Tenlion/cm-cloud
5
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

新增1.0.2快照版本,只保留菜单、数据权限

Browse Source
This commit is contained in:
wanggeng888 2021-07-16 18:11:22 +08:00
parent ad3850ba17
commit ab462a2e57
26 changed files with 66 additions and 519 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
cloud-central-control-client/pom.xml
View File

@ -5,7 +5,7 @@
<parent>
<artifactId>cm-cloud</artifactId>
<groupId>com.cm</groupId>
<version>1.0.1-SNAPSHOT</version>
<version>${cm-cloud.version}</version>
</parent>
<modelVersion>4.0.0</modelVersion>
@ -20,7 +20,7 @@
<dependency>
<groupId>com.cm</groupId>
<artifactId>cloud-common-socket</artifactId>
<version>1.0.1-SNAPSHOT</version>
<version>${cm-cloud.version}</version>
</dependency>
</dependencies>

8
cloud-central-control/pom.xml
View File

@ -5,7 +5,7 @@
<parent>
<artifactId>cm-cloud</artifactId>
<groupId>com.cm</groupId>
<version>1.0.1-SNAPSHOT</version>
<version>${cm-cloud.version}</version>
</parent>
<modelVersion>4.0.0</modelVersion>
@ -15,17 +15,17 @@
<dependency>
<groupId>com.cm</groupId>
<artifactId>cloud-common-plugin-dictionary</artifactId>
<version>1.0.1-SNAPSHOT</version>
<version>${cm-cloud.version}</version>
</dependency>
<dependency>
<groupId>com.cm</groupId>
<artifactId>cloud-common-socket</artifactId>
<version>1.0.1-SNAPSHOT</version>
<version>${cm-cloud.version}</version>
</dependency>
<dependency>
<groupId>com.cm</groupId>
<artifactId>cloud-manager-sms</artifactId>
<version>1.0.1-SNAPSHOT</version>
<version>${cm-cloud.version}</version>
</dependency>
</dependencies>

5
cloud-common-article/pom.xml
View File

@ -5,18 +5,17 @@
<parent>
<artifactId>cm-cloud</artifactId>
<groupId>com.cm</groupId>
<version>1.0.1-SNAPSHOT</version>
<version>${cm-cloud.version}</version>
</parent>
<modelVersion>4.0.0</modelVersion>
<artifactId>cloud-common-article</artifactId>
<version>1.0.1-SNAPSHOT</version>
<dependencies>
<dependency>
<groupId>com.cm</groupId>
<artifactId>cloud-common</artifactId>
<version>1.0.1-SNAPSHOT</version>
<version>${cm-cloud.version}</version>
</dependency>
</dependencies>

11
cloud-common-bigdata/pom.xml
View File

@ -5,40 +5,39 @@
<parent>
<artifactId>cm-cloud</artifactId>
<groupId>com.cm</groupId>
<version>1.0.1-SNAPSHOT</version>
<version>${cm-cloud.version}</version>
</parent>
<modelVersion>4.0.0</modelVersion>
<artifactId>cloud-common-bigdata</artifactId>
<description>大数据展示</description>
<version>1.0.1-SNAPSHOT</version>
<dependencies>
<dependency>
<groupId>com.cm</groupId>
<artifactId>cloud-common</artifactId>
<version>1.0.1-SNAPSHOT</version>
<version>${cm-cloud.version}</version>
<scope>compile</scope>
</dependency>
<dependency>
<groupId>com.cm</groupId>
<artifactId>cloud-common-freemarker</artifactId>
<version>1.0.1-SNAPSHOT</version>
<version>${cm-cloud.version}</version>
<scope>compile</scope>
</dependency>
<dependency>
<groupId>com.cm</groupId>
<artifactId>cloud-common-plugin</artifactId>
<version>1.0.1-SNAPSHOT</version>
<version>${cm-cloud.version}</version>
<scope>compile</scope>
</dependency>
<dependency>
<groupId>com.cm</groupId>
<artifactId>cloud-common-plugin-dictionary</artifactId>
<version>1.0.1-SNAPSHOT</version>
<version>${cm-cloud.version}</version>
<scope>compile</scope>
</dependency>
</dependencies>

4
cloud-common-dingding/pom.xml
View File

@ -5,7 +5,7 @@
<parent>
<artifactId>cm-cloud</artifactId>
<groupId>com.cm</groupId>
<version>1.0.1-SNAPSHOT</version>
<version>${cm-cloud.version}</version>
</parent>
<modelVersion>4.0.0</modelVersion>
@ -15,7 +15,7 @@
<dependency>
<groupId>com.cm</groupId>
<artifactId>cloud-common</artifactId>
<version>1.0.1-SNAPSHOT</version>
<version>${cm-cloud.version}</version>
</dependency>
<!-- 阿里钉钉SDK -->

5
cloud-common-freemarker/pom.xml
View File

@ -5,13 +5,12 @@
<parent>
<artifactId>cm-cloud</artifactId>
<groupId>com.cm</groupId>
<version>1.0.1-SNAPSHOT</version>
<version>${cm-cloud.version}</version>
</parent>
<modelVersion>4.0.0</modelVersion>
<artifactId>cloud-common-freemarker</artifactId>
<description>静态模板生成</description>
<version>1.0.1-SNAPSHOT</version>
<dependencies>
<dependency>
@ -28,7 +27,7 @@
<dependency>
<groupId>com.cm</groupId>
<artifactId>cloud-common</artifactId>
<version>1.0.1-SNAPSHOT</version>
<version>${cm-cloud.version}</version>
<scope>compile</scope>
</dependency>
</dependencies>

5
cloud-common-plugin-dictionary/pom.xml
View File

@ -5,19 +5,18 @@
<parent>
<artifactId>cm-cloud</artifactId>
<groupId>com.cm</groupId>
<version>1.0.1-SNAPSHOT</version>
<version>${cm-cloud.version}</version>
</parent>
<modelVersion>4.0.0</modelVersion>
<artifactId>cloud-common-plugin-dictionary</artifactId>
<description>数据字典公共插件</description>
<version>1.0.1-SNAPSHOT</version>
<dependencies>
<dependency>
<groupId>com.cm</groupId>
<artifactId>cloud-common</artifactId>
<version>1.0.1-SNAPSHOT</version>
<version>${cm-cloud.version}</version>
</dependency>
</dependencies>

7
cloud-common-plugin-dynamic/pom.xml
View File

@ -5,19 +5,18 @@
<parent>
<artifactId>cm-cloud</artifactId>
<groupId>com.cm</groupId>
<version>1.0.1-SNAPSHOT</version>
<version>${cm-cloud.version}</version>
</parent>
<modelVersion>4.0.0</modelVersion>
<artifactId>cloud-common-plugin-dynamic</artifactId>
<description>动态公共插件,包含动态表单,数据库等</description>
<version>1.0.1-SNAPSHOT</version>
<dependencies>
<dependency>
<groupId>com.cm</groupId>
<artifactId>cloud-common</artifactId>
<version>1.0.1-SNAPSHOT</version>
<version>${cm-cloud.version}</version>
<exclusions>
<exclusion>
<groupId>org.springframework.security.oauth.boot</groupId>
@ -35,7 +34,7 @@
<dependency>
<groupId>com.cm</groupId>
<artifactId>cloud-common-plugin-dictionary</artifactId>
<version>1.0.1-SNAPSHOT</version>
<version>${cm-cloud.version}</version>
</dependency>

5
cloud-common-plugin-map/pom.xml
View File

@ -5,18 +5,17 @@
<parent>
<artifactId>cm-cloud</artifactId>
<groupId>com.cm</groupId>
<version>1.0.1-SNAPSHOT</version>
<version>${cm-cloud.version}</version>
</parent>
<modelVersion>4.0.0</modelVersion>
<artifactId>cloud-common-plugin-map</artifactId>
<description>地图插件,画网格</description>
<version>1.0.1-SNAPSHOT</version>
<dependencies>
<dependency>
<groupId>com.cm</groupId>
<artifactId>cloud-common</artifactId>
<version>1.0.1-SNAPSHOT</version>
<version>${cm-cloud.version}</version>
<exclusions>
<exclusion>
<groupId>org.springframework.security.oauth.boot</groupId>

5
cloud-common-plugin-oauth/pom.xml
View File

@ -5,20 +5,19 @@
<parent>
<artifactId>cm-cloud</artifactId>
<groupId>com.cm</groupId>
<version>1.0.1-SNAPSHOT</version>
<version>${cm-cloud.version}</version>
</parent>
<modelVersion>4.0.0</modelVersion>
<description>单点登录客户端使用的通用jar包</description>
<artifactId>cloud-common-plugin-oauth</artifactId>
<version>1.0.1-SNAPSHOT</version>
<dependencies>
<dependency>
<groupId>com.cm</groupId>
<artifactId>cloud-common-plugin</artifactId>
<version>1.0.1-SNAPSHOT</version>
<version>${cm-cloud.version}</version>
<exclusions>
<exclusion>
<groupId>org.springframework.security.oauth.boot</groupId>

14
cloud-common-plugin-oauth/src/main/java/com/cm/common/plugin/converter/ClientUserAuthConverter.java
View File

@ -1,7 +1,5 @@
package com.cm.common.plugin.converter;
import com.alibaba.fastjson.JSONArray;
import com.alibaba.fastjson.JSONObject;
import com.cm.common.config.properties.OauthProperties;
import com.cm.common.constants.ISystemConstant;
import com.cm.common.plugin.IApiConsts;
@ -11,8 +9,6 @@ import com.cm.common.pojo.bos.RoleBO;
import com.cm.common.pojo.bos.RoleGrantedAuthority;
import com.cm.common.pojo.bos.UserInfoBO;
import com.cm.common.pojo.dtos.UserAttrInfoDTO;
import com.fasterxml.jackson.core.type.TypeReference;
import com.fasterxml.jackson.databind.JavaType;
import com.fasterxml.jackson.databind.ObjectMapper;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
@ -20,7 +16,6 @@ import org.springframework.security.authentication.UsernamePasswordAuthenticatio
import org.springframework.security.core.Authentication;
import org.springframework.security.core.GrantedAuthority;
import org.springframework.security.oauth2.provider.token.UserAuthenticationConverter;
import org.springframework.util.StringUtils;
import java.io.IOException;
import java.util.*;
@ -50,7 +45,7 @@ public class ClientUserAuthConverter implements UserAuthenticationConverter {
public Authentication extractAuthentication(Map<String, ?> map) {
Object principal = map.get("user_name");
if (!Objects.isNull(principal)) {
Collection<GrantedAuthority> authorities;
Collection<GrantedAuthority> authorities = new LinkedHashSet<>();;
Map<String, Object> userInfo = (Map<String, Object>) map.get("user_info");
UserInfoBO userInfoBO = new UserInfoBO();
userInfoBO.setUserId(userInfo.get("userId").toString());
@ -60,9 +55,6 @@ public class ClientUserAuthConverter implements UserAuthenticationConverter {
userInfoBO.setUserAvatar(userInfo.get("userAvatar") == null ? "" : userInfo.get("userAvatar").toString());
userInfoBO.setUserEmail(userInfo.get("userEmail") == null ? "" : userInfo.get("userEmail").toString());
if (ISystemConstant.ADMIN.equals(principal.toString())) {
authorities = new LinkedHashSet<>();
authorities.add(new RoleGrantedAuthority("ROLE_ALL"));
authorities.add(new RoleGrantedAuthority("ROLE_GROUP_ALL"));
} else {
Map<String, Object> params = new HashMap<>(1);
params.put(IApiConsts.ACCESS_TOKEN, ClientTokenManager.getInstance().getClientToken().getAccessToken());
@ -81,14 +73,11 @@ public class ClientUserAuthConverter implements UserAuthenticationConverter {
userInfoBO.setDataAuthority(userAttrInfoDTO.getDataAuthority());
userInfoBO.setDataAuthorityUserIds(userAttrInfoDTO.getDataAuthorityUserIds());
userInfoBO.setBaseDepartmentIds(userAttrInfoDTO.getBaseDepartmentIds());
authorities = getAuthorities(userAttrInfoDTO.getRoles());
} catch (IOException e) {
LOG.error(e.getMessage(), e);
throw new IllegalArgumentException("系统错误");
}
}
principal = userInfoBO;
LOG.debug("设置Token");
return new UsernamePasswordAuthenticationToken(principal, "N/A", authorities);
@ -102,6 +91,7 @@ public class ClientUserAuthConverter implements UserAuthenticationConverter {
* @param roleBOs
* @return
*/
@Deprecated
private Collection<GrantedAuthority> getAuthorities(List<RoleBO> roleBOs) {
Set<GrantedAuthority> roleGrantedAuthoritySet = new LinkedHashSet<>();
for (RoleBO roleBO : roleBOs) {

221
cloud-common-plugin-oauth/src/main/java/com/cm/common/plugin/oauth/service/rbac/impl/ClientRbacServiceImpl.java
View File

@ -1,22 +1,11 @@
package com.cm.common.plugin.oauth.service.rbac.impl;
import com.cm.common.config.properties.AccessControl;
import com.cm.common.plugin.oauth.service.rbac.IClientRbacService;
import com.cm.common.pojo.bos.PermissionBO;
import com.cm.common.pojo.bos.RoleGrantedAuthority;
import com.cm.common.pojo.bos.RoleMenuBO;
import org.apache.commons.lang3.StringUtils;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.security.core.Authentication;
import org.springframework.security.core.GrantedAuthority;
import org.springframework.stereotype.Component;
import org.springframework.util.AntPathMatcher;
import javax.servlet.http.HttpServletRequest;
import java.util.Collection;
import java.util.List;
import java.util.Objects;
/**
@ -32,14 +21,6 @@ import java.util.Objects;
@Component("clientRbacService")
public class ClientRbacServiceImpl implements IClientRbacService {
private static final Logger LOG = LoggerFactory.getLogger(ClientRbacServiceImpl.class);
/**
* 根路径
*/
private static final String ANT_PATH_BASE = "/";
@Autowired
private AccessControl accessControl;
@Override
public boolean hasPermission(HttpServletRequest request, Authentication authentication) {
boolean hasPermission = false;
@ -47,207 +28,7 @@ public class ClientRbacServiceImpl implements IClientRbacService {
if (Objects.isNull(principal) || StringUtils.equals("anonymousUser", principal.toString())) {
return false;
}
String requestURI = request.getRequestURI();
Collection<? extends GrantedAuthority> grantedAuthorities = authentication.getAuthorities();
AntPathMatcher antPathMatcher = new AntPathMatcher();
String contextPath = request.getContextPath();
for (GrantedAuthority grantedAuthority : grantedAuthorities) {
RoleGrantedAuthority roleGrantedAuthority = (RoleGrantedAuthority) grantedAuthority;
if (StringUtils.contains(roleGrantedAuthority.getAuthority(), "_ALL")) {
LOG.debug("权限校验URI{},当前用户为最高管理员,有所有权限", requestURI);
hasPermission = true;
break;
}
// 放行权限
if (hasPassPermission(contextPath, requestURI, roleGrantedAuthority, antPathMatcher)) {
LOG.debug("权限校验URI{},有新增权限", requestURI);
hasPermission = true;
break;
}
// 新增权限
if (hasSavePermission(contextPath, requestURI, roleGrantedAuthority, antPathMatcher)) {
LOG.debug("权限校验URI{},有新增权限", requestURI);
hasPermission = true;
break;
}
// 删除权限
if (hasDeletePermission(contextPath, requestURI, roleGrantedAuthority, antPathMatcher)) {
LOG.debug("权限校验URI{},有删除权限", requestURI);
hasPermission = true;
break;
}
// 修改权限
if (hasUpdatePermission(contextPath, requestURI, roleGrantedAuthority, antPathMatcher)) {
LOG.debug("权限校验URI{},有修改权限", requestURI);
hasPermission = true;
break;
}
// 查询权限
if (hasQueryPermission(contextPath, requestURI, roleGrantedAuthority, antPathMatcher)) {
LOG.debug("权限校验URI{},有查询权限", requestURI);
hasPermission = true;
break;
}
}
return hasPermission;
}
/**
* 放行权限
*
* @param uri
* @param roleGrantedAuthority
* @param antPathMatcher
* @return
*/
private boolean hasPassPermission(String contextPath, String uri, RoleGrantedAuthority roleGrantedAuthority, AntPathMatcher antPathMatcher) {
if ((contextPath + ANT_PATH_BASE).equals(uri)) {
return true;
}
List<String> passPaths = accessControl.getPassPaths();
for (String passPath : passPaths) {
if (antPathMatcher.match(contextPath + passPath, uri)) {
return true;
}
}
return false;
}
/**
* 接口的新增权限
*
* @param uri
* @param roleGrantedAuthority
* @param antPathMatcher
* @return
*/
private boolean hasSavePermission(String contextPath, String uri, RoleGrantedAuthority roleGrantedAuthority, AntPathMatcher antPathMatcher) {
// 匹配接口权限
for (PermissionBO permissionBO : roleGrantedAuthority.getPermissionInsert()) {
if (antPathMatcher.match(contextPath + permissionBO.getPermissionUrl(), uri)) {
return true;
}
}
List<String> savePaths = accessControl.getSavePaths();
// 匹配接口
for (RoleMenuBO roleMenuBO : roleGrantedAuthority.getSaveMenu()) {
for (String savePath : savePaths) {
if (!StringUtils.isBlank(roleMenuBO.getApiPrefix()) && antPathMatcher.match(contextPath + roleMenuBO.getApiPrefix() + savePath, uri)) {
return true;
}
if (!StringUtils.isBlank(roleMenuBO.getResourcePrefix()) && antPathMatcher.match(contextPath + roleMenuBO.getResourcePrefix() + savePath, uri)) {
return true;
}
if (!StringUtils.isBlank(roleMenuBO.getRoutePrefix()) && antPathMatcher.match(contextPath + roleMenuBO.getRoutePrefix() + savePath, uri)) {
return true;
}
}
}
return false;
}
/**
* 接口的删除权限
*
* @param uri
* @param roleGrantedAuthority
* @param antPathMatcher
* @return
*/
private boolean hasDeletePermission(String contextPath, String uri, RoleGrantedAuthority roleGrantedAuthority, AntPathMatcher antPathMatcher) {
// 匹配接口权限
for (PermissionBO permissionBO : roleGrantedAuthority.getPermissionDelete()) {
if (antPathMatcher.match(contextPath + permissionBO.getPermissionUrl(), uri)) {
return true;
}
}
List<String> deletePaths = accessControl.getDeletePaths();
// 匹配接口
for (RoleMenuBO roleMenuBO : roleGrantedAuthority.getDeleteMenu()) {
for (String deletePath : deletePaths) {
if (!StringUtils.isBlank(roleMenuBO.getApiPrefix()) && antPathMatcher.match(contextPath + roleMenuBO.getApiPrefix() + deletePath, uri)) {
return true;
}
if (!StringUtils.isBlank(roleMenuBO.getResourcePrefix()) && antPathMatcher.match(contextPath + roleMenuBO.getResourcePrefix() + deletePath, uri)) {
return true;
}
}
}
return false;
}
/**
* 接口的修改权限
*
* @param uri
* @param roleGrantedAuthority
* @param antPathMatcher
* @return
*/
private boolean hasUpdatePermission(String contextPath, String uri, RoleGrantedAuthority roleGrantedAuthority, AntPathMatcher antPathMatcher) {
// 匹配接口权限
for (PermissionBO permissionBO : roleGrantedAuthority.getPermissionUpdate()) {
if (antPathMatcher.match(contextPath + permissionBO.getPermissionUrl(), uri)) {
return true;
}
}
List<String> updatePaths = accessControl.getUpdatePaths();
// 匹配接口
for (RoleMenuBO roleMenuBO : roleGrantedAuthority.getUpdateMenu()) {
for (String updatePath : updatePaths) {
if (!StringUtils.isBlank(roleMenuBO.getApiPrefix()) && antPathMatcher.match(contextPath + roleMenuBO.getApiPrefix() + updatePath, uri)) {
return true;
}
if (!StringUtils.isBlank(roleMenuBO.getResourcePrefix()) && antPathMatcher.match(contextPath + roleMenuBO.getResourcePrefix() + updatePath, uri)) {
return true;
}
if (!StringUtils.isBlank(roleMenuBO.getRoutePrefix()) && antPathMatcher.match(contextPath + roleMenuBO.getRoutePrefix() + updatePath, uri)) {
return true;
}
}
}
return false;
}
/**
* 接口的查询权限
*
* @param uri
* @param roleGrantedAuthority
* @param antPathMatcher
* @return
*/
private boolean hasQueryPermission(String contextPath, String uri, RoleGrantedAuthority roleGrantedAuthority, AntPathMatcher antPathMatcher) {
// 匹配接口权限
for (PermissionBO permissionBO : roleGrantedAuthority.getPermissionQuery()) {
if (antPathMatcher.match(contextPath + permissionBO.getPermissionUrl(), uri)) {
return true;
}
}
List<String> queryPaths = accessControl.getQueryPaths();
// 匹配接口
for (RoleMenuBO roleMenuBO : roleGrantedAuthority.getQueryMenu()) {
if (StringUtils.isBlank(roleMenuBO.getApiPrefix())
&& StringUtils.isBlank(roleMenuBO.getResourcePrefix())
&& StringUtils.isBlank(roleMenuBO.getRoutePrefix())) {
continue;
}
for (String queryPath : queryPaths) {
String queryAntPath = contextPath + roleMenuBO.getApiPrefix() + queryPath;
if (!StringUtils.isBlank(roleMenuBO.getApiPrefix()) && antPathMatcher.match(queryAntPath, uri)) {
return true;
}
queryAntPath = contextPath + roleMenuBO.getResourcePrefix() + queryPath;
if (!StringUtils.isBlank(roleMenuBO.getResourcePrefix()) && antPathMatcher.match(queryAntPath, uri)) {
return true;
}
queryAntPath = contextPath + roleMenuBO.getRoutePrefix() + queryPath;
if (!StringUtils.isBlank(roleMenuBO.getRoutePrefix()) && antPathMatcher.match(queryAntPath, uri)) {
return true;
}
}
}
return false;
return true;
}
}

4
cloud-common-plugin-sensitive/pom.xml
View File

@ -5,7 +5,7 @@
<parent>
<artifactId>cm-cloud</artifactId>
<groupId>com.cm</groupId>
<version>1.0.1-SNAPSHOT</version>
<version>${cm-cloud.version}</version>
</parent>
<modelVersion>4.0.0</modelVersion>
@ -16,7 +16,7 @@
<dependency>
<groupId>com.cm</groupId>
<artifactId>cloud-common</artifactId>
<version>1.0.1-SNAPSHOT</version>
<version>${cm-cloud.version}</version>
</dependency>
</dependencies>

5
cloud-common-plugin/pom.xml
View File

@ -5,18 +5,17 @@
<parent>
<artifactId>cm-cloud</artifactId>
<groupId>com.cm</groupId>
<version>1.0.1-SNAPSHOT</version>
<version>${cm-cloud.version}</version>
</parent>
<modelVersion>4.0.0</modelVersion>
<artifactId>cloud-common-plugin</artifactId>
<version>1.0.1-SNAPSHOT</version>
<dependencies>
<dependency>
<groupId>com.cm</groupId>
<artifactId>cloud-common</artifactId>
<version>1.0.1-SNAPSHOT</version>
<version>${cm-cloud.version}</version>
</dependency>
<!-- sauronsoftware start -->
<dependency>

6
cloud-common-socket/pom.xml
View File

@ -5,7 +5,7 @@
<parent>
<artifactId>cm-cloud</artifactId>
<groupId>com.cm</groupId>
<version>1.0.1-SNAPSHOT</version>
<version>${cm-cloud.version}</version>
</parent>
<modelVersion>4.0.0</modelVersion>
@ -15,13 +15,13 @@
<dependency>
<groupId>com.cm</groupId>
<artifactId>cloud-common-plugin</artifactId>
<version>1.0.1-SNAPSHOT</version>
<version>${cm-cloud.version}</version>
</dependency>
<dependency>
<groupId>com.cm</groupId>
<artifactId>cloud-security</artifactId>
<version>1.0.1-SNAPSHOT</version>
<version>${cm-cloud.version}</version>
</dependency>
<dependency>

6
cloud-common-websocket/pom.xml
View File

@ -5,7 +5,7 @@
<parent>
<artifactId>cm-cloud</artifactId>
<groupId>com.cm</groupId>
<version>1.0.1-SNAPSHOT</version>
<version>${cm-cloud.version}</version>
</parent>
<modelVersion>4.0.0</modelVersion>
@ -20,12 +20,12 @@
<dependency>
<groupId>com.cm</groupId>
<artifactId>cloud-common-plugin</artifactId>
<version>1.0.1-SNAPSHOT</version>
<version>${cm-cloud.version}</version>
</dependency>
<dependency>
<groupId>com.cm</groupId>
<artifactId>cloud-common</artifactId>
<version>1.0.1-SNAPSHOT</version>
<version>${cm-cloud.version}</version>
</dependency>
</dependencies>

4
cloud-common-wechat/pom.xml
View File

@ -5,7 +5,7 @@
<parent>
<artifactId>cm-cloud</artifactId>
<groupId>com.cm</groupId>
<version>1.0.1-SNAPSHOT</version>
<version>${cm-cloud.version}</version>
</parent>
<modelVersion>4.0.0</modelVersion>
@ -15,7 +15,7 @@
<dependency>
<groupId>com.cm</groupId>
<artifactId>cloud-common</artifactId>
<version>1.0.1-SNAPSHOT</version>
<version>${cm-cloud.version}</version>
</dependency>
<dependency>
<groupId>junit</groupId>

3
cloud-common/pom.xml
View File

@ -5,12 +5,11 @@
<parent>
<artifactId>cm-cloud</artifactId>
<groupId>com.cm</groupId>
<version>1.0.1-SNAPSHOT</version>
<version>${cm-cloud.version}</version>
</parent>
<modelVersion>4.0.0</modelVersion>
<artifactId>cloud-common</artifactId>
<version>1.0.1-SNAPSHOT</version>
<dependencies>

29
cloud-common/src/main/java/com/cm/common/component/SecurityComponent.java
View File

@ -58,22 +58,6 @@ public class SecurityComponent {
return userInfoBO;
}
/**
* 角色ID列表
*
* @return
*/
public List<String> listRoleIds() {
Authentication authentication = SecurityContextHolder.getContext().getAuthentication();
Collection<? extends GrantedAuthority> grantedAuthorities = authentication.getAuthorities();
List<String> roleIds = new ArrayList<>();
for (GrantedAuthority grantedAuthority : grantedAuthorities) {
RoleGrantedAuthority roleGrantedAuthority = (RoleGrantedAuthority) grantedAuthority;
roleIds.add(roleGrantedAuthority.getRoleId());
}
return roleIds;
}
/**
* 当前角色列表
*
@ -84,6 +68,19 @@ public class SecurityComponent {
return userInfoBO.getRoles();
}
/**
* 角色ID列表
*
* @return
*/
public List<String> listRoleIds() {
List<String> roleIds = new ArrayList<>();
for (RoleBO roleBO : listRole()) {
roleIds.add(roleBO.getRoleId());
}
return roleIds;
}
/**
* 部门列表
*

214
cloud-common/src/main/java/com/cm/common/service/impl/RbacServiceImpl.java
View File

@ -1,24 +1,14 @@
package com.cm.common.service.impl;
import com.alibaba.fastjson.JSON;
import com.alibaba.fastjson.JSONObject;
import com.cm.common.config.properties.AccessControl;
import com.cm.common.pojo.bos.RoleBO;
import com.cm.common.pojo.bos.RoleGrantedAuthority;
import com.cm.common.pojo.bos.RoleMenuBO;
import com.cm.common.service.IRbacService;
import org.apache.commons.lang3.StringUtils;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.security.core.Authentication;
import org.springframework.security.core.GrantedAuthority;
import org.springframework.stereotype.Component;
import org.springframework.util.AntPathMatcher;
import javax.servlet.http.HttpServletRequest;
import java.util.Collection;
import java.util.List;
/**
* @ClassName: RbacServiceImpl
@ -30,213 +20,13 @@ import java.util.List;
@Component("rbacService")
public class RbacServiceImpl implements IRbacService {
private static final Logger LOG = LoggerFactory.getLogger(RbacServiceImpl.class);
/**
* 根路径
*/
private static final String ANT_PATH_BASE = "/";
@Autowired
private AccessControl accessControl;
@Override
public boolean hasPermission(HttpServletRequest request, Authentication authentication) {
boolean hasPermission = false;
Object object = authentication.getPrincipal();
if (object == null || "anonymousUser".equals(object.toString())) {
return hasPermission;
return false;
}
String requestURI = request.getRequestURI();
Collection<? extends GrantedAuthority> grantedAuthorities = authentication.getAuthorities();
AntPathMatcher antPathMatcher = new AntPathMatcher();
String contextPath = request.getContextPath();
for (GrantedAuthority grantedAuthority : grantedAuthorities) {
RoleGrantedAuthority roleGrantedAuthority;
if (grantedAuthority instanceof RoleGrantedAuthority) {
LOG.debug("统一用户登录");
roleGrantedAuthority = (RoleGrantedAuthority) grantedAuthority;
} else {
LOG.debug("客户端登录");
JSONObject authorityObject = JSONObject.parseObject(grantedAuthority.toString().replace("_wg_", ","));
if (StringUtils.contains(authorityObject.getString("authority"), "_ALL")) {
LOG.debug("管理员登录客户端");
roleGrantedAuthority = new RoleGrantedAuthority(authorityObject.getString("authority"));
} else {
LOG.debug("普通用户登录客户端");
RoleBO roleBO = new RoleBO();
roleBO.setRoleId(authorityObject.getString("roleId"));
roleBO.setRoleName(authorityObject.getString("roleName"));
roleBO.setSaveMenu(JSON.parseArray(authorityObject.getString("saveMenu"), RoleMenuBO.class));
roleBO.setDeleteMenu(JSON.parseArray(authorityObject.getString("deleteMenu"), RoleMenuBO.class));
roleBO.setUpdateMenu(JSON.parseArray(authorityObject.getString("updateMenu"), RoleMenuBO.class));
roleBO.setQueryMenu(JSON.parseArray(authorityObject.getString("queryMenu"), RoleMenuBO.class));
roleGrantedAuthority = new RoleGrantedAuthority(authorityObject.getString("authority"), roleBO);
}
}
if (StringUtils.contains(roleGrantedAuthority.getAuthority(), "_ALL")) {
LOG.debug("权限校验URI{},当前用户为最高管理员,有所有权限", requestURI);
hasPermission = true;
break;
}
// 放行权限
if (hasPassPermission(contextPath, requestURI, roleGrantedAuthority, antPathMatcher)) {
LOG.debug("权限校验URI{},有新增权限", requestURI);
hasPermission = true;
break;
}
// 新增权限
if (hasSavePermission(contextPath, requestURI, roleGrantedAuthority, antPathMatcher)) {
LOG.debug("权限校验URI{},有新增权限", requestURI);
hasPermission = true;
break;
}
// 删除权限
if (hasDeletePermission(contextPath, requestURI, roleGrantedAuthority, antPathMatcher)) {
LOG.debug("权限校验URI{},有删除权限", requestURI);
hasPermission = true;
break;
}
// 修改权限
if (hasUpdatePermission(contextPath, requestURI, roleGrantedAuthority, antPathMatcher)) {
LOG.debug("权限校验URI{},有修改权限", requestURI);
hasPermission = true;
break;
}
// 查询权限
if (hasQueryPermission(contextPath, requestURI, roleGrantedAuthority, antPathMatcher)) {
LOG.debug("权限校验URI{},有查询权限", requestURI);
hasPermission = true;
break;
}
}
return hasPermission;
}
/**
* 放行权限
*
* @param uri
* @param roleGrantedAuthority
* @param antPathMatcher
* @return
*/
private boolean hasPassPermission(String contextPath, String uri, RoleGrantedAuthority roleGrantedAuthority, AntPathMatcher antPathMatcher) {
if ((contextPath + ANT_PATH_BASE).equals(uri)) {
return true;
}
List<String> passPaths = accessControl.getPassPaths();
for (String passPath : passPaths) {
if (antPathMatcher.match(contextPath + passPath, uri)) {
return true;
}
}
return false;
}
/**
* 接口的新增权限
*
* @param uri
* @param roleGrantedAuthority
* @param antPathMatcher
* @return
*/
private boolean hasSavePermission(String contextPath, String uri, RoleGrantedAuthority roleGrantedAuthority, AntPathMatcher antPathMatcher) {
List<String> savePaths = accessControl.getSavePaths();
// 匹配接口
for (RoleMenuBO roleMenuBO : roleGrantedAuthority.getSaveMenu()) {
for (String savePath : savePaths) {
if (antPathMatcher.match(contextPath + roleMenuBO.getApiPrefix() + savePath, uri)) {
return true;
}
if (antPathMatcher.match(contextPath + roleMenuBO.getResourcePrefix() + savePath, uri)) {
return true;
}
if (antPathMatcher.match(contextPath + roleMenuBO.getRoutePrefix() + savePath, uri)) {
return true;
}
}
}
return false;
}
/**
* 接口的删除权限
*
* @param uri
* @param roleGrantedAuthority
* @param antPathMatcher
* @return
*/
private boolean hasDeletePermission(String contextPath, String uri, RoleGrantedAuthority roleGrantedAuthority, AntPathMatcher antPathMatcher) {
List<String> deletePaths = accessControl.getDeletePaths();
// 匹配接口
for (RoleMenuBO roleMenuBO : roleGrantedAuthority.getDeleteMenu()) {
for (String deletePath : deletePaths) {
if (antPathMatcher.match(contextPath + roleMenuBO.getApiPrefix() + deletePath, uri)) {
return true;
}
if (antPathMatcher.match(contextPath + roleMenuBO.getResourcePrefix() + deletePath, uri)) {
return true;
}
}
}
return false;
}
/**
* 接口的修改权限
*
* @param uri
* @param roleGrantedAuthority
* @param antPathMatcher
* @return
*/
private boolean hasUpdatePermission(String contextPath, String uri, RoleGrantedAuthority roleGrantedAuthority, AntPathMatcher antPathMatcher) {
List<String> updatePaths = accessControl.getUpdatePaths();
// 匹配接口
for (RoleMenuBO roleMenuBO : roleGrantedAuthority.getUpdateMenu()) {
for (String updatePath : updatePaths) {
if (antPathMatcher.match(contextPath + roleMenuBO.getApiPrefix() + updatePath, uri)) {
return true;
}
if (antPathMatcher.match(contextPath + roleMenuBO.getResourcePrefix() + updatePath, uri)) {
return true;
}
if (antPathMatcher.match(contextPath + roleMenuBO.getRoutePrefix() + updatePath, uri)) {
return true;
}
}
}
return false;
}
/**
* 接口的查询权限
*
* @param uri
* @param roleGrantedAuthority
* @param antPathMatcher
* @return
*/
private boolean hasQueryPermission(String contextPath, String uri, RoleGrantedAuthority roleGrantedAuthority, AntPathMatcher antPathMatcher) {
List<String> queryPaths = accessControl.getQueryPaths();
// 匹配接口
for (RoleMenuBO roleMenuBO : roleGrantedAuthority.getQueryMenu()) {
for (String queryPath : queryPaths) {
String queryAntPath = contextPath + roleMenuBO.getApiPrefix() + queryPath;
if (antPathMatcher.match(queryAntPath, uri)) {
return true;
}
if (antPathMatcher.match(contextPath + roleMenuBO.getResourcePrefix() + queryPath, uri)) {
return true;
}
if (antPathMatcher.match(contextPath + roleMenuBO.getRoutePrefix() + queryPath, uri)) {
return true;
}
}
}
return false;
return true;
}
}

4
cloud-hardware-smart-gate/pom.xml
View File

@ -5,7 +5,7 @@
<parent>
<artifactId>cm-cloud</artifactId>
<groupId>com.cm</groupId>
<version>1.0.1-SNAPSHOT</version>
<version>${cm-cloud.version}</version>
</parent>
<modelVersion>4.0.0</modelVersion>
@ -15,7 +15,7 @@
<dependency>
<groupId>com.cm</groupId>
<artifactId>cloud-common</artifactId>
<version>1.0.1-SNAPSHOT</version>
<version>${cm-cloud.version}</version>
</dependency>
<dependency>

4
cloud-manager-sms/pom.xml
View File

@ -5,7 +5,7 @@
<parent>
<artifactId>cm-cloud</artifactId>
<groupId>com.cm</groupId>
<version>1.0.1-SNAPSHOT</version>
<version>${cm-cloud.version}</version>
</parent>
<modelVersion>4.0.0</modelVersion>
<description>验证码模块</description>
@ -16,7 +16,7 @@
<dependency>
<groupId>com.cm</groupId>
<artifactId>cloud-common</artifactId>
<version>1.0.1-SNAPSHOT</version>
<version>${cm-cloud.version}</version>
</dependency>
<dependency>

3
cloud-security/pom.xml
View File

@ -5,12 +5,11 @@
<parent>
<artifactId>cm-cloud</artifactId>
<groupId>com.cm</groupId>
<version>1.0.1-SNAPSHOT</version>
<version>${cm-cloud.version}</version>
</parent>
<modelVersion>4.0.0</modelVersion>
<artifactId>cloud-security</artifactId>
<version>1.0.1-SNAPSHOT</version>
<dependencies>
<dependency>

3
cloud-token-in/pom.xml
View File

@ -5,13 +5,12 @@
<parent>
<artifactId>cm-cloud</artifactId>
<groupId>com.cm</groupId>
<version>1.0.1-SNAPSHOT</version>
<version>${cm-cloud.version}</version>
</parent>
<description>接收系统校验</description>
<modelVersion>4.0.0</modelVersion>
<artifactId>cloud-token-in</artifactId>
<version>1.0.1-SNAPSHOT</version>
<dependencies>
<dependency>

3
cloud-token-out/pom.xml
View File

@ -5,13 +5,12 @@
<parent>
<artifactId>cm-cloud</artifactId>
<groupId>com.cm</groupId>
<version>1.0.1-SNAPSHOT</version>
<version>${cm-cloud.version}</version>
</parent>
<description>发送系统校验</description>
<modelVersion>4.0.0</modelVersion>
<artifactId>cloud-token-out</artifactId>
<version>1.0.1-SNAPSHOT</version>
<dependencies>
<dependency>

3
pom.xml
View File

@ -6,7 +6,7 @@
<groupId>com.cm</groupId>
<artifactId>cm-cloud</artifactId>
<version>1.0.1-SNAPSHOT</version>
<version>${cm-cloud.version}</version>
<modules>
<module>cloud-common</module>
<module>cloud-security</module>
@ -34,6 +34,7 @@
<description>成迈云</description>
<properties>
<cm-cloud.version>1.0.2-SNAPSHOT</cm-cloud.version>
<java.version>1.8</java.version>
<spring.version>5.1.4.RELEASE</spring.version>
<spring-boot.version>2.1.2.RELEASE</spring-boot.version>