修改权限

device-manager/src/main/java/com/mortals/xhx/base/framework/interceptor/AuthTokenServiceImpl.java

 package com.mortals.xhx.base.framework.interceptor;
 
 import com.alibaba.fastjson.JSONObject;
-import com.mortals.framework.ap.GlobalSysInfo;
 import com.mortals.framework.ap.SysConstains;
 import com.mortals.framework.service.IAuthTokenService;
 import com.mortals.framework.service.ICacheService;
 import com.mortals.framework.service.IUser;
-import com.mortals.framework.util.AESUtil;
 import com.mortals.framework.util.DateUtils;
 import com.mortals.framework.util.StringUtils;
 import com.mortals.xhx.base.system.resource.service.ResourceService;
@@ -14,6 +12,8 @@ import com.mortals.xhx.base.system.user.model.UserEntity;
 import com.mortals.xhx.base.system.user.model.UserQuery;
 import com.mortals.xhx.base.system.user.service.UserService;
 import com.mortals.xhx.common.code.PlatformTypeEnum;
+import com.mortals.xhx.common.key.RedisKey;
+import com.mortals.xhx.common.utils.MenuEncodeUtil;
 import io.jsonwebtoken.Claims;
 import io.jsonwebtoken.Jwts;
 import io.jsonwebtoken.SignatureAlgorithm;
@@ -116,12 +116,17 @@ public class AuthTokenServiceImpl implements IAuthTokenService {
                     userEntity.setToken(token);
                     //更新portal 中的id 为 device中的id
                     UserEntity temp = userService.selectOne(new UserQuery().loginName(userEntity.getLoginName()));
-                    if(!ObjectUtils.isEmpty(temp)){
+                    if (!ObjectUtils.isEmpty(temp)) {
                         userEntity.setId(temp.getId());
                     }
                     //更新menul
+                    String menuUrlCode = cacheService.hget(RedisKey.KEY_USER_MENU_CACHE, userEntity.getId().toString(), String.class);
+                    if (ObjectUtils.isEmpty(menuUrlCode)) {
                         Set<String> urls = resourceService.findUrlSetByUserId(userEntity.getId());
-                    userEntity.setMenuUrl(generateMenuUrlCode(urls));
+                        menuUrlCode = MenuEncodeUtil.generateMenuUrlCode(urls);
+                        cacheService.hset(RedisKey.KEY_USER_MENU_CACHE, userEntity.getId().toString(), menuUrlCode);
+                    }
+                    userEntity.setMenuUrl(menuUrlCode);
                     return userEntity;
                 }
             } catch (Exception e) {
@@ -132,26 +137,6 @@ public class AuthTokenServiceImpl implements IAuthTokenService {
         return null;
     }
 
-
-    private String generateMenuUrlCode(Set<String> urls) {
-        try {
-            String securityKey = GlobalSysInfo.getPropertyValue(SysConstains.PROP_COOKIE_SECURITY_KEY);
-            StringBuilder sb = new StringBuilder();
-            if (urls != null && urls.size() > 0) {
-                for (String url : urls) {
-                    int index = url.hashCode() & (Integer.MAX_VALUE - 1);
-                    sb.append(index).append(",");
-                }
-            }
-            String menuUrl = sb.toString();
-            return AESUtil.encrypt(menuUrl, securityKey);
-        } catch (Throwable e) {
-            log.error("编码异常", e);
-            return null;
-
-        }
-    }
-
     /**
      * 设置用户信息
      */

