From a050e5a991151c6cb52730fda60884dcacb045b6 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?=E6=9A=AE=E5=85=89=EF=BC=9A=E5=9F=8E=E4=B8=AD=E5=9F=8E?= <806783409@qq.com> Date: Wed, 29 Apr 2020 11:55:08 +0800 Subject: [PATCH] =?UTF-8?q?=E6=97=A0=E9=A1=BB=E7=99=BB=E9=99=86=E7=9A=84db?= =?UTF-8?q?=E6=A8=A1=E5=9D=97=E7=89=88=E6=9C=AC?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- .../manage/impl/DbHistoryServiceImpl.java | 7 +-- .../db/controller/DatabaseDocController.java | 30 ---------- .../DbDataSourceAuthController.java | 56 +------------------ .../db/controller/DbDatasourceController.java | 7 --- .../controller/DbSqlExecutorController.java | 24 ++------ .../controller/DbTransferDataController.java | 7 --- .../framework/config/ZyplayerDocConfig.java | 28 ++++------ .../web/manage/DocSystemController.java | 26 --------- .../manage/web/manage/UserInfoController.java | 10 +--- 9 files changed, 22 insertions(+), 173 deletions(-) diff --git a/zyplayer-doc-data/src/main/java/com/zyplayer/doc/data/service/manage/impl/DbHistoryServiceImpl.java b/zyplayer-doc-data/src/main/java/com/zyplayer/doc/data/service/manage/impl/DbHistoryServiceImpl.java index 639c13d5..7cedc3a7 100644 --- a/zyplayer-doc-data/src/main/java/com/zyplayer/doc/data/service/manage/impl/DbHistoryServiceImpl.java +++ b/zyplayer-doc-data/src/main/java/com/zyplayer/doc/data/service/manage/impl/DbHistoryServiceImpl.java @@ -1,11 +1,9 @@ package com.zyplayer.doc.data.service.manage.impl; -import com.zyplayer.doc.data.config.security.DocUserDetails; -import com.zyplayer.doc.data.config.security.DocUserUtil; +import com.baomidou.mybatisplus.extension.service.impl.ServiceImpl; import com.zyplayer.doc.data.repository.manage.entity.DbHistory; import com.zyplayer.doc.data.repository.manage.mapper.DbHistoryMapper; import com.zyplayer.doc.data.service.manage.DbHistoryService; -import com.baomidou.mybatisplus.extension.service.impl.ServiceImpl; import org.springframework.stereotype.Service; import javax.annotation.Resource; @@ -27,13 +25,10 @@ public class DbHistoryServiceImpl extends ServiceImpl wrapper = new QueryWrapper<>(); wrapper.eq("yn", 1); - // 没管理权限只返回有权限的数据源 - if (!DocUserUtil.haveAuth(DocAuthConst.DB_DATASOURCE_MANAGE)) { - QueryWrapper updateWrapper = new QueryWrapper<>(); - updateWrapper.likeRight("auth_custom_suffix", DocAuthConst.DB); - updateWrapper.eq("del_flag", 0); - updateWrapper.eq("user_id", currentUser.getUserId()); - List userAuthList = userAuthService.list(updateWrapper); - if (userAuthList == null || userAuthList.isEmpty()) { - return DocDbResponseJson.ok(); - } - List userAuthDbIds = userAuthList.stream().map(val -> NumberUtils.toLong(val.getAuthCustomSuffix().replace(DocAuthConst.DB, ""))).collect(Collectors.toList()); - wrapper.in("id", userAuthDbIds); - } List datasourceList = dbDatasourceService.list(wrapper); List dataSourceList = datasourceList.stream().map(val -> { DatabaseFactoryBean bean = new DatabaseFactoryBean(); @@ -103,11 +82,6 @@ public class DatabaseDocController { */ @PostMapping(value = "/getEditorData") public ResponseJson getEditorData(Long sourceId) { - // 没权限,返回空 - if (!DocUserUtil.haveAuth(DocAuthConst.DB_DATASOURCE_MANAGE) - && !DocUserUtil.haveCustomAuth(DbAuthType.VIEW.getName(), DocAuthConst.DB + sourceId)) { - return DocDbResponseJson.ok(); - } String cacheKey = CachePrefix.DB_EDITOR_DATA_CACHE + sourceId; Object resultObj = CacheUtil.get(cacheKey); if (resultObj != null) { @@ -344,10 +318,6 @@ public class DatabaseDocController { * @author 暮光:城中城 */ private void judgeAuth(Long sourceId, String authName, String noAuthInfo) { - if (!DocUserUtil.haveAuth(DocAuthConst.DB_DATASOURCE_MANAGE) - && !DocUserUtil.haveCustomAuth(authName, DocAuthConst.DB + sourceId)) { - throw new ConfirmException(noAuthInfo); - } } /** diff --git a/zyplayer-doc-db/src/main/java/com/zyplayer/doc/db/controller/DbDataSourceAuthController.java b/zyplayer-doc-db/src/main/java/com/zyplayer/doc/db/controller/DbDataSourceAuthController.java index c67e754b..05212e65 100644 --- a/zyplayer-doc-db/src/main/java/com/zyplayer/doc/db/controller/DbDataSourceAuthController.java +++ b/zyplayer-doc-db/src/main/java/com/zyplayer/doc/db/controller/DbDataSourceAuthController.java @@ -1,12 +1,8 @@ package com.zyplayer.doc.db.controller; -import com.alibaba.fastjson.JSON; import com.baomidou.mybatisplus.core.conditions.query.QueryWrapper; -import com.zyplayer.doc.core.annotation.AuthMan; import com.zyplayer.doc.core.json.DocResponseJson; import com.zyplayer.doc.core.json.ResponseJson; -import com.zyplayer.doc.data.config.security.DocUserDetails; -import com.zyplayer.doc.data.config.security.DocUserUtil; import com.zyplayer.doc.data.repository.manage.entity.AuthInfo; import com.zyplayer.doc.data.repository.manage.entity.UserAuth; import com.zyplayer.doc.data.repository.manage.entity.UserInfo; @@ -26,7 +22,6 @@ import org.springframework.web.bind.annotation.RestController; import javax.annotation.Resource; import java.util.*; import java.util.stream.Collectors; -import java.util.stream.Stream; /** * 数据库权限控制器 @@ -35,7 +30,6 @@ import java.util.stream.Stream; * @since 2019年8月18日 */ @RestController -@AuthMan("DB_DATASOURCE_MANAGE") @RequestMapping("/zyplayer-doc-db/auth") public class DbDataSourceAuthController { private static Logger logger = LoggerFactory.getLogger(DbDataSourceAuthController.class); @@ -49,55 +43,7 @@ public class DbDataSourceAuthController { @PostMapping("/assign") public ResponseJson assign(Long sourceId, String authList) { - DocUserDetails currentUser = DocUserUtil.getCurrentUser(); - List authNameList = Stream.of(DbAuthType.values()).map(DbAuthType::getName).collect(Collectors.toList()); - QueryWrapper queryWrapper = new QueryWrapper<>(); - queryWrapper.in("auth_name", authNameList); - Collection authInfoList = authInfoService.list(queryWrapper); - Map authInfoMap = authInfoList.stream().collect(Collectors.toMap(AuthInfo::getAuthName, AuthInfo::getId)); - - // 先删除所有用户的权限 - QueryWrapper updateWrapper = new QueryWrapper<>(); - updateWrapper.eq("auth_custom_suffix", DocAuthConst.DB + sourceId); - updateWrapper.eq("del_flag", 0); - userAuthService.remove(updateWrapper); - - List authVoList = JSON.parseArray(authList, UserDbAuthVo.class); - for (UserDbAuthVo authVo : authVoList) { - List userAuthList = new LinkedList<>(); - Integer executeAuth = Optional.ofNullable(authVo.getExecuteAuth()).orElse(0); - if (executeAuth <= 0) { - Long authId = authInfoMap.get(DbAuthType.NO_AUTH.getName()); - UserAuth userAuth = this.createUserAuth(sourceId, currentUser.getUserId(), authVo.getUserId(), authId); - userAuthList.add(userAuth); - } - if (executeAuth >= 1) { - Long authId = authInfoMap.get(DbAuthType.VIEW.getName()); - UserAuth userAuth = this.createUserAuth(sourceId, currentUser.getUserId(), authVo.getUserId(), authId); - userAuthList.add(userAuth); - } - if (executeAuth >= 2) { - Long authId = authInfoMap.get(DbAuthType.SELECT.getName()); - UserAuth userAuth = this.createUserAuth(sourceId, currentUser.getUserId(), authVo.getUserId(), authId); - userAuthList.add(userAuth); - } - if (executeAuth >= 3) { - Long authId = authInfoMap.get(DbAuthType.UPDATE.getName()); - UserAuth userAuth = this.createUserAuth(sourceId, currentUser.getUserId(), authVo.getUserId(), authId); - userAuthList.add(userAuth); - } - if (Objects.equals(authVo.getDescEditAuth(), 1)) { - Long authId = authInfoMap.get(DbAuthType.DESC_EDIT.getName()); - UserAuth userAuth = this.createUserAuth(sourceId, currentUser.getUserId(), authVo.getUserId(), authId); - userAuthList.add(userAuth); - } - if (userAuthList.size() <= 0) { - continue; - } - // 保存权限,重新登录后可用,后期可以考虑在这里直接修改缓存里的用户权限 - userAuthService.saveBatch(userAuthList); - } - return DocResponseJson.ok(); + return DocResponseJson.warn("不支持的方法"); } @PostMapping("/list") diff --git a/zyplayer-doc-db/src/main/java/com/zyplayer/doc/db/controller/DbDatasourceController.java b/zyplayer-doc-db/src/main/java/com/zyplayer/doc/db/controller/DbDatasourceController.java index 13cb5ad5..9ca2b385 100644 --- a/zyplayer-doc-db/src/main/java/com/zyplayer/doc/db/controller/DbDatasourceController.java +++ b/zyplayer-doc-db/src/main/java/com/zyplayer/doc/db/controller/DbDatasourceController.java @@ -1,10 +1,7 @@ package com.zyplayer.doc.db.controller; import com.baomidou.mybatisplus.core.conditions.query.QueryWrapper; -import com.zyplayer.doc.core.annotation.AuthMan; import com.zyplayer.doc.core.json.ResponseJson; -import com.zyplayer.doc.data.config.security.DocUserDetails; -import com.zyplayer.doc.data.config.security.DocUserUtil; import com.zyplayer.doc.data.repository.manage.entity.DbDatasource; import com.zyplayer.doc.data.service.manage.DbDatasourceService; import com.zyplayer.doc.db.framework.configuration.DatasourceUtil; @@ -26,7 +23,6 @@ import java.util.*; * @since 2019年6月29日 */ @RestController -@AuthMan("DB_DATASOURCE_MANAGE") @RequestMapping("/zyplayer-doc-db/datasource") public class DbDatasourceController { @@ -70,10 +66,7 @@ public class DbDatasourceController { if (sourceId > 0) { dbDatasourceService.updateById(dbDatasource); } else { - DocUserDetails currentUser = DocUserUtil.getCurrentUser(); dbDatasource.setCreateTime(new Date()); - dbDatasource.setCreateUserId(currentUser.getUserId()); - dbDatasource.setCreateUserName(currentUser.getUsername()); dbDatasource.setYn(1); dbDatasourceService.save(dbDatasource); } diff --git a/zyplayer-doc-db/src/main/java/com/zyplayer/doc/db/controller/DbSqlExecutorController.java b/zyplayer-doc-db/src/main/java/com/zyplayer/doc/db/controller/DbSqlExecutorController.java index 1d8855ab..b86f4dcd 100644 --- a/zyplayer-doc-db/src/main/java/com/zyplayer/doc/db/controller/DbSqlExecutorController.java +++ b/zyplayer-doc-db/src/main/java/com/zyplayer/doc/db/controller/DbSqlExecutorController.java @@ -5,17 +5,12 @@ import com.alibaba.fastjson.serializer.SerializeConfig; import com.alibaba.fastjson.serializer.SerializerFeature; import com.alibaba.fastjson.serializer.SimpleDateFormatSerializer; import com.baomidou.mybatisplus.core.conditions.update.UpdateWrapper; -import com.zyplayer.doc.core.annotation.AuthMan; import com.zyplayer.doc.core.json.ResponseJson; import com.zyplayer.doc.core.util.StringUtil; -import com.zyplayer.doc.data.config.security.DocUserDetails; -import com.zyplayer.doc.data.config.security.DocUserUtil; import com.zyplayer.doc.data.repository.manage.entity.DbFavorite; import com.zyplayer.doc.data.repository.manage.entity.DbHistory; -import com.zyplayer.doc.data.repository.support.consts.DocAuthConst; import com.zyplayer.doc.data.service.manage.DbFavoriteService; import com.zyplayer.doc.data.service.manage.DbHistoryService; -import com.zyplayer.doc.db.framework.consts.DbAuthType; import com.zyplayer.doc.db.framework.db.mapper.base.ExecuteParam; import com.zyplayer.doc.db.framework.db.mapper.base.ExecuteResult; import com.zyplayer.doc.db.framework.db.mapper.base.ExecuteType; @@ -28,7 +23,10 @@ import org.springframework.web.bind.annotation.RestController; import javax.annotation.Resource; import java.sql.Timestamp; -import java.util.*; +import java.util.Date; +import java.util.LinkedList; +import java.util.List; +import java.util.Optional; /** * sql执行器 @@ -36,7 +34,6 @@ import java.util.*; * @author 暮光:城中城 * @since 2019年8月18日 */ -@AuthMan @RestController @RequestMapping("/zyplayer-doc-db/executor") public class DbSqlExecutorController { @@ -53,12 +50,6 @@ public class DbSqlExecutorController { if (StringUtils.isBlank(sql)) { return DocDbResponseJson.warn("执行的SQL不能为空"); } - boolean manageAuth = DocUserUtil.haveAuth(DocAuthConst.DB_DATASOURCE_MANAGE); - boolean select = DocUserUtil.haveCustomAuth(DbAuthType.SELECT.getName(), DocAuthConst.DB + sourceId); - boolean update = DocUserUtil.haveCustomAuth(DbAuthType.UPDATE.getName(), DocAuthConst.DB + sourceId); - if (!manageAuth && !select && !update) { - return DocDbResponseJson.warn("没有该数据源的执行权限"); - } // 保留历史记录 dbHistoryService.saveHistory(sql.trim(), sourceId); List resultList = new LinkedList<>(); @@ -70,7 +61,7 @@ public class DbSqlExecutorController { } sqlItem = sqlItem.trim(); try { - ExecuteType executeType = (!manageAuth && select) ? ExecuteType.SELECT : ExecuteType.ALL; + ExecuteType executeType = ExecuteType.ALL; ExecuteParam executeParam = new ExecuteParam(); executeParam.setDatasourceId(sourceId); executeParam.setExecuteId(executeId); @@ -108,10 +99,8 @@ public class DbSqlExecutorController { @PostMapping(value = "/favorite/list") public ResponseJson favoriteList(Long sourceId) { - DocUserDetails currentUser = DocUserUtil.getCurrentUser(); UpdateWrapper wrapper = new UpdateWrapper<>(); wrapper.eq(sourceId != null, "datasource_id", sourceId); - wrapper.eq("create_user_id", currentUser.getUserId()); wrapper.eq("yn", 1); wrapper.orderByDesc("id"); List favoriteList = dbFavoriteService.list(wrapper); @@ -127,13 +116,10 @@ public class DbSqlExecutorController { } dbFavorite.setContent(dbFavorite.getContent().trim()); } - DocUserDetails currentUser = DocUserUtil.getCurrentUser(); if (dbFavorite.getId() != null && dbFavorite.getId() > 0) { dbFavoriteService.updateById(dbFavorite); } else { dbFavorite.setCreateTime(new Date()); - dbFavorite.setCreateUserId(currentUser.getUserId()); - dbFavorite.setCreateUserName(currentUser.getUsername()); dbFavorite.setYn(1); dbFavoriteService.save(dbFavorite); } diff --git a/zyplayer-doc-db/src/main/java/com/zyplayer/doc/db/controller/DbTransferDataController.java b/zyplayer-doc-db/src/main/java/com/zyplayer/doc/db/controller/DbTransferDataController.java index 9dec285f..bd53855d 100644 --- a/zyplayer-doc-db/src/main/java/com/zyplayer/doc/db/controller/DbTransferDataController.java +++ b/zyplayer-doc-db/src/main/java/com/zyplayer/doc/db/controller/DbTransferDataController.java @@ -1,10 +1,7 @@ package com.zyplayer.doc.db.controller; import com.baomidou.mybatisplus.core.conditions.query.QueryWrapper; -import com.zyplayer.doc.core.annotation.AuthMan; import com.zyplayer.doc.core.json.ResponseJson; -import com.zyplayer.doc.data.config.security.DocUserDetails; -import com.zyplayer.doc.data.config.security.DocUserUtil; import com.zyplayer.doc.data.repository.manage.entity.DbTransferTask; import com.zyplayer.doc.data.service.manage.DbTransferTaskService; import com.zyplayer.doc.db.framework.db.transfer.SqlParseUtil; @@ -24,7 +21,6 @@ import java.util.List; * @author 暮光:城中城 * @since 2019年9月28日 */ -@AuthMan @RestController @RequestMapping("/zyplayer-doc-db/transfer") public class DbTransferDataController { @@ -68,10 +64,7 @@ public class DbTransferDataController { public ResponseJson update(DbTransferTask transferTask) { DbTransferTask transferTaskUp = new DbTransferTask(); if (transferTask.getId() == null) { - DocUserDetails currentUser = DocUserUtil.getCurrentUser(); transferTaskUp.setCreateTime(new Date()); - transferTaskUp.setCreateUserId(currentUser.getUserId()); - transferTaskUp.setCreateUserName(currentUser.getUsername()); transferTaskUp.setDelFlag(0); } else { transferTaskUp.setId(transferTask.getId()); diff --git a/zyplayer-doc-manage/src/main/java/com/zyplayer/doc/manage/framework/config/ZyplayerDocConfig.java b/zyplayer-doc-manage/src/main/java/com/zyplayer/doc/manage/framework/config/ZyplayerDocConfig.java index c328c18d..f15d33c7 100644 --- a/zyplayer-doc-manage/src/main/java/com/zyplayer/doc/manage/framework/config/ZyplayerDocConfig.java +++ b/zyplayer-doc-manage/src/main/java/com/zyplayer/doc/manage/framework/config/ZyplayerDocConfig.java @@ -2,10 +2,6 @@ package com.zyplayer.doc.manage.framework.config; import com.zyplayer.doc.db.framework.configuration.EnableDocDb; import com.zyplayer.doc.db.framework.db.bean.DatabaseRegistrationBean; -import com.zyplayer.doc.dubbo.framework.config.EnableDocDubbo; -import com.zyplayer.doc.elasticsearch.framework.config.EnableDocEs; -import com.zyplayer.doc.swagger.framework.configuration.EnableDocSwagger; -import com.zyplayer.doc.wiki.framework.config.EnableDocWiki; import org.springframework.boot.context.properties.ConfigurationProperties; import org.springframework.context.annotation.Bean; import org.springframework.context.annotation.Configuration; @@ -21,21 +17,21 @@ public class ZyplayerDocConfig { // @EnableDocGrpc // grpc默认不开启 // public class enableDocGrpc{} - - @EnableDocWiki - public class enableDocWiki{} - - @EnableDocEs - public class enableDocEs{} - - @EnableDocDubbo - public class enableDocDubbo{} + +// @EnableDocWiki +// public class enableDocWiki{} +// +// @EnableDocEs +// public class enableDocEs{} +// +// @EnableDocDubbo +// public class enableDocDubbo{} @EnableDocDb public class enableDocDb{} - - @EnableDocSwagger(selfDoc = false) - public class enableDocSwagger{} + +// @EnableDocSwagger(selfDoc = false) +// public class enableDocSwagger{} @Bean @ConfigurationProperties(prefix = "zyplayer.doc.db") diff --git a/zyplayer-doc-manage/src/main/java/com/zyplayer/doc/manage/web/manage/DocSystemController.java b/zyplayer-doc-manage/src/main/java/com/zyplayer/doc/manage/web/manage/DocSystemController.java index e13732c0..299e7e7a 100644 --- a/zyplayer-doc-manage/src/main/java/com/zyplayer/doc/manage/web/manage/DocSystemController.java +++ b/zyplayer-doc-manage/src/main/java/com/zyplayer/doc/manage/web/manage/DocSystemController.java @@ -1,6 +1,5 @@ package com.zyplayer.doc.manage.web.manage; -import com.zyplayer.doc.core.annotation.AuthMan; import org.springframework.stereotype.Controller; import org.springframework.web.bind.annotation.GetMapping; import org.springframework.web.servlet.ModelAndView; @@ -16,33 +15,8 @@ public class DocSystemController { return new ModelAndView("/doc-console.html"); } - @AuthMan - @GetMapping("/doc-wiki") - public ModelAndView wiki() { - return new ModelAndView("/doc-wiki.html"); - } - - @AuthMan @GetMapping("/doc-db") public ModelAndView db() { return new ModelAndView("/doc-db.html"); } - - @AuthMan - @GetMapping("/doc-swagger") - public ModelAndView swagger() { - return new ModelAndView("/document.html"); - } - - @AuthMan - @GetMapping("/doc-dubbo") - public ModelAndView dubbo() { - return new ModelAndView("/doc-dubbo.html"); - } - - @AuthMan - @GetMapping("/doc-es") - public ModelAndView es() { - return new ModelAndView("/doc-es.html"); - } } diff --git a/zyplayer-doc-manage/src/main/java/com/zyplayer/doc/manage/web/manage/UserInfoController.java b/zyplayer-doc-manage/src/main/java/com/zyplayer/doc/manage/web/manage/UserInfoController.java index 46ad3dcf..a7c21171 100644 --- a/zyplayer-doc-manage/src/main/java/com/zyplayer/doc/manage/web/manage/UserInfoController.java +++ b/zyplayer-doc-manage/src/main/java/com/zyplayer/doc/manage/web/manage/UserInfoController.java @@ -1,19 +1,17 @@ package com.zyplayer.doc.manage.web.manage; import cn.hutool.core.util.RandomUtil; -import com.baomidou.mybatisplus.core.conditions.Wrapper; import com.baomidou.mybatisplus.core.conditions.query.QueryWrapper; import com.github.pagehelper.PageHelper; import com.github.pagehelper.PageInfo; +import com.zyplayer.doc.core.annotation.AuthMan; import com.zyplayer.doc.core.json.DocResponseJson; import com.zyplayer.doc.core.json.ResponseJson; -import com.zyplayer.doc.core.annotation.AuthMan; import com.zyplayer.doc.data.config.security.DocUserDetails; import com.zyplayer.doc.data.config.security.DocUserUtil; import com.zyplayer.doc.data.repository.manage.entity.AuthInfo; import com.zyplayer.doc.data.repository.manage.entity.UserAuth; import com.zyplayer.doc.data.repository.manage.entity.UserInfo; -import com.zyplayer.doc.data.repository.manage.entity.WikiPage; import com.zyplayer.doc.data.service.manage.AuthInfoService; import com.zyplayer.doc.data.service.manage.UserAuthService; import com.zyplayer.doc.data.service.manage.UserInfoService; @@ -21,7 +19,6 @@ import com.zyplayer.doc.manage.web.manage.param.UserListParam; import com.zyplayer.doc.manage.web.manage.vo.AuthInfoVo; import org.apache.commons.lang.StringUtils; import org.dozer.Mapper; -import org.springframework.beans.factory.annotation.Autowired; import org.springframework.util.DigestUtils; import org.springframework.web.bind.annotation.PostMapping; import org.springframework.web.bind.annotation.RequestMapping; @@ -45,11 +42,10 @@ public class UserInfoController { @Resource Mapper mapper; - @AuthMan @PostMapping("/selfInfo") public ResponseJson selfInfo() { - DocUserDetails currentUser = DocUserUtil.getCurrentUser(); - UserInfo userInfo = userInfoService.getById(currentUser.getUserId()); + UserInfo userInfo = new UserInfo(); + userInfo.setUserName("系统管理员"); return DocResponseJson.ok(userInfo); }