Skip to content

T
test
Commit f0f8fa65 authored by 雍欢's avatar 雍欢
Browse files
Options

三员日志查看权限对应关系改为可配置(原为硬编码方式)。com.huigou.context.TmspmConifg.setLogAuthorities

parent 979001e0
Hide whitespace changes
Inline Side-by-side
Showing with 113 additions and 82 deletions
huigou-common/src/main/java/com/huigou/context/RoleKind.java
View file @ f0f8fa65
package com.huigou.context;
import java.util.Collections;
import java.util.HashMap;
import java.util.LinkedHashMap;
import java.util.Map;
import java.util.stream.Collectors;
/**
* 角色类别
*
*
* @author gongmm
*/
public enum RoleKind {
......@@ -15,11 +18,11 @@ public enum RoleKind {
SECURITY_GUARD("securityGuard", "安全员"),
AUDITOR("auditor", "审计员");
private final String id;
public final String id;
private final String displayName;
public final String displayName;
private RoleKind(String id, String displayName) {
RoleKind(String id, String displayName) {
this.id = id;
this.displayName = displayName;
}
......@@ -32,27 +35,31 @@ public enum RoleKind {
return result;
}
public static Map<String, String> getData(boolean isUseTspm) {
public static Map<String, String> getData(TmspmConifg tmspmConifg) {
Map<String, String> result;
if (isUseTspm) {
if (tmspmConifg.isUseTspm()) {
Operator operator = ThreadLocalUtil.getOperator();
if (operator.getRoleKind() == RoleKind.SECURITY_GUARD) {
// 安全员 TODO 是否可以查看SECURITY_GUARD
result = new LinkedHashMap<String, String>(1);
result.put(COMMON.getId(), COMMON.getDisplayName());
return result;
} else if (operator.getRoleKind() == RoleKind.SUPER_ADMINISTRATOR) {
// 超级管理员只能三员
result = new LinkedHashMap<String, String>(3);
result.put(ADMINISTRATOR.getId(), ADMINISTRATOR.getDisplayName());
result.put(SECURITY_GUARD.getId(), SECURITY_GUARD.getDisplayName());
result.put(AUDITOR.getId(), AUDITOR.getDisplayName());
} else {
result = new LinkedHashMap<String, String>(0);
}
// if (operator.getRoleKind() == RoleKind.SECURITY_GUARD) {
// // 安全员 TODO 是否可以查看SECURITY_GUARD
// result = new LinkedHashMap<String, String>(1);
// result.put(COMMON.getId(), COMMON.getDisplayName());
// return result;
// } else if (operator.getRoleKind() == RoleKind.SUPER_ADMINISTRATOR) {
// // 超级管理员只能三员
// result = new LinkedHashMap<String, String>(3);
//
// result.put(ADMINISTRATOR.getId(), ADMINISTRATOR.getDisplayName());
// result.put(SECURITY_GUARD.getId(), SECURITY_GUARD.getDisplayName());
// result.put(AUDITOR.getId(), AUDITOR.getDisplayName());
// } else {
// result = new LinkedHashMap<String, String>(0);
// }
return tmspmConifg.getLogAuthorities().getOrDefault(operator.getRoleKind().id, Collections.emptyList())
.stream()
.map(RoleKind::fromId)
.collect(Collectors.toMap(RoleKind::getId, RoleKind::getDisplayName));
} else {
result = new LinkedHashMap<String, String>(1);
result = new LinkedHashMap<>(1);
result.put(COMMON.getId(), COMMON.getDisplayName());
}
......@@ -79,33 +86,32 @@ public enum RoleKind {
return result;
}
public static Map<String, String> getDataForOperationLog(boolean enableTspm) {
Map<String, String> result;
if (enableTspm) {
public static Map<String, String> getDataForOperationLog(TmspmConifg tmspmConifg) {
if (tmspmConifg.isUseTspm() && tmspmConifg.isEnableTspm()) {
// 管理员:查询错误日志、登录日志;
// 安全员:系统管理员日志、登录日志;
// 审计员:查询管理员、安全员、用户操作日志
Operator operator = ThreadLocalUtil.getOperator();
switch (operator.getRoleKind()) {
