From e3cd744d38eb5f969523c04d140a35ac925c2c33 Mon Sep 17 00:00:00 2001 From: suxiaoyang <653800209@qq.com> Date: Thu, 25 Mar 2021 18:22:54 +0800 Subject: [PATCH] =?UTF-8?q?=E8=AE=A4=E8=AF=81=E8=B0=83=E6=95=B4?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- .../bigwhale/config/DingdingConfig.java | 4 +- .../com/meiyou/bigwhale/config/SshConfig.java | 4 +- .../meiyou/bigwhale/config/YarnConfig.java | 4 +- .../bigwhale/controller/StreamController.java | 9 ++-- .../controller/admin/auth/AuthController.java | 9 ++-- .../AbstractPagingAndSortingService.java | 7 +-- .../meiyou/bigwhale/security/LoginUser.java | 15 ++++-- .../WebSecurityConfigurerAdaptor.java | 47 ++++++++----------- src/main/resources/application.yml | 2 +- src/main/resources/templates/index.html | 2 +- 10 files changed, 47 insertions(+), 56 deletions(-) diff --git a/src/main/java/com/meiyou/bigwhale/config/DingdingConfig.java b/src/main/java/com/meiyou/bigwhale/config/DingdingConfig.java index 8b2f0b1..b1bdf6f 100644 --- a/src/main/java/com/meiyou/bigwhale/config/DingdingConfig.java +++ b/src/main/java/com/meiyou/bigwhale/config/DingdingConfig.java @@ -1,14 +1,14 @@ package com.meiyou.bigwhale.config; import org.springframework.boot.context.properties.ConfigurationProperties; -import org.springframework.stereotype.Component; +import org.springframework.context.annotation.Configuration; /** * @author Suxy * @date 2019/11/8 * @description file description */ -@Component +@Configuration @ConfigurationProperties(prefix = "big-whale.dingding") public class DingdingConfig { diff --git a/src/main/java/com/meiyou/bigwhale/config/SshConfig.java b/src/main/java/com/meiyou/bigwhale/config/SshConfig.java index 12d30d1..7abf957 100644 --- a/src/main/java/com/meiyou/bigwhale/config/SshConfig.java +++ b/src/main/java/com/meiyou/bigwhale/config/SshConfig.java @@ -1,14 +1,14 @@ package com.meiyou.bigwhale.config; import org.springframework.boot.context.properties.ConfigurationProperties; -import org.springframework.stereotype.Component; +import org.springframework.context.annotation.Configuration; import org.springframework.util.Assert; /** * @author progr1mmer * @date Created on 2020/3/18 */ -@Component +@Configuration @ConfigurationProperties(prefix = "big-whale.ssh") public class SshConfig { diff --git a/src/main/java/com/meiyou/bigwhale/config/YarnConfig.java b/src/main/java/com/meiyou/bigwhale/config/YarnConfig.java index c840158..fda2265 100644 --- a/src/main/java/com/meiyou/bigwhale/config/YarnConfig.java +++ b/src/main/java/com/meiyou/bigwhale/config/YarnConfig.java @@ -1,7 +1,7 @@ package com.meiyou.bigwhale.config; import org.springframework.boot.context.properties.ConfigurationProperties; -import org.springframework.stereotype.Component; +import org.springframework.context.annotation.Configuration; import java.util.ArrayList; import java.util.List; @@ -11,7 +11,7 @@ import java.util.List; * @date 2019/11/8 * @description file description */ -@Component +@Configuration @ConfigurationProperties(prefix = "big-whale.yarn") public class YarnConfig { diff --git a/src/main/java/com/meiyou/bigwhale/controller/StreamController.java b/src/main/java/com/meiyou/bigwhale/controller/StreamController.java index d61cedb..a330fe6 100644 --- a/src/main/java/com/meiyou/bigwhale/controller/StreamController.java +++ b/src/main/java/com/meiyou/bigwhale/controller/StreamController.java @@ -152,11 +152,12 @@ public class StreamController extends BaseController { @RequestMapping(value = "/delete.api", method = RequestMethod.POST) public Msg delete(@RequestBody DtoScript req) { Script script = scriptService.findById(req.getId()); - if (script != null) { - Monitor monitor = monitorService.findById(script.getMonitorId()); - SchedulerUtils.deleteJob(monitor.getId(), Constant.JobGroup.MONITOR); - scriptService.delete(script); + if (script == null) { + return failed(); } + Monitor monitor = monitorService.findById(script.getMonitorId()); + SchedulerUtils.deleteJob(monitor.getId(), Constant.JobGroup.MONITOR); + scriptService.delete(script); return success(); } diff --git a/src/main/java/com/meiyou/bigwhale/controller/admin/auth/AuthController.java b/src/main/java/com/meiyou/bigwhale/controller/admin/auth/AuthController.java index f87209b..6246028 100644 --- a/src/main/java/com/meiyou/bigwhale/controller/admin/auth/AuthController.java +++ b/src/main/java/com/meiyou/bigwhale/controller/admin/auth/AuthController.java @@ -4,13 +4,12 @@ import com.meiyou.bigwhale.common.Constant; import com.meiyou.bigwhale.common.pojo.Msg; import com.meiyou.bigwhale.controller.BaseController; import com.meiyou.bigwhale.entity.auth.*; +import com.meiyou.bigwhale.security.LoginUser; import com.meiyou.bigwhale.service.MonitorService; import com.meiyou.bigwhale.service.ScheduleService; import com.meiyou.bigwhale.service.auth.*; import com.meiyou.bigwhale.util.SchedulerUtils; import org.springframework.beans.factory.annotation.Autowired; -import org.springframework.security.crypto.password.PasswordEncoder; -import org.springframework.security.crypto.password.StandardPasswordEncoder; import org.springframework.web.bind.annotation.RequestBody; import org.springframework.web.bind.annotation.RequestMapping; import org.springframework.web.bind.annotation.RequestMethod; @@ -42,8 +41,6 @@ public class AuthController extends BaseController { @Autowired private MonitorService monitorService; - private PasswordEncoder passwordEncoder = new StandardPasswordEncoder(); - @RequestMapping(value = "/resource/list.api", method = RequestMethod.GET) public Msg resourceList() { Iterable resources = resourceService.findAll(); @@ -151,7 +148,7 @@ public class AuthController extends BaseController { return failed("用户已存在"); } req.setCreateTime(now); - req.setPassword(passwordEncoder.encode(req.getPassword())); + req.setPassword(LoginUser.PASSWORD_ENCODER.encode(req.getPassword())); } else { User dbUser = userService.findById(req.getId()); if (dbUser == null) { @@ -159,7 +156,7 @@ public class AuthController extends BaseController { } //修改密码 if (!dbUser.getPassword().equals(req.getPassword())) { - req.setPassword(passwordEncoder.encode(req.getPassword())); + req.setPassword(LoginUser.PASSWORD_ENCODER.encode(req.getPassword())); } } req.setUpdateTime(now); diff --git a/src/main/java/com/meiyou/bigwhale/data/service/AbstractPagingAndSortingService.java b/src/main/java/com/meiyou/bigwhale/data/service/AbstractPagingAndSortingService.java index afaa370..119cac0 100644 --- a/src/main/java/com/meiyou/bigwhale/data/service/AbstractPagingAndSortingService.java +++ b/src/main/java/com/meiyou/bigwhale/data/service/AbstractPagingAndSortingService.java @@ -11,7 +11,6 @@ import java.lang.reflect.Constructor; import java.lang.reflect.Field; import java.lang.reflect.ParameterizedType; import java.lang.reflect.Type; -import java.text.DateFormat; import java.text.SimpleDateFormat; import java.util.regex.Pattern; @@ -25,8 +24,6 @@ public abstract class AbstractPagingAndSortingService clazz; @@ -122,10 +119,10 @@ public abstract class AbstractPagingAndSortingService resources = new HashMap<>(); + private Map> resources = new HashMap<>(); - public LoginUser(Integer id, boolean root, String username, String password, Collection authorities) { + public LoginUser(String username, String password, Collection authorities, Integer id, boolean root) { super(username, password, authorities); this.id = id; this.root = root; } - public LoginUser(Integer id, boolean root, String username, String password, boolean enabled, boolean accountNonExpired, boolean credentialsNonExpired, boolean accountNonLocked, Collection authorities) { + public LoginUser(String username, String password, boolean enabled, boolean accountNonExpired, boolean credentialsNonExpired, boolean accountNonLocked, Collection authorities, Integer id, boolean root) { super(username, password, enabled, accountNonExpired, credentialsNonExpired, accountNonLocked, authorities); this.id = id; this.root = root; @@ -38,11 +43,11 @@ public class LoginUser extends User { return root; } - public Map getResources() { + public Map> getResources() { return resources; } - public void setResources(Map resources) { + public void setResources(Map> resources) { this.resources = resources; } diff --git a/src/main/java/com/meiyou/bigwhale/security/WebSecurityConfigurerAdaptor.java b/src/main/java/com/meiyou/bigwhale/security/WebSecurityConfigurerAdaptor.java index 0ce154d..6c4e29a 100644 --- a/src/main/java/com/meiyou/bigwhale/security/WebSecurityConfigurerAdaptor.java +++ b/src/main/java/com/meiyou/bigwhale/security/WebSecurityConfigurerAdaptor.java @@ -1,6 +1,5 @@ package com.meiyou.bigwhale.security; -import org.apache.commons.lang.StringUtils; import org.springframework.jdbc.core.JdbcTemplate; import org.springframework.security.authentication.BadCredentialsException; import org.springframework.security.config.annotation.authentication.builders.AuthenticationManagerBuilder; @@ -14,7 +13,6 @@ import org.springframework.security.core.authority.AuthorityUtils; import org.springframework.security.core.authority.SimpleGrantedAuthority; import org.springframework.security.core.userdetails.UserDetails; import org.springframework.security.core.userdetails.jdbc.JdbcDaoImpl; -import org.springframework.security.crypto.password.StandardPasswordEncoder; import org.springframework.security.web.access.AccessDeniedHandler; import org.springframework.security.web.authentication.AuthenticationFailureHandler; import org.springframework.security.web.authentication.AuthenticationSuccessHandler; @@ -23,7 +21,6 @@ import org.springframework.util.AntPathMatcher; import javax.annotation.Resource; import javax.servlet.http.HttpServletRequest; import java.util.*; -import java.util.stream.Stream; /** * @author Suxy @@ -35,12 +32,11 @@ public class WebSecurityConfigurerAdaptor extends WebSecurityConfigurerAdapter { private AntPathMatcher antPathMatcher = new AntPathMatcher(); - private final String[] authPath = new String[]{"/auth/**", "/admin/**", "/api/**"}; + private final String[] authPath = new String[]{"/auth/**", "/admin/**"}; @Resource private JdbcTemplate jdbcTemplate; - @Override protected void configure(HttpSecurity http) throws Exception { http.csrf().disable(); @@ -55,7 +51,7 @@ public class WebSecurityConfigurerAdaptor extends WebSecurityConfigurerAdapter { //授权 http.exceptionHandling().accessDeniedHandler(accessDeniedHandler()); //退出 - http.logout().logoutUrl("/logout.html").permitAll().invalidateHttpSession(true); + http.logout().logoutUrl("/logout").permitAll().invalidateHttpSession(true); } @Override @@ -65,8 +61,7 @@ public class WebSecurityConfigurerAdaptor extends WebSecurityConfigurerAdapter { "/libs/**", "/css/**", "/js/**", - "/img/**", - "/openapi/**" + "/img/**" ); } @@ -76,7 +71,7 @@ public class WebSecurityConfigurerAdaptor extends WebSecurityConfigurerAdapter { userDetailsService.setJdbcTemplate(jdbcTemplate); userDetailsService.setUsersByUsernameQuery("select username,password,enabled,id,root from auth_user where username = ?"); userDetailsService.setAuthoritiesByUsernameQuery("select username,role from auth_user_role where username = ?"); - auth.userDetailsService(userDetailsService).passwordEncoder(new StandardPasswordEncoder()); + auth.userDetailsService(userDetailsService).passwordEncoder(LoginUser.PASSWORD_ENCODER); } public boolean hasPermission(HttpServletRequest request, Authentication authentication) { @@ -85,14 +80,8 @@ public class WebSecurityConfigurerAdaptor extends WebSecurityConfigurerAdapter { if (((LoginUser) principal).isRoot()) { return true; } - for (String url : ((LoginUser) principal).getResources().values()) { - if (url.contains(",")) { - for (String part : url.split(",")) { - if (antPathMatcher.match(part, request.getRequestURI())) { - return true; - } - } - } else { + for (List urls : ((LoginUser) principal).getResources().values()) { + for (String url : urls) { if (antPathMatcher.match(url, request.getRequestURI())) { return true; } @@ -113,21 +102,23 @@ public class WebSecurityConfigurerAdaptor extends WebSecurityConfigurerAdapter { principal.getAuthorities().forEach(grantedAuthority -> roles.append("\'").append(grantedAuthority.getAuthority()).append("\'").append(",")); String sql = String.format(defRoleResourceByRoleCode, roles.substring(0, roles.length() - 1)); List> roleResourcesList = jdbcTemplate.queryForList(sql); - Map roleResourcesMap = new HashMap<>(); + Map> resources = new HashMap<>(); String contextPath = httpServletRequest.getContextPath(); roleResourcesList.forEach(item -> { String resource = item.get("resource") != null ? (String) item.get("resource") : ""; - String url = ""; + List urls = new ArrayList<>(); if (item.get("url") != null) { - url = StringUtils.join(Stream.of(item.get("url").toString().split(",")).map(u -> contextPath + u).toArray(), ","); + for (String u : item.get("url").toString().split(",")) { + urls.add(contextPath + u); + } } - roleResourcesMap.put(resource, url); + resources.put(resource, urls); }); - principal.setResources(roleResourcesMap); + principal.setResources(resources); } httpServletRequest.getSession().setAttribute("user", principal); httpServletResponse.setContentType("application/json;charset=UTF-8"); - httpServletResponse.getWriter().write("{\"code\": 0, \"msg\": \"" + principal.getUsername() + "\"}"); + httpServletResponse.getWriter().write("{\"code\": 0, \"msg\": \"登录成功\", \"content\": \"" + principal.getUsername() + "\"}"); }; } @@ -135,9 +126,9 @@ public class WebSecurityConfigurerAdaptor extends WebSecurityConfigurerAdapter { return (httpServletRequest, httpServletResponse, e) -> { httpServletResponse.setContentType("application/json;charset=UTF-8"); if (e instanceof BadCredentialsException) { - httpServletResponse.getWriter().write("{\"code\": -1, \"msg\": \"账号或密码错误\"}"); + httpServletResponse.getWriter().write("{\"code\": -1, \"msg\": \"账号或密码错误\", \"content\": null}"); } else { - httpServletResponse.getWriter().write("{\"code\": -1, \"msg\": \"账号状态异常,请联系管理员\"}"); + httpServletResponse.getWriter().write("{\"code\": -1, \"msg\": \"账号状态异常,请联系管理员\", \"content\": null}"); } }; } @@ -145,7 +136,7 @@ public class WebSecurityConfigurerAdaptor extends WebSecurityConfigurerAdapter { private AccessDeniedHandler accessDeniedHandler() { return (httpServletRequest, httpServletResponse, e) -> { httpServletResponse.setContentType("application/json;charset=UTF-8"); - httpServletResponse.getWriter().write("{\"code\": -1, \"msg\": \"无权访问\"}"); + httpServletResponse.getWriter().write("{\"code\": -1, \"msg\": \"无权访问\", \"content\": null}"); }; } @@ -159,7 +150,7 @@ public class WebSecurityConfigurerAdaptor extends WebSecurityConfigurerAdapter { boolean enabled = rs.getBoolean(3); Integer id = rs.getInt(4); boolean root = rs.getBoolean(5); - return new LoginUser(id, root, username1, password, enabled, true, true, true, AuthorityUtils.NO_AUTHORITIES); + return new LoginUser(username1, password, enabled, true, true, true, AuthorityUtils.NO_AUTHORITIES, id, root); }); } @@ -180,7 +171,7 @@ public class WebSecurityConfigurerAdaptor extends WebSecurityConfigurerAdapter { } Integer id = ((LoginUser) userFromUserQuery).getId(); boolean root = ((LoginUser) userFromUserQuery).isRoot(); - return new LoginUser(id, root, returnUsername, userFromUserQuery.getPassword(), userFromUserQuery.isEnabled(), true, true, true, combinedAuthorities); + return new LoginUser(returnUsername, userFromUserQuery.getPassword(), userFromUserQuery.isEnabled(), true, true, true, combinedAuthorities, id, root); } } diff --git a/src/main/resources/application.yml b/src/main/resources/application.yml index 51e52fe..3b3c713 100644 --- a/src/main/resources/application.yml +++ b/src/main/resources/application.yml @@ -3,7 +3,7 @@ server: servlet: context-path: / session: - timeout: Pt30m + timeout: Pt4h cookie: name: JSESSIONID_BW diff --git a/src/main/resources/templates/index.html b/src/main/resources/templates/index.html index 5f189d3..d9cb14d 100644 --- a/src/main/resources/templates/index.html +++ b/src/main/resources/templates/index.html @@ -55,7 +55,7 @@
- 退出 + 退出
-- Gitee