单点登陆接口修改

jeecg-module-interlock/src/main/java/org/jeecg/modules/interlockSystemLimit/mapper/InterlockSystemLimitMapper.java

@@ -3,6 +3,7 @@ package org.jeecg.modules.interlockSystemLimit.mapper;
 import java.util.List;
 
 import org.apache.ibatis.annotations.Param;
+import org.apache.ibatis.annotations.Select;
 import org.jeecg.modules.interlockSystemLimit.entity.InterlockSystemLimit;
 import com.baomidou.mybatisplus.core.mapper.BaseMapper;
 
@@ -14,4 +15,8 @@ import com.baomidou.mybatisplus.core.mapper.BaseMapper;
  */
 public interface InterlockSystemLimitMapper extends BaseMapper<InterlockSystemLimit> {
 
+    //系统管理员权限 查询所有系统并将系统权限赋成管理0用于展示
+    @Select("select #{username} as create_by, b.id as interlock_system_id, b.pid as interlock_apparatus_id, #{userId} as interlock_user_id, '0' as limit_type from (select * from interlock_base where interlock_type = '1') b")
+    List<InterlockSystemLimit> getInterlockSystemLimitList(@Param("username") String username, @Param("userId") String userId);
+
 }

jeecg-module-interlock/src/main/java/org/jeecg/modules/interlockSystemLimit/service/IInterlockSystemLimitService.java

@@ -1,8 +1,11 @@
 package org.jeecg.modules.interlockSystemLimit.service;
 
+import org.apache.ibatis.annotations.Param;
 import org.jeecg.modules.interlockSystemLimit.entity.InterlockSystemLimit;
 import com.baomidou.mybatisplus.extension.service.IService;
 
+import java.util.List;
+
 /**
  * @Description: 联锁管理系统中系统权限对应表
  * @Author: jeecg-boot
@@ -11,4 +14,7 @@ import com.baomidou.mybatisplus.extension.service.IService;
  */
 public interface IInterlockSystemLimitService extends IService<InterlockSystemLimit> {
 
+    //系统管理员权限 查询所有系统并将系统权限赋成管理0用于展示
+    List<InterlockSystemLimit> getInterlockSystemLimitList(String username, String userId);
+
 }

jeecg-module-interlock/src/main/java/org/jeecg/modules/interlockSystemLimit/service/impl/InterlockSystemLimitServiceImpl.java

@@ -3,10 +3,13 @@ package org.jeecg.modules.interlockSystemLimit.service.impl;
 import org.jeecg.modules.interlockSystemLimit.entity.InterlockSystemLimit;
 import org.jeecg.modules.interlockSystemLimit.mapper.InterlockSystemLimitMapper;
 import org.jeecg.modules.interlockSystemLimit.service.IInterlockSystemLimitService;
+import org.springframework.beans.factory.annotation.Autowired;
 import org.springframework.stereotype.Service;
 
 import com.baomidou.mybatisplus.extension.service.impl.ServiceImpl;
 
+import java.util.List;
+
 /**
  * @Description: 联锁管理系统中系统权限对应表
  * @Author: jeecg-boot
@@ -16,4 +19,13 @@ import com.baomidou.mybatisplus.extension.service.impl.ServiceImpl;
 @Service
 public class InterlockSystemLimitServiceImpl extends ServiceImpl<InterlockSystemLimitMapper, InterlockSystemLimit> implements IInterlockSystemLimitService {
 
+    @Autowired
+    @SuppressWarnings("all")
+    private InterlockSystemLimitMapper interlockSystemLimitMapper;
+
+    //系统管理员权限 查询所有系统并将系统权限赋成管理0用于展示
+    public List<InterlockSystemLimit> getInterlockSystemLimitList(String username, String userId){
+        return interlockSystemLimitMapper.getInterlockSystemLimitList(username, userId);
+    }
+
 }

jeecg-module-interlock/src/main/java/org/jeecg/modules/interlockUser/service/IInterlockUserService.java

@@ -1,5 +1,7 @@
 package org.jeecg.modules.interlockUser.service;
 
