From 5440a698019bc19df448dffaec9258c03ec03f33 Mon Sep 17 00:00:00 2001 From: =?utf8?q?=E5=88=98=E6=B4=AA=E9=9D=92?= Date: Tue, 19 Oct 2021 22:21:13 +0800 Subject: [PATCH] =?utf8?q?fix:=20=E4=BF=AE=E6=AD=A3=E8=8F=9C=E5=8D=95?= =?utf8?q?=E5=88=9D=E5=A7=8B=E5=8C=96=E6=95=B0=E6=8D=AE?= MIME-Version: 1.0 Content-Type: text/plain; charset=utf8 Content-Transfer-Encoding: 8bit --- ...62\346\235\203\351\231\220\357\274\211.md" | 242 ++++++++++++------ 1 file changed, 168 insertions(+), 74 deletions(-) diff --git "a/deploy-manifests/charts/1.2.0003.\350\256\244\350\257\201\346\216\210\346\235\203-\344\272\221\345\271\263\345\217\260\346\225\260\346\215\256\345\210\235\345\247\213\345\214\226\357\274\210API\350\267\257\347\224\261\343\200\201\345\272\224\347\224\250\343\200\201\350\217\234\345\215\225\343\200\201\350\247\222\350\211\262\346\235\203\351\231\220\357\274\211.md" "b/deploy-manifests/charts/1.2.0003.\350\256\244\350\257\201\346\216\210\346\235\203-\344\272\221\345\271\263\345\217\260\346\225\260\346\215\256\345\210\235\345\247\213\345\214\226\357\274\210API\350\267\257\347\224\261\343\200\201\345\272\224\347\224\250\343\200\201\350\217\234\345\215\225\343\200\201\350\247\222\350\211\262\346\235\203\351\231\220\357\274\211.md" index 9eae0d7..c1094af 100644 --- "a/deploy-manifests/charts/1.2.0003.\350\256\244\350\257\201\346\216\210\346\235\203-\344\272\221\345\271\263\345\217\260\346\225\260\346\215\256\345\210\235\345\247\213\345\214\226\357\274\210API\350\267\257\347\224\261\343\200\201\345\272\224\347\224\250\343\200\201\350\217\234\345\215\225\343\200\201\350\247\222\350\211\262\346\235\203\351\231\220\357\274\211.md" +++ "b/deploy-manifests/charts/1.2.0003.\350\256\244\350\257\201\346\216\210\346\235\203-\344\272\221\345\271\263\345\217\260\346\225\260\346\215\256\345\210\235\345\247\213\345\214\226\357\274\210API\350\267\257\347\224\261\343\200\201\345\272\224\347\224\250\343\200\201\350\217\234\345\215\225\343\200\201\350\247\222\350\211\262\346\235\203\351\231\220\357\274\211.md" @@ -11,7 +11,9 @@ ## 操作指南 +**请仔细阅读文档后,再进行操作** +本文档中的各部分操作,只须 选择其中一种方式处理即可 ## 初始化数据 @@ -19,7 +21,11 @@ ### 创建路由 -**如果已经存在,请确认 路由服务地址 是否正确** +在 云平台 管理中心 中,添加 接口路由; + +管理功能的接口请求,由管理中心的后端网关,统一路由至 相关服务。 + +**若 路由记录已经存在,请确认 其 路由服务地址 是否正确** #### 方式一,手动添加 @@ -78,7 +84,7 @@ curl -i -s -X POST "http://admin-platform-admin-center-sa.admin-platform.svc.clu ``` -#### 方式三,SQL脚本 +#### 方式三,SQL脚本(不推荐) 连接至 admin_center 数据库,执行以下 SQL脚本 @@ -113,13 +119,18 @@ commit; ### 创建应用 +在 云平台 基础管理 应用管理 下,添加一个应用,10 用户授权; + +将 认证管理、用户管理、授权管理 的相关菜单 的所属应用 设置为 该应用,便于菜单的管理。 + + #### 方式一,手动添加 进入 云平台 - 基础管理 - 应用管理,添加应用 应用标识 | 名称 | 描述 | 是否启用 | 应用访问地址 - | - | - | - | - -20 | 用户授权 | | 是 | +10 | 用户授权 | | 是 | #### 方式二,bash脚本 @@ -138,7 +149,7 @@ curl -i -s -X POST "http://admin-platform-admin-center-sa.admin-platform.svc.clu ``` -#### 方式三,SQL脚本 +#### 方式三,SQL脚本(不推荐) 连接至 admin_center 数据库,执行以下 SQL脚本 @@ -152,6 +163,22 @@ commit; ``` +#### 将已有菜单的所属应用 更新为 10 用户授权 + +**应用创建成功后,须将 认证管理、用户管理、授权管理 已存在的菜单 的所属应用 设置为 该应用** + +```sql +use admin_center; + +update TB_MGT_PERMISSION +set APPLICATION_ID='10' +where (ID like '2____' or ID like '3____' or ID like '4____') +; + +commit; +``` + + ### 创建菜单 #### 方式一,手动导入 @@ -162,6 +189,8 @@ commit; 菜单列表(JSON)如下,(复制后粘贴) +**将 origin 修改为正确的 学校域名** + * 认证管理 ```json @@ -225,10 +254,16 @@ commit; "id": "21100", "parentIdOrCode":"20000", "code": "analyze", "name": "认证统计分析", "memo": "", "status": "1", "icon": "su-icon-renzhengtongjifenxi", "origin": "http://admin-platform.paas.xxx.edu.cn", "url": "/cas-server/analyze", "target": "", "order": 21100, "resourceIdOrCodes": [] + }, + { + "id": "22000", "parentIdOrCode":"20000", "code": "journalManage", "name": "日志管理", "memo": "", "status": "1", + "icon": "su-icon-taocanguanli", "origin": "http://admin-platform.paas.xxx.edu.cn", "url": "/cas-server/journalManage", "target": "", + "order": 22000, "resourceIdOrCodes": [] } ] ``` + * 用户管理 ```json @@ -274,7 +309,7 @@ commit; "order": 30700, "resourceIdOrCodes": [] }, { - "id": "30750", "parentIdOrCode":"30000", "code": "userScope", "name": "用户规则", "memo": "", "status": "1", + "id": "30750", "parentIdOrCode":"30000", "code": "userScope", "name": "用户规则", "memo": "", "status": "0", "icon": "el-icon-guide", "origin": "http://admin-platform.paas.xxx.edu.cn", "url": "/user-server/userScope", "target": "", "order": 30750, "resourceIdOrCodes": [] }, @@ -300,6 +335,11 @@ commit; "icon": "", "origin": "http://admin-platform.paas.xxx.edu.cn", "url": "/", "target": "", "order": 40000, "resourceIdOrCodes": [] }, + { + "id": "40050", "parentIdOrCode":"40000", "code": "applicationAuth", "name": "授权对接应用", "memo": "", "status": "1", + "icon": "su-icon-guanliduan", "origin": "http://admin-platform.paas.xxx.edu.cn", "url": "/auth-server/applicationAuth", "target": "", + "order": 40050, "resourceIdOrCodes": [] + }, { "id": "40100", "parentIdOrCode":"40000", "code": "applicationRole", "name": "角色授权", "memo": "", "status": "1", "icon": "su-icon-yingyongjuese", "origin": "http://admin-platform.paas.xxx.edu.cn", "url": "/auth-server/applicationRole", "target": "", @@ -316,7 +356,7 @@ commit; "order": 40300, "resourceIdOrCodes": [] }, { - "id": "40400", "parentIdOrCode":"40000", "code": "roleAuthManagement", "name": "用户规则授权", "memo": "", "status": "1", + "id": "40400", "parentIdOrCode":"40000", "code": "roleAuthManagement", "name": "用户规则授权", "memo": "", "status": "0", "icon": "su-icon-yonghuguize", "origin": "http://admin-platform.paas.xxx.edu.cn", "url": "/auth-server/roleAuthManagement", "target": "", "order": 40400, "resourceIdOrCodes": [] }, @@ -331,27 +371,32 @@ commit; "order": 40900, "resourceIdOrCodes": [] }, { - "id": "41100", "parentIdOrCode":"40000", "code": "accountAuthorizationAudit", "name": "账号授权审计", "memo": "", "status": "1", + "id": "41100", "parentIdOrCode":"40000", "code": "accountAuthorizationAudit", "name": "账号授权审计", "memo": "", "status": "0", "icon": "su-icon-zhsqsj", "origin": "http://admin-platform.paas.xxx.edu.cn", "url": "/auth-server/accountAuthorizationAudit", "target": "", "order": 41100, "resourceIdOrCodes": [] }, { - "id": "41200", "parentIdOrCode":"40000", "code": "userAudit", "name": "用户规则权限审计", "memo": "", "status": "1", + "id": "41200", "parentIdOrCode":"40000", "code": "userAudit", "name": "用户规则权限审计", "memo": "", "status": "0", "icon": "su-icon-yhgzqxsj", "origin": "http://admin-platform.paas.xxx.edu.cn", "url": "/auth-server/userAudit", "target": "", "order": 41200, "resourceIdOrCodes": [] }, { - "id": "41300", "parentIdOrCode":"40000", "code": "rolePermissionAudit", "name": "角色/组授权审计", "memo": "", "status": "1", - "icon": "su-icon-jszsqsj", "origin": "http://admin-platform.paas.xxx.edu.cn", "url": "/auth-server/rolePermissionAudit", "target": "", + "id": "41300", "parentIdOrCode":"40000", "code": "rolePermissionAudit", "name": "角色授权审计", "memo": "", "status": "0", + "icon": "su-icon-jszsqsj", "origin": "http://admin-platform.paas.xxx.edu.cn", "url": "/auth-server/rolePermissionAudits", "target": "", "order": 41300, "resourceIdOrCodes": [] }, { - "id": "41400", "parentIdOrCode":"40000", "code": "authOperationsAudit", "name": "权限操作审计", "memo": "", "status": "1", + "id": "41350", "parentIdOrCode":"40000", "code": "roleGroupPermissionAudit", "name": "角色组授权审计", "memo": "", "status": "0", + "icon": "su-icon-jszsqsj", "origin": "http://admin-platform.paas.xxx.edu.cn", "url": "/auth-server/roleGroupPermissionAudit", "target": "", + "order": 41350, "resourceIdOrCodes": [] + }, + { + "id": "41400", "parentIdOrCode":"40000", "code": "authOperationsAudit", "name": "权限操作审计", "memo": "", "status": "0", "icon": "su-icon-qxczsj", "origin": "http://admin-platform.paas.xxx.edu.cn", "url": "/auth-server/authOperationsAudit", "target": "", "order": 41400, "resourceIdOrCodes": [] }, { - "id": "41500", "parentIdOrCode":"40000", "code": "authStatisticalMonitor", "name": "授权统计监控", "memo": "", "status": "1", + "id": "41500", "parentIdOrCode":"40000", "code": "authStatisticalMonitor", "name": "授权统计监控", "memo": "", "status": "0", "icon": "su-icon-sqtjjk", "origin": "http://admin-platform.paas.xxx.edu.cn", "url": "/auth-server/authStatisticalMonitor", "target": "", "order": 41500, "resourceIdOrCodes": [] } @@ -430,6 +475,11 @@ curl -i -s -X POST "http://admin-platform-admin-center-sa.admin-platform.svc.clu "id": "21100", "parentIdOrCode":"20000", "code": "analyze", "name": "认证统计分析", "memo": "", "status": "1", "icon": "su-icon-renzhengtongjifenxi", "origin": "http://admin-platform.paas.xxx.edu.cn", "url": "/cas-server/analyze", "target": "", "order": 21100, "resourceIdOrCodes": [] + }, + { + "id": "22000", "parentIdOrCode":"20000", "code": "journalManage", "name": "日志管理", "memo": "", "status": "1", + "icon": "su-icon-taocanguanli", "origin": "http://admin-platform.paas.xxx.edu.cn", "url": "/cas-server/journalManage", "target": "", + "order": 22000, "resourceIdOrCodes": [] } ] } @@ -487,7 +537,7 @@ curl -i -s -X POST "http://admin-platform-admin-center-sa.admin-platform.svc.clu "order": 30700, "resourceIdOrCodes": [] }, { - "id": "30750", "parentIdOrCode":"30000", "code": "userScope", "name": "用户规则", "memo": "", "status": "1", + "id": "30750", "parentIdOrCode":"30000", "code": "userScope", "name": "用户规则", "memo": "", "status": "0", "icon": "el-icon-guide", "origin": "http://admin-platform.paas.xxx.edu.cn", "url": "/user-server/userScope", "target": "", "order": 30750, "resourceIdOrCodes": [] }, @@ -521,6 +571,11 @@ curl -i -s -X POST "http://admin-platform-admin-center-sa.admin-platform.svc.clu "icon": "", "origin": "http://admin-platform.paas.xxx.edu.cn", "url": "/", "target": "", "order": 40000, "resourceIdOrCodes": [] }, + { + "id": "40050", "parentIdOrCode":"40000", "code": "applicationAuth", "name": "授权对接应用", "memo": "", "status": "1", + "icon": "su-icon-guanliduan", "origin": "http://admin-platform.paas.xxx.edu.cn", "url": "/auth-server/applicationAuth", "target": "", + "order": 40050, "resourceIdOrCodes": [] + }, { "id": "40100", "parentIdOrCode":"40000", "code": "applicationRole", "name": "角色授权", "memo": "", "status": "1", "icon": "su-icon-yingyongjuese", "origin": "http://admin-platform.paas.xxx.edu.cn", "url": "/auth-server/applicationRole", "target": "", @@ -537,7 +592,7 @@ curl -i -s -X POST "http://admin-platform-admin-center-sa.admin-platform.svc.clu "order": 40300, "resourceIdOrCodes": [] }, { - "id": "40400", "parentIdOrCode":"40000", "code": "roleAuthManagement", "name": "用户规则授权", "memo": "", "status": "1", + "id": "40400", "parentIdOrCode":"40000", "code": "roleAuthManagement", "name": "用户规则授权", "memo": "", "status": "0", "icon": "su-icon-yonghuguize", "origin": "http://admin-platform.paas.xxx.edu.cn", "url": "/auth-server/roleAuthManagement", "target": "", "order": 40400, "resourceIdOrCodes": [] }, @@ -552,27 +607,32 @@ curl -i -s -X POST "http://admin-platform-admin-center-sa.admin-platform.svc.clu "order": 40900, "resourceIdOrCodes": [] }, { - "id": "41100", "parentIdOrCode":"40000", "code": "accountAuthorizationAudit", "name": "账号授权审计", "memo": "", "status": "1", + "id": "41100", "parentIdOrCode":"40000", "code": "accountAuthorizationAudit", "name": "账号授权审计", "memo": "", "status": "0", "icon": "su-icon-zhsqsj", "origin": "http://admin-platform.paas.xxx.edu.cn", "url": "/auth-server/accountAuthorizationAudit", "target": "", "order": 41100, "resourceIdOrCodes": [] }, { - "id": "41200", "parentIdOrCode":"40000", "code": "userAudit", "name": "用户规则权限审计", "memo": "", "status": "1", + "id": "41200", "parentIdOrCode":"40000", "code": "userAudit", "name": "用户规则权限审计", "memo": "", "status": "0", "icon": "su-icon-yhgzqxsj", "origin": "http://admin-platform.paas.xxx.edu.cn", "url": "/auth-server/userAudit", "target": "", "order": 41200, "resourceIdOrCodes": [] }, { - "id": "41300", "parentIdOrCode":"40000", "code": "rolePermissionAudit", "name": "角色/组授权审计", "memo": "", "status": "1", - "icon": "su-icon-jszsqsj", "origin": "http://admin-platform.paas.xxx.edu.cn", "url": "/auth-server/rolePermissionAudit", "target": "", + "id": "41300", "parentIdOrCode":"40000", "code": "rolePermissionAudit", "name": "角色授权审计", "memo": "", "status": "0", + "icon": "su-icon-jszsqsj", "origin": "http://admin-platform.paas.xxx.edu.cn", "url": "/auth-server/rolePermissionAudits", "target": "", "order": 41300, "resourceIdOrCodes": [] }, { - "id": "41400", "parentIdOrCode":"40000", "code": "authOperationsAudit", "name": "权限操作审计", "memo": "", "status": "1", + "id": "41350", "parentIdOrCode":"40000", "code": "roleGroupPermissionAudit", "name": "角色组授权审计", "memo": "", "status": "0", + "icon": "su-icon-jszsqsj", "origin": "http://admin-platform.paas.xxx.edu.cn", "url": "/auth-server/roleGroupPermissionAudit", "target": "", + "order": 41350, "resourceIdOrCodes": [] + }, + { + "id": "41400", "parentIdOrCode":"40000", "code": "authOperationsAudit", "name": "权限操作审计", "memo": "", "status": "0", "icon": "su-icon-qxczsj", "origin": "http://admin-platform.paas.xxx.edu.cn", "url": "/auth-server/authOperationsAudit", "target": "", "order": 41400, "resourceIdOrCodes": [] }, { - "id": "41500", "parentIdOrCode":"40000", "code": "authStatisticalMonitor", "name": "授权统计监控", "memo": "", "status": "1", + "id": "41500", "parentIdOrCode":"40000", "code": "authStatisticalMonitor", "name": "授权统计监控", "memo": "", "status": "0", "icon": "su-icon-sqtjjk", "origin": "http://admin-platform.paas.xxx.edu.cn", "url": "/auth-server/authStatisticalMonitor", "target": "", "order": 41500, "resourceIdOrCodes": [] } @@ -582,9 +642,9 @@ curl -i -s -X POST "http://admin-platform-admin-center-sa.admin-platform.svc.clu ``` -#### 方式三,SQL脚本 +#### 方式三,SQL脚本(不推荐) -连接至 admin_center 数据库,执行以下 SQL脚本 +连接至 admin_center 数据库,执行以下 SQL脚本(若 已经存在,请忽略) * 认证管理 @@ -592,69 +652,73 @@ curl -i -s -X POST "http://admin-platform-admin-center-sa.admin-platform.svc.clu use admin_center; insert into TB_MGT_PERMISSION (ID, DELETED, CODE, NAME, STATUS, TYPE_, ICON, URL, APPLICATION_ID, PARENT_ID, ORDER_, LEVEL_, LFT, RGT) -values ('20000', 0, 'cas-server', '认证管理', '1', '2', '', '/', '10', '1', 20000, 1, 18, 33); +values ('20000', 0, 'cas-server', '认证管理', '1', '2', '', '/', '10', '1', 20000, 1, 22, 47); insert into TB_MGT_PERMISSION (ID, DELETED, CODE, NAME, STATUS, TYPE_, ICON, URL, APPLICATION_ID, PARENT_ID, ORDER_, LEVEL_, LFT, RGT) -values ('20100', 0, 'loginConfig', '登录方式配置', '1', '2', 'su-icon-denglupeizhi', '/cas-server/loginConfig', '10', '20000', 20100, 2, 19, 20); +values ('20100', 0, 'loginConfig', '登录方式配置', '1', '2', 'su-icon-denglupeizhi', '/cas-server/loginConfig', '10', '20000', 20100, 2, 23, 24); insert into TB_MGT_PERMISSION (ID, DELETED, CODE, NAME, STATUS, TYPE_, ICON, URL, APPLICATION_ID, PARENT_ID, ORDER_, LEVEL_, LFT, RGT) -values ('20200', 0, 'safeLoginConfig', '账号安全配置', '1', '2', 'su-icon-config-security', '/cas-server/safeLoginConfig', '10', '20000', 20200, 2, 21, 22); +values ('20200', 0, 'safeLoginConfig', '账号安全配置', '1', '2', 'su-icon-config-security', '/cas-server/safeLoginConfig', '10', '20000', 20200, 2, 25, 26); insert into TB_MGT_PERMISSION (ID, DELETED, CODE, NAME, STATUS, TYPE_, ICON, URL, APPLICATION_ID, PARENT_ID, ORDER_, LEVEL_, LFT, RGT) -values ('20300', 0, 'accountActivationConfiguration', '账号激活配置', '1', '2', 'su-icon-bulb', '/cas-server/accountActivationConfiguration', '10', '20000', 20300, 2, 23, 24); +values ('20300', 0, 'accountActivationConfiguration', '账号激活配置', '1', '2', 'su-icon-bulb', '/cas-server/accountActivationConfiguration', '10', '20000', 20300, 2, 27, 28); insert into TB_MGT_PERMISSION (ID, DELETED, CODE, NAME, STATUS, TYPE_, ICON, URL, APPLICATION_ID, PARENT_ID, ORDER_, LEVEL_, LFT, RGT) -values ('20400', 0, 'safeConfig', '安全策略配置', '1', '2', 'su-icon-celuepeizhi', '/cas-server/safeConfig', '10', '20000', 20400, 2, 25, 26); +values ('20400', 0, 'safeConfig', '安全策略配置', '1', '2', 'su-icon-celuepeizhi', '/cas-server/safeConfig', '10', '20000', 20400, 2, 29, 30); insert into TB_MGT_PERMISSION (ID, DELETED, CODE, NAME, STATUS, TYPE_, ICON, URL, APPLICATION_ID, PARENT_ID, ORDER_, LEVEL_, LFT, RGT) -values ('20500', 0, 'passwordConfig', '密码策略配置', '1', '2', 'su-icon-mimacelue', '/cas-server/passwordConfig', '10', '20000', 20500, 2, 27, 28); +values ('20500', 0, 'passwordConfig', '密码策略配置', '1', '2', 'su-icon-mimacelue', '/cas-server/passwordConfig', '10', '20000', 20500, 2, 31, 32); insert into TB_MGT_PERMISSION (ID, DELETED, CODE, NAME, STATUS, TYPE_, ICON, URL, APPLICATION_ID, PARENT_ID, ORDER_, LEVEL_, LFT, RGT) -values ('20600', 0, 'serverManagement', '应用对接配置', '1', '2', 'el-icon-service', '/cas-server/serverManagement', '10', '20000', 20600, 2, 29, 30); +values ('20600', 0, 'serverManagement', '应用对接配置', '1', '2', 'el-icon-service', '/cas-server/serverManagement', '10', '20000', 20600, 2, 33, 34); insert into TB_MGT_PERMISSION (ID, DELETED, CODE, NAME, STATUS, TYPE_, ICON, URL, APPLICATION_ID, PARENT_ID, ORDER_, LEVEL_, LFT, RGT) -values ('20700', 0, 'loginPageConfig', '登录页面配置', '1', '2', 'su-icon-tongxunxinxi', '/cas-server/loginPageConfig', '10', '20000', 20700, 2, 29, 30); +values ('20700', 0, 'loginPageConfig', '登录页面配置', '1', '2', 'su-icon-tongxunxinxi', '/cas-server/loginPageConfig', '10', '20000', 20700, 2, 35, 36); insert into TB_MGT_PERMISSION (ID, DELETED, CODE, NAME, STATUS, TYPE_, ICON, URL, APPLICATION_ID, PARENT_ID, ORDER_, LEVEL_, LFT, RGT) -values ('20800', 0, 'linkLoginConfig', '联合登录配置', '1', '2', 'su-icon-test', '/cas-server/linkLoginConfig', '10', '20000', 20800, 2, 29, 30); +values ('20800', 0, 'linkLoginConfig', '联合登录配置', '1', '2', 'su-icon-test', '/cas-server/linkLoginConfig', '10', '20000', 20800, 2, 37, 38); insert into TB_MGT_PERMISSION (ID, DELETED, CODE, NAME, STATUS, TYPE_, ICON, URL, APPLICATION_ID, PARENT_ID, ORDER_, LEVEL_, LFT, RGT) -values ('20900', 0, 'infoPerfectConfig', '信息完善配置', '1', '2', 'su-icon-chongxintijiao', '/cas-server/infoPerfectConfig', '10', '20000', 20900, 2, 31, 32); +values ('20900', 0, 'infoPerfectConfig', '信息完善配置', '1', '2', 'su-icon-chongxintijiao', '/cas-server/infoPerfectConfig', '10', '20000', 20900, 2, 39, 40); insert into TB_MGT_PERMISSION (ID, DELETED, CODE, NAME, STATUS, TYPE_, ICON, URL, APPLICATION_ID, PARENT_ID, ORDER_, LEVEL_, LFT, RGT) -values ('21000', 0, 'lockManagement', '认证锁定管理', '1', '2', 'su-icon-shouquanjiguanli', '/cas-server/lockManagement', '10', '20000', 21000, 2, 31, 32); +values ('21000', 0, 'lockManagement', '认证锁定管理', '1', '2', 'su-icon-shouquanjiguanli', '/cas-server/lockManagement', '10', '20000', 21000, 2, 41, 42); insert into TB_MGT_PERMISSION (ID, DELETED, CODE, NAME, STATUS, TYPE_, ICON, URL, APPLICATION_ID, PARENT_ID, ORDER_, LEVEL_, LFT, RGT) -values ('21100', 0, 'analyze', '认证统计分析', '1', '2', 'su-icon-renzhengtongjifenxi', '/cas-server/analyze', '10', '20000', 21100, 2, 31, 32); +values ('21100', 0, 'analyze', '认证统计分析', '1', '2', 'su-icon-renzhengtongjifenxi', '/cas-server/analyze', '10', '20000', 21100, 2, 43, 44); + +insert into TB_MGT_PERMISSION (ID, DELETED, CODE, NAME, STATUS, TYPE_, ICON, URL, APPLICATION_ID, PARENT_ID, ORDER_, LEVEL_, LFT, RGT) +values ('22000', 0, 'journalManage', '日志管理', '1', '2', 'su-icon-taocanguanli', '/cas-server/journalManage', '10', '20000', 22000, 2, 45, 46); commit; ``` + * 用户管理 ```sql use admin_center; insert into TB_MGT_PERMISSION (ID, DELETED, CODE, NAME, STATUS, TYPE_, ICON, URL, APPLICATION_ID, PARENT_ID, ORDER_, LEVEL_, LFT, RGT) -values ('30000', 0, 'user-server', '用户管理', '1', '2', '', '/', '10', '1', 30000, 1, 34, 53); +values ('30000', 0, 'user-server', '用户管理', '1', '2', '', '/', '10', '1', 30000, 1, 48, 69); insert into TB_MGT_PERMISSION (ID, DELETED, CODE, NAME, STATUS, TYPE_, ICON, URL, APPLICATION_ID, PARENT_ID, ORDER_, LEVEL_, LFT, RGT) -values ('30100', 0, 'dictionary', '字典管理', '1', '2', 'su-icon-zidian', '/user-server/dictionary', '10', '30000', 30100, 2, 35, 36); +values ('30100', 0, 'dictionary', '字典管理', '1', '2', 'su-icon-zidian', '/user-server/dictionary', '10', '30000', 30100, 2, 49, 50); insert into TB_MGT_PERMISSION (ID, DELETED, CODE, NAME, STATUS, TYPE_, ICON, URL, APPLICATION_ID, PARENT_ID, ORDER_, LEVEL_, LFT, RGT) -values ('30200', 0, 'identity', '身份管理', '1', '2', 'su-icon-shenfen', '/user-server/identity', '10', '30000', 30200, 2, 37, 38); +values ('30200', 0, 'identity', '身份管理', '1', '2', 'su-icon-shenfen', '/user-server/identity', '10', '30000', 30200, 2, 51, 52); insert into TB_MGT_PERMISSION (ID, DELETED, CODE, NAME, STATUS, TYPE_, ICON, URL, APPLICATION_ID, PARENT_ID, ORDER_, LEVEL_, LFT, RGT) -values ('30300', 0, 'mechanism', '组织机构管理', '1', '2', 'su-icon-department', '/user-server/mechanism', '10', '30000', 30300, 2, 39, 40); +values ('30300', 0, 'mechanism', '组织机构管理', '1', '2', 'su-icon-department', '/user-server/mechanism', '10', '30000', 30300, 2, 53, 54); insert into TB_MGT_PERMISSION (ID, DELETED, CODE, NAME, STATUS, TYPE_, ICON, URL, APPLICATION_ID, PARENT_ID, ORDER_, LEVEL_, LFT, RGT) -values ('30400', 0, 'person', '人员管理', '1', '2', 'su-icon-people', '/user-server/person', '10', '30000', 30400, 2, 41, 42); +values ('30400', 0, 'person', '人员管理', '1', '2', 'su-icon-people', '/user-server/person', '10', '30000', 30400, 2, 55, 56); insert into TB_MGT_PERMISSION (ID, DELETED, CODE, NAME, STATUS, TYPE_, ICON, URL, APPLICATION_ID, PARENT_ID, ORDER_, LEVEL_, LFT, RGT) -values ('30500', 0, 'label', '标签管理', '1', '2', 'su-icon-biaoqian', '/user-server/label', '10', '30000', 30500, 2, 43, 44); +values ('30500', 0, 'label', '标签管理', '1', '2', 'su-icon-biaoqian', '/user-server/label', '10', '30000', 30500, 2, 57, 58); insert into TB_MGT_PERMISSION (ID, DELETED, CODE, NAME, STATUS, TYPE_, ICON, URL, APPLICATION_ID, PARENT_ID, ORDER_, LEVEL_, LFT, RGT) -values ('30600', 0, 'simpleUserGroupManage', '普通用户组管理', '1', '2', 'su-icon-portrait', '/user-server/simpleUserGroupManage', '10', '30000', 30600, 2, 45, 46); +values ('30600', 0, 'simpleUserGroupManage', '普通用户组管理', '1', '2', 'su-icon-portrait', '/user-server/simpleUserGroupManage', '10', '30000', 30600, 2, 59, 60); insert into TB_MGT_PERMISSION (ID, DELETED, CODE, NAME, STATUS, TYPE_, ICON, URL, APPLICATION_ID, PARENT_ID, ORDER_, LEVEL_, LFT, RGT) -values ('30700', 0, 'postUserGroupManage', '岗位用户组管理', '1', '2', 'su-icon-personnel', '/user-server/postUserGroupManage', '10', '30000', 30700, 2, 47, 48); +values ('30700', 0, 'postUserGroupManage', '岗位用户组管理', '1', '2', 'su-icon-personnel', '/user-server/postUserGroupManage', '10', '30000', 30700, 2, 61, 62); insert into TB_MGT_PERMISSION (ID, DELETED, CODE, NAME, STATUS, TYPE_, ICON, URL, APPLICATION_ID, PARENT_ID, ORDER_, LEVEL_, LFT, RGT) -values ('30750', 0, 'userScope', '用户规则', '1', '1', 'el-icon-guide', '/user-server/userScope', '1', '30000', 30750, 2, 51, 52); +values ('30750', 0, 'userScope', '用户规则', '0', '1', 'el-icon-guide', '/user-server/userScope', '1', '30000', 30750, 2, 63, 64); insert into TB_MGT_PERMISSION (ID, DELETED, CODE, NAME, STATUS, TYPE_, ICON, URL, APPLICATION_ID, PARENT_ID, ORDER_, LEVEL_, LFT, RGT) -values ('30800', 0, 'assignation', '人员分配', '1', '2', 'su-icon-tihuanbanliren', '/user-server/assignation', '10', '30000', 30800, 2, 49, 50); +values ('30800', 0, 'assignation', '人员分配', '1', '2', 'su-icon-tihuanbanliren', '/user-server/assignation', '10', '30000', 30800, 2, 65, 66); insert into TB_MGT_PERMISSION (ID, DELETED, CODE, NAME, STATUS, TYPE_, ICON, URL, APPLICATION_ID, PARENT_ID, ORDER_, LEVEL_, LFT, RGT) -values ('31000', 0, 'activateAccount', '账号激活审核', '1', '2', 'su-icon-yonghushouquan', '/user-server/activateAccount', '10', '30000', 31000, 2, 51, 52); +values ('31000', 0, 'activateAccount', '账号激活审核', '1', '2', 'su-icon-yonghushouquan', '/user-server/activateAccount', '10', '30000', 31000, 2, 67, 68); commit; ``` @@ -665,34 +729,61 @@ commit; use admin_center; insert into TB_MGT_PERMISSION (ID, DELETED, CODE, NAME, STATUS, TYPE_, ICON, URL, APPLICATION_ID, PARENT_ID, ORDER_, LEVEL_, LFT, RGT) -values ('40000', 0, 'authorization-server', '授权管理', '1', '2', '', '/', '10', '1', 40000, 1, 54, 77); +values ('40000', 0, 'authorization-server', '授权管理', '1', '2', '', '/', '10', '1', 40000, 1, 70, 95); insert into TB_MGT_PERMISSION (ID, DELETED, CODE, NAME, STATUS, TYPE_, ICON, URL, APPLICATION_ID, PARENT_ID, ORDER_, LEVEL_, LFT, RGT) -values ('40100', 0, 'applicationRole', '角色授权', '1', '2', 'su-icon-yingyongjuese', '/auth-server/applicationRole', '10', '40000', 40100, 2, 55, 56); +values ('40050', 0, 'applicationAuth', '授权对接应用', '1', '2', 'su-icon-guanliduan', '/auth-server/applicationAuth', '10', '40000', 40050, 2, 71, 72); + insert into TB_MGT_PERMISSION (ID, DELETED, CODE, NAME, STATUS, TYPE_, ICON, URL, APPLICATION_ID, PARENT_ID, ORDER_, LEVEL_, LFT, RGT) -values ('40200', 0, 'authorizationRoleComponent', '角色组授权', '1', '2', 'su-icon-juesezu', '/auth-server/authorizationRoleComponent', '10', '40000', 40200, 2, 57, 58); +values ('40100', 0, 'applicationRole', '角色授权', '1', '2', 'su-icon-yingyongjuese', '/auth-server/applicationRole', '10', '40000', 40100, 2, 73, 74); +insert into TB_MGT_PERMISSION (ID, DELETED, CODE, NAME, STATUS, TYPE_, ICON, URL, APPLICATION_ID, PARENT_ID, ORDER_, LEVEL_, LFT, RGT) +values ('40200', 0, 'authorizationRoleComponent', '角色组授权', '1', '2', 'su-icon-juesezu', '/auth-server/authorizationRoleComponent', '10', '40000', 40200, 2, 75, 76); insert into TB_MGT_PERMISSION (ID, DELETED, CODE, NAME, STATUS, TYPE_, ICON, URL, APPLICATION_ID, PARENT_ID, ORDER_, LEVEL_, LFT, RGT) -values ('40300', 0, 'userAuthManagePeople', '用户授权', '1', '2', 'su-icon-yonghushouquan', '/auth-server/userAuthManagePeople', '10', '40000', 40300, 2, 59, 60); +values ('40300', 0, 'userAuthManagePeople', '用户授权', '1', '2', 'su-icon-yonghushouquan', '/auth-server/userAuthManagePeople', '10', '40000', 40300, 2, 77, 78); insert into TB_MGT_PERMISSION (ID, DELETED, CODE, NAME, STATUS, TYPE_, ICON, URL, APPLICATION_ID, PARENT_ID, ORDER_, LEVEL_, LFT, RGT) -values ('40400', 0, 'roleAuthManagement', '用户规则授权', '1', '2', 'su-icon-yonghuguize', '/auth-server/roleAuthManagement', '10', '40000', 40400, 2, 61, 62); +values ('40400', 0, 'roleAuthManagement', '用户规则授权', '0', '2', 'su-icon-yonghuguize', '/auth-server/roleAuthManagement', '10', '40000', 40400, 2, 79, 80); insert into TB_MGT_PERMISSION (ID, DELETED, CODE, NAME, STATUS, TYPE_, ICON, URL, APPLICATION_ID, PARENT_ID, ORDER_, LEVEL_, LFT, RGT) -values ('40500', 0, 'userGroupAuth', '用户组授权', '1', '2', 'su-icon-yonghuguize', '/auth-server/userGroupAuth', '10', '40000', 40500, 2, 63, 64); +values ('40500', 0, 'userGroupAuth', '用户组授权', '1', '2', 'su-icon-yonghuguize', '/auth-server/userGroupAuth', '10', '40000', 40500, 2, 81, 82); insert into TB_MGT_PERMISSION (ID, DELETED, CODE, NAME, STATUS, TYPE_, ICON, URL, APPLICATION_ID, PARENT_ID, ORDER_, LEVEL_, LFT, RGT) -values ('40900', 0, 'authorizationAndManagement', '分级授权管理', '1', '2', 'su-icon-shouquanjiguanli', '/auth-server/authorizationAndManagement', '10', '40000', 40900, 2, 65, 66); +values ('40900', 0, 'authorizationAndManagement', '分级授权管理', '1', '2', 'su-icon-shouquanjiguanli', '/auth-server/authorizationAndManagement', '10', '40000', 40900, 2, 83, 84); insert into TB_MGT_PERMISSION (ID, DELETED, CODE, NAME, STATUS, TYPE_, ICON, URL, APPLICATION_ID, PARENT_ID, ORDER_, LEVEL_, LFT, RGT) -values ('41100', 0, 'accountAuthorizationAudit', '账号授权审计', '1', '2', 'su-icon-zhsqsj', '/auth-server/accountAuthorizationAudit', '10', '40000', 41100, 2, 67, 68); +values ('41100', 0, 'accountAuthorizationAudit', '账号授权审计', '0', '2', 'su-icon-zhsqsj', '/auth-server/accountAuthorizationAudit', '10', '40000', 41100, 2, 85, 86); insert into TB_MGT_PERMISSION (ID, DELETED, CODE, NAME, STATUS, TYPE_, ICON, URL, APPLICATION_ID, PARENT_ID, ORDER_, LEVEL_, LFT, RGT) -values ('41200', 0, 'userAudit', '用户规则权限审计', '1', '2', 'su-icon-yhgzqxsj', '/auth-server/userAudit', '10', '40000', 41200, 2, 69, 70); +values ('41200', 0, 'userAudit', '用户规则权限审计', '0', '2', 'su-icon-yhgzqxsj', '/auth-server/userAudit', '10', '40000', 41200, 2, 87, 88); insert into TB_MGT_PERMISSION (ID, DELETED, CODE, NAME, STATUS, TYPE_, ICON, URL, APPLICATION_ID, PARENT_ID, ORDER_, LEVEL_, LFT, RGT) -values ('41300', 0, 'rolePermissionAudit', '角色/组授权审计', '1', '2', 'su-icon-jszsqsj', '/auth-server/rolePermissionAudit', '10', '40000', 41300, 2, 71, 72); +values ('41300', 0, 'rolePermissionAudit', '角色/组授权审计', '0', '2', 'su-icon-jszsqsj', '/auth-server/rolePermissionAudit', '10', '40000', 41300, 2, 89, 90); insert into TB_MGT_PERMISSION (ID, DELETED, CODE, NAME, STATUS, TYPE_, ICON, URL, APPLICATION_ID, PARENT_ID, ORDER_, LEVEL_, LFT, RGT) -values ('41400', 0, 'authOperationsAudit', '权限操作审计', '1', '2', 'su-icon-qxczsj', '/auth-server/authOperationsAudit', '10', '40000', 41400, 2, 73, 74); +values ('41400', 0, 'authOperationsAudit', '权限操作审计', '0', '2', 'su-icon-qxczsj', '/auth-server/authOperationsAudit', '10', '40000', 41400, 2, 91, 92); insert into TB_MGT_PERMISSION (ID, DELETED, CODE, NAME, STATUS, TYPE_, ICON, URL, APPLICATION_ID, PARENT_ID, ORDER_, LEVEL_, LFT, RGT) -values ('41500', 0, 'authStatisticalMonitor', '授权统计监控', '1', '2', 'su-icon-sqtjjk', '/auth-server/authStatisticalMonitor', '10', '40000', 41500, 2, 75, 76); +values ('41500', 0, 'authStatisticalMonitor', '授权统计监控', '0', '2', 'su-icon-sqtjjk', '/auth-server/authStatisticalMonitor', '10', '40000', 41500, 2, 93, 94); + +commit; +``` + +* 调整父级菜单 云平台管理 的 LFT、RGT + +```sql +update TB_MGT_PERMISSION +set + LFT=21, RGT=96 +where ID='1' +; + +commit; +``` + +* 统一修改 ORIGIN + +```sql +update TB_MGT_PERMISSION +set + ORIGIN='http://admin-platform.paas.example.com' +where APPLICATION_ID='10' +; commit; ``` @@ -703,19 +794,17 @@ commit; 角色由授权服务进行初始化 -#### 方式一,手动导入 +#### 方式一,手动导入(暂不支持) -进入 云平台 - 基础管理 - 菜单管理,导入 +进入 云平台 - 基础管理 - 角色权限,导入 -所属应用 选择 用户授权 - -菜单列表(JSON)如下,(复制后粘贴) +角色权限(JSON)如下,(复制后粘贴) ```json [ { "roleId": "20", "roleCode":"cas-admin", - "permissionIdOrCodes": ["20000", "20100", "20200", "20300", "20400", "20500", "20600", "20700", "20800", "21000", "21100"] + "permissionIdOrCodes": ["20000", "20100", "20200", "20300", "20400", "20500", "20600", "20700", "20800", "20900", "21000", "21100", "22000"] }, { "roleId": "30", "roleCode": "user-admin", @@ -723,11 +812,11 @@ commit; }, { "roleId": "40", "roleCode": "user-authz-admin", - "permissionIdOrCodes": ["40000", "40100", "40200", "40300", "40400", "40500", "40900", "41100", "41200", "41300", "41400", "41500"] + "permissionIdOrCodes": ["40000", "40050", "40100", "40200", "40300", "40500", "40900"] }, { "roleId": "41", "roleCode": "user-authz-grant-admin", - "permissionIdOrCodes": ["40000", "40100", "40300", "40400", "40500"] + "permissionIdOrCodes": ["40000", "40100", "40300", "40500"] }, { "roleId": "42", "roleCode": "user-authz-man-grant-admin", @@ -755,7 +844,7 @@ curl -i -s -X POST "http://admin-platform-admin-center-sa.admin-platform.svc.clu [ { "roleId": "20", "roleCode":"cas-admin", - "permissionIdOrCodes": ["20000", "20100", "20200", "20300", "20400", "20500", "20600", "20700", "20800", "21000", "21100"] + "permissionIdOrCodes": ["20000", "20100", "20200", "20300", "20400", "20500", "20600", "20700", "20800", "20900", "21000", "21100", "22000"] }, { "roleId": "30", "roleCode": "user-admin", @@ -763,11 +852,11 @@ curl -i -s -X POST "http://admin-platform-admin-center-sa.admin-platform.svc.clu }, { "roleId": "40", "roleCode": "user-authz-admin", - "permissionIdOrCodes": ["40000", "40100", "40200", "40300", "40400", "40500", "40900", "41100", "41200", "41300", "41400", "41500"] + "permissionIdOrCodes": ["40000", "40050", "40100", "40200", "40300", "40500", "40900"] }, { "roleId": "41", "roleCode": "user-authz-grant-admin", - "permissionIdOrCodes": ["40000", "40100", "40300", "40400", "40500"] + "permissionIdOrCodes": ["40000", "40100", "40300", "40500"] }, { "roleId": "42", "roleCode": "user-authz-man-grant-admin", @@ -784,26 +873,30 @@ curl -i -s -X POST "http://admin-platform-admin-center-sa.admin-platform.svc.clu 连接至 admin_center 数据库,执行以下 SQL脚本 ```sql +use admin_center; insert into TB_MGT_ROLE_PERMISSION (ID, DELETED, ROLE_ID, PERMISSION_ID) select CONCAT('20_', ID) as ID, 0 as DELETED, '20' as ROLE_ID, ID as PERMISSION_ID from TB_MGT_PERMISSION -where ID like '2____' or ID='1' +where (ID like '2____' or ID='1') + and CONCAT('20_', ID) not in (select ID from TB_MGT_ROLE_PERMISSION) ; insert into TB_MGT_ROLE_PERMISSION (ID, DELETED, ROLE_ID, PERMISSION_ID) select CONCAT('30_', ID) as ID, 0 as DELETED, '30' as ROLE_ID, ID as PERMISSION_ID from TB_MGT_PERMISSION -where ID like '3____' or ID='1' +where (ID like '3____' or ID='1') + and CONCAT('30_', ID) not in (select ID from TB_MGT_ROLE_PERMISSION) ; insert into TB_MGT_ROLE_PERMISSION (ID, DELETED, ROLE_ID, PERMISSION_ID) select CONCAT('40_', ID) as ID, 0 as DELETED, '40' as ROLE_ID, ID as PERMISSION_ID from TB_MGT_PERMISSION -where ID like '4____' or ID='1' +where (ID like '4____' or ID='1') + and CONCAT('40_', ID) not in (select ID from TB_MGT_ROLE_PERMISSION) ; @@ -811,7 +904,8 @@ insert into TB_MGT_ROLE_PERMISSION (ID, DELETED, ROLE_ID, PERMISSION_ID) select CONCAT('41_', ID) as ID, 0 as DELETED, '41' as ROLE_ID, ID as PERMISSION_ID from TB_MGT_PERMISSION -where ID in ('40000', '40100', '40300', '40400', '40500') or ID='1' +where (ID in ('40000', '40100', '40300', '40400', '40500') or ID='1') + and CONCAT('41_', ID) not in (select ID from TB_MGT_ROLE_PERMISSION) ; @@ -819,10 +913,10 @@ insert into TB_MGT_ROLE_PERMISSION (ID, DELETED, ROLE_ID, PERMISSION_ID) select CONCAT('42_', ID) as ID, 0 as DELETED, '41' as ROLE_ID, ID as PERMISSION_ID from TB_MGT_PERMISSION -where ID in ('40000', '40900') or ID='1' +where (ID in ('40000', '40900') or ID='1') + and CONCAT('42_', ID) not in (select ID from TB_MGT_ROLE_PERMISSION) ; commit; - ``` -- 2.17.1