若依 2.2

Merge pull request !12 from jingfeng/master

README.md

@@ -2,12 +2,12 @@
 
 * 采用前后端分离的模式，微服务版本前端(基于 [RuoYi-Vue](https://gitee.com/y_project/RuoYi-Vue))。
 * 后端采用Spring Boot、Spring Cloud & Alibaba。
-* 注册中心、配置中心选型Nacos，权限认证使用OAuth2。
+* 注册中心、配置中心选型Nacos，权限认证使用Redis。
 * 流量控制框架选型Sentinel。
-* 感谢[ruoyi-cloud-design](https://gitee.com/zhangmrit/ruoyi-cloud)，[pig](https://gitee.com/log4j/pig)。
 * 如需不分离应用，请移步 [RuoYi](https://gitee.com/y_project/RuoYi)，如需分离应用，请移步 [RuoYi-Vue](https://gitee.com/y_project/RuoYi-Vue)
 * 阿里云优惠券：[点我进入](https://www.aliyun.com/minisite/goods?userCode=brki8iof&share_source=copy_link)，腾讯云优惠券：[点我领取](https://cloud.tencent.com/redirect.php?redirect=1025&cps_key=198c8df2ed259157187173bc7f4f32fd&from=console)  
 
+#### 友情链接 [若依/RuoYi-Cloud](https://gitee.com/zhangmrit/ruoyi-cloud) Ant Design版本。
 
 ## 系统模块
 
@@ -74,27 +74,27 @@ com.ruoyi
         <td><img src="https://oscimg.oschina.net/oscnet/1cbcf0e6f257c7d3a063c0e3f2ff989e4b3.jpg"/></td>
     </tr>
     <tr>
-        <td><img src="https://oscimg.oschina.net/oscnet/707825ad3f29de74a8d6d02fbd73ad631ea.jpg"/></td>
+        <td><img src="https://oscimg.oschina.net/oscnet/up-8074972883b5ba0622e13246738ebba237a.png"/></td>
-        <td><img src="https://oscimg.oschina.net/oscnet/46be40cc6f01aa300eed53a19b5012bf484.jpg"/></td>
+        <td><img src="https://oscimg.oschina.net/oscnet/up-9f88719cdfca9af2e58b352a20e23d43b12.png"/></td>
     </tr>
     <tr>
-        <td><img src="https://oscimg.oschina.net/oscnet/4284796d4cea240d181b8f2201813dda710.jpg"/></td>
+        <td><img src="https://oscimg.oschina.net/oscnet/up-39bf2584ec3a529b0d5a3b70d15c9b37646.png"/></td>
-        <td><img src="https://oscimg.oschina.net/oscnet/3ecfac87a049f7fe36abbcaafb2c40d36cf.jpg"/></td>
+        <td><img src="https://oscimg.oschina.net/oscnet/up-4148b24f58660a9dc347761e4cf6162f28f.png"/></td>
     </tr>
 	<tr>
-        <td><img src="https://oscimg.oschina.net/oscnet/71c2d48905221a09a728df4aff4160b8607.jpg"/></td>
+        <td><img src="https://oscimg.oschina.net/oscnet/up-b2d62ceb95d2dd9b3fbe157bb70d26001e9.png"/></td>
-        <td><img src="https://oscimg.oschina.net/oscnet/c14c1ee9a64a6a9c2c22f67d43198767dbe.jpg"/></td>
+        <td><img src="https://oscimg.oschina.net/oscnet/up-d67451d308b7a79ad6819723396f7c3d77a.png"/></td>
     </tr>	 
     <tr>
         <td><img src="https://oscimg.oschina.net/oscnet/5e8c387724954459291aafd5eb52b456f53.jpg"/></td>
         <td><img src="https://oscimg.oschina.net/oscnet/644e78da53c2e92a95dfda4f76e6d117c4b.jpg"/></td>
     </tr>
 	<tr>
-        <td><img src="https://oscimg.oschina.net/oscnet/fdea1d8bb8625c27bf964176a2c8ebc6945.jpg"/></td>
+        <td><img src="https://oscimg.oschina.net/oscnet/up-8370a0d02977eebf6dbf854c8450293c937.png"/></td>
-        <td><img src="https://oscimg.oschina.net/oscnet/509d2708cfd762b6e6339364cac1cc1970c.jpg"/></td>
+        <td><img src="https://oscimg.oschina.net/oscnet/up-49003ed83f60f633e7153609a53a2b644f7.png"/></td>
     </tr>
 	<tr>
-        <td><img src="https://oscimg.oschina.net/oscnet/up-f1fd681cc9d295db74e85ad6d2fe4389454.png"/></td>
+        <td><img src="https://oscimg.oschina.net/oscnet/up-d4fe726319ece268d4746602c39cffc0621.png"/></td>
         <td><img src="https://oscimg.oschina.net/oscnet/up-c195234bbcd30be6927f037a6755e6ab69c.png"/></td>
     </tr>
 	<tr>
@@ -110,4 +110,4 @@ com.ruoyi
 
 ## 若依微服务交流群
 
-QQ群： [![加入QQ群](https://img.shields.io/badge/42799195-blue.svg)](https://jq.qq.com/?_wv=1027&k=yqInfq0S) 点击按钮入群。
+QQ群： [![加入QQ群](https://img.shields.io/badge/已满-42799195-blue.svg)](https://jq.qq.com/?_wv=1027&k=yqInfq0S) [![加入QQ群](https://img.shields.io/badge/170157040-blue.svg)](https://jq.qq.com/?_wv=1027&k=Oy1mb3p8) 点击按钮入群。

pom.xml

@@ -6,20 +6,21 @@
 
     <groupId>com.ruoyi</groupId>
     <artifactId>ruoyi</artifactId>
-    <version>2.0.0</version>
+    <version>2.2.0</version>
 
     <name>ruoyi</name>
     <url>http://www.ruoyi.vip</url>
     <description>若依微服务系统</description>
 
     <properties>
-        <ruoyi.version>2.0.0</ruoyi.version>
+        <ruoyi.version>2.2.0</ruoyi.version>
         <project.build.sourceEncoding>UTF-8</project.build.sourceEncoding>
         <project.reporting.outputEncoding>UTF-8</project.reporting.outputEncoding>
         <java.version>1.8</java.version>
-        <spring-boot.version>2.2.6.RELEASE</spring-boot.version>
+        <spring-boot.version>2.3.4.RELEASE</spring-boot.version>
-        <spring-cloud.version>Hoxton.SR4</spring-cloud.version>
+        <spring-cloud.version>Hoxton.SR8</spring-cloud.version>
-		<spring-boot-admin.version>2.2.3</spring-boot-admin.version>
+        <spring-cloud-alibaba.version>2.2.3.RELEASE</spring-cloud-alibaba.version>
+		<spring-boot-admin.version>2.3.0</spring-boot-admin.version>
         <spring-boot.mybatis>2.1.2</spring-boot.mybatis>
         <swagger.fox.version>2.9.2</swagger.fox.version>
         <swagger.core.version>1.5.24</swagger.core.version>
@@ -28,7 +29,7 @@
         <commons.io.version>2.5</commons.io.version>
         <commons.fileupload.version>1.3.3</commons.fileupload.version>
         <velocity.version>1.7</velocity.version>
-        <fastjson.version>1.2.70</fastjson.version>
+        <fastjson.version>1.2.73</fastjson.version>
 		<poi.version>3.17</poi.version>
         <common-pool.version>2.6.2</common-pool.version>
     </properties>
@@ -50,7 +51,7 @@
             <dependency>
                 <groupId>com.alibaba.cloud</groupId>
                 <artifactId>spring-cloud-alibaba-dependencies</artifactId>
-                <version>2.2.1.RELEASE</version>
+                <version>${spring-cloud-alibaba.version}</version>
                 <type>pom</type>
                 <scope>import</scope>
             </dependency>

ruoyi-api/pom.xml

@@ -4,7 +4,7 @@
     <parent>
         <groupId>com.ruoyi</groupId>
         <artifactId>ruoyi</artifactId>
-        <version>2.0.0</version>
+        <version>2.2.0</version>
     </parent>
     <modelVersion>4.0.0</modelVersion>
 

ruoyi-api/ruoyi-api-system/pom.xml

@@ -5,7 +5,7 @@
     <parent>
         <groupId>com.ruoyi</groupId>
         <artifactId>ruoyi-api</artifactId>
-        <version>2.0.0</version>
+        <version>2.2.0</version>
     </parent>
     <modelVersion>4.0.0</modelVersion>
     

ruoyi-api/ruoyi-api-system/src/main/java/com/ruoyi/system/api/RemoteUserService.java

@@ -6,7 +6,7 @@ import org.springframework.web.bind.annotation.PathVariable;
 import com.ruoyi.common.core.constant.ServiceNameConstants;
 import com.ruoyi.common.core.domain.R;
 import com.ruoyi.system.api.factory.RemoteUserFallbackFactory;
-import com.ruoyi.system.api.model.UserInfo;
+import com.ruoyi.system.api.model.LoginUser;
 
 /**
  * 用户服务
@@ -23,5 +23,5 @@ public interface RemoteUserService
      * @return 结果
      */
     @GetMapping(value = "/user/info/{username}")
-    public R<UserInfo> getUserInfo(@PathVariable("username") String username);
+    public R<LoginUser> getUserInfo(@PathVariable("username") String username);
 }

ruoyi-api/ruoyi-api-system/src/main/java/com/ruoyi/system/api/domain/SysRole.java

@@ -37,6 +37,12 @@ public class SysRole extends BaseEntity
     @Excel(name = "数据范围", readConverterExp = "1=所有数据权限,2=自定义数据权限,3=本部门数据权限,4=本部门及以下数据权限")
     private String dataScope;
 
+    /** 菜单树选择项是否关联显示（ 0：父子不互相关联显示 1：父子互相关联显示） */
+    private boolean menuCheckStrictly;
+
+    /** 部门树选择项是否关联显示（0：父子不互相关联显示 1：父子互相关联显示 ） */
+    private boolean deptCheckStrictly;
+
     /** 角色状态（0正常 1停用） */
     @Excel(name = "角色状态", readConverterExp = "0=正常,1=停用")
     private String status;
@@ -128,6 +134,26 @@ public class SysRole extends BaseEntity
         this.dataScope = dataScope;
     }
 
+    public boolean isMenuCheckStrictly()
+    {
+        return menuCheckStrictly;
+    }
+
+    public void setMenuCheckStrictly(boolean menuCheckStrictly)
+    {
+        this.menuCheckStrictly = menuCheckStrictly;
+    }
+
+    public boolean isDeptCheckStrictly()
+    {
+        return deptCheckStrictly;
+    }
+
+    public void setDeptCheckStrictly(boolean deptCheckStrictly)
+    {
+        this.deptCheckStrictly = deptCheckStrictly;
+    }
+
     public String getStatus()
     {
         return status;
@@ -185,6 +211,8 @@ public class SysRole extends BaseEntity
             .append("roleKey", getRoleKey())
             .append("roleSort", getRoleSort())
             .append("dataScope", getDataScope())
+            .append("menuCheckStrictly", isMenuCheckStrictly())
+            .append("deptCheckStrictly", isDeptCheckStrictly())
             .append("status", getStatus())
             .append("delFlag", getDelFlag())
             .append("createBy", getCreateBy())

ruoyi-api/ruoyi-api-system/src/main/java/com/ruoyi/system/api/domain/SysUser.java

@@ -67,12 +67,12 @@ public class SysUser extends BaseEntity
     /** 删除标志（0代表存在 2代表删除） */
     private String delFlag;
 
-    /** 最后登陆IP */
+    /** 最后登录IP */
-    @Excel(name = "最后登陆IP", type = Type.EXPORT)
+    @Excel(name = "最后登录IP", type = Type.EXPORT)
     private String loginIp;
 
-    /** 最后登陆时间 */
+    /** 最后登录时间 */
-    @Excel(name = "最后登陆时间", width = 30, dateFormat = "yyyy-MM-dd HH:mm:ss", type = Type.EXPORT)
+    @Excel(name = "最后登录时间", width = 30, dateFormat = "yyyy-MM-dd HH:mm:ss", type = Type.EXPORT)
     private Date loginDate;
 
     /** 部门对象 */

ruoyi-api/ruoyi-api-system/src/main/java/com/ruoyi/system/api/factory/RemoteUserFallbackFactory.java

@@ -5,7 +5,7 @@ import org.slf4j.LoggerFactory;
 import org.springframework.stereotype.Component;
 import com.ruoyi.common.core.domain.R;
 import com.ruoyi.system.api.RemoteUserService;
-import com.ruoyi.system.api.model.UserInfo;
+import com.ruoyi.system.api.model.LoginUser;
 import feign.hystrix.FallbackFactory;
 
 /**
@@ -25,9 +25,9 @@ public class RemoteUserFallbackFactory implements FallbackFactory<RemoteUserServ
         return new RemoteUserService()
         {
             @Override
-            public R<UserInfo> getUserInfo(String username)
+            public R<LoginUser> getUserInfo(String username)
             {
-                return null;
+                return R.fail("获取用户失败:" + throwable.getMessage());
             }
         };
     }

ruoyi-api/ruoyi-api-system/src/main/java/com/ruoyi/system/api/model/LoginUser.java

@@ -0,0 +1,150 @@
+package com.ruoyi.system.api.model;
+
+import java.io.Serializable;
+import java.util.Set;
+import com.ruoyi.system.api.domain.SysUser;
+
+/**
+ * 用户信息
+ *
+ * @author ruoyi
+ */
+public class LoginUser implements Serializable
+{
+    private static final long serialVersionUID = 1L;
+
+    /**
+     * 用户唯一标识
+     */
+    private String token;
+
+    /**
+     * 用户名id
+     */
+    private Long userid;
+
+    /**
+     * 用户名
+     */
+    private String username;
+
+    /**
+     * 登录时间
+     */
+    private Long loginTime;
+
+    /**
+     * 过期时间
+     */
+    private Long expireTime;
+
+    /**
+     * 登录IP地址
+     */
+    private String ipaddr;
+
+    /**
+     * 权限列表
+     */
+    private Set<String> permissions;
+
+    /**
+     * 角色列表
+     */
+    private Set<String> roles;
+
+    /**
+     * 用户信息
+     */
+    private SysUser sysUser;
+
+    public String getToken()
+    {
+        return token;
+    }
+
+    public void setToken(String token)
+    {
+        this.token = token;
+    }
+
+    public Long getUserid()
+    {
+        return userid;
+    }
+
+    public void setUserid(Long userid)
+    {
+        this.userid = userid;
+    }
+
+    public String getUsername()
+    {
+        return username;
+    }
+
+    public void setUsername(String username)
+    {
+        this.username = username;
+    }
+
+    public Long getLoginTime()
+    {
+        return loginTime;
+    }
+
+    public void setLoginTime(Long loginTime)
+    {
+        this.loginTime = loginTime;
+    }
+
+    public Long getExpireTime()
+    {
+        return expireTime;
+    }
+
+    public void setExpireTime(Long expireTime)
+    {
+        this.expireTime = expireTime;
+    }
+
+    public String getIpaddr()
+    {
+        return ipaddr;
+    }
+
+    public void setIpaddr(String ipaddr)
+    {
+        this.ipaddr = ipaddr;
+    }
+
+    public Set<String> getPermissions()
+    {
+        return permissions;
+    }
+
+    public void setPermissions(Set<String> permissions)
+    {
+        this.permissions = permissions;
+    }
+
+    public Set<String> getRoles()
+    {
+        return roles;
+    }
+
+    public void setRoles(Set<String> roles)
+    {
+        this.roles = roles;
+    }
+
+    public SysUser getSysUser()
+    {
+        return sysUser;
+    }
+
+    public void setSysUser(SysUser sysUser)
+    {
+        this.sysUser = sysUser;
+    }
+}

ruoyi-api/ruoyi-api-system/src/main/java/com/ruoyi/system/api/model/UserInfo.java

@@ -1,60 +0,0 @@
-package com.ruoyi.system.api.model;
-
-import java.io.Serializable;
-import java.util.Set;
-import com.ruoyi.system.api.domain.SysUser;
-
-/**
- * 用户信息
- *
- * @author ruoyi
- */
-public class UserInfo implements Serializable
-{
-    private static final long serialVersionUID = 1L;
-
-    /**
-     * 用户基本信息
-     */
-    private SysUser sysUser;
-
-    /**
-     * 权限标识集合
-     */
-    private Set<String> permissions;
-
-    /**
-     * 角色集合
-     */
-    private Set<String> roles;
-
-    public SysUser getSysUser()
-    {
-        return sysUser;
-    }
-
-    public void setSysUser(SysUser sysUser)
-    {
-        this.sysUser = sysUser;
-    }
-
-    public Set<String> getPermissions()
-    {
-        return permissions;
-    }
-
-    public void setPermissions(Set<String> permissions)
-    {
-        this.permissions = permissions;
-    }
-
-    public Set<String> getRoles()
-    {
-        return roles;
-    }
-
-    public void setRoles(Set<String> roles)
-    {
-        this.roles = roles;
-    }
-}

ruoyi-auth/pom.xml

@@ -4,7 +4,7 @@
     <parent>
         <groupId>com.ruoyi</groupId>
         <artifactId>ruoyi</artifactId>
-        <version>2.0.0</version>
+        <version>2.2.0</version>
     </parent>
     <modelVersion>4.0.0</modelVersion>
     
@@ -28,10 +28,10 @@
             <artifactId>spring-cloud-starter-alibaba-nacos-config</artifactId>
         </dependency>
         
-        <!-- SpringCloud Netflix Hystrix -->
+        <!-- SpringCloud Ailibaba Sentinel -->
         <dependency>
-            <groupId>org.springframework.cloud</groupId>
+            <groupId>com.alibaba.cloud</groupId>
-            <artifactId>spring-cloud-starter-netflix-hystrix</artifactId>
+            <artifactId>spring-cloud-starter-alibaba-sentinel</artifactId>
         </dependency>
 		
         <!-- SpringBoot Web -->
@@ -40,6 +40,12 @@
             <artifactId>spring-boot-starter-web</artifactId>
         </dependency>
         
+        <!-- SpringBoot Actuator -->
+        <dependency>
+            <groupId>org.springframework.boot</groupId>
+            <artifactId>spring-boot-starter-actuator</artifactId>
+        </dependency>
+        
         <!-- Mysql Connector -->
         <dependency>
             <groupId>mysql</groupId>
@@ -52,12 +58,6 @@
             <artifactId>ruoyi-common-security</artifactId>
         </dependency>
         
-        <!-- RuoYi Common Redis-->
-        <dependency>
-            <groupId>com.ruoyi</groupId>
-            <artifactId>ruoyi-common-redis</artifactId>
-        </dependency>
-        
     </dependencies>
 	
     <build>

ruoyi-auth/src/main/java/com/ruoyi/auth/config/AuthServerConfig.java

@@ -1,139 +0,0 @@
-package com.ruoyi.auth.config;
-
-import java.util.LinkedHashMap;
-import java.util.Map;
-import javax.sql.DataSource;
-import org.springframework.beans.factory.annotation.Autowired;
-import org.springframework.context.annotation.Bean;
-import org.springframework.context.annotation.Configuration;
-import org.springframework.data.redis.connection.RedisConnectionFactory;
-import org.springframework.http.HttpMethod;
-import org.springframework.security.authentication.AuthenticationManager;
-import org.springframework.security.core.userdetails.UserDetailsService;
-import org.springframework.security.oauth2.common.DefaultOAuth2AccessToken;
-import org.springframework.security.oauth2.common.OAuth2AccessToken;
-import org.springframework.security.oauth2.config.annotation.configurers.ClientDetailsServiceConfigurer;
-import org.springframework.security.oauth2.config.annotation.web.configuration.AuthorizationServerConfigurerAdapter;
-import org.springframework.security.oauth2.config.annotation.web.configuration.EnableAuthorizationServer;
-import org.springframework.security.oauth2.config.annotation.web.configurers.AuthorizationServerEndpointsConfigurer;
-import org.springframework.security.oauth2.config.annotation.web.configurers.AuthorizationServerSecurityConfigurer;
-import org.springframework.security.oauth2.provider.OAuth2Authentication;
-import org.springframework.security.oauth2.provider.token.TokenEnhancer;
-import org.springframework.security.oauth2.provider.token.TokenStore;
-import org.springframework.security.oauth2.provider.token.store.redis.RedisTokenStore;
-import com.ruoyi.auth.exception.CustomWebResponseExceptionTranslator;
-import com.ruoyi.common.core.constant.CacheConstants;
-import com.ruoyi.common.core.constant.SecurityConstants;
-import com.ruoyi.common.security.domain.LoginUser;
-import com.ruoyi.common.security.service.RedisClientDetailsService;
-
-/**
- * OAuth2 认证服务配置
- * 
- * @author ruoyi
- */
-@Configuration
-@EnableAuthorizationServer
-public class AuthServerConfig extends AuthorizationServerConfigurerAdapter
-{
-    @Autowired
-    private AuthenticationManager authenticationManager;
-
-    @Autowired
-    private DataSource dataSource;
-
-    @Autowired
-    private RedisConnectionFactory redisConnectionFactory;
-
-    @Autowired
-    private UserDetailsService userDetailsService;
-
-    @Autowired
-    private TokenEnhancer tokenEnhancer;
-
-    /**
-     * 定义授权和令牌端点以及令牌服务
-     */
-    @Override
-    public void configure(AuthorizationServerEndpointsConfigurer endpoints)
-    {
-        endpoints
-                // 请求方式
-                .allowedTokenEndpointRequestMethods(HttpMethod.GET, HttpMethod.POST)
-                // 指定token存储位置
-                .tokenStore(tokenStore())
-                // 自定义生成令牌
-                .tokenEnhancer(tokenEnhancer)
-                // 用户账号密码认证
-                .userDetailsService(userDetailsService)
-                // 指定认证管理器
-                .authenticationManager(authenticationManager)
-                // 是否重复使用 refresh_token
-                .reuseRefreshTokens(false)
-                // 自定义异常处理
-                .exceptionTranslator(new CustomWebResponseExceptionTranslator());
-    }
-
-    /**
-     * 配置令牌端点(Token Endpoint)的安全约束
-     */
-    @Override
-    public void configure(AuthorizationServerSecurityConfigurer oauthServer)
-    {
-        oauthServer.allowFormAuthenticationForClients().checkTokenAccess("permitAll()");
-    }
-
-    /**
-     * 声明 ClientDetails实现
-     */
-    public RedisClientDetailsService clientDetailsService()
-    {
-        RedisClientDetailsService clientDetailsService = new RedisClientDetailsService(dataSource);
-        return clientDetailsService;
-    }
-
-    /**
-     * 配置客户端详情
-     */
-    @Override
-    public void configure(ClientDetailsServiceConfigurer clients) throws Exception
-    {
-        clients.withClientDetails(clientDetailsService());
-    }
-
-    /**
-     * 基于 Redis 实现，令牌保存到缓存
-     */
-    @Bean
-    public TokenStore tokenStore()
-    {
-        RedisTokenStore tokenStore = new RedisTokenStore(redisConnectionFactory);
-        tokenStore.setPrefix(CacheConstants.OAUTH_ACCESS);
-        return tokenStore;
-    }
-
-    /**
-     * 自定义生成令牌
-     */
-    @Bean
-    public TokenEnhancer tokenEnhancer()
-    {
-        return new TokenEnhancer()
-        {
-            @Override
-            public OAuth2AccessToken enhance(OAuth2AccessToken accessToken, OAuth2Authentication authentication)
-            {
-                if (accessToken instanceof DefaultOAuth2AccessToken)
-                {
-                    DefaultOAuth2AccessToken token = (DefaultOAuth2AccessToken) accessToken;
-                    LoginUser user = (LoginUser) authentication.getUserAuthentication().getPrincipal();
-                    Map<String, Object> additionalInformation = new LinkedHashMap<String, Object>();
-                    additionalInformation.put(SecurityConstants.DETAILS_USERNAME, authentication.getName());
-                    additionalInformation.put(SecurityConstants.DETAILS_USER_ID, user.getUserId());
-                    token.setAdditionalInformation(additionalInformation);
-                }
-                return accessToken;
-            };
-        };
-    }
-}

ruoyi-auth/src/main/java/com/ruoyi/auth/config/WebSecurityConfig.java

@@ -1,59 +0,0 @@
-package com.ruoyi.auth.config;
-
-import org.springframework.beans.factory.annotation.Autowired;
-import org.springframework.context.annotation.Bean;
-import org.springframework.context.annotation.Configuration;
-import org.springframework.core.annotation.Order;
-import org.springframework.security.authentication.AuthenticationManager;
-import org.springframework.security.config.annotation.authentication.builders.AuthenticationManagerBuilder;
-import org.springframework.security.config.annotation.web.builders.HttpSecurity;
-import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter;
-import org.springframework.security.core.userdetails.UserDetailsService;
-import org.springframework.security.crypto.bcrypt.BCryptPasswordEncoder;
-import org.springframework.security.crypto.password.PasswordEncoder;
-
-/**
- * Security 安全认证相关配置
- * Oauth2依赖于Security 默认情况下WebSecurityConfig执行比ResourceServerConfig优先
- * 
- * @author ruoyi
- */
-@Order(99)
-@Configuration
-public class WebSecurityConfig extends WebSecurityConfigurerAdapter
-{
-    @Autowired
-    private UserDetailsService userDetailsService;
-
-    @Bean
-    public PasswordEncoder passwordEncoder()
-    {
-        return new BCryptPasswordEncoder();
-    }
-
-    @Bean
-    @Override
-    public AuthenticationManager authenticationManagerBean() throws Exception
-    {
-        return super.authenticationManagerBean();
-    }
-
-    @Override
-    protected void configure(AuthenticationManagerBuilder auth) throws Exception
-    {
-        auth.userDetailsService(userDetailsService).passwordEncoder(passwordEncoder());
-    }
-
-    @Override
-    protected void configure(HttpSecurity http) throws Exception
-    {
-        http
-        .authorizeRequests()
-        .antMatchers(
-            "/actuator/**",
-            "/oauth/*",
-            "/token/**").permitAll()
-        .anyRequest().authenticated()
-        .and().csrf().disable();
-    }
-}

ruoyi-auth/src/main/java/com/ruoyi/auth/controller/TokenController.java

@@ -1,20 +1,17 @@
 package com.ruoyi.auth.controller;
 
-import java.util.Map;
+import javax.servlet.http.HttpServletRequest;
 import org.springframework.beans.factory.annotation.Autowired;
-import org.springframework.http.HttpHeaders;
-import org.springframework.security.oauth2.common.OAuth2AccessToken;
-import org.springframework.security.oauth2.common.OAuth2RefreshToken;
-import org.springframework.security.oauth2.provider.token.TokenStore;
 import org.springframework.web.bind.annotation.DeleteMapping;
-import org.springframework.web.bind.annotation.RequestHeader;
+import org.springframework.web.bind.annotation.PostMapping;
-import org.springframework.web.bind.annotation.RequestMapping;
+import org.springframework.web.bind.annotation.RequestBody;
 import org.springframework.web.bind.annotation.RestController;
-import com.ruoyi.common.core.constant.Constants;
+import com.ruoyi.auth.form.LoginBody;
-import com.ruoyi.common.core.constant.SecurityConstants;
+import com.ruoyi.auth.service.SysLoginService;
 import com.ruoyi.common.core.domain.R;
 import com.ruoyi.common.core.utils.StringUtils;
-import com.ruoyi.system.api.RemoteLogService;
+import com.ruoyi.common.security.service.TokenService;
+import com.ruoyi.system.api.model.LoginUser;
 
 /**
  * token 控制
@@ -22,42 +19,47 @@ import com.ruoyi.system.api.RemoteLogService;
  * @author ruoyi
  */
 @RestController
-@RequestMapping("/token")
 public class TokenController
 {
     @Autowired
-    private TokenStore tokenStore;
+    private TokenService tokenService;
 
     @Autowired
-    private RemoteLogService remoteLogService;
+    private SysLoginService sysLoginService;
 
-    @DeleteMapping("/logout")
+    @PostMapping("login")
-    public R<?> logout(@RequestHeader(value = HttpHeaders.AUTHORIZATION, required = false) String authHeader)
+    public R<?> login(@RequestBody LoginBody form)
     {
-        if (StringUtils.isEmpty(authHeader))
+        // 用户登录
-        {
+        LoginUser userInfo = sysLoginService.login(form.getUsername(), form.getPassword());
-            return R.ok();
+        // 获取登录token
+        return R.ok(tokenService.createToken(userInfo));
     }
 
-        String tokenValue = authHeader.replace(OAuth2AccessToken.BEARER_TYPE, StringUtils.EMPTY).trim();
+    @DeleteMapping("logout")
-        OAuth2AccessToken accessToken = tokenStore.readAccessToken(tokenValue);
+    public R<?> logout(HttpServletRequest request)
-        if (accessToken == null || StringUtils.isEmpty(accessToken.getValue()))
     {
-            return R.ok();
+        LoginUser loginUser = tokenService.getLoginUser(request);
-        }
+        if (StringUtils.isNotNull(loginUser))
-
-        // 清空 access token
-        tokenStore.removeAccessToken(accessToken);
-
-        // 清空 refresh token
-        OAuth2RefreshToken refreshToken = accessToken.getRefreshToken();
-        tokenStore.removeRefreshToken(refreshToken);
-        Map<String, ?> map = accessToken.getAdditionalInformation();
-        if (map.containsKey(SecurityConstants.DETAILS_USERNAME))
         {
-            String username = (String) map.get(SecurityConstants.DETAILS_USERNAME);
+            String username = loginUser.getUsername();
+            // 删除用户缓存记录
+            tokenService.delLoginUser(loginUser.getToken());
             // 记录用户退出日志
-            remoteLogService.saveLogininfor(username, Constants.LOGOUT, "退出成功");
+            sysLoginService.logout(username);
+        }
+        return R.ok();
+    }
+
+    @PostMapping("refresh")
+    public R<?> refresh(HttpServletRequest request)
+    {
+        LoginUser loginUser = tokenService.getLoginUser(request);
+        if (StringUtils.isNotNull(loginUser))
+        {
+            // 刷新令牌有效期
+            tokenService.refreshToken(loginUser);
+            return R.ok();
         }
         return R.ok();
     }

ruoyi-auth/src/main/java/com/ruoyi/auth/controller/UserController.java

@@ -1,21 +0,0 @@
-package com.ruoyi.auth.controller;
-
-import java.security.Principal;
-import org.springframework.web.bind.annotation.RequestMapping;
-import org.springframework.web.bind.annotation.RestController;
-
-/**
- * 身份信息获取
- * 
- * @author ruoyi
- */
-@RestController
-@RequestMapping("/oauth")
-public class UserController
-{
-    @RequestMapping("/user")
-    public Principal user(Principal user)
-    {
-        return user;
-    }
-}

ruoyi-auth/src/main/java/com/ruoyi/auth/exception/CustomWebResponseExceptionTranslator.java

@@ -1,21 +0,0 @@
-package com.ruoyi.auth.exception;
-
-import javax.servlet.http.HttpServletResponse;
-import org.springframework.http.ResponseEntity;
-import org.springframework.security.oauth2.common.exceptions.OAuth2Exception;
-import org.springframework.security.oauth2.provider.error.WebResponseExceptionTranslator;
-
-/**
- * OAuth2 自定义异常处理
- * 
- * @author ruoyi
- */
-public class CustomWebResponseExceptionTranslator implements WebResponseExceptionTranslator<OAuth2Exception>
-{
-    @Override
-    public ResponseEntity<OAuth2Exception> translate(Exception e)
-    {
-        OAuth2Exception oAuth2Exception = (OAuth2Exception) e;
-        return ResponseEntity.status(HttpServletResponse.SC_UNAUTHORIZED).body(oAuth2Exception);
-    }
-}

ruoyi-auth/src/main/java/com/ruoyi/auth/form/LoginBody.java

@@ -0,0 +1,69 @@
+package com.ruoyi.auth.form;
+
+/**
+ * 用户登录对象
+ * 
+ * @author ruoyi
+ */
+public class LoginBody
+{
+    /**
+     * 用户名
+     */
+    private String username;
+
+    /**
+     * 用户密码
+     */
+    private String password;
+
+    /**
+     * 验证码
+     */
+    private String code;
+
+    /**
+     * 唯一标识
+     */
+    private String uuid = "";
+
+    public String getUsername()
+    {
+        return username;
+    }
+
+    public void setUsername(String username)
+    {
+        this.username = username;
+    }
+
+    public String getPassword()
+    {
+        return password;
+    }
+
+    public void setPassword(String password)
+    {
+        this.password = password;
+    }
+
+    public String getCode()
+    {
+        return code;
+    }
+
+    public void setCode(String code)
+    {
+        this.code = code;
+    }
+
+    public String getUuid()
+    {
+        return uuid;
+    }
+
+    public void setUuid(String uuid)
+    {
+        this.uuid = uuid;
+    }
+}

ruoyi-auth/src/main/java/com/ruoyi/auth/handler/AuthenticationSuccessEventHandler.java

@@ -1,39 +0,0 @@
-package com.ruoyi.auth.handler;
-
-import org.springframework.beans.factory.annotation.Autowired;
-import org.springframework.context.ApplicationListener;
-import org.springframework.security.authentication.event.AuthenticationSuccessEvent;
-import org.springframework.security.core.Authentication;
-import org.springframework.stereotype.Component;
-import com.ruoyi.common.core.constant.Constants;
-import com.ruoyi.common.core.utils.StringUtils;
-import com.ruoyi.common.security.domain.LoginUser;
-import com.ruoyi.system.api.RemoteLogService;
-
-/**
- * 认证成功处理
- * 
- * @author ruoyi
- */
-@Component
-public class AuthenticationSuccessEventHandler implements ApplicationListener<AuthenticationSuccessEvent>
-{
-    @Autowired
-    private RemoteLogService remoteLogService;
-
-    @Override
-    public void onApplicationEvent(AuthenticationSuccessEvent event)
-    {
-        Authentication authentication = (Authentication) event.getSource();
-        if (StringUtils.isNotEmpty(authentication.getAuthorities())
-                && authentication.getPrincipal() instanceof LoginUser)
-        {
-            LoginUser user = (LoginUser) authentication.getPrincipal();
-
-            String username = user.getUsername();
-
-            // 记录用户登录日志
-            remoteLogService.saveLogininfor(username, Constants.LOGIN_SUCCESS, "登录成功");
-        }
-    }
-}

ruoyi-auth/src/main/java/com/ruoyi/auth/service/SysLoginService.java

@@ -0,0 +1,95 @@
+package com.ruoyi.auth.service;
+
+import org.springframework.beans.factory.annotation.Autowired;
+import org.springframework.stereotype.Component;
+import com.ruoyi.common.core.constant.Constants;
+import com.ruoyi.common.core.constant.UserConstants;
+import com.ruoyi.common.core.domain.R;
+import com.ruoyi.common.core.enums.UserStatus;
+import com.ruoyi.common.core.exception.BaseException;
+import com.ruoyi.common.core.utils.StringUtils;
+import com.ruoyi.common.security.utils.SecurityUtils;
+import com.ruoyi.system.api.RemoteLogService;
+import com.ruoyi.system.api.RemoteUserService;
+import com.ruoyi.system.api.domain.SysUser;
+import com.ruoyi.system.api.model.LoginUser;
+
+/**
+ * 登录校验方法
+ * 
+ * @author ruoyi
+ */
+@Component
+public class SysLoginService
+{
+    @Autowired
+    private RemoteLogService remoteLogService;
+
+    @Autowired
+    private RemoteUserService remoteUserService;
+
+    /**
+     * 登录
+     */
+    public LoginUser login(String username, String password)
+    {
+        // 用户名或密码为空 错误
+        if (StringUtils.isAnyBlank(username, password))
+        {
+            remoteLogService.saveLogininfor(username, Constants.LOGIN_FAIL, "用户/密码必须填写");
+            throw new BaseException("用户/密码必须填写");
+        }
+        // 密码如果不在指定范围内 错误
+        if (password.length() < UserConstants.PASSWORD_MIN_LENGTH
+                || password.length() > UserConstants.PASSWORD_MAX_LENGTH)
+        {
+            remoteLogService.saveLogininfor(username, Constants.LOGIN_FAIL, "用户密码不在指定范围");
+            throw new BaseException("用户密码不在指定范围");
+        }
+        // 用户名不在指定范围内 错误
+        if (username.length() < UserConstants.USERNAME_MIN_LENGTH
+                || username.length() > UserConstants.USERNAME_MAX_LENGTH)
+        {
+            remoteLogService.saveLogininfor(username, Constants.LOGIN_FAIL, "用户名不在指定范围");
+            throw new BaseException("用户名不在指定范围");
+        }
+        // 查询用户信息
+        R<LoginUser> userResult = remoteUserService.getUserInfo(username);
+
+        if (R.FAIL == userResult.getCode())
+        {
+            throw new BaseException(userResult.getMsg());
+        }
+
+        if (StringUtils.isNull(userResult) || StringUtils.isNull(userResult.getData()))
+        {
+            remoteLogService.saveLogininfor(username, Constants.LOGIN_FAIL, "登录用户不存在");
+            throw new BaseException("登录用户：" + username + " 不存在");
+        }
+        LoginUser userInfo = userResult.getData();
+        SysUser user = userResult.getData().getSysUser();
+        if (UserStatus.DELETED.getCode().equals(user.getDelFlag()))
+        {
+            remoteLogService.saveLogininfor(username, Constants.LOGIN_FAIL, "对不起，您的账号已被删除");
+
+            throw new BaseException("对不起，您的账号：" + username + " 已被删除");
+        }
+        if (UserStatus.DISABLE.getCode().equals(user.getStatus()))
+        {
+            remoteLogService.saveLogininfor(username, Constants.LOGIN_FAIL, "用户已停用，请联系管理员");
+            throw new BaseException("对不起，您的账号：" + username + " 已停用");
+        }
+        if (!SecurityUtils.matchesPassword(password, user.getPassword()))
+        {
+            remoteLogService.saveLogininfor(username, Constants.LOGIN_FAIL, "用户密码错误");
+            throw new BaseException("用户不存在/密码错误");
+        }
+        remoteLogService.saveLogininfor(username, Constants.LOGIN_SUCCESS, "登录成功");
+        return userInfo;
+    }
+
+    public void logout(String loginName)
+    {
+        remoteLogService.saveLogininfor(loginName, Constants.LOGOUT, "退出成功");
+    }
+}

ruoyi-common/pom.xml

@@ -4,7 +4,7 @@
     <parent>
         <groupId>com.ruoyi</groupId>
         <artifactId>ruoyi</artifactId>
-        <version>2.0.0</version>
+        <version>2.2.0</version>
     </parent>
     <modelVersion>4.0.0</modelVersion>
 

ruoyi-common/ruoyi-common-core/pom.xml

@@ -5,7 +5,7 @@
     <parent>
         <groupId>com.ruoyi</groupId>
         <artifactId>ruoyi-common</artifactId>
-        <version>2.0.0</version>
+        <version>2.2.0</version>
     </parent>
     <modelVersion>4.0.0</modelVersion>
 
@@ -47,10 +47,10 @@
             <artifactId>pagehelper-spring-boot-starter</artifactId>
         </dependency>
 
-        <!-- Java Validation -->
+        <!-- Hibernate Validator -->
         <dependency>
-            <groupId>javax.validation</groupId>
+            <groupId>org.springframework.boot</groupId>
-            <artifactId>validation-api</artifactId>
+            <artifactId>spring-boot-starter-validation</artifactId>
         </dependency>
 
         <!-- Jackson -->

ruoyi-common/ruoyi-common-core/src/main/java/com/ruoyi/common/core/annotation/Excel.java

@@ -4,6 +4,7 @@ import java.lang.annotation.ElementType;
 import java.lang.annotation.Retention;
 import java.lang.annotation.RetentionPolicy;
 import java.lang.annotation.Target;
+import java.math.BigDecimal;
 
 /**
  * 自定义导出Excel数据注解
@@ -14,6 +15,11 @@ import java.lang.annotation.Target;
 @Target(ElementType.FIELD)
 public @interface Excel
 {
+    /**
+     * 导出时在excel中排序
+     */
+    public int sort() default Integer.MAX_VALUE;
+
     /**
      * 导出到Excel中的名字.
      */
@@ -29,6 +35,21 @@ public @interface Excel
      */
     public String readConverterExp() default "";
 
+    /**
+     * 分隔符，读取字符串组内容
+     */
+    public String separator() default ",";
+
+    /**
+     * BigDecimal 精度 默认:-1(默认不开启BigDecimal格式化)
+     */
+    public int scale() default -1;
+
+    /**
+     * BigDecimal 舍入规则 默认:BigDecimal.ROUND_HALF_EVEN
+     */
+    public int roundingMode() default BigDecimal.ROUND_HALF_EVEN;
+
     /**
      * 导出类型（0数字 1字符串）
      */
@@ -74,6 +95,11 @@ public @interface Excel
      */
     public String targetAttr() default "";
 
+    /**
+     * 是否自动统计数据,在最后追加一行统计数据总和
+     */
+    public boolean isStatistics() default false;
+
     /**
      * 字段类型（0：导出导入；1：仅导出；2：仅导入）
      */

ruoyi-common/ruoyi-common-core/src/main/java/com/ruoyi/common/core/constant/CacheConstants.java

@@ -8,12 +8,27 @@ package com.ruoyi.common.core.constant;
 public class CacheConstants
 {
     /**
-     * oauth 缓存前缀
+     * 令牌自定义标识
      */
-    public static final String OAUTH_ACCESS = "oauth:access:";
+    public static final String HEADER = "Authorization";
 
     /**
-     * oauth 客户端信息
+     * 令牌前缀
      */
-    public static final String CLIENT_DETAILS_KEY = "oauth:client:details";
+    public static final String TOKEN_PREFIX = "Bearer ";
+
+    /**
+     * 权限缓存前缀
+     */
+    public final static String LOGIN_TOKEN_KEY = "login_tokens:";
+
+    /**
+     * 用户ID字段
+     */
+    public static final String DETAILS_USER_ID = "user_id";
+
+    /**
+     * 用户名字段
+     */
+    public static final String DETAILS_USERNAME = "username";
 }

ruoyi-common/ruoyi-common-core/src/main/java/com/ruoyi/common/core/constant/Constants.java

@@ -31,10 +31,11 @@ public class Constants
      * 成功标记
      */
     public static final Integer SUCCESS = 200;
+
     /**
      * 失败标记
      */
-    public static final Integer FAIL = 501;
+    public static final Integer FAIL = 500;
 
     /**
      * 登录成功
@@ -84,7 +85,12 @@ public class Constants
     /**
      * 验证码有效期（分钟）
      */
-    public static final Integer CAPTCHA_EXPIRATION = 2;
+    public static final long CAPTCHA_EXPIRATION = 2;
+
+    /**
+     * 令牌有效期（分钟）
+     */
+    public final static long TOKEN_EXPIRE = 720;
 
     /**
      * 参数管理 cache key

ruoyi-common/ruoyi-common-core/src/main/java/com/ruoyi/common/core/constant/GenConstants.java

@@ -22,8 +22,14 @@ public class GenConstants
     /** 树名称字段 */
     public static final String TREE_NAME = "treeName";
 
+    /** 上级菜单ID字段 */
+    public static final String PARENT_MENU_ID = "parentMenuId";
+
+    /** 上级菜单名称字段 */
+    public static final String PARENT_MENU_NAME = "parentMenuName";
+
     /** 数据库字符串类型 */
-    public static final String[] COLUMNTYPE_STR = { "char", "varchar", "narchar", "varchar2", "tinytext", "text",
+    public static final String[] COLUMNTYPE_STR = { "char", "varchar", "nvarchar", "varchar2", "tinytext", "text",
             "mediumtext", "longtext" };
 
     /** 数据库时间类型 */
@@ -68,6 +74,9 @@ public class GenConstants
     /** 日期控件 */
     public static final String HTML_DATETIME = "datetime";
 
+    /** 富文本控件 */
+    public static final String HTML_EDITOR = "editor";
+
     /** 字符串类型 */
     public static final String TYPE_STRING = "String";
 

ruoyi-common/ruoyi-common-core/src/main/java/com/ruoyi/common/core/constant/HttpStatus.java

@@ -5,7 +5,7 @@ package com.ruoyi.common.core.constant;
  * 
  * @author ruoyi
  */
-public interface HttpStatus
+public class HttpStatus
 {
     /**
      * 操作成功

ruoyi-common/ruoyi-common-core/src/main/java/com/ruoyi/common/core/constant/ScheduleConstants.java

@@ -5,7 +5,7 @@ package com.ruoyi.common.core.constant;
  * 
  * @author ruoyi
  */
-public interface ScheduleConstants
+public class ScheduleConstants
 {
     public static final String TASK_CLASS_NAME = "TASK_CLASS_NAME";
 

ruoyi-common/ruoyi-common-core/src/main/java/com/ruoyi/common/core/constant/SecurityConstants.java

@@ -1,56 +0,0 @@
-package com.ruoyi.common.core.constant;
-
-/**
- * 权限相关通用常量
- * 
- * @author ruoyi
- */
-public class SecurityConstants
-{
-    /**
-     * 令牌类型
-     */
-    public static final String BEARER_TOKEN_TYPE = "Bearer";
-
-    /**
-     * 授权token url
-     */
-    public static final String AUTH_TOKEN = "/oauth/token";
-
-    /**
-     * 注销token url
-     */
-    public static final String TOKEN_LOGOUT = "/token/logout";
-
-    /**
-     * 用户ID字段
-     */
-    public static final String DETAILS_USER_ID = "user_id";
-
-    /**
-     * 用户名字段
-     */
-    public static final String DETAILS_USERNAME = "username";
-
-    /**
-     * sys_oauth_client_details 表的字段，不包括client_id、client_secret
-     */
-    public static final String CLIENT_FIELDS = "client_id, client_secret, resource_ids, scope, "
-            + "authorized_grant_types, web_server_redirect_uri, authorities, access_token_validity, "
-            + "refresh_token_validity, additional_information, autoapprove";
-
-    /**
-     * JdbcClientDetailsService 查询语句
-     */
-    public static final String BASE_FIND_STATEMENT = "select " + CLIENT_FIELDS + " from sys_oauth_client_details";
-
-    /**
-     * 按条件client_id 查询
-     */
-    public static final String DEFAULT_SELECT_STATEMENT = BASE_FIND_STATEMENT + " where client_id = ?";
-
-    /**
-     * 默认的查询语句
-     */
-    public static final String DEFAULT_FIND_STATEMENT = BASE_FIND_STATEMENT + " order by client_id";
-}

ruoyi-common/ruoyi-common-core/src/main/java/com/ruoyi/common/core/constant/ServiceNameConstants.java

@@ -5,7 +5,7 @@ package com.ruoyi.common.core.constant;
  * 
  * @author ruoyi
  */
-public interface ServiceNameConstants
+public class ServiceNameConstants
 {
     /**
      * 认证服务的serviceid

ruoyi-common/ruoyi-common-core/src/main/java/com/ruoyi/common/core/constant/UserConstants.java

@@ -56,5 +56,20 @@ public class UserConstants
 
     /** 校验返回结果码 */
     public final static String UNIQUE = "0";
+
     public final static String NOT_UNIQUE = "1";
+
+    /**
+     * 用户名长度限制
+     */
+    public static final int USERNAME_MIN_LENGTH = 2;
+
+    public static final int USERNAME_MAX_LENGTH = 20;
+
+    /**
+     * 密码长度限制
+     */
+    public static final int PASSWORD_MIN_LENGTH = 5;
+
+    public static final int PASSWORD_MAX_LENGTH = 20;
 }

ruoyi-common/ruoyi-common-core/src/main/java/com/ruoyi/common/core/domain/R.java

@@ -12,6 +12,12 @@ public class R<T> implements Serializable
 {
     private static final long serialVersionUID = 1L;
 
+    /** 成功 */
+    public static final int SUCCESS = Constants.SUCCESS;
+
+    /** 失败 */
+    public static final int FAIL = Constants.FAIL;
+
     private int code;
 
     private String msg;
@@ -20,40 +26,40 @@ public class R<T> implements Serializable
 
     public static <T> R<T> ok()
     {
-        return restResult(null, Constants.SUCCESS, null);
+        return restResult(null, SUCCESS, null);
     }
 
     public static <T> R<T> ok(T data)
     {
-        return restResult(data, Constants.SUCCESS, null);
+        return restResult(data, SUCCESS, null);
     }
 
     public static <T> R<T> ok(T data, String msg)
     {
-        return restResult(data, Constants.SUCCESS, msg);
+        return restResult(data, SUCCESS, msg);
     }
 
-    public static <T> R<T> failed()
+    public static <T> R<T> fail()
     {
-        return restResult(null, Constants.FAIL, null);
+        return restResult(null, FAIL, null);
     }
 
-    public static <T> R<T> failed(String msg)
+    public static <T> R<T> fail(String msg)
     {
-        return restResult(null, Constants.FAIL, msg);
+        return restResult(null, FAIL, msg);
     }
 
-    public static <T> R<T> failed(T data)
+    public static <T> R<T> fail(T data)
     {
-        return restResult(data, Constants.FAIL, null);
+        return restResult(data, FAIL, null);
     }
 
-    public static <T> R<T> failed(T data, String msg)
+    public static <T> R<T> fail(T data, String msg)
     {
-        return restResult(data, Constants.FAIL, msg);
+        return restResult(data, FAIL, msg);
     }
 
-    public static <T> R<T> failed(int code, String msg)
+    public static <T> R<T> fail(int code, String msg)
     {
         return restResult(null, code, msg);
     }

ruoyi-common/ruoyi-common-core/src/main/java/com/ruoyi/common/core/exception/PreAuthorizeException.java

@@ -0,0 +1,15 @@
+package com.ruoyi.common.core.exception;
+
+/**
+ * 权限异常
+ * 
+ * @author ruoyi
+ */
+public class PreAuthorizeException extends RuntimeException
+{
+    private static final long serialVersionUID = 1L;
+
+    public PreAuthorizeException()
+    {
+    }
+}

ruoyi-common/ruoyi-common-core/src/main/java/com/ruoyi/common/core/text/UUID.java

@@ -376,6 +376,7 @@ public final class UUID implements java.io.Serializable, Comparable<UUID>
      *
      * @return UUID 的哈希码值。
      */
+    @Override
     public int hashCode()
     {
         long hilo = mostSigBits ^ leastSigBits;
@@ -391,6 +392,7 @@ public final class UUID implements java.io.Serializable, Comparable<UUID>
      *
      * @return 如果对象相同，则返回 {@code true}；否则返回 {@code false}
      */
+    @Override
     public boolean equals(Object obj)
     {
         if ((null == obj) || (obj.getClass() != UUID.class))
@@ -414,6 +416,7 @@ public final class UUID implements java.io.Serializable, Comparable<UUID>
      * @return 在此 UUID 小于、等于或大于 val 时，分别返回 -1、0 或 1。
      *
      */
+    @Override
     public int compareTo(UUID val)
     {
         // The ordering is intentionally set up so that the UUIDs

ruoyi-common/ruoyi-common-core/src/main/java/com/ruoyi/common/core/utils/StringUtils.java

@@ -1,6 +1,7 @@
 package com.ruoyi.common.core.utils;
 
 import java.util.Collection;
+import java.util.List;
 import java.util.Map;
 import com.ruoyi.common.core.text.StrFormatter;
 
@@ -17,6 +18,9 @@ public class StringUtils extends org.apache.commons.lang3.StringUtils
     /** 下划线 */
     private static final char SEPARATOR = '_';
 
+    /** 星号 */
+    private static final String START = "*";
+
     /**
      * 获取参数不为空值
      * 
@@ -396,6 +400,121 @@ public class StringUtils extends org.apache.commons.lang3.StringUtils
         return sb.toString();
     }
 
+    /**
+     * 查找指定字符串是否匹配指定字符串列表中的任意一个字符串
+     * 
+     * @param str 指定字符串
+     * @param strs 需要检查的字符串数组
+     * @return 是否匹配
+     */
+    public static boolean matches(String str, List<String> strs)
+    {
+        if (isEmpty(str) || isEmpty(strs))
+        {
+            return false;
+        }
+        for (String testStr : strs)
+        {
+            if (matches(str, testStr))
+            {
+                return true;
+            }
+        }
+        return false;
+    }
+
+    /**
+     * 查找指定字符串是否匹配指定字符串数组中的任意一个字符串
+     * 
+     * @param str 指定字符串
+     * @param strs 需要检查的字符串数组
+     * @return 是否匹配
+     */
+    public static boolean matches(String str, String... strs)
+    {
+        if (isEmpty(str) || isEmpty(strs))
+        {
+            return false;
+        }
+        for (String testStr : strs)
+        {
+            if (matches(str, testStr))
+            {
+                return true;
+            }
+        }
+        return false;
+    }
+
+    /**
+     * 查找指定字符串是否匹配
+     * 
+     * @param str 指定字符串
+     * @param pattern 需要检查的字符串
+     * @return 是否匹配
+     */
+    public static boolean matches(String str, String pattern)
+    {
+        if (isEmpty(pattern) || isEmpty(str))
+        {
+            return false;
+        }
+
+        pattern = pattern.replaceAll("\\s*", ""); // 替换空格
+        int beginOffset = 0; // pattern截取开始位置
+        int formerStarOffset = -1; // 前星号的偏移位置
+        int latterStarOffset = -1; // 后星号的偏移位置
+
+        String remainingURI = str;
+        String prefixPattern = "";
+        String suffixPattern = "";
+
+        boolean result = false;
+        do
+        {
+            formerStarOffset = indexOf(pattern, START, beginOffset);
+            prefixPattern = substring(pattern, beginOffset, formerStarOffset > -1 ? formerStarOffset : pattern.length());
+
+            // 匹配前缀Pattern
+            result = remainingURI.contains(prefixPattern);
+            // 已经没有星号，直接返回
+            if (formerStarOffset == -1)
+            {
+                return result;
+            }
+
+            // 匹配失败，直接返回
+            if (!result)
+                return false;
+
+            if (!isEmpty(prefixPattern))
+            {
+                remainingURI = substringAfter(str, prefixPattern);
+            }
+
+            // 匹配后缀Pattern
+            latterStarOffset = indexOf(pattern, START, formerStarOffset + 1);
+            suffixPattern = substring(pattern, formerStarOffset + 1, latterStarOffset > -1 ? latterStarOffset : pattern.length());
+
+            result = remainingURI.contains(suffixPattern);
+            // 匹配失败，直接返回
+            if (!result)
+                return false;
+
+            if (!isEmpty(suffixPattern))
+            {
+                remainingURI = substringAfter(str, suffixPattern);
+            }
+
+            // 移动指针
+            beginOffset = latterStarOffset + 1;
+
+        }
+        while (!isEmpty(suffixPattern) && !isEmpty(remainingURI));
+
+        return true;
+    }
+
     @SuppressWarnings("unchecked")
     public static <T> T cast(Object obj)
     {

ruoyi-common/ruoyi-common-core/src/main/java/com/ruoyi/common/core/utils/file/FileUtils.java

@@ -0,0 +1,142 @@
+package com.ruoyi.common.core.utils.file;
+
+import java.io.File;
+import java.io.FileInputStream;
+import java.io.FileNotFoundException;
+import java.io.IOException;
+import java.io.OutputStream;
+import java.io.UnsupportedEncodingException;
+import java.net.URLEncoder;
+import javax.servlet.http.HttpServletRequest;
+
+/**
+ * 文件处理工具类
+ * 
+ * @author ruoyi
+ */
+public class FileUtils extends org.apache.commons.io.FileUtils
+{
+    public static String FILENAME_PATTERN = "[a-zA-Z0-9_\\-\\|\\.\\u4e00-\\u9fa5]+";
+
+    /**
+     * 输出指定文件的byte数组
+     * 
+     * @param filePath 文件路径
+     * @param os 输出流
+     * @return
+     */
+    public static void writeBytes(String filePath, OutputStream os) throws IOException
+    {
+        FileInputStream fis = null;
+        try
+        {
+            File file = new File(filePath);
+            if (!file.exists())
+            {
+                throw new FileNotFoundException(filePath);
+            }
+            fis = new FileInputStream(file);
+            byte[] b = new byte[1024];
+            int length;
+            while ((length = fis.read(b)) > 0)
+            {
+                os.write(b, 0, length);
+            }
+        }
+        catch (IOException e)
+        {
+            throw e;
+        }
+        finally
+        {
+            if (os != null)
+            {
+                try
+                {
+                    os.close();
+                }
+                catch (IOException e1)
+                {
+                    e1.printStackTrace();
+                }
+            }
+            if (fis != null)
+            {
+                try
+                {
+                    fis.close();
+                }
+                catch (IOException e1)
+                {
+                    e1.printStackTrace();
+                }
+            }
+        }
+    }
+
+    /**
+     * 删除文件
+     * 
+     * @param filePath 文件
+     * @return
+     */
+    public static boolean deleteFile(String filePath)
+    {
+        boolean flag = false;
+        File file = new File(filePath);
+        // 路径为文件且不为空则进行删除
+        if (file.isFile() && file.exists())
+        {
+            file.delete();
+            flag = true;
+        }
+        return flag;
+    }
+
+    /**
+     * 文件名称验证
+     * 
+     * @param filename 文件名称
+     * @return true 正常 false 非法
+     */
+    public static boolean isValidFilename(String filename)
+    {
+        return filename.matches(FILENAME_PATTERN);
+    }
+
+    /**
+     * 下载文件名重新编码
+     * 
+     * @param request 请求对象
+     * @param fileName 文件名
+     * @return 编码后的文件名
+     */
+    public static String setFileDownloadHeader(HttpServletRequest request, String fileName)
+            throws UnsupportedEncodingException
+    {
+        final String agent = request.getHeader("USER-AGENT");
+        String filename = fileName;
+        if (agent.contains("MSIE"))
+        {
+            // IE浏览器
+            filename = URLEncoder.encode(filename, "utf-8");
+            filename = filename.replace("+", " ");
+        }
+        else if (agent.contains("Firefox"))
+        {
+            // 火狐浏览器
+            filename = new String(fileName.getBytes(), "ISO8859-1");
+        }
+        else if (agent.contains("Chrome"))
+        {
+            // google浏览器
+            filename = URLEncoder.encode(filename, "utf-8");
+        }
+        else
+        {
+            // 其它浏览器
+            filename = URLEncoder.encode(filename, "utf-8");
+        }
+        return filename;
+    }
+}

ruoyi-common/ruoyi-common-core/src/main/java/com/ruoyi/common/core/utils/ip/IpUtils.java

@@ -14,34 +14,43 @@ public class IpUtils
 {
     public static String getIpAddr(HttpServletRequest request)
     {
-        if (request == null)
+        String ip = null;
+
+        // X-Forwarded-For：Squid 服务代理
+        String ipAddresses = request.getHeader("X-Forwarded-For");
+        if (ipAddresses == null || ipAddresses.length() == 0 || "unknown".equalsIgnoreCase(ipAddresses))
         {
-            return "unknown";
+            // Proxy-Client-IP：apache 服务代理
+            ipAddresses = request.getHeader("Proxy-Client-IP");
         }
-        String ip = request.getHeader("x-forwarded-for");
+        if (ipAddresses == null || ipAddresses.length() == 0 || "unknown".equalsIgnoreCase(ipAddresses))
-        if (ip == null || ip.length() == 0 || "unknown".equalsIgnoreCase(ip))
         {
-            ip = request.getHeader("Proxy-Client-IP");
+            // WL-Proxy-Client-IP：weblogic 服务代理
+            ipAddresses = request.getHeader("WL-Proxy-Client-IP");
         }
-        if (ip == null || ip.length() == 0 || "unknown".equalsIgnoreCase(ip))
+        if (ipAddresses == null || ipAddresses.length() == 0 || "unknown".equalsIgnoreCase(ipAddresses))
         {
-            ip = request.getHeader("X-Forwarded-For");
+            // HTTP_CLIENT_IP：有些代理服务器
+            ipAddresses = request.getHeader("HTTP_CLIENT_IP");
         }
-        if (ip == null || ip.length() == 0 || "unknown".equalsIgnoreCase(ip))
+        if (ipAddresses == null || ipAddresses.length() == 0 || "unknown".equalsIgnoreCase(ipAddresses))
         {
-            ip = request.getHeader("WL-Proxy-Client-IP");
+            // X-Real-IP：nginx服务代理
-        }
+            ipAddresses = request.getHeader("X-Real-IP");
-        if (ip == null || ip.length() == 0 || "unknown".equalsIgnoreCase(ip))
-        {
-            ip = request.getHeader("X-Real-IP");
         }
 
-        if (ip == null || ip.length() == 0 || "unknown".equalsIgnoreCase(ip))
+        // 有些网络通过多层代理，那么获取到的ip就会有多个，一般都是通过逗号（,）分割开来，并且第一个ip为客户端的真实IP
+        if (ipAddresses != null && ipAddresses.length() != 0)
+        {
+            ip = ipAddresses.split(",")[0];
+        }
+
+        // 还是不能获取到，最后再通过request.getRemoteAddr();获取
+        if (ip == null || ip.length() == 0 || "unknown".equalsIgnoreCase(ipAddresses))
         {
             ip = request.getRemoteAddr();
         }
-
+        return ip.equals("0:0:0:0:0:0:0:1") ? "127.0.0.1" : ip;
-        return "0:0:0:0:0:0:0:1".equals(ip) ? "127.0.0.1" : ip;
     }
 
     public static boolean internalIp(String ip)
@@ -110,8 +119,9 @@ public class IpUtils
             {
                 case 1:
                     l = Long.parseLong(elements[0]);
-                    if ((l < 0L) || (l > 4294967295L))
+                    if ((l < 0L) || (l > 4294967295L)){
                         return null;
+                    }
                     bytes[0] = (byte) (int) (l >> 24 & 0xFF);
                     bytes[1] = (byte) (int) ((l & 0xFFFFFF) >> 16 & 0xFF);
                     bytes[2] = (byte) (int) ((l & 0xFFFF) >> 8 & 0xFF);
@@ -119,12 +129,14 @@ public class IpUtils
                     break;
                 case 2:
                     l = Integer.parseInt(elements[0]);
-                    if ((l < 0L) || (l > 255L))
+                    if ((l < 0L) || (l > 255L)) {
                         return null;
+                    }
                     bytes[0] = (byte) (int) (l & 0xFF);
                     l = Integer.parseInt(elements[1]);
-                    if ((l < 0L) || (l > 16777215L))
+                    if ((l < 0L) || (l > 16777215L)) {
                         return null;
+                    }
                     bytes[1] = (byte) (int) (l >> 16 & 0xFF);
                     bytes[2] = (byte) (int) ((l & 0xFFFF) >> 8 & 0xFF);
                     bytes[3] = (byte) (int) (l & 0xFF);
@@ -133,13 +145,15 @@ public class IpUtils
                     for (i = 0; i < 2; ++i)
                     {
                         l = Integer.parseInt(elements[i]);
-                        if ((l < 0L) || (l > 255L))
+                        if ((l < 0L) || (l > 255L)) {
                             return null;
+                        }
                         bytes[i] = (byte) (int) (l & 0xFF);
                     }
                     l = Integer.parseInt(elements[2]);
-                    if ((l < 0L) || (l > 65535L))
+                    if ((l < 0L) || (l > 65535L)) {
                         return null;
+                    }
                     bytes[2] = (byte) (int) (l >> 8 & 0xFF);
                     bytes[3] = (byte) (int) (l & 0xFF);
                     break;
@@ -147,8 +161,9 @@ public class IpUtils
                     for (i = 0; i < 4; ++i)
                     {
                         l = Integer.parseInt(elements[i]);
-                        if ((l < 0L) || (l > 255L))
+                        if ((l < 0L) || (l > 255L)) {
                             return null;
+                        }
                         bytes[i] = (byte) (int) (l & 0xFF);
                     }
                     break;

ruoyi-common/ruoyi-common-core/src/main/java/com/ruoyi/common/core/utils/poi/ExcelUtil.java

@@ -4,15 +4,17 @@ import java.io.IOException;
 import java.io.InputStream;
 import java.io.OutputStream;
 import java.lang.reflect.Field;
-import java.lang.reflect.Method;
 import java.math.BigDecimal;
 import java.text.DecimalFormat;
 import java.util.ArrayList;
 import java.util.Arrays;
+import java.util.Comparator;
 import java.util.Date;
 import java.util.HashMap;
 import java.util.List;
 import java.util.Map;
+import java.util.Set;
+import java.util.stream.Collectors;
 import javax.servlet.http.HttpServletResponse;
 import org.apache.poi.hssf.usermodel.HSSFDateUtil;
 import org.apache.poi.ss.usermodel.BorderStyle;
@@ -95,6 +97,16 @@ public class ExcelUtil<T>
      */
     private List<Object[]> fields;
 
+    /**
+     * 统计列表
+     */
+    private Map<Integer, Double> statistics = new HashMap<Integer, Double>();
+
+    /**
+     * 数字格式
+     */
+    private static final DecimalFormat DOUBLE_FORMAT = new DecimalFormat("######0.00");
+
     /**
      * 实体对象
      */
@@ -192,9 +204,12 @@ public class ExcelUtil<T>
                     // 设置类的私有字段属性可访问.
                     field.setAccessible(true);
                     Integer column = cellMap.get(attr.name());
+                    if (column != null)
+                    {
                         fieldsMap.put(column, field);
                     }
                 }
+            }
             for (int i = 1; i < rows; i++)
             {
                 // 从第2行开始取数据,默认第一行是表头.
@@ -222,19 +237,19 @@ public class ExcelUtil<T>
                             val = Convert.toStr(val);
                         }
                     }
-                    else if ((Integer.TYPE == fieldType) || (Integer.class == fieldType))
+                    else if ((Integer.TYPE == fieldType || Integer.class == fieldType) && StringUtils.isNumeric(Convert.toStr(val)))
                     {
                         val = Convert.toInt(val);
                     }
-                    else if ((Long.TYPE == fieldType) || (Long.class == fieldType))
+                    else if (Long.TYPE == fieldType || Long.class == fieldType)
                     {
                         val = Convert.toLong(val);
                     }
-                    else if ((Double.TYPE == fieldType) || (Double.class == fieldType))
+                    else if (Double.TYPE == fieldType || Double.class == fieldType)
                     {
                         val = Convert.toDouble(val);
                     }
-                    else if ((Float.TYPE == fieldType) || (Float.class == fieldType))
+                    else if (Float.TYPE == fieldType || Float.class == fieldType)
                     {
                         val = Convert.toFloat(val);
                     }
@@ -263,7 +278,7 @@ public class ExcelUtil<T>
                         }
                         else if (StringUtils.isNotEmpty(attr.readConverterExp()))
                         {
-                            val = reverseByExp(String.valueOf(val), attr.readConverterExp());
+                            val = reverseByExp(Convert.toStr(val), attr.readConverterExp(), attr.separator());
                         }
                         ReflectUtils.invokeSetter(entity, propertyName, val);
                     }
@@ -332,6 +347,7 @@ public class ExcelUtil<T>
                 if (Type.EXPORT.equals(type))
                 {
                     fillExcelData(index, row);
+                    addStatisticsRow();
                 }
             }
             wb.write(outputStream);
@@ -435,6 +451,15 @@ public class ExcelUtil<T>
         style.setFont(headerFont);
         styles.put("header", style);
         
+        style = wb.createCellStyle();
+        style.setAlignment(HorizontalAlignment.CENTER);
+        style.setVerticalAlignment(VerticalAlignment.CENTER);
+        Font totalFont = wb.createFont();
+        totalFont.setFontName("Arial");
+        totalFont.setFontHeightInPoints((short) 10);
+        style.setFont(totalFont);
+        styles.put("total", style);
+
         return styles;
     }
 
@@ -463,13 +488,13 @@ public class ExcelUtil<T>
     {
         if (ColumnType.STRING == attr.cellType())
         {
-            cell.setCellType(CellType.NUMERIC);
+            cell.setCellType(CellType.STRING);
             cell.setCellValue(StringUtils.isNull(value) ? attr.defaultValue() : value + attr.suffix());
         }
         else if (ColumnType.NUMERIC == attr.cellType())
         {
             cell.setCellType(CellType.NUMERIC);
-            cell.setCellValue(Integer.parseInt(value + ""));
+            cell.setCellValue(StringUtils.contains(Convert.toStr(value), ".") ? Convert.toDouble(value) : Convert.toInt(value));
         }
     }
 
@@ -523,19 +548,25 @@ public class ExcelUtil<T>
                 Object value = getTargetValue(vo, field, attr);
                 String dateFormat = attr.dateFormat();
                 String readConverterExp = attr.readConverterExp();
+                String separator = attr.separator();
                 if (StringUtils.isNotEmpty(dateFormat) && StringUtils.isNotNull(value))
                 {
                     cell.setCellValue(DateUtils.parseDateToStr(dateFormat, (Date) value));
                 }
                 else if (StringUtils.isNotEmpty(readConverterExp) && StringUtils.isNotNull(value))
                 {
-                    cell.setCellValue(convertByExp(String.valueOf(value), readConverterExp));
+                    cell.setCellValue(convertByExp(Convert.toStr(value), readConverterExp, separator));
+                }
+                else if (value instanceof BigDecimal && -1 != attr.scale())
+                {
+                    cell.setCellValue((((BigDecimal) value).setScale(attr.scale(), attr.roundingMode())).toString());
                 }
                 else
                 {
                     // 设置列类型
                     setCellVo(value, attr, cell);
                 }
+                addStatisticsData(column, Convert.toStr(value), attr);
             }
         }
         catch (Exception e)
@@ -607,28 +638,36 @@ public class ExcelUtil<T>
      * 
      * @param propertyValue 参数值
      * @param converterExp 翻译注解
+     * @param separator 分隔符
      * @return 解析后值
-     * @throws Exception
      */
-    public static String convertByExp(String propertyValue, String converterExp) throws Exception
+    public static String convertByExp(String propertyValue, String converterExp, String separator)
-    {
-        try
     {
+        StringBuilder propertyString = new StringBuilder();
         String[] convertSource = converterExp.split(",");
         for (String item : convertSource)
         {
             String[] itemArray = item.split("=");
+            if (StringUtils.containsAny(separator, propertyValue))
+            {
+                for (String value : propertyValue.split(separator))
+                {
+                    if (itemArray[0].equals(value))
+                    {
+                        propertyString.append(itemArray[1] + separator);
+                        break;
+                    }
+                }
+            }
+            else
+            {
                 if (itemArray[0].equals(propertyValue))
                 {
                     return itemArray[1];
                 }
             }
         }
-        catch (Exception e)
+        return StringUtils.stripEnd(propertyString.toString(), separator);
-        {
-            throw e;
-        }
-        return propertyValue;
     }
 
     /**
@@ -636,28 +675,83 @@ public class ExcelUtil<T>
      * 
      * @param propertyValue 参数值
      * @param converterExp 翻译注解
+     * @param separator 分隔符
      * @return 解析后值
-     * @throws Exception
      */
-    public static String reverseByExp(String propertyValue, String converterExp) throws Exception
+    public static String reverseByExp(String propertyValue, String converterExp, String separator)
-    {
-        try
     {
+        StringBuilder propertyString = new StringBuilder();
         String[] convertSource = converterExp.split(",");
         for (String item : convertSource)
         {
             String[] itemArray = item.split("=");
+            if (StringUtils.containsAny(separator, propertyValue))
+            {
+                for (String value : propertyValue.split(separator))
+                {
+                    if (itemArray[1].equals(value))
+                    {
+                        propertyString.append(itemArray[0] + separator);
+                        break;
+                    }
+                }
+            }
+            else
+            {
                 if (itemArray[1].equals(propertyValue))
                 {
                     return itemArray[0];
                 }
             }
         }
-        catch (Exception e)
+        return StringUtils.stripEnd(propertyString.toString(), separator);
-        {
+    }
-            throw e;
+
+    /**
+     * 合计统计信息
+     */
+    private void addStatisticsData(Integer index, String text, Excel entity)
+    {
+        if (entity != null && entity.isStatistics())
+        {
+            Double temp = 0D;
+            if (!statistics.containsKey(index))
+            {
+                statistics.put(index, temp);
+            }
+            try
+            {
+                temp = Double.valueOf(text);
+            }
+            catch (NumberFormatException e)
+            {
+            }
+            statistics.put(index, statistics.get(index) + temp);
+        }
+    }
+
+    /**
+     * 创建统计行
+     */
+    public void addStatisticsRow()
+    {
+        if (statistics.size() > 0)
+        {
+            Cell cell = null;
+            Row row = sheet.createRow(sheet.getLastRowNum() + 1);
+            Set<Integer> keys = statistics.keySet();
+            cell = row.createCell(0);
+            cell.setCellStyle(styles.get("total"));
+            cell.setCellValue("合计");
+
+            for (Integer key : keys)
+            {
+                cell = row.createCell(key);
+                cell.setCellStyle(styles.get("total"));
+                cell.setCellValue(DOUBLE_FORMAT.format(statistics.get(key)));
+            }
+            statistics.clear();
         }
-        return propertyValue;
     }
 
     /**
@@ -704,9 +798,9 @@ public class ExcelUtil<T>
         if (StringUtils.isNotEmpty(name))
         {
             Class<?> clazz = o.getClass();
-            String methodName = "get" + name.substring(0, 1).toUpperCase() + name.substring(1);
+            Field field = clazz.getDeclaredField(name);
-            Method method = clazz.getMethod(methodName);
+            field.setAccessible(true);
-            o = method.invoke(o);
+            o = field.get(o);
         }
         return o;
     }
@@ -739,6 +833,7 @@ public class ExcelUtil<T>
                 }
             }
         }
+        this.fields = this.fields.stream().sorted(Comparator.comparing(objects -> ((Excel) objects[1]).sort())).collect(Collectors.toList());
     }
 
     /**
@@ -811,7 +906,7 @@ public class ExcelUtil<T>
                     {
                         if ((Double) val % 1 > 0)
                         {
-                            val = new DecimalFormat("0.00").format(val);
+                            val = new BigDecimal(val.toString());
                         }
                         else
                         {

ruoyi-common/ruoyi-common-core/src/main/java/com/ruoyi/common/core/utils/sql/SqlUtil.java

@@ -1,5 +1,6 @@
 package com.ruoyi.common.core.utils.sql;
 
+import com.ruoyi.common.core.exception.BaseException;
 import com.ruoyi.common.core.utils.StringUtils;
 
 /**
@@ -10,9 +11,9 @@ import com.ruoyi.common.core.utils.StringUtils;
 public class SqlUtil
 {
     /**
-     * 仅支持字母、数字、下划线、空格、逗号（支持多个字段排序）
+     * 仅支持字母、数字、下划线、空格、逗号、小数点（支持多个字段排序）
      */
-    public static String SQL_PATTERN = "[a-zA-Z0-9_\\ \\,]+";
+    public static String SQL_PATTERN = "[a-zA-Z0-9_\\ \\,\\.]+";
 
     /**
      * 检查字符，防止注入绕过
@@ -21,7 +22,7 @@ public class SqlUtil
     {
         if (StringUtils.isNotEmpty(value) && !isValidOrderBySql(value))
         {
-            return StringUtils.EMPTY;
+            throw new BaseException("参数不符合规范，不能进行查询");
         }
         return value;
     }

ruoyi-common/ruoyi-common-core/src/main/java/com/ruoyi/common/core/web/domain/TreeEntity.java

@@ -0,0 +1,79 @@
+package com.ruoyi.common.core.web.domain;
+
+import java.util.ArrayList;
+import java.util.List;
+
+/**
+ * Tree基类
+ * 
+ * @author ruoyi
+ */
+public class TreeEntity extends BaseEntity
+{
+    private static final long serialVersionUID = 1L;
+
+    /** 父菜单名称 */
+    private String parentName;
+
+    /** 父菜单ID */
+    private Long parentId;
+
+    /** 显示顺序 */
+    private Integer orderNum;
+
+    /** 祖级列表 */
+    private String ancestors;
+
+    /** 子部门 */
+    private List<?> children = new ArrayList<>();
+
+    public String getParentName()
+    {
+        return parentName;
+    }
+
+    public void setParentName(String parentName)
+    {
+        this.parentName = parentName;
+    }
+
+    public Long getParentId()
+    {
+        return parentId;
+    }
+
+    public void setParentId(Long parentId)
+    {
+        this.parentId = parentId;
+    }
+
+    public Integer getOrderNum()
+    {
+        return orderNum;
+    }
+
+    public void setOrderNum(Integer orderNum)
+    {
+        this.orderNum = orderNum;
+    }
+
+    public String getAncestors()
+    {
+        return ancestors;
+    }
+
+    public void setAncestors(String ancestors)
+    {
+        this.ancestors = ancestors;
+    }
+
+    public List<?> getChildren()
+    {
+        return children;
+    }
+
+    public void setChildren(List<?> children)
+    {
+        this.children = children;
+    }
+}

ruoyi-common/ruoyi-common-core/src/main/java/com/ruoyi/common/core/web/page/PageDomain.java

@@ -17,9 +17,9 @@ public class PageDomain
 
     /** 排序列 */
     private String orderByColumn;
-    /** 排序的方向 "desc" 或者 "asc". */
 
-    private String isAsc;
+    /** 排序的方向desc或者asc */
+    private String isAsc = "asc";
 
     public String getOrderBy()
     {

ruoyi-common/ruoyi-common-datascope/pom.xml

@@ -5,7 +5,7 @@
     <parent>
         <groupId>com.ruoyi</groupId>
         <artifactId>ruoyi-common</artifactId>
-        <version>2.0.0</version>
+        <version>2.2.0</version>
     </parent>
     <modelVersion>4.0.0</modelVersion>
     

ruoyi-common/ruoyi-common-datascope/src/main/java/com/ruoyi/common/datascope/aspect/DataScopeAspect.java

@@ -12,10 +12,10 @@ import org.springframework.stereotype.Component;
 import com.ruoyi.common.core.utils.StringUtils;
 import com.ruoyi.common.core.web.domain.BaseEntity;
 import com.ruoyi.common.datascope.annotation.DataScope;
-import com.ruoyi.common.datascope.service.AwaitUserService;
+import com.ruoyi.common.security.service.TokenService;
 import com.ruoyi.system.api.domain.SysRole;
 import com.ruoyi.system.api.domain.SysUser;
-import com.ruoyi.system.api.model.UserInfo;
+import com.ruoyi.system.api.model.LoginUser;
 
 /**
  * 数据过滤处理
@@ -57,7 +57,7 @@ public class DataScopeAspect
     public static final String DATA_SCOPE = "dataScope";
 
     @Autowired
-    private AwaitUserService awaitUserService;
+    private TokenService tokenService;
 
     // 配置织入点
     @Pointcut("@annotation(com.ruoyi.common.datascope.annotation.DataScope)")
@@ -80,12 +80,12 @@ public class DataScopeAspect
             return;
         }
         // 获取当前的用户
-        UserInfo loginUser = awaitUserService.info();
+        LoginUser loginUser = tokenService.getLoginUser();
-        SysUser currentUser = loginUser.getSysUser();
+        if (StringUtils.isNotNull(loginUser))
-        if (currentUser != null)
         {
+            SysUser currentUser = loginUser.getSysUser();
             // 如果是超级管理员，则不过滤数据
-            if (!currentUser.isAdmin())
+            if (StringUtils.isNotNull(currentUser) && !currentUser.isAdmin())
             {
                 dataScopeFilter(joinPoint, currentUser, controllerDataScope.deptAlias(),
                         controllerDataScope.userAlias());
@@ -98,7 +98,8 @@ public class DataScopeAspect
      * 
      * @param joinPoint 切点
      * @param user 用户
-     * @param alias 别名
+     * @param deptAlias 部门别名
+     * @param userAlias 用户别名
      */
     public static void dataScopeFilter(JoinPoint joinPoint, SysUser user, String deptAlias, String userAlias)
     {
@@ -144,10 +145,14 @@ public class DataScopeAspect
 
         if (StringUtils.isNotBlank(sqlString.toString()))
         {
-            BaseEntity baseEntity = (BaseEntity) joinPoint.getArgs()[0];
+            Object params = joinPoint.getArgs()[0];
+            if (StringUtils.isNotNull(params) && params instanceof BaseEntity)
+            {
+                BaseEntity baseEntity = (BaseEntity) params;
                 baseEntity.getParams().put(DATA_SCOPE, " AND (" + sqlString.substring(4) + ")");
             }
         }
+    }
 
     /**
      * 是否存在注解，如果存在就获取

ruoyi-common/ruoyi-common-datascope/src/main/java/com/ruoyi/common/datascope/service/AwaitUserService.java

@@ -1,42 +0,0 @@
-package com.ruoyi.common.datascope.service;
-
-import org.slf4j.Logger;
-import org.slf4j.LoggerFactory;
-import org.springframework.beans.factory.annotation.Autowired;
-import org.springframework.stereotype.Service;
-import com.ruoyi.common.core.domain.R;
-import com.ruoyi.common.core.utils.StringUtils;
-import com.ruoyi.common.security.utils.SecurityUtils;
-import com.ruoyi.system.api.RemoteUserService;
-import com.ruoyi.system.api.model.UserInfo;
-
-/**
- * 同步调用用户服务
- * 
- * @author ruoyi
- */
-@Service
-public class AwaitUserService
-{
-    private static final Logger log = LoggerFactory.getLogger(AwaitUserService.class);
-
-    @Autowired
-    private RemoteUserService remoteUserService;
-
-    /**
-     * 查询当前用户信息
-     * 
-     * @return 用户基本信息
-     */
-    public UserInfo info()
-    {
-        String username = SecurityUtils.getUsername();
-        R<UserInfo> userResult = remoteUserService.getUserInfo(username);
-        if (StringUtils.isNull(userResult) || StringUtils.isNull(userResult.getData()))
-        {
-            log.info("数据权限范围查询用户：{} 不存在.", username);
-            return null;
-        }
-        return userResult.getData();
-    }
-}

ruoyi-common/ruoyi-common-datascope/src/main/resources/META-INF/spring.factories

@@ -1,5 +1,4 @@
 org.springframework.boot.autoconfigure.EnableAutoConfiguration=\
-  com.ruoyi.common.datascope.service.AwaitUserService,\
   com.ruoyi.common.datascope.aspect.DataScopeAspect
 
   

ruoyi-common/ruoyi-common-log/pom.xml

@@ -5,7 +5,7 @@
     <parent>
         <groupId>com.ruoyi</groupId>
         <artifactId>ruoyi-common</artifactId>
-        <version>2.0.0</version>
+        <version>2.2.0</version>
     </parent>
     <modelVersion>4.0.0</modelVersion>
     

ruoyi-common/ruoyi-common-log/src/main/java/com/ruoyi/common/log/aspect/LogAspect.java

@@ -1,7 +1,6 @@
 package com.ruoyi.common.log.aspect;
 
 import java.lang.reflect.Method;
-import java.util.Map;
 import javax.servlet.http.HttpServletRequest;
 import javax.servlet.http.HttpServletResponse;
 import org.aspectj.lang.JoinPoint;
@@ -17,16 +16,14 @@ import org.springframework.beans.factory.annotation.Autowired;
 import org.springframework.http.HttpMethod;
 import org.springframework.stereotype.Component;
 import org.springframework.web.multipart.MultipartFile;
-import org.springframework.web.servlet.HandlerMapping;
 import com.alibaba.fastjson.JSON;
+import com.ruoyi.common.core.constant.CacheConstants;
 import com.ruoyi.common.core.utils.ServletUtils;
 import com.ruoyi.common.core.utils.StringUtils;
 import com.ruoyi.common.core.utils.ip.IpUtils;
 import com.ruoyi.common.log.annotation.Log;
 import com.ruoyi.common.log.enums.BusinessStatus;
 import com.ruoyi.common.log.service.AsyncLogService;
-import com.ruoyi.common.security.domain.LoginUser;
-import com.ruoyi.common.security.utils.SecurityUtils;
 import com.ruoyi.system.api.domain.SysOperLog;
 
 /**
@@ -83,9 +80,6 @@ public class LogAspect
                 return;
             }
 
-            // 获取当前的用户
-            LoginUser loginUser = SecurityUtils.getLoginUser();
-
             // *========数据库日志=========*//
             SysOperLog operLog = new SysOperLog();
             operLog.setStatus(BusinessStatus.SUCCESS.ordinal());
@@ -96,9 +90,11 @@ public class LogAspect
             operLog.setJsonResult(JSON.toJSONString(jsonResult));
 
             operLog.setOperUrl(ServletUtils.getRequest().getRequestURI());
-            if (loginUser != null)
+            HttpServletRequest request = ServletUtils.getRequest();
+            String username = request.getHeader(CacheConstants.DETAILS_USERNAME);
+            if (StringUtils.isNotBlank(username))
             {
-                operLog.setOperName(loginUser.getUsername());
+                operLog.setOperName(username);
             }
 
             if (e != null)
@@ -163,11 +159,6 @@ public class LogAspect
             String params = argsArrayToString(joinPoint.getArgs());
             operLog.setOperParam(StringUtils.substring(params, 0, 2000));
         }
-        else
-        {
-            Map<?, ?> paramsMap = (Map<?, ?>) ServletUtils.getRequest().getAttribute(HandlerMapping.URI_TEMPLATE_VARIABLES_ATTRIBUTE);
-            operLog.setOperParam(StringUtils.substring(paramsMap.toString(), 0, 2000));
-        }
     }
 
     /**
@@ -197,10 +188,16 @@ public class LogAspect
             for (int i = 0; i < paramsArray.length; i++)
             {
                 if (!isFilterObject(paramsArray[i]))
+                {
+                    try
                     {
                         Object jsonObj = JSON.toJSON(paramsArray[i]);
                         params += jsonObj.toString() + " ";
                     }
+                    catch (Exception e)
+                    {
+                    }
+                }
             }
         }
         return params.trim();

ruoyi-common/ruoyi-common-redis/pom.xml

@@ -5,7 +5,7 @@
     <parent>
         <groupId>com.ruoyi</groupId>
         <artifactId>ruoyi-common</artifactId>
-        <version>2.0.0</version>
+        <version>2.2.0</version>
     </parent>
     <modelVersion>4.0.0</modelVersion>
     

ruoyi-common/ruoyi-common-redis/src/main/java/com/ruoyi/common/redis/configure/FastJson2JsonRedisSerializer.java

@@ -36,6 +36,7 @@ public class FastJson2JsonRedisSerializer<T> implements RedisSerializer<T>
         this.clazz = clazz;
     }
 
+    @Override
     public byte[] serialize(T t) throws SerializationException
     {
         if (t == null)
@@ -45,6 +46,7 @@ public class FastJson2JsonRedisSerializer<T> implements RedisSerializer<T>
         return JSON.toJSONString(t, SerializerFeature.WriteClassName).getBytes(DEFAULT_CHARSET);
     }
 
+    @Override
     public T deserialize(byte[] bytes) throws SerializationException
     {
         if (bytes == null || bytes.length <= 0)

ruoyi-common/ruoyi-common-redis/src/main/java/com/ruoyi/common/redis/service/RedisService.java

@@ -1,17 +1,12 @@
 package com.ruoyi.common.redis.service;
 
-import java.util.ArrayList;
 import java.util.Collection;
-import java.util.HashSet;
-import java.util.Iterator;
 import java.util.List;
 import java.util.Map;
 import java.util.Set;
 import java.util.concurrent.TimeUnit;
 import org.springframework.beans.factory.annotation.Autowired;
-import org.springframework.data.redis.core.BoundSetOperations;
 import org.springframework.data.redis.core.HashOperations;
-import org.springframework.data.redis.core.ListOperations;
 import org.springframework.data.redis.core.RedisTemplate;
 import org.springframework.data.redis.core.ValueOperations;
 import org.springframework.stereotype.Component;
@@ -33,13 +28,10 @@ public class RedisService
      *
      * @param key 缓存的键值
      * @param value 缓存的值
-     * @return 缓存的对象
      */
-    public <T> ValueOperations<String, T> setCacheObject(String key, T value)
+    public <T> void setCacheObject(final String key, final T value)
     {
-        ValueOperations<String, T> operation = redisTemplate.opsForValue();
+        redisTemplate.opsForValue().set(key, value);
-        operation.set(key, value);
-        return operation;
     }
 
     /**
@@ -49,13 +41,35 @@ public class RedisService
      * @param value 缓存的值
      * @param timeout 时间
      * @param timeUnit 时间颗粒度
-     * @return 缓存的对象
      */
-    public <T> ValueOperations<String, T> setCacheObject(String key, T value, Integer timeout, TimeUnit timeUnit)
+    public <T> void setCacheObject(final String key, final T value, final Long timeout, final TimeUnit timeUnit)
     {
-        ValueOperations<String, T> operation = redisTemplate.opsForValue();
+        redisTemplate.opsForValue().set(key, value, timeout, timeUnit);
-        operation.set(key, value, timeout, timeUnit);
+    }
-        return operation;
+
+    /**
+     * 设置有效时间
+     *
+     * @param key Redis键
+     * @param timeout 超时时间
+     * @return true=设置成功；false=设置失败
+     */
+    public boolean expire(final String key, final long timeout)
+    {
+        return expire(key, timeout, TimeUnit.SECONDS);
+    }
+
+    /**
+     * 设置有效时间
+     *
+     * @param key Redis键
+     * @param timeout 超时时间
+     * @param unit 时间单位
+     * @return true=设置成功；false=设置失败
+     */
+    public boolean expire(final String key, final long timeout, final TimeUnit unit)
+    {
+        return redisTemplate.expire(key, timeout, unit);
     }
 
     /**
@@ -64,7 +78,7 @@ public class RedisService
      * @param key 缓存键值
      * @return 缓存键值对应的数据
      */
-    public <T> T getCacheObject(String key)
+    public <T> T getCacheObject(final String key)
     {
         ValueOperations<String, T> operation = redisTemplate.opsForValue();
         return operation.get(key);
@@ -75,19 +89,20 @@ public class RedisService
      *
      * @param key
      */
-    public void deleteObject(String key)
+    public boolean deleteObject(final String key)
     {
-        redisTemplate.delete(key);
+        return redisTemplate.delete(key);
     }
 
     /**
      * 删除集合对象
      *
-     * @param collection
+     * @param collection 多个对象
+     * @return
      */
-    public void deleteObject(Collection collection)
+    public long deleteObject(final Collection collection)
     {
-        redisTemplate.delete(collection);
+        return redisTemplate.delete(collection);
     }
 
     /**
@@ -97,18 +112,10 @@ public class RedisService
      * @param dataList 待缓存的List数据
      * @return 缓存的对象
      */
-    public <T> ListOperations<String, T> setCacheList(String key, List<T> dataList)
+    public <T> long setCacheList(final String key, final List<T> dataList)
     {
-        ListOperations listOperation = redisTemplate.opsForList();
+        Long count = redisTemplate.opsForList().rightPushAll(key, dataList);
-        if (null != dataList)
+        return count == null ? 0 : count;
-        {
-            int size = dataList.size();
-            for (int i = 0; i < size; i++)
-            {
-                listOperation.leftPush(key, dataList.get(i));
-            }
-        }
-        return listOperation;
     }
 
     /**
@@ -117,17 +124,9 @@ public class RedisService
      * @param key 缓存的键值
      * @return 缓存键值对应的数据
      */
-    public <T> List<T> getCacheList(String key)
+    public <T> List<T> getCacheList(final String key)
     {
-        List<T> dataList = new ArrayList<T>();
+        return redisTemplate.opsForList().range(key, 0, -1);
-        ListOperations<String, T> listOperation = redisTemplate.opsForList();
-        Long size = listOperation.size(key);
-
-        for (int i = 0; i < size; i++)
-        {
-            dataList.add(listOperation.index(key, i));
-        }
-        return dataList;
     }
 
     /**
@@ -137,15 +136,10 @@ public class RedisService
      * @param dataSet 缓存的数据
      * @return 缓存数据的对象
      */
-    public <T> BoundSetOperations<String, T> setCacheSet(String key, Set<T> dataSet)
+    public <T> long setCacheSet(final String key, final Set<T> dataSet)
     {
-        BoundSetOperations<String, T> setOperation = redisTemplate.boundSetOps(key);
+        Long count = redisTemplate.opsForSet().add(key, dataSet);
-        Iterator<T> it = dataSet.iterator();
+        return count == null ? 0 : count;
-        while (it.hasNext())
-        {
-            setOperation.add(it.next());
-        }
-        return setOperation;
     }
 
     /**
@@ -154,12 +148,9 @@ public class RedisService
      * @param key
      * @return
      */
-    public <T> Set<T> getCacheSet(String key)
+    public <T> Set<T> getCacheSet(final String key)
     {
-        Set<T> dataSet = new HashSet<T>();
+        return redisTemplate.opsForSet().members(key);
-        BoundSetOperations<String, T> operation = redisTemplate.boundSetOps(key);
-        dataSet = operation.members();
-        return dataSet;
     }
 
     /**
@@ -167,20 +158,13 @@ public class RedisService
      *
      * @param key
      * @param dataMap
-     * @return
      */
-    public <T> HashOperations<String, String, T> setCacheMap(String key, Map<String, T> dataMap)
+    public <T> void setCacheMap(final String key, final Map<String, T> dataMap)
     {
-        HashOperations hashOperations = redisTemplate.opsForHash();
+        if (dataMap != null) {
-        if (null != dataMap)
+            redisTemplate.opsForHash().putAll(key, dataMap);
-        {
-            for (Map.Entry<String, T> entry : dataMap.entrySet())
-            {
-                hashOperations.put(key, entry.getKey(), entry.getValue());
         }
     }
-        return hashOperations;
-    }
 
     /**
      * 获得缓存的Map
@@ -188,10 +172,46 @@ public class RedisService
      * @param key
      * @return
      */
-    public <T> Map<String, T> getCacheMap(String key)
+    public <T> Map<String, T> getCacheMap(final String key)
     {
-        Map<String, T> map = redisTemplate.opsForHash().entries(key);
+        return redisTemplate.opsForHash().entries(key);
-        return map;
+    }
+
+    /**
+     * 往Hash中存入数据
+     *
+     * @param key Redis键
+     * @param hKey Hash键
+     * @param value 值
+     */
+    public <T> void setCacheMapValue(final String key, final String hKey, final T value)
+    {
+        redisTemplate.opsForHash().put(key, hKey, value);
+    }
+
+    /**
+     * 获取Hash中的数据
+     *
+     * @param key Redis键
+     * @param hKey Hash键
+     * @return Hash中的对象
+     */
+    public <T> T getCacheMapValue(final String key, final String hKey)
+    {
+        HashOperations<String, String, T> opsForHash = redisTemplate.opsForHash();
+        return opsForHash.get(key, hKey);
+    }
+
+    /**
+     * 获取多个Hash中的数据
+     *
+     * @param key Redis键
+     * @param hKeys Hash键集合
+     * @return Hash对象集合
+     */
+    public <T> List<T> getMultiCacheMapValue(final String key, final Collection<Object> hKeys)
+    {
+        return redisTemplate.opsForHash().multiGet(key, hKeys);
     }
 
     /**
@@ -200,7 +220,7 @@ public class RedisService
      * @param pattern 字符串前缀
      * @return 对象列表
      */
-    public Collection<String> keys(String pattern)
+    public Collection<String> keys(final String pattern)
     {
         return redisTemplate.keys(pattern);
     }

ruoyi-common/ruoyi-common-security/pom.xml

@@ -4,7 +4,7 @@
     <parent>
         <groupId>com.ruoyi</groupId>
         <artifactId>ruoyi-common</artifactId>
-        <version>2.0.0</version>
+        <version>2.2.0</version>
     </parent>
     <modelVersion>4.0.0</modelVersion>
     
@@ -16,18 +16,18 @@
 
     <dependencies>
     
-        <!-- Spring Security Oauth2 -->
-        <dependency>
-            <groupId>org.springframework.cloud</groupId>
-            <artifactId>spring-cloud-starter-oauth2</artifactId>
-        </dependency>
-        
         <!-- RuoYi Api System -->
         <dependency>
             <groupId>com.ruoyi</groupId>
             <artifactId>ruoyi-api-system</artifactId>
         </dependency>
         
+        <!-- RuoYi Common Redis-->
+        <dependency>
+            <groupId>com.ruoyi</groupId>
+            <artifactId>ruoyi-common-redis</artifactId>
+        </dependency>
+        
     </dependencies>
 
 </project>

ruoyi-common/ruoyi-common-security/src/main/java/com/ruoyi/common/security/annotation/EnableCustomConfig.java

@@ -1,16 +1,11 @@
 package com.ruoyi.common.security.annotation;
 
-import java.lang.annotation.Documented;
+import java.lang.annotation.*;
-import java.lang.annotation.ElementType;
-import java.lang.annotation.Inherited;
-import java.lang.annotation.Retention;
-import java.lang.annotation.RetentionPolicy;
-import java.lang.annotation.Target;
 import org.mybatis.spring.annotation.MapperScan;
 import org.springframework.context.annotation.EnableAspectJAutoProxy;
 import org.springframework.context.annotation.Import;
 import org.springframework.scheduling.annotation.EnableAsync;
-import com.ruoyi.common.security.config.SecurityImportBeanDefinitionRegistrar;
+import com.ruoyi.common.security.config.ApplicationConfig;
 
 @Target(ElementType.TYPE)
 @Retention(RetentionPolicy.RUNTIME)
@@ -23,7 +18,7 @@ import com.ruoyi.common.security.config.SecurityImportBeanDefinitionRegistrar;
 // 开启线程异步执行
 @EnableAsync
 // 自动加载类
-@Import(SecurityImportBeanDefinitionRegistrar.class)
+@Import({ApplicationConfig.class})
 public @interface EnableCustomConfig
 {
 

ruoyi-common/ruoyi-common-security/src/main/java/com/ruoyi/common/security/annotation/PreAuthorize.java

@@ -0,0 +1,46 @@
+package com.ruoyi.common.security.annotation;
+
+import java.lang.annotation.ElementType;
+import java.lang.annotation.Retention;
+import java.lang.annotation.RetentionPolicy;
+import java.lang.annotation.Target;
+
+/**
+ * 权限注解
+ * 
+ * @author ruoyi
+ */
+@Target({ ElementType.TYPE, ElementType.METHOD })
+@Retention(RetentionPolicy.RUNTIME)
+public @interface PreAuthorize
+{
+    /**
+     * 验证用户是否具备某权限
+     */
+    public String hasPermi() default "";
+
+    /**
+     * 验证用户是否不具备某权限，与 hasPermi逻辑相反
+     */
+    public String lacksPermi() default "";
+
+    /**
+     * 验证用户是否具有以下任意一个权限
+     */
+    public String[] hasAnyPermi() default {};
+
+    /**
+     * 判断用户是否拥有某个角色
+     */
+    public String hasRole() default "";
+
+    /**
+     * 验证用户是否不具备某角色，与 isRole逻辑相反
+     */
+    public String lacksRole() default "";
+
+    /**
+     * 验证用户是否具有以下任意一个角色
+     */
+    public String[] hasAnyRoles() default {};
+}

ruoyi-common/ruoyi-common-security/src/main/java/com/ruoyi/common/security/aspect/PreAuthorizeAspect.java

@@ -0,0 +1,222 @@
+package com.ruoyi.common.security.aspect;
+
+import java.lang.reflect.Method;
+import java.util.Collection;
+import org.aspectj.lang.ProceedingJoinPoint;
+import org.aspectj.lang.Signature;
+import org.aspectj.lang.annotation.Around;
+import org.aspectj.lang.annotation.Aspect;
+import org.aspectj.lang.reflect.MethodSignature;
+import org.springframework.beans.factory.annotation.Autowired;
+import org.springframework.stereotype.Component;
+import org.springframework.util.CollectionUtils;
+import org.springframework.util.PatternMatchUtils;
+import org.springframework.util.StringUtils;
+import com.ruoyi.common.core.exception.PreAuthorizeException;
+import com.ruoyi.common.security.annotation.PreAuthorize;
+import com.ruoyi.common.security.service.TokenService;
+import com.ruoyi.system.api.model.LoginUser;
+
+/**
+ * 自定义权限实现
+ * 
+ * @author ruoyi
+ */
+@Aspect
+@Component
+public class PreAuthorizeAspect
+{
+    @Autowired
+    private TokenService tokenService;
+
+    /** 所有权限标识 */
+    private static final String ALL_PERMISSION = "*:*:*";
+
+    /** 管理员角色权限标识 */
+    private static final String SUPER_ADMIN = "admin";
+
+    @Around("@annotation(com.ruoyi.common.security.annotation.PreAuthorize)")
+    public Object around(ProceedingJoinPoint point) throws Throwable
+    {
+        Signature signature = point.getSignature();
+        MethodSignature methodSignature = (MethodSignature) signature;
+        Method method = methodSignature.getMethod();
+        PreAuthorize annotation = method.getAnnotation(PreAuthorize.class);
+        if (annotation == null)
+        {
+            return point.proceed();
+        }
+
+        if (!StringUtils.isEmpty(annotation.hasPermi()))
+        {
+            if (hasPermi(annotation.hasPermi()))
+            {
+                return point.proceed();
+            }
+            throw new PreAuthorizeException();
+        }
+        else if (!StringUtils.isEmpty(annotation.lacksPermi()))
+        {
+            if (lacksPermi(annotation.lacksPermi()))
+            {
+                return point.proceed();
+            }
+            throw new PreAuthorizeException();
+        }
+        else if (!StringUtils.isEmpty(annotation.hasAnyPermi()))
+        {
+            if (hasAnyPermi(annotation.hasAnyPermi()))
+            {
+                return point.proceed();
+            }
+            throw new PreAuthorizeException();
+        }
+        else if (!StringUtils.isEmpty(annotation.hasRole()))
+        {
+            if (hasRole(annotation.hasRole()))
+            {
+                return point.proceed();
+            }
+            throw new PreAuthorizeException();
+        }
+        else if (!StringUtils.isEmpty(annotation.lacksRole()))
+        {
+            if (lacksRole(annotation.lacksRole()))
+            {
+                return point.proceed();
+            }
+            throw new PreAuthorizeException();
+        }
+        else if (!StringUtils.isEmpty(annotation.hasAnyRoles()))
+        {
+            if (hasAnyRoles(annotation.hasAnyRoles()))
+            {
+                return point.proceed();
+            }
+            throw new PreAuthorizeException();
+        }
+
+        return point.proceed();
+    }
+
+    /**
+     * 验证用户是否具备某权限
+     * 
+     * @param permission 权限字符串
+     * @return 用户是否具备某权限
+     */
+    public boolean hasPermi(String permission)
+    {
+        LoginUser userInfo = tokenService.getLoginUser();
+        if (StringUtils.isEmpty(userInfo) || CollectionUtils.isEmpty(userInfo.getPermissions()))
+        {
+            return false;
+        }
+        return hasPermissions(userInfo.getPermissions(), permission);
+    }
+
+    /**
+     * 验证用户是否不具备某权限，与 hasPermi逻辑相反
+     *
+     * @param permission 权限字符串
+     * @return 用户是否不具备某权限
+     */
+    public boolean lacksPermi(String permission)
+    {
+        return hasPermi(permission) != true;
+    }
+
+    /**
+     * 验证用户是否具有以下任意一个权限
+     *
+     * @param permissions 权限列表
+     * @return 用户是否具有以下任意一个权限
+     */
+    public boolean hasAnyPermi(String[] permissions)
+    {
+        LoginUser userInfo = tokenService.getLoginUser();
+        if (StringUtils.isEmpty(userInfo) || CollectionUtils.isEmpty(userInfo.getPermissions()))
+        {
+            return false;
+        }
+        Collection<String> authorities = userInfo.getPermissions();
+        for (String permission : permissions)
+        {
+            if (permission != null && hasPermissions(authorities, permission))
+            {
+                return true;
+            }
+        }
+        return false;
+    }
+
+    /**
+     * 判断用户是否拥有某个角色
+     * 
+     * @param role 角色字符串
+     * @return 用户是否具备某角色
+     */
+    public boolean hasRole(String role)
+    {
+        LoginUser userInfo = tokenService.getLoginUser();
+        if (StringUtils.isEmpty(userInfo) || CollectionUtils.isEmpty(userInfo.getRoles()))
+        {
+            return false;
+        }
+        for (String roleKey : userInfo.getRoles())
+        {
+            if (SUPER_ADMIN.contains(roleKey) || roleKey.contains(role))
+            {
+                return true;
+            }
+        }
+        return false;
+    }
+
+    /**
+     * 验证用户是否不具备某角色，与 isRole逻辑相反。
+     *
+     * @param role 角色名称
+     * @return 用户是否不具备某角色
+     */
+    public boolean lacksRole(String role)
+    {
+        return hasRole(role) != true;
+    }
+
+    /**
+     * 验证用户是否具有以下任意一个角色
+     *
+     * @param roles 角色列表
+     * @return 用户是否具有以下任意一个角色
+     */
+    public boolean hasAnyRoles(String[] roles)
+    {
+        LoginUser userInfo = tokenService.getLoginUser();
+        if (StringUtils.isEmpty(userInfo) || CollectionUtils.isEmpty(userInfo.getRoles()))
+        {
+            return false;
+        }
+        for (String role : roles)
+        {
+            if (hasRole(role))
+            {
+                return true;
+            }
+        }
+        return false;
+    }
+
+    /**
+     * 判断是否包含权限
+     * 
+     * @param authorities 权限列表
+     * @param permission 权限字符串
+     * @return 用户是否具备某权限
+     */
+    private boolean hasPermissions(Collection<String> authorities, String permission)
+    {
+        return authorities.stream().filter(StringUtils::hasText)
+                .anyMatch(x -> ALL_PERMISSION.contains(x) || PatternMatchUtils.simpleMatch(permission, x));
+    }
+}

ruoyi-common/ruoyi-common-security/src/main/java/com/ruoyi/common/security/config/ApplicationConfig.java

@@ -0,0 +1,22 @@
+package com.ruoyi.common.security.config;
+
+import java.util.TimeZone;
+import org.springframework.boot.autoconfigure.jackson.Jackson2ObjectMapperBuilderCustomizer;
+import org.springframework.context.annotation.Bean;
+
+/**
+ * 系统配置
+ *
+ * @author ruoyi
+ */
+public class ApplicationConfig
+{
+    /**
+     * 时区配置
+     */
+    @Bean
+    public Jackson2ObjectMapperBuilderCustomizer jacksonObjectMapperCustomization()
+    {
+        return jacksonObjectMapperBuilder -> jacksonObjectMapperBuilder.timeZone(TimeZone.getDefault());
+    }
+}

ruoyi-common/ruoyi-common-security/src/main/java/com/ruoyi/common/security/config/AuthIgnoreConfig.java

@@ -1,28 +0,0 @@
-package com.ruoyi.common.security.config;
-
-import java.util.ArrayList;
-import java.util.List;
-import org.springframework.beans.factory.annotation.Configurable;
-import org.springframework.boot.context.properties.ConfigurationProperties;
-
-/**
- * 忽略服务间的认证
- * 
- * @author ruoyi
- **/
-@Configurable
-@ConfigurationProperties(prefix = "security.oauth2.ignore")
-public class AuthIgnoreConfig
-{
-    private List<String> urls = new ArrayList<>();
-
-    public List<String> getUrls()
-    {
-        return urls;
-    }
-
-    public void setUrls(List<String> urls)
-    {
-        this.urls = urls;
-    }
-}

ruoyi-common/ruoyi-common-security/src/main/java/com/ruoyi/common/security/config/CommonUserConverter.java

@@ -1,75 +0,0 @@
-package com.ruoyi.common.security.config;
-
-import java.util.Collection;
-import java.util.LinkedHashMap;
-import java.util.Map;
-import org.springframework.security.authentication.UsernamePasswordAuthenticationToken;
-import org.springframework.security.core.Authentication;
-import org.springframework.security.core.GrantedAuthority;
-import org.springframework.security.core.authority.AuthorityUtils;
-import org.springframework.security.oauth2.provider.token.UserAuthenticationConverter;
-import org.springframework.util.StringUtils;
-import com.ruoyi.common.core.constant.SecurityConstants;
-import com.ruoyi.common.core.text.Convert;
-import com.ruoyi.common.security.domain.LoginUser;
-
-/**
- * https://my.oschina.net/giegie/blog/3023768 根据checktoken 的结果转化用户信息
- * 
- * @author lengleng
- */
-public class CommonUserConverter implements UserAuthenticationConverter
-{
-    private static final String N_A = "N/A";
-
-    /**
-     * 将授权信息返回到资源服务
-     */
-    @Override
-    public Map<String, ?> convertUserAuthentication(Authentication userAuthentication)
-    {
-        Map<String, Object> authMap = new LinkedHashMap<>();
-        authMap.put(USERNAME, userAuthentication.getName());
-        if (userAuthentication.getAuthorities() != null && !userAuthentication.getAuthorities().isEmpty())
-        {
-            authMap.put(AUTHORITIES, AuthorityUtils.authorityListToSet(userAuthentication.getAuthorities()));
-        }
-        return authMap;
-    }
-
-    /**
-     * 获取用户认证信息
-     */
-    @Override
-    public Authentication extractAuthentication(Map<String, ?> map)
-    {
-        if (map.containsKey(USERNAME))
-        {
-            Collection<? extends GrantedAuthority> authorities = getAuthorities(map);
-
-            Long userId = Convert.toLong(map.get(SecurityConstants.DETAILS_USER_ID));
-            String username = (String) map.get(SecurityConstants.DETAILS_USERNAME);
-            LoginUser user = new LoginUser(userId, username, N_A, true, true, true, true, authorities);
-            return new UsernamePasswordAuthenticationToken(user, N_A, authorities);
-        }
-        return null;
-    }
-
-    /**
-     * 获取权限资源信息
-     */
-    private Collection<? extends GrantedAuthority> getAuthorities(Map<String, ?> map)
-    {
-        Object authorities = map.get(AUTHORITIES);
-        if (authorities instanceof String)
-        {
-            return AuthorityUtils.commaSeparatedStringToAuthorityList((String) authorities);
-        }
-        if (authorities instanceof Collection)
-        {
-            return AuthorityUtils.commaSeparatedStringToAuthorityList(
-                    StringUtils.collectionToCommaDelimitedString((Collection<?>) authorities));
-        }
-        throw new IllegalArgumentException("Authorities must be either a String or a Collection");
-    }
-}

ruoyi-common/ruoyi-common-security/src/main/java/com/ruoyi/common/security/config/ResourceServerConfig.java

@@ -1,82 +0,0 @@
-package com.ruoyi.common.security.config;
-
-import org.springframework.beans.factory.annotation.Autowired;
-import org.springframework.boot.autoconfigure.security.oauth2.OAuth2ClientProperties;
-import org.springframework.boot.autoconfigure.security.oauth2.resource.ResourceServerProperties;
-import org.springframework.cloud.client.loadbalancer.LoadBalanced;
-import org.springframework.context.annotation.Bean;
-import org.springframework.context.annotation.Configuration;
-import org.springframework.security.config.annotation.web.builders.HttpSecurity;
-import org.springframework.security.config.annotation.web.configurers.ExpressionUrlAuthorizationConfigurer;
-import org.springframework.security.oauth2.config.annotation.web.configuration.EnableResourceServer;
-import org.springframework.security.oauth2.config.annotation.web.configuration.ResourceServerConfigurerAdapter;
-import org.springframework.security.oauth2.config.annotation.web.configurers.ResourceServerSecurityConfigurer;
-import org.springframework.security.oauth2.provider.token.DefaultAccessTokenConverter;
-import org.springframework.security.oauth2.provider.token.RemoteTokenServices;
-import org.springframework.security.oauth2.provider.token.ResourceServerTokenServices;
-import org.springframework.security.oauth2.provider.token.UserAuthenticationConverter;
-import org.springframework.web.client.DefaultResponseErrorHandler;
-import org.springframework.web.client.RestTemplate;
-
-/**
- * oauth2 服务配置
- * 
- * @author ruoyi
- */
-@Configuration
-@EnableResourceServer
-public class ResourceServerConfig extends ResourceServerConfigurerAdapter
-{
-    @Autowired
-    private ResourceServerProperties resourceServerProperties;
-
-    @Autowired
-    private OAuth2ClientProperties oAuth2ClientProperties;
-
-    @Bean
-    public AuthIgnoreConfig authIgnoreConfig()
-    {
-        return new AuthIgnoreConfig();
-    }
-
-    @Bean
-    @LoadBalanced
-    public RestTemplate restTemplate()
-    {
-        RestTemplate restTemplate = new RestTemplate();
-        restTemplate.setErrorHandler(new DefaultResponseErrorHandler());
-        return restTemplate;
-    }
-
-    @Bean
-    public ResourceServerTokenServices tokenServices()
-    {
-        RemoteTokenServices remoteTokenServices = new RemoteTokenServices();
-        DefaultAccessTokenConverter accessTokenConverter = new DefaultAccessTokenConverter();
-        UserAuthenticationConverter userTokenConverter = new CommonUserConverter();
-        accessTokenConverter.setUserTokenConverter(userTokenConverter);
-        remoteTokenServices.setCheckTokenEndpointUrl(resourceServerProperties.getTokenInfoUri());
-        remoteTokenServices.setClientId(oAuth2ClientProperties.getClientId());
-        remoteTokenServices.setClientSecret(oAuth2ClientProperties.getClientSecret());
-        remoteTokenServices.setRestTemplate(restTemplate());
-        remoteTokenServices.setAccessTokenConverter(accessTokenConverter);
-        return remoteTokenServices;
-    }
-
-    @Override
-    public void configure(HttpSecurity http) throws Exception
-    {
-        http.csrf().disable();
-        ExpressionUrlAuthorizationConfigurer<HttpSecurity>.ExpressionInterceptUrlRegistry registry = http
-                .authorizeRequests();
-        // 不登录可以访问
-        authIgnoreConfig().getUrls().forEach(url -> registry.antMatchers(url).permitAll());
-        registry.anyRequest().authenticated();
-    }
-
-    @Override
-    public void configure(ResourceServerSecurityConfigurer resources)
-    {
-        resources.tokenServices(tokenServices());
-    }
-}

ruoyi-common/ruoyi-common-security/src/main/java/com/ruoyi/common/security/config/SecurityImportBeanDefinitionRegistrar.java

@@ -1,24 +0,0 @@
-package com.ruoyi.common.security.config;
-
-import org.springframework.beans.factory.support.BeanDefinitionBuilder;
-import org.springframework.beans.factory.support.BeanDefinitionRegistry;
-import org.springframework.context.annotation.ImportBeanDefinitionRegistrar;
-import org.springframework.core.type.AnnotationMetadata;
-import com.ruoyi.common.core.utils.StringUtils;
-
-/**
- * 导入 SecurityImportBeanDefinitionRegistrar 自动加载类
- * 
- * @author ruoyi
- */
-public class SecurityImportBeanDefinitionRegistrar implements ImportBeanDefinitionRegistrar
-{
-    @Override
-    public void registerBeanDefinitions(AnnotationMetadata metadata, BeanDefinitionRegistry registry)
-    {
-        Class<ResourceServerConfig> aClass = ResourceServerConfig.class;
-        String beanName = StringUtils.uncapitalize(aClass.getSimpleName());
-        BeanDefinitionBuilder beanDefinitionBuilder = BeanDefinitionBuilder.genericBeanDefinition(ResourceServerConfig.class);
-        registry.registerBeanDefinition(beanName, beanDefinitionBuilder.getBeanDefinition());
-    }
-}

ruoyi-common/ruoyi-common-security/src/main/java/com/ruoyi/common/security/domain/LoginUser.java

@@ -1,37 +0,0 @@
-package com.ruoyi.common.security.domain;
-
-import java.util.Collection;
-import org.springframework.security.core.GrantedAuthority;
-import org.springframework.security.core.userdetails.User;
-
-/**
- * 登录用户身份权限
- * 
- * @author ruoyi
- */
-public class LoginUser extends User
-{
-    private static final long serialVersionUID = 1L;
-
-    /**
-     * 用户ID
-     */
-    private Long userId;
-
-    public LoginUser(Long userId, String username, String password, boolean enabled, boolean accountNonExpired,
-            boolean credentialsNonExpired, boolean accountNonLocked, Collection<? extends GrantedAuthority> authorities)
-    {
-        super(username, password, enabled, accountNonExpired, credentialsNonExpired, accountNonLocked, authorities);
-        this.userId = userId;
-    }
-
-    public Long getUserId()
-    {
-        return userId;
-    }
-
-    public void setUserId(Long userId)
-    {
-        this.userId = userId;
-    }
-}

ruoyi-common/ruoyi-common-security/src/main/java/com/ruoyi/common/security/feign/OAuth2FeignConfig.java

@@ -1,20 +0,0 @@
-package com.ruoyi.common.security.feign;
-
-import org.springframework.context.annotation.Bean;
-import org.springframework.context.annotation.Configuration;
-import feign.RequestInterceptor;
-
-/**
- * Feign配置注册
- *
- * @author ruoyi
- **/
-@Configuration
-public class OAuth2FeignConfig
-{
-    @Bean
-    public RequestInterceptor requestInterceptor()
-    {
-        return new OAuth2FeignRequestInterceptor();
-    }
-}

ruoyi-common/ruoyi-common-security/src/main/java/com/ruoyi/common/security/feign/OAuth2FeignRequestInterceptor.java

@@ -1,33 +0,0 @@
-package com.ruoyi.common.security.feign;
-
-import org.springframework.http.HttpHeaders;
-import org.springframework.security.core.Authentication;
-import org.springframework.security.core.context.SecurityContext;
-import org.springframework.security.core.context.SecurityContextHolder;
-import org.springframework.security.oauth2.provider.authentication.OAuth2AuthenticationDetails;
-import org.springframework.stereotype.Component;
-import com.ruoyi.common.core.constant.SecurityConstants;
-import feign.RequestInterceptor;
-import feign.RequestTemplate;
-
-/**
- * feign 请求拦截器
- * 
- * @author ruoyi
- */
-@Component
-public class OAuth2FeignRequestInterceptor implements RequestInterceptor
-{
-    @Override
-    public void apply(RequestTemplate requestTemplate)
-    {
-        SecurityContext securityContext = SecurityContextHolder.getContext();
-        Authentication authentication = securityContext.getAuthentication();
-        if (authentication != null && authentication.getDetails() instanceof OAuth2AuthenticationDetails)
-        {
-            OAuth2AuthenticationDetails dateils = (OAuth2AuthenticationDetails) authentication.getDetails();
-            requestTemplate.header(HttpHeaders.AUTHORIZATION,
-                    String.format("%s %s", SecurityConstants.BEARER_TOKEN_TYPE, dateils.getTokenValue()));
-        }
-    }
-}

ruoyi-common/ruoyi-common-security/src/main/java/com/ruoyi/common/security/handler/CustomAccessDeniedHandler.java

@@ -1,33 +0,0 @@
-package com.ruoyi.common.security.handler;
-
-import javax.servlet.http.HttpServletRequest;
-import javax.servlet.http.HttpServletResponse;
-import org.slf4j.Logger;
-import org.slf4j.LoggerFactory;
-import org.springframework.security.access.AccessDeniedException;
-import org.springframework.security.oauth2.provider.error.OAuth2AccessDeniedHandler;
-import org.springframework.stereotype.Component;
-import com.alibaba.fastjson.JSON;
-import com.ruoyi.common.core.constant.HttpStatus;
-import com.ruoyi.common.core.domain.R;
-import com.ruoyi.common.core.utils.ServletUtils;
-
-/**
- * 自定义访问无权限资源时的异常
- * 
- * @author ruoyi
- */
-@Component
-public class CustomAccessDeniedHandler extends OAuth2AccessDeniedHandler
-{
-    private final Logger logger = LoggerFactory.getLogger(CustomAccessDeniedHandler.class);
-
-    @Override
-    public void handle(HttpServletRequest request, HttpServletResponse response, AccessDeniedException authException)
-    {
-        logger.info("权限不足，请联系管理员 {}", request.getRequestURI());
-
-        String msg = authException.getMessage();
-        ServletUtils.renderString(response, JSON.toJSONString(R.failed(HttpStatus.FORBIDDEN, msg)));
-    }
-}

ruoyi-common/ruoyi-common-security/src/main/java/com/ruoyi/common/security/handler/GlobalExceptionHandler.java

@@ -0,0 +1,94 @@
+package com.ruoyi.common.security.handler;
+
+import org.slf4j.Logger;
+import org.slf4j.LoggerFactory;
+import org.springframework.validation.BindException;
+import org.springframework.web.bind.MethodArgumentNotValidException;
+import org.springframework.web.bind.annotation.ExceptionHandler;
+import org.springframework.web.bind.annotation.RestControllerAdvice;
+import com.ruoyi.common.core.exception.BaseException;
+import com.ruoyi.common.core.exception.CustomException;
+import com.ruoyi.common.core.exception.DemoModeException;
+import com.ruoyi.common.core.exception.PreAuthorizeException;
+import com.ruoyi.common.core.utils.StringUtils;
+import com.ruoyi.common.core.web.domain.AjaxResult;
+
+/**
+ * 全局异常处理器
+ * 
+ * @author ruoyi
+ */
+@RestControllerAdvice
+public class GlobalExceptionHandler
+{
+    private static final Logger log = LoggerFactory.getLogger(GlobalExceptionHandler.class);
+
+    /**
+     * 基础异常
+     */
+    @ExceptionHandler(BaseException.class)
+    public AjaxResult baseException(BaseException e)
+    {
+        return AjaxResult.error(e.getDefaultMessage());
+    }
+
+    /**
+     * 业务异常
+     */
+    @ExceptionHandler(CustomException.class)
+    public AjaxResult businessException(CustomException e)
+    {
+        if (StringUtils.isNull(e.getCode()))
+        {
+            return AjaxResult.error(e.getMessage());
+        }
+        return AjaxResult.error(e.getCode(), e.getMessage());
+    }
+
+    @ExceptionHandler(Exception.class)
+    public AjaxResult handleException(Exception e)
+    {
+        log.error(e.getMessage(), e);
+        return AjaxResult.error(e.getMessage());
+    }
+
+    /**
+     * 自定义验证异常
+     */
+    @ExceptionHandler(BindException.class)
+    public AjaxResult validatedBindException(BindException e)
+    {
+        log.error(e.getMessage(), e);
+        String message = e.getAllErrors().get(0).getDefaultMessage();
+        return AjaxResult.error(message);
+    }
+
+    /**
+     * 自定义验证异常
+     */
+    @ExceptionHandler(MethodArgumentNotValidException.class)
+    public Object validExceptionHandler(MethodArgumentNotValidException e)
+    {
+        log.error(e.getMessage(), e);
+        String message = e.getBindingResult().getFieldError().getDefaultMessage();
+        return AjaxResult.error(message);
+    }
+    
+    /**
+     * 权限异常
+     */
+    @ExceptionHandler(PreAuthorizeException.class)
+    public AjaxResult preAuthorizeException(PreAuthorizeException e)
+    {
+        return AjaxResult.error("没有权限，请联系管理员授权");
+    }
+    
+    /**
+     * 演示模式异常
+     */
+    @ExceptionHandler(DemoModeException.class)
+    public AjaxResult demoModeException(DemoModeException e)
+    {
+        return AjaxResult.error("演示模式，不允许操作");
+    }
+}

ruoyi-common/ruoyi-common-security/src/main/java/com/ruoyi/common/security/service/PermissionService.java

@@ -1,167 +0,0 @@
-package com.ruoyi.common.security.service;
-
-import java.util.Collection;
-import org.springframework.security.core.GrantedAuthority;
-import org.springframework.stereotype.Service;
-import org.springframework.util.CollectionUtils;
-import org.springframework.util.PatternMatchUtils;
-import org.springframework.util.StringUtils;
-import com.ruoyi.common.security.domain.LoginUser;
-import com.ruoyi.common.security.utils.SecurityUtils;
-
-/**
- * 自定义权限实现
- * 
- * @author ruoyi
- */
-@Service("ss")
-public class PermissionService
-{
-    /** 所有权限标识 */
-    private static final String ALL_PERMISSION = "*:*:*";
-
-    /** 管理员角色权限标识 */
-    private static final String SUPER_ADMIN = "admin";
-
-    private static final String ROLE_DELIMETER = ",";
-
-    private static final String PERMISSION_DELIMETER = ",";
-
-    /**
-     * 验证用户是否具备某权限
-     * 
-     * @param permission 权限字符串
-     * @return 用户是否具备某权限
-     */
-    public boolean hasPermi(String permission)
-    {
-        if (StringUtils.isEmpty(permission))
-        {
-            return false;
-        }
-        LoginUser loginUser = SecurityUtils.getLoginUser();
-        if (StringUtils.isEmpty(loginUser) || CollectionUtils.isEmpty(loginUser.getAuthorities()))
-        {
-            return false;
-        }
-        return hasPermissions(loginUser.getAuthorities(), permission);
-    }
-
-    /**
-     * 验证用户是否不具备某权限，与 hasPermi逻辑相反
-     *
-     * @param permission 权限字符串
-     * @return 用户是否不具备某权限
-     */
-    public boolean lacksPermi(String permission)
-    {
-        return hasPermi(permission) != true;
-    }
-
-    /**
-     * 验证用户是否具有以下任意一个权限
-     *
-     * @param permissions 以 PERMISSION_NAMES_DELIMETER 为分隔符的权限列表
-     * @return 用户是否具有以下任意一个权限
-     */
-    public boolean hasAnyPermi(String permissions)
-    {
-        if (StringUtils.isEmpty(permissions))
-        {
-            return false;
-        }
-        LoginUser loginUser = SecurityUtils.getLoginUser();
-        if (StringUtils.isEmpty(loginUser) || CollectionUtils.isEmpty(loginUser.getAuthorities()))
-        {
-            return false;
-        }
-        Collection<? extends GrantedAuthority> authorities = loginUser.getAuthorities();
-        for (String permission : permissions.split(PERMISSION_DELIMETER))
-        {
-            if (permission != null && hasPermissions(authorities, permission))
-            {
-                return true;
-            }
-        }
-        return false;
-    }
-
-    /**
-     * 判断用户是否拥有某个角色
-     * 
-     * @param role 角色字符串
-     * @return 用户是否具备某角色
-     */
-    public boolean hasRole(String role)
-    {
-        if (StringUtils.isEmpty(role))
-        {
-            return false;
-        }
-        LoginUser loginUser = SecurityUtils.getLoginUser();
-        if (StringUtils.isEmpty(loginUser) || CollectionUtils.isEmpty(loginUser.getAuthorities()))
-        {
-            return false;
-        }
-        for (GrantedAuthority authorities : loginUser.getAuthorities())
-        {
-            String roleKey = authorities.getAuthority();
-            if (SUPER_ADMIN.contains(roleKey) || roleKey.contains(role))
-            {
-                return true;
-            }
-        }
-        return false;
-    }
-
-    /**
-     * 验证用户是否不具备某角色，与 isRole逻辑相反。
-     *
-     * @param role 角色名称
-     * @return 用户是否不具备某角色
-     */
-    public boolean lacksRole(String role)
-    {
-        return hasRole(role) != true;
-    }
-
-    /**
-     * 验证用户是否具有以下任意一个角色
-     *
-     * @param roles 以 ROLE_NAMES_DELIMETER 为分隔符的角色列表
-     * @return 用户是否具有以下任意一个角色
-     */
-    public boolean hasAnyRoles(String roles)
-    {
-        if (StringUtils.isEmpty(roles))
-        {
-            return false;
-        }
-        LoginUser loginUser = SecurityUtils.getLoginUser();
-        if (StringUtils.isEmpty(loginUser) || CollectionUtils.isEmpty(loginUser.getAuthorities()))
-        {
-            return false;
-        }
-        for (String role : roles.split(ROLE_DELIMETER))
-        {
-            if (hasRole(role))
-            {
-                return true;
-            }
-        }
-        return false;
-    }
-
-    /**
-     * 判断是否包含权限
-     * 
-     * @param permissions 权限列表
-     * @param permission 权限字符串
-     * @return 用户是否具备某权限
-     */
-    private boolean hasPermissions(Collection<? extends GrantedAuthority> authorities, String permission)
-    {
-        return authorities.stream().map(GrantedAuthority::getAuthority).filter(StringUtils::hasText)
-                .anyMatch(x -> ALL_PERMISSION.contains(x) || PatternMatchUtils.simpleMatch(permission, x));
-    }
-}

ruoyi-common/ruoyi-common-security/src/main/java/com/ruoyi/common/security/service/RedisClientDetailsService.java

@@ -1,30 +0,0 @@
-package com.ruoyi.common.security.service;
-
-import javax.sql.DataSource;
-import org.springframework.cache.annotation.Cacheable;
-import org.springframework.security.oauth2.provider.ClientDetails;
-import org.springframework.security.oauth2.provider.client.JdbcClientDetailsService;
-import com.ruoyi.common.core.constant.CacheConstants;
-import com.ruoyi.common.core.constant.SecurityConstants;
-
-/**
- * 重写原生方法支持redis缓存
- *
- * @author ruoyi
- */
-public class RedisClientDetailsService extends JdbcClientDetailsService
-{
-    public RedisClientDetailsService(DataSource dataSource)
-    {
-        super(dataSource);
-        super.setSelectClientDetailsSql(SecurityConstants.DEFAULT_SELECT_STATEMENT);
-        super.setFindClientDetailsSql(SecurityConstants.DEFAULT_FIND_STATEMENT);
-    }
-
-    @Override
-    @Cacheable(value = CacheConstants.CLIENT_DETAILS_KEY, key = "#clientId", unless = "#result == null")
-    public ClientDetails loadClientByClientId(String clientId)
-    {
-        return super.loadClientByClientId(clientId);
-    }
-}

ruoyi-common/ruoyi-common-security/src/main/java/com/ruoyi/common/security/service/TokenService.java

@@ -0,0 +1,135 @@
+package com.ruoyi.common.security.service;
+
+import java.util.HashMap;
+import java.util.Map;
+import java.util.concurrent.TimeUnit;
+import javax.servlet.http.HttpServletRequest;
+import org.springframework.beans.factory.annotation.Autowired;
+import org.springframework.stereotype.Component;
+import com.ruoyi.common.core.constant.CacheConstants;
+import com.ruoyi.common.core.constant.Constants;
+import com.ruoyi.common.core.utils.IdUtils;
+import com.ruoyi.common.core.utils.ServletUtils;
+import com.ruoyi.common.core.utils.StringUtils;
+import com.ruoyi.common.core.utils.ip.IpUtils;
+import com.ruoyi.common.redis.service.RedisService;
+import com.ruoyi.system.api.model.LoginUser;
+
+/**
+ * token验证处理
+ * 
+ * @author ruoyi
+ */
+@Component
+public class TokenService
+{
+    @Autowired
+    private RedisService redisService;
+
+    private final static long EXPIRE_TIME = Constants.TOKEN_EXPIRE * 60;
+
+    private final static String ACCESS_TOKEN = CacheConstants.LOGIN_TOKEN_KEY;
+
+    protected static final long MILLIS_SECOND = 1000;
+
+    /**
+     * 创建令牌
+     */
+    public Map<String, Object> createToken(LoginUser loginUser)
+    {
+        // 生成token
+        String token = IdUtils.fastUUID();
+        loginUser.setToken(token);
+        loginUser.setUserid(loginUser.getSysUser().getUserId());
+        loginUser.setUsername(loginUser.getSysUser().getUserName());
+        loginUser.setIpaddr(IpUtils.getIpAddr(ServletUtils.getRequest()));
+        refreshToken(loginUser);
+
+        // 保存或更新用户token
+        Map<String, Object> map = new HashMap<String, Object>();
+        map.put("access_token", token);
+        map.put("expires_in", EXPIRE_TIME);
+        redisService.setCacheObject(ACCESS_TOKEN + token, loginUser, EXPIRE_TIME, TimeUnit.SECONDS);
+        return map;
+    }
+
+    /**
+     * 获取用户身份信息
+     *
+     * @return 用户信息
+     */
+    public LoginUser getLoginUser()
+    {
+        return getLoginUser(ServletUtils.getRequest());
+    }
+
+    /**
+     * 获取用户身份信息
+     *
+     * @return 用户信息
+     */
+    public LoginUser getLoginUser(HttpServletRequest request)
+    {
+        // 获取请求携带的令牌
+        String token = getToken(request);
+        if (StringUtils.isNotEmpty(token))
+        {
+            String userKey = getTokenKey(token);
+            LoginUser user = redisService.getCacheObject(userKey);
+            return user;
+        }
+        return null;
+    }
+
+    /**
+     * 设置用户身份信息
+     */
+    public void setLoginUser(LoginUser loginUser)
+    {
+        if (StringUtils.isNotNull(loginUser) && StringUtils.isNotEmpty(loginUser.getToken()))
+        {
+            refreshToken(loginUser);
+        }
+    }
+
+    public void delLoginUser(String token)
+    {
+        if (StringUtils.isNotEmpty(token))
+        {
+            String userKey = getTokenKey(token);
+            redisService.deleteObject(userKey);
+        }
+    }
+
+    /**
+     * 刷新令牌有效期
+     *
+     * @param loginUser 登录信息
+     */
+    public void refreshToken(LoginUser loginUser)
+    {
+        loginUser.setLoginTime(System.currentTimeMillis());
+        loginUser.setExpireTime(loginUser.getLoginTime() + EXPIRE_TIME * MILLIS_SECOND);
+        // 根据uuid将loginUser缓存
+        String userKey = getTokenKey(loginUser.getToken());
+        redisService.setCacheObject(userKey, loginUser, EXPIRE_TIME, TimeUnit.SECONDS);
+    }
+
+    private String getTokenKey(String token)
+    {
+        return ACCESS_TOKEN + token;
+    }
+
+    /**
+     * 获取请求token
+     */
+    private String getToken(HttpServletRequest request)
+    {
+        String token = request.getHeader(CacheConstants.HEADER);
+        if (StringUtils.isNotEmpty(token) && token.startsWith(CacheConstants.TOKEN_PREFIX))
+        {
+            token = token.replace(CacheConstants.TOKEN_PREFIX, "");
+        }
+        return token;
+    }
+}

ruoyi-common/ruoyi-common-security/src/main/java/com/ruoyi/common/security/service/UserDetailsServiceImpl.java

@@ -1,83 +0,0 @@
-package com.ruoyi.common.security.service;
-
-import java.util.Collection;
-import java.util.HashSet;
-import java.util.Set;
-import org.slf4j.Logger;
-import org.slf4j.LoggerFactory;
-import org.springframework.beans.factory.annotation.Autowired;
-import org.springframework.security.core.GrantedAuthority;
-import org.springframework.security.core.authority.AuthorityUtils;
-import org.springframework.security.core.userdetails.UserDetails;
-import org.springframework.security.core.userdetails.UserDetailsService;
-import org.springframework.security.core.userdetails.UsernameNotFoundException;
-import org.springframework.stereotype.Service;
-import com.ruoyi.common.core.domain.R;
-import com.ruoyi.common.core.enums.UserStatus;
-import com.ruoyi.common.core.exception.BaseException;
-import com.ruoyi.common.core.utils.StringUtils;
-import com.ruoyi.common.security.domain.LoginUser;
-import com.ruoyi.system.api.RemoteUserService;
-import com.ruoyi.system.api.domain.SysUser;
-import com.ruoyi.system.api.model.UserInfo;
-
-/**
- * 用户信息处理
- *
- * @author ruoyi
- */
-@Service
-public class UserDetailsServiceImpl implements UserDetailsService
-{
-    private static final Logger log = LoggerFactory.getLogger(UserDetailsServiceImpl.class);
-
-    @Autowired
-    private RemoteUserService remoteUserService;
-
-    @Override
-    public UserDetails loadUserByUsername(String username)
-    {
-        R<UserInfo> userResult = remoteUserService.getUserInfo(username);
-        checkUser(userResult, username);
-        return getUserDetails(userResult);
-    }
-
-    public void checkUser(R<UserInfo> userResult, String username)
-    {
-        if (StringUtils.isNull(userResult) || StringUtils.isNull(userResult.getData()))
-        {
-            log.info("登录用户：{} 不存在.", username);
-            throw new UsernameNotFoundException("登录用户：" + username + " 不存在");
-        }
-        else if (UserStatus.DELETED.getCode().equals(userResult.getData().getSysUser().getDelFlag()))
-        {
-            log.info("登录用户：{} 已被删除.", username);
-            throw new BaseException("对不起，您的账号：" + username + " 已被删除");
-        }
-        else if (UserStatus.DISABLE.getCode().equals(userResult.getData().getSysUser().getStatus()))
-        {
-            log.info("登录用户：{} 已被停用.", username);
-            throw new BaseException("对不起，您的账号：" + username + " 已停用");
-        }
-    }
-
-    private UserDetails getUserDetails(R<UserInfo> result)
-    {
-        UserInfo info = result.getData();
-        Set<String> dbAuthsSet = new HashSet<String>();
-        if (StringUtils.isNotEmpty(info.getRoles()))
-        {
-            // 获取角色
-            dbAuthsSet.addAll(info.getRoles());
-            // 获取权限
-            dbAuthsSet.addAll(info.getPermissions());
-        }
-
-        Collection<? extends GrantedAuthority> authorities = AuthorityUtils
-                .createAuthorityList(dbAuthsSet.toArray(new String[0]));
-        SysUser user = info.getSysUser();
-
-        return new LoginUser(user.getUserId(), user.getUserName(), user.getPassword(), true, true, true, true,
-                authorities);
-    }
-}

ruoyi-common/ruoyi-common-security/src/main/java/com/ruoyi/common/security/utils/SecurityUtils.java

@@ -1,9 +1,9 @@
 package com.ruoyi.common.security.utils;
 
-import org.springframework.security.core.Authentication;
-import org.springframework.security.core.context.SecurityContextHolder;
 import org.springframework.security.crypto.bcrypt.BCryptPasswordEncoder;
-import com.ruoyi.common.security.domain.LoginUser;
+import com.ruoyi.common.core.constant.CacheConstants;
+import com.ruoyi.common.core.text.Convert;
+import com.ruoyi.common.core.utils.ServletUtils;
 
 /**
  * 权限获取工具类
@@ -12,46 +12,31 @@ import com.ruoyi.common.security.domain.LoginUser;
  */
 public class SecurityUtils
 {
-    /**
-     * 获取Authentication
-     */
-    public static Authentication getAuthentication()
-    {
-        return SecurityContextHolder.getContext().getAuthentication();
-    }
-
     /**
      * 获取用户
      */
     public static String getUsername()
     {
-        return getLoginUser().getUsername();
+        return ServletUtils.getRequest().getHeader(CacheConstants.DETAILS_USERNAME);
     }
 
     /**
-     * 获取用户
+     * 获取用户ID
      */
-    public static LoginUser getLoginUser(Authentication authentication)
+    public static Long getUserId()
     {
-        Object principal = authentication.getPrincipal();
+        return Convert.toLong(ServletUtils.getRequest().getHeader(CacheConstants.DETAILS_USER_ID));
-        if (principal instanceof LoginUser)
-        {
-            return (LoginUser) principal;
-        }
-        return null;
     }
 
     /**
-     * 获取用户
+     * 是否为管理员
+     * 
+     * @param userId 用户ID
+     * @return 结果
      */
-    public static LoginUser getLoginUser()
+    public static boolean isAdmin(Long userId)
     {
-        Authentication authentication = getAuthentication();
+        return userId != null && 1L == userId;
-        if (authentication == null)
-        {
-            return null;
-        }
-        return getLoginUser(authentication);
     }
 
     /**
@@ -78,15 +63,4 @@ public class SecurityUtils
         BCryptPasswordEncoder passwordEncoder = new BCryptPasswordEncoder();
         return passwordEncoder.matches(rawPassword, encodedPassword);
     }
-
-    /**
-     * 是否为管理员
-     * 
-     * @param userId 用户ID
-     * @return 结果
-     */
-    public static boolean isAdmin(Long userId)
-    {
-        return userId != null && 1L == userId;
-    }
 }

ruoyi-common/ruoyi-common-security/src/main/resources/META-INF/spring.factories

@@ -1,5 +1,4 @@
 org.springframework.boot.autoconfigure.EnableAutoConfiguration=\
-  com.ruoyi.common.security.service.UserDetailsServiceImpl,\
+  com.ruoyi.common.security.service.TokenService,\
-  com.ruoyi.common.security.handler.CustomAccessDeniedHandler
+  com.ruoyi.common.security.aspect.PreAuthorizeAspect,\
-
+  com.ruoyi.common.security.handler.GlobalExceptionHandler
-  

ruoyi-common/ruoyi-common-swagger/pom.xml

@@ -5,7 +5,7 @@
     <parent>
         <groupId>com.ruoyi</groupId>
         <artifactId>ruoyi-common</artifactId>
-        <version>2.0.0</version>
+        <version>2.2.0</version>
     </parent>
     <modelVersion>4.0.0</modelVersion>
     

ruoyi-common/ruoyi-common-swagger/src/main/java/com/ruoyi/common/swagger/config/SwaggerAutoConfiguration.java

@@ -2,7 +2,6 @@ package com.ruoyi.common.swagger.config;
 
 import java.util.ArrayList;
 import java.util.Arrays;
-import java.util.Collections;
 import java.util.List;
 import org.springframework.boot.autoconfigure.EnableAutoConfiguration;
 import org.springframework.boot.autoconfigure.condition.ConditionalOnMissingBean;
@@ -15,11 +14,9 @@ import springfox.documentation.builders.ApiInfoBuilder;
 import springfox.documentation.builders.PathSelectors;
 import springfox.documentation.builders.RequestHandlerSelectors;
 import springfox.documentation.service.ApiInfo;
+import springfox.documentation.service.ApiKey;
 import springfox.documentation.service.AuthorizationScope;
 import springfox.documentation.service.Contact;
-import springfox.documentation.service.GrantType;
-import springfox.documentation.service.OAuth;
-import springfox.documentation.service.ResourceOwnerPasswordCredentialsGrant;
 import springfox.documentation.service.SecurityReference;
 import springfox.documentation.spi.DocumentationType;
 import springfox.documentation.spi.service.contexts.SecurityContext;
@@ -73,22 +70,33 @@ public class SwaggerAutoConfiguration
                 .apis(RequestHandlerSelectors.basePackage(swaggerProperties.getBasePackage()))
                 .paths(Predicates.and(Predicates.not(Predicates.or(excludePath)), Predicates.or(basePath)))
                 .build()
-                .securitySchemes(Collections.singletonList(securitySchema()))
+                .securitySchemes(securitySchemes())
-                .securityContexts(Collections.singletonList(securityContext()))
+                .securityContexts(securityContexts())
                 .pathMapping("/");
     }
 
     /**
-      * 配置默认的全局鉴权策略的开关，通过正则表达式进行匹配；默认匹配所有URL
+     * 安全模式，这里指定token通过Authorization头请求头传递
-      *
-      * @return
      */
-    private SecurityContext securityContext()
+    private List<ApiKey> securitySchemes()
     {
-         return SecurityContext.builder()
+        List<ApiKey> apiKeyList = new ArrayList<ApiKey>();
+        apiKeyList.add(new ApiKey("Authorization", "Authorization", "header"));
+        return apiKeyList;
+    }
+
+    /**
+     * 安全上下文
+     */
+    private List<SecurityContext> securityContexts()
+    {
+        List<SecurityContext> securityContexts = new ArrayList<>();
+        securityContexts.add(
+                SecurityContext.builder()
                         .securityReferences(defaultAuth())
-             .forPaths(PathSelectors.regex(swaggerProperties().getAuthorization().getAuthRegex()))
+                        .forPaths(PathSelectors.regex("^(?!auth).*$"))
-             .build();
+                        .build());
+        return securityContexts;
     }
 
     /**
@@ -98,22 +106,12 @@ public class SwaggerAutoConfiguration
      */
     private List<SecurityReference> defaultAuth()
     {
-         ArrayList<AuthorizationScope> authorizationScopeList = new ArrayList<>();
+        AuthorizationScope authorizationScope = new AuthorizationScope("global", "accessEverything");
-         swaggerProperties().getAuthorization().getAuthorizationScopeList().forEach(authorizationScope -> authorizationScopeList.add(new AuthorizationScope(authorizationScope.getScope(), authorizationScope.getDescription())));
+        AuthorizationScope[] authorizationScopes = new AuthorizationScope[1];
-         AuthorizationScope[] authorizationScopes = new AuthorizationScope[authorizationScopeList.size()];
+        authorizationScopes[0] = authorizationScope;
-         return Collections.singletonList(SecurityReference.builder()
+        List<SecurityReference> securityReferences = new ArrayList<>();
-             .reference(swaggerProperties().getAuthorization().getName())
+        securityReferences.add(new SecurityReference("Authorization", authorizationScopes));
-             .scopes(authorizationScopeList.toArray(authorizationScopes))
+        return securityReferences;
-             .build());
-    }
-
-    private OAuth securitySchema()
-    {
-        ArrayList<AuthorizationScope> authorizationScopeList = new ArrayList<>();
-        swaggerProperties().getAuthorization().getAuthorizationScopeList().forEach(authorizationScope -> authorizationScopeList.add(new AuthorizationScope(authorizationScope.getScope(), authorizationScope.getDescription())));
-        ArrayList<GrantType> grantTypes = new ArrayList<>();
-        swaggerProperties().getAuthorization().getTokenUrlList().forEach(tokenUrl -> grantTypes.add(new ResourceOwnerPasswordCredentialsGrant(tokenUrl)));
-        return new OAuth(swaggerProperties().getAuthorization().getName(), authorizationScopeList, grantTypes);
     }
 
     private ApiInfo apiInfo(SwaggerProperties swaggerProperties)
@@ -129,4 +127,3 @@ public class SwaggerAutoConfiguration
              .build();
     }
 }
-

ruoyi-common/ruoyi-common-swagger/src/main/java/com/ruoyi/common/swagger/config/SwaggerProperties.java

@@ -3,7 +3,9 @@ package com.ruoyi.common.swagger.config;
 import java.util.ArrayList;
 import java.util.List;
 import org.springframework.boot.context.properties.ConfigurationProperties;
+import org.springframework.stereotype.Component;
 
+@Component
 @ConfigurationProperties("swagger")
 public class SwaggerProperties
 {

ruoyi-gateway/pom.xml

@@ -4,7 +4,7 @@
     <parent>
         <groupId>com.ruoyi</groupId>
         <artifactId>ruoyi</artifactId>
-        <version>2.0.0</version>
+        <version>2.2.0</version>
     </parent>
     <modelVersion>4.0.0</modelVersion>
 

ruoyi-gateway/src/main/java/com/ruoyi/gateway/config/CaptchaConfig.java

@@ -5,6 +5,7 @@ import org.springframework.context.annotation.Bean;
 import org.springframework.context.annotation.Configuration;
 import com.google.code.kaptcha.impl.DefaultKaptcha;
 import com.google.code.kaptcha.util.Config;
+import static com.google.code.kaptcha.Constants.*;
 
 /**
  * 验证码配置
@@ -14,42 +15,67 @@ import com.google.code.kaptcha.util.Config;
 @Configuration
 public class CaptchaConfig
 {
+    @Bean(name = "captchaProducer")
+    public DefaultKaptcha getKaptchaBean()
+    {
+        DefaultKaptcha defaultKaptcha = new DefaultKaptcha();
+        Properties properties = new Properties();
+        // 是否有边框 默认为true 我们可以自己设置yes，no
+        properties.setProperty(KAPTCHA_BORDER, "yes");
+        // 验证码文本字符颜色 默认为Color.BLACK
+        properties.setProperty(KAPTCHA_TEXTPRODUCER_FONT_COLOR, "black");
+        // 验证码图片宽度 默认为200
+        properties.setProperty(KAPTCHA_IMAGE_WIDTH, "160");
+        // 验证码图片高度 默认为50
+        properties.setProperty(KAPTCHA_IMAGE_HEIGHT, "60");
+        // 验证码文本字符大小 默认为40
+        properties.setProperty(KAPTCHA_TEXTPRODUCER_FONT_SIZE, "38");
+        // KAPTCHA_SESSION_KEY
+        properties.setProperty(KAPTCHA_SESSION_CONFIG_KEY, "kaptchaCode");
+        // 验证码文本字符长度 默认为5
+        properties.setProperty(KAPTCHA_TEXTPRODUCER_CHAR_LENGTH, "4");
+        // 验证码文本字体样式 默认为new Font("Arial", 1, fontSize), new Font("Courier", 1, fontSize)
+        properties.setProperty(KAPTCHA_TEXTPRODUCER_FONT_NAMES, "Arial,Courier");
+        // 图片样式 水纹com.google.code.kaptcha.impl.WaterRipple 鱼眼com.google.code.kaptcha.impl.FishEyeGimpy 阴影com.google.code.kaptcha.impl.ShadowGimpy
+        properties.setProperty(KAPTCHA_OBSCURIFICATOR_IMPL, "com.google.code.kaptcha.impl.ShadowGimpy");
+        Config config = new Config(properties);
+        defaultKaptcha.setConfig(config);
+        return defaultKaptcha;
+    }
+    
     @Bean(name = "captchaProducerMath")
     public DefaultKaptcha getKaptchaBeanMath()
     {
         DefaultKaptcha defaultKaptcha = new DefaultKaptcha();
         Properties properties = new Properties();
         // 是否有边框 默认为true 我们可以自己设置yes，no
-        properties.setProperty("kaptcha.border", "yes");
+        properties.setProperty(KAPTCHA_BORDER, "yes");
         // 边框颜色 默认为Color.BLACK
-        properties.setProperty("kaptcha.border.color", "105,179,90");
+        properties.setProperty(KAPTCHA_BORDER_COLOR, "105,179,90");
         // 验证码文本字符颜色 默认为Color.BLACK
-        properties.setProperty("kaptcha.textproducer.font.color", "blue");
+        properties.setProperty(KAPTCHA_TEXTPRODUCER_FONT_COLOR, "blue");
         // 验证码图片宽度 默认为200
-        properties.setProperty("kaptcha.image.width", "160");
+        properties.setProperty(KAPTCHA_IMAGE_WIDTH, "160");
         // 验证码图片高度 默认为50
-        properties.setProperty("kaptcha.image.height", "60");
+        properties.setProperty(KAPTCHA_IMAGE_HEIGHT, "60");
         // 验证码文本字符大小 默认为40
-        properties.setProperty("kaptcha.textproducer.font.size", "35");
+        properties.setProperty(KAPTCHA_TEXTPRODUCER_FONT_SIZE, "35");
         // KAPTCHA_SESSION_KEY
-        properties.setProperty("kaptcha.session.key", "kaptchaCodeMath");
+        properties.setProperty(KAPTCHA_SESSION_CONFIG_KEY, "kaptchaCodeMath");
         // 验证码文本生成器
-        properties.setProperty("kaptcha.textproducer.impl", "com.ruoyi.gateway.config.KaptchaTextCreator");
+        properties.setProperty(KAPTCHA_TEXTPRODUCER_IMPL, "com.ruoyi.gateway.config.KaptchaTextCreator");
         // 验证码文本字符间距 默认为2
-        properties.setProperty("kaptcha.textproducer.char.space", "3");
+        properties.setProperty(KAPTCHA_TEXTPRODUCER_CHAR_SPACE, "3");
         // 验证码文本字符长度 默认为5
-        properties.setProperty("kaptcha.textproducer.char.length", "6");
+        properties.setProperty(KAPTCHA_TEXTPRODUCER_CHAR_LENGTH, "6");
-        // 验证码文本字体样式 默认为new Font("Arial", 1, fontSize), new Font("Courier", 1,
+        // 验证码文本字体样式 默认为new Font("Arial", 1, fontSize), new Font("Courier", 1, fontSize)
-        // fontSize)
+        properties.setProperty(KAPTCHA_TEXTPRODUCER_FONT_NAMES, "Arial,Courier");
-        properties.setProperty("kaptcha.textproducer.font.names", "Arial,Courier");
         // 验证码噪点颜色 默认为Color.BLACK
-        properties.setProperty("kaptcha.noise.color", "white");
+        properties.setProperty(KAPTCHA_NOISE_COLOR, "white");
         // 干扰实现类
-        properties.setProperty("kaptcha.noise.impl", "com.google.code.kaptcha.impl.NoNoise");
+        properties.setProperty(KAPTCHA_NOISE_IMPL, "com.google.code.kaptcha.impl.NoNoise");
-        // 图片样式 水纹com.google.code.kaptcha.impl.WaterRipple
+        // 图片样式 水纹com.google.code.kaptcha.impl.WaterRipple 鱼眼com.google.code.kaptcha.impl.FishEyeGimpy 阴影com.google.code.kaptcha.impl.ShadowGimpy
-        // 鱼眼com.google.code.kaptcha.impl.FishEyeGimpy
+        properties.setProperty(KAPTCHA_OBSCURIFICATOR_IMPL, "com.google.code.kaptcha.impl.ShadowGimpy");
-        // 阴影com.google.code.kaptcha.impl.ShadowGimpy
-        properties.setProperty("kaptcha.obscurificator.impl", "com.google.code.kaptcha.impl.ShadowGimpy");
         Config config = new Config(properties);
         defaultKaptcha.setConfig(config);
         return defaultKaptcha;

ruoyi-gateway/src/main/java/com/ruoyi/gateway/config/properties/IgnoreWhiteProperties.java

@@ -0,0 +1,33 @@
+package com.ruoyi.gateway.config.properties;
+
+import java.util.ArrayList;
+import java.util.List;
+import org.springframework.boot.context.properties.ConfigurationProperties;
+import org.springframework.cloud.context.config.annotation.RefreshScope;
+import org.springframework.context.annotation.Configuration;
+
+/**
+ * 放行白名单配置
+ * 
+ * @author ruoyi
+ */
+@Configuration
+@RefreshScope
+@ConfigurationProperties(prefix = "ignore")
+public class IgnoreWhiteProperties
+{
+    /**
+     * 放行白名单配置，网关不校验此处的白名单
+     */
+    private List<String> whites = new ArrayList<>();
+
+    public List<String> getWhites()
+    {
+        return whites;
+    }
+
+    public void setWhites(List<String> whites)
+    {
+        this.whites = whites;
+    }
+}

ruoyi-gateway/src/main/java/com/ruoyi/gateway/filter/AuthFilter.java

@@ -0,0 +1,124 @@
+package com.ruoyi.gateway.filter;
+
+import javax.annotation.Resource;
+import org.slf4j.Logger;
+import org.slf4j.LoggerFactory;
+import org.springframework.beans.factory.annotation.Autowired;
+import org.springframework.cloud.gateway.filter.GatewayFilterChain;
+import org.springframework.cloud.gateway.filter.GlobalFilter;
+import org.springframework.core.Ordered;
+import org.springframework.core.io.buffer.DataBufferFactory;
+import org.springframework.data.redis.core.ValueOperations;
+import org.springframework.http.HttpStatus;
+import org.springframework.http.MediaType;
+import org.springframework.http.server.reactive.ServerHttpRequest;
+import org.springframework.http.server.reactive.ServerHttpResponse;
+import org.springframework.stereotype.Component;
+import org.springframework.web.server.ServerWebExchange;
+import com.alibaba.fastjson.JSON;
+import com.alibaba.fastjson.JSONObject;
+import com.ruoyi.common.core.constant.CacheConstants;
+import com.ruoyi.common.core.constant.Constants;
+import com.ruoyi.common.core.domain.R;
+import com.ruoyi.common.core.utils.StringUtils;
+import com.ruoyi.common.redis.service.RedisService;
+import com.ruoyi.gateway.config.properties.IgnoreWhiteProperties;
+import reactor.core.publisher.Mono;
+
+/**
+ * 网关鉴权
+ * 
+ * @author ruoyi
+ */
+@Component
+public class AuthFilter implements GlobalFilter, Ordered
+{
+    private static final Logger log = LoggerFactory.getLogger(AuthFilter.class);
+    
+    private final static long EXPIRE_TIME = Constants.TOKEN_EXPIRE * 60;
+
+    // 排除过滤的 uri 地址，nacos自行添加
+    @Autowired
+    private IgnoreWhiteProperties ignoreWhite;
+
+    @Resource(name = "stringRedisTemplate")
+    private ValueOperations<String, String> sops;
+    
+    @Autowired
+    private RedisService redisService;
+
+    @Override
+    public Mono<Void> filter(ServerWebExchange exchange, GatewayFilterChain chain)
+    {
+        String url = exchange.getRequest().getURI().getPath();
+        // 跳过不需要验证的路径
+        if (StringUtils.matches(url, ignoreWhite.getWhites()))
+        {
+            return chain.filter(exchange);
+        }
+        String token = getToken(exchange.getRequest());
+        if (StringUtils.isBlank(token))
+        {
+            return setUnauthorizedResponse(exchange, "令牌不能为空");
+        }
+        String userStr = sops.get(getTokenKey(token));
+        if (StringUtils.isNull(userStr))
+        {
+            return setUnauthorizedResponse(exchange, "登录状态已过期");
+        }
+        JSONObject obj = JSONObject.parseObject(userStr);
+        String userid = obj.getString("userid");
+        String username = obj.getString("username");
+        if (StringUtils.isBlank(userid) || StringUtils.isBlank(username))
+        {
+            return setUnauthorizedResponse(exchange, "令牌验证失败");
+        }
+        
+        // 设置过期时间
+        redisService.expire(getTokenKey(token), EXPIRE_TIME);
+        // 设置用户信息到请求
+        ServerHttpRequest mutableReq = exchange.getRequest().mutate().header(CacheConstants.DETAILS_USER_ID, userid)
+                .header(CacheConstants.DETAILS_USERNAME, username).build();
+        ServerWebExchange mutableExchange = exchange.mutate().request(mutableReq).build();
+
+        return chain.filter(mutableExchange);
+    }
+
+    private Mono<Void> setUnauthorizedResponse(ServerWebExchange exchange, String msg)
+    {
+        ServerHttpResponse response = exchange.getResponse();
+        response.getHeaders().setContentType(MediaType.APPLICATION_JSON);
+        response.setStatusCode(HttpStatus.OK);
+
+        log.error("[鉴权异常处理]请求路径:{}", exchange.getRequest().getPath());
+
+        return response.writeWith(Mono.fromSupplier(() -> {
+            DataBufferFactory bufferFactory = response.bufferFactory();
+            return bufferFactory.wrap(JSON.toJSONBytes(R.fail(msg)));
+        }));
+    }
+
+    private String getTokenKey(String token)
+    {
+        return CacheConstants.LOGIN_TOKEN_KEY + token;
+    }
+
+    /**
+     * 获取请求token
+     */
+    private String getToken(ServerHttpRequest request)
+    {
+        String token = request.getHeaders().getFirst(CacheConstants.HEADER);
+        if (StringUtils.isNotEmpty(token) && token.startsWith(CacheConstants.TOKEN_PREFIX))
+        {
+            token = token.replace(CacheConstants.TOKEN_PREFIX, "");
+        }
+        return token;
+    }
+
+    @Override
+    public int getOrder()
+    {
+        return -200;
+    }
+}

ruoyi-gateway/src/main/java/com/ruoyi/gateway/filter/BlackListUrlFilter.java

@@ -0,0 +1,70 @@
+package com.ruoyi.gateway.filter;
+
+import java.util.ArrayList;
+import java.util.List;
+import java.util.regex.Pattern;
+import org.springframework.cloud.gateway.filter.GatewayFilter;
+import org.springframework.cloud.gateway.filter.factory.AbstractGatewayFilterFactory;
+import org.springframework.http.server.reactive.ServerHttpResponse;
+import org.springframework.stereotype.Component;
+import com.alibaba.fastjson.JSON;
+import com.ruoyi.common.core.web.domain.AjaxResult;
+import reactor.core.publisher.Mono;
+
+/**
+ * 黑名单过滤器
+ * 
+ * @author ruoyi
+ */
+@Component
+public class BlackListUrlFilter extends AbstractGatewayFilterFactory<BlackListUrlFilter.Config>
+{
+    @Override
+    public GatewayFilter apply(Config config)
+    {
+        return (exchange, chain) -> {
+
+            String url = exchange.getRequest().getURI().getPath();
+            if (config.matchBlacklist(url))
+            {
+                ServerHttpResponse response = exchange.getResponse();
+                return exchange.getResponse().writeWith(
+                        Mono.just(response.bufferFactory().wrap(JSON.toJSONBytes(AjaxResult.error("服务拒绝访问")))));
+            }
+
+            return chain.filter(exchange);
+        };
+    }
+
+    public BlackListUrlFilter()
+    {
+        super(Config.class);
+    }
+
+    public static class Config
+    {
+        private List<String> blacklistUrl;
+
+        private List<Pattern> blacklistUrlPattern = new ArrayList<>();
+
+        public boolean matchBlacklist(String url)
+        {
+            return blacklistUrlPattern.isEmpty() ? false : blacklistUrlPattern.stream().filter(p -> p.matcher(url).find()).findAny().isPresent();
+        }
+
+        public List<String> getBlacklistUrl()
+        {
+            return blacklistUrl;
+        }
+
+        public void setBlacklistUrl(List<String> blacklistUrl)
+        {
+            this.blacklistUrl = blacklistUrl;
+            this.blacklistUrlPattern.clear();
+            this.blacklistUrl.forEach(url -> {
+                this.blacklistUrlPattern.add(Pattern.compile(url.replaceAll("\\*\\*", "(.*?)"), Pattern.CASE_INSENSITIVE));
+            });
+        }
+    }
+
+}

ruoyi-gateway/src/main/java/com/ruoyi/gateway/filter/CacheRequestFilter.java

@@ -0,0 +1,100 @@
+package com.ruoyi.gateway.filter;
+
+import java.util.Collections;
+import java.util.List;
+import org.springframework.cloud.gateway.filter.GatewayFilter;
+import org.springframework.cloud.gateway.filter.GatewayFilterChain;
+import org.springframework.cloud.gateway.filter.OrderedGatewayFilter;
+import org.springframework.cloud.gateway.filter.factory.AbstractGatewayFilterFactory;
+import org.springframework.core.io.buffer.DataBuffer;
+import org.springframework.core.io.buffer.DataBufferFactory;
+import org.springframework.core.io.buffer.DataBufferUtils;
+import org.springframework.http.HttpMethod;
+import org.springframework.http.server.reactive.ServerHttpRequestDecorator;
+import org.springframework.stereotype.Component;
+import org.springframework.web.server.ServerWebExchange;
+import reactor.core.publisher.Flux;
+import reactor.core.publisher.Mono;
+
+@Component
+public class CacheRequestFilter extends AbstractGatewayFilterFactory<CacheRequestFilter.Config>
+{
+    public CacheRequestFilter()
+    {
+        super(Config.class);
+    }
+
+    @Override
+    public String name()
+    {
+        return "CacheRequestFilter";
+    }
+
+    @Override
+    public GatewayFilter apply(Config config)
+    {
+        CacheRequestGatewayFilter cacheRequestGatewayFilter = new CacheRequestGatewayFilter();
+        Integer order = config.getOrder();
+        if (order == null)
+        {
+            return cacheRequestGatewayFilter;
+        }
+        return new OrderedGatewayFilter(cacheRequestGatewayFilter, order);
+    }
+
+    public static class CacheRequestGatewayFilter implements GatewayFilter
+    {
+        @Override
+        public Mono<Void> filter(ServerWebExchange exchange, GatewayFilterChain chain)
+        {
+            // GET DELETE 不过滤
+            HttpMethod method = exchange.getRequest().getMethod();
+            if (method == null || method.matches("GET") || method.matches("DELETE"))
+            {
+                return chain.filter(exchange);
+            }
+            return DataBufferUtils.join(exchange.getRequest().getBody()).map(dataBuffer -> {
+                byte[] bytes = new byte[dataBuffer.readableByteCount()];
+                dataBuffer.read(bytes);
+                DataBufferUtils.release(dataBuffer);
+                return bytes;
+            }).defaultIfEmpty(new byte[0]).flatMap(bytes -> {
+                DataBufferFactory dataBufferFactory = exchange.getResponse().bufferFactory();
+                ServerHttpRequestDecorator decorator = new ServerHttpRequestDecorator(exchange.getRequest())
+                {
+                    @Override
+                    public Flux<DataBuffer> getBody()
+                    {
+                        if (bytes.length > 0)
+                        {
+                            return Flux.just(dataBufferFactory.wrap(bytes));
+                        }
+                        return Flux.empty();
+                    }
+                };
+                return chain.filter(exchange.mutate().request(decorator).build());
+            });
+        }
+    }
+
+    @Override
+    public List<String> shortcutFieldOrder()
+    {
+        return Collections.singletonList("order");
+    }
+
+    static class Config
+    {
+        private Integer order;
+
+        public Integer getOrder()
+        {
+            return order;
+        }
+
+        public void setOrder(Integer order)
+        {
+            this.order = order;
+        }
+    }
+}

ruoyi-gateway/src/main/java/com/ruoyi/gateway/filter/ValidateCodeFilter.java

@@ -1,16 +1,22 @@
 package com.ruoyi.gateway.filter;
 
+import java.nio.CharBuffer;
+import java.nio.charset.StandardCharsets;
+import java.util.concurrent.atomic.AtomicReference;
 import org.springframework.beans.factory.annotation.Autowired;
 import org.springframework.cloud.gateway.filter.GatewayFilter;
 import org.springframework.cloud.gateway.filter.factory.AbstractGatewayFilterFactory;
-import org.springframework.http.HttpHeaders;
+import org.springframework.core.io.buffer.DataBuffer;
+import org.springframework.core.io.buffer.DataBufferUtils;
 import org.springframework.http.server.reactive.ServerHttpRequest;
 import org.springframework.http.server.reactive.ServerHttpResponse;
 import org.springframework.stereotype.Component;
 import com.alibaba.fastjson.JSON;
+import com.alibaba.fastjson.JSONObject;
 import com.ruoyi.common.core.utils.StringUtils;
 import com.ruoyi.common.core.web.domain.AjaxResult;
 import com.ruoyi.gateway.service.ValidateCodeService;
+import reactor.core.publisher.Flux;
 import reactor.core.publisher.Mono;
 
 /**
@@ -21,13 +27,11 @@ import reactor.core.publisher.Mono;
 @Component
 public class ValidateCodeFilter extends AbstractGatewayFilterFactory<Object>
 {
-    private final static String AUTH_URL = "/oauth/token";
+    private final static String AUTH_URL = "/auth/login";
 
     @Autowired
     private ValidateCodeService validateCodeService;
 
-    private static final String BASIC_ = "Basic ";
-
     private static final String CODE = "code";
 
     private static final String UUID = "uuid";
@@ -44,25 +48,33 @@ public class ValidateCodeFilter extends AbstractGatewayFilterFactory<Object>
                 return chain.filter(exchange);
             }
 
-            // 消息头存在内容，且不存在验证码参数，不处理
-            String header = request.getHeaders().getFirst(HttpHeaders.AUTHORIZATION);
-            if (StringUtils.isNotEmpty(header) && StringUtils.startsWith(header, BASIC_)
-                    && !request.getQueryParams().containsKey(CODE) && !request.getQueryParams().containsKey(UUID))
-            {
-                return chain.filter(exchange);
-            }
             try
             {
-                validateCodeService.checkCapcha(request.getQueryParams().getFirst(CODE),
+                String rspStr = resolveBodyFromRequest(request);
-                        request.getQueryParams().getFirst(UUID));
+                JSONObject obj = JSONObject.parseObject(rspStr);
+                validateCodeService.checkCapcha(obj.getString(CODE), obj.getString(UUID));
             }
             catch (Exception e)
             {
                 ServerHttpResponse response = exchange.getResponse();
+                response.getHeaders().add("Content-Type", "application/json;charset=UTF-8");
                 return exchange.getResponse().writeWith(
                         Mono.just(response.bufferFactory().wrap(JSON.toJSONBytes(AjaxResult.error(e.getMessage())))));
             }
             return chain.filter(exchange);
         };
     }
+
+    private String resolveBodyFromRequest(ServerHttpRequest serverHttpRequest)
+    {
+        // 获取请求体
+        Flux<DataBuffer> body = serverHttpRequest.getBody();
+        AtomicReference<String> bodyRef = new AtomicReference<>();
+        body.subscribe(buffer -> {
+            CharBuffer charBuffer = StandardCharsets.UTF_8.decode(buffer.asByteBuffer());
+            DataBufferUtils.release(buffer);
+            bodyRef.set(charBuffer.toString());
+        });
+        return bodyRef.get();
+    }
 }

ruoyi-gateway/src/main/java/com/ruoyi/gateway/handler/GatewayExceptionHandler.java

@@ -0,0 +1,66 @@
+package com.ruoyi.gateway.handler;
+
+import org.springframework.cloud.gateway.support.NotFoundException;
+import org.slf4j.Logger;
+import org.slf4j.LoggerFactory;
+import org.springframework.boot.web.reactive.error.ErrorWebExceptionHandler;
+import org.springframework.context.annotation.Configuration;
+import org.springframework.core.annotation.Order;
+import org.springframework.core.io.buffer.DataBufferFactory;
+import org.springframework.http.HttpStatus;
+import org.springframework.http.MediaType;
+import org.springframework.http.server.reactive.ServerHttpResponse;
+import org.springframework.web.server.ResponseStatusException;
+import org.springframework.web.server.ServerWebExchange;
+import com.alibaba.fastjson.JSON;
+import com.ruoyi.common.core.domain.R;
+import reactor.core.publisher.Mono;
+
+/**
+ * 网关统一异常处理
+ *
+ * @author ruoyi
+ */
+@Order(-1)
+@Configuration
+public class GatewayExceptionHandler implements ErrorWebExceptionHandler
+{
+    private static final Logger log = LoggerFactory.getLogger(GatewayExceptionHandler.class);
+
+    @Override
+    public Mono<Void> handle(ServerWebExchange exchange, Throwable ex)
+    {
+        ServerHttpResponse response = exchange.getResponse();
+
+        if (exchange.getResponse().isCommitted())
+        {
+            return Mono.error(ex);
+        }
+
+        String msg;
+
+        if (ex instanceof NotFoundException)
+        {
+            msg = "服务未找到";
+        }
+        else if (ex instanceof ResponseStatusException)
+        {
+            ResponseStatusException responseStatusException = (ResponseStatusException) ex;
+            msg = responseStatusException.getMessage();
+        }
+        else
+        {
+            msg = "内部服务器错误";
+        }
+
+        log.error("[网关异常处理]请求路径:{},异常信息:{}", exchange.getRequest().getPath(), ex.getMessage());
+
+        response.getHeaders().setContentType(MediaType.APPLICATION_JSON);
+        response.setStatusCode(HttpStatus.OK);
+
+        return response.writeWith(Mono.fromSupplier(() -> {
+            DataBufferFactory bufferFactory = response.bufferFactory();
+            return bufferFactory.wrap(JSON.toJSONBytes(R.fail(msg)));
+        }));
+    }
+}

ruoyi-gateway/src/main/java/com/ruoyi/gateway/service/impl/ValidateCodeServiceImpl.java

@@ -3,6 +3,7 @@ package com.ruoyi.gateway.service.impl;
 import java.awt.image.BufferedImage;
 import java.io.IOException;
 import java.util.concurrent.TimeUnit;
+import javax.annotation.Resource;
 import javax.imageio.ImageIO;
 import org.springframework.beans.factory.annotation.Autowired;
 import org.springframework.stereotype.Service;
@@ -25,28 +26,46 @@ import com.ruoyi.gateway.service.ValidateCodeService;
 @Service
 public class ValidateCodeServiceImpl implements ValidateCodeService
 {
-    @Autowired
+    @Resource(name = "captchaProducer")
-    private Producer producer;
+    private Producer captchaProducer;
+
+    @Resource(name = "captchaProducerMath")
+    private Producer captchaProducerMath;
 
     @Autowired
     private RedisService redisService;
 
+    // 验证码类型
+    private String captchaType = "math";
+
     /**
      * 生成验证码
      */
     @Override
     public AjaxResult createCapcha() throws IOException, CaptchaException
     {
-        // 生成验证码
-        String capText = producer.createText();
-        String capStr = capText.substring(0, capText.lastIndexOf("@"));
-        String verifyCode = capText.substring(capText.lastIndexOf("@") + 1);
-        BufferedImage image = producer.createImage(capStr);
         // 保存验证码信息
         String uuid = IdUtils.simpleUUID();
         String verifyKey = Constants.CAPTCHA_CODE_KEY + uuid;
 
-        redisService.setCacheObject(verifyKey, verifyCode, Constants.CAPTCHA_EXPIRATION, TimeUnit.MINUTES);
+        String capStr = null, code = null;
+        BufferedImage image = null;
+
+        // 生成验证码
+        if ("math".equals(captchaType))
+        {
+            String capText = captchaProducerMath.createText();
+            capStr = capText.substring(0, capText.lastIndexOf("@"));
+            code = capText.substring(capText.lastIndexOf("@") + 1);
+            image = captchaProducerMath.createImage(capStr);
+        }
+        else if ("char".equals(captchaType))
+        {
+            capStr = code = captchaProducer.createText();
+            image = captchaProducer.createImage(capStr);
+        }
+
+        redisService.setCacheObject(verifyKey, code, Constants.CAPTCHA_EXPIRATION, TimeUnit.MINUTES);
         // 转换流信息写出
         FastByteArrayOutputStream os = new FastByteArrayOutputStream();
         try

ruoyi-modules/pom.xml

@@ -4,7 +4,7 @@
     <parent>
         <groupId>com.ruoyi</groupId>
         <artifactId>ruoyi</artifactId>
-        <version>2.0.0</version>
+        <version>2.2.0</version>
     </parent>
     <modelVersion>4.0.0</modelVersion>
 

ruoyi-modules/ruoyi-gen/pom.xml

@@ -5,7 +5,7 @@
     <parent>
         <groupId>com.ruoyi</groupId>
         <artifactId>ruoyi-modules</artifactId>
-        <version>2.0.0</version>
+        <version>2.2.0</version>
     </parent>
     <modelVersion>4.0.0</modelVersion>
 
@@ -35,10 +35,10 @@
             <artifactId>spring-cloud-starter-alibaba-sentinel</artifactId>
         </dependency>
         
-        <!-- SpringBoot Web -->
+        <!-- SpringBoot Actuator -->
         <dependency>
             <groupId>org.springframework.boot</groupId>
-            <artifactId>spring-boot-starter-web</artifactId>
+            <artifactId>spring-boot-starter-actuator</artifactId>
         </dependency>
 		
         <!-- Swagger -->

ruoyi-modules/ruoyi-gen/src/main/java/com/ruoyi/gen/controller/GenController.java

@@ -7,7 +7,6 @@ import java.util.Map;
 import javax.servlet.http.HttpServletResponse;
 import org.apache.commons.io.IOUtils;
 import org.springframework.beans.factory.annotation.Autowired;
-import org.springframework.security.access.prepost.PreAuthorize;
 import org.springframework.validation.annotation.Validated;
 import org.springframework.web.bind.annotation.DeleteMapping;
 import org.springframework.web.bind.annotation.GetMapping;
@@ -23,6 +22,7 @@ import com.ruoyi.common.core.web.domain.AjaxResult;
 import com.ruoyi.common.core.web.page.TableDataInfo;
 import com.ruoyi.common.log.annotation.Log;
 import com.ruoyi.common.log.enums.BusinessType;
+import com.ruoyi.common.security.annotation.PreAuthorize;
 import com.ruoyi.gen.domain.GenTable;
 import com.ruoyi.gen.domain.GenTableColumn;
 import com.ruoyi.gen.service.IGenTableColumnService;
@@ -46,7 +46,7 @@ public class GenController extends BaseController
     /**
      * 查询代码生成列表
      */
-    @PreAuthorize("@ss.hasPermi('tool:gen:list')")
+    @PreAuthorize(hasPermi = "tool:gen:list")
     @GetMapping("/list")
     public TableDataInfo genList(GenTable genTable)
     {
@@ -58,7 +58,7 @@ public class GenController extends BaseController
     /**
      * 修改代码生成业务
      */
-    @PreAuthorize("@ss.hasPermi('tool:gen:query')")
+    @PreAuthorize(hasPermi = "tool:gen:query")
     @GetMapping(value = "/{talbleId}")
     public AjaxResult getInfo(@PathVariable Long talbleId)
     {
@@ -73,7 +73,7 @@ public class GenController extends BaseController
     /**
      * 查询数据库列表
      */
-    @PreAuthorize("@ss.hasPermi('tool:gen:list')")
+    @PreAuthorize(hasPermi = "tool:gen:list")
     @GetMapping("/db/list")
     public TableDataInfo dataList(GenTable genTable)
     {
@@ -85,7 +85,6 @@ public class GenController extends BaseController
     /**
      * 查询数据表字段列表
      */
-    @PreAuthorize("@ss.hasPermi('tool:gen:list')")
     @GetMapping(value = "/column/{talbleId}")
     public TableDataInfo columnList(Long tableId)
     {
@@ -99,7 +98,7 @@ public class GenController extends BaseController
     /**
      * 导入表结构（保存）
      */
-    @PreAuthorize("@ss.hasPermi('tool:gen:list')")
+    @PreAuthorize(hasPermi = "tool:gen:list")
     @Log(title = "代码生成", businessType = BusinessType.IMPORT)
     @PostMapping("/importTable")
     public AjaxResult importTableSave(String tables)
@@ -114,7 +113,7 @@ public class GenController extends BaseController
     /**
      * 修改保存代码生成业务
      */
-    @PreAuthorize("@ss.hasPermi('tool:gen:edit')")
+    @PreAuthorize(hasPermi = "tool:gen:edit")
     @Log(title = "代码生成", businessType = BusinessType.UPDATE)
     @PutMapping
     public AjaxResult editSave(@Validated @RequestBody GenTable genTable)
@@ -127,7 +126,7 @@ public class GenController extends BaseController
     /**
      * 删除代码生成
      */
-    @PreAuthorize("@ss.hasPermi('tool:gen:remove')")
+    @PreAuthorize(hasPermi = "tool:gen:remove")
     @Log(title = "代码生成", businessType = BusinessType.DELETE)
     @DeleteMapping("/{tableIds}")
     public AjaxResult remove(@PathVariable Long[] tableIds)
@@ -139,7 +138,7 @@ public class GenController extends BaseController
     /**
      * 预览代码
      */
-    @PreAuthorize("@ss.hasPermi('tool:gen:preview')")
+    @PreAuthorize(hasPermi = "tool:gen:preview")
     @GetMapping("/preview/{tableId}")
     public AjaxResult preview(@PathVariable("tableId") Long tableId) throws IOException
     {
@@ -148,27 +147,51 @@ public class GenController extends BaseController
     }
 
     /**
-     * 生成代码
+     * 生成代码（下载方式）
      */
-    @PreAuthorize("@ss.hasPermi('tool:gen:code')")
+    @PreAuthorize(hasPermi = "tool:gen:code")
+    @Log(title = "代码生成", businessType = BusinessType.GENCODE)
+    @GetMapping("/download/{tableName}")
+    public void download(HttpServletResponse response, @PathVariable("tableName") String tableName) throws IOException
+    {
+        byte[] data = genTableService.downloadCode(tableName);
+        genCode(response, data);
+    }
+
+    /**
+     * 生成代码（自定义路径）
+     */
+    @PreAuthorize(hasPermi = "tool:gen:code")
     @Log(title = "代码生成", businessType = BusinessType.GENCODE)
     @GetMapping("/genCode/{tableName}")
-    public void genCode(HttpServletResponse response, @PathVariable("tableName") String tableName) throws IOException
+    public AjaxResult genCode(@PathVariable("tableName") String tableName)
     {
-        byte[] data = genTableService.generatorCode(tableName);
+        genTableService.generatorCode(tableName);
-        genCode(response, data);
+        return AjaxResult.success();
+    }
+
+    /**
+     * 同步数据库
+     */
+    @PreAuthorize(hasPermi = "tool:gen:edit")
+    @Log(title = "代码生成", businessType = BusinessType.UPDATE)
+    @GetMapping("/synchDb/{tableName}")
+    public AjaxResult synchDb(@PathVariable("tableName") String tableName)
+    {
+        genTableService.synchDb(tableName);
+        return AjaxResult.success();
     }
 
     /**
      * 批量生成代码
      */
-    @PreAuthorize("@ss.hasPermi('tool:gen:code')")
+    @PreAuthorize(hasPermi = "tool:gen:code")
     @Log(title = "代码生成", businessType = BusinessType.GENCODE)
     @GetMapping("/batchGenCode")
     public void batchGenCode(HttpServletResponse response, String tables) throws IOException
     {
         String[] tableNames = Convert.toStrArray(tables);
-        byte[] data = genTableService.generatorCode(tableNames);
+        byte[] data = genTableService.downloadCode(tableNames);
         genCode(response, data);
     }
 

ruoyi-modules/ruoyi-gen/src/main/java/com/ruoyi/gen/domain/GenTable.java

@@ -55,6 +55,12 @@ public class GenTable extends BaseEntity
     @NotBlank(message = "作者不能为空")
     private String functionAuthor;
 
+    /** 生成代码方式（0zip压缩包 1自定义路径） */
+    private String genType;
+
+    /** 生成路径（不填默认项目路径） */
+    private String genPath;
+
     /** 主键信息 */
     private GenTableColumn pkColumn;
 
@@ -74,6 +80,12 @@ public class GenTable extends BaseEntity
     /** 树名称字段 */
     private String treeName;
 
+    /** 上级菜单ID字段 */
+    private String parentMenuId;
+
+    /** 上级菜单名称字段 */
+    private String parentMenuName;
+
     public Long getTableId()
     {
         return tableId;
@@ -174,6 +186,26 @@ public class GenTable extends BaseEntity
         this.functionAuthor = functionAuthor;
     }
 
+    public String getGenType()
+    {
+        return genType;
+    }
+
+    public void setGenType(String genType)
+    {
+        this.genType = genType;
+    }
+
+    public String getGenPath()
+    {
+        return genPath;
+    }
+
+    public void setGenPath(String genPath)
+    {
+        this.genPath = genPath;
+    }
+
     public GenTableColumn getPkColumn()
     {
         return pkColumn;
@@ -234,6 +266,26 @@ public class GenTable extends BaseEntity
         this.treeName = treeName;
     }
 
+    public String getParentMenuId()
+    {
+        return parentMenuId;
+    }
+
+    public void setParentMenuId(String parentMenuId)
+    {
+        this.parentMenuId = parentMenuId;
+    }
+
+    public String getParentMenuName()
+    {
+        return parentMenuName;
+    }
+
+    public void setParentMenuName(String parentMenuName)
+    {
+        this.parentMenuName = parentMenuName;
+    }
+
     public boolean isTree()
     {
         return isTree(this.tplCategory);

ruoyi-modules/ruoyi-gen/src/main/java/com/ruoyi/gen/domain/GenTableColumn.java

@@ -60,7 +60,7 @@ public class GenTableColumn extends BaseEntity
     /** 查询方式（EQ等于、NE不等于、GT大于、LT小于、LIKE模糊、BETWEEN范围） */
     private String queryType;
 
-    /** 显示类型（input文本框、textarea文本域、select下拉框、checkbox复选框、radio单选框、datetime日期控件） */
+    /** 显示类型（input文本框、textarea文本域、select下拉框、checkbox复选框、radio单选框、datetime日期控件、editor富文本控件） */
     private String htmlType;
 
     /** 字典类型 */
@@ -341,7 +341,7 @@ public class GenTableColumn extends BaseEntity
     public static boolean isUsableColumn(String javaField)
     {
         // isSuperColumn()中的名单用于避免生成多余Domain属性，若某些属性在生成页面时需要用到不能忽略，则放在此处白名单
-        return StringUtils.equalsAnyIgnoreCase(javaField, "parentId", "orderNum");
+        return StringUtils.equalsAnyIgnoreCase(javaField, "parentId", "orderNum", "remark");
     }
 
     public String readConverterExp()

ruoyi-modules/ruoyi-gen/src/main/java/com/ruoyi/gen/mapper/GenTableColumnMapper.java

@@ -42,6 +42,14 @@ public interface GenTableColumnMapper
      */
     public int updateGenTableColumn(GenTableColumn genTableColumn);
 
+    /**
+     * 删除业务字段
+     * 
+     * @param genTableColumns 列数据
+     * @return 结果
+     */
+    public int deleteGenTableColumns(List<GenTableColumn> genTableColumns);
+
     /**
      * 批量删除业务字段
      * 

ruoyi-modules/ruoyi-gen/src/main/java/com/ruoyi/gen/service/GenTableColumnServiceImpl.java

@@ -21,7 +21,7 @@ public class GenTableColumnServiceImpl implements IGenTableColumnService
 	/**
      * 查询业务字段列表
      * 
-     * @param genTableColumn 业务字段编号
+     * @param tableId 业务字段编号
      * @return 业务字段集合
      */
 	@Override

ruoyi-modules/ruoyi-gen/src/main/java/com/ruoyi/gen/service/GenTableServiceImpl.java

@@ -1,11 +1,13 @@
 package com.ruoyi.gen.service;
 
 import java.io.ByteArrayOutputStream;
+import java.io.File;
 import java.io.IOException;
 import java.io.StringWriter;
 import java.util.LinkedHashMap;
 import java.util.List;
 import java.util.Map;
+import java.util.stream.Collectors;
 import java.util.zip.ZipEntry;
 import java.util.zip.ZipOutputStream;
 import org.apache.commons.io.IOUtils;
@@ -22,7 +24,10 @@ import com.alibaba.fastjson.JSONObject;
 import com.ruoyi.common.core.constant.Constants;
 import com.ruoyi.common.core.constant.GenConstants;
 import com.ruoyi.common.core.exception.CustomException;
+import com.ruoyi.common.core.text.CharsetKit;
 import com.ruoyi.common.core.utils.StringUtils;
+import com.ruoyi.common.core.utils.file.FileUtils;
+import com.ruoyi.common.security.utils.SecurityUtils;
 import com.ruoyi.gen.domain.GenTable;
 import com.ruoyi.gen.domain.GenTableColumn;
 import com.ruoyi.gen.mapper.GenTableColumnMapper;
@@ -79,6 +84,7 @@ public class GenTableServiceImpl implements IGenTableService
      * @param genTable 业务信息
      * @return 数据库表集合
      */
+    @Override
     public List<GenTable> selectDbTableList(GenTable genTable)
     {
         return genTableMapper.selectDbTableList(genTable);
@@ -90,6 +96,7 @@ public class GenTableServiceImpl implements IGenTableService
      * @param tableNames 表名称组
      * @return 数据库表集合
      */
+    @Override
     public List<GenTable> selectDbTableListByNames(String[] tableNames)
     {
         return genTableMapper.selectDbTableListByNames(tableNames);
@@ -120,7 +127,7 @@ public class GenTableServiceImpl implements IGenTableService
     /**
      * 删除业务对象
      * 
-     * @param ids 需要删除的数据ID
+     * @param tableIds 需要删除的数据ID
      * @return 结果
      */
     @Override
@@ -140,10 +147,10 @@ public class GenTableServiceImpl implements IGenTableService
     @Transactional
     public void importGenTable(List<GenTable> tableList)
     {
-        String operName = "";
+        String operName = SecurityUtils.getUsername();
-        for (GenTable table : tableList)
-        {
         try
+        {
+            for (GenTable table : tableList)
             {
                 String tableName = table.getTableName();
                 GenUtils.initTable(table, operName);
@@ -159,10 +166,10 @@ public class GenTableServiceImpl implements IGenTableService
                     }
                 }
             }
+        }
         catch (Exception e)
         {
-                log.error("表名 " + table.getTableName() + " 导入失败：", e);
+            throw new CustomException("导入失败：" + e.getMessage());
-            }
         }
     }
 
@@ -198,13 +205,13 @@ public class GenTableServiceImpl implements IGenTableService
     }
 
     /**
-     * 生成代码
+     * 生成代码（下载方式）
      * 
      * @param tableName 表名称
      * @return 数据
      */
     @Override
-    public byte[] generatorCode(String tableName)
+    public byte[] downloadCode(String tableName)
     {
         ByteArrayOutputStream outputStream = new ByteArrayOutputStream();
         ZipOutputStream zip = new ZipOutputStream(outputStream);
@@ -214,13 +221,85 @@ public class GenTableServiceImpl implements IGenTableService
     }
 
     /**
-     * 批量生成代码
+     * 生成代码（自定义路径）
+     * 
+     * @param tableName 表名称
+     */
+    @Override
+    public void generatorCode(String tableName)
+    {
+        // 查询表信息
+        GenTable table = genTableMapper.selectGenTableByName(tableName);
+        // 查询列信息
+        List<GenTableColumn> columns = table.getColumns();
+        setPkColumn(table, columns);
+
+        VelocityInitializer.initVelocity();
+
+        VelocityContext context = VelocityUtils.prepareContext(table);
+
+        // 获取模板列表
+        List<String> templates = VelocityUtils.getTemplateList(table.getTplCategory());
+        for (String template : templates)
+        {
+            if (!StringUtils.containsAny(template, "sql.vm", "api.js.vm", "index.vue.vm", "index-tree.vue.vm"))
+            {
+                // 渲染模板
+                StringWriter sw = new StringWriter();
+                Template tpl = Velocity.getTemplate(template, Constants.UTF8);
+                tpl.merge(context, sw);
+                try
+                {
+                    String path = getGenPath(table, template);
+                    FileUtils.writeStringToFile(new File(path), sw.toString(), CharsetKit.UTF_8);
+                }
+                catch (IOException e)
+                {
+                    throw new CustomException("渲染模板失败，表名：" + table.getTableName());
+                }
+            }
+        }
+    }
+
+    /**
+     * 同步数据库
+     * 
+     * @param tableName 表名称
+     */
+    @Override
+    @Transactional
+    public void synchDb(String tableName)
+    {
+        GenTable table = genTableMapper.selectGenTableByName(tableName);
+        List<GenTableColumn> tableColumns = table.getColumns();
+        List<String> tableColumnNames = tableColumns.stream().map(GenTableColumn::getColumnName).collect(Collectors.toList());
+
+        List<GenTableColumn> dbTableColumns = genTableColumnMapper.selectDbTableColumnsByName(tableName);
+        List<String> dbTableColumnNames = dbTableColumns.stream().map(GenTableColumn::getColumnName).collect(Collectors.toList());
+
+        dbTableColumns.forEach(column -> {
+            if (!tableColumnNames.contains(column.getColumnName()))
+            {
+                GenUtils.initColumnField(column, table);
+                genTableColumnMapper.insertGenTableColumn(column);
+            }
+        });
+
+        List<GenTableColumn> delColumns = tableColumns.stream().filter(column -> !dbTableColumnNames.contains(column.getColumnName())).collect(Collectors.toList());
+        if (StringUtils.isNotEmpty(delColumns))
+        {
+            genTableColumnMapper.deleteGenTableColumns(delColumns);
+        }
+    }
+
+    /**
+     * 批量生成代码（下载方式）
      * 
      * @param tableNames 表数组
      * @return 数据
      */
     @Override
-    public byte[] generatorCode(String[] tableNames)
+    public byte[] downloadCode(String[] tableNames)
     {
         ByteArrayOutputStream outputStream = new ByteArrayOutputStream();
         ZipOutputStream zip = new ZipOutputStream(outputStream);
@@ -276,6 +355,7 @@ public class GenTableServiceImpl implements IGenTableService
      * 
      * @param genTable 业务信息
      */
+    @Override
     public void validateEdit(GenTable genTable)
     {
         if (GenConstants.TPL_TREE.equals(genTable.getTplCategory()))
@@ -300,7 +380,7 @@ public class GenTableServiceImpl implements IGenTableService
     /**
      * 设置主键列信息
      * 
-     * @param genTable 业务表信息
+     * @param table 业务表信息
      * @param columns 业务字段列表
      */
     public void setPkColumn(GenTable table, List<GenTableColumn> columns)
@@ -332,9 +412,31 @@ public class GenTableServiceImpl implements IGenTableService
             String treeCode = paramsObj.getString(GenConstants.TREE_CODE);
             String treeParentCode = paramsObj.getString(GenConstants.TREE_PARENT_CODE);
             String treeName = paramsObj.getString(GenConstants.TREE_NAME);
+            String parentMenuId = paramsObj.getString(GenConstants.PARENT_MENU_ID);
+            String parentMenuName = paramsObj.getString(GenConstants.PARENT_MENU_NAME);
+            
             genTable.setTreeCode(treeCode);
             genTable.setTreeParentCode(treeParentCode);
             genTable.setTreeName(treeName);
+            genTable.setParentMenuId(parentMenuId);
+            genTable.setParentMenuName(parentMenuName);
         }
     }
+
+    /**
+     * 获取代码生成地址
+     * 
+     * @param table 业务表信息
+     * @param template 模板文件路径
+     * @return 生成地址
+     */
+    public static String getGenPath(GenTable table, String template)
+    {
+        String genPath = table.getGenPath();
+        if (StringUtils.equals(genPath, "/"))
+        {
+            return System.getProperty("user.dir") + File.separator + "src" + File.separator + VelocityUtils.getFileName(template, table);
+        }
+        return genPath + File.separator + VelocityUtils.getFileName(template, table);
+    }
 }

ruoyi-modules/ruoyi-gen/src/main/java/com/ruoyi/gen/service/IGenTableColumnService.java

@@ -13,7 +13,7 @@ public interface IGenTableColumnService
     /**
      * 查询业务字段列表
      * 
-     * @param genTableColumn 业务字段编号
+     * @param tableId 业务字段编号
      * @return 业务字段集合
      */
     public List<GenTableColumn> selectGenTableColumnListByTableId(Long tableId);

ruoyi-modules/ruoyi-gen/src/main/java/com/ruoyi/gen/service/IGenTableService.java

@@ -75,20 +75,35 @@ public interface IGenTableService
     public Map<String, String> previewCode(Long tableId);
 
     /**
-     * 生成代码
+     * 生成代码（下载方式）
      * 
      * @param tableName 表名称
      * @return 数据
      */
-    public byte[] generatorCode(String tableName);
+    public byte[] downloadCode(String tableName);
 
     /**
-     * 批量生成代码
+     * 生成代码（自定义路径）
+     * 
+     * @param tableName 表名称
+     * @return 数据
+     */
+    public void generatorCode(String tableName);
+
+    /**
+     * 同步数据库
+     * 
+     * @param tableName 表名称
+     */
+    public void synchDb(String tableName);
+
+    /**
+     * 批量生成代码（下载方式）
      * 
      * @param tableNames 表数组
      * @return 数据
      */
-    public byte[] generatorCode(String[] tableNames);
+    public byte[] downloadCode(String[] tableNames);
 
     /**
      * 修改保存参数校验

ruoyi-modules/ruoyi-gen/src/main/java/com/ruoyi/gen/util/GenUtils.java

@@ -62,7 +62,7 @@ public class GenUtils
             String[] str = StringUtils.split(StringUtils.substringBetween(column.getColumnType(), "(", ")"), ",");
             if (str != null && str.length == 2 && Integer.parseInt(str[1]) > 0)
             {
-                column.setJavaType(GenConstants.TYPE_DOUBLE);
+                column.setJavaType(GenConstants.TYPE_BIGDECIMAL);
             }
             // 如果是整形
             else if (str != null && str.length == 1 && Integer.parseInt(str[0]) <= 10)
@@ -111,6 +111,11 @@ public class GenUtils
         {
             column.setHtmlType(GenConstants.HTML_SELECT);
         }
+        // 内容字段设置富文本控件
+        else if (StringUtils.endsWithIgnoreCase(columnName, "content"))
+        {
+            column.setHtmlType(GenConstants.HTML_EDITOR);
+        }
     }
 
     /**
@@ -195,7 +200,7 @@ public class GenUtils
     /**
      * 关键字替换
      * 
-     * @param name 需要被替换的名字
+     * @param text 需要被替换的名字
      * @return 替换后的名字
      */
     public static String replaceText(String text)

ruoyi-modules/ruoyi-gen/src/main/java/com/ruoyi/gen/util/VelocityUtils.java

@@ -24,6 +24,9 @@ public class VelocityUtils
     /** mybatis空间路径 */
     private static final String MYBATIS_PATH = "main/resources/mapper";
     
+    /** 默认上级菜单，系统工具 */
+    private static final String DEFAULT_PARENT_MENU_ID = "3";
+
     /**
      * 设置模板变量信息
      * 
@@ -55,6 +58,7 @@ public class VelocityUtils
         velocityContext.put("permissionPrefix", getPermissionPrefix(moduleName, businessName));
         velocityContext.put("columns", genTable.getColumns());
         velocityContext.put("table", genTable);
+        setMenuVelocityContext(velocityContext, genTable);
         if (GenConstants.TPL_TREE.equals(tplCategory))
         {
             setTreeVelocityContext(velocityContext, genTable);
@@ -62,6 +66,14 @@ public class VelocityUtils
         return velocityContext;
     }
     
+    public static void setMenuVelocityContext(VelocityContext context, GenTable genTable)
+    {
+        String options = genTable.getOptions();
+        JSONObject paramsObj = JSONObject.parseObject(options);
+        String parentMenuId = getParentMenuId(paramsObj);
+        context.put("parentMenuId", parentMenuId);
+    }
+
     public static void setTreeVelocityContext(VelocityContext context, GenTable genTable)
     {
         String options = genTable.getOptions();
@@ -190,7 +202,7 @@ public class VelocityUtils
     /**
      * 根据列类型获取导入包
      * 
-     * @param column 列集合
+     * @param columns 列集合
      * @return 返回需要导入的包列表
      */
     public static HashSet<String> getImportList(List<GenTableColumn> columns)
@@ -221,13 +233,27 @@ public class VelocityUtils
     public static String getPermissionPrefix(String moduleName, String businessName)
     {
         return StringUtils.format("{}:{}", moduleName, businessName);
+    }
 
+    /**
+     * 获取上级菜单ID字段
+     * 
+     * @param paramsObj 生成其他选项
+     * @return 上级菜单ID字段
+     */
+    public static String getParentMenuId(JSONObject paramsObj)
+    {
+        if (StringUtils.isNotEmpty(paramsObj) && paramsObj.containsKey(GenConstants.PARENT_MENU_ID))
+        {
+            return paramsObj.getString(GenConstants.PARENT_MENU_ID);
+        }
+        return DEFAULT_PARENT_MENU_ID;
     }
 
     /**
      * 获取树编码
      * 
-     * @param options 生成其他选项
+     * @param paramsObj 生成其他选项
      * @return 树编码
      */
     public static String getTreecode(JSONObject paramsObj)
@@ -236,13 +262,13 @@ public class VelocityUtils
         {
             return StringUtils.toCamelCase(paramsObj.getString(GenConstants.TREE_CODE));
         }
-        return "";
+        return StringUtils.EMPTY;
     }
 
     /**
      * 获取树父编码
      * 
-     * @param options 生成其他选项
+     * @param paramsObj 生成其他选项
      * @return 树父编码
      */
     public static String getTreeParentCode(JSONObject paramsObj)
@@ -251,13 +277,13 @@ public class VelocityUtils
         {
             return StringUtils.toCamelCase(paramsObj.getString(GenConstants.TREE_PARENT_CODE));
         }
-        return "";
+        return StringUtils.EMPTY;
     }
 
     /**
      * 获取树名称
      * 
-     * @param options 生成其他选项
+     * @param paramsObj 生成其他选项
      * @return 树名称
      */
     public static String getTreeName(JSONObject paramsObj)
@@ -266,7 +292,7 @@ public class VelocityUtils
         {
             return StringUtils.toCamelCase(paramsObj.getString(GenConstants.TREE_NAME));
         }
-        return "";
+        return StringUtils.EMPTY;
     }
 
     /**

ruoyi-modules/ruoyi-gen/src/main/resources/mapper/generator/GenTableColumnMapper.xml

@@ -117,4 +117,11 @@ PUBLIC "-//mybatis.org//DTD Mapper 3.0//EN"
         </foreach>
     </delete>
     
+    <delete id="deleteGenTableColumns">
+        delete from gen_table_column where column_id in 
+        <foreach collection="list" item="item" open="(" separator="," close=")">
+            #{item.columnId}
+        </foreach>
+    </delete>
+
 </mapper>

ruoyi-modules/ruoyi-gen/src/main/resources/mapper/generator/GenTableMapper.xml

@@ -15,6 +15,8 @@ PUBLIC "-//mybatis.org//DTD Mapper 3.0//EN"
 		<result property="businessName"   column="business_name"   />
 		<result property="functionName"   column="function_name"   />
 		<result property="functionAuthor" column="function_author" />
+		<result property="genType"        column="gen_type"        />
+		<result property="genPath"        column="gen_path"        />
 		<result property="options"        column="options"         />
 		<result property="createBy"       column="create_by"       />
 		<result property="createTime"     column="create_time"     />
@@ -50,7 +52,7 @@ PUBLIC "-//mybatis.org//DTD Mapper 3.0//EN"
     </resultMap>
 	
 	<sql id="selectGenTableVo">
-        select table_id, table_name, table_comment, class_name, tpl_category, package_name, module_name, business_name, function_name, function_author, options, create_by, create_time, update_by, update_time, remark from gen_table
+        select table_id, table_name, table_comment, class_name, tpl_category, package_name, module_name, business_name, function_name, function_author, gen_type, gen_path, options, create_by, create_time, update_by, update_time, remark from gen_table
     </sql>
     
     <select id="selectGenTableList" parameterType="GenTable" resultMap="GenTableResult">
@@ -62,6 +64,12 @@ PUBLIC "-//mybatis.org//DTD Mapper 3.0//EN"
 			<if test="tableComment != null and tableComment != ''">
 				AND lower(table_comment) like lower(concat('%', #{tableComment}, '%'))
 			</if>
+			<if test="beginTime != null and beginTime != ''"><!-- 开始时间检索 -->
+				AND date_format(create_time,'%y%m%d') &gt;= date_format(#{beginTime},'%y%m%d')
+			</if>
+			<if test="endTime != null and endTime != ''"><!-- 结束时间检索 -->
+				AND date_format(create_time,'%y%m%d') &lt;= date_format(#{endTime},'%y%m%d')
+			</if>
 		</where>
 	</select>
 
@@ -94,7 +102,7 @@ PUBLIC "-//mybatis.org//DTD Mapper 3.0//EN"
 	</select>
 	
 	<select id="selectGenTableById" parameterType="Long" resultMap="GenTableResult">
-	    SELECT t.table_id, t.table_name, t.table_comment, t.class_name, t.tpl_category, t.package_name, t.module_name, t.business_name, t.function_name, t.function_author, t.options, t.remark,
+	    SELECT t.table_id, t.table_name, t.table_comment, t.class_name, t.tpl_category, t.package_name, t.module_name, t.business_name, t.function_name, t.function_author, t.gen_type, t.gen_path, t.options, t.remark,
 			   c.column_id, c.column_name, c.column_comment, c.column_type, c.java_type, c.java_field, c.is_pk, c.is_increment, c.is_required, c.is_insert, c.is_edit, c.is_list, c.is_query, c.query_type, c.html_type, c.dict_type, c.sort
 		FROM gen_table t
 			 LEFT JOIN gen_table_column c ON t.table_id = c.table_id
@@ -102,7 +110,7 @@ PUBLIC "-//mybatis.org//DTD Mapper 3.0//EN"
 	</select>
 	
 	<select id="selectGenTableByName" parameterType="String" resultMap="GenTableResult">
-	    SELECT t.table_id, t.table_name, t.table_comment, t.class_name, t.tpl_category, t.package_name, t.module_name, t.business_name, t.function_name, t.function_author, t.options, t.remark,
+	    SELECT t.table_id, t.table_name, t.table_comment, t.class_name, t.tpl_category, t.package_name, t.module_name, t.business_name, t.function_name, t.function_author, t.gen_type, t.gen_path, t.options, t.remark,
 			   c.column_id, c.column_name, c.column_comment, c.column_type, c.java_type, c.java_field, c.is_pk, c.is_increment, c.is_required, c.is_insert, c.is_edit, c.is_list, c.is_query, c.query_type, c.html_type, c.dict_type, c.sort
 		FROM gen_table t
 			 LEFT JOIN gen_table_column c ON t.table_id = c.table_id
@@ -120,6 +128,8 @@ PUBLIC "-//mybatis.org//DTD Mapper 3.0//EN"
 			<if test="businessName != null and businessName != ''">business_name,</if>
 			<if test="functionName != null and functionName != ''">function_name,</if>
 			<if test="functionAuthor != null and functionAuthor != ''">function_author,</if>
+			<if test="genType != null and genType != ''">gen_type,</if>
+			<if test="genPath != null and genPath != ''">gen_path,</if>
 			<if test="remark != null and remark != ''">remark,</if>
  			<if test="createBy != null and createBy != ''">create_by,</if>
 			create_time
@@ -133,6 +143,8 @@ PUBLIC "-//mybatis.org//DTD Mapper 3.0//EN"
 			<if test="businessName != null and businessName != ''">#{businessName},</if>
 			<if test="functionName != null and functionName != ''">#{functionName},</if>
 			<if test="functionAuthor != null and functionAuthor != ''">#{functionAuthor},</if>
+			<if test="genType != null and genType != ''">#{genType},</if>
+			<if test="genPath != null and genPath != ''">#{genPath},</if>
 			<if test="remark != null and remark != ''">#{remark},</if>
  			<if test="createBy != null and createBy != ''">#{createBy},</if>
 			sysdate()
@@ -146,6 +158,8 @@ PUBLIC "-//mybatis.org//DTD Mapper 3.0//EN"
             <if test="tableComment != null and tableComment != ''">table_comment = #{tableComment},</if>
             <if test="className != null and className != ''">class_name = #{className},</if>
             <if test="functionAuthor != null and functionAuthor != ''">function_author = #{functionAuthor},</if>
+            <if test="genType != null and genType != ''">gen_type = #{genType},</if>
+            <if test="genPath != null and genPath != ''">gen_path = #{genPath},</if>
             <if test="tplCategory != null and tplCategory != ''">tpl_category = #{tplCategory},</if>
             <if test="packageName != null and packageName != ''">package_name = #{packageName},</if>
             <if test="moduleName != null and moduleName != ''">module_name = #{moduleName},</if>

ruoyi-modules/ruoyi-gen/src/main/resources/vm/java/controller.java.vm

@@ -3,7 +3,6 @@ package ${packageName}.controller;
 import java.util.List;
 import java.io.IOException;
 import javax.servlet.http.HttpServletResponse;
-import org.springframework.security.access.prepost.PreAuthorize;
 import org.springframework.beans.factory.annotation.Autowired;
 import org.springframework.web.bind.annotation.GetMapping;
 import org.springframework.web.bind.annotation.PostMapping;
@@ -15,6 +14,7 @@ import org.springframework.web.bind.annotation.RequestMapping;
 import org.springframework.web.bind.annotation.RestController;
 import com.ruoyi.common.log.annotation.Log;
 import com.ruoyi.common.log.enums.BusinessType;
+import com.ruoyi.common.security.annotation.PreAuthorize;
 import ${packageName}.domain.${ClassName};
 import ${packageName}.service.I${ClassName}Service;
 import com.ruoyi.common.core.web.controller.BaseController;
@@ -41,7 +41,7 @@ public class ${ClassName}Controller extends BaseController
     /**
      * 查询${functionName}列表
      */
-    @PreAuthorize("@ss.hasPermi('${permissionPrefix}:list')")
+    @PreAuthorize(hasPermi = "${permissionPrefix}:list")
     @GetMapping("/list")
 #if($table.crud)
     public TableDataInfo list(${ClassName} ${className})
@@ -61,20 +61,20 @@ public class ${ClassName}Controller extends BaseController
     /**
      * 导出${functionName}列表
      */
-    @PreAuthorize("@ss.hasPermi('${permissionPrefix}:export')")
+    @PreAuthorize(hasPermi = "${permissionPrefix}:export")
     @Log(title = "${functionName}", businessType = BusinessType.EXPORT)
-    @GetMapping("/export")
+    @PostMapping("/export")
     public void export(HttpServletResponse response, ${ClassName} ${className}) throws IOException
     {
         List<${ClassName}> list = ${className}Service.select${ClassName}List(${className});
         ExcelUtil<${ClassName}> util = new ExcelUtil<${ClassName}>(${ClassName}.class);
-        return util.exportExcel(response, list, "${businessName}");
+        util.exportExcel(response, list, "${businessName}");
     }
 
     /**
      * 获取${functionName}详细信息
      */
-    @PreAuthorize("@ss.hasPermi('${permissionPrefix}:query')")
+    @PreAuthorize(hasPermi = "${permissionPrefix}:query")
     @GetMapping(value = "/{${pkColumn.javaField}}")
     public AjaxResult getInfo(@PathVariable("${pkColumn.javaField}") ${pkColumn.javaType} ${pkColumn.javaField})
     {
@@ -84,7 +84,7 @@ public class ${ClassName}Controller extends BaseController
     /**
      * 新增${functionName}
      */
-    @PreAuthorize("@ss.hasPermi('${permissionPrefix}:add')")
+    @PreAuthorize(hasPermi = "${permissionPrefix}:add")
     @Log(title = "${functionName}", businessType = BusinessType.INSERT)
     @PostMapping
     public AjaxResult add(@RequestBody ${ClassName} ${className})
@@ -95,7 +95,7 @@ public class ${ClassName}Controller extends BaseController
     /**
      * 修改${functionName}
      */
-    @PreAuthorize("@ss.hasPermi('${permissionPrefix}:edit')")
+    @PreAuthorize(hasPermi = "${permissionPrefix}:edit")
     @Log(title = "${functionName}", businessType = BusinessType.UPDATE)
     @PutMapping
     public AjaxResult edit(@RequestBody ${ClassName} ${className})
@@ -106,7 +106,7 @@ public class ${ClassName}Controller extends BaseController
     /**
      * 删除${functionName}
      */
-    @PreAuthorize("@ss.hasPermi('${permissionPrefix}:remove')")
+    @PreAuthorize(hasPermi = "${permissionPrefix}:remove")
     @Log(title = "${functionName}", businessType = BusinessType.DELETE)
 	@DeleteMapping("/{${pkColumn.javaField}s}")
     public AjaxResult remove(@PathVariable ${pkColumn.javaType}[] ${pkColumn.javaField}s)

ruoyi-modules/ruoyi-gen/src/main/resources/vm/java/domain.java.vm

@@ -5,11 +5,11 @@ import ${import};
 #end
 import org.apache.commons.lang3.builder.ToStringBuilder;
 import org.apache.commons.lang3.builder.ToStringStyle;
-import com.ruoyi.framework.aspectj.lang.annotation.Excel;
+import com.ruoyi.common.core.annotation.Excel;
 #if($table.crud)
-import com.ruoyi.framework.web.domain.BaseEntity;
+import com.ruoyi.common.core.web.domain.BaseEntity;
 #elseif($table.tree)
-import com.ruoyi.framework.web.domain.TreeEntity;
+import com.ruoyi.common.core.web.domain.TreeEntity;
 #end
 
 /**

ruoyi-modules/ruoyi-gen/src/main/resources/vm/java/serviceImpl.java.vm

@@ -3,7 +3,7 @@ package ${packageName}.service.impl;
 import java.util.List;
 #foreach ($column in $columns)
 #if($column.javaField == 'createTime' || $column.javaField == 'updateTime')
-import com.ruoyi.common.utils.DateUtils;
+import com.ruoyi.common.core.utils.DateUtils;
 #break
 #end
 #end

ruoyi-modules/ruoyi-gen/src/main/resources/vm/sql/sql.vm

@@ -1,22 +1,22 @@
 -- 菜单 SQL
-insert into sys_menu (menu_name, parent_id, order_num, path, component, is_frame, menu_type, visible, status, perms, icon, create_by, create_time, update_by, update_time, remark)
+insert into sys_menu (menu_name, parent_id, order_num, path, component, is_frame, is_cache, menu_type, visible, status, perms, icon, create_by, create_time, update_by, update_time, remark)
-values('${functionName}', '3', '1', '${businessName}', '${moduleName}/${businessName}/index', 1, 'C', '0', '0', '${permissionPrefix}:list', '#', 'admin', '2018-03-01', 'ry', '2018-03-01', '${functionName}菜单');
+values('${functionName}', '${parentMenuId}', '1', '${businessName}', '${moduleName}/${businessName}/index', 1, 0, 'C', '0', '0', '${permissionPrefix}:list', '#', 'admin', '2018-03-01', 'ry', '2018-03-01', '${functionName}菜单');
 
 -- 按钮父菜单ID
 SELECT @parentId := LAST_INSERT_ID();
 
 -- 按钮 SQL
-insert into sys_menu (menu_name, parent_id, order_num, path, component, is_frame, menu_type, visible, status, perms, icon, create_by, create_time, update_by, update_time, remark)
+insert into sys_menu (menu_name, parent_id, order_num, path, component, is_frame, is_cache, menu_type, visible, status, perms, icon, create_by, create_time, update_by, update_time, remark)
-values('${functionName}查询', @parentId, '1',  '#', '', 1,  'F', '0',  '0', '${permissionPrefix}:query',        '#', 'admin', '2018-03-01', 'ry', '2018-03-01', '');
+values('${functionName}查询', @parentId, '1',  '#', '', 1, 0, 'F', '0', '0', '${permissionPrefix}:query',        '#', 'admin', '2018-03-01', 'ry', '2018-03-01', '');
 
-insert into sys_menu (menu_name, parent_id, order_num, path, component, is_frame, menu_type, visible, status, perms, icon, create_by, create_time, update_by, update_time, remark)
+insert into sys_menu (menu_name, parent_id, order_num, path, component, is_frame, is_cache, menu_type, visible, status, perms, icon, create_by, create_time, update_by, update_time, remark)
-values('${functionName}新增', @parentId, '2',  '#', '', 1,  'F', '0',  '0', '${permissionPrefix}:add',          '#', 'admin', '2018-03-01', 'ry', '2018-03-01', '');
+values('${functionName}新增', @parentId, '2',  '#', '', 1, 0, 'F', '0', '0', '${permissionPrefix}:add',          '#', 'admin', '2018-03-01', 'ry', '2018-03-01', '');
 
-insert into sys_menu (menu_name, parent_id, order_num, path, component, is_frame, menu_type, visible, status, perms, icon, create_by, create_time, update_by, update_time, remark)
+insert into sys_menu (menu_name, parent_id, order_num, path, component, is_frame, is_cache, menu_type, visible, status, perms, icon, create_by, create_time, update_by, update_time, remark)
-values('${functionName}修改', @parentId, '3',  '#', '', 1,  'F', '0',  '0', '${permissionPrefix}:edit',         '#', 'admin', '2018-03-01', 'ry', '2018-03-01', '');
+values('${functionName}修改', @parentId, '3',  '#', '', 1, 0, 'F', '0', '0', '${permissionPrefix}:edit',         '#', 'admin', '2018-03-01', 'ry', '2018-03-01', '');
 
-insert into sys_menu (menu_name, parent_id, order_num, path, component, is_frame, menu_type, visible, status, perms, icon, create_by, create_time, update_by, update_time, remark)
+insert into sys_menu (menu_name, parent_id, order_num, path, component, is_frame, is_cache, menu_type, visible, status, perms, icon, create_by, create_time, update_by, update_time, remark)
-values('${functionName}删除', @parentId, '4',  '#', '', 1,  'F', '0',  '0', '${permissionPrefix}:remove',       '#', 'admin', '2018-03-01', 'ry', '2018-03-01', '');
+values('${functionName}删除', @parentId, '4',  '#', '', 1, 0, 'F', '0', '0', '${permissionPrefix}:remove',       '#', 'admin', '2018-03-01', 'ry', '2018-03-01', '');
 
-insert into sys_menu (menu_name, parent_id, order_num, path, component, is_frame, menu_type, visible, status, perms, icon, create_by, create_time, update_by, update_time, remark)
+insert into sys_menu (menu_name, parent_id, order_num, path, component, is_frame, is_cache, menu_type, visible, status, perms, icon, create_by, create_time, update_by, update_time, remark)
-values('${functionName}导出', @parentId, '5',  '#', '', 1,  'F', '0',  '0', '${permissionPrefix}:export',       '#', 'admin', '2018-03-01', 'ry', '2018-03-01', '');
+values('${functionName}导出', @parentId, '5',  '#', '', 1, 0, 'F', '0', '0', '${permissionPrefix}:export',       '#', 'admin', '2018-03-01', 'ry', '2018-03-01', '');

ruoyi-modules/ruoyi-gen/src/main/resources/vm/vue/index-tree.vue.vm

@@ -1,6 +1,6 @@
 <template>
   <div class="app-container">
-    <el-form :model="queryParams" ref="queryForm" :inline="true" label-width="68px">
+    <el-form :model="queryParams" ref="queryForm" :inline="true" v-show="showSearch" label-width="68px">
 #foreach($column in $columns)
 #if($column.query)
 #set($dictType=$column.dictType)
@@ -51,23 +51,23 @@
 #end
 #end
       <el-form-item>
+	    <el-button type="cyan" icon="el-icon-search" size="mini" @click="handleQuery">搜索</el-button>
+        <el-button icon="el-icon-refresh" size="mini" @click="resetQuery">重置</el-button>
+      </el-form-item>
+    </el-form>
+
+    <el-row :gutter="10" class="mb8">
+      <el-col :span="1.5">
         <el-button
-          class="filter-item"
-          type="primary"
-          icon="el-icon-search"
-          size="mini"
-          @click="handleQuery"
-        >搜索</el-button>
-        <el-button
-          class="filter-item"
           type="primary"
           icon="el-icon-plus"
           size="mini"
           @click="handleAdd"
           v-hasPermi="['${moduleName}:${businessName}:add']"
         >新增</el-button>
-      </el-form-item>
+      </el-col>
-    </el-form>
+      <right-toolbar :showSearch.sync="showSearch" @queryTable="getList"></right-toolbar>
+    </el-row>
 
     <el-table
       v-loading="loading"
@@ -139,8 +139,12 @@
         <el-form-item label="${comment}" prop="${field}">
           <el-input v-model="form.${field}" placeholder="请输入${comment}" />
         </el-form-item>
-#elseif($column.htmlType == "select" && "" != $dictType)
+#elseif($column.htmlType == "editor")
         <el-form-item label="${comment}">
+          <editor v-model="form.${field}" :min-height="192"/>
+        </el-form-item>
+#elseif($column.htmlType == "select" && "" != $dictType)
+        <el-form-item label="${comment}" prop="${field}">
           <el-select v-model="form.${field}" placeholder="请选择${comment}">
             <el-option
               v-for="dict in ${field}Options"
@@ -152,11 +156,28 @@
           </el-select>
         </el-form-item>
 #elseif($column.htmlType == "select" && $dictType)
-        <el-form-item label="${comment}">
+        <el-form-item label="${comment}" prop="${field}">
           <el-select v-model="form.${field}" placeholder="请选择${comment}">
             <el-option label="请选择字典生成" value="" />
           </el-select>
         </el-form-item>
+#elseif($column.htmlType == "checkbox" && "" != $dictType)
+        <el-form-item label="${comment}">
+          <el-checkbox-group v-model="form.${field}">
+            <el-checkbox
+              v-for="dict in ${field}Options"
+              :key="dict.dictValue"
+              :label="dict.dictValue">
+              {{dict.dictLabel}}
+            </el-checkbox>
+          </el-checkbox-group>
+        </el-form-item>
+#elseif($column.htmlType == "checkbox" && $dictType)
+        <el-form-item label="${comment}">
+          <el-checkbox-group v-model="form.${field}">
+            <el-checkbox>请选择字典生成</el-checkbox>
+          </el-checkbox-group>
+        </el-form-item>
 #elseif($column.htmlType == "radio" && "" != $dictType)
         <el-form-item label="${comment}">
           <el-radio-group v-model="form.${field}">
@@ -204,14 +225,30 @@
 import { list${BusinessName}, get${BusinessName}, del${BusinessName}, add${BusinessName}, update${BusinessName}, export${BusinessName} } from "@/api/${moduleName}/${businessName}";
 import Treeselect from "@riophae/vue-treeselect";
 import "@riophae/vue-treeselect/dist/vue-treeselect.css";
+#foreach($column in $columns)
+#if($column.insert && !$column.superColumn && !$column.pk && $column.htmlType == "editor")
+import Editor from '@/components/Editor';
+#break
+#end
+#end
 
 export default {
   name: "${BusinessName}",
-  components: { Treeselect },
+  components: {
+#foreach($column in $columns)
+#if($column.insert && !$column.superColumn && !$column.pk && $column.htmlType == "editor")
+    Editor,
+#break
+#end
+#end
+    Treeselect
+  },
   data() {
     return {
       // 遮罩层
       loading: true,
+      // 显示搜索条件
+      showSearch: true,
       // ${functionName}表格数据
       ${businessName}List: [],
       // ${functionName}树选项
@@ -236,7 +273,7 @@ export default {
       queryParams: {
 #foreach ($column in $columns)
 #if($column.query)
-        $column.javaField: undefined#if($velocityCount != $columns.size()),#end
+        $column.javaField: null#if($velocityCount != $columns.size()),#end
 
 #end
 #end
@@ -253,9 +290,8 @@ export default {
 #else
 #set($comment=$column.columnComment)
 #end
-#set($comment=$column.columnComment)
         $column.javaField: [
-          { required: true, message: "$comment不能为空", trigger: "blur" }
+          { required: true, message: "$comment不能为空", trigger: #if($column.htmlType == "select")"change"#else"blur"#end }
         ]#if($velocityCount != $columns.size()),#end
 
 #end
@@ -312,7 +348,7 @@ export default {
 #end
     // $comment字典翻译
     ${column.javaField}Format(row, column) {
-      return this.selectDictLabel(this.${column.javaField}Options, row.${column.javaField});
+      return this.selectDictLabel#if($column.htmlType == "checkbox")s#end(this.${column.javaField}Options, row.${column.javaField});
     },
 #end
 #end
@@ -326,10 +362,13 @@ export default {
       this.form = {
 #foreach ($column in $columns)
 #if($column.htmlType == "radio")
-        $column.javaField: "0"#if($velocityCount != $columns.size()),#end
+        $column.javaField: #if($column.javaType == "Integer" || $column.javaType == "Long")0#else"0"#end#if($velocityCount != $columns.size()),#end
+
+#elseif($column.htmlType == "checkbox")
+        $column.javaField: []#if($velocityCount != $columns.size()),#end
 
 #else
-        $column.javaField: undefined#if($velocityCount != $columns.size()),#end
+        $column.javaField: null#if($velocityCount != $columns.size()),#end
 
 #end
 #end
@@ -356,20 +395,30 @@ export default {
     handleUpdate(row) {
       this.reset();
 	  this.getTreeselect();
-      if (row != undefined) {
+      if (row != null) {
         this.form.${treeParentCode} = row.${treeCode};
       }
       get${BusinessName}(row.${pkColumn.javaField}).then(response => {
         this.form = response.data;
+#foreach ($column in $columns)
+#if($column.htmlType == "checkbox")
+        this.form.$column.javaField = this.form.${column.javaField}.split(",");
+#end
+#end
         this.open = true;
         this.title = "修改${functionName}";
       });
     },
     /** 提交按钮 */
-    submitForm: function() {
+    submitForm() {
       this.#[[$]]#refs["form"].validate(valid => {
         if (valid) {
-          if (this.form.${pkColumn.javaField} != undefined) {
+#foreach ($column in $columns)
+#if($column.htmlType == "checkbox")
+          this.form.$column.javaField = this.form.${column.javaField}.join(",");
+#end
+#end
+          if (this.form.${pkColumn.javaField} != null) {
             update${BusinessName}(this.form).then(response => {
               if (response.code === 200) {
                 this.msgSuccess("修改成功");