cn.skcks.matrix.v2.config 添加 casbin 权限检查
日志级别调整
This commit is contained in:
parent
7f3eea86ad
commit
45df167315
@ -20,9 +20,10 @@
|
|||||||
<entry name="D:/Repository/maven/org/springframework/boot/spring-boot-configuration-processor/3.0.1/spring-boot-configuration-processor-3.0.1.jar" />
|
<entry name="D:/Repository/maven/org/springframework/boot/spring-boot-configuration-processor/3.0.1/spring-boot-configuration-processor-3.0.1.jar" />
|
||||||
</processorPath>
|
</processorPath>
|
||||||
<module name="annotation" />
|
<module name="annotation" />
|
||||||
<module name="starter" />
|
|
||||||
<module name="common" />
|
<module name="common" />
|
||||||
|
<module name="starter" />
|
||||||
<module name="auth" />
|
<module name="auth" />
|
||||||
|
<module name="model" />
|
||||||
<module name="api" />
|
<module name="api" />
|
||||||
<module name="orm" />
|
<module name="orm" />
|
||||||
<module name="services" />
|
<module name="services" />
|
||||||
@ -37,6 +38,7 @@
|
|||||||
<module name="auth" options="-parameters" />
|
<module name="auth" options="-parameters" />
|
||||||
<module name="casbin" options="-parameters" />
|
<module name="casbin" options="-parameters" />
|
||||||
<module name="common" options="-parameters" />
|
<module name="common" options="-parameters" />
|
||||||
|
<module name="model" options="-parameters" />
|
||||||
<module name="orm" options="-parameters" />
|
<module name="orm" options="-parameters" />
|
||||||
<module name="services" options="-parameters" />
|
<module name="services" options="-parameters" />
|
||||||
<module name="sk-matrix-service" options="-parameters" />
|
<module name="sk-matrix-service" options="-parameters" />
|
||||||
|
|||||||
@ -8,6 +8,7 @@
|
|||||||
<file url="file://$PROJECT_DIR$/casbin/src/main/java" charset="UTF-8" />
|
<file url="file://$PROJECT_DIR$/casbin/src/main/java" charset="UTF-8" />
|
||||||
<file url="file://$PROJECT_DIR$/common/src/main/java" charset="UTF-8" />
|
<file url="file://$PROJECT_DIR$/common/src/main/java" charset="UTF-8" />
|
||||||
<file url="file://$PROJECT_DIR$/common/src/main/resources" charset="UTF-8" />
|
<file url="file://$PROJECT_DIR$/common/src/main/resources" charset="UTF-8" />
|
||||||
|
<file url="file://$PROJECT_DIR$/model/src/main/java" charset="UTF-8" />
|
||||||
<file url="file://$PROJECT_DIR$/orm/src/main/java" charset="UTF-8" />
|
<file url="file://$PROJECT_DIR$/orm/src/main/java" charset="UTF-8" />
|
||||||
<file url="file://$PROJECT_DIR$/services/src/main/java" charset="UTF-8" />
|
<file url="file://$PROJECT_DIR$/services/src/main/java" charset="UTF-8" />
|
||||||
<file url="file://$PROJECT_DIR$/src/main/java" charset="UTF-8" />
|
<file url="file://$PROJECT_DIR$/src/main/java" charset="UTF-8" />
|
||||||
|
|||||||
@ -38,10 +38,18 @@ public class JsonResponse<T> {
|
|||||||
return JsonResponse.build(data, ResponseStatus.INTERNAL_SERVER_ERROR.getCode(), message);
|
return JsonResponse.build(data, ResponseStatus.INTERNAL_SERVER_ERROR.getCode(), message);
|
||||||
}
|
}
|
||||||
|
|
||||||
|
public static <T> JsonResponse<T> build(ResponseStatus status) {
|
||||||
|
return new JsonResponse<>(status.getCode(), status.getMessage(),null);
|
||||||
|
}
|
||||||
|
|
||||||
public static <T> JsonResponse<T> build(T data, ResponseStatus status) {
|
public static <T> JsonResponse<T> build(T data, ResponseStatus status) {
|
||||||
return new JsonResponse<>(status.getCode(), status.getMessage(), data);
|
return new JsonResponse<>(status.getCode(), status.getMessage(), data);
|
||||||
}
|
}
|