device-manager/src/main/java/com/mortals/xhx/base/login/web/LoginController.java

@@ -3,14 +3,10 @@ package com.mortals.xhx.base.login.web;
 import com.alibaba.fastjson.JSON;
 import com.alibaba.fastjson.JSONObject;
 import com.mortals.framework.ap.CookieService;
-import com.mortals.framework.ap.GlobalSysInfo;
-import com.mortals.framework.ap.SysConstains;
 import com.mortals.framework.common.Rest;
 import com.mortals.framework.service.IAuthTokenService;
 import com.mortals.framework.service.ICacheService;
 import com.mortals.framework.service.IUser;
-import com.mortals.framework.util.AESUtil;
-import com.mortals.framework.util.HttpUtil;
 import com.mortals.framework.util.StringUtils;
 import com.mortals.framework.web.BaseCRUDJsonBodyMappingController;
 import com.mortals.xhx.base.system.menu.model.MenuEntity;
@@ -21,6 +17,7 @@ import com.mortals.xhx.base.system.user.service.UserService;
 import com.mortals.xhx.base.system.valid.service.ValidCodeService;
 import com.mortals.xhx.common.key.RedisKey;
 import com.mortals.xhx.common.pdu.user.UserPdu;
+import com.mortals.xhx.common.utils.MenuEncodeUtil;
 import com.mortals.xhx.feign.user.IUserFeign;
 import lombok.extern.slf4j.Slf4j;
 import org.springframework.beans.factory.InitializingBean;
@@ -171,56 +168,14 @@ public class LoginController extends BaseCRUDJsonBodyMappingController<UserServi
         data.put("id", user.getId());
         data.put("userType", user.getUserType());
         ret.put(KEY_RESULT_DATA, data);
-        generateMenuUrlCode(urls);
-       // this.generateBlackCookie(request, response, user.getLoginName(), urls);
+        cacheService.hset(RedisKey.KEY_USER_MENU_CACHE, user.getId().toString(), MenuEncodeUtil.generateMenuUrlCode(urls));
+
         ret.put(KEY_RESULT_CODE, VALUE_RESULT_SUCCESS);
         ret.put(KEY_RESULT_MSG, "用户登录系统成功!");
         ret.put("resources", urls);
         return ret.toJSONString();
     }
 
-    private void generateBlackCookie(HttpServletRequest request, HttpServletResponse response, String loginName, Set<String> urls) {
-        try {
-            String cacheKey = RedisKey.KEY_MENU_CACHE + loginName;
-            String securityKey = GlobalSysInfo.getPropertyValue(SysConstains.PROP_COOKIE_SECURITY_KEY);
-            //应为Cookie会超长，所以改为仅存储key将值放入redis
-            //CookieService.setCookieForAuth(request, response, securityKey, null);
-            StringBuilder sb = new StringBuilder();
-            if (urls != null && urls.size() > 0) {
-                for (String url : urls) {
-                    int index = url.hashCode() & (Integer.MAX_VALUE - 1);
-                    sb.append(index).append(",");
-                }
-            }
-            String menuUrl = sb.toString();
-            menuUrl = AESUtil.encrypt(menuUrl, securityKey);
-            cacheService.set(cacheKey, menuUrl, 604800);
-            HttpUtil.setCookieValue(request, response, SysConstains.COOKIE_MENU, cacheKey, -1);
-
-        } catch (Throwable e) {
-
-        }
-    }
-
-
-    private String generateMenuUrlCode(Set<String> urls) {
-        try {
-            String securityKey = GlobalSysInfo.getPropertyValue(SysConstains.PROP_COOKIE_SECURITY_KEY);
-            StringBuilder sb = new StringBuilder();
-            if (urls != null && urls.size() > 0) {
-                for (String url : urls) {
-                    int index = url.hashCode() & (Integer.MAX_VALUE - 1);
-                    sb.append(index).append(",");
-                }
-            }
-            String menuUrl = sb.toString();
-            return AESUtil.encrypt(menuUrl, securityKey);
-        } catch (Throwable e) {
-            log.error("编码异常", e);
-            return null;
-
-        }
-    }
 
     @RequestMapping("validcode")
     public String validCode(HttpServletRequest request, HttpServletResponse response, LoginForm loginForm) {

device-manager/src/main/java/com/mortals/xhx/base/system/resource/service/impl/ResourceServiceImpl.java

@@ -9,19 +9,26 @@
 package com.mortals.xhx.base.system.resource.service.impl;
 
 import com.mortals.framework.exception.AppException;
+import com.mortals.framework.model.Context;
+import com.mortals.framework.service.ICacheService;
 import com.mortals.framework.service.impl.AbstractCRUDServiceImpl;
+import com.mortals.framework.util.DataUtil;
 import com.mortals.framework.util.StringUtils;
 import com.mortals.xhx.base.system.resource.dao.ResourceDao;
 import com.mortals.xhx.base.system.resource.model.ResourceEntity;
 import com.mortals.xhx.base.system.resource.model.ResourceQuery;
 import com.mortals.xhx.base.system.resource.service.ResourceService;
 
