open-JSD-9827/src/main/java/com/fr/plugin/roles/JSDCustomRoleResource.java

package com.fr.plugin.roles;

import com.fr.base.TableData;
import com.fr.decision.authority.base.constant.type.authority.AuthorityType;
import com.fr.decision.authority.base.constant.type.operation.OperationType;
import com.fr.decision.authority.data.CustomRole;
import com.fr.decision.authority.data.User;
import com.fr.decision.base.util.CollectionUtil;
import com.fr.decision.fun.impl.AbstractGlobalRequestFilterProvider;
import com.fr.decision.webservice.Response;
import com.fr.decision.webservice.bean.authority.PrivilegeBean;
import com.fr.decision.webservice.bean.authority.PrivilegeDetailBean;
import com.fr.decision.webservice.bean.user.*;
import com.fr.decision.webservice.utils.ControllerFactory;
import com.fr.decision.webservice.utils.controller.CustomRoleController;
import com.fr.decision.webservice.v10.authority.AuthorityService;
import com.fr.decision.webservice.v10.login.LoginService;
import com.fr.decision.webservice.v10.user.CustomRoleService;
import com.fr.decision.webservice.v10.user.UserService;
import com.fr.file.TableDataConfig;
import com.fr.general.data.DataModel;
import com.fr.intelli.record.Focus;
import com.fr.intelli.record.Original;
import com.fr.json.JSONArray;
import com.fr.json.JSONObject;
import com.fr.log.FineLoggerFactory;
import com.fr.record.analyzer.EnableMetrics;
import com.fr.script.Calculator;
import com.fr.stable.StringUtils;
import com.fr.stable.query.data.DataList;
import com.fr.third.org.apache.http.client.methods.CloseableHttpResponse;
import com.fr.third.org.apache.http.client.methods.HttpPost;
import com.fr.third.org.apache.http.client.methods.HttpPut;
import com.fr.third.org.apache.http.entity.StringEntity;
import com.fr.third.org.apache.http.impl.client.CloseableHttpClient;
import com.fr.third.org.apache.http.impl.client.HttpClientBuilder;
import com.fr.third.org.apache.http.util.EntityUtils;
import com.fr.web.utils.WebUtils;

import javax.servlet.FilterChain;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import java.util.*;

@EnableMetrics
public class JSDCustomRoleResource extends AbstractGlobalRequestFilterProvider {

    private static final String ROLES = "/decision/v10/roles";
    //private static final String ROLES = "/decision/v10/roleserwrerer";

    @Override
    @Focus(id = "com.fr.plugin.JSD9827", text = "Plugin-JSD_9827_custom_role", source = Original.PLUGIN)
    public String filterName() {
        return "JSDCustomRoleResource";
    }

    @Override
    public String[] urlPatterns() {
        return new String[]{
                "/decision/v10/roles"
        };
    }


    @Override
    public void doFilter(HttpServletRequest req, HttpServletResponse res, FilterChain filterChain) {

        String uri = req.getRequestURI();
        try {
            // 角色查询拦截
            if (uri.endsWith(ROLES)) {
                String currentUId = UserService.getInstance().getCurrentUserId(req);
                String currentUserName = LoginService.getInstance().getUserNameFromRequest(req);
                String page = WebUtils.getHTTPRequestParameter(req, "page");
                String count = WebUtils.getHTTPRequestParameter(req, "count");

                if (StringUtils.equals(req.getMethod(), "GET") && StringUtils.isNotEmpty(page) && StringUtils.isNotEmpty(count)) {
                    String keyword = WebUtils.getHTTPRequestParameter(req, "keyword");
                    int creationType = StringUtils.isEmpty(WebUtils.getHTTPRequestParameter(req, "creationType")) ? 0 : Integer.valueOf(WebUtils.getHTTPRequestParameter(req, "creationType"));
                    int privilegeType = StringUtils.isEmpty(WebUtils.getHTTPRequestParameter(req, "privilegeType")) ? 9 : Integer.valueOf(WebUtils.getHTTPRequestParameter(req, "privilegeType"));

                    List<String> uids = new ArrayList<>();
                    uids.add(currentUId);
                    TableData tableData = TableDataConfig.getInstance().getTableData("useraccess");

                    if (tableData != null) {
                        DataModel model = tableData.createDataModel(Calculator.createCalculator());
                        for (int i = 0; i < model.getRowCount(); i++) {
                            String userName = (String) model.getValueAt(i, 0);
                            if (currentUserName.equals(userName)) {
                                continue;
                            }
                            User user = UserService.getInstance().getUserByUserName(userName);
                            if (user != null) {
                                String uid = user.getId();
                                shareRoles(uid, currentUId, req);
                            }
                        }
                    }
                    //Response roleList = getRoleList(uids.toArray(new String[0]), Integer.valueOf(page), Integer.valueOf(count), keyword, creationType, privilegeType);
                    Response roleList = getRoleList(currentUId, Integer.valueOf(page), Integer.valueOf(count), keyword, creationType, privilegeType);
                    WebUtils.printAsJSON(res, JSONObject.mapFrom(roleList));
                    return;
                }
            }

            filterChain.doFilter(req, res);

        } catch (Exception e) {
            FineLoggerFactory.getLogger().error(e, e.getMessage());
        }
    }


    /**
     * 将A用户的角色，共享给B用户
     */
    private void shareRoles(String srcUid, String destUid, HttpServletRequest req) throws Exception {
        List<CustomRole> customRoles = getAllRoles(srcUid, 0);
        if (customRoles != null) {

            // 获取原用户的角色权限
            JSONObject jsonObject = new JSONObject();
            jsonObject.put("carrierType", "user");
            jsonObject.put("entityType", "customRole");
            jsonObject.put("carrierId", srcUid);
            JSONArray jsonArray = new JSONArray();
            for (CustomRole role : customRoles) {
                jsonArray.put(role.getId());
            }
            jsonObject.put("entityIds", jsonArray);

            StringBuffer reqUrl = req.getRequestURL();
            String url = reqUrl.delete(reqUrl.length() - req.getRequestURI().length(), reqUrl.length()).toString();
            url += "/webroot/decision/v10/authority/carrier";

            CloseableHttpClient client = HttpClientBuilder.create().build();
            HttpPost request = new HttpPost(url);
            request.setHeader("Content-Type", "application/json");
            request.setHeader("Authorization", req.getHeader("Authorization"));
            StringEntity entity = new StringEntity(jsonObject.toString(), "UTF-8");
            request.setEntity(entity);
            CloseableHttpResponse response = client.execute(request);
            String res = EntityUtils.toString(response.getEntity(), "UTF-8");

            // 更新目标用户的角色权限
            if (StringUtils.isNotEmpty(res)) {
                JSONObject jsonObjectRes = new JSONObject(res);
                JSONObject data = jsonObjectRes.getJSONObject("data");
                if (data == null) {
                    FineLoggerFactory.getLogger().info("原用户角色权限数据为空");
                    return;
                }
                JSONArray roleArr = data.getJSONArray("customRole");
                if (roleArr == null) {
                    FineLoggerFactory.getLogger().info("原用户角色权限数据为空");
                    return;
                }

                for (int i = 0; i < roleArr.size(); i++) {
                    JSONObject roleJson = (JSONObject) roleArr.get(i);
                    JSONArray values = roleJson.getJSONArray("values");
                    if (values == null) {
                        continue;
                    }
                    PrivilegeBean privilegeBean = new PrivilegeBean();
                    privilegeBean.setId(roleJson.getString("id"));
                    List<PrivilegeDetailBean> detailBeans = new ArrayList<>();
                    for (int j = 0; j < values.size(); j++) {
                        JSONObject val = values.getJSONObject(j);
                        PrivilegeDetailBean detailBean = new PrivilegeDetailBean();
                        detailBean.setPrivilegeType(val.getInt("privilegeType"));
                        detailBean.setPrivilegeValue(val.getInt("privilegeValue"));
                        detailBeans.add(detailBean);
                    }
                    privilegeBean.setValues(detailBeans.toArray(new PrivilegeDetailBean[0]));

                    AuthorityService.getInstance().updateAuthorityEntityByCarrier(destUid, "user", destUid, privilegeBean, "customRole");
                }
            }

        }

    }


    private List<CustomRole> getAllRoles(String uid, int creationType) throws Exception {
        OperationType[] operTypeArr = creationType == 0 ? new OperationType[0] : new OperationType[]{OperationType.fromInteger(creationType)};
        CustomRoleController customRoleController = ControllerFactory.getInstance().getCustomRoleController(uid);
        //DataList<CustomRole> customRoles = customRoleController.getCustomRoles(uid, 1, 1000, "", operTypeArr);
        DataList<CustomRole> customRoles = customRoleController.getCustomRoles(uid, 1, 1000, "");
        return customRoles.getList();
    }

    private Response getRoleList(String userid, int page, int count, String keyword, int creationType, int privilegeType) throws Exception {
        AuthorityType authorityType = AuthorityType.fromInteger(privilegeType);
        OperationType[] operTypeArr = creationType == 0 ? new OperationType[0] : new OperationType[]{OperationType.fromInteger(creationType)};
        //Map<String, Object> customRoleMap = CustomRoleService.getInstance().getCustomRoles(userid, page, count, keyword, operTypeArr);
        Map<String, Object> customRoleMap = CustomRoleService.getInstance().getCustomRoles(userid, page, count, keyword);
        return Response.ok(customRoleMap);
    }

}