From 5999b5f217b7c4e99bfa67c52d8920700e9c2e5d Mon Sep 17 00:00:00 2001 From: Chopper Date: Tue, 27 Jul 2021 17:03:31 +0800 Subject: [PATCH] =?UTF-8?q?=E6=9D=83=E9=99=90=E6=94=B9=E7=89=88=E5=AE=8C?= =?UTF-8?q?=E6=88=90?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- .../serviceimpl/WechatMessageServiceImpl.java | 17 +++++++++-- .../message/util/WechatAccessTokenUtil.java | 2 +- .../message/util/WechatMessageUtil.java | 12 ++++---- .../modules/permission/entity/dos/Menu.java | 18 ++++-------- .../permission/entity/vo/UserMenuVO.java | 6 ++++ .../system/token/ManagerTokenGenerate.java | 19 ++++++------- .../security/ManagerAuthenticationFilter.java | 28 ++++++++++++------- 7 files changed, 61 insertions(+), 41 deletions(-) diff --git a/framework/src/main/java/cn/lili/modules/message/serviceimpl/WechatMessageServiceImpl.java b/framework/src/main/java/cn/lili/modules/message/serviceimpl/WechatMessageServiceImpl.java index 7fa749c4..bcb71198 100644 --- a/framework/src/main/java/cn/lili/modules/message/serviceimpl/WechatMessageServiceImpl.java +++ b/framework/src/main/java/cn/lili/modules/message/serviceimpl/WechatMessageServiceImpl.java @@ -39,6 +39,10 @@ public class WechatMessageServiceImpl extends ServiceImpl setIndustryParams = new HashMap<>(); + setIndustryParams.put("industry_id1", 1);//互联网/电子商务 + setIndustryParams.put("industry_id2", 5);//通信与运营商 + String context = HttpUtils.doPostWithJson(setIndustry + accessToken, setIndustryParams); + //获取已有模版,删除 - String context = HttpUtil.get(allMsgTpl + accessToken); + context = HttpUtil.get(allMsgTpl + accessToken); JSONObject jsonObject = new JSONObject(context); WechatMessageUtil.wechatHandler(jsonObject); List oldList = new ArrayList<>(); @@ -77,7 +90,7 @@ public class WechatMessageServiceImpl extends ServiceImpl tmpList = initData(); tmpList.forEach(tplData -> { WechatMessage wechatMessage = new WechatMessage(); - Map params = new HashMap<>(1); + Map params = new HashMap<>(1); params.put("template_id_short", tplData.getMsgId()); String content = HttpUtils.doPostWithJson(addTpl + accessToken, params); JSONObject tplContent = new JSONObject(content); diff --git a/framework/src/main/java/cn/lili/modules/message/util/WechatAccessTokenUtil.java b/framework/src/main/java/cn/lili/modules/message/util/WechatAccessTokenUtil.java index fc7411c8..2f8ba06b 100644 --- a/framework/src/main/java/cn/lili/modules/message/util/WechatAccessTokenUtil.java +++ b/framework/src/main/java/cn/lili/modules/message/util/WechatAccessTokenUtil.java @@ -68,7 +68,7 @@ public class WechatAccessTokenUtil { } //获取token String content = HttpUtil.get("https://api.weixin.qq.com/cgi-bin/token?grant_type=client_credential" + - "&appid=" + item.getAppId() + "&secret=" + item.getAppSecret()); + "&appid=wx6cfbe6e0ace12ce8&secret=6dfbe0c72380dce5d49d65b3c91059b1"); JSONObject object = new JSONObject(content); log.info("token获取【" + clientTypeEnum.name() + "】返回" + object.toString()); diff --git a/framework/src/main/java/cn/lili/modules/message/util/WechatMessageUtil.java b/framework/src/main/java/cn/lili/modules/message/util/WechatMessageUtil.java index 1c16343a..1c42ffb2 100644 --- a/framework/src/main/java/cn/lili/modules/message/util/WechatMessageUtil.java +++ b/framework/src/main/java/cn/lili/modules/message/util/WechatMessageUtil.java @@ -93,7 +93,7 @@ public class WechatMessageUtil { return; } - log.info("微信消息发送消息:", order.getMemberId() + "-" + sn); + log.info("微信消息发送消息:{}", order.getMemberId() + "-" + sn); //获取token String token = wechatAccessTokenUtil.cgiAccessToken(ClientTypeEnum.H5); @@ -137,7 +137,7 @@ public class WechatMessageUtil { wechatMPMessageQueryWrapper.eq(WechatMPMessage::getOrderStatus, order.getOrderStatus()); WechatMPMessage wechatMPMessage = wechatMPMessageService.getOne(wechatMPMessageQueryWrapper); if (wechatMPMessage == null) { - log.error("未配置微信消息订阅"); + log.info("未配置微信消息订阅"); return; } @@ -150,7 +150,7 @@ public class WechatMessageUtil { return; } - log.info("微信消息订阅消息发送:", order.getMemberId() + "-" + sn); + log.info("微信消息订阅消息发送:{}", order.getMemberId() + "-" + sn); //获取token String token = wechatAccessTokenUtil.cgiAccessToken(ClientTypeEnum.WECHAT_MP); @@ -270,7 +270,7 @@ public class WechatMessageUtil { /** * 如果返回信息有错误 * - * @param jsonObject + * @param jsonObject 返回消息 */ public static void wechatHandler(JSONObject jsonObject) { if (jsonObject.containsKey("errmsg")) { @@ -283,9 +283,9 @@ public class WechatMessageUtil { } /** - * 如果返回信息有错误....................................................................................................................................................................................333333333333333333 + * 如果返回信息有错误 * - * @param string + * @param string 返回消息 */ public static String wechatHandler(String string) { JSONObject jsonObject = new JSONObject(); diff --git a/framework/src/main/java/cn/lili/modules/permission/entity/dos/Menu.java b/framework/src/main/java/cn/lili/modules/permission/entity/dos/Menu.java index 3ba16eb2..ba84452c 100644 --- a/framework/src/main/java/cn/lili/modules/permission/entity/dos/Menu.java +++ b/framework/src/main/java/cn/lili/modules/permission/entity/dos/Menu.java @@ -26,36 +26,30 @@ public class Menu extends BaseEntity { private static final long serialVersionUID = 7050744476203495207L; - @ApiModelProperty(value = "菜单/权限名称") + @ApiModelProperty(value = "菜单名称") private String name; - @ApiModelProperty(value = "层级") + @ApiModelProperty(value = "菜单层级") private Integer level; @ApiModelProperty(value = "菜单标题") private String title; - @ApiModelProperty(value = "赋权API地址,正则表达式") + @ApiModelProperty(value = "路径") private String path; - @ApiModelProperty(value = "前端路由") + @ApiModelProperty(value = "前端目录文件") private String frontRoute; - @ApiModelProperty(value = "图标") - private String icon; - @ApiModelProperty(value = "父id") private String parentId = "0"; - @ApiModelProperty(value = "说明备注") - private String description; - @ApiModelProperty(value = "排序值") @Column(precision = 10, scale = 2) private BigDecimal sortOrder; - @ApiModelProperty(value = "文件地址") - private String frontComponent; + @ApiModelProperty(value = "权限URL,*号模糊匹配,逗号分割") + private String permission; } \ No newline at end of file diff --git a/framework/src/main/java/cn/lili/modules/permission/entity/vo/UserMenuVO.java b/framework/src/main/java/cn/lili/modules/permission/entity/vo/UserMenuVO.java index 5313fa72..acf550bb 100644 --- a/framework/src/main/java/cn/lili/modules/permission/entity/vo/UserMenuVO.java +++ b/framework/src/main/java/cn/lili/modules/permission/entity/vo/UserMenuVO.java @@ -19,4 +19,10 @@ public class UserMenuVO extends Menu { */ private Boolean isSupper; + public Boolean getSupper() { + if (this.isSupper == null) { + return false; + } + return isSupper; + } } diff --git a/framework/src/main/java/cn/lili/modules/system/token/ManagerTokenGenerate.java b/framework/src/main/java/cn/lili/modules/system/token/ManagerTokenGenerate.java index 3948977c..20827a25 100644 --- a/framework/src/main/java/cn/lili/modules/system/token/ManagerTokenGenerate.java +++ b/framework/src/main/java/cn/lili/modules/system/token/ManagerTokenGenerate.java @@ -77,28 +77,27 @@ public class ManagerTokenGenerate extends AbstractTokenGenerate { //循环权限菜单 userMenuVOList.forEach(menu -> { //循环菜单,赋予用户权限 - if (menu.getPath() != null) { + if (menu.getPermission() != null) { //获取路径集合 - String[] paths = menu.getPath().split("\\|"); + String[] permissionUrl = menu.getPermission().split(","); //for循环路径集合 - for (String path : paths) { + for (String url : permissionUrl) { //如果是超级权限 则计入超级权限 - if (menu.getIsSupper() != null && menu.getIsSupper()) { + if (menu.getSupper()) { //如果已有超级权限,则这里就不做权限的累加 - if (!superPermissions.contains(path)) { - superPermissions.add(path); + if (!superPermissions.contains(url)) { + superPermissions.add(url); } } //否则计入浏览权限 else { - //如果已有超级权限,或者已有普通查看权限,则这里就不做权限的累加 - if (!superPermissions.contains(path) && !queryPermissions.contains(path)) { - queryPermissions.add(path); + //没有权限,则累加。 + if (!queryPermissions.contains(url)) { + queryPermissions.add(url); } } } } - //去除无效的权限 superPermissions.forEach(queryPermissions::remove); }); diff --git a/manager-api/src/main/java/cn/lili/security/ManagerAuthenticationFilter.java b/manager-api/src/main/java/cn/lili/security/ManagerAuthenticationFilter.java index 70706a82..6fd2b16c 100755 --- a/manager-api/src/main/java/cn/lili/security/ManagerAuthenticationFilter.java +++ b/manager-api/src/main/java/cn/lili/security/ManagerAuthenticationFilter.java @@ -75,24 +75,32 @@ public class ManagerAuthenticationFilter extends BasicAuthenticationFilter { private void customAuthentication(HttpServletRequest request, HttpServletResponse response, UsernamePasswordAuthenticationToken authentication) throws NoPermissionException { AuthUser authUser = (AuthUser) authentication.getDetails(); String requestUrl = request.getRequestURI(); - Map> permission = (Map>) cache.get(CachePrefix.PERMISSION_LIST.getPrefix(UserEnums.MANAGER) + authUser.getId()); - //如果不是超级管理员, 不做鉴权 + + + //如果不是超级管理员, 则鉴权 if (!authUser.getIsSuper()) { - //获取数据权限 + Map> permission = (Map>) cache.get(CachePrefix.PERMISSION_LIST.getPrefix(UserEnums.MANAGER) + authUser.getId()); + + System.out.println(requestUrl); + System.out.println(PatternMatchUtils.simpleMatch(permission.get(PermissionEnum.SUPER.name()).toArray(new String[0]), requestUrl)); + System.out.println(PatternMatchUtils.simpleMatch(permission.get(PermissionEnum.QUERY.name()).toArray(new String[0]), requestUrl)); + + //获取数据(GET 请求)权限 if (request.getMethod().equals(RequestMethod.GET.name())) { //如果用户的超级权限和查阅权限都不包含当前请求的api - if (!PatternMatchUtils.simpleMatch(permission.get(PermissionEnum.SUPER.name()).toArray(new String[0]), requestUrl) && - !PatternMatchUtils.simpleMatch(permission.get(PermissionEnum.QUERY.name()).toArray(new String[0]), requestUrl)) { - - ResponseUtil.output(response, ResponseUtil.resultMap(false, 401, "抱歉,您没有访问权限")); + if (PatternMatchUtils.simpleMatch(permission.get(PermissionEnum.SUPER.name()).toArray(new String[0]), requestUrl) + || PatternMatchUtils.simpleMatch(permission.get(PermissionEnum.QUERY.name()).toArray(new String[0]), requestUrl)) { + } else { + ResponseUtil.output(response, ResponseUtil.resultMap(false, 400, "权限不足")); throw new NoPermissionException("权限不足"); } } - //非get请求(数据操作) 判定 + //非get请求(数据操作) 判定鉴权 else { - if (!PatternMatchUtils.simpleMatch(permission.get(PermissionEnum.SUPER.name()).toArray(new String[0]), request.getRequestURI())) { + if (PatternMatchUtils.simpleMatch(permission.get(PermissionEnum.SUPER.name()).toArray(new String[0]), request.getRequestURI())) { - ResponseUtil.output(response, ResponseUtil.resultMap(false, 401, "抱歉,您没有访问权限")); + } else { + ResponseUtil.output(response, ResponseUtil.resultMap(false, 400, "权限不足")); throw new NoPermissionException("权限不足"); } }