jiangping
2023-10-26 1c84565d624ad0cce0576a22d0323cf3181d49cd
server/src/main/java/doumeemes/config/shiro/ShiroRealm.java
@@ -4,9 +4,6 @@
import doumeemes.core.exception.BusinessException;
import doumeemes.core.model.LoginUserInfo;
import doumeemes.core.utils.Constants;
import doumeemes.dao.business.model.Company;
import doumeemes.dao.business.model.CompanyUser;
import doumeemes.dao.business.model.Department;
import doumeemes.dao.ext.dto.QueryCompanyUserExtDTO;
import doumeemes.dao.ext.vo.CompanyExtListVO;
import doumeemes.dao.ext.vo.CompanyUserExtListVO;
@@ -15,7 +12,6 @@
import doumeemes.dao.system.model.SystemPermission;
import doumeemes.dao.system.model.SystemRole;
import doumeemes.dao.system.model.SystemUser;
import doumeemes.service.business.CompanyUserService;
import doumeemes.service.ext.CompanyExtService;
import doumeemes.service.ext.CompanyUserExtService;
import doumeemes.service.ext.DepartmentExtService;
@@ -37,12 +33,11 @@
import java.util.Date;
import java.util.List;
import java.util.Objects;
/**
 * 自定义Realm,处理认证和权限
 * @author Eva.Caesar Liu
 * @date 2022/04/18 18:12
 * @date 2022/03/15 09:54
 */
@Component
public class ShiroRealm extends AuthorizingRealm {
@@ -52,7 +47,7 @@
    private DepartmentExtService departmentExtService;
    @Lazy
    @Autowired
    private SystemDataPermissionService  systemDataPermissionService;
    private SystemDataPermissionService systemDataPermissionService;
    @Lazy
    @Autowired
    private CompanyExtService companyExtService;
@@ -70,19 +65,11 @@
    @Lazy
    @Autowired
    private SystemPermissionService systemPermissionService;
    /**
     * 重写supports方法,使 Shiro 能够识别自定义的 Token
     * @param token
     * @return
     */
    @Override
    public boolean supports(AuthenticationToken token) {
        return token instanceof ShiroToken;
    }
    /**
     * 权限处理
     * @author Eva.Caesar Liu
     * @date 2022/04/18 18:12
     * @date 2022/03/15 09:54
     */
    @Override
    protected AuthorizationInfo doGetAuthorizationInfo(PrincipalCollection principalCollection) {
@@ -97,82 +84,88 @@
    /**
     * 认证处理
     * @author Eva.Caesar Liu
     * @date 2022/04/18 18:12
     * @date 2022/03/15 09:54
     */
    @Override
    protected AuthenticationInfo doGetAuthenticationInfo(AuthenticationToken token) throws AuthenticationException,BusinessException {
    protected AuthenticationInfo doGetAuthenticationInfo(AuthenticationToken token) throws AuthenticationException {
        // 获取用户名
        ShiroToken authenticationToken =(ShiroToken) token;
        String username = authenticationToken.getPrincipal().toString();
        boolean isDdLogin = authenticationToken.getDdLogin();
        // 根据用户名查询用户对象
        SystemUser queryDto = new SystemUser();
        queryDto.setUsername(username);
        queryDto.setDeleted(Boolean.FALSE);
        SystemUser user = systemUserService.findOne(queryDto);
        if (user == null) {
            return null;
        }
        SystemRole role = new SystemRole();
        SystemPermission per = new SystemPermission();
        DepartmentExtListVO rootDepart = null,comDepart=null, depart = null;
        List<Integer> dpList = null;
        CompanyExtListVO com = null;
        CompanyUserExtListVO cu =null;
        if(Constants.equalsInteger(user.getType(),Constants.PlatType.admin)){
            //如果是平台用户
            role.setType(Constants.ROLETYPE.plat);
            per.setType(Constants.PlatType.admin);
        if(authenticationToken .getUpdateFlag() == 1){
            //如果是更新session
            return new SimpleAuthenticationInfo(authenticationToken.getUpdateUser(), authenticationToken.getPassword(), this.getName());
        }else{
            if(authenticationToken.getCompanyId() == null){
                throw new BusinessException(ResponseStatus.BAD_REQUEST.getCode(),"对不起,该账户异常!");
            String username = authenticationToken.getPrincipal().toString();
            boolean isDdLogin = authenticationToken.getDdLogin();
            // 根据用户名查询用户对象
            SystemUser queryDto = new SystemUser();
            queryDto.setUsername(username);
            queryDto.setDeleted(Boolean.FALSE);
            SystemUser user = systemUserService.findOne(queryDto);
            if (user == null) {
                return null;
            }
            com = companyExtService.getModelById(authenticationToken.getCompanyId());
            if(com == null){
                throw new BusinessException(ResponseStatus.NOT_ALLOWED.getCode(),"对不起,该账户异常!");
            }
            if(Constants.equalsInteger( com.getStatus(),Constants.ZERO) ){
                throw new BusinessException(ResponseStatus.NOT_ALLOWED.getCode(),"对不起,该企业已过禁用!");
            }
            if(com.getOepnValidDate() != null && com.getOepnValidDate().before(new Date())){
                throw new BusinessException(ResponseStatus.NOT_ALLOWED.getCode(),"对不起,该企业已过使用有效期!");
            }
            //如果是企业用户
            QueryCompanyUserExtDTO c =new QueryCompanyUserExtDTO();
            c.setUserId(user.getId());
            c.setDeleted(Constants.ZERO);
            c.setCompanyId(authenticationToken.getCompanyId());
            cu = companyUserExtService.selectOne(c);
            if(cu == null){
                throw new BusinessException(ResponseStatus.NOT_ALLOWED.getCode(),"对不起,该企业用户不存在!");
            }
