm))
+            {
+                permsSet.addAll(Arrays.asList(perm.trim().split(",")));
+            }
+        }
+        return permsSet;
+    }
+
+
+    @Override
+    public Set<String> selectMenuUrlPermsByRoleId(Long roleId)
+    {
+        List<String> perms = menuMapper.selectMenuUrlPermsByRoleId(roleId);
+        Set<String> permsSet = new HashSet<>();
+        for (String perm : perms)
+        {
+            if (StringUtils.isNotEmpty(perm))
+            {
+                permsSet.addAll(Arrays.asList(perm.trim().split(",")));
+            }
+        }
+        return permsSet;
+    }
+
+
     /**
      * 根据角色ID查询权限
      * 

bonus-modules/bonus-system/src/main/java/com/bonus/system/service/impl/SysPermissionServiceImpl.java

@@ -83,4 +83,41 @@ public class SysPermissionServiceImpl implements ISysPermissionService
         }
         return perms;
     }
+
+
+    /**
+     * 获取菜单路由地址数据权限
+     *
+     * @param user 用户Id
+     * @return 菜单权限信息
+     */
+    @Override
+    public Set<String> getUrlPermissions(SysUser user)
+    {
+        Set<String> perms = new HashSet<String>();
+        // 管理员拥有所有权限
+        if (user.isAdmin())
+        {
+            perms.add("*:*:*");
+        }
+        else
+        {
+            List<SysRole> roles = user.getRoles();
+            if (!CollectionUtils.isEmpty(roles))
+            {
+                // 多角色设置permissions属性，以便数据权限匹配权限
+                for (SysRole role : roles)
+                {
+                    Set<String> rolePerms = menuService.selectMenuUrlPermsByRoleId(role.getRoleId());
+                    role.setPermissions(rolePerms);
+                    perms.addAll(rolePerms);
+                }
+            }
+            else
+            {
+                perms.addAll(menuService.selectMenuUrlPermsByUserId(user.getUserId()));
+            }
+        }
+        return perms;
+    }
 }

bonus-modules/bonus-system/src/main/resources/mapper/system/SysMenuMapper.xml

@@ -143,6 +143,23 @@
 			 left join sys_role r on r.role_id = ur.role_id
 		where m.status = '0' and r.status = '0' and ur.user_id = #{userId}
 	</select>
+
+
+	<select id="selectMenuUrlPermsByUserId" parameterType="Long" resultType="String">
+		select distinct m.component
+		from sys_menu m
+				 left join sys_role_menu rm on m.menu_id = rm.menu_id
+				 left join sys_user_role ur on rm.role_id = ur.role_id
+				 left join sys_role r on r.role_id = ur.role_id
+		where m.status = '0' and r.status = '0' and ur.user_id = #{userId} and m.system_type = '2'
+	</select>
+
+	<select id="selectMenuUrlPermsByRoleId" parameterType="Long" resultType="String">
+		select distinct m.component
+		from sys_menu m
+				 left join sys_role_menu rm on m.menu_id = rm.menu_id
+		where m.status = '0' and rm.role_id = #{roleId} and m.system_type = '2'
+	</select>
 	
 	<select id="selectMenuPermsByRoleId" parameterType="Long" resultType="String">
 		select distinct m.perms