bonus
/
Bonus-Cloud-Houqin
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

增加LeNiuDataPermission逻辑

This commit is contained in:
gaowdong 2025-03-07 17:39:32 +08:00
parent db1e876bc6
commit d936979dc4
8 changed files with 265 additions and 287 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
bonus-modules/bonus-smart-canteen/pom.xml
View File

@ -19,7 +19,7 @@
<dependency>
<groupId>com.baomidou</groupId>
<artifactId>mybatis-plus-boot-starter</artifactId>
<version>3.5.1</version>
<version>3.5.7</version>
</dependency>
<!--加密依赖包-->
<dependency>

2
bonus-modules/bonus-smart-canteen/src/main/java/com/bonus/canteen/core/auth/api/MgrAuthApi.java
View File

@ -22,7 +22,6 @@ import com.bonus.canteen.core.auth.po.MgrUserAuthPO;
import com.bonus.canteen.core.auth.role.MgrRoleTypeV2Enum;
import com.bonus.canteen.core.auth.role.mapper.MgrRoleOrgMapper;
import com.bonus.canteen.core.customer.dto.CustOrgTreeDTO;
import com.bonus.canteen.core.customer.utils.SecureManager;
import com.bonus.common.houqin.i18n.I18n;
import com.bonus.common.security.utils.SecurityUtils;
import com.bonus.system.api.model.LoginUser;
@ -35,7 +34,6 @@ import org.springframework.util.CollectionUtils;
import javax.annotation.Resource;
import java.util.List;
import java.util.Map;
import java.util.Optional;
import java.util.Set;
import java.util.stream.Collectors;

123
bonus-modules/bonus-smart-canteen/src/main/java/com/bonus/canteen/core/auth/config/LeNiuDataPermissionHandler.java Normal file
View File

@ -0,0 +1,123 @@
package com.bonus.canteen.core.auth.config;
import cn.hutool.core.util.ObjectUtil;
import com.bonus.canteen.core.auth.enums.DataPermissionTypeEnum;
import com.bonus.canteen.core.auth.enums.RoleCodeV2Enum;
import com.bonus.common.core.exception.ServiceException;
import com.bonus.common.security.utils.SecurityUtils;
import net.sf.jsqlparser.expression.Expression;
import net.sf.jsqlparser.expression.HexValue;
import net.sf.jsqlparser.expression.operators.conditional.AndExpression;
import net.sf.jsqlparser.statement.select.PlainSelect;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.springframework.core.annotation.AnnotatedElementUtils;
import java.lang.reflect.Method;
import java.util.Objects;
public class LeNiuDataPermissionHandler {
private static final Logger log = LoggerFactory.getLogger(LeNiuDataPermissionHandler.class);
public Expression getSqlSegment(PlainSelect plainSelect, String whereSegment){
try {
Expression where = plainSelect.getWhere();
String className = whereSegment.substring(0, whereSegment.lastIndexOf("."));
String methodName = whereSegment.substring(whereSegment.lastIndexOf(".") + 1);
Method[] methods = Class.forName(className).getMethods();
Method[] var7 = methods;
int var8 = methods.length;
for(int var9 = 0; var9 < var8; ++var9) {
Method m = var7[var9];
if (Objects.equals(m.getName(), methodName) || Objects.equals(m.getName() + "_COUNT", methodName)) {
LeNiuDataPermission.List permissionAnnotations = (LeNiuDataPermission.List)AnnotatedElementUtils.findMergedAnnotation(m, LeNiuDataPermission.List.class);
LeNiuDataPermission permissionAnnotation = (LeNiuDataPermission)AnnotatedElementUtils.findMergedAnnotation(m, LeNiuDataPermission.class);
if (permissionAnnotations == null && permissionAnnotation == null) {
return where;
} else {
Long userId = SecurityUtils.getUserId();
String roleCode = (String)SecurityUtils.getLoginUser().getRoles().stream().findFirst().orElse(null);
if (ObjectUtil.isEmpty(roleCode)) {
return new HexValue(" 1 = 2 ");
} else {
if (permissionAnnotations != null) {
LeNiuDataPermission[] var15 = permissionAnnotations.value();
int var16 = var15.length;
for(int var17 = 0; var17 < var16; ++var17) {
LeNiuDataPermission permission = var15[var17];
where = this.expressionLeNiuDataPermission(where, permission, userId, roleCode);
}
}
if (permissionAnnotation != null) {
where = this.expressionLeNiuDataPermission(where, permissionAnnotation, userId, roleCode);
}
return where;
}
}
}
}
where = new HexValue(" 1 = 2 ");
return where;
} catch (Exception var19) {
log.error(var19.getMessage());
throw new ServiceException("系统异常");
}
}
private Expression expressionLeNiuDataPermission(Expression where, LeNiuDataPermission permission, Long userId, String roleCode) {
DataPermissionTypeEnum permissionType = permission.permissionType();
String alias = permission.alias();
String sql = this.getSqlByAliasAndPermissionType(userId, roleCode, permissionType, alias);
if (ObjectUtil.isNotEmpty(sql)) {
if (ObjectUtil.isNull(where)) {
where = new HexValue(sql);
} else {
where = new AndExpression((Expression)where, new HexValue(sql));
}
}
return (Expression)where;
}
private String getSqlByAliasAndPermissionType(Long userId, String roleCode, DataPermissionTypeEnum permissionType, String alias) {
StringBuilder sb = new StringBuilder();
if (roleCode.startsWith(RoleCodeV2Enum.ROLE_ADMIN.key())) {
if (roleCode.split("&&").length <= 1) {
return "";
}
if (!ObjectUtil.equal(DataPermissionTypeEnum.PERMISSION_AREA, permissionType)) {
return "";
}
sb.append(" EXISTS ( ").append(" SELECT null FROM mgr_role_area it1").append(" LEFT JOIN mgr_role it2 ON it2.role_id = it1.role_id").append(" LEFT JOIN mgr_user_role it3 ON it1.role_id = it3.role_id").append(" WHERE it2.del_flag = 2 AND it2.role_code = '").append(roleCode).append("'").append(" AND it1.half_select = 1 AND it3.user_id = ").append(userId).append(" AND ").append(alias).append(".area_id = it1.data_id)");
} else if (roleCode.startsWith(RoleCodeV2Enum.ROLE_ORG.key())) {
if (ObjectUtil.equal(DataPermissionTypeEnum.PERMISSION_ORG, permissionType)) {
sb.append(" EXISTS ( ").append(" SELECT null FROM mgr_role_org it1").append(" LEFT JOIN mgr_role it2 ON it2.role_id = it1.role_id").append(" LEFT JOIN mgr_user_role it3 ON it1.role_id = it3.role_id").append(" WHERE it2.del_flag = 2 AND it2.role_code = '").append(roleCode).append("' AND it1.half_select = 1 AND it3.user_id = ").append(userId).append(" AND ").append(alias).append(".org_id = it1.org_id)");
}
} else if (roleCode.startsWith(RoleCodeV2Enum.ROLE_MERCHANT.key())) {
if (ObjectUtil.equal(DataPermissionTypeEnum.PERMISSION_CANTEEN, permissionType)) {
sb.append(" EXISTS ( ").append(" SELECT null FROM mgr_role_canteen it1").append(" LEFT JOIN mgr_role it2 ON it2.role_id = it1.role_id").append(" LEFT JOIN mgr_user_role it3 ON it1.role_id = it3.role_id").append(" WHERE it2.del_flag = 2 AND it2.role_code = '").append(roleCode).append("'").append(" AND it1.half_select = 1 AND it3.user_id = ").append(userId).append(" AND ").append(alias).append(".canteen_id = it1.data_id)");
} else if (ObjectUtil.equal(DataPermissionTypeEnum.PERMISSION_STALL, permissionType)) {
sb.append(" EXISTS ( ").append(" SELECT null FROM mgr_role_canteen it1").append(" LEFT JOIN mgr_role it2 ON it2.role_id = it1.role_id").append(" LEFT JOIN mgr_user_role it3 ON it1.role_id = it3.role_id").append(" WHERE it2.del_flag = 2 AND it2.role_code = '").append(roleCode).append("' AND it1.half_select = 1 AND it3.user_id = ").append(userId).append(" AND ").append(alias).append(".stall_id = it1.data_id)");
} else if (ObjectUtil.equal(DataPermissionTypeEnum.PERMISSION_CANTEEN_STALL, permissionType)) {
sb.append(" EXISTS ( ").append(" SELECT null FROM mgr_role_canteen it1").append(" LEFT JOIN mgr_role it2 ON it2.role_id = it1.role_id").append(" LEFT JOIN mgr_user_role it3 ON it1.role_id = it3.role_id").append(" WHERE it2.del_flag = 2 AND it2.role_code = '").append(roleCode).append("' AND it1.half_select = 1 AND it3.user_id = ").append(userId).append(" AND (").append(alias).append(".canteen_id = it1.data_id OR ").append(alias).append(".stall_id = it1.data_id ))");
} else if (ObjectUtil.equal(DataPermissionTypeEnum.PERMISSION_WAREHOUSE, permissionType)) {
sb.append(" EXISTS ( ").append(" SELECT null FROM mgr_role_warehouse it1").append(" LEFT JOIN mgr_role it2 ON it2.role_id = it1.role_id").append(" LEFT JOIN mgr_user_role it3 ON it1.role_id = it3.role_id").append(" WHERE it2.del_flag = 2 AND it2.role_code = '").append(roleCode).append("'").append(" AND it3.user_id = ").append(userId).append(" AND ").append(alias).append(".warehouse_id = it1.warehouse_id)");
} else if (ObjectUtil.equal(DataPermissionTypeEnum.PERMISSION_SUPERMARKET, permissionType)) {
sb.append(" EXISTS ( ").append(" SELECT null FROM mgr_role_canteen it1").append(" LEFT JOIN mgr_role it2 ON it2.role_id = it1.role_id").append(" LEFT JOIN mgr_user_role it3 ON it1.role_id = it3.role_id").append(" WHERE it2.del_flag = 2 AND it2.role_code = '").append(roleCode).append("'").append(" AND it1.half_select = 1 AND it3.user_id = ").append(userId).append(" AND ").append(alias).append(".supermarket_id = it1.data_id)");
} else if (ObjectUtil.equal(DataPermissionTypeEnum.PERMISSION_AREA, permissionType)) {
sb.append(" EXISTS ( ").append(" SELECT null FROM mgr_role_area it1").append(" LEFT JOIN mgr_role it2 ON it2.role_id = it1.role_id").append(" LEFT JOIN mgr_user_role it3 ON it1.role_id = it3.role_id").append(" WHERE it2.del_flag = 2 AND it2.role_code = '").append(roleCode).append("'").append(" AND it1.half_select = 1 AND it3.user_id = ").append(userId).append(" AND ").append(alias).append(".area_id = it1.data_id)");
}
} else {
sb.append("1 = 2");
}
return sb.toString();
}
}

91
bonus-modules/bonus-smart-canteen/src/main/java/com/bonus/canteen/core/auth/config/LeNiuDataPermissionInterceptor.java Normal file
View File

@ -0,0 +1,91 @@
package com.bonus.canteen.core.auth.config;
import cn.hutool.core.text.CharSequenceUtil;
import com.baomidou.mybatisplus.core.plugins.InterceptorIgnoreHelper;
import com.baomidou.mybatisplus.core.toolkit.PluginUtils;
import com.baomidou.mybatisplus.extension.parser.JsqlParserSupport;
import com.baomidou.mybatisplus.extension.plugins.inner.InnerInterceptor;
import net.sf.jsqlparser.expression.Expression;
import net.sf.jsqlparser.statement.select.PlainSelect;
import net.sf.jsqlparser.statement.select.Select;
import net.sf.jsqlparser.statement.select.SetOperationList;
import org.apache.ibatis.executor.Executor;
import org.apache.ibatis.executor.statement.StatementHandler;
import org.apache.ibatis.mapping.BoundSql;
import org.apache.ibatis.mapping.MappedStatement;
import org.apache.ibatis.session.ResultHandler;
import org.apache.ibatis.session.RowBounds;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import java.sql.Connection;
import java.sql.SQLException;
import java.util.List;
public class LeNiuDataPermissionInterceptor extends JsqlParserSupport implements InnerInterceptor {
private static final Logger log = LoggerFactory.getLogger(LeNiuDataPermissionInterceptor.class);
private LeNiuDataPermissionHandler dataPermissionHandler;
private String databaseType;
public void beforeQuery(Executor executor, MappedStatement ms, Object parameter, RowBounds rowBounds, ResultHandler resultHandler, BoundSql boundSql) throws SQLException {
if (!InterceptorIgnoreHelper.willIgnoreDataPermission(ms.getId())) {
PluginUtils.MPBoundSql mpBs = PluginUtils.mpBoundSql(boundSql);
mpBs.sql(this.parserSingle(mpBs.sql().replaceAll("(?m)^[ \t]*\r?\n", ""), ms.getId()));
}
}
protected void processSelect(Select select, int index, String sql, Object obj) {
if (select instanceof PlainSelect) {
this.setWhere((PlainSelect)select, (String)obj);
} else if (select instanceof SetOperationList) {
List<Select> selectBodyList = ((SetOperationList)select).getSelects();
selectBodyList.forEach((s) -> {
this.setWhere((PlainSelect)s, (String)obj);
});
}
}
private void setWhere(PlainSelect plainSelect, String whereSegment) {
Expression sqlSegment = this.dataPermissionHandler.getSqlSegment(plainSelect, whereSegment);
if (null != sqlSegment) {
plainSelect.setWhere(sqlSegment);
}
}
public void beforePrepare(StatementHandler sh, Connection connection, Integer transactionTimeout) {
PluginUtils.MPStatementHandler mpSh = PluginUtils.mpStatementHandler(sh);
PluginUtils.MPBoundSql mpBs = mpSh.mPBoundSql();
String sql = mpBs.sql();
if (CharSequenceUtil.contains(sql, "`")) {
sql = "kb".equals(this.databaseType) ? sql.replace("`", "\"") : sql;
mpBs.sql(sql);
}
}
public LeNiuDataPermissionHandler getDataPermissionHandler() {
return this.dataPermissionHandler;
}
public String getDatabaseType() {
return this.databaseType;
}
public void setDataPermissionHandler(final LeNiuDataPermissionHandler dataPermissionHandler) {
this.dataPermissionHandler = dataPermissionHandler;
}
public void setDatabaseType(final String databaseType) {
this.databaseType = databaseType;
}
public LeNiuDataPermissionInterceptor() {
}
public LeNiuDataPermissionInterceptor(final LeNiuDataPermissionHandler dataPermissionHandler, final String databaseType) {
this.dataPermissionHandler = dataPermissionHandler;
this.databaseType = databaseType;
}
}

43
bonus-modules/bonus-smart-canteen/src/main/java/com/bonus/canteen/core/auth/config/LeNiuMybatisPlusConfigRunner.java Normal file
View File

@ -0,0 +1,43 @@
package com.bonus.canteen.core.auth.config;
import com.baomidou.mybatisplus.extension.plugins.MybatisPlusInterceptor;
import com.baomidou.mybatisplus.extension.plugins.inner.InnerInterceptor;
import com.baomidou.mybatisplus.extension.plugins.inner.PaginationInnerInterceptor;
import com.google.common.collect.Lists;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.boot.ApplicationArguments;
import org.springframework.boot.ApplicationRunner;
import org.springframework.context.annotation.Configuration;
import java.util.List;
import java.util.ListIterator;
@Configuration
public class LeNiuMybatisPlusConfigRunner implements ApplicationRunner {
private static final Logger log = LoggerFactory.getLogger(LeNiuMybatisPlusConfigRunner.class);
@Autowired
private MybatisPlusInterceptor mybatisPlusInterceptor;
// @Autowired
// private DbProperties dbProperties;
public void run(ApplicationArguments args) throws Exception {
List<InnerInterceptor> interceptors = Lists.newArrayList();
InnerInterceptor interceptor;
for(ListIterator<InnerInterceptor> iterator = this.mybatisPlusInterceptor.getInterceptors().listIterator(); iterator.hasNext(); interceptors.add(interceptor)) {
interceptor = (InnerInterceptor)iterator.next();
if (interceptor instanceof PaginationInnerInterceptor) {
LeNiuDataPermissionInterceptor leNiuDataPermissionInterceptor = new LeNiuDataPermissionInterceptor();
leNiuDataPermissionInterceptor.setDataPermissionHandler(new LeNiuDataPermissionHandler());
leNiuDataPermissionInterceptor.setDatabaseType("mysql");
interceptors.add(leNiuDataPermissionInterceptor);
// QueryExtensionInterceptor queryExtensionInterceptor = new QueryExtensionInterceptor();
// interceptors.add(queryExtensionInterceptor);
}
}
this.mybatisPlusInterceptor.setInterceptors(interceptors);
}
}

11
bonus-modules/bonus-smart-canteen/src/main/java/com/bonus/canteen/core/common/export/service/ExportRecordService.java
View File

@ -11,12 +11,12 @@ import com.bonus.canteen.core.common.export.model.ExportRecord;
import com.bonus.canteen.core.common.export.vo.ExportRecordVO;
import com.bonus.canteen.core.common.page.PageVO;
import com.bonus.canteen.core.common.redis.RedisUtil;
import com.bonus.canteen.core.customer.utils.SecureManager;
import com.bonus.canteen.core.order.utils.LeNumUtil;
import com.bonus.common.core.exception.ServiceException;
import com.bonus.common.houqin.constant.LeConstants;
import com.bonus.common.houqin.i18n.I18n;
import com.bonus.common.houqin.utils.id.Id;
import com.bonus.common.security.utils.SecurityUtils;
import com.github.pagehelper.page.PageMethod;
import org.redisson.api.RLock;
import org.slf4j.Logger;
@ -25,7 +25,6 @@ import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.context.annotation.Lazy;
import org.springframework.stereotype.Service;
import java.lang.invoke.SerializedLambda;
import java.time.LocalDateTime;
import java.util.List;
import java.util.stream.Collectors;
@ -50,7 +49,7 @@ public class ExportRecordService {
exportRecord.setExportFileType(type.getKey());
exportRecord.setExpiredTime(expiredTime);
exportRecord.setIfPrivate(ifPrivate ? LeConstants.COMMON_YES : LeConstants.COMMON_NO);
exportRecord.setCrby(((Long) SecureManager.getSubjectId().orElse(LeConstants.DATA_DEFAULT_LONG)).toString());
exportRecord.setCrby(((Long) SecurityUtils.getUserId()).toString());
this.insert(exportRecord);
return exportRecord;
}
@ -63,7 +62,7 @@ public class ExportRecordService {
exportRecord.setExportFileType(type.getKey());
exportRecord.setExpiredTime(expiredTime);
exportRecord.setIfPrivate(ifPrivate ? LeConstants.COMMON_YES : LeConstants.COMMON_NO);
exportRecord.setCrby(((Long) SecureManager.getSubjectId().orElse(LeConstants.DATA_DEFAULT_LONG)).toString());
exportRecord.setCrby(((Long) SecurityUtils.getUserId()).toString());
exportRecord.setFinishTime(LocalDateTime.now());
exportRecord.setProcess(100);
exportRecord.setFileUrl(fileUrl);
@ -140,7 +139,7 @@ public class ExportRecordService {
this.exportRecordMapper.update(null,
Wrappers.lambdaUpdate(ExportRecord.class)
.set(ExportRecord::getExportFileState, ExportFileStateEnum.CANCELED.getKey())
.in(ExportRecord::getExportFileState, new Object[]{ExportFileStateEnum.WAITING.getKey(), ExportFileStateEnum.CREATING.getKey(), ExportFileStateEnum.STOPPING.getKey()}));
.in(ExportRecord::getExportFileState, ExportFileStateEnum.WAITING.getKey(), ExportFileStateEnum.CREATING.getKey(), ExportFileStateEnum.STOPPING.getKey()));
}
public void didStop(Long exportId) {
@ -174,7 +173,7 @@ public class ExportRecordService {
}
public PageVO<ExportRecordVO> page(ExportRecordQueryDTO queryDTO) {
queryDTO.setUserId(((Long) SecureManager.getSubjectId().orElse(LeConstants.DATA_DEFAULT_LONG)).toString());
queryDTO.setUserId(((Long) SecurityUtils.getUserId()).toString());
PageMethod.startPage(queryDTO);
List<ExportRecord> exportRecords = this.exportRecordMapper.listByParam(queryDTO);
List<ExportRecordVO> voList = exportRecords.stream().map(ExportRecordVO::of).collect(Collectors.toList());

276
bonus-modules/bonus-smart-canteen/src/main/java/com/bonus/canteen/core/customer/utils/SecureManager.java
View File

@ -1,276 +0,0 @@
package com.bonus.canteen.core.customer.utils;
import cn.hutool.core.map.MapUtil;
import com.bonus.canteen.core.config.SecureProperties;
import com.bonus.canteen.core.config.WebContext;
import com.bonus.canteen.core.customer.service.AuthorizingService;
import com.bonus.canteen.core.secure.PmsCache;
import com.fasterxml.jackson.core.JsonProcessingException;
import com.fasterxml.jackson.databind.ObjectMapper;
import com.google.common.collect.Maps;
import com.google.common.collect.Sets;
import org.apache.commons.collections4.CollectionUtils;
import org.apache.commons.collections4.ListUtils;
import org.apache.commons.lang3.BooleanUtils;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.springframework.data.redis.core.BoundHashOperations;
import org.springframework.data.redis.core.StringRedisTemplate;
import java.time.Instant;
import java.util.*;
import java.util.function.Function;
import java.util.stream.Collectors;
import java.util.stream.Stream;
import com.bonus.canteen.core.config.AccessToken;
public class SecureManager {
private static final Logger log = LoggerFactory.getLogger(SecureManager.class);
private static SecureProperties secureProperties;
private static StringRedisTemplate redisTemplate;
private static AuthorizingService authorizingService;
private static ObjectMapper objectMapper;
private SecureManager() {
}
public static void setSecureProperties(SecureProperties secureProperties) {
if (SecureManager.secureProperties == null) {
SecureManager.secureProperties = secureProperties;
}
}
public static void setRedisTemplate(StringRedisTemplate redisTemplate) {
if (SecureManager.redisTemplate == null) {
SecureManager.redisTemplate = redisTemplate;
}
}
public static void setAuthorizingService(AuthorizingService authorizingService) {
if (SecureManager.authorizingService == null) {
SecureManager.authorizingService = authorizingService;
}
}
public static void setObjectMapper(ObjectMapper objectMapper) {
if (SecureManager.objectMapper == null) {
SecureManager.objectMapper = objectMapper;
}
}
private static String getPmsKey(long subjectId) {
return "permissions:subject_id:" + subjectId;
}
private static String getRoleKey(long subjectId) {
return "roles:subject_id:" + subjectId;
}
public static void clearAllRoleAndPermission() {
redisTemplate.delete(secureProperties.getPermissionKey());
}
public static void clearRoleAndPermission(long subjectId) {
redisTemplate.boundHashOps(secureProperties.getPermissionKey()).delete(new Object[]{getRoleKey(subjectId), getPmsKey(subjectId)});
}
public static void clearRole(long subjectId) {
redisTemplate.boundHashOps(secureProperties.getPermissionKey()).delete(new Object[]{getRoleKey(subjectId)});
}
public static void clearPermission(long subjectId) {
redisTemplate.boundHashOps(secureProperties.getPermissionKey()).delete(new Object[]{getPmsKey(subjectId)});
}
public static Set<String> getPermission() {
return getPms(SecureManager::getPmsKey, (subjectId) -> {
return authorizingService.permissions(subjectId);
});
}
public static Set<String> getRole() {
return getPms(SecureManager::getRoleKey, (subjectId) -> {
return authorizingService.roles(subjectId);
});
}
public static boolean hasRole(String... role) {
return getRole().containsAll(Arrays.asList(role));
}
public static boolean hasAnyRole(String... role) {
Stream var10000 = Stream.of(role);
Set var10001 = getRole();
Objects.requireNonNull(var10001);
return var10000.anyMatch(var10001::contains);
}
public static boolean hasPermission(String... pms) {
return getPermission().containsAll(Arrays.asList(pms));
}
public static boolean hasAnyPermission(String... pms) {
Stream var10000 = Stream.of(pms);
Set var10001 = getPermission();
Objects.requireNonNull(var10001);
return var10000.anyMatch(var10001::contains);
}
public static boolean isLogin() {
return (Boolean) WebContext.get().getAccessToken().map(AccessToken::isAuthenticated).orElse(false);
}
public static Optional<Long> getSubjectId() {
return WebContext.get().getAccessToken().map(AccessToken::getSubjectId);
}
public static Optional<String> getSubjectName() {
return WebContext.get().getAccessToken().map(AccessToken::getSubjectName);
}
public static Map<String, String> getSubjectData() {
return (Map)WebContext.get().getAccessToken().map(AccessToken::getSubjectData).orElse(Maps.newHashMap());
}
public static Map<String, String> attachData(Map<String, String> data) {
try {
if (MapUtil.isEmpty(data)) {
return Maps.newHashMapWithExpectedSize(0);
} else {
AccessToken accessToken = (AccessToken)WebContext.get().getAccessToken().orElse(AccessToken.create());
Objects.requireNonNull(accessToken);
data.forEach(accessToken::setData);
accessToken.bind().store();
return accessToken.getSubjectData();
}
} catch (Throwable var2) {
throw var2;
}
}
public static Map<String, String> attachData(String key, String value) {
try {
return attachData(Collections.singletonMap(key, value));
} catch (Throwable var3) {
throw var3;
}
}
public static Map<String, String> removeData(String... key) {
try {
Optional<AccessToken> accessToken = WebContext.get().getAccessToken();
// return (Map)(accessToken.isEmpty() ? Maps.newHashMap() : ((AccessToken)accessToken.get()).removeData(key).getSubjectData());
return (Map)(accessToken == null? Maps.newHashMap() : ((AccessToken)accessToken.get()).removeData(key).getSubjectData());
} catch (Throwable var2) {
throw var2;
}
}
public static Set<String> getPms(Function<Long, String> keySupplier, Function<Long, Set<String>> pmsSupplier) {
// if (WebContext.get().getAccessToken().isEmpty()) {
if (WebContext.get().getAccessToken() == null) {
return Sets.newHashSetWithExpectedSize(0);
} else {
Long subjectId = ((AccessToken)WebContext.get().getAccessToken().get()).getSubjectId();
if (subjectId == null) {
return Sets.newHashSetWithExpectedSize(0);
} else {
BoundHashOperations<String, String, String> pmsStore = redisTemplate.boundHashOps(secureProperties.getPermissionKey());
String pmsKey = (String)keySupplier.apply(subjectId);
if (BooleanUtils.isNotTrue(pmsStore.hasKey(pmsKey))) {
Set<String> pms = (Set)pmsSupplier.apply(subjectId);
if (pms == null) {
pms = Sets.newHashSetWithExpectedSize(0);
}
try {
pmsStore.put(pmsKey, objectMapper.writeValueAsString(new PmsCache(Instant.now().plusSeconds(secureProperties.getPermissionTTL()).getEpochSecond(), (Set)pms)));
} catch (JsonProcessingException var8) {
log.error("Save permission error", var8);
}
return (Set)pms;
} else {
String permissionValue = (String)pmsStore.get(pmsKey);
if (permissionValue == null) {
return getPms(keySupplier, pmsSupplier);
} else {
PmsCache cachedPms;
try {
cachedPms = (PmsCache)objectMapper.readValue(permissionValue, PmsCache.class);
} catch (JsonProcessingException var9) {
log.error("Read permission error", var9);
return Sets.newHashSet();
}
if (cachedPms.isExpired()) {
log.info("Permission cache expired, read new");
redisTemplate.boundHashOps(secureProperties.getPermissionKey()).delete(new Object[]{pmsKey});
return getPms(keySupplier, pmsSupplier);
} else {
return cachedPms.getPms();
}
}
}
}
}
}
public static void logout() {
WebContext.get().getAccessToken().ifPresent(AccessToken::clear);
}
public static void revokeAuthenticate() {
WebContext.get().getAccessToken().ifPresent((accessToken) -> {
accessToken.revokeAuthenticate().store();
});
}
public static void revokeAuthenticate(long subjectId, int reservedRecentNum) {
StringRedisTemplate var10000 = redisTemplate;
String var10001 = secureProperties.getServer().getSubjectRefTokenKey();
Set<String> keys = var10000.keys(var10001 + ":" + subjectId + ":*");
if (CollectionUtils.size(keys) > reservedRecentNum) {
assert keys != null;
Map<Long, List<String>> createTimeAsc_keys = (Map)keys.stream().collect(Collectors.groupingBy((key) -> {
return Long.parseLong(key.split(":")[4]);
}, TreeMap::new, Collectors.toList()));
// List<String> keysAsc = createTimeAsc_keys.values().stream().flatMap(Collection::stream).toList();
List<String> keysAsc = createTimeAsc_keys.values().stream().flatMap(Collection::stream).collect(Collectors.toList());
List<String> beDeleteRefKeys = keysAsc.subList(0, keysAsc.size() - reservedRecentNum);
// List<String> beDeleteTokenKeys = beDeleteRefKeys.stream().map((dk) -> {
// String var10000 = secureProperties.getServer().getStoreKey();
// return var10000 + ":" + dk.split(":")[3];
// }).toList();
List<String> beDeleteTokenKeys = beDeleteRefKeys.stream()
.map(dk -> secureProperties.getServer().getStoreKey() + ":" + dk.split(":")[3])
.collect(Collectors.toList());
redisTemplate.delete(ListUtils.sum(beDeleteRefKeys, beDeleteTokenKeys));
}
}
public boolean equals(final Object o) {
if (o == this) {
return true;
} else if (!(o instanceof SecureManager)) {
return false;
} else {
SecureManager other = (SecureManager)o;
return other.canEqual(this);
}
}
protected boolean canEqual(final Object other) {
return other instanceof SecureManager;
}
public int hashCode() {
// int result = true;
return 1;
}
public String toString() {
return "SecureManager()";
}
}

4
pom.xml
View File

@ -26,7 +26,7 @@
<swagger.core.version>1.6.2</swagger.core.version>
<tobato.version>1.27.2</tobato.version>
<kaptcha.version>2.3.3</kaptcha.version>
<pagehelper.boot.version>2.0.0</pagehelper.boot.version>
<pagehelper.boot.version>2.1.0</pagehelper.boot.version>
<druid.version>1.2.20</druid.version>
<dynamic-ds.version>4.2.0</dynamic-ds.version>
<commons.io.version>2.13.0</commons.io.version>
@ -37,7 +37,7 @@
<poi.version>4.1.2</poi.version>
<transmittable-thread-local.version>2.14.4</transmittable-thread-local.version>
<jasypt-spring-boot-starter.version>3.0.2</jasypt-spring-boot-starter.version>
<mybatis-plus.version>3.5.1</mybatis-plus.version>
<mybatis-plus.version>3.5.7</mybatis-plus.version>
</properties>
<!-- 依赖声明 -->