功能可配置

common-biz-client/src/main/java/com/diagbot/util/PermissionUtil.java

@@ -0,0 +1,104 @@
+package com.diagbot.util;
+
+import com.diagbot.exception.CommonErrorCode;
+import com.diagbot.exception.CommonException;
+import lombok.extern.slf4j.Slf4j;
+import org.aspectj.lang.JoinPoint;
+import org.springframework.core.DefaultParameterNameDiscoverer;
+import org.springframework.core.ParameterNameDiscoverer;
+import org.springframework.web.context.request.RequestAttributes;
+import org.springframework.web.context.request.RequestContextHolder;
+import org.springframework.web.context.request.ServletRequestAttributes;
+
+import javax.servlet.http.HttpServletRequest;
+import java.lang.reflect.Method;
+import java.util.HashMap;
+import java.util.Map;
+
+/**
+ * @Description:
+ * @author: gaodm
+ * @time: 2020/2/17 14:57
+ */
+@Slf4j
+public class PermissionUtil {
+    /**
+     * 功能可配置权限拦截
+     *
+     * @param joinPoint
+     * @param sysType
+     */
+    public static void permissionAspect(JoinPoint joinPoint, Integer sysType) {
+        RequestAttributes ra = RequestContextHolder.getRequestAttributes();
+        ServletRequestAttributes sra = (ServletRequestAttributes) ra;
+        HttpServletRequest request = sra.getRequest();
+        //head里面是否有hospitalCode；
+        String hospitalCode = request.getHeader("hospitalCode");
+        if (StringUtil.isBlank(hospitalCode)) {
+            throw new CommonException(CommonErrorCode.PARAM_IS_NULL, "请传入医院编码！");
+        }
+        //todo 远程获取权限验证权限
+        //验证权限
+        String uri = request.getRequestURI();
+        log.info(uri);
+        //todo 验证是否在无参数的Map
+        //todo 验证是否在有参数的Map
+        //todo 验证参数
+        Object[] args = joinPoint.getArgs();
+        if (args == null) {
+            throw new CommonException(CommonErrorCode.NO_PERMISSION);
+        }
+
+        Map<String, Object> paramMap = new HashMap<>();
+        paramMap = getFieldsName(joinPoint);
+        //todo 利用paramMap获取结果
+
+
+    }
+
+    private static Map getFieldsName(JoinPoint joinPoint) {
+        try {
+            String classType = joinPoint.getTarget().getClass().getName();
+            String methodName = joinPoint.getSignature().getName();
+            // 参数值
+            Object[] args = joinPoint.getArgs();
+            Class<?>[] classes = new Class[args.length];
+            for (int k = 0; k < args.length; k++) {
+                if (!args[k].getClass().isPrimitive()) {
+                    // 获取的是封装类型而不是基础类型
+                    String result = args[k].getClass().getName();
+                    Class s = map.get(result);
+                    classes[k] = s == null ? args[k].getClass() : s;
+                }
+            }
+            ParameterNameDiscoverer pnd = new DefaultParameterNameDiscoverer();
+            // 获取指定的方法，第二个参数可以不传，但是为了防止有重载的现象，还是需要传入参数的类型
+            Method method = Class.forName(classType).getMethod(methodName, classes);
+            // 参数名
+            String[] parameterNames = pnd.getParameterNames(method);
+            // 通过map封装参数和参数值
+            HashMap<String, Object> paramMap = new HashMap();
+            for (int i = 0; i < parameterNames.length; i++) {
+                paramMap.put(parameterNames[i], args[i]);
+            }
+            return paramMap;
+        } catch (ClassNotFoundException e) {
+            return null;
+        } catch (NoSuchMethodException e) {
+            return null;
+        }
+
+    }
+
+    private static HashMap<String, Class> map = new HashMap<String, Class>() {
+        {
+            put("java.lang.Integer", int.class);
+            put("java.lang.Double", double.class);
+            put("java.lang.Float", float.class);
+            put("java.lang.Long", long.class);
+            put("java.lang.Short", short.class);
+            put("java.lang.Boolean", boolean.class);
+            put("java.lang.Char", char.class);
+        }
+    };
+}

config-server/src/main/resources/shared/application-dev.yml

@@ -80,6 +80,9 @@ bilog:
 crypt:
   enable: true
 
+permission:
+  enable: true
+
 mrqc:
   server:
     address: http://192.168.2.234:8090

config-server/src/main/resources/shared/application-local.yml

@@ -80,6 +80,9 @@ bilog:
 crypt:
   enable: true
 
+permission:
+  enable: true
+
 mrqc:
   server:
     address: http://192.168.2.234:8090

config-server/src/main/resources/shared/application-pre.yml

@@ -80,6 +80,9 @@ bilog:
 crypt:
   enable: true
 
+permission:
+  enable: true
+
 mrqc:
   server:
     address: http://192.168.2.186:8090

config-server/src/main/resources/shared/application-pro.yml

@@ -80,6 +80,9 @@ bilog:
 crypt:
   enable: true
 
+permission:
+  enable: true
+
 mrqc:
   server:
     address: http://192.168.2.123:8090

config-server/src/main/resources/shared/application-test.yml

@@ -80,6 +80,9 @@ bilog:
 crypt:
   enable: true
 
+permission:
+  enable: true
+
 mrqc:
   server:
     address: http://192.168.2.241:8090

data-service/src/main/java/com/diagbot/config/SwaggerConfigurer.java

@@ -36,8 +36,13 @@ public class SwaggerConfigurer {
      */
     private List<Parameter> parameter() {
         List<Parameter> params = new ArrayList<>();
-        params.add(new ParameterBuilder().name("Authorization")
-                .description("Authorization Bearer token")
+//        params.add(new ParameterBuilder().name("Authorization")
+//                .description("Authorization Bearer token")
+//                .modelRef(new ModelRef("string"))
+//                .parameterType("header")
+//                .required(false).build());
+        params.add(new ParameterBuilder().name("hospitalCode")
+                .description("医院编码")
                 .modelRef(new ModelRef("string"))
                 .parameterType("header")
                 .required(false).build());

icss-service/src/main/java/com/diagbot/aop/PermissionAspect.java

@@ -0,0 +1,32 @@
+package com.diagbot.aop;
+
+import com.diagbot.enums.SysTypeEnum;
+import com.diagbot.util.PermissionUtil;
+import org.aspectj.lang.JoinPoint;
+import org.aspectj.lang.annotation.Aspect;
+import org.aspectj.lang.annotation.Before;
+import org.aspectj.lang.annotation.Pointcut;
+import org.springframework.boot.autoconfigure.condition.ConditionalOnProperty;
+import org.springframework.stereotype.Component;
+
+/**
+ * @Description: 接口权限拦截
+ * @author: gaodm
+ * @time: 2020/2/17 14:34
+ */
+@Aspect
+@Component
+@ConditionalOnProperty(prefix = "permission", value = { "enable" }, havingValue = "true")
+public class PermissionAspect {
+
+    //切所有Controller
+    @Pointcut("execution(* com.diagbot.web..*.*(..))")
+    public void pointcutController() {
+    }
+
+    @Before("pointcutController()")
+    public void permissionIntercept(JoinPoint joinPoint) {
+        //权限拦截
+        PermissionUtil.permissionAspect(joinPoint, SysTypeEnum.ICSS_SERVICE.getKey());
+    }
+}

icss-service/src/main/java/com/diagbot/config/SwaggerConfigurer.java

@@ -36,8 +36,13 @@ public class SwaggerConfigurer {
      */
     private List<Parameter> parameter() {
         List<Parameter> params = new ArrayList<>();
-        params.add(new ParameterBuilder().name("Authorization")
-                .description("Authorization Bearer token")
+//        params.add(new ParameterBuilder().name("Authorization")
+//                .description("Authorization Bearer token")
+//                .modelRef(new ModelRef("string"))
+//                .parameterType("header")
+//                .required(false).build());
+        params.add(new ParameterBuilder().name("hospitalCode")
+                .description("医院编码")
                 .modelRef(new ModelRef("string"))
                 .parameterType("header")
                 .required(false).build());

ltapi-service/src/main/java/com/diagbot/config/SwaggerConfigurer.java

@@ -36,8 +36,13 @@ public class SwaggerConfigurer {
      */
     private List<Parameter> parameter() {
         List<Parameter> params = new ArrayList<>();
-        params.add(new ParameterBuilder().name("Authorization")
-                .description("Authorization Bearer token")
+//        params.add(new ParameterBuilder().name("Authorization")
+//                .description("Authorization Bearer token")
+//                .modelRef(new ModelRef("string"))
+//                .parameterType("header")
+//                .required(false).build());
+        params.add(new ParameterBuilder().name("hospitalCode")
+                .description("医院编码")
                 .modelRef(new ModelRef("string"))
                 .parameterType("header")
                 .required(false).build());