From 29a94e1a6491c4e08f200e2d08fe23af5f9e5f99 Mon Sep 17 00:00:00 2001 From: Pope Date: Sun, 25 Apr 2021 10:49:13 +0800 Subject: [PATCH] =?UTF-8?q?2021-4-25=20=E6=B7=BB=E5=8A=A0=E4=BA=86?= =?UTF-8?q?=E5=AE=A1=E8=AE=A1=E9=83=A8=E5=88=86?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- .../survey/config/AuthFilterConfig.java | 40 +++++++++++++++-- .../survey/controller/AuditController.java | 36 ++++++++++++++++ .../survey/controller/MetaDataController.java | 11 +---- .../java/com/example/survey/dao/AuditDao.java | 23 ++++++++++ .../example/survey/dao/impl/AuditDaoImpl.java | 43 +++++++++++++++++++ .../java/com/example/survey/entity/Audit.java | 16 +++++-- .../example/survey/service/AuditService.java | 24 +++++++++++ .../survey/service/MetaDataService.java | 4 +- .../survey/service/impl/AuditServiceImpl.java | 34 +++++++++++++++ .../service/impl/MetaDataServiceImpl.java | 11 +---- .../survey/service/impl/UserServiceImpl.java | 2 + .../java/com/example/survey/vo/AuditVO.java | 21 +++++++++ .../example/survey/controller/AuditApi.http | 1 + .../example/survey/controller/UserApi.http | 8 ++-- 14 files changed, 243 insertions(+), 31 deletions(-) create mode 100644 src/main/java/com/example/survey/controller/AuditController.java create mode 100644 src/main/java/com/example/survey/dao/AuditDao.java create mode 100644 src/main/java/com/example/survey/dao/impl/AuditDaoImpl.java create mode 100644 src/main/java/com/example/survey/service/AuditService.java create mode 100644 src/main/java/com/example/survey/service/impl/AuditServiceImpl.java create mode 100644 src/main/java/com/example/survey/vo/AuditVO.java create mode 100644 src/test/java/com/example/survey/controller/AuditApi.http diff --git a/src/main/java/com/example/survey/config/AuthFilterConfig.java b/src/main/java/com/example/survey/config/AuthFilterConfig.java index 4898573..40061de 100644 --- a/src/main/java/com/example/survey/config/AuthFilterConfig.java +++ b/src/main/java/com/example/survey/config/AuthFilterConfig.java @@ -1,10 +1,13 @@ package com.example.survey.config; import com.alibaba.fastjson.JSON; +import com.example.survey.dao.AuditDao; +import com.example.survey.entity.Audit; import com.example.survey.enumeration.ResultEnum; import com.example.survey.util.TokenUtil; import com.example.survey.vo.ResultVO; import lombok.extern.log4j.Log4j2; +import org.springframework.beans.factory.annotation.Autowired; import org.springframework.context.annotation.Configuration; import javax.servlet.*; @@ -12,6 +15,8 @@ import javax.servlet.http.HttpServletRequest; import javax.servlet.http.HttpServletResponse; import java.io.IOException; import java.io.PrintWriter; +import java.util.Calendar; +import java.util.Date; import java.util.HashSet; import java.util.Set; @@ -20,10 +25,11 @@ import java.util.Set; * 权限过滤器 */ @Log4j2 -@Configuration +//@Configuration public class AuthFilterConfig implements Filter { - + @Autowired + private AuditDao auditDao; /** * 不需要token就能访问的路由 @@ -48,31 +54,57 @@ public class AuthFilterConfig implements Filter { HttpServletResponse response = (HttpServletResponse) servletResponse; String method = request.getMethod(); String uri = request.getRequestURI(); + String ip = request.getRemoteAddr(); + + //生成审计记录 + Audit audit = new Audit(); + audit.setIp(ip); + Calendar calendar = Calendar.getInstance(); + calendar.setTime(new Date()); + calendar.add(Calendar.HOUR_OF_DAY, 8); + audit.setTime(calendar.getTime()); + audit.setUri(uri); + log.info(method + uri); //判断是否需要token - if (URIS.contains(uri)) { + audit.setUserPhone("登录操作,无需权限"); + auditDao.saveAudit(audit); + filterChain.doFilter(servletRequest, servletResponse); return; } String token = request.getHeader("Authorization"); - if(uri.startsWith("/investigationRecord/record2word")){ + if (uri.startsWith("/investigationRecord/record2word")) { token = request.getParameter("token"); } if (token == null) { log.error("请求无token"); + + audit.setUserPhone("非法请求"); + auditDao.saveAudit(audit); + returnJson(response, new ResultVO(ResultEnum.NO_TOKEN)); return; } if (!TokenUtil.isPass(token, uri, method)) { log.error("非法token或权限不够"); + + audit.setUserPhone("非法请求"); + auditDao.saveAudit(audit); + returnJson(response, new ResultVO(ResultEnum.INSUFFICIENT_PRIVILEGE)); return; } + TokenUtil.refreshExpireTime(token); + TokenUtil.refreshExpireTime(token + " : USER_PHONE"); + + audit.setUserPhone((String) TokenUtil.get(token + " : USER_PHONE")); + auditDao.saveAudit(audit); filterChain.doFilter(servletRequest, servletResponse); } diff --git a/src/main/java/com/example/survey/controller/AuditController.java b/src/main/java/com/example/survey/controller/AuditController.java new file mode 100644 index 0000000..b4ed8e2 --- /dev/null +++ b/src/main/java/com/example/survey/controller/AuditController.java @@ -0,0 +1,36 @@ +package com.example.survey.controller; + +import com.example.survey.enumeration.ResultEnum; +import com.example.survey.service.AuditService; +import com.example.survey.vo.ResultVO; +import org.springframework.beans.factory.annotation.Autowired; +import org.springframework.format.annotation.DateTimeFormat; +import org.springframework.web.bind.annotation.GetMapping; +import org.springframework.web.bind.annotation.RequestMapping; +import org.springframework.web.bind.annotation.RequestParam; +import org.springframework.web.bind.annotation.RestController; + +import java.util.Date; + +/** + * @author Pope + */ +@RestController +@RequestMapping("/audit") +public class AuditController { + + @Autowired + private AuditService auditService; + + @GetMapping("/audit") + public ResultVO getAudit(@RequestParam(value = "beginTime",required = false) @DateTimeFormat(pattern = "yyyy-MM-dd HH:mm:ss") Date beginTime, + @RequestParam(value = "endTime",required = false) @DateTimeFormat(pattern = "yyyy-MM-dd HH:mm:ss") Date endTime, + @RequestParam(value = "uri",required = false) String uri, + @RequestParam("currentPage") int currentPage, + @RequestParam(value = "pageSize", defaultValue = "30") int pageSize) { + ResultVO resultVO = new ResultVO(ResultEnum.SUCCESS); + resultVO.setData(auditService.listAuditLimit(beginTime, endTime, uri, currentPage, pageSize)); + return resultVO; + } + +} diff --git a/src/main/java/com/example/survey/controller/MetaDataController.java b/src/main/java/com/example/survey/controller/MetaDataController.java index 1bf3973..0bc752b 100644 --- a/src/main/java/com/example/survey/controller/MetaDataController.java +++ b/src/main/java/com/example/survey/controller/MetaDataController.java @@ -29,7 +29,7 @@ public class MetaDataController { return new ResultVO(ResultEnum.SUCCESS); } - @GetMapping("/metaDataList") + @GetMapping("/nameList") public ResultVO listMetaData(@RequestParam(value = "name",required = false) String name, @RequestParam("currentPage")int currentPage, @RequestParam(value = "pageSize",defaultValue = "30")int pageSize){ @@ -37,20 +37,13 @@ public class MetaDataController { resultMap.put("totalCount", metaDataService.countMetaData(name)); resultMap.put("currentPage", currentPage); resultMap.put("pageSize", pageSize); - resultMap.put("data", metaDataService.listMetaDataLimit(name,currentPage,pageSize)); + resultMap.put("data", metaDataService.listMetaDataNameLimit(name,currentPage,pageSize)); ResultVO resultVO = new ResultVO(ResultEnum.SUCCESS); resultVO.setData(resultMap); return resultVO; } - @GetMapping("/nameList") - public ResultVO getNameList(){ - ResultVO resultVO = new ResultVO(ResultEnum.SUCCESS); - resultVO.setData(metaDataService.getNameList()); - return resultVO; - } - @PutMapping("/metaData") public ResultVO modifyMetaData(@RequestBody ModifyMetaDataDTO modifyMetaDataDTO){ metaDataService.modifyMetaData(modifyMetaDataDTO); diff --git a/src/main/java/com/example/survey/dao/AuditDao.java b/src/main/java/com/example/survey/dao/AuditDao.java new file mode 100644 index 0000000..463559f --- /dev/null +++ b/src/main/java/com/example/survey/dao/AuditDao.java @@ -0,0 +1,23 @@ +package com.example.survey.dao; + +import com.example.survey.entity.Audit; +import com.example.survey.vo.AuditVO; + +import java.util.Date; +import java.util.List; + +/** + * @author Pope + * 审计 + */ +public interface AuditDao { + + /** + * 存储审计记录 + * + * @param audit 审计记录 + */ + void saveAudit(Audit audit); + + List listAuditLimit(Date beginTime, Date endTime, String uri, int offset, int pageSize); +} diff --git a/src/main/java/com/example/survey/dao/impl/AuditDaoImpl.java b/src/main/java/com/example/survey/dao/impl/AuditDaoImpl.java new file mode 100644 index 0000000..0bed154 --- /dev/null +++ b/src/main/java/com/example/survey/dao/impl/AuditDaoImpl.java @@ -0,0 +1,43 @@ +package com.example.survey.dao.impl; + +import com.example.survey.dao.AuditDao; +import com.example.survey.entity.Audit; +import org.springframework.beans.factory.annotation.Autowired; +import org.springframework.data.mongodb.core.MongoTemplate; +import org.springframework.data.mongodb.core.query.Criteria; +import org.springframework.data.mongodb.core.query.Query; +import org.springframework.stereotype.Repository; + +import java.util.Date; +import java.util.List; + +/** + * @author Pope + */ +@Repository +public class AuditDaoImpl implements AuditDao { + + @Autowired + private MongoTemplate mongoTemplate; + + @Override + public void saveAudit(Audit audit) { + mongoTemplate.save(audit); + } + + @Override + public List listAuditLimit(Date beginTime, Date endTime, String uri, int offset, int pageSize) { + Criteria criteria = new Criteria(); + if (uri != null) { + criteria.and("uri").is(uri); + } + if (beginTime != null) { + criteria.and("time").gte(beginTime); + } + if (endTime != null) { + criteria.and("time").lte(endTime); + } + Query query = new Query(criteria).skip(offset).limit(pageSize); + return mongoTemplate.find(query, Audit.class); + } +} diff --git a/src/main/java/com/example/survey/entity/Audit.java b/src/main/java/com/example/survey/entity/Audit.java index bb70964..6df3b46 100644 --- a/src/main/java/com/example/survey/entity/Audit.java +++ b/src/main/java/com/example/survey/entity/Audit.java @@ -11,10 +11,20 @@ import java.util.Date; @Data @Document(collection = "audit") public class Audit { - + /** + * 发起请求用户名,若为非法用户则为“非法用户” + */ private String userPhone; + /** + * 发起请求的ip + */ private String ip; + /** + * 请求时间 yyyy-MM-dd : HH:mm:ss + */ private Date time; - private String route; - + /** + * 请求路由 + */ + private String uri; } diff --git a/src/main/java/com/example/survey/service/AuditService.java b/src/main/java/com/example/survey/service/AuditService.java new file mode 100644 index 0000000..b82b51b --- /dev/null +++ b/src/main/java/com/example/survey/service/AuditService.java @@ -0,0 +1,24 @@ +package com.example.survey.service; + +import com.example.survey.vo.AuditVO; + +import java.util.Date; +import java.util.List; + +/** + * @author Pope + */ +public interface AuditService { + + /** + * 根据筛选条件分页查询审计记录 + * + * @param beginTime 开始时间 + * @param endTime 结束时间 + * @param uri 接口路由 + * @param currentPage 当前页数 + * @param pageSize 页大小 + * @return + */ + List listAuditLimit(Date beginTime, Date endTime,String uri, int currentPage, int pageSize); +} diff --git a/src/main/java/com/example/survey/service/MetaDataService.java b/src/main/java/com/example/survey/service/MetaDataService.java index 0a855dc..c307d8f 100644 --- a/src/main/java/com/example/survey/service/MetaDataService.java +++ b/src/main/java/com/example/survey/service/MetaDataService.java @@ -25,9 +25,9 @@ public interface MetaDataService { * @param name 元数据名 * @param currentPage 当前页数 * @param pageSize 页大小 - * @return 元数据 + * @return 元数据名称 */ - List listMetaDataLimit(String name, int currentPage, int pageSize); + List listMetaDataNameLimit(String name, int currentPage, int pageSize); /** * 根据元数据名查询数量 diff --git a/src/main/java/com/example/survey/service/impl/AuditServiceImpl.java b/src/main/java/com/example/survey/service/impl/AuditServiceImpl.java new file mode 100644 index 0000000..d9e5932 --- /dev/null +++ b/src/main/java/com/example/survey/service/impl/AuditServiceImpl.java @@ -0,0 +1,34 @@ +package com.example.survey.service.impl; + +import com.example.survey.dao.AuditDao; +import com.example.survey.service.AuditService; +import com.example.survey.vo.AuditVO; +import org.springframework.beans.factory.annotation.Autowired; +import org.springframework.stereotype.Service; + +import java.util.Date; +import java.util.List; +import java.util.stream.Collectors; + +/** + * @author Pope + */ +@Service +public class AuditServiceImpl implements