Skip to content
Projects
Groups
Snippets
Help
This project
Loading...
Sign in / Register
Toggle navigation
M
manager
Project
Overview
Details
Activity
Cycle Analytics
Repository
Repository
Files
Commits
Branches
Tags
Contributors
Graph
Compare
Charts
Issues
0
Issues
0
List
Board
Labels
Milestones
Merge Requests
0
Merge Requests
0
CI / CD
CI / CD
Pipelines
Jobs
Schedules
Charts
Wiki
Wiki
Snippets
Snippets
Members
Members
Collapse sidebar
Close sidebar
Activity
Graph
Charts
Create a new issue
Jobs
Commits
Issue Boards
Open sidebar
reyun
manager
Commits
e05d635b
Commit
e05d635b
authored
5 years ago
by
kangxiaoshan
Browse files
Options
Browse Files
Download
Email Patches
Plain Diff
权限管理
parent
a3347f45
Expand all
Hide whitespace changes
Inline
Side-by-side
Showing
10 changed files
with
177 additions
and
24 deletions
+177
-24
ContractController.java
src/main/java/common/controller/ContractController.java
+8
-0
UserController.java
src/main/java/common/controller/UserController.java
+10
-0
UserLogController.java
src/main/java/common/controller/UserLogController.java
+4
-0
User.java
src/main/java/common/model/User.java
+12
-0
AuthServiceImpl.java
src/main/java/common/service/impl/AuthServiceImpl.java
+5
-20
ContractServiceImpl.java
src/main/java/common/service/impl/ContractServiceImpl.java
+0
-0
AuthMenuEnmm.java
src/main/java/dic/AuthMenuEnmm.java
+76
-0
AuthKey.java
src/main/java/security/annotation/AuthKey.java
+16
-0
AuthorizationInterceptor.java
...n/java/security/interceptor/AuthorizationInterceptor.java
+46
-3
AccountServiceImpl.java
src/main/java/tkio/service/impl/AccountServiceImpl.java
+0
-1
No files found.
src/main/java/common/controller/ContractController.java
View file @
e05d635b
...
@@ -2,6 +2,7 @@ package common.controller;
...
@@ -2,6 +2,7 @@ package common.controller;
import
common.model.*
;
import
common.model.*
;
import
common.service.ContractService
;
import
common.service.ContractService
;
import
dic.AuthMenuEnmm
;
import
dic.ContractStatusEnum
;
import
dic.ContractStatusEnum
;
import
dic.OperateObjectTypeEnum
;
import
dic.OperateObjectTypeEnum
;
import
org.apache.commons.io.IOUtils
;
import
org.apache.commons.io.IOUtils
;
...
@@ -14,6 +15,7 @@ import org.springframework.http.MediaType;
...
@@ -14,6 +15,7 @@ import org.springframework.http.MediaType;
import
org.springframework.http.ResponseEntity
;
import
org.springframework.http.ResponseEntity
;
import
org.springframework.stereotype.Controller
;
import
org.springframework.stereotype.Controller
;
import
org.springframework.web.bind.annotation.*
;
import
org.springframework.web.bind.annotation.*
;
import
security.annotation.AuthKey
;
import
security.annotation.CurrentAccount
;
import
security.annotation.CurrentAccount
;
import
util.IPAddrUtil
;
import
util.IPAddrUtil
;
import
util.NewUserLogThread
;
import
util.NewUserLogThread
;
...
@@ -71,6 +73,7 @@ public class ContractController {
...
@@ -71,6 +73,7 @@ public class ContractController {
@RequestMapping
(
value
=
"find"
,
method
=
RequestMethod
.
GET
)
@RequestMapping
(
value
=
"find"
,
method
=
RequestMethod
.
GET
)
@ResponseBody
@ResponseBody
@AuthKey
(
AuthMenuEnmm
.
CONTRACTMNG_V
)
public
ResultModel
findAll
(
@CurrentAccount
User
loginAccount
,
@PathVariable
String
platform
,
public
ResultModel
findAll
(
@CurrentAccount
User
loginAccount
,
@PathVariable
String
platform
,
@RequestParam
String
startDate
,
@RequestParam
String
endDate
,
String
contractId
)
{
@RequestParam
String
startDate
,
@RequestParam
String
endDate
,
String
contractId
)
{
...
@@ -88,6 +91,7 @@ public class ContractController {
...
@@ -88,6 +91,7 @@ public class ContractController {
@RequestMapping
(
value
=
"export"
,
method
=
RequestMethod
.
GET
,
produces
=
MediaType
.
APPLICATION_OCTET_STREAM_VALUE
)
@RequestMapping
(
value
=
"export"
,
method
=
RequestMethod
.
GET
,
produces
=
MediaType
.
APPLICATION_OCTET_STREAM_VALUE
)
@ResponseBody
@ResponseBody
@AuthKey
(
AuthMenuEnmm
.
CONTRACTMNG_EX
)
public
ResponseEntity
<
byte
[]>
export
(
@CurrentAccount
User
loginAccount
,
@PathVariable
String
platform
,
@RequestParam
String
startDate
public
ResponseEntity
<
byte
[]>
export
(
@CurrentAccount
User
loginAccount
,
@PathVariable
String
platform
,
@RequestParam
String
startDate
,
@RequestParam
String
endDate
,
HttpServletRequest
request
,
HttpServletResponse
response
)
{
,
@RequestParam
String
endDate
,
HttpServletRequest
request
,
HttpServletResponse
response
)
{
List
<
Contract
>
contractList
=
service
.
findAll
(
loginAccount
,
startDate
,
endDate
,
platform
,
null
);
List
<
Contract
>
contractList
=
service
.
findAll
(
loginAccount
,
startDate
,
endDate
,
platform
,
null
);
...
@@ -123,6 +127,7 @@ public class ContractController {
...
@@ -123,6 +127,7 @@ public class ContractController {
@RequestMapping
(
value
=
"pay/export"
,
method
=
RequestMethod
.
GET
,
produces
=
MediaType
.
APPLICATION_OCTET_STREAM_VALUE
)
@RequestMapping
(
value
=
"pay/export"
,
method
=
RequestMethod
.
GET
,
produces
=
MediaType
.
APPLICATION_OCTET_STREAM_VALUE
)
@ResponseBody
@ResponseBody
@AuthKey
(
AuthMenuEnmm
.
COLLECTBILLLIST_EX
)
public
ResponseEntity
<
byte
[]>
exportPay
(
@CurrentAccount
User
loginAccount
,
@RequestParam
String
startDate
,
@RequestParam
String
endDate
,
public
ResponseEntity
<
byte
[]>
exportPay
(
@CurrentAccount
User
loginAccount
,
@RequestParam
String
startDate
,
@RequestParam
String
endDate
,
HttpServletRequest
request
,
HttpServletResponse
response
,
@PathVariable
String
platform
,
HttpServletRequest
request
,
HttpServletResponse
response
,
@PathVariable
String
platform
,
String
moneyType
,
String
packageTypeSearch
,
String
money_ids
)
{
String
moneyType
,
String
packageTypeSearch
,
String
money_ids
)
{
...
@@ -259,6 +264,7 @@ public class ContractController {
...
@@ -259,6 +264,7 @@ public class ContractController {
@RequestMapping
(
value
=
"update"
,
method
=
RequestMethod
.
PUT
)
@RequestMapping
(
value
=
"update"
,
method
=
RequestMethod
.
PUT
)
@ResponseBody
@ResponseBody
@AuthKey
(
AuthMenuEnmm
.
CONTRACTMNG_M
)
public
ResultModel
update
(
@CurrentAccount
User
loginAccount
,
@RequestBody
Contract
contract
,
HttpServletRequest
request
,
@PathVariable
String
platform
)
{
public
ResultModel
update
(
@CurrentAccount
User
loginAccount
,
@RequestBody
Contract
contract
,
HttpServletRequest
request
,
@PathVariable
String
platform
)
{
String
ip
=
IPAddrUtil
.
getIpAddrNew
(
request
);
String
ip
=
IPAddrUtil
.
getIpAddrNew
(
request
);
...
@@ -332,6 +338,7 @@ public class ContractController {
...
@@ -332,6 +338,7 @@ public class ContractController {
@RequestMapping
(
value
=
"find/payall"
,
method
=
RequestMethod
.
GET
)
@RequestMapping
(
value
=
"find/payall"
,
method
=
RequestMethod
.
GET
)
@ResponseBody
@ResponseBody
@AuthKey
(
AuthMenuEnmm
.
COLLECTBILLLIST_V
)
public
ResultModel
findPayAll
(
@CurrentAccount
User
loginAccount
,
@RequestParam
String
startDate
,
public
ResultModel
findPayAll
(
@CurrentAccount
User
loginAccount
,
@RequestParam
String
startDate
,
@RequestParam
String
endDate
,
@PathVariable
String
platform
,
@RequestParam
String
endDate
,
@PathVariable
String
platform
,
String
moneyType
,
String
packageTypeSearch
,
String
money_ids
)
{
String
moneyType
,
String
packageTypeSearch
,
String
money_ids
)
{
...
@@ -364,6 +371,7 @@ public class ContractController {
...
@@ -364,6 +371,7 @@ public class ContractController {
@RequestMapping
(
value
=
"setstaus"
,
method
=
RequestMethod
.
GET
)
@RequestMapping
(
value
=
"setstaus"
,
method
=
RequestMethod
.
GET
)
@ResponseBody
@ResponseBody
@AuthKey
(
AuthMenuEnmm
.
CONTRACTMNG_D
)
public
ResultModel
contractStatusUpdate
(
@PathVariable
String
platform
,
@CurrentAccount
User
loginUser
,
public
ResultModel
contractStatusUpdate
(
@PathVariable
String
platform
,
@CurrentAccount
User
loginUser
,
String
contractId
,
String
status
,
HttpServletRequest
request
)
{
String
contractId
,
String
status
,
HttpServletRequest
request
)
{
...
...
This diff is collapsed.
Click to expand it.
src/main/java/common/controller/UserController.java
View file @
e05d635b
...
@@ -8,10 +8,12 @@ import common.repository.RoleTypeRepository;
...
@@ -8,10 +8,12 @@ import common.repository.RoleTypeRepository;
import
common.repository.UserRepository
;
import
common.repository.UserRepository
;
import
common.service.MenuService
;
import
common.service.MenuService
;
import
common.service.UserService
;
import
common.service.UserService
;
import
dic.AuthMenuEnmm
;
import
dic.OperateObjectTypeEnum
;
import
dic.OperateObjectTypeEnum
;
import
org.springframework.beans.factory.annotation.Autowired
;
import
org.springframework.beans.factory.annotation.Autowired
;
import
org.springframework.stereotype.Controller
;
import
org.springframework.stereotype.Controller
;
import
org.springframework.web.bind.annotation.*
;
import
org.springframework.web.bind.annotation.*
;
import
security.annotation.AuthKey
;
import
security.annotation.CurrentAccount
;
import
security.annotation.CurrentAccount
;
import
util.CipherUtil
;
import
util.CipherUtil
;
import
util.ResultModel
;
import
util.ResultModel
;
...
@@ -50,6 +52,7 @@ public class UserController {
...
@@ -50,6 +52,7 @@ public class UserController {
@RequestMapping
(
value
=
"/create"
,
method
=
RequestMethod
.
POST
)
@RequestMapping
(
value
=
"/create"
,
method
=
RequestMethod
.
POST
)
@ResponseBody
@ResponseBody
@AuthKey
(
AuthMenuEnmm
.
USERMNG_A
)
public
ResultModel
create
(
@CurrentAccount
User
loginAccount
,
@RequestBody
User
resource
,
HttpServletRequest
request
)
{
public
ResultModel
create
(
@CurrentAccount
User
loginAccount
,
@RequestBody
User
resource
,
HttpServletRequest
request
)
{
if
(
userService
.
validEmail
(
resource
.
getEmail
())){
if
(
userService
.
validEmail
(
resource
.
getEmail
())){
userService
.
create
(
loginAccount
,
resource
);
userService
.
create
(
loginAccount
,
resource
);
...
@@ -63,6 +66,7 @@ public class UserController {
...
@@ -63,6 +66,7 @@ public class UserController {
@RequestMapping
(
value
=
"/update"
,
method
=
RequestMethod
.
PUT
)
@RequestMapping
(
value
=
"/update"
,
method
=
RequestMethod
.
PUT
)
@ResponseBody
@ResponseBody
@AuthKey
(
AuthMenuEnmm
.
USERMNG_M
)
public
ResultModel
update
(
@CurrentAccount
User
loginAccount
,
@RequestBody
User
resource
,
HttpServletRequest
request
)
{
public
ResultModel
update
(
@CurrentAccount
User
loginAccount
,
@RequestBody
User
resource
,
HttpServletRequest
request
)
{
UserLogThread
userlog
=
new
UserLogThread
(
loginAccount
.
getEmail
(),
loginAccount
.
getName
(),
OperateObjectTypeEnum
.
INNERUSER
.
getKey
(),
resource
.
getEmail
(),
"修改系统账号"
,
request
,
loginAccount
.
getRole
(),
"manager"
);
UserLogThread
userlog
=
new
UserLogThread
(
loginAccount
.
getEmail
(),
loginAccount
.
getName
(),
OperateObjectTypeEnum
.
INNERUSER
.
getKey
(),
resource
.
getEmail
(),
"修改系统账号"
,
request
,
loginAccount
.
getRole
(),
"manager"
);
userlog
.
start
();
userlog
.
start
();
...
@@ -71,6 +75,7 @@ public class UserController {
...
@@ -71,6 +75,7 @@ public class UserController {
@RequestMapping
(
value
=
"/find"
,
method
=
RequestMethod
.
GET
)
@RequestMapping
(
value
=
"/find"
,
method
=
RequestMethod
.
GET
)
@ResponseBody
@ResponseBody
@AuthKey
(
AuthMenuEnmm
.
USERMNG_V
)
public
ResultModel
find
(
@CurrentAccount
User
loginAccount
)
{
public
ResultModel
find
(
@CurrentAccount
User
loginAccount
)
{
return
ResultModel
.
OK
(
userService
.
find
(
loginAccount
));
return
ResultModel
.
OK
(
userService
.
find
(
loginAccount
));
}
}
...
@@ -96,6 +101,7 @@ public class UserController {
...
@@ -96,6 +101,7 @@ public class UserController {
@RequestMapping
(
value
=
"/delete/{id}"
,
method
=
RequestMethod
.
DELETE
)
@RequestMapping
(
value
=
"/delete/{id}"
,
method
=
RequestMethod
.
DELETE
)
@ResponseBody
@ResponseBody
@AuthKey
(
AuthMenuEnmm
.
USERMNG_D
)
public
ResultModel
delete
(
@CurrentAccount
User
loginAccount
,
@PathVariable
Long
id
,
HttpServletRequest
request
)
{
public
ResultModel
delete
(
@CurrentAccount
User
loginAccount
,
@PathVariable
Long
id
,
HttpServletRequest
request
)
{
User
user
=
userService
.
delete
(
loginAccount
,
id
);
User
user
=
userService
.
delete
(
loginAccount
,
id
);
UserLogThread
userlog
=
new
UserLogThread
(
loginAccount
.
getEmail
(),
loginAccount
.
getName
(),
OperateObjectTypeEnum
.
INNERUSER
.
getKey
(),
user
.
getEmail
(),
"删除系统账号"
,
request
,
loginAccount
.
getRole
(),
"manager"
);
UserLogThread
userlog
=
new
UserLogThread
(
loginAccount
.
getEmail
(),
loginAccount
.
getName
(),
OperateObjectTypeEnum
.
INNERUSER
.
getKey
(),
user
.
getEmail
(),
"删除系统账号"
,
request
,
loginAccount
.
getRole
(),
"manager"
);
...
@@ -114,6 +120,7 @@ public class UserController {
...
@@ -114,6 +120,7 @@ public class UserController {
@RequestMapping
(
value
=
"/forbiden/{id}"
,
method
=
RequestMethod
.
PUT
)
@RequestMapping
(
value
=
"/forbiden/{id}"
,
method
=
RequestMethod
.
PUT
)
@ResponseBody
@ResponseBody
@AuthKey
(
AuthMenuEnmm
.
USERMNG_STOP
)
public
ResultModel
forbiden
(
@CurrentAccount
User
loginAccount
,
@PathVariable
Long
id
,
HttpServletRequest
request
)
{
public
ResultModel
forbiden
(
@CurrentAccount
User
loginAccount
,
@PathVariable
Long
id
,
HttpServletRequest
request
)
{
User
user
=
userService
.
forbiden
(
loginAccount
,
id
);
User
user
=
userService
.
forbiden
(
loginAccount
,
id
);
UserLogThread
userlog
=
new
UserLogThread
(
loginAccount
.
getEmail
(),
loginAccount
.
getName
(),
OperateObjectTypeEnum
.
INNERUSER
.
getKey
(),
user
.
getEmail
(),
"停用系统账号"
,
request
,
loginAccount
.
getRole
(),
"manager"
);
UserLogThread
userlog
=
new
UserLogThread
(
loginAccount
.
getEmail
(),
loginAccount
.
getName
(),
OperateObjectTypeEnum
.
INNERUSER
.
getKey
(),
user
.
getEmail
(),
"停用系统账号"
,
request
,
loginAccount
.
getRole
(),
"manager"
);
...
@@ -123,6 +130,7 @@ public class UserController {
...
@@ -123,6 +130,7 @@ public class UserController {
@RequestMapping
(
value
=
"/update/name"
,
method
=
RequestMethod
.
PUT
)
@RequestMapping
(
value
=
"/update/name"
,
method
=
RequestMethod
.
PUT
)
@ResponseBody
@ResponseBody
@AuthKey
(
AuthMenuEnmm
.
USERMNG_M
)
public
ResultModel
updateName
(
@CurrentAccount
User
loginAccount
,
@RequestParam
String
name
,
HttpServletRequest
request
)
{
public
ResultModel
updateName
(
@CurrentAccount
User
loginAccount
,
@RequestParam
String
name
,
HttpServletRequest
request
)
{
User
login
=
userRepository
.
login
(
name
);
User
login
=
userRepository
.
login
(
name
);
if
(
null
==
login
){
if
(
null
==
login
){
...
@@ -138,6 +146,7 @@ public class UserController {
...
@@ -138,6 +146,7 @@ public class UserController {
@RequestMapping
(
value
=
"/update/password"
,
method
=
RequestMethod
.
PUT
)
@RequestMapping
(
value
=
"/update/password"
,
method
=
RequestMethod
.
PUT
)
@ResponseBody
@ResponseBody
@AuthKey
(
AuthMenuEnmm
.
USERMNG_M
)
public
ResultModel
updatePwd
(
@CurrentAccount
User
loginAccount
,
@RequestParam
String
pwd
,
@RequestParam
String
oldpwd
,
HttpServletRequest
request
)
{
public
ResultModel
updatePwd
(
@CurrentAccount
User
loginAccount
,
@RequestParam
String
pwd
,
@RequestParam
String
oldpwd
,
HttpServletRequest
request
)
{
User
login
=
userRepository
.
login
(
loginAccount
.
getEmail
(),
CipherUtil
.
generatePassword
(
oldpwd
));
User
login
=
userRepository
.
login
(
loginAccount
.
getEmail
(),
CipherUtil
.
generatePassword
(
oldpwd
));
if
(
null
!=
login
){
if
(
null
!=
login
){
...
@@ -153,6 +162,7 @@ public class UserController {
...
@@ -153,6 +162,7 @@ public class UserController {
//忘记密码时,修改密码
//忘记密码时,修改密码
@RequestMapping
(
value
=
"/update/pwd"
,
method
=
RequestMethod
.
PUT
)
@RequestMapping
(
value
=
"/update/pwd"
,
method
=
RequestMethod
.
PUT
)
@ResponseBody
@ResponseBody
@AuthKey
(
AuthMenuEnmm
.
USERMNG_M
)
public
ResultModel
updatePwd
(
@RequestParam
String
email
,
@RequestParam
String
pwd
,
HttpServletRequest
request
)
{
public
ResultModel
updatePwd
(
@RequestParam
String
email
,
@RequestParam
String
pwd
,
HttpServletRequest
request
)
{
UserLogThread
userlog
=
new
UserLogThread
(
email
,
email
,
OperateObjectTypeEnum
.
INNERUSER
.
getKey
(),
email
,
"修改系统账号密码"
,
request
,
null
,
"manager"
);
UserLogThread
userlog
=
new
UserLogThread
(
email
,
email
,
OperateObjectTypeEnum
.
INNERUSER
.
getKey
(),
email
,
"修改系统账号密码"
,
request
,
null
,
"manager"
);
userlog
.
start
();
userlog
.
start
();
...
...
This diff is collapsed.
Click to expand it.
src/main/java/common/controller/UserLogController.java
View file @
e05d635b
...
@@ -4,9 +4,11 @@ import common.model.User;
...
@@ -4,9 +4,11 @@ import common.model.User;
import
common.model.UserLog
;
import
common.model.UserLog
;
import
common.service.ContractService
;
import
common.service.ContractService
;
import
common.service.UserLogService
;
import
common.service.UserLogService
;
import
dic.AuthMenuEnmm
;
import
org.springframework.beans.factory.annotation.Autowired
;
import
org.springframework.beans.factory.annotation.Autowired
;
import
org.springframework.stereotype.Controller
;
import
org.springframework.stereotype.Controller
;
import
org.springframework.web.bind.annotation.*
;
import
org.springframework.web.bind.annotation.*
;
import
security.annotation.AuthKey
;
import
security.annotation.CurrentAccount
;
import
security.annotation.CurrentAccount
;
import
util.ResultModel
;
import
util.ResultModel
;
...
@@ -36,6 +38,7 @@ public class UserLogController
...
@@ -36,6 +38,7 @@ public class UserLogController
@RequestMapping
(
value
=
"change/del/info"
,
method
=
RequestMethod
.
GET
)
@RequestMapping
(
value
=
"change/del/info"
,
method
=
RequestMethod
.
GET
)
@ResponseBody
@ResponseBody
@AuthKey
(
AuthMenuEnmm
.
USERLOGS_V
)
public
ResultModel
getChangeDelData
(
@CurrentAccount
User
loginAccount
,
public
ResultModel
getChangeDelData
(
@CurrentAccount
User
loginAccount
,
HttpServletRequest
request
,
HttpServletRequest
request
,
String
contranctCode
,
String
startDate
,
String
endDate
)
{
String
contranctCode
,
String
startDate
,
String
endDate
)
{
...
@@ -53,6 +56,7 @@ public class UserLogController
...
@@ -53,6 +56,7 @@ public class UserLogController
@RequestMapping
(
value
=
"change/del/recover"
,
method
=
RequestMethod
.
GET
)
@RequestMapping
(
value
=
"change/del/recover"
,
method
=
RequestMethod
.
GET
)
@ResponseBody
@ResponseBody
@AuthKey
(
AuthMenuEnmm
.
USERLOGS_RE
)
public
ResultModel
changesDelRecover
(
@CurrentAccount
User
loginAccount
,
public
ResultModel
changesDelRecover
(
@CurrentAccount
User
loginAccount
,
HttpServletRequest
request
,
String
id
,
String
type
)
{
HttpServletRequest
request
,
String
id
,
String
type
)
{
...
...
This diff is collapsed.
Click to expand it.
src/main/java/common/model/User.java
View file @
e05d635b
...
@@ -6,6 +6,7 @@ import javax.persistence.Id;
...
@@ -6,6 +6,7 @@ import javax.persistence.Id;
import
javax.persistence.Transient
;
import
javax.persistence.Transient
;
import
java.util.Date
;
import
java.util.Date
;
import
java.util.List
;
import
java.util.List
;
import
java.util.Map
;
@Entity
@Entity
public
class
User
{
public
class
User
{
...
@@ -29,6 +30,8 @@ public class User {
...
@@ -29,6 +30,8 @@ public class User {
private
Date
createTime
;
private
Date
createTime
;
private
Boolean
delFlag
;
private
Boolean
delFlag
;
private
Map
<
String
,
String
>
authdataDic
;
@Id
@Id
@GeneratedValue
@GeneratedValue
...
@@ -171,6 +174,15 @@ public class User {
...
@@ -171,6 +174,15 @@ public class User {
this
.
parent
=
parent
;
this
.
parent
=
parent
;
}
}
@Transient
public
Map
<
String
,
String
>
getAuthdataDic
()
{
return
authdataDic
;
}
public
void
setAuthdataDic
(
Map
<
String
,
String
>
authdataDic
)
{
this
.
authdataDic
=
authdataDic
;
}
@Override
@Override
public
String
toString
()
{
public
String
toString
()
{
return
"User{"
+
return
"User{"
+
...
...
This diff is collapsed.
Click to expand it.
src/main/java/common/service/impl/AuthServiceImpl.java
View file @
e05d635b
...
@@ -29,34 +29,19 @@ public class AuthServiceImpl implements AuthService {
...
@@ -29,34 +29,19 @@ public class AuthServiceImpl implements AuthService {
@Override
@Override
public
Map
<
String
,
Object
>
getAuthExtends
(
User
loginAccount
)
{
public
Map
<
String
,
Object
>
getAuthExtends
(
User
loginAccount
)
{
Auth
auth
=
authRepository
.
findByUser
(
loginAccount
.
getId
());
Auth
auth
=
authRepository
.
findByUser
(
loginAccount
.
getId
());
List
<
String
>
authArrs
=
new
ArrayList
<>();
Map
<
String
,
Object
>
collect
=
new
HashMap
<>();
Map
<
String
,
Object
>
collect
=
new
HashMap
<>();
if
(
RoleEnum
.
FINANCE
.
getKey
().
equals
(
loginAccount
.
getRole
())){
if
(
RoleEnum
.
FINANCE
.
getKey
().
equals
(
loginAccount
.
getRole
())
||
RoleEnum
.
PM
.
getKey
().
equals
(
loginAccount
.
getRole
())
){
//财务 按签约主体查看
//财务 按签约主体查看
List
<
String
>
authArrs
=
JSONArray
.
fromObject
(
auth
.
getAuthExtend
());
List
<
Integer
>
authInt
=
JSONArray
.
fromObject
(
auth
.
getAuthExtend
());
collect
=
authArrs
.
stream
().
collect
(
Collectors
.
toMap
(
t
->
t
,
t
->
t
));
collect
=
authInt
.
stream
().
collect
(
Collectors
.
toMap
(
t
->
t
.
toString
(),
t
->
t
));
}
else
if
(
RoleEnum
.
SALSEMAN
.
getKey
().
equals
(
loginAccount
.
getRole
())){
}
else
if
(
RoleEnum
.
SALSEMAN
.
getKey
().
equals
(
loginAccount
.
getRole
())){
//销售 按签约合同人查看
//销售 按签约合同人查看
List
<
Integer
>
authArrs
=
JSONArray
.
fromObject
(
auth
.
getAuthExtend
());
authArrs
=
JSONArray
.
fromObject
(
auth
.
getAuthExtend
());
collect
=
authArrs
.
stream
().
collect
(
Collectors
.
toMap
(
t
->
t
.
toString
(),
t
->
t
));
collect
=
authArrs
.
stream
().
collect
(
Collectors
.
toMap
(
t
->
t
,
t
->
t
));
}
else
if
(
RoleEnum
.
PM
.
getKey
().
equals
(
loginAccount
.
getRole
())){
// 项目经理
authArrs
=
JSONArray
.
fromObject
(
auth
.
getAuthExtend
());
collect
=
authArrs
.
stream
().
collect
(
Collectors
.
toMap
(
t
->
t
,
t
->
t
));
}
}
if
(
collect
.
size
()>
0
){
if
(
collect
.
size
()>
0
){
...
...
This diff is collapsed.
Click to expand it.
src/main/java/common/service/impl/ContractServiceImpl.java
View file @
e05d635b
This diff is collapsed.
Click to expand it.
src/main/java/dic/AuthMenuEnmm.java
0 → 100644
View file @
e05d635b
package
dic
;
public
enum
AuthMenuEnmm
{
FINANCE
(
"finance"
,
"0"
,
"财务营收"
),
CONTRACTMNG
(
"21"
,
"finance"
,
"合同管理"
),
CONTRACTMNG_V
(
"21"
,
"21"
,
"查看"
),
//合同管理-查看
CONTRACTMNG_EX
(
"212"
,
"21"
,
"导出"
),
CONTRACTMNG_M
(
"213"
,
"21"
,
"编辑"
),
CONTRACTMNG_A
(
"214"
,
"21"
,
"新增"
),
CONTRACTMNG_D
(
"215"
,
"21"
,
"删除"
),
COLLECTBILLLIST
(
"22"
,
"finance"
,
"收款/开票列表"
),
COLLECTBILLLIST_V
(
"22"
,
"22"
,
"查看"
),
//收款/开票列表-查看
COLLECTBILLLIST_EX
(
"222"
,
"22"
,
"导出"
),
COLLECTBILLLIST_M
(
"223"
,
"22"
,
"编辑"
),
CONTRACTDETAIL
(
"20"
,
"finance"
,
"合同详情页"
),
CONTRACTDETAIL_V
(
"201"
,
"22"
,
"查看"
),
//合同详情页-查看
CONTRACTDETAIL_M
(
"202"
,
"22"
,
"编辑"
),
ACCOUNTDETAIL
(
"20"
,
"finance"
,
"账号详情页"
),
ACCOUNTDETAIL_V
(
"203"
,
"22"
,
"查看"
),
//
ACCOUNTDETAIL_M
(
"204"
,
"22"
,
"编辑"
),
SYSTEM
(
"system"
,
"0"
,
"系统管理"
),
USERMNG
(
"31"
,
"system"
,
"账号管理(重要)"
),
USERMNG_V
(
"31"
,
"31"
,
"查看"
),
//合同管理-查看
USERMNG_A
(
"312"
,
"31"
,
"新建"
),
USERMNG_M
(
"313"
,
"31"
,
"编辑"
),
USERMNG_D
(
"314"
,
"31"
,
"删除"
),
USERMNG_STOP
(
"315"
,
"31"
,
"停用"
),
USERLOGS
(
"32"
,
"system"
,
"操作日志"
),
USERLOGS_V
(
"32"
,
"system"
,
"查看"
),
USERLOGS_RE
(
"32"
,
"system"
,
"恢复"
),
OTHER
(
"0"
,
"0"
,
"0"
);
private
String
idKey
;
private
String
parentKey
;
private
String
name
;
AuthMenuEnmm
(
String
idKey
,
String
parentKey
,
String
name
)
{
this
.
idKey
=
idKey
;
this
.
parentKey
=
parentKey
;
this
.
name
=
name
;
}
public
String
getIdKey
()
{
return
idKey
;
}
public
void
setIdKey
(
String
idKey
)
{
this
.
idKey
=
idKey
;
}
public
String
getParentKey
()
{
return
parentKey
;
}
public
void
setParentKey
(
String
parentKey
)
{
this
.
parentKey
=
parentKey
;
}
public
String
getName
()
{
return
name
;
}
public
void
setName
(
String
name
)
{
this
.
name
=
name
;
}
}
This diff is collapsed.
Click to expand it.
src/main/java/security/annotation/AuthKey.java
0 → 100644
View file @
e05d635b
package
security
.
annotation
;
import
dic.AuthMenuEnmm
;
import
java.lang.annotation.ElementType
;
import
java.lang.annotation.Retention
;
import
java.lang.annotation.RetentionPolicy
;
import
java.lang.annotation.Target
;
@Target
({
ElementType
.
TYPE
,
ElementType
.
METHOD
})
@Retention
(
RetentionPolicy
.
RUNTIME
)
public
@interface
AuthKey
{
AuthMenuEnmm
value
();
}
This diff is collapsed.
Click to expand it.
src/main/java/security/interceptor/AuthorizationInterceptor.java
View file @
e05d635b
package
security
.
interceptor
;
package
security
.
interceptor
;
import
com.fasterxml.jackson.databind.ObjectMapper
;
import
com.fasterxml.jackson.databind.ObjectMapper
;
import
common.model.Auth
;
import
common.model.User
;
import
common.model.User
;
import
common.repository.AuthRepository
;
import
common.repository.UserRepository
;
import
common.repository.UserRepository
;
import
dic.RoleEnum
;
import
net.sf.json.JSONArray
;
import
org.slf4j.Logger
;
import
org.slf4j.Logger
;
import
org.slf4j.LoggerFactory
;
import
org.slf4j.LoggerFactory
;
import
org.springframework.beans.factory.annotation.Autowired
;
import
org.springframework.beans.factory.annotation.Autowired
;
import
org.springframework.http.HttpStatus
;
import
org.springframework.http.HttpStatus
;
import
org.springframework.http.MediaType
;
import
org.springframework.http.MediaType
;
import
org.springframework.util.StringUtils
;
import
org.springframework.web.servlet.handler.HandlerInterceptorAdapter
;
import
org.springframework.web.servlet.handler.HandlerInterceptorAdapter
;
import
security.RedisLoginStatusManager
;
import
security.RedisLoginStatusManager
;
import
security.TokenManager
;
import
security.TokenManager
;
import
security.annotation.AuthKey
;
import
util.Constant
;
import
util.Constant
;
import
util.ResultModel
;
import
util.ResultModel
;
import
util.ResultStatus
;
import
util.ResultStatus
;
...
@@ -22,6 +28,8 @@ import javax.servlet.http.HttpServletResponse;
...
@@ -22,6 +28,8 @@ import javax.servlet.http.HttpServletResponse;
import
java.io.BufferedWriter
;
import
java.io.BufferedWriter
;
import
java.io.OutputStreamWriter
;
import
java.io.OutputStreamWriter
;
import
java.util.Enumeration
;
import
java.util.Enumeration
;
import
java.util.Map
;
import
java.util.stream.Collectors
;
public
class
AuthorizationInterceptor
extends
HandlerInterceptorAdapter
{
public
class
AuthorizationInterceptor
extends
HandlerInterceptorAdapter
{
private
static
final
Logger
logger
=
LoggerFactory
.
getLogger
(
AuthorizationInterceptor
.
class
);
private
static
final
Logger
logger
=
LoggerFactory
.
getLogger
(
AuthorizationInterceptor
.
class
);
...
@@ -31,6 +39,9 @@ public class AuthorizationInterceptor extends HandlerInterceptorAdapter {
...
@@ -31,6 +39,9 @@ public class AuthorizationInterceptor extends HandlerInterceptorAdapter {
private
UserRepository
userRepository
;
private
UserRepository
userRepository
;
@Autowired
@Autowired
private
AuthRepository
authRepository
;
@Autowired
private
TokenManager
manager
;
private
TokenManager
manager
;
@Autowired
@Autowired
private
RedisLoginStatusManager
redisLoginStatusManager
;
private
RedisLoginStatusManager
redisLoginStatusManager
;
...
