Merge branch 'dev' of lyr/patient-co-management into dev

patient-co-wlyy/src/main/java/com/yihu/wlyy/entity/url/CudUrl.java

@@ -0,0 +1,34 @@
package com.yihu.wlyy.entity.url;
import com.yihu.wlyy.entity.IdEntity;
import javax.persistence.Entity;
import javax.persistence.Table;
/**
 * Created by lyr-pc on 2017/1/18.
 */
@Entity
@Table(name = "wlyy_cud_url")
public class CudUrl extends IdEntity{
    private String url;
    private String comment;
    public String getUrl() {
        return url;
    }
    public void setUrl(String url) {
        this.url = url;
    }
    public String getComment() {
        return comment;
    }
    public void setComment(String comment) {
        this.comment = comment;
    }
}

patient-co-wlyy/src/main/java/com/yihu/wlyy/interceptors/BaseInterceptor.java

@@ -2,6 +2,7 @@ package com.yihu.wlyy.interceptors;
import javax.servlet.http.HttpServletRequest;
import com.yihu.wlyy.repository.url.CudUrlDao;
import org.apache.commons.lang3.StringUtils;
import org.json.JSONObject;
import org.springframework.beans.factory.annotation.Autowired;
@@ -13,6 +14,8 @@ abstract public class BaseInterceptor implements HandlerInterceptor {
	@Autowired
	public TokenDao tokenDao;
	@Autowired
	public CudUrlDao cudUrlDao;
	public JSONObject getAgent(HttpServletRequest request) {
		try {

patient-co-wlyy/src/main/java/com/yihu/wlyy/interceptors/DoctorInterceptor.java

@@ -4,14 +4,22 @@ import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import com.yihu.wlyy.entity.security.Token;
import com.yihu.wlyy.entity.url.CudUrl;
import com.yihu.wlyy.util.DateUtil;
import com.yihu.wlyy.util.SystemConf;
import com.yihu.wlyy.util.SystemData;
import org.apache.commons.lang3.StringUtils;
import org.json.JSONObject;
import org.springframework.web.bind.annotation.RequestMapping;
import org.springframework.web.method.HandlerMethod;
import org.springframework.web.servlet.ModelAndView;
import java.lang.annotation.Annotation;
import java.lang.reflect.Method;
import java.lang.reflect.Type;
import java.util.Date;
import java.util.Iterator;
import java.util.List;
/**
 * 医生权限校验
@@ -20,76 +28,103 @@ import java.util.Date;
 */
public class DoctorInterceptor extends BaseInterceptor {
	@Override
	public boolean preHandle(HttpServletRequest request, HttpServletResponse response, Object handler) throws Exception {
		boolean flag = true;
		try {
			response.setCharacterEncoding("UTF-8");
			JSONObject json = getAgent(request);
			if (json == null) {
				// 未登录
				response.getOutputStream().write(error(SystemConf.NOT_LOGIN, "请登录后再操作！").getBytes());
				return false;
			}
			String tokenStr = json.has("token") ? json.getString("token") : "";
			String uid = json.has("uid") ? json.getString("uid") : "";
			String imei = json.has("imei") ? json.getString("imei") : "";
			String observer = json.has("observer") ? json.getString("observer") : "";
			//如果是观察者直接返回true
			if (!org.springframework.util.StringUtils.isEmpty(observer) && observer.equals("1")) {
				return true;
			}
			if (StringUtils.isEmpty(tokenStr) || StringUtils.isEmpty(imei) || StringUtils.isEmpty(uid)) {
				response.getOutputStream().write(error(SystemConf.NOT_LOGIN, "请登录后再操作！").getBytes());
				return false;
			}
    @Override
    public boolean preHandle(HttpServletRequest request, HttpServletResponse response, Object handler) throws Exception {
        boolean flag = true;
        try {
            response.setCharacterEncoding("UTF-8");
            JSONObject json = getAgent(request);
            if (json == null) {
                // 未登录
                response.getOutputStream().write(error(SystemConf.NOT_LOGIN, "请登录后再操作！").getBytes());
                return false;
            }
            String tokenStr = json.has("token") ? json.getString("token") : "";
            String uid = json.has("uid") ? json.getString("uid") : "";
            String imei = json.has("imei") ? json.getString("imei") : "";
            String observer = json.has("observer") ? json.getString("observer") : "";
            //如果是观察者直接返回true
            if (!org.springframework.util.StringUtils.isEmpty(observer) && observer.equals("1")) {
                Class cls = ((HandlerMethod) handler).getBeanType();
                RequestMapping clsRm = (RequestMapping) cls.getAnnotation(RequestMapping.class);
                Method method = ((HandlerMethod) handler).getMethod();
                RequestMapping mthRm = method.getAnnotation(RequestMapping.class);
                String url = "";
                String urlCls = "";
                String urlMth = "";
                if (clsRm.value() != null && clsRm.value().length > 0) {
                    urlCls = clsRm.value()[0];
                }
                if (mthRm.value() != null && mthRm.value().length > 0) {
                    urlMth = mthRm.value()[0];
                }
                if (StringUtils.isNotEmpty(urlCls)) {
                    url += urlCls.startsWith("/") ? urlCls : ("/" + urlCls);
                }
                if (StringUtils.isNotEmpty(urlMth)) {
                    url += urlMth.startsWith("/") ? urlMth : ("/" + urlMth);
                }
                url = url.replace("\\","/").replace("//","/");
                CudUrl cudUrl = cudUrlDao.findByUrl(url);
			Token token = SystemData.doctorTokens.get(uid);
			if (token == null) {
				token = tokenDao.findByPatient(uid, 2);
				if (token != null) {
					// 加入缓存
					SystemData.doctorTokens.put(uid, token);
				}
			}
			if (token == null || token.getPlatform() != 2) {
				// 未登录
				response.getOutputStream().write(error(SystemConf.NOT_LOGIN, "请登录后再操作！").getBytes());
				flag = false;
			} else {
				if (token.getTimeout().getTime() < new Date().getTime()) {
					// 登录超时
					response.getOutputStream().write(error(SystemConf.LOGIN_TIMEOUT, "登录超时，请重新登录").getBytes());
					flag = false;
				} else if (!StringUtils.equals(tokenStr, token.getToken()) || !StringUtils.equals(uid, token.getUser()) || !StringUtils.equals(imei, token.getImei())) {
					// 别处登录
					response.getOutputStream().write(error(SystemConf.LOGIN_OTHER, "帐号在别处登录，请重新登录").getBytes());
					flag = false;
				} else {
					// 一天只更新一次
					if (DateUtil.getDays(token.getCzrq(), DateUtil.getNowDateShort()) != 0) {
						// 今天未更新，则更新缓存
						token.setCzrq(new Date());
						// 更新内存
						SystemData.doctorTokens.put(uid, token);
						// 更新数据库
						tokenDao.save(token);
					}
				}
			}
		} catch (Exception e) {
			e.printStackTrace();
		}
		return flag;
	}
                if (cudUrl != null) {
                    response.getOutputStream().write(error(403, "该操作没有权限").getBytes());
                    return false;
                }
	@Override
	public void postHandle(HttpServletRequest request, HttpServletResponse response, Object handler, ModelAndView modelAndView) throws Exception {
                return true;
            }
            if (StringUtils.isEmpty(tokenStr) || StringUtils.isEmpty(imei) || StringUtils.isEmpty(uid)) {
                response.getOutputStream().write(error(SystemConf.NOT_LOGIN, "请登录后再操作！").getBytes());
                return false;
            }
	}
            Token token = SystemData.doctorTokens.get(uid);
            if (token == null) {
                token = tokenDao.findByPatient(uid, 2);
                if (token != null) {
                    // 加入缓存
                    SystemData.doctorTokens.put(uid, token);
                }
            }
            if (token == null || token.getPlatform() != 2) {
                // 未登录
                response.getOutputStream().write(error(SystemConf.NOT_LOGIN, "请登录后再操作！").getBytes());
                flag = false;
            } else {
                if (token.getTimeout().getTime() < new Date().getTime()) {
                    // 登录超时
                    response.getOutputStream().write(error(SystemConf.LOGIN_TIMEOUT, "登录超时，请重新登录").getBytes());
                    flag = false;
                } else if (!StringUtils.equals(tokenStr, token.getToken()) || !StringUtils.equals(uid, token.getUser()) || !StringUtils.equals(imei, token.getImei())) {
                    // 别处登录
                    response.getOutputStream().write(error(SystemConf.LOGIN_OTHER, "帐号在别处登录，请重新登录").getBytes());
                    flag = false;
                } else {
                    // 一天只更新一次
                    if (DateUtil.getDays(token.getCzrq(), DateUtil.getNowDateShort()) != 0) {
                        // 今天未更新，则更新缓存
                        token.setCzrq(new Date());
                        // 更新内存
                        SystemData.doctorTokens.put(uid, token);
                        // 更新数据库
                        tokenDao.save(token);
                    }
                }
            }
        } catch (Exception e) {
            e.printStackTrace();
        }
        return flag;
    }
	@Override
	public void afterCompletion(HttpServletRequest request, HttpServletResponse response, Object handler, Exception ex) throws Exception {
    @Override
    public void postHandle(HttpServletRequest request, HttpServletResponse response, Object handler, ModelAndView modelAndView) throws Exception {
	}
    }
    @Override
    public void afterCompletion(HttpServletRequest request, HttpServletResponse response, Object handler, Exception ex) throws Exception {
    }
}

patient-co-wlyy/src/main/java/com/yihu/wlyy/repository/url/CudUrlDao.java

@@ -0,0 +1,13 @@
package com.yihu.wlyy.repository.url;
import com.yihu.wlyy.entity.url.CudUrl;
import org.springframework.data.jpa.repository.JpaSpecificationExecutor;
import org.springframework.data.repository.PagingAndSortingRepository;
/**
 * Created by lyr-pc on 2017/1/18.
 */
public interface CudUrlDao extends PagingAndSortingRepository<CudUrl, Long>, JpaSpecificationExecutor<CudUrl> {
    CudUrl findByUrl(String url);
}