Commit 6b0b03c0 by 宋祥

Merge branch 'dev-sx' of http://git.pseer.com:8800/platform/hg-smart into dev

 Conflicts:
	pom.xml
parents dba3e65a 5b2b2ac9
package com.baosight.xservices.xs.service;
import com.baosight.iplat4j.core.ei.EiBlock;
import com.baosight.iplat4j.core.ei.EiConstant;
import com.baosight.iplat4j.core.ei.EiInfo;
import com.baosight.iplat4j.core.log.xeye.entity.XEyeEntity;
import com.baosight.iplat4j.core.service.impl.ServiceEPBase;
import com.baosight.iplat4j.core.service.soa.XEventManager;
import com.baosight.iplat4j.core.util.DateUtils;
import com.baosight.xservices.xs.common.AuthInfoManager;
import com.baosight.xservices.xs.util.XSServiceUtils;
import java.util.ArrayList;
import java.util.HashMap;
import java.util.List;
import java.util.Map;
import org.apache.commons.collections.CollectionUtils;
import org.apache.commons.lang.StringUtils;
import org.apache.logging.log4j.LogManager;
import org.apache.logging.log4j.Logger;
/**
*
* @author:songx
* @date:2024/10/12,14:30
*/
public class ServiceXSAuthorizationManage extends ServiceEPBase {
private static final Logger logger = LogManager.getLogger(ServiceXSAuthorizationManage.class);
public ServiceXSAuthorizationManage() {
}
public EiInfo insertAuthorization(EiInfo inInfo) {
boolean ignoreDuplicate = "true".equals(inInfo.get("ignoreDuplicate"));
XSServiceUtils.apiDataHandleDecorator(inInfo);
if (inInfo.getStatus() == -1) {
return inInfo;
} else {
StringBuilder buffer = new StringBuilder();
StringBuilder detail = new StringBuilder();
List insertedAuthList = new ArrayList();
EiBlock eiBlock = inInfo.getBlock("result");
int rowCount = eiBlock.getRowCount();
List errorMsgList = new ArrayList();
for(int i = 0; i < rowCount; ++i) {
Map<String, Object> inInfoRowMap = eiBlock.getRow(i);
String subjectId = (String)inInfoRowMap.get("subjectId");
String subjectEname = (String)inInfoRowMap.get("subjectEname");
String subjectType = (String)inInfoRowMap.get("subjectType");
String objectId = (String)inInfoRowMap.get("objectId");
String objectEname = (String)inInfoRowMap.get("objectEname");
String objectType = (String)inInfoRowMap.get("objectType");
String operationType = (String)inInfoRowMap.get("operationType");
Object recCreator = inInfoRowMap.get("recCreator");
if ("".equals(subjectId) & StringUtils.isBlank(subjectEname) || "".equals(subjectType) || "".equals(objectId) & StringUtils.isBlank(objectEname) || "".equals(objectType) || "".equals(operationType)) {
inInfo.setMsg("新增第" + (i + 1) + "条记录失败,授权主客体ID,类别及操作类别均不能为空\n");
inInfo.setStatus(-1);
return inInfo;
}
if (recCreator == null) {
inInfo.setMsg("新增第" + (i + 1) + "条记录失败,新增操作人recCreator不能为空\n");
inInfo.setStatus(-1);
return inInfo;
}
Map<String, String> queryMap = new HashMap();
queryMap.put("subjectEname", subjectEname);
String table;
String column;
String archiveFlag;
String recRevisor;
if (StringUtils.isBlank(subjectId)) {
byte var24 = -1;
switch(subjectType.hashCode()) {
case -970063637:
if (subjectType.equals("USER_GROUP")) {
var24 = 1;
}
break;
case 2614219:
if (subjectType.equals("USER")) {
var24 = 0;
}
}
switch(var24) {
case 0:
table = "XS_USER";
column = "LOGIN_NAME";
archiveFlag = "USER_ID";
break;
case 1:
table = "XS_USER_GROUP";
column = "GROUP_ENAME";
archiveFlag = "ID";
break;
default:
table = "";
column = "";
archiveFlag = "";
}
