Examples with LoginUser - com.ruoyi.common.core.domain.model.LoginUser

Example 41 with LoginUser

use of com.ruoyi.common.core.domain.model.LoginUser in project RuoYi-Flowable-Plus by KonBAI-Q.

the class PlusDataPermissionHandler method buildDataFilter.

/**
 * 构造数据过滤sql
 */
private String buildDataFilter(DataColumn[] dataColumns, boolean isSelect) {
    StringBuilder sqlString = new StringBuilder();
    // 更新或删除需满足所有条件
    String joinStr = isSelect ? " OR " : " AND ";
    LoginUser user = DataPermissionHelper.getVariable("user");
    StandardEvaluationContext context = new StandardEvaluationContext();
    context.setBeanResolver(beanResolver);
    DataPermissionHelper.getContext().forEach(context::setVariable);
    for (RoleDTO role : user.getRoles()) {
        user.setRoleId(role.getRoleId());
        // 获取角色权限泛型
        DataScopeType type = DataScopeType.findCode(role.getDataScope());
        if (ObjectUtil.isNull(type)) {
            throw new ServiceException("角色数据范围异常 => " + role.getDataScope());
        }
        // 全部数据权限直接返回
        if (type == DataScopeType.ALL) {
            return "";
        }
        boolean isSuccess = false;
        for (DataColumn dataColumn : dataColumns) {
            // 不包含 key 变量 则不处理
            if (!StringUtils.contains(type.getSqlTemplate(), "#" + dataColumn.key())) {
                continue;
            }
            // 设置注解变量 key 为表达式变量 value 为变量值
            context.setVariable(dataColumn.key(), dataColumn.value());
            // 解析sql模板并填充
            String sql = parser.parseExpression(type.getSqlTemplate(), parserContext).getValue(context, String.class);
            sqlString.append(joinStr).append(sql);
            isSuccess = true;
        }
        // 未处理成功则填充兜底方案
        if (!isSuccess) {
            sqlString.append(joinStr).append(type.getElseSql());
        }
    }
    if (StringUtils.isNotBlank(sqlString.toString())) {
        return sqlString.substring(joinStr.length());
    }
    return "";
}

Also used : RoleDTO(com.ruoyi.common.core.domain.dto.RoleDTO) StandardEvaluationContext(org.springframework.expression.spel.support.StandardEvaluationContext) DataScopeType(com.ruoyi.common.enums.DataScopeType) ServiceException(com.ruoyi.common.exception.ServiceException) DataColumn(com.ruoyi.common.annotation.DataColumn) LoginUser(com.ruoyi.common.core.domain.model.LoginUser)

Example 42 with LoginUser

use of com.ruoyi.common.core.domain.model.LoginUser in project RuoYi-Flowable-Plus by KonBAI-Q.

the class PlusDataPermissionHandler method getSqlSegment.

public Expression getSqlSegment(Expression where, String mappedStatementId, boolean isSelect) {
    DataColumn[] dataColumns = findAnnotation(mappedStatementId);
    if (ArrayUtil.isEmpty(dataColumns)) {
        inavlidCacheSet.add(mappedStatementId);
        return where;
    }
    LoginUser currentUser = DataPermissionHelper.getVariable("user");
    if (ObjectUtil.isNull(currentUser)) {
        currentUser = LoginHelper.getLoginUser();
        DataPermissionHelper.setVariable("user", currentUser);
    }
    // 如果是超级管理员，则不过滤数据
    if (LoginHelper.isAdmin()) {
        return where;
    }
    String dataFilterSql = buildDataFilter(dataColumns, isSelect);
    if (StringUtils.isBlank(dataFilterSql)) {
        return where;
    }
    try {
        Expression expression = CCJSqlParserUtil.parseExpression(dataFilterSql);
        // 数据权限使用单独的括号 防止与其他条件冲突
        Parenthesis parenthesis = new Parenthesis(expression);
        if (ObjectUtil.isNotNull(where)) {
            return new AndExpression(where, parenthesis);
        } else {
            return parenthesis;
        }
    } catch (JSQLParserException e) {
        throw new ServiceException("数据权限解析异常 => " + e.getMessage());
    }
}

Also used : Parenthesis(net.sf.jsqlparser.expression.Parenthesis) AndExpression(net.sf.jsqlparser.expression.operators.conditional.AndExpression) ServiceException(com.ruoyi.common.exception.ServiceException) AndExpression(net.sf.jsqlparser.expression.operators.conditional.AndExpression) Expression(net.sf.jsqlparser.expression.Expression) JSQLParserException(net.sf.jsqlparser.JSQLParserException) DataColumn(com.ruoyi.common.annotation.DataColumn) LoginUser(com.ruoyi.common.core.domain.model.LoginUser)

Example 43 with LoginUser

use of com.ruoyi.common.core.domain.model.LoginUser in project RuoYi-Flowable-Plus by KonBAI-Q.

the class SysLoginService method buildLoginUser.

/**
 * 构建登录用户
 */
private LoginUser buildLoginUser(SysUser user) {
    LoginUser loginUser = new LoginUser();
    loginUser.setUserId(user.getUserId());
    loginUser.setDeptId(user.getDeptId());
    loginUser.setUsername(user.getUserName());
    loginUser.setNickName(user.getNickName());
    loginUser.setUserType(user.getUserType());
    loginUser.setMenuPermission(permissionService.getMenuPermission(user));
    loginUser.setRolePermission(permissionService.getRolePermission(user));
    loginUser.setDeptName(user.getDept().getDeptName());
    List<RoleDTO> roles = BeanUtil.copyToList(user.getRoles(), RoleDTO.class);
    loginUser.setRoles(roles);
    return loginUser;
}

Also used : RoleDTO(com.ruoyi.common.core.domain.dto.RoleDTO) LoginUser(com.ruoyi.common.core.domain.model.LoginUser)

Example 44 with LoginUser

use of com.ruoyi.common.core.domain.model.LoginUser in project RuoYi-Flowable-Plus by KonBAI-Q.

the class LoginHelper method getUserId.

/**
 * 获取用户id
 */
public static Long getUserId() {
    LoginUser loginUser = getLoginUser();
    if (ObjectUtil.isNull(loginUser)) {
        String loginId = StpUtil.getLoginIdAsString();
        String userId = null;
        for (UserType value : UserType.values()) {
            if (StringUtils.contains(loginId, value.getUserType())) {
                String[] strs = StringUtils.split(loginId, JOIN_CODE);
                // 用户id在总是在最后
                userId = strs[strs.length - 1];
            }
        }
        if (StringUtils.isBlank(userId)) {
            throw new UtilException("登录用户: LoginId异常 => " + loginId);
        }
        return Long.parseLong(userId);
    }
    return loginUser.getUserId();
}

Also used : UtilException(com.ruoyi.common.exception.UtilException) LoginUser(com.ruoyi.common.core.domain.model.LoginUser) UserType(com.ruoyi.common.enums.UserType)

Example 45 with LoginUser

use of com.ruoyi.common.core.domain.model.LoginUser in project wumei-smart by kerwincui.

the class SysLoginService method login.

/**
 * 登录验证
 *
 * @param username 用户名
 * @param password 密码
 * @param code 验证码
 * @param uuid 唯一标识
 * @return 结果
 */
public String login(String username, String password, String code, String uuid) {
    boolean captchaOnOff = configService.selectCaptchaOnOff();
    // 验证码开关
    if (captchaOnOff) {
        validateCaptcha(username, code, uuid);
    }
    // 用户验证
    Authentication authentication = null;
    try {
        // 该方法会去调用UserDetailsServiceImpl.loadUserByUsername
        authentication = authenticationManager.authenticate(new UsernamePasswordAuthenticationToken(username, password));
    } catch (Exception e) {
        if (e instanceof BadCredentialsException) {
            AsyncManager.me().execute(AsyncFactory.recordLogininfor(username, Constants.LOGIN_FAIL, MessageUtils.message("user.password.not.match")));
            throw new UserPasswordNotMatchException();
        } else {
            AsyncManager.me().execute(AsyncFactory.recordLogininfor(username, Constants.LOGIN_FAIL, e.getMessage()));
            throw new ServiceException(e.getMessage());
        }
    }
    AsyncManager.me().execute(AsyncFactory.recordLogininfor(username, Constants.LOGIN_SUCCESS, MessageUtils.message("user.login.success")));
    LoginUser loginUser = (LoginUser) authentication.getPrincipal();
    recordLoginInfo(loginUser.getUserId());
    // 生成token
    return tokenService.createToken(loginUser);
}

Also used : ServiceException(com.ruoyi.common.exception.ServiceException) Authentication(org.springframework.security.core.Authentication) UsernamePasswordAuthenticationToken(org.springframework.security.authentication.UsernamePasswordAuthenticationToken) BadCredentialsException(org.springframework.security.authentication.BadCredentialsException) UserPasswordNotMatchException(com.ruoyi.common.exception.user.UserPasswordNotMatchException) LoginUser(com.ruoyi.common.core.domain.model.LoginUser) BadCredentialsException(org.springframework.security.authentication.BadCredentialsException) ServiceException(com.ruoyi.common.exception.ServiceException) CaptchaExpireException(com.ruoyi.common.exception.user.CaptchaExpireException) CaptchaException(com.ruoyi.common.exception.user.CaptchaException) UserPasswordNotMatchException(com.ruoyi.common.exception.user.UserPasswordNotMatchException)

Aggregations

LoginUser (com.ruoyi.common.core.domain.model.LoginUser)65 Log (com.ruoyi.common.annotation.Log)16 SysUser (com.ruoyi.common.core.domain.entity.SysUser)13 GetMapping (org.springframework.web.bind.annotation.GetMapping)10 AjaxResult (com.ruoyi.common.core.domain.AjaxResult)9 UserType (com.ruoyi.common.enums.UserType)8 PreAuthorize (org.springframework.security.access.prepost.PreAuthorize)8 ServiceException (com.ruoyi.common.exception.ServiceException)7 ArrayList (java.util.ArrayList)7 UsernamePasswordAuthenticationToken (org.springframework.security.authentication.UsernamePasswordAuthenticationToken)7 PutMapping (org.springframework.web.bind.annotation.PutMapping)7 UserPasswordNotMatchException (com.ruoyi.common.exception.user.UserPasswordNotMatchException)5 DataColumn (com.ruoyi.common.annotation.DataColumn)4 RoleDTO (com.ruoyi.common.core.domain.dto.RoleDTO)4 SysMenu (com.ruoyi.common.core.domain.entity.SysMenu)4 CaptchaException (com.ruoyi.common.exception.user.CaptchaException)4 CaptchaExpireException (com.ruoyi.common.exception.user.CaptchaExpireException)4 Claims (io.jsonwebtoken.Claims)4 BadCredentialsException (org.springframework.security.authentication.BadCredentialsException)4 Authentication (org.springframework.security.core.Authentication)4