1.优化sql,提升用户登录速度
2.增加欺骗ip权限控制
This commit is contained in:
chenjinsong
@@ -7,6 +7,7 @@ import javax.servlet.http.HttpServletRequest;
|
||||
import javax.servlet.http.HttpServletResponse;
|
||||
|
||||
import org.apache.cxf.common.util.StringUtils;
|
||||
import org.apache.shiro.authz.annotation.RequiresPermissions;
|
||||
import org.springframework.stereotype.Controller;
|
||||
import org.springframework.ui.Model;
|
||||
import org.springframework.web.bind.annotation.ModelAttribute;
|
||||
@@ -34,6 +35,7 @@ public class DnsIpCfgController extends BaseController {
|
||||
}
|
||||
}
|
||||
|
||||
@RequiresPermissions("cfg:ip:view")
|
||||
@RequestMapping("list")
|
||||
public String list(Model model, HttpServletRequest request, HttpServletResponse response, DnsIpCfg dnsIpCfg) {
|
||||
Page<DnsIpCfg> page = dnsIpCfgService.findPage(new Page<DnsIpCfg>(request, response, 30), dnsIpCfg);
|
||||
@@ -43,12 +45,14 @@ public class DnsIpCfgController extends BaseController {
|
||||
return "/cfg/dnsIpCfgList";
|
||||
}
|
||||
|
||||
@RequiresPermissions("cfg:ip:edit")
|
||||
@RequestMapping("form")
|
||||
public String form(Model model, DnsIpCfg dnsIpCfg) {
|
||||
addRequestAndServiceDictToModel(model);
|
||||
return "/cfg/dnsIpCfgForm";
|
||||
}
|
||||
|
||||
@RequiresPermissions("cfg:ip:edit")
|
||||
@RequestMapping("save")
|
||||
public String save(Model model, DnsIpCfg dnsIpCfg, RedirectAttributes redirectAttributes) {
|
||||
Date now = new Date();
|
||||
@@ -75,6 +79,7 @@ public class DnsIpCfgController extends BaseController {
|
||||
return "redirect:" + adminPath + "/cfg/dnsIp/list";
|
||||
}
|
||||
|
||||
@RequiresPermissions("cfg:ip:edit")
|
||||
@RequestMapping("delete")
|
||||
public String delete(Model model, HttpServletRequest request,
|
||||
HttpServletResponse response, DnsIpCfg dnsIpCfg) {
|
||||
|
||||
@@ -53,6 +53,9 @@ public class SystemServiceController extends BaseController {
|
||||
return "/systemService/form";
|
||||
}
|
||||
|
||||
/**
|
||||
* 保存(新增、修改)
|
||||
*/
|
||||
@RequiresPermissions("system:service:edit")
|
||||
@RequestMapping(value = "save")
|
||||
public String save(Model model, SystemServiceInfo systemServiceInfo, HttpServletRequest request, RedirectAttributes redirectAttributes) {
|
||||
@@ -141,6 +144,9 @@ public class SystemServiceController extends BaseController {
|
||||
return "/systemService/list";
|
||||
}
|
||||
|
||||
/**
|
||||
* serviceId校验
|
||||
*/
|
||||
@ResponseBody
|
||||
@RequestMapping(value = "serviceIdValidate")
|
||||
public String serviceIdValidate(String serviceId, Long id) {
|
||||
@@ -150,7 +156,7 @@ public class SystemServiceController extends BaseController {
|
||||
} else {
|
||||
if (id != null) {
|
||||
for (SystemServiceInfo info : list) {
|
||||
if (info.getIsValid() == 1 && info.getId().longValue() == id.longValue()) {
|
||||
if (info.getId().longValue() == id.longValue()) {
|
||||
return "true";
|
||||
}
|
||||
}
|
||||
@@ -161,6 +167,9 @@ public class SystemServiceController extends BaseController {
|
||||
}
|
||||
}
|
||||
|
||||
/**
|
||||
* 通过serviceId前缀获取可用的serviceId
|
||||
*/
|
||||
@ResponseBody
|
||||
@RequestMapping(value = "newServiceId")
|
||||
public Integer getNewServiceId(Integer serviceIdPre) {
|
||||
@@ -168,6 +177,7 @@ public class SystemServiceController extends BaseController {
|
||||
SystemServiceInfo ssi = new SystemServiceInfo();
|
||||
ssi.setServiceIdPre(serviceIdPre);
|
||||
ssi.setIsValid(null);
|
||||
//查找并排序,取得最小的可用serviceId
|
||||
List<SystemServiceInfo> list = systemServiceService.findList(ssi);
|
||||
if (!Collections3.isEmpty(list)) {
|
||||
Collections.sort(list, new Comparator<SystemServiceInfo>() {
|
||||
|
||||
@@ -53,12 +53,11 @@
|
||||
<include refid="menuColumns"/>
|
||||
FROM sys_menu a
|
||||
LEFT JOIN sys_menu p ON p.id = a.parent_id
|
||||
WHERE a.del_flag = 1 AND a.id IN (
|
||||
SELECT l.privilege_access_value
|
||||
FROM sys_privilege l WHERE l.privilege_master='ROLE' AND l.privilege_access='1000' AND l.privilege_operation=1
|
||||
AND l.privilege_master_value IN
|
||||
( SELECT distinct(r.id) FROM sys_role r,sys_inter_user_role ur WHERE r.id = ur.role_id AND r.status=1 AND ur.user_id=#{userId} )
|
||||
)
|
||||
RIGHT JOIN (SELECT l.privilege_access_value
|
||||
FROM sys_privilege l WHERE l.privilege_master='ROLE' AND l.privilege_access='1000' AND l.privilege_operation=1 AND l.privilege_master_value IN
|
||||
(SELECT DISTINCT(r.id) FROM sys_role r,sys_inter_user_role ur WHERE r.id = ur.role_id AND r.status=1 AND ur.user_id=${userId} )) pav
|
||||
ON pav.privilege_access_value = a.id
|
||||
WHERE a.del_flag = 1
|
||||
ORDER BY a.sort
|
||||
|
||||
</select>
|
||||
|
||||
Reference in New Issue
Block a user