限制非平台管理员和统计管理员账号登录

0a79f91a · nie'hong · bff09b09 · 0a79f91a · 0a79f91a · 0a79f91a
Commit 0a79f91a authored May 26, 2021 by nie'hong
11 changed files
--- a/pom.xml
+++ b/pom.xml
@@ -282,6 +282,13 @@
            <artifactId>ffmpeg-platform</artifactId>
            <version>4.3.2-1.5.5</version>
        </dependency>
+        <dependency>
+            <groupId>net.sf.json-lib</groupId>
+            <artifactId>json-lib</artifactId>
+            <version>2.4</version>
+            <classifier>jdk15</classifier>
+        </dependency>
+
    </dependencies>

    <build>

--- a/src/main/java/cn/chnmuseum/party/common/util/AddressUtil.java
+++ b/src/main/java/cn/chnmuseum/party/common/util/AddressUtil.java
+package cn.chnmuseum.party.common.util;
+
+import net.sf.json.JSONObject;
+
+import java.io.*;
+import java.net.HttpURLConnection;
+import java.net.MalformedURLException;
+import java.net.URL;
+import java.util.HashMap;
+import java.util.Map;
+
+public class AddressUtil {
+
+    /**
+     * @param content        请求的参数 格式为：name=xxx&pwd=xxx
+     * @param encodingString 服务器端请求编码。如GBK,UTF-8等
+     * @return
+     * @throws UnsupportedEncodingException
+     */
+    public static String getAddresses(String content, String encodingString) throws UnsupportedEncodingException {
+    //调用淘宝API
+        String urlStr = "https://ip.taobao.com/outGetIpInfo";
+
+        String returnStr = getResult(urlStr, content, encodingString);
+        if (returnStr != null) {
+            System.out.println(returnStr);
+            return returnStr;
+        }
+        return null;
+    }
+
+    /**
+     * @param urlStr         请求的地址
+     * @param content        请求的参数 格式为：name=xxx&pwd=xxx
+     * @param encodingString 服务器端请求编码。如GBK,UTF-8等
+     * @return
+     */
+    private static String getResult(String urlStr, String content, String encodingString) {
+        URL url = null;
+        HttpURLConnection connection = null;
+        try {
+            url = new URL(urlStr);
+        // 新建连接实例
+            connection = (HttpURLConnection) url.openConnection();
+        // 设置连接超时时间，单位毫秒
+        //connection.setConnectTimeout(20000);
+        // 设置读取数据超时时间，单位毫秒
+        //connection.setReadTimeout(20000);
+        //是否打开输出流
+            connection.setDoOutput(true);
+        //是否打开输入流
+            connection.setDoInput(true);
+        //提交方法 POST|GET
+            connection.setRequestMethod("POST");
+        //是否缓存
+            connection.setUseCaches(false);
+        //打开连接端口
+            connection.connect();
+        //打开输出流往对端服务器写数据
+            DataOutputStream out = new DataOutputStream(connection.getOutputStream());
+        //写数据，即提交表单 name=xxx&pwd=xxx
+            out.writeBytes(content);
+        //刷新
+            out.flush();
+        //关闭输出流
+            out.close();
+        // 往对端写完数据对端服务器返回数据 ,以BufferedReader流来读取
+            BufferedReader reader = new BufferedReader(new InputStreamReader(connection.getInputStream(), encodingString));
+            StringBuffer buffer = new StringBuffer();
+            String line = "";
+            while ((line = reader.readLine()) != null) {
+                buffer.append(line);
+            }
+            reader.close();
+            return buffer.toString();
+        } catch (MalformedURLException e) {
+            e.printStackTrace();
+        } catch (IOException e) {
+            e.printStackTrace();
+        } finally {
+            if (connection != null) {
+                connection.disconnect();
+            }
+        }
+        return null;
+    }
+
+    public static Map<String, String> getAddressByIp(String ip) {
+    // 参数ip
+//        ip = "118.213.176.78";
+    // json_result用于接收返回的json数据
+        String json_result = null;
+        Map<String, String> map = new HashMap<>();
+        try {
+            json_result = getAddresses("ip=" + ip, "utf-8");
+        } catch (Exception e) {
+            e.printStackTrace();
+        }
+
+        JSONObject json = JSONObject.fromObject(json_result);
+        System.out.println("json数据： " + json);
+        String country = JSONObject.fromObject(json.get("data")).get("country").toString();
+        String region = JSONObject.fromObject(json.get("data")).get("region").toString();
+        String city = JSONObject.fromObject(json.get("data")).get("city").toString();
+        String county = JSONObject.fromObject(json.get("data")).get("county").toString();
+        String isp = JSONObject.fromObject(json.get("data")).get("isp").toString();
+        String area = JSONObject.fromObject(json.get("data")).get("area").toString();
+        map.put("country", country);//国家
+        map.put("area", area);//区域
+        map.put("region", region);//省
+        map.put("city", city);//市
+        map.put("county", county);//区
+        map.put("isp", isp);//互联网服务提供商
+        return map;
+    }
+
+}
\ No newline at end of file
--- a/src/main/java/cn/chnmuseum/party/common/util/IpAdrressUtil.java
+++ b/src/main/java/cn/chnmuseum/party/common/util/IpAdrressUtil.java
+package cn.chnmuseum.party.common.util;
+
+import org.apache.commons.lang3.StringUtils;
+
+import javax.servlet.http.HttpServletRequest;
+
+public class IpAdrressUtil {
+    /**
+     * 获取Ip地址
+     * @param request
+     * @return
+     */
+    private static String getIpAdrress(HttpServletRequest request) {
+        String Xip = request.getHeader("X-Real-IP");
+        String XFor = request.getHeader("X-Forwarded-For");
+        if(StringUtils.isNotEmpty(XFor) && !"unKnown".equalsIgnoreCase(XFor)){
+            //多次反向代理后会有多个ip值，第一个ip才是真实ip
+            int index = XFor.indexOf(",");
+            if(index != -1){
+                return XFor.substring(0,index);
+            }else{
+                return XFor;
+            }
+        }
+        XFor = Xip;
+        if(StringUtils.isNotEmpty(XFor) && !"unKnown".equalsIgnoreCase(XFor)){
+            return XFor;
+        }
+        if (StringUtils.isBlank(XFor) || "unknown".equalsIgnoreCase(XFor)) {
+            XFor = request.getHeader("Proxy-Client-IP");
+        }
+        if (StringUtils.isBlank(XFor) || "unknown".equalsIgnoreCase(XFor)) {
+            XFor = request.getHeader("WL-Proxy-Client-IP");
+        }
+        if (StringUtils.isBlank(XFor) || "unknown".equalsIgnoreCase(XFor)) {
+            XFor = request.getHeader("HTTP_CLIENT_IP");
+        }
+        if (StringUtils.isBlank(XFor) || "unknown".equalsIgnoreCase(XFor)) {
+            XFor = request.getHeader("HTTP_X_FORWARDED_FOR");
+        }
+        if (StringUtils.isBlank(XFor) || "unknown".equalsIgnoreCase(XFor)) {
+            XFor = request.getRemoteAddr();
+        }
+        return XFor;
+    }
+}
--- a/src/main/java/cn/chnmuseum/party/mapper/TVideoVisitorMapper.java
+++ b/src/main/java/cn/chnmuseum/party/mapper/TVideoVisitorMapper.java
+package cn.chnmuseum.party.mapper;
+
+import cn.chnmuseum.party.model.TVideoVisitor;
+import com.baomidou.mybatisplus.core.mapper.BaseMapper;
+
+/**
+ * @description:
+ * @author: nh
+ * @create: 2021-05-26 11:16
+ **/
+public interface TVideoVisitorMapper extends BaseMapper<TVideoVisitor> {
+}
--- a/src/main/java/cn/chnmuseum/party/model/TUserRole.java
+++ b/src/main/java/cn/chnmuseum/party/model/TUserRole.java
@@ -61,7 +61,4 @@ public class TUserRole implements Serializable {
    @TableField("is_deleted")
    private Boolean isDeleted;
    
-
-
-
 }
--- a/src/main/java/cn/chnmuseum/party/model/TVideoVisitor.java
+++ b/src/main/java/cn/chnmuseum/party/model/TVideoVisitor.java
+package cn.chnmuseum.party.model;
+
+import com.baomidou.mybatisplus.annotation.IdType;
+import com.baomidou.mybatisplus.annotation.TableField;
+import com.baomidou.mybatisplus.annotation.TableId;
+import com.baomidou.mybatisplus.annotation.TableName;
+import io.swagger.annotations.ApiModel;
+import io.swagger.annotations.ApiModelProperty;
+import lombok.*;
+import lombok.experimental.Accessors;
+
+import java.io.Serializable;
+import java.util.Date;
+
+/**
+ * @description:
+ * @author: nh
+ * @create: 2021-05-25 23:12
+ **/
+@Data
+@Builder
+@AllArgsConstructor
+@NoArgsConstructor
+@Accessors(chain = true)
+@EqualsAndHashCode(callSuper = false)
+@TableName("t_video_visitor")
+@ApiModel(value = "视频播放者的地区", description = "视频播放者的地区")
+public class TVideoVisitor implements Serializable {
+
+    private static final long serialVersionUID = 1L;
+
+    @ApiModelProperty(value = "id", name = "id")
+    @TableId(value = "id", type = IdType.ASSIGN_ID)
+    private String id;
+
+    @ApiModelProperty(value = "videoId", name = "视频id")
+    @TableField("video_id")
+    private String videoId;
+
+    @ApiModelProperty(value = "area", name = "地区")
+    @TableField("area")
+    private String area;
+
+    @ApiModelProperty(value = "createTime", name = "创建时间")
+    @TableField("create_time")
+    private Date createTime;
+
+    @ApiModelProperty(value = "updateTime", name = "更新时间")
+    @TableField("update_time")
+    private Date updateTime;
+}
--- a/src/main/java/cn/chnmuseum/party/service/TVideoVisitorService.java
+++ b/src/main/java/cn/chnmuseum/party/service/TVideoVisitorService.java
+package cn.chnmuseum.party.service;
+
+import cn.chnmuseum.party.model.TVideoVisitor;
+import com.baomidou.mybatisplus.extension.service.IService;
+
+public interface TVideoVisitorService extends IService<TVideoVisitor> {
+}
--- a/src/main/java/cn/chnmuseum/party/service/impl/TVideoVisitorServiceImpl.java
+++ b/src/main/java/cn/chnmuseum/party/service/impl/TVideoVisitorServiceImpl.java
+package cn.chnmuseum.party.service.impl;
+
+import cn.chnmuseum.party.mapper.TVideoVisitorMapper;
+import cn.chnmuseum.party.model.TVideoVisitor;
+import cn.chnmuseum.party.service.TVideoVisitorService;
+import com.baomidou.mybatisplus.core.conditions.Wrapper;
+import com.baomidou.mybatisplus.core.mapper.BaseMapper;
+import com.baomidou.mybatisplus.extension.service.impl.ServiceImpl;
+import lombok.extern.slf4j.Slf4j;
+import org.springframework.stereotype.Service;
+
+
+/**
+ * @description:
+ * @author: nh
+ * @create: 2021-05-25 23:10
+ **/
+@Slf4j
+@Service
+public class TVideoVisitorServiceImpl extends ServiceImpl<TVideoVisitorMapper, TVideoVisitor> implements TVideoVisitorService {
+
+}
--- a/src/main/java/cn/chnmuseum/party/web/controller/LoginController.java
+++ b/src/main/java/cn/chnmuseum/party/web/controller/LoginController.java
@@ -39,6 +39,7 @@ import java.nio.charset.StandardCharsets;
 import java.time.LocalDate;
 import java.util.*;
 import java.util.concurrent.TimeUnit;
+import java.util.stream.Collectors;

 /**
 * shiro权限控制登录Controller
@@ -70,6 +71,10 @@ public class LoginController extends BaseController {
    //用户登录是否被锁定    一小时 redisKey 前缀
    private String SHIRO_IS_LOCK = "shiro_is_lock_";

+    // 能够登录的角色,平台管理员和统计管理员
+    private String ROLE_XTGLY = "xtgly";
+    private String ROLE_TJGLY = "tjgly";
+
    // 未授权跳转的页面
    @RequestMapping(value = "403", method = RequestMethod.GET)
    public void noPermissions(HttpServletResponse response) throws IOException {
@@ -179,6 +184,15 @@ public class LoginController extends BaseController {
                    return resultMap;
                }
                List<Role> roles = roleService.selectRoleByUserId(user.getId());
+
+                // 用户需要拥有“统计管理员”或“平台管理员”角色才能登录
+                List<String> roleAliasList = roles.stream().map(Role::getAlias).collect(Collectors.toList());
+                if (!roleAliasList.contains(ROLE_TJGLY) || roleAliasList.contains(ROLE_XTGLY)) {
+                    resultMap.put("resultCode", "400");
+                    resultMap.put("message", "您登录的账号既不是平台用户账号也不是统计用户账号，不能查看大屏");
+                    return resultMap;
+                }
+
                List<String> list1 = new ArrayList<>();
                //获取当前用户角色拥有菜单
                List<Menu> userMenuPerms = new ArrayList<>();

--- a/src/main/java/cn/chnmuseum/party/web/controller/StatisticController.java
+++ b/src/main/java/cn/chnmuseum/party/web/controller/StatisticController.java
 package cn.chnmuseum.party.web.controller;

+import cn.chnmuseum.party.common.util.AddressUtil;
 import cn.chnmuseum.party.model.Menu;
 import cn.chnmuseum.party.model.Role;
+import cn.chnmuseum.party.model.TVideoVisitor;
+import cn.chnmuseum.party.service.TVideoVisitorService;
 import cn.chnmuseum.party.vo.StatisticData;
 import com.baomidou.mybatisplus.core.conditions.query.LambdaQueryWrapper;
 import com.baomidou.mybatisplus.core.conditions.update.UpdateWrapper;
@@ -23,13 +26,17 @@ import io.swagger.annotations.ApiOperation;
 import lombok.extern.slf4j.Slf4j;
 import org.apache.commons.lang3.StringUtils;
 import org.apache.shiro.authz.annotation.RequiresPermissions;
+import org.springframework.beans.factory.annotation.Autowired;
 import org.springframework.http.ResponseEntity;
 import org.springframework.validation.annotation.Validated;
 import org.springframework.web.bind.annotation.*;
 import org.springframework.stereotype.Controller;

 import javax.annotation.Resource;
+import javax.servlet.http.HttpServletRequest;
 import javax.validation.constraints.NotNull;
+import java.util.Date;
+import java.util.HashMap;
 import java.util.List;
 import java.util.Map;

@@ -50,13 +57,52 @@ public class StatisticController extends BaseController {
    @Resource
    private StatisticService statisticService;

+    @Autowired
+    private TVideoVisitorService tVideoVisitorService;
+
    @GetMapping("/statistic")
    @ApiOperation(value = "统计数据", notes = "统计数据")
    public ResponseEntity<StatisticData> getScreenData() {
 		return ResponseEntity.ok(new StatisticData());
    }

+    @GetMapping("/recordVisitor")
+    @ApiOperation(value = "记录视频访问者的城市", notes = "记录视频访问者的城市")
+    public Map recordVisitor(String videoId, String ip){
+        Map<String, String> resultMap = new HashMap<>();
+        try {
+            TVideoVisitor tVideoVisitor = new TVideoVisitor();
+            if (StringUtils.isBlank(videoId)) {
+                resultMap.put("resultCoed", "400");
+                resultMap.put("message", "视频不能为空");
+            }else {
+                tVideoVisitor.setVideoId(StringUtils.trimToNull(videoId));
+            }
+            if (StringUtils.isBlank(ip)) {
+                resultMap.put("resultCoed", "400");
+                resultMap.put("message", "ip地址不能为空");
+            }else{
+                Map<String, String> addressByIp = AddressUtil.getAddressByIp(ip);
+                tVideoVisitor.setArea(StringUtils.trimToNull(addressByIp.get("city")));
+            }
+            // 该条信息的创建时间和更新时间
+            tVideoVisitor.setCreateTime(new Date());
+            tVideoVisitor.setUpdateTime(new Date());

+            boolean save = tVideoVisitorService.save(tVideoVisitor);
+            if (!save) {
+                // 新增失败, 500
+                resultMap.put("resultCode", "500");
+                resultMap.put("message", "服务器忙");
+                return resultMap;
+            }
+        } catch (Exception e) {
+            resultMap.put("resultCode", "500");
+            resultMap.put("message", "服务器忙");
+            logger.error("新增成员错误!", e);
+        }
+        return resultMap;
+    }

 }

--- a/src/main/resources/mapper/TVideoVisitorMapper
+++ b/src/main/resources/mapper/TVideoVisitorMapper
+<?xml version="1.0" encoding="UTF-8"?>
+<!DOCTYPE mapper PUBLIC "-//mybatis.org//DTD Mapper 3.0//EN" "http://mybatis.org/dtd/mybatis-3-mapper.dtd">
+<mapper namespace="cn.chnmuseum.party.mapper.TVideoVisitorMapper">
+
+    <!-- 通用查询映射结果 -->
+    <resultMap id="BaseResultMap" type="cn.chnmuseum.party.model.TVideoVisitor">
+        <id column="id" property="id"/>
+        <result column="area" property="area"/>
+        <result column="video_id" property="videoId"/>
+        <result column="create_time" property="createTime"/>
+        <result column="update_time" property="updateTime"/>
+    </resultMap>
+
+    <!-- 通用查询结果列 -->
+    <sql id="Base_Column_List">
+        id, area, video_id, create_time, update_time
+    </sql>
+
+</mapper>