ctripcorp/zeus
1
1
Fork 0
mirror of https://github.com/ctripcorp/zeus.git synced 2024-09-21 16:16:09 +08:00
Code Issues Packages Projects Releases Wiki Activity

integrate sso and authorization part

Browse source
This commit is contained in:
mag 2015-04-27 15:16:50 +08:00
parent 95626bf0bd
commit d1076a3db6
17 changed files with 529 additions and 45 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

10
pom.xml
View file

@ -111,16 +111,6 @@
<version>${spring.version}</version>
<scope>test</scope>
</dependency>
<dependency>
<groupId>org.springframework.security</groupId>
<artifactId>spring-security-web</artifactId>
<version>4.0.0.RELEASE</version>
</dependency>
<dependency>
<groupId>org.springframework.security</groupId>
<artifactId>spring-security-config</artifactId>
<version>4.0.0.RELEASE</version>
</dependency>
<dependency>
<groupId>junit</groupId>

30
src/main/java/com/ctrip/zeus/auth/Authorize.java Normal file
View file

@ -0,0 +1,30 @@
package com.ctrip.zeus.auth;
import com.ctrip.zeus.auth.impl.UriResGroupProvider;
import java.lang.annotation.*;
/**
* User: mag
* Date: 4/22/2015
* Time: 2:36 PM
*/
@Inherited
@Target({ElementType.TYPE, ElementType.METHOD})
@Retention(RetentionPolicy.RUNTIME)
@Documented
public @interface Authorize {
String name();
Class<? extends ResourceGroupProvider> groupProvider() default UriResGroupProvider.class;
/**
* indicate the resource group is in which part of the uri.
* for example, when uri is: /api/app/get/app1 and the group hint is set to 3,
* then the resource group will be "app1". By default the value is 0, which means
* the group will be parsed from the path annotation from the Resource api,
* for example, if the Path is set to "/get/{appName}", then the {appName} part in
* the uri will be used as resource group. When it is set to -1, it means no group.
* @return
*/
int uriGroupHint() default 0;
}

20
src/main/java/com/ctrip/zeus/auth/Authorizer.java Normal file
View file

@ -0,0 +1,20 @@
package com.ctrip.zeus.auth;
import com.ctrip.zeus.auth.impl.AuthorizeException;
/**
* User: mag
* Date: 4/22/2015
* Time: 1:41 PM
*/
public interface Authorizer {
/**
* Check whether the user has the authorization to access the resource
* in the specified group or not. If not throw
* @param userName
* @param resourceName
* @param resGroup
* @throws com.ctrip.zeus.auth.impl.AuthorizeException
*/
void authorize(String userName, String resourceName, String resGroup) throws AuthorizeException;
}

18
src/main/java/com/ctrip/zeus/auth/ResourceGroupProvider.java Normal file
View file

@ -0,0 +1,18 @@
package com.ctrip.zeus.auth;
import javax.servlet.http.HttpServletRequest;
import java.lang.reflect.Method;
/**
* User: mag
* Date: 4/22/2015
* Time: 2:47 PM
*/
public interface ResourceGroupProvider {
/**
* Provide the resource group name what the request belongs to.
* @param
* @param request
* @return
*/
String provideResourceGroup(Method method,HttpServletRequest request);
}

27
src/main/java/com/ctrip/zeus/auth/impl/AuthorizeException.java Normal file
View file

@ -0,0 +1,27 @@
package com.ctrip.zeus.auth.impl;
/**
* User: mag
* Date: 4/22/2015
* Time: 1:43 PM
*/
public class AuthorizeException extends Exception{
public AuthorizeException(){
}
public AuthorizeException(String message){
super(message);
}
public AuthorizeException(String message, Throwable t){
super(message, t);
}
public AuthorizeException(Throwable t){
super(t);
}
}

95
src/main/java/com/ctrip/zeus/auth/impl/DefaultAuthorizer.java Normal file
View file

@ -0,0 +1,95 @@
package com.ctrip.zeus.auth.impl;
import com.ctrip.zeus.auth.Authorizer;
import com.ctrip.zeus.dal.core.*;
import org.springframework.stereotype.Component;
import org.unidal.dal.jdbc.DalException;
import javax.annotation.Resource;
import java.util.ArrayList;
import java.util.List;
/**
* User: mag
* Date: 4/22/2015
* Time: 1:44 PM
*/
@Component("authorizer")
public class DefaultAuthorizer implements Authorizer {
private static final String SUPER_ADMIN = "SuperAdmin";
private static final String SLB_USER = "SlbUser";
@Resource
private AuthUserRoleDao userRoleDao;
@Resource
private AuthResourceRoleDao resRoleDao;
@Override
public void authorize(String userName, String resourceName, String resGroup) throws AuthorizeException {
try {
//TODO add some cache
List<AuthUserRoleDo> userRoles = getUserRoles(userName);
List<AuthResourceRoleDo> resRoles = resRoleDao.findByResourceName(resourceName,AuthResourceRoleEntity.READSET_FULL);
//Super Admin has all authorities.
//If resource role is not config, any role can access it.
if (isSuperAdmin(userRoles) || resRoles.isEmpty()){
return;
}
List<AuthUserRoleDo> rolesInCommon = findCommonRoles(userRoles, resRoles);
// if resource group is empty and there is some common roles, then check success.
if ((resGroup == null || resGroup.isEmpty()) && rolesInCommon.size() > 0){
return;
}
for (AuthUserRoleDo userRoleDo : rolesInCommon) {
if (groupMatch(userRoleDo.getGroup(), resGroup)){
return;
}
}
} catch (Exception e) {
throw new AuthorizeException(e);
}
throw new AuthorizeException("The user:" + userName + " is not authorized.");
}
private boolean groupMatch(String userGroup, String resGroup) {
return resGroup.matches(userGroup);
}
private List<AuthUserRoleDo> getUserRoles(String userName) throws DalException {
List<AuthUserRoleDo> result = userRoleDao.findByUserName(userName, AuthUserRoleEntity.READSET_FULL);
if (result == null){
result = new ArrayList<>();
}
// add slb user role
result.add(new AuthUserRoleDo().setUserName(userName)
.setRoleName(SLB_USER)
.setGroup(".*"));
return result;
}
private boolean isSuperAdmin(List<AuthUserRoleDo> userRoles) {
for (AuthUserRoleDo userRole : userRoles) {
if (SUPER_ADMIN.equals(userRole.getRoleName())){
return true;
}
}
return false;
}
private List<AuthUserRoleDo> findCommonRoles(List<AuthUserRoleDo> userRoles, List<AuthResourceRoleDo> resRoles) {
List<AuthUserRoleDo> result = new ArrayList<>();
for (AuthUserRoleDo userRole : userRoles) {
for (AuthResourceRoleDo resRole : resRoles) {
if (userRole.getRoleName().equals(resRole.getRoleName())) {
result.add(userRole);
}
}
}
return result;
}
}

118
src/main/java/com/ctrip/zeus/auth/impl/IPAuthenticationFilter.java Normal file
View file

@ -0,0 +1,118 @@
package com.ctrip.zeus.auth.impl;
import com.netflix.config.DynamicPropertyFactory;
import com.netflix.config.DynamicStringProperty;
import org.jasig.cas.client.util.AbstractCasFilter;
import org.jasig.cas.client.validation.Assertion;
import org.jasig.cas.client.validation.AssertionImpl;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import javax.servlet.*;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import javax.servlet.http.HttpSession;
import java.io.IOException;
import java.util.HashMap;
import java.util.Map;
/**
* Authenticate with ip.
*
* User: mag
* Date: 4/21/2015
* Time: 3:00 PM
*/
public class IPAuthenticationFilter implements Filter{
private static final Logger logger = LoggerFactory.getLogger(IPAuthenticationFilter.class);
DynamicStringProperty ipUserStr = DynamicPropertyFactory.getInstance().getStringProperty("ip.authentication", "127.0.0.1,172.16.144.61=releaseSys");
private volatile Map<String, String> ipUserMap = new HashMap<>();
@Override
public void init(FilterConfig filterConfig) {
ipUserMap = parseIpUserStr(ipUserStr.get());
ipUserStr.addCallback(new Runnable() {
@Override
public void run() {
ipUserMap = parseIpUserStr(ipUserStr.get());
}
});
}
public final void doFilter(final ServletRequest servletRequest, final ServletResponse servletResponse, final FilterChain filterChain) throws IOException, ServletException {
final HttpServletRequest request = (HttpServletRequest) servletRequest;
final HttpServletResponse response = (HttpServletResponse) servletResponse;
final HttpSession session = request.getSession(false);
Assertion assertion = session != null ? (Assertion) session.getAttribute(AbstractCasFilter.CONST_CAS_ASSERTION) : null;
if (assertion != null) {
filterChain.doFilter(request, response);
return;
}
// if the request is from in ip white list, then authenticate it using the ip white list.
String clientIP = getClientIP(request);
String ipUser = getIpUser(clientIP);
if (ipUser != null){
logger.info("Authenticated by IP: " + clientIP + " Assigned userName:" + ipUser);
assertion = new AssertionImpl(ipUser);
request.setAttribute(AbstractCasFilter.CONST_CAS_ASSERTION, assertion);
request.getSession().setAttribute(AbstractCasFilter.CONST_CAS_ASSERTION, assertion);
}
filterChain.doFilter(request,response);
}
@Override
public void destroy() {
// nothing to do
}
private Map<String,String> parseIpUserStr(String ipConfig){
Map<String, String> result = new HashMap<>();
if (ipConfig == null || ipConfig.isEmpty()) {
return result;
}
String[] configs = ipConfig.split("#");
for(String config : configs) {
String[] parts = config.split("=", -1);
if (parts == null || parts.length != 2){
logger.error("fail to parse {}", config);
continue;
}
String[] ips = parts[0].split(",");
String userName = parts[1];
for (String ip : ips) {
result.put(ip,userName);
}
}
return result;
}
private String getIpUser(String clientIP) {
String user = ipUserMap.get(clientIP);
return user;
}
private String getClientIP(HttpServletRequest request) {
String ip = request.getHeader("X-Forwarded-For");
if (ip == null || ip.length() == 0 || "unknown".equalsIgnoreCase(ip)) {
ip = request.getHeader("Proxy-Client-IP");
}
if (ip == null || ip.length() == 0 || "unknown".equalsIgnoreCase(ip)) {
ip = request.getHeader("WL-Proxy-Client-IP");
}
if (ip == null || ip.length() == 0 || "unknown".equalsIgnoreCase(ip)) {
ip = request.getHeader("HTTP_CLIENT_IP");
}
if (ip == null || ip.length() == 0 || "unknown".equalsIgnoreCase(ip)) {
ip = request.getHeader("HTTP_X_FORWARDED_FOR");
}
if (ip == null || ip.length() == 0 || "unknown".equalsIgnoreCase(ip)) {
ip = request.getRemoteAddr();
}
return ip;
}
}

89
src/main/java/com/ctrip/zeus/auth/impl/UriResGroupProvider.java Normal file
View file

@ -0,0 +1,89 @@
package com.ctrip.zeus.auth.impl;
import com.ctrip.zeus.auth.Authorize;
import com.ctrip.zeus.auth.ResourceGroupProvider;
import javax.servlet.http.HttpServletRequest;
import javax.ws.rs.Path;
import java.lang.reflect.Method;
/**
* User: mag
* Date: 4/22/2015
* Time: 2:51 PM
*/
public class UriResGroupProvider implements ResourceGroupProvider {
@Override
public String provideResourceGroup(Method method, HttpServletRequest request) {
if (request == null){
return null;
}
int groupHint = getGroupHintFromMethod(method);
String uriTemplate = getTemplateFromMethod(method);
String uri = request.getRequestURI();
String[] uriParts = uri.split("/");
if (uriParts.length < groupHint || groupHint < 0){
return null;
}
if (groupHint == 0){
return findGroupFromTemplate(uri, uriTemplate);
}
return uriParts[groupHint];
}
private String getTemplateFromMethod(Method method) {
Class declaredClass = method.getDeclaringClass();
Path pathAnno = method.getAnnotation(Path.class);
Path classPathAnno = (Path)declaredClass.getAnnotation(Path.class);
if (classPathAnno == null || pathAnno == null){
return null;
}
return classPathAnno.value() + pathAnno.value();
}
private int getGroupHintFromMethod(Method method) {
Authorize authorize = method.getAnnotation(Authorize.class);
if (authorize == null){
return -1;
}
return authorize.uriGroupHint();
}
private String findGroupFromTemplate(String uri, String uriTemplate) {
if (uriTemplate == null || uriTemplate.isEmpty()
|| uri == null || uri.isEmpty()) {
return null;
}
int bracketStart = uriTemplate.indexOf("{");
if (bracketStart == -1){
return null;
}
String templPrefix = uriTemplate.substring(0, bracketStart);
int uriTemplIdx = uri.indexOf(templPrefix);
if (uriTemplIdx == -1){
return null;
}
int groupStart = uriTemplIdx + templPrefix.length();
StringBuffer groupBuf = new StringBuffer();
for (int i = groupStart;i<uri.length();i++){
char gChar = uri.charAt(i);
if (gChar == '/'){
break;
}
groupBuf.append(gChar);
}
return groupBuf.toString();
}
public static void main(String[] args) {
UriResGroupProvider provider = new UriResGroupProvider();
String group = provider.findGroupFromTemplate("/api/app/app12345","/app/{appName:[a-zA-Z0-9_-]+}");
System.out.println(group);
}
}

1
src/main/java/com/ctrip/zeus/restful/resource/AppResource.java
View file

@ -8,7 +8,6 @@ import com.ctrip.zeus.model.transform.DefaultJsonParser;
import com.ctrip.zeus.model.transform.DefaultSaxParser;
import com.ctrip.zeus.restful.message.ResponseHandler;
import com.ctrip.zeus.service.model.AppRepository;
import org.springframework.security.access.prepost.PreAuthorize;
import org.springframework.stereotype.Component;
import javax.annotation.Resource;

5
src/main/java/com/ctrip/zeus/restful/resource/AuthResource.java
View file

@ -1,5 +1,6 @@
package com.ctrip.zeus.restful.resource;
import com.ctrip.zeus.auth.Authorize;
import com.ctrip.zeus.auth.entity.Role;
import com.ctrip.zeus.auth.entity.RoleList;
import com.ctrip.zeus.auth.entity.User;
@ -10,6 +11,7 @@ import com.ctrip.zeus.service.auth.AuthorizationService;
import org.springframework.stereotype.Component;
import javax.annotation.Resource;
import javax.servlet.http.HttpServletRequest;
import javax.ws.rs.*;
import javax.ws.rs.core.Context;
import javax.ws.rs.core.HttpHeaders;
@ -31,7 +33,8 @@ public class AuthResource {
@GET
@Path("/role")
@Produces({MediaType.APPLICATION_JSON, MediaType.APPLICATION_XML})
public Response allRoles(@Context HttpHeaders hh) throws Exception {
@Authorize(name="getAuth")
public Response allRoles(@Context HttpServletRequest request, @Context HttpHeaders hh) throws Exception {
List<Role> roles = authService.getAllRoles();
RoleList roleList = new RoleList();
for (Role role : roles) {

