hugh
/
open-JSD-7963
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity
JSD-7963 复合单点登录+登录时增量更新用户组织和权限信息
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
2 Commits
1 Branch
0 Tags
131 KiB
 
 
Branch: 10.0
Branches Tags
${ item.name }
Create tag ${ searchTerm }
Create branch ${ searchTerm }
from '10.0'
${ noResults }
open-JSD-7963/src/com/fr/plugin/LoginFilter.java

150 lines
6.6 KiB
Raw Permalink Blame History

package com.fr.plugin;
import com.fr.decision.authority.AuthorityContext;
import com.fr.decision.authority.base.constant.type.operation.ManualOperationType;
import com.fr.decision.authority.controller.CustomRoleController;
import com.fr.decision.authority.controller.UserController;
import com.fr.decision.authority.data.CustomRole;
import com.fr.decision.authority.data.User;
import com.fr.decision.fun.impl.AbstractEmbedRequestFilterProvider;
import com.fr.decision.privilege.encrpt.PasswordValidator;
import com.fr.decision.webservice.utils.UserSourceFactory;
import com.fr.decision.webservice.v10.login.LoginService;
import com.fr.decision.webservice.v10.user.UserService;
import com.fr.io.utils.ResourceIOUtils;
import com.fr.json.JSONArray;
import com.fr.json.JSONObject;
import com.fr.log.FineLoggerFactory;
import com.fr.stable.StringUtils;
import com.fr.stable.query.QueryFactory;
import javax.servlet.ServletException;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import javax.servlet.http.HttpSession;
import java.io.IOException;
import java.io.InputStream;
import java.io.UnsupportedEncodingException;
import java.net.URLDecoder;
import java.util.*;
/**
* 废弃
*/
public class LoginFilter extends AbstractEmbedRequestFilterProvider {
private boolean isLogin(HttpServletRequest req){
return LoginService.getInstance().isLogged(req);
}
@Override
public void filter(HttpServletRequest req, HttpServletResponse res) throws IOException, ServletException {
String header = req.getHeader("X-Context");
if (StringUtils.isNotBlank(header) && !isLogin(req)) {
try {
header = URLDecoder.decode(header, "UTF-8");
} catch (UnsupportedEncodingException e) {
e.printStackTrace();
}
FineLoggerFactory.getLogger().info("拦截器捕获一个请求 x-content :{}", header);
JSONObject entries = new JSONObject(header);
String usrNm = entries.getString("usrNm");
JSONArray rlNoList = entries.getJSONArray("rlNoList");
try {
User user = UserService.getInstance().getUserByUserName(usrNm);
UserController userController = AuthorityContext.getInstance().getUserController();
CustomRoleController customRoleController = AuthorityContext.getInstance().getCustomRoleController();
if (user == null) {
FineLoggerFactory.getLogger().info("拦截器新增一个用户 :{}", usrNm);
PasswordValidator passwordValidator = UserSourceFactory.getInstance().getUserSource(ManualOperationType.KEY).getPasswordValidator();
user = (new User()).userName(usrNm).realName(usrNm).password(passwordValidator.encode(usrNm, UUID.randomUUID().toString()))
.creationType(ManualOperationType.KEY).lastOperationType(ManualOperationType.KEY).enable(true);
userController.add(user);
}
String userId = user.getId();
List<CustomRole> roles = customRoleController.findByUser(userId, QueryFactory.create());
List<String> localRoles = new ArrayList<>();
boolean isAdminRoleFlag = false;
List<String> adminFlags = getAdminFlags();
for (CustomRole role : roles) {
String name = role.getName();
localRoles.add(name);
if(isAdminFlags(name,adminFlags)){
isAdminRoleFlag = true;
}
}
List<String> remoteRoles = new ArrayList<>();
try {
int size = rlNoList.size();
for (int i = 0; i < size; i++) {
String name = rlNoList.getString(i);
remoteRoles.add(name);
}
//先判断传过来的的角色是不是本地都有,没有要加上
for (String role : remoteRoles) {
if (!localRoles.contains(role)) {
userController.addUserToCustomRole(userId, role);
}
}
//在判断本地的角色是不是远程没有了,要移除掉
for (String localRole : localRoles) {
if (!remoteRoles.contains(localRole)) {
userController.removeUserFromCustomRole(userId, localRole);
}
}
} catch (Exception e) {
e.printStackTrace();
}
//如果是管理员标志就直接登录admin账号
if(isAdminRoleFlag){
login(req, res, "admin");
}else {
login(req, res, usrNm);
}
String home = req.getContextPath() + req.getServletPath();
sendRedirect(res, home);
return;
} catch (Exception e) {
e.printStackTrace();
}
}
return;
}
private static boolean isAdminFlags(String flag,List<String> flags){
return flags.contains(flag);
}
private List<String> getAdminFlags() {
InputStream inputStream = ResourceIOUtils.read("/config-all/adminflag.properties");
if (inputStream != null) {
Properties properties = new Properties();
try {
properties.load(inputStream);
String adminflag = properties.getProperty("adminflag");
if (StringUtils.isNotBlank(adminflag)) {
String[] split = adminflag.split(",");
return Arrays.asList(split);
}
} catch (IOException e) {
e.printStackTrace();
}
}
return Collections.emptyList();
}
private void sendRedirect(HttpServletResponse res, String url) {
res.setStatus(HttpServletResponse.SC_MOVED_TEMPORARILY);
res.setHeader("Location", url);
}
private void login(HttpServletRequest req, HttpServletResponse res, String username) {
String token = null;
try {
token = LoginService.getInstance().login(req, res, username);
req.setAttribute("fine_auth_token", token);
} catch (Exception e) {
FineLoggerFactory.getLogger().error(e.getMessage(), e);
FineLoggerFactory.getLogger().error("login failed");
}
FineLoggerFactory.getLogger().error("login success");
}
}