Skip to content

C
cash-loan-flow-boss
Commit b387cf5d authored by WeiWei's avatar WeiWei
Browse files
Options

更换权限认证策略

parent 2d60d91b
Show whitespace changes
Inline Side-by-side
Showing with 139 additions and 17 deletions
src/main/java/cn/quantgroup/cashloanflowboss/api/log/controller/LogController.java
View file @ b387cf5d
......@@ -2,7 +2,6 @@ package cn.quantgroup.cashloanflowboss.api.log.controller;
import cn.quantgroup.cashloanflowboss.api.log.model.LoginFormModel;
import cn.quantgroup.cashloanflowboss.api.log.service.LogService;
import cn.quantgroup.cashloanflowboss.component.security.Power;
import cn.quantgroup.cashloanflowboss.component.security.annotiation.Security;
import cn.quantgroup.cashloanflowboss.core.base.Result;
import cn.quantgroup.cashloanflowboss.core.dictionary.ApplicationStatus;
......@@ -39,7 +38,7 @@ public class LogController {
*
* @return
*/
@Security(authorityId = "Log.logout", power = Power.CREATE)
@Security(authorityId = "Log.logout")
@DeleteMapping("/logout")
public Result<Boolean> logout() {
return new Result<>(ApplicationStatus.SUCCESS, this.logService.logout());
......
src/main/java/cn/quantgroup/cashloanflowboss/api/log/service/LogService.java
View file @ b387cf5d
......@@ -3,7 +3,7 @@ package cn.quantgroup.cashloanflowboss.api.log.service;
import cn.quantgroup.cashloanflowboss.api.user.dictionary.UserStatus;
import cn.quantgroup.cashloanflowboss.api.user.entity.User;
import cn.quantgroup.cashloanflowboss.api.user.service.UserService;
import cn.quantgroup.cashloanflowboss.component.security.Power;
import cn.quantgroup.cashloanflowboss.component.security.Authority;
import cn.quantgroup.cashloanflowboss.core.asserts.Assert;
import cn.quantgroup.cashloanflowboss.core.dictionary.ApplicationDictionary;
import cn.quantgroup.cashloanflowboss.core.dictionary.ApplicationStatus;
......@@ -51,8 +51,8 @@ public class LogService {
Assert.isFalse(user.getPassword().equalsIgnoreCase(MD5Tools.md5(password)), ApplicationStatus.USERNAME_OR_PASSWORD_ERROR);
HttpSession session = this.request.getSession(true);
session.setAttribute(ApplicationDictionary.SECURITY_KEY, JSONTools.serialize(new HashMap<String, Power>() {{
put("Log.logout", Power.CREATE);
session.setAttribute(ApplicationDictionary.SECURITY_KEY, JSONTools.serialize(new HashMap<String, Authority>() {{
put("Log.logout", Authority.CREATE);
}}));
return true;
......
src/main/java/cn/quantgroup/cashloanflowboss/api/role/entity/Permission.java 0 → 100644
View file @ b387cf5d
package cn.quantgroup.cashloanflowboss.api.role.entity;
import cn.quantgroup.cashloanflowboss.component.security.Authority;
import lombok.Data;
import java.util.List;
/**
* Created by WeiWei on 2019/7/30.
*/
@Data
public class Permission {
/**
* 授权ID
*/
private String id;
/**
* 权利
*/
private List<Authority> authorities;
}
src/main/java/cn/quantgroup/cashloanflowboss/api/role/entity/Role.java 0 → 100644
View file @ b387cf5d
package cn.quantgroup.cashloanflowboss.api.role.entity;
import cn.quantgroup.cashloanflowboss.component.security.Authority;
import cn.quantgroup.cashloanflowboss.core.persistence.Primary;
import lombok.Data;
import javax.persistence.Entity;
import javax.persistence.Table;
import java.util.List;
/**
* Created by WeiWei on 2019/7/30.
*/
@Data
@Entity
@Table(name = "role")
public class Role extends Primary {
/**
* 父角色
*/
private Role parent;
/**
* 角色名称
*/
private String name;
/**
* 授权列表
*/
private List<Authority> authorities;
}
src/main/java/cn/quantgroup/cashloanflowboss/api/role/repository/RoleRepository.java 0 → 100644
View file @ b387cf5d
package cn.quantgroup.cashloanflowboss.api.role.repository;
import org.springframework.stereotype.Repository;
/**
* Created by WeiWei on 2019/7/30.
*/
@Repository
public interface RoleRepository {
}
src/main/java/cn/quantgroup/cashloanflowboss/api/user/controller/UserController.java
View file @ b387cf5d
......@@ -7,6 +7,7 @@ import cn.quantgroup.cashloanflowboss.api.user.service.UserService;
import cn.quantgroup.cashloanflowboss.component.security.Power;
import cn.quantgroup.cashloanflowboss.component.security.annotiation.Security;
import cn.quantgroup.cashloanflowboss.component.validator.constraints.NotEmpty;
import cn.quantgroup.cashloanflowboss.component.validator.constraints.NotEmpty;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.data.domain.Page;
import org.springframework.web.bind.annotation.*;
......
src/main/java/cn/quantgroup/cashloanflowboss/component/security/Authority.java 0 → 100644
View file @ b387cf5d
package cn.quantgroup.cashloanflowboss.component.security;
/**
* Created by WeiWei on 2019/7/26.
*/
public enum Authority {
/**
* 新建
*/
CREATE,
/**
* 读取
*/
READ,
/**
* 更新
*/
UPDATE,
/**
* 删除
*/
DELETE
}
src/main/java/cn/quantgroup/cashloanflowboss/component/security/SecurityHandler.java
View file @ b387cf5d
......@@ -8,7 +8,5 @@ import org.aopalliance.intercept.MethodInvocation;
* Created by WeiWei on 2018/12/24.
*/
public interface SecurityHandler {
boolean doAuthentication(final MethodInvocation invocation, String authorityId, Power[] power) throws Throwable;
boolean doAuthentication(final MethodInvocation invocation, String authorityId, Authority[] authority) throws Throwable;
}
\ No newline at end of file
src/main/java/cn/quantgroup/cashloanflowboss/component/security/SecurityInterceptor.java
View file @ b387cf5d
......@@ -18,7 +18,7 @@ public class SecurityInterceptor extends ApplicationObjectSupport implements Met
Security security = invocation.getMethod().getAnnotation(Security.class);
if (!this.getApplicationContext().getBean(SecurityHandler.class).doAuthentication(invocation, security.authorityId(), security.power())) {
if (!this.getApplicationContext().getBean(SecurityHandler.class).doAuthentication(invocation, security.authorityId(), security.authorities())) {
throw new ApplicationException("认证失败");
}
......
src/main/java/cn/quantgroup/cashloanflowboss/component/security/annotiation/Security.java
View file @ b387cf5d
package cn.quantgroup.cashloanflowboss.component.security.annotiation;
import cn.quantgroup.cashloanflowboss.component.security.Power;
import cn.quantgroup.cashloanflowboss.component.security.Authority;
import java.lang.annotation.ElementType;
import java.lang.annotation.Retention;
......@@ -28,6 +28,6 @@ public @interface Security {
*
* @return
*/
Power[] power() default {};
Authority[] authorities() default {};
}
\ No newline at end of file
src/main/java/cn/quantgroup/cashloanflowboss/core/configuration/ApplicationSecurityConfiguration.java
View file @ b387cf5d
package cn.quantgroup.cashloanflowboss.core.configuration;
import cn.quantgroup.cashloanflowboss.component.security.Power;
import cn.quantgroup.cashloanflowboss.api.role.entity.Permission;
import cn.quantgroup.cashloanflowboss.component.security.Authority;
import cn.quantgroup.cashloanflowboss.component.security.SecurityHandler;
import cn.quantgroup.cashloanflowboss.core.asserts.Assert;
import cn.quantgroup.cashloanflowboss.core.dictionary.ApplicationDictionary;
import cn.quantgroup.cashloanflowboss.core.dictionary.ApplicationStatus;
import cn.quantgroup.cashloanflowboss.utils.JSONTools;
import com.fasterxml.jackson.core.type.TypeReference;
import org.aopalliance.intercept.MethodInvocation;
......@@ -12,7 +15,7 @@ import org.springframework.context.annotation.Configuration;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpSession;
import java.util.Arrays;
import java.util.Map;
import java.util.List;
import java.util.Objects;
/**
......@@ -25,12 +28,26 @@ public class ApplicationSecurityConfiguration implements SecurityHandler {
private HttpServletRequest request;
@Override
public boolean doAuthentication(MethodInvocation invocation, String authorityId, Power[] power) throws Throwable {
public boolean doAuthentication(MethodInvocation invocation, String authorityId, Authority[] authority) throws Throwable {
HttpSession session = this.request.getSession();
Map<String, Power> permissions = JSONTools.deserialize(String.valueOf(session.getAttribute(ApplicationDictionary.SECURITY_KEY)), new TypeReference<Map<String, Power>>() {});
// 获取Session
HttpSession session = this.request.getSession(false);
return Objects.nonNull(permissions) && permissions.containsKey(authorityId) && Arrays.asList(power).contains(permissions.get(authorityId));
// 检查是否已登录
Assert.isNull(session.getAttribute(ApplicationDictionary.SECURITY_KEY), ApplicationStatus.AUTHENTICATION_FAILURE);
// 读取Session授权内容
List<Permission> permissions = JSONTools.deserialize(String.valueOf(session.getAttribute(ApplicationDictionary.SECURITY_KEY)), new TypeReference<List<Permission>>() {});
if (Objects.nonNull(permissions)) {
Permission permission = permissions.parallelStream().filter(p2 -> p2.getId().equals(authorityId)).findFirst().orElseThrow(ApplicationStatus.INVALID_AUTHORITY::throwException);
return !(Objects.isNull(permission.getAuthorities()) || permission.getAuthorities().isEmpty()) && permission.getAuthorities().parallelStream().anyMatch(a -> Arrays.asList(authority).contains(a));
}
return false;
}
......
src/main/java/cn/quantgroup/cashloanflowboss/core/dictionary/ApplicationStatus.java
View file @ b387cf5d
package cn.quantgroup.cashloanflowboss.core.dictionary;
import cn.quantgroup.cashloanflowboss.core.exception.ApplicationException;
import lombok.Getter;
/**
......@@ -24,6 +25,8 @@ public enum ApplicationStatus implements Status<ApplicationStatus> {
JSON_DATA_EXCEPTION(500005, "无效的JSON数据"),
INVALID_AUTHORITY(501001, "无效的授权"),
INVALID_USER(501001, "无效的用户"),
DISABLED_USER(501002, "用户已被禁用"),
......@@ -42,4 +45,11 @@ public enum ApplicationStatus implements Status<ApplicationStatus> {
this.status = this;
}
/**
* 抛出本状态异常
*/
public ApplicationException throwException() {
throw new ApplicationException(this);
}
}
src/main/java/cn/quantgroup/cashloanflowboss/core/dictionary/Status.java
View file @ b387cf5d
......@@ -30,4 +30,5 @@ public interface Status<T> {
*/
Status<T> getStatus();
}
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment