首页 发现 帮助
登录
examcloud-backend
/
examcloud-core-questions
2
0
派生 0
文件 工单管理 0 合并请求 0 Wiki
浏览代码

update

deason 6 年之前
父节点
dc9860ce2f
当前提交
ef138e1d7b
共有 3 个文件被更改,包括 110 次插入124 次删除
合并视图 显示文件统计
  1. 0 124
      examcloud-core-questions-starter/src/main/java/cn/com/qmth/examcloud/core/questions/starter/config/DefaultWebMvcConfigurerAdapter.java
  2. 63 0
      examcloud-core-questions-starter/src/main/java/cn/com/qmth/examcloud/core/questions/starter/config/ExamCloudResourceManager.java
  3. 47 0
      examcloud-core-questions-starter/src/main/java/cn/com/qmth/examcloud/core/questions/starter/config/ExamCloudWebMvcConfigurer.java

+ 0 - 124
examcloud-core-questions-starter/src/main/java/cn/com/qmth/examcloud/core/questions/starter/config/DefaultWebMvcConfigurerAdapter.java
查看文件 

@@ -1,124 +0,0 @@
 
-package cn.com.qmth.examcloud.core.questions.starter.config;
 
-
 
-import java.util.List;
 
-import java.util.Set;
 
-
 
-import cn.com.qmth.examcloud.api.commons.security.bean.Role;
 
-import cn.com.qmth.examcloud.api.commons.security.bean.UserType;
 
-import cn.com.qmth.examcloud.api.commons.security.enums.RoleMeta;
 
-import cn.com.qmth.examcloud.commons.util.PropertiesUtil;
 
-import cn.com.qmth.examcloud.web.interceptor.FirstInterceptor;
 
-import org.apache.commons.collections.CollectionUtils;
 
-import org.apache.commons.lang3.StringUtils;
 
-import org.springframework.beans.factory.annotation.Autowired;
 
-import org.springframework.context.annotation.Bean;
 
-import org.springframework.context.annotation.Configuration;
 
-import org.springframework.web.servlet.config.annotation.InterceptorRegistry;
 
-import org.springframework.web.servlet.config.annotation.WebMvcConfigurerAdapter;
 
-
 
-import com.google.common.collect.Sets;
 
-
 
-import cn.com.qmth.examcloud.commons.util.PathUtil;
 
-import cn.com.qmth.examcloud.commons.util.PropertiesUtil;
 
-import cn.com.qmth.examcloud.commons.util.RegExpUtil;
 
-import cn.com.qmth.examcloud.web.redis.RedisClient;
 
-import cn.com.qmth.examcloud.web.security.RequestPermissionInterceptor;
 
-import cn.com.qmth.examcloud.web.security.SpringCloudInterceptor;
 
-import cn.com.qmth.examcloud.api.commons.security.bean.User;
 
-
 
-/**
 
- * 默认WebMvcConfigurer
 
- *
 
- * @author WANGWEI
 
- * @date 2018年5月22日
 
- * @Copyright (c) 2018-? http://qmth.com.cn All Rights Reserved.
 
- */
 
-@Configuration
 
-public class DefaultWebMvcConfigurerAdapter extends WebMvcConfigurerAdapter {
 
-
 
-	@Autowired
 
-	RedisClient redisClient;
 
-
 
-	static {
 
-		//PropertiesUtil.configureAndWatch(PathUtil.getResoucePath("security-mapping.properties"));
 
-		PropertiesUtil.configure(PathUtil.getResoucePath("security-mapping.properties"));
 
-	}
 
-
 
-	@Override
 
-	public void addInterceptors(InterceptorRegistry registry) {
 
-		registry.addInterceptor(new FirstInterceptor()).addPathPatterns("/**");
 
-
 
-		SpringCloudInterceptor springCloudInterceptor = new SpringCloudInterceptor();
 
-		registry.addInterceptor(springCloudInterceptor).addPathPatterns("/**");
 
-
 
-		RequestPermissionInterceptor requestPermissionInterceptor = getRequestPermissionInterceptor();
 
-		requestPermissionInterceptor.configure("security-exclusions.conf");
 
-		registry.addInterceptor(requestPermissionInterceptor).addPathPatterns("/**");
 
-
 
-		super.addInterceptors(registry);
 
-	}
 
-
 
-	@Bean
 
-	public RequestPermissionInterceptor getRequestPermissionInterceptor() {
 
-		return new RequestPermissionInterceptor(redisClient) {
 
-
 
-			@Override
 
-			public boolean hasPermission(String mappingPath, User user) {
 
-
 
-				// 学生鉴权
 
-				if (user.getUserType().equals(UserType.STUDENT)) {
 
-					String key = "[s]" + mappingPath;
 
-					return PropertiesUtil.getBoolean(key, false);
 
-				}
 
-
 
-				List<Role> roleList = user.getRoleList();
 
-
 
-				if (CollectionUtils.isEmpty(roleList)) {
 
-					return false;
 
-				}
 
-
 
-				for (Role role : roleList) {
 
-					if (role.getRoleCode().equals(RoleMeta.SUPER_ADMIN.name())) {
 
-						return true;
 
-					}
 
-				}
 
-
 
-				// 权限组集合
 
-				String privilegeGroups = PropertiesUtil.getString(mappingPath);
 
-				if (StringUtils.isBlank(privilegeGroups)) {
 
-					return true;
 
-				}
 
-
 
-				// 用户权限集合
 
-				Set<String> rolePrivilegeList = Sets.newHashSet();
 
-				Long rootOrgId = user.getRootOrgId();
 
-				for (Role role : roleList) {
 
-					String key = "$_P_" + rootOrgId + "_" + role.getRoleId();
 
-					String rolePrivileges = redisClient.get(key, String.class);
 
-
 
-					List<String> rpList = RegExpUtil.findAll(rolePrivileges, "\\w+");
 
-					rolePrivilegeList.addAll(rpList);
 
-				}
 
-
 
-				List<String> privilegeGroupList = RegExpUtil.findAll(privilegeGroups, "[^\\;]+");
 
-
 
-				for (String pg : privilegeGroupList) {
 
-					pg = pg.trim();
 
-					if (StringUtils.isBlank(pg)) {
 
-						continue;
 
-					}
 
-
 
-					List<String> pList = RegExpUtil.findAll(pg, "[^\\,]+");
 
-					if (rolePrivilegeList.containsAll(pList)) {
 
-						return true;
 
-					} else {
 
-						continue;
 
-					}
 
-				}
 
-
 
-				return false;
 
-			}
 
-
 
-		};
 
-	}
 
-}

+ 63 - 0
examcloud-core-questions-starter/src/main/java/cn/com/qmth/examcloud/core/questions/starter/config/ExamCloudResourceManager.java
查看文件 

@@ -0,0 +1,63 @@
 
+/*
 
+ * *************************************************
 
+ * Copyright (c) 2019 QMTH. All Rights Reserved.
 
+ * Created by Deason on 2019-05-06 16:15:50.
 
+ * *************************************************
 
+ */
 
+
 
+package cn.com.qmth.examcloud.core.questions.starter.config;
 
+
 
+import cn.com.qmth.examcloud.api.commons.security.bean.AccessApp;
 
+import cn.com.qmth.examcloud.api.commons.security.bean.User;
 
+import cn.com.qmth.examcloud.support.cache.CacheHelper;
 
+import cn.com.qmth.examcloud.support.cache.bean.AppCacheBean;
 
+import cn.com.qmth.examcloud.web.redis.RedisClient;
 
+import cn.com.qmth.examcloud.web.security.ResourceManager;
 
+import cn.com.qmth.examcloud.web.support.ApiInfo;
 
+import org.springframework.beans.factory.annotation.Autowired;
 
+import org.springframework.stereotype.Component;
 
+
 
+@Component
 
+public class ExamCloudResourceManager implements ResourceManager {
 
+    @Autowired
 
+    private RedisClient redisClient;
 
+
 
+    @Override
 
+    public AccessApp getAccessApp(Long appId) {
 
+        AppCacheBean appCacheBean = CacheHelper.getApp(appId);
 
+        AccessApp app = new AccessApp();
 
+        app.setAppId(appCacheBean.getId());
 
+        app.setAppCode(appCacheBean.getCode());
 
+        app.setAppName(appCacheBean.getName());
 
+        app.setSecretKey(appCacheBean.getSecretKey());
 
+        app.setTimeRange(appCacheBean.getTimeRange());
 
+        return app;
 
+    }
 
+
 
+    @Override
 
+    public boolean isNaked(ApiInfo apiInfo, String mapping) {
 
+        if (null == apiInfo) {
 
+            return true;
 
+        }
 
+
 
+        if (null != apiInfo) {
 
+            Integer id = apiInfo.getId();
 
+
 
+            if (null != id) {
 
+                if (id.equals(103)) {
 
+                    return true;
 
+                }
 
+            } else {
 
+                return true;
 
+            }
 
+        }
 
+
 
+        return false;
 
+    }
 
+
 
+    @Override
 
+    public boolean hasPermission(User user, ApiInfo apiInfo, String mapping) {
 
+        return true;
 
+    }
 
+
 
+}

+ 47 - 0
examcloud-core-questions-starter/src/main/java/cn/com/qmth/examcloud/core/questions/starter/config/ExamCloudWebMvcConfigurer.java
查看文件 

@@ -0,0 +1,47 @@
 
+/*
 
+ * *************************************************
 
+ * Copyright (c) 2019 QMTH. All Rights Reserved.
 
+ * Created by Deason on 2019-05-06 16:15:50.
 
+ * *************************************************
 
+ */
 
+
 
+package cn.com.qmth.examcloud.core.questions.starter.config;
 
+
 
+import cn.com.qmth.examcloud.web.interceptor.FirstInterceptor;
 
+import cn.com.qmth.examcloud.web.redis.RedisClient;
 
+import cn.com.qmth.examcloud.web.security.RequestPermissionInterceptor;
 
+import cn.com.qmth.examcloud.web.security.ResourceManager;
 
+import cn.com.qmth.examcloud.web.security.RpcInterceptor;
 
+import org.springframework.beans.factory.annotation.Autowired;
 
+import org.springframework.context.annotation.Configuration;
 
+import org.springframework.web.servlet.config.annotation.CorsRegistry;
 
+import org.springframework.web.servlet.config.annotation.InterceptorRegistry;
 
+import org.springframework.web.servlet.config.annotation.WebMvcConfigurer;
 
+
 
+@Configuration
 
+public class ExamCloudWebMvcConfigurer implements WebMvcConfigurer {
 
+    @Autowired
 
+    private ResourceManager resourceManager;
 
+    @Autowired
 
+    private RedisClient redisClient;
 
+
 
+    @Override
 
+    public void addInterceptors(InterceptorRegistry registry) {
 
+        String[] excludes = new String[]{"/", "/doc.html"};
 
+        registry.addInterceptor(new FirstInterceptor()).addPathPatterns("/api/**").excludePathPatterns(excludes);
 
+        registry.addInterceptor(new RpcInterceptor(resourceManager)).addPathPatterns("/api/**").excludePathPatterns(excludes);
 
+
 
+        RequestPermissionInterceptor permissionInterceptor = new RequestPermissionInterceptor(resourceManager, redisClient);
 
+        registry.addInterceptor(permissionInterceptor).addPathPatterns("/api/**").excludePathPatterns(excludes);
 
+    }
 
+
 
+    @Override
 
+    public void addCorsMappings(CorsRegistry registry) {
 
+        registry.addMapping("/**")
 
+                .allowedOrigins("*")
 
+                .allowCredentials(false)
 
+                .allowedMethods("POST")
 
+                .maxAge(3600);
 
+    }
 
+
 
+}