#日志清理与手动操作权限

Junjie

7 小时以前 8bfe1168a42d4e3750a15b0c0fb0a7629d6cf91c

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
package com.zy.system.service.impl;
 
import com.core.common.Cools;
import com.core.exception.CoolException;
import com.zy.common.utils.RedisUtil;
import com.zy.core.enums.RedisKeyType;
import com.zy.system.domain.param.HighPrivilegeGrantParam;
import com.zy.system.entity.Role;
import com.zy.system.entity.User;
import com.zy.system.model.HighPrivilegeGrantStatus;
import com.zy.system.service.HighPrivilegeGrantService;
import com.zy.system.service.RoleService;
import com.zy.system.service.UserService;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.stereotype.Service;
 
import java.util.HashMap;
import java.util.Map;
 
@Service("highPrivilegeGrantService")
public class HighPrivilegeGrantServiceImpl implements HighPrivilegeGrantService {
 
    private static final String ADMIN_ROLE_CODE = "admin";
    private static final int USER_ENABLED = 1;
    private static final long GRANT_TTL_SECONDS = 30L * 60L;
 
    @Autowired
    private UserService userService;
    @Autowired
    private RoleService roleService;
    @Autowired
    private RedisUtil redisUtil;
 
    @Override
    public HighPrivilegeGrantStatus grant(String token, HighPrivilegeGrantParam param) {
        if (Cools.isEmpty(token)) {
            throw new CoolException("当前登录已失效，请重新登录");
        }
        if (param == null || Cools.isEmpty(param.getAccount(), param.getPassword())) {
            throw new CoolException("账号和密码不能为空");
        }
        User user = userService.getByMobileWithSecurity(param.getAccount());
        if (user == null) {
            throw new CoolException("账号或密码错误");
        }
        if (!Integer.valueOf(USER_ENABLED).equals(user.getStatus())) {
            throw new CoolException("授权账号已禁用");
        }
        Role role = roleService.getById(user.getRoleId());
        if (role == null || !ADMIN_ROLE_CODE.equals(role.getCode())) {
            throw new CoolException("仅admin管理员账号可获取最高权限");
        }
        if (!Cools.eq(user.getPassword(), param.getPassword())) {
            throw new CoolException("账号或密码错误");
        }
 
        long now = System.currentTimeMillis();
        Map<String, Object> payload = new HashMap<>();
        payload.put("account", user.getMobile());
        payload.put("userId", user.getId());
        payload.put("grantTime", now);
        payload.put("expireAt", now + GRANT_TTL_SECONDS * 1000L);
        redisUtil.set(buildRedisKey(token), payload, GRANT_TTL_SECONDS);
        return getStatus(token);
    }
 
    @Override
    public HighPrivilegeGrantStatus getStatus(String token) {
        HighPrivilegeGrantStatus status = new HighPrivilegeGrantStatus();
        if (Cools.isEmpty(token)) {
            status.setGranted(false);
            return status;
        }
        String redisKey = buildRedisKey(token);
        long remainingSeconds = redisUtil.getExpire(redisKey);
        if (remainingSeconds <= 0 || !redisUtil.hasKey(redisKey)) {
            status.setGranted(false);
            status.setRemainingSeconds(0L);
            status.setExpireAt(null);
            return status;
        }
        status.setGranted(true);
        status.setRemainingSeconds(remainingSeconds);
        Object payload = redisUtil.get(redisKey);
        if (payload instanceof Map) {
            Object expireAt = ((Map<?, ?>) payload).get("expireAt");
            if (expireAt instanceof Number) {
                status.setExpireAt(((Number) expireAt).longValue());
            } else if (expireAt != null) {
                try {
                    status.setExpireAt(Long.parseLong(String.valueOf(expireAt)));
                } catch (NumberFormatException ignore) {
                    status.setExpireAt(System.currentTimeMillis() + remainingSeconds * 1000L);
                }
            }
        }
        if (status.getExpireAt() == null) {
            status.setExpireAt(System.currentTimeMillis() + remainingSeconds * 1000L);
        }
        return status;
    }
 
    @Override
    public void assertGranted(String token, String actionName) {
        HighPrivilegeGrantStatus status = getStatus(token);
        if (!status.isGranted()) {
            throw new CoolException(actionName + "需要最高权限授权，请先在开发专用->系统配置完成授权");
        }
    }
 
    private String buildRedisKey(String token) {
        return RedisKeyType.HIGH_PRIVILEGE_GRANT.key + token;
    }
}