case SECURITY_GUARD:
result = new LinkedHashMap<String, String>(1);
result.put(ADMINISTRATOR.getId(), ADMINISTRATOR.getDisplayName());
break;
case AUDITOR:
result = new LinkedHashMap<String, String>(1);
result.put(COMMON.getId(), COMMON.getDisplayName());
result.put(ADMINISTRATOR.getId(), ADMINISTRATOR.getDisplayName());
result.put(SECURITY_GUARD.getId(), SECURITY_GUARD.getDisplayName());
break;
default:
result = new LinkedHashMap<String, String>(0);
}
} else {
result = new LinkedHashMap<String, String>(1);
result.put(COMMON.getId(), COMMON.getDisplayName());
// switch (operator.getRoleKind()) {
// case SECURITY_GUARD:
// result = new LinkedHashMap<String, String>(1);
// result.put(ADMINISTRATOR.getId(), ADMINISTRATOR.getDisplayName());
// break;
// case AUDITOR:
// result = new LinkedHashMap<String, String>(1);
// result.put(COMMON.getId(), COMMON.getDisplayName());
// result.put(ADMINISTRATOR.getId(), ADMINISTRATOR.getDisplayName());
// result.put(SECURITY_GUARD.getId(), SECURITY_GUARD.getDisplayName());
// break;
// default:
// result = new LinkedHashMap<String, String>(0);
// }
return tmspmConifg.getLogAuthorities().getOrDefault(operator.getRoleKind().id, Collections.emptyList())
.stream()
.map(RoleKind::fromId)
.collect(Collectors.toMap(RoleKind::getId, RoleKind::getDisplayName));
}
return result;
return COMMON_OPERATION_LOG_AUTHORITIES;
}
public String getId() {
......@@ -128,4 +134,8 @@ public enum RoleKind {
public static boolean isTspm(String kindId) {
return !COMMON.getId().equals(kindId);
}
public static final Map<String, String> COMMON_OPERATION_LOG_AUTHORITIES = Collections.unmodifiableMap(new HashMap<String, String>() {{
put(RoleKind.COMMON.id, RoleKind.COMMON.displayName);
}});
}
huigou-common/src/main/java/com/huigou/context/TmspmConifg.java
View file @ f0f8fa65
package com.huigou.context;
import org.apache.commons.lang3.StringUtils;
import java.util.Arrays;
import java.util.Collections;
import java.util.List;
import java.util.Map;
import java.util.stream.Collectors;
/**
* 三员安全保密管理配置
* <p>
* Three member security and privacy management
*
*
* @author gongmm
*/
public class TmspmConifg {
......@@ -20,10 +28,12 @@ public class TmspmConifg {
private boolean enableTspm;
/**
* 是否隐藏超级管理角色和超级管理员
* 是否隐藏超级管理角色和超级管理员
*/
private boolean doHideSuperAdministrator = false;
private Map<String, List<String>> logAuthorities = Collections.emptyMap();
public boolean isUseTspm() {
return useTspm;
}
......@@ -48,4 +58,21 @@ public class TmspmConifg {
this.doHideSuperAdministrator = doHideSuperAdministrator;
}
public void setLogAuthorities(String logAuthorities) {
logAuthorities = StringUtils.trimToEmpty(logAuthorities);
this.logAuthorities = Arrays.asList(logAuthorities.split("\n"))
.stream()
.map(str -> str.split("[=,]"))
.collect(Collectors.toMap(str -> StringUtils.trimToEmpty(str[0]), str ->
Arrays.stream(str)
.skip(1)
.map(StringUtils::trimToEmpty)
.filter(StringUtils::isNotBlank)
.collect(Collectors.toList()))
);
}
public Map<String, List<String>> getLogAuthorities() {
return logAuthorities;
}
}
huigou-core-api/src/main/java/com/huigou/uasp/log/domain/model/BizLog.java
View file @ f0f8fa65
......@@ -9,7 +9,7 @@ import java.util.Date;
*/
public interface BizLog {
public static final Integer DESCRIPTION_MAX_LENGTH = 680;
Integer DESCRIPTION_MAX_LENGTH = 680;
String getId();
......
huigou-uasp/src/main/java/com/huigou/uasp/bmp/opm/controller/AccessController.java
View file @ f0f8fa65
......@@ -110,7 +110,7 @@ public class AccessController extends CommonController {
Integer sequence = accessApplication.getRoleNextSequence(parentId);
params.putProperty(STATUS_KEY_NAME, ValidStatus.ENABLED.getId());
params.putProperty(SEQUENCE_KEY_NAME, sequence);
this.putAttribute("roleKindList", RoleKind.getData(tmspmConifg.isUseTspm()));
this.putAttribute("roleKindList", RoleKind.getData(tmspmConifg));
return forward(ROLE_DETAIL_PAGE, params);
}
......@@ -120,7 +120,7 @@ public class AccessController extends CommonController {
SDO params = this.getSDO();
String id = params.getString(ID_KEY_NAME);
Role role = this.accessApplication.loadRole(id);
this.putAttribute("roleKindList", RoleKind.getData(tmspmConifg.isUseTspm()));
this.putAttribute("roleKindList", RoleKind.getData(tmspmConifg));
return forward(ROLE_DETAIL_PAGE, role);
}
......@@ -593,4 +593,4 @@ public class AccessController extends CommonController {
Map<String, Object> data = this.accessQueryApplication.slicedQueryPersonAsRoleAuthorize(queryRequest);
return this.toResult(data);
}
}
\ No newline at end of file
}
huigou-uasp/src/main/java/com/huigou/uasp/log/application/impl/DBLogApplicationImpl.java
View file @ f0f8fa65
......@@ -92,7 +92,7 @@ public class DBLogApplicationImpl implements LogApplication {
QueryModel queryModel = queryRequest.initQueryModel();
Map<String, String> map = queryRequest.getLogQueryCriteria(tmAuthorizeRepository, tmspmConifg.isEnableTspm());
Map<String, String> map = queryRequest.getLogQueryCriteria(tmAuthorizeRepository, tmspmConifg);
String targetRoleKindId = map.get("targetRoleKindId");
String targetStatusId = map.get("targetStatusId");
String targetFullId = map.get("targetFullId");
......@@ -209,7 +209,7 @@ public class DBLogApplicationImpl implements LogApplication {
}
public Map<String, Object> slicedQueryOperationLogs1(OperationLogQueryRequest queryRequest) {
Map<String, String> map = queryRequest.getLogQueryCriteria(tmAuthorizeRepository, tmspmConifg.isEnableTspm());
Map<String, String> map = queryRequest.getLogQueryCriteria(tmAuthorizeRepository, tmspmConifg);
String targetRoleKindId = map.get("targetRoleKindId");
String targetStatusId = map.get("targetStatusId");
String targetFullId = map.get("targetFullId");
......
huigou-uasp/src/main/java/com/huigou/uasp/log/application/impl/MongoDBLogApplicationImpl.java
View file @ f0f8fa65
......@@ -219,7 +219,7 @@ public class MongoDBLogApplicationImpl implements LogApplication {
return new HashMap<String, Object>(1);
}
Map<String, String> map = queryRequest.getLogQueryCriteria(tmAuthorizeRepository, tmspmConifg.isEnableTspm());
Map<String, String> map = queryRequest.getLogQueryCriteria(tmAuthorizeRepository, tmspmConifg);
String targetRoleKindId = map.get("targetRoleKindId");
String targetStatusId = map.get("targetStatusId");
String targetFullId = map.get("targetFullId");
......
huigou-uasp/src/main/java/com/huigou/uasp/log/controller/LogController.java
View file @ f0f8fa65
......@@ -74,7 +74,7 @@ public class LogController extends CommonController {
// SDO sdo = this.getSDO();
// String logKind = sdo.getString("kind");
// String statusId = sdo.getString("statusId");
this.putAttribute("roleKinds", RoleKind.getDataForOperationLog(tmspmConifg.isUseTspm() && tmspmConifg.isEnableTspm()));
this.putAttribute("roleKinds", RoleKind.getDataForOperationLog(tmspmConifg));
this.putAttribute("logType", LogType.getData());
this.putAttribute("operationType", OperationType.getData());
this.putAttribute("logStatus", LogStatus.getData());
......
huigou-uasp/src/main/java/com/huigou/uasp/log/domain/query/OperationLogQueryRequest.java
View file @ f0f8fa65
......@@ -5,9 +5,12 @@ import java.util.Date;
import java.util.HashMap;
import java.util.List;
import java.util.Map;
import java.util.stream.Collectors;
import com.huigou.context.TmspmConifg;
import lombok.Getter;
import lombok.Setter;
import org.apache.commons.lang3.StringUtils;
import org.springframework.util.Assert;
import com.huigou.context.RoleKind;
......@@ -20,7 +23,7 @@ import com.huigou.util.StringUtil;
/**
* 操作日志查询
*
*
* @author gongmm
*/
@Getter
......@@ -57,7 +60,7 @@ public class OperationLogQueryRequest extends QueryAbstractRequest {
return StringUtil.isNotBlank(operatorRoleKindId) && StringUtil.isNotBlank(personMemberId);
}
public Map<String, String> getLogQueryCriteria(TMAuthorizeRepository tmAuthorizeRepository, boolean isEnableTspm) {
public Map<String, String> getLogQueryCriteria(TMAuthorizeRepository tmAuthorizeRepository, TmspmConifg tmspmConifg) {
// String targetLogType = "";
String targetRoleKindId = "";
String targetStatusId = "";
......@@ -65,7 +68,7 @@ public class OperationLogQueryRequest extends QueryAbstractRequest {
String targetFullId = "";
Map<String, String> data = new HashMap<String, String>();
if (isEnableTspm) {
if (tmspmConifg.isEnableTspm()) {
List<TMAuthorize> tmAuthorizes = tmAuthorizeRepository.findByManagerIdAndRoleKindId(personMemberId, roleKindId);
Assert.state(tmAuthorizes != null, "没有三员授权,不能查询三员日期。");
......@@ -96,15 +99,22 @@ public class OperationLogQueryRequest extends QueryAbstractRequest {
if (appIds.size() > 0) {
targetAppId = String.join(StringPool.COMMA, appIds);// targetAppId.substring(0, targetAppId.length() - 1);
}
if (roleKindId.equals(RoleKind.ADMINISTRATOR.getId())) {
targetStatusId = String.valueOf(LogStatus.FAILURE.getId());
targetRoleKindId = StringPool.AT;
} else if (roleKindId.equals(RoleKind.SECURITY_GUARD.getId())) {
// targetRoleKindId = RoleKind.ADMINISTRATOR.getId();
targetRoleKindId = RoleKind.COMMON.getId();
} else if (roleKindId.equals(RoleKind.AUDITOR.getId())) {
// targetRoleKindId = String.format("%s,%s,%s", RoleKind.ADMINISTRATOR.getId(), RoleKind.SECURITY_GUARD.getId(), RoleKind.COMMON.getId());
targetRoleKindId = String.format("%s,%s,%s", RoleKind.ADMINISTRATOR.getId(), RoleKind.SECURITY_GUARD.getId(), RoleKind.AUDITOR.getId());
// if (RoleKind.ADMINISTRATOR.id.equals(roleKindId)) {
// targetStatusId = String.valueOf(LogStatus.FAILURE.getId());
// targetRoleKindId = StringPool.AT;
// } else if (RoleKind.SECURITY_GUARD.id.equals(roleKindId)) {
// // targetRoleKindId = RoleKind.ADMINISTRATOR.getId();
// targetRoleKindId = RoleKind.COMMON.getId();
// } else if (RoleKind.AUDITOR.id.equals(roleKindId)) {
// // targetRoleKindId = String.format("%s,%s,%s", RoleKind.ADMINISTRATOR.getId(), RoleKind.SECURITY_GUARD.getId(), RoleKind.COMMON.getId());
// targetRoleKindId = String.format("%s,%s,%s", RoleKind.ADMINISTRATOR.getId(), RoleKind.SECURITY_GUARD.getId(), RoleKind.AUDITOR.getId());
// }
targetRoleKindId = roleKindId;
if (StringUtils.isBlank(targetRoleKindId)) {
targetRoleKindId = RoleKind.getDataForOperationLog(tmspmConifg)
.keySet()
.stream()
.collect(Collectors.joining(","));
}
}
......
huigou-webservice/src/test/java/Base64Test.java deleted 100644 → 0
View file @ 979001e0
import sun.misc.BASE64Decoder;
import sun.misc.BASE64Encoder;
import java.io.IOException;
public class Base64Test {
public static void main(String[] args) throws IOException {
BASE64Decoder decoder = new BASE64Decoder();
BASE64Encoder encoder = new BASE64Encoder();
String testStr = "你是谁";
String encoderStr = encoder.encode(testStr.getBytes());
System.out.println(encoderStr);
System.out.println(new String(decoder.decodeBuffer(encoderStr)));
}
}
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment