master
wangning 7 years ago
parent cd50cbf719
commit 208ac577c3

@ -76,7 +76,7 @@ public class CashierManageController {
@PartnerMapping(value = "/orders/{cashier_id}", method = RequestMethod.GET)
@ResponseBody
public JSONObject getPartnerCashierOrders(@PathVariable String cashier_id, @ModelAttribute(CommonConsts.PARTNER_STATUS) JSONObject partner,
public JSONObject getPartnerCashierOrdersById(@PathVariable String cashier_id, @ModelAttribute(CommonConsts.PARTNER_STATUS) JSONObject partner,
CashierQueryBean query) {
return cashierOrderService.listCashierOrders(cashier_id, partner, query);
}

@ -23,7 +23,7 @@ public class CouponValidateController {
@PartnerMapping(value = "/get_used_coupon",method = RequestMethod.GET,roles = {PartnerRole.ADMIN,PartnerRole.MANAGER})
@ResponseBody
public JSONObject getCoupon(@ModelAttribute(CommonConsts.PARTNER_STATUS) JSONObject partner, @RequestParam("page") int page){
public JSONObject getUsedCoupon(@ModelAttribute(CommonConsts.PARTNER_STATUS) JSONObject partner, @RequestParam("page") int page){
return couponVerificationService.getCoupon(partner,page,10);
}

@ -30,4 +30,12 @@ public interface PermissionManager {
void authorizeRole(ManagerRole role, List<String> functions);
List<JSONObject> listUserFunctions(int role);
JSONObject getById(String funcId);
void synchronizePartnerFunctions();
JSONObject listPartnerFunctions();
}

@ -5,17 +5,27 @@ import au.com.royalpay.payment.manage.management.sysconfig.beans.ModuleInfo;
import au.com.royalpay.payment.manage.management.sysconfig.core.PermissionManager;
import au.com.royalpay.payment.manage.mappers.system.PermissionFunctionMapper;
import au.com.royalpay.payment.manage.mappers.system.PermissionModuleMapper;
import au.com.royalpay.payment.tools.permission.enums.ManagerRole;
import au.com.royalpay.payment.manage.mappers.system.PermissionPartnerFunctionMapper;
import au.com.royalpay.payment.manage.mappers.system.PermissionPartnerModuleMapper;
import au.com.royalpay.payment.manage.permission.manager.scanner.PermissionNode;
import au.com.royalpay.payment.manage.permission.manager.scanner.PermissionPartnerReader;
import au.com.royalpay.payment.manage.permission.manager.scanner.PermissionReader;
import au.com.royalpay.payment.tools.exceptions.BadRequestException;
import au.com.royalpay.payment.tools.permission.enums.ManagerRole;
import com.alibaba.fastjson.JSONObject;
import org.springframework.cache.annotation.CacheEvict;
import org.springframework.stereotype.Service;
import org.springframework.transaction.annotation.Transactional;
import java.util.ArrayList;
import java.util.HashMap;
import java.util.List;
import java.util.Map;
import java.util.TreeMap;
import javax.annotation.Resource;
import java.util.*;
/**
* Created by yixian on 2017-02-28.
@ -29,6 +39,15 @@ public class PermissionManagerImpl implements PermissionManager {
@Resource
private PermissionReader permissionReader;
@Resource
private PermissionPartnerFunctionMapper permissionPartnerFunctionMapper;
@Resource
private PermissionPartnerModuleMapper permissionPartnerModuleMapper;
@Resource
private PermissionPartnerReader permissionPartnerReader;
@Override
public void synchronizeFunctions() {
List<JSONObject> functions = permissionFunctionMapper.listAll();
@ -56,6 +75,68 @@ public class PermissionManagerImpl implements PermissionManager {
}
}
@Override
public void synchronizePartnerFunctions() {
List<JSONObject> functions = permissionFunctionMapper.listAll();
Map<String, JSONObject> funcMapFromDB = new HashMap<>();
for (JSONObject func : functions) {
funcMapFromDB.put(func.getString("func_id"), func);
}
List<PermissionNode> nodes = permissionPartnerReader.listFunctions();
for (PermissionNode node : nodes) {
String funcId = node.getFuncId();
if (funcMapFromDB.containsKey(funcId)) {
funcMapFromDB.remove(funcId);
JSONObject func = node.initFuncObject();
func.remove("role");
permissionPartnerFunctionMapper.update(func);
} else {
JSONObject func = node.initFuncObject();
permissionPartnerFunctionMapper.save(func);
}
}
for (String funcId : funcMapFromDB.keySet()) {
permissionPartnerFunctionMapper.delete(funcId);
}
}
@Override
public JSONObject listPartnerFunctions() {
List<JSONObject> funcs = permissionPartnerFunctionMapper.listAll();
Map<String, List<JSONObject>> moduleMap = new TreeMap<>();
List<JSONObject> noModule = new ArrayList<>();
for (JSONObject func : funcs) {
String module = func.getString("module");
if (module == null) {
noModule.add(func);
continue;
}
List<JSONObject> funcsInModule = moduleMap.get(module);
if (funcsInModule == null) {
funcsInModule = new ArrayList<>();
moduleMap.put(module, funcsInModule);
}
funcsInModule.add(func);
}
JSONObject report = new JSONObject();
report.put("no_module", noModule);
List<JSONObject> modules = new ArrayList<>();
for (String module : moduleMap.keySet()) {
JSONObject mod = new JSONObject();
mod.put("module_name", module);
List<JSONObject> funcList = moduleMap.get(module);
mod.put("remark", funcList.get(0).getString("mod_remark"));
mod.put("js_module", funcList.get(0).getString("js_module"));
mod.put("js_path", funcList.get(0).getString("js_path"));
mod.put("funcs", funcList);
modules.add(mod);
}
report.put("modules", modules);
return report;
}
@Override
public JSONObject listFunctions() {
List<JSONObject> funcs = permissionFunctionMapper.listAll();
@ -166,4 +247,10 @@ public class PermissionManagerImpl implements PermissionManager {
return permissionFunctionMapper.listByRoleMask(role);
}
@Override
@CacheEvict(value = ":System:permissionCheck:",allEntries = true)
public JSONObject getById(String funcId) {
return permissionFunctionMapper.find(funcId);
}
}

@ -4,14 +4,21 @@ import au.com.royalpay.payment.manage.management.sysconfig.beans.FuncInfo;
import au.com.royalpay.payment.manage.management.sysconfig.beans.ModuleInfo;
import au.com.royalpay.payment.manage.management.sysconfig.core.PermissionManager;
import au.com.royalpay.payment.manage.permission.manager.ManagerMapping;
import au.com.royalpay.payment.tools.permission.enums.ManagerRole;
import au.com.royalpay.payment.tools.exceptions.BadRequestException;
import au.com.royalpay.payment.tools.permission.enums.ManagerRole;
import com.alibaba.fastjson.JSONObject;
import org.springframework.web.bind.annotation.*;
import javax.annotation.Resource;
import org.springframework.web.bind.annotation.PathVariable;
import org.springframework.web.bind.annotation.RequestBody;
import org.springframework.web.bind.annotation.RequestMapping;
import org.springframework.web.bind.annotation.RequestMethod;
import org.springframework.web.bind.annotation.RestController;
import java.util.List;
import javax.annotation.Resource;
/**
* Created by yixian on 2017-02-28.
*/
@ -86,4 +93,18 @@ public class SysPermissionConfigController {
}
throw new BadRequestException("Invalid role mask:" + roleMask);
}
@RequestMapping(value = "/partner/synchronize", method = RequestMethod.POST)
public void synchronizePartnerFunctions() {
permissionManager.synchronizePartnerFunctions();
}
@RequestMapping(value = "/partner/functions", method = RequestMethod.GET)
public JSONObject listPartnerFunctions() {
return permissionManager.listPartnerFunctions();
}
}

