Merge pull request #277 from nobodyiam/portal-super-admin

apollo-portal/src/main/java/com/ctrip/framework/apollo/portal/PortalSettings.java

 package com.ctrip.framework.apollo.portal;
 
 
+import com.google.common.base.Strings;
+
+import com.ctrip.framework.apollo.core.enums.Env;
+import com.ctrip.framework.apollo.portal.api.AdminServiceAPI;
+import com.ctrip.framework.apollo.portal.service.ServerConfigService;
+
+import org.slf4j.Logger;
+import org.slf4j.LoggerFactory;
+import org.springframework.beans.factory.annotation.Autowired;
+import org.springframework.beans.factory.annotation.Value;
+import org.springframework.boot.actuate.health.Health;
+import org.springframework.context.ApplicationContext;
+import org.springframework.stereotype.Component;
+
 import java.util.ArrayList;
 import java.util.Arrays;
 import java.util.HashMap;
@@ -14,19 +28,6 @@ import java.util.concurrent.TimeUnit;
 
 import javax.annotation.PostConstruct;
 
-import org.slf4j.Logger;
-import org.slf4j.LoggerFactory;
-import org.springframework.beans.factory.annotation.Autowired;
-import org.springframework.beans.factory.annotation.Value;
-import org.springframework.boot.actuate.health.Health;
-import org.springframework.context.ApplicationContext;
-import org.springframework.stereotype.Component;
-
-import com.ctrip.framework.apollo.core.enums.Env;
-import com.ctrip.framework.apollo.portal.api.AdminServiceAPI;
-import com.ctrip.framework.apollo.portal.entity.po.ServerConfig;
-import com.ctrip.framework.apollo.portal.repository.ServerConfigRepository;
-
 @Component
 public class PortalSettings {
 
@@ -41,7 +42,7 @@ public class PortalSettings {
   ApplicationContext applicationContext;
 
   @Autowired
-  private ServerConfigRepository serverConfigRepository;
+  private ServerConfigService serverConfigService;
 
   private List<Env> allEnvs = new ArrayList<Env>();
 
@@ -56,9 +57,9 @@ public class PortalSettings {
   private void postConstruct() {
     //初始化portal支持操作的环境集合,线上的portal可能支持所有的环境操作,而线下环境则支持一部分.
     // 每个环境的portal支持哪些环境配置在数据库里
-    ServerConfig serverConfig = serverConfigRepository.findByKey("apollo.portal.envs");
-    if (serverConfig != null){
-      String[] configedEnvs = serverConfig.getValue().split(",");
+    String serverConfig = serverConfigService.getValue("apollo.portal.envs");
+    if (!Strings.isNullOrEmpty(serverConfig)){
+      String[] configedEnvs = serverConfig.split(",");
       allStrEnvs = Arrays.asList(configedEnvs);
     }
 

apollo-portal/src/main/java/com/ctrip/framework/apollo/portal/auth/CtripLogoutHandler.java

 package com.ctrip.framework.apollo.portal.auth;
 
-import com.ctrip.framework.apollo.portal.repository.ServerConfigRepository;
+import com.ctrip.framework.apollo.portal.service.ServerConfigService;
 
 import org.springframework.beans.factory.annotation.Autowired;
 
@@ -13,7 +13,7 @@ import javax.servlet.http.HttpServletResponse;
 public class CtripLogoutHandler implements LogoutHandler{
 
   @Autowired
-  private ServerConfigRepository serverConfigRepository;
+  private ServerConfigService serverConfigService;
 
   @Override
   public void logout(HttpServletRequest request, HttpServletResponse response) {
@@ -27,8 +27,8 @@ public class CtripLogoutHandler implements LogoutHandler{
     response.addCookie(cookie);
 
     //重定向到SSO的logout地址
-    String casServerUrl = serverConfigRepository.findByKey("casServerUrlPrefix").getValue();
-    String serverName = serverConfigRepository.findByKey("serverName").getValue();
+    String casServerUrl = serverConfigService.getValue("casServerUrlPrefix");
+    String serverName = serverConfigService.getValue("serverName");
 
     try {
       response.sendRedirect(casServerUrl + "/logout?service=" + serverName);

apollo-portal/src/main/java/com/ctrip/framework/apollo/portal/configutation/AuthConfiguration.java

@@ -6,7 +6,7 @@ import com.ctrip.framework.apollo.portal.auth.DefaultLogoutHandler;
 import com.ctrip.framework.apollo.portal.auth.DefaultUserInfoHolder;
 import com.ctrip.framework.apollo.portal.auth.LogoutHandler;
 import com.ctrip.framework.apollo.portal.auth.UserInfoHolder;
-import com.ctrip.framework.apollo.portal.repository.ServerConfigRepository;
+import com.ctrip.framework.apollo.portal.service.ServerConfigService;
 
 import org.springframework.beans.factory.annotation.Autowired;
 import org.springframework.boot.autoconfigure.condition.ConditionalOnMissingBean;
@@ -39,7 +39,7 @@ public class AuthConfiguration {
   static class CtripAuthAutoConfiguration {
 
     @Autowired
-    private ServerConfigRepository serverConfigRepository;
+    private ServerConfigService serverConfigService;
 
     @Bean
     public ServletListenerRegistrationBean redisAppSettingListner(){
@@ -69,8 +69,8 @@ public class AuthConfiguration {
 
       Map<String, String> filterInitParam = new HashMap();
       filterInitParam.put("redisClusterName", "casClientPrincipal");
-      filterInitParam.put("serverName", serverConfigRepository.findByKey("serverName").getValue());
-      filterInitParam.put("casServerLoginUrl", serverConfigRepository.findByKey("casServerLoginUrl").getValue());
+      filterInitParam.put("serverName", serverConfigService.getValue("serverName"));
+      filterInitParam.put("casServerLoginUrl", serverConfigService.getValue("casServerLoginUrl"));
 
       casFilter.setInitParameters(filterInitParam);
       casFilter.setFilter(filter("org.jasig.cas.client.authentication.AuthenticationFilter"));
@@ -83,8 +83,8 @@ public class AuthConfiguration {
     public FilterRegistrationBean casValidationFilter(){
       FilterRegistrationBean casValidationFilter = new FilterRegistrationBean();
       Map<String, String> filterInitParam = new HashMap();
-      filterInitParam.put("casServerUrlPrefix", serverConfigRepository.findByKey("casServerUrlPrefix").getValue());
-      filterInitParam.put("serverName", serverConfigRepository.findByKey("serverName").getValue());
+      filterInitParam.put("casServerUrlPrefix", serverConfigService.getValue("casServerUrlPrefix"));
+      filterInitParam.put("serverName", serverConfigService.getValue("serverName"));
       filterInitParam.put("encoding", "UTF-8");
       filterInitParam.put("useRedis", "true");
       filterInitParam.put("redisClusterName", "casClientPrincipal");

apollo-portal/src/main/java/com/ctrip/framework/apollo/portal/configutation/ServletContextConfiguration.java

 package com.ctrip.framework.apollo.portal.configutation;
 
-import com.ctrip.framework.apollo.portal.entity.po.ServerConfig;
-import com.ctrip.framework.apollo.portal.repository.ServerConfigRepository;
+import com.google.common.base.Strings;
+
+import com.ctrip.framework.apollo.portal.service.ServerConfigService;
 
 import org.springframework.beans.factory.annotation.Autowired;
 import org.springframework.boot.context.embedded.ServletContextInitializer;
@@ -17,21 +18,24 @@ import javax.servlet.ServletException;
 public class ServletContextConfiguration {
 
   @Autowired
-  private ServerConfigRepository serverConfigRepository;
+  private ServerConfigService serverConfigService;
 
   @Bean
-  public ServletContextInitializer initializer(){
+  public ServletContextInitializer initializer() {
 
     return new ServletContextInitializer() {
 
       @Override
       public void onStartup(ServletContext servletContext) throws ServletException {
-        ServerConfig loggingServerIP = serverConfigRepository.findByKey("loggingServerIP");
-        ServerConfig loggingServerPort = serverConfigRepository.findByKey("loggingServerPort");
-        ServerConfig credisServiceUrl = serverConfigRepository.findByKey("credisServiceUrl");
-        servletContext.setInitParameter("loggingServerIP", loggingServerIP == null ? "" :loggingServerIP.getValue());
-        servletContext.setInitParameter("loggingServerPort", loggingServerPort == null ? "" :loggingServerPort.getValue());
-        servletContext.setInitParameter("credisServiceUrl", credisServiceUrl == null ? "" :credisServiceUrl.getValue());
+        String loggingServerIP = serverConfigService.getValue("loggingServerIP");
+        String loggingServerPort = serverConfigService.getValue("loggingServerPort");
+        String credisServiceUrl = serverConfigService.getValue("credisServiceUrl");
+        servletContext.setInitParameter("loggingServerIP",
+            Strings.isNullOrEmpty(loggingServerIP) ? "" : loggingServerIP);
+        servletContext.setInitParameter("loggingServerPort",
+            Strings.isNullOrEmpty(loggingServerPort) ? "" : loggingServerPort);
+        servletContext.setInitParameter("credisServiceUrl",
+            Strings.isNullOrEmpty(credisServiceUrl) ? "" : credisServiceUrl);
       }
     };
   }

apollo-portal/src/main/java/com/ctrip/framework/apollo/portal/controller/OrganizationController.java

 package com.ctrip.framework.apollo.portal.controller;
 
+import com.google.common.base.Strings;
 import com.google.gson.Gson;
 import com.google.gson.reflect.TypeToken;
 
-import com.ctrip.framework.apollo.portal.entity.po.ServerConfig;
 import com.ctrip.framework.apollo.portal.entity.vo.Organization;
-import com.ctrip.framework.apollo.portal.repository.ServerConfigRepository;
+import com.ctrip.framework.apollo.portal.service.ServerConfigService;
 
 import org.springframework.beans.factory.annotation.Autowired;
 import org.springframework.web.bind.annotation.RequestMapping;
 import org.springframework.web.bind.annotation.RestController;
 
 import java.lang.reflect.Type;
+import java.util.Collections;
 import java.util.List;
 
 /**
@@ -21,7 +22,7 @@ import java.util.List;
 @RequestMapping("/organizations")
 public class OrganizationController {
   @Autowired
-  private ServerConfigRepository serverConfigRepository;
+  private ServerConfigService serverConfigService;
 
   @Autowired
   private Gson gson;
@@ -31,7 +32,11 @@ public class OrganizationController {
 
   @RequestMapping
   public List<Organization> loadOrganization() {
-    ServerConfig config = serverConfigRepository.findByKey("organizations");
-    return gson.fromJson(config.getValue(), responseType);
+    String organizations = serverConfigService.getValue("organizations");
+    if (Strings.isNullOrEmpty(organizations)) {
+      return Collections.emptyList();
+    }
+
+    return gson.fromJson(organizations, responseType);
   }
 }

apollo-portal/src/main/java/com/ctrip/framework/apollo/portal/customize/BizLoggingCustomizer.java

 package com.ctrip.framework.apollo.portal.customize;
 
 import com.ctrip.framework.apollo.common.customize.LoggingCustomizer;
-import com.ctrip.framework.apollo.portal.repository.ServerConfigRepository;
+import com.ctrip.framework.apollo.portal.service.ServerConfigService;
 
 import org.springframework.beans.factory.annotation.Autowired;
 import org.springframework.context.annotation.Profile;
@@ -15,7 +15,7 @@ public class BizLoggingCustomizer extends LoggingCustomizer{
   private static final String CLOGGING_SERVER_PORT_KEY = "clogging.server.port";
 
   @Autowired
-  private ServerConfigRepository serverConfigRepository;
+  private ServerConfigService serverConfigService;
 
   private String cloggingUrl;
   private String cloggingPort;
@@ -23,7 +23,7 @@ public class BizLoggingCustomizer extends LoggingCustomizer{
   @Override
   protected String cloggingUrl() {
     if (cloggingUrl == null){
-      cloggingUrl = serverConfigRepository.findByKey(CLOGGING_SERVER_URL_KEY).getValue();
+      cloggingUrl = serverConfigService.getValue(CLOGGING_SERVER_URL_KEY);
     }
     return cloggingUrl;
   }
@@ -31,7 +31,7 @@ public class BizLoggingCustomizer extends LoggingCustomizer{
   @Override
   protected String cloggingPort() {
     if (cloggingPort == null){
-      cloggingPort = serverConfigRepository.findByKey(CLOGGING_SERVER_PORT_KEY).getValue();
+      cloggingPort = serverConfigService.getValue(CLOGGING_SERVER_PORT_KEY);
     }
     return cloggingPort;
   }

apollo-portal/src/main/java/com/ctrip/framework/apollo/portal/service/RolePermissionService.java

 package com.ctrip.framework.apollo.portal.service;
 
 import com.google.common.base.Preconditions;
+import com.google.common.base.Splitter;
+import com.google.common.base.Strings;
 import com.google.common.collect.FluentIterable;
 import com.google.common.collect.HashMultimap;
+import com.google.common.collect.Lists;
 import com.google.common.collect.Multimap;
 import com.google.common.collect.Sets;
 
@@ -16,6 +19,7 @@ import com.ctrip.framework.apollo.portal.repository.RolePermissionRepository;
 import com.ctrip.framework.apollo.portal.repository.RoleRepository;
 import com.ctrip.framework.apollo.portal.repository.UserRoleRepository;
 
+import org.springframework.beans.factory.InitializingBean;
 import org.springframework.beans.factory.annotation.Autowired;
 import org.springframework.stereotype.Service;
 import org.springframework.transaction.annotation.Transactional;
@@ -31,7 +35,7 @@ import java.util.Set;
  * @author Jason Song(song_s@ctrip.com)
  */
 @Service
-public class RolePermissionService {
+public class RolePermissionService implements InitializingBean {
   @Autowired
   private RoleRepository roleRepository;
 
@@ -44,6 +48,17 @@ public class RolePermissionService {
   @Autowired
   private PermissionRepository permissionRepository;
 
+  @Autowired
+  private ServerConfigService serverConfigService;
+
+  private List<String> superAdminUsers;
+  private Splitter configSplitter;
+
+  public RolePermissionService() {
+    superAdminUsers = Lists.newArrayList();
+    configSplitter = Splitter.on(",").omitEmptyStrings().trimResults();
+  }
+
   /**
    * Create role with permissions, note that role name should be unique
    */
@@ -155,6 +170,10 @@ public class RolePermissionService {
       return false;
     }
 
+    if (isSuperAdmin(userId)) {
+      return true;
+    }
+
     List<UserRole> userRoles = userRoleRepository.findByUserId(userId);
     if (CollectionUtils.isEmpty(userRoles)) {
       return false;
@@ -176,6 +195,10 @@ public class RolePermissionService {
     return false;
   }
 
+  private boolean isSuperAdmin(String userId) {
+    return superAdminUsers.contains(userId);
+  }
+
   /**
    * Create permission, note that permissionType + targetId should be unique
    */
@@ -213,4 +236,13 @@ public class RolePermissionService {
     Iterable<Permission> results = permissionRepository.save(permissions);
     return FluentIterable.from(results).toSet();
   }
+
+  @Override
+  public void afterPropertiesSet() throws Exception {
+    String superAdminConfig = serverConfigService.getValue("superAdmin");
+    if (Strings.isNullOrEmpty(superAdminConfig)) {
+      return;
+    }
+    superAdminUsers = configSplitter.splitToList(superAdminConfig);
+  }
 }

apollo-portal/src/main/java/com/ctrip/framework/apollo/portal/service/ServerConfigService.java

+package com.ctrip.framework.apollo.portal.service;
+
+import com.ctrip.framework.apollo.portal.entity.po.ServerConfig;
+import com.ctrip.framework.apollo.portal.repository.ServerConfigRepository;
+
+import org.springframework.beans.factory.annotation.Autowired;
+import org.springframework.stereotype.Service;
+
+/**
+ * @author Jason Song(song_s@ctrip.com)
+ */
+@Service
+public class ServerConfigService {
+  @Autowired
+  private ServerConfigRepository serverConfigRepository;
+
+  public String getValue(String key) {
+    ServerConfig serverConfig = serverConfigRepository.findByKey(key);
+
+    return serverConfig == null ? null : serverConfig.getValue();
+  }
+
+}