Merge remote-tracking branch 'origin/master'

mec-auth/mec-auth-server/src/main/java/com/ym/mec/auth/config/ResourceServerConfig.java

@@ -1,7 +1,5 @@
 package com.ym.mec.auth.config;
 
-import javax.servlet.http.HttpServletResponse;
-
 import org.springframework.beans.factory.annotation.Autowired;
 import org.springframework.context.annotation.Configuration;
 import org.springframework.security.config.annotation.web.builders.HttpSecurity;
@@ -27,8 +25,7 @@ public class ResourceServerConfig extends ResourceServerConfigurerAdapter {
 
 	@Override
 	public void configure(HttpSecurity http) throws Exception {
-		http.csrf().disable().exceptionHandling()
-				.authenticationEntryPoint((request, response, authException) -> response.sendError(HttpServletResponse.SC_UNAUTHORIZED)).and()
+		http.csrf().disable().exceptionHandling().accessDeniedHandler(baseAccessDeniedHandler).authenticationEntryPoint(baseAuthenticationEntryPoint).and()
 				.authorizeRequests().antMatchers("/task/**").hasIpAddress("0.0.0.0/0").anyRequest().authenticated().and().httpBasic();
 	}
 

mec-auth/mec-auth-server/src/main/java/com/ym/mec/auth/core/service/PermissionCheckService.java

@@ -1,77 +0,0 @@
-package com.ym.mec.auth.core.service;
-
-import java.util.Arrays;
-import java.util.Collection;
-import java.util.List;
-
-import org.apache.commons.lang3.StringUtils;
-import org.springframework.beans.factory.annotation.Autowired;
-import org.springframework.security.core.Authentication;
-import org.springframework.security.core.GrantedAuthority;
-import org.springframework.security.core.context.SecurityContextHolder;
-import org.springframework.stereotype.Component;
-
-import com.ym.mec.auth.api.dto.SysUserInfo;
-import com.ym.mec.auth.config.constant.SecurityConstants;
-import com.ym.mec.auth.service.SysUserService;
-
-@Component("pcs")
-public class PermissionCheckService {
-
-	@Autowired
-	private SysUserService sysUserService;
-
-	public boolean hasPermissions(String... permissions) {
-		Authentication authentication = SecurityContextHolder.getContext().getAuthentication();
-		if (authentication == null) {
-			return false;
-		}
-
-		Collection<? extends GrantedAuthority> authorities = authentication.getAuthorities();
-
-		for (String perm : permissions) {
-			for (GrantedAuthority authority : authorities) {
-				if (StringUtils.equals(perm, authority.getAuthority())) {
-					return true;
-				}
-			}
-		}
-
-		return false;
-	}
-
-	public boolean hasRoles(String... roles) {
-
-		if (hasPermissions(roles)) {
-			return true;
-		}
-
-		Authentication authentication = SecurityContextHolder.getContext().getAuthentication();
-		if (authentication == null) {
-			return false;
-		}
-
-		SysUserInfo userInfo = queryUserInfo(authentication.getPrincipal().toString());
-
-		List<String> rolesList = Arrays.asList(userInfo.getRoles());
-
-		for (String role : roles) {
-			if (rolesList.contains(role)) {
-				return true;
-			}
-		}
-
-		return false;
-	}
-
-	private SysUserInfo queryUserInfo(String username) {
-		SysUserInfo userInfo = null;
-
-		if (StringUtils.startsWith(username, SecurityConstants.PHONE_PRINCIPAL_PREFIX)) {
-			userInfo = sysUserService.queryUserInfoByPhone(StringUtils.substringAfter(username, SecurityConstants.PHONE_PRINCIPAL_PREFIX));
-		} else {
-			userInfo = sysUserService.queryUserInfoByUsername(StringUtils.substringAfter(username, SecurityConstants.USERNAME_PRINCIPAL_PREFIX));
-		}
-		return userInfo;
-	}
-}

mec-common/common-core/src/main/java/com/ym/mec/common/security/PermissionCheckService.java

@@ -0,0 +1,38 @@
+package com.ym.mec.common.security;
+
+import java.util.Collection;
+
+import org.apache.commons.lang3.StringUtils;
+import org.springframework.security.core.Authentication;
+import org.springframework.security.core.GrantedAuthority;
+import org.springframework.security.core.context.SecurityContextHolder;
+import org.springframework.stereotype.Component;
+
+@Component("pcs")
+public class PermissionCheckService {
+
+	public boolean hasPermissions(String... permissions) {
+		Authentication authentication = SecurityContextHolder.getContext().getAuthentication();
+		if (authentication == null) {
+			return false;
+		}
+
+		Collection<? extends GrantedAuthority> authorities = authentication.getAuthorities();
+
+		for (String perm : permissions) {
+			for (GrantedAuthority authority : authorities) {
+				if (StringUtils.equalsIgnoreCase(perm, authority.getAuthority())) {
+					return true;
+				}
+			}
+		}
+
+		return false;
+	}
+
+	public boolean hasRoles(String... roles) {
+
+		return hasPermissions(roles);
+	}
+
+}

mec-common/common-core/src/main/java/com/ym/mec/common/service/BaseService.java

@@ -7,14 +7,13 @@ package com.ym.mec.common.service;
  * @author pengdc
  * @create 2015年7月13日
  */
-import com.ym.mec.common.page.PageInfo;
-import com.ym.mec.common.page.QueryInfo;
-
-import java.io.IOException;
 import java.io.Serializable;
 import java.util.List;
 import java.util.Map;
 
+import com.ym.mec.common.page.PageInfo;
+import com.ym.mec.common.page.QueryInfo;
+
 public interface BaseService<PK extends Serializable, T> {
 	/**
 	 * 通过主键id获取对象

mec-gateway/mec-gateway-web/src/main/java/com/ym/mec/gateway/web/controller/ErrorHandlerController.java

@@ -0,0 +1,99 @@
+package com.ym.mec.gateway.web.controller;
+
+import org.apache.commons.lang3.exception.ExceptionUtils;
+import org.springframework.boot.web.servlet.error.ErrorController;
+import org.springframework.web.bind.annotation.RequestMapping;
+import org.springframework.web.bind.annotation.ResponseBody;
+import org.springframework.web.bind.annotation.RestController;
+
+import com.netflix.zuul.context.RequestContext;
+import com.netflix.zuul.exception.ZuulException;
+
+@RestController
+public class ErrorHandlerController implements ErrorController {
+
+	@Override
+	public String getErrorPath() {
+		return "/error";
+	}
+
+	@RequestMapping("/error")
+	@ResponseBody
+	public Object error() {
+		RequestContext ctx = RequestContext.getCurrentContext();
+		ZuulException exception = (ZuulException) ctx.getThrowable();
+		
+		Throwable e = ExceptionUtils.getRootCause(exception);
+		if (e == null) {
+			e = exception;
+		}
+
+		HttpResponseResult result = new HttpResponseResult();
+		result.setCode(exception.nStatusCode);
+		result.setMsg(exception.getMessage());
+		result.setStatus(false);
+
+		return result;
+	}
+
+	class HttpResponseResult {
+
+		public final static int TIME_OUT = -1;
+
+		private boolean status = true;
+		private String msg;
+		private Object data;
+		private int code;
+
+		public HttpResponseResult(boolean status, int code, Object data, String message) {
+			this.status = status;
+			this.msg = message;
+			this.data = data;
+			this.code = code;
+		}
+
+		public HttpResponseResult() {
+		}
+
+		public int getCode() {
+			return code;
+		}
+
+		public void setCode(int code) {
+			this.code = code;
+		}
+
+		public boolean getStatus() {
+			return status;
+		}
+
+		public void setStatus(boolean status) {
+			this.status = status;
+		}
+
+		public String getMsg() {
+			return msg;
+		}
+
+		public void setMsg(String msg) {
+			this.msg = msg;
+		}
+
+		public Object getData() {
+			return data;
+		}
+
+		public void setData(Object data) {
+			this.data = data;
+		}
+
+		public void success() {
+			this.status = true;
+		}
+
+		public void fail() {
+			this.status = false;
+		}
+
+	}
+}

mec-gateway/mec-gateway-web/src/main/resources/application.yml

@@ -10,7 +10,9 @@ eureka:
     serviceUrl:
       defaultZone: http://admin:admin123@localhost:8761/eureka/eureka/
 
-      
+ribbon:
+  ReadTimeout: 10000
+  SocketTimeout: 3000      
 
 ### 配置网关反向代理    
 zuul:
@@ -47,10 +49,10 @@ zuul:
   ignored-services: eureka-server
   #重试
   retryable: false
-  #请求处理超时
-  ReadTimeout: 6000
-  #连接超时
-  ConnectTimeout: 1000
+  #请求处理超时--只针对url的路由
+  ReadTimeout: 60000
+  #连接超时--只针对url的路由
+  ConnectTimeout: 10000
   sensitiveHeaders: 
   
 hystrix: