davidhui
/
TSMS-backend
1
0
Bifurcation 0
Code Tickets 0 Demandes d'ajout 0 Versions 1 Wiki Activité
Parcourir la source

filter access right

tags/Baseline_30082024_BACKEND_UAT
MSI\derek il y a 1 an
Parent
47aeff1fd2
révision
ecf3b0e465
6 fichiers modifiés avec 51 ajouts et 11 suppressions
Vue séparée
Option de Diff
Voir les Statistiques Télécharger le Fichier Patch Télécharger le Fichier des Différences
  1. +15
    -1
      src/main/java/com/ffii/tsms/config/security/jwt/web/JwtAuthenticationController.java
  2. +10
    -2
      src/main/java/com/ffii/tsms/model/JwtResponse.java
  3. +2
    -0
      src/main/java/com/ffii/tsms/modules/data/entity/StaffRepository.java
  4. +9
    -6
      src/main/java/com/ffii/tsms/modules/data/web/SkillController.kt
  5. +3
    -2
      src/main/java/com/ffii/tsms/modules/user/entity/UserRepository.java
  6. +12
    -0
      src/main/java/com/ffii/tsms/modules/user/service/GroupService.java

+ 15
- 1
src/main/java/com/ffii/tsms/config/security/jwt/web/JwtAuthenticationController.java Voir le fichier

@@ -2,8 +2,12 @@ package com.ffii.tsms.config.security.jwt.web;

import java.time.Instant;
import java.util.HashSet;
import java.util.Map;
import java.util.Set;

import com.ffii.tsms.modules.data.entity.Staff;
import com.ffii.tsms.modules.data.entity.StaffRepository;
import com.ffii.tsms.modules.user.service.GroupService;
import org.apache.commons.lang3.exception.ExceptionUtils;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.beans.factory.annotation.Qualifier;
@@ -51,6 +55,12 @@ public class JwtAuthenticationController {
@Autowired
private JwtUserDetailsService userDetailsService;

@Autowired
private GroupService groupService;

@Autowired
private StaffRepository staffRepository;

@Autowired
private UserRepository userRepository;

@@ -90,10 +100,14 @@ public class JwtAuthenticationController {
final String accessToken = jwtTokenUtil.generateToken(user);
final String refreshToken = jwtTokenUtil.createRefreshToken(user.getUsername()).getToken();

final Map<String, Object> args = Map.of("userId", user.getId());
final String role = groupService.getGroupName(args);
final Staff staff = staffRepository.findIdAndNameByUserIdAndDeletedFalse(user.getId()).orElse(null);

Set<AbilityModel> abilities = new HashSet<>();
userAuthorityService.getUserAuthority(user).forEach(auth -> abilities.add(new AbilityModel(auth.getAuthority())));

return ResponseEntity.ok(new JwtResponse(accessToken, refreshToken, null, user, abilities));
return ResponseEntity.ok(new JwtResponse(accessToken, refreshToken, role, user, abilities, staff));
}

@PostMapping("/refresh-token")


+ 10
- 2
src/main/java/com/ffii/tsms/model/JwtResponse.java Voir le fichier

@@ -3,6 +3,7 @@ package com.ffii.tsms.model;
import java.io.Serializable;
import java.util.Set;

import com.ffii.tsms.modules.data.entity.Staff;
import com.ffii.tsms.modules.user.entity.User;

public class JwtResponse implements Serializable {
@@ -15,8 +16,11 @@ public class JwtResponse implements Serializable {
private final String refreshToken;
private final String role;
private final Set<AbilityModel> abilities;
private final Staff staff;

public JwtResponse(String accessToken, String refreshToken, String role, User user, Set<AbilityModel> abilities) {


public JwtResponse(String accessToken, String refreshToken, String role, User user, Set<AbilityModel> abilities, Staff staff) {
this.accessToken = accessToken;
this.refreshToken = refreshToken;
this.role = role;
@@ -24,7 +28,8 @@ public class JwtResponse implements Serializable {
this.name = user.getName();
this.email = user.getEmail();
this.abilities = abilities;
}
this.staff = staff;
}

public String getAccessToken() {
return this.accessToken;
@@ -50,6 +55,9 @@ public class JwtResponse implements Serializable {
return email;
}

public Staff getStaff() { return staff; }


public Set<AbilityModel> getAbilities() {
return abilities;
}

+ 2
- 0
src/main/java/com/ffii/tsms/modules/data/entity/StaffRepository.java Voir le fichier

@@ -21,4 +21,6 @@ public interface StaffRepository extends AbstractRepository<Staff, Long> {

Optional<Staff> findByUserId(@Param("userId") Long userId);
Optional<List<Staff>> findAllByTeamIdAndDeletedFalse(Long id);

Optional<Staff> findIdAndNameByUserIdAndDeletedFalse(Long id);
}

+ 9
- 6
src/main/java/com/ffii/tsms/modules/data/web/SkillController.kt Voir le fichier

@@ -2,44 +2,47 @@ package com.ffii.tsms.modules.data.web

import com.ffii.core.response.RecordsRes
import com.ffii.core.utils.CriteriaArgsBuilder
import com.ffii.tsms.modules.common.SecurityUtils
import com.ffii.tsms.modules.data.entity.Skill
import com.ffii.tsms.modules.data.service.SkillService
import com.ffii.tsms.modules.data.web.models.NewSkillRequest
import jakarta.servlet.http.HttpServletRequest
import jakarta.validation.Valid
import org.springframework.http.HttpStatus
import org.springframework.security.access.prepost.PreAuthorize
import org.springframework.web.bind.ServletRequestBindingException
import org.springframework.web.bind.annotation.*


@RestController
@RequestMapping("/skill")
class SkillController(private val skillService: SkillService) {
open class SkillController(private val skillService: SkillService) {

@PostMapping("/save")
fun saveSkill(@Valid @RequestBody newSkill: NewSkillRequest): Skill {
@PreAuthorize("hasAuthority('MAINTAIN_MASTERDATA')")
open fun saveSkill(@Valid @RequestBody newSkill: NewSkillRequest): Skill {
return skillService.saveOrUpdate(newSkill)
}
@GetMapping("/{id}")
fun list(@Valid @PathVariable id: Long): List<Map<String, Any>> {
open fun list(@Valid @PathVariable id: Long): List<Map<String, Any>> {
val args: MutableMap<String, Any> = HashMap()
args["id"] = id
return skillService.list(args);
}
@DeleteMapping("/delete/{id}")
@ResponseStatus(HttpStatus.NO_CONTENT)
fun delete(@PathVariable id: Long?) {
open fun delete(@PathVariable id: Long?) {
skillService.markDelete(id)
}

@GetMapping
fun list(): List<Map<String, Any>> {
open fun list(): List<Map<String, Any>> {
val args: MutableMap<String, Any> = HashMap()
return skillService.list(args);
}
@GetMapping("/combo")
@Throws(ServletRequestBindingException::class)
fun combo(request: HttpServletRequest?): RecordsRes<Map<String, Any>> {
open fun combo(request: HttpServletRequest?): RecordsRes<Map<String, Any>> {
println(request)
return RecordsRes<Map<String, Any>>(
skillService.combo(


+ 3
- 2
src/main/java/com/ffii/tsms/modules/user/entity/UserRepository.java Voir le fichier

@@ -4,7 +4,7 @@ import java.util.List;
import java.util.Optional;

import org.springframework.data.repository.query.Param;
import org.springframework.data.jpa.repository.Query;
import com.ffii.core.support.AbstractRepository;

public interface UserRepository extends AbstractRepository<User, Long> {
@@ -12,5 +12,6 @@ public interface UserRepository extends AbstractRepository<User, Long> {
List<User> findByName(@Param("name") String name);
List<User> findAllByAndDeletedFalse();

Optional<User> findByUsernameAndDeletedFalse(String username);
Optional<User> findByUsernameAndDeletedFalse(String username);

}

+ 12
- 0
src/main/java/com/ffii/tsms/modules/user/service/GroupService.java Voir le fichier

@@ -172,6 +172,18 @@ public class GroupService extends AbstractBaseEntityService<Group, Long, GroupRe
+ " WHERE gu.groupId = :id",
Map.of(Params.ID, id));
}
@Transactional(rollbackFor = Exception.class)
public String getGroupName(Map<String, Object> args) {
StringBuilder sql = new StringBuilder("select"
+ " g.name "
+ " from user u "
+ " left join user_group ug on u.id = ug.userId "
+ " left join `group`g on ug.groupId = g.id "
+ " where g.deleted = false "
+ " and u.id = :userId"
);
return jdbcDao.queryForString(sql.toString(), args);
}


@Transactional(rollbackFor = Exception.class)


Écrire Aperçu
Chargement…
Annuler
Enregistrer