Browse Source

登录

master
yaoq 2 years ago
parent
commit
ac30826a28
5 changed files with 128 additions and 80 deletions
  1. +11
    -5
      smtweb-framework/bpm/src/main/java/cc/smtweb/system/bpm/web/login/AuthService.java
  2. +7
    -4
      smtweb-framework/bpm/src/main/java/cc/smtweb/system/bpm/web/login/LoginAckVO.java
  3. +6
    -1
      smtweb-framework/bpm/src/main/java/cc/smtweb/system/bpm/web/sys/user/user/UserHandler.java
  4. +35
    -2
      smtweb-framework/bpm/src/main/java/cc/smtweb/system/bpm/web/sys/user/user/UserPartyCache.java
  5. +69
    -68
      smtweb-framework/core/src/main/java/cc/smtweb/framework/core/mvc/realm/interceptor/AbstractPermInterceptor.java

+ 11
- 5
smtweb-framework/bpm/src/main/java/cc/smtweb/system/bpm/web/login/AuthService.java View File

@@ -12,6 +12,7 @@ import cc.smtweb.framework.core.session.SessionManager;
import cc.smtweb.framework.core.session.UserSession; import cc.smtweb.framework.core.session.UserSession;
import cc.smtweb.system.bpm.web.sys.user.party.Party; import cc.smtweb.system.bpm.web.sys.user.party.Party;
import cc.smtweb.system.bpm.web.sys.user.party.PartyCache; import cc.smtweb.system.bpm.web.sys.user.party.PartyCache;
import cc.smtweb.system.bpm.web.sys.user.user.User;
import cc.smtweb.system.bpm.web.sys.user.user.UserCache; import cc.smtweb.system.bpm.web.sys.user.user.UserCache;
import lombok.extern.slf4j.Slf4j; import lombok.extern.slf4j.Slf4j;


@@ -59,13 +60,18 @@ public class AuthService {
return R.success(data); return R.success(data);
} }
userSession.setSiteId(1); userSession.setSiteId(1);
User user = UserCache.getInstance().get(userSession.getUserId());
LoginAckVO loginAckVO = new LoginAckVO(); LoginAckVO loginAckVO = new LoginAckVO();
loginAckVO.setUserId(userSession.getUserId());
loginAckVO.setUserName(UserCache.getInstance().getNameById(userSession.getUserId()));
loginAckVO.setUserAvatar("");
loginAckVO.setUserId(user.getId());
loginAckVO.setUserName(user.getName());
loginAckVO.setRealName(user.getName());
loginAckVO.setPartyId(userSession.getPartyId());
loginAckVO.setAvatar("");
loginAckVO.setDesc(user.getSign());
loginAckVO.setToken(sessionManager.login(userSession)); loginAckVO.setToken(sessionManager.login(userSession));
data.put("data", loginAckVO);

data.put("user", loginAckVO);
data.put("token", loginAckVO.getToken());
data.put("isOk", true); data.put("isOk", true);
data.put("msg", ""); data.put("msg", "");
return R.success(data); return R.success(data);


+ 7
- 4
smtweb-framework/bpm/src/main/java/cc/smtweb/system/bpm/web/login/LoginAckVO.java View File

@@ -4,8 +4,11 @@ import lombok.Data;


@Data @Data
public class LoginAckVO { public class LoginAckVO {
private Long userId;
private String userAvatar;
private String userName;
private String token;
private Long userId;
private Long partyId;
private String userName;
private String realName;
private String avatar;
private String desc;
private String token;
} }

+ 6
- 1
smtweb-framework/bpm/src/main/java/cc/smtweb/system/bpm/web/sys/user/user/UserHandler.java View File

@@ -8,7 +8,9 @@ import cc.smtweb.framework.core.db.EntityDao;
import cc.smtweb.framework.core.db.impl.DefaultEntity; import cc.smtweb.framework.core.db.impl.DefaultEntity;
import cc.smtweb.framework.core.db.jdbc.AbsDbWorker; import cc.smtweb.framework.core.db.jdbc.AbsDbWorker;
import cc.smtweb.framework.core.db.vo.ModelTable; import cc.smtweb.framework.core.db.vo.ModelTable;
import cc.smtweb.framework.core.exception.BizException;
import cc.smtweb.framework.core.mvc.service.AbstractHandler; import cc.smtweb.framework.core.mvc.service.AbstractHandler;
import cc.smtweb.framework.core.util.PubUtil;
import cc.smtweb.system.bpm.web.design.form.define.PageDataset; import cc.smtweb.system.bpm.web.design.form.define.PageDataset;
import cc.smtweb.system.bpm.web.engine.dynPage.DynPageDelHandler; import cc.smtweb.system.bpm.web.engine.dynPage.DynPageDelHandler;
import cc.smtweb.system.bpm.web.engine.dynPage.DynPageListHandler; import cc.smtweb.system.bpm.web.engine.dynPage.DynPageListHandler;
@@ -58,6 +60,7 @@ public class UserHandler {
roleList = new ArrayList<>(); roleList = new ArrayList<>();
partyList = new ArrayList<>(); partyList = new ArrayList<>();
List<Map<String, Object>> rows = data.readListMap("partyData"); List<Map<String, Object>> rows = data.readListMap("partyData");
if (PubUtil.isEmpty(rows)) throw new BizException("用户所属机构为空");
for (Map<String, Object> row : rows) { for (Map<String, Object> row : rows) {
UserParty userParty = new UserParty(); UserParty userParty = new UserParty();
userParty.init(); userParty.init();
@@ -66,7 +69,9 @@ public class UserHandler {
userParty.setEntityId(DbEngine.getInstance().nextId()); userParty.setEntityId(DbEngine.getInstance().nextId());
partyList.add(userParty); partyList.add(userParty);


