菜单权限放入用户信息

yt-common/src/main/java/com/ytpm/middle/view/MiddleUserInfo.java

@@ -43,6 +43,8 @@ public class MiddleUserInfo {
     private Integer superAdmin;
     @ApiModelProperty("角色列表")
     private List<MiddleRoleVO> roleList;
+    @ApiModelProperty("权限列表")
+    private List<MiddlePermissionVO> permissionList;
 
     public Collection<? extends GrantedAuthority> getAuthorities() {
         List<GrantedAuthority> authorities = new ArrayList<>();

yt-middle/middle-platform/src/main/java/com/ytpm/middle/config/CustomUserAuthenticationConverter.java

@@ -6,7 +6,10 @@ import com.alibaba.fastjson.JSONObject;
 import com.ytpm.constant.StrConstant;
 import com.ytpm.handle.CustomerException;
 import com.ytpm.middle.dao.MiddleUserMapper;
+import com.ytpm.middle.dao.PermissionMapper;
+import com.ytpm.middle.param.MiddlePermissionParam;
 import com.ytpm.middle.util.RedisUtil;
+import com.ytpm.middle.view.MiddleRoleVO;
 import com.ytpm.middle.view.MiddleUserInfo;
 import lombok.Data;
 import lombok.extern.slf4j.Slf4j;
@@ -23,8 +26,10 @@ import org.springframework.util.StringUtils;
 import java.util.ArrayList;
 import java.util.Collection;
 import java.util.LinkedHashMap;
+import java.util.List;
 import java.util.Map;
 import java.util.Objects;
+import java.util.stream.Collectors;
 
 /**
  * 自定义Security上下文信息
@@ -41,6 +46,8 @@ public class CustomUserAuthenticationConverter implements UserAuthenticationConv
     private RedisUtil redisService;
     @Autowired
     private MiddleUserMapper userMapper;
+    @Autowired
+    private PermissionMapper permissionMapper;
 
     @Override
     public Map<String, ?> convertUserAuthentication(Authentication authentication) {
@@ -71,6 +78,11 @@ public class CustomUserAuthenticationConverter implements UserAuthenticationConv
                 authorities = jwtUser.getAuthorities();
             } else {
                 user.setRoleList(userMapper.getRoleList(user.getUserId()));
+                List<Integer> roleIdList = user.getRoleList().stream()
+                        .map(MiddleRoleVO::getRoleId).collect(Collectors.toList());
+                user.setPermissionList(user.getSuperAdmin() == 1?
+                       permissionMapper.queryAll(new MiddlePermissionParam())
+                        : permissionMapper.queryAllByRoleIds(roleIdList));
                 MiddleUserInfo jwtUser = new MiddleUserInfo();
                 BeanUtil.copyProperties(user,jwtUser);
                 authorities = jwtUser.getAuthorities();

yt-middle/middle-platform/src/main/java/com/ytpm/middle/dao/PermissionMapper.java

@@ -84,4 +84,9 @@ public interface PermissionMapper {
      * 根据角色查询所有权限
      */
     List<MiddlePermissionVO> queryAllByRole(@Param("roleId") Integer roleId);
+
+    /**
+     * 根据角色查询所有权限
+     */
+    List<MiddlePermissionVO> queryAllByRoleIds(@Param("roleIdList") List<Integer> roleIdList);
 }

yt-middle/middle-platform/src/main/resources/mapper/PermissionMapper.xml

@@ -241,4 +241,28 @@
         join yt_middle_permission mp on rp.permission_id = mp.permission_id
         where rp.role_id = #{roleId}
     </select>
+    <select id="queryAllByRoleIds" resultType="com.ytpm.middle.view.MiddlePermissionVO">
+        select
+            mp.permission_id,
+            mp.permission_name,
+            mp.permission_code,
+            mp.type,
+            mp.parent_id,
+            mp.target,
+            mp.icon,
+            mp.href,
+            mp.route,
+            mp.sort,
+            mp.create_time,
+            mp.create_user_id,
+            mp.update_time,
+            mp.update_user_id,
+            mp.available
+        from yt_middle_role_permission rp
+        join yt_middle_permission mp on rp.permission_id = mp.permission_id
+        where rp.role_id in
+        <foreach collection="roleIdList" separator="," item="item" open="(" close=")">
+            #{item}
+        </foreach>
+    </select>
 </mapper>