Commit 260778ef authored by mcb's avatar mcb

Merge branch 'dmp_dev' of http://gitlab.ioubuy.cn/yaobenzhang/jz-dmp-service into dmp_dev

parents b4d12061 862827a8
package com.jz.common.constant;
/**常量
* @author ybz
*
*/
public class StatuConstant {
public final static String SUCCESS_CODE = "200";
public final static String FAILURE_CODE = "201";
/*****************************************************************************/
//第三方请求返回结果码定义
public static String CODE_SUCCESS = "000";
public static String MSG_SUCCESS = "操作成功";
public static String CODE_ERROR_REQUESTMETHOD = "100";
public static String MSG_ERROR_REQUESTMETHOD = "请求方式错误(只支持POST方式请求)";
public static String CODE_ERROR_PARAMETER = "101";
public static String MSG_ERROR_PARAMETER = "参数不正确(格式不正确或必填参数为空)";
public static String CODE_ERROR_CITYCODE = "102";
public static String MSG_ERROR_CITYCODE = "城市区域代码错误";
public static String CODE_NOT_SIGNED = "103";
public static String MSG_NOT_SIGNED = "尚未登录或者登录已过期";
public static String CODE_DATA_EXISTED = "106";
public static String MSG_DATA_EXISTED = "企业已备案,请勿重复备案";
public static String CODE_ERROR_USERNAMEORPASSWD = "107";
public static String MSG_ERROR_USERNAMEORPASSWD = "用户名或密码错误";
public static String CODE_USER_LOGGEDOFF = "108";
public static String MSG_USER_LOGGEDOFF = "用户已注销";
public static String CODE_PERMISSION_NO = "109";
public static String MSG_PERMISSION_NO = "权限不足,请联系管理员";
public static String CODE_DATA_NOTMEET = "201";
public static String MSG_DATA_NOTMEET = "数据不符合业务处理要求";
public static String CODE_SYS_EXCEPTION = "500";
public static String MSG_SYS_EXCEPTION = "系统异常,请联系接口提供方";
}
package com.jz.common.interceptor;
import java.util.ArrayList;
import java.util.Collection;
import java.util.HashMap;
import java.util.List;
import java.util.Map;
import java.util.Map.Entry;
......@@ -9,14 +11,17 @@ import javax.servlet.http.HttpServletRequest;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.security.access.ConfigAttribute;
import org.springframework.security.access.SecurityConfig;
import org.springframework.security.web.FilterInvocation;
import org.springframework.security.web.access.intercept.FilterInvocationSecurityMetadataSource;
import org.springframework.security.web.util.matcher.AntPathRequestMatcher;
import org.springframework.stereotype.Component;
//import com.jz.dmp.web.ui.modules.sys.repository.domain.DmpSystemMenu;
//import com.jz.dmp.web.ui.modules.sys.service.DmpSystemMenuService;
import com.jz.dmp.modules.model.DmpPermission;
import com.jz.dmp.modules.service.sys.DmpPermissionService;
/**
* @ClassName: MyInvocationSecurityMetadataSource
......@@ -32,8 +37,8 @@ public class MyInvocationSecurityMetadataSource implements FilterInvocationSecur
private boolean isExpire;//加载资源是否过期
//@Autowired
//private DmpSystemMenuService dspSystemMenuService;
@Autowired
private DmpPermissionService dmpPermissionService;
private Map<String, Collection<ConfigAttribute>> map = null;
......@@ -44,18 +49,17 @@ public class MyInvocationSecurityMetadataSource implements FilterInvocationSecur
Collection<ConfigAttribute> configAttributes;
ConfigAttribute cfg;
System.err.println("1234444444444444444--------------------");
/*List<DmpSystemMenu> resources = dspSystemMenuService.findAllList();
for (DmpSystemMenu dspSystemMenu : resources) {
List<DmpPermission> resources = dmpPermissionService.findAllList();
for (DmpPermission permission : resources) {
configAttributes = new ArrayList<>();
cfg = new SecurityConfig(dspSystemMenu.getMenuTarget());
cfg = new SecurityConfig(permission.getPermissionCode());
//此处只添加了用户的名字,其实还可以添加更多的权限信息,例如请求方法到ConfigAttribute的集合中去。
//此处添加的信息将会作为MyAccessDecisionManager类的decide的第三个参数。
configAttributes.add(cfg);
//用权限的getUrl()作为map的key,用configAttribute的集合作为value。
map.put(dspSystemMenu.getMenuHref(), configAttributes);
map.put(permission.getPermissionUrl(), configAttributes);
}*/
}
}
......
......@@ -16,6 +16,7 @@ import org.springframework.security.config.annotation.web.configuration.WebSecur
import org.springframework.security.core.userdetails.UsernameNotFoundException;
import com.alibaba.fastjson.JSONObject;
import com.jz.common.constant.StatuConstant;
import com.jz.common.interceptor.MyFilterSecurityInterceptor;
@Configuration
......@@ -33,8 +34,8 @@ public class SecurityConfiguration extends WebSecurityConfigurerAdapter {
response.setStatus(HttpServletResponse.SC_FORBIDDEN);
PrintWriter out = response.getWriter();
Map<String,Object> map = new HashMap<String,Object>();
map.put("code",403);
map.put("message","未登录");
map.put("code",StatuConstant.CODE_NOT_SIGNED);
map.put("message",StatuConstant.MSG_NOT_SIGNED);
out.write(JSONObject.toJSONString(map));
out.flush();
out.close();
......@@ -50,9 +51,9 @@ public class SecurityConfiguration extends WebSecurityConfigurerAdapter {
response.setStatus(HttpServletResponse.SC_UNAUTHORIZED);
PrintWriter out = response.getWriter();
Map<String,Object> map = new HashMap<String,Object>();
map.put("code",401);
map.put("code",StatuConstant.CODE_ERROR_USERNAMEORPASSWD);
if (ex instanceof UsernameNotFoundException || ex instanceof BadCredentialsException) {
map.put("message","用户名或密码错误");
map.put("message",StatuConstant.MSG_ERROR_USERNAMEORPASSWD);
} else if (ex instanceof DisabledException) {
map.put("message","账户被禁用");
} else {
......@@ -65,7 +66,7 @@ public class SecurityConfiguration extends WebSecurityConfigurerAdapter {
//登录成功,返回json
.successHandler((request,response,authentication) -> {
Map<String,Object> map = new HashMap<String,Object>();
map.put("code",200);
map.put("code",StatuConstant.CODE_SUCCESS);
map.put("message","登录成功");
map.put("data",authentication);
response.setContentType("application/json;charset=utf-8");
......@@ -84,8 +85,8 @@ public class SecurityConfiguration extends WebSecurityConfigurerAdapter {
response.setStatus(HttpServletResponse.SC_FORBIDDEN);
PrintWriter out = response.getWriter();
Map<String,Object> map = new HashMap<String,Object>();
map.put("code",403);
map.put("message", "权限不足");
map.put("code",StatuConstant.CODE_PERMISSION_NO);
map.put("message", StatuConstant.MSG_PERMISSION_NO);
out.write(JSONObject.toJSONString(map));
out.flush();
out.close();
......@@ -95,7 +96,7 @@ public class SecurityConfiguration extends WebSecurityConfigurerAdapter {
//退出成功,返回json
.logoutSuccessHandler((request,response,authentication) -> {
Map<String,Object> map = new HashMap<String,Object>();
map.put("code",200);
map.put("code",StatuConstant.CODE_SUCCESS);
map.put("message","退出成功");
map.put("data",authentication);
response.setContentType("application/json;charset=utf-8");
......
package com.jz.dmp.modules.controller.sys.bean;
import java.util.ArrayList;
import java.util.List;
import org.springframework.beans.BeanUtils;
import com.jz.dmp.modules.model.DmpPermission;
public class MyDmpPermissionConverter {
private static MyDmpPermissionConverter instance;
private MyDmpPermissionConverter() {};
public synchronized static MyDmpPermissionConverter INSTANCE() {
if (instance==null) {
instance = new MyDmpPermissionConverter();
}
return instance;
}
public DmpPermissionDto domain2dto(DmpPermission dmpPermission) {
DmpPermissionDto dmpPermissionDto = new DmpPermissionDto();
BeanUtils.copyProperties(dmpPermission, dmpPermissionDto);
return dmpPermissionDto;
}
public List<DmpPermissionDto> domain2dto(List<DmpPermission> dmpPermissions) {
List<DmpPermissionDto> dmpPermissionDtos = new ArrayList<DmpPermissionDto>();
dmpPermissions.stream().forEach(x -> {
dmpPermissionDtos.add(domain2dto(x));
});
return dmpPermissionDtos;
}
public DmpPermission dto2domain(DmpPermissionDto dmpPermissionDto) {
DmpPermission dmpPermission = new DmpPermission();
BeanUtils.copyProperties(dmpPermissionDto, dmpPermission);
return dmpPermission;
}
public List<DmpPermission> dto2domain(List<DmpPermissionDto> dmpPermissionDtos) {
List<DmpPermission> dmpPermissions = new ArrayList<DmpPermission>();
dmpPermissionDtos.stream().forEach(x -> {
dmpPermissions.add(domain2dto(x));
});
return dmpPermissions;
}
}
......@@ -88,4 +88,14 @@ public interface DmpPermissionMapper {
*/
public List<DmpPermission> findByRoles(@Param("dmpRoles")List<DmpRole> dmpRoles)throws Exception;
/**
* @Title: findAllListWithUrlNotNull
* @Description: TODO(获取所有url不为null资源)
* @param @return
* @param @throws Exception 参数
* @return List<DmpPermissionDto> 返回类型
* @throws
*/
public List<DmpPermissionDto> findAllListWithUrlNotNull()throws Exception;
}
......@@ -80,4 +80,13 @@ public interface DmpPermissionService {
*/
public List<DmpPermission> findPermissionByRoles(List<DmpRole> dmpRoles);
/**
* @Title: findAllList
* @Description: TODO(获取所有可用资源)
* @param @return 参数
* @return List<DmpPermission> 返回类型
* @throws
*/
public List<DmpPermission> findAllList();
}
......@@ -21,7 +21,6 @@ import com.github.pagehelper.PageInfo;
import com.jz.common.bean.BaseBeanResponse;
import com.jz.common.bean.BaseResponse;
import com.jz.common.bean.PageInfoResponse;
import com.jz.common.constant.Constants;
import com.jz.common.constant.ResultCode;
import com.jz.common.persistence.BaseService;
import com.jz.dmp.modules.controller.sys.bean.DmpMemberBatch;
......
......@@ -29,6 +29,7 @@ import com.jz.common.persistence.BaseService;
import com.jz.dmp.modules.controller.sys.bean.DmpPermissionBatch;
import com.jz.dmp.modules.controller.sys.bean.DmpPermissionDto;
import com.jz.dmp.modules.controller.sys.bean.DmpPermissionRequest;
import com.jz.dmp.modules.controller.sys.bean.MyDmpPermissionConverter;
import com.jz.dmp.modules.dao.sys.DmpPermissionMapper;
import com.jz.dmp.modules.model.DmpPermission;
import com.jz.dmp.modules.model.DmpRole;
......@@ -318,4 +319,25 @@ public class DmpPermissionServiceImpl extends BaseService implements DmpPermissi
return permission;
}
/**
*获取所有资源
*/
@Override
public List<DmpPermission> findAllList() {
List<DmpPermission> permissions = new ArrayList<DmpPermission>();
try {
List<DmpPermissionDto> permissionDtos = dmpPermissionMapper.findAllListWithUrlNotNull();
permissions = MyDmpPermissionConverter.INSTANCE().dto2domain(permissionDtos);
} catch (Exception e) {
e.printStackTrace();
logger.info("获取所有资源接口异常:{}", e);
}
return permissions;
}
}
......@@ -328,4 +328,12 @@
</choose>
</select>
<!-- 条件查询URL不为null资源-->
<select id="findAllListWithUrlNotNull" resultMap="BaseDtoResultMap">
SELECT
<include refid="BaseDto_Column_List"/>
FROM dmp_permission
WHERE permission_url IS NOT NULL
</select>
</mapper>
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment