From 672fdce0bca396dc5aa939237045ab50b473def3 Mon Sep 17 00:00:00 2001 From: MaxKey Date: Tue, 29 Apr 2025 07:40:37 +0800 Subject: [PATCH] =?UTF-8?q?/functionList=20=E8=8E=B7=E5=8F=96=E5=BA=94?= =?UTF-8?q?=E7=94=A8=E5=8A=9F=E8=83=BD=E6=9D=83=E9=99=90=E6=B8=85=E5=8D=95?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- .../org/dromara/maxkey/authn/jwt/AuthJwt.java | 9 +- .../web/PersistFieldAutoFillHandler.java | 17 +++ .../maxkey/entity/SyncJobConfigField.java | 17 +++ .../entity/authz/QueryAppResourceDto.java | 75 +++++++++++++ .../entity/authz/QueryGroupMembersDto.java | 49 +++++++++ .../entity/authz/QueryRoleMembersDto.java | 57 ++++++++++ .../entity/authz/vo/AppResourcesVo.java | 30 ++++++ .../mapper/AuthzResourceMapper.java | 45 ++++++++ .../mapper/SyncJobConfigFieldMapper.java | 17 +++ .../service/AuthzResourceService.java | 54 ++++++++++ .../PasswordPolicyValidatorService.java | 17 +++ .../impl/AuthzResourceServiceImpl.java | 100 ++++++++++++++++++ .../mapper/xml/mysql/AuthzResourceMapper.xml | 72 +++++++++++++ .../service/SyncJobConfigFieldService.java | 17 +++ .../impl/SyncJobConfigFieldServiceImpl.java | 17 +++ .../maxkey/synchronizer/utils/FieldUtil.java | 17 +++ .../maxkey-web-api-rest/build.gradle | 2 + .../rest/RestResourcesController.java | 85 +++++++++++++++ .../interceptor/RestApiPermissionAdapter.java | 31 ++++-- 19 files changed, 720 insertions(+), 8 deletions(-) create mode 100644 maxkey-core/src/main/java/org/dromara/maxkey/entity/authz/QueryAppResourceDto.java create mode 100644 maxkey-core/src/main/java/org/dromara/maxkey/entity/authz/QueryGroupMembersDto.java create mode 100644 maxkey-core/src/main/java/org/dromara/maxkey/entity/authz/QueryRoleMembersDto.java create mode 100644 maxkey-core/src/main/java/org/dromara/maxkey/entity/authz/vo/AppResourcesVo.java create mode 100644 maxkey-persistence/src/main/java/org/dromara/maxkey/persistence/mapper/AuthzResourceMapper.java create mode 100644 maxkey-persistence/src/main/java/org/dromara/maxkey/persistence/service/AuthzResourceService.java create mode 100644 maxkey-persistence/src/main/java/org/dromara/maxkey/persistence/service/impl/AuthzResourceServiceImpl.java create mode 100644 maxkey-persistence/src/main/resources/org/dromara/maxkey/persistence/mapper/xml/mysql/AuthzResourceMapper.xml create mode 100644 maxkey-web-apis/maxkey-web-api-rest/src/main/java/org/dromara/maxkey/web/apis/identity/rest/RestResourcesController.java diff --git a/maxkey-authentications/maxkey-authentication-core/src/main/java/org/dromara/maxkey/authn/jwt/AuthJwt.java b/maxkey-authentications/maxkey-authentication-core/src/main/java/org/dromara/maxkey/authn/jwt/AuthJwt.java index 86f09a580..a9094466f 100644 --- a/maxkey-authentications/maxkey-authentication-core/src/main/java/org/dromara/maxkey/authn/jwt/AuthJwt.java +++ b/maxkey-authentications/maxkey-authentication-core/src/main/java/org/dromara/maxkey/authn/jwt/AuthJwt.java @@ -25,8 +25,11 @@ import org.dromara.maxkey.authn.SignPrincipal; import org.springframework.security.core.Authentication; import org.springframework.security.core.GrantedAuthority; +import com.fasterxml.jackson.annotation.JsonFormat; import com.fasterxml.jackson.annotation.JsonProperty; +import io.swagger.v3.oas.annotations.media.Schema; + public class AuthJwt implements Serializable { private static final long serialVersionUID = -914373258878811144L; @@ -48,6 +51,10 @@ public class AuthJwt implements Serializable { @JsonProperty(EXPIRES_IN) private int expiresIn; + + @JsonFormat(shape = JsonFormat.Shape.STRING) + @Schema(name = "twoFactor", description = "二次认证类型") + int twoFactor; private String remeberMe; private String id; @@ -98,7 +105,7 @@ public class AuthJwt implements Serializable { this.instId = principal.getUserInfo().getInstId(); this.instName = principal.getUserInfo().getInstName(); - this.authorities = new ArrayList(); + this.authorities = new ArrayList<>(); for(GrantedAuthority grantedAuthority :authentication.getAuthorities()) { this.authorities.add(grantedAuthority.getAuthority()); } diff --git a/maxkey-authentications/maxkey-authentication-core/src/main/java/org/dromara/maxkey/authn/web/PersistFieldAutoFillHandler.java b/maxkey-authentications/maxkey-authentication-core/src/main/java/org/dromara/maxkey/authn/web/PersistFieldAutoFillHandler.java index 555fc22e8..2b5a34f6f 100644 --- a/maxkey-authentications/maxkey-authentication-core/src/main/java/org/dromara/maxkey/authn/web/PersistFieldAutoFillHandler.java +++ b/maxkey-authentications/maxkey-authentication-core/src/main/java/org/dromara/maxkey/authn/web/PersistFieldAutoFillHandler.java @@ -1,3 +1,20 @@ +/* + * Copyright [2025] [MaxKey of copyright http://www.maxkey.top] + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + + package org.dromara.maxkey.authn.web; import java.util.Date; diff --git a/maxkey-core/src/main/java/org/dromara/maxkey/entity/SyncJobConfigField.java b/maxkey-core/src/main/java/org/dromara/maxkey/entity/SyncJobConfigField.java index d6fe93fb5..885e7fb28 100644 --- a/maxkey-core/src/main/java/org/dromara/maxkey/entity/SyncJobConfigField.java +++ b/maxkey-core/src/main/java/org/dromara/maxkey/entity/SyncJobConfigField.java @@ -1,3 +1,20 @@ +/* + * Copyright [2025] [MaxKey of copyright http://www.maxkey.top] + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + + package org.dromara.maxkey.entity; import jakarta.persistence.Column; diff --git a/maxkey-core/src/main/java/org/dromara/maxkey/entity/authz/QueryAppResourceDto.java b/maxkey-core/src/main/java/org/dromara/maxkey/entity/authz/QueryAppResourceDto.java new file mode 100644 index 000000000..bc91b620f --- /dev/null +++ b/maxkey-core/src/main/java/org/dromara/maxkey/entity/authz/QueryAppResourceDto.java @@ -0,0 +1,75 @@ +/* + * Copyright [2025] [MaxKey of copyright http://www.maxkey.top] + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + + + + +package org.dromara.maxkey.entity.authz; + +import java.util.ArrayList; +import java.util.List; + +public class QueryAppResourceDto { + + String appId; + + String userId; + + List groupIds; + + List roleIds; + + public QueryAppResourceDto(String userId,String appId) { + super(); + this.appId = appId; + this.userId = userId; + groupIds = new ArrayList<>(); + roleIds = new ArrayList<>(); + } + + public String getAppId() { + return appId; + } + + public void setAppId(String appId) { + this.appId = appId; + } + + public String getUserId() { + return userId; + } + + public void setUserId(String userId) { + this.userId = userId; + } + + public List getGroupIds() { + return groupIds; + } + + public void setGroupIds(List groupIds) { + this.groupIds = groupIds; + } + + public List getRoleIds() { + return roleIds; + } + + public void setRoleIds(List roleIds) { + this.roleIds = roleIds; + } + +} diff --git a/maxkey-core/src/main/java/org/dromara/maxkey/entity/authz/QueryGroupMembersDto.java b/maxkey-core/src/main/java/org/dromara/maxkey/entity/authz/QueryGroupMembersDto.java new file mode 100644 index 000000000..72df0baac --- /dev/null +++ b/maxkey-core/src/main/java/org/dromara/maxkey/entity/authz/QueryGroupMembersDto.java @@ -0,0 +1,49 @@ +/* + * Copyright [2025] [MaxKey of copyright http://www.maxkey.top] + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + + + + +package org.dromara.maxkey.entity.authz; + +import java.util.ArrayList; +import java.util.List; + +public class QueryGroupMembersDto { + + List members; + + public QueryGroupMembersDto() { + members = new ArrayList<>(); + } + + public QueryGroupMembersDto(List members) { + this.members = members; + } + + public void add(String memberId) { + this.members.add(memberId); + } + + public List getMembers() { + return