Example 1 with ClassFeature
use of io.jpom.permission.ClassFeature in project Jpom by dromara.
the class MonitorUserOptService method listByType.
/**
* 查询 对应操作的监控信息
*
* @param workspaceId 工作空间ID
* @param classFeature 功能
* @param methodFeature 操作
* @return list
*/
public List<MonitorUserOptModel> listByType(String workspaceId, ClassFeature classFeature, MethodFeature methodFeature, String userId) {
MonitorUserOptModel where = new MonitorUserOptModel();
if (StrUtil.isNotEmpty(workspaceId)) {
// 没有工作空间查询全部
where.setWorkspaceId(workspaceId);
}
where.setStatus(true);
List<MonitorUserOptModel> list = super.listByBean(where);
if (CollUtil.isEmpty(list)) {
return null;
}
return list.stream().filter(monitorUserOptModel -> {
List<ClassFeature> classFeatures = monitorUserOptModel.monitorFeature();
List<MethodFeature> methodFeatures = monitorUserOptModel.monitorOpt();
boolean b = CollUtil.contains(classFeatures, classFeature) && CollUtil.contains(methodFeatures, methodFeature);
if (b) {
List<String> monitorUser = monitorUserOptModel.monitorUser();
return CollUtil.contains(monitorUser, userId);
}
return false;
}).collect(Collectors.toList());
}
Also used :
CollUtil(cn.hutool.core.collection.CollUtil)
StrUtil(cn.hutool.core.util.StrUtil)
List(java.util.List)
BaseWorkspaceService(io.jpom.service.h2db.BaseWorkspaceService)
MonitorUserOptModel(io.jpom.model.data.MonitorUserOptModel)
Service(org.springframework.stereotype.Service)
ClassFeature(io.jpom.permission.ClassFeature)
MethodFeature(io.jpom.permission.MethodFeature)
Collectors(java.util.stream.Collectors)
List(java.util.List)
MonitorUserOptModel(io.jpom.model.data.MonitorUserOptModel)
Example 2 with ClassFeature
use of io.jpom.permission.ClassFeature in project Jpom by dromara.
the class PermissionInterceptor method preHandle.
@Override
public boolean preHandle(HttpServletRequest request, HttpServletResponse response, HandlerMethod handlerMethod) throws Exception {
this.init();
this.addNode(request);
UserModel userModel = BaseServerController.getUserModel();
if (userModel == null || userModel.isSuperSystemUser()) {
// 没有登录、或者超级管理直接放过
return true;
}
//
boolean permission = this.checkSystemPermission(userModel, request, response, handlerMethod);
if (!permission) {
return false;
}
permission = this.checkNodeDataPermission(userModel, request, response, handlerMethod);
if (!permission) {
return false;
}
Feature feature = handlerMethod.getMethodAnnotation(Feature.class);
if (feature == null) {
return true;
}
MethodFeature method = feature.method();
if (ArrayUtil.contains(DEMO, method) && userModel.isDemoUser()) {
this.errorMsg(response, DEMO_TIP);
return false;
}
ClassFeature classFeature = feature.cls();
if (classFeature == ClassFeature.NULL) {
Feature feature1 = handlerMethod.getBeanType().getAnnotation(Feature.class);
if (feature1 != null && feature1.cls() != ClassFeature.NULL) {
classFeature = feature1.cls();
}
}
// 判断功能权限
if (method != MethodFeature.LIST) {
String workspaceId = ServletUtil.getHeader(request, Const.WORKSPACEID_REQ_HEADER, CharsetUtil.CHARSET_UTF_8);
boolean exists = userBindWorkspaceService.exists(userModel.getId(), workspaceId + StrUtil.DASHED + method.name());
if (!exists) {
this.errorMsg(response, "您没有对应功能【" + classFeature.getName() + StrUtil.DASHED + method.getName() + "】管理权限");
return false;
}
}
return true;
}
Also used :
UserModel(io.jpom.model.data.UserModel)
ClassFeature(io.jpom.permission.ClassFeature)
MethodFeature(io.jpom.permission.MethodFeature)
Feature(io.jpom.permission.Feature)
MethodFeature(io.jpom.permission.MethodFeature)
ClassFeature(io.jpom.permission.ClassFeature)
Example 3 with ClassFeature
use of io.jpom.permission.ClassFeature in project Jpom by dromara.
the class MonitorUserOptListController method getOperateTypeList.
/**
* 操作监控类型列表
*
* @return json
*/
@RequestMapping(value = "type_data", method = RequestMethod.POST, produces = MediaType.APPLICATION_JSON_VALUE)
@Feature(method = MethodFeature.LIST)
public String getOperateTypeList() {
JSONObject jsonObject = new JSONObject();
//
List<JSONObject> classFeatureList = Arrays.stream(ClassFeature.values()).filter(classFeature -> classFeature != ClassFeature.NULL).map(classFeature -> {
JSONObject jsonObject1 = new JSONObject();
jsonObject1.put("title", classFeature.getName());
jsonObject1.put("value", classFeature.name());
return jsonObject1;
}).collect(Collectors.toList());
jsonObject.put("classFeature", classFeatureList);
//
List<JSONObject> methodFeatureList = Arrays.stream(MethodFeature.values()).filter(methodFeature -> methodFeature != MethodFeature.NULL && methodFeature != MethodFeature.LIST).map(classFeature -> {
JSONObject jsonObject1 = new JSONObject();
jsonObject1.put("title", classFeature.getName());
jsonObject1.put("value", classFeature.name());
return jsonObject1;
}).collect(Collectors.toList());
jsonObject.put("methodFeature", methodFeatureList);
return JsonMessage.getString(200, "success", jsonObject);
}
Also used :
PageResultDto(io.jpom.model.PageResultDto)
Arrays(java.util.Arrays)
ClassFeature(io.jpom.permission.ClassFeature)
MediaType(org.springframework.http.MediaType)
EnumUtil(cn.hutool.core.util.EnumUtil)
RequestMapping(org.springframework.web.bind.annotation.RequestMapping)
RequestMethod(org.springframework.web.bind.annotation.RequestMethod)
RestController(org.springframework.web.bind.annotation.RestController)
Collectors(java.util.stream.Collectors)
Feature(io.jpom.permission.Feature)
Objects(java.util.Objects)
JsonMessage(cn.jiangzeyin.common.JsonMessage)
JSONArray(com.alibaba.fastjson.JSONArray)
StrUtil(cn.hutool.core.util.StrUtil)
ValidatorRule(cn.jiangzeyin.common.validator.ValidatorRule)
List(java.util.List)
MonitorUserOptModel(io.jpom.model.data.MonitorUserOptModel)
MonitorUserOptService(io.jpom.service.monitor.MonitorUserOptService)
ValidatorItem(cn.jiangzeyin.common.validator.ValidatorItem)
Convert(cn.hutool.core.convert.Convert)
JSONObject(com.alibaba.fastjson.JSONObject)
MethodFeature(io.jpom.permission.MethodFeature)
BaseServerController(io.jpom.common.BaseServerController)
Assert(org.springframework.util.Assert)
JSONObject(com.alibaba.fastjson.JSONObject)
ClassFeature(io.jpom.permission.ClassFeature)
Feature(io.jpom.permission.Feature)
MethodFeature(io.jpom.permission.MethodFeature)
RequestMapping(org.springframework.web.bind.annotation.RequestMapping)
Example 4 with ClassFeature
use of io.jpom.permission.ClassFeature in project Jpom by dromara.
the class MonitorUserOptListController method updateMonitor.
/**
* 增加或修改监控
*
* @param id id
* @param name name
* @param notifyUser user
* @return json
*/
@RequestMapping(value = "update", method = RequestMethod.POST, produces = MediaType.APPLICATION_JSON_VALUE)
@Feature(method = MethodFeature.EDIT)
public String updateMonitor(String id, @ValidatorItem(value = ValidatorRule.NOT_BLANK, msg = "监控名称不能为空") String name, String notifyUser, String monitorUser, String monitorOpt, String monitorFeature) {
String status = getParameter("status");
JSONArray jsonArray = JSONArray.parseArray(notifyUser);
List<String> notifyUsers = jsonArray.toJavaList(String.class).stream().filter(Objects::nonNull).collect(Collectors.toList());
Assert.notEmpty(notifyUsers, "请选择报警联系人");
JSONArray monitorUserArray = JSONArray.parseArray(monitorUser);
List<String> monitorUserArrays = monitorUserArray.toJavaList(String.class).stream().filter(Objects::nonNull).collect(Collectors.toList());
Assert.notEmpty(monitorUserArrays, "请选择监控人员");
JSONArray monitorOptArray = JSONArray.parseArray(monitorOpt);
List<MethodFeature> monitorOptArrays = monitorOptArray.stream().map(o -> EnumUtil.fromString(MethodFeature.class, StrUtil.toString(o), null)).filter(Objects::nonNull).collect(Collectors.toList());
Assert.notEmpty(monitorOptArrays, "请选择监控的操作");
JSONArray monitorFeatureArray = JSONArray.parseArray(monitorFeature);
List<ClassFeature> monitorFeatureArrays = monitorFeatureArray.stream().map(o -> EnumUtil.fromString(ClassFeature.class, StrUtil.toString(o), null)).filter(Objects::nonNull).collect(Collectors.toList());
Assert.notEmpty(monitorFeatureArrays, "请选择监控的功能");
boolean start = "on".equalsIgnoreCase(status);
MonitorUserOptModel monitorModel = monitorUserOptService.getByKey(id);
if (monitorModel == null) {
monitorModel = new MonitorUserOptModel();
}
monitorModel.monitorUser(monitorUserArrays);
monitorModel.setStatus(start);
monitorModel.monitorOpt(monitorOptArrays);
monitorModel.monitorFeature(monitorFeatureArrays);
monitorModel.notifyUser(notifyUsers);
monitorModel.setName(name);
if (StrUtil.isEmpty(id)) {
// 添加监控
monitorUserOptService.insert(monitorModel);
return JsonMessage.getString(200, "添加成功");
}
monitorUserOptService.update(monitorModel);
return JsonMessage.getString(200, "修改成功");
}
Also used :
ClassFeature(io.jpom.permission.ClassFeature)
MethodFeature(io.jpom.permission.MethodFeature)
JSONArray(com.alibaba.fastjson.JSONArray)
MonitorUserOptModel(io.jpom.model.data.MonitorUserOptModel)
ClassFeature(io.jpom.permission.ClassFeature)
Feature(io.jpom.permission.Feature)
MethodFeature(io.jpom.permission.MethodFeature)
RequestMapping(org.springframework.web.bind.annotation.RequestMapping)
Example 5 with ClassFeature
use of io.jpom.permission.ClassFeature in project Jpom by dromara.
the class ServerWebSocketInterceptor method checkPermission.
/**
* 检查权限
*
* @param userInfo 用户
* @param attributes 属性
* @param handlerType 功能类型
* @return 错误消息
*/
private String checkPermission(UserModel userInfo, Map<String, Object> attributes, HandlerType handlerType) {
if (userInfo.isSuperSystemUser()) {
return StrUtil.EMPTY;
}
if (userInfo.isDemoUser()) {
return PermissionInterceptor.DEMO_TIP;
}
if (handlerType == HandlerType.nodeUpdate) {
return "您没有对应功能【" + ClassFeature.NODE_UPGRADE.getName() + "】管理权限";
}
Object dataItem = attributes.get("dataItem");
Object nodeInfo = attributes.get("nodeInfo");
String workspaceId = BeanUtil.getProperty(dataItem == null ? nodeInfo : dataItem, "workspaceId");
// ? : BeanUtil.getProperty(dataItem, "workspaceId");
//
attributes.put("workspaceId", workspaceId);
Class<?> handlerClass = handlerType.getHandlerClass();
SystemPermission systemPermission = handlerClass.getAnnotation(SystemPermission.class);
if (systemPermission != null) {
if (!userInfo.isSuperSystemUser()) {
return "您没有对应功能【" + ClassFeature.NODE_UPGRADE.getName() + "】管理权限";
}
}
Feature feature = handlerClass.getAnnotation(Feature.class);
MethodFeature method = feature.method();
ClassFeature cls = feature.cls();
UserBindWorkspaceService userBindWorkspaceService = SpringUtil.getBean(UserBindWorkspaceService.class);
boolean exists = userBindWorkspaceService.exists(userInfo.getId(), workspaceId + StrUtil.DASHED + method.name());
if (exists) {
return StrUtil.EMPTY;
}
return "您没有对应功能【" + cls.getName() + "-" + method.getName() + "】管理权限";
}
Also used :
SystemPermission(io.jpom.permission.SystemPermission)
ClassFeature(io.jpom.permission.ClassFeature)
MethodFeature(io.jpom.permission.MethodFeature)
Feature(io.jpom.permission.Feature)
MethodFeature(io.jpom.permission.MethodFeature)
ClassFeature(io.jpom.permission.ClassFeature)
UserBindWorkspaceService(io.jpom.service.user.UserBindWorkspaceService)
Aggregations
ClassFeature (io.jpom.permission.ClassFeature)8
MethodFeature (io.jpom.permission.MethodFeature)7
Feature (io.jpom.permission.Feature)5
MonitorUserOptModel (io.jpom.model.data.MonitorUserOptModel)4
StrUtil (cn.hutool.core.util.StrUtil)2
JSONArray (com.alibaba.fastjson.JSONArray)2
UserModel (io.jpom.model.data.UserModel)2
List (java.util.List)2
Collectors (java.util.stream.Collectors)2
RequestMapping (org.springframework.web.bind.annotation.RequestMapping)2
CollUtil (cn.hutool.core.collection.CollUtil)1
Convert (cn.hutool.core.convert.Convert)1
EnumUtil (cn.hutool.core.util.EnumUtil)1
JsonMessage (cn.jiangzeyin.common.JsonMessage)1
ValidatorItem (cn.jiangzeyin.common.validator.ValidatorItem)1
ValidatorRule (cn.jiangzeyin.common.validator.ValidatorRule)1
JSONObject (com.alibaba.fastjson.JSONObject)1
BaseServerController (io.jpom.common.BaseServerController)1
PageResultDto (io.jpom.model.PageResultDto)1
MonitorModel (io.jpom.model.data.MonitorModel)1
