Example 1 with RequirePermission
use of com.github.qinyou.common.annotation.RequirePermission in project my_curd by qinyou.
the class MyTaskController method changeAssigneeAction.
// 转办
@RequirePermission("myTask:changeAssignee")
public void changeAssigneeAction() {
String taskId = get("taskId");
String username = get("username");
if (StringUtils.isEmpty(taskId) || StringUtils.isEmpty(username)) {
renderFail("参数缺失");
return;
}
TaskService taskService = ActivitiUtils.getTaskService();
Task task = taskService.createTaskQuery().taskId(taskId).singleResult();
if (task == null) {
log.info("taskId:{} 任务不存在", taskId);
renderFail("参数错误");
return;
}
if (task.getAssignee() == null) {
renderFail("未认领任务无法转办");
return;
}
String currentUser = WebUtils.getSessionUsername(this);
if (!currentUser.equals(task.getAssignee())) {
log.info("username: {} 尝试转办 无权限任务 taskId: {}", username, taskId);
renderFail("无权办理");
return;
}
if (username.equals(task.getAssignee())) {
renderFail("新办理人 不能和 原办理人相同");
return;
}
SysUser sysUser = SysUser.dao.findByUsername(username);
if (sysUser == null) {
renderFail("新办理人无效");
return;
}
// TODO 任务被多次转办 log历史信息
ActivitiUtils.getTaskService().setVariableLocal(taskId, "lastAssignee", task.getAssignee());
ActivitiUtils.getTaskService().setAssignee(taskId, username);
renderSuccess("转办完成");
}
Also used :
Task(org.activiti.engine.task.Task)
SysUser(com.github.qinyou.system.model.SysUser)
TaskService(org.activiti.engine.TaskService)
RequirePermission(com.github.qinyou.common.annotation.RequirePermission)
Example 2 with RequirePermission
use of com.github.qinyou.common.annotation.RequirePermission in project my_curd by qinyou.
the class SysVisitLogController method exportExcel.
/**
* 导出excel
*/
@RequirePermission("sysVisitLog:export")
@Before(SearchSql.class)
public void exportExcel() {
String where = getAttr(Constant.SEARCH_SQL);
if (SysVisitLog.dao.findCountByWhere(where) > 50000) {
setAttr("msg", "一次导出数据不可大于 5W 条,请修改查询条件。");
render("common/card.ftl");
return;
}
// 测试大数据量导出
List<SysVisitLog> list = SysVisitLog.dao.findByWhere(where);
Workbook workbook = ExcelExportUtil.exportExcel(new ExportParams("访问日志", "访问日志"), SysVisitLog.class, list);
render(ExcelRender.me(workbook).fileName("访问日志.xls"));
}
Also used :
ExportParams(cn.afterturn.easypoi.excel.entity.ExportParams)
SysVisitLog(com.github.qinyou.system.model.SysVisitLog)
Workbook(org.apache.poi.ss.usermodel.Workbook)
Before(com.jfinal.aop.Before)
RequirePermission(com.github.qinyou.common.annotation.RequirePermission)
Example 3 with RequirePermission
use of com.github.qinyou.common.annotation.RequirePermission in project my_curd by qinyou.
the class SysVisitLogController method deleteAction.
/**
* 批量删除
*/
@RequirePermission("sysVisitLog:delete")
@Before(IdsRequired.class)
public void deleteAction() {
String ids = getPara("ids").replaceAll(",", "','");
String sql = "delete from sys_visit_log where id in ('" + ids + "')";
int number = Db.update(sql);
// 发送系统通知
String noticeTypeCode = "delVisitLog";
Map<String, Object> params = new HashMap<>();
params.put("username", WebUtils.getSessionUsername(this));
params.put("datetime", new DateTime().toString("yyyy-MM-dd HH:mm:ss"));
params.put("number", number);
SysNoticeService service = Duang.duang(SysNoticeService.class);
service.sendNotice(noticeTypeCode, params);
renderSuccess(DELETE_SUCCESS);
}
Also used :
HashMap(java.util.HashMap)
DateTime(org.joda.time.DateTime)
SysNoticeService(com.github.qinyou.system.service.SysNoticeService)
Before(com.jfinal.aop.Before)
RequirePermission(com.github.qinyou.common.annotation.RequirePermission)
Example 4 with RequirePermission
use of com.github.qinyou.common.annotation.RequirePermission in project my_curd by qinyou.
the class PermissionInterceptor method intercept.
@Override
public void intercept(Invocation inv) {
boolean flag = true;
Controller controller = inv.getController();
// 验证菜单权限
RequirePermission requirePermission = controller.getClass().getAnnotation(RequirePermission.class);
List<String> codes;
if (requirePermission != null) {
codes = requirePermission.isResource() ? controller.getSessionAttr("menuCodes") : controller.getSessionAttr("roleCodes");
flag = codes.contains(requirePermission.value());
}
if (flag) {
// 菜单权限通后 再验证按钮权限
requirePermission = inv.getMethod().getAnnotation(RequirePermission.class);
if (requirePermission != null) {
codes = requirePermission.isResource() ? controller.getSessionAttr("buttonCodes") : controller.getSessionAttr("roleCodes");
flag = codes.contains(requirePermission.value());
}
}
if (flag) {
// 菜单权限、按钮权限 都具备 放行
inv.invoke();
return;
}
// ------------无权限-------------------
// 推送消息
String noticeTypeCode = "noPermissionOps";
Map<String, Object> params = new HashMap<>();
params.put("username", WebUtils.getSessionUsername(controller));
params.put("visitUrl", controller.getRequest().getRequestURI());
SysNoticeService service = Duang.duang(SysNoticeService.class);
service.sendNotice(noticeTypeCode, params);
// 响应
String requestType = inv.getController().getHeader("X-Requested-With");
if ("XMLHttpRequest".equals(requestType) || StringUtils.notEmpty(inv.getController().getPara("xmlHttpRequest"))) {
// 其实并没有,可以自行扩展
Ret ret = Ret.create().setFail().set("msg", "无权限操作!您的行为已被记录到日志。");
controller.renderJson(ret);
} else {
controller.render("/WEB-INF/views/common/no_permission.ftl");
}
}
Also used :
Ret(com.jfinal.kit.Ret)
HashMap(java.util.HashMap)
Controller(com.jfinal.core.Controller)
RequirePermission(com.github.qinyou.common.annotation.RequirePermission)
SysNoticeService(com.github.qinyou.system.service.SysNoticeService)
Example 5 with RequirePermission
use of com.github.qinyou.common.annotation.RequirePermission in project my_curd by qinyou.
the class ApiInterceptor method intercept.
@Override
public void intercept(Invocation invocation) {
Ret ret;
Controller controller = invocation.getController();
HttpServletRequest req = controller.getRequest();
String JWTToken = req.getHeader("Authentication");
JWTToken = JWTToken == null ? req.getParameter("token") : JWTToken;
// 验证 token 是否存在
if (StringUtils.isEmpty(JWTToken)) {
ret = Ret.fail().set("code", Result.NO_TOKEN.code).set("message", Result.NO_TOKEN.message);
controller.renderJson(ret);
return;
}
// 验证token 是否合法
UserClaim userClaim;
try {
userClaim = JwtUtils.parseToken(JWTToken);
} catch (ExpiredJwtException e) {
log.error(e.getMessage(), e);
ret = Ret.fail().set("code", Result.EXPIRED_TOKEN.code).set("message", Result.EXPIRED_TOKEN.message);
controller.renderJson(ret);
return;
} catch (Exception e) {
log.error(e.getMessage(), e);
ret = Ret.fail().set("code", Result.INVALID_TOKEN.code).set("message", Result.INVALID_TOKEN.message);
controller.renderJson(ret);
return;
}
// 验证用户权限
boolean flag = true;
RequirePermission requirePermission = controller.getClass().getAnnotation(RequirePermission.class);
if (requirePermission != null) {
flag = requirePermission.isResource() ? userClaim.getPermissionList().contains(requirePermission.value()) : userClaim.getRoleList().contains(requirePermission.value());
}
if (flag) {
requirePermission = invocation.getMethod().getAnnotation(RequirePermission.class);
if (requirePermission != null) {
flag = requirePermission.isResource() ? userClaim.getPermissionList().contains(requirePermission.value()) : userClaim.getRoleList().contains(requirePermission.value());
}
}
if (!flag) {
ret = Ret.fail().set("code", Result.NO_PERMISSION.code).set("message", Result.NO_PERMISSION.message);
controller.renderJson(ret);
return;
}
// token 用户信息 注入 到 方法参数中
Object[] args = invocation.getArgs();
for (int i = 0; i < args.length; i++) {
if (args[i] instanceof UserClaim) {
invocation.setArg(i, userClaim);
}
// TODO request body 注入到 controller 方法参数中
}
// 调用方法、请求结果封装
try {
invocation.invoke();
ret = Ret.ok().set("code", Result.SUCCESS.code).set("message", Result.SUCCESS.message).set("data", invocation.getReturnValue());
} catch (Exception e) {
log.error(e.getMessage(), e);
ret = Ret.fail().set("code", Result.ERROR.code).set("message", Result.ERROR.message + ":" + e.getMessage());
}
controller.renderJson(ret);
}
Also used :
Ret(com.jfinal.kit.Ret)
HttpServletRequest(javax.servlet.http.HttpServletRequest)
UserClaim(com.github.qinyou.common.utils.jwt.UserClaim)
ExpiredJwtException(io.jsonwebtoken.ExpiredJwtException)
Controller(com.jfinal.core.Controller)
RequirePermission(com.github.qinyou.common.annotation.RequirePermission)
ExpiredJwtException(io.jsonwebtoken.ExpiredJwtException)
Aggregations
RequirePermission (com.github.qinyou.common.annotation.RequirePermission)5
SysNoticeService (com.github.qinyou.system.service.SysNoticeService)2
Before (com.jfinal.aop.Before)2
Controller (com.jfinal.core.Controller)2
Ret (com.jfinal.kit.Ret)2
HashMap (java.util.HashMap)2
ExportParams (cn.afterturn.easypoi.excel.entity.ExportParams)1
UserClaim (com.github.qinyou.common.utils.jwt.UserClaim)1
SysUser (com.github.qinyou.system.model.SysUser)1
SysVisitLog (com.github.qinyou.system.model.SysVisitLog)1
ExpiredJwtException (io.jsonwebtoken.ExpiredJwtException)1
HttpServletRequest (javax.servlet.http.HttpServletRequest)1
TaskService (org.activiti.engine.TaskService)1
Task (org.activiti.engine.task.Task)1
Workbook (org.apache.poi.ss.usermodel.Workbook)1
DateTime (org.joda.time.DateTime)1