+import org.apache.ibatis.annotations.Param;
+import org.apache.ibatis.annotations.Select;
 import org.jeecg.common.api.vo.Result;
 import org.jeecg.modules.interlockUser.entity.InterlockUser;
 import com.baomidou.mybatisplus.extension.service.IService;
@@ -56,4 +58,7 @@ public interface IInterlockUserService extends IService<InterlockUser> {
      */
     public Result<InterlockUserAdd> queryUserById(String id);
 
+    //根据用户名查找用户信息
+    InterlockUser getInterlockUserByUserName(String wiseUser);
+
 }

jeecg-module-interlock/src/main/java/org/jeecg/modules/interlockUser/service/impl/InterlockUserServiceImpl.java

@@ -198,4 +198,9 @@ public class InterlockUserServiceImpl extends ServiceImpl<InterlockUserMapper, I
         return Result.OK(interlockUserAdd);
     }
 
+    //根据用户名查找用户信息
+    public InterlockUser getInterlockUserByUserName(String wiseUser){
+        return interlockUserMapper.getInterlockUserByUserName(wiseUser);
+    }
+
 }

jeecg-module-interlock/src/main/java/org/jeecg/modules/ssoClient/controller/SSOLoginLogoutController.java

@@ -18,7 +18,16 @@ import org.jeecg.common.system.vo.LoginUser;
 import org.jeecg.common.util.PasswordUtil;
 import org.jeecg.common.util.RedisUtil;
 import org.jeecg.common.util.oConvertUtils;
+import org.jeecg.modules.base.entity.InterlockBase;
 import org.jeecg.modules.base.service.BaseCommonService;
+import org.jeecg.modules.base.service.IInterlockBaseService;
+import org.jeecg.modules.interlockSystemLimit.entity.InterlockSystemLimit;
+import org.jeecg.modules.interlockSystemLimit.service.IInterlockSystemLimitService;
+import org.jeecg.modules.interlockUser.entity.InterlockUser;
+import org.jeecg.modules.interlockUser.entity.InterlockUserAdd;
+import org.jeecg.modules.interlockUser.service.IInterlockUserService;
+import org.jeecg.modules.interlockUser.service.impl.InterlockUserServiceImpl;
+import org.jeecg.modules.iotedgeCollectData.service.RestClientService;
 import org.jeecg.modules.iotedgeConfig.service.IIotedgeConfigService;
 import org.jeecg.modules.iotedgeConfig.util.ConfigInfo;
 import org.jeecg.modules.ssoClient.constants.SSOConstants;
@@ -27,11 +36,9 @@ import org.jeecg.modules.ssoClient.vo.LoginResult;
 import org.jeecg.modules.system.entity.SysDepart;
 import org.jeecg.modules.system.entity.SysTenant;
 import org.jeecg.modules.system.entity.SysUser;
+import org.jeecg.modules.system.entity.SysUserRole;
 import org.jeecg.modules.system.model.SysLoginModel;
-import org.jeecg.modules.system.service.ISysDepartService;
-import org.jeecg.modules.system.service.ISysDictService;
-import org.jeecg.modules.system.service.ISysTenantService;
-import org.jeecg.modules.system.service.ISysUserService;
+import org.jeecg.modules.system.service.*;
 import org.jeecg.modules.system.service.impl.SysBaseApiImpl;
 import org.springframework.beans.BeanUtils;
 import org.springframework.beans.factory.annotation.Autowired;
@@ -77,6 +84,14 @@ public class SSOLoginLogoutController {
     @Autowired
     private SysBaseApiImpl sysBaseApi;
 
+    @Autowired
+    private IInterlockUserService interlockUserService;
+
+    @Autowired
+    private IInterlockSystemLimitService interlockSystemLimitService;
+
+    @Autowired
+    private ISysUserRoleService sysUserRoleService;
 
