权限 粒度化 到 系统 部门 部门及子部门 个人用户
生活随笔
收集整理的這篇文章主要介紹了
权限 粒度化 到 系统 部门 部门及子部门 个人用户
小編覺得挺不錯的,現在分享給大家,幫大家做個參考.
AuthOperater 負責檢查權限
// // Source code recreated from a .class file by IntelliJ IDEA // (powered by Fernflower decompiler) // package cn.com.do1.component.systemmgr.auth; import cn.com.do1.common.util.string.StringUtil; import cn.com.do1.component.systemmgr.auth.AuthQuickDac; import cn.com.do1.component.systemmgr.auth.UserAuth; import cn.com.do1.component.systemmgr.util.CollectionUtils; import cn.com.do1.component.systemmgr.util.SystemRoleCacheMgr; import cn.com.do1.component.systemmgr.util.Constants.ACCESS_LEVEL; import cn.com.do1.dqdp.core.DqdpAppContext; import java.util.ArrayList; import java.util.Collections; import java.util.Iterator; import java.util.List; import java.util.Map; import org.springframework.security.core.GrantedAuthority; import org.springframework.security.core.userdetails.UserDetails; public class AuthOperater { public AuthOperater() { } //查詢 權限code的級別 public static int ckCurrentUserPerAccessLevel(String permissionCode) throws Exception { if(permissionCode == null) { throw new Exception("權限代碼不能為空!"); } else if(UserAuth.isSuperUser()) { return ACCESS_LEVEL.ALL.value(); } else { String[] roleIds = UserAuth.getSessionPerson().getRoleIds().split(","); ArrayList accessLevList = new ArrayList(); String[] var6 = roleIds; int var5 = roleIds.length; for(int var4 = 0; var4 < var5; ++var4) { String roleid = var6[var4]; List perlist = SystemRoleCacheMgr.getOPermissByRoleId(roleid); Iterator var9 = perlist.iterator(); while(var9.hasNext()) { Map per = (Map)var9.next(); if(per.get("PERMISSION_CODE").toString().equalsIgnoreCase(permissionCode)) { accessLevList.add(Integer.valueOf(per.get("ACCESS_LEVEL").toString())); } } } if(accessLevList.size() <= 0) { return ACCESS_LEVEL.NOT_HAS.value(); } else { return ((Integer)Collections.min(accessLevList)).intValue(); } } } //檢查當前用戶是否包含權限code public static boolean ckCurrentUserHasPer(String permissionCode) throws Exception { if(permissionCode == null) { return false; } else if(UserAuth.isSuperUser()) { return true; } else { UserDetails userDetails = DqdpAppContext.getCurrentUser(); Iterator var3 = userDetails.getAuthorities().iterator(); while(var3.hasNext()) { GrantedAuthority grantedAuthority = (GrantedAuthority)var3.next(); try { if("all".equals(permissionCode) || StringUtil.isInContainer(permissionCode.split(","), grantedAuthority.getAuthority())) { return true; } } catch (Exception var4) { return false; } } return false; } } //檢查用戶針對改權限擁有的級別所有的部門id
public static String ckUserModuelPreDepts(String permissionCode) throws Exception { int accessCode = ckCurrentUserPerAccessLevel(permissionCode); if(accessCode != ACCESS_LEVEL.NOT_HAS.value() && accessCode != ACCESS_LEVEL.USER.value()) { if(accessCode != ACCESS_LEVEL.ALL.value() && accessCode != ACCESS_LEVEL.SYSTEM_USER.value()) { ArrayList deptList = null; if(accessCode == ACCESS_LEVEL.DEPT.value()) { deptList = (ArrayList)AuthQuickDac.getContext().searchUserDeptLevelOrg(UserAuth.getSessionUser().getId().toLowerCase()); } if(accessCode == ACCESS_LEVEL.DEPT_AND_CHILDREN.value()) { deptList = (ArrayList)AuthQuickDac.getContext().searchUserDChildLevOrg(UserAuth.getSessionUser().getId().toLowerCase()); } deptList = (ArrayList)CollectionUtils.replaceList(deptList); return CollectionUtils.listToString(deptList); } else { return "all"; } } else { return null; } } } AuthQuickDac 負責查詢權限粒度
// // Source code recreated from a .class file by IntelliJ IDEA // (powered by Fernflower decompiler) // package cn.com.do1.component.systemmgr.auth; import cn.com.do1.common.dac.QuickDAC; import cn.com.do1.component.systemmgr.org.model.TbDqdpOrgPO; import cn.com.do1.component.systemmgr.user.model.TbUserRoleDeptRefPO; import cn.com.do1.component.systemmgr.util.CollectionUtils; import cn.com.do1.component.systemmgr.util.SystemCacheUtils; import cn.com.do1.dqdp.core.DqdpAppContext; import java.sql.SQLException; import java.util.ArrayList; import java.util.Iterator; import java.util.List; import java.util.Map; import