mirror of
https://github.com/getrebuild/rebuild.git
synced 2024-09-20 07:25:54 +08:00
auth
This commit is contained in:
parent
e8d452d8fd
commit
d519450405
2
@rbv
2
@rbv
|
@ -1 +1 @@
|
|||
Subproject commit 276e88e1327caf8f6dcc9b08c16ba7b67010e396
|
||||
Subproject commit 300eb4e694d946fa497276d05cc59d6a40be8c13
|
10
pom.xml
10
pom.xml
|
@ -421,5 +421,15 @@
|
|||
<artifactId>oshi-core</artifactId>
|
||||
<version>5.8.0</version>
|
||||
</dependency>
|
||||
|
||||
<!-- Local .deps -->
|
||||
<dependency>
|
||||
<groupId>local</groupId>
|
||||
<artifactId>dingtalk-sdk</artifactId>
|
||||
<version>20210719</version>
|
||||
<scope>system</scope>
|
||||
<systemPath>${basedir}/.deps/taobao-sdk-java-auto_1479188381469-20210716.jar</systemPath>
|
||||
</dependency>
|
||||
|
||||
</dependencies>
|
||||
</project>
|
||||
|
|
|
@ -58,7 +58,7 @@ public class LoginToken extends BaseApi {
|
|||
*
|
||||
* @param user
|
||||
* @param password
|
||||
* @return
|
||||
* @return 返回 null 表示成功
|
||||
*/
|
||||
public static String checkUser(String user, String password) {
|
||||
if (!Application.getUserStore().existsUser(user)) {
|
||||
|
|
|
@ -177,6 +177,7 @@ public class EntityHelper {
|
|||
public static final int RoleMember = 5;
|
||||
public static final int Team = 6;
|
||||
public static final int TeamMember = 7;
|
||||
public static final int ExternalUser = 8;
|
||||
|
||||
// 配置
|
||||
|
||||
|
|
|
@ -297,7 +297,7 @@ public class ConfigurationController extends BaseController {
|
|||
}
|
||||
}
|
||||
|
||||
String homeUrl = RebuildConfiguration.getHomeUrl();
|
||||
String homeUrl = RebuildConfiguration.getHomeUrl("/user/dingtalk");
|
||||
mv.getModel().put("_DingtalkHomeUrl", homeUrl);
|
||||
|
||||
return mv;
|
||||
|
@ -329,7 +329,7 @@ public class ConfigurationController extends BaseController {
|
|||
}
|
||||
}
|
||||
|
||||
String homeUrl = RebuildConfiguration.getHomeUrl();
|
||||
String homeUrl = RebuildConfiguration.getHomeUrl("/user/wxwork");
|
||||
mv.getModel().put("_WxworkHomeUrl", homeUrl);
|
||||
mv.getModel().put("_WxworkAuthCallUrl", homeUrl.split("//")[1].split("/")[0]);
|
||||
|
||||
|
|
|
@ -15,7 +15,10 @@ import com.rebuild.api.RespBody;
|
|||
import com.rebuild.core.Application;
|
||||
import com.rebuild.core.metadata.EntityHelper;
|
||||
import com.rebuild.core.privileges.UserService;
|
||||
import com.rebuild.core.privileges.bizz.User;
|
||||
import com.rebuild.core.service.DataSpecificationException;
|
||||
import com.rebuild.core.support.ConfigurationItem;
|
||||
import com.rebuild.core.support.RebuildConfiguration;
|
||||
import com.rebuild.core.support.VerfiyCode;
|
||||
import com.rebuild.core.support.i18n.I18nUtils;
|
||||
import com.rebuild.core.support.i18n.Language;
|
||||
|
@ -41,7 +44,25 @@ public class UserSettings extends EntityController {
|
|||
@GetMapping("/user")
|
||||
public ModelAndView pageUser(HttpServletRequest request) {
|
||||
ModelAndView mv = createModelAndView("/settings/user-settings");
|
||||
mv.getModelMap().put("user", Application.getUserStore().getUser(getRequestUser(request)));
|
||||
|
||||
User user = Application.getUserStore().getUser(getRequestUser(request));
|
||||
mv.getModelMap().put("user", user);
|
||||
|
||||
if (RebuildConfiguration.get(ConfigurationItem.DingtalkCorpid) != null) {
|
||||
Object[] dingtalkUser = Application.createQueryNoFilter(
|
||||
"select user from ExternalUser where bindUser = ? and appType = 1")
|
||||
.setParameter(1, user.getId())
|
||||
.unique();
|
||||
if (dingtalkUser != null) mv.getModelMap().put("dingtalkUser", dingtalkUser[0]);
|
||||
}
|
||||
if (RebuildConfiguration.get(ConfigurationItem.WxworkCorpid) != null) {
|
||||
Object[] wxworkUser = Application.createQueryNoFilter(
|
||||
"select user from ExternalUser where bindUser = ? and appType = 2")
|
||||
.setParameter(1, user.getId())
|
||||
.unique();
|
||||
if (wxworkUser != null) mv.getModelMap().put("wxworkUser", wxworkUser[0]);
|
||||
}
|
||||
|
||||
return mv;
|
||||
}
|
||||
|
||||
|
@ -146,4 +167,19 @@ public class UserSettings extends EntityController {
|
|||
}
|
||||
return RespBody.ok();
|
||||
}
|
||||
|
||||
@PostMapping("/cancel-external-user")
|
||||
public RespBody cancelExternalUser(HttpServletRequest request) {
|
||||
int appType = getIntParameter(request, "type", 0);
|
||||
Object[] externalUser = Application.createQueryNoFilter(
|
||||
"select userId from ExternalUser where bindUser = ? and appType = ?")
