Skip to content
Projects
Groups
Snippets
Help
This project
Loading...
Sign in / Register
Toggle navigation
Y
yanxuan-qc-change-system
Overview
Overview
Details
Activity
Cycle Analytics
Repository
Repository
Files
Commits
Branches
Tags
Contributors
Graph
Compare
Charts
Issues
0
Issues
0
List
Board
Labels
Milestones
Merge Requests
0
Merge Requests
0
CI / CD
CI / CD
Pipelines
Jobs
Schedules
Charts
Wiki
Wiki
Snippets
Snippets
Members
Members
Collapse sidebar
Close sidebar
Activity
Graph
Charts
Create a new issue
Jobs
Commits
Issue Boards
Open sidebar
胡园园
yanxuan-qc-change-system
Commits
19ce167c
Commit
19ce167c
authored
Nov 23, 2022
by
“zcwang”
Browse files
Options
Browse Files
Download
Email Patches
Plain Diff
modify: 登录校验
parent
68457730
Hide whitespace changes
Inline
Side-by-side
Showing
5 changed files
with
113 additions
and
8 deletions
+113
-8
ChangeFlowBiz.java
...om/netease/mail/yanxuan/change/biz/biz/ChangeFlowBiz.java
+4
-3
AdminUserHolder.java
...ease/mail/yanxuan/change/common/bean/AdminUserHolder.java
+2
-2
LoginInterceptor.java
...ease/mail/yanxuan/change/web/config/LoginInterceptor.java
+3
-1
UserInterceptor.java
...tease/mail/yanxuan/change/web/config/UserInterceptor.java
+102
-0
WebMvcConfig.java
.../netease/mail/yanxuan/change/web/config/WebMvcConfig.java
+2
-2
No files found.
yanxuan-qc-change-system-biz/src/main/java/com/netease/mail/yanxuan/change/biz/biz/ChangeFlowBiz.java
View file @
19ce167c
...
...
@@ -32,6 +32,7 @@ import com.netease.mail.yanxuan.change.biz.service.change.ChangeConfigService;
import
com.netease.mail.yanxuan.change.biz.service.change.ChangeTypeService
;
import
com.netease.mail.yanxuan.change.common.bean.AdminUserHolder
;
import
com.netease.mail.yanxuan.change.common.bean.CommonConstants
;
import
com.netease.mail.yanxuan.change.common.bean.RequestLocalBean
;
import
com.netease.mail.yanxuan.change.common.bean.ResponseCode
;
import
com.netease.mail.yanxuan.change.common.bean.ResponseCodeEnum
;
import
com.netease.mail.yanxuan.change.common.enums.ChangeFlowEnum
;
...
...
@@ -102,7 +103,7 @@ public class ChangeFlowBiz {
private
ChangeRecordMapper
changeRecordMapper
;
public
String
createAndSubmit
(
ChangeFlowCreateReq
changeFlowCreateReq
)
{
String
uid
=
AdminUserHolder
.
getUserName
();
String
uid
=
RequestLocalBean
.
getUid
();
log
.
info
(
"[create] createReq={}, uid:{}"
,
JSON
.
toJSONString
(
changeFlowCreateReq
),
uid
);
// 校验变更主体
checkSubject
(
changeFlowCreateReq
);
...
...
@@ -313,7 +314,7 @@ public class ChangeFlowBiz {
// 检查工单节点
this
.
checkNode
(
changeRecord
.
getFlowNode
(),
changeFlowSubmitReq
.
getCurrentNodeId
());
// todo:检验操作权限
String
uid
=
AdminUserHolder
.
getUserName
();
String
uid
=
RequestLocalBean
.
getUid
();
String
changeCommander
=
changeRecord
.
getChangeCommander
();
if
(!
uid
.
equals
(
changeCommander
))
{
throw
ExceptionFactory
.
createBiz
(
ResponseCode
.
NO_AUTH
,
ResponseCode
.
NO_AUTH
.
getMsg
());
...
...
@@ -480,7 +481,7 @@ public class ChangeFlowBiz {
content
.
put
(
"updateTime"
,
System
.
currentTimeMillis
());
content
.
put
(
CommonConstants
.
