package com.doumee.shiro;
|
|
import com.doumee.core.constants.ResponseStatus;
|
import com.doumee.core.exception.BusinessException;
|
import com.doumee.core.model.LoginUserInfo;
|
import com.doumee.core.utils.Constants;
|
import com.doumee.dao.business.model.CompanyPermission;
|
import com.doumee.dao.system.model.SystemPermission;
|
import com.doumee.dao.system.model.SystemRole;
|
import com.doumee.dao.system.model.SystemUser;
|
import com.doumee.service.business.CompanyPermissionService;
|
import com.doumee.service.system.SystemDataPermissionService;
|
import com.doumee.service.system.SystemPermissionService;
|
import com.doumee.service.system.SystemRoleService;
|
import com.doumee.service.system.SystemUserService;
|
import org.apache.shiro.authc.AuthenticationException;
|
import org.apache.shiro.authc.AuthenticationInfo;
|
import org.apache.shiro.authc.AuthenticationToken;
|
import org.apache.shiro.authc.SimpleAuthenticationInfo;
|
import org.apache.shiro.authz.AuthorizationInfo;
|
import org.apache.shiro.authz.SimpleAuthorizationInfo;
|
import org.apache.shiro.realm.AuthorizingRealm;
|
import org.apache.shiro.subject.PrincipalCollection;
|
import org.springframework.beans.factory.annotation.Autowired;
|
import org.springframework.context.annotation.Lazy;
|
import org.springframework.stereotype.Component;
|
|
import java.util.ArrayList;
|
import java.util.List;
|
|
/**
|
* 自定义Realm,处理认证和权限
|
* @author Eva.Caesar Liu
|
* @date 2022/03/15 09:54
|
*/
|
@Component
|
public class ShiroRealm extends AuthorizingRealm {
|
|
@Lazy
|
@Autowired
|
private SystemDataPermissionService systemDataPermissionService;
|
@Lazy
|
@Autowired
|
private SystemUserService systemUserService;
|
@Lazy
|
@Autowired
|
private CompanyPermissionService companyPermissionService;
|
|
@Lazy
|
@Autowired
|
private SystemRoleService systemRoleService;
|
|
@Lazy
|
@Autowired
|
private SystemPermissionService systemPermissionService;
|
|
/**
|
* 权限处理
|
* @author Eva.Caesar Liu
|
* @date 2022/03/15 09:54
|
*/
|
@Override
|
protected AuthorizationInfo doGetAuthorizationInfo(PrincipalCollection principalCollection) {
|
LoginUserInfo loginUserInfo = (LoginUserInfo)principalCollection.getPrimaryPrincipal();
|
// 设置用户角色和权限
|
SimpleAuthorizationInfo authorizationInfo = new SimpleAuthorizationInfo();
|
authorizationInfo.addRoles(loginUserInfo.getRoles());
|
authorizationInfo.addStringPermissions(loginUserInfo.getPermissions());
|
return authorizationInfo;
|
}
|
|
/**
|
* 认证处理
|
* @author Eva.Caesar Liu
|
* @date 2022/03/15 09:54
|
*/
|
@Override
|
protected AuthenticationInfo doGetAuthenticationInfo(AuthenticationToken authenticationToken) throws AuthenticationException {
|
// 获取用户名
|
String username = authenticationToken.getPrincipal().toString();
|
// 根据用户名查询用户对象
|
SystemUser queryDto = new SystemUser();
|
queryDto.setUsername(username);
|
queryDto.setType(Constants.UserType.SYSTEM.getKey());
|
queryDto.setDeleted(Boolean.FALSE);
|
SystemUser user = systemUserService.findOne(queryDto);
|
if(user == null){
|
throw new BusinessException(ResponseStatus.NOT_ALLOWED.getCode(),"对不起,账号或密码不正确!");
|
}
|
if(!Constants.equalsInteger(user.getStatus(),Constants.ZERO)){
|
throw new BusinessException(ResponseStatus.NOT_ALLOWED.getCode(),"对不起,账号信息已被禁用,如有疑问请联系系统管理员!");
|
}
|
// 获取登录用户信息
|
List<SystemRole> roles = systemRoleService.findByUserId(user.getId());
|
List<SystemPermission> permissions = systemPermissionService.findByUserId(user.getId());
|
LoginUserInfo userInfo = LoginUserInfo.from(user, roles, permissions);
|
CompanyPermission c = new CompanyPermission();
|
c.setUserId(user.getId());
|
c.setIsdeleted(Constants.ZERO);
|
List<CompanyPermission> pList = companyPermissionService.findList(c);
|
if(pList!=null){
|
for (CompanyPermission cc : pList){
|
if(user.getCompanyIdList() == null){
|
user.setCompanyIdList(new ArrayList<>());
|
}
|
user.getCompanyIdList().add(cc.getCompanyId());
|
}
|
}
|
// 验证用户
|
return new SimpleAuthenticationInfo(userInfo, user.getPassword(), this.getName());
|
}
|
|
}
|
