feat: 补全组件库、资源库、地图管理的接口权限标识和权限控制预留

补全组件库、资源库、地图管理的接口权限标识和权限控制预留

DataRoom/dataroom-core/pom.xml

@@ -6,7 +6,7 @@
     <parent>
         <groupId>com.gccloud</groupId>
         <artifactId>dataroom</artifactId>
-        <version>1.0.1.2023090501.Alpha</version>
+        <version>1.0.1.2023091801.Alpha</version>
     </parent>
 
     <artifactId>dataroom-core</artifactId>

DataRoom/dataroom-core/src/main/java/com/gccloud/dataroom/core/module/biz/component/controller/BizComponentController.java

@@ -1,10 +1,12 @@
 package com.gccloud.dataroom.core.module.biz.component.controller;
 
+import com.gccloud.common.permission.ApiPermission;
 import com.gccloud.dataroom.core.module.biz.component.dto.BizComponentSearchDTO;
 import com.gccloud.dataroom.core.module.biz.component.entity.BizComponentEntity;
 import com.gccloud.dataroom.core.module.biz.component.service.IBizComponentService;
 import com.gccloud.common.vo.PageVO;
 import com.gccloud.common.vo.R;
+import com.gccloud.dataroom.core.permission.Permission;
 import io.swagger.annotations.*;
 import lombok.extern.slf4j.Slf4j;
 import org.springframework.http.MediaType;
@@ -28,7 +30,7 @@ public class BizComponentController {
     @Resource
     private IBizComponentService bizComponentService;
 
-
+    @ApiPermission(permissions = {Permission.Component.VIEW})
     @GetMapping("/page")
     @ApiOperation(value = "分页", position = 10, notes = "分页查询业务组件", produces = MediaType.APPLICATION_JSON_VALUE)
     @ApiImplicitParams({
@@ -41,6 +43,7 @@ public class BizComponentController {
         return R.success(page);
     }
 
+    @ApiPermission(permissions = {Permission.Component.ADD})
     @PostMapping("/add")
     @ApiOperation(value = "新增", notes = "新增", produces = MediaType.APPLICATION_JSON_VALUE)
     public R<String> add(@ApiParam(name = "新增", value = "传入新增的业务条件", required = true) @RequestBody BizComponentEntity entity) {
@@ -49,6 +52,7 @@ public class BizComponentController {
     }
 
 
+    @ApiPermission(permissions = {Permission.Component.UPDATE})
     @PostMapping("/update")
     @ApiOperation(value = "修改", notes = "修改", produces = MediaType.APPLICATION_JSON_VALUE)
     public R<Void> update(@ApiParam(name = "修改", value = "传入修改的业务条件", required = true) @RequestBody BizComponentEntity entity) {
@@ -56,6 +60,7 @@ public class BizComponentController {
         return R.success();
     }
 
+    @ApiPermission(permissions = {Permission.Component.ADD})
     @PostMapping("/copy/{code}")
     @ApiOperation(value = "复制", notes = "复制", produces = MediaType.APPLICATION_JSON_VALUE)
     public R<String> copy( @PathVariable String code) {
@@ -63,6 +68,7 @@ public class BizComponentController {
         return R.success(newCode);
     }
 
+    @ApiPermission(permissions = {Permission.Component.DELETE})
     @PostMapping("/delete/{id}")
     @ApiOperation(value = "删除", notes = "删除", produces = MediaType.APPLICATION_JSON_VALUE)
     public R<Void> delete(@ApiParam(name = "删除", value = "传入删除的业务条件", required = true) @PathVariable String id) {
@@ -70,6 +76,7 @@ public class BizComponentController {
         return R.success();
     }
 
+    @ApiPermission(permissions = {Permission.Component.VIEW})
     @GetMapping("/info/{code}")
     @ApiOperation(value = "根据编码获取组件", notes = "根据编码获取组件", produces = MediaType.APPLICATION_JSON_VALUE)
     public R<BizComponentEntity> getInfoByCode(@ApiParam(name = "根据编码获取组件", value = "传入根据编码获取组件的业务条件", required = true) @PathVariable String code) {
@@ -77,12 +84,11 @@ public class BizComponentController {
         return R.success(entity);
     }
 
+    @ApiPermission(permissions = {Permission.Component.VIEW})
     @PostMapping("/name/repeat")
     @ApiOperation(value = "名称查重", notes = "名称查重", produces = MediaType.APPLICATION_JSON_VALUE)
     public R<Boolean> nameRepeat(@RequestBody BizComponentEntity entity) {
         return R.success(bizComponentService.checkName(entity.getId(), entity.getName()));
     }
 
-
-
 }

DataRoom/dataroom-core/src/main/java/com/gccloud/dataroom/core/module/file/controller/DataRoomFileController.java

@@ -1,5 +1,6 @@
 package com.gccloud.dataroom.core.module.file.controller;
 
+import com.gccloud.common.permission.ApiPermission;
 import com.gccloud.dataroom.core.module.file.dto.FileSearchDTO;
 import com.gccloud.dataroom.core.module.file.entity.DataRoomFileEntity;
 import com.gccloud.dataroom.core.module.file.service.IDataRoomFileService;
@@ -9,6 +10,7 @@ import com.gccloud.common.controller.SuperController;
 import com.gccloud.common.utils.BeanConvertUtils;
 import com.gccloud.common.vo.PageVO;
 import com.gccloud.common.vo.R;
+import com.gccloud.dataroom.core.permission.Permission;
 import io.swagger.annotations.*;
 import lombok.extern.slf4j.Slf4j;
 import org.apache.commons.lang3.StringUtils;
@@ -36,6 +38,7 @@ public class DataRoomFileController extends SuperController {
     @Resource
     private IDataRoomFileService fileService;
 
+    @ApiPermission(permissions = {Permission.File.VIEW})
     @GetMapping(value = {"", "/"})
     @ApiOperation(value = "列表", position = 10, notes = "分页查询文件", produces = MediaType.APPLICATION_JSON_VALUE)
     @ApiImplicitParams({
@@ -49,6 +52,7 @@ public class DataRoomFileController extends SuperController {
         return R.success(pageVO);
     }
 
+    @ApiPermission(permissions = {Permission.File.UPLOAD})
     @PostMapping("/upload")
     @ApiOperation(value = "上传", notes = "上传", produces = MediaType.APPLICATION_JSON_VALUE)
     public R<DataRoomFileEntity> upload(@RequestParam("file") MultipartFile file, @RequestParam(value = "module", required = false) String module, HttpServletResponse response, HttpServletRequest request) {
@@ -63,12 +67,14 @@ public class DataRoomFileController extends SuperController {
         return R.success(entity);
     }
 
+    @ApiPermission(permissions = {Permission.File.DOWNLOAD})
     @PostMapping("/download/{id}")
     @ApiOperation(value = "下载", notes = "下载资源", produces = MediaType.APPLICATION_FORM_URLENCODED_VALUE)
     public void download(@PathVariable("id") String id, HttpServletResponse response, HttpServletRequest request) {
         sysOssService.download(id, response, request);
     }
 
+    @ApiPermission(permissions = {Permission.File.VIEW})
     @GetMapping("/getAllFileSuffix")
     @ApiOperation(value = "获取所有文件后缀名", notes = "获取所有文件后缀名", produces = MediaType.APPLICATION_FORM_URLENCODED_VALUE)
     public R<List<String>> getAllFileSuffix() {
@@ -78,7 +84,7 @@ public class DataRoomFileController extends SuperController {
     	return R.success(extensions);
     }
 
-
+    @ApiPermission(permissions = {Permission.File.DELETE})
     @PostMapping("/delete/{id}")
     @ApiOperation(value = "删除", notes = "删除", produces = MediaType.APPLICATION_FORM_URLENCODED_VALUE)
     public R<Boolean> delete(@PathVariable("id") String id) {

DataRoom/dataroom-core/src/main/java/com/gccloud/dataroom/core/module/map/controller/DataRoomMapController.java

@@ -1,5 +1,6 @@
 package com.gccloud.dataroom.core.module.map.controller;
 
+import com.gccloud.common.permission.ApiPermission;
 import com.gccloud.common.utils.BeanConvertUtils;
 import com.gccloud.common.vo.R;
 import com.gccloud.dataroom.core.module.map.dto.DataRoomMapRepeatDTO;
@@ -10,6 +11,7 @@ import com.gccloud.dataroom.core.module.map.dto.DataRoomMapDTO;
 import com.gccloud.dataroom.core.module.map.dto.MapSearchDTO;
 import com.gccloud.dataroom.core.module.map.entity.DataRoomMapEntity;
 import com.gccloud.dataroom.core.module.map.service.IDataRoomMapService;
+import com.gccloud.dataroom.core.permission.Permission;
 import io.swagger.annotations.Api;
 import io.swagger.annotations.ApiOperation;
 import io.swagger.annotations.ApiSort;
@@ -37,6 +39,7 @@ public class DataRoomMapController {
     private IDataRoomMapService dataRoomMapService;
 
 
+    @ApiPermission(permissions = {Permission.Map.VIEW})
     @GetMapping("/list")
     @ApiOperation(value = "列表", position = 10, notes = "地图数据列表查询", produces = MediaType.APPLICATION_JSON_VALUE)
     public R<List<DataRoomMapVO>> list(MapSearchDTO searchDTO) {
@@ -44,7 +47,7 @@ public class DataRoomMapController {
         return R.success(list);
     }
 
-
+    @ApiPermission(permissions = {Permission.Map.ADD})
     @PostMapping("/add")
     @ApiOperation(value = "添加", position = 20, notes = "添加地图数据", produces = MediaType.APPLICATION_JSON_VALUE)
     public R<String> add(@RequestBody DataRoomMapDTO mapDTO) {
@@ -52,6 +55,7 @@ public class DataRoomMapController {
         return R.success(id);
     }
 
+    @ApiPermission(permissions = {Permission.Map.UPDATE})
     @PostMapping("/update")
     @ApiOperation(value = "修改", position = 30, notes = "修改地图数据", produces = MediaType.APPLICATION_JSON_VALUE)
     public R<Void> update(@RequestBody DataRoomMapDTO mapDTO) {
@@ -59,6 +63,7 @@ public class DataRoomMapController {
         return R.success();
     }
 
+    @ApiPermission(permissions = {Permission.Map.DELETE})
     @PostMapping("/delete/{id}")
     @ApiOperation(value = "删除", position = 40, notes = "删除地图数据", produces = MediaType.APPLICATION_JSON_VALUE)
     public R<Void> delete(@PathVariable String id) {
@@ -66,6 +71,7 @@ public class DataRoomMapController {
         return R.success();
     }
 
+    @ApiPermission(permissions = {Permission.Map.DELETE})
     @PostMapping("/cascadingDelete/{id}")
     @ApiOperation(value = "级联删除", position = 50, notes = "级联删除地图数据", produces = MediaType.APPLICATION_JSON_VALUE)
     public R<Void> cascadingDelete(@PathVariable String id) {
@@ -73,6 +79,7 @@ public class DataRoomMapController {
         return R.success();
     }
 
+    @ApiPermission(permissions = {Permission.Map.VIEW})
     @GetMapping("/getMapChildFromGeoJson/{id}")
     @ApiOperation(value = "根据地图id解析json中的子级", position = 60, notes = "根据地图id解析json中的子级", produces = MediaType.APPLICATION_JSON_VALUE)
     public R<List<MapChildVO>> getMapChildFromGeoJson(@PathVariable String id) {
@@ -80,7 +87,7 @@ public class DataRoomMapController {
         return R.success(list);
     }
 
-
+    @ApiPermission(permissions = {Permission.Map.VIEW})
     @GetMapping("/info/{id}")
     @ApiOperation(value = "详情", position = 70, notes = "地图数据详情", produces = MediaType.APPLICATION_JSON_VALUE)
     public R<DataRoomMapVO> info(@PathVariable String id) {
@@ -89,7 +96,7 @@ public class DataRoomMapController {
         return R.success(vo);
     }
 
-
+    @ApiPermission(permissions = {Permission.Map.VIEW})
     @GetMapping("/data/{parentId}/{code}")
     @ApiOperation(value = "数据", position = 80, notes = "地图数据数据", produces = MediaType.APPLICATION_JSON_VALUE)
     public R<DataRoomMapDataVO> data(@PathVariable String parentId, @PathVariable String code) {
@@ -109,7 +116,7 @@ public class DataRoomMapController {
         return R.success(vo);
     }
 
-
+    @ApiPermission(permissions = {Permission.Map.UPDATE})
     @PostMapping("/upload")
     @ApiOperation(value = "上传", position = 90, notes = "上传地图数据", produces = MediaType.APPLICATION_JSON_VALUE)
     public R<Void> upload(@RequestBody DataRoomMapDTO mapDTO) {
@@ -118,6 +125,7 @@ public class DataRoomMapController {
     }
 
 
+    @ApiPermission(permissions = {Permission.Map.VIEW})
     @PostMapping("/repeat")
     @ApiOperation(value = "重复", position = 100, notes = "地图数据重复校验", produces = MediaType.APPLICATION_JSON_VALUE)
     public R<Boolean> repeat(@RequestBody DataRoomMapRepeatDTO mapDTO) {
@@ -125,7 +133,7 @@ public class DataRoomMapController {
         return R.success(repeat);
     }
 
-
+    @ApiPermission(permissions = {Permission.Map.VIEW})
     @GetMapping("/tree/{level}")
     @ApiOperation(value = "树", position = 110, notes = "地图数据树", produces = MediaType.APPLICATION_JSON_VALUE)
     public R<List<DataRoomMapVO>> tree(@PathVariable String level) {

DataRoom/dataroom-core/src/main/java/com/gccloud/dataroom/core/permission/PagePermissionController.java

@@ -12,6 +12,8 @@ import org.springframework.web.bind.annotation.RestController;
 import javax.annotation.Resource;
 import javax.servlet.http.HttpServletRequest;
 
+import static com.gccloud.dataroom.core.module.manage.service.IDataRoomPagePreviewService.PREVIEW_KEY;
+
 /**
  * @author hongyang
  * @version 1.0
@@ -29,6 +31,9 @@ public class PagePermissionController {
     @GetMapping("/check/{code}")
     @ApiOperation(value = "校验大屏页权限")
     public R<Boolean> checkPermission(HttpServletRequest request, @PathVariable("code") String code) {
+        if (code.startsWith(PREVIEW_KEY)) {
+            code = code.replace(PREVIEW_KEY, "");
+        }
         boolean access = permissionClient.verifyDataPermission(request, code);
         return R.success(access);
     }

DataRoom/dataroom-core/src/main/java/com/gccloud/dataroom/core/permission/Permission.java

@@ -34,6 +34,87 @@ public interface Permission extends DatasetConstant.Permission {
          */
         String DELETE = "screen:delete";
 
+    }
+
+    /**
+     * 资源库的权限（文件管理系统）
+     */
+    interface File {
+
+        /**
+         * 文件的查询接口权限
+         */
+        String VIEW = "file:view";
+
+        /**
+         * 文件的上传接口权限
+         */
+        String UPLOAD = "file:upload";
+
+        /**
+         * 文件的下载接口权限
+         */
+        String DOWNLOAD = "file:download";
 
+        /**
+         * 文件的删除接口权限
+         */
+        String DELETE = "file:delete";
     }
-}
+
+
+    /**
+     * 组件库的权限（业务组件管理）
+     */
+    interface Component {
+
+        /**
+         * 组件的查询接口权限
+         */
+        String VIEW = "component:view";
+
+        /**
+         * 组件的新增接口权限
+         */
+        String ADD = "component:add";
+
+        /**
+         * 组件的编辑接口权限
+         */
+        String UPDATE = "component:update";
+
+        /**
+         * 组件的删除接口权限
+         */
+        String DELETE = "component:delete";
+
+    }
+
+    /**
+     * 地图数据管理权限
+     */
+    interface Map {
+
+        /**
+         * 地图数据的查询接口权限
+         */
+        String VIEW = "map:view";
+
+        /**
+         * 地图数据的新增接口权限
+         */
+        String ADD = "map:add";
+
+        /**
+         * 地图数据的编辑接口权限
+         */
+        String UPDATE = "map:update";
+
+        /**
+         * 地图数据的删除接口权限
+         */
+        String DELETE = "map:delete";
+
+    }
+
+}

DataRoom/dataroom-server/pom.xml

@@ -6,7 +6,7 @@
     <parent>
         <groupId>com.gccloud</groupId>
         <artifactId>dataroom</artifactId>
-        <version>1.0.1.2023090501.Alpha</version>
+        <version>1.0.1.2023091801.Alpha</version>
     </parent>
 
     <artifactId>dataroom-server</artifactId>
@@ -29,7 +29,7 @@
         <dependency>
             <groupId>com.gccloud</groupId>
             <artifactId>dataroom-core</artifactId>
-            <version>1.0.1.2023090501.Alpha</version>
+            <version>1.0.1.2023091801.Alpha</version>
         </dependency>
 
         <dependency>

DataRoom/pom.xml

@@ -12,7 +12,7 @@
 
     <groupId>com.gccloud</groupId>
     <artifactId>dataroom</artifactId>
-    <version>1.0.1.2023090501.Alpha</version>
+    <version>1.0.1.2023091801.Alpha</version>
 
     <packaging>pom</packaging>
     <description>基于G2Plot、Echarts的大屏设计服务端，具备设计、预览能力，支持MySQL、Oracle、PostgreSQL、Groovy等数据集接入