yovinchen
/
sl-express
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
sl-express/01-讲义/其他文档/权限管家使用说明.md

226 lines
15 KiB
Markdown
Raw Blame History

This file contains ambiguous Unicode characters

This file contains Unicode characters that might be confused with other characters. If you think that this is intentional, you can safely ignore this warning. Use the Escape button to reveal them.

# 1、了解权限管家
## 1.1、介绍
公司有多个业务系统,这些业务系统的公共部分包括组织、用户、权限等系统管理:
![image-20220228161416340.png](https://cdn.nlark.com/yuque/0/2022/png/27683667/1668006370555-99c927ff-03ba-4808-8a0e-444e5b65782e.png#averageHue=%23e5c29a&clientId=u7c53bb0f-967a-4&from=paste&height=245&id=u22cfb96b&name=image-20220228161416340.png&originHeight=367&originWidth=1323&originalType=binary&ratio=1&rotation=0&showTitle=false&size=72118&status=done&style=shadow&taskId=uc4634dd4-6bee-4295-b66b-f07a8958af2&title=&width=882)
这个公共的系统管理,可以剥离出一套基础组件服务,即权限管家。
传智权限管家是一个通用的权限管理中台服务,在神领物流项目中,我们使用权限系统管理企业内部员工,比如:快递员、司机、管理员等。
在权限管家中可以管理用户,管理后台系统的菜单,以及角色的管理。
## 1.2、逻辑模型
权限管家的接口根据管理范围分为公司级、应用级和系统接口,如下图:
![](https://cdn.nlark.com/yuque/0/2022/jpeg/27683667/1668007068077-d3adea97-3791-42b9-9916-3276bffe0ca8.jpeg)
# 2、部署安装
参考:[https://sl-express.itheima.net/#/zh-cn/base-service?id=权限管家](https://sl-express.itheima.net/#/zh-cn/base-service?id=%e6%9d%83%e9%99%90%e7%ae%a1%e5%ae%b6)
# 3、登录
登录地址:[http://auth.sl-express.com/api/authority/static/index.html#/login](http://auth.sl-express.com/api/authority/static/index.html#/login)
用户名密码admin/123456
![image-20220729150005960.png](https://cdn.nlark.com/yuque/0/2022/png/27683667/1666078919892-238a8f5c-beea-4cef-8874-34c5dd431647.png#averageHue=%23abccb0&clientId=u0ceffba9-1bc4-4&errorMessage=unknown%20error&from=paste&height=585&id=u05fa830c&name=image-20220729150005960.png&originHeight=965&originWidth=1920&originalType=binary&ratio=1&rotation=0&showTitle=false&size=273747&status=error&style=shadow&taskId=u37269890-fedf-4d79-854e-19952a97f70&title=&width=1163.636296379997)
![image-20220729150028329.png](https://cdn.nlark.com/yuque/0/2022/png/27683667/1666078939427-d67abbac-316e-4377-b92f-65ca682bcfbf.png#averageHue=%2388bbef&clientId=u0ceffba9-1bc4-4&errorMessage=unknown%20error&from=paste&height=554&id=u365afc6d&name=image-20220729150028329.png&originHeight=914&originWidth=1920&originalType=binary&ratio=1&rotation=0&showTitle=false&size=62032&status=error&style=shadow&taskId=ua33f3305-3b0f-4a5a-9956-2f6a0b3113e&title=&width=1163.636296379997)
# 4、应用管理
权限管家是一个多应用的管理系统,所以要接入权限管家首先需要创建应用。
【应用管理】 => 【添加应用】
![image-20220729150644377.png](https://cdn.nlark.com/yuque/0/2022/png/27683667/1666078960233-b641c8ed-0e33-412d-98d0-817dc8fc25e8.png#averageHue=%23fefefe&clientId=u0ceffba9-1bc4-4&errorMessage=unknown%20error&from=paste&height=553&id=uc76758c7&name=image-20220729150644377.png&originHeight=912&originWidth=954&originalType=binary&ratio=1&rotation=0&showTitle=false&size=52040&status=error&style=shadow&taskId=ue85d466c-9714-41b5-993c-6d3701bac61&title=&width=578.181784763811)
创建成功:
![image-20220729151041632.png](https://cdn.nlark.com/yuque/0/2022/png/27683667/1666078971344-eaa1b3e3-ccd0-45d8-97a7-987daa25ca81.png#averageHue=%23c4dbda&clientId=u0ceffba9-1bc4-4&errorMessage=unknown%20error&from=paste&height=374&id=u8bda7de2&name=image-20220729151041632.png&originHeight=617&originWidth=1109&originalType=binary&ratio=1&rotation=0&showTitle=false&size=24021&status=error&style=shadow&taskId=ufad6047c-c2b0-45b3-954a-43f3f323ee9&title=&width=672.1211732736546)
查看应用所对应的ID和CODE
![image-20220729151124872.png](https://cdn.nlark.com/yuque/0/2022/png/27683667/1666078981288-87bb1cf8-e259-4516-91fd-4e0977f54fa3.png#averageHue=%23fdfdfd&clientId=u0ceffba9-1bc4-4&errorMessage=unknown%20error&from=paste&height=519&id=ue812691e&name=image-20220729151124872.png&originHeight=857&originWidth=962&originalType=binary&ratio=1&rotation=0&showTitle=false&size=37363&status=error&style=shadow&taskId=u839884cb-d2ad-41a8-b14d-4fbf9023e1c&title=&width=583.030269332061)
# 5、组织管理
一般公司会设置不同的组织结构用来管理人员,比如:总部、分公司、人事部、行政部、财务部、物流部、物流转运等。
![image.png](https://cdn.nlark.com/yuque/0/2022/png/27683667/1666079043594-6c550bb7-4297-4632-a51d-6138eb4f8833.png#averageHue=%23fefefe&clientId=u0ceffba9-1bc4-4&errorMessage=unknown%20error&from=paste&height=554&id=ua22a343d&name=image.png&originHeight=914&originWidth=294&originalType=binary&ratio=1&rotation=0&showTitle=false&size=28719&status=error&style=shadow&taskId=u39e3bad9-a818-4c5d-97f7-415bd37435e&title=&width=178.18180788318705)
添加组织,组织是一颗树,所以需要选择上级组织:
![image.png](https://cdn.nlark.com/yuque/0/2022/png/27683667/1666079177817-0a44ba5f-06ad-41fe-b8df-e8535f11826a.png#averageHue=%23fefefe&clientId=u0ceffba9-1bc4-4&errorMessage=unknown%20error&from=paste&height=431&id=uc35f516d&name=image.png&originHeight=711&originWidth=856&originalType=binary&ratio=1&rotation=0&showTitle=false&size=26160&status=error&style=shadow&taskId=u6eeb468b-2fe7-4d57-a28b-097c55cb21a&title=&width=518.7878488027486)
添加完成:
![image.png](https://cdn.nlark.com/yuque/0/2022/png/27683667/1666079456153-cc98deef-ecb1-4e35-81bf-d25588915f8b.png#averageHue=%23fefefe&clientId=u0ceffba9-1bc4-4&errorMessage=unknown%20error&from=paste&height=296&id=u96527c90&name=image.png&originHeight=488&originWidth=1567&originalType=binary&ratio=1&rotation=0&showTitle=false&size=21006&status=error&style=shadow&taskId=ud2f41814-56d9-4f50-ac5c-b3ba065ce03&title=&width=949.6969148059663)
# 6、进入应用
对于应用的操作需要进入到应用中才能操作:
![image.png](https://cdn.nlark.com/yuque/0/2022/png/27683667/1666079551922-1b19d128-4816-400d-89db-2003acb77f6e.png#averageHue=%23d2b799&clientId=u0ceffba9-1bc4-4&errorMessage=unknown%20error&from=paste&height=159&id=uc14938b5&name=image.png&originHeight=262&originWidth=472&originalType=binary&ratio=1&rotation=0&showTitle=false&size=11941&status=error&style=shadow&taskId=uacd8a9ce-3b62-443c-8691-d0b27d1cb92&title=&width=286.06058952674925)
进入应用后可以看到左侧菜单有3项管理【用户管理】、【菜单管理】、【角色管理】
![image.png](https://cdn.nlark.com/yuque/0/2022/png/27683667/1666079574479-01b328bc-117b-4778-9558-beac57c274dd.png#averageHue=%2301162c&clientId=u0ceffba9-1bc4-4&errorMessage=unknown%20error&from=paste&height=554&id=ud17251bf&name=image.png&originHeight=914&originWidth=293&originalType=binary&ratio=1&rotation=0&showTitle=false&size=27129&status=error&style=shadow&taskId=u9895fe22-cdf3-41cc-8969-e7470a6f165&title=&width=177.57574731215578)
对应的后台系统的菜单列表:**(不要修改)**
![image.png](https://cdn.nlark.com/yuque/0/2022/png/27683667/1666079618461-a7b00305-9381-4684-95c4-99ddf733f7a7.png#averageHue=%23f0daad&clientId=u0ceffba9-1bc4-4&errorMessage=unknown%20error&from=paste&height=550&id=u675d70fa&name=image.png&originHeight=908&originWidth=1900&originalType=binary&ratio=1&rotation=0&showTitle=false&size=90783&status=error&style=shadow&taskId=u6f112e17-7cc0-4ceb-a1ed-f68b9a651e0&title=&width=1151.515084959372)
应用中的角色:
![image.png](https://cdn.nlark.com/yuque/0/2022/png/27683667/1666079661077-b08e06e2-c4e7-4c07-864e-095f6a1aa9b5.png#averageHue=%23f4f7da&clientId=u0ceffba9-1bc4-4&errorMessage=unknown%20error&from=paste&height=554&id=u7dd6dbea&name=image.png&originHeight=914&originWidth=1903&originalType=binary&ratio=1&rotation=0&showTitle=false&size=96861&status=error&style=shadow&taskId=ua8469ba7-990b-4a99-85b5-5f556cdf19b&title=&width=1153.3332666724657)
# 7、新增用户
新增用户需要【返回权限管家】进行操作,在【用户管理】中【新增用户】:
![image.png](https://cdn.nlark.com/yuque/0/2022/png/27683667/1666079718948-90c1faad-67e0-4e06-94fe-95ce2a8b9880.png#averageHue=%2301162c&clientId=u0ceffba9-1bc4-4&errorMessage=unknown%20error&from=paste&height=554&id=u9d88b308&name=image.png&originHeight=914&originWidth=275&originalType=binary&ratio=1&rotation=0&showTitle=false&size=27346&status=error&style=shadow&taskId=u72a2ac0e-1045-45fc-8c6b-2162551c896&title=&width=166.6666570335933)
![image.png](https://cdn.nlark.com/yuque/0/2022/png/27683667/1666079772068-41f5c1b5-f7e2-496e-8491-af16ae8015ee.png#averageHue=%23e5be84&clientId=u0ceffba9-1bc4-4&errorMessage=unknown%20error&from=paste&height=481&id=uc30e77cf&name=image.png&originHeight=793&originWidth=1601&originalType=binary&ratio=1&rotation=0&showTitle=false&size=88014&status=error&style=shadow&taskId=u56dd4d91-1bc3-447e-9047-625b469ed4c&title=&width=970.3029742210288)
新增用户:
![image.png](https://cdn.nlark.com/yuque/0/2022/png/27683667/1666079824788-f359f6e2-a0f3-471e-af4c-d3ce3cef73f1.png#averageHue=%23fefefe&clientId=u0ceffba9-1bc4-4&errorMessage=unknown%20error&from=paste&height=552&id=uf7965a03&name=image.png&originHeight=911&originWidth=856&originalType=binary&ratio=1&rotation=0&showTitle=false&size=33208&status=error&style=shadow&taskId=u60eb7193-d58d-4f2b-8412-39944dd9501&title=&width=518.7878488027486)
添加成功:
![image.png](https://cdn.nlark.com/yuque/0/2022/png/27683667/1666079849250-fff9f6dc-bf7c-4382-bfb2-e927917f9ada.png#averageHue=%23e5be84&clientId=u0ceffba9-1bc4-4&errorMessage=unknown%20error&from=paste&height=481&id=ua656015e&name=image.png&originHeight=793&originWidth=1604&originalType=binary&ratio=1&rotation=0&showTitle=false&size=89802&status=error&style=shadow&taskId=u830b8bd8-3c51-4401-af8e-14eb2b510fa&title=&width=972.1211559341225)
# 8、分配角色
现在为【test01】分配快递员角色怎么操作呢
首先需要进入到【神领物流】应用,在【用户管理】中分配角色:
![image.png](https://cdn.nlark.com/yuque/0/2022/png/27683667/1666080107818-b898b760-4a2c-431b-aea7-9f7d15517c4d.png#averageHue=%23f5e0c3&clientId=u0ceffba9-1bc4-4&errorMessage=unknown%20error&from=paste&height=312&id=uc0a5542f&name=image.png&originHeight=514&originWidth=1145&originalType=binary&ratio=1&rotation=0&showTitle=false&size=44890&status=error&style=shadow&taskId=ud75e5f10-7f6d-476f-bb8e-c74bb7383c5&title=&width=693.9393538307795)
![image.png](https://cdn.nlark.com/yuque/0/2022/png/27683667/1666080330679-e452e29d-dfce-47d4-b285-1c52fc804501.png#averageHue=%23fefefe&clientId=u0ceffba9-1bc4-4&errorMessage=unknown%20error&from=paste&height=179&id=uca476230&name=image.png&originHeight=296&originWidth=856&originalType=binary&ratio=1&rotation=0&showTitle=false&size=11346&status=error&style=shadow&taskId=uc344ccb8-aac2-4781-9c87-86c0630d735&title=&width=518.7878488027486)
![image.png](https://cdn.nlark.com/yuque/0/2022/png/27683667/1666080316709-f85ca464-7c8f-4720-a4f2-3983636f4323.png#averageHue=%23f5e0c3&clientId=u0ceffba9-1bc4-4&errorMessage=unknown%20error&from=paste&height=240&id=u5a5e0e8f&name=image.png&originHeight=396&originWidth=1143&originalType=binary&ratio=1&rotation=0&showTitle=false&size=34643&status=error&style=shadow&taskId=u55988f7a-5a06-4eee-a02a-16336e5b4df&title=&width=692.727232688717)
这样test01就拥有了【快递员】角色了。
同理,可以添加其他的用户了。
# 9、SDK使用说明
## 9.1、关于authority-sdk
authority-sdk是基于authority-sdk的restful接口实现的Java SDK的封装实现了token、组织、菜单、角色等功能。
## 9.2、快速集成使用
authority-sdk提供了两种方式与业务系统对接分别是
- java sdk方式
- Spring Boot集成方式
## 9.3、使用方法
### 9.3.1、java sdk方式
> **第一步导入maven依赖**
```xml
<dependency>
<groupId>com.itheima.em.auth</groupId>
<artifactId>authority-sdk</artifactId>
<version>{version}</version>
</dependency>
```
> **第二步实例化AuthTemplate对象**
```java
String host = "127.0.0.1"; //Authority服务地址
int port = 8764; //Authority服务端口
int timeout = 1000; //http请求的超时时间不传值默认为10S
//token非登录请求都需要带上,一般情况下登录成功后将该数据放入缓存中
String token = "eyJhbGciOiJSUzI1NiJ9.eyJzdWIiOiIxIiwiYWNjb3VudCI6ImFkbWluIiwibmFtZSI6IuW5s-WPsOeuoeeQhuWRmCIsIm9yZ2lkIjo4NzQyMjc2MTUxNzM0NDk4MjUsInN0YXRpb25pZCI6ODU3OTQwMTU3NDYwOTU3NTM3LCJhZG1pbmlzdHJhdG9yIjp0cnVlLCJleHAiOjE2NTEyNTkyODB9.anqT0MD9zAr13KG9OE4mqHHK2UMCOXUjeMrEsN1wy9_a14zFbjPkiDZ8dM7JirsAgj61yvshoP6pqBImdmyilQN-iFSa_ci15Ii4HhfFE1mcaRon3ojX_T9ncjHKuF9Y9ZPKT68NOzOfCwvhDrG_sDiaI1C-TwEJmhLM78FhwAI";
//应用ID非登录请求都需要带上该参数表示你需要查询哪个应用相关数据,一般情况下置于配置文件中
Long applicationId = 1L;
//登录获取token
AuthTemplate authTemplate = new AuthTemplate(host,port,TIME_OUT);
Result<LoginDTO> result = authTemplate.opsForLogin().token("admin","123456");
//后续基于AuthTemplate可以调用各种服务
AuthTemplate authTemplate = new AuthTemplate(host,port,TIME_OUT,token,applicationId);
Result<List<MenuDTO>> result = authTemplate.opsForPermission().getMenu();
log.info("菜单:{}", JSONObject.toJSONString(result));
```
### 9.3.2、Spring Boot集成方式
> **第一步导入maven依赖**
```xml
<dependency>
<groupId>com.itheima.em.auth</groupId>
<artifactId>itcast-auth-spring-boot-starter</artifactId>
<version>1.0</version>
</dependency>
<!-- 如果是SNAPSHOT版本如要在项目的pom.xml文件中引入快照版源 -->
<repositories>
<repository>
<id>sonatypeSnapshots</id>
<name>Sonatype Snapshots</name>
<releases>
<enabled>false</enabled>
</releases>
<snapshots>
<enabled>true</enabled>
</snapshots>
<url>https://s01.oss.sonatype.org/content/repositories/snapshots/</url>
</repository>
</repositories>
```
> **第二步配置application.yml文件**
```yaml
itcast:
authority:
host: 127.0.0.1 #authority服务地址,根据实际情况更改
port: 8764 #authority服务端口
timeout: 10000 #http请求的超时时间
```
**第三步,使用用例**
```java
package com.example.demo.service;
import com.alibaba.fastjson.JSONObject;
import com.itheima.auth.sdk.AuthTemplate;
import com.itheima.auth.sdk.common.Result;
import com.itheima.auth.sdk.dto.LoginDTO;
import com.itheima.auth.sdk.dto.MenuDTO;
import lombok.extern.slf4j.Slf4j;
import org.springframework.beans.factory.annotation.Value;
import org.springframework.stereotype.Service;
import java.util.List;
@Slf4j
@Service
public class AuthService {
@Value("${itcast.authority.host}")
private String host;
@Value("${itcast.authority.port}")
private int port;
private final static int TIME_OUT = 10000;
/**
* 登录获取token
* @param account
* @param password
*/
public void login(String account, String password) {
AuthTemplate authTemplate = new AuthTemplate(host,port);
Result<LoginDTO> loginDTO = authTemplate.opsForLogin().token(account, password);
log.info("登录结果:{}", JSONObject.toJSONString(loginDTO));
}
}
```
Reference in New Issue View Git Blame Copy Permalink