From 822286ce739eff96ad05b547ba90245aea6c590a Mon Sep 17 00:00:00 2001 From: wzp Date: Tue, 9 Apr 2024 17:57:46 +0800 Subject: [PATCH] =?UTF-8?q?feat(all):=20=E4=BF=AE=E5=A4=8D=E4=BA=86?= =?UTF-8?q?=E9=89=B4=E6=9D=83=E7=B3=BB=E7=BB=9F=E6=97=A0=E6=B3=95=E5=88=A4?= =?UTF-8?q?=E6=96=AD=E6=9D=83=E9=99=90=E7=9A=84bug?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- .../annotations/AuthorizationRequired.java | 2 +- .../AuthorizationConfiguration.java | 73 +++++++++++++++++++ .../configuration/TokenConfiguration.java | 55 -------------- .../mmga/clubs/controller/UserController.java | 8 ++ .../org/mmga/clubs/dao/AuthPermissionDao.java | 1 + src/main/java/org/mmga/clubs/dao/UserDao.java | 5 ++ .../org/mmga/clubs/entities/BaseResponse.java | 2 +- .../java/org/mmga/clubs/entities/Pager.java | 9 +++ .../org/mmga/clubs/service/AuthService.java | 4 + .../org/mmga/clubs/service/UserService.java | 14 ++++ .../java/org/mmga/clubs/utils/JwtUtils.java | 1 - .../org/mmga/clubs/dao/AuthPermissionDao.xml | 3 + .../resources/org/mmga/clubs/dao/UserDao.xml | 6 ++ 13 files changed, 125 insertions(+), 58 deletions(-) create mode 100644 src/main/java/org/mmga/clubs/configuration/AuthorizationConfiguration.java delete mode 100644 src/main/java/org/mmga/clubs/configuration/TokenConfiguration.java create mode 100644 src/main/java/org/mmga/clubs/entities/Pager.java diff --git a/src/main/java/org/mmga/clubs/annotations/AuthorizationRequired.java b/src/main/java/org/mmga/clubs/annotations/AuthorizationRequired.java index 661f83d..bdd192d 100644 --- a/src/main/java/org/mmga/clubs/annotations/AuthorizationRequired.java +++ b/src/main/java/org/mmga/clubs/annotations/AuthorizationRequired.java @@ -6,5 +6,5 @@ import java.lang.annotation.*; @Retention(RetentionPolicy.RUNTIME) @Documented public @interface AuthorizationRequired { - + int requiredPermissionId() default -1; } diff --git a/src/main/java/org/mmga/clubs/configuration/AuthorizationConfiguration.java b/src/main/java/org/mmga/clubs/configuration/AuthorizationConfiguration.java new file mode 100644 index 0000000..55d1b22 --- /dev/null +++ b/src/main/java/org/mmga/clubs/configuration/AuthorizationConfiguration.java @@ -0,0 +1,73 @@ +package org.mmga.clubs.configuration; + +import com.alibaba.fastjson2.JSON; +import com.auth0.jwt.exceptions.JWTVerificationException; +import jakarta.servlet.ServletOutputStream; +import jakarta.servlet.http.HttpServletRequest; +import jakarta.servlet.http.HttpServletResponse; +import lombok.NonNull; +import lombok.extern.slf4j.Slf4j; +import org.mmga.clubs.annotations.AuthorizationRequired; +import org.mmga.clubs.entities.BaseResponse; +import org.mmga.clubs.service.UserService; +import org.mmga.clubs.utils.JwtUtils; +import org.springframework.context.annotation.Configuration; +import org.springframework.web.method.HandlerMethod; +import org.springframework.web.servlet.HandlerInterceptor; +import org.springframework.web.servlet.config.annotation.InterceptorRegistry; +import org.springframework.web.servlet.config.annotation.WebMvcConfigurer; + +import java.io.IOException; +import java.nio.charset.StandardCharsets; + +@Configuration +@Slf4j +public class AuthorizationConfiguration implements HandlerInterceptor, WebMvcConfigurer{ + private final JwtUtils jwtUtils; + private final UserService userService; + public AuthorizationConfiguration(JwtUtils jwtUtils, UserService userService){ + this.jwtUtils = jwtUtils; + this.userService = userService; + } + @Override + public boolean preHandle(@NonNull HttpServletRequest request,@NonNull HttpServletResponse response,@NonNull Object handler) throws Exception { + if (handler instanceof HandlerMethod handlerMethod){ + request.setAttribute("user", -1); + String authorization = request.getHeader("Authorization"); + Integer userId; + AuthorizationRequired authorizationRequired = handlerMethod.getMethodAnnotation(AuthorizationRequired.class); + try{ + userId = jwtUtils.verifyToken(authorization); + request.setAttribute("user", userId); + if (authorizationRequired != null){ + int permissionId = authorizationRequired.requiredPermissionId(); + if (permissionId != -1){ + if (!userService.userHasPermission(userId, permissionId)) { + writeAuthorizationFailedResponse(response, null); + return false; + } + } + } + }catch (JWTVerificationException e){ + if (authorizationRequired != null){ + writeAuthorizationFailedResponse(response, e); + return false; + } + } + } + return true; + } + private void writeAuthorizationFailedResponse(HttpServletResponse response, JWTVerificationException e) throws IOException { + log.debug("用户鉴权时出现错误:", e); + ServletOutputStream outputStream = response.getOutputStream(); + response.addHeader("Content-Encoding", "UTF-8"); + response.addHeader("Content-Type", "application/json; charset=utf-8"); + BaseResponse err = BaseResponse.failed(401, "token错误"); + outputStream.write(JSON.toJSONString(err).getBytes(StandardCharsets.UTF_8)); + outputStream.close(); + } + @Override + public void addInterceptors(InterceptorRegistry registry) { + registry.addInterceptor(this); + } +} diff --git a/src/main/java/org/mmga/clubs/configuration/TokenConfiguration.java b/src/main/java/org/mmga/clubs/configuration/TokenConfiguration.java deleted file mode 100644 index 30d5287..0000000 --- a/src/main/java/org/mmga/clubs/configuration/TokenConfiguration.java +++ /dev/null @@ -1,55 +0,0 @@ -package org.mmga.clubs.configuration; - -import com.alibaba.fastjson2.JSON; -import com.auth0.jwt.exceptions.JWTVerificationException; -import jakarta.servlet.ServletOutputStream; -import jakarta.servlet.http.HttpServletRequest; -import jakarta.servlet.http.HttpServletResponse; -import lombok.NonNull; -import lombok.extern.slf4j.Slf4j; -import org.mmga.clubs.annotations.AuthorizationRequired; -import org.mmga.clubs.entities.BaseResponse; -import org.mmga.clubs.utils.JwtUtils; -import org.springframework.context.annotation.Configuration; -import org.springframework.web.method.HandlerMethod; -import org.springframework.web.servlet.HandlerInterceptor; -import org.springframework.web.servlet.config.annotation.InterceptorRegistry; -import org.springframework.web.servlet.config.annotation.WebMvcConfigurer; - -import java.nio.charset.StandardCharsets; - -@Configuration -@Slf4j -public class TokenConfiguration implements HandlerInterceptor, WebMvcConfigurer{ - private final JwtUtils jwtUtils; - public TokenConfiguration(JwtUtils jwtUtils){ - this.jwtUtils = jwtUtils; - } - @Override - public boolean preHandle(@NonNull HttpServletRequest request,@NonNull HttpServletResponse response,@NonNull Object handler) throws Exception { - if (handler instanceof HandlerMethod handlerMethod){ - request.setAttribute("user", -1); - String authorization = request.getHeader("Authorization"); - try{ - Integer userId = jwtUtils.verifyToken(authorization); - request.setAttribute("user", userId); - }catch (JWTVerificationException e){ - if (handlerMethod.hasMethodAnnotation(AuthorizationRequired.class)) { - log.debug("用户鉴权时出现错误:", e); - ServletOutputStream outputStream = response.getOutputStream(); - response.addHeader("Content-Encoding", "UTF-8"); - response.addHeader("Content-Type", "application/json; charset=utf-8"); - BaseResponse err = BaseResponse.failed(401, "token错误"); - outputStream.write(JSON.toJSONString(err).getBytes(StandardCharsets.UTF_8)); - outputStream.close(); - return false; - } - } - } - return true; - } - @Override - public void addInterceptors(InterceptorRegistry registry) { - registry.addInterceptor(this); - } -} diff --git a/src/main/java/org/mmga/clubs/controller/UserController.java b/src/main/java/org/mmga/clubs/controller/UserController.java index 45ed9dd..d13d68b 100644 --- a/src/main/java/org/mmga/clubs/controller/UserController.java +++ b/src/main/java/org/mmga/clubs/controller/UserController.java @@ -5,7 +5,9 @@ import io.swagger.v3.oas.annotations.responses.ApiResponse; import io.swagger.v3.oas.annotations.tags.Tag; import jakarta.servlet.http.HttpServletResponse; import lombok.extern.slf4j.Slf4j; +import org.mmga.clubs.annotations.AuthorizationRequired; import org.mmga.clubs.entities.BaseResponse; +import org.mmga.clubs.entities.Pager; import org.mmga.clubs.entities.user.User; import org.mmga.clubs.entities.user.UserLoginVo; import org.mmga.clubs.entities.user.UserRegVo; @@ -39,4 +41,10 @@ public class UserController { public BaseResponse getUserInfo(@RequestAttribute("user") int userId){ return service.getUserInfo(userId); } + @GetMapping("/all") + @Operation(description = "获取所有用户信息(分页)") + @AuthorizationRequired(requiredPermissionId = 4) + public BaseResponse> getAllUserInfo(@RequestParam("num") int num, @RequestParam("page") int page){ + return service.getAllUserInfo(num, page); + } } diff --git a/src/main/java/org/mmga/clubs/dao/AuthPermissionDao.java b/src/main/java/org/mmga/clubs/dao/AuthPermissionDao.java index b7ee5ea..1f20c2a 100644 --- a/src/main/java/org/mmga/clubs/dao/AuthPermissionDao.java +++ b/src/main/java/org/mmga/clubs/dao/AuthPermissionDao.java @@ -9,4 +9,5 @@ import java.util.List; @Mapper public interface AuthPermissionDao { List getAllPermissionByAuthId(int authId); + int countAuthPermission(int authId, int permissionId); } diff --git a/src/main/java/org/mmga/clubs/dao/UserDao.java b/src/main/java/org/mmga/clubs/dao/UserDao.java index 832cf83..6fe552f 100644 --- a/src/main/java/org/mmga/clubs/dao/UserDao.java +++ b/src/main/java/org/mmga/clubs/dao/UserDao.java @@ -4,10 +4,15 @@ import org.apache.ibatis.annotations.Mapper; import org.mmga.clubs.entities.user.UserRegResponseVo; import org.mmga.clubs.entities.user.UserVo; +import java.util.List; + @Mapper public interface UserDao { UserVo getUser(String username, String password); void addUser(UserRegResponseVo userVo); int countUser(String username); UserVo getUserById(int id); + int getUserAuthId(int id); + long queryTotalUserCount(); + List getUser(int lastId, int count); } diff --git a/src/main/java/org/mmga/clubs/entities/BaseResponse.java b/src/main/java/org/mmga/clubs/entities/BaseResponse.java index f1a0d3d..3ac1589 100644 --- a/src/main/java/org/mmga/clubs/entities/BaseResponse.java +++ b/src/main/java/org/mmga/clubs/entities/BaseResponse.java @@ -16,7 +16,7 @@ public class BaseResponse { private final Date time; @Schema(description = "返回数据") private T data; - private BaseResponse(int code, String msg, T data){ + protected BaseResponse(int code, String msg, T data){ this.code = code; this.msg = msg; this.data = data; diff --git a/src/main/java/org/mmga/clubs/entities/Pager.java b/src/main/java/org/mmga/clubs/entities/Pager.java new file mode 100644 index 0000000..7a9d92e --- /dev/null +++ b/src/main/java/org/mmga/clubs/entities/Pager.java @@ -0,0 +1,9 @@ +package org.mmga.clubs.entities; + +import io.swagger.v3.oas.annotations.media.Schema; + +import java.util.List; +@Schema(description = "分页数据") +public record Pager(@Schema(description = "总数据") long total,@Schema(description = "当前页面数据") List data) { +} + diff --git a/src/main/java/org/mmga/clubs/service/AuthService.java b/src/main/java/org/mmga/clubs/service/AuthService.java index c3c8a4e..a1486e4 100644 --- a/src/main/java/org/mmga/clubs/service/AuthService.java +++ b/src/main/java/org/mmga/clubs/service/AuthService.java @@ -29,4 +29,8 @@ public class AuthService { List permissions = permissionVos.stream().map(permissionService::packagePermission).toList(); return new Auth(authVo.id(), authVo.name(), permissions); } + + public boolean authHasPermission(int authId, int permissionId) { + return authPermissionDao.countAuthPermission(authId, permissionId) > 0; + } } diff --git a/src/main/java/org/mmga/clubs/service/UserService.java b/src/main/java/org/mmga/clubs/service/UserService.java index 82cda06..f4302d9 100644 --- a/src/main/java/org/mmga/clubs/service/UserService.java +++ b/src/main/java/org/mmga/clubs/service/UserService.java @@ -4,11 +4,14 @@ import jakarta.servlet.http.HttpServletResponse; import org.apache.commons.codec.digest.DigestUtils; import org.mmga.clubs.dao.UserDao; import org.mmga.clubs.entities.BaseResponse; +import org.mmga.clubs.entities.Pager; import org.mmga.clubs.entities.user.*; import org.mmga.clubs.utils.JwtUtils; import org.springframework.beans.factory.annotation.Autowired; import org.springframework.stereotype.Service; +import java.util.List; + @Service public class UserService { private final UserDao userDao; @@ -71,4 +74,15 @@ public class UserService { } return BaseResponse.success(getUserById(userId)); } + public boolean userHasPermission(int userId, int permissionId){ + return authService.authHasPermission(userDao.getUserAuthId(userId), permissionId); + } + + public BaseResponse> getAllUserInfo(int num, int page) { + long totalCount = userDao.queryTotalUserCount(); + List user = userDao.getUser((page - 1) * num, num); + List list = user.stream().map(this::packageUser).toList(); + Pager userPager = new Pager<>(totalCount, list); + return BaseResponse.success(userPager); + } } diff --git a/src/main/java/org/mmga/clubs/utils/JwtUtils.java b/src/main/java/org/mmga/clubs/utils/JwtUtils.java index 8d81282..46deb7a 100644 --- a/src/main/java/org/mmga/clubs/utils/JwtUtils.java +++ b/src/main/java/org/mmga/clubs/utils/JwtUtils.java @@ -6,7 +6,6 @@ import com.auth0.jwt.exceptions.JWTVerificationException; import com.auth0.jwt.interfaces.DecodedJWT; import lombok.extern.slf4j.Slf4j; import org.mmga.clubs.entities.user.User; -import org.mmga.clubs.service.UserService; import org.springframework.beans.factory.annotation.Autowired; import org.springframework.stereotype.Component; diff --git a/src/main/resources/org/mmga/clubs/dao/AuthPermissionDao.xml b/src/main/resources/org/mmga/clubs/dao/AuthPermissionDao.xml index 761de38..ce41ec3 100644 --- a/src/main/resources/org/mmga/clubs/dao/AuthPermissionDao.xml +++ b/src/main/resources/org/mmga/clubs/dao/AuthPermissionDao.xml @@ -6,4 +6,7 @@ + \ No newline at end of file diff --git a/src/main/resources/org/mmga/clubs/dao/UserDao.xml b/src/main/resources/org/mmga/clubs/dao/UserDao.xml index a1f60ec..b21b3c9 100644 --- a/src/main/resources/org/mmga/clubs/dao/UserDao.xml +++ b/src/main/resources/org/mmga/clubs/dao/UserDao.xml @@ -15,4 +15,10 @@ + + \ No newline at end of file