+import com.mortals.xhx.common.key.RedisKey;
+import org.springframework.beans.factory.annotation.Autowired;
 import org.springframework.stereotype.Service;
 
 import java.util.HashSet;
 import java.util.List;
 import java.util.Set;
 
+import static com.mortals.xhx.common.utils.MenuEncodeUtil.generateMenuUrlCode;
+
 /**
  * <p>Title: 资源信息</p>
  * <p>Description: ResourceServiceImpl service接口 </p>
@@ -33,6 +40,9 @@ import java.util.Set;
 @Service("resourceService")
 public class ResourceServiceImpl extends AbstractCRUDServiceImpl<ResourceDao,ResourceEntity,Long> implements ResourceService {
 
+    @Autowired
+    private ICacheService cacheService;
+
     @Override
     public List<ResourceEntity> findAllEnable() throws AppException {
         ResourceQuery params = new ResourceQuery();
@@ -70,4 +80,24 @@ public class ResourceServiceImpl extends AbstractCRUDServiceImpl<ResourceDao,Res
         return dao.getAll(userType);
     }
 
+
+    @Override
+    protected void updateAfter(ResourceEntity entity, Context context) throws AppException {
+        updateUserMenuUrlCache();
+    }
+
+    @Override
+    protected void saveAfter(ResourceEntity entity, Context context) throws AppException {
+        updateUserMenuUrlCache();
+    }
+
+    private void updateUserMenuUrlCache() {
+        //更新用户菜单
+        Set<String> hkeys = cacheService.hkeys(RedisKey.KEY_USER_MENU_CACHE);
+        for (String userId : hkeys) {
+            Set<String> urls = this.findUrlSetByUserId(DataUtil.converStr2Long(userId,0L));
+            String menuUrlCode = generateMenuUrlCode(urls);
+            cacheService.hset(RedisKey.KEY_USER_MENU_CACHE, userId,menuUrlCode);
+        }
+    }
 }
\ No newline at end of file

device-manager/src/main/java/com/mortals/xhx/base/system/role/service/impl/RoleUserServiceImpl.java

 /**
-* 文件：RoleUserServiceImpl.java
-* 版本：1.0.0
-* 日期：
-* Copyright ® 
-* All right reserved.
-*/
+ * 文件：RoleUserServiceImpl.java
+ * 版本：1.0.0
+ * 日期：
+ * Copyright ®
+ * All right reserved.
+ */
 
 package com.mortals.xhx.base.system.role.service.impl;
 
+import com.mortals.framework.service.ICacheService;
 import com.mortals.framework.service.impl.AbstractCRUDServiceImpl;
+import com.mortals.framework.util.DataUtil;
+import com.mortals.xhx.base.system.resource.service.ResourceService;
 import com.mortals.xhx.base.system.role.dao.RoleUserDao;
 import com.mortals.xhx.base.system.role.model.RoleUserEntity;
 import com.mortals.xhx.base.system.role.model.RoleUserQuery;
 import com.mortals.xhx.base.system.role.service.RoleUserService;
 
+import com.mortals.xhx.common.key.RedisKey;
+import org.springframework.beans.factory.annotation.Autowired;
 import org.springframework.stereotype.Service;
 
-import java.util.ArrayList;
-import java.util.HashMap;
-import java.util.List;
-import java.util.Map;
+import java.util.*;
+
+import static com.mortals.xhx.common.utils.MenuEncodeUtil.generateMenuUrlCode;
 
 /**
  * <p>Title: 角色用户</p>
@@ -30,8 +34,13 @@ import java.util.Map;
  * @version 1.0.0
  */
 @Service("roleUserService")
-public class RoleUserServiceImpl extends AbstractCRUDServiceImpl<RoleUserDao,RoleUserEntity,Long> implements RoleUserService {
+public class RoleUserServiceImpl extends AbstractCRUDServiceImpl<RoleUserDao, RoleUserEntity, Long> implements RoleUserService {
+
+    @Autowired
+    private ICacheService cacheService;
 