|
||||
.setParameter(1, getRequestUser(request))
|
||||
.setParameter(2, appType)
|
||||
.unique();
|
||||
if (externalUser != null) {
|
||||
Application.getCommonsService().delete((ID) externalUser[0]);
|
||||
}
|
||||
|
||||
return RespBody.ok();
|
||||
}
|
||||
}
|
||||
|
|
|
@ -1260,7 +1260,7 @@
|
|||
"短信签名":"短信签名",
|
||||
"短信账户未配置或配置错误":"短信账户未配置或配置错误",
|
||||
"确定":"确定",
|
||||
"确定要禁用此用户吗?":"确定要禁用此用户吗?",
|
||||
"确认要禁用此用户吗?":"确认要禁用此用户吗?",
|
||||
"确认删除当前记录吗?":"确认删除当前记录吗?",
|
||||
"确认删除此仪表盘?":"确认删除此仪表盘?",
|
||||
"确认删除此任务?":"确认删除此任务?",
|
||||
|
|
|
@ -75,6 +75,15 @@
|
|||
<index field-list="teamId,userId" type="unique"/>
|
||||
</entity>
|
||||
|
||||
<entity name="ExternalUser" type-code="008" description="外部用户" queryable="false" parent="false">
|
||||
<field name="userId" type="primary"/>
|
||||
<field name="user" type="string" max-length="100" nullable="false" updatable="false"/>
|
||||
<field name="appId" type="string" max-length="100" nullable="false" updatable="false"/>
|
||||
<field name="appType" type="small-int" nullable="false" updatable="false" default-value="1" description="1=DingTalk,2=WxWork"/>
|
||||
<field name="bindUser" type="reference" ref-entity="User" cascade="delete" nullable="false" updatable="false"/>
|
||||
<index field-list="bindUser,user" type="unique"/>
|
||||
</entity>
|
||||
|
||||
<entity name="MetaEntity" type-code="010" description="实体" name-field="entityName" queryable="false">
|
||||
<field name="entityId" type="primary"/>
|
||||
<field name="typeCode" type="small-int" nullable="false" updatable="false"/>
|
||||
|
|
|
@ -112,6 +112,17 @@ create table if not exists `team_member` (
|
|||
unique index UIX0_team_member (`TEAM_ID`, `USER_ID`)
|
||||
)Engine=InnoDB;
|
||||
|
||||
-- ************ Entity [ExternalUser] DDL ************
|
||||
create table if not exists `external_user` (
|
||||
`USER_ID` char(20) not null,
|
||||
`USER` varchar(100) not null,
|
||||
`APP_ID` varchar(100) not null,
|
||||
`APP_TYPE` smallint(6) not null default '1' comment '1=DingTalk,2=WxWork',
|
||||
`BIND_USER` char(20) not null,
|
||||
primary key (`USER_ID`),
|
||||
unique index UIX0_external_user (`BIND_USER`, `USER`)
|
||||
)Engine=InnoDB;
|
||||
|
||||
-- ************ Entity [MetaEntity] DDL ************
|
||||
create table if not exists `meta_entity` (
|
||||
`ENTITY_ID` char(20) not null,
|
||||
|
@ -790,4 +801,4 @@ insert into `project_plan_config` (`CONFIG_ID`, `PROJECT_ID`, `PLAN_NAME`, `SEQ`
|
|||
|
||||
-- DB Version (see `db-upgrade.sql`)
|
||||
insert into `system_config` (`CONFIG_ID`, `ITEM`, `VALUE`)
|
||||
values ('021-9000000000000001', 'DBVer', 36);
|
||||
values ('021-9000000000000001', 'DBVer', 37);
|
||||
|
|
|
@ -1,6 +1,18 @@
|
|||
