From 3642805e670d2734a8bf885d5e9253645b393e2f Mon Sep 17 00:00:00 2001 From: fit2cloud-chenyw Date: Fri, 17 Jun 2022 10:34:41 +0800 Subject: [PATCH] =?UTF-8?q?perf:=20=E9=87=8D=E7=BD=AEcas=E7=99=BB=E5=BD=95?= =?UTF-8?q?=E6=96=B9=E5=BC=8Fapi=E5=A2=9E=E5=8A=A0=E7=AE=A1=E7=90=86?= =?UTF-8?q?=E5=91=98=E6=A0=A1=E9=AA=8C?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- .../auth/service/AuthUserService.java | 2 ++ .../service/impl/AuthUserServiceImpl.java | 18 +++++++++++ .../auth/service/impl/ShiroServiceImpl.java | 2 +- .../io/dataease/plugins/server/CasServer.java | 32 +++++++++++++------ .../resources/i18n/messages_en_US.properties | 8 ++++- .../resources/i18n/messages_zh_CN.properties | 7 ++++ .../resources/i18n/messages_zh_TW.properties | 6 +++- 7 files changed, 62 insertions(+), 13 deletions(-) diff --git a/backend/src/main/java/io/dataease/auth/service/AuthUserService.java b/backend/src/main/java/io/dataease/auth/service/AuthUserService.java index 41fdd96632..5cd5b7c738 100644 --- a/backend/src/main/java/io/dataease/auth/service/AuthUserService.java +++ b/backend/src/main/java/io/dataease/auth/service/AuthUserService.java @@ -34,5 +34,7 @@ public interface AuthUserService { Boolean pluginLoaded(); + void checkAdmin(String uname, String pwd); + } diff --git a/backend/src/main/java/io/dataease/auth/service/impl/AuthUserServiceImpl.java b/backend/src/main/java/io/dataease/auth/service/impl/AuthUserServiceImpl.java index e83030deab..485f6af09e 100644 --- a/backend/src/main/java/io/dataease/auth/service/impl/AuthUserServiceImpl.java +++ b/backend/src/main/java/io/dataease/auth/service/impl/AuthUserServiceImpl.java @@ -2,10 +2,13 @@ package io.dataease.auth.service.impl; import io.dataease.auth.api.dto.CurrentRoleDto; import io.dataease.auth.entity.SysUserEntity; +import io.dataease.commons.utils.CodingUtil; +import io.dataease.exception.DataEaseException; import io.dataease.ext.*; import io.dataease.auth.service.AuthUserService; import io.dataease.commons.constants.AuthConstants; import io.dataease.commons.utils.LogUtil; +import io.dataease.i18n.Translator; import io.dataease.plugins.common.base.domain.SysUser; import io.dataease.plugins.common.base.mapper.SysUserMapper; import io.dataease.plugins.common.service.PluginCommonService; @@ -171,5 +174,20 @@ public class AuthUserServiceImpl implements AuthUserService { return pluginCommonService.isPluginLoaded(); } + @Override + public void checkAdmin(String uname, String pwd) { + SysUserEntity user = getUserByName(uname); + if (ObjectUtils.isEmpty(user)) { + DataEaseException.throwException(Translator.get("i18n_user_not_exist")); + } + if (!user.getIsAdmin()) { + DataEaseException.throwException(Translator.get("i18n_not_admin_error")); + } + String realPwd = user.getPassword(); + pwd = CodingUtil.md5(pwd); + if (!StringUtils.equals(pwd, realPwd)) { + DataEaseException.throwException(Translator.get("i18n_id_or_pwd_error")); + } + } } diff --git a/backend/src/main/java/io/dataease/auth/service/impl/ShiroServiceImpl.java b/backend/src/main/java/io/dataease/auth/service/impl/ShiroServiceImpl.java index 168ed90719..c75f2c0d8a 100644 --- a/backend/src/main/java/io/dataease/auth/service/impl/ShiroServiceImpl.java +++ b/backend/src/main/java/io/dataease/auth/service/impl/ShiroServiceImpl.java @@ -85,7 +85,7 @@ public class ShiroServiceImpl implements ShiroService { filterChainDefinitionMap.put("/plugin/oidc/authInfo", ANON); filterChainDefinitionMap.put("/sso/callBack*", ANON); filterChainDefinitionMap.put("/cas/callBack*", ANON); - filterChainDefinitionMap.put("/cas/reset", ANON); + filterChainDefinitionMap.put("/cas/reset/**", ANON); filterChainDefinitionMap.put("/unauth", ANON); filterChainDefinitionMap.put("/display/**", ANON); diff --git a/backend/src/main/java/io/dataease/plugins/server/CasServer.java b/backend/src/main/java/io/dataease/plugins/server/CasServer.java index d342cbcb55..6d082e854f 100644 --- a/backend/src/main/java/io/dataease/plugins/server/CasServer.java +++ b/backend/src/main/java/io/dataease/plugins/server/CasServer.java @@ -9,6 +9,8 @@ import io.dataease.commons.utils.CodingUtil; import io.dataease.commons.utils.LogUtil; import io.dataease.commons.utils.ServletUtils; +import io.dataease.controller.ResultHolder; +import io.dataease.i18n.Translator; import io.dataease.service.sys.SysUserService; import io.dataease.service.system.SystemParameterService; import org.apache.commons.lang3.StringUtils; @@ -17,6 +19,7 @@ import org.jasig.cas.client.util.AssertionHolder; import org.springframework.beans.factory.annotation.Autowired; import org.springframework.stereotype.Controller; import org.springframework.web.bind.annotation.GetMapping; +import org.springframework.web.bind.annotation.PathVariable; import org.springframework.web.bind.annotation.RequestMapping; import org.springframework.web.bind.annotation.ResponseBody; import org.springframework.web.servlet.ModelAndView; @@ -87,17 +90,26 @@ public class CasServer { return modelAndView; } - @GetMapping("/reset") + @GetMapping("/reset/{uname}/{pwd}") @ResponseBody - public String reset() { - systemParameterService.resetCas(); - String token = ServletUtils.getToken(); - if (StringUtils.isNotBlank(token)) { - Long userId = JWTUtils.tokenInfoByToken(token).getUserId(); - authUserService.clearCache(userId); + public ResultHolder reset(@PathVariable(value = "uname", required = true) String uname, @PathVariable(value = "pwd", required = true) String pwd) { + try { + authUserService.checkAdmin(uname, pwd); + systemParameterService.resetCas(); + String token = ServletUtils.getToken(); + if (StringUtils.isNotBlank(token)) { + Long userId = JWTUtils.tokenInfoByToken(token).getUserId(); + authUserService.clearCache(userId); + } + HttpServletRequest request = ServletUtils.request(); + request.getSession().invalidate(); + ResultHolder success = ResultHolder.success(null); + success.setMessage(Translator.get("i18n_default_login_reset")); + return success; + }catch (Exception e) { + LogUtil.error(e.getMessage(), e); + ResultHolder error = ResultHolder.error(e.getMessage()); + return error; } - HttpServletRequest request = ServletUtils.request(); - request.getSession().invalidate(); - return "已经切换默认登录方式"; } } diff --git a/backend/src/main/resources/i18n/messages_en_US.properties b/backend/src/main/resources/i18n/messages_en_US.properties index 27be07bb0c..511fc52823 100644 --- a/backend/src/main/resources/i18n/messages_en_US.properties +++ b/backend/src/main/resources/i18n/messages_en_US.properties @@ -156,4 +156,10 @@ SOURCE_TYPE_MENU=MENU I18N_DRIVER_NOT_DELETE=Drivers in use cannot be deleted I18N_DRIVER_REPEAT_NAME=Driver name cannot be same. -I18N_DRIVER_NOT_FOUND=Cannot find driver. \ No newline at end of file +I18N_DRIVER_NOT_FOUND=Cannot find driver. + +i18n_not_admin_error=Not an administrator account +i18n_user_not_exist=user does not exist +i18n_default_login_reset=Switched back to default login mode + + diff --git a/backend/src/main/resources/i18n/messages_zh_CN.properties b/backend/src/main/resources/i18n/messages_zh_CN.properties index 01258ce785..eacdf7fdc1 100644 --- a/backend/src/main/resources/i18n/messages_zh_CN.properties +++ b/backend/src/main/resources/i18n/messages_zh_CN.properties @@ -160,3 +160,10 @@ I18N_TIME=操作时间 I18N_DRIVER_NOT_DELETE=使用中的驱动不允许删除 I18N_DRIVER_REPEAT_NAME=名称重复 I18N_DRIVER_NOT_FOUND=未找到驱动 + + +i18n_not_admin_error=不是管理员账号 + +i18n_user_not_exist=用户不存在 + +i18n_default_login_reset=已切换回默认登录方式 \ No newline at end of file diff --git a/backend/src/main/resources/i18n/messages_zh_TW.properties b/backend/src/main/resources/i18n/messages_zh_TW.properties index 607079419e..e839966095 100644 --- a/backend/src/main/resources/i18n/messages_zh_TW.properties +++ b/backend/src/main/resources/i18n/messages_zh_TW.properties @@ -155,4 +155,8 @@ SOURCE_TYPE_MENU=菜單 I18N_DRIVER_NOT_DELETE=使用中的驅動不允許删除 I18N_DRIVER_REPEAT_NAME=名稱重複 -I18N_DRIVER_NOT_FOUND=未找到驅動 \ No newline at end of file +I18N_DRIVER_NOT_FOUND=未找到驅動 + +i18n_not_admin_error=不是管理員賬號 +i18n_user_not_exist=用戶不存在 +i18n_default_login_reset=已切換回默認登錄方式 \ No newline at end of file