members; + } + + public void setMembers(List members) { + this.members = members; + } + +} diff --git a/maxkey-core/src/main/java/org/dromara/maxkey/entity/authz/QueryRoleMembersDto.java b/maxkey-core/src/main/java/org/dromara/maxkey/entity/authz/QueryRoleMembersDto.java new file mode 100644 index 000000000..478db0af9 --- /dev/null +++ b/maxkey-core/src/main/java/org/dromara/maxkey/entity/authz/QueryRoleMembersDto.java @@ -0,0 +1,57 @@ +/* + * Copyright [2025] [MaxKey of copyright http://www.maxkey.top] + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + + + +package org.dromara.maxkey.entity.authz; + +import java.util.ArrayList; +import java.util.List; + +public class QueryRoleMembersDto { + String appId; + + List members; + + public QueryRoleMembersDto() { + members = new ArrayList<>(); + } + + public QueryRoleMembersDto(List members) { + this.members = members; + } + + public String getAppId() { + return appId; + } + + public void setAppId(String appId) { + this.appId = appId; + } + + public void add(String memberId) { + this.members.add(memberId); + } + + public List getMembers() { + return members; + } + + public void setMembers(List members) { + this.members = members; + } + +} diff --git a/maxkey-core/src/main/java/org/dromara/maxkey/entity/authz/vo/AppResourcesVo.java b/maxkey-core/src/main/java/org/dromara/maxkey/entity/authz/vo/AppResourcesVo.java new file mode 100644 index 000000000..1a36d2e6b --- /dev/null +++ b/maxkey-core/src/main/java/org/dromara/maxkey/entity/authz/vo/AppResourcesVo.java @@ -0,0 +1,30 @@ +/* + * Copyright [2025] [MaxKey of copyright http://www.maxkey.top] + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + + + + +package org.dromara.maxkey.entity.authz.vo; + +import java.util.Set; + +import org.dromara.maxkey.entity.apps.Apps; +import org.dromara.maxkey.entity.permissions.Resources; + + +public record AppResourcesVo(Apps app,Set functions) { + +} diff --git a/maxkey-persistence/src/main/java/org/dromara/maxkey/persistence/mapper/AuthzResourceMapper.java b/maxkey-persistence/src/main/java/org/dromara/maxkey/persistence/mapper/AuthzResourceMapper.java new file mode 100644 index 000000000..a2bd1e2b8 --- /dev/null +++ b/maxkey-persistence/src/main/java/org/dromara/maxkey/persistence/mapper/AuthzResourceMapper.java @@ -0,0 +1,45 @@ +/* + * Copyright [2025] [MaxKey of copyright http://www.maxkey.top] + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + + + + +package org.dromara.maxkey.persistence.mapper; + +import java.util.List; + +import org.dromara.maxkey.entity.authz.QueryAppResourceDto; +import org.dromara.maxkey.entity.authz.QueryGroupMembersDto; +import org.dromara.maxkey.entity.authz.QueryRoleMembersDto; +import org.dromara.maxkey.entity.idm.Groups; +import org.dromara.maxkey.entity.idm.UserInfo; +import org.dromara.maxkey.entity.permissions.Resources; +import org.dromara.maxkey.entity.permissions.Roles; +import org.dromara.mybatis.jpa.IJpaMapper; + +public interface AuthzResourceMapper extends IJpaMapper { + + public List queryResourcesByGroupId(QueryAppResourceDto dto) ; + + public List queryResourcesByRoleId(QueryAppResourceDto dto) ; + + + public List queryGroupsByMembers(QueryGroupMembersDto dto) ; + + public List queryRolesByMembers(QueryRoleMembersDto dto) ; + + +} diff --git a/maxkey-persistence/src/main/java/org/dromara/maxkey/persistence/mapper/SyncJobConfigFieldMapper.java b/maxkey-persistence/src/main/java/org/dromara/maxkey/persistence/mapper/SyncJobConfigFieldMapper.java index 953054399..77bc21045 100644 --- a/maxkey-persistence/src/main/java/org/dromara/maxkey/persistence/mapper/SyncJobConfigFieldMapper.java +++ b/maxkey-persistence/src/main/java/org/dromara/maxkey/persistence/mapper/SyncJobConfigFieldMapper.java @@ -1,3 +1,20 @@ +/* + * Copyright [2025] [MaxKey of copyright http://www.maxkey.top] + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + + package org.dromara.maxkey.persistence.mapper; import org.apache.ibatis.annotations.Param; diff --git a/maxkey-persistence/src/main/java/org/dromara/maxkey/persistence/service/AuthzResourceService.java b/maxkey-persistence/src/main/java/org/dromara/maxkey/persistence/service/AuthzResourceService.java new file mode 100644 index 000000000..853d9d6d3 --- /dev/null +++ b/maxkey-persistence/src/main/java/org/dromara/maxkey/persistence/service/AuthzResourceService.java @@ -0,0 +1,54 @@ +/* + * Copyright [2025] [MaxKey of copyright http://www.maxkey.top] + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + + + + +package org.dromara.maxkey.persistence.service; + +import java.util.List; +import java.util.Set; + +import org.dromara.maxkey.entity.apps.Apps; +import org.dromara.maxkey.entity.authz.QueryAppResourceDto; +import org.dromara.maxkey.entity.idm.UserInfo; +import org.dromara.maxkey.entity.permissions.Resources; +import org.dromara.mybatis.jpa.IJpaService; + +public interface AuthzResourceService extends IJpaService{ + + /** + * 根据主体获取用户对应得应用资源清单 + * @param user + * @param app + * @return 资源清单列表 + */ + public Set getResourcesBySubject(UserInfo user,Apps app); + + /** + * 根据组列表获取资源清单 + * @param dto + * @return + */ + public List queryResourcesByGroupId(QueryAppResourceDto dto) ; + + /** + * 根据角色列表获取资源清单 + * @param dto + * @return + */ + public List queryResourcesByRoleId(QueryAppResourceDto dto) ; +} diff --git a/maxkey-persistence/src/main/java/org/dromara/maxkey/persistence/service/PasswordPolicyValidatorService.java b/maxkey-persistence/src/main/java/org/dromara/maxkey/persistence/service/PasswordPolicyValidatorService.java index a5fc1aee3..432e62d35 100644 --- a/maxkey-persistence/src/main/java/org/dromara/maxkey/persistence/service/PasswordPolicyValidatorService.java +++ b/maxkey-persistence/src/main/java/org/dromara/maxkey/persistence/service/PasswordPolicyValidatorService.java @@ -1,3 +1,20 @@ +/* + * Copyright [2025] [MaxKey of copyright http://www.maxkey.top] + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + + package org.dromara.maxkey.persistence.service; import org.dromara.maxkey.entity.ChangePassword; diff --git a/maxkey-persistence/src/main/java/org/dromara/maxkey/persistence/service/impl/AuthzResourceServiceImpl.java b/maxkey-persistence/src/main/java/org/dromara/maxkey/persistence/service/impl/AuthzResourceServiceImpl.java new file mode 100644 index 000000000..9a9e10448 --- /dev/null +++ b/maxkey-persistence/src/main/java/org/dromara/maxkey/persistence/service/impl/AuthzResourceServiceImpl.java @@ -0,0 +1,100 @@ +/* + * Copyright [2025] [MaxKey of copyright http://www.maxkey.top] + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + + + + +package org.dromara.maxkey.persistence.service.impl; + +import java.util.HashSet; +import java.util.List; +import java.util.Set; +import org.dromara.maxkey.entity.apps.Apps; +import org.dromara.maxkey.entity.authz.QueryAppResourceDto; +import org.dromara.maxkey.entity.authz.QueryGroupMembersDto; +import org.dromara.maxkey.entity.authz.QueryRoleMembersDto; +import org.dromara.maxkey.entity.idm.Groups; +import org.dromara.maxkey.entity.idm.UserInfo; +import org.dromara.maxkey.entity.permissions.Resources; +import org.dromara.maxkey.entity.permissions.Roles; +import org.dromara.maxkey.persistence.mapper.AuthzResourceMapper; +import org.dromara.maxkey.persistence.service.AuthzResourceService; +import org.dromara.mybatis.jpa.service.impl.JpaServiceImpl; +import org.slf4j.Logger; +import org.slf4j.LoggerFactory; +import org.springframework.stereotype.Repository; + +@Repository +public class AuthzResourceServiceImpl extends JpaServiceImpl implements AuthzResourceService{ + private static final Logger logger = LoggerFactory.getLogger(AuthzResourceServiceImpl.class); + + /** + * 