queryMap.put("table", table);
queryMap.put("conditionColumn", column);
queryMap.put("valueColumn", archiveFlag);
List subject = this.dao.query("XS07.querySubjectByEname", queryMap);
if (subject.size() == 0) {
recRevisor = "新增第" + (i + 1) + "条记录失败,传入的授权主体[" + subjectEname + "]不存在\n";
if (!ignoreDuplicate) {
inInfo.setMsg(recRevisor);
inInfo.setStatus(-1);
inInfoRowMap.put("subjectId", "");
inInfoRowMap.put("objectId", "");
return inInfo;
}
errorMsgList.add(recRevisor);
continue;
}
subjectId = (String)((Map)subject.get(0)).get("subjectId");
inInfoRowMap.put("subjectId", subjectId);
}
String errorMsg;
if (StringUtils.isBlank(objectId)) {
byte var36 = -1;
switch(objectType.hashCode()) {
case -973253906:
if (objectType.equals("RESOURCE_GROUP")) {
var36 = 1;
}
break;
case 441562126:
if (objectType.equals("RESOURCE")) {
var36 = 0;
}
}
switch(var36) {
case 0:
table = "XS_RESOURCE";
column = "RESOURCE_ENAME";
break;
case 1:
table = "XS_RESOURCE_GROUP";
column = "RESOURCE_GROUP_ENAME";
objectEname = objectEname.toUpperCase();
break;
default:
table = "";
column = "";
}
queryMap.put("objectEname", objectEname);
queryMap.put("table", table);
queryMap.put("conditionColumn", column);
List object = this.dao.query("XS07.queryObjectByEname", queryMap);
if (object.size() == 0) {
errorMsg = "新增第" + (i + 1) + "条记录失败,传入的授权客体[" + objectEname + "]不存在\n";
if (!ignoreDuplicate) {
inInfo.setMsg("新增第" + (i + 1) + "条记录失败,传入的授权客体[" + objectEname + "]不存在\n");
inInfo.setStatus(-1);
inInfoRowMap.put("subjectId", "");
inInfoRowMap.put("objectId", "");
return inInfo;
}
errorMsgList.add(errorMsg);
continue;
}
objectId = (String)((Map)object.get(0)).get("objectId");
inInfoRowMap.put("objectId", objectId);
}
try {
Map paramMap = new HashMap();
paramMap.put("subjectId", subjectId);
paramMap.put("objectId", objectId);
paramMap.put("operationType", operationType);
List list = this.dao.query("XS07.query", paramMap);
if (list != null && list.size() > 0) {
archiveFlag = "新增第" + (i + 1) + "条记录失败,该授权信息已存在\n";
if (!ignoreDuplicate) {
inInfo.setMsg(archiveFlag);
inInfo.setStatus(-1);
inInfoRowMap.put("subjectId", "");
inInfoRowMap.put("objectId", "");
return inInfo;
}
errorMsgList.add(archiveFlag);
} else {
inInfoRowMap.put("recCreateTime", DateUtils.curDateTimeStr14());
archiveFlag = (String)inInfoRowMap.get("archiveFlag");
errorMsg = (String)inInfoRowMap.get("sortIndex");
if (null == archiveFlag || "".equals(archiveFlag)) {
archiveFlag = "0";
inInfoRowMap.put("archiveFlag", archiveFlag);
}
if (null == errorMsg || StringUtils.isBlank(errorMsg)) {
inInfoRowMap.put("sortIndex", 0);
}
recRevisor = (String)inInfoRowMap.get("recRevisor");
String recReviseTime = (String)inInfoRowMap.get("recReviseTime");
if (!"".equals(recRevisor)) {
inInfoRowMap.put("recRevisor", " ");
}
if (!"".equals(recReviseTime)) {
inInfoRowMap.put("recReviseTime", " ");
}
this.dao.insert("XS07.insert", inInfoRowMap);
Map map = new HashMap();
map.put("subjectId", subjectId);
map.put("objectId", objectId);
List insertAuthList = this.dao.query("XS07.query", map);
Map insertAuthMap = (Map)insertAuthList.get(0);
insertedAuthList.add(insertAuthMap);
String subjectName = this.getSubjectName(subjectType, subjectId);
String objectName = this.getSubjectName(objectType, objectId);
AuthInfoManager.clearSubjectAuth(subjectName);
XEyeEntity xEyeEntity = new XEyeEntity();
