From bae2e5aecb4f3b1808042d39e93e63da30ea7452 Mon Sep 17 00:00:00 2001 From: Rui_Li <877258667@qq.com> Date: Wed, 2 Jul 2025 09:52:41 +0800 Subject: [PATCH] =?UTF-8?q?=E6=8A=80=E6=9C=AF=E5=8F=82=E6=95=B0=20?= =?UTF-8?q?=E6=96=87=E4=BB=B6=E8=B7=B3=E8=BD=ACBUG?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- .../TechnicalSpecificationController.java | 3 +- .../TechnicalSpecificationServiceImpl.java | 18 +- .../TechnicalSpecificationService.java | 3 +- .../sys/service/CheckLdapDirectory.java | 4 +- .../service/impl/CheckLdapDirectoryImpl.java | 165 ++++++++++++++++-- 5 files changed, 170 insertions(+), 23 deletions(-) diff --git a/src/main/java/com/spring/modules/sampleManagement/controller/TechnicalSpecificationController.java b/src/main/java/com/spring/modules/sampleManagement/controller/TechnicalSpecificationController.java index 688ceffe..f28db455 100644 --- a/src/main/java/com/spring/modules/sampleManagement/controller/TechnicalSpecificationController.java +++ b/src/main/java/com/spring/modules/sampleManagement/controller/TechnicalSpecificationController.java @@ -35,6 +35,7 @@ import org.springframework.web.bind.annotation.RequestBody; import org.springframework.web.bind.annotation.RequestMapping; import org.springframework.web.bind.annotation.ResponseBody; +import javax.naming.NamingException; import java.util.HashMap; import java.util.List; import java.util.Map; @@ -1155,7 +1156,7 @@ public class TechnicalSpecificationController { @PostMapping(value="/checkUrl") @ResponseBody - public R checkUrl(@RequestBody BmUrlData data){ + public R checkUrl(@RequestBody BmUrlData data) throws NamingException { BmUrlData result= technicalSpecificationService.checkUrl(data); return R.ok().put("url", result.getUrl()); } diff --git a/src/main/java/com/spring/modules/sampleManagement/service/Impl/TechnicalSpecificationServiceImpl.java b/src/main/java/com/spring/modules/sampleManagement/service/Impl/TechnicalSpecificationServiceImpl.java index 84102c43..733d2c8f 100644 --- a/src/main/java/com/spring/modules/sampleManagement/service/Impl/TechnicalSpecificationServiceImpl.java +++ b/src/main/java/com/spring/modules/sampleManagement/service/Impl/TechnicalSpecificationServiceImpl.java @@ -55,6 +55,7 @@ import org.springframework.stereotype.Service; import org.springframework.transaction.annotation.Transactional; import org.springframework.util.StringUtils; +import javax.naming.NamingException; import java.math.BigDecimal; import java.util.*; import java.util.stream.Collectors; @@ -1266,18 +1267,31 @@ public class TechnicalSpecificationServiceImpl implements TechnicalSpecification } @Override - public BmUrlData checkUrl(BmUrlData data){ + public BmUrlData checkUrl(BmUrlData data) throws NamingException { String account = ((SysUserEntity) SecurityUtils.getSubject().getPrincipal()).getDomainControlAccount(); List addresses=technicalSpecificationMapper.getSysProxyAddress(); boolean falseFlag=true; String baseUrl = ""; + int maxLen = 0; + //检查出符合最多字符串的内容 + for (SysProxyAddress address : addresses) { + String str = data.getUrl().trim(); + String prefix = address.getPhysicalAddress().trim(); + //找出最多符合条件的字符传长度 + if (str.contains(prefix)) { + int currentLen = prefix.length(); + if (currentLen > maxLen) { + maxLen = currentLen; + } + } + } for (SysProxyAddress address : addresses) { // data.setUrl(data.getUrl().replaceAll(addresses.get(i).getPhysicalAddress(), addresses.get(i).getProxyAddress())); String str = data.getUrl().trim(); String prefix = address.getPhysicalAddress().trim(); String st3 = address.getProxyAddress().trim(); //用截取替换 避开特殊字符转义 - if (str.contains(prefix)) { + if (str.contains(prefix) && prefix.length() == maxLen) { int index = str.indexOf(prefix); int startIndex = index + prefix.length(); String result = st3 + str.substring(startIndex); diff --git a/src/main/java/com/spring/modules/sampleManagement/service/TechnicalSpecificationService.java b/src/main/java/com/spring/modules/sampleManagement/service/TechnicalSpecificationService.java index 1783741c..c7fd3b51 100644 --- a/src/main/java/com/spring/modules/sampleManagement/service/TechnicalSpecificationService.java +++ b/src/main/java/com/spring/modules/sampleManagement/service/TechnicalSpecificationService.java @@ -21,6 +21,7 @@ import com.spring.modules.sift.vo.QuerySavedVo; import com.spring.modules.sys.entity.dto.DictDto; import org.springframework.web.bind.annotation.RequestBody; +import javax.naming.NamingException; import java.util.List; import java.util.Map; @@ -948,7 +949,7 @@ public interface TechnicalSpecificationService { List searchPartLastQuotationNo(QuotationDetailVo data); - BmUrlData checkUrl(BmUrlData data); + BmUrlData checkUrl(BmUrlData data) throws NamingException; /** * @Description 柔板印刷固定属性 * @Title searchBMprintFlexoColor diff --git a/src/main/java/com/spring/modules/sys/service/CheckLdapDirectory.java b/src/main/java/com/spring/modules/sys/service/CheckLdapDirectory.java index 06857071..8069471f 100644 --- a/src/main/java/com/spring/modules/sys/service/CheckLdapDirectory.java +++ b/src/main/java/com/spring/modules/sys/service/CheckLdapDirectory.java @@ -1,5 +1,7 @@ package com.spring.modules.sys.service; +import javax.naming.NamingException; + /** * @description: 检查用户是否存在 域控的文件夹权限 * @author LR @@ -14,5 +16,5 @@ public interface CheckLdapDirectory { * @date 2025/5/12 16:47 * @version 1.0 */ - public boolean checkUserLdapDirectory(String username, String directoryPath); + public boolean checkUserLdapDirectory(String username, String directoryPath) throws NamingException; } diff --git a/src/main/java/com/spring/modules/sys/service/impl/CheckLdapDirectoryImpl.java b/src/main/java/com/spring/modules/sys/service/impl/CheckLdapDirectoryImpl.java index ddcb7873..7f6c0411 100644 --- a/src/main/java/com/spring/modules/sys/service/impl/CheckLdapDirectoryImpl.java +++ b/src/main/java/com/spring/modules/sys/service/impl/CheckLdapDirectoryImpl.java @@ -1,9 +1,6 @@ package com.spring.modules.sys.service.impl; -import com.spring.ifs.bean.BaseSearchBean; import com.spring.modules.sys.service.CheckLdapDirectory; -import org.slf4j.Logger; -import org.slf4j.LoggerFactory; import org.springframework.beans.factory.annotation.Value; import org.springframework.stereotype.Service; @@ -38,23 +35,14 @@ public class CheckLdapDirectoryImpl implements CheckLdapDirectory { @Value("${spring.ldap.password}") private String ldapPassword; - private static final Logger logger = LoggerFactory.getLogger(CheckLdapDirectoryImpl.class); - @Override - public boolean checkUserLdapDirectory(String username, String directoryPath) { - logger.info("Checking the folder permission for the user:"+username); - logger.info("Checking the folder permission for the directory:"+directoryPath); + public boolean checkUserLdapDirectory(String username, String directoryPath) throws NamingException { //查询文件的域控账号或分组 Map directoryGroupAccount = this.getDirectoryLdapAccount(directoryPath); - logger.info("Folder Group And Account:"+directoryGroupAccount.toString()); //查询用户是否是该文件夹的域控账号或分组 - Map ldapAccountGroup = this.getLapAccountGroup(username); - //打印日志 - logger.info("Ldap Group And Account:"+ldapAccountGroup.toString()); - for(String strKey : directoryGroupAccount.keySet()) { - if (ldapAccountGroup.containsKey(strKey)) { - return true; - } + //Map ldapAccountGroup = this.getLapAccountGroup(username); + if (directoryGroupAccount.containsKey(username)) { + return true; } return false; } @@ -134,7 +122,7 @@ public class CheckLdapDirectoryImpl implements CheckLdapDirectory { * @date 2025/5/12 16:55 * @version 1.0 */ - public static Map getDirectoryLdapAccount(String directoryPath) { + public Map getDirectoryLdapAccount(String directoryPath) throws NamingException { //获取文件夹 Path securityPath = Paths.get(directoryPath); //判断路径是否是文件夹 @@ -144,6 +132,16 @@ public class CheckLdapDirectoryImpl implements CheckLdapDirectory { //返回的数据 Map ldapGroupAccount = new HashMap(); + Properties env = new Properties(); + env.put(Context.INITIAL_CONTEXT_FACTORY, "com.sun.jndi.ldap.LdapCtxFactory"); + env.put(Context.PROVIDER_URL, ldapUrl); + env.put(Context.SECURITY_AUTHENTICATION, "simple"); + env.put(Context.SECURITY_PRINCIPAL, ldapUserDn); + env.put(Context.SECURITY_CREDENTIALS, ldapPassword); + + // 创建DirContext对象,建立与LDAP服务器的连接 + DirContext ctx = new InitialDirContext(env); + AclFileAttributeView aclView = Files.getFileAttributeView(securityPath, AclFileAttributeView.class); try { aclView.getAcl().forEach(aclEntry -> { @@ -157,7 +155,138 @@ public class CheckLdapDirectoryImpl implements CheckLdapDirectory { } catch (IOException e) { throw new RuntimeException(e); } + Map ldapAccount = new HashMap(); + if (ldapGroupAccount.size() > 0) { + //循环检查数据是否存在组信息 如果存在 需要把组数据 替换成账号的信息 + for(String strKey : ldapGroupAccount.keySet()) { + if (checkMemberIsGroupWithName(ctx, strKey)){ + ldapAccount.putAll(getLdapAccountListFromGroup(ctx, strKey)); + }else { + ldapAccount.put(strKey, strKey); + } + } + } //返回执行的结果 - return ldapGroupAccount; + return ldapAccount; + } + + + /** + * @description: 从组里面获取成员信息 + * @author LR + * @date 2025/6/30 17:45 + * @version 1.0 + */ + public Map getLdapAccountListFromGroup(DirContext ctx, String groupDn) throws NamingException { + Map accountMap = new HashMap<>(); + // 设置返回所有属性 + SearchControls controls = new SearchControls(); + controls.setReturningAttributes(new String[] {"member"}); + controls.setSearchScope(SearchControls.SUBTREE_SCOPE); + String nameFilter = "(&(objectClass=group)(cn="+groupDn+"))"; + // 执行查询 + NamingEnumeration results = ctx.search(ldapBase, nameFilter, controls); + while (results.hasMore()) { + SearchResult result = results.next(); + Attributes attrs = result.getAttributes(); + + NamingEnumeration attrEnum = attrs.getAll(); + + while (attrEnum.hasMore()) { + Attribute attr = attrEnum.next(); + // 处理多值属性 + NamingEnumeration values = attr.getAll(); + while (values.hasMore()) { + Object value = values.next(); + String valueStr = value.toString(); + String currentMember = valueStr.substring(valueStr.indexOf("=")+1, valueStr.indexOf(",")); + if (checkMemberIsGroup(ctx, valueStr)){ + //递归调用 + accountMap.putAll(getLdapAccountListFromGroup(ctx, currentMember)); + }else { + accountMap.put(getLdapAccountByMemberStr(ctx, valueStr), currentMember); + } + } + } + } + return accountMap; + } + + /** + * @description: 检查当前是否是组信息 + * @author LR + * @date 2025/6/30 17:26 + * @version 1.0 + */ + public boolean checkMemberIsGroupWithName(DirContext ctx, String name) throws NamingException { + // 设置返回所有属性 + SearchControls controls = new SearchControls(); + controls.setReturningAttributes(new String[] {"member"}); + controls.setSearchScope(SearchControls.SUBTREE_SCOPE); + String nameFilter = "(&(objectClass=group)(cn="+name+"))"; + // 执行查询 + NamingEnumeration results = ctx.search(ldapBase, nameFilter, controls); + boolean checkFlag = results.hasMore(); + results.close(); + return checkFlag; + } + + + + /** + * @description: 检查当前是否是组信息 + * @author LR + * @date 2025/6/30 17:26 + * @version 1.0 + */ + public boolean checkMemberIsGroup(DirContext ctx, String memberDn) throws NamingException { + Attributes attrs = ctx.getAttributes(memberDn, new String[] {"objectClass"}); + Attribute attr = attrs.get("objectClass"); + if (attr != null){ + for (int i = 0; i < attr.size(); i++) { + if ("group".equalsIgnoreCase(attr.get(i).toString())) { + return true; + } + } + } + return false; + } + + /** + * @description: 通过名称获取账号的信息 + * @author LR + * @date 2025/7/1 13:38 + * @version 1.0 + */ + public String getLdapAccountByMemberStr(DirContext ctx, String memberDn) throws NamingException { + Attributes attrs = ctx.getAttributes(memberDn, new String[] {"sAMAccountName"}); + Attribute attr = attrs.get("sAMAccountName"); + if (attr != null){ + String userAccount = attr.get().toString(); + return userAccount; + } + return ""; + } + + /** + * @description: 检查是否是用户 + * @author LR + * @date 2025/7/1 10:41 + * @version 1.0 + */ + public boolean checkStrIsAccount(DirContext ctx, String str) throws NamingException { + // 设置返回所有属性 + SearchControls controls = new SearchControls(); + controls.setReturningAttributes(new String[] {"memberof"}); + controls.setSearchScope(SearchControls.SUBTREE_SCOPE); + String nameFilter = "(sAMAccountName="+str+")"; // 根据登录名精确匹配 + + // 执行查询 + NamingEnumeration results = ctx.search(ldapBase, nameFilter, controls); + //如果含有信息 则是账号 + if (results.hasMore()) { + return true; + } + return false; } }