根据主体获取用户对应得应用资源清单 + * @param user + * @param app + * @return 资源清单列表 + */ + public Set getResourcesBySubject(UserInfo user,Apps app){ + logger.debug("user {} , app {}",user,app); + Set resourcesList = new HashSet<>(); + + QueryAppResourceDto dto = new QueryAppResourceDto(user.getId(),app.getId()); + + //查询用户的所属用户组 + QueryGroupMembersDto queryGroupMembersDto = new QueryGroupMembersDto(); + queryGroupMembersDto.add(user.getId()); + List listGroup = getMapper().queryGroupsByMembers(queryGroupMembersDto); + for(Groups group : listGroup) { + dto.getGroupIds().add(group.getId()); + } + + //根据用户组获取应用资源 + List groupResourcesList = queryResourcesByGroupId(dto); + resourcesList.addAll(groupResourcesList); + + //查询用户的所属应用角色组 + QueryRoleMembersDto queryRoleMembersDto = new QueryRoleMembersDto(); + queryRoleMembersDto.setAppId(app.getId()); + queryRoleMembersDto.add(user.getId()); + List listRoles = getMapper().queryRolesByMembers(queryRoleMembersDto); + for(Roles role : listRoles) { + dto.getRoleIds().add(role.getId()); + } + //根据角色获取应用资源 + List roleResourcesList = queryResourcesByRoleId(dto); + resourcesList.addAll(roleResourcesList); + + return resourcesList; + } + + /** + * 根据组列表获取资源清单 + * @param dto + * @return + */ + public List queryResourcesByGroupId(QueryAppResourceDto dto) { + return getMapper().queryResourcesByGroupId(dto); + } + + /** + * 根据角色列表获取资源清单 + * @param dto + * @return + */ + public List queryResourcesByRoleId(QueryAppResourceDto dto) { + return getMapper().queryResourcesByRoleId(dto); + } +} diff --git a/maxkey-persistence/src/main/resources/org/dromara/maxkey/persistence/mapper/xml/mysql/AuthzResourceMapper.xml b/maxkey-persistence/src/main/resources/org/dromara/maxkey/persistence/mapper/xml/mysql/AuthzResourceMapper.xml new file mode 100644 index 000000000..0365f0f06 --- /dev/null +++ b/maxkey-persistence/src/main/resources/org/dromara/maxkey/persistence/mapper/xml/mysql/AuthzResourceMapper.xml @@ -0,0 +1,72 @@ + + + + + + + + + + + + + \ No newline at end of file diff --git a/maxkey-synchronizers/maxkey-synchronizer/src/main/java/org/dromara/maxkey/synchronizer/service/SyncJobConfigFieldService.java b/maxkey-synchronizers/maxkey-synchronizer/src/main/java/org/dromara/maxkey/synchronizer/service/SyncJobConfigFieldService.java index bf70ae9a7..49a17d9b6 100644 --- a/maxkey-synchronizers/maxkey-synchronizer/src/main/java/org/dromara/maxkey/synchronizer/service/SyncJobConfigFieldService.java +++ b/maxkey-synchronizers/maxkey-synchronizer/src/main/java/org/dromara/maxkey/synchronizer/service/SyncJobConfigFieldService.java @@ -1,3 +1,20 @@ +/* + * Copyright [2025] [MaxKey of copyright http://www.maxkey.top] + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + + package org.dromara.maxkey.synchronizer.service; import org.dromara.maxkey.entity.SyncJobConfigField; diff --git a/maxkey-synchronizers/maxkey-synchronizer/src/main/java/org/dromara/maxkey/synchronizer/service/impl/SyncJobConfigFieldServiceImpl.java b/maxkey-synchronizers/maxkey-synchronizer/src/main/java/org/dromara/maxkey/synchronizer/service/impl/SyncJobConfigFieldServiceImpl.java index a179ba6fc..8692abab4 100644 --- a/maxkey-synchronizers/maxkey-synchronizer/src/main/java/org/dromara/maxkey/synchronizer/service/impl/SyncJobConfigFieldServiceImpl.java +++ b/maxkey-synchronizers/maxkey-synchronizer/src/main/java/org/dromara/maxkey/synchronizer/service/impl/SyncJobConfigFieldServiceImpl.java @@ -1,3 +1,20 @@ +/* + * Copyright [2025] [MaxKey of copyright http://www.maxkey.top] + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + + package org.dromara.maxkey.synchronizer.service.impl; import org.dromara.maxkey.entity.SyncJobConfigField; diff --git a/maxkey-synchronizers/maxkey-synchronizer/src/main/java/org/dromara/maxkey/synchronizer/utils/FieldUtil.java