Merge remote-tracking branch 'origin/v1' into v1

b06b4190 · 王俊权 · eefea9f2 · 5958805b · b06b4190 · b06b4190
Commit b06b4190 authored Aug 23, 2019 by 王俊权
12 changed files
--- a/pom.xml
+++ b/pom.xml
@@ -55,6 +55,12 @@
            <artifactId>druid-spring-boot-starter</artifactId>
            <version>1.1.5</version>
        </dependency>
+        <dependency>
+            <groupId>org.springframework.boot</groupId>
+            <artifactId>spring-boot-starter-security</artifactId>
+        </dependency>
        <dependency>
            <groupId>org.projectlombok</groupId>
            <artifactId>lombok</artifactId>
@@ -146,7 +152,7 @@
    <build>
        <resources>
            <resource>
-                <directory>${project.ba1dir}/src/main/resources</directory>
+                <directory>${project.basedir}/src/main/resources</directory>
            </resource>
            <resource>
                <directory>${project.build.directory}/generated-resources</directory>

--- a/src/main/java/cn/quantgroup/cashloanflowboss/api/channel/controller/ChannelConfController.java
+++ b/src/main/java/cn/quantgroup/cashloanflowboss/api/channel/controller/ChannelConfController.java
@@ -2,6 +2,7 @@ package cn.quantgroup.cashloanflowboss.api.channel.controller;
 import cn.quantgroup.cashloanflowboss.api.channel.model.ChannelConfVo;
 import cn.quantgroup.cashloanflowboss.api.channel.service.ChannelConfService;
+import cn.quantgroup.cashloanflowboss.component.security.annotiation.Security;
 import cn.quantgroup.cashloanflowboss.core.annotation.ChannelIdInit;
 import cn.quantgroup.cashloanflowboss.core.annotation.CheckChannelRole;
 import cn.quantgroup.cashloanflowboss.core.base.Result;
@@ -32,9 +33,13 @@ public class ChannelConfController {
     * @param pageSize
     * @return
     */
+    @Security(authorityId = "Channel.getChannelInfo")
    @ChannelIdInit
    @PostMapping("/info")
    public Result channelInfo(Long channelId, Integer pageNumber, Integer pageSize) {
+        if (pageNumber == null || pageSize == null) {
+            return Result.buildFial("page信息不对");
+        }
        return Result.buildSuccess(channelConfService.getChannelInfo(pageNumber, pageSize, channelId));
    }

--- a/src/main/java/cn/quantgroup/cashloanflowboss/api/log/controller/LogController.java
+++ b/src/main/java/cn/quantgroup/cashloanflowboss/api/log/controller/LogController.java
@@ -30,7 +30,7 @@ public class LogController {
     * @return
     */
    @PostMapping("/login")
-    public Result<Boolean> login(@RequestBody @Valid LoginFormModel loginFormModel) {
+    public Result<String> login(@RequestBody @Valid LoginFormModel loginFormModel) {
        return new Result<>(ApplicationStatus.SUCCESS, this.logService.login(loginFormModel.getUsername(), loginFormModel.getPassword()));
    }

--- a/src/main/java/cn/quantgroup/cashloanflowboss/api/log/service/LogService.java
+++ b/src/main/java/cn/quantgroup/cashloanflowboss/api/log/service/LogService.java
@@ -36,7 +36,7 @@ public class LogService {
     * @param password 密码（明文）
     * @return
     */
-    public boolean login(String username, String password) {
+    public String login(String username, String password) {
        User user = this.userService.getUser(username);
@@ -61,7 +61,7 @@ public class LogService {
        session.setAttribute(ApplicationDictionary.PRINCIPAL, JSONTools.serialize(principal));
-        return true;
+        return session.getId();
    }

--- a/src/main/java/cn/quantgroup/cashloanflowboss/api/order/controller/OrderController.java
+++ b/src/main/java/cn/quantgroup/cashloanflowboss/api/order/controller/OrderController.java
@@ -4,6 +4,7 @@ import cn.quantgroup.cashloanflowboss.api.order.model.ApproveVo;
 import cn.quantgroup.cashloanflowboss.api.order.model.LendingFormModel;
 import cn.quantgroup.cashloanflowboss.api.order.model.OrderVo;
 import cn.quantgroup.cashloanflowboss.api.order.service.OrderService;
+import cn.quantgroup.cashloanflowboss.component.security.annotiation.Security;
 import cn.quantgroup.cashloanflowboss.core.annotation.ChannelIdInit;
 import cn.quantgroup.cashloanflowboss.core.annotation.CheckChannelRole;
 import cn.quantgroup.cashloanflowboss.core.annotation.CheckChannelRoleByChannelOrderNumber;
@@ -37,10 +38,14 @@ public class OrderController {
     * @param pageSize
     * @return 返回中包含当前订单可操作的 button
     */
+    @Security(authorityId = "Order.getOrderList")
    @ChannelIdInit
    @CheckChannelRole
-    @GetMapping("/info")
+    @GetMapping("/list")
    public Result getOrders(Long channelId, String channelOrderNumber, Integer pageNumber, Integer pageSize) {
+        if (pageNumber == null || pageSize == null) {
+            return Result.buildFial("page信息不对");
+        }
        return Result.buildSuccess(orderService.getOrders(channelId, channelOrderNumber, pageNumber, pageSize));
    }

--- a/src/main/java/cn/quantgroup/cashloanflowboss/api/order/model/OrderVo.java
+++ b/src/main/java/cn/quantgroup/cashloanflowboss/api/order/model/OrderVo.java
@@ -36,7 +36,7 @@ public class OrderVo {
        cancel("贷前关单"),
        pay_succ("放款成功"),
        pay_fail("放款失败"),
-        withdraw2_succ("二次提现成功"),
+        withdraw_second("存管提现"),
        cancel_after("贷后关单");
        OptButtonAction(String desc) {

--- a/src/main/java/cn/quantgroup/cashloanflowboss/api/order/service/OrderService.java
+++ b/src/main/java/cn/quantgroup/cashloanflowboss/api/order/service/OrderService.java
@@ -111,6 +111,7 @@ public class OrderService {
            orderVo.setChannelId(it.getRegisteredFrom());
            orderVo.setChannelOrderNumber(it.getChannelOrderNo());
            orderVo.setCreatedAt(it.getCreatedAt().getTime());
+            if (StringUtils.isNotEmpty(it.getApplyNo())) {
                OrderApprove orderApprove = orderApproveRepository.findByCreditNumber(it.getApplyNo());
@@ -126,6 +127,12 @@ public class OrderService {
                } else {
                    orderVo.setMessage("订单查询错误");
                }
+            } else {
+                orderVo.setStatus("授信中");
+                orderVo.setOpt(new ArrayList<>());
+                orderVo.setMessage("");
+            }
            return orderVo;
        });
    }

--- a/src/main/java/cn/quantgroup/cashloanflowboss/api/order/util/OrderUtil.java
+++ b/src/main/java/cn/quantgroup/cashloanflowboss/api/order/util/OrderUtil.java
@@ -80,6 +80,10 @@ public class OrderUtil {
                            cancelAfterButton.setAction(OrderVo.OptButtonAction.cancel_after.name());
                            cancelAfterButton.setName(OrderVo.OptButtonAction.cancel_after.getDesc());
                            buttonList.add(cancelAfterButton);
+                            OrderVo.OptButton withdrawSecondButton = new OrderVo.OptButton();
+                            withdrawSecondButton.setAction(OrderVo.OptButtonAction.withdraw_second.name());
+                            withdrawSecondButton.setName(OrderVo.OptButtonAction.withdraw_second.getDesc());
+                            buttonList.add(withdrawSecondButton);
                        } else {
                            tuple.setKey("放款成功");
                        }

--- a/src/main/java/cn/quantgroup/cashloanflowboss/core/aspect/RoleLoadAspect.java
+++ b/src/main/java/cn/quantgroup/cashloanflowboss/core/aspect/RoleLoadAspect.java
@@ -2,6 +2,7 @@ package cn.quantgroup.cashloanflowboss.core.aspect;
 import cn.quantgroup.cashloanflowboss.api.channel.model.ChannelConfVo;
 import cn.quantgroup.cashloanflowboss.api.channel.util.ChannelConfUtil;
+import cn.quantgroup.cashloanflowboss.api.log.model.Principal;
 import cn.quantgroup.cashloanflowboss.core.Application;
 import cn.quantgroup.cashloanflowboss.core.annotation.ChannelIdInit;
 import cn.quantgroup.cashloanflowboss.core.annotation.CheckChannelRole;
@@ -57,20 +58,31 @@ public class RoleLoadAspect {
        MethodSignature methodSignature = (MethodSignature) pjp.getSignature();
        Method method = methodSignature.getMethod();
+        Principal principal = Application.getPrincipal();
+        if (principal == null) {
+            try {
+                // 没有登录 登录检查控制
+                return pjp.proceed(args);
+            } catch (Throwable throwable) {
+                log.error("请求失败，e={}", ExceptionUtils.getStackTrace(throwable));
+                return Result.buildFial();
+            }
+        }
        // 如果是渠道用户登陆 默认加载channelId
        ChannelIdInit annotation = method.getAnnotation(ChannelIdInit.class);
-        if (annotation != null && Application.getPrincipal().isChannel()) {
+        if (annotation != null && principal.isChannel()) {
            String[] paramNames = ((CodeSignature) pjp.getSignature()).getParameterNames();
            for (int i = 0; i < paramNames.length; i++) {
                if (ChannelConfUtil.channelIdParamName.equals(paramNames[i])) {
-                    args[i] = Application.getPrincipal().getChannelId();
+                    args[i] = principal.getChannelId();
                }
            }
        }
        // 如果是渠道用户登陆，参数中channelId 不是登陆用户channelId，返回 拒绝请求
        CheckChannelRole checkChannelRole = method.getAnnotation(CheckChannelRole.class);
-        if (checkChannelRole != null && Application.getPrincipal().isChannel()) {
+        if (checkChannelRole != null && principal.isChannel()) {
            Long requestChannelId = -1L;
            if (!checkChannelRole.isObjParam()) {
                String[] paramNames = ((CodeSignature) pjp.getSignature()).getParameterNames();
@@ -84,7 +96,7 @@ public class RoleLoadAspect {
                            return Result.buildFial(ApplicationStatus.ARGUMENT_VALID_EXCEPTION);
                        }
                        requestChannelId = Long.valueOf(String.valueOf(requestChannelIdObj));
-                        if (!Application.getPrincipal().isSameChannel(requestChannelId)) {
+                        if (!principal.isSameChannel(requestChannelId)) {
                            log.info("[CheckChannelRole]渠道用户，登陆channelId与查询channelId不是同一个");
                            return Result.buildFial(ApplicationStatus.INVALID_AUTHORITY);
                        }
@@ -102,7 +114,7 @@ public class RoleLoadAspect {
                    requestChannelId = channelIdTemp;
                }
            }
-            if (!Application.getPrincipal().isSameChannel(requestChannelId)) {
+            if (!principal.isSameChannel(requestChannelId)) {
                log.info("[CheckChannelRole]渠道用户，登陆channelId与查询channelId不是同一个");
                return Result.buildFial(ApplicationStatus.INVALID_AUTHORITY);
            }
@@ -111,7 +123,7 @@ public class RoleLoadAspect {
        // 如果是渠道用户登陆，参数中channelOrderNumber 不是登陆用户channelOrderNumber，返回 拒绝请求
        CheckChannelRoleByChannelOrderNumber checkChannelRoleByChannelOrderNumber = method.getAnnotation(CheckChannelRoleByChannelOrderNumber.class);
-        if (checkChannelRoleByChannelOrderNumber != null && Application.getPrincipal().isChannel()) {
+        if (checkChannelRoleByChannelOrderNumber != null && principal.isChannel()) {
            String[] paramNames = ((CodeSignature) pjp.getSignature()).getParameterNames();
            String channelOrderNumber = "";
            for (int i = 0; i < paramNames.length; i++) {
@@ -128,7 +140,7 @@ public class RoleLoadAspect {
                log.info("[CheckChannelRoleByChannelOrderNumber]无channelOrderNumber数据，channelOrderNumber={}",channelOrderNumber);
                return Result.buildFial(ApplicationStatus.ARGUMENT_VALID_EXCEPTION, "未找到该订单");
            }
-            if (!clfOrderMapping.getRegisteredFrom().equals(Application.getPrincipal().getChannelId())) {
+            if (!clfOrderMapping.getRegisteredFrom().equals(principal.getChannelId())) {
                log.info("[CheckChannelRoleByChannelOrderNumber]不是该渠道的订单，channelOrderNumber={}",channelOrderNumber);
                return Result.buildFial(ApplicationStatus.INVALID_AUTHORITY);
            }

--- a/src/main/java/cn/quantgroup/cashloanflowboss/core/configuration/CorsConfiguration.java
+++ b/src/main/java/cn/quantgroup/cashloanflowboss/core/configuration/CorsConfiguration.java
+package cn.quantgroup.cashloanflowboss.core.configuration;
+import org.springframework.context.annotation.Configuration;
+import org.springframework.web.servlet.config.annotation.CorsRegistry;
+import org.springframework.web.servlet.config.annotation.WebMvcConfigurerAdapter;
+/**
+ * function:
+ * date: 2019/8/20
+ *
+ * @author: suntao
+ */
+@Configuration
+public class CorsConfiguration extends WebMvcConfigurerAdapter {
+    @Override
+    public void addCorsMappings(CorsRegistry registry) {
+        registry.addMapping("/**")
+                .allowedOrigins("*")
+                .allowedMethods("GET", "HEAD", "POST", "PUT", "PATCH", "DELETE", "OPTIONS", "TRACE")
+                .allowCredentials(true);
+    }
+}
--- a/src/main/java/cn/quantgroup/cashloanflowboss/core/configuration/TomcatConfiguration.java
+++ b/src/main/java/cn/quantgroup/cashloanflowboss/core/configuration/TomcatConfiguration.java
+package cn.quantgroup.cashloanflowboss.core.configuration;
+import org.apache.tomcat.util.http.LegacyCookieProcessor;
+import org.springframework.boot.context.embedded.EmbeddedServletContainerCustomizer;
+import org.springframework.boot.context.embedded.tomcat.TomcatContextCustomizer;
+import org.springframework.boot.context.embedded.tomcat.TomcatEmbeddedServletContainerFactory;
+import org.springframework.context.annotation.Bean;
+import org.springframework.context.annotation.Configuration;
+/**
+ * Created by WeiWei on 2019/8/21.
+ */
+@Configuration
+public class TomcatConfiguration {
+    @Bean
+    public EmbeddedServletContainerCustomizer cookieProcessorCustomizer() {
+        return container -> {
+            if (container instanceof TomcatEmbeddedServletContainerFactory) {
+                ((TomcatEmbeddedServletContainerFactory) container).addContextCustomizers((TomcatContextCustomizer) context -> context.setCookieProcessor(new LegacyCookieProcessor()));
+            }
+        };
+    }
+}
--- a/src/main/resources/logback-pro.xml
+++ b/src/main/resources/logback-pro.xml
@@ -16,12 +16,12 @@
            <pattern>${FILE_LOG_PATTERN}</pattern>
        </encoder>
    </appender>
-    <appender name="Sentry" class="cn.quantgroup.sentry.appender.StandardSentryAppender">
+    <!--<appender name="Sentry" class="cn.quantgroup.sentry.appender.StandardSentryAppender">-->
-        <filter class="ch.qos.logback.classic.filter.ThresholdFilter">
+        <!--<filter class="ch.qos.logback.classic.filter.ThresholdFilter">-->
-            <level>ERROR</level>
+            <!--<level>ERROR</level>-->
-            <!-- level:基本建议ERROR or WARN -->
+            <!--&lt;!&ndash; level:基本建议ERROR or WARN &ndash;&gt;-->
-        </filter>
+        <!--</filter>-->
-    </appender>
+    <!--</appender>-->
    <logger name="org.springframework" level="warn"/>
    <logger name="org.hibernate" level="warn"/>
@@ -31,7 +31,7 @@
    <logger name="cn.quantgroup.user.UserSdkServiceImpl" level="warn"/>
    <root level="info">
        <appender-ref ref="FILE"/>
-        <appender-ref ref="Sentry"/>
+        <!--<appender-ref ref="Sentry"/>-->
    </root>
 </configuration>
\ No newline at end of file