KonBAI
@@ -1,12 +1,13 @@
|
||||
package com.ruoyi.framework.aspectj;
|
||||
|
||||
import cn.hutool.core.util.ObjectUtil;
|
||||
import com.ruoyi.common.annotation.Log;
|
||||
import com.ruoyi.common.core.domain.dto.OperLogDTO;
|
||||
import com.ruoyi.common.core.service.OperLogService;
|
||||
import com.ruoyi.common.enums.BusinessStatus;
|
||||
import com.ruoyi.common.enums.HttpMethod;
|
||||
import com.ruoyi.common.helper.LoginHelper;
|
||||
import com.ruoyi.common.utils.JsonUtils;
|
||||
import com.ruoyi.common.utils.LoginUtils;
|
||||
import com.ruoyi.common.utils.ServletUtils;
|
||||
import com.ruoyi.common.utils.StringUtils;
|
||||
import com.ruoyi.common.utils.spring.SpringUtils;
|
||||
@@ -66,7 +67,7 @@ public class LogAspect {
|
||||
String ip = ServletUtils.getClientIP();
|
||||
operLog.setOperIp(ip);
|
||||
operLog.setOperUrl(ServletUtils.getRequest().getRequestURI());
|
||||
operLog.setOperName(LoginUtils.getUsername());
|
||||
operLog.setOperName(LoginHelper.getUsername());
|
||||
|
||||
if (e != null) {
|
||||
operLog.setStatus(BusinessStatus.FAIL.ordinal());
|
||||
@@ -110,7 +111,7 @@ public class LogAspect {
|
||||
setRequestValue(joinPoint, operLog);
|
||||
}
|
||||
// 是否需要保存response,参数和值
|
||||
if (log.isSaveResponseData() && StringUtils.isNotNull(jsonResult)) {
|
||||
if (log.isSaveResponseData() && ObjectUtil.isNotNull(jsonResult)) {
|
||||
operLog.setJsonResult(StringUtils.substring(JsonUtils.toJsonString(jsonResult), 0, 2000));
|
||||
}
|
||||
}
|
||||
@@ -139,7 +140,7 @@ public class LogAspect {
|
||||
StringBuilder params = new StringBuilder();
|
||||
if (paramsArray != null && paramsArray.length > 0) {
|
||||
for (Object o : paramsArray) {
|
||||
if (StringUtils.isNotNull(o) && !isFilterObject(o)) {
|
||||
if (ObjectUtil.isNotNull(o) && !isFilterObject(o)) {
|
||||
try {
|
||||
params.append(JsonUtils.toJsonString(o)).append(" ");
|
||||
} catch (Exception e) {
|
||||
@@ -175,6 +176,6 @@ public class LogAspect {
|
||||
}
|
||||
}
|
||||
return o instanceof MultipartFile || o instanceof HttpServletRequest || o instanceof HttpServletResponse
|
||||
|| o instanceof BindingResult;
|
||||
|| o instanceof BindingResult;
|
||||
}
|
||||
}
|
||||
|
||||
@@ -3,8 +3,8 @@ package com.ruoyi.framework.aspectj;
|
||||
import com.ruoyi.common.annotation.RateLimiter;
|
||||
import com.ruoyi.common.enums.LimitType;
|
||||
import com.ruoyi.common.exception.ServiceException;
|
||||
import com.ruoyi.common.utils.redis.RedisUtils;
|
||||
import com.ruoyi.common.utils.ServletUtils;
|
||||
import com.ruoyi.common.utils.redis.RedisUtils;
|
||||
import lombok.extern.slf4j.Slf4j;
|
||||
import org.aspectj.lang.JoinPoint;
|
||||
import org.aspectj.lang.annotation.Aspect;
|
||||
@@ -52,7 +52,7 @@ public class RateLimiterAspect {
|
||||
if (rateLimiter.limitType() == LimitType.IP) {
|
||||
// 获取请求ip
|
||||
stringBuffer.append(ServletUtils.getClientIP()).append("-");
|
||||
} else if (rateLimiter.limitType() == LimitType.CLUSTER){
|
||||
} else if (rateLimiter.limitType() == LimitType.CLUSTER) {
|
||||
// 获取客户端实例id
|
||||
stringBuffer.append(RedisUtils.getClient().getId()).append("-");
|
||||
}
|
||||
|
||||
@@ -1,21 +1,21 @@
|
||||
package com.ruoyi.framework.aspectj;
|
||||
|
||||
import cn.dev33.satoken.SaManager;
|
||||
import cn.hutool.core.util.ObjectUtil;
|
||||
import cn.hutool.crypto.SecureUtil;
|
||||
import com.ruoyi.common.annotation.RepeatSubmit;
|
||||
import com.ruoyi.common.constant.Constants;
|
||||
import com.ruoyi.common.exception.ServiceException;
|
||||
import com.ruoyi.common.utils.JsonUtils;
|
||||
import com.ruoyi.common.utils.redis.RedisUtils;
|
||||
import com.ruoyi.common.utils.ServletUtils;
|
||||
import com.ruoyi.common.utils.StringUtils;
|
||||
import com.ruoyi.common.utils.redis.RedisUtils;
|
||||
import com.ruoyi.framework.config.properties.RepeatSubmitProperties;
|
||||
import lombok.RequiredArgsConstructor;
|
||||
import lombok.extern.slf4j.Slf4j;
|
||||
import org.aspectj.lang.JoinPoint;
|
||||
import org.aspectj.lang.annotation.Aspect;
|
||||
import org.aspectj.lang.annotation.Before;
|
||||
import org.springframework.beans.factory.annotation.Autowired;
|
||||
import org.springframework.stereotype.Component;
|
||||
import org.springframework.validation.BindingResult;
|
||||
import org.springframework.web.multipart.MultipartFile;
|
||||
@@ -32,7 +32,7 @@ import java.util.concurrent.TimeUnit;
|
||||
* @author Lion Li
|
||||
*/
|
||||
@Slf4j
|
||||
@RequiredArgsConstructor(onConstructor_ = @Autowired)
|
||||
@RequiredArgsConstructor
|
||||
@Aspect
|
||||
@Component
|
||||
public class RepeatSubmitAspect {
|
||||
@@ -76,7 +76,7 @@ public class RepeatSubmitAspect {
|
||||
