动态路由

2025-10-31 22:42:39 +08:00 · 2025-10-31 22:42:39 +08:00 · f8e520e2fc
commit f8e520e2fc
parent 563c189d8d
3 changed files with 22 additions and 28 deletions
--- a/backend/src/main/java/com/qqchen/deploy/backend/deploy/api/TeamApiController.java
+++ b/backend/src/main/java/com/qqchen/deploy/backend/deploy/api/TeamApiController.java
@ -4,53 +4,36 @@ import com.qqchen.deploy.backend.deploy.dto.TeamDTO;
 import com.qqchen.deploy.backend.deploy.entity.Team;
 import com.qqchen.deploy.backend.deploy.query.TeamQuery;
 import com.qqchen.deploy.backend.deploy.service.ITeamService;
-import com.qqchen.deploy.backend.framework.api.Response;
 import com.qqchen.deploy.backend.framework.controller.BaseController;
-import com.qqchen.deploy.backend.framework.security.annotation.CheckPermission;
 import com.qqchen.deploy.backend.framework.security.annotation.PermissionPrefix;
 import io.swagger.v3.oas.annotations.tags.Tag;
 import jakarta.annotation.Resource;
 import jakarta.servlet.http.HttpServletResponse;
-import jakarta.validation.Valid;
 import lombok.extern.slf4j.Slf4j;
-import org.springframework.web.bind.annotation.*;
+import org.springframework.web.bind.annotation.RequestMapping;
+import org.springframework.web.bind.annotation.RestController;

 import java.util.List;

 /**
 * 团队API控制器
+ * 继承 BaseController 自动具有基础CRUD权限：
+ * - deploy:team:create (创建)
+ * - deploy:team:update (修改)
+ * - deploy:team:delete (删除)
+ * - deploy:team:view   (详情)
+ * - deploy:team:list   (列表/分页/导出)
 */
@Slf4j
@RestController
@RequestMapping("/api/v1/teams")
-@PermissionPrefix("deploy:team")  // ✅ 定义权限前缀
+@PermissionPrefix("deploy:team")
@Tag(name = "团队管理", description = "团队的增删改查接口")
 public class TeamApiController extends BaseController<Team, TeamDTO, Long, TeamQuery> {

    @Resource
    private ITeamService teamService;

-    // ✅ 需要 "deploy:team:create" 权限
-    @Override
-    @CheckPermission("create")
-    public Response<TeamDTO> create(@RequestBody @Valid TeamDTO dto) {
-        return super.create(dto);
-    }
-
-    // ✅ 需要 "deploy:team:update" 权限
-    @Override
-    @CheckPermission("update")
-    public Response<TeamDTO> update(@PathVariable Long id, @RequestBody @Valid TeamDTO dto) {
-        return super.update(id, dto);
-    }
-
-    // ✅ 需要 "deploy:team:delete" 权限
-    @Override
-    @CheckPermission("delete")
-    public Response<Void> delete(@PathVariable Long id) {
-        return super.delete(id);
-    }
-
    @Override
    protected void exportData(HttpServletResponse response, List<TeamDTO> data) {
        // TODO: 实现导出功能
--- a/backend/src/main/java/com/qqchen/deploy/backend/framework/controller/BaseController.java
+++ b/backend/src/main/java/com/qqchen/deploy/backend/framework/controller/BaseController.java
@ -4,6 +4,7 @@ import com.qqchen.deploy.backend.framework.domain.Entity;
 import com.qqchen.deploy.backend.framework.dto.BaseDTO;
 import com.qqchen.deploy.backend.framework.query.BaseQuery;
 import com.qqchen.deploy.backend.framework.api.Response;
+import com.qqchen.deploy.backend.framework.security.annotation.CheckPermission;
 import com.qqchen.deploy.backend.framework.service.IBaseService;
 import jakarta.servlet.http.HttpServletResponse;
 import org.springframework.data.domain.Page;
@ -16,6 +17,8 @@ import java.util.concurrent.CompletableFuture;

 /**
 * 通用REST控制器
+ * 所有继承此类的Controller自动具有基础CRUD权限控制
+ * 需要在子类上添加 @PermissionPrefix 注解指定权限前缀
 */
@Validated
 public abstract class BaseController<T extends Entity<ID>, D extends BaseDTO, ID extends Serializable, Q extends BaseQuery> {
@ -23,42 +26,50 @@ public abstract class BaseController<T extends Entity<ID>, D extends BaseDTO, ID
    protected IBaseService<T, D, Q, ID> service;

    @PostMapping
+    @CheckPermission("create")
    public Response<D> create(@Validated @RequestBody D dto) {
        return Response.success(service.create(dto));
    }

    @PutMapping("/{id}")
+    @CheckPermission("update")
    public Response<D> update(@PathVariable ID id, @Validated @RequestBody D dto) {
        return Response.success(service.update(id, dto));
    }

    @DeleteMapping("/{id}")
+    @CheckPermission("delete")
    public Response<Void> delete(@PathVariable ID id) {
        service.delete(id);
        return Response.success();
    }

    @GetMapping("/{id}")
+    @CheckPermission("view")
    public Response<D> findById(@PathVariable ID id) {
        return Response.success(service.findById(id));
    }

    @GetMapping
+    @CheckPermission("list")
    public Response<List<D>> findAll() {
        return Response.success(service.findAll());
    }

    @GetMapping("/page")
+    @CheckPermission("list")
    public Response<Page<D>> page(Q query) {
        return Response.success(service.page(query));
    }

    @GetMapping("/list")
+    @CheckPermission("list")
    public Response<List<D>> findAll(Q query) {
        return Response.success(service.findAll(query));
    }

    @PostMapping("/batch")
+    @CheckPermission("create")
    public CompletableFuture<Response<Void>> batchProcess(@RequestBody List<D> dtos) {
        return CompletableFuture.runAsync(() -> {
            service.batchProcess(dtos);
@ -66,6 +77,7 @@ public abstract class BaseController<T extends Entity<ID>, D extends BaseDTO, ID
    }

    @GetMapping("/export")
+    @CheckPermission("list")
    public void export(HttpServletResponse response, Q query) {
        List<D> data = service.findAll(query);
        exportData(response, data);
--- a/backend/src/main/java/com/qqchen/deploy/backend/framework/security/aspect/PermissionCheckAspect.java
+++ b/backend/src/main/java/com/qqchen/deploy/backend/framework/security/aspect/PermissionCheckAspect.java
@ -79,8 +79,7 @@ public class PermissionCheckAspect {
        if (!hasPermission) {
            log.warn("权限检查失败: user={}, required={}", 
                authentication.getName(), requiredPermission);
-            throw new BusinessException(ResponseCode.FORBIDDEN, 
-                new Object[]{"缺少权限: " + requiredPermission});
+            throw new BusinessException(ResponseCode.FORBIDDEN);
        }
        
        log.debug("权限检查通过: {}", requiredPermission);