package security.web; import java.util.Arrays; import java.util.Iterator; import java.util.List; import java.util.Set; import javax.servlet.http.HttpServletRequest; import javax.servlet.http.HttpSession; import org.springframework.util.ObjectUtils; import org.springframework.web.context.ContextLoader; import org.springframework.web.context.WebApplicationContext; import kernel.util.StringUtils; import kernel.web.BaseAction; import kernel.web.ResultObject; import project.syspara.Syspara; import project.syspara.SysparaService; import security.Role; import security.SecUser; import security.SecurityContext; import security.internal.SecurityResourceProcessor; import systemuser.CustomerService; import systemuser.model.Customer; public class BaseSecurityAction extends BaseAction { private static final long serialVersionUID = 5393029010679461944L; protected String username_login; WebApplicationContext wac = ContextLoader.getCurrentWebApplicationContext(); // false: dapp+交易所；true: 交易所； public boolean isDappOrExchange() { SysparaService sysparaService = (SysparaService) wac.getBean("sysparaService"); Syspara syspara = sysparaService.find("project_type"); if (null == syspara) { return false; } else { // 项目类型：DAPP_EXCHANGE(DAPP+交易所)；EXCHANGE(交易所)；(后面可以拼接项目编号，例如：EXCHANGE_TD1) String projectType = syspara.getValue(); if (projectType.contains("DAPP_EXCHANGE")) { return false; } else { return true; } } } // 获取系统参数 public String getSystemPara(String sysparaName) { SysparaService sysparaService = (SysparaService) wac.getBean("sysparaService"); Syspara syspara = sysparaService.find(sysparaName); if (null == syspara) { return ""; } else { return syspara.getValue(); } } public boolean isResourceListAccessible(String resourceList) { if (StringUtils.isNullOrEmpty(resourceList)) { return false; } String[] array = resourceList.split(","); for (int i = 0; i < array.length; i++) { if (this.isResourceAccessible(array[i])) { return true; } } return false; } public boolean isResourceAccessible(String resource) { if ("OP_ADMIN_USER_RECORD".equals(resource) && !"root".equals(this.getUsername_login())) {// 假分权限，单独用户处理 WebApplicationContext wac = ContextLoader.getCurrentWebApplicationContext(); SysparaService sysparaService = (SysparaService) wac.getBean("sysparaService"); Syspara syspara = sysparaService.find("user_record_names"); if (syspara == null) { return false; } else { String userRecordNames = syspara.getValue(); List userRecordNamesList = Arrays.asList(userRecordNames.split(",")); if (ObjectUtils.isEmpty(userRecordNamesList)|| !userRecordNamesList.contains(this.getUsername_login())) { return false; } } } SecurityContext securityContext = readSecurityContextFromSession(); if (securityContext == null) { return false; } List roles = securityContext.getRoles(); WebApplicationContext wac = ContextLoader.getCurrentWebApplicationContext(); SecurityResourceProcessor securityResourceProcessor = (SecurityResourceProcessor) wac.getBean("securityResourceProcessor"); boolean resourceAccessible = securityResourceProcessor.isResourceAccessible(resource, "OPERATION",roles); return resourceAccessible; // return securityResourceProcessor.isResourceAccessible(resource, "OPERATION",roles); } public boolean isRolesAccessible(String verifyroles) { SecurityContext securityContext = readSecurityContextFromSession(); if (securityContext == null) { return false; } List roles = securityContext.getRoles(); SecurityResourceProcessor securityResourceProcessor = (SecurityResourceProcessor) wac.getBean("securityResourceProcessor"); return securityResourceProcessor.isRolesAccessible(verifyroles, roles); } public ResultObject readSecurityContextFromSession(ResultObject resultObject) { HttpServletRequest request = this.getRequest(); HttpSession session = request.getSession(); Object contextFromSessionObject = session.getAttribute("SPRING_SECURITY_CONTEXT"); if (contextFromSessionObject == null) { resultObject.setCode("403"); resultObject.setMsg("请重新登录"); } return resultObject; } public String getUsername_login() { HttpServletRequest request = this.getRequest(); HttpSession session = request.getSession(); Object object = session.getAttribute("SPRING_SECURITY_CONTEXT"); if (object != null) { return ((SecurityContext) object).getUsername(); } return null; } public SecurityContext readSecurityContextFromSession() { HttpServletRequest request = this.getRequest(); HttpSession session = request.getSession(); Object contextFromSessionObject = session.getAttribute("SPRING_SECURITY_CONTEXT"); if (contextFromSessionObject == null) { return null; } if (!(contextFromSessionObject instanceof SecurityContext)) { return null; } return (SecurityContext) contextFromSessionObject; } public String getLoginPartyId() { SecurityContext contextFromSessionObject = readSecurityContextFromSession(); if (contextFromSessionObject != null) { return contextFromSessionObject.getPartyId(); } return null; } public String telephonHiding(String telephon) { SecurityContext securityContext = readSecurityContextFromSession(); if (securityContext == null) { return null; } String[] rolesArrty = { "ADMIN", "ROOT" }; SecUser secUser = (SecUser) securityContext.getPrincipal(); Set roles = secUser.getRoles(); boolean find = false; int i = 0; Iterator it = roles.iterator(); while (it.hasNext()) { Role role = (Role) it.next(); for (int j = 0; j < rolesArrty.length; j++) { if (role.getRoleName().equals(rolesArrty[j])) { find = true; } } } if (find) { return telephon; } if ((!StringUtils.isNullOrEmpty(telephon)) && (telephon.length() == 11)) { return telephon.substring(0, 3) + "****" + telephon.substring(7, 11); } return "****"; } public Integer customerOnlineState() { CustomerService customerService = (CustomerService) wac.getBean("customerService"); Customer customer = customerService.cacheByUsername(this.getUsername_login()); if (null == customer) { return null; } return customer.getOnline_state(); } /* * public void setCustomerService(CustomerService customerService) { * this.customerService = customerService; } */ }