1.1.67 客户端菜单限制配置、按客户端限制过滤用户菜单权限。

dev
yinq 3 weeks ago
parent f16a1f2707
commit 13202d8ff4

@ -132,6 +132,13 @@ public class LoginHelper {
return Convert.toStr(getExtra(DEPT_CATEGORY_KEY));
}
/**
* ID
*/
public static String getClientId() {
return Convert.toStr(getExtra(CLIENT_KEY));
}
/**
* Token
*

@ -0,0 +1,31 @@
package org.dromara.system.constant;
import java.util.List;
/**
*
*/
public final class ClientMenuConstants {
private ClientMenuConstants() {
}
/**
* ID
*/
public static final String RESTRICTED_CLIENT_ID = "20362542f27e164a8e70e1c1744f17dd";
/**
*
*/
public static final List<String> RESTRICTED_ALLOWED_ROOT_MENU_NAMES = List.of(
"我的任务",
"销售报价管理",
"销售合同管理",
"项目管理"
);
public static boolean isRestrictedClient(String clientId) {
return RESTRICTED_CLIENT_ID.equals(clientId);
}
}

@ -46,6 +46,7 @@ public class SysMenuController extends BaseController {
@GetMapping("/getRouters")
public R<List<RouterVo>> getRouters() {
List<SysMenu> menus = menuService.selectMenuTreeByUserId(LoginHelper.getUserId());
menus = menuService.filterMenusByClient(menus, LoginHelper.getClientId());
return R.ok(menuService.buildMenus(menus));
}

@ -160,4 +160,22 @@ public interface ISysMenuService {
* @return
*/
boolean checkMenuNameUnique(SysMenuBo menu);
/**
*
*
* @param menus
* @param clientId ID
* @return
*/
List<SysMenu> filterMenusByClient(List<SysMenu> menus, String clientId);
/**
*
*
* @param userId ID
* @param clientId ID
* @return
*/
Set<String> selectMenuPermsByUserIdForClient(Long userId, String clientId);
}

@ -13,6 +13,7 @@ import org.dromara.common.core.utils.StreamUtils;
import org.dromara.common.core.utils.StringUtils;
import org.dromara.common.core.utils.TreeBuildUtils;
import org.dromara.common.satoken.utils.LoginHelper;
import org.dromara.system.constant.ClientMenuConstants;
import org.dromara.system.domain.SysMenu;
import org.dromara.system.domain.SysRole;
import org.dromara.system.domain.SysRoleMenu;
@ -385,4 +386,72 @@ public class SysMenuServiceImpl implements ISysMenuService {
}
}
/**
*
*/
@Override
public List<SysMenu> filterMenusByClient(List<SysMenu> menus, String clientId) {
if (!ClientMenuConstants.isRestrictedClient(clientId) || CollUtil.isEmpty(menus)) {
return menus;
}
return menus.stream()
.filter(menu -> ClientMenuConstants.RESTRICTED_ALLOWED_ROOT_MENU_NAMES.contains(menu.getMenuName()))
.toList();
}
/**
*
*/
@Override
public Set<String> selectMenuPermsByUserIdForClient(Long userId, String clientId) {
if (!ClientMenuConstants.isRestrictedClient(clientId)) {
return selectMenuPermsByUserId(userId);
}
Set<Long> allowedMenuIds = getRestrictedClientAllowedMenuIds();
if (CollUtil.isEmpty(allowedMenuIds)) {
return Collections.emptySet();
}
List<String> list = baseMapper.selectObjs(
new LambdaQueryWrapper<SysMenu>()
.select(SysMenu::getPerms)
.inSql(SysMenu::getMenuId, baseMapper.buildMenuByUserSql(userId))
.in(SysMenu::getMenuId, allowedMenuIds)
.isNotNull(SysMenu::getPerms)
);
return new HashSet<>(StreamUtils.filter(list, StringUtils::isNotBlank));
}
/**
* 访 ID
*/
private Set<Long> getRestrictedClientAllowedMenuIds() {
List<SysMenu> rootMenus = baseMapper.selectList(
new LambdaQueryWrapper<SysMenu>()
.eq(SysMenu::getParentId, Constants.TOP_PARENT_ID)
.in(SysMenu::getMenuName, ClientMenuConstants.RESTRICTED_ALLOWED_ROOT_MENU_NAMES)
);
if (CollUtil.isEmpty(rootMenus)) {
return Collections.emptySet();
}
List<SysMenu> allMenus = baseMapper.selectList(
new LambdaQueryWrapper<SysMenu>()
.eq(SysMenu::getStatus, SystemConstants.NORMAL)
);
Set<Long> allowedMenuIds = new HashSet<>();
for (SysMenu rootMenu : rootMenus) {
allowedMenuIds.add(rootMenu.getMenuId());
collectDescendantMenuIds(allMenus, rootMenu.getMenuId(), allowedMenuIds);
}
return allowedMenuIds;
}
private void collectDescendantMenuIds(List<SysMenu> allMenus, Long parentId, Set<Long> allowedMenuIds) {
for (SysMenu menu : allMenus) {
if (parentId.equals(menu.getParentId())) {
allowedMenuIds.add(menu.getMenuId());
collectDescendantMenuIds(allMenus, menu.getMenuId(), allowedMenuIds);
}
}
}
}

@ -54,7 +54,7 @@ public class SysPermissionServiceImpl implements ISysPermissionService {
if (LoginHelper.isSuperAdmin(userId)) {
perms.add("*:*:*");
} else {
perms.addAll(menuService.selectMenuPermsByUserId(userId));
perms.addAll(menuService.selectMenuPermsByUserIdForClient(userId, LoginHelper.getClientId()));
}
return perms;
}

Loading…
Cancel
Save