+    @Autowired
+    private ResourceService resourceService;
 
     @Override
     public void doDistributionUser(RoleUserQuery query) {
@@ -50,6 +59,7 @@ public class RoleUserServiceImpl extends AbstractCRUDServiceImpl<RoleUserDao,Rol
             list.add(rolseUser);
         }
         this.dao.insertBatch(list);
+        updateUserMenuUrlCache();
     }
 
     @Override
@@ -68,8 +78,18 @@ public class RoleUserServiceImpl extends AbstractCRUDServiceImpl<RoleUserDao,Rol
             list.add(rolseUser);
         }
         this.dao.insertBatch(list);
+        updateUserMenuUrlCache();
     }
 
 
+    private void updateUserMenuUrlCache() {
+        //更新用户菜单
+        Set<String> hkeys = cacheService.hkeys(RedisKey.KEY_USER_MENU_CACHE);
+        for (String userId : hkeys) {
+            Set<String> urls = resourceService.findUrlSetByUserId(DataUtil.converStr2Long(userId, 0L));
+            String menuUrlCode = generateMenuUrlCode(urls);
+            cacheService.hset(RedisKey.KEY_USER_MENU_CACHE, userId, menuUrlCode);
+        }
+    }
 
 }
\ No newline at end of file

device-manager/src/main/java/com/mortals/xhx/busiz/security/filter/ApiSubmitInterceptor.java

@@ -38,7 +38,7 @@ public class ApiSubmitInterceptor extends BaseInterceptor {
             Method method = handlerMethod.getMethod();
             ApiUserAuth annotation = method.getAnnotation(ApiUserAuth.class);
             if (annotation != null) {
-                //校验
+                //校验 校验路径是否允许
                 if (!this.verifyApiUser(request)) {
                     JSONObject ret = new JSONObject();
                     ret.put("code", TOKEN_AUTH_FAIL);

device-manager/src/main/java/com/mortals/xhx/busiz/web/DeviceApiController.java

@@ -21,7 +21,6 @@ import com.mortals.framework.service.ILogService;
 import com.mortals.framework.service.impl.FileLogServiceImpl;
 import com.mortals.framework.util.DataUtil;
 import com.mortals.framework.util.DateUtils;
-import com.mortals.xhx.base.framework.annotation.ApiUserAuth;
 import com.mortals.xhx.base.login.web.LoginForm;
 import com.mortals.xhx.base.system.message.impl.MessageProducer;
 import com.mortals.xhx.base.system.user.model.UserEntity;
@@ -146,6 +145,7 @@ public class DeviceApiController {
      * @return
      */
     @PostMapping("register")
+    @UnAuth
     public String register(HttpServletRequest request, @RequestBody DeviceReq req) {
         log.info("【设备注册】【请求体】-->  " + JSONObject.toJSONString(req));
         String serverName = request.getHeader("server-name");
@@ -282,6 +282,7 @@ public class DeviceApiController {
      * @return
      */
     @PostMapping("getToken")
+    @UnAuth
     public String getToken(@RequestBody LoginForm loginForm) {
         ApiResp<String> rsp = new ApiResp<>();
         rsp.setCode(ApiRespCodeEnum.SUCCESS.getValue());
@@ -313,6 +314,7 @@ public class DeviceApiController {
      * @return
      */
     @RequestMapping(value = "deviceInit", method = {RequestMethod.POST, RequestMethod.GET})
+    @UnAuth
     public String deviceInit() {
         ApiResp<DeviceInitResp> rsp = new ApiResp<>();
         rsp.setCode(ApiRespCodeEnum.SUCCESS.getValue());
@@ -388,6 +390,7 @@ public class DeviceApiController {
      * @return
      */
     @PostMapping("deviceUpdate")
+    @UnAuth
     public String deviceUpdateApi(HttpServletRequest request, @RequestBody DeviceReq req) {
         String serverName = request.getHeader("server-name");
         Integer serverPort = DataUtil.converStr2Int(request.getHeader("server-port"), 0);
@@ -516,7 +519,8 @@ public class DeviceApiController {
      * @param req
      * @return
      */
-   /* @PostMapping("checkVersion")
+    @PostMapping("checkVersion")
+    @UnAuth
     public String checkVersion(HttpServletRequest request, @RequestBody DeviceReq req) {
         String serverName = request.getHeader("server-name");
         Integer serverPort = DataUtil.converStr2Int(request.getHeader("server-port"), 0);
@@ -558,7 +562,7 @@ public class DeviceApiController {
             return JSON.toJSONString(rsp);
         }
         return JSON.toJSONString(rsp);
-    }*/
+    }
 