 
     /**
@@ -252,10 +267,59 @@ public class SSOLoginLogoutController {
     }
 
 
-
-
-    @ApiOperation(".登录接口（sso）")
-    @RequestMapping(value = "/login", method = RequestMethod.POST)
+//    @ApiOperation(".登录接口（sso）")
+//    @RequestMapping(value = "/login", method = RequestMethod.POST)
+//    public Result<JSONObject> login(HttpServletRequest request, HttpServletResponse response, @RequestBody SysLoginModel sysLoginModel){
+//
+//        Result<JSONObject> result = new Result<JSONObject>();
+//        String username = sysLoginModel.getUsername();
+//        String password = sysLoginModel.getPassword();
+//
+//        String eiToken = ssodlcs(username, password);
+//        if(eiToken==null || "".equals(eiToken)){
+//            result.error("登录请求失败");
+//            return result;
+//        }
+//
+////        response.setHeader("Set-Cookie", String.format("EIToken=%s; Max-Age=3600; Path=/", eiToken));
+////        response.setHeader("Set-Cookie", String.format("WISEUser=%s; Max-Age=3600; Path=/", username));
+//        Cookie cookie = new Cookie("EIToken", eiToken);
+//        Cookie cookie1 = new Cookie("WISEUser", username);
+//        cookie.setMaxAge(3600);
+//        cookie1.setMaxAge(3600);
+//        cookie.setPath("/");
+//        cookie1.setPath("/");
+//        response.addCookie(cookie);
+//        response.addCookie(cookie1);
+//
+//        //1. 校验用户是否有效
+//        SysUser sysUser = sysUserService.getUserAll(username);
+//        result = sysUserService.checkUserIsEffective(sysUser);
+//        if(!result.isSuccess()) {
+//            // TODO 已经单点登录成功了的用户如果在本系统不存在，新增用户？
+//            if(result.getMessage().equals(SSOConstants.BCZ) ){
+//                log.info("用户在本系统不存在，新增该用户");
+//                JSONObject addJSONObject = toAddJSONObject(username,  password);
+//                addUser(addJSONObject);
+//            }else if(result.getMessage().equals(SSOConstants.YZX) || result.getMessage().equals(SSOConstants.YDj)){
+//                // TODO 已注销或冻结的用户怎么处理？——首先不应该允许在本系统注销或者冻结用户？——如果真的有恢复正常状态？
+//                editUserStatusOrDel(username);
+//            }
+//        }
+//
+//        SysUser sysUser1 = sysUserService.getUserAll(username);
+//        //用户登录信息
+//        userInfo1(sysUser1, result);
+//        LoginUser loginUser = new LoginUser();
+//        BeanUtils.copyProperties(sysUser1, loginUser);
+//        baseCommonService.addLog("用户名: " + username + ",登录成功！", CommonConstant.LOG_TYPE_1, null,loginUser);
+//        //update-end--Author:wangshuai  Date:20200714  for：登录日志没有记录人员
+//
+//        return result;
+//    }
+
+    @ApiOperation(".登录接口（sso） 修改权限之后的登陆接口")
+    @RequestMapping(value = "/interlockLogin", method = RequestMethod.POST)
     public Result<JSONObject> login(HttpServletRequest request, HttpServletResponse response, @RequestBody SysLoginModel sysLoginModel){
 
         Result<JSONObject> result = new Result<JSONObject>();
@@ -267,44 +331,93 @@ public class SSOLoginLogoutController {
             result.error("登录请求失败");
             return result;
         }
+        //获取用户角色 是否是管理员
+        String ssoRole = getSSORole(eiToken);
 
 //        response.setHeader("Set-Cookie", String.format("EIToken=%s; Max-Age=3600; Path=/", eiToken));
 //        response.setHeader("Set-Cookie", String.format("WISEUser=%s; Max-Age=3600; Path=/", username));
         Cookie cookie = new Cookie("EIToken", eiToken);
         Cookie cookie1 = new Cookie("WISEUser", username);
+        Cookie cookie2 = new Cookie("SSORole", ssoRole);
         cookie.setMaxAge(3600);
         cookie1.setMaxAge(3600);
+        cookie2.setMaxAge(3600);
         cookie.setPath("/");
         cookie1.setPath("/");
+        cookie2.setPath("/");
         response.addCookie(cookie);
         response.addCookie(cookie1);
+        response.addCookie(cookie2);
 
         //1. 校验用户是否有效
-        SysUser sysUser = sysUserService.getUserAll(username);
-        result = sysUserService.checkUserIsEffective(sysUser);
-        if(!result.isSuccess()) {
+//        SysUser sysUser = sysUserService.getUserAll(username);
+        InterlockUser interlockUser = interlockUserService.getInterlockUserByUserName(username);//根据用户名查询用户信息
+
+        //如果联锁用户表中没有该sso用户，新增用户
+        if(oConvertUtils.isEmpty(interlockUser)){
             // TODO 已经单点登录成功了的用户如果在本系统不存在，新增用户？
-            if(result.getMessage().equals(SSOConstants.BCZ) ){
-                log.info("用户在本系统不存在，新增该用户");
-                JSONObject addJSONObject = toAddJSONObject(username,  password);
-                addUser(addJSONObject);
-            }else if(result.getMessage().equals(SSOConstants.YZX) || result.getMessage().equals(SSOConstants.YDj)){
-                // TODO 已注销或冻结的用户怎么处理？——首先不应该允许在本系统注销或者冻结用户？——如果真的有恢复正常状态？
-                editUserStatusOrDel(username);
-            }
+            log.info("用户在本系统不存在，新增该用户");
+            JSONObject addJSONObject = toAddInterlockUserJSONObject(username, ssoRole);
+            addInterlockUser(addJSONObject);
         }
 
-        SysUser sysUser1 = sysUserService.getUserAll(username);
+//        SysUser sysUser1 = sysUserService.getUserAll(username);
+        InterlockUser interlockUser1 = interlockUserService.getInterlockUserByUserName(username);//根据用户名查询用户信息
         //用户登录信息
-        userInfo1(sysUser1, result);
+        interlockUserInfo1(interlockUser1, eiToken, result);
         LoginUser loginUser = new LoginUser();
-        BeanUtils.copyProperties(sysUser1, loginUser);
+
+        BeanUtils.copyProperties(interlockUser1, loginUser);
         baseCommonService.addLog("用户名: " + username + ",登录成功！", CommonConstant.LOG_TYPE_1, null,loginUser);
-        //update-end--Author:wangshuai  Date:20200714  for：登录日志没有记录人员
 
         return result;
     }
 
+    private JSONObject toAddInterlockUserJSONObject(String username, String ssoRole){
+        JSONObject jsonObject = new JSONObject();
+        jsonObject.put("username", username);
+        jsonObject.put("ssoRole", ssoRole);
+        return jsonObject;
+    }
+    private void addInterlockUser(JSONObject jsonObject){
+        try{
+            //创建一个用户类用来存放新增用户的信息；
+            InterlockUser interlockUser = new InterlockUser();
+
+            String username = jsonObject.getString("username");
+            String ssoRole = jsonObject.getString("ssoRole");
+            String roleId = "";
+            String isAdmin = "";
+
+            //填充用户信息
+            interlockUser.setCreateBy(username);//因为不用jeecg内置的用户表，所以此处填充一下创建人
+            interlockUser.setUsername(username);//登陆账户名
+
+            if(ssoRole.equals("globalAdmin")){
+                interlockUser.setRole("0");//系统管理员
+                roleId = "1820384671259701250";//联锁系统管理员
+                isAdmin = "1";
+            }else{
+                interlockUser.setRole("1");
+                roleId = "1820343133955698689";//联锁普通sso用户
+            }
+            interlockUserService.save(interlockUser);//保存用户表信息
+            String userId = interlockUser.getId();//生成用户信息之后获取对应id用来存权限以及角色对应表
+            SysUserRole userRole = new SysUserRole(userId, roleId);
+            sysUserRoleService.save(userRole);//保存用户角色表信息
+
+            //创建一个用户权限列表，用来存放系统权限信息 填充权限信息列表
+            //系统管理员获取全部权限，否则无任何权限
+            if(isAdmin.equals("1")){
+                List<InterlockSystemLimit> interlockSystemLimitList = interlockSystemLimitService.getInterlockSystemLimitList(username, userId);
+                interlockSystemLimitService.saveBatch(interlockSystemLimitList);
+            }
+            baseCommonService.addLog("添加用户，username： " + username, CommonConstant.LOG_TYPE_2, 2);
+        } catch (Exception e) {
+            log.error(e.getMessage(), e);
+        }
+    }
+
     private JSONObject toAddJSONObject(String username, String password){
         JSONObject jsonObject = new JSONObject();
         jsonObject.put("workNo", "");
@@ -405,6 +518,51 @@ public class SSOLoginLogoutController {
         return "";
     }
 
+    /**
+     *  sso登录，获取当前sso用户的角色，是否是系统管理员
+     */
+    public  String getSSORole(String eiToken){
+         String url = "http://192.168.2.248:8188/v4.0/users/me";
+//        String url = configService.getConfigValue(ConfigInfo.SSO_LOGIN_URL);
+        // 设置请求头部
+        HttpHeaders headers = new HttpHeaders();
+        headers.setContentType(MediaType.APPLICATION_JSON);
+        headers.add("Authorization", "Bearer " + eiToken);
+
+        // 创建RestTemplate实例
+        RestTemplate restTemplate = new RestTemplate();
+
+        // 创建HttpEntity封装请求体和头部信息
+        HttpEntity<String> entity = new HttpEntity<>(headers);
+
+        try {
+            // 发送Get请求并获取响应
+//            ResponseEntity<JSONObject> response = restTemplate.getForEntity(url, JSONObject.class);
+            ResponseEntity<JSONObject> response = restTemplate.exchange(
+                    url,
+                    HttpMethod.GET,
+                    entity,
+                    JSONObject.class);
+
+            // 处理响应
+            if (response.getStatusCode() == HttpStatus.OK) {
+                JSONObject responseBody = response.getBody();
+//                System.out.println(responseBody);
+                if (responseBody != null && !responseBody.equals("")) {
+                    return (String) responseBody.get("ssoRole");
+                } else {
+                    System.out.println("未找到body信息");
+                }
+            } else {
+                System.out.println("登录失败，HTTP状态码：" + response.getStatusCode());
+            }
+        } catch (Exception e) {
+            System.err.println("登录请求失败：" + e.getMessage());
+            e.printStackTrace();
+        }
+        return "";
+    }
+
     private static String extractTokenFromResponseBody(String responseBody) {
         // 假设body格式为 {"accessToken":"token","expiresIn":1720663523,"refreshToken":"a6ab6460-3f21-11ef-beaa-e454e833f52c","tokenType":"Bearer"}
         try {
@@ -505,6 +663,35 @@ public class SSOLoginLogoutController {
         return result;
     }
 
+    /**
+     * 用户信息 联锁权限用户信息
+     *
+     * @param interlockUser
+     * @param result
+     * @return
+     */
+    private Result<JSONObject> interlockUserInfo1(InterlockUser interlockUser, String token, Result<JSONObject> result) {
+        String username = interlockUser.getUsername();
+        // 获取用户部门信息
+        JSONObject obj = new JSONObject(new LinkedHashMap<>());
+
+        // 使用eiToken， 设置token缓存有效时间
+        redisUtil.set(CommonConstant.PREFIX_USER_TOKEN + token, token);
+        redisUtil.expire(CommonConstant.PREFIX_USER_TOKEN + token, JwtUtil.EXPIRE_TIME * 2 / 1000);
+        obj.put("token", token);
+        obj.put("userInfo", interlockUser);
+
+        List<SysDepart> departs = new ArrayList<>();
+        obj.put("departs", departs);
+        if (departs == null || departs.size() == 0) {
+            obj.put("multi_depart", 0);
+        }
+        obj.put("sysAllDictItems", sysDictService.queryAllDictItems());
+        result.setResult(obj);
+        result.success("登录成功");
+        return result;
+    }
+
 
     /**
      * 退出登录