b/maxkey-synchronizers/maxkey-synchronizer/src/main/java/org/dromara/maxkey/synchronizer/utils/FieldUtil.java index e44aed70b..80b2cdf07 100644 --- a/maxkey-synchronizers/maxkey-synchronizer/src/main/java/org/dromara/maxkey/synchronizer/utils/FieldUtil.java +++ b/maxkey-synchronizers/maxkey-synchronizer/src/main/java/org/dromara/maxkey/synchronizer/utils/FieldUtil.java @@ -1,3 +1,20 @@ +/* + * Copyright [2025] [MaxKey of copyright http://www.maxkey.top] + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + + package org.dromara.maxkey.synchronizer.utils; import org.joda.time.DateTime; diff --git a/maxkey-web-apis/maxkey-web-api-rest/build.gradle b/maxkey-web-apis/maxkey-web-api-rest/build.gradle index e80276461..b198249c2 100644 --- a/maxkey-web-apis/maxkey-web-api-rest/build.gradle +++ b/maxkey-web-apis/maxkey-web-api-rest/build.gradle @@ -11,5 +11,7 @@ dependencies { implementation project(":maxkey-common") implementation project(":maxkey-core") implementation project(":maxkey-persistence") + + implementation project(":maxkey-authentications:maxkey-authentication-core") } \ No newline at end of file diff --git a/maxkey-web-apis/maxkey-web-api-rest/src/main/java/org/dromara/maxkey/web/apis/identity/rest/RestResourcesController.java b/maxkey-web-apis/maxkey-web-api-rest/src/main/java/org/dromara/maxkey/web/apis/identity/rest/RestResourcesController.java new file mode 100644 index 000000000..20255ea69 --- /dev/null +++ b/maxkey-web-apis/maxkey-web-api-rest/src/main/java/org/dromara/maxkey/web/apis/identity/rest/RestResourcesController.java @@ -0,0 +1,85 @@ +/* + * Copyright [2025] [MaxKey of copyright http://www.maxkey.top] + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + + + +package org.dromara.maxkey.web.apis.identity.rest; + +import java.util.HashSet; +import java.util.Set; + + +import org.slf4j.LoggerFactory; +import org.dromara.maxkey.authn.web.AuthorizationUtils; +import org.dromara.maxkey.entity.Message; +import org.dromara.maxkey.entity.apps.Apps; +import org.dromara.maxkey.entity.authz.vo.AppResourcesVo; +import org.dromara.maxkey.entity.idm.UserInfo; +import org.dromara.maxkey.entity.permissions.Resources; +import org.dromara.maxkey.persistence.service.AppsService; +import org.dromara.maxkey.persistence.service.AuthzResourceService; +import org.dromara.maxkey.persistence.service.UserInfoService; +import org.slf4j.Logger; +import org.springframework.beans.factory.annotation.Autowired; +import org.springframework.security.core.userdetails.User; +import org.springframework.web.bind.annotation.GetMapping; +import org.springframework.web.bind.annotation.RequestMapping; +import org.springframework.web.bind.annotation.RequestParam; +import org.springframework.web.bind.annotation.RestController; + +import io.swagger.v3.oas.annotations.Operation; + +@RestController +@RequestMapping("/api/idm/Resources") +public class RestResourcesController { + static final Logger logger = LoggerFactory.getLogger(RestResourcesController.class); + + @Autowired + UserInfoService userInfoService; + + @Autowired + AppsService appsService; + + @Autowired + AuthzResourceService authzResourceService; + + @Operation(summary = "获取应用功能权限清单", description = "获取应用功能权限清单",method="GET") + @GetMapping("/functionList") + public Message getFunctionList(@RequestParam("userId") String userId) { + logger.debug("userId {} ", userId); + UserInfo user = userInfoService.get(userId); + ///获取appId登录 + User principal = (User)AuthorizationUtils.getAuthentication().getPrincipal(); + Apps app = appsService.get(principal.getUsername(),true); + logger.debug("appId {} " , app.getId()); + Apps relatedApp = new Apps(); + if(user != null) { + relatedApp.setId(app.getId()); + relatedApp.setAppName(app.getAppName()); + relatedApp.setLoginUrl(app.getLoginUrl()); + relatedApp.setLogoutUrl(app.getLogoutUrl()); + relatedApp.setProtocol(app.getProtocol()); + relatedApp.setCategory(app.getCategory()); + relatedApp.setVendor(app.getVendor()); + relatedApp.setVendorUrl(app.getVendorUrl()); + relatedApp.setDescription(app.getDescription()); + Set functions = authzResourceService.getResourcesBySubject(user,app); + return new Message<>(new AppResourcesVo(relatedApp,functions)); + }else { + return new Message<>(new AppResourcesVo(relatedApp,new HashSet<>())); + } + } +} diff --git a/maxkey-webs/maxkey-web-openapi/src/main/java/org/dromara/maxkey/web/interceptor/RestApiPermissionAdapter.java b/maxkey-webs/maxkey-web-openapi/src/main/java/org/dromara/maxkey/web/interceptor/RestApiPermissionAdapter.java index 4e955ac23..5691a58db 100644 --- a/maxkey-webs/maxkey-web-openapi/src/main/java/org/dromara/maxkey/web/interceptor/RestApiPermissionAdapter.java +++ b/maxkey-webs/maxkey-web-openapi/src/main/java/org/dromara/maxkey/web/interceptor/RestApiPermissionAdapter.java @@ -17,17 +17,22 @@ package org.dromara.maxkey.web.interceptor; +import java.util.ArrayList; + import org.apache.commons.lang3.StringUtils; import org.dromara.maxkey.authn.web.AuthorizationUtils; import org.dromara.maxkey.authz.oauth2.provider.OAuth2Authentication; import org.dromara.maxkey.authz.oauth2.provider.token.DefaultTokenServices; +import org.dromara.maxkey.crypto.password.PasswordReciprocal; +import org.dromara.maxkey.entity.apps.Apps; +import org.dromara.maxkey.persistence.service.AppsService; import org.dromara.maxkey.util.AuthorizationHeader; import org.dromara.maxkey.util.AuthorizationHeaderUtils; import org.slf4j.Logger; import org.slf4j.LoggerFactory; import org.springframework.beans.factory.annotation.Autowired; -import org.springframework.security.authentication.ProviderManager; import org.springframework.security.authentication.UsernamePasswordAuthenticationToken; +import org.springframework.security.core.authority.SimpleGrantedAuthority; import org.springframework.security.core.userdetails.User; import org.springframework.stereotype.Component; import org.springframework.web.servlet.AsyncHandlerInterceptor; @@ -45,11 +50,13 @@ import jakarta.servlet.http.HttpServletResponse; public class RestApiPermissionAdapter implements AsyncHandlerInterceptor { private static final Logger logger = LoggerFactory.getLogger(RestApiPermissionAdapter.class); + static final String PASSWORD = "password"; + @Autowired DefaultTokenServices oauth20TokenServices; @Autowired - ProviderManager oauth20ClientAuthenticationManager; + AppsService appsService; /* * 请求前处理 @@ -68,11 +75,21 @@ public class RestApiPermissionAdapter implements AsyncHandlerInterceptor { if(StringUtils.isNotBlank(headerCredential.getUsername())&& StringUtils.isNotBlank(headerCredential.getCredential()) ) { - UsernamePasswordAuthenticationToken authRequest = - new UsernamePasswordAuthenticationToken( - headerCredential.getUsername(), - headerCredential.getCredential()); - authenticationToken= (UsernamePasswordAuthenticationToken)oauth20ClientAuthenticationManager.authenticate(authRequest); + String appId = headerCredential.getUsername(); + String credential = headerCredential.getCredential(); + Apps app = appsService.get(appId, true); + if(app != null ) { + if( PasswordReciprocal.getInstance().matches(credential, app.getSecret())) { + ArrayList grantedAuthoritys = new ArrayList<>(); + grantedAuthoritys.add(new SimpleGrantedAuthority("ROLE_USER")); + User user = new User(appId, PASSWORD, grantedAuthoritys); + authenticationToken= new UsernamePasswordAuthenticationToken(user, PASSWORD, grantedAuthoritys); + }else { + logger.trace("app {} secret not matches . ",appId); + } + }else { + logger.trace("app {} not exists . ",appId); + } } }else if(StringUtils.isNotBlank(headerCredential.getCredential())){ logger.trace("Authentication bearer {}" , headerCredential.getCredential());