java.util.concurrent.TimeUnit; import java.util.concurrent.locks.ReentrantLock; import javax.sql.DataSource; import org.slf4j.Logger; import org.slf4j.LoggerFactory; public class AuthQuickDac { private static final Logger logger = LoggerFactory.getLogger(AuthQuickDac.class); private static ReentrantLock lock = new ReentrantLock(true); private static ThreadLocal<Integer> executeCount = new ThreadLocal(); private static AuthQuickDac authQuickDac; private DataSource ds; private AuthQuickDac() { executeCount.set(Integer.valueOf(5)); this.ds = (DataSource)DqdpAppContext.getSpringContext().getBean("dataSource"); } public static AuthQuickDac getContext() { try { lock.lock(); if(authQuickDac == null) { authQuickDac = new AuthQuickDac(); } } finally { lock.unlock(); } return authQuickDac; } private boolean getLook() { try { if(lock.tryLock(30L, TimeUnit.MILLISECONDS)) { executeCount.set(Integer.valueOf(0)); logger.info("獲取鎖成功"); return true; } else { logger.info("在指定的時間內未能獲取到鎖"); if(5 <= ((Integer)executeCount.get()).intValue()) { logger.info("系統連續5次獲取鎖失敗"); return false; } else { executeCount.set(Integer.valueOf(((Integer)executeCount.get()).intValue() + 1)); return this.getLook(); } } } catch (InterruptedException var2) { logger.error(var2.getMessage(), var2); return false; } } public List searchUserDeptLevelOrg(String userid) { if(!this.getLook()) { return null; } else { QuickDAC quickDAC = null; try { quickDAC = new QuickDAC(this.ds.getConnection()); quickDAC.preparedSql("select * from TB_USER_ROLE_DEPT_REF where USER_ID=:userid"); quickDAC.setPreValue("userid", userid); List e = quickDAC.getList(TbUserRoleDeptRefPO.class); ArrayList depss = new ArrayList(); if(e.size() > 0) { Iterator var6 = e.iterator(); while(var6.hasNext()) { TbUserRoleDeptRefPO tbUserRoleDeptRefPO = (TbUserRoleDeptRefPO)var6.next(); depss.add(tbUserRoleDeptRefPO.getOrgId()); } } ArrayList var8 = depss; return var8; } catch (Exception var11) { logger.error(var11.getMessage(), var11); } finally { lock.unlock(); quickDAC.destoryWithoutConnection(); } return null; } } public List searchUserDChildLevOrg(String userid) { if(!this.getLook()) { return null; } else { QuickDAC quickDAC = null; try { quickDAC = new QuickDAC(this.ds.getConnection()); quickDAC.preparedSql("select * from TB_USER_ROLE_DEPT_REF where USER_ID=:userid"); quickDAC.setPreValue("userid", userid); List e = quickDAC.getList(TbUserRoleDeptRefPO.class); ArrayList depss = new ArrayList(); Iterator orgid = e.iterator(); while(orgid.hasNext()) { TbUserRoleDeptRefPO list = (TbUserRoleDeptRefPO)orgid.next(); depss.add(list.getOrgId()); } depss = (ArrayList)CollectionUtils.replaceList(depss); ArrayList list1 = new ArrayList(); if(depss.size() > 0) { Iterator var7 = depss.iterator(); while(var7.hasNext()) { String orgid1 = (String)var7.next(); if(SystemCacheUtils.getOrgByOrgId(orgid1).get("IS_PARENT").toString().equalsIgnoreCase("0")) { Map org = SystemCacheUtils.getOrgByOrgId(orgid1); CollectionUtils.addListToList(list1, this.searchOrgByLRVal(quickDAC, org.get("LEFTVALUE").toString(), org.get("RIGHTVALUE").toString())); } } } CollectionUtils.addListToList(list1, depss); ArrayList var10 = list1; return var10; } catch (Exception var13) { logger.error(var13.getMessage(), var13); } finally { lock.unlock(); quickDAC.destoryWithoutConnection(); } return null; } } private List searchOrgByLRVal(QuickDAC qac, String leftVal, String rightVal) throws SQLException { qac.preparedSql("select * from TB_DQDP_ORGANIZATION where LEFTVALUE >:leftval and RIGHTVALUE <:rightval"); qac.setPreValue("leftval", leftVal); qac.setPreValue("rightval", rightVal); List list = qac.getList(TbDqdpOrgPO.class); ArrayList orgs = new ArrayList(); if(list.size() > 0) { Iterator var7 = list.iterator(); while(var7.hasNext()) { TbDqdpOrgPO tbDqdpOrgPO = (TbDqdpOrgPO)var7.next(); orgs.add(tbDqdpOrgPO.getOrganizationId()); } } return orgs; } }
轉載于:https://www.cnblogs.com/signheart/p/35171d5442c61100204cf7b54183cf45.html
總結
以上是生活随笔為你收集整理的权限 粒度化 到 系统 部门 部门及子部门 个人用户的全部內容,希望文章能夠幫你解決所遇到的問題。
- 上一篇: 2.vue 安装教程
- 下一篇: 体验套餐管理系统