Index: ssts-maintain/src/main/java/com/forgon/disinfectsystem/maintain/importbasedata/service/ExportBasedataManager.java =================================================================== diff -u -r36097 -r41213 --- ssts-maintain/src/main/java/com/forgon/disinfectsystem/maintain/importbasedata/service/ExportBasedataManager.java (.../ExportBasedataManager.java) (revision 36097) +++ ssts-maintain/src/main/java/com/forgon/disinfectsystem/maintain/importbasedata/service/ExportBasedataManager.java (.../ExportBasedataManager.java) (revision 41213) @@ -1,6 +1,7 @@ package com.forgon.disinfectsystem.maintain.importbasedata.service; import java.io.OutputStream; +import java.util.Map; import javax.servlet.http.HttpSession; @@ -24,7 +25,7 @@ /* * 获取导出xls的数据 */ - public HSSFWorkbook getExportWorkbook(); + public HSSFWorkbook getExportWorkbook(Map exportCountMap); /** * 生成所有包定义的图片、视频、文件的压缩文件 Index: forgon-core/src/main/java/com/forgon/excel/service/CommonExportManager.java =================================================================== diff -u -r12331 -r41213 --- forgon-core/src/main/java/com/forgon/excel/service/CommonExportManager.java (.../CommonExportManager.java) (revision 12331) +++ forgon-core/src/main/java/com/forgon/excel/service/CommonExportManager.java (.../CommonExportManager.java) (revision 41213) @@ -28,8 +28,9 @@ * @param sheet * @param poClass * @param sql + * @return 导出记录数量 */ - public void printContentWithParams(HSSFSheet sheet, Class poClass, + public int printContentWithParams(HSSFSheet sheet, Class poClass, String sql, Map columnNameAndPoPropertyNameMap); public void export(OutputStream ops, Class poClass, String sql); Index: ssts-maintain/src/main/java/com/forgon/disinfectsystem/maintain/importbasedata/service/ExportBasedataManagerImpl.java =================================================================== diff -u -r39360 -r41213 --- ssts-maintain/src/main/java/com/forgon/disinfectsystem/maintain/importbasedata/service/ExportBasedataManagerImpl.java (.../ExportBasedataManagerImpl.java) (revision 39360) +++ ssts-maintain/src/main/java/com/forgon/disinfectsystem/maintain/importbasedata/service/ExportBasedataManagerImpl.java (.../ExportBasedataManagerImpl.java) (revision 41213) @@ -14,8 +14,10 @@ import java.util.HashMap; import java.util.HashSet; import java.util.Iterator; +import java.util.LinkedHashMap; import java.util.List; import java.util.Map; +import java.util.Map.Entry; import java.util.Set; import java.util.regex.Pattern; @@ -40,6 +42,7 @@ import com.forgon.Constants; import com.forgon.attachfile.model.AttachFile; +import com.forgon.directory.acegi.tools.AcegiHelper; import com.forgon.directory.model.CssdHandleTousses; import com.forgon.directory.model.OrgUnit; import com.forgon.directory.service.OrgUnitManager; @@ -69,6 +72,8 @@ import com.forgon.exception.SystemException; import com.forgon.knowledge.model.KnowledgeFile1; import com.forgon.knowledge.model.KnowledgeFolder1; +import com.forgon.log.model.Log; +import com.forgon.log.service.LogManager; import com.forgon.reflect.ReflectUtil; import com.forgon.systemsetting.model.HttpOption; import com.forgon.tools.Path; @@ -99,6 +104,8 @@ private OrgUnitManager orgUnitManager; + private LogManager appLogManager; + /** * 培训管理模块名称 */ @@ -109,6 +116,10 @@ */ private static String TousseDefinitionModuleName = "TousseDefinition"; + public void setAppLogManager(LogManager appLogManager) { + this.appLogManager = appLogManager; + } + public void setOrgUnitManager(OrgUnitManager orgUnitManager) { this.orgUnitManager = orgUnitManager; } @@ -128,8 +139,10 @@ @Override public void exportBasedata(OutputStream os) { + long startTime = System.currentTimeMillis(); + Map exportCountMap = new LinkedHashMap(); try { - HSSFWorkbook wb = getExportWorkbook(); + HSSFWorkbook wb = getExportWorkbook(exportCountMap); if(wb != null){ wb.write(os); } @@ -149,6 +162,18 @@ e.printStackTrace(); } } + long endTime = System.currentTimeMillis(); + StringBuffer logDesc = new StringBuffer(); + logDesc.append(String.format("导出了基础数据,总耗时%s秒,导出的内容包括:", (endTime-startTime)/1000)); + if(MapUtils.isNotEmpty(exportCountMap)){ + for (Entry entry : exportCountMap.entrySet()) { + String modelName = entry.getKey(); + Integer count = entry.getValue(); + logDesc.append(modelName + ":"); + logDesc.append(String.format("%s条记录;", count)); + } + } + appLogManager.saveLog(AcegiHelper.getLoginUser(), Log.MODEL_BASEDATA, "导出数据", logDesc.toString()); } @Override @@ -248,17 +273,17 @@ /* * 获取导出xls的数据 */ - public HSSFWorkbook getExportWorkbook(){ + public HSSFWorkbook getExportWorkbook(Map exportCountMap){ try{ POIFSFileSystem fs = new POIFSFileSystem(getExcelFileInputStream()); HSSFWorkbook wb = new HSSFWorkbook(fs); ExcelHelper.setWorkbook(wb); ExcelCellStyle.iniAllStyles(); - simpleObjectExport(wb); + simpleObjectExport(wb, exportCountMap); - complexObjectExport(wb); + complexObjectExport(wb, exportCountMap); return wb; }catch (FileNotFoundException e) { e.printStackTrace(); @@ -268,36 +293,36 @@ return null; } - private void complexObjectExport(HSSFWorkbook wb) { + private void complexObjectExport(HSSFWorkbook wb, Map exportCountMap) { // 器械包excel导出 - tousseDefinitionExport(wb); + tousseDefinitionExport(wb, exportCountMap); // 手术名称导出 - operationNameExport(wb); + operationNameExport(wb, exportCountMap); // 外来器械包导出 - foreignTousseDefinitionExport(wb); + foreignTousseDefinitionExport(wb, exportCountMap); // 清洗机excel导出 - rinserExport(wb); + rinserExport(wb, exportCountMap); // 灭菌炉excel导出 - sterilizerExport(wb); + sterilizerExport(wb, exportCountMap); //聚合包excel导出 - comboTousseCompositeExport(wb); + comboTousseCompositeExport(wb, exportCountMap); //任务组导出 - taskGroupExport(wb); + taskGroupExport(wb, exportCountMap); } /** * 任务组配置导出 * @param wb */ @SuppressWarnings("unchecked") - private void taskGroupExport(HSSFWorkbook wb) { + private void taskGroupExport(HSSFWorkbook wb, Map exportCountMap) { HSSFSheet sheet = wb.getSheet("任务组配置"); if (sheet != null) { List taskGroupList = objectDao.findAllObjects(TaskGroup.class.getSimpleName()); @@ -327,11 +352,12 @@ } setFootCellStyle(row, getFootCellStyle(len)); + exportCountMap.put("任务组配置", taskGroupList.size()); } } } - private void operationNameExport(HSSFWorkbook wb) { + private void operationNameExport(HSSFWorkbook wb, Map exportCountMap) { HSSFSheet sheet = wb.getSheet("手术名称管理"); if (sheet != null) { List operationNames = objectDao @@ -424,13 +450,14 @@ type); } } + exportCountMap.put("手术名称管理", operationNames.size()); } } } } @SuppressWarnings("unchecked") - private void comboTousseCompositeExport(HSSFWorkbook wb) { + private void comboTousseCompositeExport(HSSFWorkbook wb, Map exportCountMap) { // 启用【器械包种类定义】功能GDSZYY-86 boolean enableInstrumentSetTypeSetting = ConfigUtils.getSystemSetConfigByNameBool("enableInstrumentSetTypeSetting"); @@ -558,12 +585,13 @@ } setFootCellStyle(row, getFootCellStyle(len)); + exportCountMap.put("聚合包管理", tousseDefinitions.size()); } } } @SuppressWarnings("unchecked") - private void sterilizerExport(HSSFWorkbook wb) { + private void sterilizerExport(HSSFWorkbook wb, Map exportCountMap) { HSSFSheet sheet = wb.getSheet("灭菌炉管理"); if (sheet != null) { List sterilizers = objectDao @@ -631,12 +659,13 @@ } } setFootCellStyle(row, getFootCellStyle(len)); + exportCountMap.put("灭菌炉管理", sterilizers.size()); } } } @SuppressWarnings("unchecked") - private void rinserExport(HSSFWorkbook wb) { + private void rinserExport(HSSFWorkbook wb, Map exportCountMap) { HSSFSheet sheet = wb.getSheet("清洗机管理"); if (sheet != null) { List rinsers = objectDao.findAllObjects(Rinser.class @@ -716,13 +745,14 @@ } } setFootCellStyle(row, getFootCellStyle(len)); + exportCountMap.put("清洗机管理", rinsers.size()); } } } // 器械包导出 只包含toussetype为器械包、敷料包、消毒物品、外部代理灭菌的器械包 @SuppressWarnings("unchecked") - private void tousseDefinitionExport(HSSFWorkbook wb) { + private void tousseDefinitionExport(HSSFWorkbook wb, Map exportCountMap) { HSSFSheet sheet = wb.getSheet("器械包管理"); HSSFSheet sheetDisable = wb.getSheet("停用器械包导出"); if (sheet != null && sheetDisable != null) { @@ -743,6 +773,8 @@ .findBySql(TousseDefinition.class.getSimpleName(),sql); int ableTousseDefinitionRowNum = 1; int disableTousseDefinitionRowNum = 1; + int ableTousseDefinitionNum = 0; + int disableTousseDefinitionNum = 0; if (tousseDefinitions != null && tousseDefinitions.size() > 0) { int len = columnNameAndIndexList.size(); HSSFCellStyle[] contentCellStyleArray = getContentCellStyle(len); @@ -754,8 +786,10 @@ //停用的器械包 if(isDisable){ row = createRowIfEmpty(sheetDisable, disableTousseDefinitionRowNum++); + disableTousseDefinitionNum++; }else{ row = createRowIfEmpty(sheet, ableTousseDefinitionRowNum++); + ableTousseDefinitionNum++; } for (String columnName : columnNameAndIndexList) { @@ -889,6 +923,8 @@ } } setFootCellStyle(row, getFootCellStyle(len)); + exportCountMap.put("器械包管理", ableTousseDefinitionNum); + exportCountMap.put("停用器械包导出", disableTousseDefinitionNum); } } } @@ -976,14 +1012,16 @@ // 导出外来器械包 @SuppressWarnings("unchecked") - private void foreignTousseDefinitionExport(HSSFWorkbook wb) { + private void foreignTousseDefinitionExport(HSSFWorkbook wb, Map exportCountMap) { HSSFSheet sheet = wb.getSheet("外来器械包管理"); HSSFSheet sheetDisable = wb.getSheet("停用外来器械包导出"); if (sheet != null && sheetDisable != null) { List tousseDefinitions = objectDao .findBySql(TousseDefinition.class.getSimpleName(),"where po.forDisplay = true and po.tousseType = '外来器械包'"); int disableTousseDefinitionRowNum = 1; int ableTousseDefinitionRowNum = 1; + int ableTousseDefinitionNum = 0; + int disableTousseDefinitionNum = 0; if (tousseDefinitions != null && tousseDefinitions.size() > 0) { int len = 30; HSSFCellStyle[] contentCellStyleArray = getContentCellStyle(len); @@ -996,8 +1034,10 @@ //停用的器械包 if(isDisable){ row = createRowIfEmpty(sheetDisable, disableTousseDefinitionRowNum++); + disableTousseDefinitionNum++; }else{ row = createRowIfEmpty(sheet, ableTousseDefinitionRowNum++); + ableTousseDefinitionNum++; } // 供应商名称 inertStringValueToCell(row, cellNumer, @@ -1055,6 +1095,8 @@ } } setFootCellStyle(row, getFootCellStyle(len)); + exportCountMap.put("外来器械包管理", ableTousseDefinitionNum); + exportCountMap.put("停用外来器械包导出", disableTousseDefinitionNum); } } } @@ -1225,64 +1267,64 @@ return row; } - private void simpleObjectExport(HSSFWorkbook wb) { - exportAllHttpOption(wb); + private void simpleObjectExport(HSSFWorkbook wb, Map exportCountMap) { + exportAllHttpOption(wb, exportCountMap); /*commonExportManager.printContentWithParams(wb.getSheet("任务组配置"), TaskGroup.class, "where 1=1 ", null);*/ - commonExportManager.printContentWithParams(wb.getSheet("材料管理"), - MaterialDefinition.class, "where 1=1 order by po.name", null); + exportCountMap.put("材料管理", commonExportManager.printContentWithParams(wb.getSheet("材料管理"), + MaterialDefinition.class, "where 1=1 order by po.name", null)); - commonExportManager.printContentWithParams(wb.getSheet("容器管理"), - Container.class, "where 1=1", null); + exportCountMap.put("容器管理", commonExportManager.printContentWithParams(wb.getSheet("容器管理"), + Container.class, "where 1=1", null)); - commonExportManager.printContentWithParams(wb.getSheet("供应商管理"), - Supplier.class, "where 1=1", null); + exportCountMap.put("供应商管理", commonExportManager.printContentWithParams(wb.getSheet("供应商管理"), + Supplier.class, "where 1=1", null)); - commonExportManager.printContentWithParams(wb.getSheet("清洗程序管理"), - CleanMethod.class, "where 1=1", null); + exportCountMap.put("清洗程序管理", commonExportManager.printContentWithParams(wb.getSheet("清洗程序管理"), + CleanMethod.class, "where 1=1", null)); - commonExportManager.printContentWithParams(wb.getSheet("物品失效期管理"), - ExpirationDateInfo.class, "where 1=1", null); + exportCountMap.put("物品失效期管理", commonExportManager.printContentWithParams(wb.getSheet("物品失效期管理"), + ExpirationDateInfo.class, "where 1=1", null)); - commonExportManager.printContentWithParams(wb.getSheet("一次性物品管理"), - DisposableGoods.class, "where 1=1 order by po.name", null); + exportCountMap.put("一次性物品管理", commonExportManager.printContentWithParams(wb.getSheet("一次性物品管理"), + DisposableGoods.class, "where 1=1 order by po.name", null)); - commonExportManager.printContentWithParams(wb.getSheet("灭菌程序管理"), - Sterilisation.class, "where 1=1", null); + exportCountMap.put("灭菌程序管理", commonExportManager.printContentWithParams(wb.getSheet("灭菌程序管理"), + Sterilisation.class, "where 1=1", null)); } - private void exportAllHttpOption(HSSFWorkbook wb) { + private void exportAllHttpOption(HSSFWorkbook wb, Map exportCountMap) { Class clazzHttpOption = HttpOption.class; Map columnNameAndPoPropertyNameMap = new java.util.LinkedHashMap( 1); columnNameAndPoPropertyNameMap.put("材料类型名称", "optionText"); - commonExportManager.printContentWithParams(wb.getSheet("材料类型配置"), + exportCountMap.put("材料类型配置", commonExportManager.printContentWithParams(wb.getSheet("材料类型配置"), clazzHttpOption, "where po.optionListId = '" + HttpOption.SYSTEMSETTING_MATERIALTYPE + "'", - columnNameAndPoPropertyNameMap); + columnNameAndPoPropertyNameMap)); columnNameAndPoPropertyNameMap.clear(); columnNameAndPoPropertyNameMap.put("分类类型名称", "optionText"); - commonExportManager.printContentWithParams(wb.getSheet("清洗分类类型配置"), + exportCountMap.put("清洗分类类型配置", commonExportManager.printContentWithParams(wb.getSheet("清洗分类类型配置"), clazzHttpOption, "where po.optionListId = '" + HttpOption.SYSTEMSETTING_MATERIAL_WASH_CLASSIFY + "'", - columnNameAndPoPropertyNameMap); + columnNameAndPoPropertyNameMap)); columnNameAndPoPropertyNameMap.clear(); columnNameAndPoPropertyNameMap.put("包装类型名称", "optionText"); - commonExportManager.printContentWithParams(wb.getSheet("包装类型配置"), + exportCountMap.put("包装类型配置", commonExportManager.printContentWithParams(wb.getSheet("包装类型配置"), clazzHttpOption, "where po.optionListId = '" + HttpOption.SYSTEMSETTING_PACKAGING_TYPE + "'", - columnNameAndPoPropertyNameMap); + columnNameAndPoPropertyNameMap)); columnNameAndPoPropertyNameMap.clear(); columnNameAndPoPropertyNameMap.put("一次性物品类型名称", "optionText"); - commonExportManager.printContentWithParams(wb.getSheet("一次性物品类型配置"), + exportCountMap.put("一次性物品类型配置", commonExportManager.printContentWithParams(wb.getSheet("一次性物品类型配置"), clazzHttpOption, "where po.optionListId = '" + HttpOption.SYSTEMSETTING_DIPOSABLEGOODS_TYPE + "'", - columnNameAndPoPropertyNameMap); + columnNameAndPoPropertyNameMap)); } private FileInputStream getExcelFileInputStream() Index: ssts-maintain/src/main/java/com/forgon/disinfectsystem/maintain/importbasedata/service/ImportBasedataManagerImpl.java =================================================================== diff -u -r41133 -r41213 --- ssts-maintain/src/main/java/com/forgon/disinfectsystem/maintain/importbasedata/service/ImportBasedataManagerImpl.java (.../ImportBasedataManagerImpl.java) (revision 41133) +++ ssts-maintain/src/main/java/com/forgon/disinfectsystem/maintain/importbasedata/service/ImportBasedataManagerImpl.java (.../ImportBasedataManagerImpl.java) (revision 41213) @@ -96,6 +96,8 @@ import com.forgon.excel.service.CommonImportManager; import com.forgon.excel.service.ExcelUtils; import com.forgon.exception.SystemException; +import com.forgon.log.model.Log; +import com.forgon.log.service.LogManager; import com.forgon.serialnumber.model.SerialNum; import com.forgon.serialnumber.service.SerialNumManager; import com.forgon.systemsetting.model.HttpOption; @@ -178,7 +180,13 @@ private DataModifyRecordManager dataModifyRecordManager; private MaterialEntryManager materialEntryManager; + + private LogManager appLogManager; + public void setAppLogManager(LogManager appLogManager) { + this.appLogManager = appLogManager; + } + public void setMaterialEntryManager(MaterialEntryManager materialEntryManager) { this.materialEntryManager = materialEntryManager; } @@ -309,6 +317,7 @@ if(CollectionUtils.isEmpty(inputStreams)){ return msg; } + long startTime = System.currentTimeMillis(); AtomicInteger totalCount = new AtomicInteger(0); // 包装类型 List packageTypes = null; @@ -372,6 +381,9 @@ e.printStackTrace(); } } + long endTime = System.currentTimeMillis(); + StringBuffer logBuffer = new StringBuffer(); + logBuffer.append(String.format("导入了基础数据,总耗时%s秒,导入的内容包括:", (endTime-startTime)/1000)); Set set = msg.keySet(); for (String key : set) { // 格式:成功插入数量#插入失败数量#失败行1,失败行2... @@ -380,11 +392,15 @@ String failureRow = ""; if (item.length > 2) { failureRow = item[2]; - log.debug(key + ":成功插入" + item[0] + "条,失败" + item[1] - + "条,失败行号:" + failureRow); + String logDesc = key + ":成功插入" + item[0] + "条,失败" + item[1] + + "条,失败行号:" + failureRow; + log.debug(logDesc); + logBuffer.append(logDesc + ";"); } } } + + appLogManager.saveLog(AcegiHelper.getLoginUser(), Log.MODEL_BASEDATA, "导入数据", logBuffer.toString()); return msg; } Index: ssts-web/src/main/java/com/forgon/disinfectsystem/excel/service/CommonExportManagerImpl.java =================================================================== diff -u -r28947 -r41213 --- ssts-web/src/main/java/com/forgon/disinfectsystem/excel/service/CommonExportManagerImpl.java (.../CommonExportManagerImpl.java) (revision 28947) +++ ssts-web/src/main/java/com/forgon/disinfectsystem/excel/service/CommonExportManagerImpl.java (.../CommonExportManagerImpl.java) (revision 41213) @@ -73,20 +73,20 @@ * @param sql */ @SuppressWarnings("unchecked") - public void printContentWithParams(HSSFSheet sheet, Class poClass, + public int printContentWithParams(HSSFSheet sheet, Class poClass, String sql, Map columnNameAndPoPropertyNameMap) { if (columnNameAndPoPropertyNameMap == null || columnNameAndPoPropertyNameMap.isEmpty()) { columnNameAndPoPropertyNameMap = ExcelImportAndExportHelper .getColumnNameAndPoPropertyNameMap(poClass); } if (sheet == null) - return; - printContent(sheet, poClass, columnNameAndPoPropertyNameMap, sql); + return 0; + return printContent(sheet, poClass, columnNameAndPoPropertyNameMap, sql); } @SuppressWarnings("unchecked") - private void printContent(HSSFSheet sheet, Class poClass, + private int printContent(HSSFSheet sheet, Class poClass, Map columnNameAndPoPropertyNameMap, String sql) { int[] colArray = getColArray(columnNameAndPoPropertyNameMap); Map propertyNameAndTypeMap = ExcelImportAndExportHelper @@ -113,7 +113,9 @@ rowNumber++; } ExcelHelper.setCellStyle(row, colArray, footCellStyleArray); + return objlist.size(); } + return 0; } @SuppressWarnings("unchecked") Index: ssts-web/src/main/java/com/forgon/disinfectsystem/security/access/RequestAccessResult.java =================================================================== diff -u --- ssts-web/src/main/java/com/forgon/disinfectsystem/security/access/RequestAccessResult.java (revision 0) +++ ssts-web/src/main/java/com/forgon/disinfectsystem/security/access/RequestAccessResult.java (revision 41213) @@ -0,0 +1,38 @@ +package com.forgon.disinfectsystem.security.access; + +/** + * 请求访问校验结果 + */ +public class RequestAccessResult { + + /** + * 请求访问配置 + */ + private RequestAccessConfigure requestAccessConfigure; + + /** + * 请求访问校验结果 + * AccessDecisionVoter.ACCESS_GRANTED = 1 允许访问 + * AccessDecisionVoter.ACCESS_ABSTAIN = 0 弃权 + * AccessDecisionVoter.ACCESS_DENIED = -1 拒绝访问 + */ + private int accessVote; + + public RequestAccessConfigure getRequestAccessConfigure() { + return requestAccessConfigure; + } + + public void setRequestAccessConfigure( + RequestAccessConfigure requestAccessConfigure) { + this.requestAccessConfigure = requestAccessConfigure; + } + + public int getAccessVote() { + return accessVote; + } + + public void setAccessVote(int accessVote) { + this.accessVote = accessVote; + } + +} Index: ssts-web/src/main/java/com/forgon/disinfectsystem/security/userdetails/DaoUserDetailSSTSImpl.java =================================================================== diff -u -r40819 -r41213 --- ssts-web/src/main/java/com/forgon/disinfectsystem/security/userdetails/DaoUserDetailSSTSImpl.java (.../DaoUserDetailSSTSImpl.java) (revision 40819) +++ ssts-web/src/main/java/com/forgon/disinfectsystem/security/userdetails/DaoUserDetailSSTSImpl.java (.../DaoUserDetailSSTSImpl.java) (revision 41213) @@ -32,6 +32,7 @@ import org.springframework.web.context.request.RequestContextHolder; import org.springframework.web.context.request.ServletRequestAttributes; +import com.forgon.directory.acegi.tools.AcegiHelper; import com.forgon.directory.model.LoginInfo; import com.forgon.directory.model.OrgUnit; import com.forgon.directory.model.OrgUserRelation; @@ -43,6 +44,8 @@ import com.forgon.disinfectsystem.common.CssdUtils; import com.forgon.disinfectsystem.entity.basedatamanager.supplyroomconfig.SupplyRoomConfig; import com.forgon.disinfectsystem.schedule.service.ScheduleInformationManager; +import com.forgon.log.model.Log; +import com.forgon.log.service.LogManager; import com.forgon.security.model.IpLoginLockRecord; import com.forgon.security.model.Role; import com.forgon.security.model.User; @@ -90,6 +93,8 @@ private ScheduleInformationManager scheduleInformationManager; @Resource private IpLoginLockRecordManager ipLoginLockRecordManager; + @Resource + private LogManager appLogManager; /** * 单点登录service,此处不能用@Resource或@Autowired注解,因为这个bean所在的project不是任何项目都会依赖的,没有依赖时会报ClassNotFound @@ -214,6 +219,9 @@ userManager.insertUserLogonRecord(userLogonRecord); //记录ip登录失败记录(GZSZYY-119【登录管理】新增多个登录功能改进(IP登录失败锁定次数,验证码刷新规则修改)) recordLoginFailIp(request); + //登录界面,输入了错误的用户名或者密码,则在系统日志中增加一条日志:ZSYY-443 + String log = String.format("用户【%s】访问被拒绝,输入的用户名或者密码错误。", username); + appLogManager.saveLog(AcegiHelper.getLoginUser(), Log.MODEL_LOGIN, Log.LOG_TYPE_LOGIN, log); throw new UsernameNotFoundException("user not found in database"); }else{ //如果帐号存在,则删除session会话的消息 @@ -330,7 +338,12 @@ nextLockEndDate = cal1.getTime(); currentLoginedUser.setLockEndDate(nextLockEndDate); userManager.modifyUserLockEndDateWithTransNewManager(currentLoginedUser); - logger.info(String.format(messageAfterLocked, ForgonDateUtils.safelyFormatDate(nextLockEndDate, ForgonDateUtils.SIMPLEDATEFORMAT_YYYYMMDDHHMM, ""))); + String nextLockEndDateStr = ForgonDateUtils.safelyFormatDate(nextLockEndDate, ForgonDateUtils.SIMPLEDATEFORMAT_YYYYMMDDHHMM, ""); + logger.info(String.format(messageAfterLocked, nextLockEndDateStr)); + //如果连续输入密码错误导致帐号被锁定时,应在系统中记录如下一条日志: + //用户【用户名】已连续用户【n】次身份验证失败,帐号被锁定,需要在【日期时间】后才允许登录。ZSYY-443 + String log = String.format("用户【%s】已连续%s次身份验证失败,帐号被锁定,需要在%s后才允许登录。", username, seriesLogonFailTimes + 1, nextLockEndDateStr); + appLogManager.saveLog(AcegiHelper.getLoginUser(), Log.MODEL_LOGIN, Log.LOG_TYPE_LOGIN, log); }else{ //正常不会进到这个else(因为连续登录失败次数超过5次时时,会进入前面194行的lockEndDate判断的分支里) } @@ -345,6 +358,9 @@ userManager.insertUserLogonRecord(userLogonRecord); //记录ip登录失败记录(GZSZYY-119【登录管理】新增多个登录功能改进(ip登录失败锁定次数,验证码刷新规则修改)) recordLoginFailIp(request); + //登录界面,输入了错误的用户名或者密码,则在系统日志中增加一条日志:ZSYY-443 + String log = String.format("用户【%s】访问被拒绝,输入的用户名或者密码错误。", username); + appLogManager.saveLog(AcegiHelper.getLoginUser(), Log.MODEL_LOGIN, Log.LOG_TYPE_LOGIN, log); throw new RuntimeException(logonFailNoticeMessage); }else if(StringUtils.equals(password, j_passwordRsaMd5)){ password = j_passwordMd5; Index: ssts-web/src/main/java/com/forgon/disinfectsystem/security/access/RequestAccessUtil.java =================================================================== diff -u -r40391 -r41213 --- ssts-web/src/main/java/com/forgon/disinfectsystem/security/access/RequestAccessUtil.java (.../RequestAccessUtil.java) (revision 40391) +++ ssts-web/src/main/java/com/forgon/disinfectsystem/security/access/RequestAccessUtil.java (.../RequestAccessUtil.java) (revision 41213) @@ -32,22 +32,24 @@ /** * 判断当前请求是否有权限访问 * @param request 请求 - * @return AccessDecisionVoter.ACCESS_GRANTED 允许访问 - * AccessDecisionVoter.ACCESS_ABSTAIN 弃权 - * AccessDecisionVoter.ACCESS_DENIED 拒绝访问 + * @return RequestAccessResult 权限控制结果 */ - public static int requestAccessVote(HttpServletRequest request){ + public static RequestAccessResult requestAccessVote(HttpServletRequest request){ + RequestAccessResult requestAccessResult = new RequestAccessResult(); + requestAccessResult.setAccessVote(AccessDecisionVoter.ACCESS_ABSTAIN); try { RequestAccessConfigure configure = getRequestAccessConfigureByRequest(request); if(configure == null){ //非配置项文件中配置的页面,不做权限控制,弃权 - return AccessDecisionVoter.ACCESS_ABSTAIN; + requestAccessResult.setAccessVote(AccessDecisionVoter.ACCESS_ABSTAIN); + return requestAccessResult; } - return configure.accessVote(); + requestAccessResult.setRequestAccessConfigure(configure); + requestAccessResult.setAccessVote(configure.accessVote()); } catch (Exception e) { e.printStackTrace(); } - return AccessDecisionVoter.ACCESS_ABSTAIN; + return requestAccessResult; } /** Index: ssts-web/src/main/java/com/forgon/disinfectsystem/security/access/RequestAccessDecisionVoter.java =================================================================== diff -u -r40382 -r41213 --- ssts-web/src/main/java/com/forgon/disinfectsystem/security/access/RequestAccessDecisionVoter.java (.../RequestAccessDecisionVoter.java) (revision 40382) +++ ssts-web/src/main/java/com/forgon/disinfectsystem/security/access/RequestAccessDecisionVoter.java (.../RequestAccessDecisionVoter.java) (revision 41213) @@ -2,13 +2,22 @@ import java.util.Collection; +import javax.annotation.Resource; + import org.springframework.security.access.AccessDecisionVoter; import org.springframework.security.access.ConfigAttribute; import org.springframework.security.core.Authentication; import org.springframework.security.web.FilterInvocation; -public class RequestAccessDecisionVoter implements AccessDecisionVoter { +import com.forgon.directory.acegi.tools.AcegiHelper; +import com.forgon.log.model.Log; +import com.forgon.log.service.LogManager; +public class RequestAccessDecisionVoter implements AccessDecisionVoter { + + @Resource + private LogManager appLogManager; + @Override public boolean supports(ConfigAttribute attribute) { return true; @@ -21,7 +30,18 @@ @Override public int vote(Authentication authentication, FilterInvocation fi, Collection attributes) { - return RequestAccessUtil.requestAccessVote(fi.getRequest()); + RequestAccessResult requestAccessResult = RequestAccessUtil.requestAccessVote(fi.getRequest()); + if(requestAccessResult == null){ + return AccessDecisionVoter.ACCESS_ABSTAIN; + } + if(requestAccessResult.getAccessVote() == AccessDecisionVoter.ACCESS_DENIED){ + RequestAccessConfigure requestAccessConfigure = requestAccessResult.getRequestAccessConfigure(); + if(requestAccessConfigure != null){ + String log = String.format("用户【%s】访问系统资源被拒绝,没有访问的权限。请求访问的资源:【%s】,URL:【%s】", AcegiHelper.getLoginUserFullName(), requestAccessConfigure.getRequestName(), requestAccessConfigure.getUri()); + appLogManager.saveLog(AcegiHelper.getLoginUser(), Log.MODEL_LOGIN, Log.LOG_TYPE_LOGIN, log); + } + } + return requestAccessResult.getAccessVote(); } }