package com.vci.web.service.impl;
|
|
import com.vci.constant.EnumIdConstant;
|
import com.vci.corba.omd.data.BusinessObject;
|
import com.vci.omd.utils.ObjectTool;
|
import com.vci.pagemodel.KeyValue;
|
import com.vci.pagemodel.SmUserVO;
|
import com.vci.starter.web.enumpck.DataSecretEnum;
|
import com.vci.starter.web.enumpck.UserSecretEnum;
|
import com.vci.starter.web.exception.VciBaseException;
|
import com.vci.starter.web.util.VciBaseUtil;
|
import com.vci.web.properties.WebProperties;
|
import com.vci.web.service.SmUserQueryServiceI;
|
import com.vci.web.service.WebBoServiceI;
|
import com.vci.web.service.WebEnumServiceI;
|
import com.vci.web.service.WebSecretServiceI;
|
import com.vci.web.util.WebUtil;
|
import org.apache.commons.lang3.StringUtils;
|
import org.springframework.beans.factory.annotation.Autowired;
|
import org.springframework.context.annotation.Lazy;
|
import org.springframework.stereotype.Service;
|
import org.springframework.util.CollectionUtils;
|
|
import java.util.Arrays;
|
import java.util.HashMap;
|
import java.util.List;
|
import java.util.Map;
|
import java.util.stream.Collectors;
|
|
import static com.vci.constant.FrameWorkBusLangCodeConstant.DATA_ID_NOT_EXIST;
|
|
|
/**
|
* 密级的服务
|
* @author weidy
|
* @date 2021-2-16
|
*/
|
@Service
|
public class WebSecretServiceImpl implements WebSecretServiceI {
|
|
/**
|
* 枚举的服务
|
*/
|
@Autowired(required = false)
|
@Lazy
|
private WebEnumServiceI enumService;
|
|
/**
|
* 用户查询服务
|
*/
|
@Autowired
|
private SmUserQueryServiceI userQueryService;
|
|
/**
|
* 业务类型服务
|
*/
|
@Autowired
|
private WebBoServiceI boService;
|
|
/**
|
* 属性的对象
|
*/
|
@Autowired
|
private WebProperties properties;
|
|
/**
|
* 获取用户密级的最小值
|
*
|
* @return 密级的值
|
* @throws VciBaseException 查询出错会抛出异常
|
*/
|
@Override
|
public int getMinUserSecret() throws VciBaseException {
|
List<KeyValue> enumKeyValueList = enumService.getEnum(EnumIdConstant.USERSECRET_ENUMNAME);
|
//重新设置枚举的值
|
if(!CollectionUtils.isEmpty(enumKeyValueList)){
|
List<KeyValue> keyValues = enumKeyValueList.stream().sorted((a, b) -> ((Integer) VciBaseUtil.getInt(a.getKey())).compareTo((Integer) VciBaseUtil.getInt(b.getKey()))).collect(Collectors.toList());
|
for(int i = 0 ; i < keyValues.size() ; i++){
|
KeyValue keyValue = keyValues.get(i);
|
if(i ==0){
|
UserSecretEnum.NONE.setValue(VciBaseUtil.getInt(keyValue.getKey()));
|
UserSecretEnum.NONE.setText(keyValue.getValue());
|
}else if(i ==1){
|
UserSecretEnum.SECRET.setValue(VciBaseUtil.getInt(keyValue.getKey()));
|
UserSecretEnum.SECRET.setText(keyValue.getValue());
|
}else{
|
UserSecretEnum.PRIVACY.setValue(VciBaseUtil.getInt(keyValue.getKey()));
|
UserSecretEnum.PRIVACY.setText(keyValue.getValue());
|
}
|
}
|
}
|
return getMinValueInKeyValueList(enumKeyValueList,UserSecretEnum.NONE.getValue());
|
}
|
|
/**
|
* 获取枚举中的最小值
|
* @param enumKeyValueList 枚举K-V列表
|
* @param minValue 最小值
|
* @return 最小值
|
*/
|
private int getMinValueInKeyValueList( List<KeyValue> enumKeyValueList,int minValue){
|
for(KeyValue ec : enumKeyValueList){
|
int value = VciBaseUtil.getInt(ec.getKey());
|
if(minValue> value){
|
minValue = value;
|
}
|
}
|
return minValue;
|
}
|
|
/**
|
* 获取数据密级的默认值
|
*
|
* @return 最小密级的值
|
* @throws VciBaseException 查询出错会抛出异常
|
*/
|
@Override
|
public int getMinDataSecret() throws VciBaseException {
|
List<KeyValue> enumKeyValueList = enumService.getEnum(EnumIdConstant.DATASECRET_ENUMNAME);
|
//重新设置枚举的值
|
if(!CollectionUtils.isEmpty(enumKeyValueList)){
|
List<KeyValue> keyValues = enumKeyValueList.stream().sorted((a, b) -> ((Integer) VciBaseUtil.getInt(a.getKey())).compareTo((Integer) VciBaseUtil.getInt(b.getKey()))).collect(Collectors.toList());
|
for(int i = 0 ; i < keyValues.size() ; i++){
|
KeyValue keyValue = keyValues.get(i);
|
if(i ==0){
|
DataSecretEnum.NONE.setValue(VciBaseUtil.getInt(keyValue.getKey()));
|
DataSecretEnum.NONE.setText(keyValue.getValue());
|
}else if(i ==1){
|
DataSecretEnum.INNER.setValue(VciBaseUtil.getInt(keyValue.getKey()));
|
DataSecretEnum.INNER.setText(keyValue.getValue());
|
}else if(i ==2){
|
DataSecretEnum.SECRET.setValue(VciBaseUtil.getInt(keyValue.getKey()));
|
DataSecretEnum.SECRET.setText(keyValue.getValue());
|
}else{
|
DataSecretEnum.PRIVACY.setValue(VciBaseUtil.getInt(keyValue.getKey()));
|
DataSecretEnum.PRIVACY.setText(keyValue.getValue());
|
}
|
}
|
}
|
return getMinValueInKeyValueList(enumKeyValueList,DataSecretEnum.NONE.getValue());
|
}
|
|
/**
|
* 获取IP密级的默认值
|
*
|
* @return 最小密级的值
|
* @throws VciBaseException 查询出错会抛出异常
|
*/
|
@Override
|
public int getMinIpSecret() throws VciBaseException {
|
List<KeyValue> enumKeyValueList = enumService.getEnum(EnumIdConstant.IPSECRET_ENUMNAME);
|
return getMinValueInKeyValueList(enumKeyValueList,10);
|
}
|
|
/**
|
* 获取用户密级
|
*
|
* @param userId 用户名
|
* @return 用户密级的值,如果没有密级,默认为最小密级
|
* @throws VciBaseException 查询出错会抛出异常
|
*/
|
@Override
|
public int getUserSecret(String userId) throws VciBaseException {
|
WebUtil.alertNotNull(userId,"用户名");
|
SmUserVO userVO = userQueryService.getUserByUserId(userId);
|
if(userVO == null || StringUtils.isBlank(userVO.getOid())){
|
throw new VciBaseException(DATA_ID_NOT_EXIST,new String[]{userId});
|
}
|
return userVO.getSecretGrade()==null?getMinUserSecret():userVO.getSecretGrade();
|
}
|
|
/**
|
* 获取用户密级
|
*
|
* @param userVO 用户的对象
|
* @return 密级,不存在的时候为最低密级
|
* @throws VciBaseException 查询出错会抛出异常
|
*/
|
@Override
|
public int getUserSecret(SmUserVO userVO) throws VciBaseException {
|
if(userVO == null || StringUtils.isBlank(userVO.getOid())){
|
throw new VciBaseException(DATA_ID_NOT_EXIST,new String[0]);
|
}
|
return userVO.getSecretGrade()==null?getMinUserSecret():userVO.getSecretGrade();
|
}
|
|
|
/**
|
* 校验当前用户是否有权限访问数据
|
*
|
* @param secret 数据的密级
|
* @return true表示可以访问
|
*/
|
@Override
|
public boolean checkDataSecret(int secret) {
|
return checkDataSecret(secret,WebUtil.getCurrentUserSecret()==null?getMinUserSecret():WebUtil.getCurrentUserSecret());
|
}
|
|
/**
|
* 获取数据权限
|
* @param secret 数据的密级的值
|
* @return 数据密级
|
*/
|
private DataSecretEnum dataSecretForValue(int secret){
|
for(DataSecretEnum de : DataSecretEnum.values()){
|
if(de.getValue() == secret){
|
return de;
|
}
|
}
|
return null;
|
}
|
|
/**
|
* 用户的密级
|
* @param userSecret 用户的密级
|
* @return 密级的对象
|
*/
|
private UserSecretEnum userSecretForValue(int userSecret){
|
for(UserSecretEnum ue : UserSecretEnum.values()){
|
if(ue.getValue() == userSecret){
|
return ue;
|
}
|
}
|
return null;
|
}
|
|
/**
|
* 校验用户的密级是否是否有权限访问数据
|
*
|
* @param secret 数据的密级
|
* @param userSecret 用户密级
|
* @return true表示可以访问
|
*/
|
@Override
|
public boolean checkDataSecret(int secret, int userSecret){
|
//可能被转换了下
|
DataSecretEnum de = dataSecretForValue(secret);
|
if(de == null){
|
de = DataSecretEnum.NONE;
|
}
|
UserSecretEnum ue = userSecretForValue(userSecret);
|
if(ue == null){
|
ue = UserSecretEnum.NONE;
|
}
|
int reaySecret = 0;
|
switch (de){
|
case NONE:
|
reaySecret=1;
|
break;
|
case INNER:
|
reaySecret = 2;
|
break;
|
case SECRET:
|
reaySecret = 3;
|
break;
|
default:
|
reaySecret = 4;
|
break;
|
}
|
|
int userReaySecret = 0;
|
switch (ue){
|
case NONE:
|
userReaySecret = 1;
|
break;
|
case SECRET:
|
userReaySecret = 3;
|
break;
|
default:
|
userReaySecret = 4;
|
break;
|
}
|
if(reaySecret> userReaySecret){
|
return false;
|
}else{
|
return true;
|
}
|
}
|
|
/**
|
* 根据用户名来校验数据密级
|
*
|
* @param secret 数据的密级
|
* @param userId 用户名
|
* @return true表示可以访问
|
* @throws VciBaseException 查询出错会抛出异常
|
*/
|
@Override
|
public boolean checkDataSecret(int secret, String userId) throws VciBaseException {
|
return checkDataSecret(secret,getUserSecret(userId));
|
}
|
|
/**
|
* 根据用户对象来校验数据密级
|
*
|
* @param secret 数据密级
|
* @param userVO 用户的对象
|
* @return true表示可以访问
|
*/
|
@Override
|
public boolean checkDataSecret(int secret, SmUserVO userVO) {
|
return checkDataSecret(secret,getUserSecret(userVO));
|
}
|
|
/**
|
* 获取IP地址的密级
|
*
|
* @param ip ip地址
|
* @return 密级的值
|
* @throws VciBaseException 查询出错的时候会抛出异常
|
*/
|
@Override
|
public int getIpSecret(String ip) throws VciBaseException {
|
if(StringUtils.isBlank(ip)){
|
return getMinIpSecret();
|
}
|
Map<String,String> conditionMap = new HashMap<String, String>();
|
conditionMap.put("startip",ip.trim());
|
|
List<BusinessObject> ipCbos = boService.queryCBO(EnumIdConstant.IPSECRET_BTMNAME,conditionMap,null, Arrays.asList(new String[]{"ipsecret"}));
|
int ipSecret = 0;
|
if(ipCbos!=null&& ipCbos.size()>0){
|
ipSecret = WebUtil.getInt(ObjectTool.getBOAttributeValue(ipCbos.get(0), "ipsecret"));
|
}
|
if(ipSecret == 0){
|
ipSecret = getMinIpSecret();
|
}
|
return ipSecret;
|
}
|
|
/**
|
* 检查机器密级
|
*
|
* @param ipSecret 机器密级
|
* @param userSecret 用户的密级
|
* @return true表示许可
|
*/
|
@Override
|
public boolean checkIpSecret(int ipSecret, int userSecret) {
|
if(ipSecret> userSecret){
|
return false;
|
}else{
|
return true;
|
}
|
}
|
|
/**
|
* 检查当前用户是否符合机器密级
|
*
|
* @param ipSecret 机器密级
|
* @return true表示许可
|
*/
|
@Override
|
public boolean checkIpSecret(int ipSecret) {
|
return checkIpSecret(ipSecret,WebUtil.getCurrentUserSecret()==null?getMinUserSecret():WebUtil.getCurrentUserSecret());
|
}
|
|
/**
|
* 校验指定ip和用户是否符合机器密级
|
*
|
* @param ip ip地址
|
* @param userId 用户名
|
* @return true表示许可
|
* @throws VciBaseException 查询出错会抛出异常
|
*/
|
@Override
|
public boolean checkIpSecret(String ip, String userId) throws VciBaseException {
|
return checkIpSecret(getIpSecret(ip),getUserSecret(userId));
|
}
|
|
/**
|
* 校验指定IP和用户对象符合机器密级
|
*
|
* @param ip ip地址
|
* @param userVO 用户对象
|
* @return true表示许可
|
*/
|
@Override
|
public boolean checkIpSecret(String ip, SmUserVO userVO) {
|
return checkIpSecret(getIpSecret(ip),getUserSecret(userVO));
|
}
|
}
|
