Example 1 with User
use of com.rebuild.core.privileges.bizz.User in project rebuild by getrebuild.
the class FormsBuilder method buildModelElements.
/**
* 构建表单元素
*
* @param elements
* @param entity
* @param data
* @param user
* @param useAdvControl
*/
protected void buildModelElements(JSONArray elements, Entity entity, Record data, ID user, boolean useAdvControl) {
final User formUser = Application.getUserStore().getUser(user);
final Date now = CalendarUtils.now();
// Check and clean
for (Iterator<Object> iter = elements.iterator(); iter.hasNext(); ) {
JSONObject el = (JSONObject) iter.next();
String fieldName = el.getString("field");
if (DIVIDER_LINE.equalsIgnoreCase(fieldName)) {
continue;
}
// 已删除字段
if (!MetadataHelper.checkAndWarnField(entity, fieldName)) {
iter.remove();
continue;
}
// v2.2 高级控制
Object displayOnCreate = el.remove("displayOnCreate");
Object displayOnUpdate = el.remove("displayOnUpdate");
Object requiredOnCreate = el.remove("requiredOnCreate");
Object requiredOnUpdate = el.remove("requiredOnUpdate");
if (useAdvControl) {
// 显示
if (displayOnCreate != null && !(Boolean) displayOnCreate && data == null) {
iter.remove();
continue;
}
if (displayOnUpdate != null && !(Boolean) displayOnUpdate && data != null) {
iter.remove();
continue;
}
// 必填
if (requiredOnCreate != null && (Boolean) requiredOnCreate && data == null) {
el.put("nullable", false);
}
if (requiredOnUpdate != null && (Boolean) requiredOnUpdate && data != null) {
el.put("nullable", false);
}
}
// 自动只读的
final boolean roViaAuto = el.getBooleanValue("readonly");
final Field fieldMeta = entity.getField(fieldName);
final EasyField easyField = EasyMetaFactory.valueOf(fieldMeta);
final DisplayType dt = easyField.getDisplayType();
el.put("label", easyField.getLabel());
el.put("type", dt.name());
el.put("readonly", (data != null && !fieldMeta.isUpdatable()) || roViaAuto);
// 优先使用指定值
final Boolean nullable = el.getBoolean("nullable");
if (nullable != null) {
el.put("nullable", nullable);
} else {
el.put("nullable", fieldMeta.isNullable());
}
// 字段扩展配置 FieldExtConfigProps
JSONObject fieldExtAttrs = easyField.getExtraAttrs(true);
el.putAll(fieldExtAttrs);
if (dt == DisplayType.PICKLIST) {
JSONArray options = PickListManager.instance.getPickList(fieldMeta);
el.put("options", options);
} else if (dt == DisplayType.STATE) {
JSONArray options = StateManager.instance.getStateOptions(fieldMeta);
el.put("options", options);
el.remove(EasyFieldConfigProps.STATE_CLASS);
} else if (dt == DisplayType.MULTISELECT) {
JSONArray options = MultiSelectManager.instance.getSelectList(fieldMeta);
el.put("options", options);
} else if (dt == DisplayType.DATETIME) {
String format = StringUtils.defaultIfBlank(easyField.getExtraAttr(EasyFieldConfigProps.DATETIME_FORMAT), easyField.getDisplayType().getDefaultFormat());
el.put(EasyFieldConfigProps.DATETIME_FORMAT, format);
} else if (dt == DisplayType.DATE) {
String format = StringUtils.defaultIfBlank(easyField.getExtraAttr(EasyFieldConfigProps.DATE_FORMAT), easyField.getDisplayType().getDefaultFormat());
el.put(EasyFieldConfigProps.DATE_FORMAT, format);
} else if (dt == DisplayType.TIME) {
String format = StringUtils.defaultIfBlank(easyField.getExtraAttr(EasyFieldConfigProps.TIME_FORMAT), easyField.getDisplayType().getDefaultFormat());
el.put(EasyFieldConfigProps.TIME_FORMAT, format);
} else if (dt == DisplayType.CLASSIFICATION) {
el.put("openLevel", ClassificationManager.instance.getOpenLevel(fieldMeta));
}
// 编辑/视图
if (data != null) {
Object value = wrapFieldValue(data, easyField, user);
if (value != null) {
el.put("value", value);
}
} else // 新建记录
{
if (!fieldMeta.isCreatable()) {
el.put("readonly", true);
switch(fieldName) {
case EntityHelper.CreatedOn:
case EntityHelper.ModifiedOn:
el.put("value", CalendarUtils.getUTCDateTimeFormat().format(now));
break;
case EntityHelper.CreatedBy:
case EntityHelper.ModifiedBy:
case EntityHelper.OwningUser:
el.put("value", FieldValueHelper.wrapMixValue(formUser.getId(), formUser.getFullName()));
break;
case EntityHelper.OwningDept:
Department dept = formUser.getOwningDept();
Assert.notNull(dept, "Department of user is unset : " + formUser.getId());
el.put("value", FieldValueHelper.wrapMixValue((ID) dept.getIdentity(), dept.getName()));
break;
case EntityHelper.ApprovalId:
el.put("value", FieldValueHelper.wrapMixValue(null, Language.L("未提交")));
break;
case EntityHelper.ApprovalState:
el.put("value", ApprovalState.DRAFT.getState());
break;
default:
break;
}
}
// 默认值
if (el.get("value") == null) {
if (dt == DisplayType.SERIES) {
el.put("value", Language.L("自动值"));
} else {
Object defaultValue = easyField.exprDefaultValue();
if (defaultValue != null) {
el.put("value", easyField.wrapValue(defaultValue));
}
}
}
// 触发器自动值
if (roViaAuto && el.get("value") == null) {
if (dt == DisplayType.EMAIL || dt == DisplayType.PHONE || dt == DisplayType.URL || dt == DisplayType.DATE || dt == DisplayType.DATETIME || dt == DisplayType.NUMBER || dt == DisplayType.DECIMAL || dt == DisplayType.SERIES || dt == DisplayType.TEXT || dt == DisplayType.NTEXT) {
el.put("value", Language.L("自动值"));
}
}
}
// end 新建记录
}
// end for
}
Also used :
User(com.rebuild.core.privileges.bizz.User)
DisplayType(com.rebuild.core.metadata.easymeta.DisplayType)
JSONArray(com.alibaba.fastjson.JSONArray)
EasyField(com.rebuild.core.metadata.easymeta.EasyField)
EasyField(com.rebuild.core.metadata.easymeta.EasyField)
Field(cn.devezhao.persist4j.Field)
Department(com.rebuild.core.privileges.bizz.Department)
JSONObject(com.alibaba.fastjson.JSONObject)
JSONObject(com.alibaba.fastjson.JSONObject)
ID(cn.devezhao.persist4j.engine.ID)
Example 2 with User
use of com.rebuild.core.privileges.bizz.User in project rebuild by getrebuild.
the class LoginToken method checkUser.
// --
/**
* 检查用户登录
*
* @param user
* @param password
* @return 返回 null 表示成功
*/
public static String checkUser(String user, String password) {
if (!Application.getUserStore().existsUser(user)) {
return Language.L("用户名或密码错误");
}
User loginUser = Application.getUserStore().getUser(user);
if (!loginUser.isActive() || !Application.getPrivilegesManager().allow(loginUser.getId(), ZeroEntry.AllowLogin)) {
return Language.L("用户未激活或不允许登录");
}
Object[] foundUser = Application.createQueryNoFilter("select password from User where loginName = ? or email = ?").setParameter(1, user).setParameter(2, user).unique();
if (foundUser != null && foundUser[0].equals(EncryptUtils.toSHA256Hex(password))) {
// Okay
return null;
} else {
return Language.L("用户名或密码错误");
}
}
Also used :
User(com.rebuild.core.privileges.bizz.User)
Example 3 with User
use of com.rebuild.core.privileges.bizz.User in project rebuild by getrebuild.
the class LoginToken method execute.
@Override
public JSON execute(ApiContext context) throws ApiInvokeException {
String user = context.getParameterNotBlank("user");
String password = context.getParameterNotBlank("password");
if (RateLimiters.RRL_LOGIN.overLimitWhenIncremented("user:" + user)) {
return formatFailure(Language.L("请求过于频繁,请稍后重试"), ApiInvokeException.ERR_FREQUENCY);
}
String hasError = checkUser(user, password);
if (hasError != null) {
return formatFailure(hasError);
}
User loginUser = Application.getUserStore().getUser(user);
String loginToken = AuthTokenManager.generateToken(loginUser.getId(), 60);
JSON ret = JSONUtils.toJSONObject(new String[] { "login_token", "login_url" }, new String[] { loginToken, RebuildConfiguration.getHomeUrl("user/login?token=" + loginToken) });
return formatSuccess(ret);
}Example 4 with User
use of com.rebuild.core.privileges.bizz.User in project rebuild by getrebuild.
the class UserStore method init.
@Override
public void init() {
// 用户
Object[][] array = aPMFactory.createQuery("select " + USER_FS + " from User").array();
for (Object[] o : array) {
ID userId = (ID) o[0];
User user = new User(userId, (String) o[1], (String) o[2], (String) o[8], (String) o[3], (String) o[4], (Boolean) o[5]);
store(user);
}
log.info("Loaded [ " + USERS.size() + " ] users.");
// 角色
array = aPMFactory.createQuery("select roleId from Role").array();
for (Object[] o : array) {
this.refreshRole((ID) o[0]);
}
log.info("Loaded [ " + ROLES.size() + " ] roles.");
// 附加角色
for (User user : USERS.values()) {
if (user.getMainRole() != null) {
refreshUserRoleAppends(user);
}
}
// 部门
array = aPMFactory.createQuery("select deptId,parentDept from Department").array();
Map<ID, Set<ID>> parentTemp = new HashMap<>();
for (Object[] o : array) {
ID deptId = (ID) o[0];
this.refreshDepartment(deptId);
ID parent = (ID) o[1];
if (parent != null) {
Set<ID> child = parentTemp.computeIfAbsent(parent, k -> new HashSet<>());
child.add(deptId);
}
}
// 组织部门关系
for (Map.Entry<ID, Set<ID>> e : parentTemp.entrySet()) {
BusinessUnit parent = getDepartment(e.getKey());
for (ID child : e.getValue()) {
parent.addChild(getDepartment(child));
}
}
log.info("Loaded [ " + DEPTS.size() + " ] departments.");
// 团队
array = aPMFactory.createQuery("select teamId from Team").array();
for (Object[] o : array) {
this.refreshTeam((ID) o[0]);
}
log.info("Loaded [ " + TEAMS.size() + " ] teams.");
isLoaded = true;
}
Also used :
User(com.rebuild.core.privileges.bizz.User)
ConcurrentHashMap(java.util.concurrent.ConcurrentHashMap)
JSONObject(com.alibaba.fastjson.JSONObject)
ID(cn.devezhao.persist4j.engine.ID)
ConcurrentHashMap(java.util.concurrent.ConcurrentHashMap)
Example 5 with User
use of com.rebuild.core.privileges.bizz.User in project rebuild by getrebuild.
the class LoginController method userLogin.
@PostMapping("user-login")
public RespBody userLogin(HttpServletRequest request, HttpServletResponse response) {
String vcode = getParameter(request, "vcode");
Boolean needVcode = (Boolean) ServletUtils.getSessionAttribute(request, SK_NEED_VCODE);
if (needVcode != null && needVcode && (StringUtils.isBlank(vcode) || !CaptchaUtil.ver(vcode, request))) {
return RespBody.errorl("验证码错误");
}
final String user = getParameterNotNull(request, "user");
final String password = ServletUtils.getRequestString(request);
int retry = getLoginRetryTimes(user, 1);
if (retry > 3 && StringUtils.isBlank(vcode)) {
ServletUtils.setSessionAttribute(request, SK_NEED_VCODE, true);
return RespBody.error("VCODE");
}
String hasError = LoginToken.checkUser(user, password);
if (hasError != null) {
return RespBody.error(hasError);
}
// 清理
getLoginRetryTimes(user, -1);
ServletUtils.setSessionAttribute(request, SK_NEED_VCODE, null);
final User loginUser = Application.getUserStore().getUser(user);
Map<String, Object> resMap = new HashMap<>();
// 2FA
int faMode = RebuildConfiguration.getInt(ConfigurationItem.Login2FAMode);
if (faMode > 0 && !UserHelper.isSuperAdmin(loginUser.getId())) {
resMap.put("login2FaMode", faMode);
String userToken = CodecUtils.randomCode(40);
// 15m
Application.getCommonsCache().putx("2FA" + userToken, loginUser.getId(), CommonsCache.TS_HOUR / 4);
resMap.put("login2FaUserToken", userToken);
if (AppUtils.isRbMobile(request)) {
request.getSession().invalidate();
}
return RespBody.ok(resMap);
}
if (AppUtils.isRbMobile(request)) {
resMap = loginSuccessedH5(request, response, loginUser.getId());
} else {
Integer ed = loginSuccessed(request, response, loginUser.getId(), getBoolParameter(request, "autoLogin", false));
if (ed != null)
resMap.put("passwdExpiredDays", ed);
}
return RespBody.ok(resMap);
}
Also used :
User(com.rebuild.core.privileges.bizz.User)
HashMap(java.util.HashMap)
JSONObject(com.alibaba.fastjson.JSONObject)
PostMapping(org.springframework.web.bind.annotation.PostMapping)
Aggregations
User (com.rebuild.core.privileges.bizz.User)26
ID (cn.devezhao.persist4j.engine.ID)13
JSONObject (com.alibaba.fastjson.JSONObject)8
GetMapping (org.springframework.web.bind.annotation.GetMapping)6
Member (cn.devezhao.bizz.security.member.Member)3
JSONArray (com.alibaba.fastjson.JSONArray)3
Entity (cn.devezhao.persist4j.Entity)2
Record (cn.devezhao.persist4j.Record)2
JSON (com.alibaba.fastjson.JSON)2
UserService (com.rebuild.core.privileges.UserService)2
Department (com.rebuild.core.privileges.bizz.Department)2
HashMap (java.util.HashMap)2
HashSet (java.util.HashSet)2
ConcurrentHashMap (java.util.concurrent.ConcurrentHashMap)2
Test (org.junit.jupiter.api.Test)2
PostMapping (org.springframework.web.bind.annotation.PostMapping)2
ModelAndView (org.springframework.web.servlet.ModelAndView)2
Team (cn.devezhao.bizz.security.member.Team)1
Field (cn.devezhao.persist4j.Field)1
ApiInvokeException (com.rebuild.api.ApiInvokeException)1
