Commit e05d635b by kangxiaoshan

权限管理

parent a3347f45
...@@ -2,6 +2,7 @@ package common.controller; ...@@ -2,6 +2,7 @@ package common.controller;
import common.model.*; import common.model.*;
import common.service.ContractService; import common.service.ContractService;
import dic.AuthMenuEnmm;
import dic.ContractStatusEnum; import dic.ContractStatusEnum;
import dic.OperateObjectTypeEnum; import dic.OperateObjectTypeEnum;
import org.apache.commons.io.IOUtils; import org.apache.commons.io.IOUtils;
...@@ -14,6 +15,7 @@ import org.springframework.http.MediaType; ...@@ -14,6 +15,7 @@ import org.springframework.http.MediaType;
import org.springframework.http.ResponseEntity; import org.springframework.http.ResponseEntity;
import org.springframework.stereotype.Controller; import org.springframework.stereotype.Controller;
import org.springframework.web.bind.annotation.*; import org.springframework.web.bind.annotation.*;
import security.annotation.AuthKey;
import security.annotation.CurrentAccount; import security.annotation.CurrentAccount;
import util.IPAddrUtil; import util.IPAddrUtil;
import util.NewUserLogThread; import util.NewUserLogThread;
...@@ -71,6 +73,7 @@ public class ContractController { ...@@ -71,6 +73,7 @@ public class ContractController {
@RequestMapping(value = "find", method = RequestMethod.GET) @RequestMapping(value = "find", method = RequestMethod.GET)
@ResponseBody @ResponseBody
@AuthKey(AuthMenuEnmm.CONTRACTMNG_V)
public ResultModel findAll(@CurrentAccount User loginAccount, @PathVariable String platform, public ResultModel findAll(@CurrentAccount User loginAccount, @PathVariable String platform,
@RequestParam String startDate, @RequestParam String endDate,String contractId) { @RequestParam String startDate, @RequestParam String endDate,String contractId) {
...@@ -88,6 +91,7 @@ public class ContractController { ...@@ -88,6 +91,7 @@ public class ContractController {
@RequestMapping(value = "export", method = RequestMethod.GET,produces = MediaType.APPLICATION_OCTET_STREAM_VALUE) @RequestMapping(value = "export", method = RequestMethod.GET,produces = MediaType.APPLICATION_OCTET_STREAM_VALUE)
@ResponseBody @ResponseBody
@AuthKey(AuthMenuEnmm.CONTRACTMNG_EX)
public ResponseEntity<byte[]> export(@CurrentAccount User loginAccount, @PathVariable String platform, @RequestParam String startDate public ResponseEntity<byte[]> export(@CurrentAccount User loginAccount, @PathVariable String platform, @RequestParam String startDate
, @RequestParam String endDate, HttpServletRequest request, HttpServletResponse response) { , @RequestParam String endDate, HttpServletRequest request, HttpServletResponse response) {
List<Contract> contractList = service.findAll(loginAccount, startDate, endDate, platform,null); List<Contract> contractList = service.findAll(loginAccount, startDate, endDate, platform,null);
...@@ -123,6 +127,7 @@ public class ContractController { ...@@ -123,6 +127,7 @@ public class ContractController {
@RequestMapping(value = "pay/export", method = RequestMethod.GET,produces = MediaType.APPLICATION_OCTET_STREAM_VALUE) @RequestMapping(value = "pay/export", method = RequestMethod.GET,produces = MediaType.APPLICATION_OCTET_STREAM_VALUE)
@ResponseBody @ResponseBody
@AuthKey(AuthMenuEnmm.COLLECTBILLLIST_EX)
public ResponseEntity<byte[]> exportPay(@CurrentAccount User loginAccount, @RequestParam String startDate, @RequestParam String endDate, public ResponseEntity<byte[]> exportPay(@CurrentAccount User loginAccount, @RequestParam String startDate, @RequestParam String endDate,
HttpServletRequest request, HttpServletResponse response, @PathVariable String platform , HttpServletRequest request, HttpServletResponse response, @PathVariable String platform ,
String moneyType,String packageTypeSearch,String money_ids) { String moneyType,String packageTypeSearch,String money_ids) {
