From 280904d1a4ca1ad0b1aa4eda962ccacf38fb8e47 Mon Sep 17 00:00:00 2001
From: monkeyk7 <zhao@idsmanager.com>
Date: Sat, 21 Apr 2018 00:11:44 +0800
Subject: [PATCH] =?UTF-8?q?=E6=9B=B4=E6=96=B0=E6=9D=83=E9=99=90.=20?=
 =?UTF-8?q?=E8=A7=92=E8=89=B2.?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

---
 others/database/initial_data.ddl              | 10 +++++++---
 .../sos/config/WebSecurityConfigurer.java     |  2 +-
 ...cyUserDetails.java => SOSUserDetails.java} | 19 +++++++------------
 .../monkeyk/sos/domain/user/Privilege.java    |  1 +
 .../sos/service/impl/UserServiceImpl.java     |  6 +++---
 src/main/webapp/WEB-INF/jsp/index.jsp         | 15 +++++++++------
 src/main/webapp/WEB-INF/jsp/login.jsp         |  4 ++--
 7 files changed, 30 insertions(+), 27 deletions(-)
 rename src/main/java/com/monkeyk/sos/domain/shared/security/{WdcyUserDetails.java => SOSUserDetails.java} (77%)

diff --git a/others/database/initial_data.ddl b/others/database/initial_data.ddl
index 2e15b37..cce8595 100644
--- a/others/database/initial_data.ddl
+++ b/others/database/initial_data.ddl
@@ -5,19 +5,23 @@ truncate user_privilege;
 -- admin, password is admin  ( All privileges)
 insert into user_(id,guid,create_time,email,password,phone,username,default_user)
 values
-(21,'29f6004fb1b0466f9572b02bf2ac1be8',now(),'admin@andaily.com','$2a$10$XWN7zOvSLDiyxQnX01KMXuf5NTkkuAUtt23YxUMWaIPURcR7bdULi','028-1234567','admin',true);
+(21,'29f6004fb1b0466f9572b02bf2ac1be8',now(),'admin@andaily.com','$2a$10$XWN7zOvSLDiyxQnX01KMXuf5NTkkuAUtt23YxUMWaIPURcR7bdULi','028-1234567','admin',1);
+
+insert into user_privilege(user_id,privilege) values (21,'ADMIN');
+insert into user_privilege(user_id,privilege) values (21,'UNITY');
+insert into user_privilege(user_id,privilege) values (21,'MOBILE');
 
 -- unity, password is unity  ( ROLE_UNITY)
 insert into user_(id,guid,create_time,email,password,phone,username,default_user)
 values
-(22,'55b713df1c6f423e842ad68668523c49',now(),'unity@andaily.com','$2a$10$gq3eUch/h.eHt20LpboSXeeZinzSLBk49K5KD.Ms4/1tOAJIsrrfq','','unity',false);
+(22,'55b713df1c6f423e842ad68668523c49',now(),'unity@andaily.com','$2a$10$gq3eUch/h.eHt20LpboSXeeZinzSLBk49K5KD.Ms4/1tOAJIsrrfq','','unity',0);
 
 insert into user_privilege(user_id,privilege) values (22,'UNITY');
 
 -- mobile, password is mobile  ( ROLE_MOBILE)
 insert into user_(id,guid,create_time,email,password,phone,username,default_user)
 values
-(23,'612025cb3f964a64a48bbdf77e53c2c1',now(),'mobile@andaily.com','$2a$10$BOmMzLDaoiIQ4Q1pCw6Z4u0gzL01B8bNL.0WUecJ2YxTtHVRIA8Zm','','mobile',false);
+(23,'612025cb3f964a64a48bbdf77e53c2c1',now(),'mobile@andaily.com','$2a$10$BOmMzLDaoiIQ4Q1pCw6Z4u0gzL01B8bNL.0WUecJ2YxTtHVRIA8Zm','','mobile',0);
 
 insert into user_privilege(user_id,privilege) values (23,'MOBILE');
 
diff --git a/src/main/java/com/monkeyk/sos/config/WebSecurityConfigurer.java b/src/main/java/com/monkeyk/sos/config/WebSecurityConfigurer.java
index 01aa6ec..2992628 100644
--- a/src/main/java/com/monkeyk/sos/config/WebSecurityConfigurer.java
+++ b/src/main/java/com/monkeyk/sos/config/WebSecurityConfigurer.java
@@ -55,7 +55,7 @@ public class WebSecurityConfigurer extends WebSecurityConfigurerAdapter {
                 .antMatchers("/oauth2/rest_token*").permitAll()
                 .antMatchers("/login*").permitAll()
 
