PM20230220027_Service.git

			@@ -1,9 +1,7 @@
			package com.moon.server.service.sys;

			import com.alibaba.fastjson.JSON;
			import com.moon.server.entity.all.HttpStatus;
			import com.moon.server.entity.all.ResponseMsg;
			import com.moon.server.entity.all.StaticData;
			import com.moon.server.entity.all.*;
			import com.moon.server.entity.sys.ResEntity;
			import com.moon.server.entity.sys.ResLogEntity;
			import com.moon.server.entity.sys.TokenEntity;
			@@ -14,6 +12,7 @@
			import com.moon.server.helper.WebHelper;
			import com.moon.server.interceptor.AuthInterceptor;
			import com.moon.server.service.all.PermsService;
			import com.moon.server.service.all.RedisService;
			import com.moon.server.service.all.SysService;
			import org.springframework.stereotype.Service;

			@@ -22,6 +21,7 @@
			import javax.servlet.http.HttpServletResponse;
			import java.util.List;
			import java.util.TimerTask;
			import java.util.concurrent.TimeUnit;

			/**
			* 代理服务类
			@@ -30,6 +30,8 @@
			*/
			@Service
			public class ProxyService {
			@Resource
			RedisService redisService;

			@Resource
			private SysService sysService;
			@@ -45,35 +47,45 @@
			/**
			* URL代理
			*/
			public void proxyUrl(String token, int resId, HttpServletRequest req, HttpServletResponse res) throws Exception {
			public void proxyUrl(String token, int resId, boolean isRest, HttpServletRequest req, HttpServletResponse res) throws Exception {
			// 3.获取用户
			UserEntity ue = getUser(res, token);
			UserEntity ue = getUser(req, res, token);
			if (null == ue) {
			return;
			}

			// 9.获取资源实体
			// 9.获取资源实体，status：0-禁用，1-启用原始地址，2-启用代理地址
			ResEntity entity = getResEntity(ue, resId);
			if (null == entity) {
			if (null == entity \|\| StaticData.I1 > entity.getStatus() \|\| StringHelper.isNull(entity.getProxy()) \|\| StringHelper.isNull(entity.getUrl())) {
			WebHelper.writeStr2Page(res, ILLEGAL_RESOURCE);
			return;
			}

			insertLog(req, ue, resId);

			String url = getSourceUrl(req, entity, token);
			forward(req, res, url);
			String url = getUrl(req, ue, entity, token, isRest);
			res.setHeader("token", token);
			forward(req, res, entity, url);
			}

			/**
			* 获取用户
			*/
			private UserEntity getUser(HttpServletResponse res, String token) {
			private UserEntity getUser(HttpServletRequest req, HttpServletResponse res, String token) {
			String key = RedisCacheKey.permsProxy(token);
			Object obj = redisService.get(key);
			if (obj instanceof UserEntity) {
			return (UserEntity) obj;
			}

			UserEntity ue = sysService.tokenService.getUserByToken(token);
			if (ue == null) {
			if (null == ue) {
			WebHelper.writeStr2Page(res, AuthInterceptor.NO_LOGIN);
			return null;
			}
			if (!check(req, res, ue, token)) {
			return null;
			}

			redisService.put(key, ue, SettingData.CACHE_EXPIRE, TimeUnit.MINUTES);

			return ue;
			}
			@@ -87,25 +99,20 @@
			if (StringHelper.isEmpty(ip)) {
			return WebHelper.writeStr2Page(res, AuthInterceptor.IP_NULL);
			}

			// 5.检查黑名单
			if (!checkBlackList(ip, req)) {
			return WebHelper.writeStr2Page(res, AuthInterceptor.BLACK_LIST);
			}

			// 6.admin跳过权限检测
			if (StaticData.ADMIN.equals(ue.getUid())) {
			return true;
			}

			// 7.检查白名单
			// 7.检查白名单和IP一致性
			if (!checkWhiteList(ip, req)) {
			// 检查IP一致性
			if (!checkIpSource(ip, token)) {
			return WebHelper.writeStr2Page(res, AuthInterceptor.ILLEGAL_TOKEN);
			}
			}

			// 8.检查用户ID是否禁用
			if (sysService.tokenService.isUidDisable(ue)) {
			return WebHelper.writeStr2Page(res, AuthInterceptor.USER_LOCK);
			@@ -122,11 +129,8 @@
			if (blackList == null \|\| blackList.isEmpty()) {
			return true;
			}
			if (blackList.contains(ip)) {
			return false;
			}

			return true;
			return !blackList.contains(ip);
			}

			/**
			@@ -142,24 +146,22 @@
			}

			/**
			* 检查IP一致性
			* 检查IP一致性：固定令牌不检查
			*/
			private boolean checkIpSource(String ip, String token) {
			TokenEntity te = sysService.tokenService.getEntityByToken(token);

			return te.getIp().equals(ip);
			return StaticData.I1 == te.getType() \|\| te.getIp().equals(ip);
			}

			/**
			* 检查资源权限
			*/
			private ResEntity getResEntity(UserEntity ue, int resId) {
			String uid = StaticData.ADMIN.equals(ue.getUid()) ? null : ue.getUid();
			List<ResEntity> rs = permsService.selectResList(uid);
			List<ResEntity> rs = StaticData.ADMIN.equals(ue.getUid()) ? permsService.selectAllRes() : permsService.selectRes(ue.getUid());
			if (null == rs \|\| rs.isEmpty()) {
			return null;
			}

			// List<ResEntity> list = rs.stream().filter(resEntity -> resEntity.getId() == resId).collect(Collectors.toList())
			for (ResEntity entity : rs) {
			if (resId == entity.getId()) {
			@@ -220,20 +222,85 @@
			}

			/**
			* 获取原始Url
			* 获取Url
			*/
			private String getSourceUrl(HttpServletRequest req, ResEntity entity, String token) {
			private String getUrl(HttpServletRequest req, UserEntity ue, ResEntity entity, String token, boolean isRest) {
			String proxyUrl = entity.getProxy().replace("{token}", token);
			int end = req.getRequestURL().indexOf(proxyUrl) + proxyUrl.length();

			return entity.getUrl() + req.getRequestURL().substring(end);
			String url = entity.getUrl().trim() + req.getRequestURL().substring(end);
			// category：0-其他，1-GisServer，2-GeoServer，3-数简
			if (StaticData.I2 == entity.getCategory()) {
			url = getGeoServerUrl(req, ue, entity, url);
			} else if (StaticData.I3 == entity.getCategory()) {
			if (null != req.getQueryString()) {
			url = url + (url.contains("?") ? "&" : "?") + req.getQueryString();
			}
			if (isRest) {
			url = url.replace("/v6/wmts/", "/v6/rest/");
			}
			if (!StringHelper.isNull(entity.getArgs())) {
			url = url + (url.contains("?") ? "&" : "?") + entity.getArgs();
			}
			}

			return url;
			}

			/**
			* 获取GeoServer地址
			*/
			private String getGeoServerUrl(HttpServletRequest req, UserEntity ue, ResEntity entity, String url) {
			if (null == req.getQueryString()) {
			return url;
			}

			String str = req.getQueryString();
			boolean isLower = str.contains(StaticData.SERVICE);
			String layersKey = isLower ? StaticData.LAYERS : StaticData.LAYERS.toUpperCase();
			String layers = req.getParameter(layersKey);
			String request = req.getParameter(isLower ? StaticData.REQUEST : StaticData.REQUEST.toUpperCase());
			if (!StaticData.GET_CAPABILITIES.equals(request)) {
			int start = str.indexOf(layersKey);
			int end = str.indexOf("&", start);
			layers = filterGeoLayers(ue, layers);

			str = str.replace(str.substring(start, end > -1 ? end : str.length()), layersKey + "=" + layers);
			} else {
			List<String> tabs = StaticData.ADMIN.equals(ue.getUid()) ? permsService.selectAllTabs() : permsService.selectTabs(ue.getUid());
			entity.setTab(null == tabs ? "" : StringHelper.join(tabs, ","));
			entity.setBak(StaticData.GET_CAPABILITIES);
			}

			return url + (url.contains("?") ? "&" : "?") + str;
			}

			/**
			* 过滤GeoServer图层
			*/
			private String filterGeoLayers(UserEntity ue, String layers) {
			List<String> tabs = StaticData.ADMIN.equals(ue.getUid()) ? permsService.selectAllTabs() : permsService.selectTabs(ue.getUid());
			if (null == tabs \|\| tabs.isEmpty() \|\| StringHelper.isEmpty(layers)) {
			return "";
			}

			StringBuilder sb = new StringBuilder();
			String[] strs = layers.split(StaticData.COMMA);
			for (String str : strs) {
			if (tabs.contains(str)) {
			sb.append(str).append(",");
			}
			}
			sb.deleteCharAt(sb.length() - 1);

			return sb.toString();
			}

			/**
			* 转发请求
			*/
			private void forward(HttpServletRequest request, HttpServletResponse response, String url) throws Exception {
			private void forward(HttpServletRequest request, HttpServletResponse response, ResEntity entity, String url) throws Exception {
			HttpHelper httpHelper = new HttpHelper();
			httpHelper.service(request, response, url, null);
			httpHelper.service(request, response, entity, url);
			}
			}