Merge branch 'release/v1.2.0' of http://192.168.0.144/dcuc-tjdsj/auth-service into mazq-jiekouyouhua-230523

 Conflicts:

	pom.xml

dcuc-auth-model/src/main/java/com/dragoninfo/dcuc/auth/auth/vo/zerotrust/rolemanage/RoleSaveVo.java

@@ -38,18 +38,12 @@ public class RoleSaveVo {
     @ApiModelProperty(value = "业务域")
     private String roleBusiness;
 
-    @ApiModelProperty(value = "警种")
+    @ApiModelProperty(value = "角色类型 LOCAL:本地角色 ALL:全局角色")
     private String roleCategory;
 
     @NotBlank
     @ApiModelProperty(value = "是否限制配额")
-    private String limitCount;
-
-    /**
-     * 角色类型
-     */
-    @ApiModelProperty(value = "角色类型 LOCAL:本地角色 ALL:全局角色")
-    private String roleType;
+    private String isNotLimitCount;
 
     /**
      * 警种

dcuc-auth-service/pom.xml

@@ -154,7 +154,6 @@
         <dependency>
             <groupId>com.dragonsoft</groupId>
             <artifactId>auditlog-qm-tj</artifactId>
-            <version>1.0.1-SNAPSHOT</version>
             <exclusions>
                 <exclusion>
                     <artifactId>joda-time</artifactId>
@@ -221,7 +220,7 @@
                                 </goals>
                                 <configuration>
                                     <!--排除licenseignore包，用来禁用许可开关，防止生产环境通过关闭开关，绕过许可-->
-<!--                                <excludeArtifactIds>duceap-support-licenseignore</excludeArtifactIds>-->
+                                    <!--                                <excludeArtifactIds>duceap-support-licenseignore</excludeArtifactIds>-->
                                     <excludeScope>provided</excludeScope>
                                     <outputDirectory>${project.build.directory}/lib</outputDirectory>
                                     <!--取消依赖包的时间戳-->

dcuc-auth-service/src/main/java/com/dragoninfo/dcuc/auth/async/listener/RzySyslogSendRiskInfoEventListener.java

@@ -63,6 +63,7 @@ public class RzySyslogSendRiskInfoEventListener implements ApplicationListener<S
                         .build();
                 try {
                     String writeValueAsString = objectMapper.writeValueAsString(authRiskDTO);
+                    log.info("发送到安全策略控制服务风险信息：{}", writeValueAsString);
                     sysLogLogger.info(writeValueAsString);
                 } catch (JsonProcessingException e) {
                     log.error("parse error", e);

dcuc-auth-service/src/main/java/com/dragoninfo/dcuc/auth/audit/listener/AuthenticationLogListener.java

@@ -48,6 +48,8 @@ public class AuthenticationLogListener {
                 logger.info("receiveMessage value length 0 or null");
                 return;
             }
+            /*// 内部环境消息中心调试
+            MessageInfoDTO messageInfoDTO = JSONObject.parseObject(value, MessageInfoDTO.class);*/
             ObjectInputStream stream = new ObjectInputStream(new ByteArrayInputStream(value));
             MessageInfoDTO messageInfoDTO = (MessageInfoDTO) stream.readObject();
             logger.info("--------audit-log authentication 收到数据，{}", JSON.toJSONString(messageInfoDTO));

dcuc-auth-service/src/main/java/com/dragoninfo/dcuc/auth/audit/service/log/QmAuditPushService.java

@@ -21,7 +21,10 @@ import org.springframework.beans.factory.annotation.Autowired;
 import org.springframework.stereotype.Service;
 
 import java.util.*;
-import java.util.concurrent.*;
+import java.util.concurrent.LinkedBlockingQueue;
+import java.util.concurrent.ThreadFactory;
+import java.util.concurrent.ThreadPoolExecutor;
+import java.util.concurrent.TimeUnit;
 import java.util.stream.Collectors;
 
