潘钊 / control_service_data_Interface · Commits

Commit 4d8317153e14356b7b45cd572a05e36072d37e24

Authored by 王通
1 parent ccb15e34
build: skipped

1.

Inline Side-by-side
Showing 2 changed files with 102 additions and 74 deletions
src/main/java/com/bsth/entity/PasswordUser.java
  View file @4d83171
1   -package com.bsth.entity;
2   -
3   -import javax.persistence.*;
4   -import java.util.Date;
5   -
6   -/**
7   - * 接口 密码 访问用户
8   - * Created by panzhao on 2017/3/26.
9   - */
10   -@Entity
11   -@Table(name = "interface_user")
12   -public class PasswordUser {
13   -
14   - @Id
15   - @GeneratedValue
16   - private Integer id;
17   -
18   - /** 访问密码 */
19   - private String pwd;
20   -
21   - /** 调用方名称 */
22   - private String callName;
23   -
24   - /** 创建日期 */
25   - @Column(updatable = false, name = "create_date", columnDefinition = "TIMESTAMP DEFAULT CURRENT_TIMESTAMP")
26   - private Date createDate;
27   -
28   - /** 备注 */
29   - private String remark;
30   -
31   - public Integer getId() {
32   - return id;
33   - }
34   -
35   - public void setId(Integer id) {
36   - this.id = id;
37   - }
38   -
39   - public String getPwd() {
40   - return pwd;
41   - }
42   -
43   - public void setPwd(String pwd) {
44   - this.pwd = pwd;
45   - }
46   -
47   - public String getCallName() {
48   - return callName;
49   - }
50   -
51   - public void setCallName(String callName) {
52   - this.callName = callName;
53   - }
54   -
55   - public String getRemark() {
56   - return remark;
57   - }
58   -
59   - public void setRemark(String remark) {
60   - this.remark = remark;
61   - }
62   -
63   - public Date getCreateDate() {
64   - return createDate;
65   - }
66   -
67   - public void setCreateDate(Date createDate) {
68   - this.createDate = createDate;
69   - }
70   -}
  1 +package com.bsth.entity;
  2 +
  3 +import javax.persistence.*;
  4 +import java.util.Date;
  5 +import java.util.List;
  6 +
  7 +/**
  8 + * 接口 密码 访问用户
  9 + * Created by panzhao on 2017/3/26.
  10 + */
  11 +@Entity
  12 +@Table(name = "interface_user")
  13 +public class PasswordUser {
  14 +
  15 + @Id
  16 + @GeneratedValue
  17 + private Integer id;
  18 +
  19 + /** 访问密码 */
  20 + private String pwd;
  21 +
  22 + /** 调用方名称 */
  23 + private String callName;
  24 +
  25 + /** 创建日期 */
  26 + @Column(updatable = false, name = "create_date", columnDefinition = "TIMESTAMP DEFAULT CURRENT_TIMESTAMP")
  27 + private Date createDate;
  28 +
  29 + /** 备注 */
  30 + private String remark;
  31 +
  32 + @OneToMany(cascade = CascadeType.ALL, fetch = FetchType.EAGER)
  33 + @JoinTable(name = "interface_users_resources",
  34 + joinColumns = @JoinColumn(name = "user_id"),
  35 + inverseJoinColumns = @JoinColumn(name = "resource_id"))
  36 + private List<Resource> resources;
  37 +
  38 + public Integer getId() {
  39 + return id;
  40 + }
  41 +
  42 + public void setId(Integer id) {
  43 + this.id = id;
  44 + }
  45 +
  46 + public String getPwd() {
  47 + return pwd;
  48 + }
  49 +
  50 + public void setPwd(String pwd) {
  51 + this.pwd = pwd;
  52 + }
  53 +
  54 + public String getCallName() {
  55 + return callName;
  56 + }
  57 +
  58 + public void setCallName(String callName) {
  59 + this.callName = callName;
  60 + }
  61 +
  62 + public String getRemark() {
  63 + return remark;
  64 + }
  65 +
  66 + public void setRemark(String remark) {
  67 + this.remark = remark;
  68 + }
  69 +
  70 + public Date getCreateDate() {
  71 + return createDate;
  72 + }
  73 +
  74 + public void setCreateDate(Date createDate) {
  75 + this.createDate = createDate;
  76 + }
  77 +
  78 + public List<Resource> getResources() {
  79 + return resources;
  80 + }
  81 +
  82 + public void setResources(List<Resource> resources) {
  83 + this.resources = resources;
  84 + }
  85 +}
... ...
src/main/java/com/bsth/server_rs/AuthorizeInterceptor_IN.java
  View file @4d83171
1 1 package com.bsth.server_rs;
2 2  
3 3 import com.bsth.common.SystemParamKeys;
  4 +import com.bsth.entity.PasswordUser;
  5 +import com.bsth.entity.Resource;
4 6 import com.bsth.server_rs.exception.AesException;
5 7 import com.bsth.service.SystemParamService;
6 8 import com.bsth.service.UserService;
... ... @@ -18,6 +20,8 @@ import org.springframework.beans.factory.InitializingBean;
18 20 import org.springframework.context.ApplicationContext;
19 21 import org.springframework.context.ApplicationContextAware;
20 22 import org.springframework.stereotype.Component;
  23 +import org.springframework.util.AntPathMatcher;
  24 +import org.springframework.util.PathMatcher;
21 25  
22 26 import java.security.MessageDigest;
23 27 import java.util.Arrays;
... ... @@ -45,6 +49,8 @@ public class AuthorizeInterceptor_IN extends AbstractPhaseInterceptor&lt;Message&gt; i
45 49  
46 50 static Logger logger = LoggerFactory.getLogger(AuthorizeInterceptor_IN.class);
47 51  
  52 + private static PathMatcher matcher = new AntPathMatcher();
  53 +
48 54 public AuthorizeInterceptor_IN() {
49 55 super(Phase.RECEIVE);
50 56 }
... ... @@ -121,10 +127,17 @@ public class AuthorizeInterceptor_IN extends AbstractPhaseInterceptor&lt;Message&gt; i
121 127 }
122 128  
123 129 private static void validate(Map<String, String> map, Message message) {
124   - String limitPasswords = systemParamService.getValue(SystemParamKeys.LIMIT_PASSWORDS);
125   - String limitUris = systemParamService.getValue(SystemParamKeys.LIMIT_URIS);
126   - if (limitPasswords != null && limitPasswords.indexOf(String.format("%s,", map.get(PASSWORD))) > -1) {
127   - if (limitUris != null && limitUris.indexOf(String.format("%s,", message.get(Message.REQUEST_URI))) == -1) {
  130 + PasswordUser user = userService.get(map.get(PASSWORD));
  131 + if (user.getResources().size() > 0) {
  132 + boolean isMatch = false;
  133 + String uri = (String) message.get(Message.REQUEST_URI);
  134 + for (Resource resource : user.getResources()) {
  135 + if (matcher.match(resource.getUrl(), uri)) {
  136 + isMatch = true;
  137 + break;
  138 + }
  139 + }
  140 + if (!isMatch) {
128 141 throw new AesException(AesException.INVALID_URI);
129 142 }
130 143 }
... ...