xEyeEntity.setLogId("1104");
xEyeEntity.setLogName("授予权限");
xEyeEntity.setInvokeInfo(recCreator.toString() + "在" + DateUtils.curDateStr("yyyy-MM-dd HH:mm:ss") + "为 " + subjectName + " 授予了访问 " + objectName + " 的权限");
xEyeEntity.setStatus(inInfo.getStatus() + "");
xEyeEntity.set("x_xs_si", subjectId);
xEyeEntity.set("x_xs_oi", objectId);
xEyeEntity.set("x_xs_on", inInfoRowMap.get("recCreator"));
xEyeEntity.set("x_xs_sn", subjectName);
xEyeEntity.set("x_xs_obn", objectName);
this.log(xEyeEntity);
}
} catch (Exception var32) {
buffer.append("新增第" + (i + 1) + "条记录失败\n" + var32.getMessage());
inInfo.setStatus(-1);
detail.append(var32.getMessage());
inInfoRowMap.put("subjectId", "");
logger.error(var32.getMessage());
inInfo.setMsg(detail.toString());
return inInfo;
}
}
buffer.append("新增").append(rowCount).append("条记录成功\n");
if (inInfo.getStatus() != -1) {
inInfo.setStatus(1);
}
inInfo.set("errorMsgList", errorMsgList);
inInfo.setMsg(buffer.toString());
inInfo.setDetailMsg(detail.toString());
if (insertedAuthList.size() > 0) {
EiInfo eiInfo = new EiInfo();
eiInfo.set("list", insertedAuthList);
eiInfo.set(EiConstant.eventId, "E_XS_45");
EiInfo outInfo = XEventManager.call(eiInfo);
if (outInfo.getStatus() < 0) {
buffer.append("新增授权失败\n").append(outInfo.getMsg());
inInfo.setStatus(-1);
detail.append(outInfo.getDetailMsg());
}
}
return inInfo;
}
}
public EiInfo deleteAuthorization(EiInfo inInfo) {
boolean ignoreDuplicate = "true".equals(inInfo.get("ignoreDuplicate"));
XSServiceUtils.apiDataHandleDecorator(inInfo);
if (inInfo.getStatus() == -1) {
return inInfo;
} else {
List ExceptionInfoList = new ArrayList();
Boolean ignoreError = "true".equals(inInfo.getString("ignoreError"));
StringBuilder buffer = new StringBuilder();
StringBuilder detail = new StringBuilder();
List deletedAuthList = new ArrayList();
List errorMsgList = new ArrayList();
EiBlock eiBlock = inInfo.getBlock("result");
int rowCount = eiBlock.getRowCount();
int i;
for(i = 0; i < rowCount; ++i) {
Map<String, Object> inInfoRowMap = eiBlock.getRow(i);
String subjectId = (String)inInfoRowMap.get("subjectId");
String subjectEname = (String)inInfoRowMap.get("subjectEname");
String subjectType = (String)inInfoRowMap.get("subjectType");
String objectId = (String)inInfoRowMap.get("objectId");
String objectEname = (String)inInfoRowMap.get("objectEname");
String objectType = (String)inInfoRowMap.get("objectType");
String operationType = (String)inInfoRowMap.get("operationType");
Object recRevisor = inInfoRowMap.get("recRevisor");
if (!("".equals(subjectId) & StringUtils.isBlank(subjectEname)) && !"".equals(subjectType) && !("".equals(objectId) & StringUtils.isBlank(objectEname)) && !"".equals(objectType) && !"".equals(operationType)) {
if (recRevisor == null) {
if (!ignoreError) {
inInfo.setMsg("新增第" + (i + 1) + "条记录失败,删除操作人recRevisor不能为空\n");
inInfo.setStatus(-1);
return inInfo;
}
ExceptionInfoList.add("第" + (i + 1) + "行数据异常:新增第" + (i + 1) + "条记录失败,删除操作人recRevisor不能为空\n");
} else {
Map<String, String> queryMap = new HashMap();
queryMap.put("subjectEname", subjectEname);
String table;
String column;
String subjectName;
if (StringUtils.isBlank(subjectId)) {
byte var26 = -1;
switch(subjectType.hashCode()) {
case -970063637:
if (subjectType.equals("USER_GROUP")) {
var26 = 1;
}
break;
case 2614219:
