项目初始化

datax-auth/src/main/java/cn/datax/auth/config/AuthorizationServerConfig.java

@@ -7,6 +7,7 @@ import cn.datax.common.core.DataUser;
 import cn.datax.common.security.handler.DataAccessDeniedHandler;
 import cn.datax.common.security.handler.DataAuthExceptionEntryPoint;
 import cn.datax.common.security.utils.RedisTokenStore;
+import cn.hutool.core.collection.CollUtil;
 import org.springframework.beans.factory.annotation.Autowired;
 import org.springframework.context.annotation.Bean;
 import org.springframework.context.annotation.Configuration;
@@ -122,6 +123,16 @@ public class AuthorizationServerConfig extends AuthorizationServerConfigurerAdap
             additionalInfo.put(DataConstant.UserAdditionalInfo.USERID.getKey(), user.getId());
             additionalInfo.put(DataConstant.UserAdditionalInfo.USERNAME.getKey(), user.getUsername());
             additionalInfo.put(DataConstant.UserAdditionalInfo.NICKNAME.getKey(), user.getNickname());
+
+            if (CollUtil.isNotEmpty(user.getDepts())){
+                additionalInfo.put(DataConstant.UserAdditionalInfo.DEPT.getKey(), user.getDepts());
+            }
+            if (CollUtil.isNotEmpty(user.getRoles())){
+                additionalInfo.put(DataConstant.UserAdditionalInfo.ROLE.getKey(), user.getRoles());
+            }
+            if (CollUtil.isNotEmpty(user.getPosts())){
+                additionalInfo.put(DataConstant.UserAdditionalInfo.POST.getKey(), user.getPosts());
+            }
             ((DefaultOAuth2AccessToken) accessToken).setAdditionalInformation(additionalInfo);
             return accessToken;
         };

datax-auth/src/main/java/cn/datax/auth/service/DataUserDetailService.java

 package cn.datax.auth.service;
 
 import cn.datax.common.core.DataConstant;
+import cn.datax.common.core.DataRole;
 import cn.datax.common.core.DataUser;
 import cn.datax.common.core.R;
 import cn.datax.service.system.api.feign.UserServiceFeign;
-import cn.datax.service.system.api.vo.RoleVo;
-import cn.datax.service.system.api.vo.UserInfo;
-import cn.datax.service.system.api.vo.UserVo;
+import cn.datax.service.system.api.vo.*;
 import cn.hutool.core.collection.CollUtil;
 import cn.hutool.core.util.ArrayUtil;
 import cn.hutool.core.util.ObjectUtil;
@@ -22,6 +21,7 @@ import org.springframework.security.core.userdetails.UsernameNotFoundException;
 import org.springframework.stereotype.Service;
 
 import java.util.*;
+import java.util.stream.Collectors;
 
 @Slf4j
 @Service
@@ -54,15 +54,31 @@ public class DataUserDetailService implements UserDetailsService {
         UserVo userVo = userInfo.getUserVo();
         List<RoleVo> roles = userVo.getRoles();
         if (CollUtil.isNotEmpty(roles)) {
-            roles.stream().filter(roleVo -> DataConstant.EnableState.ENABLE.getKey() == roleVo.getStatus() && StrUtil.isNotBlank(roleVo.getRoleCode()))
+            roles.stream()
+                    .filter(roleVo -> StrUtil.isNotBlank(roleVo.getRoleCode()))
                     .forEach(roleVo -> authsSet.add(DataConstant.Security.ROLEPREFIX.getVal() + roleVo.getRoleCode()));
         }
         if(CollUtil.isEmpty(authsSet)){
-            authsSet.add(DataConstant.Security.ROLEPREFIX.getVal() + "USER");
+            authsSet.add(DataConstant.Security.ROLEPREFIX.getVal() + "VISITOR");
         }
         Collection<? extends GrantedAuthority> authorities
                 = AuthorityUtils.createAuthorityList(authsSet.toArray(new String[0]));
-        return new DataUser(userVo.getId(), userVo.getNickname(), userVo.getUsername(), userVo.getPassword(),
+        DataUser user = new DataUser(userVo.getId(), userVo.getNickname(), userVo.getUsername(), userVo.getPassword(),
                 enabled, accountNonExpired, credentialsNonExpired, accountNonLocked, authorities);
+        if (CollUtil.isNotEmpty(userVo.getDepts())) {
+            user.setDepts(userVo.getDepts().stream().map(DeptVo::getId).collect(Collectors.toList()));
+        }
+        if (CollUtil.isNotEmpty(userVo.getPosts())) {
+            user.setPosts(userVo.getPosts().stream().map(PostVo::getId).collect(Collectors.toList()));
+        }
+        if (CollUtil.isNotEmpty(userVo.getRoles())) {
+            user.setRoles(userVo.getRoles().stream().map(roleVo -> {
+                DataRole dataRole = new DataRole();
+                dataRole.setId(roleVo.getId());
+                dataRole.setDataScope(roleVo.getDataScope());
+                return dataRole;
+            }).collect(Collectors.toList()));
+        }
+        return user;
     }
 }

datax-common/datax-common-core/src/main/java/cn/datax/common/core/DataConstant.java

@@ -149,4 +149,30 @@ public class DataConstant {
             return val;
         }
     }
+
+    /**
+     * 数据范围
+     */
+    public enum DataScope{
+        ALL(1,"全部数据权限"),
+        CUSTOM(2,"自定义数据权限"),
+        DEPT(3,"本部门数据权限"),
+        DEPTANDCHILD(4,"本部门及以下数据权限"),
+        SELF(5,"仅本人数据权限");
+        DataScope(Integer key, String val){
+            this.key = key;
+            this.val = val;
+        }
+
+        private final Integer key;
+        private final String val;
+
+        public Integer getKey() {
+            return key;
+        }
+
+        public String getVal() {
+            return val;
+        }
+    }
 }

datax-common/datax-common-core/src/main/java/cn/datax/common/core/DataRole.java

+package cn.datax.common.core;
+
+import lombok.Data;
+
+import java.io.Serializable;
+
+@Data
+public class DataRole implements Serializable {
+
+    private static final long serialVersionUID=1L;
+
+    private String id;
+    private Integer dataScope;
+}

datax-common/datax-common-core/src/main/java/cn/datax/common/core/DataUser.java

 package cn.datax.common.core;
 
+import cn.hutool.core.util.ObjectUtil;
 import lombok.Data;
 import lombok.EqualsAndHashCode;
 import org.springframework.security.core.GrantedAuthority;
@@ -15,7 +16,7 @@ public class DataUser extends User {
     private String id;
     private String nickname;
     private List<String> depts;
-    private List<String> roles;
+    private List<DataRole> roles;
     private List<String> posts;
 
     public DataUser(String id, String nickname, String username, String password, boolean enabled, boolean accountNonExpired, boolean credentialsNonExpired, boolean accountNonLocked, Collection<? extends GrantedAuthority> authorities) {
@@ -23,4 +24,12 @@ public class DataUser extends User {
         this.id = id;
         this.nickname = nickname;
     }
+
+    public boolean isAdmin() {
+        return isAdmin(this.getUsername());
+    }
+
+    public static boolean isAdmin(String username) {
+        return ObjectUtil.equal(username, "admin");
+    }
 }

datax-common/datax-common-log/src/main/java/cn/datax/common/log/aop/LogAspect.java → datax-common/datax-common-log/src/main/java/cn/datax/common/log/aspectj/LogAspect.java

-package cn.datax.common.log.aop;
+package cn.datax.common.log.aspectj;
 
 import java.lang.reflect.Method;
 

datax-common/datax-common-log/src/main/java/cn/datax/common/log/config/AutoConfiguration.java

 package cn.datax.common.log.config;
 
-import cn.datax.common.log.aop.LogAspect;
-import org.springframework.context.annotation.Bean;
+import cn.datax.common.log.aspectj.LogAspect;
 import org.springframework.context.annotation.ComponentScan;
 import org.springframework.context.annotation.Import;
 

datax-common/datax-common-mybatis/src/main/java/cn/datax/common/mybatis/annotation/DataScope.java

+package cn.datax.common.mybatis.annotation;
+
+import lombok.Data;
+import lombok.EqualsAndHashCode;
+
+import java.util.HashMap;
+
+/**
+ * 数据权限查询参数
+ */
+@Data
+@EqualsAndHashCode(callSuper = true)
+public class DataScope extends HashMap {
+
+    /**
+     * 部门表的别名
+     */
+    private String deptAlias = "sys_dept";
+
+    /**
+     * 用户表的别名
+     */
+    private String userAlias = "sys_user";
+}

datax-common/datax-common-mybatis/src/main/java/cn/datax/common/mybatis/annotation/DataScope2.java

+package cn.datax.common.mybatis.annotation;
+
+import java.lang.annotation.*;
+
+/**
+ * 数据权限过滤注解
+ * 参考 https://gitee.com/cancerGit/Crown
+ */
+@Target(ElementType.METHOD)
+@Retention(RetentionPolicy.RUNTIME)
+@Documented
+@Inherited
+public @interface DataScope2 {
+
+    /**
+     * 部门表的别名
+     */
+    String deptAlias() default "sys_dept";
+
+    /**
+     * 用户表的别名
+     */
+    String userAlias() default "sys_user";
+}

datax-common/datax-common-mybatis/src/main/java/cn/datax/common/mybatis/config/DataBatisPlusConfig.java

 package cn.datax.common.mybatis.config;
 
+import cn.datax.common.mybatis.interceptor.DataScopeInterceptor;
 import com.baomidou.mybatisplus.extension.plugins.PaginationInterceptor;
 import org.mybatis.spring.annotation.MapperScan;
 import org.springframework.context.annotation.Bean;
@@ -9,8 +10,23 @@ import org.springframework.transaction.annotation.EnableTransactionManagement;
 @EnableTransactionManagement
 public class DataBatisPlusConfig {
 
+	/**
+	 * 分页插件
+	 *
+	 * @return PaginationInterceptor
+	 */
 	@Bean
 	public PaginationInterceptor paginationInterceptor() {
         return new PaginationInterceptor();
 	}
+
+	/**
+	 * 数据权限插件
+	 *
+	 * @return DataScopeInterceptor
+	 */
+	@Bean
+	public DataScopeInterceptor dataScopeInterceptor() {
+		return new DataScopeInterceptor();
+	}
 }

datax-common/datax-common-mybatis/src/main/java/cn/datax/common/mybatis/interceptor/DataScopeInterceptor.java

