Skip to content

M
manager
Commit e05d635b by kangxiaoshan
Options

权限管理

parent a3347f45
Showing with 177 additions and 24 deletions
src/main/java/common/controller/ContractController.java
......@@ -2,6 +2,7 @@ package common.controller;
import common.model.*;
import common.service.ContractService;
import dic.AuthMenuEnmm;
import dic.ContractStatusEnum;
import dic.OperateObjectTypeEnum;
import org.apache.commons.io.IOUtils;
......@@ -14,6 +15,7 @@ import org.springframework.http.MediaType;
import org.springframework.http.ResponseEntity;
import org.springframework.stereotype.Controller;
import org.springframework.web.bind.annotation.*;
import security.annotation.AuthKey;
import security.annotation.CurrentAccount;
import util.IPAddrUtil;
import util.NewUserLogThread;
......@@ -71,6 +73,7 @@ public class ContractController {
@RequestMapping(value = "find", method = RequestMethod.GET)
@ResponseBody
@AuthKey(AuthMenuEnmm.CONTRACTMNG_V)
public ResultModel findAll(@CurrentAccount User loginAccount, @PathVariable String platform,
@RequestParam String startDate, @RequestParam String endDate,String contractId) {
......@@ -88,6 +91,7 @@ public class ContractController {
@RequestMapping(value = "export", method = RequestMethod.GET,produces = MediaType.APPLICATION_OCTET_STREAM_VALUE)
@ResponseBody
@AuthKey(AuthMenuEnmm.CONTRACTMNG_EX)
public ResponseEntity<byte[]> export(@CurrentAccount User loginAccount, @PathVariable String platform, @RequestParam String startDate
, @RequestParam String endDate, HttpServletRequest request, HttpServletResponse response) {
List<Contract> contractList = service.findAll(loginAccount, startDate, endDate, platform,null);
......@@ -123,6 +127,7 @@ public class ContractController {
@RequestMapping(value = "pay/export", method = RequestMethod.GET,produces = MediaType.APPLICATION_OCTET_STREAM_VALUE)
@ResponseBody
@AuthKey(AuthMenuEnmm.COLLECTBILLLIST_EX)
public ResponseEntity<byte[]> exportPay(@CurrentAccount User loginAccount, @RequestParam String startDate, @RequestParam String endDate,
HttpServletRequest request, HttpServletResponse response, @PathVariable String platform ,
String moneyType,String packageTypeSearch,String money_ids) {
......@@ -259,6 +264,7 @@ public class ContractController {
@RequestMapping(value = "update", method = RequestMethod.PUT)
@ResponseBody
@AuthKey(AuthMenuEnmm.CONTRACTMNG_M)
public ResultModel update(@CurrentAccount User loginAccount, @RequestBody Contract contract, HttpServletRequest request, @PathVariable String platform) {
String ip = IPAddrUtil.getIpAddrNew(request);
......@@ -332,6 +338,7 @@ public class ContractController {
@RequestMapping(value = "find/payall", method = RequestMethod.GET)
@ResponseBody
@AuthKey(AuthMenuEnmm.COLLECTBILLLIST_V)
public ResultModel findPayAll(@CurrentAccount User loginAccount, @RequestParam String startDate,
@RequestParam String endDate, @PathVariable String platform,
String moneyType,String packageTypeSearch,String money_ids) {
......@@ -364,6 +371,7 @@ public class ContractController {
@RequestMapping(value = "setstaus", method = RequestMethod.GET)
@ResponseBody
@AuthKey(AuthMenuEnmm.CONTRACTMNG_D)
public ResultModel contractStatusUpdate( @PathVariable String platform,@CurrentAccount User loginUser,
String contractId,String status,HttpServletRequest request) {
......
src/main/java/common/controller/UserController.java
......@@ -8,10 +8,12 @@ import common.repository.RoleTypeRepository;
import common.repository.UserRepository;
import common.service.MenuService;
import common.service.UserService;
import dic.AuthMenuEnmm;
import dic.OperateObjectTypeEnum;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.stereotype.Controller;
import org.springframework.web.bind.annotation.*;
import security.annotation.AuthKey;
import security.annotation.CurrentAccount;
import util.CipherUtil;
import util.ResultModel;
......@@ -50,6 +52,7 @@ public class UserController {
@RequestMapping(value = "/create", method = RequestMethod.POST)
@ResponseBody
@AuthKey(AuthMenuEnmm.USERMNG_A)
public ResultModel create(@CurrentAccount User loginAccount, @RequestBody User resource, HttpServletRequest request) {
if(userService.validEmail(resource.getEmail())){
userService.create(loginAccount, resource);
......@@ -63,6 +66,7 @@ public class UserController {
@RequestMapping(value = "/update", method = RequestMethod.PUT)
@ResponseBody
@AuthKey(AuthMenuEnmm.USERMNG_M)
public ResultModel update(@CurrentAccount User loginAccount, @RequestBody User resource, HttpServletRequest request) {
UserLogThread userlog = new UserLogThread(loginAccount.getEmail(), loginAccount.getName(), OperateObjectTypeEnum.INNERUSER.getKey(), resource.getEmail(), "修改系统账号", request,loginAccount.getRole(),"manager");
userlog.start();
......@@ -71,6 +75,7 @@ public class UserController {
@RequestMapping(value = "/find", method = RequestMethod.GET)
@ResponseBody
@AuthKey(AuthMenuEnmm.USERMNG_V)
public ResultModel find(@CurrentAccount User loginAccount) {
return ResultModel.OK(userService.find(loginAccount));
}
......@@ -96,6 +101,7 @@ public class UserController {
@RequestMapping(value = "/delete/{id}", method = RequestMethod.DELETE)
@ResponseBody
@AuthKey(AuthMenuEnmm.USERMNG_D)
public ResultModel delete(@CurrentAccount User loginAccount, @PathVariable Long id, HttpServletRequest request) {
User user = userService.delete(loginAccount, id);
UserLogThread userlog = new UserLogThread(loginAccount.getEmail(), loginAccount.getName(), OperateObjectTypeEnum.INNERUSER.getKey(), user.getEmail(), "删除系统账号", request,loginAccount.getRole(),"manager");
......@@ -114,6 +120,7 @@ public class UserController {
@RequestMapping(value = "/forbiden/{id}", method = RequestMethod.PUT)
@ResponseBody
@AuthKey(AuthMenuEnmm.USERMNG_STOP)
public ResultModel forbiden(@CurrentAccount User loginAccount, @PathVariable Long id, HttpServletRequest request) {
User user = userService.forbiden(loginAccount, id);
UserLogThread userlog = new UserLogThread(loginAccount.getEmail(), loginAccount.getName(), OperateObjectTypeEnum.INNERUSER.getKey(), user.getEmail(), "停用系统账号", request,loginAccount.getRole(),"manager");
......@@ -123,6 +130,7 @@ public class UserController {
@RequestMapping(value = "/update/name", method = RequestMethod.PUT)
@ResponseBody
@AuthKey(AuthMenuEnmm.USERMNG_M)
public ResultModel updateName(@CurrentAccount User loginAccount, @RequestParam String name, HttpServletRequest request) {
User login = userRepository.login(name);
if(null == login){
......@@ -138,6 +146,7 @@ public class UserController {
@RequestMapping(value = "/update/password", method = RequestMethod.PUT)
@ResponseBody
@AuthKey(AuthMenuEnmm.USERMNG_M)
public ResultModel updatePwd(@CurrentAccount User loginAccount, @RequestParam String pwd, @RequestParam String oldpwd, HttpServletRequest request) {
User login = userRepository.login(loginAccount.getEmail(), CipherUtil.generatePassword(oldpwd));
if(null != login){
......@@ -153,6 +162,7 @@ public class UserController {
//忘记密码时,修改密码
@RequestMapping(value = "/update/pwd", method = RequestMethod.PUT)
@ResponseBody
@AuthKey(AuthMenuEnmm.USERMNG_M)
public ResultModel updatePwd(@RequestParam String email, @RequestParam String pwd, HttpServletRequest request) {
UserLogThread userlog = new UserLogThread(email, email, OperateObjectTypeEnum.INNERUSER.getKey(), email, "修改系统账号密码", request,null,"manager");
userlog.start();
......
src/main/java/common/controller/UserLogController.java
......@@ -4,9 +4,11 @@ import common.model.User;
import common.model.UserLog;
import common.service.ContractService;
import common.service.UserLogService;
import dic.AuthMenuEnmm;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.stereotype.Controller;
import org.springframework.web.bind.annotation.*;
import security.annotation.AuthKey;
import security.annotation.CurrentAccount;
import util.ResultModel;
......@@ -36,6 +38,7 @@ public class UserLogController
@RequestMapping(value = "change/del/info", method = RequestMethod.GET)
@ResponseBody
@AuthKey(AuthMenuEnmm.USERLOGS_V)
public ResultModel getChangeDelData( @CurrentAccount User loginAccount,
HttpServletRequest request,
String contranctCode,String startDate,String endDate) {
......@@ -53,6 +56,7 @@ public class UserLogController
@RequestMapping(value = "change/del/recover", method = RequestMethod.GET)
@ResponseBody
@AuthKey(AuthMenuEnmm.USERLOGS_RE)
public ResultModel changesDelRecover( @CurrentAccount User loginAccount,
HttpServletRequest request,String id,String type) {
......
