From 23d467e4e938ae6d2e5a557daa8da815625d1857 Mon Sep 17 00:00:00 2001 From: 79493 <794930212@qq.com> Date: Tue, 11 Oct 2022 15:21:09 +0800 Subject: [PATCH] =?UTF-8?q?=E8=87=AA=E5=AE=9A=E4=B9=89=E6=B3=A8=E8=A7=A3?= =?UTF-8?q?=E7=94=9F=E6=88=90=E6=9D=83=E9=99=90=E5=88=B0=E6=95=B0=E6=8D=AE?= =?UTF-8?q?=E5=BA=93=E5=B7=A5=E5=85=B7=E4=BC=98=E5=8C=96?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- .../com/rzyc/enums/SysEnterpriseState.java | 27 ++++++ .../rzyc/mapper/ent/SysEnterpriseMapper.java | 8 ++ .../mapper/ent/SysEnterpriseMapper.xml | 4 + .../com/rzyc/config/EntMethodSignature.java | 89 +++++++++++++++--- .../java/com/rzyc/config/SecurityConfig.java | 2 +- .../com/rzyc/config/UserDetailsAndId.java | 5 +- .../com/rzyc/controller/CommonController.java | 51 +++++++++++ .../rzyc/controller/PcCompanyController.java | 1 - .../rzyc/controller/PersonalController.java | 36 ++++---- .../rzyc/service/UserDetailsServiceImpl.java | 11 ++- .../com/rzyc/service/UserLoginService.java | 26 +++++- .../com/rzyc/config/GovMethodSignature.java | 90 ++++++++++++++++--- .../java/com/rzyc/config/SecurityConfig.java | 2 +- .../rzyc/controller/EmergencyController.java | 4 +- 14 files changed, 306 insertions(+), 50 deletions(-) create mode 100644 inventory-dao/src/main/java/com/rzyc/enums/SysEnterpriseState.java create mode 100644 inventory-ent/src/main/java/com/rzyc/controller/CommonController.java diff --git a/inventory-dao/src/main/java/com/rzyc/enums/SysEnterpriseState.java b/inventory-dao/src/main/java/com/rzyc/enums/SysEnterpriseState.java new file mode 100644 index 0000000..48bc259 --- /dev/null +++ b/inventory-dao/src/main/java/com/rzyc/enums/SysEnterpriseState.java @@ -0,0 +1,27 @@ +package com.rzyc.enums; + +/** + * 企业表 + * 启用 禁用 状态 + * @author Xuwanxin + * @date 2022/10/10 + */ +public enum SysEnterpriseState { + + USE("启用"), + DISABLE("禁用"); + + private String state; + + SysEnterpriseState(String state) { + this.state = state; + } + + public String getState() { + return state; + } + + public void setState(String state) { + this.state = state; + } +} diff --git a/inventory-dao/src/main/java/com/rzyc/mapper/ent/SysEnterpriseMapper.java b/inventory-dao/src/main/java/com/rzyc/mapper/ent/SysEnterpriseMapper.java index abda2ed..3aa9b63 100644 --- a/inventory-dao/src/main/java/com/rzyc/mapper/ent/SysEnterpriseMapper.java +++ b/inventory-dao/src/main/java/com/rzyc/mapper/ent/SysEnterpriseMapper.java @@ -346,4 +346,12 @@ public interface SysEnterpriseMapper { /*用户企业列表*/ List userEntList(@Param("condition") String condition, @Param("areaCode") String areaCode); + + + /** + * 通过企业用户名查询企业 + * @param entUserName 企业用户名 + * @return SysEnterprise 企业表 + * */ + SysEnterprise findEnterpriseByName(@Param("entUserName")String entUserName); } diff --git a/inventory-dao/src/main/resources/mapper/ent/SysEnterpriseMapper.xml b/inventory-dao/src/main/resources/mapper/ent/SysEnterpriseMapper.xml index cc14430..893efee 100644 --- a/inventory-dao/src/main/resources/mapper/ent/SysEnterpriseMapper.xml +++ b/inventory-dao/src/main/resources/mapper/ent/SysEnterpriseMapper.xml @@ -2837,5 +2837,9 @@ ORDER BY dangerNum DESC,se.SysEnterpriseId desc + + diff --git a/inventory-ent/src/main/java/com/rzyc/config/EntMethodSignature.java b/inventory-ent/src/main/java/com/rzyc/config/EntMethodSignature.java index b924828..fe48e80 100644 --- a/inventory-ent/src/main/java/com/rzyc/config/EntMethodSignature.java +++ b/inventory-ent/src/main/java/com/rzyc/config/EntMethodSignature.java @@ -3,11 +3,18 @@ package com.rzyc.config; import com.common.utils.DateUtils; import com.common.utils.RandomNumber; import com.rzyc.controller.PersonalController; + import com.zaxxer.hikari.HikariConfig; import com.zaxxer.hikari.HikariDataSource; +import org.springframework.web.bind.annotation.RequestMapping; +import java.io.File; import java.lang.reflect.Method; import java.sql.*; +import java.util.ArrayList; +import java.util.HashMap; +import java.util.List; +import java.util.Map; /** * 获取方法中的注解参数,插入数据库 @@ -19,10 +26,73 @@ import java.sql.*; public class EntMethodSignature { - public static void main(String[] args) { - //反射获取所有方法 - Method[] methods = PersonalController.class.getMethods(); - insertAnnotation(methods); + public static void main(String[] args) throws ClassNotFoundException { + String [] packageName = {"inventory-ent/src/main/java/com/rzyc/controller"}; + List> classes = new ArrayList<>(); + HashMap classNames = scanForPackageName(packageName); + for (Map.Entry next: classNames.entrySet()) { + try { + classes.add(Class.forName(next.getValue())); + } catch (ClassNotFoundException e) { + e.printStackTrace(); + } + } + + + for (Class c:classes) { + //反射获取所有方法 + Method[] methods = c.getMethods(); + RequestMapping requestMapping = c.getAnnotation(RequestMapping.class); + if (null != requestMapping && null != requestMapping.value()[0]) { + String controllerName = requestMapping.value()[0]; + insertAnnotation(controllerName, methods); + } + } + + + } + + public static HashMap scanForPackageName(String [] path){ + HashMap classNames = new HashMap<>(); + String fileName = null; + for (String s:path) { + //根据传入文件夹路径创建File对象 + File dir = new File(s); + //检查是否为文件夹 + if (dir.isDirectory()){ + //遍历文件夹内的文件 + for (File f : dir.listFiles()){ + if (f.isDirectory()){ + for (File f2 : f.listFiles()){ + //获取文件名,并删除后缀 + fileName = f2.getName(); + try { + fileName = fileName.substring(0,fileName.lastIndexOf(".")); + }catch (Exception e){ + System.err.println(fileName); + } + //添加到结果中 + String filePath = f2.getPath().substring(f2.getPath().indexOf("java")+5,f2.getPath().length()).replace("\\",".").replace(".java",""); + classNames.put(fileName,filePath); + continue; + } + }else { + //获取文件名,并删除后缀 + fileName = f.getName(); + try { + fileName = fileName.substring(0,fileName.lastIndexOf(".")); + }catch (Exception e){ + System.err.println(fileName); + } + //添加到结果中 + String filePath = f.getPath().substring(f.getPath().indexOf("java")+5,f.getPath().length()).replace("\\",".").replace(".java",""); + classNames.put(fileName,filePath); + continue; + } + } + } + } + return classNames; } @@ -41,7 +111,7 @@ public class EntMethodSignature { return ds; } - private static void insertAnnotation(Method[] methods) { + private static void insertAnnotation(String controllerName,Method[] methods) { try { //创建connection @@ -60,17 +130,16 @@ public class EntMethodSignature { for (String name : annotation.authorizations()) { - String str = name.substring(name.indexOf(":")+1,name.length()); - ResultSet rs = statement.executeQuery("select auth_key from authority_key where auth_key ='"+str+"'"); + + ResultSet rs = statement.executeQuery("select auth_key from authority_key where auth_key ='"+name+"'"); //取数据 if (rs.next()) { } else { - String category = name.substring(0,name.indexOf(":")); preparedStatement.setString(1, RandomNumber.getUUid()); preparedStatement.setString(2,null); - preparedStatement.setString(3,str); - preparedStatement.setString(4,category); + preparedStatement.setString(3,name); + preparedStatement.setString(4,controllerName); preparedStatement.setString(5, DateUtils.getNowDateTimeStr()); preparedStatement.setString(6,DateUtils.getNowDateTimeStr()); preparedStatement.setString(7,annotation.name()); diff --git a/inventory-ent/src/main/java/com/rzyc/config/SecurityConfig.java b/inventory-ent/src/main/java/com/rzyc/config/SecurityConfig.java index 624d00d..70adaa2 100644 --- a/inventory-ent/src/main/java/com/rzyc/config/SecurityConfig.java +++ b/inventory-ent/src/main/java/com/rzyc/config/SecurityConfig.java @@ -64,7 +64,7 @@ public class SecurityConfig extends WebSecurityConfigurerAdapter { http .authorizeRequests() // 对于登录接口 允许匿名访问 - .antMatchers("/personal/login","/personal/entlogin").anonymous() + .antMatchers("/personal/login","/personal/entlogin","/common/generateCode").anonymous() //放行swagger .antMatchers("/swagger-ui.html","/swagger-resources/**","/webjars/**","/v2/**","/api/**").permitAll() // 除上面外的所有请求全部需要鉴权认证,配置退出路径 diff --git a/inventory-ent/src/main/java/com/rzyc/config/UserDetailsAndId.java b/inventory-ent/src/main/java/com/rzyc/config/UserDetailsAndId.java index 6ce4160..ed99d1e 100644 --- a/inventory-ent/src/main/java/com/rzyc/config/UserDetailsAndId.java +++ b/inventory-ent/src/main/java/com/rzyc/config/UserDetailsAndId.java @@ -17,6 +17,7 @@ public class UserDetailsAndId extends User { private String id; + public String getId() { return id; } @@ -25,7 +26,9 @@ public class UserDetailsAndId extends User { this.id = id; } - public UserDetailsAndId(String username, String password, Collection authorities,String id) { + + + public UserDetailsAndId(String username, String password, Collection authorities, String id) { super(username, password, authorities); setId(id); } diff --git a/inventory-ent/src/main/java/com/rzyc/controller/CommonController.java b/inventory-ent/src/main/java/com/rzyc/controller/CommonController.java new file mode 100644 index 0000000..141a3b1 --- /dev/null +++ b/inventory-ent/src/main/java/com/rzyc/controller/CommonController.java @@ -0,0 +1,51 @@ +package com.rzyc.controller; + +import com.common.utils.verification.Verification; +import io.swagger.annotations.Api; +import io.swagger.annotations.ApiOperation; +import org.springframework.stereotype.Controller; +import org.springframework.validation.annotation.Validated; +import org.springframework.web.bind.annotation.CrossOrigin; +import org.springframework.web.bind.annotation.GetMapping; +import org.springframework.web.bind.annotation.RequestMapping; +import org.springframework.web.bind.annotation.ResponseBody; + +import javax.imageio.ImageIO; +import javax.servlet.http.HttpServletRequest; +import javax.servlet.http.HttpServletResponse; +import java.awt.image.BufferedImage; +import java.io.OutputStream; + +/** + * @author Xuwanxin + * @date 2022-10-10 + */ +@Api(tags = "企业端公共接口") +@CrossOrigin("*") +@RequestMapping("common") +@Controller +@Validated +public class CommonController extends BaseController{ + + /** + * 验证码 + * @param request + * @param response + * @throws Exception + */ + @ApiOperation(value = "验证码", notes = "验证码") + @GetMapping("/generateCode") + @ResponseBody + public void generateCode(HttpServletRequest request, HttpServletResponse response) throws Exception { + try { + BufferedImage image = Verification.getVerify(constantsConfigure.getGenerateCodeKey(),request); + OutputStream out = response.getOutputStream(); + ImageIO.write(image, "JPEG", out); + out.flush(); + out.close(); + } catch (Exception e) { + e.printStackTrace(); + } + } + +} diff --git a/inventory-ent/src/main/java/com/rzyc/controller/PcCompanyController.java b/inventory-ent/src/main/java/com/rzyc/controller/PcCompanyController.java index 70a6ca4..a0ad48a 100644 --- a/inventory-ent/src/main/java/com/rzyc/controller/PcCompanyController.java +++ b/inventory-ent/src/main/java/com/rzyc/controller/PcCompanyController.java @@ -76,7 +76,6 @@ public class PcCompanyController extends BaseController{ }) @PostMapping("/companyDetail") @ResponseBody - @PreAuthorize("hasRole('ADMIN')") public SingleResult companyDetail(String SysEnterpriseId)throws Exception { SingleResult singleResult = new SingleResult(); List sysEnterprises = sysEnterpriseMapper.companyDetail(SysEnterpriseId); diff --git a/inventory-ent/src/main/java/com/rzyc/controller/PersonalController.java b/inventory-ent/src/main/java/com/rzyc/controller/PersonalController.java index 73a943a..76e8f43 100644 --- a/inventory-ent/src/main/java/com/rzyc/controller/PersonalController.java +++ b/inventory-ent/src/main/java/com/rzyc/controller/PersonalController.java @@ -7,9 +7,8 @@ import com.common.utils.StringUtils; import com.common.utils.encryption.PasswdFactory; import com.common.utils.jwt.JwtUtil; import com.common.utils.model.SingleResult; -import com.rzyc.advice.PageOperation; import com.rzyc.bean.user.dto.LoginDto; -import com.rzyc.model.EntUserCredential; +import com.rzyc.config.MethodAnnotation; import com.rzyc.model.dto.EntUserCredentialUpdateDto; import com.rzyc.model.ent.EntUser; import com.rzyc.service.PcBusinessService; @@ -17,7 +16,6 @@ import com.rzyc.service.UserLoginService; import com.rzyc.bean.user.dto.WeChartLoginDto; import com.rzyc.model.ent.SysEnterprise; import com.rzyc.model.user.SysUser; -import com.rzyc.config.MethodAnnotation; import io.swagger.annotations.Api; import io.swagger.annotations.ApiImplicitParam; import io.swagger.annotations.ApiImplicitParams; @@ -159,8 +157,8 @@ public class PersonalController extends BaseController{ @ApiImplicitParam(name = "postId", value = "企业用户岗位id",required = false, dataType = "string"), }) @GetMapping(value = "/entUserTree") - @PreAuthorize("hasAnyAuthority('PERSONAL:ENTUSERTREE','PERSONAL:ENTUSERTREE:UPDATE')") - @MethodAnnotation(authorizations = {"PERSONAL:ENTUSERTREE","PERSONAL:ENTUSERTREE:UPDATE"},name = "企业用户组织树") + @PreAuthorize("hasAnyAuthority('entUserTree','entUserTree:update')") + @MethodAnnotation(authorizations = {"entUserTree","entUserTree:update"},name = "企业用户组织树") @ResponseBody public SingleResult> entUserTree(String enterpriseId, String postId)throws Exception{ return pcBusinessService.entUserTree(enterpriseId,postId); @@ -182,8 +180,8 @@ public class PersonalController extends BaseController{ @ApiImplicitParam(name = "postId", value = "企业用户岗位id",required = false, dataType = "string"), }) @GetMapping(value = "/entUserPostList") - @PreAuthorize("hasAnyAuthority('PERSONAL:ENTUSERPOSTLIST','PERSONAL:ENTUSERPOSTLIST:UPDATE')") - @MethodAnnotation(authorizations = {"PERSONAL:ENTUSERPOSTLIST","PERSONAL:ENTUSERPOSTLIST:UPDATE"},name = "企业用户工作要务") + @PreAuthorize("hasAnyAuthority('entUserPostList','entUserPostList:update')") + @MethodAnnotation(authorizations = {"entUserPostList","entUserPostList:update"},name = "企业用户工作要务") @ResponseBody public SingleResult entUserPostList(String enterpriseId, String entUserId,String postId,Integer page,Integer pageSize)throws Exception{ return pcBusinessService.entUserPostList(enterpriseId,entUserId,postId,page,pageSize); @@ -210,8 +208,8 @@ public class PersonalController extends BaseController{ }) @GetMapping(value = "/entUserPostTask") - @PreAuthorize("hasAnyAuthority('PERSONAL:ENTUSERPOSTTASK','PERSONAL:ENTUSERPOSTTASK:UPDATE')") - @MethodAnnotation(authorizations = {"PERSONAL:ENTUSERPOSTTASK","PERSONAL:ENTUSERPOSTTASK:UPDATE"},name = "企业用户工作清单") + @PreAuthorize("hasAnyAuthority('entUserPostTask','entUserPostTask:update')") + @MethodAnnotation(authorizations = {"entUserPostTask","entUserPostTask:update"},name = "企业用户工作清单") @ResponseBody public SingleResult entUserPostTask(String enterpriseId, String entUserId,String postId,String listId,String content,Integer taskState,Integer page,Integer pageSize)throws Exception{ return pcBusinessService.entUserPostTask(enterpriseId,entUserId,postId,listId,content,taskState,page,pageSize); @@ -232,8 +230,8 @@ public class PersonalController extends BaseController{ }) @GetMapping(value = "/entUserPostDuty") - @PreAuthorize("hasAnyAuthority('PERSONAL:POSTDUTY','PERSONAL:POSTDUTY:UPDATE')") - @MethodAnnotation(authorizations = {"PERSONAL:POSTDUTY","PERSONAL:POSTDUTY:UPDATE"},name = "企业用户岗位职责") + @PreAuthorize("hasAnyAuthority('entUserPostDuty','entUserPostDuty:update')") + @MethodAnnotation(authorizations = {"entUserPostDuty","entUserPostDuty:update"},name = "企业用户岗位职责") @ResponseBody public SingleResult entUserPostDuty(String enterpriseId, String postId,Integer page,Integer pageSize)throws Exception{ return pcBusinessService.entUserPostDuty(enterpriseId,postId,page,pageSize); @@ -250,8 +248,8 @@ public class PersonalController extends BaseController{ @ApiImplicitParam(name = "entUserId", value = "企业用户id",required = true, dataType = "string"), }) @GetMapping(value = "/entUserCredential") - @PreAuthorize("hasAnyAuthority('PERSONAL:ENTUSERCREDENTIAL','PERSONAL:ENTUSERCREDENTIAL:UPDATE')") - @MethodAnnotation(authorizations = {"PERSONAL:ENTUSERCREDENTIAL","PERSONAL:ENTUSERCREDENTIAL:UPDATE"},name = "企业用户证照表") + @PreAuthorize("hasAnyAuthority('entUserCredential','entUserCredential:update')") + @MethodAnnotation(authorizations = {"entUserCredential","entUserCredential:update"},name = "企业用户证照表") @ResponseBody public SingleResult entUserCredential(String entUserId,Integer page,Integer pageSize)throws Exception{ return pcBusinessService.entUserCredential(null,entUserId,page,pageSize); @@ -268,8 +266,8 @@ public class PersonalController extends BaseController{ @ApiImplicitParam(name = "entUserId", value = "企业用户id",required = true, dataType = "string"), }) @PostMapping(value = "/entUserCredentialUpdate") - @PreAuthorize("hasAnyAuthority('PERSONAL:ENTUSERCREDENTIAL:UPDATE')") - @MethodAnnotation(authorizations = {"PERSONAL:ENTUSERCREDENTIAL:UPDATE"},name = "企业用户证照表-新增,修改") + @PreAuthorize("hasAnyAuthority('entUserCredentialUpdate:update')") + @MethodAnnotation(authorizations = {"entUserCredentialUpdate:update"},name = "企业用户证照表-新增,修改") @ResponseBody public SingleResult entUserCredentialUpdate(@RequestBody EntUserCredentialUpdateDto entUserCredentialUpdateDto)throws Exception{ return pcBusinessService.entUserCredentialUpdate(entUserCredentialUpdateDto); @@ -287,8 +285,8 @@ public class PersonalController extends BaseController{ @ApiImplicitParam(name = "credentialId", value = "证件照id",required = true, dataType = "string"), }) @PostMapping(value = "/entUserCredentialDelete") - @PreAuthorize("hasAnyAuthority('PERSONAL:ENTUSERCREDENTIAL:DELETE')") - @MethodAnnotation(authorizations = {"PERSONAL:ENTUSERCREDENTIAL:DELETE"},name = "企业用户证照表-删除") + @PreAuthorize("hasAnyAuthority('entUserCredentialDelete')") + @MethodAnnotation(authorizations = {"entUserCredentialDelete"},name = "企业用户证照表-删除") @ResponseBody public SingleResult entUserCredentialDelete(String credentialId)throws Exception{ return pcBusinessService.entUserCredentialDelete(credentialId); @@ -306,8 +304,8 @@ public class PersonalController extends BaseController{ @ApiImplicitParam(name = "keyContent", value = "搜索关键字",required = false, dataType = "string"), }) @GetMapping(value = "/entUserList") - @PreAuthorize("hasAnyAuthority('PERSONAL:ENTUSERLIST','PERSONAL:ENTUSERLIST:UPDATE')") - @MethodAnnotation(authorizations = {"PERSONAL:ENTUSERLIST","PERSONAL:ENTUSERLIST:UPDATE"},name ="企业岗位总体信息列表") + @PreAuthorize("hasAnyAuthority('entUserList','entUserList:update')") + @MethodAnnotation(authorizations = {"entUserList","entUserList:update"},name = "企业岗位总体信息列表") @ResponseBody public SingleResult entUserList(String keyContent,Integer page,Integer pageSize)throws Exception{ return pcBusinessService.entUserList(keyContent,page,pageSize); diff --git a/inventory-ent/src/main/java/com/rzyc/service/UserDetailsServiceImpl.java b/inventory-ent/src/main/java/com/rzyc/service/UserDetailsServiceImpl.java index ecd32fe..4f9f3ea 100644 --- a/inventory-ent/src/main/java/com/rzyc/service/UserDetailsServiceImpl.java +++ b/inventory-ent/src/main/java/com/rzyc/service/UserDetailsServiceImpl.java @@ -2,10 +2,13 @@ package com.rzyc.service; import com.rzyc.config.UserDetailsAndId; +import com.rzyc.enums.SysEnterpriseState; import com.rzyc.mapper.AuthorityKeyMapper; import com.rzyc.mapper.ent.EntUserMapper; +import com.rzyc.mapper.ent.SysEnterpriseMapper; import com.rzyc.model.AuthorityKey; import com.rzyc.model.ent.EntUser; +import com.rzyc.model.ent.SysEnterprise; import org.springframework.beans.factory.annotation.Autowired; import org.springframework.security.core.GrantedAuthority; import org.springframework.security.core.authority.SimpleGrantedAuthority; @@ -40,6 +43,9 @@ public class UserDetailsServiceImpl implements UserDetailsService { * */ private EntUserMapper entUserMapper; + /** + * 权限表mapper + * */ private AuthorityKeyMapper authorityKeyMapper; @Autowired @@ -53,11 +59,12 @@ public class UserDetailsServiceImpl implements UserDetailsService { @Override - public UserDetails loadUserByUsername(String name) throws UsernameNotFoundException { + public UserDetails loadUserByUsername(String name){ //判断数据库用户 EntUser entUser = entUserMapper.selectByName(name); + if (Objects.isNull(entUser)){ - throw new UsernameNotFoundException("用户名或密码错误"); + throw new UsernameNotFoundException("用户名不存在"); } List authority= new ArrayList(); Listauthorizations = authorityKeyMapper.allAuthorizations(); diff --git a/inventory-ent/src/main/java/com/rzyc/service/UserLoginService.java b/inventory-ent/src/main/java/com/rzyc/service/UserLoginService.java index dc75687..d1b3f32 100644 --- a/inventory-ent/src/main/java/com/rzyc/service/UserLoginService.java +++ b/inventory-ent/src/main/java/com/rzyc/service/UserLoginService.java @@ -3,7 +3,11 @@ package com.rzyc.service; import com.common.utils.jwt.JwtUtil; +import com.rzyc.advice.CustomException; import com.rzyc.config.UserDetailsAndId; +import com.rzyc.enums.SysEnterpriseState; +import com.rzyc.mapper.ent.SysEnterpriseMapper; +import com.rzyc.model.ent.SysEnterprise; import org.springframework.beans.factory.annotation.Autowired; import org.springframework.security.authentication.BadCredentialsException; import org.springframework.security.authentication.UsernamePasswordAuthenticationToken; @@ -25,25 +29,41 @@ import java.util.Objects; @Service public class UserLoginService { - + /** + * spring security 登陆业务接口service + * */ private UserDetailsService userDetailsService; + /** + * spring security 内存中加密 + * */ private PasswordEncoder passwordEncoder; + /** + * 企业端公司 + * */ + private SysEnterpriseMapper sysEnterpriseMapper; + + @Autowired - public void UserLoginServiceFinder(UserDetailsService userDetailsService,PasswordEncoder passwordEncoder){ + public void UserLoginServiceFinder(UserDetailsService userDetailsService,PasswordEncoder passwordEncoder,SysEnterpriseMapper sysEnterpriseMapper){ this.userDetailsService = userDetailsService; this.passwordEncoder = passwordEncoder; + this.sysEnterpriseMapper= sysEnterpriseMapper; } - public String login(String username, String password) { + public String login(String username, String password)throws Exception { String token = null; try { UserDetails userDetails = userDetailsService.loadUserByUsername(username); if (Objects.isNull(userDetails)) { throw new UsernameNotFoundException("账号不存在"); } + SysEnterprise sysEnterprise = sysEnterpriseMapper.findEnterpriseByName(username); + if (Objects.isNull(sysEnterprise) || sysEnterprise.getState().equals(SysEnterpriseState.DISABLE)){ + throw new CustomException("企业不存在或已经禁用"); + } //这里可能会不对,因为我们是MD5,这个是spring security 中的 encoder加密 if (!passwordEncoder.matches(password, userDetails.getPassword())) { throw new BadCredentialsException("密码不正确"); diff --git a/inventory-gov/src/main/java/com/rzyc/config/GovMethodSignature.java b/inventory-gov/src/main/java/com/rzyc/config/GovMethodSignature.java index 7063c54..2a855bf 100644 --- a/inventory-gov/src/main/java/com/rzyc/config/GovMethodSignature.java +++ b/inventory-gov/src/main/java/com/rzyc/config/GovMethodSignature.java @@ -5,9 +5,15 @@ import com.common.utils.RandomNumber; import com.rzyc.controller.EmergencyController; import com.zaxxer.hikari.HikariConfig; import com.zaxxer.hikari.HikariDataSource; +import org.springframework.web.bind.annotation.RequestMapping; +import java.io.File; import java.lang.reflect.Method; import java.sql.*; +import java.util.ArrayList; +import java.util.HashMap; +import java.util.List; +import java.util.Map; /** * 工具 @@ -17,12 +23,75 @@ import java.sql.*; */ public class GovMethodSignature { + public static void main(String[] args) throws ClassNotFoundException { + + String [] packageName = {"inventory-gov/src/main/java/com/rzyc/controller"}; + List> classes = new ArrayList<>(); + HashMap classNames = scanForPackageName(packageName); + for (Map.Entry next: classNames.entrySet()) { + try { + classes.add(Class.forName(next.getValue())); + } catch (ClassNotFoundException e) { + e.printStackTrace(); + } + } - public static void main(String[] args) { - //反射controller获取所有方法 - Method[] methods = EmergencyController.class.getMethods(); - insertAnnotation(methods); + + for (Class c:classes) { + //反射获取所有方法 + Method[] methods = c.getMethods(); + RequestMapping requestMapping = c.getAnnotation(RequestMapping.class); + if (null != requestMapping && null != requestMapping.value()[0]) { + String controllerName = requestMapping.value()[0]; + insertAnnotation(controllerName, methods); + } + } + + + } + + public static HashMap scanForPackageName(String [] path){ + HashMap classNames = new HashMap<>(); + String fileName = null; + for (String s:path) { + //根据传入文件夹路径创建File对象 + File dir = new File(s); + //检查是否为文件夹 + if (dir.isDirectory()){ + //遍历文件夹内的文件 + for (File f : dir.listFiles()){ + if (f.isDirectory()){ + for (File f2 : f.listFiles()){ + //获取文件名,并删除后缀 + fileName = f2.getName(); + try { + fileName = fileName.substring(0,fileName.lastIndexOf(".")); + }catch (Exception e){ + System.err.println(fileName); + } + //添加到结果中 + String filePath = f2.getPath().substring(f2.getPath().indexOf("java")+5,f2.getPath().length()).replace("\\",".").replace(".java",""); + classNames.put(fileName,filePath); + continue; + } + }else { + //获取文件名,并删除后缀 + fileName = f.getName(); + try { + fileName = fileName.substring(0,fileName.lastIndexOf(".")); + }catch (Exception e){ + System.err.println(fileName); + } + //添加到结果中 + String filePath = f.getPath().substring(f.getPath().indexOf("java")+5,f.getPath().length()).replace("\\",".").replace(".java",""); + classNames.put(fileName,filePath); + continue; + } + } + } + } + return classNames; } @@ -41,7 +110,7 @@ public class GovMethodSignature { return ds; } - private static void insertAnnotation(Method[] methods) { + private static void insertAnnotation(String controllerName,Method[] methods) { try { //创建connection @@ -60,17 +129,16 @@ public class GovMethodSignature { for (String name : annotation.authorizations()) { - String str = name.substring(name.indexOf(":")+1,name.length()); - ResultSet rs = statement.executeQuery("select auth_key from authority_key where auth_key ='"+str+"'"); + + ResultSet rs = statement.executeQuery("select auth_key from authority_key where auth_key ='"+name+"'"); //取数据 if (rs.next()) { } else { - String category = name.substring(0,name.indexOf(":")); preparedStatement.setString(1, RandomNumber.getUUid()); preparedStatement.setString(2,null); - preparedStatement.setString(3,str); - preparedStatement.setString(4,category); + preparedStatement.setString(3,name); + preparedStatement.setString(4,controllerName); preparedStatement.setString(5, DateUtils.getNowDateTimeStr()); preparedStatement.setString(6,DateUtils.getNowDateTimeStr()); preparedStatement.setString(7,annotation.name()); @@ -92,4 +160,6 @@ public class GovMethodSignature { } + + } diff --git a/inventory-gov/src/main/java/com/rzyc/config/SecurityConfig.java b/inventory-gov/src/main/java/com/rzyc/config/SecurityConfig.java index 2304e0a..99bc757 100644 --- a/inventory-gov/src/main/java/com/rzyc/config/SecurityConfig.java +++ b/inventory-gov/src/main/java/com/rzyc/config/SecurityConfig.java @@ -64,7 +64,7 @@ public class SecurityConfig extends WebSecurityConfigurerAdapter { http .authorizeRequests() // 对于登录接口 允许匿名访问 - .antMatchers("/personal/login","/personal/entlogin").anonymous() + .antMatchers("/personal/login","/personal/entlogin","/common/generateCode").anonymous() //放行swagger .antMatchers("/swagger-ui.html","/swagger-resources/**","/webjars/**","/v2/**","/api/**").permitAll() // 除上面外的所有请求全部需要鉴权认证,配置退出路径 diff --git a/inventory-gov/src/main/java/com/rzyc/controller/EmergencyController.java b/inventory-gov/src/main/java/com/rzyc/controller/EmergencyController.java index 9e39763..1dd26df 100644 --- a/inventory-gov/src/main/java/com/rzyc/controller/EmergencyController.java +++ b/inventory-gov/src/main/java/com/rzyc/controller/EmergencyController.java @@ -623,8 +623,8 @@ public class EmergencyController extends BaseController { * */ @ApiOperation(value = "事故类型", notes = "事故类型") @GetMapping("/accidentType") - @PreAuthorize("hasAnyAuthority('PCEMERGENCY:ACCIDENTTYPE','PCEMERGENCY:ACCIDENTTYPE:UPDATE')") - @MethodAnnotation(authorizations = {"PCEMERGENCY:ACCIDENTTYPE","PCEMERGENCY:ACCIDENTTYPE:UPDATE"},name = "事故类型") + @PreAuthorize("hasAnyAuthority('accidentType','accidentType:updatae')") + @MethodAnnotation(authorizations = {"accidentType","accidentType:update"},name = "事故类型") @ResponseBody public SingleResult accidentType()throws Exception{ SingleResult singleResult = new SingleResult();