DM云工厂标准版
blame | 历史 | 补丁 | 提交 | 提交对比 | 忽略空白
bug
jiangping
2023-12-06 1f4e7d0f73a73e7350cf5a1df279d5f30904c5d5 
 server/src/main/java/doumeemes/config/shiro/ShiroRealm.java


@@ -4,9 +4,6 @@


import doumeemes.core.exception.BusinessException;


import doumeemes.core.model.LoginUserInfo;


import doumeemes.core.utils.Constants;


import doumeemes.dao.business.model.Company;


import doumeemes.dao.business.model.CompanyUser;


import doumeemes.dao.business.model.Department;


import doumeemes.dao.ext.dto.QueryCompanyUserExtDTO;


import doumeemes.dao.ext.vo.CompanyExtListVO;


import doumeemes.dao.ext.vo.CompanyUserExtListVO;


@@ -15,7 +12,6 @@


import doumeemes.dao.system.model.SystemPermission;


import doumeemes.dao.system.model.SystemRole;


import doumeemes.dao.system.model.SystemUser;


import doumeemes.service.business.CompanyUserService;


import doumeemes.service.ext.CompanyExtService;


import doumeemes.service.ext.CompanyUserExtService;


import doumeemes.service.ext.DepartmentExtService;


@@ -41,7 +37,7 @@


/**


 * 自定义Realm,处理认证和权限


 * @author Eva.Caesar Liu


 * @date 2022/04/18 18:12


 * @date 2022/03/15 09:54


 */


@Component


public class ShiroRealm extends AuthorizingRealm {


@@ -51,7 +47,7 @@


    private DepartmentExtService departmentExtService;


    @Lazy


    @Autowired


    private SystemDataPermissionService  systemDataPermissionService;


    private SystemDataPermissionService systemDataPermissionService;


    @Lazy


    @Autowired


    private CompanyExtService companyExtService;


@@ -69,19 +65,11 @@


    @Lazy


    @Autowired


    private SystemPermissionService systemPermissionService;


    /**


     * 重写supports方法,使 Shiro 能够识别自定义的 Token


     * @param token


     * @return


     */


    @Override


    public boolean supports(AuthenticationToken token) {


        return token instanceof ShiroToken;


    }




    /**


     * 权限处理


     * @author Eva.Caesar Liu


     * @date 2022/04/18 18:12


     * @date 2022/03/15 09:54


     */


    @Override


    protected AuthorizationInfo doGetAuthorizationInfo(PrincipalCollection principalCollection) {


@@ -96,80 +84,88 @@


    /**


     * 认证处理


     * @author Eva.Caesar Liu


     * @date 2022/04/18 18:12


     * @date 2022/03/15 09:54


     */


    @Override


    protected AuthenticationInfo doGetAuthenticationInfo(AuthenticationToken token) throws AuthenticationException,BusinessException {


    protected AuthenticationInfo doGetAuthenticationInfo(AuthenticationToken token) throws AuthenticationException {


        // 获取用户名


        ShiroToken authenticationToken =(ShiroToken) token;


        String username = authenticationToken.getPrincipal().toString();


        boolean isDdLogin = authenticationToken.getDdLogin();


        // 根据用户名查询用户对象


        SystemUser queryDto = new SystemUser();


        queryDto.setUsername(username);


        queryDto.setDeleted(Boolean.FALSE);


        SystemUser user = systemUserService.findOne(queryDto);


        if (user == null) {


            return null;


        }


        SystemRole role = new SystemRole();


        SystemPermission per = new SystemPermission();


        DepartmentExtListVO rootDepart = null,comDepart=null, depart = null;


        List<Integer> dpList = null;


        CompanyExtListVO com = null;


        CompanyUserExtListVO cu =null;


        if(Constants.equalsInteger(user.getType(),Constants.PlatType.admin)){


            //如果是平台用户


            role.setType(Constants.ROLETYPE.plat);


            per.setType(Constants.PlatType.admin);


        if(authenticationToken .getUpdateFlag() == 1){


            //如果是更新session


            return new SimpleAuthenticationInfo(authenticationToken.getUpdateUser(), authenticationToken.getPassword(), this.getName());


        }else{


            if(authenticationToken.getCompanyId() == null){


                throw new BusinessException(ResponseStatus.BAD_REQUEST.getCode(),"对不起,该账户异常!");


            String username = authenticationToken.getPrincipal().toString();


            boolean isDdLogin = authenticationToken.getDdLogin();


            // 根据用户名查询用户对象


            SystemUser queryDto = new SystemUser();


            queryDto.setUsername(username);


            queryDto.setDeleted(Boolean.FALSE);


            SystemUser user = systemUserService.findOne(queryDto);


            if (user == null) {


                return null;


            }


            com = companyExtService.getModelById(authenticationToken.getCompanyId());


            if(com == null){


                throw new BusinessException(ResponseStatus.NOT_ALLOWED.getCode(),"对不起,该账户异常!");


            }


            SystemRole role = new SystemRole();


            SystemPermission per = new SystemPermission();


            DepartmentExtListVO rootDepart = null,comDepart=null, depart = null;


            List<Integer> dpList = null;


            CompanyExtListVO com = null;


            CompanyUserExtListVO cu =null;


            if(Constants.equalsInteger(user.getType(),Constants.PlatType.admin)){


                //如果是平台用户


                role.setType(Constants.ROLETYPE.plat);


                per.setType(Constants.PlatType.admin);


            }else{


                if(authenticationToken.getCompanyId() == null){


                    throw new BusinessException(ResponseStatus.BAD_REQUEST.getCode(),"对不起,该账户删除!");


                }


                com = companyExtService.getModelById(authenticationToken.getCompanyId());


                if(com == null || Constants.equalsInteger( com.getDeleted(),Constants.ONE)){


                    throw new BusinessException(ResponseStatus.NOT_ALLOWED.getCode(),"对不起,该账户删除!请联系管理员");


                }


                if(Constants.equalsInteger( com.getStatus(),Constants.ZERO) ){


                    throw new BusinessException(ResponseStatus.NOT_ALLOWED.getCode(),"对不起,该企业已禁用!");


                }


                if(com.getOepnValidDate() != null && com.getOepnValidDate().before(new Date())){


                    throw new BusinessException(ResponseStatus.NOT_ALLOWED.getCode(),"对不起,该企业已过使用有效期!");


                }


                //如果是企业用户


                QueryCompanyUserExtDTO c =new QueryCompanyUserExtDTO();


                c.setUserId(user.getId());


                c.setDeleted(Constants.ZERO);


                c.setCompanyId(authenticationToken.getCompanyId());


                cu = companyUserExtService.selectOne(c);


                if(cu == null){


                    throw new BusinessException(ResponseStatus.NOT_ALLOWED.getCode(),"对不起,该企业用户不存在!");


                }


                if(Constants.equalsInteger(cu.getStatus(),Constants.ONE)){


                    throw new BusinessException(ResponseStatus.NOT_ALLOWED.getCode(),"对不起,该企业用户已禁用!");


                }


                rootDepart = departmentExtService.getModelById(c.getCompanyId(),cu.getRootDepartId());


                comDepart = departmentExtService.getModelById(c.getCompanyId(),cu.getComDepartId());


                depart = departmentExtService.getModelById(c.getCompanyId(),cu.getDepartmentId());


                if(rootDepart == null || comDepart == null || depart==null){


                    throw new BusinessException(ResponseStatus.NOT_ALLOWED.getCode(),"对不起,该企业用户账户异常!");


                }


                role.setCompanyId(authenticationToken.getCompanyId());


                role.setType(Constants.ROLETYPE.com);


                per.setType(Constants.PlatType.company);


                per.setRoleType(Constants.ROLETYPE.com);


                per.setCompanyId(authenticationToken.getCompanyId());


                SystemRole rt = new SystemRole();


                rt.setType(Constants.ROLETYPE.com);


                rt.setCompanyId(c.getCompanyId());


                //数据部门权限集合


                dpList =systemDataPermissionService.selectHighRole(new SystemDataPermission(),rt,user,depart);




            if(com.getOepnValidDate().before(new Date())){


                throw new BusinessException(ResponseStatus.NOT_ALLOWED.getCode(),"对不起,该企业已过使用有效期!");


            }


            //如果是企业用户


            QueryCompanyUserExtDTO c =new QueryCompanyUserExtDTO();


            c.setUserId(user.getId());


            c.setDeleted(Constants.ZERO);


            c.setCompanyId(authenticationToken.getCompanyId());


            cu = companyUserExtService.selectOne(c);


            if(cu == null){


                throw new BusinessException(ResponseStatus.NOT_ALLOWED.getCode(),"对不起,该企业用户不存在!");


            }


            if(Constants.equalsInteger(cu.getStatus(),Constants.ONE)){


                throw new BusinessException(ResponseStatus.NOT_ALLOWED.getCode(),"对不起,该企业用户已禁用!");


            }


            rootDepart = departmentExtService.getModelById(c.getCompanyId(),cu.getRootDepartId());


            comDepart = departmentExtService.getModelById(c.getCompanyId(),cu.getComDepartId());


            depart = departmentExtService.getModelById(c.getCompanyId(),cu.getDepartmentId());


            if(rootDepart == null || comDepart == null || depart==null){


                throw new BusinessException(ResponseStatus.NOT_ALLOWED.getCode(),"对不起,该企业用户账户异常!");


            }


            role.setCompanyId(authenticationToken.getCompanyId());


            role.setType(Constants.ROLETYPE.com);


            per.setType(Constants.PlatType.company);


            per.setRoleType(Constants.ROLETYPE.com);


            per.setCompanyId(authenticationToken.getCompanyId());


            SystemRole rt = new SystemRole();


            rt.setType(Constants.ROLETYPE.com);


            rt.setCompanyId(c.getCompanyId());


            //数据部门权限集合


            dpList =systemDataPermissionService.selectHighRole(new SystemDataPermission(),rt,user,depart);




            // 获取登录用户信息


            List<SystemRole> roles = systemRoleService.findByUserModel(user.getId(),role);


            List<SystemPermission> permissions = systemPermissionService.findByUserModel(user.getId(),per);


            LoginUserInfo userInfo = LoginUserInfo.from(user, roles, permissions,com,rootDepart,comDepart,depart,dpList,cu);


            // 验证用户


            return new SimpleAuthenticationInfo(userInfo, user.getPassword(), this.getName());


        }


        // 获取登录用户信息


        List<SystemRole> roles = systemRoleService.findByUserModel(user.getId(),role);


        List<SystemPermission> permissions = systemPermissionService.findByUserModel(user.getId(),per);


        LoginUserInfo userInfo = LoginUserInfo.from(user, roles, permissions,com,rootDepart,comDepart,depart,dpList,cu);


        // 验证用户


        return new SimpleAuthenticationInfo(userInfo, user.getPassword(), this.getName());




    }




}