- 由于不同的用户拥有不同的权限,所以在前端页面左侧侧边栏中,当用户拥有指定的权限时,才显示指定的子菜单
- 做1个监听器,监听到用户认证成功后,则获取该用户拥有的权限,重新封装1个SysUser对象交给security处理
# core模块编写1个接口
public interface AuthenticationSuccessListener {
void successListener(HttpServletRequest request, HttpServletResponse response, Authentication authentication);
}
# 监听器注入认证成功的处理器,监听该处理器
@Autowired(required = false) // 容器中可以不需要有接口的实现,如果有则自动注入
AuthenticationSuccessListener authenticationSuccessListener;
if(authenticationSuccessListener != null) {
// 当认证之后 ,调用此监听,进行后续处理,比如加载用户权限菜单
authenticationSuccessListener.successListener(request, response, authentication);
}
# web模块中实现该监听器,在实现类中获取并封装SysUser对象
@Component
public class MenuAuthenticationSuccessListener implements AuthenticationSuccessListener {
Logger logger = LoggerFactory.getLogger(getClass());
/**
* 查询当前用户所拥有的权限菜单
* 获取到权限后,会在AbstractUserDetailsService中将SysUser交给security处理
* 前端根据每个人不同的权限显示不同的菜单
* 前端获取每个人权限的方法,查看博客https://www.cnblogs.com/chniny/p/16409107.html
*/
@Override
public void successListener(HttpServletRequest request, HttpServletResponse response, Authentication authentication) {
Object principal = authentication.getPrincipal();
if(principal != null && principal instanceof SysUser) {
SysUser sysUser = (SysUser)principal;
loadMenuTree(sysUser);
}
// 打印每个用户所拥有的权限
Object newPrincipal = authentication.getPrincipal();
logger.info("newPrincipal: " + newPrincipal);
}
/**
* 只加载菜单 ,不需要按钮
* @param sysUser
*/
public void loadMenuTree(SysUser sysUser) {
// 获取到了当前登录用户的菜单 和按钮
List<SysPermission> permissions = sysUser.getPermissions();
if(CollectionUtils.isEmpty(permissions)) {
return;
}
// 1. 获取权限集合中所有的菜单 ,不要按钮
List<SysPermission> menuList = Lists.newArrayList();
for(SysPermission p: permissions) {
if(p.getType().equals(1)) {
menuList.add(p);
}
}
// 2. 获取一下每个菜单 的子菜单
for(SysPermission menu: menuList) {
// 存放当前菜单的所有子菜单
List<SysPermission> childMenu = Lists.newArrayList();
List<String> childUrl = Lists.newArrayList();
// 获取menu菜单下的所有子菜单
for(SysPermission p: menuList) {
// 如果p.parentId等于menu.id则就是它的子菜单
if(p.getParentId().equals(menu.getId())) {
childMenu.add(p);
childUrl.add(p.getUrl());
}
}
// 设置子菜单
menu.setChildren(childMenu);
menu.setChildrenUrl(childUrl);
}
// 3. menuList 里面每个SysPermission都有一个 子菜单Children集合
// 首页》Children没有元素, 系统管理SysPermission》Children有3个元素(用户,角色,权限)
List<SysPermission> result = Lists.newArrayList();
for(SysPermission menu: menuList) {
// 如果父id是0,则根菜单
if(menu.getParentId().equals(0L)) {
result.add(menu);
}
}
// 最终把获取的根菜单(子菜单集合)重新设置到permission集合中
sysUser.setPermissions(result);
}
}
- 测试
# 浏览器
http://localhost/login
# 控制台
09:57:53.294 INFO 8128 --- [p-nio-80-exec-2] c.y.s.service.CustomUserDetailsService : 请求认证的用户名: test
09:57:54.954 INFO 8128 --- [p-nio-80-exec-2] com.alibaba.druid.pool.DruidDataSource : {dataSource-1} inited
09:57:54.958 DEBUG 8128 --- [p-nio-80-exec-2] c.y.s.mapper.SysUserMapper.selectOne : ==> Preparing: SELECT id,update_date,nick_name,mobile,is_account_non_locked,password,is_account_non_expired,is_credentials_non_expired,is_enabled,email,username,create_date FROM sys_user WHERE (username = ?)
09:57:54.969 DEBUG 8128 --- [p-nio-80-exec-2] c.y.s.mapper.SysUserMapper.selectOne : ==> Parameters: test(String)
09:57:55.002 DEBUG 8128 --- [p-nio-80-exec-2] c.y.s.mapper.SysUserMapper.selectOne : <== Total: 1
09:57:55.004 DEBUG 8128 --- [p-nio-80-exec-2] c.y.s.m.S.selectPermissionByUserId : ==> Preparing: SELECT DISTINCT p.id, p.parent_id, p. NAME, p. CODE, p.url, p.type, p.icon, p.remark, p.create_date, p.update_date FROM sys_user AS u LEFT JOIN sys_user_role AS ur ON u.id = ur.user_id LEFT JOIN sys_role AS r ON ur.role_id = r.id LEFT JOIN sys_role_permission AS rp ON rp.role_id = r.id LEFT JOIN sys_permission AS p ON rp.permission_id = p.id WHERE u.id = ?
09:57:55.004 DEBUG 8128 --- [p-nio-80-exec-2] c.y.s.m.S.selectPermissionByUserId : ==> Parameters: 10(Long)
09:57:55.026 DEBUG 8128 --- [p-nio-80-exec-2] c.y.s.m.S.selectPermissionByUserId : <== Total: 7
09:57:55.091 INFO 8128 --- [p-nio-80-exec-2] .y.s.a.MenuAuthenticationSuccessListener : 查询用户所拥有的权限菜单: org.springframework.security.authentication.UsernamePasswordAuthenticationToken@c0f3a48d: Principal: SysUser(id=10, username=test, password=$2a$10$rDkPvvAFV8kqwvKJzwlRv.i.q.wz1w1pz0SFsHn/55jNeZFQv/eCm, isAccountNonExpired=true, isAccountNonLocked=true, isCredentialsNonExpired=true, isEnabled=true, authorities=[sys:permission:list, sys:manage, sys:user, sys:user:list, sys:role, sys:role:list, sys:permission], nickName=测试, mobile=16888886666, [email protected], createDate=Tue Aug 08 11:11:11 GMT+08:00 2023, updateDate=Tue Aug 08 11:11:11 GMT+08:00 2023, roleList=[], roleIds=[], permissions=[SysPermission(id=29, parentId=28, parentName=根菜单, name=列表, code=sys:permission:list, url=null, type=2, icon=null, remark=权限列表, createDate=Tue Aug 08 11:11:11 GMT+08:00 2023, updateDate=Tue Aug 08 11:11:11 GMT+08:00 2023, children=null, childrenUrl=null), SysPermission(id=17, parentId=0, parentName=根菜单, name=系统管理, code=sys:manage, url=null, type=1, icon=fa fa-cogs, remark=null, createDate=Tue Aug 08 11:11:11 GMT+08:00 2023, updateDate=Wed Aug 09 15:26:28 GMT+08:00 2023, children=null, childrenUrl=null), SysPermission(id=18, parentId=17, parentName=根菜单, name=用户管理, code=sys:user, url=/user, type=1, icon=fa fa-users, remark=null, createDate=Tue Aug 08 11:11:11 GMT+08:00 2023, updateDate=Wed Aug 09 15:26:28 GMT+08:00 2023, children=null, childrenUrl=null), SysPermission(id=19, parentId=18, parentName=根菜单, name=列表, code=sys:user:list, url=, type=2, icon=, remark=员工列表, createDate=Tue Aug 08 11:11:11 GMT+08:00 2023, updateDate=Tue Aug 08 11:11:11 GMT+08:00 2023, children=null, childrenUrl=null), SysPermission(id=23, parentId=17, parentName=根菜单, name=角色管理, code=sys:role, url=/role, type=1, icon=fa fa-user-secret, remark=null, createDate=Tue Aug 08 11:11:11 GMT+08:00 2023, updateDate=Wed Aug 09 15:26:28 GMT+08:00 2023, children=null, childrenUrl=null), SysPermission(id=24, parentId=23, parentName=根菜单, name=列表, code=sys:role:list, url=null, type=2, icon=null, remark=角色列表, createDate=Tue Aug 08 11:11:11 GMT+08:00 2023, updateDate=Tue Aug 08 11:11:11 GMT+08:00 2023, children=null, childrenUrl=null), SysPermission(id=28, parentId=17, parentName=根菜单, name=权限管理, code=sys:permission, url=/permission, type=1, icon=fa fa-cog, remark=null, createDate=Tue Aug 08 11:11:11 GMT+08:00 2023, updateDate=Wed Aug 09 15:26:28 GMT+08:00 2023, children=null, childrenUrl=null)]); Credentials: [PROTECTED]; Authenticated: true; Details: org.springframework.security.web.authentication.WebAuthenticationDetails@b364: RemoteIpAddress: 0:0:0:0:0:0:0:1; SessionId: null; Granted Authorities: sys:permission:list, sys:manage, sys:user, sys:user:list, sys:role, sys:role:list, sys:permission
09:57:55.092 INFO 8128 --- [p-nio-80-exec-2] .y.s.a.MenuAuthenticationSuccessListener : newPrincipal: SysUser(id=10, username=test, password=$2a$10$rDkPvvAFV8kqwvKJzwlRv.i.q.wz1w1pz0SFsHn/55jNeZFQv/eCm, isAccountNonExpired=true, isAccountNonLocked=true, isCredentialsNonExpired=true, isEnabled=true, authorities=[sys:permission:list, sys:manage, sys:user, sys:user:list, sys:role, sys:role:list, sys:permission], nickName=测试, mobile=16888886666, [email protected], createDate=Tue Aug 08 11:11:11 GMT+08:00 2023, updateDate=Tue Aug 08 11:11:11 GMT+08:00 2023, roleList=[], roleIds=[], permissions=[SysPermission(id=17, parentId=0, parentName=根菜单, name=系统管理, code=sys:manage, url=null, type=1, icon=fa fa-cogs, remark=null, createDate=Tue Aug 08 11:11:11 GMT+08:00 2023, updateDate=Wed Aug 09 15:26:28 GMT+08:00 2023, children=[SysPermission(id=18, parentId=17, parentName=根菜单, name=用户管理, code=sys:user, url=/user, type=1, icon=fa fa-users, remark=null, createDate=Tue Aug 08 11:11:11 GMT+08:00 2023, updateDate=Wed Aug 09 15:26:28 GMT+08:00 2023, children=[], childrenUrl=[]), SysPermission(id=23, parentId=17, parentName=根菜单, name=角色管理, code=sys:role, url=/role, type=1, icon=fa fa-user-secret, remark=null, createDate=Tue Aug 08 11:11:11 GMT+08:00 2023, updateDate=Wed Aug 09 15:26:28 GMT+08:00 2023, children=[], childrenUrl=[]), SysPermission(id=28, parentId=17, parentName=根菜单, name=权限管理, code=sys:permission, url=/permission, type=1, icon=fa fa-cog, remark=null, createDate=Tue Aug 08 11:11:11 GMT+08:00 2023, updateDate=Wed Aug 09 15:26:28 GMT+08:00 2023, children=[], childrenUrl=[])], childrenUrl=[/user, /role, /permission])])
CustomAuthenticationSuccessHandler ---> success