Merge remote-tracking branch 'origin/master'
This commit is contained in:
gaowdong
commit
02beddf5ee
|
|
@ -14,6 +14,8 @@ import com.bonus.canteen.core.allocation.canteen.service.AllocAreaService;
|
|||
import com.bonus.canteen.core.allocation.canteen.service.AllocCanteenService;
|
||||
import com.bonus.canteen.core.allocation.canteen.service.AllocMealLineService;
|
||||
import com.bonus.canteen.core.allocation.canteen.vo.*;
|
||||
import com.bonus.canteen.core.auth.config.LeNiuDataPermission;
|
||||
import com.bonus.canteen.core.auth.enums.DataPermissionTypeEnum;
|
||||
import com.bonus.canteen.core.auth.po.MgrUserAuthPO;
|
||||
import com.bonus.canteen.core.common.enums.AllocCanteenTypeEnum;
|
||||
import com.bonus.canteen.core.common.utils.TenantContextHolder;
|
||||
|
|
@ -251,6 +253,10 @@ public class AllocCanteenApi {
|
|||
return this.allocStallMapper.listAuthStallByUserRole();
|
||||
}
|
||||
|
||||
@LeNiuDataPermission(
|
||||
alias = "t1",
|
||||
permissionType = DataPermissionTypeEnum.PERMISSION_AREA
|
||||
)
|
||||
public List<AllocAreaVO> listAreaByUserRole(MgrUserAuthPO mgrUserAuthPO) {
|
||||
return this.allocAreaMapper.listAreaByUserRole(mgrUserAuthPO);
|
||||
}
|
||||
|
|
|
|||
|
|
@ -201,11 +201,7 @@ public class AllocAreaServiceImpl extends ServiceImpl<AllocAreaMapper, AllocArea
|
|||
|
||||
@Override
|
||||
public List<Tree<Long>> getSystemAuthAreaTree() {
|
||||
MgrUserAuthPO mgrUserAuthPO = this.mgrAuthApi.getUserAuthPO();
|
||||
List<AllocAreaTreeVO> areaList = ((AllocAreaMapper)this.baseMapper).listSystemArea(TenantContextHolder.getTenantId());
|
||||
if (GlobalConstants.SUPER_ADMIN_ROLE_KEY.equals(mgrUserAuthPO.getRoleCode())) {
|
||||
areaList = new ArrayList<>();
|
||||
}
|
||||
List<AllocAreaTreeVO> filterAreaTreeList = ((AllocAreaMapper)this.baseMapper).listAllTreeArea();
|
||||
if (CollUtil.isNotEmpty(filterAreaTreeList)) {
|
||||
List<Long> filterAreaIdList = (List)filterAreaTreeList.stream().map(BaseTreeNode::getId).collect(Collectors.toList());
|
||||
|
|
|
|||
|
|
@ -131,7 +131,9 @@ public class MgrAuthApi {
|
|||
MgrUserAuthPO mgrUserAuthPO = this.getUserAuthPO();
|
||||
if (!filterOtherRole) {
|
||||
return CollUtil.newArrayList(new AllocCanteenTreeVO[0]);
|
||||
} else if (!ObjectUtil.equal(mgrUserAuthPO.getRoleType(), MgrRoleTypeV2Enum.ROLE_ADMIN.getKey()) && !ObjectUtil.equal(mgrUserAuthPO.getRoleType(), MgrRoleTypeV2Enum.ROLE_ORG.getKey())) {
|
||||
} else if (!ObjectUtil.equal(mgrUserAuthPO.getRoleType(), MgrRoleTypeV2Enum.ROLE_ADMIN.getKey())
|
||||
&& !ObjectUtil.equal(mgrUserAuthPO.getRoleCode(), GlobalConstants.SUPER_ADMIN_ROLE_KEY)
|
||||
&& !ObjectUtil.equal(mgrUserAuthPO.getRoleType(), MgrRoleTypeV2Enum.ROLE_ORG.getKey())) {
|
||||
return this.mgrRoleCanteenMapper.getTenantCanteen(excludeMiddle, tenantId, mgrUserAuthPO, delFlag);
|
||||
} else {
|
||||
List<AllocCanteenTreeVO> list = CollUtil.newArrayList(new AllocCanteenTreeVO[0]);
|
||||
|
|
|
|||
|
|
@ -4,6 +4,7 @@ import cn.hutool.core.util.ObjectUtil;
|
|||
import com.bonus.canteen.core.auth.enums.DataPermissionTypeEnum;
|
||||
import com.bonus.canteen.core.auth.enums.RoleCodeV2Enum;
|
||||
import com.bonus.common.core.exception.ServiceException;
|
||||
