| 提交 | 用户 | 时间 | ||
| e57a89 | 1 | package com.jcdm.common.utils; |
| 懒 | 2 | |
| 3 | import java.util.Collection; | |
| 4 | import java.util.List; | |
| 5 | import java.util.stream.Collectors; | |
| 6 | import org.springframework.security.core.Authentication; | |
| 7 | import org.springframework.security.core.context.SecurityContextHolder; | |
| 8 | import org.springframework.security.crypto.bcrypt.BCryptPasswordEncoder; | |
| 9 | import org.springframework.util.PatternMatchUtils; | |
| 10 | import com.jcdm.common.constant.Constants; | |
| 11 | import com.jcdm.common.constant.HttpStatus; | |
| 12 | import com.jcdm.common.core.domain.entity.SysRole; | |
| 13 | import com.jcdm.common.core.domain.model.LoginUser; | |
| 14 | import com.jcdm.common.exception.ServiceException; | |
| 15 | ||
| 16 | /** | |
| 17 | * 安全服务工具类 | |
| 18 | * | |
| 19 | * @author jc | |
| 20 | */ | |
| 21 | public class SecurityUtils | |
| 22 | { | |
| 23 | ||
| 24 | /** | |
| 25 | * 用户ID | |
| 26 | **/ | |
| 27 | public static Long getUserId() | |
| 28 | { | |
| 29 | try | |
| 30 | { | |
| 31 | return getLoginUser().getUserId(); | |
| 32 | } | |
| 33 | catch (Exception e) | |
| 34 | { | |
| 35 | throw new ServiceException("获取用户ID异常", HttpStatus.UNAUTHORIZED); | |
| 36 | } | |
| 37 | } | |
| 38 | ||
| 39 | /** | |
| 40 | * 获取部门ID | |
| 41 | **/ | |
| 42 | public static Long getDeptId() | |
| 43 | { | |
| 44 | try | |
| 45 | { | |
| 46 | return getLoginUser().getDeptId(); | |
| 47 | } | |
| 48 | catch (Exception e) | |
| 49 | { | |
| 50 | throw new ServiceException("获取部门ID异常", HttpStatus.UNAUTHORIZED); | |
| 51 | } | |
| 52 | } | |
| 53 | ||
| 54 | /** | |
| 55 | * 获取用户账户 | |
| 56 | **/ | |
| 57 | public static String getUsername() | |
| 58 | { | |
| 59 | try | |
| 60 | { | |
| 61 | return getLoginUser().getUsername(); | |
| 62 | } | |
| 63 | catch (Exception e) | |
| 64 | { | |
| 65 | throw new ServiceException("获取用户账户异常", HttpStatus.UNAUTHORIZED); | |
| 66 | } | |
| 67 | } | |
| 68 | ||
| 69 | /** | |
| 70 | * 获取用户 | |
| 71 | **/ | |
| 72 | public static LoginUser getLoginUser() | |
| 73 | { | |
| 74 | try | |
| 75 | { | |
| 76 | return (LoginUser) getAuthentication().getPrincipal(); | |
| 77 | } | |
| 78 | catch (Exception e) | |
| 79 | { | |
| 80 | throw new ServiceException("获取用户信息异常", HttpStatus.UNAUTHORIZED); | |
| 81 | } | |
| 82 | } | |
| 83 | ||
| 84 | /** | |
| 85 | * 获取Authentication | |
| 86 | */ | |
| 87 | public static Authentication getAuthentication() | |
| 88 | { | |
| 89 | return SecurityContextHolder.getContext().getAuthentication(); | |
| 90 | } | |
| 91 | ||
| 92 | /** | |
| 93 | * 生成BCryptPasswordEncoder密码 | |
| 94 | * | |
| 95 | * @param password 密码 | |
| 96 | * @return 加密字符串 | |
| 97 | */ | |
| 98 | public static String encryptPassword(String password) | |
| 99 | { | |
| 100 | BCryptPasswordEncoder passwordEncoder = new BCryptPasswordEncoder(); | |
| 101 | return passwordEncoder.encode(password); | |
| 102 | } | |
| 103 | ||
| 104 | /** | |
| 105 | * 判断密码是否相同 | |
| 106 | * | |
| 107 | * @param rawPassword 真实密码 | |
| 108 | * @param encodedPassword 加密后字符 | |
| 109 | * @return 结果 | |
| 110 | */ | |
| 111 | public static boolean matchesPassword(String rawPassword, String encodedPassword) | |
| 112 | { | |
| 113 | BCryptPasswordEncoder passwordEncoder = new BCryptPasswordEncoder(); | |
| 114 | return passwordEncoder.matches(rawPassword, encodedPassword); | |
| 115 | } | |
| 116 | ||
| 117 | /** | |
| 118 | * 是否为管理员 | |
| 119 | * | |
| 120 | * @param userId 用户ID | |
| 121 | * @return 结果 | |
| 122 | */ | |
| 123 | public static boolean isAdmin(Long userId) | |
| 124 | { | |
| 125 | return userId != null && 1L == userId; | |
| 126 | } | |
| 127 | ||
| 128 | /** | |
| 129 | * 验证用户是否具备某权限 | |
| 130 | * | |
| 131 | * @param permission 权限字符串 | |
| 132 | * @return 用户是否具备某权限 | |
| 133 | */ | |
| 134 | public static boolean hasPermi(String permission) | |
| 135 | { | |
| 136 | return hasPermi(getLoginUser().getPermissions(), permission); | |
| 137 | } | |
| 138 | ||
| 139 | /** | |
| 140 | * 判断是否包含权限 | |
| 141 | * | |
| 142 | * @param authorities 权限列表 | |
| 143 | * @param permission 权限字符串 | |
| 144 | * @return 用户是否具备某权限 | |
| 145 | */ | |
| 146 | public static boolean hasPermi(Collection<String> authorities, String permission) | |
| 147 | { | |
| 148 | return authorities.stream().filter(StringUtils::hasText) | |
| 149 | .anyMatch(x -> Constants.ALL_PERMISSION.equals(x) || PatternMatchUtils.simpleMatch(x, permission)); | |
| 150 | } | |
| 151 | ||
| 152 | /** | |
| 153 | * 验证用户是否拥有某个角色 | |
| 154 | * | |
| 155 | * @param role 角色标识 | |
| 156 | * @return 用户是否具备某角色 | |
| 157 | */ | |
| 158 | public static boolean hasRole(String role) | |
| 159 | { | |
| 160 | List<SysRole> roleList = getLoginUser().getUser().getRoles(); | |
| 161 | Collection<String> roles = roleList.stream().map(SysRole::getRoleKey).collect(Collectors.toSet()); | |
| 162 | return hasRole(roles, role); | |
| 163 | } | |
| 164 | ||
| 165 | /** | |
| 166 | * 判断是否包含角色 | |
| 167 | * | |
| 168 | * @param roles 角色列表 | |
| 169 | * @param role 角色 | |
| 170 | * @return 用户是否具备某角色权限 | |
| 171 | */ | |
| 172 | public static boolean hasRole(Collection<String> roles, String role) | |
| 173 | { | |
| 174 | return roles.stream().filter(StringUtils::hasText) | |
| 175 | .anyMatch(x -> Constants.SUPER_ADMIN.equals(x) || PatternMatchUtils.simpleMatch(x, role)); | |
| 176 | } | |
| 177 | ||
| 178 | } | |