if (subjectType.equals("USER")) {
var26 = 0;
}
}
switch(var26) {
case 0:
table = "XS_USER";
column = "LOGIN_NAME";
subjectName = "USER_ID";
break;
case 1:
table = "XS_USER_GROUP";
column = "GROUP_ENAME";
subjectName = "ID";
break;
default:
table = "";
column = "";
subjectName = "";
}
queryMap.put("table", table);
queryMap.put("conditionColumn", column);
queryMap.put("valueColumn", subjectName);
List subject = this.dao.query("XS07.querySubjectByEname", queryMap);
if (subject.size() == 0) {
String errorMsg = "新增第" + (i + 1) + "条记录失败,传入的授权主体[" + subjectEname + "]不存在\n";
if (ignoreDuplicate) {
errorMsgList.add(errorMsg);
} else {
if (!ignoreError) {
inInfo.setMsg(errorMsg);
inInfo.setStatus(-1);
inInfoRowMap.put("subjectId", "");
inInfoRowMap.put("objectId", "");
return inInfo;
}
ExceptionInfoList.add("第" + (i + 1) + "行数据异常:" + errorMsg);
}
continue;
}
subjectId = (String)((Map)subject.get(0)).get("subjectId");
inInfoRowMap.put("subjectId", subjectId);
}
String errorMsg;
if (StringUtils.isBlank(objectId)) {
byte var31 = -1;
switch(objectType.hashCode()) {
case -973253906:
if (objectType.equals("RESOURCE_GROUP")) {
var31 = 1;
}
break;
case 441562126:
if (objectType.equals("RESOURCE")) {
var31 = 0;
}
}
switch(var31) {
case 0:
table = "XS_RESOURCE";
column = "RESOURCE_ENAME";
break;
case 1:
table = "XS_RESOURCE_GROUP";
column = "RESOURCE_GROUP_ENAME";
objectEname = objectEname.toUpperCase();
break;
default:
table = "";
column = "";
}
queryMap.put("objectEname", objectEname);
queryMap.put("table", table);
queryMap.put("conditionColumn", column);
List object = this.dao.query("XS07.queryObjectByEname", queryMap);
if (object.size() == 0) {
errorMsg = "新增第" + (i + 1) + "条记录失败,传入的授权客体[" + objectEname + "]不存在\n";
if (ignoreDuplicate) {
errorMsgList.add(errorMsg);
} else {
if (!ignoreError) {
inInfo.setMsg(errorMsg);
inInfo.setStatus(-1);
inInfoRowMap.put("subjectId", "");
inInfoRowMap.put("objectId", "");
return inInfo;
}
ExceptionInfoList.add("第" + (i + 1) + "行数据异常:" + errorMsg);
}
continue;
}
objectId = (String)((Map)object.get(0)).get("objectId");
inInfoRowMap.put("objectId", objectId);
}
try {
Map map = new HashMap();
map.put("subjectId", subjectId);
map.put("objectId", objectId);
List deleteAuthList = this.dao.query("XS07.query", map);
if (deleteAuthList.size() > 0) {
Map deleteAuthMap = (Map)deleteAuthList.get(0);
deletedAuthList.add(deleteAuthMap);
this.dao.delete("XS07.delete", inInfoRowMap);
subjectName = this.getSubjectName(subjectType, subjectId);
errorMsg = this.getSubjectName(objectType, objectId);
XEyeEntity xEyeEntity = new XEyeEntity();
xEyeEntity.setLogId("1105");
xEyeEntity.setLogName("解除权限");
if ("ACCESS".equals(operationType)) {
operationType = "访问";
} else {
operationType = "管理";
}
AuthInfoManager.clearSubjectAuth(subjectName);
xEyeEntity.setInvokeInfo(inInfoRowMap.get("recRevisor") + "在" + DateUtils.curDateStr("yyyy-MM-dd HH:mm:ss") + "解除了 " + subjectName + operationType + errorMsg + " 的权限");
xEyeEntity.setStatus(inInfo.getStatus() + "");
xEyeEntity.set("x_xs_si", subjectId);
xEyeEntity.set("x_xs_oi", inInfoRowMap.get("objectId"));
xEyeEntity.set("x_xs_on", inInfoRowMap.get("recRevisor"));
xEyeEntity.set("x_xs_sn", subjectName);
xEyeEntity.set("x_xs_obn", errorMsg);
this.log(xEyeEntity);
}
} catch (Exception var27) {
buffer.append("删除第").append(i + 1).append("条记录失败!原因:").append(var27.getMessage()).append("\n");
detail.append(var27.getMessage());
inInfo.setStatus(-1);
inInfo.setMsg(buffer.toString());
logger.error(var27.getMessage());
return inInfo;
}
}
} else {
if (!ignoreError) {
inInfo.setMsg("删除第" + (i + 1) + "条记录失败,授权主客体ID,类别及操作类别均不能为空\n");
inInfo.setStatus(-1);
return inInfo;
}
ExceptionInfoList.add("第" + (i + 1) + "行数据异常:删除第" + (i + 1) + "条记录失败,授权主客体ID,类别及操作类别均不能为空\n");
}
}
if (ExceptionInfoList.size() > 0) {
for(i = 0; i < ExceptionInfoList.size(); ++i) {
detail.append(ExceptionInfoList.get(i));
}
buffer.append("删除" + (rowCount - ExceptionInfoList.size()) + "条记录成功\n");
} else {
buffer.append("删除" + rowCount + "条记录成功\n");
}
if (inInfo.getStatus() != -1) {
inInfo.setStatus(1);
}
inInfo.set("errorMsgList", errorMsgList);
inInfo.setMsg(buffer.toString());
inInfo.setDetailMsg(detail.toString());
if (deletedAuthList.size() > 0) {
EiInfo eiInfo = new EiInfo();
eiInfo.set("list", deletedAuthList);
eiInfo.set(EiConstant.eventId, "E_XS_46");
EiInfo outInfo = XEventManager.call(eiInfo);
if (outInfo.getStatus() < 0) {
buffer.append("删除授权失败\n").append(outInfo.getMsg());
inInfo.setStatus(-1);
detail.append(outInfo.getDetailMsg());
}
}
return inInfo;
}
}
private String getSubjectName(String subjectType, String subjectId) throws Exception {
try {
Map map = new HashMap();
String subjectName = null;
List subjectList = null;
if ("RESOURCE".equals(subjectType)) {
map.put("resourceId", subjectId);
subjectList = this.dao.query("XS04.query", map);
if (CollectionUtils.isEmpty(subjectList)) {
return "";
}
subjectName = ((Map) subjectList.get(0)).get("resourceEname").toString();
} else if ("RESOURCE_GROUP".equals(subjectType)) {
map.put("resourceGroupId", subjectId);
subjectList = this.dao.query("XS05.query", map);
subjectName = ((Map)subjectList.get(0)).get("resourceGroupEname").toString();
} else if ("USER_GROUP".equals(subjectType)) {
map.put("groupId", subjectId);
subjectList = this.dao.query("XS02.query", map);
subjectName = ((Map)subjectList.get(0)).get("groupEname").toString();
} else if ("USER".equals(subjectType)) {
map.put("userId", subjectId);
subjectList = this.dao.query("XS01.query", map);
subjectName = ((Map)subjectList.get(0)).get("loginName").toString();
} else {
subjectName = subjectId;
}
return subjectName;
} catch (IndexOutOfBoundsException var6) {
throw new Exception(" Query type[" + subjectType + "],id[" + subjectId + "]fail!");
}
}
public EiInfo clearAuthorizationCache(EiInfo inInfo) {
try {
AuthInfoManager.clearAuthInfo();
} catch (Exception var3) {
logger.error(var3);
inInfo.setStatus(-1);
inInfo.setMsg(var3.getMessage());
}
return inInfo;
}
}
...@@ -93,7 +93,8 @@ ...@@ -93,7 +93,8 @@
t1.rec_revisor as "recRevisor", t1.rec_revisor as "recRevisor",
t1.rec_revise_time as "recReviseTime", t1.rec_revise_time as "recReviseTime",
t1.archive_flag as "archiveFlag", t1.archive_flag as "archiveFlag",
t1.sort_index as "sortIndex" t1.sort_index as "sortIndex",
t7.type as "resourceType"
FROM ${platSchema}.XS_AUTHORIZATION t1 FROM ${platSchema}.XS_AUTHORIZATION t1
LEFT JOIN ${platSchema}.XS_USER_GROUP t2 ON t1.subject_id=t2.ID LEFT JOIN ${platSchema}.XS_USER_GROUP t2 ON t1.subject_id=t2.ID
LEFT JOIN ${platSchema}.XS_USER t3 ON t1.subject_id = t3.USER_ID LEFT JOIN ${platSchema}.XS_USER t3 ON t1.subject_id = t3.USER_ID
......
...@@ -176,25 +176,41 @@ ...@@ -176,25 +176,41 @@
<EF:EFInput type="hidden" cname="授权客体类型" ename="objectType" row="0" <EF:EFInput type="hidden" cname="授权客体类型" ename="objectType" row="0"
blockId="inqu_status" blockId="inqu_status"
name="inqu_status-0-objectType" value=""/> name="inqu_status-0-objectType" value=""/>
<EF:EFInput cname="授权中文名" ename="objectName" row="0" blockId="inqu_status"/> <EF:EFInput cname="授权中文名" ename="objectName" row="0" blockId="inqu_status"
<EF:EFInput cname="授权英文名" ename="objectEname" row="0" blockId="inqu_status"/> colWidth="4"/>
<EF:EFInput cname="授权英文名" ename="objectEname" row="0" blockId="inqu_status"
colWidth="4"/>
<EF:EFSelect cname="资源类型" ename="resourceType" row="0" blockId="inqu_status"
colWidth="4">
<EF:EFOption label="全部" value=""/>
<EF:EFOption label="页面" value="PAGE"/>
<EF:EFOption label="按钮" value="BUTTON"/>
</EF:EFSelect>
</div> </div>
</EF:EFRegion> </EF:EFRegion>
<EF:EFGrid blockId="result3" autoDraw="no" autoBind="false" <EF:EFRegion id="result3" title="结果集">
queryMethod="queryResourceAndGroupByUserGroup" <EF:EFGrid blockId="result3" autoDraw="no" autoBind="false"
deleteMethod="deleteResourceAndGroupByUserGroup" queryMethod="queryResourceAndGroupByUserGroup"
updateMethod="updateResourceAndGroupByUserGroup"> deleteMethod="deleteResourceAndGroupByUserGroup"
<EF:EFColumn ename="subjectId" cname="授权主体id" readonly="true" primaryKey="true" updateMethod="updateResourceAndGroupByUserGroup">
hidden="true"/> <EF:EFColumn ename="subjectId" cname="授权主体id" readonly="true" primaryKey="true"
<EF:EFColumn ename="objectId" cname="授权客体id" readonly="true" hidden="true"/> hidden="true"/>
<EF:EFColumn ename="objectType" cname="授权客体类型" readonly="true" hidden="true"/> <EF:EFColumn ename="objectId" cname="授权客体id" readonly="true" hidden="true"/>
<EF:EFColumn ename="objectName" cname="授权中文名" readonly="true"/> <EF:EFColumn ename="objectType" cname="授权客体类型" readonly="true" hidden="true"/>
<EF:EFColumn ename="objectEname" cname="授权英文名" readonly="true"/> <EF:EFColumn ename="objectEname" cname="授权英文名" enable="false"/>
<EF:EFComboColumn cname="操作类型" ename="operationType" sourceName="operationTypeList" <EF:EFColumn ename="objectName" cname="授权中文名" enable="false"/>
textField="desc" readonly="false" <EF:EFComboColumn ename="resourceType" cname="资源类型" enable="false" width="80"
valueField="name" style="text-align:center;" copy="true"> align="center">
</EF:EFComboColumn> <EF:EFOption label="" value=""/>
</EF:EFGrid> <EF:EFOption label="页面" value="PAGE"/>
<EF:EFOption label="按钮" value="BUTTON"/>
</EF:EFComboColumn>
<EF:EFComboColumn cname="操作类型" ename="operationType" sourceName="operationTypeList"
textField="desc" readonly="false"
valueField="name" style="text-align:center;" copy="true">
</EF:EFComboColumn>
</EF:EFGrid>
</EF:EFRegion>
</div> </div>
</div> </div>
<%--<div id="resourceGroup" title="已授权资源组" value="RESOURCE_GROUP"> <%--<div id="resourceGroup" title="已授权资源组" value="RESOURCE_GROUP">
......
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment