productDev/preselect.git

jiangping

2023-09-20 1a1271793e264ece750ceea56907ffdd1a06ab13

pp

已添加1个文件

已修改3个文件

	server/company/src/main/java/com/doumee/config/shiro/ShiroAuthFilter.java	117 ●●●●● 补丁 \| 查看 \| 原始文档 \| blame \| 历史
	server/company/src/main/java/com/doumee/config/shiro/ShiroAuthFilter2.java	31 ●●●●● 补丁 \| 查看 \| 原始文档 \| blame \| 历史
	server/company/src/main/java/com/doumee/config/shiro/ShiroConfig.java	2 ●●●●● 补丁 \| 查看 \| 原始文档 \| blame \| 历史
	server/service/src/main/java/com/doumee/service/business/impl/BaseDataServiceImpl.java	34 ●●●●● 补丁 \| 查看 \| 原始文档 \| blame \| 历史

 server/company/src/main/java/com/doumee/config/shiro/ShiroAuthFilter.java

@@ -2,12 +2,23 @@

import com.alibaba.fastjson.JSON;
import com.doumee.core.model.ApiResponse;
import com.doumee.core.model.LoginUserInfo;
import com.doumee.core.utils.Constants;
import org.apache.shiro.cache.Cache;
import org.apache.shiro.cache.MapCache;
import org.apache.shiro.session.Session;
import org.apache.shiro.session.mgt.DefaultSessionKey;
import org.apache.shiro.session.mgt.SessionManager;
import org.apache.shiro.subject.Subject;
import org.apache.shiro.web.filter.authc.FormAuthenticationFilter;
import org.springframework.http.HttpStatus;

import javax.servlet.ServletRequest;
import javax.servlet.ServletResponse;
import javax.servlet.http.HttpServletResponse;
import java.io.Serializable;
import java.util.Deque;
import java.util.LinkedList;

/**
 * Shiroè®¤è¯è¿æ»¤å¨ï¼å¤çæªè®¤è¯æåµçååº
@@ -16,15 +27,119 @@
 */
public class ShiroAuthFilter extends FormAuthenticationFilter {

    public ShiroAuthFilter() {
    public ShiroAuthFilter(SessionManager sessionManager,ShiroCacheManager shiroCacheManager) {
        super();
        this.sessionManager =   (ShiroSessionManager)sessionManager;
        this.cache = shiroCacheManager.getCache("shiro_redis_cache");
    }
    @Override
    protected boolean isAccessAllowed(ServletRequest request, ServletResponse response, Object mappedValue)  {
        return false;
    }

    private int maxSession = 1; //æå¤§ä¼è¯æ°é

    private boolean kickOutAfter = false;   //è¸¢åºåèè¿æ¯åè
    private Cache<String, Deque<Serializable>> cache; //ç¼åç®¡ç


    private ShiroSessionManager sessionManager;  //ä¼è¯ç®¡ç

    @Override
    protected boolean onAccessDenied(ServletRequest request, ServletResponse response) throws Exception {
        Subject subject = getSubject(request, response);
        if (!subject.isAuthenticated() && !subject.isRemembered()) { //å¦æä¸æ¯è®¤è¯è¿åè®°ä½å¯ç çï¼å°±ç´æ¥æ¾è¡è¯·æ±ï¼é¿åé æè®¿é®è¿æ¢
           // return Boolean.TRUE;
        }
        Session session = subject.getSession(); //è·åä¼è¯session
        Object principal = subject.getPrincipal();
        Serializable sessionId = session.getId();
        LoginUserInfo userInfo = (LoginUserInfo) principal;
        if(userInfo == null  ){
        HttpServletResponse servletResponse = (HttpServletResponse) response;
        servletResponse.setHeader("content-type", "application/json;charset=UTF-8");
        servletResponse.getWriter().write(JSON.toJSONString(ApiResponse.failed(HttpStatus.UNAUTHORIZED.value(), "æªç»å½æç»å½ä¿¡æ¯å·²è¿æ")));
        return Boolean.FALSE;
//           return  super.onAccessDenied(request,response);
        }else if( Constants.equalsInteger(userInfo.getType(), Constants.UserType.COMPANY.getKey()) ){
            return Boolean.TRUE;
//           return  super.onAccessDenied(request,response);
        }

