修改sql文件后缀

全量更新特定服务模块数据与亦庄环境数据同步修改证书管理以及可信证书模块bug
2018-11-09 14:17:52 +08:00
parent ab1e55c5cd
commit 9b3caca055
7 changed files with 71 additions and 32 deletions
--- a/src/main/java/com/nis/web/controller/configuration/proxy/PxyObjKeyringController.java
+++ b/src/main/java/com/nis/web/controller/configuration/proxy/PxyObjKeyringController.java
@@ -122,6 +122,8 @@ public class PxyObjKeyringController extends BaseController  {
 			logger.error("证书文件校验失败",e);
 			if(e instanceof MaatConvertException) {
 				addMessage(redirectAttributes,"error","request_service_failed");
+ 			}else if(e instanceof MaatConvertException){
+ 				addMessage(redirectAttributes,"error",e.getMessage());
 			}else {
 				addMessage(redirectAttributes,"error","save_failed");
 			}
@@ -134,12 +136,18 @@ public class PxyObjKeyringController extends BaseController  {
 					// 获取公钥信息
 					if(certInfoMap != null && certInfoMap.size() >0){
 						
-						String issuer=certInfoMap.get("ca issuer").toString();//颁发者
-						Date notBeforeTime=new Date(certInfoMap.get("ca notbefore").toString());//开始时间
-						Date notAfterTime=new Date(certInfoMap.get("ca notafter").toString());//结束时间
-						String subject=certInfoMap.get("ca subjectname").toString();//颁发给
-						String notBeforeStr=sdf.format(notBeforeTime);
-						String notAfterStr=sdf.format(notAfterTime);
+						String issuer=StringUtil.isEmpty(certInfoMap.get("ca issuer")) ? "":certInfoMap.get("ca issuer").toString();//颁发者
+						String subject=StringUtil.isEmpty(certInfoMap.get("ca subjectname")) ? "":certInfoMap.get("ca subjectname").toString();//颁发给
+						String notBeforeStr="";
+						if (!StringUtil.isEmpty(certInfoMap.get("ca notbefore"))) {
+							Date notBeforeTime=new Date(certInfoMap.get("ca notbefore").toString());//开始时间
+							notBeforeStr=sdf.format(notBeforeTime);
+						}
+						String notAfterStr="";
+						if (!StringUtil.isEmpty(certInfoMap.get("ca notafter"))) {
+							Date notAfterTime=new Date(certInfoMap.get("ca notafter").toString());//结束时间
+							notAfterStr=sdf.format(notAfterTime);
+						}
 						String cn="";//CN
 						//CN精确信息获取
 						if(!StringUtil.isEmpty(subject)){
@@ -151,7 +159,7 @@ public class PxyObjKeyringController extends BaseController  {
 								}
 							}
 						}
-						String altName=certInfoMap.get("ca altname").toString();//SAN
+						String altName=StringUtil.isEmpty(certInfoMap.get("ca altname")) ? "":certInfoMap.get("ca altname").toString();//SAN
 						
 						cfg.setIssuer(issuer);
 						cfg.setSubject(subject);
@@ -167,9 +175,12 @@ public class PxyObjKeyringController extends BaseController  {
 		}catch (Exception e) {
 			validFlag=false;
 			logger.error("证书信息获取失败",e);
- 			if(e instanceof MaatConvertException) {
+ 			logger.error("证书文件校验失败",e);
+			if(e instanceof MaatConvertException){
 				addMessage(redirectAttributes,"error","request_service_failed");
- 			}else {
+ 			}else if(e instanceof MultiPartNewException){
+ 				addMessage(redirectAttributes,"error",e.getMessage());
+ 			}else{
 				addMessage(redirectAttributes,"error","save_failed");
 			}
 		}
@@ -222,14 +233,16 @@ public class PxyObjKeyringController extends BaseController  {
 					}
 				}
 				pxyObjKeyringService.saveOrUpdate(cfg);
+				addMessage(redirectAttributes,"success","save_success");
 			}
 			
- 			addMessage(redirectAttributes,"success","save_success");
 		}catch(Exception e){
 			logger.error("证书上传失败",e);
- 			if(e instanceof MaatConvertException) {
+			if(e instanceof MaatConvertException){
 				addMessage(redirectAttributes,"error","request_service_failed");
- 			}else {
+ 			}else if(e instanceof MultiPartNewException){
+ 				addMessage(redirectAttributes,"error",e.getMessage());
+ 			}else{
 				addMessage(redirectAttributes,"error","save_failed");
 			}
 		}
@@ -247,7 +260,7 @@ public class PxyObjKeyringController extends BaseController  {
 	 */
 	public boolean validCertFileContent(MultipartFile file,String validateType)throws Exception{
 		String os = System.getProperty("os.name").toLowerCase();
-		if(!os.contains("windows")){
+		if(!os.contains("windows") && file != null){
 			//证书文件临时保存路径
 			String certFilePath = Constants.CERT_FILE_PATH;
 			FileUtils.createDirectory(certFilePath);
@@ -453,7 +466,11 @@ public class PxyObjKeyringController extends BaseController  {
 			} catch (Exception e) {
 				validFlag=false;
 				logger.error("证书文件校验失败",e);
-				addMessage(redirectAttributes,"error",e.getMessage());
+				if(e instanceof MaatConvertException){
+	 				addMessage(redirectAttributes,"error",e.getMessage());
+	 			}else{
+	 				addMessage(redirectAttributes,"error","save_failed");
+	 			}
 			}
 	 		
 	 		try{
@@ -462,7 +479,7 @@ public class PxyObjKeyringController extends BaseController  {
 					if(certFileI != null) {
 						// 获取公钥信息
 						if(certInfoMap != null && certInfoMap.size() >0){
-							String issuer=certInfoMap.get("ca issuer").toString();//颁发者
+							String issuer=StringUtil.isEmpty(certInfoMap.get("ca issuer")) ? "":certInfoMap.get("ca issuer").toString();//颁发者
 							logger.info("issuer："+issuer);
 							cfg.setIssuer(issuer);
 						}else{
@@ -506,7 +523,9 @@ public class PxyObjKeyringController extends BaseController  {
 	 			
 	 		}catch(Exception e){
 	 			logger.error("证书上传失败",e);
-	 			if(e instanceof MaatConvertException) {
+	 			if(e instanceof MultiPartNewException) {
+	 				addMessage(redirectAttributes,"error",e.getMessage());
+	 			}else if(e instanceof MaatConvertException) {
 	 				addMessage(redirectAttributes,"error","request_service_failed");
 	 			}else {
 	 				addMessage(redirectAttributes,"error","save_failed");
@@ -534,8 +553,14 @@ public class PxyObjKeyringController extends BaseController  {
 				}
 			} catch (Exception e) {
 				validFlag=false;
-				logger.error("crl文件校验失败",e);
-				addMessage(redirectAttributes,"error",e.getMessage());
+				logger.error("证书文件校验失败",e);
+				if(e instanceof MaatConvertException){
+	 				addMessage(redirectAttributes,"error","request_service_failed");
+	 			}else if(e instanceof MultiPartNewException){
+	 				addMessage(redirectAttributes,"error",e.getMessage());
+	 			}else{
+	 				addMessage(redirectAttributes,"error","save_failed");
+	 			}
 			}
 			
 			try{
@@ -544,8 +569,7 @@ public class PxyObjKeyringController extends BaseController  {
 					if(crlFileI != null) {
 						// 获取issuer
 						if(certInfoMap != null && certInfoMap.size() >0){
-							String issuer=certInfoMap.get("crl issuer").toString();//颁发者
-							logger.info("-----------------------------issuer："+issuer);
+							String issuer=StringUtil.isEmpty(certInfoMap.get("crl issuer")) ? "":certInfoMap.get("crl issuer").toString();//颁发者
 							if(cfg != null){
 								if((cfg.getCertId() != null && cfg.getCertId() > 0) && (!cfg.getIssuer().equals(issuer))){
 									logger.error("cert 和 crl的issuser不符合");
@@ -564,7 +588,11 @@ public class PxyObjKeyringController extends BaseController  {
 			}catch (Exception e) {
 				validFlag=false;
 				logger.error("crl issuer比对失败",e);
-				addMessage(redirectAttributes,"error",e.getMessage());
+				if(e instanceof MultiPartNewException){
+	 				addMessage(redirectAttributes,"error",e.getMessage());
+	 			}else{
+	 				addMessage(redirectAttributes,"error","save_failed");
+	 			}
 			}
 			try{
 				if(validFlag){
@@ -598,11 +626,14 @@ public class PxyObjKeyringController extends BaseController  {
 				
 			}catch(Exception e){
 				logger.error("crl上传失败",e);
-				if(e instanceof MaatConvertException) {
-					addMessage(redirectAttributes,"error","request_service_failed");
-				}else {
-					addMessage(redirectAttributes,"error","save_failed");
-				}
+				logger.error("证书文件校验失败",e);
+				if(e instanceof MaatConvertException){
+	 				addMessage(redirectAttributes,"error","request_service_failed");
+	 			}else if(e instanceof MultiPartNewException){
+	 				addMessage(redirectAttributes,"error",e.getMessage());
+	 			}else{
+	 				addMessage(redirectAttributes,"error","save_failed");
+	 			}
 			}
 			
 			return "redirect:" + adminPath +"/proxy/intercept/strateagy/trustedCertList?functionId="+cfg.getFunctionId();
@@ -648,7 +679,11 @@ public class PxyObjKeyringController extends BaseController  {
 				StringBuilder out = new StringBuilder();
 				String key="";
 				String value="";
-				certInfoMap=new HashMap<>();
+				if((sb.toString().indexOf("inlist") > -1) 
+						|| ( sb.toString().indexOf("incrl") > -1 )
+						|| ( sb.toString().indexOf("incert") > -1 )){
+					certInfoMap=new HashMap<>();
+				}
 				while ((s = br.readLine()) != null) {
 					logger.info(s);
 					//可信证书pem信息收集
--- a/src/main/java/com/nis/web/service/BaseService.java
+++ b/src/main/java/com/nis/web/service/BaseService.java
@@ -967,8 +967,8 @@ public abstract class BaseService {
 	//可信证书
 	public List<ProxyObjTrustedCa> convertCallBackProxyObjTrustedCa(PxyObjTrustedCaCert cfgCert,PxyObjTrustedCaCrl cfgCrl){
 		List<ProxyObjTrustedCa> proxyObjTrustedCas=new ArrayList<>();
-		ProxyObjTrustedCa proxyObjTrustedCaCert=new ProxyObjTrustedCa();
 		if(cfgCert != null && !StringUtil.isEmpty(cfgCert.getCompileId())){
+			ProxyObjTrustedCa proxyObjTrustedCaCert=new ProxyObjTrustedCa();
 			proxyObjTrustedCaCert.setId(Long.valueOf(cfgCert.getCompileId()));
 			proxyObjTrustedCaCert.setCfgId(cfgCert.getCompileId());
 			proxyObjTrustedCaCert.setCertId(cfgCert.getCompileId());
@@ -980,6 +980,7 @@ public abstract class BaseService {
 			proxyObjTrustedCas.add(proxyObjTrustedCaCert);
 		}
 		if(cfgCrl != null && !StringUtil.isEmpty(cfgCrl.getCompileId())){
+			ProxyObjTrustedCa proxyObjTrustedCaCert=new ProxyObjTrustedCa();
 			proxyObjTrustedCaCert.setId(Long.valueOf(cfgCrl.getCompileId()));
 			proxyObjTrustedCaCert.setCfgId(cfgCrl.getCompileId());
 			proxyObjTrustedCaCert.setCertId(cfgCrl.getCertId());
--- a/src/main/resources/sql/20181107/update_sys_menu.sql
+++ b/src/main/resources/sql/20181107/update_sys_menu.sql
--- a/src/main/resources/sql/20181108/add_pxy_obj_table.sql
+++ b/src/main/resources/sql/20181108/add_pxy_obj_table.sql
--- a/src/main/resources/sql/20181109/update_specific_service_cfg_data.sql
+++ b/src/main/resources/sql/20181109/update_specific_service_cfg_data.sql
--- a/src/main/webapp/WEB-INF/views/cfg/intercept/strateagy/form.jsp
+++ b/src/main/webapp/WEB-INF/views/cfg/intercept/strateagy/form.jsp
@@ -341,9 +341,7 @@ function privateFileValidate(){
 									<div class="col-md-6">
 									        <div class="form-group">
 									            <label class="control-label col-md-3"><spring:message code="certificate_validity"/></label>
-									            <fmt:formatDate var="notBeforeTime" value="${_cfg.notBeforeTime }" pattern="yyyy-MM-dd HH:ss:mm"/>
-									            <fmt:formatDate var="notAfterTime" value="${_cfg.notAfterTime }" pattern="yyyy-MM-dd HH:ss:mm"/>
-									            <label class=" col-md-6" style="padding-top:7px">${notBeforeTime }-${notAfterTime }</label>
+									            <label class=" col-md-6" style="padding-top:7px">${_cfg.notBeforeTime }-${_cfg.notAfterTime }</label>
 									        </div>
 								    </div>
 								</div>
--- a/src/main/webapp/WEB-INF/views/cfg/intercept/strateagy/trustedCertList.jsp
+++ b/src/main/webapp/WEB-INF/views/cfg/intercept/strateagy/trustedCertList.jsp
@@ -124,8 +124,11 @@
 			onClick="javascript:window.location='${ctx}/proxy/intercept/strateagy/trustedCertForm?functionId=${cfg.functionId}'">
 				<i class="fa fa-plus"></i>
 				<spring:message code="add"></spring:message></button>
+				
+			</shiro:hasPermission>
+			<shiro:hasPermission name="proxy:trustedCert:built-in">
 				<button type="button" class="btn btn-primary"
-			onClick="addCrlFile(this)">
+					onClick="addCrlFile(this)">
 				<i class="fa fa-plus"></i>
 				<spring:message code="import_crl"></spring:message></button>
 			</shiro:hasPermission>