+package cn.datax.common.mybatis.interceptor;
+
+import cn.datax.common.core.DataConstant;
+import cn.datax.common.core.DataRole;
+import cn.datax.common.core.DataUser;
+import cn.datax.common.mybatis.annotation.DataScope;
+import cn.datax.common.utils.SecurityUtil;
+import cn.hutool.core.collection.CollUtil;
+import cn.hutool.core.util.StrUtil;
+import com.baomidou.mybatisplus.core.toolkit.PluginUtils;
+import com.baomidou.mybatisplus.extension.handlers.AbstractSqlParserHandler;
+import lombok.SneakyThrows;
+import lombok.extern.slf4j.Slf4j;
+import org.apache.ibatis.executor.statement.StatementHandler;
+import org.apache.ibatis.mapping.BoundSql;
+import org.apache.ibatis.mapping.MappedStatement;
+import org.apache.ibatis.mapping.SqlCommandType;
+import org.apache.ibatis.plugin.*;
+import org.apache.ibatis.reflection.MetaObject;
+import org.apache.ibatis.reflection.SystemMetaObject;
+
+import java.sql.Connection;
+import java.util.List;
+import java.util.Map;
+import java.util.Properties;
+
+/**
+ * mybatis 数据权限拦截器
+ */
+@Slf4j
+@Intercepts({@Signature(type = StatementHandler.class, method = "prepare", args = {Connection.class, Integer.class})})
+public class DataScopeInterceptor extends AbstractSqlParserHandler implements Interceptor {
+
+	@Override
+	@SneakyThrows
+	public Object intercept(Invocation invocation) {
+		StatementHandler statementHandler = (StatementHandler) PluginUtils.realTarget(invocation.getTarget());
+		MetaObject metaObject = SystemMetaObject.forObject(statementHandler);
+		this.sqlParser(metaObject);
+		// 先判断是不是SELECT操作
+		MappedStatement mappedStatement = (MappedStatement) metaObject.getValue("delegate.mappedStatement");
+		if (!SqlCommandType.SELECT.equals(mappedStatement.getSqlCommandType())) {
+			return invocation.proceed();
+		}
+
+		BoundSql boundSql = (BoundSql) metaObject.getValue("delegate.boundSql");
+		String originalSql = boundSql.getSql();
+		Object parameterObject = boundSql.getParameterObject();
+
+		//查找参数中包含DataScope类型的参数
+		DataScope dataScope = findDataScopeObject(parameterObject);
+
+		if (dataScope == null) {
+			return invocation.proceed();
+		} else {
+			// 获取当前的用户
+			DataUser currentUser = SecurityUtil.getDataUser();
+			if (null != currentUser) {
+				// 如果是超级管理员，则不过滤数据
+				if (!currentUser.isAdmin()) {
+					dataScopeFilter(currentUser, dataScope);
+//					originalSql = "select * from (" + originalSql + ") temp_data_scope where temp_data_scope." + scopeName + " in (" + join + ")";
+//					metaObject.setValue("delegate.boundSql.sql", originalSql);
+				}
+			}
+			log.info("originalSql:{}", originalSql);
+			return invocation.proceed();
+		}
+	}
+
+	/**
+	 * 数据范围过滤
+	 *
+	 * @param user
+	 * @param dataScope
+	 */
+	private void dataScopeFilter(DataUser user, DataScope dataScope) {
+		StringBuilder sqlString = new StringBuilder();
+		List<DataRole> roles = user.getRoles();
+		if (CollUtil.isNotEmpty(roles)){
+			for (DataRole role : roles){
+				Integer roleDataScope = role.getDataScope();
+				if (DataConstant.DataScope.ALL.getKey().equals(roleDataScope)) {
+					sqlString = new StringBuilder();
+					break;
+				} else if (DataConstant.DataScope.CUSTOM.getKey().equals(roleDataScope)) {
+					sqlString.append(StrUtil.format(
+							" OR {}.dept_id IN ( SELECT dept_id FROM sys_role_dept WHERE role_id = {} ) ",
+							dataScope.getDeptAlias()
+							,role.getId()
+					));
+				} else if (DataConstant.DataScope.DEPT.getKey().equals(roleDataScope)) {
+					sqlString.append(StrUtil.format(
+							" OR {}.dept_id IN ( SELECT dept_id FROM sys_user_dept WHERE user_id = {} ) ",
+							dataScope.getDeptAlias()
+							,user.getId()
+					));
+				} else if (DataConstant.DataScope.DEPTANDCHILD.getKey().equals(roleDataScope)) {
+					sqlString.append(StrUtil.format(
+							" OR {}.dept_id IN ( SELECT descendant FROM sys_dept_relation WHERE ancestor = {} )",
+							dataScope.getDeptAlias()
+							,role.getId()
+					));
+				} else if (DataConstant.DataScope.SELF.getKey().equals(roleDataScope)) {
+					if (StrUtil.isNotBlank(dataScope.getUserAlias())) {
+						sqlString.append(StrUtil.format(" OR {}.user_id = {} ", dataScope.getUserAlias(), user.getId()));
+					}
+				}
+			}
+		}
+		log.info("数据范围过滤:{}", sqlString);
+	}
+
+	/**
+	 * 生成拦截对象的代理
+	 *
+	 * @param target 目标对象
+	 * @return 代理对象
+	 */
+	@Override
+	public Object plugin(Object target) {
+		if (target instanceof StatementHandler) {
+			return Plugin.wrap(target, this);
+		}
+		return target;
+	}
+
+	/**
+	 * mybatis配置的属性
+	 *
+	 * @param properties mybatis配置的属性
+	 */
+	@Override
+	public void setProperties(Properties properties) {
+
+	}
+
+	/**
+	 * 查找参数是否包括DataScope对象
+	 *
+	 * @param parameterObj 参数列表
+	 * @return DataScope
+	 */
+	private DataScope findDataScopeObject(Object parameterObj) {
+		if (parameterObj instanceof DataScope) {
+			return (DataScope) parameterObj;
+		} else if (parameterObj instanceof Map) {
+			for (Object val : ((Map<?, ?>) parameterObj).values()) {
+				if (val instanceof DataScope) {
+					return (DataScope) val;
+				}
+			}
+		}
+		return null;
+	}
+
+}

datax-common/datax-common-security/src/main/java/cn/datax/common/security/utils/DataUserAuthenticationConverter.java

 package cn.datax.common.security.utils;
 
 import cn.datax.common.core.DataConstant;
+import cn.datax.common.core.DataRole;
 import cn.datax.common.core.DataUser;
+import cn.hutool.core.collection.CollUtil;
 import org.springframework.security.authentication.UsernamePasswordAuthenticationToken;
 import org.springframework.security.core.Authentication;
 import org.springframework.security.core.GrantedAuthority;
@@ -11,6 +13,7 @@ import org.springframework.util.StringUtils;
 
 import java.util.Collection;
 import java.util.LinkedHashMap;
+import java.util.List;
 import java.util.Map;
 
 /**
@@ -45,8 +48,22 @@ public class DataUserAuthenticationConverter implements UserAuthenticationConver
 			String id = (String) map.get(DataConstant.UserAdditionalInfo.USERID.getKey());
 			String username = (String) map.get(DataConstant.UserAdditionalInfo.USERNAME.getKey());
 			String nickname = (String) map.get(DataConstant.UserAdditionalInfo.NICKNAME.getKey());
+
+			List<String> depts = (List<String>) map.get(DataConstant.UserAdditionalInfo.DEPT.getKey());
+			List<DataRole> roles = (List<DataRole>) map.get(DataConstant.UserAdditionalInfo.ROLE.getKey());
+			List<String> posts = (List<String>) map.get(DataConstant.UserAdditionalInfo.POST.getKey());
+
 			DataUser user = new DataUser(id, nickname, username, N_A, true
 				, true, true, true, authorities);
+			if (CollUtil.isNotEmpty(depts)){
+				user.setDepts(depts);
+			}
+			if (CollUtil.isNotEmpty(roles)){
+				user.setRoles(roles);
+			}
+			if (CollUtil.isNotEmpty(posts)){
+				user.setPosts(posts);
+			}
 			return new UsernamePasswordAuthenticationToken(user, N_A, authorities);
 		} else {
 			return null;

datax-modules/system-service-parent/system-service-api/src/main/java/cn/datax/service/system/api/dto/RoleDto.java

@@ -8,6 +8,7 @@ import lombok.Data;
 
 import javax.validation.constraints.NotBlank;
 import javax.validation.constraints.NotEmpty;
+import javax.validation.constraints.NotNull;
 import java.io.Serializable;
 import java.util.List;
 
@@ -29,8 +30,15 @@ public class RoleDto implements Serializable {
     @NotBlank(message = "角色编码不能为空", groups = {ValidateGroupForSave.class, ValidateGroupForUpdate.class})
     private String roleCode;
 
+    @ApiModelProperty(value = "数据范围")
+    @NotNull(message = "数据范围不能为空", groups = {ValidateGroupForSave.class, ValidateGroupForUpdate.class})
+    private Integer dataScope;
+
     @ApiModelProperty(value = "资源")
     @NotEmpty(message = "资源不能为空", groups = {ValidateGroupForSave.class, ValidateGroupForUpdate.class})
-    private List<String> menus;
+    private List<String> menuList;
+
+    @ApiModelProperty(value = "数据范围为2时自定义数据权限")
+    private List<String> deptList;
 
 }

datax-modules/system-service-parent/system-service-api/src/main/java/cn/datax/service/system/api/entity/DeptRelationEntity.java

+package cn.datax.service.system.api.entity;
+
+import com.baomidou.mybatisplus.annotation.TableName;
+import com.baomidou.mybatisplus.annotation.IdType;
+import com.baomidou.mybatisplus.annotation.TableId;
+import lombok.Data;
+import lombok.experimental.Accessors;
+
+import java.io.Serializable;
+
+/**
+ * <p>
+ * 部门关系表
+ * </p>
+ *
+ * @author yuwei
+ * @since 2019-11-22
+ */
+@Data
+@Accessors(chain = true)
+@TableName("sys_dept_relation")
+public class DeptRelationEntity implements Serializable {
+
+    private static final long serialVersionUID=1L;
+
+    /**
+     * 主键
+     */
+    @TableId(value = "id", type = IdType.ID_WORKER_STR)
+    private String id;
+
+    /**
+     * 祖先节点
+     */
+    private String ancestor;
+
+    /**
+     * 后代节点
+     */
+    private String descendant;
+
+}

datax-modules/system-service-parent/system-service-api/src/main/java/cn/datax/service/system/api/entity/RoleDeptEntity.java

+package cn.datax.service.system.api.entity;
+
+import com.baomidou.mybatisplus.annotation.TableName;
+import com.baomidou.mybatisplus.annotation.IdType;
+import com.baomidou.mybatisplus.annotation.TableId;
+import lombok.Data;
+import lombok.experimental.Accessors;
+
+import java.io.Serializable;
+
+/**
+ * <p>
+ * 角色和部门关联表
+ * </p>
+ *
+ * @author yuwei
+ * @since 2019-11-22
+ */
+@Data
+@Accessors(chain = true)
+@TableName("sys_role_dept")
+public class RoleDeptEntity implements Serializable {
+
+    private static final long serialVersionUID=1L;
+
+    /**
+     * 主键
+     */
+    @TableId(value = "id", type = IdType.ID_WORKER_STR)
+    private String id;
+
+    /**
+     * 角色ID
+     */
+    private String roleId;
+
+    /**
+     * 部门ID
+     */
+    private String deptId;
+
+}

datax-modules/system-service-parent/system-service-api/src/main/java/cn/datax/service/system/api/entity/RoleEntity.java

 package cn.datax.service.system.api.entity;
 
 import cn.datax.common.base.BaseEntity;
+import com.baomidou.mybatisplus.annotation.TableField;
 import com.baomidou.mybatisplus.annotation.TableName;
 import lombok.Data;
 import lombok.EqualsAndHashCode;
 import lombok.experimental.Accessors;
 
+import java.util.List;
+
 /**
  * <p>
  * 
@@ -17,7 +20,7 @@ import lombok.experimental.Accessors;
 @Data
 @EqualsAndHashCode(callSuper = true)
 @Accessors(chain = true)
-@TableName("sys_role")
+@TableName(value = "sys_role", resultMap = "BaseResultMap")
 public class RoleEntity extends BaseEntity {
 
     private static final long serialVersionUID=1L;
@@ -32,4 +35,15 @@ public class RoleEntity extends BaseEntity {
      */
     private String roleCode;
 
+    /**
+     * 数据范围（1：全部数据权限 2：自定义数据权限 3：本部门数据权限 4：本部门及以下数据权限 5：仅本人数据权限）
+     */
+    private Integer dataScope;
+
+    @TableField(exist = false)
+    private List<MenuEntity> menus;
+
+    @TableField(exist = false)
+    private List<DeptEntity> depts;
+
 }

datax-modules/system-service-parent/system-service-api/src/main/java/cn/datax/service/system/api/vo/RoleVo.java

@@ -14,5 +14,7 @@ public class RoleVo implements Serializable {
     private Integer status;
     private String roleName;
     private String roleCode;
+    private Integer dataScope;
     private List<MenuVo> menus;
+    private List<DeptVo> depts;
 }

datax-modules/system-service-parent/system-service/src/main/java/cn/datax/service/system/controller/LoginController.java

@@ -8,12 +8,23 @@ import cn.datax.common.utils.SecurityUtil;
 import cn.datax.service.system.api.vo.UserInfo;
 import cn.datax.service.system.service.UserService;
 import cn.hutool.core.util.StrUtil;
+import lombok.extern.slf4j.Slf4j;
 import org.springframework.beans.factory.annotation.Autowired;
+import org.springframework.http.HttpEntity;
+import org.springframework.http.HttpHeaders;
+import org.springframework.http.HttpMethod;
 import org.springframework.security.oauth2.common.OAuth2AccessToken;
 import org.springframework.security.oauth2.common.OAuth2RefreshToken;
 import org.springframework.security.oauth2.provider.token.TokenStore;
+import org.springframework.util.Base64Utils;
+import org.springframework.util.LinkedMultiValueMap;
+import org.springframework.util.MultiValueMap;
 import org.springframework.web.bind.annotation.*;
+import org.springframework.web.client.RestTemplate;
 
+import java.util.Map;
+
+@Slf4j
 @RestController
 @RequestMapping("/inner")
 public class LoginController extends BaseController {
@@ -24,6 +35,9 @@ public class LoginController extends BaseController {
     @Autowired
     private TokenStore tokenStore;
 
+    @Autowired
+    private RestTemplate restTemplate;
+
     @GetMapping("/token")
     public R getTokenUser() {
         DataUser user = SecurityUtil.getDataUser();
@@ -31,6 +45,19 @@ public class LoginController extends BaseController {
     }
 
     @DataInner
+    @PostMapping("/login")
+    public R login(){
+        MultiValueMap<String, String> formData = new LinkedMultiValueMap();
+        HttpHeaders headers = new HttpHeaders();
+//        headers.set("Authorization", this.getAuthorizationHeader(this.clientId, this.clientSecret));
+        Map<String, Object> map = this.postForMap("", formData, headers);
+        if (map.containsKey("error")) {
+            return R.error();
+        }
+        return R.ok().setData(map);
+    }
+
+    @DataInner
     @GetMapping("/login/username/{username}")
     public R loginByUsername(@PathVariable String username) {
         UserInfo userInfo = userService.getUserByUsername(username);
@@ -51,4 +78,14 @@ public class LoginController extends BaseController {
         tokenStore.removeRefreshToken(refreshToken);
         return R.ok();
     }
+
+    private String getAuthorizationHeader(String clientId, String clientSecret) {
+        String creds = String.format("%s:%s", clientId, clientSecret);
+        return "Basic " + new String(Base64Utils.encode(creds.getBytes()));
+    }
+
+    private Map<String, Object> postForMap(String path, MultiValueMap<String, String> formData, HttpHeaders headers) {
+        Map map = restTemplate.exchange(path, HttpMethod.POST, new HttpEntity(formData, headers), Map.class, new Object[0]).getBody();
+        return map;
+    }
 }

datax-modules/system-service-parent/system-service/src/main/java/cn/datax/service/system/dao/DeptRelationDao.java

+package cn.datax.service.system.dao;
+
+import cn.datax.service.system.api.entity.DeptRelationEntity;
+import cn.datax.common.base.BaseDao;
+import org.apache.ibatis.annotations.Delete;
+import org.apache.ibatis.annotations.Mapper;
+
+import java.util.List;
+
+/**
+ * <p>
+ * 部门关系表 Mapper 接口
+ * </p>
+ *
+ * @author yuwei
+ * @since 2019-11-22
+ */
+@Mapper
+public interface DeptRelationDao extends BaseDao<DeptRelationEntity> {
+
+    void insertBatch(List<DeptRelationEntity> list);
+
+    @Delete("delete from sys_dept_relation where ancestor = #{id}")
+    void deleteByAncestor(String id);
+}

datax-modules/system-service-parent/system-service/src/main/java/cn/datax/service/system/dao/RoleDeptDao.java

+package cn.datax.service.system.dao;
+
+import cn.datax.service.system.api.entity.RoleDeptEntity;
+import cn.datax.common.base.BaseDao;
+import org.apache.ibatis.annotations.Delete;
+import org.apache.ibatis.annotations.Mapper;
+
+import java.util.List;
+
+/**
+ * <p>
+ * 角色和部门关联表 Mapper 接口
+ * </p>
+ *
+ * @author yuwei
+ * @since 2019-11-22
+ */
+@Mapper
+public interface RoleDeptDao extends BaseDao<RoleDeptEntity> {
+
+    void insertBatch(List<RoleDeptEntity> list);
+
+    @Delete("delete from sys_role_dept where role_id = #{id}")
+    void deleteByRoleId(String id);
+}

datax-modules/system-service-parent/system-service/src/main/java/cn/datax/service/system/service/impl/DeptServiceImpl.java

