部门管理员权限

xiangpei

2024-05-16 f1e20b08fcc05d78e3d25921494f92f5b9ca49cf

部门管理员权限

 src/main/java/com/mindskip/xzs/configuration/spring/security/RestAuthenticationProvider.java

@@ -61,7 +61,7 @@

        ArrayList<GrantedAuthority> grantedAuthorities = new ArrayList<>();
        // 赋予部门管理员角色
        if (DeptAdminEnum.YES.getValue().equals(user.getDeptAdmin())) {
        if (new Integer(-1).equals(user.getRole())) {
            grantedAuthorities.add(new SimpleGrantedAuthority(RoleEnum.DEPT_ADMIN.getRoleName()));
        }
        grantedAuthorities.add(new SimpleGrantedAuthority(RoleEnum.fromCode(user.getRole()).getRoleName()));

 src/main/java/com/mindskip/xzs/configuration/spring/security/RestAuthenticationSuccessHandler.java

@@ -4,6 +4,7 @@
import com.mindskip.xzs.domain.UserEventLog;
import com.mindskip.xzs.event.UserEvent;
import com.mindskip.xzs.service.UserService;
import org.springframework.beans.BeanUtils;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.context.ApplicationEventPublisher;
import org.springframework.security.core.Authentication;

 src/main/java/com/mindskip/xzs/configuration/spring/security/SecurityConfigurer.java

@@ -92,7 +92,7 @@
                    // 静态资源，可匿名访问
                    // todo 设置部门管理员可以看的请求
                    .antMatchers("/api/admin/**").hasAnyRole(RoleEnum.ADMIN.getName(), RoleEnum.DEPT_ADMIN.getName())
                    .antMatchers("/api/student/**").hasRole(RoleEnum.STUDENT.getName())
                    .antMatchers("/api/student/**").hasAnyRole(RoleEnum.STUDENT.getName(), RoleEnum.DEPT_ADMIN.getName())
                    .anyRequest().permitAll()
                    .and().exceptionHandling().accessDeniedHandler(restAccessDeniedHandler)
                    .and().formLogin().successHandler(restAuthenticationSuccessHandler).failureHandler(restAuthenticationFailureHandler)