权限模块

安瑾然

2022-07-18 9b3dbdc74b2a508249b1d1e489db8a2134a3a7de

权限模块

 pom.xml

@@ -88,6 +88,17 @@
            <artifactId>hutool-all</artifactId>
            <version>5.8.3</version>
        </dependency>
        <!-- 权限验证 -->
        <dependency>
            <groupId>org.springframework.boot</groupId>
            <artifactId>spring-boot-starter-security</artifactId>
        </dependency>
        <!-- JWT -->
        <dependency>
            <groupId>com.auth0</groupId>
            <artifactId>java-jwt</artifactId>
            <version>3.19.2</version>
        </dependency>
    </dependencies>

    <build>

 src/main/java/com/example/jz/auth/DefaultPwdEncoder.java

New file
@@ -0,0 +1,34 @@
package com.example.jz.auth;

import com.example.jz.utils.Md5Utils;
import org.springframework.security.crypto.password.PasswordEncoder;
import org.springframework.stereotype.Component;

/**
 * @author 安瑾然
 * @data 2022/7/18 - 10:52 AM
 * @description 密码加密算法
 */
@Component
public class DefaultPwdEncoder  implements PasswordEncoder {
    /**
     * 加密
     * @param charSequence
     * @return
     */
    @Override
    public String encode(CharSequence charSequence) {
        return Md5Utils.md5(charSequence.toString());
    }

    /**
     * 进行密码比对
     * @param charSequence 不加密
     * @param encodePwd  加密
     * @return
     */
    @Override
    public boolean matches(CharSequence charSequence, String encodePwd) {
        return encodePwd.equalsIgnoreCase(Md5Utils.md5(charSequence.toString()));
    }
}

 src/main/java/com/example/jz/auth/MyAccessDeniedHandler.java

New file
@@ -0,0 +1,40 @@
package com.example.jz.auth;


import cn.hutool.json.JSONUtil;
import com.example.jz.modle.R;
import org.springframework.security.access.AccessDeniedException;
import org.springframework.security.web.access.AccessDeniedHandler;
import org.springframework.stereotype.Component;

import javax.servlet.ServletException;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import java.io.IOException;
import java.io.PrintWriter;

/**
 * @author 安瑾然
 * @data 2022/7/18 - 10:35 AM
 * @description 无权访问配置
 */
@Component
public class MyAccessDeniedHandler implements AccessDeniedHandler {

    @Override
    public void handle(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse, AccessDeniedException e) throws IOException, ServletException {
        R<String> r = new R<>();
        r.setCode(403);
        r.setMsg("无权访问");
        r.setData(null);
        // 设置返回消息类型
        httpServletResponse.setHeader("Content-type", "text/html;charset=UTF-8");
        httpServletResponse.setCharacterEncoding("utf-8");
        httpServletResponse.setContentType("application/json;charset=UTF-8");
        // 返回给请求端
        PrintWriter writer = httpServletResponse.getWriter();
        writer.write(JSONUtil.toJsonStr(r));
        writer.flush();
        writer.close();
    }
}

 src/main/java/com/example/jz/auth/MyLogoutHandler.java

New file
@@ -0,0 +1,51 @@
package com.example.jz.auth;

import cn.hutool.json.JSONUtil;
import com.example.jz.modle.R;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.security.core.Authentication;
import org.springframework.security.web.authentication.logout.LogoutHandler;
import org.springframework.stereotype.Component;

import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import java.io.IOException;
import java.io.PrintWriter;

/**
 * @author 安瑾然
 * @data 2022/7/18 - 10:45 AM
 * @description 登出
 */
@Component
public class MyLogoutHandler implements LogoutHandler {

    private TokenJwtManager tokenJwtManager;

    @Autowired
    public void setTokenJwtManager(TokenJwtManager tokenJwtManager) {
        this.tokenJwtManager = tokenJwtManager;
    }

    @Override
    public void logout(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse, Authentication authentication) {
        // 从header中获取token
        String token = httpServletRequest.getHeader("token");
        String username = tokenJwtManager.getUserName(token);
        // 设置返回消息类型
        httpServletResponse.setHeader("Content-type", "text/html;charset=UTF-8");
        httpServletResponse.setCharacterEncoding("utf-8");
        httpServletResponse.setContentType("application/json;charset=UTF-8");
        // 返回给请求端
        PrintWriter writer = null;
        try {
            writer = httpServletResponse.getWriter();
            writer.write(JSONUtil.toJsonStr(R.ok(null, username + "登出成功")));
            writer.flush();
            writer.close();
        } catch (IOException e) {
            e.printStackTrace();
        }

    }
}

 src/main/java/com/example/jz/auth/MyTokenSecurityConfig.java

New file
@@ -0,0 +1,103 @@
package com.example.jz.auth;

import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.context.annotation.Configuration;
import org.springframework.http.HttpMethod;
import org.springframework.security.config.annotation.authentication.builders.AuthenticationManagerBuilder;
import org.springframework.security.config.annotation.method.configuration.EnableGlobalMethodSecurity;
import org.springframework.security.config.annotation.web.builders.HttpSecurity;
import org.springframework.security.config.annotation.web.builders.WebSecurity;
import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter;
import org.springframework.security.crypto.bcrypt.BCryptPasswordEncoder;

/**
 * @author 安瑾然
 * @data 2022/7/18 - 11:23 AM
 * @description
 */
@Configuration
@EnableGlobalMethodSecurity(prePostEnabled = true)  // 方法增加权限
public class MyTokenSecurityConfig extends WebSecurityConfigurerAdapter {

    // 将 UserDetailService 注入，使其去查询数据库
    @Autowired
    private UserDetailService userDetailsService;

    // token 生成器
    @Autowired
    private TokenJwtManager tokenManager;

    // 自定义密码加密解密
    @Autowired
    private DefaultPwdEncoder defaultPwdEncoder;

    // 未登录handler
    @Autowired
    private MyUnAuthEntryPoint myUnAuthEntryPoint;

    // 无权限
    @Autowired
    private MyAccessDeniedHandler myAccessDeniedHandler;

    //  登出handler处理
    @Autowired
    private MyLogoutHandler myLogoutHandler;


    /**
     * 登录时，从数据库获取基本信息和权限信息
     *
     * @param auth
     * @throws Exception
     */
    @Override
    protected void configure(AuthenticationManagerBuilder auth) throws Exception {
        // 设置 userDetailsService 和 密码解析
        auth.userDetailsService(userDetailsService).passwordEncoder(defaultPwdEncoder);
    }

    /**
     * 配置访问过滤
     *
     * @param http
     * @throws Exception
     */
    @Override
    protected void configure(HttpSecurity http) throws Exception {
        http
                .exceptionHandling()
                .authenticationEntryPoint(myUnAuthEntryPoint) // 未登录 handler
                .accessDeniedHandler(myAccessDeniedHandler) // 无权限
                .and().csrf().disable() // 关闭 csrf 跨域请求
                .formLogin()
                .loginProcessingUrl("/login")  // 设定登录请求接口
                .usernameParameter("username")
                .passwordParameter("password")
                .permitAll()
                .and()
                .authorizeRequests() // 请求设置
                .antMatchers("/user/register", "/webjars/**", "/swagger/**", "/v2/api-docs", "/doc.html", "/swagger-ui.html", "/swagger-resources/**" ).permitAll() // 配置不需要认证的接口
                .antMatchers("/api/**").permitAll() // 开放小程序的接口
                .anyRequest().authenticated() // 任何请求都需要认证
                .and()
                .logout() // logout设定
                .logoutUrl("/logout")  //退出请求  /logout 未定义，交给自定义handler实现功能
                .addLogoutHandler(myLogoutHandler) // 登出 myLogoutHandler 处理
                .and()
                .addFilter(new TokenLoginFilter(tokenManager, authenticationManager())) // 认证交给 自定义 TokenLoginFilter 实现
                .addFilter(new TokenAuthFilter(authenticationManager(), tokenManager))
                .httpBasic();
    }

    /**
     * 配置不需要验证的访问路径
     *
     * @param web
     * @throws Exception
     */
    @Override
    public void configure(WebSecurity web) throws Exception {
//        web.ignoring().antMatchers("/test", "/user/login");
        web.ignoring().antMatchers(HttpMethod.OPTIONS, "/**");
    }
}

 src/main/java/com/example/jz/auth/MyUnAuthEntryPoint.java

New file
@@ -0,0 +1,35 @@
package com.example.jz.auth;

import cn.hutool.json.JSONUtil;
import com.example.jz.modle.R;
import org.springframework.security.core.AuthenticationException;
import org.springframework.security.web.AuthenticationEntryPoint;
import org.springframework.stereotype.Component;

import javax.servlet.ServletException;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import java.io.IOException;
import java.io.PrintWriter;

/**
 * @author 安瑾然
 * @data 2022/7/18 - 10:55 AM
 * @description 未登录处理
 */
@Component
public class MyUnAuthEntryPoint implements AuthenticationEntryPoint {
    @Override
    public void commence(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse, AuthenticationException e) throws IOException, ServletException {
        // 设置返回消息类型
        httpServletResponse.setHeader("Content-type", "text/html;charset=UTF-8");
        httpServletResponse.setCharacterEncoding("utf-8");
        httpServletResponse.setContentType("application/json;charset=UTF-8");
        // 返回给请求端
        PrintWriter writer = httpServletResponse.getWriter();
        writer.write(JSONUtil.toJsonStr(R.failed("当前账户未登录")));
        writer.close();
    }
}



 src/main/java/com/example/jz/auth/TokenAuthFilter.java

New file
@@ -0,0 +1,66 @@
package com.example.jz.auth;

import org.springframework.security.authentication.AuthenticationManager;
import org.springframework.security.authentication.UsernamePasswordAuthenticationToken;
import org.springframework.security.core.GrantedAuthority;
import org.springframework.security.core.authority.SimpleGrantedAuthority;
import org.springframework.security.core.context.SecurityContextHolder;
import org.springframework.security.web.authentication.www.BasicAuthenticationFilter;

import javax.servlet.FilterChain;
import javax.servlet.ServletException;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import java.io.IOException;
import java.util.ArrayList;
import java.util.Arrays;
import java.util.Collection;
import java.util.List;

/**
 * @author 安瑾然
 * @data 2022/7/18 - 10:56 AM
 * @description
 */
public class TokenAuthFilter extends BasicAuthenticationFilter {

    private TokenJwtManager tokenJwtManager;

    public TokenAuthFilter(AuthenticationManager authenticationManager, TokenJwtManager tokenJwtManager) {
        super(authenticationManager);
        this.tokenJwtManager = tokenJwtManager;
    }

    @Override
    protected void doFilterInternal(HttpServletRequest request, HttpServletResponse response, FilterChain chain) throws IOException, ServletException {
        //获取当前认证成功用户权限信息
        UsernamePasswordAuthenticationToken authRequest = getAuthentication(request);
        if(authRequest != null){
            // 有权限，则放入权限上下文中
            SecurityContextHolder.getContext().setAuthentication(authRequest);
        }
        // 执行下一个 filter 过滤器链
        chain.doFilter(request,response);
    }

    private UsernamePasswordAuthenticationToken getAuthentication(HttpServletRequest request) {
        //从header获取token
        String token = request.getHeader("token");
        if(token != null) {
            //从token获取用户名
            String username = tokenJwtManager.getUserName(token);
            // 登录成功时，会将权限数据存入redis
            // 这里是验证获取权限信息
            // 1、从redis中获取对应该用户的权限信息
            // 2、或从数据库中再次查询
            List<String> permissionValueList = Arrays.asList("admin","select");
            Collection<GrantedAuthority> authority = new ArrayList<>();
            for(String permissionValue : permissionValueList) {
                SimpleGrantedAuthority auth = new SimpleGrantedAuthority(permissionValue);
                authority.add(auth);
            }
            return new UsernamePasswordAuthenticationToken(username,token,authority);
        }
        return null;
    }
}

 src/main/java/com/example/jz/auth/TokenJwtManager.java

New file
@@ -0,0 +1,47 @@
package com.example.jz.auth;

import com.auth0.jwt.JWT;
import com.auth0.jwt.JWTVerifier;
import com.auth0.jwt.algorithms.Algorithm;
import com.auth0.jwt.interfaces.Claim;
import com.auth0.jwt.interfaces.DecodedJWT;
import org.springframework.stereotype.Component;

import java.util.Calendar;
import java.util.HashMap;

/**
 * @author 安瑾然
 * @data 2022/7/18 - 10:46 AM
 * @description token工具类
 */
@Component
public class TokenJwtManager {

    // 设置token时间
    private int tokenEcpiration = 24 * 60 * 60 * 1000; // 1天

    // 编码密钥
    private String tokenSignKey = "6^wy=$}E";

    // 1、根据用户名生成token
    public String createToken(String username) {
        Calendar calendar = Calendar.getInstance();
        calendar.add(Calendar.SECOND, tokenEcpiration);

        return JWT.create()
                .withHeader(new HashMap<>())
                .withClaim("username", username)
                .withExpiresAt(calendar.getTime())
                .sign(Algorithm.HMAC256(tokenSignKey));
    }

    // 2、根据token得到用户名信息
    public String getUserName(String token) {
        JWTVerifier build = JWT.require(Algorithm.HMAC256(tokenSignKey)).build();
        DecodedJWT verify = build.verify(token);
        Claim username = verify.getClaim("username");
        return username.asString();
    }
}


 src/main/java/com/example/jz/auth/TokenLoginFilter.java

New file
@@ -0,0 +1,72 @@
package com.example.jz.auth;

import cn.hutool.json.JSONUtil;
import com.example.jz.modle.R;
import com.example.jz.modle.entity.SecurityUser;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.security.authentication.AuthenticationManager;
import org.springframework.security.authentication.UsernamePasswordAuthenticationToken;
import org.springframework.security.core.Authentication;
import org.springframework.security.web.authentication.UsernamePasswordAuthenticationFilter;
import org.springframework.security.web.util.matcher.AntPathRequestMatcher;

import javax.servlet.FilterChain;
import javax.servlet.ServletException;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import java.io.IOException;
import java.io.PrintWriter;
import java.util.ArrayList;

/**
 * @author 安瑾然
 * @data 2022/7/18 - 10:57 AM
 * @description
 */
public class TokenLoginFilter extends UsernamePasswordAuthenticationFilter {

    private TokenJwtManager tokenJwtManager;
    private AuthenticationManager authenticationManager;

    public TokenLoginFilter(TokenJwtManager tokenJwtManager, AuthenticationManager authenticationManager) {
        this.tokenJwtManager = tokenJwtManager;
        this.authenticationManager = authenticationManager;
        this.setPostOnly(false); // 关闭登录只允许 post
        // 设置登陆路径，并且post请求
        this.setRequiresAuthenticationRequestMatcher(new AntPathRequestMatcher("/login", "POST"));
    }

    // 1、获取登录页传递来的账户和密码信息
    @Override
    public Authentication attemptAuthentication(HttpServletRequest request, HttpServletResponse response) {
        String username = request.getParameter("username");
        String password = request.getParameter("password");

        // 登录接口 /login 调用请求时触发
        // UsernamePasswordAuthenticationToken 封装登录时传递来的数据信息
        // 交给 AuthenticationManager  进行登录认证校验
        return authenticationManager.authenticate(new UsernamePasswordAuthenticationToken(username,
                password, new ArrayList<>()));
    }

    // 2、认证成功调用
    @Autowired
    protected void successfulAuthentication(HttpServletRequest request, HttpServletResponse response, FilterChain chain, Authentication authResult)
            throws IOException, ServletException {
        // 认证成功之后，获取认证后的用户基本信息
        SecurityUser securityUser = (SecurityUser) authResult.getPrincipal();
        // 根据用户名生成对应的token
        String token = tokenJwtManager.createToken(securityUser.getUsername());
        // token信息存于redis、数据库、缓存等

        // 设置返回消息类型
        response.setHeader("Content-type", "text/html;charset=UTF-8");
        response.setCharacterEncoding("utf-8");
        response.setContentType("application/json;charset=UTF-8");
        // 返回给请求端
        PrintWriter writer = response.getWriter();
        writer.write(JSONUtil.toJsonStr(R.ok(token, "登录成功")));
        writer.flush();
        writer.close();
    }
}

 src/main/java/com/example/jz/auth/UserDetailService.java

New file
@@ -0,0 +1,50 @@
package com.example.jz.auth;

import com.baomidou.mybatisplus.core.conditions.query.LambdaQueryWrapper;
import com.example.jz.dao.UserDao;
import com.example.jz.modle.entity.SecurityUser;
import com.example.jz.modle.entity.User;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.security.core.userdetails.UserDetails;
import org.springframework.security.core.userdetails.UserDetailsService;
import org.springframework.security.core.userdetails.UsernameNotFoundException;
import org.springframework.stereotype.Service;

import java.util.Arrays;
import java.util.List;

/**
 * @author 安瑾然
 * @data 2022/7/18 - 10:34 AM
 * @description 用户详情服务
 */
@Service("userDetailsService")
public class UserDetailService implements UserDetailsService {
    // 注入Usermapper
    @Autowired
    private UserDao userDao;


    @Override
    public UserDetails loadUserByUsername(String username) throws UsernameNotFoundException {
        // 通过username查询数据库获取用户信息
        User user = userDao.selectOne(new LambdaQueryWrapper<>(User.class).eq(User::getLoginUsername, username));
        // 判断用户是否存在
        if (user == null) {
            throw new UsernameNotFoundException("账户信息不存在！");
        }
        // 存在对应的用户信息，则将其封装，丢给security自己去解析

        // 登录时，会走这个接口
        // 权限暂时不查数据库
        List<String> roles = Arrays.asList("ROLE_admin,admin");

        // 将数据封装给 SecurityUser ，因为 SecurityUser 是 UserDetails 的子类
        SecurityUser securityUser = new SecurityUser();
        securityUser.setPermissionValueList(roles);
        securityUser.setUsername(user.getLoginUsername());
        securityUser.setPassword(user.getLoginPassword());

        return securityUser;
    }
}

 src/main/java/com/example/jz/controller/AnnouncementController.java

@@ -6,6 +6,7 @@
import com.example.jz.modle.entity.Announcement;
import com.example.jz.modle.R;
import com.example.jz.service.AnnouncementService;
import org.springframework.security.access.prepost.PreAuthorize;
import org.springframework.web.bind.annotation.*;

import javax.annotation.Resource;

 src/main/java/com/example/jz/controller/CauseController.java

@@ -1,16 +1,23 @@
package com.example.jz.controller;


import com.baomidou.mybatisplus.core.metadata.IPage;
import com.baomidou.mybatisplus.extension.api.ApiController;
import com.baomidou.mybatisplus.extension.plugins.pagination.Page;
import com.example.jz.modle.R;
import com.example.jz.modle.dto.AddReportDto;
import com.example.jz.modle.dto.CauseDto;
import com.example.jz.modle.dto.ReportParamDto;
import com.example.jz.modle.entity.Report;
import com.example.jz.modle.vo.ReportListVo;
import com.example.jz.service.CauseService;
import com.example.jz.service.ReportService;
import com.example.jz.service.UserService;
import io.swagger.annotations.Api;
import io.swagger.annotations.ApiOperation;
import io.swagger.annotations.ApiResponse;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.web.bind.annotation.*;

import javax.annotation.Resource;

/**
 * 案件表(Cause)表控制层
@@ -20,13 +27,24 @@
 */
@RestController
@RequestMapping("cause")
@Api(tags = "案件区-案件录入")
@Api(tags = "案件区")
public class CauseController extends ApiController {
    /**
     * 服务对象
     */
    @Resource
    private CauseService causeService;
    private ReportService reportService;

    @Autowired
    public void setReportService(ReportService reportService) {
        this.reportService = reportService;
    }

    @Autowired
    public void setCauseService(CauseService causeService) {
        this.causeService = causeService;
    }


    @ApiOperation(httpMethod = "POST", value = "添加案件")
    @PostMapping("/addCause")
@@ -39,8 +57,8 @@
    @ApiOperation(httpMethod = "PUT", value = "修改案件")
    @PutMapping("/updateCause")
    @ApiResponse(message = "执行成功", code = 200)
    public R updateCause(@RequestBody CauseDto causeDto,Integer id) {
        return R.ok(causeService.updateCause(causeDto,id));
    public R updateCause(@RequestBody CauseDto causeDto, Integer id) {
        return R.ok(causeService.updateCause(causeDto, id));
    }


@@ -79,6 +97,28 @@
        causeService.deleteCause(id);
        return R.ok();
    }
    // TODO: 2022/7/15 导入

    @ApiOperation(httpMethod = "GET", value = "根据群组id查询案件分页")
    @GetMapping("/getAllReportList")
    @ApiResponse(message = "执行成功", code = 200)
    public R<IPage<ReportListVo>> get(Page<ReportListVo> page, ReportParamDto reportParamDto, Integer groupId) {
        return R.ok(reportService.getPageByGroupId(page, reportParamDto, groupId));
    }

    @ApiOperation(httpMethod = "POST", value = "添加人员")
    @PostMapping("/addReporter")
    @ApiResponse(message = "执行成功", code = 200)
    public R<Boolean> get(AddReportDto addReportDto) {
        if (addReportDto.getReporterName() == null || addReportDto.getReporterName().equals("")) {
            return R.failed("报案人员不能为空");
        }
        if (addReportDto.getMobile() == null || addReportDto.getMobile().equals("")) {
            return R.failed("报案人员电话不能为空");
        }
        if (addReportDto.getIdcard() == null || addReportDto.getIdcard().equals("")) {
            return R.failed("报案人员身份证不能为空");
        }
        return R.ok(causeService.addReportPeople(addReportDto));
    }
}


 src/main/java/com/example/jz/controller/ReportController.java

@@ -1,12 +1,10 @@
package com.example.jz.controller;

import com.baomidou.mybatisplus.core.conditions.query.QueryWrapper;
import com.baomidou.mybatisplus.core.metadata.IPage;
import com.baomidou.mybatisplus.extension.api.ApiController;
import com.baomidou.mybatisplus.extension.plugins.pagination.Page;
import com.example.jz.enums.BusinessHttpStatus;
import com.example.jz.exception.BusinessException;
import com.example.jz.modle.R;
import com.example.jz.modle.dto.ReportParamDto;
import com.example.jz.modle.entity.Report;
import com.example.jz.modle.vo.ReportListVo;
import com.example.jz.service.ReportService;
@@ -18,7 +16,6 @@
import javax.annotation.Resource;
import java.io.Serializable;
import java.util.Date;
import java.util.List;

/**
 * 报案表(Report)表控制层
@@ -40,13 +37,13 @@
     * 分页查询所有数据
     *
     * @param page   分页对象
     * @param report 查询实体
     * @param reportParamDto 查询实体
     * @return 所有数据
     */
    @GetMapping
    @ApiOperation(value = "分页查询所有数据")
    public R<IPage<Report>> selectAll(Page<Report> page, Report report) {
        return R.ok(reportService.page(page, new QueryWrapper<>(report)));
    public R<IPage<ReportListVo>> selectAll(Page<ReportListVo> page, ReportParamDto reportParamDto) {
        return R.ok(reportService.getPage(page, reportParamDto));
    }

    /**
@@ -57,8 +54,8 @@
     */
    @GetMapping("{id}")
    @ApiOperation(value = "通过主键查询单条数据")
    public R<Report> selectOne(@PathVariable Serializable id) {
        return R.ok(reportService.getById(id));
    public R<ReportListVo> selectOne(@PathVariable Serializable id) {
        return R.ok(reportService.getReportListVoById(id));
    }