AuditService { + + @Autowired + AuditDao auditDao; + + @Override + public List listAuditLimit(Date beginTime, Date endTime, String uri, int currentPage, int pageSize) { + return auditDao.listAuditLimit(beginTime, endTime, uri, currentPage * pageSize, pageSize).stream() + .map(audit -> { + AuditVO auditVO = new AuditVO(); + auditVO.setIp(audit.getIp()); + auditVO.setTime(audit.getTime()); + auditVO.setUri(audit.getUri()); + auditVO.setUserPhone(audit.getUserPhone()); + return auditVO; + }).collect(Collectors.toList()); + } +} diff --git a/src/main/java/com/example/survey/service/impl/MetaDataServiceImpl.java b/src/main/java/com/example/survey/service/impl/MetaDataServiceImpl.java index a269280..dc63137 100644 --- a/src/main/java/com/example/survey/service/impl/MetaDataServiceImpl.java +++ b/src/main/java/com/example/survey/service/impl/MetaDataServiceImpl.java @@ -50,20 +50,13 @@ public class MetaDataServiceImpl implements MetaDataService { } @Override - public List listMetaDataLimit(String name, int currentPage, int pageSize) { + public List listMetaDataNameLimit(String name, int currentPage, int pageSize) { List metaDataList = metaDataDao.listMetaDataLimit(name, currentPage * pageSize, pageSize); if (metaDataList == null) { return new ArrayList<>(); } return metaDataList.stream() - .map(metaData -> { - MetaDataVO metaDataVO = new MetaDataVO(); - metaDataVO.setName(metaData.getName()); - metaDataVO.setForm(metaData.getForm()); - metaDataVO.setFieldToNameList(metaData.getFieldToNameList()); - metaDataVO.setConfig(metaData.getConfig()); - return metaDataVO; - }) + .map(MetaData::getName) .collect(Collectors.toList()); } diff --git a/src/main/java/com/example/survey/service/impl/UserServiceImpl.java b/src/main/java/com/example/survey/service/impl/UserServiceImpl.java index 639d84d..686d864 100644 --- a/src/main/java/com/example/survey/service/impl/UserServiceImpl.java +++ b/src/main/java/com/example/survey/service/impl/UserServiceImpl.java @@ -51,12 +51,14 @@ public class UserServiceImpl implements UserService { if (TokenUtil.existKey(oldToken)) { //已经登录,将旧token过期, TokenUtil.expireKey(oldToken); + TokenUtil.expireKey(oldToken + " : USER_PHONE"); } } //生成新的token并存入redis String newToken = UUID.randomUUID().toString(); TokenUtil.set(user.getPhone(), newToken); + TokenUtil.set(newToken + " : USER_PHONE", user.getPhone()); //生成角色列表 Set roleNameSet = new HashSet<>(); diff --git a/src/main/java/com/example/survey/vo/AuditVO.java b/src/main/java/com/example/survey/vo/AuditVO.java new file mode 100644 index 0000000..f536f02 --- /dev/null +++ b/src/main/java/com/example/survey/vo/AuditVO.java @@ -0,0 +1,21 @@ +package com.example.survey.vo; + +import com.fasterxml.jackson.annotation.JsonFormat; +import lombok.Data; + +import java.util.Date; + +/** + * @author Pope + */ +@Data +public class AuditVO { + private String userPhone; + + private String ip; + + @JsonFormat(pattern = "yyyy-MM-dd HH:mm:ss") + private Date time; + + private String uri; +} diff --git a/src/test/java/com/example/survey/controller/AuditApi.http b/src/test/java/com/example/survey/controller/AuditApi.http new file mode 100644 index 0000000..1204d01 --- /dev/null +++ b/src/test/java/com/example/survey/controller/AuditApi.http @@ -0,0 +1 @@ +GET http://{{host}}:{{port}}{{prefix}}/audit/audit?beginTime=2021-4-24 14:02:00¤tPage=0 diff --git a/src/test/java/com/example/survey/controller/UserApi.http b/src/test/java/com/example/survey/controller/UserApi.http index 62ea8cf..b0d41f9 100644 --- a/src/test/java/com/example/survey/controller/UserApi.http +++ b/src/test/java/com/example/survey/controller/UserApi.http @@ -3,8 +3,8 @@ POST http://{{host}}:{{port}}{{prefix}}/user/login Content-Type: application/json { - "phone": "cveo111", - "password": "cveo111" + "phone": "cveo", + "password": "cveo123456" } ### @@ -69,8 +69,8 @@ Authorization: 8f6b21a0-fa4b-4241-b5f7-58355048e1f9 ### #查询用户列表 -GET http://{{host}}:{{port}}{{prefix}}/user/user?username=Pope¤tPage=0 -Authorization: 8f6b21a0-fa4b-4241-b5f7-58355048e1f9 +GET http://{{host}}:{{port}}{{prefix}}/user/userList?username=Pope¤tPage=0 +Authorization: 16d3e816-dc92-4476-8f56-02924e719713 ### #修改用户角色