||||||
|
|
||||||
|
public static <T> JsonResponse<T> build(ResponseStatus status,String message) {
|
||||||
|
return new JsonResponse<>(status.getCode(), message, null);
|
||||||
|
}
|
||||||
|
|
||||||
public static <T> JsonResponse<T> build(T data, int status, String msg) {
|
public static <T> JsonResponse<T> build(T data, int status, String msg) {
|
||||||
return new JsonResponse<>(status, msg, data);
|
return new JsonResponse<>(status, msg, data);
|
||||||
}
|
}
|
||||||
|
|||||||
File diff suppressed because it is too large
Load Diff
60
backend/java/sk-matrix-service/model/pom.xml
Normal file
60
backend/java/sk-matrix-service/model/pom.xml
Normal file
@ -0,0 +1,60 @@
|
|||||||
|
<?xml version="1.0" encoding="UTF-8"?>
|
||||||
|
<project xmlns="http://maven.apache.org/POM/4.0.0"
|
||||||
|
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
|
||||||
|
xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/xsd/maven-4.0.0.xsd">
|
||||||
|
<modelVersion>4.0.0</modelVersion>
|
||||||
|
<parent>
|
||||||
|
<groupId>cn.skcks.matrix.v2</groupId>
|
||||||
|
<artifactId>sk-matrix-service</artifactId>
|
||||||
|
<version>1.0-SNAPSHOT</version>
|
||||||
|
</parent>
|
||||||
|
|
||||||
|
<artifactId>model</artifactId>
|
||||||
|
|
||||||
|
<properties>
|
||||||
|
<maven.compiler.source>17</maven.compiler.source>
|
||||||
|
<maven.compiler.target>17</maven.compiler.target>
|
||||||
|
<project.build.sourceEncoding>UTF-8</project.build.sourceEncoding>
|
||||||
|
</properties>
|
||||||
|
|
||||||
|
<dependencies>
|
||||||
|
<dependency>
|
||||||
|
<groupId>cn.skcks.matrix.v2</groupId>
|
||||||
|
<artifactId>common</artifactId>
|
||||||
|
<version>${project.version}</version>
|
||||||
|
</dependency>
|
||||||
|
|
||||||
|
<dependency>
|
||||||
|
<groupId>cn.skcks.matrix.v2</groupId>
|
||||||
|
<artifactId>orm</artifactId>
|
||||||
|
<version>${project.version}</version>
|
||||||
|
</dependency>
|
||||||
|
|
||||||
|
<!--MapStruct-->
|
||||||
|
<dependency>
|
||||||
|
<groupId>org.mapstruct</groupId>
|
||||||
|
<artifactId>mapstruct</artifactId>
|
||||||
|
</dependency>
|
||||||
|
<dependency>
|
||||||
|
<groupId>org.mapstruct</groupId>
|
||||||
|
<artifactId>mapstruct-processor</artifactId>
|
||||||
|
<scope>compile</scope>
|
||||||
|
</dependency>
|
||||||
|
|
||||||
|
<dependency>
|
||||||
|
<groupId>org.projectlombok</groupId>
|
||||||
|
<artifactId>lombok</artifactId>
|
||||||
|
</dependency>
|
||||||
|
|
||||||
|
<dependency>
|
||||||
|
<groupId>org.springframework.boot</groupId>
|
||||||
|
<artifactId>spring-boot-starter-validation</artifactId>
|
||||||
|
</dependency>
|
||||||
|
|
||||||
|
<dependency>
|
||||||
|
<groupId>org.springframework.boot</groupId>
|
||||||
|
<artifactId>spring-boot-starter-test</artifactId>
|
||||||
|
<scope>test</scope>
|
||||||
|
</dependency>
|
||||||
|
</dependencies>
|
||||||
|
</project>
|
||||||
@ -0,0 +1,7 @@
|
|||||||
|
package cn.skcks.matrix.v2;
|
||||||
|
|
||||||
|
public class Main {
|
||||||
|
public static void main(String[] args) {
|
||||||
|
System.out.println("Hello world!");
|
||||||
|
}
|
||||||
|
}
|
||||||
@ -25,6 +25,7 @@
|
|||||||
<module>api</module>
|
<module>api</module>
|
||||||
<module>auth</module>
|
<module>auth</module>
|
||||||
<module>services</module>
|
<module>services</module>
|
||||||
|
<module>model</module>
|
||||||
</modules>
|
</modules>
|
||||||
|
|
||||||
<properties>
|
<properties>
|
||||||
|
|||||||
@ -3,6 +3,8 @@ package cn.skcks.matrix.v2.config;
|
|||||||
import cn.skcks.matrix.v2.interceptor.AuthorizationInterceptor;
|
import cn.skcks.matrix.v2.interceptor.AuthorizationInterceptor;
|
||||||
import cn.skcks.matrix.v2.model.jwt.dto.Claims;
|
import cn.skcks.matrix.v2.model.jwt.dto.Claims;
|
||||||
import cn.skcks.matrix.v2.services.auth.AuthService;
|
import cn.skcks.matrix.v2.services.auth.AuthService;
|
||||||
|
import cn.skcks.matrix.v2.services.casbin.CasbinService;
|
||||||
|
import cn.skcks.matrix.v2.services.casbin.Permission;
|
||||||
import cn.skcks.matrix.v2.services.jwt.JwtService;
|
import cn.skcks.matrix.v2.services.jwt.JwtService;
|
||||||
import cn.skcks.matrix.v2.utils.json.JsonResponse;
|
import cn.skcks.matrix.v2.utils.json.JsonResponse;
|
||||||
import cn.skcks.matrix.v2.utils.json.ResponseStatus;
|
import cn.skcks.matrix.v2.utils.json.ResponseStatus;
|
||||||
@ -19,6 +21,7 @@ import org.springframework.web.servlet.config.annotation.WebMvcConfigurer;
|
|||||||
|
|
||||||
import java.io.IOException;
|
import java.io.IOException;
|
||||||
import java.nio.charset.StandardCharsets;
|
import java.nio.charset.StandardCharsets;
|
||||||
|
import java.util.List;
|
||||||
import java.util.Optional;
|
import java.util.Optional;
|
||||||
|
|
||||||
@Slf4j
|
@Slf4j
|
||||||
@ -30,9 +33,12 @@ public class WebConfig implements WebMvcConfigurer {
|
|||||||
private final JwtService jwtService;
|
private final JwtService jwtService;
|
||||||
private final AuthService authService;
|
private final AuthService authService;
|
||||||
|
|
||||||
private final static JsonResponse<String> NO_LOGIN = JsonResponse.build("未登录", ResponseStatus.UNAUTHORIZED);
|
private final CasbinService casbinService;
|
||||||
private final static JsonResponse<String> TOKEN_EXPIRE = JsonResponse.build("认证失效 请重新登录", ResponseStatus.UNAUTHORIZED);
|
|
||||||
|
|
||||||
|
private final static JsonResponse<String> NO_LOGIN = JsonResponse.build( ResponseStatus.UNAUTHORIZED,"未登录");
|
||||||
|
private final static JsonResponse<String> TOKEN_EXPIRE = JsonResponse.build(ResponseStatus.UNAUTHORIZED,"认证失效 请重新登录");
|
||||||
|
|
||||||
|
private final static JsonResponse<String> NO_PERMISSION = JsonResponse.build(ResponseStatus.FORBIDDEN,"无权访问");
|
||||||
|
|
||||||
@Override
|
@Override
|
||||||
public void addInterceptors(InterceptorRegistry registry) {
|
public void addInterceptors(InterceptorRegistry registry) {
|
||||||
@ -64,6 +70,19 @@ public class WebConfig implements WebMvcConfigurer {
|
|||||||
});
|
});
|
||||||
}
|
}
|
||||||
|
|
||||||
|
private String getSystem(HttpServletRequest request) {
|
||||||
|
return Optional.ofNullable(request.getHeader("system")).orElseGet(() -> {
|
||||||
|
if (request.getCookies() != null) {
|
||||||
|
for (Cookie cookie : request.getCookies()) {
|
||||||
|
if (cookie.getName().equals("system")) {
|
||||||
|
return cookie.getValue();
|
||||||
|
}
|
||||||
|
}
|
||||||
|
}
|
||||||
|
return CasbinService.DEFAULT_SYSTEM;
|
||||||
|
});
|
||||||
|
}
|
||||||
|
|
||||||
private boolean auth(HttpServletRequest request, HttpServletResponse response, Object handler) throws Exception {
|
private boolean auth(HttpServletRequest request, HttpServletResponse response, Object handler) throws Exception {
|
||||||
String token = getToken(request);
|
String token = getToken(request);
|
||||||
log.info("token => {}", token);
|
log.info("token => {}", token);
|
||||||
@ -86,6 +105,18 @@ public class WebConfig implements WebMvcConfigurer {
|
|||||||
return false;
|
return false;
|
||||||
}
|
}
|
||||||
|
|
||||||
return true;
|
|
||||||
|
String system = getSystem(request);
|
||||||
|
