[incubator-shenyu] branch midnight2104 updated: refactor shenyu-admin: add user permissions.

Sun, 14 Nov 2021 00:50:29 -0800 

This is an automated email from the ASF dual-hosted git repository.

midnight2104 pushed a commit to branch midnight2104
in repository https://gitbox.apache.org/repos/asf/incubator-shenyu.git


The following commit(s) were added to refs/heads/midnight2104 by this push:
     new c07f247  refactor shenyu-admin: add user permissions.
c07f247 is described below

commit c07f247efe54ac2139a6e196f844d12dd6caa8c2
Author: midnight2104 <[email protected]>
AuthorDate: Sat Nov 13 22:00:17 2021 +0800

    refactor shenyu-admin: add user permissions.
---
 .../admin/controller/DashboardUserController.java      | 18 +++++++++++++-----
 .../shenyu/admin/shiro/config/ShiroConfiguration.java  | 13 +++++++++++++
 .../admin/controller/DashboardUserControllerTest.java  |  2 +-
 3 files changed, 27 insertions(+), 6 deletions(-)

diff --git 
a/shenyu-admin/src/main/java/org/apache/shenyu/admin/controller/DashboardUserController.java
 
b/shenyu-admin/src/main/java/org/apache/shenyu/admin/controller/DashboardUserController.java
index 049854b..35a9037 100644
--- 
a/shenyu-admin/src/main/java/org/apache/shenyu/admin/controller/DashboardUserController.java
+++ 
b/shenyu-admin/src/main/java/org/apache/shenyu/admin/controller/DashboardUserController.java
@@ -29,6 +29,7 @@ import org.apache.shenyu.admin.model.vo.DashboardUserVO;
 import org.apache.shenyu.admin.service.DashboardUserService;
 import org.apache.shenyu.admin.utils.AesUtils;
 import org.apache.shenyu.admin.utils.ShenyuResultMessage;
+import org.apache.shiro.authz.annotation.RequiresPermissions;
 import org.springframework.validation.annotation.Validated;
 import org.springframework.web.bind.annotation.DeleteMapping;
 import org.springframework.web.bind.annotation.GetMapping;
@@ -70,14 +71,17 @@ public class DashboardUserController {
      * @param pageSize    page size
      * @return {@linkplain ShenyuAdminResult}
      */
+    @RequiresPermissions("system:manager:list")
     @GetMapping("")
-    public ShenyuAdminResult queryDashboardUsers(final String userName, final 
Integer currentPage, final Integer pageSize) {
-        String key = secretProperties.getKey();
-        String iv = secretProperties.getIv();
-        CommonPager<DashboardUserVO> commonPager = 
dashboardUserService.listByPage(new DashboardUserQuery(userName, new 
PageParameter(currentPage, pageSize)));
+    public ShenyuAdminResult queryDashboardUsers(final String userName,
+                                                 final Integer currentPage,
+                                                 final Integer pageSize) {
+        CommonPager<DashboardUserVO> commonPager = 
dashboardUserService.listByPage(new DashboardUserQuery(userName,
+                new PageParameter(currentPage, pageSize)));
+
         if (CollectionUtils.isNotEmpty(commonPager.getDataList())) {
             commonPager.getDataList()
-                    .forEach(item -> 
item.setPassword(AesUtils.aesDecryption(item.getPassword(), key, iv)));
+                    .forEach(item -> item.setPassword(""));
             return 
ShenyuAdminResult.success(ShenyuResultMessage.QUERY_SUCCESS, commonPager);
         } else {
             return 
ShenyuAdminResult.error(ShenyuResultMessage.DASHBOARD_QUERY_ERROR);
@@ -90,6 +94,7 @@ public class DashboardUserController {
      * @param id dashboard user id.
      * @return {@linkplain ShenyuAdminResult}
      */
+    @RequiresPermissions("system:manager:list")
     @GetMapping("/{id}")
     public ShenyuAdminResult detailDashboardUser(@PathVariable("id") final 
String id) {
         DashboardUserEditVO dashboardUserEditVO = 
dashboardUserService.findById(id);
@@ -105,6 +110,7 @@ public class DashboardUserController {
      * @param dashboardUserDTO dashboard user.
      * @return {@linkplain ShenyuAdminResult}
      */
+    @RequiresPermissions("system:manager:add")
     @PostMapping("")
     public ShenyuAdminResult createDashboardUser(@Valid @RequestBody final 
DashboardUserDTO dashboardUserDTO) {
         String key = secretProperties.getKey();
@@ -123,6 +129,7 @@ public class DashboardUserController {
      * @param dashboardUserDTO dashboard user.
      * @return {@linkplain ShenyuAdminResult}
      */
+    @RequiresPermissions("system:manager:edit")
     @PutMapping("/{id}")
     public ShenyuAdminResult updateDashboardUser(@PathVariable("id") final 
String id, @Valid @RequestBody final DashboardUserDTO dashboardUserDTO) {
         String key = secretProperties.getKey();
@@ -139,6 +146,7 @@ public class DashboardUserController {
      * @param ids primary key.
      * @return {@linkplain ShenyuAdminResult}
      */
+    @RequiresPermissions("system:manager:delete")
     @DeleteMapping("/batch")
     public ShenyuAdminResult deleteDashboardUser(@RequestBody @NotEmpty final 
List<@NotBlank String> ids) {
         Integer deleteCount = dashboardUserService.delete(ids);
diff --git 
a/shenyu-admin/src/main/java/org/apache/shenyu/admin/shiro/config/ShiroConfiguration.java
 
b/shenyu-admin/src/main/java/org/apache/shenyu/admin/shiro/config/ShiroConfiguration.java
index 0484d06..0e2efe3 100644
--- 
a/shenyu-admin/src/main/java/org/apache/shenyu/admin/shiro/config/ShiroConfiguration.java
+++ 
b/shenyu-admin/src/main/java/org/apache/shenyu/admin/shiro/config/ShiroConfiguration.java
@@ -24,6 +24,7 @@ import org.apache.shiro.spring.LifecycleBeanPostProcessor;
 import 
org.apache.shiro.spring.security.interceptor.AuthorizationAttributeSourceAdvisor;
 import org.apache.shiro.spring.web.ShiroFilterFactoryBean;
 import org.apache.shiro.web.mgt.DefaultWebSecurityManager;
+import 
org.springframework.aop.framework.autoproxy.DefaultAdvisorAutoProxyCreator;
 import org.springframework.beans.factory.annotation.Qualifier;
 import org.springframework.context.annotation.Bean;
 import org.springframework.context.annotation.Configuration;
@@ -95,6 +96,18 @@ public class ShiroConfiguration {
     }
 
     /**
+     * Support shiro annotation.
+     *
+     * @return DefaultAdvisorAutoProxyCreator.
+     */
+    @Bean
+    public static DefaultAdvisorAutoProxyCreator 
getDefaultAdvisorAutoProxyCreator() {
+        DefaultAdvisorAutoProxyCreator defaultAdvisorAutoProxyCreator = new 
DefaultAdvisorAutoProxyCreator();
+        defaultAdvisorAutoProxyCreator.setProxyTargetClass(true);
+        return defaultAdvisorAutoProxyCreator;
+    }
+
+    /**
      * shiro's lifecycle in spring.
      *
      * @return {@linkplain LifecycleBeanPostProcessor}
diff --git 
a/shenyu-admin/src/test/java/org/apache/shenyu/admin/controller/DashboardUserControllerTest.java
 
b/shenyu-admin/src/test/java/org/apache/shenyu/admin/controller/DashboardUserControllerTest.java
index ed616f9..e1f81c8 100644
--- 
a/shenyu-admin/src/test/java/org/apache/shenyu/admin/controller/DashboardUserControllerTest.java
+++ 
b/shenyu-admin/src/test/java/org/apache/shenyu/admin/controller/DashboardUserControllerTest.java
@@ -98,7 +98,7 @@ public final class DashboardUserControllerTest {
         mockMvc.perform(get(url))
                 .andExpect(status().isOk())
                 .andExpect(jsonPath("$.message", 
is(ShenyuResultMessage.QUERY_SUCCESS)))
-                .andExpect(jsonPath("$.data.dataList[0].password", 
is("123456")))
+                .andExpect(jsonPath("$.data.dataList[0].password", is("")))
                 .andReturn();
 
         final CommonPager<DashboardUserVO> commonPagerError = new 
CommonPager<>(new PageParameter(),

Reply via email to