...@@ -259,6 +264,7 @@ public class ContractController { ...@@ -259,6 +264,7 @@ public class ContractController {
@RequestMapping(value = "update", method = RequestMethod.PUT) @RequestMapping(value = "update", method = RequestMethod.PUT)
@ResponseBody @ResponseBody
@AuthKey(AuthMenuEnmm.CONTRACTMNG_M)
public ResultModel update(@CurrentAccount User loginAccount, @RequestBody Contract contract, HttpServletRequest request, @PathVariable String platform) { public ResultModel update(@CurrentAccount User loginAccount, @RequestBody Contract contract, HttpServletRequest request, @PathVariable String platform) {
String ip = IPAddrUtil.getIpAddrNew(request); String ip = IPAddrUtil.getIpAddrNew(request);
...@@ -332,6 +338,7 @@ public class ContractController { ...@@ -332,6 +338,7 @@ public class ContractController {
@RequestMapping(value = "find/payall", method = RequestMethod.GET) @RequestMapping(value = "find/payall", method = RequestMethod.GET)
@ResponseBody @ResponseBody
@AuthKey(AuthMenuEnmm.COLLECTBILLLIST_V)
public ResultModel findPayAll(@CurrentAccount User loginAccount, @RequestParam String startDate, public ResultModel findPayAll(@CurrentAccount User loginAccount, @RequestParam String startDate,
@RequestParam String endDate, @PathVariable String platform, @RequestParam String endDate, @PathVariable String platform,
String moneyType,String packageTypeSearch,String money_ids) { String moneyType,String packageTypeSearch,String money_ids) {
...@@ -364,6 +371,7 @@ public class ContractController { ...@@ -364,6 +371,7 @@ public class ContractController {
@RequestMapping(value = "setstaus", method = RequestMethod.GET) @RequestMapping(value = "setstaus", method = RequestMethod.GET)
@ResponseBody @ResponseBody
@AuthKey(AuthMenuEnmm.CONTRACTMNG_D)
public ResultModel contractStatusUpdate( @PathVariable String platform,@CurrentAccount User loginUser, public ResultModel contractStatusUpdate( @PathVariable String platform,@CurrentAccount User loginUser,
String contractId,String status,HttpServletRequest request) { String contractId,String status,HttpServletRequest request) {
......
...@@ -8,10 +8,12 @@ import common.repository.RoleTypeRepository; ...@@ -8,10 +8,12 @@ import common.repository.RoleTypeRepository;
import common.repository.UserRepository; import common.repository.UserRepository;
import common.service.MenuService; import common.service.MenuService;
import common.service.UserService; import common.service.UserService;
import dic.AuthMenuEnmm;
import dic.OperateObjectTypeEnum; import dic.OperateObjectTypeEnum;
import org.springframework.beans.factory.annotation.Autowired; import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.stereotype.Controller; import org.springframework.stereotype.Controller;
import org.springframework.web.bind.annotation.*; import org.springframework.web.bind.annotation.*;
import security.annotation.AuthKey;
import security.annotation.CurrentAccount; import security.annotation.CurrentAccount;
import util.CipherUtil; import util.CipherUtil;
import util.ResultModel; import util.ResultModel;
...@@ -50,6 +52,7 @@ public class UserController { ...@@ -50,6 +52,7 @@ public class UserController {
@RequestMapping(value = "/create", method = RequestMethod.POST) @RequestMapping(value = "/create", method = RequestMethod.POST)
@ResponseBody @ResponseBody
@AuthKey(AuthMenuEnmm.USERMNG_A)
public ResultModel create(@CurrentAccount User loginAccount, @RequestBody User resource, HttpServletRequest request) { public ResultModel create(@CurrentAccount User loginAccount, @RequestBody User resource, HttpServletRequest request) {
if(userService.validEmail(resource.getEmail())){ if(userService.validEmail(resource.getEmail())){
userService.create(loginAccount, resource); userService.create(loginAccount, resource);
...@@ -63,6 +66,7 @@ public class UserController { ...@@ -63,6 +66,7 @@ public class UserController {
@RequestMapping(value = "/update", method = RequestMethod.PUT) @RequestMapping(value = "/update", method = RequestMethod.PUT)
@ResponseBody @ResponseBody
@AuthKey(AuthMenuEnmm.USERMNG_M)
public ResultModel update(@CurrentAccount User loginAccount, @RequestBody User resource, HttpServletRequest request) { public ResultModel update(@CurrentAccount User loginAccount, @RequestBody User resource, HttpServletRequest request) {
UserLogThread userlog = new UserLogThread(loginAccount.getEmail(), loginAccount.getName(), OperateObjectTypeEnum.INNERUSER.getKey(), resource.getEmail(), "修改系统账号", request,loginAccount.getRole(),"manager"); UserLogThread userlog = new UserLogThread(loginAccount.getEmail(), loginAccount.getName(), OperateObjectTypeEnum.INNERUSER.getKey(), resource.getEmail(), "修改系统账号", request,loginAccount.getRole(),"manager");
userlog.start(); userlog.start();
...@@ -71,6 +75,7 @@ public class UserController { ...@@ -71,6 +75,7 @@ public class UserController {
@RequestMapping(value = "/find", method = RequestMethod.GET) @RequestMapping(value = "/find", method = RequestMethod.GET)
@ResponseBody @ResponseBody
@AuthKey(AuthMenuEnmm.USERMNG_V)
public ResultModel find(@CurrentAccount User loginAccount) { public ResultModel find(@CurrentAccount User loginAccount) {
return ResultModel.OK(userService.find(loginAccount)); return ResultModel.OK(userService.find(loginAccount));
} }
...@@ -96,6 +101,7 @@ public class UserController { ...@@ -96,6 +101,7 @@ public class UserController {
@RequestMapping(value = "/delete/{id}", method = RequestMethod.DELETE) @RequestMapping(value = "/delete/{id}", method = RequestMethod.DELETE)
@ResponseBody @ResponseBody
@AuthKey(AuthMenuEnmm.USERMNG_D)
public ResultModel delete(@CurrentAccount User loginAccount, @PathVariable Long id, HttpServletRequest request) { public ResultModel delete(@CurrentAccount User loginAccount, @PathVariable Long id, HttpServletRequest request) {
User user = userService.delete(loginAccount, id); User user = userService.delete(loginAccount, id);
UserLogThread userlog = new UserLogThread(loginAccount.getEmail(), loginAccount.getName(), OperateObjectTypeEnum.INNERUSER.getKey(), user.getEmail(), "删除系统账号", request,loginAccount.getRole(),"manager"); UserLogThread userlog = new UserLogThread(loginAccount.getEmail(), loginAccount.getName(), OperateObjectTypeEnum.INNERUSER.getKey(), user.getEmail(), "删除系统账号", request,loginAccount.getRole(),"manager");
...@@ -114,6 +120,7 @@ public class UserController { ...@@ -114,6 +120,7 @@ public class UserController {
@RequestMapping(value = "/forbiden/{id}", method = RequestMethod.PUT) @RequestMapping(value = "/forbiden/{id}", method = RequestMethod.PUT)
@ResponseBody @ResponseBody
@AuthKey(AuthMenuEnmm.USERMNG_STOP)
public ResultModel forbiden(@CurrentAccount User loginAccount, @PathVariable Long id, HttpServletRequest request) { public ResultModel forbiden(@CurrentAccount User loginAccount, @PathVariable Long id, HttpServletRequest request) {
User user = userService.forbiden(loginAccount, id); User user = userService.forbiden(loginAccount, id);
UserLogThread userlog = new UserLogThread(loginAccount.getEmail(), loginAccount.getName(), OperateObjectTypeEnum.INNERUSER.getKey(), user.getEmail(), "停用系统账号", request,loginAccount.getRole(),"manager"); UserLogThread userlog = new UserLogThread(loginAccount.getEmail(), loginAccount.getName(), OperateObjectTypeEnum.INNERUSER.getKey(), user.getEmail(), "停用系统账号", request,loginAccount.getRole(),"manager");
...@@ -123,6 +130,7 @@ public class UserController { ...@@ -123,6 +130,7 @@ public class UserController {
@RequestMapping(value = "/update/name", method = RequestMethod.PUT) @RequestMapping(value = "/update/name", method = RequestMethod.PUT)
@ResponseBody @ResponseBody
@AuthKey(AuthMenuEnmm.USERMNG_M)
public ResultModel updateName(@CurrentAccount User loginAccount, @RequestParam String name, HttpServletRequest request) { public ResultModel updateName(@CurrentAccount User loginAccount, @RequestParam String name, HttpServletRequest request) {