List<Permission> permissions = casbinService.getUserPermission(claims.getUserId(),system);
|
||||||
|
log.debug("用户 {} 拥有的权限数量 {}", claims.getUserId(),permissions.size());
|
||||||
|
for (Permission permission : permissions) {
|
||||||
|
log.info("permission {}", permission);
|
||||||
|
if(casbinService.enforce(permission.getName(),system,request.getRequestURI(),request.getMethod())){
|
||||||
|
return true;
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
|
writeResponse(response, NO_PERMISSION.getCode(), NO_PERMISSION);
|
||||||
|
return false;
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|||||||
@ -0,0 +1,54 @@
|
|||||||
|
<?xml version="1.0" encoding="UTF-8"?>
|
||||||
|
|
||||||
|
<configuration scan="true" scanPeriod="60 seconds" debug="false">
|
||||||
|
|
||||||
|
<contextName>logback</contextName>
|
||||||
|
<!--定义日志文件的存储地址 勿在 LogBack 的配置中使用相对路径-->
|
||||||
|
<!--<property name="log.path" value="./log/business_Log" />-->
|
||||||
|
|
||||||
|
<!--输出到控制台-->
|
||||||
|
<appender name="console" class="ch.qos.logback.core.ConsoleAppender">
|
||||||
|
<!-- <filter class="ch.qos.logback.classic.filter.ThresholdFilter">-->
|
||||||
|
<!-- <level>INFO</level>-->
|
||||||
|
<!-- </filter>-->
|
||||||
|
<!-- <withJansi>true</withJansi>-->
|
||||||
|
<encoder>
|
||||||
|
<!--<pattern>%d %p (%file:%line\)- %m%n</pattern>-->
|
||||||
|
<!--格式化输出:%d:表示日期 %thread:表示线程名 %-5level:级别从左显示5个字符宽度 %msg:日志消息 %n:是换行符-->
|
||||||
|
<pattern>%red(%d{yyyy-MM-dd HH:mm:ss.SSS}) %green([%thread]) %highlight(%-5level) %yellow(at %class.%method) (%file:%line\) - %cyan(%msg%n)</pattern>
|
||||||
|
<!--<pattern>%d{yyyy-MM-dd HH:mm:ss} [%thread] %magenta(%-5level) %green([%-50.50class]) >>> %cyan(%msg) %n</pattern>-->
|
||||||
|
<charset>UTF-8</charset>
|
||||||
|
</encoder>
|
||||||
|
</appender>
|
||||||
|
|
||||||
|
<!--<!–输出到文件–>-->
|
||||||
|
<!--<appender name="file" class="ch.qos.logback.core.rolling.RollingFileAppender">-->
|
||||||
|
<!-- <filter class="ch.qos.logback.classic.filter.ThresholdFilter">-->
|
||||||
|
<!-- <level>INFO</level>-->
|
||||||
|
<!-- </filter>-->
|
||||||
|
<!-- <file>${log.path}/logback.log</file>-->
|
||||||
|
<!-- <rollingPolicy class="ch.qos.logback.core.rolling.TimeBasedRollingPolicy">-->
|
||||||
|
<!-- <fileNamePattern>${log.path}/logback-%d{yyyy-MM-dd-HH-mm}.log</fileNamePattern>-->
|
||||||
|
<!-- <maxHistory>365</maxHistory>-->
|
||||||
|
<!-- <!– <timeBasedFileNamingAndTriggeringPolicy class="ch.qos.logback.core.rolling.SizeAndTimeBasedFNATP">–>-->
|
||||||
|
<!-- <!– <maxFileSize>100kB</maxFileSize>–>-->
|
||||||
|
<!-- <!– </timeBasedFileNamingAndTriggeringPolicy>–>-->
|
||||||
|
<!-- </rollingPolicy>-->
|
||||||
|
<!-- <encoder>-->
|
||||||
|
<!-- <!–格式化输出:%d:表示日期 %thread:表示线程名 %-5level:级别从左显示5个字符宽度 %msg:日志消息 %n:是换行符–>-->
|
||||||
|
<!-- <pattern>%d{yyyy-MM-dd HH:mm:ss} [%thread] %-5level %logger{36} - %msg%n</pattern>-->
|
||||||
|
<!-- <charset>UTF-8</charset>-->
|
||||||
|
<!-- </encoder>-->
|
||||||
|
<!--</appender>-->
|
||||||
|
|
||||||
|
<!-- 如果appender里没有限定日志级别,那么root可以统一设置,如果没有配置那么控制台和文件不会输出任何日志,这里root的level不做限制-->
|
||||||
|
<root level="INFO">
|
||||||
|
<!-- 允许控制台输出-->
|
||||||
|
<appender-ref ref="console" />
|
||||||
|
<!--<!– 允许文件输出–>-->
|
||||||
|
<!--<appender-ref ref="file" />-->
|
||||||
|
</root>
|
||||||
|
|
||||||
|
<logger name="cn.skcks.matrix.v2.config" level="DEBUG" />
|
||||||
|
<logger name="cn.skcks.matrix.v2.utils.redis" level="DEBUG" />
|
||||||
|
</configuration>
|
||||||
Loading…
Reference in New Issue
Block a user