mirror of
https://github.com/luoye663/e5.git
synced 2024-12-25 11:18:50 +00:00
修复httputil一些问题,修复由于配置丢失,导致权限管理错误问题
This commit is contained in:
parent
a6fd8bbde7
commit
9439a49358
@ -75,7 +75,6 @@ public class RabbitMQConfig {
|
||||
factory.setConcurrentConsumers(1);
|
||||
factory.setMaxConcurrentConsumers(50);
|
||||
factory.setPrefetchCount(20);
|
||||
|
||||
factory.setConnectionFactory(connectionFactory);
|
||||
factory.setMessageConverter(new Jackson2JsonMessageConverter());
|
||||
return factory;
|
||||
|
@ -1,5 +1,7 @@
|
||||
package io.qyi.e5.config.security;
|
||||
|
||||
import io.qyi.e5.config.security.bean.CollectionBean;
|
||||
import io.qyi.e5.config.security.bean.dto.PermissionListDto;
|
||||
import lombok.extern.slf4j.Slf4j;
|
||||
import org.springframework.beans.factory.annotation.Value;
|
||||
import org.springframework.security.access.ConfigAttribute;
|
||||
@ -22,40 +24,42 @@ import java.util.*;
|
||||
@Service
|
||||
public class UrlInvocationSecurityMetadataSourceService implements FilterInvocationSecurityMetadataSource {
|
||||
|
||||
@Value("web.security.admin")
|
||||
@Value("${web.security.admin}")
|
||||
private String[] securityAdmin;
|
||||
@Value("web.security.user")
|
||||
@Value("${web.security.user}")
|
||||
private String[] securityUser;
|
||||
@Value("web.security.role_anonymous")
|
||||
@Value("${web.security.role_anonymous}")
|
||||
private String[] securitAnonymous;
|
||||
|
||||
private HashMap<String, Collection<ConfigAttribute>> map =null;
|
||||
private List<CollectionBean> map = null;
|
||||
/**
|
||||
* 加载权限表中所有权限
|
||||
* 这里有一个坑,如果map返回是null,是不会AccessDecisionManager,默认放行。
|
||||
*/
|
||||
public void loadResourceDefine(){
|
||||
log.info("加载权限表中所有权限");
|
||||
map = new HashMap<>();
|
||||
map = new ArrayList<>();
|
||||
Collection<ConfigAttribute> array;
|
||||
ConfigAttribute cfg;
|
||||
Map<String, String []> permissions = new HashMap<>();
|
||||
/*这里只是简单的配置*/
|
||||
permissions.put("admin", securityAdmin);
|
||||
permissions.put("user", securityUser);
|
||||
permissions.put("ROLE_ANONYMOUS", securitAnonymous);
|
||||
List<PermissionListDto> permissionList = new ArrayList<>();
|
||||
Arrays.stream(securityAdmin).forEach(s -> permissionList.add(new PermissionListDto("admin",s)));
|
||||
Arrays.stream(securityUser).forEach(s -> permissionList.add(new PermissionListDto("user",s)));
|
||||
Arrays.stream(securitAnonymous).forEach(s -> permissionList.add(new PermissionListDto("ROLE_ANONYMOUS",s)));
|
||||
|
||||
Iterator<PermissionListDto> iterator1 = permissionList.iterator();
|
||||
while (iterator1.hasNext()) {
|
||||
PermissionListDto next = iterator1.next();
|
||||
String role_name = next.getRoleName();
|
||||
String url = next.getUrl();
|
||||
|
||||
Iterator<Map.Entry<String, String[]>> iterator = permissions.entrySet().iterator();
|
||||
while (iterator.hasNext()) {
|
||||
Map.Entry<String, String[]> next = iterator.next();
|
||||
String key = next.getKey();
|
||||
String[] value = next.getValue();
|
||||
array = new ArrayList<>();
|
||||
for (int i = 0; i < value.length; i++) {
|
||||
cfg = new SecurityConfig(value[i]);
|
||||
array.add(cfg);
|
||||
}
|
||||
map.put(key, array);
|
||||
cfg = new SecurityConfig(role_name);
|
||||
array.add(cfg);
|
||||
/* url -> N x roleName*/
|
||||
CollectionBean collectionBean = new CollectionBean(url,array);
|
||||
map.add(collectionBean);
|
||||
}
|
||||
|
||||
}
|
||||
@ -67,14 +71,28 @@ public class UrlInvocationSecurityMetadataSourceService implements FilterInvocat
|
||||
HttpServletRequest request = ((FilterInvocation) o).getHttpRequest();
|
||||
AntPathRequestMatcher matcher;
|
||||
String resUrl;
|
||||
for(Iterator<String> iter = map.keySet().iterator(); iter.hasNext(); ) {
|
||||
resUrl = iter.next();
|
||||
Collection<ConfigAttribute> collection = new LinkedList<>();
|
||||
Iterator<CollectionBean> iterator1 = map.iterator();
|
||||
while (iterator1.hasNext()) {
|
||||
CollectionBean next = iterator1.next();
|
||||
resUrl = next.getUrl();
|
||||
matcher = new AntPathRequestMatcher(resUrl);
|
||||
if(matcher.matches(request)) {
|
||||
return map.get(resUrl);
|
||||
if (matcher.matches(request)) {
|
||||
Iterator<ConfigAttribute> iterator = next.getConfigAttributes().iterator();
|
||||
while (iterator.hasNext()) {
|
||||
collection.add(iterator.next());
|
||||
}
|
||||
// collection.add(map.get(resUrl))
|
||||
// return map.get(resUrl);
|
||||
}
|
||||
}
|
||||
return null;
|
||||
if (collection.size() > 0) {
|
||||
return collection;
|
||||
}
|
||||
/*防止数据库中没有数据,不能进行权限拦截*/
|
||||
ConfigAttribute configAttribute = new SecurityConfig("ROLE_NO_USER");
|
||||
collection.add(configAttribute);
|
||||
return collection;
|
||||
}
|
||||
|
||||
|
||||
|
@ -0,0 +1,23 @@
|
||||
package io.qyi.e5.config.security.bean;
|
||||
|
||||
import lombok.Data;
|
||||
import org.springframework.security.access.ConfigAttribute;
|
||||
|
||||
import java.util.Collection;
|
||||
|
||||
/**
|
||||
* @program: wds
|
||||
* @description:
|
||||
* @author: 落叶随风
|
||||
* @create: 2020-07-09 00:59
|
||||
**/
|
||||
@Data
|
||||
public class CollectionBean {
|
||||
private String url;
|
||||
private Collection<ConfigAttribute> configAttributes;
|
||||
|
||||
public CollectionBean(String url, Collection<ConfigAttribute> configAttributes) {
|
||||
this.url = url;
|
||||
this.configAttributes = configAttributes;
|
||||
}
|
||||
}
|
@ -0,0 +1,15 @@
|
||||
package io.qyi.e5.config.security.bean.dto;
|
||||
|
||||
import lombok.Data;
|
||||
|
||||
/**
|
||||
* @program: wds
|
||||
* @description:
|
||||
* @author: 落叶随风
|
||||
* @create: 2020-07-10 16:55
|
||||
**/
|
||||
@Data
|
||||
public class PermissionDto {
|
||||
private int roleId;
|
||||
private String roleName;
|
||||
}
|
@ -0,0 +1,23 @@
|
||||
package io.qyi.e5.config.security.bean.dto;
|
||||
|
||||
import lombok.Data;
|
||||
|
||||
/**
|
||||
* @program: demo
|
||||
* @description:
|
||||
* @author: 落叶随风
|
||||
* @create: 2020-07-08 15:59
|
||||
**/
|
||||
@Data
|
||||
public class PermissionListDto {
|
||||
String roleName;
|
||||
String url;
|
||||
|
||||
public PermissionListDto(String roleName, String url) {
|
||||
this.roleName = roleName;
|
||||
this.url = url;
|
||||
}
|
||||
|
||||
public PermissionListDto() {
|
||||
}
|
||||
}
|
@ -0,0 +1,25 @@
|
||||
package io.qyi.e5.config.security.bean.dto;
|
||||
|
||||
import lombok.Data;
|
||||
|
||||
import java.util.LinkedList;
|
||||
import java.util.List;
|
||||
|
||||
/**
|
||||
* @program: wds
|
||||
* @description:
|
||||
* @author: 落叶随风
|
||||
* @create: 2020-07-09 17:09
|
||||
**/
|
||||
@Data
|
||||
public class RoleMenuDto {
|
||||
private int id;
|
||||
/*菜单名*/
|
||||
private String name;
|
||||
/*url*/
|
||||
private String url;
|
||||
/*父id*/
|
||||
private int pid;
|
||||
|
||||
private List<Object> data = new LinkedList<>();
|
||||
}
|
@ -3,15 +3,14 @@ package io.qyi.e5.github.service.impl;
|
||||
import com.alibaba.fastjson.JSON;
|
||||
import com.alibaba.fastjson.JSONArray;
|
||||
import com.alibaba.fastjson.JSONObject;
|
||||
import com.baomidou.mybatisplus.core.conditions.Wrapper;
|
||||
import com.baomidou.mybatisplus.core.conditions.query.QueryWrapper;
|
||||
import com.baomidou.mybatisplus.extension.service.impl.ServiceImpl;
|
||||
import io.qyi.e5.github.entity.Github;
|
||||
import io.qyi.e5.github.entity.UserInfo;
|
||||
import io.qyi.e5.github.mapper.GithubMapper;
|
||||
import io.qyi.e5.github.service.IGithubService;
|
||||
import com.baomidou.mybatisplus.extension.service.impl.ServiceImpl;
|
||||
import io.qyi.e5.util.StringUtil;
|
||||
import io.qyi.e5.util.netRequest.OkHttpRequestUtils;
|
||||
import io.qyi.e5.util.netRequest.OkHttpClientUtil;
|
||||
import org.springframework.beans.factory.annotation.Value;
|
||||
import org.springframework.stereotype.Service;
|
||||
|
||||
@ -43,7 +42,7 @@ public class GithubServiceImpl extends ServiceImpl<GithubMapper, Github> impleme
|
||||
head.put("Content-Type", "application/x-www-form-urlencoded");
|
||||
String s = null;
|
||||
try {
|
||||
s = OkHttpRequestUtils.doPost("https://github.com/login/oauth/access_token", head, par);
|
||||
s = OkHttpClientUtil.doPost("https://github.com/login/oauth/access_token", head, par);
|
||||
} catch (Exception e) {
|
||||
e.printStackTrace();
|
||||
}
|
||||
@ -54,10 +53,10 @@ public class GithubServiceImpl extends ServiceImpl<GithubMapper, Github> impleme
|
||||
|
||||
@Override
|
||||
public String getUserEmail(String access_token) throws Exception {
|
||||
Map<String, Object> head = new HashMap<>();
|
||||
Map<String, String> head = new HashMap<>();
|
||||
head.put("Authorization", "token " + access_token);
|
||||
head.put("Content-Type", "application/vnd.github.machine-man-preview+json");
|
||||
String s = OkHttpRequestUtils.doGet("https://api.github.com/user/emails", head, null);
|
||||
String s = OkHttpClientUtil.doGet("https://api.github.com/user/emails", null,head, null);
|
||||
System.out.println(s);
|
||||
JSONArray jsonArray = JSON.parseArray(s);
|
||||
if (!jsonArray.isEmpty()) {
|
||||
@ -74,11 +73,11 @@ public class GithubServiceImpl extends ServiceImpl<GithubMapper, Github> impleme
|
||||
|
||||
@Override
|
||||
public UserInfo getUserInfo(String access_token) {
|
||||
Map<String, Object> head = new HashMap<>();
|
||||
Map<String, String> head = new HashMap<>();
|
||||
head.put("Authorization", "token " + access_token);
|
||||
head.put("Content-Type", "application/vnd.github.machine-man-preview+json");
|
||||
try {
|
||||
String s = OkHttpRequestUtils.doGet("https://api.github.com/user", head, null);
|
||||
String s = OkHttpClientUtil.doGet("https://api.github.com/user",null, head, null);
|
||||
JSONObject jsonObject = JSON.parseObject(s);
|
||||
UserInfo userInfo = new UserInfo();
|
||||
if (!jsonObject.isEmpty()) {
|
||||
|
@ -203,20 +203,20 @@ public class OutlookServiceImpl extends ServiceImpl<OutlookMapper, Outlook> impl
|
||||
JsonObject mail = value.get(i).getAsJsonObject();
|
||||
String id = mail.get("id").getAsString();
|
||||
|
||||
Map<String, Object> head = new HashMap<>();
|
||||
Map<String, String> head = new HashMap<>();
|
||||
head.put("Content-Type", "application/json");
|
||||
head.put("Authorization", access_token);
|
||||
/*不用管邮件内容*/
|
||||
OkHttpRequestUtils.doGet("https://graph.microsoft.com/v1.0/me/messages/" + id, head, null);
|
||||
OkHttpClientUtil.doGet("https://graph.microsoft.com/v1.0/me/messages/" + id, null,head, null);
|
||||
}
|
||||
return count;
|
||||
}
|
||||
|
||||
public String MailList(String access_token) throws Exception {
|
||||
Map<String, Object> head = new HashMap<>();
|
||||
Map<String, String> head = new HashMap<>();
|
||||
head.put("Content-Type", "application/json");
|
||||
head.put("Authorization", access_token);
|
||||
String s = OkHttpRequestUtils.doGet("https://graph.microsoft.com/v1.0/me/messages?$select=sender,subject", head, null);
|
||||
String s = OkHttpClientUtil.doGet("https://graph.microsoft.com/v1.0/me/messages?$select=sender,subject",null, head, null);
|
||||
logger.debug("请求邮件列表返回数据:" + s);
|
||||
return s;
|
||||
}
|
||||
|
@ -1,22 +1,11 @@
|
||||
package io.qyi.e5.util.netRequest;
|
||||
|
||||
import com.alibaba.fastjson.JSON;
|
||||
import com.alibaba.fastjson.JSONArray;
|
||||
import com.alibaba.fastjson.JSONObject;
|
||||
import okhttp3.*;
|
||||
|
||||
import java.text.SimpleDateFormat;
|
||||
import java.util.Date;
|
||||
import java.util.Iterator;
|
||||
import java.util.Map;
|
||||
import java.util.concurrent.TimeUnit;
|
||||
|
||||
import okhttp3.FormBody;
|
||||
import okhttp3.MediaType;
|
||||
import okhttp3.OkHttpClient;
|
||||
import okhttp3.Request;
|
||||
import okhttp3.RequestBody;
|
||||
import okhttp3.Response;
|
||||
|
||||
public class OkHttpClientUtil {
|
||||
private static int connTimeOut = 5 * 1000;
|
||||
private static int readTimeOut = 20 * 1000;
|
||||
|
Loading…
Reference in New Issue
Block a user