From 4a888a4e19778182408dd6a99c6811cd59f9b89a Mon Sep 17 00:00:00 2001 From: JEECG <445654970@qq.com> Date: Wed, 15 Oct 2025 21:21:07 +0800 Subject: [PATCH] =?UTF-8?q?=E3=80=90=E6=9D=83=E9=99=90=E6=A1=86=E6=9E=B6?= =?UTF-8?q?=E6=8D=A2=E6=88=90sa-token=E3=80=91=E6=9B=BF=E6=8D=A2sa-token?= =?UTF-8?q?=E6=9D=83=E9=99=90=E6=B3=A8=E8=A7=A3=E5=92=8C=E6=9B=BF=E6=8D=A2?= =?UTF-8?q?=E8=8E=B7=E5=8F=96=E7=94=A8=E6=88=B7=E5=B7=A5=E5=85=B7=E7=B1=BB?= =?UTF-8?q?LoginUserUtils?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- .../jeecg/common/aspect/AutoLogAspect.java | 6 +- .../base/controller/JeecgController.java | 8 +- .../util/encryption/AesEncryptUtil.java | 6 +- .../interceptor/LowCodeModeInterceptor.java | 4 +- .../config/mybatis/MybatisInterceptor.java | 4 +- .../service/impl/BaseCommonServiceImpl.java | 4 +- .../app/controller/AiragAppController.java | 8 +- .../app/controller/AiragChatController.java | 2 +- .../controller/AiragKnowledgeController.java | 20 ++--- .../llm/controller/AiragModelController.java | 8 +- .../test/controller/JeecgDemoController.java | 9 +-- .../controller/JeecgOrderMainController.java | 4 +- .../service/impl/JeecgDemoServiceImpl.java | 4 +- .../modules/aop/TenantPackUserLogAspect.java | 4 +- .../controller/OpenApiIndexController.java | 2 +- .../oss/controller/OssFileController.java | 8 +- .../controller/QuartzJobController.java | 36 ++++----- .../controller/SysAnnouncementController.java | 10 +-- .../SysAnnouncementSendController.java | 8 +- .../controller/SysAppVersionController.java | 4 +- .../controller/SysCategoryController.java | 4 +- .../controller/SysCommentController.java | 16 ++-- .../controller/SysDataSourceController.java | 6 +- .../controller/SysDepartController.java | 22 +++--- .../SysDepartPermissionController.java | 4 +- .../controller/SysDepartRoleController.java | 20 ++--- .../controller/SysDictItemController.java | 12 +-- .../controller/SysGatewayRouteController.java | 10 +-- .../system/controller/SysLogController.java | 8 +- .../controller/SysPositionController.java | 4 +- .../system/controller/SysRoleController.java | 24 +++--- .../controller/SysRoleIndexController.java | 12 +-- .../SysTableWhiteListController.java | 28 +++---- .../controller/SysTenantController.java | 76 +++++++++---------- .../system/controller/SysUserController.java | 60 +++++++-------- .../system/controller/ThirdAppController.java | 10 +-- .../modules/system/entity/SysDataLog.java | 4 +- .../impl/SysAnnouncementServiceImpl.java | 10 +-- .../system/service/impl/SysBaseApiImpl.java | 4 +- .../service/impl/SysDepartServiceImpl.java | 4 +- .../impl/SysTenantPackServiceImpl.java | 4 +- .../service/impl/SysTenantServiceImpl.java | 20 ++--- .../impl/SysThirdAccountServiceImpl.java | 4 +- .../impl/SysUserDepartServiceImpl.java | 6 +- .../service/impl/SysUserServiceImpl.java | 10 +-- .../impl/SysUserTenantServiceImpl.java | 2 +- .../controller/${entityName}Controller.javai | 14 ++-- .../controller/${entityName}Controller.javai | 18 ++--- .../controller/${entityName}Controller.javai | 14 ++-- .../controller/${entityName}Controller.javai | 18 ++--- .../controller/${entityName}Controller.javai | 18 ++--- .../controller/${entityName}Controller.javai | 18 ++--- .../controller/${entityName}Controller.javai | 18 ++--- .../controller/${entityName}Controller.javai | 4 +- .../controller/${entityName}Controller.javai | 4 +- 55 files changed, 331 insertions(+), 338 deletions(-) diff --git a/jeecg-boot/jeecg-boot-base-core/src/main/java/org/jeecg/common/aspect/AutoLogAspect.java b/jeecg-boot/jeecg-boot-base-core/src/main/java/org/jeecg/common/aspect/AutoLogAspect.java index aaf0a61f7..5a371dcda 100644 --- a/jeecg-boot/jeecg-boot-base-core/src/main/java/org/jeecg/common/aspect/AutoLogAspect.java +++ b/jeecg-boot/jeecg-boot-base-core/src/main/java/org/jeecg/common/aspect/AutoLogAspect.java @@ -2,7 +2,7 @@ package org.jeecg.common.aspect; import com.alibaba.fastjson.JSONObject; import com.alibaba.fastjson.serializer.PropertyFilter; -import org.apache.shiro.SecurityUtils; +import org.jeecg.common.util.LoginUserUtils; import org.aspectj.lang.JoinPoint; import org.aspectj.lang.ProceedingJoinPoint; import org.aspectj.lang.annotation.Around; @@ -100,7 +100,7 @@ public class AutoLogAspect { //设置IP地址 dto.setIp(IpUtils.getIpAddr(request)); //获取登录用户信息 - LoginUser sysUser = (LoginUser) SecurityUtils.getSubject().getPrincipal(); + LoginUser sysUser = LoginUserUtils.getLoginUser(); if(sysUser!=null){ dto.setUserid(sysUser.getUsername()); dto.setUsername(sysUser.getRealname()); @@ -244,7 +244,7 @@ public class AutoLogAspect { sysLog.setIp(IPUtils.getIpAddr(request)); //获取登录用户信息 - LoginUser sysUser = (LoginUser)SecurityUtils.getSubject().getPrincipal(); + LoginUser sysUser = LoginUserUtils.getLoginUser(); if(sysUser!=null){ sysLog.setUserid(sysUser.getUsername()); sysLog.setUsername(sysUser.getRealname()); diff --git a/jeecg-boot/jeecg-boot-base-core/src/main/java/org/jeecg/common/system/base/controller/JeecgController.java b/jeecg-boot/jeecg-boot-base-core/src/main/java/org/jeecg/common/system/base/controller/JeecgController.java index a89c2652f..6a95f09cd 100644 --- a/jeecg-boot/jeecg-boot-base-core/src/main/java/org/jeecg/common/system/base/controller/JeecgController.java +++ b/jeecg-boot/jeecg-boot-base-core/src/main/java/org/jeecg/common/system/base/controller/JeecgController.java @@ -6,10 +6,10 @@ import com.baomidou.mybatisplus.extension.plugins.pagination.Page; import com.baomidou.mybatisplus.extension.service.IService; import lombok.extern.slf4j.Slf4j; import org.apache.commons.beanutils.PropertyUtils; -import org.apache.shiro.SecurityUtils; import org.jeecg.common.api.vo.Result; import org.jeecg.common.system.query.QueryGenerator; import org.jeecg.common.system.vo.LoginUser; +import org.jeecg.common.util.LoginUserUtils; import org.jeecg.common.util.oConvertUtils; import org.jeecg.config.JeecgBaseConfig; import org.jeecgframework.poi.excel.ExcelImportUtil; @@ -52,7 +52,7 @@ public class JeecgController> { protected ModelAndView exportXls(HttpServletRequest request, T object, Class clazz, String title) { // Step.1 组装查询条件 QueryWrapper queryWrapper = QueryGenerator.initQueryWrapper(object, request.getParameterMap()); - LoginUser sysUser = (LoginUser) SecurityUtils.getSubject().getPrincipal(); + LoginUser sysUser = LoginUserUtils.getLoginUser(); // 过滤选中数据 String selections = request.getParameter("selections"); @@ -90,7 +90,7 @@ public class JeecgController> { protected ModelAndView exportXlsSheet(HttpServletRequest request, T object, Class clazz, String title,String exportFields,Integer pageNum) { // Step.1 组装查询条件 QueryWrapper queryWrapper = QueryGenerator.initQueryWrapper(object, request.getParameterMap()); - LoginUser sysUser = (LoginUser) SecurityUtils.getSubject().getPrincipal(); + LoginUser sysUser = LoginUserUtils.getLoginUser(); // Step.2 计算分页sheet数据 double total = service.count(); int count = (int)Math.ceil(total/pageNum); @@ -142,7 +142,7 @@ public class JeecgController> { protected ModelAndView exportXlsForBigData(HttpServletRequest request, T object, Class clazz, String title,Integer pageSize) { // 组装查询条件 QueryWrapper queryWrapper = QueryGenerator.initQueryWrapper(object, request.getParameterMap()); - LoginUser sysUser = (LoginUser) SecurityUtils.getSubject().getPrincipal(); + LoginUser sysUser = LoginUserUtils.getLoginUser(); // 计算分页数 double total = service.count(); int count = (int) Math.ceil(total / pageSize); diff --git a/jeecg-boot/jeecg-boot-base-core/src/main/java/org/jeecg/common/util/encryption/AesEncryptUtil.java b/jeecg-boot/jeecg-boot-base-core/src/main/java/org/jeecg/common/util/encryption/AesEncryptUtil.java index 3dc3f2a0a..ce8581bba 100644 --- a/jeecg-boot/jeecg-boot-base-core/src/main/java/org/jeecg/common/util/encryption/AesEncryptUtil.java +++ b/jeecg-boot/jeecg-boot-base-core/src/main/java/org/jeecg/common/util/encryption/AesEncryptUtil.java @@ -1,6 +1,6 @@ package org.jeecg.common.util.encryption; -import org.apache.shiro.lang.codec.Base64; +import java.util.Base64; import javax.crypto.Cipher; import javax.crypto.spec.IvParameterSpec; import javax.crypto.spec.SecretKeySpec; @@ -48,7 +48,7 @@ public class AesEncryptUtil { cipher.init(Cipher.ENCRYPT_MODE, keyspec, ivspec); byte[] encrypted = cipher.doFinal(plaintext); - return Base64.encodeToString(encrypted); + return Base64.getEncoder().encodeToString(encrypted); } catch (Exception e) { e.printStackTrace(); @@ -66,7 +66,7 @@ public class AesEncryptUtil { */ public static String desEncrypt(String data, String key, String iv) throws Exception { //update-begin-author:taoyan date:2022-5-23 for:VUEN-1084 【vue3】online表单测试发现的新问题 6、解密报错 ---解码失败应该把异常抛出去,在外面处理 - byte[] encrypted1 = Base64.decode(data); + byte[] encrypted1 = Base64.getDecoder().decode(data); Cipher cipher = Cipher.getInstance("AES/CBC/NoPadding"); SecretKeySpec keyspec = new SecretKeySpec(key.getBytes(), "AES"); diff --git a/jeecg-boot/jeecg-boot-base-core/src/main/java/org/jeecg/config/firewall/interceptor/LowCodeModeInterceptor.java b/jeecg-boot/jeecg-boot-base-core/src/main/java/org/jeecg/config/firewall/interceptor/LowCodeModeInterceptor.java index e7383ed5f..2519814db 100644 --- a/jeecg-boot/jeecg-boot-base-core/src/main/java/org/jeecg/config/firewall/interceptor/LowCodeModeInterceptor.java +++ b/jeecg-boot/jeecg-boot-base-core/src/main/java/org/jeecg/config/firewall/interceptor/LowCodeModeInterceptor.java @@ -2,7 +2,7 @@ package org.jeecg.config.firewall.interceptor; import com.alibaba.fastjson.JSON; import lombok.extern.slf4j.Slf4j; -import org.apache.shiro.SecurityUtils; +import org.jeecg.common.util.LoginUserUtils; import org.jeecg.common.api.CommonAPI; import org.jeecg.common.api.vo.Result; import org.jeecg.common.constant.CommonConstant; @@ -68,7 +68,7 @@ public class LowCodeModeInterceptor implements HandlerInterceptor { if (jeecgBaseConfig.getFirewall()!=null && LowCodeModeInterceptor.LOW_CODE_MODE_PROD.equals(jeecgBaseConfig.getFirewall().getLowCodeMode())) { String requestURI = request.getRequestURI().substring(request.getContextPath().length()); log.info("低代码模式,拦截请求路径:" + requestURI); - LoginUser loginUser = (LoginUser) SecurityUtils.getSubject().getPrincipal(); + LoginUser loginUser = LoginUserUtils.getLoginUser(); Set hasRoles = null; if (loginUser == null) { loginUser = commonAPI.getUserByName(JwtUtil.getUserNameByToken(SpringContextUtils.getHttpServletRequest())); diff --git a/jeecg-boot/jeecg-boot-base-core/src/main/java/org/jeecg/config/mybatis/MybatisInterceptor.java b/jeecg-boot/jeecg-boot-base-core/src/main/java/org/jeecg/config/mybatis/MybatisInterceptor.java index aef226679..6828efa93 100644 --- a/jeecg-boot/jeecg-boot-base-core/src/main/java/org/jeecg/config/mybatis/MybatisInterceptor.java +++ b/jeecg-boot/jeecg-boot-base-core/src/main/java/org/jeecg/config/mybatis/MybatisInterceptor.java @@ -6,7 +6,7 @@ import org.apache.ibatis.executor.Executor; import org.apache.ibatis.mapping.MappedStatement; import org.apache.ibatis.mapping.SqlCommandType; import org.apache.ibatis.plugin.*; -import org.apache.shiro.SecurityUtils; +import org.jeecg.common.util.LoginUserUtils; import org.jeecg.common.config.TenantContext; import org.jeecg.common.constant.TenantConstant; import org.jeecg.common.system.vo.LoginUser; @@ -192,7 +192,7 @@ public class MybatisInterceptor implements Interceptor { private LoginUser getLoginUser() { LoginUser sysUser = null; try { - sysUser = SecurityUtils.getSubject().getPrincipal() != null ? (LoginUser) SecurityUtils.getSubject().getPrincipal() : null; + sysUser = LoginUserUtils.getLoginUser() != null ? LoginUserUtils.getLoginUser() : null; } catch (Exception e) { //e.printStackTrace(); sysUser = null; diff --git a/jeecg-boot/jeecg-boot-base-core/src/main/java/org/jeecg/modules/base/service/impl/BaseCommonServiceImpl.java b/jeecg-boot/jeecg-boot-base-core/src/main/java/org/jeecg/modules/base/service/impl/BaseCommonServiceImpl.java index b24954cad..58d4ac926 100644 --- a/jeecg-boot/jeecg-boot-base-core/src/main/java/org/jeecg/modules/base/service/impl/BaseCommonServiceImpl.java +++ b/jeecg-boot/jeecg-boot-base-core/src/main/java/org/jeecg/modules/base/service/impl/BaseCommonServiceImpl.java @@ -2,7 +2,7 @@ package org.jeecg.modules.base.service.impl; import com.baomidou.mybatisplus.core.toolkit.IdWorker; import lombok.extern.slf4j.Slf4j; -import org.apache.shiro.SecurityUtils; +import org.jeecg.common.util.LoginUserUtils; import org.jeecg.common.api.dto.LogDTO; import org.jeecg.common.constant.enums.ClientTerminalTypeEnum; import org.jeecg.common.util.BrowserUtils; @@ -74,7 +74,7 @@ public class BaseCommonServiceImpl implements BaseCommonService { //获取登录用户信息 if(user==null){ try { - user = (LoginUser) SecurityUtils.getSubject().getPrincipal(); + user = LoginUserUtils.getLoginUser(); } catch (Exception e) { //e.printStackTrace(); } diff --git a/jeecg-boot/jeecg-boot-module/jeecg-boot-module-airag/src/main/java/org/jeecg/modules/airag/app/controller/AiragAppController.java b/jeecg-boot/jeecg-boot-module/jeecg-boot-module-airag/src/main/java/org/jeecg/modules/airag/app/controller/AiragAppController.java index 9843b5228..7d93377dc 100644 --- a/jeecg-boot/jeecg-boot-module/jeecg-boot-module-airag/src/main/java/org/jeecg/modules/airag/app/controller/AiragAppController.java +++ b/jeecg-boot/jeecg-boot-module/jeecg-boot-module-airag/src/main/java/org/jeecg/modules/airag/app/controller/AiragAppController.java @@ -1,17 +1,17 @@ package org.jeecg.modules.airag.app.controller; +import cn.dev33.satoken.annotation.SaCheckPermission; import com.baomidou.mybatisplus.core.conditions.query.QueryWrapper; import com.baomidou.mybatisplus.core.metadata.IPage; import com.baomidou.mybatisplus.extension.plugins.pagination.Page; import lombok.extern.slf4j.Slf4j; -import org.apache.shiro.authz.annotation.RequiresPermissions; import org.jeecg.common.api.vo.Result; import org.jeecg.common.system.base.controller.JeecgController; import org.jeecg.common.system.query.QueryGenerator; import org.jeecg.common.util.AssertUtils; import org.jeecg.common.util.TokenUtils; import org.jeecg.config.mybatis.MybatisPlusSaasConfig; -import org.jeecg.config.shiro.IgnoreAuth; +import org.jeecg.config.satoken.IgnoreAuth; import org.jeecg.modules.airag.app.consts.AiAppConsts; import org.jeecg.modules.airag.app.entity.AiragApp; import org.jeecg.modules.airag.app.service.IAiragAppService; @@ -67,7 +67,7 @@ public class AiragAppController extends JeecgController edit(@RequestBody AiragApp airagApp) { AssertUtils.assertNotEmpty("参数异常", airagApp); AssertUtils.assertNotEmpty("请输入应用名称", airagApp.getName()); @@ -106,7 +106,7 @@ public class AiragAppController extends JeecgController delete(HttpServletRequest request,@RequestParam(name = "id", required = true) String id) { //update-begin---author:chenrui ---date:20250606 for:[issues/8337]关于ai工作列表的数据权限问题 #8337------------ //如果是saas隔离的情况下,判断当前租户id是否是当前租户下的 diff --git a/jeecg-boot/jeecg-boot-module/jeecg-boot-module-airag/src/main/java/org/jeecg/modules/airag/app/controller/AiragChatController.java b/jeecg-boot/jeecg-boot-module/jeecg-boot-module-airag/src/main/java/org/jeecg/modules/airag/app/controller/AiragChatController.java index 5fe7e0014..82f8ebdd4 100644 --- a/jeecg-boot/jeecg-boot-module/jeecg-boot-module-airag/src/main/java/org/jeecg/modules/airag/app/controller/AiragChatController.java +++ b/jeecg-boot/jeecg-boot-module/jeecg-boot-module-airag/src/main/java/org/jeecg/modules/airag/app/controller/AiragChatController.java @@ -6,7 +6,7 @@ import lombok.extern.slf4j.Slf4j; import org.jeecg.common.api.vo.Result; import org.jeecg.common.constant.CommonConstant; import org.jeecg.common.util.CommonUtils; -import org.jeecg.config.shiro.IgnoreAuth; +import org.jeecg.config.satoken.IgnoreAuth; import org.jeecg.modules.airag.app.service.IAiragChatService; import org.jeecg.modules.airag.app.vo.ChatConversation; import org.jeecg.modules.airag.app.vo.ChatSendParams; diff --git a/jeecg-boot/jeecg-boot-module/jeecg-boot-module-airag/src/main/java/org/jeecg/modules/airag/llm/controller/AiragKnowledgeController.java b/jeecg-boot/jeecg-boot-module/jeecg-boot-module-airag/src/main/java/org/jeecg/modules/airag/llm/controller/AiragKnowledgeController.java index d7b520e47..72e23dfa0 100644 --- a/jeecg-boot/jeecg-boot-module/jeecg-boot-module-airag/src/main/java/org/jeecg/modules/airag/llm/controller/AiragKnowledgeController.java +++ b/jeecg-boot/jeecg-boot-module/jeecg-boot-module-airag/src/main/java/org/jeecg/modules/airag/llm/controller/AiragKnowledgeController.java @@ -1,10 +1,10 @@ package org.jeecg.modules.airag.llm.controller; +import cn.dev33.satoken.annotation.SaCheckPermission; import com.baomidou.mybatisplus.core.conditions.query.QueryWrapper; import com.baomidou.mybatisplus.core.metadata.IPage; import com.baomidou.mybatisplus.extension.plugins.pagination.Page; import lombok.extern.slf4j.Slf4j; -import org.apache.shiro.authz.annotation.RequiresPermissions; import org.jeecg.common.api.vo.Result; import org.jeecg.common.system.query.QueryGenerator; import org.jeecg.common.util.AssertUtils; @@ -77,7 +77,7 @@ public class AiragKnowledgeController { * @date 2025/2/18 17:09 */ @PostMapping(value = "/add") - @RequiresPermissions("airag:knowledge:add") + @SaCheckPermission("airag:knowledge:add") public Result add(@RequestBody AiragKnowledge airagKnowledge) { airagKnowledge.setStatus(LLMConsts.STATUS_ENABLE); airagKnowledgeService.save(airagKnowledge); @@ -94,7 +94,7 @@ public class AiragKnowledgeController { */ @Transactional(rollbackFor = Exception.class) @RequestMapping(value = "/edit", method = {RequestMethod.PUT, RequestMethod.POST}) - @RequiresPermissions("airag:knowledge:edit") + @SaCheckPermission("airag:knowledge:edit") public Result edit(@RequestBody AiragKnowledge airagKnowledge) { AiragKnowledge airagKnowledgeEntity = airagKnowledgeService.getById(airagKnowledge.getId()); if (airagKnowledgeEntity == null) { @@ -118,7 +118,7 @@ public class AiragKnowledgeController { * @date 2025/3/12 17:05 */ @PutMapping(value = "/rebuild") - @RequiresPermissions("airag:knowledge:rebuild") + @SaCheckPermission("airag:knowledge:rebuild") public Result rebuild(@RequestParam("knowIds") String knowIds) { String[] knowIdArr = knowIds.split(","); for (String knowId : knowIdArr) { @@ -137,7 +137,7 @@ public class AiragKnowledgeController { */ @Transactional(rollbackFor = Exception.class) @DeleteMapping(value = "/delete") - @RequiresPermissions("airag:knowledge:delete") + @SaCheckPermission("airag:knowledge:delete") public Result delete(HttpServletRequest request, @RequestParam(name = "id", required = true) String id) { //update-begin---author:chenrui ---date:20250606 for:[issues/8337]关于ai工作列表的数据权限问题 #8337------------ //如果是saas隔离的情况下,判断当前租户id是否是当前租户下的 @@ -204,7 +204,7 @@ public class AiragKnowledgeController { * @date 2025/2/18 15:47 */ @PostMapping(value = "/doc/edit") - @RequiresPermissions("airag:knowledge:doc:edit") + @SaCheckPermission("airag:knowledge:doc:edit") public Result addDocument(@RequestBody AiragKnowledgeDoc airagKnowledgeDoc) { return airagKnowledgeDocService.editDocument(airagKnowledgeDoc); } @@ -217,7 +217,7 @@ public class AiragKnowledgeController { * @date 2025/3/20 11:29 */ @PostMapping(value = "/doc/import/zip") - @RequiresPermissions("airag:knowledge:doc:zip") + @SaCheckPermission("airag:knowledge:doc:zip") public Result importDocumentFromZip(@RequestParam(name = "knowId", required = true) String knowId, @RequestParam(name = "file", required = true) MultipartFile file) { return airagKnowledgeDocService.importDocumentFromZip(knowId,file); @@ -244,7 +244,7 @@ public class AiragKnowledgeController { * @date 2025/2/18 15:47 */ @PutMapping(value = "/doc/rebuild") - @RequiresPermissions("airag:knowledge:doc:rebuild") + @SaCheckPermission("airag:knowledge:doc:rebuild") public Result rebuildDocument(@RequestParam("docIds") String docIds) { return airagKnowledgeDocService.rebuildDocument(docIds); } @@ -259,7 +259,7 @@ public class AiragKnowledgeController { */ @Transactional(rollbackFor = Exception.class) @DeleteMapping(value = "/doc/deleteBatch") - @RequiresPermissions("airag:knowledge:doc:deleteBatch") + @SaCheckPermission("airag:knowledge:doc:deleteBatch") public Result deleteDocumentBatch(HttpServletRequest request, @RequestParam(name = "ids", required = true) String ids) { List idsList = Arrays.asList(ids.split(",")); //update-begin---author:chenrui ---date:20250606 for:[issues/8337]关于ai工作列表的数据权限问题 #8337------------ @@ -287,7 +287,7 @@ public class AiragKnowledgeController { */ @Transactional(rollbackFor = Exception.class) @DeleteMapping(value = "/doc/deleteAll") - @RequiresPermissions("airag:knowledge:doc:deleteAll") + @SaCheckPermission("airag:knowledge:doc:deleteAll") public Result deleteDocumentAll(HttpServletRequest request, @RequestParam(name = "knowId") String knowId) { //update-begin---author:chenrui ---date:20250606 for:[issues/8337]关于ai工作列表的数据权限问题 #8337------------ //如果是saas隔离的情况下,判断当前租户id是否是当前租户下的 diff --git a/jeecg-boot/jeecg-boot-module/jeecg-boot-module-airag/src/main/java/org/jeecg/modules/airag/llm/controller/AiragModelController.java b/jeecg-boot/jeecg-boot-module/jeecg-boot-module-airag/src/main/java/org/jeecg/modules/airag/llm/controller/AiragModelController.java index fe68577c7..d69129c81 100644 --- a/jeecg-boot/jeecg-boot-module/jeecg-boot-module-airag/src/main/java/org/jeecg/modules/airag/llm/controller/AiragModelController.java +++ b/jeecg-boot/jeecg-boot-module/jeecg-boot-module-airag/src/main/java/org/jeecg/modules/airag/llm/controller/AiragModelController.java @@ -1,5 +1,6 @@ package org.jeecg.modules.airag.llm.controller; +import cn.dev33.satoken.annotation.SaCheckPermission; import com.baomidou.mybatisplus.core.conditions.query.QueryWrapper; import com.baomidou.mybatisplus.core.metadata.IPage; import com.baomidou.mybatisplus.extension.plugins.pagination.Page; @@ -7,7 +8,6 @@ import dev.langchain4j.data.message.UserMessage; import dev.langchain4j.model.embedding.EmbeddingModel; import io.swagger.v3.oas.annotations.tags.Tag; import lombok.extern.slf4j.Slf4j; -import org.apache.shiro.authz.annotation.RequiresPermissions; import org.jeecg.ai.factory.AiModelFactory; import org.jeecg.ai.factory.AiModelOptions; import org.jeecg.common.api.vo.Result; @@ -72,7 +72,7 @@ public class AiragModelController extends JeecgController add(@RequestBody AiragModel airagModel) { // 验证 模型名称/模型类型/基础模型 AssertUtils.assertNotEmpty("模型名称不能为空", airagModel.getName()); @@ -94,7 +94,7 @@ public class AiragModelController extends JeecgController edit(@RequestBody AiragModel airagModel) { airagModelService.updateById(airagModel); return Result.OK("编辑成功!"); @@ -107,7 +107,7 @@ public class AiragModelController extends JeecgController delete(HttpServletRequest request, @RequestParam(name = "id", required = true) String id) { //update-begin---author:chenrui ---date:20250606 for:[issues/8337]关于ai工作列表的数据权限问题 #8337------------ //如果是saas隔离的情况下,判断当前租户id是否是当前租户下的 diff --git a/jeecg-boot/jeecg-boot-module/jeecg-module-demo/src/main/java/org/jeecg/modules/demo/test/controller/JeecgDemoController.java b/jeecg-boot/jeecg-boot-module/jeecg-module-demo/src/main/java/org/jeecg/modules/demo/test/controller/JeecgDemoController.java index b80a3f5f1..b2e79ebf7 100644 --- a/jeecg-boot/jeecg-boot-module/jeecg-module-demo/src/main/java/org/jeecg/modules/demo/test/controller/JeecgDemoController.java +++ b/jeecg-boot/jeecg-boot-module/jeecg-module-demo/src/main/java/org/jeecg/modules/demo/test/controller/JeecgDemoController.java @@ -10,8 +10,6 @@ import io.swagger.v3.oas.annotations.Operation; import io.swagger.v3.oas.annotations.Parameter; import io.swagger.v3.oas.annotations.tags.Tag; import lombok.extern.slf4j.Slf4j; -import org.apache.shiro.SecurityUtils; -import org.apache.shiro.mgt.DefaultSecurityManager; import org.jeecg.common.api.vo.Result; import org.jeecg.common.aspect.annotation.AutoLog; import org.jeecg.common.aspect.annotation.PermissionData; @@ -21,7 +19,7 @@ import org.jeecg.common.system.query.QueryGenerator; import org.jeecg.common.util.DateUtils; import org.jeecg.common.util.RedisUtil; import org.jeecg.common.util.UUIDGenerator; -import org.jeecg.config.shiro.IgnoreAuth; +import org.jeecg.config.satoken.IgnoreAuth; import org.jeecg.modules.demo.test.entity.JeecgDemo; import org.jeecg.modules.demo.test.service.IJeecgDemoService; import org.springframework.beans.factory.annotation.Autowired; @@ -477,11 +475,6 @@ public class JeecgDemoController extends JeecgController test() { - //解决shiro报错No SecurityManager accessible to the calling code, either bound to the org.apache.shiro - // https://blog.csdn.net/Japhet_jiu/article/details/131177210 - DefaultSecurityManager securityManager = new DefaultSecurityManager(); - SecurityUtils.setSecurityManager(securityManager); - return Mono.just("测试"); } diff --git a/jeecg-boot/jeecg-boot-module/jeecg-module-demo/src/main/java/org/jeecg/modules/demo/test/controller/JeecgOrderMainController.java b/jeecg-boot/jeecg-boot-module/jeecg-module-demo/src/main/java/org/jeecg/modules/demo/test/controller/JeecgOrderMainController.java index 601d9aae6..c71abc6ff 100644 --- a/jeecg-boot/jeecg-boot-module/jeecg-module-demo/src/main/java/org/jeecg/modules/demo/test/controller/JeecgOrderMainController.java +++ b/jeecg-boot/jeecg-boot-module/jeecg-module-demo/src/main/java/org/jeecg/modules/demo/test/controller/JeecgOrderMainController.java @@ -8,11 +8,11 @@ import java.util.Map; import jakarta.servlet.http.HttpServletRequest; import jakarta.servlet.http.HttpServletResponse; -import org.apache.shiro.SecurityUtils; import org.jeecg.common.api.vo.Result; import org.jeecg.common.system.base.controller.JeecgController; import org.jeecg.common.system.query.QueryGenerator; import org.jeecg.common.system.vo.LoginUser; +import org.jeecg.common.util.LoginUserUtils; import org.jeecg.common.util.oConvertUtils; import org.jeecg.modules.demo.test.entity.JeecgDemo; import org.jeecg.modules.demo.test.entity.JeecgOrderCustomer; @@ -184,7 +184,7 @@ public class JeecgOrderMainController extends JeecgController pageList = new ArrayList(); diff --git a/jeecg-boot/jeecg-boot-module/jeecg-module-demo/src/main/java/org/jeecg/modules/demo/test/service/impl/JeecgDemoServiceImpl.java b/jeecg-boot/jeecg-boot-module/jeecg-module-demo/src/main/java/org/jeecg/modules/demo/test/service/impl/JeecgDemoServiceImpl.java index dfb144349..4cb351592 100644 --- a/jeecg-boot/jeecg-boot-module/jeecg-module-demo/src/main/java/org/jeecg/modules/demo/test/service/impl/JeecgDemoServiceImpl.java +++ b/jeecg-boot/jeecg-boot-module/jeecg-module-demo/src/main/java/org/jeecg/modules/demo/test/service/impl/JeecgDemoServiceImpl.java @@ -3,10 +3,10 @@ package org.jeecg.modules.demo.test.service.impl; import com.baomidou.mybatisplus.core.metadata.IPage; import com.baomidou.mybatisplus.extension.plugins.pagination.Page; import com.baomidou.mybatisplus.extension.service.impl.ServiceImpl; -import org.apache.shiro.SecurityUtils; import org.jeecg.common.constant.CacheConstant; import org.jeecg.common.system.query.QueryGenerator; import org.jeecg.common.system.vo.LoginUser; +import org.jeecg.common.util.LoginUserUtils; import org.jeecg.modules.demo.test.entity.JeecgDemo; import org.jeecg.modules.demo.test.mapper.JeecgDemoMapper; import org.jeecg.modules.demo.test.service.IJeecgDemoService; @@ -97,7 +97,7 @@ public class JeecgDemoServiceImpl extends ServiceImpl noAuthList = new ArrayList<>(); diff --git a/jeecg-boot/jeecg-module-system/jeecg-system-biz/src/main/java/org/jeecg/modules/aop/TenantPackUserLogAspect.java b/jeecg-boot/jeecg-module-system/jeecg-system-biz/src/main/java/org/jeecg/modules/aop/TenantPackUserLogAspect.java index 9b7db157b..6cd49479b 100644 --- a/jeecg-boot/jeecg-module-system/jeecg-system-biz/src/main/java/org/jeecg/modules/aop/TenantPackUserLogAspect.java +++ b/jeecg-boot/jeecg-module-system/jeecg-system-biz/src/main/java/org/jeecg/modules/aop/TenantPackUserLogAspect.java @@ -1,6 +1,6 @@ package org.jeecg.modules.aop; -import org.apache.shiro.SecurityUtils; +import org.jeecg.common.util.LoginUserUtils; import org.aspectj.lang.ProceedingJoinPoint; import org.aspectj.lang.annotation.AfterThrowing; import org.aspectj.lang.annotation.Around; @@ -79,7 +79,7 @@ public class TenantPackUserLogAspect { dto.setOperateType(opType); dto.setTenantId(tenantId); //获取登录用户信息 - LoginUser sysUser = (LoginUser) SecurityUtils.getSubject().getPrincipal(); + LoginUser sysUser = LoginUserUtils.getLoginUser(); if(sysUser!=null){ dto.setUserid(sysUser.getUsername()); dto.setUsername(sysUser.getRealname()); diff --git a/jeecg-boot/jeecg-module-system/jeecg-system-biz/src/main/java/org/jeecg/modules/openapi/controller/OpenApiIndexController.java b/jeecg-boot/jeecg-module-system/jeecg-system-biz/src/main/java/org/jeecg/modules/openapi/controller/OpenApiIndexController.java index 36fcba8ab..b94e2eb47 100644 --- a/jeecg-boot/jeecg-module-system/jeecg-system-biz/src/main/java/org/jeecg/modules/openapi/controller/OpenApiIndexController.java +++ b/jeecg-boot/jeecg-module-system/jeecg-system-biz/src/main/java/org/jeecg/modules/openapi/controller/OpenApiIndexController.java @@ -1,7 +1,7 @@ package org.jeecg.modules.openapi.controller; import org.jeecg.common.api.vo.Result; -import org.jeecg.config.shiro.IgnoreAuth; +import org.jeecg.config.satoken.IgnoreAuth; import org.springframework.web.bind.annotation.GetMapping; import org.springframework.web.bind.annotation.RequestMapping; import org.springframework.web.bind.annotation.RestController; diff --git a/jeecg-boot/jeecg-module-system/jeecg-system-biz/src/main/java/org/jeecg/modules/oss/controller/OssFileController.java b/jeecg-boot/jeecg-module-system/jeecg-system-biz/src/main/java/org/jeecg/modules/oss/controller/OssFileController.java index 21eeb3ee0..1a3e27c32 100644 --- a/jeecg-boot/jeecg-module-system/jeecg-system-biz/src/main/java/org/jeecg/modules/oss/controller/OssFileController.java +++ b/jeecg-boot/jeecg-module-system/jeecg-system-biz/src/main/java/org/jeecg/modules/oss/controller/OssFileController.java @@ -2,8 +2,8 @@ package org.jeecg.modules.oss.controller; import jakarta.servlet.http.HttpServletRequest; -import org.apache.shiro.authz.annotation.RequiresPermissions; -import org.apache.shiro.authz.annotation.RequiresRoles; +import cn.dev33.satoken.annotation.SaCheckPermission; +import cn.dev33.satoken.annotation.SaCheckRole; import org.jeecg.common.api.vo.Result; import org.jeecg.common.system.query.QueryGenerator; import org.jeecg.modules.oss.entity.OssFile; @@ -47,8 +47,8 @@ public class OssFileController { @ResponseBody @PostMapping("/upload") - //@RequiresRoles("admin") - @RequiresPermissions("system:ossFile:upload") + //@SaCheckRole("admin") + @SaCheckPermission("system:ossFile:upload") public Result upload(@RequestParam("file") MultipartFile multipartFile) { Result result = new Result(); try { diff --git a/jeecg-boot/jeecg-module-system/jeecg-system-biz/src/main/java/org/jeecg/modules/quartz/controller/QuartzJobController.java b/jeecg-boot/jeecg-module-system/jeecg-system-biz/src/main/java/org/jeecg/modules/quartz/controller/QuartzJobController.java index ad2e3930d..462d3b189 100644 --- a/jeecg-boot/jeecg-module-system/jeecg-system-biz/src/main/java/org/jeecg/modules/quartz/controller/QuartzJobController.java +++ b/jeecg-boot/jeecg-module-system/jeecg-system-biz/src/main/java/org/jeecg/modules/quartz/controller/QuartzJobController.java @@ -6,9 +6,9 @@ import com.baomidou.mybatisplus.extension.plugins.pagination.Page; import io.swagger.v3.oas.annotations.tags.Tag; import io.swagger.v3.oas.annotations.Operation; import lombok.extern.slf4j.Slf4j; -import org.apache.shiro.SecurityUtils; -import org.apache.shiro.authz.annotation.RequiresPermissions; -import org.apache.shiro.authz.annotation.RequiresRoles; +import org.jeecg.common.util.LoginUserUtils; +import cn.dev33.satoken.annotation.SaCheckPermission; +import cn.dev33.satoken.annotation.SaCheckRole; import org.jeecg.common.api.vo.Result; import org.jeecg.common.constant.CommonConstant; import org.jeecg.common.constant.SymbolConstant; @@ -80,8 +80,8 @@ public class QuartzJobController { * @param quartzJob * @return */ - //@RequiresRoles("admin") - @RequiresPermissions("system:quartzJob:add") + //@SaCheckRole("admin") + @SaCheckPermission("system:quartzJob:add") @RequestMapping(value = "/add", method = RequestMethod.POST) public Result add(@RequestBody QuartzJob quartzJob) { quartzJobService.saveAndScheduleJob(quartzJob); @@ -94,8 +94,8 @@ public class QuartzJobController { * @param quartzJob * @return */ - //@RequiresRoles("admin") - @RequiresPermissions("system:quartzJob:edit") + //@SaCheckRole("admin") + @SaCheckPermission("system:quartzJob:edit") @RequestMapping(value = "/edit", method ={RequestMethod.PUT, RequestMethod.POST}) public Result eidt(@RequestBody QuartzJob quartzJob) { try { @@ -113,8 +113,8 @@ public class QuartzJobController { * @param id * @return */ - //@RequiresRoles("admin") - @RequiresPermissions("system:quartzJob:delete") + //@SaCheckRole("admin") + @SaCheckPermission("system:quartzJob:delete") @RequestMapping(value = "/delete", method = RequestMethod.DELETE) public Result delete(@RequestParam(name = "id", required = true) String id) { QuartzJob quartzJob = quartzJobService.getById(id); @@ -132,8 +132,8 @@ public class QuartzJobController { * @param ids * @return */ - //@RequiresRoles("admin") - @RequiresPermissions("system:quartzJob:deleteBatch") + //@SaCheckRole("admin") + @SaCheckPermission("system:quartzJob:deleteBatch") @RequestMapping(value = "/deleteBatch", method = RequestMethod.DELETE) public Result deleteBatch(@RequestParam(name = "ids", required = true) String ids) { if (ids == null || "".equals(ids.trim())) { @@ -152,8 +152,8 @@ public class QuartzJobController { * @param id * @return */ - //@RequiresRoles("admin") - @RequiresPermissions("system:quartzJob:pause") + //@SaCheckRole("admin") + @SaCheckPermission("system:quartzJob:pause") @GetMapping(value = "/pause") @Operation(summary = "停止定时任务") public Result pauseJob(@RequestParam(name = "id") String id) { @@ -171,8 +171,8 @@ public class QuartzJobController { * @param id * @return */ - //@RequiresRoles("admin") - @RequiresPermissions("system:quartzJob:resume") + //@SaCheckRole("admin") + @SaCheckPermission("system:quartzJob:resume") @GetMapping(value = "/resume") @Operation(summary = "启动定时任务") public Result resumeJob(@RequestParam(name = "id") String id) { @@ -221,7 +221,7 @@ public class QuartzJobController { mv.addObject(NormalExcelConstants.CLASS, QuartzJob.class); //获取当前登录用户 //update-begin---author:wangshuai ---date:20211227 for:[JTC-116]导出人写死了------------ - LoginUser user = (LoginUser) SecurityUtils.getSubject().getPrincipal(); + LoginUser user = LoginUserUtils.getLoginUser(); mv.addObject(NormalExcelConstants.PARAMS, new ExportParams("定时任务列表数据", "导出人:"+user.getRealname(), "导出信息")); //update-end---author:wangshuai ---date:20211227 for:[JTC-116]导出人写死了------------ mv.addObject(NormalExcelConstants.DATA_LIST, pageList); @@ -278,8 +278,8 @@ public class QuartzJobController { * @param id * @return */ - //@RequiresRoles("admin") - @RequiresPermissions("system:quartzJob:execute") + //@SaCheckRole("admin") + @SaCheckPermission("system:quartzJob:execute") @GetMapping("/execute") public Result execute(@RequestParam(name = "id", required = true) String id) { QuartzJob quartzJob = quartzJobService.getById(id); diff --git a/jeecg-boot/jeecg-module-system/jeecg-system-biz/src/main/java/org/jeecg/modules/system/controller/SysAnnouncementController.java b/jeecg-boot/jeecg-module-system/jeecg-system-biz/src/main/java/org/jeecg/modules/system/controller/SysAnnouncementController.java index 487099ae6..62ee369a6 100644 --- a/jeecg-boot/jeecg-module-system/jeecg-system-biz/src/main/java/org/jeecg/modules/system/controller/SysAnnouncementController.java +++ b/jeecg-boot/jeecg-module-system/jeecg-system-biz/src/main/java/org/jeecg/modules/system/controller/SysAnnouncementController.java @@ -8,7 +8,7 @@ import com.baomidou.mybatisplus.extension.plugins.pagination.Page; import com.jeecg.dingtalk.api.core.response.Response; import lombok.extern.slf4j.Slf4j; import org.apache.commons.lang.StringUtils; -import org.apache.shiro.SecurityUtils; +import org.jeecg.common.util.LoginUserUtils; import org.jeecg.common.api.vo.Result; import org.jeecg.common.config.TenantContext; import org.jeecg.common.constant.CommonConstant; @@ -378,7 +378,7 @@ public class SysAnnouncementController { long start = System.currentTimeMillis(); Result> result = new Result>(); Map sysMsgMap = new HashMap(5); - LoginUser sysUser = (LoginUser)SecurityUtils.getSubject().getPrincipal(); + LoginUser sysUser = LoginUserUtils.getLoginUser(); String userId = sysUser.getId(); @@ -423,7 +423,7 @@ public class SysAnnouncementController { */ @RequestMapping(value = "/getUnreadMessageCount", method = RequestMethod.GET) public Result> getUnreadMessageCount(@RequestParam(required = false, defaultValue = "5") Integer pageSize, HttpServletRequest request) { - LoginUser sysUser = (LoginUser) SecurityUtils.getSubject().getPrincipal(); + LoginUser sysUser = LoginUserUtils.getLoginUser(); String userId = sysUser.getId(); // 获取上个月的第一天(只查近两个月的通知) @@ -466,7 +466,7 @@ public class SysAnnouncementController { //导出文件名称 mv.addObject(NormalExcelConstants.FILE_NAME, "系统通告列表"); mv.addObject(NormalExcelConstants.CLASS, SysAnnouncement.class); - LoginUser user = (LoginUser) SecurityUtils.getSubject().getPrincipal(); + LoginUser user = LoginUserUtils.getLoginUser(); mv.addObject(NormalExcelConstants.PARAMS, new ExportParams("系统通告列表数据", "导出人:"+user.getRealname(), "导出信息")); mv.addObject(NormalExcelConstants.DATA_LIST, pageList); return mv; @@ -643,7 +643,7 @@ public class SysAnnouncementController { JSONObject obj = new JSONObject(); obj.put(WebsocketConst.MSG_CMD, WebsocketConst.CMD_USER); - LoginUser sysUser = (LoginUser) SecurityUtils.getSubject().getPrincipal(); + LoginUser sysUser = LoginUserUtils.getLoginUser(); webSocket.sendMessage(sysUser.getId(), obj.toJSONString()); // 4、性能统计耗时 diff --git a/jeecg-boot/jeecg-module-system/jeecg-system-biz/src/main/java/org/jeecg/modules/system/controller/SysAnnouncementSendController.java b/jeecg-boot/jeecg-module-system/jeecg-system-biz/src/main/java/org/jeecg/modules/system/controller/SysAnnouncementSendController.java index c21810812..435807dbc 100644 --- a/jeecg-boot/jeecg-module-system/jeecg-system-biz/src/main/java/org/jeecg/modules/system/controller/SysAnnouncementSendController.java +++ b/jeecg-boot/jeecg-module-system/jeecg-system-biz/src/main/java/org/jeecg/modules/system/controller/SysAnnouncementSendController.java @@ -6,7 +6,7 @@ import java.util.Date; import jakarta.servlet.http.HttpServletRequest; import org.apache.commons.lang3.StringUtils; -import org.apache.shiro.SecurityUtils; +import org.jeecg.common.util.LoginUserUtils; import org.jeecg.common.api.vo.Result; import org.jeecg.common.constant.CommonConstant; import org.jeecg.common.constant.DataBaseConstant; @@ -195,7 +195,7 @@ public class SysAnnouncementSendController { public Result editById(@RequestBody JSONObject json) { Result result = new Result(); String anntId = json.getString("anntId"); - LoginUser sysUser = (LoginUser)SecurityUtils.getSubject().getPrincipal(); + LoginUser sysUser = LoginUserUtils.getLoginUser(); String userId = sysUser.getId(); LambdaUpdateWrapper updateWrapper = new UpdateWrapper().lambda(); updateWrapper.set(SysAnnouncementSend::getReadFlag, CommonConstant.HAS_READ_FLAG); @@ -220,7 +220,7 @@ public class SysAnnouncementSendController { @RequestParam(name="pageNo", defaultValue="1") Integer pageNo, @RequestParam(name="pageSize", defaultValue="10") Integer pageSize) { Result> result = new Result>(); - LoginUser sysUser = (LoginUser)SecurityUtils.getSubject().getPrincipal(); + LoginUser sysUser = LoginUserUtils.getLoginUser(); String userId = sysUser.getId(); announcementSendModel.setUserId(userId); announcementSendModel.setPageNo((pageNo-1)*pageSize); @@ -247,7 +247,7 @@ public class SysAnnouncementSendController { @PutMapping(value = "/readAll") public Result readAll() { Result result = new Result(); - LoginUser sysUser = (LoginUser)SecurityUtils.getSubject().getPrincipal(); + LoginUser sysUser = LoginUserUtils.getLoginUser(); String userId = sysUser.getId(); LambdaUpdateWrapper updateWrapper = new UpdateWrapper().lambda(); updateWrapper.set(SysAnnouncementSend::getReadFlag, CommonConstant.HAS_READ_FLAG); diff --git a/jeecg-boot/jeecg-module-system/jeecg-system-biz/src/main/java/org/jeecg/modules/system/controller/SysAppVersionController.java b/jeecg-boot/jeecg-module-system/jeecg-system-biz/src/main/java/org/jeecg/modules/system/controller/SysAppVersionController.java index 10b86d5c6..93e6ba771 100644 --- a/jeecg-boot/jeecg-module-system/jeecg-system-biz/src/main/java/org/jeecg/modules/system/controller/SysAppVersionController.java +++ b/jeecg-boot/jeecg-module-system/jeecg-system-biz/src/main/java/org/jeecg/modules/system/controller/SysAppVersionController.java @@ -3,7 +3,7 @@ package org.jeecg.modules.system.controller; import io.swagger.v3.oas.annotations.Operation; import io.swagger.v3.oas.annotations.tags.Tag; import lombok.extern.slf4j.Slf4j; -import org.apache.shiro.authz.annotation.RequiresRoles; +import cn.dev33.satoken.annotation.SaCheckRole; import org.jeecg.common.api.vo.Result; import org.jeecg.common.util.RedisUtil; import org.jeecg.common.util.oConvertUtils; @@ -57,7 +57,7 @@ public class SysAppVersionController{ * @param sysAppVersion * @return */ - @RequiresRoles({"admin"}) + @SaCheckRole({"admin"}) @Operation(summary="app系统配置-保存") @PostMapping(value = "/saveVersion") public Result saveVersion(@RequestBody SysAppVersion sysAppVersion) { diff --git a/jeecg-boot/jeecg-module-system/jeecg-system-biz/src/main/java/org/jeecg/modules/system/controller/SysCategoryController.java b/jeecg-boot/jeecg-module-system/jeecg-system-biz/src/main/java/org/jeecg/modules/system/controller/SysCategoryController.java index 72b07a098..4ec5683f6 100644 --- a/jeecg-boot/jeecg-module-system/jeecg-system-biz/src/main/java/org/jeecg/modules/system/controller/SysCategoryController.java +++ b/jeecg-boot/jeecg-module-system/jeecg-system-biz/src/main/java/org/jeecg/modules/system/controller/SysCategoryController.java @@ -7,7 +7,7 @@ import com.baomidou.mybatisplus.core.metadata.IPage; import com.baomidou.mybatisplus.extension.plugins.pagination.Page; import lombok.extern.slf4j.Slf4j; import org.apache.commons.lang.StringUtils; -import org.apache.shiro.SecurityUtils; +import org.jeecg.common.util.LoginUserUtils; import org.jeecg.common.api.vo.Result; import org.jeecg.common.config.TenantContext; import org.jeecg.common.constant.CommonConstant; @@ -237,7 +237,7 @@ public class SysCategoryController { //导出文件名称 mv.addObject(NormalExcelConstants.FILE_NAME, "分类字典列表"); mv.addObject(NormalExcelConstants.CLASS, SysCategory.class); - LoginUser user = (LoginUser) SecurityUtils.getSubject().getPrincipal(); + LoginUser user = LoginUserUtils.getLoginUser(); mv.addObject(NormalExcelConstants.PARAMS, new ExportParams("分类字典列表数据", "导出人:"+user.getRealname(), "导出信息")); return mv; } diff --git a/jeecg-boot/jeecg-module-system/jeecg-system-biz/src/main/java/org/jeecg/modules/system/controller/SysCommentController.java b/jeecg-boot/jeecg-module-system/jeecg-system-biz/src/main/java/org/jeecg/modules/system/controller/SysCommentController.java index 11a78b623..fd3ca0601 100644 --- a/jeecg-boot/jeecg-module-system/jeecg-system-biz/src/main/java/org/jeecg/modules/system/controller/SysCommentController.java +++ b/jeecg-boot/jeecg-module-system/jeecg-system-biz/src/main/java/org/jeecg/modules/system/controller/SysCommentController.java @@ -6,7 +6,7 @@ import com.baomidou.mybatisplus.extension.plugins.pagination.Page; import io.swagger.v3.oas.annotations.tags.Tag; import io.swagger.v3.oas.annotations.Operation; import lombok.extern.slf4j.Slf4j; -import org.apache.shiro.SecurityUtils; +import org.jeecg.common.util.LoginUserUtils; import org.jeecg.common.api.dto.DataLogDTO; import org.jeecg.common.api.vo.Result; import org.jeecg.common.constant.CommonConstant; @@ -126,7 +126,7 @@ public class SysCommentController extends JeecgController add(@RequestBody SysComment sysComment) { sysCommentService.save(sysComment); @@ -197,7 +197,7 @@ public class SysCommentController extends JeecgController edit(@RequestBody SysComment sysComment) { sysCommentService.updateById(sysComment); @@ -212,7 +212,7 @@ public class SysCommentController extends JeecgController delete(@RequestParam(name = "id", required = true) String id) { sysCommentService.removeById(id); @@ -227,7 +227,7 @@ public class SysCommentController extends JeecgController deleteBatch(@RequestParam(name = "ids", required = true) String ids) { this.sysCommentService.removeByIds(Arrays.asList(ids.split(","))); @@ -257,7 +257,7 @@ public class SysCommentController extends JeecgController importExcel(HttpServletRequest request, HttpServletResponse response) { return super.importExcel(request, response, SysComment.class); diff --git a/jeecg-boot/jeecg-module-system/jeecg-system-biz/src/main/java/org/jeecg/modules/system/controller/SysDataSourceController.java b/jeecg-boot/jeecg-module-system/jeecg-system-biz/src/main/java/org/jeecg/modules/system/controller/SysDataSourceController.java index ffc0fb16c..9c2779864 100644 --- a/jeecg-boot/jeecg-module-system/jeecg-system-biz/src/main/java/org/jeecg/modules/system/controller/SysDataSourceController.java +++ b/jeecg-boot/jeecg-module-system/jeecg-system-biz/src/main/java/org/jeecg/modules/system/controller/SysDataSourceController.java @@ -11,8 +11,8 @@ import io.swagger.v3.oas.annotations.tags.Tag; import io.swagger.v3.oas.annotations.Operation; import lombok.extern.slf4j.Slf4j; import org.apache.commons.lang.StringUtils; -import org.apache.shiro.authz.annotation.RequiresPermissions; -import org.apache.shiro.authz.annotation.RequiresRoles; +import cn.dev33.satoken.annotation.SaCheckPermission; +import cn.dev33.satoken.annotation.SaCheckRole; import org.jeecg.common.api.vo.Result; import org.jeecg.common.aspect.annotation.AutoLog; import org.jeecg.common.config.TenantContext; @@ -63,7 +63,7 @@ public class SysDataSourceController extends JeecgController queryPageList( SysDataSource sysDataSource, diff --git a/jeecg-boot/jeecg-module-system/jeecg-system-biz/src/main/java/org/jeecg/modules/system/controller/SysDepartController.java b/jeecg-boot/jeecg-module-system/jeecg-system-biz/src/main/java/org/jeecg/modules/system/controller/SysDepartController.java index 6a7a998ed..f5829db18 100644 --- a/jeecg-boot/jeecg-module-system/jeecg-system-biz/src/main/java/org/jeecg/modules/system/controller/SysDepartController.java +++ b/jeecg-boot/jeecg-module-system/jeecg-system-biz/src/main/java/org/jeecg/modules/system/controller/SysDepartController.java @@ -4,8 +4,8 @@ import com.alibaba.fastjson.JSONObject; import com.baomidou.mybatisplus.core.conditions.query.LambdaQueryWrapper; import lombok.extern.slf4j.Slf4j; import org.apache.commons.lang3.StringUtils; -import org.apache.shiro.SecurityUtils; -import org.apache.shiro.authz.annotation.RequiresPermissions; +import org.jeecg.common.util.LoginUserUtils; +import cn.dev33.satoken.annotation.SaCheckPermission; import org.jeecg.common.api.vo.Result; import org.jeecg.common.config.TenantContext; import org.jeecg.common.constant.CacheConstant; @@ -75,7 +75,7 @@ public class SysDepartController { @RequestMapping(value = "/queryMyDeptTreeList", method = RequestMethod.GET) public Result> queryMyDeptTreeList() { Result> result = new Result<>(); - LoginUser user = (LoginUser) SecurityUtils.getSubject().getPrincipal(); + LoginUser user = LoginUserUtils.getLoginUser(); try { if(oConvertUtils.isNotEmpty(user.getUserIdentity()) && user.getUserIdentity().equals( CommonConstant.USER_IDENTITY_2 )){ //update-begin--Author:liusq Date:20210624 for:部门查询ids为空后的前端显示问题 issues/I3UD06 @@ -205,7 +205,7 @@ public class SysDepartController { * @param sysDepart * @return */ - @RequiresPermissions("system:depart:add") + @SaCheckPermission("system:depart:add") @RequestMapping(value = "/add", method = RequestMethod.POST) @CacheEvict(value= {CacheConstant.SYS_DEPARTS_CACHE,CacheConstant.SYS_DEPART_IDS_CACHE}, allEntries=true) public Result add(@RequestBody SysDepart sysDepart, HttpServletRequest request) { @@ -231,7 +231,7 @@ public class SysDepartController { * @param sysDepart * @return */ - @RequiresPermissions("system:depart:edit") + @SaCheckPermission("system:depart:edit") @RequestMapping(value = "/edit", method = {RequestMethod.PUT,RequestMethod.POST}) @CacheEvict(value= {CacheConstant.SYS_DEPARTS_CACHE,CacheConstant.SYS_DEPART_IDS_CACHE}, allEntries=true) public Result edit(@RequestBody SysDepart sysDepart, HttpServletRequest request) { @@ -259,7 +259,7 @@ public class SysDepartController { * @param id * @return */ - @RequiresPermissions("system:depart:delete") + @SaCheckPermission("system:depart:delete") @RequestMapping(value = "/delete", method = RequestMethod.DELETE) @CacheEvict(value= {CacheConstant.SYS_DEPARTS_CACHE,CacheConstant.SYS_DEPART_IDS_CACHE}, allEntries=true) public Result delete(@RequestParam(name="id",required=true) String id) { @@ -285,7 +285,7 @@ public class SysDepartController { * @param ids * @return */ - @RequiresPermissions("system:depart:deleteBatch") + @SaCheckPermission("system:depart:deleteBatch") @RequestMapping(value = "/deleteBatch", method = RequestMethod.DELETE) @CacheEvict(value= {CacheConstant.SYS_DEPARTS_CACHE,CacheConstant.SYS_DEPART_IDS_CACHE}, allEntries=true) public Result deleteBatch(@RequestParam(name = "ids", required = true) String ids) { @@ -352,7 +352,7 @@ public class SysDepartController { @RequestParam(name = "departIds", required = false) String depIds) { Result> result = new Result>(); //部门查询,myDeptSearch为1时为我的部门查询,登录用户为上级时查只查负责部门下数据 - LoginUser user = (LoginUser) SecurityUtils.getSubject().getPrincipal(); + LoginUser user = LoginUserUtils.getLoginUser(); String departIds = null; if(oConvertUtils.isNotEmpty(user.getUserIdentity()) && user.getUserIdentity().equals( CommonConstant.USER_IDENTITY_2 )){ departIds = user.getDepartIds(); @@ -409,7 +409,7 @@ public class SysDepartController { //导出文件名称 mv.addObject(NormalExcelConstants.FILE_NAME, "部门列表"); mv.addObject(NormalExcelConstants.CLASS, SysDepartExportVo.class); - LoginUser user = (LoginUser) SecurityUtils.getSubject().getPrincipal(); + LoginUser user = LoginUserUtils.getLoginUser(); ExportParams exportParams = new ExportParams("导入规则:\n" + "1、标题为第三行,部门路径和部门名称的标题不允许修改,否则会匹配失败;第四行为数据填写范围;\n" + "2、部门路径用英文字符/分割,部门名称为部门路径的最后一位;\n" + @@ -433,7 +433,7 @@ public class SysDepartController { * @param response * @return */ - @RequiresPermissions("system:depart:importExcel") + @SaCheckPermission("system:depart:importExcel") @RequestMapping(value = "/importExcel", method = RequestMethod.POST) @CacheEvict(value= {CacheConstant.SYS_DEPARTS_CACHE,CacheConstant.SYS_DEPART_IDS_CACHE}, allEntries=true) public Result importExcel(HttpServletRequest request, HttpServletResponse response) { @@ -674,7 +674,7 @@ public class SysDepartController { //导出文件名称 mv.addObject(NormalExcelConstants.FILE_NAME, "部门列表"); mv.addObject(NormalExcelConstants.CLASS, ExportDepartVo.class); - LoginUser user = (LoginUser) SecurityUtils.getSubject().getPrincipal(); + LoginUser user = LoginUserUtils.getLoginUser(); mv.addObject(NormalExcelConstants.PARAMS, new ExportParams("部门列表数据", "导出人:"+user.getRealname(), "导出信息")); mv.addObject(NormalExcelConstants.DATA_LIST, pageList); return mv; diff --git a/jeecg-boot/jeecg-module-system/jeecg-system-biz/src/main/java/org/jeecg/modules/system/controller/SysDepartPermissionController.java b/jeecg-boot/jeecg-module-system/jeecg-system-biz/src/main/java/org/jeecg/modules/system/controller/SysDepartPermissionController.java index c684255b1..2bd031417 100644 --- a/jeecg-boot/jeecg-module-system/jeecg-system-biz/src/main/java/org/jeecg/modules/system/controller/SysDepartPermissionController.java +++ b/jeecg-boot/jeecg-module-system/jeecg-system-biz/src/main/java/org/jeecg/modules/system/controller/SysDepartPermissionController.java @@ -7,7 +7,7 @@ import jakarta.servlet.http.HttpServletResponse; import com.alibaba.fastjson.JSONObject; import com.baomidou.mybatisplus.core.conditions.query.LambdaQueryWrapper; -import org.apache.shiro.SecurityUtils; +import org.jeecg.common.util.LoginUserUtils; import org.jeecg.common.api.vo.Result; import org.jeecg.common.constant.CommonConstant; import org.jeecg.common.system.query.QueryGenerator; @@ -260,7 +260,7 @@ public class SysDepartPermissionController extends JeecgController queryWrapper = QueryGenerator.initQueryWrapper(sysDepartRole, req.getParameterMap()); Page page = new Page(pageNo, pageSize); -// LoginUser user = (LoginUser) SecurityUtils.getSubject().getPrincipal(); +// LoginUser user = LoginUserUtils.getLoginUser(); // List deptIds = null; // if(oConvertUtils.isEmpty(deptId)){ // if(oConvertUtils.isNotEmpty(user.getUserIdentity()) && user.getUserIdentity().equals(CommonConstant.USER_IDENTITY_2) ){ @@ -109,7 +109,7 @@ public class SysDepartRoleController extends JeecgController add(@RequestBody SysDepartRole sysDepartRole) { @@ -124,7 +124,7 @@ public class SysDepartRoleController extends JeecgController edit(@RequestBody SysDepartRole sysDepartRole) { sysDepartRoleService.updateById(sysDepartRole); @@ -139,7 +139,7 @@ public class SysDepartRoleController extends JeecgController delete(@RequestParam(name="id",required=true) String id) { sysDepartRoleService.removeById(id); @@ -154,7 +154,7 @@ public class SysDepartRoleController extends JeecgController deleteBatch(@RequestParam(name="ids",required=true) String ids) { this.sysDepartRoleService.deleteDepartRole(Arrays.asList(ids.split(","))); @@ -195,7 +195,7 @@ public class SysDepartRoleController extends JeecgController deptRoleAdd(@RequestBody JSONObject json) { String newRoleId = json.getString("newRoleId"); @@ -203,7 +203,7 @@ public class SysDepartRoleController extends JeecgController add(@RequestBody SysDictItem sysDictItem) { @@ -95,7 +95,7 @@ public class SysDictItemController { * @param sysDictItem * @return */ - @RequiresPermissions("system:dict:item:edit") + @SaCheckPermission("system:dict:item:edit") @RequestMapping(value = "/edit", method = { RequestMethod.PUT,RequestMethod.POST }) @CacheEvict(value={CacheConstant.SYS_DICT_CACHE, CacheConstant.SYS_ENABLE_DICT_CACHE}, allEntries=true) public Result edit(@RequestBody SysDictItem sysDictItem) { @@ -119,7 +119,7 @@ public class SysDictItemController { * @param id * @return */ - @RequiresPermissions("system:dict:item:delete") + @SaCheckPermission("system:dict:item:delete") @RequestMapping(value = "/delete", method = RequestMethod.DELETE) @CacheEvict(value={CacheConstant.SYS_DICT_CACHE, CacheConstant.SYS_ENABLE_DICT_CACHE}, allEntries=true) public Result delete(@RequestParam(name="id",required=true) String id) { @@ -141,7 +141,7 @@ public class SysDictItemController { * @param ids * @return */ - @RequiresPermissions("system:dict:item:deleteBatch") + @SaCheckPermission("system:dict:item:deleteBatch") @RequestMapping(value = "/deleteBatch", method = RequestMethod.DELETE) @CacheEvict(value={CacheConstant.SYS_DICT_CACHE, CacheConstant.SYS_ENABLE_DICT_CACHE}, allEntries=true) public Result deleteBatch(@RequestParam(name="ids",required=true) String ids) { diff --git a/jeecg-boot/jeecg-module-system/jeecg-system-biz/src/main/java/org/jeecg/modules/system/controller/SysGatewayRouteController.java