        String userName = userInfo.getCompanyId() +"_"+ userInfo.getId();
        Deque<Serializable> deque = cache.get(userName);
        if (deque == null) {
            deque = new LinkedList<>();
        }
        if (!deque.contains(sessionId) && session.getAttribute("kickOut") == null) {
            deque.push(sessionId);
            cache.put(userName, deque);
        }
        while (deque.size() > maxSession) {
            Serializable kickOutSessionId;
            if (kickOutAfter) {
                kickOutSessionId = deque.removeFirst();
                cache.put(userName, deque);
            } else {
                kickOutSessionId = deque.removeLast();
                cache.put(userName, deque);
            }

            try {
                Session kickOutSession = sessionManager.getSession(new DefaultSessionKey(kickOutSessionId));
                if (kickOutSession != null) {
                    kickOutSession.setAttribute("kickOut", Boolean.TRUE);
                }
            } catch (Exception e) {
                e.printStackTrace();
//                log.error("è¸¢åºå¼å¸¸æªè¸¢åº");
            }
        }

        if (session!=null && session.getAttribute("kickOut") != null && (Boolean) session.getAttribute("kickOut") == true) {
            try {
                subject.logout();
            } catch (Exception e) {
                e.printStackTrace();
            }
            saveRequest(request);
            HttpServletResponse servletResponse = (HttpServletResponse) response;
            servletResponse.setHeader("content-type", "application/json;charset=UTF-8");
            servletResponse.getWriter().write(JSON.toJSONString(ApiResponse.failed(HttpStatus.UNAUTHORIZED.value(), "æªç»å½æç»å½ä¿¡æ¯å·²è¿æ")));
            return Boolean.FALSE;
        }
        return Boolean.TRUE;
    }

    public int getMaxSession() {
        return maxSession;
    }

    public void setMaxSession(int maxSession) {
        this.maxSession = maxSession;
    }

    public boolean isKickOutAfter() {
        return kickOutAfter;
    }

    public void setKickOutAfter(boolean kickOutAfter) {
        this.kickOutAfter = kickOutAfter;
    }

    public Cache<String, Deque<Serializable>> getCache() {
        return cache;
    }

    public void setCache(Cache<String, Deque<Serializable>> cache) {
        this.cache = cache;
    }

    public ShiroSessionManager getSessionManager() {
        return sessionManager;
    }

    public void setSessionManager(ShiroSessionManager sessionManager) {
        this.sessionManager = sessionManager;
    }
}

 server/company/src/main/java/com/doumee/config/shiro/ShiroAuthFilter2.java

¶Ô±ÈÐÂÎÄ¼þ
@@ -0,0 +1,31 @@
package com.doumee.config.shiro;

import com.alibaba.fastjson.JSON;
import com.doumee.core.model.ApiResponse;
import org.apache.shiro.web.filter.authc.FormAuthenticationFilter;
import org.springframework.http.HttpStatus;

import javax.servlet.ServletRequest;
import javax.servlet.ServletResponse;
import javax.servlet.http.HttpServletResponse;

/**
 * Shiroè®¤è¯è¿æ»¤å¨ï¼å¤çæªè®¤è¯æåµçååº
 * @author Eva.Caesar Liu
 * @date 2023/04/17 12:11
 */
public class ShiroAuthFilter2 extends FormAuthenticationFilter {

    public ShiroAuthFilter2() {
        super();
    }

    @Override
    protected boolean onAccessDenied(ServletRequest request, ServletResponse response) throws Exception {
        
        HttpServletResponse servletResponse = (HttpServletResponse) response;
        servletResponse.setHeader("content-type", "application/json;charset=UTF-8");
        servletResponse.getWriter().write(JSON.toJSONString(ApiResponse.failed(HttpStatus.UNAUTHORIZED.value(), "æªç»å½æç»å½ä¿¡æ¯å·²è¿æ")));
        return Boolean.FALSE;
    }
}

 server/company/src/main/java/com/doumee/config/shiro/ShiroConfig.java

@@ -127,7 +127,7 @@
        shiroFilterFactoryBean.setFilterChainDefinitionMap(map);
        // æ·»å è®¤è¯è¿æ»¤å¨
        Map<String, Filter> filters = new LinkedHashMap<>();
        filters.put("authc", new ShiroAuthFilter());
        filters.put("authc", new ShiroAuthFilter(this.sessionManager(),shiroCacheManager));
        shiroFilterFactoryBean.setFilters(filters);
        return shiroFilterFactoryBean;
    }

 server/service/src/main/java/com/doumee/service/business/impl/BaseDataServiceImpl.java

