From 2b271547e720c5bb0fb7a39e8540bcc72b54af9e Mon Sep 17 00:00:00 2001 From: winter <2436197699@qq.com> Date: Thu, 23 Nov 2023 14:50:12 +0800 Subject: [PATCH] =?UTF-8?q?feat:=20=E6=96=B0=E5=A2=9E=E9=89=B4=E6=9D=83?= =?UTF-8?q?=E6=97=B6=E7=9A=84=E5=BC=82=E5=B8=B8=E5=A4=84=E7=90=86?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- .../model/entity/EvaluationTreeNode.java | 5 +++ .../security/SecurityConfiguration.java | 12 +++++-- .../handler/RestAccessDeniedHandler.java | 32 +++++++++++++++++ .../handler/RestAuthenticationEntryPoint.java | 36 +++++++++++++++++++ .../service/impl/EvaluationServiceImpl.java | 8 ++++- .../java/cn/teammodel/TestWithoutSpring.java | 6 ++++ 6 files changed, 96 insertions(+), 3 deletions(-) create mode 100644 src/main/java/cn/teammodel/security/handler/RestAccessDeniedHandler.java create mode 100644 src/main/java/cn/teammodel/security/handler/RestAuthenticationEntryPoint.java diff --git a/src/main/java/cn/teammodel/model/entity/EvaluationTreeNode.java b/src/main/java/cn/teammodel/model/entity/EvaluationTreeNode.java index 6eaf02f..d71870e 100644 --- a/src/main/java/cn/teammodel/model/entity/EvaluationTreeNode.java +++ b/src/main/java/cn/teammodel/model/entity/EvaluationTreeNode.java @@ -1,8 +1,10 @@ package cn.teammodel.model.entity; +import com.fasterxml.jackson.annotation.JsonFormat; import com.fasterxml.jackson.annotation.JsonProperty; import lombok.Data; +import java.time.LocalDateTime; import java.util.List; @Data @@ -12,6 +14,9 @@ public class EvaluationTreeNode { String name; String logo; String creator; + String creatorId; + @JsonFormat(pattern = "yyyy-MM-dd HH:mm:ss") + LocalDateTime createTime; /** * 排序 */ diff --git a/src/main/java/cn/teammodel/security/SecurityConfiguration.java b/src/main/java/cn/teammodel/security/SecurityConfiguration.java index 85baba2..fbebdaf 100644 --- a/src/main/java/cn/teammodel/security/SecurityConfiguration.java +++ b/src/main/java/cn/teammodel/security/SecurityConfiguration.java @@ -1,6 +1,8 @@ package cn.teammodel.security; import cn.teammodel.security.filter.AuthInnerTokenFilter; +import cn.teammodel.security.handler.RestAccessDeniedHandler; +import cn.teammodel.security.handler.RestAuthenticationEntryPoint; import org.springframework.context.annotation.Bean; import org.springframework.context.annotation.Configuration; import org.springframework.security.config.annotation.method.configuration.EnableMethodSecurity; @@ -23,6 +25,10 @@ import java.util.Arrays; @EnableWebSecurity @EnableMethodSecurity public class SecurityConfiguration { + @Resource + private RestAccessDeniedHandler restAccessDeniedHandler; + @Resource + private RestAuthenticationEntryPoint restAuthenticationEntryPoint; @Resource private AuthInnerTokenFilter authInnerTokenFilter; @@ -52,8 +58,10 @@ public class SecurityConfiguration { .anyRequest().authenticated() ) .oauth2ResourceServer(OAuth2ResourceServerConfigurer::jwt) // 启用 OIDC jwt filter - .addFilterAfter(authInnerTokenFilter, BearerTokenAuthenticationFilter.class); // 添加 x-auth-authToken filter - // todo: 失败处理器 + .addFilterAfter(authInnerTokenFilter, BearerTokenAuthenticationFilter.class) // 添加 x-auth-authToken filter + .exceptionHandling() + .authenticationEntryPoint(restAuthenticationEntryPoint) + .accessDeniedHandler(restAccessDeniedHandler); return http.build(); } diff --git a/src/main/java/cn/teammodel/security/handler/RestAccessDeniedHandler.java b/src/main/java/cn/teammodel/security/handler/RestAccessDeniedHandler.java new file mode 100644 index 0000000..1f759d9 --- /dev/null +++ b/src/main/java/cn/teammodel/security/handler/RestAccessDeniedHandler.java @@ -0,0 +1,32 @@ +package cn.teammodel.security.handler; + +import cn.hutool.json.JSONUtil; +import cn.teammodel.common.ErrorCode; +import cn.teammodel.common.R; +import org.springframework.http.HttpStatus; +import org.springframework.security.access.AccessDeniedException; +import org.springframework.security.web.access.AccessDeniedHandler; +import org.springframework.stereotype.Component; + +import javax.servlet.ServletException; +import javax.servlet.http.HttpServletRequest; +import javax.servlet.http.HttpServletResponse; +import java.io.IOException; + +@Component +public class RestAccessDeniedHandler implements AccessDeniedHandler { + + @Override + public void handle(HttpServletRequest request, HttpServletResponse response, AccessDeniedException accessDeniedException) throws IOException, ServletException { + response.setStatus(HttpStatus.UNAUTHORIZED.value()); + response.setHeader("Access-Control-Allow-Origin", "*"); + response.setHeader("Cache-Control","no-cache"); + response.setCharacterEncoding("UTF-8"); + response.setContentType("application/json"); + response.getWriter().println(errorMsg()); + response.getWriter().flush(); + } + public Object errorMsg() { + return JSONUtil.parse(R.error(ErrorCode.NO_AUTH_ERROR)); + } +} \ No newline at end of file diff --git a/src/main/java/cn/teammodel/security/handler/RestAuthenticationEntryPoint.java b/src/main/java/cn/teammodel/security/handler/RestAuthenticationEntryPoint.java new file mode 100644 index 0000000..fd09497 --- /dev/null +++ b/src/main/java/cn/teammodel/security/handler/RestAuthenticationEntryPoint.java @@ -0,0 +1,36 @@ +package cn.teammodel.security.handler; + +import cn.hutool.json.JSONUtil; +import cn.teammodel.common.ErrorCode; +import cn.teammodel.common.R; +import org.springframework.http.HttpStatus; +import org.springframework.security.core.AuthenticationException; +import org.springframework.security.web.AuthenticationEntryPoint; +import org.springframework.stereotype.Component; + +import javax.servlet.ServletException; +import javax.servlet.http.HttpServletRequest; +import javax.servlet.http.HttpServletResponse; +import java.io.IOException; + +/** + * @author winter + * @date 2022年11月26日 下午4:51 + * @description 定义验证失败的处理器,子类实现 + */ +@Component +public class RestAuthenticationEntryPoint implements AuthenticationEntryPoint { + @Override + public void commence(HttpServletRequest request, HttpServletResponse response, AuthenticationException authException) throws IOException, ServletException { + response.setStatus(HttpStatus.UNAUTHORIZED.value()); + response.setHeader("Access-Control-Allow-Origin", "*"); + response.setHeader("Cache-Control","no-cache"); + response.setCharacterEncoding("UTF-8"); + response.setContentType("application/json"); + response.getWriter().println(errorMsg()); + response.getWriter().flush(); + } + public Object errorMsg() { + return JSONUtil.parse(R.error(ErrorCode.NO_AUTH_ERROR)); + } +} \ No newline at end of file diff --git a/src/main/java/cn/teammodel/service/impl/EvaluationServiceImpl.java b/src/main/java/cn/teammodel/service/impl/EvaluationServiceImpl.java index b6e946e..bc273a6 100644 --- a/src/main/java/cn/teammodel/service/impl/EvaluationServiceImpl.java +++ b/src/main/java/cn/teammodel/service/impl/EvaluationServiceImpl.java @@ -21,6 +21,7 @@ import org.springframework.beans.BeanUtils; import org.springframework.stereotype.Service; import javax.annotation.Resource; +import java.time.LocalDateTime; import java.util.ArrayList; import java.util.List; @@ -100,6 +101,7 @@ public class EvaluationServiceImpl implements EvaluationService { @Override public Evaluation insertNode(InsertNodeDto insertNodeDto) { Evaluation evaluation = findEvaluation(insertNodeDto.getPeriodId()); + User loginUser = SecurityUtils.getLoginUser(); List originNodes = evaluation.getNodes(); // 拷贝数据到新节点 @@ -116,8 +118,12 @@ public class EvaluationServiceImpl implements EvaluationService { } // todo: 为新节点赋值必须参数 (id, creator), 可不可以添加默认值 order ? newNode.setId(UUID.randomUUID().toString()); + newNode.setCreatorId(loginUser.getId()); + newNode.setCreator(loginUser.getName()); + newNode.setCreateTime(LocalDateTime.now()); + originNodes.add(newNode); - evaluation.setNodes(originNodes); + evaluation.setNodes(originNodes); // 好像不需要? return buildTree(evaluationRepository.save(evaluation)); } diff --git a/src/test/java/cn/teammodel/TestWithoutSpring.java b/src/test/java/cn/teammodel/TestWithoutSpring.java index c3e0096..3c6c258 100644 --- a/src/test/java/cn/teammodel/TestWithoutSpring.java +++ b/src/test/java/cn/teammodel/TestWithoutSpring.java @@ -11,6 +11,7 @@ import com.taobao.api.ApiException; import lombok.extern.slf4j.Slf4j; import org.junit.jupiter.api.Test; +import java.time.LocalDateTime; import java.util.ArrayList; import java.util.Arrays; import java.util.List; @@ -133,4 +134,9 @@ public class TestWithoutSpring { //service.flattenTree(tree, nodeList); //System.out.println(JSONUtil.parse(nodeList).toStringPretty()); } + + @Test + public void testLocalDateTime() { + System.out.println(LocalDateTime.now()); + } }