无须登陆的db模块版本
This commit is contained in:
暮光:城中城
@@ -7,14 +7,9 @@ import com.alibaba.excel.ExcelWriter;
|
||||
import com.alibaba.excel.write.metadata.WriteSheet;
|
||||
import com.alibaba.fastjson.JSON;
|
||||
import com.baomidou.mybatisplus.core.conditions.query.QueryWrapper;
|
||||
import com.zyplayer.doc.core.annotation.AuthMan;
|
||||
import com.zyplayer.doc.core.exception.ConfirmException;
|
||||
import com.zyplayer.doc.core.json.ResponseJson;
|
||||
import com.zyplayer.doc.data.config.security.DocUserDetails;
|
||||
import com.zyplayer.doc.data.config.security.DocUserUtil;
|
||||
import com.zyplayer.doc.data.repository.manage.entity.DbDatasource;
|
||||
import com.zyplayer.doc.data.repository.manage.entity.UserAuth;
|
||||
import com.zyplayer.doc.data.repository.support.consts.DocAuthConst;
|
||||
import com.zyplayer.doc.data.service.manage.DbDatasourceService;
|
||||
import com.zyplayer.doc.data.service.manage.UserAuthService;
|
||||
import com.zyplayer.doc.data.utils.CachePrefix;
|
||||
@@ -33,7 +28,6 @@ import com.zyplayer.doc.db.framework.db.mapper.mysql.MysqlMapper;
|
||||
import com.zyplayer.doc.db.framework.json.DocDbResponseJson;
|
||||
import org.apache.commons.collections.CollectionUtils;
|
||||
import org.apache.commons.lang.StringUtils;
|
||||
import org.apache.commons.lang.math.NumberUtils;
|
||||
import org.mybatis.spring.SqlSessionTemplate;
|
||||
import org.springframework.web.bind.annotation.GetMapping;
|
||||
import org.springframework.web.bind.annotation.PostMapping;
|
||||
@@ -54,7 +48,6 @@ import java.util.stream.Collectors;
|
||||
* @author 暮光:城中城
|
||||
* @since 2018年8月8日
|
||||
*/
|
||||
@AuthMan
|
||||
@RestController
|
||||
@RequestMapping("/zyplayer-doc-db/doc-db")
|
||||
public class DatabaseDocController {
|
||||
@@ -68,22 +61,8 @@ public class DatabaseDocController {
|
||||
|
||||
@PostMapping(value = "/getDataSourceList")
|
||||
public ResponseJson getDataSourceList() {
|
||||
DocUserDetails currentUser = DocUserUtil.getCurrentUser();
|
||||
QueryWrapper<DbDatasource> wrapper = new QueryWrapper<>();
|
||||
wrapper.eq("yn", 1);
|
||||
// 没管理权限只返回有权限的数据源
|
||||
if (!DocUserUtil.haveAuth(DocAuthConst.DB_DATASOURCE_MANAGE)) {
|
||||
QueryWrapper<UserAuth> updateWrapper = new QueryWrapper<>();
|
||||
updateWrapper.likeRight("auth_custom_suffix", DocAuthConst.DB);
|
||||
updateWrapper.eq("del_flag", 0);
|
||||
updateWrapper.eq("user_id", currentUser.getUserId());
|
||||
List<UserAuth> userAuthList = userAuthService.list(updateWrapper);
|
||||
if (userAuthList == null || userAuthList.isEmpty()) {
|
||||
return DocDbResponseJson.ok();
|
||||
}
|
||||
List<Long> userAuthDbIds = userAuthList.stream().map(val -> NumberUtils.toLong(val.getAuthCustomSuffix().replace(DocAuthConst.DB, ""))).collect(Collectors.toList());
|
||||
wrapper.in("id", userAuthDbIds);
|
||||
}
|
||||
List<DbDatasource> datasourceList = dbDatasourceService.list(wrapper);
|
||||
List<DatabaseFactoryBean> dataSourceList = datasourceList.stream().map(val -> {
|
||||
DatabaseFactoryBean bean = new DatabaseFactoryBean();
|
||||
@@ -103,11 +82,6 @@ public class DatabaseDocController {
|
||||
*/
|
||||
@PostMapping(value = "/getEditorData")
|
||||
public ResponseJson getEditorData(Long sourceId) {
|
||||
// 没权限,返回空
|
||||
if (!DocUserUtil.haveAuth(DocAuthConst.DB_DATASOURCE_MANAGE)
|
||||
&& !DocUserUtil.haveCustomAuth(DbAuthType.VIEW.getName(), DocAuthConst.DB + sourceId)) {
|
||||
return DocDbResponseJson.ok();
|
||||
}
|
||||
String cacheKey = CachePrefix.DB_EDITOR_DATA_CACHE + sourceId;
|
||||
Object resultObj = CacheUtil.get(cacheKey);
|
||||
if (resultObj != null) {
|
||||
@@ -344,10 +318,6 @@ public class DatabaseDocController {
|
||||
* @author 暮光:城中城
|
||||
*/
|
||||
private void judgeAuth(Long sourceId, String authName, String noAuthInfo) {
|
||||
if (!DocUserUtil.haveAuth(DocAuthConst.DB_DATASOURCE_MANAGE)
|
||||
&& !DocUserUtil.haveCustomAuth(authName, DocAuthConst.DB + sourceId)) {
|
||||
throw new ConfirmException(noAuthInfo);
|
||||
}
|
||||
}
|
||||
|
||||
/**
|
||||
|
||||
@@ -1,12 +1,8 @@
|
||||
package com.zyplayer.doc.db.controller;
|
||||
|
||||
import com.alibaba.fastjson.JSON;
|
||||
import com.baomidou.mybatisplus.core.conditions.query.QueryWrapper;
|
||||
import com.zyplayer.doc.core.annotation.AuthMan;
|
||||
import com.zyplayer.doc.core.json.DocResponseJson;
|
||||
import com.zyplayer.doc.core.json.ResponseJson;
|
||||
import com.zyplayer.doc.data.config.security.DocUserDetails;
|
||||
import com.zyplayer.doc.data.config.security.DocUserUtil;
|
||||
import com.zyplayer.doc.data.repository.manage.entity.AuthInfo;
|
||||
import com.zyplayer.doc.data.repository.manage.entity.UserAuth;
|
||||
import com.zyplayer.doc.data.repository.manage.entity.UserInfo;
|
||||
@@ -26,7 +22,6 @@ import org.springframework.web.bind.annotation.RestController;
|
||||
import javax.annotation.Resource;
|
||||
import java.util.*;
|
||||
import java.util.stream.Collectors;
|
||||
import java.util.stream.Stream;
|
||||
|
||||
/**
|
||||
* 数据库权限控制器
|
||||
@@ -35,7 +30,6 @@ import java.util.stream.Stream;
|
||||
* @since 2019年8月18日
|
||||
*/
|
||||
@RestController
|
||||
@AuthMan("DB_DATASOURCE_MANAGE")
|
||||
@RequestMapping("/zyplayer-doc-db/auth")
|
||||
public class DbDataSourceAuthController {
|
||||
private static Logger logger = LoggerFactory.getLogger(DbDataSourceAuthController.class);
|
||||
@@ -49,55 +43,7 @@ public class DbDataSourceAuthController {
|
||||
|
||||
@PostMapping("/assign")
|
||||
public ResponseJson<Object> assign(Long sourceId, String authList) {
|
||||
DocUserDetails currentUser = DocUserUtil.getCurrentUser();
|
||||
List<String> authNameList = Stream.of(DbAuthType.values()).map(DbAuthType::getName).collect(Collectors.toList());
|
||||
QueryWrapper<AuthInfo> queryWrapper = new QueryWrapper<>();
|
||||
queryWrapper.in("auth_name", authNameList);
|
||||
Collection<AuthInfo> authInfoList = authInfoService.list(queryWrapper);
|
||||
Map<String, Long> authInfoMap = authInfoList.stream().collect(Collectors.toMap(AuthInfo::getAuthName, AuthInfo::getId));
|
||||
|
||||
// 先删除所有用户的权限
|
||||
QueryWrapper<UserAuth> updateWrapper = new QueryWrapper<>();
|
||||
updateWrapper.eq("auth_custom_suffix", DocAuthConst.DB + sourceId);
|
||||
updateWrapper.eq("del_flag", 0);
|
||||
userAuthService.remove(updateWrapper);
|
||||
|
||||
List<UserDbAuthVo> authVoList = JSON.parseArray(authList, UserDbAuthVo.class);
|
||||
for (UserDbAuthVo authVo : authVoList) {
|
||||
List<UserAuth> userAuthList = new LinkedList<>();
|
||||
Integer executeAuth = Optional.ofNullable(authVo.getExecuteAuth()).orElse(0);
|
||||
if (executeAuth <= 0) {
|
||||
Long authId = authInfoMap.get(DbAuthType.NO_AUTH.getName());
|
||||
UserAuth userAuth = this.createUserAuth(sourceId, currentUser.getUserId(), authVo.getUserId(), authId);
|
||||
userAuthList.add(userAuth);
|
||||
}
|
||||
if (executeAuth >= 1) {
|
||||
Long authId = authInfoMap.get(DbAuthType.VIEW.getName());
|
||||
UserAuth userAuth = this.createUserAuth(sourceId, currentUser.getUserId(), authVo.getUserId(), authId);
|
||||
userAuthList.add(userAuth);
|
||||
}
|
||||
if (executeAuth >= 2) {
|
||||
Long authId = authInfoMap.get(DbAuthType.SELECT.getName());
|
||||
UserAuth userAuth = this.createUserAuth(sourceId, currentUser.getUserId(), authVo.getUserId(), authId);
|
||||
userAuthList.add(userAuth);
|
||||
}
|
||||
if (executeAuth >= 3) {
|
||||
Long authId = authInfoMap.get(DbAuthType.UPDATE.getName());
|
||||
UserAuth userAuth = this.createUserAuth(sourceId, currentUser.getUserId(), authVo.getUserId(), authId);
|
||||
userAuthList.add(userAuth);
|
||||
}
|
||||
if (Objects.equals(authVo.getDescEditAuth(), 1)) {
|
||||
Long authId = authInfoMap.get(DbAuthType.DESC_EDIT.getName());
|
||||
UserAuth userAuth = this.createUserAuth(sourceId, currentUser.getUserId(), authVo.getUserId(), authId);
|
||||
userAuthList.add(userAuth);
|
||||
}
|
||||
if (userAuthList.size() <= 0) {
|
||||
continue;
|
||||
}
|
||||
// 保存权限,重新登录后可用,后期可以考虑在这里直接修改缓存里的用户权限
|
||||
userAuthService.saveBatch(userAuthList);
|
||||
}
|
||||
return DocResponseJson.ok();
|
||||
return DocResponseJson.warn("不支持的方法");
|
||||
}
|
||||
|
||||
@PostMapping("/list")
|
||||
|
||||
@@ -1,10 +1,7 @@
|
||||
package com.zyplayer.doc.db.controller;
|
||||
|
||||
import com.baomidou.mybatisplus.core.conditions.query.QueryWrapper;
|
||||
import com.zyplayer.doc.core.annotation.AuthMan;
|
||||
import com.zyplayer.doc.core.json.ResponseJson;
|
||||
import com.zyplayer.doc.data.config.security.DocUserDetails;
|
||||
import com.zyplayer.doc.data.config.security.DocUserUtil;
|
||||
import com.zyplayer.doc.data.repository.manage.entity.DbDatasource;
|
||||
import com.zyplayer.doc.data.service.manage.DbDatasourceService;
|
||||
import com.zyplayer.doc.db.framework.configuration.DatasourceUtil;
|
||||
@@ -26,7 +23,6 @@ import java.util.*;
|
||||
* @since 2019年6月29日
|
||||
*/
|
||||
@RestController
|
||||
@AuthMan("DB_DATASOURCE_MANAGE")
|
||||
@RequestMapping("/zyplayer-doc-db/datasource")
|
||||
public class DbDatasourceController {
|
||||
|
||||
@@ -70,10 +66,7 @@ public class DbDatasourceController {
|
||||
if (sourceId > 0) {
|
||||
dbDatasourceService.updateById(dbDatasource);
|
||||
} else {
|
||||
DocUserDetails currentUser = DocUserUtil.getCurrentUser();
|
||||
dbDatasource.setCreateTime(new Date());
|
||||
dbDatasource.setCreateUserId(currentUser.getUserId());
|
||||
dbDatasource.setCreateUserName(currentUser.getUsername());
|
||||
dbDatasource.setYn(1);
|
||||
dbDatasourceService.save(dbDatasource);
|
||||
}
|
||||
|
||||
@@ -5,17 +5,12 @@ import com.alibaba.fastjson.serializer.SerializeConfig;
|
||||
import com.alibaba.fastjson.serializer.SerializerFeature;
|
||||
import com.alibaba.fastjson.serializer.SimpleDateFormatSerializer;
|
||||
import com.baomidou.mybatisplus.core.conditions.update.UpdateWrapper;
|
||||
import com.zyplayer.doc.core.annotation.AuthMan;
|
||||
import com.zyplayer.doc.core.json.ResponseJson;
|
||||
import com.zyplayer.doc.core.util.StringUtil;
|
||||
import com.zyplayer.doc.data.config.security.DocUserDetails;
|
||||
import com.zyplayer.doc.data.config.security.DocUserUtil;
|
||||
import com.zyplayer.doc.data.repository.manage.entity.DbFavorite;
|
||||
import com.zyplayer.doc.data.repository.manage.entity.DbHistory;
|
||||
import com.zyplayer.doc.data.repository.support.consts.DocAuthConst;
|
||||
import com.zyplayer.doc.data.service.manage.DbFavoriteService;
|
||||
import com.zyplayer.doc.data.service.manage.DbHistoryService;
|
||||
import com.zyplayer.doc.db.framework.consts.DbAuthType;
|
||||
import com.zyplayer.doc.db.framework.db.mapper.base.ExecuteParam;
|
||||
import com.zyplayer.doc.db.framework.db.mapper.base.ExecuteResult;
|
||||
import com.zyplayer.doc.db.framework.db.mapper.base.ExecuteType;
|
||||
@@ -28,7 +23,10 @@ import org.springframework.web.bind.annotation.RestController;
|
||||
|
||||
import javax.annotation.Resource;
|
||||
import java.sql.Timestamp;
|
||||
import java.util.*;
|
||||
import java.util.Date;
|
||||
import java.util.LinkedList;
|
||||
import java.util.List;
|
||||
import java.util.Optional;
|
||||
|
||||
/**
|
||||
* sql执行器
|
||||
@@ -36,7 +34,6 @@ import java.util.*;
|
||||
* @author 暮光:城中城
|
||||
* @since 2019年8月18日
|
||||
*/
|
||||
@AuthMan
|
||||
@RestController
|
||||
@RequestMapping("/zyplayer-doc-db/executor")
|
||||
public class DbSqlExecutorController {
|
||||
@@ -53,12 +50,6 @@ public class DbSqlExecutorController {
|
||||
if (StringUtils.isBlank(sql)) {
|
||||
return DocDbResponseJson.warn("执行的SQL不能为空");
|
||||
}
|
||||
boolean manageAuth = DocUserUtil.haveAuth(DocAuthConst.DB_DATASOURCE_MANAGE);
|
||||
boolean select = DocUserUtil.haveCustomAuth(DbAuthType.SELECT.getName(), DocAuthConst.DB + sourceId);
|
||||
boolean update = DocUserUtil.haveCustomAuth(DbAuthType.UPDATE.getName(), DocAuthConst.DB + sourceId);
|
||||
if (!manageAuth && !select && !update) {
|
||||
return DocDbResponseJson.warn("没有该数据源的执行权限");
|
||||
}
|
||||
// 保留历史记录
|
||||
dbHistoryService.saveHistory(sql.trim(), sourceId);
|
||||
List<String> resultList = new LinkedList<>();
|
||||
@@ -70,7 +61,7 @@ public class DbSqlExecutorController {
|
||||
}
|
||||
sqlItem = sqlItem.trim();
|
||||
try {
|
||||
ExecuteType executeType = (!manageAuth && select) ? ExecuteType.SELECT : ExecuteType.ALL;
|
||||
ExecuteType executeType = ExecuteType.ALL;
|
||||
ExecuteParam executeParam = new ExecuteParam();
|
||||
executeParam.setDatasourceId(sourceId);
|
||||
executeParam.setExecuteId(executeId);
|
||||
@@ -108,10 +99,8 @@ public class DbSqlExecutorController {
|
||||
|
||||
@PostMapping(value = "/favorite/list")
|
||||
public ResponseJson favoriteList(Long sourceId) {
|
||||
DocUserDetails currentUser = DocUserUtil.getCurrentUser();
|
||||
UpdateWrapper<DbFavorite> wrapper = new UpdateWrapper<>();
|
||||
wrapper.eq(sourceId != null, "datasource_id", sourceId);
|
||||
wrapper.eq("create_user_id", currentUser.getUserId());
|
||||
wrapper.eq("yn", 1);
|
||||
wrapper.orderByDesc("id");
|
||||
List<DbFavorite> favoriteList = dbFavoriteService.list(wrapper);
|
||||
@@ -127,13 +116,10 @@ public class DbSqlExecutorController {
|
||||
}
|
||||
dbFavorite.setContent(dbFavorite.getContent().trim());
|
||||
}
|
||||
DocUserDetails currentUser = DocUserUtil.getCurrentUser();
|
||||
if (dbFavorite.getId() != null && dbFavorite.getId() > 0) {
|
||||
dbFavoriteService.updateById(dbFavorite);
|
||||
} else {
|
||||
dbFavorite.setCreateTime(new Date());
|
||||
dbFavorite.setCreateUserId(currentUser.getUserId());
|
||||
dbFavorite.setCreateUserName(currentUser.getUsername());
|
||||
dbFavorite.setYn(1);
|
||||
dbFavoriteService.save(dbFavorite);
|
||||
}
|
||||
|
||||
@@ -1,10 +1,7 @@
|
||||
package com.zyplayer.doc.db.controller;
|
||||
|
||||
import com.baomidou.mybatisplus.core.conditions.query.QueryWrapper;
|
||||
import com.zyplayer.doc.core.annotation.AuthMan;
|
||||
import com.zyplayer.doc.core.json.ResponseJson;
|
||||
import com.zyplayer.doc.data.config.security.DocUserDetails;
|
||||
import com.zyplayer.doc.data.config.security.DocUserUtil;
|
||||
import com.zyplayer.doc.data.repository.manage.entity.DbTransferTask;
|
||||
import com.zyplayer.doc.data.service.manage.DbTransferTaskService;
|
||||
import com.zyplayer.doc.db.framework.db.transfer.SqlParseUtil;
|
||||
@@ -24,7 +21,6 @@ import java.util.List;
|
||||
* @author 暮光:城中城
|
||||
* @since 2019年9月28日
|
||||
*/
|
||||
@AuthMan
|
||||
@RestController
|
||||
@RequestMapping("/zyplayer-doc-db/transfer")
|
||||
public class DbTransferDataController {
|
||||
@@ -68,10 +64,7 @@ public class DbTransferDataController {
|
||||
public ResponseJson update(DbTransferTask transferTask) {
|
||||
DbTransferTask transferTaskUp = new DbTransferTask();
|
||||
if (transferTask.getId() == null) {
|
||||
DocUserDetails currentUser = DocUserUtil.getCurrentUser();
|
||||
transferTaskUp.setCreateTime(new Date());
|
||||
transferTaskUp.setCreateUserId(currentUser.getUserId());
|
||||
transferTaskUp.setCreateUserName(currentUser.getUsername());
|
||||
transferTaskUp.setDelFlag(0);
|
||||
} else {
|
||||
transferTaskUp.setId(transferTask.getId());
|
||||
|
||||
Reference in New Issue
Block a user