package com.fr.plugin.roles; import com.fr.base.TableData; import com.fr.decision.authority.base.constant.type.authority.AuthorityType; import com.fr.decision.authority.base.constant.type.operation.OperationType; import com.fr.decision.authority.data.CustomRole; import com.fr.decision.authority.data.User; import com.fr.decision.base.util.CollectionUtil; import com.fr.decision.fun.impl.AbstractGlobalRequestFilterProvider; import com.fr.decision.webservice.Response; import com.fr.decision.webservice.bean.authority.PrivilegeBean; import com.fr.decision.webservice.bean.authority.PrivilegeDetailBean; import com.fr.decision.webservice.bean.user.*; import com.fr.decision.webservice.utils.ControllerFactory; import com.fr.decision.webservice.utils.controller.CustomRoleController; import com.fr.decision.webservice.v10.authority.AuthorityService; import com.fr.decision.webservice.v10.login.LoginService; import com.fr.decision.webservice.v10.user.CustomRoleService; import com.fr.decision.webservice.v10.user.UserService; import com.fr.file.TableDataConfig; import com.fr.general.data.DataModel; import com.fr.intelli.record.Focus; import com.fr.intelli.record.Original; import com.fr.json.JSONArray; import com.fr.json.JSONObject; import com.fr.log.FineLoggerFactory; import com.fr.record.analyzer.EnableMetrics; import com.fr.script.Calculator; import com.fr.stable.StringUtils; import com.fr.stable.query.data.DataList; import com.fr.third.org.apache.http.client.methods.CloseableHttpResponse; import com.fr.third.org.apache.http.client.methods.HttpPost; import com.fr.third.org.apache.http.client.methods.HttpPut; import com.fr.third.org.apache.http.entity.StringEntity; import com.fr.third.org.apache.http.impl.client.CloseableHttpClient; import com.fr.third.org.apache.http.impl.client.HttpClientBuilder; import com.fr.third.org.apache.http.util.EntityUtils; import com.fr.web.utils.WebUtils; import javax.servlet.FilterChain; import javax.servlet.http.HttpServletRequest; import javax.servlet.http.HttpServletResponse; import java.util.*; @EnableMetrics public class JSDCustomRoleResource extends AbstractGlobalRequestFilterProvider { private static final String ROLES = "/decision/v10/roles"; //private static final String ROLES = "/decision/v10/roleserwrerer"; @Override @Focus(id = "com.fr.plugin.JSD9827", text = "Plugin-JSD_9827_custom_role", source = Original.PLUGIN) public String filterName() { return "JSDCustomRoleResource"; } @Override public String[] urlPatterns() { return new String[]{ "/decision/v10/roles" }; } @Override public void doFilter(HttpServletRequest req, HttpServletResponse res, FilterChain filterChain) { String uri = req.getRequestURI(); try { // 角色查询拦截 if (uri.endsWith(ROLES)) { String currentUId = UserService.getInstance().getCurrentUserId(req); String currentUserName = LoginService.getInstance().getUserNameFromRequest(req); String page = WebUtils.getHTTPRequestParameter(req, "page"); String count = WebUtils.getHTTPRequestParameter(req, "count"); if (StringUtils.equals(req.getMethod(), "GET") && StringUtils.isNotEmpty(page) && StringUtils.isNotEmpty(count)) { String keyword = WebUtils.getHTTPRequestParameter(req, "keyword"); int creationType = StringUtils.isEmpty(WebUtils.getHTTPRequestParameter(req, "creationType")) ? 0 : Integer.valueOf(WebUtils.getHTTPRequestParameter(req, "creationType")); int privilegeType = StringUtils.isEmpty(WebUtils.getHTTPRequestParameter(req, "privilegeType")) ? 9 : Integer.valueOf(WebUtils.getHTTPRequestParameter(req, "privilegeType")); List uids = new ArrayList<>(); uids.add(currentUId); TableData tableData = TableDataConfig.getInstance().getTableData("useraccess"); if (tableData != null) { DataModel model = tableData.createDataModel(Calculator.createCalculator()); for (int i = 0; i < model.getRowCount(); i++) { String userName = (String) model.getValueAt(i, 0); if (currentUserName.equals(userName)) { continue; } User user = UserService.getInstance().getUserByUserName(userName); if (user != null) { String uid = user.getId(); shareRoles(uid, currentUId, req); } } } //Response roleList = getRoleList(uids.toArray(new String[0]), Integer.valueOf(page), Integer.valueOf(count), keyword, creationType, privilegeType); Response roleList = getRoleList(currentUId, Integer.valueOf(page), Integer.valueOf(count), keyword, creationType, privilegeType); WebUtils.printAsJSON(res, JSONObject.mapFrom(roleList)); return; } } filterChain.doFilter(req, res); } catch (Exception e) { FineLoggerFactory.getLogger().error(e, e.getMessage()); } } /** * 将A用户的角色，共享给B用户 */ private void shareRoles(String srcUid, String destUid, HttpServletRequest req) throws Exception { List customRoles = getAllRoles(srcUid, 0); if (customRoles != null) { // 获取原用户的角色权限 JSONObject jsonObject = new JSONObject(); jsonObject.put("carrierType", "user"); jsonObject.put("entityType", "customRole"); jsonObject.put("carrierId", srcUid); JSONArray jsonArray = new JSONArray(); for (CustomRole role : customRoles) { jsonArray.put(role.getId()); } jsonObject.put("entityIds", jsonArray); StringBuffer reqUrl = req.getRequestURL(); String url = reqUrl.delete(reqUrl.length() - req.getRequestURI().length(), reqUrl.length()).toString(); url += "/webroot/decision/v10/authority/carrier"; CloseableHttpClient client = HttpClientBuilder.create().build(); HttpPost request = new HttpPost(url); request.setHeader("Content-Type", "application/json"); request.setHeader("Authorization", req.getHeader("Authorization")); StringEntity entity = new StringEntity(jsonObject.toString(), "UTF-8"); request.setEntity(entity); CloseableHttpResponse response = client.execute(request); String res = EntityUtils.toString(response.getEntity(), "UTF-8"); // 更新目标用户的角色权限 if (StringUtils.isNotEmpty(res)) { JSONObject jsonObjectRes = new JSONObject(res); JSONObject data = jsonObjectRes.getJSONObject("data"); if (data == null) { FineLoggerFactory.getLogger().info("原用户角色权限数据为空"); return; } JSONArray roleArr = data.getJSONArray("customRole"); if (roleArr == null) { FineLoggerFactory.getLogger().info("原用户角色权限数据为空"); return; } for (int i = 0; i < roleArr.size(); i++) { JSONObject roleJson = (JSONObject) roleArr.get(i); JSONArray values = roleJson.getJSONArray("values"); if (values == null) { continue; } PrivilegeBean privilegeBean = new PrivilegeBean(); privilegeBean.setId(roleJson.getString("id")); List detailBeans = new ArrayList<>(); for (int j = 0; j < values.size(); j++) { JSONObject val = values.getJSONObject(j); PrivilegeDetailBean detailBean = new PrivilegeDetailBean(); detailBean.setPrivilegeType(val.getInt("privilegeType")); detailBean.setPrivilegeValue(val.getInt("privilegeValue")); detailBeans.add(detailBean); } privilegeBean.setValues(detailBeans.toArray(new PrivilegeDetailBean[0])); AuthorityService.getInstance().updateAuthorityEntityByCarrier(destUid, "user", destUid, privilegeBean, "customRole"); } } } } private List getAllRoles(String uid, int creationType) throws Exception { OperationType[] operTypeArr = creationType == 0 ? new OperationType[0] : new OperationType[]{OperationType.fromInteger(creationType)}; CustomRoleController customRoleController = ControllerFactory.getInstance().getCustomRoleController(uid); //DataList customRoles = customRoleController.getCustomRoles(uid, 1, 1000, "", operTypeArr); DataList customRoles = customRoleController.getCustomRoles(uid, 1, 1000, ""); return customRoles.getList(); } private Response getRoleList(String userid, int page, int count, String keyword, int creationType, int privilegeType) throws Exception { AuthorityType authorityType = AuthorityType.fromInteger(privilegeType); OperationType[] operTypeArr = creationType == 0 ? new OperationType[0] : new OperationType[]{OperationType.fromInteger(creationType)}; //Map customRoleMap = CustomRoleService.getInstance().getCustomRoles(userid, page, count, keyword, operTypeArr); Map customRoleMap = CustomRoleService.getInstance().getCustomRoles(userid, page, count, keyword); return Response.ok(customRoleMap); } }