niubi-commons

基于SpringMvc和Security权限管理

License

License

Categories

Categories

Security
GroupId

GroupId

dev.niubi.commons
ArtifactId

ArtifactId

security
Last Version

Last Version

0.8.11
Release Date

Release Date

Type

Type

module
Description

Description

niubi-commons
基于SpringMvc和Security权限管理
Project URL

Project URL

https://github.com/chenzhenjia/niubi-commons
Source Code Management

Source Code Management

https://github.com/chenzhenjia/niubi-commons

Download security

Dependencies

compile (5)

Group / Artifact Type Version
org.springframework.boot : spring-boot-starter-web jar
org.springframework.boot : spring-boot-starter-security jar
org.jetbrains.kotlin : kotlin-stdlib-jdk8 Optional jar 1.3.70
org.jetbrains.kotlin : kotlin-stdlib Optional jar 1.3.70
org.jetbrains.kotlin : kotlin-reflect Optional jar 1.3.70

Project Modules

There are no modules declared in this project.

niubi-commons

License

个人的一个开源项目项目,基于 SpringBoot,SpringSecurity,Jpa 开发的功能. 有 jpa 的 converter,还有 Security 的基于注解的接口权限拦截

core

在项目中引用

由于现在是 snapshots 的,所以先配置 maven 的地址为 https://oss.sonatype.org/content/repositories/snapshots

Maven Central

  • maven
<dependency>
  <groupId>dev.niubi.commons</groupId>
  <artifactId>core</artifactId>
  <version>last-version</version>
</dependency>
  • gradle
compile group: 'dev.niubi.commons', name: 'core', version: 'last-version'

使用

security

在项目中引用

Maven Central

  • maven
<dependency>
  <groupId>dev.niubi.commons</groupId>
  <artifactId>security</artifactId>
  <version>last-version</version>
</dependency>
  • gradle
implementation('dev.niubi.commons:security:last-version')
  • kotlin dsl
implementation("dev.niubi.commons:security:last-version")

使用

  • permissions
  1. 配置 SpringSecurity 的 GlobalMethodSecurity
import dev.niubi.commons.security.permissions.EnablePermissions;
import dev.niubi.commons.security.permissions.UsernamePermissionsVoter;

@EnableGlobalMethodSecurity(prePostEnabled = true, securedEnabled = true)
@Configuration
@EnablePermissions
public class GlobalMethodConfiguration{
    @Bean
    public UsernamePermissionsVoter usernamePermissionsVoter(){
        // 自定义根据用户名加载权限的加载器,建议缓存权限
        return new UsernamePermissionsVoter(username -> {
            return new PermissionsContextImpl(Collections.emptySet());
        });
    }

}
  1. 使用 直接在 controller 类上或者 方法上
@RestController
@RequestMapping("admin/user")
@Slf4j
@AllArgsConstructor
public class AdminUserCtrl {

    @PostMapping
    @Permission(
      tag = "添加管理员",
      value = {"admin:user:post"}
    )
    public Response<?> add(@RequestBody @Validated AdminUserIn addIn) {
        return Response.ok();
    }

    @DeleteMapping({"{id}"})
    @Permission(
      tag = "删除管理员",
      value = {"admin:user:delete:id"}
    )
    public Response<?> delete(@PathVariable("id") Long id) {
        return Response.ok();
    }

    @PutMapping({"{id}"})
    @Permission(
      tag = "修改管理员",
      value = {"admin:user:put:id"}
    )
    public Response<?> update(@PathVariable("id") Long id) {
        return Response.ok();
    }

    @GetMapping
    @Permission(
      tag = "获取管理员列表",
      value = {"admin:user:get"}
    )
    public Response<Page<?>> page(Pageable pageable) {
        return Response.ok();
    }

    @GetMapping({"{id}"})
    @Permission(
      tag = "获取管理员详情",
      value = {"admin:user:get:id"}
    )
    public Response<?> get(@PathVariable("id") Long id) {
        return Response.ok();
    }
}

如果不想用户访问需要权限的话,则不需要在方法或者类上加上权限. 这样就可以实现用户接口的权限管理

web

TODO

Versions

Version
0.8.11
0.8.10
0.8.9
0.8.8
0.8.7
0.8.6
0.8.5
0.8.4
0.8.3
0.8.2
0.8.1
0.8
0.7.1
0.7
0.6
0.5
0.3
0.2
0.1