T cast(Object obj)
{
diff --git a/ruoyi-common/ruoyi-common-core/src/main/java/com/ruoyi/common/core/utils/file/FileTypeUtils.java b/ruoyi-common/ruoyi-common-core/src/main/java/com/ruoyi/common/core/utils/file/FileTypeUtils.java
new file mode 100644
index 00000000..1629fcd4
--- /dev/null
+++ b/ruoyi-common/ruoyi-common-core/src/main/java/com/ruoyi/common/core/utils/file/FileTypeUtils.java
@@ -0,0 +1,76 @@
+package com.ruoyi.common.core.utils.file;
+
+import java.io.File;
+import org.apache.commons.lang3.StringUtils;
+
+/**
+ * 文件类型工具类
+ *
+ * @author ruoyi
+ */
+public class FileTypeUtils
+{
+ /**
+ * 获取文件类型
+ *
+ * 例如: ruoyi.txt, 返回: txt
+ *
+ * @param file 文件名
+ * @return 后缀(不含".")
+ */
+ public static String getFileType(File file)
+ {
+ if (null == file)
+ {
+ return StringUtils.EMPTY;
+ }
+ return getFileType(file.getName());
+ }
+
+ /**
+ * 获取文件类型
+ *
+ * 例如: ruoyi.txt, 返回: txt
+ *
+ * @param fileName 文件名
+ * @return 后缀(不含".")
+ */
+ public static String getFileType(String fileName)
+ {
+ int separatorIndex = fileName.lastIndexOf(".");
+ if (separatorIndex < 0)
+ {
+ return "";
+ }
+ return fileName.substring(separatorIndex + 1).toLowerCase();
+ }
+
+ /**
+ * 获取文件类型
+ *
+ * @param photoByte 文件字节码
+ * @return 后缀(不含".")
+ */
+ public static String getFileExtendName(byte[] photoByte)
+ {
+ String strFileExtendName = "JPG";
+ if ((photoByte[0] == 71) && (photoByte[1] == 73) && (photoByte[2] == 70) && (photoByte[3] == 56)
+ && ((photoByte[4] == 55) || (photoByte[4] == 57)) && (photoByte[5] == 97))
+ {
+ strFileExtendName = "GIF";
+ }
+ else if ((photoByte[6] == 74) && (photoByte[7] == 70) && (photoByte[8] == 73) && (photoByte[9] == 70))
+ {
+ strFileExtendName = "JPG";
+ }
+ else if ((photoByte[0] == 66) && (photoByte[1] == 77))
+ {
+ strFileExtendName = "BMP";
+ }
+ else if ((photoByte[1] == 80) && (photoByte[2] == 78) && (photoByte[3] == 71))
+ {
+ strFileExtendName = "PNG";
+ }
+ return strFileExtendName;
+ }
+}
\ No newline at end of file
diff --git a/ruoyi-common/ruoyi-common-core/src/main/java/com/ruoyi/common/core/utils/file/FileUtils.java b/ruoyi-common/ruoyi-common-core/src/main/java/com/ruoyi/common/core/utils/file/FileUtils.java
new file mode 100644
index 00000000..9dfca168
--- /dev/null
+++ b/ruoyi-common/ruoyi-common-core/src/main/java/com/ruoyi/common/core/utils/file/FileUtils.java
@@ -0,0 +1,260 @@
+package com.ruoyi.common.core.utils.file;
+
+import java.io.File;
+import java.io.FileInputStream;
+import java.io.FileNotFoundException;
+import java.io.IOException;
+import java.io.OutputStream;
+import java.io.UnsupportedEncodingException;
+import java.net.URLEncoder;
+import java.nio.charset.StandardCharsets;
+import javax.servlet.http.HttpServletRequest;
+import javax.servlet.http.HttpServletResponse;
+import org.apache.commons.lang3.ArrayUtils;
+import com.ruoyi.common.core.utils.StringUtils;
+
+/**
+ * 文件处理工具类
+ *
+ * @author ruoyi
+ */
+public class FileUtils extends org.apache.commons.io.FileUtils
+{
+ /** 字符常量:斜杠 {@code '/'} */
+ public static final char SLASH = '/';
+
+ /** 字符常量:反斜杠 {@code '\\'} */
+ public static final char BACKSLASH = '\\';
+
+ public static String FILENAME_PATTERN = "[a-zA-Z0-9_\\-\\|\\.\\u4e00-\\u9fa5]+";
+
+ /**
+ * 输出指定文件的byte数组
+ *
+ * @param filePath 文件路径
+ * @param os 输出流
+ * @return
+ */
+ public static void writeBytes(String filePath, OutputStream os) throws IOException
+ {
+ FileInputStream fis = null;
+ try
+ {
+ File file = new File(filePath);
+ if (!file.exists())
+ {
+ throw new FileNotFoundException(filePath);
+ }
+ fis = new FileInputStream(file);
+ byte[] b = new byte[1024];
+ int length;
+ while ((length = fis.read(b)) > 0)
+ {
+ os.write(b, 0, length);
+ }
+ }
+ catch (IOException e)
+ {
+ throw e;
+ }
+ finally
+ {
+ if (os != null)
+ {
+ try
+ {
+ os.close();
+ }
+ catch (IOException e1)
+ {
+ e1.printStackTrace();
+ }
+ }
+ if (fis != null)
+ {
+ try
+ {
+ fis.close();
+ }
+ catch (IOException e1)
+ {
+ e1.printStackTrace();
+ }
+ }
+ }
+ }
+
+ /**
+ * 删除文件
+ *
+ * @param filePath 文件
+ * @return
+ */
+ public static boolean deleteFile(String filePath)
+ {
+ boolean flag = false;
+ File file = new File(filePath);
+ // 路径为文件且不为空则进行删除
+ if (file.isFile() && file.exists())
+ {
+ file.delete();
+ flag = true;
+ }
+ return flag;
+ }
+
+ /**
+ * 文件名称验证
+ *
+ * @param filename 文件名称
+ * @return true 正常 false 非法
+ */
+ public static boolean isValidFilename(String filename)
+ {
+ return filename.matches(FILENAME_PATTERN);
+ }
+
+ /**
+ * 检查文件是否可下载
+ *
+ * @param resource 需要下载的文件
+ * @return true 正常 false 非法
+ */
+ public static boolean checkAllowDownload(String resource)
+ {
+ // 禁止目录上跳级别
+ if (StringUtils.contains(resource, ".."))
+ {
+ return false;
+ }
+
+ // 检查允许下载的文件规则
+ if (ArrayUtils.contains(MimeTypeUtils.DEFAULT_ALLOWED_EXTENSION, FileTypeUtils.getFileType(resource)))
+ {
+ return true;
+ }
+
+ // 不在允许下载的文件规则
+ return false;
+ }
+
+ /**
+ * 下载文件名重新编码
+ *
+ * @param request 请求对象
+ * @param fileName 文件名
+ * @return 编码后的文件名
+ */
+ public static String setFileDownloadHeader(HttpServletRequest request, String fileName) throws UnsupportedEncodingException
+ {
+ final String agent = request.getHeader("USER-AGENT");
+ String filename = fileName;
+ if (agent.contains("MSIE"))
+ {
+ // IE浏览器
+ filename = URLEncoder.encode(filename, "utf-8");
+ filename = filename.replace("+", " ");
+ }
+ else if (agent.contains("Firefox"))
+ {
+ // 火狐浏览器
+ filename = new String(fileName.getBytes(), "ISO8859-1");
+ }
+ else if (agent.contains("Chrome"))
+ {
+ // google浏览器
+ filename = URLEncoder.encode(filename, "utf-8");
+ }
+ else
+ {
+ // 其它浏览器
+ filename = URLEncoder.encode(filename, "utf-8");
+ }
+ return filename;
+ }
+
+ /**
+ * 返回文件名
+ *
+ * @param filePath 文件
+ * @return 文件名
+ */
+ public static String getName(String filePath)
+ {
+ if (null == filePath)
+ {
+ return null;
+ }
+ int len = filePath.length();
+ if (0 == len)
+ {
+ return filePath;
+ }
+ if (isFileSeparator(filePath.charAt(len - 1)))
+ {
+ // 以分隔符结尾的去掉结尾分隔符
+ len--;
+ }
+
+ int begin = 0;
+ char c;
+ for (int i = len - 1; i > -1; i--)
+ {
+ c = filePath.charAt(i);
+ if (isFileSeparator(c))
+ {
+ // 查找最后一个路径分隔符(/或者\)
+ begin = i + 1;
+ break;
+ }
+ }
+
+ return filePath.substring(begin, len);
+ }
+
+ /**
+ * 是否为Windows或者Linux(Unix)文件分隔符
+ * Windows平台下分隔符为\,Linux(Unix)为/
+ *
+ * @param c 字符
+ * @return 是否为Windows或者Linux(Unix)文件分隔符
+ */
+ public static boolean isFileSeparator(char c)
+ {
+ return SLASH == c || BACKSLASH == c;
+ }
+
+ /**
+ * 下载文件名重新编码
+ *
+ * @param response 响应对象
+ * @param realFileName 真实文件名
+ * @return
+ */
+ public static void setAttachmentResponseHeader(HttpServletResponse response, String realFileName) throws UnsupportedEncodingException
+ {
+ String percentEncodedFileName = percentEncode(realFileName);
+
+ StringBuilder contentDispositionValue = new StringBuilder();
+ contentDispositionValue.append("attachment; filename=")
+ .append(percentEncodedFileName)
+ .append(";")
+ .append("filename*=")
+ .append("utf-8''")
+ .append(percentEncodedFileName);
+
+ response.setHeader("Content-disposition", contentDispositionValue.toString());
+ }
+
+ /**
+ * 百分号编码工具方法
+ *
+ * @param s 需要百分号编码的字符串
+ * @return 百分号编码后的字符串
+ */
+ public static String percentEncode(String s) throws UnsupportedEncodingException
+ {
+ String encode = URLEncoder.encode(s, StandardCharsets.UTF_8.toString());
+ return encode.replaceAll("\\+", "%20");
+ }
+}
diff --git a/ruoyi-common/ruoyi-common-core/src/main/java/com/ruoyi/common/core/utils/file/ImageUtils.java b/ruoyi-common/ruoyi-common-core/src/main/java/com/ruoyi/common/core/utils/file/ImageUtils.java
new file mode 100644
index 00000000..f8fa776a
--- /dev/null
+++ b/ruoyi-common/ruoyi-common-core/src/main/java/com/ruoyi/common/core/utils/file/ImageUtils.java
@@ -0,0 +1,86 @@
+package com.ruoyi.common.core.utils.file;
+
+import java.io.ByteArrayInputStream;
+import java.io.ByteArrayOutputStream;
+import java.io.InputStream;
+import java.net.URL;
+import java.net.URLConnection;
+import java.util.Arrays;
+import org.apache.poi.util.IOUtils;
+import org.slf4j.Logger;
+import org.slf4j.LoggerFactory;
+
+/**
+ * 图片处理工具类
+ *
+ * @author ruoyi
+ */
+public class ImageUtils
+{
+ private static final Logger log = LoggerFactory.getLogger(ImageUtils.class);
+
+ public static byte[] getImage(String imagePath)
+ {
+ InputStream is = getFile(imagePath);
+ try
+ {
+ return IOUtils.toByteArray(is);
+ }
+ catch (Exception e)
+ {
+ log.error("图片加载异常 {}", e);
+ return null;
+ }
+ finally
+ {
+ IOUtils.closeQuietly(is);
+ }
+ }
+
+ public static InputStream getFile(String imagePath)
+ {
+ try
+ {
+ byte[] result = readFile(imagePath);
+ result = Arrays.copyOf(result, result.length);
+ return new ByteArrayInputStream(result);
+ }
+ catch (Exception e)
+ {
+ log.error("获取图片异常 {}", e);
+ }
+ return null;
+ }
+
+ /**
+ * 读取文件为字节数据
+ *
+ * @param key 地址
+ * @return 字节数据
+ */
+ public static byte[] readFile(String url)
+ {
+ InputStream in = null;
+ ByteArrayOutputStream baos = null;
+ try
+ {
+ // 网络地址
+ URL urlObj = new URL(url);
+ URLConnection urlConnection = urlObj.openConnection();
+ urlConnection.setConnectTimeout(30 * 1000);
+ urlConnection.setReadTimeout(60 * 1000);
+ urlConnection.setDoInput(true);
+ in = urlConnection.getInputStream();
+ return IOUtils.toByteArray(in);
+ }
+ catch (Exception e)
+ {
+ log.error("访问文件异常 {}", e);
+ return null;
+ }
+ finally
+ {
+ IOUtils.closeQuietly(baos);
+ }
+ }
+}
diff --git a/ruoyi-common/ruoyi-common-core/src/main/java/com/ruoyi/common/core/utils/file/MimeTypeUtils.java b/ruoyi-common/ruoyi-common-core/src/main/java/com/ruoyi/common/core/utils/file/MimeTypeUtils.java
new file mode 100644
index 00000000..b8a3bc39
--- /dev/null
+++ b/ruoyi-common/ruoyi-common-core/src/main/java/com/ruoyi/common/core/utils/file/MimeTypeUtils.java
@@ -0,0 +1,59 @@
+package com.ruoyi.common.core.utils.file;
+
+/**
+ * 媒体类型工具类
+ *
+ * @author ruoyi
+ */
+public class MimeTypeUtils
+{
+ public static final String IMAGE_PNG = "image/png";
+
+ public static final String IMAGE_JPG = "image/jpg";
+
+ public static final String IMAGE_JPEG = "image/jpeg";
+
+ public static final String IMAGE_BMP = "image/bmp";
+
+ public static final String IMAGE_GIF = "image/gif";
+
+ public static final String[] IMAGE_EXTENSION = { "bmp", "gif", "jpg", "jpeg", "png" };
+
+ public static final String[] FLASH_EXTENSION = { "swf", "flv" };
+
+ public static final String[] MEDIA_EXTENSION = { "swf", "flv", "mp3", "wav", "wma", "wmv", "mid", "avi", "mpg",
+ "asf", "rm", "rmvb" };
+
+ public static final String[] VIDEO_EXTENSION = { "mp4", "avi", "rmvb" };
+
+ public static final String[] DEFAULT_ALLOWED_EXTENSION = {
+ // 图片
+ "bmp", "gif", "jpg", "jpeg", "png",
+ // word excel powerpoint
+ "doc", "docx", "xls", "xlsx", "ppt", "pptx", "html", "htm", "txt",
+ // 压缩文件
+ "rar", "zip", "gz", "bz2",
+ // 视频格式
+ "mp4", "avi", "rmvb",
+ // pdf
+ "pdf" };
+
+ public static String getExtension(String prefix)
+ {
+ switch (prefix)
+ {
+ case IMAGE_PNG:
+ return "png";
+ case IMAGE_JPG:
+ return "jpg";
+ case IMAGE_JPEG:
+ return "jpeg";
+ case IMAGE_BMP:
+ return "bmp";
+ case IMAGE_GIF:
+ return "gif";
+ default:
+ return "";
+ }
+ }
+}
diff --git a/ruoyi-common/ruoyi-common-core/src/main/java/com/ruoyi/common/core/utils/ip/IpUtils.java b/ruoyi-common/ruoyi-common-core/src/main/java/com/ruoyi/common/core/utils/ip/IpUtils.java
index 335ed914..be8712f4 100644
--- a/ruoyi-common/ruoyi-common-core/src/main/java/com/ruoyi/common/core/utils/ip/IpUtils.java
+++ b/ruoyi-common/ruoyi-common-core/src/main/java/com/ruoyi/common/core/utils/ip/IpUtils.java
@@ -14,34 +14,43 @@ public class IpUtils
{
public static String getIpAddr(HttpServletRequest request)
{
- if (request == null)
+ String ip = null;
+
+ // X-Forwarded-For:Squid 服务代理
+ String ipAddresses = request.getHeader("X-Forwarded-For");
+ if (ipAddresses == null || ipAddresses.length() == 0 || "unknown".equalsIgnoreCase(ipAddresses))
{
- return "unknown";
+ // Proxy-Client-IP:apache 服务代理
+ ipAddresses = request.getHeader("Proxy-Client-IP");
}
- String ip = request.getHeader("x-forwarded-for");
- if (ip == null || ip.length() == 0 || "unknown".equalsIgnoreCase(ip))
+ if (ipAddresses == null || ipAddresses.length() == 0 || "unknown".equalsIgnoreCase(ipAddresses))
{
- ip = request.getHeader("Proxy-Client-IP");
+ // WL-Proxy-Client-IP:weblogic 服务代理
+ ipAddresses = request.getHeader("WL-Proxy-Client-IP");
}
- if (ip == null || ip.length() == 0 || "unknown".equalsIgnoreCase(ip))
+ if (ipAddresses == null || ipAddresses.length() == 0 || "unknown".equalsIgnoreCase(ipAddresses))
{
- ip = request.getHeader("X-Forwarded-For");
+ // HTTP_CLIENT_IP:有些代理服务器
+ ipAddresses = request.getHeader("HTTP_CLIENT_IP");
}
- if (ip == null || ip.length() == 0 || "unknown".equalsIgnoreCase(ip))
+ if (ipAddresses == null || ipAddresses.length() == 0 || "unknown".equalsIgnoreCase(ipAddresses))
{
- ip = request.getHeader("WL-Proxy-Client-IP");
+ // X-Real-IP:nginx服务代理
+ ipAddresses = request.getHeader("X-Real-IP");
}
- if (ip == null || ip.length() == 0 || "unknown".equalsIgnoreCase(ip))
+
+ // 有些网络通过多层代理,那么获取到的ip就会有多个,一般都是通过逗号(,)分割开来,并且第一个ip为客户端的真实IP
+ if (ipAddresses != null && ipAddresses.length() != 0)
{
- ip = request.getHeader("X-Real-IP");
+ ip = ipAddresses.split(",")[0];
}
- if (ip == null || ip.length() == 0 || "unknown".equalsIgnoreCase(ip))
+ // 还是不能获取到,最后再通过request.getRemoteAddr();获取
+ if (ip == null || ip.length() == 0 || "unknown".equalsIgnoreCase(ipAddresses))
{
ip = request.getRemoteAddr();
}
-
- return "0:0:0:0:0:0:0:1".equals(ip) ? "127.0.0.1" : ip;
+ return ip.equals("0:0:0:0:0:0:0:1") ? "127.0.0.1" : ip;
}
public static boolean internalIp(String ip)
diff --git a/ruoyi-common/ruoyi-common-core/src/main/java/com/ruoyi/common/core/utils/poi/ExcelUtil.java b/ruoyi-common/ruoyi-common-core/src/main/java/com/ruoyi/common/core/utils/poi/ExcelUtil.java
index 783aa8e4..f754a2ca 100644
--- a/ruoyi-common/ruoyi-common-core/src/main/java/com/ruoyi/common/core/utils/poi/ExcelUtil.java
+++ b/ruoyi-common/ruoyi-common-core/src/main/java/com/ruoyi/common/core/utils/poi/ExcelUtil.java
@@ -4,7 +4,6 @@ import java.io.IOException;
import java.io.InputStream;
import java.io.OutputStream;
import java.lang.reflect.Field;
-import java.lang.reflect.Method;
import java.math.BigDecimal;
import java.text.DecimalFormat;
import java.util.ArrayList;
@@ -14,17 +13,19 @@ import java.util.Date;
import java.util.HashMap;
import java.util.List;
import java.util.Map;
+import java.util.Set;
import java.util.stream.Collectors;
import javax.servlet.http.HttpServletResponse;
-import org.apache.poi.hssf.usermodel.HSSFDateUtil;
import org.apache.poi.ss.usermodel.BorderStyle;
import org.apache.poi.ss.usermodel.Cell;
import org.apache.poi.ss.usermodel.CellStyle;
import org.apache.poi.ss.usermodel.CellType;
+import org.apache.poi.ss.usermodel.ClientAnchor;
import org.apache.poi.ss.usermodel.DataValidation;
import org.apache.poi.ss.usermodel.DataValidationConstraint;
import org.apache.poi.ss.usermodel.DataValidationHelper;
import org.apache.poi.ss.usermodel.DateUtil;
+import org.apache.poi.ss.usermodel.Drawing;
import org.apache.poi.ss.usermodel.FillPatternType;
import org.apache.poi.ss.usermodel.Font;
import org.apache.poi.ss.usermodel.HorizontalAlignment;
@@ -36,6 +37,7 @@ import org.apache.poi.ss.usermodel.Workbook;
import org.apache.poi.ss.usermodel.WorkbookFactory;
import org.apache.poi.ss.util.CellRangeAddressList;
import org.apache.poi.xssf.streaming.SXSSFWorkbook;
+import org.apache.poi.xssf.usermodel.XSSFClientAnchor;
import org.apache.poi.xssf.usermodel.XSSFDataValidation;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
@@ -46,6 +48,8 @@ import com.ruoyi.common.core.annotation.Excels;
import com.ruoyi.common.core.text.Convert;
import com.ruoyi.common.core.utils.DateUtils;
import com.ruoyi.common.core.utils.StringUtils;
+import com.ruoyi.common.core.utils.file.FileTypeUtils;
+import com.ruoyi.common.core.utils.file.ImageUtils;
import com.ruoyi.common.core.utils.reflect.ReflectUtils;
/**
@@ -97,6 +101,21 @@ public class ExcelUtil
*/
private List fields;
+ /**
+ * 最大高度
+ */
+ private short maxHeight;
+
+ /**
+ * 统计列表
+ */
+ private Map statistics = new HashMap();
+
+ /**
+ * 数字格式
+ */
+ private static final DecimalFormat DOUBLE_FORMAT = new DecimalFormat("######0.00");
+
/**
* 实体对象
*/
@@ -194,7 +213,10 @@ public class ExcelUtil
// 设置类的私有字段属性可访问.
field.setAccessible(true);
Integer column = cellMap.get(attr.name());
- fieldsMap.put(column, field);
+ if (column != null)
+ {
+ fieldsMap.put(column, field);
+ }
}
}
for (int i = 1; i < rows; i++)
@@ -221,22 +243,30 @@ public class ExcelUtil
}
else
{
- val = Convert.toStr(val);
+ String dateFormat = field.getAnnotation(Excel.class).dateFormat();
+ if (StringUtils.isNotEmpty(dateFormat))
+ {
+ val = DateUtils.parseDateToStr(dateFormat, (Date) val);
+ }
+ else
+ {
+ val = Convert.toStr(val);
+ }
}
}
- else if ((Integer.TYPE == fieldType) || (Integer.class == fieldType))
+ else if ((Integer.TYPE == fieldType || Integer.class == fieldType) && StringUtils.isNumeric(Convert.toStr(val)))
{
val = Convert.toInt(val);
}
- else if ((Long.TYPE == fieldType) || (Long.class == fieldType))
+ else if (Long.TYPE == fieldType || Long.class == fieldType)
{
val = Convert.toLong(val);
}
- else if ((Double.TYPE == fieldType) || (Double.class == fieldType))
+ else if (Double.TYPE == fieldType || Double.class == fieldType)
{
val = Convert.toDouble(val);
}
- else if ((Float.TYPE == fieldType) || (Float.class == fieldType))
+ else if (Float.TYPE == fieldType || Float.class == fieldType)
{
val = Convert.toFloat(val);
}
@@ -255,6 +285,10 @@ public class ExcelUtil
val = DateUtil.getJavaDate((Double) val);
}
}
+ else if (Boolean.TYPE == fieldType || Boolean.class == fieldType)
+ {
+ val = Convert.toBool(val, false);
+ }
if (StringUtils.isNotNull(fieldType))
{
Excel attr = field.getAnnotation(Excel.class);
@@ -265,7 +299,7 @@ public class ExcelUtil
}
else if (StringUtils.isNotEmpty(attr.readConverterExp()))
{
- val = reverseByExp(String.valueOf(val), attr.readConverterExp());
+ val = reverseByExp(Convert.toStr(val), attr.readConverterExp(), attr.separator());
}
ReflectUtils.invokeSetter(entity, propertyName, val);
}
@@ -334,6 +368,7 @@ public class ExcelUtil
if (Type.EXPORT.equals(type))
{
fillExcelData(index, row);
+ addStatisticsRow();
}
}
wb.write(outputStream);
@@ -436,6 +471,30 @@ public class ExcelUtil
headerFont.setColor(IndexedColors.WHITE.getIndex());
style.setFont(headerFont);
styles.put("header", style);
+
+ style = wb.createCellStyle();
+ style.setAlignment(HorizontalAlignment.CENTER);
+ style.setVerticalAlignment(VerticalAlignment.CENTER);
+ Font totalFont = wb.createFont();
+ totalFont.setFontName("Arial");
+ totalFont.setFontHeightInPoints((short) 10);
+ style.setFont(totalFont);
+ styles.put("total", style);
+
+ style = wb.createCellStyle();
+ style.cloneStyleFrom(styles.get("data"));
+ style.setAlignment(HorizontalAlignment.LEFT);
+ styles.put("data1", style);
+
+ style = wb.createCellStyle();
+ style.cloneStyleFrom(styles.get("data"));
+ style.setAlignment(HorizontalAlignment.CENTER);
+ styles.put("data2", style);
+
+ style = wb.createCellStyle();
+ style.cloneStyleFrom(styles.get("data"));
+ style.setAlignment(HorizontalAlignment.RIGHT);
+ styles.put("data3", style);
return styles;
}
@@ -465,14 +524,53 @@ public class ExcelUtil
{
if (ColumnType.STRING == attr.cellType())
{
- cell.setCellType(CellType.NUMERIC);
cell.setCellValue(StringUtils.isNull(value) ? attr.defaultValue() : value + attr.suffix());
}
else if (ColumnType.NUMERIC == attr.cellType())
{
- cell.setCellType(CellType.NUMERIC);
- cell.setCellValue(Integer.parseInt(value + ""));
+ cell.setCellValue(StringUtils.contains(Convert.toStr(value), ".") ? Convert.toDouble(value) : Convert.toInt(value));
+ }
+ else if (ColumnType.IMAGE == attr.cellType())
+ {
+ ClientAnchor anchor = new XSSFClientAnchor(0, 0, 0, 0, (short) cell.getColumnIndex(), cell.getRow().getRowNum(), (short) (cell.getColumnIndex() + 1),
+ cell.getRow().getRowNum() + 1);
+ String imagePath = Convert.toStr(value);
+ if (StringUtils.isNotEmpty(imagePath))
+ {
+ byte[] data = ImageUtils.getImage(imagePath);
+ getDrawingPatriarch(cell.getSheet()).createPicture(anchor,
+ cell.getSheet().getWorkbook().addPicture(data, getImageType(data)));
+ }
+ }
+ }
+
+ /**
+ * 获取画布
+ */
+ public static Drawing getDrawingPatriarch(Sheet sheet)
+ {
+ if (sheet.getDrawingPatriarch() == null)
+ {
+ sheet.createDrawingPatriarch();
}
+ return sheet.getDrawingPatriarch();
+ }
+
+ /**
+ * 获取图片类型,设置图片插入类型
+ */
+ public int getImageType(byte[] value)
+ {
+ String type = FileTypeUtils.getFileExtendName(value);
+ if ("JPG".equalsIgnoreCase(type))
+ {
+ return Workbook.PICTURE_TYPE_JPEG;
+ }
+ else if ("PNG".equalsIgnoreCase(type))
+ {
+ return Workbook.PICTURE_TYPE_PNG;
+ }
+ return Workbook.PICTURE_TYPE_JPEG;
}
/**
@@ -488,7 +586,6 @@ public class ExcelUtil
{
// 设置列宽
sheet.setColumnWidth(column, (int) ((attr.width() + 0.72) * 256));
- row.setHeight((short) (attr.height() * 20));
}
// 如果设置了提示信息则鼠标放上去提示.
if (StringUtils.isNotEmpty(attr.prompt()))
@@ -513,31 +610,38 @@ public class ExcelUtil
try
{
// 设置行高
- row.setHeight((short) (attr.height() * 20));
+ row.setHeight(maxHeight);
// 根据Excel中设置情况决定是否导出,有些情况需要保持为空,希望用户填写这一列.
if (attr.isExport())
{
// 创建cell
cell = row.createCell(column);
- cell.setCellStyle(styles.get("data"));
+ int align = attr.align().value();
+ cell.setCellStyle(styles.get("data" + (align >= 1 && align <= 3 ? align : "")));
// 用于读取对象中的属性
Object value = getTargetValue(vo, field, attr);
String dateFormat = attr.dateFormat();
String readConverterExp = attr.readConverterExp();
+ String separator = attr.separator();
if (StringUtils.isNotEmpty(dateFormat) && StringUtils.isNotNull(value))
{
cell.setCellValue(DateUtils.parseDateToStr(dateFormat, (Date) value));
}
else if (StringUtils.isNotEmpty(readConverterExp) && StringUtils.isNotNull(value))
{
- cell.setCellValue(convertByExp(String.valueOf(value), readConverterExp));
+ cell.setCellValue(convertByExp(Convert.toStr(value), readConverterExp, separator));
+ }
+ else if (value instanceof BigDecimal && -1 != attr.scale())
+ {
+ cell.setCellValue((((BigDecimal) value).setScale(attr.scale(), attr.roundingMode())).toString());
}
else
{
// 设置列类型
setCellVo(value, attr, cell);
}
+ addStatisticsData(column, Convert.toStr(value), attr);
}
}
catch (Exception e)
@@ -609,28 +713,36 @@ public class ExcelUtil
*
* @param propertyValue 参数值
* @param converterExp 翻译注解
+ * @param separator 分隔符
* @return 解析后值
- * @throws Exception
*/
- public static String convertByExp(String propertyValue, String converterExp) throws Exception
+ public static String convertByExp(String propertyValue, String converterExp, String separator)
{
- try
+ StringBuilder propertyString = new StringBuilder();
+ String[] convertSource = converterExp.split(",");
+ for (String item : convertSource)
{
- String[] convertSource = converterExp.split(",");
- for (String item : convertSource)
+ String[] itemArray = item.split("=");
+ if (StringUtils.containsAny(separator, propertyValue))
+ {
+ for (String value : propertyValue.split(separator))
+ {
+ if (itemArray[0].equals(value))
+ {
+ propertyString.append(itemArray[1] + separator);
+ break;
+ }
+ }
+ }
+ else
{
- String[] itemArray = item.split("=");
if (itemArray[0].equals(propertyValue))
{
return itemArray[1];
}
}
}
- catch (Exception e)
- {
- throw e;
- }
- return propertyValue;
+ return StringUtils.stripEnd(propertyString.toString(), separator);
}
/**
@@ -638,28 +750,83 @@ public class ExcelUtil
*
* @param propertyValue 参数值
* @param converterExp 翻译注解
+ * @param separator 分隔符
* @return 解析后值
- * @throws Exception
*/
- public static String reverseByExp(String propertyValue, String converterExp) throws Exception
+ public static String reverseByExp(String propertyValue, String converterExp, String separator)
{
- try
+ StringBuilder propertyString = new StringBuilder();
+ String[] convertSource = converterExp.split(",");
+ for (String item : convertSource)
{
- String[] convertSource = converterExp.split(",");
- for (String item : convertSource)
+ String[] itemArray = item.split("=");
+ if (StringUtils.containsAny(separator, propertyValue))
+ {
+ for (String value : propertyValue.split(separator))
+ {
+ if (itemArray[1].equals(value))
+ {
+ propertyString.append(itemArray[0] + separator);
+ break;
+ }
+ }
+ }
+ else
{
- String[] itemArray = item.split("=");
if (itemArray[1].equals(propertyValue))
{
return itemArray[0];
}
}
}
- catch (Exception e)
+ return StringUtils.stripEnd(propertyString.toString(), separator);
+ }
+
+ /**
+ * 合计统计信息
+ */
+ private void addStatisticsData(Integer index, String text, Excel entity)
+ {
+ if (entity != null && entity.isStatistics())
+ {
+ Double temp = 0D;
+ if (!statistics.containsKey(index))
+ {
+ statistics.put(index, temp);
+ }
+ try
+ {
+ temp = Double.valueOf(text);
+ }
+ catch (NumberFormatException e)
+ {
+ }
+ statistics.put(index, statistics.get(index) + temp);
+ }
+ }
+
+ /**
+ * 创建统计行
+ */
+ public void addStatisticsRow()
+ {
+ if (statistics.size() > 0)
{
- throw e;
+ Cell cell = null;
+ Row row = sheet.createRow(sheet.getLastRowNum() + 1);
+ Set keys = statistics.keySet();
+ cell = row.createCell(0);
+ cell.setCellStyle(styles.get("total"));
+ cell.setCellValue("合计");
+
+ for (Integer key : keys)
+ {
+ cell = row.createCell(key);
+ cell.setCellStyle(styles.get("total"));
+ cell.setCellValue(DOUBLE_FORMAT.format(statistics.get(key)));
+ }
+ statistics.clear();
}
- return propertyValue;
}
/**
@@ -703,12 +870,12 @@ public class ExcelUtil
*/
private Object getValue(Object o, String name) throws Exception
{
- if (StringUtils.isNotEmpty(name))
+ if (StringUtils.isNotNull(o) && StringUtils.isNotEmpty(name))
{
Class clazz = o.getClass();
- String methodName = "get" + name.substring(0, 1).toUpperCase() + name.substring(1);
- Method method = clazz.getMethod(methodName);
- o = method.invoke(o);
+ Field field = clazz.getDeclaredField(name);
+ field.setAccessible(true);
+ o = field.get(o);
}
return o;
}
@@ -742,6 +909,21 @@ public class ExcelUtil
}
}
this.fields = this.fields.stream().sorted(Comparator.comparing(objects -> ((Excel) objects[1]).sort())).collect(Collectors.toList());
+ this.maxHeight = getRowHeight();
+ }
+
+ /**
+ * 根据注解获取最大行高
+ */
+ public short getRowHeight()
+ {
+ double maxHeight = 0;
+ for (Object[] os : this.fields)
+ {
+ Excel excel = (Excel) os[1];
+ maxHeight = maxHeight > excel.height() ? maxHeight : excel.height();
+ }
+ return (short) (maxHeight * 20);
}
/**
@@ -803,18 +985,18 @@ public class ExcelUtil
Cell cell = row.getCell(column);
if (StringUtils.isNotNull(cell))
{
- if (cell.getCellTypeEnum() == CellType.NUMERIC || cell.getCellTypeEnum() == CellType.FORMULA)
+ if (cell.getCellType() == CellType.NUMERIC || cell.getCellType() == CellType.FORMULA)
{
val = cell.getNumericCellValue();
- if (HSSFDateUtil.isCellDateFormatted(cell))
+ if (DateUtil.isCellDateFormatted(cell))
{
val = DateUtil.getJavaDate((Double) val); // POI Excel 日期格式转换
}
else
{
- if ((Double) val % 1 > 0)
+ if ((Double) val % 1 != 0)
{
- val = new DecimalFormat("0.00").format(val);
+ val = new BigDecimal(val.toString());
}
else
{
@@ -822,15 +1004,15 @@ public class ExcelUtil
}
}
}
- else if (cell.getCellTypeEnum() == CellType.STRING)
+ else if (cell.getCellType() == CellType.STRING)
{
val = cell.getStringCellValue();
}
- else if (cell.getCellTypeEnum() == CellType.BOOLEAN)
+ else if (cell.getCellType() == CellType.BOOLEAN)
{
val = cell.getBooleanCellValue();
}
- else if (cell.getCellTypeEnum() == CellType.ERROR)
+ else if (cell.getCellType() == CellType.ERROR)
{
val = cell.getErrorCellValue();
}
diff --git a/ruoyi-common/ruoyi-common-core/src/main/java/com/ruoyi/common/core/utils/reflect/ReflectUtils.java b/ruoyi-common/ruoyi-common-core/src/main/java/com/ruoyi/common/core/utils/reflect/ReflectUtils.java
index ee27ae0a..3d8382b2 100644
--- a/ruoyi-common/ruoyi-common-core/src/main/java/com/ruoyi/common/core/utils/reflect/ReflectUtils.java
+++ b/ruoyi-common/ruoyi-common-core/src/main/java/com/ruoyi/common/core/utils/reflect/ReflectUtils.java
@@ -204,6 +204,10 @@ public class ReflectUtils
args[i] = DateUtil.getJavaDate((Double) args[i]);
}
}
+ else if (cs[i] == boolean.class || cs[i] == Boolean.class)
+ {
+ args[i] = Convert.toBool(args[i]);
+ }
}
}
return (E) method.invoke(obj, args);
diff --git a/ruoyi-common/ruoyi-common-core/src/main/java/com/ruoyi/common/core/utils/sql/SqlUtil.java b/ruoyi-common/ruoyi-common-core/src/main/java/com/ruoyi/common/core/utils/sql/SqlUtil.java
index 25f842e9..b84f4e76 100644
--- a/ruoyi-common/ruoyi-common-core/src/main/java/com/ruoyi/common/core/utils/sql/SqlUtil.java
+++ b/ruoyi-common/ruoyi-common-core/src/main/java/com/ruoyi/common/core/utils/sql/SqlUtil.java
@@ -1,5 +1,6 @@
package com.ruoyi.common.core.utils.sql;
+import com.ruoyi.common.core.exception.BaseException;
import com.ruoyi.common.core.utils.StringUtils;
/**
@@ -10,9 +11,9 @@ import com.ruoyi.common.core.utils.StringUtils;
public class SqlUtil
{
/**
- * 仅支持字母、数字、下划线、空格、逗号(支持多个字段排序)
+ * 仅支持字母、数字、下划线、空格、逗号、小数点(支持多个字段排序)
*/
- public static String SQL_PATTERN = "[a-zA-Z0-9_\\ \\,]+";
+ public static String SQL_PATTERN = "[a-zA-Z0-9_\\ \\,\\.]+";
/**
* 检查字符,防止注入绕过
@@ -21,7 +22,7 @@ public class SqlUtil
{
if (StringUtils.isNotEmpty(value) && !isValidOrderBySql(value))
{
- return StringUtils.EMPTY;
+ throw new BaseException("参数不符合规范,不能进行查询");
}
return value;
}
diff --git a/ruoyi-common/ruoyi-common-core/src/main/java/com/ruoyi/common/core/web/domain/AjaxResult.java b/ruoyi-common/ruoyi-common-core/src/main/java/com/ruoyi/common/core/web/domain/AjaxResult.java
index 022aede8..626f4afb 100644
--- a/ruoyi-common/ruoyi-common-core/src/main/java/com/ruoyi/common/core/web/domain/AjaxResult.java
+++ b/ruoyi-common/ruoyi-common-core/src/main/java/com/ruoyi/common/core/web/domain/AjaxResult.java
@@ -57,6 +57,20 @@ public class AjaxResult extends HashMap
super.put(DATA_TAG, data);
}
}
+
+ /**
+ * 方便链式调用
+ *
+ * @param key
+ * @param value
+ * @return
+ */
+ @Override
+ public AjaxResult put(String key, Object value)
+ {
+ super.put(key, value);
+ return this;
+ }
/**
* 返回成功消息
diff --git a/ruoyi-common/ruoyi-common-core/src/main/java/com/ruoyi/common/core/web/domain/BaseEntity.java b/ruoyi-common/ruoyi-common-core/src/main/java/com/ruoyi/common/core/web/domain/BaseEntity.java
index 79bcee7c..b316f893 100644
--- a/ruoyi-common/ruoyi-common-core/src/main/java/com/ruoyi/common/core/web/domain/BaseEntity.java
+++ b/ruoyi-common/ruoyi-common-core/src/main/java/com/ruoyi/common/core/web/domain/BaseEntity.java
@@ -5,7 +5,6 @@ import java.util.Date;
import java.util.HashMap;
import java.util.Map;
import com.fasterxml.jackson.annotation.JsonFormat;
-import com.fasterxml.jackson.annotation.JsonIgnore;
/**
* Entity基类
@@ -36,14 +35,6 @@ public class BaseEntity implements Serializable
/** 备注 */
private String remark;
- /** 开始时间 */
- @JsonIgnore
- private String beginTime;
-
- /** 结束时间 */
- @JsonIgnore
- private String endTime;
-
/** 请求参数 */
private Map params;
@@ -107,26 +98,6 @@ public class BaseEntity implements Serializable
this.remark = remark;
}
- public String getBeginTime()
- {
- return beginTime;
- }
-
- public void setBeginTime(String beginTime)
- {
- this.beginTime = beginTime;
- }
-
- public String getEndTime()
- {
- return endTime;
- }
-
- public void setEndTime(String endTime)
- {
- this.endTime = endTime;
- }
-
public Map getParams()
{
if (params == null)
diff --git a/ruoyi-common/ruoyi-common-core/src/main/java/com/ruoyi/common/core/web/page/PageDomain.java b/ruoyi-common/ruoyi-common-core/src/main/java/com/ruoyi/common/core/web/page/PageDomain.java
index 367efa69..9f1ea8e0 100644
--- a/ruoyi-common/ruoyi-common-core/src/main/java/com/ruoyi/common/core/web/page/PageDomain.java
+++ b/ruoyi-common/ruoyi-common-core/src/main/java/com/ruoyi/common/core/web/page/PageDomain.java
@@ -17,9 +17,9 @@ public class PageDomain
/** 排序列 */
private String orderByColumn;
- /** 排序的方向 "desc" 或者 "asc". */
- private String isAsc;
+ /** 排序的方向desc或者asc */
+ private String isAsc = "asc";
public String getOrderBy()
{
diff --git a/ruoyi-common/ruoyi-common-datascope/pom.xml b/ruoyi-common/ruoyi-common-datascope/pom.xml
index b89792e1..2fbc8f61 100644
--- a/ruoyi-common/ruoyi-common-datascope/pom.xml
+++ b/ruoyi-common/ruoyi-common-datascope/pom.xml
@@ -5,7 +5,7 @@
com.ruoyi
ruoyi-common
- 2.0.0
+ 2.5.0
4.0.0
diff --git a/ruoyi-common/ruoyi-common-datascope/src/main/java/com/ruoyi/common/datascope/aspect/DataScopeAspect.java b/ruoyi-common/ruoyi-common-datascope/src/main/java/com/ruoyi/common/datascope/aspect/DataScopeAspect.java
index b03674c1..72aafcdd 100644
--- a/ruoyi-common/ruoyi-common-datascope/src/main/java/com/ruoyi/common/datascope/aspect/DataScopeAspect.java
+++ b/ruoyi-common/ruoyi-common-datascope/src/main/java/com/ruoyi/common/datascope/aspect/DataScopeAspect.java
@@ -12,10 +12,10 @@ import org.springframework.stereotype.Component;
import com.ruoyi.common.core.utils.StringUtils;
import com.ruoyi.common.core.web.domain.BaseEntity;
import com.ruoyi.common.datascope.annotation.DataScope;
-import com.ruoyi.common.datascope.service.AwaitUserService;
+import com.ruoyi.common.security.service.TokenService;
import com.ruoyi.system.api.domain.SysRole;
import com.ruoyi.system.api.domain.SysUser;
-import com.ruoyi.system.api.model.UserInfo;
+import com.ruoyi.system.api.model.LoginUser;
/**
* 数据过滤处理
@@ -57,7 +57,7 @@ public class DataScopeAspect
public static final String DATA_SCOPE = "dataScope";
@Autowired
- private AwaitUserService awaitUserService;
+ private TokenService tokenService;
// 配置织入点
@Pointcut("@annotation(com.ruoyi.common.datascope.annotation.DataScope)")
@@ -80,12 +80,12 @@ public class DataScopeAspect
return;
}
// 获取当前的用户
- UserInfo loginUser = awaitUserService.info();
- SysUser currentUser = loginUser.getSysUser();
- if (currentUser != null)
+ LoginUser loginUser = tokenService.getLoginUser();
+ if (StringUtils.isNotNull(loginUser))
{
+ SysUser currentUser = loginUser.getSysUser();
// 如果是超级管理员,则不过滤数据
- if (!currentUser.isAdmin())
+ if (StringUtils.isNotNull(currentUser) && !currentUser.isAdmin())
{
dataScopeFilter(joinPoint, currentUser, controllerDataScope.deptAlias(),
controllerDataScope.userAlias());
@@ -145,8 +145,12 @@ public class DataScopeAspect
if (StringUtils.isNotBlank(sqlString.toString()))
{
- BaseEntity baseEntity = (BaseEntity) joinPoint.getArgs()[0];
- baseEntity.getParams().put(DATA_SCOPE, " AND (" + sqlString.substring(4) + ")");
+ Object params = joinPoint.getArgs()[0];
+ if (StringUtils.isNotNull(params) && params instanceof BaseEntity)
+ {
+ BaseEntity baseEntity = (BaseEntity) params;
+ baseEntity.getParams().put(DATA_SCOPE, " AND (" + sqlString.substring(4) + ")");
+ }
}
}
diff --git a/ruoyi-common/ruoyi-common-datascope/src/main/java/com/ruoyi/common/datascope/service/AwaitUserService.java b/ruoyi-common/ruoyi-common-datascope/src/main/java/com/ruoyi/common/datascope/service/AwaitUserService.java
deleted file mode 100644
index 446b3f2e..00000000
--- a/ruoyi-common/ruoyi-common-datascope/src/main/java/com/ruoyi/common/datascope/service/AwaitUserService.java
+++ /dev/null
@@ -1,42 +0,0 @@
-package com.ruoyi.common.datascope.service;
-
-import org.slf4j.Logger;
-import org.slf4j.LoggerFactory;
-import org.springframework.beans.factory.annotation.Autowired;
-import org.springframework.stereotype.Service;
-import com.ruoyi.common.core.domain.R;
-import com.ruoyi.common.core.utils.StringUtils;
-import com.ruoyi.common.security.utils.SecurityUtils;
-import com.ruoyi.system.api.RemoteUserService;
-import com.ruoyi.system.api.model.UserInfo;
-
-/**
- * 同步调用用户服务
- *
- * @author ruoyi
- */
-@Service
-public class AwaitUserService
-{
- private static final Logger log = LoggerFactory.getLogger(AwaitUserService.class);
-
- @Autowired
- private RemoteUserService remoteUserService;
-
- /**
- * 查询当前用户信息
- *
- * @return 用户基本信息
- */
- public UserInfo info()
- {
- String username = SecurityUtils.getUsername();
- R userResult = remoteUserService.getUserInfo(username);
- if (StringUtils.isNull(userResult) || StringUtils.isNull(userResult.getData()))
- {
- log.info("数据权限范围查询用户:{} 不存在.", username);
- return null;
- }
- return userResult.getData();
- }
-}
diff --git a/ruoyi-common/ruoyi-common-datascope/src/main/resources/META-INF/spring.factories b/ruoyi-common/ruoyi-common-datascope/src/main/resources/META-INF/spring.factories
index 52508bdd..a9bc860f 100644
--- a/ruoyi-common/ruoyi-common-datascope/src/main/resources/META-INF/spring.factories
+++ b/ruoyi-common/ruoyi-common-datascope/src/main/resources/META-INF/spring.factories
@@ -1,5 +1,4 @@
org.springframework.boot.autoconfigure.EnableAutoConfiguration=\
- com.ruoyi.common.datascope.service.AwaitUserService,\
com.ruoyi.common.datascope.aspect.DataScopeAspect
diff --git a/ruoyi-common/ruoyi-common-datasource/pom.xml b/ruoyi-common/ruoyi-common-datasource/pom.xml
new file mode 100644
index 00000000..ca063068
--- /dev/null
+++ b/ruoyi-common/ruoyi-common-datasource/pom.xml
@@ -0,0 +1,41 @@
+
+
+
+ com.ruoyi
+ ruoyi-common
+ 2.5.0
+
+ 4.0.0
+
+ ruoyi-common-datasource
+
+
+ ruoyi-common-datasource多数据源
+
+
+
+
+
+
+ com.alibaba
+ druid-spring-boot-starter
+ ${druid.version}
+
+
+
+
+ com.baomidou
+ dynamic-datasource-spring-boot-starter
+ ${dynamic-ds.version}
+
+
+
+
+ io.seata
+ seata-spring-boot-starter
+
+
+
+
\ No newline at end of file
diff --git a/ruoyi-common/ruoyi-common-datasource/src/main/java/com/ruoyi/common/datasource/annotation/Master.java b/ruoyi-common/ruoyi-common-datasource/src/main/java/com/ruoyi/common/datasource/annotation/Master.java
new file mode 100644
index 00000000..6ebec02c
--- /dev/null
+++ b/ruoyi-common/ruoyi-common-datasource/src/main/java/com/ruoyi/common/datasource/annotation/Master.java
@@ -0,0 +1,22 @@
+package com.ruoyi.common.datasource.annotation;
+
+import java.lang.annotation.Documented;
+import java.lang.annotation.ElementType;
+import java.lang.annotation.Retention;
+import java.lang.annotation.RetentionPolicy;
+import java.lang.annotation.Target;
+import com.baomidou.dynamic.datasource.annotation.DS;
+
+/**
+ * 主库数据源
+ *
+ * @author ruoyi
+ */
+@Target({ ElementType.TYPE, ElementType.METHOD })
+@Retention(RetentionPolicy.RUNTIME)
+@Documented
+@DS("master")
+public @interface Master
+{
+
+}
\ No newline at end of file
diff --git a/ruoyi-common/ruoyi-common-datasource/src/main/java/com/ruoyi/common/datasource/annotation/Slave.java b/ruoyi-common/ruoyi-common-datasource/src/main/java/com/ruoyi/common/datasource/annotation/Slave.java
new file mode 100644
index 00000000..9ee09413
--- /dev/null
+++ b/ruoyi-common/ruoyi-common-datasource/src/main/java/com/ruoyi/common/datasource/annotation/Slave.java
@@ -0,0 +1,22 @@
+package com.ruoyi.common.datasource.annotation;
+
+import java.lang.annotation.Documented;
+import java.lang.annotation.ElementType;
+import java.lang.annotation.Retention;
+import java.lang.annotation.RetentionPolicy;
+import java.lang.annotation.Target;
+import com.baomidou.dynamic.datasource.annotation.DS;
+
+/**
+ * 从库数据源
+ *
+ * @author ruoyi
+ */
+@Target({ ElementType.TYPE, ElementType.METHOD })
+@Retention(RetentionPolicy.RUNTIME)
+@Documented
+@DS("slave")
+public @interface Slave
+{
+
+}
\ No newline at end of file
diff --git a/ruoyi-common/ruoyi-common-log/pom.xml b/ruoyi-common/ruoyi-common-log/pom.xml
index a75f289a..fe322d1c 100644
--- a/ruoyi-common/ruoyi-common-log/pom.xml
+++ b/ruoyi-common/ruoyi-common-log/pom.xml
@@ -5,7 +5,7 @@
com.ruoyi
ruoyi-common
- 2.0.0
+ 2.5.0
4.0.0
diff --git a/ruoyi-common/ruoyi-common-log/src/main/java/com/ruoyi/common/log/aspect/LogAspect.java b/ruoyi-common/ruoyi-common-log/src/main/java/com/ruoyi/common/log/aspect/LogAspect.java
index 17fbe1e6..e76018e7 100644
--- a/ruoyi-common/ruoyi-common-log/src/main/java/com/ruoyi/common/log/aspect/LogAspect.java
+++ b/ruoyi-common/ruoyi-common-log/src/main/java/com/ruoyi/common/log/aspect/LogAspect.java
@@ -1,6 +1,8 @@
package com.ruoyi.common.log.aspect;
import java.lang.reflect.Method;
+import java.util.Collection;
+import java.util.Iterator;
import java.util.Map;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
@@ -17,16 +19,14 @@ import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.http.HttpMethod;
import org.springframework.stereotype.Component;
import org.springframework.web.multipart.MultipartFile;
-import org.springframework.web.servlet.HandlerMapping;
import com.alibaba.fastjson.JSON;
+import com.ruoyi.common.core.utils.SecurityUtils;
import com.ruoyi.common.core.utils.ServletUtils;
import com.ruoyi.common.core.utils.StringUtils;
import com.ruoyi.common.core.utils.ip.IpUtils;
import com.ruoyi.common.log.annotation.Log;
import com.ruoyi.common.log.enums.BusinessStatus;
import com.ruoyi.common.log.service.AsyncLogService;
-import com.ruoyi.common.security.domain.LoginUser;
-import com.ruoyi.common.security.utils.SecurityUtils;
import com.ruoyi.system.api.domain.SysOperLog;
/**
@@ -83,9 +83,6 @@ public class LogAspect
return;
}
- // 获取当前的用户
- LoginUser loginUser = SecurityUtils.getLoginUser();
-
// *========数据库日志=========*//
SysOperLog operLog = new SysOperLog();
operLog.setStatus(BusinessStatus.SUCCESS.ordinal());
@@ -96,9 +93,10 @@ public class LogAspect
operLog.setJsonResult(JSON.toJSONString(jsonResult));
operLog.setOperUrl(ServletUtils.getRequest().getRequestURI());
- if (loginUser != null)
+ String username = SecurityUtils.getUsername();
+ if (StringUtils.isNotBlank(username))
{
- operLog.setOperName(loginUser.getUsername());
+ operLog.setOperName(username);
}
if (e != null)
@@ -163,11 +161,6 @@ public class LogAspect
String params = argsArrayToString(joinPoint.getArgs());
operLog.setOperParam(StringUtils.substring(params, 0, 2000));
}
- else
- {
- Map paramsMap = (Map) ServletUtils.getRequest().getAttribute(HandlerMapping.URI_TEMPLATE_VARIABLES_ATTRIBUTE);
- operLog.setOperParam(StringUtils.substring(paramsMap.toString(), 0, 2000));
- }
}
/**
@@ -198,8 +191,14 @@ public class LogAspect
{
if (!isFilterObject(paramsArray[i]))
{
- Object jsonObj = JSON.toJSON(paramsArray[i]);
- params += jsonObj.toString() + " ";
+ try
+ {
+ Object jsonObj = JSON.toJSON(paramsArray[i]);
+ params += jsonObj.toString() + " ";
+ }
+ catch (Exception e)
+ {
+ }
}
}
}
@@ -212,8 +211,31 @@ public class LogAspect
* @param o 对象信息。
* @return 如果是需要过滤的对象,则返回true;否则返回false。
*/
+ @SuppressWarnings("rawtypes")
public boolean isFilterObject(final Object o)
{
+ Class clazz = o.getClass();
+ if (clazz.isArray())
+ {
+ return clazz.getComponentType().isAssignableFrom(MultipartFile.class);
+ }
+ else if (Collection.class.isAssignableFrom(clazz))
+ {
+ Collection collection = (Collection) o;
+ for (Iterator iter = collection.iterator(); iter.hasNext();)
+ {
+ return iter.next() instanceof MultipartFile;
+ }
+ }
+ else if (Map.class.isAssignableFrom(clazz))
+ {
+ Map map = (Map) o;
+ for (Iterator iter = map.entrySet().iterator(); iter.hasNext();)
+ {
+ Map.Entry entry = (Map.Entry) iter.next();
+ return entry.getValue() instanceof MultipartFile;
+ }
+ }
return o instanceof MultipartFile || o instanceof HttpServletRequest || o instanceof HttpServletResponse;
}
}
diff --git a/ruoyi-common/ruoyi-common-redis/pom.xml b/ruoyi-common/ruoyi-common-redis/pom.xml
index ecea0c59..e498f15b 100644
--- a/ruoyi-common/ruoyi-common-redis/pom.xml
+++ b/ruoyi-common/ruoyi-common-redis/pom.xml
@@ -5,7 +5,7 @@
com.ruoyi
ruoyi-common
- 2.0.0
+ 2.5.0
4.0.0
diff --git a/ruoyi-common/ruoyi-common-redis/src/main/java/com/ruoyi/common/redis/service/RedisService.java b/ruoyi-common/ruoyi-common-redis/src/main/java/com/ruoyi/common/redis/service/RedisService.java
index 6c702eaa..4bf7f708 100644
--- a/ruoyi-common/ruoyi-common-redis/src/main/java/com/ruoyi/common/redis/service/RedisService.java
+++ b/ruoyi-common/ruoyi-common-redis/src/main/java/com/ruoyi/common/redis/service/RedisService.java
@@ -1,11 +1,13 @@
package com.ruoyi.common.redis.service;
import java.util.Collection;
+import java.util.Iterator;
import java.util.List;
import java.util.Map;
import java.util.Set;
import java.util.concurrent.TimeUnit;
import org.springframework.beans.factory.annotation.Autowired;
+import org.springframework.data.redis.core.BoundSetOperations;
import org.springframework.data.redis.core.HashOperations;
import org.springframework.data.redis.core.RedisTemplate;
import org.springframework.data.redis.core.ValueOperations;
@@ -42,7 +44,7 @@ public class RedisService
* @param timeout 时间
* @param timeUnit 时间颗粒度
*/
- public void setCacheObject(final String key, final T value, final Integer timeout, final TimeUnit timeUnit)
+ public void setCacheObject(final String key, final T value, final Long timeout, final TimeUnit timeUnit)
{
redisTemplate.opsForValue().set(key, value, timeout, timeUnit);
}
@@ -109,7 +111,7 @@ public class RedisService
* 缓存List数据
*
* @param key 缓存的键值
- * @param values 待缓存的List数据
+ * @param dataList 待缓存的List数据
* @return 缓存的对象
*/
public long setCacheList(final String key, final List dataList)
@@ -136,10 +138,15 @@ public class RedisService
* @param dataSet 缓存的数据
* @return 缓存数据的对象
*/
- public long setCacheSet(final String key, final Set dataSet)
+ public BoundSetOperations setCacheSet(final String key, final Set dataSet)
{
- Long count = redisTemplate.opsForSet().add(key, dataSet);
- return count == null ? 0 : count;
+ BoundSetOperations setOperation = redisTemplate.boundSetOps(key);
+ Iterator it = dataSet.iterator();
+ while (it.hasNext())
+ {
+ setOperation.add(it.next());
+ }
+ return setOperation;
}
/**
diff --git a/ruoyi-common/ruoyi-common-security/pom.xml b/ruoyi-common/ruoyi-common-security/pom.xml
index e12fd09f..3ee61b18 100644
--- a/ruoyi-common/ruoyi-common-security/pom.xml
+++ b/ruoyi-common/ruoyi-common-security/pom.xml
@@ -4,7 +4,7 @@
com.ruoyi
ruoyi-common
- 2.0.0
+ 2.5.0
4.0.0
@@ -16,16 +16,16 @@
-
+
- org.springframework.cloud
- spring-cloud-starter-oauth2
+ com.ruoyi
+ ruoyi-api-system
-
+
com.ruoyi
- ruoyi-api-system
+ ruoyi-common-redis
diff --git a/ruoyi-common/ruoyi-common-security/src/main/java/com/ruoyi/common/security/annotation/EnableCustomConfig.java b/ruoyi-common/ruoyi-common-security/src/main/java/com/ruoyi/common/security/annotation/EnableCustomConfig.java
index 15681a4f..fa2a8b29 100644
--- a/ruoyi-common/ruoyi-common-security/src/main/java/com/ruoyi/common/security/annotation/EnableCustomConfig.java
+++ b/ruoyi-common/ruoyi-common-security/src/main/java/com/ruoyi/common/security/annotation/EnableCustomConfig.java
@@ -1,13 +1,17 @@
package com.ruoyi.common.security.annotation;
-import java.lang.annotation.*;
+import java.lang.annotation.Documented;
+import java.lang.annotation.ElementType;
+import java.lang.annotation.Inherited;
+import java.lang.annotation.Retention;
+import java.lang.annotation.RetentionPolicy;
+import java.lang.annotation.Target;
import org.mybatis.spring.annotation.MapperScan;
import org.springframework.context.annotation.EnableAspectJAutoProxy;
import org.springframework.context.annotation.Import;
import org.springframework.scheduling.annotation.EnableAsync;
-import com.ruoyi.common.security.feign.OAuth2FeignConfig;
import com.ruoyi.common.security.config.ApplicationConfig;
-import com.ruoyi.common.security.config.SecurityImportBeanDefinitionRegistrar;
+import com.ruoyi.common.security.feign.FeignAutoConfiguration;
@Target(ElementType.TYPE)
@Retention(RetentionPolicy.RUNTIME)
@@ -20,7 +24,7 @@ import com.ruoyi.common.security.config.SecurityImportBeanDefinitionRegistrar;
// 开启线程异步执行
@EnableAsync
// 自动加载类
-@Import({ SecurityImportBeanDefinitionRegistrar.class, OAuth2FeignConfig.class, ApplicationConfig.class })
+@Import({ ApplicationConfig.class, FeignAutoConfiguration.class })
public @interface EnableCustomConfig
{
diff --git a/ruoyi-common/ruoyi-common-security/src/main/java/com/ruoyi/common/security/annotation/PreAuthorize.java b/ruoyi-common/ruoyi-common-security/src/main/java/com/ruoyi/common/security/annotation/PreAuthorize.java
new file mode 100644
index 00000000..c9f10b6d
--- /dev/null
+++ b/ruoyi-common/ruoyi-common-security/src/main/java/com/ruoyi/common/security/annotation/PreAuthorize.java
@@ -0,0 +1,46 @@
+package com.ruoyi.common.security.annotation;
+
+import java.lang.annotation.ElementType;
+import java.lang.annotation.Retention;
+import java.lang.annotation.RetentionPolicy;
+import java.lang.annotation.Target;
+
+/**
+ * 权限注解
+ *
+ * @author ruoyi
+ */
+@Target({ ElementType.TYPE, ElementType.METHOD })
+@Retention(RetentionPolicy.RUNTIME)
+public @interface PreAuthorize
+{
+ /**
+ * 验证用户是否具备某权限
+ */
+ public String hasPermi() default "";
+
+ /**
+ * 验证用户是否不具备某权限,与 hasPermi逻辑相反
+ */
+ public String lacksPermi() default "";
+
+ /**
+ * 验证用户是否具有以下任意一个权限
+ */
+ public String[] hasAnyPermi() default {};
+
+ /**
+ * 判断用户是否拥有某个角色
+ */
+ public String hasRole() default "";
+
+ /**
+ * 验证用户是否不具备某角色,与 isRole逻辑相反
+ */
+ public String lacksRole() default "";
+
+ /**
+ * 验证用户是否具有以下任意一个角色
+ */
+ public String[] hasAnyRoles() default {};
+}
\ No newline at end of file
diff --git a/ruoyi-common/ruoyi-common-security/src/main/java/com/ruoyi/common/security/aspect/PreAuthorizeAspect.java b/ruoyi-common/ruoyi-common-security/src/main/java/com/ruoyi/common/security/aspect/PreAuthorizeAspect.java
new file mode 100644
index 00000000..3a44d82b
--- /dev/null
+++ b/ruoyi-common/ruoyi-common-security/src/main/java/com/ruoyi/common/security/aspect/PreAuthorizeAspect.java
@@ -0,0 +1,225 @@
+package com.ruoyi.common.security.aspect;
+
+import java.lang.reflect.Method;
+import java.util.Collection;
+import org.aspectj.lang.ProceedingJoinPoint;
+import org.aspectj.lang.Signature;
+import org.aspectj.lang.annotation.Around;
+import org.aspectj.lang.annotation.Aspect;
+import org.aspectj.lang.reflect.MethodSignature;
+import org.springframework.beans.factory.annotation.Autowired;
+import org.springframework.stereotype.Component;
+import org.springframework.util.CollectionUtils;
+import org.springframework.util.PatternMatchUtils;
+import org.springframework.util.StringUtils;
+import com.ruoyi.common.core.exception.PreAuthorizeException;
+import com.ruoyi.common.security.annotation.PreAuthorize;
+import com.ruoyi.common.security.service.TokenService;
+import com.ruoyi.system.api.model.LoginUser;
+
+/**
+ * 自定义权限实现
+ *
+ * @author ruoyi
+ */
+@Aspect
+@Component
+public class PreAuthorizeAspect
+{
+ @Autowired
+ private TokenService tokenService;
+
+ /** 所有权限标识 */
+ private static final String ALL_PERMISSION = "*:*:*";
+
+ /** 管理员角色权限标识 */
+ private static final String SUPER_ADMIN = "admin";
+
+ /** 数组为0时 */
+ private static final Integer ARRAY_EMPTY = 0;
+
+ @Around("@annotation(com.ruoyi.common.security.annotation.PreAuthorize)")
+ public Object around(ProceedingJoinPoint point) throws Throwable
+ {
+ Signature signature = point.getSignature();
+ MethodSignature methodSignature = (MethodSignature) signature;
+ Method method = methodSignature.getMethod();
+ PreAuthorize annotation = method.getAnnotation(PreAuthorize.class);
+ if (annotation == null)
+ {
+ return point.proceed();
+ }
+
+ if (!StringUtils.isEmpty(annotation.hasPermi()))
+ {
+ if (hasPermi(annotation.hasPermi()))
+ {
+ return point.proceed();
+ }
+ throw new PreAuthorizeException();
+ }
+ else if (!StringUtils.isEmpty(annotation.lacksPermi()))
+ {
+ if (lacksPermi(annotation.lacksPermi()))
+ {
+ return point.proceed();
+ }
+ throw new PreAuthorizeException();
+ }
+ else if (ARRAY_EMPTY < annotation.hasAnyPermi().length)
+ {
+ if (hasAnyPermi(annotation.hasAnyPermi()))
+ {
+ return point.proceed();
+ }
+ throw new PreAuthorizeException();
+ }
+ else if (!StringUtils.isEmpty(annotation.hasRole()))
+ {
+ if (hasRole(annotation.hasRole()))
+ {
+ return point.proceed();
+ }
+ throw new PreAuthorizeException();
+ }
+ else if (!StringUtils.isEmpty(annotation.lacksRole()))
+ {
+ if (lacksRole(annotation.lacksRole()))
+ {
+ return point.proceed();
+ }
+ throw new PreAuthorizeException();
+ }
+ else if (ARRAY_EMPTY < annotation.hasAnyRoles().length)
+ {
+ if (hasAnyRoles(annotation.hasAnyRoles()))
+ {
+ return point.proceed();
+ }
+ throw new PreAuthorizeException();
+ }
+
+ return point.proceed();
+ }
+
+ /**
+ * 验证用户是否具备某权限
+ *
+ * @param permission 权限字符串
+ * @return 用户是否具备某权限
+ */
+ public boolean hasPermi(String permission)
+ {
+ LoginUser userInfo = tokenService.getLoginUser();
+ if (StringUtils.isEmpty(userInfo) || CollectionUtils.isEmpty(userInfo.getPermissions()))
+ {
+ return false;
+ }
+ return hasPermissions(userInfo.getPermissions(), permission);
+ }
+
+ /**
+ * 验证用户是否不具备某权限,与 hasPermi逻辑相反
+ *
+ * @param permission 权限字符串
+ * @return 用户是否不具备某权限
+ */
+ public boolean lacksPermi(String permission)
+ {
+ return hasPermi(permission) != true;
+ }
+
+ /**
+ * 验证用户是否具有以下任意一个权限
+ *
+ * @param permissions 权限列表
+ * @return 用户是否具有以下任意一个权限
+ */
+ public boolean hasAnyPermi(String[] permissions)
+ {
+ LoginUser userInfo = tokenService.getLoginUser();
+ if (StringUtils.isEmpty(userInfo) || CollectionUtils.isEmpty(userInfo.getPermissions()))
+ {
+ return false;
+ }
+ Collection authorities = userInfo.getPermissions();
+ for (String permission : permissions)
+ {
+ if (permission != null && hasPermissions(authorities, permission))
+ {
+ return true;
+ }
+ }
+ return false;
+ }
+
+ /**
+ * 判断用户是否拥有某个角色
+ *
+ * @param role 角色字符串
+ * @return 用户是否具备某角色
+ */
+ public boolean hasRole(String role)
+ {
+ LoginUser userInfo = tokenService.getLoginUser();
+ if (StringUtils.isEmpty(userInfo) || CollectionUtils.isEmpty(userInfo.getRoles()))
+ {
+ return false;
+ }
+ for (String roleKey : userInfo.getRoles())
+ {
+ if (SUPER_ADMIN.equals(roleKey) || roleKey.equals(role))
+ {
+ return true;
+ }
+ }
+ return false;
+ }
+
+ /**
+ * 验证用户是否不具备某角色,与 isRole逻辑相反。
+ *
+ * @param role 角色名称
+ * @return 用户是否不具备某角色
+ */
+ public boolean lacksRole(String role)
+ {
+ return hasRole(role) != true;
+ }
+
+ /**
+ * 验证用户是否具有以下任意一个角色
+ *
+ * @param roles 角色列表
+ * @return 用户是否具有以下任意一个角色
+ */
+ public boolean hasAnyRoles(String[] roles)
+ {
+ LoginUser userInfo = tokenService.getLoginUser();
+ if (StringUtils.isEmpty(userInfo) || CollectionUtils.isEmpty(userInfo.getRoles()))
+ {
+ return false;
+ }
+ for (String role : roles)
+ {
+ if (hasRole(role))
+ {
+ return true;
+ }
+ }
+ return false;
+ }
+
+ /**
+ * 判断是否包含权限
+ *
+ * @param authorities 权限列表
+ * @param permission 权限字符串
+ * @return 用户是否具备某权限
+ */
+ private boolean hasPermissions(Collection authorities, String permission)
+ {
+ return authorities.stream().filter(StringUtils::hasText)
+ .anyMatch(x -> ALL_PERMISSION.contains(x) || PatternMatchUtils.simpleMatch(permission, x));
+ }
+}
diff --git a/ruoyi-common/ruoyi-common-security/src/main/java/com/ruoyi/common/security/config/AuthIgnoreConfig.java b/ruoyi-common/ruoyi-common-security/src/main/java/com/ruoyi/common/security/config/AuthIgnoreConfig.java
deleted file mode 100644
index d2d5ae0b..00000000
--- a/ruoyi-common/ruoyi-common-security/src/main/java/com/ruoyi/common/security/config/AuthIgnoreConfig.java
+++ /dev/null
@@ -1,30 +0,0 @@
-package com.ruoyi.common.security.config;
-
-import java.util.ArrayList;
-import java.util.List;
-import org.springframework.beans.factory.annotation.Configurable;
-import org.springframework.boot.context.properties.ConfigurationProperties;
-import org.springframework.stereotype.Component;
-
-/**
- * 忽略服务间的认证
- *
- * @author ruoyi
- **/
-@Component
-@Configurable
-@ConfigurationProperties(prefix = "security.oauth2.ignore")
-public class AuthIgnoreConfig
-{
- private List urls = new ArrayList<>();
-
- public List getUrls()
- {
- return urls;
- }
-
- public void setUrls(List urls)
- {
- this.urls = urls;
- }
-}
diff --git a/ruoyi-common/ruoyi-common-security/src/main/java/com/ruoyi/common/security/config/CommonUserConverter.java b/ruoyi-common/ruoyi-common-security/src/main/java/com/ruoyi/common/security/config/CommonUserConverter.java
deleted file mode 100644
index 29f2afbe..00000000
--- a/ruoyi-common/ruoyi-common-security/src/main/java/com/ruoyi/common/security/config/CommonUserConverter.java
+++ /dev/null
@@ -1,75 +0,0 @@
-package com.ruoyi.common.security.config;
-
-import java.util.Collection;
-import java.util.LinkedHashMap;
-import java.util.Map;
-import org.springframework.security.authentication.UsernamePasswordAuthenticationToken;
-import org.springframework.security.core.Authentication;
-import org.springframework.security.core.GrantedAuthority;
-import org.springframework.security.core.authority.AuthorityUtils;
-import org.springframework.security.oauth2.provider.token.UserAuthenticationConverter;
-import org.springframework.util.StringUtils;
-import com.ruoyi.common.core.constant.SecurityConstants;
-import com.ruoyi.common.core.text.Convert;
-import com.ruoyi.common.security.domain.LoginUser;
-
-/**
- * https://my.oschina.net/giegie/blog/3023768 根据checktoken 的结果转化用户信息
- *
- * @author lengleng
- */
-public class CommonUserConverter implements UserAuthenticationConverter
-{
- private static final String N_A = "N/A";
-
- /**
- * 将授权信息返回到资源服务
- */
- @Override
- public Map convertUserAuthentication(Authentication userAuthentication)
- {
- Map authMap = new LinkedHashMap<>();
- authMap.put(USERNAME, userAuthentication.getName());
- if (userAuthentication.getAuthorities() != null && !userAuthentication.getAuthorities().isEmpty())
- {
- authMap.put(AUTHORITIES, AuthorityUtils.authorityListToSet(userAuthentication.getAuthorities()));
- }
- return authMap;
- }
-
- /**
- * 获取用户认证信息
- */
- @Override
- public Authentication extractAuthentication(Map map)
- {
- if (map.containsKey(USERNAME))
- {
- Collection authorities = getAuthorities(map);
-
- Long userId = Convert.toLong(map.get(SecurityConstants.DETAILS_USER_ID));
- String username = (String) map.get(SecurityConstants.DETAILS_USERNAME);
- LoginUser user = new LoginUser(userId, username, N_A, true, true, true, true, authorities);
- return new UsernamePasswordAuthenticationToken(user, N_A, authorities);
- }
- return null;
- }
-
- /**
- * 获取权限资源信息
- */
- private Collection getAuthorities(Map map)
- {
- Object authorities = map.get(AUTHORITIES);
- if (authorities instanceof String)
- {
- return AuthorityUtils.commaSeparatedStringToAuthorityList((String) authorities);
- }
- if (authorities instanceof Collection)
- {
- return AuthorityUtils.commaSeparatedStringToAuthorityList(
- StringUtils.collectionToCommaDelimitedString((Collection) authorities));
- }
- throw new IllegalArgumentException("Authorities must be either a String or a Collection");
- }
-}
diff --git a/ruoyi-common/ruoyi-common-security/src/main/java/com/ruoyi/common/security/config/MethodSecurityConfig.java b/ruoyi-common/ruoyi-common-security/src/main/java/com/ruoyi/common/security/config/MethodSecurityConfig.java
deleted file mode 100644
index 07fabf32..00000000
--- a/ruoyi-common/ruoyi-common-security/src/main/java/com/ruoyi/common/security/config/MethodSecurityConfig.java
+++ /dev/null
@@ -1,27 +0,0 @@
-package com.ruoyi.common.security.config;
-
-import org.springframework.context.annotation.Configuration;
-import org.springframework.security.config.annotation.method.configuration.EnableGlobalMethodSecurity;
-
-/**
- *
- * @EnableGlobalMethodSecurity(securedEnabled=true)
- * 开启@Secured 注解过滤权限
- *
- * @EnableGlobalMethodSecurity(jsr250Enabled=true)
- * 开启@RolesAllowed 注解过滤权限
- *
- * @EnableGlobalMethodSecurity(prePostEnabled=true)
- * 使用表达式时间方法级别的安全性 4个注解可用
- * -@PreAuthorize 在方法调用之前,基于表达式的计算结果来限制对方法的访问
- * -@PostAuthorize 允许方法调用,但是如果表达式计算结果为false,将抛出一个安全性异常
- * -@PostFilter 允许方法调用,但必须按照表达式来过滤方法的结果
- * -@PreFilter 允许方法调用,但必须在进入方法之前过滤输入值
- *
- */
-@Configuration
-@EnableGlobalMethodSecurity(prePostEnabled = true)
-public class MethodSecurityConfig
-{
-
-}
diff --git a/ruoyi-common/ruoyi-common-security/src/main/java/com/ruoyi/common/security/config/ResourceServerConfig.java b/ruoyi-common/ruoyi-common-security/src/main/java/com/ruoyi/common/security/config/ResourceServerConfig.java
deleted file mode 100644
index 6aa3ba89..00000000
--- a/ruoyi-common/ruoyi-common-security/src/main/java/com/ruoyi/common/security/config/ResourceServerConfig.java
+++ /dev/null
@@ -1,82 +0,0 @@
-package com.ruoyi.common.security.config;
-
-import org.springframework.beans.factory.annotation.Autowired;
-import org.springframework.boot.autoconfigure.security.oauth2.OAuth2ClientProperties;
-import org.springframework.boot.autoconfigure.security.oauth2.resource.ResourceServerProperties;
-import org.springframework.cloud.client.loadbalancer.LoadBalanced;
-import org.springframework.context.annotation.Bean;
-import org.springframework.context.annotation.Configuration;
-import org.springframework.security.config.annotation.web.builders.HttpSecurity;
-import org.springframework.security.config.annotation.web.configurers.ExpressionUrlAuthorizationConfigurer;
-import org.springframework.security.oauth2.config.annotation.web.configuration.EnableResourceServer;
-import org.springframework.security.oauth2.config.annotation.web.configuration.ResourceServerConfigurerAdapter;
-import org.springframework.security.oauth2.config.annotation.web.configurers.ResourceServerSecurityConfigurer;
-import org.springframework.security.oauth2.provider.token.DefaultAccessTokenConverter;
-import org.springframework.security.oauth2.provider.token.RemoteTokenServices;
-import org.springframework.security.oauth2.provider.token.ResourceServerTokenServices;
-import org.springframework.security.oauth2.provider.token.UserAuthenticationConverter;
-import org.springframework.web.client.DefaultResponseErrorHandler;
-import org.springframework.web.client.RestTemplate;
-
-/**
- * oauth2 服务配置
- *
- * @author ruoyi
- */
-@Configuration
-@EnableResourceServer
-public class ResourceServerConfig extends ResourceServerConfigurerAdapter
-{
- @Autowired
- private ResourceServerProperties resourceServerProperties;
-
- @Autowired
- private OAuth2ClientProperties oAuth2ClientProperties;
-
- @Bean
- public AuthIgnoreConfig authIgnoreConfig()
- {
- return new AuthIgnoreConfig();
- }
-
- @Bean
- @LoadBalanced
- public RestTemplate restTemplate()
- {
- RestTemplate restTemplate = new RestTemplate();
- restTemplate.setErrorHandler(new DefaultResponseErrorHandler());
- return restTemplate;
- }
-
- @Bean
- public ResourceServerTokenServices tokenServices()
- {
- RemoteTokenServices remoteTokenServices = new RemoteTokenServices();
- DefaultAccessTokenConverter accessTokenConverter = new DefaultAccessTokenConverter();
- UserAuthenticationConverter userTokenConverter = new CommonUserConverter();
- accessTokenConverter.setUserTokenConverter(userTokenConverter);
- remoteTokenServices.setCheckTokenEndpointUrl(resourceServerProperties.getTokenInfoUri());
- remoteTokenServices.setClientId(oAuth2ClientProperties.getClientId());
- remoteTokenServices.setClientSecret(oAuth2ClientProperties.getClientSecret());
- remoteTokenServices.setRestTemplate(restTemplate());
- remoteTokenServices.setAccessTokenConverter(accessTokenConverter);
- return remoteTokenServices;
- }
-
- @Override
- public void configure(HttpSecurity http) throws Exception
- {
- http.csrf().disable();
- ExpressionUrlAuthorizationConfigurer.ExpressionInterceptUrlRegistry registry = http
- .authorizeRequests();
- // 不登录可以访问
- authIgnoreConfig().getUrls().forEach(url -> registry.antMatchers(url).permitAll());
- registry.anyRequest().authenticated();
- }
-
- @Override
- public void configure(ResourceServerSecurityConfigurer resources)
- {
- resources.tokenServices(tokenServices());
- }
-}
diff --git a/ruoyi-common/ruoyi-common-security/src/main/java/com/ruoyi/common/security/config/SecurityImportBeanDefinitionRegistrar.java b/ruoyi-common/ruoyi-common-security/src/main/java/com/ruoyi/common/security/config/SecurityImportBeanDefinitionRegistrar.java
deleted file mode 100644
index 386bce00..00000000
--- a/ruoyi-common/ruoyi-common-security/src/main/java/com/ruoyi/common/security/config/SecurityImportBeanDefinitionRegistrar.java
+++ /dev/null
@@ -1,24 +0,0 @@
-package com.ruoyi.common.security.config;
-
-import org.springframework.beans.factory.support.BeanDefinitionBuilder;
-import org.springframework.beans.factory.support.BeanDefinitionRegistry;
-import org.springframework.context.annotation.ImportBeanDefinitionRegistrar;
-import org.springframework.core.type.AnnotationMetadata;
-import com.ruoyi.common.core.utils.StringUtils;
-
-/**
- * 导入 SecurityImportBeanDefinitionRegistrar 自动加载类
- *
- * @author ruoyi
- */
-public class SecurityImportBeanDefinitionRegistrar implements ImportBeanDefinitionRegistrar
-{
- @Override
- public void registerBeanDefinitions(AnnotationMetadata metadata, BeanDefinitionRegistry registry)
- {
- Class aClass = ResourceServerConfig.class;
- String beanName = StringUtils.uncapitalize(aClass.getSimpleName());
- BeanDefinitionBuilder beanDefinitionBuilder = BeanDefinitionBuilder.genericBeanDefinition(ResourceServerConfig.class);
- registry.registerBeanDefinition(beanName, beanDefinitionBuilder.getBeanDefinition());
- }
-}
diff --git a/ruoyi-common/ruoyi-common-security/src/main/java/com/ruoyi/common/security/domain/LoginUser.java b/ruoyi-common/ruoyi-common-security/src/main/java/com/ruoyi/common/security/domain/LoginUser.java
deleted file mode 100644
index 1056fece..00000000
--- a/ruoyi-common/ruoyi-common-security/src/main/java/com/ruoyi/common/security/domain/LoginUser.java
+++ /dev/null
@@ -1,37 +0,0 @@
-package com.ruoyi.common.security.domain;
-
-import java.util.Collection;
-import org.springframework.security.core.GrantedAuthority;
-import org.springframework.security.core.userdetails.User;
-
-/**
- * 登录用户身份权限
- *
- * @author ruoyi
- */
-public class LoginUser extends User
-{
- private static final long serialVersionUID = 1L;
-
- /**
- * 用户ID
- */
- private Long userId;
-
- public LoginUser(Long userId, String username, String password, boolean enabled, boolean accountNonExpired,
- boolean credentialsNonExpired, boolean accountNonLocked, Collection authorities)
- {
- super(username, password, enabled, accountNonExpired, credentialsNonExpired, accountNonLocked, authorities);
- this.userId = userId;
- }
-
- public Long getUserId()
- {
- return userId;
- }
-
- public void setUserId(Long userId)
- {
- this.userId = userId;
- }
-}
diff --git a/ruoyi-common/ruoyi-common-security/src/main/java/com/ruoyi/common/security/feign/OAuth2FeignConfig.java b/ruoyi-common/ruoyi-common-security/src/main/java/com/ruoyi/common/security/feign/FeignAutoConfiguration.java
similarity index 71%
rename from ruoyi-common/ruoyi-common-security/src/main/java/com/ruoyi/common/security/feign/OAuth2FeignConfig.java
rename to ruoyi-common/ruoyi-common-security/src/main/java/com/ruoyi/common/security/feign/FeignAutoConfiguration.java
index e5c598b2..934a9598 100644
--- a/ruoyi-common/ruoyi-common-security/src/main/java/com/ruoyi/common/security/feign/OAuth2FeignConfig.java
+++ b/ruoyi-common/ruoyi-common-security/src/main/java/com/ruoyi/common/security/feign/FeignAutoConfiguration.java
@@ -5,16 +5,16 @@ import org.springframework.context.annotation.Configuration;
import feign.RequestInterceptor;
/**
- * Feign配置注册
+ * Feign 配置注册
*
* @author ruoyi
**/
@Configuration
-public class OAuth2FeignConfig
+public class FeignAutoConfiguration
{
@Bean
public RequestInterceptor requestInterceptor()
{
- return new OAuth2FeignRequestInterceptor();
+ return new FeignRequestInterceptor();
}
}
diff --git a/ruoyi-common/ruoyi-common-security/src/main/java/com/ruoyi/common/security/feign/FeignRequestInterceptor.java b/ruoyi-common/ruoyi-common-security/src/main/java/com/ruoyi/common/security/feign/FeignRequestInterceptor.java
new file mode 100644
index 00000000..2642dd12
--- /dev/null
+++ b/ruoyi-common/ruoyi-common-security/src/main/java/com/ruoyi/common/security/feign/FeignRequestInterceptor.java
@@ -0,0 +1,45 @@
+package com.ruoyi.common.security.feign;
+
+import java.util.Map;
+import javax.servlet.http.HttpServletRequest;
+import org.springframework.stereotype.Component;
+import com.ruoyi.common.core.constant.CacheConstants;
+import com.ruoyi.common.core.utils.ServletUtils;
+import com.ruoyi.common.core.utils.StringUtils;
+import feign.RequestInterceptor;
+import feign.RequestTemplate;
+
+/**
+ * feign 请求拦截器
+ *
+ * @author ruoyi
+ */
+@Component
+public class FeignRequestInterceptor implements RequestInterceptor
+{
+ @Override
+ public void apply(RequestTemplate requestTemplate)
+ {
+ HttpServletRequest httpServletRequest = ServletUtils.getRequest();
+ if (StringUtils.isNotNull(httpServletRequest))
+ {
+ Map headers = ServletUtils.getHeaders(httpServletRequest);
+ // 传递用户信息请求头,防止丢失
+ String userId = headers.get(CacheConstants.DETAILS_USER_ID);
+ if (StringUtils.isNotEmpty(userId))
+ {
+ requestTemplate.header(CacheConstants.DETAILS_USER_ID, userId);
+ }
+ String userName = headers.get(CacheConstants.DETAILS_USERNAME);
+ if (StringUtils.isNotEmpty(userName))
+ {
+ requestTemplate.header(CacheConstants.DETAILS_USERNAME, userName);
+ }
+ String authentication = headers.get(CacheConstants.AUTHORIZATION_HEADER);
+ if (StringUtils.isNotEmpty(authentication))
+ {
+ requestTemplate.header(CacheConstants.AUTHORIZATION_HEADER, authentication);
+ }
+ }
+ }
+}
\ No newline at end of file
diff --git a/ruoyi-common/ruoyi-common-security/src/main/java/com/ruoyi/common/security/feign/OAuth2FeignRequestInterceptor.java b/ruoyi-common/ruoyi-common-security/src/main/java/com/ruoyi/common/security/feign/OAuth2FeignRequestInterceptor.java
deleted file mode 100644
index baf60835..00000000
--- a/ruoyi-common/ruoyi-common-security/src/main/java/com/ruoyi/common/security/feign/OAuth2FeignRequestInterceptor.java
+++ /dev/null
@@ -1,33 +0,0 @@
-package com.ruoyi.common.security.feign;
-
-import org.springframework.http.HttpHeaders;
-import org.springframework.security.core.Authentication;
-import org.springframework.security.core.context.SecurityContext;
-import org.springframework.security.core.context.SecurityContextHolder;
-import org.springframework.security.oauth2.provider.authentication.OAuth2AuthenticationDetails;
-import org.springframework.stereotype.Component;
-import com.ruoyi.common.core.constant.SecurityConstants;
-import feign.RequestInterceptor;
-import feign.RequestTemplate;
-
-/**
- * feign 请求拦截器
- *
- * @author ruoyi
- */
-@Component
-public class OAuth2FeignRequestInterceptor implements RequestInterceptor
-{
- @Override
- public void apply(RequestTemplate requestTemplate)
- {
- SecurityContext securityContext = SecurityContextHolder.getContext();
- Authentication authentication = securityContext.getAuthentication();
- if (authentication != null && authentication.getDetails() instanceof OAuth2AuthenticationDetails)
- {
- OAuth2AuthenticationDetails dateils = (OAuth2AuthenticationDetails) authentication.getDetails();
- requestTemplate.header(HttpHeaders.AUTHORIZATION,
- String.format("%s %s", SecurityConstants.BEARER_TOKEN_TYPE, dateils.getTokenValue()));
- }
- }
-}
\ No newline at end of file
diff --git a/ruoyi-common/ruoyi-common-security/src/main/java/com/ruoyi/common/security/handler/CustomAccessDeniedHandler.java b/ruoyi-common/ruoyi-common-security/src/main/java/com/ruoyi/common/security/handler/CustomAccessDeniedHandler.java
deleted file mode 100644
index 0ba69aeb..00000000
--- a/ruoyi-common/ruoyi-common-security/src/main/java/com/ruoyi/common/security/handler/CustomAccessDeniedHandler.java
+++ /dev/null
@@ -1,33 +0,0 @@
-package com.ruoyi.common.security.handler;
-
-import javax.servlet.http.HttpServletRequest;
-import javax.servlet.http.HttpServletResponse;
-import org.slf4j.Logger;
-import org.slf4j.LoggerFactory;
-import org.springframework.security.access.AccessDeniedException;
-import org.springframework.security.oauth2.provider.error.OAuth2AccessDeniedHandler;
-import org.springframework.stereotype.Component;
-import com.alibaba.fastjson.JSON;
-import com.ruoyi.common.core.constant.HttpStatus;
-import com.ruoyi.common.core.domain.R;
-import com.ruoyi.common.core.utils.ServletUtils;
-
-/**
- * 自定义访问无权限资源时的异常
- *
- * @author ruoyi
- */
-@Component
-public class CustomAccessDeniedHandler extends OAuth2AccessDeniedHandler
-{
- private final Logger logger = LoggerFactory.getLogger(CustomAccessDeniedHandler.class);
-
- @Override
- public void handle(HttpServletRequest request, HttpServletResponse response, AccessDeniedException authException)
- {
- logger.info("权限不足,请联系管理员 {}", request.getRequestURI());
-
- String msg = authException.getMessage();
- ServletUtils.renderString(response, JSON.toJSONString(R.fail(HttpStatus.FORBIDDEN, msg)));
- }
-}
diff --git a/ruoyi-common/ruoyi-common-security/src/main/java/com/ruoyi/common/security/handler/GlobalExceptionHandler.java b/ruoyi-common/ruoyi-common-security/src/main/java/com/ruoyi/common/security/handler/GlobalExceptionHandler.java
index ac1ae39d..1a3070c9 100644
--- a/ruoyi-common/ruoyi-common-security/src/main/java/com/ruoyi/common/security/handler/GlobalExceptionHandler.java
+++ b/ruoyi-common/ruoyi-common-security/src/main/java/com/ruoyi/common/security/handler/GlobalExceptionHandler.java
@@ -2,18 +2,14 @@ package com.ruoyi.common.security.handler;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
-import org.springframework.security.access.AccessDeniedException;
-import org.springframework.security.authentication.AccountExpiredException;
-import org.springframework.security.core.userdetails.UsernameNotFoundException;
import org.springframework.validation.BindException;
import org.springframework.web.bind.MethodArgumentNotValidException;
import org.springframework.web.bind.annotation.ExceptionHandler;
import org.springframework.web.bind.annotation.RestControllerAdvice;
-import org.springframework.web.servlet.NoHandlerFoundException;
-import com.ruoyi.common.core.constant.HttpStatus;
import com.ruoyi.common.core.exception.BaseException;
import com.ruoyi.common.core.exception.CustomException;
import com.ruoyi.common.core.exception.DemoModeException;
+import com.ruoyi.common.core.exception.PreAuthorizeException;
import com.ruoyi.common.core.utils.StringUtils;
import com.ruoyi.common.core.web.domain.AjaxResult;
@@ -33,7 +29,7 @@ public class GlobalExceptionHandler
@ExceptionHandler(BaseException.class)
public AjaxResult baseException(BaseException e)
{
- return AjaxResult.error(e.getMessage());
+ return AjaxResult.error(e.getDefaultMessage());
}
/**
@@ -49,34 +45,6 @@ public class GlobalExceptionHandler
return AjaxResult.error(e.getCode(), e.getMessage());
}
- @ExceptionHandler(NoHandlerFoundException.class)
- public AjaxResult handlerNoFoundException(Exception e)
- {
- log.error(e.getMessage(), e);
- return AjaxResult.error(HttpStatus.NOT_FOUND, "路径不存在,请检查路径是否正确");
- }
-
- @ExceptionHandler(AccessDeniedException.class)
- public AjaxResult handleAuthorizationException(AccessDeniedException e)
- {
- log.error(e.getMessage());
- return AjaxResult.error(HttpStatus.FORBIDDEN, "没有权限,请联系管理员授权");
- }
-
- @ExceptionHandler(AccountExpiredException.class)
- public AjaxResult handleAccountExpiredException(AccountExpiredException e)
- {
- log.error(e.getMessage(), e);
- return AjaxResult.error(e.getMessage());
- }
-
- @ExceptionHandler(UsernameNotFoundException.class)
- public AjaxResult handleUsernameNotFoundException(UsernameNotFoundException e)
- {
- log.error(e.getMessage(), e);
- return AjaxResult.error(e.getMessage());
- }
-
@ExceptionHandler(Exception.class)
public AjaxResult handleException(Exception e)
{
@@ -105,7 +73,16 @@ public class GlobalExceptionHandler
String message = e.getBindingResult().getFieldError().getDefaultMessage();
return AjaxResult.error(message);
}
-
+
+ /**
+ * 权限异常
+ */
+ @ExceptionHandler(PreAuthorizeException.class)
+ public AjaxResult preAuthorizeException(PreAuthorizeException e)
+ {
+ return AjaxResult.error("没有权限,请联系管理员授权");
+ }
+
/**
* 演示模式异常
*/
diff --git a/ruoyi-common/ruoyi-common-security/src/main/java/com/ruoyi/common/security/service/PermissionService.java b/ruoyi-common/ruoyi-common-security/src/main/java/com/ruoyi/common/security/service/PermissionService.java
deleted file mode 100644
index cbfc9bb7..00000000
--- a/ruoyi-common/ruoyi-common-security/src/main/java/com/ruoyi/common/security/service/PermissionService.java
+++ /dev/null
@@ -1,167 +0,0 @@
-package com.ruoyi.common.security.service;
-
-import java.util.Collection;
-import org.springframework.security.core.GrantedAuthority;
-import org.springframework.stereotype.Service;
-import org.springframework.util.CollectionUtils;
-import org.springframework.util.PatternMatchUtils;
-import org.springframework.util.StringUtils;
-import com.ruoyi.common.security.domain.LoginUser;
-import com.ruoyi.common.security.utils.SecurityUtils;
-
-/**
- * 自定义权限实现
- *
- * @author ruoyi
- */
-@Service("ss")
-public class PermissionService
-{
- /** 所有权限标识 */
- private static final String ALL_PERMISSION = "*:*:*";
-
- /** 管理员角色权限标识 */
- private static final String SUPER_ADMIN = "admin";
-
- private static final String ROLE_DELIMETER = ",";
-
- private static final String PERMISSION_DELIMETER = ",";
-
- /**
- * 验证用户是否具备某权限
- *
- * @param permission 权限字符串
- * @return 用户是否具备某权限
- */
- public boolean hasPermi(String permission)
- {
- if (StringUtils.isEmpty(permission))
- {
- return false;
- }
- LoginUser loginUser = SecurityUtils.getLoginUser();
- if (StringUtils.isEmpty(loginUser) || CollectionUtils.isEmpty(loginUser.getAuthorities()))
- {
- return false;
- }
- return hasPermissions(loginUser.getAuthorities(), permission);
- }
-
- /**
- * 验证用户是否不具备某权限,与 hasPermi逻辑相反
- *
- * @param permission 权限字符串
- * @return 用户是否不具备某权限
- */
- public boolean lacksPermi(String permission)
- {
- return hasPermi(permission) != true;
- }
-
- /**
- * 验证用户是否具有以下任意一个权限
- *
- * @param permissions 以 PERMISSION_NAMES_DELIMETER 为分隔符的权限列表
- * @return 用户是否具有以下任意一个权限
- */
- public boolean hasAnyPermi(String permissions)
- {
- if (StringUtils.isEmpty(permissions))
- {
- return false;
- }
- LoginUser loginUser = SecurityUtils.getLoginUser();
- if (StringUtils.isEmpty(loginUser) || CollectionUtils.isEmpty(loginUser.getAuthorities()))
- {
- return false;
- }
- Collection authorities = loginUser.getAuthorities();
- for (String permission : permissions.split(PERMISSION_DELIMETER))
- {
- if (permission != null && hasPermissions(authorities, permission))
- {
- return true;
- }
- }
- return false;
- }
-
- /**
- * 判断用户是否拥有某个角色
- *
- * @param role 角色字符串
- * @return 用户是否具备某角色
- */
- public boolean hasRole(String role)
- {
- if (StringUtils.isEmpty(role))
- {
- return false;
- }
- LoginUser loginUser = SecurityUtils.getLoginUser();
- if (StringUtils.isEmpty(loginUser) || CollectionUtils.isEmpty(loginUser.getAuthorities()))
- {
- return false;
- }
- for (GrantedAuthority authorities : loginUser.getAuthorities())
- {
- String roleKey = authorities.getAuthority();
- if (SUPER_ADMIN.contains(roleKey) || roleKey.contains(role))
- {
- return true;
- }
- }
- return false;
- }
-
- /**
- * 验证用户是否不具备某角色,与 isRole逻辑相反。
- *
- * @param role 角色名称
- * @return 用户是否不具备某角色
- */
- public boolean lacksRole(String role)
- {
- return hasRole(role) != true;
- }
-
- /**
- * 验证用户是否具有以下任意一个角色
- *
- * @param roles 以 ROLE_NAMES_DELIMETER 为分隔符的角色列表
- * @return 用户是否具有以下任意一个角色
- */
- public boolean hasAnyRoles(String roles)
- {
- if (StringUtils.isEmpty(roles))
- {
- return false;
- }
- LoginUser loginUser = SecurityUtils.getLoginUser();
- if (StringUtils.isEmpty(loginUser) || CollectionUtils.isEmpty(loginUser.getAuthorities()))
- {
- return false;
- }
- for (String role : roles.split(ROLE_DELIMETER))
- {
- if (hasRole(role))
- {
- return true;
- }
- }
- return false;
- }
-
- /**
- * 判断是否包含权限
- *
- * @param authorities 权限列表
- * @param permission 权限字符串
- * @return 用户是否具备某权限
- */
- private boolean hasPermissions(Collection authorities, String permission)
- {
- return authorities.stream().map(GrantedAuthority::getAuthority).filter(StringUtils::hasText)
- .anyMatch(x -> ALL_PERMISSION.contains(x) || PatternMatchUtils.simpleMatch(permission, x));
- }
-}
diff --git a/ruoyi-common/ruoyi-common-security/src/main/java/com/ruoyi/common/security/service/RedisClientDetailsService.java b/ruoyi-common/ruoyi-common-security/src/main/java/com/ruoyi/common/security/service/RedisClientDetailsService.java
deleted file mode 100644
index 5f0700f0..00000000
--- a/ruoyi-common/ruoyi-common-security/src/main/java/com/ruoyi/common/security/service/RedisClientDetailsService.java
+++ /dev/null
@@ -1,30 +0,0 @@
-package com.ruoyi.common.security.service;
-
-import javax.sql.DataSource;
-import org.springframework.cache.annotation.Cacheable;
-import org.springframework.security.oauth2.provider.ClientDetails;
-import org.springframework.security.oauth2.provider.client.JdbcClientDetailsService;
-import com.ruoyi.common.core.constant.CacheConstants;
-import com.ruoyi.common.core.constant.SecurityConstants;
-
-/**
- * 重写原生方法支持redis缓存
- *
- * @author ruoyi
- */
-public class RedisClientDetailsService extends JdbcClientDetailsService
-{
- public RedisClientDetailsService(DataSource dataSource)
- {
- super(dataSource);
- super.setSelectClientDetailsSql(SecurityConstants.DEFAULT_SELECT_STATEMENT);
- super.setFindClientDetailsSql(SecurityConstants.DEFAULT_FIND_STATEMENT);
- }
-
- @Override
- @Cacheable(value = CacheConstants.CLIENT_DETAILS_KEY, key = "#clientId", unless = "#result == null")
- public ClientDetails loadClientByClientId(String clientId)
- {
- return super.loadClientByClientId(clientId);
- }
-}
diff --git a/ruoyi-common/ruoyi-common-security/src/main/java/com/ruoyi/common/security/service/TokenService.java b/ruoyi-common/ruoyi-common-security/src/main/java/com/ruoyi/common/security/service/TokenService.java
new file mode 100644
index 00000000..a4e84283
--- /dev/null
+++ b/ruoyi-common/ruoyi-common-security/src/main/java/com/ruoyi/common/security/service/TokenService.java
@@ -0,0 +1,123 @@
+package com.ruoyi.common.security.service;
+
+import java.util.HashMap;
+import java.util.Map;
+import java.util.concurrent.TimeUnit;
+import javax.servlet.http.HttpServletRequest;
+import org.springframework.beans.factory.annotation.Autowired;
+import org.springframework.stereotype.Component;
+import com.ruoyi.common.core.constant.CacheConstants;
+import com.ruoyi.common.core.constant.Constants;
+import com.ruoyi.common.core.utils.IdUtils;
+import com.ruoyi.common.core.utils.SecurityUtils;
+import com.ruoyi.common.core.utils.ServletUtils;
+import com.ruoyi.common.core.utils.StringUtils;
+import com.ruoyi.common.core.utils.ip.IpUtils;
+import com.ruoyi.common.redis.service.RedisService;
+import com.ruoyi.system.api.model.LoginUser;
+
+/**
+ * token验证处理
+ *
+ * @author ruoyi
+ */
+@Component
+public class TokenService
+{
+ @Autowired
+ private RedisService redisService;
+
+ private final static long EXPIRE_TIME = Constants.TOKEN_EXPIRE * 60;
+
+ private final static String ACCESS_TOKEN = CacheConstants.LOGIN_TOKEN_KEY;
+
+ protected static final long MILLIS_SECOND = 1000;
+
+ /**
+ * 创建令牌
+ */
+ public Map createToken(LoginUser loginUser)
+ {
+ // 生成token
+ String token = IdUtils.fastUUID();
+ loginUser.setToken(token);
+ loginUser.setUserid(loginUser.getSysUser().getUserId());
+ loginUser.setUsername(loginUser.getSysUser().getUserName());
+ loginUser.setIpaddr(IpUtils.getIpAddr(ServletUtils.getRequest()));
+ refreshToken(loginUser);
+
+ // 保存或更新用户token
+ Map map = new HashMap();
+ map.put("access_token", token);
+ map.put("expires_in", EXPIRE_TIME);
+ redisService.setCacheObject(ACCESS_TOKEN + token, loginUser, EXPIRE_TIME, TimeUnit.SECONDS);
+ return map;
+ }
+
+ /**
+ * 获取用户身份信息
+ *
+ * @return 用户信息
+ */
+ public LoginUser getLoginUser()
+ {
+ return getLoginUser(ServletUtils.getRequest());
+ }
+
+ /**
+ * 获取用户身份信息
+ *
+ * @return 用户信息
+ */
+ public LoginUser getLoginUser(HttpServletRequest request)
+ {
+ // 获取请求携带的令牌
+ String token = SecurityUtils.getToken(request);
+ if (StringUtils.isNotEmpty(token))
+ {
+ String userKey = getTokenKey(token);
+ LoginUser user = redisService.getCacheObject(userKey);
+ return user;
+ }
+ return null;
+ }
+
+ /**
+ * 设置用户身份信息
+ */
+ public void setLoginUser(LoginUser loginUser)
+ {
+ if (StringUtils.isNotNull(loginUser) && StringUtils.isNotEmpty(loginUser.getToken()))
+ {
+ refreshToken(loginUser);
+ }
+ }
+
+ public void delLoginUser(String token)
+ {
+ if (StringUtils.isNotEmpty(token))
+ {
+ String userKey = getTokenKey(token);
+ redisService.deleteObject(userKey);
+ }
+ }
+
+ /**
+ * 刷新令牌有效期
+ *
+ * @param loginUser 登录信息
+ */
+ public void refreshToken(LoginUser loginUser)
+ {
+ loginUser.setLoginTime(System.currentTimeMillis());
+ loginUser.setExpireTime(loginUser.getLoginTime() + EXPIRE_TIME * MILLIS_SECOND);
+ // 根据uuid将loginUser缓存
+ String userKey = getTokenKey(loginUser.getToken());
+ redisService.setCacheObject(userKey, loginUser, EXPIRE_TIME, TimeUnit.SECONDS);
+ }
+
+ private String getTokenKey(String token)
+ {
+ return ACCESS_TOKEN + token;
+ }
+}
\ No newline at end of file
diff --git a/ruoyi-common/ruoyi-common-security/src/main/java/com/ruoyi/common/security/service/UserDetailsServiceImpl.java b/ruoyi-common/ruoyi-common-security/src/main/java/com/ruoyi/common/security/service/UserDetailsServiceImpl.java
deleted file mode 100644
index 28abc4be..00000000
--- a/ruoyi-common/ruoyi-common-security/src/main/java/com/ruoyi/common/security/service/UserDetailsServiceImpl.java
+++ /dev/null
@@ -1,83 +0,0 @@
-package com.ruoyi.common.security.service;
-
-import java.util.Collection;
-import java.util.HashSet;
-import java.util.Set;
-import org.slf4j.Logger;
-import org.slf4j.LoggerFactory;
-import org.springframework.beans.factory.annotation.Autowired;
-import org.springframework.security.core.GrantedAuthority;
-import org.springframework.security.core.authority.AuthorityUtils;
-import org.springframework.security.core.userdetails.UserDetails;
-import org.springframework.security.core.userdetails.UserDetailsService;
-import org.springframework.security.core.userdetails.UsernameNotFoundException;
-import org.springframework.stereotype.Service;
-import com.ruoyi.common.core.domain.R;
-import com.ruoyi.common.core.enums.UserStatus;
-import com.ruoyi.common.core.exception.BaseException;
-import com.ruoyi.common.core.utils.StringUtils;
-import com.ruoyi.common.security.domain.LoginUser;
-import com.ruoyi.system.api.RemoteUserService;
-import com.ruoyi.system.api.domain.SysUser;
-import com.ruoyi.system.api.model.UserInfo;
-
-/**
- * 用户信息处理
- *
- * @author ruoyi
- */
-@Service
-public class UserDetailsServiceImpl implements UserDetailsService
-{
- private static final Logger log = LoggerFactory.getLogger(UserDetailsServiceImpl.class);
-
- @Autowired
- private RemoteUserService remoteUserService;
-
- @Override
- public UserDetails loadUserByUsername(String username)
- {
- R userResult = remoteUserService.getUserInfo(username);
- checkUser(userResult, username);
- return getUserDetails(userResult);
- }
-
- public void checkUser(R userResult, String username)
- {
- if (StringUtils.isNull(userResult) || StringUtils.isNull(userResult.getData()))
- {
- log.info("登录用户:{} 不存在.", username);
- throw new UsernameNotFoundException("登录用户:" + username + " 不存在");
- }
- else if (UserStatus.DELETED.getCode().equals(userResult.getData().getSysUser().getDelFlag()))
- {
- log.info("登录用户:{} 已被删除.", username);
- throw new BaseException("对不起,您的账号:" + username + " 已被删除");
- }
- else if (UserStatus.DISABLE.getCode().equals(userResult.getData().getSysUser().getStatus()))
- {
- log.info("登录用户:{} 已被停用.", username);
- throw new BaseException("对不起,您的账号:" + username + " 已停用");
- }
- }
-
- private UserDetails getUserDetails(R result)
- {
- UserInfo info = result.getData();
- Set dbAuthsSet = new HashSet();
- if (StringUtils.isNotEmpty(info.getRoles()))
- {
- // 获取角色
- dbAuthsSet.addAll(info.getRoles());
- // 获取权限
- dbAuthsSet.addAll(info.getPermissions());
- }
-
- Collection authorities = AuthorityUtils
- .createAuthorityList(dbAuthsSet.toArray(new String[0]));
- SysUser user = info.getSysUser();
-
- return new LoginUser(user.getUserId(), user.getUserName(), user.getPassword(), true, true, true, true,
- authorities);
- }
-}
diff --git a/ruoyi-common/ruoyi-common-security/src/main/resources/META-INF/spring.factories b/ruoyi-common/ruoyi-common-security/src/main/resources/META-INF/spring.factories
index e569c125..1f6338d7 100644
--- a/ruoyi-common/ruoyi-common-security/src/main/resources/META-INF/spring.factories
+++ b/ruoyi-common/ruoyi-common-security/src/main/resources/META-INF/spring.factories
@@ -1,8 +1,4 @@
org.springframework.boot.autoconfigure.EnableAutoConfiguration=\
- com.ruoyi.common.security.service.UserDetailsServiceImpl,\
- com.ruoyi.common.security.service.PermissionService,\
- com.ruoyi.common.security.config.MethodSecurityConfig,\
- com.ruoyi.common.security.handler.CustomAccessDeniedHandler,\
+ com.ruoyi.common.security.service.TokenService,\
+ com.ruoyi.common.security.aspect.PreAuthorizeAspect,\
com.ruoyi.common.security.handler.GlobalExceptionHandler
-
-
diff --git a/ruoyi-common/ruoyi-common-swagger/pom.xml b/ruoyi-common/ruoyi-common-swagger/pom.xml
index 9de85993..e58f4413 100644
--- a/ruoyi-common/ruoyi-common-swagger/pom.xml
+++ b/ruoyi-common/ruoyi-common-swagger/pom.xml
@@ -5,7 +5,7 @@
com.ruoyi
ruoyi-common
- 2.0.0
+ 2.5.0
4.0.0
diff --git a/ruoyi-common/ruoyi-common-swagger/src/main/java/com/ruoyi/common/swagger/config/SwaggerAutoConfiguration.java b/ruoyi-common/ruoyi-common-swagger/src/main/java/com/ruoyi/common/swagger/config/SwaggerAutoConfiguration.java
index 204c2c86..1a9597dc 100644
--- a/ruoyi-common/ruoyi-common-swagger/src/main/java/com/ruoyi/common/swagger/config/SwaggerAutoConfiguration.java
+++ b/ruoyi-common/ruoyi-common-swagger/src/main/java/com/ruoyi/common/swagger/config/SwaggerAutoConfiguration.java
@@ -2,7 +2,6 @@ package com.ruoyi.common.swagger.config;
import java.util.ArrayList;
import java.util.Arrays;
-import java.util.Collections;
import java.util.List;
import org.springframework.boot.autoconfigure.EnableAutoConfiguration;
import org.springframework.boot.autoconfigure.condition.ConditionalOnMissingBean;
@@ -15,11 +14,9 @@ import springfox.documentation.builders.ApiInfoBuilder;
import springfox.documentation.builders.PathSelectors;
import springfox.documentation.builders.RequestHandlerSelectors;
import springfox.documentation.service.ApiInfo;
+import springfox.documentation.service.ApiKey;
import springfox.documentation.service.AuthorizationScope;
import springfox.documentation.service.Contact;
-import springfox.documentation.service.GrantType;
-import springfox.documentation.service.OAuth;
-import springfox.documentation.service.ResourceOwnerPasswordCredentialsGrant;
import springfox.documentation.service.SecurityReference;
import springfox.documentation.spi.DocumentationType;
import springfox.documentation.spi.service.contexts.SecurityContext;
@@ -66,54 +63,55 @@ public class SwaggerAutoConfiguration
List> excludePath = new ArrayList<>();
swaggerProperties.getExcludePath().forEach(path -> excludePath.add(PathSelectors.ant(path)));
- //noinspection Guava
+ //noinspection Guava
return new Docket(DocumentationType.SWAGGER_2)
.host(swaggerProperties.getHost())
.apiInfo(apiInfo(swaggerProperties)).select()
.apis(RequestHandlerSelectors.basePackage(swaggerProperties.getBasePackage()))
.paths(Predicates.and(Predicates.not(Predicates.or(excludePath)), Predicates.or(basePath)))
.build()
- .securitySchemes(Collections.singletonList(securitySchema()))
- .securityContexts(Collections.singletonList(securityContext()))
+ .securitySchemes(securitySchemes())
+ .securityContexts(securityContexts())
.pathMapping("/");
}
- /**
- * 配置默认的全局鉴权策略的开关,通过正则表达式进行匹配;默认匹配所有URL
- *
- * @return
- */
- private SecurityContext securityContext()
+ /**
+ * 安全模式,这里指定token通过Authorization头请求头传递
+ */
+ private List securitySchemes()
{
- return SecurityContext.builder()
- .securityReferences(defaultAuth())
- .forPaths(PathSelectors.regex(swaggerProperties().getAuthorization().getAuthRegex()))
- .build();
+ List apiKeyList = new ArrayList();
+ apiKeyList.add(new ApiKey("Authorization", "Authorization", "header"));
+ return apiKeyList;
}
- /**
- * 默认的全局鉴权策略
- *
- * @return
- */
- private List defaultAuth()
+ /**
+ * 安全上下文
+ */
+ private List securityContexts()
{
- ArrayList authorizationScopeList = new ArrayList<>();
- swaggerProperties().getAuthorization().getAuthorizationScopeList().forEach(authorizationScope -> authorizationScopeList.add(new AuthorizationScope(authorizationScope.getScope(), authorizationScope.getDescription())));
- AuthorizationScope[] authorizationScopes = new AuthorizationScope[authorizationScopeList.size()];
- return Collections.singletonList(SecurityReference.builder()
- .reference(swaggerProperties().getAuthorization().getName())
- .scopes(authorizationScopeList.toArray(authorizationScopes))
- .build());
+ List securityContexts = new ArrayList<>();
+ securityContexts.add(
+ SecurityContext.builder()
+ .securityReferences(defaultAuth())
+ .forPaths(PathSelectors.regex("^(?!auth).*$"))
+ .build());
+ return securityContexts;
}
- private OAuth securitySchema()
+ /**
+ * 默认的全局鉴权策略
+ *
+ * @return
+ */
+ private List defaultAuth()
{
- ArrayList authorizationScopeList = new ArrayList<>();
- swaggerProperties().getAuthorization().getAuthorizationScopeList().forEach(authorizationScope -> authorizationScopeList.add(new AuthorizationScope(authorizationScope.getScope(), authorizationScope.getDescription())));
- ArrayList grantTypes = new ArrayList<>();
- swaggerProperties().getAuthorization().getTokenUrlList().forEach(tokenUrl -> grantTypes.add(new ResourceOwnerPasswordCredentialsGrant(tokenUrl)));
- return new OAuth(swaggerProperties().getAuthorization().getName(), authorizationScopeList, grantTypes);
+ AuthorizationScope authorizationScope = new AuthorizationScope("global", "accessEverything");
+ AuthorizationScope[] authorizationScopes = new AuthorizationScope[1];
+ authorizationScopes[0] = authorizationScope;
+ List securityReferences = new ArrayList<>();
+ securityReferences.add(new SecurityReference("Authorization", authorizationScopes));
+ return securityReferences;
}
private ApiInfo apiInfo(SwaggerProperties swaggerProperties)
@@ -128,5 +126,4 @@ public class SwaggerAutoConfiguration
.version(swaggerProperties.getVersion())
.build();
}
- }
-
+}
diff --git a/ruoyi-gateway/pom.xml b/ruoyi-gateway/pom.xml
index 98668782..54605582 100644
--- a/ruoyi-gateway/pom.xml
+++ b/ruoyi-gateway/pom.xml
@@ -4,7 +4,7 @@
com.ruoyi
ruoyi
- 2.0.0
+ 2.5.0
4.0.0
@@ -85,6 +85,7 @@
+ ${project.artifactId}
org.springframework.boot
diff --git a/ruoyi-gateway/src/main/java/com/ruoyi/gateway/RuoYiGatewayApplication.java b/ruoyi-gateway/src/main/java/com/ruoyi/gateway/RuoYiGatewayApplication.java
index d1f6ec14..af0fcc84 100644
--- a/ruoyi-gateway/src/main/java/com/ruoyi/gateway/RuoYiGatewayApplication.java
+++ b/ruoyi-gateway/src/main/java/com/ruoyi/gateway/RuoYiGatewayApplication.java
@@ -28,4 +28,4 @@ public class RuoYiGatewayApplication
" | | \\ / \\ / \n" +
" ''-' `'-' `-..-' ");
}
-}
\ No newline at end of file
+}
diff --git a/ruoyi-gateway/src/main/java/com/ruoyi/gateway/config/CaptchaConfig.java b/ruoyi-gateway/src/main/java/com/ruoyi/gateway/config/CaptchaConfig.java
index c642ffeb..963425e6 100644
--- a/ruoyi-gateway/src/main/java/com/ruoyi/gateway/config/CaptchaConfig.java
+++ b/ruoyi-gateway/src/main/java/com/ruoyi/gateway/config/CaptchaConfig.java
@@ -5,6 +5,7 @@ import org.springframework.context.annotation.Bean;
import org.springframework.context.annotation.Configuration;
import com.google.code.kaptcha.impl.DefaultKaptcha;
import com.google.code.kaptcha.util.Config;
+import static com.google.code.kaptcha.Constants.*;
/**
* 验证码配置
@@ -14,42 +15,67 @@ import com.google.code.kaptcha.util.Config;
@Configuration
public class CaptchaConfig
{
+ @Bean(name = "captchaProducer")
+ public DefaultKaptcha getKaptchaBean()
+ {
+ DefaultKaptcha defaultKaptcha = new DefaultKaptcha();
+ Properties properties = new Properties();
+ // 是否有边框 默认为true 我们可以自己设置yes,no
+ properties.setProperty(KAPTCHA_BORDER, "yes");
+ // 验证码文本字符颜色 默认为Color.BLACK
+ properties.setProperty(KAPTCHA_TEXTPRODUCER_FONT_COLOR, "black");
+ // 验证码图片宽度 默认为200
+ properties.setProperty(KAPTCHA_IMAGE_WIDTH, "160");
+ // 验证码图片高度 默认为50
+ properties.setProperty(KAPTCHA_IMAGE_HEIGHT, "60");
+ // 验证码文本字符大小 默认为40
+ properties.setProperty(KAPTCHA_TEXTPRODUCER_FONT_SIZE, "38");
+ // KAPTCHA_SESSION_KEY
+ properties.setProperty(KAPTCHA_SESSION_CONFIG_KEY, "kaptchaCode");
+ // 验证码文本字符长度 默认为5
+ properties.setProperty(KAPTCHA_TEXTPRODUCER_CHAR_LENGTH, "4");
+ // 验证码文本字体样式 默认为new Font("Arial", 1, fontSize), new Font("Courier", 1, fontSize)
+ properties.setProperty(KAPTCHA_TEXTPRODUCER_FONT_NAMES, "Arial,Courier");
+ // 图片样式 水纹com.google.code.kaptcha.impl.WaterRipple 鱼眼com.google.code.kaptcha.impl.FishEyeGimpy 阴影com.google.code.kaptcha.impl.ShadowGimpy
+ properties.setProperty(KAPTCHA_OBSCURIFICATOR_IMPL, "com.google.code.kaptcha.impl.ShadowGimpy");
+ Config config = new Config(properties);
+ defaultKaptcha.setConfig(config);
+ return defaultKaptcha;
+ }
+
@Bean(name = "captchaProducerMath")
public DefaultKaptcha getKaptchaBeanMath()
{
DefaultKaptcha defaultKaptcha = new DefaultKaptcha();
Properties properties = new Properties();
// 是否有边框 默认为true 我们可以自己设置yes,no
- properties.setProperty("kaptcha.border", "yes");
+ properties.setProperty(KAPTCHA_BORDER, "yes");
// 边框颜色 默认为Color.BLACK
- properties.setProperty("kaptcha.border.color", "105,179,90");
+ properties.setProperty(KAPTCHA_BORDER_COLOR, "105,179,90");
// 验证码文本字符颜色 默认为Color.BLACK
- properties.setProperty("kaptcha.textproducer.font.color", "blue");
+ properties.setProperty(KAPTCHA_TEXTPRODUCER_FONT_COLOR, "blue");
// 验证码图片宽度 默认为200
- properties.setProperty("kaptcha.image.width", "160");
+ properties.setProperty(KAPTCHA_IMAGE_WIDTH, "160");
// 验证码图片高度 默认为50
- properties.setProperty("kaptcha.image.height", "60");
+ properties.setProperty(KAPTCHA_IMAGE_HEIGHT, "60");
// 验证码文本字符大小 默认为40
- properties.setProperty("kaptcha.textproducer.font.size", "35");
+ properties.setProperty(KAPTCHA_TEXTPRODUCER_FONT_SIZE, "35");
// KAPTCHA_SESSION_KEY
- properties.setProperty("kaptcha.session.key", "kaptchaCodeMath");
+ properties.setProperty(KAPTCHA_SESSION_CONFIG_KEY, "kaptchaCodeMath");
// 验证码文本生成器
- properties.setProperty("kaptcha.textproducer.impl", "com.ruoyi.gateway.config.KaptchaTextCreator");
+ properties.setProperty(KAPTCHA_TEXTPRODUCER_IMPL, "com.ruoyi.gateway.config.KaptchaTextCreator");
// 验证码文本字符间距 默认为2
- properties.setProperty("kaptcha.textproducer.char.space", "3");
+ properties.setProperty(KAPTCHA_TEXTPRODUCER_CHAR_SPACE, "3");
// 验证码文本字符长度 默认为5
- properties.setProperty("kaptcha.textproducer.char.length", "6");
- // 验证码文本字体样式 默认为new Font("Arial", 1, fontSize), new Font("Courier", 1,
- // fontSize)
- properties.setProperty("kaptcha.textproducer.font.names", "Arial,Courier");
+ properties.setProperty(KAPTCHA_TEXTPRODUCER_CHAR_LENGTH, "6");
+ // 验证码文本字体样式 默认为new Font("Arial", 1, fontSize), new Font("Courier", 1, fontSize)
+ properties.setProperty(KAPTCHA_TEXTPRODUCER_FONT_NAMES, "Arial,Courier");
// 验证码噪点颜色 默认为Color.BLACK
- properties.setProperty("kaptcha.noise.color", "white");
+ properties.setProperty(KAPTCHA_NOISE_COLOR, "white");
// 干扰实现类
- properties.setProperty("kaptcha.noise.impl", "com.google.code.kaptcha.impl.NoNoise");
- // 图片样式 水纹com.google.code.kaptcha.impl.WaterRipple
- // 鱼眼com.google.code.kaptcha.impl.FishEyeGimpy
- // 阴影com.google.code.kaptcha.impl.ShadowGimpy
- properties.setProperty("kaptcha.obscurificator.impl", "com.google.code.kaptcha.impl.ShadowGimpy");
+ properties.setProperty(KAPTCHA_NOISE_IMPL, "com.google.code.kaptcha.impl.NoNoise");
+ // 图片样式 水纹com.google.code.kaptcha.impl.WaterRipple 鱼眼com.google.code.kaptcha.impl.FishEyeGimpy 阴影com.google.code.kaptcha.impl.ShadowGimpy
+ properties.setProperty(KAPTCHA_OBSCURIFICATOR_IMPL, "com.google.code.kaptcha.impl.ShadowGimpy");
Config config = new Config(properties);
defaultKaptcha.setConfig(config);
return defaultKaptcha;
diff --git a/ruoyi-gateway/src/main/java/com/ruoyi/gateway/config/SwaggerProvider.java b/ruoyi-gateway/src/main/java/com/ruoyi/gateway/config/SwaggerProvider.java
index c0bdd7a4..0da5fa06 100644
--- a/ruoyi-gateway/src/main/java/com/ruoyi/gateway/config/SwaggerProvider.java
+++ b/ruoyi-gateway/src/main/java/com/ruoyi/gateway/config/SwaggerProvider.java
@@ -10,6 +10,11 @@ import org.springframework.stereotype.Component;
import springfox.documentation.swagger.web.SwaggerResource;
import springfox.documentation.swagger.web.SwaggerResourcesProvider;
+/**
+ * 聚合系统接口
+ *
+ * @author ruoyi
+ */
@Component
public class SwaggerProvider implements SwaggerResourcesProvider
{
diff --git a/ruoyi-gateway/src/main/java/com/ruoyi/gateway/config/properties/IgnoreWhiteProperties.java b/ruoyi-gateway/src/main/java/com/ruoyi/gateway/config/properties/IgnoreWhiteProperties.java
new file mode 100644
index 00000000..fbfd04cc
--- /dev/null
+++ b/ruoyi-gateway/src/main/java/com/ruoyi/gateway/config/properties/IgnoreWhiteProperties.java
@@ -0,0 +1,33 @@
+package com.ruoyi.gateway.config.properties;
+
+import java.util.ArrayList;
+import java.util.List;
+import org.springframework.boot.context.properties.ConfigurationProperties;
+import org.springframework.cloud.context.config.annotation.RefreshScope;
+import org.springframework.context.annotation.Configuration;
+
+/**
+ * 放行白名单配置
+ *
+ * @author ruoyi
+ */
+@Configuration
+@RefreshScope
+@ConfigurationProperties(prefix = "ignore")
+public class IgnoreWhiteProperties
+{
+ /**
+ * 放行白名单配置,网关不校验此处的白名单
+ */
+ private List whites = new ArrayList<>();
+
+ public List getWhites()
+ {
+ return whites;
+ }
+
+ public void setWhites(List whites)
+ {
+ this.whites = whites;
+ }
+}
diff --git a/ruoyi-gateway/src/main/java/com/ruoyi/gateway/filter/AuthFilter.java b/ruoyi-gateway/src/main/java/com/ruoyi/gateway/filter/AuthFilter.java
new file mode 100644
index 00000000..1bd39940
--- /dev/null
+++ b/ruoyi-gateway/src/main/java/com/ruoyi/gateway/filter/AuthFilter.java
@@ -0,0 +1,125 @@
+package com.ruoyi.gateway.filter;
+
+import javax.annotation.Resource;
+import org.slf4j.Logger;
+import org.slf4j.LoggerFactory;
+import org.springframework.beans.factory.annotation.Autowired;
+import org.springframework.cloud.gateway.filter.GatewayFilterChain;
+import org.springframework.cloud.gateway.filter.GlobalFilter;
+import org.springframework.core.Ordered;
+import org.springframework.core.io.buffer.DataBufferFactory;
+import org.springframework.data.redis.core.ValueOperations;
+import org.springframework.http.HttpStatus;
+import org.springframework.http.MediaType;
+import org.springframework.http.server.reactive.ServerHttpRequest;
+import org.springframework.http.server.reactive.ServerHttpResponse;
+import org.springframework.stereotype.Component;
+import org.springframework.web.server.ServerWebExchange;
+import com.alibaba.fastjson.JSON;
+import com.alibaba.fastjson.JSONObject;
+import com.ruoyi.common.core.constant.CacheConstants;
+import com.ruoyi.common.core.constant.Constants;
+import com.ruoyi.common.core.domain.R;
+import com.ruoyi.common.core.utils.ServletUtils;
+import com.ruoyi.common.core.utils.StringUtils;
+import com.ruoyi.common.redis.service.RedisService;
+import com.ruoyi.gateway.config.properties.IgnoreWhiteProperties;
+import reactor.core.publisher.Mono;
+
+/**
+ * 网关鉴权
+ *
+ * @author ruoyi
+ */
+@Component
+public class AuthFilter implements GlobalFilter, Ordered
+{
+ private static final Logger log = LoggerFactory.getLogger(AuthFilter.class);
+
+ private final static long EXPIRE_TIME = Constants.TOKEN_EXPIRE * 60;
+
+ // 排除过滤的 uri 地址,nacos自行添加
+ @Autowired
+ private IgnoreWhiteProperties ignoreWhite;
+
+ @Resource(name = "stringRedisTemplate")
+ private ValueOperations sops;
+
+ @Autowired
+ private RedisService redisService;
+
+ @Override
+ public Mono filter(ServerWebExchange exchange, GatewayFilterChain chain)
+ {
+ String url = exchange.getRequest().getURI().getPath();
+ // 跳过不需要验证的路径
+ if (StringUtils.matches(url, ignoreWhite.getWhites()))
+ {
+ return chain.filter(exchange);
+ }
+ String token = getToken(exchange.getRequest());
+ if (StringUtils.isBlank(token))
+ {
+ return setUnauthorizedResponse(exchange, "令牌不能为空");
+ }
+ String userStr = sops.get(getTokenKey(token));
+ if (StringUtils.isNull(userStr))
+ {
+ return setUnauthorizedResponse(exchange, "登录状态已过期");
+ }
+ JSONObject obj = JSONObject.parseObject(userStr);
+ String userid = obj.getString("userid");
+ String username = obj.getString("username");
+ if (StringUtils.isBlank(userid) || StringUtils.isBlank(username))
+ {
+ return setUnauthorizedResponse(exchange, "令牌验证失败");
+ }
+
+ // 设置过期时间
+ redisService.expire(getTokenKey(token), EXPIRE_TIME);
+ // 设置用户信息到请求
+ ServerHttpRequest mutableReq = exchange.getRequest().mutate().header(CacheConstants.DETAILS_USER_ID, userid)
+ .header(CacheConstants.DETAILS_USERNAME, ServletUtils.urlEncode(username)).build();
+ ServerWebExchange mutableExchange = exchange.mutate().request(mutableReq).build();
+
+ return chain.filter(mutableExchange);
+ }
+
+ private Mono setUnauthorizedResponse(ServerWebExchange exchange, String msg)
+ {
+ ServerHttpResponse response = exchange.getResponse();
+ response.getHeaders().setContentType(MediaType.APPLICATION_JSON);
+ response.setStatusCode(HttpStatus.OK);
+
+ log.error("[鉴权异常处理]请求路径:{}", exchange.getRequest().getPath());
+
+ return response.writeWith(Mono.fromSupplier(() -> {
+ DataBufferFactory bufferFactory = response.bufferFactory();
+ return bufferFactory.wrap(JSON.toJSONBytes(R.fail(msg)));
+ }));
+ }
+
+ private String getTokenKey(String token)
+ {
+ return CacheConstants.LOGIN_TOKEN_KEY + token;
+ }
+
+ /**
+ * 获取请求token
+ */
+ private String getToken(ServerHttpRequest request)
+ {
+ String token = request.getHeaders().getFirst(CacheConstants.HEADER);
+ if (StringUtils.isNotEmpty(token) && token.startsWith(CacheConstants.TOKEN_PREFIX))
+ {
+ token = token.replace(CacheConstants.TOKEN_PREFIX, "");
+ }
+ return token;
+ }
+
+ @Override
+ public int getOrder()
+ {
+ return -200;
+ }
+}
\ No newline at end of file
diff --git a/ruoyi-gateway/src/main/java/com/ruoyi/gateway/filter/CacheRequestFilter.java b/ruoyi-gateway/src/main/java/com/ruoyi/gateway/filter/CacheRequestFilter.java
new file mode 100644
index 00000000..2045d3ed
--- /dev/null
+++ b/ruoyi-gateway/src/main/java/com/ruoyi/gateway/filter/CacheRequestFilter.java
@@ -0,0 +1,100 @@
+package com.ruoyi.gateway.filter;
+
+import java.util.Collections;
+import java.util.List;
+import org.springframework.cloud.gateway.filter.GatewayFilter;
+import org.springframework.cloud.gateway.filter.GatewayFilterChain;
+import org.springframework.cloud.gateway.filter.OrderedGatewayFilter;
+import org.springframework.cloud.gateway.filter.factory.AbstractGatewayFilterFactory;
+import org.springframework.core.io.buffer.DataBuffer;
+import org.springframework.core.io.buffer.DataBufferFactory;
+import org.springframework.core.io.buffer.DataBufferUtils;
+import org.springframework.http.HttpMethod;
+import org.springframework.http.server.reactive.ServerHttpRequestDecorator;
+import org.springframework.stereotype.Component;
+import org.springframework.web.server.ServerWebExchange;
+import reactor.core.publisher.Flux;
+import reactor.core.publisher.Mono;
+
+@Component
+public class CacheRequestFilter extends AbstractGatewayFilterFactory
+{
+ public CacheRequestFilter()
+ {
+ super(Config.class);
+ }
+
+ @Override
+ public String name()
+ {
+ return "CacheRequestFilter";
+ }
+
+ @Override
+ public GatewayFilter apply(Config config)
+ {
+ CacheRequestGatewayFilter cacheRequestGatewayFilter = new CacheRequestGatewayFilter();
+ Integer order = config.getOrder();
+ if (order == null)
+ {
+ return cacheRequestGatewayFilter;
+ }
+ return new OrderedGatewayFilter(cacheRequestGatewayFilter, order);
+ }
+
+ public static class CacheRequestGatewayFilter implements GatewayFilter
+ {
+ @Override
+ public Mono filter(ServerWebExchange exchange, GatewayFilterChain chain)
+ {
+ // GET DELETE 不过滤
+ HttpMethod method = exchange.getRequest().getMethod();
+ if (method == null || method.matches("GET") || method.matches("DELETE"))
+ {
+ return chain.filter(exchange);
+ }
+ return DataBufferUtils.join(exchange.getRequest().getBody()).map(dataBuffer -> {
+ byte[] bytes = new byte[dataBuffer.readableByteCount()];
+ dataBuffer.read(bytes);
+ DataBufferUtils.release(dataBuffer);
+ return bytes;
+ }).defaultIfEmpty(new byte[0]).flatMap(bytes -> {
+ DataBufferFactory dataBufferFactory = exchange.getResponse().bufferFactory();
+ ServerHttpRequestDecorator decorator = new ServerHttpRequestDecorator(exchange.getRequest())
+ {
+ @Override
+ public Flux getBody()
+ {
+ if (bytes.length > 0)
+ {
+ return Flux.just(dataBufferFactory.wrap(bytes));
+ }
+ return Flux.empty();
+ }
+ };
+ return chain.filter(exchange.mutate().request(decorator).build());
+ });
+ }
+ }
+
+ @Override
+ public List shortcutFieldOrder()
+ {
+ return Collections.singletonList("order");
+ }
+
+ static class Config
+ {
+ private Integer order;
+
+ public Integer getOrder()
+ {
+ return order;
+ }
+
+ public void setOrder(Integer order)
+ {
+ this.order = order;
+ }
+ }
+}
\ No newline at end of file
diff --git a/ruoyi-gateway/src/main/java/com/ruoyi/gateway/filter/ValidateCodeFilter.java b/ruoyi-gateway/src/main/java/com/ruoyi/gateway/filter/ValidateCodeFilter.java
index cc4d673c..561111ba 100644
--- a/ruoyi-gateway/src/main/java/com/ruoyi/gateway/filter/ValidateCodeFilter.java
+++ b/ruoyi-gateway/src/main/java/com/ruoyi/gateway/filter/ValidateCodeFilter.java
@@ -1,16 +1,22 @@
package com.ruoyi.gateway.filter;
+import java.nio.CharBuffer;
+import java.nio.charset.StandardCharsets;
+import java.util.concurrent.atomic.AtomicReference;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.cloud.gateway.filter.GatewayFilter;
import org.springframework.cloud.gateway.filter.factory.AbstractGatewayFilterFactory;
-import org.springframework.http.HttpHeaders;
+import org.springframework.core.io.buffer.DataBuffer;
+import org.springframework.core.io.buffer.DataBufferUtils;
import org.springframework.http.server.reactive.ServerHttpRequest;
import org.springframework.http.server.reactive.ServerHttpResponse;
import org.springframework.stereotype.Component;
import com.alibaba.fastjson.JSON;
+import com.alibaba.fastjson.JSONObject;
import com.ruoyi.common.core.utils.StringUtils;
import com.ruoyi.common.core.web.domain.AjaxResult;
import com.ruoyi.gateway.service.ValidateCodeService;
+import reactor.core.publisher.Flux;
import reactor.core.publisher.Mono;
/**
@@ -21,13 +27,11 @@ import reactor.core.publisher.Mono;
@Component
public class ValidateCodeFilter extends AbstractGatewayFilterFactory
+
## 内置功能
@@ -74,27 +79,27 @@ com.ruoyi
