| | |
|---|
| | | import com.doumee.core.exception.BusinessException; |
|---|
| | | import com.doumee.core.model.LoginUserInfo; |
|---|
| | | import com.doumee.core.utils.Constants; |
|---|
| | | import com.doumee.dao.business.CompanyPermissionMapper; |
|---|
| | | import com.doumee.dao.business.join.CompanyPermissionJoinMapper; |
|---|
| | | import com.doumee.dao.business.model.Company; |
|---|
| | | import com.doumee.dao.business.model.CompanyPermission; |
|---|
| | | import com.doumee.dao.system.model.SystemDataPermission; |
|---|
| | |
|---|
| | | import com.doumee.service.system.SystemPermissionService; |
|---|
| | | import com.doumee.service.system.SystemRoleService; |
|---|
| | | import com.doumee.service.system.SystemUserService; |
|---|
| | | import com.github.xiaoymin.knife4j.core.util.CollectionUtils; |
|---|
| | | import org.apache.commons.lang3.StringUtils; |
|---|
| | | import org.apache.shiro.authc.AuthenticationException; |
|---|
| | | import org.apache.shiro.authc.AuthenticationInfo; |
|---|
| | |
|---|
| | | |
|---|
| | | import java.util.ArrayList; |
|---|
| | | import java.util.List; |
|---|
| | | import java.util.Objects; |
|---|
| | | |
|---|
| | | /** |
|---|
| | | * 自定义Realm,处理认证和权限 |
|---|
| | |
|---|
| | | @Lazy |
|---|
| | | @Autowired |
|---|
| | | private SystemPermissionService systemPermissionService; |
|---|
| | | |
|---|
| | | |
|---|
| | | /** |
|---|
| | | * 权限处理 |
|---|
| | |
|---|
| | | // 获取登录用户信息 |
|---|
| | | if(authenticationToken.getUserType() == 0){ |
|---|
| | | roles = systemRoleService.findByUserId(user.getId()); |
|---|
| | | CompanyPermission c = new CompanyPermission(); |
|---|
| | | c.setUserId(user.getId()); |
|---|
| | | c.setIsdeleted(Constants.ZERO); |
|---|
| | | List<CompanyPermission> pList = companyPermissionService.findList(c); |
|---|
| | | if(pList!=null){ |
|---|
| | | for (CompanyPermission cc : pList){ |
|---|
| | | if(user.getCompanyIdList() == null){ |
|---|
| | | user.setCompanyIdList(new ArrayList<>()); |
|---|
| | | } |
|---|
| | | user.getCompanyIdList().add(cc.getCompanyId()); |
|---|
| | | } |
|---|
| | | } |
|---|
| | | permissions = systemPermissionService.findByUserId(user.getId()); |
|---|
| | | CompanyPermission c = new CompanyPermission(); |
|---|
| | | c.setUserId(user.getId()); |
|---|
| | | c.setIsdeleted(Constants.ZERO); |
|---|
| | | List<CompanyPermission> pList = companyPermissionService.findList(c); |
|---|
| | | if(pList!=null){ |
|---|
| | | for (CompanyPermission cc : pList){ |
|---|
| | | if(user.getCompanyIdList() == null){ |
|---|
| | | user.setCompanyIdList(new ArrayList<>()); |
|---|
| | | } |
|---|
| | | user.getCompanyIdList().add(cc.getCompanyId()); |
|---|
| | | } |
|---|
| | | } |
|---|
| | | permissions = systemPermissionService.findByUserId(user.getId()); |
|---|
| | | }else{ |
|---|
| | | Company company = companyService.findById(user.getCompanyId()); |
|---|
| | | Integer selfCompanyId = user.getCompanyId(); |
|---|
| | | Company company = companyService.findById(selfCompanyId); |
|---|
| | | if(company == null){ |
|---|
| | | throw new BusinessException(ResponseStatus.NOT_ALLOWED.getCode(),"对不起,企业账号信息不正确!"); |
|---|
| | | } |
|---|
| | | user.setCompany(company); |
|---|
| | | if(StringUtils.equals(company.getUsername(),user.getUsername())){ |
|---|
| | | user.setShowCompany(company); |
|---|
| | | if(authenticationToken.getUserType() == 1){ |
|---|
| | | List<CompanyPermission> pList = companyPermissionService.getUserCompanyPermission(user.getId()); |
|---|
| | | //加入自己的默认企业 |
|---|
| | | CompanyPermission companyPermission = new CompanyPermission(); |
|---|
| | | companyPermission.setUserId(user.getId()); |
|---|
| | | companyPermission.setCompanyId(company.getId()); |
|---|
| | | companyPermission.setType(Constants.ONE); |
|---|
| | | companyPermission.setId(Constants.ONE); |
|---|
| | | companyPermission.setIsSelfCompany(Constants.ONE); |
|---|
| | | companyPermission.setIsShow(Constants.ONE); |
|---|
| | | companyPermission.setCompanyName(company.getName()); |
|---|
| | | pList.add(companyPermission); |
|---|
| | | if(Objects.nonNull(authenticationToken.getCompanyId())){ |
|---|
| | | for (CompanyPermission c:pList) { |
|---|
| | | if(Constants.equalsInteger(c.getCompanyId(),authenticationToken.getCompanyId())){ |
|---|
| | | c.setIsShow(Constants.ONE); |
|---|
| | | Company showCompany = companyService.findById(authenticationToken.getCompanyId()); |
|---|
| | | user.setShowCompany(showCompany); |
|---|
| | | }else{ |
|---|
| | | c.setIsShow(Constants.ZERO); |
|---|
| | | } |
|---|
| | | } |
|---|
| | | } |
|---|
| | | if(CollectionUtils.isNotEmpty(pList)) { |
|---|
| | | user.setCompanyPermissionList(pList); |
|---|
| | | } |
|---|
| | | } |
|---|
| | | //如果用户与企业超管账号相同 或者 企业主键与当前切换后的主键不相同时 给超管权限 |
|---|
| | | if(StringUtils.equals(company.getUsername(),user.getUsername()) |
|---|
| | | ||( Objects.nonNull(authenticationToken.getCompanyId()) && !Constants.equalsInteger(company.getId(),authenticationToken.getCompanyId()) )){ |
|---|
| | | if(Objects.nonNull(authenticationToken.getCompanyId())){ |
|---|
| | | user.setCompanyId(authenticationToken.getCompanyId()); |
|---|
| | | } |
|---|
| | | //如果是超管, |
|---|
| | | SystemRole role = new SystemRole(); |
|---|
| | | role.setType(Constants.ONE); |
|---|
| | |
|---|
| | | SystemRole rt = new SystemRole(); |
|---|
| | | rt.setDeleted(Boolean.FALSE); |
|---|
| | | //数据部门权限集合 |
|---|
| | | user.setDepartIdList(systemDataPermissionService.selectHighRole(new SystemDataPermission(),rt,user)); |
|---|
| | | if(Constants.equalsInteger(user.getType(),Constants.ONE) && Constants.equalsInteger(user.getCompany().getId(),user.getCompanyId())){ |
|---|
| | | user.setDepartIdList(null); |
|---|
| | | }else{ |
|---|
| | | user.setDepartIdList(systemDataPermissionService.selectHighRole(new SystemDataPermission(),rt,user)); |
|---|
| | | } |
|---|
| | | |
|---|
| | | LoginUserInfo userInfo = LoginUserInfo.from(user, roles, permissions); |
|---|
| | | // 验证用户 |
|---|