@@ -511,40 +511,6 @@
            }
        }

//        dealCateParam(cateId,goodsId,data.getAttr1(),cateList);
//        dealCateParam(cateId,goodsId,data.getAttr2(),cateList);
//        dealCateParam(cateId,goodsId,data.getAttr3(),cateList);
//        dealCateParam(cateId,goodsId,data.getAttr4(),cateList);
//        dealCateParam(cateId,goodsId,data.getAttr5(),cateList);
//        dealCateParam(cateId,goodsId,data.getAttr6(),cateList);
//        dealCateParam(cateId,goodsId,data.getAttr7(),cateList);
//        dealCateParam(cateId,goodsId,data.getAttr8(),cateList);
//        dealCateParam(cateId,goodsId,data.getAttr9(),cateList);
//        dealCateParam(cateId,goodsId,data.getAttr10(),cateList);
//        dealCateParam(cateId,goodsId,data.getAttr11(),cateList);
//        dealCateParam(cateId,goodsId,data.getAttr12(),cateList);
//        dealCateParam(cateId,goodsId,data.getAttr13(),cateList);
//        dealCateParam(cateId,goodsId,data.getAttr14(),cateList);
//        dealCateParam(cateId,goodsId,data.getAttr15(),cateList);
//        dealCateParam(cateId,goodsId,data.getAttr16(),cateList);
//        dealCateParam(cateId,goodsId,data.getAttr17(),cateList);
//        dealCateParam(cateId,goodsId,data.getAttr18(),cateList);
//        dealCateParam(cateId,goodsId,data.getAttr19(),cateList);
//        dealCateParam(cateId,goodsId,data.getAttr20(),cateList);
//        dealCateParam(cateId,goodsId,data.getAttr21(),cateList);
//        dealCateParam(cateId,goodsId,data.getAttr22(),cateList);
//        dealCateParam(cateId,goodsId,data.getAttr23(),cateList);
//        dealCateParam(cateId,goodsId,data.getAttr24(),cateList);
//        dealCateParam(cateId,goodsId,data.getAttr25(),cateList);
//        dealCateParam(cateId,goodsId,data.getAttr26(),cateList);
//        dealCateParam(cateId,goodsId,data.getAttr27(),cateList);
//        dealCateParam(cateId,goodsId,data.getAttr28(),cateList);
//        dealCateParam(cateId,goodsId,data.getAttr29(),cateList);
//        dealCateParam(cateId,goodsId,data.getAttr30(),cateList);
//        dealCateParam(cateId,goodsId,data.getAttr31(),cateList);
//        dealCateParam(cateId,goodsId,data.getAttr32(),cateList);
//        dealCateParam(cateId,goodsId,data.getAttr33(),cateList);
//        dealCateParam(cateId,goodsId,data.getAttr34(),cateList);
    }

    private void dealCateParam(Integer cateId, Integer goodsId, String attr,List<BaseCateParam> list,List<BaseGoodsParam> paramList) {

			@@ -2,12 +2,23 @@

			import com.alibaba.fastjson.JSON;
			import com.doumee.core.model.ApiResponse;
			import com.doumee.core.model.LoginUserInfo;
			import com.doumee.core.utils.Constants;
			import org.apache.shiro.cache.Cache;
			import org.apache.shiro.cache.MapCache;
			import org.apache.shiro.session.Session;
			import org.apache.shiro.session.mgt.DefaultSessionKey;
			import org.apache.shiro.session.mgt.SessionManager;
			import org.apache.shiro.subject.Subject;
			import org.apache.shiro.web.filter.authc.FormAuthenticationFilter;
			import org.springframework.http.HttpStatus;

			import javax.servlet.ServletRequest;
			import javax.servlet.ServletResponse;
			import javax.servlet.http.HttpServletResponse;
			import java.io.Serializable;
			import java.util.Deque;
			import java.util.LinkedList;

			/**
			* Shiroè®¤è¯è¿æ»¤å¨ï¼å¤çæªè®¤è¯æåµçååº
			@@ -16,15 +27,119 @@
			*/
			public class ShiroAuthFilter extends FormAuthenticationFilter {

			public ShiroAuthFilter() {
			public ShiroAuthFilter(SessionManager sessionManager,ShiroCacheManager shiroCacheManager) {
			super();
			this.sessionManager = (ShiroSessionManager)sessionManager;
			this.cache = shiroCacheManager.getCache("shiro_redis_cache");
			}
			@Override
			protected boolean isAccessAllowed(ServletRequest request, ServletResponse response, Object mappedValue) {
			return false;
			}

			private int maxSession = 1; //æå¤§ä¼è¯æ°é

			private boolean kickOutAfter = false; //è¸¢åºåèè¿æ¯åè
			private Cache<String, Deque<Serializable>> cache; //ç¼åç®¡ç


			private ShiroSessionManager sessionManager; //ä¼è¯ç®¡ç

			@Override
			protected boolean onAccessDenied(ServletRequest request, ServletResponse response) throws Exception {
			Subject subject = getSubject(request, response);
			if (!subject.isAuthenticated() && !subject.isRemembered()) { //å¦æä¸æ¯è®¤è¯è¿åè®°ä½å¯ç çï¼å°±ç´æ¥æ¾è¡è¯·æ±ï¼é¿åé æè®¿é®è¿æ¢
			// return Boolean.TRUE;
			}
			Session session = subject.getSession(); //è·åä¼è¯session
			Object principal = subject.getPrincipal();
			Serializable sessionId = session.getId();
			LoginUserInfo userInfo = (LoginUserInfo) principal;
			if(userInfo == null ){
			HttpServletResponse servletResponse = (HttpServletResponse) response;
			servletResponse.setHeader("content-type", "application/json;charset=UTF-8");
			servletResponse.getWriter().write(JSON.toJSONString(ApiResponse.failed(HttpStatus.UNAUTHORIZED.value(), "æªç»å½æç»å½ä¿¡æ¯å·²è¿æ")));
			return Boolean.FALSE;
			// return super.onAccessDenied(request,response);
			}else if( Constants.equalsInteger(userInfo.getType(), Constants.UserType.COMPANY.getKey()) ){
			return Boolean.TRUE;
			// return super.onAccessDenied(request,response);
			}

			String userName = userInfo.getCompanyId() +"_"+ userInfo.getId();
			Deque<Serializable> deque = cache.get(userName);
			if (deque == null) {
			deque = new LinkedList<>();
			}
			if (!deque.contains(sessionId) && session.getAttribute("kickOut") == null) {
			deque.push(sessionId);
			cache.put(userName, deque);
			}
			while (deque.size() > maxSession) {
			Serializable kickOutSessionId;
			if (kickOutAfter) {
			kickOutSessionId = deque.removeFirst();
			cache.put(userName, deque);
			} else {
			kickOutSessionId = deque.removeLast();
			cache.put(userName, deque);
			}

			try {
			Session kickOutSession = sessionManager.getSession(new DefaultSessionKey(kickOutSessionId));
			if (kickOutSession != null) {
			kickOutSession.setAttribute("kickOut", Boolean.TRUE);
			}
			} catch (Exception e) {
			e.printStackTrace();
			// log.error("è¸¢åºå¼å¸¸æªè¸¢åº");
			}
			}

			if (session!=null && session.getAttribute("kickOut") != null && (Boolean) session.getAttribute("kickOut") == true) {
			try {
			subject.logout();
			} catch (Exception e) {
			e.printStackTrace();
			}
			saveRequest(request);
			HttpServletResponse servletResponse = (HttpServletResponse) response;
			servletResponse.setHeader("content-type", "application/json;charset=UTF-8");
			servletResponse.getWriter().write(JSON.toJSONString(ApiResponse.failed(HttpStatus.UNAUTHORIZED.value(), "æªç»å½æç»å½ä¿¡æ¯å·²è¿æ")));
			return Boolean.FALSE;
			}
			return Boolean.TRUE;
			}

			public int getMaxSession() {
			return maxSession;
			}

			public void setMaxSession(int maxSession) {
			this.maxSession = maxSession;
			}

			public boolean isKickOutAfter() {
			return kickOutAfter;
			}

			public void setKickOutAfter(boolean kickOutAfter) {
			this.kickOutAfter = kickOutAfter;
			}

			public Cache<String, Deque<Serializable>> getCache() {
			return cache;
			}

			public void setCache(Cache<String, Deque<Serializable>> cache) {
			this.cache = cache;
			}

			public ShiroSessionManager getSessionManager() {
			return sessionManager;
			}

			public void setSessionManager(ShiroSessionManager sessionManager) {
			this.sessionManager = sessionManager;
			}
			}

¶Ô±ÈÐÂÎÄ¼þ
			@@ -0,0 +1,31 @@
			package com.doumee.config.shiro;

			import com.alibaba.fastjson.JSON;
			import com.doumee.core.model.ApiResponse;
			import org.apache.shiro.web.filter.authc.FormAuthenticationFilter;
			import org.springframework.http.HttpStatus;

			import javax.servlet.ServletRequest;
			import javax.servlet.ServletResponse;
			import javax.servlet.http.HttpServletResponse;

			/**
			* Shiroè®¤è¯è¿æ»¤å¨ï¼å¤çæªè®¤è¯æåµçååº
			* @author Eva.Caesar Liu
			* @date 2023/04/17 12:11
			*/
			public class ShiroAuthFilter2 extends FormAuthenticationFilter {

			public ShiroAuthFilter2() {
			super();
			}

			@Override
			protected boolean onAccessDenied(ServletRequest request, ServletResponse response) throws Exception {

			HttpServletResponse servletResponse = (HttpServletResponse) response;
			servletResponse.setHeader("content-type", "application/json;charset=UTF-8");
			servletResponse.getWriter().write(JSON.toJSONString(ApiResponse.failed(HttpStatus.UNAUTHORIZED.value(), "æªç»å½æç»å½ä¿¡æ¯å·²è¿æ")));
			return Boolean.FALSE;
			}
			}

			@@ -127,7 +127,7 @@
			shiroFilterFactoryBean.setFilterChainDefinitionMap(map);
			// æ·»å è®¤è¯è¿æ»¤å¨
			Map<String, Filter> filters = new LinkedHashMap<>();
			filters.put("authc", new ShiroAuthFilter());
			filters.put("authc", new ShiroAuthFilter(this.sessionManager(),shiroCacheManager));
			shiroFilterFactoryBean.setFilters(filters);
			return shiroFilterFactoryBean;
			}

			@@ -511,40 +511,6 @@
			}
			}

			// dealCateParam(cateId,goodsId,data.getAttr1(),cateList);
			// dealCateParam(cateId,goodsId,data.getAttr2(),cateList);
			// dealCateParam(cateId,goodsId,data.getAttr3(),cateList);
			// dealCateParam(cateId,goodsId,data.getAttr4(),cateList);
			// dealCateParam(cateId,goodsId,data.getAttr5(),cateList);
			// dealCateParam(cateId,goodsId,data.getAttr6(),cateList);
			// dealCateParam(cateId,goodsId,data.getAttr7(),cateList);
			// dealCateParam(cateId,goodsId,data.getAttr8(),cateList);
			// dealCateParam(cateId,goodsId,data.getAttr9(),cateList);
			// dealCateParam(cateId,goodsId,data.getAttr10(),cateList);
			// dealCateParam(cateId,goodsId,data.getAttr11(),cateList);
			// dealCateParam(cateId,goodsId,data.getAttr12(),cateList);
			// dealCateParam(cateId,goodsId,data.getAttr13(),cateList);
			// dealCateParam(cateId,goodsId,data.getAttr14(),cateList);
			// dealCateParam(cateId,goodsId,data.getAttr15(),cateList);
			// dealCateParam(cateId,goodsId,data.getAttr16(),cateList);
			// dealCateParam(cateId,goodsId,data.getAttr17(),cateList);
			// dealCateParam(cateId,goodsId,data.getAttr18(),cateList);
			// dealCateParam(cateId,goodsId,data.getAttr19(),cateList);
			// dealCateParam(cateId,goodsId,data.getAttr20(),cateList);
			// dealCateParam(cateId,goodsId,data.getAttr21(),cateList);
			// dealCateParam(cateId,goodsId,data.getAttr22(),cateList);
			// dealCateParam(cateId,goodsId,data.getAttr23(),cateList);
			// dealCateParam(cateId,goodsId,data.getAttr24(),cateList);
			// dealCateParam(cateId,goodsId,data.getAttr25(),cateList);
			// dealCateParam(cateId,goodsId,data.getAttr26(),cateList);
			// dealCateParam(cateId,goodsId,data.getAttr27(),cateList);
			// dealCateParam(cateId,goodsId,data.getAttr28(),cateList);
			// dealCateParam(cateId,goodsId,data.getAttr29(),cateList);
			// dealCateParam(cateId,goodsId,data.getAttr30(),cateList);
			// dealCateParam(cateId,goodsId,data.getAttr31(),cateList);
			// dealCateParam(cateId,goodsId,data.getAttr32(),cateList);
			// dealCateParam(cateId,goodsId,data.getAttr33(),cateList);
			// dealCateParam(cateId,goodsId,data.getAttr34(),cateList);
			}

			private void dealCateParam(Integer cateId, Integer goodsId, String attr,List<BaseCateParam> list,List<BaseGoodsParam> paramList) {