    /**

 src/main/java/com/example/jz/dao/ReportDao.java

@@ -1,8 +1,14 @@
package com.example.jz.dao;

import com.baomidou.mybatisplus.core.mapper.BaseMapper;
import com.baomidou.mybatisplus.extension.plugins.pagination.Page;
import com.example.jz.modle.dto.ReportParamDto;
import com.example.jz.modle.entity.Report;
import com.example.jz.modle.vo.ReportListVo;
import org.apache.ibatis.annotations.Mapper;
import org.apache.ibatis.annotations.Param;

import java.io.Serializable;

/**
 * 报案表(Report)表数据库访问层
@@ -13,5 +19,10 @@
@Mapper
public interface ReportDao extends BaseMapper<Report> {

    Page<ReportListVo> getPage(Page<ReportListVo> page,@Param("reportDto") ReportParamDto reportParamDto);

    ReportListVo getReportListVoById(Serializable id);

    Page<ReportListVo> getPageByGroupId(Page<ReportListVo> page, ReportParamDto reportParamDto, Integer groupId);
}


 src/main/java/com/example/jz/dao/UserDao.java

@@ -2,6 +2,7 @@

import com.baomidou.mybatisplus.core.mapper.BaseMapper;
import com.example.jz.modle.entity.User;
import org.apache.ibatis.annotations.Mapper;

/**
 * 用户表(User)表数据库访问层
@@ -9,6 +10,6 @@
 * @author makejava
 * @since 2022-07-11 16:35:57
 */
@Mapper
public interface UserDao extends BaseMapper<User> {

}

 src/main/java/com/example/jz/modle/dto/AddReportDto.java

New file
@@ -0,0 +1,31 @@
package com.example.jz.modle.dto;

import com.example.jz.modle.entity.Report;
import io.swagger.annotations.ApiModelProperty;
import lombok.AllArgsConstructor;
import lombok.Data;
import lombok.NoArgsConstructor;

/**
 * @author 安瑾然
 * @data 2022/7/18 - 2:12 PM
 * @description
 */
@Data
@NoArgsConstructor
@AllArgsConstructor
public class AddReportDto extends Report {
    @ApiModelProperty(value = "报案人",dataType = "String")
    private String reporterName;

    @ApiModelProperty(value = "报案人手机号",dataType = "String")
    //报案人手机号
    private String mobile;

    @ApiModelProperty(value = "报案人身份证号",dataType = "String")
    //报案人身份证号
    private String idcard;

    @ApiModelProperty(value = "群组id",dataType = "Integer")
    private Integer groupId;
}

 src/main/java/com/example/jz/modle/dto/ReportParamDto.java

New file
@@ -0,0 +1,43 @@
package com.example.jz.modle.dto;

import io.swagger.annotations.ApiModel;
import io.swagger.annotations.ApiModelProperty;
import lombok.AllArgsConstructor;
import lombok.Data;
import lombok.EqualsAndHashCode;
import lombok.NoArgsConstructor;
import lombok.experimental.Accessors;

/**
 * @author 安瑾然
 * @data 2022/7/15 - 11:54 AM
 * @description
 */
@Data
@NoArgsConstructor
@AllArgsConstructor
@Accessors(chain = true)
@EqualsAndHashCode(callSuper = false)
@ApiModel("保安查询条件")
public class ReportParamDto {
    /**
     * 查询条件 可以是姓名也可以是身份证号
     */
    @ApiModelProperty(value = "查询条件 可以是姓名也可以是身份证号")
    private String people;
    /**
     * 电话号码
     */
    @ApiModelProperty(value = "电话号码")
    private String phoneNumber;
    /**
     * 是否进群
     */
    @ApiModelProperty(value = "是否进群 0是 1否")
    private String isInGroup;
    /**
     * 是否有材料
     */
    @ApiModelProperty(value = "是否有材料 0是 1否")
    private String havaMaterial;
}

 src/main/java/com/example/jz/modle/entity/Report.java

@@ -4,11 +4,13 @@

import com.baomidou.mybatisplus.annotation.TableName;
import com.baomidou.mybatisplus.extension.activerecord.Model;
import io.swagger.annotations.ApiModelProperty;
import lombok.AllArgsConstructor;
import lombok.Data;
import lombok.EqualsAndHashCode;
import lombok.NoArgsConstructor;
import lombok.experimental.Accessors;
import org.springframework.format.annotation.DateTimeFormat;

import java.io.Serializable;

@@ -38,6 +40,7 @@
    //报案材料图片地址 多个用,分隔
    private String reportMaterials;
    //报案时间
    @DateTimeFormat(pattern = "yyyy-MM-dd HH:mm:ss")
    private Date reportTime;
    //报案方式
    private String reportMethod;
@@ -46,8 +49,10 @@
    //状态，1为通过 0为未审核
    private Integer status;
    //创建时间
    @DateTimeFormat(pattern = "yyyy-MM-dd HH:mm:ss")
    private Date ctime;
    //被骗时间
    @DateTimeFormat(pattern = "yyyy-MM-dd HH:mm:ss")
    private Date cheatTime;
    //补充信息
    private String information;

 src/main/java/com/example/jz/modle/entity/SecurityUser.java

New file
@@ -0,0 +1,73 @@
package com.example.jz.modle.entity;

import com.example.jz.auth.UserDetailService;
import lombok.AllArgsConstructor;
import lombok.Data;
import lombok.NoArgsConstructor;
import lombok.experimental.Accessors;
import org.springframework.security.core.GrantedAuthority;
import org.springframework.security.core.authority.SimpleGrantedAuthority;
import org.springframework.security.core.userdetails.UserDetails;
import org.springframework.util.StringUtils;

import java.util.ArrayList;
import java.util.Collection;
import java.util.List;

/**
 * @author 安瑾然
 * @data 2022/7/18 - 11:00 AM
 * @description
 */
@Data
@NoArgsConstructor
@AllArgsConstructor
@Accessors(chain = true)
public class SecurityUser implements UserDetails {

    private String username;
    private String password;
    private List<String> permissionValueList;

