diff --git a/designer-base/src/main/java/com/fr/design/env/HttpWorkspaceConnector.java b/designer-base/src/main/java/com/fr/design/env/HttpWorkspaceConnector.java index 3687735601..d3d1d06176 100644 --- a/designer-base/src/main/java/com/fr/design/env/HttpWorkspaceConnector.java +++ b/designer-base/src/main/java/com/fr/design/env/HttpWorkspaceConnector.java @@ -4,8 +4,10 @@ import com.fanruan.workplace.http.HttpConstants; import com.fanruan.workplace.http.HttpServiceMap; import com.fanruan.workplace.http.RepositoryManager; import com.fanruan.workplace.http.info.Stub; +import com.fr.exception.RemoteDesignPermissionDeniedException; import com.fr.log.FineLoggerFactory; import com.fr.stable.StringUtils; +import com.fr.workspace.engine.exception.RemoteDesignConnectionException; import com.fr.workspace.server.repository.authority.RemoteAuthorityRepository; import com.fr.workspace.server.repository.compatible.register.CompatibleRegister; import com.fr.workspace.server.repository.connect.FineWorkspaceHttpClient; @@ -43,7 +45,8 @@ public class HttpWorkspaceConnector implements WorkspaceConnector { FineWorkspaceHttpClient client = FineWorkspaceHttpClient.create("Http-Client", connectionInfo); LoginResponseInfoBean bean; try { - bean = RemoteAuthorityRepository.getInstance().login(createLoginBean(connectionInfo)); + bean = RemoteAuthorityRepository.getInstance().login(createLoginBean(connectionInfo)); + checkValidAndUpdateInfo(client, connectionInfo, bean); } finally { client.closePool(); } @@ -65,12 +68,7 @@ public class HttpWorkspaceConnector implements WorkspaceConnector { throw new RuntimeException("Empty token, try connect again and check server"); } FineLoggerFactory.getLogger().info("[connector] infos:{}", bean.getAccessToken()); - WorkspaceConnection connection = new WorkspaceConnection( - UUID.randomUUID().toString(), - connectionInfo.getUserName(), - HttpConstants.AUTHORIZATION_PREFIX + bean.getAccessToken(), - InetAddress.getLocalHost().getHostAddress()); - client.updateConnection(connection); + checkValidAndUpdateInfo(client, connectionInfo, bean); client.startHeartBeat(); } catch (Exception e) { client.closePool(); @@ -81,6 +79,30 @@ public class HttpWorkspaceConnector implements WorkspaceConnector { return client; } + private void checkValidAndUpdateInfo(FineWorkspaceHttpClient client, WorkspaceConnectionInfo connectionInfo, LoginResponseInfoBean bean) throws Exception { + WorkspaceConnection connection = new WorkspaceConnection( + UUID.randomUUID().toString(), + connectionInfo.getUserName(), + HttpConstants.AUTHORIZATION_PREFIX + bean.getAccessToken(), + InetAddress.getLocalHost().getHostAddress()); + client.updateConnection(connection); + // 检查远程权限 + if (!checkRemoteAuthority(connection)) { + // 无权限则抛出无权限的错 + throw new RemoteDesignPermissionDeniedException(); + } + } + + private boolean checkRemoteAuthority(WorkspaceConnection connection) { + try { + return RemoteAuthorityRepository.getInstance().isRoot(connection.getUserName()) || RemoteAuthorityRepository.getInstance().hasAuthority(connection.getUserName()); + } catch (Exception e) { + // 如果这里出现异常,就认为fr服务没启动 + throw new RemoteDesignConnectionException(e, StringUtils.EMPTY); + } + + } + private LoginRequestInfoBean createLoginBean(WorkspaceConnectionInfo connectionInfo) { LoginRequestInfoBean bean = new LoginRequestInfoBean(); bean.setUsername(connectionInfo.getUserName()); diff --git a/designer-realize/src/main/java/com/fanruan/boot/init/DesignWorkContextComponent.java b/designer-realize/src/main/java/com/fanruan/boot/init/DesignWorkContextComponent.java index ee93d96369..51adb2fd57 100644 --- a/designer-realize/src/main/java/com/fanruan/boot/init/DesignWorkContextComponent.java +++ b/designer-realize/src/main/java/com/fanruan/boot/init/DesignWorkContextComponent.java @@ -11,6 +11,11 @@ import com.fanruan.workplace.conetxt.CompatiblePool; import com.fanruan.workplace.http.HttpConstants; import com.fanruan.workplace.http.RepositoryManager; import com.fanruan.workplace.http.WorkspaceHeartBeatShell; +import com.fr.workspace.engine.exception.RemoteDesignLoginLockHandler; +import com.fr.workspace.engine.exception.RemoteDesignNoAuthHandler; +import com.fr.workspace.engine.exception.RemoteDesignPasswordNeedUpdateHandler; +import com.fr.workspace.engine.exception.RemoteDesignPasswordStrengthHandler; +import com.fr.workspace.engine.exception.RemoteDesignUserPwdErrorHandler; import com.fanruan.workplace.http.exception.RemoteExceptionConvert; import com.fanruan.workplace.standard.ServerInfo; import com.fanruan.workplace.standard.ServerInfoOperator; @@ -43,10 +48,6 @@ import com.fr.workspace.engine.FineWorkspaceFactory; import com.fr.workspace.engine.base.FineObjectPool; import com.fr.workspace.engine.client.heartbeart.FineWorkspaceHeartbeat; import com.fr.workspace.engine.client.heartbeart.WorkspaceHeartbeat; -import com.fr.workspace.engine.exception.RemoteDesignNoAuthException; -import com.fr.workspace.engine.exception.RemoteDesignPasswordNeedUpdateException; -import com.fr.workspace.engine.exception.RemoteDesignPasswordStrengthException; -import com.fr.workspace.engine.exception.RemoteDesignUserPwdErrorException; import com.fr.workspace.engine.resource.FineWorkResource; import com.fr.workspace.engine.resource.FineWorkResourceAdaptor; import com.fr.workspace.pool.WorkRPCRegister; @@ -144,11 +145,12 @@ public class DesignWorkContextComponent { private void startErrorConvert() { - RemoteExceptionConvert.registerException(HttpConstants.USER_PWD_ERROR_CODE, new RemoteDesignUserPwdErrorException()); - RemoteExceptionConvert.registerException(HttpConstants.USER_PWD_NEED_UPDATE, new RemoteDesignPasswordNeedUpdateException()); - RemoteExceptionConvert.registerException(HttpConstants.PASSWORD_STRENGTH_ERROR_CODE, new RemoteDesignPasswordStrengthException()); - RemoteExceptionConvert.registerException(HttpConstants.REMOTE_AUTHORITY_ERROR_CODE, new RemoteDesignNoAuthException()); - RemoteExceptionConvert.registerException(HttpConstants.PASSWORD_EMPTY_ERROR_CODE, new RemoteDesignUserPwdErrorException()); + RemoteExceptionConvert.registerException(HttpConstants.USER_PWD_ERROR_CODE, new RemoteDesignUserPwdErrorHandler()); + RemoteExceptionConvert.registerException(HttpConstants.USER_PWD_NEED_UPDATE, new RemoteDesignPasswordNeedUpdateHandler()); + RemoteExceptionConvert.registerException(HttpConstants.PASSWORD_STRENGTH_ERROR_CODE, new RemoteDesignPasswordStrengthHandler()); + RemoteExceptionConvert.registerException(HttpConstants.REMOTE_AUTHORITY_ERROR_CODE, new RemoteDesignNoAuthHandler()); + RemoteExceptionConvert.registerException(HttpConstants.PASSWORD_EMPTY_ERROR_CODE, new RemoteDesignUserPwdErrorHandler()); + RemoteExceptionConvert.registerException(HttpConstants.LOGIN_LOCK, new RemoteDesignLoginLockHandler()); } private void supplementalCommon() {