feat: 按钮级权限控制

1、按钮级权限控制原理已实现并测试
2、对需要按钮级权限控制的接口的注解进行整改。

@@ -56,10 +56,12 @@ import static org.thingsboard.server.common.data.yunteng.constant.QueryConstant.
 public class YtDeviceController extends BaseController {
 public class YtDeviceController extends BaseController {
     private final YtDeviceService deviceService;
     private final YtDeviceService deviceService;
     private final DeviceService tbDeviceService;
     private final DeviceService tbDeviceService;
+    String sePL = new Date().toString();
 
 
     @PostMapping
     @PostMapping
     @ApiOperation("创建|编辑")
     @ApiOperation("创建|编辑")
-    @PreAuthorize("hasAnyAuthority('TENANT_ADMIN')")
+//    @PreAuthorize("hasAnyAuthority('TENANT_ADMIN')")
+    @PreAuthorize("@check.checkPermissions({'TENANT_ADMIN'},{})")
     public ResponseEntity<DeviceDTO> saveDevice(
     public ResponseEntity<DeviceDTO> saveDevice(
             @Validated(AddGroup.class) @RequestBody DeviceDTO deviceDTO) throws ThingsboardException, ExecutionException, InterruptedException {
             @Validated(AddGroup.class) @RequestBody DeviceDTO deviceDTO) throws ThingsboardException, ExecutionException, InterruptedException {
         String currentTenantId = getCurrentUser().getCurrentTenantId();
         String currentTenantId = getCurrentUser().getCurrentTenantId();

+package org.thingsboard.server.controller.yunteng.permission;
+
+import com.alibaba.excel.util.StringUtils;
+import lombok.RequiredArgsConstructor;
+import lombok.extern.slf4j.Slf4j;
+import org.springframework.security.core.Authentication;
+import org.springframework.security.core.context.SecurityContextHolder;
+import org.springframework.stereotype.Service;
+import org.thingsboard.server.dao.yunteng.service.RoleService;
+import org.thingsboard.server.service.security.model.SecurityUser;
+
+import java.util.List;
+import java.util.Set;
+
+@Service("check")
+@Slf4j
+@RequiredArgsConstructor
+public class PermissionTools {
+
+    private final RoleService roleService;
+
+    /**
+     * 接口权限校验
+     *
+     * @param needRoles      接口访问所需角色
+     * @param needPermission 接口访问所需权限
+     * @return
+     */
+    public Boolean checkPermissions(List<String> needRoles, Set<String> needPermission) {
+        SecurityUser securityUser = null;
+        Authentication authentication = SecurityContextHolder.getContext().getAuthentication();
+        if (authentication != null && authentication.getPrincipal() instanceof SecurityUser) {
+            securityUser = (SecurityUser) authentication.getPrincipal();
+        }
+        if (securityUser == null) {
+            return false;
+        }
+        Set<String> userRoles = securityUser.getRoles();
+        if (needRoles != null && !needRoles.isEmpty()) {
+            if (userRoles == null) {
+                return false;
+            }
+            boolean roleMatched = userRoles.stream().anyMatch(f -> needRoles.contains(f));
+            if (!roleMatched) {
+                return false;
+            }
+        }
+
+        if (needPermission != null && !needPermission.isEmpty()) {
+            Set<String> userPermissions = roleService.getPermissions(securityUser.isPtSysadmin(), securityUser.isPtTenantAdmin(), securityUser.getCurrentTenantId(), securityUser.getCurrentUserId());
+            if (userPermissions == null || userPermissions.isEmpty()) {
+                return false;
+            }
+            boolean permissionMatched = userPermissions.stream().anyMatch(f -> needPermission.contains(f));
+            if (!permissionMatched) {
+                return false;
+            }
+        }
+
+        return true;
+    }
+}