From ee53ec64866578d02e823ca9625b845c4a2f075b Mon Sep 17 00:00:00 2001 From: lijiahang Date: Tue, 25 Jul 2023 15:02:15 +0800 Subject: [PATCH] =?UTF-8?q?=E4=BF=AE=E6=94=B9=E5=BC=82=E5=B8=B8=E5=A4=84?= =?UTF-8?q?=E7=90=86.?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- .../framework/common/constant/ErrorCode.java | 15 ++++++---- .../common/constant/ErrorMessage.java | 2 ++ .../module/infra/enums/UserStatusEnum.java | 16 ++++++++++ .../impl/SecurityFrameworkServiceImpl.java | 15 +--------- .../impl/AuthenticationServiceImpl.java | 18 +----------- .../service/impl/PermissionServiceImpl.java | 29 ++++++++++++------- .../impl/SystemRoleMenuServiceImpl.java | 2 +- .../impl/SystemUserRoleServiceImpl.java | 6 +--- 8 files changed, 49 insertions(+), 54 deletions(-) diff --git a/orion-ops-framework/orion-ops-common/src/main/java/com/orion/ops/framework/common/constant/ErrorCode.java b/orion-ops-framework/orion-ops-common/src/main/java/com/orion/ops/framework/common/constant/ErrorCode.java index 7a01eb4b..2c55335a 100644 --- a/orion-ops-framework/orion-ops-common/src/main/java/com/orion/ops/framework/common/constant/ErrorCode.java +++ b/orion-ops-framework/orion-ops-common/src/main/java/com/orion/ops/framework/common/constant/ErrorCode.java @@ -6,7 +6,12 @@ import com.orion.lang.utils.Exceptions; import com.orion.lang.utils.Strings; /** - * 错误码 + * 用于定义错误码 + *

+ * 1. http 通用 status + * 2. 前端需要特殊处理 + * 3. @ExceptionHandler 全局异常 + * 其他情况可以定义在 ExceprionMessage 中 * * @author Jiahang Li * @version 1.0.0 @@ -15,6 +20,8 @@ import com.orion.lang.utils.Strings; @SuppressWarnings("ALL") public enum ErrorCode implements CodeInfo { + // -------------------- http message -------------------- + BAD_REQUEST(400, "参数验证失败"), UNAUTHORIZED(401, "当前认证信息已失效, 请重新登录"), @@ -27,7 +34,7 @@ public enum ErrorCode implements CodeInfo { REQUEST_TIMEOUT(408, "处理超时"), - CONFLICT(409, "状态发生改变, 请刷新后重试"), + CONFLICT(409, "数据状态发生改变, 请刷新后重试"), PAYLOAD_TOO_LARGE(413, "请求过大"), @@ -45,10 +52,6 @@ public enum ErrorCode implements CodeInfo { USER_LOCKED(702, "当前用户已被锁定"), - ROLE_PRESENT(703, "角色 [{}] 不存在"), - - DATA_ALTER(704, "数据发生改变, 请刷新后重试"), - // -------------------- 自定义 - 通用 -------------------- NETWORK_FLUCTUATION(900, "当前环境网路波动"), diff --git a/orion-ops-framework/orion-ops-common/src/main/java/com/orion/ops/framework/common/constant/ErrorMessage.java b/orion-ops-framework/orion-ops-common/src/main/java/com/orion/ops/framework/common/constant/ErrorMessage.java index d836afb9..7463dbb0 100644 --- a/orion-ops-framework/orion-ops-common/src/main/java/com/orion/ops/framework/common/constant/ErrorMessage.java +++ b/orion-ops-framework/orion-ops-common/src/main/java/com/orion/ops/framework/common/constant/ErrorMessage.java @@ -31,6 +31,8 @@ public interface ErrorMessage { String ROLE_ABSENT = "角色不存在"; + String ROLE_CODE_ABSENT = "角色 [{}] 不存在"; + String INVALID_PARENT_MENU = "所选父菜单不合法"; String PARENT_MENU_ABSENT = "父菜单不存在"; diff --git a/orion-ops-module-infra/orion-ops-module-infra-service/src/main/java/com/orion/ops/module/infra/enums/UserStatusEnum.java b/orion-ops-module-infra/orion-ops-module-infra-service/src/main/java/com/orion/ops/module/infra/enums/UserStatusEnum.java index 6ef29210..7afb941a 100644 --- a/orion-ops-module-infra/orion-ops-module-infra-service/src/main/java/com/orion/ops/module/infra/enums/UserStatusEnum.java +++ b/orion-ops-module-infra/orion-ops-module-infra-service/src/main/java/com/orion/ops/module/infra/enums/UserStatusEnum.java @@ -1,5 +1,6 @@ package com.orion.ops.module.infra.enums; +import com.orion.ops.framework.common.constant.ErrorCode; import lombok.AllArgsConstructor; import lombok.Getter; @@ -45,4 +46,19 @@ public enum UserStatusEnum { return null; } + /** + * 检查用户状态 + * + * @param status status + */ + public static void checkUserStatus(Integer status) { + if (UserStatusEnum.DISABLED.getStatus().equals(status)) { + // 禁用状态 + throw ErrorCode.USER_DISABLED.exception(); + } else if (UserStatusEnum.LOCKED.getStatus().equals(status)) { + // 锁定状态 + throw ErrorCode.USER_LOCKED.exception(); + } + } + } diff --git a/orion-ops-module-infra/orion-ops-module-infra-service/src/main/java/com/orion/ops/module/infra/framework/service/impl/SecurityFrameworkServiceImpl.java b/orion-ops-module-infra/orion-ops-module-infra-service/src/main/java/com/orion/ops/module/infra/framework/service/impl/SecurityFrameworkServiceImpl.java index d83d6790..aae41f06 100644 --- a/orion-ops-module-infra/orion-ops-module-infra-service/src/main/java/com/orion/ops/module/infra/framework/service/impl/SecurityFrameworkServiceImpl.java +++ b/orion-ops-module-infra/orion-ops-module-infra-service/src/main/java/com/orion/ops/module/infra/framework/service/impl/SecurityFrameworkServiceImpl.java @@ -54,7 +54,7 @@ public class SecurityFrameworkServiceImpl implements SecurityFrameworkService { // 获取登陆信息 LoginUser user = authenticationService.getLoginUser(tokenInfo.getId()); // 检查用户状态 - this.checkUserStatus(user); + UserStatusEnum.checkUserStatus(user.getStatus()); return user; } @@ -78,17 +78,4 @@ public class SecurityFrameworkServiceImpl implements SecurityFrameworkService { } } - /** - * 检查用户状态 - * - * @param user user - */ - private void checkUserStatus(LoginUser user) { - if (UserStatusEnum.DISABLED.getStatus().equals(user.getStatus())) { - throw ErrorCode.USER_DISABLED.exception(); - } else if (UserStatusEnum.LOCKED.getStatus().equals(user.getStatus())) { - throw ErrorCode.USER_LOCKED.exception(); - } - } - } diff --git a/orion-ops-module-infra/orion-ops-module-infra-service/src/main/java/com/orion/ops/module/infra/service/impl/AuthenticationServiceImpl.java b/orion-ops-module-infra/orion-ops-module-infra-service/src/main/java/com/orion/ops/module/infra/service/impl/AuthenticationServiceImpl.java index b62b0c06..4356ee71 100644 --- a/orion-ops-module-infra/orion-ops-module-infra-service/src/main/java/com/orion/ops/module/infra/service/impl/AuthenticationServiceImpl.java +++ b/orion-ops-module-infra/orion-ops-module-infra-service/src/main/java/com/orion/ops/module/infra/service/impl/AuthenticationServiceImpl.java @@ -8,7 +8,6 @@ import com.orion.lang.utils.Exceptions; import com.orion.lang.utils.collect.Lists; import com.orion.lang.utils.crypto.Signatures; import com.orion.ops.framework.common.constant.Const; -import com.orion.ops.framework.common.constant.ErrorCode; import com.orion.ops.framework.common.constant.ErrorMessage; import com.orion.ops.framework.common.security.LoginUser; import com.orion.ops.framework.common.utils.CryptoUtils; @@ -75,7 +74,7 @@ public class AuthenticationServiceImpl implements AuthenticationService { boolean passwordCorrect = this.checkPassword(request, user); Valid.isTrue(passwordCorrect, ErrorMessage.USERNAME_PASSWORD_ERROR); // 检查用户状态 - this.checkUserStatus(user.getStatus()); + UserStatusEnum.checkUserStatus(user.getStatus()); // 设置上次登录时间 this.setLastLoginTime(user.getId()); // 检查用户缓存 @@ -239,21 +238,6 @@ public class AuthenticationServiceImpl implements AuthenticationService { return false; } - /** - * 检查用户状态 - * - * @param status status - */ - private void checkUserStatus(Integer status) { - if (UserStatusEnum.DISABLED.getStatus().equals(status)) { - // 禁用状态 - throw ErrorCode.USER_DISABLED.exception(); - } else if (UserStatusEnum.LOCKED.getStatus().equals(status)) { - // 锁定状态 - throw ErrorCode.USER_LOCKED.exception(); - } - } - /** * 设置最后登录时间 * diff --git a/orion-ops-module-infra/orion-ops-module-infra-service/src/main/java/com/orion/ops/module/infra/service/impl/PermissionServiceImpl.java b/orion-ops-module-infra/orion-ops-module-infra-service/src/main/java/com/orion/ops/module/infra/service/impl/PermissionServiceImpl.java index 308ce1cd..7eb9c8f8 100644 --- a/orion-ops-module-infra/orion-ops-module-infra-service/src/main/java/com/orion/ops/module/infra/service/impl/PermissionServiceImpl.java +++ b/orion-ops-module-infra/orion-ops-module-infra-service/src/main/java/com/orion/ops/module/infra/service/impl/PermissionServiceImpl.java @@ -1,6 +1,7 @@ package com.orion.ops.module.infra.service.impl; import com.orion.lang.utils.collect.Lists; +import com.orion.ops.framework.common.constant.Const; import com.orion.ops.framework.common.security.LoginUser; import com.orion.ops.framework.security.core.utils.SecurityUtils; import com.orion.ops.module.infra.convert.SystemMenuConvert; @@ -156,10 +157,10 @@ public class PermissionServiceImpl implements PermissionService { // 查询角色菜单 Stream mergeStream; if (RoleDefine.containsAdmin(roles)) { - // 管理员拥有全部权限 + // 管理员拥有全部菜单 mergeStream = menuCache.stream(); } else { - // 当前用户所适配的角色 + // 当前用户所适配的角色菜单 mergeStream = roles.stream() .map(roleMenuCache::get) .filter(Objects::nonNull) @@ -187,15 +188,21 @@ public class PermissionServiceImpl implements PermissionService { if (roles.isEmpty()) { permissions = Lists.empty(); } else { - permissions = roles.stream() - .map(roleMenuCache::get) - .filter(Objects::nonNull) - .flatMap(Collection::stream) - .filter(s -> MenuStatusEnum.ENABLED.getStatus().equals(s.getStatus())) - .map(SystemMenuCacheDTO::getPermission) - .filter(Objects::nonNull) - .distinct() - .collect(Collectors.toList()); + if (RoleDefine.containsAdmin(roles)) { + // 管理员拥有全部权限 + permissions = Lists.of(Const.ASTERISK); + } else { + // 当前用户所适配的角色的权限 + permissions = roles.stream() + .map(roleMenuCache::get) + .filter(Objects::nonNull) + .flatMap(Collection::stream) + .filter(s -> MenuStatusEnum.ENABLED.getStatus().equals(s.getStatus())) + .map(SystemMenuCacheDTO::getPermission) + .filter(Objects::nonNull) + .distinct() + .collect(Collectors.toList()); + } } // 组装数据 return UserPermissionVO.builder() diff --git a/orion-ops-module-infra/orion-ops-module-infra-service/src/main/java/com/orion/ops/module/infra/service/impl/SystemRoleMenuServiceImpl.java b/orion-ops-module-infra/orion-ops-module-infra-service/src/main/java/com/orion/ops/module/infra/service/impl/SystemRoleMenuServiceImpl.java index 501fbf42..1b5e5d95 100644 --- a/orion-ops-module-infra/orion-ops-module-infra-service/src/main/java/com/orion/ops/module/infra/service/impl/SystemRoleMenuServiceImpl.java +++ b/orion-ops-module-infra/orion-ops-module-infra-service/src/main/java/com/orion/ops/module/infra/service/impl/SystemRoleMenuServiceImpl.java @@ -60,7 +60,7 @@ public class SystemRoleMenuServiceImpl implements SystemRoleMenuService { // 查询菜单列表 List menuList = systemMenuDAO.selectBatchIds(menuIdList); if (menuIdList.size() != menuList.size()) { - throw ErrorCode.DATA_ALTER.exception(); + throw ErrorCode.CONFLICT.exception(); } // 查询角色菜单 List beforeMenuIdList = systemRoleMenuDAO.of() diff --git a/orion-ops-module-infra/orion-ops-module-infra-service/src/main/java/com/orion/ops/module/infra/service/impl/SystemUserRoleServiceImpl.java b/orion-ops-module-infra/orion-ops-module-infra-service/src/main/java/com/orion/ops/module/infra/service/impl/SystemUserRoleServiceImpl.java index 42d147ce..3b697315 100644 --- a/orion-ops-module-infra/orion-ops-module-infra-service/src/main/java/com/orion/ops/module/infra/service/impl/SystemUserRoleServiceImpl.java +++ b/orion-ops-module-infra/orion-ops-module-infra-service/src/main/java/com/orion/ops/module/infra/service/impl/SystemUserRoleServiceImpl.java @@ -1,7 +1,6 @@ package com.orion.ops.module.infra.service.impl; import com.orion.lang.utils.collect.Lists; -import com.orion.ops.framework.common.constant.ErrorCode; import com.orion.ops.framework.common.constant.ErrorMessage; import com.orion.ops.framework.common.security.LoginUser; import com.orion.ops.framework.common.utils.Valid; @@ -75,10 +74,7 @@ public class SystemUserRoleServiceImpl implements SystemUserRoleService { .map(SystemRoleDO::getCode) .collect(Collectors.toList()); for (String roleCode : roleCodeList) { - // 角色不存在 - if (!userRoleCodes.contains(roleCode)) { - throw ErrorCode.ROLE_PRESENT.exception(roleCode); - } + Valid.in(roleCode, userRoleCodes, ErrorMessage.ROLE_CODE_ABSENT, roleCode); } } // 删除用户角色关联