Skip to content
项目
群组
代码片段
帮助
当前项目
正在载入...
登录 / 注册
切换导航面板
D
dataease
项目
项目
详情
活动
周期分析
仓库
仓库
文件
提交
分支
标签
贡献者
图表
比较
统计图
议题
0
议题
0
列表
看板
标记
里程碑
合并请求
0
合并请求
0
CI / CD
CI / CD
流水线
作业
日程
统计图
Wiki
Wiki
代码片段
代码片段
成员
成员
折叠边栏
关闭边栏
活动
图像
聊天
创建新问题
作业
提交
问题看板
Open sidebar
zhu
dataease
Commits
4a5f8680
Unverified
提交
4a5f8680
authored
7月 29, 2021
作者:
fit2cloud-chenyw
提交者:
GitHub
7月 29, 2021
浏览文件
操作
浏览文件
下载
差异文件
Merge pull request #414 from dataease/pr@dev@refactor_公共连接分享使用独立拦截器
refactor: 查看分享链接使用独立拦截器
上级
7beb636f
bcd786c4
隐藏空白字符变更
内嵌
并排
正在显示
11 个修改的文件
包含
171 行增加
和
11 行删除
+171
-11
ShiroConfig.java
...nd/src/main/java/io/dataease/auth/config/ShiroConfig.java
+1
-0
F2CLinkFilter.java
.../src/main/java/io/dataease/auth/filter/F2CLinkFilter.java
+51
-0
ShiroServiceImpl.java
.../java/io/dataease/auth/service/impl/ShiroServiceImpl.java
+8
-2
LinkUtil.java
backend/src/main/java/io/dataease/auth/util/LinkUtil.java
+22
-0
LinkApi.java
...c/main/java/io/dataease/controller/panel/api/LinkApi.java
+9
-0
LinkServer.java
.../java/io/dataease/controller/panel/server/LinkServer.java
+17
-0
PanelLinkService.java
...main/java/io/dataease/service/panel/PanelLinkService.java
+20
-1
index.js
frontend/src/api/link/index.js
+12
-2
UserView.vue
frontend/src/components/canvas/custom-component/UserView.vue
+10
-2
request.js
frontend/src/utils/request.js
+2
-2
index.vue
frontend/src/views/link/pwd/index.vue
+19
-2
没有找到文件。
backend/src/main/java/io/dataease/auth/config/ShiroConfig.java
浏览文件 @
4a5f8680
...
...
@@ -50,6 +50,7 @@ public class ShiroConfig {
filterMap
.
put
(
"f2cPerms"
,
new
F2CPermissionsFilter
());
filterMap
.
put
(
"jwt"
,
new
JWTFilter
());
filterMap
.
put
(
"logout"
,
new
F2CLogoutFilter
());
filterMap
.
put
(
"link"
,
new
F2CLinkFilter
());
factoryBean
.
setSecurityManager
(
securityManager
);
factoryBean
.
setLoginUrl
(
"/login"
);
factoryBean
.
setUnauthorizedUrl
(
"/login"
);
...
...
backend/src/main/java/io/dataease/auth/filter/F2CLinkFilter.java
0 → 100644
浏览文件 @
4a5f8680
package
io
.
dataease
.
auth
.
filter
;
import
cn.hutool.core.util.ObjectUtil
;
import
com.auth0.jwt.JWT
;
import
com.auth0.jwt.interfaces.Claim
;
import
com.auth0.jwt.interfaces.DecodedJWT
;
import
io.dataease.auth.config.RsaProperties
;
import
io.dataease.auth.util.JWTUtils
;
import
io.dataease.auth.util.LinkUtil
;
import
io.dataease.auth.util.RsaUtil
;
import
io.dataease.base.domain.PanelLink
;
import
io.dataease.commons.utils.LogUtil
;
import
org.apache.commons.lang3.StringUtils
;
import
org.apache.shiro.web.filter.authc.AnonymousFilter
;
import
org.slf4j.Logger
;
import
org.slf4j.LoggerFactory
;
import
javax.servlet.ServletRequest
;
import
javax.servlet.ServletResponse
;
import
javax.servlet.http.HttpServletRequest
;
public
class
F2CLinkFilter
extends
AnonymousFilter
{
private
static
final
Logger
logger
=
LoggerFactory
.
getLogger
(
F2CLogoutFilter
.
class
);
private
static
final
String
LINK_TOKEN_KEY
=
"LINK-PWD-TOKEN"
;
@Override
protected
boolean
onPreHandle
(
ServletRequest
request
,
ServletResponse
response
,
Object
mappedValue
)
{
try
{
HttpServletRequest
req
=
(
HttpServletRequest
)
request
;
String
link_token
=
req
.
getHeader
(
LINK_TOKEN_KEY
);
DecodedJWT
jwt
=
JWT
.
decode
(
link_token
);
Claim
resourceId
=
jwt
.
getClaim
(
"resourceId"
);
String
id
=
resourceId
.
asString
();
PanelLink
panelLink
=
LinkUtil
.
queryLink
(
id
);
if
(
ObjectUtil
.
isEmpty
(
panelLink
))
return
false
;
if
(!
panelLink
.
getEnablePwd
())
{
panelLink
.
setPwd
(
"dataease"
);
}
return
JWTUtils
.
verifyLink
(
link_token
,
id
,
RsaUtil
.
decryptByPrivateKey
(
RsaProperties
.
privateKey
,
panelLink
.
getPwd
()));
}
catch
(
Exception
e
)
{
LogUtil
.
error
(
e
);
}
return
false
;
}
}
backend/src/main/java/io/dataease/auth/service/impl/ShiroServiceImpl.java
浏览文件 @
4a5f8680
...
...
@@ -41,8 +41,7 @@ public class ShiroServiceImpl implements ShiroService {
//验证链接
filterChainDefinitionMap
.
put
(
"/api/link/validate**"
,
ANON
);
filterChainDefinitionMap
.
put
(
"/panel/group/findOne/**"
,
ANON
);
filterChainDefinitionMap
.
put
(
"/chart/view/getData/**"
,
ANON
);
filterChainDefinitionMap
.
put
(
"/system/ui/**"
,
ANON
);
...
...
@@ -59,9 +58,16 @@ public class ShiroServiceImpl implements ShiroService {
filterChainDefinitionMap
.
put
(
"/tokenExpired"
,
ANON
);
filterChainDefinitionMap
.
put
(
"/downline"
,
ANON
);
filterChainDefinitionMap
.
put
(
"/common-files/**"
,
ANON
);
filterChainDefinitionMap
.
put
(
"/api/auth/logout"
,
"logout"
);
filterChainDefinitionMap
.
put
(
"/api/link/resourceDetail/**"
,
"link"
);
filterChainDefinitionMap
.
put
(
"/api/link/viewDetail/**"
,
"link"
);
filterChainDefinitionMap
.
put
(
"/**"
,
"authc"
);
filterChainDefinitionMap
.
put
(
"/**"
,
"jwt"
);
return
filterChainDefinitionMap
;
}
...
...
backend/src/main/java/io/dataease/auth/util/LinkUtil.java
0 → 100644
浏览文件 @
4a5f8680
package
io
.
dataease
.
auth
.
util
;
import
io.dataease.base.domain.PanelLink
;
import
io.dataease.service.panel.PanelLinkService
;
import
org.springframework.beans.factory.annotation.Autowired
;
import
org.springframework.stereotype.Component
;
@Component
public
class
LinkUtil
{
private
static
PanelLinkService
panelLinkService
;
@Autowired
public
void
setPanelLinkService
(
PanelLinkService
panelLinkService
)
{
LinkUtil
.
panelLinkService
=
panelLinkService
;
}
public
static
PanelLink
queryLink
(
String
resourceId
)
{
return
panelLinkService
.
findOne
(
resourceId
);
}
}
backend/src/main/java/io/dataease/controller/panel/api/LinkApi.java
浏览文件 @
4a5f8680
package
io
.
dataease
.
controller
.
panel
.
api
;
import
io.dataease.controller.request.chart.ChartExtRequest
;
import
io.dataease.controller.request.panel.link.EnablePwdRequest
;
import
io.dataease.controller.request.panel.link.LinkRequest
;
import
io.dataease.controller.request.panel.link.PasswordRequest
;
...
...
@@ -40,4 +41,12 @@ public interface LinkApi {
@ApiOperation
(
"验证密码"
)
@PostMapping
(
"/validatePwd"
)
boolean
validatePwd
(
PasswordRequest
request
)
throws
Exception
;
@ApiOperation
(
"资源详息"
)
@PostMapping
(
"/resourceDetail/{resourceId}"
)
Object
resourceDetail
(
@PathVariable
String
resourceId
);
@ApiOperation
(
"视图详息"
)
@PostMapping
(
"/viewDetail/{viewId}"
)
Object
viewDetail
(
@PathVariable
String
viewId
,
@RequestBody
ChartExtRequest
requestList
)
throws
Exception
;
}
backend/src/main/java/io/dataease/controller/panel/server/LinkServer.java
浏览文件 @
4a5f8680
...
...
@@ -4,18 +4,22 @@ package io.dataease.controller.panel.server;
import
com.google.gson.Gson
;
import
io.dataease.base.domain.PanelLink
;
import
io.dataease.controller.panel.api.LinkApi
;
import
io.dataease.controller.request.chart.ChartExtRequest
;
import
io.dataease.controller.request.panel.link.EnablePwdRequest
;
import
io.dataease.controller.request.panel.link.LinkRequest
;
import
io.dataease.controller.request.panel.link.PasswordRequest
;
import
io.dataease.controller.request.panel.link.ValidateRequest
;
import
io.dataease.dto.panel.link.GenerateDto
;
import
io.dataease.dto.panel.link.ValidateDto
;
import
io.dataease.service.chart.ChartViewService
;
import
io.dataease.service.panel.PanelLinkService
;
import
org.apache.commons.lang3.ObjectUtils
;
import
org.springframework.beans.factory.annotation.Autowired
;
import
org.springframework.web.bind.annotation.PathVariable
;
import
org.springframework.web.bind.annotation.RequestBody
;
import
org.springframework.web.bind.annotation.RestController
;
import
javax.annotation.Resource
;
import
java.util.Map
;
...
...
@@ -27,6 +31,9 @@ public class LinkServer implements LinkApi {
@Autowired
private
PanelLinkService
panelLinkService
;
@Resource
private
ChartViewService
chartViewService
;
@Override
public
void
replacePwd
(
@RequestBody
PasswordRequest
request
)
{
...
...
@@ -73,4 +80,14 @@ public class LinkServer implements LinkApi {
public
boolean
validatePwd
(
@RequestBody
PasswordRequest
request
)
throws
Exception
{
return
panelLinkService
.
validatePwd
(
request
);
}
@Override
public
Object
resourceDetail
(
@PathVariable
String
resourceId
)
{
return
panelLinkService
.
resourceInfo
(
resourceId
);
}
@Override
public
Object
viewDetail
(
String
viewId
,
ChartExtRequest
requestList
)
throws
Exception
{
return
chartViewService
.
getData
(
viewId
,
requestList
);
}
}
backend/src/main/java/io/dataease/service/panel/PanelLinkService.java
浏览文件 @
4a5f8680
...
...
@@ -4,7 +4,9 @@ import com.google.gson.Gson;
import
io.dataease.auth.config.RsaProperties
;
import
io.dataease.auth.util.JWTUtils
;
import
io.dataease.auth.util.RsaUtil
;
import
io.dataease.base.domain.PanelGroupWithBLOBs
;
import
io.dataease.base.domain.PanelLink
;
import
io.dataease.base.mapper.PanelGroupMapper
;
import
io.dataease.base.mapper.PanelLinkMapper
;
import
io.dataease.commons.utils.ServletUtils
;
import
io.dataease.controller.request.panel.link.EnablePwdRequest
;
...
...
@@ -32,6 +34,9 @@ public class PanelLinkService {
@Resource
private
PanelLinkMapper
mapper
;
@Resource
private
PanelGroupMapper
panelGroupMapper
;
public
void
changeValid
(
LinkRequest
request
){
PanelLink
po
=
new
PanelLink
();
po
.
setResourceId
(
request
.
getResourceId
());
...
...
@@ -117,7 +122,16 @@ public class PanelLinkService {
public
Boolean
validateHeads
(
PanelLink
panelLink
)
throws
Exception
{
HttpServletRequest
request
=
ServletUtils
.
request
();
String
token
=
request
.
getHeader
(
"LINK-PWD-TOKEN"
);
if
(
StringUtils
.
isEmpty
(
token
)
||
StringUtils
.
equals
(
"undefined"
,
token
)
||
StringUtils
.
equals
(
"null"
,
token
))
return
false
;
if
(!
panelLink
.
getEnablePwd
()
||
StringUtils
.
isEmpty
(
token
)
||
StringUtils
.
equals
(
"undefined"
,
token
)
||
StringUtils
.
equals
(
"null"
,
token
))
{
String
resourceId
=
panelLink
.
getResourceId
();
String
pwd
=
"dataease"
;
String
tk
=
JWTUtils
.
signLink
(
resourceId
,
pwd
);
HttpServletResponse
httpServletResponse
=
ServletUtils
.
response
();
httpServletResponse
.
addHeader
(
"Access-Control-Expose-Headers"
,
"LINK-PWD-TOKEN"
);
httpServletResponse
.
setHeader
(
"LINK-PWD-TOKEN"
,
tk
);
return
false
;
}
if
(
StringUtils
.
isEmpty
(
panelLink
.
getPwd
()))
return
false
;
boolean
verify
=
JWTUtils
.
verifyLink
(
token
,
panelLink
.
getResourceId
(),
decryptParam
(
panelLink
.
getPwd
()));
return
verify
;
}
...
...
@@ -137,4 +151,9 @@ public class PanelLinkService {
return
pass
;
}
public
PanelGroupWithBLOBs
resourceInfo
(
String
resourceId
)
{
return
panelGroupMapper
.
selectByPrimaryKey
(
resourceId
);
}
}
frontend/src/api/link/index.js
浏览文件 @
4a5f8680
...
...
@@ -51,7 +51,17 @@ export function loadGenerate(resourceId) {
export
function
loadResource
(
resourceId
)
{
return
request
({
url
:
'panel/group/findOne/'
+
resourceId
,
method
:
'get'
url
:
'api/link/resourceDetail/'
+
resourceId
,
method
:
'post'
})
}
export
function
viewInfo
(
id
,
data
)
{
return
request
({
url
:
'api/link/viewDetail/'
+
id
,
method
:
'post'
,
timeout
:
30000
,
hideMsg
:
true
,
data
})
}
frontend/src/components/canvas/custom-component/UserView.vue
浏览文件 @
4a5f8680
...
...
@@ -25,6 +25,7 @@
<
script
>
import
{
viewData
}
from
'@/api/panel/panel'
import
{
viewInfo
}
from
'@/api/link'
import
ChartComponent
from
'@/views/chart/components/ChartComponent.vue'
import
TableNormal
from
'@/views/chart/components/table/TableNormal'
import
LabelNormal
from
'../../../views/chart/components/normal/LabelNormal'
...
...
@@ -35,7 +36,7 @@ import { isChange } from '@/utils/conditionUtil'
import
{
BASE_CHART_STRING
}
from
'@/views/chart/chart/chart'
import
eventBus
from
'@/components/canvas/utils/eventBus'
import
{
deepCopy
}
from
'@/components/canvas/utils/utils'
import
{
getToken
,
getLinkToken
}
from
'@/utils/auth'
export
default
{
name
:
'UserView'
,
components
:
{
ChartComponent
,
TableNormal
,
LabelNormal
},
...
...
@@ -161,7 +162,14 @@ export default {
if
(
id
)
{
this
.
requestStatus
=
'waiting'
this
.
message
=
null
viewData
(
id
,
this
.
filter
).
then
(
response
=>
{
// 增加判断 仪表板公共连接中使用viewInfo 正常使用viewData
let
method
=
viewData
if
(
!
getToken
()
&&
getLinkToken
())
{
method
=
viewInfo
}
method
(
id
,
this
.
filter
).
then
(
response
=>
{
// 将视图传入echart组件
if
(
response
.
success
)
{
this
.
chart
=
response
.
data
...
...
frontend/src/utils/request.js
浏览文件 @
4a5f8680
...
...
@@ -79,8 +79,8 @@ const checkAuth = response => {
store
.
dispatch
(
'user/refreshToken'
,
refreshToken
)
}
if
(
response
.
headers
[
LinkTokenKey
.
toLocaleLowerCase
()])
{
const
linkToken
=
response
.
headers
[
LinkTokenKey
.
toLocaleLowerCase
()]
if
(
response
.
headers
[
LinkTokenKey
.
toLocaleLowerCase
()]
||
(
response
.
config
.
headers
&&
response
.
config
.
headers
[
LinkTokenKey
.
toLocaleLowerCase
()])
)
{
const
linkToken
=
response
.
headers
[
LinkTokenKey
.
toLocaleLowerCase
()]
||
response
.
config
.
headers
[
LinkTokenKey
.
toLocaleLowerCase
()]
setLinkToken
(
linkToken
)
}
// 许可状态改变 刷新页面
...
...
frontend/src/views/link/pwd/index.vue
浏览文件 @
4a5f8680
...
...
@@ -13,7 +13,7 @@
<div
class=
"input-layout"
>
<div
class=
"input-main"
>
<div
class=
"div-input"
>
<el-form
ref=
"pwdForm"
:model=
"form"
:rules=
"rule"
size=
"small"
>
<el-form
ref=
"pwdForm"
:model=
"form"
:rules=
"rule"
size=
"small"
@
submit
.
native
.
prevent
>
<el-form-item
prop=
"password"
>
<el-input
v-model=
"form.password"
maxlength=
"4"
show-password
class=
"real-input"
:placeholder=
"$t('pblink.input_placeholder')"
/>
</el-form-item>
...
...
@@ -65,8 +65,25 @@ export default {
}
}
},
mounted
()
{
this
.
bindKey
()
},
destroyed
()
{
this
.
unBindKey
()
},
methods
:
{
entryKey
(
event
)
{
const
keyCode
=
event
.
keyCode
if
(
keyCode
===
13
)
{
this
.
refresh
()
}
},
bindKey
()
{
document
.
addEventListener
(
'keypress'
,
this
.
entryKey
)
},
unBindKey
()
{
document
.
removeEventListener
(
'keypress'
,
this
.
entryKey
)
},
// 验证密码是否正确 如果正确 设置请求头部带LINK-PWD-TOKEN=entrypt(pwd)再刷新页面
refresh
()
{
this
.
$refs
.
pwdForm
.
validate
(
valid
=>
{
...
...
编写
预览
Markdown
格式
0%
重试
或
添加新文件
添加附件
取消
您添加了
0
人
到此讨论。请谨慎行事。
请先完成此评论的编辑!
取消
请
注册
或者
登录
后发表评论