-                .antMatchers("/admin/**").hasAnyRole("ADMIN")
+                .antMatchers("/user/**").hasAnyRole("ADMIN")
 
                 .antMatchers(HttpMethod.GET, "/login*").anonymous()
                 .anyRequest().authenticated()
diff --git a/src/main/java/com/monkeyk/sos/domain/shared/security/WdcyUserDetails.java b/src/main/java/com/monkeyk/sos/domain/shared/security/SOSUserDetails.java
similarity index 77%
rename from src/main/java/com/monkeyk/sos/domain/shared/security/WdcyUserDetails.java
rename to src/main/java/com/monkeyk/sos/domain/shared/security/SOSUserDetails.java
index a22bbd3..47718d2 100644
--- a/src/main/java/com/monkeyk/sos/domain/shared/security/WdcyUserDetails.java
+++ b/src/main/java/com/monkeyk/sos/domain/shared/security/SOSUserDetails.java
@@ -13,7 +13,7 @@ import java.util.List;
 /**
  * @author Shengzhao Li
  */
-public class WdcyUserDetails implements UserDetails {
+public class SOSUserDetails implements UserDetails {
 
     private static final long serialVersionUID = 3957586021470480642L;
 
@@ -24,10 +24,10 @@ public class WdcyUserDetails implements UserDetails {
 
     protected List<GrantedAuthority> grantedAuthorities = new ArrayList<>();
 
-    public WdcyUserDetails() {
+    public SOSUserDetails() {
     }
 
-    public WdcyUserDetails(User user) {
+    public SOSUserDetails(User user) {
         this.user = user;
         initialAuthorities();
     }
@@ -35,15 +35,10 @@ public class WdcyUserDetails implements UserDetails {
     private void initialAuthorities() {
         //Default, everyone have it
         this.grantedAuthorities.add(DEFAULT_USER_ROLE);
-        //default user have all privileges
-        if (user.defaultUser()) {
-            this.grantedAuthorities.add(new SimpleGrantedAuthority(ROLE_PREFIX + Privilege.UNITY.name()));
-            this.grantedAuthorities.add(new SimpleGrantedAuthority(ROLE_PREFIX + Privilege.MOBILE.name()));
-        } else {
-            final List<Privilege> privileges = user.privileges();
-            for (Privilege privilege : privileges) {
-                this.grantedAuthorities.add(new SimpleGrantedAuthority(ROLE_PREFIX + privilege.name()));
-            }
+
+        final List<Privilege> privileges = user.privileges();
+        for (Privilege privilege : privileges) {
+            this.grantedAuthorities.add(new SimpleGrantedAuthority(ROLE_PREFIX + privilege.name()));
         }
     }
 
diff --git a/src/main/java/com/monkeyk/sos/domain/user/Privilege.java b/src/main/java/com/monkeyk/sos/domain/user/Privilege.java
index d11eab7..038c043 100644
--- a/src/main/java/com/monkeyk/sos/domain/user/Privilege.java
+++ b/src/main/java/com/monkeyk/sos/domain/user/Privilege.java
@@ -7,6 +7,7 @@ public enum Privilege {
 
     USER,          //Default privilege
 
+    ADMIN,     //admin
     UNITY,
     MOBILE
 }
\ No newline at end of file
diff --git a/src/main/java/com/monkeyk/sos/service/impl/UserServiceImpl.java b/src/main/java/com/monkeyk/sos/service/impl/UserServiceImpl.java
index 164457a..6733d77 100644
--- a/src/main/java/com/monkeyk/sos/service/impl/UserServiceImpl.java
+++ b/src/main/java/com/monkeyk/sos/service/impl/UserServiceImpl.java
@@ -4,7 +4,7 @@ import com.monkeyk.sos.service.dto.UserDto;
 import com.monkeyk.sos.service.dto.UserFormDto;
 import com.monkeyk.sos.service.dto.UserJsonDto;
 import com.monkeyk.sos.service.dto.UserOverviewDto;
-import com.monkeyk.sos.domain.shared.security.WdcyUserDetails;
+import com.monkeyk.sos.domain.shared.security.SOSUserDetails;
 import com.monkeyk.sos.domain.user.User;
 import com.monkeyk.sos.domain.user.UserRepository;
 import com.monkeyk.sos.service.UserService;
@@ -39,7 +39,7 @@ public class UserServiceImpl implements UserService {
             throw new UsernameNotFoundException("Not found any user for username[" + username + "]");
         }
 
-        return new WdcyUserDetails(user);
+        return new SOSUserDetails(user);
     }
 
     @Override
@@ -52,7 +52,7 @@ public class UserServiceImpl implements UserService {
                 (principal instanceof String || principal instanceof org.springframework.security.core.userdetails.User)) {
             return loadOauthUserJsonDto((OAuth2Authentication) authentication);
         } else {
-            final WdcyUserDetails userDetails = (WdcyUserDetails) principal;
+            final SOSUserDetails userDetails = (SOSUserDetails) principal;
             return new UserJsonDto(userRepository.findByGuid(userDetails.user().guid()));
         }
     }
diff --git a/src/main/webapp/WEB-INF/jsp/index.jsp b/src/main/webapp/WEB-INF/jsp/index.jsp
index 48b8b23..4dfca9f 100644
--- a/src/main/webapp/WEB-INF/jsp/index.jsp
+++ b/src/main/webapp/WEB-INF/jsp/index.jsp
@@ -5,6 +5,7 @@
 
 <%@ page contentType="text/html;charset=UTF-8" language="java" %>
 <%@ taglib prefix="c" uri="http://java.sun.com/jsp/jstl/core" %>
+<%@ taglib prefix="sec" uri="http://www.springframework.org/security/tags" %>
 <%@ taglib tagdir="/WEB-INF/tags" prefix="tags" %>
 <!DOCTYPE HTML>
 <html>
@@ -22,7 +23,7 @@
     Logged: <span class="text-success">${SPRING_SECURITY_CONTEXT.authentication.principal.username}</span>
     <form action="${contextPath}/signout" method="post">
         <tags:csrf/>
-        <button class="btn btn-link" type="submit">Logout</button>
+        <button class="btn btn-default" type="submit">Logout</button>
     </form>
 </div>
 <br/>
@@ -79,11 +80,13 @@
             <a href="client_details">client_details</a> <span class="text-muted">- 管理ClientDetails</span>
         </p>
     </li>
-    <li>
-        <p>
-            <a href="${contextPath}/user/overview">User</a> <span class="text-muted">- 管理User</span>
-        </p>
-    </li>
+    <sec:authorize access="hasRole('ROLE_ADMIN')">
+        <li>
+            <p>
+                <a href="${contextPath}/user/overview">User</a> <span class="text-muted">- 管理User</span>
+            </p>
+        </li>
+    </sec:authorize>
     <li>
         <p>
             <a href="${contextPath}/unity/dashboard">Unity</a> <span class="text-muted">- Unity 资源(resource), 需要具有 [ROLE_UNITY] 权限(resourceId:
diff --git a/src/main/webapp/WEB-INF/jsp/login.jsp b/src/main/webapp/WEB-INF/jsp/login.jsp
index 34380fa..facbdc1 100644
--- a/src/main/webapp/WEB-INF/jsp/login.jsp
+++ b/src/main/webapp/WEB-INF/jsp/login.jsp
@@ -65,14 +65,14 @@
             <tr>
                 <th>Username</th>
                 <th>Password</th>
-                <th>Privileges</th>
+                <th>Remark</th>
             </tr>
             </thead>
             <tbody>
             <tr>
                 <td>admin</td>
                 <td>admin</td>
-                <td>All privileges, allow visit [Mobile] and [Unity] resources</td>
+                <td>All privileges, allow visit [Mobile] and [Unity] resources, manage user</td>
             </tr>
             <tr>
                 <td>unity</td>