|
|
@@ -4,6 +4,8 @@ import static org.springframework.data.domain.ExampleMatcher.GenericPropertyMatc
|
|
|
|
|
|
import java.util.ArrayList;
|
|
|
import java.util.List;
|
|
|
+import java.util.Map;
|
|
|
+import java.util.Set;
|
|
|
import java.util.stream.Collectors;
|
|
|
import java.util.stream.Stream;
|
|
|
|
|
|
@@ -35,8 +37,11 @@ import org.springframework.web.bind.annotation.RequestParam;
|
|
|
import org.springframework.web.bind.annotation.RestController;
|
|
|
|
|
|
import com.google.common.collect.Lists;
|
|
|
+import com.google.common.collect.Maps;
|
|
|
|
|
|
import cn.com.qmth.examcloud.commons.base.exception.StatusException;
|
|
|
+import cn.com.qmth.examcloud.commons.base.util.JsonUtil;
|
|
|
+import cn.com.qmth.examcloud.commons.web.redis.RedisClient;
|
|
|
import cn.com.qmth.examcloud.commons.web.security.bean.User;
|
|
|
import cn.com.qmth.examcloud.commons.web.support.ControllerSupport;
|
|
|
import cn.com.qmth.examcloud.core.examwork.api.controller.bean.CourseGroupBean;
|
|
|
@@ -62,6 +67,9 @@ import io.swagger.annotations.ApiOperation;
|
|
|
@RequestMapping("${$rmp.ctr.examwork}/exam")
|
|
|
public class ExamController extends ControllerSupport {
|
|
|
|
|
|
+ @Autowired
|
|
|
+ RedisClient redisClient;
|
|
|
+
|
|
|
@Autowired
|
|
|
ExamRepo examRepo;
|
|
|
|
|
|
@@ -428,4 +436,76 @@ public class ExamController extends ControllerSupport {
|
|
|
examOrgRepo.delete(examOrg);
|
|
|
}
|
|
|
|
|
|
+ @ApiOperation(value = "考试IP限制", notes = "")
|
|
|
+ @DeleteMapping("ipLimit/{examId}")
|
|
|
+ public Map<String, Object> ipLimit(HttpServletRequest request, @PathVariable Long examId) {
|
|
|
+ Exam exam = examRepo.findOne(examId);
|
|
|
+ if (null == exam) {
|
|
|
+ throw new StatusException("E-001010", "考试不存在");
|
|
|
+ }
|
|
|
+
|
|
|
+ Map<String, Object> map = Maps.newHashMap();
|
|
|
+ Boolean ipLimit = exam.getIpLimit();
|
|
|
+ if (null == ipLimit || !ipLimit) {
|
|
|
+ map.put("limited", false);
|
|
|
+ map.put("desc", "未配置IP限制");
|
|
|
+ return map;
|
|
|
+ }
|
|
|
+
|
|
|
+ String realIp = request.getHeader("x-forwarded-for");
|
|
|
+ if (StringUtils.isBlank(realIp)) {
|
|
|
+ throw new StatusException("E-001010", "网络受限");
|
|
|
+ }
|
|
|
+ realIp = realIp.trim();
|
|
|
+
|
|
|
+ String ipAddresses = exam.getIpAddresses();
|
|
|
+
|
|
|
+ String[] arr = StringUtils.split(ipAddresses, ';');
|
|
|
+
|
|
|
+ boolean limited = true;
|
|
|
+ for (String cur : arr) {
|
|
|
+ String ip = StringUtils.replace(cur.trim(), ".", "\\.");
|
|
|
+ ip = StringUtils.replace(cur, "*", "\\w+");
|
|
|
+ if (realIp.matches(ip)) {
|
|
|
+ limited = false;
|
|
|
+ break;
|
|
|
+ }
|
|
|
+ }
|
|
|
+
|
|
|
+ User accessUser = getAccessUser();
|
|
|
+ Long orgId = accessUser.getOrgId();
|
|
|
+
|
|
|
+ if (limited) {
|
|
|
+ String key = "IP_" + orgId;
|
|
|
+ String value = redisClient.get(key, String.class);
|
|
|
+ if (null == value) {
|
|
|
+ map.put("desc", "无机构管理员登录");
|
|
|
+ } else {
|
|
|
+ @SuppressWarnings("unchecked")
|
|
|
+ Set<String> userKeyList = JsonUtil.fromJson(value, Set.class);
|
|
|
+
|
|
|
+ for (String userKey : userKeyList) {
|
|
|
+ User curUser = redisClient.get(userKey, User.class);
|
|
|
+ if (null != curUser) {
|
|
|
+ String clientIp = curUser.getClientIp();
|
|
|
+ if (null != clientIp) {
|
|
|
+ // IP取前三段
|
|
|
+ clientIp = clientIp.substring(0, clientIp.lastIndexOf("."));
|
|
|
+ if (realIp.startsWith(clientIp)) {
|
|
|
+ limited = false;
|
|
|
+ map.put("desc", "机构管理员登录. key=" + userKey);
|
|
|
+ break;
|
|
|
+ }
|
|
|
+ }
|
|
|
+ }
|
|
|
+
|
|
|
+ }
|
|
|
+ }
|
|
|
+ }
|
|
|
+
|
|
|
+ map.put("limited", limited);
|
|
|
+
|
|
|
+ return map;
|
|
|
+ }
|
|
|
+
|
|
|
}
|
wangwei