Merge branch 'mazq-authApiModify-230222' into 'develop'

Mazq auth api modify 230222

See merge request dcuc-tjdsj/auth-back!138

src/main/java/com/dragoninfo/dcuc/authweb/interceptor/AuthBeforeResInterceptor.java

@@ -8,6 +8,7 @@ import com.dragoninfo.dcuc.auth.sub.facade.IAuthUserInfoFacade;
 import com.dragoninfo.dcuc.authweb.config.DcucAuthWebConfig;
 import com.dragoninfo.dcuc.authweb.enums.CheckTypeEnum;
 import com.dragoninfo.dcuc.authweb.exception.EvidenceException;
+import com.dragoninfo.dcuc.authweb.util.HeadTokenUtils;
 import com.dragoninfo.dcuc.common.Constants;
 import com.dragonsoft.duceap.base.entity.http.HttpStatus;
 import lombok.extern.slf4j.Slf4j;
@@ -56,8 +57,8 @@ public class AuthBeforeResInterceptor implements HandlerInterceptor {
         log.info("AuthBeforeResInterceptor自定义拦截器");
 
         if (checkTypeEnum.equals(CheckTypeEnum.BASE)) {
-            String idcard = getIdcard(request);
-            String appCode = getAppCode(request);
+            String idcard = HeadTokenUtils.getIdcard(request);
+            String appCode = HeadTokenUtils.getAppCode(request);
 
             log.info("Request header idcard:{},appCode:{}", idcard, appCode);
 
@@ -82,8 +83,8 @@ public class AuthBeforeResInterceptor implements HandlerInterceptor {
 
         } else if (checkTypeEnum.equals(CheckTypeEnum.TOKEN)) {
 
-            String userToken = getUserToken(request);
-            String appToken = getAppToken(request);
+            String userToken = HeadTokenUtils.getUserToken(request);
+            String appToken = HeadTokenUtils.getAppToken(request);
             if (StrUtil.isNotBlank(userToken) && StrUtil.isNotBlank(appToken)) {
                 log.info("Request header userToken:{},appToken:{}", userToken, appToken);
 
@@ -102,51 +103,4 @@ public class AuthBeforeResInterceptor implements HandlerInterceptor {
 
         throw new EvidenceException(HttpStatus.MULTIPLE_CHOICES.value(), "请传入凭据");
     }
-
-    private String getIdcard(HttpServletRequest request) {
-        String idcard = request.getHeader(Constants.IDCARD);
-        if (StrUtil.isBlank(idcard)) {
-            // 获取总线的IDCARD
-            idcard = request.getHeader(Constants.BUS_SRE_IDCARD);
-        }
-        return idcard;
-    }
-
-    private String getAppCode(HttpServletRequest request) {
-        String appCode = request.getHeader(Constants.APP_CODE);
-        if (StrUtil.isBlank(appCode)) {
-            // 获取总线的应用代码
-            appCode = request.getHeader(Constants.BUS_SRA_ID);
-        }
-        return appCode;
-    }
-
-    private String getUserToken(HttpServletRequest request) {
-        String userToken = request.getHeader(Constants.DCUC_USER_TOKEN);
-        if (StrUtil.isBlank(userToken)) {
-            // 获取数据总线用户令牌
-            userToken = request.getHeader(Constants.BUS_SRE_TOKEN);
-        }
-
-        if (StrUtil.isBlank(userToken)) {
-            userToken = request.getHeader(Constants.USER_TOKEN);
-        }
-
-        return userToken;
-    }
-
-    private String getAppToken(HttpServletRequest request) {
-        String appToken = request.getHeader(Constants.DCUC_APP_TOKEN);
-
-        if (StrUtil.isBlank(appToken)) {
-            // 获取数据总线应用令牌
-            appToken = request.getHeader(Constants.BUS_SRA_TOKEN);
-        }
-
-        if (StrUtil.isBlank(appToken)) {
-            appToken = request.getHeader(Constants.APP_TOKEN);
-        }
-
-        return appToken;
-    }
 }

src/main/java/com/dragoninfo/dcuc/authweb/restcontroller/api/authservice/v1/controller/StaffRoleAuthController.java

@@ -1,5 +1,7 @@
 package com.dragoninfo.dcuc.authweb.restcontroller.api.authservice.v1.controller;
 
+import com.auth0.jwt.JWT;
+import com.auth0.jwt.interfaces.DecodedJWT;
 import com.dragoninfo.dcuc.app.entity.ApplyInfo;
 import com.dragoninfo.dcuc.app.facade.IApplyInfoFacade;
 import com.dragoninfo.dcuc.auth.auth.entity.RoleInfo;
@@ -7,24 +9,31 @@ import com.dragoninfo.dcuc.auth.auth.facade.IRoleFacade;
 import com.dragoninfo.dcuc.auth.auth.facade.IStaffAssignAuthInfoFacade;
 import com.dragoninfo.dcuc.auth.auth.vo.RoleInfoApiVo;
 import com.dragoninfo.dcuc.auth.auth.vo.StaffRoleAuthApiVo;
+import com.dragoninfo.dcuc.auth.auth.vo.StaffRoleAuthReqVo;
+import com.dragoninfo.dcuc.authweb.restcontroller.api.authservice.v1.vo.UserRoleAuthReqVO;
+import com.dragoninfo.dcuc.authweb.util.HeadTokenUtils;
 import com.dragoninfo.dcuc.authweb.util.VersionUtils;
+import com.dragoninfo.dcuc.common.Constants;
 import com.dragoninfo.dcuc.common.entity.ApiResult;
 import com.dragoninfo.dcuc.common.entity.ApiSearchReq;
+import com.dragoninfo.dcuc.common.utils.ResponseUtil;
 import com.dragoninfo.dcuc.common.utils.SearchableUtil;
+import com.dragonsoft.duceap.base.entity.http.ResponseStatus;
 import com.dragonsoft.duceap.base.enums.BooleanEnum;
+import com.dragonsoft.duceap.commons.util.string.StringUtils;
 import com.dragonsoft.duceap.core.search.Searchable;
 import com.dragonsoft.duceap.core.search.enums.SearchOperator;
 import com.dragonsoft.duceap.core.search.filter.Condition;
 import io.swagger.annotations.Api;
 import io.swagger.annotations.ApiOperation;
 import lombok.extern.slf4j.Slf4j;
+import org.springframework.beans.BeanUtils;
 import org.springframework.beans.factory.annotation.Autowired;
 import org.springframework.data.domain.Page;
-import org.springframework.web.bind.annotation.PostMapping;
-import org.springframework.web.bind.annotation.RequestBody;
-import org.springframework.web.bind.annotation.RequestMapping;
-import org.springframework.web.bind.annotation.RestController;
+import org.springframework.web.bind.annotation.*;
 
+import javax.servlet.http.HttpServletRequest;
+import javax.validation.Valid;
 import java.util.HashMap;
 import java.util.List;
 import java.util.Map;
@@ -63,14 +72,14 @@ public class StaffRoleAuthController {
         }
         //参数校验
         Condition appCodeEq = searchable.getSearchFilter("appCode", SearchOperator.eq);
-        if(null == appCodeEq) {
+        if (null == appCodeEq) {
             return ApiResult.setFailMessage("应用编码不能为空");
         }
         ApplyInfo appInfo = applyInfoFacade.getAppByCode(appCodeEq.getValue().toString());
-        if(null == appInfo) {
+        if (null == appInfo) {
             return ApiResult.setFailMessage("应用不存在");
         }
-        if(BooleanEnum.TRUE.value.equals(appInfo.getApplyStatus())) {
+        if (BooleanEnum.TRUE.value.equals(appInfo.getApplyStatus())) {
             return ApiResult.setFailMessage("应用已禁用");
         }
 
@@ -104,18 +113,47 @@ public class StaffRoleAuthController {
         }
         //参数校验
         Condition appCodeEq = searchable.getSearchFilter("appCode", SearchOperator.eq);
-        if(null == appCodeEq) {
+        if (null == appCodeEq) {
             return ApiResult.setFailMessage("应用编码不能为空");
         }
         ApplyInfo appInfo = applyInfoFacade.getAppByCode(appCodeEq.getValue().toString());
-        if(null == appInfo) {
+        if (null == appInfo) {
             return ApiResult.setFailMessage("应用不存在");
         }
-        if(BooleanEnum.TRUE.value.equals(appInfo.getApplyStatus())) {
+        if (BooleanEnum.TRUE.value.equals(appInfo.getApplyStatus())) {
             return ApiResult.setFailMessage("应用已禁用");
         }
         searchable.addSearchFilter("appId", SearchOperator.eq, appInfo.getId());
         Page<StaffRoleAuthApiVo> page = staffAssignAuthInfoFacade.apiStaffRoleAuthResult(searchable.toSearchDTO());
         return ApiResult.setSuccessPage(page.getTotalElements(), page.getContent());
     }
+
+    @ApiOperation("修改人员对应的应用角色")
+    @PutMapping("role/users")
+    public ApiResult userRoleSave(HttpServletRequest request, @Valid @RequestBody UserRoleAuthReqVO userRoleAuthReqVO) {
+        String operateIdcard = HeadTokenUtils.getIdcard(request);
+        String userToken = HeadTokenUtils.getUserToken(request);
+
+        if (StringUtils.isBlank(operateIdcard)) {
+            DecodedJWT decode = JWT.decode(userToken);
+            operateIdcard = decode.getClaim("idCard").asString();
+        }
+        if (StringUtils.isBlank(operateIdcard)) {
+            return ApiResult.setFailMessage("操作人身份证号为空");
+        }
+
+        log.info("api role users operateIdcard:{}", operateIdcard);
+
+        StaffRoleAuthReqVo reqVo = new StaffRoleAuthReqVo();
+        BeanUtils.copyProperties(userRoleAuthReqVO, reqVo);
+        reqVo.setOperateIdcard(operateIdcard);
+
+        ResponseStatus status = staffAssignAuthInfoFacade.apiStaffRoleAuth(reqVo);
+        if (ResponseUtil.isSuccess(status)) {
+            return ApiResult.setSuccess();
+        } else {
+            return ApiResult.setFailMessage(status.getMessage());
+        }
+
+    }
 }

src/main/java/com/dragoninfo/dcuc/authweb/restcontroller/api/authservice/v1/controller/WorkFlowApiController.java

@@ -1,5 +1,7 @@
 package com.dragoninfo.dcuc.authweb.restcontroller.api.authservice.v1.controller;
 
+import com.auth0.jwt.JWT;
+import com.auth0.jwt.interfaces.DecodedJWT;
 import com.dragoninfo.dcuc.auth.auth.dto.ServiceAuthFlowDTO;
 import com.dragoninfo.dcuc.auth.auth.dto.WorkFlowResutlAcceptDTO;
 import com.dragoninfo.dcuc.auth.auth.enumresources.WorkFlowStatusEnum;
@@ -8,6 +10,7 @@ import com.dragoninfo.dcuc.authweb.restcontroller.api.authservice.v1.vo.AuthFlow
 import com.dragoninfo.dcuc.authweb.restcontroller.api.authservice.v1.vo.ResourceInfoVo;
 import com.dragoninfo.dcuc.authweb.restcontroller.api.authservice.v1.vo.ServiceAuthFlowAcceptVo;
 import com.dragoninfo.dcuc.authweb.restcontroller.api.authservice.v1.vo.WorkFlowResutlAcceptVo;
+import com.dragoninfo.dcuc.authweb.util.HeadTokenUtils;
 import com.dragoninfo.dcuc.common.Constants;
 import com.dragoninfo.dcuc.common.entity.ApiResult;
 import com.dragonsoft.duceap.base.entity.http.ResponseDTO;
@@ -50,10 +53,14 @@ public class WorkFlowApiController {
     @PostMapping("service")
     @ResponseBody
     public ApiResult serviceAuthFlowSave(@RequestBody @Validated ServiceAuthFlowAcceptVo serviceAuthFlowVo, HttpServletRequest request) {
-        String idcard = request.getHeader(Constants.IDCARD);
-        String tonken = request.getHeader(Constants.DCUC_USER_TOKEN);
-        String applyAppCode = request.getHeader(Constants.BUS_SRA_ID);
-        String user = StringUtils.isNotBlank(idcard) ? idcard : tonken;
+        String idcard = HeadTokenUtils.getIdcard(request);
+        String userToken = HeadTokenUtils.getUserToken(request);
+        String applyAppCode = HeadTokenUtils.getAppCode(request);
+        String user = idcard;
+        if (StringUtils.isBlank(user)) {
+            DecodedJWT decode = JWT.decode(userToken);
+            user = decode.getClaim("idCard").asString();
+        }
         ServiceAuthFlowDTO dto = new ServiceAuthFlowDTO();
         setAppServiceInfo(dto, serviceAuthFlowVo);
         BeanUtils.copyProperties(serviceAuthFlowVo, dto, "serviceCodes", "serviceNames");

src/main/java/com/dragoninfo/dcuc/authweb/restcontroller/api/authservice/v1/vo/UserRoleAuthReqVO.java

@@ -0,0 +1,33 @@
+package com.dragoninfo.dcuc.authweb.restcontroller.api.authservice.v1.vo;
+
+import io.swagger.annotations.ApiModel;
+import io.swagger.annotations.ApiModelProperty;
+import lombok.Data;
+
+import javax.validation.constraints.NotBlank;
+import java.util.List;
+
+/**
+ * <p>
+ *
+ * </p>
+ *
+ * @author huangzqa
+ * @date 2023/3/3
+ */
+@ApiModel("用户角色设置请求")
+@Data
+public class UserRoleAuthReqVO {
+
+    @NotBlank
+    @ApiModelProperty("应用代码")
+    private String appCode;
+
+    @ApiModelProperty("用户身份证号")
+    @NotBlank
+    private String idcard;
+
+    @ApiModelProperty("角色代码，可设置多个，空为取消角色授权")
+    private List<String> roleCodeList;
+
+}

src/main/java/com/dragoninfo/dcuc/authweb/util/HeadTokenUtils.java

@@ -0,0 +1,60 @@
+package com.dragoninfo.dcuc.authweb.util;
+
+import cn.hutool.core.util.StrUtil;
+import com.dragoninfo.dcuc.common.Constants;
+
+import javax.servlet.http.HttpServletRequest;
+
+/**
+ * @author mazq
+ * @date 2023/3/7
+ */
+public class HeadTokenUtils {
+
+    public static String getIdcard(HttpServletRequest request) {
+        String idcard = request.getHeader(Constants.IDCARD);
+        if (StrUtil.isBlank(idcard)) {
+            // 获取总线的IDCARD
+            idcard = request.getHeader(Constants.BUS_SRE_IDCARD);
+        }
+        return idcard;
+    }
+
+    public static String getAppCode(HttpServletRequest request) {
+        String appCode = request.getHeader(Constants.APP_CODE);
+        if (StrUtil.isBlank(appCode)) {
+            // 获取总线的应用代码
+            appCode = request.getHeader(Constants.BUS_SRA_ID);
+        }
+        return appCode;
+    }
+
+    public static String getUserToken(HttpServletRequest request) {
+        String userToken = request.getHeader(Constants.DCUC_USER_TOKEN);
+        if (StrUtil.isBlank(userToken)) {
+            // 获取数据总线用户令牌
+            userToken = request.getHeader(Constants.BUS_SRE_TOKEN);
+        }
+
+        if (StrUtil.isBlank(userToken)) {
+            userToken = request.getHeader(Constants.USER_TOKEN);
+        }
+
+        return userToken;
+    }
+
+    public static String getAppToken(HttpServletRequest request) {
+        String appToken = request.getHeader(Constants.DCUC_APP_TOKEN);
+
+        if (StrUtil.isBlank(appToken)) {
+            // 获取数据总线应用令牌
+            appToken = request.getHeader(Constants.BUS_SRA_TOKEN);
+        }
+
+        if (StrUtil.isBlank(appToken)) {
+            appToken = request.getHeader(Constants.APP_TOKEN);
+        }
+
+        return appToken;
+    }
+}