大致权限控制完成，新增优化权限控制代码

4 days ago · 1ba81beb0a
parent a89b72fca1
commit 1ba81beb0a
22 changed files with 198 additions and 0 deletions
--- a/src/main/java/cn/zyp/stusystem/controller/RoleController.java
+++ b/src/main/java/cn/zyp/stusystem/controller/RoleController.java
@ -0,0 +1,133 @@
+package cn.zyp.stusystem.controller;
+
+import cn.zyp.stusystem.common.Result;
+import cn.zyp.stusystem.dto.SaveRolePermissionsDTO;
+import cn.zyp.stusystem.entity.Role;
+import cn.zyp.stusystem.service.RolePermissionService;
+import cn.zyp.stusystem.service.RoleService;
+import com.baomidou.mybatisplus.core.conditions.query.LambdaQueryWrapper;
+import com.baomidou.mybatisplus.extension.plugins.pagination.Page;
+import org.springframework.beans.factory.annotation.Autowired;
+import org.springframework.web.bind.annotation.*;
+
+import java.util.HashMap;
+import java.util.List;
+import java.util.Map;
+
+@RestController
+@RequestMapping("/api/role")
+public class RoleController {
+
+    @Autowired
+    private RoleService roleService;
+
+    @Autowired
+    private RolePermissionService rolePermissionService;
+
+    /**
+     * 获取角色列表（分页查询）
+     */
+    @GetMapping
+    public Result<Map<String, Object>> getRoleList(
+            @RequestParam(defaultValue = "1") Integer current,
+            @RequestParam(defaultValue = "10") Integer size,
+            @RequestParam(required = false) String roleName) {
+
+        Page<Role> page = new Page<>(current, size);
+        LambdaQueryWrapper<Role> wrapper = new LambdaQueryWrapper<>();
+
+        if (roleName != null && !roleName.trim().isEmpty()) {
+            wrapper.like(Role::getRoleName, roleName);
+        }
+
+        wrapper.orderByDesc(Role::getCreatedAt);
+
+        Page<Role> rolePage = roleService.page(page, wrapper);
+
+        Map<String, Object> result = new HashMap<>();
+        result.put("list", rolePage.getRecords());
+        result.put("total", rolePage.getTotal());
+
+        return Result.success(result);
+    }
+
+    /**
+     * 获取角色详情
+     */
+    @GetMapping("/{roleId}")
+    public Result<Role> getRoleById(@PathVariable Long roleId) {
+        Role role = roleService.getById(roleId);
+        if (role == null) {
+            return Result.error(404, "角色不存在");
+        }
+        return Result.success(role);
+    }
+
+    /**
+     * 创建角色
+     */
+    @PostMapping
+    public Result<Role> createRole(@RequestBody Role role) {
+        if (role.getStatus() == null) {
+            role.setStatus(1);
+        }
+        boolean success = roleService.save(role);
+        if (success) {
+            // 返回创建的角色对象（包含ID），这样前端才能获取到角色ID来保存权限
+            return Result.success(role);
+        } else {
+            return Result.error("创建失败");
+        }
+    }
+
+    /**
+     * 更新角色
+     */
+    @PutMapping("/{roleId}")
+    public Result<Boolean> updateRole(@PathVariable Long roleId, @RequestBody Role role) {
+        role.setId(roleId);
+        boolean success = roleService.updateById(role);
+        return success ? Result.success(true) : Result.error("更新失败");
+    }
+
+    /**
+     * 删除角色
+     */
+    @DeleteMapping("/{roleId}")
+    public Result<Boolean> deleteRole(@PathVariable Long roleId) {
+        Role role = roleService.getById(roleId);
+        if (role == null) {
+            return Result.error(404, "角色不存在");
+        }
+        boolean success = roleService.removeById(roleId);
+        return success ? Result.success(true) : Result.error("删除失败");
+    }
+
+    /**
+     * 获取角色的权限列表
+     */
+    @GetMapping("/{roleId}/permissions")
+    public Result<List<String>> getRolePermissions(@PathVariable Long roleId) {
+        List<String> permissionCodes = rolePermissionService.getPermissionCodesByRoleId(roleId);
+        return Result.success(permissionCodes);
+    }
+
+    /**
+     * 保存角色的权限配置
+     */
+    @PostMapping("/{roleId}/permissions")
+    public Result<Boolean> saveRolePermissions(
+            @PathVariable Long roleId,
+            @RequestBody SaveRolePermissionsDTO dto) {
+        System.out.println("收到权限保存请求: roleId=" + roleId + ", permissions=" + dto.getPermissions());
+        try {
+            rolePermissionService.saveRolePermissions(roleId, dto.getPermissions());
+            System.out.println("权限保存成功");
+            return Result.success(true);
+        } catch (Exception e) {
+            System.out.println("权限保存失败: " + e.getMessage());
+            e.printStackTrace();
+            return Result.error("保存失败: " + e.getMessage());
+        }
+    }
+}
--- a/src/main/java/cn/zyp/stusystem/controller/UserController.java
+++ b/src/main/java/cn/zyp/stusystem/controller/UserController.java
@ -0,0 +1,52 @@
+package cn.zyp.stusystem.controller;
+
+import cn.dev33.satoken.annotation.SaCheckLogin;
+import cn.dev33.satoken.annotation.SaCheckPermission;
+import cn.dev33.satoken.stp.StpUtil;
+import cn.zyp.stusystem.common.Result;
+import cn.zyp.stusystem.dto.UserSimpleDTO;
+import cn.zyp.stusystem.entity.User;
+import cn.zyp.stusystem.service.UserService;
+import com.baomidou.mybatisplus.core.conditions.query.LambdaQueryWrapper;
+import org.springframework.beans.factory.annotation.Autowired;
+import org.springframework.web.bind.annotation.GetMapping;
+import org.springframework.web.bind.annotation.RequestMapping;
+import org.springframework.web.bind.annotation.RestController;
+
+import java.util.Arrays;
+import java.util.List;
+import java.util.stream.Collectors;
+
+@RestController
+@RequestMapping("/api/user")
+public class UserController {
+    
+    @Autowired
+    private UserService userService;
+
+    @SaCheckLogin
+    @SaCheckPermission("class:edit") // 或者更宽松的权限
+    @GetMapping("/teachers")
+    public Result<List<UserSimpleDTO>> listTeachers() {
+        List<UserSimpleDTO> teachers = userService.list(
+                        new LambdaQueryWrapper<User>()
+                                .in(User::getRole, Arrays.asList("head_teacher", "teacher"))
+                                .eq(User::getStatus, 1)
+                                .select(User::getId, User::getName)
+                ).stream()
+                .map(u -> new UserSimpleDTO(u.getId(), u.getName()))
+                .collect(Collectors.toList());
+        return Result.success(teachers);
+    }
+
+    /**
+     * 获取当前用户的权限列表
+     */
+    @GetMapping("/permissions")
+    public Result<List<String>> getUserPermissions() {
+        // 从Token中获取当前用户ID
+        Long userId = StpUtil.getLoginIdAsLong();
+        List<String> permissions = userService.getUserPermissions(userId);
+        return Result.success(permissions);
+    }
+}
--- a/src/main/java/cn/zyp/stusystem/dto/UserSimpleDTO.java
+++ b/src/main/java/cn/zyp/stusystem/dto/UserSimpleDTO.java
@ -0,0 +1,13 @@
+package cn.zyp.stusystem.dto;
+
+import lombok.AllArgsConstructor;
+import lombok.Data;
+import lombok.NoArgsConstructor;
+
+@Data
+@AllArgsConstructor
+@NoArgsConstructor
+public class UserSimpleDTO {
+    private Long id;
+    private String name;
+}
--- a/target/classes/cn/zyp/stusystem/controller/PermissionController.class
+++ b/target/classes/cn/zyp/stusystem/controller/PermissionController.class
--- a/target/classes/cn/zyp/stusystem/controller/RoleController.class
+++ b/target/classes/cn/zyp/stusystem/controller/RoleController.class
--- a/target/classes/cn/zyp/stusystem/controller/RolePermissionController.class
+++ b/target/classes/cn/zyp/stusystem/controller/RolePermissionController.class
--- a/target/classes/cn/zyp/stusystem/controller/UserController.class
+++ b/target/classes/cn/zyp/stusystem/controller/UserController.class
--- a/target/classes/cn/zyp/stusystem/dto/SaveRolePermissionsDTO.class
+++ b/target/classes/cn/zyp/stusystem/dto/SaveRolePermissionsDTO.class
--- a/target/classes/cn/zyp/stusystem/dto/UserSimpleDTO.class
+++ b/target/classes/cn/zyp/stusystem/dto/UserSimpleDTO.class
--- a/target/classes/cn/zyp/stusystem/entity/Permission.class
+++ b/target/classes/cn/zyp/stusystem/entity/Permission.class
--- a/target/classes/cn/zyp/stusystem/entity/Role.class
+++ b/target/classes/cn/zyp/stusystem/entity/Role.class
--- a/target/classes/cn/zyp/stusystem/entity/RolePermission.class
+++ b/target/classes/cn/zyp/stusystem/entity/RolePermission.class
--- a/target/classes/cn/zyp/stusystem/mapper/PermissionMapper.class
+++ b/target/classes/cn/zyp/stusystem/mapper/PermissionMapper.class
--- a/target/classes/cn/zyp/stusystem/mapper/RoleMapper.class
+++ b/target/classes/cn/zyp/stusystem/mapper/RoleMapper.class
--- a/target/classes/cn/zyp/stusystem/mapper/RolePermissionMapper.class
+++ b/target/classes/cn/zyp/stusystem/mapper/RolePermissionMapper.class
--- a/target/classes/cn/zyp/stusystem/service/PermissionService.class
+++ b/target/classes/cn/zyp/stusystem/service/PermissionService.class
--- a/target/classes/cn/zyp/stusystem/service/RolePermissionService.class
+++ b/target/classes/cn/zyp/stusystem/service/RolePermissionService.class
--- a/target/classes/cn/zyp/stusystem/service/RoleService.class
+++ b/target/classes/cn/zyp/stusystem/service/RoleService.class
--- a/target/classes/cn/zyp/stusystem/service/impl/PermissionServiceImpl.class
+++ b/target/classes/cn/zyp/stusystem/service/impl/PermissionServiceImpl.class
--- a/target/classes/cn/zyp/stusystem/service/impl/RolePermissionServiceImpl.class
+++ b/target/classes/cn/zyp/stusystem/service/impl/RolePermissionServiceImpl.class
--- a/target/classes/cn/zyp/stusystem/service/impl/RoleServiceImpl.class
+++ b/target/classes/cn/zyp/stusystem/service/impl/RoleServiceImpl.class
--- a/target/classes/cn/zyp/stusystem/vo/PermissionVO.class
+++ b/target/classes/cn/zyp/stusystem/vo/PermissionVO.class