b/jeecg-boot/jeecg-module-system/jeecg-system-biz/src/main/java/org/jeecg/modules/system/controller/SysGatewayRouteController.java index 68bc4eaba..3f7ba9e9c 100644 --- a/jeecg-boot/jeecg-module-system/jeecg-system-biz/src/main/java/org/jeecg/modules/system/controller/SysGatewayRouteController.java +++ b/jeecg-boot/jeecg-module-system/jeecg-system-biz/src/main/java/org/jeecg/modules/system/controller/SysGatewayRouteController.java @@ -6,7 +6,7 @@ import com.baomidou.mybatisplus.core.conditions.query.LambdaQueryWrapper; import io.swagger.v3.oas.annotations.tags.Tag; import lombok.extern.slf4j.Slf4j; import org.apache.commons.lang.StringUtils; -import org.apache.shiro.authz.annotation.RequiresPermissions; +import cn.dev33.satoken.annotation.SaCheckPermission; import org.jeecg.common.api.vo.Result; import org.jeecg.common.system.base.controller.JeecgController; import org.jeecg.common.util.oConvertUtils; @@ -70,7 +70,7 @@ public class SysGatewayRouteController extends JeecgController delete(@RequestParam(name = "id", required = true) String id) { sysGatewayRouteService.deleteById(id); @@ -96,7 +96,7 @@ public class SysGatewayRouteController extends JeecgController copyRoute(@RequestParam(name = "id", required = true) String id, HttpServletRequest req) { Result result = new Result<>(); diff --git a/jeecg-boot/jeecg-module-system/jeecg-system-biz/src/main/java/org/jeecg/modules/system/controller/SysLogController.java b/jeecg-boot/jeecg-module-system/jeecg-system-biz/src/main/java/org/jeecg/modules/system/controller/SysLogController.java index 83805d360..6f2cb9aeb 100644 --- a/jeecg-boot/jeecg-module-system/jeecg-system-biz/src/main/java/org/jeecg/modules/system/controller/SysLogController.java +++ b/jeecg-boot/jeecg-module-system/jeecg-system-biz/src/main/java/org/jeecg/modules/system/controller/SysLogController.java @@ -5,7 +5,7 @@ import java.util.Arrays; import jakarta.servlet.http.HttpServletRequest; -import org.apache.shiro.authz.annotation.RequiresPermissions; +import cn.dev33.satoken.annotation.SaCheckPermission; import org.jeecg.common.api.vo.Result; import org.jeecg.common.system.base.controller.JeecgController; import org.jeecg.common.system.query.QueryGenerator; @@ -56,7 +56,7 @@ public class SysLogController extends JeecgController { * @return */ @RequestMapping(value = "/list", method = RequestMethod.GET) - //@RequiresPermissions("system:log:list") + //@SaCheckPermission("system:log:list") public Result> queryPageList(SysLog syslog,@RequestParam(name="pageNo", defaultValue="1") Integer pageNo, @RequestParam(name="pageSize", defaultValue="10") Integer pageSize,HttpServletRequest req) { Result> result = new Result>(); @@ -87,7 +87,7 @@ public class SysLogController extends JeecgController { * @return */ @RequestMapping(value = "/delete", method = RequestMethod.DELETE) - //@RequiresPermissions("system:log:delete") + //@SaCheckPermission("system:log:delete") public Result delete(@RequestParam(name="id",required=true) String id) { Result result = new Result(); SysLog sysLog = sysLogService.getById(id); @@ -108,7 +108,7 @@ public class SysLogController extends JeecgController { * @return */ @RequestMapping(value = "/deleteBatch", method = RequestMethod.DELETE) - //@RequiresPermissions("system:log:deleteBatch") + //@SaCheckPermission("system:log:deleteBatch") public Result deleteBatch(@RequestParam(name="ids",required=true) String ids) { Result result = new Result(); if(ids==null || "".equals(ids.trim())) { diff --git a/jeecg-boot/jeecg-module-system/jeecg-system-biz/src/main/java/org/jeecg/modules/system/controller/SysPositionController.java b/jeecg-boot/jeecg-module-system/jeecg-system-biz/src/main/java/org/jeecg/modules/system/controller/SysPositionController.java index c0a2848d6..afd69b069 100644 --- a/jeecg-boot/jeecg-module-system/jeecg-system-biz/src/main/java/org/jeecg/modules/system/controller/SysPositionController.java +++ b/jeecg-boot/jeecg-module-system/jeecg-system-biz/src/main/java/org/jeecg/modules/system/controller/SysPositionController.java @@ -8,7 +8,7 @@ import com.baomidou.mybatisplus.extension.plugins.pagination.Page; import io.swagger.v3.oas.annotations.tags.Tag; import io.swagger.v3.oas.annotations.Operation; import lombok.extern.slf4j.Slf4j; -import org.apache.shiro.SecurityUtils; +import org.jeecg.common.util.LoginUserUtils; import org.jeecg.common.api.vo.Result; import org.jeecg.common.aspect.annotation.AutoLog; import org.jeecg.common.config.TenantContext; @@ -249,7 +249,7 @@ public class SysPositionController { //Step.2 AutoPoi 导出Excel ModelAndView mv = new ModelAndView(new JeecgEntityExcelView()); List pageList = sysPositionService.list(queryWrapper); - LoginUser user = (LoginUser) SecurityUtils.getSubject().getPrincipal(); + LoginUser user = LoginUserUtils.getLoginUser(); //导出文件名称 mv.addObject(NormalExcelConstants.FILE_NAME, "职务表列表"); mv.addObject(NormalExcelConstants.CLASS, SysPosition.class); diff --git a/jeecg-boot/jeecg-module-system/jeecg-system-biz/src/main/java/org/jeecg/modules/system/controller/SysRoleController.java b/jeecg-boot/jeecg-module-system/jeecg-system-biz/src/main/java/org/jeecg/modules/system/controller/SysRoleController.java index b009efff9..9d8d79715 100644 --- a/jeecg-boot/jeecg-module-system/jeecg-system-biz/src/main/java/org/jeecg/modules/system/controller/SysRoleController.java +++ b/jeecg-boot/jeecg-module-system/jeecg-system-biz/src/main/java/org/jeecg/modules/system/controller/SysRoleController.java @@ -15,7 +15,7 @@ import jakarta.servlet.http.HttpServletResponse; import cn.hutool.core.util.RandomUtil; import com.baomidou.mybatisplus.extension.plugins.pagination.PageDTO; -import org.apache.shiro.authz.annotation.RequiresPermissions; +import cn.dev33.satoken.annotation.SaCheckPermission; import org.jeecg.common.api.vo.Result; import org.jeecg.common.base.BaseMap; import org.jeecg.common.config.TenantContext; @@ -48,7 +48,7 @@ import org.springframework.web.multipart.MultipartFile; import org.springframework.web.multipart.MultipartHttpServletRequest; import org.springframework.web.servlet.ModelAndView; import org.jeecg.common.system.vo.LoginUser; -import org.apache.shiro.SecurityUtils; +import org.jeecg.common.util.LoginUserUtils; import com.alibaba.fastjson.JSONObject; import com.baomidou.mybatisplus.core.conditions.query.LambdaQueryWrapper; import com.baomidou.mybatisplus.core.conditions.query.QueryWrapper; @@ -96,7 +96,7 @@ public class SysRoleController { * @param req * @return */ - @RequiresPermissions("system:role:list") + @SaCheckPermission("system:role:list") @RequestMapping(value = "/list", method = RequestMethod.GET) public Result> queryPageList(SysRole role, @RequestParam(name="pageNo", defaultValue="1") Integer pageNo, @@ -152,7 +152,7 @@ public class SysRoleController { * @return */ @RequestMapping(value = "/add", method = RequestMethod.POST) - @RequiresPermissions("system:role:add") + @SaCheckPermission("system:role:add") public Result add(@RequestBody SysRole role) { Result result = new Result(); try { @@ -177,7 +177,7 @@ public class SysRoleController { * @param role * @return */ - @RequiresPermissions("system:role:edit") + @SaCheckPermission("system:role:edit") @RequestMapping(value = "/edit",method = {RequestMethod.PUT,RequestMethod.POST}) public Result edit(@RequestBody SysRole role) { Result result = new Result(); @@ -191,7 +191,7 @@ public class SysRoleController { //如果是saas隔离的情况下,判断当前租户id是否是当前租户下的 if (MybatisPlusSaasConfig.OPEN_SYSTEM_TENANT_CONTROL) { //获取当前用户 - LoginUser sysUser = (LoginUser) SecurityUtils.getSubject().getPrincipal(); + LoginUser sysUser = LoginUserUtils.getLoginUser(); Integer tenantId = oConvertUtils.getInt(TenantContext.getTenant(), 0); String username = "admin"; if (!tenantId.equals(sysrole.getTenantId()) && !username.equals(sysUser.getUsername())) { @@ -214,13 +214,13 @@ public class SysRoleController { * @param id * @return */ - @RequiresPermissions("system:role:delete") + @SaCheckPermission("system:role:delete") @RequestMapping(value = "/delete", method = RequestMethod.DELETE) public Result delete(@RequestParam(name="id",required=true) String id) { //如果是saas隔离的情况下,判断当前租户id是否是当前租户下的 if(MybatisPlusSaasConfig.OPEN_SYSTEM_TENANT_CONTROL){ //获取当前用户 - LoginUser sysUser = (LoginUser) SecurityUtils.getSubject().getPrincipal(); + LoginUser sysUser = LoginUserUtils.getLoginUser(); int tenantId = oConvertUtils.getInt(TenantContext.getTenant(), 0); Long getRoleCount = sysRoleService.getRoleCountByTenantId(id, tenantId); String username = "admin"; @@ -245,7 +245,7 @@ public class SysRoleController { * @param ids * @return */ - @RequiresPermissions("system:role:deleteBatch") + @SaCheckPermission("system:role:deleteBatch") @RequestMapping(value = "/deleteBatch", method = RequestMethod.DELETE) public Result deleteBatch(@RequestParam(name="ids",required=true) String ids) { baseCommonService.addLog("删除角色操作,角色ids:" + ids, CommonConstant.LOG_TYPE_2, CommonConstant.OPERATE_TYPE_4); @@ -257,7 +257,7 @@ public class SysRoleController { if(MybatisPlusSaasConfig.OPEN_SYSTEM_TENANT_CONTROL){ int tenantId = oConvertUtils.getInt(TenantContext.getTenant(), 0); String[] roleIds = ids.split(SymbolConstant.COMMA); - LoginUser sysUser = (LoginUser) SecurityUtils.getSubject().getPrincipal(); + LoginUser sysUser = LoginUserUtils.getLoginUser(); String username = "admin"; for (String id:roleIds) { Long getRoleCount = sysRoleService.getRoleCountByTenantId(id, tenantId); @@ -324,7 +324,7 @@ public class SysRoleController { * * @return */ - @RequiresPermissions("system:role:queryallNoByTenant") + @SaCheckPermission("system:role:queryallNoByTenant") @RequestMapping(value = "/queryallNoByTenant", method = RequestMethod.GET) public Result> queryallNoByTenant() { Result> result = new Result<>(); @@ -400,7 +400,7 @@ public class SysRoleController { //导出文件名称 mv.addObject(NormalExcelConstants.FILE_NAME,"角色列表"); mv.addObject(NormalExcelConstants.CLASS,SysRole.class); - LoginUser user = (LoginUser) SecurityUtils.getSubject().getPrincipal(); + LoginUser user = LoginUserUtils.getLoginUser(); mv.addObject(NormalExcelConstants.PARAMS,new ExportParams("角色列表数据","导出人:"+user.getRealname(),"导出信息")); mv.addObject(NormalExcelConstants.DATA_LIST,pageList); return mv; diff --git a/jeecg-boot/jeecg-module-system/jeecg-system-biz/src/main/java/org/jeecg/modules/system/controller/SysRoleIndexController.java b/jeecg-boot/jeecg-module-system/jeecg-system-biz/src/main/java/org/jeecg/modules/system/controller/SysRoleIndexController.java index c1b582aa0..e2b959fd1 100644 --- a/jeecg-boot/jeecg-module-system/jeecg-system-biz/src/main/java/org/jeecg/modules/system/controller/SysRoleIndexController.java +++ b/jeecg-boot/jeecg-module-system/jeecg-system-biz/src/main/java/org/jeecg/modules/system/controller/SysRoleIndexController.java @@ -9,7 +9,7 @@ import io.swagger.v3.oas.annotations.Operation; import jakarta.servlet.http.HttpServletRequest; import jakarta.servlet.http.HttpServletResponse; import lombok.extern.slf4j.Slf4j; -import org.apache.shiro.authz.annotation.RequiresPermissions; +import cn.dev33.satoken.annotation.SaCheckPermission; import org.jeecg.common.api.vo.Result; import org.jeecg.common.aspect.annotation.AutoLog; import org.jeecg.common.constant.CommonConstant; @@ -80,7 +80,7 @@ public class SysRoleIndexController extends JeecgController delete(@RequestParam(name = "id", required = true) String id) { sysRoleIndexService.removeById(id); @@ -139,7 +139,7 @@ public class SysRoleIndexController extends JeecgController deleteBatch(@RequestParam(name = "ids", required = true) String ids) { baseCommonService.addLog("批量删除用户, ids: " +ids ,CommonConstant.LOG_TYPE_2, 3); @@ -211,7 +211,7 @@ public class SysRoleIndexController extends JeecgController updateDefIndex( @RequestParam("url") String url, diff --git a/jeecg-boot/jeecg-module-system/jeecg-system-biz/src/main/java/org/jeecg/modules/system/controller/SysTableWhiteListController.java b/jeecg-boot/jeecg-module-system/jeecg-system-biz/src/main/java/org/jeecg/modules/system/controller/SysTableWhiteListController.java index e9b0a0c27..474b81c76 100644 --- a/jeecg-boot/jeecg-module-system/jeecg-system-biz/src/main/java/org/jeecg/modules/system/controller/SysTableWhiteListController.java +++ b/jeecg-boot/jeecg-module-system/jeecg-system-biz/src/main/java/org/jeecg/modules/system/controller/SysTableWhiteListController.java @@ -6,8 +6,8 @@ import com.baomidou.mybatisplus.extension.plugins.pagination.Page; import io.swagger.v3.oas.annotations.tags.Tag; import io.swagger.v3.oas.annotations.Operation; import lombok.extern.slf4j.Slf4j; -import org.apache.shiro.authz.annotation.RequiresPermissions; -import org.apache.shiro.authz.annotation.RequiresRoles; +import cn.dev33.satoken.annotation.SaCheckPermission; +import cn.dev33.satoken.annotation.SaCheckRole; import org.jeecg.common.api.vo.Result; import org.jeecg.common.aspect.annotation.AutoLog; import org.jeecg.common.system.base.controller.JeecgController; @@ -43,8 +43,8 @@ public class SysTableWhiteListController extends JeecgController queryPageList( SysTableWhiteList sysTableWhiteList, @@ -66,8 +66,8 @@ public class SysTableWhiteListController extends JeecgController add(@RequestBody SysTableWhiteList sysTableWhiteList) { if (sysTableWhiteListService.add(sysTableWhiteList)) { @@ -85,8 +85,8 @@ public class SysTableWhiteListController extends JeecgController edit(@RequestBody SysTableWhiteList sysTableWhiteList) { if (sysTableWhiteListService.edit(sysTableWhiteList)) { @@ -104,8 +104,8 @@ public class SysTableWhiteListController extends JeecgController delete(@RequestParam(name = "id") String id) { if (sysTableWhiteListService.deleteByIds(id)) { @@ -123,8 +123,8 @@ public class SysTableWhiteListController extends JeecgController deleteBatch(@RequestParam(name = "ids") String ids) { if (sysTableWhiteListService.deleteByIds(ids)) { @@ -142,8 +142,8 @@ public class SysTableWhiteListController extends JeecgController queryById(@RequestParam(name = "id", required = true) String id) { SysTableWhiteList sysTableWhiteList = sysTableWhiteListService.getById(id); diff --git a/jeecg-boot/jeecg-module-system/jeecg-system-biz/src/main/java/org/jeecg/modules/system/controller/SysTenantController.java b/jeecg-boot/jeecg-module-system/jeecg-system-biz/src/main/java/org/jeecg/modules/system/controller/SysTenantController.java index a4e7eb945..6963d8a0d 100644 --- a/jeecg-boot/jeecg-module-system/jeecg-system-biz/src/main/java/org/jeecg/modules/system/controller/SysTenantController.java +++ b/jeecg-boot/jeecg-module-system/jeecg-system-biz/src/main/java/org/jeecg/modules/system/controller/SysTenantController.java @@ -8,8 +8,8 @@ import com.baomidou.mybatisplus.core.conditions.query.QueryWrapper; import com.baomidou.mybatisplus.core.metadata.IPage; import com.baomidou.mybatisplus.extension.plugins.pagination.Page; import lombok.extern.slf4j.Slf4j; -import org.apache.shiro.SecurityUtils; -import org.apache.shiro.authz.annotation.RequiresPermissions; +import org.jeecg.common.util.LoginUserUtils; +import cn.dev33.satoken.annotation.SaCheckPermission; import org.jeecg.common.api.vo.Result; import org.jeecg.common.aspect.annotation.PermissionData; import org.jeecg.common.config.TenantContext; @@ -74,7 +74,7 @@ public class SysTenantController { * @param req * @return */ - @RequiresPermissions("system:tenant:list") + @SaCheckPermission("system:tenant:list") @PermissionData(pageComponent = "system/TenantList") @RequestMapping(value = "/list", method = RequestMethod.GET) public Result> queryPageList(SysTenant sysTenant,@RequestParam(name="pageNo", defaultValue="1") Integer pageNo, @@ -113,7 +113,7 @@ public class SysTenantController { * @return */ @GetMapping("/recycleBinPageList") - @RequiresPermissions("system:tenant:recycleBinPageList") + @SaCheckPermission("system:tenant:recycleBinPageList") public Result> recycleBinPageList(SysTenant sysTenant,@RequestParam(name="pageNo", defaultValue="1") Integer pageNo, @RequestParam(name="pageSize", defaultValue="10") Integer pageSize,HttpServletRequest req){ Result> result = new Result>(); @@ -129,7 +129,7 @@ public class SysTenantController { * @param * @return */ - @RequiresPermissions("system:tenant:add") + @SaCheckPermission("system:tenant:add") @RequestMapping(value = "/add", method = RequestMethod.POST) public Result add(@RequestBody SysTenant sysTenant) { Result result = new Result(); @@ -155,7 +155,7 @@ public class SysTenantController { * @author chenrui * @date 2025/2/6 18:24 */ - @RequiresPermissions("system:tenant:syncDefaultPack") + @SaCheckPermission("system:tenant:syncDefaultPack") @PostMapping(value = "/syncDefaultPack") public Result syncDefaultPack(@RequestParam(name="tenantId",required=true) Integer tenantId) { //同步默认产品包 @@ -168,7 +168,7 @@ public class SysTenantController { * @param * @return */ - @RequiresPermissions("system:tenant:edit") + @SaCheckPermission("system:tenant:edit") @RequestMapping(value = "/edit", method ={RequestMethod.PUT, RequestMethod.POST}) public Result edit(@RequestBody SysTenant tenant) { Result result = new Result(); @@ -191,14 +191,14 @@ public class SysTenantController { * @param id * @return */ - @RequiresPermissions("system:tenant:delete") + @SaCheckPermission("system:tenant:delete") @RequestMapping(value = "/delete", method ={RequestMethod.DELETE, RequestMethod.POST}) public Result delete(@RequestParam(name="id",required=true) String id) { //------------------------------------------------------------------ //如果是saas隔离的情况下,判断当前租户id是否是当前租户下的 if (MybatisPlusSaasConfig.OPEN_SYSTEM_TENANT_CONTROL) { //获取当前用户 - LoginUser sysUser = (LoginUser) SecurityUtils.getSubject().getPrincipal(); + LoginUser sysUser = LoginUserUtils.getLoginUser(); SysTenant sysTenant = sysTenantService.getById(id); String username = "admin"; @@ -219,7 +219,7 @@ public class SysTenantController { * @param ids * @return */ - @RequiresPermissions("system:tenant:deleteBatch") + @SaCheckPermission("system:tenant:deleteBatch") @RequestMapping(value = "/deleteBatch", method = RequestMethod.DELETE) public Result deleteBatch(@RequestParam(name="ids",required=true) String ids) { Result result = new Result<>(); @@ -234,7 +234,7 @@ public class SysTenantController { //如果是saas隔离的情况下,判断当前租户id是否是当前租户下的 if (MybatisPlusSaasConfig.OPEN_SYSTEM_TENANT_CONTROL) { //获取当前用户 - LoginUser sysUser = (LoginUser) SecurityUtils.getSubject().getPrincipal(); + LoginUser sysUser = LoginUserUtils.getLoginUser(); SysTenant sysTenant = sysTenantService.getById(id); String username = "admin"; @@ -269,7 +269,7 @@ public class SysTenantController { } //------------------------------------------------------------------------------------------------ //获取登录用户信息 - LoginUser sysUser = (LoginUser) SecurityUtils.getSubject().getPrincipal(); + LoginUser sysUser = LoginUserUtils.getLoginUser(); //是否开启系统管理模块的多租户数据隔离【SAAS多租户模式】, admin给特权可以管理所有租户 if(MybatisPlusSaasConfig.OPEN_SYSTEM_TENANT_CONTROL && !"admin".equals(sysUser.getUsername())){ Integer loginSessionTenant = oConvertUtils.getInt(TenantContext.getTenant()); @@ -294,7 +294,7 @@ public class SysTenantController { * 查询有效的 租户数据 * @return */ - @RequiresPermissions("system:tenant:queryList") + @SaCheckPermission("system:tenant:queryList") @RequestMapping(value = "/queryList", method = RequestMethod.GET) public Result> queryList(@RequestParam(name="ids",required=false) String ids) { Result> result = new Result>(); @@ -320,7 +320,7 @@ public class SysTenantController { * @return */ @GetMapping(value = "/packList") - @RequiresPermissions("system:tenant:packList") + @SaCheckPermission("system:tenant:packList") public Result> queryPackPageList(SysTenantPack sysTenantPack, @RequestParam(name = "pageNo", defaultValue = "1") Integer pageNo, @RequestParam(name = "pageSize", defaultValue = "10") Integer pageSize, @@ -342,7 +342,7 @@ public class SysTenantController { * @return */ @PostMapping(value = "/addPackPermission") - @RequiresPermissions("system:tenant:add:pack") + @SaCheckPermission("system:tenant:add:pack") public Result addPackPermission(@RequestBody SysTenantPack sysTenantPack) { sysTenantPackService.addPackPermission(sysTenantPack); return Result.ok("创建租户产品包成功"); @@ -355,7 +355,7 @@ public class SysTenantController { * @return */ @PutMapping(value = "/editPackPermission") - @RequiresPermissions("system:tenant:edit:pack") + @SaCheckPermission("system:tenant:edit:pack") public Result editPackPermission(@RequestBody SysTenantPack sysTenantPack) { sysTenantPackService.editPackPermission(sysTenantPack); return Result.ok("修改租户产品包成功"); @@ -368,7 +368,7 @@ public class SysTenantController { * @return */ @DeleteMapping("/deleteTenantPack") - @RequiresPermissions("system:tenant:delete:pack") + @SaCheckPermission("system:tenant:delete:pack") public Result deleteTenantPack(@RequestParam(value = "ids") String ids) { sysTenantPackService.deleteTenantPack(ids); return Result.ok("删除租户产品包成功"); @@ -385,7 +385,7 @@ public class SysTenantController { public Result> getCurrentUserTenant() { Result> result = new Result>(); try { - LoginUser sysUser = (LoginUser) SecurityUtils.getSubject().getPrincipal(); + LoginUser sysUser = LoginUserUtils.getLoginUser(); //update-begin---author:wangshuai ---date:20221223 for:[QQYUN-3371]租户逻辑改造,改成关系表------------ List tenantIdList = relationService.getTenantIdsByUserId(sysUser.getId()); Map map = new HashMap(5); @@ -411,7 +411,7 @@ public class SysTenantController { * @return */ @PutMapping("/invitationUserJoin") - @RequiresPermissions("system:tenant:invitation:user") + @SaCheckPermission("system:tenant:invitation:user") public Result invitationUserJoin(@RequestParam("ids") String ids,@RequestParam(value = "phone", required = false) String phone, @RequestParam(value = "username", required = false) String username){ if(oConvertUtils.isEmpty(phone) && oConvertUtils.isEmpty(username)){ return Result.error("手机号和用户账号不能同时为空!"); @@ -429,7 +429,7 @@ public class SysTenantController { * @return */ @RequestMapping(value = "/getTenantUserList", method = RequestMethod.GET) - @RequiresPermissions("system:tenant:user:list") + @SaCheckPermission("system:tenant:user:list") public Result> getTenantUserList(SysUser user, @RequestParam(name="pageNo", defaultValue="1") Integer pageNo, @RequestParam(name="pageSize", defaultValue="10") Integer pageSize, @@ -450,12 +450,12 @@ public class SysTenantController { * @return */ @PutMapping("/leaveTenant") - @RequiresPermissions("system:tenant:leave") + @SaCheckPermission("system:tenant:leave") public Result leaveTenant(@RequestParam("userIds") String userIds, @RequestParam("tenantId") String tenantId){ Result result = new Result<>(); //是否开启系统管理模块的多租户数据隔离【SAAS多租户模式】 - LoginUser sysUser = (LoginUser) SecurityUtils.getSubject().getPrincipal(); + LoginUser sysUser = LoginUserUtils.getLoginUser(); if(MybatisPlusSaasConfig.OPEN_SYSTEM_TENANT_CONTROL && !"admin".equals(sysUser.getUsername())){ Integer loginSessionTenant = oConvertUtils.getInt(TenantContext.getTenant()); if(loginSessionTenant!=null && !loginSessionTenant.equals(Integer.valueOf(tenantId))){ @@ -501,7 +501,7 @@ public class SysTenantController { @PostMapping("/saveTenantJoinUser") public Result saveTenantJoinUser(@RequestBody SysTenant sysTenant){ Result result = new Result<>(); - LoginUser sysUser = (LoginUser) SecurityUtils.getSubject().getPrincipal(); + LoginUser sysUser = LoginUserUtils.getLoginUser(); Integer tenantId = sysTenantService.saveTenantJoinUser(sysTenant, sysUser.getId()); result.setSuccess(true); result.setMessage("创建成功"); @@ -515,7 +515,7 @@ public class SysTenantController { */ @PostMapping("/joinTenantByHouseNumber") public Result joinTenantByHouseNumber(@RequestBody SysTenant sysTenant){ - LoginUser sysUser = (LoginUser) SecurityUtils.getSubject().getPrincipal(); + LoginUser sysUser = LoginUserUtils.getLoginUser(); Integer tenantId = sysTenantService.joinTenantByHouseNumber(sysTenant, sysUser.getId()); Result result = new Result<>(); if(tenantId != 0){ @@ -542,7 +542,7 @@ public class SysTenantController { * @return */ @GetMapping("/getUserTenantPageList") - //@RequiresPermissions("system:tenant:tenantPageList") + //@SaCheckPermission("system:tenant:tenantPageList") public Result> getUserTenantPageList(@RequestParam(name = "pageNo", defaultValue = "1") Integer pageNo, @RequestParam(name = "pageSize", defaultValue = "10") Integer pageSize, @RequestParam(name = "userTenantStatus") String userTenantStatus, @@ -550,7 +550,7 @@ public class SysTenantController { SysUser user, HttpServletRequest req) { Page page = new Page(pageNo, pageSize); - LoginUser sysUser = (LoginUser) SecurityUtils.getSubject().getPrincipal(); + LoginUser sysUser = LoginUserUtils.getLoginUser(); String tenantId = oConvertUtils.getString(TenantContext.getTenant(), "0"); IPage list = relationService.getUserTenantPageList(page, Arrays.asList(userTenantStatus.split(SymbolConstant.COMMA)), user, Integer.valueOf(tenantId)); return Result.ok(list); @@ -563,9 +563,9 @@ public class SysTenantController { * @return */ @GetMapping("/getTenantListByUserId") - //@RequiresPermissions("system:tenant:getTenantListByUserId") + //@SaCheckPermission("system:tenant:getTenantListByUserId") public Result> getTenantListByUserId(@RequestParam(name = "userTenantStatus", required = false) String userTenantStatus) { - LoginUser sysUser = (LoginUser) SecurityUtils.getSubject().getPrincipal(); + LoginUser sysUser = LoginUserUtils.getLoginUser(); List list = null; if (oConvertUtils.isNotEmpty(userTenantStatus)) { list = Arrays.asList(userTenantStatus.split(SymbolConstant.COMMA)); @@ -579,7 +579,7 @@ public class SysTenantController { * 更新用户租户关系状态【低代码应用专用接口】 */ @PutMapping("/updateUserTenantStatus") - //@RequiresPermissions("system:tenant:updateUserTenantStatus") + //@SaCheckPermission("system:tenant:updateUserTenantStatus") public Result updateUserTenantStatus(@RequestBody SysUserTenant userTenant) { String tenantId = TenantContext.getTenant(); if (oConvertUtils.isEmpty(tenantId)) { @@ -596,9 +596,9 @@ public class SysTenantController { * @return */ @PutMapping("/cancelTenant") - //@RequiresPermissions("system:tenant:cancelTenant") + //@SaCheckPermission("system:tenant:cancelTenant") public Result cancelTenant(@RequestBody SysTenant sysTenant,HttpServletRequest request) { - LoginUser sysUser = (LoginUser) SecurityUtils.getSubject().getPrincipal(); + LoginUser sysUser = LoginUserUtils.getLoginUser(); SysTenant tenant = sysTenantService.getById(sysTenant.getId()); if (null == tenant) { return Result.error("未找到当前租户信息"); @@ -641,7 +641,7 @@ public class SysTenantController { */ @PutMapping("/cancelApplyTenant") public Result cancelApplyTenant(@RequestParam("tenantId") String tenantId){ - LoginUser sysUser = (LoginUser) SecurityUtils.getSubject().getPrincipal(); + LoginUser sysUser = LoginUserUtils.getLoginUser(); sysTenantService.leaveTenant(sysUser.getId(),tenantId); return Result.ok("取消申请成功"); } @@ -654,7 +654,7 @@ public class SysTenantController { * @return */ @DeleteMapping("/deleteLogicDeleted") - @RequiresPermissions("system:tenant:deleteTenantLogic") + @SaCheckPermission("system:tenant:deleteTenantLogic") public Result deleteTenantLogic(@RequestParam("ids") String ids){ sysTenantService.deleteTenantLogic(ids); return Result.ok("彻底删除成功"); @@ -666,7 +666,7 @@ public class SysTenantController { * @return */ @PutMapping("/revertTenantLogic") - @RequiresPermissions("system:tenant:revertTenantLogic") + @SaCheckPermission("system:tenant:revertTenantLogic") public Result revertTenantLogic(@RequestParam("ids") String ids){ sysTenantService.revertTenantLogic(ids); return Result.ok("还原成功"); @@ -680,7 +680,7 @@ public class SysTenantController { */ @DeleteMapping("/exitUserTenant") public Result exitUserTenant(@RequestBody SysTenant sysTenant,HttpServletRequest request){ - LoginUser sysUser = (LoginUser) SecurityUtils.getSubject().getPrincipal(); + LoginUser sysUser = LoginUserUtils.getLoginUser(); //验证用户是否已存在 Integer count = relationService.userTenantIzExist(sysUser.getId(),sysTenant.getId()); if (count == 0) { @@ -905,7 +905,7 @@ public class SysTenantController { public Result> getTenantPageListByUserId(SysUserTenantVo sysUserTenantVo, @RequestParam(name="pageNo", defaultValue="1") Integer pageNo, @RequestParam(name="pageSize", defaultValue="10") Integer pageSize) { - LoginUser sysUser = (LoginUser) SecurityUtils.getSubject().getPrincipal(); + LoginUser sysUser = LoginUserUtils.getLoginUser(); List list = null; String userTenantStatus = sysUserTenantVo.getUserTenantStatus(); if (oConvertUtils.isNotEmpty(userTenantStatus)) { @@ -923,7 +923,7 @@ public class SysTenantController { public Result agreeOrRefuseJoinTenant(@RequestParam("tenantId") Integer tenantId, @RequestParam("status") String status){ //是否开启系统管理模块的多租户数据隔离【SAAS多租户模式】 - LoginUser sysUser = (LoginUser) SecurityUtils.getSubject().getPrincipal(); + LoginUser sysUser = LoginUserUtils.getLoginUser(); String userId = sysUser.getId(); SysTenant tenant = sysTenantService.getById(tenantId); if(null == tenant){ @@ -974,7 +974,7 @@ public class SysTenantController { public Result> getCurrentUserTenantForFile() { Result> result = new Result>(); try { - LoginUser sysUser = (LoginUser) SecurityUtils.getSubject().getPrincipal(); + LoginUser sysUser = LoginUserUtils.getLoginUser(); List tenantList = sysTenantService.getTenantListByUserId(sysUser.getId()); Map map = new HashMap<>(5); //在开启saas租户隔离的时候并且租户数据不为空,则返回租户信息 diff --git a/jeecg-boot/jeecg-module-system/jeecg-system-biz/src/main/java/org/jeecg/modules/system/controller/SysUserController.java b/jeecg-boot/jeecg-module-system/jeecg-system-biz/src/main/java/org/jeecg/modules/system/controller/SysUserController.java index 068a328d7..351561fc3 100644 --- a/jeecg-boot/jeecg-module-system/jeecg-system-biz/src/main/java/org/jeecg/modules/system/controller/SysUserController.java +++ b/jeecg-boot/jeecg-module-system/jeecg-system-biz/src/main/java/org/jeecg/modules/system/controller/SysUserController.java @@ -10,8 +10,8 @@ import com.baomidou.mybatisplus.core.metadata.IPage; import com.baomidou.mybatisplus.extension.plugins.pagination.Page; import lombok.extern.slf4j.Slf4j; import org.apache.commons.lang.StringUtils; -import org.apache.shiro.SecurityUtils; -import org.apache.shiro.authz.annotation.RequiresPermissions; +import cn.dev33.satoken.annotation.SaCheckPermission; +import cn.dev33.satoken.stp.StpUtil; import org.jeecg.common.api.vo.Result; import org.jeecg.common.aspect.annotation.PermissionData; import org.jeecg.common.config.TenantContext; @@ -136,7 +136,7 @@ public class SysUserController { * @param req * @return */ - @RequiresPermissions("system:user:listAll") + @SaCheckPermission("system:user:listAll") @RequestMapping(value = "/listAll", method = RequestMethod.GET) public Result> queryAllPageList(SysUser user, @RequestParam(name = "pageNo", defaultValue = "1") Integer pageNo, @RequestParam(name = "pageSize", defaultValue = "10") Integer pageSize, HttpServletRequest req) { @@ -144,7 +144,7 @@ public class SysUserController { return sysUserService.queryPageList(req, queryWrapper, pageSize, pageNo); } - @RequiresPermissions("system:user:add") + @SaCheckPermission("system:user:add") @RequestMapping(value = "/add", method = RequestMethod.POST) public Result add(@RequestBody JSONObject jsonObject) { Result result = new Result(); @@ -174,7 +174,7 @@ public class SysUserController { return result; } - @RequiresPermissions("system:user:edit") + @SaCheckPermission("system:user:edit") @RequestMapping(value = "/edit", method = {RequestMethod.PUT,RequestMethod.POST}) public Result edit(@RequestBody JSONObject jsonObject) { Result result = new Result(); @@ -213,7 +213,7 @@ public class SysUserController { /** * 删除用户 */ - @RequiresPermissions("system:user:delete") + @SaCheckPermission("system:user:delete") @RequestMapping(value = "/delete", method = RequestMethod.DELETE) public Result delete(@RequestParam(name="id",required=true) String id) { baseCommonService.addLog("删除用户,id: " +id ,CommonConstant.LOG_TYPE_2, 3); @@ -229,7 +229,7 @@ public class SysUserController { /** * 批量删除用户 */ - @RequiresPermissions("system:user:deleteBatch") + @SaCheckPermission("system:user:deleteBatch") @RequestMapping(value = "/deleteBatch", method = RequestMethod.DELETE) public Result deleteBatch(@RequestParam(name="ids",required=true) String ids) { baseCommonService.addLog("批量删除用户, ids: " +ids ,CommonConstant.LOG_TYPE_2, 3); @@ -248,7 +248,7 @@ public class SysUserController { * @param jsonObject * @return */ - @RequiresPermissions("system:user:frozenBatch") + @SaCheckPermission("system:user:frozenBatch") @RequestMapping(value = "/frozenBatch", method = RequestMethod.PUT) public Result frozenBatch(@RequestBody JSONObject jsonObject) { Result result = new Result(); @@ -273,7 +273,7 @@ public class SysUserController { } - @RequiresPermissions("system:user:queryById") + @SaCheckPermission("system:user:queryById") @RequestMapping(value = "/queryById", method = RequestMethod.GET) public Result queryById(@RequestParam(name = "id", required = true) String id) { Result result = new Result(); @@ -287,7 +287,7 @@ public class SysUserController { return result; } - @RequiresPermissions("system:user:queryUserRole") + @SaCheckPermission("system:user:queryUserRole") @RequestMapping(value = "/queryUserRole", method = RequestMethod.GET) public Result> queryUserRole(@RequestParam(name = "userid", required = true) String userid) { Result> result = new Result<>(); @@ -340,7 +340,7 @@ public class SysUserController { /** * 修改密码 */ - @RequiresPermissions("system:user:changepwd") + @SaCheckPermission("system:user:changepwd") @RequestMapping(value = "/changePassword", method = RequestMethod.PUT) public Result changePassword(@RequestBody SysUser sysUser) { SysUser u = this.sysUserService.getOne(new LambdaQueryWrapper().eq(SysUser::getUsername, sysUser.getUsername())); @@ -349,7 +349,7 @@ public class SysUserController { } sysUser.setId(u.getId()); //update-begin---author:wangshuai ---date:20220316 for:[VUEN-234]修改密码添加敏感日志------------ - LoginUser loginUser = (LoginUser) SecurityUtils.getSubject().getPrincipal(); + LoginUser loginUser = LoginUserUtils.getLoginUser(); baseCommonService.addLog("修改用户 "+sysUser.getUsername()+" 的密码,操作人: " +loginUser.getUsername() ,CommonConstant.LOG_TYPE_2, 2); //update-end---author:wangshuai ---date:20220316 for:[VUEN-234]修改密码添加敏感日志------------ return sysUserService.changePassword(sysUser); @@ -464,7 +464,7 @@ public class SysUserController { * @param request * @param sysUser */ - @RequiresPermissions("system:user:export") + @SaCheckPermission("system:user:export") @RequestMapping(value = "/exportXls") public ModelAndView exportXls(SysUser sysUser,HttpServletRequest request) { // Step.1 组装查询条件 @@ -483,7 +483,7 @@ public class SysUserController { //导出文件名称 mv.addObject(NormalExcelConstants.FILE_NAME, "用户列表"); mv.addObject(NormalExcelConstants.CLASS, SysUserExportVo.class); - LoginUser user = (LoginUser) SecurityUtils.getSubject().getPrincipal(); + LoginUser user = LoginUserUtils.getLoginUser(); ExportParams exportParams = new ExportParams("导入规则:\n" + "1. 用户名为必填项,仅支持新增数据导入;\n" + "2. 