diff --git a/smtweb-framework/bpm/src/main/java/cc/smtweb/system/bpm/spring/controller/FileDownloadController.java b/smtweb-framework/bpm/src/main/java/cc/smtweb/system/bpm/spring/controller/FileDownloadController.java index b21cc62..6e3df50 100644 --- a/smtweb-framework/bpm/src/main/java/cc/smtweb/system/bpm/spring/controller/FileDownloadController.java +++ b/smtweb-framework/bpm/src/main/java/cc/smtweb/system/bpm/spring/controller/FileDownloadController.java @@ -32,9 +32,6 @@ public class FileDownloadController { @Autowired private FilePathGenerator filePathGenerator; - @Autowired - private RedisManager redisManager; - /** * path方式下载文件 */ @@ -56,8 +53,6 @@ public class FileDownloadController { @RequestParam(value = "noCache", required = false) Boolean noCache, HttpServletRequest request ) throws FileNotFoundException { - SessionUtil.checkSession(request, redisManager); - File file = new File(filePathGenerator.getFileDiskPath(path)); if (!file.exists()) { diff --git a/smtweb-framework/bpm/src/main/java/cc/smtweb/system/bpm/spring/controller/FileUploadController.java b/smtweb-framework/bpm/src/main/java/cc/smtweb/system/bpm/spring/controller/FileUploadController.java index 260826f..bce6c81 100644 --- a/smtweb-framework/bpm/src/main/java/cc/smtweb/system/bpm/spring/controller/FileUploadController.java +++ b/smtweb-framework/bpm/src/main/java/cc/smtweb/system/bpm/spring/controller/FileUploadController.java @@ -30,9 +30,6 @@ public class FileUploadController { private DbEngine dbEngine; @Autowired - private RedisManager redisManager; - - @Autowired private ImageAttachDao imageAttachDao; // TODO: 权限处理,临时文件处理 @@ -44,7 +41,6 @@ public class FileUploadController { @RequestParam(value = "keepName", required = false) Boolean keepName, HttpServletRequest request ) { - SessionUtil.checkSession(request, redisManager); return uploadFile(path, file, ThumbImage.type(thumb), thumbHeight, insert, keepName); } @@ -54,8 +50,6 @@ public class FileUploadController { @RequestParam(value = "thumbHeight", required = false) Integer thumbHeight, @RequestParam(value = "commit", required = false) Boolean insert, HttpServletRequest request) { - SessionUtil.checkSession(request, redisManager); - MultipartFile file = MemMultipartFile.build(data.getData()); if (file == null) { return R.error("数据内容格式有错"); @@ -70,7 +64,6 @@ public class FileUploadController { @RequestParam(value = "commit", required = false) Boolean insert, @RequestParam(value = "keepName", required = false) Boolean keepName, HttpServletRequest request) { - SessionUtil.checkSession(request, redisManager); return uploadFile(path, file, ThumbImage.TYPE_AVATAR, size, insert, keepName); } @@ -81,7 +74,6 @@ public class FileUploadController { @RequestParam(value = "thumbHeight", required = false) Integer thumbHeight, @RequestParam(value = "keepName", required = false) Boolean keepName, HttpServletRequest request) { - SessionUtil.checkSession(request, redisManager); return uploadFile(path, file, ThumbImage.type(thumb), thumbHeight, true, keepName); } @@ -143,8 +135,6 @@ public class FileUploadController { // TODO: 修改为安全的后台删除方式 @PostMapping("/fs/remove") public R remove(@RequestParam(value = "filePath") String filePath, HttpServletRequest request) { - SessionUtil.checkSession(request, redisManager); - File file = new File(filePathGenerator.getFileDiskPath(filePath)); if (file.exists() && file.isFile()) { if (file.delete()) { diff --git a/smtweb-framework/bpm/src/main/java/cc/smtweb/system/bpm/spring/file/attach/AttachHelper.java b/smtweb-framework/bpm/src/main/java/cc/smtweb/system/bpm/spring/file/attach/AttachHelper.java index 1deb63d..615342b 100644 --- a/smtweb-framework/bpm/src/main/java/cc/smtweb/system/bpm/spring/file/attach/AttachHelper.java +++ b/smtweb-framework/bpm/src/main/java/cc/smtweb/system/bpm/spring/file/attach/AttachHelper.java @@ -97,7 +97,7 @@ public final class AttachHelper { //批量删除 public boolean deleteAttachList(List attachIdList) throws Exception { if (CommUtil.isEmpty(attachIdList)) return false; - dbEngine.update("delete from " + AttachInfo.ENTITY_NAME + " where attach_id in(" + CommUtil.getSqlInStr(attachIdList) + ")"); + dbEngine.update("delete from " + AttachInfo.ENTITY_NAME + " where attach_id in(" + StringUtil.join(attachIdList,",") + ")"); return true; } diff --git a/smtweb-framework/bpm/src/main/java/cc/smtweb/system/bpm/web/design/preview/PreviewMenuTreeService.java b/smtweb-framework/bpm/src/main/java/cc/smtweb/system/bpm/web/design/preview/PreviewMenuTreeService.java index 54c963e..3a93cbf 100644 --- a/smtweb-framework/bpm/src/main/java/cc/smtweb/system/bpm/web/design/preview/PreviewMenuTreeService.java +++ b/smtweb-framework/bpm/src/main/java/cc/smtweb/system/bpm/web/design/preview/PreviewMenuTreeService.java @@ -21,6 +21,7 @@ import cc.smtweb.system.bpm.web.sys.user.menuPlan.MenuPlan; import cc.smtweb.system.bpm.web.sys.user.menuPlan.MenuPlanCache; import cc.smtweb.system.bpm.web.sys.user.menuPlan.MenuPlanContent; import cc.smtweb.system.bpm.web.sys.user.menuPlan.MenuPlanItem; +import cc.smtweb.system.bpm.web.sys.user.role.RoleHelper; import org.apache.commons.lang3.StringUtils; import java.util.*; @@ -33,9 +34,16 @@ public class PreviewMenuTreeService { public R treeAll(@SwParam("module") String module, UserSession us) { String prj_id = ModelProjectCache.getInstance().getIdByModule(module); if (!SwConsts.SysParam.SYS_DEBUG) { - List menuVOList = buildMenu(prj_id, module, us); + MenuVO home = new MenuVO(); + List menuVOList = buildMenu(prj_id, module, us,home); if (!CommUtil.isEmpty(menuVOList)) { - return R.success(menuVOList); + R r = R.success(menuVOList); + if(home.getId()!=null&&home.getId()>0){ + r.put("home",home); + } + return r; + }else { + return R.success(new ArrayList<>()); } } List listForm; @@ -73,20 +81,30 @@ public class PreviewMenuTreeService { root.setPath(module); root.setId(-1L); List data = TreeDataUtil.buildTree(root, list, MenuVO.createTreeHandler()); - - return R.success(data); + return R.success(data); } - public List buildMenu(String prj_id, String module, UserSession us) { - Set set = MenuPlanCache.getInstance().getByP(prj_id); + public List buildMenu(String prj_id, String module, UserSession us,MenuVO home) { + Set set = RoleHelper.isAdmin(us.getUserId()) ? MenuPlanCache.getInstance().getByP(prj_id):RoleHelper.getMenuPlans(us.getUserId(),us.getPartyId()); if (CommUtil.isEmpty(set)) { return new ArrayList<>(); } MenuPlan menuPlan = set.iterator().next(); MenuPlanContent mpc = new MenuPlanContent(menuPlan.getContent()); List list = new ArrayList<>(); + Set rightMenuIds = RoleHelper.getRoleMenuIds(us.getUserId() , us.getPartyId(),menuPlan.getId(), true); + for(MenuPlanItem item : mpc.getHomeList()){ + long id = item.getId(); + if(rightMenuIds.contains(id)){ + home.setId(item.getId()); + home.setName(item.getLabel()); + home.setIcon(item.getIcon()); + home.setPath(MenuCache.getInstance().getPath(item.getMenu())); + break; + } + } for (MenuPlanItem mp : mpc.getChildren(0)) { - List menuVOList = buildMenu(-1, mp); + List menuVOList = RoleHelper.isAdmin(us.getUserId())? buildMenu(-1,mp):buildMenuWithRight(-1, mp,rightMenuIds); if (menuVOList == null) continue; list.addAll(menuVOList); } @@ -118,7 +136,27 @@ public class PreviewMenuTreeService { list.add(menu); return list; } - + private List buildMenuWithRight(long parent_id, MenuPlanItem mp,Set rightMenuIds) { + if (mp == null || !rightMenuIds.contains(mp.getId())) return null; + List list = new ArrayList<>(); + MenuVO menu = new MenuVO(); + menu.setId(mp.getId()); + menu.setName(mp.getLabel()); + menu.setIcon(mp.getIcon()); + menu.setPath(MenuCache.getInstance().getPath(mp.getMenu())); + menu.setParentId(parent_id); + List child = new ArrayList<>(); + if (!CommUtil.isEmpty(mp.getChildren())) { + for (MenuPlanItem cmp : mp.getChildren()) { + List m = buildMenuWithRight(menu.getId(), cmp,rightMenuIds); + if (m == null) continue; + child.addAll(m); + } + } + menu.setChildren(child); + list.add(menu); + return list; + } private MenuVO setMenuParent(Long parent_id, Map map, List list) { MenuVO parent = map.get(parent_id); if (parent != null) return parent; diff --git a/smtweb-framework/bpm/src/main/java/cc/smtweb/system/bpm/web/engine/dynPage/DynPageHelper.java b/smtweb-framework/bpm/src/main/java/cc/smtweb/system/bpm/web/engine/dynPage/DynPageHelper.java index d805477..8ec90f0 100644 --- a/smtweb-framework/bpm/src/main/java/cc/smtweb/system/bpm/web/engine/dynPage/DynPageHelper.java +++ b/smtweb-framework/bpm/src/main/java/cc/smtweb/system/bpm/web/engine/dynPage/DynPageHelper.java @@ -14,6 +14,7 @@ import cc.smtweb.framework.core.exception.SwException; import cc.smtweb.framework.core.mvc.service.SqlNamedPara; import cc.smtweb.framework.core.util.MapUtil; import cc.smtweb.framework.core.util.NumberUtil; +import cc.smtweb.framework.core.util.SqlUtil; import cc.smtweb.framework.core.util.StringUtil; import cc.smtweb.system.bpm.web.design.form.define.*; import org.apache.commons.lang3.StringUtils; @@ -187,7 +188,7 @@ public class DynPageHelper { if (listener != null) listener.buildSelect(dataSet, sql); return sql.toString(); } else { - return dataSet.sql; + return SqlUtil.replaceTable(dataSet.sql); } } diff --git a/smtweb-framework/bpm/src/main/java/cc/smtweb/system/bpm/web/engine/dynPage/DynPageLoadHandler.java b/smtweb-framework/bpm/src/main/java/cc/smtweb/system/bpm/web/engine/dynPage/DynPageLoadHandler.java index c024f6a..c030db5 100644 --- a/smtweb-framework/bpm/src/main/java/cc/smtweb/system/bpm/web/engine/dynPage/DynPageLoadHandler.java +++ b/smtweb-framework/bpm/src/main/java/cc/smtweb/system/bpm/web/engine/dynPage/DynPageLoadHandler.java @@ -104,7 +104,7 @@ public class DynPageLoadHandler extends AbstractDynPageHandler { SwMap filter = params.readMap("filter"); //对应的数据集定义 PageDataset pageDataSet = readParamDs(); - + DynRetBean bean = null; if (SwEnum.DatasetType.LIST.value.equals(pageDataSet.type)) {//列表类 bean = DynRetBean.createList(getListWorker(filter, pageDataSet).buildListData()); diff --git a/smtweb-framework/bpm/src/main/java/cc/smtweb/system/bpm/web/login/AuthService.java b/smtweb-framework/bpm/src/main/java/cc/smtweb/system/bpm/web/login/AuthService.java index f8cca82..2ee2eb7 100644 --- a/smtweb-framework/bpm/src/main/java/cc/smtweb/system/bpm/web/login/AuthService.java +++ b/smtweb-framework/bpm/src/main/java/cc/smtweb/system/bpm/web/login/AuthService.java @@ -2,7 +2,6 @@ package cc.smtweb.system.bpm.web.login; import cc.smtweb.framework.core.annotation.SwBody; import cc.smtweb.framework.core.annotation.SwParam; -import cc.smtweb.framework.core.annotation.SwPerm; import cc.smtweb.framework.core.annotation.SwService; import cc.smtweb.framework.core.common.R; import cc.smtweb.framework.core.common.SwMap; @@ -28,7 +27,6 @@ public class AuthService { @SwParam private SessionManager sessionManager; - @SwPerm() public R getParty(@SwParam("username") String username) { Set partySet = PartyCache.getInstance().getTopSet(); List list = new ArrayList<>(); @@ -43,7 +41,6 @@ public class AuthService { return R.success(list); } - @SwPerm(SwPerm.NONE) public R login(@SwBody LoginVO loginPO) { SwMap data = new SwMap(); User user = null; @@ -55,7 +52,7 @@ public class AuthService { // return new UserSession(1); } else { user = LoginHelper.login(loginPO); - userSession = new UserSession(user.getId()); + userSession = LoginHelper.createUserSession(user); } } catch (BizException e) { data.put("isOk", false); @@ -96,12 +93,10 @@ public class AuthService { return R.success(data); } - @SwPerm() public R ping(@SwParam("msg") String msg) { return R.success(msg); } - @SwPerm("user:edit") public R config(@SwParam("username") String username) { return R.success("config: " + username); } diff --git a/smtweb-framework/bpm/src/main/java/cc/smtweb/system/bpm/web/login/LoginHelper.java b/smtweb-framework/bpm/src/main/java/cc/smtweb/system/bpm/web/login/LoginHelper.java index c5d68be..bbf3ef3 100644 --- a/smtweb-framework/bpm/src/main/java/cc/smtweb/system/bpm/web/login/LoginHelper.java +++ b/smtweb-framework/bpm/src/main/java/cc/smtweb/system/bpm/web/login/LoginHelper.java @@ -8,10 +8,13 @@ import cc.smtweb.framework.core.exception.BizException; import cc.smtweb.framework.core.session.UserSession; import cc.smtweb.system.bpm.web.sys.user.user.User; import cc.smtweb.system.bpm.web.sys.user.user.UserCache; +import cc.smtweb.system.bpm.web.sys.user.user.UserParty; +import cc.smtweb.system.bpm.web.sys.user.user.UserPartyCache; import org.apache.commons.codec.digest.DigestUtils; import org.apache.commons.lang3.StringUtils; import java.util.List; +import java.util.Set; /** * Created with IntelliJ IDEA. @@ -73,7 +76,17 @@ public class LoginHelper { if (user == null) { throw new BizException("账号或者密码出错"); } - return new UserSession(user.getId()); + return createUserSession(user); + } + public static UserSession createUserSession(User user){ + UserSession us = new UserSession(user.getId()); + Set ups = UserPartyCache.getInstance().getByUser(String.valueOf(us.getUserId())); + if(ups!=null&&ups.size()>0){ + UserParty up = ups.iterator().next(); + us.setPartyId(up.getPartyId()); + us.setDeptId(up.getDeptId()); + } + return us; } // public static UserSession login(LoginVO loginPO) { diff --git a/smtweb-framework/bpm/src/main/java/cc/smtweb/system/bpm/web/sys/user/menu/MenuHandler.java b/smtweb-framework/bpm/src/main/java/cc/smtweb/system/bpm/web/sys/user/menu/MenuHandler.java index d905a1b..be2da7b 100644 --- a/smtweb-framework/bpm/src/main/java/cc/smtweb/system/bpm/web/sys/user/menu/MenuHandler.java +++ b/smtweb-framework/bpm/src/main/java/cc/smtweb/system/bpm/web/sys/user/menu/MenuHandler.java @@ -56,9 +56,9 @@ public class MenuHandler { } if (StringUtil.isNotEmpty(menu.getRight())) { Map> rightMap = JsonUtil.parseMap(menu.getRight()); - bean.put("sm_right_data", CommUtil.getSqlInStr(rightMap.get("data"))); - bean.put("sm_right_func", CommUtil.getSqlInStr(rightMap.get("func"))); - bean.put("sm_right_field", CommUtil.getSqlInStr(rightMap.get("field"))); + bean.put("sm_right_data", StringUtil.join(rightMap.get("data"), ",")); + bean.put("sm_right_func", StringUtil.join(rightMap.get("func"), ",")); + bean.put("sm_right_field", StringUtil.join(rightMap.get("field"), ",")); } } } diff --git a/smtweb-framework/bpm/src/main/java/cc/smtweb/system/bpm/web/sys/user/menuPlan/MenuPlanContent.java b/smtweb-framework/bpm/src/main/java/cc/smtweb/system/bpm/web/sys/user/menuPlan/MenuPlanContent.java index d3dd293..c762580 100644 --- a/smtweb-framework/bpm/src/main/java/cc/smtweb/system/bpm/web/sys/user/menuPlan/MenuPlanContent.java +++ b/smtweb-framework/bpm/src/main/java/cc/smtweb/system/bpm/web/sys/user/menuPlan/MenuPlanContent.java @@ -75,6 +75,7 @@ public class MenuPlanContent { oldItem.setMenu(item.getMenu()); oldItem.setIcon(item.getIcon()); oldItem.setSeq(item.getSeq()); + oldItem.setHome(item.getHome()); } } @@ -122,7 +123,21 @@ public class MenuPlanContent { MenuPlanItem parent = findById(parentId); return parent == null ? new ArrayList<>(): parent.getChildren(); } - + // 获取主页 + public List getHomeList(){ + List homeList = new ArrayList<>(); + findHome(list,homeList); + return homeList; + } + private void findHome(List source,List homeList){ + if(CommUtil.isEmpty(source))return; + for(MenuPlanItem item: source){ + if(item.getHome() == 1){ + homeList.add(item); + } + findHome(item.getChildren(),homeList); + } + } private MenuPlanItem findById(long id, List itemList) { if (CommUtil.isEmpty(itemList)) { return null; diff --git a/smtweb-framework/bpm/src/main/java/cc/smtweb/system/bpm/web/sys/user/menuPlan/MenuPlanItem.java b/smtweb-framework/bpm/src/main/java/cc/smtweb/system/bpm/web/sys/user/menuPlan/MenuPlanItem.java index e9d275f..fda1d80 100644 --- a/smtweb-framework/bpm/src/main/java/cc/smtweb/system/bpm/web/sys/user/menuPlan/MenuPlanItem.java +++ b/smtweb-framework/bpm/src/main/java/cc/smtweb/system/bpm/web/sys/user/menuPlan/MenuPlanItem.java @@ -80,7 +80,19 @@ public class MenuPlanItem extends BaseBean { public void setSeq(int seq) { put("seq", seq); } + /** + * 排序码 + */ + public int getHome() { + return getInt("home"); + } + /** + * 排序码 + */ + public void setHome(int home) { + put("home", home); + } public void setChildren(List children) { put("children", children); } diff --git a/smtweb-framework/bpm/src/main/java/cc/smtweb/system/bpm/web/sys/user/role/RoleCache.java b/smtweb-framework/bpm/src/main/java/cc/smtweb/system/bpm/web/sys/user/role/RoleCache.java index 16ad7ca..5082ad6 100644 --- a/smtweb-framework/bpm/src/main/java/cc/smtweb/system/bpm/web/sys/user/role/RoleCache.java +++ b/smtweb-framework/bpm/src/main/java/cc/smtweb/system/bpm/web/sys/user/role/RoleCache.java @@ -4,6 +4,7 @@ import cc.smtweb.framework.core.annotation.SwCache; import cc.smtweb.framework.core.cache.AbstractEntityCache; import cc.smtweb.framework.core.cache.CacheManager; import cc.smtweb.framework.core.util.CommUtil; +import cc.smtweb.framework.core.util.StringUtil; import java.util.HashSet; import java.util.Set; @@ -36,6 +37,6 @@ public class RoleCache extends AbstractEntityCache { key.forEach(k -> { names.add(get(k).getName()); }); - return CommUtil.getSqlInStr(names); + return StringUtil.join(names,","); } } diff --git a/smtweb-framework/bpm/src/main/java/cc/smtweb/system/bpm/web/sys/user/role/RoleHandler.java b/smtweb-framework/bpm/src/main/java/cc/smtweb/system/bpm/web/sys/user/role/RoleHandler.java index 6b4b16d..ccc534a 100644 --- a/smtweb-framework/bpm/src/main/java/cc/smtweb/system/bpm/web/sys/user/role/RoleHandler.java +++ b/smtweb-framework/bpm/src/main/java/cc/smtweb/system/bpm/web/sys/user/role/RoleHandler.java @@ -59,6 +59,7 @@ public class RoleHandler { //if (CommUtil.isEmpty(set)) return R.error("未选择菜单!"); Role role = RoleCache.getInstance().get(role_id); RoleRightContent rc = new RoleRightContent(role.getPrivilege()); + rc.resetItem(); for (Long menu_id : set) { MenuPlanItem item = MenuPlanCache.getInstance().getById(role.getSmpId(), menu_id); RoleRight right = rc.getRoleRight(item.getId()); @@ -77,8 +78,8 @@ public class RoleHandler { right = new RoleRight(); right.setId(item.getId()); right.setMenuId(item.getMenu()); - right.setMenu(1); } + right.setMenu(1); right.setFunc(formData.readStringSet("func")); right.setData(formData.readListMap("data")); if (item.getMenu() > 0L) diff --git a/smtweb-framework/bpm/src/main/java/cc/smtweb/system/bpm/web/sys/user/role/RoleHelper.java b/smtweb-framework/bpm/src/main/java/cc/smtweb/system/bpm/web/sys/user/role/RoleHelper.java new file mode 100644 index 0000000..a468715 --- /dev/null +++ b/smtweb-framework/bpm/src/main/java/cc/smtweb/system/bpm/web/sys/user/role/RoleHelper.java @@ -0,0 +1,130 @@ +package cc.smtweb.system.bpm.web.sys.user.role; + +import cc.smtweb.system.bpm.web.sys.user.menuPlan.MenuPlan; +import cc.smtweb.system.bpm.web.sys.user.menuPlan.MenuPlanCache; +import cc.smtweb.system.bpm.web.sys.user.menuPlan.MenuPlanContent; +import cc.smtweb.system.bpm.web.sys.user.menuPlan.MenuPlanItem; +import cc.smtweb.system.bpm.web.sys.user.user.User; +import cc.smtweb.system.bpm.web.sys.user.user.UserCache; +import cc.smtweb.system.bpm.web.sys.user.user.UserRoleCache; + +import java.util.HashSet; +import java.util.List; +import java.util.Set; + +/** + * @Author: tanghp + * @Date: 2022-09-06 18:35 + * @Desc: 角色辅助类 + */ +public final class RoleHelper { + public static boolean isAdmin(long userId){ + if(userId ==1L) return true; + User user = UserCache.getInstance().get(userId); + if(user!=null){ + return "admin".equalsIgnoreCase(user.getNicky()); + } + return false; + } + /** + * 获取角色权限 + * @param userId 用户ID + * @param menuPlanId 菜单方案ID + * @return + */ + public static List getRoleRightList(long userId, long menuPlanId){ + return null; + } + /** + * 获取用户的菜单权限 + * @param userId 用户ID + * @param partyId 机构ID + * @param incParent 是否包含父节点,(子节点配置了,把父节点也查出来) + * @return + */ + public static Set getRoleMenuIds(long userId,long partyId,boolean incParent){ + Set mpIds = getMenuPlanIds(userId,partyId); + if(mpIds.size()==0){ + return new HashSet<>(); + } + return getRoleMenuIds(userId,partyId,mpIds.iterator().next(),incParent); + } + /** + * 获取用户的菜单权限 + * @param userId 用户ID + * @param partyId 机构ID + * @param menuPlanId 菜单方案ID + * @param incParent 是否包含父节点,(子节点配置了,把父节点也查出来) + * @return + */ + public static Set getRoleMenuIds(long userId,long partyId, long menuPlanId,boolean incParent){ + Set menuIds = new HashSet<>(); + MenuPlan menuPlan = MenuPlanCache.getInstance().get(menuPlanId); + if(menuPlan==null)return menuIds; + Set roleIds = UserRoleCache.getInstance().getRoleIdByUP(userId,partyId); + RoleCache roleCache = RoleCache.getInstance(); + roleIds.forEach((roleId)-> { + Role role = roleCache.get(roleId); + if(role==null || role.getSmpId()!=menuPlanId){ + return; + } + RoleRightContent roleRightContent = new RoleRightContent(role.getPrivilege()); + menuIds.addAll(roleRightContent.getMenuRightIds()); + }); + MenuPlanContent menuPlanContent = new MenuPlanContent(menuPlan.getContent()); + if(incParent){ + Set tempIds = new HashSet<>(menuIds); + tempIds.forEach(id->{ + fillMenuId(id,menuPlanContent,menuIds); + }); + } + return menuIds; + } + private static void fillMenuId(Long id,MenuPlanContent menuPlanContent, Set menuIds){ + menuIds.add(id); + MenuPlanItem parent = menuPlanContent.findParentById(id); + if(parent!=null){ + if(!menuIds.contains(parent.getId())){ + fillMenuId(parent.getId(),menuPlanContent,menuIds); + } + } + } + /** + * 获取用户的菜单方案 + * @param userId 用户ID + * @param partyId 机构ID + * @return 菜单方案ID + */ + public static Set getMenuPlanIds(long userId,long partyId){ + Set mpList = new HashSet<>(); + Set roleIds = UserRoleCache.getInstance().getRoleIdByUP(userId,partyId); + RoleCache roleCache = RoleCache.getInstance(); + roleIds.forEach((roleId)-> { + Role role = roleCache.get(roleId); + if(role!=null&&role.getSmpId()>0L){ + mpList.add(role.getSmpId()); + } + }); + return mpList; + } + /** + * 获取用户的菜单方案 + * @param userId 用户ID + * @param partyId 机构ID + * @return 菜单方案 + */ + public static Set getMenuPlans(long userId,long partyId){ + Set mpList = new HashSet<>(); + Set roleIds = UserRoleCache.getInstance().getRoleIdByUP(userId,partyId); + roleIds.forEach((roleId)-> { + Role role = RoleCache.getInstance().get(roleId); + if(role!=null&&role.getSmpId()>0L){ + MenuPlan mp = MenuPlanCache.getInstance().get(role.getSmpId()); + if(mp!=null){ + mpList.add(mp); + } + } + }); + return mpList; + } +} diff --git a/smtweb-framework/bpm/src/main/java/cc/smtweb/system/bpm/web/sys/user/role/RoleRightContent.java b/smtweb-framework/bpm/src/main/java/cc/smtweb/system/bpm/web/sys/user/role/RoleRightContent.java index 4541047..36b2b17 100644 --- a/smtweb-framework/bpm/src/main/java/cc/smtweb/system/bpm/web/sys/user/role/RoleRightContent.java +++ b/smtweb-framework/bpm/src/main/java/cc/smtweb/system/bpm/web/sys/user/role/RoleRightContent.java @@ -61,7 +61,7 @@ public class RoleRightContent { public String getFuncRight(long key) { RoleRight right = getRoleRight(key); if (right == null) return ""; - return CommUtil.getSqlInStr(right.getRightFunc()); + return StringUtil.join(right.getRightFunc(),","); } public String getMenuRight() { @@ -70,9 +70,16 @@ public class RoleRightContent { map.values().forEach(roleRight -> { if (roleRight.getMenu() == 1) menus.add(roleRight.getId() + ""); }); - return CommUtil.getSqlInStr(menus); + return StringUtil.join(menus,","); + } + public Set getMenuRightIds() { + Set ids = new HashSet<>(); + if (map.size() == 0) return ids; + map.values().forEach(roleRight -> { + if (roleRight.getMenu() == 1) ids.add(roleRight.getId()); + }); + return ids; } - public String getFieldRight(long key, int type) { RoleRight right = getRoleRight(key); if (right == null) return ""; @@ -82,7 +89,7 @@ public class RoleRightContent { cache.forEach((k, v) -> { if (v == type) fields.add(k); }); - return CommUtil.getSqlInStr(fields); + return StringUtil.join(fields,","); } public Map getDataRight(long key) { diff --git a/smtweb-framework/core/src/main/java/cc/smtweb/framework/core/CoreInterceptor.java b/smtweb-framework/core/src/main/java/cc/smtweb/framework/core/CoreInterceptor.java index d05da64..fae124f 100644 --- a/smtweb-framework/core/src/main/java/cc/smtweb/framework/core/CoreInterceptor.java +++ b/smtweb-framework/core/src/main/java/cc/smtweb/framework/core/CoreInterceptor.java @@ -1,7 +1,15 @@ package cc.smtweb.framework.core; +import cc.smtweb.framework.core.cache.redis.RedisManager; import cc.smtweb.framework.core.common.SwConsts; import cc.smtweb.framework.core.exception.BizException; +import cc.smtweb.framework.core.mvc.controller.IEditor; +import cc.smtweb.framework.core.mvc.realm.exception.ForbiddenException; +import cc.smtweb.framework.core.mvc.realm.exception.UnauthenticatedException; +import cc.smtweb.framework.core.session.SessionUtil; +import cc.smtweb.framework.core.session.UserSession; +import cc.smtweb.framework.core.util.NumberUtil; +import org.apache.commons.lang3.StringUtils; import org.springframework.web.servlet.HandlerInterceptor; import org.springframework.web.servlet.ModelAndView; @@ -15,6 +23,7 @@ public class CoreInterceptor implements HandlerInterceptor { @Override public boolean preHandle(HttpServletRequest request, HttpServletResponse response, Object handler) throws Exception { if (!SwConsts.SysParam.SYS_STARTED) throw new BizException("系统启动中,请稍候..."); + SessionUtil.checkSession(request); return HandlerInterceptor.super.preHandle(request, response, handler); } diff --git a/smtweb-framework/core/src/main/java/cc/smtweb/framework/core/annotation/SwPerm.java b/smtweb-framework/core/src/main/java/cc/smtweb/framework/core/annotation/SwPerm.java deleted file mode 100644 index 2487667..0000000 --- a/smtweb-framework/core/src/main/java/cc/smtweb/framework/core/annotation/SwPerm.java +++ /dev/null @@ -1,26 +0,0 @@ -package cc.smtweb.framework.core.annotation; - -import java.lang.annotation.ElementType; -import java.lang.annotation.Retention; -import java.lang.annotation.RetentionPolicy; -import java.lang.annotation.Target; - -/** - * 被该注释修饰的方法都会经过切面拦截校验权限,默认是需要已登录权限 - * - * @author kevin - */ -@Retention(RetentionPolicy.RUNTIME) -@Target({ElementType.METHOD, ElementType.TYPE}) -public @interface SwPerm { - /** - * 无权限控制的值,在函数上注解@SwPerm(SwPerm.NONE) - */ - static final String NONE = "*"; - static final String SESSION = ""; - - /** - * 权限定义值 - */ - String value() default SESSION; -} diff --git a/smtweb-framework/core/src/main/java/cc/smtweb/framework/core/cache/SessionCacheFactory.java b/smtweb-framework/core/src/main/java/cc/smtweb/framework/core/cache/SessionCacheFactory.java index 8ad6fdc..ca1e4b5 100644 --- a/smtweb-framework/core/src/main/java/cc/smtweb/framework/core/cache/SessionCacheFactory.java +++ b/smtweb-framework/core/src/main/java/cc/smtweb/framework/core/cache/SessionCacheFactory.java @@ -8,7 +8,7 @@ import java.util.concurrent.ConcurrentHashMap; */ public class SessionCacheFactory { private static SessionCacheFactory INSTANCE = null; - private Map buffer = new ConcurrentHashMap<>(); + private Map buffer = new ConcurrentHashMap<>(); private SessionCacheFactory() { } @@ -27,10 +27,10 @@ public class SessionCacheFactory { //得到用户缓存对象 public SessionCache getUserCache(long userId) { - return getUserCache(userId, 0L); + return getCache(String.valueOf(userId), 0L); } - public SessionCache getUserCache(long userId, long timeout) { + public SessionCache getCache(String userId, long timeout) { SessionCache cache; cache = buffer.get(userId); @@ -41,11 +41,12 @@ public class SessionCacheFactory { buffer.put(userId, cache); } return cache; - } //删除用户缓存 public void remove(String userId) { buffer.remove(userId); } + + } diff --git a/smtweb-framework/core/src/main/java/cc/smtweb/framework/core/cache/redis/RedisSysTask.java b/smtweb-framework/core/src/main/java/cc/smtweb/framework/core/cache/redis/RedisSysTask.java index c7d9ce4..5042292 100644 --- a/smtweb-framework/core/src/main/java/cc/smtweb/framework/core/cache/redis/RedisSysTask.java +++ b/smtweb-framework/core/src/main/java/cc/smtweb/framework/core/cache/redis/RedisSysTask.java @@ -38,8 +38,6 @@ public class RedisSysTask implements ISysTask { RedisBroadcastEvent redisBroadcast = JsonUtil.parse(message, RedisBroadcastEvent.class); applicationContext.publishEvent(redisBroadcast); - -// log.debug("Redis [" + channel + "] message:" + redisBroadcast); } }); diff --git a/smtweb-framework/core/src/main/java/cc/smtweb/framework/core/common/SwConsts.java b/smtweb-framework/core/src/main/java/cc/smtweb/framework/core/common/SwConsts.java index 3cef8f8..891fe09 100644 --- a/smtweb-framework/core/src/main/java/cc/smtweb/framework/core/common/SwConsts.java +++ b/smtweb-framework/core/src/main/java/cc/smtweb/framework/core/common/SwConsts.java @@ -13,8 +13,17 @@ public interface SwConsts { public static String RUN_PROJECTS = ""; } + //错误码 + interface ErrorCode { + //未登录 + int NO_LOGIN = 101; + //指纹错误 + int TOKEN_INVALID = 102; + } + //启动顺序默认值 int DEFAULT_ORDER = 1; + //缓存中:树节点按parent的key String KEY_PARENT_ID = "pr"; //级次码、字符串连接符 diff --git a/smtweb-framework/core/src/main/java/cc/smtweb/framework/core/db/cache/ModelDatabaseCache.java b/smtweb-framework/core/src/main/java/cc/smtweb/framework/core/db/cache/ModelDatabaseCache.java index 0cc77a3..7c1d9e1 100644 --- a/smtweb-framework/core/src/main/java/cc/smtweb/framework/core/db/cache/ModelDatabaseCache.java +++ b/smtweb-framework/core/src/main/java/cc/smtweb/framework/core/db/cache/ModelDatabaseCache.java @@ -9,6 +9,7 @@ import cc.smtweb.framework.core.db.EntityDao; import cc.smtweb.framework.core.db.vo.ModelDatabase; import cc.smtweb.framework.core.db.vo.ModelProject; import cc.smtweb.framework.core.util.CommUtil; +import cc.smtweb.framework.core.util.StringUtil; import org.apache.commons.lang3.StringUtils; import java.util.List; @@ -47,6 +48,6 @@ public class ModelDatabaseCache extends AbstractCache { public final String getName(long id) { ModelDatabase db = get(id); - return db != null ? db.getName(): ""; + return db != null ? db.getName() : ""; } } diff --git a/smtweb-framework/core/src/main/java/cc/smtweb/framework/core/exception/BizException.java b/smtweb-framework/core/src/main/java/cc/smtweb/framework/core/exception/BizException.java index fe097be..8db6559 100644 --- a/smtweb-framework/core/src/main/java/cc/smtweb/framework/core/exception/BizException.java +++ b/smtweb-framework/core/src/main/java/cc/smtweb/framework/core/exception/BizException.java @@ -10,6 +10,8 @@ public class BizException extends RuntimeException { * */ private static final long serialVersionUID = 1L; + //错误编号 + private int code = 0; public BizException() { super(); @@ -23,7 +25,20 @@ public class BizException extends RuntimeException { super(message); } + public BizException(int code) { + super(); + this.code = code; + } + public BizException(int code, String message) { + super(message); + this.code = code; + } + public BizException(Throwable cause) { super(cause.getMessage(), cause); } + + public int getCode() { + return code; + } } diff --git a/smtweb-framework/core/src/main/java/cc/smtweb/framework/core/exception/SwExceptionHandler.java b/smtweb-framework/core/src/main/java/cc/smtweb/framework/core/exception/SwExceptionHandler.java new file mode 100644 index 0000000..e7b24df --- /dev/null +++ b/smtweb-framework/core/src/main/java/cc/smtweb/framework/core/exception/SwExceptionHandler.java @@ -0,0 +1,29 @@ +package cc.smtweb.framework.core.exception; + +import cc.smtweb.framework.core.common.R; +import org.springframework.web.bind.annotation.ControllerAdvice; +import org.springframework.web.bind.annotation.ExceptionHandler; +import org.springframework.web.bind.annotation.ResponseBody; + +/** + * Created by Akmm at 2022-09-07 20:13 + * 异常统一处理 + */ +@ControllerAdvice +public class SwExceptionHandler { + /** + * 系统异常处理 + * + * @param e + * @return + */ + @ExceptionHandler(Exception.class) + @ResponseBody + public R error(Exception e) { + if (e instanceof BizException) { + return R.error(((BizException) e).getCode(), e.getMessage()); + } + e.printStackTrace(); + return R.error("系统异常,请联系技术支持人员!"); + } +} diff --git a/smtweb-framework/core/src/main/java/cc/smtweb/framework/core/mvc/config/WebMvcConfig.java b/smtweb-framework/core/src/main/java/cc/smtweb/framework/core/mvc/config/WebMvcConfig.java index 83c4bb1..dafb036 100644 --- a/smtweb-framework/core/src/main/java/cc/smtweb/framework/core/mvc/config/WebMvcConfig.java +++ b/smtweb-framework/core/src/main/java/cc/smtweb/framework/core/mvc/config/WebMvcConfig.java @@ -64,7 +64,7 @@ public class WebMvcConfig implements WebMvcConfigurer { @Bean public MethodAccessManager methodAccessManager(CacheManager cacheManager) { - return new MethodAccessManager(redisManager, cacheManager); + return new MethodAccessManager(cacheManager); } @Override diff --git a/smtweb-framework/core/src/main/java/cc/smtweb/framework/core/mvc/controller/MethodAccessManager.java b/smtweb-framework/core/src/main/java/cc/smtweb/framework/core/mvc/controller/MethodAccessManager.java index 9c76896..4041fe0 100644 --- a/smtweb-framework/core/src/main/java/cc/smtweb/framework/core/mvc/controller/MethodAccessManager.java +++ b/smtweb-framework/core/src/main/java/cc/smtweb/framework/core/mvc/controller/MethodAccessManager.java @@ -8,7 +8,6 @@ import cc.smtweb.framework.core.mvc.SchedulerManager; import cc.smtweb.framework.core.mvc.controller.access.IMethodAccess; import cc.smtweb.framework.core.mvc.controller.access.MethodAccess; import cc.smtweb.framework.core.mvc.controller.scan.BeanManager; -import cc.smtweb.framework.core.mvc.realm.interceptor.PermInterceptor; import cc.smtweb.framework.core.mvc.realm.service.PermChecker; import cc.smtweb.framework.core.mvc.scheduler.SchedulerTaskManager; import lombok.Getter; @@ -27,15 +26,13 @@ import java.util.Map; public class MethodAccessManager { private Map controllers; private IBeanContext beanContext; - private PermInterceptor permInterceptor; private SchedulerTaskManager schedulerTaskManager; private MethodAccess[] destroyMethods; @Getter private CacheManager cacheManager; - public MethodAccessManager(RedisManager redisManager, CacheManager cacheManager) { - permInterceptor = new PermInterceptor(redisManager); + public MethodAccessManager(CacheManager cacheManager) { this.cacheManager = cacheManager; } @@ -47,8 +44,6 @@ public class MethodAccessManager { IMethodAccess methodAccess = controllers.get(url); if (methodAccess != null) { - permInterceptor.preHandle(request, methodAccess.getPerm()); - return methodAccess.invoke(beanContext, params, body, request); } @@ -71,7 +66,6 @@ public class MethodAccessManager { this.beanContext = beanManager.getBeanContext(); this.controllers = beanManager.getControllers(); this.destroyMethods = beanManager.loadDestroyMethods(); - this.permInterceptor.setCache(cache); // 启动定时任务 this.schedulerTaskManager = SchedulerTaskManager.build(beanContext, beanManager.getTasks()); diff --git a/smtweb-framework/core/src/main/java/cc/smtweb/framework/core/mvc/controller/SwResponseBodyAdvice.java b/smtweb-framework/core/src/main/java/cc/smtweb/framework/core/mvc/controller/SwResponseBodyAdvice.java new file mode 100644 index 0000000..1934c8c --- /dev/null +++ b/smtweb-framework/core/src/main/java/cc/smtweb/framework/core/mvc/controller/SwResponseBodyAdvice.java @@ -0,0 +1,34 @@ +package cc.smtweb.framework.core.mvc.controller; + +import cc.smtweb.framework.core.common.R; +import cc.smtweb.framework.core.session.SessionUtil; +import org.springframework.core.MethodParameter; +import org.springframework.http.MediaType; +import org.springframework.http.server.ServerHttpRequest; +import org.springframework.http.server.ServerHttpResponse; +import org.springframework.web.bind.annotation.ControllerAdvice; +import org.springframework.web.context.request.RequestContextHolder; +import org.springframework.web.context.request.ServletRequestAttributes; +import org.springframework.web.servlet.mvc.method.annotation.ResponseBodyAdvice; + +/** + * Created by Akmm at 2022-09-08 16:03 + * 统一添加指纹 + */ +@ControllerAdvice +public class SwResponseBodyAdvice implements ResponseBodyAdvice { + @Override + public boolean supports(MethodParameter returnType, Class converterType) { + Class targetClass = returnType.getMethod().getDeclaringClass(); + + return true; + } + + @Override + public Object beforeBodyWrite(Object body, MethodParameter returnType, MediaType selectedContentType, Class selectedConverterType, ServerHttpRequest request, ServerHttpResponse response) { + if (body instanceof R) { + SessionUtil.setFingerValue(((ServletRequestAttributes) RequestContextHolder.getRequestAttributes()).getRequest(), (R)body); + } + return body; + } +} diff --git a/smtweb-framework/core/src/main/java/cc/smtweb/framework/core/mvc/controller/access/IMethodAccess.java b/smtweb-framework/core/src/main/java/cc/smtweb/framework/core/mvc/controller/access/IMethodAccess.java index ddfef8c..4f67e94 100644 --- a/smtweb-framework/core/src/main/java/cc/smtweb/framework/core/mvc/controller/access/IMethodAccess.java +++ b/smtweb-framework/core/src/main/java/cc/smtweb/framework/core/mvc/controller/access/IMethodAccess.java @@ -46,10 +46,4 @@ public interface IMethodAccess { */ String fullName(); - /** - * API权限 - * - * @return 权限串 - */ - String getPerm(); } diff --git a/smtweb-framework/core/src/main/java/cc/smtweb/framework/core/mvc/controller/access/MethodAccess.java b/smtweb-framework/core/src/main/java/cc/smtweb/framework/core/mvc/controller/access/MethodAccess.java index e322bcd..9bb7395 100644 --- a/smtweb-framework/core/src/main/java/cc/smtweb/framework/core/mvc/controller/access/MethodAccess.java +++ b/smtweb-framework/core/src/main/java/cc/smtweb/framework/core/mvc/controller/access/MethodAccess.java @@ -22,14 +22,12 @@ import java.util.Map; public class MethodAccess implements IMethodAccess { private final ControllerAccess controllerAccess; private final Method method; - @Getter - private final String perm; + private final MethodParamAccess[] paramBinds; - public MethodAccess(ControllerAccess controllerAccess, Method method, String perm, MethodParamAccess[] paramBinds) { + public MethodAccess(ControllerAccess controllerAccess, Method method, MethodParamAccess[] paramBinds) { this.controllerAccess = controllerAccess; this.method = method; - this.perm = perm; this.paramBinds = paramBinds; } diff --git a/smtweb-framework/core/src/main/java/cc/smtweb/framework/core/mvc/controller/scan/MethodParser.java b/smtweb-framework/core/src/main/java/cc/smtweb/framework/core/mvc/controller/scan/MethodParser.java index 34229ea..3e0b4a9 100644 --- a/smtweb-framework/core/src/main/java/cc/smtweb/framework/core/mvc/controller/scan/MethodParser.java +++ b/smtweb-framework/core/src/main/java/cc/smtweb/framework/core/mvc/controller/scan/MethodParser.java @@ -35,20 +35,13 @@ public class MethodParser { public void parse(Class clazz, ControllerAccess controllerAccess, boolean isApi) throws ParseException { // this.controllerAccess = controllerAccess; - // 服务的默认权限 - String classPerm = ""; - SwPerm swPerm = clazz.getAnnotation(SwPerm.class); - if (swPerm != null) { - classPerm = swPerm.value(); - } - // 扫描方法注解 for (Method m : clazz.getMethods()) { int modifier = m.getModifiers(); // && (R.class.isAssignableFrom(m.getReturnType())) if (Modifier.isPublic(modifier) && !Modifier.isStatic(modifier) && !Object.class.equals(m.getDeclaringClass())) { - MethodAccess methodAccess = parseMethod(controllerAccess, m, classPerm); + MethodAccess methodAccess = parseMethod(controllerAccess, m); if (scanContext.dealMethod(m, methodAccess)) { if (isApi) { @@ -81,7 +74,7 @@ public class MethodParser { } } - private MethodAccess parseMethod(ControllerAccess controllerAccess, Method method, String defaultPerm) { + private MethodAccess parseMethod(ControllerAccess controllerAccess, Method method) { Class[] paramTypes = method.getParameterTypes(); Annotation[][] paramAnnotations = method.getParameterAnnotations(); @@ -146,14 +139,7 @@ public class MethodParser { } } - // 得到权限注解 - String perm = defaultPerm; - SwPerm swPerm = method.getAnnotation(SwPerm.class); - if (swPerm != null) { - perm = swPerm.value(); - } - - return new MethodAccess(controllerAccess, method, perm, paramBinds); + return new MethodAccess(controllerAccess, method, paramBinds); } } diff --git a/smtweb-framework/core/src/main/java/cc/smtweb/framework/core/mvc/realm/interceptor/AbstractPermInterceptor.java b/smtweb-framework/core/src/main/java/cc/smtweb/framework/core/mvc/realm/interceptor/AbstractPermInterceptor.java deleted file mode 100644 index 558047c..0000000 --- a/smtweb-framework/core/src/main/java/cc/smtweb/framework/core/mvc/realm/interceptor/AbstractPermInterceptor.java +++ /dev/null @@ -1,110 +0,0 @@ -package cc.smtweb.framework.core.mvc.realm.interceptor; - -import cc.smtweb.framework.core.annotation.SwPerm; -import cc.smtweb.framework.core.cache.ISwCache; -import cc.smtweb.framework.core.cache.redis.RedisManager; -import cc.smtweb.framework.core.mvc.controller.IEditor; -import cc.smtweb.framework.core.mvc.realm.exception.ForbiddenException; -import cc.smtweb.framework.core.mvc.realm.exception.UnauthenticatedException; -import cc.smtweb.framework.core.mvc.realm.service.PermCheckItem; -import cc.smtweb.framework.core.mvc.realm.service.PermChecker; -import cc.smtweb.framework.core.session.SessionUtil; -import cc.smtweb.framework.core.session.UserSession; -import org.apache.commons.lang3.StringUtils; - -import javax.servlet.http.HttpServletRequest; - -public class AbstractPermInterceptor { - private final RedisManager redisManager; - private ISwCache cacheService; - - public AbstractPermInterceptor(RedisManager redisManager) { - this.redisManager = redisManager; - } - - public void setCache(ISwCache cacheService) { - this.cacheService = cacheService; - } - - protected boolean handle(HttpServletRequest request, String permissionValue) { - // 如果注解为null, 说明不需要拦截, 直接放过 - if (SwPerm.NONE.equals(permissionValue)) { - return true; - } - - // redis读取session,判断是否登录 - String token = SessionUtil.readToken(request); - if ("design".equals(token)) return true; - if (StringUtils.isBlank(token)) { - throw new UnauthenticatedException("not find Auth-Token in header"); - } - - UserSession us = redisManager.get(token, UserSession.class); - if (us == null) { - throw new UnauthenticatedException("not find UserSession by token: " + token); - } - - request.setAttribute(IEditor.USER_TOKEN, token); - request.setAttribute(IEditor.USER_SESSION, us); - - // 如果标记了权限注解,则判断权限 - if (checkPermission(permissionValue, us)) { - // 更新Token redis TTL - redisManager.expire(token, RedisManager.SESSION_EXPIRE_SEC); - return true; - } else { - throw new ForbiddenException("user not permission: " + permissionValue); - } - } - - /** - * 权限检查 - */ - private boolean checkPermission(String permissionValue, UserSession us) { - if (StringUtils.isBlank(permissionValue)) { - return true; - } - - // 从本地缓存或数据库中获取该用户的权限信息 - PermChecker permissionSet = cacheService.get(us.getUserId()); - -// if (MapUtils.isEmpty(permissionSet)) { -// throw new ForbiddenException("empty permission"); -// } - - PermCheckItem permChecker = permissionSet.get(permissionValue); - - if (permChecker != null) { - return true; - } - - while (true) { - permissionValue = getParentPermValue(permissionValue); - - if (permissionValue != null) { - permChecker = permissionSet.get(permissionValue); - if (permChecker != null && permChecker.isPerfixMath()) { - return true; - } - } else { - break; - } - } - - return false; - } - - private static String getParentPermValue(String permissionValue) { - if (permissionValue.length() > 0) { - - int pos = permissionValue.lastIndexOf(':'); - if (pos > 0) { - return permissionValue.substring(0, pos); - } - - return ""; - } - - return null; - } -} diff --git a/smtweb-framework/core/src/main/java/cc/smtweb/framework/core/mvc/realm/interceptor/AuthorizationInterceptor.java b/smtweb-framework/core/src/main/java/cc/smtweb/framework/core/mvc/realm/interceptor/AuthorizationInterceptor.java deleted file mode 100644 index b6430f0..0000000 --- a/smtweb-framework/core/src/main/java/cc/smtweb/framework/core/mvc/realm/interceptor/AuthorizationInterceptor.java +++ /dev/null @@ -1,42 +0,0 @@ -package cc.smtweb.framework.core.mvc.realm.interceptor; - -import cc.smtweb.framework.core.annotation.SwPerm; -import cc.smtweb.framework.core.cache.redis.RedisManager; -import org.springframework.web.method.HandlerMethod; -import org.springframework.web.servlet.HandlerInterceptor; - -import javax.servlet.http.HttpServletRequest; -import javax.servlet.http.HttpServletResponse; - -/** - * 暂时未使用,spring的拦截器方式判断权限 - */ -public class AuthorizationInterceptor extends AbstractPermInterceptor implements HandlerInterceptor { - - public AuthorizationInterceptor(RedisManager redisManager) { - super(redisManager); - } - - @Override - public boolean preHandle(HttpServletRequest request, HttpServletResponse response, Object handler) - throws Exception { - if (handler instanceof HandlerMethod) { - HandlerMethod handlerMethod = (HandlerMethod) handler; - // 获取方法上的注解 - SwPerm requiredSwPerm = handlerMethod.getMethod().getAnnotation(SwPerm.class); - // 如果方法上的注解为空 则获取类的注解 - if (requiredSwPerm == null) { - requiredSwPerm = handlerMethod.getMethod().getDeclaringClass().getAnnotation(SwPerm.class); - } - - String requiredValue = null; - if (requiredSwPerm != null) { - requiredValue = requiredSwPerm.value(); - } - - return super.handle(request, requiredValue); - } - - return true; - } -} diff --git a/smtweb-framework/core/src/main/java/cc/smtweb/framework/core/mvc/realm/interceptor/PermInterceptor.java b/smtweb-framework/core/src/main/java/cc/smtweb/framework/core/mvc/realm/interceptor/PermInterceptor.java deleted file mode 100644 index 0edd4b0..0000000 --- a/smtweb-framework/core/src/main/java/cc/smtweb/framework/core/mvc/realm/interceptor/PermInterceptor.java +++ /dev/null @@ -1,27 +0,0 @@ -package cc.smtweb.framework.core.mvc.realm.interceptor; - -import cc.smtweb.framework.core.cache.redis.RedisManager; - -import javax.servlet.http.HttpServletRequest; - -/** - * 权限拦截器,在API请求处理中一起完成 - * - * @author xkliu - */ -public class PermInterceptor extends AbstractPermInterceptor { - public PermInterceptor(RedisManager redisManager) { - super(redisManager); - } - - /** - * 校验用户是否有API权限 - * - * @param request http请求 - * @param permissionValue 权限值 - * @return 是否有权限 - */ - public boolean preHandle(HttpServletRequest request, String permissionValue) { - return super.handle(request, permissionValue); - } -} diff --git a/smtweb-framework/core/src/main/java/cc/smtweb/framework/core/session/SessionUtil.java b/smtweb-framework/core/src/main/java/cc/smtweb/framework/core/session/SessionUtil.java index 2237a24..2db422b 100644 --- a/smtweb-framework/core/src/main/java/cc/smtweb/framework/core/session/SessionUtil.java +++ b/smtweb-framework/core/src/main/java/cc/smtweb/framework/core/session/SessionUtil.java @@ -1,12 +1,22 @@ package cc.smtweb.framework.core.session; +import cc.smtweb.framework.core.cache.SessionCache; +import cc.smtweb.framework.core.cache.SessionCacheFactory; import cc.smtweb.framework.core.cache.redis.RedisManager; +import cc.smtweb.framework.core.common.R; +import cc.smtweb.framework.core.common.SwConsts; +import cc.smtweb.framework.core.exception.BizException; import cc.smtweb.framework.core.mvc.controller.IEditor; import cc.smtweb.framework.core.mvc.realm.exception.UnauthenticatedException; +import cc.smtweb.framework.core.util.NumberUtil; +import cc.smtweb.framework.core.util.StringUtil; import org.apache.commons.lang3.StringUtils; import org.springframework.web.context.request.RequestContextHolder; import javax.servlet.http.HttpServletRequest; +import java.util.ArrayList; +import java.util.List; +import java.util.concurrent.atomic.AtomicInteger; /** * 〈session工具类〉 @@ -15,6 +25,96 @@ import javax.servlet.http.HttpServletRequest; * @since 1.0.0 */ public class SessionUtil { + //登录令牌header名 + private final static String KEY_HEADER_SESSION = "Auth-Token"; + //url参数名 + private final static String KEY_PARAM_SESSION = "auth_token"; + + //防止重复提交指纹-header名 + private final static String KEY_HEADER_FP_KEY = "Fpk_Token"; + private final static String KEY_HEADER_FP_VAL = "Fpv_Token"; + //url参数名 + private final static String KEY_PARAM_FP_KEY = "fpk"; + private final static String KEY_PARAM_FP_VAL = "fpv"; + + //不需要校验登录的url + public static List notLoginUrl = new ArrayList<>(); + /*//不需要切换数据源的url,强制用主库 + public static List notSetDbUrl = new ArrayList<>();*/ + //不需要验证合法性的url + public static List notCheckUrlValid = new ArrayList<>(); + //不算用户交互操作的url,用于管理session失效 + public static List notInterActiveUrl = new ArrayList<>(); + static { + notLoginUrl.add("/api/getVerifyCode"); + notLoginUrl.add("/api/bpm/auth/login"); + notLoginUrl.add("/fs/static/*"); + notLoginUrl.add("/custdb/*.do"); + notLoginUrl.add("/attach/upload.do"); + notLoginUrl.add("/attach/download.do"); + notLoginUrl.add("/attach/uploadBase64.do"); + + notCheckUrlValid.add("/db/*.do"); + notCheckUrlValid.add("/custdb/*.do"); + notCheckUrlValid.add("/cust/common/httpService/service.do"); + notCheckUrlValid.add("/attach/upload.do"); + notCheckUrlValid.add("/attach/uploadBase64.do"); + + } + + private static void addUrl(String url, List list) { + list.add(url); + } + + //是否不需要url校验 + private static boolean isMatchUrl(String lasturi, List list) { + if (list.contains(lasturi)) return true; + for (String s: list){ + if (StringUtil.match(s, lasturi)) return true; + } + return false; + } + + //是否不需要登录验证 + public static boolean isNoLogin(String lasturi) { + return isMatchUrl(lasturi, notLoginUrl); + } + + //增加不需要登录的Uri + public static void addNoLoginUri(String uri) { + addUrl(uri, notLoginUrl); + } + + /*//是否不需要切换库 + public static