 /**
@@ -41,7 +44,7 @@ public class QmAuditPushService {
     ThreadPoolExecutor executor = new ThreadPoolExecutor(
             20,
             50,
-            5*60,
+            5 * 60,
             TimeUnit.SECONDS,
             new LinkedBlockingQueue<>(2000),
             threadFactory);
@@ -68,10 +71,10 @@ public class QmAuditPushService {
      */
     public void pushTokenReceiveLog(List<TokenOperationDto> dtos) {
         Boolean qmEnabled = config.getQmEnabled();
-        if(null == qmEnabled || !qmEnabled) {
+        if (null == qmEnabled || !qmEnabled) {
             return;
         }
-        executor.execute(()-> pushTokenLogToAudit(dtos));
+        executor.execute(() -> pushTokenLogToAudit(dtos));
     }
 
     private void pushTokenLogToAudit(List<TokenOperationDto> dtos) {
@@ -81,14 +84,14 @@ public class QmAuditPushService {
         String sysId = config.getSysId();
         String logType = AuditConstance.AUDIT_LOG_TYPE_LPCZ;
         List<TokenOperationLog> operateLogs = getTokenOperateLog(dtos);
-        if(CollectionUtils.isNotEmpty(operateLogs)) {
+        if (CollectionUtils.isNotEmpty(operateLogs)) {
             log.info("=========推送令牌操作日志=======");
             logSendComponent.sendTokenOperateLog(sysId, logType, operateLogs);
         }
     }
 
     private List<TokenOperationLog> getTokenOperateLog(List<TokenOperationDto> dtos) {
-        return dtos.stream().map(e-> {
+        return dtos.stream().map(e -> {
             TokenOperationLog tokenOperationLog = new TokenOperationLog();
             tokenOperationLog.setAction(e.getAction());
             tokenOperationLog.setPid(e.getPid());
@@ -100,45 +103,48 @@ public class QmAuditPushService {
 
     /**
      * 推送授权日志
+     *
      * @param authorizeLogDto
      */
     public void pushAuthorizeLog(AuthorizeLogDto authorizeLogDto) {
         Boolean qmEnabled = config.getQmEnabled();
-        if(null == qmEnabled || !qmEnabled) {
+        if (null == qmEnabled || !qmEnabled) {
             return;
         }
-        executor.execute(()-> pushAuthorizeLogToAudit(authorizeLogDto));
+        executor.execute(() -> pushAuthorizeLogToAudit(authorizeLogDto));
     }
 
     /**
      * 推送鉴权日志
+     *
      * @param authenticationLogDto
      */
     public void pushAuthenticationLog(AuthenticationLogDto authenticationLogDto) {
         Boolean qmEnabled = config.getQmEnabled();
-        if(null == qmEnabled || !qmEnabled) {
+        if (null == qmEnabled || !qmEnabled) {
             return;
         }
-        executor.execute(()-> pushAuthenticationLogToAudit(authenticationLogDto));
+        executor.execute(() -> pushAuthenticationLogToAudit(authenticationLogDto));
     }
 
     /**
      * 推送风险日志
+     *
      * @param risksDtos
      */
     public void pushRiskLog(List<RiskPushLogDto> risksDtos) {
         Boolean qmEnabled = config.getQmEnabled();
-        if(null == qmEnabled || !qmEnabled) {
+        if (null == qmEnabled || !qmEnabled) {
             return;
         }
-        executor.execute(()-> pushRiskLogToAudit(risksDtos));
+        executor.execute(() -> pushRiskLogToAudit(risksDtos));
     }
 
     private void pushAuthorizeLogToAudit(AuthorizeLogDto authorizeLogDto) {
         String sysId = config.getSysId();
         String logType = AuditConstance.AUDIT_LOG_TYPE_SQ;
         List<AuthBusLog> busLogs = getAuthBusLog(authorizeLogDto);
-        if(CollectionUtils.isNotEmpty(busLogs)) {
+        if (CollectionUtils.isNotEmpty(busLogs)) {
             log.info("=========推送审计授权日志=======");
             logSendComponent.sendAuthBusLog(sysId, logType, busLogs);
         }
@@ -147,13 +153,13 @@ public class QmAuditPushService {
     private List<AuthBusLog> getAuthBusLog(AuthorizeLogDto authorizeLogDto) {
         String authorizeType = authorizeLogDto.getAuthorizeType();
         AuthorizeTypeEnum typeEnum = AuthorizeTypeEnum.getByAuthorizeType(authorizeType);
-        if(null == typeEnum) {
+        if (null == typeEnum) {
             return new ArrayList<>();
         }
         Map<String, String> map = getSQOperateAndAuthType(typeEnum);
         String authType = map.get(AUTH_TYPE_KEY);
         String operateType = map.get(OPERATE_TYPE_KEY);
-        return constructBusLogs(authorizeLogDto, authType ,operateType);
+        return constructBusLogs(authorizeLogDto, authType, operateType);
     }
 
     private Map<String, String> getSQOperateAndAuthType(AuthorizeTypeEnum typeEnum) {
@@ -191,7 +197,7 @@ public class QmAuditPushService {
 
     private List<AuthBusLog> constructBusLogs(AuthorizeLogDto authorizeLogDto, String authType, String operateType) {
         List<AuthBusLog> list = new ArrayList<>();
-        if(StringUtils.isAnyBlank(authType, operateType)) {
+        if (StringUtils.isAnyBlank(authType, operateType)) {
             return list;
         }
         String timeStr = getTimeStr(authorizeLogDto.getCreateTime());
@@ -225,6 +231,7 @@ public class QmAuditPushService {
 
             //设置终端ip
             authBusLog.setTerminalIP(authorizeLogDto.getTerminalIP());
+            authBusLog.setApproveTaskId("");
             list.add(authBusLog);
         }
         return list;
@@ -232,7 +239,7 @@ public class QmAuditPushService {
 
     private String getTimeStr(Date createTime) {
         String timeStr = "";
-        if(null != createTime) {
+        if (null != createTime) {
             long time = createTime.getTime();
             timeStr = String.valueOf(time);
         }
@@ -244,7 +251,7 @@ public class QmAuditPushService {
         String sysId = config.getSysId();
         String logType = AuditConstance.AUDIT_LOG_TYPE_JQ;
         List<AuthenticationBusLog> busLogs = getAuthenticationBusLog(authenticationLogDto);
-        if(CollectionUtils.isNotEmpty(busLogs)) {
+        if (CollectionUtils.isNotEmpty(busLogs)) {
             log.info("=========推送审计鉴权日志=======");
             logSendComponent.sendAuthenticationBusLog(sysId, logType, busLogs);
         }
@@ -253,7 +260,7 @@ public class QmAuditPushService {
     private List<AuthenticationBusLog> getAuthenticationBusLog(AuthenticationLogDto authenticationLogDto) {
         String authenticationType = authenticationLogDto.getAuthenticationType();
         AuthenticationTypeEnum typeEnum = AuthenticationTypeEnum.getByAuthenticationType(authenticationType);
-        if(null == typeEnum) {
+        if (null == typeEnum) {
             return new ArrayList<>();
         }
         String authType = getJQAuthType(typeEnum);
@@ -262,7 +269,7 @@ public class QmAuditPushService {
 
     private List<AuthenticationBusLog> constructAuthenticationBusLogs(AuthenticationLogDto dto, String authType) {
         List<AuthenticationBusLog> list = new ArrayList<>();
-        if(StringUtils.isBlank(authType)) {
+        if (StringUtils.isBlank(authType)) {
             return list;
         }
         AuthenticationBusLog busLog = new AuthenticationBusLog();
@@ -273,7 +280,7 @@ public class QmAuditPushService {
         busLog.setAuthIdcard(dto.getUserIdcard());
         //推送结果 0：成功  1：失败
         String state = dto.getState();
-        if(AuthResultEnum.SUC.getValue().equals(state)) {
+        if (AuthResultEnum.SUC.getValue().equals(state)) {
             state = AuthResultEnum.FAIL.getValue();
         } else {
             state = AuthResultEnum.SUC.getValue();
@@ -343,18 +350,18 @@ public class QmAuditPushService {
     }
 
     private void pushRiskLogToAudit(List<RiskPushLogDto> risksDtos) {
-        if(CollectionUtils.isEmpty(risksDtos)) {
+        if (CollectionUtils.isEmpty(risksDtos)) {
             return;
         }
         log.info("=========推送审计风险日志=======");
         List<AuthenticationRiskLog> pushLogs = new ArrayList<>();
         for (RiskPushLogDto risksDto : risksDtos) {
             RiskProgrammeTypeEnum riskTypeEnum = RiskProgrammeTypeEnum.getByType(risksDto.getRiskType());
-            if(null == riskTypeEnum) {
+            if (null == riskTypeEnum) {
                 continue;
             }
             String mainType = getMainType(riskTypeEnum);
-            if(null == mainType) {
+            if (null == mainType) {
                 continue;
             }
             AuthenticationRiskLog riskPushLog = new AuthenticationRiskLog();
@@ -364,9 +371,10 @@ public class QmAuditPushService {
             riskPushLog.setTaskId(risksDto.getLogIds());
             riskPushLog.setMainType(mainType);
             riskPushLog.setType(riskTypeEnum.getLabel());
+            riskPushLog.setLevel("");
             pushLogs.add(riskPushLog);
         }
-        if(pushLogs.size() >0) {
+        if (pushLogs.size() > 0) {
             String sysId = config.getSysId();
             String logType = AuditConstance.AUDIT_LOG_TYPE_FXBS;
             logSendComponent.sendAuthenticationRiskLog(sysId, logType, pushLogs);

dcuc-auth-service/src/main/java/com/dragoninfo/dcuc/auth/auth/service/impl/zerotrust/RoleOperateApplyServiceImpl.java

@@ -5,6 +5,7 @@ import com.dragoninfo.dcuc.auth.auth.dto.zerotrust.approval.FlowApplyReqDto;
 import com.dragoninfo.dcuc.auth.auth.dto.zerotrust.approval.FlowSubmitRespDTO;
 import com.dragoninfo.dcuc.auth.auth.entity.zerotrust.RoleOperateContent;
 import com.dragoninfo.dcuc.auth.auth.enumresources.RoleManageOpeTypeEnum;
+import com.dragoninfo.dcuc.auth.auth.enumresources.YesNotEnum;
 import com.dragoninfo.dcuc.auth.auth.enumresources.zerotrust.approval.ApprovalApplyTypeEnum;
 import com.dragoninfo.dcuc.auth.auth.repo.zerotrust.RoleOperateContentRepository;
 import com.dragoninfo.dcuc.auth.auth.service.zerotrust.IRoleOperateApplyService;
@@ -19,6 +20,7 @@ import com.dragonsoft.duceap.base.entity.security.SecurityUser;
 import com.dragonsoft.duceap.base.utils.UserContextUtils;
 import com.dragonsoft.duceap.commons.util.UUIDUtils;
 import com.dragonsoft.duceap.commons.util.enums.EnumUtils;
+import com.dragonsoft.duceap.commons.util.string.StringUtils;
 import lombok.extern.slf4j.Slf4j;
 import org.springframework.beans.factory.annotation.Autowired;
 import org.springframework.data.domain.Example;
@@ -99,6 +101,11 @@ public class RoleOperateApplyServiceImpl implements IRoleOperateApplyService {
         operateContent.setOperateType(typeEnum.getValue());
         operateContent.setPoliceCategory(roleSaveVo.getPoliceCategory());
         operateContent.setRoleBusiness(roleSaveVo.getRoleBusiness());
+        String notLimitCount = roleSaveVo.getIsNotLimitCount();
+        if (StringUtils.isNotBlank(notLimitCount)) {
+            operateContent.setLimitCount(
+                    YesNotEnum.YES.getValue().equals(roleSaveVo.getIsNotLimitCount()) ? "0" : "1");
+        }
         repository.save(operateContent);
         return ResponseDTO.success("", (Object) null);
     }

dcuc-auth-service/src/main/java/com/dragoninfo/dcuc/auth/business/impl/zerotrust/ApprovalBusinessImpl.java

@@ -10,6 +10,7 @@ import com.dragoninfo.dcuc.auth.auth.dto.zerotrust.approval.*;
 import com.dragoninfo.dcuc.auth.auth.entity.RoleInfo;
 import com.dragoninfo.dcuc.auth.auth.entity.zerotrust.ApprovalResult;
 import com.dragoninfo.dcuc.auth.auth.entity.zerotrust.RoleOperateContent;
+import com.dragoninfo.dcuc.auth.auth.enumresources.YesNotEnum;
 import com.dragoninfo.dcuc.auth.auth.enumresources.zerotrust.approval.*;
 import com.dragoninfo.dcuc.auth.auth.service.IRoleInfoService;
 import com.dragoninfo.dcuc.auth.auth.service.zerotrust.IApprovalResultService;
@@ -318,7 +319,12 @@ public class ApprovalBusinessImpl implements IApprovalBusiness {
         roleInfo.setRoleLevel(roleOperateContent.getRoleLevel());
         roleInfo.setRoleCategory(roleOperateContent.getRoleCategory());
         roleInfo.setRoleBusiness(roleOperateContent.getRoleBusiness());
-        roleInfo.setIsNotLimitCount(roleOperateContent.getLimitCount());
+        roleInfo.setPoliceCategory(roleOperateContent.getPoliceCategory());
+        String limitCount = roleOperateContent.getLimitCount();
+        if( StringUtils.isNotBlank(limitCount)){
+            roleInfo.setIsNotLimitCount(
+                    YesNotEnum.YES.getValue().equals(limitCount) ? "0" : "1");
+        }
         roleInfo.setIsActive("1");
         return roleInfo;
     }

dcuc-auth-service/src/main/resources/application-auth.yml

@@ -5,8 +5,8 @@ dcuc:
         host: 127.0.0.1
         port: 514
         facility: LOCAL0
-      user-token-query-url:
-      app-token-query-url:
+      user-token-query-url: http://10.11.1.237:4523/m1/3011280-0-default/idp/rest/getUserTokenInfo
+      app-token-query-url: http://10.11.1.237:4523/m1/3011280-0-default/idp/rest/getAppTokenInfo
       user-info-query-url:
       notify-app-url-list:
       approval:
@@ -18,11 +18,11 @@ dcuc:
     menu-noclear: true
     #服务变更通知
     kafka:
-      app-key: dcuc69000787
-      app-secret: dcuc01494668
+      app-key: CUIA59559087
+      app-secret: CUIA17401300
       message-topic: 90120021
       message-jssq-topic: 90220013
-      kafka-servers: http://192.168.10.20:9981/dcms-manager
+      kafka-servers: http://10.201.2.14:9981/dcms-manager
     #审批中心
     approval-center:
       #是否开启kafka功能

dcuc-auth-service/src/main/resources/application-base.yml

@@ -27,10 +27,10 @@ spring:
       max-request-size: 150MB
   kafka:
     producer:
-      bootstrap-servers: 192.168.10.20:9093
+      bootstrap-servers: 10.201.2.14:9092
       #kafka消费者配置
     consumer:
-      bootstrap-servers: 192.168.10.20:9093
+      bootstrap-servers: 10.201.2.14:9092
       enable-auto-commit: true
       auto-commit-interval: 1000
       max-poll-records: 500

pom.xml

@@ -24,19 +24,17 @@
         <mysql.version>5.1.49</mysql.version>
         <lombok.version>1.18.24</lombok.version>
         <sm.tools.version>1.2.1-SNAPSHOT</sm.tools.version>
+        <qm.tj.audit.version>1.0.2-SNAPSHOT</qm.tj.audit.version>
         <moco.version>0.12.0</moco.version>
         <embedded.redis.version>0.7.3</embedded.redis.version>
     </properties>
 
     <dependencyManagement>
         <dependencies>
-            <!-- 导入duceap-cloud 2.0 POM定义-->
             <dependency>
                 <groupId>com.dragonsoft</groupId>
-                <artifactId>duceap-cloud-parent</artifactId>
-                <version>${duceap.version}</version>
-                <type>pom</type>
-                <scope>import</scope>
+                <artifactId>auditlog-qm-tj</artifactId>
+                <version>${qm.tj.audit.version}</version>
             </dependency>
 
             <!--oracle 引入-->
@@ -111,6 +109,14 @@
                 <artifactId>sm-tools-local</artifactId>
                 <version>${sm.tools.version}</version>
             </dependency>
+            <!-- 导入duceap-cloud 2.0 POM定义-->
+            <dependency>
+                <groupId>com.dragonsoft</groupId>
+                <artifactId>duceap-cloud-parent</artifactId>
+                <version>${duceap.version}</version>
+                <type>pom</type>
+                <scope>import</scope>
+            </dependency>
 
             <dependency>
                 <groupId>it.ozimov</groupId>