Commit cc0bf2da authored by zhangwanglin's avatar zhangwanglin

Merge remote-tracking branch 'origin/master' into dev_nursing_records_20230214

# Conflicts: # account/account-service/src/main/resources/mapper/ChDisabAccountsDetailMapper.xml
parents a559fd3b 7b623153
......@@ -157,7 +157,7 @@ left join CH_DISABLE_INFO info on d.DISAB_INFO_ID = info.DISAB_INFO_ID
from ch_srv_task_detail detail--服务计划
left join ch_srv_task task on task.srv_task_id = detail.srv_task_id--服务计划详情
left join ch_disable_info disable on task.disab_info_id = disable.disab_info_id--失能人员
left join CH_DEV.CH_DISABLE_APPLY apply on apply.apply_id = disable.apply_id
left join CH_DISABLE_APPLY apply on apply.apply_id = disable.apply_id
left join ch_srv_organ_emp emp on task.srv_emp_id = emp.emp_id--护理人员
left join ch_srv_program program on task.program_id = program.program_id--服务方案
left join ch_srv_organ organ on program.srv_organ_id = organ.srv_organ_id--服务机构
......@@ -261,7 +261,7 @@ left join CH_DISABLE_INFO info on d.DISAB_INFO_ID = info.DISAB_INFO_ID
from ch_srv_task_detail detail--服务计划
left join ch_srv_task task on task.srv_task_id = detail.srv_task_id--服务计划详情
left join ch_disable_info disable on task.disab_info_id = disable.disab_info_id--失能人员
left join CH_DEV.CH_DISABLE_APPLY apply on apply.apply_id = disable.apply_id
left join CH_DISABLE_APPLY apply on apply.apply_id = disable.apply_id
left join ch_srv_organ_emp emp on task.srv_emp_id = emp.emp_id--护理人员
left join ch_srv_program program on task.program_id = program.program_id--服务方案
left join ch_srv_organ organ on program.srv_organ_id = organ.srv_organ_id--服务机构
......
......@@ -9,6 +9,7 @@ import com.hungraim.ltc.service.DisableService;
import com.hungraim.ltc.util.FileUtils;
import com.hungraim.ltc.util.Result;
import com.hungraim.ltc.util.ResultCode;
import com.hungraim.ltc.util.TokenParsingUtil;
import lombok.extern.slf4j.Slf4j;
import org.apache.commons.lang.StringUtils;
import org.apache.poi.ss.usermodel.Workbook;
......@@ -17,6 +18,7 @@ import org.springframework.web.bind.annotation.*;
import javax.servlet.http.HttpServletResponse;
import java.net.URLEncoder;
import java.util.ArrayList;
import java.util.List;
/**
......@@ -70,8 +72,9 @@ public class DisableController {
* 查询所有父机构
*/
@RequestMapping("/fndOrganRoot")
public Result<List<ChFndOrgan>> fndOrganRoot() {
List<ChFndOrgan> organs = disableService.fndOrganRoot();
public Result<List<ChFndOrgan>> fndOrganRoot(@RequestHeader("Authorization") String token) {
long organId = TokenParsingUtil.TokenParsing(token, "organId");
List<ChFndOrgan> organs = disableService.fndOrganRoot(organId);
return Result.success(organs);
}
......@@ -79,8 +82,9 @@ public class DisableController {
* 查询所有机构
*/
@RequestMapping("/fndAllOrgan")
public Result<List<ChFndOrgan>> fndAllOrgan() {
List<ChFndOrgan> organs = disableService.fndAllOrgan();
public Result<List<ChFndOrgan>> fndAllOrgan(@RequestHeader("Authorization") String token) {
long organId = TokenParsingUtil.TokenParsing(token, "organId");
List<ChFndOrgan> organs = disableService.fndAllOrgan(organId);
return Result.success(organs);
}
......@@ -96,31 +100,29 @@ public class DisableController {
/**
* 查询机构(不包含子机构)下所有护理机构
*
* @param organId 机构id
* @param token
*/
@RequestMapping("/srvOrganList")
public Result<List<ChSrvOrgan>> srvOrganList(String organId) {
if (StringUtils.isBlank(organId)) {
return Result.failed(ResultCode.REQUEST_PARAM_ERROR);
}
List<ChSrvOrgan> chFndSrvModes = disableService.srvOrganList(organId, false);
public Result<List<ChSrvOrgan>> srvOrganList(@RequestHeader("Authorization") String token) {
long organId = TokenParsingUtil.TokenParsing(token, "organId");
long srvOrganId = TokenParsingUtil.TokenParsing(token, "srvOrganId");
List<ChSrvOrgan> chFndSrvModes = disableService.srvOrganList(String.valueOf(organId), srvOrganId, false);
return Result.success(chFndSrvModes);
}
/**
* 查询机构下或者包含子机构下的所有护理机构
*
* @param organId 机构id
* @param 机构id
*/
@RequestMapping("/srvOrganListByIsInvolveChild")
public Result<List<ChSrvOrgan>> srvOrganListByIsInvolveChild(String organId, Boolean isInvolveChild) {
if (StringUtils.isBlank(organId)) {
return Result.failed(ResultCode.REQUEST_PARAM_ERROR);
}
public Result<List<ChSrvOrgan>> srvOrganListByIsInvolveChild(@RequestHeader("Authorization") String token, Boolean isInvolveChild) {
long organId = TokenParsingUtil.TokenParsing(token, "organId");
long srvOrganId = TokenParsingUtil.TokenParsing(token, "srvOrganId");
if (null == isInvolveChild) {
isInvolveChild = false;
}
List<ChSrvOrgan> chFndSrvModes = disableService.srvOrganList(organId, isInvolveChild);
List<ChSrvOrgan> chFndSrvModes = disableService.srvOrganList(String.valueOf(organId),srvOrganId, isInvolveChild);
return Result.success(chFndSrvModes);
}
......
