权限在jwt里面方式医院ID

src/main/java/com/diagbot/config/CustomTokenEnhancer.java

@@ -21,7 +21,7 @@ public class CustomTokenEnhancer implements TokenEnhancer {
         final Map<String, Object> additionalInfo = new HashMap<>();
         SysUserUaa user = (SysUserUaa) authentication.getUserAuthentication().getPrincipal();
         additionalInfo.put("user_id", user.getId());
-        //		additionalInfo.put("username", user.getUsername());
+        additionalInfo.put("hosp_id", user.getHospitalId());
         //		additionalInfo.put("authorities", user.getAuthorities());
         ((DefaultOAuth2AccessToken) accessToken).setAdditionalInformation(additionalInfo);
         return accessToken;

src/main/java/com/diagbot/dto/JwtDTO.java

@@ -13,4 +13,6 @@ import lombok.Setter;
 public class JwtDTO {
     private String accessToken;
     private String refreshToken;
+    private Integer type; //用户类型
+    private String typeCn; //用户类型中文
 }

src/main/java/com/diagbot/entity/SysUser.java

@@ -65,36 +65,6 @@ public class SysUser implements Serializable {
      */
     private String linkman;
 
-    /**
-     * 手机号(如果是客户，phone与username是一样的)
-     */
-    private String phone;
-
-    /**
-     * 所属岗位
-     */
-    private String position;
-
-    /**
-     * 所属部门
-     */
-    private String dept;
-
-    /**
-     * 邮箱
-     */
-    private String email;
-
-    /**
-     * 认证状态: 0 未认证，1 已认证，2 认证中
-     */
-    private Integer authStatus;
-
-    /**
-     * 认证通过时间
-     */
-    private LocalDateTime passauthTime;
-
     /**
      * 1内部用户，0外部用户（默认0）
      */
@@ -168,48 +138,6 @@ public class SysUser implements Serializable {
     public void setLinkman(String linkman) {
         this.linkman = linkman;
     }
-    public String getPhone() {
-        return phone;
-    }
-
-    public void setPhone(String phone) {
-        this.phone = phone;
-    }
-    public String getPosition() {
-        return position;
-    }
-
-    public void setPosition(String position) {
-        this.position = position;
-    }
-    public String getDept() {
-        return dept;
-    }
-
-    public void setDept(String dept) {
-        this.dept = dept;
-    }
-    public String getEmail() {
-        return email;
-    }
-
-    public void setEmail(String email) {
-        this.email = email;
-    }
-    public Integer getAuthStatus() {
-        return authStatus;
-    }
-
-    public void setAuthStatus(Integer authStatus) {
-        this.authStatus = authStatus;
-    }
-    public LocalDateTime getPassauthTime() {
-        return passauthTime;
-    }
-
-    public void setPassauthTime(LocalDateTime passauthTime) {
-        this.passauthTime = passauthTime;
-    }
     public Integer getType() {
         return type;
     }
@@ -237,12 +165,6 @@ public class SysUser implements Serializable {
             ", username=" + username +
             ", password=" + password +
             ", linkman=" + linkman +
-            ", phone=" + phone +
-            ", position=" + position +
-            ", dept=" + dept +
-            ", email=" + email +
-            ", authStatus=" + authStatus +
-            ", passauthTime=" + passauthTime +
             ", type=" + type +
             ", remark=" + remark +
         "}";

src/main/java/com/diagbot/entity/SysUserUaa.java

@@ -65,6 +65,16 @@ public class SysUserUaa implements UserDetails, Serializable {
      */
     private String username;
 
+    /**
+     * 1内部用户，0外部用户（默认0）
+     */
+    private Integer type;
+
+    /**
+     * 医院ID
+     */
+    private Long hospitalId;
+
     private List<? extends GrantedAuthority> authorities;
 
     @Override
@@ -165,6 +175,22 @@ public class SysUserUaa implements UserDetails, Serializable {
         this.username = username;
     }
 
+    public Integer getType() {
+        return type;
+    }
+
+    public void setType(Integer type) {
+        this.type = type;
+    }
+
+    public Long getHospitalId() {
+        return hospitalId;
+    }
+
+    public void setHospitalId(Long hospitalId) {
+        this.hospitalId = hospitalId;
+    }
+
     @Override
     public String toString() {
         return "User{" +

src/main/java/com/diagbot/enums/ConstantEnum.java

@@ -0,0 +1,52 @@
+package com.diagbot.enums;
+
+import com.diagbot.core.KeyedNamed;
+import lombok.Setter;
+
+/**
+ * @Description: 常量枚举类
+ * @Author: ztg
+ * @Date: 2018/9/28 10:45
+ */
+public enum ConstantEnum implements KeyedNamed {
+
+    INNER_USER(1, "用户-朗通"),
+    OUTER_USER(0, "用户-客户");
+
+
+    @Setter
+    private int key;
+
+    @Setter
+    private String name;
+
+    ConstantEnum(int key, String name) {
+        this.key = key;
+        this.name = name;
+    }
+
+    public static ConstantEnum getEnum(int key) {
+        for (ConstantEnum item : ConstantEnum.values()) {
+            if (item.key == key) {
+                return item;
+            }
+        }
+        return null;
+    }
+
+    public static String getName(int key) {
+        ConstantEnum item = getEnum(key);
+        return item != null ? item.name : null;
+    }
+
+    @Override
+    public int getKey() {
+        return key;
+    }
+
+    @Override
+    public String getName() {
+        return name;
+    }
+}
+

src/main/java/com/diagbot/facade/SysUserFacade.java

@@ -6,6 +6,7 @@ import com.diagbot.dto.JwtDTO;
 import com.diagbot.entity.JWT;
 import com.diagbot.entity.JwtStore;
 import com.diagbot.entity.SysUser;
+import com.diagbot.enums.ConstantEnum;
 import com.diagbot.enums.IsDeleteEnum;
 import com.diagbot.exception.CommonErrorCode;
 import com.diagbot.exception.CommonException;
@@ -67,6 +68,8 @@ public class SysUserFacade extends SysUserServiceImpl {
         }
         data.setAccessToken(jwt.getAccess_token());
         data.setRefreshToken(jwt.getRefresh_token());
+        data.setType(user.getType());
+        data.setTypeCn(ConstantEnum.getName(user.getType()));//返回中文
         //token存入redis
         JwtStore jwtStore = new JwtStore();
         jwtStore.setAccessToken(jwt.getAccess_token());

src/main/java/com/diagbot/mapper/SysUserUaaMapper.java

@@ -12,4 +12,6 @@ import com.diagbot.entity.SysUserUaa;
  */
 public interface SysUserUaaMapper {
     SysUserUaa getByUserName(String username);
+
+    SysUserUaa getHospByUserName(String username);
 }

src/main/java/com/diagbot/service/UrlUserService.java

@@ -2,6 +2,7 @@ package com.diagbot.service;
 
 import com.diagbot.entity.SysPermission;
 import com.diagbot.entity.SysUserUaa;
+import com.diagbot.enums.ConstantEnum;
 import com.diagbot.mapper.SysPermissionMapper;
 import com.diagbot.mapper.SysUserUaaMapper;
 import org.apache.commons.lang.StringUtils;
@@ -42,6 +43,14 @@ public class UrlUserService implements UserDetailsService {
                 }
             }
             user.setGrantedAuthorities(grantedAuthorities);
+            if (user.getType().equals(ConstantEnum.OUTER_USER.getKey())) {
+                SysUserUaa userHosp = userUaaMapper.getHospByUserName(userName);
+                if (null == userHosp) {
+                    throw new UsernameNotFoundException("医院管理人员: " + userName + " 未绑定医院");
+                } else {
+                    user.setHospitalId(userHosp.getHospitalId());
+                }
+            }
             return user;
         } else {
             throw new UsernameNotFoundException("admin: " + userName + " do not exist");

src/main/java/com/diagbot/util/SysUserUtils.java

@@ -0,0 +1,108 @@
+package com.diagbot.util;
+
+import org.springframework.security.core.Authentication;
+import org.springframework.security.core.authority.SimpleGrantedAuthority;
+import org.springframework.security.core.context.SecurityContextHolder;
+import org.springframework.security.oauth2.provider.authentication.OAuth2AuthenticationDetails;
+
+import java.util.List;
+import java.util.Map;
+
+/**
+ * @Description: 用户工具类
+ * @author: gaodm
+ * @time: 2018/8/3 17:46
+ */
+public class SysUserUtils {
+
+    private static final String AUTHORIZATION = "authorization";
+
+    /**
+     * 获取当前请求的token
+     *
+     * @return
+     */
+    public static String getCurrentToken() {
+        return HttpUtils.getHeaders(HttpUtils.getHttpServletRequest()).get(AUTHORIZATION);
+    }
+
+    /**
+     * 获取当前请求的用户名称
+     *
+     * @return
+     */
+    public static String getCurrentPrinciple() {
+        return (String) SecurityContextHolder.getContext().getAuthentication().getPrincipal();
+    }
+
+    /**
+     * 获取当前请求的用户ID
+     *
+     * @return
+     */
+    public static String getCurrentPrincipleID() {
+        OAuth2AuthenticationDetails oauthDetails = (OAuth2AuthenticationDetails) SecurityContextHolder.getContext().getAuthentication().getDetails();
+        Map<String, Object> details = (Map<String, Object>) oauthDetails.getDecodedDetails();
+        return details.get("user_id").toString();
+    }
+
+    /**
+     * 获取当前请求用户的医院ID
+     *
+     * @return
+     */
+    public static String getCurrentHospitalID() {
+        OAuth2AuthenticationDetails oauthDetails = (OAuth2AuthenticationDetails) SecurityContextHolder.getContext().getAuthentication().getDetails();
+        Map<String, Object> details = (Map<String, Object>) oauthDetails.getDecodedDetails();
+        return details.get("hosp_id").toString();
+    }
+
+
+    /**
+     * 判读当前token用户是否为接口所需的参数username
+     *
+     * @param username
+     * @return
+     */
+    public static boolean isMyself(String username) {
+        return username.equals(getCurrentPrinciple());
+    }
+
+    /**
+     * 获取当前请求Authentication
+     *
+     * @return
+     */
+    public static Authentication getCurrentAuthentication() {
+        return SecurityContextHolder.getContext().getAuthentication();
+    }
+
+    /**
+     * 获取当前请求的权限信息
+     *
+     * @return
+     */
+    public static List<SimpleGrantedAuthority> getCurrentAuthorities() {
+        return (List<SimpleGrantedAuthority>) SecurityContextHolder.getContext().getAuthentication().getAuthorities();
+    }
+
+    /**
+     * @param role
+     * @return
+     */
+    public static boolean hasRole(String role) {
+        if (!role.startsWith("ROLE_")) {
+            role = "ROLE_" + role;
+        }
+        boolean hasRole = false;
+        List<SimpleGrantedAuthority> list = getCurrentAuthorities();
+        for (SimpleGrantedAuthority s : list) {
+            if (role.equals(s.getAuthority())) {
+                hasRole = true;
+                break;
+            }
+        }
+        return hasRole;
+    }
+
+}

src/main/java/com/diagbot/web/SysUserController.java

@@ -48,7 +48,7 @@ public class SysUserController {
 
     @ApiOperation(value = "登录获取jwt[by:zhoutg]",
             notes = "username：用户名,必填<br>" +
-                    "password：密码, 必填, 默认密码：f6af7afd01d4eb0dc5fe0a342cd6cee7<br> ")
+                    "password：密码, 必填, 默认密码：dc483e80a7a0bd9ef71d8cf973673924<br> ")
     @PostMapping("/getJwt")
     @SysLogger("getJwt")
     public RespDTO<JwtDTO> getJwt(@RequestBody UserLoginVO userLoginVO) {

src/main/java/com/diagbot/web/TestController.java

@@ -18,7 +18,7 @@ import org.springframework.web.bind.annotation.RestController;
 public class TestController {
     @Autowired
     private AuthServiceClient authServiceClient;
-    //p:f6af7afd01d4eb0dc5fe0a342cd6cee7
+    //p:dc483e80a7a0bd9ef71d8cf973673924
     @PostMapping(value = "/test/oauth/token")
     public JWT getToken(String username, String password) {
         return authServiceClient.getToken("Basic dWFhLXNlcnZpY2U6MTIzNDU2",

src/main/resources/application-dev.yml

@@ -58,7 +58,7 @@ spring:
     druid:
       driver-class-name: com.mysql.cj.jdbc.Driver
       platform: mysql
-      url: jdbc:mysql://192.168.2.236:3306/sys-mrqcneo?serverTimezone=GMT%2B8&useUnicode=true&characterEncoding=utf8&characterSetResults=utf8&useSSL=false
+      url: jdbc:mysql://192.168.2.236:3306/qc?serverTimezone=GMT%2B8&useUnicode=true&characterEncoding=utf8&characterSetResults=utf8&useSSL=false
       username: root
       password: lantone
       # 连接池的配置信息

src/main/resources/application-local.yml

@@ -58,7 +58,7 @@ spring:
     druid:
       driver-class-name: com.mysql.cj.jdbc.Driver
       platform: mysql
-      url: jdbc:mysql://192.168.2.236:3306/sys-mrqcneo?serverTimezone=GMT%2B8&useUnicode=true&characterEncoding=utf8&characterSetResults=utf8&useSSL=false
+      url: jdbc:mysql://192.168.2.236:3306/qc?serverTimezone=GMT%2B8&useUnicode=true&characterEncoding=utf8&characterSetResults=utf8&useSSL=false
       username: root
       password: lantone
       # 连接池的配置信息

src/main/resources/application-pre.yml

@@ -58,7 +58,7 @@ spring:
     druid:
       driver-class-name: com.mysql.cj.jdbc.Driver
       platform: mysql
-      url: jdbc:mysql://192.168.2.121:3306/sys-mrqcneo?serverTimezone=GMT%2B8&useUnicode=true&characterEncoding=utf8&characterSetResults=utf8&useSSL=false
+      url: jdbc:mysql://192.168.2.121:3306/qc?serverTimezone=GMT%2B8&useUnicode=true&characterEncoding=utf8&characterSetResults=utf8&useSSL=false
       username: teamback
       password: goTulmLeon
       # 连接池的配置信息

src/main/resources/application-pro.yml

@@ -58,7 +58,7 @@ spring:
     druid:
       driver-class-name: com.mysql.cj.jdbc.Driver
       platform: mysql
-      url: jdbc:mysql://192.168.2.122:3306/sys-mrqcneo?serverTimezone=GMT%2B8&useUnicode=true&characterEncoding=utf8&characterSetResults=utf8&useSSL=false
+      url: jdbc:mysql://192.168.2.122:3306/qc?serverTimezone=GMT%2B8&useUnicode=true&characterEncoding=utf8&characterSetResults=utf8&useSSL=false
       username: root
       password: lantone
       # 连接池的配置信息

src/main/resources/application-test.yml

@@ -58,7 +58,7 @@ spring:
     druid:
       driver-class-name: com.mysql.cj.jdbc.Driver
       platform: mysql
-      url: jdbc:mysql://192.168.2.241:3306/sys-mrqcneo?serverTimezone=GMT%2B8&useUnicode=true&characterEncoding=utf8&characterSetResults=utf8&useSSL=false
+      url: jdbc:mysql://192.168.2.241:3306/qc?serverTimezone=GMT%2B8&useUnicode=true&characterEncoding=utf8&characterSetResults=utf8&useSSL=false
       username: root
       password: lantone
       # 连接池的配置信息

src/main/resources/mapper/SysUserMapper.xml

@@ -13,12 +13,6 @@
         <result column="username" property="username" />
         <result column="password" property="password" />
         <result column="linkman" property="linkman" />
-        <result column="phone" property="phone" />
-        <result column="position" property="position" />
-        <result column="dept" property="dept" />
-        <result column="email" property="email" />
-        <result column="auth_status" property="authStatus" />
-        <result column="passauth_time" property="passauthTime" />
         <result column="type" property="type" />
         <result column="remark" property="remark" />
     </resultMap>

src/main/resources/mapper/SysUserUaaMapper.xml

@@ -3,8 +3,7 @@
         "http://mybatis.org/dtd/mybatis-3-mapper.dtd">
 <mapper namespace="com.diagbot.mapper.SysUserUaaMapper">
 
-    <!-- 通用查询映射结果 -->
-    <resultMap id="BaseResultMap" type="com.diagbot.entity.SysUserUaa">
+    <resultMap id="userUaaMap" type="com.diagbot.entity.SysUserUaa">
         <id column="id" property="id"/>
         <result column="is_deleted" property="isDeleted"/>
         <result column="gmt_create" property="gmtCreate"/>
@@ -13,10 +12,10 @@
         <result column="modifier" property="modifier"/>
         <result column="password" property="password"/>
         <result column="username" property="username"/>
+        <result column="type" property="type" />
     </resultMap>
 
-
-    <resultMap id="userUaaMap" type="com.diagbot.entity.SysUserUaa">
+    <resultMap id="userUaaHospMap" type="com.diagbot.entity.SysUserUaa">
         <id column="id" property="id"/>
         <result column="is_deleted" property="isDeleted"/>
         <result column="gmt_create" property="gmtCreate"/>
@@ -25,6 +24,8 @@
         <result column="modifier" property="modifier"/>
         <result column="password" property="password"/>
         <result column="username" property="username"/>
+        <result column="type" property="type" />
+        <result column="hospitalId" property="hospitalId" />
     </resultMap>
 
     <select id="getByUserName" parameterType="java.lang.String" resultMap="userUaaMap">
@@ -32,4 +33,20 @@
 		from sys_user u
         where is_deleted = 'N' and u.username= #{username}
 	</select>
+
+    <select id="getHospByUserName" parameterType="java.lang.String" resultMap="userUaaHospMap">
+        SELECT
+            u.*, uh.hospital_id AS hospitalId
+        FROM
+            sys_user u,
+            sys_user_hospital uh,
+            bas_hospital_info h
+        WHERE
+            u.is_deleted = 'N'
+        AND u.username = #{username}
+        AND u.id = uh.user_id
+        AND uh.is_deleted = 'N'
+        AND h.id = uh.hospital_id
+        AND h.is_deleted = 'N'
+	</select>
 </mapper>