@@ -82,26 +93,58 @@ public class AuthorizationInterceptor extends HandlerInterceptorAdapter {
...
@@ -82,26 +93,58 @@ public class AuthorizationInterceptor extends HandlerInterceptorAdapter {
// 可这里查出权限
// 可这里查出权限
if
(
sessionAct
==
null
)
{
if
(
sessionAct
==
null
)
{
User
one
=
userRepository
.
findOne
(
Long
.
parseLong
(
key
));
User
one
=
userRepository
.
findOne
(
Long
.
parseLong
(
key
));
if
(!
one
.
getRole
().
equals
(
RoleEnum
.
MANAGER
.
getKey
()))
{
Auth
auth
=
authRepository
.
findByUser
(
one
.
getId
());
Map
<
String
,
String
>
authdata
=
(
Map
<
String
,
String
>)
JSONArray
.
fromObject
(
auth
.
getAuth
())
.
stream
().
collect
(
Collectors
.
toMap
(
p
->
((
Map
)
p
).
get
(
"id"
).
toString
(),
p
->
"0"
));
one
.
setAuthdataDic
(
authdata
);
}
request
.
getSession
().
setAttribute
(
Constant
.
CURRENT_ACCOUNT
,
one
);
request
.
getSession
().
setAttribute
(
Constant
.
CURRENT_ACCOUNT
,
one
);
sessionAct
=
one
;
}
}
if
(!
sessionAct
.
getRole
().
equals
(
RoleEnum
.
MANAGER
.
getKey
())){
//权限控制
AuthKey
authKey
=
handler
.
getClass
().
getAnnotation
(
AuthKey
.
class
);
if
(
authKey
!=
null
&&
sessionAct
.
getAuthdataDic
().
get
(
authKey
.
value
().
getIdKey
())==
null
){
printJsonResponse
(
response
,
"权限不足!"
);
return
false
;
}
return
true
;
}
return
true
;
return
true
;
}
}
}
}
printJsonResponse
(
response
,
null
);
return
false
;
}
private
void
printJsonResponse
(
HttpServletResponse
response
,
String
message
){
try
{
try
{
//如果验证token失败,并且方法注明了Authorization,返回401错误
//如果验证token失败,并且方法注明了Authorization,返回401错误
response
.
setStatus
(
HttpStatus
.
UNAUTHORIZED
.
value
());
response
.
setStatus
(
HttpStatus
.
UNAUTHORIZED
.
value
());
BufferedWriter
writer
=
new
BufferedWriter
(
new
OutputStreamWriter
(
response
.
getOutputStream
()));
BufferedWriter
writer
=
new
BufferedWriter
(
new
OutputStreamWriter
(
response
.
getOutputStream
()));
response
.
setContentType
(
MediaType
.
APPLICATION_JSON_VALUE
);
response
.
setContentType
(
MediaType
.
APPLICATION_JSON_VALUE
);
String
json
=
new
ObjectMapper
().
writeValueAsString
(
ResultModel
.
ERROR
(
ResultStatus
.
USERNAME_LOGIN_EXPIRE
));
writer
.
write
(
json
);
if
(
StringUtils
.
isEmpty
(
message
)){
message
=
new
ObjectMapper
().
writeValueAsString
(
ResultModel
.
ERROR
(
ResultStatus
.
USERNAME_LOGIN_EXPIRE
));
}
writer
.
write
(
message
);
writer
.
close
();
writer
.
close
();
}
catch
(
Exception
e
){
}
catch
(
Exception
e
){
e
.
printStackTrace
();
e
.
printStackTrace
();
}
}
return
false
;
}
}
private
String
getCookieToken
(
Cookie
[]
cookies
,
String
name
){
private
String
getCookieToken
(
Cookie
[]
cookies
,
String
name
){
String
token
=
null
;
String
token
=
null
;
...
...
This diff is collapsed.
Click to expand it.
src/main/java/tkio/service/impl/AccountServiceImpl.java
View file @
e05d635b
...
@@ -3,7 +3,6 @@ package tkio.service.impl;
...
@@ -3,7 +3,6 @@ package tkio.service.impl;
import
common.model.Contract
;
import
common.model.Contract
;
import
org.springframework.beans.factory.annotation.Autowired
;
import
org.springframework.beans.factory.annotation.Autowired
;
import
org.springframework.stereotype.Service
;
import
org.springframework.stereotype.Service
;
import
security.annotation.Authorization
;
import
tkio.model.Account
;
import
tkio.model.Account
;
import
tkio.repository.AccountRepository
;
import
tkio.repository.AccountRepository
;
import
tkio.service.AccountService
;
import
tkio.service.AccountService
;
...
...
This diff is collapsed.
Click to expand it.
Write
Preview
Markdown
is supported
0%
Try again
or
attach a new file
Attach a file
Cancel
You are about to add
0
people
to the discussion. Proceed with caution.
Finish editing this message first!
Cancel
Please
register
or
sign in
to comment