多个部门、角色或负责部门请用英文分号 ; 分隔,如:财务部;研发部;\n" + @@ -507,7 +507,7 @@ public class SysUserController { * @param response * @return */ - @RequiresPermissions("system:user:import") + @SaCheckPermission("system:user:import") @RequestMapping(value = "/importExcel", method = RequestMethod.POST) public Result importExcel(HttpServletRequest request, HttpServletResponse response)throws IOException { //return ImportOldUserUtil.importOldSysUser(request); @@ -562,14 +562,14 @@ public class SysUserController { /** * 首页用户重置密码 */ - @RequiresPermissions("system:user:updatepwd") + @SaCheckPermission("system:user:updatepwd") @RequestMapping(value = "/updatePassword", method = RequestMethod.PUT) public Result updatePassword(@RequestBody JSONObject json) { String username = json.getString("username"); String oldpassword = json.getString("oldpassword"); String password = json.getString("password"); String confirmpassword = json.getString("confirmpassword"); - LoginUser sysUser = (LoginUser)SecurityUtils.getSubject().getPrincipal(); + LoginUser sysUser = LoginUserUtils.getLoginUser(); if(!sysUser.getUsername().equals(username)){ return Result.error("只允许修改自己的密码!"); } @@ -578,7 +578,7 @@ public class SysUserController { return Result.error("用户不存在!"); } //update-begin---author:wangshuai ---date:20220316 for:[VUEN-234]修改密码添加敏感日志------------ - LoginUser loginUser = (LoginUser) SecurityUtils.getSubject().getPrincipal(); + LoginUser loginUser = LoginUserUtils.getLoginUser(); baseCommonService.addLog("修改密码,username: " +loginUser.getUsername() ,CommonConstant.LOG_TYPE_2, 2); //update-end---author:wangshuai ---date:20220316 for:[VUEN-234]修改密码添加敏感日志------------ return sysUserService.resetPassword(username,oldpassword,password,confirmpassword); @@ -604,7 +604,7 @@ public class SysUserController { * @param * @return */ - @RequiresPermissions("system:user:addUserRole") + @SaCheckPermission("system:user:addUserRole") @RequestMapping(value = "/addSysUserRole", method = RequestMethod.POST) public Result addSysUserRole(@RequestBody SysUserRoleVO sysUserRoleVO) { Result result = new Result(); @@ -636,7 +636,7 @@ public class SysUserController { * @param * @return */ - @RequiresPermissions("system:user:deleteRole") + @SaCheckPermission("system:user:deleteRole") @RequestMapping(value = "/deleteUserRole", method = RequestMethod.DELETE) public Result deleteUserRole(@RequestParam(name="roleId") String roleId, @RequestParam(name="userId",required=true) String userId @@ -660,7 +660,7 @@ public class SysUserController { * @param * @return */ - @RequiresPermissions("system:user:deleteRoleBatch") + @SaCheckPermission("system:user:deleteRoleBatch") @RequestMapping(value = "/deleteUserRoleBatch", method = RequestMethod.DELETE) public Result deleteUserRoleBatch( @RequestParam(name="roleId") String roleId, @@ -692,7 +692,7 @@ public class SysUserController { List subDepids = new ArrayList<>(); //部门id为空时,查询我的部门下所有用户 if(oConvertUtils.isEmpty(depId)){ - LoginUser user = (LoginUser) SecurityUtils.getSubject().getPrincipal(); + LoginUser user = LoginUserUtils.getLoginUser(); int userIdentity = user.getUserIdentity() != null?user.getUserIdentity():CommonConstant.USER_IDENTITY_1; //update-begin---author:chenrui ---date:20250107 for:[QQYUN-10775]验证码可以复用 #7674------------ if(oConvertUtils.isNotEmpty(userIdentity) && userIdentity == CommonConstant.USER_IDENTITY_2 @@ -764,7 +764,7 @@ public class SysUserController { /** * 给指定部门添加对应的用户 */ - @RequiresPermissions("system:user:editDepartWithUser") + @SaCheckPermission("system:user:editDepartWithUser") @RequestMapping(value = "/editSysDepartWithUser", method = RequestMethod.POST) public Result editSysDepartWithUser(@RequestBody SysDepartUsersVO sysDepartUsersVO) { Result result = new Result(); @@ -793,7 +793,7 @@ public class SysUserController { /** * 删除指定机构的用户关系 */ - @RequiresPermissions("system:user:deleteUserInDepart") + @SaCheckPermission("system:user:deleteUserInDepart") @RequestMapping(value = "/deleteUserInDepart", method = RequestMethod.DELETE) public Result deleteUserInDepart(@RequestParam(name="depId") String depId, @RequestParam(name="userId",required=true) String userId @@ -825,7 +825,7 @@ public class SysUserController { /** * 批量删除指定机构的用户关系 */ - @RequiresPermissions("system:user:deleteUserInDepartBatch") + @SaCheckPermission("system:user:deleteUserInDepartBatch") @RequestMapping(value = "/deleteUserInDepartBatch", method = RequestMethod.DELETE) public Result deleteUserInDepartBatch( @RequestParam(name="depId") String depId, @@ -857,7 +857,7 @@ public class SysUserController { public Result> getCurrentUserDeparts() { Result> result = new Result>(); try { - LoginUser sysUser = (LoginUser)SecurityUtils.getSubject().getPrincipal(); + LoginUser sysUser = LoginUserUtils.getLoginUser(); List list = this.sysDepartService.queryUserDeparts(sysUser.getId()); Map map = new HashMap(5); map.put("list", list); @@ -1242,7 +1242,7 @@ public class SysUserController { * @param userIds 被删除的用户ID,多个id用半角逗号分割 * @return */ - @RequiresPermissions("system:user:deleteRecycleBin") + @SaCheckPermission("system:user:deleteRecycleBin") @RequestMapping(value = "/deleteRecycleBin", method = RequestMethod.DELETE) public Result deleteRecycleBin(@RequestParam("userIds") String userIds) { if (StringUtils.isNotBlank(userIds)) { @@ -1257,7 +1257,7 @@ public class SysUserController { * @param jsonObject * @return */ - @RequiresPermissions("system:user:app:edit") + @SaCheckPermission("system:user:app:edit") @RequestMapping(value = "/appEdit", method = {RequestMethod.PUT,RequestMethod.POST}) public Result appEdit(HttpServletRequest request,@RequestBody JSONObject jsonObject) { Result result = new Result(); @@ -1609,7 +1609,7 @@ public class SysUserController { * @return */ @PostMapping("/login/setting/userEdit") - @RequiresPermissions("system:user:setting:edit") + @SaCheckPermission("system:user:setting:edit") public Result userEdit(@RequestBody SysUser sysUser, HttpServletRequest request) { String username = JwtUtil.getUserNameByToken(request); SysUser user = sysUserService.getById(sysUser.getId()); @@ -1721,7 +1721,7 @@ public class SysUserController { public Result changeLoginTenantId(@RequestBody SysUser sysUser){ Result result = new Result<>(); Integer tenantId = sysUser.getLoginTenantId(); - LoginUser loginUser = (LoginUser) SecurityUtils.getSubject().getPrincipal(); + LoginUser loginUser = LoginUserUtils.getLoginUser(); String userId = loginUser.getId(); // 判断 指定的租户ID是不是当前登录用户的租户 diff --git a/jeecg-boot/jeecg-module-system/jeecg-system-biz/src/main/java/org/jeecg/modules/system/controller/ThirdAppController.java b/jeecg-boot/jeecg-module-system/jeecg-system-biz/src/main/java/org/jeecg/modules/system/controller/ThirdAppController.java index 5cea03ad2..94873eba2 100644 --- a/jeecg-boot/jeecg-module-system/jeecg-system-biz/src/main/java/org/jeecg/modules/system/controller/ThirdAppController.java +++ b/jeecg-boot/jeecg-module-system/jeecg-system-biz/src/main/java/org/jeecg/modules/system/controller/ThirdAppController.java @@ -5,8 +5,8 @@ import com.alibaba.fastjson.JSONObject; import com.baomidou.mybatisplus.core.conditions.query.LambdaQueryWrapper; import com.jeecg.dingtalk.api.core.response.Response; import lombok.extern.slf4j.Slf4j; -import org.apache.shiro.SecurityUtils; -import org.apache.shiro.authz.annotation.RequiresPermissions; +import org.jeecg.common.util.LoginUserUtils; +import cn.dev33.satoken.annotation.SaCheckPermission; import org.jeecg.common.api.dto.message.MessageDTO; import org.jeecg.common.api.vo.Result; import org.jeecg.common.config.TenantContext; @@ -429,7 +429,7 @@ public class ThirdAppController { * @return */ @DeleteMapping(value = "/deleteThirdAppConfig") - @RequiresPermissions("system:third:config:delete") + @SaCheckPermission("system:third:config:delete") public Result deleteThirdAppConfig(@RequestParam(name="id",required=true) String id) { Result result = new Result<>(); SysThirdAppConfig config = appConfigService.getById(id); @@ -509,7 +509,7 @@ public class ThirdAppController { */ @GetMapping("/getThirdAccountByUserId") public Result> getThirdAccountByUserId(@RequestParam(name="thirdType") String thirdType){ - LoginUser sysUser = (LoginUser) SecurityUtils.getSubject().getPrincipal(); + LoginUser sysUser = LoginUserUtils.getLoginUser(); LambdaQueryWrapper query = new LambdaQueryWrapper<>(); //根据id查询 query.eq(SysThirdAccount::getSysUserId,sysUser.getId()); @@ -540,7 +540,7 @@ public class ThirdAppController { */ @DeleteMapping("/deleteThirdAccount") public Result deleteThirdAccountById(@RequestBody SysThirdAccount sysThirdAccount){ - LoginUser sysUser = (LoginUser) SecurityUtils.getSubject().getPrincipal(); + LoginUser sysUser = LoginUserUtils.getLoginUser(); if(!sysUser.getId().equals(sysThirdAccount.getSysUserId())){ return Result.error("无权修改他人信息"); } diff --git a/jeecg-boot/jeecg-module-system/jeecg-system-biz/src/main/java/org/jeecg/modules/system/entity/SysDataLog.java b/jeecg-boot/jeecg-module-system/jeecg-system-biz/src/main/java/org/jeecg/modules/system/entity/SysDataLog.java index 6774c23b5..65b14c2c1 100644 --- a/jeecg-boot/jeecg-module-system/jeecg-system-biz/src/main/java/org/jeecg/modules/system/entity/SysDataLog.java +++ b/jeecg-boot/jeecg-module-system/jeecg-system-biz/src/main/java/org/jeecg/modules/system/entity/SysDataLog.java @@ -7,7 +7,7 @@ import lombok.Data; import lombok.EqualsAndHashCode; import lombok.experimental.Accessors; import lombok.extern.slf4j.Slf4j; -import org.apache.shiro.SecurityUtils; +import org.jeecg.common.util.LoginUserUtils; import org.jeecg.common.config.mqtoken.UserTokenContext; import org.jeecg.common.system.util.JwtUtil; import org.jeecg.common.system.vo.LoginUser; @@ -96,7 +96,7 @@ public class SysDataLog implements Serializable { */ public void autoSetCreateName() { try { - LoginUser sysUser = (LoginUser) SecurityUtils.getSubject().getPrincipal(); + LoginUser sysUser = LoginUserUtils.getLoginUser(); this.setCreateName(sysUser.getRealname()); } catch (Exception e) { // QQYUN-13669 进一步优化:解决某些异步场景下获取用户信息为空的问题 diff --git a/jeecg-boot/jeecg-module-system/jeecg-system-biz/src/main/java/org/jeecg/modules/system/service/impl/SysAnnouncementServiceImpl.java b/jeecg-boot/jeecg-module-system/jeecg-system-biz/src/main/java/org/jeecg/modules/system/service/impl/SysAnnouncementServiceImpl.java index 57489e003..afe6b221d 100644 --- a/jeecg-boot/jeecg-module-system/jeecg-system-biz/src/main/java/org/jeecg/modules/system/service/impl/SysAnnouncementServiceImpl.java +++ b/jeecg-boot/jeecg-module-system/jeecg-system-biz/src/main/java/org/jeecg/modules/system/service/impl/SysAnnouncementServiceImpl.java @@ -10,7 +10,7 @@ import lombok.extern.slf4j.Slf4j; import org.apache.commons.compress.archivers.zip.Zip64Mode; import org.apache.commons.compress.archivers.zip.ZipArchiveOutputStream; import org.apache.commons.lang3.StringUtils; -import org.apache.shiro.SecurityUtils; +import org.jeecg.common.util.LoginUserUtils; import org.jeecg.common.constant.CommonConstant; import org.jeecg.common.system.vo.LoginUser; import org.jeecg.common.util.FileDownloadUtils; @@ -165,7 +165,7 @@ public class SysAnnouncementServiceImpl extends ServiceImpl announcementIds = this.getNotSendedAnnouncementlist(userId); List sysAnnouncementSendList = new ArrayList<>(); @@ -215,7 +215,7 @@ public class SysAnnouncementServiceImpl extends ServiceImpl page = new Page(pageNo,pageSize); List list = baseMapper.queryAllMessageList(page, sysUser.getId(), fromUser, starFlag, busType, msgCategory,beginDate, endDate, noticeType); @@ -224,13 +224,13 @@ public class SysAnnouncementServiceImpl extends ServiceImpl annoceIdList) { - LoginUser sysUser = (LoginUser) SecurityUtils.getSubject().getPrincipal(); + LoginUser sysUser = LoginUserUtils.getLoginUser(); sysAnnouncementSendMapper.updateReaded(sysUser.getId(), annoceIdList); } @Override public void clearAllUnReadMessage() { - LoginUser sysUser = (LoginUser) SecurityUtils.getSubject().getPrincipal(); + LoginUser sysUser = LoginUserUtils.getLoginUser(); sysAnnouncementSendMapper.clearAllUnReadMessage(sysUser.getId()); } diff --git a/jeecg-boot/jeecg-module-system/jeecg-system-biz/src/main/java/org/jeecg/modules/system/service/impl/SysBaseApiImpl.java b/jeecg-boot/jeecg-module-system/jeecg-system-biz/src/main/java/org/jeecg/modules/system/service/impl/SysBaseApiImpl.java index 14ee05166..6a3e4e41c 100644 --- a/jeecg-boot/jeecg-module-system/jeecg-system-biz/src/main/java/org/jeecg/modules/system/service/impl/SysBaseApiImpl.java +++ b/jeecg-boot/jeecg-module-system/jeecg-system-biz/src/main/java/org/jeecg/modules/system/service/impl/SysBaseApiImpl.java @@ -20,7 +20,7 @@ import freemarker.template.TemplateException; import lombok.extern.slf4j.Slf4j; import org.apache.commons.lang.StringUtils; import org.apache.commons.lang3.ObjectUtils; -import org.apache.shiro.SecurityUtils; +import org.jeecg.common.util.LoginUserUtils; import org.jeecg.common.api.dto.AiragFlowDTO; import org.jeecg.common.api.dto.DataLogDTO; import org.jeecg.common.api.dto.OnlineAuthDTO; @@ -658,7 +658,7 @@ public class SysBaseApiImpl implements ISysBaseAPI { public void updateSysAnnounReadFlag(String busType, String busId) { SysAnnouncement announcement = sysAnnouncementMapper.selectOne(new QueryWrapper().eq("bus_type",busType).eq("bus_id",busId)); if(announcement != null){ - LoginUser sysUser = (LoginUser)SecurityUtils.getSubject().getPrincipal(); + LoginUser sysUser = LoginUserUtils.getLoginUser(); String userId = sysUser.getId(); LambdaUpdateWrapper updateWrapper = new UpdateWrapper().lambda(); updateWrapper.set(SysAnnouncementSend::getReadFlag, CommonConstant.HAS_READ_FLAG); diff --git a/jeecg-boot/jeecg-module-system/jeecg-system-biz/src/main/java/org/jeecg/modules/system/service/impl/SysDepartServiceImpl.java b/jeecg-boot/jeecg-module-system/jeecg-system-biz/src/main/java/org/jeecg/modules/system/service/impl/SysDepartServiceImpl.java index 7802c6b06..8a76d91be 100644 --- a/jeecg-boot/jeecg-module-system/jeecg-system-biz/src/main/java/org/jeecg/modules/system/service/impl/SysDepartServiceImpl.java +++ b/jeecg-boot/jeecg-module-system/jeecg-system-biz/src/main/java/org/jeecg/modules/system/service/impl/SysDepartServiceImpl.java @@ -12,7 +12,7 @@ import com.baomidou.mybatisplus.extension.plugins.pagination.Page; import com.baomidou.mybatisplus.extension.service.impl.ServiceImpl; import io.netty.util.internal.StringUtil; import org.apache.commons.lang.StringUtils; -import org.apache.shiro.SecurityUtils; +import org.jeecg.common.util.LoginUserUtils; import org.jeecg.common.config.TenantContext; import org.jeecg.common.constant.CommonConstant; import org.jeecg.common.constant.FillRuleConstant; @@ -1016,7 +1016,7 @@ public class SysDepartServiceImpl extends ServiceImpl getMyDepartList() { - LoginUser user = (LoginUser) SecurityUtils.getSubject().getPrincipal(); + LoginUser user = LoginUserUtils.getLoginUser(); String userId = user.getId(); //字典code集合 List list = new ArrayList<>(); diff --git a/jeecg-boot/jeecg-module-system/jeecg-system-biz/src/main/java/org/jeecg/modules/system/service/impl/SysTenantPackServiceImpl.java b/jeecg-boot/jeecg-module-system/jeecg-system-biz/src/main/java/org/jeecg/modules/system/service/impl/SysTenantPackServiceImpl.java index b3c09c4e4..c23b511cb 100644 --- a/jeecg-boot/jeecg-module-system/jeecg-system-biz/src/main/java/org/jeecg/modules/system/service/impl/SysTenantPackServiceImpl.java +++ b/jeecg-boot/jeecg-module-system/jeecg-system-biz/src/main/java/org/jeecg/modules/system/service/impl/SysTenantPackServiceImpl.java @@ -2,7 +2,7 @@ package org.jeecg.modules.system.service.impl; import cn.hutool.core.collection.CollectionUtil; import cn.hutool.core.util.RandomUtil; import com.baomidou.mybatisplus.core.conditions.query.LambdaQueryWrapper; -import org.apache.shiro.SecurityUtils; +import org.jeecg.common.util.LoginUserUtils; import org.jeecg.common.constant.CommonConstant; import org.jeecg.common.constant.SymbolConstant; import org.jeecg.common.constant.TenantConstant; @@ -226,7 +226,7 @@ public class SysTenantPackServiceImpl extends ServiceImpl invitationUser(String phone, String departId) { Result result = new Result<>(); - LoginUser sysUser = (LoginUser) SecurityUtils.getSubject().getPrincipal(); + LoginUser sysUser = LoginUserUtils.getLoginUser(); //1、查询用户信息,判断用户是否存在 SysUser userByPhone = userService.getUserByPhone(phone); @@ -492,7 +492,7 @@ public class SysTenantServiceImpl extends ServiceImpl pageList = null; // 部门ID不存在 直接查询用户表即可 Page page = new Page<>(pageNo, pageSize); - LoginUser sysUser = (LoginUser) SecurityUtils.getSubject().getPrincipal(); + LoginUser sysUser = LoginUserUtils.getLoginUser(); if(oConvertUtils.isEmpty(departId)){ LambdaQueryWrapper query = new LambdaQueryWrapper<>(); query.eq(SysUser::getStatus,Integer.parseInt(CommonConstant.STATUS_1)); @@ -286,7 +286,7 @@ public class SysUserDepartServiceImpl extends ServiceImpl pageList = null; // 部门ID不存在 直接查询用户表即可 Page page = new Page<>(pageNo, pageSize); - LoginUser sysUser = (LoginUser) SecurityUtils.getSubject().getPrincipal(); + LoginUser sysUser = LoginUserUtils.getLoginUser(); List userIdList = new ArrayList<>(); if(oConvertUtils.isNotEmpty(excludeUserIdList)){ diff --git a/jeecg-boot/jeecg-module-system/jeecg-system-biz/src/main/java/org/jeecg/modules/system/service/impl/SysUserServiceImpl.java b/jeecg-boot/jeecg-module-system/jeecg-system-biz/src/main/java/org/jeecg/modules/system/service/impl/SysUserServiceImpl.java index b3b049e44..c62fed013 100644 --- a/jeecg-boot/jeecg-module-system/jeecg-system-biz/src/main/java/org/jeecg/modules/system/service/impl/SysUserServiceImpl.java +++ b/jeecg-boot/jeecg-module-system/jeecg-system-biz/src/main/java/org/jeecg/modules/system/service/impl/SysUserServiceImpl.java @@ -16,7 +16,7 @@ import com.baomidou.mybatisplus.extension.service.impl.ServiceImpl; import lombok.extern.slf4j.Slf4j; import org.apache.commons.lang.StringUtils; import org.apache.commons.lang3.ObjectUtils; -import org.apache.shiro.SecurityUtils; +import org.jeecg.common.util.LoginUserUtils; import org.jeecg.common.api.dto.message.MessageDTO; import org.jeecg.common.api.vo.Result; import org.jeecg.common.config.TenantContext; @@ -173,7 +173,7 @@ public class SysUserServiceImpl extends ServiceImpl impl // Object bean = ResourceUtil.getImplementationClass(DataEnhanceEnum.getClassPath(tenantId,lowAppId)); // if(null != bean){ // UserFilterEnhance userEnhanceService = (UserFilterEnhance) bean; -// LoginUser sysUser = (LoginUser) SecurityUtils.getSubject().getPrincipal(); +// LoginUser sysUser = LoginUserUtils.getLoginUser(); // List userIds = userEnhanceService.getUserIds(sysUser.getId()); // if(CollectionUtil.isNotEmpty(userIds)){ // queryWrapper.in("id", userIds); @@ -1662,7 +1662,7 @@ public class SysUserServiceImpl extends ServiceImpl impl //导出文件名称 mv.addObject(NormalExcelConstants.FILE_NAME, "用户列表"); mv.addObject(NormalExcelConstants.CLASS, AppExportUserVo.class); - LoginUser user = (LoginUser) SecurityUtils.getSubject().getPrincipal(); + LoginUser user = LoginUserUtils.getLoginUser(); ExportParams exportParams = new ExportParams("导入规则:\n" + "1、存在用户编号时,数据会根据用户编号进行匹配,匹配成功后只会更新职位和工号;\n" + "2、不存在用户编号时,支持手机号、邮箱、姓名、部们、职位、工号导入,其中手机号必填;\n" + @@ -2046,7 +2046,7 @@ public class SysUserServiceImpl extends ServiceImpl impl userTenantMapper.insert(userTenant); //update-begin---author:wangshuai ---date:20230710 for:【QQYUN-5731】导入用户时,没有提醒------------ //发送系统消息通知 - LoginUser sysUser = (LoginUser) SecurityUtils.getSubject().getPrincipal(); + LoginUser sysUser = LoginUserUtils.getLoginUser(); MessageDTO messageDTO = new MessageDTO(); String title = sysUser.getRealname() + " 邀请您加入 " + tenantName + "。"