Examples with NaviMap io.github.ihongs.action.NaviMap used on opensource projects

Example 1 with NaviMap

use of io.github.ihongs.action.NaviMap in project HongsCORE by ihongs.

the class PermitInvoker method invoke.

@Override
public void invoke(ActionHelper helper, ActionRunner chains, Annotation anno) throws HongsException {
    Permit ann = (Permit) anno;
    String conf = ann.conf();
    String[] role = ann.role();
    // 识别路径
    if (conf.length() == 0) {
        // String form;
        // form = chains.getEntity();
        conf = chains.getModule();
    // 照顾 Module Action 的配置规则. 2018/7/7 改为完全由外部预判
    // if (NaviMap.hasConfFile(conf+"/"+form)) {
    // conf = conf+"/"+form ;
    // }
    }
    NaviMap map = NaviMap.getInstance(conf);
    boolean was = map.getAuthSet() != null;
    boolean has = false;
    if (!was) {
        throw new HongsException(1101);
    }
    if (role == null || role.length < 1) {
        has = map.chkAuth(chains.getAction());
    } else
        for (String rale : role) {
            if (rale.startsWith("@")) {
                if (map.chkAuth(rale.substring(1))) {
                    has = true;
                    break;
                }
            } else {
                if (map.chkRole(rale)) {
                    has = true;
                    break;
                }
            }
        }
    if (!has) {
        throw new HongsException(1103);
    }
    chains.doAction();
}

Example 2 with NaviMap

use of io.github.ihongs.action.NaviMap in project HongsCORE by ihongs.

the class AuthAction method service.

/**
 * 服务方法
 * 判断配置和消息有没有生成, 如果没有则生成; 消息按客户语言存放
 * @param req
 * @param rsp
 * @throws java.io.IOException
 * @throws javax.servlet.ServletException
 */
@Override
public void service(HttpServletRequest req, HttpServletResponse rsp) throws ServletException, IOException {
    /*
    // 2020/05/14  通过配置和用户的修改时间来判断是否能有变化
    // 受是否登录、不同用户等影响, 权限经常变化, 必须禁止缓存
    rsp.setHeader("Expires", "0");
    rsp.addHeader("Pragma" , "no-cache");
    rsp.setHeader("Cache-Control", "no-cache");
    */
    Core core = ActionDriver.getActualCore(req);
    ActionHelper helper = core.got(ActionHelper.class);
    String name = req.getPathInfo();
    if (name == null || name.length() == 0) {
        helper.error(400, "Path info required");
        return;
    }
    int p = name.lastIndexOf('.');
    if (p < 0) {
        helper.error(400, "File type required");
        return;
    }
    String type = name.substring(1 + p);
    name = name.substring(1, p);
    if (!"js".equals(type) && !"json".equals(type)) {
        helper.error(400, "Wrong file type: " + type);
        return;
    }
    String s;
    try {
        NaviMap sitemap = NaviMap.getInstance(name);
        Set<String> roleset = sitemap.getRoleSet();
        Set<String> authset;
        // 没有设置 rsname 的不公开
        if (null == sitemap.session) {
            helper.error(403, "Auth data for '" + name + "' is not open to the public");
            return;
        }
        // HTTP 304 缓存策略
        if (roleset instanceof CoreSerial.Mtimes) {
            CoreSerial.Mtimes rolemod = (CoreSerial.Mtimes) roleset;
            long l = Math.max(sitemap.dataModified(), rolemod.dataModified());
            long m = helper.getRequest().getDateHeader("If-Modified-Since");
            if (l != 0) {
                // HTTP 时间精确到秒
                l = l / 1000;
                m = m / 1000;
                if (m >= l) {
                    helper.getResponse().setStatus(HttpServletResponse.SC_NOT_MODIFIED);
                    return;
                } else {
                    helper.getResponse().setHeader("Cache-Control", "no-cache");
                    helper.getResponse().setDateHeader("Last-Modified", l * 1000);
                }
            }
        }
        Map<String, Boolean> datamap = new HashMap();
        if (null == roleset)
            authset = new HashSet();
        else
            authset = sitemap.getRoleAuths(roleset.toArray(new String[] {}));
        for (String act : sitemap.actions) {
            datamap.put(act, authset.contains(act));
        }
        s = Dawn.toString(datamap);
    } catch (IllegalArgumentException ex) {
        helper.error(500, ex.getMessage());
        return;
    } catch (HongsException | HongsExemption ex) {
        helper.error(404, ex.getMessage());
        return;
    }
    // 输出权限信息
    if ("json".equals(type)) {
        helper.write("application/json", s);
    } else {
        String c = req.getParameter("callback");
        if (c != null && !c.isEmpty()) {
            if (!c.matches("^[a-zA-Z_\\$][a-zA-Z0-9_]*$")) {
                helper.error(400, "Illegal callback function name!");
                return;
            }
            helper.write("text/javascript", c + "(" + s + ");");
        } else {
            c = "self.HsAUTH=Object.assign(self.HsAUTH||{}";
            helper.write("text/javascript", c + "," + s + ");");
        }
    }
}

Example 3 with NaviMap

use of io.github.ihongs.action.NaviMap in project HongsCORE by ihongs.

the class AuthTag method doStartTag.

@Override
public int doStartTag() throws JspException {
    try {
        NaviMap nav = NaviMap.getInstance(this.cnf);
        this.ebb = (this.act == null || nav.chkAuth(this.act)) && (this.rol == null || nav.chkRole(this.rol)) && (this.men == null || nav.chkMenu(this.men));
    } catch (HongsException ex) {
        throw new JspException(ex);
    }
    if (this.not) {
        this.ebb = !this.ebb;
    }
    if (this.ebb) {
        return BodyTagSupport.EVAL_BODY_BUFFERED;
    } else {
        return BodyTagSupport.SKIP_BODY;
    }
}

Example 4 with NaviMap

use of io.github.ihongs.action.NaviMap in project HongsCORE by ihongs.

the class MenuAction method getRedirect.

private String getRedirect(NaviMap site, Map<String, Map> mens) throws HongsException {
    for (Map.Entry<String, Map> et : mens.entrySet()) {
        Map item = et.getValue();
        String href = et.getKey();
        String hrel = (String) item.get("hrel");
        if (hrel != null && hrel.startsWith("!")) {
            continue;
        }
        if (href.startsWith("!")) {
            continue;
        }
        if (href.startsWith(MENU_ACT_URI + "?")) {
            Map<String, Map> subs = (Map) item.get("menus");
            if (subs != null && !subs.isEmpty()) {
                href = getRedirect(site, subs);
                if (null != href) {
                    return href;
                }
            }
        } else {
            if (site.chkMenu(href)) {
                return href;
            }
        }
    }
    return null;
}

Example 5 with NaviMap

use of io.github.ihongs.action.NaviMap in project HongsCORE by ihongs.

the class Unit method filter.

@Override
protected void filter(FetchCase caze, Map rd) throws HongsException {
    super.filter(caze, rd);
    // 超级管理员不做限制
    ActionHelper helper = Core.getInstance(ActionHelper.class);
    String uid = (String) helper.getSessibute(Cnst.UID_SES);
    if (Cnst.ADM_UID.equals(uid)) {
        return;
    }
    String mm = caze.getOption("MODEL_START", "");
    if ("getList".equals(mm) || "getInfo".equals(mm)) {
    // mm = "/search";
    } else if ("update".equals(mm) || "delete".equals(mm)) {
    // mm = "/" + mm ;
    } else {
        // 非常规动作不限制
        return;
    }
    // 从导航表中取单元ID
    Set<String> us = new HashSet();
    NaviMap nv = NaviMap.getInstance(centra);
    getSubUnits(nv.menus, nv.getRoleSet(), us);
    // 限制为有权限的单元
    caze.filter("`" + table.name + "`.`id` IN (?)", us);
}