修复httputil一些问题,修复由于配置丢失,导致权限管理错误问题

This commit is contained in:
Luoye 2020-10-12 16:24:10 +08:00
parent a6fd8bbde7
commit 9439a49358
9 changed files with 139 additions and 48 deletions

View File

@ -75,7 +75,6 @@ public class RabbitMQConfig {
factory.setConcurrentConsumers(1);
factory.setMaxConcurrentConsumers(50);
factory.setPrefetchCount(20);
factory.setConnectionFactory(connectionFactory);
factory.setMessageConverter(new Jackson2JsonMessageConverter());
return factory;

View File

@ -1,5 +1,7 @@
package io.qyi.e5.config.security;
import io.qyi.e5.config.security.bean.CollectionBean;
import io.qyi.e5.config.security.bean.dto.PermissionListDto;
import lombok.extern.slf4j.Slf4j;
import org.springframework.beans.factory.annotation.Value;
import org.springframework.security.access.ConfigAttribute;
@ -22,40 +24,42 @@ import java.util.*;
@Service
public class UrlInvocationSecurityMetadataSourceService implements FilterInvocationSecurityMetadataSource {
@Value("web.security.admin")
@Value("${web.security.admin}")
private String[] securityAdmin;
@Value("web.security.user")
@Value("${web.security.user}")
private String[] securityUser;
@Value("web.security.role_anonymous")
@Value("${web.security.role_anonymous}")
private String[] securitAnonymous;
private HashMap<String, Collection<ConfigAttribute>> map =null;
private List<CollectionBean> map = null;
/**
* 加载权限表中所有权限
* 这里有一个坑如果map返回是null是不会AccessDecisionManager默认放行
*/
public void loadResourceDefine(){
log.info("加载权限表中所有权限");
map = new HashMap<>();
map = new ArrayList<>();
Collection<ConfigAttribute> array;
ConfigAttribute cfg;
Map<String, String []> permissions = new HashMap<>();
/*这里只是简单的配置*/
permissions.put("admin", securityAdmin);
permissions.put("user", securityUser);
permissions.put("ROLE_ANONYMOUS", securitAnonymous);
List<PermissionListDto> permissionList = new ArrayList<>();
Arrays.stream(securityAdmin).forEach(s -> permissionList.add(new PermissionListDto("admin",s)));
Arrays.stream(securityUser).forEach(s -> permissionList.add(new PermissionListDto("user",s)));
Arrays.stream(securitAnonymous).forEach(s -> permissionList.add(new PermissionListDto("ROLE_ANONYMOUS",s)));
Iterator<PermissionListDto> iterator1 = permissionList.iterator();
while (iterator1.hasNext()) {
PermissionListDto next = iterator1.next();
String role_name = next.getRoleName();
String url = next.getUrl();
Iterator<Map.Entry<String, String[]>> iterator = permissions.entrySet().iterator();
while (iterator.hasNext()) {
Map.Entry<String, String[]> next = iterator.next();
String key = next.getKey();
String[] value = next.getValue();
array = new ArrayList<>();
for (int i = 0; i < value.length; i++) {
cfg = new SecurityConfig(value[i]);
cfg = new SecurityConfig(role_name);
array.add(cfg);
}
map.put(key, array);
/* url -> N x roleName*/
CollectionBean collectionBean = new CollectionBean(url,array);
map.add(collectionBean);
}
}
@ -67,14 +71,28 @@ public class UrlInvocationSecurityMetadataSourceService implements FilterInvocat
HttpServletRequest request = ((FilterInvocation) o).getHttpRequest();
AntPathRequestMatcher matcher;
String resUrl;
for(Iterator<String> iter = map.keySet().iterator(); iter.hasNext(); ) {
resUrl = iter.next();
Collection<ConfigAttribute> collection = new LinkedList<>();
Iterator<CollectionBean> iterator1 = map.iterator();
while (iterator1.hasNext()) {
CollectionBean next = iterator1.next();
resUrl = next.getUrl();
matcher = new AntPathRequestMatcher(resUrl);
if(matcher.matches(request)) {
return map.get(resUrl);
if (matcher.matches(request)) {
Iterator<ConfigAttribute> iterator = next.getConfigAttributes().iterator();
while (iterator.hasNext()) {
collection.add(iterator.next());
}
// collection.add(map.get(resUrl))
// return map.get(resUrl);
}
}
return null;
if (collection.size() > 0) {
return collection;
}
/*防止数据库中没有数据,不能进行权限拦截*/
ConfigAttribute configAttribute = new SecurityConfig("ROLE_NO_USER");
collection.add(configAttribute);
return collection;
}

View File

@ -0,0 +1,23 @@
package io.qyi.e5.config.security.bean;
import lombok.Data;
import org.springframework.security.access.ConfigAttribute;
import java.util.Collection;
/**
* @program: wds
* @description:
* @author: 落叶随风
* @create: 2020-07-09 00:59
**/
@Data
public class CollectionBean {
private String url;
private Collection<ConfigAttribute> configAttributes;
public CollectionBean(String url, Collection<ConfigAttribute> configAttributes) {
this.url = url;
this.configAttributes = configAttributes;
}
}

View File

@ -0,0 +1,15 @@
package io.qyi.e5.config.security.bean.dto;
import lombok.Data;
/**
* @program: wds
* @description:
* @author: 落叶随风
* @create: 2020-07-10 16:55
**/
@Data
public class PermissionDto {
private int roleId;
private String roleName;
}

View File

@ -0,0 +1,23 @@
package io.qyi.e5.config.security.bean.dto;
import lombok.Data;
/**
* @program: demo
* @description:
* @author: 落叶随风
* @create: 2020-07-08 15:59
**/
@Data
public class PermissionListDto {
String roleName;
String url;
public PermissionListDto(String roleName, String url) {
this.roleName = roleName;
this.url = url;
}
public PermissionListDto() {
}
}

View File

@ -0,0 +1,25 @@
package io.qyi.e5.config.security.bean.dto;
import lombok.Data;
import java.util.LinkedList;
import java.util.List;
/**
* @program: wds
* @description:
* @author: 落叶随风
* @create: 2020-07-09 17:09
**/
@Data
public class RoleMenuDto {
private int id;
/*菜单名*/
private String name;
/*url*/
private String url;
/*父id*/
private int pid;
private List<Object> data = new LinkedList<>();
}

View File

@ -3,15 +3,14 @@ package io.qyi.e5.github.service.impl;
import com.alibaba.fastjson.JSON;
import com.alibaba.fastjson.JSONArray;
import com.alibaba.fastjson.JSONObject;
import com.baomidou.mybatisplus.core.conditions.Wrapper;
import com.baomidou.mybatisplus.core.conditions.query.QueryWrapper;
import com.baomidou.mybatisplus.extension.service.impl.ServiceImpl;
import io.qyi.e5.github.entity.Github;
import io.qyi.e5.github.entity.UserInfo;
import io.qyi.e5.github.mapper.GithubMapper;
import io.qyi.e5.github.service.IGithubService;
import com.baomidou.mybatisplus.extension.service.impl.ServiceImpl;
import io.qyi.e5.util.StringUtil;
import io.qyi.e5.util.netRequest.OkHttpRequestUtils;
import io.qyi.e5.util.netRequest.OkHttpClientUtil;
import org.springframework.beans.factory.annotation.Value;
import org.springframework.stereotype.Service;
@ -43,7 +42,7 @@ public class GithubServiceImpl extends ServiceImpl<GithubMapper, Github> impleme
head.put("Content-Type", "application/x-www-form-urlencoded");
String s = null;
try {
s = OkHttpRequestUtils.doPost("https://github.com/login/oauth/access_token", head, par);
s = OkHttpClientUtil.doPost("https://github.com/login/oauth/access_token", head, par);
} catch (Exception e) {
e.printStackTrace();
}
@ -54,10 +53,10 @@ public class GithubServiceImpl extends ServiceImpl<GithubMapper, Github> impleme
@Override
public String getUserEmail(String access_token) throws Exception {
Map<String, Object> head = new HashMap<>();
Map<String, String> head = new HashMap<>();
head.put("Authorization", "token " + access_token);
head.put("Content-Type", "application/vnd.github.machine-man-preview+json");
String s = OkHttpRequestUtils.doGet("https://api.github.com/user/emails", head, null);
String s = OkHttpClientUtil.doGet("https://api.github.com/user/emails", null,head, null);
System.out.println(s);
JSONArray jsonArray = JSON.parseArray(s);
if (!jsonArray.isEmpty()) {
@ -74,11 +73,11 @@ public class GithubServiceImpl extends ServiceImpl<GithubMapper, Github> impleme
@Override
public UserInfo getUserInfo(String access_token) {
Map<String, Object> head = new HashMap<>();
Map<String, String> head = new HashMap<>();
head.put("Authorization", "token " + access_token);
head.put("Content-Type", "application/vnd.github.machine-man-preview+json");
try {
String s = OkHttpRequestUtils.doGet("https://api.github.com/user", head, null);
String s = OkHttpClientUtil.doGet("https://api.github.com/user",null, head, null);
JSONObject jsonObject = JSON.parseObject(s);
UserInfo userInfo = new UserInfo();
if (!jsonObject.isEmpty()) {

View File

@ -203,20 +203,20 @@ public class OutlookServiceImpl extends ServiceImpl<OutlookMapper, Outlook> impl
JsonObject mail = value.get(i).getAsJsonObject();
String id = mail.get("id").getAsString();
Map<String, Object> head = new HashMap<>();
Map<String, String> head = new HashMap<>();
head.put("Content-Type", "application/json");
head.put("Authorization", access_token);
/*不用管邮件内容*/
OkHttpRequestUtils.doGet("https://graph.microsoft.com/v1.0/me/messages/" + id, head, null);
OkHttpClientUtil.doGet("https://graph.microsoft.com/v1.0/me/messages/" + id, null,head, null);
}
return count;
}
public String MailList(String access_token) throws Exception {
Map<String, Object> head = new HashMap<>();
Map<String, String> head = new HashMap<>();
head.put("Content-Type", "application/json");
head.put("Authorization", access_token);
String s = OkHttpRequestUtils.doGet("https://graph.microsoft.com/v1.0/me/messages?$select=sender,subject", head, null);
String s = OkHttpClientUtil.doGet("https://graph.microsoft.com/v1.0/me/messages?$select=sender,subject",null, head, null);
logger.debug("请求邮件列表返回数据:" + s);
return s;
}

View File

@ -1,22 +1,11 @@
package io.qyi.e5.util.netRequest;
import com.alibaba.fastjson.JSON;
import com.alibaba.fastjson.JSONArray;
import com.alibaba.fastjson.JSONObject;
import okhttp3.*;
import java.text.SimpleDateFormat;
import java.util.Date;
import java.util.Iterator;
import java.util.Map;
import java.util.concurrent.TimeUnit;
import okhttp3.FormBody;
import okhttp3.MediaType;
import okhttp3.OkHttpClient;
import okhttp3.Request;
import okhttp3.RequestBody;
import okhttp3.Response;
public class OkHttpClientUtil {
private static int connTimeOut = 5 * 1000;
private static int readTimeOut = 20 * 1000;