mirror of
https://github.com/luoye663/e5.git
synced 2024-12-27 12:08:13 +00:00
修复httputil一些问题,修复由于配置丢失,导致权限管理错误问题
This commit is contained in:
parent
18d4af6043
commit
d1147a4b8b
@ -75,7 +75,6 @@ public class RabbitMQConfig {
|
|||||||
factory.setConcurrentConsumers(1);
|
factory.setConcurrentConsumers(1);
|
||||||
factory.setMaxConcurrentConsumers(50);
|
factory.setMaxConcurrentConsumers(50);
|
||||||
factory.setPrefetchCount(20);
|
factory.setPrefetchCount(20);
|
||||||
|
|
||||||
factory.setConnectionFactory(connectionFactory);
|
factory.setConnectionFactory(connectionFactory);
|
||||||
factory.setMessageConverter(new Jackson2JsonMessageConverter());
|
factory.setMessageConverter(new Jackson2JsonMessageConverter());
|
||||||
return factory;
|
return factory;
|
||||||
|
@ -1,5 +1,7 @@
|
|||||||
package io.qyi.e5.config.security;
|
package io.qyi.e5.config.security;
|
||||||
|
|
||||||
|
import io.qyi.e5.config.security.bean.CollectionBean;
|
||||||
|
import io.qyi.e5.config.security.bean.dto.PermissionListDto;
|
||||||
import lombok.extern.slf4j.Slf4j;
|
import lombok.extern.slf4j.Slf4j;
|
||||||
import org.springframework.beans.factory.annotation.Value;
|
import org.springframework.beans.factory.annotation.Value;
|
||||||
import org.springframework.security.access.ConfigAttribute;
|
import org.springframework.security.access.ConfigAttribute;
|
||||||
@ -22,40 +24,42 @@ import java.util.*;
|
|||||||
@Service
|
@Service
|
||||||
public class UrlInvocationSecurityMetadataSourceService implements FilterInvocationSecurityMetadataSource {
|
public class UrlInvocationSecurityMetadataSourceService implements FilterInvocationSecurityMetadataSource {
|
||||||
|
|
||||||
@Value("web.security.admin")
|
@Value("${web.security.admin}")
|
||||||
private String[] securityAdmin;
|
private String[] securityAdmin;
|
||||||
@Value("web.security.user")
|
@Value("${web.security.user}")
|
||||||
private String[] securityUser;
|
private String[] securityUser;
|
||||||
@Value("web.security.role_anonymous")
|
@Value("${web.security.role_anonymous}")
|
||||||
private String[] securitAnonymous;
|
private String[] securitAnonymous;
|
||||||
|
|
||||||
private HashMap<String, Collection<ConfigAttribute>> map =null;
|
private List<CollectionBean> map = null;
|
||||||
/**
|
/**
|
||||||
* 加载权限表中所有权限
|
* 加载权限表中所有权限
|
||||||
* 这里有一个坑,如果map返回是null,是不会AccessDecisionManager,默认放行。
|
* 这里有一个坑,如果map返回是null,是不会AccessDecisionManager,默认放行。
|
||||||
*/
|
*/
|
||||||
public void loadResourceDefine(){
|
public void loadResourceDefine(){
|
||||||
log.info("加载权限表中所有权限");
|
log.info("加载权限表中所有权限");
|
||||||
map = new HashMap<>();
|
map = new ArrayList<>();
|
||||||
Collection<ConfigAttribute> array;
|
Collection<ConfigAttribute> array;
|
||||||
ConfigAttribute cfg;
|
ConfigAttribute cfg;
|
||||||
Map<String, String []> permissions = new HashMap<>();
|
Map<String, String []> permissions = new HashMap<>();
|
||||||
/*这里只是简单的配置*/
|
/*这里只是简单的配置*/
|
||||||
permissions.put("admin", securityAdmin);
|
List<PermissionListDto> permissionList = new ArrayList<>();
|
||||||
permissions.put("user", securityUser);
|
Arrays.stream(securityAdmin).forEach(s -> permissionList.add(new PermissionListDto("admin",s)));
|
||||||
permissions.put("ROLE_ANONYMOUS", securitAnonymous);
|
Arrays.stream(securityUser).forEach(s -> permissionList.add(new PermissionListDto("user",s)));
|
||||||
|
Arrays.stream(securitAnonymous).forEach(s -> permissionList.add(new PermissionListDto("ROLE_ANONYMOUS",s)));
|
||||||
|
|
||||||
|
Iterator<PermissionListDto> iterator1 = permissionList.iterator();
|
||||||
|
while (iterator1.hasNext()) {
|
||||||
|
PermissionListDto next = iterator1.next();
|
||||||
|
String role_name = next.getRoleName();
|
||||||
|
String url = next.getUrl();
|
||||||
|
|
||||||
Iterator<Map.Entry<String, String[]>> iterator = permissions.entrySet().iterator();
|
|
||||||
while (iterator.hasNext()) {
|
|
||||||
Map.Entry<String, String[]> next = iterator.next();
|
|
||||||
String key = next.getKey();
|
|
||||||
String[] value = next.getValue();
|
|
||||||
array = new ArrayList<>();
|
array = new ArrayList<>();
|
||||||
for (int i = 0; i < value.length; i++) {
|
cfg = new SecurityConfig(role_name);
|
||||||
cfg = new SecurityConfig(value[i]);
|
array.add(cfg);
|
||||||
array.add(cfg);
|
/* url -> N x roleName*/
|
||||||
}
|
CollectionBean collectionBean = new CollectionBean(url,array);
|
||||||
map.put(key, array);
|
map.add(collectionBean);
|
||||||
}
|
}
|
||||||
|
|
||||||
}
|
}
|
||||||
@ -67,14 +71,28 @@ public class UrlInvocationSecurityMetadataSourceService implements FilterInvocat
|
|||||||
HttpServletRequest request = ((FilterInvocation) o).getHttpRequest();
|
HttpServletRequest request = ((FilterInvocation) o).getHttpRequest();
|
||||||
AntPathRequestMatcher matcher;
|
AntPathRequestMatcher matcher;
|
||||||
String resUrl;
|
String resUrl;
|
||||||
for(Iterator<String> iter = map.keySet().iterator(); iter.hasNext(); ) {
|
Collection<ConfigAttribute> collection = new LinkedList<>();
|
||||||
resUrl = iter.next();
|
Iterator<CollectionBean> iterator1 = map.iterator();
|
||||||
|
while (iterator1.hasNext()) {
|
||||||
|
CollectionBean next = iterator1.next();
|
||||||
|
resUrl = next.getUrl();
|
||||||
matcher = new AntPathRequestMatcher(resUrl);
|
matcher = new AntPathRequestMatcher(resUrl);
|
||||||
if(matcher.matches(request)) {
|
if (matcher.matches(request)) {
|
||||||
return map.get(resUrl);
|
Iterator<ConfigAttribute> iterator = next.getConfigAttributes().iterator();
|
||||||
|
while (iterator.hasNext()) {
|
||||||
|
collection.add(iterator.next());
|
||||||
|
}
|
||||||
|
// collection.add(map.get(resUrl))
|
||||||
|
// return map.get(resUrl);
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
return null;
|
if (collection.size() > 0) {
|
||||||
|
return collection;
|
||||||
|
}
|
||||||
|
/*防止数据库中没有数据,不能进行权限拦截*/
|
||||||
|
ConfigAttribute configAttribute = new SecurityConfig("ROLE_NO_USER");
|
||||||
|
collection.add(configAttribute);
|
||||||
|
return collection;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
||||||
|
@ -0,0 +1,23 @@
|
|||||||
|
package io.qyi.e5.config.security.bean;
|
||||||
|
|
||||||
|
import lombok.Data;
|
||||||
|
import org.springframework.security.access.ConfigAttribute;
|
||||||
|
|
||||||
|
import java.util.Collection;
|
||||||
|
|
||||||
|
/**
|
||||||
|
* @program: wds
|
||||||
|
* @description:
|
||||||
|
* @author: 落叶随风
|
||||||
|
* @create: 2020-07-09 00:59
|
||||||
|
**/
|
||||||
|
@Data
|
||||||
|
public class CollectionBean {
|
||||||
|
private String url;
|
||||||
|
private Collection<ConfigAttribute> configAttributes;
|
||||||
|
|
||||||
|
public CollectionBean(String url, Collection<ConfigAttribute> configAttributes) {
|
||||||
|
this.url = url;
|
||||||
|
this.configAttributes = configAttributes;
|
||||||
|
}
|
||||||
|
}
|
@ -0,0 +1,15 @@
|
|||||||
|
package io.qyi.e5.config.security.bean.dto;
|
||||||
|
|
||||||
|
import lombok.Data;
|
||||||
|
|
||||||
|
/**
|
||||||
|
* @program: wds
|
||||||
|
* @description:
|
||||||
|
* @author: 落叶随风
|
||||||
|
* @create: 2020-07-10 16:55
|
||||||
|
**/
|
||||||
|
@Data
|
||||||
|
public class PermissionDto {
|
||||||
|
private int roleId;
|
||||||
|
private String roleName;
|
||||||
|
}
|
@ -0,0 +1,23 @@
|
|||||||
|
package io.qyi.e5.config.security.bean.dto;
|
||||||
|
|
||||||
|
import lombok.Data;
|
||||||
|
|
||||||
|
/**
|
||||||
|
* @program: demo
|
||||||
|
* @description:
|
||||||
|
* @author: 落叶随风
|
||||||
|
* @create: 2020-07-08 15:59
|
||||||
|
**/
|
||||||
|
@Data
|
||||||
|
public class PermissionListDto {
|
||||||
|
String roleName;
|
||||||
|
String url;
|
||||||
|
|
||||||
|
public PermissionListDto(String roleName, String url) {
|
||||||
|
this.roleName = roleName;
|
||||||
|
this.url = url;
|
||||||
|
}
|
||||||
|
|
||||||
|
public PermissionListDto() {
|
||||||
|
}
|
||||||
|
}
|
@ -0,0 +1,25 @@
|
|||||||
|
package io.qyi.e5.config.security.bean.dto;
|
||||||
|
|
||||||
|
import lombok.Data;
|
||||||
|
|
||||||
|
import java.util.LinkedList;
|
||||||
|
import java.util.List;
|
||||||
|
|
||||||
|
/**
|
||||||
|
* @program: wds
|
||||||
|
* @description:
|
||||||
|
* @author: 落叶随风
|
||||||
|
* @create: 2020-07-09 17:09
|
||||||
|
**/
|
||||||
|
@Data
|
||||||
|
public class RoleMenuDto {
|
||||||
|
private int id;
|
||||||
|
/*菜单名*/
|
||||||
|
private String name;
|
||||||
|
/*url*/
|
||||||
|
private String url;
|
||||||
|
/*父id*/
|
||||||
|
private int pid;
|
||||||
|
|
||||||
|
private List<Object> data = new LinkedList<>();
|
||||||
|
}
|
@ -3,15 +3,14 @@ package io.qyi.e5.github.service.impl;
|
|||||||
import com.alibaba.fastjson.JSON;
|
import com.alibaba.fastjson.JSON;
|
||||||
import com.alibaba.fastjson.JSONArray;
|
import com.alibaba.fastjson.JSONArray;
|
||||||
import com.alibaba.fastjson.JSONObject;
|
import com.alibaba.fastjson.JSONObject;
|
||||||
import com.baomidou.mybatisplus.core.conditions.Wrapper;
|
|
||||||
import com.baomidou.mybatisplus.core.conditions.query.QueryWrapper;
|
import com.baomidou.mybatisplus.core.conditions.query.QueryWrapper;
|
||||||
|
import com.baomidou.mybatisplus.extension.service.impl.ServiceImpl;
|
||||||
import io.qyi.e5.github.entity.Github;
|
import io.qyi.e5.github.entity.Github;
|
||||||
import io.qyi.e5.github.entity.UserInfo;
|
import io.qyi.e5.github.entity.UserInfo;
|
||||||
import io.qyi.e5.github.mapper.GithubMapper;
|
import io.qyi.e5.github.mapper.GithubMapper;
|
||||||
import io.qyi.e5.github.service.IGithubService;
|
import io.qyi.e5.github.service.IGithubService;
|
||||||
import com.baomidou.mybatisplus.extension.service.impl.ServiceImpl;
|
|
||||||
import io.qyi.e5.util.StringUtil;
|
import io.qyi.e5.util.StringUtil;
|
||||||
import io.qyi.e5.util.netRequest.OkHttpRequestUtils;
|
import io.qyi.e5.util.netRequest.OkHttpClientUtil;
|
||||||
import org.springframework.beans.factory.annotation.Value;
|
import org.springframework.beans.factory.annotation.Value;
|
||||||
import org.springframework.stereotype.Service;
|
import org.springframework.stereotype.Service;
|
||||||
|
|
||||||
@ -43,7 +42,7 @@ public class GithubServiceImpl extends ServiceImpl<GithubMapper, Github> impleme
|
|||||||
head.put("Content-Type", "application/x-www-form-urlencoded");
|
head.put("Content-Type", "application/x-www-form-urlencoded");
|
||||||
String s = null;
|
String s = null;
|
||||||
try {
|
try {
|
||||||
s = OkHttpRequestUtils.doPost("https://github.com/login/oauth/access_token", head, par);
|
s = OkHttpClientUtil.doPost("https://github.com/login/oauth/access_token", head, par);
|
||||||
} catch (Exception e) {
|
} catch (Exception e) {
|
||||||
e.printStackTrace();
|
e.printStackTrace();
|
||||||
}
|
}
|
||||||
@ -54,10 +53,10 @@ public class GithubServiceImpl extends ServiceImpl<GithubMapper, Github> impleme
|
|||||||
|
|
||||||
@Override
|
@Override
|
||||||
public String getUserEmail(String access_token) throws Exception {
|
public String getUserEmail(String access_token) throws Exception {
|
||||||
Map<String, Object> head = new HashMap<>();
|
Map<String, String> head = new HashMap<>();
|
||||||
head.put("Authorization", "token " + access_token);
|
head.put("Authorization", "token " + access_token);
|
||||||
head.put("Content-Type", "application/vnd.github.machine-man-preview+json");
|
head.put("Content-Type", "application/vnd.github.machine-man-preview+json");
|
||||||
String s = OkHttpRequestUtils.doGet("https://api.github.com/user/emails", head, null);
|
String s = OkHttpClientUtil.doGet("https://api.github.com/user/emails", null,head, null);
|
||||||
System.out.println(s);
|
System.out.println(s);
|
||||||
JSONArray jsonArray = JSON.parseArray(s);
|
JSONArray jsonArray = JSON.parseArray(s);
|
||||||
if (!jsonArray.isEmpty()) {
|
if (!jsonArray.isEmpty()) {
|
||||||
@ -74,11 +73,11 @@ public class GithubServiceImpl extends ServiceImpl<GithubMapper, Github> impleme
|
|||||||
|
|
||||||
@Override
|
@Override
|
||||||
public UserInfo getUserInfo(String access_token) {
|
public UserInfo getUserInfo(String access_token) {
|
||||||
Map<String, Object> head = new HashMap<>();
|
Map<String, String> head = new HashMap<>();
|
||||||
head.put("Authorization", "token " + access_token);
|
head.put("Authorization", "token " + access_token);
|
||||||
head.put("Content-Type", "application/vnd.github.machine-man-preview+json");
|
head.put("Content-Type", "application/vnd.github.machine-man-preview+json");
|
||||||
try {
|
try {
|
||||||
String s = OkHttpRequestUtils.doGet("https://api.github.com/user", head, null);
|
String s = OkHttpClientUtil.doGet("https://api.github.com/user",null, head, null);
|
||||||
JSONObject jsonObject = JSON.parseObject(s);
|
JSONObject jsonObject = JSON.parseObject(s);
|
||||||
UserInfo userInfo = new UserInfo();
|
UserInfo userInfo = new UserInfo();
|
||||||
if (!jsonObject.isEmpty()) {
|
if (!jsonObject.isEmpty()) {
|
||||||
|
@ -203,20 +203,20 @@ public class OutlookServiceImpl extends ServiceImpl<OutlookMapper, Outlook> impl
|
|||||||
JsonObject mail = value.get(i).getAsJsonObject();
|
JsonObject mail = value.get(i).getAsJsonObject();
|
||||||
String id = mail.get("id").getAsString();
|
String id = mail.get("id").getAsString();
|
||||||
|
|
||||||
Map<String, Object> head = new HashMap<>();
|
Map<String, String> head = new HashMap<>();
|
||||||
head.put("Content-Type", "application/json");
|
head.put("Content-Type", "application/json");
|
||||||
head.put("Authorization", access_token);
|
head.put("Authorization", access_token);
|
||||||
/*不用管邮件内容*/
|
/*不用管邮件内容*/
|
||||||
OkHttpRequestUtils.doGet("https://graph.microsoft.com/v1.0/me/messages/" + id, head, null);
|
OkHttpClientUtil.doGet("https://graph.microsoft.com/v1.0/me/messages/" + id, null,head, null);
|
||||||
}
|
}
|
||||||
return count;
|
return count;
|
||||||
}
|
}
|
||||||
|
|
||||||
public String MailList(String access_token) throws Exception {
|
public String MailList(String access_token) throws Exception {
|
||||||
Map<String, Object> head = new HashMap<>();
|
Map<String, String> head = new HashMap<>();
|
||||||
head.put("Content-Type", "application/json");
|
head.put("Content-Type", "application/json");
|
||||||
head.put("Authorization", access_token);
|
head.put("Authorization", access_token);
|
||||||
String s = OkHttpRequestUtils.doGet("https://graph.microsoft.com/v1.0/me/messages?$select=sender,subject", head, null);
|
String s = OkHttpClientUtil.doGet("https://graph.microsoft.com/v1.0/me/messages?$select=sender,subject",null, head, null);
|
||||||
logger.debug("请求邮件列表返回数据:" + s);
|
logger.debug("请求邮件列表返回数据:" + s);
|
||||||
return s;
|
return s;
|
||||||
}
|
}
|
||||||
|
@ -1,22 +1,11 @@
|
|||||||
package io.qyi.e5.util.netRequest;
|
package io.qyi.e5.util.netRequest;
|
||||||
|
|
||||||
import com.alibaba.fastjson.JSON;
|
import okhttp3.*;
|
||||||
import com.alibaba.fastjson.JSONArray;
|
|
||||||
import com.alibaba.fastjson.JSONObject;
|
|
||||||
|
|
||||||
import java.text.SimpleDateFormat;
|
|
||||||
import java.util.Date;
|
|
||||||
import java.util.Iterator;
|
import java.util.Iterator;
|
||||||
import java.util.Map;
|
import java.util.Map;
|
||||||
import java.util.concurrent.TimeUnit;
|
import java.util.concurrent.TimeUnit;
|
||||||
|
|
||||||
import okhttp3.FormBody;
|
|
||||||
import okhttp3.MediaType;
|
|
||||||
import okhttp3.OkHttpClient;
|
|
||||||
import okhttp3.Request;
|
|
||||||
import okhttp3.RequestBody;
|
|
||||||
import okhttp3.Response;
|
|
||||||
|
|
||||||
public class OkHttpClientUtil {
|
public class OkHttpClientUtil {
|
||||||
private static int connTimeOut = 5 * 1000;
|
private static int connTimeOut = 5 * 1000;
|
||||||
private static int readTimeOut = 20 * 1000;
|
private static int readTimeOut = 20 * 1000;
|
||||||
|
Loading…
Reference in New Issue
Block a user