diff --git a/hzims-service/hzims-big-model/src/main/java/com/hnac/hzims/bigmodel/interactive/controller/InteractiveController.java b/hzims-service/hzims-big-model/src/main/java/com/hnac/hzims/bigmodel/interactive/controller/InteractiveController.java index 90102a3..25de021 100644 --- a/hzims-service/hzims-big-model/src/main/java/com/hnac/hzims/bigmodel/interactive/controller/InteractiveController.java +++ b/hzims-service/hzims-big-model/src/main/java/com/hnac/hzims/bigmodel/interactive/controller/InteractiveController.java @@ -48,8 +48,9 @@ public class InteractiveController { @RequestMapping(value = "/authentication",method = {RequestMethod.GET,RequestMethod.POST}) public R authentication(@RequestParam(required = false) @ApiParam("站点编号") String stationId, @RequestParam @ApiParam("用户ID") String userId, - @RequestParam(required = false) @ApiParam("菜单ID") String func) { - return R.status(interactiveService.authentication(stationId,userId,func)); + @RequestParam(required = false) @ApiParam("菜单ID") String func, + @RequestParam(required = false) @ApiParam("会话ID")String sessionId) { + return R.status(interactiveService.authentication(stationId,userId,func,sessionId)); } @ApiOperation("获取问答sessionId") diff --git a/hzims-service/hzims-big-model/src/main/java/com/hnac/hzims/bigmodel/interactive/service/IInteractiveService.java b/hzims-service/hzims-big-model/src/main/java/com/hnac/hzims/bigmodel/interactive/service/IInteractiveService.java index 241a25b..8ace8cc 100644 --- a/hzims-service/hzims-big-model/src/main/java/com/hnac/hzims/bigmodel/interactive/service/IInteractiveService.java +++ b/hzims-service/hzims-big-model/src/main/java/com/hnac/hzims/bigmodel/interactive/service/IInteractiveService.java @@ -27,7 +27,7 @@ public interface IInteractiveService { List getAnswerBySessionIds(String sessionIds); - Boolean authentication(String stationId, String userId, String func); + Boolean authentication(String stationId, String userId, String func,String sessionId); Boolean removeSessionId(String sessionId); diff --git a/hzims-service/hzims-big-model/src/main/java/com/hnac/hzims/bigmodel/interactive/service/impl/AuthenticationService.java b/hzims-service/hzims-big-model/src/main/java/com/hnac/hzims/bigmodel/interactive/service/impl/AuthenticationService.java index f5b9d5b..1960da9 100644 --- a/hzims-service/hzims-big-model/src/main/java/com/hnac/hzims/bigmodel/interactive/service/impl/AuthenticationService.java +++ b/hzims-service/hzims-big-model/src/main/java/com/hnac/hzims/bigmodel/interactive/service/impl/AuthenticationService.java @@ -3,6 +3,8 @@ package com.hnac.hzims.bigmodel.interactive.service.impl; import com.hnac.hzims.bigmodel.entity.FunctionEntity; import com.hnac.hzims.bigmodel.function.service.IFunctionService; import com.hnac.hzims.bigmodel.interactive.constants.ProjectRemoteTypeEnum; +import com.hnac.hzims.bigmodel.interactive.vo.SessionContentVO; +import com.hnac.hzims.bigmodel.websocket.constants.RedisKeyConstants; import com.hnac.hzinfo.sdk.core.response.Result; import com.hnac.hzinfo.sdk.v5.project.ProjectClient; import com.hnac.hzinfo.sdk.v5.project.vo.ProjectVO; @@ -13,13 +15,16 @@ import org.springblade.core.tool.utils.CollectionUtil; import org.springblade.core.tool.utils.Func; import org.springblade.core.tool.utils.StringUtil; import org.springblade.system.dto.DeptStationDTO; +import org.springblade.system.entity.CtrlAuth; import org.springblade.system.feign.IDeptClient; import org.springblade.system.feign.IRemoteClient; import org.springblade.system.user.feign.IUserClient; +import org.springframework.data.redis.core.RedisTemplate; import org.springframework.stereotype.Service; import org.springframework.util.Assert; import java.util.List; +import java.util.Optional; import java.util.stream.Collectors; /** @@ -35,6 +40,7 @@ public class AuthenticationService { private final IUserClient userClient; private final ProjectClient projectClient; private final IRemoteClient remoteClient; + private final RedisTemplate redisTemplate; /** * 站点鉴权 @@ -51,11 +57,10 @@ public class AuthenticationService { /** * 菜单鉴权 - * @param stationId 站点ID * @param userId 用户ID * @param func 函数编号 */ - public void menuAuthentication(String stationId, String userId, String func) { + public void menuAuthentication(String userId, String func) { FunctionEntity function = functionService.getFunctionByCode(func); if(Func.isNotEmpty(function) && Func.isNotEmpty(function.getRoute()) && StringUtil.isNotBlank(function.getRoute())) { R authenticationR = userClient.permissionMenuById(Long.valueOf(userId), function.getRoute()); @@ -69,9 +74,8 @@ public class AuthenticationService { * 遥控鉴权 * @param stationId 站点ID * @param userId 用户ID - * @param func 函数编号 */ - public void remoteAuthentication(String stationId, String userId, String func) { + public void remoteAuthentication(String stationId, String userId,String sessionId) { // 查询数据平台站点是否可被遥控 Result projectR = projectClient.getProjectByPid(stationId); Assert.isTrue(projectR.isSuccess() && Func.isNotEmpty(projectR.getData()),() -> { @@ -84,7 +88,27 @@ public class AuthenticationService { } else if(ProjectRemoteTypeEnum.VALID.getCtrlType().equals(project.getCtrlType())) { // 运行发送遥控并且需要校验权限 - //remoteClient.sendCtrlCheckParam(); + R> ctrlAuthR = remoteClient.getCtrlAuth(Optional.ofNullable(userId).filter(StringUtil::isNotBlank).map(Long::parseLong).orElse(null)); + Assert.isTrue(ctrlAuthR.isSuccess(),() -> { + throw new ServiceException("该站点未设置鉴权用户,校验失败!"); + }); + List ctrlAuthList = ctrlAuthR.getData(); + Optional authOptional = ctrlAuthList.stream().filter(c -> c.getProjectId().equals(stationId)).findFirst(); + Assert.isTrue(authOptional.isPresent() && Func.isNotEmpty(authOptional.get().getIsLimitMachine()), () -> { + throw new ServiceException("该用户不存在相应站点权限,校验不通过!"); + }); + CtrlAuth ctrlAuth = authOptional.get(); + // 如限制机器发送遥控指令 + if(ctrlAuth.getIsLimitMachine().intValue() == 1) { + SessionContentVO sessionContent = (SessionContentVO) redisTemplate.opsForHash().get(RedisKeyConstants.SESSION_CONTENT_KEY, sessionId); + String machineCode = sessionContent.getMachineCode(); + Assert.isTrue(StringUtil.isNotBlank(machineCode) && Func.isNotEmpty(machineCode) ,() -> { + throw new ServiceException("获取问题机器码失败,校验不通过!"); + }); + Assert.isTrue(machineCode.equals(ctrlAuth.getMachineCode()),() -> { + throw new ServiceException("站点校验码校验失败,校验不通过!"); + }); + } } } diff --git a/hzims-service/hzims-big-model/src/main/java/com/hnac/hzims/bigmodel/interactive/service/impl/InteractiveServiceImpl.java b/hzims-service/hzims-big-model/src/main/java/com/hnac/hzims/bigmodel/interactive/service/impl/InteractiveServiceImpl.java index d322d1d..a27ef9a 100644 --- a/hzims-service/hzims-big-model/src/main/java/com/hnac/hzims/bigmodel/interactive/service/impl/InteractiveServiceImpl.java +++ b/hzims-service/hzims-big-model/src/main/java/com/hnac/hzims/bigmodel/interactive/service/impl/InteractiveServiceImpl.java @@ -196,18 +196,18 @@ public class InteractiveServiceImpl implements IInteractiveService { } @Override - public Boolean authentication(String stationId, String userId, String func) { + public Boolean authentication(String stationId, String userId, String func,String sessionId) { // 站点鉴权 if(StringUtil.isNotBlank(stationId)) { authenticationService.stationAuthentication(stationId,userId); } // 菜单鉴权 if(StringUtil.isNotBlank(func) && StringUtil.isNotBlank(userId)) { - authenticationService.menuAuthentication(stationId,userId,func); + authenticationService.menuAuthentication(userId,func); } // 遥控鉴权 if(FuncRouteEnum.CONFIRM_YK.getFuncCode().equals(func)) { - authenticationService.remoteAuthentication(stationId,userId,func); + authenticationService.remoteAuthentication(stationId,userId,sessionId); } return true; }