use of com.jfinal.kit.Ret in project my_curd by qinyou.
the class BaseController method renderFail.
/**
* 失败操作
*
* @param msg
*/
protected void renderFail(String msg) {
Ret ret = Ret.create().setFail().setIfNotNull("msg", msg);
render(new JsonRender(ret).forIE());
}
use of com.jfinal.kit.Ret in project my_curd by qinyou.
the class FileController method upload.
/**
* 单文件上传
*/
public void upload() throws IOException {
UploadFile uploadFile = getFile("file");
if (uploadFile == null) {
renderFail(PARAM_FILE_EMPTY);
return;
}
String originalFileName = uploadFile.getOriginalFileName();
String extension = FilenameUtils.getExtension(originalFileName);
// 文件类型非法
if (!checkFileType(extension)) {
FileUtils.deleteFile(uploadFile.getFile());
renderFail(extension + FILE_TYPE_NOT_LIMIT);
return;
}
// 文件保存
String relativePath = fileRelativeSavePath(extension);
File saveFile = new File(PathKit.getWebRootPath() + "/" + relativePath);
if (saveFile.exists()) {
FileUtils.deleteFile(uploadFile.getFile());
renderFail(originalFileName + FILE_EXIST);
return;
}
FileUtils.copyFile(uploadFile.getFile(), saveFile);
FileUtils.deleteFile(uploadFile.getFile());
UploadResult uploadResult = new UploadResult();
uploadResult.setName(originalFileName);
uploadResult.setPath(relativePath);
long sizeL = saveFile.length();
uploadResult.setSizeL(sizeL);
uploadResult.setSize(FileUtils.byteCountToDisplaySize(sizeL));
StringBuffer url = getRequest().getRequestURL();
String uri = url.delete(url.length() - getRequest().getRequestURI().length(), url.length()).append(getRequest().getServletContext().getContextPath()).append("/").toString();
uploadResult.setUri(uri + relativePath);
Ret ret = Ret.create().setOk().set("data", uploadResult);
renderJson(ret);
}
use of com.jfinal.kit.Ret in project my_curd by qinyou.
the class ComActionInterceptor method intercept.
@Override
public void intercept(Invocation inv) {
inv.getController().setAttr("setting", Constant.SETTING);
String errMsg = null;
try {
inv.invoke();
} catch (Exception e) {
log.error(e.getMessage(), e);
errMsg = ExceptionUtils.getMessage(e);
}
// 返回异常信息
if (StringUtils.notEmpty(errMsg)) {
String requestType = inv.getController().getRequest().getHeader("X-Requested-With");
if ("XMLHttpRequest".equals(requestType) || StringUtils.notEmpty(inv.getController().getPara("xmlHttpRequest"))) {
Ret ret = Ret.create().set("state", "error").set("msg", errMsg);
inv.getController().render(new JsonRender(ret).forIE());
} else {
inv.getController().setAttr("errorMsg", errMsg);
inv.getController().render(Constant.VIEW_PATH + "/common/500.ftl");
}
}
}
use of com.jfinal.kit.Ret in project my_curd by qinyou.
the class PermissionInterceptor method intercept.
@Override
public void intercept(Invocation inv) {
boolean flag = true;
Controller controller = inv.getController();
// 验证菜单权限
RequirePermission requirePermission = controller.getClass().getAnnotation(RequirePermission.class);
List<String> codes;
if (requirePermission != null) {
codes = requirePermission.isResource() ? controller.getSessionAttr("menuCodes") : controller.getSessionAttr("roleCodes");
flag = codes.contains(requirePermission.value());
}
if (flag) {
// 菜单权限通后 再验证按钮权限
requirePermission = inv.getMethod().getAnnotation(RequirePermission.class);
if (requirePermission != null) {
codes = requirePermission.isResource() ? controller.getSessionAttr("buttonCodes") : controller.getSessionAttr("roleCodes");
flag = codes.contains(requirePermission.value());
}
}
if (flag) {
// 菜单权限、按钮权限 都具备 放行
inv.invoke();
return;
}
// ------------无权限-------------------
// 推送消息
String noticeTypeCode = "noPermissionOps";
Map<String, Object> params = new HashMap<>();
params.put("username", WebUtils.getSessionUsername(controller));
params.put("visitUrl", controller.getRequest().getRequestURI());
SysNoticeService service = Duang.duang(SysNoticeService.class);
service.sendNotice(noticeTypeCode, params);
// 响应
String requestType = inv.getController().getHeader("X-Requested-With");
if ("XMLHttpRequest".equals(requestType) || StringUtils.notEmpty(inv.getController().getPara("xmlHttpRequest"))) {
// 其实并没有,可以自行扩展
Ret ret = Ret.create().setFail().set("msg", "无权限操作!您的行为已被记录到日志。");
controller.renderJson(ret);
} else {
controller.render("/WEB-INF/views/common/no_permission.ftl");
}
}
use of com.jfinal.kit.Ret in project my_curd by qinyou.
the class ApiInterceptor method intercept.
@Override
public void intercept(Invocation invocation) {
Ret ret;
Controller controller = invocation.getController();
HttpServletRequest req = controller.getRequest();
String JWTToken = req.getHeader("Authentication");
JWTToken = JWTToken == null ? req.getParameter("token") : JWTToken;
// 验证 token 是否存在
if (StringUtils.isEmpty(JWTToken)) {
ret = Ret.fail().set("code", Result.NO_TOKEN.code).set("message", Result.NO_TOKEN.message);
controller.renderJson(ret);
return;
}
// 验证token 是否合法
UserClaim userClaim;
try {
userClaim = JwtUtils.parseToken(JWTToken);
} catch (ExpiredJwtException e) {
log.error(e.getMessage(), e);
ret = Ret.fail().set("code", Result.EXPIRED_TOKEN.code).set("message", Result.EXPIRED_TOKEN.message);
controller.renderJson(ret);
return;
} catch (Exception e) {
log.error(e.getMessage(), e);
ret = Ret.fail().set("code", Result.INVALID_TOKEN.code).set("message", Result.INVALID_TOKEN.message);
controller.renderJson(ret);
return;
}
// 验证用户权限
boolean flag = true;
RequirePermission requirePermission = controller.getClass().getAnnotation(RequirePermission.class);
if (requirePermission != null) {
flag = requirePermission.isResource() ? userClaim.getPermissionList().contains(requirePermission.value()) : userClaim.getRoleList().contains(requirePermission.value());
}
if (flag) {
requirePermission = invocation.getMethod().getAnnotation(RequirePermission.class);
if (requirePermission != null) {
flag = requirePermission.isResource() ? userClaim.getPermissionList().contains(requirePermission.value()) : userClaim.getRoleList().contains(requirePermission.value());
}
}
if (!flag) {
ret = Ret.fail().set("code", Result.NO_PERMISSION.code).set("message", Result.NO_PERMISSION.message);
controller.renderJson(ret);
return;
}
// token 用户信息 注入 到 方法参数中
Object[] args = invocation.getArgs();
for (int i = 0; i < args.length; i++) {
if (args[i] instanceof UserClaim) {
invocation.setArg(i, userClaim);
}
// TODO request body 注入到 controller 方法参数中
}
// 调用方法、请求结果封装
try {
invocation.invoke();
ret = Ret.ok().set("code", Result.SUCCESS.code).set("message", Result.SUCCESS.message).set("data", invocation.getReturnValue());
} catch (Exception e) {
log.error(e.getMessage(), e);
ret = Ret.fail().set("code", Result.ERROR.code).set("message", Result.ERROR.message + ":" + e.getMessage());
}
controller.renderJson(ret);
}
Aggregations