 
     /**
@@ -567,8 +571,9 @@ public class DeviceApiController {
      * @param req
      * @return
      */
-    @PostMapping("checkVersion")
-    public String checkVersion(HttpServletRequest request, @RequestBody DeviceReq req) {
+    @PostMapping("checkVersionbak")
+    @UnAuth
+    public String checkVersionbak(HttpServletRequest request, @RequestBody DeviceReq req) {
         String serverName = request.getHeader("server-name");
         Integer serverPort = DataUtil.converStr2Int(request.getHeader("server-port"), 0);
 //        String serverName = request.getServerName();
@@ -730,6 +735,7 @@ public class DeviceApiController {
      * @return
      */
     @PostMapping("upload")
+    @UnAuth
     public String upload(@RequestBody UploadDeviceReq req) {
         log.info("【设备数据上报】【请求体】-->  " + JSONObject.toJSONString(req));
         ApiResp<String> rsp = new ApiResp<>();
@@ -788,7 +794,6 @@ public class DeviceApiController {
      * @return
      */
     @PostMapping("receive")
-    @ApiUserAuth
     public String receive(HttpServletRequest request, @RequestBody DeviceReq req) {
         log.info("【设备接收】【请求体】-->  " + JSONObject.toJSONString(req));
         ApiResp<String> rsp = new ApiResp<>();

device-manager/src/main/java/com/mortals/xhx/common/key/RedisKey.java

@@ -32,4 +32,7 @@ public class RedisKey {
     public static final String KEY_PRODUCT_CACHE = "productDict";
 
     public static final String KEY_TOKEN_API_CACHE = "token:api:";
+
+
+    public static final String KEY_USER_MENU_CACHE = "user:menu";
 }

device-manager/src/main/java/com/mortals/xhx/common/utils/MenuEncodeUtil.java

+package com.mortals.xhx.common.utils;
+
+import com.mortals.framework.ap.GlobalSysInfo;
+import com.mortals.framework.ap.SysConstains;
+import com.mortals.framework.util.AESUtil;
+import lombok.extern.slf4j.Slf4j;
+
+import java.util.Set;
+
+@Slf4j
+public class MenuEncodeUtil {
+
+    public static String generateMenuUrlCode(Set<String> urls) {
+        try {
+            String securityKey = GlobalSysInfo.getPropertyValue(SysConstains.PROP_COOKIE_SECURITY_KEY);
+            StringBuilder sb = new StringBuilder();
+            if (urls != null && urls.size() > 0) {
+                for (String url : urls) {
+                    int index = url.hashCode() & (Integer.MAX_VALUE - 1);
+                    sb.append(index).append(",");
+                }
+            }
+            String menuUrl = sb.toString();
+            return AESUtil.encrypt(menuUrl, securityKey);
+        } catch (Throwable e) {
+            log.error("编码异常",e);
+            return null;
+        }
+    }
+}

device-manager/src/main/resources/bootstrap.yml

@@ -81,8 +81,8 @@ mybatis:
   
 application:
   auth:
-    unloginUrl: /refresh,/error,/login/login,/login/index,/login/logout,/securitycode/createCode,/file/common/*,/test*,/api/*
-    uncheckUrl: /refresh,/error,/login/login,/login/index,/login/logout,/securitycode/createCode,/file/common/*,/test*,/api/*
+    unloginUrl: /refresh,/error,/login/login,/login/index,/login/logout,/securitycode/createCode,/file/common/*,/test*
+    uncheckUrl: /refresh,/error,/login/login,/login/index,/login/logout,/securitycode/createCode,/file/common/*,/test*
   registerApiPath: /api/register
   deviceInitApiPath: /api/deviceInit
   deviceUpdateApiPath: /api/deviceUpdate