API tools faq
paste
Guest User

Untitled

a guest
Aug 17th, 2018
120
0
Never
Add comment
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
text 12.83 KB | None | 0 0
raw download clone embed print report
  1. public class AuthenticationRealm extends AuthorizingRealm {
  2.  
  3. /**
  4. * mall type
  5. */
  6. private static final int MALL_PERM = 0;
  7.  
  8. /**
  9. * shop type
  10. */
  11. private static final int BERTH_PERM = 1;
  12.  
  13. /**
  14. *
  15. */
  16. private static final int MALL_TYPE = 0;
  17.  
  18. /**
  19. *
  20. */
  21. private static final int BERTH_TYPE = 2;
  22.  
  23. /**
  24. * 用户client
  25. */
  26. private ManagerInfoServiceClient managerInfoService;
  27.  
  28. /**
  29. * 组织client
  30. */
  31. private OrganizationServiceClient organizationServiceClient;
  32.  
  33. /**
  34. * 认证参数
  35. */
  36. private ConfSystemServiceClient confSystemServiceClient;
  37.  
  38. /**
  39. ** *
  40. */
  41. @Autowired
  42. private DataAuthorityServiceClient dataAuthorityServiceClient;
  43. **
  44. ** /****
  45. *
  46. */
  47. @Autowired
  48. private ShopInfoServiceClient shopInfoServiceClient;**
  49.  
  50. /**
  51. * 验证码service
  52. */
  53. @Resource(name = "captchaService")
  54. private CaptchaService captchaService;
  55.  
  56. /**
  57. * 组信息
  58. */
  59. @Autowired
  60. private GroupInfoServiceClient groupInfoServiceClient;
  61.  
  62. /**
  63. * 门店信息
  64. */
  65. @Autowired
  66. private MallInfoServiceClient mallInfoServiceClient;
  67.  
  68. @Override
  69. protected AuthorizationInfo doGetAuthorizationInfo(PrincipalCollection principalCollection) {
  70. //授权
  71. return new SimpleAuthorizationInfo();
  72. }
  73.  
  74. @Override
  75. protected AuthenticationInfo doGetAuthenticationInfo(AuthenticationToken authenticationToken)
  76. throws AuthenticationException {
  77. //认证
  78. this.managerInfoService = SpringUtils.getBean(ManagerInfoServiceClient.class);
  79. organizationServiceClient = SpringUtils.getBean(OrganizationServiceClient.class);
  80. confSystemServiceClient = SpringUtils.getBean(ConfSystemServiceClient.class);
  81.  
  82.  
  83. try {
  84. LoginAuthenticationToken userToken = (LoginAuthenticationToken) authenticationToken;
  85. String userName = userToken.getUsername();
  86. String captcha = userToken.getCaptcha();
  87. String sessionId = userToken.getSessionId();
  88.  
  89. if (!captchaService.isValid(sessionId, captcha)) {
  90. throw new VerificationCodeException("验证码异常");
  91. }
  92.  
  93. ManagerInfoResp managerInfo = this.managerInfoService.selectLoginInfoEntityByName(userName).get();
  94. if (managerInfo.isQuit()) {
  95. throw new DisabledAccountException("账户被禁用");
  96. }
  97. if (null == managerInfo || managerInfo.getStatus().equals(CommonConstants.Status.DELETED_INT)) {
  98. throw new UnknownAccountException("账户不存在");
  99. }
  100. if (managerInfo.isLocked()) {
  101. throw new LockedAccountException("账户被锁定");
  102. }
  103. if (managerInfo.isDisabled()) {
  104. throw new DisabledAccountException("账户被禁用");
  105. }
  106. if (!managerInfo.isEnabled()) {
  107. throw new NotEnabledAccountException("账户未启用");
  108. }
  109. String password = new String(userToken.getPassword());
  110. if (!Security.encryptToMD5(password).toUpperCase().equals(managerInfo.getPwd())) {
  111. throw new IncorrectCredentialsException("密码错误");
  112. }
  113. String ip = userToken.getHost();
  114. managerInfo.setLastIp(ip);
  115. managerInfo.setLastTime(DatetimeUtils.currentTimestamp());
  116. this.managerInfoService.updateManagerInfo(managerInfo);
  117.  
  118. managerInfo.setPwd(null);
  119.  
  120.  
  121. ConfSystemResp configResp = confSystemServiceClient.getByConfigKey("UserPoint").get();
  122.  
  123. CurrentLoginUserInfo currentLoginUserInfo = new CurrentLoginUserInfo();
  124. currentLoginUserInfo.setDetailObj(managerInfo);
  125. currentLoginUserInfo.setGroupIdArray(managerInfo.getGroupIds().split(","));
  126. currentLoginUserInfo.setId(managerInfo.getId());
  127. currentLoginUserInfo.setManagerNo(managerInfo.getManagerNo());
  128. currentLoginUserInfo.setName(managerInfo.getName());
  129. currentLoginUserInfo.setRealName(managerInfo.getRealname());
  130. currentLoginUserInfo.setOpenId(managerInfo.getOpenId());
  131. currentLoginUserInfo.setSex(managerInfo.getSex());
  132. currentLoginUserInfo.setType(managerInfo.getType());
  133. /**
  134. * 组织或商户id:
  135. * 1.如果type等于1,那么orgOrShopId就是组织id;
  136. * 2.如果type等于2,那么orgOrShopId就是商户id
  137. */
  138. if (managerInfo.getType() == 1) {
  139. currentLoginUserInfo.setOrgOrShopId(managerInfo.getOrgId());
  140. } else {
  141. currentLoginUserInfo.setOrgOrShopId(managerInfo.getShopId());
  142. }
  143.  
  144. //数据权限控制 add by gonghongxing at 2017/11/9 begin
  145. //获取用户所属组织信息,根据用户所属组织进行用户数据权限的判断 add by gonghongxing at 2017/11/1 begin
  146. String userOrgId = managerInfo.getOrgId();
  147. //根据用户组织id查找用户所属的数据权限信息
  148. OrganizationInfoResp orgResp = organizationServiceClient.selectOrganizationInfoById(userOrgId).get();
  149.  
  150.  
  151. //TODO:获取具体的权限集合(如果是铺位类型,需要转化为商户类型)
  152.  
  153. Map<String, Object> authMap = dealAuthInfo(managerInfo, orgResp);
  154. currentLoginUserInfo.setAuthList(authMap.get("authList") == null ? null : (List) authMap.get("authList"));
  155. currentLoginUserInfo.setAuthType((String) authMap.get("type"));
  156. //获取用户所属组织信息,根据用户所属组织进行用户数据权限的判断 add by gonghongxing at 2017/11/1 end
  157.  
  158. //设置局点信息
  159. currentLoginUserInfo.setUserPoint(configResp.getConfigValue());
  160.  
  161. //add by gonghongxing 如果是金盛据点,根据用户所属的组,获取所属的门店id和类型begin at 2017-06-29
  162. currentLoginUserInfo.setMallId(null);
  163. currentLoginUserInfo.setMallType(null);
  164. if (CommonConstants.UserPoint.JINSHENG.equals(configResp.getConfigValue())
  165. || CommonConstants.UserPoint.SHAZHICHUAN.equals(configResp.getConfigValue())) {
  166. String groupId = managerInfo.getGroupIds();
  167. //如果组信息不存在或者该用户属于多个组,则默认所属商户信息不存在
  168. if (CrmStringUtils.isNotEmptyOrNull(groupId) && (-1 == groupId.indexOf(","))) {
  169. GroupInfoResp groupInfo = groupInfoServiceClient.selectGroupInfoById(groupId).get();
  170.  
  171. //如果组信息中所属门店信息存在,则进行门店查询,并设置到当前用户信息中
  172. if (null != groupInfo && CrmStringUtils.isNotEmptyOrNull(groupInfo.getMallId())) {
  173. MallInfoResp mallResp = mallInfoServiceClient.selectMallInfoById(groupInfo.getMallId()).get();
  174. currentLoginUserInfo.setMallId(mallResp.getId());
  175. currentLoginUserInfo.setMallType(mallResp.getIsHeadquarters());
  176. }
  177. }
  178. }
  179. //add by gonghongxing 如果是金盛据点,根据用户所属的组,获取所属的门店id和类型end at 2017-06-29
  180. else {
  181. String orgId = managerInfo.getOrgId();
  182. if (!Strings.isNullOrEmpty(orgId)) {
  183. MallInfoResp mallInfoResp = mallInfoServiceClient.getMallByOrgId(orgId).get();
  184. if (mallInfoResp != null) {
  185. currentLoginUserInfo.setMallId(mallInfoResp.getId());
  186. currentLoginUserInfo.setMallType(mallInfoResp.getIsHeadquarters());
  187. }
  188. }
  189. }
  190. OrganizationInfoResp organizationInfo = organizationServiceClient.selectOrganizationInfoById(
  191. managerInfo.getOrgId()).get();
  192. //OrganizationInfo organizationInfo = organizationInfoBusiness.selectByKey(managerInfo.getOrgId());
  193. currentLoginUserInfo.setOrgOrShopName(organizationInfo.getOrganizationName());
  194.  
  195. return new SimpleAuthenticationInfo(currentLoginUserInfo, password, getName());
  196.  
  197. } catch (PlatformException e) {
  198. throw new AuthenticationException("认证异常", e);
  199. }
  200. }
  201.  
  202. /**
  203. * 获取用户的权限信息
  204. *
  205. * @param managerInfo
  206. * @param orgResp
  207. * @return
  208. */
  209. private Map<String, Object> dealAuthInfo(ManagerInfoResp managerInfo, OrganizationInfoResp orgResp) {
  210. Map<String, Object> resultMap = new HashedMap();
  211. List<String> authList = new ArrayList<>();
  212. String loginName = managerInfo.getName();
  213. String authType = "3";
  214.  
  215. if (null == orgResp) {
  216. authType = CommonConstants.UserPermType.NO_PERM;
  217. } else if ("admin".equals(loginName.toLowerCase())) {
  218. authType = CommonConstants.UserPermType.ADMIN_PERM;
  219. } else {
  220. //获取用户的权限数据类型
  221. String dataScopeId = orgResp.getDataScopeId();
  222. DataAuthorityDetailReq detailReq = new DataAuthorityDetailReq();
  223. DataAuthorityResp dataAuthResp = dataAuthorityServiceClient.getDataAuthDetail(dataScopeId).get();
  224. //获取所有门店类型的数据
  225. if (null != dataAuthResp && (MALL_PERM == dataAuthResp.getPermType())) {
  226. //设置权限类型为门店
  227. authType = String.valueOf(CommonConstants.UserPermType.MALL_PERM);
  228. //获取所有满足条件的门店权限信息
  229. // detailReq.setNodeSource(MALL_PERM);
  230. detailReq.setType(MALL_TYPE);
  231. detailReq.setDataScopeId(dataScopeId);
  232. List<DataAuthorityDetailResp> mallAuthList = dataAuthorityServiceClient.selectAllDataAuthDetail(detailReq).get().getContent();
  233. if (null != mallAuthList && !mallAuthList.isEmpty()) {
  234. for (DataAuthorityDetailResp detailResp : mallAuthList) {
  235. authList.add(detailResp.getAuthId());
  236. }
  237. }
  238. }
  239. //获取所有的铺位类型权限
  240. else if (null != dataAuthResp && (BERTH_PERM == dataAuthResp.getPermType())) {
  241. //获取所有的店铺权限
  242. authType = String.valueOf(CommonConstants.UserPermType.BERTH_PERM);
  243. //查找店铺对应的商户信息
  244. // detailReq.setNodeSource(BERTH_PERM);
  245. detailReq.setType(BERTH_TYPE);
  246. detailReq.setDataScopeId(dataScopeId);
  247. //获取权限中对应的铺位信息
  248. List<DataAuthorityDetailResp> bertAuthList = dataAuthorityServiceClient.selectAllDataAuthDetail(detailReq).get().getContent();
  249. List<String> berthList = new ArrayList<>();
  250. if (null != bertAuthList && !bertAuthList.isEmpty()) {
  251.  
  252. for (DataAuthorityDetailResp detailResp : bertAuthList) {
  253. berthList.add(detailResp.getAuthId());
  254. }
  255. //查询出所有的商户信息
  256.  
  257. List<ShopInfoResp> shopList = shopInfoServiceClient.findAllShopInfo().get();
  258. for (ShopInfoResp resp : shopList) {
  259. String berthStr = resp.getLocationId();
  260. if (CrmStringUtils.isNotEmptyOrNull(berthStr)) {
  261. String[] berthArrs = berthStr.split(",");
  262. for (String tempBerth : berthArrs) {
  263. if (berthList.contains(tempBerth)) {
  264. authList.add(resp.getId());
  265. break;
  266. }else if(berthList.contains(berthStr)){
  267. authList.add(resp.getId());
  268. break;
  269. }
  270. }
  271. }
  272.  
  273. }
  274.  
  275. }
  276. } else {
  277. authType = CommonConstants.UserPermType.NO_PERM;
  278. }
  279.  
  280.  
  281. }
  282. resultMap.put("type", authType);
  283. resultMap.put("authList", authList);
  284. return resultMap;
  285.  
  286.  
  287. 下面的方式进行实例化bean,导致 @Autowired被代理的类不能使用代理类
  288. @Bean
  289. @DependsOn(value = "lifecycleBeanPostProcessor")
  290. public AuthenticationRealm realm() {
  291.  
  292. AuthenticationRealm realm = new AuthenticationRealm();
  293. return realm;
  294. }
  295.  
  296. //使用@Autowired,不能实现AOP代理
  297. this.shopInfoServiceClient = SpringUtils.getBean(ShopInfoServiceClient.class);
  298.  
  299.  
  300. 然后通过
  301.  
  302. 通过 ShopInfoServiceClient xx = SpringUtils.getBean(ShopInfoServiceClient.class);
  303. System.out.println("++ShopInfoServiceClient===" + AopUtils.isAopProxy(xx)); 不能获取代理类,是自己、、、
Add Comment
Please, Sign In to add comment
Public Pastes
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy.  OK, I Understand
Not a member of Pastebin yet?
Sign Up, it unlocks many cool features!