src/main/java/common/model/User.java
......@@ -6,6 +6,7 @@ import javax.persistence.Id;
import javax.persistence.Transient;
import java.util.Date;
import java.util.List;
import java.util.Map;
@Entity
public class User {
......@@ -29,6 +30,8 @@ public class User {
private Date createTime;
private Boolean delFlag;
private Map<String,String> authdataDic;
@Id
@GeneratedValue
......@@ -171,6 +174,15 @@ public class User {
this.parent = parent;
}
@Transient
public Map<String, String> getAuthdataDic() {
return authdataDic;
}
public void setAuthdataDic(Map<String, String> authdataDic) {
this.authdataDic = authdataDic;
}
@Override
public String toString() {
return "User{" +
......
src/main/java/common/service/impl/AuthServiceImpl.java
......@@ -29,34 +29,19 @@ public class AuthServiceImpl implements AuthService {
@Override
public Map<String, Object> getAuthExtends(User loginAccount) {
Auth auth = authRepository.findByUser(loginAccount.getId());
List<String> authArrs = new ArrayList<>();
Map<String, Object> collect = new HashMap<>();
if(RoleEnum.FINANCE.getKey().equals(loginAccount.getRole())){
if(RoleEnum.FINANCE.getKey().equals(loginAccount.getRole()) || RoleEnum.PM.getKey().equals(loginAccount.getRole())){
//财务 按签约主体查看
List<Integer> authInt = JSONArray.fromObject(auth.getAuthExtend());
collect = authInt.stream().collect(Collectors.toMap(t -> t.toString(), t -> t));
List<String> authArrs = JSONArray.fromObject(auth.getAuthExtend());
collect = authArrs.stream().collect(Collectors.toMap(t -> t, t -> t));
}else if(RoleEnum.SALSEMAN.getKey().equals(loginAccount.getRole())){
//销售 按签约合同人查看
authArrs = JSONArray.fromObject(auth.getAuthExtend());
collect = authArrs.stream().collect(Collectors.toMap(t -> t, t -> t));
}else if(RoleEnum.PM.getKey().equals(loginAccount.getRole())){
// 项目经理
authArrs = JSONArray.fromObject(auth.getAuthExtend());
collect = authArrs.stream().collect(Collectors.toMap(t -> t, t -> t));
List<Integer> authArrs = JSONArray.fromObject(auth.getAuthExtend());
collect = authArrs.stream().collect(Collectors.toMap(t -> t.toString(), t -> t));
}
if(collect.size()>0){
......
src/main/java/dic/AuthMenuEnmm.java 0 → 100644
package dic;
public enum AuthMenuEnmm {
FINANCE("finance","0","财务营收"),
CONTRACTMNG("21","finance","合同管理"),
CONTRACTMNG_V("21","21","查看"),//合同管理-查看
CONTRACTMNG_EX("212","21","导出"),
CONTRACTMNG_M("213","21","编辑"),
CONTRACTMNG_A("214","21","新增"),
CONTRACTMNG_D("215","21","删除"),
COLLECTBILLLIST("22","finance","收款/开票列表"),
COLLECTBILLLIST_V("22","22","查看"),//收款/开票列表-查看
COLLECTBILLLIST_EX("222","22","导出"),
COLLECTBILLLIST_M("223","22","编辑"),
CONTRACTDETAIL("20","finance","合同详情页"),
CONTRACTDETAIL_V("201","22","查看"),//合同详情页-查看
CONTRACTDETAIL_M("202","22","编辑"),
ACCOUNTDETAIL("20","finance","账号详情页"),
ACCOUNTDETAIL_V("203","22","查看"),//
ACCOUNTDETAIL_M("204","22","编辑"),
SYSTEM("system","0","系统管理"),
USERMNG("31","system","账号管理(重要)"),
USERMNG_V("31","31","查看"),//合同管理-查看
USERMNG_A("312","31","新建"),
USERMNG_M("313","31","编辑"),
USERMNG_D("314","31","删除"),
USERMNG_STOP("315","31","停用"),
USERLOGS("32","system","操作日志"),
USERLOGS_V("32","system","查看"),
USERLOGS_RE("32","system","恢复"),
OTHER("0","0","0");
private String idKey;
private String parentKey;
private String name;
AuthMenuEnmm(String idKey, String parentKey, String name) {
this.idKey = idKey;
this.parentKey = parentKey;
this.name = name;
}
public String getIdKey() {
return idKey;
}
public void setIdKey(String idKey) {
this.idKey = idKey;
}
public String getParentKey() {
return parentKey;
}
public void setParentKey(String parentKey) {
this.parentKey = parentKey;
}
public String getName() {
return name;
}
public void setName(String name) {
this.name = name;
}
}
src/main/java/security/annotation/AuthKey.java 0 → 100644
package security.annotation;
import dic.AuthMenuEnmm;
import java.lang.annotation.ElementType;