@ -0,0 +1,41 @@
package au.com.royalpay.payment.manage.mappers.system;
import java.util.List;
import org.apache.ibatis.annotations.Param;
import com.alibaba.fastjson.JSONObject;
import cn.yixblog.support.mybatis.autosql.annotations.AutoMapper;
import cn.yixblog.support.mybatis.autosql.annotations.AutoSql;
import cn.yixblog.support.mybatis.autosql.annotations.SqlType;
/**
* Created by yixian on 2017-02-28.
*/
@AutoMapper(tablename = "sys_permission_partner_functions", pkName = "func_id")
public interface PermissionPartnerFunctionMapper {
@AutoSql(type = SqlType.INSERT)
void save(JSONObject func);
@AutoSql(type = SqlType.UPDATE)
void update(JSONObject func);
List<JSONObject> listByRoleMask(@Param("mask") int mask);
List<JSONObject> listAll();
@AutoSql(type = SqlType.SELECT)
List<JSONObject> listByModule(@Param("module") String moduleName);
@AutoSql(type = SqlType.DELETE)
void delete(@Param("func_id") String funcId);
void clearRolePermission(@Param("mask") int mask);
void authorizeRole(@Param("mask") int mask, @Param("func_ids") List<String> functions);
@AutoSql(type = SqlType.SELECT)
JSONObject find(@Param("func_id") String funcId);
}

@ -0,0 +1,32 @@
package au.com.royalpay.payment.manage.mappers.system;
import java.util.List;
import org.apache.ibatis.annotations.Param;
import com.alibaba.fastjson.JSONObject;
import cn.yixblog.support.mybatis.autosql.annotations.AutoMapper;
import cn.yixblog.support.mybatis.autosql.annotations.AutoSql;
import cn.yixblog.support.mybatis.autosql.annotations.SqlType;
/**
* Created by yixian on 2017-02-28.
*/
@AutoMapper(tablename = "sys_permission_partner_modules", pkName = "module_name")
public interface PermissionPartnerModuleMapper {
@AutoSql(type = SqlType.INSERT)
void save(JSONObject module);
@AutoSql(type = SqlType.UPDATE)
void update(JSONObject module);
@AutoSql(type = SqlType.DELETE)
void delete(@Param("module_name") String moduleName);
@AutoSql(type = SqlType.SELECT)
List<JSONObject> list();
@AutoSql(type = SqlType.SELECT)
JSONObject find(@Param("module_name") String moduleName);
}

@ -13,7 +13,7 @@ import cn.yixblog.support.mybatis.autosql.annotations.SqlType;
/**
* Created by yixian on 2017-02-28.
*/
@AutoMapper(tablename = "sys_permission_client_modules", pkName = "id")
@AutoMapper(tablename = "sys_permission_partner_modules_clients", pkName = "id")
public interface SysPermissionClientModulesMapper {
@AutoSql(type = SqlType.INSERT)
void save(JSONObject module);

@ -260,7 +260,7 @@ public class PartnerViewController {
@PartnerMapping(value = "/trade_logs/{orderId}", method = RequestMethod.PUT)
@ResponseBody
public void getOrderDetail(@ModelAttribute(CommonConsts.PARTNER_STATUS) JSONObject account, @PathVariable String orderId, @RequestBody JSONObject order) throws Exception {
public void updateOrderDetail(@ModelAttribute(CommonConsts.PARTNER_STATUS) JSONObject account, @PathVariable String orderId, @RequestBody JSONObject order) throws Exception {
order.put("order_id", orderId);
tradeLogService.updateOrderDetail(account.getIntValue("client_id"), order);
}
@ -366,7 +366,7 @@ public class PartnerViewController {
@PartnerMapping(value = "/sign_events/{signId}", method = RequestMethod.PUT, roles = {PartnerRole.ADMIN, PartnerRole.MANAGER})
@ResponseBody
public void listUnhandledSignEvents(@ModelAttribute(CommonConsts.PARTNER_STATUS) JSONObject account, @PathVariable String signId) {
public void listUnhandledSignEventsBySignId(@ModelAttribute(CommonConsts.PARTNER_STATUS) JSONObject account, @PathVariable String signId) {
clientSignEventSupport.sign(account, signId);
}

@ -68,7 +68,8 @@ public class ManagerUserInterceptor extends HandlerInterceptorAdapter implements
ex = e;
}
if (ex != null) {
checkPartnerPermission(request, partner, partnerStatusKey, managerStatusKey);
String funcId = clazz.getSimpleName() + "." + method.getName();
checkPartnerPermission(request, partner, partnerStatusKey, managerStatusKey,funcId);
}
return true;
}
@ -77,11 +78,12 @@ public class ManagerUserInterceptor extends HandlerInterceptorAdapter implements
checkManagerPermisson(request, funcId, managerStatusKey);
return true;
}
checkPartnerPermission(request, partner, partnerStatusKey, managerStatusKey);
String funcId = clazz.getSimpleName() + "." + method.getName();
checkPartnerPermission(request, partner, partnerStatusKey, managerStatusKey,funcId);
return true;
}
private void checkPartnerPermission(HttpServletRequest request, RequirePartner partner, String partnerStatusKey, String managerStatusKey) {
private void checkPartnerPermission(HttpServletRequest request, RequirePartner partner, String partnerStatusKey, String managerStatusKey,String funcId) {
if (StringUtils.isEmpty(partnerStatusKey) && StringUtils.isEmpty(managerStatusKey)) {
throw new ForbiddenException("error.permission.not_login");
}
@ -98,6 +100,12 @@ public class ManagerUserInterceptor extends HandlerInterceptorAdapter implements
throw new ForbiddenException("error.permission.nopermission");
}
}
// JSONObject func = permissionManager.getById(funcId);
// JSONArray arr = loginUser.getJSONArray("available_func_ids");
// if (arr == null || !arr.contains(func.getString("funcId"))) {
// throw new ForbiddenException("error.permission.nopermission");
// }
request.setAttribute(CommonConsts.PARTNER_STATUS, loginUser);
}

