From 6481303f0d4d8ae5071678bc6071a5a7a8e01d62 Mon Sep 17 00:00:00 2001 From: bwcx_jzy Date: Fri, 16 Aug 2019 20:48:50 +0800 Subject: [PATCH] =?UTF-8?q?=E4=BF=AE=E6=94=B9=E8=A7=92=E8=89=B2?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- CHANGELOG.md | 1 + .../controller/script/ScriptController.java | 4 - .../jpom/service/script/ScriptServer.java | 2 + .../controller/user/UserEditController.java | 155 +++++++++++++++++- .../controller/user/UserInfoController.java | 121 -------------- .../cn/keepbx/jpom/model/data/UserModel.java | 14 +- .../keepbx/jpom/service/user/UserService.java | 24 +++ .../socket/ServerWebSocketInterceptor.java | 6 +- .../resources/templates/node/script/edit.html | 10 +- .../main/resources/templates/user/edit.html | 29 ++++ 10 files changed, 220 insertions(+), 146 deletions(-) diff --git a/CHANGELOG.md b/CHANGELOG.md index 3971cdc06..48f0711c0 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -31,6 +31,7 @@ 10. 【Server】构建命令不能包含删除命令(del,rd,rm) 11. 支持配置初始读取日志文件最后多少行【log.intiReadLine】(感谢@夜空中最亮的星) 12. 优化节点首页饼状图统计 +13. 取消用户输入脚本模板id ----------------------------------------------------------- diff --git a/modules/agent/src/main/java/cn/keepbx/jpom/controller/script/ScriptController.java b/modules/agent/src/main/java/cn/keepbx/jpom/controller/script/ScriptController.java index c0a0926ab..2cc5b7f6a 100644 --- a/modules/agent/src/main/java/cn/keepbx/jpom/controller/script/ScriptController.java +++ b/modules/agent/src/main/java/cn/keepbx/jpom/controller/script/ScriptController.java @@ -46,10 +46,6 @@ public class ScriptController extends BaseAgentController { if (scriptModel == null) { return JsonMessage.getString(405, "没有数据"); } - boolean safe = checkPathSafe(scriptModel.getId()); - if (!safe) { - return JsonMessage.getString(405, "id规则不合法"); - } if (StrUtil.isEmpty(scriptModel.getContext())) { return JsonMessage.getString(405, "内容为空"); } diff --git a/modules/agent/src/main/java/cn/keepbx/jpom/service/script/ScriptServer.java b/modules/agent/src/main/java/cn/keepbx/jpom/service/script/ScriptServer.java index 262e38be4..9fed813e1 100644 --- a/modules/agent/src/main/java/cn/keepbx/jpom/service/script/ScriptServer.java +++ b/modules/agent/src/main/java/cn/keepbx/jpom/service/script/ScriptServer.java @@ -1,6 +1,7 @@ package cn.keepbx.jpom.service.script; import cn.hutool.core.io.FileUtil; +import cn.hutool.core.util.IdUtil; import cn.keepbx.jpom.common.BaseOperService; import cn.keepbx.jpom.model.data.ScriptModel; import cn.keepbx.jpom.system.AgentConfigBean; @@ -43,6 +44,7 @@ public class ScriptServer extends BaseOperService { @Override public void addItem(ScriptModel scriptModel) { + scriptModel.setId(IdUtil.fastSimpleUUID()); super.addItem(scriptModel); scriptModel.saveFile(); } diff --git a/modules/server/src/main/java/cn/keepbx/jpom/controller/user/UserEditController.java b/modules/server/src/main/java/cn/keepbx/jpom/controller/user/UserEditController.java index c2fb8a7bd..7ceb2dd5a 100644 --- a/modules/server/src/main/java/cn/keepbx/jpom/controller/user/UserEditController.java +++ b/modules/server/src/main/java/cn/keepbx/jpom/controller/user/UserEditController.java @@ -1,17 +1,28 @@ package cn.keepbx.jpom.controller.user; +import cn.hutool.core.date.DateUtil; +import cn.hutool.core.util.StrUtil; +import cn.jiangzeyin.common.JsonMessage; +import cn.keepbx.jpom.JpomApplication; import cn.keepbx.jpom.common.BaseServerController; +import cn.keepbx.jpom.common.interceptor.OptLog; import cn.keepbx.jpom.model.data.NodeModel; +import cn.keepbx.jpom.model.data.RoleModel; import cn.keepbx.jpom.model.data.UserModel; +import cn.keepbx.jpom.model.log.UserOperateLogV1; +import cn.keepbx.jpom.service.user.RoleService; import cn.keepbx.jpom.service.user.UserService; +import cn.keepbx.jpom.system.ServerExtConfigBean; import