Skip to content
项目
群组
代码片段
帮助
正在加载...
帮助
提交反馈
为 GitLab 提交贡献
登录
切换导航
I
ibzuaa
项目
项目
详情
动态
版本
周期分析
仓库
仓库
文件
提交
分支
标签
贡献者
分支图
比较
统计图
议题
0
议题
0
列表
看板
标记
里程碑
合并请求
0
合并请求
0
CI / CD
CI / CD
流水线
作业
计划
统计图
Wiki
Wiki
代码片段
代码片段
成员
成员
收起侧边栏
关闭侧边栏
动态
分支图
统计图
创建新议题
作业
提交
议题看板
打开侧边栏
ibiz4jteam
ibzuaa
提交
e6779e6f
提交
e6779e6f
编写于
5月 28, 2020
作者:
sq3536
浏览文件
操作
浏览文件
下载
电子邮件补丁
差异文件
适配redis改造
上级
9429f09a
变更
6
隐藏空白字符变更
内嵌
并排
正在显示
6 个修改的文件
包含
157 行增加
和
62 行删除
+157
-62
SysPSSystemAspect.java
...ibizlab/core/uaa/extensions/aspect/SysPSSystemAspect.java
+6
-3
UAAUserService.java
...n/ibizlab/core/uaa/extensions/service/UAAUserService.java
+142
-0
ClientAuthenticationResource.java
...lab/api/rest/extensions/ClientAuthenticationResource.java
+3
-53
IBZUAAUserService.java
.../main/java/cn/ibizlab/util/service/IBZUAAUserService.java
+2
-2
IBZUSERServiceImpl.java
...main/java/cn/ibizlab/util/service/IBZUSERServiceImpl.java
+2
-2
SimpleUserService.java
.../main/java/cn/ibizlab/util/service/SimpleUserService.java
+2
-2
未找到文件。
ibzuaa-core/src/main/java/cn/ibizlab/core/uaa/extensions/aspect/SysPSSystemAspect.java
浏览文件 @
e6779e6f
...
@@ -79,11 +79,14 @@ public class SysPSSystemAspect
...
@@ -79,11 +79,14 @@ public class SysPSSystemAspect
newIds
.
add
(
sysPermission
.
getPermissionid
());
newIds
.
add
(
sysPermission
.
getPermissionid
());
});
});
//移除无效资源
//移除无效资源
sysPermissionService
.
removeBatch
(
delPermission
.
keySet
());
if
(
delPermission
.
size
()>
0
)
sysPermissionService
.
removeBatch
(
delPermission
.
keySet
());
//将当前系统本次资源enable设为1以避免enable=0时,导致saveOrUpdate无法检测到主键存在,最终插入数据导致主键重复
//将当前系统本次资源enable设为1以避免enable=0时,导致saveOrUpdate无法检测到主键存在,最终插入数据导致主键重复
sysPermissionService
.
execute
(
String
.
format
(
"update ibzpermission set enable = 1 where sys_permissionid in (%s)"
,
getIds
(
newIds
)),
null
);
if
(
newIds
.
size
()>
0
)
sysPermissionService
.
execute
(
String
.
format
(
"update ibzpermission set enable = 1 where sys_permissionid in (%s)"
,
getIds
(
newIds
)),
null
);
//存储或更新资源saveOrUpdate
//存储或更新资源saveOrUpdate
sysPermissionService
.
saveBatch
(
list
);
if
(
list
.
size
()>
0
)
sysPermissionService
.
saveBatch
(
list
);
}
}
...
