基于配置的权限已完成

common/src/main/java/com/koobietech/eas/common/utils/SecurityManager.java

@@ -2,6 +2,7 @@ package com.koobietech.eas.common.utils;
 
 import com.koobietech.eas.dao.constant.UserType;
 import com.koobietech.eas.dao.pojo.UserDetailPojo;
+import org.springframework.security.core.Authentication;
 import org.springframework.security.core.context.SecurityContextHolder;
 
 import java.util.Objects;
@@ -75,7 +76,15 @@ public class SecurityManager {
         return Objects.nonNull(principal);
     }
 
-    private static UserDetailPojo getPrincipal() {
+    public static Authentication getAuthentication() {
+        try {
+        return SecurityContextHolder.getContext().getAuthentication();
+        } catch (Exception ignored) {
+            return null;
+        }
+    }
+
+    public static UserDetailPojo getPrincipal() {
         try {
             Object principal = SecurityContextHolder.getContext().getAuthentication().getPrincipal();
             if (Objects.nonNull(principal)) {

controller/src/main/java/com/koobietech/eas/config/ExceptionAdviceConfiguration.java

@@ -27,7 +27,7 @@ public class ExceptionAdviceConfiguration {
 //        for (StackTraceElement element : stackTrace) {
 //            logger.error(element.toString());
 //        }
-        //e.printStackTrace();
+        e.printStackTrace();
         //logger.error(">>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>");
         return JsonResult.fail(e.getMessage(), 500);
     }
@@ -41,7 +41,7 @@ public class ExceptionAdviceConfiguration {
 //        for (StackTraceElement element : stackTrace) {
 //            logger.error(element.toString());
 //        }
-//        e.printStackTrace();
+        e.printStackTrace();
 //        logger.error("&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&");
         return JsonResult.fail(e.getMessage(), e.getCode());
     }

controller/src/main/java/com/koobietech/eas/controller/EasSysStuProfileController.java

@@ -14,6 +14,7 @@ import com.koobietech.eas.service.EasStuProfileService;
 import io.swagger.v3.oas.annotations.Operation;
 import io.swagger.v3.oas.annotations.tags.Tag;
 import org.springframework.beans.BeanUtils;
+import org.springframework.util.StringUtils;
 import org.springframework.web.bind.annotation.*;
 import org.springframework.web.multipart.MultipartFile;
 
@@ -81,6 +82,13 @@ public class EasSysStuProfileController {
     @PostMapping("/downloadArchives")
     @Operation(summary = "下载学员档案", description = "下载学员档案")
     public JsonResult downloadArchives(@RequestParam(required = true) String studentNumber){
+        if ( !StringUtils.hasText(studentNumber) ||  "".equals(studentNumber) ) {
+            return JsonResult.fail("学生学号不能为空");
+        }
+        if ( studentNumber.isBlank() || studentNumber.isEmpty() )  {
+            return JsonResult.fail("学生学号格式错误");
+        }
+        // 下载
         String res = easStuProfileService.downloadArchives(studentNumber);
         return JsonResult.data(res);
     }

controller/src/main/resources/application.yaml

@@ -29,11 +29,10 @@ knife4j:
 security:
   url:
     ignored:
-      - /**
-eas:
-  jwt-secret-key: 123456
-  jwt-expires-date: 2
-  password-sign-key: eas-key-password
+      - /login/adminLogin
+      - /login/studentLogin
+      - /login/verify/get
+      - /login/verify/check
 project:
   path: ${user.home}/archivesFiles
 
@@ -41,4 +40,20 @@ pagehelper:
   helperDialect: mysql
   reasonable: true
   supportMethodsArguments: true
-  params: count=countSql
+  params: count=countSql
+
+eas:
+  jwt-secret-key: 123456
+  jwt-expires-date: 2
+  password-sign-key: eas-key-password
+  authority:
+    authorization:
+      - /login/getUserInfo
+    student:
+      - /login/getUserInfo
+    teacher:
+      - /login/getUserInfo
+    easgroup:
+      - /login/getUserInfo
+    admin:
+      - /**

dao/src/main/java/com/koobietech/eas/dao/pojo/DepartmentPojo.java

@@ -7,6 +7,7 @@ import java.util.Date;
 public class DepartmentPojo {
     private Long id;
     private String depname;
+    private String authority;
     private String address;
     private String phone;
     private String email;

dao/src/main/java/com/koobietech/eas/dao/pojo/UserDetailPojo.java

@@ -14,7 +14,7 @@ public class UserDetailPojo {
     private String phone;
     private String email;
     private UserType userType;
-    private List<PermissionPojo> permissionPojos;
+    private List<String> permissionPojos;
     private List<DepartmentPojo> departments;
 
 }

dao/src/main/resources/com/koobietech/eas/dao/mapper/AdminLoginMapper.xml

@@ -20,6 +20,7 @@
         <result column="phone" property="phone"/>
         <result column="email" property="email"/>
         <result column="manager" property="manager"/>
+        <result column="authority" property="authority" />
         <result column="create_time" property="createTime"/>
         <result column="modify_time" property="modifyTime"/>
         <result column="create_uid" property="createUid"/>
@@ -66,19 +67,35 @@
     </resultMap>
 
     <select id="getUserPermissionsById" resultMap="permissionResultMap">
-        SELECT p.id, p.name, p.is_active, p.create_time, p.modify_time, p.create_uid, p.description
-        FROM eas_sys_userinfo u
-                 JOIN eas_sys_pes_relation pr ON u.id = pr.department_id
-                 JOIN eas_sys_permission p ON pr.permission_id = p.id
-        WHERE u.id = #{adminId};
+        SELECT
+            p.id,
+            p.`name`,
+            p.is_active,
+            p.create_time,
+            p.modify_time,
+            p.create_uid,
+            p.description
+        FROM eas_sys_pes_relation AS r
+                 LEFT JOIN eas_sys_permission AS p ON p.id = r.permission_id
+                 LEFT JOIN eas_sys_dep_relation AS d ON d.id = ( SELECT id FROM eas_sys_dep_relation WHERE department_id = r.department_id LIMIT 1  )
+        WHERE d.user_id = #{adminId};
     </select>
 
     <select id="getUserDepartmentsById" resultMap="departmentResultMap">
-        SELECT DISTINCT d.id, d.depname, d.address, d.phone, d.email, d.manager, d.create_time, d.modify_time, d.create_uid
-        FROM eas_sys_userinfo u
-                 JOIN eas_sys_pes_relation pr ON u.id = pr.department_id
-                 JOIN eas_sys_department d ON pr.department_id = d.id
-        WHERE u.id = #{adminId}
+        SELECT
+            d.id,
+            d.depname,
+            d.authority,
+            d.address,
+            d.phone,
+            d.email,
+            d.manager,
+            d.create_time,
+            d.modify_time,
+            d.create_uid
+        FROM eas_sys_dep_relation  AS r
+                 LEFT JOIN eas_sys_department AS d ON d.id = r.department_id
+        WHERE r.user_id = #{admin}
     </select>
 
     <select id="getUserDetailById" resultMap="userDetailResultMap">
@@ -100,19 +117,34 @@
     </select>
 
     <select id="getStudentPermissionsById" resultMap="permissionResult">
-        SELECT p.id, p.name, p.is_active, p.create_time, p.modify_time, p.create_uid, p.description
-        FROM eas_sys_student s
-                 JOIN eas_sys_pes_relation pr ON s.id = pr.department_id
-                 JOIN eas_sys_permission p ON pr.permission_id = p.id
-        WHERE s.id = #{adminId};
+        SELECT
+            p.id,
+            p.`name`,
+            p.is_active,
+            p.create_time,
+            p.modify_time,
+            p.create_uid,
+            p.description
+        FROM eas_sys_pes_relation AS r
+                 LEFT JOIN eas_sys_permission AS p ON p.id = r.permission_id
+                 LEFT JOIN eas_sys_dep_relation AS d ON d.id = ( SELECT id FROM eas_sys_dep_relation WHERE department_id = r.department_id LIMIT 1  )
+        WHERE d.student_id = #{adminId};
     </select>
 
     <select id="getStudentDepartmentsById" resultMap="departmentResult">
-        SELECT DISTINCT d.id, d.depname, d.address, d.phone, d.email, d.manager, d.create_time, d.modify_time, d.create_uid
-        FROM eas_sys_student s
-                 JOIN eas_sys_pes_relation pr ON s.id = pr.department_id
-                 JOIN eas_sys_department d ON pr.department_id = d.id
-        WHERE s.id = #{adminId}
+        SELECT
+            d.id,
+            d.depname,
+            d.address,
+            d.phone,
+            d.email,
+            d.manager,
+            d.create_time,
+            d.modify_time,
+            d.create_uid
+        FROM eas_sys_dep_relation  AS r
+                 LEFT JOIN eas_sys_department AS d ON d.id = r.department_id
+        WHERE r.student_id = #{admin}
     </select>
 
 </mapper>

mbg/src/main/java/com/koobietech/eas/mbg/model/EasSysDepartment.java

@@ -16,6 +16,14 @@ public class EasSysDepartment implements Serializable {
     @Schema(description = "部门名称")
     private String depname;
 
+    /**
+     * 权限名
+     *
+     * @mbg.generated
+     */
+    @Schema(description = "权限名")
+    private String authority;
+
     /**
      * 部门地址
      *
@@ -100,6 +108,14 @@ public class EasSysDepartment implements Serializable {
         this.depname = depname == null ? null : depname.trim();
     }
 
+    public String getAuthority() {
+        return authority;
+    }
+
+    public void setAuthority(String authority) {
+        this.authority = authority == null ? null : authority.trim();
+    }
+
     public String getAddress() {
         return address;
     }
@@ -172,6 +188,7 @@ public class EasSysDepartment implements Serializable {
         sb.append("Hash = ").append(hashCode());
         sb.append(", id=").append(id);
         sb.append(", depname=").append(depname);
+        sb.append(", authority=").append(authority);
         sb.append(", address=").append(address);
         sb.append(", phone=").append(phone);
         sb.append(", email=").append(email);

mbg/src/main/java/com/koobietech/eas/mbg/model/EasSysDepartmentExample.java

@@ -235,6 +235,76 @@ public class EasSysDepartmentExample {
             return (Criteria) this;
         }
 
+        public Criteria andAuthorityIsNull() {
+            addCriterion("authority is null");
+            return (Criteria) this;
+        }
+
+        public Criteria andAuthorityIsNotNull() {
+            addCriterion("authority is not null");
+            return (Criteria) this;
+        }
+
+        public Criteria andAuthorityEqualTo(String value) {
+            addCriterion("authority =", value, "authority");
+            return (Criteria) this;
+        }
+
+        public Criteria andAuthorityNotEqualTo(String value) {
+            addCriterion("authority <>", value, "authority");
+            return (Criteria) this;
+        }
+
+        public Criteria andAuthorityGreaterThan(String value) {
+            addCriterion("authority >", value, "authority");
+            return (Criteria) this;
+        }
+
+        public Criteria andAuthorityGreaterThanOrEqualTo(String value) {
+            addCriterion("authority >=", value, "authority");
+            return (Criteria) this;
+        }
+
+        public Criteria andAuthorityLessThan(String value) {
+            addCriterion("authority <", value, "authority");
+            return (Criteria) this;
+        }
+
+        public Criteria andAuthorityLessThanOrEqualTo(String value) {
+            addCriterion("authority <=", value, "authority");
+            return (Criteria) this;
+        }
+
+        public Criteria andAuthorityLike(String value) {
+            addCriterion("authority like", value, "authority");
+            return (Criteria) this;
+        }
+
+        public Criteria andAuthorityNotLike(String value) {
+            addCriterion("authority not like", value, "authority");
+            return (Criteria) this;
+        }
+
+        public Criteria andAuthorityIn(List<String> values) {
+            addCriterion("authority in", values, "authority");
+            return (Criteria) this;
+        }
+
+        public Criteria andAuthorityNotIn(List<String> values) {
+            addCriterion("authority not in", values, "authority");
+            return (Criteria) this;
+        }
+
+        public Criteria andAuthorityBetween(String value1, String value2) {
+            addCriterion("authority between", value1, value2, "authority");
+            return (Criteria) this;
+        }
+
+        public Criteria andAuthorityNotBetween(String value1, String value2) {
+            addCriterion("authority not between", value1, value2, "authority");
+            return (Criteria) this;
+        }
+
         public Criteria andAddressIsNull() {
             addCriterion("address is null");
             return (Criteria) this;

mbg/src/main/resources/com/koobietech/eas/mbg/mapper/EasSysDepartmentMapper.xml

@@ -4,6 +4,7 @@
   <resultMap id="BaseResultMap" type="com.koobietech.eas.mbg.model.EasSysDepartment">
     <id column="id" jdbcType="BIGINT" property="id" />
     <result column="depname" jdbcType="VARCHAR" property="depname" />
+    <result column="authority" jdbcType="VARCHAR" property="authority" />
     <result column="address" jdbcType="VARCHAR" property="address" />
     <result column="phone" jdbcType="VARCHAR" property="phone" />
     <result column="email" jdbcType="VARCHAR" property="email" />
@@ -72,8 +73,8 @@
     </where>
   </sql>
   <sql id="Base_Column_List">
-    id, depname, address, phone, email, manager, create_time, modify_time, create_uid, 
-    disabled
+    id, depname, authority, address, phone, email, manager, create_time, modify_time, 
+    create_uid, disabled
   </sql>
   <select id="selectByExample" parameterType="com.koobietech.eas.mbg.model.EasSysDepartmentExample" resultMap="BaseResultMap">
     select
@@ -109,14 +110,14 @@
     <selectKey keyProperty="id" order="AFTER" resultType="java.lang.Long">
       SELECT LAST_INSERT_ID()
     </selectKey>
-    insert into eas_sys_department (depname, address, phone, 
-      email, manager, create_time, 
-      modify_time, create_uid, disabled
-      )
-    values (#{depname,jdbcType=VARCHAR}, #{address,jdbcType=VARCHAR}, #{phone,jdbcType=VARCHAR}, 
-      #{email,jdbcType=VARCHAR}, #{manager,jdbcType=VARCHAR}, #{createTime,jdbcType=TIMESTAMP}, 
-      #{modifyTime,jdbcType=TIMESTAMP}, #{createUid,jdbcType=INTEGER}, #{disabled,jdbcType=CHAR}
-      )
+    insert into eas_sys_department (depname, authority, address, 
+      phone, email, manager, 
+      create_time, modify_time, create_uid, 
+      disabled)
+    values (#{depname,jdbcType=VARCHAR}, #{authority,jdbcType=VARCHAR}, #{address,jdbcType=VARCHAR}, 
+      #{phone,jdbcType=VARCHAR}, #{email,jdbcType=VARCHAR}, #{manager,jdbcType=VARCHAR}, 
+      #{createTime,jdbcType=TIMESTAMP}, #{modifyTime,jdbcType=TIMESTAMP}, #{createUid,jdbcType=INTEGER}, 
+      #{disabled,jdbcType=CHAR})
   </insert>
   <insert id="insertSelective" parameterType="com.koobietech.eas.mbg.model.EasSysDepartment">
     <selectKey keyProperty="id" order="AFTER" resultType="java.lang.Long">
@@ -127,6 +128,9 @@
       <if test="depname != null">
         depname,
       </if>
+      <if test="authority != null">
+        authority,
+      </if>
       <if test="address != null">
         address,
       </if>
@@ -156,6 +160,9 @@
       <if test="depname != null">
         #{depname,jdbcType=VARCHAR},
       </if>
+      <if test="authority != null">
+        #{authority,jdbcType=VARCHAR},
+      </if>
       <if test="address != null">
         #{address,jdbcType=VARCHAR},
       </if>
@@ -197,6 +204,9 @@
       <if test="record.depname != null">
         depname = #{record.depname,jdbcType=VARCHAR},
       </if>
+      <if test="record.authority != null">
+        authority = #{record.authority,jdbcType=VARCHAR},
+      </if>
       <if test="record.address != null">
         address = #{record.address,jdbcType=VARCHAR},
       </if>
@@ -230,6 +240,7 @@
     update eas_sys_department
     set id = #{record.id,jdbcType=BIGINT},
       depname = #{record.depname,jdbcType=VARCHAR},
+      authority = #{record.authority,jdbcType=VARCHAR},
       address = #{record.address,jdbcType=VARCHAR},
       phone = #{record.phone,jdbcType=VARCHAR},
       email = #{record.email,jdbcType=VARCHAR},
@@ -248,6 +259,9 @@
       <if test="depname != null">
         depname = #{depname,jdbcType=VARCHAR},
       </if>
+      <if test="authority != null">
+        authority = #{authority,jdbcType=VARCHAR},
+      </if>
       <if test="address != null">
         address = #{address,jdbcType=VARCHAR},
       </if>
@@ -278,6 +292,7 @@
   <update id="updateByPrimaryKey" parameterType="com.koobietech.eas.mbg.model.EasSysDepartment">
     update eas_sys_department
     set depname = #{depname,jdbcType=VARCHAR},
+      authority = #{authority,jdbcType=VARCHAR},
       address = #{address,jdbcType=VARCHAR},
       phone = #{phone,jdbcType=VARCHAR},
       email = #{email,jdbcType=VARCHAR},

security/src/main/java/com/koobietech/eas/security/config/SecurityConfig.java

@@ -14,6 +14,9 @@ import org.springframework.security.web.authentication.UsernamePasswordAuthentic
 
 import javax.annotation.Resource;
 
+/**
+ * @author lc
+ */
 @Configuration
 @EnableWebSecurity
 public class SecurityConfig {
@@ -25,7 +28,7 @@ public class SecurityConfig {
     IgnoreUrlsConfig ignoreUrlsConfig;
 
     @Bean
-    public SecurityFilterChain t(HttpSecurity httpSecurity) throws Exception {
+    public SecurityFilterChain buildSecurityFilterChain(HttpSecurity httpSecurity) throws Exception {
 
         ExpressionUrlAuthorizationConfigurer<HttpSecurity>.ExpressionInterceptUrlRegistry
                 registry = httpSecurity.authorizeRequests();
@@ -33,7 +36,8 @@ public class SecurityConfig {
         for (String url : ignoreUrlsConfig.getIgnored()) {
             registry.antMatchers(url).permitAll();
         }
-        registry.anyRequest().authenticated();
+        registry.anyRequest()
+                .access("@SecurityAccessService.hasPermission(request, authentication)");
 
         HttpSecurity and = httpSecurity
                 .csrf()

security/src/main/java/com/koobietech/eas/security/filter/EasSecurityFilter.java

@@ -3,7 +3,6 @@ package com.koobietech.eas.security.filter;
 import com.koobietech.eas.common.exception.EasException;
 import com.koobietech.eas.common.pojo.JwtUserPojo;
 import com.koobietech.eas.common.utils.JwtManager;
-import com.koobietech.eas.dao.pojo.PermissionPojo;
 import com.koobietech.eas.dao.pojo.UserDetailPojo;
 import com.koobietech.eas.service.EasSysUserLoginRedisService;
 import org.slf4j.Logger;
@@ -67,15 +66,15 @@ public class EasSecurityFilter extends OncePerRequestFilter {
                     SecurityContext context = SecurityContextHolder.getContext();
 
                     // 获取用户的权限列表
-                    List<PermissionPojo> permissionPojo = userDetailPojo.getPermissionPojos();
+                    List<String> permissionPojo = userDetailPojo.getPermissionPojos();
 
                     // 创建一个 ArrayList 集合，用于存储用户权限对应的 SimpleGrantedAuthority 权限对象
                     ArrayList<SimpleGrantedAuthority> objects = new ArrayList<>();
 
                     // 遍历用户的权限列表
-                    for (PermissionPojo adminPermissionPojo : permissionPojo) {
+                    for (String userPermission : permissionPojo) {
                         // 创建一个 SimpleGrantedAuthority 权限对象，并添加到集合中
-                        SimpleGrantedAuthority authority = new SimpleGrantedAuthority(adminPermissionPojo.getDescription());
+                        SimpleGrantedAuthority authority = new SimpleGrantedAuthority(userPermission);
                         objects.add(authority);
                     }
 

security/src/main/java/com/koobietech/eas/security/service/SecurityAccessService.java

@@ -0,0 +1,12 @@
+package com.koobietech.eas.security.service;
+
+import org.springframework.security.core.Authentication;
+
+import javax.servlet.http.HttpServletRequest;
+
+/**
+ * @author lc
+ */
+public interface SecurityAccessService {
+    Boolean hasPermission(HttpServletRequest httpServletRequest, Authentication authentication);
+}

security/src/main/java/com/koobietech/eas/security/service/impl/SecurityAccessServiceImpl.java

@@ -0,0 +1,28 @@
+package com.koobietech.eas.security.service.impl;
+
+import com.koobietech.eas.common.utils.SecurityManager;
+import com.koobietech.eas.security.service.SecurityAccessService;
+import org.springframework.security.core.Authentication;
+import org.springframework.security.core.GrantedAuthority;
+import org.springframework.security.core.authority.SimpleGrantedAuthority;
+import org.springframework.stereotype.Service;
+
+import javax.servlet.http.HttpServletRequest;
+import java.util.Collection;
+
+/**
+ * @author lc
+ */
+@Service("SecurityAccessService")
+public class SecurityAccessServiceImpl implements SecurityAccessService {
+    @Override
+    public Boolean hasPermission(HttpServletRequest request, Authentication authentication) {
+        Authentication userAuthentication= SecurityManager.getAuthentication();
+        if ( userAuthentication != null ) {
+            Collection<? extends GrantedAuthority> authorities = userAuthentication.getAuthorities();
+            System.out.println( "URI:" + request.getRequestURI() );
+            return authorities.contains(new SimpleGrantedAuthority(request.getRequestURI()));
+        }
+        return false;
+    }
+}

service/src/main/java/com/koobietech/eas/service/config/EasAuthorityConfig.java

@@ -0,0 +1,29 @@
+package com.koobietech.eas.service.config;
+
+import lombok.Data;
+import org.springframework.boot.context.properties.ConfigurationProperties;
+import org.springframework.stereotype.Component;
+
+import java.util.ArrayList;
+import java.util.List;
+
+/**
+ * @author lc
+ *
+ * 配置数据库记录权限太麻烦了
+ * 使用注解又不够灵活
+ * 我觉得使用配置项 作为权限配置
+ * 比较合适 因此有了这个配置文件
+ * 作为基于 动态权限和固定权限中间的选项
+ *
+ */
+@Data
+@Component
+@ConfigurationProperties(prefix = "eas.authority")
+public class EasAuthorityConfig {
+    private List<String> authorization = new ArrayList<>();
+    private List<String> student = new ArrayList<>();
+    private List<String> teacher = new ArrayList<>();
+    private List<String> easgroup = new ArrayList<>();
+    private List<String> admin = new ArrayList<>();
+}

service/src/main/java/com/koobietech/eas/service/impl/EasStuProfileServiceImpl.java

@@ -178,6 +178,15 @@ public class EasStuProfileServiceImpl implements EasStuProfileService {
 
     @Override
     public String downloadArchives(String studentNumber) {
+        if ( studentNumber == null || studentNumber.isEmpty() || studentNumber.length() < 10 ) {
+            return null;
+        }
+        EasSysStudentExample easSysStudentExample = new EasSysStudentExample();
+        easSysStudentExample.createCriteria().andStudentNumberEqualTo(studentNumber);
+        List<EasSysStudent> easSysStudents = easSysStudentMapper.selectByExample(easSysStudentExample);
+        if ( easSysStudents.size() == 0 ) {
+            return null;
+        }
         String zipArchives = easArchivesFilesService.createZipArchives(studentNumber);
         return easArchiveFileDownloadService.getArchiveDownloadToken( studentNumber , zipArchives);
     }

service/src/main/java/com/koobietech/eas/service/impl/EasSysAdminLoginServiceImpl.java

@@ -1,25 +1,29 @@
 package com.koobietech.eas.service.impl;
 
 import com.anji.captcha.model.common.ResponseModel;
-import com.koobietech.eas.dao.constant.UserType;
 import com.koobietech.eas.common.exception.EasException;
 import com.koobietech.eas.common.pojo.JwtUserPojo;
 import com.koobietech.eas.common.result.JsonResult;
 import com.koobietech.eas.common.utils.JwtManager;
 import com.koobietech.eas.common.utils.PasswordManager;
-import com.koobietech.eas.dao.pojo.UserDetailPojo;
+import com.koobietech.eas.dao.constant.UserType;
 import com.koobietech.eas.dao.dto.LoginTokenDto;
 import com.koobietech.eas.dao.mapper.AdminLoginMapper;
+import com.koobietech.eas.dao.pojo.AdminPojo;
+import com.koobietech.eas.dao.pojo.DepartmentPojo;
+import com.koobietech.eas.dao.pojo.UserDetailPojo;
 import com.koobietech.eas.mbg.mapper.EasSysUserinfoMapper;
 import com.koobietech.eas.mbg.model.EasSysUserinfo;
 import com.koobietech.eas.mbg.model.EasSysUserinfoExample;
 import com.koobietech.eas.service.EasSysAdminLoginService;
 import com.koobietech.eas.service.EasSysUserLoginRedisService;
-import com.koobietech.eas.dao.pojo.AdminPojo;
+import com.koobietech.eas.service.config.EasAuthorityConfig;
 import org.springframework.security.crypto.password.PasswordEncoder;
 import org.springframework.stereotype.Service;
 
 import javax.annotation.Resource;
+import java.lang.reflect.InvocationTargetException;
+import java.lang.reflect.Method;
 import java.util.List;
 import java.util.Optional;
 
@@ -37,6 +41,8 @@ public class EasSysAdminLoginServiceImpl implements EasSysAdminLoginService {
     @Resource
     private EasSysUserLoginRedisService loginRedisService;
     @Resource
+    private EasAuthorityConfig  easAuthorityConfig;
+    @Resource
     private JwtManager jwtManager;
 
     // token过期时间 单位：s
@@ -57,17 +63,33 @@ public class EasSysAdminLoginServiceImpl implements EasSysAdminLoginService {
         Long id = easSysUserinfo.getId();
         //先调用自定义sql查询detail类中的数据 最后把这个类封装到redis里面
         UserDetailPojo userDetailPojoInRedis = adminLoginMapper.getUserDetailById(id);
-        System.out.println("接收前" + userDetailPojoInRedis);
-        userDetailPojoInRedis.setDepartments(adminLoginMapper.getUserDepartmentsById(id));
-        userDetailPojoInRedis.setPermissionPojos(adminLoginMapper.getUserPermissionsById(id));
-        System.out.println("接收后" + userDetailPojoInRedis);
 
-        // 先调用自定义sql查询用户详细信息、部门信息 和 权限信息
+        userDetailPojoInRedis.setDepartments(adminLoginMapper.getUserDepartmentsById(id));
+        List<DepartmentPojo> departments = userDetailPojoInRedis.getDepartments();
+        departments.forEach(departmentPojo -> {
+            try {
+                String authority = departmentPojo.getAuthority();
+                if ( authority != null && !authority.isEmpty() ) {
+                    String methodName = Character.toUpperCase(authority.charAt(0)) + authority.substring(1);
+                    Method declaredMethod = easAuthorityConfig.getClass().getDeclaredMethod("get" + methodName, null);
+                    if ( declaredMethod != null ) {
+                        List<String> depUrlList = (List<String>) declaredMethod.invoke(easAuthorityConfig, null);
+                        userDetailPojoInRedis.setPermissionPojos(depUrlList);
+                    }
+                }
+            } catch (NoSuchMethodException ignored) {}
+            catch (IllegalAccessException ignored) {}
+            catch (InvocationTargetException ignored) {}
+        });
+
+
+        // 此处的用户类型 主要给前端构建菜单用, 后台配置菜单太麻烦了
         UserType userType = UserType.TEACHER;
         if (userDetailPojoInRedis.getUsername().equals("admin")) {
             userType = UserType.ADMIN;
         }
         userDetailPojoInRedis.setUserType(userType);
+
         // 生成token
         JwtUserPojo jwtUserPojo = new JwtUserPojo(userDetailPojoInRedis.getUsername(), userDetailPojoInRedis.getId(), userType);
         String token = jwtManager.createJwt(jwtUserPojo, token_expires);
@@ -172,8 +194,6 @@ public class EasSysAdminLoginServiceImpl implements EasSysAdminLoginService {
 
     private void validatePassword(String inputPassword, String encryptedPassword){
         String decryptedPassword = passwordManager.decryptPassword(inputPassword);
-        System.out.println("前端解密来的decryptedPassword: " + decryptedPassword);
-        System.out.println("数据库查到的密码easSysUserinfo.getPasswd(): " + encryptedPassword);
         if (!passwordEncoder.matches(decryptedPassword, encryptedPassword)) {
             throw new EasException("密码不正确", 9901);
         }

service/src/main/java/com/koobietech/eas/service/impl/EasSysStudentLoginServiceImpl.java

@@ -6,6 +6,7 @@ import com.koobietech.eas.common.utils.JwtManager;
 import com.koobietech.eas.common.utils.PasswordManager;
 import com.koobietech.eas.dao.constant.UserType;
 import com.koobietech.eas.dao.dto.LoginTokenDto;
+import com.koobietech.eas.dao.pojo.DepartmentPojo;
 import com.koobietech.eas.dao.pojo.UserDetailPojo;
 import com.koobietech.eas.dao.mapper.AdminLoginMapper;
 import com.koobietech.eas.dao.pojo.AdminPojo;
@@ -14,10 +15,13 @@ import com.koobietech.eas.mbg.model.EasSysStudent;
 import com.koobietech.eas.mbg.model.EasSysStudentExample;
 import com.koobietech.eas.service.EasSysUserLoginRedisService;
 import com.koobietech.eas.service.EasSysStudentLoginService;
+import com.koobietech.eas.service.config.EasAuthorityConfig;
 import org.springframework.security.crypto.password.PasswordEncoder;
 import org.springframework.stereotype.Service;
 
 import javax.annotation.Resource;
+import java.lang.reflect.InvocationTargetException;
+import java.lang.reflect.Method;
 import java.util.List;
 import java.util.Optional;
 
@@ -43,6 +47,9 @@ public class EasSysStudentLoginServiceImpl implements EasSysStudentLoginService
     @Resource
     EasSysUserLoginRedisService studentLoginRedisService;
 
+    @Resource
+    private EasAuthorityConfig easAuthorityConfig;
+
     @Resource
     JwtManager jwtManager;
 
@@ -64,7 +71,18 @@ public class EasSysStudentLoginServiceImpl implements EasSysStudentLoginService
         //先调用自定义sql查询detail类中的数据 最后把这个类封装到redis里面
         UserDetailPojo userDetailPojo = adminLoginMapper.getStudentDetailById(adminId);
         userDetailPojo.setDepartments(adminLoginMapper.getStudentDepartmentsById(adminId));
-        userDetailPojo.setPermissionPojos(adminLoginMapper.getStudentPermissionsById(adminId));
+        //TODO
+        List<DepartmentPojo> departments = userDetailPojo.getDepartments();
+        departments.forEach(departmentPojo -> {
+            try {
+                String authority = departmentPojo.getAuthority();
+                String methodName = Character.toUpperCase(authority.charAt(0)) + authority.substring(1);
+                Method declaredMethod = easAuthorityConfig.getClass().getDeclaredMethod("get" + methodName, null);
+                List<String> depUrlList = (List<String>) declaredMethod.invoke(easAuthorityConfig, null);
+                userDetailPojo.setPermissionPojos(depUrlList);
+            } catch (NoSuchMethodException ignored) {}
+            catch (InvocationTargetException | IllegalAccessException ignored) {}
+        });
 
         userDetailPojo.setUserType(UserType.MEMBER);
         // 生成token