cn.keepbx.plugin.ClassFeature; import cn.keepbx.plugin.Feature; import cn.keepbx.plugin.MethodFeature; +import com.alibaba.fastjson.JSONArray; import com.alibaba.fastjson.JSONObject; import org.springframework.http.MediaType; import org.springframework.stereotype.Controller; import org.springframework.web.bind.annotation.RequestMapping; import org.springframework.web.bind.annotation.RequestMethod; +import org.springframework.web.bind.annotation.ResponseBody; import javax.annotation.Resource; import java.util.List; @@ -28,21 +39,147 @@ public class UserEditController extends BaseServerController { @Resource private UserService userService; + @Resource + private RoleService roleService; + @RequestMapping(value = "edit", method = RequestMethod.GET, produces = MediaType.TEXT_HTML_VALUE) @Feature(method = MethodFeature.EDIT) public String edit(String id) { - List nodeModels = nodeService.listAndProject(); - // - String reqId = nodeService.cacheNodeList(nodeModels); - setAttribute("reqId", reqId); - setAttribute("nodeModels", nodeModels); - //获取tomcat列表 - JSONObject nodeTomcat = nodeService.listAndTomcat(); - setAttribute("nodeTomcat", nodeTomcat); - UserModel item = userService.getItem(id); item.setPassword(null); setAttribute("userItem", item); + List list = roleService.list(); + JSONArray roles = new JSONArray(); + list.forEach(userModel -> { + JSONObject jsonObject = new JSONObject(); + jsonObject.put("title", userModel.getName()); + jsonObject.put("value", userModel.getId()); + roles.add(jsonObject); + }); + setAttribute("roles", roles); return "user/edit"; } + + /** + * 新增用户 + * + * @param id 登录名 + * @return String + */ + @RequestMapping(value = "addUser", method = RequestMethod.POST, produces = MediaType.APPLICATION_JSON_UTF8_VALUE) + @OptLog(UserOperateLogV1.OptType.AddUer) + @Feature(method = MethodFeature.EDIT) + @ResponseBody + public String addUser(String id) { + if (JpomApplication.SYSTEM_ID.equalsIgnoreCase(id)) { + return JsonMessage.getString(400, "当前登录名已经被系统占用啦"); + } + UserModel userName = getUser(); + // + int size = userService.userSize(); + if (size >= ServerExtConfigBean.getInstance().userMaxCount) { + return JsonMessage.getString(500, "当前用户个数超过系统上限"); + } + + UserModel userModel = userService.getItem(id); + if (userModel != null) { + return JsonMessage.getString(401, "登录名已经存在"); + } + userModel = new UserModel(); + // 隐藏系统管理员登录名 + if (userName.isSystemUser()) { + userModel.setParent(UserModel.SYSTEM_OCCUPY_NAME); + } else { + userModel.setParent(userName.getId()); + } + String msg = parseUser(userModel, true); + if (msg != null) { + return msg; + } + userService.addItem(userModel); + return JsonMessage.getString(200, "添加成功"); + } + + private String parseUser(UserModel userModel, boolean create) { + String id = getParameter("id"); + if (StrUtil.isEmpty(id) || id.length() < UserModel.USER_NAME_MIN_LEN) { + return JsonMessage.getString(400, "登录名不能为空,并且长度必须不小于" + UserModel.USER_NAME_MIN_LEN); + } + if (UserModel.SYSTEM_OCCUPY_NAME.equals(id) || UserModel.SYSTEM_ADMIN.equals(id)) { + return JsonMessage.getString(401, "当前登录名已经被系统占用"); + } + if (!checkPathSafe(id)) { + return JsonMessage.getString(400, "登录名不能包含特殊字符"); + } + userModel.setId(id); + + String name = getParameter("name"); + if (StrUtil.isEmpty(name)) { + return JsonMessage.getString(405, "请输入账户昵称"); + } + int len = name.length(); + if (len > 10 || len < 2) { + return JsonMessage.getString(405, "昵称长度只能是2-10"); + } + userModel.setName(name); + + UserModel userName = getUser(); + String password = getParameter("password"); + if (create || StrUtil.isNotEmpty(password)) { + if (StrUtil.isEmpty(password)) { + return JsonMessage.getString(400, "密码不能为空"); + } + // 修改用户 + if (!create && !userName.isSystemUser()) { + return JsonMessage.getString(401, "只有系统管理员才能重置用户密码"); + } + userModel.setPassword(password); + } + // + String