    @Override
    public Collection<? extends GrantedAuthority> getAuthorities() {
        Collection<GrantedAuthority> authorities = new ArrayList<>();
        permissionValueList.forEach(permission -> {
            if (!StringUtils.isEmpty(permission)) {
                SimpleGrantedAuthority authority = new SimpleGrantedAuthority(permission);
                authorities.add(authority);
            }
        });
        return authorities;
    }

    @Override
    public String getPassword() {
        return this.password;
    }

    @Override
    public String getUsername() {
        return this.username;
    }

    @Override
    public boolean isAccountNonExpired() {
        return true;
    }

    @Override
    public boolean isAccountNonLocked() {
        return true;
    }

    @Override
    public boolean isCredentialsNonExpired() {
        return true;
    }

    @Override
    public boolean isEnabled() {
        return true;
    }
}

 src/main/java/com/example/jz/modle/entity/User.java

@@ -1,5 +1,10 @@
package com.example.jz.modle.entity;

import lombok.AllArgsConstructor;
import lombok.Data;
import lombok.NoArgsConstructor;
import lombok.experimental.Accessors;

import java.io.Serializable;
import java.util.Date;

@@ -9,8 +14,14 @@
 * @author makejava
 * @since 2022-07-12 16:50:59
 */
@Data
@NoArgsConstructor
@AllArgsConstructor
@Accessors(chain = true)
public class User implements Serializable {

    private static final long serialVersionUID = 853192857312832170L;

    /**
     * 用户昵称
     */
@@ -19,6 +30,10 @@
     * 真实姓名
     */
    private String realName;
    /**
     * 登录账号
     */
    private String loginUsername;
    /**
     * 登录密码
     */
@@ -68,118 +83,6 @@
     */
    private Integer id;


    public String getNickName() {
        return nickName;
    }

    public void setNickName(String nickName) {
        this.nickName = nickName;
    }

    public String getRealName() {
        return realName;
    }

    public void setRealName(String realName) {
        this.realName = realName;
    }

    public String getLoginPassword() {
        return loginPassword;
    }

    public void setLoginPassword(String loginPassword) {
        this.loginPassword = loginPassword;
    }

    public String getUserMobile() {
        return userMobile;
    }

    public void setUserMobile(String userMobile) {
        this.userMobile = userMobile;
    }

    public String getUserIdcard() {
        return userIdcard;
    }

    public void setUserIdcard(String userIdcard) {
        this.userIdcard = userIdcard;
    }

    public Date getModifyTime() {
        return modifyTime;
    }

    public void setModifyTime(Date modifyTime) {
        this.modifyTime = modifyTime;
    }

    public Date getUserRegtime() {
        return userRegtime;
    }

    public void setUserRegtime(Date userRegtime) {
        this.userRegtime = userRegtime;
    }

    public String getUserRegip() {
        return userRegip;
    }

    public void setUserRegip(String userRegip) {
        this.userRegip = userRegip;
    }

    public Date getUserLasttime() {
        return userLasttime;
    }

    public void setUserLasttime(Date userLasttime) {
        this.userLasttime = userLasttime;
    }

    public String getUserLastip() {
        return userLastip;
    }

    public void setUserLastip(String userLastip) {
        this.userLastip = userLastip;
    }

    public String getUserMemo() {
        return userMemo;
    }

    public void setUserMemo(String userMemo) {
        this.userMemo = userMemo;
    }

    public String getPic() {
        return pic;
    }

    public void setPic(String pic) {
        this.pic = pic;
    }

    public Integer getStatus() {
        return status;
    }

    public void setStatus(Integer status) {
        this.status = status;
    }


    public Integer getId() {
        return id;
    }

    public void setId(Integer id) {
        this.id = id;
    }
    private Integer role;
}


 src/main/java/com/example/jz/modle/vo/ReportListVo.java

@@ -2,6 +2,7 @@

import com.example.jz.modle.entity.Report;
import io.swagger.annotations.ApiModel;
import io.swagger.annotations.ApiModelProperty;
import lombok.Data;

@Data
@@ -12,4 +13,16 @@

    //群id
    private Integer groupId;

    //报案人
    @ApiModelProperty(value = "报案人",dataType = "String")
    private String reporterName;

    @ApiModelProperty(value = "报案人手机号",dataType = "String")
    //报案人手机号
    private String mobile;

    @ApiModelProperty(value = "报案人身份证号",dataType = "String")
    //报案人身份证号
    private String idcard;
}

 src/main/java/com/example/jz/service/CauseService.java

@@ -2,6 +2,7 @@

import com.baomidou.mybatisplus.extension.service.IService;
import com.example.jz.modle.PageParam;
import com.example.jz.modle.dto.AddReportDto;
import com.example.jz.modle.dto.CauseDto;
import com.example.jz.modle.entity.Cause;
import com.example.jz.modle.vo.AnnouncementVo;
@@ -67,5 +68,7 @@
     * @return void
     **/
    void deleteCause(Integer id);

    Boolean addReportPeople(AddReportDto addReportDto);
}


 src/main/java/com/example/jz/service/ReportService.java

@@ -1,7 +1,12 @@
package com.example.jz.service;

import com.baomidou.mybatisplus.extension.plugins.pagination.Page;
import com.baomidou.mybatisplus.extension.service.IService;
import com.example.jz.modle.dto.ReportParamDto;
import com.example.jz.modle.entity.Report;
import com.example.jz.modle.vo.ReportListVo;

import java.io.Serializable;

/**
 * 报案表(Report)表服务接口
@@ -14,5 +19,11 @@
    Boolean audit(Report report);

    void leaveGroup(Integer id, Integer groupId);

    Page<ReportListVo> getPage(Page<ReportListVo> page, ReportParamDto reportParamDto);

    ReportListVo getReportListVoById(Serializable id);

