sl-express/01-讲义/其他文档/权限管家使用说明.md

# 1、了解权限管家
## 1.1、介绍

公司有多个业务系统，这些业务系统的公共部分包括组织、用户、权限等系统管理：
![image-20220228161416340.png](https://cdn.nlark.com/yuque/0/2022/png/27683667/1668006370555-99c927ff-03ba-4808-8a0e-444e5b65782e.png#averageHue=%23e5c29a&clientId=u7c53bb0f-967a-4&from=paste&height=245&id=u22cfb96b&name=image-20220228161416340.png&originHeight=367&originWidth=1323&originalType=binary&ratio=1&rotation=0&showTitle=false&size=72118&status=done&style=shadow&taskId=uc4634dd4-6bee-4295-b66b-f07a8958af2&title=&width=882)
这个公共的系统管理，可以剥离出一套基础组件服务，即权限管家。

传智权限管家是一个通用的权限管理中台服务，在神领物流项目中，我们使用权限系统管理企业内部员工，比如：快递员、司机、管理员等。

在权限管家中可以管理用户，管理后台系统的菜单，以及角色的管理。
## 1.2、逻辑模型

权限管家的接口根据管理范围分为公司级、应用级和系统接口，如下图：
![](https://cdn.nlark.com/yuque/0/2022/jpeg/27683667/1668007068077-d3adea97-3791-42b9-9916-3276bffe0ca8.jpeg)
# 2、部署安装

参考：[https://sl-express.itheima.net/#/zh-cn/base-service?id=权限管家](https://sl-express.itheima.net/#/zh-cn/base-service?id=%e6%9d%83%e9%99%90%e7%ae%a1%e5%ae%b6)
# 3、登录

登录地址：[http://auth.sl-express.com/api/authority/static/index.html#/login](http://auth.sl-express.com/api/authority/static/index.html#/login)

用户名密码：admin/123456

![image-20220729150005960.png](https://cdn.nlark.com/yuque/0/2022/png/27683667/1666078919892-238a8f5c-beea-4cef-8874-34c5dd431647.png#averageHue=%23abccb0&clientId=u0ceffba9-1bc4-4&errorMessage=unknown%20error&from=paste&height=585&id=u05fa830c&name=image-20220729150005960.png&originHeight=965&originWidth=1920&originalType=binary&ratio=1&rotation=0&showTitle=false&size=273747&status=error&style=shadow&taskId=u37269890-fedf-4d79-854e-19952a97f70&title=&width=1163.636296379997)

![image-20220729150028329.png](https://cdn.nlark.com/yuque/0/2022/png/27683667/1666078939427-d67abbac-316e-4377-b92f-65ca682bcfbf.png#averageHue=%2388bbef&clientId=u0ceffba9-1bc4-4&errorMessage=unknown%20error&from=paste&height=554&id=u365afc6d&name=image-20220729150028329.png&originHeight=914&originWidth=1920&originalType=binary&ratio=1&rotation=0&showTitle=false&size=62032&status=error&style=shadow&taskId=ua33f3305-3b0f-4a5a-9956-2f6a0b3113e&title=&width=1163.636296379997)

# 4、应用管理

权限管家是一个多应用的管理系统，所以要接入权限管家首先需要创建应用。

【应用管理】 => 【添加应用】
![image-20220729150644377.png](https://cdn.nlark.com/yuque/0/2022/png/27683667/1666078960233-b641c8ed-0e33-412d-98d0-817dc8fc25e8.png#averageHue=%23fefefe&clientId=u0ceffba9-1bc4-4&errorMessage=unknown%20error&from=paste&height=553&id=uc76758c7&name=image-20220729150644377.png&originHeight=912&originWidth=954&originalType=binary&ratio=1&rotation=0&showTitle=false&size=52040&status=error&style=shadow&taskId=ue85d466c-9714-41b5-993c-6d3701bac61&title=&width=578.181784763811)

创建成功：

![image-20220729151041632.png](https://cdn.nlark.com/yuque/0/2022/png/27683667/1666078971344-eaa1b3e3-ccd0-45d8-97a7-987daa25ca81.png#averageHue=%23c4dbda&clientId=u0ceffba9-1bc4-4&errorMessage=unknown%20error&from=paste&height=374&id=u8bda7de2&name=image-20220729151041632.png&originHeight=617&originWidth=1109&originalType=binary&ratio=1&rotation=0&showTitle=false&size=24021&status=error&style=shadow&taskId=ufad6047c-c2b0-45b3-954a-43f3f323ee9&title=&width=672.1211732736546)

查看应用所对应的ID和CODE：
![image-20220729151124872.png](https://cdn.nlark.com/yuque/0/2022/png/27683667/1666078981288-87bb1cf8-e259-4516-91fd-4e0977f54fa3.png#averageHue=%23fdfdfd&clientId=u0ceffba9-1bc4-4&errorMessage=unknown%20error&from=paste&height=519&id=ue812691e&name=image-20220729151124872.png&originHeight=857&originWidth=962&originalType=binary&ratio=1&rotation=0&showTitle=false&size=37363&status=error&style=shadow&taskId=u839884cb-d2ad-41a8-b14d-4fbf9023e1c&title=&width=583.030269332061)

# 5、组织管理

一般公司会设置不同的组织结构用来管理人员，比如：总部、分公司、人事部、行政部、财务部、物流部、物流转运等。

![image.png](https://cdn.nlark.com/yuque/0/2022/png/27683667/1666079043594-6c550bb7-4297-4632-a51d-6138eb4f8833.png#averageHue=%23fefefe&clientId=u0ceffba9-1bc4-4&errorMessage=unknown%20error&from=paste&height=554&id=ua22a343d&name=image.png&originHeight=914&originWidth=294&originalType=binary&ratio=1&rotation=0&showTitle=false&size=28719&status=error&style=shadow&taskId=u39e3bad9-a818-4c5d-97f7-415bd37435e&title=&width=178.18180788318705)

添加组织，组织是一颗树，所以需要选择上级组织：

![image.png](https://cdn.nlark.com/yuque/0/2022/png/27683667/1666079177817-0a44ba5f-06ad-41fe-b8df-e8535f11826a.png#averageHue=%23fefefe&clientId=u0ceffba9-1bc4-4&errorMessage=unknown%20error&from=paste&height=431&id=uc35f516d&name=image.png&originHeight=711&originWidth=856&originalType=binary&ratio=1&rotation=0&showTitle=false&size=26160&status=error&style=shadow&taskId=u6eeb468b-2fe7-4d57-a28b-097c55cb21a&title=&width=518.7878488027486)

添加完成：

![image.png](https://cdn.nlark.com/yuque/0/2022/png/27683667/1666079456153-cc98deef-ecb1-4e35-81bf-d25588915f8b.png#averageHue=%23fefefe&clientId=u0ceffba9-1bc4-4&errorMessage=unknown%20error&from=paste&height=296&id=u96527c90&name=image.png&originHeight=488&originWidth=1567&originalType=binary&ratio=1&rotation=0&showTitle=false&size=21006&status=error&style=shadow&taskId=ud2f41814-56d9-4f50-ac5c-b3ba065ce03&title=&width=949.6969148059663)

# 6、进入应用

对于应用的操作需要进入到应用中才能操作：

![image.png](https://cdn.nlark.com/yuque/0/2022/png/27683667/1666079551922-1b19d128-4816-400d-89db-2003acb77f6e.png#averageHue=%23d2b799&clientId=u0ceffba9-1bc4-4&errorMessage=unknown%20error&from=paste&height=159&id=uc14938b5&name=image.png&originHeight=262&originWidth=472&originalType=binary&ratio=1&rotation=0&showTitle=false&size=11941&status=error&style=shadow&taskId=uacd8a9ce-3b62-443c-8691-d0b27d1cb92&title=&width=286.06058952674925)

进入应用后，可以看到左侧菜单有3项管理：【用户管理】、【菜单管理】、【角色管理】

![image.png](https://cdn.nlark.com/yuque/0/2022/png/27683667/1666079574479-01b328bc-117b-4778-9558-beac57c274dd.png#averageHue=%2301162c&clientId=u0ceffba9-1bc4-4&errorMessage=unknown%20error&from=paste&height=554&id=ud17251bf&name=image.png&originHeight=914&originWidth=293&originalType=binary&ratio=1&rotation=0&showTitle=false&size=27129&status=error&style=shadow&taskId=u9895fe22-cdf3-41cc-8969-e7470a6f165&title=&width=177.57574731215578)

对应的后台系统的菜单列表：**（不要修改）**

![image.png](https://cdn.nlark.com/yuque/0/2022/png/27683667/1666079618461-a7b00305-9381-4684-95c4-99ddf733f7a7.png#averageHue=%23f0daad&clientId=u0ceffba9-1bc4-4&errorMessage=unknown%20error&from=paste&height=550&id=u675d70fa&name=image.png&originHeight=908&originWidth=1900&originalType=binary&ratio=1&rotation=0&showTitle=false&size=90783&status=error&style=shadow&taskId=u6f112e17-7cc0-4ceb-a1ed-f68b9a651e0&title=&width=1151.515084959372)

应用中的角色：

![image.png](https://cdn.nlark.com/yuque/0/2022/png/27683667/1666079661077-b08e06e2-c4e7-4c07-864e-095f6a1aa9b5.png#averageHue=%23f4f7da&clientId=u0ceffba9-1bc4-4&errorMessage=unknown%20error&from=paste&height=554&id=u7dd6dbea&name=image.png&originHeight=914&originWidth=1903&originalType=binary&ratio=1&rotation=0&showTitle=false&size=96861&status=error&style=shadow&taskId=ua8469ba7-990b-4a99-85b5-5f556cdf19b&title=&width=1153.3332666724657)

# 7、新增用户

新增用户需要【返回权限管家】进行操作，在【用户管理】中【新增用户】：

![image.png](https://cdn.nlark.com/yuque/0/2022/png/27683667/1666079718948-90c1faad-67e0-4e06-94fe-95ce2a8b9880.png#averageHue=%2301162c&clientId=u0ceffba9-1bc4-4&errorMessage=unknown%20error&from=paste&height=554&id=u9d88b308&name=image.png&originHeight=914&originWidth=275&originalType=binary&ratio=1&rotation=0&showTitle=false&size=27346&status=error&style=shadow&taskId=u72a2ac0e-1045-45fc-8c6b-2162551c896&title=&width=166.6666570335933)
![image.png](https://cdn.nlark.com/yuque/0/2022/png/27683667/1666079772068-41f5c1b5-f7e2-496e-8491-af16ae8015ee.png#averageHue=%23e5be84&clientId=u0ceffba9-1bc4-4&errorMessage=unknown%20error&from=paste&height=481&id=uc30e77cf&name=image.png&originHeight=793&originWidth=1601&originalType=binary&ratio=1&rotation=0&showTitle=false&size=88014&status=error&style=shadow&taskId=u56dd4d91-1bc3-447e-9047-625b469ed4c&title=&width=970.3029742210288)

新增用户：

![image.png](https://cdn.nlark.com/yuque/0/2022/png/27683667/1666079824788-f359f6e2-a0f3-471e-af4c-d3ce3cef73f1.png#averageHue=%23fefefe&clientId=u0ceffba9-1bc4-4&errorMessage=unknown%20error&from=paste&height=552&id=uf7965a03&name=image.png&originHeight=911&originWidth=856&originalType=binary&ratio=1&rotation=0&showTitle=false&size=33208&status=error&style=shadow&taskId=u60eb7193-d58d-4f2b-8412-39944dd9501&title=&width=518.7878488027486)

添加成功：

![image.png](https://cdn.nlark.com/yuque/0/2022/png/27683667/1666079849250-fff9f6dc-bf7c-4382-bfb2-e927917f9ada.png#averageHue=%23e5be84&clientId=u0ceffba9-1bc4-4&errorMessage=unknown%20error&from=paste&height=481&id=ua656015e&name=image.png&originHeight=793&originWidth=1604&originalType=binary&ratio=1&rotation=0&showTitle=false&size=89802&status=error&style=shadow&taskId=u830b8bd8-3c51-4401-af8e-14eb2b510fa&title=&width=972.1211559341225)

# 8、分配角色

现在为【test01】分配快递员角色，怎么操作呢？

首先需要进入到【神领物流】应用，在【用户管理】中分配角色：

![image.png](https://cdn.nlark.com/yuque/0/2022/png/27683667/1666080107818-b898b760-4a2c-431b-aea7-9f7d15517c4d.png#averageHue=%23f5e0c3&clientId=u0ceffba9-1bc4-4&errorMessage=unknown%20error&from=paste&height=312&id=uc0a5542f&name=image.png&originHeight=514&originWidth=1145&originalType=binary&ratio=1&rotation=0&showTitle=false&size=44890&status=error&style=shadow&taskId=ud75e5f10-7f6d-476f-bb8e-c74bb7383c5&title=&width=693.9393538307795)

![image.png](https://cdn.nlark.com/yuque/0/2022/png/27683667/1666080330679-e452e29d-dfce-47d4-b285-1c52fc804501.png#averageHue=%23fefefe&clientId=u0ceffba9-1bc4-4&errorMessage=unknown%20error&from=paste&height=179&id=uca476230&name=image.png&originHeight=296&originWidth=856&originalType=binary&ratio=1&rotation=0&showTitle=false&size=11346&status=error&style=shadow&taskId=uc344ccb8-aac2-4781-9c87-86c0630d735&title=&width=518.7878488027486)

![image.png](https://cdn.nlark.com/yuque/0/2022/png/27683667/1666080316709-f85ca464-7c8f-4720-a4f2-3983636f4323.png#averageHue=%23f5e0c3&clientId=u0ceffba9-1bc4-4&errorMessage=unknown%20error&from=paste&height=240&id=u5a5e0e8f&name=image.png&originHeight=396&originWidth=1143&originalType=binary&ratio=1&rotation=0&showTitle=false&size=34643&status=error&style=shadow&taskId=u55988f7a-5a06-4eee-a02a-16336e5b4df&title=&width=692.727232688717)

这样，test01就拥有了【快递员】角色了。

同理，可以添加其他的用户了。
# 9、SDK使用说明
## 9.1、关于authority-sdk

authority-sdk是基于authority-sdk的restful接口实现的Java SDK的封装，实现了token、组织、菜单、角色等功能。
## 9.2、快速集成使用

authority-sdk提供了两种方式与业务系统对接，分别是：

- java sdk方式
- Spring Boot集成方式
## 9.3、使用方法
### 9.3.1、java sdk方式
> **第一步，导入maven依赖**

```xml
<dependency>
    <groupId>com.itheima.em.auth</groupId>
    <artifactId>authority-sdk</artifactId>
    <version>{version}</version>
</dependency>
```

> **第二步，实例化AuthTemplate对象**


```java
String host = "127.0.0.1"; //Authority服务地址
int port = 8764; //Authority服务端口
int timeout = 1000; //http请求的超时时间，不传值默认为10S
        
//token，非登录请求都需要带上,一般情况下登录成功后将该数据放入缓存中        
String token = "eyJhbGciOiJSUzI1NiJ9.eyJzdWIiOiIxIiwiYWNjb3VudCI6ImFkbWluIiwibmFtZSI6IuW5s-WPsOeuoeeQhuWRmCIsIm9yZ2lkIjo4NzQyMjc2MTUxNzM0NDk4MjUsInN0YXRpb25pZCI6ODU3OTQwMTU3NDYwOTU3NTM3LCJhZG1pbmlzdHJhdG9yIjp0cnVlLCJleHAiOjE2NTEyNTkyODB9.anqT0MD9zAr13KG9OE4mqHHK2UMCOXUjeMrEsN1wy9_a14zFbjPkiDZ8dM7JirsAgj61yvshoP6pqBImdmyilQN-iFSa_ci15Ii4HhfFE1mcaRon3ojX_T9ncjHKuF9Y9ZPKT68NOzOfCwvhDrG_sDiaI1C-TwEJmhLM78FhwAI";
//应用ID，非登录请求都需要带上，该参数表示你需要查询哪个应用相关数据,一般情况下置于配置文件中
Long applicationId = 1L;
//登录获取token
AuthTemplate authTemplate = new AuthTemplate(host,port,TIME_OUT);
Result<LoginDTO> result = authTemplate.opsForLogin().token("admin","123456");

//后续基于AuthTemplate可以调用各种服务
AuthTemplate authTemplate = new AuthTemplate(host,port,TIME_OUT,token,applicationId);
Result<List<MenuDTO>> result = authTemplate.opsForPermission().getMenu();
log.info("菜单：{}", JSONObject.toJSONString(result));
```

### 9.3.2、Spring Boot集成方式
> **第一步，导入maven依赖**


```xml
<dependency>
    <groupId>com.itheima.em.auth</groupId>
    <artifactId>itcast-auth-spring-boot-starter</artifactId>
    <version>1.0</version>
</dependency>

<!-- 如果是SNAPSHOT版本，如要在项目的pom.xml文件中引入快照版源 -->
<repositories>
    <repository>
        <id>sonatypeSnapshots</id>
        <name>Sonatype Snapshots</name>
        <releases>
            <enabled>false</enabled>
        </releases>
        <snapshots>
            <enabled>true</enabled>
        </snapshots>
        <url>https://s01.oss.sonatype.org/content/repositories/snapshots/</url>
    </repository>
</repositories>
```

> **第二步，配置application.yml文件**


```yaml
itcast:
  authority:
    host: 127.0.0.1 #authority服务地址,根据实际情况更改
    port: 8764 #authority服务端口
    timeout: 10000 #http请求的超时时间
```

**第三步，使用用例**

```java
package com.example.demo.service;

import com.alibaba.fastjson.JSONObject;
import com.itheima.auth.sdk.AuthTemplate;
import com.itheima.auth.sdk.common.Result;
import com.itheima.auth.sdk.dto.LoginDTO;
import com.itheima.auth.sdk.dto.MenuDTO;
import lombok.extern.slf4j.Slf4j;
import org.springframework.beans.factory.annotation.Value;
import org.springframework.stereotype.Service;

import java.util.List;

@Slf4j
@Service
public class AuthService {

    @Value("${itcast.authority.host}")
    private String host;

    @Value("${itcast.authority.port}")
    private int port;

    private final static int TIME_OUT = 10000;

    /**
     * 登录获取token
     * @param account
     * @param password
     */
    public void login(String account, String password) {
        AuthTemplate authTemplate = new AuthTemplate(host,port);
        Result<LoginDTO> loginDTO = authTemplate.opsForLogin().token(account, password);
        log.info("登录结果：{}", JSONObject.toJSONString(loginDTO));
    }
}
```