From 68fc18071164a063caf06d9e549602a44464bd2e Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?=E9=BB=84=E6=98=95?= Date: Wed, 13 Dec 2023 16:29:58 +0800 Subject: [PATCH] =?UTF-8?q?OCT=201.=20=E9=87=8D=E6=96=B0=E7=BB=84=E7=BB=87?= =?UTF-8?q?=E4=BB=A3=E7=A0=81?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- config/application-local.properties | 14 +- .../configure/SecuritySecurity.java | 6 +- .../cf/controller/CommonFrameworkApi.java | 9 +- .../database/config/MybatisPlusConfigure.java | 19 ++ .../exception/ControllerExceptionHandler.java | 11 +- .../annotation/DecryptionProtocol.java} | 4 +- .../annotation/EncryptionProtocol.java} | 4 +- .../crypto/RequestProtocolSecurity.java | 105 +++++++++++ .../crypto/ResponseProtocolSecurity.java | 6 +- src/main/resources/rbac/data.sql | 96 ++++++++++ src/main/resources/rbac/schema.sql | 177 ++++++++++++++++++ 11 files changed, 431 insertions(+), 20 deletions(-) rename src/main/java/com/cmhi/cf/{ => authentication}/configure/SecuritySecurity.java (91%) create mode 100644 src/main/java/com/cmhi/cf/database/config/MybatisPlusConfigure.java rename src/main/java/com/cmhi/cf/{crypto/annotation/Decryption.java => restapi/annotation/DecryptionProtocol.java} (75%) rename src/main/java/com/cmhi/cf/{crypto/annotation/Encryption.java => restapi/annotation/EncryptionProtocol.java} (75%) create mode 100644 src/main/java/com/cmhi/cf/restapi/crypto/RequestProtocolSecurity.java create mode 100644 src/main/resources/rbac/data.sql create mode 100644 src/main/resources/rbac/schema.sql diff --git a/config/application-local.properties b/config/application-local.properties index e8f3b5d..b863654 100644 --- a/config/application-local.properties +++ b/config/application-local.properties @@ -6,10 +6,16 @@ jasypt.encryptor.algorithm=PBEWITHHMACSHA512ANDAES_256 jasypt.encryptor.password= # mysql -spring.datasource.url=jdbc:mysql://172.21.44.61:3306/gamedatabase?serverTimezone=Asia/Shanghai&zeroDateTimeBehavior=convertToNull&useUnicode=true +spring.datasource.url=jdbc:mysql://101.35.234.160:32306/rbac?serverTimezone=Asia/Shanghai&zeroDateTimeBehavior=convertToNull&useUnicode=true spring.datasource.driver-class-name=com.mysql.cj.jdbc.Driver -spring.datasource.username=admin -spring.datasource.password= +spring.datasource.username=cmhi +spring.datasource.password=cmHi10086! +spring.sql.init.encoding=utf8 +spring.sql.init.schema-locations=classpath:rbac/schema.sql +spring.sql.init.data-locations=classpath:rbac/data.sql +# ALWAYS/EMBEDDED/NEVER +spring.sql.init.mode=always +spring.sql.init.enabled=false spring.datasource.dbcp2.max-total=128 spring.datasource.dbcp2.max-wait-millis=10000 @@ -24,7 +30,7 @@ spring.datasource.dbcp2.connection-properties=characterEncoding=utf8 mybatis.mapper-locations=classpath*:mappers/*.xml mybatis.type-aliases-package=com.cmhi.gds.pojo.entry mybatis.configuration.default-enum-type-handler=com.cmhi.cf.common.CommonEnumHandler - +mybatis-plus.global-config.banner = false #pagehelper pagehelper.helper-dialect=mysql diff --git a/src/main/java/com/cmhi/cf/configure/SecuritySecurity.java b/src/main/java/com/cmhi/cf/authentication/configure/SecuritySecurity.java similarity index 91% rename from src/main/java/com/cmhi/cf/configure/SecuritySecurity.java rename to src/main/java/com/cmhi/cf/authentication/configure/SecuritySecurity.java index 97b9ec9..4144172 100644 --- a/src/main/java/com/cmhi/cf/configure/SecuritySecurity.java +++ b/src/main/java/com/cmhi/cf/authentication/configure/SecuritySecurity.java @@ -1,5 +1,6 @@ -package com.cmhi.cf.configure; +package com.cmhi.cf.authentication.configure; +import org.mybatis.spring.annotation.MapperScan; import org.springframework.context.annotation.Bean; import org.springframework.context.annotation.Configuration; import org.springframework.http.HttpMethod; @@ -17,6 +18,7 @@ import org.springframework.security.web.SecurityFilterChain; @Configuration @EnableWebSecurity +@MapperScan(value = {"com.cmhi.cf.authentication.db.mapper"}) public class SecuritySecurity { @Bean public static PasswordEncoder passwordEncoder() { @@ -33,7 +35,7 @@ public class SecuritySecurity { resp.requestMatchers(HttpMethod.GET, "/version").hasRole("USER"); }).formLogin(AbstractAuthenticationFilterConfigurer::permitAll); - //(form -> form.loginPage("/login").defaultSuccessUrl("/index").permitAll()).logout(LogoutConfigurer::permitAll); + //(form -> form.loginPage("/login").defaultSuccessUrl("/index").permitAll()).logout(LogoutConfigurer::permitAll); return http.build(); } diff --git a/src/main/java/com/cmhi/cf/controller/CommonFrameworkApi.java b/src/main/java/com/cmhi/cf/controller/CommonFrameworkApi.java index cdf0e37..5668fcd 100644 --- a/src/main/java/com/cmhi/cf/controller/CommonFrameworkApi.java +++ b/src/main/java/com/cmhi/cf/controller/CommonFrameworkApi.java @@ -1,8 +1,8 @@ package com.cmhi.cf.controller; import com.cmhi.cf.common.ErrorCode; -import com.cmhi.cf.crypto.annotation.Decryption; -import com.cmhi.cf.crypto.annotation.Encryption; +import com.cmhi.cf.restapi.annotation.DecryptionProtocol; +import com.cmhi.cf.restapi.annotation.EncryptionProtocol; import com.cmhi.cf.restapi.pojo.dto.ProtocolReqDTO; import com.cmhi.cf.restapi.pojo.vo.BaseRespStatus; import com.cmhi.cf.restapi.pojo.vo.ProtocolRespDTO; @@ -20,11 +20,12 @@ import org.springframework.web.bind.annotation.ResponseBody; @Slf4j @Tag(name = "Foo控制器") public class CommonFrameworkApi { - @Encryption - @Decryption + @EncryptionProtocol + @DecryptionProtocol @PostMapping("/version") @ResponseBody public ProtocolRespDTO getVersion(@Validated(ValidGroups.BaseProtocolValid.class) @RequestBody ProtocolReqDTO mr) { + log.info("Request: {}", mr.getMsgContent()); return ProtocolRespDTO.result(ErrorCode.ERR_OK); } diff --git a/src/main/java/com/cmhi/cf/database/config/MybatisPlusConfigure.java b/src/main/java/com/cmhi/cf/database/config/MybatisPlusConfigure.java new file mode 100644 index 0000000..4497a01 --- /dev/null +++ b/src/main/java/com/cmhi/cf/database/config/MybatisPlusConfigure.java @@ -0,0 +1,19 @@ +package com.cmhi.cf.database.config; + +import com.baomidou.mybatisplus.extension.plugins.MybatisPlusInterceptor; +import com.baomidou.mybatisplus.extension.plugins.inner.PaginationInnerInterceptor; +import org.mybatis.spring.annotation.MapperScan; +import org.springframework.context.annotation.Bean; +import org.springframework.context.annotation.Configuration; + +@Configuration +@MapperScan("com.cmhi.cf.database.mapper") +public class MybatisPlusConfigure { + @Bean + public MybatisPlusInterceptor mybatisPlusInterceptor() { + // 添加分页插件 + MybatisPlusInterceptor interceptor = new MybatisPlusInterceptor(); + interceptor.addInnerInterceptor(new PaginationInnerInterceptor()); + return interceptor; + } +} diff --git a/src/main/java/com/cmhi/cf/exception/ControllerExceptionHandler.java b/src/main/java/com/cmhi/cf/exception/ControllerExceptionHandler.java index 8831606..1768b40 100644 --- a/src/main/java/com/cmhi/cf/exception/ControllerExceptionHandler.java +++ b/src/main/java/com/cmhi/cf/exception/ControllerExceptionHandler.java @@ -10,7 +10,6 @@ import com.cmhi.cf.restapi.pojo.vo.ProtocolRespDTO; import jakarta.servlet.http.HttpServletRequest; import jakarta.servlet.http.HttpServletResponse; import lombok.extern.slf4j.Slf4j; -import org.springframework.validation.FieldError; import org.springframework.web.bind.MethodArgumentNotValidException; import org.springframework.web.bind.annotation.ControllerAdvice; import org.springframework.web.bind.annotation.ExceptionHandler; @@ -18,6 +17,7 @@ import org.springframework.web.bind.annotation.ResponseBody; import java.util.ArrayList; import java.util.List; +import java.util.concurrent.atomic.AtomicInteger; @ControllerAdvice @Slf4j @@ -25,7 +25,12 @@ public class ControllerExceptionHandler { @ExceptionHandler(MethodArgumentNotValidException.class) @ResponseBody public ProtocolRespDTO controllerGlobalException(MethodArgumentNotValidException e) { - List errMsg = e.getBindingResult().getFieldErrors().stream().map(FieldError::getDefaultMessage).toList(); + AtomicInteger idx = new AtomicInteger(); + List errMsg = e.getBindingResult() + .getFieldErrors() + .stream() + .map(v -> idx.getAndIncrement() + ": " + v.getDefaultMessage()) + .toList(); return ProtocolRespDTO.result(ErrorCode.ERR_PARAMEXCEPTION, ErrorCode.ERR_PARAMEXCEPTION.getHttpCode(), errMsg.toArray(new String[0])); @@ -58,7 +63,7 @@ public class ControllerExceptionHandler { rsp.setStatus(ErrorCode.ERR_PARAMEXCEPTION.getHttpCode()); if (ex.getMessage() != null && !ex.getMessage().isEmpty()) { - errMeg.add(ex.getMessage()); + errMeg.add(ex.getErr().getStringValue() + ": " + ex.getDescription()); } return ProtocolRespDTO.result(ErrorCode.ERR_PARAMEXCEPTION, diff --git a/src/main/java/com/cmhi/cf/crypto/annotation/Decryption.java b/src/main/java/com/cmhi/cf/restapi/annotation/DecryptionProtocol.java similarity index 75% rename from src/main/java/com/cmhi/cf/crypto/annotation/Decryption.java rename to src/main/java/com/cmhi/cf/restapi/annotation/DecryptionProtocol.java index f996dd6..b511f7d 100644 --- a/src/main/java/com/cmhi/cf/crypto/annotation/Decryption.java +++ b/src/main/java/com/cmhi/cf/restapi/annotation/DecryptionProtocol.java @@ -1,4 +1,4 @@ -package com.cmhi.cf.crypto.annotation; +package com.cmhi.cf.restapi.annotation; import java.lang.annotation.ElementType; import java.lang.annotation.Retention; @@ -7,5 +7,5 @@ import java.lang.annotation.Target; @Target({ElementType.TYPE, ElementType.METHOD}) @Retention(RetentionPolicy.RUNTIME) -public @interface Decryption { +public @interface DecryptionProtocol { } diff --git a/src/main/java/com/cmhi/cf/crypto/annotation/Encryption.java b/src/main/java/com/cmhi/cf/restapi/annotation/EncryptionProtocol.java similarity index 75% rename from src/main/java/com/cmhi/cf/crypto/annotation/Encryption.java rename to src/main/java/com/cmhi/cf/restapi/annotation/EncryptionProtocol.java index 4dafc0f..40fe9b1 100644 --- a/src/main/java/com/cmhi/cf/crypto/annotation/Encryption.java +++ b/src/main/java/com/cmhi/cf/restapi/annotation/EncryptionProtocol.java @@ -1,4 +1,4 @@ -package com.cmhi.cf.crypto.annotation; +package com.cmhi.cf.restapi.annotation; import java.lang.annotation.ElementType; import java.lang.annotation.Retention; @@ -7,5 +7,5 @@ import java.lang.annotation.Target; @Target({ElementType.TYPE, ElementType.METHOD}) @Retention(RetentionPolicy.RUNTIME) -public @interface Encryption { +public @interface EncryptionProtocol { } diff --git a/src/main/java/com/cmhi/cf/restapi/crypto/RequestProtocolSecurity.java b/src/main/java/com/cmhi/cf/restapi/crypto/RequestProtocolSecurity.java new file mode 100644 index 0000000..3e684d4 --- /dev/null +++ b/src/main/java/com/cmhi/cf/restapi/crypto/RequestProtocolSecurity.java @@ -0,0 +1,105 @@ +package com.cmhi.cf.restapi.crypto; + + +import com.cmhi.cf.restapi.annotation.DecryptionProtocol; +import com.cmhi.cf.restapi.service.ProtocolSecurityService; +import jakarta.annotation.Resource; +import lombok.extern.slf4j.Slf4j; +import org.jetbrains.annotations.NotNull; +import org.springframework.core.MethodParameter; +import org.springframework.http.HttpInputMessage; +import org.springframework.http.converter.HttpMessageConverter; +import org.springframework.web.bind.annotation.RestControllerAdvice; +import org.springframework.web.servlet.mvc.method.annotation.RequestBodyAdvice; + +import java.io.IOException; +import java.lang.reflect.Type; + +/** + * The type Request protocol security. + * + * @author + */ +@Slf4j +@RestControllerAdvice +public class RequestProtocolSecurity implements RequestBodyAdvice { + + /** + * The Protocol security service. + */ + @Resource + private ProtocolSecurityService protocolSecurityService; + + /** + * Supports boolean. + * + * @param methodParameter the method parameter + * @param type the type + * @param aClass the a class + * @return the boolean + */ + @Override + public boolean supports(@NotNull MethodParameter methodParameter, + @NotNull Type type, + @NotNull Class> aClass) { + return methodParameter.getContainingClass().isAnnotationPresent(DecryptionProtocol.class) + || methodParameter.hasMethodAnnotation(DecryptionProtocol.class); + } + + /** + * Before body read http input message. + * + * @param httpInputMessage the http input message + * @param methodParameter the method parameter + * @param type the type + * @param aClass the a class + * @return the http input message + */ + @Override + @NotNull + public HttpInputMessage beforeBodyRead(@NotNull HttpInputMessage httpInputMessage, + @NotNull MethodParameter methodParameter, + @NotNull Type type, + @NotNull Class> aClass) throws IOException { + return protocolSecurityService.decryptProtocol(httpInputMessage); + } + + /** + * Handle empty body object. + * + * @param o the o + * @param httpInputMessage the http input message + * @param methodParameter the method parameter + * @param type the type + * @param aClass the a class + * @return the object + */ + @Override + public Object handleEmptyBody(Object o, + @NotNull HttpInputMessage httpInputMessage, + @NotNull MethodParameter methodParameter, + @NotNull Type type, + @NotNull Class> aClass) { + return o; + } + + /** + * After body read object. + * + * @param o the o + * @param httpInputMessage the http input message + * @param methodParameter the method parameter + * @param type the type + * @param aClass the a class + * @return the object + */ + @Override + @NotNull + public Object afterBodyRead(@NotNull Object o, + @NotNull HttpInputMessage httpInputMessage, + @NotNull MethodParameter methodParameter, + @NotNull Type type, + @NotNull Class> aClass) { + return o; + } +} diff --git a/src/main/java/com/cmhi/cf/restapi/crypto/ResponseProtocolSecurity.java b/src/main/java/com/cmhi/cf/restapi/crypto/ResponseProtocolSecurity.java index 8db7f96..d696de4 100644 --- a/src/main/java/com/cmhi/cf/restapi/crypto/ResponseProtocolSecurity.java +++ b/src/main/java/com/cmhi/cf/restapi/crypto/ResponseProtocolSecurity.java @@ -1,6 +1,6 @@ package com.cmhi.cf.restapi.crypto; -import com.cmhi.cf.crypto.annotation.Encryption; +import com.cmhi.cf.restapi.annotation.EncryptionProtocol; import com.cmhi.cf.restapi.config.ProtoCryptoType; import com.cmhi.cf.restapi.config.ProtocolConfigure; import com.cmhi.cf.restapi.pojo.vo.ProtocolRespDTO; @@ -32,8 +32,8 @@ public class ResponseProtocolSecurity implements ResponseBodyAdvice { @Override public boolean supports(@NotNull MethodParameter methodParameter, @NotNull Class> aClass) { - return methodParameter.getContainingClass().isAnnotationPresent(Encryption.class) - || methodParameter.hasMethodAnnotation(Encryption.class); + return methodParameter.getContainingClass().isAnnotationPresent(EncryptionProtocol.class) + || methodParameter.hasMethodAnnotation(EncryptionProtocol.class); } @Override diff --git a/src/main/resources/rbac/data.sql b/src/main/resources/rbac/data.sql new file mode 100644 index 0000000..8d51cad --- /dev/null +++ b/src/main/resources/rbac/data.sql @@ -0,0 +1,96 @@ +-- 关闭外键约束检查 +set foreign_key_checks = 0; + +INSERT INTO user (id, username, gender, state, organization_id) VALUES (1, 'admin', 0, 0, 1); +INSERT INTO user (id, username, gender, state, organization_id) VALUES (2, 'user', 1, 0, 3); +INSERT INTO user (id, username, gender, state, organization_id) VALUES (3, 'guest', 0, 0, 5); + +INSERT INTO organization (id, name, parent_ids, type, parent_id) VALUES (1, '根节点', '/', 0, null); +INSERT INTO organization (id, name, parent_ids, type, parent_id) VALUES (2, '管理员', '/1/', 0, 1); +INSERT INTO organization (id, name, parent_ids, type, parent_id) VALUES (3, '操作用户', '/1/', 0, 1); +INSERT INTO organization (id, name, parent_ids, type, parent_id) VALUES (4, '测试账号', '/1/', 0, 1); +INSERT INTO organization (id, name, parent_ids, type, parent_id) VALUES (5, '访客账号', '/1/', 0, 1); + +INSERT INTO role (id, available, description, name) VALUES (1, true, '超级管理员可以对企业内的所有用户进行管理,请谨慎修改超管权限', '超级管理员'); +INSERT INTO role (id, available, description, name) VALUES (2, true, '项目开发人员', '开发者'); +INSERT INTO role (id, available, description, name) VALUES (3, true, '普通的用户', '普通用户'); +INSERT INTO role (id, available, description, name) VALUES (4, false, '系统访客,不需要认证,最小权限', '游客'); + +INSERT INTO user_credential (id, credential, identifier, identity_type, user_id) VALUES (1, '456b7016a916a4b178dd72b947c152b7', 'admin', 0, 1); +INSERT INTO user_credential (id, credential, identifier, identity_type, user_id) VALUES (2, 'a81be4e9b20632860d20a64c054c4150', 'user', 0, 2); +INSERT INTO user_credential (id, credential, identifier, identity_type, user_id) VALUES (3, '2ec099f2d602cc4968c5267970be1326', 'guest', 0, 3); + +INSERT INTO user_role (user_id, role_id) VALUES (1, 1); +INSERT INTO user_role (user_id, role_id) VALUES (2, 3); +INSERT INTO user_role (user_id, role_id) VALUES (3, 4); + +INSERT INTO resource (id, name, parent_ids, permission, type, url, parent_id) VALUES (1, '根节点', null, '*', null, null, null); +INSERT INTO resource (id, name, parent_ids, permission, type, url, parent_id) VALUES (2, '仪表盘', null, 'dashboard', 0, '/dashboard', 1); +INSERT INTO resource (id, name, parent_ids, permission, type, url, parent_id) VALUES (3, '系统管理', null, 'sys', 0, '/sys', 1); +INSERT INTO resource (id, name, parent_ids, permission, type, url, parent_id) VALUES (4, '用户管理', null, 'user:view', 0, '/users', 3); +INSERT INTO resource (id, name, parent_ids, permission, type, url, parent_id) VALUES (5, '角色管理', null, 'role:view', 0, '/roles', 3); +INSERT INTO resource (id, name, parent_ids, permission, type, url, parent_id) VALUES (6, '权限资源', null, 'resource:view', 0, '/resources', 3); +INSERT INTO resource (id, name, parent_ids, permission, type, url, parent_id) VALUES (7, '查看用户', null, 'user:view', 1, null, 4); +INSERT INTO resource (id, name, parent_ids, permission, type, url, parent_id) VALUES (8, '新增用户', null, 'user:create', 1, null, 4); +INSERT INTO resource (id, name, parent_ids, permission, type, url, parent_id) VALUES (9, '修改用户', null, 'user:update', 1, null, 4); +INSERT INTO resource (id, name, parent_ids, permission, type, url, parent_id) VALUES (10, '删除用户', null, 'user:delete', 1, null, 4); +INSERT INTO resource (id, name, parent_ids, permission, type, url, parent_id) VALUES (11, '查看角色', null, 'role:view', 1, null, 5); +INSERT INTO resource (id, name, parent_ids, permission, type, url, parent_id) VALUES (12, '新增角色', null, 'role:create', 1, null, 5); +INSERT INTO resource (id, name, parent_ids, permission, type, url, parent_id) VALUES (13, '修改角色', null, 'role:update', 1, null, 5); +INSERT INTO resource (id, name, parent_ids, permission, type, url, parent_id) VALUES (14, '删除角色', null, 'role:delete', 1, null, 5); +INSERT INTO resource (id, name, parent_ids, permission, type, url, parent_id) VALUES (15, '查看资源', null, 'resource:view', 1, null, 6); +INSERT INTO resource (id, name, parent_ids, permission, type, url, parent_id) VALUES (16, '新增资源', null, 'resource:create', 1, null, 6); +INSERT INTO resource (id, name, parent_ids, permission, type, url, parent_id) VALUES (17, '修改资源', null, 'resource:update', 1, null, 6); +INSERT INTO resource (id, name, parent_ids, permission, type, url, parent_id) VALUES (18, '删除资源', null, 'resource:delete', 1, null, 6); +INSERT INTO resource (id, name, parent_ids, permission, type, url, parent_id) VALUES (19, '新增组织架构', null, 'organization:create', 1, null, 4); +INSERT INTO resource (id, name, parent_ids, permission, type, url, parent_id) VALUES (20, '修改组织架构', null, 'organization:update', 1, null, 4); +INSERT INTO resource (id, name, parent_ids, permission, type, url, parent_id) VALUES (21, '删除组织架构', null, 'organization:delete', 1, null, 4); +INSERT INTO resource (id, name, parent_ids, permission, type, url, parent_id) VALUES (22, '操作日志', null, 'log:view', 0, '/logs', 3); +INSERT INTO resource (id, name, parent_ids, permission, type, url, parent_id) VALUES (23, '清空日志', null, 'log:clean', 1, null, 22); +INSERT INTO resource (id, name, parent_ids, permission, type, url, parent_id) VALUES (24, '查看日志', null, 'log:view', 1, null, 22); + +INSERT INTO role_resource (role_id, resource_id) VALUES (1, 2); +INSERT INTO role_resource (role_id, resource_id) VALUES (1, 3); +INSERT INTO role_resource (role_id, resource_id) VALUES (1, 4); +INSERT INTO role_resource (role_id, resource_id) VALUES (1, 5); +INSERT INTO role_resource (role_id, resource_id) VALUES (1, 6); +INSERT INTO role_resource (role_id, resource_id) VALUES (1, 7); +INSERT INTO role_resource (role_id, resource_id) VALUES (1, 8); +INSERT INTO role_resource (role_id, resource_id) VALUES (1, 9); +INSERT INTO role_resource (role_id, resource_id) VALUES (1, 10); +INSERT INTO role_resource (role_id, resource_id) VALUES (1, 11); +INSERT INTO role_resource (role_id, resource_id) VALUES (1, 12); +INSERT INTO role_resource (role_id, resource_id) VALUES (1, 13); +INSERT INTO role_resource (role_id, resource_id) VALUES (1, 14); +INSERT INTO role_resource (role_id, resource_id) VALUES (1, 15); +INSERT INTO role_resource (role_id, resource_id) VALUES (1, 16); +INSERT INTO role_resource (role_id, resource_id) VALUES (1, 17); +INSERT INTO role_resource (role_id, resource_id) VALUES (1, 18); +INSERT INTO role_resource (role_id, resource_id) VALUES (1, 19); +INSERT INTO role_resource (role_id, resource_id) VALUES (1, 20); +INSERT INTO role_resource (role_id, resource_id) VALUES (1, 21); +INSERT INTO role_resource (role_id, resource_id) VALUES (1, 22); +INSERT INTO role_resource (role_id, resource_id) VALUES (1, 23); +INSERT INTO role_resource (role_id, resource_id) VALUES (1, 24); +INSERT INTO role_resource (role_id, resource_id) VALUES (2, 2); +INSERT INTO role_resource (role_id, resource_id) VALUES (2, 3); +INSERT INTO role_resource (role_id, resource_id) VALUES (2, 6); +INSERT INTO role_resource (role_id, resource_id) VALUES (2, 15); +INSERT INTO role_resource (role_id, resource_id) VALUES (2, 16); +INSERT INTO role_resource (role_id, resource_id) VALUES (2, 17); +INSERT INTO role_resource (role_id, resource_id) VALUES (2, 18); +INSERT INTO role_resource (role_id, resource_id) VALUES (2, 22); +INSERT INTO role_resource (role_id, resource_id) VALUES (2, 23); +INSERT INTO role_resource (role_id, resource_id) VALUES (2, 24); +INSERT INTO role_resource (role_id, resource_id) VALUES (3, 2); +INSERT INTO role_resource (role_id, resource_id) VALUES (4, 2); +INSERT INTO role_resource (role_id, resource_id) VALUES (4, 3); +INSERT INTO role_resource (role_id, resource_id) VALUES (4, 4); +INSERT INTO role_resource (role_id, resource_id) VALUES (4, 5); +INSERT INTO role_resource (role_id, resource_id) VALUES (4, 6); +INSERT INTO role_resource (role_id, resource_id) VALUES (4, 7); +INSERT INTO role_resource (role_id, resource_id) VALUES (4, 11); +INSERT INTO role_resource (role_id, resource_id) VALUES (4, 15); + +-- 开启外键约束检查 +set foreign_key_checks = 1; \ No newline at end of file diff --git a/src/main/resources/rbac/schema.sql b/src/main/resources/rbac/schema.sql new file mode 100644 index 0000000..8601d09 --- /dev/null +++ b/src/main/resources/rbac/schema.sql @@ -0,0 +1,177 @@ +/* + Navicat Premium Data Transfer + + Source Server : 腾讯云 + Source Server Type : MySQL + Source Server Version : 80033 + Source Host : 101.35.234.160:32306 + Source Schema : admin3 + + Target Server Type : MySQL + Target Server Version : 80033 + File Encoding : 65001 + + Date: 07/12/2023 16:34:32 +*/ + +SET NAMES utf8mb4; +SET FOREIGN_KEY_CHECKS = 0; + +-- ---------------------------- +-- Table structure for organization +-- ---------------------------- +DROP TABLE IF EXISTS `organization`; +CREATE TABLE `organization` +( + `id` bigint NOT NULL AUTO_INCREMENT COMMENT 'id', + `name` varchar(255) CHARACTER SET utf8mb3 COLLATE utf8mb3_general_ci NOT NULL COMMENT '组织名', + `parent_ids` varchar(255) CHARACTER SET utf8mb3 COLLATE utf8mb3_general_ci NULL DEFAULT NULL COMMENT '组织层次结构', + `type` smallint NOT NULL COMMENT '组织类型: 0 --> 部门, 1 --> 岗位', + `parent_id` bigint NULL DEFAULT NULL COMMENT '父ID', + PRIMARY KEY (`id`) USING BTREE, + INDEX `FKc30yedjwp9qw1f3nn2ytda7tj` (`parent_id` ASC) USING BTREE, + CONSTRAINT `FKc30yedjwp9qw1f3nn2ytda7tj` FOREIGN KEY (`parent_id`) REFERENCES `organization` (`id`) ON DELETE RESTRICT ON UPDATE RESTRICT +) ENGINE = InnoDB + AUTO_INCREMENT = 6 + CHARACTER SET = utf8mb3 + COLLATE = utf8mb3_general_ci + ROW_FORMAT = Dynamic COMMENT ='组织架构'; + +-- ---------------------------- +-- Table structure for resource +-- ---------------------------- +DROP TABLE IF EXISTS `resource`; +CREATE TABLE `resource` +( + `id` bigint NOT NULL AUTO_INCREMENT COMMENT 'id', + `icon` varchar(255) CHARACTER SET utf8mb3 COLLATE utf8mb3_general_ci NULL DEFAULT NULL COMMENT '图标', + `name` varchar(255) CHARACTER SET utf8mb3 COLLATE utf8mb3_general_ci NULL DEFAULT NULL COMMENT '权限名称', + `parent_ids` varchar(255) CHARACTER SET utf8mb3 COLLATE utf8mb3_general_ci NULL DEFAULT NULL COMMENT '上层组织名称', + `permission` varchar(255) CHARACTER SET utf8mb3 COLLATE utf8mb3_general_ci NULL DEFAULT NULL COMMENT '权限', + `type` smallint NULL DEFAULT NULL COMMENT '权限类型: 0 --> 菜单, 1 --> 按钮', + `url` varchar(255) CHARACTER SET utf8mb3 COLLATE utf8mb3_general_ci NULL DEFAULT NULL COMMENT 'URL路径', + `parent_id` bigint NULL DEFAULT NULL COMMENT '上层组织ID', + PRIMARY KEY (`id`) USING BTREE, + INDEX `FKs2byvqo0b2enh3rltln5mmvyl` (`parent_id` ASC) USING BTREE, + CONSTRAINT `FKs2byvqo0b2enh3rltln5mmvyl` FOREIGN KEY (`parent_id`) REFERENCES `resource` (`id`) ON DELETE RESTRICT ON UPDATE RESTRICT +) ENGINE = InnoDB + AUTO_INCREMENT = 25 + CHARACTER SET = utf8mb3 + COLLATE = utf8mb3_general_ci + ROW_FORMAT = Dynamic COMMENT '权限资源'; + +-- ---------------------------- +-- Table structure for role +-- ---------------------------- +DROP TABLE IF EXISTS `role`; +CREATE TABLE `role` +( + `id` bigint NOT NULL AUTO_INCREMENT COMMENT 'id', + `available` bit(1) NULL DEFAULT NULL COMMENT '是否有效', + `description` varchar(255) CHARACTER SET utf8mb3 COLLATE utf8mb3_general_ci NULL DEFAULT NULL COMMENT '权限描述', + `name` varchar(255) CHARACTER SET utf8mb3 COLLATE utf8mb3_general_ci NOT NULL COMMENT '权限名称', + PRIMARY KEY (`id`) USING BTREE, + UNIQUE INDEX `UK_8sewwnpamngi6b1dwaa88askk` (`name` ASC) USING BTREE +) ENGINE = InnoDB + AUTO_INCREMENT = 5 + CHARACTER SET = utf8mb3 + COLLATE = utf8mb3_general_ci + ROW_FORMAT = Dynamic COMMENT '权限'; + +-- ---------------------------- +-- Table structure for role_resource +-- ---------------------------- +DROP TABLE IF EXISTS `role_resource`; +CREATE TABLE `role_resource` +( + `role_id` bigint NOT NULL COMMENT '权限id', + `resource_id` bigint NOT NULL COMMENT '权限资源id', + PRIMARY KEY (`resource_id`, `role_id`) USING BTREE, + INDEX `FKh8lunkrwoyio367ec8y12bis1` (`role_id` ASC) USING BTREE, + CONSTRAINT `FKh8lunkrwoyio367ec8y12bis1` FOREIGN KEY (`role_id`) REFERENCES `role` (`id`) ON DELETE RESTRICT ON UPDATE RESTRICT, + CONSTRAINT `FKr2orp5em3dob6f299ra9oyexr` FOREIGN KEY (`resource_id`) REFERENCES `resource` (`id`) ON DELETE RESTRICT ON UPDATE RESTRICT +) ENGINE = InnoDB + CHARACTER SET = utf8mb3 + COLLATE = utf8mb3_general_ci + ROW_FORMAT = Dynamic COMMENT '权限资源'; + +-- ---------------------------- +-- Table structure for user +-- ---------------------------- +DROP TABLE IF EXISTS `user`; +CREATE TABLE `user` +( + `id` bigint NOT NULL AUTO_INCREMENT COMMENT 'id', + `created_time` datetime(6) NULL DEFAULT CURRENT_TIMESTAMP(6) COMMENT '创建时间', + `gender` smallint NOT NULL COMMENT '创建用户', + `state` smallint NOT NULL COMMENT '当前状态: 0 --> 正常, 1 --> 删除', + `username` varchar(255) CHARACTER SET utf8mb3 COLLATE utf8mb3_general_ci NOT NULL COMMENT '用户名', + `organization_id` bigint NULL DEFAULT NULL COMMENT '组织架构id', + PRIMARY KEY (`id`) USING BTREE, + UNIQUE INDEX `UK_sb8bbouer5wak8vyiiy4pf2bx` (`username` ASC) USING BTREE, + INDEX `FK9o02c5db97siwu48bqivpo4c0` (`organization_id` ASC) USING BTREE, + CONSTRAINT `FK9o02c5db97siwu48bqivpo4c0` FOREIGN KEY (`organization_id`) REFERENCES `organization` (`id`) ON DELETE RESTRICT ON UPDATE RESTRICT +) ENGINE = InnoDB + AUTO_INCREMENT = 1000 + CHARACTER SET = utf8mb3 + COLLATE = utf8mb3_general_ci + ROW_FORMAT = Dynamic COMMENT '用户表'; + +-- ---------------------------- +-- Table structure for user_credential +-- ---------------------------- +DROP TABLE IF EXISTS `user_credential`; +CREATE TABLE `user_credential` +( + `id` bigint NOT NULL AUTO_INCREMENT COMMENT 'id', + `credential` varchar(255) CHARACTER SET utf8mb3 COLLATE utf8mb3_general_ci NOT NULL COMMENT '用户密码', + `identifier` varchar(255) CHARACTER SET utf8mb3 COLLATE utf8mb3_general_ci NOT NULL COMMENT '用户标识', + `identity_type` smallint NULL DEFAULT NULL COMMENT '登录类型', + `user_id` bigint NULL DEFAULT NULL COMMENT '用户id', + PRIMARY KEY (`id`) USING BTREE, + INDEX `FK6y499rs9ocqqa3kdpu2f32m86` (`user_id` ASC) USING BTREE, + CONSTRAINT `FK6y499rs9ocqqa3kdpu2f32m86` FOREIGN KEY (`user_id`) REFERENCES `user` (`id`) ON DELETE RESTRICT ON UPDATE RESTRICT +) ENGINE = InnoDB + AUTO_INCREMENT = 4 + CHARACTER SET = utf8mb3 + COLLATE = utf8mb3_general_ci + ROW_FORMAT = Dynamic COMMENT '用户认证'; + +-- ---------------------------- +-- Table structure for user_role +-- ---------------------------- +DROP TABLE IF EXISTS `user_role`; +CREATE TABLE `user_role` +( + `user_id` bigint NOT NULL COMMENT '用户id', + `role_id` bigint NOT NULL COMMENT '权限id', + PRIMARY KEY (`role_id`, `user_id`) USING BTREE, + INDEX `FKfgsgxvihks805qcq8sq26ab7c` (`user_id` ASC) USING BTREE, + CONSTRAINT `FKa68196081fvovjhkek5m97n3y` FOREIGN KEY (`role_id`) REFERENCES `role` (`id`) ON DELETE RESTRICT ON UPDATE RESTRICT, + CONSTRAINT `FKfgsgxvihks805qcq8sq26ab7c` FOREIGN KEY (`user_id`) REFERENCES `user` (`id`) ON DELETE RESTRICT ON UPDATE RESTRICT +) ENGINE = InnoDB + CHARACTER SET = utf8mb3 + COLLATE = utf8mb3_general_ci + ROW_FORMAT = Dynamic COMMENT '用户权限'; + +-- ---------------------------- +-- Table structure for stored_event +-- ---------------------------- +DROP TABLE IF EXISTS `system_log`; +CREATE TABLE `system_log` +( + `id` bigint NOT NULL AUTO_INCREMENT COMMENT 'id', + `event_body` longtext CHARACTER SET utf8mb3 COLLATE utf8mb3_general_ci NULL COMMENT '操作日志', + `occurred_on` datetime(6) NULL DEFAULT CURRENT_TIMESTAMP(6) COMMENT '操作时间', + `type_name` varchar(255) CHARACTER SET utf8mb3 COLLATE utf8mb3_general_ci NULL DEFAULT NULL COMMENT '操作类型', + `user_id` bigint NULL DEFAULT NULL COMMENT '操作用户id', + PRIMARY KEY (`id`) USING BTREE, + INDEX `FK4y0r4thyym073n8jo5a5pci88` (`user_id` ASC) USING BTREE, + CONSTRAINT `FK4y0r4thyym073n8jo5a5pci88` FOREIGN KEY (`user_id`) REFERENCES `user` (`id`) ON DELETE RESTRICT ON UPDATE RESTRICT +) ENGINE = InnoDB + AUTO_INCREMENT = 1 + CHARACTER SET = utf8mb3 + COLLATE = utf8mb3_general_ci + ROW_FORMAT = Dynamic COMMENT '系统操作日志'; + +SET FOREIGN_KEY_CHECKS = 1;