10
src/main/java/com/ctrip/zeus/restful/resource/SlbResource.java
View file

@ -1,6 +1,6 @@
package com.ctrip.zeus.restful.resource;
import com.ctrip.zeus.exceptions.ValidationException;
import com.ctrip.zeus.auth.Authorize;
import com.ctrip.zeus.lock.DbLockFactory;
import com.ctrip.zeus.lock.DistLock;
import com.ctrip.zeus.model.entity.Slb;
@ -10,17 +10,14 @@ import com.ctrip.zeus.model.transform.DefaultSaxParser;
import com.ctrip.zeus.restful.message.ResponseHandler;
import com.ctrip.zeus.service.model.SlbRepository;
import org.springframework.stereotype.Component;
import org.springframework.web.bind.annotation.ResponseBody;
import org.xml.sax.SAXException;
import javax.annotation.Resource;
import javax.servlet.http.HttpServletRequest;
import javax.ws.rs.*;
import javax.ws.rs.core.Context;
import javax.ws.rs.core.HttpHeaders;
import javax.ws.rs.core.MediaType;
import javax.ws.rs.core.Response;
import java.io.IOException;
import java.util.List;
/**
* @author:xingchaowang
@ -50,7 +47,8 @@ public class SlbResource {
@GET
@Path("/get/{slbName:[a-zA-Z0-9_-]+}")
@Produces({MediaType.APPLICATION_JSON, MediaType.APPLICATION_XML})
public Response getBySlbName(@Context HttpHeaders hh, @PathParam("slbName") String slbName) throws Exception {
@Authorize(name="getSlb")
public Response getBySlbName(@Context HttpHeaders hh, @Context HttpServletRequest request, @PathParam("slbName") String slbName) throws Exception {
Slb slb = slbRepository.get(slbName);
return responseHandler.handle(slb, hh.getMediaType());
}

24
src/main/java/com/ctrip/zeus/server/SlbAdminServer.java
View file

@ -1,6 +1,8 @@
package com.ctrip.zeus.server;
import com.ctrip.zeus.auth.impl.IPAuthenticationFilter;
import com.ctrip.zeus.restful.resource.SlbResourcePackage;
import com.netflix.config.DynamicBooleanProperty;
import com.netflix.config.DynamicIntProperty;
import com.netflix.config.DynamicPropertyFactory;
import com.netflix.config.DynamicStringProperty;
@ -21,7 +23,6 @@ import org.jasig.cas.client.validation.Cas20ProxyReceivingTicketValidationFilter
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.springframework.web.context.ContextLoaderListener;
import org.springframework.web.filter.DelegatingFilterProxy;
import javax.servlet.DispatcherType;
import java.io.File;
@ -48,6 +49,11 @@ public class SlbAdminServer extends AbstractServer {
DynamicIntProperty serverPort = DynamicPropertyFactory.getInstance().getIntProperty("server.port", 8099);
DynamicStringProperty wwwBaseDir = DynamicPropertyFactory.getInstance().getStringProperty("server.www.base-dir", ".");
DynamicStringProperty springContextFile = DynamicPropertyFactory.getInstance().getStringProperty("server.spring.context-file", "spring-context.xml");
DynamicBooleanProperty enableAuthenticate = DynamicPropertyFactory.getInstance().getBooleanProperty("server.authentication.enable", false);
DynamicStringProperty casServerLoginUrl = DynamicPropertyFactory.getInstance().getStringProperty("server.sso.casServer.login.url", "");
DynamicStringProperty casServerUrlPrefix = DynamicPropertyFactory.getInstance().getStringProperty("server.sso.casServer.url.prefix", "");
DynamicStringProperty serverName = DynamicPropertyFactory.getInstance().getStringProperty("server.sso.server.name", "");
//Config Jersey
ResourceConfig config = new ResourceConfig();
@ -80,21 +86,23 @@ public class SlbAdminServer extends AbstractServer {
handler.addFilter(GzipFilter.class, "/*", EnumSet.of(DispatcherType.REQUEST))
.setInitParameter("mimeTypes", "application/json, application/xml,text/xml, text/html");
//handler.addFilter(new FilterHolder(new DelegatingFilterProxy("springSecurityFilterChain")), "/*", EnumSet.of(DispatcherType.REQUEST));
//SSO filter
if (enableAuthenticate.get()) {
handler.addFilter(SingleSignOutFilter.class, "/*", EnumSet.of(DispatcherType.REQUEST));
handler.addFilter(IPAuthenticationFilter.class, "/*", EnumSet.of(DispatcherType.REQUEST));
FilterHolder af = handler.addFilter(AuthenticationFilter.class, "/*", EnumSet.of(DispatcherType.REQUEST));
af.setInitParameter("casServerLoginUrl","https://cas.uat.qa.nt.ctripcorp.com/caso/login");
af.setInitParameter("serverName","http://localhost:8099");
af.setInitParameter("casServerLoginUrl", casServerLoginUrl.get());
af.setInitParameter("serverName", serverName.get());
FilterHolder validateFilter = handler.addFilter(Cas20ProxyReceivingTicketValidationFilter.class, "/*", EnumSet.of(DispatcherType.REQUEST));
validateFilter.setInitParameter("casServerUrlPrefix", "https://cas.uat.qa.nt.ctripcorp.com/caso");
validateFilter.setInitParameter("serverName", "http://localhost:8099");
validateFilter.setInitParameter("casServerUrlPrefix", casServerUrlPrefix.get());
validateFilter.setInitParameter("serverName", serverName.get());
validateFilter.setInitParameter("encoding", "UTF-8");
handler.addFilter(HttpServletRequestWrapperFilter.class, "/*", EnumSet.of(DispatcherType.REQUEST));
}
//Config Servlet
handler.addServlet(jerseyServletHolder, "/api/*");

81
src/main/java/com/ctrip/zeus/service/aop/AuthorizationAspect.java Normal file
View file

@ -0,0 +1,81 @@
package com.ctrip.zeus.service.aop;
import com.ctrip.zeus.auth.Authorize;
import com.ctrip.zeus.auth.Authorizer;
import com.ctrip.zeus.auth.ResourceGroupProvider;
import com.ctrip.zeus.restful.message.impl.ErrorResponseHandler;
import com.netflix.config.DynamicBooleanProperty;
import com.netflix.config.DynamicPropertyFactory;
import org.aspectj.lang.JoinPoint;
import org.aspectj.lang.ProceedingJoinPoint;
import org.aspectj.lang.annotation.Around;
import org.aspectj.lang.annotation.Aspect;
import org.aspectj.lang.annotation.Before;
import org.aspectj.lang.reflect.MethodSignature;
import org.glassfish.jersey.server.ContainerRequest;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.springframework.core.Ordered;
import org.springframework.stereotype.Component;
import javax.annotation.Resource;
import javax.servlet.http.HttpServletRequest;
import javax.ws.rs.Path;
import javax.ws.rs.core.MediaType;
import java.lang.annotation.Annotation;
import java.lang.reflect.InvocationTargetException;
import java.lang.reflect.Method;
/**
* User: mag
* Date: 4/22/2015
* Time: 2:59 PM
*/
@Aspect
@Component
public class AuthorizationAspect implements Ordered{
private DynamicBooleanProperty enableAuthorize = DynamicPropertyFactory.getInstance().getBooleanProperty("server.authorization.enable", false);
@Resource
private Authorizer authorizer;
@Before("execution(* com.ctrip.zeus.restful.resource.*Resource.*(..))")
public void interceptAuthorize(JoinPoint point) throws Throwable {
if (!enableAuthorize.get()){
return;
}
MethodSignature signature = (MethodSignature)point.getSignature();
Method method = signature.getMethod();
Authorize authorize = method.getAnnotation(Authorize.class);
if (authorize != null){
String resourceName = authorize.name();
HttpServletRequest request = findRequestArg(point);
// not found request parameter
if (request == null){
return;
}
Class<? extends ResourceGroupProvider> groupProviderClass = authorize.groupProvider();
ResourceGroupProvider groupProvider = groupProviderClass.newInstance();
String resourceGroup = groupProvider.provideResourceGroup(method, request);
String userName = request.getRemoteUser();
authorizer.authorize(userName,resourceName,resourceGroup);
}
}
private HttpServletRequest findRequestArg(JoinPoint point) {
Object[] args = point.getArgs();
for (Object arg : args) {
if (arg instanceof HttpServletRequest){
return (HttpServletRequest)arg;
}
}
return null;
}
@Override
public int getOrder() {
return 100;
}
}

8
src/main/java/com/ctrip/zeus/service/aop/ExceptionAspect.java
View file

@ -9,6 +9,7 @@ import org.aspectj.lang.annotation.Aspect;
import org.glassfish.jersey.server.ContainerRequest;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.springframework.core.Ordered;
import org.springframework.stereotype.Component;
import javax.annotation.Resource;
@ -20,7 +21,7 @@ import java.lang.reflect.InvocationTargetException;
*/
@Aspect
@Component
public class ExceptionAspect {
public class ExceptionAspect implements Ordered{
@Resource
private ErrorResponseHandler errorResponseHandler;
private Logger logger = LoggerFactory.getLogger(this.getClass());
@ -59,4 +60,9 @@ public class ExceptionAspect {
}
}
}
@Override
public int getOrder() {
return 0;
}
}

10
src/main/resources/META-INF/dal/jdbc/core-auth.xml
View file

@ -1,6 +1,6 @@
<?xml version="1.0" encoding="UTF-8"?>
<entities do-package="com.ctrip.zeus.dal.core" gen="true" do-class-suffix="Do">
<entity name="auth-user" table="auth-user" alias="au" do-class="AuthUserDo">
<entity name="auth-user" table="auth_user" alias="au" do-class="AuthUserDo">
<query-defs>
<query name="update-by-name" type="UPDATE">
<param user-name="user-name"/>
@ -41,7 +41,7 @@
</query>
</query-defs>
</entity>
<entity name="auth-user-role" table="auth-user-role" alias="aur" do-class="AuthUserRoleDo">
<entity name="auth-user-role" table="auth_user_role" alias="aur" do-class="AuthUserRoleDo">
<query-defs>
<query name="find-by-user-name" type="SELECT" multiple="true">
<param name="user-name"/>
@ -77,7 +77,7 @@
</query-defs>
</entity>
<entity name="auth-role" table="auth-role" alias="ar" do-class="AuthRoleDo">
<entity name="auth-role" table="auth_role" alias="ar" do-class="AuthRoleDo">
<query-defs>
<query name="find-all" type="SELECT" multiple="true">
<statement>
@ -100,7 +100,7 @@
</query-defs>
</entity>
<entity name="auth-resource" table="auth-resource" alias="ares" do-class="AuthResourceDo">
<entity name="auth-resource" table="auth_resource" alias="ares" do-class="AuthResourceDo">
<query-defs>
<query name="find-all" type="SELECT" multiple="true">
<statement>
@ -143,7 +143,7 @@
</query-defs>
</entity>
<entity name="auth-resource-role" table="auth-resource-role" alias="arr" do-class="AuthResourceRoleDo">
<entity name="auth-resource-role" table="auth_resource_role" alias="arr" do-class="AuthResourceRoleDo">
<query-defs>
<query name="find-by-resource-name" type="SELECT" multiple="true">
<param name="resource-name"/>

10
src/main/resources/META-INF/dal/jdbc/core-codegen.xml
View file

@ -293,7 +293,7 @@
<member name="resource-type" field="resource_type" value-type="String" length="50" />
<member name="description" field="description" value-type="String" length="100" />
<member name="created-time" field="created_time" value-type="Date" />
<member name="last-modified" field="last_modified" value-type="Date" nullable="false" />
<member name="data-change-last-time" field="DataChange_LastTime" value-type="Date" nullable="false" />
<var name="key-id" value-type="int" key-member="id" />
<primary-key name="PRIMARY" members="id" />
<readsets>
@ -331,7 +331,7 @@
<member name="resource-name" field="resource_name" value-type="String" length="50" nullable="false" />
<member name="role-name" field="role_name" value-type="String" length="50" nullable="false" />
<member name="created-time" field="created_time" value-type="Date" />
<member name="last-modified" field="last_modified" value-type="Date" nullable="false" />
<member name="data-change-last-time" field="DataChange_LastTime" value-type="Date" nullable="false" />
<var name="key-id" value-type="int" key-member="id" />
<primary-key name="PRIMARY" members="id" />
<index name="role_idx" members="role_name ASC" />
@ -371,7 +371,7 @@
<member name="role-name" field="role_name" value-type="String" length="50" nullable="false" />
<member name="description" field="description" value-type="String" length="100" />
<member name="created-time" field="created_time" value-type="Date" />
<member name="last-modified" field="last_modified" value-type="Date" nullable="false" />
<member name="data-change-last-time" field="DataChange_LastTime" value-type="Date" nullable="false" />
<var name="key-id" value-type="int" key-member="id" />
<primary-key name="PRIMARY" members="id" />
<index name="role_idx" unique="true" members="role_name ASC" />
@ -409,6 +409,8 @@
<member name="id" field="id" value-type="int" length="10" nullable="false" key="true" auto-increment="true" />
<member name="user-name" field="user_name" value-type="String" length="50" nullable="false" />
<member name="description" field="description" value-type="String" length="100" />
<member name="created-time" field="created_time" value-type="Date" />
<member name="data-change-last-time" field="DataChange_LastTime" value-type="Date" nullable="false" />
<var name="key-id" value-type="int" key-member="id" />
<primary-key name="PRIMARY" members="id" />
<index name="usr_name_idx" unique="true" members="user_name ASC" />
@ -448,7 +450,7 @@
<member name="role-name" field="role_name" value-type="String" length="50" nullable="false" />
<member name="group" field="group" value-type="String" length="50" nullable="false" />
<member name="created-time" field="created_time" value-type="Date" />
<member name="last-modified" field="last_modified" value-type="Date" nullable="false" />
<member name="data-change-last-time" field="DataChange_LastTime" value-type="Date" nullable="false" />
<var name="key-id" value-type="int" key-member="id" />
<primary-key name="PRIMARY" members="id" />
<index name="usr_role_idx" unique="true" members="user_name ASC" />

10
src/main/resources/META-INF/plexus/components.xml
View file

@ -84,7 +84,7 @@
<implementation>org.unidal.dal.jdbc.mapping.SimpleTableProvider</implementation>
<configuration>
<logical-table-name>auth-resource</logical-table-name>
<physical-table-name>auth-resource</physical-table-name>
<physical-table-name>auth_resource</physical-table-name>
<data-source-name>zeus</data-source-name>
</configuration>
</component>
@ -94,7 +94,7 @@
<implementation>org.unidal.dal.jdbc.mapping.SimpleTableProvider</implementation>
<configuration>
<logical-table-name>auth-resource-role</logical-table-name>
<physical-table-name>auth-resource-role</physical-table-name>
<physical-table-name>auth_resource_role</physical-table-name>
<data-source-name>zeus</data-source-name>
</configuration>
</component>
@ -104,7 +104,7 @@
<implementation>org.unidal.dal.jdbc.mapping.SimpleTableProvider</implementation>
<configuration>
<logical-table-name>auth-role</logical-table-name>
<physical-table-name>auth-role</physical-table-name>
<physical-table-name>auth_role</physical-table-name>
<data-source-name>zeus</data-source-name>
</configuration>
</component>
@ -114,7 +114,7 @@
<implementation>org.unidal.dal.jdbc.mapping.SimpleTableProvider</implementation>
<configuration>
<logical-table-name>auth-user</logical-table-name>
<physical-table-name>auth-user</physical-table-name>
<physical-table-name>auth_user</physical-table-name>
<data-source-name>zeus</data-source-name>
</configuration>
</component>
@ -124,7 +124,7 @@
<implementation>org.unidal.dal.jdbc.mapping.SimpleTableProvider</implementation>
<configuration>
<logical-table-name>auth-user-role</logical-table-name>
<physical-table-name>auth-user-role</physical-table-name>
<physical-table-name>auth_user_role</physical-table-name>
<data-source-name>zeus</data-source-name>
</configuration>
</component>