...
ibzuaa-core/src/main/java/cn/ibizlab/core/uaa/extensions/service/UAAUserService.java
0 → 100644
浏览文件 @
e6779e6f
package
cn
.
ibizlab
.
core
.
uaa
.
extensions
.
service
;
import
cn.ibizlab.util.client.IBZOUFeignClient
;
import
cn.ibizlab.util.service.AuthenticationUserService
;
import
cn.ibizlab.util.service.IBZUSERService
;
import
com.alibaba.fastjson.JSONObject
;
import
com.baomidou.mybatisplus.core.conditions.query.QueryWrapper
;
import
com.baomidou.mybatisplus.extension.service.impl.ServiceImpl
;
import
cn.ibizlab.util.security.AuthenticationUser
;
import
cn.ibizlab.util.errors.BadRequestAlertException
;
import
cn.ibizlab.util.helper.CachedBeanCopier
;
import
org.springframework.beans.factory.annotation.Autowired
;
import
org.springframework.beans.factory.annotation.Value
;
import
org.springframework.context.annotation.Lazy
;
import
org.springframework.context.annotation.Primary
;
import
org.springframework.security.core.GrantedAuthority
;
import
org.springframework.security.core.authority.AuthorityUtils
;
import
org.springframework.security.core.userdetails.UsernameNotFoundException
;
import
org.springframework.stereotype.Service
;
import
cn.ibizlab.util.mapper.IBZUSERMapper
;
import
cn.ibizlab.util.domain.IBZUSER
;
import
org.springframework.util.DigestUtils
;
import
org.springframework.util.StringUtils
;
import
org.springframework.boot.autoconfigure.condition.ConditionalOnExpression
;
import
java.util.Collection
;
import
java.util.HashMap
;
import
java.util.Map
;
import
java.util.Set
;
/**
* 实体[IBZUSER] 服务对象接口实现
*/
@Primary
@Service
(
"UAAUserService"
)
public
class
UAAUserService
extends
ServiceImpl
<
IBZUSERMapper
,
IBZUSER
>
implements
IBZUSERService
,
AuthenticationUserService
{
@Value
(
"${ibiz.auth.pwencrymode:0}"
)
private
int
pwencrymode
;
@Override
public
AuthenticationUser
loadUserByUsername
(
String
username
)
{
if
(
StringUtils
.
isEmpty
(
username
))
throw
new
UsernameNotFoundException
(
"用户名为空"
);
QueryWrapper
<
IBZUSER
>
conds
=
new
QueryWrapper
<
IBZUSER
>();
String
[]
data
=
username
.
split
(
"[|]"
);
String
loginname
=
""
;
String
domains
=
""
;
if
(
data
.
length
>
0
)
loginname
=
data
[
0
].
trim
();
if
(
data
.
length
>
1
)
domains
=
data
[
1
].
trim
();
if
(!
StringUtils
.
isEmpty
(
loginname
))
conds
.
eq
(
"loginname"
,
loginname
);
if
(!
StringUtils
.
isEmpty
(
domains
))
conds
.
eq
(
"domains"
,
domains
);
IBZUSER
user
=
this
.
getOne
(
conds
);
if
(
user
==
null
)
{
throw
new
UsernameNotFoundException
(
"用户"
+
username
+
"未找到"
);
}
else
{
user
.
setUsername
(
username
);
AuthenticationUser
curUser
=
createUserDetails
(
user
);
if
(
curUser
.
getPermissionList
()==
null
)
{
setUserPermission
(
curUser
);
setUserOrgInfo
(
curUser
);
}
return
curUser
;
}
}
@Override
public
AuthenticationUser
loadUserByLogin
(
String
username
,
String
password
){
AuthenticationUser
authuserdetail
=
loadUserByUsername
(
username
);
if
(
pwencrymode
==
1
)
password
=
DigestUtils
.
md5DigestAsHex
(
password
.
getBytes
());
else
if
(
pwencrymode
==
2
)
password
=
DigestUtils
.
md5DigestAsHex
(
String
.
format
(
"%1$s||%2$s"
,
username
,
password
).
getBytes
());
if
(!
authuserdetail
.
getPassword
().
equals
(
password
)){
throw
new
BadRequestAlertException
(
"用户名密码错误"
,
"IBZUSER"
,
username
);
}
return
authuserdetail
;
}
public
void
resetByUsername
(
String
username
)
{
}
public
AuthenticationUser
createUserDetails
(
IBZUSER
user
)
{
AuthenticationUser
userdatail
=
new
AuthenticationUser
();
CachedBeanCopier
.
copy
(
user
,
userdatail
);
if
(
userdatail
.
getSuperuser
()==
1
){
userdatail
.
setAuthorities
(
AuthorityUtils
.
createAuthorityList
(
"ROLE_SUPERADMIN"
));
}
return
userdatail
;
}
@Autowired
@Lazy
private
UAACoreService
uaaCoreService
;
/**
* 设置用户权限
* 由于GrantedAuthority缺少无参构造,导致无法序列化,暂时通过PermissionList中转
* @param user
* @return
*/
public
void
setUserPermission
(
AuthenticationUser
user
)
{
Collection
<
GrantedAuthority
>
userAuthorities
=
uaaCoreService
.
getAuthoritiesByUserId
(
user
.
getUserid
());
Set
<
String
>
authorities
=
AuthorityUtils
.
authorityListToSet
(
userAuthorities
);
if
(
user
.
getSuperuser
()==
1
){
authorities
.
add
(
"ROLE_SUPERADMIN"
);
}
JSONObject
permission
=
new
JSONObject
();
permission
.
put
(
"authorities"
,
authorities
);
user
.
setPermissionList
(
permission
);
}
@Autowired
@Lazy
private
IBZOUFeignClient
ouFeignClient
;
/**
* 设置用户组织相关信息
* @param user
*/
private
void
setUserOrgInfo
(
AuthenticationUser
user
)
{
Map
<
String
,
Set
<
String
>>
orgInfo
=
ouFeignClient
.
getOUMapsByUserId
(
user
.
getUserid
());
if
(
orgInfo
==
null
)
orgInfo
=
new
HashMap
<>();
//throw new RuntimeException(String.format("获取用户信息失败,请检查用户中心[IBZOU]中是否存在[%s]用户!",user.getLoginname()));
user
.
setOrgInfo
(
orgInfo
);
}
}
\ No newline at end of file
ibzuaa-provider/ibzuaa-provider-api/src/main/java/cn/ibizlab/api/rest/extensions/ClientAuthenticationResource.java
浏览文件 @
e6779e6f
...
@@ -34,21 +34,16 @@ public class ClientAuthenticationResource
...
@@ -34,21 +34,16 @@ public class ClientAuthenticationResource
private
AuthTokenUtil
jwtTokenUtil
;
private
AuthTokenUtil
jwtTokenUtil
;
@Autowired
@Autowired
@Qualifier
(
"
IBZUSER
Service"
)
@Qualifier
(
"
UAAUser
Service"
)
private
AuthenticationUserService
userDetailsService
;
private
AuthenticationUserService
userDetailsService
;
@Autowired
private
IBZOUFeignClient
ouFeignClient
;
@PostMapping
(
value
=
"v7/login"
)
@PostMapping
(
value
=
"v7/login"
)
public
ResponseEntity
<
AuthenticationInfo
>
login
(
@Validated
@RequestBody
AuthorizationLogin
authorizationLogin
){
public
ResponseEntity
<
AuthenticationInfo
>
login
(
@Validated
@RequestBody
AuthorizationLogin
authorizationLogin
){
userDetailsService
.
resetByUsername
(
authorizationLogin
.
getUsername
());
userDetailsService
.
resetByUsername
(
authorizationLogin
.
getUsername
());
AuthenticationUser
user
=
userDetailsService
.
loadUserByLogin
(
authorizationLogin
.
getUsername
(),
authorizationLogin
.
getPassword
());
AuthenticationUser
user
=
userDetailsService
.
loadUserByLogin
(
authorizationLogin
.
getUsername
(),
authorizationLogin
.
getPassword
());
if
(
user
.
getPermissionList
()==
null
)
{
setUserPermission
(
user
);
setUserOrgInfo
(
user
);
}
final
String
token
=
jwtTokenUtil
.
generateToken
(
user
);
final
String
token
=
jwtTokenUtil
.
generateToken
(
user
);
// 返回 token
// 返回 token
return
ResponseEntity
.
ok
().
body
(
new
AuthenticationInfo
(
token
,
user
));
return
ResponseEntity
.
ok
().
body
(
new
AuthenticationInfo
(
token
,
user
));
...
@@ -58,59 +53,14 @@ public class ClientAuthenticationResource
...
@@ -58,59 +53,14 @@ public class ClientAuthenticationResource
public
ResponseEntity
<
AuthenticationUser
>
uaalogin
(
@Validated
@RequestBody
AuthorizationLogin
authorizationLogin
){
public
ResponseEntity
<
AuthenticationUser
>
uaalogin
(
@Validated
@RequestBody
AuthorizationLogin
authorizationLogin
){
userDetailsService
.
resetByUsername
(
authorizationLogin
.
getUsername
());
userDetailsService
.
resetByUsername
(
authorizationLogin
.
getUsername
());
AuthenticationUser
user
=
userDetailsService
.
loadUserByLogin
(
authorizationLogin
.
getUsername
(),
authorizationLogin
.
getPassword
());
AuthenticationUser
user
=
userDetailsService
.
loadUserByLogin
(
authorizationLogin
.
getUsername
(),
authorizationLogin
.
getPassword
());
if
(
user
.
getPermissionList
()==
null
)
{
setUserPermission
(
user
);
setUserOrgInfo
(
user
);
}
return
ResponseEntity
.
ok
().
body
(
user
);
return
ResponseEntity
.
ok
().
body
(
user
);
}
}
@PostMapping
(
value
=
"uaa/loginbyusername"
)
@PostMapping
(
value
=
"uaa/loginbyusername"
)
public
ResponseEntity
<
AuthenticationUser
>
loginByUsername
(
@Validated
@RequestBody
String
username
){
public
ResponseEntity
<
AuthenticationUser
>
loginByUsername
(
@Validated
@RequestBody
String
username
){
//userDetailsService.resetByUsername(authorizationLogin.getUsername());
AuthenticationUser
user
=
userDetailsService
.
loadUserByUsername
(
username
);
AuthenticationUser
user
=
userDetailsService
.
loadUserByUsername
(
username
);
if
(
user
.
getPermissionList
()==
null
)
{
setUserPermission
(
user
);
setUserOrgInfo
(
user
);
}
return
ResponseEntity
.
ok
().
body
(
user
);
return
ResponseEntity
.
ok
().
body
(
user
);
}
}
@Autowired
UAACoreService
uaaCoreService
;
/**
* 设置用户权限
* 由于GrantedAuthority缺少无参构造,导致无法序列化,暂时通过PermissionList中转
* @param user
* @return
*/
public
void
setUserPermission
(
AuthenticationUser
user
)
{
Collection
<
GrantedAuthority
>
userAuthorities
=
uaaCoreService
.
getAuthoritiesByUserId
(
user
.
getUserid
());
Set
<
String
>
authorities
=
AuthorityUtils
.
authorityListToSet
(
userAuthorities
);
if
(
user
.
getSuperuser
()==
1
){
authorities
.
add
(
"ROLE_SUPERADMIN"
);
}
JSONObject
permission
=
new
JSONObject
();
permission
.
put
(
"authorities"
,
authorities
);
user
.
setPermissionList
(
permission
);
}
/**
* 设置用户组织相关信息
* @param user
*/
private
void
setUserOrgInfo
(
AuthenticationUser
user
)
{
Map
<
String
,
Set
<
String
>>
orgInfo
=
ouFeignClient
.
getOUMapsByUserId
(
user
.
getUserid
());
if
(
orgInfo
==
null
)
orgInfo
=
new
HashMap
<>();
//throw new RuntimeException(String.format("获取用户信息失败,请检查用户中心[IBZOU]中是否存在[%s]用户!",user.getLoginname()));
user
.
setOrgInfo
(
orgInfo
);
}
}
}
ibzuaa-util/src/main/java/cn/ibizlab/util/service/IBZUAAUserService.java
浏览文件 @
e6779e6f
...
@@ -17,8 +17,8 @@ import org.springframework.boot.autoconfigure.condition.ConditionalOnExpression;
...
@@ -17,8 +17,8 @@ import org.springframework.boot.autoconfigure.condition.ConditionalOnExpression;
/**
/**
* 实体[IBZUSER] 服务对象接口实现
* 实体[IBZUSER] 服务对象接口实现
*/
*/
@Service
(
"IBZUAAUserService"
)
//
@Service("IBZUAAUserService")
@ConditionalOnExpression
(
"${ibiz.enablePermissionValid:false}||'${ibiz.auth.service:SimpleUserService}'.equals('IBZUAAUserService')"
)
//
@ConditionalOnExpression("${ibiz.enablePermissionValid:false}||'${ibiz.auth.service:SimpleUserService}'.equals('IBZUAAUserService')")
public
class
IBZUAAUserService
implements
AuthenticationUserService
{
public
class
IBZUAAUserService
implements
AuthenticationUserService
{
@Autowired
@Autowired
...
...
ibzuaa-util/src/main/java/cn/ibizlab/util/service/IBZUSERServiceImpl.java
浏览文件 @
e6779e6f
...
@@ -19,8 +19,8 @@ import org.springframework.boot.autoconfigure.condition.ConditionalOnExpression;
...
@@ -19,8 +19,8 @@ import org.springframework.boot.autoconfigure.condition.ConditionalOnExpression;
/**
/**
* 实体[IBZUSER] 服务对象接口实现
* 实体[IBZUSER] 服务对象接口实现
*/
*/
@Primary
//
@Primary
@Service
(
"IBZUSERService"
)
//
@Service("IBZUSERService")
public
class
IBZUSERServiceImpl
extends
ServiceImpl
<
IBZUSERMapper
,
IBZUSER
>
implements
IBZUSERService
,
AuthenticationUserService
{
public
class
IBZUSERServiceImpl
extends
ServiceImpl
<
IBZUSERMapper
,
IBZUSER
>
implements
IBZUSERService
,
AuthenticationUserService
{
@Value
(
"${ibiz.auth.pwencrymode:0}"
)
@Value
(
"${ibiz.auth.pwencrymode:0}"
)
...
...
ibzuaa-util/src/main/java/cn/ibizlab/util/service/SimpleUserService.java
浏览文件 @
e6779e6f
...
@@ -16,8 +16,8 @@ import org.springframework.security.core.authority.AuthorityUtils;
...
@@ -16,8 +16,8 @@ import org.springframework.security.core.authority.AuthorityUtils;
/**
/**
* 实体[IBZUSER] 服务对象接口实现
* 实体[IBZUSER] 服务对象接口实现
*/
*/
@Service
(
"SimpleUserService"
)
//
@Service("SimpleUserService")
@ConditionalOnExpression
(
"(!${ibiz.enablePermissionValid:false})&&'${ibiz.auth.service:SimpleUserService}'.equals('SimpleUserService')"
)
//
@ConditionalOnExpression("(!${ibiz.enablePermissionValid:false})&&'${ibiz.auth.service:SimpleUserService}'.equals('SimpleUserService')")
public
class
SimpleUserService
implements
AuthenticationUserService
{
public
class
SimpleUserService
implements
AuthenticationUserService
{
@Override
@Override
...
...
编辑
预览
Markdown
格式
0%
请重试
or
添加新附件
添加附件
取消
您添加了
0
人
到此讨论。请谨慎行事。
先完成此消息的编辑!
取消
想要评论请
注册
或
登录