use of io.jpom.model.data.UserModel in project Jpom by dromara.
the class NodeForward method addUser.
private static void addUser(HttpRequest httpRequest, NodeModel nodeModel, NodeUrl nodeUrl) {
UserModel userModel = BaseServerController.getUserModel();
addUser(httpRequest, nodeModel, nodeUrl, userModel);
}
use of io.jpom.model.data.UserModel in project Jpom by dromara.
the class PermissionInterceptor method preHandle.
@Override
public boolean preHandle(HttpServletRequest request, HttpServletResponse response, HandlerMethod handlerMethod) throws Exception {
this.init();
this.addNode(request);
UserModel userModel = BaseServerController.getUserModel();
if (userModel == null || userModel.isSuperSystemUser()) {
// 没有登录、或者超级管理直接放过
return true;
}
//
boolean permission = this.checkSystemPermission(userModel, request, response, handlerMethod);
if (!permission) {
return false;
}
permission = this.checkNodeDataPermission(userModel, request, response, handlerMethod);
if (!permission) {
return false;
}
Feature feature = handlerMethod.getMethodAnnotation(Feature.class);
if (feature == null) {
return true;
}
MethodFeature method = feature.method();
if (ArrayUtil.contains(DEMO, method) && userModel.isDemoUser()) {
this.errorMsg(response, DEMO_TIP);
return false;
}
ClassFeature classFeature = feature.cls();
if (classFeature == ClassFeature.NULL) {
Feature feature1 = handlerMethod.getBeanType().getAnnotation(Feature.class);
if (feature1 != null && feature1.cls() != ClassFeature.NULL) {
classFeature = feature1.cls();
}
}
// 判断功能权限
if (method != MethodFeature.LIST) {
String workspaceId = ServletUtil.getHeader(request, Const.WORKSPACEID_REQ_HEADER, CharsetUtil.CHARSET_UTF_8);
boolean exists = userBindWorkspaceService.exists(userModel.getId(), workspaceId + StrUtil.DASHED + method.name());
if (!exists) {
this.errorMsg(response, "您没有对应功能【" + classFeature.getName() + StrUtil.DASHED + method.getName() + "】管理权限");
return false;
}
}
return true;
}
use of io.jpom.model.data.UserModel in project Jpom by dromara.
the class InstallController method installSubmit.
/**
* 初始化提交
*
* @param userName 系统管理员登录名
* @param userPwd 系统管理员的登录密码
* @return json
* @api {post} install_submit.json 初始化提交
* @apiGroup index
* @apiUse defResultJson
* @apiParam {String} userName 系统管理员登录名
* @apiParam {String} userPwd 设置的登录密码 sha1 后传入
* @apiSuccess {JSON} data.tokenData token 相关信息
* @apiSuccess {String} data.mfaKey 二次验证的key
* @apiSuccess {String} data.url 二次验证的二维码相关字符串用户快速扫码导入
*/
@PostMapping(value = "install_submit.json", produces = MediaType.APPLICATION_JSON_VALUE)
@NotLogin
public String installSubmit(@ValidatorConfig(value = { @ValidatorItem(value = ValidatorRule.NOT_EMPTY, msg = "登录名不能为空"), @ValidatorItem(value = ValidatorRule.NOT_BLANK, range = UserModel.USER_NAME_MIN_LEN + ":" + Const.ID_MAX_LEN, msg = "登录名长度范围" + UserModel.USER_NAME_MIN_LEN + "-" + Const.ID_MAX_LEN), @ValidatorItem(value = ValidatorRule.WORD, msg = "登录名不能包含汉字并且不能包含特殊字符") }) String userName, @ValidatorItem(value = ValidatorRule.NOT_BLANK, msg = "密码不能为空") String userPwd) {
//
Assert.state(!userService.canUse(), "系统已经初始化过啦,请勿重复初始化");
boolean systemOccupyUserName = StrUtil.equalsAnyIgnoreCase(userName, UserModel.DEMO_USER, JpomApplication.SYSTEM_ID, UserModel.SYSTEM_ADMIN);
Assert.state(!systemOccupyUserName, "当前登录名已经被系统占用啦");
// 创建用户
UserModel userModel = new UserModel();
userModel.setName(UserModel.SYSTEM_OCCUPY_NAME);
userModel.setId(userName);
userModel.setSalt(userService.generateSalt());
userModel.setPassword(SecureUtil.sha1(userPwd + userModel.getSalt()));
userModel.setSystemUser(1);
userModel.setParent(UserModel.SYSTEM_ADMIN);
try {
BaseServerController.resetInfo(userModel);
userService.insert(userModel);
} catch (Exception e) {
DefaultSystemLog.getLog().error("初始化用户失败", e);
return JsonMessage.getString(400, "初始化失败:" + e.getMessage());
}
// 自动登录
setSessionAttribute(LoginInterceptor.SESSION_NAME, userModel);
UserLoginDto userLoginDto = userService.getUserJwtId(userModel);
List<WorkspaceModel> bindWorkspaceModels = userBindWorkspaceService.listUserWorkspaceInfo(userModel);
userLoginDto.setBindWorkspaceModels(bindWorkspaceModels);
// 二次验证信息
JSONObject jsonObject = new JSONObject();
String tfaKey = TwoFactorAuthUtils.generateTFAKey();
jsonObject.put("mfaKey", tfaKey);
jsonObject.put("url", TwoFactorAuthUtils.generateOtpAuthUrl(userName, tfaKey));
jsonObject.put("tokenData", userLoginDto);
return JsonMessage.getString(200, "初始化成功", jsonObject);
}
use of io.jpom.model.data.UserModel in project Jpom by dromara.
the class BuildInfoTriggerController method createTriggerUrl.
private String createTriggerUrl() {
UserModel user = getUser();
int randomInt = RandomUtil.randomInt(1, BUILD_INFO_TRIGGER_TOKEN_DIGEST_COUNT_MAX);
String fill = StrUtil.fillBefore(randomInt + "", '0', BUILD_INFO_TRIGGER_TOKEN_FILL_LEN);
String nowStr = new Digester(DigestAlgorithm.SHA256).setDigestCount(randomInt).digestHex(user.getId());
return StrUtil.format("{}{}", fill, nowStr);
}
use of io.jpom.model.data.UserModel in project Jpom by dromara.
the class BaseServerController method resetInfo.
/**
* 为线程设置 用户
*
* @param userModel 用户
*/
public static void resetInfo(UserModel userModel) {
UserModel userModel1 = USER_MODEL_THREAD_LOCAL.get();
if (userModel1 != null && userModel == UserModel.EMPTY) {
// 已经存在,更新为 empty 、跳过
return;
}
USER_MODEL_THREAD_LOCAL.set(userModel);
}
Aggregations