......@@ -19,6 +19,7 @@ import com.hungraim.ltc.service.SrvOrganService;
import com.hungraim.ltc.util.FileUtils;
import com.hungraim.ltc.util.Result;
import com.hungraim.ltc.util.ResultCode;
import com.hungraim.ltc.util.TokenParsingUtil;
import lombok.AllArgsConstructor;
import lombok.extern.slf4j.Slf4j;
import org.apache.poi.ss.usermodel.Workbook;
......@@ -53,9 +54,11 @@ public class SrvOrganController {
* @return 返回护理机构列表
*/
@GetMapping("/list")
public Result<Page<SrvOrganListVo>> getSrvOrganList(Integer pageNum, Integer pageSize, Long organId, Boolean isInvolveChild, String creditCode, String srvOrganName) {
public Result<Page<SrvOrganListVo>> getSrvOrganList(@RequestHeader("Authorization") String token,Integer pageNum,
Integer pageSize, Long organId, Boolean isInvolveChild, String creditCode, String srvOrganName) {
long srvOrganId = TokenParsingUtil.TokenParsing(token, "srvOrganId");
Page<SrvOrganListVo> page = new Page<>(pageNum, pageSize);
page = srvOrganService.getSrvOrganList(page, organId, isInvolveChild, creditCode, srvOrganName);
page = srvOrganService.getSrvOrganList(page, organId, isInvolveChild, creditCode, srvOrganName,srvOrganId);
return Result.success(page);
}
......@@ -150,9 +153,10 @@ public class SrvOrganController {
* @return 返回列表
*/
@GetMapping("/srvOrganEmpList")
public Result<Page<SrvOrganEmpListVo>> getSrvOrganEmpListVo(@RequestParam(defaultValue = "1") Integer pageNum, @RequestParam(defaultValue = "10") Integer pageSize, Long organId, Boolean isInvolveChild, String empName, String srvOrganName, String certifNum, Short isLock, Short empType) {
public Result<Page<SrvOrganEmpListVo>> getSrvOrganEmpListVo(@RequestHeader("Authorization") String token,@RequestParam(defaultValue = "1") Integer pageNum, @RequestParam(defaultValue = "10") Integer pageSize, Long organId, Boolean isInvolveChild, String empName, String srvOrganName, String certifNum, Short isLock, Short empType) {
long srvOrganId = TokenParsingUtil.TokenParsing(token, "srvOrganId");
Page<SrvOrganEmpListVo> page = new Page<>(pageNum, pageSize);
page = srvOrganEmpService.getSrvOrganEmpListVo(page, organId, isInvolveChild, empName, srvOrganName, certifNum, isLock, empType);
page = srvOrganEmpService.getSrvOrganEmpListVo(page, organId, isInvolveChild, empName, srvOrganName, certifNum, isLock, empType,srvOrganId);
return Result.success(page);
}
......@@ -274,9 +278,11 @@ public class SrvOrganController {
* @param empType 护理人员类型
*/
@GetMapping("/srvOrganExport")
public void srvOrganExport(Long organId, Boolean isInvolveChild, String empName, String srvOrganName, String certifNum,
public void srvOrganExport(@RequestHeader("Authorization") String token, Boolean isInvolveChild, String empName, String srvOrganName, String certifNum,
Short isLock, Short empType,HttpServletResponse response){
Workbook workbook = srvOrganEmpService.srvOrganExport(organId, isInvolveChild, empName, srvOrganName, certifNum,
long organId = TokenParsingUtil.TokenParsing(token, "organId");
long srvOrganId = TokenParsingUtil.TokenParsing(token, "srvOrganId");
Workbook workbook = srvOrganEmpService.srvOrganExport(organId,srvOrganId, isInvolveChild, empName, srvOrganName, certifNum,
isLock, empType);
// 命名表格
String fileName = "srvOrgan.xlsx";
......
......@@ -28,9 +28,9 @@ public interface ChSrvOrganEmpMapper extends BaseMapper<ChSrvOrganEmp> {
* @param empType 护理人员类型
* @return 返回列表
*/
Page<SrvOrganEmpListVo> getSrvOrganEmpListVo(Page<SrvOrganEmpListVo> page, List<Long> organIds, String empName, String srvOrganName, String certifNum, Short isLock, Short empType);
Page<SrvOrganEmpListVo> getSrvOrganEmpListVo(Page<SrvOrganEmpListVo> page, List<Long> organIds, String empName, String srvOrganName, String certifNum, Short isLock, Short empType,Long srvOrganId);
List<SrvOrganEmpExportVo> getSrvOrganEmpExportList(List<Long> organIds, String empName, String srvOrganName, String certifNum, Short isLock, Short empType);
List<SrvOrganEmpExportVo> getSrvOrganEmpExportList(List<Long> organIds,Long srvOrganId, String empName, String srvOrganName, String certifNum, Short isLock, Short empType);
}
\ No newline at end of file
......@@ -29,5 +29,8 @@ public interface SrvOrganMapper extends BaseMapper<ChSrvOrgan> {
* @param srvOrganName 护理机构名称
* @return 返回护理机构列表
*/
Page<SrvOrganListVo> getSrvOrganList(Page<SrvOrganListVo> page, @Param("organIds") List<Long> organIds, @Param("creditCode") String creditCode, @Param("srvOrganName") String srvOrganName);
Page<SrvOrganListVo> getSrvOrganList(Page<SrvOrganListVo> page, @Param("organIds") List<Long> organIds,
@Param("creditCode") String creditCode,
@Param("srvOrganName") String srvOrganName,
@Param("srvOrganId") Long srvOrganId);
}
......@@ -51,7 +51,7 @@ public interface DisableService {
*/
List<ChFndDistrict> district(String districtLevel, String districtCode);
List<ChFndOrgan> fndOrganRoot();
List<ChFndOrgan> fndOrganRoot(long organId);
/**
* 查询所有服务方式
......@@ -64,7 +64,7 @@ public interface DisableService {
* @param organId 机构id
* @param isInvolveChild 是否包含子机构
*/
List<ChSrvOrgan> srvOrganList(String organId, Boolean isInvolveChild);
List<ChSrvOrgan> srvOrganList(String organId,Long srvOrganId, Boolean isInvolveChild);
/**
* 查询疾病类型
......@@ -109,7 +109,7 @@ public interface DisableService {
*
* @return 返回列表
*/
List<ChFndOrgan> fndAllOrgan();
List<ChFndOrgan> fndAllOrgan(long organId);
/**
* 失能人员信息变更表-新增
......
......@@ -24,7 +24,7 @@ public interface SrvOrganEmpService {
* @param empType 护理人员类型
* @return 返回列表
*/
Page<SrvOrganEmpListVo> getSrvOrganEmpListVo(Page<SrvOrganEmpListVo> page, Long organId, Boolean isInvolveChild, String empName, String srvOrganName, String certifNum, Short isLock, Short empType);
Page<SrvOrganEmpListVo> getSrvOrganEmpListVo(Page<SrvOrganEmpListVo> page, Long organId, Boolean isInvolveChild, String empName, String srvOrganName, String certifNum, Short isLock, Short empType,Long srvOrganId);
/**
* 修改护理人员的状态
......@@ -65,7 +65,7 @@ public interface SrvOrganEmpService {
*/
void saveOrUpdateSrvOrganEmp(SrvOrganEmpVo srvOrganEmpVo);
Workbook srvOrganExport(Long organId, Boolean isInvolveChild, String empName, String srvOrganName, String certifNum,
Workbook srvOrganExport(Long organId,Long srvOrganId, Boolean isInvolveChild, String empName, String srvOrganName, String certifNum,
Short isLock, Short empType);
Page<ChSrvTaskDetailVo> chSrvTaskDetailQuery(Page<ChSrvTaskDetailVo> page,Long empId);
......
......@@ -20,7 +20,7 @@ public interface SrvOrganService {
* @param srvOrganName 护理机构名称
* @return 返回护理机构列表
*/
Page<SrvOrganListVo> getSrvOrganList(Page<SrvOrganListVo> page, Long organId, Boolean isInvolveChild, String creditCode, String srvOrganName);
Page<SrvOrganListVo> getSrvOrganList(Page<SrvOrganListVo> page, Long organId, Boolean isInvolveChild, String creditCode, String srvOrganName,Long srvOrganId);
/**
* 获取所有服务机构等级
......
......@@ -311,10 +311,13 @@ public class DisableServiceImpl implements DisableService {
}
@Override
public List<ChFndOrgan> fndOrganRoot() {
public List<ChFndOrgan> fndOrganRoot(long organId) {
QueryWrapper<ChFndOrgan> queryWrapper = new QueryWrapper<>();
queryWrapper.eq("IS_LEAF", "1");
queryWrapper.eq("STATUS", "1");
if(organId!=0){
queryWrapper.eq("ORGAN_ID", organId);
}
queryWrapper.and(wrapper -> wrapper.isNull("PARENT_ID").or().eq("PARENT_ID", ""));
return fndOrganMapper.selectList(queryWrapper);
}
......@@ -325,10 +328,19 @@ public class DisableServiceImpl implements DisableService {
}
@Override
public List<ChSrvOrgan> srvOrganList(String organId, Boolean isInvolveChild) {
public List<ChSrvOrgan> srvOrganList(String organId,Long srvOrganId, Boolean isInvolveChild) {
// zhangch 2021-11-04 修改查询条件 new QueryWrapper<ChSrvOrgan>().eq("organ_id", organId).eq("STATUS", (short) 0)
List<Long> organIds = organService.getOrganIds(Long.valueOf(organId), isInvolveChild);
return srvOrganMapper.selectList(new LambdaQueryWrapper<ChSrvOrgan>().eq(ChSrvOrgan::getStatus, (short) 0).in(ChSrvOrgan::getOrganId, organIds));
LambdaQueryWrapper<ChSrvOrgan> queryWrapper = new LambdaQueryWrapper<ChSrvOrgan>();
queryWrapper.eq(ChSrvOrgan::getStatus, (short) 0);
if(organIds.size() > 0){
queryWrapper.in(ChSrvOrgan::getOrganId, organIds);
}
if(srvOrganId!=0){
queryWrapper.in(ChSrvOrgan::getSrvOrganId, srvOrganId);
}
return srvOrganMapper.selectList(queryWrapper );
}
@Override
......@@ -388,10 +400,13 @@ public class DisableServiceImpl implements DisableService {
}
@Override
public List<ChFndOrgan> fndAllOrgan() {
public List<ChFndOrgan> fndAllOrgan(long organId) {
QueryWrapper<ChFndOrgan> queryWrapper = new QueryWrapper<>();
queryWrapper.eq("IS_LEAF", "1");
queryWrapper.eq("STATUS", "1");
if(organId!=0){
queryWrapper.eq("ORGAN_ID", organId);
}
return fndOrganMapper.selectList(queryWrapper);
}
......
......@@ -25,7 +25,9 @@ public class OrganServiceImpl implements OrganService {
private void getOrganList(Long organId, List<Long> organIds) {
QueryWrapper<ChFndOrgan> queryWrapper = new QueryWrapper<>();
queryWrapper.eq("STATUS", "1");
if(organId!=0){
queryWrapper.eq("PARENT_ID", organId);
}
List<ChFndOrgan> organs = fndOrganMapper.selectList(queryWrapper);
if (organs != null && organs.size() != 0) {
for (ChFndOrgan chFndOrgan : organs) {
......@@ -41,7 +43,7 @@ public class OrganServiceImpl implements OrganService {
@Override
public List<Long> getOrganIds(Long organId, Boolean isInvolveChild) {
List<Long> organIds = new ArrayList<>();
if (organId != null) {
if (organId != null && organId != 0) {
organIds.add(organId);
if (isInvolveChild) {
getOrganList(organId, organIds);
......
......@@ -62,9 +62,9 @@ public class SrvOrganEmpServiceImpl implements SrvOrganEmpService {
@Override
public Page<SrvOrganEmpListVo> getSrvOrganEmpListVo(Page<SrvOrganEmpListVo> page, Long organId, Boolean isInvolveChild, String empName, String srvOrganName, String certifNum, Short isLock, Short empType) {
public Page<SrvOrganEmpListVo> getSrvOrganEmpListVo(Page<SrvOrganEmpListVo> page, Long organId, Boolean isInvolveChild, String empName, String srvOrganName, String certifNum, Short isLock, Short empType,Long srvOrganId) {
List<Long> organIds = organService.getOrganIds(organId, isInvolveChild);
return chSrvOrganEmpMapper.getSrvOrganEmpListVo(page, organIds, empName, srvOrganName, certifNum, isLock, empType);
return chSrvOrganEmpMapper.getSrvOrganEmpListVo(page, organIds, empName, srvOrganName, certifNum, isLock, empType,srvOrganId);
}
@Override
......@@ -141,10 +141,10 @@ public class SrvOrganEmpServiceImpl implements SrvOrganEmpService {
@Override
public Workbook srvOrganExport(Long organId, Boolean isInvolveChild, String empName, String srvOrganName, String certifNum,
public Workbook srvOrganExport(Long organId,Long srvOrganId, Boolean isInvolveChild, String empName, String srvOrganName, String certifNum,
Short isLock, Short empType) {
List<Long> organIds = organService.getOrganIds(organId, isInvolveChild);
List<SrvOrganEmpExportVo> srvOrganEmpExportList = chSrvOrganEmpMapper.getSrvOrganEmpExportList(organIds, empName, srvOrganName, certifNum, isLock, empType);
List<SrvOrganEmpExportVo> srvOrganEmpExportList = chSrvOrganEmpMapper.getSrvOrganEmpExportList(organIds,srvOrganId, empName, srvOrganName, certifNum, isLock, empType);
for (SrvOrganEmpExportVo record : srvOrganEmpExportList) {
StringBuilder stringBuilder = new StringBuilder();
......
......@@ -50,9 +50,9 @@ public class SrvOrganServiceImpl implements SrvOrganService {
@Override
public Page<SrvOrganListVo> getSrvOrganList(Page<SrvOrganListVo> page, Long organId, Boolean isInvolveChild, String creditCode, String srvOrganName) {
public Page<SrvOrganListVo> getSrvOrganList(Page<SrvOrganListVo> page, Long organId, Boolean isInvolveChild, String creditCode, String srvOrganName,Long srvOrganId) {
List<Long> organIds = organService.getOrganIds(organId, isInvolveChild);
Page<SrvOrganListVo> srvOrganList = srvOrganMapper.getSrvOrganList(page, organIds, creditCode, srvOrganName);
Page<SrvOrganListVo> srvOrganList = srvOrganMapper.getSrvOrganList(page, organIds, creditCode, srvOrganName,srvOrganId);
List<SrvOrganListVo> records = srvOrganList.getRecords();
if (records != null && records.size() > 0) {
for (SrvOrganListVo srvOrganListVo : records) {
......
......@@ -82,6 +82,9 @@
<if test="empType != null">
AND T1.EMP_TYPE = #{empType}
</if>
<if test="srvOrganId != null and srvOrganId != 0">
AND T4.SRV_ORGAN_ID = #{srvOrganId}
</if>
</where>
ORDER BY T1.EFF_TIME DESC
</select>
......@@ -136,6 +139,9 @@
<if test="empType != null">
AND T1.EMP_TYPE = #{empType}
</if>
<if test="srvOrganId != null and srvOrganId != 0" >
AND T4.SRV_ORGAN_ID = #{srvOrganId}
</if>
</where>
ORDER BY T1.EFF_TIME DESC
</select>
......
......@@ -52,5 +52,8 @@
<if test="srvOrganName != null and srvOrganName != ''">
AND T1.SRV_ORGAN_NAME LIKE CONCAT('%',CONCAT(#{srvOrganName},'%'))
</if>
<if test="srvOrganId != null and srvOrganId != ''and srvOrganId!=0">
AND T1.SRV_ORGAN_ID = #{srvOrganId}
</if>
</select>
</mapper>
\ No newline at end of file
package com.hungraim.ltc.controller;
import com.alibaba.fastjson.JSONObject;
import com.hungraim.ltc.util.CsoftSecurityUtil;
import com.hungraim.ltc.util.Result;
import lombok.AllArgsConstructor;
import lombok.SneakyThrows;
import org.springframework.security.core.Authentication;
import org.springframework.security.core.context.SecurityContextHolder;
import org.springframework.data.redis.core.RedisTemplate;
import org.springframework.security.jwt.JwtHelper;
import org.springframework.security.oauth2.common.OAuth2AccessToken;
import org.springframework.security.oauth2.provider.endpoint.TokenEndpoint;
import org.springframework.security.web.authentication.logout.SecurityContextLogoutHandler;
import org.springframework.web.bind.annotation.*;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import java.security.Principal;
import java.util.Map;
......@@ -26,6 +24,7 @@ import java.util.Map;
@AllArgsConstructor
public class AuthController {
private final RedisTemplate redisTemplate;
private final TokenEndpoint tokenEndpoint;
@PostMapping("/token")
......@@ -48,15 +47,12 @@ public class AuthController {
return Result.success(keyMap.get(0).toString());
}
@GetMapping("/authLogout")
public Result authLogout(HttpServletRequest request, HttpServletResponse response) {
Authentication auth = SecurityContextHolder.getContext().getAuthentication();
//清除认证
if (auth != null) {
new SecurityContextLogoutHandler().logout(request, response, auth);
}
@PostMapping("/logout")
public Result doLogout(String access_token){
String claims = JwtHelper.decode(access_token).getClaims();
String jti = (String)JSONObject.parseObject(claims).get("jti");
redisTemplate.opsForValue().set(jti,access_token);
return Result.success();
}
}
......@@ -155,11 +155,13 @@ public class AuthorizationServerConfiguration extends AuthorizationServerConfigu
public TokenEnhancer tokenEnhancer() {
return (accessToken, authentication) -> {
UserLoginInfoVO user = (UserLoginInfoVO) authentication.getUserAuthentication().getPrincipal();
Map<String, Object> map = new HashMap<>(4);
Map<String, Object> map = new HashMap<>(6);
map.put("name", user.getName());
map.put("avatar", user.getAvatar());
map.put("userId", user.getUserId());
map.put("account", user.getUsername());
map.put("organId", user.getOrganId());
map.put("srvOrganId", user.getSrvOrganId());
((DefaultOAuth2AccessToken) accessToken).setAdditionalInformation(map);
return accessToken;
};
......
......@@ -12,6 +12,7 @@ import org.springframework.security.config.annotation.web.configuration.WebSecur
import org.springframework.security.crypto.bcrypt.BCryptPasswordEncoder;
import org.springframework.security.crypto.password.PasswordEncoder;
import org.springframework.security.web.authentication.logout.LogoutHandler;
import org.springframework.security.web.authentication.logout.LogoutSuccessHandler;
import org.springframework.security.web.authentication.logout.SecurityContextLogoutHandler;
......@@ -20,7 +21,6 @@ import org.springframework.security.web.authentication.logout.SecurityContextLog
*/
@Configuration
@EnableWebSecurity
@EnableGlobalMethodSecurity(prePostEnabled = true,securedEnabled = true)
@Order(1)
public class WebSecurityConfig extends WebSecurityConfigurerAdapter {
......@@ -35,13 +35,8 @@ public class WebSecurityConfig extends WebSecurityConfigurerAdapter {
.authorizeRequests().requestMatchers(EndpointRequest.toAnyEndpoint()).permitAll()
.and()
.authorizeRequests()
.antMatchers("/getPublicKey","/oauth/*").permitAll()
.anyRequest().authenticated()
.and()
.logout()
.logoutUrl("/oauth/logout")
.invalidateHttpSession(true);
.antMatchers("/getPublicKey","/oauth/**").permitAll()
.anyRequest().authenticated();
}
/**
......
......@@ -63,6 +63,14 @@
<scope>compile</scope>
</dependency>
<!--jwt-->
<dependency>
<groupId>org.springframework.security</groupId>
<artifactId>spring-security-jwt</artifactId>
<version>1.0.9.RELEASE</version>
<scope>compile</scope>
</dependency>
<!--Excel导入导出-->
<dependency>
<groupId>cn.afterturn</groupId>
......
......@@ -29,6 +29,15 @@ public interface AuthConstants {
* Redis缓存权限规则key
*/
String PERMISSION_ROLES_KEY = "ltc:auth:permission:roles";
/**
* Redis缓存权限规则key
*/
String PERMISSION_RESOURCE_INTERFACE_KEY = "ltc:resource:interface";
/**
* Redis缓存权限规则key
*/
String PERMISSION_ROLES_RESOURCE_KEY = "ltc:roles:resource";
/**
......
package com.hungraim.ltc.pojo.entity.system;
import com.baomidou.mybatisplus.annotation.TableId;
import com.baomidou.mybatisplus.annotation.TableName;
import lombok.Data;
import java.util.Date;
@Data
@TableName("LTC_INTERFACE")
public class SystemInterface {
@TableId
private Long interfaceId;
private String interfaceUrl;
private String interfaceName;
private Date createdTime;
}
......@@ -27,5 +27,7 @@ public class SystemUser {
private Integer userStatus;
private Date createdTime;
private Date updatedTime;
private Long organId;
private Long srvOrganId;
}
......@@ -20,5 +20,7 @@ public class ReqUserInfo {
private String marketerCode;
private List<Long> roleIds;
private Long organId;
private Long srvOrganId;
}
......@@ -23,6 +23,8 @@ public class UserLoginInfoVO implements UserDetails {
private final Long userId;
private String avatar;
private final Boolean enable;
private Long organId;
private Long srvOrganId;
public UserLoginInfoVO(SystemUser user) {
this.username = user.getAccount();
......@@ -30,6 +32,8 @@ public class UserLoginInfoVO implements UserDetails {
this.name = user.getRealName();
this.userId = user.getUserId();
this.enable = user.getUserStatus() == 1;
this.organId = user.getOrganId();
this.srvOrganId = user.getSrvOrganId();
}
public void setAuthorities(List<Long> roles) {
......
package com.hungraim.ltc.util;
import com.alibaba.fastjson.JSONObject;
import com.hungraim.ltc.constant.AuthConstants;
import org.springframework.security.jwt.JwtHelper;
public class TokenParsingUtil {
public static Integer TokenParsing(String token, String id){
//解析token
String subToken = token.substring(AuthConstants.JWT_PREFIX.length());
String claims = JwtHelper.decode(subToken).getClaims();
Integer rid = (Integer) JSONObject.parseObject(claims).get(id);
return rid;
}
}
......@@ -56,6 +56,13 @@
<groupId>org.springframework.security</groupId>
<artifactId>spring-security-oauth2-resource-server</artifactId>
</dependency>
<!--jwt-->
<dependency>
<groupId>org.springframework.security</groupId>
<artifactId>spring-security-jwt</artifactId>
<version>1.0.9.RELEASE</version>
<scope>compile</scope>
</dependency>
</dependencies>
......
......@@ -51,7 +51,8 @@ public class ResourceServerConfig {
http.oauth2ResourceServer().jwt()
.jwtAuthenticationConverter(jwtAuthenticationConverter());
http.authorizeExchange()
.pathMatchers("/api/oauth/token","/oauth/*","/api/oauth/genKeyPair").permitAll()
.pathMatchers("/api/oauth/token","/api.system/role/getRoleResource",
"/api.system/resource/getManinMenu","/oauth/*","/api/oauth/genKeyPair").permitAll()
.anyExchange().access(authorizationManager)
.and()
.exceptionHandling()
......
......@@ -3,8 +3,11 @@ package com.hungraim.ltc.gateway.security;
import cn.hutool.core.convert.Convert;
import cn.hutool.core.util.StrUtil;
import com.alibaba.fastjson.JSONObject;
import com.hungraim.ltc.constant.AuthConstants;
import com.hungraim.ltc.pojo.entity.system.SystemInterface;
import lombok.extern.slf4j.Slf4j;
import org.apache.commons.collections4.ListUtils;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.data.redis.core.RedisTemplate;
import org.springframework.http.HttpMethod;
......@@ -13,16 +16,14 @@ import org.springframework.security.authorization.AuthorizationDecision;
import org.springframework.security.authorization.ReactiveAuthorizationManager;
import org.springframework.security.core.Authentication;
import org.springframework.security.core.GrantedAuthority;
import org.springframework.security.jwt.JwtHelper;
import org.springframework.security.web.server.authorization.AuthorizationContext;
import org.springframework.stereotype.Component;
import org.springframework.util.AntPathMatcher;
import org.springframework.util.PathMatcher;
import reactor.core.publisher.Mono;
import java.util.HashSet;
import java.util.Iterator;
import java.util.Map;
import java.util.Set;
import java.util.*;
/**
* 鉴权管理器
......@@ -45,6 +46,7 @@ public class AuthorizationManager implements ReactiveAuthorizationManager<Author
public Mono<AuthorizationDecision> check(Mono<Authentication> mono, AuthorizationContext authorizationContext) {
ServerHttpRequest request = authorizationContext.getExchange().getRequest();
String path = request.getMethodValue() + "_" + request.getURI().getPath();
log.info("请求,path={}", path);
......@@ -62,42 +64,47 @@ public class AuthorizationManager implements ReactiveAuthorizationManager<Author
log.info("请求token为空拒绝访问,path={}", path);
return Mono.just(new AuthorizationDecision(false));
}
// 从缓存取资源权限角色关系列表
Map<Object, Object> permissionRoles = redisTemplate.opsForHash().entries(AuthConstants.PERMISSION_ROLES_KEY);
Iterator<Object> iterator = permissionRoles.keySet().iterator();
// 请求路径匹配到的资源需要的角色权限集合authorities统计
Set<String> authorities = new HashSet<>();
while (iterator.hasNext()) {
String pattern = (String) iterator.next();
if (pathMatcher.match(pattern, path)) {
authorities.addAll(Convert.toList(String.class, permissionRoles.get(pattern)));
}
String subToken = token.substring(AuthConstants.JWT_PREFIX.length());
String claims = JwtHelper.decode(subToken).getClaims();
String jti = (String) JSONObject.parseObject(claims).get("jti");
String acc_token = (String) redisTemplate.opsForValue().get(jti);
if (!StrUtil.isBlank(acc_token)) {
log.info("请求token为空拒绝访问,path={}", path);
return Mono.just(new AuthorizationDecision(false));
}
log.info("require authorities:{}", authorities);
// 认证通过且角色匹配的用户可访问当前路径
// return mono.map(auth -> {
// return new AuthorizationDecision(true);
// }).defaultIfEmpty(new AuthorizationDecision(false));
return mono
.filter(Authentication::isAuthenticated)
Mono<AuthorizationDecision> authorizationDecisionMono = mono.filter(Authentication::isAuthenticated)
.flatMapIterable(Authentication::getAuthorities)
.map(GrantedAuthority::getAuthority)
.any(roleId -> {
// roleId是请求用户的角色(格式:ROLE_{roleId}),authorities是请求资源所需要角色的集合
log.info("访问路径:{}", path);
log.info("用户角色信息:{}", roleId);
log.info("资源需要权限authorities:{}", authorities);
//如果是管理员 直接放行
if ("ROLE_0".equals(roleId)) {
return true;
}
String[] splitpath = path.split("/");
String pathNew = "/" + splitpath[1] + "/" + splitpath[2] + "/*";
Set<String> authorities = new HashSet<>();
Map<String, List<Long>> rolesResources = redisTemplate.opsForHash().entries(AuthConstants.PERMISSION_ROLES_RESOURCE_KEY);
Map<String, List<SystemInterface>> interfaces = redisTemplate.opsForHash().entries(AuthConstants.PERMISSION_RESOURCE_INTERFACE_KEY);
List<Long> resources = rolesResources.get(roleId);
for (Long resource : resources) {
List<SystemInterface> systemInterfaces = interfaces.get(resource.toString());
if (systemInterfaces != null && systemInterfaces.size() > 0) {
for (SystemInterface iter : systemInterfaces) {
if (pathMatcher.match(iter.getInterfaceUrl(), pathNew)) {
authorities.addAll(Convert.toList(String.class, roleId));
}
}
}
}
log.info("资源需要权限authorities:{}", authorities);
return authorities.contains(roleId);
})
.map(AuthorizationDecision::new)
.defaultIfEmpty(new AuthorizationDecision(false));
return authorizationDecisionMono;
}
}
......@@ -11,13 +11,11 @@ import com.hungraim.ltc.pojo.vo.disable.SrvModeVo;
import com.hungraim.ltc.pojo.vo.governance.OrganProjectVO;
import com.hungraim.ltc.util.Result;
import com.hungraim.ltc.util.ResultCode;
import com.hungraim.ltc.util.TokenParsingUtil;
import lombok.extern.slf4j.Slf4j;
import org.apache.commons.lang.StringUtils;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.web.bind.annotation.DeleteMapping;
import org.springframework.web.bind.annotation.RequestMapping;
import org.springframework.web.bind.annotation.RequestParam;
import org.springframework.web.bind.annotation.RestController;
import org.springframework.web.bind.annotation.*;
import java.util.ArrayList;
import java.util.List;
......@@ -43,8 +41,11 @@ public class NursingServiceItemsController {
* @param status 状态
*/
@RequestMapping("/organProjectList")
public Result<Page<OrganProjectVO>> organProjectList(@RequestParam(defaultValue = "1") Integer pageNum, @RequestParam(defaultValue = "10") Integer pageSize,
public Result<Page<OrganProjectVO>> organProjectList(@RequestHeader("Authorization") String token,
@RequestParam(defaultValue = "1") Integer pageNum,
@RequestParam(defaultValue = "10") Integer pageSize,
String organIds, String name, String status) {
long organId = TokenParsingUtil.TokenParsing(token, "organId");
Page<OrganProjectVO> page = new Page<>(pageNum, pageSize);
page = nursingServiceItemsService.organProjectList(page, organIds, name, status);
return Result.success(page);
......
......@@ -11,6 +11,7 @@ import com.hungraim.ltc.pojo.vo.governance.ProgramSetAndProjectVo;
import com.hungraim.ltc.pojo.vo.governance.SvrSendListVo;
import com.hungraim.ltc.util.Result;
import com.hungraim.ltc.util.ResultCode;
import com.hungraim.ltc.util.TokenParsingUtil;
import lombok.extern.slf4j.Slf4j;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.web.bind.annotation.*;
......@@ -47,7 +48,8 @@ public class SrvProgramController {
* @return 返回列表
*/
@RequestMapping("/programList")
public Result getProgramList(Long srvOrganId, String realName, String realTel, String programStatus, Integer pageNum, Integer pageSize) {
public Result getProgramList(@RequestHeader("Authorization") String token, String realName, String realTel, String programStatus, Integer pageNum, Integer pageSize) {
long srvOrganId = TokenParsingUtil.TokenParsing(token, "srvOrganId");
if (pageNum == null || pageNum < 1) {
return Result.failed(ResultCode.REQUEST_PARAM_ERROR);
}
......
......@@ -19,7 +19,7 @@
from ch_srv_task_detail detail --服务计划
left join ch_srv_task task on task.srv_task_id = detail.srv_task_id--服务计划详情
left join ch_disable_info disable on task.disab_info_id = disable.disab_info_id--失能人员
left join CH_DEV.CH_DISABLE_APPLY apply on apply.apply_id = disable.apply_id
left join CH_DISABLE_APPLY apply on apply.apply_id = disable.apply_id
left join ch_srv_program program on task.program_id = program.program_id--服务方案
left join ch_srv_organ organ on program.srv_organ_id = organ.srv_organ_id--服务机构
left join ch_srv_organ_emp emp on task.srv_emp_id = emp.emp_id--护理人员
......
......@@ -53,7 +53,7 @@
INNER JOIN CH_SRV_ORGAN T2 ON T1.SRV_ORGAN_ID = T2.SRV_ORGAN_ID
INNER JOIN CH_DISABLE_INFO T3 ON T1.DISAB_INFO_ID = T3.DISAB_INFO_ID
<where>
<if test="srvOrganId != null">
<if test="srvOrganId != null and srvOrganId != 0">
T1.SRV_ORGAN_ID = #{srvOrganId}
</if>
<if test="realName != null and realName != ''">
......
package com.hungraim.ltc.component;
import com.hungraim.ltc.system.service.impl.SystemInterfaceServiceImpl;
import lombok.extern.slf4j.Slf4j;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.boot.CommandLineRunner;
import org.springframework.stereotype.Component;
/**
*
* 服务运行时将资源和接口关系缓存到数据库中
* @author mq
*/
@Component
@Slf4j
public class InitResourceInterfaceCacheRunner implements CommandLineRunner {
private final SystemInterfaceServiceImpl systemInterfaceService;
@Autowired
public InitResourceInterfaceCacheRunner( SystemInterfaceServiceImpl systemInterfaceService) {
this.systemInterfaceService = systemInterfaceService;
}
@Override
public void run(String... args){
systemInterfaceService.listResourceInterface();
}
}
......@@ -110,6 +110,8 @@ public class UserController {
user.setRealName(reqUserInfo.getName());
user.setUserStatus(reqUserInfo.getEnable());
user.setCreatedTime(new Date());
user.setOrganId(reqUserInfo.getOrganId());
user.setSrvOrganId(reqUserInfo.getSrvOrganId());
userInfoService.save(user);
Long userId = user.getUserId();
//初始化权限
......@@ -192,6 +194,8 @@ public class UserController {
userInfo.setEnable(user.getUserStatus());
userInfo.setAvatar(user.getAvatar());
userInfo.setGender(Gender.MAN.getCode().equals(user.getGender()) ? Gender.MAN.getDesc() : Gender.WOMAN.getDesc());
userInfo.setOrganId(user.getOrganId());
userInfo.setSrvOrganId(user.getSrvOrganId());
return userInfo;
}).collect(Collectors.toList());
return Result.success(resUsers);
......
package com.hungraim.ltc.system.dao;
import com.baomidou.mybatisplus.core.mapper.BaseMapper;
import com.hungraim.ltc.pojo.entity.system.SystemInterface;
import com.hungraim.ltc.pojo.entity.system.SystemResource;
import org.apache.ibatis.annotations.*;
import java.util.List;
/**
* 查询所有资源对应的接口
* @return list
*/
@Mapper
public interface SystemInterfaceMapper extends BaseMapper<SystemInterface> {
@Select("SELECT a.INTERFACE_ID,a.INTERFACE_URL FROM LTC_INTERFACE a,LTC_RESOURCE_INTERFACE e where a.INTERFACE_ID=e.INTERFACE_ID and e.RESOURCE_ID=#{resourceId}")
List<SystemInterface> listInterface(Long resourceId);
@Select("select b.ROLE_ID from LTC_ROLE b")
List<Long> listRole();
@Select("select c.RESOURCE_ID from LTC_ROLE_RESOURCE c WHERE c.ROLE_ID=#{roleId}")
List<Long> listRoleResource(Long roleId);
}
......@@ -17,9 +17,9 @@ public interface SystemResourceMapper extends BaseMapper<SystemResource> {
* 查询所有资源对应的角色
* @return list
*/
@Select("SELECT RESOURCE_ID,RESOURCE_NAME,RESOURCE_URL,METHOD FROM LTC_RESOURCE")
@Select("SELECT RESOURCE_ID as resourceId,RESOURCE_ID,RESOURCE_NAME,RESOURCE_URL,METHOD FROM LTC_RESOURCE")
@Results({
@Result(property = "roleIds", column = "RESOURCE_ID",many = @Many(select = "com.hungraim.ltc.system.dao.SystemRoleResourceMapper.listRoleIds"))
@Result(property = "roleIds", column = "resourceId",many = @Many(select = "com.hungraim.ltc.system.dao.SystemRoleResourceMapper.listRoleIds"))
})
List<SystemResource> listResourceRoles();
......
package com.hungraim.ltc.system.service;
import com.hungraim.ltc.pojo.entity.system.SystemInterface;
import java.util.List;
import java.util.Map;
public interface ISystemInterfaceService {
/**
* 查询所有资源对应的接口
* @return list
*/
void listResourceInterface();
}
package com.hungraim.ltc.system.service.impl;
import com.baomidou.mybatisplus.extension.service.impl.ServiceImpl;
import com.hungraim.ltc.constant.AuthConstants;
import com.hungraim.ltc.pojo.entity.system.SystemInterface;
import com.hungraim.ltc.system.dao.SystemInterfaceMapper;
import com.hungraim.ltc.system.service.ISystemInterfaceService;
import lombok.extern.slf4j.Slf4j;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.data.redis.core.RedisTemplate;
import org.springframework.stereotype.Service;
import java.util.*;
/**
* @author mq
*/
@Service
@Slf4j
public class SystemInterfaceServiceImpl extends ServiceImpl<SystemInterfaceMapper, SystemInterface> implements ISystemInterfaceService {
private final SystemInterfaceMapper systemInterfaceMapper;
private final SystemResourceServiceImpl systemResourceService;
private final RedisTemplate redisTemplate;
@Autowired
public SystemInterfaceServiceImpl(SystemInterfaceMapper systemInterfaceMapper, SystemResourceServiceImpl systemResourceService, RedisTemplate redisTemplate) {
this.systemInterfaceMapper = systemInterfaceMapper;
this.systemResourceService = systemResourceService;
this.redisTemplate = redisTemplate;
}
@Override
public void listResourceInterface() {
try {
redisTemplate.delete(AuthConstants.PERMISSION_RESOURCE_INTERFACE_KEY);
redisTemplate.delete(AuthConstants.PERMISSION_ROLES_RESOURCE_KEY);
Map<String, List<Long>> roleResourcesMap = new TreeMap<>();
Map<String, List<SystemInterface>> stringStringHashMap = new HashMap<>();
List<Long> roles = systemInterfaceMapper.listRole();
String roleId;
for (Long role : roles) {
List<Long> roleResources = systemInterfaceMapper.listRoleResource(role);
//保存资源和接口
for (Long roleResource:roleResources){
List<SystemInterface> systemInterfaces=systemInterfaceMapper.listInterface(roleResource);
stringStringHashMap.put(roleResource.toString(),systemInterfaces);
}
// 转换 roles -> ROLE_{roleId}
roleId=AuthConstants.AUTHORITY_PREFIX + role;
//保存角色和资源
roleResourcesMap.put(roleId,roleResources);
}
redisTemplate.opsForHash().putAll(AuthConstants.PERMISSION_ROLES_RESOURCE_KEY, roleResourcesMap);
redisTemplate.opsForHash().putAll(AuthConstants.PERMISSION_RESOURCE_INTERFACE_KEY, stringStringHashMap);
}catch (RuntimeException e){
e.printStackTrace();
}
}
}
......@@ -22,10 +22,12 @@ import java.util.stream.Collectors;
public class SystemResourceServiceImpl extends ServiceImpl<SystemResourceMapper, SystemResource> implements ISystemResourceService {
private final SystemResourceMapper systemResourceMapper;
private final RedisTemplate redisTemplate;
@Autowired
public SystemResourceServiceImpl(RedisTemplate redisTemplate) {
public SystemResourceServiceImpl(SystemResourceMapper systemResourceMapper, RedisTemplate redisTemplate) {
this.systemResourceMapper = systemResourceMapper;
this.redisTemplate = redisTemplate;
}
......@@ -36,6 +38,7 @@ public class SystemResourceServiceImpl extends ServiceImpl<SystemResourceMapper,
@Override
@SuppressWarnings("unchecked")
public void refreshPermissionRolesCache(){
try {
log.info("refreshPermissionRolesCache run...");
redisTemplate.delete(AuthConstants.PERMISSION_ROLES_KEY);
List<SystemResource> permissions = this.listResourceRoles();
......@@ -48,15 +51,18 @@ public class SystemResourceServiceImpl extends ServiceImpl<SystemResourceMapper,
.map(roleId -> AuthConstants.AUTHORITY_PREFIX + roleId)
.collect(Collectors.toList());
if (CollectionUtil.isNotEmpty(roles)) {
permissionRoles.put(permission.getMethod() +"_"+ permission.getResourceUrl(), roles);
permissionRoles.put(permission.getResourceId().toString(), roles);
}
});
redisTemplate.opsForHash().putAll(AuthConstants.PERMISSION_ROLES_KEY, permissionRoles);
}catch (RuntimeException e) {
e.printStackTrace();
}
}
@Override
public List<SystemResource> listResourceRoles() {
return this.baseMapper.listResourceRoles();
return systemResourceMapper.listResourceRoles();
}
......
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment