Search in sources :

Example 1 with AuthUser

use of com.jeesuite.common.model.AuthUser in project jeesuite-libs by vakinge.

the class GlobalHeaderHandler method process.

@Override
public Object process(RequestContext ctx, HttpServletRequest request, BizSystemModule module) {
    String requrstId = request.getHeader(CustomRequestHeaders.HEADER_REQUEST_ID);
    if (StringUtils.isNotBlank(requrstId)) {
        ctx.addZuulRequestHeader(CustomRequestHeaders.HEADER_REQUEST_ID, requrstId);
    } else {
        ctx.addZuulRequestHeader(CustomRequestHeaders.HEADER_REQUEST_ID, TokenGenerator.generate());
    }
    ctx.addZuulRequestHeader(CustomRequestHeaders.HEADER_INVOKER_IS_GATEWAY, Boolean.TRUE.toString());
    RequestHeaderBuilder.getHeaders().forEach((k, v) -> {
        ctx.addZuulRequestHeader(k, v);
    });
    // 跨集群
    boolean crossCluster = false;
    try {
        String clusterName = request.getHeader(CustomRequestHeaders.HEADER_CLUSTER_ID);
        if (clusterName != null) {
            clusterName = SimpleCryptUtils.decrypt(clusterName);
        }
        // TODO 验证合法性
        crossCluster = true;
    } catch (Exception e) {
    }
    if (!crossCluster) {
        // 一些header禁止前端传入
        if (request.getHeader(CustomRequestHeaders.HEADER_IGNORE_TENANT) != null) {
            ctx.getZuulRequestHeaders().remove(CustomRequestHeaders.HEADER_IGNORE_TENANT);
        }
        if (request.getHeader(CustomRequestHeaders.HEADER_AUTH_USER) != null) {
            ctx.getZuulRequestHeaders().remove(CustomRequestHeaders.HEADER_AUTH_USER);
            AuthUser currentUser = CurrentRuntimeContext.getCurrentUser();
            if (currentUser != null) {
                ctx.addZuulRequestHeader(CustomRequestHeaders.HEADER_AUTH_USER, currentUser.toEncodeString());
            }
        }
    }
    return null;
}
Also used : AuthUser(com.jeesuite.common.model.AuthUser)

Example 2 with AuthUser

use of com.jeesuite.common.model.AuthUser in project jeesuite-libs by vakinge.

the class SqlRewriteHandler method handleTableDataPermission.

private Expression handleTableDataPermission(Expression originWhere, Table table, Map<String, String[]> dataMapping, boolean sharddingTenant) {
    if (!dataProfileMappings.containsKey(table.getName())) {
        return originWhere;
    }
    Set<String> fieldNames;
    Expression newExpression = originWhere;
    String column;
    String[] values;
    Map<String, String> columnMapping = dataProfileMappings.get(table.getName());
    fieldNames = columnMapping.keySet();
    for (String fieldName : fieldNames) {
        if (sharddingTenant && fieldName.equals(tenantPropName)) {
            column = tenantColumnName;
            String currentTenantId = CurrentRuntimeContext.getTenantId();
            if (currentTenantId == null)
                throw new JeesuiteBaseException("无法获取当前租户ID");
            values = new String[] { currentTenantId };
        } else {
            if (!dataMapping.containsKey(fieldName))
                continue;
            column = columnMapping.get(fieldName);
            if (orgPropName != null && orgPropName.equalsIgnoreCase(fieldName)) {
                AuthUser currentUser = CurrentRuntimeContext.getCurrentUser();
                if (currentUser == null || StringUtils.isBlank(currentUser.getDeptId())) {
                    throw new JeesuiteBaseException("无法获取当前用户部门");
                }
                values = dataMapping.get(fieldName);
                if (MatchPolicy.exact.name().equals(values[0])) {
                    values = new String[] { currentUser.getDeptId() };
                } else {
                    values = new String[] { currentUser.getDeptId() + QUERY_FUZZY_CHAR };
                }
            } else {
                values = dataMapping.get(fieldName);
            }
        }
        // 如果某个匹配字段为空直接返回null,不在查询数据库
        if (values == null || values.length == 0) {
            EqualsTo equalsTo = new EqualsTo();
            equalsTo.setLeftExpression(new Column(table, column));
            equalsTo.setRightExpression(new StringValue("_PERMISSION_NOT_MATCH_"));
            return equalsTo;
        }
        newExpression = handleColumnDataPermCondition(table, newExpression, column, values);
    }
    return newExpression;
}
Also used : JeesuiteBaseException(com.jeesuite.common.JeesuiteBaseException) Expression(net.sf.jsqlparser.expression.Expression) BinaryExpression(net.sf.jsqlparser.expression.BinaryExpression) LikeExpression(net.sf.jsqlparser.expression.operators.relational.LikeExpression) InExpression(net.sf.jsqlparser.expression.operators.relational.InExpression) AndExpression(net.sf.jsqlparser.expression.operators.conditional.AndExpression) Column(net.sf.jsqlparser.schema.Column) AuthUser(com.jeesuite.common.model.AuthUser) EqualsTo(net.sf.jsqlparser.expression.operators.relational.EqualsTo) StringValue(net.sf.jsqlparser.expression.StringValue)

Example 3 with AuthUser

use of com.jeesuite.common.model.AuthUser in project jeesuite-libs by vakinge.

the class RequestHeaderBuilder method getHeaders.

public static Map<String, String> getHeaders() {
    Map<String, String> headers = WebUtils.getCustomHeaders();
    // 
    Map<String, String> appHeaders = null;
    if (headerProvider != null)
        appHeaders = headerProvider.headers();
    if (appHeaders != null && !appHeaders.isEmpty()) {
        headers.putAll(appHeaders);
    }
    if (!headers.containsKey(CustomRequestHeaders.HEADER_REQUEST_ID)) {
        headers.put(CustomRequestHeaders.HEADER_REQUEST_ID, TokenGenerator.generate());
    }
    if (!headers.containsKey(CustomRequestHeaders.HEADER_INVOKE_TOKEN)) {
        headers.put(CustomRequestHeaders.HEADER_INVOKE_TOKEN, TokenGenerator.generateWithSign());
    }
    headers.put(CustomRequestHeaders.HEADER_INVOKER_APP_ID, GlobalRuntimeContext.APPID);
    // 登录用户
    AuthUser currentUser = CurrentRuntimeContext.getCurrentUser();
    if (currentUser != null) {
        headers.put(CustomRequestHeaders.HEADER_AUTH_USER, currentUser.toEncodeString());
    }
    // 租户
    String tenantId = CurrentRuntimeContext.getTenantId(false);
    if (tenantId != null) {
        headers.put(CustomRequestHeaders.HEADER_TENANT_ID, tenantId);
    }
    String clientType = CurrentRuntimeContext.getClientType();
    if (clientType != null) {
        headers.put(CustomRequestHeaders.HEADER_CLIENT_TYPE, clientType);
    }
    return headers;
}
Also used : AuthUser(com.jeesuite.common.model.AuthUser)

Example 4 with AuthUser

use of com.jeesuite.common.model.AuthUser in project jeesuite-libs by vakinge.

the class ResourceScopeQueryParam method current.

public static ResourceScopeQueryParam current() {
    ResourceScopeQueryParam param = new ResourceScopeQueryParam();
    param.tenantId = CurrentRuntimeContext.getTenantId(false);
    param.clientType = CurrentRuntimeContext.getClientType();
    AuthUser currentUser = CurrentRuntimeContext.getCurrentUser();
    if (currentUser != null) {
        param.userId = currentUser.getId();
        param.userType = currentUser.getType();
    }
    return param;
}
Also used : AuthUser(com.jeesuite.common.model.AuthUser)

Example 5 with AuthUser

use of com.jeesuite.common.model.AuthUser in project jeesuite-libs by vakinge.

the class SecurityDelegating method doAuthenticationForOauth2.

public static String doAuthenticationForOauth2(String type, String name, String password) {
    AuthUser userInfo = getInstance().decisionProvider.validateUser(type, name, password);
    String authCode = TokenGenerator.generate();
    setTemporaryCacheValue(authCode, userInfo, 60);
    return authCode;
}
Also used : AuthUser(com.jeesuite.common.model.AuthUser)

Aggregations

AuthUser (com.jeesuite.common.model.AuthUser)8 JeesuiteBaseException (com.jeesuite.common.JeesuiteBaseException)1 Date (java.util.Date)1 HttpServletRequest (javax.servlet.http.HttpServletRequest)1 BinaryExpression (net.sf.jsqlparser.expression.BinaryExpression)1 Expression (net.sf.jsqlparser.expression.Expression)1 StringValue (net.sf.jsqlparser.expression.StringValue)1 AndExpression (net.sf.jsqlparser.expression.operators.conditional.AndExpression)1 EqualsTo (net.sf.jsqlparser.expression.operators.relational.EqualsTo)1 InExpression (net.sf.jsqlparser.expression.operators.relational.InExpression)1 LikeExpression (net.sf.jsqlparser.expression.operators.relational.LikeExpression)1 Column (net.sf.jsqlparser.schema.Column)1