新增导出权限判断

src/main/java/com/uas/platform/b2c/common/account/controller/AuthenticationController.java

@@ -1,20 +1,20 @@
 package com.uas.platform.b2c.common.account.controller;
 
 import com.uas.platform.b2c.common.account.dao.UserLoginTimeDao;
-import com.uas.platform.b2c.common.account.model.User;
-import com.uas.platform.b2c.common.account.model.UserInfo;
-import com.uas.platform.b2c.common.account.model.UserLoginTime;
+import com.uas.platform.b2c.common.account.model.*;
 import com.uas.platform.b2c.common.account.service.RoleService;
-import com.uas.platform.b2c.common.account.service.UserQuestionService;
 import com.uas.platform.b2c.common.account.service.UserService;
 import com.uas.platform.b2c.core.support.SystemSession;
 
-import java.util.List;
+import java.io.UnsupportedEncodingException;
+import java.net.URLDecoder;
 
 import com.uas.platform.core.model.Constant;
 import net.sf.ehcache.CacheManager;
 import org.springframework.beans.factory.annotation.Autowired;
+import org.springframework.data.repository.query.Param;
 import org.springframework.http.HttpStatus;
+import org.springframework.ui.ModelMap;
 import org.springframework.util.CollectionUtils;
 import org.springframework.web.bind.annotation.*;
 
@@ -119,4 +119,28 @@ public class AuthenticationController {
 		}
 	}
 
+	/**
+	 * 根据访问url判断权限;
+	 * @param resUrl
+	 */
+	@RequestMapping(value = "/isauthority", method = RequestMethod.GET,headers = "Accept=application/json")
+	@ResponseBody
+	public ModelMap isAuthority(@Param("resUrl") String resUrl) {
+		User user = SystemSession.getUser();
+		String currUrl;
+		try {
+			currUrl = URLDecoder.decode(resUrl, "UTF-8");
+		} catch (UnsupportedEncodingException e) {
+			throw new IllegalArgumentException("URL编码错误!");
+		}
+		if (user.getUserUU().equals(user.getEnterprise().getEnAdminuu())) {
+			ModelMap map = new ModelMap();
+			map.put("status","sucess");
+			map.put("msg","该用户为管理员");
+			return map;
+		} else {
+			return userService.anthority(user,currUrl);
+		}
+	}
+
 }

src/main/java/com/uas/platform/b2c/common/account/service/UserService.java

@@ -9,8 +9,12 @@ import com.uas.platform.core.model.PageParams;
 import org.springframework.data.domain.Page;
 
 import javax.servlet.http.HttpServletRequest;
+import java.util.Collection;
+import java.util.HashMap;
 import java.util.List;
 import org.springframework.data.repository.query.Param;
+import org.springframework.security.core.GrantedAuthority;
+import org.springframework.ui.ModelMap;
 
 public interface UserService {
 
@@ -190,4 +194,11 @@ public interface UserService {
 	 * @param imageUrl 头像图片地址
 	 */
 	public void updateImageUrl(String imageUrl);
+
+	/**
+	 * 获取用户权限信息
+	 * @param user
+	 * @return
+	 */
+	ModelMap anthority(User user,String url);
 }

src/main/java/com/uas/platform/b2c/common/account/service/impl/UserServiceImpl.java

@@ -12,16 +12,22 @@ import com.uas.platform.b2c.core.config.MessageConf;
 import com.uas.platform.b2c.core.support.SystemSession;
 import com.uas.platform.core.exception.IllegalOperatorException;
 import com.uas.platform.core.exception.SystemException;
+import com.uas.platform.core.model.Constant;
 import com.uas.platform.core.model.PageInfo;
 import com.uas.platform.core.model.PageParams;
 import com.uas.platform.core.util.AgentUtils;
 import com.uas.platform.core.util.encry.Md5Utils;
 import com.uas.sso.entity.UserView;
 import org.springframework.beans.factory.annotation.Autowired;
+import org.springframework.beans.factory.support.ManagedMap;
 import org.springframework.data.domain.Page;
 import org.springframework.data.jpa.domain.Specification;
+import org.springframework.security.access.ConfigAttribute;
+import org.springframework.security.core.GrantedAuthority;
+import org.springframework.security.core.authority.SimpleGrantedAuthority;
 import org.springframework.security.core.userdetails.UsernameNotFoundException;
 import org.springframework.stereotype.Service;
+import org.springframework.ui.ModelMap;
 import org.springframework.util.CollectionUtils;
 import org.springframework.util.StringUtils;
 import com.uas.sso.util.AccountUtils;
@@ -704,4 +710,38 @@ public class UserServiceImpl implements UserService {
 		Long userUU = SystemSession.getUser().getUserUU();
 		userDao.updateUserImageUrl(userUU, imageUrl);
 	}
+
+	@Override
+	public ModelMap anthority(User user,String resUrl) {
+		Set<ResourceItem> resourceItems = new HashSet<>();
+		user.setCurrentEnterpriseRoles();
+		Set<Role> roles = user.getRoles();
+		if (!org.apache.commons.collections.CollectionUtils.isEmpty(roles)) {
+			for (Role role : roles) {
+				resourceItems = role.getResourceItems();
+			}
+		}
+		//匹配当前访问权限;
+		if (!org.apache.commons.collections.CollectionUtils.isEmpty(resourceItems)) {
+			for (ResourceItem re : resourceItems) {
+				if (resUrl.equals(re.getUrl())) {
+					ModelMap map = new ModelMap();
+					map.put("status","sucess");
+					map.put("msg",re.getDesc());
+					return map;
+				} else {
+					ModelMap map = new ModelMap();
+					map.put("status","fail");
+					map.put("msg","没有该导出权限，请联系管理员");
+					return map;
+				}
+			}
+		}else {
+			ModelMap map = new ModelMap();
+			map.put("status","fail");
+			map.put("msg","没有该导出权限，请联系管理员");
+			return map;
+		}
+		return null;
+	}
 }