@ -0,0 +1,104 @@
package au.com.royalpay.payment.manage.permission.manager.scanner;
import au.com.royalpay.payment.manage.permission.manager.RequirePartner;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.springframework.beans.BeansException;
import org.springframework.beans.factory.config.BeanPostProcessor;
import org.springframework.core.annotation.AnnotatedElementUtils;
import org.springframework.stereotype.Component;
import org.springframework.stereotype.Controller;
import org.springframework.web.bind.annotation.RequestMapping;
import org.springframework.web.bind.annotation.RequestMethod;
import java.lang.reflect.Method;
import java.util.ArrayList;
import java.util.HashMap;
import java.util.List;
import java.util.Map;
/**
* Created by yixian on 2017-02-28.
*/
@Component
public class PartnerPermissionScanner implements BeanPostProcessor, PermissionPartnerReader {
private Logger logger = LoggerFactory.getLogger(getClass());
private Map<String, PermissionNode> permissionNodes = new HashMap<>();
@Override
public Object postProcessBeforeInitialization(Object bean, String beanName) throws BeansException {
Class<?> clazz = bean.getClass();
if (AnnotatedElementUtils.isAnnotated(clazz, Controller.class)) {
Method[] methods = clazz.getDeclaredMethods();
RequestMapping clazzRequestMapping = AnnotatedElementUtils.findMergedAnnotation(clazz, RequestMapping.class);
RequirePartner clazzPermission = AnnotatedElementUtils.findMergedAnnotation(clazz, RequirePartner.class);
for (Method method : methods) {
if (AnnotatedElementUtils.isAnnotated(method, RequestMapping.class)) {
RequestMapping methodMapping = AnnotatedElementUtils.findMergedAnnotation(method, RequestMapping.class);
RequirePartner methodPermission = AnnotatedElementUtils.findMergedAnnotation(method, RequirePartner.class);
if (clazzPermission != null || methodPermission != null) {
registerPermissionMapping(clazz, method, clazzRequestMapping, clazzPermission, methodMapping, methodPermission);
}
}
}
}
return bean;
}
private void registerPermissionMapping(Class<?> controller, Method method, RequestMapping clazzRequestMapping, RequirePartner clazzPermission, RequestMapping methodMapping, RequirePartner methodPermission) {
//get request uri and methods
PermissionNode node = new PermissionNode(controller.getSimpleName(), method.getName());
getRequestInfo(node, clazzRequestMapping, methodMapping);
node.setPartnerPermissions(clazzPermission, methodPermission);
logger.debug("register permission:" + node.getFuncName() + ":" + node.getRequestId());
if (permissionNodes.containsKey(node.getFuncId())) {
throw new RuntimeException("Duplicated permission function ID:" + controller.getName() + "." + method.getName());
}
permissionNodes.put(node.getFuncId(), node);
}
private void getRequestInfo(PermissionNode node, RequestMapping clazzRequestMapping, RequestMapping methodMapping) {
String uri = "";
RequestMethod[] methods = {};
if (clazzRequestMapping != null) {
if (clazzRequestMapping.value().length > 0) {
uri += clazzRequestMapping.value()[0];
}
methods = clazzRequestMapping.method();
}
if (!uri.startsWith("/")) {
uri = "/" + uri;
}
if (uri.endsWith("/")) {
uri = uri.substring(0, uri.length() - 1);
}
if (methodMapping.value().length > 0) {
String val = methodMapping.value()[0];
if (val.startsWith("/")) {
val = val.substring(1);
}
uri += "/" + val;
}
if (methodMapping.method().length > 0) {
methods = methodMapping.method();
}
node.setUri(uri);
node.setMethods(methods);
}
@Override
public Object postProcessAfterInitialization(Object bean, String beanName) throws BeansException {
return bean;
}
@Override
public List<PermissionNode> listFunctions() {
return new ArrayList<>(permissionNodes.values());
}
}

@ -1,7 +1,10 @@
package au.com.royalpay.payment.manage.permission.manager.scanner;
import au.com.royalpay.payment.manage.permission.manager.RequirePartner;
import au.com.royalpay.payment.tools.permission.enums.ManagerRole;
import au.com.royalpay.payment.manage.permission.manager.RequireManager;
import au.com.royalpay.payment.tools.permission.enums.PartnerRole;
import com.alibaba.fastjson.JSONObject;
import org.apache.commons.lang3.StringUtils;
import org.springframework.web.bind.annotation.RequestMethod;
@ -92,4 +95,25 @@ public class PermissionNode {
this.roleMask = mask;
}
public void setPartnerPermissions(RequirePartner clazzPermission, RequirePartner methodPermission) {
PartnerRole[] roles;
if (methodPermission != null) {
roles = methodPermission.roles();
} else {
if (clazzPermission == null) {
throw new RuntimeException("Permission not set:" + getRequestId());
}
roles = clazzPermission.roles();
}
if (roles.length == 0) {
roles = PartnerRole.values();
}
int mask = 0;
for (PartnerRole role : roles) {
mask |= role.getCode();
}
this.roleMask = mask;
}
}

@ -0,0 +1,10 @@
package au.com.royalpay.payment.manage.permission.manager.scanner;
import java.util.List;
/**
* Created by yixian on 2017-02-28.
*/
public interface PermissionPartnerReader {
List<PermissionNode> listFunctions();
}

@ -16,6 +16,7 @@ import au.com.royalpay.payment.manage.signin.core.SignInAccountService;
import au.com.royalpay.payment.manage.signin.core.SignInStatusManager;
import au.com.royalpay.payment.manage.signin.events.ClientLoginEvent;
import au.com.royalpay.payment.manage.signin.events.ManagerLoginEvent;
import au.com.royalpay.payment.manage.system.core.PermissionClientModulesService;
import au.com.royalpay.payment.tools.env.PlatformEnvironment;
import au.com.royalpay.payment.tools.env.RequestEnvironment;
import au.com.royalpay.payment.tools.exceptions.BadRequestException;
@ -72,6 +73,8 @@ public class SignInAccountServiceImpl implements SignInAccountService, Applicati
private DeviceManager deviceManager;
@Resource
private ClientConfigService clientConfigService;
@Resource
private PermissionClientModulesService permissionClientModulesService;
private ApplicationEventPublisher publisher;
private static final List<String> tags = new ArrayList<>();
@ -142,6 +145,12 @@ public class SignInAccountServiceImpl implements SignInAccountService, Applicati
}
}
List<JSONObject> funcs = permissionClientModulesService.listByClientId(account.getIntValue("client_id"));
List<String> funcIds = new ArrayList<>();
for (JSONObject func : funcs) {
funcIds.add(func.getString("func_id"));
}
account.put("available_func_ids", funcIds);
return account;
}

@ -10,8 +10,12 @@ import org.springframework.stereotype.Service;
@Service
public class SystemPackageCacheSupport {
@CacheEvict(value = ":system:client_permission:", key = "#clientMoniker")
@CacheEvict(value = ":system:client_permission:", key = "#client_moniker")
public void clearClientPermission(String client_moniker){
}
@CacheEvict(value = ":system:client_permission:", key = "#client_id+''")
public void clearClientPermission(int client_id){
}
}

@ -44,6 +44,7 @@ public class PermissionClientModulesServiceImpl implements PermissionClientModul
}
@Override
@Cacheable(value = ":system:client_permission:", key = "#clientId+''")
public List<JSONObject> listByClientId(int clientId) {
return permissionClientModulesMapper.listByClientId(clientId);
}
@ -66,6 +67,7 @@ public class PermissionClientModulesServiceImpl implements PermissionClientModul
updateRecord.put("id", record.getLong("id"));
permissionClientModulesMapper.update(updateRecord);
systemPackageCacheSupport.clearClientPermission(record.getString("client_moniker"));
systemPackageCacheSupport.clearClientPermission(record.getIntValue("client_id"));
}

@ -0,0 +1,39 @@
<?xml version="1.0" encoding="UTF-8" ?>
<!DOCTYPE mapper PUBLIC "-//mybatis.org//DTD Mapper 3.0//EN" "http://mybatis.org/dtd/mybatis-3-mapper.dtd" >
<mapper namespace="au.com.royalpay.payment.manage.mappers.system.PermissionPartnerFunctionMapper">
<sql id="joinModule">
SELECT
f.*,
m.js_module,
m.js_path,
m.remark mod_remark
FROM sys_permission_partner_functions f
LEFT JOIN sys_permission_partner_modules m ON m.module_name = f.module
</sql>
<update id="clearRolePermission">
<![CDATA[
UPDATE sys_permission_partner_functions
SET role = role & #{mask}
]]>
</update>
<update id="authorizeRole">
<![CDATA[
UPDATE sys_permission_partner_functions
SET role = role | #{mask}
WHERE func_id in
]]>
<foreach collection="func_ids" item="id" open="(" close=")" separator=",">
#{id}
</foreach>
</update>
<select id="listByRoleMask" resultType="com.alibaba.fastjson.JSONObject">
<include refid="joinModule"/>
<![CDATA[
WHERE f.role & #{mask} >0
]]>
</select>
<select id="listAll" resultType="com.alibaba.fastjson.JSONObject">
<include refid="joinModule"/>
ORDER BY f.module ASC,f.func_id ASC
</select>
</mapper>
Loading…
Cancel
Save