User login = userRepository.login(name); User login = userRepository.login(name);
if(null == login){ if(null == login){
...@@ -138,6 +146,7 @@ public class UserController { ...@@ -138,6 +146,7 @@ public class UserController {
@RequestMapping(value = "/update/password", method = RequestMethod.PUT) @RequestMapping(value = "/update/password", method = RequestMethod.PUT)
@ResponseBody @ResponseBody
@AuthKey(AuthMenuEnmm.USERMNG_M)
public ResultModel updatePwd(@CurrentAccount User loginAccount, @RequestParam String pwd, @RequestParam String oldpwd, HttpServletRequest request) { public ResultModel updatePwd(@CurrentAccount User loginAccount, @RequestParam String pwd, @RequestParam String oldpwd, HttpServletRequest request) {
User login = userRepository.login(loginAccount.getEmail(), CipherUtil.generatePassword(oldpwd)); User login = userRepository.login(loginAccount.getEmail(), CipherUtil.generatePassword(oldpwd));
if(null != login){ if(null != login){
...@@ -153,6 +162,7 @@ public class UserController { ...@@ -153,6 +162,7 @@ public class UserController {
//忘记密码时,修改密码 //忘记密码时,修改密码
@RequestMapping(value = "/update/pwd", method = RequestMethod.PUT) @RequestMapping(value = "/update/pwd", method = RequestMethod.PUT)
@ResponseBody @ResponseBody
@AuthKey(AuthMenuEnmm.USERMNG_M)
public ResultModel updatePwd(@RequestParam String email, @RequestParam String pwd, HttpServletRequest request) { public ResultModel updatePwd(@RequestParam String email, @RequestParam String pwd, HttpServletRequest request) {
UserLogThread userlog = new UserLogThread(email, email, OperateObjectTypeEnum.INNERUSER.getKey(), email, "修改系统账号密码", request,null,"manager"); UserLogThread userlog = new UserLogThread(email, email, OperateObjectTypeEnum.INNERUSER.getKey(), email, "修改系统账号密码", request,null,"manager");
userlog.start(); userlog.start();
......
...@@ -4,9 +4,11 @@ import common.model.User; ...@@ -4,9 +4,11 @@ import common.model.User;
import common.model.UserLog; import common.model.UserLog;
import common.service.ContractService; import common.service.ContractService;
import common.service.UserLogService; import common.service.UserLogService;
import dic.AuthMenuEnmm;
import org.springframework.beans.factory.annotation.Autowired; import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.stereotype.Controller; import org.springframework.stereotype.Controller;
import org.springframework.web.bind.annotation.*; import org.springframework.web.bind.annotation.*;
import security.annotation.AuthKey;
import security.annotation.CurrentAccount; import security.annotation.CurrentAccount;
import util.ResultModel; import util.ResultModel;
...@@ -36,6 +38,7 @@ public class UserLogController ...@@ -36,6 +38,7 @@ public class UserLogController
@RequestMapping(value = "change/del/info", method = RequestMethod.GET) @RequestMapping(value = "change/del/info", method = RequestMethod.GET)
@ResponseBody @ResponseBody
@AuthKey(AuthMenuEnmm.USERLOGS_V)
public ResultModel getChangeDelData( @CurrentAccount User loginAccount, public ResultModel getChangeDelData( @CurrentAccount User loginAccount,
HttpServletRequest request, HttpServletRequest request,
String contranctCode,String startDate,String endDate) { String contranctCode,String startDate,String endDate) {
...@@ -53,6 +56,7 @@ public class UserLogController ...@@ -53,6 +56,7 @@ public class UserLogController
@RequestMapping(value = "change/del/recover", method = RequestMethod.GET) @RequestMapping(value = "change/del/recover", method = RequestMethod.GET)
@ResponseBody @ResponseBody
@AuthKey(AuthMenuEnmm.USERLOGS_RE)
public ResultModel changesDelRecover( @CurrentAccount User loginAccount, public ResultModel changesDelRecover( @CurrentAccount User loginAccount,
HttpServletRequest request,String id,String type) { HttpServletRequest request,String id,String type) {
......
...@@ -6,6 +6,7 @@ import javax.persistence.Id; ...@@ -6,6 +6,7 @@ import javax.persistence.Id;
import javax.persistence.Transient; import javax.persistence.Transient;
import java.util.Date; import java.util.Date;
import java.util.List; import java.util.List;
import java.util.Map;
@Entity @Entity
public class User { public class User {
...@@ -29,6 +30,8 @@ public class User { ...@@ -29,6 +30,8 @@ public class User {
private Date createTime; private Date createTime;
private Boolean delFlag; private Boolean delFlag;
private Map<String,String> authdataDic;
@Id @Id
@GeneratedValue @GeneratedValue
...@@ -171,6 +174,15 @@ public class User { ...@@ -171,6 +174,15 @@ public class User {
this.parent = parent; this.parent = parent;
} }
@Transient
public Map<String, String> getAuthdataDic() {
return authdataDic;
}
public void setAuthdataDic(Map<String, String> authdataDic) {
this.authdataDic = authdataDic;
}
@Override @Override
public String toString() { public String toString() {
return "User{" + return "User{" +
......
...@@ -29,34 +29,19 @@ public class AuthServiceImpl implements AuthService { ...@@ -29,34 +29,19 @@ public class AuthServiceImpl implements AuthService {
@Override @Override
public Map<String, Object> getAuthExtends(User loginAccount) { public Map<String, Object> getAuthExtends(User loginAccount) {
Auth auth = authRepository.findByUser(loginAccount.getId()); Auth auth = authRepository.findByUser(loginAccount.getId());
List<String> authArrs = new ArrayList<>();
Map<String, Object> collect = new HashMap<>(); Map<String, Object> collect = new HashMap<>();
if(RoleEnum.FINANCE.getKey().equals(loginAccount.getRole())){ if(RoleEnum.FINANCE.getKey().equals(loginAccount.getRole()) || RoleEnum.PM.getKey().equals(loginAccount.getRole())){
//财务 按签约主体查看 //财务 按签约主体查看
List<String> authArrs = JSONArray.fromObject(auth.getAuthExtend());
List<Integer> authInt = JSONArray.fromObject(auth.getAuthExtend()); collect = authArrs.stream().collect(Collectors.toMap(t -> t, t -> t));
collect = authInt.stream().collect(Collectors.toMap(t -> t.toString(), t -> t));
}else if(RoleEnum.SALSEMAN.getKey().equals(loginAccount.getRole())){ }else if(RoleEnum.SALSEMAN.getKey().equals(loginAccount.getRole())){
//销售 按签约合同人查看 //销售 按签约合同人查看
List<Integer> authArrs = JSONArray.fromObject(auth.getAuthExtend());
authArrs = JSONArray.fromObject(auth.getAuthExtend()); collect = authArrs.stream().collect(Collectors.toMap(t -> t.toString(), t -> t));
collect = authArrs.stream().collect(Collectors.toMap(t -> t, t -> t));
}else if(RoleEnum.PM.getKey().equals(loginAccount.getRole())){
// 项目经理
authArrs = JSONArray.fromObject(auth.getAuthExtend());
collect = authArrs.stream().collect(Collectors.toMap(t -> t, t -> t));
} }
if(collect.size()>0){ if(collect.size()>0){
......
