пре 8 година · 4efc3b0908
--- a/mooctest-site-server/src/main/java/cn/iselab/mooctest/site/models/TaskPermission.java
+++ b/mooctest-site-server/src/main/java/cn/iselab/mooctest/site/models/TaskPermission.java
@@ -0,0 +1,80 @@
 
				+package cn.iselab.mooctest.site.models;
			
 
				+
			
 
				+import javax.persistence.*;
			
 
				+import java.sql.Timestamp;
			
 
				+
			
 
				+/**
			
 
				+ * @author sean
			
 
				+ * @date 2017-06-29.
			
 
				+ */
			
 
				+@Entity
			
 
				+@Table(name = "taskPermission")
			
 
				+public class TaskPermission {
			
 
				+
			
 
				+    @Id
			
 
				+    @GeneratedValue
			
 
				+    private Long id;
			
 
				+
			
 
				+    @Column(name = "name")
			
 
				+    private Long name;
			
 
				+
			
 
				+    @Column(name = "resource")
			
 
				+    private Long resource;
			
 
				+
			
 
				+    @Column(name = "operation")
			
 
				+    private Long operation;
			
 
				+
			
 
				+    @Column(name = "instance_id")
			
 
				+    private Long instanceId;
			
 
				+
			
 
				+    @Column(name = "create_time")
			
 
				+    private Timestamp createTime;
			
 
				+
			
 
				+    public Long getId() {
			
 
				+        return id;
			
 
				+    }
			
 
				+
			
 
				+    public void setId(Long id) {
			
 
				+        this.id = id;
			
 
				+    }
			
 
				+
			
 
				+    public Long getName() {
			
 
				+        return name;
			
 
				+    }
			
 
				+
			
 
				+    public void setName(Long name) {
			
 
				+        this.name = name;
			
 
				+    }
			
 
				+
			
 
				+    public Long getResource() {
			
 
				+        return resource;
			
 
				+    }
			
 
				+
			
 
				+    public void setResource(Long resource) {
			
 
				+        this.resource = resource;
			
 
				+    }
			
 
				+
			
 
				+    public Long getOperation() {
			
 
				+        return operation;
			
 
				+    }
			
 
				+
			
 
				+    public void setOperation(Long operation) {
			
 
				+        this.operation = operation;
			
 
				+    }
			
 
				+
			
 
				+    public Long getInstanceId() {
			
 
				+        return instanceId;
			
 
				+    }
			
 
				+
			
 
				+    public void setInstanceId(Long instanceId) {
			
 
				+        this.instanceId = instanceId;
			
 
				+    }
			
 
				+
			
 
				+    public Timestamp getCreateTime() {
			
 
				+        return createTime;
			
 
				+    }
			
 
				+
			
 
				+    public void setCreateTime(Timestamp createTime) {
			
 
				+        this.createTime = createTime;
			
 
				+    }
			
 
				+}
			
--- a/mooctest-site-server/src/main/java/cn/iselab/mooctest/site/models/User.java
+++ b/mooctest-site-server/src/main/java/cn/iselab/mooctest/site/models/User.java
@@ -14,6 +14,9 @@ public class User {
 
				     @GeneratedValue
			
 
				     private Long id;
			
 
				 
			
 
				+    @Column(name = "name")
			
 
				+    private String name;
			
 
				+
			
 
				     @Column(name = "email")
			
 
				     private String email;
			
 
				 
			
@@ -26,6 +29,14 @@ public class User {
 
				     @Column(name = "create_time")
			
 
				     private Timestamp createTime = new Timestamp(System.currentTimeMillis());
			
 
				 
			
 
				+    public String getName() {
			
 
				+        return name;
			
 
				+    }
			
 
				+
			
 
				+    public void setName(String name) {
			
 
				+        this.name = name;
			
 
				+    }
			
 
				+
			
 
				     public String getEmail() {
			
 
				         return email;
			
 
				     }
			
--- a/mooctest-site-server/src/main/java/cn/iselab/mooctest/site/permission/AppPermission.java
+++ b/mooctest-site-server/src/main/java/cn/iselab/mooctest/site/permission/AppPermission.java
@@ -1,66 +0,0 @@
 
				-package cn.iselab.mooctest.site.permission;
			
 
				-
			
 
				-import cn.iselab.mooctest.site.models.User;
			
 
				-import cn.iselab.mooctest.site.service.AppService;
			
 
				-import org.apache.shiro.SecurityUtils;
			
 
				-import org.apache.shiro.authz.Permission;
			
 
				-import org.springframework.beans.factory.annotation.Autowired;
			
 
				-
			
 
				-/**
			
 
				- * @author sean
			
 
				- * @date 2017-06-26.
			
 
				- */
			
 
				-public class AppPermission implements Permission {
			
 
				-
			
 
				-    @Autowired
			
 
				-    private AppService appService;
			
 
				-
			
 
				-    private String resource;
			
 
				-
			
 
				-    private String operation;
			
 
				-
			
 
				-    private String instanceId;
			
 
				-
			
 
				-    public AppPermission() {
			
 
				-    }
			
 
				-
			
 
				-    public AppPermission(String permissionStr) {
			
 
				-        String[] strs = permissionStr.split("\\+");
			
 
				-        if (strs.length > 1) {
			
 
				-            this.resource = strs[1];
			
 
				-        }
			
 
				-        if (this.resource == null || "".equals(this.resource)) {
			
 
				-            this.resource = "*";
			
 
				-        }
			
 
				-        if (strs.length > 2) {
			
 
				-            this.operation = strs[2];
			
 
				-        }
			
 
				-        if (strs.length > 3) {
			
 
				-            this.instanceId = strs[3];
			
 
				-        }
			
 
				-        if (this.instanceId == null || "".equals(this.instanceId)) {
			
 
				-            this.instanceId = "*";
			
 
				-        }
			
 
				-    }
			
 
				-
			
 
				-    @Override
			
 
				-    public boolean implies(Permission p) {
			
 
				-        if (!(p instanceof TaskPermission)) {
			
 
				-            return false;
			
 
				-        }
			
 
				-        AppPermission ap = (AppPermission) p;
			
 
				-        User user = (User) SecurityUtils.getSubject().getPrincipal();
			
 
				-
			
 
				-        if (!"*".equals(ap.resource) && !this.resource.equals(ap.resource)) {
			
 
				-            return false;
			
 
				-        }
			
 
				-        if (!"*".equals(ap.operation) && !this.operation.equals(ap.operation)) {
			
 
				-            return false;
			
 
				-        }
			
 
				-        if (appService.findById(Long.valueOf(instanceId)).getOwnerId() != user.getId()) {
			
 
				-            return false;
			
 
				-        } else {
			
 
				-            return true;
			
 
				-        }
			
 
				-    }
			
 
				-}
			
--- a/mooctest-site-server/src/main/java/cn/iselab/mooctest/site/permission/CasePermission.java
+++ b/mooctest-site-server/src/main/java/cn/iselab/mooctest/site/permission/CasePermission.java
@@ -1,70 +0,0 @@
 
				-package cn.iselab.mooctest.site.permission;
			
 
				-
			
 
				-import cn.iselab.mooctest.site.models.User;
			
 
				-import cn.iselab.mooctest.site.service.CaseService;
			
 
				-import org.apache.shiro.SecurityUtils;
			
 
				-import org.apache.shiro.authz.Permission;
			
 
				-import org.springframework.beans.factory.annotation.Autowired;
			
 
				-
			
 
				-/**
			
 
				- * @author sean
			
 
				- * @date 2017-06-25.
			
 
				- */
			
 
				-public class CasePermission implements Permission {
			
 
				-
			
 
				-    @Autowired
			
 
				-    private CaseService caseService;
			
 
				-
			
 
				-    private String resource;
			
 
				-
			
 
				-    private String operation;
			
 
				-
			
 
				-    private String instanceId;
			
 
				-
			
 
				-    public CasePermission() {
			
 
				-    }
			
 
				-
			
 
				-    public CasePermission(String permissionStr) {
			
 
				-        String[] strs = permissionStr.split("\\+");
			
 
				-        if (strs.length > 1) {
			
 
				-            this.resource = strs[1];
			
 
				-        }
			
 
				-        if (this.resource == null || "".equals(this.resource)) {
			
 
				-            this.resource = "*";
			
 
				-        }
			
 
				-        if (strs.length > 2) {
			
 
				-            this.operation = strs[2];
			
 
				-        }
			
 
				-        if (strs.length > 3) {
			
 
				-            this.instanceId = strs[3];
			
 
				-        }
			
 
				-        if (this.instanceId == null || "".equals(this.instanceId)) {
			
 
				-            this.instanceId = "*";
			
 
				-        }
			
 
				-
			
 
				-    }
			
 
				-
			
 
				-    @Override
			
 
				-    public boolean implies(Permission p) {
			
 
				-
			
 
				-        if (!(p instanceof TaskPermission)) {
			
 
				-            return false;
			
 
				-        }
			
 
				-        CasePermission cp = (CasePermission) p;
			
 
				-        User user = (User) SecurityUtils.getSubject().getPrincipal();
			
 
				-
			
 
				-        if (!"*".equals(cp.resource) && !this.resource.equals(cp.resource)) {
			
 
				-            return false;
			
 
				-        }
			
 
				-        if (!"*".equals(cp.operation) && !this.operation.equals(cp.operation)) {
			
 
				-            return false;
			
 
				-        }
			
 
				-        if (caseService.getCaseById(Long.valueOf(instanceId)).getOwnerId() != user.getId()) {
			
 
				-            return false;
			
 
				-        }
			
 
				-        if (caseService.getCaseById(Long.valueOf(instanceId)).getVisible() == false) {
			
 
				-            return false;
			
 
				-        }
			
 
				-        return false;
			
 
				-    }
			
 
				-}
			
--- a/mooctest-site-server/src/main/java/cn/iselab/mooctest/site/permission/GroupPermission.java
+++ b/mooctest-site-server/src/main/java/cn/iselab/mooctest/site/permission/GroupPermission.java
@@ -1,71 +0,0 @@
 
				-package cn.iselab.mooctest.site.permission;
			
 
				-
			
 
				-import cn.iselab.mooctest.site.models.User;
			
 
				-import cn.iselab.mooctest.site.service.GroupService;
			
 
				-import org.apache.shiro.SecurityUtils;
			
 
				-import org.apache.shiro.authz.Permission;
			
 
				-import org.springframework.beans.factory.annotation.Autowired;
			
 
				-
			
 
				-/**
			
 
				- * @author sean
			
 
				- * @date 2017-06-25.
			
 
				- */
			
 
				-public class GroupPermission implements Permission {
			
 
				-
			
 
				-    @Autowired
			
 
				-    private GroupService groupService;
			
 
				-
			
 
				-    private String resource;
			
 
				-
			
 
				-    private String operation;
			
 
				-
			
 
				-    private String instanceId;
			
 
				-
			
 
				-    public GroupPermission() {
			
 
				-    }
			
 
				-
			
 
				-    public GroupPermission(String permissionStr) {
			
 
				-        String[] strs = permissionStr.split("\\+");
			
 
				-        if (strs.length > 1) {
			
 
				-            this.resource = strs[1];
			
 
				-        }
			
 
				-        if (this.resource == null || "".equals(this.resource)) {
			
 
				-            this.resource = "*";
			
 
				-        }
			
 
				-        if (strs.length > 2) {
			
 
				-            this.operation = strs[2];
			
 
				-        }
			
 
				-        if (strs.length > 3) {
			
 
				-            this.instanceId = strs[3];
			
 
				-        }
			
 
				-        if (this.instanceId == null || "".equals(this.instanceId)) {
			
 
				-            this.instanceId = "*";
			
 
				-        }
			
 
				-
			
 
				-    }
			
 
				-
			
 
				-    @Override
			
 
				-    public boolean implies(Permission p) {
			
 
				-        if (!(p instanceof TaskPermission)) {
			
 
				-            return false;
			
 
				-        }
			
 
				-        GroupPermission gp = (GroupPermission) p;
			
 
				-        User user = (User) SecurityUtils.getSubject().getPrincipal();
			
 
				-
			
 
				-        if (!"*".equals(gp.resource) && !this.resource.equals(gp.resource)) {
			
 
				-            return false;
			
 
				-        }
			
 
				-        if (!"*".equals(gp.operation) && !this.operation.equals(gp.operation)) {
			
 
				-            return false;
			
 
				-        }
			
 
				-
			
 
				-        if (!groupService.checkWorkerExist(user.getId(), Long.valueOf(instanceId))) {
			
 
				-            return false;
			
 
				-        }
			
 
				-        if (groupService.getGroup(Long.valueOf(instanceId)).getOwnerId() != user.getId()) {
			
 
				-            return false;
			
 
				-        } else {
			
 
				-            return true;
			
 
				-        }
			
 
				-    }
			
 
				-}
			
--- a/mooctest-site-server/src/main/java/cn/iselab/mooctest/site/permission/MyPermissionResolver.java
+++ b/mooctest-site-server/src/main/java/cn/iselab/mooctest/site/permission/MyPermissionResolver.java
@@ -1,27 +0,0 @@
 
				-package cn.iselab.mooctest.site.permission;
			
 
				-
			
 
				-import org.apache.shiro.authz.Permission;
			
 
				-import org.apache.shiro.authz.permission.PermissionResolver;
			
 
				-import org.apache.shiro.authz.permission.WildcardPermission;
			
 
				-
			
 
				-/**
			
 
				- * @author sean
			
 
				- * @date 2017-06-25.
			
 
				- */
			
 
				-public class MyPermissionResolver implements PermissionResolver {
			
 
				-
			
 
				-    @Override
			
 
				-    public Permission resolvePermission(String permissionString) {
			
 
				-        if (permissionString.startsWith("task")) {
			
 
				-            return new TaskPermission(permissionString);
			
 
				-        }
			
 
				-        if (permissionString.startsWith("group")) {
			
 
				-            return new GroupPermission(permissionString);
			
 
				-        }
			
 
				-        if (permissionString.startsWith("case")) {
			
 
				-            return new CasePermission(permissionString);
			
 
				-        } else {
			
 
				-            return new WildcardPermission(permissionString);
			
 
				-        }
			
 
				-    }
			
 
				-}
			
--- a/mooctest-site-server/src/main/java/cn/iselab/mooctest/site/permission/TaskPermission.java
+++ b/mooctest-site-server/src/main/java/cn/iselab/mooctest/site/permission/TaskPermission.java
@@ -1,83 +0,0 @@
 
				-package cn.iselab.mooctest.site.permission;
			
 
				-
			
 
				-import cn.iselab.mooctest.site.models.User;
			
 
				-import cn.iselab.mooctest.site.service.AssignedTaskService;
			
 
				-import cn.iselab.mooctest.site.service.TaskService;
			
 
				-import cn.iselab.mooctest.site.service.UserService;
			
 
				-import org.apache.shiro.SecurityUtils;
			
 
				-import org.apache.shiro.authz.Permission;
			
 
				-import org.springframework.beans.factory.annotation.Autowired;
			
 
				-
			
 
				-/**
			
 
				- * @author sean
			
 
				- * @date 2017-06-25.
			
 
				- */
			
 
				-public class TaskPermission implements Permission {
			
 
				-
			
 
				-    @Autowired
			
 
				-    private AssignedTaskService assignedTaskService;
			
 
				-
			
 
				-    @Autowired
			
 
				-    private TaskService taskService;
			
 
				-
			
 
				-    @Autowired
			
 
				-    private UserService userService;
			
 
				-
			
 
				-    private String resource;
			
 
				-
			
 
				-    private String operation;
			
 
				-
			
 
				-    private String instanceId;
			
 
				-
			
 
				-    public TaskPermission() {
			
 
				-    }
			
 
				-
			
 
				-    public TaskPermission(String permissionStr) {
			
 
				-        String[] strs = permissionStr.split("\\+");
			
 
				-        if (strs.length > 1) {
			
 
				-            this.resource = strs[1];
			
 
				-        }
			
 
				-        if (this.resource == null || "".equals(this.resource)) {
			
 
				-            this.resource = "*";
			
 
				-        }
			
 
				-        if (strs.length > 2) {
			
 
				-            this.operation = strs[2];
			
 
				-        }
			
 
				-        if (strs.length > 3) {
			
 
				-            this.instanceId = strs[3];
			
 
				-        }
			
 
				-        if (this.instanceId == null || "".equals(this.instanceId)) {
			
 
				-            this.instanceId = "*";
			
 
				-        }
			
 
				-
			
 
				-    }
			
 
				-
			
 
				-
			
 
				-    @Override
			
 
				-    public boolean implies(Permission p) {
			
 
				-        if (!(p instanceof TaskPermission)) {
			
 
				-            return false;
			
 
				-        }
			
 
				-        TaskPermission tp = (TaskPermission) p;
			
 
				-        String username =  SecurityUtils.getSubject().getPrincipal().toString();
			
 
				-        User user = userService.findByUsername(username);
			
 
				-
			
 
				-        if (!"*".equals(tp.resource) && !this.resource.equals(tp.resource)) {
			
 
				-            return false;
			
 
				-        }
			
 
				-        if (!"*".equals(tp.operation) && !this.operation.equals(tp.operation)) {
			
 
				-            return false;
			
 
				-        }
			
 
				-        //for worker:
			
 
				-        if (assignedTaskService.getAssignedTask((Long.valueOf(instanceId)), user.getId()) == null) {
			
 
				-            return false;
			
 
				-        }
			
 
				-        //for manager
			
 
				-        if (taskService.getTask(Long.valueOf(instanceId)).getOwnerId() != user.getId()) {
			
 
				-            return false;
			
 
				-        } else {
			
 
				-            return true;
			
 
				-        }
			
 
				-    }
			
 
				-
			
 
				-}
			
--- a/mooctest-site-server/src/main/java/cn/iselab/mooctest/site/web/ctrl/ApiController.java
+++ b/mooctest-site-server/src/main/java/cn/iselab/mooctest/site/web/ctrl/ApiController.java
@@ -42,7 +42,8 @@ public class ApiController extends BaseController {
 
				     }
			
 
				 
			
 
				     @RequestMapping(value = UrlConstants.API_INTERNAL + "getTask", method = RequestMethod.GET)
			
 
				-    public String getTask(HttpServletRequest request) {
			
 
				+    public String getTask(HttpServletRequest request)
			
 
				+    {
			
 
				         return apiLogic.getTask(request);
			
 
				     }
			
 
				 
			
--- a/mooctest-site-server/src/main/java/cn/iselab/mooctest/site/web/data/UserVO.java
+++ b/mooctest-site-server/src/main/java/cn/iselab/mooctest/site/web/data/UserVO.java
@@ -13,12 +13,22 @@ public class UserVO extends BaseVO{
 
				 
			
 
				     private String email;
			
 
				 
			
 
				+    private String name;
			
 
				+
			
 
				     private String mobile;
			
 
				 
			
 
				     private String password;
			
 
				 
			
 
				     private Long createTime;
			
 
				 
			
 
				+    public String getName() {
			
 
				+        return name;
			
 
				+    }
			
 
				+
			
 
				+    public void setName(String name) {
			
 
				+        this.name = name;
			
 
				+    }
			
 
				+
			
 
				     public String getEmail() {
			
 
				         return email;
			
 
				     }
			
--- a/mooctest-site-server/src/main/java/cn/iselab/mooctest/site/web/data/wrapper/UserVOWrapper.java
+++ b/mooctest-site-server/src/main/java/cn/iselab/mooctest/site/web/data/wrapper/UserVOWrapper.java
@@ -22,6 +22,7 @@ public class UserVOWrapper extends BaseWrapper<UserVO, User> {
 
				         userVO.setPassword(user.getPassword());
			
 
				         userVO.setEmail(user.getEmail());
			
 
				         userVO.setMobile(user.getMobile());
			
 
				+        userVO.setName(user.getName());
			
 
				         return userVO;
			
 
				     }
			
 
				 
			
@@ -34,6 +35,7 @@ public class UserVOWrapper extends BaseWrapper<UserVO, User> {
 
				         user.setPassword(data.getPassword());
			
 
				         user.setEmail(data.getEmail());
			
 
				         user.setMobile(data.getMobile());
			
 
				+        user.setName(data.getName());
			
 
				         return user;
			
 
				     }
			
 
				 }