FLOW_OPERATION_KEY
,
FlowOperationTypeEnum
.
REFUSE
.
getValue
());
// String uid = RequestLocalBean.getUid();
String
uid
=
"1"
;
String
uid
=
"1
@.com
"
;
String
nextNodeId
=
this
.
submitFlow
(
String
.
valueOf
(
flowId
),
flowDataDTO
,
uid
,
ChangeFlowEnum
.
CHANGE_FLOW_EXE
.
getTopoId
(),
JSON
.
toJSONString
(
content
));
log
.
info
(
"[cancel] nextNodeId:{}"
,
nextNodeId
);
// 填充更新数据
...
...
yanxuan-qc-change-system-common/src/main/java/com/netease/mail/yanxuan/change/common/bean/AdminUserHolder.java
View file @
19ce167c
...
...
@@ -29,9 +29,9 @@ public class AdminUserHolder {
*
* @return 用户名,null-未登录
*/
public
static
String
getUserName
()
{
/*
public static String getUserName() {
return userThreadLocal.get();
}
}
*/
public
static
void
setUserName
(
String
userName
)
{
userThreadLocal
.
set
(
userName
);
...
...
yanxuan-qc-change-system-web/src/main/java/com/netease/mail/yanxuan/change/web/config/LoginInterceptor.java
View file @
19ce167c
...
...
@@ -17,6 +17,7 @@ import org.springframework.web.servlet.ModelAndView;
import
com.alibaba.fastjson.JSON
;
import
com.netease.mail.yanxuan.change.common.bean.AdminUserHolder
;
import
com.netease.mail.yanxuan.change.common.bean.AjaxResult
;
import
com.netease.mail.yanxuan.change.common.bean.RequestLocalBean
;
import
com.netease.mail.yanxuan.change.common.bean.ResponseCodeEnum
;
import
com.netease.mail.yanxuan.change.common.util.ResponseUtil
;
...
...
@@ -33,7 +34,8 @@ public class LoginInterceptor implements HandlerInterceptor {
@Override
public
boolean
preHandle
(
HttpServletRequest
request
,
HttpServletResponse
response
,
Object
handler
)
throws
Exception
{
String
yxUid
=
AdminUserHolder
.
getUserName
();
String
yxUid
=
RequestLocalBean
.
getUid
();
log
.
debug
(
"[LoginInterceptor] yxUid:{}"
,
yxUid
);
if
(
yxUid
==
null
)
{
String
text
=
JSON
.
toJSONString
(
AjaxResult
.
of
(
ResponseCodeEnum
.
SC_UNAUTHORIZED
.
getCode
(),
"not-login"
));
String
callback
=
request
.
getParameter
(
"callback"
);
...
...
yanxuan-qc-change-system-web/src/main/java/com/netease/mail/yanxuan/change/web/config/UserInterceptor.java
0 → 100644
View file @
19ce167c
/**
* @(#)UserInterceptor.java, 2022/11/23.
* <p/>
* Copyright 2022 Netease, Inc. All rights reserved.
* NETEASE PROPRIETARY/CONFIDENTIAL. Use is subject to license terms.
*/
package
com
.
netease
.
mail
.
yanxuan
.
change
.
web
.
config
;
/**
* @Author zcwang
* @Date 2022/11/23
*/
import
javax.servlet.http.Cookie
;
import
javax.servlet.http.HttpServletRequest
;
import
javax.servlet.http.HttpServletResponse
;
import
org.springframework.beans.factory.annotation.Value
;
import
org.springframework.stereotype.Component
;
import
org.springframework.web.servlet.HandlerInterceptor
;
import
org.springframework.web.servlet.ModelAndView
;
import
com.netease.mail.yanxuan.change.common.bean.RequestLocalBean
;
import
com.netease.mail.yx.openid.YxOpenidLogin
;
import
com.netease.mail.yx.openid.YxOpenidUser
;
import
lombok.extern.slf4j.Slf4j
;
/**
* 提取用户uid
*
* @author lwtang
*/
@Component
@Slf4j
public
class
UserInterceptor
implements
HandlerInterceptor
{
@Value
(
"${product:product}"
)
String
product
;
@Override
public
boolean
preHandle
(
HttpServletRequest
request
,
HttpServletResponse
response
,
Object
handler
)
throws
Exception
{
//获取cookie信息
Cookie
[]
cookies
=
request
.
