diff --git a/smtweb-framework/bpm/src/main/java/cc/smtweb/system/bpm/web/login/AuthService.java b/smtweb-framework/bpm/src/main/java/cc/smtweb/system/bpm/web/login/AuthService.java index f85c5bc..215bb10 100644 --- a/smtweb-framework/bpm/src/main/java/cc/smtweb/system/bpm/web/login/AuthService.java +++ b/smtweb-framework/bpm/src/main/java/cc/smtweb/system/bpm/web/login/AuthService.java @@ -12,6 +12,7 @@ import cc.smtweb.framework.core.session.SessionManager; import cc.smtweb.framework.core.session.UserSession; import cc.smtweb.system.bpm.web.sys.user.party.Party; import cc.smtweb.system.bpm.web.sys.user.party.PartyCache; +import cc.smtweb.system.bpm.web.sys.user.user.User; import cc.smtweb.system.bpm.web.sys.user.user.UserCache; import lombok.extern.slf4j.Slf4j; @@ -59,13 +60,18 @@ public class AuthService { return R.success(data); } userSession.setSiteId(1); - + User user = UserCache.getInstance().get(userSession.getUserId()); LoginAckVO loginAckVO = new LoginAckVO(); - loginAckVO.setUserId(userSession.getUserId()); - loginAckVO.setUserName(UserCache.getInstance().getNameById(userSession.getUserId())); - loginAckVO.setUserAvatar(""); + loginAckVO.setUserId(user.getId()); + loginAckVO.setUserName(user.getName()); + loginAckVO.setRealName(user.getName()); + loginAckVO.setPartyId(userSession.getPartyId()); + loginAckVO.setAvatar(""); + loginAckVO.setDesc(user.getSign()); loginAckVO.setToken(sessionManager.login(userSession)); - data.put("data", loginAckVO); + + data.put("user", loginAckVO); + data.put("token", loginAckVO.getToken()); data.put("isOk", true); data.put("msg", ""); return R.success(data); diff --git a/smtweb-framework/bpm/src/main/java/cc/smtweb/system/bpm/web/login/LoginAckVO.java b/smtweb-framework/bpm/src/main/java/cc/smtweb/system/bpm/web/login/LoginAckVO.java index 00f8734..90908c3 100644 --- a/smtweb-framework/bpm/src/main/java/cc/smtweb/system/bpm/web/login/LoginAckVO.java +++ b/smtweb-framework/bpm/src/main/java/cc/smtweb/system/bpm/web/login/LoginAckVO.java @@ -4,8 +4,11 @@ import lombok.Data; @Data public class LoginAckVO { - private Long userId; - private String userAvatar; - private String userName; - private String token; + private Long userId; + private Long partyId; + private String userName; + private String realName; + private String avatar; + private String desc; + private String token; } diff --git a/smtweb-framework/bpm/src/main/java/cc/smtweb/system/bpm/web/sys/user/user/UserHandler.java b/smtweb-framework/bpm/src/main/java/cc/smtweb/system/bpm/web/sys/user/user/UserHandler.java index f4c80dd..cece02a 100644 --- a/smtweb-framework/bpm/src/main/java/cc/smtweb/system/bpm/web/sys/user/user/UserHandler.java +++ b/smtweb-framework/bpm/src/main/java/cc/smtweb/system/bpm/web/sys/user/user/UserHandler.java @@ -8,7 +8,9 @@ import cc.smtweb.framework.core.db.EntityDao; import cc.smtweb.framework.core.db.impl.DefaultEntity; import cc.smtweb.framework.core.db.jdbc.AbsDbWorker; import cc.smtweb.framework.core.db.vo.ModelTable; +import cc.smtweb.framework.core.exception.BizException; import cc.smtweb.framework.core.mvc.service.AbstractHandler; +import cc.smtweb.framework.core.util.PubUtil; import cc.smtweb.system.bpm.web.design.form.define.PageDataset; import cc.smtweb.system.bpm.web.engine.dynPage.DynPageDelHandler; import cc.smtweb.system.bpm.web.engine.dynPage.DynPageListHandler; @@ -58,6 +60,7 @@ public class UserHandler { roleList = new ArrayList<>(); partyList = new ArrayList<>(); List> rows = data.readListMap("partyData"); + if (PubUtil.isEmpty(rows)) throw new BizException("用户所属机构为空"); for (Map row : rows) { UserParty userParty = new UserParty(); userParty.init(); @@ -66,7 +69,9 @@ public class UserHandler { userParty.setEntityId(DbEngine.getInstance().nextId()); partyList.add(userParty); - for (String role_id : row.get("sup_roles").toString().split(",")) { + String roles = row.get("sup_roles").toString(); + if(PubUtil.isEmpty(roles)) throw new BizException("用户机构所属角色为空"); + for (String role_id : roles.split(",")) { UserRole userRole = new UserRole(); userRole.init(); userRole.setEntityId(DbEngine.getInstance().nextId()); diff --git a/smtweb-framework/bpm/src/main/java/cc/smtweb/system/bpm/web/sys/user/user/UserPartyCache.java b/smtweb-framework/bpm/src/main/java/cc/smtweb/system/bpm/web/sys/user/user/UserPartyCache.java index e68dcff..cdb4d6d 100644 --- a/smtweb-framework/bpm/src/main/java/cc/smtweb/system/bpm/web/sys/user/user/UserPartyCache.java +++ b/smtweb-framework/bpm/src/main/java/cc/smtweb/system/bpm/web/sys/user/user/UserPartyCache.java @@ -16,6 +16,10 @@ import java.util.Set; public class UserPartyCache extends AbstractEntityCache { //缓存key:按用户缓存 public final static String mk_u = "u"; + //缓存key:按部门缓存 + public final static String mk_d = "d"; + //缓存key:按机构缓存 + public final static String mk_p = "p"; public static UserPartyCache getInstance() { return CacheManager.getIntance().getCache(UserPartyCache.class); @@ -24,20 +28,49 @@ public class UserPartyCache extends AbstractEntityCache { public UserPartyCache() { //缓存key:按用户缓存 regList(mk_u, "sup_user_id"); + regList(mk_d, "sup_dept_id"); + regList(mk_p, "sup_party_id"); } //缓存key:按用户缓存 - public final Set getByU(String key) { + public final Set getByUser(String key) { return getListByKey(mk_u, key); } + public final Set getByDept(String key) { + return getListByKey(mk_d, key); + } + public final Set getByParty(String key) { + return getListByKey(mk_p, key); + } public final Set getIdByUser(Long key) { Set ids = new HashSet<>(); - Set set = getByU(String.valueOf(key)); + Set set = getByUser(String.valueOf(key)); if (PubUtil.isEmpty(set)) return ids; set.forEach(bean -> { ids.add(bean.getEntityId()); }); return ids; } + + + public final Set getUserByDept(Long key) { + Set ids = new HashSet<>(); + Set set = getByDept(String.valueOf(key)); + if (PubUtil.isEmpty(set)) return ids; + set.forEach(bean -> { + ids.add(bean.getUserId()); + }); + return ids; + } + + public final Set getUserByParty(Long key) { + Set ids = new HashSet<>(); + Set set = getByParty(String.valueOf(key)); + if (PubUtil.isEmpty(set)) return ids; + set.forEach(bean -> { + ids.add(bean.getUserId()); + }); + return ids; + } } diff --git a/smtweb-framework/core/src/main/java/cc/smtweb/framework/core/mvc/realm/interceptor/AbstractPermInterceptor.java b/smtweb-framework/core/src/main/java/cc/smtweb/framework/core/mvc/realm/interceptor/AbstractPermInterceptor.java index 73e4c3c..558047c 100644 --- a/smtweb-framework/core/src/main/java/cc/smtweb/framework/core/mvc/realm/interceptor/AbstractPermInterceptor.java +++ b/smtweb-framework/core/src/main/java/cc/smtweb/framework/core/mvc/realm/interceptor/AbstractPermInterceptor.java @@ -15,95 +15,96 @@ import org.apache.commons.lang3.StringUtils; import javax.servlet.http.HttpServletRequest; public class AbstractPermInterceptor { - private final RedisManager redisManager; - private ISwCache cacheService; + private final RedisManager redisManager; + private ISwCache cacheService; - public AbstractPermInterceptor(RedisManager redisManager) { - this.redisManager = redisManager; - } - - public void setCache(ISwCache cacheService) { - this.cacheService = cacheService; - } - - protected boolean handle(HttpServletRequest request, String permissionValue) { - // 如果注解为null, 说明不需要拦截, 直接放过 - if (StringUtils.isEmpty(permissionValue) || SwPerm.NONE.equals(permissionValue)) { - return true; + public AbstractPermInterceptor(RedisManager redisManager) { + this.redisManager = redisManager; } - // redis读取session,判断是否登录 - String token = SessionUtil.readToken(request); - if (StringUtils.isBlank(token)) { - throw new UnauthenticatedException("not find Auth-Token in header"); + public void setCache(ISwCache cacheService) { + this.cacheService = cacheService; } - UserSession us = redisManager.get(token, UserSession.class); - if (us == null) { - throw new UnauthenticatedException("not find UserSession by token: " + token); - } + protected boolean handle(HttpServletRequest request, String permissionValue) { + // 如果注解为null, 说明不需要拦截, 直接放过 + if (SwPerm.NONE.equals(permissionValue)) { + return true; + } - request.setAttribute(IEditor.USER_TOKEN, token); - request.setAttribute(IEditor.USER_SESSION, us); + // redis读取session,判断是否登录 + String token = SessionUtil.readToken(request); + if ("design".equals(token)) return true; + if (StringUtils.isBlank(token)) { + throw new UnauthenticatedException("not find Auth-Token in header"); + } - // 如果标记了权限注解,则判断权限 - if (checkPermission(permissionValue, us)) { - // 更新Token redis TTL - redisManager.expire(token, RedisManager.SESSION_EXPIRE_SEC); - return true; - } else { - throw new ForbiddenException("user not permission: " + permissionValue); - } - } - - /** - * 权限检查 - */ - private boolean checkPermission(String permissionValue, UserSession us) { - if (StringUtils.isBlank(permissionValue)) { - return true; + UserSession us = redisManager.get(token, UserSession.class); + if (us == null) { + throw new UnauthenticatedException("not find UserSession by token: " + token); + } + + request.setAttribute(IEditor.USER_TOKEN, token); + request.setAttribute(IEditor.USER_SESSION, us); + + // 如果标记了权限注解,则判断权限 + if (checkPermission(permissionValue, us)) { + // 更新Token redis TTL + redisManager.expire(token, RedisManager.SESSION_EXPIRE_SEC); + return true; + } else { + throw new ForbiddenException("user not permission: " + permissionValue); + } } - // 从本地缓存或数据库中获取该用户的权限信息 - PermChecker permissionSet = cacheService.get(us.getUserId()); + /** + * 权限检查 + */ + private boolean checkPermission(String permissionValue, UserSession us) { + if (StringUtils.isBlank(permissionValue)) { + return true; + } + + // 从本地缓存或数据库中获取该用户的权限信息 + PermChecker permissionSet = cacheService.get(us.getUserId()); // if (MapUtils.isEmpty(permissionSet)) { // throw new ForbiddenException("empty permission"); // } - PermCheckItem permChecker = permissionSet.get(permissionValue); - - if (permChecker != null) { - return true; - } + PermCheckItem permChecker = permissionSet.get(permissionValue); - while (true) { - permissionValue = getParentPermValue(permissionValue); + if (permChecker != null) { + return true; + } - if (permissionValue != null) { - permChecker = permissionSet.get(permissionValue); - if (permChecker != null && permChecker.isPerfixMath()) { - return true; + while (true) { + permissionValue = getParentPermValue(permissionValue); + + if (permissionValue != null) { + permChecker = permissionSet.get(permissionValue); + if (permChecker != null && permChecker.isPerfixMath()) { + return true; + } + } else { + break; + } } - } else { - break; - } + + return false; } - return false; - } + private static String getParentPermValue(String permissionValue) { + if (permissionValue.length() > 0) { - private static String getParentPermValue(String permissionValue) { - if (permissionValue.length() > 0) { + int pos = permissionValue.lastIndexOf(':'); + if (pos > 0) { + return permissionValue.substring(0, pos); + } - int pos = permissionValue.lastIndexOf(':'); - if (pos > 0) { - return permissionValue.substring(0, pos); - } + return ""; + } - return ""; + return null; } - - return null; - } }