package com.vci.ubcs.omd.service.impl;
|
|
import com.vci.ubcs.common.utils.CommonUtil;
|
import com.vci.ubcs.omd.cache.EnumCache;
|
import com.vci.ubcs.omd.service.IWebSecretService;
|
import com.vci.ubcs.omd.utils.VciOmdUtil;
|
import com.vci.ubcs.starter.exception.VciBaseException;
|
import com.vci.ubcs.starter.web.constant.EnumIdConstant;
|
import com.vci.ubcs.starter.web.enumpck.DataSecretEnum;
|
import com.vci.ubcs.starter.web.enumpck.UserSecretEnum;
|
import com.vci.ubcs.starter.web.pagemodel.KeyValue;
|
import com.vci.ubcs.starter.web.util.VciBaseUtil;
|
import com.vci.ubcs.starter.web.util.WebUtil;
|
import com.vci.ubcs.system.user.entity.User;
|
import com.vci.ubcs.system.user.feign.IUserClient;
|
import com.vci.ubcs.system.user.vo.UserVO;
|
import net.logstash.logback.encoder.org.apache.commons.lang3.StringUtils;
|
import org.springblade.core.tool.api.R;
|
import org.springframework.beans.factory.annotation.Autowired;
|
import org.springframework.context.annotation.Lazy;
|
import org.springframework.stereotype.Service;
|
import org.springframework.util.CollectionUtils;
|
|
import java.util.Arrays;
|
import java.util.HashMap;
|
import java.util.List;
|
import java.util.Map;
|
import java.util.stream.Collectors;
|
|
import static com.vci.ubcs.starter.web.constant.FrameWorkBusLangCodeConstant.DATA_ID_NOT_EXIST;
|
|
/**
|
* 密级的服务
|
* @author weidy
|
* @date 2021-2-16
|
*/
|
@Service
|
public class WebSecretServiceImpl implements IWebSecretService {
|
|
|
/**
|
* 用户查询服务
|
*/
|
@Autowired
|
private IUserClient userClient;
|
|
/**
|
* 业务类型服务
|
*/
|
// @Autowired
|
// private WebBoServiceI boService;
|
|
/**
|
* 属性的对象
|
*/
|
// @Autowired
|
// private WebProperties properties;
|
|
/**
|
* 获取用户密级的最小值
|
*
|
* @return 密级的值
|
* @throws VciBaseException 查询出错会抛出异常
|
*/
|
@Override
|
public int getMinUserSecret() throws VciBaseException {
|
List<KeyValue> enumKeyValueList = VciOmdUtil.enumsToListKeyVale(EnumCache.getList(EnumIdConstant.USERSECRET_ENUMNAME));
|
// enumService.getEnum(EnumIdConstant.USERSECRET_ENUMNAME);
|
//重新设置枚举的值
|
if(!CollectionUtils.isEmpty(enumKeyValueList)){
|
List<KeyValue> keyValues = enumKeyValueList.stream().sorted((a, b) -> ((Integer) VciBaseUtil.getInt(a.getKey())).compareTo((Integer) VciBaseUtil.getInt(b.getKey()))).collect(Collectors.toList());
|
for(int i = 0 ; i < keyValues.size() ; i++){
|
KeyValue keyValue = keyValues.get(i);
|
if(i ==0){
|
UserSecretEnum.NONE.setValue(VciBaseUtil.getInt(keyValue.getKey()));
|
UserSecretEnum.NONE.setText(keyValue.getValue());
|
}else if(i ==1){
|
UserSecretEnum.SECRET.setValue(VciBaseUtil.getInt(keyValue.getKey()));
|
UserSecretEnum.SECRET.setText(keyValue.getValue());
|
}else{
|
UserSecretEnum.PRIVACY.setValue(VciBaseUtil.getInt(keyValue.getKey()));
|
UserSecretEnum.PRIVACY.setText(keyValue.getValue());
|
}
|
}
|
}
|
return getMinValueInKeyValueList(enumKeyValueList,UserSecretEnum.NONE.getValue());
|
}
|
|
/**
|
* 获取枚举中的最小值
|
* @param enumKeyValueList 枚举K-V列表
|
* @param minValue 最小值
|
* @return 最小值
|
*/
|
private int getMinValueInKeyValueList( List<KeyValue> enumKeyValueList,int minValue){
|
for(KeyValue ec : enumKeyValueList){
|
int value = VciBaseUtil.getInt(ec.getKey());
|
if(minValue> value){
|
minValue = value;
|
}
|
}
|
return minValue;
|
}
|
|
/**
|
* 获取数据密级的默认值
|
*
|
* @return 最小密级的值
|
* @throws VciBaseException 查询出错会抛出异常
|
*/
|
@Override
|
public int getMinDataSecret() throws VciBaseException {
|
List<KeyValue> enumKeyValueList = VciOmdUtil.enumsToListKeyVale(EnumCache.getList(EnumIdConstant.DATASECRET_ENUMNAME));
|
//重新设置枚举的值
|
if(!CollectionUtils.isEmpty(enumKeyValueList)){
|
List<KeyValue> keyValues = enumKeyValueList.stream().sorted((a, b) -> ((Integer) VciBaseUtil.getInt(a.getKey())).compareTo((Integer) VciBaseUtil.getInt(b.getKey()))).collect(Collectors.toList());
|
for(int i = 0 ; i < keyValues.size() ; i++){
|
KeyValue keyValue = keyValues.get(i);
|
if(i ==0){
|
DataSecretEnum.NONE.setValue(VciBaseUtil.getInt(keyValue.getKey()));
|
DataSecretEnum.NONE.setText(keyValue.getValue());
|
}else if(i ==1){
|
DataSecretEnum.INNER.setValue(VciBaseUtil.getInt(keyValue.getKey()));
|
DataSecretEnum.INNER.setText(keyValue.getValue());
|
}else if(i ==2){
|
DataSecretEnum.SECRET.setValue(VciBaseUtil.getInt(keyValue.getKey()));
|
DataSecretEnum.SECRET.setText(keyValue.getValue());
|
}else{
|
DataSecretEnum.PRIVACY.setValue(VciBaseUtil.getInt(keyValue.getKey()));
|
DataSecretEnum.PRIVACY.setText(keyValue.getValue());
|
}
|
}
|
}
|
return getMinValueInKeyValueList(enumKeyValueList,DataSecretEnum.NONE.getValue());
|
}
|
|
/**
|
* 获取IP密级的默认值
|
*
|
* @return 最小密级的值
|
* @throws VciBaseException 查询出错会抛出异常
|
*/
|
@Override
|
public int getMinIpSecret() throws VciBaseException {
|
List<KeyValue> enumKeyValueList = VciOmdUtil.enumsToListKeyVale(EnumCache.getList(EnumIdConstant.IPSECRET_ENUMNAME));
|
return getMinValueInKeyValueList(enumKeyValueList,10);
|
}
|
|
/**
|
* 获取用户密级
|
*
|
* @param userId 用户名
|
* @return 用户密级的值,如果没有密级,默认为最小密级
|
* @throws VciBaseException 查询出错会抛出异常
|
*/
|
@Override
|
public int getUserSecret(String userId) throws VciBaseException {
|
WebUtil.alertNotNull(userId,"用户名");
|
R<User> userR = userClient.userInfoById(Long.valueOf(userId));
|
if(userR.getData() == null){
|
throw new VciBaseException(DATA_ID_NOT_EXIST,new String[]{userId});
|
}
|
return userR.getData().getSecretGrade()==null?getMinUserSecret():Integer.parseInt(userR.getData().getSecretGrade());
|
}
|
|
/**
|
* 获取用户密级
|
*
|
* @param userVO 用户的对象
|
* @return 密级,不存在的时候为最低密级
|
* @throws VciBaseException 查询出错会抛出异常
|
*/
|
@Override
|
public int getUserSecret(UserVO userVO) throws VciBaseException {
|
if(userVO == null){
|
throw new VciBaseException(DATA_ID_NOT_EXIST,new String[0]);
|
}
|
return userVO.getSecretGrade()==null?getMinUserSecret(): Integer.valueOf(userVO.getSecretGrade());
|
}
|
|
|
/**
|
* 校验当前用户是否有权限访问数据
|
*
|
* @param secret 数据的密级
|
* @return true表示可以访问
|
*/
|
@Override
|
public boolean checkDataSecret(int secret) {
|
return checkDataSecret(secret,WebUtil.getCurrentUserSecret()==null?getMinUserSecret():WebUtil.getCurrentUserSecret());
|
}
|
|
/**
|
* 获取数据权限
|
* @param secret 数据的密级的值
|
* @return 数据密级
|
*/
|
private DataSecretEnum dataSecretForValue(int secret){
|
for(DataSecretEnum de : DataSecretEnum.values()){
|
if(de.getValue() == secret){
|
return de;
|
}
|
}
|
return null;
|
}
|
|
/**
|
* 用户的密级
|
* @param userSecret 用户的密级
|
* @return 密级的对象
|
*/
|
private UserSecretEnum userSecretForValue(int userSecret){
|
for(UserSecretEnum ue : UserSecretEnum.values()){
|
if(ue.getValue() == userSecret){
|
return ue;
|
}
|
}
|
return null;
|
}
|
|
/**
|
* 校验用户的密级是否是否有权限访问数据
|
*
|
* @param secret 数据的密级
|
* @param userSecret 用户密级
|
* @return true表示可以访问
|
*/
|
@Override
|
public boolean checkDataSecret(int secret, int userSecret){
|
//可能被转换了下
|
DataSecretEnum de = dataSecretForValue(secret);
|
if(de == null){
|
de = DataSecretEnum.NONE;
|
}
|
UserSecretEnum ue = userSecretForValue(userSecret);
|
if(ue == null){
|
ue = UserSecretEnum.NONE;
|
}
|
int reaySecret = 0;
|
switch (de){
|
case NONE:
|
reaySecret=1;
|
break;
|
case INNER:
|
reaySecret = 2;
|
break;
|
case SECRET:
|
reaySecret = 3;
|
break;
|
default:
|
reaySecret = 4;
|
break;
|
}
|
|
int userReaySecret = 0;
|
switch (ue){
|
case NONE:
|
userReaySecret = 1;
|
break;
|
case SECRET:
|
userReaySecret = 3;
|
break;
|
default:
|
userReaySecret = 4;
|
break;
|
}
|
if(reaySecret> userReaySecret){
|
return false;
|
}else{
|
return true;
|
}
|
}
|
|
/**
|
* 根据用户名来校验数据密级
|
*
|
* @param secret 数据的密级
|
* @param userId 用户名
|
* @return true表示可以访问
|
* @throws VciBaseException 查询出错会抛出异常
|
*/
|
@Override
|
public boolean checkDataSecret(int secret, String userId) throws VciBaseException {
|
return checkDataSecret(secret,getUserSecret(userId));
|
}
|
|
/**
|
* 根据用户对象来校验数据密级
|
*
|
* @param secret 数据密级
|
* @param userVO 用户的对象
|
* @return true表示可以访问
|
*/
|
@Override
|
public boolean checkDataSecret(int secret, UserVO userVO) {
|
return checkDataSecret(secret,getUserSecret(userVO));
|
}
|
|
/**
|
* 获取IP地址的密级 暂时还未使用,数据库表也还未移植。
|
*
|
* @param ip ip地址
|
* @return 密级的值
|
* @throws VciBaseException 查询出错的时候会抛出异常
|
*/
|
@Override
|
public int getIpSecret(String ip) throws VciBaseException {
|
if(StringUtils.isBlank(ip)){
|
return getMinIpSecret();
|
}
|
Map<String,String> conditionMap = new HashMap<String, String>();
|
conditionMap.put("startip",ip.trim());
|
|
// List<ClientBusinessObject> ipCbos = boService.queryCBO(EnumIdConstant.IPSECRET_BTMNAME,conditionMap,null, Arrays.asList(new String[]{"ipsecret"}));
|
int ipSecret = 0;
|
// if(ipCbos!=null&& ipCbos.size()>0){
|
// ipSecret = WebUtil.getInt(ipCbos.get(0).getAttributeValue("ipsecret"));
|
// }
|
if(ipSecret == 0){
|
ipSecret = getMinIpSecret();
|
}
|
return ipSecret;
|
}
|
|
/**
|
* 检查机器密级
|
*
|
* @param ipSecret 机器密级
|
* @param userSecret 用户的密级
|
* @return true表示许可
|
*/
|
@Override
|
public boolean checkIpSecret(int ipSecret, int userSecret) {
|
if(ipSecret> userSecret){
|
return false;
|
}else{
|
return true;
|
}
|
}
|
|
/**
|
* 检查当前用户是否符合机器密级
|
*
|
* @param ipSecret 机器密级
|
* @return true表示许可
|
*/
|
@Override
|
public boolean checkIpSecret(int ipSecret) {
|
return checkIpSecret(ipSecret,WebUtil.getCurrentUserSecret()==null?getMinUserSecret():WebUtil.getCurrentUserSecret());
|
}
|
|
/**
|
* 校验指定ip和用户是否符合机器密级
|
*
|
* @param ip ip地址
|
* @param userId 用户名
|
* @return true表示许可
|
* @throws VciBaseException 查询出错会抛出异常
|
*/
|
@Override
|
public boolean checkIpSecret(String ip, String userId) throws VciBaseException {
|
return checkIpSecret(getIpSecret(ip),getUserSecret(userId));
|
}
|
|
/**
|
* 校验指定IP和用户对象符合机器密级
|
*
|
* @param ip ip地址
|
* @param userVO 用户对象
|
* @return true表示许可
|
*/
|
@Override
|
public boolean checkIpSecret(String ip, UserVO userVO) {
|
return checkIpSecret(getIpSecret(ip),getUserSecret(userVO));
|
}
|
}
|