package dic;
public enum AuthMenuEnmm {
FINANCE("finance","0","财务营收"),
CONTRACTMNG("21","finance","合同管理"),
CONTRACTMNG_V("21","21","查看"),//合同管理-查看
CONTRACTMNG_EX("212","21","导出"),
CONTRACTMNG_M("213","21","编辑"),
CONTRACTMNG_A("214","21","新增"),
CONTRACTMNG_D("215","21","删除"),
COLLECTBILLLIST("22","finance","收款/开票列表"),
COLLECTBILLLIST_V("22","22","查看"),//收款/开票列表-查看
COLLECTBILLLIST_EX("222","22","导出"),
COLLECTBILLLIST_M("223","22","编辑"),
CONTRACTDETAIL("20","finance","合同详情页"),
CONTRACTDETAIL_V("201","22","查看"),//合同详情页-查看
CONTRACTDETAIL_M("202","22","编辑"),
ACCOUNTDETAIL("20","finance","账号详情页"),
ACCOUNTDETAIL_V("203","22","查看"),//
ACCOUNTDETAIL_M("204","22","编辑"),
SYSTEM("system","0","系统管理"),
USERMNG("31","system","账号管理(重要)"),
USERMNG_V("31","31","查看"),//合同管理-查看
USERMNG_A("312","31","新建"),
USERMNG_M("313","31","编辑"),
USERMNG_D("314","31","删除"),
USERMNG_STOP("315","31","停用"),
USERLOGS("32","system","操作日志"),
USERLOGS_V("32","system","查看"),
USERLOGS_RE("32","system","恢复"),
OTHER("0","0","0");
private String idKey;
private String parentKey;
private String name;
AuthMenuEnmm(String idKey, String parentKey, String name) {
this.idKey = idKey;
this.parentKey = parentKey;
this.name = name;
}
public String getIdKey() {
return idKey;
}
public void setIdKey(String idKey) {
this.idKey = idKey;
}
public String getParentKey() {
return parentKey;
}
public void setParentKey(String parentKey) {
this.parentKey = parentKey;
}
public String getName() {
return name;
}
public void setName(String name) {
this.name = name;
}
}
package security.annotation;
import dic.AuthMenuEnmm;
import java.lang.annotation.ElementType;
import java.lang.annotation.Retention;
import java.lang.annotation.RetentionPolicy;
import java.lang.annotation.Target;
@Target({ElementType.TYPE, ElementType.METHOD})
@Retention(RetentionPolicy.RUNTIME)
public @interface AuthKey {
AuthMenuEnmm value();
}
package security.interceptor; package security.interceptor;
import com.fasterxml.jackson.databind.ObjectMapper; import com.fasterxml.jackson.databind.ObjectMapper;
import common.model.Auth;
import common.model.User; import common.model.User;
import common.repository.AuthRepository;
import common.repository.UserRepository; import common.repository.UserRepository;
import dic.RoleEnum;
import net.sf.json.JSONArray;
import org.slf4j.Logger; import org.slf4j.Logger;
import org.slf4j.LoggerFactory; import org.slf4j.LoggerFactory;
import org.springframework.beans.factory.annotation.Autowired; import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.http.HttpStatus; import org.springframework.http.HttpStatus;
import org.springframework.http.MediaType; import org.springframework.http.MediaType;
import org.springframework.util.StringUtils;
import org.springframework.web.servlet.handler.HandlerInterceptorAdapter; import org.springframework.web.servlet.handler.HandlerInterceptorAdapter;
import security.RedisLoginStatusManager; import security.RedisLoginStatusManager;
import security.TokenManager; import security.TokenManager;
import security.annotation.AuthKey;
import util.Constant; import util.Constant;
import util.ResultModel; import util.ResultModel;
import util.ResultStatus; import util.ResultStatus;
...@@ -22,6 +28,8 @@ import javax.servlet.http.HttpServletResponse; ...@@ -22,6 +28,8 @@ import javax.servlet.http.HttpServletResponse;
import java.io.BufferedWriter; import java.io.BufferedWriter;
import java.io.OutputStreamWriter; import java.io.OutputStreamWriter;
import java.util.Enumeration; import java.util.Enumeration;
import java.util.Map;
import java.util.stream.Collectors;
public class AuthorizationInterceptor extends HandlerInterceptorAdapter { public class AuthorizationInterceptor extends HandlerInterceptorAdapter {
private static final Logger logger = LoggerFactory.getLogger(AuthorizationInterceptor.class); private static final Logger logger = LoggerFactory.getLogger(AuthorizationInterceptor.class);
...@@ -31,6 +39,9 @@ public class AuthorizationInterceptor extends HandlerInterceptorAdapter { ...@@ -31,6 +39,9 @@ public class AuthorizationInterceptor extends HandlerInterceptorAdapter {
private UserRepository userRepository; private UserRepository userRepository;
@Autowired @Autowired
private AuthRepository authRepository;
@Autowired
private TokenManager manager; private TokenManager manager;
@Autowired @Autowired
private RedisLoginStatusManager redisLoginStatusManager; private RedisLoginStatusManager redisLoginStatusManager;
...@@ -82,26 +93,58 @@ public class AuthorizationInterceptor extends HandlerInterceptorAdapter { ...@@ -82,26 +93,58 @@ public class AuthorizationInterceptor extends HandlerInterceptorAdapter {
// 可这里查出权限 // 可这里查出权限
if (sessionAct == null) { if (sessionAct == null) {
User one = userRepository.findOne(Long.parseLong(key)); User one = userRepository.findOne(Long.parseLong(key));
if (!one.getRole().equals(RoleEnum.MANAGER.getKey())) {
Auth auth = authRepository.findByUser(one.getId());
Map<String, String> authdata = (Map<String, String>) JSONArray.fromObject(auth.getAuth())
.stream().collect(Collectors.toMap(p -> ((Map) p).get("id").toString(), p -> "0"));
one.setAuthdataDic(authdata);
}
request.getSession().setAttribute(Constant.CURRENT_ACCOUNT,one); request.getSession().setAttribute(Constant.CURRENT_ACCOUNT,one);
sessionAct = one;
} }
if(!sessionAct.getRole().equals(RoleEnum.MANAGER.getKey())){
//权限控制
AuthKey authKey = handler.getClass().getAnnotation(AuthKey.class);
if(authKey!=null && sessionAct.getAuthdataDic().get(authKey.value().getIdKey())==null){
printJsonResponse(response,"权限不足!");
return false;
}
return true;
}
return true; return true;
} }
} }
printJsonResponse(response,null);
return false;
}
private void printJsonResponse(HttpServletResponse response,String message){
try { try {
//如果验证token失败,并且方法注明了Authorization,返回401错误 //如果验证token失败,并且方法注明了Authorization,返回401错误
response.setStatus(HttpStatus.UNAUTHORIZED.value()); response.setStatus(HttpStatus.UNAUTHORIZED.value());
BufferedWriter writer = new BufferedWriter(new OutputStreamWriter(response.getOutputStream())); BufferedWriter writer = new BufferedWriter(new OutputStreamWriter(response.getOutputStream()));
response.setContentType(MediaType.APPLICATION_JSON_VALUE); response.setContentType(MediaType.APPLICATION_JSON_VALUE);
String json = new ObjectMapper().writeValueAsString(ResultModel.ERROR(ResultStatus.USERNAME_LOGIN_EXPIRE));
writer.write(json); if(StringUtils.isEmpty(message)){
message = new ObjectMapper().writeValueAsString(ResultModel.ERROR(ResultStatus.USERNAME_LOGIN_EXPIRE));
}
writer.write(message);
writer.close(); writer.close();
} catch (Exception e){ } catch (Exception e){
e.printStackTrace(); e.printStackTrace();
} }
return false;
} }
private String getCookieToken(Cookie[] cookies, String name){ private String getCookieToken(Cookie[] cookies, String name){
String token = null; String token = null;
......
...@@ -3,7 +3,6 @@ package tkio.service.impl; ...@@ -3,7 +3,6 @@ package tkio.service.impl;
import common.model.Contract; import common.model.Contract;
import org.springframework.beans.factory.annotation.Autowired; import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.stereotype.Service; import org.springframework.stereotype.Service;
import security.annotation.Authorization;
import tkio.model.Account; import tkio.model.Account;
import tkio.repository.AccountRepository; import tkio.repository.AccountRepository;
import tkio.service.AccountService; import tkio.service.AccountService;
......
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment