| 123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137 |
- package cn.com.qmth.examcloud.ws.config;
- import cn.com.qmth.examcloud.api.commons.enums.DataRuleType;
- import cn.com.qmth.examcloud.api.commons.security.bean.*;
- import cn.com.qmth.examcloud.api.commons.security.enums.RoleMeta;
- import cn.com.qmth.examcloud.commons.util.PropertiesUtil;
- import cn.com.qmth.examcloud.commons.util.RegExpUtil;
- import cn.com.qmth.examcloud.support.cache.CacheHelper;
- import cn.com.qmth.examcloud.support.cache.bean.AppCacheBean;
- import cn.com.qmth.examcloud.web.redis.RedisClient;
- import cn.com.qmth.examcloud.web.security.ResourceManager;
- import cn.com.qmth.examcloud.web.support.ApiInfo;
- import com.google.common.collect.Sets;
- import org.apache.commons.collections4.CollectionUtils;
- import org.apache.commons.lang3.StringUtils;
- import org.springframework.beans.factory.annotation.Autowired;
- import org.springframework.stereotype.Component;
- import java.util.List;
- import java.util.Set;
- /**
- * 资源管理器
- *
- * @author WANGWEI
- * @date 2019年2月18日
- * @Copyright (c) 2018-2020 WANGWEI [QQ:522080330] All Rights Reserved.
- */
- @Component
- public class ExamCloudResourceManager implements ResourceManager {
- @Autowired
- RedisClient redisClient;
- // @Autowired
- // UserDataRuleCloudService userDataRuleCloudService;
- static {
- PropertiesUtil.loadFromResource("security.properties");
- }
- @Override
- public AccessApp getAccessApp(Long appId) {
- AppCacheBean appCacheBean = CacheHelper.getApp(appId);
- AccessApp app = new AccessApp();
- app.setAppId(appCacheBean.getId());
- app.setAppCode(appCacheBean.getCode());
- app.setAppName(appCacheBean.getName());
- app.setSecretKey(appCacheBean.getSecretKey());
- app.setTimeRange(appCacheBean.getTimeRange());
- return app;
- }
- @Override
- public boolean isNaked(ApiInfo apiInfo, String mapping) {
- if (null == apiInfo) {
- return true;
- }
- if (mapping.matches(".*swagger.*")) {
- return true;
- }
- if (null != apiInfo) {
- if (apiInfo.isNaked()) {
- return true;
- }
- }
- return false;
- }
- @Override
- public boolean hasPermission(User user, ApiInfo apiInfo, String mapping) {
- // 学生鉴权
- if (user.getUserType().equals(UserType.STUDENT)) {
- String key = "[s]" + mapping;
- return PropertiesUtil.getBoolean(key, false);
- }
- List<Role> roleList = user.getRoleList();
- if (CollectionUtils.isEmpty(roleList)) {
- return false;
- }
- for (Role role : roleList) {
- if (role.getRoleCode().equals(RoleMeta.SUPER_ADMIN.name())) {
- return true;
- }
- }
- // 权限组集合
- String privilegeGroups = PropertiesUtil.getString(mapping);
- if (StringUtils.isBlank(privilegeGroups)) {
- return true;
- }
- // 用户权限集合
- Set<String> rolePrivilegeList = Sets.newHashSet();
- Long rootOrgId = user.getRootOrgId();
- for (Role role : roleList) {
- String key = "$_P_" + rootOrgId + "_" + role.getRoleId();
- String rolePrivileges = redisClient.get(key, String.class);
- List<String> rpList = RegExpUtil.findAll(rolePrivileges, "\\w+");
- rolePrivilegeList.addAll(rpList);
- }
- List<String> privilegeGroupList = RegExpUtil.findAll(privilegeGroups, "[^\\;]+");
- for (String pg : privilegeGroupList) {
- pg = pg.trim();
- if (StringUtils.isBlank(pg)) {
- continue;
- }
- List<String> pList = RegExpUtil.findAll(pg, "[^\\,]+");
- if (rolePrivilegeList.containsAll(pList)) {
- return true;
- } else {
- continue;
- }
- }
- return false;
- }
- @Override
- public UserDataRule loadUserDataRule(Long userId, DataRuleType dataRuleType) {
- // ignore
- return new UserDataRule();
- }
- }
|