-- Database upgrade scripts for rebuild 1.x and 2.x
|
||||
-- Each upgraded starts with `-- #VERSION`
|
||||
|
||||
-- #37 (v2.5)
|
||||
-- ************ Entity [ExternalUser] DDL ************
|
||||
create table if not exists `external_user` (
|
||||
`USER_ID` char(20) not null,
|
||||
`USER` varchar(100) not null,
|
||||
`APP_ID` varchar(100) not null,
|
||||
`APP_TYPE` smallint(6) not null default '1' comment '1=DingTalk,2=WxWork',
|
||||
`BIND_USER` char(20) not null,
|
||||
primary key (`USER_ID`),
|
||||
unique index UIX0_external_user (`BIND_USER`, `USER`)
|
||||
)Engine=InnoDB;
|
||||
|
||||
-- #36 (v2.4)
|
||||
-- ************ Entity [FrontjsCode] DDL ************
|
||||
create table if not exists `frontjs_code` (
|
||||
|
|
|
@ -6,7 +6,7 @@
|
|||
<style type="text/css">
|
||||
.rb-navbar-header .rb-toggle-left-sidebar,
|
||||
.rb-icons-nav {
|
||||
display: none !important
|
||||
display: none !important;
|
||||
}
|
||||
</style>
|
||||
</head>
|
||||
|
|
|
@ -19,7 +19,7 @@
|
|||
<a href="#modfiy" class="float-right"><i class="icon zmdi zmdi-edit"></i> [[${bundle.L('修改')}]]</a>
|
||||
</div>
|
||||
<div class="card-body">
|
||||
<h5>[[${bundle.L('接口调用凭证')}]]</h5>
|
||||
<h5>[[${bundle.L('接口凭证')}]]</h5>
|
||||
<table class="table">
|
||||
<tbody>
|
||||
<tr>
|
||||
|
@ -44,7 +44,7 @@
|
|||
<table class="table">
|
||||
<tbody>
|
||||
<tr>
|
||||
<td width="40%">应用首页地址</td>
|
||||
<td width="40%">[[${bundle.L('应用首页地址')}]]</td>
|
||||
<td>[[${_DingtalkHomeUrl}]]</td>
|
||||
</tr>
|
||||
</tbody>
|
||||
|
|
|
@ -19,7 +19,7 @@
|
|||
<a href="#modfiy" class="float-right"><i class="icon zmdi zmdi-edit"></i> [[${bundle.L('修改')}]]</a>
|
||||
</div>
|
||||
<div class="card-body">
|
||||
<h5>[[${bundle.L('接口调用凭证')}]]</h5>
|
||||
<h5>[[${bundle.L('接口凭证')}]]</h5>
|
||||
<table class="table">
|
||||
<tbody>
|
||||
<tr>
|
||||
|
@ -31,7 +31,7 @@
|
|||
<td data-id="WxworkSecret" th:data-value="${WxworkSecret ?:''}">[[${WxworkSecret ?:bundle.L('未设置')}]]</td>
|
||||
</tr>
|
||||
<tr>
|
||||
<td>企业 ID</td>
|
||||
<td>[[${bundle.L('企业 ID')}]]</td>
|
||||
<td data-id="WxworkCorpid" th:data-value="${WxworkCorpid ?:''}">[[${WxworkCorpid ?:bundle.L('未设置')}]]</td>
|
||||
</tr>
|
||||
</tbody>
|
||||
|
@ -40,11 +40,11 @@
|
|||
<table class="table">
|
||||
<tbody>
|
||||
<tr>
|
||||
<td width="40%">应用主页</td>
|
||||
<td width="40%">[[${bundle.L('应用主页')}]]</td>
|
||||
<td>[[${_WxworkHomeUrl}]]</td>
|
||||
</tr>
|
||||
<tr>
|
||||
<td>授权回调域</td>
|
||||
<td>[[${bundle.L('可信域名')}]]</td>
|
||||
<td>[[${_WxworkAuthCallUrl}]]</td>
|
||||
</tr>
|
||||
</tbody>
|
||||
|
|
BIN
src/main/resources/web/assets/img/dingtalk256.png
Normal file
BIN
src/main/resources/web/assets/img/dingtalk256.png
Normal file
Binary file not shown.
After Width: | Height: | Size: 5.8 KiB |
BIN
src/main/resources/web/assets/img/rebuild256.png
Normal file
BIN
src/main/resources/web/assets/img/rebuild256.png
Normal file
Binary file not shown.
After Width: | Height: | Size: 9 KiB |
BIN
src/main/resources/web/assets/img/wxwork256.png
Normal file
BIN
src/main/resources/web/assets/img/wxwork256.png
Normal file
Binary file not shown.
After Width: | Height: | Size: 6.2 KiB |
|
@ -35,7 +35,7 @@ $(document).ready(function () {
|
|||
})
|
||||
|
||||
$('.J_disable').click(() => {
|
||||
RbAlert.create($L('确定要禁用此用户吗?'), {
|
||||
RbAlert.create($L('确认要禁用此用户吗?'), {
|
||||
confirmText: $L('禁用'),
|
||||
confirm: function () {
|
||||
toggleDisabled(true, this)
|
||||
|
|
|
@ -50,6 +50,22 @@ $(document).ready(function () {
|
|||
})
|
||||
})
|
||||
|
||||
const $unauth = $('.J_unauth-dingtalk, .J_unauth-wxwork').on('click', () => {
|
||||
RbAlert.create($L('确认要取消授权吗?'), {
|
||||
confirm: function () {
|
||||
this.hide()
|
||||
$.post(`/settings/cancel-external-user?type=${$unauth.data('type')}`, (res) => {
|
||||
if (res.error_code === 0) {
|
||||
location.hash = 'secure'
|
||||
location.reload()
|
||||
} else {
|
||||
RbHighbar.create(res.error_msg)
|
||||
}
|
||||
})
|
||||
},
|
||||
})
|
||||
})
|
||||
|
||||
// load log
|
||||
|
||||
$('a.nav-link[href="#logs"]').click(() => {
|
||||
|
|
|
@ -22,6 +22,9 @@
|
|||
color: #fbbc05;
|
||||
font-size: 5rem;
|
||||
}
|
||||
.rb-error .error-container {
|
||||
max-width: 801px;
|
||||
}
|
||||
.error-description > pre:empty {
|
||||
display: none;
|
||||
}
|
||||
|
|
|
@ -99,20 +99,20 @@
|
|||
<div class="col-md-8 col-12">
|
||||
<form>
|
||||
<div class="form-group row">
|
||||
<label class="col-sm-4 col-form-label text-left">[[${bundle.L('用户名')}]]</label>
|
||||
<div class="col-sm-8">
|
||||
<label class="col-4 col-form-label">[[${bundle.L('用户名')}]]</label>
|
||||
<div class="col-8">
|
||||
<div class="form-control-plaintext" th:text="${user.getName()}"></div>
|
||||
</div>
|
||||
</div>
|
||||
<div class="form-group row">
|
||||
<label class="col-sm-4 col-form-label text-left">[[${bundle.L('所属部门')}]]</label>
|
||||
<div class="col-sm-8">
|
||||
<label class="col-4 col-form-label">[[${bundle.L('所属部门')}]]</label>
|
||||
<div class="col-8">
|
||||
<div class="form-control-plaintext" th:text="${user.getOwningBizUnit().getName()}"></div>
|
||||
</div>
|
||||
</div>
|
||||
<div class="form-group row">
|
||||
<label class="col-sm-4 col-form-label text-left">[[${bundle.L('加入团队')}]]</label>
|
||||
<div class="col-sm-8">
|
||||
<label class="col-4 col-form-label">[[${bundle.L('加入团队')}]]</label>
|
||||
<div class="col-8">
|
||||
<div class="form-control-plaintext split-span">
|
||||
<th:block th:each="team : ${user.getOwningTeams()}">
|
||||
<span th:text="${team.getName()}"></span>
|
||||
|
@ -122,14 +122,20 @@
|
|||
</div>
|
||||
</div>
|
||||
<div class="form-group row">
|
||||
<label class="col-sm-4 col-form-label text-left">[[${bundle.L('姓名')}]]</label>
|
||||
<div class="col-sm-8">
|
||||
<input class="form-control form-control-sm" type="text" id="fullName" th:value="${user.getFullName()}" th:data-o="${user.getFullName()}" />
|
||||
<label class="col-4 col-form-label">[[${bundle.L('姓名')}]]</label>
|
||||
<div class="col-8">
|
||||
<input
|
||||
class="form-control form-control-sm"
|
||||
type="text"
|
||||
id="fullName"
|
||||
th:value="${user.getFullName()}"
|
||||
th:data-o="${user.getFullName()}"
|
||||
/>
|
||||
</div>
|
||||
</div>
|
||||
<div class="form-group row">
|
||||
<label class="col-sm-4 col-form-label text-left">[[${bundle.L('工作电话')}]]</label>
|
||||
<div class="col-sm-8">
|
||||
<label class="col-4 col-form-label">[[${bundle.L('工作电话')}]]</label>
|
||||
<div class="col-8">
|
||||
<input
|
||||
class="form-control form-control-sm"
|
||||
type="text"
|
||||
|
@ -141,7 +147,7 @@
|
|||
</div>
|
||||
</div>
|
||||
<div class="form-group row border-none mt-3">
|
||||
<div class="col-sm-8 offset-sm-4">
|
||||
<div class="col-8 offset-sm-4">
|
||||
<button class="btn btn-primary J_save" type="button">[[${bundle.L('确定')}]]</button>
|
||||
</div>
|
||||
</div>
|
||||
|
@ -152,23 +158,41 @@
|
|||
<div class="tab-pane" id="secure">
|
||||
<form>
|
||||
<div class="form-group row">
|
||||
<label class="col-sm-2 col-form-label text-left">[[${bundle.L('修改邮箱')}]]</label>
|
||||
<div class="col-sm-7 pl-0">
|
||||
<label class="col-2 col-form-label">[[${bundle.L('修改邮箱')}]]</label>
|
||||
<div class="col-7 pl-0">
|
||||
<div class="form-control-plaintext text-muted J_email-account" th:text="${user.getEmail() ?: bundle.L('邮箱未设置')}"></div>
|
||||
</div>
|
||||
<div class="col-sm-3 text-right">
|
||||
<div class="col-3 text-right">
|
||||
<button class="btn btn-primary btn-outline J_email" type="button">[[${bundle.L('修改')}]]</button>
|
||||
</div>
|
||||
</div>
|
||||
<div class="form-group row">
|
||||
<label class="col-sm-2 col-form-label text-left">[[${bundle.L('修改密码')}]]</label>
|
||||
<div class="col-sm-7 pl-0">
|
||||
<label class="col-2 col-form-label">[[${bundle.L('修改密码')}]]</label>
|
||||
<div class="col-7 pl-0">
|
||||
<div class="form-control-plaintext text-muted">[[${bundle.L('建议 90 天更改一次密码')}]]</div>
|
||||
</div>
|
||||
<div class="col-sm-3 text-right">
|
||||
<div class="col-3 text-right">
|
||||
<button class="btn btn-primary btn-outline J_passwd" type="button">[[${bundle.L('修改')}]]</button>
|
||||
</div>
|
||||
</div>
|
||||
<div th:if="${dingtalkUser != null}" class="form-group row">
|
||||
<label class="col-2 col-form-label">[[${bundle.L('钉钉授权')}]]</label>
|
||||
<div class="col-7 pl-0">
|
||||
<div class="form-control-plaintext text-muted">[[${dingtalkUser}]]</div>
|
||||
</div>
|
||||
<div class="col-3 text-right">
|
||||
<button class="btn btn-danger btn-outline J_unauth-dingtalk" type="button" data-type="1">[[${bundle.L('取消授权')}]]</button>
|
||||
</div>
|
||||
</div>
|
||||
<div th:if="${wxworkUser != null}" class="form-group row">
|
||||
<label class="col-2 col-form-label">[[${bundle.L('企业微信授权')}]]</label>
|
||||
<div class="col-7 pl-0">
|
||||
<div class="form-control-plaintext text-muted">[[${wxworkUser}]]</div>
|
||||
</div>
|
||||
<div class="col-3 text-right">
|
||||
<button class="btn btn-danger btn-outline J_unauth-wxwork" type="button" data-type="2">[[${bundle.L('取消授权')}]]</button>
|
||||
</div>
|
||||
</div>
|
||||
</form>
|
||||
</div>
|
||||
<div class="tab-pane" id="logs">
|
||||
|
|
Loading…
Reference in a new issue