roles = getParameter("roles"); + JSONArray jsonArray = JSONArray.parseArray(roles); + List rolesList = jsonArray.toJavaList(String.class); + if (rolesList == null || rolesList.isEmpty()) { + return JsonMessage.getString(405, "请选择一个角色"); + } + userModel.setRoles(rolesList); + return null; + } + + /** + * 修改用户 + * + * @param id 登录名 + * @return String + */ + @RequestMapping(value = "updateUser", method = RequestMethod.POST, produces = MediaType.APPLICATION_JSON_UTF8_VALUE) + @OptLog(UserOperateLogV1.OptType.EditUer) + @Feature(method = MethodFeature.EDIT) + @ResponseBody + public String updateUser(String id) { + UserModel userModel = userService.getItem(id); + if (userModel == null) { + return JsonMessage.getString(400, "修改失败:-1"); + } + // 禁止修改系统管理员信息 + if (userModel.isSystemUser()) { + return JsonMessage.getString(401, "WEB端不能修改系统管理员信息"); + } + UserModel me = getUser(); + if (userModel.getId().equals(me.getId())) { + return JsonMessage.getString(401, "不能修改自己的信息"); + } + // 非系统管理员不能修改演示账号信息 + if (!me.isSystemUser() && userModel.isDemoUser()) { + return JsonMessage.getString(402, "不支持修改演示账号信息"); + } + String msg = parseUser(userModel, false); + if (msg != null) { + return msg; + } + // 记录修改时间,如果在线用户线退出 + userModel.setModifyTime(DateUtil.currentSeconds()); + userService.updateItem(userModel); + return JsonMessage.getString(200, "修改成功"); + } } diff --git a/modules/server/src/main/java/cn/keepbx/jpom/controller/user/UserInfoController.java b/modules/server/src/main/java/cn/keepbx/jpom/controller/user/UserInfoController.java index d5d950de5..ad808910b 100644 --- a/modules/server/src/main/java/cn/keepbx/jpom/controller/user/UserInfoController.java +++ b/modules/server/src/main/java/cn/keepbx/jpom/controller/user/UserInfoController.java @@ -1,21 +1,16 @@ package cn.keepbx.jpom.controller.user; -import cn.hutool.core.date.DateUtil; -import cn.hutool.core.util.StrUtil; import cn.jiangzeyin.common.DefaultSystemLog; import cn.jiangzeyin.common.JsonMessage; import cn.jiangzeyin.common.validator.ValidatorConfig; import cn.jiangzeyin.common.validator.ValidatorItem; import cn.jiangzeyin.common.validator.ValidatorRule; -import cn.keepbx.jpom.JpomApplication; import cn.keepbx.jpom.common.BaseServerController; import cn.keepbx.jpom.common.interceptor.LoginInterceptor; import cn.keepbx.jpom.common.interceptor.OptLog; import cn.keepbx.jpom.model.data.UserModel; import cn.keepbx.jpom.model.log.UserOperateLogV1; -import cn.keepbx.jpom.service.node.manage.TomcatService; import cn.keepbx.jpom.service.user.UserService; -import cn.keepbx.jpom.system.ServerExtConfigBean; import cn.keepbx.plugin.ClassFeature; import cn.keepbx.plugin.Feature; import cn.keepbx.plugin.MethodFeature; @@ -39,9 +34,6 @@ public class UserInfoController extends BaseServerController { @Resource private UserService userService; - @Resource - private TomcatService tomcatService; - /** * 修改密码 * @@ -127,119 +119,6 @@ public class UserInfoController extends BaseServerController { return JsonMessage.getString(200, "删除成功"); } - /** - * 新增用户 - * - * @param id 登录名 - * @return String - */ - @RequestMapping(value = "addUser", method = RequestMethod.POST, produces = MediaType.APPLICATION_JSON_UTF8_VALUE) - @OptLog(UserOperateLogV1.OptType.AddUer) - @Feature(method = MethodFeature.EDIT) - public String addUser(String id) { - if (JpomApplication.SYSTEM_ID.equalsIgnoreCase(id)) { - return JsonMessage.getString(400, "当前登录名已经被系统占用啦"); - } - UserModel userName = getUser(); - // - int size = userService.userSize(); - if (size >= ServerExtConfigBean.getInstance().userMaxCount) { - return JsonMessage.getString(500, "当前用户个数超过系统上限"); - } - - UserModel userModel = userService.getItem(id); - if (userModel != null) { - return JsonMessage.getString(401, "登录名已经存在"); - } - userModel = new UserModel(); - // 隐藏系统管理员登录名 - if (userName.isSystemUser()) { - userModel.setParent(UserModel.SYSTEM_OCCUPY_NAME); - } else { - userModel.setParent(userName.getId()); - } - String msg = parseUser(userModel, true); - if (msg != null) { - return msg; - } - userService.addItem(userModel); - return JsonMessage.getString(200, "添加成功"); - } - - private String parseUser(UserModel userModel, boolean create) { - String id = getParameter("id"); - if (StrUtil.isEmpty(id) || id.length() < UserModel.USER_NAME_MIN_LEN) { - return JsonMessage.getString(400, "登录名不能为空,并且长度必须不小于" + UserModel.USER_NAME_MIN_LEN); - } - if (UserModel.SYSTEM_OCCUPY_NAME.equals(id) || UserModel.SYSTEM_ADMIN.equals(id)) { - return JsonMessage.getString(401, "当前登录名已经被系统占用"); - } - if (!checkPathSafe(id)) { - return JsonMessage.getString(400, "登录名不能包含特殊字符"); - } - userModel.setId(id); - - String name = getParameter("name"); - if (StrUtil.isEmpty(name)) { - return JsonMessage.getString(405, "请输入账户昵称"); - } - int len = name.length(); - if (len > 10 || len < 2) { - return JsonMessage.getString(405, "昵称长度只能是2-10"); - } - userModel.setName(name); - - UserModel userName = getUser(); - String password = getParameter("password"); - if (create || StrUtil.isNotEmpty(password)) { - if (StrUtil.isEmpty(password)) { - return JsonMessage.getString(400, "密码不能为空"); - } - // 修改用户 - if (!create && !userName.isSystemUser()) { - return JsonMessage.getString(401, "只有系统管理员才能重置用户密码"); - } - userModel.setPassword(password); - } - return null; - } - - /** - * 修改用户 - * - * @param id 登录名 - * @return String - */ - @RequestMapping(value = "updateUser", method = RequestMethod.POST, produces = MediaType.APPLICATION_JSON_UTF8_VALUE) - @OptLog(UserOperateLogV1.OptType.EditUer) - @Feature(method = MethodFeature.EDIT) - public String updateUser(String id) { - UserModel userModel = userService.getItem(id); - if (userModel == null) { - return JsonMessage.getString(400, "修改失败:-1"); - } - // 禁止修改系统管理员信息 - if (userModel.isSystemUser()) { - return JsonMessage.getString(401, "WEB端不能修改系统管理员信息"); - } - UserModel me = getUser(); - if (userModel.getId().equals(me.getId())) { - return JsonMessage.getString(401, "不能修改自己的信息"); - } - // 非系统管理员不能修改演示账号信息 - if (!me.isSystemUser() && userModel.isDemoUser()) { - return JsonMessage.getString(402, "不支持修改演示账号信息"); - } - String msg = parseUser(userModel, false); - if (msg != null) { - return msg; - } - // 记录修改时间,如果在线用户线退出 - userModel.setModifyTime(DateUtil.currentSeconds()); - userService.updateItem(userModel); - return JsonMessage.getString(200, "修改成功"); - } - /** * 解锁用户锁定状态 * diff --git a/modules/server/src/main/java/cn/keepbx/jpom/model/data/UserModel.java b/modules/server/src/main/java/cn/keepbx/jpom/model/data/UserModel.java index 01bd8b20f..ade9fa7e0 100644 --- a/modules/server/src/main/java/cn/keepbx/jpom/model/data/UserModel.java +++ b/modules/server/src/main/java/cn/keepbx/jpom/model/data/UserModel.java @@ -5,6 +5,7 @@ import cn.hutool.crypto.SecureUtil; import cn.keepbx.jpom.model.BaseModel; import cn.keepbx.jpom.system.ServerExtConfigBean; +import java.util.List; import java.util.concurrent.TimeUnit; /** @@ -50,7 +51,10 @@ public class UserModel extends BaseModel { * 记录最后修改时间 */ private long modifyTime; - + /** + * 角色 + */ + private List roles; /** * 邮箱 */ @@ -234,4 +238,12 @@ public class UserModel extends BaseModel { } return userId; } + + public List getRoles() { + return roles; + } + + public void setRoles(List roles) { + this.roles = roles; + } } diff --git a/modules/server/src/main/java/cn/keepbx/jpom/service/user/UserService.java b/modules/server/src/main/java/cn/keepbx/jpom/service/user/UserService.java index 840e4efd2..be427587b 100644 --- a/modules/server/src/main/java/cn/keepbx/jpom/service/user/UserService.java +++ b/modules/server/src/main/java/cn/keepbx/jpom/service/user/UserService.java @@ -1,14 +1,17 @@ package cn.keepbx.jpom.service.user; import cn.keepbx.jpom.common.BaseOperService; +import cn.keepbx.jpom.model.data.RoleModel; import cn.keepbx.jpom.model.data.UserModel; import cn.keepbx.jpom.system.ServerConfigBean; import cn.keepbx.plugin.ClassFeature; import com.alibaba.fastjson.JSONObject; import org.springframework.stereotype.Service; +import javax.annotation.Resource; import java.io.IOException; import java.util.List; +import java.util.Map; import java.util.stream.Collectors; /** @@ -19,6 +22,9 @@ import java.util.stream.Collectors; @Service public class UserService extends BaseOperService { + @Resource + private RoleService roleService; + public UserService() { super(ServerConfigBean.USER); } @@ -100,6 +106,24 @@ public class UserService extends BaseOperService { } public boolean checkUserPermission(UserModel userModel, ClassFeature classFeature, String dataId) { + List roles = userModel.getRoles(); + if (roles == null || roles.isEmpty()) { + return true; + } + for (String role : roles) { + RoleModel item = roleService.getItem(role); + if (item == null) { + continue; + } + Map> dynamicData = item.getDynamicData(); + if (dynamicData == null) { + continue; + } + List list = dynamicData.get(classFeature); + if (list.contains(dataId)) { + return false; + } + } return true; } diff --git a/modules/server/src/main/java/cn/keepbx/jpom/socket/ServerWebSocketInterceptor.java b/modules/server/src/main/java/cn/keepbx/jpom/socket/ServerWebSocketInterceptor.java index f3f8561a9..78496d828 100644 --- a/modules/server/src/main/java/cn/keepbx/jpom/socket/ServerWebSocketInterceptor.java +++ b/modules/server/src/main/java/cn/keepbx/jpom/socket/ServerWebSocketInterceptor.java @@ -47,7 +47,7 @@ public class ServerWebSocketInterceptor implements HandshakeInterceptor { if (!JpomApplication.SYSTEM_ID.equals(nodeId)) { NodeService nodeService = SpringUtil.getBean(NodeService.class); nodeModel = nodeService.getItem(nodeId); - if (nodeModel == null || !userService.checkUserPermission(userModel, ClassFeature.NODE, nodeId)) { + if (nodeModel == null || userService.checkUserPermission(userModel, ClassFeature.NODE, nodeId)) { return false; } } @@ -64,7 +64,7 @@ public class ServerWebSocketInterceptor implements HandshakeInterceptor { //控制台 String projectId = httpServletRequest.getParameter("projectId"); // 判断权限 - if (nodeModel == null || !userService.checkUserPermission(userModel, ClassFeature.PROJECT, projectId)) { + if (nodeModel == null || userService.checkUserPermission(userModel, ClassFeature.PROJECT, projectId)) { return false; } attributes.put("projectId", projectId); @@ -72,7 +72,7 @@ public class ServerWebSocketInterceptor implements HandshakeInterceptor { case script: // 脚本模板 String scriptId = httpServletRequest.getParameter("scriptId"); - if (!userService.checkUserPermission(userModel, ClassFeature.PROJECT, scriptId)) { + if (userService.checkUserPermission(userModel, ClassFeature.PROJECT, scriptId)) { return false; } attributes.put("scriptId", scriptId); diff --git a/modules/server/src/main/resources/templates/node/script/edit.html b/modules/server/src/main/resources/templates/node/script/edit.html index 4ef90a222..7649d2dcf 100644 --- a/modules/server/src/main/resources/templates/node/script/edit.html +++ b/modules/server/src/main/resources/templates/node/script/edit.html @@ -7,14 +7,8 @@
-
- -
- - -
-
+ +
diff --git a/modules/server/src/main/resources/templates/user/edit.html b/modules/server/src/main/resources/templates/user/edit.html index 5141a628b..b3f09cda4 100644 --- a/modules/server/src/main/resources/templates/user/edit.html +++ b/modules/server/src/main/resources/templates/user/edit.html @@ -29,7 +29,12 @@ lay-verify="required" class="layui-input">
+
+ +
+
+
@@ -40,10 +45,34 @@