PM20230220027_Service.git

13693261870

2023-07-11 afbc6e46578c4f2c42cf213b354ab0a0b545fc07

已修改4个文件

	src/main/java/com/moon/server/interceptor/ProxyFilter.java	36 ●●●●● 补丁 \| 查看 \| 原始文档 \| blame \| 历史
	src/main/java/com/moon/server/mapper/all/PermsMapper.java	3 ●●●●● 补丁 \| 查看 \| 原始文档 \| blame \| 历史
	src/main/java/com/moon/server/service/all/PermsService.java	7 ●●●●● 补丁 \| 查看 \| 原始文档 \| blame \| 历史
	src/main/resources/mapper/all/PermsMapper.xml	4 ●●●●● 补丁 \| 查看 \| 原始文档 \| blame \| 历史

 src/main/java/com/moon/server/interceptor/ProxyFilter.java

@@ -4,6 +4,7 @@
import com.moon.server.entity.all.HttpStatus;
import com.moon.server.entity.all.ResponseMsg;
import com.moon.server.entity.all.StaticData;
import com.moon.server.entity.sys.ResEntity;
import com.moon.server.entity.sys.ResLogEntity;
import com.moon.server.entity.sys.TokenEntity;
import com.moon.server.entity.sys.UserEntity;
@@ -67,12 +68,19 @@
            }

            int resId = getResId(req.getRequestURI(), LEN + token.length() + 1);
            if (!check(req, res, ue, token, resId)) {
            if (!check(req, res, ue, token)) {
                return;
            }

            // 9.获取资源实体
            ResEntity entity = getResEntity(ue, resId);
            if (null == entity) {
                WebHelper.writeStr2Page(res, ILLEGAL_RESOURCE);
                return;
            }

            insertLog(req, ue, resId);
            String url = getSourceUrl(req, resId);
            String url = getSourceUrl(req, entity);
            proxy(req, res, url);
        } catch (Exception ex) {
            log.error(ex.getMessage(), ex);
@@ -116,7 +124,7 @@
    /**
     * 检查
     */
    private boolean check(HttpServletRequest req, HttpServletResponse res, UserEntity ue, String token, int resId) {
    private boolean check(HttpServletRequest req, HttpServletResponse res, UserEntity ue, String token) {
        // 4.获取IP
        String ip = WebHelper.getIpAddress(req);
        if (StringHelper.isEmpty(ip)) {
@@ -126,11 +134,6 @@
        // 5.检查黑名单
        if (!checkBlackList(ip, req)) {
            return WebHelper.writeStr2Page(res, AuthInterceptor.BLACK_LIST);
        }

        // 9.检查资源权限
        if (!checkResPerms(ue, resId)) {
            return WebHelper.writeStr2Page(res, ILLEGAL_RESOURCE);
        }

        // 6.admin跳过权限检测
@@ -193,14 +196,21 @@
    /**
     * 检查资源权限
     */
    private boolean checkResPerms(UserEntity ue, int resId) {
    private ResEntity getResEntity(UserEntity ue, int resId) {
        String uid = StaticData.ADMIN.equals(ue.getUid()) ? null : ue.getUid();
        List<Integer> rs = permsService.selectResList(uid);
        List<ResEntity> rs = permsService.selectResList(uid);
        if (null == rs || rs.isEmpty()) {
            return false;
            return null;
        }

        return rs.contains(resId);
        // List<ResEntity> list = rs.stream().filter(resEntity -> resEntity.getId() == resId).collect(Collectors.toList());
        for (ResEntity entity : rs) {
            if (resId == entity.getId()) {
                return entity;
            }
        }

        return null;
    }

    /**
@@ -255,7 +265,7 @@
    /**
     * 获取原始Url
     */
    private String getSourceUrl(HttpServletRequest req, int resId) {
    private String getSourceUrl(HttpServletRequest req, ResEntity entity) {

        return "";
    }

 src/main/java/com/moon/server/mapper/all/PermsMapper.java

@@ -4,6 +4,7 @@
import com.moon.server.entity.all.PermsAuthEntity;
import com.moon.server.entity.all.ResAuthEntity;
import com.moon.server.entity.sys.MenuEntity;
import com.moon.server.entity.sys.ResEntity;
import org.apache.ibatis.annotations.Mapper;
import org.springframework.stereotype.Repository;

@@ -30,7 +31,7 @@
     * @param uid
     * @return
     */
    public List<Integer> selectResList(String uid);
    public List<ResEntity> selectResList(String uid);

    /**
     * 根据用户Uid查询菜单授权

 src/main/java/com/moon/server/service/all/PermsService.java

@@ -2,6 +2,7 @@

import com.moon.server.entity.all.*;
import com.moon.server.entity.sys.MenuEntity;
import com.moon.server.entity.sys.ResEntity;
import com.moon.server.mapper.all.PermsMapper;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.stereotype.Service;
@@ -38,14 +39,14 @@
    }

    @Override
    public List<Integer> selectResList(String uid) {
    public List<ResEntity> selectResList(String uid) {
        String key = RedisCacheKey.permsResListKey(uid);
        Object obj = redisService.get(key);
        if (obj instanceof List<?>) {
            return (List<Integer>) obj;
            return (List<ResEntity>) obj;
        }

        List<Integer> list = permsMapper.selectResList(uid);
        List<ResEntity> list = permsMapper.selectResList(uid);
        if (list != null && list.size() > 0) {
            redisService.put(key, list, SettingData.CACHE_EXPIRE, TimeUnit.MINUTES);
        }

 src/main/resources/mapper/all/PermsMapper.xml

@@ -15,8 +15,8 @@
        order by d.id
    </select>

    <select id="selectResList" resultType="java.lang.Integer">
        select distinct d.id
    <select id="selectResList" resultType="com.moon.server.entity.sys.ResEntity">
        select distinct d.*
        from lf.sys_user a
        inner join lf.sys_role_user b on a.id = b.userid
        inner join lf.sys_role_res c on b.roleid = c.roleid

			@@ -4,6 +4,7 @@
			import com.moon.server.entity.all.HttpStatus;
			import com.moon.server.entity.all.ResponseMsg;
			import com.moon.server.entity.all.StaticData;
			import com.moon.server.entity.sys.ResEntity;
			import com.moon.server.entity.sys.ResLogEntity;
			import com.moon.server.entity.sys.TokenEntity;
			import com.moon.server.entity.sys.UserEntity;
			@@ -67,12 +68,19 @@
			}

			int resId = getResId(req.getRequestURI(), LEN + token.length() + 1);
			if (!check(req, res, ue, token, resId)) {
			if (!check(req, res, ue, token)) {
			return;
			}

			// 9.获取资源实体
			ResEntity entity = getResEntity(ue, resId);
			if (null == entity) {
			WebHelper.writeStr2Page(res, ILLEGAL_RESOURCE);
			return;
			}

			insertLog(req, ue, resId);
			String url = getSourceUrl(req, resId);
			String url = getSourceUrl(req, entity);
			proxy(req, res, url);
			} catch (Exception ex) {
			log.error(ex.getMessage(), ex);
			@@ -116,7 +124,7 @@
			/**
			* 检查
			*/
			private boolean check(HttpServletRequest req, HttpServletResponse res, UserEntity ue, String token, int resId) {
			private boolean check(HttpServletRequest req, HttpServletResponse res, UserEntity ue, String token) {
			// 4.获取IP
			String ip = WebHelper.getIpAddress(req);
			if (StringHelper.isEmpty(ip)) {
			@@ -126,11 +134,6 @@
			// 5.检查黑名单
			if (!checkBlackList(ip, req)) {
			return WebHelper.writeStr2Page(res, AuthInterceptor.BLACK_LIST);
			}

			// 9.检查资源权限
			if (!checkResPerms(ue, resId)) {
			return WebHelper.writeStr2Page(res, ILLEGAL_RESOURCE);
			}

			// 6.admin跳过权限检测
			@@ -193,14 +196,21 @@
			/**
			* 检查资源权限
			*/
			private boolean checkResPerms(UserEntity ue, int resId) {
			private ResEntity getResEntity(UserEntity ue, int resId) {
			String uid = StaticData.ADMIN.equals(ue.getUid()) ? null : ue.getUid();
			List<Integer> rs = permsService.selectResList(uid);
			List<ResEntity> rs = permsService.selectResList(uid);
			if (null == rs \|\| rs.isEmpty()) {
			return false;
			return null;
			}

			return rs.contains(resId);
			// List<ResEntity> list = rs.stream().filter(resEntity -> resEntity.getId() == resId).collect(Collectors.toList());
			for (ResEntity entity : rs) {
			if (resId == entity.getId()) {
			return entity;
			}
			}

			return null;
			}

			/**
			@@ -255,7 +265,7 @@
			/**
			* 获取原始Url
			*/
			private String getSourceUrl(HttpServletRequest req, int resId) {
			private String getSourceUrl(HttpServletRequest req, ResEntity entity) {

			return "";
			}

			@@ -4,6 +4,7 @@
			import com.moon.server.entity.all.PermsAuthEntity;
			import com.moon.server.entity.all.ResAuthEntity;
			import com.moon.server.entity.sys.MenuEntity;
			import com.moon.server.entity.sys.ResEntity;
			import org.apache.ibatis.annotations.Mapper;
			import org.springframework.stereotype.Repository;

			@@ -30,7 +31,7 @@
			* @param uid
			* @return
			*/
			public List<Integer> selectResList(String uid);
			public List<ResEntity> selectResList(String uid);

			/**
			* 根据用户Uid查询菜单授权

			@@ -2,6 +2,7 @@

			import com.moon.server.entity.all.*;
			import com.moon.server.entity.sys.MenuEntity;
			import com.moon.server.entity.sys.ResEntity;
			import com.moon.server.mapper.all.PermsMapper;
			import org.springframework.beans.factory.annotation.Autowired;
			import org.springframework.stereotype.Service;
			@@ -38,14 +39,14 @@
			}

			@Override
			public List<Integer> selectResList(String uid) {
			public List<ResEntity> selectResList(String uid) {
			String key = RedisCacheKey.permsResListKey(uid);
			Object obj = redisService.get(key);
			if (obj instanceof List<?>) {
			return (List<Integer>) obj;
			return (List<ResEntity>) obj;
			}

			List<Integer> list = permsMapper.selectResList(uid);
			List<ResEntity> list = permsMapper.selectResList(uid);
			if (list != null && list.size() > 0) {
			redisService.put(key, list, SettingData.CACHE_EXPIRE, TimeUnit.MINUTES);
			}

			@@ -15,8 +15,8 @@
			order by d.id
			</select>

			<select id="selectResList" resultType="java.lang.Integer">
			select distinct d.id
			<select id="selectResList" resultType="com.moon.server.entity.sys.ResEntity">
			select distinct d.*
			from lf.sys_user a
			inner join lf.sys_role_user b on a.id = b.userid
			inner join lf.sys_role_res c on b.roleid = c.roleid