diff --git a/modules/i3plus-core-apiservice/src/main/java/cn/estsh/i3plus/core/apiservice/controller/base/WhiteController.java b/modules/i3plus-core-apiservice/src/main/java/cn/estsh/i3plus/core/apiservice/controller/base/WhiteController.java index 349e5b5..db6f1bf 100644 --- a/modules/i3plus-core-apiservice/src/main/java/cn/estsh/i3plus/core/apiservice/controller/base/WhiteController.java +++ b/modules/i3plus-core-apiservice/src/main/java/cn/estsh/i3plus/core/apiservice/controller/base/WhiteController.java @@ -727,6 +727,12 @@ public class WhiteController extends CoreBaseController { Arrays.asList(CommonEnumUtil.LOG_LOGIN_PLATFORM.values())); } + @GetMapping("/sys-auth-platform") + @ApiOperation(value = "登录授权标识", notes = "登录授权标识") + public ResultBean getAuthPlatform() { + return new ResultBean(true, "操作成功", + Arrays.asList(CommonEnumUtil.AUTH_PLATFORM.values())); + } @GetMapping("/sys-organize/list") @ApiOperation(value = "获取全部组织", notes = "获取全部组织") diff --git a/modules/i3plus-core-apiservice/src/main/java/cn/estsh/i3plus/core/apiservice/controller/busi/PersonnelController.java b/modules/i3plus-core-apiservice/src/main/java/cn/estsh/i3plus/core/apiservice/controller/busi/PersonnelController.java index 4e182e4..d274658 100644 --- a/modules/i3plus-core-apiservice/src/main/java/cn/estsh/i3plus/core/apiservice/controller/busi/PersonnelController.java +++ b/modules/i3plus-core-apiservice/src/main/java/cn/estsh/i3plus/core/apiservice/controller/busi/PersonnelController.java @@ -262,6 +262,7 @@ public class PersonnelController extends CoreBaseController { sysUser.setOrganizeNameRdd(userOrganize.getName()); sysUser.setUserName(userInfo.getName()); sysUser.setUserEmpNo(userInfo.getUserEmpNo()); + sysUser.setAuthPlatform(user.getAuthPlatform()); // 关系 刷新 refreshRef(sysUser, userInfo, model); diff --git a/modules/i3plus-core-apiservice/src/main/java/cn/estsh/i3plus/core/apiservice/serviceimpl/base/SystemLoginService.java b/modules/i3plus-core-apiservice/src/main/java/cn/estsh/i3plus/core/apiservice/serviceimpl/base/SystemLoginService.java index 42f8b40..267728a 100644 --- a/modules/i3plus-core-apiservice/src/main/java/cn/estsh/i3plus/core/apiservice/serviceimpl/base/SystemLoginService.java +++ b/modules/i3plus-core-apiservice/src/main/java/cn/estsh/i3plus/core/apiservice/serviceimpl/base/SystemLoginService.java @@ -190,12 +190,16 @@ public class SystemLoginService implements ISystemLoginService { */ @Override public CommonEnumUtil.LOG_LOGIN_PLATFORM getLoginPlatform(HttpServletRequest request) { - String value = CookieTool.getCookieValue(request, CommonConstWords.SESSION_LOGIN_PLATFORM); - if (StringUtils.isBlank(value)) { - value = CommonEnumUtil.LOG_LOGIN_PLATFORM.PC_IMPP_CORE.getValue() + ""; + String platformValue; + platformValue = request.getHeader(CommonConstWords.SESSION_LOGIN_PLATFORM); + if (StringUtils.isBlank(platformValue)){ + platformValue = CookieTool.getCookieValue(request, CommonConstWords.SESSION_LOGIN_PLATFORM); + } + if (StringUtils.isBlank(platformValue)) { + platformValue = CommonEnumUtil.LOG_LOGIN_PLATFORM.PC_IMPP_CORE.getValue() + ""; } else { try { - Integer.parseInt(value); + Integer.parseInt(platformValue); } catch (Exception e) { throw ImppExceptionBuilder.newInstance() .setSystemID(CommonEnumUtil.SOFT_TYPE.CORE.getCode()) @@ -205,7 +209,7 @@ public class SystemLoginService implements ISystemLoginService { .build(); } } - CommonEnumUtil.LOG_LOGIN_PLATFORM platform = CommonEnumUtil.LOG_LOGIN_PLATFORM.valueOf(Integer.parseInt(value)); + CommonEnumUtil.LOG_LOGIN_PLATFORM platform = CommonEnumUtil.LOG_LOGIN_PLATFORM.valueOf(Integer.parseInt(platformValue)); return platform == null ? CommonEnumUtil.LOG_LOGIN_PLATFORM.PC_IMPP_CORE : platform; } diff --git a/modules/i3plus-core-apiservice/src/main/java/cn/estsh/i3plus/core/apiservice/serviceimpl/busi/SysUserService.java b/modules/i3plus-core-apiservice/src/main/java/cn/estsh/i3plus/core/apiservice/serviceimpl/busi/SysUserService.java index ef84ff5..2d7eb8c 100644 --- a/modules/i3plus-core-apiservice/src/main/java/cn/estsh/i3plus/core/apiservice/serviceimpl/busi/SysUserService.java +++ b/modules/i3plus-core-apiservice/src/main/java/cn/estsh/i3plus/core/apiservice/serviceimpl/busi/SysUserService.java @@ -34,6 +34,7 @@ import cn.estsh.impp.framework.boot.util.*; import io.swagger.annotations.ApiOperation; import org.apache.commons.collections.CollectionUtils; import org.apache.commons.lang3.StringUtils; +import org.apache.logging.log4j.util.Strings; import org.apache.shiro.authc.*; import org.slf4j.Logger; import org.slf4j.LoggerFactory; @@ -235,16 +236,24 @@ public class SysUserService implements ISysUserService { @Override public BaseToken getToken(String loginName, String password, String languageCode, Integer loginPlatform) { SysUser user = this.getSysUserByLoginName(loginName); - if (user != null) { - if (user.getUserType().equals(CommonEnumUtil.USER_TYPE.ADMIN.getValue())) { - return new AdminToken(loginName, password, languageCode, loginPlatform); - } else if (user.getUserType().equals(CommonEnumUtil.USER_TYPE.SA.getValue())) { - return new SaAdminToken(loginName, password, languageCode, loginPlatform); - } else { - return new UserToken(loginName, password, languageCode, loginPlatform); + //拦截没有权限的账号,供应商账号不能登录pc + loginPlatform = loginPlatform != null ? loginPlatform : CommonEnumUtil.LOG_LOGIN_PLATFORM.PC_IMPP_CORE.getValue(); + //判断条件,如果有authPlatform限制,则进行校验,没有,按照原有登录 + //authPlatform限制,如果不包含平台权限,则不能登录,这里可以扩展多个登录权限限制。 + String authPlatform = user.getAuthPlatform(); + if (Strings.isNotBlank(authPlatform)){ + List authPlatforms = Arrays.stream(authPlatform.split(",")).map(Integer::parseInt).collect(Collectors.toList()); + if (!authPlatforms.contains(loginPlatform)){ + throw ImppExceptionBuilder.newInstance().setErrorDetail("此账号没有权限登录此平台,请联系管理员!").build(); } + } + + if (user.getUserType().equals(CommonEnumUtil.USER_TYPE.ADMIN.getValue())) { + return new AdminToken(loginName, password, languageCode, loginPlatform); + } else if (user.getUserType().equals(CommonEnumUtil.USER_TYPE.SA.getValue())) { + return new SaAdminToken(loginName, password, languageCode, loginPlatform); } else { - throw new CredentialsException("用户不存在"); + return new UserToken(loginName, password, languageCode, loginPlatform); } }