uaa接入cloud完成

ibizlab-boot-starter-data/pom.xml

@@ -103,6 +103,11 @@
             </exclusions>
         </dependency>
 
+        <dependency>
+            <groupId>org.reflections</groupId>
+            <artifactId>reflections</artifactId>
+        </dependency>
+
     </dependencies>
 
 </project>
\ No newline at end of file

ibizlab-boot-starter-data/src/main/java/cn/ibizlab/util/domain/EntityBase.java

@@ -14,7 +14,7 @@ import org.springframework.util.ObjectUtils;
 import java.io.Serializable;
 import java.util.*;
 
-public class EntityBase implements Serializable {
+public class EntityBase implements IEntity,Serializable {
 
     @JsonIgnore
     @JSONField(serialize = false)

ibizlab-boot-starter-data/src/main/java/cn/ibizlab/util/domain/IEntity.java

+package cn.ibizlab.util.domain;
+
+public interface IEntity {
+
+    Object get(String field);
+
+    void set(String field, Object value);
+
+}

ibizlab-boot-starter-data/src/main/java/cn/ibizlab/util/helper/BeanCache.java

@@ -97,7 +97,7 @@ public class BeanCache {
         }
 
         public  static <T> BeanSchema from(Class<T> clazz){
-            String className=clazz.getName();
+            String className=clazz.getSimpleName();
             if(className.indexOf("_$")>0) {
                 className=className.substring(0, className.lastIndexOf("_$"));
             }

ibizlab-boot-starter-data/src/main/java/cn/ibizlab/util/service/CloudUserService.java

@@ -16,6 +16,8 @@ import org.springframework.cache.annotation.CacheEvict;
 import org.springframework.cache.annotation.Cacheable;
 import org.springframework.context.annotation.Lazy;
 import org.springframework.data.redis.core.RedisTemplate;
+import org.springframework.security.core.GrantedAuthority;
+import org.springframework.security.core.authority.SimpleGrantedAuthority;
 import org.springframework.stereotype.Service;
 import org.springframework.util.DigestUtils;
 import org.springframework.util.ObjectUtils;
@@ -28,6 +30,7 @@ import java.io.IOException;
 import java.net.URLDecoder;
 import java.nio.charset.StandardCharsets;
 import java.util.*;
+import java.util.stream.Collectors;
 
 @Slf4j
 @Service("CloudUserService")
@@ -63,7 +66,7 @@ public class CloudUserService extends IBZUAAUserService {
     private TypeReference<Collection<UAAGrantedAuthority>> UAAGrantedAuthorityListType =  new TypeReference<Collection<UAAGrantedAuthority>>(){};
 
     @Override
-    @Cacheable( value="ibzuaa_users", key = "#root.target.systemId+':'+#p0")
+    @Cacheable( value="ibzuaa_users", key = "#root.target.systemId+':getByUsername:'+#p0")
     public AuthenticationUser loadUserByUsername(String username) {
         Object obj = redisTemplate.opsForValue().get("ibiz-cloud-uaa-user-" + username);
         if (obj == null) {
@@ -93,7 +96,7 @@ public class CloudUserService extends IBZUAAUserService {
                         srforgid = null;
                     }
 
-                    Collection<UAAGrantedAuthority> authorities = null;
+                    Collection authorities = null;
                     if (StringUtils.hasLength(srfsystemid)
                             && StringUtils.hasLength(srfdcid) && StringUtils.hasLength(srfdcsystemid) && StringUtils.hasLength(srfuserid)) {
 
@@ -166,12 +169,9 @@ public class CloudUserService extends IBZUAAUserService {
                             authorities = this.getGrantedAuthorities(strDCSystemId, dcEmployee.getUsername(), authToken);
                             if(!ObjectUtils.isEmpty(authorities)) {
                                 if(dcEmployee.getSuperuser() == 1){
-                                    UAARoleAuthority admin=new UAARoleAuthority();
-                                    admin.setRoleTag("SUPERADMIN");
-                                    authorities.add(admin);
+                                    authorities.add( "ROLE_SUPERADMIN");
                                 }
-                                dcEmployee.setAuthorities((Collection) authorities);
-                                JSONObject permission =new JSONObject();
+                                Map permission =new HashMap();
                                 permission.put("authorities",authorities);
                                 dcEmployee.setPermissionList(permission);
                             }
@@ -188,13 +188,13 @@ public class CloudUserService extends IBZUAAUserService {
     }
 
 
-    protected Collection<UAAGrantedAuthority> getGrantedAuthorities(String strDCSystemId, String strUAAUserName, String strToken){
+    protected Collection getGrantedAuthorities(String strDCSystemId, String strUAAUserName, String strToken){
         String strCacheCat = String.format("ibiz-cloud-uaa-cat-%1$s--%2$s",  strUAAUserName, DigestUtils.md5DigestAsHex(strToken.getBytes(StandardCharsets.UTF_8)));;
         String strCacheTag = String.format("authorities-%1$s", strDCSystemId);
         Object obj =  this.redisTemplate.opsForHash().get(strCacheCat, strCacheTag);
         if(!ObjectUtils.isEmpty(obj)) {
             try {
-                Map<String,UAAGrantedAuthority> rt=new LinkedHashMap<>();
+                Map<String,Object> rt=new LinkedHashMap<>();
                 Collection<UAAGrantedAuthority> tmp =  objectMapper.readValue(objectMapper.writeValueAsString(obj), this.UAAGrantedAuthorityListType);
                 if(!ObjectUtils.isEmpty(tmp))
                 {
@@ -205,14 +205,30 @@ public class CloudUserService extends IBZUAAUserService {
                             deAuth.setEntityCode(BeanCache.get(deAuth.getEntity()).getCodeName());
                             if(ObjectUtils.isEmpty(deAuth.getEntityCode()))
                                 return;
+                            deAuth.getAuthorities().forEach(auth->{
+                                if(auth.endsWith("-custom"))
+                                {
+                                    UAACustomAuthority customAuthority=new UAACustomAuthority();
+                                    customAuthority.setSystemid(deAuth.getSystemid());
+                                    customAuthority.setEntity(deAuth.getEntity());
+                                    customAuthority.setEntityCode(deAuth.getEntityCode());
+                                    customAuthority.setBscope(deAuth.getBscope());
+                                    customAuthority.setAuthority(DigestUtils.md5DigestAsHex((auth+deAuth.getBscope()).getBytes()));
+                                    rt.put(customAuthority.getAuthority(),customAuthority);
+                                }
+                                else
+                                {
+                                    rt.put(auth,auth);
+                                }
 
+                            });
                         }
                         else
                         {
-                            rt.put(item.getAuthority(),item);
+                            rt.put(item.getAuthority(),item.getAuthority());
                         }
                     });
-                    return rt.values();
+                    return rt.values().stream().collect(Collectors.toList());
                 }
 
             } catch (IOException e) {
@@ -246,7 +262,7 @@ public class CloudUserService extends IBZUAAUserService {
     }
 
     @Override
-    @CacheEvict( value="ibzuaa_users", key = "#root.target.systemId+':'+#p0")
+    @CacheEvict( value="ibzuaa_users", key = "'glob:*getByUsername:'+#p0")
     public void resetByUsername(String username) {
     }
 }

ibizlab-boot-starter-data/src/main/java/cn/ibizlab/util/service/IBZConfigService.java

@@ -2,6 +2,7 @@ package cn.ibizlab.util.service;
 
 import cn.ibizlab.util.domain.EntityBase;
 import cn.ibizlab.util.domain.IBZConfig;
+import cn.ibizlab.util.domain.IEntity;
 import cn.ibizlab.util.errors.BadRequestAlertException;
 import cn.ibizlab.util.helper.BeanCache;
 import cn.ibizlab.util.helper.DataObject;
@@ -12,6 +13,7 @@ import com.baomidou.mybatisplus.core.toolkit.Wrappers;
 import com.baomidou.mybatisplus.extension.service.IService;
 import com.baomidou.mybatisplus.extension.service.impl.ServiceImpl;
 import lombok.extern.slf4j.Slf4j;
+import org.reflections.Reflections;
 import org.springframework.beans.factory.annotation.Value;
 import org.springframework.cache.annotation.CacheEvict;
 import org.springframework.cache.annotation.Cacheable;
@@ -21,6 +23,7 @@ import org.springframework.util.StringUtils;
 
 import javax.annotation.PostConstruct;
 import java.util.ServiceLoader;
+import java.util.Set;
 
 @Slf4j
 @Service
@@ -28,10 +31,11 @@ public class IBZConfigService extends ServiceImpl<IBZConfigMapper, IBZConfig> im
 
     @PostConstruct
     public void init() {
-        ServiceLoader<EntityBase> loader = ServiceLoader.load(EntityBase.class);
-        for (EntityBase entityBase : loader){
-            BeanCache.register(entityBase.getClass());
-        }
+        Reflections reflections = new Reflections();
+        Set<Class<? extends EntityBase>> subClazzs = reflections.getSubTypesOf(EntityBase.class);
+        subClazzs.forEach(entity->{
+            BeanCache.register(entity);
+        });
     }
 
     @Value("${ibiz.systemid:ibznotify}")

ibizlab-boot-starter-data/src/main/java/cn/ibizlab/util/service/IBZUSERServiceImpl.java

@@ -49,7 +49,7 @@ public class IBZUSERServiceImpl extends ServiceImpl<IBZUSERMapper, IBZUSER> impl
 
 
 	@Override
-	@Cacheable( value="ibzuaa_users", key = "#root.target.systemId+':'+#p0")
+	@Cacheable( value="ibzuaa_users", key = "#root.target.systemId+':getByUsername:'+#p0")
 	public AuthenticationUser loadUserByUsername(String username) {
 		if(StringUtils.isEmpty(username)) {
 			throw new UsernameNotFoundException("用户名为空");
@@ -103,7 +103,7 @@ public class IBZUSERServiceImpl extends ServiceImpl<IBZUSERMapper, IBZUSER> impl
 	}
 
 
-	@CacheEvict( value="sys_users", key = "#root.target.systemId+':'+#p0")
+	@CacheEvict( value="ibzuaa_users", key = "'glob:*getByUsername:'+#p0")
 	public void resetByUsername(String username) {
 
 	}

ibizlab-boot-starter-parent/pom.xml

@@ -66,7 +66,9 @@
 
         <flowable-modeler.version>6.4.2</flowable-modeler.version>
         <!--  JBPM+Drools -->
-        <drools-version>7.23.0.Final</drools-version>
+        <drools.version>7.23.0.Final</drools.version>
+
+        <reflections.version>0.10.2</reflections.version>
 
         <maven-jar-plugin.version>3.1.1</maven-jar-plugin.version>
 
@@ -248,34 +250,34 @@
             <dependency>
                 <groupId>org.jbpm</groupId>
                 <artifactId>jbpm-flow-builder</artifactId>
-                <version>${drools-version}</version>
+                <version>${drools.version}</version>
             </dependency>
             <dependency>
                 <groupId>org.jbpm</groupId>
                 <artifactId>jbpm-bpmn2</artifactId>
-                <version>${drools-version}</version>
+                <version>${drools.version}</version>
             </dependency>
 
             <!--  Drools  -->
             <dependency>
                 <groupId>org.drools</groupId>
                 <artifactId>drools-compiler</artifactId>
-                <version>${drools-version}</version>
+                <version>${drools.version}</version>
             </dependency>
             <dependency>
                 <groupId>org.drools</groupId>
                 <artifactId>drools-core</artifactId>
-                <version>${drools-version}</version>
+                <version>${drools.version}</version>
             </dependency>
             <dependency>
                 <groupId>org.kie</groupId>
                 <artifactId>kie-spring</artifactId>
-                <version>${drools-version}</version>
+                <version>${drools.version}</version>
             </dependency>
             <dependency>
                 <groupId>org.kie</groupId>
                 <artifactId>kie-api</artifactId>
-                <version>${drools-version}</version>
+                <version>${drools.version}</version>
             </dependency>
 
             <dependency>
@@ -289,6 +291,13 @@
                 <version>${flowable-modeler.version}</version>
             </dependency>
 
+            <dependency>
+                <groupId>org.reflections</groupId>
+                <artifactId>reflections</artifactId>
+                <version>${reflections.version}</version>
+            </dependency>
+
+
         </dependencies>
     </dependencyManagement>
 

ibizlab-boot-starter/src/main/java/cn/ibizlab/util/security/UAACustomAuthority.java

+package cn.ibizlab.util.security;
+
+import com.fasterxml.jackson.annotation.JsonIgnoreProperties;
+import com.fasterxml.jackson.annotation.JsonInclude;
+import lombok.Data;
+import org.springframework.util.ObjectUtils;
+
+import java.util.*;
+
+@Data
+@JsonInclude(JsonInclude.Include.NON_NULL)
+@JsonIgnoreProperties(ignoreUnknown = true)
+public class UAACustomAuthority extends UAAGrantedAuthority {
+
+
+    private String entity;
+    private String entityCode;
+
+    private String bscope;
+    private String authority;
+
+    public UAACustomAuthority(){
+        this.setType("CUSTOM");
+    }
+
+
+    @Override
+    public String getAuthority() {
+        return this.authority;
+    }
+
+    public void setAuthority(String authority) {
+        this.authority=authority;
+    }
+
+
+
+}
+

ibizlab-boot-starter/src/main/java/cn/ibizlab/util/security/UAADEAuthority.java

 package cn.ibizlab.util.security;
 
+import com.fasterxml.jackson.annotation.JsonIgnoreProperties;
+import com.fasterxml.jackson.annotation.JsonInclude;
 import lombok.Data;
 import org.springframework.util.ObjectUtils;
 
 import java.util.*;
 
 @Data
+@JsonInclude(JsonInclude.Include.NON_NULL)
+@JsonIgnoreProperties(ignoreUnknown = true)
 public class UAADEAuthority extends UAAGrantedAuthority {
 
 
@@ -31,11 +35,11 @@ public class UAADEAuthority extends UAAGrantedAuthority {
 
     @Override
     public String getAuthority() {
-        return this.getName();
+        return this.authority;
     }
 
-    public void setAuthority(String name) {
-
+    public void setAuthority(String authority) {
+        this.authority=authority;
     }
 
     public Set<String> getAuthorities()
@@ -45,11 +49,59 @@ public class UAADEAuthority extends UAAGrantedAuthority {
             return sets;
         if(ObjectUtils.isEmpty(systemid))
             return sets;
+
+        Set<String> scopes=new LinkedHashSet<>();
+        if(1==isAllData)
+            scopes.add("all");
+        else if(orgdr!=null&&(1&orgdr)>0)
+            scopes.add("curorg");
+        else if(orgdr!=null&&(2&orgdr)>0)
+            scopes.add("porg");
+        else if(orgdr!=null&&(4&orgdr)>0)
+            scopes.add("sorg");
+        else if(deptdr!=null&&(1&deptdr)>0)
+            scopes.add("curorgdept");
+        else if(deptdr!=null&&(2&deptdr)>0)
+            scopes.add("porgdept");
+        else if(deptdr!=null&&(4&deptdr)>0)
+            scopes.add("sorgdept");
+        else if(getName()!=null&&getName().startsWith("当前用户"))
+            scopes.add("createman");
+        else if(dataset||(!ObjectUtils.isEmpty(bscope)))
+            scopes.add("custom");
+
+        Set<String> privs=new LinkedHashSet<>();
         deAction.forEach(item->{
             String scope="";
-//            if(item.containsKey("READ"))
+            if(item.containsKey("READ"))
+                privs.add("Get");
+            else if(item.containsKey("CREATE")) {
+                privs.add("Create");
+                privs.add("Save");
+            }
+            else if(item.containsKey("Update")) {
+                privs.add("Create");
+                privs.add("Save");
+            }
+            else if(item.containsKey("DELETE"))
+                privs.add("Remove");
+            else
+            {
+                privs.addAll(item.keySet());
+            }
+
+        });
+
+        scopes.forEach(scope->{
+            privs.forEach(priv->{
+                sets.add(String.format("%s-%s-%s-%s",systemid,entityCode,priv,scope));
+            });
         });
+
         return sets;
     }
+
+
+
 }
 

ibizlab-boot-starter/src/main/java/cn/ibizlab/util/security/UAAGrantedAuthority.java

@@ -14,11 +14,13 @@ import org.springframework.security.core.GrantedAuthority;
         @JsonSubTypes.Type(value = UAADEAuthority.class, name= UAAGrantedAuthority.TYPE_OPPRIV),
         @JsonSubTypes.Type(value = UAAMenuAuthority.class, name= UAAGrantedAuthority.TYPE_APPMENU),
         @JsonSubTypes.Type(value = UAAUniResAuthority.class, name= UAAGrantedAuthority.TYPE_UNIRES),
-        @JsonSubTypes.Type(value = UAARoleAuthority.class, name= UAAGrantedAuthority.TYPE_ROLE)
+        @JsonSubTypes.Type(value = UAARoleAuthority.class, name= UAAGrantedAuthority.TYPE_ROLE),
+        @JsonSubTypes.Type(value = UAACustomAuthority.class, name= UAAGrantedAuthority.TYPE_CUSTOM)
 })
 
 public class UAAGrantedAuthority implements GrantedAuthority {
 
+    public final static String TYPE_CUSTOM = "CUSTOM";
 
     public final static String TYPE_OPPRIV = "OPPRIV";
 

ibizlab-boot-starter/src/main/java/cn/ibizlab/util/security/UAAMenuAuthority.java

 package cn.ibizlab.util.security;
 
+import com.alibaba.fastjson.annotation.JSONField;
+import com.fasterxml.jackson.annotation.JsonIgnore;
+import com.fasterxml.jackson.annotation.JsonIgnoreProperties;
+import com.fasterxml.jackson.annotation.JsonInclude;
 import lombok.Data;
 
 @Data
+@JsonInclude(JsonInclude.Include.NON_NULL)
+@JsonIgnoreProperties(ignoreUnknown = true)
 public class UAAMenuAuthority extends UAAGrantedAuthority {
 
     private String menuTag;
@@ -13,7 +19,7 @@ public class UAAMenuAuthority extends UAAGrantedAuthority {
 
     @Override
     public String getAuthority() {
-        return "APPMENU_"+menuTag;
+        return menuTag==null||menuTag.startsWith("APPMENU_")?menuTag:("APPMENU_"+menuTag);
     }
 
     public void setAuthority(String menuTag) {

ibizlab-boot-starter/src/main/java/cn/ibizlab/util/security/UAARoleAuthority.java

 package cn.ibizlab.util.security;
 
+import com.alibaba.fastjson.annotation.JSONField;
+import com.fasterxml.jackson.annotation.JsonIgnore;
+import com.fasterxml.jackson.annotation.JsonIgnoreProperties;
+import com.fasterxml.jackson.annotation.JsonInclude;
 import lombok.Data;
 
 @Data
+@JsonInclude(JsonInclude.Include.NON_NULL)
+@JsonIgnoreProperties(ignoreUnknown = true)
 public class UAARoleAuthority extends UAAGrantedAuthority {
 
     private String roleTag;
@@ -13,7 +19,7 @@ public class UAARoleAuthority extends UAAGrantedAuthority {
 
     @Override
     public String getAuthority() {
-        return "ROLE_"+roleTag;
+        return roleTag==null||roleTag.startsWith("ROLE_")?roleTag:("ROLE_"+roleTag);
     }
 
     public void setAuthority(String roleTag) {

ibizlab-boot-starter/src/main/java/cn/ibizlab/util/security/UAAUniResAuthority.java

 package cn.ibizlab.util.security;
 
+import com.alibaba.fastjson.annotation.JSONField;
+import com.fasterxml.jackson.annotation.JsonIgnore;
+import com.fasterxml.jackson.annotation.JsonIgnoreProperties;
+import com.fasterxml.jackson.annotation.JsonInclude;
 import lombok.Data;
 
+import java.io.Serializable;
+
 @Data
+@JsonInclude(JsonInclude.Include.NON_NULL)
+@JsonIgnoreProperties(ignoreUnknown = true)
 public class UAAUniResAuthority extends UAAGrantedAuthority {
 
     private String unionResTag;
@@ -13,7 +21,7 @@ public class UAAUniResAuthority extends UAAGrantedAuthority {
 
     @Override
     public String getAuthority() {
-        return "UNIRES_"+unionResTag;
+        return unionResTag==null||unionResTag.startsWith("UNIRES_")?unionResTag:("UNIRES_"+unionResTag);
     }
 
     public void setAuthority(String unionResTag) {

ibizlab-boot-starter/src/main/java/cn/ibizlab/util/service/IBZUAAUserService.java

@@ -41,7 +41,7 @@ public class IBZUAAUserService implements AuthenticationUserService{
 	}
 
 	@Override
-	@Cacheable( value="ibzuaa_users", key = "'getByUsername:'+#p0")
+	@Cacheable( value="ibzuaa_users", key = "#root.target.systemId+':getByUsername:'+#p0")
 	public AuthenticationUser loadUserByUsername(String username) {
 		AuthenticationUser user = uaaFeignClient.loginByUsername(username);
 		if(user == null) {
@@ -72,7 +72,7 @@ public class IBZUAAUserService implements AuthenticationUserService{
 	}
 
 	@Override
-	@CacheEvict( value="ibzuaa_users", key = "'getByUsername:'+#p0")
+	@CacheEvict( value="ibzuaa_users", key = "'glob:*getByUsername:'+#p0")
 	public void resetByUsername(String username) {
 	}
 }

ibizlab-boot-starter/src/main/java/cn/ibizlab/util/service/SimpleUserService.java

@@ -38,7 +38,7 @@ public class SimpleUserService implements AuthenticationUserService {
 		return systemId;
 	}
 	@Override
-	@Cacheable( value="ibzuaa_users", key = "#root.target.systemId+':'+#p0")
+	@Cacheable( value="ibzuaa_users", key = "#root.target.systemId+':getByUsername:'+#p0")
 	public AuthenticationUser loadUserByUsername(String username) {
 		AuthenticationUser user = new AuthenticationUser();
 		String[] data = username.split("[|]");
@@ -82,7 +82,7 @@ public class SimpleUserService implements AuthenticationUserService {
 
 
 	@Override
-	@CacheEvict( value="simple_users", key = "#root.target.systemId+':'+#p0")
+	@CacheEvict( value="ibzuaa_users", key = "'glob:*getByUsername:'+#p0")
 	public void resetByUsername(String username) {
 
 	}