use of com.github.liuweijw.commons.base.R in project fw-cloud-framework by liuweijw.
the class AuthorizationInterceptor method preHandle.
@Override
public boolean preHandle(HttpServletRequest request, HttpServletResponse response, Object handler) throws Exception {
if (!permissionConfiguration.isEnabled())
return true;
if (!handler.getClass().isAssignableFrom(HandlerMethod.class))
return true;
final HandlerMethod handlerMethod = (HandlerMethod) handler;
final Method method = handlerMethod.getMethod();
final Class<?> clazz = method.getDeclaringClass();
String requestURI = request.getRequestURI();
String modulePermission = "";
// 为了规范,如果class上面没有设置@PrePermissions则不通过
if (!clazz.isAnnotationPresent(PrePermissions.class)) {
log.error("请求[" + requestURI + "]模块上未设置权限,请设置注解@PrePermissions权限!");
R<Boolean> responseWithR = new R<Boolean>().failure("请求[" + requestURI + "]模块上未设置权限,请设置注解@PrePermissions权限!").data(false);
this.handleWithResponse(response, responseWithR);
return false;
}
PrePermissions clazzPermissions = clazz.getAnnotation(PrePermissions.class);
if (!clazzPermissions.required())
return true;
modulePermission = clazzPermissions.value()[0];
// 为了规范:方法上没设置权限的请求则不通过
if (!method.isAnnotationPresent(PrePermissions.class)) {
log.error("请求[" + requestURI + "]方法上未设置权限,请设置注解@PrePermissions权限!");
R<Boolean> responseWithR = new R<Boolean>().failure("请求[" + requestURI + "]方法上未设置权限,请设置注解@PrePermissions权限!").data(false);
this.handleWithResponse(response, responseWithR);
return false;
}
PrePermissions prePermissions = method.getAnnotation(PrePermissions.class);
String[] permissions = prePermissions.value();
if (null == permissions || permissions.length == 0) {
log.error("请求[" + requestURI + "]方法上未正确设置权限,请设置注解@PrePermissions权限!");
R<Boolean> responseWithR = new R<Boolean>().failure("请求[" + requestURI + "]方法上未正确设置权限,请设置注解@PrePermissions权限!").data(false);
this.handleWithResponse(response, responseWithR);
return false;
}
// 验证是否有功能权限
List<String> roleList = JwtUtil.getRole(request, jwtConfiguration.getJwtkey());
if (null == roleList || roleList.size() == 0) {
R<Boolean> responseWithR = new R<Boolean>().failure("请求[" + requestURI + "]权限验证失败!").data(false);
this.handleWithResponse(response, responseWithR);
return false;
}
// 所以角色权限集合
Set<String> menuPermissions = new HashSet<String>();
for (String roleCode : roleList) {
menuPermissions.addAll(this.permissionService.findMenuPermissions(roleCode));
}
if (null == menuPermissions || menuPermissions.size() == 0) {
R<Boolean> responseWithR = new R<Boolean>().failure("请求[" + requestURI + "]权限未配置!").data(false);
this.handleWithResponse(response, responseWithR);
return false;
}
for (String permission : permissions) {
String valiatePermission = modulePermission + permission;
log.info("请求[" + requestURI + "],permission:[" + valiatePermission + "]");
// 验证permission是否有功能权限
if (!menuPermissions.contains(valiatePermission)) {
log.info("请求[" + requestURI + "]权限[" + valiatePermission + "]未配置!");
R<Boolean> responseWithR = new R<Boolean>().failure("请求[" + requestURI + "]权限[" + valiatePermission + "]未配置!").data(false);
this.handleWithResponse(response, responseWithR);
return false;
}
}
return true;
}
use of com.github.liuweijw.commons.base.R in project fw-cloud-framework by liuweijw.
the class DeptController method upd.
@ApiOperation(value = "修改", notes = "部门信息")
@ApiImplicitParam(name = "dept", value = "", required = true, dataType = "Dept")
@RequestMapping(value = "/upd", method = RequestMethod.POST)
@PrePermissions(value = Functional.UPD)
public R<Boolean> upd(HttpServletRequest request, @RequestBody Dept dept) {
if (null == dept)
return new R<Boolean>().failure("部门信息不能为空");
if (null == dept.getDeptId())
return new R<Boolean>().failure("部门信息不存在");
if (StringHelper.isBlank(dept.getDeptName()))
return new R<Boolean>().failure("部门名称不能为空");
Dept dbDept = deptService.findById(dept.getDeptId());
if (null == dbDept)
return new R<Boolean>().failure("部门不存在");
dbDept.setUpdateTime(new Date());
dbDept.setStatu(dept.getStatu());
dbDept.setDeptName(dept.getDeptName());
dbDept.setPos(null != dept.getPos() ? dept.getPos() : dbDept.getPos());
Dept exDept = deptService.saveOrUpdate(dbDept);
return new R<Boolean>().data(null != exDept);
}
use of com.github.liuweijw.commons.base.R in project fw-cloud-framework by liuweijw.
the class DeptController method add.
@ApiOperation(value = "新增", notes = "部门信息")
@ApiImplicitParam(name = "dept", value = "", required = true, dataType = "Dept")
@RequestMapping(value = "/add", method = RequestMethod.POST)
@PrePermissions(value = Functional.ADD)
public R<Boolean> add(HttpServletRequest request, @RequestBody Dept dept) {
if (null == dept)
return new R<Boolean>().failure("部门信息不能为空");
if (null == dept.getPid() || dept.getPid() < 0)
return new R<Boolean>().failure("上级部门不能为空");
if (StringHelper.isBlank(dept.getDeptName()))
return new R<Boolean>().failure("部门名称不能为空");
dept.setDeptId(null);
dept.setPos(null != dept.getPos() ? dept.getPos() : 0);
dept.setCreateTime(new Date());
dept.setUpdateTime(new Date());
dept.setStatu(0);
Dept dbDept = deptService.saveOrUpdate(dept);
return new R<Boolean>().data(null != dbDept);
}
use of com.github.liuweijw.commons.base.R in project fw-cloud-framework by liuweijw.
the class RoleController method upd.
@ApiOperation(value = "修改", notes = "角色", produces = "application/json")
@ApiImplicitParam(name = "role", value = "", required = true, dataType = "Dict")
@RequestMapping(value = "/upd", method = RequestMethod.POST)
@PrePermissions(value = Functional.UPD)
public R<Boolean> upd(HttpServletRequest request, @RequestBody Role role) {
if (null == role || null == role.getRoleId() || role.getRoleId() <= 0)
return new R<Boolean>().failure("角色信息为空");
role.setUpdateTime(new Date());
if (null == role.getDeptId())
return new R<Boolean>().failure("请选择角色所属部门");
Role updateObj = roleService.saveRoleAndDept(role);
return new R<Boolean>().data(null != updateObj);
}
use of com.github.liuweijw.commons.base.R in project fw-cloud-framework by liuweijw.
the class PaySendRedpackController method validateSendRedpackReqParams.
private R<Boolean> validateSendRedpackReqParams(PaySendRedpackReqBean sendRedpackReqBean, PaySendRedpack paySendRedpack, WxPaySendRedpackRequestBuilder wxPaySendRedpackRequestBuilder) {
if (null == sendRedpackReqBean)
return new R<Boolean>().data(false).failure("请求[/pay/order/sendRedpack]参数不能为空!");
// 是否是发放普通
boolean isCommonRedPack = sendRedpackReqBean.getRedPackType().intValue() == 0;
String preFix = isCommonRedPack ? "【发放普通红包】" : "【发放裂变红包】";
// 商户id
String mchId = sendRedpackReqBean.getMchId();
if (StringHelper.isBlank(mchId))
return new R<Boolean>().data(false).failure(preFix + "商户ID不存在!");
// 商户订单号
String mchOrderNo = sendRedpackReqBean.getMchOrderNo();
if (StringHelper.isBlank(mchOrderNo))
return new R<Boolean>().data(false).failure(preFix + "商户订单号不存在!");
// 渠道ID
String channelId = sendRedpackReqBean.getChannelId();
if (StringHelper.isBlank(channelId))
return new R<Boolean>().data(false).failure(preFix + "渠道ID不存在!");
// 红包发放总金额(单位分)
Integer amount = sendRedpackReqBean.getTotalAmount();
if (null == amount || amount <= 0)
return new R<Boolean>().data(false).failure(preFix + "红包发放总金额(单位分)不正确!");
if (amount < 100 || amount > 20000)
return new R<Boolean>().data(false).failure(preFix + "每个红包的平均金额必须在1.00元到200.00元之间!");
// 红包发放总人数
Integer totalNum = sendRedpackReqBean.getTotalNum();
if (null == totalNum || totalNum <= 0)
return new R<Boolean>().data(false).failure(preFix + "红包发放总人数设置不正确!");
// 红包祝福语
String wishing = sendRedpackReqBean.getWishing();
if (StringHelper.isBlank(wishing))
return new R<Boolean>().data(false).failure(preFix + "红包祝福语未设置!");
// ip
String ip = sendRedpackReqBean.getIp();
if (StringHelper.isBlank(ip))
return new R<Boolean>().data(false).failure(preFix + "请求IP地址不正确!");
// 活动名称
String actName = sendRedpackReqBean.getActName();
if (StringHelper.isBlank(actName))
return new R<Boolean>().data(false).failure(preFix + "活动名称未设置!");
// 备注
String remark = sendRedpackReqBean.getRemark();
if (StringHelper.isBlank(remark))
return new R<Boolean>().data(false).failure(preFix + "备注信息未设置!");
// 场景id
String sceneId = sendRedpackReqBean.getSceneId();
if (StringHelper.isBlank(sceneId) || !checkSceneId(sceneId))
return new R<Boolean>().data(false).failure(preFix + "场景id不正确!");
// 签名信息
String sign = sendRedpackReqBean.getSign();
if (StringHelper.isBlank(sign))
return new R<Boolean>().data(false).failure(preFix + "未签名!");
// 查询商户信息
PayMchInfo mchInfo = mchInfoService.findMchInfoByMchId(mchId);
if (null == mchInfo)
return new R<Boolean>().data(false).failure(preFix + "商户信息不存在!");
if (mchInfo.getStatu().intValue() != 1)
return new R<Boolean>().data(false).failure(preFix + "商户信息已失效!");
if (StringHelper.isBlank(mchInfo.getReqKey()))
return new R<Boolean>().data(false).failure(preFix + "商户请求私钥未设置!");
// 查询商户对应的支付渠道
PayChannel payChannel = payChannelService.findPayChannel(channelId, mchId);
if (null == payChannel)
return new R<Boolean>().data(false).failure(preFix + "商户渠道[channelId=" + channelId + ",mchId=" + mchId + "]信息不存在!");
if (payChannel.getStatu().intValue() != 1)
return new R<Boolean>().data(false).failure(preFix + "商户渠道[channelId=" + channelId + ",mchId=" + mchId + "]信息已经失效!");
WxPayConfig wxPayConfig = WxPayUtil.getWxPayConfig(payChannel.getParam(), null, wxPayProperties.getCertRootPath(), wxPayProperties.getNotifyUrl());
if (null == wxPayConfig)
return new R<Boolean>().data(false).failure(preFix + "商户渠道[channelId=" + channelId + ",mchId=" + mchId + "]信息param设置不正确!");
// 验证签名数据
boolean verifyFlag = PayUtil.verifyPaySign((JSONObject) JSON.toJSON(sendRedpackReqBean), mchInfo.getReqKey());
if (!verifyFlag)
return new R<Boolean>().data(false).failure(preFix + "验证签名失败!");
paySendRedpack.setSendOrderId(SequenceUtils.getInstance().generateBizSeqNo("SRP"));
paySendRedpack.setWxPayConfig(wxPayConfig);
paySendRedpack.setResKey(mchInfo.getResKey());
paySendRedpack.setRedPackType(isCommonRedPack ? 0 : 1);
paySendRedpack.setChannelId(channelId);
// 商户订单号
paySendRedpack.setMchOrderNo(mchOrderNo);
// 商户号
paySendRedpack.setMchId(wxPayConfig.getMchId());
paySendRedpack.setOpenId(sendRedpackReqBean.getOpenId());
// 付款金额
paySendRedpack.setTotalAmount(sendRedpackReqBean.getTotalAmount());
// 红包发放总人数
paySendRedpack.setTotalNum(sendRedpackReqBean.getTotalNum());
if (!isCommonRedPack) {
// 红包金额设置方式 裂变红包才进行设置
paySendRedpack.setAmtType("ALL_RAND");
} else {
paySendRedpack.setAmtType(null);
}
// 红包祝福语
paySendRedpack.setWishing(sendRedpackReqBean.getWishing());
paySendRedpack.setIp(ip);
// 活动名称
paySendRedpack.setActName(sendRedpackReqBean.getActName());
// 备注
paySendRedpack.setRemark(sendRedpackReqBean.getRemark());
// 场景id
paySendRedpack.setSceneId(sceneId);
if (!PublicHelper.isEmpty(sendRedpackReqBean.getRiskInfo()))
// 活动信息
paySendRedpack.setRiskInfo(sendRedpackReqBean.getRiskInfo());
if (!PublicHelper.isEmpty(sendRedpackReqBean.getConsumeMchId()))
// 资金授权商户号
paySendRedpack.setConsumeMchId(sendRedpackReqBean.getConsumeMchId());
wxPaySendRedpackRequestBuilder.mchBillNo(paySendRedpack.getMchOrderNo()).wxAppid(wxPayConfig.getAppId()).sendName(// 商户名称 来自商户数据库
mchInfo.getMchName()).reOpenid(paySendRedpack.getOpenId()).totalAmount(paySendRedpack.getTotalAmount()).totalNum(paySendRedpack.getTotalNum()).amtType(paySendRedpack.getAmtType()).wishing(paySendRedpack.getWishing()).clientIp(paySendRedpack.getIp()).actName(paySendRedpack.getActName()).remark(paySendRedpack.getRemark()).sceneId(paySendRedpack.getSceneId()).riskInfo(paySendRedpack.getRiskInfo()).consumeMchId(paySendRedpack.getConsumeMchId()).build();
return new R<Boolean>().data(true).success(preFix + "信息验证成功!");
}
Aggregations