getCookies
();
String
userCookie
=
null
;
if
(
cookies
!=
null
)
{
for
(
Cookie
cookie:
cookies
)
{
if
(
cookie
.
getName
().
equals
(
"YX_OPENID_SESS"
))
{
userCookie
=
cookie
.
getValue
();
}
}
}
log
.
info
(
"YX_OPENID_SESS: {}"
,
userCookie
);
// 解析cookie
YxOpenidUser
yxuser
=
null
;
if
(
userCookie
!=
null
)
{
yxuser
=
YxOpenidLogin
.
parseCookie
(
userCookie
);
}
// ajax请求,走返回码
String
accept
=
request
.
getHeader
(
"Accept"
);
// cookie不存在或者超过一个小时(时间自己定)
if
(
yxuser
==
null
||
yxuser
.
getLoginTime
()
<
System
.
currentTimeMillis
()
-
60
*
1000
*
1000
)
{
//如果是ajax请求
if
(!
accept
.
contains
(
"text/html"
)
||
request
.
getRequestURI
().
contains
(
"ajax"
))
{
log
.
info
(
"ajax request user is null or login time too early, yxuser: {}"
,
yxuser
);
}
else
{
String
url
=
request
.
getRequestURL
().
toString
();
String
loginUrl
=
YxOpenidLogin
.
getLoginUrl
(
url
);
log
.
info
(
"redirect url: {}"
,
loginUrl
);
response
.
sendRedirect
(
loginUrl
);
}
}
else
{
// 获取用户信息
// 邮箱地址
String
email
=
yxuser
.
getEmail
();
RequestLocalBean
.
setUid
(
email
);
// 中文姓名
String
fullname
=
yxuser
.
getFullName
();
RequestLocalBean
.
setName
(
fullname
);
// 用户登录时间戳
long
loginTime
=
yxuser
.
getLoginTime
();
log
.
info
(
"[UserAccess] user: {}, url: {}"
,
email
,
request
.
getPathInfo
());
RequestLocalBean
.
setLastLoginTime
(
loginTime
);
}
return
true
;
}
@Override
public
void
postHandle
(
HttpServletRequest
request
,
HttpServletResponse
response
,
Object
handler
,
ModelAndView
modelAndView
)
throws
Exception
{
}
@Override
public
void
afterCompletion
(
HttpServletRequest
request
,
HttpServletResponse
response
,
Object
handler
,
Exception
ex
)
throws
Exception
{
RequestLocalBean
.
clear
();
}
}
yanxuan-qc-change-system-web/src/main/java/com/netease/mail/yanxuan/change/web/config/WebMvcConfig.java
View file @
19ce167c
...
...
@@ -18,7 +18,7 @@ import org.springframework.web.servlet.config.annotation.WebMvcConfigurerAdapter
public
class
WebMvcConfig
implements
WebMvcConfigurer
{
@Autowired
private
AdminUserLoginInterceptor
adminUserLogin
Interceptor
;
private
UserInterceptor
user
Interceptor
;
@Autowired
private
LoginInterceptor
loginInterceptor
;
...
...
@@ -30,7 +30,7 @@ public class WebMvcConfig implements WebMvcConfigurer{
*/
@Override
public
void
addInterceptors
(
InterceptorRegistry
registry
)
{
registry
.
addInterceptor
(
adminUserLogin
Interceptor
).
addPathPatterns
(
"/**"
);
registry
.
addInterceptor
(
user
Interceptor
).
addPathPatterns
(
"/**"
);
registry
.
addInterceptor
(
loginInterceptor
).
addPathPatterns
(
"/**"
).
excludePathPatterns
(
"/change/flow/getOperator"
);
}
...
...
Write
Preview
Markdown
is supported
0%
Try again
or
attach a new file
Attach a file
Cancel
You are about to add
0
people
to the discussion. Proceed with caution.
Finish editing this message first!
Cancel
Please
register
or
sign in
to comment
