diff --git a/cloud-central-control-client/pom.xml b/cloud-central-control-client/pom.xml
index a673975..477c58b 100644
--- a/cloud-central-control-client/pom.xml
+++ b/cloud-central-control-client/pom.xml
@@ -5,7 +5,7 @@
cm-cloud
com.cm
- 1.0.1-SNAPSHOT
+ ${cm-cloud.version}
4.0.0
@@ -20,7 +20,7 @@
com.cm
cloud-common-socket
- 1.0.1-SNAPSHOT
+ ${cm-cloud.version}
diff --git a/cloud-central-control/pom.xml b/cloud-central-control/pom.xml
index 8e6dd1c..1d69405 100644
--- a/cloud-central-control/pom.xml
+++ b/cloud-central-control/pom.xml
@@ -5,7 +5,7 @@
cm-cloud
com.cm
- 1.0.1-SNAPSHOT
+ ${cm-cloud.version}
4.0.0
@@ -15,17 +15,17 @@
com.cm
cloud-common-plugin-dictionary
- 1.0.1-SNAPSHOT
+ ${cm-cloud.version}
com.cm
cloud-common-socket
- 1.0.1-SNAPSHOT
+ ${cm-cloud.version}
com.cm
cloud-manager-sms
- 1.0.1-SNAPSHOT
+ ${cm-cloud.version}
diff --git a/cloud-common-article/pom.xml b/cloud-common-article/pom.xml
index 85fa874..6528be1 100644
--- a/cloud-common-article/pom.xml
+++ b/cloud-common-article/pom.xml
@@ -5,18 +5,17 @@
cm-cloud
com.cm
- 1.0.1-SNAPSHOT
+ ${cm-cloud.version}
4.0.0
cloud-common-article
- 1.0.1-SNAPSHOT
com.cm
cloud-common
- 1.0.1-SNAPSHOT
+ ${cm-cloud.version}
diff --git a/cloud-common-bigdata/pom.xml b/cloud-common-bigdata/pom.xml
index 9893614..b61b15c 100644
--- a/cloud-common-bigdata/pom.xml
+++ b/cloud-common-bigdata/pom.xml
@@ -5,40 +5,39 @@
cm-cloud
com.cm
- 1.0.1-SNAPSHOT
+ ${cm-cloud.version}
4.0.0
cloud-common-bigdata
大数据展示
- 1.0.1-SNAPSHOT
com.cm
cloud-common
- 1.0.1-SNAPSHOT
+ ${cm-cloud.version}
compile
com.cm
cloud-common-freemarker
- 1.0.1-SNAPSHOT
+ ${cm-cloud.version}
compile
com.cm
cloud-common-plugin
- 1.0.1-SNAPSHOT
+ ${cm-cloud.version}
compile
com.cm
cloud-common-plugin-dictionary
- 1.0.1-SNAPSHOT
+ ${cm-cloud.version}
compile
diff --git a/cloud-common-dingding/pom.xml b/cloud-common-dingding/pom.xml
index 00117e7..0cfce78 100644
--- a/cloud-common-dingding/pom.xml
+++ b/cloud-common-dingding/pom.xml
@@ -5,7 +5,7 @@
cm-cloud
com.cm
- 1.0.1-SNAPSHOT
+ ${cm-cloud.version}
4.0.0
@@ -15,7 +15,7 @@
com.cm
cloud-common
- 1.0.1-SNAPSHOT
+ ${cm-cloud.version}
diff --git a/cloud-common-freemarker/pom.xml b/cloud-common-freemarker/pom.xml
index 89ebaa1..fa4926e 100644
--- a/cloud-common-freemarker/pom.xml
+++ b/cloud-common-freemarker/pom.xml
@@ -5,13 +5,12 @@
cm-cloud
com.cm
- 1.0.1-SNAPSHOT
+ ${cm-cloud.version}
4.0.0
cloud-common-freemarker
静态模板生成
- 1.0.1-SNAPSHOT
@@ -28,7 +27,7 @@
com.cm
cloud-common
- 1.0.1-SNAPSHOT
+ ${cm-cloud.version}
compile
diff --git a/cloud-common-plugin-dictionary/pom.xml b/cloud-common-plugin-dictionary/pom.xml
index e73289f..94d0192 100644
--- a/cloud-common-plugin-dictionary/pom.xml
+++ b/cloud-common-plugin-dictionary/pom.xml
@@ -5,19 +5,18 @@
cm-cloud
com.cm
- 1.0.1-SNAPSHOT
+ ${cm-cloud.version}
4.0.0
cloud-common-plugin-dictionary
数据字典公共插件
- 1.0.1-SNAPSHOT
com.cm
cloud-common
- 1.0.1-SNAPSHOT
+ ${cm-cloud.version}
diff --git a/cloud-common-plugin-dynamic/pom.xml b/cloud-common-plugin-dynamic/pom.xml
index 22108ae..0f4f364 100644
--- a/cloud-common-plugin-dynamic/pom.xml
+++ b/cloud-common-plugin-dynamic/pom.xml
@@ -5,19 +5,18 @@
cm-cloud
com.cm
- 1.0.1-SNAPSHOT
+ ${cm-cloud.version}
4.0.0
cloud-common-plugin-dynamic
动态公共插件,包含动态表单,数据库等
- 1.0.1-SNAPSHOT
com.cm
cloud-common
- 1.0.1-SNAPSHOT
+ ${cm-cloud.version}
org.springframework.security.oauth.boot
@@ -35,7 +34,7 @@
com.cm
cloud-common-plugin-dictionary
- 1.0.1-SNAPSHOT
+ ${cm-cloud.version}
diff --git a/cloud-common-plugin-map/pom.xml b/cloud-common-plugin-map/pom.xml
index 5b50222..2ebf095 100644
--- a/cloud-common-plugin-map/pom.xml
+++ b/cloud-common-plugin-map/pom.xml
@@ -5,18 +5,17 @@
cm-cloud
com.cm
- 1.0.1-SNAPSHOT
+ ${cm-cloud.version}
4.0.0
cloud-common-plugin-map
地图插件,画网格
- 1.0.1-SNAPSHOT
com.cm
cloud-common
- 1.0.1-SNAPSHOT
+ ${cm-cloud.version}
org.springframework.security.oauth.boot
diff --git a/cloud-common-plugin-oauth/pom.xml b/cloud-common-plugin-oauth/pom.xml
index 78d6ef6..77e269f 100644
--- a/cloud-common-plugin-oauth/pom.xml
+++ b/cloud-common-plugin-oauth/pom.xml
@@ -5,20 +5,19 @@
cm-cloud
com.cm
- 1.0.1-SNAPSHOT
+ ${cm-cloud.version}
4.0.0
单点登录客户端使用的通用jar包
cloud-common-plugin-oauth
- 1.0.1-SNAPSHOT
com.cm
cloud-common-plugin
- 1.0.1-SNAPSHOT
+ ${cm-cloud.version}
org.springframework.security.oauth.boot
diff --git a/cloud-common-plugin-oauth/src/main/java/com/cm/common/plugin/converter/ClientUserAuthConverter.java b/cloud-common-plugin-oauth/src/main/java/com/cm/common/plugin/converter/ClientUserAuthConverter.java
index 1ddc718..9c7a688 100644
--- a/cloud-common-plugin-oauth/src/main/java/com/cm/common/plugin/converter/ClientUserAuthConverter.java
+++ b/cloud-common-plugin-oauth/src/main/java/com/cm/common/plugin/converter/ClientUserAuthConverter.java
@@ -1,7 +1,5 @@
package com.cm.common.plugin.converter;
-import com.alibaba.fastjson.JSONArray;
-import com.alibaba.fastjson.JSONObject;
import com.cm.common.config.properties.OauthProperties;
import com.cm.common.constants.ISystemConstant;
import com.cm.common.plugin.IApiConsts;
@@ -11,8 +9,6 @@ import com.cm.common.pojo.bos.RoleBO;
import com.cm.common.pojo.bos.RoleGrantedAuthority;
import com.cm.common.pojo.bos.UserInfoBO;
import com.cm.common.pojo.dtos.UserAttrInfoDTO;
-import com.fasterxml.jackson.core.type.TypeReference;
-import com.fasterxml.jackson.databind.JavaType;
import com.fasterxml.jackson.databind.ObjectMapper;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
@@ -20,7 +16,6 @@ import org.springframework.security.authentication.UsernamePasswordAuthenticatio
import org.springframework.security.core.Authentication;
import org.springframework.security.core.GrantedAuthority;
import org.springframework.security.oauth2.provider.token.UserAuthenticationConverter;
-import org.springframework.util.StringUtils;
import java.io.IOException;
import java.util.*;
@@ -50,7 +45,7 @@ public class ClientUserAuthConverter implements UserAuthenticationConverter {
public Authentication extractAuthentication(Map map) {
Object principal = map.get("user_name");
if (!Objects.isNull(principal)) {
- Collection authorities;
+ Collection authorities = new LinkedHashSet<>();;
Map userInfo = (Map) map.get("user_info");
UserInfoBO userInfoBO = new UserInfoBO();
userInfoBO.setUserId(userInfo.get("userId").toString());
@@ -60,9 +55,6 @@ public class ClientUserAuthConverter implements UserAuthenticationConverter {
userInfoBO.setUserAvatar(userInfo.get("userAvatar") == null ? "" : userInfo.get("userAvatar").toString());
userInfoBO.setUserEmail(userInfo.get("userEmail") == null ? "" : userInfo.get("userEmail").toString());
if (ISystemConstant.ADMIN.equals(principal.toString())) {
- authorities = new LinkedHashSet<>();
- authorities.add(new RoleGrantedAuthority("ROLE_ALL"));
- authorities.add(new RoleGrantedAuthority("ROLE_GROUP_ALL"));
} else {
Map params = new HashMap<>(1);
params.put(IApiConsts.ACCESS_TOKEN, ClientTokenManager.getInstance().getClientToken().getAccessToken());
@@ -81,14 +73,11 @@ public class ClientUserAuthConverter implements UserAuthenticationConverter {
userInfoBO.setDataAuthority(userAttrInfoDTO.getDataAuthority());
userInfoBO.setDataAuthorityUserIds(userAttrInfoDTO.getDataAuthorityUserIds());
userInfoBO.setBaseDepartmentIds(userAttrInfoDTO.getBaseDepartmentIds());
-
- authorities = getAuthorities(userAttrInfoDTO.getRoles());
} catch (IOException e) {
LOG.error(e.getMessage(), e);
throw new IllegalArgumentException("系统错误");
}
}
-
principal = userInfoBO;
LOG.debug("设置Token");
return new UsernamePasswordAuthenticationToken(principal, "N/A", authorities);
@@ -102,6 +91,7 @@ public class ClientUserAuthConverter implements UserAuthenticationConverter {
* @param roleBOs
* @return
*/
+ @Deprecated
private Collection getAuthorities(List roleBOs) {
Set roleGrantedAuthoritySet = new LinkedHashSet<>();
for (RoleBO roleBO : roleBOs) {
diff --git a/cloud-common-plugin-oauth/src/main/java/com/cm/common/plugin/oauth/service/rbac/impl/ClientRbacServiceImpl.java b/cloud-common-plugin-oauth/src/main/java/com/cm/common/plugin/oauth/service/rbac/impl/ClientRbacServiceImpl.java
index 5fd78d6..9b78787 100644
--- a/cloud-common-plugin-oauth/src/main/java/com/cm/common/plugin/oauth/service/rbac/impl/ClientRbacServiceImpl.java
+++ b/cloud-common-plugin-oauth/src/main/java/com/cm/common/plugin/oauth/service/rbac/impl/ClientRbacServiceImpl.java
@@ -1,22 +1,11 @@
package com.cm.common.plugin.oauth.service.rbac.impl;
-import com.cm.common.config.properties.AccessControl;
import com.cm.common.plugin.oauth.service.rbac.IClientRbacService;
-import com.cm.common.pojo.bos.PermissionBO;
-import com.cm.common.pojo.bos.RoleGrantedAuthority;
-import com.cm.common.pojo.bos.RoleMenuBO;
import org.apache.commons.lang3.StringUtils;
-import org.slf4j.Logger;
-import org.slf4j.LoggerFactory;
-import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.security.core.Authentication;
-import org.springframework.security.core.GrantedAuthority;
import org.springframework.stereotype.Component;
-import org.springframework.util.AntPathMatcher;
import javax.servlet.http.HttpServletRequest;
-import java.util.Collection;
-import java.util.List;
import java.util.Objects;
/**
@@ -32,14 +21,6 @@ import java.util.Objects;
@Component("clientRbacService")
public class ClientRbacServiceImpl implements IClientRbacService {
- private static final Logger LOG = LoggerFactory.getLogger(ClientRbacServiceImpl.class);
- /**
- * 根路径
- */
- private static final String ANT_PATH_BASE = "/";
- @Autowired
- private AccessControl accessControl;
-
@Override
public boolean hasPermission(HttpServletRequest request, Authentication authentication) {
boolean hasPermission = false;
@@ -47,207 +28,7 @@ public class ClientRbacServiceImpl implements IClientRbacService {
if (Objects.isNull(principal) || StringUtils.equals("anonymousUser", principal.toString())) {
return false;
}
- String requestURI = request.getRequestURI();
- Collection grantedAuthorities = authentication.getAuthorities();
- AntPathMatcher antPathMatcher = new AntPathMatcher();
- String contextPath = request.getContextPath();
- for (GrantedAuthority grantedAuthority : grantedAuthorities) {
- RoleGrantedAuthority roleGrantedAuthority = (RoleGrantedAuthority) grantedAuthority;
- if (StringUtils.contains(roleGrantedAuthority.getAuthority(), "_ALL")) {
- LOG.debug("权限校验URI:{},当前用户为最高管理员,有所有权限", requestURI);
- hasPermission = true;
- break;
- }
- // 放行权限
- if (hasPassPermission(contextPath, requestURI, roleGrantedAuthority, antPathMatcher)) {
- LOG.debug("权限校验URI:{},有新增权限", requestURI);
- hasPermission = true;
- break;
- }
- // 新增权限
- if (hasSavePermission(contextPath, requestURI, roleGrantedAuthority, antPathMatcher)) {
- LOG.debug("权限校验URI:{},有新增权限", requestURI);
- hasPermission = true;
- break;
- }
- // 删除权限
- if (hasDeletePermission(contextPath, requestURI, roleGrantedAuthority, antPathMatcher)) {
- LOG.debug("权限校验URI:{},有删除权限", requestURI);
- hasPermission = true;
- break;
- }
- // 修改权限
- if (hasUpdatePermission(contextPath, requestURI, roleGrantedAuthority, antPathMatcher)) {
- LOG.debug("权限校验URI:{},有修改权限", requestURI);
- hasPermission = true;
- break;
- }
- // 查询权限
- if (hasQueryPermission(contextPath, requestURI, roleGrantedAuthority, antPathMatcher)) {
- LOG.debug("权限校验URI:{},有查询权限", requestURI);
- hasPermission = true;
- break;
- }
- }
- return hasPermission;
- }
-
- /**
- * 放行权限
- *
- * @param uri
- * @param roleGrantedAuthority
- * @param antPathMatcher
- * @return
- */
- private boolean hasPassPermission(String contextPath, String uri, RoleGrantedAuthority roleGrantedAuthority, AntPathMatcher antPathMatcher) {
- if ((contextPath + ANT_PATH_BASE).equals(uri)) {
- return true;
- }
- List passPaths = accessControl.getPassPaths();
- for (String passPath : passPaths) {
- if (antPathMatcher.match(contextPath + passPath, uri)) {
- return true;
- }
- }
- return false;
- }
-
- /**
- * 接口的新增权限
- *
- * @param uri
- * @param roleGrantedAuthority
- * @param antPathMatcher
- * @return
- */
- private boolean hasSavePermission(String contextPath, String uri, RoleGrantedAuthority roleGrantedAuthority, AntPathMatcher antPathMatcher) {
- // 匹配接口权限
- for (PermissionBO permissionBO : roleGrantedAuthority.getPermissionInsert()) {
- if (antPathMatcher.match(contextPath + permissionBO.getPermissionUrl(), uri)) {
- return true;
- }
- }
- List savePaths = accessControl.getSavePaths();
- // 匹配接口
- for (RoleMenuBO roleMenuBO : roleGrantedAuthority.getSaveMenu()) {
- for (String savePath : savePaths) {
- if (!StringUtils.isBlank(roleMenuBO.getApiPrefix()) && antPathMatcher.match(contextPath + roleMenuBO.getApiPrefix() + savePath, uri)) {
- return true;
- }
- if (!StringUtils.isBlank(roleMenuBO.getResourcePrefix()) && antPathMatcher.match(contextPath + roleMenuBO.getResourcePrefix() + savePath, uri)) {
- return true;
- }
- if (!StringUtils.isBlank(roleMenuBO.getRoutePrefix()) && antPathMatcher.match(contextPath + roleMenuBO.getRoutePrefix() + savePath, uri)) {
- return true;
- }
- }
- }
- return false;
- }
-
- /**
- * 接口的删除权限
- *
- * @param uri
- * @param roleGrantedAuthority
- * @param antPathMatcher
- * @return
- */
- private boolean hasDeletePermission(String contextPath, String uri, RoleGrantedAuthority roleGrantedAuthority, AntPathMatcher antPathMatcher) {
- // 匹配接口权限
- for (PermissionBO permissionBO : roleGrantedAuthority.getPermissionDelete()) {
- if (antPathMatcher.match(contextPath + permissionBO.getPermissionUrl(), uri)) {
- return true;
- }
- }
- List deletePaths = accessControl.getDeletePaths();
- // 匹配接口
- for (RoleMenuBO roleMenuBO : roleGrantedAuthority.getDeleteMenu()) {
- for (String deletePath : deletePaths) {
- if (!StringUtils.isBlank(roleMenuBO.getApiPrefix()) && antPathMatcher.match(contextPath + roleMenuBO.getApiPrefix() + deletePath, uri)) {
- return true;
- }
- if (!StringUtils.isBlank(roleMenuBO.getResourcePrefix()) && antPathMatcher.match(contextPath + roleMenuBO.getResourcePrefix() + deletePath, uri)) {
- return true;
- }
- }
- }
- return false;
- }
-
- /**
- * 接口的修改权限
- *
- * @param uri
- * @param roleGrantedAuthority
- * @param antPathMatcher
- * @return
- */
- private boolean hasUpdatePermission(String contextPath, String uri, RoleGrantedAuthority roleGrantedAuthority, AntPathMatcher antPathMatcher) {
- // 匹配接口权限
- for (PermissionBO permissionBO : roleGrantedAuthority.getPermissionUpdate()) {
- if (antPathMatcher.match(contextPath + permissionBO.getPermissionUrl(), uri)) {
- return true;
- }
- }
- List updatePaths = accessControl.getUpdatePaths();
- // 匹配接口
- for (RoleMenuBO roleMenuBO : roleGrantedAuthority.getUpdateMenu()) {
- for (String updatePath : updatePaths) {
- if (!StringUtils.isBlank(roleMenuBO.getApiPrefix()) && antPathMatcher.match(contextPath + roleMenuBO.getApiPrefix() + updatePath, uri)) {
- return true;
- }
- if (!StringUtils.isBlank(roleMenuBO.getResourcePrefix()) && antPathMatcher.match(contextPath + roleMenuBO.getResourcePrefix() + updatePath, uri)) {
- return true;
- }
- if (!StringUtils.isBlank(roleMenuBO.getRoutePrefix()) && antPathMatcher.match(contextPath + roleMenuBO.getRoutePrefix() + updatePath, uri)) {
- return true;
- }
- }
- }
- return false;
- }
-
- /**
- * 接口的查询权限
- *
- * @param uri
- * @param roleGrantedAuthority
- * @param antPathMatcher
- * @return
- */
- private boolean hasQueryPermission(String contextPath, String uri, RoleGrantedAuthority roleGrantedAuthority, AntPathMatcher antPathMatcher) {
- // 匹配接口权限
- for (PermissionBO permissionBO : roleGrantedAuthority.getPermissionQuery()) {
- if (antPathMatcher.match(contextPath + permissionBO.getPermissionUrl(), uri)) {
- return true;
- }
- }
- List queryPaths = accessControl.getQueryPaths();
- // 匹配接口
- for (RoleMenuBO roleMenuBO : roleGrantedAuthority.getQueryMenu()) {
- if (StringUtils.isBlank(roleMenuBO.getApiPrefix())
- && StringUtils.isBlank(roleMenuBO.getResourcePrefix())
- && StringUtils.isBlank(roleMenuBO.getRoutePrefix())) {
- continue;
- }
- for (String queryPath : queryPaths) {
- String queryAntPath = contextPath + roleMenuBO.getApiPrefix() + queryPath;
- if (!StringUtils.isBlank(roleMenuBO.getApiPrefix()) && antPathMatcher.match(queryAntPath, uri)) {
- return true;
- }
- queryAntPath = contextPath + roleMenuBO.getResourcePrefix() + queryPath;
- if (!StringUtils.isBlank(roleMenuBO.getResourcePrefix()) && antPathMatcher.match(queryAntPath, uri)) {
- return true;
- }
- queryAntPath = contextPath + roleMenuBO.getRoutePrefix() + queryPath;
- if (!StringUtils.isBlank(roleMenuBO.getRoutePrefix()) && antPathMatcher.match(queryAntPath, uri)) {
- return true;
- }
- }
- }
- return false;
+ return true;
}
}
diff --git a/cloud-common-plugin-sensitive/pom.xml b/cloud-common-plugin-sensitive/pom.xml
index f07f338..1e7a6c8 100644
--- a/cloud-common-plugin-sensitive/pom.xml
+++ b/cloud-common-plugin-sensitive/pom.xml
@@ -5,7 +5,7 @@
cm-cloud
com.cm
- 1.0.1-SNAPSHOT
+ ${cm-cloud.version}
4.0.0
@@ -16,7 +16,7 @@
com.cm
cloud-common
- 1.0.1-SNAPSHOT
+ ${cm-cloud.version}
diff --git a/cloud-common-plugin/pom.xml b/cloud-common-plugin/pom.xml
index 5008585..b944c9f 100644
--- a/cloud-common-plugin/pom.xml
+++ b/cloud-common-plugin/pom.xml
@@ -5,18 +5,17 @@
cm-cloud
com.cm
- 1.0.1-SNAPSHOT
+ ${cm-cloud.version}
4.0.0
cloud-common-plugin
- 1.0.1-SNAPSHOT
com.cm
cloud-common
- 1.0.1-SNAPSHOT
+ ${cm-cloud.version}
diff --git a/cloud-common-socket/pom.xml b/cloud-common-socket/pom.xml
index 61311be..a873e56 100644
--- a/cloud-common-socket/pom.xml
+++ b/cloud-common-socket/pom.xml
@@ -5,7 +5,7 @@
cm-cloud
com.cm
- 1.0.1-SNAPSHOT
+ ${cm-cloud.version}
4.0.0
@@ -15,13 +15,13 @@
com.cm
cloud-common-plugin
- 1.0.1-SNAPSHOT
+ ${cm-cloud.version}
com.cm
cloud-security
- 1.0.1-SNAPSHOT
+ ${cm-cloud.version}
diff --git a/cloud-common-websocket/pom.xml b/cloud-common-websocket/pom.xml
index 1876f6a..3989f7a 100644
--- a/cloud-common-websocket/pom.xml
+++ b/cloud-common-websocket/pom.xml
@@ -5,7 +5,7 @@
cm-cloud
com.cm
- 1.0.1-SNAPSHOT
+ ${cm-cloud.version}
4.0.0
@@ -20,12 +20,12 @@
com.cm
cloud-common-plugin
- 1.0.1-SNAPSHOT
+ ${cm-cloud.version}
com.cm
cloud-common
- 1.0.1-SNAPSHOT
+ ${cm-cloud.version}
diff --git a/cloud-common-wechat/pom.xml b/cloud-common-wechat/pom.xml
index 1a0def4..2f45045 100644
--- a/cloud-common-wechat/pom.xml
+++ b/cloud-common-wechat/pom.xml
@@ -5,7 +5,7 @@
cm-cloud
com.cm
- 1.0.1-SNAPSHOT
+ ${cm-cloud.version}
4.0.0
@@ -15,7 +15,7 @@
com.cm
cloud-common
- 1.0.1-SNAPSHOT
+ ${cm-cloud.version}
junit
diff --git a/cloud-common/pom.xml b/cloud-common/pom.xml
index e53b452..22cfc41 100644
--- a/cloud-common/pom.xml
+++ b/cloud-common/pom.xml
@@ -5,12 +5,11 @@
cm-cloud
com.cm
- 1.0.1-SNAPSHOT
+ ${cm-cloud.version}
4.0.0
cloud-common
- 1.0.1-SNAPSHOT
diff --git a/cloud-common/src/main/java/com/cm/common/component/SecurityComponent.java b/cloud-common/src/main/java/com/cm/common/component/SecurityComponent.java
index 43de967..2bc0e2f 100644
--- a/cloud-common/src/main/java/com/cm/common/component/SecurityComponent.java
+++ b/cloud-common/src/main/java/com/cm/common/component/SecurityComponent.java
@@ -58,22 +58,6 @@ public class SecurityComponent {
return userInfoBO;
}
- /**
- * 角色ID列表
- *
- * @return
- */
- public List listRoleIds() {
- Authentication authentication = SecurityContextHolder.getContext().getAuthentication();
- Collection grantedAuthorities = authentication.getAuthorities();
- List roleIds = new ArrayList<>();
- for (GrantedAuthority grantedAuthority : grantedAuthorities) {
- RoleGrantedAuthority roleGrantedAuthority = (RoleGrantedAuthority) grantedAuthority;
- roleIds.add(roleGrantedAuthority.getRoleId());
- }
- return roleIds;
- }
-
/**
* 当前角色列表
*
@@ -84,6 +68,19 @@ public class SecurityComponent {
return userInfoBO.getRoles();
}
+ /**
+ * 角色ID列表
+ *
+ * @return
+ */
+ public List listRoleIds() {
+ List roleIds = new ArrayList<>();
+ for (RoleBO roleBO : listRole()) {
+ roleIds.add(roleBO.getRoleId());
+ }
+ return roleIds;
+ }
+
/**
* 部门列表
*
diff --git a/cloud-common/src/main/java/com/cm/common/service/impl/RbacServiceImpl.java b/cloud-common/src/main/java/com/cm/common/service/impl/RbacServiceImpl.java
index 7dc1acd..72c90a1 100644
--- a/cloud-common/src/main/java/com/cm/common/service/impl/RbacServiceImpl.java
+++ b/cloud-common/src/main/java/com/cm/common/service/impl/RbacServiceImpl.java
@@ -1,24 +1,14 @@
package com.cm.common.service.impl;
-import com.alibaba.fastjson.JSON;
-import com.alibaba.fastjson.JSONObject;
import com.cm.common.config.properties.AccessControl;
-import com.cm.common.pojo.bos.RoleBO;
-import com.cm.common.pojo.bos.RoleGrantedAuthority;
-import com.cm.common.pojo.bos.RoleMenuBO;
import com.cm.common.service.IRbacService;
-import org.apache.commons.lang3.StringUtils;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.security.core.Authentication;
-import org.springframework.security.core.GrantedAuthority;
import org.springframework.stereotype.Component;
-import org.springframework.util.AntPathMatcher;
import javax.servlet.http.HttpServletRequest;
-import java.util.Collection;
-import java.util.List;
/**
* @ClassName: RbacServiceImpl
@@ -30,213 +20,13 @@ import java.util.List;
@Component("rbacService")
public class RbacServiceImpl implements IRbacService {
- private static final Logger LOG = LoggerFactory.getLogger(RbacServiceImpl.class);
- /**
- * 根路径
- */
- private static final String ANT_PATH_BASE = "/";
- @Autowired
- private AccessControl accessControl;
-
@Override
public boolean hasPermission(HttpServletRequest request, Authentication authentication) {
- boolean hasPermission = false;
Object object = authentication.getPrincipal();
if (object == null || "anonymousUser".equals(object.toString())) {
- return hasPermission;
+ return false;
}
- String requestURI = request.getRequestURI();
- Collection grantedAuthorities = authentication.getAuthorities();
- AntPathMatcher antPathMatcher = new AntPathMatcher();
- String contextPath = request.getContextPath();
-
- for (GrantedAuthority grantedAuthority : grantedAuthorities) {
- RoleGrantedAuthority roleGrantedAuthority;
- if (grantedAuthority instanceof RoleGrantedAuthority) {
- LOG.debug("统一用户登录");
- roleGrantedAuthority = (RoleGrantedAuthority) grantedAuthority;
- } else {
- LOG.debug("客户端登录");
- JSONObject authorityObject = JSONObject.parseObject(grantedAuthority.toString().replace("_wg_", ","));
- if (StringUtils.contains(authorityObject.getString("authority"), "_ALL")) {
- LOG.debug("管理员登录客户端");
- roleGrantedAuthority = new RoleGrantedAuthority(authorityObject.getString("authority"));
- } else {
- LOG.debug("普通用户登录客户端");
- RoleBO roleBO = new RoleBO();
- roleBO.setRoleId(authorityObject.getString("roleId"));
- roleBO.setRoleName(authorityObject.getString("roleName"));
- roleBO.setSaveMenu(JSON.parseArray(authorityObject.getString("saveMenu"), RoleMenuBO.class));
- roleBO.setDeleteMenu(JSON.parseArray(authorityObject.getString("deleteMenu"), RoleMenuBO.class));
- roleBO.setUpdateMenu(JSON.parseArray(authorityObject.getString("updateMenu"), RoleMenuBO.class));
- roleBO.setQueryMenu(JSON.parseArray(authorityObject.getString("queryMenu"), RoleMenuBO.class));
- roleGrantedAuthority = new RoleGrantedAuthority(authorityObject.getString("authority"), roleBO);
- }
- }
- if (StringUtils.contains(roleGrantedAuthority.getAuthority(), "_ALL")) {
- LOG.debug("权限校验URI:{},当前用户为最高管理员,有所有权限", requestURI);
- hasPermission = true;
- break;
- }
- // 放行权限
- if (hasPassPermission(contextPath, requestURI, roleGrantedAuthority, antPathMatcher)) {
- LOG.debug("权限校验URI:{},有新增权限", requestURI);
- hasPermission = true;
- break;
- }
- // 新增权限
- if (hasSavePermission(contextPath, requestURI, roleGrantedAuthority, antPathMatcher)) {
- LOG.debug("权限校验URI:{},有新增权限", requestURI);
- hasPermission = true;
- break;
- }
- // 删除权限
- if (hasDeletePermission(contextPath, requestURI, roleGrantedAuthority, antPathMatcher)) {
- LOG.debug("权限校验URI:{},有删除权限", requestURI);
- hasPermission = true;
- break;
- }
- // 修改权限
- if (hasUpdatePermission(contextPath, requestURI, roleGrantedAuthority, antPathMatcher)) {
- LOG.debug("权限校验URI:{},有修改权限", requestURI);
- hasPermission = true;
- break;
- }
- // 查询权限
- if (hasQueryPermission(contextPath, requestURI, roleGrantedAuthority, antPathMatcher)) {
- LOG.debug("权限校验URI:{},有查询权限", requestURI);
- hasPermission = true;
- break;
- }
- }
- return hasPermission;
- }
-
- /**
- * 放行权限
- *
- * @param uri
- * @param roleGrantedAuthority
- * @param antPathMatcher
- * @return
- */
- private boolean hasPassPermission(String contextPath, String uri, RoleGrantedAuthority roleGrantedAuthority, AntPathMatcher antPathMatcher) {
- if ((contextPath + ANT_PATH_BASE).equals(uri)) {
- return true;
- }
- List passPaths = accessControl.getPassPaths();
- for (String passPath : passPaths) {
- if (antPathMatcher.match(contextPath + passPath, uri)) {
- return true;
- }
- }
- return false;
- }
-
- /**
- * 接口的新增权限
- *
- * @param uri
- * @param roleGrantedAuthority
- * @param antPathMatcher
- * @return
- */
- private boolean hasSavePermission(String contextPath, String uri, RoleGrantedAuthority roleGrantedAuthority, AntPathMatcher antPathMatcher) {
- List savePaths = accessControl.getSavePaths();
- // 匹配接口
- for (RoleMenuBO roleMenuBO : roleGrantedAuthority.getSaveMenu()) {
- for (String savePath : savePaths) {
- if (antPathMatcher.match(contextPath + roleMenuBO.getApiPrefix() + savePath, uri)) {
- return true;
- }
- if (antPathMatcher.match(contextPath + roleMenuBO.getResourcePrefix() + savePath, uri)) {
- return true;
- }
- if (antPathMatcher.match(contextPath + roleMenuBO.getRoutePrefix() + savePath, uri)) {
- return true;
- }
- }
- }
- return false;
- }
-
- /**
- * 接口的删除权限
- *
- * @param uri
- * @param roleGrantedAuthority
- * @param antPathMatcher
- * @return
- */
- private boolean hasDeletePermission(String contextPath, String uri, RoleGrantedAuthority roleGrantedAuthority, AntPathMatcher antPathMatcher) {
- List deletePaths = accessControl.getDeletePaths();
- // 匹配接口
- for (RoleMenuBO roleMenuBO : roleGrantedAuthority.getDeleteMenu()) {
- for (String deletePath : deletePaths) {
- if (antPathMatcher.match(contextPath + roleMenuBO.getApiPrefix() + deletePath, uri)) {
- return true;
- }
- if (antPathMatcher.match(contextPath + roleMenuBO.getResourcePrefix() + deletePath, uri)) {
- return true;
- }
- }
- }
- return false;
- }
-
- /**
- * 接口的修改权限
- *
- * @param uri
- * @param roleGrantedAuthority
- * @param antPathMatcher
- * @return
- */
- private boolean hasUpdatePermission(String contextPath, String uri, RoleGrantedAuthority roleGrantedAuthority, AntPathMatcher antPathMatcher) {
- List updatePaths = accessControl.getUpdatePaths();
- // 匹配接口
- for (RoleMenuBO roleMenuBO : roleGrantedAuthority.getUpdateMenu()) {
- for (String updatePath : updatePaths) {
- if (antPathMatcher.match(contextPath + roleMenuBO.getApiPrefix() + updatePath, uri)) {
- return true;
- }
- if (antPathMatcher.match(contextPath + roleMenuBO.getResourcePrefix() + updatePath, uri)) {
- return true;
- }
- if (antPathMatcher.match(contextPath + roleMenuBO.getRoutePrefix() + updatePath, uri)) {
- return true;
- }
- }
- }
- return false;
- }
-
- /**
- * 接口的查询权限
- *
- * @param uri
- * @param roleGrantedAuthority
- * @param antPathMatcher
- * @return
- */
- private boolean hasQueryPermission(String contextPath, String uri, RoleGrantedAuthority roleGrantedAuthority, AntPathMatcher antPathMatcher) {
- List queryPaths = accessControl.getQueryPaths();
- // 匹配接口
- for (RoleMenuBO roleMenuBO : roleGrantedAuthority.getQueryMenu()) {
- for (String queryPath : queryPaths) {
- String queryAntPath = contextPath + roleMenuBO.getApiPrefix() + queryPath;
- if (antPathMatcher.match(queryAntPath, uri)) {
- return true;
- }
- if (antPathMatcher.match(contextPath + roleMenuBO.getResourcePrefix() + queryPath, uri)) {
- return true;
- }
- if (antPathMatcher.match(contextPath + roleMenuBO.getRoutePrefix() + queryPath, uri)) {
- return true;
- }
- }
- }
- return false;
+ return true;
}
}
diff --git a/cloud-hardware-smart-gate/pom.xml b/cloud-hardware-smart-gate/pom.xml
index f0e3d2f..0eade12 100644
--- a/cloud-hardware-smart-gate/pom.xml
+++ b/cloud-hardware-smart-gate/pom.xml
@@ -5,7 +5,7 @@
cm-cloud
com.cm
- 1.0.1-SNAPSHOT
+ ${cm-cloud.version}
4.0.0
@@ -15,7 +15,7 @@
com.cm
cloud-common
- 1.0.1-SNAPSHOT
+ ${cm-cloud.version}
diff --git a/cloud-manager-sms/pom.xml b/cloud-manager-sms/pom.xml
index 0b9ca5d..9efa6bf 100644
--- a/cloud-manager-sms/pom.xml
+++ b/cloud-manager-sms/pom.xml
@@ -5,7 +5,7 @@
cm-cloud
com.cm
- 1.0.1-SNAPSHOT
+ ${cm-cloud.version}
4.0.0
验证码模块
@@ -16,7 +16,7 @@
com.cm
cloud-common
- 1.0.1-SNAPSHOT
+ ${cm-cloud.version}
diff --git a/cloud-security/pom.xml b/cloud-security/pom.xml
index 93fcfda..a745a1b 100644
--- a/cloud-security/pom.xml
+++ b/cloud-security/pom.xml
@@ -5,12 +5,11 @@
cm-cloud
com.cm
- 1.0.1-SNAPSHOT
+ ${cm-cloud.version}
4.0.0
cloud-security
- 1.0.1-SNAPSHOT
diff --git a/cloud-token-in/pom.xml b/cloud-token-in/pom.xml
index 4c8a95b..1dc3f96 100644
--- a/cloud-token-in/pom.xml
+++ b/cloud-token-in/pom.xml
@@ -5,13 +5,12 @@
cm-cloud
com.cm
- 1.0.1-SNAPSHOT
+ ${cm-cloud.version}
接收系统校验
4.0.0
cloud-token-in
- 1.0.1-SNAPSHOT
diff --git a/cloud-token-out/pom.xml b/cloud-token-out/pom.xml
index 3ecbfa7..04153f3 100644
--- a/cloud-token-out/pom.xml
+++ b/cloud-token-out/pom.xml
@@ -5,13 +5,12 @@
cm-cloud
com.cm
- 1.0.1-SNAPSHOT
+ ${cm-cloud.version}
发送系统校验
4.0.0
cloud-token-out
- 1.0.1-SNAPSHOT
diff --git a/pom.xml b/pom.xml
index 880fe53..d6aee29 100644
--- a/pom.xml
+++ b/pom.xml
@@ -6,7 +6,7 @@
com.cm
cm-cloud
- 1.0.1-SNAPSHOT
+ ${cm-cloud.version}
cloud-common
cloud-security
@@ -34,6 +34,7 @@
成迈云
+ 1.0.2-SNAPSHOT
1.8
5.1.4.RELEASE
2.1.2.RELEASE