@@ -3,16 +3,22 @@ package cn.datax.service.system.service.impl;
 import cn.datax.common.exception.DataException;
 import cn.datax.service.system.api.dto.DeptDto;
 import cn.datax.service.system.api.entity.DeptEntity;
+import cn.datax.service.system.api.entity.DeptRelationEntity;
 import cn.datax.service.system.dao.DeptDao;
+import cn.datax.service.system.dao.DeptRelationDao;
 import cn.datax.service.system.mapstruct.DeptMapper;
 import cn.datax.service.system.service.DeptService;
 import cn.datax.common.base.BaseServiceImpl;
+import cn.hutool.core.collection.CollUtil;
 import com.baomidou.mybatisplus.core.toolkit.Wrappers;
 import org.springframework.beans.factory.annotation.Autowired;
 import org.springframework.stereotype.Service;
 import org.springframework.transaction.annotation.Propagation;
 import org.springframework.transaction.annotation.Transactional;
 
+import java.util.List;
+import java.util.stream.Collectors;
+
 /**
  * <p>
  *  服务实现类
@@ -28,6 +34,8 @@ public class DeptServiceImpl extends BaseServiceImpl<DeptDao, DeptEntity> implem
     @Autowired
     private DeptDao deptDao;
     @Autowired
+    private DeptRelationDao deptRelationDao;
+    @Autowired
     private DeptMapper deptMapper;
 
     @Override
@@ -39,6 +47,24 @@ public class DeptServiceImpl extends BaseServiceImpl<DeptDao, DeptEntity> implem
             throw new DataException("该部门名已存在");
         }
         deptDao.insert(dept);
+        insertBatchRelation(dept);
+    }
+
+    private void insertBatchRelation(DeptEntity dept) {
+        List<DeptRelationEntity> relationList = deptRelationDao
+                .selectList(Wrappers.<DeptRelationEntity>lambdaQuery()
+                        .eq(DeptRelationEntity::getDescendant, dept.getParentId()))
+                .stream().map(relation -> {
+                    relation.setDescendant(dept.getId());
+                    return relation;
+                }).collect(Collectors.toList());
+        DeptRelationEntity own = new DeptRelationEntity();
+        own.setDescendant(dept.getId());
+        own.setAncestor(dept.getId());
+        relationList.add(own);
+        if (CollUtil.isNotEmpty(relationList)) {
+            deptRelationDao.insertBatch(relationList);
+        }
     }
 
     @Override
@@ -46,6 +72,9 @@ public class DeptServiceImpl extends BaseServiceImpl<DeptDao, DeptEntity> implem
     public void updateDept(DeptDto deptDto) {
         DeptEntity dept = deptMapper.toEntity(deptDto);
         deptDao.updateById(dept);
+        deptRelationDao.delete(Wrappers.<DeptRelationEntity>lambdaQuery()
+                .eq(DeptRelationEntity::getAncestor, dept.getId()));
+        insertBatchRelation(dept);
     }
 
     @Override
@@ -56,5 +85,6 @@ public class DeptServiceImpl extends BaseServiceImpl<DeptDao, DeptEntity> implem
             throw new DataException("该部门下存在子部门数据");
         }
         deptDao.deleteById(id);
+        deptRelationDao.deleteByAncestor(id);
     }
 }

datax-modules/system-service-parent/system-service/src/main/java/cn/datax/service/system/service/impl/RoleServiceImpl.java

@@ -2,13 +2,16 @@ package cn.datax.service.system.service.impl;
 
 import cn.datax.common.exception.DataException;
 import cn.datax.service.system.api.dto.RoleDto;
+import cn.datax.service.system.api.entity.RoleDeptEntity;
 import cn.datax.service.system.api.entity.RoleEntity;
 import cn.datax.service.system.api.entity.RoleMenuEntity;
 import cn.datax.service.system.dao.RoleDao;
+import cn.datax.service.system.dao.RoleDeptDao;
 import cn.datax.service.system.dao.RoleMenuDao;
 import cn.datax.service.system.mapstruct.RoleMapper;
 import cn.datax.service.system.service.RoleService;
 import cn.datax.common.base.BaseServiceImpl;
+import cn.hutool.core.collection.CollUtil;
 import com.baomidou.mybatisplus.core.toolkit.Wrappers;
 import org.springframework.beans.factory.annotation.Autowired;
 import org.springframework.stereotype.Service;
@@ -35,6 +38,8 @@ public class RoleServiceImpl extends BaseServiceImpl<RoleDao, RoleEntity> implem
     @Autowired
     private RoleMenuDao roleMenuDao;
     @Autowired
+    private RoleDeptDao roleDeptDao;
+    @Autowired
     private RoleMapper roleMapper;
 
     @Override
@@ -46,7 +51,12 @@ public class RoleServiceImpl extends BaseServiceImpl<RoleDao, RoleEntity> implem
             throw new DataException("该角色名已存在");
         }
         roleDao.insert(role);
-        insertBatchMenu(roleDto.getMenus(), role.getId());
+        if(CollUtil.isNotEmpty(roleDto.getMenuList())){
+            insertBatchMenu(roleDto.getMenuList(), role.getId());
+        }
+        if(CollUtil.isNotEmpty(roleDto.getDeptList())){
+            insertBatchDept(roleDto.getDeptList(), role.getId());
+        }
     }
 
     private void insertBatchMenu(List<String> menus, String roleId) {
@@ -60,6 +70,17 @@ public class RoleServiceImpl extends BaseServiceImpl<RoleDao, RoleEntity> implem
         roleMenuDao.insertBatch(roleMenuList);
     }
 
