1.优化sql，提升用户登录速度

2.增加欺骗ip权限控制
2018-04-11 15:19:52 +08:00
parent 1f9a190924
commit 5fcd54c5f4
6 changed files with 34 additions and 12 deletions
--- a/src/main/java/com/nis/web/controller/configuration/DnsIpCfgController.java
+++ b/src/main/java/com/nis/web/controller/configuration/DnsIpCfgController.java
@@ -7,6 +7,7 @@ import javax.servlet.http.HttpServletRequest;
 import javax.servlet.http.HttpServletResponse;

 import org.apache.cxf.common.util.StringUtils;
+import org.apache.shiro.authz.annotation.RequiresPermissions;
 import org.springframework.stereotype.Controller;
 import org.springframework.ui.Model;
 import org.springframework.web.bind.annotation.ModelAttribute;
@@ -34,6 +35,7 @@ public class DnsIpCfgController extends BaseController {
 		}
 	}
 	
+	@RequiresPermissions("cfg:ip:view")
 	@RequestMapping("list")
 	public String list(Model model, HttpServletRequest request, HttpServletResponse response, DnsIpCfg dnsIpCfg) {
 		Page<DnsIpCfg> page = dnsIpCfgService.findPage(new Page<DnsIpCfg>(request, response, 30), dnsIpCfg);
@@ -43,12 +45,14 @@ public class DnsIpCfgController extends BaseController {
 		return "/cfg/dnsIpCfgList";
 	}
 	
+	@RequiresPermissions("cfg:ip:edit")
 	@RequestMapping("form")
 	public String form(Model model, DnsIpCfg dnsIpCfg) {
 		addRequestAndServiceDictToModel(model);
 		return "/cfg/dnsIpCfgForm";
 	}
 	
+	@RequiresPermissions("cfg:ip:edit")
 	@RequestMapping("save")
 	public String save(Model model, DnsIpCfg dnsIpCfg, RedirectAttributes redirectAttributes) {
 		Date now = new Date();
@@ -75,6 +79,7 @@ public class DnsIpCfgController extends BaseController {
 		return "redirect:" + adminPath + "/cfg/dnsIp/list";
 	}
 	
+	@RequiresPermissions("cfg:ip:edit")
 	@RequestMapping("delete")
 	public String delete(Model model, HttpServletRequest request, 
 			HttpServletResponse response, DnsIpCfg dnsIpCfg) {
--- a/src/main/java/com/nis/web/controller/systemService/SystemServiceController.java
+++ b/src/main/java/com/nis/web/controller/systemService/SystemServiceController.java
@@ -53,6 +53,9 @@ public class SystemServiceController extends BaseController {
 		return "/systemService/form";
 	}
 	
+	/**
+	 * 保存(新增、修改)
+	 */
 	@RequiresPermissions("system:service:edit")
 	@RequestMapping(value = "save")
 	public String save(Model model, SystemServiceInfo systemServiceInfo, HttpServletRequest request, RedirectAttributes redirectAttributes) {
@@ -141,6 +144,9 @@ public class SystemServiceController extends BaseController {
 		return "/systemService/list";
 	}
 	
+	/**
+	 * serviceId校验
+	 */
 	@ResponseBody
 	@RequestMapping(value = "serviceIdValidate")
 	public String serviceIdValidate(String serviceId, Long id) {
@@ -150,7 +156,7 @@ public class SystemServiceController extends BaseController {
 		} else {
 			if (id != null) {
 				for (SystemServiceInfo info : list) {
-					if (info.getIsValid() == 1 && info.getId().longValue() == id.longValue()) {
+					if (info.getId().longValue() == id.longValue()) {
 						return "true";
 					}
 				}
@@ -161,6 +167,9 @@ public class SystemServiceController extends BaseController {
 		}
 	}
 	
+	/**
+	 * 通过serviceId前缀获取可用的serviceId
+	 */
 	@ResponseBody
 	@RequestMapping(value = "newServiceId")
 	public Integer getNewServiceId(Integer serviceIdPre) {
@@ -168,6 +177,7 @@ public class SystemServiceController extends BaseController {
 			SystemServiceInfo ssi = new SystemServiceInfo();
 			ssi.setServiceIdPre(serviceIdPre);
 			ssi.setIsValid(null);
+			//查找并排序，取得最小的可用serviceId
 			List<SystemServiceInfo> list = systemServiceService.findList(ssi);
 			if (!Collections3.isEmpty(list)) {
 				Collections.sort(list, new Comparator<SystemServiceInfo>() {
--- a/src/main/java/com/nis/web/dao/SysMenuDao.xml
+++ b/src/main/java/com/nis/web/dao/SysMenuDao.xml
@@ -53,12 +53,11 @@
 			<include refid="menuColumns"/>
 		FROM sys_menu a
 		LEFT JOIN sys_menu p ON p.id = a.parent_id  
-		WHERE a.del_flag = 1 AND a.id IN (
-			SELECT l.privilege_access_value  
-					FROM sys_privilege l WHERE l.privilege_master='ROLE' AND l.privilege_access='1000' AND l.privilege_operation=1
-						AND l.privilege_master_value IN 
-							( SELECT distinct(r.id) FROM sys_role r,sys_inter_user_role ur WHERE r.id = ur.role_id AND r.status=1 AND ur.user_id=#{userId} ) 		
-		)
+		RIGHT JOIN (SELECT l.privilege_access_value  
+					FROM sys_privilege l WHERE l.privilege_master='ROLE' AND l.privilege_access='1000' AND l.privilege_operation=1 AND l.privilege_master_value IN 
+						(SELECT DISTINCT(r.id) FROM sys_role r,sys_inter_user_role ur WHERE r.id = ur.role_id AND r.status=1 AND ur.user_id=${userId} )) pav 
+		ON pav.privilege_access_value = a.id
+		WHERE a.del_flag = 1 
 		ORDER BY a.sort
 		
 	</select>
--- a/src/main/webapp/WEB-INF/views/cfg/dnsIpCfgForm.jsp
+++ b/src/main/webapp/WEB-INF/views/cfg/dnsIpCfgForm.jsp
@@ -305,7 +305,9 @@ $(function(){
                                  <div class="col-md-6">
                                      <div class="row">
                                          <div class="col-md-offset-3 col-md-8">
+                                          	  <shiro:hasPermission name="ip:cfg:edit">
                                          	  <input id="submitBtn" type="submit" class="btn btn-circle blue" value=<spring:message code="submit"></spring:message>>
+											  </shiro:hasPermission>
 											  <button id="cancel" type="button" class="btn btn-circle grey-salsa btn-outline" onclick="history.go(-1)"><spring:message code="cancel"></spring:message></button>
                                          </div>
                                      </div>
--- a/src/main/webapp/WEB-INF/views/cfg/dnsIpCfgList.jsp
+++ b/src/main/webapp/WEB-INF/views/cfg/dnsIpCfgList.jsp
@@ -83,7 +83,7 @@

 <div class="page-content">
 	<div class="theme-panel hidden-xs hidden-sm">
-		<shiro:hasPermission name="system:service:view">
+		<shiro:hasPermission name="cfg:ip:edit">
 			<button type="button" class="btn btn-primary" onClick="javascript:window.location='${ctx}/cfg/dnsIp/form'">
 			<i class="fa fa-plus"></i>
 			<spring:message code="add"></spring:message></button>
@@ -131,9 +131,11 @@
 									<%-- <button type="button" class="btn btn-default" onclick="edit()">
                                        <i class="fa fa-edit"></i> <spring:message code="edit"/>
                                    </button> --%>
+                                    <shiro:hasPermission name="cfg:ip:edit">
                                    <button class="btn btn-default" onclick="delCfg()" data-toggle="tooltip" data-placement="top">
 										<i class="fa fa-trash"> <spring:message code="delete"/></i>
 									</button>
+									</shiro:hasPermission>
                                    <%-- <div class="btn-group">
                                        <button type="button" class="btn btn-default dropdown-toggle" data-toggle="dropdown">
                                            <i class="fa fa-wrench"></i> <spring:message code="examine"></spring:message>
@@ -244,7 +246,9 @@
 						<table class="table table-striped table-bordered table-condensed text-nowrap">
 							<thead>
 								<tr>
+									<shiro:hasPermission name="cfg:ip:edit">
 									<th><input type="checkbox" class="i-checks" id="checkAll"></th>
+									</shiro:hasPermission>
 									<th><spring:message code="config_describe"/></th>
 									<th>ip<spring:message code="type"/></th>
 									<th><spring:message code="client_ip"/></th>
@@ -272,7 +276,9 @@
 							</thead>
 							<tbody>
 								<c:forEach items="${page.list }" var="dnsIpCfg" varStatus="status" step="1">
+									<shiro:hasPermission name="cfg:ip:edit">
 									<td><input type="checkbox" class="i-checks child-checks" id="${dnsIpCfg.fakeId}" value="${dnsIpCfg.isAudit}"></td>
+									</shiro:hasPermission>
 									<td>${dnsIpCfg.cfgDesc }</td>
 									<td>V${dnsIpCfg.ipType }</td>
 									<td>${dnsIpCfg.srcIp }</td>
--- a/src/main/webapp/WEB-INF/views/systemService/list.jsp
+++ b/src/main/webapp/WEB-INF/views/systemService/list.jsp
@@ -10,7 +10,7 @@
 <script>
 $(document).ready(function() {
 	top.window.scrollTo(0, 0);
-})
+});

 function page(n,s){
 	if(n) $("#pageNo").val(n);
@@ -41,7 +41,7 @@ function checkNum(obj) {
 <div class="page-content">
 	<div class="theme-panel hidden-xs hidden-sm">
 		<button type="button" class="btn btn-default" onclick="javascript:window.location='${ctx}/systemService/list'"><spring:message code="refresh"></spring:message></button>
-		<shiro:hasPermission name="system:service:view">
+		<shiro:hasPermission name="system:service:edit">
 			<button type="button" class="btn btn-primary" onClick="javascript:window.location='${ctx}/systemService/systemServiceform'"><spring:message code="add"></spring:message></button>
 		</shiro:hasPermission>
 	</div>
@@ -65,7 +65,7 @@ function checkNum(obj) {
 							<div class="col-md-12">
 								<div class="pull-left">
 									<form:select path="action" class="selectpicker select2 input-small">
-										<form:option value=""><spring:message code="all"/><spring:message code="act"/></form:option>
+										<form:option value=""><spring:message code="all"/> <spring:message code="act"/></form:option>
 										<form:option value="1"><spring:message code="block"/></form:option>
 										<form:option value="2"><spring:message code="monitor"/></form:option>
 										<form:option value="5"><spring:message code="block_white_list"/></form:option>
@@ -76,7 +76,7 @@ function checkNum(obj) {
 								</div>
 								<div class="pull-left">
 									<form:select path="serviceType" class="selectpicker select2 input-small">
-										<form:option value=""><spring:message code="all"/><spring:message code='type'/></form:option>
+										<form:option value=""><spring:message code="all"/> <spring:message code='type'/></form:option>
 										<form:option value="1"><spring:message code="single_domain"/></form:option>
 										<form:option value="2"><spring:message code="multi_domain"/></form:option>
 										<form:option value="3"><spring:message code="special_service"/></form:option>