StringBuilder params = new StringBuilder();
|
||||
if (paramsArray != null && paramsArray.length > 0) {
|
||||
for (Object o : paramsArray) {
|
||||
if (StringUtils.isNotNull(o) && !isFilterObject(o)) {
|
||||
if (ObjectUtil.isNotNull(o) && !isFilterObject(o)) {
|
||||
try {
|
||||
params.append(JsonUtils.toJsonString(o)).append(" ");
|
||||
} catch (Exception e) {
|
||||
|
||||
@@ -11,15 +11,14 @@ import org.redisson.config.Config;
|
||||
import org.redisson.spring.cache.CacheConfig;
|
||||
import org.redisson.spring.cache.RedissonSpringCacheManager;
|
||||
import org.springframework.beans.factory.annotation.Autowired;
|
||||
import org.springframework.boot.autoconfigure.condition.ConditionalOnMissingBean;
|
||||
import org.springframework.boot.autoconfigure.data.redis.RedisProperties;
|
||||
import org.springframework.cache.CacheManager;
|
||||
import org.springframework.cache.annotation.CachingConfigurerSupport;
|
||||
import org.springframework.cache.annotation.EnableCaching;
|
||||
import org.springframework.context.annotation.Bean;
|
||||
import org.springframework.context.annotation.Configuration;
|
||||
import org.springframework.context.annotation.Primary;
|
||||
|
||||
import java.io.IOException;
|
||||
import java.util.HashMap;
|
||||
import java.util.List;
|
||||
import java.util.Map;
|
||||
@@ -44,9 +43,9 @@ public class RedisConfig extends CachingConfigurerSupport {
|
||||
@Autowired
|
||||
private RedissonProperties redissonProperties;
|
||||
|
||||
@Primary
|
||||
@Bean(destroyMethod = "shutdown")
|
||||
@ConditionalOnMissingBean(RedissonClient.class)
|
||||
public RedissonClient redisson() throws IOException {
|
||||
public RedissonClient redisson() {
|
||||
String prefix = REDIS_PROTOCOL_PREFIX;
|
||||
if (redisProperties.isSsl()) {
|
||||
prefix = REDISS_PROTOCOL_PREFIX;
|
||||
@@ -68,14 +67,11 @@ public class RedisConfig extends CachingConfigurerSupport {
|
||||
.setTimeout(singleServerConfig.getTimeout())
|
||||
.setRetryAttempts(singleServerConfig.getRetryAttempts())
|
||||
.setRetryInterval(singleServerConfig.getRetryInterval())
|
||||
.setSubscriptionsPerConnection(singleServerConfig.getSubscriptionsPerConnection())
|
||||
.setClientName(singleServerConfig.getClientName())
|
||||
.setIdleConnectionTimeout(singleServerConfig.getIdleConnectionTimeout())
|
||||
.setSubscriptionConnectionMinimumIdleSize(singleServerConfig.getSubscriptionConnectionMinimumIdleSize())
|
||||
.setSubscriptionConnectionPoolSize(singleServerConfig.getSubscriptionConnectionPoolSize())
|
||||
.setConnectionMinimumIdleSize(singleServerConfig.getConnectionMinimumIdleSize())
|
||||
.setConnectionPoolSize(singleServerConfig.getConnectionPoolSize())
|
||||
.setDnsMonitoringInterval(singleServerConfig.getDnsMonitoringInterval());
|
||||
.setConnectionPoolSize(singleServerConfig.getConnectionPoolSize());
|
||||
}
|
||||
// 集群配置方式 参考下方注释
|
||||
RedissonProperties.ClusterServersConfig clusterServersConfig = redissonProperties.getClusterServersConfig();
|
||||
@@ -93,19 +89,14 @@ public class RedisConfig extends CachingConfigurerSupport {
|
||||
.setTimeout(clusterServersConfig.getTimeout())
|
||||
.setRetryAttempts(clusterServersConfig.getRetryAttempts())
|
||||
.setRetryInterval(clusterServersConfig.getRetryInterval())
|
||||
.setSubscriptionsPerConnection(clusterServersConfig.getSubscriptionsPerConnection())
|
||||
.setClientName(clusterServersConfig.getClientName())
|
||||
.setIdleConnectionTimeout(clusterServersConfig.getIdleConnectionTimeout())
|
||||
.setPingConnectionInterval(clusterServersConfig.getPingConnectionInterval())
|
||||
.setSubscriptionConnectionMinimumIdleSize(clusterServersConfig.getSubscriptionConnectionMinimumIdleSize())
|
||||
.setSubscriptionConnectionPoolSize(clusterServersConfig.getSubscriptionConnectionPoolSize())
|
||||
.setMasterConnectionMinimumIdleSize(clusterServersConfig.getMasterConnectionMinimumIdleSize())
|
||||
.setMasterConnectionPoolSize(clusterServersConfig.getMasterConnectionPoolSize())
|
||||
.setSlaveConnectionMinimumIdleSize(clusterServersConfig.getSlaveConnectionMinimumIdleSize())
|
||||
.setSlaveConnectionPoolSize(clusterServersConfig.getSlaveConnectionPoolSize())
|
||||
.setDnsMonitoringInterval(clusterServersConfig.getDnsMonitoringInterval())
|
||||
.setFailedSlaveReconnectionInterval(clusterServersConfig.getFailedSlaveReconnectionInterval())
|
||||
.setScanInterval(clusterServersConfig.getScanInterval())
|
||||
.setReadMode(clusterServersConfig.getReadMode())
|
||||
.setSubscriptionMode(clusterServersConfig.getSubscriptionMode())
|
||||
.setNodeAddresses(nodes);
|
||||
@@ -177,18 +168,8 @@ public class RedisConfig extends CachingConfigurerSupport {
|
||||
* retryAttempts: 3
|
||||
* # 命令重试发送时间间隔,单位:毫秒
|
||||
* retryInterval: 1500
|
||||
* # 从可用服务器的内部列表中排除 Redis Slave 重新连接尝试的间隔。
|
||||
* failedSlaveReconnectionInterval: 3000
|
||||
* # 发布和订阅连接池最小空闲连接数
|
||||
* subscriptionConnectionMinimumIdleSize: 1
|
||||
* # 发布和订阅连接池大小
|
||||
* subscriptionConnectionPoolSize: 50
|
||||
* # 单个连接最大订阅数量
|
||||
* subscriptionsPerConnection: 5
|
||||
* # 扫描间隔
|
||||
* scanInterval: 1000
|
||||
* # DNS监测时间间隔,单位:毫秒
|
||||
* dnsMonitoringInterval: 5000
|
||||
* # 读取模式
|
||||
* readMode: "SLAVE"
|
||||
* # 订阅模式
|
||||
|
||||
@@ -5,25 +5,30 @@ import cn.dev33.satoken.interceptor.SaRouteInterceptor;
|
||||
import cn.dev33.satoken.jwt.StpLogicJwtForStyle;
|
||||
import cn.dev33.satoken.router.SaRouter;
|
||||
import cn.dev33.satoken.stp.StpLogic;
|
||||
import cn.hutool.core.util.ObjectUtil;
|
||||
import com.ruoyi.common.helper.LoginHelper;
|
||||
import com.ruoyi.framework.config.properties.SecurityProperties;
|
||||
import lombok.RequiredArgsConstructor;
|
||||
import lombok.extern.slf4j.Slf4j;
|
||||
import org.springframework.beans.factory.annotation.Autowired;
|
||||
import org.springframework.context.annotation.Bean;
|
||||
import org.springframework.context.annotation.Configuration;
|
||||
import org.springframework.web.servlet.config.annotation.InterceptorRegistry;
|
||||
import org.springframework.web.servlet.config.annotation.WebMvcConfigurer;
|
||||
|
||||
import javax.servlet.http.HttpServletRequest;
|
||||
import javax.servlet.http.HttpServletResponse;
|
||||
|
||||
/**
|
||||
* sa-token 配置
|
||||
*
|
||||
* @author Lion Li
|
||||
*/
|
||||
@RequiredArgsConstructor
|
||||
@Slf4j
|
||||
@Configuration
|
||||
public class SaTokenConfig implements WebMvcConfigurer {
|
||||
|
||||
@Autowired
|
||||
private SecurityProperties securityProperties;
|
||||
private final SecurityProperties securityProperties;
|
||||
|
||||
/**
|
||||
* 注册sa-token的拦截器
|
||||
@@ -39,16 +44,22 @@ public class SaTokenConfig implements WebMvcConfigurer {
|
||||
// 排除下不需要拦截的
|
||||
.notMatch(securityProperties.getExcludes())
|
||||
.check(() -> {
|
||||
// 做一些访问检查
|
||||
// if (log.isDebugEnabled()) {
|
||||
// Long userId = LoginUtils.getUserId();
|
||||
// if (StringUtils.isNotNull(userId)) {
|
||||
// log.debug("剩余有效时间: {}", StpUtil.getTokenTimeout());
|
||||
// log.debug("临时有效时间: {}", StpUtil.getTokenActivityTimeout());
|
||||
// }
|
||||
// }
|
||||
Long userId = LoginHelper.getUserId();
|
||||
if (ObjectUtil.isNotNull(userId)) {
|
||||
// 有效率影响 用于临时测试
|
||||
// if (log.isDebugEnabled()) {
|
||||
// log.debug("剩余有效时间: {}", StpUtil.getTokenTimeout());
|
||||
// log.debug("临时有效时间: {}", StpUtil.getTokenActivityTimeout());
|
||||
// }
|
||||
}
|
||||
});
|
||||
})).addPathPatterns("/**");
|
||||
}) {
|
||||
@SuppressWarnings("all")
|
||||
@Override
|
||||
public void afterCompletion(HttpServletRequest request, HttpServletResponse response, Object handler, Exception ex) throws Exception {
|
||||
LoginHelper.clearCache();
|
||||
}
|
||||
}).addPathPatterns("/**");
|
||||
registry.addInterceptor(new SaAnnotationInterceptor()).addPathPatterns("/**");
|
||||
}
|
||||
|
||||
|
||||
@@ -132,7 +132,7 @@ public class SwaggerConfig {
|
||||
* 默认的安全上引用
|
||||
*/
|
||||
private List<SecurityReference> defaultAuth() {
|
||||
AuthorizationScope authorizationScope = new AuthorizationScope("global" , "accessEverything");
|
||||
AuthorizationScope authorizationScope = new AuthorizationScope("global", "accessEverything");
|
||||
AuthorizationScope[] authorizationScopes = new AuthorizationScope[1];
|
||||
authorizationScopes[0] = authorizationScope;
|
||||
List<SecurityReference> securityReferences = new ArrayList<>();
|
||||
|
||||
@@ -13,6 +13,7 @@ import org.springframework.scheduling.concurrent.ThreadPoolTaskExecutor;
|
||||
import java.util.concurrent.RejectedExecutionHandler;
|
||||
import java.util.concurrent.ScheduledExecutorService;
|
||||
import java.util.concurrent.ScheduledThreadPoolExecutor;
|
||||
import java.util.concurrent.ThreadPoolExecutor;
|
||||
|
||||
/**
|
||||
* 线程池配置
|
||||
@@ -44,7 +45,8 @@ public class ThreadPoolConfig {
|
||||
@Bean(name = "scheduledExecutorService")
|
||||
protected ScheduledExecutorService scheduledExecutorService() {
|
||||
return new ScheduledThreadPoolExecutor(threadPoolProperties.getCorePoolSize(),
|
||||
new BasicThreadFactory.Builder().namingPattern("schedule-pool-%d").daemon(true).build()) {
|
||||
new BasicThreadFactory.Builder().namingPattern("schedule-pool-%d").daemon(true).build(),
|
||||
new ThreadPoolExecutor.CallerRunsPolicy()) {
|
||||
@Override
|
||||
protected void afterExecute(Runnable r, Throwable t) {
|
||||
super.afterExecute(r, t);
|
||||
|
||||
@@ -89,26 +89,11 @@ public class RedissonProperties {
|
||||
*/
|
||||
private int retryInterval;
|
||||
|
||||
/**
|
||||
* 发布和订阅连接的最小空闲连接数
|
||||
*/
|
||||
private int subscriptionConnectionMinimumIdleSize;
|
||||
|
||||
/**
|
||||
* 发布和订阅连接池大小
|
||||
*/
|
||||
private int subscriptionConnectionPoolSize;
|
||||
|
||||
/**
|
||||
* 单个连接最大订阅数量
|
||||
*/
|
||||
private int subscriptionsPerConnection;
|
||||
|
||||
/**
|
||||
* DNS监测时间间隔,单位:毫秒
|
||||
*/
|
||||
private int dnsMonitoringInterval;
|
||||
|
||||
}
|
||||
|
||||
@Data
|
||||
@@ -165,36 +150,11 @@ public class RedissonProperties {
|
||||
*/
|
||||
private int retryInterval;
|
||||
|
||||
/**
|
||||
* 错误重试次数
|
||||
*/
|
||||
private int failedSlaveReconnectionInterval;
|
||||
|
||||
/**
|
||||
* 发布和订阅连接池最小空闲连接数
|
||||
*/
|
||||
private int subscriptionConnectionMinimumIdleSize;
|
||||
|
||||
/**
|
||||
* 发布和订阅连接池大小
|
||||
*/
|
||||
private int subscriptionConnectionPoolSize;
|
||||
|
||||
/**
|
||||
* 单个连接最大订阅数量
|
||||
*/
|
||||
private int subscriptionsPerConnection;
|
||||
|
||||
/**
|
||||
* 扫描间隔
|
||||
*/
|
||||
private int scanInterval;
|
||||
|
||||
/**
|
||||
* DNS监测时间间隔,单位:毫秒
|
||||
*/
|
||||
private int dnsMonitoringInterval;
|
||||
|
||||
/**
|
||||
* 读取模式
|
||||
*/
|
||||
|
||||
@@ -6,7 +6,7 @@ import com.baomidou.mybatisplus.core.handlers.MetaObjectHandler;
|
||||
import com.ruoyi.common.core.domain.BaseEntity;
|
||||
import com.ruoyi.common.core.domain.model.LoginUser;
|
||||
import com.ruoyi.common.exception.ServiceException;
|
||||
import com.ruoyi.common.utils.LoginUtils;
|
||||
import com.ruoyi.common.helper.LoginHelper;
|
||||
import com.ruoyi.common.utils.StringUtils;
|
||||
import lombok.extern.slf4j.Slf4j;
|
||||
import org.apache.ibatis.reflection.MetaObject;
|
||||
@@ -27,26 +27,16 @@ public class CreateAndUpdateMetaObjectHandler implements MetaObjectHandler {
|
||||
try {
|
||||
if (ObjectUtil.isNotNull(metaObject) && metaObject.getOriginalObject() instanceof BaseEntity) {
|
||||
BaseEntity baseEntity = (BaseEntity) metaObject.getOriginalObject();
|
||||
Date current = new Date();
|
||||
// 创建时间为空 则填充
|
||||
if (ObjectUtil.isNull(baseEntity.getCreateTime())) {
|
||||
baseEntity.setCreateTime(current);
|
||||
}
|
||||
// 更新时间为空 则填充
|
||||
if (ObjectUtil.isNull(baseEntity.getUpdateTime())) {
|
||||
baseEntity.setUpdateTime(current);
|
||||
}
|
||||
String username = getLoginUsername();
|
||||
Date current = ObjectUtil.isNotNull(baseEntity.getCreateTime())
|
||||
? baseEntity.getCreateTime() : new Date();
|
||||
baseEntity.setCreateTime(current);
|
||||
baseEntity.setUpdateTime(current);
|
||||
String username = StringUtils.isNotBlank(baseEntity.getCreateBy())
|
||||
? baseEntity.getCreateBy() : getLoginUsername();
|
||||
// 当前已登录 且 创建人为空 则填充
|
||||
if (StringUtils.isNotBlank(username)
|
||||
&& StringUtils.isBlank(baseEntity.getCreateBy())) {
|
||||
baseEntity.setCreateBy(username);
|
||||
}
|
||||
baseEntity.setCreateBy(username);
|
||||
// 当前已登录 且 更新人为空 则填充
|
||||
if (StringUtils.isNotBlank(username)
|
||||
&& StringUtils.isBlank(baseEntity.getUpdateBy())) {
|
||||
baseEntity.setUpdateBy(username);
|
||||
}
|
||||
baseEntity.setUpdateBy(username);
|
||||
}
|
||||
} catch (Exception e) {
|
||||
throw new ServiceException("自动注入异常 => " + e.getMessage(), HttpStatus.HTTP_UNAUTHORIZED);
|
||||
@@ -78,7 +68,7 @@ public class CreateAndUpdateMetaObjectHandler implements MetaObjectHandler {
|
||||
private String getLoginUsername() {
|
||||
LoginUser loginUser;
|
||||
try {
|
||||
loginUser = LoginUtils.getLoginUser();
|
||||
loginUser = LoginHelper.getLoginUser();
|
||||
} catch (Exception e) {
|
||||
log.warn("自动注入警告 => 用户未登录");
|
||||
return null;
|
||||
|
||||
@@ -7,13 +7,13 @@ import cn.hutool.core.util.ClassUtil;
|
||||
import cn.hutool.core.util.ObjectUtil;
|
||||
import com.ruoyi.common.annotation.DataColumn;
|
||||
import com.ruoyi.common.annotation.DataPermission;
|
||||
import com.ruoyi.common.core.domain.entity.SysRole;
|
||||
import com.ruoyi.common.core.domain.entity.SysUser;
|
||||
import com.ruoyi.common.core.service.UserService;
|
||||
import com.ruoyi.common.core.domain.dto.RoleDTO;
|
||||
import com.ruoyi.common.core.domain.model.LoginUser;
|
||||
import com.ruoyi.common.enums.DataScopeType;
|
||||
import com.ruoyi.common.exception.ServiceException;
|
||||
import com.ruoyi.common.helper.DataPermissionHelper;
|
||||
import com.ruoyi.common.utils.LoginUtils;
|
||||
import com.ruoyi.common.helper.LoginHelper;
|
||||
import com.ruoyi.common.utils.SecurityUtils;
|
||||
import com.ruoyi.common.utils.StringUtils;
|
||||
import com.ruoyi.common.utils.spring.SpringUtils;
|
||||
import lombok.extern.slf4j.Slf4j;
|
||||
@@ -74,13 +74,13 @@ public class PlusDataPermissionHandler {
