Example 1 with NaviMap
use of app.hongs.action.NaviMap in project HongsCORE by ihongs.
the class Form method filter.
@Override
protected void filter(FetchCase caze, Map rd) throws HongsException {
super.filter(caze, rd);
// 超级管理员不做限制
ActionHelper helper = Core.getInstance(ActionHelper.class);
String uid = (String) helper.getSessibute(Cnst.UID_SES);
if (Cnst.ADM_UID.equals(uid)) {
return;
}
String mm = caze.getOption("MODEL_START", "");
if ("getList".equals(mm) || "getInfo".equals(mm)) {
mm = "/search";
} else if ("update".equals(mm) || "delete".equals(mm)) {
mm = "/" + mm;
} else {
// 非常规动作不限制
return;
}
// 从权限串中取表单ID
NaviMap nm = NaviMap.getInstance(prefix);
String pm = prefix + "/";
Set<String> ra = nm.getRoleSet();
Set<String> rs = new HashSet();
for (String rn : ra) {
if (rn.startsWith(pm) && rn.endsWith(mm)) {
rs.add(rn.substring(pm.length(), rn.length() - mm.length()));
}
}
// 限制为有权限的表单
caze.filter("`" + table.name + "`.`id` IN (?)", rs);
}
Also used :
ActionHelper(app.hongs.action.ActionHelper)
NaviMap(app.hongs.action.NaviMap)
HashSet(java.util.HashSet)
Example 2 with NaviMap
use of app.hongs.action.NaviMap in project HongsCORE by ihongs.
the class PermitInvoker method invoke.
@Override
public void invoke(ActionHelper helper, ActionRunner chains, Annotation anno) throws HongsException {
Permit ann = (Permit) anno;
String conf = ann.conf();
String[] role = ann.role();
/**
* 很多对外动作并不需要做复杂的权限校验
* 仅需判断用户是否登录即可
* conf 为 $ 时仅查会话状态
* 此时 role 解释为登录区域
* 空串 role 表示可在匿名区
*/
if (conf.startsWith("$")) {
conf = conf.substring(1);
if (conf.length() == 0) {
conf = Cnst.SAE_SES;
}
Object uid = helper.getSessibute(Cnst.UID_SES);
if (uid == null || "".equals(uid)) {
throw new HongsException(0x1101);
}
if (role.length != 0) {
Set usl = (Set) helper.getSessibute(conf);
Set rol = new HashSet(Arrays.asList(role));
if (usl == null || !usl.isEmpty()) {
if (!rol.contains("")) {
throw new HongsException(0x1102);
}
} else {
if (!rol.retainAll(usl)) {
throw new HongsException(0x1102);
}
}
}
chains.doAction();
return;
}
// 识别路径
if (conf.length() == 0) {
String form;
form = chains.getEntity();
conf = chains.getModule();
// 照顾 Module Action 的配置规则
if (NaviMap.hasConfFile(conf + "/" + form)) {
conf = conf + "/" + form;
}
}
NaviMap map = NaviMap.getInstance(conf);
boolean was = map.getAuthSet() != null;
boolean has = false;
if (!was) {
throw new HongsException(0x1101);
}
if (role == null || role.length == 0) {
has = map.chkAuth(chains.getAction());
} else {
for (String rale : role) {
if (map.chkRole(rale)) {
has = true;
break;
}
}
}
if (!has) {
throw new HongsException(0x1103);
}
chains.doAction();
}
Also used :
HashSet(java.util.HashSet)
Set(java.util.Set)
HongsException(app.hongs.HongsException)
NaviMap(app.hongs.action.NaviMap)
HashSet(java.util.HashSet)
Example 3 with NaviMap
use of app.hongs.action.NaviMap in project HongsCORE by ihongs.
the class AuthAction method service.
/**
* 服务方法
* 判断配置和消息有没有生成, 如果没有则生成; 消息按客户语言存放
* @param req
* @param rsp
* @throws java.io.IOException
* @throws javax.servlet.ServletException
*/
@Override
public void service(HttpServletRequest req, HttpServletResponse rsp) throws ServletException, IOException {
// 受是否登录、不同用户等影响, 权限经常变化,必须禁止缓存
rsp.setHeader("Expires", "0");
rsp.addHeader("Pragma", "no-cache");
rsp.setHeader("Cache-Control", "no-cache");
Core core = ActionDriver.getActualCore(req);
ActionHelper helper = core.get(ActionHelper.class);
String name = req.getPathInfo();
if (name == null || name.length() == 0) {
helper.error400("Path info required");
return;
}
int p = name.lastIndexOf('.');
if (p < 0) {
helper.error400("File type required");
return;
}
String type = name.substring(1 + p);
name = name.substring(1, p);
if (!"js".equals(type) && !"json".equals(type)) {
helper.error400("Wrong file type: " + type);
return;
}
String s;
try {
NaviMap sitemap = NaviMap.getInstance(name);
Set<String> authset = sitemap.getAuthSet();
// 没有设置 rsname 的不公开
if (null == sitemap.session) {
helper.error404("Auth data for '" + name + "' is not open to the public");
return;
}
Map<String, Boolean> datamap = new HashMap();
if (null == authset)
authset = new HashSet();
for (String act : sitemap.actions) {
datamap.put(act, authset.contains(act));
}
s = Data.toString(datamap);
} catch (HongsException | HongsExpedient | HongsError ex) {
if (ex.getErrno() == 0x10e0) {
helper.error404(ex.getMessage());
} else {
helper.error500(ex.getMessage());
}
return;
}
// 输出权限信息
if ("json".equals(type)) {
helper.print(s, "application/json");
} else {
String c = req.getParameter("callback");
if (c != null && c.length() != 0) {
if (!c.matches("^[a-zA-Z_\\$][a-zA-Z0-9_]*$")) {
helper.error400("Illegal callback function name!");
return;
}
helper.print("function " + c + "() { return " + s + "; }", "text/javascript");
} else {
helper.print("if(!self.HsAUTH)self.HsAUTH={};Object.assign(self.HsAUTH," + s + ");", "text/javascript");
}
}
}
Also used :
HongsError(app.hongs.HongsError)
HashMap(java.util.HashMap)
HongsExpedient(app.hongs.HongsExpedient)
NaviMap(app.hongs.action.NaviMap)
HongsException(app.hongs.HongsException)
ActionHelper(app.hongs.action.ActionHelper)
Core(app.hongs.Core)
HashSet(java.util.HashSet)
Example 4 with NaviMap
use of app.hongs.action.NaviMap in project HongsCORE by ihongs.
the class MenuAction method menu.
@Action("__main__")
public void menu(ActionHelper helper) throws HongsException {
// 配置名称
String m = helper.getParameter("m");
// 活动区域
String n = helper.getParameter("n");
// 附加标识
String x = helper.getParameter("x");
String u = MENU_ACT_URI;
if (m == null || "".equals(m)) {
m = "default";
}
u += "?m=" + m;
if (n != null) {
u += "&n=" + n;
}
if (x != null) {
u += "&x=" + x;
}
// 检查是否有可以进入的下级菜单
NaviMap site = NaviMap.getInstance(m);
if (site.chkMenu(u)) {
String href;
Map<String, Map> menu = site.getMenu(u);
if (menu != null) {
menu = menu.get("menus");
if (menu != null) {
href = getRedirect(site, menu);
if (href != null) {
helper.redirect(Core.BASE_HREF + "/" + href);
return;
}
}
}
}
// 没有权限则跳到指定目录或首页
if (n == null) {
if (!"default".equals(m)) {
n = m;
} else {
n = "";
}
}
helper.redirect(Core.BASE_HREF + "/" + n);
}Example 5 with NaviMap
use of app.hongs.action.NaviMap in project HongsCORE by ihongs.
the class Unit method filter.
@Override
protected void filter(FetchCase caze, Map rd) throws HongsException {
super.filter(caze, rd);
// 超级管理员不做限制
ActionHelper helper = Core.getInstance(ActionHelper.class);
String uid = (String) helper.getSessibute(Cnst.UID_SES);
if (Cnst.ADM_UID.equals(uid)) {
return;
}
String mm = caze.getOption("MODEL_START", "");
if ("getList".equals(mm) || "getInfo".equals(mm)) {
// mm = "/search";
} else if ("update".equals(mm) || "delete".equals(mm)) {
// mm = "/" + mm ;
} else {
// 非常规动作不限制
return;
}
// 从导航表中取单元ID
NaviMap navi = NaviMap.getInstance(prefix);
Map<String, Map> ms = navi.menus;
Set<String> rs = navi.getRoleSet();
Set<String> us = /**/
new HashSet();
getSubUnits(ms, rs, us);
// 限制为有权限的单元
caze.filter("`" + table.name + "`.`id` IN (?)", us);
}
Also used :
ActionHelper(app.hongs.action.ActionHelper)
NaviMap(app.hongs.action.NaviMap)
Map(java.util.Map)
NaviMap(app.hongs.action.NaviMap)
HashSet(java.util.HashSet)
Aggregations
NaviMap (app.hongs.action.NaviMap)8
HashSet (java.util.HashSet)4
HongsException (app.hongs.HongsException)3
ActionHelper (app.hongs.action.ActionHelper)3
HashMap (java.util.HashMap)3
Map (java.util.Map)3
Core (app.hongs.Core)1
HongsError (app.hongs.HongsError)1
HongsExpedient (app.hongs.HongsExpedient)1
Action (app.hongs.action.anno.Action)1
Set (java.util.Set)1
JspException (javax.servlet.jsp.JspException)1