; messageDTO.setTitle(title); @@ -2652,7 +2652,7 @@ public class SysUserServiceImpl extends ServiceImpl impl @Override public void updatePasswordNotBindPhone(String oldPassword, String password, String username) { - LoginUser sysUser = (LoginUser)SecurityUtils.getSubject().getPrincipal(); + LoginUser sysUser = LoginUserUtils.getLoginUser(); //step1 只能修改自己的密码 if(!sysUser.getUsername().equals(username)){ throw new JeecgBootBizTipException("只允许修改自己的密码!"); diff --git a/jeecg-boot/jeecg-module-system/jeecg-system-biz/src/main/java/org/jeecg/modules/system/service/impl/SysUserTenantServiceImpl.java b/jeecg-boot/jeecg-module-system/jeecg-system-biz/src/main/java/org/jeecg/modules/system/service/impl/SysUserTenantServiceImpl.java index 0177ef6eb..12e225e54 100644 --- a/jeecg-boot/jeecg-module-system/jeecg-system-biz/src/main/java/org/jeecg/modules/system/service/impl/SysUserTenantServiceImpl.java +++ b/jeecg-boot/jeecg-module-system/jeecg-system-biz/src/main/java/org/jeecg/modules/system/service/impl/SysUserTenantServiceImpl.java @@ -4,7 +4,7 @@ import com.baomidou.mybatisplus.core.conditions.query.LambdaQueryWrapper; import com.baomidou.mybatisplus.core.metadata.IPage; import com.baomidou.mybatisplus.extension.plugins.pagination.Page; import org.apache.commons.lang.StringUtils; -import org.apache.shiro.SecurityUtils; +import org.jeecg.common.util.LoginUserUtils; import org.jeecg.common.constant.CacheConstant; import org.jeecg.common.constant.CommonConstant; import org.jeecg.common.constant.SymbolConstant; diff --git a/jeecg-boot/jeecg-module-system/jeecg-system-biz/src/main/resources/jeecg/code-template-online/default/one/java/${bussiPackage}/${entityPackage}/controller/${entityName}Controller.javai b/jeecg-boot/jeecg-module-system/jeecg-system-biz/src/main/resources/jeecg/code-template-online/default/one/java/${bussiPackage}/${entityPackage}/controller/${entityName}Controller.javai index 129f4ec3e..c02589ec7 100644 --- a/jeecg-boot/jeecg-module-system/jeecg-system-biz/src/main/resources/jeecg/code-template-online/default/one/java/${bussiPackage}/${entityPackage}/controller/${entityName}Controller.javai +++ b/jeecg-boot/jeecg-module-system/jeecg-system-biz/src/main/resources/jeecg/code-template-online/default/one/java/${bussiPackage}/${entityPackage}/controller/${entityName}Controller.javai @@ -37,7 +37,7 @@ import com.alibaba.fastjson.JSON; import io.swagger.v3.oas.annotations.tags.Tag; import io.swagger.v3.oas.annotations.Operation; import org.jeecg.common.aspect.annotation.AutoLog; -import org.apache.shiro.authz.annotation.RequiresPermissions; +import cn.dev33.satoken.annotation.SaCheckPermission; <#assign bpm_flag=false> <#assign has_multi_query_field=false> <#list originalColumns as po> @@ -126,7 +126,7 @@ public class ${entityName}Controller extends JeecgController<${entityName}, I${e */ @AutoLog(value = "${tableVo.ftlDescription}-添加") @Operation(summary="${tableVo.ftlDescription}-添加") - @RequiresPermissions("${entityPackage}:${tableName}:add") + @SaCheckPermission("${entityPackage}:${tableName}:add") @PostMapping(value = "/add") public Result add(@RequestBody ${entityName} ${entityName?uncap_first}) { <#if enhanceJavaList?size gt 0> @@ -161,7 +161,7 @@ public class ${entityName}Controller extends JeecgController<${entityName}, I${e */ @AutoLog(value = "${tableVo.ftlDescription}-编辑") @Operation(summary="${tableVo.ftlDescription}-编辑") - @RequiresPermissions("${entityPackage}:${tableName}:edit") + @SaCheckPermission("${entityPackage}:${tableName}:edit") @RequestMapping(value = "/edit", method = {RequestMethod.PUT,RequestMethod.POST}) public Result edit(@RequestBody ${entityName} ${entityName?uncap_first}) { <#if enhanceJavaList?size gt 0> @@ -192,7 +192,7 @@ public class ${entityName}Controller extends JeecgController<${entityName}, I${e */ @AutoLog(value = "${tableVo.ftlDescription}-通过id删除") @Operation(summary="${tableVo.ftlDescription}-通过id删除") - @RequiresPermissions("${entityPackage}:${tableName}:delete") + @SaCheckPermission("${entityPackage}:${tableName}:delete") @DeleteMapping(value = "/delete") public Result delete(@RequestParam(name="id",required=true) String id) { ${entityName?uncap_first}Service.removeById(id); @@ -207,7 +207,7 @@ public class ${entityName}Controller extends JeecgController<${entityName}, I${e */ @AutoLog(value = "${tableVo.ftlDescription}-批量删除") @Operation(summary="${tableVo.ftlDescription}-批量删除") - @RequiresPermissions("${entityPackage}:${tableName}:deleteBatch") + @SaCheckPermission("${entityPackage}:${tableName}:deleteBatch") @DeleteMapping(value = "/deleteBatch") public Result deleteBatch(@RequestParam(name="ids",required=true) String ids) { this.${entityName?uncap_first}Service.removeByIds(Arrays.asList(ids.split(","))); @@ -237,7 +237,7 @@ public class ${entityName}Controller extends JeecgController<${entityName}, I${e * @param request * @param ${entityName?uncap_first} */ - @RequiresPermissions("${entityPackage}:${tableName}:exportXls") + @SaCheckPermission("${entityPackage}:${tableName}:exportXls") @RequestMapping(value = "/exportXls") public ModelAndView exportXls(HttpServletRequest request, ${entityName} ${entityName?uncap_first}) { <#if enhanceJavaList?size gt 0> @@ -258,7 +258,7 @@ public class ${entityName}Controller extends JeecgController<${entityName}, I${e * @param response * @return */ - @RequiresPermissions("${entityPackage}:${tableName}:importExcel") + @SaCheckPermission("${entityPackage}:${tableName}:importExcel") @RequestMapping(value = "/importExcel", method = RequestMethod.POST) public Result importExcel(HttpServletRequest request, HttpServletResponse response) { <#if enhanceJavaList?size gt 0> diff --git a/jeecg-boot/jeecg-module-system/jeecg-system-biz/src/main/resources/jeecg/code-template-online/default/onetomany/java/${bussiPackage}/${entityPackage}/controller/${entityName}Controller.javai b/jeecg-boot/jeecg-module-system/jeecg-system-biz/src/main/resources/jeecg/code-template-online/default/onetomany/java/${bussiPackage}/${entityPackage}/controller/${entityName}Controller.javai index 34384b95c..15dfec7db 100644 --- a/jeecg-boot/jeecg-module-system/jeecg-system-biz/src/main/resources/jeecg/code-template-online/default/onetomany/java/${bussiPackage}/${entityPackage}/controller/${entityName}Controller.javai +++ b/jeecg-boot/jeecg-module-system/jeecg-system-biz/src/main/resources/jeecg/code-template-online/default/onetomany/java/${bussiPackage}/${entityPackage}/controller/${entityName}Controller.javai @@ -18,7 +18,7 @@ import org.jeecgframework.poi.excel.entity.ExportParams; import org.jeecgframework.poi.excel.entity.ImportParams; import org.jeecgframework.poi.excel.view.JeecgEntityExcelView; import org.jeecg.common.system.vo.LoginUser; -import org.apache.shiro.SecurityUtils; +import org.jeecg.common.util.LoginUserUtils; import org.jeecg.common.api.vo.Result; import org.jeecg.common.system.query.QueryGenerator; import org.jeecg.common.util.oConvertUtils; @@ -45,7 +45,7 @@ import com.alibaba.fastjson.JSON; import io.swagger.v3.oas.annotations.tags.Tag; import io.swagger.v3.oas.annotations.Operation; import org.jeecg.common.aspect.annotation.AutoLog; -import org.apache.shiro.authz.annotation.RequiresPermissions; +import cn.dev33.satoken.annotation.SaCheckPermission; <#assign bpm_flag=false> <#list originalColumns as po> <#if po.fieldDbName=='bpm_status'> @@ -101,7 +101,7 @@ public class ${entityName}Controller { */ @AutoLog(value = "${tableVo.ftlDescription}-添加") @Operation(summary="${tableVo.ftlDescription}-添加") - @RequiresPermissions("${entityPackage}:${tableName}:add") + @SaCheckPermission("${entityPackage}:${tableName}:add") @PostMapping(value = "/add") public Result add(@RequestBody ${entityName}Page ${entityName?uncap_first}Page) { ${entityName} ${entityName?uncap_first} = new ${entityName}(); @@ -121,7 +121,7 @@ public class ${entityName}Controller { */ @AutoLog(value = "${tableVo.ftlDescription}-编辑") @Operation(summary="${tableVo.ftlDescription}-编辑") - @RequiresPermissions("${entityPackage}:${tableName}:edit") + @SaCheckPermission("${entityPackage}:${tableName}:edit") @RequestMapping(value = "/edit", method = {RequestMethod.PUT,RequestMethod.POST}) public Result edit(@RequestBody ${entityName}Page ${entityName?uncap_first}Page) { ${entityName} ${entityName?uncap_first} = new ${entityName}(); @@ -142,7 +142,7 @@ public class ${entityName}Controller { */ @AutoLog(value = "${tableVo.ftlDescription}-通过id删除") @Operation(summary="${tableVo.ftlDescription}-通过id删除") - @RequiresPermissions("${entityPackage}:${tableName}:delete") + @SaCheckPermission("${entityPackage}:${tableName}:delete") @DeleteMapping(value = "/delete") public Result delete(@RequestParam(name="id",required=true) String id) { ${entityName?uncap_first}Service.delMain(id); @@ -157,7 +157,7 @@ public class ${entityName}Controller { */ @AutoLog(value = "${tableVo.ftlDescription}-批量删除") @Operation(summary="${tableVo.ftlDescription}-批量删除") - @RequiresPermissions("${entityPackage}:${tableName}:deleteBatch") + @SaCheckPermission("${entityPackage}:${tableName}:deleteBatch") @DeleteMapping(value = "/deleteBatch") public Result deleteBatch(@RequestParam(name="ids",required=true) String ids) { this.${entityName?uncap_first}Service.delBatchMain(Arrays.asList(ids.split(","))); @@ -204,12 +204,12 @@ public class ${entityName}Controller { * @param request * @param ${entityName?uncap_first} */ - @RequiresPermissions("${entityPackage}:${tableName}:exportXls") + @SaCheckPermission("${entityPackage}:${tableName}:exportXls") @RequestMapping(value = "/exportXls") public ModelAndView exportXls(HttpServletRequest request, ${entityName} ${entityName?uncap_first}) { // Step.1 组装查询条件查询数据 QueryWrapper<${entityName}> queryWrapper = QueryGenerator.initQueryWrapper(${entityName?uncap_first}, request.getParameterMap()); - LoginUser sysUser = (LoginUser) SecurityUtils.getSubject().getPrincipal(); + LoginUser sysUser = LoginUserUtils.getLoginUser(); //配置选中数据查询条件 String selections = request.getParameter("selections"); @@ -248,7 +248,7 @@ public class ${entityName}Controller { * @param response * @return */ - @RequiresPermissions("${entityPackage}:${tableName}:importExcel") + @SaCheckPermission("${entityPackage}:${tableName}:importExcel") @RequestMapping(value = "/importExcel", method = RequestMethod.POST) public Result importExcel(HttpServletRequest request, HttpServletResponse response) { MultipartHttpServletRequest multipartRequest = (MultipartHttpServletRequest) request; diff --git a/jeecg-boot/jeecg-module-system/jeecg-system-biz/src/main/resources/jeecg/code-template-online/default/tree/java/${bussiPackage}/${entityPackage}/controller/${entityName}Controller.javai b/jeecg-boot/jeecg-module-system/jeecg-system-biz/src/main/resources/jeecg/code-template-online/default/tree/java/${bussiPackage}/${entityPackage}/controller/${entityName}Controller.javai index 468ef47b0..e06a9679a 100644 --- a/jeecg-boot/jeecg-module-system/jeecg-system-biz/src/main/resources/jeecg/code-template-online/default/tree/java/${bussiPackage}/${entityPackage}/controller/${entityName}Controller.javai +++ b/jeecg-boot/jeecg-module-system/jeecg-system-biz/src/main/resources/jeecg/code-template-online/default/tree/java/${bussiPackage}/${entityPackage}/controller/${entityName}Controller.javai @@ -36,7 +36,7 @@ import com.alibaba.fastjson.JSON; import io.swagger.v3.oas.annotations.tags.Tag; import io.swagger.v3.oas.annotations.Operation; import org.jeecg.common.aspect.annotation.AutoLog; -import org.apache.shiro.authz.annotation.RequiresPermissions; +import cn.dev33.satoken.annotation.SaCheckPermission; /** * @Description: ${tableVo.ftlDescription} @@ -227,7 +227,7 @@ public class ${entityName}Controller extends JeecgController<${entityName}, I${e */ @AutoLog(value = "${tableVo.ftlDescription}-添加") @Operation(summary="${tableVo.ftlDescription}-添加") - @RequiresPermissions("${entityPackage}:${tableName}:add") + @SaCheckPermission("${entityPackage}:${tableName}:add") @PostMapping(value = "/add") public Result add(@RequestBody ${entityName} ${entityName?uncap_first}) { <#if enhanceJavaList?size gt 0> @@ -258,7 +258,7 @@ public class ${entityName}Controller extends JeecgController<${entityName}, I${e */ @AutoLog(value = "${tableVo.ftlDescription}-编辑") @Operation(summary="${tableVo.ftlDescription}-编辑") - @RequiresPermissions("${entityPackage}:${tableName}:edit") + @SaCheckPermission("${entityPackage}:${tableName}:edit") @RequestMapping(value = "/edit", method = {RequestMethod.PUT,RequestMethod.POST}) public Result edit(@RequestBody ${entityName} ${entityName?uncap_first}) { <#if enhanceJavaList?size gt 0> @@ -289,7 +289,7 @@ public class ${entityName}Controller extends JeecgController<${entityName}, I${e */ @AutoLog(value = "${tableVo.ftlDescription}-通过id删除") @Operation(summary="${tableVo.ftlDescription}-通过id删除") - @RequiresPermissions("${entityPackage}:${tableName}:delete") + @SaCheckPermission("${entityPackage}:${tableName}:delete") @DeleteMapping(value = "/delete") public Result delete(@RequestParam(name="id",required=true) String id) { ${entityName?uncap_first}Service.delete${entityName}(id); @@ -304,7 +304,7 @@ public class ${entityName}Controller extends JeecgController<${entityName}, I${e */ @AutoLog(value = "${tableVo.ftlDescription}-批量删除") @Operation(summary="${tableVo.ftlDescription}-批量删除") - @RequiresPermissions("${entityPackage}:${tableName}:deleteBatch") + @SaCheckPermission("${entityPackage}:${tableName}:deleteBatch") @DeleteMapping(value = "/deleteBatch") public Result deleteBatch(@RequestParam(name="ids",required=true) String ids) { this.${entityName?uncap_first}Service.removeByIds(Arrays.asList(ids.split(","))); @@ -334,7 +334,7 @@ public class ${entityName}Controller extends JeecgController<${entityName}, I${e * @param request * @param ${entityName?uncap_first} */ - @RequiresPermissions("${entityPackage}:${tableName}:exportXls") + @SaCheckPermission("${entityPackage}:${tableName}:exportXls") @RequestMapping(value = "/exportXls") public ModelAndView exportXls(HttpServletRequest request, ${entityName} ${entityName?uncap_first}) { <#if enhanceJavaList?size gt 0> @@ -355,7 +355,7 @@ public class ${entityName}Controller extends JeecgController<${entityName}, I${e * @param response * @return */ - @RequiresPermissions("${entityPackage}:${tableName}:importExcel") + @SaCheckPermission("${entityPackage}:${tableName}:importExcel") @RequestMapping(value = "/importExcel", method = RequestMethod.POST) public Result importExcel(HttpServletRequest request, HttpServletResponse response) { <#if enhanceJavaList?size gt 0> diff --git a/jeecg-boot/jeecg-module-system/jeecg-system-biz/src/main/resources/jeecg/code-template-online/erp/onetomany/java/${bussiPackage}/${entityPackage}/controller/${entityName}Controller.javai b/jeecg-boot/jeecg-module-system/jeecg-system-biz/src/main/resources/jeecg/code-template-online/erp/onetomany/java/${bussiPackage}/${entityPackage}/controller/${entityName}Controller.javai index c56cf6eb4..08db777da 100644 --- a/jeecg-boot/jeecg-module-system/jeecg-system-biz/src/main/resources/jeecg/code-template-online/erp/onetomany/java/${bussiPackage}/${entityPackage}/controller/${entityName}Controller.javai +++ b/jeecg-boot/jeecg-module-system/jeecg-system-biz/src/main/resources/jeecg/code-template-online/erp/onetomany/java/${bussiPackage}/${entityPackage}/controller/${entityName}Controller.javai @@ -27,7 +27,7 @@ import ${bussiPackage}.${entityPackage}.service.I${sub.entityName}Service; import io.swagger.v3.oas.annotations.tags.Tag; import io.swagger.v3.oas.annotations.Operation; import org.jeecg.common.aspect.annotation.AutoLog; -import org.apache.shiro.SecurityUtils; +import org.jeecg.common.util.LoginUserUtils; import org.jeecg.common.system.vo.LoginUser; import org.jeecgframework.poi.excel.ExcelImportUtil; import org.jeecgframework.poi.excel.def.NormalExcelConstants; @@ -40,7 +40,7 @@ import java.io.IOException; import java.util.List; import java.util.Map; import java.util.stream.Collectors; -import org.apache.shiro.authz.annotation.RequiresPermissions; +import cn.dev33.satoken.annotation.SaCheckPermission; <#assign has_multi_query_field=false> <#list originalColumns as po> <#if po.isQuery=='Y' && (po.classType=='list' || po.classType=='list_multi' || po.classType=='radio' || po.classType=='checkbox')> @@ -130,7 +130,7 @@ public class ${entityName}Controller extends JeecgController<${entityName}, I${e */ @AutoLog(value = "${tableVo.ftlDescription}-添加") @Operation(summary="${tableVo.ftlDescription}-添加") - @RequiresPermissions("${entityPackage}:${tableName}:add") + @SaCheckPermission("${entityPackage}:${tableName}:add") @PostMapping(value = "/add") public Result add(@RequestBody ${entityName} ${entityName?uncap_first}) { <#if enhanceJavaList?size gt 0> @@ -160,7 +160,7 @@ public class ${entityName}Controller extends JeecgController<${entityName}, I${e */ @AutoLog(value = "${tableVo.ftlDescription}-编辑") @Operation(summary="${tableVo.ftlDescription}-编辑") - @RequiresPermissions("${entityPackage}:${tableName}:edit") + @SaCheckPermission("${entityPackage}:${tableName}:edit") @RequestMapping(value = "/edit", method = {RequestMethod.PUT,RequestMethod.POST}) public Result edit(@RequestBody ${entityName} ${entityName?uncap_first}) { <#if enhanceJavaList?size gt 0> @@ -190,7 +190,7 @@ public class ${entityName}Controller extends JeecgController<${entityName}, I${e */ @AutoLog(value = "${tableVo.ftlDescription}-通过id删除") @Operation(summary="${tableVo.ftlDescription}-通过id删除") - @RequiresPermissions("${entityPackage}:${tableName}:delete") + @SaCheckPermission("${entityPackage}:${tableName}:delete") @DeleteMapping(value = "/delete") public Result delete(@RequestParam(name="id",required=true) String id) { ${entityName?uncap_first}Service.delMain(id); @@ -204,7 +204,7 @@ public class ${entityName}Controller extends JeecgController<${entityName}, I${e */ @AutoLog(value = "${tableVo.ftlDescription}-批量删除") @Operation(summary="${tableVo.ftlDescription}-批量删除") - @RequiresPermissions("${entityPackage}:${tableName}:deleteBatch") + @SaCheckPermission("${entityPackage}:${tableName}:deleteBatch") @DeleteMapping(value = "/deleteBatch") public Result deleteBatch(@RequestParam(name="ids",required=true) String ids) { this.${entityName?uncap_first}Service.delBatchMain(Arrays.asList(ids.split(","))); @@ -215,7 +215,7 @@ public class ${entityName}Controller extends JeecgController<${entityName}, I${e * 导出 * @return */ - @RequiresPermissions("${entityPackage}:${tableName}:exportXls") + @SaCheckPermission("${entityPackage}:${tableName}:exportXls") @RequestMapping(value = "/exportXls") public ModelAndView exportXls(HttpServletRequest request, ${entityName} ${entityName?uncap_first}) { <#if enhanceJavaList?size gt 0> @@ -233,7 +233,7 @@ public class ${entityName}Controller extends JeecgController<${entityName}, I${e * 导入 * @return */ - @RequiresPermissions("${entityPackage}:${tableName}:importExcel") + @SaCheckPermission("${entityPackage}:${tableName}:importExcel") @RequestMapping(value = "/importExcel", method = RequestMethod.POST) public Result importExcel(HttpServletRequest request, HttpServletResponse response) { <#if enhanceJavaList?size gt 0> @@ -328,7 +328,7 @@ public class ${entityName}Controller extends JeecgController<${entityName}, I${e public ModelAndView export${sub.entityName}(HttpServletRequest request, ${sub.entityName} ${sub.entityName?uncap_first}) { // Step.1 组装查询条件 QueryWrapper<${sub.entityName}> queryWrapper = QueryGenerator.initQueryWrapper(${sub.entityName?uncap_first}, request.getParameterMap()); - LoginUser sysUser = (LoginUser) SecurityUtils.getSubject().getPrincipal(); + LoginUser sysUser = LoginUserUtils.getLoginUser(); // Step.2 获取导出数据 List<${sub.entityName}> pageList = ${sub.entityName?uncap_first}Service.list(queryWrapper); diff --git a/jeecg-boot/jeecg-module-system/jeecg-system-biz/src/main/resources/jeecg/code-template-online/inner-table/onetomany/java/${bussiPackage}/${entityPackage}/controller/${entityName}Controller.javai b/jeecg-boot/jeecg-module-system/jeecg-system-biz/src/main/resources/jeecg/code-template-online/inner-table/onetomany/java/${bussiPackage}/${entityPackage}/controller/${entityName}Controller.javai index eb29b2eb4..34bf080a0 100644 --- a/jeecg-boot/jeecg-module-system/jeecg-system-biz/src/main/resources/jeecg/code-template-online/inner-table/onetomany/java/${bussiPackage}/${entityPackage}/controller/${entityName}Controller.javai +++ b/jeecg-boot/jeecg-module-system/jeecg-system-biz/src/main/resources/jeecg/code-template-online/inner-table/onetomany/java/${bussiPackage}/${entityPackage}/controller/${entityName}Controller.javai @@ -19,7 +19,7 @@ import org.jeecgframework.poi.excel.entity.ExportParams; import org.jeecgframework.poi.excel.entity.ImportParams; import org.jeecgframework.poi.excel.view.JeecgEntityExcelView; import org.jeecg.common.system.vo.LoginUser; -import org.apache.shiro.SecurityUtils; +import org.jeecg.common.util.LoginUserUtils; import org.jeecg.common.api.vo.Result; import org.jeecg.common.system.query.QueryGenerator; import org.jeecg.common.system.query.QueryRuleEnum; @@ -47,7 +47,7 @@ import com.alibaba.fastjson.JSON; import io.swagger.v3.oas.annotations.tags.Tag; import io.swagger.v3.oas.annotations.Operation; import org.jeecg.common.aspect.annotation.AutoLog; -import org.apache.shiro.authz.annotation.RequiresPermissions; +import cn.dev33.satoken.annotation.SaCheckPermission; <#assign has_multi_query_field=false> <#list originalColumns as po> <#if po.isQuery=='Y' && (po.classType=='list' || po.classType=='list_multi' || po.classType=='radio' || po.classType=='checkbox')> @@ -134,7 +134,7 @@ public class ${entityName}Controller { */ @AutoLog(value = "${tableVo.ftlDescription}-添加") @Operation(summary="${tableVo.ftlDescription}-添加") - @RequiresPermissions("${entityPackage}:${tableName}:add") + @SaCheckPermission("${entityPackage}:${tableName}:add") @PostMapping(value = "/add") public Result add(@RequestBody ${entityName}Page ${entityName?uncap_first}Page) { <#if enhanceJavaList?size gt 0> @@ -167,7 +167,7 @@ public class ${entityName}Controller { */ @AutoLog(value = "${tableVo.ftlDescription}-编辑") @Operation(summary="${tableVo.ftlDescription}-编辑") - @RequiresPermissions("${entityPackage}:${tableName}:edit") + @SaCheckPermission("${entityPackage}:${tableName}:edit") @RequestMapping(value = "/edit", method = {RequestMethod.PUT,RequestMethod.POST}) public Result edit(@RequestBody ${entityName}Page ${entityName?uncap_first}Page) { <#if enhanceJavaList?size gt 0> @@ -204,7 +204,7 @@ public class ${entityName}Controller { */ @AutoLog(value = "${tableVo.ftlDescription}-通过id删除") @Operation(summary="${tableVo.ftlDescription}-通过id删除") - @RequiresPermissions("${entityPackage}:${tableName}:delete") + @SaCheckPermission("${entityPackage}:${tableName}:delete") @DeleteMapping(value = "/delete") public Result delete(@RequestParam(name="id",required=true) String id) { ${entityName?uncap_first}Service.delMain(id); @@ -219,7 +219,7 @@ public class ${entityName}Controller { */ @AutoLog(value = "${tableVo.ftlDescription}-批量删除") @Operation(summary="${tableVo.ftlDescription}-批量删除") - @RequiresPermissions("${entityPackage}:${tableName}:deleteBatch") + @SaCheckPermission("${entityPackage}:${tableName}:deleteBatch") @DeleteMapping(value = "/deleteBatch") public Result deleteBatch(@RequestParam(name="ids",required=true) String ids) { this.${entityName?uncap_first}Service.delBatchMain(Arrays.asList(ids.split(","))); @@ -270,7 +270,7 @@ public class ${entityName}Controller { * @param request * @param ${entityName?uncap_first} */ - @RequiresPermissions("${entityPackage}:${tableName}:exportXls") + @SaCheckPermission("${entityPackage}:${tableName}:exportXls") @RequestMapping(value = "/exportXls") public ModelAndView exportXls(HttpServletRequest request, ${entityName} ${entityName?uncap_first}) { <#if enhanceJavaList?size gt 0> @@ -283,7 +283,7 @@ public class ${entityName}Controller { // Step.1 组装查询条件查询数据 QueryWrapper<${entityName}> queryWrapper = QueryGenerator.initQueryWrapper(${entityName?uncap_first}, request.getParameterMap()); - LoginUser sysUser = (LoginUser) SecurityUtils.getSubject().getPrincipal(); + LoginUser sysUser = LoginUserUtils.getLoginUser(); //配置选中数据查询条件 String selections = request.getParameter("selections"); @@ -322,7 +322,7 @@ public class ${entityName}Controller { * @param response * @return */ - @RequiresPermissions("${entityPackage}:${tableName}:importExcel") + @SaCheckPermission("${entityPackage}:${tableName}:importExcel") @RequestMapping(value = "/importExcel", method = RequestMethod.POST) public Result importExcel(HttpServletRequest request, HttpServletResponse response) { <#if enhanceJavaList?size gt 0> diff --git a/jeecg-boot/jeecg-module-system/jeecg-system-biz/src/main/resources/jeecg/code-template-online/jvxe/onetomany/java/${bussiPackage}/${entityPackage}/controller/${entityName}Controller.javai b/jeecg-boot/jeecg-module-system/jeecg-system-biz/src/main/resources/jeecg/code-template-online/jvxe/onetomany/java/${bussiPackage}/${entityPackage}/controller/${entityName}Controller.javai index d69e931b6..80b07d259 100644 --- a/jeecg-boot/jeecg-module-system/jeecg-system-biz/src/main/resources/jeecg/code-template-online/jvxe/onetomany/java/${bussiPackage}/${entityPackage}/controller/${entityName}Controller.javai +++ b/jeecg-boot/jeecg-module-system/jeecg-system-biz/src/main/resources/jeecg/code-template-online/jvxe/onetomany/java/${bussiPackage}/${entityPackage}/controller/${entityName}Controller.javai @@ -19,7 +19,7 @@ import org.jeecgframework.poi.excel.entity.ExportParams; import org.jeecgframework.poi.excel.entity.ImportParams; import org.jeecgframework.poi.excel.view.JeecgEntityExcelView; import org.jeecg.common.system.vo.LoginUser; -import org.apache.shiro.SecurityUtils; +import org.jeecg.common.util.LoginUserUtils; import org.jeecg.common.api.vo.Result; import org.jeecg.common.system.query.QueryGenerator; import org.jeecg.common.system.query.QueryRuleEnum; @@ -47,7 +47,7 @@ import com.alibaba.fastjson.JSON; import io.swagger.v3.oas.annotations.tags.Tag; import io.swagger.v3.oas.annotations.Operation; import org.jeecg.common.aspect.annotation.AutoLog; -import org.apache.shiro.authz.annotation.RequiresPermissions; +import cn.dev33.satoken.annotation.SaCheckPermission; <#assign bpm_flag=false> <#assign has_multi_query_field=false> @@ -143,7 +143,7 @@ public class ${entityName}Controller { */ @AutoLog(value = "${tableVo.ftlDescription}-添加") @Operation(summary="${tableVo.ftlDescription}-添加") - @RequiresPermissions("${entityPackage}:${tableName}:add") + @SaCheckPermission("${entityPackage}:${tableName}:add") @PostMapping(value = "/add") public Result add(@RequestBody ${entityName}Page ${entityName?uncap_first}Page) { <#if enhanceJavaList?size gt 0> @@ -179,7 +179,7 @@ public class ${entityName}Controller { */ @AutoLog(value = "${tableVo.ftlDescription}-编辑") @Operation(summary="${tableVo.ftlDescription}-编辑") - @RequiresPermissions("${entityPackage}:${tableName}:edit") + @SaCheckPermission("${entityPackage}:${tableName}:edit") @RequestMapping(value = "/edit", method = {RequestMethod.PUT,RequestMethod.POST}) public Result edit(@RequestBody ${entityName}Page ${entityName?uncap_first}Page) { <#if enhanceJavaList?size gt 0> @@ -216,7 +216,7 @@ public class ${entityName}Controller { */ @AutoLog(value = "${tableVo.ftlDescription}-通过id删除") @Operation(summary="${tableVo.ftlDescription}-通过id删除") - @RequiresPermissions("${entityPackage}:${tableName}:delete") + @SaCheckPermission("${entityPackage}:${tableName}:delete") @DeleteMapping(value = "/delete") public Result delete(@RequestParam(name="id",required=true) String id) { ${entityName?uncap_first}Service.delMain(id); @@ -231,7 +231,7 @@ public class ${entityName}Controller { */ @AutoLog(value = "${tableVo.ftlDescription}-批量删除") @Operation(summary="${tableVo.ftlDescription}-批量删除") - @RequiresPermissions("${entityPackage}:${tableName}:deleteBatch") + @SaCheckPermission("${entityPackage}:${tableName}:deleteBatch") @DeleteMapping(value = "/deleteBatch") public Result deleteBatch(@RequestParam(name="ids",required=true) String ids) { this.${entityName?uncap_first}Service.delBatchMain(Arrays.asList(ids.split(","))); @@ -278,7 +278,7 @@ public class ${entityName}Controller { * @param request * @param ${entityName?uncap_first} */ - @RequiresPermissions("${entityPackage}:${tableName}:exportXls") + @SaCheckPermission("${entityPackage}:${tableName}:exportXls") @RequestMapping(value = "/exportXls") public ModelAndView exportXls(HttpServletRequest request, ${entityName} ${entityName?uncap_first}) { <#if enhanceJavaList?size gt 0> @@ -292,7 +292,7 @@ public class ${entityName}Controller { // Step.1 组装查询条件查询数据 QueryWrapper<${entityName}> queryWrapper = QueryGenerator.initQueryWrapper(${entityName?uncap_first}, request.getParameterMap()); - LoginUser sysUser = (LoginUser) SecurityUtils.getSubject().getPrincipal(); + LoginUser sysUser = LoginUserUtils.getLoginUser(); //配置选中数据查询条件 String selections = request.getParameter("selections"); @@ -331,7 +331,7 @@ public class ${entityName}Controller { * @param response * @return */ - @RequiresPermissions("${entityPackage}:${tableName}:importExcel") + @SaCheckPermission("${entityPackage}:${tableName}:importExcel") @RequestMapping(value = "/importExcel", method = RequestMethod.POST) public Result importExcel(HttpServletRequest request, HttpServletResponse response) { <#if enhanceJavaList?size gt 0> diff --git a/jeecg-boot/jeecg-module-system/jeecg-system-biz/src/main/resources/jeecg/code-template-online/tab/onetomany/java/${bussiPackage}/${entityPackage}/controller/${entityName}Controller.javai b/jeecg-boot/jeecg-module-system/jeecg-system-biz/src/main/resources/jeecg/code-template-online/tab/onetomany/java/${bussiPackage}/${entityPackage}/controller/${entityName}Controller.javai index 479879c14..e3dcf369e 100644 --- a/jeecg-boot/jeecg-module-system/jeecg-system-biz/src/main/resources/jeecg/code-template-online/tab/onetomany/java/${bussiPackage}/${entityPackage}/controller/${entityName}Controller.javai +++ b/jeecg-boot/jeecg-module-system/jeecg-system-biz/src/main/resources/jeecg/code-template-online/tab/onetomany/java/${bussiPackage}/${entityPackage}/controller/${entityName}Controller.javai @@ -19,7 +19,7 @@ import org.jeecgframework.poi.excel.entity.ExportParams; import org.jeecgframework.poi.excel.entity.ImportParams; import org.jeecgframework.poi.excel.view.JeecgEntityExcelView; import org.jeecg.common.system.vo.LoginUser; -import org.apache.shiro.SecurityUtils; +import org.jeecg.common.util.LoginUserUtils; import org.jeecg.common.api.vo.Result; import org.jeecg.common.system.query.QueryGenerator; import org.jeecg.common.system.query.QueryRuleEnum; @@ -47,7 +47,7 @@ import com.alibaba.fastjson.JSON; import io.swagger.v3.oas.annotations.tags.Tag; import io.swagger.v3.oas.annotations.Operation; import org.jeecg.common.aspect.annotation.AutoLog; -import org.apache.shiro.authz.annotation.RequiresPermissions; +import cn.dev33.satoken.annotation.SaCheckPermission; <#assign has_multi_query_field=false> <#list originalColumns as po> <#if po.isQuery=='Y' && (po.classType=='list' || po.classType=='list_multi' || po.classType=='radio' || po.classType=='checkbox')> @@ -134,7 +134,7 @@ public class ${entityName}Controller { */ @AutoLog(value = "${tableVo.ftlDescription}-添加") @Operation(summary="${tableVo.ftlDescription}-添加") - @RequiresPermissions("${entityPackage}:${tableName}:add") + @SaCheckPermission("${entityPackage}:${tableName}:add") @PostMapping(value = "/add") public Result add(@RequestBody ${entityName}Page ${entityName?uncap_first}Page) { <#if enhanceJavaList?size gt 0> @@ -167,7 +167,7 @@ public class ${entityName}Controller { */ @AutoLog(value = "${tableVo.ftlDescription}-编辑") @Operation(summary="${tableVo.ftlDescription}-编辑") - @RequiresPermissions("${entityPackage}:${tableName}:edit") + @SaCheckPermission("${entityPackage}:${tableName}:edit") @RequestMapping(value = "/edit", method = {RequestMethod.PUT,RequestMethod.POST}) public Result edit(@RequestBody ${entityName}Page ${entityName?uncap_first}Page) { <#if enhanceJavaList?size gt 0> @@ -204,7 +204,7 @@ public class ${entityName}Controller { */ @AutoLog(value = "${tableVo.ftlDescription}-通过id删除") @Operation(summary="${tableVo.ftlDescription}-通过id删除") - @RequiresPermissions("${entityPackage}:${tableName}:delete") + @SaCheckPermission("${entityPackage}:${tableName}:delete") @DeleteMapping(value = "/delete") public Result delete(@RequestParam(name="id",required=true) String id) { ${entityName?uncap_first}Service.delMain(id); @@ -219,7 +219,7 @@ public class ${entityName}Controller { */ @AutoLog(value = "${tableVo.ftlDescription}-批量删除") @Operation(summary="${tableVo.ftlDescription}-批量删除") - @RequiresPermissions("${entityPackage}:${tableName}:deleteBatch") + @SaCheckPermission("${entityPackage}:${tableName}:deleteBatch") @DeleteMapping(value = "/deleteBatch") public Result deleteBatch(@RequestParam(name="ids",required=true) String ids) { this.${entityName?uncap_first}Service.delBatchMain(Arrays.asList(ids.split(","))); @@ -266,7 +266,7 @@ public class ${entityName}Controller { * @param request * @param ${entityName?uncap_first} */ - @RequiresPermissions("${entityPackage}:${tableName}:exportXls") + @SaCheckPermission("${entityPackage}:${tableName}:exportXls") @RequestMapping(value = "/exportXls") public ModelAndView exportXls(HttpServletRequest request, ${entityName} ${entityName?uncap_first}) { <#if enhanceJavaList?size gt 0> @@ -280,7 +280,7 @@ public class ${entityName}Controller { // Step.1 组装查询条件查询数据 QueryWrapper<${entityName}> queryWrapper = QueryGenerator.initQueryWrapper(${entityName?uncap_first}, request.getParameterMap()); - LoginUser sysUser = (LoginUser) SecurityUtils.getSubject().getPrincipal(); + LoginUser sysUser = LoginUserUtils.getLoginUser(); //配置选中数据查询条件 String selections = request.getParameter("selections"); @@ -319,7 +319,7 @@ public class ${entityName}Controller { * @param response * @return */ - @RequiresPermissions("${entityPackage}:${tableName}:importExcel") + @SaCheckPermission("${entityPackage}:${tableName}:importExcel") @RequestMapping(value = "/importExcel", method = RequestMethod.POST) public Result importExcel(HttpServletRequest request, HttpServletResponse response) { <#if enhanceJavaList?size gt 0> diff --git a/jeecg-boot/jeecg-module-system/jeecg-system-biz/src/main/resources/jeecg/code-template/onetomany/java/${bussiPackage}/${entityPackage}/controller/${entityName}Controller.javai b/jeecg-boot/jeecg-module-system/jeecg-system-biz/src/main/resources/jeecg/code-template/onetomany/java/${bussiPackage}/${entityPackage}/controller/${entityName}Controller.javai index 35a3d9a3d..2bfc45d08 100644 --- a/jeecg-boot/jeecg-module-system/jeecg-system-biz/src/main/resources/jeecg/code-template/onetomany/java/${bussiPackage}/${entityPackage}/controller/${entityName}Controller.javai +++ b/jeecg-boot/jeecg-module-system/jeecg-system-biz/src/main/resources/jeecg/code-template/onetomany/java/${bussiPackage}/${entityPackage}/controller/${entityName}Controller.javai @@ -11,7 +11,7 @@ import java.util.Map; import jakarta.servlet.http.HttpServletRequest; import jakarta.servlet.http.HttpServletResponse; import org.jeecg.common.system.vo.LoginUser; -import org.apache.shiro.SecurityUtils; +import org.jeecg.common.util.LoginUserUtils; import org.jeecgframework.poi.excel.ExcelImportUtil; import org.jeecgframework.poi.excel.def.NormalExcelConstants; import org.jeecgframework.poi.excel.entity.ExportParams; @@ -185,7 +185,7 @@ public class ${entityName}Controller { public ModelAndView exportXls(HttpServletRequest request, ${entityName} ${entityName?uncap_first}) { // Step.1 组装查询条件 QueryWrapper<${entityName}> queryWrapper = QueryGenerator.initQueryWrapper(${entityName?uncap_first}, request.getParameterMap()); - LoginUser sysUser = (LoginUser) SecurityUtils.getSubject().getPrincipal(); + LoginUser sysUser = LoginUserUtils.getLoginUser(); //Step.2 获取导出数据 List<${entityName}Page> pageList = new ArrayList<${entityName}Page>(); diff --git a/jeecg-boot/jeecg-module-system/jeecg-system-biz/src/main/resources/jeecg/code-template/onetomany2/java/${bussiPackage}/${entityPackage}/controller/${entityName}Controller.javai b/jeecg-boot/jeecg-module-system/jeecg-system-biz/src/main/resources/jeecg/code-template/onetomany2/java/${bussiPackage}/${entityPackage}/controller/${entityName}Controller.javai index cebf51868..0393d232b 100644 --- a/jeecg-boot/jeecg-module-system/jeecg-system-biz/src/main/resources/jeecg/code-template/onetomany2/java/${bussiPackage}/${entityPackage}/controller/${entityName}Controller.javai +++ b/jeecg-boot/jeecg-module-system/jeecg-system-biz/src/main/resources/jeecg/code-template/onetomany2/java/${bussiPackage}/${entityPackage}/controller/${entityName}Controller.javai @@ -10,7 +10,7 @@ import java.util.Map; import jakarta.servlet.http.HttpServletRequest; import jakarta.servlet.http.HttpServletResponse; -import org.apache.shiro.SecurityUtils; +import org.jeecg.common.util.LoginUserUtils; import org.jeecgframework.poi.excel.ExcelImportUtil; import org.jeecgframework.poi.excel.def.NormalExcelConstants; import org.jeecgframework.poi.excel.entity.ExportParams; @@ -273,7 +273,7 @@ ${sub.entityName?uncap_first}.get${key}()!=null<#rt/> public ModelAndView exportXls(HttpServletRequest request, ${entityName} ${entityName?uncap_first}) { // Step.1 组装查询条件 QueryWrapper<${entityName}> queryWrapper = QueryGenerator.initQueryWrapper(${entityName?uncap_first}, request.getParameterMap()); - LoginUser sysUser = (LoginUser) SecurityUtils.getSubject().getPrincipal(); + LoginUser sysUser = LoginUserUtils.getLoginUser(); //Step.2 获取导出数据 List<${entityName}Page> pageList = new ArrayList<${entityName}Page>();