+    private void insertBatchDept(List<String> depts, String roleId) {
+        List<RoleDeptEntity> roleDeptList = depts
+                .stream().map(deptId -> {
+                    RoleDeptEntity roleDept = new RoleDeptEntity();
+                    roleDept.setRoleId(roleId);
+                    roleDept.setDeptId(deptId);
+                    return roleDept;
+                }).collect(Collectors.toList());
+        roleDeptDao.insertBatch(roleDeptList);
+    }
+
     @Override
     @Transactional(rollbackFor = Exception.class)
     public void updateRole(RoleDto roleDto) {
@@ -67,13 +88,21 @@ public class RoleServiceImpl extends BaseServiceImpl<RoleDao, RoleEntity> implem
         roleDao.updateById(role);
         roleMenuDao.delete(Wrappers.<RoleMenuEntity>lambdaQuery()
                 .eq(RoleMenuEntity::getRoleId, role.getId()));
-        insertBatchMenu(roleDto.getMenus(), role.getId());
+        if(CollUtil.isNotEmpty(roleDto.getMenuList())){
+            insertBatchMenu(roleDto.getMenuList(), role.getId());
+        }
+        roleDeptDao.delete(Wrappers.<RoleDeptEntity>lambdaQuery()
+                .eq(RoleDeptEntity::getRoleId, role.getId()));
+        if(CollUtil.isNotEmpty(roleDto.getDeptList())){
+            insertBatchDept(roleDto.getDeptList(), role.getId());
+        }
     }
 
     @Override
     @Transactional(rollbackFor = Exception.class)
     public void deleteRoleById(String id) {
         roleMenuDao.deleteByRoleId(id);
+        roleDeptDao.deleteByRoleId(id);
         roleDao.deleteById(id);
     }
 

datax-modules/system-service-parent/system-service/src/main/java/cn/datax/service/system/service/impl/UserServiceImpl.java

 package cn.datax.service.system.service.impl;
 
-import cn.datax.common.core.DataConstant;
 import cn.datax.common.exception.DataException;
 import cn.datax.service.system.api.dto.UserDto;
 import cn.datax.service.system.api.dto.UserPasswordDto;
@@ -66,10 +65,16 @@ public class UserServiceImpl extends BaseServiceImpl<UserDao, UserEntity> implem
         String passwordEncode = new BCryptPasswordEncoder().encode(user.getPassword());
         user.setPassword(passwordEncode);
         userDao.insert(user);
+        if(CollUtil.isNotEmpty(userDto.getRoleList())){
             insertBatchRole(userDto.getRoleList(), user.getId());
+        }
+        if(CollUtil.isNotEmpty(userDto.getDeptList())){
             insertBatchDept(userDto.getDeptList(), user.getId());
+        }
+        if(CollUtil.isNotEmpty(userDto.getPostList())){
             insertBatchPost(userDto.getPostList(), user.getId());
         }
+    }
 
     private void insertBatchPost(List<String> posts, String userId) {
         List<UserPostEntity> userPostList = posts
@@ -111,14 +116,20 @@ public class UserServiceImpl extends BaseServiceImpl<UserDao, UserEntity> implem
         userDao.updateById(user);
         userRoleDao.delete(Wrappers.<UserRoleEntity>lambdaQuery()
                 .eq(UserRoleEntity::getUserId, user.getId()));
+        if(CollUtil.isNotEmpty(userDto.getRoleList())){
             insertBatchRole(userDto.getRoleList(), user.getId());
+        }
         userDeptDao.delete(Wrappers.<UserDeptEntity>lambdaQuery()
                 .eq(UserDeptEntity::getUserId, user.getId()));
+        if(CollUtil.isNotEmpty(userDto.getDeptList())){
             insertBatchDept(userDto.getDeptList(), user.getId());
+        }
         userPostDao.delete(Wrappers.<UserPostEntity>lambdaQuery()
                 .eq(UserPostEntity::getUserId, user.getId()));
+        if(CollUtil.isNotEmpty(userDto.getPostList())){
             insertBatchPost(userDto.getPostList(), user.getId());
         }
+    }
 
     @Override
     @Transactional(rollbackFor = Exception.class)
@@ -152,11 +163,11 @@ public class UserServiceImpl extends BaseServiceImpl<UserDao, UserEntity> implem
             if(CollUtil.isNotEmpty(userVo.getRoles())){
                 Set<String> permissions = new HashSet<>();
                 List<String> roleIds = userVo.getRoles().stream()
-                        .filter(roleVo -> DataConstant.EnableState.ENABLE.getKey() == roleVo.getStatus())
                         .map(RoleVo::getId).collect(Collectors.toList());
                 List<MenuEntity> menuEntitys = menuDao.selectMenuByRoleIds(roleIds);
                 if(CollUtil.isNotEmpty(menuEntitys)){
-                    List<String> permissionList = menuEntitys.stream().filter(menuEntity -> StrUtil.isNotBlank(menuEntity.getMenuPerms()))
+                    List<String> permissionList = menuEntitys.stream()
+                            .filter(menuEntity -> StrUtil.isNotBlank(menuEntity.getMenuPerms()))
                             .map(MenuEntity::getMenuPerms)
                             .collect(Collectors.toList());
                     permissions.addAll(permissionList);
@@ -166,5 +177,4 @@ public class UserServiceImpl extends BaseServiceImpl<UserDao, UserEntity> implem
         }
         return userInfo;
     }
-
 }

datax-modules/system-service-parent/system-service/src/main/resources/mapper/DeptRelationMapper.xml

+<?xml version="1.0" encoding="UTF-8"?>
+<!DOCTYPE mapper PUBLIC "-//mybatis.org//DTD Mapper 3.0//EN" "http://mybatis.org/dtd/mybatis-3-mapper.dtd">
+<mapper namespace="cn.datax.service.system.dao.DeptRelationDao">
+
+    <!-- 通用查询映射结果 -->
+    <resultMap id="BaseResultMap" type="cn.datax.service.system.api.entity.DeptRelationEntity">
+        <result column="id" property="id" />
+        <result column="ancestor" property="ancestor" />
+        <result column="descendant" property="descendant" />
+    </resultMap>
+
+    <!-- 通用查询结果列 -->
+    <sql id="Base_Column_List">
+        id,
+        ancestor, descendant
+    </sql>
+
+    <insert id="insertBatch" parameterType="java.util.List">
+        INSERT INTO sys_dept_relation
+        (id, ancestor, descendant)
+        VALUES
+        <foreach collection="list" item="item" separator=",">
+            (#{item.id}, #{item.ancestor}, #{item.descendant})
+        </foreach>
+    </insert>
+
+</mapper>

datax-modules/system-service-parent/system-service/src/main/resources/mapper/MenuMapper.xml

@@ -30,10 +30,19 @@
         parent_id, menu_name, menu_path, menu_component, menu_perms, menu_icon, menu_type, menu_sort, status
     </sql>
 
+    <sql id="Menu_Column_List">
+        ${alias}.id,
+        ${alias}.create_by,
+        ${alias}.create_time,
+        ${alias}.update_by,
+        ${alias}.update_time,
+        ${alias}.parent_id, ${alias}.menu_name, ${alias}.menu_path, ${alias}.menu_component, ${alias}.menu_perms,
+        ${alias}.menu_icon, ${alias}.menu_type, ${alias}.menu_sort, ${alias}.status
+    </sql>
+
     <select id="selectMenuByRoleIds" parameterType="java.util.List" resultMap="BaseResultMap">
-        SELECT
-            m.id, m.create_by, m.create_time, m.update_by, m.update_time,
-            m.parent_id, m.menu_name, m.menu_path, m.menu_component, m.menu_perms, m.menu_icon, m.menu_type, m.menu_sort, m.status
+        SELECT DISTINCT
+            <include refid="Menu_Column_List"><property name="alias" value="m"/></include>
         FROM
         sys_menu m
         LEFT JOIN sys_role_menu rm ON m.id = rm.menu_id

datax-modules/system-service-parent/system-service/src/main/resources/mapper/RoleDeptMapper.xml

+<?xml version="1.0" encoding="UTF-8"?>
+<!DOCTYPE mapper PUBLIC "-//mybatis.org//DTD Mapper 3.0//EN" "http://mybatis.org/dtd/mybatis-3-mapper.dtd">
+<mapper namespace="cn.datax.service.system.dao.RoleDeptDao">
+
+    <!-- 通用查询映射结果 -->
+    <resultMap id="BaseResultMap" type="cn.datax.service.system.api.entity.RoleDeptEntity">
+        <result column="id" property="id" />
+        <result column="role_id" property="roleId" />
+        <result column="dept_id" property="deptId" />
+    </resultMap>
+
+    <!-- 通用查询结果列 -->
+    <sql id="Base_Column_List">
+        id,
+        role_id, dept_id
+    </sql>
+
+    <insert id="insertBatch" parameterType="java.util.List">
+        INSERT INTO sys_role_dept
+        (id, role_id, dept_id)
+        VALUES
+        <foreach collection="list" item="item" separator=",">
+            (#{item.id}, #{item.roleId}, #{item.deptId})
+        </foreach>
+    </insert>
+
+</mapper>

datax-modules/system-service-parent/system-service/src/main/resources/mapper/RoleMapper.xml

@@ -11,7 +11,10 @@
         <result column="update_time" property="updateTime" />
         <result column="role_name" property="roleName" />
         <result column="role_code" property="roleCode" />
+        <result column="data_scope" property="dataScope" />
         <result column="status" property="status" />
+        <collection property="depts" column="{roleId=id}" select="getDeptList"></collection>
+        <collection property="menus" column="{roleId=id}" select="getMenuList"></collection>
     </resultMap>
 
     <!-- 通用查询结果列 -->
@@ -21,7 +24,7 @@
         create_time,
         update_by,
         update_time,
-        role_name, role_code, status
+        role_name, role_code, data_scope, status
     </sql>
 
     <sql id="Role_Column_List">
@@ -30,7 +33,33 @@
         ${alias}.create_time,
         ${alias}.update_by,
         ${alias}.update_time,
-        ${alias}.role_name, ${alias}.role_code, ${alias}.status
+        ${alias}.role_name, ${alias}.role_code, ${alias}.data_scope, ${alias}.status
     </sql>
 
+    <select id="getDeptList" resultType="cn.datax.service.system.api.entity.DeptEntity">
+        SELECT
+        <include refid="cn.datax.service.system.dao.DeptDao.Dept_Column_List">
+            <property name="alias" value="d"/>
+        </include>
+        FROM sys_dept d
+        LEFT JOIN sys_role_dept rd ON d.id = rd.dept_id
+        WHERE 1 = 1 AND d.status = 1
+        <if test="null != roleId and '' != roleId">
+            AND rd.role_id = #{roleId}
+        </if>
+    </select>
+
+    <select id="getMenuList" resultType="cn.datax.service.system.api.entity.MenuEntity">
+        SELECT
+        <include refid="cn.datax.service.system.dao.MenuDao.Menu_Column_List">
+            <property name="alias" value="m"/>
+        </include>
+        FROM sys_menu m
+        LEFT JOIN sys_role_menu rm ON m.id = rm.menu_id
+        WHERE 1 = 1 AND m.status = 1
+        <if test="null != roleId and '' != roleId">
+            AND rm.role_id = #{roleId}
+        </if>
+    </select>
+
 </mapper>

datax-tools/datax-tool-codegen/src/main/java/cn/datax/tool/codegen/utils/CodeGenerator.java

@@ -124,7 +124,7 @@ public class CodeGenerator {
         strategy.setControllerMappingHyphenStyle(true);
         strategy.setTablePrefix("sys_");
 //        strategy.setInclude(new String[]{"sys_user", "sys_role", "sys_dept", "sys_menu", "sys_post", "sys_user_role", "sys_user_dept", "sys_user_post", "sys_role_menu"});
-        strategy.setInclude(new String[]{"sys_log"});
+        strategy.setInclude(new String[]{"sys_dept_relation", "sys_role_dept"});
         mpg.setStrategy(strategy);
         mpg.setTemplateEngine(new VelocityTemplateEngine());
         mpg.execute();