!225 shiro启用

Merge pull request !225 from 小伍/master

src/main/java/net/mingsoft/cms/action/ContentAction.java

@@ -102,6 +102,7 @@ public class ContentAction extends BaseAction{
 			BaseEntity contentEntity = contentBiz.getEntity(Integer.parseInt(content.getId()));			
 			model.addAttribute("contentEntity",contentEntity);
 		}
+		model.addAttribute("appId",BasicUtil.getAppId());
 		return "/cms/content/form";
 	}
 

src/main/java/net/mingsoft/config/ShiroConfig.java

@@ -1,17 +1,17 @@
 package net.mingsoft.config;
 
-import java.util.LinkedHashMap;
-import java.util.Map;
-
+import net.mingsoft.basic.security.BaseAuthRealm;
 import org.apache.shiro.mgt.SecurityManager;
+import org.apache.shiro.spring.security.interceptor.AuthorizationAttributeSourceAdvisor;
 import org.apache.shiro.spring.web.ShiroFilterFactoryBean;
 import org.apache.shiro.web.mgt.DefaultWebSecurityManager;
+import org.springframework.aop.framework.autoproxy.DefaultAdvisorAutoProxyCreator;
 import org.springframework.beans.factory.annotation.Value;
 import org.springframework.context.annotation.Bean;
 import org.springframework.context.annotation.Configuration;
-import org.springframework.context.annotation.PropertySource;
 
-import net.mingsoft.basic.security.BaseAuthRealm;
+import java.util.LinkedHashMap;
+import java.util.Map;
 
 @Configuration
 public class ShiroConfig {
@@ -19,6 +19,29 @@ public class ShiroConfig {
 	@Value("${ms.manager.path}")
 	private String managerPath;
 
+	/**
+	 * 开启Shiro的注解(如@RequiresRoles , @RequiresPermissions),需借助SspringAOP扫描使用Sshiro注解的类，并在必要时进行安全逻辑验证
+	 * 配置以下两个bean(Defaul tAdvisorAutoProxyCreator和uthorizat ionAttributeSourceAdvisor)即可实现此功能
+	 */
+	@Bean
+	public DefaultAdvisorAutoProxyCreator advisorAutoProxyCreator(){
+		DefaultAdvisorAutoProxyCreator advisorAutoProxyCreator = new DefaultAdvisorAutoProxyCreator();
+		advisorAutoProxyCreator.setProxyTargetClass(true);
+		return advisorAutoProxyCreator;
+	}
+
+	/**
+	 * 开启shiro aop注解支持
+	 * 使用代理方式;所以需要开启代码支持
+	 * @param securityManager
+	 */
+	@Bean
+	public AuthorizationAttributeSourceAdvisor authorizationAttributeSourceAdvisor(SecurityManager securityManager){
+		AuthorizationAttributeSourceAdvisor authorizationAttributeSourceAdvisor = new AuthorizationAttributeSourceAdvisor();
+		authorizationAttributeSourceAdvisor.setSecurityManager(securityManager);
+		return authorizationAttributeSourceAdvisor;
+	}
+
 	@Bean
 	public ShiroFilterFactoryBean shirFilter(SecurityManager securityManager) {
 		ShiroFilterFactoryBean shiroFilterFactoryBean = new ShiroFilterFactoryBean();

src/main/webapp/WEB-INF/manager/cms/content/form.ftl

@@ -184,7 +184,7 @@
                             :limit="1"
                             :on-exceed="contentImghandleExceed"
                             :disabled="false"
-                            :data="{uploadPath:'/cms/content','isRename':true,'appId':true}"
+                            :data="{uploadPath:'/${appId}/cms/content','isRename':true}"
                             :on-success="contentImgSuccess"
                             accept="image/*"
                             list-type="picture-card">
@@ -267,7 +267,7 @@
                     maximumWords: 2000,
                     initialFrameWidth: '100%',
                     initialFrameHeight: 400,
-                    serverUrl: ms.base + "/static/plugins/ueditor/1.4.3.1/jsp/editor.do?jsonConfig=%7BvideoUrlPrefix:\'" + ms.base + "\',fileUrlPrefix:\'" + ms.base + "\',imageUrlPrefix:\'" + ms.base + "\',imagePathFormat:\'/upload/cms/content/editor/%7Btime%7D\',filePathFormat:\'/upload/cms/content/editor/%7Btime%7D\',videoPathFormat:\'/upload/cms/content/editor/%7Btime%7D\'%7D",
+                    serverUrl: ms.base + "/static/plugins/ueditor/1.4.3.1/jsp/editor.do?jsonConfig=%7BvideoUrlPrefix:\'" + ms.base + "\',fileUrlPrefix:\'" + ms.base + "\',imageUrlPrefix:\'" + ms.base + "\',imagePathFormat:\'/upload/${appId}/cms/content/editor/%7Btime%7D\',filePathFormat:\'/upload/${appId}/cms/content/editor/%7Btime%7D\',videoPathFormat:\'/upload/${appId}/cms/content/editor/%7Btime%7D\'%7D",
                     UEDITOR_HOME_URL: ms.base + '/static/plugins/ueditor/1.4.3.1/'
                 },
                 contentCategoryIdOptions: [],

src/main/webapp/static/plugins/ms/1.0.0/ms.util.js

@@ -20,7 +20,18 @@
             log(e.message);
         }
     }
-    //树形数据组织
+
+    /**
+     * 列表数据转化为树形结构的列表
+     * @param source 数据源list
+     * @param id 编号
+     * @param parentId 父级编号
+     * @param children 树形子集变量
+     * @returns {*}
+     * 支持父级编号为 0或null
+     * 原始数据[{id:1,titile:"标题",pid:0},{id:2,titile:"标题",pid:1}]
+     * 转化树形数据：[{id:1,titile:"标题",pid:0,children:[{id:2,titile:"标题",pid:1}]}]
+     */
     function treeData(source, id, parentId, children) {
         var cloneData = JSON.parse(JSON.stringify(source));
         return cloneData.filter(function (father) {
@@ -28,7 +39,7 @@
                 return father[id] == child[parentId];
             });
             branchArr.length > 0 ? father[children] = branchArr : '';
-            return !father[parentId] || father[parentId] == '0'; // 如果第一层不是parentId=0，请自行修改
+            return !father[parentId] || father[parentId] == '0' ||  father[parentId] == null ;
         });
     }
     //验证是否为子集