import java.lang.annotation.Retention;
import java.lang.annotation.RetentionPolicy;
import java.lang.annotation.Target;
@Target({ElementType.TYPE, ElementType.METHOD})
@Retention(RetentionPolicy.RUNTIME)
public @interface AuthKey {
AuthMenuEnmm value();
}
src/main/java/security/interceptor/AuthorizationInterceptor.java
package security.interceptor;
import com.fasterxml.jackson.databind.ObjectMapper;
import common.model.Auth;
import common.model.User;
import common.repository.AuthRepository;
import common.repository.UserRepository;
import dic.RoleEnum;
import net.sf.json.JSONArray;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.http.HttpStatus;
import org.springframework.http.MediaType;
import org.springframework.util.StringUtils;
import org.springframework.web.servlet.handler.HandlerInterceptorAdapter;
import security.RedisLoginStatusManager;
import security.TokenManager;
import security.annotation.AuthKey;
import util.Constant;
import util.ResultModel;
import util.ResultStatus;
......@@ -22,6 +28,8 @@ import javax.servlet.http.HttpServletResponse;
import java.io.BufferedWriter;
import java.io.OutputStreamWriter;
import java.util.Enumeration;
import java.util.Map;
import java.util.stream.Collectors;
public class AuthorizationInterceptor extends HandlerInterceptorAdapter {
private static final Logger logger = LoggerFactory.getLogger(AuthorizationInterceptor.class);
......@@ -31,6 +39,9 @@ public class AuthorizationInterceptor extends HandlerInterceptorAdapter {
private UserRepository userRepository;
@Autowired
private AuthRepository authRepository;
@Autowired
private TokenManager manager;
@Autowired
private RedisLoginStatusManager redisLoginStatusManager;
......@@ -82,26 +93,58 @@ public class AuthorizationInterceptor extends HandlerInterceptorAdapter {
// 可这里查出权限
if (sessionAct == null) {
User one = userRepository.findOne(Long.parseLong(key));
if (!one.getRole().equals(RoleEnum.MANAGER.getKey())) {
Auth auth = authRepository.findByUser(one.getId());
Map<String, String> authdata = (Map<String, String>) JSONArray.fromObject(auth.getAuth())
.stream().collect(Collectors.toMap(p -> ((Map) p).get("id").toString(), p -> "0"));
one.setAuthdataDic(authdata);
}
request.getSession().setAttribute(Constant.CURRENT_ACCOUNT,one);
sessionAct = one;
}
if(!sessionAct.getRole().equals(RoleEnum.MANAGER.getKey())){
//权限控制
AuthKey authKey = handler.getClass().getAnnotation(AuthKey.class);
if(authKey!=null && sessionAct.getAuthdataDic().get(authKey.value().getIdKey())==null){
printJsonResponse(response,"权限不足!");
return false;
}
return true;
}
return true;
}
}
printJsonResponse(response,null);
return false;
}
private void printJsonResponse(HttpServletResponse response,String message){
try {
//如果验证token失败,并且方法注明了Authorization,返回401错误
response.setStatus(HttpStatus.UNAUTHORIZED.value());
BufferedWriter writer = new BufferedWriter(new OutputStreamWriter(response.getOutputStream()));
response.setContentType(MediaType.APPLICATION_JSON_VALUE);
String json = new ObjectMapper().writeValueAsString(ResultModel.ERROR(ResultStatus.USERNAME_LOGIN_EXPIRE));
writer.write(json);
if(StringUtils.isEmpty(message)){
message = new ObjectMapper().writeValueAsString(ResultModel.ERROR(ResultStatus.USERNAME_LOGIN_EXPIRE));
}
writer.write(message);
writer.close();
} catch (Exception e){
e.printStackTrace();
}
return false;
}
private String getCookieToken(Cookie[] cookies, String name){
String token = null;
......
src/main/java/tkio/service/impl/AccountServiceImpl.java
......@@ -3,7 +3,6 @@ package tkio.service.impl;
import common.model.Contract;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.stereotype.Service;
import security.annotation.Authorization;
import tkio.model.Account;
import tkio.repository.AccountRepository;
import tkio.service.AccountService;
......
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment