com.ruoyi.framework.util.ShiroUtils Java Examples

The following examples show how to use com.ruoyi.framework.util.ShiroUtils. You can vote up the ones you like or vote down the ones you don't like, and go to the original project or source file by following the links above each example. You may check out the related API usage on the sidebar.
Example #1
Source File: SysPostController.java    From supplierShop with MIT License 6 votes vote down vote up
/**
 * 修改保存岗位
 */
@RequiresPermissions("system:post:edit")
@Log(title = "岗位管理", businessType = BusinessType.UPDATE)
@PostMapping("/edit")
@ResponseBody
public AjaxResult editSave(@Validated SysPost post)
{
    if (UserConstants.POST_NAME_NOT_UNIQUE.equals(postService.checkPostNameUnique(post)))
    {
        return error("修改岗位'" + post.getPostName() + "'失败,岗位名称已存在");
    }
    else if (UserConstants.POST_CODE_NOT_UNIQUE.equals(postService.checkPostCodeUnique(post)))
    {
        return error("修改岗位'" + post.getPostName() + "'失败,岗位编码已存在");
    }
    post.setUpdateBy(ShiroUtils.getLoginName());
    return toAjax(postService.updatePost(post));
}
 
Example #2
Source File: SysUserOnlineController.java    From supplierShop with MIT License 6 votes vote down vote up
@RequiresPermissions("monitor:online:forceLogout")
@Log(title = "在线用户", businessType = BusinessType.FORCE)
@PostMapping("/forceLogout")
@ResponseBody
public AjaxResult forceLogout(String sessionId)
{
    SysUserOnline online = userOnlineService.selectOnlineById(sessionId);
    if (sessionId.equals(ShiroUtils.getSessionId()))
    {
        return error("当前登陆用户无法强退");
    }
    if (online == null)
    {
        return error("用户已下线");
    }
    OnlineSession onlineSession = (OnlineSession) onlineSessionDAO.readSession(online.getSessionId());
    if (onlineSession == null)
    {
        return error("用户已下线");
    }
    onlineSession.setStatus(OnlineStatus.off_line);
    onlineSessionDAO.update(onlineSession);
    online.setStatus(OnlineStatus.off_line);
    userOnlineService.saveOnline(online);
    return success();
}
 
Example #3
Source File: SysMenuController.java    From supplierShop with MIT License 6 votes vote down vote up
/**
 * 删除菜单
 */
@Log(title = "菜单管理", businessType = BusinessType.DELETE)
@RequiresPermissions("system:menu:remove")
@GetMapping("/remove/{menuId}")
@ResponseBody
public AjaxResult remove(@PathVariable("menuId") Long menuId)
{
    if (menuService.selectCountMenuByParentId(menuId) > 0)
    {
        return AjaxResult.warn("存在子菜单,不允许删除");
    }
    if (menuService.selectCountRoleMenuByMenuId(menuId) > 0)
    {
        return AjaxResult.warn("菜单已分配,不允许删除");
    }
    ShiroUtils.clearCachedAuthorizationInfo();
    return toAjax(menuService.deleteMenuById(menuId));
}
 
Example #4
Source File: DataScopeAspect.java    From supplierShop with MIT License 6 votes vote down vote up
protected void handleDataScope(final JoinPoint joinPoint)
{
    // 获得注解
    DataScope controllerDataScope = getAnnotationLog(joinPoint);
    if (controllerDataScope == null)
    {
        return;
    }
    // 获取当前的用户
    SysUser currentUser = ShiroUtils.getSysUser();
    if (currentUser != null)
    {
        // 如果是超级管理员,则不过滤数据
        if (!currentUser.isAdmin())
        {
            dataScopeFilter(joinPoint, currentUser, controllerDataScope.deptAlias(),
                    controllerDataScope.userAlias());
        }
    }
}
 
Example #5
Source File: SysUserController.java    From ruoyiplus with MIT License 6 votes vote down vote up
/**
 * 新增保存用户
 */
@RequiresPermissions("system:user:add")
@Log(title = "用户管理", businessType = BusinessType.INSERT)
@PostMapping("/add")
@Transactional(rollbackFor = Exception.class)
@ResponseBody
public AjaxResult addSave(SysUser user)
{
    if (StringUtils.isNotNull(user.getUserId()) && SysUser.isAdmin(user.getUserId()))
    {
        return error("不允许修改超级管理员用户");
    }
    user.setSalt(ShiroUtils.randomSalt());
    user.setPassword(passwordService.encryptPassword(user.getLoginName(), user.getPassword(), user.getSalt()));
    user.setCreateBy(ShiroUtils.getLoginName());
    return toAjax(userService.insertUser(user));
}
 
Example #6
Source File: SysRoleController.java    From supplierShop with MIT License 6 votes vote down vote up
/**
 * 新增保存角色
 */
@RequiresPermissions("system:role:add")
@Log(title = "角色管理", businessType = BusinessType.INSERT)
@PostMapping("/add")
@ResponseBody
public AjaxResult addSave(@Validated SysRole role)
{
    if (UserConstants.ROLE_NAME_NOT_UNIQUE.equals(roleService.checkRoleNameUnique(role)))
    {
        return error("新增角色'" + role.getRoleName() + "'失败,角色名称已存在");
    }
    else if (UserConstants.ROLE_KEY_NOT_UNIQUE.equals(roleService.checkRoleKeyUnique(role)))
    {
        return error("新增角色'" + role.getRoleName() + "'失败,角色权限已存在");
    }
    role.setCreateBy(ShiroUtils.getLoginName());
    ShiroUtils.clearCachedAuthorizationInfo();
    return toAjax(roleService.insertRole(role));

}
 
Example #7
Source File: SysDeptController.java    From supplierShop with MIT License 6 votes vote down vote up
/**
 * 保存
 */
@Log(title = "部门管理", businessType = BusinessType.UPDATE)
@RequiresPermissions("system:dept:edit")
@PostMapping("/edit")
@ResponseBody
public AjaxResult editSave(@Validated SysDept dept)
{
    if (UserConstants.DEPT_NAME_NOT_UNIQUE.equals(deptService.checkDeptNameUnique(dept)))
    {
        return error("修改部门'" + dept.getDeptName() + "'失败,部门名称已存在");
    }
    else if (dept.getParentId().equals(dept.getDeptId()))
    {
        return error("修改部门'" + dept.getDeptName() + "'失败,上级部门不能是自己");
    }
    dept.setUpdateBy(ShiroUtils.getLoginName());
    return toAjax(deptService.updateDept(dept));
}
 
Example #8
Source File: SysMenuController.java    From ruoyiplus with MIT License 6 votes vote down vote up
/**
 * 删除菜单
 */
@Log(title = "菜单管理", businessType = BusinessType.DELETE)
@RequiresPermissions("system:menu:remove")
@PostMapping("/remove/{menuId}")
@ResponseBody
public AjaxResult remove(@PathVariable("menuId") Long menuId)
{
    if (menuService.selectCountMenuByParentId(menuId) > 0)
    {
        return error(1, "存在子菜单,不允许删除");
    }
    if (menuService.selectCountRoleMenuByMenuId(menuId) > 0)
    {
        return error(1, "菜单已分配,不允许删除");
    }
    ShiroUtils.clearCachedAuthorizationInfo();
    return toAjax(menuService.deleteMenuById(menuId));
}
 