boolean isNoSetDb(String lasturi) { + return isMatchUrl(lasturi, notSetDbUrl); + } + + //增加不需要登录的Uri + public static void addNoSetDbUrl(String uri) { + addUrl(uri, notSetDbUrl); + }*/ + + //是否不需要url校验 + public static boolean isNoCheckValid(String lasturi) { + return isMatchUrl(lasturi, notCheckUrlValid); + } + + //增加不需要校验合法性的Uri + public static void addNoCheckValidUri(String uri) { + addUrl(uri, notCheckUrlValid); + } + + //不算用户交互操作 + public static boolean isNoInterActive(String lasturi) { + return isMatchUrl(lasturi, notInterActiveUrl); + } + + //不算用户交互操作 + public static void addNoInterActiveUri(String uri) { + addUrl(uri, notInterActiveUrl); + } + private SessionUtil() { } @@ -23,41 +123,95 @@ public class SessionUtil { } public static String readToken(HttpServletRequest request) { - String token = request.getHeader("Auth-Token"); + return readToken(request, KEY_HEADER_SESSION, KEY_PARAM_SESSION); + } + + public static String readFingerKey(HttpServletRequest request) { + return readToken(request, KEY_HEADER_FP_KEY, KEY_PARAM_FP_KEY); + } + + public static int readFingerVal(HttpServletRequest request) { + return NumberUtil.getIntIgnoreErr(readToken(request, KEY_HEADER_FP_VAL, KEY_PARAM_FP_VAL)); + } + + private static String readToken(HttpServletRequest request, String headerName, String paramName) { + String token = request.getHeader(headerName); if (token == null) { - token = request.getParameter("auth_token"); + token = request.getParameter(paramName); } return token; } - public static UserSession checkSession(HttpServletRequest request, RedisManager redisManager) { - String token = readToken(request); + //无效登录异常 + public static void throwNoLogin() { + throw new BizException(SwConsts.ErrorCode.NO_LOGIN); + } - if (StringUtils.isBlank(token)) { - throw new UnauthenticatedException("not find Auth-Token in header"); + public static void checkSession(HttpServletRequest request) { + //校验登录 + String lasturi = getUriLast(request.getContextPath(), request.getServletPath()); + String token = readToken(request); + UserSession us = null; + if (StringUtils.isNotBlank(token)) { + us = RedisManager.getInstance().get(token, UserSession.class); } + //校验登录 + final boolean isNologin ="design".equals(token) || isNoLogin(lasturi); + if (!isNologin) { + if (us == null) { + throwNoLogin(); + } - UserSession us = redisManager.get(token, UserSession.class); - if (us == null) { - throw new UnauthenticatedException("not find UserSession by token: " + token); + request.setAttribute(IEditor.USER_TOKEN, token); + request.setAttribute(IEditor.USER_SESSION, us); } - return us; + String fpk = readFingerKey(request); + if (!StringUtil.isEmpty(fpk)) { + //校验指纹 + String fpKey = us != null ? String.valueOf(us.getUserId()): request.getSession(true).getId(); + int fpv = readFingerVal(request); + if (fpv > 0) { + SessionCache cache = SessionCacheFactory.getInstance().getCache(KEY_PARAM_FP_KEY, 1200L); + AtomicInteger ai = cache.get(fpKey + "_" + fpk); + int bv = ai != null ? ai.get(): 0; + if (fpv != bv) { + throw new BizException(SwConsts.ErrorCode.TOKEN_INVALID, "指纹错误,请勿重复提交!"); + } + } + } } + //设置指纹 + public static void setFingerValue(HttpServletRequest request, R r) { + String fpk = readFingerKey(request); + if (!StringUtil.isEmpty(fpk)) { + UserSession us = (UserSession) request.getAttribute(IEditor.USER_SESSION); + String fpKey = us != null ? String.valueOf(us.getUserId()): request.getSession(true).getId(); + SessionCache cache = SessionCacheFactory.getInstance().getCache(KEY_PARAM_FP_KEY, 1200L); - public static UserSession checkSession(String accessToken, RedisManager redisManager) { - if (StringUtils.isBlank(accessToken)) { - throw new UnauthenticatedException("not find Auth-Token in header"); - } - - UserSession us = redisManager.get(accessToken, UserSession.class); - if (us == null) { - throw new UnauthenticatedException("not find UserSession by token: " + accessToken); + AtomicInteger ai = cache.get(fpKey + "_" + fpk); + if (ai == null) { + ai = new AtomicInteger(0); + cache.put(fpKey + "_" + fpk, ai); + } + r.put(KEY_PARAM_FP_KEY, fpk); + r.put(KEY_PARAM_FP_VAL, ai.incrementAndGet()); } + } - return us; + /** + * 截取请求名称,如重 /${contextPath}/framework/loginpage.do中截出loginpage.do; + * + * @param contextPath /dfp + * @param uri /dfp/framework/loginpage.do + */ + private static String getUriLast(String contextPath, String uri) { + int index = uri.indexOf(contextPath+"/"); + if (index < 0) return uri; + if (index > 1) return uri; + return uri.substring(index + contextPath.length()); } // private static Session getShiroSession() { diff --git a/smtweb-framework/core/src/main/java/cc/smtweb/framework/core/util/SqlUtil.java b/smtweb-framework/core/src/main/java/cc/smtweb/framework/core/util/SqlUtil.java index fe54704..58cb618 100644 --- a/smtweb-framework/core/src/main/java/cc/smtweb/framework/core/util/SqlUtil.java +++ b/smtweb-framework/core/src/main/java/cc/smtweb/framework/core/util/SqlUtil.java @@ -3,6 +3,7 @@ package cc.smtweb.framework.core.util; import cc.smtweb.framework.core.common.AbstractEnum; import cc.smtweb.framework.core.common.IntEnum; import cc.smtweb.framework.core.common.StrEnum; +import cc.smtweb.framework.core.db.EntityHelper; import org.apache.commons.lang3.StringUtils; import java.util.List; @@ -22,7 +23,14 @@ public abstract class SqlUtil { * @return */ public static String replaceTable(String sql) { - return sql; + return StringUtil.myReplaceStrEx(sql, "[#", "#]", new StringUtil.IStrHanlder() { + @Override + public String work(String src) { + src = src.toUpperCase(); + return EntityHelper.getSchemaTableName(src); + } + }); + } /** diff --git a/smtweb-framework/core/src/main/java/cc/smtweb/framework/core/util/StringUtil.java b/smtweb-framework/core/src/main/java/cc/smtweb/framework/core/util/StringUtil.java index 1e9ee00..3cb9d3a 100644 --- a/smtweb-framework/core/src/main/java/cc/smtweb/framework/core/util/StringUtil.java +++ b/smtweb-framework/core/src/main/java/cc/smtweb/framework/core/util/StringUtil.java @@ -240,7 +240,7 @@ public class StringUtil { * @param delim the delimiter character(s) to use. (null value will join with no delimiter) * @return a String of all values in the list seperated by the delimiter */ - public static String join(List list, String delim) { + public static String join(Collection list, String delim) { if (list == null || list.size() < 1) return null; StringBuffer buf = new StringBuffer(); @@ -254,6 +254,11 @@ public class StringUtil { return buf.toString(); } + + public static String join(String[] list, String delim) { + return join(Arrays.asList(list), delim); + } + /** * Splits a String on a delimiter into a List of Strings. * @@ -490,7 +495,7 @@ public class StringUtil { * @return str */ public static String checkNull(String strValue, String defaultValue) { - return strValue == null ? defaultValue: strValue; + return strValue == null ? defaultValue : strValue; } /** diff --git a/smtweb-framework/pom.xml b/smtweb-framework/pom.xml index 38a69dc..c08d83c 100644 --- a/smtweb-framework/pom.xml +++ b/smtweb-framework/pom.xml @@ -27,5 +27,10 @@ core bpm + + +