    Page<ReportListVo> getPageByGroupId(Page<ReportListVo> page, ReportParamDto reportParamDto, Integer groupId);
}


 src/main/java/com/example/jz/service/impl/CauseServiceImpl.java

@@ -1,10 +1,12 @@
package com.example.jz.service.impl;

import com.baomidou.mybatisplus.core.conditions.query.LambdaQueryWrapper;
import com.baomidou.mybatisplus.core.conditions.query.QueryWrapper;
import com.baomidou.mybatisplus.core.toolkit.StringUtils;
import com.baomidou.mybatisplus.extension.service.impl.ServiceImpl;
import com.example.jz.dao.*;
import com.example.jz.modle.PageParam;
import com.example.jz.modle.dto.AddReportDto;
import com.example.jz.modle.dto.CauseDto;
import com.example.jz.modle.entity.*;
import com.example.jz.modle.vo.AnnouncementVo;
@@ -22,7 +24,7 @@
import java.util.stream.Collectors;

/**
 * 案件表(Cause)表服务实现类
 * ������(Cause)�����ʵ����
 *
 * @author makejava
 * @since 2022-07-13 11:52:58
@@ -40,6 +42,8 @@
    CauseService causeService;
    @Resource
    GroupDao groupDao;
    @Resource
    GroupUserDao groupUserDao;

    @Resource
    AnnouncementDao announcementDao;
@@ -47,12 +51,12 @@
    @Override
    @Transactional(rollbackFor = Exception.class)
    public Integer addCause(CauseDto causeDto) {
        //创建案件
        //��������
        Cause cause = new Cause();
        BeanUtils.copyProperties(causeDto, cause);
        cause.setCtime(new Date());
        causeService.save(cause);
        //创建群组
        //����Ⱥ��
        Group group = new Group();
        group.setCtime(new Date());
        group.setGroupName(causeDto.getName());
@@ -145,6 +149,31 @@

    @Override
    public void deleteCause(Integer id) {
         causeDao.deleteById(id);
        causeDao.deleteById(id);
    }

    @Override
    @Transactional
    public Boolean addReportPeople(AddReportDto addReportDto) {
        User user = userDao.selectOne(new LambdaQueryWrapper<User>(User.class).eq(User::getUserIdcard, addReportDto.getIdcard()));
        if (user == null) {
            // 如果用户不存在 则添加用户
            user = new User().setUserIdcard(addReportDto.getIdcard()).setUserMobile(addReportDto.getMobile()).setRealName(addReportDto.getReporterName())
                    .setModifyTime(new Date()).setUserRegtime(new Date()).setPic(addReportDto.getPic());
            userDao.insert(user);
        }
        // 添加人员进群组
        groupUserDao.insert(new GroupUser().setGroupId(addReportDto.getGroupId()).setUserId(user.getId()).setCtime(new Date()).setBanSpeech(0));
        // 添加报案信息
        Report report = new Report();
        BeanUtils.copyProperties(addReportDto, report);
        report
                .setUserId(user.getId())
                .setCtime(new Date())
                .setStatus(0)
                .setReportMethod("现场录入")
                .setIsCommission("0").setReportTime(new Date())
                .setCauseId(groupDao.selectOne(new QueryWrapper<Group>().eq("id", addReportDto.getGroupId())).getCauseId());
        return reportDao.insert(report) > 0;
    }
}

 src/main/java/com/example/jz/service/impl/ReportServiceImpl.java

@@ -2,19 +2,22 @@

import com.baomidou.mybatisplus.core.conditions.query.LambdaQueryWrapper;
import com.baomidou.mybatisplus.core.conditions.query.QueryWrapper;
import com.baomidou.mybatisplus.extension.plugins.pagination.Page;
import com.baomidou.mybatisplus.extension.service.impl.ServiceImpl;
import com.example.jz.dao.CauseDao;
import com.example.jz.dao.GroupDao;
import com.example.jz.dao.GroupUserDao;
import com.example.jz.dao.ReportDao;
import com.example.jz.modle.dto.ReportParamDto;
import com.example.jz.modle.entity.Group;
import com.example.jz.modle.entity.GroupUser;
import com.example.jz.modle.entity.Report;
import com.example.jz.modle.vo.ReportListVo;
import com.example.jz.service.ReportService;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.stereotype.Service;
import org.springframework.transaction.annotation.Transactional;

import java.io.Serializable;
import java.util.Date;

/**
@@ -55,7 +58,26 @@

    @Override
    public void leaveGroup(Integer id, Integer groupId) {
        groupUserDao.delete(new QueryWrapper<GroupUser>().eq("user_id",id).eq("group_id",groupId));
        groupUserDao.delete(new QueryWrapper<GroupUser>().eq("user_id", id).eq("group_id", groupId));
    }

    @Override
    public Page<ReportListVo> getPage(Page<ReportListVo> page, ReportParamDto reportParamDto) {
        Page<ReportListVo> aaa = reportDao.getPage(page, reportParamDto);
        aaa.getRecords().stream().forEach(x -> x.setIdcard(x.getIdcard().replaceAll("(?<=[\\d]{3})\\d(?=[\\d]{4})", "*")));
        return aaa;
    }

    @Override
    public ReportListVo getReportListVoById(Serializable id) {
        return reportDao.getReportListVoById(id);
    }

    @Override
    public Page<ReportListVo> getPageByGroupId(Page<ReportListVo> page, ReportParamDto reportParamDto, Integer groupId) {
        Page<ReportListVo> aaa = reportDao.getPageByGroupId(page, reportParamDto,groupId);
        aaa.getRecords().stream().forEach(x -> x.setIdcard(x.getIdcard().replaceAll("(?<=[\\d]{3})\\d(?=[\\d]{4})", "*")));
        return aaa;
    }
}


 src/main/java/com/example/jz/utils/MD5Utils.java

New file
@@ -0,0 +1,131 @@
package com.example.jz.utils;

import java.io.UnsupportedEncodingException;
import java.security.MessageDigest;
import java.security.NoSuchAlgorithmException;
import java.util.Base64;

/**
 * @author 安瑾然
 * @data 2022/7/18 - 10:52 AM
 * @description 加密工具类
 */
public class Md5Utils {

    public static String md5(String str) {
        try {
            MessageDigest md = MessageDigest.getInstance("MD5");
            md.update(str.getBytes());
            byte b[] = md.digest();

            str = byteToStr(b);
        } catch (Exception e) {
            e.printStackTrace();

        }
        return str;
    }

    public static String byteToStr(byte[] b){
        int i;
        StringBuffer buf = new StringBuffer("");
        for (int offset = 0; offset < b.length; offset++) {
            i = b[offset];
            //System.out.println(i);
            if (i < 0)
                i += 256;
            if (i < 16)
                buf.append("0");
            buf.append(Integer.toHexString(i));
        }
        return buf.toString();
    }

    /**
     * 传入文本内容，返回 SHA-256 串
     *
     * @param strText
     * @return
     */
    public static String SHA256(final String strText)
    {
        return SHA(strText, "SHA-256");
    }

    public static String SHA1(final String strText)
    {
        return SHA(strText, "SHA-1");
    }

    /**
     * 传入文本内容，返回 SHA-512 串
     *
     * @param strText
     * @return
     */
    public static String SHA512(final String strText)
    {
        return SHA(strText, "SHA-512");
    }

    /**
     * 字符串 SHA 加密
     *
     * @param strText
     * @return
     */
    private static String SHA(final String strText, final String strType)
    {
        // 返回值
        String strResult = null;

        // 是否是有效字符串
        if (strText != null && strText.length() > 0)
        {
            try
            {
                // SHA 加密开始
                MessageDigest messageDigest = MessageDigest.getInstance(strType);
                // 传入要加密的字符串
                messageDigest.update(strText.getBytes("utf-8"));
                // 得到 byte 类型的结果
                byte byteBuffer[] = messageDigest.digest();
                strResult = byteToStr(byteBuffer);
            }
            catch (NoSuchAlgorithmException e)
            {
                e.printStackTrace();
            }catch (UnsupportedEncodingException e) {
                // TODO Auto-generated catch block
                e.printStackTrace();
            }

        }

        return strResult;
    }

    public static String base64(String str){
        String baseStr = null;
        Base64.Encoder encoder = Base64.getEncoder();
        byte[] textByte;
        try {
            textByte = str.getBytes("UTF-8");
            baseStr = encoder.encodeToString(textByte);
        } catch (UnsupportedEncodingException e) {
            e.printStackTrace();
        }

        return baseStr;

    }

    public static void main(String[] args) {
        String password = "bunana1";
        System.out.println(md5(password));
        //String base64 = base64(sha512);
        //System.out.println(base64);
        //String pwd1 = md5(base64);
        //System.out.println(pwd1);
    }
}

 src/main/resources/mapper/ReportDao.xml

New file
@@ -0,0 +1,63 @@
<?xml version="1.0" encoding="UTF-8"?>
<!DOCTYPE mapper PUBLIC "-//mybatis.org//DTD Mapper 3.0//EN" "http://mybatis.org/dtd/mybatis-3-mapper.dtd">
<mapper namespace="com.example.jz.dao.ReportDao">

    <select id="getPage" resultType="com.example.jz.modle.vo.ReportListVo">
        select u.user_mobile mobile,u.user_idcard idcard,u.real_name reporterName,r.*
        from report r
        join user u on r.user_id = u.id
        <where>
            1=1
            <if test="reportParamDto.people != ''">
                and (u.real_name like '%${reportParamDto.people}%' or u.user_idcard like '%${reportParamDto.people}%')
            </if>
            <if test="reportParamDto.phoneNumber != ''">
                and u.user_mobile = ${reportParamDto.phoneNumber}
            </if>
            <if test="reportParamDto.havaMaterial != ''">
                <if test="reportParamDto.havaMaterial == 1">
                    and r.report_materials is not null
                </if>
                <if test="reportParamDto.havaMaterial == 0">
                    and r.report_materials is null
                </if>
            </if>
            <if test="reportParamDto.isInGroup != ''">
                and r.status = ${reportParamDto.isInGroup}
            </if>
        </where>
    </select>
    <select id="getReportListVoById" resultType="com.example.jz.modle.vo.ReportListVo">
        select u.user_mobile mobile, u.user_idcard idcard, u.real_name reporterName, r.*
        from report r
                 join user u on r.user_id = u.id
        where r.id = #{id}
    </select>
    <select id="getPageByGroupId" resultType="com.example.jz.modle.vo.ReportListVo">
        select u.user_mobile mobile,u.user_idcard idcard,u.real_name reporterName,r.*
        from report r
        join user u on r.user_id = u.id
        join group_user gu on gu.user_id = u.id
        <where>
            1=1
            <if test="reportParamDto.people != ''">
                and (u.real_name like '%${reportParamDto.people}%' or u.user_idcard like '%${reportParamDto.people}%')
            </if>
            <if test="reportParamDto.phoneNumber != ''">
                and u.user_mobile = ${reportParamDto.phoneNumber}
            </if>
            <if test="reportParamDto.havaMaterial != ''">
                <if test="reportParamDto.havaMaterial == 1">
                    and r.report_materials is not null
                </if>
                <if test="reportParamDto.havaMaterial == 0">
                    and r.report_materials is null
                </if>
            </if>
            <if test="reportParamDto.isInGroup != ''">
                and r.status = ${reportParamDto.isInGroup}
            </if>
        </where>
        and gu.group_id = #{groupId}
    </select>
</mapper>

 src/test/java/com/example/jz/dao/UserDaoTest.java

New file
@@ -0,0 +1,30 @@
package com.example.jz.dao;

import com.baomidou.mybatisplus.core.conditions.query.LambdaQueryWrapper;
import com.example.jz.modle.entity.User;
import com.example.jz.utils.Md5Utils;
import org.junit.jupiter.api.Test;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.boot.test.context.SpringBootTest;

import static org.junit.jupiter.api.Assertions.*;

/**
 * @author 安瑾然
 * @data 2022/7/18 - 11:49 AM
 * @description
 */
@SpringBootTest
class UserDaoTest {

    @Autowired
    private UserDao userDao;

    void updateUser() {
        User user = userDao.selectOne(new LambdaQueryWrapper<>(User.class).eq(User::getId, 1));
        System.out.println(user);
        user.setLoginUsername("admin");
        user.setLoginPassword(Md5Utils.md5("admin"));
        userDao.updateById(user);
    }
}