|
||||
inavlidCacheSet.add(mappedStatementId);
|
||||
return where;
|
||||
}
|
||||
SysUser currentUser = DataPermissionHelper.getVariable("user");
|
||||
LoginUser currentUser = DataPermissionHelper.getVariable("user");
|
||||
if (ObjectUtil.isNull(currentUser)) {
|
||||
currentUser = SpringUtils.getBean(UserService.class).selectUserById(LoginUtils.getUserId());
|
||||
currentUser = LoginHelper.getLoginUser();
|
||||
DataPermissionHelper.setVariable("user", currentUser);
|
||||
}
|
||||
// 如果是超级管理员,则不过滤数据
|
||||
if (ObjectUtil.isNull(currentUser) || currentUser.isAdmin()) {
|
||||
if (ObjectUtil.isNull(currentUser) || SecurityUtils.isAdmin(currentUser.getUserId())) {
|
||||
return where;
|
||||
}
|
||||
String dataFilterSql = buildDataFilter(dataColumns, isSelect);
|
||||
@@ -108,11 +108,11 @@ public class PlusDataPermissionHandler {
|
||||
StringBuilder sqlString = new StringBuilder();
|
||||
// 更新或删除需满足所有条件
|
||||
String joinStr = isSelect ? " OR " : " AND ";
|
||||
SysUser user = DataPermissionHelper.getVariable("user");
|
||||
LoginUser user = DataPermissionHelper.getVariable("user");
|
||||
StandardEvaluationContext context = new StandardEvaluationContext();
|
||||
context.setBeanResolver(beanResolver);
|
||||
DataPermissionHelper.getContext().forEach(context::setVariable);
|
||||
for (SysRole role : user.getRoles()) {
|
||||
for (RoleDTO role : user.getRoles()) {
|
||||
user.setRoleId(role.getRoleId());
|
||||
// 获取角色权限泛型
|
||||
DataScopeType type = DataScopeType.findCode(role.getDataScope());
|
||||
@@ -160,13 +160,13 @@ public class PlusDataPermissionHandler {
|
||||
DataPermission dataPermission;
|
||||
// 获取方法注解
|
||||
for (Method method : methods) {
|
||||
dataPermission = dataPermissionCacheMap.get(method.getName());
|
||||
dataPermission = dataPermissionCacheMap.get(mappedStatementId);
|
||||
if (ObjectUtil.isNotNull(dataPermission)) {
|
||||
return dataPermission.value();
|
||||
}
|
||||
if (AnnotationUtil.hasAnnotation(method, DataPermission.class)) {
|
||||
dataPermission = AnnotationUtil.getAnnotation(method, DataPermission.class);
|
||||
dataPermissionCacheMap.put(method.getName(), dataPermission);
|
||||
dataPermissionCacheMap.put(mappedStatementId, dataPermission);
|
||||
return dataPermission.value();
|
||||
}
|
||||
}
|
||||
|
||||
@@ -8,55 +8,52 @@ import cn.hutool.http.useragent.UserAgent;
|
||||
import cn.hutool.http.useragent.UserAgentUtil;
|
||||
import com.ruoyi.common.constant.Constants;
|
||||
import com.ruoyi.common.core.domain.dto.UserOnlineDTO;
|
||||
import com.ruoyi.common.core.domain.entity.SysUser;
|
||||
import com.ruoyi.common.core.service.UserService;
|
||||
import com.ruoyi.common.core.domain.model.LoginUser;
|
||||
import com.ruoyi.common.enums.UserType;
|
||||
import com.ruoyi.common.utils.LoginUtils;
|
||||
import com.ruoyi.common.helper.LoginHelper;
|
||||
import com.ruoyi.common.utils.ServletUtils;
|
||||
import com.ruoyi.common.utils.StringUtils;
|
||||
import com.ruoyi.common.utils.ip.AddressUtils;
|
||||
import com.ruoyi.common.utils.redis.RedisUtils;
|
||||
import com.ruoyi.common.utils.spring.SpringUtils;
|
||||
import lombok.RequiredArgsConstructor;
|
||||
import lombok.extern.slf4j.Slf4j;
|
||||
import org.springframework.beans.factory.annotation.Autowired;
|
||||
import org.springframework.stereotype.Component;
|
||||
|
||||
import java.util.concurrent.TimeUnit;
|
||||
|
||||
/**
|
||||
* 用户行为 侦听器的实现
|
||||
*
|
||||
* @author Lion Li
|
||||
*/
|
||||
@RequiredArgsConstructor
|
||||
@Component
|
||||
@Slf4j
|
||||
public class UserActionListener implements SaTokenListener {
|
||||
|
||||
@Autowired
|
||||
private SaTokenConfig saTokenConfig;
|
||||
private final SaTokenConfig tokenConfig;
|
||||
|
||||
/**
|
||||
* 每次登录时触发
|
||||
*/
|
||||
@Override
|
||||
public void doLogin(String loginType, Object loginId, SaLoginModel loginModel) {
|
||||
UserType userType = LoginUtils.getUserType(loginId);
|
||||
UserType userType = UserType.getUserType(loginId.toString());
|
||||
if (userType == UserType.SYS_USER) {
|
||||
UserAgent userAgent = UserAgentUtil.parse(ServletUtils.getRequest().getHeader("User-Agent"));
|
||||
String ip = ServletUtils.getClientIP();
|
||||
SysUser user = SpringUtils.getBean(UserService.class).selectUserById(LoginUtils.getUserId());
|
||||
LoginUser user = LoginHelper.getLoginUser();
|
||||
String tokenValue = StpUtil.getTokenValue();
|
||||
UserOnlineDTO userOnlineDTO = new UserOnlineDTO()
|
||||
.setIpaddr(ip)
|
||||
.setLoginLocation(AddressUtils.getRealAddressByIP(ip))
|
||||
.setBrowser(userAgent.getBrowser().getName())
|
||||
.setOs(userAgent.getOs().getName())
|
||||
.setLoginTime(System.currentTimeMillis())
|
||||
.setTokenId(tokenValue)
|
||||
.setUserName(user.getUserName());
|
||||
if (StringUtils.isNotNull(user.getDept())) {
|
||||
userOnlineDTO.setDeptName(user.getDept().getDeptName());
|
||||
}
|
||||
RedisUtils.setCacheObject(Constants.ONLINE_TOKEN_KEY + tokenValue, userOnlineDTO, saTokenConfig.getTimeout(), TimeUnit.SECONDS);
|
||||
log.info("user doLogin, useId:{}, token:{}" , loginId, tokenValue);
|
||||
UserOnlineDTO dto = new UserOnlineDTO();
|
||||
dto.setIpaddr(ip);
|
||||
dto.setLoginLocation(AddressUtils.getRealAddressByIP(ip));
|
||||
dto.setBrowser(userAgent.getBrowser().getName());
|
||||
dto.setOs(userAgent.getOs().getName());
|
||||
dto.setLoginTime(System.currentTimeMillis());
|
||||
dto.setTokenId(tokenValue);
|
||||
dto.setUserName(user.getUsername());
|
||||
dto.setDeptName(user.getDeptName());
|
||||
RedisUtils.setCacheObject(Constants.ONLINE_TOKEN_KEY + tokenValue, dto, tokenConfig.getTimeout(), TimeUnit.SECONDS);
|
||||
log.info("user doLogin, useId:{}, token:{}", loginId, tokenValue);
|
||||
} else if (userType == UserType.APP_USER) {
|
||||
// app端 自行根据业务编写
|
||||
}
|
||||
@@ -68,7 +65,7 @@ public class UserActionListener implements SaTokenListener {
|
||||
@Override
|
||||
public void doLogout(String loginType, Object loginId, String tokenValue) {
|
||||
RedisUtils.deleteObject(Constants.ONLINE_TOKEN_KEY + tokenValue);
|
||||
log.info("user doLogout, useId:{}, token:{}" , loginId, tokenValue);
|
||||
log.info("user doLogout, useId:{}, token:{}", loginId, tokenValue);
|
||||
}
|
||||
|
||||
/**
|
||||
@@ -77,7 +74,7 @@ public class UserActionListener implements SaTokenListener {
|
||||
@Override
|
||||
public void doKickout(String loginType, Object loginId, String tokenValue) {
|
||||
RedisUtils.deleteObject(Constants.ONLINE_TOKEN_KEY + tokenValue);
|
||||
log.info("user doLogoutByLoginId, useId:{}, token:{}" , loginId, tokenValue);
|
||||
log.info("user doLogoutByLoginId, useId:{}, token:{}", loginId, tokenValue);
|
||||
}
|
||||
|
||||
/**
|
||||
@@ -86,7 +83,7 @@ public class UserActionListener implements SaTokenListener {
|
||||
@Override
|
||||
public void doReplaced(String loginType, Object loginId, String tokenValue) {
|
||||
RedisUtils.deleteObject(Constants.ONLINE_TOKEN_KEY + tokenValue);
|
||||
log.info("user doReplaced, useId:{}, token:{}" , loginId, tokenValue);
|
||||
log.info("user doReplaced, useId:{}, token:{}", loginId, tokenValue);
|
||||
}
|
||||
|
||||
/**
|
||||
|
||||
@@ -31,11 +31,11 @@ public class PlusSaTokenDao implements SaTokenDao {
|
||||
*/
|
||||
@Override
|
||||
public void set(String key, String value, long timeout) {
|
||||
if(timeout == 0 || timeout <= SaTokenDao.NOT_VALUE_EXPIRE) {
|
||||
if (timeout == 0 || timeout <= SaTokenDao.NOT_VALUE_EXPIRE) {
|
||||
return;
|
||||
}
|
||||
// 判断是否为永不过期
|
||||
if(timeout == SaTokenDao.NEVER_EXPIRE) {
|
||||
if (timeout == SaTokenDao.NEVER_EXPIRE) {
|
||||
RedisUtils.setCacheObject(key, value);
|
||||
} else {
|
||||
RedisUtils.setCacheObject(key, value, timeout, TimeUnit.SECONDS);
|
||||
@@ -49,7 +49,7 @@ public class PlusSaTokenDao implements SaTokenDao {
|
||||
public void update(String key, String value) {
|
||||
long expire = getTimeout(key);
|
||||
// -2 = 无此键
|
||||
if(expire == SaTokenDao.NOT_VALUE_EXPIRE) {
|
||||
if (expire == SaTokenDao.NOT_VALUE_EXPIRE) {
|
||||
return;
|
||||
}
|
||||
this.set(key, value, expire);
|
||||
@@ -77,9 +77,9 @@ public class PlusSaTokenDao implements SaTokenDao {
|
||||
@Override
|
||||
public void updateTimeout(String key, long timeout) {
|
||||
// 判断是否想要设置为永久
|
||||
if(timeout == SaTokenDao.NEVER_EXPIRE) {
|
||||
if (timeout == SaTokenDao.NEVER_EXPIRE) {
|
||||
long expire = getTimeout(key);
|
||||
if(expire == SaTokenDao.NEVER_EXPIRE) {
|
||||
if (expire == SaTokenDao.NEVER_EXPIRE) {
|
||||
// 如果其已经被设置为永久,则不作任何处理
|
||||
} else {
|
||||
// 如果尚未被设置为永久,那么再次set一次
|
||||
@@ -91,7 +91,6 @@ public class PlusSaTokenDao implements SaTokenDao {
|
||||
}
|
||||
|
||||
|
||||
|
||||
/**
|
||||
* 获取Object,如无返空
|
||||
*/
|
||||
@@ -105,11 +104,11 @@ public class PlusSaTokenDao implements SaTokenDao {
|
||||
*/
|
||||
@Override
|
||||
public void setObject(String key, Object object, long timeout) {
|
||||
if(timeout == 0 || timeout <= SaTokenDao.NOT_VALUE_EXPIRE) {
|
||||
if (timeout == 0 || timeout <= SaTokenDao.NOT_VALUE_EXPIRE) {
|
||||
return;
|
||||
}
|
||||
// 判断是否为永不过期
|
||||
if(timeout == SaTokenDao.NEVER_EXPIRE) {
|
||||
if (timeout == SaTokenDao.NEVER_EXPIRE) {
|
||||
RedisUtils.setCacheObject(key, object);
|
||||
} else {
|
||||
RedisUtils.setCacheObject(key, object, timeout, TimeUnit.SECONDS);
|
||||
@@ -123,7 +122,7 @@ public class PlusSaTokenDao implements SaTokenDao {
|
||||
public void updateObject(String key, Object object) {
|
||||
long expire = getObjectTimeout(key);
|
||||
// -2 = 无此键
|
||||
if(expire == SaTokenDao.NOT_VALUE_EXPIRE) {
|
||||
if (expire == SaTokenDao.NOT_VALUE_EXPIRE) {
|
||||
return;
|
||||
}
|
||||
this.setObject(key, object, expire);
|
||||
@@ -151,9 +150,9 @@ public class PlusSaTokenDao implements SaTokenDao {
|
||||
@Override
|
||||
public void updateObjectTimeout(String key, long timeout) {
|
||||
// 判断是否想要设置为永久
|
||||
if(timeout == SaTokenDao.NEVER_EXPIRE) {
|
||||
if (timeout == SaTokenDao.NEVER_EXPIRE) {
|
||||
long expire = getObjectTimeout(key);
|
||||
if(expire == SaTokenDao.NEVER_EXPIRE) {
|
||||
if (expire == SaTokenDao.NEVER_EXPIRE) {
|
||||
// 如果其已经被设置为永久,则不作任何处理
|
||||
} else {
|
||||
// 如果尚未被设置为永久,那么再次set一次
|
||||
|
||||
@@ -3,7 +3,7 @@ package com.ruoyi.framework.satoken.service;
|
||||
import cn.dev33.satoken.stp.StpInterface;
|
||||
import com.ruoyi.common.core.domain.model.LoginUser;
|
||||
import com.ruoyi.common.enums.UserType;
|
||||
import com.ruoyi.common.utils.LoginUtils;
|
||||
import com.ruoyi.common.helper.LoginHelper;
|
||||
import org.springframework.stereotype.Component;
|
||||
|
||||
import java.util.ArrayList;
|
||||
@@ -14,9 +14,9 @@ public class SaInterfaceImpl implements StpInterface {
|
||||
|
||||
@Override
|
||||
public List<String> getPermissionList(Object loginId, String loginType) {
|
||||
UserType userType = LoginUtils.getUserType(loginId);
|
||||
LoginUser loginUser = LoginHelper.getLoginUser();
|
||||
UserType userType = UserType.getUserType(loginUser.getUserType());
|
||||
if (userType == UserType.SYS_USER) {
|
||||
LoginUser loginUser = LoginUtils.getLoginUser();
|
||||
return new ArrayList<>(loginUser.getMenuPermission());
|
||||
} else if (userType == UserType.APP_USER) {
|
||||
// app端权限返回 自行根据业务编写
|
||||
@@ -26,9 +26,9 @@ public class SaInterfaceImpl implements StpInterface {
|
||||
|
||||
@Override
|
||||
public List<String> getRoleList(Object loginId, String loginType) {
|
||||
UserType userType = LoginUtils.getUserType(loginId);
|
||||
LoginUser loginUser = LoginHelper.getLoginUser();
|
||||
UserType userType = UserType.getUserType(loginUser.getUserType());
|
||||
if (userType == UserType.SYS_USER) {
|
||||
LoginUser loginUser = LoginUtils.getLoginUser();
|
||||
return new ArrayList<>(loginUser.getRolePermission());
|
||||
} else if (userType == UserType.APP_USER) {
|
||||
// app端权限返回 自行根据业务编写
|
||||
|
||||
@@ -3,11 +3,11 @@ package com.ruoyi.framework.web.exception;
|
||||
import cn.dev33.satoken.exception.NotLoginException;
|
||||
import cn.dev33.satoken.exception.NotPermissionException;
|
||||
import cn.dev33.satoken.exception.NotRoleException;
|
||||
import cn.hutool.core.util.ObjectUtil;
|
||||
import cn.hutool.http.HttpStatus;
|
||||
import com.ruoyi.common.core.domain.AjaxResult;
|
||||
import com.ruoyi.common.core.domain.R;
|
||||
import com.ruoyi.common.exception.DemoModeException;
|
||||
import com.ruoyi.common.exception.ServiceException;
|
||||
import com.ruoyi.common.utils.StringUtils;
|
||||
import lombok.extern.slf4j.Slf4j;
|
||||
import org.springframework.context.support.DefaultMessageSourceResolvable;
|
||||
import org.springframework.validation.BindException;
|
||||
@@ -31,115 +31,115 @@ import java.util.stream.Collectors;
|
||||
public class GlobalExceptionHandler {
|
||||
|
||||
/**
|
||||
* 权限校验异常
|
||||
* 权限码异常
|
||||
*/
|
||||
@ExceptionHandler(NotPermissionException.class)
|
||||
public AjaxResult<Void> handleAccessDeniedException(NotPermissionException e, HttpServletRequest request) {
|
||||
public R<Void> handleNotPermissionException(NotPermissionException e, HttpServletRequest request) {
|
||||
String requestURI = request.getRequestURI();
|
||||
log.error("请求地址'{}',权限校验失败'{}'", requestURI, e.getMessage());
|
||||
return AjaxResult.error(HttpStatus.HTTP_FORBIDDEN, "没有权限,请联系管理员授权");
|
||||
log.error("请求地址'{}',权限码校验失败'{}'", requestURI, e.getMessage());
|
||||
return R.fail(HttpStatus.HTTP_FORBIDDEN, "没有访问权限,请联系管理员授权");
|
||||
}
|
||||
|
||||
/**
|
||||
* 角色校验异常
|
||||
* 角色权限异常
|
||||
*/
|
||||
@ExceptionHandler(NotRoleException.class)
|
||||
public AjaxResult<Void> handleAccessDeniedException(NotRoleException e, HttpServletRequest request) {
|
||||
public R<Void> handleNotRoleException(NotRoleException e, HttpServletRequest request) {
|
||||
String requestURI = request.getRequestURI();
|
||||
log.error("请求地址'{}',角色校验失败'{}'", requestURI, e.getMessage());
|
||||
return AjaxResult.error(HttpStatus.HTTP_FORBIDDEN, "没有角色,请联系管理员授权");
|
||||
log.error("请求地址'{}',角色权限校验失败'{}'", requestURI, e.getMessage());
|
||||
return R.fail(HttpStatus.HTTP_FORBIDDEN, "没有访问权限,请联系管理员授权");
|
||||
}
|
||||
|
||||
/**
|
||||
* 认证失败
|
||||
*/
|
||||
@ExceptionHandler(NotLoginException.class)
|
||||
public AjaxResult<Void> handleAccessDeniedException(NotLoginException e, HttpServletRequest request) {
|
||||
public R<Void> handleNotLoginException(NotLoginException e, HttpServletRequest request) {
|
||||
String requestURI = request.getRequestURI();
|
||||
log.error("请求地址'{}',认证失败'{}',无法访问系统资源", requestURI, e.getMessage());
|
||||
return AjaxResult.error(HttpStatus.HTTP_UNAUTHORIZED, StringUtils.format("请求地址'{}',认证失败'{}',无法访问系统资源", requestURI));
|
||||
return R.fail(HttpStatus.HTTP_UNAUTHORIZED, "认证失败,无法访问系统资源");
|
||||
}
|
||||
|
||||
/**
|
||||
* 请求方式不支持
|
||||
*/
|
||||
@ExceptionHandler(HttpRequestMethodNotSupportedException.class)
|
||||
public AjaxResult<Void> handleHttpRequestMethodNotSupported(HttpRequestMethodNotSupportedException e,
|
||||
public R<Void> handleHttpRequestMethodNotSupported(HttpRequestMethodNotSupportedException e,
|
||||
HttpServletRequest request) {
|
||||
String requestURI = request.getRequestURI();
|
||||
log.error("请求地址'{}',不支持'{}'请求", requestURI, e.getMethod());
|
||||
return AjaxResult.error(e.getMessage());
|
||||
return R.fail(e.getMessage());
|
||||
}
|
||||
|
||||
/**
|
||||
* 业务异常
|
||||
*/
|
||||
@ExceptionHandler(ServiceException.class)
|
||||
public AjaxResult<Void> handleServiceException(ServiceException e, HttpServletRequest request) {
|
||||
public R<Void> handleServiceException(ServiceException e, HttpServletRequest request) {
|
||||
log.error(e.getMessage(), e);
|
||||
Integer code = e.getCode();
|
||||
return StringUtils.isNotNull(code) ? AjaxResult.error(code, e.getMessage()) : AjaxResult.error(e.getMessage());
|
||||
return ObjectUtil.isNotNull(code) ? R.fail(code.intValue(), e.getMessage()) : R.fail(e.getMessage());
|
||||
}
|
||||
|
||||
/**
|
||||
* 拦截未知的运行时异常
|
||||
*/
|
||||
@ExceptionHandler(RuntimeException.class)
|
||||
public AjaxResult<Void> handleRuntimeException(RuntimeException e, HttpServletRequest request) {
|
||||
public R<Void> handleRuntimeException(RuntimeException e, HttpServletRequest request) {
|
||||
String requestURI = request.getRequestURI();
|
||||
log.error("请求地址'{}',发生未知异常.", requestURI, e);
|
||||
return AjaxResult.error(e.getMessage());
|
||||
return R.fail(e.getMessage());
|
||||
}
|
||||
|
||||
/**
|
||||
* 系统异常
|
||||
*/
|
||||
@ExceptionHandler(Exception.class)
|
||||
public AjaxResult<Void> handleException(Exception e, HttpServletRequest request) {
|
||||
public R<Void> handleException(Exception e, HttpServletRequest request) {
|
||||
String requestURI = request.getRequestURI();
|
||||
log.error("请求地址'{}',发生系统异常.", requestURI, e);
|
||||
return AjaxResult.error(e.getMessage());
|
||||
return R.fail(e.getMessage());
|
||||
}
|
||||
|
||||
/**
|
||||
* 自定义验证异常
|
||||
*/
|
||||
@ExceptionHandler(BindException.class)
|
||||
public AjaxResult<Void> handleBindException(BindException e) {
|
||||
public R<Void> handleBindException(BindException e) {
|
||||
log.error(e.getMessage(), e);
|
||||
String message = e.getAllErrors().stream()
|
||||
.map(DefaultMessageSourceResolvable::getDefaultMessage)
|
||||
.collect(Collectors.joining(", "));
|
||||
return AjaxResult.error(message);
|
||||
return R.fail(message);
|
||||
}
|
||||
|
||||
/**
|
||||
* 自定义验证异常
|
||||
*/
|
||||
@ExceptionHandler(ConstraintViolationException.class)
|
||||
public AjaxResult<Void> constraintViolationException(ConstraintViolationException e) {
|
||||
public R<Void> constraintViolationException(ConstraintViolationException e) {
|
||||
log.error(e.getMessage(), e);
|
||||
String message = e.getConstraintViolations().stream()
|
||||
.map(ConstraintViolation::getMessage)
|
||||
.collect(Collectors.joining(", "));
|
||||
return AjaxResult.error(message);
|
||||
return R.fail(message);
|
||||
}
|
||||
|
||||
/**
|
||||
* 自定义验证异常
|
||||
*/
|
||||
@ExceptionHandler(MethodArgumentNotValidException.class)
|
||||
public AjaxResult<Void> handleMethodArgumentNotValidException(MethodArgumentNotValidException e) {
|
||||
public R<Void> handleMethodArgumentNotValidException(MethodArgumentNotValidException e) {
|
||||
log.error(e.getMessage(), e);
|
||||
String message = e.getBindingResult().getFieldError().getDefaultMessage();
|
||||
return AjaxResult.error(message);
|
||||
return R.fail(message);
|
||||
}
|
||||
|
||||
/**
|
||||
* 演示模式异常
|
||||
*/
|
||||
@ExceptionHandler(DemoModeException.class)
|
||||
public AjaxResult<Void> handleDemoModeException(DemoModeException e) {
|
||||
return AjaxResult.error("演示模式,不允许操作");
|
||||
public R<Void> handleDemoModeException(DemoModeException e) {
|
||||
return R.fail("演示模式,不允许操作");
|
||||
}
|
||||
}
|
||||
|
||||
Reference in New Issue
Block a user