for (String role_id : row.get("sup_roles").toString().split(",")) {
String roles = row.get("sup_roles").toString();
if(PubUtil.isEmpty(roles)) throw new BizException("用户机构所属角色为空");
for (String role_id : roles.split(",")) {
UserRole userRole = new UserRole(); UserRole userRole = new UserRole();
userRole.init(); userRole.init();
userRole.setEntityId(DbEngine.getInstance().nextId()); userRole.setEntityId(DbEngine.getInstance().nextId());


+ 35
- 2
smtweb-framework/bpm/src/main/java/cc/smtweb/system/bpm/web/sys/user/user/UserPartyCache.java View File

@@ -16,6 +16,10 @@ import java.util.Set;
public class UserPartyCache extends AbstractEntityCache<UserParty> { public class UserPartyCache extends AbstractEntityCache<UserParty> {
//缓存key:按用户缓存 //缓存key:按用户缓存
public final static String mk_u = "u"; public final static String mk_u = "u";
//缓存key:按部门缓存
public final static String mk_d = "d";
//缓存key:按机构缓存
public final static String mk_p = "p";


public static UserPartyCache getInstance() { public static UserPartyCache getInstance() {
return CacheManager.getIntance().getCache(UserPartyCache.class); return CacheManager.getIntance().getCache(UserPartyCache.class);
@@ -24,20 +28,49 @@ public class UserPartyCache extends AbstractEntityCache<UserParty> {
public UserPartyCache() { public UserPartyCache() {
//缓存key:按用户缓存 //缓存key:按用户缓存
regList(mk_u, "sup_user_id"); regList(mk_u, "sup_user_id");
regList(mk_d, "sup_dept_id");
regList(mk_p, "sup_party_id");
} }


//缓存key:按用户缓存 //缓存key:按用户缓存
public final Set<UserParty> getByU(String key) {
public final Set<UserParty> getByUser(String key) {
return getListByKey(mk_u, key); return getListByKey(mk_u, key);
} }
public final Set<UserParty> getByDept(String key) {
return getListByKey(mk_d, key);
}
public final Set<UserParty> getByParty(String key) {
return getListByKey(mk_p, key);
}


public final Set<Long> getIdByUser(Long key) { public final Set<Long> getIdByUser(Long key) {
Set<Long> ids = new HashSet<>(); Set<Long> ids = new HashSet<>();
Set<UserParty> set = getByU(String.valueOf(key));
Set<UserParty> set = getByUser(String.valueOf(key));
if (PubUtil.isEmpty(set)) return ids; if (PubUtil.isEmpty(set)) return ids;
set.forEach(bean -> { set.forEach(bean -> {
ids.add(bean.getEntityId()); ids.add(bean.getEntityId());
}); });
return ids; return ids;
} }


public final Set<Long> getUserByDept(Long key) {
Set<Long> ids = new HashSet<>();
Set<UserParty> set = getByDept(String.valueOf(key));
if (PubUtil.isEmpty(set)) return ids;
set.forEach(bean -> {
ids.add(bean.getUserId());
});
return ids;
}

public final Set<Long> getUserByParty(Long key) {
Set<Long> ids = new HashSet<>();
Set<UserParty> set = getByParty(String.valueOf(key));
if (PubUtil.isEmpty(set)) return ids;
set.forEach(bean -> {
ids.add(bean.getUserId());
});
return ids;
}
} }

+ 69
- 68
smtweb-framework/core/src/main/java/cc/smtweb/framework/core/mvc/realm/interceptor/AbstractPermInterceptor.java View File

@@ -15,95 +15,96 @@ import org.apache.commons.lang3.StringUtils;
import javax.servlet.http.HttpServletRequest; import javax.servlet.http.HttpServletRequest;


public class AbstractPermInterceptor { public class AbstractPermInterceptor {
private final RedisManager redisManager;
private ISwCache<Long, PermChecker> cacheService;
private final RedisManager redisManager;
private ISwCache<Long, PermChecker> cacheService;


public AbstractPermInterceptor(RedisManager redisManager) {
this.redisManager = redisManager;
}

public void setCache(ISwCache<Long, PermChecker> cacheService) {
this.cacheService = cacheService;
}

protected boolean handle(HttpServletRequest request, String permissionValue) {
// 如果注解为null, 说明不需要拦截, 直接放过
if (StringUtils.isEmpty(permissionValue) || SwPerm.NONE.equals(permissionValue)) {
return true;
public AbstractPermInterceptor(RedisManager redisManager) {
this.redisManager = redisManager;
} }


// redis读取session,判断是否登录
String token = SessionUtil.readToken(request);
if (StringUtils.isBlank(token)) {
throw new UnauthenticatedException("not find Auth-Token in header");
public void setCache(ISwCache<Long, PermChecker> cacheService) {
this.cacheService = cacheService;
} }


UserSession us = redisManager.get(token, UserSession.class);
if (us == null) {
throw new UnauthenticatedException("not find UserSession by token: " + token);
}
protected boolean handle(HttpServletRequest request, String permissionValue) {
// 如果注解为null, 说明不需要拦截, 直接放过
if (SwPerm.NONE.equals(permissionValue)) {
return true;
}


request.setAttribute(IEditor.USER_TOKEN, token);
request.setAttribute(IEditor.USER_SESSION, us);
// redis读取session,判断是否登录
String token = SessionUtil.readToken(request);
if ("design".equals(token)) return true;
if (StringUtils.isBlank(token)) {
throw new UnauthenticatedException("not find Auth-Token in header");
}


// 如果标记了权限注解,则判断权限
if (checkPermission(permissionValue, us)) {
// 更新Token redis TTL
redisManager.expire(token, RedisManager.SESSION_EXPIRE_SEC);
return true;
} else {
throw new ForbiddenException("user not permission: " + permissionValue);
}
}
/**
* 权限检查
*/
private boolean checkPermission(String permissionValue, UserSession us) {
if (StringUtils.isBlank(permissionValue)) {
return true;
UserSession us = redisManager.get(token, UserSession.class);
if (us == null) {
throw new UnauthenticatedException("not find UserSession by token: " + token);
}
request.setAttribute(IEditor.USER_TOKEN, token);
request.setAttribute(IEditor.USER_SESSION, us);
// 如果标记了权限注解,则判断权限
if (checkPermission(permissionValue, us)) {
// 更新Token redis TTL
redisManager.expire(token, RedisManager.SESSION_EXPIRE_SEC);
return true;
} else {
throw new ForbiddenException("user not permission: " + permissionValue);
}
} }


// 从本地缓存或数据库中获取该用户的权限信息
PermChecker permissionSet = cacheService.get(us.getUserId());
/**
* 权限检查
*/
private boolean checkPermission(String permissionValue, UserSession us) {
if (StringUtils.isBlank(permissionValue)) {
return true;
}

// 从本地缓存或数据库中获取该用户的权限信息
PermChecker permissionSet = cacheService.get(us.getUserId());


// if (MapUtils.isEmpty(permissionSet)) { // if (MapUtils.isEmpty(permissionSet)) {
// throw new ForbiddenException("empty permission"); // throw new ForbiddenException("empty permission");
// } // }


PermCheckItem permChecker = permissionSet.get(permissionValue);

if (permChecker != null) {
return true;
}
PermCheckItem permChecker = permissionSet.get(permissionValue);


while (true) {
permissionValue = getParentPermValue(permissionValue);
if (permChecker != null) {
return true;
}


if (permissionValue != null) {
permChecker = permissionSet.get(permissionValue);
if (permChecker != null && permChecker.isPerfixMath()) {
return true;
while (true) {
permissionValue = getParentPermValue(permissionValue);

if (permissionValue != null) {
permChecker = permissionSet.get(permissionValue);
if (permChecker != null && permChecker.isPerfixMath()) {
return true;
}
} else {
break;
}
} }
} else {
break;
}

return false;
} }


return false;
}
private static String getParentPermValue(String permissionValue) {
if (permissionValue.length() > 0) {


private static String getParentPermValue(String permissionValue) {
if (permissionValue.length() > 0) {
int pos = permissionValue.lastIndexOf(':');
if (pos > 0) {
return permissionValue.substring(0, pos);
}


int pos = permissionValue.lastIndexOf(':');
if (pos > 0) {
return permissionValue.substring(0, pos);
}
return "";
}


return "";
return null;
} }

return null;
}
} }

Loading…
Cancel
Save