Example #9
Source File: SysUserController.java    From supplierShop with MIT License 6 votes vote down vote up
/**
 * 新增保存用户
 */
@RequiresPermissions("system:user:add")
@Log(title = "用户管理", businessType = BusinessType.INSERT)
@PostMapping("/add")
@ResponseBody
public AjaxResult addSave(@Validated SysUser user)
{
    if (UserConstants.USER_NAME_NOT_UNIQUE.equals(userService.checkLoginNameUnique(user.getLoginName())))
    {
        return error("新增用户'" + user.getLoginName() + "'失败,登录账号已存在");
    }
    else if (UserConstants.USER_PHONE_NOT_UNIQUE.equals(userService.checkPhoneUnique(user)))
    {
        return error("新增用户'" + user.getLoginName() + "'失败,手机号码已存在");
    }
    else if (UserConstants.USER_EMAIL_NOT_UNIQUE.equals(userService.checkEmailUnique(user)))
    {
        return error("新增用户'" + user.getLoginName() + "'失败,邮箱账号已存在");
    }
    user.setSalt(ShiroUtils.randomSalt());
    user.setPassword(passwordService.encryptPassword(user.getLoginName(), user.getPassword(), user.getSalt()));
    user.setCreateBy(ShiroUtils.getLoginName());
    return toAjax(userService.insertUser(user));
}
 
Example #10
Source File: SysUserController.java    From supplierShop with MIT License 6 votes vote down vote up
/**
 * 修改保存用户
 */
@RequiresPermissions("system:user:edit")
@Log(title = "用户管理", businessType = BusinessType.UPDATE)
@PostMapping("/edit")
@ResponseBody
public AjaxResult editSave(@Validated SysUser user)
{
    if (StringUtils.isNotNull(user.getUserId()) && SysUser.isAdmin(user.getUserId()))
    {
        return error("不允许修改超级管理员用户");
    }
    else if (UserConstants.USER_PHONE_NOT_UNIQUE.equals(userService.checkPhoneUnique(user)))
    {
        return error("修改用户'" + user.getLoginName() + "'失败,手机号码已存在");
    }
    else if (UserConstants.USER_EMAIL_NOT_UNIQUE.equals(userService.checkEmailUnique(user)))
    {
        return error("修改用户'" + user.getLoginName() + "'失败,邮箱账号已存在");
    }
    user.setUpdateBy(ShiroUtils.getLoginName());
    return toAjax(userService.updateUser(user));
}
 
Example #11
Source File: SysUserOnlineController.java    From RuoYi with Apache License 2.0 6 votes vote down vote up
private String logout(String sessionId) {
    SysUserOnline online = userOnlineService.selectOnlineById(sessionId);
    if (sessionId.equals(ShiroUtils.getSessionId())) {
        return "当前登陆用户无法强退";
    }
    if (online == null) {
        return "用户已下线";
    }
    OnlineSession onlineSession = (OnlineSession) onlineSessionDAO.readSession(online.getSessionId());
    if (onlineSession == null) {
        return "用户已下线";
    }
    onlineSession.setStatus(OnlineStatus.OFF_LINE);
    online.setStatus(OnlineStatus.OFF_LINE);
    userOnlineService.saveOnline(online);
    return null;
}
 
Example #12
Source File: LogoutFilter.java    From RuoYi with Apache License 2.0 6 votes vote down vote up
@Override
protected boolean preHandle(ServletRequest request, ServletResponse response){
    try {
        Subject subject = getSubject(request, response);
        String redirectUrl = getRedirectUrl(request, response, subject);
        SysUser user = ShiroUtils.getSysUser();
        if (ObjectUtil.isNotNull(user)) {
            String loginName = user.getLoginName();
            // 记录用户退出日志
            AsyncManager.me().execute(AsyncFactory.recordLogininfor(loginName, Constants.LOGOUT, MessageUtils.message("user.logout.success")));
            // 清理缓存
            cache.remove(loginName);
        }
        // 退出登录
        subject.logout();
        issueRedirect(request, response, redirectUrl);
    } catch (Exception e) {
        log.error("Encountered session exception during logout.  This can generally safely be ignored." , e);
    }
    return false;
}
 
Example #13
Source File: SysProfileController.java    From supplierShop with MIT License 6 votes vote down vote up
@Log(title = "重置密码", businessType = BusinessType.UPDATE)
@PostMapping("/resetPwd")
@ResponseBody
public AjaxResult resetPwd(String oldPassword, String newPassword)
{
    SysUser user = ShiroUtils.getSysUser();
    if (StringUtils.isNotEmpty(newPassword) && passwordService.matches(user, oldPassword))
    {
        user.setSalt(ShiroUtils.randomSalt());
        user.setPassword(passwordService.encryptPassword(user.getLoginName(), newPassword, user.getSalt()));
        if (userService.resetUserPwd(user) > 0)
        {
            ShiroUtils.setSysUser(userService.selectUserById(user.getUserId()));
            return success();
        }
        return error();
    }
    else
    {
        return error("修改密码失败,旧密码错误");
    }
}
 
Example #14
Source File: SysProfileController.java    From supplierShop with MIT License 6 votes vote down vote up
/**
 * 修改用户
 */
@Log(title = "个人信息", businessType = BusinessType.UPDATE)
@PostMapping("/update")
@ResponseBody
public AjaxResult update(SysUser user)
{
    SysUser currentUser = ShiroUtils.getSysUser();
    currentUser.setUserName(user.getUserName());
    currentUser.setEmail(user.getEmail());
    currentUser.setPhonenumber(user.getPhonenumber());
    currentUser.setSex(user.getSex());
    if (userService.updateUserInfo(currentUser) > 0)
    {
        ShiroUtils.setSysUser(userService.selectUserById(currentUser.getUserId()));
        return success();
    }
    return error();
}
 
Example #15
Source File: DataScopeAspect.java    From ruoyiplus with MIT License 6 votes vote down vote up
protected void handleDataScope(final JoinPoint joinPoint)
{
    // 获得注解
    DataScope controllerDataScope = getAnnotationLog(joinPoint);
    if (controllerDataScope == null)
    {
        return;
    }
    // 获取当前的用户
    SysUser currentUser = ShiroUtils.getSysUser();
    if (currentUser != null)
    {
        // 如果是超级管理员,则不过滤数据
        if (!currentUser.isAdmin())
        {
            dataScopeFilter(joinPoint, currentUser, controllerDataScope.tableAlias());
        }
    }
}
 
Example #16
Source File: SysJobController.java    From ruoyiplus with MIT License 5 votes vote down vote up
/**
 * 新增保存调度
 */
@Log(title = "定时任务", businessType = BusinessType.INSERT)
@RequiresPermissions("monitor:job:add")
@PostMapping("/add")
@ResponseBody
public AjaxResult addSave(SysJob job)
{
    job.setCreateBy(ShiroUtils.getLoginName());
    return toAjax(jobService.insertJobCron(job));
}
 
Example #17
Source File: SysJobController.java    From ruoyiplus with MIT License 5 votes vote down vote up
/**
 * 任务调度状态修改
 */
@Log(title = "定时任务", businessType = BusinessType.UPDATE)
@RequiresPermissions("monitor:job:changeStatus")
@PostMapping("/changeStatus")
@ResponseBody
public AjaxResult changeStatus(SysJob job)
{
    job.setUpdateBy(ShiroUtils.getLoginName());
    return toAjax(jobService.changeStatus(job));
}
 
Example #18
Source File: UserRealm.java    From ruoyiplus with MIT License 5 votes vote down vote up
/**
 * 授权
 */
@Override
protected AuthorizationInfo doGetAuthorizationInfo(PrincipalCollection arg0)
{
    SysUser user = ShiroUtils.getSysUser();
    // 角色列表
    Set<String> roles = new HashSet<String>();
    // 功能列表
    Set<String> menus = new HashSet<String>();
    SimpleAuthorizationInfo info = new SimpleAuthorizationInfo();
    // 管理员拥有所有权限
    if (user.isAdmin())
    {
        info.addRole("admin");
        info.addStringPermission("*:*:*");
    }
    else
    {
        roles = roleService.selectRoleKeys(user.getUserId());
        menus = menuService.selectPermsByUserId(user.getUserId());
        // 角色加入AuthorizationInfo认证对象
        info.setRoles(roles);
        // 权限加入AuthorizationInfo认证对象
        info.setStringPermissions(menus);
    }
    return info;
}
 
Example #19
Source File: SysRoleController.java    From ruoyiplus with MIT License 5 votes vote down vote up
/**
 * 修改保存数据权限
 */
@RequiresPermissions("system:role:edit")
@Log(title = "角色管理", businessType = BusinessType.UPDATE)
@PostMapping("/rule")
@Transactional(rollbackFor = Exception.class)
@ResponseBody
public AjaxResult ruleSave(SysRole role)
{
    role.setUpdateBy(ShiroUtils.getLoginName());
    return toAjax(roleService.updateRule(role));
}
 
Example #20
Source File: SysDictTypeController.java    From ruoyiplus with MIT License 5 votes vote down vote up
/**
 * 修改保存字典类型
 */
@Log(title = "字典类型", businessType = BusinessType.UPDATE)
@RequiresPermissions("system:dict:edit")
@PostMapping("/edit")
@ResponseBody
public AjaxResult editSave(SysDictType dict)
{
    dict.setUpdateBy(ShiroUtils.getLoginName());
    return toAjax(dictTypeService.updateDictType(dict));
}
 
Example #21
Source File: SysLoginService.java    From ruoyiplus with MIT License 5 votes vote down vote up
/**
 * 记录登录信息
 */
public void recordLoginInfo(SysUser user)
{
    user.setLoginIp(ShiroUtils.getIp());
    user.setLoginDate(DateUtils.getNowDate());
    userService.updateUserInfo(user);
}
 
Example #22
Source File: CaptchaValidateFilter.java    From ruoyiplus with MIT License 5 votes vote down vote up
public boolean validateResponse(HttpServletRequest request, String validateCode)
{
    Object obj = ShiroUtils.getSession().getAttribute(Constants.KAPTCHA_SESSION_KEY);
    String code = String.valueOf(obj != null ? obj : "");
    if (StringUtils.isEmpty(validateCode) || !validateCode.equalsIgnoreCase(code))
    {
        return false;
    }
    return true;
}
 
Example #23
Source File: SysPostController.java    From ruoyiplus with MIT License 5 votes vote down vote up
/**
 * 新增保存岗位
 */
@RequiresPermissions("system:post:add")
@Log(title = "岗位管理", businessType = BusinessType.INSERT)
@PostMapping("/add")
@ResponseBody
public AjaxResult addSave(SysPost post)
{
    post.setCreateBy(ShiroUtils.getLoginName());
    return toAjax(postService.insertPost(post));
}
 
Example #24
Source File: OnlineSessionFilter.java    From ruoyiplus with MIT License 5 votes vote down vote up
/**
 * 表示是否允许访问;mappedValue就是[urls]配置中拦截器参数部分,如果允许访问返回true,否则false;
 */
@Override
protected boolean isAccessAllowed(ServletRequest request, ServletResponse response, Object mappedValue)
        throws Exception
{
    Subject subject = getSubject(request, response);
    if (subject == null || subject.getSession() == null)
    {
        return true;
    }
    Session session = onlineSessionDAO.readSession(subject.getSession().getId());
    if (session != null && session instanceof OnlineSession)
    {
        OnlineSession onlineSession = (OnlineSession) session;
        request.setAttribute(ShiroConstants.ONLINE_SESSION, onlineSession);
        // 把user对象设置进去
        boolean isGuest = onlineSession.getUserId() == null || onlineSession.getUserId() == 0L;
        if (isGuest == true)
        {
            SysUser user = ShiroUtils.getSysUser();
            if (user != null)
            {
                onlineSession.setUserId(user.getUserId());
                onlineSession.setLoginName(user.getLoginName());
                onlineSession.setDeptName(user.getDept().getDeptName());
                onlineSession.markAttributeChanged();
            }
        }

        if (onlineSession.getStatus() == OnlineStatus.off_line)
        {
            return false;
        }
    }
    return true;
}
 
Example #25
Source File: LogoutFilter.java    From ruoyiplus with MIT License 5 votes vote down vote up
@Override
protected boolean preHandle(ServletRequest request, ServletResponse response) throws Exception
{
    try
    {
        Subject subject = getSubject(request, response);
        String redirectUrl = getRedirectUrl(request, response, subject);
        try
        {
            SysUser user = ShiroUtils.getSysUser();
            if (StringUtils.isNotNull(user))
            {
                String loginName = user.getLoginName();
                // 记录用户退出日志
                AsyncManager.me().execute(AsyncFactory.recordLogininfor(loginName, Constants.LOGOUT, MessageUtils.message("user.logout.success")));
            }
            // 退出登录
            subject.logout();
        }
        catch (SessionException ise)
        {
            log.error("logout fail.", ise);
        }
        issueRedirect(request, response, redirectUrl);
    }
    catch (Exception e)
    {
        log.error("Encountered session exception during logout.  This can generally safely be ignored.", e);
    }
    return false;
}
 
Example #26
Source File: SysMenuController.java    From RuoYi with Apache License 2.0 5 votes vote down vote up
@RequiresPermissions("system:menu:list")
@GetMapping("/list")
@ResponseBody
public List<SysMenu> list(SysMenu menu) {
    Long userId = ShiroUtils.getUserId();
    return menuService.selectMenuList(menu, userId);
}
 
Example #27
Source File: SysPostController.java    From ruoyiplus with MIT License 5 votes vote down vote up
/**
 * 修改保存岗位
 */
@RequiresPermissions("system:post:edit")
@Log(title = "岗位管理", businessType = BusinessType.UPDATE)
@PostMapping("/edit")
@ResponseBody
public AjaxResult editSave(SysPost post)
{
    post.setUpdateBy(ShiroUtils.getLoginName());
    return toAjax(postService.updatePost(post));
}
 
Example #28
Source File: SysDictDataController.java    From ruoyiplus with MIT License 5 votes vote down vote up
/**
 * 新增保存字典类型
 */
@Log(title = "字典数据", businessType = BusinessType.INSERT)
@RequiresPermissions("system:dict:add")
@PostMapping("/add")
@ResponseBody
public AjaxResult addSave(SysDictData dict)
{
    dict.setCreateBy(ShiroUtils.getLoginName());
    return toAjax(dictDataService.insertDictData(dict));
}
 
Example #29
Source File: SysPostController.java    From RuoYi with Apache License 2.0 5 votes vote down vote up
/**
 * 新增保存岗位
 */
@RequiresPermissions("system:post:add")
@Log(title = "岗位管理", businessType = BusinessType.INSERT)
@PostMapping("/add")
@ResponseBody
public AjaxResult addSave(SysPost post) {
    post.setCreateBy(ShiroUtils.getLoginName());
    return toAjax(postService.insertPost(post));
}
 
Example #30
Source File: SysRoleController.java    From RuoYi with Apache License 2.0 5 votes vote down vote up
/**
 * 修改保存角色
 */
@RequiresPermissions("system:role:edit")
@Log(title = "角色管理", businessType = BusinessType.UPDATE)
@PostMapping("/edit")
@Transactional(rollbackFor = Exception.class)
@ResponseBody
public AjaxResult editSave(SysRole role) {
    role.setUpdateBy(ShiroUtils.getLoginName());
    ShiroUtils.clearCachedAuthorizationInfo();
    return toAjax(roleService.updateRole(role));
}