            if(Constants.equalsInteger(cu.getStatus(),Constants.ONE)){
                throw new BusinessException(ResponseStatus.NOT_ALLOWED.getCode(),"对不起,该企业用户已禁用!");
            }
            rootDepart = departmentExtService.getModelById(c.getCompanyId(),cu.getRootDepartId());
            comDepart = departmentExtService.getModelById(c.getCompanyId(),cu.getComDepartId());
            depart = departmentExtService.getModelById(c.getCompanyId(),cu.getDepartmentId());
            if(rootDepart == null || comDepart == null || depart==null){
                throw new BusinessException(ResponseStatus.NOT_ALLOWED.getCode(),"对不起,该企业用户账户异常!");
            }
            role.setCompanyId(authenticationToken.getCompanyId());
            role.setType(Constants.ROLETYPE.com);
            per.setType(Constants.PlatType.company);
            per.setRoleType(Constants.ROLETYPE.com);
            per.setCompanyId(authenticationToken.getCompanyId());
            SystemRole rt = new SystemRole();
            rt.setType(Constants.ROLETYPE.com);
            rt.setCompanyId(c.getCompanyId());
            //数据部门权限集合
            dpList =systemDataPermissionService.selectHighRole(new SystemDataPermission(),rt,user,depart);
            SystemRole role = new SystemRole();
            SystemPermission per = new SystemPermission();
            DepartmentExtListVO rootDepart = null,comDepart=null, depart = null;
            List<Integer> dpList = null;
            CompanyExtListVO com = null;
            CompanyUserExtListVO cu =null;
            if(Constants.equalsInteger(user.getType(),Constants.PlatType.admin)){
                //如果是平台用户
                role.setType(Constants.ROLETYPE.plat);
                per.setType(Constants.PlatType.admin);
            }else{
                if(authenticationToken.getCompanyId() == null){
                    throw new BusinessException(ResponseStatus.BAD_REQUEST.getCode(),"对不起,该账户删除!");
                }
                com = companyExtService.getModelById(authenticationToken.getCompanyId());
                if(com == null || Constants.equalsInteger( com.getDeleted(),Constants.ONE)){
                    throw new BusinessException(ResponseStatus.NOT_ALLOWED.getCode(),"对不起,该账户删除!请联系管理员");
                }
                if(Constants.equalsInteger( com.getStatus(),Constants.ZERO) ){
                    throw new BusinessException(ResponseStatus.NOT_ALLOWED.getCode(),"对不起,该企业已禁用!");
                }
                if(com.getOepnValidDate() != null && com.getOepnValidDate().before(new Date())){
                    throw new BusinessException(ResponseStatus.NOT_ALLOWED.getCode(),"对不起,该企业已过使用有效期!");
                }
                //如果是企业用户
                QueryCompanyUserExtDTO c =new QueryCompanyUserExtDTO();
                c.setUserId(user.getId());
                c.setDeleted(Constants.ZERO);
                c.setCompanyId(authenticationToken.getCompanyId());
                cu = companyUserExtService.selectOne(c);
                if(cu == null){
                    throw new BusinessException(ResponseStatus.NOT_ALLOWED.getCode(),"对不起,该企业用户不存在!");
                }
                if(Constants.equalsInteger(cu.getStatus(),Constants.ONE)){
                    throw new BusinessException(ResponseStatus.NOT_ALLOWED.getCode(),"对不起,该企业用户已禁用!");
                }
                rootDepart = departmentExtService.getModelById(c.getCompanyId(),cu.getRootDepartId());
                comDepart = departmentExtService.getModelById(c.getCompanyId(),cu.getComDepartId());
                depart = departmentExtService.getModelById(c.getCompanyId(),cu.getDepartmentId());
                if(rootDepart == null || comDepart == null || depart==null){
                    throw new BusinessException(ResponseStatus.NOT_ALLOWED.getCode(),"对不起,该企业用户账户异常!");
                }
                role.setCompanyId(authenticationToken.getCompanyId());
                role.setType(Constants.ROLETYPE.com);
                per.setType(Constants.PlatType.company);
                per.setRoleType(Constants.ROLETYPE.com);
                per.setCompanyId(authenticationToken.getCompanyId());
                SystemRole rt = new SystemRole();
                rt.setType(Constants.ROLETYPE.com);
                rt.setCompanyId(c.getCompanyId());
                //数据部门权限集合
                dpList =systemDataPermissionService.selectHighRole(new SystemDataPermission(),rt,user,depart);
            }
            // 获取登录用户信息
            List<SystemRole> roles = systemRoleService.findByUserModel(user.getId(),role);
            List<SystemPermission> permissions = systemPermissionService.findByUserModel(user.getId(),per);
            LoginUserInfo userInfo = LoginUserInfo.from(user, roles, permissions,com,rootDepart,comDepart,depart,dpList,cu);
            // 验证用户
            return new SimpleAuthenticationInfo(userInfo, user.getPassword(), this.getName());
        }
        // 获取登录用户信息
        List<SystemRole> roles = systemRoleService.findByUserModel(user.getId(),role);
        List<SystemPermission> permissions = systemPermissionService.findByUserModel(user.getId(),per);
        LoginUserInfo userInfo = LoginUserInfo.from(user, roles, permissions,com,rootDepart,comDepart,depart,dpList,cu);
        // 验证用户
        return new SimpleAuthenticationInfo(userInfo, user.getPassword(), this.getName());
    }
}