import com.bonus.common.houqin.constant.GlobalConstants;
|
||||
import com.bonus.common.security.utils.SecurityUtils;
|
||||
import net.sf.jsqlparser.expression.Expression;
|
||||
import net.sf.jsqlparser.expression.HexValue;
|
||||
|
|
@ -87,7 +88,7 @@ public class LeNiuDataPermissionHandler {
|
|||
private String getSqlByAliasAndPermissionType(Long userId, String roleCode, DataPermissionTypeEnum permissionType, String alias) {
|
||||
StringBuilder sb = new StringBuilder();
|
||||
|
||||
if (roleCode.startsWith(RoleCodeV2Enum.ROLE_ADMIN.key())) {
|
||||
if (roleCode.startsWith(RoleCodeV2Enum.ROLE_ADMIN.key()) || GlobalConstants.SUPER_ADMIN_ROLE_KEY.equals(roleCode)) {
|
||||
return "";
|
||||
} else {
|
||||
if (ObjectUtil.equal(DataPermissionTypeEnum.PERMISSION_ORG, permissionType)) {
|
||||
|
|
|
|||
|
|
@ -20,6 +20,7 @@ import com.bonus.canteen.core.merchant.entity.MercMerchant;
|
|||
import com.bonus.canteen.core.open.modules.auth.constants.CheckEnum;
|
||||
import com.bonus.canteen.core.open.modules.auth.model.OpenApp;
|
||||
import com.bonus.canteen.core.open.modules.auth.service.OpenAppService;
|
||||
import com.bonus.canteen.core.secure.dto.ClientLoginDto;
|
||||
import com.bonus.common.core.exception.ServiceException;
|
||||
import com.bonus.common.core.web.domain.AjaxResult;
|
||||
import com.bonus.common.houqin.constant.LeConstants;
|
||||
|
|
@ -163,8 +164,8 @@ public class AuthController {
|
|||
|
||||
@ApiOperation("设备认证")
|
||||
@PostMapping({"/device/login"})
|
||||
public AjaxResult deviceLogin(@RequestHeader Map<String, String> header, @RequestParam String encryptedDeviceSn) {
|
||||
String deviceSn = SmUtils.decryptBySm2(encryptedDeviceSn);
|
||||
public AjaxResult deviceLogin(@RequestHeader Map<String, String> header, @RequestBody ClientLoginDto dto) {
|
||||
String deviceSn = SmUtils.decryptBySm2(dto.getDeviceSn());
|
||||
String encryptKey = HeaderFetchUtil.getValueFromHeadersIgnoreCase(header, this.secureProperties.getSecurity().getServerEncryptedClientKeyHeaderName());
|
||||
String clientKey = SmUtils.decryptBySm4WithServerKey(encryptKey);
|
||||
if (CharSequenceUtil.isEmpty(deviceSn)) {
|
||||
|
|
|
|||
|
|
@ -87,27 +87,11 @@ public class SmUtils {
|
|||
}
|
||||
|
||||
public static void main(String[] args) throws NoSuchAlgorithmException {
|
||||
sm2();
|
||||
//sm2() 移到 SmUtilsTest.java
|
||||
sm4();
|
||||
sm4WithoutIV();
|
||||
}
|
||||
|
||||
private static void sm2() {
|
||||
System.out.println("=================sm2===================");
|
||||
String privateKeyStr = "D55F4709BE51FCDC71D6385885A5CAEE70A09438F862BEB4E56F64A70C76EF5F";
|
||||
String pubKeyStr = "04768E8E44656FFD4BA58C0270002A28365A5F6B0F6D40E88B9221CDFAAA8E82C8CCEDBA5FC2D03F20B11492EBE90CC04782682AFE326363A503F086C04A14092C";
|
||||
SM2 sm2 = SmUtil.sm2(privateKeyStr, pubKeyStr);
|
||||
String data = "liolay123466789";
|
||||
byte[] encrypt = sm2.encrypt("liolay".getBytes(StandardCharsets.UTF_8));
|
||||
System.out.println("encrypt:" + Base64.encodeUrlSafe(encrypt));
|
||||
PrintStream var10000 = System.out;
|
||||
byte[] var10001 = sm2.sign(data.getBytes(StandardCharsets.UTF_8));
|
||||
var10000.println("sign:" + Base64Encoder.encode(var10001));
|
||||
var10000 = System.out;
|
||||
String var5 = new String(sm2.decrypt(encrypt));
|
||||
var10000.println("decrypt:" + var5);
|
||||
}
|
||||
|
||||
private static void sm4() throws NoSuchAlgorithmException {
|
||||
System.out.println("================sm4==================");
|
||||
BouncyCastleProvider provider = new BouncyCastleProvider();
|
||||
|
|
|
|||
|
|
@ -2,11 +2,9 @@ package com.bonus.canteen.core.secure.controller;
|
|||
|
||||
import com.bonus.canteen.core.config.SecureProperties;
|
||||
import com.bonus.canteen.core.config.SmUtils;
|
||||
import com.bonus.canteen.core.secure.dto.ClientLoginDto;
|
||||
import org.springframework.beans.factory.annotation.Autowired;
|
||||
import org.springframework.web.bind.annotation.GetMapping;
|
||||
import org.springframework.web.bind.annotation.RequestMapping;
|
||||
import org.springframework.web.bind.annotation.RequestParam;
|
||||
import org.springframework.web.bind.annotation.RestController;
|
||||
import org.springframework.web.bind.annotation.*;
|
||||
|
||||
@RestController
|
||||
@RequestMapping
|
||||
|
|
@ -17,12 +15,11 @@ public class KeyExchangeController {
|
|||
this.publicKey = secureProperties.getSecurity().getClientSm2Key();
|
||||
}
|
||||
|
||||
@GetMapping({"${secure.security.key-exchange-path:/exchange/key}"})
|
||||
public ExchangedKey exchangeKey(@RequestParam String clientKey) {
|
||||
@PostMapping({"${secure.security.key-exchange-path:/exchange/key}"})
|
||||
public ExchangedKey exchangeKey(@RequestBody ClientLoginDto dto) {
|
||||
ExchangedKey exchangedKey = new ExchangedKey();
|
||||
|
||||
try {
|
||||
String decryptedClientKey = SmUtils.decryptBySm2(clientKey);
|
||||
String decryptedClientKey = SmUtils.decryptBySm2(dto.getClientKey());
|
||||
String encryptedClientKey = SmUtils.encryptBySm4WithServerKey(decryptedClientKey);
|
||||
String encryptedClientKeySign = SmUtils.signBySm2(encryptedClientKey);
|
||||
return exchangedKey.setSign(encryptedClientKeySign).setServerEncryptClientKey(encryptedClientKey);
|
||||
|
|
|
|||
|
|
@ -0,0 +1,9 @@
|
|||
package com.bonus.canteen.core.secure.dto;
|
||||
|
||||
import lombok.Data;
|
||||
|
||||
@Data
|
||||
public class ClientLoginDto {
|
||||
private String clientKey;
|
||||
private String deviceSn;
|
||||
}
|
||||
|
|
@ -61,17 +61,5 @@
|
|||
t1.super_id
|
||||
FROM alloc_area t1
|
||||
WHERE t1.if_del = 2
|
||||
<if test="'-1'.toString() != authPO.roleType.toString()">
|
||||
and EXISTS (
|
||||
SELECT null
|
||||
FROM sys_role_area it1
|
||||
LEFT JOIN sys_role it2 ON it2.role_id = it1.role_id
|
||||
LEFT JOIN sys_user_role it3 ON it1.role_id = it3.role_id
|
||||
WHERE it2.del_flag = 0
|
||||
AND it2.role_key = #{authPO.roleCode}
|
||||
AND it3.user_id = #{authPO.userId}
|
||||
AND t1.area_id = it1.area_id
|
||||
)
|
||||
</if>
|
||||
</select>
|
||||
</mapper>
|
||||
|
|
|
|||
|
|
@ -0,0 +1,75 @@
|
|||
package com.bonus.canteen.core.config;
|
||||
|
||||
import cn.hutool.core.codec.Base64;
|
||||
import cn.hutool.core.codec.Base64Encoder;
|
||||
import cn.hutool.crypto.SmUtil;
|
||||
import cn.hutool.crypto.asymmetric.SM2;
|
||||
import org.bouncycastle.jce.provider.BouncyCastleProvider;
|
||||
import org.junit.runner.RunWith;
|
||||
import org.springframework.test.context.junit4.SpringRunner;
|
||||
import javax.crypto.KeyGenerator;
|
||||
import javax.crypto.SecretKey;
|
||||
import java.io.PrintStream;
|
||||
import java.nio.charset.StandardCharsets;
|
||||
import java.security.NoSuchAlgorithmException;
|
||||
|
||||
@RunWith(SpringRunner.class)
|
||||
public class SmUtilsTest {
|
||||
|
||||
public static void main(String[] args) throws NoSuchAlgorithmException {
|
||||
sm2();
|
||||
// sm4();
|
||||
// sm4WithoutIV();
|
||||
}
|
||||
|
||||
private static void sm2() {
|
||||
System.out.println("=================sm2===================");
|
||||
String privateKeyStr = "D55F4709BE51FCDC71D6385885A5CAEE70A09438F862BEB4E56F64A70C76EF5F";
|
||||
String pubKeyStr = "04768E8E44656FFD4BA58C0270002A28365A5F6B0F6D40E88B9221CDFAAA8E82C8CCEDBA5FC2D03F20B11492EBE90CC04782682AFE326363A503F086C04A14092C";
|
||||
SM2 sm2 = SmUtil.sm2(privateKeyStr, pubKeyStr);
|
||||
String data = "liolay123466789";
|
||||
byte[] encrypt = sm2.encrypt("2AD2252000231631".getBytes(StandardCharsets.UTF_8));
|
||||
System.out.println("encrypt:" + Base64.encode(encrypt));
|
||||
PrintStream var10000 = System.out;
|
||||
byte[] var10001 = sm2.sign(data.getBytes(StandardCharsets.UTF_8));
|
||||
var10000.println("sign:" + Base64Encoder.encode(var10001));
|
||||
var10000 = System.out;
|
||||
String var5 = new String(sm2.decrypt(encrypt));
|
||||
var10000.println("decrypt:" + var5);
|
||||
}
|
||||
|
||||
private static void sm4() throws NoSuchAlgorithmException {
|
||||
System.out.println("================sm4==================");
|
||||
BouncyCastleProvider provider = new BouncyCastleProvider();
|
||||
KeyGenerator generator = KeyGenerator.getInstance("SM4", provider);
|
||||
SecretKey secretKey = generator.generateKey();
|
||||
byte[] encoded = secretKey.getEncoded();
|
||||
String key = Base64Encoder.encode(encoded);
|
||||
System.out.println("key: " + key);
|
||||
String data = "liolay";
|
||||
String encryptBySm4 = SmUtils.encryptBySm4(data, encoded);
|
||||
System.out.println("encrypt: " + encryptBySm4);
|
||||
PrintStream var10000 = System.out;
|
||||
String var10001 = SmUtils.decryptBySm4(encryptBySm4, encoded);
|
||||
var10000.println("decrypt: " + var10001);
|
||||
var10000 = System.out;
|
||||
var10001 = SmUtils.decryptBySm4(encryptBySm4, key);
|
||||
var10000.println("decrypt: " + var10001);
|
||||
}
|
||||
|
||||
private static void sm4WithoutIV() throws NoSuchAlgorithmException {
|
||||
System.out.println("================sm4WithoutIV==================");
|
||||
BouncyCastleProvider provider = new BouncyCastleProvider();
|
||||
KeyGenerator generator = KeyGenerator.getInstance("SM4", provider);
|
||||
SecretKey secretKey = generator.generateKey();
|
||||
byte[] key = secretKey.getEncoded();
|
||||
String keyEncode = Base64Encoder.encode(key);
|
||||
System.out.println("key: " + keyEncode);
|
||||
String plainData = "liolay";
|
||||
String encryptedData = SmUtils.encryptBySm4(plainData, key);
|
||||
System.out.println("encrypt: " + encryptedData);
|
||||
String decryptData = SmUtils.decryptBySm4(encryptedData, key);
|
||||
System.out.println("decrypt: " + decryptData);
|
||||
}
|
||||
|
||||
}
|
||||
Loading…
Reference in New Issue