You cannot select more than 25 topics
Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
2.3 KiB
2.3 KiB
权限校验
核心理念
建立用户-组-权限资源的关系,对用户进行鉴权
鉴权流程
在权限表(permission)中插入资源信息
INSERT INTO permission (id, res_type, area, res_full_path, res_full_name, operation_bit, expire_date, created_time,
updated_time, created_by, updated_by)
VALUES (101, 'hive', 'china', '/test.db/test', '/测试库/测试表', 'select', '2099-12-26 10:45:26', now(), now(),
'system', 'system'),
(102, 'hive', 'china', '/test.db/test1', '/测试库/测试表1', 'select', '2099-12-26 10:45:26', now(), now(),
'system', 'system'),
(103, 'hive', 'china', '/test.db', '/测试库', 'select', '2099-12-26 10:45:26', now(), now(),
'system', 'system');
在组-权限表建立连接
INSERT INTO group_permission_relation (id, group_id, permission_id, created_time, updated_time, created_by, updated_by)
VALUES (1, 101, 101, now(), now(), 'system', 'system'),
(2, 101, 102, now(), now(), 'system', 'system'),
(3, 101, 103, now(), now(), 'system', 'system'),
(4, 102, 101, now(), now(), 'system', 'system'),
(5, 102, 102, now(), now(), 'system', 'system'),
(6, 103, 101, now(), now(), 'system', 'system'),
(7, 103, 102, now(), now(), 'system', 'system'),
(8, 103, 103, now(), now(), 'system', 'system');
访问接口进行鉴权
curl --location --request POST 'http://127.0.0.1:8443/authentication-server/auth/data/permission' \
--header 'Authorization: Bearer eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJ1c2VyX25hbWUiOiJhZG1pbiIsInNjb3BlIjpbInJlYWQiXSwib3JnYW5pemF0aW9uIjoiYWRtaW4iLCJleHAiOjE2MzkwNzQ1MTMsImF1dGhvcml0aWVzIjpbIkFETUlOIl0sImp0aSI6IllsVVhlV2d1VFBRbGdmSHYyY0VGOC1seEVGRSIsImNsaWVudF9pZCI6InRlc3RfY2xpZW50In0.1JqUvfv5i9wd9F7hWYW-Xafoc5bh9tFEupIoVYW09nU' \
--header 'User-Agent: apifox/1.0.0 (https://www.apifox.cn)' \
--header 'Content-Type: application/json' \
--data-raw '{
"resFullName": "/测试库/测试表",
"area": "china",
"resType": "hive",
"operationBit": "select",
"resFullPath": "/test.db/test",
"groupCode": "101"
}'
