preface
Generally speaking, every system will have permission management, and based on RBAC is the most common way, this rapid development framework also uses RBAC, but in the management of permission resources and the traditional approach is somewhat different.
define
Rbac is role-based Access Control. Let roles bind permissions, users bind roles, and they all have many-to-many relationships.
Access the resource
After the separation of the front and back ends, I divide the permission resources into the following three types:
-
API interface
The separation of the front and back ends abandons the traditional server-side rendering method, and the back end only needs to provide an API interface. At this point, each control layer method is a privilege resource.
-
Routing menu
The routing menu is the route that the front end needs to organize the critical skeleton of an application,
-
Page button
Action buttons on the front page
role
Management roles of the system. Each role can have multiple management users.
The user
A management user of the system. A user can have multiple roles.
Permission Mode of resource management
In traditional practice, all three types of permissions mentioned above are managed in repositories. Here, there is a slight difference from the traditional approach. The following are the management methods for the three types of resources:
The resource type | Management style |
---|---|
API interface | For those of you who have seen the CURD template before, there are annotations on the classes and methods of our control layer, corresponding to springMVC and SwaggerUI annotations, so we can reassemble the data of these annotations to form permission resources for the back end to check and allocate when the system starts. |
Routing menu | Route menu is corresponding to the front-end menu, here will be the same as the traditional approach, the background management page to provide manual input. However, the interface can be provided to the super management to synchronize the front-end route menu. After clicking Sync, the basic data of the front-end route can be synchronized to the back-end, which saves some manual maintenance work. |
Page button | The operation buttons on the page generally correspond to an interface resource at the back end, so there is no separate maintenance here. Only the front button permission identification specification is required, and the page button can be identified. |
Swaggerui permission annotation details
Maybe a code snippet would be more straightforward
@RestController
@RequestMapping("/sys/role")
@Api(tags="Sys - Role Management",authorizations={
@Authorization(value="Sys | system management",scopes={
@AuthorizationScope(description="Role Management",scope="sys:role:index")})})public class SysRoleController {
@Autowired
private SysRoleService sysRoleService;
@PostMapping("save")
@ApiOperation(value="Add a role", notes="Add a role",authorizations={
@Authorization(value="Add a role",scopes={
@AuthorizationScope(description="Add a role",scope="sys:role:save")})})publicCommonResult<? > save() { } }Copy the code
Swaggerui have permission to annotate, so can make full use of, I put the permissions resources can be divided into level 3, modules, functions, methods, corresponding to the above sys | system management, role management, adding roles. A complete CURD would have the following permission tree:
Sys | system management - the role management - adding roles - modified role - removed role - get role - paging query role by idCopy the code
Database design
ER figure
slightly
Table design
- The users table (sys_user)
CREATE TABLE 'sys_user' (' id 'bigint(20) unsigned NOT NULL AUTO_INCREMENT COMMENT '主键', 'user_name' varchar(32) NOT NULL COMMENT 'iD ',' real_name 'varchar(32) DEFAULT NULL COMMENT' iD ', 'Avatar' varchar(200) DEFAULT NULL COMMENT 'avatar ',' email 'varchar(64) DEFAULT NULL COMMENT' avatar ', 'mobile_phone' varchar(11) DEFAULT NULL COMMENT 'phone ',' telephone 'varchar(20) DEFAULT NULL COMMENT' phone ', Varchar (10) DEFAULT NULL COMMENT 'add salt ',' salt 'varchar(10) DEFAULT NULL COMMENT' add salt ', ` sex ` int (6) unsigned DEFAULT '1' COMMENT 'gender (2 - > 1 - > MALE | MALE, FEMALE | FEMALE, 3 - > | UNKNOWN UNKNOWN)', Unsigned ` is_locked ` tinyint (1) the DEFAULT '2' COMMENT 'whether lock (1 - > has targeted | YES, 2 - > unlocked | NO)', 'create_time' datetime(3) DEFAULT NULL COMMENT 'update_time' datetime(3) DEFAULT NULL COMMENT 'update_time ', Unsigned ` is_deleted ` tinyint (1) the DEFAULT '1' COMMENT 'whether delete (1 - > not delete | NO, 2 - > deleted | YES)', PRIMARY KEY (` id `), KEY `real_name` (`real_name`), KEY 'user_name' (' user_name ') ENGINE=InnoDB AUTO_INCREMENT=4 DEFAULT CHARSET= UTf8MB4 ROW_FORMAT=COMPACT COMMENT=' user ';Copy the code
- Role table (sys_role)
CREATE TABLE 'sys_role' (' id 'bigint(20) unsigned NOT NULL AUTO_INCREMENT COMMENT '主键', 'name' varchar(64) CHARACTER SET UTf8MB4 NOT NULL COMMENT 'iD ', 'roLE_key' varchar(32) DEFAULT NULL COMMENT 'ID ', ` role_type ` int (6) the DEFAULT '10' COMMENT 'role types (10 - > | ADMIN administrator, 20 - > process auditor | WORKFLOW)', ` is_enabled ` tinyint (1) the DEFAULT '2' COMMENT 'whether to enable (1 - > disable | NO, 2 - > enable | YES)', 'remarking' varchar(255) DEFAULT NULL COMMENT 'remarking ',' create_time 'datetime(3) DEFAULT NULL COMMENT' remarking ', 'update_time' datetime(3) DEFAULT NULL COMMENT 'update_time ', Unsigned ` is_deleted ` tinyint (1) the DEFAULT '1' COMMENT 'whether delete (1 - > not delete | YES, 2 - > deleted | NO)', PRIMARY KEY (' id ') ENGINE=InnoDB AUTO_INCREMENT=2 DEFAULT CHARSET= UTf8 ROW_FORMAT=COMPACT COMMENT=' 1 ';Copy the code
- User role Relationship table (SYS_user_role)
CREATE TABLE 'sys_user_role' (' id 'bigint(20) unsigned NOT NULL AUTO_INCREMENT COMMENT '主键', 'user_id' bigint(20) unsigned DEFAULT NULL COMMENT 'user id',' role_id 'bigint(20) unsigned DEFAULT NULL COMMENT' user id', 'create_time' datetime(3) DEFAULT NULL COMMENT 'update_time' datetime(3) DEFAULT NULL COMMENT 'update_time ', Unsigned ` is_deleted ` tinyint (1) the DEFAULT '1' COMMENT 'whether delete (1 - > not delete | NO, 2 - > deleted | YES)', PRIMARY KEY (' id ')) ENGINE=InnoDB DEFAULT CHARSET= utf8MB4 COMMENT=' table ';Copy the code
- Role resource relationship table (SYS_ROLE_ACCESS)
CREATE TABLE 'sys_ROLE_ACCESS' (' id 'BIGint (20) unsigned NOT NULL AUTO_INCREMENT COMMENT '主键', 'role_id' bigint(20) unsigned DEFAULT NULL COMMENT 'role id',' access 'varchar(64) DEFAULT NULL COMMENT' privilege id', 'create_time' datetime(3) DEFAULT NULL COMMENT 'update_time' datetime(3) DEFAULT NULL COMMENT 'update_time ', ` is_deleted ` tinyint (1) the DEFAULT '1' COMMENT 'whether delete (1 - > not delete | NO, 2 - > deleted | YES)', PRIMARY KEY (` id `), KEY 'idx_sys_ROLE_access' (' access ') USING BTREE) ENGINE=InnoDB DEFAULT CHARSET= utf8MB4 COMMENT=' privileges ';Copy the code
- Routing menu Table (SYS_menu)
CREATE TABLE 'sys_menu' (' id 'bigint(20) unsigned NOT NULL AUTO_INCREMENT COMMENT '主键', 'parent_id' bigint(20) unsigned DEFAULT '0' COMMENT 'parent menu id',' name 'varchar(64) DEFAULT NULL COMMENT' menu id', 'sort' double(10,2) DEFAULT '10.00' COMMENT 'sort ',' route_name 'varchar(64) DEFAULT NULL COMMENT' id ', 'icon' varchar(32) DEFAULT NULL COMMENT 'icon ', Unsigned ` is_show ` tinyint (1) the DEFAULT '2' COMMENT 'is displayed (1 - > don't show | NO, 2 - > display | YES)', 'create_time' datetime(3) DEFAULT NULL COMMENT 'update_time' datetime(3) DEFAULT NULL COMMENT 'update_time ', Unsigned ` is_deleted ` tinyint (1) the DEFAULT '1' COMMENT 'whether delete (1 - > not delete | NO, 2 - > deleted | YES)', PRIMARY KEY (' id ')) ENGINE=InnoDB DEFAULT CHARSET= utf8MB4 COMMENT=' menu ';Copy the code
- Role menu relationship table (SYS_ROLE_MENU)
CREATE TABLE 'sys_ROLE_MENU' (' id 'bigint(20) unsigned NOT NULL AUTO_INCREMENT COMMENT '主键', 'role_id' bigint(20) unsigned NOT NULL COMMENT 'id',' menu_id 'bigint(20) unsigned NOT NULL COMMENT' menu id', 'create_time' datetime(3) DEFAULT NULL COMMENT 'update_time' datetime(3) DEFAULT NULL COMMENT 'update_time ', Unsigned ` is_deleted ` tinyint (1) the DEFAULT '1' COMMENT 'whether delete (1 - > not delete | NO, 2 - > deleted | YES)', PRIMARY KEY (' id ')) ENGINE=InnoDB DEFAULT CHARSET= utf8MB4 COMMENT=' table ';Copy the code
Start coding
The directory structure
├─ SRC /main/ Java ├─ Com.mlDong.modules. Sys ├─ Controller ├─ Java ├─ SRC /main/ Java ├─ Com.mlDong.modules ├─ Class ├─ class exercises ├─ class Exercises ├─ class Exercises ├─ class Exercises ├─ class Exercises ├─ class Exercises ├─ ├─ Class Exercises, Class exercises, class Exercises, class Exercises, class Exercises, class Exercises, class Exercises, class Exercises ├── ├─ ├─ ├─ ├─ ├─ ├─ ├── ├─ ├── ├─ ├── SysRoleServiceImpl. Java └ ─ ─ SysUserServiceImpl. Java ├ ─ ─ SysMenuService. Java ├ ─ ─ SysRbacService. Java ├ ─ ─ SysRoleService. Java └ ─ ─ SysUserService. Java ├ ─ ─ SRC/main/resources └ ─ ─ dao/sys └ ─ ─ sys_user_dao. XML ├ ─ ─ mldong - common ├─ SRC /main/ Java ├─ All exercises ├─ All Exercises ├─ Java ├─ SRC /main/ Java ├─ all Exercises ├─ All Exercises ├─ Java ├─ ├─ Java ├─ Java ├─ Java ├─ Java ├─ Java ├─ Java ├─ Java ├─ Java ├─ Java ├─Copy the code
Core Document Description:
mldong-common/src/main/java/com/mldong/common/access/model/SysAccessModel.java
The permission resource model is the entity class transformed by the permission annotations
package com.mldong.common.access.model;
import java.io.Serializable;
import java.util.List;
/** * Permission resource model *@author mldong
*
*/
public class SysAccessModel implements Serializable{
/ * * * * /
private static final long serialVersionUID = -5248234808496873095L;
/** * primary key, here and access 1 to */
private String id;
/** * Permission identifier, corresponding to the request URI,/sys/user/save===>sys:user:save */
private String access;
/** * Request URI corresponding to RequestMapper */
private String uri;
/** * Permission name */
private String name;
/** * Permission remarks */
private String remark;
/** ** ** ** ** *
private int sort;
/** * subpermission */
private List<SysAccessModel> children;
// omit get set
}
Copy the code
mldong-common/src/main/java/com/mldong/common/access/AccessInitProcessor.java
Permissions control processor (mainly the annotations into access resource model), the realization of spring BeanPostProcessor interface postProcessAfterInitialization method.
package com.mldong.common.access;
import io.swagger.annotations.Api;
import io.swagger.annotations.ApiOperation;
import io.swagger.annotations.Authorization;
import io.swagger.annotations.AuthorizationScope;
import java.lang.reflect.Method;
import java.util.ArrayList;
import java.util.HashMap;
import java.util.List;
import java.util.Map;
import org.springframework.beans.BeansException;
import org.springframework.beans.factory.config.BeanPostProcessor;
import org.springframework.stereotype.Component;
import com.mldong.common.access.model.SysAccessModel;
/** * Control class permissions handler (mainly turn annotations into permissions resource model) *@author mldong
*
*/
@Component
public class AccessInitProcessor implements BeanPostProcessor{
/** * Permission set */
private List<SysAccessModel> accessList = new ArrayList<>();
/** * Module permission */
private Map<String,SysAccessModel> moduleMap = new HashMap<>();
@Override
public Object postProcessBeforeInitialization(Object bean, String beanName) throws BeansException {
return bean;
}
@Override
public Object postProcessAfterInitialization(Object bean, String beanName) throws BeansException {
if(beanName.endsWith("Controller")) {
Api api = bean.getClass().getAnnotation(Api.class);
if(api==null) {
return bean;
}
Authorization[] authorizations = api.authorizations();
if(authorizations.length>0) {
Authorization authorization = authorizations[0];
// Processing module
SysAccessModel moduleAccess = moduleMap.get(authorization.value());
if(null == moduleAccess) {
moduleAccess = handleAuthorization(authorization);
moduleAccess.setChildren(new ArrayList<>());
accessList.add(moduleAccess);
moduleMap.put(authorization.value(), moduleAccess);
}
// Handle the control class
AuthorizationScope[] authorizationScopes = authorization.scopes();
if(authorizations.length>0) {
AuthorizationScope authorizationScope = authorizationScopes[0];
SysAccessModel controllerAccess = handleAuthorizationScope(authorizationScope);
controllerAccess.setChildren(new ArrayList<>());
moduleAccess.getChildren().add(controllerAccess);
// The processing method
Method[] methods = bean.getClass().getMethods();
for (Method method : methods) {
ApiOperation apiOperation = method.getAnnotation(ApiOperation.class);
if(apiOperation==null) {
continue;
}
authorizations = apiOperation.authorizations();
if(authorizations.length>0) {
authorization = authorizations[0];
authorizationScopes = authorization.scopes();
if(authorizations.length>0) {
authorizationScope = authorizationScopes[0];
SysAccessModel methodAccess = handleAuthorizationScope(authorizationScope);
controllerAccess.getChildren().add(methodAccess);
}
}
}
}
}
}
return bean;
}
/** * Handle permission module *@param authorization
*/
private SysAccessModel handleAuthorization(Authorization authorization) {
SysAccessModel moduleAccess = new SysAccessModel();
String value = authorization.value();
String arr [] = value.split("\ \ |");
if(arr.length==2) {
moduleAccess.setId(arr[0]);
moduleAccess.setAccess(arr[0]);
moduleAccess.setName(arr[1]);
moduleAccess.setRemark(arr[1]);
} else {
moduleAccess.setId(value);
moduleAccess.setAccess(value);
moduleAccess.setName(value);
moduleAccess.setRemark(value);
}
moduleAccess.setUri("/"+moduleAccess.getAccess().replaceAll(":"."/"));
return moduleAccess;
}
/** * Process control class *@param authorizationScope
*/
private SysAccessModel handleAuthorizationScope(AuthorizationScope authorizationScope) {
SysAccessModel access = new SysAccessModel();
String scope = authorizationScope.scope();
String descripion = authorizationScope.description();
access.setId(scope);
access.setAccess(scope);
access.setUri("/"+scope.replaceAll(":"."/"));
access.setName(descripion);
access.setRemark(descripion);
return access;
}
public List<SysAccessModel> getAccessList(a) {
returnaccessList; }}Copy the code
mldong-admin/src/main/java/com/mldong/modules/sys/service/SysRbacService.java
Defines interfaces related to permission management
package com.mldong.modules.sys.service;
import java.util.List;
import com.mldong.common.access.model.SysAccessModel;
import com.mldong.common.base.CommonPage;
import com.mldong.common.base.IdAndIdsParam;
import com.mldong.modules.sys.dto.SysUserWithRoleIdPageParam;
import com.mldong.modules.sys.entity.SysMenu;
import com.mldong.modules.sys.entity.SysUser;
/** * Permission management interface *@author mldong
*
*/
public interface SysRbacService {
/** * Get permission tree *@return* /
public List<SysAccessModel> listAccessTree(a);
/** * Role member list *@param param
* @return* /
public CommonPage<SysUser> listUserByRoleId(SysUserWithRoleIdPageParam param);
/** * Save user role relationship *@param param
* @return* /
public int saveUserRole(IdAndIdsParam param);
/** * Removes the user * from the role@param param
* @return* /
public int deleteUserRole(IdAndIdsParam param);
/** * Query the list of users that are not added to the specified role *@param param
* @return* /
public CommonPage<SysUser> listUserNoInRole(SysUserWithRoleIdPageParam param);
/** * Save the role permission resource relationship *@param param
* @return* /
public int saveRoleAccess(IdAndIdsParam param);
/** * Delete role permission resource relationship *@param param
* @return* /
public int deleteRoleAccess(IdAndIdsParam param);
/** * Save the role menu relationship *@param param
*/
public int saveRoleMenu(IdAndIdsParam param);
/** * Delete the role menu relationship *@param param
* @return* /
public int deleteRoleMenu(IdAndIdsParam param);
/** * Check whether the user has permission *@paramUserId userId *@paramAccess Permission identifier *@return* /
public boolean hasAccess(Long userId,String access);
/** * Load the user permission resource identifier *@param userId
* @return* /
public List<String> loadUserAccessList(Long userId);
/** * Load user menu permission *@param userId
* @return* /
public List<SysMenu> loadUserMenuList(Long userId);
}
Copy the code
mldong-admin/src/main/java/com/mldong/modules/sys/controller/SysRbacController.java
Permission management control class
package com.mldong.modules.sys.controller;
import io.swagger.annotations.Api;
import io.swagger.annotations.ApiOperation;
import io.swagger.annotations.Authorization;
import io.swagger.annotations.AuthorizationScope;
import java.util.List;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.validation.annotation.Validated;
import org.springframework.web.bind.annotation.PostMapping;
import org.springframework.web.bind.annotation.RequestBody;
import org.springframework.web.bind.annotation.RequestMapping;
import org.springframework.web.bind.annotation.RestController;
import com.mldong.common.access.model.SysAccessModel;
import com.mldong.common.base.CommonPage;
import com.mldong.common.base.CommonResult;
import com.mldong.common.base.IdAndIdsParam;
import com.mldong.modules.sys.dto.SysUserWithRoleIdPageParam;
import com.mldong.modules.sys.entity.SysUser;
import com.mldong.modules.sys.service.SysRbacService;
@RestController
@RequestMapping("/sys/rbac")
@Api(tags="Sys - Permission Management",authorizations={
@Authorization(value="Sys | system management",scopes={
@AuthorizationScope(description="Rights Management",scope="sys:rbac:index")})})public class SysRbacController {
@Autowired
private SysRbacService sysRbacService;
@PostMapping("listAccessTree")
@ApiOperation(value="Get Permission Resource Tree", notes="Get Permission Resource Tree",authorizations={
@Authorization(value="Get Permission Resource Tree",scopes={
@AuthorizationScope(description="Get Permission Resource Tree",scope="sys:role:listAccessTree")})})public CommonResult<List<SysAccessModel>> listAccessTree() {
return CommonResult.success("Get Permission Resource Tree",sysRbacService.listAccessTree());
}
@PostMapping("listUserByRoleId")
@ApiOperation(value="Role Member List", notes="Role Member List",authorizations={
@Authorization(value="Role Member List",scopes={
@AuthorizationScope(description="Role Member List",scope="sys:role:listUserByRoleId")})})public CommonResult<CommonPage<SysUser>> listUserByRoleId(@RequestBody @Validated SysUserWithRoleIdPageParam param) {
return CommonResult.success("Role Member List",sysRbacService.listUserByRoleId(param));
}
@PostMapping("listUserNoInRole")
@ApiOperation(value="Query the list of users not added to the specified role", notes="Query the list of users not added to the specified role",authorizations={
@Authorization(value="Query the list of users not added to the specified role",scopes={
@AuthorizationScope(description="Query the list of users not added to the specified role",scope="sys:role:listUserNoInRole")})})public CommonResult<CommonPage<SysUser>> listUserNoInRole(@RequestBody @Validated SysUserWithRoleIdPageParam param) {
return CommonResult.success("Query the list of users not added to the specified role",sysRbacService.listUserNoInRole(param));
}
@PostMapping("saveUserRole")
@ApiOperation(value="Save user role relationships", notes="Save user role relationships",authorizations={
@Authorization(value="Save user role relationships",scopes={
@AuthorizationScope(description="Save user role relationships",scope="sys:role:saveUserRole")})})publicCommonResult<? > saveUserRole(@RequestBody @Validated IdAndIdsParam param) {
int count = sysRbacService.saveUserRole(param);
if(count>0) {
return CommonResult.success("User role relationship saved successfully".null);
} else {
return CommonResult.fail("Failed to save user role relationship".null); }}@PostMapping("deleteUserRole")
@ApiOperation(value="Remove user from role", notes="Remove user from role",authorizations={
@Authorization(value="Remove user from role",scopes={
@AuthorizationScope(description="Remove user from role",scope="sys:role:deleteUserRole")})})publicCommonResult<? > deleteUserRole(@RequestBody @Validated IdAndIdsParam param) {
int count = sysRbacService.deleteUserRole(param);
if(count>0) {
return CommonResult.success("User removed from role successfully".null);
} else {
return CommonResult.fail("Failed to remove user from role".null); }}@PostMapping("saveRoleAccess")
@ApiOperation(value="Save role permission resource relationship", notes="Save role permission resource relationship",authorizations={
@Authorization(value="Save role permission resource relationship",scopes={
@AuthorizationScope(description="Save role permission resource relationship",scope="sys:role:saveRoleAccess")})})publicCommonResult<? > saveRoleAccess(@RequestBody @Validated IdAndIdsParam param) {
int count = sysRbacService.saveRoleAccess(param);
if(count>0) {
return CommonResult.success("Role permission resource relationship saved successfully".null);
} else {
return CommonResult.fail("Failed to save role permission resource relationship".null); }}@PostMapping("deleteRoleAccess")
@ApiOperation(value="Delete role permission resource Relationship", notes="Delete role permission resource Relationship",authorizations={
@Authorization(value="Delete role permission resource Relationship",scopes={
@AuthorizationScope(description="Delete role permission resource Relationship",scope="sys:role:deleteRoleAccess")})})publicCommonResult<? > deleteRoleAccess(@RequestBody @Validated IdAndIdsParam param) {
int count = sysRbacService.deleteRoleAccess(param);
if(count>0) {
return CommonResult.success("Role permission resource relationship saved successfully".null);
} else {
return CommonResult.fail("Failed to save role permission resource relationship".null); }}@PostMapping("saveRoleMenu")
@ApiOperation(value="Save role menu relationship", notes="Save role menu relationship",authorizations={
@Authorization(value="Save role menu relationship",scopes={
@AuthorizationScope(description="Save role menu relationship",scope="sys:role:saveRoleMenu")})})publicCommonResult<? > saveRoleMenu(@RequestBody @Validated IdAndIdsParam param) {
int count = sysRbacService.saveRoleMenu(param);
if(count>0) {
return CommonResult.success("Saving role menu relationship succeeded".null);
} else {
return CommonResult.fail("Failed to save role menu relationship".null); }}@PostMapping("deleteRoleMenu")
@ApiOperation(value="Delete role menu relationship", notes="Delete role menu relationship",authorizations={
@Authorization(value="Delete role menu relationship",scopes={
@AuthorizationScope(description="Delete role menu relationship",scope="sys:role:deleteRoleMenu")})})publicCommonResult<? > deleteRoleMenu(@RequestBody @Validated IdAndIdsParam param) {
int count = sysRbacService.deleteRoleMenu(param);
if(count>0) {
return CommonResult.success("Deleting role menu relationship succeeded".null);
} else {
return CommonResult.fail("Failed to delete role menu relationship".null); }}}Copy the code
The resulting permission tree
{
"code": 0."msg": "Get Permission Resource Tree"."data": [{"id": "sys"."access": "sys"."uri": "/sys"."name": "System Management"."remark": "System Management"."sort": 0."children": [{"id": "sys:menu:index"."access": "sys:menu:index"."uri": "/sys/menu/index"."name": "Menu Management"."remark": "Menu Management"."sort": 0."children": [{"id": "sys:menu:remove"."access": "sys:menu:remove"."uri": "/sys/menu/remove"."name": Delete menu."remark": Delete menu."sort": 0
},
{
"id": "sys:menu:get"."access": "sys:menu:get"."uri": "/sys/menu/get"."name": "Get menu by ID"."remark": "Get menu by ID"."sort": 0
},
{
"id": "sys:menu:update"."access": "sys:menu:update"."uri": "/sys/menu/update"."name": "Modify menu"."remark": "Modify menu"."sort": 0
},
{
"id": "sys:menu:list"."access": "sys:menu:list"."uri": "/sys/menu/list"."name": "Paging Query menu"."remark": "Paging Query menu"."sort": 0
},
{
"id": "sys:menu:save"."access": "sys:menu:save"."uri": "/sys/menu/save"."name": "Add menu"."remark": "Add menu"."sort": 0}]}, {"id": "sys:rbac:index"."access": "sys:rbac:index"."uri": "/sys/rbac/index"."name": "Rights Management"."remark": "Rights Management"."sort": 0."children": [{"id": "sys:role:listUserByRoleId"."access": "sys:role:listUserByRoleId"."uri": "/sys/role/listUserByRoleId"."name": "Role Member List"."remark": "Role Member List"."sort": 0
},
{
"id": "sys:role:listAccessTree"."access": "sys:role:listAccessTree"."uri": "/sys/role/listAccessTree"."name": "Get Permission Resource Tree"."remark": "Get Permission Resource Tree"."sort": 0
},
{
"id": "sys:role:listUserNoInRole"."access": "sys:role:listUserNoInRole"."uri": "/sys/role/listUserNoInRole"."name": "Query the list of users not added to the specified role"."remark": "Query the list of users not added to the specified role"."sort": 0
},
{
"id": "sys:role:saveUserRole"."access": "sys:role:saveUserRole"."uri": "/sys/role/saveUserRole"."name": "Save user role relationships"."remark": "Save user role relationships"."sort": 0
},
{
"id": "sys:role:deleteUserRole"."access": "sys:role:deleteUserRole"."uri": "/sys/role/deleteUserRole"."name": "Remove user from role"."remark": "Remove user from role"."sort": 0
},
{
"id": "sys:role:saveRoleAccess"."access": "sys:role:saveRoleAccess"."uri": "/sys/role/saveRoleAccess"."name": "Save role permission resource relationship"."remark": "Save role permission resource relationship"."sort": 0
},
{
"id": "sys:role:deleteRoleAccess"."access": "sys:role:deleteRoleAccess"."uri": "/sys/role/deleteRoleAccess"."name": "Delete role permission resource Relationship"."remark": "Delete role permission resource Relationship"."sort": 0
},
{
"id": "sys:role:saveRoleMenu"."access": "sys:role:saveRoleMenu"."uri": "/sys/role/saveRoleMenu"."name": "Save role menu relationship"."remark": "Save role menu relationship"."sort": 0
},
{
"id": "sys:role:deleteRoleMenu"."access": "sys:role:deleteRoleMenu"."uri": "/sys/role/deleteRoleMenu"."name": "Delete role menu relationship"."remark": "Delete role menu relationship"."sort": 0}]}, {"id": "sys:role:index"."access": "sys:role:index"."uri": "/sys/role/index"."name": "Role Management"."remark": "Role Management"."sort": 0."children": [{"id": "sys:role:remove"."access": "sys:role:remove"."uri": "/sys/role/remove"."name": "Delete role"."remark": "Delete role"."sort": 0
},
{
"id": "sys:role:get"."access": "sys:role:get"."uri": "/sys/role/get"."name": "Get roles by ID"."remark": "Get roles by ID"."sort": 0
},
{
"id": "sys:role:update"."access": "sys:role:update"."uri": "/sys/role/update"."name": "Modify role"."remark": "Modify role"."sort": 0
},
{
"id": "sys:role:list"."access": "sys:role:list"."uri": "/sys/role/list"."name": "Paging query role"."remark": "Paging query role"."sort": 0
},
{
"id": "sys:role:save"."access": "sys:role:save"."uri": "/sys/role/save"."name": "Add a role"."remark": "Add a role"."sort": 0}]}, {"id": "sys:user:index"."access": "sys:user:index"."uri": "/sys/user/index"."name": "User Management"."remark": "User Management"."sort": 0."children": [{"id": "sys:user:remove"."access": "sys:user:remove"."uri": "/sys/user/remove"."name": "Delete user"."remark": "Delete user"."sort": 0
},
{
"id": "sys:user:get"."access": "sys:user:get"."uri": "/sys/user/get"."name": "Get user by ID"."remark": "Get user by ID"."sort": 0
},
{
"id": "sys:user:update"."access": "sys:user:update"."uri": "/sys/user/update"."name": "Update user"."remark": "Update user"."sort": 0
},
{
"id": "sys:user:list"."access": "sys:user:list"."uri": "/sys/user/list"."name": "Paging query user list"."remark": "Paging query user list"."sort": 0
},
{
"id": "sys:user:save"."access": "sys:user:save"."uri": "/sys/user/save"."name": "Add user"."remark": "Add user"."sort": 0}]}]}Copy the code
summary
This article is mainly about collecting permissions annotation scan based on Swaggerui and completing interfaces related to permissions management. So far, the content of login and interceptor has not been added, which will be made up in the next article.
Project source code address
- The back-end
Gitee.com/mldong/mldo…
- The front end
Gitee.com/mldong/mldo…
Related articles
Create a suitable for their own rapid development framework – the pilot
Build a suitable for their own rapid development framework – back-end scaffolding
Build a fast development framework for yourself – integrated Mapper
Build a fast development framework for yourself – integration with Swaggerui and KNIfe4J
Build a suitable for their own rapid development framework – universal class packaging unified result return, unified exception handling
Create a quick development framework for yourself – business error code specifications and practices
Build a quick development framework for yourself – framework layering and CURD sample
Create a suitable for their own rapid development framework – Mapper logical deletion and enumeration type specification
Create a suitable framework for rapid development – Hibernate Validator data verification
Create a suitable for their own rapid development framework – code generator principle and implementation
Create a suitable for their own rapid development framework – universal query design and implementation